From 62887034887a3ded870475b98bcf235120bc4334 Mon Sep 17 00:00:00 2001 From: NADAL Jean-Baptiste Date: Tue, 1 Mar 2016 22:49:12 +0100 Subject: [PATCH] Import wolfssl --- 3P/wolfssl/AUTHORS | 0 3P/wolfssl/COPYING | 339 + 3P/wolfssl/ChangeLog | 0 .../Projects/CyaSSL-Lib/CyaSSL-Lib.ewp | 2000 ++ .../Projects/CyaSSL-Lib/CyaSSL-Lib.eww | 16 + .../Projects/CyaSSL-Lib/benchmark-main.c | 40 + .../IAR-EWARM/Projects/CyaSSL-Lib/test-main.c | 36 + .../CyaSSL-Lib/wolfCrypt-benchmark.ewd | 2601 ++ .../CyaSSL-Lib/wolfCrypt-benchmark.ewp | 1877 ++ .../CyaSSL-Lib/wolfCrypt-benchmark.icf | 32 + .../Projects/CyaSSL-Lib/wolfCrypt-test.ewd | 2601 ++ .../Projects/CyaSSL-Lib/wolfCrypt-test.ewp | 1877 ++ .../Projects/CyaSSL-Lib/wolfCrypt-test.icf | 31 + 3P/wolfssl/IDE/IAR-EWARM/README | 49 + 3P/wolfssl/IDE/MDK-ARM/LPC43xx/time-LCP43xx.c | 166 + .../IDE/MDK-ARM/MDK-ARM/CyaSSL/Retarget.c | 261 + .../IDE/MDK-ARM/MDK-ARM/CyaSSL/cert_data.c | 28 + .../IDE/MDK-ARM/MDK-ARM/CyaSSL/cert_data.h | 39 + .../MDK-ARM/CyaSSL/config-BARE-METAL.h | 291 + .../IDE/MDK-ARM/MDK-ARM/CyaSSL/config-FS.h | 329 + .../MDK-ARM/CyaSSL/config-RTX-TCP-FS.h | 351 + .../IDE/MDK-ARM/MDK-ARM/CyaSSL/config.h | 46 + .../MDK-ARM/MDK-ARM/CyaSSL/cyassl_MDK_ARM.c | 249 + .../MDK-ARM/MDK-ARM/CyaSSL/cyassl_MDK_ARM.h | 103 + 3P/wolfssl/IDE/MDK-ARM/MDK-ARM/CyaSSL/main.c | 172 + 3P/wolfssl/IDE/MDK-ARM/MDK-ARM/CyaSSL/shell.c | 595 + .../IDE/MDK-ARM/MDK-ARM/CyaSSL/ssl-dummy.c | 53 + .../MDK-ARM/Projects/MDK-ARM-LPC43xx.uvopt | 1757 + .../MDK-ARM/Projects/MDK-ARM-LPC43xx.uvproj | 3510 ++ .../MDK-ARM/Projects/MDK-ARM-STM32F2xx.uvopt | 1656 + .../MDK-ARM/Projects/MDK-ARM-STM32F2xx.uvproj | 3964 +++ .../STM32F2xx_StdPeriph_Lib/time-STM32F2xx.c | 299 + 3P/wolfssl/IDE/MDK5-ARM/Conf/config-Crypt.h | 185 + 3P/wolfssl/IDE/MDK5-ARM/Conf/config-CyaSSL.h | 144 + 3P/wolfssl/IDE/MDK5-ARM/Inc/cert_data.h | 39 + 3P/wolfssl/IDE/MDK5-ARM/Inc/config.h | 62 + 3P/wolfssl/IDE/MDK5-ARM/Inc/cyassl_MDK_ARM.h | 106 + .../Projects/CryptBenchmark/Abstract.txt | 15 + .../CryptBenchmark/CryptBenchmark.uvoptx | 995 + .../CryptBenchmark/CryptBenchmark.uvprojx | 975 + .../CryptBenchmark/RTE/wolfSSL/settings.h | 667 + .../Projects/CryptBenchmark/benchmark.c | 1313 + .../MDK5-ARM/Projects/CryptBenchmark/main.c | 71 + .../Projects/CryptBenchmark/time-CortexM3-4.c | 41 + .../Projects/CryptBenchmark/time-dummy.c | 34 + .../MDK5-ARM/Projects/CryptTest/Abstract.txt | 16 + .../Projects/CryptTest/CryptTest.uvoptx | 987 + .../Projects/CryptTest/CryptTest.uvprojx | 970 + .../Projects/CryptTest/RTE/wolfSSL/settings.h | 667 + .../MDK5-ARM/Projects/CryptTest/cert_data.c | 28 + .../IDE/MDK5-ARM/Projects/CryptTest/main.c | 76 + .../IDE/MDK5-ARM/Projects/CryptTest/test.c | 4863 +++ .../MDK5-ARM/Projects/CryptTest/time-dummy.c | 34 + .../Projects/CyaSSL-Full/Abstract.txt | 85 + .../Projects/CyaSSL-Full/CyaSSL-Full.uvoptx | 1366 + .../Projects/CyaSSL-Full/CyaSSL-Full.uvprojx | 1185 + .../CyaSSL-Full/RTE/wolfSSL/settings.h | 667 + .../MDK5-ARM/Projects/CyaSSL-Full/benchmark.c | 1222 + .../MDK5-ARM/Projects/CyaSSL-Full/cert_data.c | 28 + .../MDK5-ARM/Projects/CyaSSL-Full/client.c | 858 + .../Projects/CyaSSL-Full/echoclient.c | 282 + .../Projects/CyaSSL-Full/echoserver.c | 368 + .../IDE/MDK5-ARM/Projects/CyaSSL-Full/main.c | 102 + .../MDK5-ARM/Projects/CyaSSL-Full/server.c | 605 + .../IDE/MDK5-ARM/Projects/CyaSSL-Full/shell.c | 657 + .../IDE/MDK5-ARM/Projects/CyaSSL-Full/test.c | 4758 +++ .../Projects/CyaSSL-Full/time-CortexM3-4.c | 41 + .../Projects/CyaSSL-Full/time-dummy.c | 34 + .../MDK5-ARM/Projects/EchoClient/Abstract.txt | 22 + .../Projects/EchoClient/EchoClient.uvoptx | 1237 + .../Projects/EchoClient/EchoClient.uvprojx | 1152 + .../EchoClient/RTE/wolfSSL/settings.h | 627 + .../Projects/EchoClient/config-EchoClient.h | 34 + .../MDK5-ARM/Projects/EchoClient/echoclient.c | 282 + .../IDE/MDK5-ARM/Projects/EchoClient/main.c | 101 + .../MDK5-ARM/Projects/EchoClient/time-dummy.c | 34 + .../MDK5-ARM/Projects/EchoServer/Abstract.txt | 24 + .../Projects/EchoServer/EchoServer.uvoptx | 1270 + .../Projects/EchoServer/EchoServer.uvprojx | 1152 + .../EchoServer/RTE/wolfSSL/settings.h | 627 + .../MDK5-ARM/Projects/EchoServer/echoserver.c | 368 + .../IDE/MDK5-ARM/Projects/EchoServer/main.c | 98 + .../MDK5-ARM/Projects/EchoServer/time-dummy.c | 34 + .../Projects/SimpleClient/Abstract.txt | 23 + .../SimpleClient/RTE/wolfSSL/settings.h | 667 + .../Projects/SimpleClient/SimpleClient.uvoptx | 1263 + .../MDK5-ARM/Projects/SimpleClient/client.c | 862 + .../SimpleClient/config-SimpleClient.h | 70 + .../IDE/MDK5-ARM/Projects/SimpleClient/main.c | 113 + .../SimpleClient/simpleClient.uvprojx | 1162 + .../Projects/SimpleClient/time-CortexM3-4.c | 41 + .../Projects/SimpleClient/time-STM32F2xx.c | 82 + .../Projects/SimpleClient/time-dummy.c | 34 + .../Projects/SimpleServer/Abstract.txt | 24 + .../SimpleServer/RTE/wolfSSL/settings.h | 627 + .../Projects/SimpleServer/SimpleServer.uvoptx | 1250 + .../SimpleServer/SimpleServer.uvprojx | 1157 + .../SimpleServer/config-SimpleServer.h | 31 + .../IDE/MDK5-ARM/Projects/SimpleServer/main.c | 105 + .../MDK5-ARM/Projects/SimpleServer/server.c | 605 + .../Projects/SimpleServer/time-dummy.c | 34 + 3P/wolfssl/IDE/MDK5-ARM/Src/cert_data.c | 28 + 3P/wolfssl/IDE/MDK5-ARM/Src/cyassl_MDK_ARM.c | 247 + 3P/wolfssl/IDE/MDK5-ARM/Src/ssl-dummy.c | 52 + 3P/wolfssl/IDE/iOS/README.md | 82 + .../wolfssl-FIPS.xcodeproj/project.pbxproj | 983 + .../IDE/iOS/wolfssl.xcodeproj/project.pbxproj | 906 + 3P/wolfssl/LICENSING | 11 + 3P/wolfssl/Makefile.am | 170 + 3P/wolfssl/Makefile.in | 3341 ++ 3P/wolfssl/NEWS | 0 3P/wolfssl/README | 1121 + 3P/wolfssl/README.md | 1122 + 3P/wolfssl/aclocal.m4 | 1195 + 3P/wolfssl/build-aux/compile | 347 + 3P/wolfssl/build-aux/config.guess | 1568 + 3P/wolfssl/build-aux/config.sub | 1793 + 3P/wolfssl/build-aux/depcomp | 791 + 3P/wolfssl/build-aux/install-sh | 527 + 3P/wolfssl/build-aux/ltmain.sh | 9656 ++++++ 3P/wolfssl/build-aux/missing | 215 + 3P/wolfssl/build-aux/test-driver | 139 + 3P/wolfssl/builders/cmake/CMakeLists.txt | 45 + 3P/wolfssl/certs/1024/client-cert.der | Bin 0 -> 937 bytes 3P/wolfssl/certs/1024/client-cert.pem | 65 + 3P/wolfssl/certs/1024/client-key.der | Bin 0 -> 608 bytes 3P/wolfssl/certs/1024/client-key.pem | 15 + 3P/wolfssl/certs/1024/dh1024.der | Bin 0 -> 138 bytes 3P/wolfssl/certs/1024/dh1024.pem | 17 + 3P/wolfssl/certs/1024/dsa1024.der | Bin 0 -> 448 bytes 3P/wolfssl/certs/1024/dsa1024.pem | 12 + 3P/wolfssl/certs/1024/include.am | 17 + 3P/wolfssl/certs/1024/rsa1024.der | Bin 0 -> 609 bytes 3P/wolfssl/certs/ca-cert.der | Bin 0 -> 1198 bytes 3P/wolfssl/certs/ca-cert.pem | 86 + 3P/wolfssl/certs/ca-key.der | Bin 0 -> 1192 bytes 3P/wolfssl/certs/ca-key.pem | 27 + 3P/wolfssl/certs/client-cert.der | Bin 0 -> 1198 bytes 3P/wolfssl/certs/client-cert.pem | 86 + 3P/wolfssl/certs/client-ecc-cert.pem | 54 + 3P/wolfssl/certs/client-key.der | Bin 0 -> 1192 bytes 3P/wolfssl/certs/client-key.pem | 27 + 3P/wolfssl/certs/client-keyEnc.pem | 12 + 3P/wolfssl/certs/crl/cliCrl.pem | 39 + 3P/wolfssl/certs/crl/crl.pem | 39 + 3P/wolfssl/certs/crl/crl.revoked | 41 + 3P/wolfssl/certs/crl/eccCliCRL.pem | 24 + 3P/wolfssl/certs/crl/eccSrvCRL.pem | 24 + 3P/wolfssl/certs/crl/include.am | 14 + 3P/wolfssl/certs/dh2048.der | Bin 0 -> 268 bytes 3P/wolfssl/certs/dh2048.pem | 29 + 3P/wolfssl/certs/dsa2048.der | Bin 0 -> 835 bytes 3P/wolfssl/certs/ecc-client-key.pem | 9 + 3P/wolfssl/certs/ecc-key-comp.pem | 4 + 3P/wolfssl/certs/ecc-key.der | Bin 0 -> 121 bytes 3P/wolfssl/certs/ecc-key.pem | 9 + 3P/wolfssl/certs/ecc-keyPkcs8.pem | 5 + 3P/wolfssl/certs/include.am | 44 + 3P/wolfssl/certs/ntru-cert.pem | 28 + 3P/wolfssl/certs/ntru-key.raw | Bin 0 -> 607 bytes 3P/wolfssl/certs/rsa2048.der | Bin 0 -> 1191 bytes 3P/wolfssl/certs/server-cert.der | Bin 0 -> 1186 bytes 3P/wolfssl/certs/server-cert.pem | 172 + 3P/wolfssl/certs/server-ecc-comp.pem | 51 + 3P/wolfssl/certs/server-ecc-rsa.pem | 69 + 3P/wolfssl/certs/server-ecc.pem | 54 + 3P/wolfssl/certs/server-key.der | Bin 0 -> 1193 bytes 3P/wolfssl/certs/server-key.pem | 27 + 3P/wolfssl/certs/server-keyEnc.pem | 30 + 3P/wolfssl/certs/server-keyPkcs8.pem | 28 + 3P/wolfssl/certs/server-keyPkcs8Enc.pem | 29 + 3P/wolfssl/certs/server-keyPkcs8Enc12.pem | 29 + 3P/wolfssl/certs/server-keyPkcs8Enc2.pem | 30 + 3P/wolfssl/certs/taoCert.txt | 175 + 3P/wolfssl/config.h | 179 + 3P/wolfssl/config.in | 178 + 3P/wolfssl/configure | 27668 ++++++++++++++++ 3P/wolfssl/configure.ac | 1967 ++ 3P/wolfssl/ctaocrypt/src/aes.c | 1 + 3P/wolfssl/ctaocrypt/src/des3.c | 1 + 3P/wolfssl/ctaocrypt/src/fips.c | 0 3P/wolfssl/ctaocrypt/src/fips_test.c | 0 3P/wolfssl/ctaocrypt/src/hmac.c | 1 + 3P/wolfssl/ctaocrypt/src/random.c | 1 + 3P/wolfssl/ctaocrypt/src/rsa.c | 1 + 3P/wolfssl/ctaocrypt/src/sha.c | 1 + 3P/wolfssl/ctaocrypt/src/sha256.c | 1 + 3P/wolfssl/ctaocrypt/src/sha512.c | 1 + 3P/wolfssl/ctaocrypt/src/wolfcrypt_first.c | 47 + 3P/wolfssl/ctaocrypt/src/wolfcrypt_last.c | 47 + 3P/wolfssl/cyassl/callbacks.h | 22 + 3P/wolfssl/cyassl/certs_test.h | 10 + 3P/wolfssl/cyassl/crl.h | 22 + 3P/wolfssl/cyassl/ctaocrypt/aes.h | 65 + 3P/wolfssl/cyassl/ctaocrypt/arc4.h | 36 + 3P/wolfssl/cyassl/ctaocrypt/asn.h | 49 + 3P/wolfssl/cyassl/ctaocrypt/asn_public.h | 78 + 3P/wolfssl/cyassl/ctaocrypt/blake2-impl.h | 42 + 3P/wolfssl/cyassl/ctaocrypt/blake2-int.h | 43 + 3P/wolfssl/cyassl/ctaocrypt/blake2.h | 44 + 3P/wolfssl/cyassl/ctaocrypt/camellia.h | 38 + 3P/wolfssl/cyassl/ctaocrypt/chacha.h | 35 + 3P/wolfssl/cyassl/ctaocrypt/coding.h | 29 + 3P/wolfssl/cyassl/ctaocrypt/compress.h | 37 + 3P/wolfssl/cyassl/ctaocrypt/des3.h | 48 + 3P/wolfssl/cyassl/ctaocrypt/dh.h | 41 + 3P/wolfssl/cyassl/ctaocrypt/dsa.h | 32 + 3P/wolfssl/cyassl/ctaocrypt/ecc.h | 68 + 3P/wolfssl/cyassl/ctaocrypt/error-crypt.h | 32 + 3P/wolfssl/cyassl/ctaocrypt/fips_test.h | 58 + 3P/wolfssl/cyassl/ctaocrypt/hc128.h | 39 + 3P/wolfssl/cyassl/ctaocrypt/hmac.h | 44 + 3P/wolfssl/cyassl/ctaocrypt/include.am | 52 + 3P/wolfssl/cyassl/ctaocrypt/integer.h | 34 + 3P/wolfssl/cyassl/ctaocrypt/logging.h | 40 + 3P/wolfssl/cyassl/ctaocrypt/md2.h | 42 + 3P/wolfssl/cyassl/ctaocrypt/md4.h | 37 + 3P/wolfssl/cyassl/ctaocrypt/md5.h | 44 + 3P/wolfssl/cyassl/ctaocrypt/memory.h | 41 + 3P/wolfssl/cyassl/ctaocrypt/misc.h | 29 + 3P/wolfssl/cyassl/ctaocrypt/mpi_class.h | 23 + 3P/wolfssl/cyassl/ctaocrypt/mpi_superclass.h | 26 + 3P/wolfssl/cyassl/ctaocrypt/pkcs7.h | 52 + 3P/wolfssl/cyassl/ctaocrypt/poly1305.h | 38 + .../ctaocrypt/port/pic32/pic32mz-crypt.h | 28 + 3P/wolfssl/cyassl/ctaocrypt/pwdbased.h | 36 + 3P/wolfssl/cyassl/ctaocrypt/rabbit.h | 39 + 3P/wolfssl/cyassl/ctaocrypt/random.h | 38 + 3P/wolfssl/cyassl/ctaocrypt/ripemd.h | 37 + 3P/wolfssl/cyassl/ctaocrypt/rsa.h | 56 + 3P/wolfssl/cyassl/ctaocrypt/settings.h | 745 + 3P/wolfssl/cyassl/ctaocrypt/settings_comp.h | 58 + 3P/wolfssl/cyassl/ctaocrypt/sha.h | 36 + 3P/wolfssl/cyassl/ctaocrypt/sha256.h | 39 + 3P/wolfssl/cyassl/ctaocrypt/sha512.h | 40 + 3P/wolfssl/cyassl/ctaocrypt/tfm.h | 41 + 3P/wolfssl/cyassl/ctaocrypt/types.h | 39 + 3P/wolfssl/cyassl/ctaocrypt/visibility.h | 72 + 3P/wolfssl/cyassl/ctaocrypt/wc_port.h | 31 + 3P/wolfssl/cyassl/error-ssl.h | 22 + 3P/wolfssl/cyassl/include.am | 25 + 3P/wolfssl/cyassl/internal.h | 22 + 3P/wolfssl/cyassl/ocsp.h | 22 + 3P/wolfssl/cyassl/openssl/asn1.h | 3 + 3P/wolfssl/cyassl/openssl/bio.h | 4 + 3P/wolfssl/cyassl/openssl/bn.h | 3 + 3P/wolfssl/cyassl/openssl/conf.h | 3 + 3P/wolfssl/cyassl/openssl/crypto.h | 4 + 3P/wolfssl/cyassl/openssl/des.h | 27 + 3P/wolfssl/cyassl/openssl/dh.h | 4 + 3P/wolfssl/cyassl/openssl/dsa.h | 3 + 3P/wolfssl/cyassl/openssl/ec.h | 3 + 3P/wolfssl/cyassl/openssl/ecdsa.h | 3 + 3P/wolfssl/cyassl/openssl/engine.h | 5 + 3P/wolfssl/cyassl/openssl/err.h | 3 + 3P/wolfssl/cyassl/openssl/evp.h | 27 + 3P/wolfssl/cyassl/openssl/hmac.h | 27 + 3P/wolfssl/cyassl/openssl/include.am | 36 + 3P/wolfssl/cyassl/openssl/lhash.h | 3 + 3P/wolfssl/cyassl/openssl/md4.h | 3 + 3P/wolfssl/cyassl/openssl/md5.h | 5 + 3P/wolfssl/cyassl/openssl/ocsp.h | 3 + 3P/wolfssl/cyassl/openssl/opensslconf.h | 3 + 3P/wolfssl/cyassl/openssl/opensslv.h | 3 + 3P/wolfssl/cyassl/openssl/ossl_typ.h | 3 + 3P/wolfssl/cyassl/openssl/pem.h | 3 + 3P/wolfssl/cyassl/openssl/pkcs12.h | 3 + 3P/wolfssl/cyassl/openssl/rand.h | 3 + 3P/wolfssl/cyassl/openssl/ripemd.h | 3 + 3P/wolfssl/cyassl/openssl/rsa.h | 3 + 3P/wolfssl/cyassl/openssl/sha.h | 3 + 3P/wolfssl/cyassl/openssl/ssl.h | 27 + 3P/wolfssl/cyassl/openssl/stack.h | 3 + 3P/wolfssl/cyassl/openssl/ui.h | 3 + 3P/wolfssl/cyassl/openssl/x509.h | 3 + 3P/wolfssl/cyassl/openssl/x509v3.h | 3 + 3P/wolfssl/cyassl/options.h | 62 + 3P/wolfssl/cyassl/sniffer.h | 22 + 3P/wolfssl/cyassl/sniffer_error.h | 22 + 3P/wolfssl/cyassl/sniffer_error.rc | 91 + 3P/wolfssl/cyassl/ssl.h | 718 + 3P/wolfssl/cyassl/test.h | 3 + 3P/wolfssl/cyassl/version.h | 26 + 3P/wolfssl/doc/README.txt | 3 + 3P/wolfssl/doc/include.am | 5 + 3P/wolfssl/examples/client/client-ntru.vcproj | 199 + 3P/wolfssl/examples/client/client.c | 995 + 3P/wolfssl/examples/client/client.h | 25 + 3P/wolfssl/examples/client/client.sln | 20 + 3P/wolfssl/examples/client/client.vcproj | 197 + 3P/wolfssl/examples/client/client.vcxproj | 175 + 3P/wolfssl/examples/client/include.am | 17 + .../echoclient/echoclient-ntru.vcproj | 199 + 3P/wolfssl/examples/echoclient/echoclient.c | 282 + 3P/wolfssl/examples/echoclient/echoclient.h | 23 + 3P/wolfssl/examples/echoclient/echoclient.sln | 20 + .../examples/echoclient/echoclient.vcproj | 197 + .../examples/echoclient/echoclient.vcxproj | 175 + 3P/wolfssl/examples/echoclient/include.am | 20 + .../echoserver/echoserver-ntru.vcproj | 199 + 3P/wolfssl/examples/echoserver/echoserver.c | 390 + 3P/wolfssl/examples/echoserver/echoserver.h | 24 + 3P/wolfssl/examples/echoserver/echoserver.sln | 20 + .../examples/echoserver/echoserver.vcproj | 197 + .../examples/echoserver/echoserver.vcxproj | 175 + 3P/wolfssl/examples/echoserver/include.am | 19 + 3P/wolfssl/examples/server/include.am | 20 + 3P/wolfssl/examples/server/server-ntru.vcproj | 199 + 3P/wolfssl/examples/server/server.c | 662 + 3P/wolfssl/examples/server/server.h | 24 + 3P/wolfssl/examples/server/server.sln | 20 + 3P/wolfssl/examples/server/server.vcproj | 197 + 3P/wolfssl/examples/server/server.vcxproj | 175 + 3P/wolfssl/gencertbuf.pl | 124 + 3P/wolfssl/input | 87 + 3P/wolfssl/lib/dummy | 2 + 3P/wolfssl/m4/ax_add_am_macro.m4 | 29 + 3P/wolfssl/m4/ax_am_jobserver.m4 | 54 + 3P/wolfssl/m4/ax_am_macros.m4 | 44 + 3P/wolfssl/m4/ax_append_compile_flags.m4 | 65 + 3P/wolfssl/m4/ax_append_flag.m4 | 69 + 3P/wolfssl/m4/ax_append_to_file.m4 | 27 + 3P/wolfssl/m4/ax_check_compile_flag.m4 | 72 + 3P/wolfssl/m4/ax_check_link_flag.m4 | 71 + 3P/wolfssl/m4/ax_count_cpus.m4 | 57 + 3P/wolfssl/m4/ax_create_generic_config.m4 | 195 + 3P/wolfssl/m4/ax_debug.m4 | 63 + 3P/wolfssl/m4/ax_file_escapes.m4 | 30 + 3P/wolfssl/m4/ax_harden_compiler_flags.m4 | 238 + 3P/wolfssl/m4/ax_print_to_file.m4 | 27 + 3P/wolfssl/m4/ax_pthread.m4 | 320 + 3P/wolfssl/m4/ax_tls.m4 | 92 + 3P/wolfssl/m4/ax_vcs_checkout.m4 | 75 + 3P/wolfssl/m4/hexversion.m4 | 6 + 3P/wolfssl/m4/lib_socket_nsl.m4 | 25 + 3P/wolfssl/m4/libtool.m4 | 7982 +++++ 3P/wolfssl/m4/ltoptions.m4 | 384 + 3P/wolfssl/m4/ltsugar.m4 | 123 + 3P/wolfssl/m4/ltversion.m4 | 23 + 3P/wolfssl/m4/lt~obsolete.m4 | 98 + 3P/wolfssl/m4/visibility.m4 | 77 + 3P/wolfssl/m4/wolfssl_darwin_clang.m4 | 37 + 3P/wolfssl/mcapi/PIC32MZ-serial.h | 28 + 3P/wolfssl/mcapi/README | 79 + 3P/wolfssl/mcapi/crypto.c | 703 + 3P/wolfssl/mcapi/crypto.h | 268 + 3P/wolfssl/mcapi/include.am | 19 + 3P/wolfssl/mcapi/mcapi_test.c | 1482 + 3P/wolfssl/mcapi/wolfcrypt_mcapi.X/Makefile | 108 + .../nbproject/configurations.xml | 196 + .../wolfcrypt_mcapi.X/nbproject/include.am | 11 + .../wolfcrypt_mcapi.X/nbproject/project.xml | 20 + 3P/wolfssl/mcapi/wolfcrypt_test.X/Makefile | 108 + .../nbproject/configurations.xml | 212 + .../wolfcrypt_test.X/nbproject/include.am | 11 + .../wolfcrypt_test.X/nbproject/project.xml | 20 + 3P/wolfssl/mcapi/wolfssl.X/Makefile | 108 + .../wolfssl.X/nbproject/configurations.xml | 229 + .../mcapi/wolfssl.X/nbproject/include.am | 11 + .../mcapi/wolfssl.X/nbproject/project.xml | 17 + 3P/wolfssl/mcapi/zlib.X/Makefile | 108 + .../mcapi/zlib.X/nbproject/configurations.xml | 210 + 3P/wolfssl/mcapi/zlib.X/nbproject/include.am | 10 + 3P/wolfssl/mcapi/zlib.X/nbproject/project.xml | 17 + 3P/wolfssl/mplabx/PIC32MZ-serial.h | 28 + 3P/wolfssl/mplabx/README | 57 + 3P/wolfssl/mplabx/benchmark_main.c | 137 + 3P/wolfssl/mplabx/include.am | 10 + 3P/wolfssl/mplabx/test_main.c | 77 + .../mplabx/wolfcrypt_benchmark.X/Makefile | 108 + .../nbproject/configurations.xml | 218 + .../nbproject/include.am | 11 + .../nbproject/project.xml | 19 + 3P/wolfssl/mplabx/wolfcrypt_test.X/Makefile | 108 + .../nbproject/configurations.xml | 218 + .../wolfcrypt_test.X/nbproject/include.am | 11 + .../wolfcrypt_test.X/nbproject/project.xml | 19 + 3P/wolfssl/mplabx/wolfssl.X/Makefile | 108 + .../wolfssl.X/nbproject/configurations.xml | 251 + .../mplabx/wolfssl.X/nbproject/include.am | 10 + .../mplabx/wolfssl.X/nbproject/project.xml | 17 + 3P/wolfssl/mqx/README | 41 + 3P/wolfssl/mqx/cyassl/.cproject | 1145 + 3P/wolfssl/mqx/cyassl/.project | 48 + 3P/wolfssl/mqx/cyassl/include.am | 11 + 3P/wolfssl/mqx/util_lib/.cproject | 541 + 3P/wolfssl/mqx/util_lib/.project | 31 + 3P/wolfssl/mqx/util_lib/Sources/include.am | 12 + 3P/wolfssl/mqx/util_lib/Sources/util.c | 180 + 3P/wolfssl/mqx/util_lib/Sources/util.h | 14 + 3P/wolfssl/quit | 2 + 3P/wolfssl/rpm/include.am | 37 + 3P/wolfssl/rpm/spec.in | 257 + 3P/wolfssl/src/crl.c | 790 + 3P/wolfssl/src/include.am | 199 + 3P/wolfssl/src/internal.c | 13749 ++++++++ 3P/wolfssl/src/io.c | 1141 + 3P/wolfssl/src/keys.c | 2713 ++ 3P/wolfssl/src/ocsp.c | 303 + 3P/wolfssl/src/sniffer.c | 2925 ++ 3P/wolfssl/src/ssl.c | 12419 +++++++ 3P/wolfssl/src/tls.c | 2389 ++ 3P/wolfssl/sslSniffer/sslSniffer.vcproj | 206 + 3P/wolfssl/sslSniffer/sslSniffer.vcxproj | 181 + .../sslSniffer/sslSnifferTest/include.am | 14 + .../sslSniffer/sslSnifferTest/snifftest.c | 320 + .../sslSnifferTest/sslSniffTest.vcproj | 199 + 3P/wolfssl/stamp-h.in | 0 3P/wolfssl/support/include.am | 10 + 3P/wolfssl/support/wolfssl.pc | 10 + 3P/wolfssl/support/wolfssl.pc.in | 10 + 3P/wolfssl/swig/PythonBuild.sh | 9 + 3P/wolfssl/swig/README | 44 + 3P/wolfssl/swig/include.am | 12 + 3P/wolfssl/swig/python_wolfssl.vcproj | 225 + 3P/wolfssl/swig/rsasign.py | 35 + 3P/wolfssl/swig/runme.py | 40 + 3P/wolfssl/swig/wolfssl.i | 63 + 3P/wolfssl/swig/wolfssl_adds.c | 234 + 3P/wolfssl/tests/api.c | 1174 + 3P/wolfssl/tests/hash.c | 853 + 3P/wolfssl/tests/include.am | 23 + 3P/wolfssl/tests/suites.c | 468 + 3P/wolfssl/tests/test-dtls.conf | 908 + 3P/wolfssl/tests/test.conf | 2035 ++ 3P/wolfssl/tests/unit.c | 160 + 3P/wolfssl/tests/unit.h | 64 + 3P/wolfssl/testsuite/include.am | 26 + 3P/wolfssl/testsuite/testsuite-ntru.vcproj | 219 + 3P/wolfssl/testsuite/testsuite.c | 444 + 3P/wolfssl/testsuite/testsuite.sln | 20 + 3P/wolfssl/testsuite/testsuite.vcproj | 217 + 3P/wolfssl/testsuite/testsuite.vcxproj | 180 + 3P/wolfssl/tirtos/README | 36 + 3P/wolfssl/tirtos/include.am | 22 + .../packages/ti/net/wolfssl/package.bld | 56 + .../packages/ti/net/wolfssl/package.xdc | 7 + .../tirtos/packages/ti/net/wolfssl/package.xs | 12 + .../tests/wolfcrypt/benchmark/TM4C1294NC.icf | 29 + .../tests/wolfcrypt/benchmark/benchmark.cfg | 81 + .../wolfssl/tests/wolfcrypt/benchmark/main.c | 106 + .../tests/wolfcrypt/benchmark/package.bld | 53 + .../tests/wolfcrypt/benchmark/package.xdc | 6 + .../tests/wolfcrypt/test/TM4C1294NC.icf | 29 + .../net/wolfssl/tests/wolfcrypt/test/main.c | 56 + .../wolfssl/tests/wolfcrypt/test/package.bld | 49 + .../wolfssl/tests/wolfcrypt/test/package.xdc | 6 + .../net/wolfssl/tests/wolfcrypt/test/test.cfg | 80 + 3P/wolfssl/tirtos/wolfssl.bld | 85 + 3P/wolfssl/tirtos/wolfssl.mak | 74 + 3P/wolfssl/valgrind-error.sh | 22 + 3P/wolfssl/wolfcrypt/benchmark/benchmark.c | 1778 + 3P/wolfssl/wolfcrypt/benchmark/benchmark.sln | 20 + .../wolfcrypt/benchmark/benchmark.vcproj | 195 + 3P/wolfssl/wolfcrypt/benchmark/include.am | 10 + 3P/wolfssl/wolfcrypt/src/aes.c | 3890 +++ 3P/wolfssl/wolfcrypt/src/aes_asm.asm | 972 + 3P/wolfssl/wolfcrypt/src/aes_asm.s | 816 + 3P/wolfssl/wolfcrypt/src/arc4.c | 178 + 3P/wolfssl/wolfcrypt/src/asm.c | 1406 + 3P/wolfssl/wolfcrypt/src/asn.c | 7702 +++++ 3P/wolfssl/wolfcrypt/src/blake2b.c | 433 + 3P/wolfssl/wolfcrypt/src/camellia.c | 1620 + 3P/wolfssl/wolfcrypt/src/chacha.c | 250 + 3P/wolfssl/wolfcrypt/src/coding.c | 399 + 3P/wolfssl/wolfcrypt/src/compress.c | 169 + 3P/wolfssl/wolfcrypt/src/des3.c | 1672 + 3P/wolfssl/wolfcrypt/src/dh.c | 178 + 3P/wolfssl/wolfcrypt/src/dsa.c | 226 + 3P/wolfssl/wolfcrypt/src/ecc.c | 4907 +++ 3P/wolfssl/wolfcrypt/src/ecc25519.c | 323 + 3P/wolfssl/wolfcrypt/src/ecc25519_fe.c | 961 + 3P/wolfssl/wolfcrypt/src/ecc_fp.c | 1 + 3P/wolfssl/wolfcrypt/src/error.c | 331 + 3P/wolfssl/wolfcrypt/src/fp_mont_small.i | 3860 +++ 3P/wolfssl/wolfcrypt/src/fp_mul_comba_12.i | 130 + 3P/wolfssl/wolfcrypt/src/fp_mul_comba_17.i | 170 + 3P/wolfssl/wolfcrypt/src/fp_mul_comba_20.i | 193 + 3P/wolfssl/wolfcrypt/src/fp_mul_comba_24.i | 226 + 3P/wolfssl/wolfcrypt/src/fp_mul_comba_28.i | 258 + 3P/wolfssl/wolfcrypt/src/fp_mul_comba_3.i | 58 + 3P/wolfssl/wolfcrypt/src/fp_mul_comba_32.i | 304 + 3P/wolfssl/wolfcrypt/src/fp_mul_comba_4.i | 66 + 3P/wolfssl/wolfcrypt/src/fp_mul_comba_48.i | 418 + 3P/wolfssl/wolfcrypt/src/fp_mul_comba_6.i | 82 + 3P/wolfssl/wolfcrypt/src/fp_mul_comba_64.i | 546 + 3P/wolfssl/wolfcrypt/src/fp_mul_comba_7.i | 90 + 3P/wolfssl/wolfcrypt/src/fp_mul_comba_8.i | 98 + 3P/wolfssl/wolfcrypt/src/fp_mul_comba_9.i | 106 + .../wolfcrypt/src/fp_mul_comba_small_set.i | 1250 + 3P/wolfssl/wolfcrypt/src/fp_sqr_comba_12.i | 159 + 3P/wolfssl/wolfcrypt/src/fp_sqr_comba_17.i | 210 + 3P/wolfssl/wolfcrypt/src/fp_sqr_comba_20.i | 240 + 3P/wolfssl/wolfcrypt/src/fp_sqr_comba_24.i | 280 + 3P/wolfssl/wolfcrypt/src/fp_sqr_comba_28.i | 320 + 3P/wolfssl/wolfcrypt/src/fp_sqr_comba_3.i | 70 + 3P/wolfssl/wolfcrypt/src/fp_sqr_comba_32.i | 360 + 3P/wolfssl/wolfcrypt/src/fp_sqr_comba_4.i | 80 + 3P/wolfssl/wolfcrypt/src/fp_sqr_comba_48.i | 520 + 3P/wolfssl/wolfcrypt/src/fp_sqr_comba_6.i | 100 + 3P/wolfssl/wolfcrypt/src/fp_sqr_comba_64.i | 680 + 3P/wolfssl/wolfcrypt/src/fp_sqr_comba_7.i | 110 + 3P/wolfssl/wolfcrypt/src/fp_sqr_comba_8.i | 120 + 3P/wolfssl/wolfcrypt/src/fp_sqr_comba_9.i | 130 + .../wolfcrypt/src/fp_sqr_comba_small_set.i | 1540 + 3P/wolfssl/wolfcrypt/src/hc128.c | 399 + 3P/wolfssl/wolfcrypt/src/hmac.c | 878 + 3P/wolfssl/wolfcrypt/src/include.am | 40 + 3P/wolfssl/wolfcrypt/src/integer.c | 4493 +++ 3P/wolfssl/wolfcrypt/src/logging.c | 162 + 3P/wolfssl/wolfcrypt/src/md2.c | 160 + 3P/wolfssl/wolfcrypt/src/md4.c | 219 + 3P/wolfssl/wolfcrypt/src/md5.c | 391 + 3P/wolfssl/wolfcrypt/src/memory.c | 191 + 3P/wolfssl/wolfcrypt/src/misc.c | 182 + 3P/wolfssl/wolfcrypt/src/pkcs7.c | 1854 ++ 3P/wolfssl/wolfcrypt/src/poly1305.c | 554 + 3P/wolfssl/wolfcrypt/src/pwdbased.c | 474 + 3P/wolfssl/wolfcrypt/src/rabbit.c | 310 + 3P/wolfssl/wolfcrypt/src/random.c | 1041 + 3P/wolfssl/wolfcrypt/src/ripemd.c | 354 + 3P/wolfssl/wolfcrypt/src/rsa.c | 966 + 3P/wolfssl/wolfcrypt/src/sha.c | 451 + 3P/wolfssl/wolfcrypt/src/sha256.c | 347 + 3P/wolfssl/wolfcrypt/src/sha512.c | 590 + 3P/wolfssl/wolfcrypt/src/tfm.c | 2576 ++ 3P/wolfssl/wolfcrypt/src/wc_port.c | 471 + 3P/wolfssl/wolfcrypt/test/include.am | 11 + 3P/wolfssl/wolfcrypt/test/test.c | 5519 +++ 3P/wolfssl/wolfcrypt/test/test.h | 33 + 3P/wolfssl/wolfcrypt/test/test.sln | 20 + 3P/wolfssl/wolfcrypt/test/test.vcproj | 195 + .../wolfssl-ios.xcodeproj/project.pbxproj | 383 + .../wolfssl-iphone.xcodeproj/project.pbxproj | 379 + 3P/wolfssl/wolfssl-ntru.sln | 65 + 3P/wolfssl/wolfssl-ntru.vcproj | 313 + 3P/wolfssl/wolfssl.sln | 74 + 3P/wolfssl/wolfssl.vcproj | 306 + 3P/wolfssl/wolfssl.vcxproj | 182 + 3P/wolfssl/wolfssl/callbacks.h | 80 + 3P/wolfssl/wolfssl/certs_test.h | 1196 + 3P/wolfssl/wolfssl/crl.h | 51 + 3P/wolfssl/wolfssl/error-ssl.h | 162 + 3P/wolfssl/wolfssl/include.am | 25 + 3P/wolfssl/wolfssl/internal.h | 2394 ++ 3P/wolfssl/wolfssl/ocsp.h | 52 + 3P/wolfssl/wolfssl/openssl/asn1.h | 2 + 3P/wolfssl/wolfssl/openssl/bio.h | 23 + 3P/wolfssl/wolfssl/openssl/bn.h | 115 + 3P/wolfssl/wolfssl/openssl/conf.h | 2 + 3P/wolfssl/wolfssl/openssl/crypto.h | 26 + 3P/wolfssl/wolfssl/openssl/des.h | 87 + 3P/wolfssl/wolfssl/openssl/dh.h | 52 + 3P/wolfssl/wolfssl/openssl/dsa.h | 53 + 3P/wolfssl/wolfssl/openssl/ec.h | 2 + 3P/wolfssl/wolfssl/openssl/ecdsa.h | 2 + 3P/wolfssl/wolfssl/openssl/engine.h | 5 + 3P/wolfssl/wolfssl/openssl/err.h | 2 + 3P/wolfssl/wolfssl/openssl/evp.h | 241 + 3P/wolfssl/wolfssl/openssl/hmac.h | 81 + 3P/wolfssl/wolfssl/openssl/include.am | 36 + 3P/wolfssl/wolfssl/openssl/lhash.h | 2 + 3P/wolfssl/wolfssl/openssl/md4.h | 1 + 3P/wolfssl/wolfssl/openssl/md5.h | 39 + 3P/wolfssl/wolfssl/openssl/ocsp.h | 1 + 3P/wolfssl/wolfssl/openssl/opensslconf.h | 8 + 3P/wolfssl/wolfssl/openssl/opensslv.h | 12 + 3P/wolfssl/wolfssl/openssl/ossl_typ.h | 2 + 3P/wolfssl/wolfssl/openssl/pem.h | 41 + 3P/wolfssl/wolfssl/openssl/pkcs12.h | 2 + 3P/wolfssl/wolfssl/openssl/rand.h | 4 + 3P/wolfssl/wolfssl/openssl/ripemd.h | 37 + 3P/wolfssl/wolfssl/openssl/rsa.h | 75 + 3P/wolfssl/wolfssl/openssl/sha.h | 125 + 3P/wolfssl/wolfssl/openssl/ssl.h | 382 + 3P/wolfssl/wolfssl/openssl/stack.h | 2 + 3P/wolfssl/wolfssl/openssl/ui.h | 2 + 3P/wolfssl/wolfssl/openssl/x509.h | 3 + 3P/wolfssl/wolfssl/openssl/x509v3.h | 2 + 3P/wolfssl/wolfssl/options.h | 59 + 3P/wolfssl/wolfssl/options.h.in | 34 + 3P/wolfssl/wolfssl/sniffer.h | 82 + 3P/wolfssl/wolfssl/sniffer_error.h | 112 + 3P/wolfssl/wolfssl/sniffer_error.rc | 91 + 3P/wolfssl/wolfssl/ssl.h | 1408 + 3P/wolfssl/wolfssl/test.h | 1834 + 3P/wolfssl/wolfssl/version.h | 35 + 3P/wolfssl/wolfssl/version.h.in | 35 + 3P/wolfssl/wolfssl/wolfcrypt/aes.h | 187 + 3P/wolfssl/wolfssl/wolfcrypt/arc4.h | 68 + 3P/wolfssl/wolfssl/wolfcrypt/asn.h | 734 + 3P/wolfssl/wolfssl/wolfcrypt/asn_public.h | 197 + 3P/wolfssl/wolfssl/wolfcrypt/blake2-impl.h | 154 + 3P/wolfssl/wolfssl/wolfcrypt/blake2-int.h | 183 + 3P/wolfssl/wolfssl/wolfcrypt/blake2.h | 68 + 3P/wolfssl/wolfssl/wolfcrypt/camellia.h | 98 + 3P/wolfssl/wolfssl/wolfcrypt/chacha.h | 58 + 3P/wolfssl/wolfssl/wolfcrypt/coding.h | 58 + 3P/wolfssl/wolfssl/wolfcrypt/compress.h | 52 + 3P/wolfssl/wolfssl/wolfcrypt/des3.h | 115 + 3P/wolfssl/wolfssl/wolfcrypt/dh.h | 67 + 3P/wolfssl/wolfssl/wolfcrypt/dsa.h | 75 + 3P/wolfssl/wolfssl/wolfcrypt/ecc.h | 243 + 3P/wolfssl/wolfssl/wolfcrypt/ecc25519.h | 101 + 3P/wolfssl/wolfssl/wolfcrypt/ecc25519_fe.h | 59 + .../wolfssl/wolfcrypt/ecc25519_montgomery.h | 42 + .../wolfssl/wolfcrypt/ecc25519_pow225521.h | 46 + 3P/wolfssl/wolfssl/wolfcrypt/error-crypt.h | 162 + 3P/wolfssl/wolfssl/wolfcrypt/fips_test.h | 58 + 3P/wolfssl/wolfssl/wolfcrypt/hc128.h | 60 + 3P/wolfssl/wolfssl/wolfcrypt/hmac.h | 190 + 3P/wolfssl/wolfssl/wolfcrypt/include.am | 55 + 3P/wolfssl/wolfssl/wolfcrypt/integer.h | 324 + 3P/wolfssl/wolfssl/wolfcrypt/logging.h | 70 + 3P/wolfssl/wolfssl/wolfcrypt/md2.h | 65 + 3P/wolfssl/wolfssl/wolfcrypt/md4.h | 65 + 3P/wolfssl/wolfssl/wolfcrypt/md5.h | 81 + 3P/wolfssl/wolfssl/wolfcrypt/memory.h | 56 + 3P/wolfssl/wolfssl/wolfcrypt/misc.h | 75 + 3P/wolfssl/wolfssl/wolfcrypt/mpi_class.h | 1018 + 3P/wolfssl/wolfssl/wolfcrypt/mpi_superclass.h | 95 + 3P/wolfssl/wolfssl/wolfcrypt/pkcs7.h | 127 + 3P/wolfssl/wolfssl/wolfcrypt/poly1305.h | 83 + .../wolfcrypt/port/pic32/pic32mz-crypt.h | 138 + 3P/wolfssl/wolfssl/wolfcrypt/pwdbased.h | 56 + 3P/wolfssl/wolfssl/wolfcrypt/rabbit.h | 65 + 3P/wolfssl/wolfssl/wolfcrypt/random.h | 143 + 3P/wolfssl/wolfssl/wolfcrypt/ripemd.h | 64 + 3P/wolfssl/wolfssl/wolfcrypt/rsa.h | 120 + 3P/wolfssl/wolfssl/wolfcrypt/settings.h | 741 + 3P/wolfssl/wolfssl/wolfcrypt/sha.h | 82 + 3P/wolfssl/wolfssl/wolfcrypt/sha256.h | 79 + 3P/wolfssl/wolfssl/wolfcrypt/sha512.h | 104 + 3P/wolfssl/wolfssl/wolfcrypt/tfm.h | 720 + 3P/wolfssl/wolfssl/wolfcrypt/types.h | 321 + 3P/wolfssl/wolfssl/wolfcrypt/visibility.h | 75 + 3P/wolfssl/wolfssl/wolfcrypt/wc_port.h | 201 + 3P/wolfssl/wolfssl64.sln | 86 + 638 files changed, 276962 insertions(+) create mode 100644 3P/wolfssl/AUTHORS create mode 100644 3P/wolfssl/COPYING create mode 100644 3P/wolfssl/ChangeLog create mode 100644 3P/wolfssl/IDE/IAR-EWARM/Projects/CyaSSL-Lib/CyaSSL-Lib.ewp create mode 100644 3P/wolfssl/IDE/IAR-EWARM/Projects/CyaSSL-Lib/CyaSSL-Lib.eww create mode 100644 3P/wolfssl/IDE/IAR-EWARM/Projects/CyaSSL-Lib/benchmark-main.c create mode 100644 3P/wolfssl/IDE/IAR-EWARM/Projects/CyaSSL-Lib/test-main.c create mode 100644 3P/wolfssl/IDE/IAR-EWARM/Projects/CyaSSL-Lib/wolfCrypt-benchmark.ewd create mode 100644 3P/wolfssl/IDE/IAR-EWARM/Projects/CyaSSL-Lib/wolfCrypt-benchmark.ewp create mode 100644 3P/wolfssl/IDE/IAR-EWARM/Projects/CyaSSL-Lib/wolfCrypt-benchmark.icf create mode 100644 3P/wolfssl/IDE/IAR-EWARM/Projects/CyaSSL-Lib/wolfCrypt-test.ewd create mode 100644 3P/wolfssl/IDE/IAR-EWARM/Projects/CyaSSL-Lib/wolfCrypt-test.ewp create mode 100644 3P/wolfssl/IDE/IAR-EWARM/Projects/CyaSSL-Lib/wolfCrypt-test.icf create mode 100644 3P/wolfssl/IDE/IAR-EWARM/README create mode 100644 3P/wolfssl/IDE/MDK-ARM/LPC43xx/time-LCP43xx.c create mode 100644 3P/wolfssl/IDE/MDK-ARM/MDK-ARM/CyaSSL/Retarget.c create mode 100644 3P/wolfssl/IDE/MDK-ARM/MDK-ARM/CyaSSL/cert_data.c create mode 100644 3P/wolfssl/IDE/MDK-ARM/MDK-ARM/CyaSSL/cert_data.h create mode 100644 3P/wolfssl/IDE/MDK-ARM/MDK-ARM/CyaSSL/config-BARE-METAL.h create mode 100644 3P/wolfssl/IDE/MDK-ARM/MDK-ARM/CyaSSL/config-FS.h create mode 100644 3P/wolfssl/IDE/MDK-ARM/MDK-ARM/CyaSSL/config-RTX-TCP-FS.h create mode 100644 3P/wolfssl/IDE/MDK-ARM/MDK-ARM/CyaSSL/config.h create mode 100644 3P/wolfssl/IDE/MDK-ARM/MDK-ARM/CyaSSL/cyassl_MDK_ARM.c create mode 100644 3P/wolfssl/IDE/MDK-ARM/MDK-ARM/CyaSSL/cyassl_MDK_ARM.h create mode 100644 3P/wolfssl/IDE/MDK-ARM/MDK-ARM/CyaSSL/main.c create mode 100644 3P/wolfssl/IDE/MDK-ARM/MDK-ARM/CyaSSL/shell.c create mode 100644 3P/wolfssl/IDE/MDK-ARM/MDK-ARM/CyaSSL/ssl-dummy.c create mode 100644 3P/wolfssl/IDE/MDK-ARM/Projects/MDK-ARM-LPC43xx.uvopt create mode 100644 3P/wolfssl/IDE/MDK-ARM/Projects/MDK-ARM-LPC43xx.uvproj create mode 100644 3P/wolfssl/IDE/MDK-ARM/Projects/MDK-ARM-STM32F2xx.uvopt create mode 100644 3P/wolfssl/IDE/MDK-ARM/Projects/MDK-ARM-STM32F2xx.uvproj create mode 100644 3P/wolfssl/IDE/MDK-ARM/STM32F2xx_StdPeriph_Lib/time-STM32F2xx.c create mode 100644 3P/wolfssl/IDE/MDK5-ARM/Conf/config-Crypt.h create mode 100644 3P/wolfssl/IDE/MDK5-ARM/Conf/config-CyaSSL.h create mode 100644 3P/wolfssl/IDE/MDK5-ARM/Inc/cert_data.h create mode 100644 3P/wolfssl/IDE/MDK5-ARM/Inc/config.h create mode 100644 3P/wolfssl/IDE/MDK5-ARM/Inc/cyassl_MDK_ARM.h create mode 100644 3P/wolfssl/IDE/MDK5-ARM/Projects/CryptBenchmark/Abstract.txt create mode 100644 3P/wolfssl/IDE/MDK5-ARM/Projects/CryptBenchmark/CryptBenchmark.uvoptx create mode 100644 3P/wolfssl/IDE/MDK5-ARM/Projects/CryptBenchmark/CryptBenchmark.uvprojx create mode 100644 3P/wolfssl/IDE/MDK5-ARM/Projects/CryptBenchmark/RTE/wolfSSL/settings.h create mode 100644 3P/wolfssl/IDE/MDK5-ARM/Projects/CryptBenchmark/benchmark.c create mode 100644 3P/wolfssl/IDE/MDK5-ARM/Projects/CryptBenchmark/main.c create mode 100644 3P/wolfssl/IDE/MDK5-ARM/Projects/CryptBenchmark/time-CortexM3-4.c create mode 100644 3P/wolfssl/IDE/MDK5-ARM/Projects/CryptBenchmark/time-dummy.c create mode 100644 3P/wolfssl/IDE/MDK5-ARM/Projects/CryptTest/Abstract.txt create mode 100644 3P/wolfssl/IDE/MDK5-ARM/Projects/CryptTest/CryptTest.uvoptx create mode 100644 3P/wolfssl/IDE/MDK5-ARM/Projects/CryptTest/CryptTest.uvprojx create mode 100644 3P/wolfssl/IDE/MDK5-ARM/Projects/CryptTest/RTE/wolfSSL/settings.h create mode 100644 3P/wolfssl/IDE/MDK5-ARM/Projects/CryptTest/cert_data.c create mode 100644 3P/wolfssl/IDE/MDK5-ARM/Projects/CryptTest/main.c create mode 100644 3P/wolfssl/IDE/MDK5-ARM/Projects/CryptTest/test.c create mode 100644 3P/wolfssl/IDE/MDK5-ARM/Projects/CryptTest/time-dummy.c create mode 100644 3P/wolfssl/IDE/MDK5-ARM/Projects/CyaSSL-Full/Abstract.txt create mode 100644 3P/wolfssl/IDE/MDK5-ARM/Projects/CyaSSL-Full/CyaSSL-Full.uvoptx create mode 100644 3P/wolfssl/IDE/MDK5-ARM/Projects/CyaSSL-Full/CyaSSL-Full.uvprojx create mode 100644 3P/wolfssl/IDE/MDK5-ARM/Projects/CyaSSL-Full/RTE/wolfSSL/settings.h create mode 100644 3P/wolfssl/IDE/MDK5-ARM/Projects/CyaSSL-Full/benchmark.c create mode 100644 3P/wolfssl/IDE/MDK5-ARM/Projects/CyaSSL-Full/cert_data.c create mode 100644 3P/wolfssl/IDE/MDK5-ARM/Projects/CyaSSL-Full/client.c create mode 100644 3P/wolfssl/IDE/MDK5-ARM/Projects/CyaSSL-Full/echoclient.c create mode 100644 3P/wolfssl/IDE/MDK5-ARM/Projects/CyaSSL-Full/echoserver.c create mode 100644 3P/wolfssl/IDE/MDK5-ARM/Projects/CyaSSL-Full/main.c create mode 100644 3P/wolfssl/IDE/MDK5-ARM/Projects/CyaSSL-Full/server.c create mode 100644 3P/wolfssl/IDE/MDK5-ARM/Projects/CyaSSL-Full/shell.c create mode 100644 3P/wolfssl/IDE/MDK5-ARM/Projects/CyaSSL-Full/test.c create mode 100644 3P/wolfssl/IDE/MDK5-ARM/Projects/CyaSSL-Full/time-CortexM3-4.c create mode 100644 3P/wolfssl/IDE/MDK5-ARM/Projects/CyaSSL-Full/time-dummy.c create mode 100644 3P/wolfssl/IDE/MDK5-ARM/Projects/EchoClient/Abstract.txt create mode 100644 3P/wolfssl/IDE/MDK5-ARM/Projects/EchoClient/EchoClient.uvoptx create mode 100644 3P/wolfssl/IDE/MDK5-ARM/Projects/EchoClient/EchoClient.uvprojx create mode 100644 3P/wolfssl/IDE/MDK5-ARM/Projects/EchoClient/RTE/wolfSSL/settings.h create mode 100644 3P/wolfssl/IDE/MDK5-ARM/Projects/EchoClient/config-EchoClient.h create mode 100644 3P/wolfssl/IDE/MDK5-ARM/Projects/EchoClient/echoclient.c create mode 100644 3P/wolfssl/IDE/MDK5-ARM/Projects/EchoClient/main.c create mode 100644 3P/wolfssl/IDE/MDK5-ARM/Projects/EchoClient/time-dummy.c create mode 100644 3P/wolfssl/IDE/MDK5-ARM/Projects/EchoServer/Abstract.txt create mode 100644 3P/wolfssl/IDE/MDK5-ARM/Projects/EchoServer/EchoServer.uvoptx create mode 100644 3P/wolfssl/IDE/MDK5-ARM/Projects/EchoServer/EchoServer.uvprojx create mode 100644 3P/wolfssl/IDE/MDK5-ARM/Projects/EchoServer/RTE/wolfSSL/settings.h create mode 100644 3P/wolfssl/IDE/MDK5-ARM/Projects/EchoServer/echoserver.c create mode 100644 3P/wolfssl/IDE/MDK5-ARM/Projects/EchoServer/main.c create mode 100644 3P/wolfssl/IDE/MDK5-ARM/Projects/EchoServer/time-dummy.c create mode 100644 3P/wolfssl/IDE/MDK5-ARM/Projects/SimpleClient/Abstract.txt create mode 100644 3P/wolfssl/IDE/MDK5-ARM/Projects/SimpleClient/RTE/wolfSSL/settings.h create mode 100644 3P/wolfssl/IDE/MDK5-ARM/Projects/SimpleClient/SimpleClient.uvoptx create mode 100644 3P/wolfssl/IDE/MDK5-ARM/Projects/SimpleClient/client.c create mode 100644 3P/wolfssl/IDE/MDK5-ARM/Projects/SimpleClient/config-SimpleClient.h create mode 100644 3P/wolfssl/IDE/MDK5-ARM/Projects/SimpleClient/main.c create mode 100644 3P/wolfssl/IDE/MDK5-ARM/Projects/SimpleClient/simpleClient.uvprojx create mode 100644 3P/wolfssl/IDE/MDK5-ARM/Projects/SimpleClient/time-CortexM3-4.c create mode 100644 3P/wolfssl/IDE/MDK5-ARM/Projects/SimpleClient/time-STM32F2xx.c create mode 100644 3P/wolfssl/IDE/MDK5-ARM/Projects/SimpleClient/time-dummy.c create mode 100644 3P/wolfssl/IDE/MDK5-ARM/Projects/SimpleServer/Abstract.txt create mode 100644 3P/wolfssl/IDE/MDK5-ARM/Projects/SimpleServer/RTE/wolfSSL/settings.h create mode 100644 3P/wolfssl/IDE/MDK5-ARM/Projects/SimpleServer/SimpleServer.uvoptx create mode 100644 3P/wolfssl/IDE/MDK5-ARM/Projects/SimpleServer/SimpleServer.uvprojx create mode 100644 3P/wolfssl/IDE/MDK5-ARM/Projects/SimpleServer/config-SimpleServer.h create mode 100644 3P/wolfssl/IDE/MDK5-ARM/Projects/SimpleServer/main.c create mode 100644 3P/wolfssl/IDE/MDK5-ARM/Projects/SimpleServer/server.c create mode 100644 3P/wolfssl/IDE/MDK5-ARM/Projects/SimpleServer/time-dummy.c create mode 100644 3P/wolfssl/IDE/MDK5-ARM/Src/cert_data.c create mode 100644 3P/wolfssl/IDE/MDK5-ARM/Src/cyassl_MDK_ARM.c create mode 100644 3P/wolfssl/IDE/MDK5-ARM/Src/ssl-dummy.c create mode 100644 3P/wolfssl/IDE/iOS/README.md create mode 100644 3P/wolfssl/IDE/iOS/wolfssl-FIPS.xcodeproj/project.pbxproj create mode 100644 3P/wolfssl/IDE/iOS/wolfssl.xcodeproj/project.pbxproj create mode 100644 3P/wolfssl/LICENSING create mode 100644 3P/wolfssl/Makefile.am create mode 100644 3P/wolfssl/Makefile.in create mode 100644 3P/wolfssl/NEWS create mode 100644 3P/wolfssl/README create mode 100644 3P/wolfssl/README.md create mode 100644 3P/wolfssl/aclocal.m4 create mode 100755 3P/wolfssl/build-aux/compile create mode 100755 3P/wolfssl/build-aux/config.guess create mode 100755 3P/wolfssl/build-aux/config.sub create mode 100755 3P/wolfssl/build-aux/depcomp create mode 100755 3P/wolfssl/build-aux/install-sh create mode 100644 3P/wolfssl/build-aux/ltmain.sh create mode 100755 3P/wolfssl/build-aux/missing create mode 100755 3P/wolfssl/build-aux/test-driver create mode 100644 3P/wolfssl/builders/cmake/CMakeLists.txt create mode 100644 3P/wolfssl/certs/1024/client-cert.der create mode 100644 3P/wolfssl/certs/1024/client-cert.pem create mode 100644 3P/wolfssl/certs/1024/client-key.der create mode 100644 3P/wolfssl/certs/1024/client-key.pem create mode 100644 3P/wolfssl/certs/1024/dh1024.der create mode 100644 3P/wolfssl/certs/1024/dh1024.pem create mode 100644 3P/wolfssl/certs/1024/dsa1024.der create mode 100644 3P/wolfssl/certs/1024/dsa1024.pem create mode 100644 3P/wolfssl/certs/1024/include.am create mode 100644 3P/wolfssl/certs/1024/rsa1024.der create mode 100644 3P/wolfssl/certs/ca-cert.der create mode 100644 3P/wolfssl/certs/ca-cert.pem create mode 100644 3P/wolfssl/certs/ca-key.der create mode 100644 3P/wolfssl/certs/ca-key.pem create mode 100644 3P/wolfssl/certs/client-cert.der create mode 100644 3P/wolfssl/certs/client-cert.pem create mode 100644 3P/wolfssl/certs/client-ecc-cert.pem create mode 100644 3P/wolfssl/certs/client-key.der create mode 100644 3P/wolfssl/certs/client-key.pem create mode 100644 3P/wolfssl/certs/client-keyEnc.pem create mode 100644 3P/wolfssl/certs/crl/cliCrl.pem create mode 100644 3P/wolfssl/certs/crl/crl.pem create mode 100644 3P/wolfssl/certs/crl/crl.revoked create mode 100644 3P/wolfssl/certs/crl/eccCliCRL.pem create mode 100644 3P/wolfssl/certs/crl/eccSrvCRL.pem create mode 100644 3P/wolfssl/certs/crl/include.am create mode 100644 3P/wolfssl/certs/dh2048.der create mode 100644 3P/wolfssl/certs/dh2048.pem create mode 100644 3P/wolfssl/certs/dsa2048.der create mode 100644 3P/wolfssl/certs/ecc-client-key.pem create mode 100644 3P/wolfssl/certs/ecc-key-comp.pem create mode 100644 3P/wolfssl/certs/ecc-key.der create mode 100644 3P/wolfssl/certs/ecc-key.pem create mode 100644 3P/wolfssl/certs/ecc-keyPkcs8.pem create mode 100644 3P/wolfssl/certs/include.am create mode 100644 3P/wolfssl/certs/ntru-cert.pem create mode 100644 3P/wolfssl/certs/ntru-key.raw create mode 100644 3P/wolfssl/certs/rsa2048.der create mode 100644 3P/wolfssl/certs/server-cert.der create mode 100644 3P/wolfssl/certs/server-cert.pem create mode 100644 3P/wolfssl/certs/server-ecc-comp.pem create mode 100644 3P/wolfssl/certs/server-ecc-rsa.pem create mode 100644 3P/wolfssl/certs/server-ecc.pem create mode 100644 3P/wolfssl/certs/server-key.der create mode 100644 3P/wolfssl/certs/server-key.pem create mode 100644 3P/wolfssl/certs/server-keyEnc.pem create mode 100644 3P/wolfssl/certs/server-keyPkcs8.pem create mode 100644 3P/wolfssl/certs/server-keyPkcs8Enc.pem create mode 100644 3P/wolfssl/certs/server-keyPkcs8Enc12.pem create mode 100644 3P/wolfssl/certs/server-keyPkcs8Enc2.pem create mode 100644 3P/wolfssl/certs/taoCert.txt create mode 100644 3P/wolfssl/config.h create mode 100644 3P/wolfssl/config.in create mode 100755 3P/wolfssl/configure create mode 100644 3P/wolfssl/configure.ac create mode 100644 3P/wolfssl/ctaocrypt/src/aes.c create mode 100644 3P/wolfssl/ctaocrypt/src/des3.c create mode 100644 3P/wolfssl/ctaocrypt/src/fips.c create mode 100644 3P/wolfssl/ctaocrypt/src/fips_test.c create mode 100644 3P/wolfssl/ctaocrypt/src/hmac.c create mode 100644 3P/wolfssl/ctaocrypt/src/random.c create mode 100644 3P/wolfssl/ctaocrypt/src/rsa.c create mode 100644 3P/wolfssl/ctaocrypt/src/sha.c create mode 100644 3P/wolfssl/ctaocrypt/src/sha256.c create mode 100644 3P/wolfssl/ctaocrypt/src/sha512.c create mode 100644 3P/wolfssl/ctaocrypt/src/wolfcrypt_first.c create mode 100644 3P/wolfssl/ctaocrypt/src/wolfcrypt_last.c create mode 100644 3P/wolfssl/cyassl/callbacks.h create mode 100644 3P/wolfssl/cyassl/certs_test.h create mode 100644 3P/wolfssl/cyassl/crl.h create mode 100644 3P/wolfssl/cyassl/ctaocrypt/aes.h create mode 100644 3P/wolfssl/cyassl/ctaocrypt/arc4.h create mode 100644 3P/wolfssl/cyassl/ctaocrypt/asn.h create mode 100644 3P/wolfssl/cyassl/ctaocrypt/asn_public.h create mode 100644 3P/wolfssl/cyassl/ctaocrypt/blake2-impl.h create mode 100644 3P/wolfssl/cyassl/ctaocrypt/blake2-int.h create mode 100644 3P/wolfssl/cyassl/ctaocrypt/blake2.h create mode 100644 3P/wolfssl/cyassl/ctaocrypt/camellia.h create mode 100644 3P/wolfssl/cyassl/ctaocrypt/chacha.h create mode 100644 3P/wolfssl/cyassl/ctaocrypt/coding.h create mode 100644 3P/wolfssl/cyassl/ctaocrypt/compress.h create mode 100644 3P/wolfssl/cyassl/ctaocrypt/des3.h create mode 100644 3P/wolfssl/cyassl/ctaocrypt/dh.h create mode 100644 3P/wolfssl/cyassl/ctaocrypt/dsa.h create mode 100644 3P/wolfssl/cyassl/ctaocrypt/ecc.h create mode 100644 3P/wolfssl/cyassl/ctaocrypt/error-crypt.h create mode 100644 3P/wolfssl/cyassl/ctaocrypt/fips_test.h create mode 100644 3P/wolfssl/cyassl/ctaocrypt/hc128.h create mode 100644 3P/wolfssl/cyassl/ctaocrypt/hmac.h create mode 100644 3P/wolfssl/cyassl/ctaocrypt/include.am create mode 100644 3P/wolfssl/cyassl/ctaocrypt/integer.h create mode 100644 3P/wolfssl/cyassl/ctaocrypt/logging.h create mode 100644 3P/wolfssl/cyassl/ctaocrypt/md2.h create mode 100644 3P/wolfssl/cyassl/ctaocrypt/md4.h create mode 100644 3P/wolfssl/cyassl/ctaocrypt/md5.h create mode 100644 3P/wolfssl/cyassl/ctaocrypt/memory.h create mode 100644 3P/wolfssl/cyassl/ctaocrypt/misc.h create mode 100644 3P/wolfssl/cyassl/ctaocrypt/mpi_class.h create mode 100644 3P/wolfssl/cyassl/ctaocrypt/mpi_superclass.h create mode 100644 3P/wolfssl/cyassl/ctaocrypt/pkcs7.h create mode 100644 3P/wolfssl/cyassl/ctaocrypt/poly1305.h create mode 100644 3P/wolfssl/cyassl/ctaocrypt/port/pic32/pic32mz-crypt.h create mode 100644 3P/wolfssl/cyassl/ctaocrypt/pwdbased.h create mode 100644 3P/wolfssl/cyassl/ctaocrypt/rabbit.h create mode 100644 3P/wolfssl/cyassl/ctaocrypt/random.h create mode 100644 3P/wolfssl/cyassl/ctaocrypt/ripemd.h create mode 100644 3P/wolfssl/cyassl/ctaocrypt/rsa.h create mode 100644 3P/wolfssl/cyassl/ctaocrypt/settings.h create mode 100644 3P/wolfssl/cyassl/ctaocrypt/settings_comp.h create mode 100644 3P/wolfssl/cyassl/ctaocrypt/sha.h create mode 100644 3P/wolfssl/cyassl/ctaocrypt/sha256.h create mode 100644 3P/wolfssl/cyassl/ctaocrypt/sha512.h create mode 100644 3P/wolfssl/cyassl/ctaocrypt/tfm.h create mode 100644 3P/wolfssl/cyassl/ctaocrypt/types.h create mode 100644 3P/wolfssl/cyassl/ctaocrypt/visibility.h create mode 100644 3P/wolfssl/cyassl/ctaocrypt/wc_port.h create mode 100644 3P/wolfssl/cyassl/error-ssl.h create mode 100644 3P/wolfssl/cyassl/include.am create mode 100644 3P/wolfssl/cyassl/internal.h create mode 100644 3P/wolfssl/cyassl/ocsp.h create mode 100644 3P/wolfssl/cyassl/openssl/asn1.h create mode 100644 3P/wolfssl/cyassl/openssl/bio.h create mode 100644 3P/wolfssl/cyassl/openssl/bn.h create mode 100644 3P/wolfssl/cyassl/openssl/conf.h create mode 100644 3P/wolfssl/cyassl/openssl/crypto.h create mode 100644 3P/wolfssl/cyassl/openssl/des.h create mode 100644 3P/wolfssl/cyassl/openssl/dh.h create mode 100644 3P/wolfssl/cyassl/openssl/dsa.h create mode 100644 3P/wolfssl/cyassl/openssl/ec.h create mode 100644 3P/wolfssl/cyassl/openssl/ecdsa.h create mode 100644 3P/wolfssl/cyassl/openssl/engine.h create mode 100644 3P/wolfssl/cyassl/openssl/err.h create mode 100644 3P/wolfssl/cyassl/openssl/evp.h create mode 100644 3P/wolfssl/cyassl/openssl/hmac.h create mode 100644 3P/wolfssl/cyassl/openssl/include.am create mode 100644 3P/wolfssl/cyassl/openssl/lhash.h create mode 100644 3P/wolfssl/cyassl/openssl/md4.h create mode 100644 3P/wolfssl/cyassl/openssl/md5.h create mode 100644 3P/wolfssl/cyassl/openssl/ocsp.h create mode 100644 3P/wolfssl/cyassl/openssl/opensslconf.h create mode 100644 3P/wolfssl/cyassl/openssl/opensslv.h create mode 100644 3P/wolfssl/cyassl/openssl/ossl_typ.h create mode 100644 3P/wolfssl/cyassl/openssl/pem.h create mode 100644 3P/wolfssl/cyassl/openssl/pkcs12.h create mode 100644 3P/wolfssl/cyassl/openssl/rand.h create mode 100644 3P/wolfssl/cyassl/openssl/ripemd.h create mode 100644 3P/wolfssl/cyassl/openssl/rsa.h create mode 100644 3P/wolfssl/cyassl/openssl/sha.h create mode 100644 3P/wolfssl/cyassl/openssl/ssl.h create mode 100644 3P/wolfssl/cyassl/openssl/stack.h create mode 100644 3P/wolfssl/cyassl/openssl/ui.h create mode 100644 3P/wolfssl/cyassl/openssl/x509.h create mode 100644 3P/wolfssl/cyassl/openssl/x509v3.h create mode 100644 3P/wolfssl/cyassl/options.h create mode 100644 3P/wolfssl/cyassl/sniffer.h create mode 100644 3P/wolfssl/cyassl/sniffer_error.h create mode 100644 3P/wolfssl/cyassl/sniffer_error.rc create mode 100644 3P/wolfssl/cyassl/ssl.h create mode 100644 3P/wolfssl/cyassl/test.h create mode 100644 3P/wolfssl/cyassl/version.h create mode 100644 3P/wolfssl/doc/README.txt create mode 100644 3P/wolfssl/doc/include.am create mode 100755 3P/wolfssl/examples/client/client-ntru.vcproj create mode 100644 3P/wolfssl/examples/client/client.c create mode 100644 3P/wolfssl/examples/client/client.h create mode 100755 3P/wolfssl/examples/client/client.sln create mode 100755 3P/wolfssl/examples/client/client.vcproj create mode 100644 3P/wolfssl/examples/client/client.vcxproj create mode 100644 3P/wolfssl/examples/client/include.am create mode 100755 3P/wolfssl/examples/echoclient/echoclient-ntru.vcproj create mode 100644 3P/wolfssl/examples/echoclient/echoclient.c create mode 100644 3P/wolfssl/examples/echoclient/echoclient.h create mode 100755 3P/wolfssl/examples/echoclient/echoclient.sln create mode 100755 3P/wolfssl/examples/echoclient/echoclient.vcproj create mode 100644 3P/wolfssl/examples/echoclient/echoclient.vcxproj create mode 100644 3P/wolfssl/examples/echoclient/include.am create mode 100755 3P/wolfssl/examples/echoserver/echoserver-ntru.vcproj create mode 100644 3P/wolfssl/examples/echoserver/echoserver.c create mode 100644 3P/wolfssl/examples/echoserver/echoserver.h create mode 100755 3P/wolfssl/examples/echoserver/echoserver.sln create mode 100755 3P/wolfssl/examples/echoserver/echoserver.vcproj create mode 100644 3P/wolfssl/examples/echoserver/echoserver.vcxproj create mode 100644 3P/wolfssl/examples/echoserver/include.am create mode 100644 3P/wolfssl/examples/server/include.am create mode 100755 3P/wolfssl/examples/server/server-ntru.vcproj create mode 100644 3P/wolfssl/examples/server/server.c create mode 100644 3P/wolfssl/examples/server/server.h create mode 100755 3P/wolfssl/examples/server/server.sln create mode 100755 3P/wolfssl/examples/server/server.vcproj create mode 100644 3P/wolfssl/examples/server/server.vcxproj create mode 100755 3P/wolfssl/gencertbuf.pl create mode 100644 3P/wolfssl/input create mode 100644 3P/wolfssl/lib/dummy create mode 100644 3P/wolfssl/m4/ax_add_am_macro.m4 create mode 100644 3P/wolfssl/m4/ax_am_jobserver.m4 create mode 100644 3P/wolfssl/m4/ax_am_macros.m4 create mode 100644 3P/wolfssl/m4/ax_append_compile_flags.m4 create mode 100644 3P/wolfssl/m4/ax_append_flag.m4 create mode 100644 3P/wolfssl/m4/ax_append_to_file.m4 create mode 100644 3P/wolfssl/m4/ax_check_compile_flag.m4 create mode 100644 3P/wolfssl/m4/ax_check_link_flag.m4 create mode 100644 3P/wolfssl/m4/ax_count_cpus.m4 create mode 100644 3P/wolfssl/m4/ax_create_generic_config.m4 create mode 100644 3P/wolfssl/m4/ax_debug.m4 create mode 100644 3P/wolfssl/m4/ax_file_escapes.m4 create mode 100644 3P/wolfssl/m4/ax_harden_compiler_flags.m4 create mode 100644 3P/wolfssl/m4/ax_print_to_file.m4 create mode 100644 3P/wolfssl/m4/ax_pthread.m4 create mode 100644 3P/wolfssl/m4/ax_tls.m4 create mode 100644 3P/wolfssl/m4/ax_vcs_checkout.m4 create mode 100644 3P/wolfssl/m4/hexversion.m4 create mode 100644 3P/wolfssl/m4/lib_socket_nsl.m4 create mode 100644 3P/wolfssl/m4/libtool.m4 create mode 100644 3P/wolfssl/m4/ltoptions.m4 create mode 100644 3P/wolfssl/m4/ltsugar.m4 create mode 100644 3P/wolfssl/m4/ltversion.m4 create mode 100644 3P/wolfssl/m4/lt~obsolete.m4 create mode 100644 3P/wolfssl/m4/visibility.m4 create mode 100644 3P/wolfssl/m4/wolfssl_darwin_clang.m4 create mode 100644 3P/wolfssl/mcapi/PIC32MZ-serial.h create mode 100644 3P/wolfssl/mcapi/README create mode 100644 3P/wolfssl/mcapi/crypto.c create mode 100644 3P/wolfssl/mcapi/crypto.h create mode 100644 3P/wolfssl/mcapi/include.am create mode 100644 3P/wolfssl/mcapi/mcapi_test.c create mode 100644 3P/wolfssl/mcapi/wolfcrypt_mcapi.X/Makefile create mode 100644 3P/wolfssl/mcapi/wolfcrypt_mcapi.X/nbproject/configurations.xml create mode 100644 3P/wolfssl/mcapi/wolfcrypt_mcapi.X/nbproject/include.am create mode 100644 3P/wolfssl/mcapi/wolfcrypt_mcapi.X/nbproject/project.xml create mode 100644 3P/wolfssl/mcapi/wolfcrypt_test.X/Makefile create mode 100644 3P/wolfssl/mcapi/wolfcrypt_test.X/nbproject/configurations.xml create mode 100644 3P/wolfssl/mcapi/wolfcrypt_test.X/nbproject/include.am create mode 100644 3P/wolfssl/mcapi/wolfcrypt_test.X/nbproject/project.xml create mode 100644 3P/wolfssl/mcapi/wolfssl.X/Makefile create mode 100644 3P/wolfssl/mcapi/wolfssl.X/nbproject/configurations.xml create mode 100644 3P/wolfssl/mcapi/wolfssl.X/nbproject/include.am create mode 100644 3P/wolfssl/mcapi/wolfssl.X/nbproject/project.xml create mode 100644 3P/wolfssl/mcapi/zlib.X/Makefile create mode 100644 3P/wolfssl/mcapi/zlib.X/nbproject/configurations.xml create mode 100644 3P/wolfssl/mcapi/zlib.X/nbproject/include.am create mode 100644 3P/wolfssl/mcapi/zlib.X/nbproject/project.xml create mode 100644 3P/wolfssl/mplabx/PIC32MZ-serial.h create mode 100644 3P/wolfssl/mplabx/README create mode 100644 3P/wolfssl/mplabx/benchmark_main.c create mode 100644 3P/wolfssl/mplabx/include.am create mode 100644 3P/wolfssl/mplabx/test_main.c create mode 100755 3P/wolfssl/mplabx/wolfcrypt_benchmark.X/Makefile create mode 100755 3P/wolfssl/mplabx/wolfcrypt_benchmark.X/nbproject/configurations.xml create mode 100755 3P/wolfssl/mplabx/wolfcrypt_benchmark.X/nbproject/include.am create mode 100755 3P/wolfssl/mplabx/wolfcrypt_benchmark.X/nbproject/project.xml create mode 100755 3P/wolfssl/mplabx/wolfcrypt_test.X/Makefile create mode 100755 3P/wolfssl/mplabx/wolfcrypt_test.X/nbproject/configurations.xml create mode 100755 3P/wolfssl/mplabx/wolfcrypt_test.X/nbproject/include.am create mode 100755 3P/wolfssl/mplabx/wolfcrypt_test.X/nbproject/project.xml create mode 100755 3P/wolfssl/mplabx/wolfssl.X/Makefile create mode 100755 3P/wolfssl/mplabx/wolfssl.X/nbproject/configurations.xml create mode 100755 3P/wolfssl/mplabx/wolfssl.X/nbproject/include.am create mode 100755 3P/wolfssl/mplabx/wolfssl.X/nbproject/project.xml create mode 100644 3P/wolfssl/mqx/README create mode 100644 3P/wolfssl/mqx/cyassl/.cproject create mode 100644 3P/wolfssl/mqx/cyassl/.project create mode 100644 3P/wolfssl/mqx/cyassl/include.am create mode 100644 3P/wolfssl/mqx/util_lib/.cproject create mode 100644 3P/wolfssl/mqx/util_lib/.project create mode 100644 3P/wolfssl/mqx/util_lib/Sources/include.am create mode 100644 3P/wolfssl/mqx/util_lib/Sources/util.c create mode 100644 3P/wolfssl/mqx/util_lib/Sources/util.h create mode 100644 3P/wolfssl/quit create mode 100644 3P/wolfssl/rpm/include.am create mode 100644 3P/wolfssl/rpm/spec.in create mode 100644 3P/wolfssl/src/crl.c create mode 100644 3P/wolfssl/src/include.am create mode 100644 3P/wolfssl/src/internal.c create mode 100644 3P/wolfssl/src/io.c create mode 100644 3P/wolfssl/src/keys.c create mode 100644 3P/wolfssl/src/ocsp.c create mode 100644 3P/wolfssl/src/sniffer.c create mode 100644 3P/wolfssl/src/ssl.c create mode 100644 3P/wolfssl/src/tls.c create mode 100755 3P/wolfssl/sslSniffer/sslSniffer.vcproj create mode 100644 3P/wolfssl/sslSniffer/sslSniffer.vcxproj create mode 100644 3P/wolfssl/sslSniffer/sslSnifferTest/include.am create mode 100755 3P/wolfssl/sslSniffer/sslSnifferTest/snifftest.c create mode 100755 3P/wolfssl/sslSniffer/sslSnifferTest/sslSniffTest.vcproj create mode 100644 3P/wolfssl/stamp-h.in create mode 100644 3P/wolfssl/support/include.am create mode 100644 3P/wolfssl/support/wolfssl.pc create mode 100644 3P/wolfssl/support/wolfssl.pc.in create mode 100755 3P/wolfssl/swig/PythonBuild.sh create mode 100644 3P/wolfssl/swig/README create mode 100644 3P/wolfssl/swig/include.am create mode 100755 3P/wolfssl/swig/python_wolfssl.vcproj create mode 100644 3P/wolfssl/swig/rsasign.py create mode 100644 3P/wolfssl/swig/runme.py create mode 100644 3P/wolfssl/swig/wolfssl.i create mode 100644 3P/wolfssl/swig/wolfssl_adds.c create mode 100644 3P/wolfssl/tests/api.c create mode 100644 3P/wolfssl/tests/hash.c create mode 100644 3P/wolfssl/tests/include.am create mode 100644 3P/wolfssl/tests/suites.c create mode 100644 3P/wolfssl/tests/test-dtls.conf create mode 100644 3P/wolfssl/tests/test.conf create mode 100644 3P/wolfssl/tests/unit.c create mode 100644 3P/wolfssl/tests/unit.h create mode 100644 3P/wolfssl/testsuite/include.am create mode 100755 3P/wolfssl/testsuite/testsuite-ntru.vcproj create mode 100644 3P/wolfssl/testsuite/testsuite.c create mode 100755 3P/wolfssl/testsuite/testsuite.sln create mode 100755 3P/wolfssl/testsuite/testsuite.vcproj create mode 100644 3P/wolfssl/testsuite/testsuite.vcxproj create mode 100644 3P/wolfssl/tirtos/README create mode 100644 3P/wolfssl/tirtos/include.am create mode 100644 3P/wolfssl/tirtos/packages/ti/net/wolfssl/package.bld create mode 100644 3P/wolfssl/tirtos/packages/ti/net/wolfssl/package.xdc create mode 100644 3P/wolfssl/tirtos/packages/ti/net/wolfssl/package.xs create mode 100644 3P/wolfssl/tirtos/packages/ti/net/wolfssl/tests/wolfcrypt/benchmark/TM4C1294NC.icf create mode 100644 3P/wolfssl/tirtos/packages/ti/net/wolfssl/tests/wolfcrypt/benchmark/benchmark.cfg create mode 100644 3P/wolfssl/tirtos/packages/ti/net/wolfssl/tests/wolfcrypt/benchmark/main.c create mode 100644 3P/wolfssl/tirtos/packages/ti/net/wolfssl/tests/wolfcrypt/benchmark/package.bld create mode 100644 3P/wolfssl/tirtos/packages/ti/net/wolfssl/tests/wolfcrypt/benchmark/package.xdc create mode 100644 3P/wolfssl/tirtos/packages/ti/net/wolfssl/tests/wolfcrypt/test/TM4C1294NC.icf create mode 100644 3P/wolfssl/tirtos/packages/ti/net/wolfssl/tests/wolfcrypt/test/main.c create mode 100644 3P/wolfssl/tirtos/packages/ti/net/wolfssl/tests/wolfcrypt/test/package.bld create mode 100644 3P/wolfssl/tirtos/packages/ti/net/wolfssl/tests/wolfcrypt/test/package.xdc create mode 100644 3P/wolfssl/tirtos/packages/ti/net/wolfssl/tests/wolfcrypt/test/test.cfg create mode 100644 3P/wolfssl/tirtos/wolfssl.bld create mode 100644 3P/wolfssl/tirtos/wolfssl.mak create mode 100755 3P/wolfssl/valgrind-error.sh create mode 100644 3P/wolfssl/wolfcrypt/benchmark/benchmark.c create mode 100755 3P/wolfssl/wolfcrypt/benchmark/benchmark.sln create mode 100755 3P/wolfssl/wolfcrypt/benchmark/benchmark.vcproj create mode 100644 3P/wolfssl/wolfcrypt/benchmark/include.am create mode 100644 3P/wolfssl/wolfcrypt/src/aes.c create mode 100755 3P/wolfssl/wolfcrypt/src/aes_asm.asm create mode 100755 3P/wolfssl/wolfcrypt/src/aes_asm.s create mode 100644 3P/wolfssl/wolfcrypt/src/arc4.c create mode 100644 3P/wolfssl/wolfcrypt/src/asm.c create mode 100644 3P/wolfssl/wolfcrypt/src/asn.c create mode 100644 3P/wolfssl/wolfcrypt/src/blake2b.c create mode 100644 3P/wolfssl/wolfcrypt/src/camellia.c create mode 100644 3P/wolfssl/wolfcrypt/src/chacha.c create mode 100644 3P/wolfssl/wolfcrypt/src/coding.c create mode 100644 3P/wolfssl/wolfcrypt/src/compress.c create mode 100644 3P/wolfssl/wolfcrypt/src/des3.c create mode 100644 3P/wolfssl/wolfcrypt/src/dh.c create mode 100644 3P/wolfssl/wolfcrypt/src/dsa.c create mode 100644 3P/wolfssl/wolfcrypt/src/ecc.c create mode 100644 3P/wolfssl/wolfcrypt/src/ecc25519.c create mode 100644 3P/wolfssl/wolfcrypt/src/ecc25519_fe.c create mode 100644 3P/wolfssl/wolfcrypt/src/ecc_fp.c create mode 100644 3P/wolfssl/wolfcrypt/src/error.c create mode 100644 3P/wolfssl/wolfcrypt/src/fp_mont_small.i create mode 100644 3P/wolfssl/wolfcrypt/src/fp_mul_comba_12.i create mode 100644 3P/wolfssl/wolfcrypt/src/fp_mul_comba_17.i create mode 100644 3P/wolfssl/wolfcrypt/src/fp_mul_comba_20.i create mode 100644 3P/wolfssl/wolfcrypt/src/fp_mul_comba_24.i create mode 100644 3P/wolfssl/wolfcrypt/src/fp_mul_comba_28.i create mode 100644 3P/wolfssl/wolfcrypt/src/fp_mul_comba_3.i create mode 100644 3P/wolfssl/wolfcrypt/src/fp_mul_comba_32.i create mode 100644 3P/wolfssl/wolfcrypt/src/fp_mul_comba_4.i create mode 100644 3P/wolfssl/wolfcrypt/src/fp_mul_comba_48.i create mode 100644 3P/wolfssl/wolfcrypt/src/fp_mul_comba_6.i create mode 100644 3P/wolfssl/wolfcrypt/src/fp_mul_comba_64.i create mode 100644 3P/wolfssl/wolfcrypt/src/fp_mul_comba_7.i create mode 100644 3P/wolfssl/wolfcrypt/src/fp_mul_comba_8.i create mode 100644 3P/wolfssl/wolfcrypt/src/fp_mul_comba_9.i create mode 100644 3P/wolfssl/wolfcrypt/src/fp_mul_comba_small_set.i create mode 100644 3P/wolfssl/wolfcrypt/src/fp_sqr_comba_12.i create mode 100644 3P/wolfssl/wolfcrypt/src/fp_sqr_comba_17.i create mode 100644 3P/wolfssl/wolfcrypt/src/fp_sqr_comba_20.i create mode 100644 3P/wolfssl/wolfcrypt/src/fp_sqr_comba_24.i create mode 100644 3P/wolfssl/wolfcrypt/src/fp_sqr_comba_28.i create mode 100644 3P/wolfssl/wolfcrypt/src/fp_sqr_comba_3.i create mode 100644 3P/wolfssl/wolfcrypt/src/fp_sqr_comba_32.i create mode 100644 3P/wolfssl/wolfcrypt/src/fp_sqr_comba_4.i create mode 100644 3P/wolfssl/wolfcrypt/src/fp_sqr_comba_48.i create mode 100644 3P/wolfssl/wolfcrypt/src/fp_sqr_comba_6.i create mode 100644 3P/wolfssl/wolfcrypt/src/fp_sqr_comba_64.i create mode 100644 3P/wolfssl/wolfcrypt/src/fp_sqr_comba_7.i create mode 100644 3P/wolfssl/wolfcrypt/src/fp_sqr_comba_8.i create mode 100644 3P/wolfssl/wolfcrypt/src/fp_sqr_comba_9.i create mode 100644 3P/wolfssl/wolfcrypt/src/fp_sqr_comba_small_set.i create mode 100644 3P/wolfssl/wolfcrypt/src/hc128.c create mode 100644 3P/wolfssl/wolfcrypt/src/hmac.c create mode 100644 3P/wolfssl/wolfcrypt/src/include.am create mode 100644 3P/wolfssl/wolfcrypt/src/integer.c create mode 100644 3P/wolfssl/wolfcrypt/src/logging.c create mode 100644 3P/wolfssl/wolfcrypt/src/md2.c create mode 100644 3P/wolfssl/wolfcrypt/src/md4.c create mode 100644 3P/wolfssl/wolfcrypt/src/md5.c create mode 100644 3P/wolfssl/wolfcrypt/src/memory.c create mode 100644 3P/wolfssl/wolfcrypt/src/misc.c create mode 100644 3P/wolfssl/wolfcrypt/src/pkcs7.c create mode 100644 3P/wolfssl/wolfcrypt/src/poly1305.c create mode 100644 3P/wolfssl/wolfcrypt/src/pwdbased.c create mode 100644 3P/wolfssl/wolfcrypt/src/rabbit.c create mode 100644 3P/wolfssl/wolfcrypt/src/random.c create mode 100644 3P/wolfssl/wolfcrypt/src/ripemd.c create mode 100644 3P/wolfssl/wolfcrypt/src/rsa.c create mode 100644 3P/wolfssl/wolfcrypt/src/sha.c create mode 100644 3P/wolfssl/wolfcrypt/src/sha256.c create mode 100755 3P/wolfssl/wolfcrypt/src/sha512.c create mode 100644 3P/wolfssl/wolfcrypt/src/tfm.c create mode 100644 3P/wolfssl/wolfcrypt/src/wc_port.c create mode 100644 3P/wolfssl/wolfcrypt/test/include.am create mode 100644 3P/wolfssl/wolfcrypt/test/test.c create mode 100644 3P/wolfssl/wolfcrypt/test/test.h create mode 100755 3P/wolfssl/wolfcrypt/test/test.sln create mode 100755 3P/wolfssl/wolfcrypt/test/test.vcproj create mode 100644 3P/wolfssl/wolfssl-ios.xcodeproj/project.pbxproj create mode 100644 3P/wolfssl/wolfssl-iphone.xcodeproj/project.pbxproj create mode 100755 3P/wolfssl/wolfssl-ntru.sln create mode 100755 3P/wolfssl/wolfssl-ntru.vcproj create mode 100755 3P/wolfssl/wolfssl.sln create mode 100755 3P/wolfssl/wolfssl.vcproj create mode 100644 3P/wolfssl/wolfssl.vcxproj create mode 100644 3P/wolfssl/wolfssl/callbacks.h create mode 100644 3P/wolfssl/wolfssl/certs_test.h create mode 100644 3P/wolfssl/wolfssl/crl.h create mode 100644 3P/wolfssl/wolfssl/error-ssl.h create mode 100644 3P/wolfssl/wolfssl/include.am create mode 100644 3P/wolfssl/wolfssl/internal.h create mode 100644 3P/wolfssl/wolfssl/ocsp.h create mode 100644 3P/wolfssl/wolfssl/openssl/asn1.h create mode 100644 3P/wolfssl/wolfssl/openssl/bio.h create mode 100644 3P/wolfssl/wolfssl/openssl/bn.h create mode 100644 3P/wolfssl/wolfssl/openssl/conf.h create mode 100644 3P/wolfssl/wolfssl/openssl/crypto.h create mode 100644 3P/wolfssl/wolfssl/openssl/des.h create mode 100644 3P/wolfssl/wolfssl/openssl/dh.h create mode 100644 3P/wolfssl/wolfssl/openssl/dsa.h create mode 100644 3P/wolfssl/wolfssl/openssl/ec.h create mode 100644 3P/wolfssl/wolfssl/openssl/ecdsa.h create mode 100644 3P/wolfssl/wolfssl/openssl/engine.h create mode 100644 3P/wolfssl/wolfssl/openssl/err.h create mode 100644 3P/wolfssl/wolfssl/openssl/evp.h create mode 100644 3P/wolfssl/wolfssl/openssl/hmac.h create mode 100644 3P/wolfssl/wolfssl/openssl/include.am create mode 100644 3P/wolfssl/wolfssl/openssl/lhash.h create mode 100644 3P/wolfssl/wolfssl/openssl/md4.h create mode 100644 3P/wolfssl/wolfssl/openssl/md5.h create mode 100644 3P/wolfssl/wolfssl/openssl/ocsp.h create mode 100644 3P/wolfssl/wolfssl/openssl/opensslconf.h create mode 100644 3P/wolfssl/wolfssl/openssl/opensslv.h create mode 100644 3P/wolfssl/wolfssl/openssl/ossl_typ.h create mode 100644 3P/wolfssl/wolfssl/openssl/pem.h create mode 100644 3P/wolfssl/wolfssl/openssl/pkcs12.h create mode 100644 3P/wolfssl/wolfssl/openssl/rand.h create mode 100644 3P/wolfssl/wolfssl/openssl/ripemd.h create mode 100644 3P/wolfssl/wolfssl/openssl/rsa.h create mode 100644 3P/wolfssl/wolfssl/openssl/sha.h create mode 100644 3P/wolfssl/wolfssl/openssl/ssl.h create mode 100644 3P/wolfssl/wolfssl/openssl/stack.h create mode 100644 3P/wolfssl/wolfssl/openssl/ui.h create mode 100644 3P/wolfssl/wolfssl/openssl/x509.h create mode 100644 3P/wolfssl/wolfssl/openssl/x509v3.h create mode 100644 3P/wolfssl/wolfssl/options.h create mode 100644 3P/wolfssl/wolfssl/options.h.in create mode 100644 3P/wolfssl/wolfssl/sniffer.h create mode 100644 3P/wolfssl/wolfssl/sniffer_error.h create mode 100644 3P/wolfssl/wolfssl/sniffer_error.rc create mode 100644 3P/wolfssl/wolfssl/ssl.h create mode 100644 3P/wolfssl/wolfssl/test.h create mode 100644 3P/wolfssl/wolfssl/version.h create mode 100644 3P/wolfssl/wolfssl/version.h.in create mode 100644 3P/wolfssl/wolfssl/wolfcrypt/aes.h create mode 100644 3P/wolfssl/wolfssl/wolfcrypt/arc4.h create mode 100644 3P/wolfssl/wolfssl/wolfcrypt/asn.h create mode 100644 3P/wolfssl/wolfssl/wolfcrypt/asn_public.h create mode 100644 3P/wolfssl/wolfssl/wolfcrypt/blake2-impl.h create mode 100644 3P/wolfssl/wolfssl/wolfcrypt/blake2-int.h create mode 100644 3P/wolfssl/wolfssl/wolfcrypt/blake2.h create mode 100644 3P/wolfssl/wolfssl/wolfcrypt/camellia.h create mode 100644 3P/wolfssl/wolfssl/wolfcrypt/chacha.h create mode 100644 3P/wolfssl/wolfssl/wolfcrypt/coding.h create mode 100644 3P/wolfssl/wolfssl/wolfcrypt/compress.h create mode 100644 3P/wolfssl/wolfssl/wolfcrypt/des3.h create mode 100644 3P/wolfssl/wolfssl/wolfcrypt/dh.h create mode 100644 3P/wolfssl/wolfssl/wolfcrypt/dsa.h create mode 100644 3P/wolfssl/wolfssl/wolfcrypt/ecc.h create mode 100644 3P/wolfssl/wolfssl/wolfcrypt/ecc25519.h create mode 100644 3P/wolfssl/wolfssl/wolfcrypt/ecc25519_fe.h create mode 100644 3P/wolfssl/wolfssl/wolfcrypt/ecc25519_montgomery.h create mode 100644 3P/wolfssl/wolfssl/wolfcrypt/ecc25519_pow225521.h create mode 100644 3P/wolfssl/wolfssl/wolfcrypt/error-crypt.h create mode 100644 3P/wolfssl/wolfssl/wolfcrypt/fips_test.h create mode 100644 3P/wolfssl/wolfssl/wolfcrypt/hc128.h create mode 100644 3P/wolfssl/wolfssl/wolfcrypt/hmac.h create mode 100644 3P/wolfssl/wolfssl/wolfcrypt/include.am create mode 100644 3P/wolfssl/wolfssl/wolfcrypt/integer.h create mode 100644 3P/wolfssl/wolfssl/wolfcrypt/logging.h create mode 100644 3P/wolfssl/wolfssl/wolfcrypt/md2.h create mode 100644 3P/wolfssl/wolfssl/wolfcrypt/md4.h create mode 100644 3P/wolfssl/wolfssl/wolfcrypt/md5.h create mode 100644 3P/wolfssl/wolfssl/wolfcrypt/memory.h create mode 100644 3P/wolfssl/wolfssl/wolfcrypt/misc.h create mode 100644 3P/wolfssl/wolfssl/wolfcrypt/mpi_class.h create mode 100644 3P/wolfssl/wolfssl/wolfcrypt/mpi_superclass.h create mode 100644 3P/wolfssl/wolfssl/wolfcrypt/pkcs7.h create mode 100644 3P/wolfssl/wolfssl/wolfcrypt/poly1305.h create mode 100644 3P/wolfssl/wolfssl/wolfcrypt/port/pic32/pic32mz-crypt.h create mode 100644 3P/wolfssl/wolfssl/wolfcrypt/pwdbased.h create mode 100644 3P/wolfssl/wolfssl/wolfcrypt/rabbit.h create mode 100644 3P/wolfssl/wolfssl/wolfcrypt/random.h create mode 100644 3P/wolfssl/wolfssl/wolfcrypt/ripemd.h create mode 100644 3P/wolfssl/wolfssl/wolfcrypt/rsa.h create mode 100644 3P/wolfssl/wolfssl/wolfcrypt/settings.h create mode 100644 3P/wolfssl/wolfssl/wolfcrypt/sha.h create mode 100644 3P/wolfssl/wolfssl/wolfcrypt/sha256.h create mode 100644 3P/wolfssl/wolfssl/wolfcrypt/sha512.h create mode 100644 3P/wolfssl/wolfssl/wolfcrypt/tfm.h create mode 100644 3P/wolfssl/wolfssl/wolfcrypt/types.h create mode 100644 3P/wolfssl/wolfssl/wolfcrypt/visibility.h create mode 100644 3P/wolfssl/wolfssl/wolfcrypt/wc_port.h create mode 100644 3P/wolfssl/wolfssl64.sln diff --git a/3P/wolfssl/AUTHORS b/3P/wolfssl/AUTHORS new file mode 100644 index 00000000..e69de29b diff --git a/3P/wolfssl/COPYING b/3P/wolfssl/COPYING new file mode 100644 index 00000000..d159169d --- /dev/null +++ b/3P/wolfssl/COPYING @@ -0,0 +1,339 @@ + GNU GENERAL PUBLIC LICENSE + Version 2, June 1991 + + Copyright (C) 1989, 1991 Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + Everyone is permitted to copy and distribute verbatim copies + of this license document, but changing it is not allowed. + + Preamble + + The licenses for most software are designed to take away your +freedom to share and change it. By contrast, the GNU General Public +License is intended to guarantee your freedom to share and change free +software--to make sure the software is free for all its users. This +General Public License applies to most of the Free Software +Foundation's software and to any other program whose authors commit to +using it. (Some other Free Software Foundation software is covered by +the GNU Lesser General Public License instead.) You can apply it to +your programs, too. + + When we speak of free software, we are referring to freedom, not +price. Our General Public Licenses are designed to make sure that you +have the freedom to distribute copies of free software (and charge for +this service if you wish), that you receive source code or can get it +if you want it, that you can change the software or use pieces of it +in new free programs; and that you know you can do these things. + + To protect your rights, we need to make restrictions that forbid +anyone to deny you these rights or to ask you to surrender the rights. +These restrictions translate to certain responsibilities for you if you +distribute copies of the software, or if you modify it. + + For example, if you distribute copies of such a program, whether +gratis or for a fee, you must give the recipients all the rights that +you have. You must make sure that they, too, receive or can get the +source code. And you must show them these terms so they know their +rights. + + We protect your rights with two steps: (1) copyright the software, and +(2) offer you this license which gives you legal permission to copy, +distribute and/or modify the software. + + Also, for each author's protection and ours, we want to make certain +that everyone understands that there is no warranty for this free +software. If the software is modified by someone else and passed on, we +want its recipients to know that what they have is not the original, so +that any problems introduced by others will not reflect on the original +authors' reputations. + + Finally, any free program is threatened constantly by software +patents. We wish to avoid the danger that redistributors of a free +program will individually obtain patent licenses, in effect making the +program proprietary. To prevent this, we have made it clear that any +patent must be licensed for everyone's free use or not licensed at all. + + The precise terms and conditions for copying, distribution and +modification follow. + + GNU GENERAL PUBLIC LICENSE + TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION + + 0. This License applies to any program or other work which contains +a notice placed by the copyright holder saying it may be distributed +under the terms of this General Public License. The "Program", below, +refers to any such program or work, and a "work based on the Program" +means either the Program or any derivative work under copyright law: +that is to say, a work containing the Program or a portion of it, +either verbatim or with modifications and/or translated into another +language. (Hereinafter, translation is included without limitation in +the term "modification".) Each licensee is addressed as "you". + +Activities other than copying, distribution and modification are not +covered by this License; they are outside its scope. The act of +running the Program is not restricted, and the output from the Program +is covered only if its contents constitute a work based on the +Program (independent of having been made by running the Program). +Whether that is true depends on what the Program does. + + 1. You may copy and distribute verbatim copies of the Program's +source code as you receive it, in any medium, provided that you +conspicuously and appropriately publish on each copy an appropriate +copyright notice and disclaimer of warranty; keep intact all the +notices that refer to this License and to the absence of any warranty; +and give any other recipients of the Program a copy of this License +along with the Program. + +You may charge a fee for the physical act of transferring a copy, and +you may at your option offer warranty protection in exchange for a fee. + + 2. You may modify your copy or copies of the Program or any portion +of it, thus forming a work based on the Program, and copy and +distribute such modifications or work under the terms of Section 1 +above, provided that you also meet all of these conditions: + + a) You must cause the modified files to carry prominent notices + stating that you changed the files and the date of any change. + + b) You must cause any work that you distribute or publish, that in + whole or in part contains or is derived from the Program or any + part thereof, to be licensed as a whole at no charge to all third + parties under the terms of this License. + + c) If the modified program normally reads commands interactively + when run, you must cause it, when started running for such + interactive use in the most ordinary way, to print or display an + announcement including an appropriate copyright notice and a + notice that there is no warranty (or else, saying that you provide + a warranty) and that users may redistribute the program under + these conditions, and telling the user how to view a copy of this + License. (Exception: if the Program itself is interactive but + does not normally print such an announcement, your work based on + the Program is not required to print an announcement.) + +These requirements apply to the modified work as a whole. If +identifiable sections of that work are not derived from the Program, +and can be reasonably considered independent and separate works in +themselves, then this License, and its terms, do not apply to those +sections when you distribute them as separate works. But when you +distribute the same sections as part of a whole which is a work based +on the Program, the distribution of the whole must be on the terms of +this License, whose permissions for other licensees extend to the +entire whole, and thus to each and every part regardless of who wrote it. + +Thus, it is not the intent of this section to claim rights or contest +your rights to work written entirely by you; rather, the intent is to +exercise the right to control the distribution of derivative or +collective works based on the Program. + +In addition, mere aggregation of another work not based on the Program +with the Program (or with a work based on the Program) on a volume of +a storage or distribution medium does not bring the other work under +the scope of this License. + + 3. You may copy and distribute the Program (or a work based on it, +under Section 2) in object code or executable form under the terms of +Sections 1 and 2 above provided that you also do one of the following: + + a) Accompany it with the complete corresponding machine-readable + source code, which must be distributed under the terms of Sections + 1 and 2 above on a medium customarily used for software interchange; or, + + b) Accompany it with a written offer, valid for at least three + years, to give any third party, for a charge no more than your + cost of physically performing source distribution, a complete + machine-readable copy of the corresponding source code, to be + distributed under the terms of Sections 1 and 2 above on a medium + customarily used for software interchange; or, + + c) Accompany it with the information you received as to the offer + to distribute corresponding source code. (This alternative is + allowed only for noncommercial distribution and only if you + received the program in object code or executable form with such + an offer, in accord with Subsection b above.) + +The source code for a work means the preferred form of the work for +making modifications to it. For an executable work, complete source +code means all the source code for all modules it contains, plus any +associated interface definition files, plus the scripts used to +control compilation and installation of the executable. However, as a +special exception, the source code distributed need not include +anything that is normally distributed (in either source or binary +form) with the major components (compiler, kernel, and so on) of the +operating system on which the executable runs, unless that component +itself accompanies the executable. + +If distribution of executable or object code is made by offering +access to copy from a designated place, then offering equivalent +access to copy the source code from the same place counts as +distribution of the source code, even though third parties are not +compelled to copy the source along with the object code. + + 4. You may not copy, modify, sublicense, or distribute the Program +except as expressly provided under this License. Any attempt +otherwise to copy, modify, sublicense or distribute the Program is +void, and will automatically terminate your rights under this License. +However, parties who have received copies, or rights, from you under +this License will not have their licenses terminated so long as such +parties remain in full compliance. + + 5. You are not required to accept this License, since you have not +signed it. However, nothing else grants you permission to modify or +distribute the Program or its derivative works. These actions are +prohibited by law if you do not accept this License. Therefore, by +modifying or distributing the Program (or any work based on the +Program), you indicate your acceptance of this License to do so, and +all its terms and conditions for copying, distributing or modifying +the Program or works based on it. + + 6. Each time you redistribute the Program (or any work based on the +Program), the recipient automatically receives a license from the +original licensor to copy, distribute or modify the Program subject to +these terms and conditions. You may not impose any further +restrictions on the recipients' exercise of the rights granted herein. +You are not responsible for enforcing compliance by third parties to +this License. + + 7. If, as a consequence of a court judgment or allegation of patent +infringement or for any other reason (not limited to patent issues), +conditions are imposed on you (whether by court order, agreement or +otherwise) that contradict the conditions of this License, they do not +excuse you from the conditions of this License. If you cannot +distribute so as to satisfy simultaneously your obligations under this +License and any other pertinent obligations, then as a consequence you +may not distribute the Program at all. For example, if a patent +license would not permit royalty-free redistribution of the Program by +all those who receive copies directly or indirectly through you, then +the only way you could satisfy both it and this License would be to +refrain entirely from distribution of the Program. + +If any portion of this section is held invalid or unenforceable under +any particular circumstance, the balance of the section is intended to +apply and the section as a whole is intended to apply in other +circumstances. + +It is not the purpose of this section to induce you to infringe any +patents or other property right claims or to contest validity of any +such claims; this section has the sole purpose of protecting the +integrity of the free software distribution system, which is +implemented by public license practices. Many people have made +generous contributions to the wide range of software distributed +through that system in reliance on consistent application of that +system; it is up to the author/donor to decide if he or she is willing +to distribute software through any other system and a licensee cannot +impose that choice. + +This section is intended to make thoroughly clear what is believed to +be a consequence of the rest of this License. + + 8. If the distribution and/or use of the Program is restricted in +certain countries either by patents or by copyrighted interfaces, the +original copyright holder who places the Program under this License +may add an explicit geographical distribution limitation excluding +those countries, so that distribution is permitted only in or among +countries not thus excluded. In such case, this License incorporates +the limitation as if written in the body of this License. + + 9. The Free Software Foundation may publish revised and/or new versions +of the General Public License from time to time. Such new versions will +be similar in spirit to the present version, but may differ in detail to +address new problems or concerns. + +Each version is given a distinguishing version number. If the Program +specifies a version number of this License which applies to it and "any +later version", you have the option of following the terms and conditions +either of that version or of any later version published by the Free +Software Foundation. If the Program does not specify a version number of +this License, you may choose any version ever published by the Free Software +Foundation. + + 10. If you wish to incorporate parts of the Program into other free +programs whose distribution conditions are different, write to the author +to ask for permission. For software which is copyrighted by the Free +Software Foundation, write to the Free Software Foundation; we sometimes +make exceptions for this. Our decision will be guided by the two goals +of preserving the free status of all derivatives of our free software and +of promoting the sharing and reuse of software generally. + + NO WARRANTY + + 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY +FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN +OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES +PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED +OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS +TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE +PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, +REPAIR OR CORRECTION. + + 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING +WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR +REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, +INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING +OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED +TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY +YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER +PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE +POSSIBILITY OF SUCH DAMAGES. + + END OF TERMS AND CONDITIONS + + How to Apply These Terms to Your New Programs + + If you develop a new program, and you want it to be of the greatest +possible use to the public, the best way to achieve this is to make it +free software which everyone can redistribute and change under these terms. + + To do so, attach the following notices to the program. It is safest +to attach them to the start of each source file to most effectively +convey the exclusion of warranty; and each file should have at least +the "copyright" line and a pointer to where the full notice is found. + + + Copyright (C) + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License along + with this program; if not, write to the Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + +Also add information on how to contact you by electronic and paper mail. + +If the program is interactive, make it output a short notice like this +when it starts in an interactive mode: + + Gnomovision version 69, Copyright (C) year name of author + Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. + This is free software, and you are welcome to redistribute it + under certain conditions; type `show c' for details. + +The hypothetical commands `show w' and `show c' should show the appropriate +parts of the General Public License. Of course, the commands you use may +be called something other than `show w' and `show c'; they could even be +mouse-clicks or menu items--whatever suits your program. + +You should also get your employer (if you work as a programmer) or your +school, if any, to sign a "copyright disclaimer" for the program, if +necessary. Here is a sample; alter the names: + + Yoyodyne, Inc., hereby disclaims all copyright interest in the program + `Gnomovision' (which makes passes at compilers) written by James Hacker. + + , 1 April 1989 + Ty Coon, President of Vice + +This General Public License does not permit incorporating your program into +proprietary programs. If your program is a subroutine library, you may +consider it more useful to permit linking proprietary applications with the +library. If this is what you want to do, use the GNU Lesser General +Public License instead of this License. diff --git a/3P/wolfssl/ChangeLog b/3P/wolfssl/ChangeLog new file mode 100644 index 00000000..e69de29b diff --git a/3P/wolfssl/IDE/IAR-EWARM/Projects/CyaSSL-Lib/CyaSSL-Lib.ewp b/3P/wolfssl/IDE/IAR-EWARM/Projects/CyaSSL-Lib/CyaSSL-Lib.ewp new file mode 100644 index 00000000..bc278a46 --- /dev/null +++ b/3P/wolfssl/IDE/IAR-EWARM/Projects/CyaSSL-Lib/CyaSSL-Lib.ewp @@ -0,0 +1,2000 @@ + + + + 2 + + Debug + + ARM + + 1 + + General + 3 + + 22 + 1 + 1 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + ICCARM + 2 + + 29 + 1 + 1 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + AARM + 2 + + 9 + 1 + 1 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + OBJCOPY + 0 + + 1 + 1 + 1 + + + + + + + + + CUSTOM + 3 + + + + + + + BICOMP + 0 + + + + BUILDACTION + 1 + + + + + + + ILINK + 0 + + 16 + 1 + 1 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + IARCHIVE + 0 + + 0 + 1 + 1 + + + + + + + BILINK + 0 + + + + + Release + + ARM + + 0 + + General + 3 + + 22 + 1 + 0 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + ICCARM + 2 + + 29 + 1 + 0 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + AARM + 2 + + 9 + 1 + 0 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + OBJCOPY + 0 + + 1 + 1 + 0 + + + + + + + + + CUSTOM + 3 + + + + + + + BICOMP + 0 + + + + BUILDACTION + 1 + + + + + + + ILINK + 0 + + 16 + 1 + 0 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + IARCHIVE + 0 + + 0 + 1 + 0 + + + + + + + BILINK + 0 + + + + + CyaSSL + + $PROJ_DIR$\..\..\..\..\src\crl.c + + + $PROJ_DIR$\..\..\..\..\src\internal.c + + + $PROJ_DIR$\..\..\..\..\src\io.c + + + $PROJ_DIR$\..\..\..\..\src\keys.c + + + $PROJ_DIR$\..\..\..\..\src\ocsp.c + + + $PROJ_DIR$\..\..\..\..\src\sniffer.c + + + $PROJ_DIR$\..\..\..\..\src\ssl.c + + + $PROJ_DIR$\..\..\..\..\src\tls.c + + + + wolfCrypt + + $PROJ_DIR$\..\..\..\..\ctaocrypt\src\aes.c + + + $PROJ_DIR$\..\..\..\..\ctaocrypt\src\arc4.c + + + $PROJ_DIR$\..\..\..\..\ctaocrypt\src\asm.c + + + $PROJ_DIR$\..\..\..\..\ctaocrypt\src\asn.c + + + $PROJ_DIR$\..\..\..\..\ctaocrypt\src\blake2b.c + + + $PROJ_DIR$\..\..\..\..\ctaocrypt\src\camellia.c + + + $PROJ_DIR$\..\..\..\..\ctaocrypt\src\coding.c + + + $PROJ_DIR$\..\..\..\..\ctaocrypt\src\compress.c + + + $PROJ_DIR$\..\..\..\..\ctaocrypt\src\des3.c + + + $PROJ_DIR$\..\..\..\..\ctaocrypt\src\dh.c + + + $PROJ_DIR$\..\..\..\..\ctaocrypt\src\dsa.c + + + $PROJ_DIR$\..\..\..\..\ctaocrypt\src\ecc.c + + + $PROJ_DIR$\..\..\..\..\ctaocrypt\src\ecc_fp.c + + + $PROJ_DIR$\..\..\..\..\ctaocrypt\src\error.c + + + $PROJ_DIR$\..\..\..\..\ctaocrypt\src\hc128.c + + + $PROJ_DIR$\..\..\..\..\ctaocrypt\src\hmac.c + + + $PROJ_DIR$\..\..\..\..\ctaocrypt\src\integer.c + + + $PROJ_DIR$\..\..\..\..\ctaocrypt\src\logging.c + + + $PROJ_DIR$\..\..\..\..\ctaocrypt\src\md2.c + + + $PROJ_DIR$\..\..\..\..\ctaocrypt\src\md4.c + + + $PROJ_DIR$\..\..\..\..\ctaocrypt\src\md5.c + + + $PROJ_DIR$\..\..\..\..\ctaocrypt\src\memory.c + + + $PROJ_DIR$\..\..\..\..\ctaocrypt\src\misc.c + + + $PROJ_DIR$\..\..\..\..\ctaocrypt\src\wc_port.c + + + $PROJ_DIR$\..\..\..\..\ctaocrypt\src\pwdbased.c + + + $PROJ_DIR$\..\..\..\..\ctaocrypt\src\rabbit.c + + + $PROJ_DIR$\..\..\..\..\ctaocrypt\src\random.c + + + $PROJ_DIR$\..\..\..\..\ctaocrypt\src\ripemd.c + + + $PROJ_DIR$\..\..\..\..\ctaocrypt\src\rsa.c + + + $PROJ_DIR$\..\..\..\..\ctaocrypt\src\sha.c + + + $PROJ_DIR$\..\..\..\..\ctaocrypt\src\sha256.c + + + $PROJ_DIR$\..\..\..\..\ctaocrypt\src\sha512.c + + + $PROJ_DIR$\..\..\..\..\ctaocrypt\src\tfm.c + + + + + diff --git a/3P/wolfssl/IDE/IAR-EWARM/Projects/CyaSSL-Lib/CyaSSL-Lib.eww b/3P/wolfssl/IDE/IAR-EWARM/Projects/CyaSSL-Lib/CyaSSL-Lib.eww new file mode 100644 index 00000000..9702cae0 --- /dev/null +++ b/3P/wolfssl/IDE/IAR-EWARM/Projects/CyaSSL-Lib/CyaSSL-Lib.eww @@ -0,0 +1,16 @@ + + + + + $WS_DIR$\CyaSSL-Lib.ewp + + + $WS_DIR$\wolfCrypt-benchmark.ewp + + + $WS_DIR$\wolfCrypt-test.ewp + + + + + diff --git a/3P/wolfssl/IDE/IAR-EWARM/Projects/CyaSSL-Lib/benchmark-main.c b/3P/wolfssl/IDE/IAR-EWARM/Projects/CyaSSL-Lib/benchmark-main.c new file mode 100644 index 00000000..113fc4d2 --- /dev/null +++ b/3P/wolfssl/IDE/IAR-EWARM/Projects/CyaSSL-Lib/benchmark-main.c @@ -0,0 +1,40 @@ +/* benchmark-main.c + * + * Copyright (C) 2006-2015 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + */ + +#include "stdio.h" + +typedef struct func_args { + int argc; + char** argv; + int return_code; +} func_args; + +func_args args = { 0 } ; + +extern int benchmark_test(void *args) ; + +main(void) { + benchmark_test(&args) ; + return 0; +} + + + diff --git a/3P/wolfssl/IDE/IAR-EWARM/Projects/CyaSSL-Lib/test-main.c b/3P/wolfssl/IDE/IAR-EWARM/Projects/CyaSSL-Lib/test-main.c new file mode 100644 index 00000000..5ebfe321 --- /dev/null +++ b/3P/wolfssl/IDE/IAR-EWARM/Projects/CyaSSL-Lib/test-main.c @@ -0,0 +1,36 @@ +/* test-main.c + * + * Copyright (C) 2006-2015 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + */ + + +typedef struct func_args { + int argc; + char** argv; + int return_code; +} func_args; + +func_args args = { 0 } ; + +extern int ctaocrypt_test(void *args) ; + +main(void) { + ctaocrypt_test(&args) ; + return 0; +} diff --git a/3P/wolfssl/IDE/IAR-EWARM/Projects/CyaSSL-Lib/wolfCrypt-benchmark.ewd b/3P/wolfssl/IDE/IAR-EWARM/Projects/CyaSSL-Lib/wolfCrypt-benchmark.ewd new file mode 100644 index 00000000..0bf90e8e --- /dev/null +++ b/3P/wolfssl/IDE/IAR-EWARM/Projects/CyaSSL-Lib/wolfCrypt-benchmark.ewd @@ -0,0 +1,2601 @@ + + + + 2 + + Debug + + ARM + + 1 + + C-SPY + 2 + + 25 + 1 + 1 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + ARMSIM_ID + 2 + + 1 + 1 + 1 + + + + + + + + ANGEL_ID + 2 + + 0 + 1 + 1 + + + + + + + + + + + + CMSISDAP_ID + 2 + + 0 + 1 + 1 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + GDBSERVER_ID + 2 + + 0 + 1 + 1 + + + + + + + + + + + IARROM_ID + 2 + + 1 + 1 + 1 + + + + + + + + + IJET_ID + 2 + + 2 + 1 + 1 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + JLINK_ID + 2 + + 15 + 1 + 1 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + LMIFTDI_ID + 2 + + 2 + 1 + 1 + + + + + + + + + + MACRAIGOR_ID + 2 + + 3 + 1 + 1 + + + + + + + + + + + + + + + + + + + + + + + PEMICRO_ID + 2 + + 1 + 1 + 1 + + + + + + + + + + + + + + + + + + + RDI_ID + 2 + + 2 + 1 + 1 + + + + + + + + + + + + + + + + STLINK_ID + 2 + + 2 + 1 + 1 + + + + + + + + + + + THIRDPARTY_ID + 2 + + 0 + 1 + 1 + + + + + + + + XDS100_ID + 2 + + 2 + 1 + 1 + + + + + + + + + + + + + $TOOLKIT_DIR$\plugins\middleware\HCCWare\HCCWare.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\AVIX\AVIX.ENU.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\CMX\CmxArmPlugin.ENU.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\CMX\CmxTinyArmPlugin.ENU.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\embOS\embOSPlugin.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\MQX\MQXRtosPlugin.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\OpenRTOS\OpenRTOSPlugin.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\PowerPac\PowerPacRTOS.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\Quadros\Quadros_EWB6_Plugin.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\SafeRTOS\SafeRTOSPlugin.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\ThreadX\ThreadXArmPlugin.ENU.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\uCOS-II\uCOS-II-286-KA-CSpy.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\uCOS-II\uCOS-II-KA-CSpy.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\uCOS-III\uCOS-III-KA-CSpy.ewplugin + 0 + + + $EW_DIR$\common\plugins\CodeCoverage\CodeCoverage.ENU.ewplugin + 1 + + + $EW_DIR$\common\plugins\Orti\Orti.ENU.ewplugin + 0 + + + $EW_DIR$\common\plugins\SymList\SymList.ENU.ewplugin + 1 + + + $EW_DIR$\common\plugins\uCProbe\uCProbePlugin.ENU.ewplugin + 0 + + + + + Release + + ARM + + 0 + + C-SPY + 2 + + 25 + 1 + 0 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + ARMSIM_ID + 2 + + 1 + 1 + 0 + + + + + + + + ANGEL_ID + 2 + + 0 + 1 + 0 + + + + + + + + + + + + CMSISDAP_ID + 2 + + 0 + 1 + 0 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + GDBSERVER_ID + 2 + + 0 + 1 + 0 + + + + + + + + + + + IARROM_ID + 2 + + 1 + 1 + 0 + + + + + + + + + IJET_ID + 2 + + 2 + 1 + 0 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + JLINK_ID + 2 + + 15 + 1 + 0 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + LMIFTDI_ID + 2 + + 2 + 1 + 0 + + + + + + + + + + MACRAIGOR_ID + 2 + + 3 + 1 + 0 + + + + + + + + + + + + + + + + + + + + + + + PEMICRO_ID + 2 + + 1 + 1 + 0 + + + + + + + + + + + + + + + + + + + RDI_ID + 2 + + 2 + 1 + 0 + + + + + + + + + + + + + + + + STLINK_ID + 2 + + 2 + 1 + 0 + + + + + + + + + + + THIRDPARTY_ID + 2 + + 0 + 1 + 0 + + + + + + + + XDS100_ID + 2 + + 2 + 1 + 0 + + + + + + + + + + + + + $TOOLKIT_DIR$\plugins\middleware\HCCWare\HCCWare.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\AVIX\AVIX.ENU.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\CMX\CmxArmPlugin.ENU.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\CMX\CmxTinyArmPlugin.ENU.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\embOS\embOSPlugin.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\MQX\MQXRtosPlugin.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\OpenRTOS\OpenRTOSPlugin.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\PowerPac\PowerPacRTOS.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\Quadros\Quadros_EWB6_Plugin.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\SafeRTOS\SafeRTOSPlugin.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\ThreadX\ThreadXArmPlugin.ENU.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\uCOS-II\uCOS-II-286-KA-CSpy.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\uCOS-II\uCOS-II-KA-CSpy.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\uCOS-III\uCOS-III-KA-CSpy.ewplugin + 0 + + + $EW_DIR$\common\plugins\CodeCoverage\CodeCoverage.ENU.ewplugin + 1 + + + $EW_DIR$\common\plugins\Orti\Orti.ENU.ewplugin + 0 + + + $EW_DIR$\common\plugins\SymList\SymList.ENU.ewplugin + 1 + + + $EW_DIR$\common\plugins\uCProbe\uCProbePlugin.ENU.ewplugin + 0 + + + + + + diff --git a/3P/wolfssl/IDE/IAR-EWARM/Projects/CyaSSL-Lib/wolfCrypt-benchmark.ewp b/3P/wolfssl/IDE/IAR-EWARM/Projects/CyaSSL-Lib/wolfCrypt-benchmark.ewp new file mode 100644 index 00000000..d61e0a0e --- /dev/null +++ b/3P/wolfssl/IDE/IAR-EWARM/Projects/CyaSSL-Lib/wolfCrypt-benchmark.ewp @@ -0,0 +1,1877 @@ + + + + 2 + + Debug + + ARM + + 1 + + General + 3 + + 22 + 1 + 1 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + ICCARM + 2 + + 29 + 1 + 1 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + AARM + 2 + + 9 + 1 + 1 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + OBJCOPY + 0 + + 1 + 1 + 1 + + + + + + + + + CUSTOM + 3 + + + + + + + BICOMP + 0 + + + + BUILDACTION + 1 + + + + + + + ILINK + 0 + + 16 + 1 + 1 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + IARCHIVE + 0 + + 0 + 1 + 1 + + + + + + + BILINK + 0 + + + + + Release + + ARM + + 0 + + General + 3 + + 22 + 1 + 0 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + ICCARM + 2 + + 29 + 1 + 0 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + AARM + 2 + + 9 + 1 + 0 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + OBJCOPY + 0 + + 1 + 1 + 0 + + + + + + + + + CUSTOM + 3 + + + + + + + BICOMP + 0 + + + + BUILDACTION + 1 + + + + + + + ILINK + 0 + + 16 + 1 + 0 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + IARCHIVE + 0 + + 0 + 1 + 0 + + + + + + + BILINK + 0 + + + + + $PROJ_DIR$\benchmark-main.c + + + $PROJ_DIR$\..\..\..\..\ctaocrypt\benchmark\benchmark.c + + + + diff --git a/3P/wolfssl/IDE/IAR-EWARM/Projects/CyaSSL-Lib/wolfCrypt-benchmark.icf b/3P/wolfssl/IDE/IAR-EWARM/Projects/CyaSSL-Lib/wolfCrypt-benchmark.icf new file mode 100644 index 00000000..a4ab009e --- /dev/null +++ b/3P/wolfssl/IDE/IAR-EWARM/Projects/CyaSSL-Lib/wolfCrypt-benchmark.icf @@ -0,0 +1,32 @@ +/*###ICF### Section handled by ICF editor, don't touch! ****/ +/*-Editor annotation file-*/ +/* IcfEditorFile="$TOOLKIT_DIR$\config\ide\IcfEditor\cortex_v1_0.xml" */ +/*-Specials-*/ +define symbol __ICFEDIT_intvec_start__ = 0x00000000; +/*-Memory Regions-*/ +define symbol __ICFEDIT_region_ROM_start__ = 0x00000000; +define symbol __ICFEDIT_region_ROM_end__ = 0x0007FFFF; +define symbol __ICFEDIT_region_RAM_start__ = 0x20000000; +define symbol __ICFEDIT_region_RAM_end__ = 0x2000FFFF; +/*-Sizes-*/ +define symbol __ICFEDIT_size_cstack__ = 0x2000; +define symbol __ICFEDIT_size_heap__ = 0x2000; +/**** End of ICF editor section. ###ICF###*/ + + +define memory mem with size = 4G; +define region ROM_region = mem:[from __ICFEDIT_region_ROM_start__ to __ICFEDIT_region_ROM_end__]; +define region RAM_region = mem:[from __ICFEDIT_region_RAM_start__ to __ICFEDIT_region_RAM_end__]; + +define block CSTACK with alignment = 8, size = __ICFEDIT_size_cstack__ { }; +define block HEAP with alignment = 8, size = __ICFEDIT_size_heap__ { }; + +initialize by copy { readwrite }; +//initialize by copy with packing = none { section __DLIB_PERTHREAD }; // Required in a multi-threaded application +do not initialize { section .noinit }; + +place at address mem:__ICFEDIT_intvec_start__ { readonly section .intvec }; + +place in ROM_region { readonly }; +place in RAM_region { readwrite, + block CSTACK, block HEAP }; \ No newline at end of file diff --git a/3P/wolfssl/IDE/IAR-EWARM/Projects/CyaSSL-Lib/wolfCrypt-test.ewd b/3P/wolfssl/IDE/IAR-EWARM/Projects/CyaSSL-Lib/wolfCrypt-test.ewd new file mode 100644 index 00000000..6c2de8d1 --- /dev/null +++ b/3P/wolfssl/IDE/IAR-EWARM/Projects/CyaSSL-Lib/wolfCrypt-test.ewd @@ -0,0 +1,2601 @@ + + + + 2 + + Debug + + ARM + + 1 + + C-SPY + 2 + + 25 + 1 + 1 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + ARMSIM_ID + 2 + + 1 + 1 + 1 + + + + + + + + ANGEL_ID + 2 + + 0 + 1 + 1 + + + + + + + + + + + + CMSISDAP_ID + 2 + + 0 + 1 + 1 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + GDBSERVER_ID + 2 + + 0 + 1 + 1 + + + + + + + + + + + IARROM_ID + 2 + + 1 + 1 + 1 + + + + + + + + + IJET_ID + 2 + + 2 + 1 + 1 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + JLINK_ID + 2 + + 15 + 1 + 1 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + LMIFTDI_ID + 2 + + 2 + 1 + 1 + + + + + + + + + + MACRAIGOR_ID + 2 + + 3 + 1 + 1 + + + + + + + + + + + + + + + + + + + + + + + PEMICRO_ID + 2 + + 1 + 1 + 1 + + + + + + + + + + + + + + + + + + + RDI_ID + 2 + + 2 + 1 + 1 + + + + + + + + + + + + + + + + STLINK_ID + 2 + + 2 + 1 + 1 + + + + + + + + + + + THIRDPARTY_ID + 2 + + 0 + 1 + 1 + + + + + + + + XDS100_ID + 2 + + 2 + 1 + 1 + + + + + + + + + + + + + $TOOLKIT_DIR$\plugins\middleware\HCCWare\HCCWare.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\AVIX\AVIX.ENU.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\CMX\CmxArmPlugin.ENU.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\CMX\CmxTinyArmPlugin.ENU.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\embOS\embOSPlugin.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\MQX\MQXRtosPlugin.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\OpenRTOS\OpenRTOSPlugin.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\PowerPac\PowerPacRTOS.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\Quadros\Quadros_EWB6_Plugin.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\SafeRTOS\SafeRTOSPlugin.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\ThreadX\ThreadXArmPlugin.ENU.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\uCOS-II\uCOS-II-286-KA-CSpy.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\uCOS-II\uCOS-II-KA-CSpy.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\uCOS-III\uCOS-III-KA-CSpy.ewplugin + 0 + + + $EW_DIR$\common\plugins\CodeCoverage\CodeCoverage.ENU.ewplugin + 1 + + + $EW_DIR$\common\plugins\Orti\Orti.ENU.ewplugin + 0 + + + $EW_DIR$\common\plugins\SymList\SymList.ENU.ewplugin + 1 + + + $EW_DIR$\common\plugins\uCProbe\uCProbePlugin.ENU.ewplugin + 0 + + + + + Release + + ARM + + 0 + + C-SPY + 2 + + 25 + 1 + 0 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + ARMSIM_ID + 2 + + 1 + 1 + 0 + + + + + + + + ANGEL_ID + 2 + + 0 + 1 + 0 + + + + + + + + + + + + CMSISDAP_ID + 2 + + 0 + 1 + 0 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + GDBSERVER_ID + 2 + + 0 + 1 + 0 + + + + + + + + + + + IARROM_ID + 2 + + 1 + 1 + 0 + + + + + + + + + IJET_ID + 2 + + 2 + 1 + 0 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + JLINK_ID + 2 + + 15 + 1 + 0 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + LMIFTDI_ID + 2 + + 2 + 1 + 0 + + + + + + + + + + MACRAIGOR_ID + 2 + + 3 + 1 + 0 + + + + + + + + + + + + + + + + + + + + + + + PEMICRO_ID + 2 + + 1 + 1 + 0 + + + + + + + + + + + + + + + + + + + RDI_ID + 2 + + 2 + 1 + 0 + + + + + + + + + + + + + + + + STLINK_ID + 2 + + 2 + 1 + 0 + + + + + + + + + + + THIRDPARTY_ID + 2 + + 0 + 1 + 0 + + + + + + + + XDS100_ID + 2 + + 2 + 1 + 0 + + + + + + + + + + + + + $TOOLKIT_DIR$\plugins\middleware\HCCWare\HCCWare.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\AVIX\AVIX.ENU.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\CMX\CmxArmPlugin.ENU.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\CMX\CmxTinyArmPlugin.ENU.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\embOS\embOSPlugin.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\MQX\MQXRtosPlugin.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\OpenRTOS\OpenRTOSPlugin.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\PowerPac\PowerPacRTOS.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\Quadros\Quadros_EWB6_Plugin.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\SafeRTOS\SafeRTOSPlugin.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\ThreadX\ThreadXArmPlugin.ENU.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\uCOS-II\uCOS-II-286-KA-CSpy.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\uCOS-II\uCOS-II-KA-CSpy.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\uCOS-III\uCOS-III-KA-CSpy.ewplugin + 0 + + + $EW_DIR$\common\plugins\CodeCoverage\CodeCoverage.ENU.ewplugin + 1 + + + $EW_DIR$\common\plugins\Orti\Orti.ENU.ewplugin + 0 + + + $EW_DIR$\common\plugins\SymList\SymList.ENU.ewplugin + 1 + + + $EW_DIR$\common\plugins\uCProbe\uCProbePlugin.ENU.ewplugin + 0 + + + + + + diff --git a/3P/wolfssl/IDE/IAR-EWARM/Projects/CyaSSL-Lib/wolfCrypt-test.ewp b/3P/wolfssl/IDE/IAR-EWARM/Projects/CyaSSL-Lib/wolfCrypt-test.ewp new file mode 100644 index 00000000..60e146e4 --- /dev/null +++ b/3P/wolfssl/IDE/IAR-EWARM/Projects/CyaSSL-Lib/wolfCrypt-test.ewp @@ -0,0 +1,1877 @@ + + + + 2 + + Debug + + ARM + + 1 + + General + 3 + + 22 + 1 + 1 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + ICCARM + 2 + + 29 + 1 + 1 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + AARM + 2 + + 9 + 1 + 1 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + OBJCOPY + 0 + + 1 + 1 + 1 + + + + + + + + + CUSTOM + 3 + + + + + + + BICOMP + 0 + + + + BUILDACTION + 1 + + + + + + + ILINK + 0 + + 16 + 1 + 1 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + IARCHIVE + 0 + + 0 + 1 + 1 + + + + + + + BILINK + 0 + + + + + Release + + ARM + + 0 + + General + 3 + + 22 + 1 + 0 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + ICCARM + 2 + + 29 + 1 + 0 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + AARM + 2 + + 9 + 1 + 0 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + OBJCOPY + 0 + + 1 + 1 + 0 + + + + + + + + + CUSTOM + 3 + + + + + + + BICOMP + 0 + + + + BUILDACTION + 1 + + + + + + + ILINK + 0 + + 16 + 1 + 0 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + IARCHIVE + 0 + + 0 + 1 + 0 + + + + + + + BILINK + 0 + + + + + $PROJ_DIR$\test-main.c + + + $PROJ_DIR$\..\..\..\..\ctaocrypt\test\test.c + + + + diff --git a/3P/wolfssl/IDE/IAR-EWARM/Projects/CyaSSL-Lib/wolfCrypt-test.icf b/3P/wolfssl/IDE/IAR-EWARM/Projects/CyaSSL-Lib/wolfCrypt-test.icf new file mode 100644 index 00000000..211d253d --- /dev/null +++ b/3P/wolfssl/IDE/IAR-EWARM/Projects/CyaSSL-Lib/wolfCrypt-test.icf @@ -0,0 +1,31 @@ +/*###ICF### Section handled by ICF editor, don't touch! ****/ +/*-Editor annotation file-*/ +/* IcfEditorFile="$TOOLKIT_DIR$\config\ide\IcfEditor\cortex_v1_0.xml" */ +/*-Specials-*/ +define symbol __ICFEDIT_intvec_start__ = 0x0; +/*-Memory Regions-*/ +define symbol __ICFEDIT_region_ROM_start__ = 0x0; +define symbol __ICFEDIT_region_ROM_end__ = 0x000FFFFF; +define symbol __ICFEDIT_region_RAM_start__ = 0x1FFF0000; +define symbol __ICFEDIT_region_RAM_end__ = 0x2000FFFF; +/*-Sizes-*/ +define symbol __ICFEDIT_size_cstack__ = 0x2000; +define symbol __ICFEDIT_size_heap__ = 0x3000; +/**** End of ICF editor section. ###ICF###*/ + + +define memory mem with size = 4G; +define region ROM_region = mem:[from __ICFEDIT_region_ROM_start__ to __ICFEDIT_region_ROM_end__]; +define region RAM_region = mem:[from __ICFEDIT_region_RAM_start__ to __ICFEDIT_region_RAM_end__]; + +define block CSTACK with alignment = 8, size = __ICFEDIT_size_cstack__ { }; +define block HEAP with alignment = 8, size = __ICFEDIT_size_heap__ { }; + +initialize by copy { readwrite }; +do not initialize { section .noinit }; + +place at address mem:__ICFEDIT_intvec_start__ { readonly section .intvec }; + +place in ROM_region { readonly }; +place in RAM_region { readwrite, + block CSTACK, block HEAP }; \ No newline at end of file diff --git a/3P/wolfssl/IDE/IAR-EWARM/README b/3P/wolfssl/IDE/IAR-EWARM/README new file mode 100644 index 00000000..f393cae3 --- /dev/null +++ b/3P/wolfssl/IDE/IAR-EWARM/README @@ -0,0 +1,49 @@ +CyaSSL IAR Project Files + +This directory contains project files for IAR EWARM IDE. These +projects have been set up to generic ARM Cortex-M MPUs. +In order to generate project for specific target MPU, take following steps. + + +Included Project Files +----------------------- +1. Workspace: CyaSSL-Lib.eww + The workspace includes CyaSSL-Lib library and wolfCrypt-test, wolfCrypt-benchmark + executable projects. The library project generates full set library of wolfCrypt + and CyaSSL functions. + +2. Test suites Project: wolfCrypt-test.ewp + generates test.out test suites executable + +3. Benchmark Project: wolfCrypt-benchmark.ewp + generates benchmark.out benchmark executable + +Set Up Steps +------------ +0. Default Setting + Default Target of the projects are set to Cortex-M3 Simulator. + For check the projects, you can build and download to the simulator. + Open Terminal I/O window, by "view"->"Terminal I/O", and start execution. + +1. Project option settings + For each project,... + General Options: Choose appropriate "Target" options + + For executable projects,... + Add "SystemInit" and "startup" for your MPU + Debugger: Choose your debug "Driver" + +2. For benchmark project,... + Write your own "current_time" benchmark timer under "defined(CYASSL_IAR_ARM)" in benchmark.c + +3. settings.h + Uncomment the "CYASSL_IAR_ARM" define located in: + /cyassl/ctaocrypt/settings. + +4. Build and download + Go to "Project->Make" and "Download and Debug" in Menu bar for EWARM build and download. + + +Support +------- +Please send questions or comments to support@wolfssl.com diff --git a/3P/wolfssl/IDE/MDK-ARM/LPC43xx/time-LCP43xx.c b/3P/wolfssl/IDE/MDK-ARM/LPC43xx/time-LCP43xx.c new file mode 100644 index 00000000..8db21967 --- /dev/null +++ b/3P/wolfssl/IDE/MDK-ARM/LPC43xx/time-LCP43xx.c @@ -0,0 +1,166 @@ +/* time.c + * + * Copyright (C) 2006-2015 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +#ifdef HAVE_CONFIG_H + #include +#endif + + +/*----------------------------------------------------------------------------- + * initialize RTC + *----------------------------------------------------------------------------*/ +#include +#include "lpc43xx_rtc.h" +#include "lpc43xx_cgu.h" + +static void init_RTC() +{ + /* Enable GPIO register interface clock */ + LPC_CCU1->CLK_M4_GPIO_CFG |= 1; + while (!(LPC_CCU1->CLK_M4_GPIO_STAT & 1)) ; + + /* RTC Block section ------------------------------------------------------ */ + /* Init RTC module */ + RTC_Init(LPC_RTC); + + /* Set ALARM time for second */ + RTC_SetAlarmTime (LPC_RTC, RTC_TIMETYPE_SECOND, 30); + + /* Set the AMR for 30s match alarm interrupt */ + RTC_AlarmIntConfig (LPC_RTC, RTC_TIMETYPE_SECOND, ENABLE); + + /* Set the CIIR for minute counter interrupt*/ + RTC_CntIncrIntConfig (LPC_RTC, RTC_TIMETYPE_MINUTE, ENABLE); + + /* Enable rtc (starts increase the tick counter and second counter register) */ + RTC_Cmd(LPC_RTC, ENABLE); + +} + +/*----------------------------------------------------------------------------- + * initialize TIM + *----------------------------------------------------------------------------*/ + +#include "lpc43xx_timer.h" + +static void init_TIM() +{ + TIM_TIMERCFG_Type TIM_ConfigStruct; + /* Initialize timer 0, prescale count time of 1uS */ + TIM_ConfigStruct.PrescaleOption = TIM_PRESCALE_TICKVAL; + TIM_ConfigStruct.PrescaleValue = 204; /* 204MHz */ + /* Set configuration for Tim_config and Tim_MatchConfig */ + TIM_Init(LPC_TIMER2, TIM_TIMER_MODE,&TIM_ConfigStruct); + TIM_ResetCounter(LPC_TIMER2); + /* To start timer 2 */ + TIM_Cmd(LPC_TIMER2,ENABLE); +} + +double current_time() +{ + return (double)LPC_TIMER2->TC/1000000.0; +} + + +void init_time(void) { + init_RTC() ; + init_TIM() ; +} + +#include + +struct tm *Cyassl_MDK_gmtime(const time_t *c) +{ + static struct tm date ; + + RTC_TIME_Type RTCFullTime; + RTC_GetFullTime (LPC_RTC, &RTCFullTime); + + date.tm_year = RTCFullTime.YEAR + 100 ; + date.tm_mon = RTCFullTime.MONTH - 1 ; + date.tm_mday = RTCFullTime.DOM ; + date.tm_hour = RTCFullTime.HOUR ; + date.tm_min = RTCFullTime.MIN ; + date.tm_sec = RTCFullTime.SEC ; + + #if defined(DEBUG_CYASSL) + { + extern void CYASSL_MSG(char *msg) ; + char msg[100] ; + sprintf(msg, "Debug::Cyassl_KEIL_gmtime(DATE=/%4d/%02d/%02d TIME=%02d:%02d:%02d)\n", + RTCFullTime.YEAR+2000, RTCFullTime.MONTH, RTCFullTime.DOM, + RTCFullTime.HOUR, RTCFullTime.MIN, RTCFullTime.SEC) ; + CYASSL_MSG(msg) ; + } + #endif + + return(&date) ; +} + +typedef struct func_args { + int argc; + char** argv; + int return_code; +} func_args; + +#include + +void time_main(void *args) +{ + char * datetime ; + int year ; + RTC_TIME_Type RTCFullTime; + + if( args == NULL || ((func_args *)args)->argc == 1) { + RTC_GetFullTime (LPC_RTC, &RTCFullTime); + printf("Date: %d/%d/%d, Time: %02d:%02d:%02d\n", + RTCFullTime.MONTH, RTCFullTime.DOM, RTCFullTime.YEAR+2000, + RTCFullTime.HOUR, RTCFullTime.MIN, RTCFullTime.SEC) ; + } else if(((func_args *)args)->argc == 3 && + ((func_args *)args)->argv[1][0] == '-' && + ((func_args *)args)->argv[1][1] == 'd' ) { + + datetime = ((func_args *)args)->argv[2]; + sscanf(datetime, "%d/%d/%d", + (int *)&RTCFullTime.MONTH, (int *)&RTCFullTime.DOM, &year) ; + RTCFullTime.YEAR = year - 2000 ; + RTC_SetTime (LPC_RTC, RTC_TIMETYPE_MONTH, RTCFullTime.MONTH); + RTC_SetTime (LPC_RTC, RTC_TIMETYPE_YEAR, RTCFullTime.YEAR); + RTC_SetTime (LPC_RTC, RTC_TIMETYPE_DAYOFMONTH, RTCFullTime.DOM); + } else if(((func_args *)args)->argc == 3 && + ((func_args *)args)->argv[1][0] == '-' && + ((func_args *)args)->argv[1][1] == 't' ) { + RTC_GetFullTime (LPC_RTC, &RTCFullTime); + datetime = ((func_args *)args)->argv[2]; + sscanf(datetime, "%d:%d:%d", + (int *)&RTCFullTime.HOUR, + (int *)&RTCFullTime.MIN, + (int *)&RTCFullTime.SEC + ) ; + RTC_SetTime (LPC_RTC, RTC_TIMETYPE_SECOND, RTCFullTime.SEC); + RTC_SetTime (LPC_RTC, RTC_TIMETYPE_MINUTE, RTCFullTime.MIN); + RTC_SetTime (LPC_RTC, RTC_TIMETYPE_HOUR, RTCFullTime.HOUR); + } else printf("Invalid argument\n") ; +} + + + + diff --git a/3P/wolfssl/IDE/MDK-ARM/MDK-ARM/CyaSSL/Retarget.c b/3P/wolfssl/IDE/MDK-ARM/MDK-ARM/CyaSSL/Retarget.c new file mode 100644 index 00000000..bb59c8ce --- /dev/null +++ b/3P/wolfssl/IDE/MDK-ARM/MDK-ARM/CyaSSL/Retarget.c @@ -0,0 +1,261 @@ + +#ifdef HAVE_CONFIG_H + #include +#endif + +#include +#include +#include +#include +#include + + +#include + +#pragma import(__use_no_semihosting_swi) + +/* The following macro definitions may be used to translate this file: + + STDIO - use standard Input/Output device + (default is NOT used) + */ + +/* Standard IO device handles. */ +#define STDIN 0x8001 +#define STDOUT 0x8002 +#define STDERR 0x8003 + +/* Standard IO device name defines. */ +const char __stdin_name[] = "STDIN"; +const char __stdout_name[] = "STDOUT"; +const char __stderr_name[] = "STDERR"; + +struct __FILE { int handle; /* Add whatever you need here */ }; + +#ifdef STDIO +extern int SER_GetChar (void); +extern int SER_PutChar (int ch); + +/*----------------------------------------------------------------------------- + Write character to the Serial Port + *----------------------------------------------------------------------------*/ +int sendchar (int c) +{ + if (c == '\n') { + SER_PutChar ('\r'); + } + SER_PutChar (c); + return (c); +} + + +/*----------------------------------------------------------------------------- + Read character from the Serial Port + *----------------------------------------------------------------------------*/ +int getkey (void) +{ + int ch = SER_GetChar(); + + if (ch < 0) { + return 0; + } + return ch; +} +#endif + +/*--------------------------- _ttywrch ---------------------------------------*/ + +void _ttywrch (int ch) +{ +#ifdef STDIO + sendchar (ch); +#endif +} + +/*--------------------------- _sys_open --------------------------------------*/ +#ifndef NO_FILESYSTEM +static int KEIL_FS_open(const char *name, int openmode) +{ + int i ; int ret ; + #define PATHSIZE 100 + char path[PATHSIZE] ; char *p ; + + if(strlen(name) > PATHSIZE)return(-1) ; + + for(i = 0; i<= strlen(name); i++) { + if(name[i] == '/')path[i] = '\\' ; + else path[i] = name[i] ; + } + if(path[0] == '.' && path[1] == '\\') p = path + 2 ; + else p = path ; + + ret = __sys_open (p, openmode) ; + + return(ret) ; +} +#endif + +FILEHANDLE _sys_open (const char *name, int openmode) +{ + /* Register standard Input Output devices. */ + if (strcmp(name, "STDIN") == 0) { + return (STDIN); + } + if (strcmp(name, "STDOUT") == 0) { + return (STDOUT); + } + if (strcmp(name, "STDERR") == 0) { + return (STDERR); + } + #ifndef NO_FILESYSTEM + return (KEIL_FS_open(name, openmode)); + #else + return(0) ; + #endif +} + +/*--------------------------- _sys_close -------------------------------------*/ + +int _sys_close (FILEHANDLE fh) +{ + if (fh > 0x8000) { + return (0); + } + #ifndef NO_FILESYSTEM + return (__sys_close (fh)); + #else + return(0) ; + #endif +} + +/*--------------------------- _sys_write -------------------------------------*/ + +int _sys_write (FILEHANDLE fh, const U8 *buf, U32 len, int mode) +{ +#ifdef STDIO + if (fh == STDOUT) { + /* Standard Output device. */ + for ( ; len; len--) { + sendchar (*buf++); + } + return (0); + } +#endif + if (fh > 0x8000) { + return (-1); + } + #ifndef NO_FILESYSTEM + return (__sys_write (fh, buf, len)); + #else + return(0) ; + #endif +} + +/*--------------------------- _sys_read --------------------------------------*/ + +int _sys_read (FILEHANDLE fh, U8 *buf, U32 len, int mode) +{ +#ifdef STDIO + if (fh == STDIN) { + /* Standard Input device. */ + int sz ; + while((buf[0] = getkey()) == 0) ; + ; + for (sz = 0 ; sz <= len ; sz ++ ) { + if(buf[sz] == 0) break ; + else sz++ ; + buf[sz] = getkey (); + } + return (sz); + } +#endif + if (fh > 0x8000) { + return (-1); + } + #ifndef NO_FILESYSTEM + return (__sys_read (fh, buf, len)); + #else + return(0) ; + #endif +} + +/*--------------------------- _sys_istty -------------------------------------*/ + +int _sys_istty (FILEHANDLE fh) +{ + if (fh > 0x8000) { + return (1); + } + return (0); +} + +/*--------------------------- _sys_seek --------------------------------------*/ + +int _sys_seek (FILEHANDLE fh, long pos) +{ + if (fh > 0x8000) { + return (-1); + } + #ifndef NO_FILESYSTEM + return (__sys_seek (fh, pos)); + #else + return(0) ; + #endif +} + +/*--------------------------- _sys_ensure ------------------------------------*/ + +int _sys_ensure (FILEHANDLE fh) +{ + if (fh > 0x8000) { + return (-1); + } + #ifndef NO_FILESYSTEM + return (__sys_ensure (fh)); + #else + return(0) ; + #endif +} + +/*--------------------------- _sys_flen --------------------------------------*/ + +long _sys_flen (FILEHANDLE fh) +{ + if (fh > 0x8000) { + return (0); + } + #ifndef NO_FILESYSTEM + return (__sys_flen (fh)); + #else + return(0) ; + #endif +} + + +/*--------------------------- _sys_tmpnam ------------------------------------*/ + +int _sys_tmpnam (char *name, int sig, unsigned maxlen) +{ + return (1); +} + +/*--------------------------- _sys_command_string ----------------------------*/ + +char *_sys_command_string (char *cmd, int len) +{ + return (cmd); +} + +/*--------------------------- _sys_exit --------------------------------------*/ + +void _sys_exit (int return_code) +{ +#ifdef CYASSL_MDK_SHELL + return ; +#else + /* Endless loop. */ + while (1); +#endif + +} + diff --git a/3P/wolfssl/IDE/MDK-ARM/MDK-ARM/CyaSSL/cert_data.c b/3P/wolfssl/IDE/MDK-ARM/MDK-ARM/CyaSSL/cert_data.c new file mode 100644 index 00000000..d6cef016 --- /dev/null +++ b/3P/wolfssl/IDE/MDK-ARM/MDK-ARM/CyaSSL/cert_data.c @@ -0,0 +1,28 @@ +/* certs_test.c + * + * Copyright (C) 2006-2015 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +#ifdef HAVE_CONFIG_H + #include +#endif + +/* Define initial data for cert buffers */ +#include + diff --git a/3P/wolfssl/IDE/MDK-ARM/MDK-ARM/CyaSSL/cert_data.h b/3P/wolfssl/IDE/MDK-ARM/MDK-ARM/CyaSSL/cert_data.h new file mode 100644 index 00000000..6629ee05 --- /dev/null +++ b/3P/wolfssl/IDE/MDK-ARM/MDK-ARM/CyaSSL/cert_data.h @@ -0,0 +1,39 @@ +#ifndef CYASSL_CERT_DATA_H +#define CYASSL_CERT_DATA_H + +#ifdef USE_CERT_BUFFERS_1024 +extern const unsigned char client_key_der_1024[] ; +extern int sizeof_client_key_der_1024 ; +/* ./certs/1024/client-cert.der, 1024-bit */ +extern const unsigned char client_cert_der_1024[] ; +extern int sizeof_client_cert_der_1024 ; +/* ./certs/1024/dh1024.der, 1024-bit */ +extern const unsigned char dh_key_der_1024[] ; +extern int sizeof_dh_key_der_1024 ; +/* ./certs/1024/dsa1024.der, 1024-bit */ +extern const unsigned char dsa_key_der_1024[] ; +extern int sizeof_dsa_key_der_1024 ; +/* ./certs/1024/rsa1024.der, 1024-bit */ +extern const unsigned char rsa_key_der_1024[] ; +extern int sizeof_rsa_key_der_1024 ; + +#elif defined(USE_CERT_BUFFERS_2048) +/* ./certs/client-key.der, 2048-bit */ +extern const unsigned char client_key_der_2048[] ; +extern int sizeof_client_key_der_2048 ; +/* ./certs/client-cert.der, 2048-bit */ +extern const unsigned char client_cert_der_2048[] ; +extern int sizeof_client_cert_der_2048 ; +/* ./certs/dh2048.der, 2048-bit */ +extern const unsigned char dh_key_der_2048[] ; +extern int sizeof_dh_key_der_2048 ; +/* ./certs/dsa2048.der, 2048-bit */ +extern const unsigned char dsa_key_der_2048[] ; +extern int sizeof_dsa_key_der_2048; +/* ./certs/rsa2048.der, 2048-bit */ +extern const unsigned char rsa_key_der_2048[] ; +extern int sizeof_rsa_key_der_2048 ; +#endif + +#endif + diff --git a/3P/wolfssl/IDE/MDK-ARM/MDK-ARM/CyaSSL/config-BARE-METAL.h b/3P/wolfssl/IDE/MDK-ARM/MDK-ARM/CyaSSL/config-BARE-METAL.h new file mode 100644 index 00000000..56178bf7 --- /dev/null +++ b/3P/wolfssl/IDE/MDK-ARM/MDK-ARM/CyaSSL/config-BARE-METAL.h @@ -0,0 +1,291 @@ +/* config-BEREFOOT.h + * + * Copyright (C) 2006-2015 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + + +/**** CyaSSL for KEIL-RL Configuration ****/ + +#define __CORTEX_M3__ +#define CYASSL_MDK_ARM +#define NO_WRITEV +#define NO_CYASSL_DIR +#define NO_MAIN_DRIVER + +#define CYASSL_DER_LOAD +#define HAVE_NULL_CIPHER + +#define SINGLE_THREADED +#define NO_FILESYSTEM +#define NO_TLS + +#define NO_ECHOSERVER +#define NO_ECHOCLIENT +#define NO_SIMPLE_SERVER +#define NO_SIMPLE_CLIENT + +// <<< Use Configuration Wizard in Context Menu >>> + +// Build Target: KEIL-BAREFOOT +// Single Threaded, No File System, No TCP-net +// +// Command Shell +#define MDK_CONF_SHELL 1 +#if MDK_CONF_SHELL == 1 +#define CYASSL_MDK_SHELL +#endif +// +// CyaSSL Apps +// Crypt/Cipher +// Cert Storage <1=> Mem Buff (1024bytes) <2=> Mem Buff (2048bytes) +#define MDK_CONF_CERT_BUFF 1 +#if MDK_CONF_CERT_BUFF == 1 +#define USE_CERT_BUFFERS_1024 +#elif MDK_CONF_CERT_BUFF == 2 +#define USE_CERT_BUFFERS_2048 +#endif + +// Crypt/Cipher Test Suite +#define MDK_CONF_CTaoCryptTest 1 +#if MDK_CONF_CTaoCryptTest == 0 +#define NO_CRYPT_TEST +#endif +// +// Crypt/Cipher Benchmark +#define MDK_CONF_CTaoCryptBenchmark 1 +#if MDK_CONF_CTaoCryptBenchmark == 0 +#define NO_CRYPT_BENCHMARK +#define BENCH_EMBEDDED +#endif +// +// + +// STM32 Hardware Crypt +// STM32F2 Hardware RNG +#define MDK_CONF_STM32F2_RNG 0 +#if MDK_CONF_STM32F2_RNG == 1 +#define STM32F2_RNG +#else +#define NO_DEV_RANDOM +#endif +// +// STM32F2 Hardware Crypt +#define MDK_CONF_STM32F2_CRYPTO 0 +#if MDK_CONF_STM32F2_CRYPTO == 1 +#define STM32F2_CRYPTO +#endif +// + +// + + +// CTaoCrypt Library + +// MD5, SHA, SHA-256, AES, RC4, ASN, RSA +// +// MD2 +#define MDK_CONF_MD2 0 +#if MDK_CONF_MD2 == 1 +#define CYASSL_MD2 +#endif +// +// MD4 +#define MDK_CONF_MD4 1 +#if MDK_CONF_MD4 == 0 +#define NO_MD4 +#endif +// +// SHA-384 +// This has to be with SHA512 +#define MDK_CONF_SHA384 0 +#if MDK_CONF_SHA384 == 1 +#define CYASSL_SHA384 +#endif +// +// SHA-512 +#define MDK_CONF_SHA512 0 +#if MDK_CONF_SHA512 == 1 +#define CYASSL_SHA512 +#endif +// +// RIPEMD +#define MDK_CONF_RIPEMD 0 +#if MDK_CONF_RIPEMD == 1 +#define CYASSL_RIPEMD +#endif +// +// HMAC +#define MDK_CONF_HMAC 1 +#if MDK_CONF_HMAC == 0 +#define NO_HMAC +#endif +// +// HC128 +#define MDK_CONF_HC128 0 +#if MDK_CONF_HC128 == 1 +#define HAVE_HC128 +#endif +// +// RABBIT +#define MDK_CONF_RABBIT 1 +#if MDK_CONF_RABBI == 0 +#define NO_RABBIT +#endif +// + +// AEAD +#define MDK_CONF_AEAD 0 +#if MDK_CONF_AEAD == 1 +#define HAVE_AEAD +#endif +// +// DES3 +#define MDK_CONF_DES3 1 +#if MDK_CONF_DES3 == 0 +#define NO_DES3 +#endif +// +// CAMELLIA +#define MDK_CONF_CAMELLIA 0 +#if MDK_CONF_CAMELLIA == 1 +#define HAVE_CAMELLIA +#endif +// + +// DH +// need this for CYASSL_SERVER, OPENSSL_EXTRA +#define MDK_CONF_DH 1 +#if MDK_CONF_DH == 0 +#define NO_DH +#endif +// +// DSA +#define MDK_CONF_DSA 1 +#if MDK_CONF_DSA == 0 +#define NO_DSA +#endif +// +// PWDBASED +#define MDK_CONF_PWDBASED 1 +#if MDK_CONF_PWDBASED == 0 +#define NO_PWDBASED +#endif +// + +// ECC +#define MDK_CONF_ECC 0 +#if MDK_CONF_ECC == 1 +#define HAVE_ECC +#endif +// +// PSK +#define MDK_CONF_PSK 1 +#if MDK_CONF_PSK == 0 +#define NO_PSK +#endif +// +// AESCCM (Turn off Hardware Crypt) +#define MDK_CONF_AESCCM 0 +#if MDK_CONF_AESCCM == 1 +#define HAVE_AESCCM +#endif +// +// AESGCM (Turn off Hardware Crypt) +#define MDK_CONF_AESGCM 0 +#if MDK_CONF_AESGCM == 1 +#define HAVE_AESGCM +#define BUILD_AESGCM +#endif +// +// NTRU (need License, "crypto_ntru.h") +#define MDK_CONF_NTRU 0 +#if MDK_CONF_NTRU == 1 +#define HAVE_NTRU +#endif +// +// + +// Others + +// Inline +#define MDK_CONF_INLINE 0 +#if MDK_CONF_INLINE == 0 +#define NO_INLINE +#endif +// +// Debug +// Debug Message +#define MDK_CONF_DebugMessage 0 +#if MDK_CONF_DebugMessage == 1 +#define DEBUG_CYASSL +#endif +// +// Check malloc +#define MDK_CONF_CheckMalloc 1 +#if MDK_CONF_CheckMalloc == 1 +#define CYASSL_MALLOC_CHECK +#endif +// + + +// +// ErrNo.h +#define MDK_CONF_ErrNo 0 +#if MDK_CONF_ErrNo == 1 +#define HAVE_ERRNO +#endif +// +// zlib (need "zlib.h") +#define MDK_CONF_LIBZ 0 +#if MDK_CONF_LIBZ == 1 +#define HAVE_LIBZ +#endif +// +// CAVIUM (need CAVIUM headers) +#define MDK_CONF_CAVIUM 0 +#if MDK_CONF_CAVIUM == 1 +#define HAVE_CAVIUM +#endif +// + +// Error Strings +#define MDK_CONF_ErrorStrings 1 +#if MDK_CONF_ErrorStrings == 0 +#define NO_ERROR_STRINGS +#endif +// + +// Small Stack +#define MDK_CONF_SmallStack 1 +#if MDK_CONF_SmallStack == 0 +#define NO_CYASSL_SMALL_STACK +#endif +// +// Use Fast Math +#define MDK_CONF_FASTMATH 0 +#if MDK_CONF_FASTMATH == 1 +#define USE_FAST_MATH +#endif +// + + +// + +// +// <<< end of configuration section >>> diff --git a/3P/wolfssl/IDE/MDK-ARM/MDK-ARM/CyaSSL/config-FS.h b/3P/wolfssl/IDE/MDK-ARM/MDK-ARM/CyaSSL/config-FS.h new file mode 100644 index 00000000..6d348a71 --- /dev/null +++ b/3P/wolfssl/IDE/MDK-ARM/MDK-ARM/CyaSSL/config-FS.h @@ -0,0 +1,329 @@ +/* config-FS.h + * + * Copyright (C) 2006-2015 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + + +/**** CyaSSL for KEIL-RL Configuration ****/ + +#define __CORTEX_M3__ +#define CYASSL_KEIL_RL +#define NO_WRITEV +#define NO_CYASSL_DIR +#define NO_MAIN_DRIVER + + +#define CYASSL_DER_LOAD +#define HAVE_NULL_CIPHER + +#define SINGLE_THREADED + +#define NO_ECHOSERVER +#define NO_ECHOCLIENT +#define NO_SIMPLE_SERVER +#define NO_SIMPLE_CLIENT + +// <<< Use Configuration Wizard in Context Menu >>> + +// Build Target: KEIL-FS +// Single Threaded, With File System, No TCP-net +// +// Command Shell +#define MDK_CONF_SHELL 1 +#if MDK_CONF_SHELL == 1 +#define CYASSL_MDK_SHELL +#endif +// +// CyaSSL Apps +// Crypt/Cipher +// Cert Storage <0=> SD Card <1=> Mem Buff (1024bytes) <2=> Mem Buff (2048bytes) +#define MDK_CONF_CERT_BUFF 0 +#if MDK_CONF_CERT_BUFF== 1 +#define USE_CERT_BUFFERS_1024 +#elif MDK_CONF_CERT_BUFF == 2 +#define USE_CERT_BUFFERS_2048 +#endif + +// Crypt/Cipher Test Suite +#define MDK_CONF_CTaoCryptTest 1 +#if MDK_CONF_CTaoCryptTest == 0 +#define NO_CRYPT_TEST +#endif +// +// Crypt/Cipher Benchmark +#define MDK_CONF_CTaoCryptBenchmark 1 +#if MDK_CONF_CTaoCryptBenchmark == 0 +#define NO_CRYPT_BENCHMARK +#endif +// +// + +// STM32 Hardware Crypt +// STM32F2 Hardware RNG +#define MDK_CONF_STM32F2_RNG 0 +#if MDK_CONF_STM32F2_RNG == 1 +#define STM32F2_RNG +#else +#define NO_DEV_RANDOM +#endif +// +// STM32F2 Hardware Crypt +#define MDK_CONF_STM32F2_CRYPTO 0 +#if MDK_CONF_STM32F2_CRYPTO == 1 +#define STM32F2_CRYPTO +#endif +// + +// + +// CyaSSL Library +// SSL (Included by default) +// + +// TLS +#define MDK_CONF_TLS 1 +#if MDK_CONF_TLS == 0 +#define NO_TLS +#endif +// + +// CertGen +#define MDK_CONF_CERT_GEN 0 +#if MDK_CONF_CERT_GEN == 1 +#define CYASSL_CERT_GEN +#endif +// +// KeyGen +#define MDK_CONF_KEY_GEN 0 +#if MDK_CONF_KEY_GEN == 1 +#define CYASSL_KEY_GEN +#endif +// +// CRL +#define MDK_CONF_DER_LOAD 0 +#if MDK_CONF_DER_LOAD == 1 +#define CYASSL_DER_LOAD +#endif +// +// OpenSSL Extra +#define MDK_CONF_OPENSSL_EXTRA 0 +#if MDK_CONF_OPENSSL_EXTRA == 1 +#define OPENSSL_EXTRA +#endif +// +// CRL Monitor, OCSP (not supported with KEIL) +// + +// + +// CTaoCrypt Library + +// MD5, SHA, SHA-256, AES, RC4, ASN, RSA +// + +// MD2 +#define MDK_CONF_MD2 0 +#if MDK_CONF_MD2 == 1 +#define CYASSL_MD2 +#endif +// +// MD4 +#define MDK_CONF_MD4 1 +#if MDK_CONF_MD4 == 0 +#define NO_MD4 +#endif +// +// SHA-384 +// This has to be with SHA512 +#define MDK_CONF_SHA384 0 +#if MDK_CONF_SHA384 == 1 +#define CYASSL_SHA384 +#endif +// +// SHA-512 +#define MDK_CONF_SHA512 0 +#if MDK_CONF_SHA512 == 1 +#define CYASSL_SHA512 +#endif +// +// RIPEMD +#define MDK_CONF_RIPEMD 0 +#if MDK_CONF_RIPEMD == 1 +#define CYASSL_RIPEMD +#endif +// +// HMAC +#define MDK_CONF_HMAC 1 +#if MDK_CONF_HMAC == 0 +#define NO_HMAC +#endif +// +// HC128 +#define MDK_CONF_HC128 0 +#if MDK_CONF_HC128 == 1 +#define HAVE_HC128 +#endif +// +// RABBIT +#define MDK_CONF_RABBIT 1 +#if MDK_CONF_RABBI == 0 +#define NO_RABBIT +#endif +// + +// AEAD +#define MDK_CONF_AEAD 0 +#if MDK_CONF_AEAD == 1 +#define HAVE_AEAD +#endif +// +// DES3 +#define MDK_CONF_DES3 1 +#if MDK_CONF_DES3 == 0 +#define NO_DES3 +#endif +// +// CAMELLIA +#define MDK_CONF_CAMELLIA 0 +#if MDK_CONF_CAMELLIA == 1 +#define HAVE_CAMELLIA +#endif +// + +// DH +// need this for CYASSL_SERVER, OPENSSL_EXTRA +#define MDK_CONF_DH 1 +#if MDK_CONF_DH == 0 +#define NO_DH +#endif +// +// DSA +#define MDK_CONF_DSA 1 +#if MDK_CONF_DSA == 0 +#define NO_DSA +#endif +// +// PWDBASED +#define MDK_CONF_PWDBASED 1 +#if MDK_CONF_PWDBASED == 0 +#define NO_PWDBASED +#endif +// + +// ECC +#define MDK_CONF_ECC 0 +#if MDK_CONF_ECC == 1 +#define HAVE_ECC +#endif +// +// PSK +#define MDK_CONF_PSK 1 +#if MDK_CONF_PSK == 0 +#define NO_PSK +#endif +// +// AESCCM (Turn off Hardware Crypt) +#define MDK_CONF_AESCCM 0 +#if MDK_CONF_AESCCM == 1 +#define HAVE_AESCCM +#endif +// +// AESGCM (Turn off Hardware Crypt) +#define MDK_CONF_AESGCM 0 +#if MDK_CONF_AESGCM == 1 +#define HAVE_AESGCM +#define BUILD_AESGCM +#endif +// +// NTRU (need License, "crypto_ntru.h") +#define MDK_CONF_NTRU 0 +#if MDK_CONF_NTRU == 1 +#define HAVE_NTRU +#endif +// +// + +// Others + +// Inline +#define MDK_CONF_INLINE 0 +#if MDK_CONF_INLINE == 0 +#define NO_INLINE +#endif +// +// Debug +// Debug Message +#define MDK_CONF_DebugMessage 0 +#if MDK_CONF_DebugMessage == 1 +#define DEBUG_CYASSL +#endif +// +// Check malloc +#define MDK_CONF_CheckMalloc 1 +#if MDK_CONF_CheckMalloc == 1 +#define CYASSL_MALLOC_CHECK +#endif +// + + +// +// ErrNo.h +#define MDK_CONF_ErrNo 0 +#if MDK_CONF_ErrNo == 1 +#define HAVE_ERRNO +#endif +// +// zlib (need "zlib.h") +#define MDK_CONF_LIBZ 0 +#if MDK_CONF_LIBZ == 1 +#define HAVE_LIBZ +#endif +// +// CAVIUM (need CAVIUM headers) +#define MDK_CONF_CAVIUM 0 +#if MDK_CONF_CAVIUM == 1 +#define HAVE_CAVIUM +#endif +// + +// Error Strings +#define MDK_CONF_ErrorStrings 1 +#if MDK_CONF_ErrorStrings == 0 +#define NO_ERROR_STRINGS +#endif +// + +// Small Stack +#define MDK_CONF_SmallStack 1 +#if MDK_CONF_SmallStack == 0 +#define NO_CYASSL_SMALL_STACK +#endif +// +// Use Fast Math +#define MDK_CONF_FASTMATH 0 +#if MDK_CONF_FASTMATH == 1 +#define USE_FAST_MATH +#endif +// + + +// + +// +// <<< end of configuration section >>> diff --git a/3P/wolfssl/IDE/MDK-ARM/MDK-ARM/CyaSSL/config-RTX-TCP-FS.h b/3P/wolfssl/IDE/MDK-ARM/MDK-ARM/CyaSSL/config-RTX-TCP-FS.h new file mode 100644 index 00000000..4f513ef1 --- /dev/null +++ b/3P/wolfssl/IDE/MDK-ARM/MDK-ARM/CyaSSL/config-RTX-TCP-FS.h @@ -0,0 +1,351 @@ +/* config-RTX-TCP-FS.h + * + * Copyright (C) 2006-2015 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + + +/**** CyaSSL for KEIL-RL Configuration ****/ + +#define __CORTEX_M3__ +#define CYASSL_MDK_ARM +#define NO_WRITEV +#define NO_CYASSL_DIR +#define NO_MAIN_DRIVER + + +#define CYASSL_DER_LOAD +#define HAVE_NULL_CIPHER + +#define HAVE_KEIL_RTX +#define CYASSL_KEIL_TCP_NET + + +// <<< Use Configuration Wizard in Context Menu >>> +// Build Target: KEIL-RTX-TCP-FS +// RTOS, File System and TCP-net +// +// Command Shell +#define MDK_CONF_SHELL 1 +#if MDK_CONF_SHELL == 1 +#define CYASSL_MDK_SHELL +#endif +// +// CyaSSL Apps +// Crypt/Cipher +// Cert Storage <0=> SD Card <1=> Mem Buff (1024bytes) <2=> Mem Buff (2048bytes) +#define MDK_CONF_CERT_BUFF 0 +#if MDK_CONF_CERT_BUFF== 1 +#define USE_CERT_BUFFERS_1024 +#elif MDK_CONF_CERT_BUFF == 2 +#define USE_CERT_BUFFERS_2048 +#endif + +// Crypt/Cipher Test Suite +#define MDK_CONF_CTaoCryptTest 1 +#if MDK_CONF_CTaoCryptTest == 0 +#define NO_CRYPT_TEST +#endif +// +// Crypt/Cipher Benchmark +#define MDK_CONF_CTaoCryptBenchmark 1 +#if MDK_CONF_CTaoCryptBenchmark == 0 +#define NO_CRYPT_BENCHMARK +#define BENCH_EMBEDDED +#endif +// +// +// SSL/TLS Server/Client +// echoServer +#define MDK_CONF_echoServer 1 +#if MDK_CONF_echoServer == 0 +#define NO_ECHOSERVER +#endif +// +// echoClient +#define MDK_CONF_echoClient 1 +#if MDK_CONF_echoClient == 0 +#define NO_ECHOCLIENT +#endif +// +// SimpleServer +#define MDK_CONF_simpleServer 1 +#if MDK_CONF_simpleServer == 0 +#define NO_SIMPLE_SERVER +#endif +// +// SimpleCliet +#define MDK_CONF_simpleClient 1 +#if MDK_CONF_simpleClient == 0 +#define NO_SIMPLE_CLIENT +#endif +// +// +// +// STM32 Hardware Crypt +// STM32F2 Hardware RNG +#define MDK_CONF_STM32F2_RNG 0 +#if MDK_CONF_STM32F2_RNG == 1 +#define STM32F2_RNG +#else +#define NO_DEV_RANDOM +#endif +// +// STM32F2 Hardware Crypt +#define MDK_CONF_STM32F2_CRYPTO 0 +#if MDK_CONF_STM32F2_CRYPTO == 1 +#define STM32F2_CRYPTO +#endif +// + +// + +// CyaSSL Library +// SSL (Included by default) +// + +// TLS +#define MDK_CONF_TLS 1 +#if MDK_CONF_TLS == 0 +#define NO_TLS +#endif +// + +// CertGen +#define MDK_CONF_CERT_GEN 0 +#if MDK_CONF_CERT_GEN == 1 +#define CYASSL_CERT_GEN +#endif +// +// KeyGen +#define MDK_CONF_KEY_GEN 0 +#if MDK_CONF_KEY_GEN == 1 +#define CYASSL_KEY_GEN +#endif +// +// CRL +#define MDK_CONF_DER_LOAD 0 +#if MDK_CONF_DER_LOAD == 1 +#define CYASSL_DER_LOAD +#endif +// +// OpenSSL Extra +#define MDK_CONF_OPENSSL_EXTRA 1 +#if MDK_CONF_OPENSSL_EXTRA == 1 +#define OPENSSL_EXTRA +#endif +// +// CRL Monitor, OCSP (not supported with KEIL) +// + +// + +// CTaoCrypt Library + +// MD5, SHA, SHA-256, AES, RC4, ASN, RSA +// +// MD2 +#define MDK_CONF_MD2 0 +#if MDK_CONF_MD2 == 1 +#define CYASSL_MD2 +#endif +// +// MD4 +#define MDK_CONF_MD4 1 +#if MDK_CONF_MD4 == 0 +#define NO_MD4 +#endif +// +// SHA-384 +// This has to be with SHA512 +#define MDK_CONF_SHA384 0 +#if MDK_CONF_SHA384 == 1 +#define CYASSL_SHA384 +#endif +// +// SHA-512 +#define MDK_CONF_SHA512 0 +#if MDK_CONF_SHA512 == 1 +#define CYASSL_SHA512 +#endif +// +// RIPEMD +#define MDK_CONF_RIPEMD 1 +#if MDK_CONF_RIPEMD == 1 +#define CYASSL_RIPEMD +#endif +// +// HMAC +#define MDK_CONF_HMAC 1 +#if MDK_CONF_HMAC == 0 +#define NO_HMAC +#endif +// +// HC128 +#define MDK_CONF_HC128 0 +#if MDK_CONF_HC128 == 1 +#define HAVE_HC128 +#endif +// +// RABBIT +#define MDK_CONF_RABBIT 1 +#if MDK_CONF_RABBI == 0 +#define NO_RABBIT +#endif +// + +// AEAD +#define MDK_CONF_AEAD 0 +#if MDK_CONF_AEAD == 1 +#define HAVE_AEAD +#endif +// +// DES3 +#define MDK_CONF_DES3 1 +#if MDK_CONF_DES3 == 0 +#define NO_DES3 +#endif +// +// CAMELLIA +#define MDK_CONF_CAMELLIA 0 +#if MDK_CONF_CAMELLIA == 1 +#define HAVE_CAMELLIA +#endif +// + +// DH +// need this for CYASSL_SERVER, OPENSSL_EXTRA +#define MDK_CONF_DH 1 +#if MDK_CONF_DH == 0 +#define NO_DH +#endif +// +// DSA +#define MDK_CONF_DSA 1 +#if MDK_CONF_DSA == 0 +#define NO_DSA +#endif +// +// PWDBASED +#define MDK_CONF_PWDBASED 1 +#if MDK_CONF_PWDBASED == 0 +#define NO_PWDBASED +#endif +// + +// ECC +#define MDK_CONF_ECC 1 +#if MDK_CONF_ECC == 1 +#define HAVE_ECC +#endif +// +// PSK +#define MDK_CONF_PSK 1 +#if MDK_CONF_PSK == 0 +#define NO_PSK +#endif +// +// AESCCM (Turn off Hardware Crypt) +#define MDK_CONF_AESCCM 0 +#if MDK_CONF_AESCCM == 1 +#define HAVE_AESCCM +#endif +// +// AESGCM (Turn off Hardware Crypt) +#define MDK_CONF_AESGCM 0 +#if MDK_CONF_AESGCM == 1 +#define HAVE_AESGCM +#define BUILD_AESGCM +#endif +// +// NTRU (need License, "crypto_ntru.h") +#define MDK_CONF_NTRU 0 +#if MDK_CONF_NTRU == 1 +#define HAVE_NTRU +#endif +// +// + +// Others + +// Inline +#define MDK_CONF_INLINE 0 +#if MDK_CONF_INLINE == 0 +#define NO_INLINE +#endif +// +// Debug +// Debug Message +#define MDK_CONF_DEBUG_MSG 0 +#if MDK_CONF_DEBUG_MSG == 1 +#define DEBUG_CYASSL +#endif +// +// Check malloc +#define MDK_CONF_CHECK_MALLOC 1 +#if MDK_CONF_CHECK_MALLOC == 1 +#define CYASSL_MALLOC_CHECK +#endif +// + + +// +// ErrNo.h +#define MDK_CONF_ERR_NO 0 +#if MDK_CONF_ERR_NO == 1 +#define HAVE_ERRNO +#endif +// +// zlib (need "zlib.h") +#define MDK_CONF_LIBZ 0 +#if MDK_CONF_LIBZ == 1 +#define HAVE_LIBZ +#endif +// +// CAVIUM (need CAVIUM headers) +#define MDK_CONF_CAVIUM 0 +#if MDK_CONF_CAVIUM == 1 +#define HAVE_CAVIUM +#endif +// + +// Error Strings +#define MDK_CONF_ErrorStrings 1 +#if MDK_CONF_ErrorStrings == 0 +#define NO_ERROR_STRINGS +#endif +// + +// Small Stack +#define MDK_CONF_SMALL_STACK 1 +#if MDK_CONF_SMALL_STACK == 0 +#define NO_CYASSL_SMALL_STACK +#endif +// +// Use Fast Math +#define MDK_CONF_FASTMATH 0 +#if MDK_CONF_FASTMATH == 1 +#define USE_FAST_MATH +#endif +// + + +// + +// +// <<< end of configuration section >>> diff --git a/3P/wolfssl/IDE/MDK-ARM/MDK-ARM/CyaSSL/config.h b/3P/wolfssl/IDE/MDK-ARM/MDK-ARM/CyaSSL/config.h new file mode 100644 index 00000000..fff7a5ab --- /dev/null +++ b/3P/wolfssl/IDE/MDK-ARM/MDK-ARM/CyaSSL/config.h @@ -0,0 +1,46 @@ +/* config.h + * + * Copyright (C) 2006-2015 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + + +/**** CyaSSL for KEIL-RL Configuration ****/ + +#define __CORTEX_M3__ +#define CYASSL_MDK_ARM +#define NO_WRITEV +#define NO_CYASSL_DIR + +/* for Retarget.c */ +#define STDIO +#define BENCH_EMBEDDED + +#define CYASSL_DER_LOAD +#define HAVE_NULL_CIPHER + +#if defined(MDK_CONF_RTX_TCP_FS) +#include "config-RTX-TCP-FS.h" +#elif defined(MDK_CONF_TCP_FS) +#include "config-TCP-FS.h" +#elif defined(MDK_CONF_FS) +#include "config-FS.h" +#elif defined(MDK_CONF_BARE_METAL) +#include "config-BARE-METAL.h" +#endif + diff --git a/3P/wolfssl/IDE/MDK-ARM/MDK-ARM/CyaSSL/cyassl_MDK_ARM.c b/3P/wolfssl/IDE/MDK-ARM/MDK-ARM/CyaSSL/cyassl_MDK_ARM.c new file mode 100644 index 00000000..23ca2f63 --- /dev/null +++ b/3P/wolfssl/IDE/MDK-ARM/MDK-ARM/CyaSSL/cyassl_MDK_ARM.c @@ -0,0 +1,249 @@ +/* cyassl_MDK_ARM.c + * + * Copyright (C) 2006-2015 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + + +/***************************************************************************************/ +/** This file is for defining functions for specific to KEIL-RL. **/ +/***************************************************************************************/ +#ifdef HAVE_CONFIG_H + #include +#endif + +#include +#if defined (CYASSL_MDK5) + #include "cmsis_os.h" + #if defined(CYASSL_KEIL_TCP_NET) + #include "rl_net.h" + #endif +#else + #include +#endif + +#include "cyassl_MDK_ARM.h" + +#include +#include + +#if defined (CYASSL_CMSIS_RTOS) + #define os_dly_wait(t) osDelay(10*t) +#endif + + +/** KEIL-RL TCPnet ****/ +/** TCPnet BSD socket does not have following functions. **/ + +#if defined(CYASSL_KEIL_TCP_NET) +char *inet_ntoa(struct in_addr in) +{ + #define NAMESIZE 16 + static char name[NAMESIZE] ; + sprintf(name, "%d.%d.%d.%d", (in.s_addr>>24)&0xff, (in.s_addr>>16)&0xff, (in.s_addr>>8)&0xff, in.s_addr&0xff) ; + return name ; +} + +unsigned long inet_addr(const char *cp) +{ + unsigned int a[4] ; unsigned long ret ; + sscanf(cp, "%d.%d.%d.%d", &a[0], &a[1], &a[2], &a[3]) ; + ret = ((a[3]<<24) + (a[2]<<16) + (a[1]<<8) + a[0]) ; + return(ret) ; +} + + +/*** tcp_connect is actually associated with following syassl_tcp_connect. ***/ +int Cyassl_connect(int sd, const struct sockaddr* sa, int sz) +{ + int ret = 0 ; + #if defined(CYASSL_KEIL_TCP_NET) + + SOCKADDR_IN addr ; + + addr = *(SOCKADDR_IN *)sa ; + + do { + #undef connect /* Go to KEIL TCPnet connect */ + ret = connect(sd, (SOCKADDR *)&addr, sizeof(addr)) ; + os_dly_wait(50); + } while(ret == SCK_EWOULDBLOCK) ; + #ifdef DEBUG_CYASSL + { + char msg[50] ; + sprintf(msg, "BSD Connect return code: %d\n", ret) ; + CYASSL_MSG(msg) ; + } + #endif + + #endif /* CYASSL_KEIL_TCP_NET */ + return(ret ) ; +} + + +int Cyassl_accept(int sd, struct sockaddr *addr, int *addrlen) +{ + int ret = 0 ; + + #if defined(CYASSL_KEIL_TCP_NET) + while(1) { + #undef accept /* Go to KEIL TCPnet accept */ + ret = accept(sd, addr, addrlen) ; + if(ret != SCK_EWOULDBLOCK) break ; + os_dly_wait(1); + } + #ifdef DEBUG_CYASSL + { + char msg[50] ; + sprintf(msg, "BSD Accept return code: %d\n", ret) ; + CYASSL_MSG(msg) ; + } + #endif + + #endif /* CYASSL_KEIL_TCP_NET */ + return(ret ) ; + +} + +int Cyassl_recv(int sd, void *buf, size_t len, int flags) +{ + int ret = 0; + #if defined(CYASSL_KEIL_TCP_NET) + while(1) { + #undef recv /* Go to KEIL TCPnet recv */ + ret = recv(sd, buf, len, flags) ; + if((ret != SCK_EWOULDBLOCK) &&( ret != SCK_ETIMEOUT)) break ; + os_dly_wait(1); + } + #ifdef DEBUG_CYASSL + { + char msg[50] ; + sprintf(msg, "BSD Recv return code: %d\n", ret) ; + CYASSL_MSG(msg) ; + } + #endif + + #endif /* CYASSL_KEIL_TCP_NET */ + return(ret ) ; +} + +int Cyassl_send(int sd, const void *buf, size_t len, int flags) +{ + int ret = 0 ; + + #if defined(CYASSL_KEIL_TCP_NET) + while(1) { + #undef send /* Go to KEIL TCPnet send */ + ret = send(sd, buf, len, flags) ; + if(ret != SCK_EWOULDBLOCK) break ; + os_dly_wait(1); + } + #ifdef DEBUG_CYASSL + { + char msg[50] ; + sprintf(msg, "BSD Send return code: %d\n", ret) ; + CYASSL_MSG(msg) ; + } + #endif + +#endif /* CYASSL_KEIL_TCP_NET */ + return(ret) ; + +} + +#endif /* CYASSL_KEIL_TCP_NET */ + +#if defined(CYASSL_KEIL_TCP_NET) +void Cyassl_sleep(int t) +{ + #if defined(HAVE_KEIL_RTX) + os_dly_wait(t/1000+1) ; + #endif +} + +int Cyassl_tcp_select(int sd, int timeout) +{ + + return 0 ; + +} +#endif + +extern int strlen(const char *s) ; + +FILE * CyaSSL_fopen(const char *name, const char *openmode) +{ + int i ; FILE * ret ; + #define PATHSIZE 100 + char path[PATHSIZE] ; char *p ; + + if(strlen(name) > PATHSIZE)return(NULL) ; + + for(i = 0; i<= strlen(name); i++) { + if(name[i] == '/')path[i] = '\\' ; + else path[i] = name[i] ; + } + if(path[0] == '.' && path[1] == '\\') p = path + 2 ; + else p = path ; + + ret = fopen (p, openmode) ; + + return(ret) ; +} + +#if defined (CYASSL_MDK5) +#define getkey getchar +#define sendchar putchar +#else +extern int getkey(void) ; +extern int sendchar(int c) ; +#endif + +char * Cyassl_fgets ( char * str, int num, FILE * f ) +{ + int i ; + + for(i = 0 ; i< num ; i++) { + while((str[i] = getkey()) == 0) { + #if defined (HAVE_KEIL_RTX) + #if !defined(CYASSL_CMSIS_RTOS) + os_tsk_pass (); + #else + osThreadYield (); + #endif + #endif + } + if(str[i] == '\n' || str[i] == '\012' || str[i] == '\015') { + sendchar('\n') ; + str[i++] = '\n' ; + str[i] = '\0' ; + break ; + } else if(str[i] == '\010') { /* BS */ + if(i) { /* erace one char */ + sendchar('\010') ; sendchar(' ') ; sendchar('\010') ; + i = (i>0 ? (i-2) : -1 ) ; + continue ; + } + } else if(str[i] == '\033' || str[i] == '\004' ) { /* ESC or ^D */ + str[i] = '\0' ; + return(0) ; + } + sendchar(str[i]) ; + } + return(str) ; +} diff --git a/3P/wolfssl/IDE/MDK-ARM/MDK-ARM/CyaSSL/cyassl_MDK_ARM.h b/3P/wolfssl/IDE/MDK-ARM/MDK-ARM/CyaSSL/cyassl_MDK_ARM.h new file mode 100644 index 00000000..dbcfcf68 --- /dev/null +++ b/3P/wolfssl/IDE/MDK-ARM/MDK-ARM/CyaSSL/cyassl_MDK_ARM.h @@ -0,0 +1,103 @@ +/* cyassl_KEIL_RL.h + * + * Copyright (C) 2006-2015 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +/******************************************************************************/ +/** This file is for defining types, values for specific to KEIL-MDK-ARM. **/ +/******************************************************************************/ +#ifndef CYASSL_KEIL_RL_H +#define CYASSL_KEIL_RL_H + + + +#include + +/* Go to STDIN */ +#define fgets(buff, sz, fd) Cyassl_fgets(buff, sz, fd) +extern char * Cyassl_fgets ( char * str, int num, FILE * f ) ; + +#define SOCKET_T int + +/*** #include ***/ +#define NUMBITSPERBYTE 8 +#define FD_SETSIZE 10 + +typedef long fd_mask; +#define NFDBITS (sizeof(fd_mask) * NUMBITSPERBYTE) /* bits per mask */ + +typedef struct fd_set { + fd_mask fds_bits[(FD_SETSIZE + NFDBITS - 1) / NFDBITS]; +} fd_set; + +/*** #include ***/ +struct timeval { + long tv_sec; /* seconds */ + long tv_usec; /* microseconds */ +}; + + +/*** #include **/ +/* + int select(int nfds, fd_set *readfds, fd_set *writefds, + fd_set *exceptfds, const struct timeval *timeout); + void FD_CLR(int fd, fd_set *set); + int FD_ISSET(int fd, fd_set *set); + void FD_SET(int fd, fd_set *set); + void FD_ZERO(fd_set *set); +*/ +typedef int socklen_t ; + +/* for avoiding conflict with KEIL-TCPnet BSD socket */ +/* Bodies are in cyassl_KEIL_RL.c */ +#define connect Cyassl_connect +#define accept Cyassl_accept +#define recv Cyassl_recv +#define send Cyassl_send +#define sleep Cyassl_sleep + +/* for avoiding conflicting with KEIL-TCPnet TCP socket */ +/* Bodies are in test.h */ +#define tcp_connect Cyassl_tcp_connect +#define tcp_socket Cyassl_tcp_soket +#define tcp_listen Cyassl_tcp_listen +#define tcp_select Cyassl_tcp_select + +extern int Cyassl_connect(int sd, const struct sockaddr * sa, int sz) ; +extern int Cyassl_accept(int sd, struct sockaddr *addr, socklen_t *addrlen); +extern int Cyassl_recv(int sd, void *buf, size_t len, int flags); +extern int Cyassl_send(int sd, const void *buf, size_t len, int flags); +extern void Cyassl_sleep(int sec) ; +extern int Cyassl_tcp_select(int sd, int timeout) ; + +/** KEIL-RL TCPnet ****/ +/* TCPnet BSD socket does not have following functions. */ +extern char *inet_ntoa(struct in_addr in); +extern unsigned long inet_addr(const char *cp); +extern int setsockopt(int sockfd, int level, int optname, + const void *optval, socklen_t optlen); +extern int select(int nfds, fd_set *readfds, fd_set *writefds, + fd_set *exceptfds, const struct timeval *timeout); + +/* CyaSSL MDK-ARM time functions */ +#include +struct tm *Cyassl_MDK_gmtime(const time_t *c) ; +extern double current_time(void) ; + +#endif /* CYASSL_KEIL_RL_H */ diff --git a/3P/wolfssl/IDE/MDK-ARM/MDK-ARM/CyaSSL/main.c b/3P/wolfssl/IDE/MDK-ARM/MDK-ARM/CyaSSL/main.c new file mode 100644 index 00000000..db48b833 --- /dev/null +++ b/3P/wolfssl/IDE/MDK-ARM/MDK-ARM/CyaSSL/main.c @@ -0,0 +1,172 @@ +/* main.c + * + * Copyright (C) 2006-2015 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +#ifdef HAVE_CONFIG_H + #include +#endif + +#include +#include + +#include +#include +#include "cyassl_MDK_ARM.h" + +/*----------------------------------------------------------------------------- + * Initialize a Flash Memory Card + *----------------------------------------------------------------------------*/ +#if !defined(NO_FILESYSTEM) +static void init_card (void) +{ + U32 retv; + + while ((retv = finit (NULL)) != 0) { /* Wait until the Card is ready */ + if (retv == 1) { + printf ("\nSD/MMC Init Failed"); + printf ("\nInsert Memory card and press key...\n"); + } else { + printf ("\nSD/MMC Card is Unformatted"); + } + } +} +#endif + + +/*----------------------------------------------------------------------------- + * TCP/IP tasks + *----------------------------------------------------------------------------*/ +#ifdef CYASSL_KEIL_TCP_NET +__task void tcp_tick (void) +{ + + CYASSL_MSG("Time tick started.") ; + #if defined (HAVE_KEIL_RTX) + os_itv_set (10); + #endif + + while (1) { + #if defined (HAVE_KEIL_RTX) + os_itv_wait (); + #endif + /* Timer tick every 100 ms */ + timer_tick (); + } +} + +__task void tcp_poll (void) +{ + CYASSL_MSG("TCP polling started.\n") ; + while (1) { + main_TcpNet (); + #if defined (HAVE_KEIL_RTX) + os_tsk_pass (); + #endif + } +} +#endif + +#if defined(HAVE_KEIL_RTX) && defined(CYASSL_MDK_SHELL) +#define SHELL_STACKSIZE 1000 +static unsigned char Shell_stack[SHELL_STACKSIZE] ; +#endif + + +#if defined(CYASSL_MDK_SHELL) +extern void shell_main(void) ; +#endif + +extern void time_main(int) ; +extern void benchmark_test(void) ; +extern void SER_Init(void) ; + +/*----------------------------------------------------------------------------- + * mian entry + *----------------------------------------------------------------------------*/ + +/*** This is the parent task entry ***/ +void main_task (void) +{ + #ifdef CYASSL_KEIL_TCP_NET + init_TcpNet (); + + os_tsk_create (tcp_tick, 2); + os_tsk_create (tcp_poll, 1); + #endif + + #ifdef CYASSL_MDK_SHELL + #ifdef HAVE_KEIL_RTX + os_tsk_create_user(shell_main, 1, Shell_stack, SHELL_STACKSIZE) ; + #else + shell_main() ; + #endif + #else + + /************************************/ + /*** USER APPLICATION HERE ***/ + /************************************/ + printf("USER LOGIC STARTED\n") ; + + #endif + + #ifdef HAVE_KEIL_RTX + CYASSL_MSG("Terminating tcp_main\n") ; + os_tsk_delete_self (); + #endif + +} + + + int myoptind = 0; + char* myoptarg = NULL; + +#if defined(DEBUG_CYASSL) + extern void CyaSSL_Debugging_ON(void) ; +#endif + + +/*** main entry ***/ +extern void init_time(void) ; +extern void SystemInit(void); + +int main() { + + SystemInit(); + SER_Init() ; + #if !defined(NO_FILESYSTEM) + init_card () ; /* initializing SD card */ + #endif + + init_time() ; + + #if defined(DEBUG_CYASSL) + printf("Turning ON Debug message\n") ; + CyaSSL_Debugging_ON() ; + #endif + + #ifdef HAVE_KEIL_RTX + os_sys_init (main_task) ; + #else + main_task() ; + #endif + + return 0 ; /* There should be no return here */ + +} diff --git a/3P/wolfssl/IDE/MDK-ARM/MDK-ARM/CyaSSL/shell.c b/3P/wolfssl/IDE/MDK-ARM/MDK-ARM/CyaSSL/shell.c new file mode 100644 index 00000000..58b645e0 --- /dev/null +++ b/3P/wolfssl/IDE/MDK-ARM/MDK-ARM/CyaSSL/shell.c @@ -0,0 +1,595 @@ +/*shell.c + * + * Copyright (C) 2006-2015 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + + /*** tiny Shell for CyaSSL apps ***/ + + #ifdef HAVE_CONFIG_H + #include +#endif + +#include "cyassl/internal.h" +#undef RNG +#include + +#if defined(CYASSL_MDK_ARM) + #include + #include + #include + #include + #include "cyassl_MDK_ARM.h" +#endif + +#ifdef CYASSL_KEIL_NET +#include "cyassl/test.h" +#else +typedef struct func_args { + int argc; + char** argv; + int return_code; +} func_args; +#endif + +#ifdef NO_ECHOCLIENT +#define echoclient_test command_not_found +#endif +#ifdef NO_ECHOSERVER +#define echoserver_test command_not_found +#endif +#ifdef NO_SIMPLE_CLIENT +#define client_test command_not_found +#endif +#ifdef NO_SIMPLE_SERVER +#define server_test command_not_found +#endif +#ifdef NO_CRYPT_BENCHMARK +#define benchmark_test command_not_found +#endif +#ifdef NO_CRYPT_TEST +#define ctaocrypt_test command_not_found +#endif + +#ifndef CYASSL_KEIL_NET +#define ipaddr_comm command_not_found +#endif + +#if !defined(HAVE_KEIL_RTX) +#define stack_comm command_not_found +#endif + + +#if !defined(DEBUG_CYASSL) +#define dbg_comm command_not_found +#endif + + +void command_not_found(void *argv) { + printf("Command not found\n") ; +} + +extern void echoclient_test(void *args) ; +extern void echoserver_test(void *args) ; +extern void benchmark_test(void *args) ; +extern void ctaocrypt_test(void *args) ; +extern void client_test(void *args) ; +extern void server_test(void *args) ; +extern void kill_task(void *args) ; +extern void time_main(void *args) ; +extern void ipaddr_comm(void *args) ; +extern void stack_comm(void *args) ; +extern void for_command(void *args) ; +extern void dbg_comm(void *arg) ; +extern void help_comm(void *arg) ; + +#if !defined(NO_CRYPT_TEST) + +#ifndef NO_MD5 +extern void md5_test(void *arg) ; +#endif +#ifdef CYASSL_MD2 +extern void md2_test(void *arg) ; +#endif +#ifndef NO_MD4 +extern void md4_test(void *arg) ; +#endif + +extern void sha_test(void *arg) ; + +#ifndef NO_SHA256 +extern void sha256_test(void *arg) ; +#endif +#ifdef CYASSL_SHA384 +extern void sha384_test(void *arg) ; +#endif + +#ifdef CYASSL_SHA512 +extern void sha512_test(void *arg) ; +#endif + +#ifdef CYASSL_RIPEMD +extern void ripemd_test(void *arg) ; +#endif +#ifndef NO_HMAC + #ifndef NO_MD5 +extern void hmac_md5_test(void *arg) ; + #endif +extern void hmac_sha_test(void *arg) ; + + #ifndef NO_SHA256 +extern void hmac_sha256_test(void *arg) ; + #endif + + #ifdef CYASSL_SHA384 +extern void hmac_sha384_test(void *arg) ; + #endif +#endif +#ifndef NO_RC4 +extern void arc4_test(void *arg) ; +#endif + +#ifndef NO_HC128 +extern void hc128_test(void *arg) ; +#endif + +#ifndef NO_RABBIT +extern void rabbit_test(void *arg) ; +#endif + +#ifndef NO_DES3 +extern void des_test(void *arg) ; +extern void des3_test(void *arg) ; +#endif + +#ifndef NO_AES +extern void aes_test(void *arg) ; +#ifdef HAVE_AESGCM +extern void aesgcm_test(void *arg) ; +#endif + +#ifdef HAVE_AESCCM +extern void aesccm_test(void *arg) ; +#endif +#endif + +#ifdef HAVE_CAMELLIA +extern void camellia_test(void *arg) ; +#endif +extern void random_test(void *arg) ; + +#ifndef NO_RSA +extern void rsa_test(void *arg) ; +#endif + +#ifndef NO_DH +extern void dh_test(void *arg) ; +#endif + +#ifndef NO_DSA +extern void dsa_test(void *arg) ; +#endif + +#ifndef NO_PWDBASED +extern void pwdbased_test(void *arg) ; +#endif + +#ifdef HAVE_ECC +extern void openssl_test(void *arg) ; +#endif + +#ifdef HAVE_ECC +extern void ecc_test(void *arg) ; +#endif + +#endif /* NO_CRYPT_TEST */ + +static struct { + const char *command ; + void (*func)(void *args) ; +} commandTable[] = { + "echoclient", echoclient_test, + "echoserver", echoserver_test, + "benchmark", benchmark_test, + "test", ctaocrypt_test, + "client", client_test, + "server", server_test, + "time", time_main, /* get/set RTC: [-d yy/mm/dd] [-t hh:mm:ss]*/ + "ipaddr", ipaddr_comm, /* TBD */ + "stack", stack_comm, /* On/Off check stack size */ + "for", for_command, /* iterate next command X times */ + "debug", dbg_comm, /* On/Off debug message */ + "help", help_comm, /* Breif description about the commands */ + + /** short name **/ + "ec", echoclient_test, + "es", echoserver_test, + "bm", benchmark_test, + "te", ctaocrypt_test, + "cl", client_test, + "sv", server_test, + "ip", ipaddr_comm, + "st", stack_comm, + "dbg", dbg_comm, + "?", help_comm, + +/*** test suites ****/ +#if !defined(NO_CRYPT_TEST) +#ifndef NO_MD5 + "md5", md5_test, +#endif +#ifdef CYASSL_MD2 + "md2", md2_test, +#endif +#ifndef NO_MD4 + "md4", md4_test, +#endif + "sha", sha_test, +#ifndef NO_SHA256 + "sha256", sha256_test, +#endif +#ifdef CYASSL_SHA384 + "sha384", sha384_test, +#endif +#ifdef CYASSL_SHA512 + "sha512", sha512_test, +#endif +#ifdef CYASSL_RIPEMD + "ripemd", ripemd_test, +#endif +#ifndef NO_HMAC + #ifndef NO_MD5 + "hmac_md5", hmac_md5_test, + #endif + "hmac_sha", hmac_sha_test, + #ifndef NO_SHA256 + "hmac_sha256", hmac_sha256_test, + #endif + #ifdef CYASSL_SHA384 + "hmac_sha384", hmac_sha384_test, + #endif +#endif +#ifndef NO_RC4 + "arc4", arc4_test, +#endif +#ifndef NO_HC128 + "hc128", hc128_test, +#endif +#ifndef NO_RABBIT + "rabbit", rabbit_test, +#endif +#ifndef NO_DES3 + "des", des_test, + "des3", des3_test, +#endif +#ifndef NO_AES + "aes", aes_test, + #ifdef HAVE_AESGCM + "aesgcm", aesgcm_test, + #endif + #ifdef HAVE_AESCCM + "aesccm", aesccm_test, + #endif +#endif + +#ifdef HAVE_CAMELLIA + "camellia", camellia_test, +#endif + "random", random_test, +#ifndef NO_RSA + "rsa", rsa_test, +#endif +#ifndef NO_DH + "dh", dh_test, +#endif +#ifndef NO_DSA + "dsa", dsa_test, +#endif +#ifndef NO_PWDBASED + "pwdbased", pwdbased_test, +#endif +#ifdef OPENSSL_EXTRA + "openssl", openssl_test, +#endif +#ifdef HAVE_ECC + "ecc", ecc_test, +#endif + +#endif /* NO_CRYPT_TEST */ + + "", NULL +} ; + +enum jobtype { FORGROUND, BACKGROUND } ; + +#define IF_DELIMITER(ch) ((ch) == ' ' || (ch) == '\n') + +/******* Get Command Line *****************************/ +static int getline(char * line, int sz, func_args *args, int*bf_flg) +{ + char * ret ; + int i ; + + #define MAXARGS 10 + #define MAXARGLEN 30 + static char *argv[MAXARGS] ; + args->argv = argv ; + + putchar('>') ; + fflush(stdout) ; + ret = fgets(line, sz, stdin) ; + #define SHELL_ERROR_FGETS -102 + if(ret != line) return(SHELL_ERROR_FGETS) ; + + if(line[strlen(line)-2] == '&') { + (*bf_flg) = BACKGROUND ; + line[strlen(line)-2] = '\n' ; + } else { + (*bf_flg) = FORGROUND ; + } + args->argc = 0 ; + for(i=0; iargv[args->argc] = &(line[i]) ; + while(!IF_DELIMITER(line[i])) i++ ; + args->argc++ ; + if(line[i] == '\n') { + line[i] = '\0' ; + break ; + } else { + line[i] = '\0' ; + } + } + return i ; +} + +static int BackGround = 0 ; /* 1: background job is running */ + +/************* Embedded Shell Commands **********************************/ +#define IP_SIZE 16 + +#ifdef CYASSL_KEIL_NET +static void ipaddr_comm(void *args) +{ + if(((func_args *)args)->argc == 1) { + printf("IP addr: %s, port %d\n", yasslIP, yasslPort) ; + } else { + if(BackGround != 0) { + printf("Cannot change IP addr while background server is running\n") ; + } else if(((func_args *)args)->argc == 3 && + ((func_args *)args)->argv[1][0] == '-'&& + ((func_args *)args)->argv[1][1] == 'a' ) { +/* strcpy(yasslIP, ((func_args *)args)->argv[2]) ; */ + } else if(((func_args *)args)->argc == 3 && + ((func_args *)args)->argv[1][0] == '-' && + ((func_args *)args)->argv[1][1] == 'p' ) { +/* yasslPort = atoi(((func_args *)args)->argv[2]) ; */ + } else printf("Invalid argument\n") ; + } +} + +#endif + + + +#if defined(HAVE_KEIL_RTX) +static int stack_ck = 0 ; + +static void stack_comm(void *args) +{ + if(stack_ck) { + printf("Stack Check: Off\n") ; + stack_ck = 0 ; + } else { + printf("Stack Check: On\n") ; + stack_ck = 1 ; + } +} + +#define FILL_PATTERN 0xa596695a +void stack_fill(char * stack, int size) +{ + int i ; + + if(stack_ck == 0)return ; + for(i=1; iargc == 1) { + printf("For %d times\n", for_iteration) ; + } else if( args == NULL || ((func_args *)args)->argc == 2) { + for_iteration = atoi(((func_args *)args)->argv[1]) ; + } else printf("Invalid argument\n") ; +} + + +#if defined(DEBUG_CYASSL) + +static int CyasslDebug = 1 ; + +static void dbg_comm(void *args) +{ + if(CyasslDebug == 1) { + CyasslDebug = 0 ; + printf("Turning OFF Debug message\n") ; + CyaSSL_Debugging_OFF() ; + } else { + CyasslDebug = 1 ; + printf("Turning ON Debug message\n") ; + CyaSSL_Debugging_ON() ; + } +} +#endif + +static void help_comm(void *args) +{ + +} + + + +#define BG_JOB_STACK_SIZE 12000 +#if (!defined(NO_SIMPLE_SERVER) && !defined(NO_ECHOSERVER)) && \ + defined(HAVE_KEIL_RTX) +static char bg_job_stack[BG_JOB_STACK_SIZE] ; +#endif + +#define COMMAND_STACK_SIZE 12000 +#if defined(HAVE_KEIL_RTX) +static char command_stack[COMMAND_STACK_SIZE] ; +#endif + + +#ifdef HAVE_KEIL_RTX +static CyaSSL_Mutex command_mutex ; +#endif + +/*********** Invoke Forground Command *********************/ +static void command_invoke(void *args) +{ + void (*func)(void * ) ; + int i,iteration ; + + func = (void(*)(void *))((func_args *)args)->argv[0] ; + #ifdef HAVE_KEIL_RTX + LockMutex((CyaSSL_Mutex *)&command_mutex) ; + #endif + iteration = for_iteration ; + for(i=0; i< iteration; i++) { + if(iteration > 1) printf("--- Start for %d ---->\n", i) ; + #if defined(HAVE_KEIL_RTX) + stack_fill(command_stack, COMMAND_STACK_SIZE) ; + #endif + + func(args) ; /* invoke command */ + + #if defined(HAVE_KEIL_RTX) + stack_check(command_stack, COMMAND_STACK_SIZE) ; + #endif + } + if(iteration > 1) + for_iteration = 1 ; + #ifdef HAVE_KEIL_RTX + UnLockMutex((CyaSSL_Mutex *)&command_mutex) ; + os_tsk_delete_self() ; + #endif +} + +#if (!defined(NO_SIMPLE_SERVER) && !defined(NO_ECHOSERVER)) && \ + defined(HAVE_KEIL_RTX) +/******* Invoke Background Job *******************************/ +static void bg_job_invoke(void *args) +{ + void (*func)(void * ) ; + BackGround = 1 ; + stack_fill(bg_job_stack, BG_JOB_STACK_SIZE) ; + func = (void(*)(void *))((func_args *)args)->argv[0] ; + func(args) ; /* invoke command */ + stack_check(bg_job_stack, BG_JOB_STACK_SIZE) ; + #ifdef CYASSL_KEIL_NET + init_TcpNet (); + #endif + BackGround = 0 ; + os_tsk_delete_self() ; ; +} +#endif + +#define LINESIZE 100 +static char line[LINESIZE] ; + + +/********* SHEULL MAIN LOOP ***********************************/ +void shell_main(void) { + int i ; + func_args args ; + int bf_flg ; + + i = BackGround ; + /* Dummy for avoiding warning: BackGround is defined but not used. */ + + + #if defined(HAVE_KEIL_RTX) + InitMutex(&command_mutex) ; +#endif + time_main(NULL) ; + printf("Starting Shell\n") ; + while(1) { + if(getline(line, LINESIZE, &args, &bf_flg) > 0) { + for(i=0; commandTable[i].func != NULL; i++) { + if(strcmp(commandTable[i].command, args.argv[0]) == 0) { + args.argv[0] = (char *) commandTable[i].func ; + if(bf_flg == FORGROUND) { + #ifdef HAVE_KEIL_RTX + UnLockMutex((CyaSSL_Mutex *)&command_mutex) ; + os_tsk_create_user_ex( (void(*)(void *))&command_invoke, 7, + command_stack, COMMAND_STACK_SIZE, &args) ; + #else + command_invoke(&args) ; + #endif + #ifdef HAVE_KEIL_RTX + LockMutex((CyaSSL_Mutex *)&command_mutex) ; + #endif + } else { + #if (!defined(NO_SIMPLE_SERVER) && \ + !defined(NO_ECHOSERVER)) && \ + defined(HAVE_KEIL_RTX) + if(BackGround != 0) { + printf("Multiple background servers not supported.\n") ; + } else { + printf("\"%s\" is running with the background mode.\n", + commandTable[i].command) ; + os_tsk_create_user_ex( (void(*)(void *))&bg_job_invoke, + 6, bg_job_stack, BG_JOB_STACK_SIZE, &args) ; + } + #else + printf("Invalid Command: no background job\n") ; + #endif + } + break ; + } + } + if(commandTable[i].func == NULL) + printf("Command not found\n") ; + } + } +} + diff --git a/3P/wolfssl/IDE/MDK-ARM/MDK-ARM/CyaSSL/ssl-dummy.c b/3P/wolfssl/IDE/MDK-ARM/MDK-ARM/CyaSSL/ssl-dummy.c new file mode 100644 index 00000000..aee36696 --- /dev/null +++ b/3P/wolfssl/IDE/MDK-ARM/MDK-ARM/CyaSSL/ssl-dummy.c @@ -0,0 +1,53 @@ +/* ssl-dummy.c + * + * Copyright (C) 2006-2015 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +#ifdef HAVE_CONFIG_H + #include +#endif + +#include +#include +#include +#include + +Signer* GetCA(void* vp, byte* hash) +{ + Signer*s ; + return s ; +} + +int CyaSSL_dtls(CYASSL* ssl) +{ + return ssl->options.dtls; +} + +int CyaSSL_get_using_nonblock(CYASSL* ssl) +{ + CYASSL_ENTER("CyaSSL_get_using_nonblock"); + CYASSL_LEAVE("CyaSSL_get_using_nonblock", ssl->options.usingNonblock); + return ssl->options.usingNonblock; +} + +Signer* GetCAByName(void* vp, byte* hash) +{ + Signer * ca ; + return(ca) ; +} diff --git a/3P/wolfssl/IDE/MDK-ARM/Projects/MDK-ARM-LPC43xx.uvopt b/3P/wolfssl/IDE/MDK-ARM/Projects/MDK-ARM-LPC43xx.uvopt new file mode 100644 index 00000000..1e83de18 --- /dev/null +++ b/3P/wolfssl/IDE/MDK-ARM/Projects/MDK-ARM-LPC43xx.uvopt @@ -0,0 +1,1757 @@ + + + + 1.0 + +
### uVision Project, (C) Keil Software
+ + + *.c + *.s*; *.src; *.a* + *.obj + *.lib + *.txt; *.h; *.inc + *.plm + *.cpp + + + + 0 + 0 + + + + MDK-RTX-TCP-FS + 0x4 + ARM-ADS + + 12000000 + + 1 + 0 + 1 + 0 + + + 1 + 65535 + 0 + 0 + 0 + + + 79 + 66 + 8 + .\Lst\ + + + 1 + 1 + 1 + 0 + 1 + 1 + 0 + 1 + 0 + 0 + 0 + 0 + + + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 0 + + + 1 + 0 + 1 + + 8 + + SARMCM3.DLL + -MPU + DCM.DLL + -pCM4 + SARMCM3.DLL + -MPU + TCM.DLL + -pCM4 + + + 0 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 1 + 1 + 1 + 0 + 1 + 0 + 0 + 0 + 9 + + + + + + + + + + ..\MDK-ARM\config\Dbg_Flash.ini + BIN\ULP2CM3.DLL + + + + 0 + DLGTARM + (1010=-1,-1,-1,-1,0)(1007=-1,-1,-1,-1,0)(1008=-1,-1,-1,-1,0)(1009=-1,-1,-1,-1,0)(1012=-1,-1,-1,-1,0) + + + 0 + ARMDBGFLAGS + + + + 0 + DLGUARM + + + + 0 + ULP2CM3 + -UP1135060 -O974 -S8 -C0 -P00 -N00("ARM CoreSight SW-DP") -D00(2BA01477) -L00(0) -TO23 -TC10000000 -TP18 -TDX0 -TDD0 -TDS7 -TDT0 -TDC1F -TIEFFFFFFFF -TIP8 -FO7 -FD10000000 -FC800 -FN2 -FF0LPC18xx43xx_512_BA -FS01A000000 -FL080000 -FF1LPC18xx43xx_512_BB -FS11B000000 -FL180000 + + + + + + 1 + 0 + 0x10005960 + + + + + 0 + Reset Peripherals + Per_Reset() + + + + 0 + + + 0 + 0 + 1 + 0 + 0 + 0 + 0 + 1 + 0 + 0 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 1 + 0 + 0 + 0 + 0 + + + + + + + + MDK-FS + 0x4 + ARM-ADS + + 12000000 + + 1 + 1 + 1 + 0 + + + 1 + 65535 + 0 + 0 + 0 + + + 79 + 66 + 8 + .\Lst\ + + + 1 + 1 + 1 + 0 + 1 + 1 + 0 + 1 + 0 + 0 + 0 + 0 + + + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 0 + + + 1 + 0 + 0 + + 8 + + SARMCM3.DLL + -MPU + DCM.DLL + -pCM4 + SARMCM3.DLL + -MPU + TCM.DLL + -pCM4 + + + 0 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 1 + 0 + 0 + 0 + 9 + + + + + + + + + + ..\MDK-ARM\config\Dbg_Flash.ini + BIN\ULP2CM3.DLL + + + + 0 + DLGTARM + (1010=-1,-1,-1,-1,0)(1007=-1,-1,-1,-1,0)(1008=-1,-1,-1,-1,0)(1009=-1,-1,-1,-1,0)(1012=-1,-1,-1,-1,0) + + + 0 + ARMDBGFLAGS + + + + 0 + DLGUARM + + + + 0 + ULP2CM3 + -UP1135060 -O974 -S8 -C0 -P00 -N00("ARM CoreSight SW-DP") -D00(2BA01477) -L00(0) -TO23 -TC10000000 -TP18 -TDX0 -TDD0 -TDS7 -TDT0 -TDC1F -TIEFFFFFFFF -TIP8 -FO7 -FD10000000 -FC800 -FN2 -FF0LPC18xx43xx_512_BA -FS01A000000 -FL080000 -FF1LPC18xx43xx_512_BB -FS11B000000 -FL180000 + + + + + + 1 + 0 + 0x10005960 + + + + + 0 + Reset Peripherals + Per_Reset() + + + + 0 + + + 0 + 0 + 1 + 0 + 0 + 0 + 0 + 1 + 0 + 0 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 1 + 0 + 0 + 0 + 0 + + + + + + + + MDK-BARE-METAL + 0x4 + ARM-ADS + + 12000000 + + 1 + 1 + 1 + 0 + + + 1 + 65535 + 0 + 0 + 0 + + + 79 + 66 + 8 + .\Lst\ + + + 1 + 1 + 1 + 0 + 1 + 1 + 0 + 1 + 0 + 0 + 0 + 0 + + + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 0 + + + 1 + 0 + 0 + + 8 + + SARMCM3.DLL + -MPU + DCM.DLL + -pCM4 + SARMCM3.DLL + -MPU + TCM.DLL + -pCM4 + + + 0 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 1 + 0 + 0 + 0 + 9 + + + + + + + + + + ..\MDK-ARM\config\Dbg_Flash.ini + BIN\ULP2CM3.DLL + + + + 0 + DLGTARM + (1010=-1,-1,-1,-1,0)(1007=-1,-1,-1,-1,0)(1008=-1,-1,-1,-1,0)(1009=-1,-1,-1,-1,0)(1012=-1,-1,-1,-1,0) + + + 0 + ARMDBGFLAGS + + + + 0 + DLGUARM + + + + 0 + ULP2CM3 + -UP1135060 -O975 -S8 -C0 -P00 -N00("ARM CoreSight SW-DP") -D00(2BA01477) -L00(0) -TO23 -TC120000000 -TP18 -TDX0 -TDD0 -TDS7 -TDT0 -TDC1F -TIEFFFFFFFF -TIP9 -FO7 -FD10000000 -FC800 -FN2 -FF0LPC18xx43xx_512_BA -FS01A000000 -FL080000 -FF1LPC18xx43xx_512_BB -FS11B000000 -FL180000 + + + + + + 1 + 0 + 0x10005960 + + + + + 0 + Reset Peripherals + Per_Reset() + + + + 0 + + + 0 + 0 + 1 + 0 + 0 + 0 + 0 + 1 + 0 + 0 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 1 + 0 + 0 + 0 + 0 + + + + + + + + CyaSSL Apps + 1 + 0 + 0 + 0 + + 1 + 1 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\examples\echoclient\echoclient.c + echoclient.c + 0 + 0 + + + 1 + 2 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\examples\echoserver\echoserver.c + echoserver.c + 0 + 0 + + + 1 + 3 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\test\test.c + test.c + 0 + 0 + + + 1 + 4 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\benchmark\benchmark.c + benchmark.c + 0 + 0 + + + 1 + 5 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\examples\client\client.c + client.c + 0 + 0 + + + 1 + 6 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\examples\server\server.c + server.c + 0 + 0 + + + 1 + 7 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\MDK-ARM\CyaSSL\shell.c + shell.c + 0 + 0 + + + 1 + 8 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\MDK-ARM\CyaSSL\main.c + main.c + 0 + 0 + + + 1 + 9 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\MDK-ARM\CyaSSL\cert_data.c + cert_data.c + 0 + 0 + + + + + LPC43xx + 1 + 0 + 0 + 0 + + 2 + 10 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\LPC43xx\Drivers\source\lpc43xx_rtc.c + lpc43xx_rtc.c + 0 + 0 + + + 2 + 11 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\LPC43xx\Drivers\source\lpc43xx_timer.c + lpc43xx_timer.c + 0 + 0 + + + 2 + 12 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\LPC43xx\Drivers\source\lpc43xx_cgu.c + lpc43xx_cgu.c + 0 + 0 + + + 2 + 13 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\LPC43xx\Drivers\source\lpc43xx_scu.c + lpc43xx_scu.c + 0 + 0 + + + + + MDK-ARM + 1 + 0 + 0 + 0 + + 3 + 14 + 4 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + c:\Keil\ARM\RV31\LIB\FS_CM3.lib + FS_CM3.lib + 0 + 0 + + + 3 + 15 + 4 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + c:\Keil\ARM\RV31\LIB\\RTX_CM3.lib + RTX_CM3.lib + 0 + 0 + + + 3 + 16 + 4 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + c:\Keil\ARM\RV31\LIB\TCPD_CM3.lib + TCPD_CM3.lib + 0 + 0 + + + 3 + 17 + 4 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + c:\Keil\ARM\RV31\LIB\TCP_CM3.lib + TCP_CM3.lib + 0 + 0 + + + 3 + 18 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil\ARM\Boards\Keil\MCB4300\RL\FlashFS\SD_File\Serial.c + Serial.c + 0 + 0 + + + 3 + 19 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil\ARM\RL\TCPnet\Drivers\ETH_LPC43xx.c + ETH_LPC43xx.c + 0 + 0 + + + 3 + 20 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil\ARM\Boards\Keil\MCB4300\RL\FlashFS\SD_File\SDIO_LPC43xx.c + SDIO_LPC43xx.c + 0 + 0 + + + 3 + 21 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil\ARM\Boards\Keil\MCB4300\RL\FlashFS\SD_File\system_LPC43xx.c + system_LPC43xx.c + 0 + 0 + + + + + CyaSSL Library + 0 + 0 + 0 + 0 + + 4 + 22 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\src\crl.c + crl.c + 0 + 0 + + + 4 + 23 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\src\internal.c + internal.c + 0 + 0 + + + 4 + 24 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\src\io.c + io.c + 0 + 0 + + + 4 + 25 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\src\keys.c + keys.c + 0 + 0 + + + 4 + 26 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\src\ocsp.c + ocsp.c + 0 + 0 + + + 4 + 27 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\src\sniffer.c + sniffer.c + 0 + 0 + + + 4 + 28 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\src\ssl.c + ssl.c + 0 + 0 + + + 4 + 29 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\src\tls.c + tls.c + 0 + 0 + + + 4 + 30 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\MDK-ARM\CyaSSL\ssl-dummy.c + ssl-dummy.c + 0 + 0 + + + + + Crypt/Cipher Library + 1 + 0 + 0 + 0 + + 5 + 31 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\aes.c + aes.c + 0 + 0 + + + 5 + 32 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\arc4.c + arc4.c + 0 + 0 + + + 5 + 33 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\asm.c + asm.c + 0 + 0 + + + 5 + 34 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\asn.c + asn.c + 0 + 0 + + + 5 + 35 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\camellia.c + camellia.c + 0 + 0 + + + 5 + 36 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\coding.c + coding.c + 0 + 0 + + + 5 + 37 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\des3.c + des3.c + 0 + 0 + + + 5 + 38 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\dh.c + dh.c + 0 + 0 + + + 5 + 39 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\dsa.c + dsa.c + 0 + 0 + + + 5 + 40 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\ecc.c + ecc.c + 0 + 0 + + + 5 + 41 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\ecc_fp.c + ecc_fp.c + 0 + 0 + + + 5 + 42 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\error.c + error.c + 0 + 0 + + + 5 + 43 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\hc128.c + hc128.c + 0 + 0 + + + 5 + 44 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\hmac.c + hmac.c + 0 + 0 + + + 5 + 45 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\integer.c + integer.c + 0 + 0 + + + 5 + 46 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\logging.c + logging.c + 0 + 0 + + + 5 + 47 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\md2.c + md2.c + 0 + 0 + + + 5 + 48 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\md4.c + md4.c + 0 + 0 + + + 5 + 49 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\md5.c + md5.c + 0 + 0 + + + 5 + 50 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\memory.c + memory.c + 0 + 0 + + + 5 + 51 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\misc.c + misc.c + 0 + 0 + + + 5 + 52 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\pwdbased.c + pwdbased.c + 0 + 0 + + + 5 + 53 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\rabbit.c + rabbit.c + 0 + 0 + + + 5 + 54 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\random.c + random.c + 0 + 0 + + + 5 + 55 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\ripemd.c + ripemd.c + 0 + 0 + + + 5 + 56 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\rsa.c + rsa.c + 0 + 0 + + + 5 + 57 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\sha.c + sha.c + 0 + 0 + + + 5 + 58 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\sha256.c + sha256.c + 0 + 0 + + + 5 + 59 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\sha512.c + sha512.c + 0 + 0 + + + 5 + 60 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\tfm.c + tfm.c + 0 + 0 + + + 5 + 61 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\wc_port.c + wc_port.c + 0 + 0 + + + + + Configuration + 1 + 0 + 0 + 0 + + 6 + 62 + 1 + 0 + 0 + 1 + 0 + 0 + 0 + 0 + ..\MDK-ARM\config\File_Config.c + File_Config.c + 0 + 0 + + + 6 + 63 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\MDK-ARM\config\Net_Config.c + Net_Config.c + 0 + 0 + + + 6 + 64 + 5 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\MDK-ARM\CyaSSL\config.h + config.h + 0 + 0 + + + 6 + 65 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\MDK-ARM\config\RTX_Conf_CM.c + RTX_Conf_CM.c + 0 + 0 + + + 6 + 66 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\MDK-ARM\config\Net_Debug.c + Net_Debug.c + 0 + 0 + + + 6 + 67 + 5 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\MDK-ARM\CyaSSL\config-FS.h + config-FS.h + 0 + 0 + + + 6 + 68 + 5 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\MDK-ARM\CyaSSL\config-RTX-TCP-FS.h + config-RTX-TCP-FS.h + 0 + 0 + + + 6 + 69 + 5 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\MDK-ARM\CyaSSL\config-BARE-METAL.h + config-BARE-METAL.h + 0 + 0 + + + 6 + 70 + 2 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\LPC43xx\startup_LPC43xx.s + startup_LPC43xx.s + 0 + 0 + + + + + CyaSSL-MDK + 1 + 0 + 0 + 0 + + 7 + 71 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\MDK-ARM\CyaSSL\cyassl_MDK_ARM.c + cyassl_MDK_ARM.c + 0 + 0 + + + 7 + 72 + 1 + 0 + 0 + 8 + 0 + 0 + 0 + 0 + ..\MDK-ARM\CyaSSL\Retarget.c + Retarget.c + 0 + 0 + + + 7 + 73 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\LPC43xx\time-LCP43xx.c + time-LCP43xx.c + 0 + 0 + + + + diff --git a/3P/wolfssl/IDE/MDK-ARM/Projects/MDK-ARM-LPC43xx.uvproj b/3P/wolfssl/IDE/MDK-ARM/Projects/MDK-ARM-LPC43xx.uvproj new file mode 100644 index 00000000..6504d782 --- /dev/null +++ b/3P/wolfssl/IDE/MDK-ARM/Projects/MDK-ARM-LPC43xx.uvproj @@ -0,0 +1,3510 @@ + + + + 1.1 + +
### uVision Project, (C) Keil Software
+ + + + MDK-RTX-TCP-FS + 0x4 + ARM-ADS + + + LPC4357 + NXP (founded by Philips) + IRAM(0x10000000-0x10007FFF) IRAM2(0x20000000-0x2000FFFF) IROM(0x1A000000-0x1A07FFFF) IROM2(0x1B000000-0x1B07FFFF) CLOCK(12000000) CPUTYPE("Cortex-M4") FPU2 + + "STARTUP\NXP\LPC43xx\startup_LPC43xx.s" ("NXP LPC43xx Startup Code") + UL2CM3(-O975 -S0 -C0 -FO7 -FD10000000 -FC800 -FN2 -FF0LPC18xx43xx_512_BA -FS01A000000 -FL080000 -FF1LPC18xx43xx_512_BB -FS11B000000 -FL180000) + 6414 + LPC43xx.H + + + + + + + + + + SFD\NXP\LPC43xx\LPC43xx.SFR + 0 + + + + NXP\LPC43xx\ + NXP\LPC43xx\ + + 0 + 0 + 0 + 0 + 1 + + .\MDK-RTX-TCP-FS\ + LCP43xx-MDK-RTX-TCP-FS + 1 + 0 + 0 + 1 + 1 + .\Lst\ + 1 + 0 + 0 + + 0 + 0 + + + 0 + 0 + 0 + 0 + + + 0 + 0 + + + 0 + 0 + + + 1 + 0 + $K\ARM\BIN\ElfDwT.exe !L BASEADDRESS(0x1A000000) + + 0 + 0 + + 0 + + + + 0 + 0 + 0 + 0 + 0 + 1 + 0 + 0 + 0 + 0 + 3 + + + + + SARMCM3.DLL + -MPU + DCM.DLL + -pCM4 + SARMCM3.DLL + -MPU + TCM.DLL + -pCM4 + + + + 1 + 0 + 0 + 0 + 16 + + + 0 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + + + 1 + 1 + 0 + 1 + 1 + 1 + 0 + 1 + 0 + + 0 + 9 + + + + + + + + + + + + + ..\MDK-ARM\config\Dbg_Flash.ini + BIN\ULP2CM3.DLL + + + + + 1 + 0 + 0 + 1 + 1 + 4100 + + 0 + BIN\ULP2CM3.DLL + "" () + + + + + 0 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 1 + 1 + 0 + 1 + 1 + 0 + 0 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 0 + "Cortex-M4" + + 1 + 0 + 0 + 1 + 1 + 0 + 0 + 1 + 1 + 1 + 8 + 0 + 0 + 0 + 3 + 3 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 1 + 1 + 1 + 0 + 0 + 1 + 1 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x10000000 + 0x8000 + + + 1 + 0x1a000000 + 0x80000 + + + 0 + 0x0 + 0x0 + + + 1 + 0x0 + 0x0 + + + 1 + 0x0 + 0x0 + + + 1 + 0x0 + 0x0 + + + 1 + 0x1a000000 + 0x80000 + + + 1 + 0x1b000000 + 0x80000 + + + 0 + 0x10080000 + 0xa000 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x10000000 + 0x8000 + + + 0 + 0x20000000 + 0x10000 + + + + + + 1 + 4 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + + + HAVE_CONFIG_H CYASSL_LPC43xx __DBG_ITM CORE_M4 __RTX USE_STDPERIPH_DRIVER MDK_CONF_RTX_TCP_FS + + ..\MDK-ARM\CyaSSL;../../..;..\LPC43xx\Drivers\include;..\LPC43xx\LPC43xx\Include + + + + 1 + 0 + 0 + 1 + 0 + 0 + 0 + 0 + + + + + + + + + 1 + 0 + 0 + 0 + 1 + 0 + + + + + + + + + + + + + + CyaSSL Apps + + + echoclient.c + 1 + ..\..\..\examples\echoclient\echoclient.c + + + echoserver.c + 1 + ..\..\..\examples\echoserver\echoserver.c + + + test.c + 1 + ..\..\..\ctaocrypt\test\test.c + + + benchmark.c + 1 + ..\..\..\ctaocrypt\benchmark\benchmark.c + + + client.c + 1 + ..\..\..\examples\client\client.c + + + server.c + 1 + ..\..\..\examples\server\server.c + + + shell.c + 1 + ..\MDK-ARM\CyaSSL\shell.c + + + main.c + 1 + ..\MDK-ARM\CyaSSL\main.c + + + cert_data.c + 1 + ..\MDK-ARM\CyaSSL\cert_data.c + + + + + LPC43xx + + + lpc43xx_rtc.c + 1 + ..\LPC43xx\Drivers\source\lpc43xx_rtc.c + + + lpc43xx_timer.c + 1 + ..\LPC43xx\Drivers\source\lpc43xx_timer.c + + + lpc43xx_cgu.c + 1 + ..\LPC43xx\Drivers\source\lpc43xx_cgu.c + + + lpc43xx_scu.c + 1 + ..\LPC43xx\Drivers\source\lpc43xx_scu.c + + + + + MDK-ARM + + + FS_CM3.lib + 4 + c:\Keil\ARM\RV31\LIB\FS_CM3.lib + + + RTX_CM3.lib + 4 + c:\Keil\ARM\RV31\LIB\\RTX_CM3.lib + + + TCPD_CM3.lib + 4 + c:\Keil\ARM\RV31\LIB\TCPD_CM3.lib + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + + + TCP_CM3.lib + 4 + c:\Keil\ARM\RV31\LIB\TCP_CM3.lib + + + Serial.c + 1 + C:\Keil\ARM\Boards\Keil\MCB4300\RL\FlashFS\SD_File\Serial.c + + + ETH_LPC43xx.c + 1 + C:\Keil\ARM\RL\TCPnet\Drivers\ETH_LPC43xx.c + + + SDIO_LPC43xx.c + 1 + C:\Keil\ARM\Boards\Keil\MCB4300\RL\FlashFS\SD_File\SDIO_LPC43xx.c + + + system_LPC43xx.c + 1 + C:\Keil\ARM\Boards\Keil\MCB4300\RL\FlashFS\SD_File\system_LPC43xx.c + + + + + CyaSSL Library + + + crl.c + 1 + ..\..\..\src\crl.c + + + internal.c + 1 + ..\..\..\src\internal.c + + + io.c + 1 + ..\..\..\src\io.c + + + keys.c + 1 + ..\..\..\src\keys.c + + + ocsp.c + 1 + ..\..\..\src\ocsp.c + + + sniffer.c + 1 + ..\..\..\src\sniffer.c + + + ssl.c + 1 + ..\..\..\src\ssl.c + + + tls.c + 1 + ..\..\..\src\tls.c + + + ssl-dummy.c + 1 + ..\MDK-ARM\CyaSSL\ssl-dummy.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + + + Crypt/Cipher Library + + + aes.c + 1 + ..\..\..\ctaocrypt\src\aes.c + + + arc4.c + 1 + ..\..\..\ctaocrypt\src\arc4.c + + + asm.c + 1 + ..\..\..\ctaocrypt\src\asm.c + + + asn.c + 1 + ..\..\..\ctaocrypt\src\asn.c + + + camellia.c + 1 + ..\..\..\ctaocrypt\src\camellia.c + + + coding.c + 1 + ..\..\..\ctaocrypt\src\coding.c + + + des3.c + 1 + ..\..\..\ctaocrypt\src\des3.c + + + dh.c + 1 + ..\..\..\ctaocrypt\src\dh.c + + + dsa.c + 1 + ..\..\..\ctaocrypt\src\dsa.c + + + ecc.c + 1 + ..\..\..\ctaocrypt\src\ecc.c + + + ecc_fp.c + 1 + ..\..\..\ctaocrypt\src\ecc_fp.c + + + error.c + 1 + ..\..\..\ctaocrypt\src\error.c + + + hc128.c + 1 + ..\..\..\ctaocrypt\src\hc128.c + + + hmac.c + 1 + ..\..\..\ctaocrypt\src\hmac.c + + + integer.c + 1 + ..\..\..\ctaocrypt\src\integer.c + + + logging.c + 1 + ..\..\..\ctaocrypt\src\logging.c + + + md2.c + 1 + ..\..\..\ctaocrypt\src\md2.c + + + md4.c + 1 + ..\..\..\ctaocrypt\src\md4.c + + + md5.c + 1 + ..\..\..\ctaocrypt\src\md5.c + + + memory.c + 1 + ..\..\..\ctaocrypt\src\memory.c + + + misc.c + 1 + ..\..\..\ctaocrypt\src\misc.c + + + wc_port.c + 1 + ..\..\..\ctaocrypt\src\wc_port.c + + + pwdbased.c + 1 + ..\..\..\ctaocrypt\src\pwdbased.c + + + rabbit.c + 1 + ..\..\..\ctaocrypt\src\rabbit.c + + + random.c + 1 + ..\..\..\ctaocrypt\src\random.c + + + ripemd.c + 1 + ..\..\..\ctaocrypt\src\ripemd.c + + + rsa.c + 1 + ..\..\..\ctaocrypt\src\rsa.c + + + sha.c + 1 + ..\..\..\ctaocrypt\src\sha.c + + + sha256.c + 1 + ..\..\..\ctaocrypt\src\sha256.c + + + sha512.c + 1 + ..\..\..\ctaocrypt\src\sha512.c + + + tfm.c + 1 + ..\..\..\ctaocrypt\src\tfm.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + + + Configuration + + + File_Config.c + 1 + ..\MDK-ARM\config\File_Config.c + + + Net_Config.c + 1 + ..\MDK-ARM\config\Net_Config.c + + + config.h + 5 + ..\MDK-ARM\CyaSSL\config.h + + + RTX_Conf_CM.c + 1 + ..\MDK-ARM\config\RTX_Conf_CM.c + + + Net_Debug.c + 1 + ..\MDK-ARM\config\Net_Debug.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + config-FS.h + 5 + ..\MDK-ARM\CyaSSL\config-FS.h + + + config-RTX-TCP-FS.h + 5 + ..\MDK-ARM\CyaSSL\config-RTX-TCP-FS.h + + + config-BARE-METAL.h + 5 + ..\MDK-ARM\CyaSSL\config-BARE-METAL.h + + + startup_LPC43xx.s + 2 + ..\LPC43xx\startup_LPC43xx.s + + + + + CyaSSL-MDK + + + cyassl_MDK_ARM.c + 1 + ..\MDK-ARM\CyaSSL\cyassl_MDK_ARM.c + + + Retarget.c + 1 + ..\MDK-ARM\CyaSSL\Retarget.c + + + time-LCP43xx.c + 1 + ..\LPC43xx\time-LCP43xx.c + + + + + + + MDK-FS + 0x4 + ARM-ADS + + + LPC4357 + NXP (founded by Philips) + IRAM(0x10000000-0x10007FFF) IRAM2(0x20000000-0x2000FFFF) IROM(0x1A000000-0x1A07FFFF) IROM2(0x1B000000-0x1B07FFFF) CLOCK(12000000) CPUTYPE("Cortex-M4") FPU2 + + "STARTUP\NXP\LPC43xx\startup_LPC43xx.s" ("NXP LPC43xx Startup Code") + UL2CM3(-O975 -S0 -C0 -FO7 -FD10000000 -FC800 -FN2 -FF0LPC18xx43xx_512_BA -FS01A000000 -FL080000 -FF1LPC18xx43xx_512_BB -FS11B000000 -FL180000) + 6414 + LPC43xx.H + + + + + + + + + + SFD\NXP\LPC43xx\LPC43xx.SFR + 0 + + + + NXP\LPC43xx\ + NXP\LPC43xx\ + + 0 + 0 + 0 + 0 + 1 + + .\MDK-FS\ + LCP43xx-MDK-FS + 1 + 0 + 0 + 1 + 1 + .\Lst\ + 1 + 0 + 0 + + 0 + 0 + + + 0 + 0 + 0 + 0 + + + 0 + 0 + + + 0 + 0 + + + 1 + 0 + $K\ARM\BIN\ElfDwT.exe !L BASEADDRESS(0x1A000000) + + 0 + 0 + + 0 + + + + 0 + 0 + 0 + 0 + 0 + 1 + 0 + 0 + 0 + 0 + 3 + + + + + SARMCM3.DLL + -MPU + DCM.DLL + -pCM4 + SARMCM3.DLL + -MPU + TCM.DLL + -pCM4 + + + + 1 + 0 + 0 + 0 + 16 + + + 0 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + + + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 1 + 0 + + 0 + 9 + + + + + + + + + + + + + ..\MDK-ARM\config\Dbg_Flash.ini + BIN\ULP2CM3.DLL + + + + + 1 + 0 + 0 + 1 + 1 + 4100 + + 0 + BIN\ULP2CM3.DLL + "" () + + + + + 0 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 1 + 1 + 0 + 1 + 1 + 0 + 0 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 0 + "Cortex-M4" + + 0 + 0 + 0 + 1 + 1 + 0 + 0 + 1 + 1 + 1 + 8 + 0 + 0 + 0 + 3 + 3 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 1 + 1 + 1 + 0 + 0 + 1 + 1 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x10000000 + 0x8000 + + + 1 + 0x1a000000 + 0x80000 + + + 0 + 0x0 + 0x0 + + + 1 + 0x0 + 0x0 + + + 1 + 0x0 + 0x0 + + + 1 + 0x0 + 0x0 + + + 1 + 0x1a000000 + 0x80000 + + + 1 + 0x1b000000 + 0x80000 + + + 0 + 0x10080000 + 0xa000 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x10000000 + 0x8000 + + + 0 + 0x20000000 + 0x10000 + + + + + + 1 + 4 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + + + HAVE_CONFIG_H CYASSL_LPC43xx __DBG_ITM CORE_M4 __RTX USE_STDPERIPH_DRIVER MDK_CONF_FS + + ..\MDK-ARM\CyaSSL;../../..;..\LPC43xx\Drivers\include;..\LPC43xx\LPC43xx\Include + + + + 1 + 0 + 0 + 1 + 0 + 0 + 0 + 0 + + + + + + + + + 1 + 0 + 0 + 0 + 1 + 0 + + + + + + + + + + + + + + CyaSSL Apps + + + echoclient.c + 1 + ..\..\..\examples\echoclient\echoclient.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + echoserver.c + 1 + ..\..\..\examples\echoserver\echoserver.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + test.c + 1 + ..\..\..\ctaocrypt\test\test.c + + + benchmark.c + 1 + ..\..\..\ctaocrypt\benchmark\benchmark.c + + + client.c + 1 + ..\..\..\examples\client\client.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + server.c + 1 + ..\..\..\examples\server\server.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + shell.c + 1 + ..\MDK-ARM\CyaSSL\shell.c + + + main.c + 1 + ..\MDK-ARM\CyaSSL\main.c + + + cert_data.c + 1 + ..\MDK-ARM\CyaSSL\cert_data.c + + + + + LPC43xx + + + lpc43xx_rtc.c + 1 + ..\LPC43xx\Drivers\source\lpc43xx_rtc.c + + + lpc43xx_timer.c + 1 + ..\LPC43xx\Drivers\source\lpc43xx_timer.c + + + lpc43xx_cgu.c + 1 + ..\LPC43xx\Drivers\source\lpc43xx_cgu.c + + + lpc43xx_scu.c + 1 + ..\LPC43xx\Drivers\source\lpc43xx_scu.c + + + + + MDK-ARM + + + FS_CM3.lib + 4 + c:\Keil\ARM\RV31\LIB\FS_CM3.lib + + + RTX_CM3.lib + 4 + c:\Keil\ARM\RV31\LIB\\RTX_CM3.lib + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + + + TCPD_CM3.lib + 4 + c:\Keil\ARM\RV31\LIB\TCPD_CM3.lib + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + + + TCP_CM3.lib + 4 + c:\Keil\ARM\RV31\LIB\TCP_CM3.lib + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + + + Serial.c + 1 + C:\Keil\ARM\Boards\Keil\MCB4300\RL\FlashFS\SD_File\Serial.c + + + ETH_LPC43xx.c + 1 + C:\Keil\ARM\RL\TCPnet\Drivers\ETH_LPC43xx.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + SDIO_LPC43xx.c + 1 + C:\Keil\ARM\Boards\Keil\MCB4300\RL\FlashFS\SD_File\SDIO_LPC43xx.c + + + system_LPC43xx.c + 1 + C:\Keil\ARM\Boards\Keil\MCB4300\RL\FlashFS\SD_File\system_LPC43xx.c + + + + + CyaSSL Library + + + crl.c + 1 + ..\..\..\src\crl.c + + + internal.c + 1 + ..\..\..\src\internal.c + + + io.c + 1 + ..\..\..\src\io.c + + + keys.c + 1 + ..\..\..\src\keys.c + + + ocsp.c + 1 + ..\..\..\src\ocsp.c + + + sniffer.c + 1 + ..\..\..\src\sniffer.c + + + ssl.c + 1 + ..\..\..\src\ssl.c + + + tls.c + 1 + ..\..\..\src\tls.c + + + ssl-dummy.c + 1 + ..\MDK-ARM\CyaSSL\ssl-dummy.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + + + Crypt/Cipher Library + + + aes.c + 1 + ..\..\..\ctaocrypt\src\aes.c + + + arc4.c + 1 + ..\..\..\ctaocrypt\src\arc4.c + + + asm.c + 1 + ..\..\..\ctaocrypt\src\asm.c + + + asn.c + 1 + ..\..\..\ctaocrypt\src\asn.c + + + camellia.c + 1 + ..\..\..\ctaocrypt\src\camellia.c + + + coding.c + 1 + ..\..\..\ctaocrypt\src\coding.c + + + des3.c + 1 + ..\..\..\ctaocrypt\src\des3.c + + + dh.c + 1 + ..\..\..\ctaocrypt\src\dh.c + + + dsa.c + 1 + ..\..\..\ctaocrypt\src\dsa.c + + + ecc.c + 1 + ..\..\..\ctaocrypt\src\ecc.c + + + ecc_fp.c + 1 + ..\..\..\ctaocrypt\src\ecc_fp.c + + + error.c + 1 + ..\..\..\ctaocrypt\src\error.c + + + hc128.c + 1 + ..\..\..\ctaocrypt\src\hc128.c + + + hmac.c + 1 + ..\..\..\ctaocrypt\src\hmac.c + + + integer.c + 1 + ..\..\..\ctaocrypt\src\integer.c + + + logging.c + 1 + ..\..\..\ctaocrypt\src\logging.c + + + md2.c + 1 + ..\..\..\ctaocrypt\src\md2.c + + + md4.c + 1 + ..\..\..\ctaocrypt\src\md4.c + + + md5.c + 1 + ..\..\..\ctaocrypt\src\md5.c + + + memory.c + 1 + ..\..\..\ctaocrypt\src\memory.c + + + misc.c + 1 + ..\..\..\ctaocrypt\src\misc.c + + + pwdbased.c + 1 + ..\..\..\ctaocrypt\src\pwdbased.c + + + rabbit.c + 1 + ..\..\..\ctaocrypt\src\rabbit.c + + + random.c + 1 + ..\..\..\ctaocrypt\src\random.c + + + ripemd.c + 1 + ..\..\..\ctaocrypt\src\ripemd.c + + + rsa.c + 1 + ..\..\..\ctaocrypt\src\rsa.c + + + sha.c + 1 + ..\..\..\ctaocrypt\src\sha.c + + + sha256.c + 1 + ..\..\..\ctaocrypt\src\sha256.c + + + sha512.c + 1 + ..\..\..\ctaocrypt\src\sha512.c + + + tfm.c + 1 + ..\..\..\ctaocrypt\src\tfm.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + wc_port.c + 1 + ..\..\..\ctaocrypt\src\wc_port.c + + + + + Configuration + + + File_Config.c + 1 + ..\MDK-ARM\config\File_Config.c + + + Net_Config.c + 1 + ..\MDK-ARM\config\Net_Config.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + config.h + 5 + ..\MDK-ARM\CyaSSL\config.h + + + RTX_Conf_CM.c + 1 + ..\MDK-ARM\config\RTX_Conf_CM.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + Net_Debug.c + 1 + ..\MDK-ARM\config\Net_Debug.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + config-FS.h + 5 + ..\MDK-ARM\CyaSSL\config-FS.h + + + config-RTX-TCP-FS.h + 5 + ..\MDK-ARM\CyaSSL\config-RTX-TCP-FS.h + + + config-BARE-METAL.h + 5 + ..\MDK-ARM\CyaSSL\config-BARE-METAL.h + + + startup_LPC43xx.s + 2 + ..\LPC43xx\startup_LPC43xx.s + + + + + CyaSSL-MDK + + + cyassl_MDK_ARM.c + 1 + ..\MDK-ARM\CyaSSL\cyassl_MDK_ARM.c + + + Retarget.c + 1 + ..\MDK-ARM\CyaSSL\Retarget.c + + + time-LCP43xx.c + 1 + ..\LPC43xx\time-LCP43xx.c + + + + + + + MDK-BARE-METAL + 0x4 + ARM-ADS + + + LPC4357 + NXP (founded by Philips) + IRAM(0x10000000-0x10007FFF) IRAM2(0x20000000-0x2000FFFF) IROM(0x1A000000-0x1A07FFFF) IROM2(0x1B000000-0x1B07FFFF) CLOCK(12000000) CPUTYPE("Cortex-M4") FPU2 + + "STARTUP\NXP\LPC43xx\startup_LPC43xx.s" ("NXP LPC43xx Startup Code") + UL2CM3(-O975 -S0 -C0 -FO7 -FD10000000 -FC800 -FN2 -FF0LPC18xx43xx_512_BA -FS01A000000 -FL080000 -FF1LPC18xx43xx_512_BB -FS11B000000 -FL180000) + 6414 + LPC43xx.H + + + + + + + + + + SFD\NXP\LPC43xx\LPC43xx.SFR + 0 + + + + NXP\LPC43xx\ + NXP\LPC43xx\ + + 0 + 0 + 0 + 0 + 1 + + .\MDK-BARE-METAL\ + LCP43xx-MDK-BARE-METAL + 1 + 0 + 0 + 1 + 1 + .\Lst\ + 1 + 0 + 0 + + 0 + 0 + + + 0 + 0 + 0 + 0 + + + 0 + 0 + + + 0 + 0 + + + 1 + 0 + $K\ARM\BIN\ElfDwT.exe !L BASEADDRESS(0x1A000000) + + 0 + 0 + + 0 + + + + 0 + 0 + 0 + 0 + 0 + 1 + 0 + 0 + 0 + 0 + 3 + + + + + SARMCM3.DLL + -MPU + DCM.DLL + -pCM4 + SARMCM3.DLL + -MPU + TCM.DLL + -pCM4 + + + + 1 + 0 + 0 + 0 + 16 + + + 0 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + + + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 1 + 0 + + 0 + 9 + + + + + + + + + + + + + ..\MDK-ARM\config\Dbg_Flash.ini + BIN\ULP2CM3.DLL + + + + + 1 + 0 + 0 + 1 + 1 + 4100 + + 0 + BIN\ULP2CM3.DLL + "" () + + + + + 0 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 1 + 1 + 0 + 1 + 1 + 0 + 0 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 0 + "Cortex-M4" + + 0 + 0 + 0 + 1 + 1 + 0 + 0 + 1 + 1 + 1 + 8 + 0 + 0 + 0 + 3 + 3 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 1 + 1 + 1 + 0 + 0 + 1 + 1 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x10000000 + 0x8000 + + + 1 + 0x1a000000 + 0x80000 + + + 0 + 0x0 + 0x0 + + + 1 + 0x0 + 0x0 + + + 1 + 0x0 + 0x0 + + + 1 + 0x0 + 0x0 + + + 1 + 0x1a000000 + 0x80000 + + + 1 + 0x1b000000 + 0x80000 + + + 0 + 0x10080000 + 0xa000 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x10000000 + 0x8000 + + + 0 + 0x20000000 + 0x10000 + + + + + + 1 + 4 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + + + HAVE_CONFIG_H CYASSL_LPC43xx __DBG_ITM CORE_M4 __RTX USE_STDPERIPH_DRIVER MDK_CONF_BARE_METAL + + ..\MDK-ARM\CyaSSL;../../..;..\LPC43xx\Drivers\include;..\LPC43xx\LPC43xx\Include + + + + 1 + 0 + 0 + 1 + 0 + 0 + 0 + 0 + + + + + + + + + 1 + 0 + 0 + 0 + 1 + 0 + + + + + + + + + + + + + + CyaSSL Apps + + + echoclient.c + 1 + ..\..\..\examples\echoclient\echoclient.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + echoserver.c + 1 + ..\..\..\examples\echoserver\echoserver.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + test.c + 1 + ..\..\..\ctaocrypt\test\test.c + + + benchmark.c + 1 + ..\..\..\ctaocrypt\benchmark\benchmark.c + + + client.c + 1 + ..\..\..\examples\client\client.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + server.c + 1 + ..\..\..\examples\server\server.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + shell.c + 1 + ..\MDK-ARM\CyaSSL\shell.c + + + main.c + 1 + ..\MDK-ARM\CyaSSL\main.c + + + cert_data.c + 1 + ..\MDK-ARM\CyaSSL\cert_data.c + + + + + LPC43xx + + + lpc43xx_rtc.c + 1 + ..\LPC43xx\Drivers\source\lpc43xx_rtc.c + + + lpc43xx_timer.c + 1 + ..\LPC43xx\Drivers\source\lpc43xx_timer.c + + + lpc43xx_cgu.c + 1 + ..\LPC43xx\Drivers\source\lpc43xx_cgu.c + + + lpc43xx_scu.c + 1 + ..\LPC43xx\Drivers\source\lpc43xx_scu.c + + + + + MDK-ARM + + + FS_CM3.lib + 4 + c:\Keil\ARM\RV31\LIB\FS_CM3.lib + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + + + RTX_CM3.lib + 4 + c:\Keil\ARM\RV31\LIB\\RTX_CM3.lib + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + + + TCPD_CM3.lib + 4 + c:\Keil\ARM\RV31\LIB\TCPD_CM3.lib + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + + + TCP_CM3.lib + 4 + c:\Keil\ARM\RV31\LIB\TCP_CM3.lib + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + + + Serial.c + 1 + C:\Keil\ARM\Boards\Keil\MCB4300\RL\FlashFS\SD_File\Serial.c + + + ETH_LPC43xx.c + 1 + C:\Keil\ARM\RL\TCPnet\Drivers\ETH_LPC43xx.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + SDIO_LPC43xx.c + 1 + C:\Keil\ARM\Boards\Keil\MCB4300\RL\FlashFS\SD_File\SDIO_LPC43xx.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + system_LPC43xx.c + 1 + C:\Keil\ARM\Boards\Keil\MCB4300\RL\FlashFS\SD_File\system_LPC43xx.c + + + + + CyaSSL Library + + + crl.c + 1 + ..\..\..\src\crl.c + + + internal.c + 1 + ..\..\..\src\internal.c + + + io.c + 1 + ..\..\..\src\io.c + + + keys.c + 1 + ..\..\..\src\keys.c + + + ocsp.c + 1 + ..\..\..\src\ocsp.c + + + sniffer.c + 1 + ..\..\..\src\sniffer.c + + + ssl.c + 1 + ..\..\..\src\ssl.c + + + tls.c + 1 + ..\..\..\src\tls.c + + + ssl-dummy.c + 1 + ..\MDK-ARM\CyaSSL\ssl-dummy.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + + + Crypt/Cipher Library + + + aes.c + 1 + ..\..\..\ctaocrypt\src\aes.c + + + arc4.c + 1 + ..\..\..\ctaocrypt\src\arc4.c + + + asm.c + 1 + ..\..\..\ctaocrypt\src\asm.c + + + asn.c + 1 + ..\..\..\ctaocrypt\src\asn.c + + + camellia.c + 1 + ..\..\..\ctaocrypt\src\camellia.c + + + coding.c + 1 + ..\..\..\ctaocrypt\src\coding.c + + + des3.c + 1 + ..\..\..\ctaocrypt\src\des3.c + + + dh.c + 1 + ..\..\..\ctaocrypt\src\dh.c + + + dsa.c + 1 + ..\..\..\ctaocrypt\src\dsa.c + + + ecc.c + 1 + ..\..\..\ctaocrypt\src\ecc.c + + + ecc_fp.c + 1 + ..\..\..\ctaocrypt\src\ecc_fp.c + + + error.c + 1 + ..\..\..\ctaocrypt\src\error.c + + + hc128.c + 1 + ..\..\..\ctaocrypt\src\hc128.c + + + hmac.c + 1 + ..\..\..\ctaocrypt\src\hmac.c + + + integer.c + 1 + ..\..\..\ctaocrypt\src\integer.c + + + logging.c + 1 + ..\..\..\ctaocrypt\src\logging.c + + + md2.c + 1 + ..\..\..\ctaocrypt\src\md2.c + + + md4.c + 1 + ..\..\..\ctaocrypt\src\md4.c + + + md5.c + 1 + ..\..\..\ctaocrypt\src\md5.c + + + memory.c + 1 + ..\..\..\ctaocrypt\src\memory.c + + + misc.c + 1 + ..\..\..\ctaocrypt\src\misc.c + + + pwdbased.c + 1 + ..\..\..\ctaocrypt\src\pwdbased.c + + + rabbit.c + 1 + ..\..\..\ctaocrypt\src\rabbit.c + + + random.c + 1 + ..\..\..\ctaocrypt\src\random.c + + + ripemd.c + 1 + ..\..\..\ctaocrypt\src\ripemd.c + + + rsa.c + 1 + ..\..\..\ctaocrypt\src\rsa.c + + + sha.c + 1 + ..\..\..\ctaocrypt\src\sha.c + + + sha256.c + 1 + ..\..\..\ctaocrypt\src\sha256.c + + + sha512.c + 1 + ..\..\..\ctaocrypt\src\sha512.c + + + tfm.c + 1 + ..\..\..\ctaocrypt\src\tfm.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + wc_port.c + 1 + ..\..\..\ctaocrypt\src\wc_port.c + + + + + Configuration + + + File_Config.c + 1 + ..\MDK-ARM\config\File_Config.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + Net_Config.c + 1 + ..\MDK-ARM\config\Net_Config.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + config.h + 5 + ..\MDK-ARM\CyaSSL\config.h + + + RTX_Conf_CM.c + 1 + ..\MDK-ARM\config\RTX_Conf_CM.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + Net_Debug.c + 1 + ..\MDK-ARM\config\Net_Debug.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + config-FS.h + 5 + ..\MDK-ARM\CyaSSL\config-FS.h + + + config-RTX-TCP-FS.h + 5 + ..\MDK-ARM\CyaSSL\config-RTX-TCP-FS.h + + + config-BARE-METAL.h + 5 + ..\MDK-ARM\CyaSSL\config-BARE-METAL.h + + + startup_LPC43xx.s + 2 + ..\LPC43xx\startup_LPC43xx.s + + + + + CyaSSL-MDK + + + cyassl_MDK_ARM.c + 1 + ..\MDK-ARM\CyaSSL\cyassl_MDK_ARM.c + + + Retarget.c + 1 + ..\MDK-ARM\CyaSSL\Retarget.c + + + time-LCP43xx.c + 1 + ..\LPC43xx\time-LCP43xx.c + + + + + + + + diff --git a/3P/wolfssl/IDE/MDK-ARM/Projects/MDK-ARM-STM32F2xx.uvopt b/3P/wolfssl/IDE/MDK-ARM/Projects/MDK-ARM-STM32F2xx.uvopt new file mode 100644 index 00000000..f051310b --- /dev/null +++ b/3P/wolfssl/IDE/MDK-ARM/Projects/MDK-ARM-STM32F2xx.uvopt @@ -0,0 +1,1656 @@ + + + + 1.0 + +
### uVision Project, (C) Keil Software
+ + + *.c + *.s*; *.src; *.a* + *.obj + *.lib + *.txt; *.h; *.inc + *.plm + *.cpp + + + + 0 + 0 + + + + MDK-RTX-TCP-FS + 0x4 + ARM-ADS + + 25000000 + + 1 + 1 + 0 + 1 + + + 1 + 65535 + 0 + 0 + 0 + + + 79 + 66 + 8 + .\Flash\ + + + 1 + 1 + 1 + 0 + 1 + 1 + 0 + 1 + 0 + 0 + 0 + 0 + + + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 0 + + + 1 + 0 + 0 + + 255 + + SARMCM3.DLL + -MPU + DARMSTM.DLL + -pSTM32F207IG + SARMCM3.DLL + -MPU + TARMSTM.DLL + -pSTM32F207IG + + + 0 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 1 + 1 + 1 + 0 + 1 + 0 + 0 + 0 + 9 + + + + + + + + + + ..\MDK-ARM\config\STM32_SWO.ini + BIN\ULP2CM3.DLL + + + + 0 + UL2CM3 + UL2CM3(-S0 -C0 -P0 -FD20000000 -FC1000 -FN1 -FF0STM32F2xx_1024 -FS08000000 -FL0100000 -FP0($$Device:STM32F207IG$Flash\STM32F2xx_1024.flm)) + + + 0 + DLGTARM + (1010=-1,-1,-1,-1,0)(1007=-1,-1,-1,-1,0)(1008=-1,-1,-1,-1,0)(1009=-1,-1,-1,-1,0)(1012=-1,-1,-1,-1,0) + + + 0 + ARMDBGFLAGS + + + + 0 + DLGUARM + + + + 0 + ULP2CM3 + -UP1135060 -O206 -S0 -C0 -P00 -N00("ARM CoreSight SW-DP") -D00(2BA01477) -L00(0) -TO23 -TC10000000 -TP18 -TDX0 -TDD0 -TDS7 -TDT0 -TDC1F -TIEFFFFFFFF -TIP8 -FO7 -FD20000000 -FC800 -FN1 -FF0STM32F2xx_1024 -FS08000000 -FL0100000 + + + + + 0 + + + 0 + 0 + 1 + 0 + 0 + 0 + 0 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 1 + 1 + 0 + 0 + 0 + + + + + + + + MDK-FS + 0x4 + ARM-ADS + + 25000000 + + 1 + 1 + 1 + 0 + + + 1 + 65535 + 0 + 0 + 0 + + + 79 + 66 + 8 + .\Flash\ + + + 1 + 1 + 1 + 0 + 1 + 1 + 0 + 1 + 0 + 0 + 0 + 0 + + + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 0 + + + 1 + 0 + 1 + + 255 + + SARMCM3.DLL + -MPU + DARMSTM.DLL + -pSTM32F207IG + SARMCM3.DLL + -MPU + TARMSTM.DLL + -pSTM32F207IG + + + 0 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 1 + 0 + 0 + 0 + 9 + + + + + + + + + + ..\MDK-ARM\config\STM32_SWO.ini + BIN\ULP2CM3.DLL + + + + 0 + DLGTARM + (1010=-1,-1,-1,-1,0)(1007=-1,-1,-1,-1,0)(1008=-1,-1,-1,-1,0)(1009=-1,-1,-1,-1,0)(1012=-1,-1,-1,-1,0) + + + 0 + ARMDBGFLAGS + + + + 0 + DLGUARM + + + + 0 + ULP2CM3 + -UP1135060 -O206 -S0 -C0 -P00 -N00("ARM CoreSight SW-DP") -D00(2BA01477) -L00(0) -TO23 -TC10000000 -TP18 -TDX0 -TDD0 -TDS7 -TDT0 -TDC1F -TIEFFFFFFFF -TIP8 -FO7 -FD20000000 -FC800 -FN1 -FF0STM32F2xx_1024 -FS08000000 -FL0100000 + + + + + 0 + + + 0 + 0 + 1 + 0 + 0 + 0 + 0 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 1 + 0 + 0 + 0 + 0 + + + + + + + + MDK-BARE-METAL + 0x4 + ARM-ADS + + 25000000 + + 1 + 1 + 1 + 0 + + + 1 + 65535 + 0 + 0 + 0 + + + 79 + 66 + 8 + .\Flash\ + + + 1 + 1 + 1 + 0 + 1 + 1 + 0 + 1 + 0 + 0 + 0 + 0 + + + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 0 + + + 1 + 0 + 0 + + 255 + + SARMCM3.DLL + -MPU + DARMSTM.DLL + -pSTM32F207IG + SARMCM3.DLL + -MPU + TARMSTM.DLL + -pSTM32F207IG + + + 0 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 1 + 1 + 1 + 0 + 1 + 0 + 0 + 0 + 9 + + + + + + + + + + ..\MDK-ARM\config\STM32_SWO.ini + BIN\ULP2CM3.DLL + + + + 0 + DLGTARM + (1010=-1,-1,-1,-1,0)(1007=-1,-1,-1,-1,0)(1008=-1,-1,-1,-1,0)(1009=-1,-1,-1,-1,0)(1012=-1,-1,-1,-1,0) + + + 0 + ARMDBGFLAGS + + + + 0 + DLGUARM + + + + 0 + ULP2CM3 + -UP1135060 -O206 -S0 -C0 -P00 -N00("ARM CoreSight SW-DP") -D00(2BA01477) -L00(0) -TO23 -TC10000000 -TP18 -TDX0 -TDD0 -TDS7 -TDT0 -TDC1F -TIEFFFFFFFF -TIP0 -FO7 -FD20000000 -FC800 -FN1 -FF0STM32F2xx_1024 -FS08000000 -FL0100000 + + + + + 0 + + + 0 + 0 + 1 + 0 + 0 + 0 + 0 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 1 + 0 + 0 + 0 + 0 + + + + + + + + CyaSSL Apps + 1 + 0 + 0 + 0 + + 1 + 1 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\examples\echoclient\echoclient.c + echoclient.c + 0 + 0 + + + 1 + 2 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\examples\echoserver\echoserver.c + echoserver.c + 0 + 0 + + + 1 + 3 + 1 + 0 + 0 + 5 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\test\test.c + test.c + 0 + 0 + + + 1 + 4 + 1 + 0 + 0 + 21 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\benchmark\benchmark.c + benchmark.c + 0 + 0 + + + 1 + 5 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\examples\client\client.c + client.c + 0 + 0 + + + 1 + 6 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\examples\server\server.c + server.c + 0 + 0 + + + 1 + 7 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\MDK-ARM\CyaSSL\shell.c + shell.c + 0 + 0 + + + 1 + 8 + 1 + 0 + 0 + 0 + 0 + 106 + 149 + 0 + ..\MDK-ARM\CyaSSL\main.c + main.c + 0 + 0 + + + 1 + 9 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\MDK-ARM\CyaSSL\cert_data.c + cert_data.c + 0 + 0 + + + + + STM32F2xx_StdPeriph_Lib + 1 + 0 + 0 + 0 + + + + MDK-ARM + 1 + 0 + 0 + 0 + + 3 + 10 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + c:\Keil\ARM\Boards\Keil\MCBSTM32F200\RL\FlashFS\SD_File\Serial.c + Serial.c + 0 + 0 + + + 3 + 11 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + c:\Keil\ARM\RL\FlashFS\Drivers\SDIO_STM32F2xx.c + SDIO_STM32F2xx.c + 0 + 0 + + + 3 + 12 + 4 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + c:\Keil\ARM\RV31\LIB\FS_CM3.lib + FS_CM3.lib + 0 + 0 + + + 3 + 13 + 4 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + c:\Keil\ARM\RV31\LIB\\RTX_CM3.lib + RTX_CM3.lib + 0 + 0 + + + 3 + 14 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + c:\Keil\ARM\RL\TCPnet\Drivers\ETH_STM32F2xx.c + ETH_STM32F2xx.c + 0 + 0 + + + 3 + 15 + 4 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + c:\Keil\ARM\RV31\LIB\TCPD_CM3.lib + TCPD_CM3.lib + 0 + 0 + + + 3 + 16 + 4 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + c:\Keil\ARM\RV31\LIB\TCP_CM3.lib + TCP_CM3.lib + 0 + 0 + + + 3 + 17 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil\ARM\Startup\ST\STM32F2xx\system_stm32f2xx.c + system_stm32f2xx.c + 0 + 0 + + + + + CyaSSL Library + 1 + 0 + 0 + 0 + + 4 + 18 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\src\crl.c + crl.c + 0 + 0 + + + 4 + 19 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\src\internal.c + internal.c + 0 + 0 + + + 4 + 20 + 1 + 0 + 0 + 23 + 0 + 0 + 0 + 0 + ..\..\..\src\io.c + io.c + 0 + 0 + + + 4 + 21 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\src\keys.c + keys.c + 0 + 0 + + + 4 + 22 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\src\ocsp.c + ocsp.c + 0 + 0 + + + 4 + 23 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\src\sniffer.c + sniffer.c + 0 + 0 + + + 4 + 24 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\src\ssl.c + ssl.c + 0 + 0 + + + 4 + 25 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\src\tls.c + tls.c + 0 + 0 + + + 4 + 26 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\MDK-ARM\CyaSSL\ssl-dummy.c + ssl-dummy.c + 0 + 0 + + + + + Crypt/Cipher Library + 1 + 0 + 0 + 0 + + 5 + 27 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\aes.c + aes.c + 0 + 0 + + + 5 + 28 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\arc4.c + arc4.c + 0 + 0 + + + 5 + 29 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\asm.c + asm.c + 0 + 0 + + + 5 + 30 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\asn.c + asn.c + 0 + 0 + + + 5 + 31 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\camellia.c + camellia.c + 0 + 0 + + + 5 + 32 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\coding.c + coding.c + 0 + 0 + + + 5 + 33 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\des3.c + des3.c + 0 + 0 + + + 5 + 34 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\dh.c + dh.c + 0 + 0 + + + 5 + 35 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\dsa.c + dsa.c + 0 + 0 + + + 5 + 36 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\ecc.c + ecc.c + 0 + 0 + + + 5 + 37 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\ecc_fp.c + ecc_fp.c + 0 + 0 + + + 5 + 38 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\error.c + error.c + 0 + 0 + + + 5 + 39 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\hc128.c + hc128.c + 0 + 0 + + + 5 + 40 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\hmac.c + hmac.c + 0 + 0 + + + 5 + 41 + 1 + 0 + 0 + 19 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\integer.c + integer.c + 0 + 0 + + + 5 + 42 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\logging.c + logging.c + 0 + 0 + + + 5 + 43 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\md2.c + md2.c + 0 + 0 + + + 5 + 44 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\md4.c + md4.c + 0 + 0 + + + 5 + 45 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\md5.c + md5.c + 0 + 0 + + + 5 + 46 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\memory.c + memory.c + 0 + 0 + + + 5 + 47 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\misc.c + misc.c + 0 + 0 + + + 5 + 48 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\wc_port.c + wc_port.c + 0 + 0 + + + 5 + 49 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\pwdbased.c + pwdbased.c + 0 + 0 + + + 5 + 50 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\rabbit.c + rabbit.c + 0 + 0 + + + 5 + 51 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\random.c + random.c + 0 + 0 + + + 5 + 52 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\ripemd.c + ripemd.c + 0 + 0 + + + 5 + 53 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\rsa.c + rsa.c + 0 + 0 + + + 5 + 54 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\sha.c + sha.c + 0 + 0 + + + 5 + 55 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\sha256.c + sha256.c + 0 + 0 + + + 5 + 56 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\sha512.c + sha512.c + 0 + 0 + + + 5 + 57 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\tfm.c + tfm.c + 0 + 0 + + + + + Configuration + 1 + 0 + 0 + 0 + + 6 + 58 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\MDK-ARM\config\File_Config.c + File_Config.c + 0 + 0 + + + 6 + 59 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\MDK-ARM\config\Net_Config.c + Net_Config.c + 0 + 0 + + + 6 + 60 + 5 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\MDK-ARM\CyaSSL\config.h + config.h + 0 + 0 + + + 6 + 61 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\MDK-ARM\config\RTX_Conf_CM.c + RTX_Conf_CM.c + 0 + 0 + + + 6 + 62 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\MDK-ARM\config\Net_Debug.c + Net_Debug.c + 0 + 0 + + + 6 + 63 + 5 + 0 + 0 + 0 + 0 + 1 + 1 + 0 + ..\MDK-ARM\CyaSSL\config-FS.h + config-FS.h + 0 + 0 + + + 6 + 64 + 5 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\MDK-ARM\CyaSSL\config-RTX-TCP-FS.h + config-RTX-TCP-FS.h + 0 + 0 + + + 6 + 65 + 5 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\MDK-ARM\CyaSSL\config-BARE-METAL.h + config-BARE-METAL.h + 0 + 0 + + + 6 + 66 + 2 + 0 + 0 + 0 + 0 + 152 + 169 + 0 + ..\MDK-ARM\config\startup_stm32f2xx.s + startup_stm32f2xx.s + 0 + 0 + + + + + CyaSSL-MDK + 1 + 0 + 0 + 0 + + 7 + 67 + 1 + 0 + 0 + 0 + 0 + 182 + 222 + 0 + ..\MDK-ARM\CyaSSL\cyassl_MDK_ARM.c + cyassl_MDK_ARM.c + 0 + 0 + + + 7 + 68 + 1 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + ..\MDK-ARM\CyaSSL\Retarget.c + Retarget.c + 0 + 0 + + + 7 + 69 + 1 + 0 + 0 + 1 + 0 + 0 + 0 + 0 + ..\STM32F2xx_StdPeriph_Lib\time-STM32F2xx.c + time-STM32F2xx.c + 0 + 0 + + + + diff --git a/3P/wolfssl/IDE/MDK-ARM/Projects/MDK-ARM-STM32F2xx.uvproj b/3P/wolfssl/IDE/MDK-ARM/Projects/MDK-ARM-STM32F2xx.uvproj new file mode 100644 index 00000000..f7cf9b17 --- /dev/null +++ b/3P/wolfssl/IDE/MDK-ARM/Projects/MDK-ARM-STM32F2xx.uvproj @@ -0,0 +1,3964 @@ + + + + 1.1 + +
### uVision Project, (C) Keil Software
+ + + + MDK-RTX-TCP-FS + 0x4 + ARM-ADS + + + STM32F207IG + STMicroelectronics + IRAM(0x20000000-0x2001FFFF) IROM(0x8000000-0x80FFFFF) CLOCK(25000000) CPUTYPE("Cortex-M3") + + "STARTUP\ST\STM32F2xx\startup_stm32f2xx.s" ("STM32F2xx Startup Code") + UL2CM3(-O207 -S0 -C0 -FO7 -FD20000000 -FC800 -FN1 -FF0STM32F2xx_1024 -FS08000000 -FL0100000) + 5124 + stm32f2xx.h + + + + + + + + + + SFD\ST\STM32F2xx\STM32F20x.sfr + 0 + + + + ST\STM32F2xx\ + ST\STM32F2xx\ + + 0 + 0 + 0 + 0 + 1 + + .\MDK-RTX-TCP-FS\ + STM32F2xx-MDK-RTX-TCP-FS + 1 + 0 + 0 + 1 + 1 + .\Flash\ + 1 + 0 + 0 + + 0 + 0 + + + 0 + 0 + 0 + 0 + + + 0 + 0 + + + 0 + 0 + + + 0 + 0 + + + 0 + 0 + + 0 + + + + 0 + 0 + 0 + 0 + 0 + 1 + 0 + 0 + 0 + 0 + 3 + + + + + SARMCM3.DLL + -MPU + DARMSTM.DLL + -pSTM32F207IG + SARMCM3.DLL + -MPU + TARMSTM.DLL + -pSTM32F207IG + + + + 1 + 0 + 0 + 0 + 16 + + + 0 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + + + 1 + 1 + 0 + 1 + 1 + 1 + 0 + 1 + 0 + + 0 + 9 + + + + + + + + + + + + + ..\MDK-ARM\config\STM32_SWO.ini + BIN\ULP2CM3.DLL + + + + + 1 + 0 + 0 + 1 + 1 + 4100 + + 1 + BIN\ULP2CM3.DLL + "" () + + + + + 0 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 1 + 1 + 0 + 1 + 1 + 0 + 0 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 0 + "Cortex-M3" + + 1 + 0 + 0 + 1 + 1 + 0 + 0 + 0 + 0 + 0 + 8 + 0 + 0 + 0 + 3 + 3 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 1 + 0 + 0 + 0 + 0 + 1 + 0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x20000000 + 0x20000 + + + 1 + 0x8000000 + 0x100000 + + + 0 + 0x0 + 0x0 + + + 1 + 0x0 + 0x0 + + + 1 + 0x0 + 0x0 + + + 1 + 0x0 + 0x0 + + + 1 + 0x8000000 + 0x100000 + + + 1 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x20000000 + 0x20000 + + + 0 + 0x0 + 0x0 + + + + + + 1 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + + + HAVE_CONFIG_H CYASSL_STM32F2xx __DBG_ITM __RTX MDK_CONF_RTX_TCP_FS + + ..\MDK-ARM\CyaSSL;C:..\STM32F2xx_StdPeriph_Lib\inc;..\..\..\ + + + + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + + + + + + + + + 1 + 0 + 0 + 0 + 1 + 0 + 0x08000000 + 0x20000000 + + + + + + + + + + + + CyaSSL Apps + + + echoclient.c + 1 + ..\..\..\examples\echoclient\echoclient.c + + + echoserver.c + 1 + ..\..\..\examples\echoserver\echoserver.c + + + test.c + 1 + ..\..\..\ctaocrypt\test\test.c + + + benchmark.c + 1 + ..\..\..\ctaocrypt\benchmark\benchmark.c + + + client.c + 1 + ..\..\..\examples\client\client.c + + + server.c + 1 + ..\..\..\examples\server\server.c + + + shell.c + 1 + ..\MDK-ARM\CyaSSL\shell.c + + + main.c + 1 + ..\MDK-ARM\CyaSSL\main.c + + + cert_data.c + 1 + ..\MDK-ARM\CyaSSL\cert_data.c + + + + + STM32F2xx_StdPeriph_Lib + + + MDK-ARM + + + Serial.c + 1 + c:\Keil\ARM\Boards\Keil\MCBSTM32F200\RL\FlashFS\SD_File\Serial.c + + + SDIO_STM32F2xx.c + 1 + c:\Keil\ARM\RL\FlashFS\Drivers\SDIO_STM32F2xx.c + + + FS_CM3.lib + 4 + c:\Keil\ARM\RV31\LIB\FS_CM3.lib + + + RTX_CM3.lib + 4 + c:\Keil\ARM\RV31\LIB\\RTX_CM3.lib + + + ETH_STM32F2xx.c + 1 + c:\Keil\ARM\RL\TCPnet\Drivers\ETH_STM32F2xx.c + + + TCPD_CM3.lib + 4 + c:\Keil\ARM\RV31\LIB\TCPD_CM3.lib + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + + + TCP_CM3.lib + 4 + c:\Keil\ARM\RV31\LIB\TCP_CM3.lib + + + system_stm32f2xx.c + 1 + C:\Keil\ARM\Startup\ST\STM32F2xx\system_stm32f2xx.c + + + + + CyaSSL Library + + + crl.c + 1 + ..\..\..\src\crl.c + + + internal.c + 1 + ..\..\..\src\internal.c + + + io.c + 1 + ..\..\..\src\io.c + + + keys.c + 1 + ..\..\..\src\keys.c + + + ocsp.c + 1 + ..\..\..\src\ocsp.c + + + sniffer.c + 1 + ..\..\..\src\sniffer.c + + + ssl.c + 1 + ..\..\..\src\ssl.c + + + tls.c + 1 + ..\..\..\src\tls.c + + + ssl-dummy.c + 1 + ..\MDK-ARM\CyaSSL\ssl-dummy.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + + + Crypt/Cipher Library + + + aes.c + 1 + ..\..\..\ctaocrypt\src\aes.c + + + arc4.c + 1 + ..\..\..\ctaocrypt\src\arc4.c + + + asm.c + 1 + ..\..\..\ctaocrypt\src\asm.c + + + asn.c + 1 + ..\..\..\ctaocrypt\src\asn.c + + + camellia.c + 1 + ..\..\..\ctaocrypt\src\camellia.c + + + coding.c + 1 + ..\..\..\ctaocrypt\src\coding.c + + + des3.c + 1 + ..\..\..\ctaocrypt\src\des3.c + + + dh.c + 1 + ..\..\..\ctaocrypt\src\dh.c + + + dsa.c + 1 + ..\..\..\ctaocrypt\src\dsa.c + + + ecc.c + 1 + ..\..\..\ctaocrypt\src\ecc.c + + + ecc_fp.c + 1 + ..\..\..\ctaocrypt\src\ecc_fp.c + + + error.c + 1 + ..\..\..\ctaocrypt\src\error.c + + + hc128.c + 1 + ..\..\..\ctaocrypt\src\hc128.c + + + hmac.c + 1 + ..\..\..\ctaocrypt\src\hmac.c + + + integer.c + 1 + ..\..\..\ctaocrypt\src\integer.c + + + logging.c + 1 + ..\..\..\ctaocrypt\src\logging.c + + + md2.c + 1 + ..\..\..\ctaocrypt\src\md2.c + + + md4.c + 1 + ..\..\..\ctaocrypt\src\md4.c + + + md5.c + 1 + ..\..\..\ctaocrypt\src\md5.c + + + memory.c + 1 + ..\..\..\ctaocrypt\src\memory.c + + + misc.c + 1 + ..\..\..\ctaocrypt\src\misc.c + + + wc_port.c + 1 + ..\..\..\ctaocrypt\src\wc_port.c + + + pwdbased.c + 1 + ..\..\..\ctaocrypt\src\pwdbased.c + + + rabbit.c + 1 + ..\..\..\ctaocrypt\src\rabbit.c + + + random.c + 1 + ..\..\..\ctaocrypt\src\random.c + + + ripemd.c + 1 + ..\..\..\ctaocrypt\src\ripemd.c + + + rsa.c + 1 + ..\..\..\ctaocrypt\src\rsa.c + + + sha.c + 1 + ..\..\..\ctaocrypt\src\sha.c + + + sha256.c + 1 + ..\..\..\ctaocrypt\src\sha256.c + + + sha512.c + 1 + ..\..\..\ctaocrypt\src\sha512.c + + + tfm.c + 1 + ..\..\..\ctaocrypt\src\tfm.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + + + Configuration + + + File_Config.c + 1 + ..\MDK-ARM\config\File_Config.c + + + Net_Config.c + 1 + ..\MDK-ARM\config\Net_Config.c + + + config.h + 5 + ..\MDK-ARM\CyaSSL\config.h + + + RTX_Conf_CM.c + 1 + ..\MDK-ARM\config\RTX_Conf_CM.c + + + Net_Debug.c + 1 + ..\MDK-ARM\config\Net_Debug.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + config-FS.h + 5 + ..\MDK-ARM\CyaSSL\config-FS.h + + + config-RTX-TCP-FS.h + 5 + ..\MDK-ARM\CyaSSL\config-RTX-TCP-FS.h + + + config-BARE-METAL.h + 5 + ..\MDK-ARM\CyaSSL\config-BARE-METAL.h + + + startup_stm32f2xx.s + 2 + ..\MDK-ARM\config\startup_stm32f2xx.s + + + + + CyaSSL-MDK + + + cyassl_MDK_ARM.c + 1 + ..\MDK-ARM\CyaSSL\cyassl_MDK_ARM.c + + + Retarget.c + 1 + ..\MDK-ARM\CyaSSL\Retarget.c + + + time-STM32F2xx.c + 1 + ..\STM32F2xx_StdPeriph_Lib\time-STM32F2xx.c + + + + + + + MDK-FS + 0x4 + ARM-ADS + + + STM32F207IG + STMicroelectronics + IRAM(0x20000000-0x2001FFFF) IROM(0x8000000-0x80FFFFF) CLOCK(25000000) CPUTYPE("Cortex-M3") + + "STARTUP\ST\STM32F2xx\startup_stm32f2xx.s" ("STM32F2xx Startup Code") + UL2CM3(-O207 -S0 -C0 -FO7 -FD20000000 -FC800 -FN1 -FF0STM32F2xx_1024 -FS08000000 -FL0100000) + 5124 + stm32f2xx.h + + + + + + + + + + SFD\ST\STM32F2xx\STM32F20x.sfr + 0 + + + + ST\STM32F2xx\ + ST\STM32F2xx\ + + 0 + 0 + 0 + 0 + 1 + + .\MDK-FS\ + STM32F2xx-MDK-FS + 1 + 0 + 0 + 1 + 1 + .\Flash\ + 1 + 0 + 0 + + 0 + 0 + + + 0 + 0 + 0 + 0 + + + 0 + 0 + + + 0 + 0 + + + 0 + 0 + + + 0 + 0 + + 0 + + + + 0 + 0 + 0 + 0 + 0 + 1 + 0 + 0 + 0 + 0 + 3 + + + + + SARMCM3.DLL + -MPU + DARMSTM.DLL + -pSTM32F207IG + SARMCM3.DLL + -MPU + TARMSTM.DLL + -pSTM32F207IG + + + + 1 + 0 + 0 + 0 + 16 + + + 0 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + + + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 1 + 0 + + 0 + 9 + + + + + + + + + + + + + ..\MDK-ARM\config\STM32_SWO.ini + BIN\ULP2CM3.DLL + + + + + 1 + 0 + 0 + 1 + 1 + 4100 + + 0 + BIN\ULP2CM3.DLL + "" () + + + + + 0 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 1 + 1 + 0 + 1 + 1 + 0 + 0 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 0 + "Cortex-M3" + + 0 + 0 + 0 + 1 + 1 + 0 + 0 + 0 + 0 + 0 + 8 + 0 + 0 + 0 + 3 + 3 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 1 + 0 + 0 + 0 + 0 + 1 + 0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x20000000 + 0x20000 + + + 1 + 0x8000000 + 0x100000 + + + 0 + 0x0 + 0x0 + + + 1 + 0x0 + 0x0 + + + 1 + 0x0 + 0x0 + + + 1 + 0x0 + 0x0 + + + 1 + 0x8000000 + 0x100000 + + + 1 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x20000000 + 0x20000 + + + 0 + 0x0 + 0x0 + + + + + + 1 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + + + HAVE_CONFIG_H CYASSL_STM32F2xx __DBG_ITM MDK_CONF_FS + + ..\MDK-ARM\CyaSSL;..\MDK-ARM\inc;..\STM32F2xx_StdPeriph_Lib\inc;..\POSIX\..\..\..\ + + + + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + + + + + + + + + 1 + 0 + 0 + 0 + 1 + 0 + 0x08000000 + 0x20000000 + + + + + + + + + + + + CyaSSL Apps + + + echoclient.c + 1 + ..\..\..\examples\echoclient\echoclient.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + echoserver.c + 1 + ..\..\..\examples\echoserver\echoserver.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + test.c + 1 + ..\..\..\ctaocrypt\test\test.c + + + benchmark.c + 1 + ..\..\..\ctaocrypt\benchmark\benchmark.c + + + client.c + 1 + ..\..\..\examples\client\client.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + server.c + 1 + ..\..\..\examples\server\server.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + shell.c + 1 + ..\MDK-ARM\CyaSSL\shell.c + + + main.c + 1 + ..\MDK-ARM\CyaSSL\main.c + + + cert_data.c + 1 + ..\MDK-ARM\CyaSSL\cert_data.c + + + + + STM32F2xx_StdPeriph_Lib + + + MDK-ARM + + + Serial.c + 1 + c:\Keil\ARM\Boards\Keil\MCBSTM32F200\RL\FlashFS\SD_File\Serial.c + + + SDIO_STM32F2xx.c + 1 + c:\Keil\ARM\RL\FlashFS\Drivers\SDIO_STM32F2xx.c + + + FS_CM3.lib + 4 + c:\Keil\ARM\RV31\LIB\FS_CM3.lib + + + RTX_CM3.lib + 4 + c:\Keil\ARM\RV31\LIB\\RTX_CM3.lib + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + + + ETH_STM32F2xx.c + 1 + c:\Keil\ARM\RL\TCPnet\Drivers\ETH_STM32F2xx.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + TCPD_CM3.lib + 4 + c:\Keil\ARM\RV31\LIB\TCPD_CM3.lib + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + + + TCP_CM3.lib + 4 + c:\Keil\ARM\RV31\LIB\TCP_CM3.lib + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + + + system_stm32f2xx.c + 1 + C:\Keil\ARM\Startup\ST\STM32F2xx\system_stm32f2xx.c + + + + + CyaSSL Library + + + crl.c + 1 + ..\..\..\src\crl.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + internal.c + 1 + ..\..\..\src\internal.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + io.c + 1 + ..\..\..\src\io.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + keys.c + 1 + ..\..\..\src\keys.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + ocsp.c + 1 + ..\..\..\src\ocsp.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + sniffer.c + 1 + ..\..\..\src\sniffer.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + ssl.c + 1 + ..\..\..\src\ssl.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + tls.c + 1 + ..\..\..\src\tls.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + ssl-dummy.c + 1 + ..\MDK-ARM\CyaSSL\ssl-dummy.c + + + + + Crypt/Cipher Library + + + aes.c + 1 + ..\..\..\ctaocrypt\src\aes.c + + + arc4.c + 1 + ..\..\..\ctaocrypt\src\arc4.c + + + asm.c + 1 + ..\..\..\ctaocrypt\src\asm.c + + + asn.c + 1 + ..\..\..\ctaocrypt\src\asn.c + + + camellia.c + 1 + ..\..\..\ctaocrypt\src\camellia.c + + + coding.c + 1 + ..\..\..\ctaocrypt\src\coding.c + + + des3.c + 1 + ..\..\..\ctaocrypt\src\des3.c + + + dh.c + 1 + ..\..\..\ctaocrypt\src\dh.c + + + dsa.c + 1 + ..\..\..\ctaocrypt\src\dsa.c + + + ecc.c + 1 + ..\..\..\ctaocrypt\src\ecc.c + + + ecc_fp.c + 1 + ..\..\..\ctaocrypt\src\ecc_fp.c + + + error.c + 1 + ..\..\..\ctaocrypt\src\error.c + + + hc128.c + 1 + ..\..\..\ctaocrypt\src\hc128.c + + + hmac.c + 1 + ..\..\..\ctaocrypt\src\hmac.c + + + integer.c + 1 + ..\..\..\ctaocrypt\src\integer.c + + + logging.c + 1 + ..\..\..\ctaocrypt\src\logging.c + + + md2.c + 1 + ..\..\..\ctaocrypt\src\md2.c + + + md4.c + 1 + ..\..\..\ctaocrypt\src\md4.c + + + md5.c + 1 + ..\..\..\ctaocrypt\src\md5.c + + + memory.c + 1 + ..\..\..\ctaocrypt\src\memory.c + + + misc.c + 1 + ..\..\..\ctaocrypt\src\misc.c + + + wc_port.c + 1 + ..\..\..\ctaocrypt\src\wc_port.c + + + pwdbased.c + 1 + ..\..\..\ctaocrypt\src\pwdbased.c + + + rabbit.c + 1 + ..\..\..\ctaocrypt\src\rabbit.c + + + random.c + 1 + ..\..\..\ctaocrypt\src\random.c + + + ripemd.c + 1 + ..\..\..\ctaocrypt\src\ripemd.c + + + rsa.c + 1 + ..\..\..\ctaocrypt\src\rsa.c + + + sha.c + 1 + ..\..\..\ctaocrypt\src\sha.c + + + sha256.c + 1 + ..\..\..\ctaocrypt\src\sha256.c + + + sha512.c + 1 + ..\..\..\ctaocrypt\src\sha512.c + + + tfm.c + 1 + ..\..\..\ctaocrypt\src\tfm.c + + + + + Configuration + + + File_Config.c + 1 + ..\MDK-ARM\config\File_Config.c + + + Net_Config.c + 1 + ..\MDK-ARM\config\Net_Config.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + config.h + 5 + ..\MDK-ARM\CyaSSL\config.h + + + RTX_Conf_CM.c + 1 + ..\MDK-ARM\config\RTX_Conf_CM.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + Net_Debug.c + 1 + ..\MDK-ARM\config\Net_Debug.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + config-FS.h + 5 + ..\MDK-ARM\CyaSSL\config-FS.h + + + config-RTX-TCP-FS.h + 5 + ..\MDK-ARM\CyaSSL\config-RTX-TCP-FS.h + + + config-BARE-METAL.h + 5 + ..\MDK-ARM\CyaSSL\config-BARE-METAL.h + + + startup_stm32f2xx.s + 2 + ..\MDK-ARM\config\startup_stm32f2xx.s + + + + + CyaSSL-MDK + + + cyassl_MDK_ARM.c + 1 + ..\MDK-ARM\CyaSSL\cyassl_MDK_ARM.c + + + Retarget.c + 1 + ..\MDK-ARM\CyaSSL\Retarget.c + + + time-STM32F2xx.c + 1 + ..\STM32F2xx_StdPeriph_Lib\time-STM32F2xx.c + + + + + + + MDK-BARE-METAL + 0x4 + ARM-ADS + + + STM32F207IG + STMicroelectronics + IRAM(0x20000000-0x2001FFFF) IROM(0x8000000-0x80FFFFF) CLOCK(25000000) CPUTYPE("Cortex-M3") + + "STARTUP\ST\STM32F2xx\startup_stm32f2xx.s" ("STM32F2xx Startup Code") + UL2CM3(-O207 -S0 -C0 -FO7 -FD20000000 -FC800 -FN1 -FF0STM32F2xx_1024 -FS08000000 -FL0100000) + 5124 + stm32f2xx.h + + + + + + + + + + SFD\ST\STM32F2xx\STM32F20x.sfr + 0 + + + + ST\STM32F2xx\ + ST\STM32F2xx\ + + 0 + 0 + 0 + 0 + 1 + + .\MDK-BARE-METAL\ + STM32F2xx-MDK-BARE-METAL + 1 + 0 + 0 + 1 + 1 + .\Flash\ + 1 + 0 + 0 + + 0 + 0 + + + 0 + 0 + 0 + 0 + + + 0 + 0 + + + 0 + 0 + + + 0 + 0 + + + 0 + 0 + + 0 + + + + 0 + 0 + 0 + 0 + 0 + 1 + 0 + 0 + 0 + 0 + 3 + + + + + SARMCM3.DLL + -MPU + DARMSTM.DLL + -pSTM32F207IG + SARMCM3.DLL + -MPU + TARMSTM.DLL + -pSTM32F207IG + + + + 1 + 0 + 0 + 0 + 16 + + + 0 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + + + 1 + 1 + 0 + 1 + 1 + 1 + 0 + 1 + 0 + + 0 + 9 + + + + + + + + + + + + + ..\MDK-ARM\config\STM32_SWO.ini + BIN\ULP2CM3.DLL + + + + + 1 + 0 + 0 + 1 + 1 + 4100 + + 0 + BIN\ULP2CM3.DLL + "" () + + + + + 0 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 1 + 1 + 0 + 1 + 1 + 0 + 0 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 0 + "Cortex-M3" + + 0 + 0 + 0 + 1 + 1 + 0 + 0 + 0 + 0 + 0 + 8 + 0 + 0 + 0 + 3 + 3 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 1 + 0 + 0 + 0 + 0 + 1 + 0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x20000000 + 0x20000 + + + 1 + 0x8000000 + 0x100000 + + + 0 + 0x0 + 0x0 + + + 1 + 0x0 + 0x0 + + + 1 + 0x0 + 0x0 + + + 1 + 0x0 + 0x0 + + + 1 + 0x8000000 + 0x100000 + + + 1 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x20000000 + 0x20000 + + + 0 + 0x0 + 0x0 + + + + + + 1 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + + + HAVE_CONFIG_H CYASSL_STM32F2xx __DBG_ITM MDK_CONF_BARE_METAL + + ..\MDK-ARM\CyaSSL;..\MDK-ARM\inc;..\STM32F2xx_StdPeriph_Lib\inc;..\POSIX;..\..\..\ + + + + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + + + + + + + + + 1 + 0 + 0 + 0 + 1 + 0 + 0x08000000 + 0x20000000 + + + + + + + + + + + + CyaSSL Apps + + + echoclient.c + 1 + ..\..\..\examples\echoclient\echoclient.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + echoserver.c + 1 + ..\..\..\examples\echoserver\echoserver.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + test.c + 1 + ..\..\..\ctaocrypt\test\test.c + + + benchmark.c + 1 + ..\..\..\ctaocrypt\benchmark\benchmark.c + + + client.c + 1 + ..\..\..\examples\client\client.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + server.c + 1 + ..\..\..\examples\server\server.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + shell.c + 1 + ..\MDK-ARM\CyaSSL\shell.c + + + main.c + 1 + ..\MDK-ARM\CyaSSL\main.c + + + cert_data.c + 1 + ..\MDK-ARM\CyaSSL\cert_data.c + + + + + STM32F2xx_StdPeriph_Lib + + + MDK-ARM + + + Serial.c + 1 + c:\Keil\ARM\Boards\Keil\MCBSTM32F200\RL\FlashFS\SD_File\Serial.c + + + SDIO_STM32F2xx.c + 1 + c:\Keil\ARM\RL\FlashFS\Drivers\SDIO_STM32F2xx.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + FS_CM3.lib + 4 + c:\Keil\ARM\RV31\LIB\FS_CM3.lib + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + + + RTX_CM3.lib + 4 + c:\Keil\ARM\RV31\LIB\\RTX_CM3.lib + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + + + ETH_STM32F2xx.c + 1 + c:\Keil\ARM\RL\TCPnet\Drivers\ETH_STM32F2xx.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + TCPD_CM3.lib + 4 + c:\Keil\ARM\RV31\LIB\TCPD_CM3.lib + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + + + TCP_CM3.lib + 4 + c:\Keil\ARM\RV31\LIB\TCP_CM3.lib + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + + + system_stm32f2xx.c + 1 + C:\Keil\ARM\Startup\ST\STM32F2xx\system_stm32f2xx.c + + + + + CyaSSL Library + + + crl.c + 1 + ..\..\..\src\crl.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + internal.c + 1 + ..\..\..\src\internal.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + io.c + 1 + ..\..\..\src\io.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + keys.c + 1 + ..\..\..\src\keys.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + ocsp.c + 1 + ..\..\..\src\ocsp.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + sniffer.c + 1 + ..\..\..\src\sniffer.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + ssl.c + 1 + ..\..\..\src\ssl.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + tls.c + 1 + ..\..\..\src\tls.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + ssl-dummy.c + 1 + ..\MDK-ARM\CyaSSL\ssl-dummy.c + + + + + Crypt/Cipher Library + + + aes.c + 1 + ..\..\..\ctaocrypt\src\aes.c + + + arc4.c + 1 + ..\..\..\ctaocrypt\src\arc4.c + + + asm.c + 1 + ..\..\..\ctaocrypt\src\asm.c + + + asn.c + 1 + ..\..\..\ctaocrypt\src\asn.c + + + camellia.c + 1 + ..\..\..\ctaocrypt\src\camellia.c + + + coding.c + 1 + ..\..\..\ctaocrypt\src\coding.c + + + des3.c + 1 + ..\..\..\ctaocrypt\src\des3.c + + + dh.c + 1 + ..\..\..\ctaocrypt\src\dh.c + + + dsa.c + 1 + ..\..\..\ctaocrypt\src\dsa.c + + + ecc.c + 1 + ..\..\..\ctaocrypt\src\ecc.c + + + ecc_fp.c + 1 + ..\..\..\ctaocrypt\src\ecc_fp.c + + + error.c + 1 + ..\..\..\ctaocrypt\src\error.c + + + hc128.c + 1 + ..\..\..\ctaocrypt\src\hc128.c + + + hmac.c + 1 + ..\..\..\ctaocrypt\src\hmac.c + + + integer.c + 1 + ..\..\..\ctaocrypt\src\integer.c + + + logging.c + 1 + ..\..\..\ctaocrypt\src\logging.c + + + md2.c + 1 + ..\..\..\ctaocrypt\src\md2.c + + + md4.c + 1 + ..\..\..\ctaocrypt\src\md4.c + + + md5.c + 1 + ..\..\..\ctaocrypt\src\md5.c + + + memory.c + 1 + ..\..\..\ctaocrypt\src\memory.c + + + misc.c + 1 + ..\..\..\ctaocrypt\src\misc.c + + + wc_port.c + 1 + ..\..\..\ctaocrypt\src\wc_port.c + + + pwdbased.c + 1 + ..\..\..\ctaocrypt\src\pwdbased.c + + + rabbit.c + 1 + ..\..\..\ctaocrypt\src\rabbit.c + + + random.c + 1 + ..\..\..\ctaocrypt\src\random.c + + + ripemd.c + 1 + ..\..\..\ctaocrypt\src\ripemd.c + + + rsa.c + 1 + ..\..\..\ctaocrypt\src\rsa.c + + + sha.c + 1 + ..\..\..\ctaocrypt\src\sha.c + + + sha256.c + 1 + ..\..\..\ctaocrypt\src\sha256.c + + + sha512.c + 1 + ..\..\..\ctaocrypt\src\sha512.c + + + tfm.c + 1 + ..\..\..\ctaocrypt\src\tfm.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + + + Configuration + + + File_Config.c + 1 + ..\MDK-ARM\config\File_Config.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + Net_Config.c + 1 + ..\MDK-ARM\config\Net_Config.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + config.h + 5 + ..\MDK-ARM\CyaSSL\config.h + + + RTX_Conf_CM.c + 1 + ..\MDK-ARM\config\RTX_Conf_CM.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + Net_Debug.c + 1 + ..\MDK-ARM\config\Net_Debug.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + config-FS.h + 5 + ..\MDK-ARM\CyaSSL\config-FS.h + + + config-RTX-TCP-FS.h + 5 + ..\MDK-ARM\CyaSSL\config-RTX-TCP-FS.h + + + config-BARE-METAL.h + 5 + ..\MDK-ARM\CyaSSL\config-BARE-METAL.h + + + startup_stm32f2xx.s + 2 + ..\MDK-ARM\config\startup_stm32f2xx.s + + + + + CyaSSL-MDK + + + cyassl_MDK_ARM.c + 1 + ..\MDK-ARM\CyaSSL\cyassl_MDK_ARM.c + + + Retarget.c + 1 + ..\MDK-ARM\CyaSSL\Retarget.c + + + time-STM32F2xx.c + 1 + ..\STM32F2xx_StdPeriph_Lib\time-STM32F2xx.c + + + + + + + + diff --git a/3P/wolfssl/IDE/MDK-ARM/STM32F2xx_StdPeriph_Lib/time-STM32F2xx.c b/3P/wolfssl/IDE/MDK-ARM/STM32F2xx_StdPeriph_Lib/time-STM32F2xx.c new file mode 100644 index 00000000..969fda07 --- /dev/null +++ b/3P/wolfssl/IDE/MDK-ARM/STM32F2xx_StdPeriph_Lib/time-STM32F2xx.c @@ -0,0 +1,299 @@ +/* main.c + * + * Copyright (C) 2006-2015 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +#ifdef HAVE_CONFIG_H + #include +#endif + +#include "time.h" + +#define PERIPH_BASE ((uint32_t)0x40000000) +/*----------------------------------------------------------------------------- + * initialize RTC + *----------------------------------------------------------------------------*/ +#include "stm32f2xx.h" + +#define assert_param(a) + +#define RTC_RSF_MASK ((uint32_t)0xFFFFFF5F) +#define SYNCHRO_TIMEOUT ((uint32_t) 0x00008000) +#define Bcd2ToByte(v) \ + ((((uint8_t)(v & (uint8_t)0xF0) >> (uint8_t)0x4) * 10) + (v & (uint8_t)0x0F)) +#define RTC_TR_RESERVED_MASK ((uint32_t)0x007F7F7F) +#define RTC_TR_MNT ((uint32_t)0x00007000) +#define RTC_TR_MNU ((uint32_t)0x00000F00) + +#define PWR_OFFSET (PWR_BASE - PERIPH_BASE) +#define CR_OFFSET (PWR_OFFSET + 0x00) +#define DBP_BitNumber 0x08 +#define CR_DBP_BB (PERIPH_BB_BASE + (CR_OFFSET * 32) + (DBP_BitNumber * 4)) +#define RTC_INIT_MASK ((uint32_t)0xFFFFFFFF) +#define INITMODE_TIMEOUT ((uint32_t) 0x00010000) + +static void init_RTC() +{ + __IO uint32_t initcounter = 0x00 ; + uint32_t initstatus = 0x00; /* Enable the PWR clock : RCC_APB1Periph_PWR */ + ((uint32_t *)RCC)[0x10] |= ((uint32_t)0x10000000) ; + + /* Allow access to RTC */ + *(__IO uint32_t *) CR_DBP_BB = ENABLE ; + /* RCC_LSEConfig(RCC_LSE_ON) */ + *(__IO uint8_t *) (RCC_BASE + 0x70) = ((uint8_t)0x00); + /* Reset LSEBYP bit */ + *(__IO uint8_t *) (RCC_BASE + 0x70) = ((uint8_t)0x00); + *(__IO uint8_t *) (RCC_BASE + 0x70) = ((uint8_t)0x01); + /* Wait till LSE is ready */ + while((RCC->BDCR << 0x2) == 0x0) { } + /* Select the RTC clock source: RCC_RTCCLKSource_LSE */ + ((RCC_TypeDef *)RCC)->BDCR |= (uint32_t)0x00000100; + + /* Enable the RTC Clock */ + *(__IO uint32_t *) (PERIPH_BB_BASE + (((RCC_BASE - PERIPH_BASE)+ 0x70) * 32) + (0x0F* 4)) = (uint32_t)ENABLE; + + *(__IO uint32_t *) CR_DBP_BB = (uint32_t)ENABLE; + RTC->ISR = (uint32_t) RTC_INIT_MASK; + do { + initstatus = RTC->ISR & RTC_ISR_INITF; + initcounter++; + } while((initcounter != INITMODE_TIMEOUT) && (initstatus == 0x00)); + + /* Disable the write protection for RTC registers */ + RTC->WPR = 0xCA; + RTC->WPR = 0x53; + + RTC->CR &= ((uint32_t)~(RTC_CR_FMT)); /* Clear RTC CR FMT Bit */ + /* Set RTC_CR register */ + RTC->CR |= ((uint32_t)0x00000000) ; /* RTC_HourFormat_24 */ + + /* Configure the RTC PRER */ + RTC->PRER = 0x7f ; + RTC->PRER |= (uint32_t)(0xff << 16); + + /* Exit Initialization mode */ + RTC->ISR &= (uint32_t)~RTC_ISR_INIT; + + /* Enable the write protection for RTC registers */ + RTC->WPR = 0xFF; +} + +/*----------------------------------------------------------------------------- + * initialize TIM + *----------------------------------------------------------------------------*/ +#define RCC_APB1Periph_TIM2 ((uint32_t)0x00000001) + +static void init_TIM() +{ + uint16_t tmpcr1 = 0; + + ((uint32_t *)RCC)[0x10] |= RCC_APB1Periph_TIM2 ; + + tmpcr1 = TIM2->CR1 ; + tmpcr1 &= (uint16_t) (~(((uint16_t)0x0010) | ((uint16_t)0x0060) )); + /* CR1 &= ~(TIM_CR1_DIR | TIM_CR1_CMS) */ + tmpcr1 |= (uint16_t)0x0000 ; /* CR1 |= TIM_CounterMode_Up */ + TIM2->CR1= tmpcr1 ; + + TIM2->ARR = 0xffffffff ; /* ARR= TIM_Period */ + TIM2->PSC = 60 ; /* PSC = TIM_Prescaler */ + TIM2->EGR = ((uint16_t)0x0001) ; /* EGR = TIM_PSCReloadMode_Immediate */ + + *(uint16_t *)(PERIPH_BASE+0x0) |=((uint16_t)0x0001) ; + /* TIM_Cmd(TIM2, ENABLE) ; */ +} + +void init_time(void) { + init_RTC() ; + init_TIM() ; +} + +static void GetTime(uint8_t *h, uint8_t *m, uint8_t *s) +{ + uint32_t tmpreg = 0; + tmpreg = (uint32_t)(RTC->TR & RTC_TR_RESERVED_MASK); + *h = (uint8_t)Bcd2ToByte((uint8_t)((tmpreg & (RTC_TR_HT | RTC_TR_HU)) >> 16)); + *m = (uint8_t)Bcd2ToByte((uint8_t)((tmpreg & (RTC_TR_MNT | RTC_TR_MNU)) >>8)); + *s = (uint8_t)Bcd2ToByte((tmpreg & (RTC_TR_ST | RTC_TR_SU))); +} + +static uint32_t ByteToBcd2(uint8_t Value) +{ + uint8_t bcdhigh = 0; + while (Value >= 10) { + bcdhigh++; + Value -= 10; + } + return ((uint8_t)(bcdhigh << 4) | Value); +} + +static void SetTime(uint8_t h, uint8_t m, uint8_t s) +{ + __IO uint32_t synchrocounter = 0; + uint32_t synchrostatus = 0x00; + __IO uint32_t initcounter = 0; + uint32_t initstatus = 0x00; + uint32_t tmpreg ; + + tmpreg = ((ByteToBcd2(h) << 16) | (ByteToBcd2(m) << 8) | ByteToBcd2(s)) ; + /* Disable the write protection for RTC registers */ + RTC->WPR = 0xCA; + RTC->WPR = 0x53; + RTC->ISR &= (uint32_t)~RTC_ISR_INIT; + + RTC->ISR = (uint32_t)RTC_INIT_MASK; + + /* Wait till RTC is in INIT state and if Time out is reached exit */ + do { + initstatus = RTC->ISR & RTC_ISR_INITF; + initcounter++; + } while((initcounter != INITMODE_TIMEOUT) && (initstatus == 0x00)); + + RTC->TR = (uint32_t)(tmpreg & RTC_TR_RESERVED_MASK); + + RTC->ISR &= (uint32_t)RTC_RSF_MASK; + /* Wait the registers to be synchronised */ + do { + synchrostatus = RTC->ISR & RTC_ISR_RSF; + synchrocounter++; + } while((synchrocounter != SYNCHRO_TIMEOUT) && (synchrostatus == 0x00)); + + RTC->WPR = 0xFF; +} + +static void GetDate(uint8_t *y, uint8_t *m, uint8_t *d) +{ + uint32_t tmpreg = 0; + tmpreg = (uint32_t)(RTC->DR & RTC_TR_RESERVED_MASK); + *y = (uint8_t)Bcd2ToByte((uint8_t)((tmpreg & (RTC_DR_YT|RTC_DR_YU)) >>16)); + *m = (uint8_t)Bcd2ToByte((uint8_t)((tmpreg & (RTC_DR_MT|RTC_DR_MU)) >> 8)); + *d = (uint8_t)Bcd2ToByte((uint8_t)(tmpreg & (RTC_DR_DT |RTC_DR_DU))); +} + +static void SetDate(uint8_t y, uint8_t m, uint8_t d) +{ + __IO uint32_t synchrocounter = 0; + uint32_t synchrostatus = 0x00; + __IO uint32_t initcounter = 0; + uint32_t initstatus = 0x00; + uint32_t tmpreg = 0 ; + + tmpreg = ((ByteToBcd2(y) << 16) | (ByteToBcd2(m) << 8) | ByteToBcd2(d)) ; + /* Disable the write protection for RTC registers */ + RTC->WPR = 0xCA; + RTC->WPR = 0x53; + RTC->ISR &= (uint32_t)~RTC_ISR_INIT; + + RTC->ISR = (uint32_t)RTC_INIT_MASK; + + /* Wait till RTC is in INIT state and if Time out is reached exit */ + do { + initstatus = RTC->ISR & RTC_ISR_INITF; + initcounter++; + } while((initcounter != INITMODE_TIMEOUT) && (initstatus == 0x00)); + + RTC->DR = (uint32_t)(tmpreg & RTC_TR_RESERVED_MASK); + + RTC->ISR &= (uint32_t)RTC_RSF_MASK; + /* Wait the registers to be synchronised */ + do { + synchrostatus = RTC->ISR & RTC_ISR_RSF; + synchrocounter++; + } while((synchrocounter != SYNCHRO_TIMEOUT) && (synchrostatus == 0x00)); + + RTC->WPR = 0xFF; +} + + +#include +void CYASSL_MSG(const char *msg) ; + +struct tm *Cyassl_MDK_gmtime(const time_t *c) +{ + uint8_t h, m, s ; + uint8_t y, mo, d ; + static struct tm date ; + + GetTime(&h, &m, &s) ; + GetDate(&y, &mo, &d) ; + + date.tm_year = y + 100 ; + date.tm_mon = mo - 1 ; + date.tm_mday = d ; + date.tm_hour = h ; + date.tm_min = m ; + date.tm_sec = s ; + + #if defined(DEBUG_CYASSL) + { + char msg[100] ; + sprintf(msg, + "Debug::Cyassl_KEIL_gmtime(DATE=/%2d/%02d/%04d TIME=%02d:%02d:%02d)\n", + d, mo, y+2000, h, m, s) ; + CYASSL_MSG(msg) ; + } + #endif + + return(&date) ; +} + +double current_time() +{ + return ((double)TIM2->CNT/1000000.0) ; +} + +typedef struct func_args { + int argc; + char** argv; + int return_code; +} func_args; + +void time_main(void *args) +{ + char * datetime ; + uint8_t h, m, s ; + uint8_t y, mo, d ; + + if( args == NULL || ((func_args *)args)->argc == 1) { + GetTime(&h, &m, &s) ; + GetDate(&y, &mo, &d) ; + printf("Date: %d/%d/%d, Time: %02d:%02d:%02d\n", + mo, d, y+2000, h, m, s) ; + } else if(((func_args *)args)->argc == 3 && + ((func_args *)args)->argv[1][0] == '-' && + ((func_args *)args)->argv[1][1] == 'd' ) { + datetime = ((func_args *)args)->argv[2]; + sscanf(datetime, "%d/%d/%d", (int *)&mo, (int *)&d, (int *) &y) ; + SetDate(y-2000, mo, d) ; + } else if(((func_args *)args)->argc == 3 && + ((func_args *)args)->argv[1][0] == '-' && + ((func_args *)args)->argv[1][1] == 't' ) { + datetime = ((func_args *)args)->argv[2]; + sscanf(datetime, "%d:%d:%d", + (int *)&h, (int *)&m, (int *)&s) ; + SetTime(h, m, s) ; + } else printf("Invalid argument\n") ; +} + + +/******************************************************************* + time() +********************************************************************/ +time_t time(time_t * t) { return 0 ; } diff --git a/3P/wolfssl/IDE/MDK5-ARM/Conf/config-Crypt.h b/3P/wolfssl/IDE/MDK5-ARM/Conf/config-Crypt.h new file mode 100644 index 00000000..2004294c --- /dev/null +++ b/3P/wolfssl/IDE/MDK5-ARM/Conf/config-Crypt.h @@ -0,0 +1,185 @@ +/* config-FS.h + * + * Copyright (C) 2006-2015 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + */ + + +// <<< Use Configuration Wizard in Context Menu >>> + +// wolfCrypt Configuration + +// Cert/Key Strage +// Cert Storage <0=> SD Card <1=> Mem Buff (1024bytes) <2=> Mem Buff (2048bytes) +#define MDK_CONF_CERT_BUFF 0 +#if MDK_CONF_CERT_BUFF== 1 +#define USE_CERT_BUFFERS_1024 +#elif MDK_CONF_CERT_BUFF == 2 +#define USE_CERT_BUFFERS_2048 +#endif +// + +// Crypt Algrithm + +// MD5, SHA, SHA-256, AES, RC4, ASN, RSA +// + +// MD2 +#define MDK_CONF_MD2 0 +#if MDK_CONF_MD2 == 1 +#define CYASSL_MD2 +#endif +// +// MD4 +#define MDK_CONF_MD4 1 +#if MDK_CONF_MD4 == 0 +#define NO_MD4 +#endif +// +// SHA-384 +// This has to be with SHA512 +#define MDK_CONF_SHA384 0 +#if MDK_CONF_SHA384 == 1 +#define CYASSL_SHA384 +#endif +// +// SHA-512 +#define MDK_CONF_SHA512 0 +#if MDK_CONF_SHA512 == 1 +#define CYASSL_SHA512 +#endif +// +// RIPEMD +#define MDK_CONF_RIPEMD 0 +#if MDK_CONF_RIPEMD == 1 +#define CYASSL_RIPEMD +#endif +// +// HMAC +#define MDK_CONF_HMAC 1 +#if MDK_CONF_HMAC == 0 +#define NO_HMAC +#endif +// +// HC128 +#define MDK_CONF_HC128 0 +#if MDK_CONF_HC128 == 1 +#define HAVE_HC128 +#endif +// +// RABBIT +#define MDK_CONF_RABBIT 1 +#if MDK_CONF_RABBI == 0 +#define NO_RABBIT +#endif +// + +// AEAD +#define MDK_CONF_AEAD 0 +#if MDK_CONF_AEAD == 1 +#define HAVE_AEAD +#endif +// +// DES3 +#define MDK_CONF_DES3 1 +#if MDK_CONF_DES3 == 0 +#define NO_DES3 +#endif +// +// CAMELLIA +#define MDK_CONF_CAMELLIA 0 +#if MDK_CONF_CAMELLIA == 1 +#define HAVE_CAMELLIA +#endif +// + +// DH +// need this for CYASSL_SERVER, OPENSSL_EXTRA +#define MDK_CONF_DH 1 +#if MDK_CONF_DH == 0 +#define NO_DH +#endif +// +// DSA +#define MDK_CONF_DSA 1 +#if MDK_CONF_DSA == 0 +#define NO_DSA +#endif +// +// PWDBASED +#define MDK_CONF_PWDBASED 1 +#if MDK_CONF_PWDBASED == 0 +#define NO_PWDBASED +#endif +// + +// ECC +#define MDK_CONF_ECC 0 +#if MDK_CONF_ECC == 1 +#define HAVE_ECC +#endif +// +// PSK +#define MDK_CONF_PSK 1 +#if MDK_CONF_PSK == 0 +#define NO_PSK +#endif +// +// AESCCM (Turn off Hardware Crypt) +#define MDK_CONF_AESCCM 0 +#if MDK_CONF_AESCCM == 1 +#define HAVE_AESCCM +#endif +// +// AESGCM (Turn off Hardware Crypt) +#define MDK_CONF_AESGCM 0 +#if MDK_CONF_AESGCM == 1 +#define HAVE_AESGCM +#define BUILD_AESGCM +#endif +// +// NTRU (need License, "crypto_ntru.h") +#define MDK_CONF_NTRU 0 +#if MDK_CONF_NTRU == 1 +#define HAVE_NTRU +#endif +// +// + +// Hardware Crypt (See document for usage) +// Hardware RNG +#define MDK_CONF_STM32F2_RNG 0 +#if MDK_CONF_STM32F2_RNG == 1 +#define STM32F2_RNG +#else + +#endif +// +// Hardware Crypt +#define MDK_CONF_STM32F2_CRYPTO 0 +#if MDK_CONF_STM32F2_CRYPTO == 1 +#define STM32F2_CRYPTO +#endif +// + +// + + + +// +// <<< end of configuration section >>> diff --git a/3P/wolfssl/IDE/MDK5-ARM/Conf/config-CyaSSL.h b/3P/wolfssl/IDE/MDK5-ARM/Conf/config-CyaSSL.h new file mode 100644 index 00000000..9e9d1384 --- /dev/null +++ b/3P/wolfssl/IDE/MDK5-ARM/Conf/config-CyaSSL.h @@ -0,0 +1,144 @@ +/* config-RTX-TCP-FS.h + * + * Copyright (C) 2006-2015 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + */ + + +/**** CyaSSL for KEIL-RL Configuration ****/ + +#define __CORTEX_M3__ +#define CYASSL_MDK_ARM +#define NO_WRITEV +#define NO_CYASSL_DIR +#define NO_MAIN_DRIVER + + +#define CYASSL_DER_LOAD +#define HAVE_NULL_CIPHER + +#define HAVE_KEIL_RTX +#define CYASSL_CMSIS_RTOS +#define CYASSL_KEIL_TCP_NET + + +// <<< Use Configuration Wizard in Context Menu >>> +// CyaSSL Configuration + +// SSL (Included by default) +// + +// TLS +#define MDK_CONF_TLS 1 +#if MDK_CONF_TLS == 0 +#define NO_TLS +#endif +// + +// CRL +#define MDK_CONF_DER_LOAD 0 +#if MDK_CONF_DER_LOAD == 1 +#define CYASSL_DER_LOAD +#endif +// +// OpenSSL Extra +#define MDK_CONF_OPENSSL_EXTRA 1 +#if MDK_CONF_OPENSSL_EXTRA == 1 +#define OPENSSL_EXTRA +#endif +// +// + +// Cert/Key Generation +// CertGen +#define MDK_CONF_CERT_GEN 0 +#if MDK_CONF_CERT_GEN == 1 +#define CYASSL_CERT_GEN +#endif +// +// KeyGen +#define MDK_CONF_KEY_GEN 0 +#if MDK_CONF_KEY_GEN == 1 +#define CYASSL_KEY_GEN +#endif +// +// + +// Others + +// Inline +#define MDK_CONF_INLINE 0 +#if MDK_CONF_INLINE == 0 +#define NO_INLINE +#endif +// +// Debug +// Debug Message +#define MDK_CONF_DebugMessage 0 +#if MDK_CONF_DebugMessage == 1 +#define DEBUG_CYASSL +#endif +// +// Check malloc +#define MDK_CONF_CheckMalloc 1 +#if MDK_CONF_CheckMalloc == 1 +#define CYASSL_MALLOC_CHECK +#endif +// + + +// +// ErrNo.h +#define MDK_CONF_ErrNo 0 +#if MDK_CONF_ErrNo == 1 +#define HAVE_ERRNO +#endif +// +// Error Strings +#define MDK_CONF_ErrorStrings 1 +#if MDK_CONF_ErrorStrings == 0 +#define NO_ERROR_STRINGS +#endif +// +// zlib (need "zlib.h") +#define MDK_CONF_LIBZ 0 +#if MDK_CONF_LIBZ == 1 +#define HAVE_LIBZ +#endif +// +// CAVIUM (need CAVIUM headers) +#define MDK_CONF_CAVIUM 0 +#if MDK_CONF_CAVIUM == 1 +#define HAVE_CAVIUM +#endif +// +// Small Stack +#define MDK_CONF_SmallStack 1 +#if MDK_CONF_SmallStack == 0 +#define NO_CYASSL_SMALL_STACK +#endif +// +// Use Fast Math +#define MDK_CONF_FASTMATH 0 +#if MDK_CONF_FASTMATH == 1 +#define USE_FAST_MATH +#endif +// +// + +// <<< end of configuration section >>> diff --git a/3P/wolfssl/IDE/MDK5-ARM/Inc/cert_data.h b/3P/wolfssl/IDE/MDK5-ARM/Inc/cert_data.h new file mode 100644 index 00000000..6629ee05 --- /dev/null +++ b/3P/wolfssl/IDE/MDK5-ARM/Inc/cert_data.h @@ -0,0 +1,39 @@ +#ifndef CYASSL_CERT_DATA_H +#define CYASSL_CERT_DATA_H + +#ifdef USE_CERT_BUFFERS_1024 +extern const unsigned char client_key_der_1024[] ; +extern int sizeof_client_key_der_1024 ; +/* ./certs/1024/client-cert.der, 1024-bit */ +extern const unsigned char client_cert_der_1024[] ; +extern int sizeof_client_cert_der_1024 ; +/* ./certs/1024/dh1024.der, 1024-bit */ +extern const unsigned char dh_key_der_1024[] ; +extern int sizeof_dh_key_der_1024 ; +/* ./certs/1024/dsa1024.der, 1024-bit */ +extern const unsigned char dsa_key_der_1024[] ; +extern int sizeof_dsa_key_der_1024 ; +/* ./certs/1024/rsa1024.der, 1024-bit */ +extern const unsigned char rsa_key_der_1024[] ; +extern int sizeof_rsa_key_der_1024 ; + +#elif defined(USE_CERT_BUFFERS_2048) +/* ./certs/client-key.der, 2048-bit */ +extern const unsigned char client_key_der_2048[] ; +extern int sizeof_client_key_der_2048 ; +/* ./certs/client-cert.der, 2048-bit */ +extern const unsigned char client_cert_der_2048[] ; +extern int sizeof_client_cert_der_2048 ; +/* ./certs/dh2048.der, 2048-bit */ +extern const unsigned char dh_key_der_2048[] ; +extern int sizeof_dh_key_der_2048 ; +/* ./certs/dsa2048.der, 2048-bit */ +extern const unsigned char dsa_key_der_2048[] ; +extern int sizeof_dsa_key_der_2048; +/* ./certs/rsa2048.der, 2048-bit */ +extern const unsigned char rsa_key_der_2048[] ; +extern int sizeof_rsa_key_der_2048 ; +#endif + +#endif + diff --git a/3P/wolfssl/IDE/MDK5-ARM/Inc/config.h b/3P/wolfssl/IDE/MDK5-ARM/Inc/config.h new file mode 100644 index 00000000..6fbc07d0 --- /dev/null +++ b/3P/wolfssl/IDE/MDK5-ARM/Inc/config.h @@ -0,0 +1,62 @@ +/* config.h + * + * Copyright (C) 2006-2015 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + */ + +#define __CORTEX_M3__ +#define CYASSL_MDK_ARM +#define CYASSL_MDK5 +#define CYASSL_CMSIS_RTOS + +#define NO_WRITEV +#define NO_CYASSL_DIR +#define BENCH_EMBEDDED + +#define CYASSL_DER_LOAD +#define HAVE_NULL_CIPHER +#define NO_MAIN_DRIVER + +#if defined(MDK_CONF_CYASSL) +#define CYASSL_MDK_SHELL +#include "config-Crypt.h" +#include "config-CyaSSL.h" +#elif defined(MDK_CONF_SimpleClient) +#include "config-Crypt.h" +#include "config-CyaSSL.h" +#elif defined(MDK_CONF_SimpleServer) +#include "config-Crypt.h" +#include "config-CyaSSL.h" +#elif defined(MDK_CONF_EchoClient) +#include "config-Crypt.h" +#include "config-CyaSSL.h" +#elif defined(MDK_CONF_EchoServer) +#include "config-Crypt.h" +#include "config-CyaSSL.h" +#elif defined(MDK_CONF_Benchmark) +#define SINGLE_THREADED +#define NO_INLINE +#include "config-Crypt.h" +#elif defined(MDK_CONF_CryptTest) +#define SINGLE_THREADED +#define NO_INLINE +#include "config-Crypt.h" + +#endif + + diff --git a/3P/wolfssl/IDE/MDK5-ARM/Inc/cyassl_MDK_ARM.h b/3P/wolfssl/IDE/MDK5-ARM/Inc/cyassl_MDK_ARM.h new file mode 100644 index 00000000..43c5c5ad --- /dev/null +++ b/3P/wolfssl/IDE/MDK5-ARM/Inc/cyassl_MDK_ARM.h @@ -0,0 +1,106 @@ +/* cyassl_KEIL_RL.h + * + * Copyright (C) 2006-2015 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +/******************************************************************************/ +/** This file is for defining types, values for specific to KEIL-MDK-ARM. **/ +/******************************************************************************/ +#ifndef CYASSL_KEIL_RL_H +#define CYASSL_KEIL_RL_H + + + +#include + +/* Go to STDIN */ +#define fgets(buff, sz, fd) Cyassl_fgets(buff, sz, fd) +extern char * Cyassl_fgets ( char * str, int num, FILE * f ) ; + +#define SOCKET_T int + +/*** #include ***/ +#define NUMBITSPERBYTE 8 +#define FD_SETSIZE 10 + +typedef long fd_mask; +#define NFDBITS (sizeof(fd_mask) * NUMBITSPERBYTE) /* bits per mask */ + +typedef struct fd_set { + fd_mask fds_bits[(FD_SETSIZE + NFDBITS - 1) / NFDBITS]; +} fd_set; + +/*** #include ***/ +struct timeval { + long tv_sec; /* seconds */ + long tv_usec; /* microseconds */ +}; + + +#if defined(CYASSL_KEIL_TCP_NET) + + +#if defined(CYASSL_MDK5) +#define SCK_EWOULDBLOCK BSD_ERROR_WOULDBLOCK +#define SCK_ETIMEOUT BSD_ERROR_TIMEOUT +#include "rl_net.h" +#endif + +typedef int socklen_t ; + +/* for avoiding conflict with KEIL-TCPnet BSD socket */ +/* Bodies are in cyassl_KEIL_RL.c */ +#define connect Cyassl_connect +#define accept Cyassl_accept +#define recv Cyassl_recv +#define send Cyassl_send +#define sleep Cyassl_sleep + +/* for avoiding conflicting with KEIL-TCPnet TCP socket */ +/* Bodies are in test.h */ +#define tcp_connect Cyassl_tcp_connect +#define tcp_socket Cyassl_tcp_soket +#define tcp_listen Cyassl_tcp_listen +#define tcp_select Cyassl_tcp_select + +extern int Cyassl_connect(int sd, const struct sockaddr * sa, int sz) ; +extern int Cyassl_accept(int sd, struct sockaddr *addr, socklen_t *addrlen); +extern int Cyassl_recv(int sd, void *buf, size_t len, int flags); +extern int Cyassl_send(int sd, const void *buf, size_t len, int flags); +extern void Cyassl_sleep(int sec) ; +extern int Cyassl_tcp_select(int sd, int timeout) ; + +/** KEIL-RL TCPnet ****/ +/* TCPnet BSD socket does not have following functions. */ +extern char *inet_ntoa(struct in_addr in); +extern unsigned long inet_addr(const char *cp); +extern int setsockopt(int sockfd, int level, int optname, + const void *optval, socklen_t optlen); +extern int select(int nfds, fd_set *readfds, fd_set *writefds, + fd_set *exceptfds, const struct timeval *timeout); + +#endif /* CYASSL_KEIL_TCP_NET */ + + +/* CyaSSL MDK-ARM time functions */ +#include +struct tm *Cyassl_MDK_gmtime(const time_t *c) ; +extern double current_time(void) ; + +#endif /* CYASSL_KEIL_RL_H */ diff --git a/3P/wolfssl/IDE/MDK5-ARM/Projects/CryptBenchmark/Abstract.txt b/3P/wolfssl/IDE/MDK5-ARM/Projects/CryptBenchmark/Abstract.txt new file mode 100644 index 00000000..b929f9bc --- /dev/null +++ b/3P/wolfssl/IDE/MDK5-ARM/Projects/CryptBenchmark/Abstract.txt @@ -0,0 +1,15 @@ +This program is a simple benchmark of wolfCrypt library. + +In order to run this benchmark, copy +{PACK}\wolfSSL\CyaSSL\{version}\cyassl\certs folder and files to the SD memory. + +For benchmark configuration, refer config-Crypt.h. + +For the hardware crypt on config-Crypt.h, download +STSW-STM32062: STM32F2xx standard peripherals library at +http://www.st.com/. Copy Libraries\STM32F2xx_StdPeriph_Driver\{inc,src} to + {PACK}\cyassl\IDE\MDK5-ARM\STM32F2xx_StdPeriph_Lib + +Support +------- +Please send questions or comments to support@wolfssl.com diff --git a/3P/wolfssl/IDE/MDK5-ARM/Projects/CryptBenchmark/CryptBenchmark.uvoptx b/3P/wolfssl/IDE/MDK5-ARM/Projects/CryptBenchmark/CryptBenchmark.uvoptx new file mode 100644 index 00000000..2100471c --- /dev/null +++ b/3P/wolfssl/IDE/MDK5-ARM/Projects/CryptBenchmark/CryptBenchmark.uvoptx @@ -0,0 +1,995 @@ + + + + 1.0 + +
### uVision Project, (C) Keil Software
+ + + *.c + *.s*; *.src; *.a* + *.obj + *.lib + *.txt; *.h; *.inc + *.plm + *.cpp + + + + 0 + 0 + + + + CryptBenchmark + 0x4 + ARM-ADS + + 120000000 + + 1 + 1 + 0 + 1 + + + 1 + 65535 + 0 + 0 + 0 + + + 79 + 66 + 8 + .\Object\ + + + 1 + 1 + 1 + 0 + 1 + 1 + 0 + 1 + 0 + 0 + 0 + 0 + + + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 0 + + + 1 + 0 + 1 + + 255 + + + 0 + Schematics (MCBSTM32F200) + C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\Documents\mcbstm32f200-schematics.pdf + + + 1 + User Manual (MCBSTM32F200) + C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\Documents\mcbstm32f200.chm + + + 2 + MCBSTM32F200 Evaluation Board Web Page (MCBSTM32F200) + http://www.keil.com/mcbstm32f200/ + + + + 0 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 1 + 1 + 1 + 1 + 1 + 0 + 0 + 8 + + + + + + + + + + .\STM32_SWO.ini + BIN\ULP2CM3.DLL + + + + 0 + DLGTARM + (1010=-1,-1,-1,-1,0)(1007=-1,-1,-1,-1,0)(1008=-1,-1,-1,-1,0)(1009=-1,-1,-1,-1,0)(1012=-1,-1,-1,-1,0) + + + 0 + ARMDBGFLAGS + + + + 0 + ULP2CM3 + -UP1135060 -O206 -S8 -C0 -P00 -N00("ARM CoreSight SW-DP") -D00(2BA01477) -L00(0) -TO19 -TC120000000 -TP18 -TDX0 -TDD0 -TDS8000 -TDT0 -TDC1F -TIE1 -TIP1 -FO7 -FD20000000 -FC1000 -FN1 -FF0STM32F2xx_1024.flm -FS08000000 -FL0100000 -FP0($$Device:STM32F207IG$Flash\STM32F2xx_1024.flm) + + + 0 + DLGUARM + + + + 0 + UL2CM3 + UL2CM3(-S0 -C0 -P0 ) -FN1 -FC1000 -FD20000000 -FF0STM32F2xx_1024 -FL0100000 -FS08000000 -FP0($$Device:STM32F207IG$Flash\STM32F2xx_1024.FLM) + + + + + + 1 + 8 + 0x20000408 + + + + + 2 + 8 + 0x8004dc8 + + + + 0 + + + 0 + 0 + 1 + 0 + 0 + 0 + 0 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 1 + 1 + 0 + 0 + 0 + + + + + + + + Source + 1 + 0 + 0 + 0 + + 1 + 1 + 1 + 0 + 0 + 0 + 0 + .\main.c + main.c + 0 + 0 + + + 1 + 2 + 1 + 0 + 0 + 0 + 0 + .\benchmark.c + benchmark.c + 0 + 0 + + + + + Configuration + 1 + 0 + 0 + 0 + + 2 + 3 + 5 + 0 + 0 + 0 + 0 + .\RTE\wolfSSL\config-Crypt.h + config-Crypt.h + 0 + 0 + + + 2 + 4 + 5 + 0 + 0 + 0 + 0 + .\RTE\wolfSSL\settings.h + settings.h + 0 + 0 + + + + + Documentation + 1 + 0 + 0 + 0 + + 3 + 5 + 5 + 0 + 0 + 0 + 0 + .\Abstract.txt + Abstract.txt + 0 + 0 + + + + + Devices + 1 + 0 + 0 + 0 + + 4 + 6 + 1 + 0 + 0 + 0 + 0 + .\time-CortexM3-4.c + time-CortexM3-4.c + 0 + 0 + + + 4 + 7 + 1 + 0 + 0 + 0 + 0 + .\time-dummy.c + time-dummy.c + 0 + 0 + + + + + ::CMSIS + 1 + 0 + 0 + 1 + + 5 + 8 + 1 + 0 + 0 + 0 + 0 + RTE\CMSIS\RTX_Conf_CM.c + RTX_Conf_CM.c + 1 + 0 + + + 5 + 9 + 4 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.4\CMSIS_RTX\Lib\ARM\RTX_CM3.lib + RTX_CM3.lib + 1 + 0 + + + + + ::Device + 1 + 0 + 0 + 1 + + 6 + 10 + 5 + 0 + 0 + 0 + 0 + RTE\Device\STM32F207IG\RTE_Device.h + RTE_Device.h + 1 + 0 + + + 6 + 11 + 2 + 0 + 0 + 0 + 0 + RTE\Device\STM32F207IG\startup_stm32f2xx.s + startup_stm32f2xx.s + 1 + 0 + + + 6 + 12 + 1 + 0 + 0 + 0 + 0 + RTE\Device\STM32F207IG\system_stm32f2xx.c + system_stm32f2xx.c + 1 + 0 + + + 6 + 13 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\DMA_STM32F2xx.c + DMA_STM32F2xx.c + 1 + 0 + + + 6 + 14 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\GPIO_STM32F2xx.c + GPIO_STM32F2xx.c + 1 + 0 + + + + + ::Drivers + 0 + 0 + 0 + 1 + + 7 + 15 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\MCI_STM32F2xx.c + MCI_STM32F2xx.c + 1 + 0 + + + + + ::File System + 0 + 0 + 0 + 1 + + 8 + 16 + 1 + 0 + 0 + 0 + 0 + RTE\File_System\FS_Config.c + FS_Config.c + 1 + 0 + + + 8 + 17 + 5 + 0 + 0 + 0 + 0 + RTE\File_System\FS_Config_MC_0.h + FS_Config_MC_0.h + 1 + 0 + + + 8 + 18 + 4 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.6\FileSystem\Lib\ARM\FS_LFN_CM3_L.lib + FS_LFN_CM3_L.lib + 1 + 0 + + + + + ::wolfSSL + 0 + 0 + 0 + 1 + + 9 + 19 + 5 + 0 + 0 + 0 + 0 + RTE\wolfSSL\config-Crypt.h + config-Crypt.h + 1 + 0 + + + 9 + 20 + 5 + 0 + 0 + 0 + 0 + RTE\wolfSSL\settings.h + settings.h + 1 + 0 + + + 9 + 21 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\IDE\MDK5-ARM\Src\cyassl_MDK_ARM.c + cyassl_MDK_ARM.c + 1 + 0 + + + 9 + 22 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\IDE\MDK5-ARM\Src\ssl-dummy.c + ssl-dummy.c + 1 + 0 + + + 9 + 23 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\aes.c + aes.c + 1 + 0 + + + 9 + 24 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\arc4.c + arc4.c + 1 + 0 + + + 9 + 25 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\asm.c + asm.c + 1 + 0 + + + 9 + 26 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\asn.c + asn.c + 1 + 0 + + + 9 + 27 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\blake2b.c + blake2b.c + 1 + 0 + + + 9 + 28 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\camellia.c + camellia.c + 1 + 0 + + + 9 + 29 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\coding.c + coding.c + 1 + 0 + + + 9 + 30 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\compress.c + compress.c + 1 + 0 + + + 9 + 31 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\des3.c + des3.c + 1 + 0 + + + 9 + 32 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\dh.c + dh.c + 1 + 0 + + + 9 + 33 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\dsa.c + dsa.c + 1 + 0 + + + 9 + 34 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\ecc.c + ecc.c + 1 + 0 + + + 9 + 35 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\ecc_fp.c + ecc_fp.c + 1 + 0 + + + 9 + 36 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\error.c + error.c + 1 + 0 + + + 9 + 37 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\hc128.c + hc128.c + 1 + 0 + + + 9 + 38 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\hmac.c + hmac.c + 1 + 0 + + + 9 + 39 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\integer.c + integer.c + 1 + 0 + + + 9 + 40 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\logging.c + logging.c + 1 + 0 + + + 9 + 41 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\md2.c + md2.c + 1 + 0 + + + 9 + 42 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\md4.c + md4.c + 1 + 0 + + + 9 + 43 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\md5.c + md5.c + 1 + 0 + + + 9 + 44 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\memory.c + memory.c + 1 + 0 + + + 9 + 45 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\misc.c + misc.c + 1 + 0 + + + 9 + 46 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\pwdbased.c + pwdbased.c + 1 + 0 + + + 9 + 47 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\rabbit.c + rabbit.c + 1 + 0 + + + 9 + 48 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\random.c + random.c + 1 + 0 + + + 9 + 49 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\ripemd.c + ripemd.c + 1 + 0 + + + 9 + 50 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\rsa.c + rsa.c + 1 + 0 + + + 9 + 51 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\sha.c + sha.c + 1 + 0 + + + 9 + 52 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\sha256.c + sha256.c + 1 + 0 + + + 9 + 53 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\sha512.c + sha512.c + 1 + 0 + + + 9 + 54 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\tfm.c + tfm.c + 1 + 0 + + + 9 + 55 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\wc_port.c + wc_port.c + 1 + 0 + + + + diff --git a/3P/wolfssl/IDE/MDK5-ARM/Projects/CryptBenchmark/CryptBenchmark.uvprojx b/3P/wolfssl/IDE/MDK5-ARM/Projects/CryptBenchmark/CryptBenchmark.uvprojx new file mode 100644 index 00000000..02f337fd --- /dev/null +++ b/3P/wolfssl/IDE/MDK5-ARM/Projects/CryptBenchmark/CryptBenchmark.uvprojx @@ -0,0 +1,975 @@ + + + + 2.1 + +
### uVision Project, (C) Keil Software
+ + + + CryptBenchmark + 0x4 + ARM-ADS + + + STM32F207IG + STMicroelectronics + IRAM(0x20000000,0x20000) IROM(0x08000000,0x100000) CPUTYPE("Cortex-M3") CLOCK(120000000) ELITTLE + + + UL2CM3(-S0 -C0 -P0 -FD20000000 -FC1000 -FN1 -FF0STM32F2xx_1024 -FS08000000 -FL0100000 -FP0($$Device:STM32F207IG$Flash\STM32F2xx_1024.flm)) + 0 + $$Device:STM32F207IG$Device\Include\stm32f2xx.h + + + + + + + + + + $$Device:STM32F207IG$SVD\STM32F20x.svd + 0 + 0 + + + + + + + 0 + 0 + 0 + 0 + 1 + + .\Object\ + CryptBenchmark + 1 + 0 + 0 + 1 + 1 + .\Object\ + 1 + 0 + 0 + + 0 + 0 + + + 0 + 0 + 0 + 0 + + + 0 + 0 + + + 0 + 0 + 0 + 0 + + + 0 + 0 + + + 0 + 0 + + 0 + + + + 0 + 0 + 0 + 0 + 0 + 1 + 0 + 0 + 0 + 0 + 3 + + + 1 + + + SARMCM3.DLL + -REMAP -MPU + DCM.DLL + -pCM3 + SARMCM3.DLL + -MPU + TCM.DLL + -pCM3 + + + + 1 + 0 + 0 + 0 + 16 + + + 0 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 1 + + + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 1 + 1 + 1 + 1 + + 0 + 8 + + + + + + + + + + + + + .\STM32_SWO.ini + BIN\ULP2CM3.DLL + + + + + 1 + 0 + 0 + 1 + 1 + 4100 + + 1 + BIN\ULP2CM3.DLL + "" () + + + + + 0 + + + + 0 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 1 + 1 + 0 + 1 + 1 + 0 + 0 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 0 + "Cortex-M3" + + 1 + 0 + 0 + 1 + 1 + 0 + 0 + 0 + 0 + 0 + 8 + 0 + 0 + 0 + 3 + 3 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 1 + 0 + 0 + 0 + 0 + 1 + 0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x20000000 + 0x20000 + + + 1 + 0x8000000 + 0x100000 + + + 0 + 0x0 + 0x0 + + + 1 + 0x0 + 0x0 + + + 1 + 0x0 + 0x0 + + + 1 + 0x0 + 0x0 + + + 1 + 0x8000000 + 0x100000 + + + 1 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x20000000 + 0x20000 + + + 0 + 0x0 + 0x0 + + + + + + 1 + 4 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + + + HAVE_CONFIG_H MDK_CONF_Benchmark + + + + + + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + + + + + + + + + 1 + 0 + 0 + 0 + 1 + 0 + 0x08000000 + 0x20000000 + + + + + + + + + + + + + Source + + + main.c + 1 + .\main.c + + + benchmark.c + 1 + .\benchmark.c + + + + + Configuration + + + config-Crypt.h + 5 + .\RTE\wolfSSL\config-Crypt.h + + + settings.h + 5 + .\RTE\wolfSSL\settings.h + + + + + Documentation + + + Abstract.txt + 5 + .\Abstract.txt + + + + + Devices + + + time-CortexM3-4.c + 1 + .\time-CortexM3-4.c + + + time-dummy.c + 1 + .\time-dummy.c + + + + + ::CMSIS + + + RTX_Conf_CM.c + 1 + RTE\CMSIS\RTX_Conf_CM.c + + + RTX_CM3.lib + 4 + C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.4\CMSIS_RTX\Lib\ARM\RTX_CM3.lib + + + + + ::Device + + + RTE_Device.h + 5 + RTE\Device\STM32F207IG\RTE_Device.h + + + startup_stm32f2xx.s + 2 + RTE\Device\STM32F207IG\startup_stm32f2xx.s + + + system_stm32f2xx.c + 1 + RTE\Device\STM32F207IG\system_stm32f2xx.c + + + DMA_STM32F2xx.c + 1 + C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\DMA_STM32F2xx.c + + + GPIO_STM32F2xx.c + 1 + C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\GPIO_STM32F2xx.c + + + + + ::Drivers + + + MCI_STM32F2xx.c + 1 + C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\MCI_STM32F2xx.c + + + + + ::File System + + + FS_Config.c + 1 + RTE\File_System\FS_Config.c + + + FS_Config_MC_0.h + 5 + RTE\File_System\FS_Config_MC_0.h + + + FS_LFN_CM3_L.lib + 4 + C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.6\FileSystem\Lib\ARM\FS_LFN_CM3_L.lib + + + + + ::wolfSSL + + + config-Crypt.h + 5 + RTE\wolfSSL\config-Crypt.h + + + settings.h + 5 + RTE\wolfSSL\settings.h + + + cyassl_MDK_ARM.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\IDE\MDK5-ARM\Src\cyassl_MDK_ARM.c + + + ssl-dummy.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\IDE\MDK5-ARM\Src\ssl-dummy.c + + + aes.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\aes.c + + + arc4.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\arc4.c + + + asm.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\asm.c + + + asn.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\asn.c + + + blake2b.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\blake2b.c + + + camellia.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\camellia.c + + + coding.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\coding.c + + + compress.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\compress.c + + + des3.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\des3.c + + + dh.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\dh.c + + + dsa.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\dsa.c + + + ecc.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\ecc.c + + + ecc_fp.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\ecc_fp.c + + + error.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\error.c + + + hc128.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\hc128.c + + + hmac.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\hmac.c + + + integer.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\integer.c + + + logging.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\logging.c + + + md2.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\md2.c + + + md4.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\md4.c + + + md5.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\md5.c + + + memory.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\memory.c + + + misc.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\misc.c + + + pwdbased.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\pwdbased.c + + + rabbit.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\rabbit.c + + + random.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\random.c + + + ripemd.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\ripemd.c + + + rsa.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\rsa.c + + + sha.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\sha.c + + + sha256.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\sha256.c + + + sha512.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\sha512.c + + + tfm.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\tfm.c + + + wc_port.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\wc_port.c + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + RTE\CMSIS\RTX_Conf_CM.c + + + + + + + + RTE\Device\STM32F207IG\RTE_Device.h + + + + + + + + RTE\Device\STM32F207IG\startup_stm32f2xx.s + + + + + + + + RTE\Device\STM32F207IG\system_stm32f2xx.c + + + + + + + + RTE\File_System\FS_Config.c + + + + + + + + RTE\File_System\FS_Config_MC_0.h + + + + + + + + RTE\Network\Net_Config.c + + + + + + RTE\Network\Net_Config_BSD.h + + + + + + RTE\Network\Net_Config_DNS_Client.h + + + + + + RTE\Network\Net_Config_ETH_0.h + + + + + + RTE\Network\Net_Config_TCP.h + + + + + + RTE\Network\Net_Config_UDP.h + + + + + + RTE\Network\Net_Debug.c + + + + + + RTE\Other\config-Crypt.h + + + + + + RTE\Other\config-FS.h + + + + + + RTE\Other\config-RTX-TCP-FS.h + + + + + + RTE\Other\config.h + + + + + + RTE\wolfSSL\config-Crypt.h + + + + + + + + RTE\wolfSSL\config.h + + + + + + RTE\wolfSSL\settings.h + + + + + + + + + + diff --git a/3P/wolfssl/IDE/MDK5-ARM/Projects/CryptBenchmark/RTE/wolfSSL/settings.h b/3P/wolfssl/IDE/MDK5-ARM/Projects/CryptBenchmark/RTE/wolfSSL/settings.h new file mode 100644 index 00000000..96538878 --- /dev/null +++ b/3P/wolfssl/IDE/MDK5-ARM/Projects/CryptBenchmark/RTE/wolfSSL/settings.h @@ -0,0 +1,667 @@ +/* settings.h + * + * Copyright (C) 2006-2015 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +/* Place OS specific preprocessor flags, defines, includes here, will be + included into every file because types.h includes it */ + + +#ifndef CTAO_CRYPT_SETTINGS_H +#define CTAO_CRYPT_SETTINGS_H + +#ifdef __cplusplus + extern "C" { +#endif + +/* Uncomment next line if using IPHONE */ +/* #define IPHONE */ + +/* Uncomment next line if using ThreadX */ +/* #define THREADX */ + +/* Uncomment next line if using Micrium ucOS */ +/* #define MICRIUM */ + +/* Uncomment next line if using Mbed */ +/* #define MBED */ + +/* Uncomment next line if using Microchip PIC32 ethernet starter kit */ +/* #define MICROCHIP_PIC32 */ + +/* Uncomment next line if using Microchip TCP/IP stack, version 5 */ +/* #define MICROCHIP_TCPIP_V5 */ + +/* Uncomment next line if using Microchip TCP/IP stack, version 6 or later */ +/* #define MICROCHIP_TCPIP */ + +/* Uncomment next line if using PIC32MZ Crypto Engine */ +/* #define CYASSL_MICROCHIP_PIC32MZ */ + +/* Uncomment next line if using FreeRTOS */ +/* #define FREERTOS */ + +/* Uncomment next line if using FreeRTOS Windows Simulator */ +/* #define FREERTOS_WINSIM */ + +/* Uncomment next line if using RTIP */ +/* #define EBSNET */ + +/* Uncomment next line if using lwip */ +/* #define CYASSL_LWIP */ + +/* Uncomment next line if building CyaSSL for a game console */ +/* #define CYASSL_GAME_BUILD */ + +/* Uncomment next line if building CyaSSL for LSR */ +/* #define CYASSL_LSR */ + +/* Uncomment next line if building CyaSSL for Freescale MQX/RTCS/MFS */ +/* #define FREESCALE_MQX */ + +/* Uncomment next line if using STM32F2 */ +/* #define CYASSL_STM32F2 */ + +/* Uncomment next line if using Comverge settings */ +/* #define COMVERGE */ + +/* Uncomment next line if using QL SEP settings */ +/* #define CYASSL_QL */ + +/* Uncomment next line if using LwIP native TCP socket settings */ +/* #define HAVE_LWIP_NATIVE */ + +/* Uncomment next line if building for EROAD */ +/* #define CYASSL_EROAD */ + +#include + +#ifdef IPHONE + #define SIZEOF_LONG_LONG 8 +#endif + + +#ifdef CYASSL_USER_SETTINGS + #include +#endif + + +#ifdef COMVERGE + #define THREADX + #define HAVE_NETX + #define CYASSL_USER_IO + #define NO_WRITEV + #define NO_DEV_RANDOM + #define NO_FILESYSTEM + #define NO_SHA512 + #define NO_DH + #define NO_DSA + #define NO_HC128 + #define NO_RSA + #define NO_SESSION_CACHE + #define HAVE_ECC +#endif + + +#ifdef THREADX + #define SIZEOF_LONG_LONG 8 +#endif + +#ifdef HAVE_NETX + #include "nx_api.h" +#endif + +#if defined(HAVE_LWIP_NATIVE) /* using LwIP native TCP socket */ + #define CYASSL_LWIP + #define NO_WRITEV + #define SINGLE_THREADED + #define CYASSL_USER_IO + #define NO_FILESYSTEM +#endif + +#ifdef MICROCHIP_PIC32 + /* #define CYASSL_MICROCHIP_PIC32MZ */ + #define SIZEOF_LONG_LONG 8 + #define SINGLE_THREADED + #define CYASSL_USER_IO + #define NO_WRITEV + #define NO_DEV_RANDOM + #define NO_FILESYSTEM + #define USE_FAST_MATH + #define TFM_TIMING_RESISTANT +#endif + +#ifdef CYASSL_MICROCHIP_PIC32MZ + #define CYASSL_PIC32MZ_CE + #define CYASSL_PIC32MZ_CRYPT + #define HAVE_AES_ENGINE + #define CYASSL_PIC32MZ_RNG + /* #define CYASSL_PIC32MZ_HASH */ + #define CYASSL_AES_COUNTER + #define HAVE_AESGCM + #define NO_BIG_INT + +#endif + +#ifdef MICROCHIP_TCPIP_V5 + /* include timer functions */ + #include "TCPIP Stack/TCPIP.h" +#endif + +#ifdef MICROCHIP_TCPIP + /* include timer, NTP functions */ + #ifdef MICROCHIP_MPLAB_HARMONY + #include "tcpip/tcpip.h" + #else + #include "system/system_services.h" + #include "tcpip/sntp.h" + #endif +#endif + +#ifdef MBED + #define CYASSL_USER_IO + #define NO_FILESYSTEM + #define NO_CERT + #define USE_CERT_BUFFERS_1024 + #define NO_WRITEV + #define NO_DEV_RANDOM + #define NO_SHA512 + #define NO_DH + #define NO_DSA + #define NO_HC128 + #define HAVE_ECC + #define NO_SESSION_CACHE + #define CYASSL_CMSIS_RTOS +#endif + + +#ifdef CYASSL_EROAD + #define FREESCALE_MQX + #define FREESCALE_MMCAU + #define SINGLE_THREADED + #define NO_STDIO_FILESYSTEM + #define CYASSL_LEANPSK + #define HAVE_NULL_CIPHER + #define NO_OLD_TLS + #define NO_ASN + #define NO_BIG_INT + #define NO_RSA + #define NO_DSA + #define NO_DH + #define NO_CERTS + #define NO_PWDBASED + #define NO_DES3 + #define NO_MD4 + #define NO_RC4 + #define NO_MD5 + #define NO_SESSION_CACHE + #define NO_MAIN_DRIVER +#endif + +#ifdef FREERTOS_WINSIM + #define FREERTOS + #define USE_WINDOWS_API +#endif + + +/* Micrium will use Visual Studio for compilation but not the Win32 API */ +#if defined(_WIN32) && !defined(MICRIUM) && !defined(FREERTOS) \ + && !defined(EBSNET) && !defined(CYASSL_EROAD) + #define USE_WINDOWS_API +#endif + + +#if defined(CYASSL_LEANPSK) && !defined(XMALLOC_USER) + #include + #define XMALLOC(s, h, type) malloc((s)) + #define XFREE(p, h, type) free((p)) + #define XREALLOC(p, n, h, t) realloc((p), (n)) +#endif + +#if defined(XMALLOC_USER) && defined(SSN_BUILDING_LIBYASSL) + #undef XMALLOC + #define XMALLOC yaXMALLOC + #undef XFREE + #define XFREE yaXFREE + #undef XREALLOC + #define XREALLOC yaXREALLOC +#endif + + +#ifdef FREERTOS + #ifndef NO_WRITEV + #define NO_WRITEV + #endif + #ifndef NO_SHA512 + #define NO_SHA512 + #endif + #ifndef NO_DH + #define NO_DH + #endif + #ifndef NO_DSA + #define NO_DSA + #endif + #ifndef NO_HC128 + #define NO_HC128 + #endif + + #ifndef SINGLE_THREADED + #include "FreeRTOS.h" + #include "semphr.h" + #endif +#endif + +#ifdef EBSNET + #include "rtip.h" + + /* #define DEBUG_CYASSL */ + #define NO_CYASSL_DIR /* tbd */ + + #if (POLLOS) + #define SINGLE_THREADED + #endif + + #if (RTPLATFORM) + #if (!RTP_LITTLE_ENDIAN) + #define BIG_ENDIAN_ORDER + #endif + #else + #if (!KS_LITTLE_ENDIAN) + #define BIG_ENDIAN_ORDER + #endif + #endif + + #if (WINMSP3) + #undef SIZEOF_LONG + #define SIZEOF_LONG_LONG 8 + #else + #sslpro: settings.h - please implement SIZEOF_LONG and SIZEOF_LONG_LONG + #endif + + #define XMALLOC(s, h, type) ((void *)rtp_malloc((s), SSL_PRO_MALLOC)) + #define XFREE(p, h, type) (rtp_free(p)) + #define XREALLOC(p, n, h, t) realloc((p), (n)) + +#endif /* EBSNET */ + +#ifdef CYASSL_GAME_BUILD + #define SIZEOF_LONG_LONG 8 + #if defined(__PPU) || defined(__XENON) + #define BIG_ENDIAN_ORDER + #endif +#endif + +#ifdef CYASSL_LSR + #define HAVE_WEBSERVER + #define SIZEOF_LONG_LONG 8 + #define CYASSL_LOW_MEMORY + #define NO_WRITEV + #define NO_SHA512 + #define NO_DH + #define NO_DSA + #define NO_HC128 + #define NO_DEV_RANDOM + #define NO_CYASSL_DIR + #define NO_RABBIT + #ifndef NO_FILESYSTEM + #define LSR_FS + #include "inc/hw_types.h" + #include "fs.h" + #endif + #define CYASSL_LWIP + #include /* for tcp errno */ + #define CYASSL_SAFERTOS + #if defined(__IAR_SYSTEMS_ICC__) + /* enum uses enum */ + #pragma diag_suppress=Pa089 + #endif +#endif + +#ifdef CYASSL_SAFERTOS + #ifndef SINGLE_THREADED + #include "SafeRTOS/semphr.h" + #endif + + #include "SafeRTOS/heap.h" + #define XMALLOC(s, h, type) pvPortMalloc((s)) + #define XFREE(p, h, type) vPortFree((p)) + #define XREALLOC(p, n, h, t) pvPortRealloc((p), (n)) +#endif + +#ifdef CYASSL_LOW_MEMORY + #undef RSA_LOW_MEM + #define RSA_LOW_MEM + #undef CYASSL_SMALL_STACK + #define CYASSL_SMALL_STACK + #undef TFM_TIMING_RESISTANT + #define TFM_TIMING_RESISTANT +#endif + +#ifdef FREESCALE_MQX + #define SIZEOF_LONG_LONG 8 + #define NO_WRITEV + #define NO_DEV_RANDOM + #define NO_RABBIT + #define NO_CYASSL_DIR + #define USE_FAST_MATH + #define TFM_TIMING_RESISTANT + #define FREESCALE_K70_RNGA + /* #define FREESCALE_K53_RNGB */ + #include "mqx.h" + #ifndef NO_FILESYSTEM + #include "mfs.h" + #include "fio.h" + #endif + #ifndef SINGLE_THREADED + #include "mutex.h" + #endif + + #define XMALLOC(s, h, t) (void *)_mem_alloc_system((s)) + #define XFREE(p, h, t) {void* xp = (p); if ((xp)) _mem_free((xp));} + /* Note: MQX has no realloc, using fastmath above */ +#endif + +#ifdef CYASSL_STM32F2 + #define SIZEOF_LONG_LONG 8 + #define NO_DEV_RANDOM + #define NO_CYASSL_DIR + #define NO_RABBIT + #define STM32F2_RNG + #define STM32F2_CRYPTO + #define KEIL_INTRINSICS +#endif + +#ifdef MICRIUM + + #include "stdlib.h" + #include "net_cfg.h" + #include "ssl_cfg.h" + #include "net_secure_os.h" + + #define CYASSL_TYPES + + typedef CPU_INT08U byte; + typedef CPU_INT16U word16; + typedef CPU_INT32U word32; + + #if (NET_SECURE_MGR_CFG_WORD_SIZE == CPU_WORD_SIZE_32) + #define SIZEOF_LONG 4 + #undef SIZEOF_LONG_LONG + #else + #undef SIZEOF_LONG + #define SIZEOF_LONG_LONG 8 + #endif + + #define STRING_USER + + #define XSTRLEN(pstr) ((CPU_SIZE_T)Str_Len((CPU_CHAR *)(pstr))) + #define XSTRNCPY(pstr_dest, pstr_src, len_max) \ + ((CPU_CHAR *)Str_Copy_N((CPU_CHAR *)(pstr_dest), \ + (CPU_CHAR *)(pstr_src), (CPU_SIZE_T)(len_max))) + #define XSTRNCMP(pstr_1, pstr_2, len_max) \ + ((CPU_INT16S)Str_Cmp_N((CPU_CHAR *)(pstr_1), \ + (CPU_CHAR *)(pstr_2), (CPU_SIZE_T)(len_max))) + #define XSTRSTR(pstr, pstr_srch) \ + ((CPU_CHAR *)Str_Str((CPU_CHAR *)(pstr), \ + (CPU_CHAR *)(pstr_srch))) + #define XMEMSET(pmem, data_val, size) \ + ((void)Mem_Set((void *)(pmem), (CPU_INT08U) (data_val), \ + (CPU_SIZE_T)(size))) + #define XMEMCPY(pdest, psrc, size) ((void)Mem_Copy((void *)(pdest), \ + (void *)(psrc), (CPU_SIZE_T)(size))) + #define XMEMCMP(pmem_1, pmem_2, size) \ + (((CPU_BOOLEAN)Mem_Cmp((void *)(pmem_1), (void *)(pmem_2), \ + (CPU_SIZE_T)(size))) ? DEF_NO : DEF_YES) + #define XMEMMOVE XMEMCPY + +#if (NET_SECURE_MGR_CFG_EN == DEF_ENABLED) + #define MICRIUM_MALLOC + #define XMALLOC(s, h, type) ((void *)NetSecure_BlkGet((CPU_INT08U)(type), \ + (CPU_SIZE_T)(s), (void *)0)) + #define XFREE(p, h, type) (NetSecure_BlkFree((CPU_INT08U)(type), \ + (p), (void *)0)) + #define XREALLOC(p, n, h, t) realloc((p), (n)) +#endif + + #if (NET_SECURE_MGR_CFG_FS_EN == DEF_ENABLED) + #undef NO_FILESYSTEM + #else + #define NO_FILESYSTEM + #endif + + #if (SSL_CFG_TRACE_LEVEL == CYASSL_TRACE_LEVEL_DBG) + #define DEBUG_CYASSL + #else + #undef DEBUG_CYASSL + #endif + + #if (SSL_CFG_OPENSSL_EN == DEF_ENABLED) + #define OPENSSL_EXTRA + #else + #undef OPENSSL_EXTRA + #endif + + #if (SSL_CFG_MULTI_THREAD_EN == DEF_ENABLED) + #undef SINGLE_THREADED + #else + #define SINGLE_THREADED + #endif + + #if (SSL_CFG_DH_EN == DEF_ENABLED) + #undef NO_DH + #else + #define NO_DH + #endif + + #if (SSL_CFG_DSA_EN == DEF_ENABLED) + #undef NO_DSA + #else + #define NO_DSA + #endif + + #if (SSL_CFG_PSK_EN == DEF_ENABLED) + #undef NO_PSK + #else + #define NO_PSK + #endif + + #if (SSL_CFG_3DES_EN == DEF_ENABLED) + #undef NO_DES + #else + #define NO_DES + #endif + + #if (SSL_CFG_AES_EN == DEF_ENABLED) + #undef NO_AES + #else + #define NO_AES + #endif + + #if (SSL_CFG_RC4_EN == DEF_ENABLED) + #undef NO_RC4 + #else + #define NO_RC4 + #endif + + #if (SSL_CFG_RABBIT_EN == DEF_ENABLED) + #undef NO_RABBIT + #else + #define NO_RABBIT + #endif + + #if (SSL_CFG_HC128_EN == DEF_ENABLED) + #undef NO_HC128 + #else + #define NO_HC128 + #endif + + #if (CPU_CFG_ENDIAN_TYPE == CPU_ENDIAN_TYPE_BIG) + #define BIG_ENDIAN_ORDER + #else + #undef BIG_ENDIAN_ORDER + #define LITTLE_ENDIAN_ORDER + #endif + + #if (SSL_CFG_MD4_EN == DEF_ENABLED) + #undef NO_MD4 + #else + #define NO_MD4 + #endif + + #if (SSL_CFG_WRITEV_EN == DEF_ENABLED) + #undef NO_WRITEV + #else + #define NO_WRITEV + #endif + + #if (SSL_CFG_USER_RNG_SEED_EN == DEF_ENABLED) + #define NO_DEV_RANDOM + #else + #undef NO_DEV_RANDOM + #endif + + #if (SSL_CFG_USER_IO_EN == DEF_ENABLED) + #define CYASSL_USER_IO + #else + #undef CYASSL_USER_IO + #endif + + #if (SSL_CFG_DYNAMIC_BUFFERS_EN == DEF_ENABLED) + #undef LARGE_STATIC_BUFFERS + #undef STATIC_CHUNKS_ONLY + #else + #define LARGE_STATIC_BUFFERS + #define STATIC_CHUNKS_ONLY + #endif + + #if (SSL_CFG_DER_LOAD_EN == DEF_ENABLED) + #define CYASSL_DER_LOAD + #else + #undef CYASSL_DER_LOAD + #endif + + #if (SSL_CFG_DTLS_EN == DEF_ENABLED) + #define CYASSL_DTLS + #else + #undef CYASSL_DTLS + #endif + + #if (SSL_CFG_CALLBACKS_EN == DEF_ENABLED) + #define CYASSL_CALLBACKS + #else + #undef CYASSL_CALLBACKS + #endif + + #if (SSL_CFG_FAST_MATH_EN == DEF_ENABLED) + #define USE_FAST_MATH + #else + #undef USE_FAST_MATH + #endif + + #if (SSL_CFG_TFM_TIMING_RESISTANT_EN == DEF_ENABLED) + #define TFM_TIMING_RESISTANT + #else + #undef TFM_TIMING_RESISTANT + #endif + +#endif /* MICRIUM */ + + +#ifdef CYASSL_QL + #ifndef CYASSL_SEP + #define CYASSL_SEP + #endif + #ifndef OPENSSL_EXTRA + #define OPENSSL_EXTRA + #endif + #ifndef SESSION_CERTS + #define SESSION_CERTS + #endif + #ifndef HAVE_AESCCM + #define HAVE_AESCCM + #endif + #ifndef ATOMIC_USER + #define ATOMIC_USER + #endif + #ifndef CYASSL_DER_LOAD + #define CYASSL_DER_LOAD + #endif + #ifndef KEEP_PEER_CERT + #define KEEP_PEER_CERT + #endif + #ifndef HAVE_ECC + #define HAVE_ECC + #endif + #ifndef SESSION_INDEX + #define SESSION_INDEX + #endif +#endif /* CYASSL_QL */ + + +#if !defined(XMALLOC_USER) && !defined(MICRIUM_MALLOC) && \ + !defined(CYASSL_LEANPSK) && !defined(NO_CYASSL_MEMORY) + #define USE_CYASSL_MEMORY +#endif + + +#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) + #undef KEEP_PEER_CERT + #define KEEP_PEER_CERT +#endif + + +/* stream ciphers except arc4 need 32bit alignment, intel ok without */ +#ifndef XSTREAM_ALIGNMENT + #if defined(__x86_64__) || defined(__ia64__) || defined(__i386__) + #define NO_XSTREAM_ALIGNMENT + #else + #define XSTREAM_ALIGNMENT + #endif +#endif + + +/* if using hardware crypto and have alignment requirements, specify the + requirement here. The record header of SSL/TLS will prvent easy alignment. + This hint tries to help as much as possible. */ +#ifndef CYASSL_GENERAL_ALIGNMENT + #ifdef CYASSL_AESNI + #define CYASSL_GENERAL_ALIGNMENT 16 + #elif defined(XSTREAM_ALIGNMENT) + #define CYASSL_GENERAL_ALIGNMENT 4 + #else + #define CYASSL_GENERAL_ALIGNMENT 0 + #endif +#endif + +#ifdef HAVE_CRL + /* not widely supported yet */ + #undef NO_SKID + #define NO_SKID +#endif + +/* Place any other flags or defines here */ + + +#ifdef __cplusplus + } /* extern "C" */ +#endif + + +#endif /* CTAO_CRYPT_SETTINGS_H */ + diff --git a/3P/wolfssl/IDE/MDK5-ARM/Projects/CryptBenchmark/benchmark.c b/3P/wolfssl/IDE/MDK5-ARM/Projects/CryptBenchmark/benchmark.c new file mode 100644 index 00000000..417ae317 --- /dev/null +++ b/3P/wolfssl/IDE/MDK5-ARM/Projects/CryptBenchmark/benchmark.c @@ -0,0 +1,1313 @@ +/* benchmark.c + * + * Copyright (C) 2006-2015 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +/* CTaoCrypt benchmark */ + +#ifdef HAVE_CONFIG_H + #include +#endif + +#include + +#include +#include + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include +#ifdef HAVE_CAVIUM + #include "cavium_sysdep.h" + #include "cavium_common.h" + #include "cavium_ioctl.h" +#endif +#ifdef HAVE_NTRU + #include "ntru_crypto.h" +#endif + +#if defined(CYASSL_MDK_ARM) + extern FILE * CyaSSL_fopen(const char *fname, const char *mode) ; + #define fopen CyaSSL_fopen +#endif + +#if defined(USE_CERT_BUFFERS_1024) || defined(USE_CERT_BUFFERS_2048) + /* include test cert and key buffers for use with NO_FILESYSTEM */ + #if defined(CYASSL_MDK_ARM) + #include "cert_data.h" /* use certs_test.c for initial data, + so other commands can share the data. */ + #else + #include + #endif +#endif + + +#ifdef HAVE_BLAKE2 + #include + void bench_blake2(void); +#endif + +#ifdef _MSC_VER + /* 4996 warning to use MS extensions e.g., strcpy_s instead of strncpy */ + #pragma warning(disable: 4996) +#endif + +void bench_des(void); +void bench_arc4(void); +void bench_hc128(void); +void bench_rabbit(void); +void bench_aes(int); +void bench_aesgcm(void); +void bench_aesccm(void); +void bench_aesctr(void); +void bench_camellia(void); + +void bench_md5(void); +void bench_sha(void); +void bench_sha256(void); +void bench_sha512(void); +void bench_ripemd(void); + +void bench_rsa(void); +void bench_rsaKeyGen(void); +void bench_dh(void); +#ifdef HAVE_ECC +void bench_eccKeyGen(void); +void bench_eccKeyAgree(void); +#endif +#ifdef HAVE_NTRU +void bench_ntruKeyGen(void); +#endif + +double current_time(int); + + +#ifdef HAVE_CAVIUM + +static int OpenNitroxDevice(int dma_mode,int dev_id) +{ + Csp1CoreAssignment core_assign; + Uint32 device; + + if (CspInitialize(CAVIUM_DIRECT,CAVIUM_DEV_ID)) + return -1; + if (Csp1GetDevType(&device)) + return -1; + if (device != NPX_DEVICE) { + if (ioctl(gpkpdev_hdlr[CAVIUM_DEV_ID], IOCTL_CSP1_GET_CORE_ASSIGNMENT, + (Uint32 *)&core_assign)!= 0) + return -1; + } + CspShutdown(CAVIUM_DEV_ID); + + return CspInitialize(dma_mode, dev_id); +} + +#endif + +#if defined(DEBUG_CYASSL) && !defined(HAVE_VALGRIND) + CYASSL_API int CyaSSL_Debugging_ON(); +#endif + +/* so embedded projects can pull in tests on their own */ +#if !defined(NO_MAIN_DRIVER) + +int main(int argc, char** argv) + +{ + (void)argc; + (void)argv; +#else +int benchmark_test(void *args) +{ +#endif + + #if defined(DEBUG_CYASSL) && !defined(HAVE_VALGRIND) + CyaSSL_Debugging_ON(); + #endif + + #ifdef HAVE_CAVIUM + int ret = OpenNitroxDevice(CAVIUM_DIRECT, CAVIUM_DEV_ID); + if (ret != 0) { + printf("Cavium OpenNitroxDevice failed\n"); + exit(-1); + } +#endif /* HAVE_CAVIUM */ +#ifndef NO_AES + bench_aes(0); + bench_aes(1); +#endif +#ifdef HAVE_AESGCM + bench_aesgcm(); +#endif + +#ifdef CYASSL_AES_COUNTER + bench_aesctr(); +#endif + +#ifdef HAVE_AESCCM + bench_aesccm(); +#endif +#ifdef HAVE_CAMELLIA + bench_camellia(); +#endif +#ifndef NO_RC4 + bench_arc4(); +#endif +#ifdef HAVE_HC128 + bench_hc128(); +#endif +#ifndef NO_RABBIT + bench_rabbit(); +#endif +#ifndef NO_DES3 + bench_des(); +#endif + + printf("\n"); + +#ifndef NO_MD5 + bench_md5(); +#endif +#ifndef NO_SHA + bench_sha(); +#endif +#ifndef NO_SHA256 + bench_sha256(); +#endif +#ifdef CYASSL_SHA512 + bench_sha512(); +#endif +#ifdef CYASSL_RIPEMD + bench_ripemd(); +#endif +#ifdef HAVE_BLAKE2 + bench_blake2(); +#endif + + printf("\n"); + +#ifndef NO_RSA + bench_rsa(); +#endif + +#ifndef NO_DH + bench_dh(); +#endif + +#if defined(CYASSL_KEY_GEN) && !defined(NO_RSA) + bench_rsaKeyGen(); +#endif + +#ifdef HAVE_NTRU + bench_ntruKeyGen(); +#endif + +#ifdef HAVE_ECC + bench_eccKeyGen(); + bench_eccKeyAgree(); +#endif + + return 0; +} + + +#ifdef BENCH_EMBEDDED +enum BenchmarkBounds { + numBlocks = 25, /* how many kB to test (en/de)cryption */ + ntimes = 1, + genTimes = 5, /* public key iterations */ + agreeTimes = 5 +}; +static const char blockType[] = "kB"; /* used in printf output */ +#else +enum BenchmarkBounds { + numBlocks = 5, /* how many megs to test (en/de)cryption */ + ntimes = 100, + genTimes = 100, + agreeTimes = 100 +}; +static const char blockType[] = "megs"; /* used in printf output */ +#endif + + +/* use kB instead of mB for embedded benchmarking */ +#ifdef BENCH_EMBEDDED +static byte plain [1024]; +#else +static byte plain [1024*1024]; +#endif + + +#ifndef NO_AES + +static const byte key[] = +{ + 0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef, + 0xfe,0xde,0xba,0x98,0x76,0x54,0x32,0x10, + 0x89,0xab,0xcd,0xef,0x01,0x23,0x45,0x67 +}; + +static const byte iv[] = +{ + 0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef, + 0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01, + 0x11,0x21,0x31,0x41,0x51,0x61,0x71,0x81 + +}; + + +/* use kB instead of mB for embedded benchmarking */ +#ifdef BENCH_EMBEDDED +static byte cipher[1024]; +#else +static byte cipher[1024*1024]; +#endif + + +void bench_aes(int show) +{ + Aes enc; + double start, total, persec; + int i; + int ret; + +#ifdef HAVE_CAVIUM + if (AesInitCavium(&enc, CAVIUM_DEV_ID) != 0) { + printf("aes init cavium failed\n"); + return; + } +#endif + + ret = AesSetKey(&enc, key, 16, iv, AES_ENCRYPTION); + if (ret != 0) { + printf("AesSetKey failed, ret = %d\n", ret); + return; + } + start = current_time(1); + + for(i = 0; i < numBlocks; i++) + AesCbcEncrypt(&enc, plain, cipher, sizeof(plain)); + + total = current_time(0) - start; + + persec = 1 / total * numBlocks; +#ifdef BENCH_EMBEDDED + /* since using kB, convert to MB/s */ + persec = persec / 1024; +#endif + + if (show) + printf("AES %d %s took %5.3f seconds, %7.3f MB/s\n", numBlocks, + blockType, total, persec); +#ifdef HAVE_CAVIUM + AesFreeCavium(&enc); +#endif +} +#endif + + +#if defined(HAVE_AESGCM) || defined(HAVE_AESCCM) + static byte additional[13]; + static byte tag[16]; +#endif + + +#ifdef HAVE_AESGCM +void bench_aesgcm(void) +{ + Aes enc; + double start, total, persec; + int i; + + AesGcmSetKey(&enc, key, 16); + start = current_time(1); + + for(i = 0; i < numBlocks; i++) + AesGcmEncrypt(&enc, cipher, plain, sizeof(plain), iv, 12, + tag, 16, additional, 13); + + total = current_time(0) - start; + + persec = 1 / total * numBlocks; +#ifdef BENCH_EMBEDDED + /* since using kB, convert to MB/s */ + persec = persec / 1024; +#endif + + printf("AES-GCM %d %s took %5.3f seconds, %7.3f MB/s\n", numBlocks, + blockType, total, persec); +} +#endif + +#ifdef CYASSL_AES_COUNTER +void bench_aesctr(void) +{ + Aes enc; + double start, total, persec; + int i; + + AesSetKeyDirect(&enc, key, AES_BLOCK_SIZE, iv, AES_ENCRYPTION); + start = current_time(1); + + for(i = 0; i < numBlocks; i++) + AesCtrEncrypt(&enc, plain, cipher, sizeof(plain)); + + total = current_time(0) - start; + + persec = 1 / total * numBlocks; +#ifdef BENCH_EMBEDDED + /* since using kB, convert to MB/s */ + persec = persec / 1024; +#endif + + printf("AES-CTR %d %s took %5.3f seconds, %7.3f MB/s\n", numBlocks, + blockType, total, persec); +} +#endif + + + +#ifdef HAVE_AESCCM +void bench_aesccm(void) +{ + Aes enc; + double start, total, persec; + int i; + + AesCcmSetKey(&enc, key, 16); + start = current_time(1); + + for(i = 0; i < numBlocks; i++) + AesCcmEncrypt(&enc, cipher, plain, sizeof(plain), iv, 12, + tag, 16, additional, 13); + + total = current_time(0) - start; + + persec = 1 / total * numBlocks; +#ifdef BENCH_EMBEDDED + /* since using kB, convert to MB/s */ + persec = persec / 1024; +#endif + + printf("AES-CCM %d %s took %5.3f seconds, %7.3f MB/s\n", numBlocks, + blockType, total, persec); +} +#endif + + +#ifdef HAVE_CAMELLIA +void bench_camellia(void) +{ + Camellia cam; + double start, total, persec; + int i, ret; + + ret = CamelliaSetKey(&cam, key, 16, iv); + if (ret != 0) { + printf("CamelliaSetKey failed, ret = %d\n", ret); + return; + } + start = current_time(1); + + for(i = 0; i < numBlocks; i++) + CamelliaCbcEncrypt(&cam, plain, cipher, sizeof(plain)); + + total = current_time(0) - start; + + persec = 1 / total * numBlocks; +#ifdef BENCH_EMBEDDED + /* since using kB, convert to MB/s */ + persec = persec / 1024; +#endif + + printf("Camellia %d %s took %5.3f seconds, %7.3f MB/s\n", numBlocks, + blockType, total, persec); +} +#endif + + +#ifndef NO_DES3 +void bench_des(void) +{ + Des3 enc; + double start, total, persec; + int i, ret; + +#ifdef HAVE_CAVIUM + if (Des3_InitCavium(&enc, CAVIUM_DEV_ID) != 0) + printf("des3 init cavium failed\n"); +#endif + ret = Des3_SetKey(&enc, key, iv, DES_ENCRYPTION); + if (ret != 0) { + printf("Des3_SetKey failed, ret = %d\n", ret); + return; + } + start = current_time(1); + + for(i = 0; i < numBlocks; i++) + Des3_CbcEncrypt(&enc, plain, cipher, sizeof(plain)); + + total = current_time(0) - start; + + persec = 1 / total * numBlocks; +#ifdef BENCH_EMBEDDED + /* since using kB, convert to MB/s */ + persec = persec / 1024; +#endif + + printf("3DES %d %s took %5.3f seconds, %7.3f MB/s\n", numBlocks, + blockType, total, persec); +#ifdef HAVE_CAVIUM + Des3_FreeCavium(&enc); +#endif +} +#endif + + +#ifndef NO_RC4 +void bench_arc4(void) +{ + Arc4 enc; + double start, total, persec; + int i; + +#ifdef HAVE_CAVIUM + if (Arc4InitCavium(&enc, CAVIUM_DEV_ID) != 0) + printf("arc4 init cavium failed\n"); +#endif + + Arc4SetKey(&enc, key, 16); + start = current_time(1); + + for(i = 0; i < numBlocks; i++) + Arc4Process(&enc, cipher, plain, sizeof(plain)); + + total = current_time(0) - start; + persec = 1 / total * numBlocks; +#ifdef BENCH_EMBEDDED + /* since using kB, convert to MB/s */ + persec = persec / 1024; +#endif + + printf("ARC4 %d %s took %5.3f seconds, %7.3f MB/s\n", numBlocks, + blockType, total, persec); +#ifdef HAVE_CAVIUM + Arc4FreeCavium(&enc); +#endif +} +#endif + + +#ifdef HAVE_HC128 +void bench_hc128(void) +{ + HC128 enc; + double start, total, persec; + int i; + + Hc128_SetKey(&enc, key, iv); + start = current_time(1); + + for(i = 0; i < numBlocks; i++) + Hc128_Process(&enc, cipher, plain, sizeof(plain)); + + total = current_time(0) - start; + persec = 1 / total * numBlocks; +#ifdef BENCH_EMBEDDED + /* since using kB, convert to MB/s */ + persec = persec / 1024; +#endif + + printf("HC128 %d %s took %5.3f seconds, %7.3f MB/s\n", numBlocks, + blockType, total, persec); +} +#endif /* HAVE_HC128 */ + + +#ifndef NO_RABBIT +void bench_rabbit(void) +{ + Rabbit enc; + double start, total, persec; + int i; + + RabbitSetKey(&enc, key, iv); + start = current_time(1); + + for(i = 0; i < numBlocks; i++) + RabbitProcess(&enc, cipher, plain, sizeof(plain)); + + total = current_time(0) - start; + persec = 1 / total * numBlocks; +#ifdef BENCH_EMBEDDED + /* since using kB, convert to MB/s */ + persec = persec / 1024; +#endif + + printf("RABBIT %d %s took %5.3f seconds, %7.3f MB/s\n", numBlocks, + blockType, total, persec); +} +#endif /* NO_RABBIT */ + + +#ifndef NO_MD5 +void bench_md5(void) +{ + Md5 hash; + byte digest[MD5_DIGEST_SIZE]; + double start, total, persec; + int i; + + InitMd5(&hash); + start = current_time(1); + + for(i = 0; i < numBlocks; i++) + Md5Update(&hash, plain, sizeof(plain)); + + Md5Final(&hash, digest); + + total = current_time(0) - start; + persec = 1 / total * numBlocks; +#ifdef BENCH_EMBEDDED + /* since using kB, convert to MB/s */ + persec = persec / 1024; +#endif + + printf("MD5 %d %s took %5.3f seconds, %7.3f MB/s\n", numBlocks, + blockType, total, persec); +} +#endif /* NO_MD5 */ + + +#ifndef NO_SHA +void bench_sha(void) +{ + Sha hash; + byte digest[SHA_DIGEST_SIZE]; + double start, total, persec; + int i, ret; + + ret = InitSha(&hash); + if (ret != 0) { + printf("InitSha failed, ret = %d\n", ret); + return; + } + start = current_time(1); + + for(i = 0; i < numBlocks; i++) + ShaUpdate(&hash, plain, sizeof(plain)); + + ShaFinal(&hash, digest); + + total = current_time(0) - start; + persec = 1 / total * numBlocks; +#ifdef BENCH_EMBEDDED + /* since using kB, convert to MB/s */ + persec = persec / 1024; +#endif + + printf("SHA %d %s took %5.3f seconds, %7.3f MB/s\n", numBlocks, + blockType, total, persec); +} +#endif /* NO_SHA */ + + +#ifndef NO_SHA256 +void bench_sha256(void) +{ + Sha256 hash; + byte digest[SHA256_DIGEST_SIZE]; + double start, total, persec; + int i, ret; + + ret = InitSha256(&hash); + if (ret != 0) { + printf("InitSha256 failed, ret = %d\n", ret); + return; + } + start = current_time(1); + + for(i = 0; i < numBlocks; i++) { + ret = Sha256Update(&hash, plain, sizeof(plain)); + if (ret != 0) { + printf("Sha256Update failed, ret = %d\n", ret); + return; + } + } + + ret = Sha256Final(&hash, digest); + if (ret != 0) { + printf("Sha256Final failed, ret = %d\n", ret); + return; + } + + total = current_time(0) - start; + persec = 1 / total * numBlocks; +#ifdef BENCH_EMBEDDED + /* since using kB, convert to MB/s */ + persec = persec / 1024; +#endif + + printf("SHA-256 %d %s took %5.3f seconds, %7.3f MB/s\n", numBlocks, + blockType, total, persec); +} +#endif + +#ifdef CYASSL_SHA512 +void bench_sha512(void) +{ + Sha512 hash; + byte digest[SHA512_DIGEST_SIZE]; + double start, total, persec; + int i, ret; + + ret = InitSha512(&hash); + if (ret != 0) { + printf("InitSha512 failed, ret = %d\n", ret); + return; + } + start = current_time(1); + + for(i = 0; i < numBlocks; i++) { + ret = Sha512Update(&hash, plain, sizeof(plain)); + if (ret != 0) { + printf("Sha512Update failed, ret = %d\n", ret); + return; + } + } + + ret = Sha512Final(&hash, digest); + if (ret != 0) { + printf("Sha512Final failed, ret = %d\n", ret); + return; + } + + total = current_time(0) - start; + persec = 1 / total * numBlocks; +#ifdef BENCH_EMBEDDED + /* since using kB, convert to MB/s */ + persec = persec / 1024; +#endif + + printf("SHA-512 %d %s took %5.3f seconds, %7.3f MB/s\n", numBlocks, + blockType, total, persec); +} +#endif + +#ifdef CYASSL_RIPEMD +void bench_ripemd(void) +{ + RipeMd hash; + byte digest[RIPEMD_DIGEST_SIZE]; + double start, total, persec; + int i; + + InitRipeMd(&hash); + start = current_time(1); + + for(i = 0; i < numBlocks; i++) + RipeMdUpdate(&hash, plain, sizeof(plain)); + + RipeMdFinal(&hash, digest); + + total = current_time(0) - start; + persec = 1 / total * numBlocks; +#ifdef BENCH_EMBEDDED + /* since using kB, convert to MB/s */ + persec = persec / 1024; +#endif + + printf("RIPEMD %d %s took %5.3f seconds, %7.3f MB/s\n", numBlocks, + blockType, total, persec); +} +#endif + + +#ifdef HAVE_BLAKE2 +void bench_blake2(void) +{ + Blake2b b2b; + byte digest[64]; + double start, total, persec; + int i, ret; + + ret = InitBlake2b(&b2b, 64); + if (ret != 0) { + printf("InitBlake2b failed, ret = %d\n", ret); + return; + } + start = current_time(1); + + for(i = 0; i < numBlocks; i++) { + ret = Blake2bUpdate(&b2b, plain, sizeof(plain)); + if (ret != 0) { + printf("Blake2bUpdate failed, ret = %d\n", ret); + return; + } + } + + ret = Blake2bFinal(&b2b, digest, 64); + if (ret != 0) { + printf("Blake2bFinal failed, ret = %d\n", ret); + return; + } + + total = current_time(0) - start; + persec = 1 / total * numBlocks; +#ifdef BENCH_EMBEDDED + /* since using kB, convert to MB/s */ + persec = persec / 1024; +#endif + + printf("BLAKE2b %d %s took %5.3f seconds, %7.3f MB/s\n", numBlocks, + blockType, total, persec); +} +#endif + + +#if !defined(NO_RSA) || !defined(NO_DH) \ + || defined(CYASSL_KEYGEN) || defined(HAVE_ECC) +static RNG rng; +#endif + +#ifndef NO_RSA + + +#if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048) + #if defined(CYASSL_MDK_SHELL) + static char *certRSAname = "certs/rsa2048.der"; + /* set by shell command */ + static void set_Bench_RSA_File(char * cert) { certRSAname = cert ; } + #else + static const char *certRSAname = "certs/rsa2048.der"; + #endif +#endif + +void bench_rsa(void) +{ + int i; + int ret; + byte tmp[3072]; + size_t bytes; + word32 idx = 0; + + byte message[] = "Everyone gets Friday off."; + byte enc[512]; /* for up to 4096 bit */ + const int len = (int)strlen((char*)message); + double start, total, each, milliEach; + + RsaKey rsaKey; + int rsaKeySz = 2048; /* used in printf */ + +#ifdef USE_CERT_BUFFERS_1024 + XMEMCPY(tmp, rsa_key_der_1024, sizeof_rsa_key_der_1024); + bytes = sizeof_rsa_key_der_1024; + rsaKeySz = 1024; +#elif defined(USE_CERT_BUFFERS_2048) + XMEMCPY(tmp, rsa_key_der_2048, sizeof_rsa_key_der_2048); + bytes = sizeof_rsa_key_der_2048; +#else + FILE* file = fopen(certRSAname, "rb"); + + if (!file) { + printf("can't find %s, Please run from CyaSSL home dir\n", certRSAname); + return; + } + + bytes = fread(tmp, 1, sizeof(tmp), file); + fclose(file); +#endif /* USE_CERT_BUFFERS */ + + +#ifdef HAVE_CAVIUM + if (RsaInitCavium(&rsaKey, CAVIUM_DEV_ID) != 0) + printf("RSA init cavium failed\n"); +#endif + ret = InitRng(&rng); + if (ret < 0) { + printf("InitRNG failed\n"); + return; + } + ret = InitRsaKey(&rsaKey, 0); + if (ret < 0) { + printf("InitRsaKey failed\n"); + return; + } + ret = RsaPrivateKeyDecode(tmp, &idx, &rsaKey, (word32)bytes); + + start = current_time(1); + + for (i = 0; i < ntimes; i++) + ret = RsaPublicEncrypt(message,len,enc,sizeof(enc), &rsaKey, &rng); + + total = current_time(0) - start; + each = total / ntimes; /* per second */ + milliEach = each * 1000; /* milliseconds */ + + printf("RSA %d encryption took %6.3f milliseconds, avg over %d" + " iterations\n", rsaKeySz, milliEach, ntimes); + + if (ret < 0) { + printf("Rsa Public Encrypt failed\n"); + return; + } + + start = current_time(1); + + for (i = 0; i < ntimes; i++) { + byte out[512]; /* for up to 4096 bit */ + RsaPrivateDecrypt(enc, (word32)ret, out, sizeof(out), &rsaKey); + } + + total = current_time(0) - start; + each = total / ntimes; /* per second */ + milliEach = each * 1000; /* milliseconds */ + + printf("RSA %d decryption took %6.3f milliseconds, avg over %d" + " iterations\n", rsaKeySz, milliEach, ntimes); + + FreeRsaKey(&rsaKey); +#ifdef HAVE_CAVIUM + RsaFreeCavium(&rsaKey); +#endif +} +#endif + + +#ifndef NO_DH + + +#if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048) + #if defined(CYASSL_MDK_SHELL) + static char *certDHname = "certs/dh2048.der"; + /* set by shell command */ + void set_Bench_DH_File(char * cert) { certDHname = cert ; } + #else + static const char *certDHname = "certs/dh2048.der"; + #endif +#endif + +void bench_dh(void) +{ +#if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048) + int ret; +#endif + int i ; + byte tmp[1024]; + size_t bytes; + word32 idx = 0, pubSz, privSz = 0, pubSz2, privSz2, agreeSz; + + byte pub[256]; /* for 2048 bit */ + byte priv[256]; /* for 2048 bit */ + byte pub2[256]; /* for 2048 bit */ + byte priv2[256]; /* for 2048 bit */ + byte agree[256]; /* for 2048 bit */ + + double start, total, each, milliEach; + DhKey dhKey; + int dhKeySz = 2048; /* used in printf */ + + +#ifdef USE_CERT_BUFFERS_1024 + XMEMCPY(tmp, dh_key_der_1024, sizeof_dh_key_der_1024); + bytes = sizeof_dh_key_der_1024; + dhKeySz = 1024; +#elif defined(USE_CERT_BUFFERS_2048) + XMEMCPY(tmp, dh_key_der_2048, sizeof_dh_key_der_2048); + bytes = sizeof_dh_key_der_2048; +#else + FILE* file = fopen(certDHname, "rb"); + + if (!file) { + printf("can't find %s, Please run from CyaSSL home dir\n", certDHname); + return; + } + + ret = InitRng(&rng); + if (ret < 0) { + printf("InitRNG failed\n"); + return; + } + bytes = fread(tmp, 1, sizeof(tmp), file); +#endif /* USE_CERT_BUFFERS */ + + + InitDhKey(&dhKey); + bytes = DhKeyDecode(tmp, &idx, &dhKey, (word32)bytes); + if (bytes != 0) { + printf("dhekydecode failed, can't benchmark\n"); + #if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048) + fclose(file); + #endif + return; + } + + start = current_time(1); + + for (i = 0; i < ntimes; i++) + DhGenerateKeyPair(&dhKey, &rng, priv, &privSz, pub, &pubSz); + + total = current_time(0) - start; + each = total / ntimes; /* per second */ + milliEach = each * 1000; /* milliseconds */ + + printf("DH %d key generation %6.3f milliseconds, avg over %d" + " iterations\n", dhKeySz, milliEach, ntimes); + + DhGenerateKeyPair(&dhKey, &rng, priv2, &privSz2, pub2, &pubSz2); + start = current_time(1); + + for (i = 0; i < ntimes; i++) + DhAgree(&dhKey, agree, &agreeSz, priv, privSz, pub2, pubSz2); + + total = current_time(0) - start; + each = total / ntimes; /* per second */ + milliEach = each * 1000; /* milliseconds */ + + printf("DH %d key agreement %6.3f milliseconds, avg over %d" + " iterations\n", dhKeySz, milliEach, ntimes); + +#if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048) + fclose(file); +#endif + FreeDhKey(&dhKey); +} +#endif + +#if defined(CYASSL_KEY_GEN) && !defined(NO_RSA) +void bench_rsaKeyGen(void) +{ + RsaKey genKey; + double start, total, each, milliEach; + int i; + + /* 1024 bit */ + start = current_time(1); + + for(i = 0; i < genTimes; i++) { + InitRsaKey(&genKey, 0); + MakeRsaKey(&genKey, 1024, 65537, &rng); + FreeRsaKey(&genKey); + } + + total = current_time(0) - start; + each = total / genTimes; /* per second */ + milliEach = each * 1000; /* millisconds */ + printf("\n"); + printf("RSA 1024 key generation %6.3f milliseconds, avg over %d" + " iterations\n", milliEach, genTimes); + + /* 2048 bit */ + start = current_time(1); + + for(i = 0; i < genTimes; i++) { + InitRsaKey(&genKey, 0); + MakeRsaKey(&genKey, 2048, 65537, &rng); + FreeRsaKey(&genKey); + } + + total = current_time(0) - start; + each = total / genTimes; /* per second */ + milliEach = each * 1000; /* millisconds */ + printf("RSA 2048 key generation %6.3f milliseconds, avg over %d" + " iterations\n", milliEach, genTimes); +} +#endif /* CYASSL_KEY_GEN */ +#ifdef HAVE_NTRU +byte GetEntropy(ENTROPY_CMD cmd, byte* out); + +byte GetEntropy(ENTROPY_CMD cmd, byte* out) +{ + if (cmd == INIT) + return (InitRng(&rng) == 0) ? 1 : 0; + + if (out == NULL) + return 0; + + if (cmd == GET_BYTE_OF_ENTROPY) + return (RNG_GenerateBlock(&rng, out, 1) == 0) ? 1 : 0; + + if (cmd == GET_NUM_BYTES_PER_BYTE_OF_ENTROPY) { + *out = 1; + return 1; + } + + return 0; +} +void bench_ntruKeyGen(void) +{ + double start, total, each, milliEach; + int i; + + byte public_key[557]; /* 2048 key equivalent to rsa */ + word16 public_key_len = sizeof(public_key); + byte private_key[607]; + word16 private_key_len = sizeof(private_key); + + DRBG_HANDLE drbg; + static uint8_t const pers_str[] = { + 'C', 'y', 'a', 'S', 'S', 'L', ' ', 't', 'e', 's', 't' + }; + + word32 rc = ntru_crypto_drbg_instantiate(112, pers_str, sizeof(pers_str), + GetEntropy, &drbg); + if(rc != DRBG_OK) { + printf("NTRU drbg instantiate failed\n"); + return; + } + + start = current_time(1); + + for(i = 0; i < genTimes; i++) { + ntru_crypto_ntru_encrypt_keygen(drbg, NTRU_EES401EP2, &public_key_len, + public_key, &private_key_len, private_key); + } + + total = current_time(0) - start; + + rc = ntru_crypto_drbg_uninstantiate(drbg); + + if (rc != NTRU_OK) { + printf("NTRU drbg uninstantiate failed\n"); + return; + } + + each = total / genTimes; + milliEach = each * 1000; + + printf("\n"); + printf("NTRU 112 key generation %6.3f milliseconds, avg over %d" + " iterations\n", milliEach, genTimes); + +} +#endif + +#ifdef HAVE_ECC +void bench_eccKeyGen(void) +{ + ecc_key genKey; + double start, total, each, milliEach; + int i, ret; + + ret = InitRng(&rng); + if (ret < 0) { + printf("InitRNG failed\n"); + return; + } + /* 256 bit */ + start = current_time(1); + + for(i = 0; i < genTimes; i++) { + ecc_make_key(&rng, 32, &genKey); + ecc_free(&genKey); + } + + total = current_time(0) - start; + each = total / genTimes; /* per second */ + milliEach = each * 1000; /* millisconds */ + printf("\n"); + printf("ECC 256 key generation %6.3f milliseconds, avg over %d" + " iterations\n", milliEach, genTimes); +} + + +void bench_eccKeyAgree(void) +{ + ecc_key genKey, genKey2; + double start, total, each, milliEach; + int i, ret; + byte shared[1024]; + byte sig[1024]; + byte digest[32]; + word32 x = 0; + + ecc_init(&genKey); + ecc_init(&genKey2); + + ret = InitRng(&rng); + if (ret < 0) { + printf("InitRNG failed\n"); + return; + } + + ret = ecc_make_key(&rng, 32, &genKey); + if (ret != 0) { + printf("ecc_make_key failed\n"); + return; + } + ret = ecc_make_key(&rng, 32, &genKey2); + if (ret != 0) { + printf("ecc_make_key failed\n"); + return; + } + + /* 256 bit */ + start = current_time(1); + + for(i = 0; i < agreeTimes; i++) { + x = sizeof(shared); + ret = ecc_shared_secret(&genKey, &genKey2, shared, &x); + if (ret != 0) { + printf("ecc_shared_secret failed\n"); + return; + } + } + + total = current_time(0) - start; + each = total / agreeTimes; /* per second */ + milliEach = each * 1000; /* millisconds */ + printf("EC-DHE key agreement %6.3f milliseconds, avg over %d" + " iterations\n", milliEach, agreeTimes); + + /* make dummy digest */ + for (i = 0; i < (int)sizeof(digest); i++) + digest[i] = (byte)i; + + + start = current_time(1); + + for(i = 0; i < agreeTimes; i++) { + x = sizeof(sig); + ret = ecc_sign_hash(digest, sizeof(digest), sig, &x, &rng, &genKey); + if (ret != 0) { + printf("ecc_sign_hash failed\n"); + return; + } + } + + total = current_time(0) - start; + each = total / agreeTimes; /* per second */ + milliEach = each * 1000; /* millisconds */ + printf("EC-DSA sign time %6.3f milliseconds, avg over %d" + " iterations\n", milliEach, agreeTimes); + + start = current_time(1); + + for(i = 0; i < agreeTimes; i++) { + int verify = 0; + ret = ecc_verify_hash(sig, x, digest, sizeof(digest), &verify, &genKey); + if (ret != 0) { + printf("ecc_verify_hash failed\n"); + return; + } + } + + total = current_time(0) - start; + each = total / agreeTimes; /* per second */ + milliEach = each * 1000; /* millisconds */ + printf("EC-DSA verify time %6.3f milliseconds, avg over %d" + " iterations\n", milliEach, agreeTimes); + + ecc_free(&genKey2); + ecc_free(&genKey); +} +#endif /* HAVE_ECC */ + +#ifdef _WIN32 + + #define WIN32_LEAN_AND_MEAN + #include + + double current_time(int reset) + { + static int init = 0; + static LARGE_INTEGER freq; + + LARGE_INTEGER count; + + (void)reset; + + if (!init) { + QueryPerformanceFrequency(&freq); + init = 1; + } + + QueryPerformanceCounter(&count); + + return (double)count.QuadPart / freq.QuadPart; + } + +#elif defined MICROCHIP_PIC32 + #if defined(CYASSL_MICROCHIP_PIC32MZ) + #define CLOCK 80000000.0 + #else + #include + #define CLOCK 40000000.0 + #endif + + double current_time(int reset) + { + unsigned int ns; + + if (reset) { + WriteCoreTimer(0); + } + + /* get timer in ns */ + ns = ReadCoreTimer(); + + /* return seconds as a double */ + return ( ns / CLOCK * 2.0); + } + +#elif defined(CYASSL_IAR_ARM) || defined (CYASSL_MDK_ARM) + +#elif defined FREERTOS + + double current_time(int reset) + { + (void) reset; + + portTickType tickCount; + + /* tick count == ms, if configTICK_RATE_HZ is set to 1000 */ + tickCount = xTaskGetTickCount(); + return (double)tickCount / 1000; + } + +#else + + #include + + double current_time(int reset) + { + struct timeval tv; + + (void)reset; + + gettimeofday(&tv, 0); + + return (double)tv.tv_sec + (double)tv.tv_usec / 1000000; + } + +#endif /* _WIN32 */ diff --git a/3P/wolfssl/IDE/MDK5-ARM/Projects/CryptBenchmark/main.c b/3P/wolfssl/IDE/MDK5-ARM/Projects/CryptBenchmark/main.c new file mode 100644 index 00000000..a120dfe3 --- /dev/null +++ b/3P/wolfssl/IDE/MDK5-ARM/Projects/CryptBenchmark/main.c @@ -0,0 +1,71 @@ +/* main.c + * + * Copyright (C) 2006-2015 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +#ifdef HAVE_CONFIG_H + #include +#endif + +#include +#include + +#include "cmsis_os.h" +#include "rl_fs.h" + +#include + +/*----------------------------------------------------------------------------- + * Initialize a Flash Memory Card + *----------------------------------------------------------------------------*/ +static void init_filesystem (void) { + int32_t retv; + + retv = finit ("M0:"); + if (retv == 0) { + retv = fmount ("M0:"); + if (retv == 0) { + printf ("Drive M0 ready!\n"); + } + else { + printf ("Drive M0 mount failed!\n"); + } + } + else { + printf ("Drive M0 initialization failed!\n"); + } +} +extern void benchmark_test(void * arg) ; +extern void init_time(void) ; + +/*----------------------------------------------------------------------------- + * mian entry + *----------------------------------------------------------------------------*/ + +int main() +{ + void * arg = NULL ; + + init_filesystem (); + + printf("=== Start: Crypt Benchmark ===\n") ; + benchmark_test(arg) ; + printf("=== End: Crypt Benchmark ===\n") ; + +} diff --git a/3P/wolfssl/IDE/MDK5-ARM/Projects/CryptBenchmark/time-CortexM3-4.c b/3P/wolfssl/IDE/MDK5-ARM/Projects/CryptBenchmark/time-CortexM3-4.c new file mode 100644 index 00000000..ca504613 --- /dev/null +++ b/3P/wolfssl/IDE/MDK5-ARM/Projects/CryptBenchmark/time-CortexM3-4.c @@ -0,0 +1,41 @@ +/* time-STM32F2.c + * + * Copyright (C) 2006-2015 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +#ifdef HAVE_CONFIG_H + #include +#endif + + +#include +#define DWT ((DWT_Type *) (0xE0001000UL) ) +typedef struct +{ + uint32_t CTRL; /*!< Offset: 0x000 (R/W) Control Register */ + uint32_t CYCCNT; /*!< Offset: 0x004 (R/W) Cycle Count Register */ +} DWT_Type; + +extern uint32_t SystemCoreClock ; + +double current_time(int reset) +{ + if(reset) DWT->CYCCNT = 0 ; + return ((double)DWT->CYCCNT/SystemCoreClock) ; +} diff --git a/3P/wolfssl/IDE/MDK5-ARM/Projects/CryptBenchmark/time-dummy.c b/3P/wolfssl/IDE/MDK5-ARM/Projects/CryptBenchmark/time-dummy.c new file mode 100644 index 00000000..8f98da46 --- /dev/null +++ b/3P/wolfssl/IDE/MDK5-ARM/Projects/CryptBenchmark/time-dummy.c @@ -0,0 +1,34 @@ +/* time-dummy.c.c + * + * Copyright (C) 2006-2015 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + */ + +#ifdef HAVE_CONFIG_H + #include +#endif + +#include "time.h" + +struct tm *Cyassl_MDK_gmtime(const time_t *c) +{ + static struct tm date ; + return(&date) ; +} + +time_t time(time_t * t) { return 0 ; } diff --git a/3P/wolfssl/IDE/MDK5-ARM/Projects/CryptTest/Abstract.txt b/3P/wolfssl/IDE/MDK5-ARM/Projects/CryptTest/Abstract.txt new file mode 100644 index 00000000..886be85b --- /dev/null +++ b/3P/wolfssl/IDE/MDK5-ARM/Projects/CryptTest/Abstract.txt @@ -0,0 +1,16 @@ +This program is a simple test suite of wolfCrypt library. + +In order to run this test suite, copy +{PACK}\wolfSSL\CyaSSL\{version}\cyassl\certs folder and files to the SD memory. + +For selecting test crypt algorism options, refer config-Crypt.h. + +For the hardware crypt on config-Crypt.h, download +STSW-STM32062: STM32F2xx standard peripherals library at +http://www.st.com/. Copy Libraries\STM32F2xx_StdPeriph_Driver\{inc,src} to + {PACK}\cyassl\IDE\MDK5-ARM\STM32F2xx_StdPeriph_Lib + + + Support +------- +Please send questions or comments to support@wolfssl.com diff --git a/3P/wolfssl/IDE/MDK5-ARM/Projects/CryptTest/CryptTest.uvoptx b/3P/wolfssl/IDE/MDK5-ARM/Projects/CryptTest/CryptTest.uvoptx new file mode 100644 index 00000000..d308da43 --- /dev/null +++ b/3P/wolfssl/IDE/MDK5-ARM/Projects/CryptTest/CryptTest.uvoptx @@ -0,0 +1,987 @@ + + + + 1.0 + +
### uVision Project, (C) Keil Software
+ + + *.c + *.s*; *.src; *.a* + *.obj + *.lib + *.txt; *.h; *.inc + *.plm + *.cpp + + + + 0 + 0 + + + + CryptTest + 0x4 + ARM-ADS + + 120000000 + + 1 + 1 + 0 + 1 + + + 1 + 65535 + 0 + 0 + 0 + + + 79 + 66 + 8 + .\Object\ + + + 1 + 1 + 1 + 0 + 1 + 1 + 0 + 1 + 0 + 0 + 0 + 0 + + + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 0 + + + 1 + 0 + 1 + + 255 + + + 0 + Schematics (MCBSTM32F200) + C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\Documents\mcbstm32f200-schematics.pdf + + + 1 + User Manual (MCBSTM32F200) + C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\Documents\mcbstm32f200.chm + + + 2 + MCBSTM32F200 Evaluation Board Web Page (MCBSTM32F200) + http://www.keil.com/mcbstm32f200/ + + + + 0 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 1 + 1 + 1 + 1 + 1 + 0 + 0 + 8 + + + + + + + + + + .\STM32_SWO.ini + BIN\ULP2CM3.DLL + + + + 0 + DLGUARM + + + + 0 + DLGTARM + (1010=-1,-1,-1,-1,0)(1007=-1,-1,-1,-1,0)(1008=-1,-1,-1,-1,0)(1009=-1,-1,-1,-1,0)(1012=-1,-1,-1,-1,0) + + + 0 + ARMDBGFLAGS + + + + 0 + ULP2CM3 + -UP1135060 -O206 -S8 -C0 -P00 -N00("ARM CoreSight SW-DP") -D00(2BA01477) -L00(0) -TO3 -TC10000000 -TP18 -TDX0 -TDD0 -TDS8000 -TDT0 -TDC1F -TIE1 -TIP1 -FO7 -FD20000000 -FC1000 -FN1 -FF0STM32F2xx_1024.flm -FS08000000 -FL0100000 -FP0($$Device:STM32F207IG$Flash\STM32F2xx_1024.flm) + + + 0 + UL2CM3 + UL2CM3(-S0 -C0 -P0 -FD20000000 -FC1000 -FN1 -FF0STM32F2xx_1024 -FS08000000 -FL0100000 -FP0($$Device:STM32F207IG$Flash\STM32F2xx_1024.flm)) + + + + + + 1 + 8 + 0x20000408 + + + + + 2 + 8 + 0x8004dc8 + + + + 0 + + + 0 + 0 + 1 + 0 + 0 + 0 + 0 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 1 + 0 + 0 + 0 + 0 + + + + + + + + Source + 1 + 0 + 0 + 0 + + 1 + 1 + 1 + 0 + 0 + 0 + 0 + .\main.c + main.c + 0 + 0 + + + 1 + 2 + 1 + 0 + 0 + 0 + 0 + .\test.c + test.c + 0 + 0 + + + 1 + 3 + 1 + 0 + 0 + 0 + 0 + .\cert_data.c + cert_data.c + 0 + 0 + + + 1 + 4 + 1 + 0 + 0 + 0 + 0 + .\time-dummy.c + time-dummy.c + 0 + 0 + + + + + Configuration + 1 + 0 + 0 + 0 + + 2 + 5 + 5 + 0 + 0 + 0 + 0 + .\RTE\wolfSSL\config-Crypt.h + config-Crypt.h + 0 + 0 + + + 2 + 6 + 5 + 0 + 0 + 0 + 0 + .\RTE\wolfSSL\settings.h + settings.h + 0 + 0 + + + + + Documentation + 0 + 0 + 0 + 0 + + 3 + 7 + 5 + 0 + 0 + 0 + 0 + .\Abstract.txt + Abstract.txt + 0 + 0 + + + + + ::CMSIS + 1 + 0 + 0 + 1 + + 4 + 8 + 1 + 0 + 0 + 0 + 0 + RTE\CMSIS\RTX_Conf_CM.c + RTX_Conf_CM.c + 1 + 0 + + + 4 + 9 + 4 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.4\CMSIS_RTX\Lib\ARM\RTX_CM3.lib + RTX_CM3.lib + 1 + 0 + + + + + ::Device + 1 + 0 + 0 + 1 + + 5 + 10 + 5 + 0 + 0 + 0 + 0 + RTE\Device\STM32F207IG\RTE_Device.h + RTE_Device.h + 1 + 0 + + + 5 + 11 + 2 + 0 + 0 + 0 + 0 + RTE\Device\STM32F207IG\startup_stm32f2xx.s + startup_stm32f2xx.s + 1 + 0 + + + 5 + 12 + 1 + 0 + 0 + 0 + 0 + RTE\Device\STM32F207IG\system_stm32f2xx.c + system_stm32f2xx.c + 1 + 0 + + + 5 + 13 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\DMA_STM32F2xx.c + DMA_STM32F2xx.c + 1 + 0 + + + 5 + 14 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\GPIO_STM32F2xx.c + GPIO_STM32F2xx.c + 1 + 0 + + + + + ::Drivers + 1 + 0 + 0 + 1 + + 6 + 15 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\MCI_STM32F2xx.c + MCI_STM32F2xx.c + 1 + 0 + + + + + ::File System + 1 + 0 + 0 + 1 + + 7 + 16 + 1 + 0 + 0 + 0 + 0 + RTE\File_System\FS_Config.c + FS_Config.c + 1 + 0 + + + 7 + 17 + 5 + 0 + 0 + 0 + 0 + RTE\File_System\FS_Config_MC_0.h + FS_Config_MC_0.h + 1 + 0 + + + 7 + 18 + 4 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.6\FileSystem\Lib\ARM\FS_LFN_CM3_L.lib + FS_LFN_CM3_L.lib + 1 + 0 + + + + + ::wolfSSL + 0 + 0 + 0 + 1 + + 8 + 19 + 5 + 0 + 0 + 0 + 0 + RTE\wolfSSL\config-Crypt.h + config-Crypt.h + 1 + 0 + + + 8 + 20 + 5 + 0 + 0 + 0 + 0 + RTE\wolfSSL\settings.h + settings.h + 1 + 0 + + + 8 + 21 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\IDE\MDK5-ARM\Src\cyassl_MDK_ARM.c + cyassl_MDK_ARM.c + 1 + 0 + + + 8 + 22 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\IDE\MDK5-ARM\Src\ssl-dummy.c + ssl-dummy.c + 1 + 0 + + + 8 + 23 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\aes.c + aes.c + 1 + 0 + + + 8 + 24 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\arc4.c + arc4.c + 1 + 0 + + + 8 + 25 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\asm.c + asm.c + 1 + 0 + + + 8 + 26 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\asn.c + asn.c + 1 + 0 + + + 8 + 27 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\blake2b.c + blake2b.c + 1 + 0 + + + 8 + 28 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\camellia.c + camellia.c + 1 + 0 + + + 8 + 29 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\coding.c + coding.c + 1 + 0 + + + 8 + 30 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\compress.c + compress.c + 1 + 0 + + + 8 + 31 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\des3.c + des3.c + 1 + 0 + + + 8 + 32 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\dh.c + dh.c + 1 + 0 + + + 8 + 33 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\dsa.c + dsa.c + 1 + 0 + + + 8 + 34 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\ecc.c + ecc.c + 1 + 0 + + + 8 + 35 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\ecc_fp.c + ecc_fp.c + 1 + 0 + + + 8 + 36 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\error.c + error.c + 1 + 0 + + + 8 + 37 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\hc128.c + hc128.c + 1 + 0 + + + 8 + 38 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\hmac.c + hmac.c + 1 + 0 + + + 8 + 39 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\integer.c + integer.c + 1 + 0 + + + 8 + 40 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\logging.c + logging.c + 1 + 0 + + + 8 + 41 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\md2.c + md2.c + 1 + 0 + + + 8 + 42 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\md4.c + md4.c + 1 + 0 + + + 8 + 43 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\md5.c + md5.c + 1 + 0 + + + 8 + 44 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\memory.c + memory.c + 1 + 0 + + + 8 + 45 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\misc.c + misc.c + 1 + 0 + + + 8 + 46 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\pwdbased.c + pwdbased.c + 1 + 0 + + + 8 + 47 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\rabbit.c + rabbit.c + 1 + 0 + + + 8 + 48 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\random.c + random.c + 1 + 0 + + + 8 + 49 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\ripemd.c + ripemd.c + 1 + 0 + + + 8 + 50 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\rsa.c + rsa.c + 1 + 0 + + + 8 + 51 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\sha.c + sha.c + 1 + 0 + + + 8 + 52 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\sha256.c + sha256.c + 1 + 0 + + + 8 + 53 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\sha512.c + sha512.c + 1 + 0 + + + 8 + 54 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\tfm.c + tfm.c + 1 + 0 + + + 8 + 55 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\wc_port.c + wc_port.c + 1 + 0 + + + + diff --git a/3P/wolfssl/IDE/MDK5-ARM/Projects/CryptTest/CryptTest.uvprojx b/3P/wolfssl/IDE/MDK5-ARM/Projects/CryptTest/CryptTest.uvprojx new file mode 100644 index 00000000..677c74e3 --- /dev/null +++ b/3P/wolfssl/IDE/MDK5-ARM/Projects/CryptTest/CryptTest.uvprojx @@ -0,0 +1,970 @@ + + + + 2.1 + +
### uVision Project, (C) Keil Software
+ + + + CryptTest + 0x4 + ARM-ADS + + + STM32F207IG + STMicroelectronics + IRAM(0x20000000,0x20000) IROM(0x08000000,0x100000) CPUTYPE("Cortex-M3") CLOCK(120000000) ELITTLE + + + UL2CM3(-S0 -C0 -P0 -FD20000000 -FC1000 -FN1 -FF0STM32F2xx_1024 -FS08000000 -FL0100000 -FP0($$Device:STM32F207IG$Flash\STM32F2xx_1024.flm)) + 0 + $$Device:STM32F207IG$Device\Include\stm32f2xx.h + + + + + + + + + + $$Device:STM32F207IG$SVD\STM32F20x.svd + 0 + 0 + + + + + + + 0 + 0 + 0 + 0 + 1 + + .\Object\ + CryptTest + 1 + 0 + 0 + 1 + 1 + .\Object\ + 1 + 0 + 0 + + 0 + 0 + + + 0 + 0 + 0 + 0 + + + 0 + 0 + + + 0 + 0 + 0 + 0 + + + 0 + 0 + + + 0 + 0 + + 0 + + + + 0 + 0 + 0 + 0 + 0 + 1 + 0 + 0 + 0 + 0 + 3 + + + 1 + + + SARMCM3.DLL + -REMAP -MPU + DCM.DLL + -pCM3 + SARMCM3.DLL + -REMAP -MPU + TCM.DLL + -pCM3 + + + + 1 + 0 + 0 + 0 + 16 + + + 0 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 1 + + + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 1 + 1 + 1 + 1 + + 0 + 8 + + + + + + + + + + + + + .\STM32_SWO.ini + BIN\ULP2CM3.DLL + + + + + 1 + 0 + 0 + 1 + 1 + 4100 + + 1 + BIN\ULP2CM3.DLL + "" () + + + + + 0 + + + + 0 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 1 + 1 + 0 + 1 + 1 + 0 + 0 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 0 + "Cortex-M3" + + 1 + 0 + 0 + 1 + 1 + 0 + 0 + 0 + 0 + 0 + 8 + 0 + 0 + 0 + 3 + 3 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 1 + 0 + 0 + 0 + 0 + 1 + 0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x20000000 + 0x20000 + + + 1 + 0x8000000 + 0x100000 + + + 0 + 0x0 + 0x0 + + + 1 + 0x0 + 0x0 + + + 1 + 0x0 + 0x0 + + + 1 + 0x0 + 0x0 + + + 1 + 0x8000000 + 0x100000 + + + 1 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x20000000 + 0x20000 + + + 0 + 0x0 + 0x0 + + + + + + 1 + 4 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + + + HAVE_CONFIG_H MDK_CONF_CryptTest + + + + + + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + + + + + + + + + 1 + 0 + 0 + 0 + 1 + 0 + 0x08000000 + 0x20000000 + + + + + + + + + + + + + Source + + + main.c + 1 + .\main.c + + + test.c + 1 + .\test.c + + + cert_data.c + 1 + .\cert_data.c + + + time-dummy.c + 1 + .\time-dummy.c + + + + + Configuration + + + config-Crypt.h + 5 + .\RTE\wolfSSL\config-Crypt.h + + + settings.h + 5 + .\RTE\wolfSSL\settings.h + + + + + Documentation + + + Abstract.txt + 5 + .\Abstract.txt + + + + + ::CMSIS + + + RTX_Conf_CM.c + 1 + RTE\CMSIS\RTX_Conf_CM.c + + + RTX_CM3.lib + 4 + C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.4\CMSIS_RTX\Lib\ARM\RTX_CM3.lib + + + + + ::Device + + + RTE_Device.h + 5 + RTE\Device\STM32F207IG\RTE_Device.h + + + startup_stm32f2xx.s + 2 + RTE\Device\STM32F207IG\startup_stm32f2xx.s + + + system_stm32f2xx.c + 1 + RTE\Device\STM32F207IG\system_stm32f2xx.c + + + DMA_STM32F2xx.c + 1 + C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\DMA_STM32F2xx.c + + + GPIO_STM32F2xx.c + 1 + C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\GPIO_STM32F2xx.c + + + + + ::Drivers + + + MCI_STM32F2xx.c + 1 + C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\MCI_STM32F2xx.c + + + + + ::File System + + + FS_Config.c + 1 + RTE\File_System\FS_Config.c + + + FS_Config_MC_0.h + 5 + RTE\File_System\FS_Config_MC_0.h + + + FS_LFN_CM3_L.lib + 4 + C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.6\FileSystem\Lib\ARM\FS_LFN_CM3_L.lib + + + + + ::wolfSSL + + + config-Crypt.h + 5 + RTE\wolfSSL\config-Crypt.h + + + settings.h + 5 + RTE\wolfSSL\settings.h + + + cyassl_MDK_ARM.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\IDE\MDK5-ARM\Src\cyassl_MDK_ARM.c + + + ssl-dummy.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\IDE\MDK5-ARM\Src\ssl-dummy.c + + + aes.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\aes.c + + + arc4.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\arc4.c + + + asm.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\asm.c + + + asn.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\asn.c + + + blake2b.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\blake2b.c + + + camellia.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\camellia.c + + + coding.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\coding.c + + + compress.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\compress.c + + + des3.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\des3.c + + + dh.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\dh.c + + + dsa.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\dsa.c + + + ecc.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\ecc.c + + + ecc_fp.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\ecc_fp.c + + + error.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\error.c + + + hc128.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\hc128.c + + + hmac.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\hmac.c + + + integer.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\integer.c + + + logging.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\logging.c + + + md2.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\md2.c + + + md4.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\md4.c + + + md5.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\md5.c + + + memory.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\memory.c + + + misc.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\misc.c + + + pwdbased.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\pwdbased.c + + + rabbit.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\rabbit.c + + + random.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\random.c + + + ripemd.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\ripemd.c + + + rsa.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\rsa.c + + + sha.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\sha.c + + + sha256.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\sha256.c + + + sha512.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\sha512.c + + + tfm.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\tfm.c + + + wc_port.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\wc_port.c + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + RTE\CMSIS\RTX_Conf_CM.c + + + + + + + + RTE\Device\STM32F207IG\RTE_Device.h + + + + + + + + RTE\Device\STM32F207IG\startup_stm32f2xx.s + + + + + + + + RTE\Device\STM32F207IG\system_stm32f2xx.c + + + + + + + + RTE\File_System\FS_Config.c + + + + + + + + RTE\File_System\FS_Config_MC_0.h + + + + + + + + RTE\Network\Net_Config.c + + + + + + RTE\Network\Net_Config_BSD.h + + + + + + RTE\Network\Net_Config_DNS_Client.h + + + + + + RTE\Network\Net_Config_ETH_0.h + + + + + + RTE\Network\Net_Config_TCP.h + + + + + + RTE\Network\Net_Config_UDP.h + + + + + + RTE\Network\Net_Debug.c + + + + + + RTE\Other\config-Crypt.h + + + + + + RTE\Other\config-FS.h + + + + + + RTE\Other\config-RTX-TCP-FS.h + + + + + + RTE\Other\config.h + + + + + + RTE\wolfSSL\config-Crypt.h + + + + + + + + RTE\wolfSSL\config.h + + + + + + RTE\wolfSSL\settings.h + + + + + + + + + + diff --git a/3P/wolfssl/IDE/MDK5-ARM/Projects/CryptTest/RTE/wolfSSL/settings.h b/3P/wolfssl/IDE/MDK5-ARM/Projects/CryptTest/RTE/wolfSSL/settings.h new file mode 100644 index 00000000..86a57a0d --- /dev/null +++ b/3P/wolfssl/IDE/MDK5-ARM/Projects/CryptTest/RTE/wolfSSL/settings.h @@ -0,0 +1,667 @@ +/* settings.h + * + * Copyright (C) 2006-2015 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + */ + +/* Place OS specific preprocessor flags, defines, includes here, will be + included into every file because types.h includes it */ + + +#ifndef CTAO_CRYPT_SETTINGS_H +#define CTAO_CRYPT_SETTINGS_H + +#ifdef __cplusplus + extern "C" { +#endif + +/* Uncomment next line if using IPHONE */ +/* #define IPHONE */ + +/* Uncomment next line if using ThreadX */ +/* #define THREADX */ + +/* Uncomment next line if using Micrium ucOS */ +/* #define MICRIUM */ + +/* Uncomment next line if using Mbed */ +/* #define MBED */ + +/* Uncomment next line if using Microchip PIC32 ethernet starter kit */ +/* #define MICROCHIP_PIC32 */ + +/* Uncomment next line if using Microchip TCP/IP stack, version 5 */ +/* #define MICROCHIP_TCPIP_V5 */ + +/* Uncomment next line if using Microchip TCP/IP stack, version 6 or later */ +/* #define MICROCHIP_TCPIP */ + +/* Uncomment next line if using PIC32MZ Crypto Engine */ +/* #define CYASSL_MICROCHIP_PIC32MZ */ + +/* Uncomment next line if using FreeRTOS */ +/* #define FREERTOS */ + +/* Uncomment next line if using FreeRTOS Windows Simulator */ +/* #define FREERTOS_WINSIM */ + +/* Uncomment next line if using RTIP */ +/* #define EBSNET */ + +/* Uncomment next line if using lwip */ +/* #define CYASSL_LWIP */ + +/* Uncomment next line if building CyaSSL for a game console */ +/* #define CYASSL_GAME_BUILD */ + +/* Uncomment next line if building CyaSSL for LSR */ +/* #define CYASSL_LSR */ + +/* Uncomment next line if building CyaSSL for Freescale MQX/RTCS/MFS */ +/* #define FREESCALE_MQX */ + +/* Uncomment next line if using STM32F2 */ +/* #define CYASSL_STM32F2 */ + +/* Uncomment next line if using Comverge settings */ +/* #define COMVERGE */ + +/* Uncomment next line if using QL SEP settings */ +/* #define CYASSL_QL */ + +/* Uncomment next line if using LwIP native TCP socket settings */ +/* #define HAVE_LWIP_NATIVE */ + +/* Uncomment next line if building for EROAD */ +/* #define CYASSL_EROAD */ + +#include + +#ifdef IPHONE + #define SIZEOF_LONG_LONG 8 +#endif + + +#ifdef CYASSL_USER_SETTINGS + #include +#endif + + +#ifdef COMVERGE + #define THREADX + #define HAVE_NETX + #define CYASSL_USER_IO + #define NO_WRITEV + #define NO_DEV_RANDOM + #define NO_FILESYSTEM + #define NO_SHA512 + #define NO_DH + #define NO_DSA + #define NO_HC128 + #define NO_RSA + #define NO_SESSION_CACHE + #define HAVE_ECC +#endif + + +#ifdef THREADX + #define SIZEOF_LONG_LONG 8 +#endif + +#ifdef HAVE_NETX + #include "nx_api.h" +#endif + +#if defined(HAVE_LWIP_NATIVE) /* using LwIP native TCP socket */ + #define CYASSL_LWIP + #define NO_WRITEV + #define SINGLE_THREADED + #define CYASSL_USER_IO + #define NO_FILESYSTEM +#endif + +#ifdef MICROCHIP_PIC32 + /* #define CYASSL_MICROCHIP_PIC32MZ */ + #define SIZEOF_LONG_LONG 8 + #define SINGLE_THREADED + #define CYASSL_USER_IO + #define NO_WRITEV + #define NO_DEV_RANDOM + #define NO_FILESYSTEM + #define USE_FAST_MATH + #define TFM_TIMING_RESISTANT +#endif + +#ifdef CYASSL_MICROCHIP_PIC32MZ + #define CYASSL_PIC32MZ_CE + #define CYASSL_PIC32MZ_CRYPT + #define HAVE_AES_ENGINE + #define CYASSL_PIC32MZ_RNG + /* #define CYASSL_PIC32MZ_HASH */ + #define CYASSL_AES_COUNTER + #define HAVE_AESGCM + #define NO_BIG_INT + +#endif + +#ifdef MICROCHIP_TCPIP_V5 + /* include timer functions */ + #include "TCPIP Stack/TCPIP.h" +#endif + +#ifdef MICROCHIP_TCPIP + /* include timer, NTP functions */ + #ifdef MICROCHIP_MPLAB_HARMONY + #include "tcpip/tcpip.h" + #else + #include "system/system_services.h" + #include "tcpip/sntp.h" + #endif +#endif + +#ifdef MBED + #define CYASSL_USER_IO + #define NO_FILESYSTEM + #define NO_CERT + #define USE_CERT_BUFFERS_1024 + #define NO_WRITEV + #define NO_DEV_RANDOM + #define NO_SHA512 + #define NO_DH + #define NO_DSA + #define NO_HC128 + #define HAVE_ECC + #define NO_SESSION_CACHE + #define CYASSL_CMSIS_RTOS +#endif + + +#ifdef CYASSL_EROAD + #define FREESCALE_MQX + #define FREESCALE_MMCAU + #define SINGLE_THREADED + #define NO_STDIO_FILESYSTEM + #define CYASSL_LEANPSK + #define HAVE_NULL_CIPHER + #define NO_OLD_TLS + #define NO_ASN + #define NO_BIG_INT + #define NO_RSA + #define NO_DSA + #define NO_DH + #define NO_CERTS + #define NO_PWDBASED + #define NO_DES3 + #define NO_MD4 + #define NO_RC4 + #define NO_MD5 + #define NO_SESSION_CACHE + #define NO_MAIN_DRIVER +#endif + +#ifdef FREERTOS_WINSIM + #define FREERTOS + #define USE_WINDOWS_API +#endif + + +/* Micrium will use Visual Studio for compilation but not the Win32 API */ +#if defined(_WIN32) && !defined(MICRIUM) && !defined(FREERTOS) \ + && !defined(EBSNET) && !defined(CYASSL_EROAD) + #define USE_WINDOWS_API +#endif + + +#if defined(CYASSL_LEANPSK) && !defined(XMALLOC_USER) + #include + #define XMALLOC(s, h, type) malloc((s)) + #define XFREE(p, h, type) free((p)) + #define XREALLOC(p, n, h, t) realloc((p), (n)) +#endif + +#if defined(XMALLOC_USER) && defined(SSN_BUILDING_LIBYASSL) + #undef XMALLOC + #define XMALLOC yaXMALLOC + #undef XFREE + #define XFREE yaXFREE + #undef XREALLOC + #define XREALLOC yaXREALLOC +#endif + + +#ifdef FREERTOS + #ifndef NO_WRITEV + #define NO_WRITEV + #endif + #ifndef NO_SHA512 + #define NO_SHA512 + #endif + #ifndef NO_DH + #define NO_DH + #endif + #ifndef NO_DSA + #define NO_DSA + #endif + #ifndef NO_HC128 + #define NO_HC128 + #endif + + #ifndef SINGLE_THREADED + #include "FreeRTOS.h" + #include "semphr.h" + #endif +#endif + +#ifdef EBSNET + #include "rtip.h" + + /* #define DEBUG_CYASSL */ + #define NO_CYASSL_DIR /* tbd */ + + #if (POLLOS) + #define SINGLE_THREADED + #endif + + #if (RTPLATFORM) + #if (!RTP_LITTLE_ENDIAN) + #define BIG_ENDIAN_ORDER + #endif + #else + #if (!KS_LITTLE_ENDIAN) + #define BIG_ENDIAN_ORDER + #endif + #endif + + #if (WINMSP3) + #undef SIZEOF_LONG + #define SIZEOF_LONG_LONG 8 + #else + #sslpro: settings.h - please implement SIZEOF_LONG and SIZEOF_LONG_LONG + #endif + + #define XMALLOC(s, h, type) ((void *)rtp_malloc((s), SSL_PRO_MALLOC)) + #define XFREE(p, h, type) (rtp_free(p)) + #define XREALLOC(p, n, h, t) realloc((p), (n)) + +#endif /* EBSNET */ + +#ifdef CYASSL_GAME_BUILD + #define SIZEOF_LONG_LONG 8 + #if defined(__PPU) || defined(__XENON) + #define BIG_ENDIAN_ORDER + #endif +#endif + +#ifdef CYASSL_LSR + #define HAVE_WEBSERVER + #define SIZEOF_LONG_LONG 8 + #define CYASSL_LOW_MEMORY + #define NO_WRITEV + #define NO_SHA512 + #define NO_DH + #define NO_DSA + #define NO_HC128 + #define NO_DEV_RANDOM + #define NO_CYASSL_DIR + #define NO_RABBIT + #ifndef NO_FILESYSTEM + #define LSR_FS + #include "inc/hw_types.h" + #include "fs.h" + #endif + #define CYASSL_LWIP + #include /* for tcp errno */ + #define CYASSL_SAFERTOS + #if defined(__IAR_SYSTEMS_ICC__) + /* enum uses enum */ + #pragma diag_suppress=Pa089 + #endif +#endif + +#ifdef CYASSL_SAFERTOS + #ifndef SINGLE_THREADED + #include "SafeRTOS/semphr.h" + #endif + + #include "SafeRTOS/heap.h" + #define XMALLOC(s, h, type) pvPortMalloc((s)) + #define XFREE(p, h, type) vPortFree((p)) + #define XREALLOC(p, n, h, t) pvPortRealloc((p), (n)) +#endif + +#ifdef CYASSL_LOW_MEMORY + #undef RSA_LOW_MEM + #define RSA_LOW_MEM + #undef CYASSL_SMALL_STACK + #define CYASSL_SMALL_STACK + #undef TFM_TIMING_RESISTANT + #define TFM_TIMING_RESISTANT +#endif + +#ifdef FREESCALE_MQX + #define SIZEOF_LONG_LONG 8 + #define NO_WRITEV + #define NO_DEV_RANDOM + #define NO_RABBIT + #define NO_CYASSL_DIR + #define USE_FAST_MATH + #define TFM_TIMING_RESISTANT + #define FREESCALE_K70_RNGA + /* #define FREESCALE_K53_RNGB */ + #include "mqx.h" + #ifndef NO_FILESYSTEM + #include "mfs.h" + #include "fio.h" + #endif + #ifndef SINGLE_THREADED + #include "mutex.h" + #endif + + #define XMALLOC(s, h, t) (void *)_mem_alloc_system((s)) + #define XFREE(p, h, t) {void* xp = (p); if ((xp)) _mem_free((xp));} + /* Note: MQX has no realloc, using fastmath above */ +#endif + +#ifdef CYASSL_STM32F2 + #define SIZEOF_LONG_LONG 8 + #define NO_DEV_RANDOM + #define NO_CYASSL_DIR + #define NO_RABBIT + #define STM32F2_RNG + #define STM32F2_CRYPTO + #define KEIL_INTRINSICS +#endif + +#ifdef MICRIUM + + #include "stdlib.h" + #include "net_cfg.h" + #include "ssl_cfg.h" + #include "net_secure_os.h" + + #define CYASSL_TYPES + + typedef CPU_INT08U byte; + typedef CPU_INT16U word16; + typedef CPU_INT32U word32; + + #if (NET_SECURE_MGR_CFG_WORD_SIZE == CPU_WORD_SIZE_32) + #define SIZEOF_LONG 4 + #undef SIZEOF_LONG_LONG + #else + #undef SIZEOF_LONG + #define SIZEOF_LONG_LONG 8 + #endif + + #define STRING_USER + + #define XSTRLEN(pstr) ((CPU_SIZE_T)Str_Len((CPU_CHAR *)(pstr))) + #define XSTRNCPY(pstr_dest, pstr_src, len_max) \ + ((CPU_CHAR *)Str_Copy_N((CPU_CHAR *)(pstr_dest), \ + (CPU_CHAR *)(pstr_src), (CPU_SIZE_T)(len_max))) + #define XSTRNCMP(pstr_1, pstr_2, len_max) \ + ((CPU_INT16S)Str_Cmp_N((CPU_CHAR *)(pstr_1), \ + (CPU_CHAR *)(pstr_2), (CPU_SIZE_T)(len_max))) + #define XSTRSTR(pstr, pstr_srch) \ + ((CPU_CHAR *)Str_Str((CPU_CHAR *)(pstr), \ + (CPU_CHAR *)(pstr_srch))) + #define XMEMSET(pmem, data_val, size) \ + ((void)Mem_Set((void *)(pmem), (CPU_INT08U) (data_val), \ + (CPU_SIZE_T)(size))) + #define XMEMCPY(pdest, psrc, size) ((void)Mem_Copy((void *)(pdest), \ + (void *)(psrc), (CPU_SIZE_T)(size))) + #define XMEMCMP(pmem_1, pmem_2, size) \ + (((CPU_BOOLEAN)Mem_Cmp((void *)(pmem_1), (void *)(pmem_2), \ + (CPU_SIZE_T)(size))) ? DEF_NO : DEF_YES) + #define XMEMMOVE XMEMCPY + +#if (NET_SECURE_MGR_CFG_EN == DEF_ENABLED) + #define MICRIUM_MALLOC + #define XMALLOC(s, h, type) ((void *)NetSecure_BlkGet((CPU_INT08U)(type), \ + (CPU_SIZE_T)(s), (void *)0)) + #define XFREE(p, h, type) (NetSecure_BlkFree((CPU_INT08U)(type), \ + (p), (void *)0)) + #define XREALLOC(p, n, h, t) realloc((p), (n)) +#endif + + #if (NET_SECURE_MGR_CFG_FS_EN == DEF_ENABLED) + #undef NO_FILESYSTEM + #else + #define NO_FILESYSTEM + #endif + + #if (SSL_CFG_TRACE_LEVEL == CYASSL_TRACE_LEVEL_DBG) + #define DEBUG_CYASSL + #else + #undef DEBUG_CYASSL + #endif + + #if (SSL_CFG_OPENSSL_EN == DEF_ENABLED) + #define OPENSSL_EXTRA + #else + #undef OPENSSL_EXTRA + #endif + + #if (SSL_CFG_MULTI_THREAD_EN == DEF_ENABLED) + #undef SINGLE_THREADED + #else + #define SINGLE_THREADED + #endif + + #if (SSL_CFG_DH_EN == DEF_ENABLED) + #undef NO_DH + #else + #define NO_DH + #endif + + #if (SSL_CFG_DSA_EN == DEF_ENABLED) + #undef NO_DSA + #else + #define NO_DSA + #endif + + #if (SSL_CFG_PSK_EN == DEF_ENABLED) + #undef NO_PSK + #else + #define NO_PSK + #endif + + #if (SSL_CFG_3DES_EN == DEF_ENABLED) + #undef NO_DES + #else + #define NO_DES + #endif + + #if (SSL_CFG_AES_EN == DEF_ENABLED) + #undef NO_AES + #else + #define NO_AES + #endif + + #if (SSL_CFG_RC4_EN == DEF_ENABLED) + #undef NO_RC4 + #else + #define NO_RC4 + #endif + + #if (SSL_CFG_RABBIT_EN == DEF_ENABLED) + #undef NO_RABBIT + #else + #define NO_RABBIT + #endif + + #if (SSL_CFG_HC128_EN == DEF_ENABLED) + #undef NO_HC128 + #else + #define NO_HC128 + #endif + + #if (CPU_CFG_ENDIAN_TYPE == CPU_ENDIAN_TYPE_BIG) + #define BIG_ENDIAN_ORDER + #else + #undef BIG_ENDIAN_ORDER + #define LITTLE_ENDIAN_ORDER + #endif + + #if (SSL_CFG_MD4_EN == DEF_ENABLED) + #undef NO_MD4 + #else + #define NO_MD4 + #endif + + #if (SSL_CFG_WRITEV_EN == DEF_ENABLED) + #undef NO_WRITEV + #else + #define NO_WRITEV + #endif + + #if (SSL_CFG_USER_RNG_SEED_EN == DEF_ENABLED) + #define NO_DEV_RANDOM + #else + #undef NO_DEV_RANDOM + #endif + + #if (SSL_CFG_USER_IO_EN == DEF_ENABLED) + #define CYASSL_USER_IO + #else + #undef CYASSL_USER_IO + #endif + + #if (SSL_CFG_DYNAMIC_BUFFERS_EN == DEF_ENABLED) + #undef LARGE_STATIC_BUFFERS + #undef STATIC_CHUNKS_ONLY + #else + #define LARGE_STATIC_BUFFERS + #define STATIC_CHUNKS_ONLY + #endif + + #if (SSL_CFG_DER_LOAD_EN == DEF_ENABLED) + #define CYASSL_DER_LOAD + #else + #undef CYASSL_DER_LOAD + #endif + + #if (SSL_CFG_DTLS_EN == DEF_ENABLED) + #define CYASSL_DTLS + #else + #undef CYASSL_DTLS + #endif + + #if (SSL_CFG_CALLBACKS_EN == DEF_ENABLED) + #define CYASSL_CALLBACKS + #else + #undef CYASSL_CALLBACKS + #endif + + #if (SSL_CFG_FAST_MATH_EN == DEF_ENABLED) + #define USE_FAST_MATH + #else + #undef USE_FAST_MATH + #endif + + #if (SSL_CFG_TFM_TIMING_RESISTANT_EN == DEF_ENABLED) + #define TFM_TIMING_RESISTANT + #else + #undef TFM_TIMING_RESISTANT + #endif + +#endif /* MICRIUM */ + + +#ifdef CYASSL_QL + #ifndef CYASSL_SEP + #define CYASSL_SEP + #endif + #ifndef OPENSSL_EXTRA + #define OPENSSL_EXTRA + #endif + #ifndef SESSION_CERTS + #define SESSION_CERTS + #endif + #ifndef HAVE_AESCCM + #define HAVE_AESCCM + #endif + #ifndef ATOMIC_USER + #define ATOMIC_USER + #endif + #ifndef CYASSL_DER_LOAD + #define CYASSL_DER_LOAD + #endif + #ifndef KEEP_PEER_CERT + #define KEEP_PEER_CERT + #endif + #ifndef HAVE_ECC + #define HAVE_ECC + #endif + #ifndef SESSION_INDEX + #define SESSION_INDEX + #endif +#endif /* CYASSL_QL */ + + +#if !defined(XMALLOC_USER) && !defined(MICRIUM_MALLOC) && \ + !defined(CYASSL_LEANPSK) && !defined(NO_CYASSL_MEMORY) + #define USE_CYASSL_MEMORY +#endif + + +#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) + #undef KEEP_PEER_CERT + #define KEEP_PEER_CERT +#endif + + +/* stream ciphers except arc4 need 32bit alignment, intel ok without */ +#ifndef XSTREAM_ALIGNMENT + #if defined(__x86_64__) || defined(__ia64__) || defined(__i386__) + #define NO_XSTREAM_ALIGNMENT + #else + #define XSTREAM_ALIGNMENT + #endif +#endif + + +/* if using hardware crypto and have alignment requirements, specify the + requirement here. The record header of SSL/TLS will prvent easy alignment. + This hint tries to help as much as possible. */ +#ifndef CYASSL_GENERAL_ALIGNMENT + #ifdef CYASSL_AESNI + #define CYASSL_GENERAL_ALIGNMENT 16 + #elif defined(XSTREAM_ALIGNMENT) + #define CYASSL_GENERAL_ALIGNMENT 4 + #else + #define CYASSL_GENERAL_ALIGNMENT 0 + #endif +#endif + +#ifdef HAVE_CRL + /* not widely supported yet */ + #undef NO_SKID + #define NO_SKID +#endif + +/* Place any other flags or defines here */ + + +#ifdef __cplusplus + } /* extern "C" */ +#endif + + +#endif /* CTAO_CRYPT_SETTINGS_H */ + diff --git a/3P/wolfssl/IDE/MDK5-ARM/Projects/CryptTest/cert_data.c b/3P/wolfssl/IDE/MDK5-ARM/Projects/CryptTest/cert_data.c new file mode 100644 index 00000000..d6cef016 --- /dev/null +++ b/3P/wolfssl/IDE/MDK5-ARM/Projects/CryptTest/cert_data.c @@ -0,0 +1,28 @@ +/* certs_test.c + * + * Copyright (C) 2006-2015 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +#ifdef HAVE_CONFIG_H + #include +#endif + +/* Define initial data for cert buffers */ +#include + diff --git a/3P/wolfssl/IDE/MDK5-ARM/Projects/CryptTest/main.c b/3P/wolfssl/IDE/MDK5-ARM/Projects/CryptTest/main.c new file mode 100644 index 00000000..36954c66 --- /dev/null +++ b/3P/wolfssl/IDE/MDK5-ARM/Projects/CryptTest/main.c @@ -0,0 +1,76 @@ +/* main.c + * + * Copyright (C) 2006-2015 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +#ifdef HAVE_CONFIG_H + #include +#endif + +#include +#include + +#include "cmsis_os.h" + +#include + +/*----------------------------------------------------------------------------- + * Initialize a Flash Memory Card + *----------------------------------------------------------------------------*/ +#if !defined(NO_FILESYSTEM) +#include "rl_fs.h" + +static void init_filesystem (void) { + int32_t retv; + + retv = finit ("M0:"); + if (retv == 0) { + retv = fmount ("M0:"); + if (retv == 0) { + printf ("Drive M0 ready!\n"); + } + else { + printf ("Drive M0 mount failed!\n"); + } + } + else { + printf ("Drive M0 initialization failed!\n"); + } +} +#endif + +extern void ctaocrypt_test(void * arg) ; + +/*----------------------------------------------------------------------------- + * mian entry + *----------------------------------------------------------------------------*/ + +int main() +{ + void * arg = NULL ; + + #if !defined(NO_FILESYSTEM) + init_filesystem (); + #endif + + printf("=== Start: Crypt test ===\n") ; + ctaocrypt_test(arg) ; + printf("=== End: Crypt test ===\n") ; + +} diff --git a/3P/wolfssl/IDE/MDK5-ARM/Projects/CryptTest/test.c b/3P/wolfssl/IDE/MDK5-ARM/Projects/CryptTest/test.c new file mode 100644 index 00000000..ac5c775b --- /dev/null +++ b/3P/wolfssl/IDE/MDK5-ARM/Projects/CryptTest/test.c @@ -0,0 +1,4863 @@ +/* test.c + * + * Copyright (C) 2006-2015 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +#ifdef HAVE_CONFIG_H + #include +#endif + +#include + +#ifdef XMALLOC_USER + #include /* we're using malloc / free direct here */ +#endif + +#ifndef NO_CRYPT_TEST + +#ifdef CYASSL_TEST_CERT + #include +#else + #include +#endif +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#ifdef HAVE_ECC + #include +#endif +#ifdef HAVE_BLAKE2 + #include +#endif +#ifdef HAVE_LIBZ + #include +#endif +#ifdef HAVE_PKCS7 + #include +#endif + +#ifdef _MSC_VER + /* 4996 warning to use MS extensions e.g., strcpy_s instead of strncpy */ + #pragma warning(disable: 4996) +#endif + +#ifdef OPENSSL_EXTRA + #include + #include + #include + #include +#endif + + +#if defined(USE_CERT_BUFFERS_1024) || defined(USE_CERT_BUFFERS_2048) + /* include test cert and key buffers for use with NO_FILESYSTEM */ + #if defined(CYASSL_MDK_ARM) + #include "cert_data.h" + /* use certs_test.c for initial data, so other + commands can share the data. */ + #else + #include + #endif +#endif + +#if defined(CYASSL_MDK_ARM) + #include + #include + extern FILE * CyaSSL_fopen(const char *fname, const char *mode) ; + #define fopen CyaSSL_fopen +#endif + +#ifdef HAVE_NTRU + #include "ntru_crypto.h" +#endif +#ifdef HAVE_CAVIUM + #include "cavium_sysdep.h" + #include "cavium_common.h" + #include "cavium_ioctl.h" +#endif + +#ifdef FREESCALE_MQX + #include + #include + #include +#else + #include +#endif + + +#ifdef THREADX + /* since just testing, use THREADX log printf instead */ + int dc_log_printf(char*, ...); + #undef printf + #define printf dc_log_printf +#endif + +#include "ctaocrypt/test/test.h" + + +typedef struct testVector { + const char* input; + const char* output; + size_t inLen; + size_t outLen; +} testVector; + +int md2_test(void); +int md5_test(void); +int md4_test(void); +int sha_test(void); +int sha256_test(void); +int sha512_test(void); +int sha384_test(void); +int hmac_md5_test(void); +int hmac_sha_test(void); +int hmac_sha256_test(void); +int hmac_sha384_test(void); +int hmac_sha512_test(void); +int hmac_blake2b_test(void); +int hkdf_test(void); +int arc4_test(void); +int hc128_test(void); +int rabbit_test(void); +int des_test(void); +int des3_test(void); +int aes_test(void); +int aesgcm_test(void); +int gmac_test(void); +int aesccm_test(void); +int camellia_test(void); +int rsa_test(void); +int dh_test(void); +int dsa_test(void); +int random_test(void); +int pwdbased_test(void); +int ripemd_test(void); +int openssl_test(void); /* test mini api */ +int pbkdf1_test(void); +int pkcs12_test(void); +int pbkdf2_test(void); +#ifdef HAVE_ECC + int ecc_test(void); + #ifdef HAVE_ECC_ENCRYPT + int ecc_encrypt_test(void); + #endif +#endif +#ifdef HAVE_BLAKE2 + int blake2b_test(void); +#endif +#ifdef HAVE_LIBZ + int compress_test(void); +#endif +#ifdef HAVE_PKCS7 + int pkcs7enveloped_test(void); + int pkcs7signed_test(void); +#endif + + + +static void err_sys(const char* msg, int es) +{ + printf("%s error = %d\n", msg, es); + #if !defined(THREADX) && !defined(CYASSL_MDK_ARM) + if (msg) + exit(es); + #endif + return; +} + +/* func_args from test.h, so don't have to pull in other junk */ +typedef struct func_args { + int argc; + char** argv; + int return_code; +} func_args; + + + +void ctaocrypt_test(void* args) +{ + int ret = 0; + + ((func_args*)args)->return_code = -1; /* error state */ + +#if !defined(NO_BIG_INT) + if (CheckCtcSettings() != 1) + err_sys("Build vs runtime math mismatch\n", -1234); + +#ifdef USE_FAST_MATH + if (CheckFastMathSettings() != 1) + err_sys("Build vs runtime fastmath FP_MAX_BITS mismatch\n", -1235); +#endif /* USE_FAST_MATH */ +#endif /* !NO_BIG_INT */ + + +#ifndef NO_MD5 + if ( (ret = md5_test()) != 0) + err_sys("MD5 test failed!\n", ret); + else + printf( "MD5 test passed!\n"); +#endif + +#ifdef CYASSL_MD2 + if ( (ret = md2_test()) != 0) + err_sys("MD2 test failed!\n", ret); + else + printf( "MD2 test passed!\n"); +#endif + +#ifndef NO_MD4 + if ( (ret = md4_test()) != 0) + err_sys("MD4 test failed!\n", ret); + else + printf( "MD4 test passed!\n"); +#endif + +#ifndef NO_SHA + if ( (ret = sha_test()) != 0) + err_sys("SHA test failed!\n", ret); + else + printf( "SHA test passed!\n"); +#endif + +#ifndef NO_SHA256 + if ( (ret = sha256_test()) != 0) + err_sys("SHA-256 test failed!\n", ret); + else + printf( "SHA-256 test passed!\n"); +#endif + +#ifdef CYASSL_SHA384 + if ( (ret = sha384_test()) != 0) + err_sys("SHA-384 test failed!\n", ret); + else + printf( "SHA-384 test passed!\n"); +#endif + +#ifdef CYASSL_SHA512 + if ( (ret = sha512_test()) != 0) + err_sys("SHA-512 test failed!\n", ret); + else + printf( "SHA-512 test passed!\n"); +#endif + +#ifdef CYASSL_RIPEMD + if ( (ret = ripemd_test()) != 0) + err_sys("RIPEMD test failed!\n", ret); + else + printf( "RIPEMD test passed!\n"); +#endif + +#ifdef HAVE_BLAKE2 + if ( (ret = blake2b_test()) != 0) + err_sys("BLAKE2b test failed!\n", ret); + else + printf( "BLAKE2b test passed!\n"); +#endif + +#ifndef NO_HMAC + #ifndef NO_MD5 + if ( (ret = hmac_md5_test()) != 0) + err_sys("HMAC-MD5 test failed!\n", ret); + else + printf( "HMAC-MD5 test passed!\n"); + #endif + + #ifndef NO_SHA + if ( (ret = hmac_sha_test()) != 0) + err_sys("HMAC-SHA test failed!\n", ret); + else + printf( "HMAC-SHA test passed!\n"); + #endif + + #ifndef NO_SHA256 + if ( (ret = hmac_sha256_test()) != 0) + err_sys("HMAC-SHA256 test failed!\n", ret); + else + printf( "HMAC-SHA256 test passed!\n"); + #endif + + #ifdef CYASSL_SHA384 + if ( (ret = hmac_sha384_test()) != 0) + err_sys("HMAC-SHA384 test failed!\n", ret); + else + printf( "HMAC-SHA384 test passed!\n"); + #endif + + #ifdef CYASSL_SHA512 + if ( (ret = hmac_sha512_test()) != 0) + err_sys("HMAC-SHA512 test failed!\n", ret); + else + printf( "HMAC-SHA512 test passed!\n"); + #endif + + #ifdef HAVE_BLAKE2 + if ( (ret = hmac_blake2b_test()) != 0) + err_sys("HMAC-BLAKE2 test failed!\n", ret); + else + printf( "HMAC-BLAKE2 test passed!\n"); + #endif + + #ifdef HAVE_HKDF + if ( (ret = hkdf_test()) != 0) + err_sys("HMAC-KDF test failed!\n", ret); + else + printf( "HMAC-KDF test passed!\n"); + #endif + +#endif + +#ifdef HAVE_AESGCM + if ( (ret = gmac_test()) != 0) + err_sys("GMAC test passed!\n", ret); + else + printf( "GMAC test passed!\n"); +#endif + +#ifndef NO_RC4 + if ( (ret = arc4_test()) != 0) + err_sys("ARC4 test failed!\n", ret); + else + printf( "ARC4 test passed!\n"); +#endif + +#ifndef NO_HC128 + if ( (ret = hc128_test()) != 0) + err_sys("HC-128 test failed!\n", ret); + else + printf( "HC-128 test passed!\n"); +#endif + +#ifndef NO_RABBIT + if ( (ret = rabbit_test()) != 0) + err_sys("Rabbit test failed!\n", ret); + else + printf( "Rabbit test passed!\n"); +#endif + +#ifndef NO_DES3 + if ( (ret = des_test()) != 0) + err_sys("DES test failed!\n", ret); + else + printf( "DES test passed!\n"); +#endif + +#ifndef NO_DES3 + if ( (ret = des3_test()) != 0) + err_sys("DES3 test failed!\n", ret); + else + printf( "DES3 test passed!\n"); +#endif + +#ifndef NO_AES + if ( (ret = aes_test()) != 0) + err_sys("AES test failed!\n", ret); + else + printf( "AES test passed!\n"); + +#ifdef HAVE_AESGCM + if ( (ret = aesgcm_test()) != 0) + err_sys("AES-GCM test failed!\n", ret); + else + printf( "AES-GCM test passed!\n"); +#endif + +#ifdef HAVE_AESCCM + if ( (ret = aesccm_test()) != 0) + err_sys("AES-CCM test failed!\n", ret); + else + printf( "AES-CCM test passed!\n"); +#endif +#endif + +#ifdef HAVE_CAMELLIA + if ( (ret = camellia_test()) != 0) + err_sys("CAMELLIA test failed!\n", ret); + else + printf( "CAMELLIA test passed!\n"); +#endif + + if ( (ret = random_test()) != 0) + err_sys("RANDOM test failed!\n", ret); + else + printf( "RANDOM test passed!\n"); + +#ifndef NO_RSA + if ( (ret = rsa_test()) != 0) + err_sys("RSA test failed!\n", ret); + else + printf( "RSA test passed!\n"); +#endif + +#ifndef NO_DH + if ( (ret = dh_test()) != 0) + err_sys("DH test failed!\n", ret); + else + printf( "DH test passed!\n"); +#endif + +#ifndef NO_DSA + if ( (ret = dsa_test()) != 0) + err_sys("DSA test failed!\n", ret); + else + printf( "DSA test passed!\n"); +#endif + +#ifndef NO_PWDBASED + if ( (ret = pwdbased_test()) != 0) + err_sys("PWDBASED test failed!\n", ret); + else + printf( "PWDBASED test passed!\n"); +#endif + +#ifdef OPENSSL_EXTRA + if ( (ret = openssl_test()) != 0) + err_sys("OPENSSL test failed!\n", ret); + else + printf( "OPENSSL test passed!\n"); +#endif + +#ifdef HAVE_ECC + if ( (ret = ecc_test()) != 0) + err_sys("ECC test failed!\n", ret); + else + printf( "ECC test passed!\n"); + #ifdef HAVE_ECC_ENCRYPT + if ( (ret = ecc_encrypt_test()) != 0) + err_sys("ECC Enc test failed!\n", ret); + else + printf( "ECC Enc test passed!\n"); + #endif +#endif + +#ifdef HAVE_LIBZ + if ( (ret = compress_test()) != 0) + err_sys("COMPRESS test failed!\n", ret); + else + printf( "COMPRESS test passed!\n"); +#endif + +#ifdef HAVE_PKCS7 + if ( (ret = pkcs7enveloped_test()) != 0) + err_sys("PKCS7enveloped test failed!\n", ret); + else + printf( "PKCS7enveloped test passed!\n"); + + if ( (ret = pkcs7signed_test()) != 0) + err_sys("PKCS7signed test failed!\n", ret); + else + printf( "PKCS7signed test passed!\n"); +#endif + + ((func_args*)args)->return_code = ret; +} + + +#ifndef NO_MAIN_DRIVER + +#ifdef HAVE_CAVIUM + +static int OpenNitroxDevice(int dma_mode,int dev_id) +{ + Csp1CoreAssignment core_assign; + Uint32 device; + + if (CspInitialize(CAVIUM_DIRECT,CAVIUM_DEV_ID)) + return -1; + if (Csp1GetDevType(&device)) + return -1; + if (device != NPX_DEVICE) { + if (ioctl(gpkpdev_hdlr[CAVIUM_DEV_ID], IOCTL_CSP1_GET_CORE_ASSIGNMENT, + (Uint32 *)&core_assign)!= 0) + return -1; + } + CspShutdown(CAVIUM_DEV_ID); + + return CspInitialize(dma_mode, dev_id); +} + +#endif /* HAVE_CAVIUM */ + + /* so overall tests can pull in test function */ + + int main(int argc, char** argv) + { + + func_args args; + + +#ifdef HAVE_CAVIUM + int ret = OpenNitroxDevice(CAVIUM_DIRECT, CAVIUM_DEV_ID); + if (ret != 0) + err_sys("Cavium OpenNitroxDevice failed", -1236); +#endif /* HAVE_CAVIUM */ + + args.argc = argc; + args.argv = argv; + + ctaocrypt_test(&args); + +#ifdef HAVE_CAVIUM + CspShutdown(CAVIUM_DEV_ID); +#endif + + return args.return_code; + } + +#endif /* NO_MAIN_DRIVER */ + + +#ifdef CYASSL_MD2 +int md2_test() +{ + Md2 md2; + byte hash[MD2_DIGEST_SIZE]; + + testVector a, b, c, d, e, f, g; + testVector test_md2[7]; + int times = sizeof(test_md2) / sizeof(testVector), i; + + a.input = ""; + a.output = "\x83\x50\xe5\xa3\xe2\x4c\x15\x3d\xf2\x27\x5c\x9f\x80\x69" + "\x27\x73"; + a.inLen = strlen(a.input); + a.outLen = MD2_DIGEST_SIZE; + + b.input = "a"; + b.output = "\x32\xec\x01\xec\x4a\x6d\xac\x72\xc0\xab\x96\xfb\x34\xc0" + "\xb5\xd1"; + b.inLen = strlen(b.input); + b.outLen = MD2_DIGEST_SIZE; + + c.input = "abc"; + c.output = "\xda\x85\x3b\x0d\x3f\x88\xd9\x9b\x30\x28\x3a\x69\xe6\xde" + "\xd6\xbb"; + c.inLen = strlen(c.input); + c.outLen = MD2_DIGEST_SIZE; + + d.input = "message digest"; + d.output = "\xab\x4f\x49\x6b\xfb\x2a\x53\x0b\x21\x9f\xf3\x30\x31\xfe" + "\x06\xb0"; + d.inLen = strlen(d.input); + d.outLen = MD2_DIGEST_SIZE; + + e.input = "abcdefghijklmnopqrstuvwxyz"; + e.output = "\x4e\x8d\xdf\xf3\x65\x02\x92\xab\x5a\x41\x08\xc3\xaa\x47" + "\x94\x0b"; + e.inLen = strlen(e.input); + e.outLen = MD2_DIGEST_SIZE; + + f.input = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz012345" + "6789"; + f.output = "\xda\x33\xde\xf2\xa4\x2d\xf1\x39\x75\x35\x28\x46\xc3\x03" + "\x38\xcd"; + f.inLen = strlen(f.input); + f.outLen = MD2_DIGEST_SIZE; + + g.input = "1234567890123456789012345678901234567890123456789012345678" + "9012345678901234567890"; + g.output = "\xd5\x97\x6f\x79\xd8\x3d\x3a\x0d\xc9\x80\x6c\x3c\x66\xf3" + "\xef\xd8"; + g.inLen = strlen(g.input); + g.outLen = MD2_DIGEST_SIZE; + + test_md2[0] = a; + test_md2[1] = b; + test_md2[2] = c; + test_md2[3] = d; + test_md2[4] = e; + test_md2[5] = f; + test_md2[6] = g; + + InitMd2(&md2); + + for (i = 0; i < times; ++i) { + Md2Update(&md2, (byte*)test_md2[i].input, (word32)test_md2[i].inLen); + Md2Final(&md2, hash); + + if (memcmp(hash, test_md2[i].output, MD2_DIGEST_SIZE) != 0) + return -155 - i; + } + + return 0; +} +#endif + +#ifndef NO_MD5 +int md5_test(void) +{ + Md5 md5; + byte hash[MD5_DIGEST_SIZE]; + + testVector a, b, c, d, e; + testVector test_md5[5]; + int times = sizeof(test_md5) / sizeof(testVector), i; + + a.input = "abc"; + a.output = "\x90\x01\x50\x98\x3c\xd2\x4f\xb0\xd6\x96\x3f\x7d\x28\xe1\x7f" + "\x72"; + a.inLen = strlen(a.input); + a.outLen = MD5_DIGEST_SIZE; + + b.input = "message digest"; + b.output = "\xf9\x6b\x69\x7d\x7c\xb7\x93\x8d\x52\x5a\x2f\x31\xaa\xf1\x61" + "\xd0"; + b.inLen = strlen(b.input); + b.outLen = MD5_DIGEST_SIZE; + + c.input = "abcdefghijklmnopqrstuvwxyz"; + c.output = "\xc3\xfc\xd3\xd7\x61\x92\xe4\x00\x7d\xfb\x49\x6c\xca\x67\xe1" + "\x3b"; + c.inLen = strlen(c.input); + c.outLen = MD5_DIGEST_SIZE; + + d.input = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz012345" + "6789"; + d.output = "\xd1\x74\xab\x98\xd2\x77\xd9\xf5\xa5\x61\x1c\x2c\x9f\x41\x9d" + "\x9f"; + d.inLen = strlen(d.input); + d.outLen = MD5_DIGEST_SIZE; + + e.input = "1234567890123456789012345678901234567890123456789012345678" + "9012345678901234567890"; + e.output = "\x57\xed\xf4\xa2\x2b\xe3\xc9\x55\xac\x49\xda\x2e\x21\x07\xb6" + "\x7a"; + e.inLen = strlen(e.input); + e.outLen = MD5_DIGEST_SIZE; + + test_md5[0] = a; + test_md5[1] = b; + test_md5[2] = c; + test_md5[3] = d; + test_md5[4] = e; + + InitMd5(&md5); + + for (i = 0; i < times; ++i) { + Md5Update(&md5, (byte*)test_md5[i].input, (word32)test_md5[i].inLen); + Md5Final(&md5, hash); + + if (memcmp(hash, test_md5[i].output, MD5_DIGEST_SIZE) != 0) + return -5 - i; + } + + return 0; +} +#endif /* NO_MD5 */ + + +#ifndef NO_MD4 + +int md4_test(void) +{ + Md4 md4; + byte hash[MD4_DIGEST_SIZE]; + + testVector a, b, c, d, e, f, g; + testVector test_md4[7]; + int times = sizeof(test_md4) / sizeof(testVector), i; + + a.input = ""; + a.output = "\x31\xd6\xcf\xe0\xd1\x6a\xe9\x31\xb7\x3c\x59\xd7\xe0\xc0\x89" + "\xc0"; + a.inLen = strlen(a.input); + a.outLen = MD4_DIGEST_SIZE; + + b.input = "a"; + b.output = "\xbd\xe5\x2c\xb3\x1d\xe3\x3e\x46\x24\x5e\x05\xfb\xdb\xd6\xfb" + "\x24"; + b.inLen = strlen(b.input); + b.outLen = MD4_DIGEST_SIZE; + + c.input = "abc"; + c.output = "\xa4\x48\x01\x7a\xaf\x21\xd8\x52\x5f\xc1\x0a\xe8\x7a\xa6\x72" + "\x9d"; + c.inLen = strlen(c.input); + c.outLen = MD4_DIGEST_SIZE; + + d.input = "message digest"; + d.output = "\xd9\x13\x0a\x81\x64\x54\x9f\xe8\x18\x87\x48\x06\xe1\xc7\x01" + "\x4b"; + d.inLen = strlen(d.input); + d.outLen = MD4_DIGEST_SIZE; + + e.input = "abcdefghijklmnopqrstuvwxyz"; + e.output = "\xd7\x9e\x1c\x30\x8a\xa5\xbb\xcd\xee\xa8\xed\x63\xdf\x41\x2d" + "\xa9"; + e.inLen = strlen(e.input); + e.outLen = MD4_DIGEST_SIZE; + + f.input = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz012345" + "6789"; + f.output = "\x04\x3f\x85\x82\xf2\x41\xdb\x35\x1c\xe6\x27\xe1\x53\xe7\xf0" + "\xe4"; + f.inLen = strlen(f.input); + f.outLen = MD4_DIGEST_SIZE; + + g.input = "1234567890123456789012345678901234567890123456789012345678" + "9012345678901234567890"; + g.output = "\xe3\x3b\x4d\xdc\x9c\x38\xf2\x19\x9c\x3e\x7b\x16\x4f\xcc\x05" + "\x36"; + g.inLen = strlen(g.input); + g.outLen = MD4_DIGEST_SIZE; + + test_md4[0] = a; + test_md4[1] = b; + test_md4[2] = c; + test_md4[3] = d; + test_md4[4] = e; + test_md4[5] = f; + test_md4[6] = g; + + InitMd4(&md4); + + for (i = 0; i < times; ++i) { + Md4Update(&md4, (byte*)test_md4[i].input, (word32)test_md4[i].inLen); + Md4Final(&md4, hash); + + if (memcmp(hash, test_md4[i].output, MD4_DIGEST_SIZE) != 0) + return -205 - i; + } + + return 0; +} + +#endif /* NO_MD4 */ + +#ifndef NO_SHA + +int sha_test(void) +{ + Sha sha; + byte hash[SHA_DIGEST_SIZE]; + + testVector a, b, c, d; + testVector test_sha[4]; + int ret; + int times = sizeof(test_sha) / sizeof(struct testVector), i; + + a.input = "abc"; + a.output = "\xA9\x99\x3E\x36\x47\x06\x81\x6A\xBA\x3E\x25\x71\x78\x50\xC2" + "\x6C\x9C\xD0\xD8\x9D"; + a.inLen = strlen(a.input); + a.outLen = SHA_DIGEST_SIZE; + + b.input = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"; + b.output = "\x84\x98\x3E\x44\x1C\x3B\xD2\x6E\xBA\xAE\x4A\xA1\xF9\x51\x29" + "\xE5\xE5\x46\x70\xF1"; + b.inLen = strlen(b.input); + b.outLen = SHA_DIGEST_SIZE; + + c.input = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" + "aaaaaa"; + c.output = "\x00\x98\xBA\x82\x4B\x5C\x16\x42\x7B\xD7\xA1\x12\x2A\x5A\x44" + "\x2A\x25\xEC\x64\x4D"; + c.inLen = strlen(c.input); + c.outLen = SHA_DIGEST_SIZE; + + d.input = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" + "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" + "aaaaaaaaaa"; + d.output = "\xAD\x5B\x3F\xDB\xCB\x52\x67\x78\xC2\x83\x9D\x2F\x15\x1E\xA7" + "\x53\x99\x5E\x26\xA0"; + d.inLen = strlen(d.input); + d.outLen = SHA_DIGEST_SIZE; + + test_sha[0] = a; + test_sha[1] = b; + test_sha[2] = c; + test_sha[3] = d; + + ret = InitSha(&sha); + if (ret != 0) + return -4001; + + for (i = 0; i < times; ++i) { + ShaUpdate(&sha, (byte*)test_sha[i].input, (word32)test_sha[i].inLen); + ShaFinal(&sha, hash); + + if (memcmp(hash, test_sha[i].output, SHA_DIGEST_SIZE) != 0) + return -10 - i; + } + + return 0; +} + +#endif /* NO_SHA */ + +#ifdef CYASSL_RIPEMD +int ripemd_test(void) +{ + RipeMd ripemd; + byte hash[RIPEMD_DIGEST_SIZE]; + + testVector a, b, c, d; + testVector test_ripemd[4]; + int times = sizeof(test_ripemd) / sizeof(struct testVector), i; + + a.input = "abc"; + a.output = "\x8e\xb2\x08\xf7\xe0\x5d\x98\x7a\x9b\x04\x4a\x8e\x98\xc6" + "\xb0\x87\xf1\x5a\x0b\xfc"; + a.inLen = strlen(a.input); + a.outLen = RIPEMD_DIGEST_SIZE; + + b.input = "message digest"; + b.output = "\x5d\x06\x89\xef\x49\xd2\xfa\xe5\x72\xb8\x81\xb1\x23\xa8" + "\x5f\xfa\x21\x59\x5f\x36"; + b.inLen = strlen(b.input); + b.outLen = RIPEMD_DIGEST_SIZE; + + c.input = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"; + c.output = "\x12\xa0\x53\x38\x4a\x9c\x0c\x88\xe4\x05\xa0\x6c\x27\xdc" + "\xf4\x9a\xda\x62\xeb\x2b"; + c.inLen = strlen(c.input); + c.outLen = RIPEMD_DIGEST_SIZE; + + d.input = "12345678901234567890123456789012345678901234567890123456" + "789012345678901234567890"; + d.output = "\x9b\x75\x2e\x45\x57\x3d\x4b\x39\xf4\xdb\xd3\x32\x3c\xab" + "\x82\xbf\x63\x32\x6b\xfb"; + d.inLen = strlen(d.input); + d.outLen = RIPEMD_DIGEST_SIZE; + + test_ripemd[0] = a; + test_ripemd[1] = b; + test_ripemd[2] = c; + test_ripemd[3] = d; + + InitRipeMd(&ripemd); + + for (i = 0; i < times; ++i) { + RipeMdUpdate(&ripemd, (byte*)test_ripemd[i].input, + (word32)test_ripemd[i].inLen); + RipeMdFinal(&ripemd, hash); + + if (memcmp(hash, test_ripemd[i].output, RIPEMD_DIGEST_SIZE) != 0) + return -10 - i; + } + + return 0; +} +#endif /* CYASSL_RIPEMD */ + + +#ifdef HAVE_BLAKE2 + + +#define BLAKE2_TESTS 3 + +static const byte blake2b_vec[BLAKE2_TESTS][BLAKE2B_OUTBYTES] = +{ + { + 0x78, 0x6A, 0x02, 0xF7, 0x42, 0x01, 0x59, 0x03, + 0xC6, 0xC6, 0xFD, 0x85, 0x25, 0x52, 0xD2, 0x72, + 0x91, 0x2F, 0x47, 0x40, 0xE1, 0x58, 0x47, 0x61, + 0x8A, 0x86, 0xE2, 0x17, 0xF7, 0x1F, 0x54, 0x19, + 0xD2, 0x5E, 0x10, 0x31, 0xAF, 0xEE, 0x58, 0x53, + 0x13, 0x89, 0x64, 0x44, 0x93, 0x4E, 0xB0, 0x4B, + 0x90, 0x3A, 0x68, 0x5B, 0x14, 0x48, 0xB7, 0x55, + 0xD5, 0x6F, 0x70, 0x1A, 0xFE, 0x9B, 0xE2, 0xCE + }, + { + 0x2F, 0xA3, 0xF6, 0x86, 0xDF, 0x87, 0x69, 0x95, + 0x16, 0x7E, 0x7C, 0x2E, 0x5D, 0x74, 0xC4, 0xC7, + 0xB6, 0xE4, 0x8F, 0x80, 0x68, 0xFE, 0x0E, 0x44, + 0x20, 0x83, 0x44, 0xD4, 0x80, 0xF7, 0x90, 0x4C, + 0x36, 0x96, 0x3E, 0x44, 0x11, 0x5F, 0xE3, 0xEB, + 0x2A, 0x3A, 0xC8, 0x69, 0x4C, 0x28, 0xBC, 0xB4, + 0xF5, 0xA0, 0xF3, 0x27, 0x6F, 0x2E, 0x79, 0x48, + 0x7D, 0x82, 0x19, 0x05, 0x7A, 0x50, 0x6E, 0x4B + }, + { + 0x1C, 0x08, 0x79, 0x8D, 0xC6, 0x41, 0xAB, 0xA9, + 0xDE, 0xE4, 0x35, 0xE2, 0x25, 0x19, 0xA4, 0x72, + 0x9A, 0x09, 0xB2, 0xBF, 0xE0, 0xFF, 0x00, 0xEF, + 0x2D, 0xCD, 0x8E, 0xD6, 0xF8, 0xA0, 0x7D, 0x15, + 0xEA, 0xF4, 0xAE, 0xE5, 0x2B, 0xBF, 0x18, 0xAB, + 0x56, 0x08, 0xA6, 0x19, 0x0F, 0x70, 0xB9, 0x04, + 0x86, 0xC8, 0xA7, 0xD4, 0x87, 0x37, 0x10, 0xB1, + 0x11, 0x5D, 0x3D, 0xEB, 0xBB, 0x43, 0x27, 0xB5 + } +}; + + + +int blake2b_test(void) +{ + Blake2b b2b; + byte digest[64]; + byte input[64]; + int i, ret; + + for (i = 0; i < (int)sizeof(input); i++) + input[i] = (byte)i; + + for (i = 0; i < BLAKE2_TESTS; i++) { + ret = InitBlake2b(&b2b, 64); + if (ret != 0) + return -4002; + + ret = Blake2bUpdate(&b2b, input, i); + if (ret != 0) + return -4003; + + ret = Blake2bFinal(&b2b, digest, 64); + if (ret != 0) + return -4004; + + if (memcmp(digest, blake2b_vec[i], 64) != 0) { + return -300 - i; + } + } + + return 0; +} +#endif /* HAVE_BLAKE2 */ + + +#ifndef NO_SHA256 +int sha256_test(void) +{ + Sha256 sha; + byte hash[SHA256_DIGEST_SIZE]; + + testVector a, b; + testVector test_sha[2]; + int ret; + int times = sizeof(test_sha) / sizeof(struct testVector), i; + + a.input = "abc"; + a.output = "\xBA\x78\x16\xBF\x8F\x01\xCF\xEA\x41\x41\x40\xDE\x5D\xAE\x22" + "\x23\xB0\x03\x61\xA3\x96\x17\x7A\x9C\xB4\x10\xFF\x61\xF2\x00" + "\x15\xAD"; + a.inLen = strlen(a.input); + a.outLen = SHA256_DIGEST_SIZE; + + b.input = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"; + b.output = "\x24\x8D\x6A\x61\xD2\x06\x38\xB8\xE5\xC0\x26\x93\x0C\x3E\x60" + "\x39\xA3\x3C\xE4\x59\x64\xFF\x21\x67\xF6\xEC\xED\xD4\x19\xDB" + "\x06\xC1"; + b.inLen = strlen(b.input); + b.outLen = SHA256_DIGEST_SIZE; + + test_sha[0] = a; + test_sha[1] = b; + + ret = InitSha256(&sha); + if (ret != 0) + return -4005; + + for (i = 0; i < times; ++i) { + ret = Sha256Update(&sha, (byte*)test_sha[i].input,(word32)test_sha[i].inLen); + if (ret != 0) + return -4006; + ret = Sha256Final(&sha, hash); + if (ret != 0) + return -4007; + + if (memcmp(hash, test_sha[i].output, SHA256_DIGEST_SIZE) != 0) + return -10 - i; + } + + return 0; +} +#endif + + +#ifdef CYASSL_SHA512 +int sha512_test(void) +{ + Sha512 sha; + byte hash[SHA512_DIGEST_SIZE]; + int ret; + + testVector a, b; + testVector test_sha[2]; + int times = sizeof(test_sha) / sizeof(struct testVector), i; + + a.input = "abc"; + a.output = "\xdd\xaf\x35\xa1\x93\x61\x7a\xba\xcc\x41\x73\x49\xae\x20\x41" + "\x31\x12\xe6\xfa\x4e\x89\xa9\x7e\xa2\x0a\x9e\xee\xe6\x4b\x55" + "\xd3\x9a\x21\x92\x99\x2a\x27\x4f\xc1\xa8\x36\xba\x3c\x23\xa3" + "\xfe\xeb\xbd\x45\x4d\x44\x23\x64\x3c\xe8\x0e\x2a\x9a\xc9\x4f" + "\xa5\x4c\xa4\x9f"; + a.inLen = strlen(a.input); + a.outLen = SHA512_DIGEST_SIZE; + + b.input = "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhi" + "jklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu"; + b.output = "\x8e\x95\x9b\x75\xda\xe3\x13\xda\x8c\xf4\xf7\x28\x14\xfc\x14" + "\x3f\x8f\x77\x79\xc6\xeb\x9f\x7f\xa1\x72\x99\xae\xad\xb6\x88" + "\x90\x18\x50\x1d\x28\x9e\x49\x00\xf7\xe4\x33\x1b\x99\xde\xc4" + "\xb5\x43\x3a\xc7\xd3\x29\xee\xb6\xdd\x26\x54\x5e\x96\xe5\x5b" + "\x87\x4b\xe9\x09"; + b.inLen = strlen(b.input); + b.outLen = SHA512_DIGEST_SIZE; + + test_sha[0] = a; + test_sha[1] = b; + + ret = InitSha512(&sha); + if (ret != 0) + return -4009; + + for (i = 0; i < times; ++i) { + ret = Sha512Update(&sha, (byte*)test_sha[i].input,(word32)test_sha[i].inLen); + if (ret != 0) + return -4010; + + ret = Sha512Final(&sha, hash); + if (ret != 0) + return -4011; + + if (memcmp(hash, test_sha[i].output, SHA512_DIGEST_SIZE) != 0) + return -10 - i; + } + + return 0; +} +#endif + + +#ifdef CYASSL_SHA384 +int sha384_test(void) +{ + Sha384 sha; + byte hash[SHA384_DIGEST_SIZE]; + int ret; + + testVector a, b; + testVector test_sha[2]; + int times = sizeof(test_sha) / sizeof(struct testVector), i; + + a.input = "abc"; + a.output = "\xcb\x00\x75\x3f\x45\xa3\x5e\x8b\xb5\xa0\x3d\x69\x9a\xc6\x50" + "\x07\x27\x2c\x32\xab\x0e\xde\xd1\x63\x1a\x8b\x60\x5a\x43\xff" + "\x5b\xed\x80\x86\x07\x2b\xa1\xe7\xcc\x23\x58\xba\xec\xa1\x34" + "\xc8\x25\xa7"; + a.inLen = strlen(a.input); + a.outLen = SHA384_DIGEST_SIZE; + + b.input = "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhi" + "jklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu"; + b.output = "\x09\x33\x0c\x33\xf7\x11\x47\xe8\x3d\x19\x2f\xc7\x82\xcd\x1b" + "\x47\x53\x11\x1b\x17\x3b\x3b\x05\xd2\x2f\xa0\x80\x86\xe3\xb0" + "\xf7\x12\xfc\xc7\xc7\x1a\x55\x7e\x2d\xb9\x66\xc3\xe9\xfa\x91" + "\x74\x60\x39"; + b.inLen = strlen(b.input); + b.outLen = SHA384_DIGEST_SIZE; + + test_sha[0] = a; + test_sha[1] = b; + + ret = InitSha384(&sha); + if (ret != 0) + return -4012; + + for (i = 0; i < times; ++i) { + ret = Sha384Update(&sha, (byte*)test_sha[i].input,(word32)test_sha[i].inLen); + if (ret != 0) + return -4013; + + ret = Sha384Final(&sha, hash); + if (ret != 0) + return -4014; + + if (memcmp(hash, test_sha[i].output, SHA384_DIGEST_SIZE) != 0) + return -10 - i; + } + + return 0; +} +#endif /* CYASSL_SHA384 */ + + +#if !defined(NO_HMAC) && !defined(NO_MD5) +int hmac_md5_test(void) +{ + Hmac hmac; + byte hash[MD5_DIGEST_SIZE]; + + const char* keys[]= + { + "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b", + "Jefe", + "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA" + }; + + testVector a, b, c; + testVector test_hmac[3]; + + int ret; + int times = sizeof(test_hmac) / sizeof(testVector), i; + + a.input = "Hi There"; + a.output = "\x92\x94\x72\x7a\x36\x38\xbb\x1c\x13\xf4\x8e\xf8\x15\x8b\xfc" + "\x9d"; + a.inLen = strlen(a.input); + a.outLen = MD5_DIGEST_SIZE; + + b.input = "what do ya want for nothing?"; + b.output = "\x75\x0c\x78\x3e\x6a\xb0\xb5\x03\xea\xa8\x6e\x31\x0a\x5d\xb7" + "\x38"; + b.inLen = strlen(b.input); + b.outLen = MD5_DIGEST_SIZE; + + c.input = "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" + "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" + "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" + "\xDD\xDD\xDD\xDD\xDD\xDD"; + c.output = "\x56\xbe\x34\x52\x1d\x14\x4c\x88\xdb\xb8\xc7\x33\xf0\xe8\xb3" + "\xf6"; + c.inLen = strlen(c.input); + c.outLen = MD5_DIGEST_SIZE; + + test_hmac[0] = a; + test_hmac[1] = b; + test_hmac[2] = c; + + for (i = 0; i < times; ++i) { +#if defined(HAVE_FIPS) || defined(HAVE_CAVIUM) + if (i == 1) + continue; /* cavium can't handle short keys, fips not allowed */ +#endif +#ifdef HAVE_CAVIUM + if (HmacInitCavium(&hmac, CAVIUM_DEV_ID) != 0) + return -20009; +#endif + ret = HmacSetKey(&hmac, MD5, (byte*)keys[i], (word32)strlen(keys[i])); + if (ret != 0) + return -4015; + ret = HmacUpdate(&hmac, (byte*)test_hmac[i].input, + (word32)test_hmac[i].inLen); + if (ret != 0) + return -4016; + ret = HmacFinal(&hmac, hash); + if (ret != 0) + return -4017; + + if (memcmp(hash, test_hmac[i].output, MD5_DIGEST_SIZE) != 0) + return -20 - i; +#ifdef HAVE_CAVIUM + HmacFreeCavium(&hmac); +#endif + } + + return 0; +} +#endif /* NO_HMAC && NO_MD5 */ + +#if !defined(NO_HMAC) && !defined(NO_SHA) +int hmac_sha_test(void) +{ + Hmac hmac; + byte hash[SHA_DIGEST_SIZE]; + + const char* keys[]= + { + "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b" + "\x0b\x0b\x0b", + "Jefe", + "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA" + "\xAA\xAA\xAA" + }; + + testVector a, b, c; + testVector test_hmac[3]; + + int ret; + int times = sizeof(test_hmac) / sizeof(testVector), i; + + a.input = "Hi There"; + a.output = "\xb6\x17\x31\x86\x55\x05\x72\x64\xe2\x8b\xc0\xb6\xfb\x37\x8c" + "\x8e\xf1\x46\xbe\x00"; + a.inLen = strlen(a.input); + a.outLen = SHA_DIGEST_SIZE; + + b.input = "what do ya want for nothing?"; + b.output = "\xef\xfc\xdf\x6a\xe5\xeb\x2f\xa2\xd2\x74\x16\xd5\xf1\x84\xdf" + "\x9c\x25\x9a\x7c\x79"; + b.inLen = strlen(b.input); + b.outLen = SHA_DIGEST_SIZE; + + c.input = "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" + "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" + "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" + "\xDD\xDD\xDD\xDD\xDD\xDD"; + c.output = "\x12\x5d\x73\x42\xb9\xac\x11\xcd\x91\xa3\x9a\xf4\x8a\xa1\x7b" + "\x4f\x63\xf1\x75\xd3"; + c.inLen = strlen(c.input); + c.outLen = SHA_DIGEST_SIZE; + + test_hmac[0] = a; + test_hmac[1] = b; + test_hmac[2] = c; + + for (i = 0; i < times; ++i) { +#if defined(HAVE_FIPS) || defined(HAVE_CAVIUM) + if (i == 1) + continue; /* cavium can't handle short keys, fips not allowed */ +#endif +#ifdef HAVE_CAVIUM + if (HmacInitCavium(&hmac, CAVIUM_DEV_ID) != 0) + return -20010; +#endif + ret = HmacSetKey(&hmac, SHA, (byte*)keys[i], (word32)strlen(keys[i])); + if (ret != 0) + return -4018; + ret = HmacUpdate(&hmac, (byte*)test_hmac[i].input, + (word32)test_hmac[i].inLen); + if (ret != 0) + return -4019; + ret = HmacFinal(&hmac, hash); + if (ret != 0) + return -4020; + + if (memcmp(hash, test_hmac[i].output, SHA_DIGEST_SIZE) != 0) + return -20 - i; +#ifdef HAVE_CAVIUM + HmacFreeCavium(&hmac); +#endif + } + + return 0; +} +#endif + + +#if !defined(NO_HMAC) && !defined(NO_SHA256) +int hmac_sha256_test(void) +{ + Hmac hmac; + byte hash[SHA256_DIGEST_SIZE]; + + const char* keys[]= + { + "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b" + "\x0b\x0b\x0b", + "Jefe", + "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA" + "\xAA\xAA\xAA" + }; + + testVector a, b, c; + testVector test_hmac[3]; + + int ret; + int times = sizeof(test_hmac) / sizeof(testVector), i; + + a.input = "Hi There"; + a.output = "\xb0\x34\x4c\x61\xd8\xdb\x38\x53\x5c\xa8\xaf\xce\xaf\x0b\xf1" + "\x2b\x88\x1d\xc2\x00\xc9\x83\x3d\xa7\x26\xe9\x37\x6c\x2e\x32" + "\xcf\xf7"; + a.inLen = strlen(a.input); + a.outLen = SHA256_DIGEST_SIZE; + + b.input = "what do ya want for nothing?"; + b.output = "\x5b\xdc\xc1\x46\xbf\x60\x75\x4e\x6a\x04\x24\x26\x08\x95\x75" + "\xc7\x5a\x00\x3f\x08\x9d\x27\x39\x83\x9d\xec\x58\xb9\x64\xec" + "\x38\x43"; + b.inLen = strlen(b.input); + b.outLen = SHA256_DIGEST_SIZE; + + c.input = "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" + "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" + "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" + "\xDD\xDD\xDD\xDD\xDD\xDD"; + c.output = "\x77\x3e\xa9\x1e\x36\x80\x0e\x46\x85\x4d\xb8\xeb\xd0\x91\x81" + "\xa7\x29\x59\x09\x8b\x3e\xf8\xc1\x22\xd9\x63\x55\x14\xce\xd5" + "\x65\xfe"; + c.inLen = strlen(c.input); + c.outLen = SHA256_DIGEST_SIZE; + + test_hmac[0] = a; + test_hmac[1] = b; + test_hmac[2] = c; + + for (i = 0; i < times; ++i) { +#if defined(HAVE_FIPS) || defined(HAVE_CAVIUM) + if (i == 1) + continue; /* cavium can't handle short keys, fips not allowed */ +#endif +#ifdef HAVE_CAVIUM + if (HmacInitCavium(&hmac, CAVIUM_DEV_ID) != 0) + return -20011; +#endif + ret = HmacSetKey(&hmac, SHA256, (byte*)keys[i],(word32)strlen(keys[i])); + if (ret != 0) + return -4021; + ret = HmacUpdate(&hmac, (byte*)test_hmac[i].input, + (word32)test_hmac[i].inLen); + if (ret != 0) + return -4022; + ret = HmacFinal(&hmac, hash); + if (ret != 0) + return -4023; + + if (memcmp(hash, test_hmac[i].output, SHA256_DIGEST_SIZE) != 0) + return -20 - i; +#ifdef HAVE_CAVIUM + HmacFreeCavium(&hmac); +#endif + } + + return 0; +} +#endif + + +#if !defined(NO_HMAC) && defined(HAVE_BLAKE2) +int hmac_blake2b_test(void) +{ + Hmac hmac; + byte hash[BLAKE2B_256]; + + const char* keys[]= + { + "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b" + "\x0b\x0b\x0b", + "Jefe", + "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA" + "\xAA\xAA\xAA" + }; + + testVector a, b, c; + testVector test_hmac[3]; + + int ret; + int times = sizeof(test_hmac) / sizeof(testVector), i; + + a.input = "Hi There"; + a.output = "\x72\x93\x0d\xdd\xf5\xf7\xe1\x78\x38\x07\x44\x18\x0b\x3f\x51" + "\x37\x25\xb5\x82\xc2\x08\x83\x2f\x1c\x99\xfd\x03\xa0\x16\x75" + "\xac\xfd"; + a.inLen = strlen(a.input); + a.outLen = BLAKE2B_256; + + b.input = "what do ya want for nothing?"; + b.output = "\x3d\x20\x50\x71\x05\xc0\x8c\x0c\x38\x44\x1e\xf7\xf9\xd1\x67" + "\x21\xff\x64\xf5\x94\x00\xcf\xf9\x75\x41\xda\x88\x61\x9d\x7c" + "\xda\x2b"; + b.inLen = strlen(b.input); + b.outLen = BLAKE2B_256; + + c.input = "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" + "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" + "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" + "\xDD\xDD\xDD\xDD\xDD\xDD"; + c.output = "\xda\xfe\x2a\x24\xfc\xe7\xea\x36\x34\xbe\x41\x92\xc7\x11\xa7" + "\x00\xae\x53\x9c\x11\x9c\x80\x74\x55\x22\x25\x4a\xb9\x55\xd3" + "\x0f\x87"; + c.inLen = strlen(c.input); + c.outLen = BLAKE2B_256; + + test_hmac[0] = a; + test_hmac[1] = b; + test_hmac[2] = c; + + for (i = 0; i < times; ++i) { +#if defined(HAVE_FIPS) || defined(HAVE_CAVIUM) + if (i == 1) + continue; /* cavium can't handle short keys, fips not allowed */ +#endif +#ifdef HAVE_CAVIUM + if (HmacInitCavium(&hmac, CAVIUM_DEV_ID) != 0) + return -20011; +#endif + ret = HmacSetKey(&hmac, BLAKE2B_ID, (byte*)keys[i], + (word32)strlen(keys[i])); + if (ret != 0) + return -4024; + ret = HmacUpdate(&hmac, (byte*)test_hmac[i].input, + (word32)test_hmac[i].inLen); + if (ret != 0) + return -4025; + ret = HmacFinal(&hmac, hash); + if (ret != 0) + return -4026; + + if (memcmp(hash, test_hmac[i].output, BLAKE2B_256) != 0) + return -20 - i; +#ifdef HAVE_CAVIUM + HmacFreeCavium(&hmac); +#endif + } + + return 0; +} +#endif + + +#if !defined(NO_HMAC) && defined(CYASSL_SHA384) +int hmac_sha384_test(void) +{ + Hmac hmac; + byte hash[SHA384_DIGEST_SIZE]; + + const char* keys[]= + { + "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b" + "\x0b\x0b\x0b", + "Jefe", + "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA" + "\xAA\xAA\xAA" + }; + + testVector a, b, c; + testVector test_hmac[3]; + + int ret; + int times = sizeof(test_hmac) / sizeof(testVector), i; + + a.input = "Hi There"; + a.output = "\xaf\xd0\x39\x44\xd8\x48\x95\x62\x6b\x08\x25\xf4\xab\x46\x90" + "\x7f\x15\xf9\xda\xdb\xe4\x10\x1e\xc6\x82\xaa\x03\x4c\x7c\xeb" + "\xc5\x9c\xfa\xea\x9e\xa9\x07\x6e\xde\x7f\x4a\xf1\x52\xe8\xb2" + "\xfa\x9c\xb6"; + a.inLen = strlen(a.input); + a.outLen = SHA384_DIGEST_SIZE; + + b.input = "what do ya want for nothing?"; + b.output = "\xaf\x45\xd2\xe3\x76\x48\x40\x31\x61\x7f\x78\xd2\xb5\x8a\x6b" + "\x1b\x9c\x7e\xf4\x64\xf5\xa0\x1b\x47\xe4\x2e\xc3\x73\x63\x22" + "\x44\x5e\x8e\x22\x40\xca\x5e\x69\xe2\xc7\x8b\x32\x39\xec\xfa" + "\xb2\x16\x49"; + b.inLen = strlen(b.input); + b.outLen = SHA384_DIGEST_SIZE; + + c.input = "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" + "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" + "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" + "\xDD\xDD\xDD\xDD\xDD\xDD"; + c.output = "\x88\x06\x26\x08\xd3\xe6\xad\x8a\x0a\xa2\xac\xe0\x14\xc8\xa8" + "\x6f\x0a\xa6\x35\xd9\x47\xac\x9f\xeb\xe8\x3e\xf4\xe5\x59\x66" + "\x14\x4b\x2a\x5a\xb3\x9d\xc1\x38\x14\xb9\x4e\x3a\xb6\xe1\x01" + "\xa3\x4f\x27"; + c.inLen = strlen(c.input); + c.outLen = SHA384_DIGEST_SIZE; + + test_hmac[0] = a; + test_hmac[1] = b; + test_hmac[2] = c; + + for (i = 0; i < times; ++i) { +#if defined(HAVE_FIPS) + if (i == 1) + continue; /* fips not allowed */ +#endif + ret = HmacSetKey(&hmac, SHA384, (byte*)keys[i],(word32)strlen(keys[i])); + if (ret != 0) + return -4027; + ret = HmacUpdate(&hmac, (byte*)test_hmac[i].input, + (word32)test_hmac[i].inLen); + if (ret != 0) + return -4028; + ret = HmacFinal(&hmac, hash); + if (ret != 0) + return -4029; + + if (memcmp(hash, test_hmac[i].output, SHA384_DIGEST_SIZE) != 0) + return -20 - i; + } + + return 0; +} +#endif + + +#if !defined(NO_HMAC) && defined(CYASSL_SHA512) +int hmac_sha512_test(void) +{ + Hmac hmac; + byte hash[SHA512_DIGEST_SIZE]; + + const char* keys[]= + { + "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b" + "\x0b\x0b\x0b", + "Jefe", + "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA" + "\xAA\xAA\xAA" + }; + + testVector a, b, c; + testVector test_hmac[3]; + + int ret; + int times = sizeof(test_hmac) / sizeof(testVector), i; + + a.input = "Hi There"; + a.output = "\x87\xaa\x7c\xde\xa5\xef\x61\x9d\x4f\xf0\xb4\x24\x1a\x1d\x6c" + "\xb0\x23\x79\xf4\xe2\xce\x4e\xc2\x78\x7a\xd0\xb3\x05\x45\xe1" + "\x7c\xde\xda\xa8\x33\xb7\xd6\xb8\xa7\x02\x03\x8b\x27\x4e\xae" + "\xa3\xf4\xe4\xbe\x9d\x91\x4e\xeb\x61\xf1\x70\x2e\x69\x6c\x20" + "\x3a\x12\x68\x54"; + a.inLen = strlen(a.input); + a.outLen = SHA512_DIGEST_SIZE; + + b.input = "what do ya want for nothing?"; + b.output = "\x16\x4b\x7a\x7b\xfc\xf8\x19\xe2\xe3\x95\xfb\xe7\x3b\x56\xe0" + "\xa3\x87\xbd\x64\x22\x2e\x83\x1f\xd6\x10\x27\x0c\xd7\xea\x25" + "\x05\x54\x97\x58\xbf\x75\xc0\x5a\x99\x4a\x6d\x03\x4f\x65\xf8" + "\xf0\xe6\xfd\xca\xea\xb1\xa3\x4d\x4a\x6b\x4b\x63\x6e\x07\x0a" + "\x38\xbc\xe7\x37"; + b.inLen = strlen(b.input); + b.outLen = SHA512_DIGEST_SIZE; + + c.input = "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" + "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" + "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" + "\xDD\xDD\xDD\xDD\xDD\xDD"; + c.output = "\xfa\x73\xb0\x08\x9d\x56\xa2\x84\xef\xb0\xf0\x75\x6c\x89\x0b" + "\xe9\xb1\xb5\xdb\xdd\x8e\xe8\x1a\x36\x55\xf8\x3e\x33\xb2\x27" + "\x9d\x39\xbf\x3e\x84\x82\x79\xa7\x22\xc8\x06\xb4\x85\xa4\x7e" + "\x67\xc8\x07\xb9\x46\xa3\x37\xbe\xe8\x94\x26\x74\x27\x88\x59" + "\xe1\x32\x92\xfb"; + c.inLen = strlen(c.input); + c.outLen = SHA512_DIGEST_SIZE; + + test_hmac[0] = a; + test_hmac[1] = b; + test_hmac[2] = c; + + for (i = 0; i < times; ++i) { +#if defined(HAVE_FIPS) + if (i == 1) + continue; /* fips not allowed */ +#endif + ret = HmacSetKey(&hmac, SHA512, (byte*)keys[i],(word32)strlen(keys[i])); + if (ret != 0) + return -4030; + ret = HmacUpdate(&hmac, (byte*)test_hmac[i].input, + (word32)test_hmac[i].inLen); + if (ret != 0) + return -4031; + ret = HmacFinal(&hmac, hash); + if (ret != 0) + return -4032; + + if (memcmp(hash, test_hmac[i].output, SHA512_DIGEST_SIZE) != 0) + return -20 - i; + } + + return 0; +} +#endif + + +#ifndef NO_RC4 +int arc4_test(void) +{ + byte cipher[16]; + byte plain[16]; + + const char* keys[] = + { + "\x01\x23\x45\x67\x89\xab\xcd\xef", + "\x01\x23\x45\x67\x89\xab\xcd\xef", + "\x00\x00\x00\x00\x00\x00\x00\x00", + "\xef\x01\x23\x45" + }; + + testVector a, b, c, d; + testVector test_arc4[4]; + + int times = sizeof(test_arc4) / sizeof(testVector), i; + + a.input = "\x01\x23\x45\x67\x89\xab\xcd\xef"; + a.output = "\x75\xb7\x87\x80\x99\xe0\xc5\x96"; + a.inLen = 8; + a.outLen = 8; + + b.input = "\x00\x00\x00\x00\x00\x00\x00\x00"; + b.output = "\x74\x94\xc2\xe7\x10\x4b\x08\x79"; + b.inLen = 8; + b.outLen = 8; + + c.input = "\x00\x00\x00\x00\x00\x00\x00\x00"; + c.output = "\xde\x18\x89\x41\xa3\x37\x5d\x3a"; + c.inLen = 8; + c.outLen = 8; + + d.input = "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"; + d.output = "\xd6\xa1\x41\xa7\xec\x3c\x38\xdf\xbd\x61"; + d.inLen = 10; + d.outLen = 10; + + test_arc4[0] = a; + test_arc4[1] = b; + test_arc4[2] = c; + test_arc4[3] = d; + + for (i = 0; i < times; ++i) { + Arc4 enc; + Arc4 dec; + int keylen = 8; /* strlen with key 0x00 not good */ + if (i == 3) + keylen = 4; + +#ifdef HAVE_CAVIUM + if (Arc4InitCavium(&enc, CAVIUM_DEV_ID) != 0) + return -20001; + if (Arc4InitCavium(&dec, CAVIUM_DEV_ID) != 0) + return -20002; +#endif + + Arc4SetKey(&enc, (byte*)keys[i], keylen); + Arc4SetKey(&dec, (byte*)keys[i], keylen); + + Arc4Process(&enc, cipher, (byte*)test_arc4[i].input, + (word32)test_arc4[i].outLen); + Arc4Process(&dec, plain, cipher, (word32)test_arc4[i].outLen); + + if (memcmp(plain, test_arc4[i].input, test_arc4[i].outLen)) + return -20 - i; + + if (memcmp(cipher, test_arc4[i].output, test_arc4[i].outLen)) + return -20 - 5 - i; + +#ifdef HAVE_CAVIUM + Arc4FreeCavium(&enc); + Arc4FreeCavium(&dec); +#endif + } + + return 0; +} +#endif + + +int hc128_test(void) +{ +#ifdef HAVE_HC128 + byte cipher[16]; + byte plain[16]; + + const char* keys[] = + { + "\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + "\x00\x53\xA6\xF9\x4C\x9F\xF2\x45\x98\xEB\x3E\x91\xE4\x37\x8A\xDD", + "\x0F\x62\xB5\x08\x5B\xAE\x01\x54\xA7\xFA\x4D\xA0\xF3\x46\x99\xEC" + }; + + const char* ivs[] = + { + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + "\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + "\x0D\x74\xDB\x42\xA9\x10\x77\xDE\x45\xAC\x13\x7A\xE1\x48\xAF\x16", + "\x28\x8F\xF6\x5D\xC4\x2B\x92\xF9\x60\xC7\x2E\x95\xFC\x63\xCA\x31" + }; + + + testVector a, b, c, d; + testVector test_hc128[4]; + + int times = sizeof(test_hc128) / sizeof(testVector), i; + + a.input = "\x00\x00\x00\x00\x00\x00\x00\x00"; + a.output = "\x37\x86\x02\xB9\x8F\x32\xA7\x48"; + a.inLen = 8; + a.outLen = 8; + + b.input = "\x00\x00\x00\x00\x00\x00\x00\x00"; + b.output = "\x33\x7F\x86\x11\xC6\xED\x61\x5F"; + b.inLen = 8; + b.outLen = 8; + + c.input = "\x00\x00\x00\x00\x00\x00\x00\x00"; + c.output = "\x2E\x1E\xD1\x2A\x85\x51\xC0\x5A"; + c.inLen = 8; + c.outLen = 8; + + d.input = "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"; + d.output = "\x1C\xD8\xAE\xDD\xFE\x52\xE2\x17\xE8\x35\xD0\xB7\xE8\x4E\x29"; + d.inLen = 15; + d.outLen = 15; + + test_hc128[0] = a; + test_hc128[1] = b; + test_hc128[2] = c; + test_hc128[3] = d; + + for (i = 0; i < times; ++i) { + HC128 enc; + HC128 dec; + + /* align keys/ivs in plain/cipher buffers */ + memcpy(plain, keys[i], 16); + memcpy(cipher, ivs[i], 16); + + Hc128_SetKey(&enc, plain, cipher); + Hc128_SetKey(&dec, plain, cipher); + + /* align input */ + memcpy(plain, test_hc128[i].input, test_hc128[i].outLen); + Hc128_Process(&enc, cipher, plain, (word32)test_hc128[i].outLen); + Hc128_Process(&dec, plain, cipher, (word32)test_hc128[i].outLen); + + if (memcmp(plain, test_hc128[i].input, test_hc128[i].outLen)) + return -120 - i; + + if (memcmp(cipher, test_hc128[i].output, test_hc128[i].outLen)) + return -120 - 5 - i; + } + +#endif /* HAVE_HC128 */ + return 0; +} + + +#ifndef NO_RABBIT +int rabbit_test(void) +{ + byte cipher[16]; + byte plain[16]; + + const char* keys[] = + { + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + "\xAC\xC3\x51\xDC\xF1\x62\xFC\x3B\xFE\x36\x3D\x2E\x29\x13\x28\x91" + }; + + const char* ivs[] = + { + "\x00\x00\x00\x00\x00\x00\x00\x00", + "\x59\x7E\x26\xC1\x75\xF5\x73\xC3", + 0 + }; + + testVector a, b, c; + testVector test_rabbit[3]; + + int times = sizeof(test_rabbit) / sizeof(testVector), i; + + a.input = "\x00\x00\x00\x00\x00\x00\x00\x00"; + a.output = "\xED\xB7\x05\x67\x37\x5D\xCD\x7C"; + a.inLen = 8; + a.outLen = 8; + + b.input = "\x00\x00\x00\x00\x00\x00\x00\x00"; + b.output = "\x6D\x7D\x01\x22\x92\xCC\xDC\xE0"; + b.inLen = 8; + b.outLen = 8; + + c.input = "\x00\x00\x00\x00\x00\x00\x00\x00"; + c.output = "\x04\xCE\xCA\x7A\x1A\x86\x6E\x77"; + c.inLen = 8; + c.outLen = 8; + + test_rabbit[0] = a; + test_rabbit[1] = b; + test_rabbit[2] = c; + + for (i = 0; i < times; ++i) { + Rabbit enc; + Rabbit dec; + byte* iv; + + /* align keys/ivs in plain/cipher buffers */ + memcpy(plain, keys[i], 16); + if (ivs[i]) { + memcpy(cipher, ivs[i], 8); + iv = cipher; + } else + iv = NULL; + RabbitSetKey(&enc, plain, iv); + RabbitSetKey(&dec, plain, iv); + + /* align input */ + memcpy(plain, test_rabbit[i].input, test_rabbit[i].outLen); + RabbitProcess(&enc, cipher, plain, (word32)test_rabbit[i].outLen); + RabbitProcess(&dec, plain, cipher, (word32)test_rabbit[i].outLen); + + if (memcmp(plain, test_rabbit[i].input, test_rabbit[i].outLen)) + return -130 - i; + + if (memcmp(cipher, test_rabbit[i].output, test_rabbit[i].outLen)) + return -130 - 5 - i; + } + + return 0; +} +#endif /* NO_RABBIT */ + + +#ifndef NO_DES3 +int des_test(void) +{ + const byte vector[] = { /* "now is the time for all " w/o trailing 0 */ + 0x6e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74, + 0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20, + 0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20 + }; + + byte plain[24]; + byte cipher[24]; + + Des enc; + Des dec; + + const byte key[] = + { + 0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef + }; + + const byte iv[] = + { + 0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef + }; + + const byte verify[] = + { + 0x8b,0x7c,0x52,0xb0,0x01,0x2b,0x6c,0xb8, + 0x4f,0x0f,0xeb,0xf3,0xfb,0x5f,0x86,0x73, + 0x15,0x85,0xb3,0x22,0x4b,0x86,0x2b,0x4b + }; + + int ret; + + ret = Des_SetKey(&enc, key, iv, DES_ENCRYPTION); + if (ret != 0) + return -31; + + Des_CbcEncrypt(&enc, cipher, vector, sizeof(vector)); + ret = Des_SetKey(&dec, key, iv, DES_DECRYPTION); + if (ret != 0) + return -32; + Des_CbcDecrypt(&dec, plain, cipher, sizeof(cipher)); + + if (memcmp(plain, vector, sizeof(plain))) + return -33; + + if (memcmp(cipher, verify, sizeof(cipher))) + return -34; + + return 0; +} +#endif /* NO_DES3 */ + + +#ifndef NO_DES3 +int des3_test(void) +{ + const byte vector[] = { /* "Now is the time for all " w/o trailing 0 */ + 0x4e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74, + 0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20, + 0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20 + }; + + byte plain[24]; + byte cipher[24]; + + Des3 enc; + Des3 dec; + + const byte key3[] = + { + 0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef, + 0xfe,0xde,0xba,0x98,0x76,0x54,0x32,0x10, + 0x89,0xab,0xcd,0xef,0x01,0x23,0x45,0x67 + }; + const byte iv3[] = + { + 0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef, + 0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01, + 0x11,0x21,0x31,0x41,0x51,0x61,0x71,0x81 + + }; + + const byte verify3[] = + { + 0x43,0xa0,0x29,0x7e,0xd1,0x84,0xf8,0x0e, + 0x89,0x64,0x84,0x32,0x12,0xd5,0x08,0x98, + 0x18,0x94,0x15,0x74,0x87,0x12,0x7d,0xb0 + }; + + int ret; + + +#ifdef HAVE_CAVIUM + if (Des3_InitCavium(&enc, CAVIUM_DEV_ID) != 0) + return -20005; + if (Des3_InitCavium(&dec, CAVIUM_DEV_ID) != 0) + return -20006; +#endif + ret = Des3_SetKey(&enc, key3, iv3, DES_ENCRYPTION); + if (ret != 0) + return -31; + ret = Des3_SetKey(&dec, key3, iv3, DES_DECRYPTION); + if (ret != 0) + return -32; + ret = Des3_CbcEncrypt(&enc, cipher, vector, sizeof(vector)); + if (ret != 0) + return -33; + ret = Des3_CbcDecrypt(&dec, plain, cipher, sizeof(cipher)); + if (ret != 0) + return -34; + + if (memcmp(plain, vector, sizeof(plain))) + return -35; + + if (memcmp(cipher, verify3, sizeof(cipher))) + return -36; + +#ifdef HAVE_CAVIUM + Des3_FreeCavium(&enc); + Des3_FreeCavium(&dec); +#endif + return 0; +} +#endif /* NO_DES */ + + +#ifndef NO_AES +int aes_test(void) +{ + Aes enc; + Aes dec; + + const byte msg[] = { /* "Now is the time for all " w/o trailing 0 */ + 0x6e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74, + 0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20, + 0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20 + }; + + const byte verify[] = + { + 0x95,0x94,0x92,0x57,0x5f,0x42,0x81,0x53, + 0x2c,0xcc,0x9d,0x46,0x77,0xa2,0x33,0xcb + }; + + byte key[] = "0123456789abcdef "; /* align */ + byte iv[] = "1234567890abcdef "; /* align */ + + byte cipher[AES_BLOCK_SIZE * 4]; + byte plain [AES_BLOCK_SIZE * 4]; + int ret; + +#ifdef HAVE_CAVIUM + if (AesInitCavium(&enc, CAVIUM_DEV_ID) != 0) + return -20003; + if (AesInitCavium(&dec, CAVIUM_DEV_ID) != 0) + return -20004; +#endif + ret = AesSetKey(&enc, key, AES_BLOCK_SIZE, iv, AES_ENCRYPTION); + if (ret != 0) + return -1001; + ret = AesSetKey(&dec, key, AES_BLOCK_SIZE, iv, AES_DECRYPTION); + if (ret != 0) + return -1002; + + ret = AesCbcEncrypt(&enc, cipher, msg, AES_BLOCK_SIZE); + if (ret != 0) + return -1005; + ret = AesCbcDecrypt(&dec, plain, cipher, AES_BLOCK_SIZE); + if (ret != 0) + return -1006; + + if (memcmp(plain, msg, AES_BLOCK_SIZE)) + return -60; + + if (memcmp(cipher, verify, AES_BLOCK_SIZE)) + return -61; + +#ifdef HAVE_CAVIUM + AesFreeCavium(&enc); + AesFreeCavium(&dec); +#endif +#ifdef CYASSL_AES_COUNTER + { + const byte ctrKey[] = + { + 0x2b,0x7e,0x15,0x16,0x28,0xae,0xd2,0xa6, + 0xab,0xf7,0x15,0x88,0x09,0xcf,0x4f,0x3c + }; + + const byte ctrIv[] = + { + 0xf0,0xf1,0xf2,0xf3,0xf4,0xf5,0xf6,0xf7, + 0xf8,0xf9,0xfa,0xfb,0xfc,0xfd,0xfe,0xff + }; + + + const byte ctrPlain[] = + { + 0x6b,0xc1,0xbe,0xe2,0x2e,0x40,0x9f,0x96, + 0xe9,0x3d,0x7e,0x11,0x73,0x93,0x17,0x2a, + 0xae,0x2d,0x8a,0x57,0x1e,0x03,0xac,0x9c, + 0x9e,0xb7,0x6f,0xac,0x45,0xaf,0x8e,0x51, + 0x30,0xc8,0x1c,0x46,0xa3,0x5c,0xe4,0x11, + 0xe5,0xfb,0xc1,0x19,0x1a,0x0a,0x52,0xef, + 0xf6,0x9f,0x24,0x45,0xdf,0x4f,0x9b,0x17, + 0xad,0x2b,0x41,0x7b,0xe6,0x6c,0x37,0x10 + }; + + const byte ctrCipher[] = + { + 0x87,0x4d,0x61,0x91,0xb6,0x20,0xe3,0x26, + 0x1b,0xef,0x68,0x64,0x99,0x0d,0xb6,0xce, + 0x98,0x06,0xf6,0x6b,0x79,0x70,0xfd,0xff, + 0x86,0x17,0x18,0x7b,0xb9,0xff,0xfd,0xff, + 0x5a,0xe4,0xdf,0x3e,0xdb,0xd5,0xd3,0x5e, + 0x5b,0x4f,0x09,0x02,0x0d,0xb0,0x3e,0xab, + 0x1e,0x03,0x1d,0xda,0x2f,0xbe,0x03,0xd1, + 0x79,0x21,0x70,0xa0,0xf3,0x00,0x9c,0xee + }; + + const byte oddCipher[] = + { + 0xb9,0xd7,0xcb,0x08,0xb0,0xe1,0x7b,0xa0, + 0xc2 + }; + + AesSetKeyDirect(&enc, ctrKey, AES_BLOCK_SIZE, ctrIv, AES_ENCRYPTION); + /* Ctr only uses encrypt, even on key setup */ + AesSetKeyDirect(&dec, ctrKey, AES_BLOCK_SIZE, ctrIv, AES_ENCRYPTION); + + AesCtrEncrypt(&enc, cipher, ctrPlain, AES_BLOCK_SIZE*4); + AesCtrEncrypt(&dec, plain, cipher, AES_BLOCK_SIZE*4); + + if (memcmp(plain, ctrPlain, AES_BLOCK_SIZE*4)) + return -66; + + if (memcmp(cipher, ctrCipher, AES_BLOCK_SIZE*4)) + return -67; + + /* let's try with just 9 bytes, non block size test */ + AesSetKeyDirect(&enc, ctrKey, AES_BLOCK_SIZE, ctrIv, AES_ENCRYPTION); + /* Ctr only uses encrypt, even on key setup */ + AesSetKeyDirect(&dec, ctrKey, AES_BLOCK_SIZE, ctrIv, AES_ENCRYPTION); + + AesCtrEncrypt(&enc, cipher, ctrPlain, 9); + AesCtrEncrypt(&dec, plain, cipher, 9); + + if (memcmp(plain, ctrPlain, 9)) + return -68; + + if (memcmp(cipher, ctrCipher, 9)) + return -69; + + /* and an additional 9 bytes to reuse tmp left buffer */ + AesCtrEncrypt(&enc, cipher, ctrPlain, 9); + AesCtrEncrypt(&dec, plain, cipher, 9); + + if (memcmp(plain, ctrPlain, 9)) + return -70; + + if (memcmp(cipher, oddCipher, 9)) + return -71; + } +#endif /* CYASSL_AES_COUNTER */ + +#if defined(CYASSL_AESNI) && defined(CYASSL_AES_DIRECT) + { + const byte niPlain[] = + { + 0x6b,0xc1,0xbe,0xe2,0x2e,0x40,0x9f,0x96, + 0xe9,0x3d,0x7e,0x11,0x73,0x93,0x17,0x2a + }; + + const byte niCipher[] = + { + 0xf3,0xee,0xd1,0xbd,0xb5,0xd2,0xa0,0x3c, + 0x06,0x4b,0x5a,0x7e,0x3d,0xb1,0x81,0xf8 + }; + + const byte niKey[] = + { + 0x60,0x3d,0xeb,0x10,0x15,0xca,0x71,0xbe, + 0x2b,0x73,0xae,0xf0,0x85,0x7d,0x77,0x81, + 0x1f,0x35,0x2c,0x07,0x3b,0x61,0x08,0xd7, + 0x2d,0x98,0x10,0xa3,0x09,0x14,0xdf,0xf4 + }; + + XMEMSET(cipher, 0, AES_BLOCK_SIZE); + ret = AesSetKey(&enc, niKey, sizeof(niKey), cipher, AES_ENCRYPTION); + if (ret != 0) + return -1003; + AesEncryptDirect(&enc, cipher, niPlain); + if (XMEMCMP(cipher, niCipher, AES_BLOCK_SIZE) != 0) + return -20006; + + XMEMSET(plain, 0, AES_BLOCK_SIZE); + ret = AesSetKey(&dec, niKey, sizeof(niKey), plain, AES_DECRYPTION); + if (ret != 0) + return -1004; + AesDecryptDirect(&dec, plain, niCipher); + if (XMEMCMP(plain, niPlain, AES_BLOCK_SIZE) != 0) + return -20007; + } +#endif /* CYASSL_AESNI && CYASSL_AES_DIRECT */ + + return 0; +} + +#ifdef HAVE_AESGCM +int aesgcm_test(void) +{ + Aes enc; + + /* + * This is Test Case 16 from the document Galois/ + * Counter Mode of Operation (GCM) by McGrew and + * Viega. + */ + const byte k[] = + { + 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c, + 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08, + 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c, + 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08 + }; + + const byte iv[] = + { + 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad, + 0xde, 0xca, 0xf8, 0x88 + }; + + const byte p[] = + { + 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5, + 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a, + 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda, + 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72, + 0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53, + 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25, + 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57, + 0xba, 0x63, 0x7b, 0x39 + }; + + const byte a[] = + { + 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef, + 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef, + 0xab, 0xad, 0xda, 0xd2 + }; + + const byte c[] = + { + 0x52, 0x2d, 0xc1, 0xf0, 0x99, 0x56, 0x7d, 0x07, + 0xf4, 0x7f, 0x37, 0xa3, 0x2a, 0x84, 0x42, 0x7d, + 0x64, 0x3a, 0x8c, 0xdc, 0xbf, 0xe5, 0xc0, 0xc9, + 0x75, 0x98, 0xa2, 0xbd, 0x25, 0x55, 0xd1, 0xaa, + 0x8c, 0xb0, 0x8e, 0x48, 0x59, 0x0d, 0xbb, 0x3d, + 0xa7, 0xb0, 0x8b, 0x10, 0x56, 0x82, 0x88, 0x38, + 0xc5, 0xf6, 0x1e, 0x63, 0x93, 0xba, 0x7a, 0x0a, + 0xbc, 0xc9, 0xf6, 0x62 + }; + + const byte t[] = + { + 0x76, 0xfc, 0x6e, 0xce, 0x0f, 0x4e, 0x17, 0x68, + 0xcd, 0xdf, 0x88, 0x53, 0xbb, 0x2d, 0x55, 0x1b + }; + + byte t2[sizeof(t)]; + byte p2[sizeof(c)]; + byte c2[sizeof(p)]; + + int result; + + memset(t2, 0, sizeof(t2)); + memset(c2, 0, sizeof(c2)); + memset(p2, 0, sizeof(p2)); + + AesGcmSetKey(&enc, k, sizeof(k)); + /* AES-GCM encrypt and decrypt both use AES encrypt internally */ + AesGcmEncrypt(&enc, c2, p, sizeof(c2), iv, sizeof(iv), + t2, sizeof(t2), a, sizeof(a)); + if (memcmp(c, c2, sizeof(c2))) + return -68; + if (memcmp(t, t2, sizeof(t2))) + return -69; + + result = AesGcmDecrypt(&enc, p2, c2, sizeof(p2), iv, sizeof(iv), + t2, sizeof(t2), a, sizeof(a)); + if (result != 0) + return -70; + if (memcmp(p, p2, sizeof(p2))) + return -71; + + return 0; +} + +int gmac_test(void) +{ + Gmac gmac; + + const byte k1[] = + { + 0x89, 0xc9, 0x49, 0xe9, 0xc8, 0x04, 0xaf, 0x01, + 0x4d, 0x56, 0x04, 0xb3, 0x94, 0x59, 0xf2, 0xc8 + }; + const byte iv1[] = + { + 0xd1, 0xb1, 0x04, 0xc8, 0x15, 0xbf, 0x1e, 0x94, + 0xe2, 0x8c, 0x8f, 0x16 + }; + const byte a1[] = + { + 0x82, 0xad, 0xcd, 0x63, 0x8d, 0x3f, 0xa9, 0xd9, + 0xf3, 0xe8, 0x41, 0x00, 0xd6, 0x1e, 0x07, 0x77 + }; + const byte t1[] = + { + 0x88, 0xdb, 0x9d, 0x62, 0x17, 0x2e, 0xd0, 0x43, + 0xaa, 0x10, 0xf1, 0x6d, 0x22, 0x7d, 0xc4, 0x1b + }; + + const byte k2[] = + { + 0x40, 0xf7, 0xec, 0xb2, 0x52, 0x6d, 0xaa, 0xd4, + 0x74, 0x25, 0x1d, 0xf4, 0x88, 0x9e, 0xf6, 0x5b + }; + const byte iv2[] = + { + 0xee, 0x9c, 0x6e, 0x06, 0x15, 0x45, 0x45, 0x03, + 0x1a, 0x60, 0x24, 0xa7 + }; + const byte a2[] = + { + 0x94, 0x81, 0x2c, 0x87, 0x07, 0x4e, 0x15, 0x18, + 0x34, 0xb8, 0x35, 0xaf, 0x1c, 0xa5, 0x7e, 0x56 + }; + const byte t2[] = + { + 0xc6, 0x81, 0x79, 0x8e, 0x3d, 0xda, 0xb0, 0x9f, + 0x8d, 0x83, 0xb0, 0xbb, 0x14, 0xb6, 0x91 + }; + + const byte k3[] = + { + 0xb8, 0xe4, 0x9a, 0x5e, 0x37, 0xf9, 0x98, 0x2b, + 0xb9, 0x6d, 0xd0, 0xc9, 0xb6, 0xab, 0x26, 0xac + }; + const byte iv3[] = + { + 0xe4, 0x4a, 0x42, 0x18, 0x8c, 0xae, 0x94, 0x92, + 0x6a, 0x9c, 0x26, 0xb0 + }; + const byte a3[] = + { + 0x9d, 0xb9, 0x61, 0x68, 0xa6, 0x76, 0x7a, 0x31, + 0xf8, 0x29, 0xe4, 0x72, 0x61, 0x68, 0x3f, 0x8a + }; + const byte t3[] = + { + 0x23, 0xe2, 0x9f, 0x66, 0xe4, 0xc6, 0x52, 0x48 + }; + + byte tag[16]; + + memset(tag, 0, sizeof(tag)); + GmacSetKey(&gmac, k1, sizeof(k1)); + GmacUpdate(&gmac, iv1, sizeof(iv1), a1, sizeof(a1), tag, sizeof(t1)); + if (memcmp(t1, tag, sizeof(t1)) != 0) + return -126; + + memset(tag, 0, sizeof(tag)); + GmacSetKey(&gmac, k2, sizeof(k2)); + GmacUpdate(&gmac, iv2, sizeof(iv2), a2, sizeof(a2), tag, sizeof(t2)); + if (memcmp(t2, tag, sizeof(t2)) != 0) + return -127; + + memset(tag, 0, sizeof(tag)); + GmacSetKey(&gmac, k3, sizeof(k3)); + GmacUpdate(&gmac, iv3, sizeof(iv3), a3, sizeof(a3), tag, sizeof(t3)); + if (memcmp(t3, tag, sizeof(t3)) != 0) + return -128; + + return 0; +} +#endif /* HAVE_AESGCM */ + +#ifdef HAVE_AESCCM +int aesccm_test(void) +{ + Aes enc; + + /* key */ + const byte k[] = + { + 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7, + 0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf + }; + + /* nonce */ + const byte iv[] = + { + 0x00, 0x00, 0x00, 0x03, 0x02, 0x01, 0x00, 0xa0, + 0xa1, 0xa2, 0xa3, 0xa4, 0xa5 + }; + + /* plaintext */ + const byte p[] = + { + 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, + 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, + 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e + }; + + const byte a[] = + { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07 + }; + + const byte c[] = + { + 0x58, 0x8c, 0x97, 0x9a, 0x61, 0xc6, 0x63, 0xd2, + 0xf0, 0x66, 0xd0, 0xc2, 0xc0, 0xf9, 0x89, 0x80, + 0x6d, 0x5f, 0x6b, 0x61, 0xda, 0xc3, 0x84 + }; + + const byte t[] = + { + 0x17, 0xe8, 0xd1, 0x2c, 0xfd, 0xf9, 0x26, 0xe0 + }; + + byte t2[sizeof(t)]; + byte p2[sizeof(p)]; + byte c2[sizeof(c)]; + + int result; + + memset(t2, 0, sizeof(t2)); + memset(c2, 0, sizeof(c2)); + memset(p2, 0, sizeof(p2)); + + AesCcmSetKey(&enc, k, sizeof(k)); + /* AES-CCM encrypt and decrypt both use AES encrypt internally */ + AesCcmEncrypt(&enc, c2, p, sizeof(c2), iv, sizeof(iv), + t2, sizeof(t2), a, sizeof(a)); + if (memcmp(c, c2, sizeof(c2))) + return -107; + if (memcmp(t, t2, sizeof(t2))) + return -108; + + result = AesCcmDecrypt(&enc, p2, c2, sizeof(p2), iv, sizeof(iv), + t2, sizeof(t2), a, sizeof(a)); + if (result != 0) + return -109; + if (memcmp(p, p2, sizeof(p2))) + return -110; + + /* Test the authentication failure */ + t2[0]++; /* Corrupt the authentication tag. */ + result = AesCcmDecrypt(&enc, p2, c, sizeof(p2), iv, sizeof(iv), + t2, sizeof(t2), a, sizeof(a)); + if (result == 0) + return -111; + + /* Clear c2 to compare against p2. p2 should be set to zero in case of + * authentication fail. */ + memset(c2, 0, sizeof(c2)); + if (memcmp(p2, c2, sizeof(p2))) + return -112; + + return 0; +} +#endif /* HAVE_AESCCM */ + + +#endif /* NO_AES */ + + +#ifdef HAVE_CAMELLIA + +enum { + CAM_ECB_ENC, CAM_ECB_DEC, CAM_CBC_ENC, CAM_CBC_DEC +}; + +typedef struct { + int type; + const byte* plaintext; + const byte* iv; + const byte* ciphertext; + const byte* key; + word32 keySz; + int errorCode; +} test_vector_t; + +int camellia_test(void) +{ + /* Camellia ECB Test Plaintext */ + static const byte pte[] = + { + 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef, + 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10 + }; + + /* Camellia ECB Test Initialization Vector */ + static const byte ive[] = {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0}; + + /* Test 1: Camellia ECB 128-bit key */ + static const byte k1[] = + { + 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef, + 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10 + }; + static const byte c1[] = + { + 0x67, 0x67, 0x31, 0x38, 0x54, 0x96, 0x69, 0x73, + 0x08, 0x57, 0x06, 0x56, 0x48, 0xea, 0xbe, 0x43 + }; + + /* Test 2: Camellia ECB 192-bit key */ + static const byte k2[] = + { + 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef, + 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10, + 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77 + }; + static const byte c2[] = + { + 0xb4, 0x99, 0x34, 0x01, 0xb3, 0xe9, 0x96, 0xf8, + 0x4e, 0xe5, 0xce, 0xe7, 0xd7, 0x9b, 0x09, 0xb9 + }; + + /* Test 3: Camellia ECB 256-bit key */ + static const byte k3[] = + { + 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef, + 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10, + 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, + 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff + }; + static const byte c3[] = + { + 0x9a, 0xcc, 0x23, 0x7d, 0xff, 0x16, 0xd7, 0x6c, + 0x20, 0xef, 0x7c, 0x91, 0x9e, 0x3a, 0x75, 0x09 + }; + + /* Camellia CBC Test Plaintext */ + static const byte ptc[] = + { + 0x6B, 0xC1, 0xBE, 0xE2, 0x2E, 0x40, 0x9F, 0x96, + 0xE9, 0x3D, 0x7E, 0x11, 0x73, 0x93, 0x17, 0x2A + }; + + /* Camellia CBC Test Initialization Vector */ + static const byte ivc[] = + { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F + }; + + /* Test 4: Camellia-CBC 128-bit key */ + static const byte k4[] = + { + 0x2B, 0x7E, 0x15, 0x16, 0x28, 0xAE, 0xD2, 0xA6, + 0xAB, 0xF7, 0x15, 0x88, 0x09, 0xCF, 0x4F, 0x3C + }; + static const byte c4[] = + { + 0x16, 0x07, 0xCF, 0x49, 0x4B, 0x36, 0xBB, 0xF0, + 0x0D, 0xAE, 0xB0, 0xB5, 0x03, 0xC8, 0x31, 0xAB + }; + + /* Test 5: Camellia-CBC 192-bit key */ + static const byte k5[] = + { + 0x8E, 0x73, 0xB0, 0xF7, 0xDA, 0x0E, 0x64, 0x52, + 0xC8, 0x10, 0xF3, 0x2B, 0x80, 0x90, 0x79, 0xE5, + 0x62, 0xF8, 0xEA, 0xD2, 0x52, 0x2C, 0x6B, 0x7B + }; + static const byte c5[] = + { + 0x2A, 0x48, 0x30, 0xAB, 0x5A, 0xC4, 0xA1, 0xA2, + 0x40, 0x59, 0x55, 0xFD, 0x21, 0x95, 0xCF, 0x93 + }; + + /* Test 6: CBC 256-bit key */ + static const byte k6[] = + { + 0x60, 0x3D, 0xEB, 0x10, 0x15, 0xCA, 0x71, 0xBE, + 0x2B, 0x73, 0xAE, 0xF0, 0x85, 0x7D, 0x77, 0x81, + 0x1F, 0x35, 0x2C, 0x07, 0x3B, 0x61, 0x08, 0xD7, + 0x2D, 0x98, 0x10, 0xA3, 0x09, 0x14, 0xDF, 0xF4 + }; + static const byte c6[] = + { + 0xE6, 0xCF, 0xA3, 0x5F, 0xC0, 0x2B, 0x13, 0x4A, + 0x4D, 0x2C, 0x0B, 0x67, 0x37, 0xAC, 0x3E, 0xDA + }; + + byte out[CAMELLIA_BLOCK_SIZE]; + Camellia cam; + int i, testsSz; + const test_vector_t testVectors[] = + { + {CAM_ECB_ENC, pte, ive, c1, k1, sizeof(k1), -114}, + {CAM_ECB_ENC, pte, ive, c2, k2, sizeof(k2), -115}, + {CAM_ECB_ENC, pte, ive, c3, k3, sizeof(k3), -116}, + {CAM_ECB_DEC, pte, ive, c1, k1, sizeof(k1), -117}, + {CAM_ECB_DEC, pte, ive, c2, k2, sizeof(k2), -118}, + {CAM_ECB_DEC, pte, ive, c3, k3, sizeof(k3), -119}, + {CAM_CBC_ENC, ptc, ivc, c4, k4, sizeof(k4), -120}, + {CAM_CBC_ENC, ptc, ivc, c5, k5, sizeof(k5), -121}, + {CAM_CBC_ENC, ptc, ivc, c6, k6, sizeof(k6), -122}, + {CAM_CBC_DEC, ptc, ivc, c4, k4, sizeof(k4), -123}, + {CAM_CBC_DEC, ptc, ivc, c5, k5, sizeof(k5), -124}, + {CAM_CBC_DEC, ptc, ivc, c6, k6, sizeof(k6), -125} + }; + + testsSz = sizeof(testVectors)/sizeof(test_vector_t); + for (i = 0; i < testsSz; i++) { + if (CamelliaSetKey(&cam, testVectors[i].key, testVectors[i].keySz, + testVectors[i].iv) != 0) + return testVectors[i].errorCode; + + switch (testVectors[i].type) { + case CAM_ECB_ENC: + CamelliaEncryptDirect(&cam, out, testVectors[i].plaintext); + if (memcmp(out, testVectors[i].ciphertext, CAMELLIA_BLOCK_SIZE)) + return testVectors[i].errorCode; + break; + case CAM_ECB_DEC: + CamelliaDecryptDirect(&cam, out, testVectors[i].ciphertext); + if (memcmp(out, testVectors[i].plaintext, CAMELLIA_BLOCK_SIZE)) + return testVectors[i].errorCode; + break; + case CAM_CBC_ENC: + CamelliaCbcEncrypt(&cam, out, testVectors[i].plaintext, + CAMELLIA_BLOCK_SIZE); + if (memcmp(out, testVectors[i].ciphertext, CAMELLIA_BLOCK_SIZE)) + return testVectors[i].errorCode; + break; + case CAM_CBC_DEC: + CamelliaCbcDecrypt(&cam, out, testVectors[i].ciphertext, + CAMELLIA_BLOCK_SIZE); + if (memcmp(out, testVectors[i].plaintext, CAMELLIA_BLOCK_SIZE)) + return testVectors[i].errorCode; + break; + default: + break; + } + } + + /* Setting the IV and checking it was actually set. */ + CamelliaSetIV(&cam, ivc); + if (XMEMCMP(cam.reg, ivc, CAMELLIA_BLOCK_SIZE)) + return -1; + + /* Setting the IV to NULL should be same as all zeros IV */ + if (CamelliaSetIV(&cam, NULL) != 0 || + XMEMCMP(cam.reg, ive, CAMELLIA_BLOCK_SIZE)) + return -1; + + /* First parameter should never be null */ + if (CamelliaSetIV(NULL, NULL) == 0) + return -1; + + /* First parameter should never be null, check it fails */ + if (CamelliaSetKey(NULL, k1, sizeof(k1), NULL) == 0) + return -1; + + /* Key should have a size of 16, 24, or 32 */ + if (CamelliaSetKey(&cam, k1, 0, NULL) == 0) + return -1; + + return 0; +} +#endif /* HAVE_CAMELLIA */ + + +#if defined(HAVE_HASHDRBG) || defined(NO_RC4) + +int random_test(void) +{ + const byte test1Entropy[] = + { + 0xa6, 0x5a, 0xd0, 0xf3, 0x45, 0xdb, 0x4e, 0x0e, 0xff, 0xe8, 0x75, 0xc3, + 0xa2, 0xe7, 0x1f, 0x42, 0xc7, 0x12, 0x9d, 0x62, 0x0f, 0xf5, 0xc1, 0x19, + 0xa9, 0xef, 0x55, 0xf0, 0x51, 0x85, 0xe0, 0xfb, 0x85, 0x81, 0xf9, 0x31, + 0x75, 0x17, 0x27, 0x6e, 0x06, 0xe9, 0x60, 0x7d, 0xdb, 0xcb, 0xcc, 0x2e + }; + const byte test1Output[] = + { + 0xd3, 0xe1, 0x60, 0xc3, 0x5b, 0x99, 0xf3, 0x40, 0xb2, 0x62, 0x82, 0x64, + 0xd1, 0x75, 0x10, 0x60, 0xe0, 0x04, 0x5d, 0xa3, 0x83, 0xff, 0x57, 0xa5, + 0x7d, 0x73, 0xa6, 0x73, 0xd2, 0xb8, 0xd8, 0x0d, 0xaa, 0xf6, 0xa6, 0xc3, + 0x5a, 0x91, 0xbb, 0x45, 0x79, 0xd7, 0x3f, 0xd0, 0xc8, 0xfe, 0xd1, 0x11, + 0xb0, 0x39, 0x13, 0x06, 0x82, 0x8a, 0xdf, 0xed, 0x52, 0x8f, 0x01, 0x81, + 0x21, 0xb3, 0xfe, 0xbd, 0xc3, 0x43, 0xe7, 0x97, 0xb8, 0x7d, 0xbb, 0x63, + 0xdb, 0x13, 0x33, 0xde, 0xd9, 0xd1, 0xec, 0xe1, 0x77, 0xcf, 0xa6, 0xb7, + 0x1f, 0xe8, 0xab, 0x1d, 0xa4, 0x66, 0x24, 0xed, 0x64, 0x15, 0xe5, 0x1c, + 0xcd, 0xe2, 0xc7, 0xca, 0x86, 0xe2, 0x83, 0x99, 0x0e, 0xea, 0xeb, 0x91, + 0x12, 0x04, 0x15, 0x52, 0x8b, 0x22, 0x95, 0x91, 0x02, 0x81, 0xb0, 0x2d, + 0xd4, 0x31, 0xf4, 0xc9, 0xf7, 0x04, 0x27, 0xdf + }; + const byte test2EntropyA[] = + { + 0x63, 0x36, 0x33, 0x77, 0xe4, 0x1e, 0x86, 0x46, 0x8d, 0xeb, 0x0a, 0xb4, + 0xa8, 0xed, 0x68, 0x3f, 0x6a, 0x13, 0x4e, 0x47, 0xe0, 0x14, 0xc7, 0x00, + 0x45, 0x4e, 0x81, 0xe9, 0x53, 0x58, 0xa5, 0x69, 0x80, 0x8a, 0xa3, 0x8f, + 0x2a, 0x72, 0xa6, 0x23, 0x59, 0x91, 0x5a, 0x9f, 0x8a, 0x04, 0xca, 0x68 + }; + const byte test2EntropyB[] = + { + 0xe6, 0x2b, 0x8a, 0x8e, 0xe8, 0xf1, 0x41, 0xb6, 0x98, 0x05, 0x66, 0xe3, + 0xbf, 0xe3, 0xc0, 0x49, 0x03, 0xda, 0xd4, 0xac, 0x2c, 0xdf, 0x9f, 0x22, + 0x80, 0x01, 0x0a, 0x67, 0x39, 0xbc, 0x83, 0xd3 + }; + const byte test2Output[] = + { + 0x04, 0xee, 0xc6, 0x3b, 0xb2, 0x31, 0xdf, 0x2c, 0x63, 0x0a, 0x1a, 0xfb, + 0xe7, 0x24, 0x94, 0x9d, 0x00, 0x5a, 0x58, 0x78, 0x51, 0xe1, 0xaa, 0x79, + 0x5e, 0x47, 0x73, 0x47, 0xc8, 0xb0, 0x56, 0x62, 0x1c, 0x18, 0xbd, 0xdc, + 0xdd, 0x8d, 0x99, 0xfc, 0x5f, 0xc2, 0xb9, 0x20, 0x53, 0xd8, 0xcf, 0xac, + 0xfb, 0x0b, 0xb8, 0x83, 0x12, 0x05, 0xfa, 0xd1, 0xdd, 0xd6, 0xc0, 0x71, + 0x31, 0x8a, 0x60, 0x18, 0xf0, 0x3b, 0x73, 0xf5, 0xed, 0xe4, 0xd4, 0xd0, + 0x71, 0xf9, 0xde, 0x03, 0xfd, 0x7a, 0xea, 0x10, 0x5d, 0x92, 0x99, 0xb8, + 0xaf, 0x99, 0xaa, 0x07, 0x5b, 0xdb, 0x4d, 0xb9, 0xaa, 0x28, 0xc1, 0x8d, + 0x17, 0x4b, 0x56, 0xee, 0x2a, 0x01, 0x4d, 0x09, 0x88, 0x96, 0xff, 0x22, + 0x82, 0xc9, 0x55, 0xa8, 0x19, 0x69, 0xe0, 0x69, 0xfa, 0x8c, 0xe0, 0x07, + 0xa1, 0x80, 0x18, 0x3a, 0x07, 0xdf, 0xae, 0x17 + }; + int ret; + + ret = RNG_HealthTest(0, test1Entropy, sizeof(test1Entropy), NULL, 0, + test1Output, sizeof(test1Output)); + if (ret != 0) return -39; + + ret = RNG_HealthTest(1, test2EntropyA, sizeof(test2EntropyA), + test2EntropyB, sizeof(test2EntropyB), + test2Output, sizeof(test2Output)); + if (ret != 0) return -40; + + return 0; +} + +#else /* HAVE_HASHDRBG || NO_RC4 */ + +int random_test(void) +{ + RNG rng; + byte block[32]; + int ret; + +#ifdef HAVE_CAVIUM + ret = InitRngCavium(&rng, CAVIUM_DEV_ID); + if (ret != 0) return -2007; +#endif + ret = InitRng(&rng); + if (ret != 0) return -39; + + ret = RNG_GenerateBlock(&rng, block, sizeof(block)); + if (ret != 0) return -40; + + return 0; +} + +#endif /* HAVE_HASHDRBG || NO_RC4 */ + + +#ifdef HAVE_NTRU + +byte GetEntropy(ENTROPY_CMD cmd, byte* out); + +byte GetEntropy(ENTROPY_CMD cmd, byte* out) +{ + static RNG rng; + + if (cmd == INIT) + return (InitRng(&rng) == 0) ? 1 : 0; + + if (out == NULL) + return 0; + + if (cmd == GET_BYTE_OF_ENTROPY) + return (RNG_GenerateBlock(&rng, out, 1) == 0) ? 1 : 0; + + if (cmd == GET_NUM_BYTES_PER_BYTE_OF_ENTROPY) { + *out = 1; + return 1; + } + + return 0; +} + +#endif /* HAVE_NTRU */ + +#ifndef NO_RSA + +#if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048) + #ifdef FREESCALE_MQX + static const char* clientKey = "a:\\certs\\client-key.der"; + static const char* clientCert = "a:\\certs\\client-cert.der"; + #ifdef CYASSL_CERT_GEN + static const char* caKeyFile = "a:\\certs\\ca-key.der"; + static const char* caCertFile = "a:\\certs\\ca-cert.pem"; + #ifdef HAVE_ECC + static const char* eccCaKeyFile = "a:\\certs\\ecc-key.der"; + static const char* eccCaCertFile = "a:\\certs\\server-ecc.pem"; + #endif + #endif + #elif defined(CYASSL_MKD_SHELL) + static char* clientKey = "certs/client-key.der"; + static char* clientCert = "certs/client-cert.der"; + void set_clientKey(char *key) { clientKey = key ; } + void set_clientCert(char *cert) { clientCert = cert ; } + #ifdef CYASSL_CERT_GEN + static char* caKeyFile = "certs/ca-key.der"; + static char* caCertFile = "certs/ca-cert.pem"; + void set_caKeyFile (char * key) { caKeyFile = key ; } + void set_caCertFile(char * cert) { caCertFile = cert ; } + #ifdef HAVE_ECC + static const char* eccCaKeyFile = "certs/ecc-key.der"; + static const char* eccCaCertFile = "certs/server-ecc.pem"; + void set_eccCaKeyFile (char * key) { eccCaKeyFile = key ; } + void set_eccCaCertFile(char * cert) { eccCaCertFile = cert ; } + #endif + #endif + #else + static const char* clientKey = "./certs/client-key.der"; + static const char* clientCert = "./certs/client-cert.der"; + #ifdef CYASSL_CERT_GEN + static const char* caKeyFile = "./certs/ca-key.der"; + static const char* caCertFile = "./certs/ca-cert.pem"; + #ifdef HAVE_ECC + static const char* eccCaKeyFile = "./certs/ecc-key.der"; + static const char* eccCaCertFile = "./certs/server-ecc.pem"; + #endif + #endif + #endif +#endif + + + +#define FOURK_BUF 4096 + +int rsa_test(void) +{ + byte* tmp; + size_t bytes; + RsaKey key; + RNG rng; + word32 idx = 0; + int ret; + byte in[] = "Everyone gets Friday off."; + word32 inLen = (word32)strlen((char*)in); + byte out[256]; + byte plain[256]; +#if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048) + FILE* file, * file2; +#endif +#ifdef CYASSL_TEST_CERT + DecodedCert cert; +#endif + + tmp = (byte*)malloc(FOURK_BUF); + if (tmp == NULL) + return -40; + +#ifdef USE_CERT_BUFFERS_1024 + XMEMCPY(tmp, client_key_der_1024, sizeof_client_key_der_1024); + bytes = sizeof_client_key_der_1024; +#elif defined(USE_CERT_BUFFERS_2048) + XMEMCPY(tmp, client_key_der_2048, sizeof_client_key_der_2048); + bytes = sizeof_client_key_der_2048; +#else + file = fopen(clientKey, "rb"); + + if (!file) + err_sys("can't open ./certs/client-key.der, " + "Please run from CyaSSL home dir", -40); + + bytes = fread(tmp, 1, FOURK_BUF, file); + fclose(file); +#endif /* USE_CERT_BUFFERS */ + +#ifdef HAVE_CAVIUM + RsaInitCavium(&key, CAVIUM_DEV_ID); +#endif + ret = InitRsaKey(&key, 0); + if (ret != 0) return -39; + ret = RsaPrivateKeyDecode(tmp, &idx, &key, (word32)bytes); + if (ret != 0) return -41; + + ret = InitRng(&rng); + if (ret != 0) return -42; + + ret = RsaPublicEncrypt(in, inLen, out, sizeof(out), &key, &rng); + if (ret < 0) return -43; + + ret = RsaPrivateDecrypt(out, ret, plain, sizeof(plain), &key); + if (ret < 0) return -44; + + if (memcmp(plain, in, inLen)) return -45; + + ret = RsaSSL_Sign(in, inLen, out, sizeof(out), &key, &rng); + if (ret < 0) return -46; + + memset(plain, 0, sizeof(plain)); + ret = RsaSSL_Verify(out, ret, plain, sizeof(plain), &key); + if (ret < 0) return -47; + + if (memcmp(plain, in, ret)) return -48; + +#if defined(CYASSL_MDK_ARM) + #define sizeof(s) strlen((char *)(s)) +#endif + +#ifdef USE_CERT_BUFFERS_1024 + XMEMCPY(tmp, client_cert_der_1024, sizeof_client_cert_der_1024); + bytes = sizeof_client_cert_der_1024; +#elif defined(USE_CERT_BUFFERS_2048) + XMEMCPY(tmp, client_cert_der_2048, sizeof_client_cert_der_2048); + bytes = sizeof_client_cert_der_2048; +#else + file2 = fopen(clientCert, "rb"); + if (!file2) + return -49; + + bytes = fread(tmp, 1, FOURK_BUF, file2); + fclose(file2); +#endif + +#ifdef sizeof + #undef sizeof +#endif + +#ifdef CYASSL_TEST_CERT + InitDecodedCert(&cert, tmp, (word32)bytes, 0); + + ret = ParseCert(&cert, CERT_TYPE, NO_VERIFY, 0); + if (ret != 0) return -491; + + FreeDecodedCert(&cert); +#else + (void)bytes; +#endif + + +#ifdef CYASSL_KEY_GEN + { + byte* der; + byte* pem; + int derSz = 0; + int pemSz = 0; + RsaKey derIn; + RsaKey genKey; + FILE* keyFile; + FILE* pemFile; + + ret = InitRsaKey(&genKey, 0); + if (ret != 0) + return -300; + ret = MakeRsaKey(&genKey, 1024, 65537, &rng); + if (ret != 0) + return -301; + + der = (byte*)malloc(FOURK_BUF); + if (der == NULL) { + FreeRsaKey(&genKey); + return -307; + } + pem = (byte*)malloc(FOURK_BUF); + if (pem == NULL) { + free(der); + FreeRsaKey(&genKey); + return -308; + } + + derSz = RsaKeyToDer(&genKey, der, FOURK_BUF); + if (derSz < 0) { + free(der); + free(pem); + return -302; + } + + keyFile = fopen("./key.der", "wb"); + if (!keyFile) { + free(der); + free(pem); + FreeRsaKey(&genKey); + return -303; + } + ret = (int)fwrite(der, 1, derSz, keyFile); + fclose(keyFile); + if (ret != derSz) { + free(der); + free(pem); + FreeRsaKey(&genKey); + return -313; + } + + pemSz = DerToPem(der, derSz, pem, FOURK_BUF, PRIVATEKEY_TYPE); + if (pemSz < 0) { + free(der); + free(pem); + FreeRsaKey(&genKey); + return -304; + } + + pemFile = fopen("./key.pem", "wb"); + if (!pemFile) { + free(der); + free(pem); + FreeRsaKey(&genKey); + return -305; + } + ret = (int)fwrite(pem, 1, pemSz, pemFile); + fclose(pemFile); + if (ret != pemSz) { + free(der); + free(pem); + FreeRsaKey(&genKey); + return -314; + } + + ret = InitRsaKey(&derIn, 0); + if (ret != 0) { + free(der); + free(pem); + FreeRsaKey(&genKey); + return -3060; + } + idx = 0; + ret = RsaPrivateKeyDecode(der, &idx, &derIn, derSz); + if (ret != 0) { + free(der); + free(pem); + FreeRsaKey(&derIn); + FreeRsaKey(&genKey); + return -306; + } + + FreeRsaKey(&derIn); + FreeRsaKey(&genKey); + free(pem); + free(der); + } +#endif /* CYASSL_KEY_GEN */ + + +#ifdef CYASSL_CERT_GEN + /* self signed */ + { + Cert myCert; + byte* derCert; + byte* pem; + FILE* derFile; + FILE* pemFile; + int certSz; + int pemSz; +#ifdef CYASSL_TEST_CERT + DecodedCert decode; +#endif + + derCert = (byte*)malloc(FOURK_BUF); + if (derCert == NULL) + return -309; + pem = (byte*)malloc(FOURK_BUF); + if (pem == NULL) { + free(derCert); + return -310; + } + + InitCert(&myCert); + + strncpy(myCert.subject.country, "US", CTC_NAME_SIZE); + strncpy(myCert.subject.state, "OR", CTC_NAME_SIZE); + strncpy(myCert.subject.locality, "Portland", CTC_NAME_SIZE); + strncpy(myCert.subject.org, "yaSSL", CTC_NAME_SIZE); + strncpy(myCert.subject.unit, "Development", CTC_NAME_SIZE); + strncpy(myCert.subject.commonName, "www.yassl.com", CTC_NAME_SIZE); + strncpy(myCert.subject.email, "info@yassl.com", CTC_NAME_SIZE); + myCert.isCA = 1; + myCert.sigType = CTC_SHA256wRSA; + + certSz = MakeSelfCert(&myCert, derCert, FOURK_BUF, &key, &rng); + if (certSz < 0) { + free(derCert); + free(pem); + return -401; + } + +#ifdef CYASSL_TEST_CERT + InitDecodedCert(&decode, derCert, certSz, 0); + ret = ParseCert(&decode, CERT_TYPE, NO_VERIFY, 0); + if (ret != 0) { + free(derCert); + free(pem); + return -402; + } + FreeDecodedCert(&decode); +#endif + derFile = fopen("./cert.der", "wb"); + if (!derFile) { + free(derCert); + free(pem); + return -403; + } + ret = (int)fwrite(derCert, 1, certSz, derFile); + fclose(derFile); + if (ret != certSz) { + free(derCert); + free(pem); + return -414; + } + + pemSz = DerToPem(derCert, certSz, pem, FOURK_BUF, CERT_TYPE); + if (pemSz < 0) { + free(derCert); + free(pem); + return -404; + } + + pemFile = fopen("./cert.pem", "wb"); + if (!pemFile) { + free(derCert); + free(pem); + return -405; + } + ret = (int)fwrite(pem, 1, pemSz, pemFile); + fclose(pemFile); + if (ret != pemSz) { + free(derCert); + free(pem); + return -406; + } + free(pem); + free(derCert); + } + /* CA style */ + { + RsaKey caKey; + Cert myCert; + byte* derCert; + byte* pem; + FILE* derFile; + FILE* pemFile; + int certSz; + int pemSz; + size_t bytes3; + word32 idx3 = 0; + FILE* file3 ; +#ifdef CYASSL_TEST_CERT + DecodedCert decode; +#endif + + derCert = (byte*)malloc(FOURK_BUF); + if (derCert == NULL) + return -311; + pem = (byte*)malloc(FOURK_BUF); + if (pem == NULL) { + free(derCert); + return -312; + } + + file3 = fopen(caKeyFile, "rb"); + + if (!file3) { + free(derCert); + free(pem); + return -412; + } + + bytes3 = fread(tmp, 1, FOURK_BUF, file3); + fclose(file3); + + ret = InitRsaKey(&caKey, 0); + if (ret != 0) { + free(derCert); + free(pem); + return -411; + } + ret = RsaPrivateKeyDecode(tmp, &idx3, &caKey, (word32)bytes3); + if (ret != 0) { + free(derCert); + free(pem); + FreeRsaKey(&caKey); + return -413; + } + + InitCert(&myCert); + + strncpy(myCert.subject.country, "US", CTC_NAME_SIZE); + strncpy(myCert.subject.state, "OR", CTC_NAME_SIZE); + strncpy(myCert.subject.locality, "Portland", CTC_NAME_SIZE); + strncpy(myCert.subject.org, "yaSSL", CTC_NAME_SIZE); + strncpy(myCert.subject.unit, "Development", CTC_NAME_SIZE); + strncpy(myCert.subject.commonName, "www.yassl.com", CTC_NAME_SIZE); + strncpy(myCert.subject.email, "info@yassl.com", CTC_NAME_SIZE); + + ret = SetIssuer(&myCert, caCertFile); + if (ret < 0) { + free(derCert); + free(pem); + FreeRsaKey(&caKey); + return -405; + } + + certSz = MakeCert(&myCert, derCert, FOURK_BUF, &key, NULL, &rng); + if (certSz < 0) { + free(derCert); + free(pem); + FreeRsaKey(&caKey); + return -407; + } + + certSz = SignCert(myCert.bodySz, myCert.sigType, derCert, FOURK_BUF, + &caKey, NULL, &rng); + if (certSz < 0) { + free(derCert); + free(pem); + FreeRsaKey(&caKey); + return -408; + } + + +#ifdef CYASSL_TEST_CERT + InitDecodedCert(&decode, derCert, certSz, 0); + ret = ParseCert(&decode, CERT_TYPE, NO_VERIFY, 0); + if (ret != 0) { + free(derCert); + free(pem); + FreeRsaKey(&caKey); + return -409; + } + FreeDecodedCert(&decode); +#endif + + derFile = fopen("./othercert.der", "wb"); + if (!derFile) { + free(derCert); + free(pem); + FreeRsaKey(&caKey); + return -410; + } + ret = (int)fwrite(derCert, 1, certSz, derFile); + fclose(derFile); + if (ret != certSz) { + free(derCert); + free(pem); + FreeRsaKey(&caKey); + return -416; + } + + pemSz = DerToPem(derCert, certSz, pem, FOURK_BUF, CERT_TYPE); + if (pemSz < 0) { + free(derCert); + free(pem); + FreeRsaKey(&caKey); + return -411; + } + + pemFile = fopen("./othercert.pem", "wb"); + if (!pemFile) { + free(derCert); + free(pem); + FreeRsaKey(&caKey); + return -412; + } + ret = (int)fwrite(pem, 1, pemSz, pemFile); + if (ret != pemSz) { + free(derCert); + free(pem); + FreeRsaKey(&caKey); + return -415; + } + fclose(pemFile); + free(pem); + free(derCert); + FreeRsaKey(&caKey); + } +#ifdef HAVE_ECC + /* ECC CA style */ + { + ecc_key caKey; + Cert myCert; + byte* derCert; + byte* pem; + FILE* derFile; + FILE* pemFile; + int certSz; + int pemSz; + size_t bytes3; + word32 idx3 = 0; + FILE* file3; +#ifdef CYASSL_TEST_CERT + DecodedCert decode; +#endif + + derCert = (byte*)malloc(FOURK_BUF); + if (derCert == NULL) + return -5311; + pem = (byte*)malloc(FOURK_BUF); + if (pem == NULL) { + free(derCert); + return -5312; + } + + file3 = fopen(eccCaKeyFile, "rb"); + + if (!file3) { + free(derCert); + free(pem); + return -5412; + } + + bytes3 = fread(tmp, 1, FOURK_BUF, file3); + fclose(file3); + + ecc_init(&caKey); + ret = EccPrivateKeyDecode(tmp, &idx3, &caKey, (word32)bytes3); + if (ret != 0) { + free(derCert); + free(pem); + return -5413; + } + + InitCert(&myCert); + myCert.sigType = CTC_SHA256wECDSA; + + strncpy(myCert.subject.country, "US", CTC_NAME_SIZE); + strncpy(myCert.subject.state, "OR", CTC_NAME_SIZE); + strncpy(myCert.subject.locality, "Portland", CTC_NAME_SIZE); + strncpy(myCert.subject.org, "wolfSSL", CTC_NAME_SIZE); + strncpy(myCert.subject.unit, "Development", CTC_NAME_SIZE); + strncpy(myCert.subject.commonName, "www.wolfssl.com", CTC_NAME_SIZE); + strncpy(myCert.subject.email, "info@wolfssl.com", CTC_NAME_SIZE); + + ret = SetIssuer(&myCert, eccCaCertFile); + if (ret < 0) { + free(pem); + free(derCert); + ecc_free(&caKey); + return -5405; + } + + certSz = MakeCert(&myCert, derCert, FOURK_BUF, NULL, &caKey, &rng); + if (certSz < 0) { + free(pem); + free(derCert); + ecc_free(&caKey); + return -5407; + } + + certSz = SignCert(myCert.bodySz, myCert.sigType, derCert, FOURK_BUF, + NULL, &caKey, &rng); + if (certSz < 0) { + free(pem); + free(derCert); + ecc_free(&caKey); + return -5408; + } + +#ifdef CYASSL_TEST_CERT + InitDecodedCert(&decode, derCert, certSz, 0); + ret = ParseCert(&decode, CERT_TYPE, NO_VERIFY, 0); + if (ret != 0) { + free(pem); + free(derCert); + ecc_free(&caKey); + return -5409; + } + FreeDecodedCert(&decode); +#endif + + derFile = fopen("./certecc.der", "wb"); + if (!derFile) { + free(pem); + free(derCert); + ecc_free(&caKey); + return -5410; + } + ret = (int)fwrite(derCert, 1, certSz, derFile); + fclose(derFile); + if (ret != certSz) { + free(pem); + free(derCert); + ecc_free(&caKey); + return -5414; + } + + pemSz = DerToPem(derCert, certSz, pem, FOURK_BUF, CERT_TYPE); + if (pemSz < 0) { + free(pem); + free(derCert); + ecc_free(&caKey); + return -5411; + } + + pemFile = fopen("./certecc.pem", "wb"); + if (!pemFile) { + free(pem); + free(derCert); + ecc_free(&caKey); + return -5412; + } + ret = (int)fwrite(pem, 1, pemSz, pemFile); + if (ret != pemSz) { + free(pem); + free(derCert); + ecc_free(&caKey); + return -5415; + } + fclose(pemFile); + free(pem); + free(derCert); + ecc_free(&caKey); + } +#endif /* HAVE_ECC */ +#ifdef HAVE_NTRU + { + RsaKey caKey; + Cert myCert; + byte* derCert; + byte* pem; + FILE* derFile; + FILE* pemFile; + FILE* caFile; + FILE* ntruPrivFile; + int certSz; + int pemSz; + word32 idx3; +#ifdef CYASSL_TEST_CERT + DecodedCert decode; +#endif + derCert = (byte*)malloc(FOURK_BUF); + if (derCert == NULL) + return -311; + pem = (byte*)malloc(FOURK_BUF); + if (pem == NULL) { + free(derCert); + return -312; + } + + byte public_key[557]; /* sized for EES401EP2 */ + word16 public_key_len; /* no. of octets in public key */ + byte private_key[607]; /* sized for EES401EP2 */ + word16 private_key_len; /* no. of octets in private key */ + DRBG_HANDLE drbg; + static uint8_t const pers_str[] = { + 'C', 'y', 'a', 'S', 'S', 'L', ' ', 't', 'e', 's', 't' + }; + word32 rc = ntru_crypto_drbg_instantiate(112, pers_str, + sizeof(pers_str), GetEntropy, &drbg); + if (rc != DRBG_OK) { + free(derCert); + free(pem); + return -448; + } + + rc = ntru_crypto_ntru_encrypt_keygen(drbg, NTRU_EES401EP2, + &public_key_len, NULL, + &private_key_len, NULL); + if (rc != NTRU_OK) { + free(derCert); + free(pem); + return -449; + } + + rc = ntru_crypto_ntru_encrypt_keygen(drbg, NTRU_EES401EP2, + &public_key_len, public_key, + &private_key_len, private_key); + if (rc != NTRU_OK) { + free(derCert); + free(pem); + return -450; + } + + rc = ntru_crypto_drbg_uninstantiate(drbg); + + if (rc != NTRU_OK) { + free(derCert); + free(pem); + return -451; + } + + caFile = fopen(caKeyFile, "rb"); + + if (!caFile) { + free(derCert); + free(pem); + return -452; + } + + bytes = fread(tmp, 1, FOURK_BUF, caFile); + fclose(caFile); + + ret = InitRsaKey(&caKey, 0); + if (ret != 0) { + free(derCert); + free(pem); + return -453; + } + ret = RsaPrivateKeyDecode(tmp, &idx3, &caKey, (word32)bytes); + if (ret != 0) { + free(derCert); + free(pem); + return -454; + } + + InitCert(&myCert); + + strncpy(myCert.subject.country, "US", CTC_NAME_SIZE); + strncpy(myCert.subject.state, "OR", CTC_NAME_SIZE); + strncpy(myCert.subject.locality, "Portland", CTC_NAME_SIZE); + strncpy(myCert.subject.org, "yaSSL", CTC_NAME_SIZE); + strncpy(myCert.subject.unit, "Development", CTC_NAME_SIZE); + strncpy(myCert.subject.commonName, "www.yassl.com", CTC_NAME_SIZE); + strncpy(myCert.subject.email, "info@yassl.com", CTC_NAME_SIZE); + + ret = SetIssuer(&myCert, caCertFile); + if (ret < 0) { + free(derCert); + free(pem); + FreeRsaKey(&caKey); + return -455; + } + + certSz = MakeNtruCert(&myCert, derCert, FOURK_BUF, public_key, + public_key_len, &rng); + if (certSz < 0) { + free(derCert); + free(pem); + FreeRsaKey(&caKey); + return -456; + } + + certSz = SignCert(myCert.bodySz, myCert.sigType, derCert, FOURK_BUF, + &caKey, NULL, &rng); + FreeRsaKey(&caKey); + if (certSz < 0) { + free(derCert); + free(pem); + return -457; + } + + +#ifdef CYASSL_TEST_CERT + InitDecodedCert(&decode, derCert, certSz, 0); + ret = ParseCert(&decode, CERT_TYPE, NO_VERIFY, 0); + if (ret != 0) { + free(derCert); + free(pem); + return -458; + } + FreeDecodedCert(&decode); +#endif + derFile = fopen("./ntru-cert.der", "wb"); + if (!derFile) { + free(derCert); + free(pem); + return -459; + } + ret = (int)fwrite(derCert, 1, certSz, derFile); + fclose(derFile); + if (ret != certSz) { + free(derCert); + free(pem); + return -473; + } + + pemSz = DerToPem(derCert, certSz, pem, FOURK_BUF, CERT_TYPE); + if (pemSz < 0) { + free(derCert); + free(pem); + return -460; + } + + pemFile = fopen("./ntru-cert.pem", "wb"); + if (!pemFile) { + free(derCert); + free(pem); + return -461; + } + ret = (int)fwrite(pem, 1, pemSz, pemFile); + fclose(pemFile); + if (ret != pemSz) { + free(derCert); + free(pem); + return -474; + } + + ntruPrivFile = fopen("./ntru-key.raw", "wb"); + if (!ntruPrivFile) { + free(derCert); + free(pem); + return -462; + } + ret = (int)fwrite(private_key, 1, private_key_len, ntruPrivFile); + fclose(ntruPrivFile); + if (ret != private_key_len) { + free(pem); + free(derCert); + return -475; + } + free(pem); + free(derCert); + } +#endif /* HAVE_NTRU */ +#ifdef CYASSL_CERT_REQ + { + Cert req; + byte* der; + byte* pem; + int derSz; + int pemSz; + FILE* reqFile; + + der = (byte*)malloc(FOURK_BUF); + if (der == NULL) + return -463; + pem = (byte*)malloc(FOURK_BUF); + if (pem == NULL) { + free(der); + return -464; + } + + InitCert(&req); + + req.version = 0; + req.isCA = 1; + strncpy(req.challengePw, "yassl123", CTC_NAME_SIZE); + strncpy(req.subject.country, "US", CTC_NAME_SIZE); + strncpy(req.subject.state, "OR", CTC_NAME_SIZE); + strncpy(req.subject.locality, "Portland", CTC_NAME_SIZE); + strncpy(req.subject.org, "yaSSL", CTC_NAME_SIZE); + strncpy(req.subject.unit, "Development", CTC_NAME_SIZE); + strncpy(req.subject.commonName, "www.yassl.com", CTC_NAME_SIZE); + strncpy(req.subject.email, "info@yassl.com", CTC_NAME_SIZE); + req.sigType = CTC_SHA256wRSA; + + derSz = MakeCertReq(&req, der, FOURK_BUF, &key, NULL); + if (derSz < 0) { + free(pem); + free(der); + return -465; + } + + derSz = SignCert(req.bodySz, req.sigType, der, FOURK_BUF, + &key, NULL, &rng); + if (derSz < 0) { + free(pem); + free(der); + return -466; + } + + pemSz = DerToPem(der, derSz, pem, FOURK_BUF, CERTREQ_TYPE); + if (pemSz < 0) { + free(pem); + free(der); + return -467; + } + + reqFile = fopen("./certreq.der", "wb"); + if (!reqFile) { + free(pem); + free(der); + return -468; + } + + ret = (int)fwrite(der, 1, derSz, reqFile); + fclose(reqFile); + if (ret != derSz) { + free(pem); + free(der); + return -471; + } + + reqFile = fopen("./certreq.pem", "wb"); + if (!reqFile) { + free(pem); + free(der); + return -469; + } + ret = (int)fwrite(pem, 1, pemSz, reqFile); + fclose(reqFile); + if (ret != pemSz) { + free(pem); + free(der); + return -470; + } + + free(pem); + free(der); + } +#endif /* CYASSL_CERT_REQ */ +#endif /* CYASSL_CERT_GEN */ + + FreeRsaKey(&key); +#ifdef HAVE_CAVIUM + RsaFreeCavium(&key); +#endif + free(tmp); + + return 0; +} + +#endif + + +#ifndef NO_DH + +#if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048) + #ifdef FREESCALE_MQX + static const char* dhKey = "a:\certs\\dh2048.der"; + #else + static const char* dhKey = "./certs/dh2048.der"; + #endif +#endif + +int dh_test(void) +{ + int ret; + word32 bytes; + word32 idx = 0, privSz, pubSz, privSz2, pubSz2, agreeSz, agreeSz2; + byte tmp[1024]; + byte priv[256]; + byte pub[256]; + byte priv2[256]; + byte pub2[256]; + byte agree[256]; + byte agree2[256]; + DhKey key; + DhKey key2; + RNG rng; + + +#ifdef USE_CERT_BUFFERS_1024 + XMEMCPY(tmp, dh_key_der_1024, sizeof_dh_key_der_1024); + bytes = sizeof_dh_key_der_1024; +#elif defined(USE_CERT_BUFFERS_2048) + XMEMCPY(tmp, dh_key_der_2048, sizeof_dh_key_der_2048); + bytes = sizeof_dh_key_der_2048; +#else + FILE* file = fopen(dhKey, "rb"); + + if (!file) + return -50; + + bytes = (word32) fread(tmp, 1, sizeof(tmp), file); + fclose(file); +#endif /* USE_CERT_BUFFERS */ + + InitDhKey(&key); + InitDhKey(&key2); + ret = DhKeyDecode(tmp, &idx, &key, bytes); + if (ret != 0) + return -51; + + idx = 0; + ret = DhKeyDecode(tmp, &idx, &key2, bytes); + if (ret != 0) + return -52; + + ret = InitRng(&rng); + if (ret != 0) + return -53; + + ret = DhGenerateKeyPair(&key, &rng, priv, &privSz, pub, &pubSz); + ret += DhGenerateKeyPair(&key2, &rng, priv2, &privSz2, pub2, &pubSz2); + if (ret != 0) + return -54; + + ret = DhAgree(&key, agree, &agreeSz, priv, privSz, pub2, pubSz2); + ret += DhAgree(&key2, agree2, &agreeSz2, priv2, privSz2, pub, pubSz); + if (ret != 0) + return -55; + + if (memcmp(agree, agree2, agreeSz)) + return -56; + + FreeDhKey(&key); + FreeDhKey(&key2); + + return 0; +} + +#endif /* NO_DH */ + + +#ifndef NO_DSA + +#if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048) + #ifdef FREESCALE_MQX + static const char* dsaKey = "a:\\certs\\dsa2048.der"; + #else + static const char* dsaKey = "./certs/dsa2048.der"; + #endif +#endif + +int dsa_test(void) +{ + int ret, answer; + word32 bytes; + word32 idx = 0; + byte tmp[1024]; + DsaKey key; + RNG rng; + Sha sha; + byte hash[SHA_DIGEST_SIZE]; + byte signature[40]; + + +#ifdef USE_CERT_BUFFERS_1024 + XMEMCPY(tmp, dsa_key_der_1024, sizeof_dsa_key_der_1024); + bytes = sizeof_dsa_key_der_1024; +#elif defined(USE_CERT_BUFFERS_2048) + XMEMCPY(tmp, dsa_key_der_2048, sizeof_dsa_key_der_2048); + bytes = sizeof_dsa_key_der_2048; +#else + FILE* file = fopen(dsaKey, "rb"); + + if (!file) + return -60; + + bytes = (word32) fread(tmp, 1, sizeof(tmp), file); + fclose(file); +#endif /* USE_CERT_BUFFERS */ + + ret = InitSha(&sha); + if (ret != 0) + return -4002; + ShaUpdate(&sha, tmp, bytes); + ShaFinal(&sha, hash); + + InitDsaKey(&key); + ret = DsaPrivateKeyDecode(tmp, &idx, &key, bytes); + if (ret != 0) return -61; + + ret = InitRng(&rng); + if (ret != 0) return -62; + + ret = DsaSign(hash, signature, &key, &rng); + if (ret != 0) return -63; + + ret = DsaVerify(hash, signature, &key, &answer); + if (ret != 0) return -64; + if (answer != 1) return -65; + + FreeDsaKey(&key); + + return 0; +} + +#endif /* NO_DSA */ + + +#ifdef OPENSSL_EXTRA + +int openssl_test(void) +{ + EVP_MD_CTX md_ctx; + testVector a, b, c, d, e, f; + byte hash[SHA_DIGEST_SIZE*4]; /* max size */ + + (void)e; + (void)f; + + a.input = "1234567890123456789012345678901234567890123456789012345678" + "9012345678901234567890"; + a.output = "\x57\xed\xf4\xa2\x2b\xe3\xc9\x55\xac\x49\xda\x2e\x21\x07\xb6" + "\x7a"; + a.inLen = strlen(a.input); + a.outLen = MD5_DIGEST_SIZE; + + EVP_MD_CTX_init(&md_ctx); + EVP_DigestInit(&md_ctx, EVP_md5()); + + EVP_DigestUpdate(&md_ctx, a.input, (unsigned long)a.inLen); + EVP_DigestFinal(&md_ctx, hash, 0); + + if (memcmp(hash, a.output, MD5_DIGEST_SIZE) != 0) + return -71; + + b.input = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" + "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" + "aaaaaaaaaa"; + b.output = "\xAD\x5B\x3F\xDB\xCB\x52\x67\x78\xC2\x83\x9D\x2F\x15\x1E\xA7" + "\x53\x99\x5E\x26\xA0"; + b.inLen = strlen(b.input); + b.outLen = SHA_DIGEST_SIZE; + + EVP_MD_CTX_init(&md_ctx); + EVP_DigestInit(&md_ctx, EVP_sha1()); + + EVP_DigestUpdate(&md_ctx, b.input, (unsigned long)b.inLen); + EVP_DigestFinal(&md_ctx, hash, 0); + + if (memcmp(hash, b.output, SHA_DIGEST_SIZE) != 0) + return -72; + + + d.input = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"; + d.output = "\x24\x8D\x6A\x61\xD2\x06\x38\xB8\xE5\xC0\x26\x93\x0C\x3E\x60" + "\x39\xA3\x3C\xE4\x59\x64\xFF\x21\x67\xF6\xEC\xED\xD4\x19\xDB" + "\x06\xC1"; + d.inLen = strlen(d.input); + d.outLen = SHA256_DIGEST_SIZE; + + EVP_MD_CTX_init(&md_ctx); + EVP_DigestInit(&md_ctx, EVP_sha256()); + + EVP_DigestUpdate(&md_ctx, d.input, (unsigned long)d.inLen); + EVP_DigestFinal(&md_ctx, hash, 0); + + if (memcmp(hash, d.output, SHA256_DIGEST_SIZE) != 0) + return -78; + +#ifdef CYASSL_SHA384 + + e.input = "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhi" + "jklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu"; + e.output = "\x09\x33\x0c\x33\xf7\x11\x47\xe8\x3d\x19\x2f\xc7\x82\xcd\x1b" + "\x47\x53\x11\x1b\x17\x3b\x3b\x05\xd2\x2f\xa0\x80\x86\xe3\xb0" + "\xf7\x12\xfc\xc7\xc7\x1a\x55\x7e\x2d\xb9\x66\xc3\xe9\xfa\x91" + "\x74\x60\x39"; + e.inLen = strlen(e.input); + e.outLen = SHA384_DIGEST_SIZE; + + EVP_MD_CTX_init(&md_ctx); + EVP_DigestInit(&md_ctx, EVP_sha384()); + + EVP_DigestUpdate(&md_ctx, e.input, e.inLen); + EVP_DigestFinal(&md_ctx, hash, 0); + + if (memcmp(hash, e.output, SHA384_DIGEST_SIZE) != 0) + return -79; + +#endif /* CYASSL_SHA384 */ + + +#ifdef CYASSL_SHA512 + + f.input = "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhi" + "jklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu"; + f.output = "\x8e\x95\x9b\x75\xda\xe3\x13\xda\x8c\xf4\xf7\x28\x14\xfc\x14" + "\x3f\x8f\x77\x79\xc6\xeb\x9f\x7f\xa1\x72\x99\xae\xad\xb6\x88" + "\x90\x18\x50\x1d\x28\x9e\x49\x00\xf7\xe4\x33\x1b\x99\xde\xc4" + "\xb5\x43\x3a\xc7\xd3\x29\xee\xb6\xdd\x26\x54\x5e\x96\xe5\x5b" + "\x87\x4b\xe9\x09"; + f.inLen = strlen(f.input); + f.outLen = SHA512_DIGEST_SIZE; + + EVP_MD_CTX_init(&md_ctx); + EVP_DigestInit(&md_ctx, EVP_sha512()); + + EVP_DigestUpdate(&md_ctx, f.input, (unsigned long)f.inLen); + EVP_DigestFinal(&md_ctx, hash, 0); + + if (memcmp(hash, f.output, SHA512_DIGEST_SIZE) != 0) + return -80; + +#endif /* CYASSL_SHA512 */ + + + if (RAND_bytes(hash, sizeof(hash)) != 1) + return -73; + + c.input = "what do ya want for nothing?"; + c.output = "\x75\x0c\x78\x3e\x6a\xb0\xb5\x03\xea\xa8\x6e\x31\x0a\x5d\xb7" + "\x38"; + c.inLen = strlen(c.input); + c.outLen = MD5_DIGEST_SIZE; + + HMAC(EVP_md5(), "Jefe", 4, (byte*)c.input, (int)c.inLen, hash, 0); + + if (memcmp(hash, c.output, MD5_DIGEST_SIZE) != 0) + return -74; + + { /* des test */ + const byte vector[] = { /* "now is the time for all " w/o trailing 0 */ + 0x6e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74, + 0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20, + 0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20 + }; + + byte plain[24]; + byte cipher[24]; + + const_DES_cblock key = + { + 0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef + }; + + DES_cblock iv = + { + 0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef + }; + + DES_key_schedule sched; + + const byte verify[] = + { + 0x8b,0x7c,0x52,0xb0,0x01,0x2b,0x6c,0xb8, + 0x4f,0x0f,0xeb,0xf3,0xfb,0x5f,0x86,0x73, + 0x15,0x85,0xb3,0x22,0x4b,0x86,0x2b,0x4b + }; + + DES_key_sched(&key, &sched); + + DES_cbc_encrypt(vector, cipher, sizeof(vector), &sched, &iv, DES_ENCRYPT); + DES_cbc_encrypt(cipher, plain, sizeof(vector), &sched, &iv, DES_DECRYPT); + + if (memcmp(plain, vector, sizeof(vector)) != 0) + return -75; + + if (memcmp(cipher, verify, sizeof(verify)) != 0) + return -76; + + /* test changing iv */ + DES_ncbc_encrypt(vector, cipher, 8, &sched, &iv, DES_ENCRYPT); + DES_ncbc_encrypt(vector + 8, cipher + 8, 16, &sched, &iv, DES_ENCRYPT); + + if (memcmp(cipher, verify, sizeof(verify)) != 0) + return -77; + + } /* end des test */ + + { /* evp_cipher test */ + EVP_CIPHER_CTX ctx; + + + const byte msg[] = { /* "Now is the time for all " w/o trailing 0 */ + 0x6e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74, + 0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20, + 0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20 + }; + + const byte verify[] = + { + 0x95,0x94,0x92,0x57,0x5f,0x42,0x81,0x53, + 0x2c,0xcc,0x9d,0x46,0x77,0xa2,0x33,0xcb + }; + + byte key[] = "0123456789abcdef "; /* align */ + byte iv[] = "1234567890abcdef "; /* align */ + + byte cipher[AES_BLOCK_SIZE * 4]; + byte plain [AES_BLOCK_SIZE * 4]; + + EVP_CIPHER_CTX_init(&ctx); + if (EVP_CipherInit(&ctx, EVP_aes_128_cbc(), key, iv, 1) == 0) + return -81; + + if (EVP_Cipher(&ctx, cipher, (byte*)msg, 16) == 0) + return -82; + + if (memcmp(cipher, verify, AES_BLOCK_SIZE)) + return -83; + + EVP_CIPHER_CTX_init(&ctx); + if (EVP_CipherInit(&ctx, EVP_aes_128_cbc(), key, iv, 0) == 0) + return -84; + + if (EVP_Cipher(&ctx, plain, cipher, 16) == 0) + return -85; + + if (memcmp(plain, msg, AES_BLOCK_SIZE)) + return -86; + + + } /* end evp_cipher test */ + + return 0; +} + +#endif /* OPENSSL_EXTRA */ + + +#ifndef NO_PWDBASED + +int pkcs12_test(void) +{ + const byte passwd[] = { 0x00, 0x73, 0x00, 0x6d, 0x00, 0x65, 0x00, 0x67, + 0x00, 0x00 }; + const byte salt[] = { 0x0a, 0x58, 0xCF, 0x64, 0x53, 0x0d, 0x82, 0x3f }; + + const byte passwd2[] = { 0x00, 0x71, 0x00, 0x75, 0x00, 0x65, 0x00, 0x65, + 0x00, 0x67, 0x00, 0x00 }; + const byte salt2[] = { 0x16, 0x82, 0xC0, 0xfC, 0x5b, 0x3f, 0x7e, 0xc5 }; + byte derived[64]; + + const byte verify[] = { + 0x8A, 0xAA, 0xE6, 0x29, 0x7B, 0x6C, 0xB0, 0x46, + 0x42, 0xAB, 0x5B, 0x07, 0x78, 0x51, 0x28, 0x4E, + 0xB7, 0x12, 0x8F, 0x1A, 0x2A, 0x7F, 0xBC, 0xA3 + }; + + const byte verify2[] = { + 0x48, 0x3D, 0xD6, 0xE9, 0x19, 0xD7, 0xDE, 0x2E, + 0x8E, 0x64, 0x8B, 0xA8, 0xF8, 0x62, 0xF3, 0xFB, + 0xFB, 0xDC, 0x2B, 0xCB, 0x2C, 0x02, 0x95, 0x7F + }; + + int id = 1; + int kLen = 24; + int iterations = 1; + int ret = PKCS12_PBKDF(derived, passwd, sizeof(passwd), salt, 8, iterations, + kLen, SHA, id); + + if (ret < 0) + return -103; + + if ( (ret = memcmp(derived, verify, kLen)) != 0) + return -104; + + iterations = 1000; + ret = PKCS12_PBKDF(derived, passwd2, sizeof(passwd2), salt2, 8, iterations, + kLen, SHA, id); + if (ret < 0) + return -105; + + if ( (ret = memcmp(derived, verify2, 24)) != 0) + return -106; + + return 0; +} + + +int pbkdf2_test(void) +{ + char passwd[] = "password"; + const byte salt[] = { 0x78, 0x57, 0x8E, 0x5a, 0x5d, 0x63, 0xcb, 0x06 }; + int iterations = 2048; + int kLen = 24; + byte derived[64]; + + const byte verify[] = { + 0xBF, 0xDE, 0x6B, 0xE9, 0x4D, 0xF7, 0xE1, 0x1D, 0xD4, 0x09, 0xBC, 0xE2, + 0x0A, 0x02, 0x55, 0xEC, 0x32, 0x7C, 0xB9, 0x36, 0xFF, 0xE9, 0x36, 0x43 + + }; + + int ret = PBKDF2(derived, (byte*)passwd, (int)strlen(passwd), salt, 8, + iterations, kLen, SHA); + if (ret != 0) + return ret; + + if (memcmp(derived, verify, sizeof(verify)) != 0) + return -102; + + return 0; +} + + +int pbkdf1_test(void) +{ + char passwd[] = "password"; + const byte salt[] = { 0x78, 0x57, 0x8E, 0x5a, 0x5d, 0x63, 0xcb, 0x06 }; + int iterations = 1000; + int kLen = 16; + byte derived[16]; + + const byte verify[] = { + 0xDC, 0x19, 0x84, 0x7E, 0x05, 0xC6, 0x4D, 0x2F, 0xAF, 0x10, 0xEB, 0xFB, + 0x4A, 0x3D, 0x2A, 0x20 + }; + + PBKDF1(derived, (byte*)passwd, (int)strlen(passwd), salt, 8, iterations, + kLen, SHA); + + if (memcmp(derived, verify, sizeof(verify)) != 0) + return -101; + + return 0; +} + + +int pwdbased_test(void) +{ + int ret = pbkdf1_test(); + ret += pbkdf2_test(); + + return ret + pkcs12_test(); +} + +#endif /* NO_PWDBASED */ + +#if defined(HAVE_HKDF) && (!defined(NO_SHA) || !defined(NO_SHA256)) + +int hkdf_test(void) +{ + int ret; + int L = 42; + byte okm1[42]; + byte ikm1[22] = { 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, + 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, + 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b }; + byte salt1[13] ={ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0a, 0x0b, 0x0c }; + byte info1[10] ={ 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, + 0xf8, 0xf9 }; + byte res1[42] = { 0x0a, 0xc1, 0xaf, 0x70, 0x02, 0xb3, 0xd7, 0x61, + 0xd1, 0xe5, 0x52, 0x98, 0xda, 0x9d, 0x05, 0x06, + 0xb9, 0xae, 0x52, 0x05, 0x72, 0x20, 0xa3, 0x06, + 0xe0, 0x7b, 0x6b, 0x87, 0xe8, 0xdf, 0x21, 0xd0, + 0xea, 0x00, 0x03, 0x3d, 0xe0, 0x39, 0x84, 0xd3, + 0x49, 0x18 }; + byte res2[42] = { 0x08, 0x5a, 0x01, 0xea, 0x1b, 0x10, 0xf3, 0x69, + 0x33, 0x06, 0x8b, 0x56, 0xef, 0xa5, 0xad, 0x81, + 0xa4, 0xf1, 0x4b, 0x82, 0x2f, 0x5b, 0x09, 0x15, + 0x68, 0xa9, 0xcd, 0xd4, 0xf1, 0x55, 0xfd, 0xa2, + 0xc2, 0x2e, 0x42, 0x24, 0x78, 0xd3, 0x05, 0xf3, + 0xf8, 0x96 }; + byte res3[42] = { 0x8d, 0xa4, 0xe7, 0x75, 0xa5, 0x63, 0xc1, 0x8f, + 0x71, 0x5f, 0x80, 0x2a, 0x06, 0x3c, 0x5a, 0x31, + 0xb8, 0xa1, 0x1f, 0x5c, 0x5e, 0xe1, 0x87, 0x9e, + 0xc3, 0x45, 0x4e, 0x5f, 0x3c, 0x73, 0x8d, 0x2d, + 0x9d, 0x20, 0x13, 0x95, 0xfa, 0xa4, 0xb6, 0x1a, + 0x96, 0xc8 }; + byte res4[42] = { 0x3c, 0xb2, 0x5f, 0x25, 0xfa, 0xac, 0xd5, 0x7a, + 0x90, 0x43, 0x4f, 0x64, 0xd0, 0x36, 0x2f, 0x2a, + 0x2d, 0x2d, 0x0a, 0x90, 0xcf, 0x1a, 0x5a, 0x4c, + 0x5d, 0xb0, 0x2d, 0x56, 0xec, 0xc4, 0xc5, 0xbf, + 0x34, 0x00, 0x72, 0x08, 0xd5, 0xb8, 0x87, 0x18, + 0x58, 0x65 }; + + (void)res1; + (void)res2; + (void)res3; + (void)res4; + (void)salt1; + (void)info1; + +#ifndef NO_SHA + ret = HKDF(SHA, ikm1, 22, NULL, 0, NULL, 0, okm1, L); + if (ret != 0) + return -2001; + + if (memcmp(okm1, res1, L) != 0) + return -2002; + +#ifndef HAVE_FIPS + /* fips can't have key size under 14 bytes, salt is key too */ + ret = HKDF(SHA, ikm1, 11, salt1, 13, info1, 10, okm1, L); + if (ret != 0) + return -2003; + + if (memcmp(okm1, res2, L) != 0) + return -2004; +#endif /* HAVE_FIPS */ +#endif /* NO_SHA */ + +#ifndef NO_SHA256 + ret = HKDF(SHA256, ikm1, 22, NULL, 0, NULL, 0, okm1, L); + if (ret != 0) + return -2005; + + if (memcmp(okm1, res3, L) != 0) + return -2006; + +#ifndef HAVE_FIPS + /* fips can't have key size under 14 bytes, salt is key too */ + ret = HKDF(SHA256, ikm1, 22, salt1, 13, info1, 10, okm1, L); + if (ret != 0) + return -2007; + + if (memcmp(okm1, res4, L) != 0) + return -2007; +#endif /* HAVE_FIPS */ +#endif /* NO_SHA256 */ + + return 0; +} + +#endif /* HAVE_HKDF */ + + +#ifdef HAVE_ECC + +int ecc_test(void) +{ + RNG rng; + byte sharedA[1024]; + byte sharedB[1024]; + byte sig[1024]; + byte digest[20]; + byte exportBuf[1024]; + word32 x, y; + int i, verify, ret; + ecc_key userA, userB, pubKey; + + ret = InitRng(&rng); + if (ret != 0) + return -1001; + + ecc_init(&userA); + ecc_init(&userB); + ecc_init(&pubKey); + + ret = ecc_make_key(&rng, 32, &userA); + + if (ret != 0) + return -1014; + + ret = ecc_make_key(&rng, 32, &userB); + + if (ret != 0) + return -1002; + + x = sizeof(sharedA); + ret = ecc_shared_secret(&userA, &userB, sharedA, &x); + + if (ret != 0) + return -1015; + + y = sizeof(sharedB); + ret = ecc_shared_secret(&userB, &userA, sharedB, &y); + + if (ret != 0) + return -1003; + + if (y != x) + return -1004; + + if (memcmp(sharedA, sharedB, x)) + return -1005; + + x = sizeof(exportBuf); + ret = ecc_export_x963(&userA, exportBuf, &x); + if (ret != 0) + return -1006; + + ret = ecc_import_x963(exportBuf, x, &pubKey); + + if (ret != 0) + return -1007; + + y = sizeof(sharedB); + ret = ecc_shared_secret(&userB, &pubKey, sharedB, &y); + + if (ret != 0) + return -1008; + + if (memcmp(sharedA, sharedB, y)) + return -1010; + + /* test DSA sign hash */ + for (i = 0; i < (int)sizeof(digest); i++) + digest[i] = (byte)i; + + x = sizeof(sig); + ret = ecc_sign_hash(digest, sizeof(digest), sig, &x, &rng, &userA); + + if (ret != 0) + return -1016; + + verify = 0; + ret = ecc_verify_hash(sig, x, digest, sizeof(digest), &verify, &userA); + + if (ret != 0) + return -1011; + + if (verify != 1) + return -1012; + + x = sizeof(exportBuf); + ret = ecc_export_private_only(&userA, exportBuf, &x); + if (ret != 0) + return -1013; + + ecc_free(&pubKey); + ecc_free(&userB); + ecc_free(&userA); + + return 0; +} + +#ifdef HAVE_ECC_ENCRYPT + +int ecc_encrypt_test(void) +{ + RNG rng; + int ret; + ecc_key userA, userB; + byte msg[48]; + byte plain[48]; + byte out[80]; + word32 outSz = sizeof(out); + word32 plainSz = sizeof(plain); + int i; + + ret = InitRng(&rng); + if (ret != 0) + return -3001; + + ecc_init(&userA); + ecc_init(&userB); + + ret = ecc_make_key(&rng, 32, &userA); + ret += ecc_make_key(&rng, 32, &userB); + + if (ret != 0) + return -3002; + + for (i = 0; i < 48; i++) + msg[i] = i; + + /* encrypt msg to B */ + ret = ecc_encrypt(&userA, &userB, msg, sizeof(msg), out, &outSz, NULL); + if (ret != 0) + return -3003; + + /* decrypt msg from A */ + ret = ecc_decrypt(&userB, &userA, out, outSz, plain, &plainSz, NULL); + if (ret != 0) + return -3004; + + if (memcmp(plain, msg, sizeof(msg)) != 0) + return -3005; + + + { /* let's verify message exchange works, A is client, B is server */ + ecEncCtx* cliCtx = ecc_ctx_new(REQ_RESP_CLIENT, &rng); + ecEncCtx* srvCtx = ecc_ctx_new(REQ_RESP_SERVER, &rng); + + byte cliSalt[EXCHANGE_SALT_SZ]; + byte srvSalt[EXCHANGE_SALT_SZ]; + const byte* tmpSalt; + + if (cliCtx == NULL || srvCtx == NULL) + return -3006; + + /* get salt to send to peer */ + tmpSalt = ecc_ctx_get_own_salt(cliCtx); + if (tmpSalt == NULL) + return -3007; + memcpy(cliSalt, tmpSalt, EXCHANGE_SALT_SZ); + + tmpSalt = ecc_ctx_get_own_salt(srvCtx); + if (tmpSalt == NULL) + return -3007; + memcpy(srvSalt, tmpSalt, EXCHANGE_SALT_SZ); + + /* in actual use, we'd get the peer's salt over the transport */ + ret = ecc_ctx_set_peer_salt(cliCtx, srvSalt); + ret += ecc_ctx_set_peer_salt(srvCtx, cliSalt); + + ret += ecc_ctx_set_info(cliCtx, (byte*)"CyaSSL MSGE", 11); + ret += ecc_ctx_set_info(srvCtx, (byte*)"CyaSSL MSGE", 11); + + if (ret != 0) + return -3008; + + /* get encrypted msg (request) to send to B */ + outSz = sizeof(out); + ret = ecc_encrypt(&userA, &userB, msg, sizeof(msg), out, &outSz,cliCtx); + if (ret != 0) + return -3009; + + /* B decrypts msg (request) from A */ + plainSz = sizeof(plain); + ret = ecc_decrypt(&userB, &userA, out, outSz, plain, &plainSz, srvCtx); + if (ret != 0) + return -3010; + + if (memcmp(plain, msg, sizeof(msg)) != 0) + return -3011; + + { + /* msg2 (response) from B to A */ + byte msg2[48]; + byte plain2[48]; + byte out2[80]; + word32 outSz2 = sizeof(out2); + word32 plainSz2 = sizeof(plain2); + + for (i = 0; i < 48; i++) + msg2[i] = i+48; + + /* get encrypted msg (response) to send to B */ + ret = ecc_encrypt(&userB, &userA, msg2, sizeof(msg2), out2, + &outSz2, srvCtx); + if (ret != 0) + return -3012; + + /* A decrypts msg (response) from B */ + ret = ecc_decrypt(&userA, &userB, out2, outSz2, plain2, &plainSz2, + cliCtx); + if (ret != 0) + return -3013; + + if (memcmp(plain2, msg2, sizeof(msg2)) != 0) + return -3014; + } + + /* cleanup */ + ecc_ctx_free(srvCtx); + ecc_ctx_free(cliCtx); + } + + /* cleanup */ + ecc_free(&userB); + ecc_free(&userA); + + return 0; +} + +#endif /* HAVE_ECC_ENCRYPT */ +#endif /* HAVE_ECC */ + +#ifdef HAVE_LIBZ + +const byte sample_text[] = + "Biodiesel cupidatat marfa, cliche aute put a bird on it incididunt elit\n" + "polaroid. Sunt tattooed bespoke reprehenderit. Sint twee organic id\n" + "marfa. Commodo veniam ad esse gastropub. 3 wolf moon sartorial vero,\n" + "plaid delectus biodiesel squid +1 vice. Post-ironic keffiyeh leggings\n" + "selfies cray fap hoodie, forage anim. Carles cupidatat shoreditch, VHS\n" + "small batch meggings kogi dolore food truck bespoke gastropub.\n" + "\n" + "Terry richardson adipisicing actually typewriter tumblr, twee whatever\n" + "four loko you probably haven't heard of them high life. Messenger bag\n" + "whatever tattooed deep v mlkshk. Brooklyn pinterest assumenda chillwave\n" + "et, banksy ullamco messenger bag umami pariatur direct trade forage.\n" + "Typewriter culpa try-hard, pariatur sint brooklyn meggings. Gentrify\n" + "food truck next level, tousled irony non semiotics PBR ethical anim cred\n" + "readymade. Mumblecore brunch lomo odd future, portland organic terry\n" + "richardson elit leggings adipisicing ennui raw denim banjo hella. Godard\n" + "mixtape polaroid, pork belly readymade organic cray typewriter helvetica\n" + "four loko whatever street art yr farm-to-table.\n" + "\n" + "Vinyl keytar vice tofu. Locavore you probably haven't heard of them pug\n" + "pickled, hella tonx labore truffaut DIY mlkshk elit cosby sweater sint\n" + "et mumblecore. Elit swag semiotics, reprehenderit DIY sartorial nisi ugh\n" + "nesciunt pug pork belly wayfarers selfies delectus. Ethical hoodie\n" + "seitan fingerstache kale chips. Terry richardson artisan williamsburg,\n" + "eiusmod fanny pack irony tonx ennui lo-fi incididunt tofu YOLO\n" + "readymade. 8-bit sed ethnic beard officia. Pour-over iphone DIY butcher,\n" + "ethnic art party qui letterpress nisi proident jean shorts mlkshk\n" + "locavore.\n" + "\n" + "Narwhal flexitarian letterpress, do gluten-free voluptate next level\n" + "banh mi tonx incididunt carles DIY. Odd future nulla 8-bit beard ut\n" + "cillum pickled velit, YOLO officia you probably haven't heard of them\n" + "trust fund gastropub. Nisi adipisicing tattooed, Austin mlkshk 90's\n" + "small batch american apparel. Put a bird on it cosby sweater before they\n" + "sold out pork belly kogi hella. Street art mollit sustainable polaroid,\n" + "DIY ethnic ea pug beard dreamcatcher cosby sweater magna scenester nisi.\n" + "Sed pork belly skateboard mollit, labore proident eiusmod. Sriracha\n" + "excepteur cosby sweater, anim deserunt laborum eu aliquip ethical et\n" + "neutra PBR selvage.\n" + "\n" + "Raw denim pork belly truffaut, irony plaid sustainable put a bird on it\n" + "next level jean shorts exercitation. Hashtag keytar whatever, nihil\n" + "authentic aliquip disrupt laborum. Tattooed selfies deserunt trust fund\n" + "wayfarers. 3 wolf moon synth church-key sartorial, gastropub leggings\n" + "tattooed. Labore high life commodo, meggings raw denim fingerstache pug\n" + "trust fund leggings seitan forage. Nostrud ullamco duis, reprehenderit\n" + "incididunt flannel sustainable helvetica pork belly pug banksy you\n" + "probably haven't heard of them nesciunt farm-to-table. Disrupt nostrud\n" + "mollit magna, sriracha sartorial helvetica.\n" + "\n" + "Nulla kogi reprehenderit, skateboard sustainable duis adipisicing viral\n" + "ad fanny pack salvia. Fanny pack trust fund you probably haven't heard\n" + "of them YOLO vice nihil. Keffiyeh cray lo-fi pinterest cardigan aliqua,\n" + "reprehenderit aute. Culpa tousled williamsburg, marfa lomo actually anim\n" + "skateboard. Iphone aliqua ugh, semiotics pariatur vero readymade\n" + "organic. Marfa squid nulla, in laborum disrupt laboris irure gastropub.\n" + "Veniam sunt food truck leggings, sint vinyl fap.\n" + "\n" + "Hella dolore pork belly, truffaut carles you probably haven't heard of\n" + "them PBR helvetica in sapiente. Fashion axe ugh bushwick american\n" + "apparel. Fingerstache sed iphone, jean shorts blue bottle nisi bushwick\n" + "flexitarian officia veniam plaid bespoke fap YOLO lo-fi. Blog\n" + "letterpress mumblecore, food truck id cray brooklyn cillum ad sed.\n" + "Assumenda chambray wayfarers vinyl mixtape sustainable. VHS vinyl\n" + "delectus, culpa williamsburg polaroid cliche swag church-key synth kogi\n" + "magna pop-up literally. Swag thundercats ennui shoreditch vegan\n" + "pitchfork neutra truffaut etsy, sed single-origin coffee craft beer.\n" + "\n" + "Odio letterpress brooklyn elit. Nulla single-origin coffee in occaecat\n" + "meggings. Irony meggings 8-bit, chillwave lo-fi adipisicing cred\n" + "dreamcatcher veniam. Put a bird on it irony umami, trust fund bushwick\n" + "locavore kale chips. Sriracha swag thundercats, chillwave disrupt\n" + "tousled beard mollit mustache leggings portland next level. Nihil esse\n" + "est, skateboard art party etsy thundercats sed dreamcatcher ut iphone\n" + "swag consectetur et. Irure skateboard banjo, nulla deserunt messenger\n" + "bag dolor terry richardson sapiente.\n"; + + +int compress_test(void) +{ + int ret = 0; + word32 dSz = sizeof(sample_text); + word32 cSz = (dSz + (word32)(dSz * 0.001) + 12); + byte *c = NULL; + byte *d = NULL; + + c = calloc(cSz, sizeof(byte)); + d = calloc(dSz, sizeof(byte)); + + if (c == NULL || d == NULL) + ret = -300; + + if (ret == 0 && (ret = Compress(c, cSz, sample_text, dSz, 0)) < 0) + ret = -301; + + if (ret > 0) { + cSz = (word32)ret; + ret = 0; + } + + if (ret == 0 && DeCompress(d, dSz, c, cSz) != (int)dSz) + ret = -302; + + if (ret == 0 && memcmp(d, sample_text, dSz)) + ret = -303; + + if (c) free(c); + if (d) free(d); + + return ret; +} + +#endif /* HAVE_LIBZ */ + +#ifdef HAVE_PKCS7 + +int pkcs7enveloped_test(void) +{ + int ret = 0; + + int cipher = DES3b; + int envelopedSz, decodedSz; + PKCS7 pkcs7; + byte* cert; + byte* privKey; + byte enveloped[2048]; + byte decoded[2048]; + + size_t certSz; + size_t privKeySz; + FILE* certFile; + FILE* keyFile; + FILE* pkcs7File; + const char* pkcs7OutFile = "pkcs7envelopedData.der"; + + const byte data[] = { /* Hello World */ + 0x48,0x65,0x6c,0x6c,0x6f,0x20,0x57,0x6f, + 0x72,0x6c,0x64 + }; + + /* read client cert and key in DER format */ + cert = (byte*)malloc(FOURK_BUF); + if (cert == NULL) + return -201; + + privKey = (byte*)malloc(FOURK_BUF); + if (privKey == NULL) { + free(cert); + return -202; + } + + certFile = fopen(clientCert, "rb"); + if (!certFile) { + free(cert); + free(privKey); + err_sys("can't open ./certs/client-cert.der, " + "Please run from CyaSSL home dir", -42); + } + + certSz = fread(cert, 1, FOURK_BUF, certFile); + fclose(certFile); + + keyFile = fopen(clientKey, "rb"); + if (!keyFile) { + free(cert); + free(privKey); + err_sys("can't open ./certs/client-key.der, " + "Please run from CyaSSL home dir", -43); + } + + privKeySz = fread(privKey, 1, FOURK_BUF, keyFile); + fclose(keyFile); + + PKCS7_InitWithCert(&pkcs7, cert, (word32)certSz); + pkcs7.content = (byte*)data; + pkcs7.contentSz = (word32)sizeof(data); + pkcs7.contentOID = DATA; + pkcs7.encryptOID = cipher; + pkcs7.privateKey = privKey; + pkcs7.privateKeySz = (word32)privKeySz; + + /* encode envelopedData */ + envelopedSz = PKCS7_EncodeEnvelopedData(&pkcs7, enveloped, + sizeof(enveloped)); + if (envelopedSz <= 0) { + free(cert); + free(privKey); + return -203; + } + + /* decode envelopedData */ + decodedSz = PKCS7_DecodeEnvelopedData(&pkcs7, enveloped, envelopedSz, + decoded, sizeof(decoded)); + if (decodedSz <= 0) { + free(cert); + free(privKey); + return -204; + } + + /* test decode result */ + if (memcmp(decoded, data, sizeof(data)) != 0) { + free(cert); + free(privKey); + return -205; + } + + /* output pkcs7 envelopedData for external testing */ + pkcs7File = fopen(pkcs7OutFile, "wb"); + if (!pkcs7File) { + free(cert); + free(privKey); + return -206; + } + + ret = (int)fwrite(enveloped, envelopedSz, 1, pkcs7File); + fclose(pkcs7File); + + free(cert); + free(privKey); + PKCS7_Free(&pkcs7); + + if (ret > 0) + return 0; + + return ret; +} + +int pkcs7signed_test(void) +{ + int ret = 0; + + FILE* file; + byte* certDer; + byte* keyDer; + byte* out; + char data[] = "Hello World"; + word32 dataSz, outSz, certDerSz, keyDerSz; + PKCS7 msg; + RNG rng; + + byte transIdOid[] = + { 0x06, 0x0a, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x45, 0x01, + 0x09, 0x07 }; + byte messageTypeOid[] = + { 0x06, 0x0a, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x45, 0x01, + 0x09, 0x02 }; + byte senderNonceOid[] = + { 0x06, 0x0a, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x45, 0x01, + 0x09, 0x05 }; + byte transId[(SHA_DIGEST_SIZE + 1) * 2 + 1]; + byte messageType[] = { 0x13, 2, '1', '9' }; + byte senderNonce[PKCS7_NONCE_SZ + 2]; + + PKCS7Attrib attribs[] = + { + { transIdOid, sizeof(transIdOid), + transId, sizeof(transId) - 1 }, /* take off the null */ + { messageTypeOid, sizeof(messageTypeOid), + messageType, sizeof(messageType) }, + { senderNonceOid, sizeof(senderNonceOid), + senderNonce, sizeof(senderNonce) } + }; + + dataSz = (word32) strlen(data); + outSz = FOURK_BUF; + + certDer = (byte*)malloc(FOURK_BUF); + if (certDer == NULL) + return -207; + keyDer = (byte*)malloc(FOURK_BUF); + if (keyDer == NULL) { + free(certDer); + return -208; + } + out = (byte*)malloc(FOURK_BUF); + if (out == NULL) { + free(certDer); + free(keyDer); + return -209; + } + + /* read in DER cert of recipient, into cert of size certSz */ + file = fopen(clientCert, "rb"); + if (!file) { + free(certDer); + free(keyDer); + free(out); + err_sys("can't open ./certs/client-cert.der, " + "Please run from CyaSSL home dir", -44); + } + certDerSz = (word32)fread(certDer, 1, FOURK_BUF, file); + fclose(file); + + file = fopen(clientKey, "rb"); + if (!file) { + free(certDer); + free(keyDer); + free(out); + err_sys("can't open ./certs/client-key.der, " + "Please run from CyaSSL home dir", -45); + } + keyDerSz = (word32)fread(keyDer, 1, FOURK_BUF, file); + fclose(file); + + ret = InitRng(&rng); + if (ret != 0) { + free(certDer); + free(keyDer); + free(out); + return -210; + } + + senderNonce[0] = 0x04; + senderNonce[1] = PKCS7_NONCE_SZ; + + ret = RNG_GenerateBlock(&rng, &senderNonce[2], PKCS7_NONCE_SZ); + if (ret != 0) { + free(certDer); + free(keyDer); + free(out); + return -211; + } + + PKCS7_InitWithCert(&msg, certDer, certDerSz); + msg.privateKey = keyDer; + msg.privateKeySz = keyDerSz; + msg.content = (byte*)data; + msg.contentSz = dataSz; + msg.hashOID = SHAh; + msg.encryptOID = RSAk; + msg.signedAttribs = attribs; + msg.signedAttribsSz = sizeof(attribs)/sizeof(PKCS7Attrib); + msg.rng = &rng; + { + Sha sha; + byte digest[SHA_DIGEST_SIZE]; + int i,j; + + transId[0] = 0x13; + transId[1] = SHA_DIGEST_SIZE * 2; + + ret = InitSha(&sha); + if (ret != 0) { + free(certDer); + free(keyDer); + free(out); + return -4003; + } + ShaUpdate(&sha, msg.publicKey, msg.publicKeySz); + ShaFinal(&sha, digest); + + for (i = 0, j = 2; i < SHA_DIGEST_SIZE; i++, j += 2) { + snprintf((char*)&transId[j], 3, "%02x", digest[i]); + } + } + ret = PKCS7_EncodeSignedData(&msg, out, outSz); + if (ret < 0) { + free(certDer); + free(keyDer); + free(out); + PKCS7_Free(&msg); + return -212; + } + else + outSz = ret; + + /* write PKCS#7 to output file for more testing */ + file = fopen("./pkcs7signedData.der", "wb"); + if (!file) { + free(certDer); + free(keyDer); + free(out); + PKCS7_Free(&msg); + return -213; + } + ret = (int)fwrite(out, 1, outSz, file); + fclose(file); + if (ret != (int)outSz) { + free(certDer); + free(keyDer); + free(out); + PKCS7_Free(&msg); + return -218; + } + + PKCS7_Free(&msg); + PKCS7_InitWithCert(&msg, NULL, 0); + + ret = PKCS7_VerifySignedData(&msg, out, outSz); + if (ret < 0) { + free(certDer); + free(keyDer); + free(out); + PKCS7_Free(&msg); + return -214; + } + + if (msg.singleCert == NULL || msg.singleCertSz == 0) { + free(certDer); + free(keyDer); + free(out); + PKCS7_Free(&msg); + return -215; + } + + file = fopen("./pkcs7cert.der", "wb"); + if (!file) { + free(certDer); + free(keyDer); + free(out); + PKCS7_Free(&msg); + return -216; + } + ret = (int)fwrite(msg.singleCert, 1, msg.singleCertSz, file); + fclose(file); + + free(certDer); + free(keyDer); + free(out); + PKCS7_Free(&msg); + + if (ret > 0) + return 0; + + return ret; +} + +#endif /* HAVE_PKCS7 */ + +#endif /* NO_CRYPT_TEST */ diff --git a/3P/wolfssl/IDE/MDK5-ARM/Projects/CryptTest/time-dummy.c b/3P/wolfssl/IDE/MDK5-ARM/Projects/CryptTest/time-dummy.c new file mode 100644 index 00000000..8f98da46 --- /dev/null +++ b/3P/wolfssl/IDE/MDK5-ARM/Projects/CryptTest/time-dummy.c @@ -0,0 +1,34 @@ +/* time-dummy.c.c + * + * Copyright (C) 2006-2015 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + */ + +#ifdef HAVE_CONFIG_H + #include +#endif + +#include "time.h" + +struct tm *Cyassl_MDK_gmtime(const time_t *c) +{ + static struct tm date ; + return(&date) ; +} + +time_t time(time_t * t) { return 0 ; } diff --git a/3P/wolfssl/IDE/MDK5-ARM/Projects/CyaSSL-Full/Abstract.txt b/3P/wolfssl/IDE/MDK5-ARM/Projects/CyaSSL-Full/Abstract.txt new file mode 100644 index 00000000..dde67ce4 --- /dev/null +++ b/3P/wolfssl/IDE/MDK5-ARM/Projects/CyaSSL-Full/Abstract.txt @@ -0,0 +1,85 @@ +This program gives wolfCrypt and CyaSSL library demo. + +In order to run the demo, +Copy {PACK}\wolfSSL\CyaSSL\{version}\cyassl\certs folder and files to the SD memory. +For demo configuration, refer config-Crypt.h and config-CyaSSL.h. + +After download and start the execution, you can type in commands through the +Debug(printf) viewer. + +test wolfCrypt Simple test suite +benchmark wolfCrypt Simple benchmark +server& simple server in background mode +client simple client +echoserver& echo server in background mode +echoclient echo client +server/client -h help for server/client command + + +=== Typical Command Usage Scenario === + +Starting Shell +>test +MD5 test passed! +MD4 test passed! +SHA test passed! +... + +>benchmark +AES 25 kB took 0.025 seconds, 0.96 MB/s +ARC4 25 kB took 0.006 seconds, 3.83 MB/s +... + +DH 2048 key agreement 685.93 milliseconds, avg over 1 iterations + +>echoserver& +"echoserver" is running with the background mode. + +>echoclient +ABCDEFG +ABCDEFG +WXYZ +WXYZ +quit +sending server shutdown command: quit! +client sent quit command: shutting down! + +>server& +"server" is running with the background mode. + +>client +peer's cert info: + issuer : /C=... + subject: /C=... + serial number:02 +SSL version is TLSv1.2 +SSL cipher suite is TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 +peer's cert info: + issuer : /C=... + subject: /C=... + serial number:... +SSL version is TLSv1.2 +SSL cipher suite is TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 +Client message: hello cyassl! +Server response: I hear you fa shizzle! + +>client -h 192.168.2.100 -p 443 -g -v 0 +peer's cert info: + issuer : /CN=... + subject: /CN=... + serial number:44:39:... +SSL version is SSLv3 +SSL cipher suite is SSL_RSA_WITH_RC4_128_SHA +SSL connect ok, sending GET... +... +=== + +For the hardware crypt on config-Crypt.h, download +STSW-STM32062: STM32F2xx standard peripherals library at +http://www.st.com/. Copy Libraries\STM32F2xx_StdPeriph_Driver\{inc,src} to + {PACK}\cyassl\IDE\MDK5-ARM\STM32F2xx_StdPeriph_Lib + + +Support +------- +Please send questions or comments to support@wolfssl.com diff --git a/3P/wolfssl/IDE/MDK5-ARM/Projects/CyaSSL-Full/CyaSSL-Full.uvoptx b/3P/wolfssl/IDE/MDK5-ARM/Projects/CyaSSL-Full/CyaSSL-Full.uvoptx new file mode 100644 index 00000000..d3d972b7 --- /dev/null +++ b/3P/wolfssl/IDE/MDK5-ARM/Projects/CyaSSL-Full/CyaSSL-Full.uvoptx @@ -0,0 +1,1366 @@ + + + + 1.0 + +
### uVision Project, (C) Keil Software
+ + + *.c + *.s*; *.src; *.a* + *.obj + *.lib + *.txt; *.h; *.inc + *.plm + *.cpp + + + + 0 + 0 + + + + CyaSSL-Full + 0x4 + ARM-ADS + + 25000000 + + 1 + 1 + 0 + 1 + + + 1 + 65535 + 0 + 0 + 0 + + + 79 + 66 + 8 + .\Object\ + + + 1 + 1 + 1 + 0 + 1 + 1 + 0 + 1 + 0 + 0 + 0 + 0 + + + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 0 + + + 1 + 0 + 1 + + 255 + + + 0 + Schematics (MCBSTM32F200) + C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\Documents\mcbstm32f200-schematics.pdf + + + 1 + User Manual (MCBSTM32F200) + C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\Documents\mcbstm32f200.chm + + + 2 + MCBSTM32F200 Evaluation Board Web Page (MCBSTM32F200) + http://www.keil.com/mcbstm32f200/ + + + + 0 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 1 + 1 + 1 + 1 + 1 + 0 + 0 + 8 + + + + + + + + + + .\STM32_SWO.ini + BIN\ULP2CM3.DLL + + + + 0 + DLGUARM + + + + 0 + DLGTARM + (1010=-1,-1,-1,-1,0)(1007=-1,-1,-1,-1,0)(1008=-1,-1,-1,-1,0)(1009=-1,-1,-1,-1,0)(1012=-1,-1,-1,-1,0) + + + 0 + ARMDBGFLAGS + + + + 0 + ULP2CM3 + -UP1135060 -O206 -S8 -C0 -P00 -N00("ARM CoreSight SW-DP") -D00(2BA01477) -L00(0) -TO19 -TC120000000 -TP18 -TDX0 -TDD0 -TDS8000 -TDT0 -TDC1F -TIE1 -TIP1 -FO7 -FD20000000 -FC1000 -FN1 -FF0STM32F2xx_1024.flm -FS08000000 -FL0100000 -FP0($$Device:STM32F207IG$Flash\STM32F2xx_1024.flm) + + + 0 + UL2CM3 + UL2CM3(-S0 -C0 -P0 ) -FN1 -FC1000 -FD20000000 -FF0STM32F2xx_1024 -FL0100000 -FS08000000 -FP0($$Device:STM32F207IG$Flash\STM32F2xx_1024.flm) + + + + + + 0 + 1 + str[i] + + + 1 + 1 + str + + + + + 1 + 3 + 0x20003d9e + + + + + 2 + 8 + 0x8004dc8 + + + + 0 + + + 0 + 1 + 1 + 0 + 0 + 0 + 0 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 2 + 0 + 0 + 0 + 1 + 1 + 0 + 0 + 0 + + + + + + + + Source + 1 + 0 + 0 + 0 + + 1 + 1 + 1 + 0 + 0 + 0 + 0 + .\benchmark.c + benchmark.c + 0 + 0 + + + 1 + 2 + 1 + 0 + 0 + 0 + 0 + .\client.c + client.c + 0 + 0 + + + 1 + 3 + 1 + 0 + 0 + 0 + 0 + .\echoclient.c + echoclient.c + 0 + 0 + + + 1 + 4 + 1 + 0 + 0 + 0 + 0 + .\echoserver.c + echoserver.c + 0 + 0 + + + 1 + 5 + 1 + 0 + 0 + 0 + 0 + .\server.c + server.c + 0 + 0 + + + 1 + 6 + 1 + 0 + 0 + 0 + 0 + .\cert_data.c + cert_data.c + 0 + 0 + + + 1 + 7 + 1 + 0 + 0 + 0 + 0 + .\test.c + test.c + 0 + 0 + + + 1 + 8 + 1 + 0 + 0 + 0 + 0 + .\main.c + main.c + 0 + 0 + + + 1 + 9 + 1 + 0 + 0 + 0 + 0 + .\shell.c + shell.c + 0 + 0 + + + + + Configuration + 1 + 0 + 0 + 0 + + 2 + 10 + 5 + 0 + 0 + 0 + 0 + .\RTE\wolfSSL\config-CyaSSL.h + config-CyaSSL.h + 0 + 0 + + + 2 + 11 + 5 + 0 + 0 + 0 + 0 + .\RTE\wolfSSL\config-Crypt.h + config-Crypt.h + 0 + 0 + + + 2 + 12 + 5 + 0 + 0 + 0 + 0 + .\RTE\wolfSSL\settings.h + settings.h + 0 + 0 + + + 2 + 13 + 5 + 0 + 0 + 0 + 0 + .\RTE\Network\Net_Config_ETH_0.h + Net_Config_ETH_0.h + 0 + 0 + + + + + Documentation + 1 + 0 + 0 + 0 + + 3 + 14 + 5 + 0 + 0 + 0 + 0 + .\Abstract.txt + Abstract.txt + 0 + 0 + + + + + Devices + 1 + 0 + 0 + 0 + + 4 + 15 + 1 + 0 + 0 + 0 + 0 + .\time-CortexM3-4.c + time-CortexM3-4.c + 0 + 0 + + + 4 + 16 + 1 + 0 + 0 + 0 + 0 + .\time-dummy.c + time-dummy.c + 0 + 0 + + + + + ::CMSIS + 1 + 0 + 0 + 1 + + 5 + 17 + 1 + 0 + 0 + 0 + 0 + RTE\CMSIS\RTX_Conf_CM.c + RTX_Conf_CM.c + 1 + 0 + + + 5 + 18 + 4 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.4\CMSIS_RTX\Lib\ARM\RTX_CM3.lib + RTX_CM3.lib + 1 + 0 + + + + + ::Device + 0 + 0 + 0 + 1 + + 6 + 19 + 5 + 0 + 0 + 0 + 0 + RTE\Device\STM32F207IG\RTE_Device.h + RTE_Device.h + 1 + 0 + + + 6 + 20 + 2 + 0 + 0 + 0 + 0 + RTE\Device\STM32F207IG\startup_stm32f2xx.s + startup_stm32f2xx.s + 1 + 0 + + + 6 + 21 + 1 + 0 + 0 + 0 + 0 + RTE\Device\STM32F207IG\system_stm32f2xx.c + system_stm32f2xx.c + 1 + 0 + + + 6 + 22 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\DMA_STM32F2xx.c + DMA_STM32F2xx.c + 1 + 0 + + + 6 + 23 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\GPIO_STM32F2xx.c + GPIO_STM32F2xx.c + 1 + 0 + + + + + ::Drivers + 0 + 0 + 0 + 1 + + 7 + 24 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\EMAC_STM32F2xx.c + EMAC_STM32F2xx.c + 1 + 0 + + + 7 + 25 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\MCI_STM32F2xx.c + MCI_STM32F2xx.c + 1 + 0 + + + 7 + 26 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.6\Network\Driver\PHY_ST802RT1.c + PHY_ST802RT1.c + 1 + 0 + + + + + ::File System + 0 + 0 + 0 + 1 + + 8 + 27 + 1 + 0 + 0 + 0 + 0 + RTE\File_System\FS_Config.c + FS_Config.c + 1 + 0 + + + 8 + 28 + 5 + 0 + 0 + 0 + 0 + RTE\File_System\FS_Config_MC_0.h + FS_Config_MC_0.h + 1 + 0 + + + 8 + 29 + 4 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.6\FileSystem\Lib\ARM\FS_LFN_CM3_L.lib + FS_LFN_CM3_L.lib + 1 + 0 + + + + + ::Network + 0 + 0 + 0 + 1 + + 9 + 30 + 1 + 0 + 0 + 0 + 0 + RTE\Network\Net_Config.c + Net_Config.c + 1 + 0 + + + 9 + 31 + 5 + 0 + 0 + 0 + 0 + RTE\Network\Net_Config_BSD.h + Net_Config_BSD.h + 1 + 0 + + + 9 + 32 + 5 + 0 + 0 + 0 + 0 + RTE\Network\Net_Config_DNS_Client.h + Net_Config_DNS_Client.h + 1 + 0 + + + 9 + 33 + 5 + 0 + 0 + 0 + 0 + RTE\Network\Net_Config_ETH_0.h + Net_Config_ETH_0.h + 1 + 0 + + + 9 + 34 + 5 + 0 + 0 + 0 + 0 + RTE\Network\Net_Config_TCP.h + Net_Config_TCP.h + 1 + 0 + + + 9 + 35 + 5 + 0 + 0 + 0 + 0 + RTE\Network\Net_Config_UDP.h + Net_Config_UDP.h + 1 + 0 + + + 9 + 36 + 1 + 0 + 0 + 0 + 0 + RTE\Network\Net_Debug.c + Net_Debug.c + 1 + 0 + + + 9 + 37 + 4 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.6\Network\Lib\ARM\Net_Dbg_CM3_L.lib + Net_Dbg_CM3_L.lib + 1 + 0 + + + + + ::wolfSSL + 0 + 0 + 0 + 1 + + 10 + 38 + 5 + 0 + 0 + 0 + 0 + RTE\wolfSSL\config-Crypt.h + config-Crypt.h + 1 + 0 + + + 10 + 39 + 5 + 0 + 0 + 0 + 0 + RTE\wolfSSL\config-CyaSSL.h + config-CyaSSL.h + 1 + 0 + + + 10 + 40 + 5 + 0 + 0 + 0 + 0 + RTE\wolfSSL\settings.h + settings.h + 1 + 0 + + + 10 + 41 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\IDE\MDK5-ARM\Src\cyassl_MDK_ARM.c + cyassl_MDK_ARM.c + 1 + 0 + + + 10 + 42 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\aes.c + aes.c + 1 + 0 + + + 10 + 43 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\arc4.c + arc4.c + 1 + 0 + + + 10 + 44 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\asm.c + asm.c + 1 + 0 + + + 10 + 45 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\asn.c + asn.c + 1 + 0 + + + 10 + 46 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\blake2b.c + blake2b.c + 1 + 0 + + + 10 + 47 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\camellia.c + camellia.c + 1 + 0 + + + 10 + 48 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\coding.c + coding.c + 1 + 0 + + + 10 + 49 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\compress.c + compress.c + 1 + 0 + + + 10 + 50 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\des3.c + des3.c + 1 + 0 + + + 10 + 51 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\dh.c + dh.c + 1 + 0 + + + 10 + 52 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\dsa.c + dsa.c + 1 + 0 + + + 10 + 53 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\ecc.c + ecc.c + 1 + 0 + + + 10 + 54 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\ecc_fp.c + ecc_fp.c + 1 + 0 + + + 10 + 55 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\error.c + error.c + 1 + 0 + + + 10 + 56 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\hc128.c + hc128.c + 1 + 0 + + + 10 + 57 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\hmac.c + hmac.c + 1 + 0 + + + 10 + 58 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\integer.c + integer.c + 1 + 0 + + + 10 + 59 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\logging.c + logging.c + 1 + 0 + + + 10 + 60 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\md2.c + md2.c + 1 + 0 + + + 10 + 61 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\md4.c + md4.c + 1 + 0 + + + 10 + 62 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\md5.c + md5.c + 1 + 0 + + + 10 + 63 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\memory.c + memory.c + 1 + 0 + + + 10 + 64 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\misc.c + misc.c + 1 + 0 + + + 10 + 65 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\pwdbased.c + pwdbased.c + 1 + 0 + + + 10 + 66 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\rabbit.c + rabbit.c + 1 + 0 + + + 10 + 67 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\random.c + random.c + 1 + 0 + + + 10 + 68 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\ripemd.c + ripemd.c + 1 + 0 + + + 10 + 69 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\rsa.c + rsa.c + 1 + 0 + + + 10 + 70 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\sha.c + sha.c + 1 + 0 + + + 10 + 71 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\sha256.c + sha256.c + 1 + 0 + + + 10 + 72 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\sha512.c + sha512.c + 1 + 0 + + + 10 + 73 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\tfm.c + tfm.c + 1 + 0 + + + 10 + 74 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\wc_port.c + wc_port.c + 1 + 0 + + + 10 + 75 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\src\crl.c + crl.c + 1 + 0 + + + 10 + 76 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\src\internal.c + internal.c + 1 + 0 + + + 10 + 77 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\src\io.c + io.c + 1 + 0 + + + 10 + 78 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\src\keys.c + keys.c + 1 + 0 + + + 10 + 79 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\src\ocsp.c + ocsp.c + 1 + 0 + + + 10 + 80 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\src\sniffer.c + sniffer.c + 1 + 0 + + + 10 + 81 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\src\ssl.c + ssl.c + 1 + 0 + + + 10 + 82 + 1 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\src\tls.c + tls.c + 1 + 0 + + + + diff --git a/3P/wolfssl/IDE/MDK5-ARM/Projects/CyaSSL-Full/CyaSSL-Full.uvprojx b/3P/wolfssl/IDE/MDK5-ARM/Projects/CyaSSL-Full/CyaSSL-Full.uvprojx new file mode 100644 index 00000000..285caa68 --- /dev/null +++ b/3P/wolfssl/IDE/MDK5-ARM/Projects/CyaSSL-Full/CyaSSL-Full.uvprojx @@ -0,0 +1,1185 @@ + + + + 2.1 + +
### uVision Project, (C) Keil Software
+ + + + CyaSSL-Full + 0x4 + ARM-ADS + + + STM32F207IG + STMicroelectronics + IRAM(0x20000000,0x20000) IROM(0x08000000,0x100000) CPUTYPE("Cortex-M3") CLOCK(120000000) ELITTLE + + + UL2CM3(-S0 -C0 -P0 -FD20000000 -FC1000 -FN1 -FF0STM32F2xx_1024 -FS08000000 -FL0100000 -FP0($$Device:STM32F207IG$Flash\STM32F2xx_1024.flm)) + 0 + $$Device:STM32F207IG$Device\Include\stm32f2xx.h + + + + + + + + + + $$Device:STM32F207IG$SVD\STM32F20x.svd + 0 + 0 + + + + + + + 0 + 0 + 0 + 0 + 1 + + .\Object\ + CyaSSL-Full + 1 + 0 + 0 + 1 + 1 + .\Object\ + 1 + 0 + 0 + + 0 + 0 + + + 0 + 0 + 0 + 0 + + + 0 + 0 + + + 0 + 0 + 0 + 0 + + + 0 + 0 + + + 0 + 0 + + 0 + + + + 0 + 0 + 0 + 0 + 0 + 1 + 0 + 0 + 0 + 0 + 3 + + + 1 + + + SARMCM3.DLL + -REMAP -MPU + DCM.DLL + -pCM3 + SARMCM3.DLL + -REMAP -MPU + TCM.DLL + -pCM3 + + + + 1 + 0 + 0 + 0 + 16 + + + 0 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 1 + + + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 1 + 1 + 1 + 1 + + 0 + 8 + + + + + + + + + + + + + .\STM32_SWO.ini + BIN\ULP2CM3.DLL + + + + + 1 + 0 + 0 + 1 + 1 + 4100 + + 0 + BIN\ULP2CM3.DLL + "" () + + + + + 0 + + + + 0 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 1 + 1 + 0 + 1 + 1 + 0 + 0 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 0 + "Cortex-M3" + + 1 + 0 + 0 + 1 + 1 + 0 + 0 + 0 + 0 + 0 + 8 + 0 + 0 + 0 + 3 + 3 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 1 + 0 + 0 + 0 + 0 + 1 + 0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x20000000 + 0x20000 + + + 1 + 0x8000000 + 0x100000 + + + 0 + 0x0 + 0x0 + + + 1 + 0x0 + 0x0 + + + 1 + 0x0 + 0x0 + + + 1 + 0x0 + 0x0 + + + 1 + 0x8000000 + 0x100000 + + + 1 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x20000000 + 0x20000 + + + 0 + 0x0 + 0x0 + + + + + + 1 + 4 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + + + HAVE_CONFIG_H MDK_CONF_CYASSL + + + + + + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + + + + + + + + + 1 + 0 + 0 + 0 + 1 + 0 + 0x08000000 + 0x20000000 + + + + + + + + + + + + + Source + + + benchmark.c + 1 + .\benchmark.c + + + client.c + 1 + .\client.c + + + echoclient.c + 1 + .\echoclient.c + + + echoserver.c + 1 + .\echoserver.c + + + server.c + 1 + .\server.c + + + cert_data.c + 1 + .\cert_data.c + + + test.c + 1 + .\test.c + + + main.c + 1 + .\main.c + + + shell.c + 1 + .\shell.c + + + + + Configuration + + + config-CyaSSL.h + 5 + .\RTE\wolfSSL\config-CyaSSL.h + + + config-Crypt.h + 5 + .\RTE\wolfSSL\config-Crypt.h + + + settings.h + 5 + .\RTE\wolfSSL\settings.h + + + Net_Config_ETH_0.h + 5 + .\RTE\Network\Net_Config_ETH_0.h + + + + + Documentation + + + Abstract.txt + 5 + .\Abstract.txt + + + + + Devices + + + time-CortexM3-4.c + 1 + .\time-CortexM3-4.c + + + time-dummy.c + 1 + .\time-dummy.c + + + + + ::CMSIS + + + RTX_Conf_CM.c + 1 + RTE\CMSIS\RTX_Conf_CM.c + + + RTX_CM3.lib + 4 + C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.4\CMSIS_RTX\Lib\ARM\RTX_CM3.lib + + + + + ::Device + + + RTE_Device.h + 5 + RTE\Device\STM32F207IG\RTE_Device.h + + + startup_stm32f2xx.s + 2 + RTE\Device\STM32F207IG\startup_stm32f2xx.s + + + system_stm32f2xx.c + 1 + RTE\Device\STM32F207IG\system_stm32f2xx.c + + + DMA_STM32F2xx.c + 1 + C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\DMA_STM32F2xx.c + + + GPIO_STM32F2xx.c + 1 + C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\GPIO_STM32F2xx.c + + + + + ::Drivers + + + EMAC_STM32F2xx.c + 1 + C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\EMAC_STM32F2xx.c + + + MCI_STM32F2xx.c + 1 + C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\MCI_STM32F2xx.c + + + PHY_ST802RT1.c + 1 + C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.6\Network\Driver\PHY_ST802RT1.c + + + + + ::File System + + + FS_Config.c + 1 + RTE\File_System\FS_Config.c + + + FS_Config_MC_0.h + 5 + RTE\File_System\FS_Config_MC_0.h + + + FS_LFN_CM3_L.lib + 4 + C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.6\FileSystem\Lib\ARM\FS_LFN_CM3_L.lib + + + + + ::Network + + + Net_Config.c + 1 + RTE\Network\Net_Config.c + + + Net_Config_BSD.h + 5 + RTE\Network\Net_Config_BSD.h + + + Net_Config_DNS_Client.h + 5 + RTE\Network\Net_Config_DNS_Client.h + + + Net_Config_ETH_0.h + 5 + RTE\Network\Net_Config_ETH_0.h + + + Net_Config_TCP.h + 5 + RTE\Network\Net_Config_TCP.h + + + Net_Config_UDP.h + 5 + RTE\Network\Net_Config_UDP.h + + + Net_Debug.c + 1 + RTE\Network\Net_Debug.c + + + Net_Dbg_CM3_L.lib + 4 + C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.6\Network\Lib\ARM\Net_Dbg_CM3_L.lib + + + + + ::wolfSSL + + + config-Crypt.h + 5 + RTE\wolfSSL\config-Crypt.h + + + config-CyaSSL.h + 5 + RTE\wolfSSL\config-CyaSSL.h + + + settings.h + 5 + RTE\wolfSSL\settings.h + + + cyassl_MDK_ARM.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\IDE\MDK5-ARM\Src\cyassl_MDK_ARM.c + + + aes.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\aes.c + + + arc4.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\arc4.c + + + asm.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\asm.c + + + asn.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\asn.c + + + blake2b.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\blake2b.c + + + camellia.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\camellia.c + + + coding.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\coding.c + + + compress.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\compress.c + + + des3.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\des3.c + + + dh.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\dh.c + + + dsa.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\dsa.c + + + ecc.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\ecc.c + + + ecc_fp.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\ecc_fp.c + + + error.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\error.c + + + hc128.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\hc128.c + + + hmac.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\hmac.c + + + integer.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\integer.c + + + logging.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\logging.c + + + md2.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\md2.c + + + md4.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\md4.c + + + md5.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\md5.c + + + memory.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\memory.c + + + misc.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\misc.c + + + pwdbased.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\pwdbased.c + + + rabbit.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\rabbit.c + + + random.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\random.c + + + ripemd.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\ripemd.c + + + rsa.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\rsa.c + + + sha.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\sha.c + + + sha256.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\sha256.c + + + sha512.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\sha512.c + + + tfm.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\tfm.c + + + wc_port.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\wc_port.c + + + crl.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\src\crl.c + + + internal.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\src\internal.c + + + io.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\src\io.c + + + keys.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\src\keys.c + + + ocsp.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\src\ocsp.c + + + sniffer.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\src\sniffer.c + + + ssl.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\src\ssl.c + + + tls.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\src\tls.c + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + RTE\CMSIS\RTX_Conf_CM.c + + + + + + + + RTE\Device\STM32F207IG\RTE_Device.h + + + + + + + + RTE\Device\STM32F207IG\startup_stm32f2xx.s + + + + + + + + RTE\Device\STM32F207IG\system_stm32f2xx.c + + + + + + + + RTE\File_System\FS_Config.c + + + + + + + + RTE\File_System\FS_Config_MC_0.h + + + + + + + + RTE\Network\Net_Config.c + + + + + + + + RTE\Network\Net_Config_BSD.h + + + + + + + + RTE\Network\Net_Config_DNS_Client.h + + + + + + + + RTE\Network\Net_Config_ETH_0.h + + + + + + + + RTE\Network\Net_Config_TCP.h + + + + + + + + RTE\Network\Net_Config_UDP.h + + + + + + + + RTE\Network\Net_Debug.c + + + + + + + + RTE\Other\config-RTX-TCP-FS.h + + + + + + RTE\Other\config.h + + + + + + RTE\wolfSSL\config-Crypt.h + + + + + + + + RTE\wolfSSL\config-CyaSSL.h + + + + + + + + RTE\wolfSSL\config.h + + + + + + RTE\wolfSSL\settings.h + + + + + + + + + + diff --git a/3P/wolfssl/IDE/MDK5-ARM/Projects/CyaSSL-Full/RTE/wolfSSL/settings.h b/3P/wolfssl/IDE/MDK5-ARM/Projects/CyaSSL-Full/RTE/wolfSSL/settings.h new file mode 100644 index 00000000..86a57a0d --- /dev/null +++ b/3P/wolfssl/IDE/MDK5-ARM/Projects/CyaSSL-Full/RTE/wolfSSL/settings.h @@ -0,0 +1,667 @@ +/* settings.h + * + * Copyright (C) 2006-2015 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + */ + +/* Place OS specific preprocessor flags, defines, includes here, will be + included into every file because types.h includes it */ + + +#ifndef CTAO_CRYPT_SETTINGS_H +#define CTAO_CRYPT_SETTINGS_H + +#ifdef __cplusplus + extern "C" { +#endif + +/* Uncomment next line if using IPHONE */ +/* #define IPHONE */ + +/* Uncomment next line if using ThreadX */ +/* #define THREADX */ + +/* Uncomment next line if using Micrium ucOS */ +/* #define MICRIUM */ + +/* Uncomment next line if using Mbed */ +/* #define MBED */ + +/* Uncomment next line if using Microchip PIC32 ethernet starter kit */ +/* #define MICROCHIP_PIC32 */ + +/* Uncomment next line if using Microchip TCP/IP stack, version 5 */ +/* #define MICROCHIP_TCPIP_V5 */ + +/* Uncomment next line if using Microchip TCP/IP stack, version 6 or later */ +/* #define MICROCHIP_TCPIP */ + +/* Uncomment next line if using PIC32MZ Crypto Engine */ +/* #define CYASSL_MICROCHIP_PIC32MZ */ + +/* Uncomment next line if using FreeRTOS */ +/* #define FREERTOS */ + +/* Uncomment next line if using FreeRTOS Windows Simulator */ +/* #define FREERTOS_WINSIM */ + +/* Uncomment next line if using RTIP */ +/* #define EBSNET */ + +/* Uncomment next line if using lwip */ +/* #define CYASSL_LWIP */ + +/* Uncomment next line if building CyaSSL for a game console */ +/* #define CYASSL_GAME_BUILD */ + +/* Uncomment next line if building CyaSSL for LSR */ +/* #define CYASSL_LSR */ + +/* Uncomment next line if building CyaSSL for Freescale MQX/RTCS/MFS */ +/* #define FREESCALE_MQX */ + +/* Uncomment next line if using STM32F2 */ +/* #define CYASSL_STM32F2 */ + +/* Uncomment next line if using Comverge settings */ +/* #define COMVERGE */ + +/* Uncomment next line if using QL SEP settings */ +/* #define CYASSL_QL */ + +/* Uncomment next line if using LwIP native TCP socket settings */ +/* #define HAVE_LWIP_NATIVE */ + +/* Uncomment next line if building for EROAD */ +/* #define CYASSL_EROAD */ + +#include + +#ifdef IPHONE + #define SIZEOF_LONG_LONG 8 +#endif + + +#ifdef CYASSL_USER_SETTINGS + #include +#endif + + +#ifdef COMVERGE + #define THREADX + #define HAVE_NETX + #define CYASSL_USER_IO + #define NO_WRITEV + #define NO_DEV_RANDOM + #define NO_FILESYSTEM + #define NO_SHA512 + #define NO_DH + #define NO_DSA + #define NO_HC128 + #define NO_RSA + #define NO_SESSION_CACHE + #define HAVE_ECC +#endif + + +#ifdef THREADX + #define SIZEOF_LONG_LONG 8 +#endif + +#ifdef HAVE_NETX + #include "nx_api.h" +#endif + +#if defined(HAVE_LWIP_NATIVE) /* using LwIP native TCP socket */ + #define CYASSL_LWIP + #define NO_WRITEV + #define SINGLE_THREADED + #define CYASSL_USER_IO + #define NO_FILESYSTEM +#endif + +#ifdef MICROCHIP_PIC32 + /* #define CYASSL_MICROCHIP_PIC32MZ */ + #define SIZEOF_LONG_LONG 8 + #define SINGLE_THREADED + #define CYASSL_USER_IO + #define NO_WRITEV + #define NO_DEV_RANDOM + #define NO_FILESYSTEM + #define USE_FAST_MATH + #define TFM_TIMING_RESISTANT +#endif + +#ifdef CYASSL_MICROCHIP_PIC32MZ + #define CYASSL_PIC32MZ_CE + #define CYASSL_PIC32MZ_CRYPT + #define HAVE_AES_ENGINE + #define CYASSL_PIC32MZ_RNG + /* #define CYASSL_PIC32MZ_HASH */ + #define CYASSL_AES_COUNTER + #define HAVE_AESGCM + #define NO_BIG_INT + +#endif + +#ifdef MICROCHIP_TCPIP_V5 + /* include timer functions */ + #include "TCPIP Stack/TCPIP.h" +#endif + +#ifdef MICROCHIP_TCPIP + /* include timer, NTP functions */ + #ifdef MICROCHIP_MPLAB_HARMONY + #include "tcpip/tcpip.h" + #else + #include "system/system_services.h" + #include "tcpip/sntp.h" + #endif +#endif + +#ifdef MBED + #define CYASSL_USER_IO + #define NO_FILESYSTEM + #define NO_CERT + #define USE_CERT_BUFFERS_1024 + #define NO_WRITEV + #define NO_DEV_RANDOM + #define NO_SHA512 + #define NO_DH + #define NO_DSA + #define NO_HC128 + #define HAVE_ECC + #define NO_SESSION_CACHE + #define CYASSL_CMSIS_RTOS +#endif + + +#ifdef CYASSL_EROAD + #define FREESCALE_MQX + #define FREESCALE_MMCAU + #define SINGLE_THREADED + #define NO_STDIO_FILESYSTEM + #define CYASSL_LEANPSK + #define HAVE_NULL_CIPHER + #define NO_OLD_TLS + #define NO_ASN + #define NO_BIG_INT + #define NO_RSA + #define NO_DSA + #define NO_DH + #define NO_CERTS + #define NO_PWDBASED + #define NO_DES3 + #define NO_MD4 + #define NO_RC4 + #define NO_MD5 + #define NO_SESSION_CACHE + #define NO_MAIN_DRIVER +#endif + +#ifdef FREERTOS_WINSIM + #define FREERTOS + #define USE_WINDOWS_API +#endif + + +/* Micrium will use Visual Studio for compilation but not the Win32 API */ +#if defined(_WIN32) && !defined(MICRIUM) && !defined(FREERTOS) \ + && !defined(EBSNET) && !defined(CYASSL_EROAD) + #define USE_WINDOWS_API +#endif + + +#if defined(CYASSL_LEANPSK) && !defined(XMALLOC_USER) + #include + #define XMALLOC(s, h, type) malloc((s)) + #define XFREE(p, h, type) free((p)) + #define XREALLOC(p, n, h, t) realloc((p), (n)) +#endif + +#if defined(XMALLOC_USER) && defined(SSN_BUILDING_LIBYASSL) + #undef XMALLOC + #define XMALLOC yaXMALLOC + #undef XFREE + #define XFREE yaXFREE + #undef XREALLOC + #define XREALLOC yaXREALLOC +#endif + + +#ifdef FREERTOS + #ifndef NO_WRITEV + #define NO_WRITEV + #endif + #ifndef NO_SHA512 + #define NO_SHA512 + #endif + #ifndef NO_DH + #define NO_DH + #endif + #ifndef NO_DSA + #define NO_DSA + #endif + #ifndef NO_HC128 + #define NO_HC128 + #endif + + #ifndef SINGLE_THREADED + #include "FreeRTOS.h" + #include "semphr.h" + #endif +#endif + +#ifdef EBSNET + #include "rtip.h" + + /* #define DEBUG_CYASSL */ + #define NO_CYASSL_DIR /* tbd */ + + #if (POLLOS) + #define SINGLE_THREADED + #endif + + #if (RTPLATFORM) + #if (!RTP_LITTLE_ENDIAN) + #define BIG_ENDIAN_ORDER + #endif + #else + #if (!KS_LITTLE_ENDIAN) + #define BIG_ENDIAN_ORDER + #endif + #endif + + #if (WINMSP3) + #undef SIZEOF_LONG + #define SIZEOF_LONG_LONG 8 + #else + #sslpro: settings.h - please implement SIZEOF_LONG and SIZEOF_LONG_LONG + #endif + + #define XMALLOC(s, h, type) ((void *)rtp_malloc((s), SSL_PRO_MALLOC)) + #define XFREE(p, h, type) (rtp_free(p)) + #define XREALLOC(p, n, h, t) realloc((p), (n)) + +#endif /* EBSNET */ + +#ifdef CYASSL_GAME_BUILD + #define SIZEOF_LONG_LONG 8 + #if defined(__PPU) || defined(__XENON) + #define BIG_ENDIAN_ORDER + #endif +#endif + +#ifdef CYASSL_LSR + #define HAVE_WEBSERVER + #define SIZEOF_LONG_LONG 8 + #define CYASSL_LOW_MEMORY + #define NO_WRITEV + #define NO_SHA512 + #define NO_DH + #define NO_DSA + #define NO_HC128 + #define NO_DEV_RANDOM + #define NO_CYASSL_DIR + #define NO_RABBIT + #ifndef NO_FILESYSTEM + #define LSR_FS + #include "inc/hw_types.h" + #include "fs.h" + #endif + #define CYASSL_LWIP + #include /* for tcp errno */ + #define CYASSL_SAFERTOS + #if defined(__IAR_SYSTEMS_ICC__) + /* enum uses enum */ + #pragma diag_suppress=Pa089 + #endif +#endif + +#ifdef CYASSL_SAFERTOS + #ifndef SINGLE_THREADED + #include "SafeRTOS/semphr.h" + #endif + + #include "SafeRTOS/heap.h" + #define XMALLOC(s, h, type) pvPortMalloc((s)) + #define XFREE(p, h, type) vPortFree((p)) + #define XREALLOC(p, n, h, t) pvPortRealloc((p), (n)) +#endif + +#ifdef CYASSL_LOW_MEMORY + #undef RSA_LOW_MEM + #define RSA_LOW_MEM + #undef CYASSL_SMALL_STACK + #define CYASSL_SMALL_STACK + #undef TFM_TIMING_RESISTANT + #define TFM_TIMING_RESISTANT +#endif + +#ifdef FREESCALE_MQX + #define SIZEOF_LONG_LONG 8 + #define NO_WRITEV + #define NO_DEV_RANDOM + #define NO_RABBIT + #define NO_CYASSL_DIR + #define USE_FAST_MATH + #define TFM_TIMING_RESISTANT + #define FREESCALE_K70_RNGA + /* #define FREESCALE_K53_RNGB */ + #include "mqx.h" + #ifndef NO_FILESYSTEM + #include "mfs.h" + #include "fio.h" + #endif + #ifndef SINGLE_THREADED + #include "mutex.h" + #endif + + #define XMALLOC(s, h, t) (void *)_mem_alloc_system((s)) + #define XFREE(p, h, t) {void* xp = (p); if ((xp)) _mem_free((xp));} + /* Note: MQX has no realloc, using fastmath above */ +#endif + +#ifdef CYASSL_STM32F2 + #define SIZEOF_LONG_LONG 8 + #define NO_DEV_RANDOM + #define NO_CYASSL_DIR + #define NO_RABBIT + #define STM32F2_RNG + #define STM32F2_CRYPTO + #define KEIL_INTRINSICS +#endif + +#ifdef MICRIUM + + #include "stdlib.h" + #include "net_cfg.h" + #include "ssl_cfg.h" + #include "net_secure_os.h" + + #define CYASSL_TYPES + + typedef CPU_INT08U byte; + typedef CPU_INT16U word16; + typedef CPU_INT32U word32; + + #if (NET_SECURE_MGR_CFG_WORD_SIZE == CPU_WORD_SIZE_32) + #define SIZEOF_LONG 4 + #undef SIZEOF_LONG_LONG + #else + #undef SIZEOF_LONG + #define SIZEOF_LONG_LONG 8 + #endif + + #define STRING_USER + + #define XSTRLEN(pstr) ((CPU_SIZE_T)Str_Len((CPU_CHAR *)(pstr))) + #define XSTRNCPY(pstr_dest, pstr_src, len_max) \ + ((CPU_CHAR *)Str_Copy_N((CPU_CHAR *)(pstr_dest), \ + (CPU_CHAR *)(pstr_src), (CPU_SIZE_T)(len_max))) + #define XSTRNCMP(pstr_1, pstr_2, len_max) \ + ((CPU_INT16S)Str_Cmp_N((CPU_CHAR *)(pstr_1), \ + (CPU_CHAR *)(pstr_2), (CPU_SIZE_T)(len_max))) + #define XSTRSTR(pstr, pstr_srch) \ + ((CPU_CHAR *)Str_Str((CPU_CHAR *)(pstr), \ + (CPU_CHAR *)(pstr_srch))) + #define XMEMSET(pmem, data_val, size) \ + ((void)Mem_Set((void *)(pmem), (CPU_INT08U) (data_val), \ + (CPU_SIZE_T)(size))) + #define XMEMCPY(pdest, psrc, size) ((void)Mem_Copy((void *)(pdest), \ + (void *)(psrc), (CPU_SIZE_T)(size))) + #define XMEMCMP(pmem_1, pmem_2, size) \ + (((CPU_BOOLEAN)Mem_Cmp((void *)(pmem_1), (void *)(pmem_2), \ + (CPU_SIZE_T)(size))) ? DEF_NO : DEF_YES) + #define XMEMMOVE XMEMCPY + +#if (NET_SECURE_MGR_CFG_EN == DEF_ENABLED) + #define MICRIUM_MALLOC + #define XMALLOC(s, h, type) ((void *)NetSecure_BlkGet((CPU_INT08U)(type), \ + (CPU_SIZE_T)(s), (void *)0)) + #define XFREE(p, h, type) (NetSecure_BlkFree((CPU_INT08U)(type), \ + (p), (void *)0)) + #define XREALLOC(p, n, h, t) realloc((p), (n)) +#endif + + #if (NET_SECURE_MGR_CFG_FS_EN == DEF_ENABLED) + #undef NO_FILESYSTEM + #else + #define NO_FILESYSTEM + #endif + + #if (SSL_CFG_TRACE_LEVEL == CYASSL_TRACE_LEVEL_DBG) + #define DEBUG_CYASSL + #else + #undef DEBUG_CYASSL + #endif + + #if (SSL_CFG_OPENSSL_EN == DEF_ENABLED) + #define OPENSSL_EXTRA + #else + #undef OPENSSL_EXTRA + #endif + + #if (SSL_CFG_MULTI_THREAD_EN == DEF_ENABLED) + #undef SINGLE_THREADED + #else + #define SINGLE_THREADED + #endif + + #if (SSL_CFG_DH_EN == DEF_ENABLED) + #undef NO_DH + #else + #define NO_DH + #endif + + #if (SSL_CFG_DSA_EN == DEF_ENABLED) + #undef NO_DSA + #else + #define NO_DSA + #endif + + #if (SSL_CFG_PSK_EN == DEF_ENABLED) + #undef NO_PSK + #else + #define NO_PSK + #endif + + #if (SSL_CFG_3DES_EN == DEF_ENABLED) + #undef NO_DES + #else + #define NO_DES + #endif + + #if (SSL_CFG_AES_EN == DEF_ENABLED) + #undef NO_AES + #else + #define NO_AES + #endif + + #if (SSL_CFG_RC4_EN == DEF_ENABLED) + #undef NO_RC4 + #else + #define NO_RC4 + #endif + + #if (SSL_CFG_RABBIT_EN == DEF_ENABLED) + #undef NO_RABBIT + #else + #define NO_RABBIT + #endif + + #if (SSL_CFG_HC128_EN == DEF_ENABLED) + #undef NO_HC128 + #else + #define NO_HC128 + #endif + + #if (CPU_CFG_ENDIAN_TYPE == CPU_ENDIAN_TYPE_BIG) + #define BIG_ENDIAN_ORDER + #else + #undef BIG_ENDIAN_ORDER + #define LITTLE_ENDIAN_ORDER + #endif + + #if (SSL_CFG_MD4_EN == DEF_ENABLED) + #undef NO_MD4 + #else + #define NO_MD4 + #endif + + #if (SSL_CFG_WRITEV_EN == DEF_ENABLED) + #undef NO_WRITEV + #else + #define NO_WRITEV + #endif + + #if (SSL_CFG_USER_RNG_SEED_EN == DEF_ENABLED) + #define NO_DEV_RANDOM + #else + #undef NO_DEV_RANDOM + #endif + + #if (SSL_CFG_USER_IO_EN == DEF_ENABLED) + #define CYASSL_USER_IO + #else + #undef CYASSL_USER_IO + #endif + + #if (SSL_CFG_DYNAMIC_BUFFERS_EN == DEF_ENABLED) + #undef LARGE_STATIC_BUFFERS + #undef STATIC_CHUNKS_ONLY + #else + #define LARGE_STATIC_BUFFERS + #define STATIC_CHUNKS_ONLY + #endif + + #if (SSL_CFG_DER_LOAD_EN == DEF_ENABLED) + #define CYASSL_DER_LOAD + #else + #undef CYASSL_DER_LOAD + #endif + + #if (SSL_CFG_DTLS_EN == DEF_ENABLED) + #define CYASSL_DTLS + #else + #undef CYASSL_DTLS + #endif + + #if (SSL_CFG_CALLBACKS_EN == DEF_ENABLED) + #define CYASSL_CALLBACKS + #else + #undef CYASSL_CALLBACKS + #endif + + #if (SSL_CFG_FAST_MATH_EN == DEF_ENABLED) + #define USE_FAST_MATH + #else + #undef USE_FAST_MATH + #endif + + #if (SSL_CFG_TFM_TIMING_RESISTANT_EN == DEF_ENABLED) + #define TFM_TIMING_RESISTANT + #else + #undef TFM_TIMING_RESISTANT + #endif + +#endif /* MICRIUM */ + + +#ifdef CYASSL_QL + #ifndef CYASSL_SEP + #define CYASSL_SEP + #endif + #ifndef OPENSSL_EXTRA + #define OPENSSL_EXTRA + #endif + #ifndef SESSION_CERTS + #define SESSION_CERTS + #endif + #ifndef HAVE_AESCCM + #define HAVE_AESCCM + #endif + #ifndef ATOMIC_USER + #define ATOMIC_USER + #endif + #ifndef CYASSL_DER_LOAD + #define CYASSL_DER_LOAD + #endif + #ifndef KEEP_PEER_CERT + #define KEEP_PEER_CERT + #endif + #ifndef HAVE_ECC + #define HAVE_ECC + #endif + #ifndef SESSION_INDEX + #define SESSION_INDEX + #endif +#endif /* CYASSL_QL */ + + +#if !defined(XMALLOC_USER) && !defined(MICRIUM_MALLOC) && \ + !defined(CYASSL_LEANPSK) && !defined(NO_CYASSL_MEMORY) + #define USE_CYASSL_MEMORY +#endif + + +#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) + #undef KEEP_PEER_CERT + #define KEEP_PEER_CERT +#endif + + +/* stream ciphers except arc4 need 32bit alignment, intel ok without */ +#ifndef XSTREAM_ALIGNMENT + #if defined(__x86_64__) || defined(__ia64__) || defined(__i386__) + #define NO_XSTREAM_ALIGNMENT + #else + #define XSTREAM_ALIGNMENT + #endif +#endif + + +/* if using hardware crypto and have alignment requirements, specify the + requirement here. The record header of SSL/TLS will prvent easy alignment. + This hint tries to help as much as possible. */ +#ifndef CYASSL_GENERAL_ALIGNMENT + #ifdef CYASSL_AESNI + #define CYASSL_GENERAL_ALIGNMENT 16 + #elif defined(XSTREAM_ALIGNMENT) + #define CYASSL_GENERAL_ALIGNMENT 4 + #else + #define CYASSL_GENERAL_ALIGNMENT 0 + #endif +#endif + +#ifdef HAVE_CRL + /* not widely supported yet */ + #undef NO_SKID + #define NO_SKID +#endif + +/* Place any other flags or defines here */ + + +#ifdef __cplusplus + } /* extern "C" */ +#endif + + +#endif /* CTAO_CRYPT_SETTINGS_H */ + diff --git a/3P/wolfssl/IDE/MDK5-ARM/Projects/CyaSSL-Full/benchmark.c b/3P/wolfssl/IDE/MDK5-ARM/Projects/CyaSSL-Full/benchmark.c new file mode 100644 index 00000000..528c0a76 --- /dev/null +++ b/3P/wolfssl/IDE/MDK5-ARM/Projects/CyaSSL-Full/benchmark.c @@ -0,0 +1,1222 @@ +/* benchmark.c + * + * Copyright (C) 2006-2015 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +/* CTaoCrypt benchmark */ + +#ifdef HAVE_CONFIG_H + #include +#endif + +#include + +#include +#include + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include +#ifdef HAVE_CAVIUM + #include "cavium_sysdep.h" + #include "cavium_common.h" + #include "cavium_ioctl.h" +#endif + +#if defined(CYASSL_MDK_ARM) + extern FILE * CyaSSL_fopen(const char *fname, const char *mode) ; + #define fopen CyaSSL_fopen +#endif + +#if defined(USE_CERT_BUFFERS_1024) || defined(USE_CERT_BUFFERS_2048) + /* include test cert and key buffers for use with NO_FILESYSTEM */ + #if defined(CYASSL_MDK_ARM) + #include "cert_data.h" /* use certs_test.c for initial data, + so other commands can share the data. */ + #else + #include + #endif +#endif + + +#ifdef HAVE_BLAKE2 + #include + void bench_blake2(void); +#endif + +#ifdef _MSC_VER + /* 4996 warning to use MS extensions e.g., strcpy_s instead of strncpy */ + #pragma warning(disable: 4996) +#endif + +void bench_des(void); +void bench_arc4(void); +void bench_hc128(void); +void bench_rabbit(void); +void bench_aes(int); +void bench_aesgcm(void); +void bench_aesccm(void); +void bench_aesctr(void); +void bench_camellia(void); + +void bench_md5(void); +void bench_sha(void); +void bench_sha256(void); +void bench_sha512(void); +void bench_ripemd(void); + +void bench_rsa(void); +void bench_rsaKeyGen(void); +void bench_dh(void); +#ifdef HAVE_ECC +void bench_eccKeyGen(void); +void bench_eccKeyAgree(void); +#endif + +double current_time(int); + + +#ifdef HAVE_CAVIUM + +static int OpenNitroxDevice(int dma_mode,int dev_id) +{ + Csp1CoreAssignment core_assign; + Uint32 device; + + if (CspInitialize(CAVIUM_DIRECT,CAVIUM_DEV_ID)) + return -1; + if (Csp1GetDevType(&device)) + return -1; + if (device != NPX_DEVICE) { + if (ioctl(gpkpdev_hdlr[CAVIUM_DEV_ID], IOCTL_CSP1_GET_CORE_ASSIGNMENT, + (Uint32 *)&core_assign)!= 0) + return -1; + } + CspShutdown(CAVIUM_DEV_ID); + + return CspInitialize(dma_mode, dev_id); +} + +#endif + + +/* so embedded projects can pull in tests on their own */ +#if !defined(NO_MAIN_DRIVER) + +int main(int argc, char** argv) + +{ + (void)argc; + (void)argv; +#else +int benchmark_test(void *args) +{ +#endif + + #ifdef HAVE_CAVIUM + int ret = OpenNitroxDevice(CAVIUM_DIRECT, CAVIUM_DEV_ID); + if (ret != 0) { + printf("Cavium OpenNitroxDevice failed\n"); + exit(-1); + } +#endif /* HAVE_CAVIUM */ +#ifndef NO_AES + bench_aes(0); + bench_aes(1); +#endif +#ifdef HAVE_AESGCM + bench_aesgcm(); +#endif + +#ifdef CYASSL_AES_COUNTER + bench_aesctr(); +#endif + +#ifdef HAVE_AESCCM + bench_aesccm(); +#endif +#ifdef HAVE_CAMELLIA + bench_camellia(); +#endif +#ifndef NO_RC4 + bench_arc4(); +#endif +#ifdef HAVE_HC128 + bench_hc128(); +#endif +#ifndef NO_RABBIT + bench_rabbit(); +#endif +#ifndef NO_DES3 + bench_des(); +#endif + + printf("\n"); + +#ifndef NO_MD5 + bench_md5(); +#endif +#ifndef NO_SHA + bench_sha(); +#endif +#ifndef NO_SHA256 + bench_sha256(); +#endif +#ifdef CYASSL_SHA512 + bench_sha512(); +#endif +#ifdef CYASSL_RIPEMD + bench_ripemd(); +#endif +#ifdef HAVE_BLAKE2 + bench_blake2(); +#endif + + printf("\n"); + +#ifndef NO_RSA + bench_rsa(); +#endif + +#ifndef NO_DH + bench_dh(); +#endif + +#if defined(CYASSL_KEY_GEN) && !defined(NO_RSA) + bench_rsaKeyGen(); +#endif + +#ifdef HAVE_ECC + bench_eccKeyGen(); + bench_eccKeyAgree(); +#endif + + return 0; +} + + +#ifdef BENCH_EMBEDDED +enum BenchmarkBounds { + numBlocks = 25, /* how many kB to test (en/de)cryption */ + ntimes = 1, + genTimes = 5, /* public key iterations */ + agreeTimes = 5 +}; +static const char blockType[] = "kB"; /* used in printf output */ +#else +enum BenchmarkBounds { + numBlocks = 5, /* how many megs to test (en/de)cryption */ + ntimes = 100, + genTimes = 100, + agreeTimes = 100 +}; +static const char blockType[] = "megs"; /* used in printf output */ +#endif + +static const byte key[] = +{ + 0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef, + 0xfe,0xde,0xba,0x98,0x76,0x54,0x32,0x10, + 0x89,0xab,0xcd,0xef,0x01,0x23,0x45,0x67 +}; + +static const byte iv[] = +{ + 0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef, + 0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01, + 0x11,0x21,0x31,0x41,0x51,0x61,0x71,0x81 + +}; + + +/* use kB instead of mB for embedded benchmarking */ +#ifdef BENCH_EMBEDDED +static byte plain [1024]; +static byte cipher[1024]; +#else +static byte plain [1024*1024]; +static byte cipher[1024*1024]; +#endif + + +#ifndef NO_AES +void bench_aes(int show) +{ + Aes enc; + double start, total, persec; + int i; + int ret; + +#ifdef HAVE_CAVIUM + if (AesInitCavium(&enc, CAVIUM_DEV_ID) != 0) { + printf("aes init cavium failed\n"); + return; + } +#endif + + ret = AesSetKey(&enc, key, 16, iv, AES_ENCRYPTION); + if (ret != 0) { + printf("AesSetKey failed, ret = %d\n", ret); + return; + } + start = current_time(1); + + for(i = 0; i < numBlocks; i++) + AesCbcEncrypt(&enc, plain, cipher, sizeof(plain)); + + total = current_time(0) - start; + + persec = 1 / total * numBlocks; +#ifdef BENCH_EMBEDDED + /* since using kB, convert to MB/s */ + persec = persec / 1024; +#endif + + if (show) + printf("AES %d %s took %5.3f seconds, %7.3f MB/s\n", numBlocks, + blockType, total, persec); +#ifdef HAVE_CAVIUM + AesFreeCavium(&enc); +#endif +} +#endif + + +#if defined(HAVE_AESGCM) || defined(HAVE_AESCCM) + static byte additional[13]; + static byte tag[16]; +#endif + + +#ifdef HAVE_AESGCM +void bench_aesgcm(void) +{ + Aes enc; + double start, total, persec; + int i; + + AesGcmSetKey(&enc, key, 16); + start = current_time(1); + + for(i = 0; i < numBlocks; i++) + AesGcmEncrypt(&enc, cipher, plain, sizeof(plain), iv, 12, + tag, 16, additional, 13); + + total = current_time(0) - start; + + persec = 1 / total * numBlocks; +#ifdef BENCH_EMBEDDED + /* since using kB, convert to MB/s */ + persec = persec / 1024; +#endif + + printf("AES-GCM %d %s took %5.3f seconds, %7.3f MB/s\n", numBlocks, + blockType, total, persec); +} +#endif + +#ifdef CYASSL_AES_COUNTER +void bench_aesctr(void) +{ + Aes enc; + double start, total, persec; + int i; + + AesSetKeyDirect(&enc, key, AES_BLOCK_SIZE, iv, AES_ENCRYPTION); + start = current_time(1); + + for(i = 0; i < numBlocks; i++) + AesCtrEncrypt(&enc, plain, cipher, sizeof(plain)); + + total = current_time(0) - start; + + persec = 1 / total * numBlocks; +#ifdef BENCH_EMBEDDED + /* since using kB, convert to MB/s */ + persec = persec / 1024; +#endif + + printf("AES-CTR %d %s took %5.3f seconds, %7.3f MB/s\n", numBlocks, + blockType, total, persec); +} +#endif + + + +#ifdef HAVE_AESCCM +void bench_aesccm(void) +{ + Aes enc; + double start, total, persec; + int i; + + AesCcmSetKey(&enc, key, 16); + start = current_time(1); + + for(i = 0; i < numBlocks; i++) + AesCcmEncrypt(&enc, cipher, plain, sizeof(plain), iv, 12, + tag, 16, additional, 13); + + total = current_time(0) - start; + + persec = 1 / total * numBlocks; +#ifdef BENCH_EMBEDDED + /* since using kB, convert to MB/s */ + persec = persec / 1024; +#endif + + printf("AES-CCM %d %s took %5.3f seconds, %7.3f MB/s\n", numBlocks, + blockType, total, persec); +} +#endif + + +#ifdef HAVE_CAMELLIA +void bench_camellia(void) +{ + Camellia cam; + double start, total, persec; + int i, ret; + + ret = CamelliaSetKey(&cam, key, 16, iv); + if (ret != 0) { + printf("CamelliaSetKey failed, ret = %d\n", ret); + return; + } + start = current_time(1); + + for(i = 0; i < numBlocks; i++) + CamelliaCbcEncrypt(&cam, plain, cipher, sizeof(plain)); + + total = current_time(0) - start; + + persec = 1 / total * numBlocks; +#ifdef BENCH_EMBEDDED + /* since using kB, convert to MB/s */ + persec = persec / 1024; +#endif + + printf("Camellia %d %s took %5.3f seconds, %7.3f MB/s\n", numBlocks, + blockType, total, persec); +} +#endif + + +#ifndef NO_DES3 +void bench_des(void) +{ + Des3 enc; + double start, total, persec; + int i, ret; + +#ifdef HAVE_CAVIUM + if (Des3_InitCavium(&enc, CAVIUM_DEV_ID) != 0) + printf("des3 init cavium failed\n"); +#endif + ret = Des3_SetKey(&enc, key, iv, DES_ENCRYPTION); + if (ret != 0) { + printf("Des3_SetKey failed, ret = %d\n", ret); + return; + } + start = current_time(1); + + for(i = 0; i < numBlocks; i++) + Des3_CbcEncrypt(&enc, plain, cipher, sizeof(plain)); + + total = current_time(0) - start; + + persec = 1 / total * numBlocks; +#ifdef BENCH_EMBEDDED + /* since using kB, convert to MB/s */ + persec = persec / 1024; +#endif + + printf("3DES %d %s took %5.3f seconds, %7.3f MB/s\n", numBlocks, + blockType, total, persec); +#ifdef HAVE_CAVIUM + Des3_FreeCavium(&enc); +#endif +} +#endif + + +#ifndef NO_RC4 +void bench_arc4(void) +{ + Arc4 enc; + double start, total, persec; + int i; + +#ifdef HAVE_CAVIUM + if (Arc4InitCavium(&enc, CAVIUM_DEV_ID) != 0) + printf("arc4 init cavium failed\n"); +#endif + + Arc4SetKey(&enc, key, 16); + start = current_time(1); + + for(i = 0; i < numBlocks; i++) + Arc4Process(&enc, cipher, plain, sizeof(plain)); + + total = current_time(0) - start; + persec = 1 / total * numBlocks; +#ifdef BENCH_EMBEDDED + /* since using kB, convert to MB/s */ + persec = persec / 1024; +#endif + + printf("ARC4 %d %s took %5.3f seconds, %7.3f MB/s\n", numBlocks, + blockType, total, persec); +#ifdef HAVE_CAVIUM + Arc4FreeCavium(&enc); +#endif +} +#endif + + +#ifdef HAVE_HC128 +void bench_hc128(void) +{ + HC128 enc; + double start, total, persec; + int i; + + Hc128_SetKey(&enc, key, iv); + start = current_time(1); + + for(i = 0; i < numBlocks; i++) + Hc128_Process(&enc, cipher, plain, sizeof(plain)); + + total = current_time(0) - start; + persec = 1 / total * numBlocks; +#ifdef BENCH_EMBEDDED + /* since using kB, convert to MB/s */ + persec = persec / 1024; +#endif + + printf("HC128 %d %s took %5.3f seconds, %7.3f MB/s\n", numBlocks, + blockType, total, persec); +} +#endif /* HAVE_HC128 */ + + +#ifndef NO_RABBIT +void bench_rabbit(void) +{ + Rabbit enc; + double start, total, persec; + int i; + + RabbitSetKey(&enc, key, iv); + start = current_time(1); + + for(i = 0; i < numBlocks; i++) + RabbitProcess(&enc, cipher, plain, sizeof(plain)); + + total = current_time(0) - start; + persec = 1 / total * numBlocks; +#ifdef BENCH_EMBEDDED + /* since using kB, convert to MB/s */ + persec = persec / 1024; +#endif + + printf("RABBIT %d %s took %5.3f seconds, %7.3f MB/s\n", numBlocks, + blockType, total, persec); +} +#endif /* NO_RABBIT */ + + +#ifndef NO_MD5 +void bench_md5(void) +{ + Md5 hash; + byte digest[MD5_DIGEST_SIZE]; + double start, total, persec; + int i; + + InitMd5(&hash); + start = current_time(1); + + for(i = 0; i < numBlocks; i++) + Md5Update(&hash, plain, sizeof(plain)); + + Md5Final(&hash, digest); + + total = current_time(0) - start; + persec = 1 / total * numBlocks; +#ifdef BENCH_EMBEDDED + /* since using kB, convert to MB/s */ + persec = persec / 1024; +#endif + + printf("MD5 %d %s took %5.3f seconds, %7.3f MB/s\n", numBlocks, + blockType, total, persec); +} +#endif /* NO_MD5 */ + + +#ifndef NO_SHA +void bench_sha(void) +{ + Sha hash; + byte digest[SHA_DIGEST_SIZE]; + double start, total, persec; + int i, ret; + + ret = InitSha(&hash); + if (ret != 0) { + printf("InitSha failed, ret = %d\n", ret); + return; + } + start = current_time(1); + + for(i = 0; i < numBlocks; i++) + ShaUpdate(&hash, plain, sizeof(plain)); + + ShaFinal(&hash, digest); + + total = current_time(0) - start; + persec = 1 / total * numBlocks; +#ifdef BENCH_EMBEDDED + /* since using kB, convert to MB/s */ + persec = persec / 1024; +#endif + + printf("SHA %d %s took %5.3f seconds, %7.3f MB/s\n", numBlocks, + blockType, total, persec); +} +#endif /* NO_SHA */ + + +#ifndef NO_SHA256 +void bench_sha256(void) +{ + Sha256 hash; + byte digest[SHA256_DIGEST_SIZE]; + double start, total, persec; + int i, ret; + + ret = InitSha256(&hash); + if (ret != 0) { + printf("InitSha256 failed, ret = %d\n", ret); + return; + } + start = current_time(1); + + for(i = 0; i < numBlocks; i++) { + ret = Sha256Update(&hash, plain, sizeof(plain)); + if (ret != 0) { + printf("Sha256Update failed, ret = %d\n", ret); + return; + } + } + + ret = Sha256Final(&hash, digest); + if (ret != 0) { + printf("Sha256Final failed, ret = %d\n", ret); + return; + } + + total = current_time(0) - start; + persec = 1 / total * numBlocks; +#ifdef BENCH_EMBEDDED + /* since using kB, convert to MB/s */ + persec = persec / 1024; +#endif + + printf("SHA-256 %d %s took %5.3f seconds, %7.3f MB/s\n", numBlocks, + blockType, total, persec); +} +#endif + +#ifdef CYASSL_SHA512 +void bench_sha512(void) +{ + Sha512 hash; + byte digest[SHA512_DIGEST_SIZE]; + double start, total, persec; + int i, ret; + + ret = InitSha512(&hash); + if (ret != 0) { + printf("InitSha512 failed, ret = %d\n", ret); + return; + } + start = current_time(1); + + for(i = 0; i < numBlocks; i++) { + ret = Sha512Update(&hash, plain, sizeof(plain)); + if (ret != 0) { + printf("Sha512Update failed, ret = %d\n", ret); + return; + } + } + + ret = Sha512Final(&hash, digest); + if (ret != 0) { + printf("Sha512Final failed, ret = %d\n", ret); + return; + } + + total = current_time(0) - start; + persec = 1 / total * numBlocks; +#ifdef BENCH_EMBEDDED + /* since using kB, convert to MB/s */ + persec = persec / 1024; +#endif + + printf("SHA-512 %d %s took %5.3f seconds, %7.3f MB/s\n", numBlocks, + blockType, total, persec); +} +#endif + +#ifdef CYASSL_RIPEMD +void bench_ripemd(void) +{ + RipeMd hash; + byte digest[RIPEMD_DIGEST_SIZE]; + double start, total, persec; + int i; + + InitRipeMd(&hash); + start = current_time(1); + + for(i = 0; i < numBlocks; i++) + RipeMdUpdate(&hash, plain, sizeof(plain)); + + RipeMdFinal(&hash, digest); + + total = current_time(0) - start; + persec = 1 / total * numBlocks; +#ifdef BENCH_EMBEDDED + /* since using kB, convert to MB/s */ + persec = persec / 1024; +#endif + + printf("RIPEMD %d %s took %5.3f seconds, %7.3f MB/s\n", numBlocks, + blockType, total, persec); +} +#endif + + +#ifdef HAVE_BLAKE2 +void bench_blake2(void) +{ + Blake2b b2b; + byte digest[64]; + double start, total, persec; + int i, ret; + + ret = InitBlake2b(&b2b, 64); + if (ret != 0) { + printf("InitBlake2b failed, ret = %d\n", ret); + return; + } + start = current_time(1); + + for(i = 0; i < numBlocks; i++) { + ret = Blake2bUpdate(&b2b, plain, sizeof(plain)); + if (ret != 0) { + printf("Blake2bUpdate failed, ret = %d\n", ret); + return; + } + } + + ret = Blake2bFinal(&b2b, digest, 64); + if (ret != 0) { + printf("Blake2bFinal failed, ret = %d\n", ret); + return; + } + + total = current_time(0) - start; + persec = 1 / total * numBlocks; +#ifdef BENCH_EMBEDDED + /* since using kB, convert to MB/s */ + persec = persec / 1024; +#endif + + printf("BLAKE2b %d %s took %5.3f seconds, %7.3f MB/s\n", numBlocks, + blockType, total, persec); +} +#endif + + +#if !defined(NO_RSA) || !defined(NO_DH) \ + || defined(CYASSL_KEYGEN) || defined(HAVE_ECC) +static RNG rng; +#endif + +#ifndef NO_RSA + + +#if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048) && \ + defined(CYASSL_MDK_SHELL) +static char *certRSAname = "certs/rsa2048.der" ; +static void set_Bench_RSA_File(char * cert) { certRSAname = cert ; } + /* set by shell command */ +#elif defined(CYASSL_MDK_SHELL) + /* nothing */ +#else +static const char *certRSAname = "certs/rsa2048.der" ; +#endif + +void bench_rsa(void) +{ + int i; + int ret; + byte tmp[3072]; + size_t bytes; + word32 idx = 0; + + byte message[] = "Everyone gets Friday off."; + byte enc[512]; /* for up to 4096 bit */ + const int len = (int)strlen((char*)message); + double start, total, each, milliEach; + + RsaKey rsaKey; + int rsaKeySz = 2048; /* used in printf */ + +#ifdef USE_CERT_BUFFERS_1024 + XMEMCPY(tmp, rsa_key_der_1024, sizeof_rsa_key_der_1024); + bytes = sizeof_rsa_key_der_1024; + rsaKeySz = 1024; +#elif defined(USE_CERT_BUFFERS_2048) + XMEMCPY(tmp, rsa_key_der_2048, sizeof_rsa_key_der_2048); + bytes = sizeof_rsa_key_der_2048; +#else + FILE* file = fopen(certRSAname, "rb"); + + if (!file) { + printf("can't find %s, Please run from CyaSSL home dir\n", certRSAname); + return; + } + + bytes = fread(tmp, 1, sizeof(tmp), file); + fclose(file); +#endif /* USE_CERT_BUFFERS */ + + +#ifdef HAVE_CAVIUM + if (RsaInitCavium(&rsaKey, CAVIUM_DEV_ID) != 0) + printf("RSA init cavium failed\n"); +#endif + ret = InitRng(&rng); + if (ret < 0) { + printf("InitRNG failed\n"); + return; + } + ret = InitRsaKey(&rsaKey, 0); + if (ret < 0) { + printf("InitRsaKey failed\n"); + return; + } + ret = RsaPrivateKeyDecode(tmp, &idx, &rsaKey, (word32)bytes); + + start = current_time(1); + + for (i = 0; i < ntimes; i++) + ret = RsaPublicEncrypt(message,len,enc,sizeof(enc), &rsaKey, &rng); + + total = current_time(0) - start; + each = total / ntimes; /* per second */ + milliEach = each * 1000; /* milliseconds */ + + printf("RSA %d encryption took %6.3f milliseconds, avg over %d" + " iterations\n", rsaKeySz, milliEach, ntimes); + + if (ret < 0) { + printf("Rsa Public Encrypt failed\n"); + return; + } + + start = current_time(1); + + for (i = 0; i < ntimes; i++) { + byte out[512]; /* for up to 4096 bit */ + RsaPrivateDecrypt(enc, (word32)ret, out, sizeof(out), &rsaKey); + } + + total = current_time(0) - start; + each = total / ntimes; /* per second */ + milliEach = each * 1000; /* milliseconds */ + + printf("RSA %d decryption took %6.3f milliseconds, avg over %d" + " iterations\n", rsaKeySz, milliEach, ntimes); + + FreeRsaKey(&rsaKey); +#ifdef HAVE_CAVIUM + RsaFreeCavium(&rsaKey); +#endif +} +#endif + + +#ifndef NO_DH + + +#if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048) && \ + defined(CYASSL_MDK_SHELL) +static char *certDHname = "certs/dh2048.der" ; +void set_Bench_DH_File(char * cert) { certDHname = cert ; } + /* set by shell command */ +#elif defined(CYASSL_MDK_SHELL) + /* nothing */ +#else +static const char *certDHname = "certs/dh2048.der" ; +#endif + +void bench_dh(void) +{ + int i, ret; + byte tmp[1024]; + size_t bytes; + word32 idx = 0, pubSz, privSz = 0, pubSz2, privSz2, agreeSz; + + byte pub[256]; /* for 2048 bit */ + byte priv[256]; /* for 2048 bit */ + byte pub2[256]; /* for 2048 bit */ + byte priv2[256]; /* for 2048 bit */ + byte agree[256]; /* for 2048 bit */ + + double start, total, each, milliEach; + DhKey dhKey; + int dhKeySz = 2048; /* used in printf */ + + +#ifdef USE_CERT_BUFFERS_1024 + XMEMCPY(tmp, dh_key_der_1024, sizeof_dh_key_der_1024); + bytes = sizeof_dh_key_der_1024; + dhKeySz = 1024; +#elif defined(USE_CERT_BUFFERS_2048) + XMEMCPY(tmp, dh_key_der_2048, sizeof_dh_key_der_2048); + bytes = sizeof_dh_key_der_2048; +#else + FILE* file = fopen(certDHname, "rb"); + + if (!file) { + printf("can't find %s, Please run from CyaSSL home dir\n", certDHname); + return; + } + + ret = InitRng(&rng); + if (ret < 0) { + printf("InitRNG failed\n"); + return; + } + bytes = fread(tmp, 1, sizeof(tmp), file); +#endif /* USE_CERT_BUFFERS */ + + + InitDhKey(&dhKey); + bytes = DhKeyDecode(tmp, &idx, &dhKey, (word32)bytes); + if (bytes != 0) { + printf("dhekydecode failed, can't benchmark\n"); + #if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048) + fclose(file); + #endif + return; + } + + start = current_time(1); + + for (i = 0; i < ntimes; i++) + DhGenerateKeyPair(&dhKey, &rng, priv, &privSz, pub, &pubSz); + + total = current_time(0) - start; + each = total / ntimes; /* per second */ + milliEach = each * 1000; /* milliseconds */ + + printf("DH %d key generation %6.3f milliseconds, avg over %d" + " iterations\n", dhKeySz, milliEach, ntimes); + + DhGenerateKeyPair(&dhKey, &rng, priv2, &privSz2, pub2, &pubSz2); + start = current_time(1); + + for (i = 0; i < ntimes; i++) + DhAgree(&dhKey, agree, &agreeSz, priv, privSz, pub2, pubSz2); + + total = current_time(0) - start; + each = total / ntimes; /* per second */ + milliEach = each * 1000; /* milliseconds */ + + printf("DH %d key agreement %6.3f milliseconds, avg over %d" + " iterations\n", dhKeySz, milliEach, ntimes); + +#if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048) + fclose(file); +#endif + FreeDhKey(&dhKey); +} +#endif + +#if defined(CYASSL_KEY_GEN) && !defined(NO_RSA) +void bench_rsaKeyGen(void) +{ + RsaKey genKey; + double start, total, each, milliEach; + int i; + + /* 1024 bit */ + start = current_time(1); + + for(i = 0; i < genTimes; i++) { + InitRsaKey(&genKey, 0); + MakeRsaKey(&genKey, 1024, 65537, &rng); + FreeRsaKey(&genKey); + } + + total = current_time(0) - start; + each = total / genTimes; /* per second */ + milliEach = each * 1000; /* millisconds */ + printf("\n"); + printf("RSA 1024 key generation %6.3f milliseconds, avg over %d" + " iterations\n", milliEach, genTimes); + + /* 2048 bit */ + start = current_time(1); + + for(i = 0; i < genTimes; i++) { + InitRsaKey(&genKey, 0); + MakeRsaKey(&genKey, 2048, 65537, &rng); + FreeRsaKey(&genKey); + } + + total = current_time(0) - start; + each = total / genTimes; /* per second */ + milliEach = each * 1000; /* millisconds */ + printf("RSA 2048 key generation %6.3f milliseconds, avg over %d" + " iterations\n", milliEach, genTimes); +} +#endif /* CYASSL_KEY_GEN */ + +#ifdef HAVE_ECC +void bench_eccKeyGen(void) +{ + ecc_key genKey; + double start, total, each, milliEach; + int i, ret; + + ret = InitRng(&rng); + if (ret < 0) { + printf("InitRNG failed\n"); + return; + } + /* 256 bit */ + start = current_time(1); + + for(i = 0; i < genTimes; i++) { + ecc_make_key(&rng, 32, &genKey); + ecc_free(&genKey); + } + + total = current_time(0) - start; + each = total / genTimes; /* per second */ + milliEach = each * 1000; /* millisconds */ + printf("\n"); + printf("ECC 256 key generation %6.3f milliseconds, avg over %d" + " iterations\n", milliEach, genTimes); +} + + +void bench_eccKeyAgree(void) +{ + ecc_key genKey, genKey2; + double start, total, each, milliEach; + int i, ret; + byte shared[1024]; + byte sig[1024]; + byte digest[32]; + word32 x = 0; + + ecc_init(&genKey); + ecc_init(&genKey2); + + ret = InitRng(&rng); + if (ret < 0) { + printf("InitRNG failed\n"); + return; + } + + ret = ecc_make_key(&rng, 32, &genKey); + if (ret != 0) { + printf("ecc_make_key failed\n"); + return; + } + ret = ecc_make_key(&rng, 32, &genKey2); + if (ret != 0) { + printf("ecc_make_key failed\n"); + return; + } + + /* 256 bit */ + start = current_time(1); + + for(i = 0; i < agreeTimes; i++) { + x = sizeof(shared); + ret = ecc_shared_secret(&genKey, &genKey2, shared, &x); + if (ret != 0) { + printf("ecc_shared_secret failed\n"); + return; + } + } + + total = current_time(0) - start; + each = total / agreeTimes; /* per second */ + milliEach = each * 1000; /* millisconds */ + printf("EC-DHE key agreement %6.3f milliseconds, avg over %d" + " iterations\n", milliEach, agreeTimes); + + /* make dummy digest */ + for (i = 0; i < (int)sizeof(digest); i++) + digest[i] = (byte)i; + + + start = current_time(1); + + for(i = 0; i < agreeTimes; i++) { + x = sizeof(sig); + ret = ecc_sign_hash(digest, sizeof(digest), sig, &x, &rng, &genKey); + if (ret != 0) { + printf("ecc_sign_hash failed\n"); + return; + } + } + + total = current_time(0) - start; + each = total / agreeTimes; /* per second */ + milliEach = each * 1000; /* millisconds */ + printf("EC-DSA sign time %6.3f milliseconds, avg over %d" + " iterations\n", milliEach, agreeTimes); + + start = current_time(1); + + for(i = 0; i < agreeTimes; i++) { + int verify = 0; + ret = ecc_verify_hash(sig, x, digest, sizeof(digest), &verify, &genKey); + if (ret != 0) { + printf("ecc_verify_hash failed\n"); + return; + } + } + + total = current_time(0) - start; + each = total / agreeTimes; /* per second */ + milliEach = each * 1000; /* millisconds */ + printf("EC-DSA verify time %6.3f milliseconds, avg over %d" + " iterations\n", milliEach, agreeTimes); + + ecc_free(&genKey2); + ecc_free(&genKey); +} +#endif /* HAVE_ECC */ + + +#ifdef _WIN32 + + #define WIN32_LEAN_AND_MEAN + #include + + double current_time(int reset) + { + static int init = 0; + static LARGE_INTEGER freq; + + LARGE_INTEGER count; + + (void)reset; + + if (!init) { + QueryPerformanceFrequency(&freq); + init = 1; + } + + QueryPerformanceCounter(&count); + + return (double)count.QuadPart / freq.QuadPart; + } + +#elif defined MICROCHIP_PIC32 + #if defined(CYASSL_MICROCHIP_PIC32MZ) + #define CLOCK 8000000.0 + #else + #include + #define CLOCK 4000000.0 + #endif + + double current_time(int reset) + { + unsigned int ns; + + if (reset) { + WriteCoreTimer(0); + } + + /* get timer in ns */ + ns = ReadCoreTimer(); + + /* return seconds as a double */ + return ( ns / CLOCK * 2.0); + } + +#elif defined CYASSL_MDK_ARM + + extern double current_time(int reset) ; + +#elif defined FREERTOS + + double current_time(int reset) + { + (void) reset; + + portTickType tickCount; + + /* tick count == ms, if configTICK_RATE_HZ is set to 1000 */ + tickCount = xTaskGetTickCount(); + return (double)tickCount / 1000; + } + +#else + + #include + + double current_time(int reset) + { + struct timeval tv; + + (void)reset; + + gettimeofday(&tv, 0); + + return (double)tv.tv_sec + (double)tv.tv_usec / 1000000; + } + +#endif /* _WIN32 */ diff --git a/3P/wolfssl/IDE/MDK5-ARM/Projects/CyaSSL-Full/cert_data.c b/3P/wolfssl/IDE/MDK5-ARM/Projects/CyaSSL-Full/cert_data.c new file mode 100644 index 00000000..d6cef016 --- /dev/null +++ b/3P/wolfssl/IDE/MDK5-ARM/Projects/CyaSSL-Full/cert_data.c @@ -0,0 +1,28 @@ +/* certs_test.c + * + * Copyright (C) 2006-2015 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +#ifdef HAVE_CONFIG_H + #include +#endif + +/* Define initial data for cert buffers */ +#include + diff --git a/3P/wolfssl/IDE/MDK5-ARM/Projects/CyaSSL-Full/client.c b/3P/wolfssl/IDE/MDK5-ARM/Projects/CyaSSL-Full/client.c new file mode 100644 index 00000000..bc898cb5 --- /dev/null +++ b/3P/wolfssl/IDE/MDK5-ARM/Projects/CyaSSL-Full/client.c @@ -0,0 +1,858 @@ +/* client.c + * + * Copyright (C) 2006-2015 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +#ifdef HAVE_CONFIG_H + #include +#endif + #define CYASSL_MDK_ARM +#if defined(CYASSL_MDK_ARM) + #include + #include + + #if defined(CYASSL_MDK5) + #include "cmsis_os.h" + #include "rl_fs.h" + #include "rl_net.h" + #else + #include "rtl.h" + #endif + + #include "cyassl_MDK_ARM.h" +#endif + +#include + +#if !defined(CYASSL_TRACK_MEMORY) && !defined(NO_MAIN_DRIVER) + /* in case memory tracker wants stats */ + #define CYASSL_TRACK_MEMORY +#endif + +#include +#include +#include "examples/client/client.h" + + +#ifdef CYASSL_CALLBACKS + int handShakeCB(HandShakeInfo*); + int timeoutCB(TimeoutInfo*); + Timeval timeout; +#endif + + +static void NonBlockingSSL_Connect(CYASSL* ssl) +{ +#ifndef CYASSL_CALLBACKS + int ret = CyaSSL_connect(ssl); +#else + int ret = CyaSSL_connect_ex(ssl, handShakeCB, timeoutCB, timeout); +#endif + int error = CyaSSL_get_error(ssl, 0); + SOCKET_T sockfd = (SOCKET_T)CyaSSL_get_fd(ssl); + int select_ret; + + while (ret != SSL_SUCCESS && (error == SSL_ERROR_WANT_READ || + error == SSL_ERROR_WANT_WRITE)) { + int currTimeout = 1; + + if (error == SSL_ERROR_WANT_READ) + printf("... client would read block\n"); + else + printf("... client would write block\n"); + +#ifdef CYASSL_DTLS + currTimeout = CyaSSL_dtls_get_current_timeout(ssl); +#endif + select_ret = tcp_select(sockfd, currTimeout); + + if ((select_ret == TEST_RECV_READY) || + (select_ret == TEST_ERROR_READY)) { + #ifndef CYASSL_CALLBACKS + ret = CyaSSL_connect(ssl); + #else + ret = CyaSSL_connect_ex(ssl,handShakeCB,timeoutCB,timeout); + #endif + error = CyaSSL_get_error(ssl, 0); + } + else if (select_ret == TEST_TIMEOUT && !CyaSSL_dtls(ssl)) { + error = SSL_ERROR_WANT_READ; + } +#ifdef CYASSL_DTLS + else if (select_ret == TEST_TIMEOUT && CyaSSL_dtls(ssl) && + CyaSSL_dtls_got_timeout(ssl) >= 0) { + error = SSL_ERROR_WANT_READ; + } +#endif + else { + error = SSL_FATAL_ERROR; + } + } + if (ret != SSL_SUCCESS) + err_sys("SSL_connect failed"); +} + + +static void Usage(void) +{ + printf("client " LIBCYASSL_VERSION_STRING + " NOTE: All files relative to CyaSSL home dir\n"); + printf("-? Help, print this usage\n"); + printf("-h Host to connect to, default %s\n", yasslIP); + printf("-p Port to connect on, not 0, default %d\n", yasslPort); + printf("-v SSL version [0-3], SSLv3(0) - TLS1.2(3)), default %d\n", + CLIENT_DEFAULT_VERSION); + printf("-l Cipher list\n"); + printf("-c Certificate file, default %s\n", cliCert); + printf("-k Key file, default %s\n", cliKey); + printf("-A Certificate Authority file, default %s\n", caCert); + printf("-b Benchmark connections and print stats\n"); + printf("-s Use pre Shared keys\n"); + printf("-t Track CyaSSL memory use\n"); + printf("-d Disable peer checks\n"); + printf("-g Send server HTTP GET\n"); + printf("-u Use UDP DTLS," + " add -v 2 for DTLSv1 (default), -v 3 for DTLSv1.2\n"); + printf("-m Match domain name in cert\n"); + printf("-N Use Non-blocking sockets\n"); + printf("-r Resume session\n"); + printf("-f Fewer packets/group messages\n"); + printf("-x Disable client cert/key loading\n"); +#ifdef SHOW_SIZES + printf("-z Print structure sizes\n"); +#endif +#ifdef HAVE_SNI + printf("-S Use Host Name Indication\n"); +#endif +#ifdef HAVE_MAX_FRAGMENT + printf("-L Use Maximum Fragment Length [1-5]\n"); +#endif +#ifdef HAVE_TRUNCATED_HMAC + printf("-T Use Truncated HMAC\n"); +#endif +#ifdef HAVE_OCSP + printf("-o Perform OCSP lookup on peer certificate\n"); + printf("-O Perform OCSP lookup using as responder\n"); +#endif +#ifdef ATOMIC_USER + printf("-U Atomic User Record Layer Callbacks\n"); +#endif +#ifdef HAVE_PK_CALLBACKS + printf("-P Public Key Callbacks\n"); +#endif +} + + +#ifdef CYASSL_MDK_SHELL + #define exit(code) return(code) +#endif + + +THREAD_RETURN CYASSL_THREAD client_test(void* args) +{ + SOCKET_T sockfd = 0; + + CYASSL_METHOD* method = 0; + CYASSL_CTX* ctx = 0; + CYASSL* ssl = 0; + + CYASSL* sslResume = 0; + CYASSL_SESSION* session = 0; + char resumeMsg[] = "resuming cyassl!"; + int resumeSz = sizeof(resumeMsg); + + char msg[32] = "hello cyassl!"; /* GET may make bigger */ + char reply[80]; + int input; + int msgSz = (int)strlen(msg); + + word16 port = yasslPort; + char* host = (char*)yasslIP; + char* domain = (char*)"www.yassl.com"; + + int ch; + int version = CLIENT_INVALID_VERSION; + int usePsk = 0; + int sendGET = 0; + int benchmark = 0; + int doDTLS = 0; + int matchName = 0; + int doPeerCheck = 1; + int nonBlocking = 0; + int resumeSession = 0; + int trackMemory = 0; + int useClientCert = 1; + int fewerPackets = 0; + int atomicUser = 0; + int pkCallbacks = 0; + char* cipherList = NULL; + char* verifyCert = (char*)caCert; + char* ourCert = (char*)cliCert; + char* ourKey = (char*)cliKey; + +#ifdef HAVE_SNI + char* sniHostName = NULL; +#endif +#ifdef HAVE_MAX_FRAGMENT + byte maxFragment = 0; +#endif +#ifdef HAVE_TRUNCATED_HMAC + byte truncatedHMAC = 0; +#endif + + +#ifdef HAVE_OCSP + int useOcsp = 0; + char* ocspUrl = NULL; +#endif + + int argc = ((func_args*)args)->argc; + char** argv = ((func_args*)args)->argv; + + ((func_args*)args)->return_code = -1; /* error state */ + +#ifdef NO_RSA + verifyCert = (char*)eccCert; + ourCert = (char*)cliEccCert; + ourKey = (char*)cliEccKey; +#endif + (void)resumeSz; + (void)session; + (void)sslResume; + (void)trackMemory; + (void)atomicUser; + (void)pkCallbacks; + + StackTrap(); + + while ((ch = mygetopt(argc, argv, + "?gdusmNrtfxUPh:p:v:l:A:c:k:b:zS:L:ToO:")) != -1) { + switch (ch) { + case '?' : + Usage(); + exit(EXIT_SUCCESS); + + case 'g' : + sendGET = 1; + break; + + case 'd' : + doPeerCheck = 0; + break; + + case 'u' : + doDTLS = 1; + break; + + case 's' : + usePsk = 1; + break; + + case 't' : + #ifdef USE_CYASSL_MEMORY + trackMemory = 1; + #endif + break; + + case 'm' : + matchName = 1; + break; + + case 'x' : + useClientCert = 0; + break; + + case 'f' : + fewerPackets = 1; + break; + + case 'U' : + #ifdef ATOMIC_USER + atomicUser = 1; + #endif + break; + + case 'P' : + #ifdef HAVE_PK_CALLBACKS + pkCallbacks = 1; + #endif + break; + + case 'h' : + host = myoptarg; + domain = myoptarg; + break; + + case 'p' : + port = (word16)atoi(myoptarg); + #if !defined(NO_MAIN_DRIVER) || defined(USE_WINDOWS_API) + if (port == 0) + err_sys("port number cannot be 0"); + #endif + break; + + case 'v' : + version = atoi(myoptarg); + if (version < 0 || version > 3) { + Usage(); + exit(MY_EX_USAGE); + } + break; + + case 'l' : + cipherList = myoptarg; + break; + + case 'A' : + verifyCert = myoptarg; + break; + + case 'c' : + ourCert = myoptarg; + break; + + case 'k' : + ourKey = myoptarg; + break; + + case 'b' : + benchmark = atoi(myoptarg); + if (benchmark < 0 || benchmark > 1000000) { + Usage(); + exit(MY_EX_USAGE); + } + break; + + case 'N' : + nonBlocking = 1; + break; + + case 'r' : + resumeSession = 1; + break; + + case 'z' : + #ifndef CYASSL_LEANPSK + CyaSSL_GetObjectSize(); + #endif + break; + + case 'S' : + #ifdef HAVE_SNI + sniHostName = myoptarg; + #endif + break; + + case 'L' : + #ifdef HAVE_MAX_FRAGMENT + maxFragment = atoi(myoptarg); + if (maxFragment < CYASSL_MFL_2_9 || + maxFragment > CYASSL_MFL_2_13) { + Usage(); + exit(MY_EX_USAGE); + } + #endif + break; + + case 'T' : + #ifdef HAVE_TRUNCATED_HMAC + truncatedHMAC = 1; + #endif + break; + + case 'o' : + #ifdef HAVE_OCSP + useOcsp = 1; + #endif + break; + + case 'O' : + #ifdef HAVE_OCSP + useOcsp = 1; + ocspUrl = myoptarg; + #endif + break; + + default: + Usage(); + exit(MY_EX_USAGE); + } + } + + myoptind = 0; /* reset for test cases */ + + /* sort out DTLS versus TLS versions */ + if (version == CLIENT_INVALID_VERSION) { + if (doDTLS) + version = CLIENT_DTLS_DEFAULT_VERSION; + else + version = CLIENT_DEFAULT_VERSION; + } + else { + if (doDTLS) { + if (version == 3) + version = -2; + else + version = -1; + } + } + +#ifdef USE_CYASSL_MEMORY + if (trackMemory) + InitMemoryTracker(); +#endif + + switch (version) { +#ifndef NO_OLD_TLS + case 0: + method = wolfSSLv3_client_method(); + break; + + + #ifndef NO_TLS + case 1: + method = CyaTLSv1_client_method(); + break; + + case 2: + method = CyaTLSv1_1_client_method(); + break; + #endif /* NO_TLS */ + +#endif /* NO_OLD_TLS */ + +#ifndef NO_TLS + case 3: + method = CyaTLSv1_2_client_method(); + break; +#endif + +#ifdef CYASSL_DTLS + case -1: + method = CyaDTLSv1_client_method(); + break; + + case -2: + method = CyaDTLSv1_2_client_method(); + break; +#endif + + default: + err_sys("Bad SSL version"); + break; + } + + if (method == NULL) + err_sys("unable to get method"); + + ctx = CyaSSL_CTX_new(method); + if (ctx == NULL) + err_sys("unable to get ctx"); + + if (cipherList) + if (CyaSSL_CTX_set_cipher_list(ctx, cipherList) != SSL_SUCCESS) + err_sys("client can't set cipher list 1"); + +#ifdef CYASSL_LEANPSK + usePsk = 1; +#endif + +#if defined(NO_RSA) && !defined(HAVE_ECC) + usePsk = 1; +#endif + + if (fewerPackets) + CyaSSL_CTX_set_group_messages(ctx); + + if (usePsk) { +#ifndef NO_PSK + CyaSSL_CTX_set_psk_client_callback(ctx, my_psk_client_cb); + if (cipherList == NULL) { + const char *defaultCipherList; + #ifdef HAVE_NULL_CIPHER + defaultCipherList = "PSK-NULL-SHA256"; + #else + defaultCipherList = "PSK-AES128-CBC-SHA256"; + #endif + if (CyaSSL_CTX_set_cipher_list(ctx,defaultCipherList) !=SSL_SUCCESS) + err_sys("client can't set cipher list 2"); + } +#endif + useClientCert = 0; + } + +#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) + CyaSSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack); +#endif + +#if defined(CYASSL_SNIFFER) && !defined(HAVE_NTRU) && !defined(HAVE_ECC) + if (cipherList == NULL) { + /* don't use EDH, can't sniff tmp keys */ + if (CyaSSL_CTX_set_cipher_list(ctx, "AES256-SHA256") != SSL_SUCCESS) { + err_sys("client can't set cipher list 3"); + } + } +#endif + +#ifdef HAVE_OCSP + if (useOcsp) { + if (ocspUrl != NULL) { + CyaSSL_CTX_SetOCSP_OverrideURL(ctx, ocspUrl); + CyaSSL_CTX_EnableOCSP(ctx, CYASSL_OCSP_NO_NONCE + | CYASSL_OCSP_URL_OVERRIDE); + } + else + CyaSSL_CTX_EnableOCSP(ctx, CYASSL_OCSP_NO_NONCE); + } +#endif + +#ifdef USER_CA_CB + CyaSSL_CTX_SetCACb(ctx, CaCb); +#endif + +#ifdef VERIFY_CALLBACK + CyaSSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, myVerify); +#endif +#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) + if (useClientCert){ + if (CyaSSL_CTX_use_certificate_chain_file(ctx, ourCert) != SSL_SUCCESS) + err_sys("can't load client cert file, check file and run from" + " CyaSSL home dir"); + + if (CyaSSL_CTX_use_PrivateKey_file(ctx, ourKey, SSL_FILETYPE_PEM) + != SSL_SUCCESS) + err_sys("can't load client private key file, check file and run " + "from CyaSSL home dir"); + } + + if (!usePsk) { + if (CyaSSL_CTX_load_verify_locations(ctx, verifyCert, 0) != SSL_SUCCESS) + err_sys("can't load ca file, Please run from CyaSSL home dir"); + } +#endif +#if !defined(NO_CERTS) + if (!usePsk && doPeerCheck == 0) + CyaSSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, 0); +#endif + +#ifdef HAVE_CAVIUM + CyaSSL_CTX_UseCavium(ctx, CAVIUM_DEV_ID); +#endif + +#ifdef HAVE_SNI + if (sniHostName) + if (CyaSSL_CTX_UseSNI(ctx, 0, sniHostName, XSTRLEN(sniHostName)) + != SSL_SUCCESS) + err_sys("UseSNI failed"); +#endif +#ifdef HAVE_MAX_FRAGMENT + if (maxFragment) + if (CyaSSL_CTX_UseMaxFragment(ctx, maxFragment) != SSL_SUCCESS) + err_sys("UseMaxFragment failed"); +#endif +#ifdef HAVE_TRUNCATED_HMAC + if (truncatedHMAC) + if (CyaSSL_CTX_UseTruncatedHMAC(ctx) != SSL_SUCCESS) + err_sys("UseTruncatedHMAC failed"); +#endif + + if (benchmark) { + /* time passed in number of connects give average */ + int times = benchmark; + int i = 0; + + double start = current_time(), avg; + + for (i = 0; i < times; i++) { + tcp_connect(&sockfd, host, port, doDTLS); + + ssl = CyaSSL_new(ctx); + CyaSSL_set_fd(ssl, sockfd); + if (CyaSSL_connect(ssl) != SSL_SUCCESS) + err_sys("SSL_connect failed"); + + CyaSSL_shutdown(ssl); + CyaSSL_free(ssl); + CloseSocket(sockfd); + } + avg = current_time() - start; + avg /= times; + avg *= 1000; /* milliseconds */ + printf("CyaSSL_connect avg took: %8.3f milliseconds\n", avg); + + CyaSSL_CTX_free(ctx); + ((func_args*)args)->return_code = 0; + + exit(EXIT_SUCCESS); + } + + #if defined(CYASSL_MDK_ARM) + CyaSSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, 0); + #endif + + ssl = CyaSSL_new(ctx); + if (ssl == NULL) + err_sys("unable to get SSL object"); + if (doDTLS) { + SOCKADDR_IN_T addr; + build_addr(&addr, host, port, 1); + CyaSSL_dtls_set_peer(ssl, &addr, sizeof(addr)); + tcp_socket(&sockfd, 1); + } + else { + tcp_connect(&sockfd, host, port, 0); + } + CyaSSL_set_fd(ssl, sockfd); +#ifdef HAVE_CRL + if (CyaSSL_EnableCRL(ssl, CYASSL_CRL_CHECKALL) != SSL_SUCCESS) + err_sys("can't enable crl check"); + if (CyaSSL_LoadCRL(ssl, crlPemDir, SSL_FILETYPE_PEM, 0) != SSL_SUCCESS) + err_sys("can't load crl, check crlfile and date validity"); + if (CyaSSL_SetCRL_Cb(ssl, CRL_CallBack) != SSL_SUCCESS) + err_sys("can't set crl callback"); +#endif +#ifdef ATOMIC_USER + if (atomicUser) + SetupAtomicUser(ctx, ssl); +#endif +#ifdef HAVE_PK_CALLBACKS + if (pkCallbacks) + SetupPkCallbacks(ctx, ssl); +#endif + if (matchName && doPeerCheck) + CyaSSL_check_domain_name(ssl, domain); +#ifndef CYASSL_CALLBACKS + if (nonBlocking) { + CyaSSL_set_using_nonblock(ssl, 1); + tcp_set_nonblocking(&sockfd); + NonBlockingSSL_Connect(ssl); + } + else if (CyaSSL_connect(ssl) != SSL_SUCCESS) { + /* see note at top of README */ + int err = CyaSSL_get_error(ssl, 0); + char buffer[CYASSL_MAX_ERROR_SZ]; + printf("err = %d, %s\n", err, + CyaSSL_ERR_error_string(err, buffer)); + err_sys("SSL_connect failed"); + /* if you're getting an error here */ + } +#else + timeout.tv_sec = 2; + timeout.tv_usec = 0; + NonBlockingSSL_Connect(ssl); /* will keep retrying on timeout */ +#endif + showPeer(ssl); + + if (sendGET) { + printf("SSL connect ok, sending GET...\n"); + msgSz = 28; + strncpy(msg, "GET /index.html HTTP/1.0\r\n\r\n", msgSz); + msg[msgSz] = '\0'; + } + if (CyaSSL_write(ssl, msg, msgSz) != msgSz) + err_sys("SSL_write failed"); + + input = CyaSSL_read(ssl, reply, sizeof(reply)-1); + if (input > 0) { + reply[input] = 0; + printf("Server response: %s\n", reply); + + if (sendGET) { /* get html */ + while (1) { + input = CyaSSL_read(ssl, reply, sizeof(reply)-1); + if (input > 0) { + reply[input] = 0; + printf("%s\n", reply); + } + else + break; + } + } + } + else if (input < 0) { + int readErr = CyaSSL_get_error(ssl, 0); + if (readErr != SSL_ERROR_WANT_READ) + err_sys("CyaSSL_read failed"); + } + +#ifndef NO_SESSION_CACHE + if (resumeSession) { + if (doDTLS) { + strncpy(msg, "break", 6); + msgSz = (int)strlen(msg); + /* try to send session close */ + CyaSSL_write(ssl, msg, msgSz); + } + session = CyaSSL_get_session(ssl); + sslResume = CyaSSL_new(ctx); + } +#endif + + if (doDTLS == 0) /* don't send alert after "break" command */ + CyaSSL_shutdown(ssl); /* echoserver will interpret as new conn */ +#ifdef ATOMIC_USER + if (atomicUser) + FreeAtomicUser(ssl); +#endif + CyaSSL_free(ssl); + CloseSocket(sockfd); + +#ifndef NO_SESSION_CACHE + if (resumeSession) { + if (doDTLS) { + SOCKADDR_IN_T addr; + #ifdef USE_WINDOWS_API + Sleep(500); + #else + sleep(1); + #endif + build_addr(&addr, host, port, 1); + CyaSSL_dtls_set_peer(sslResume, &addr, sizeof(addr)); + tcp_socket(&sockfd, 1); + } + else { + tcp_connect(&sockfd, host, port, 0); + } + CyaSSL_set_fd(sslResume, sockfd); + CyaSSL_set_session(sslResume, session); + + showPeer(sslResume); +#ifndef CYASSL_CALLBACKS + if (nonBlocking) { + CyaSSL_set_using_nonblock(sslResume, 1); + tcp_set_nonblocking(&sockfd); + NonBlockingSSL_Connect(sslResume); + } + else if (CyaSSL_connect(sslResume) != SSL_SUCCESS) + err_sys("SSL resume failed"); +#else + timeout.tv_sec = 2; + timeout.tv_usec = 0; + NonBlockingSSL_Connect(ssl); /* will keep retrying on timeout */ +#endif + + if (CyaSSL_session_reused(sslResume)) + printf("reused session id\n"); + else + printf("didn't reuse session id!!!\n"); + + if (CyaSSL_write(sslResume, resumeMsg, resumeSz) != resumeSz) + err_sys("SSL_write failed"); + + if (nonBlocking) { + /* give server a chance to bounce a message back to client */ + #ifdef USE_WINDOWS_API + Sleep(500); + #else + sleep(1); + #endif + } + + input = CyaSSL_read(sslResume, reply, sizeof(reply)-1); + if (input > 0) { + reply[input] = 0; + printf("Server resume response: %s\n", reply); + } + + /* try to send session break */ + CyaSSL_write(sslResume, msg, msgSz); + + CyaSSL_shutdown(sslResume); + CyaSSL_free(sslResume); + CloseSocket(sockfd); + } +#endif /* NO_SESSION_CACHE */ + + CyaSSL_CTX_free(ctx); + + ((func_args*)args)->return_code = 0; + +#ifdef USE_CYASSL_MEMORY + if (trackMemory) + ShowMemoryTracker(); +#endif /* USE_CYASSL_MEMORY */ + + return 0; +} + + +/* so overall tests can pull in test function */ +#ifndef NO_MAIN_DRIVER + + int main(int argc, char** argv) + { + func_args args; + +#ifdef HAVE_CAVIUM + int ret = OpenNitroxDevice(CAVIUM_DIRECT, CAVIUM_DEV_ID); + if (ret != 0) + err_sys("Cavium OpenNitroxDevice failed"); +#endif /* HAVE_CAVIUM */ + + StartTCP(); + + args.argc = argc; + args.argv = argv; + + CyaSSL_Init(); +#if defined(DEBUG_CYASSL) && !defined(CYASSL_MDK_SHELL) && !defined(STACK_TRAP) + CyaSSL_Debugging_ON(); +#endif + if (CurrentDir("client")) + ChangeDirBack(2); + else if (CurrentDir("Debug") || CurrentDir("Release")) + ChangeDirBack(3); + +#ifdef HAVE_STACK_SIZE + StackSizeCheck(&args, client_test); +#else + client_test(&args); +#endif + CyaSSL_Cleanup(); + +#ifdef HAVE_CAVIUM + CspShutdown(CAVIUM_DEV_ID); +#endif + return args.return_code; + } + + int myoptind = 0; + char* myoptarg = NULL; + +#endif /* NO_MAIN_DRIVER */ + + + +#ifdef CYASSL_CALLBACKS + + int handShakeCB(HandShakeInfo* info) + { + (void)info; + return 0; + } + + + int timeoutCB(TimeoutInfo* info) + { + (void)info; + return 0; + } + +#endif + diff --git a/3P/wolfssl/IDE/MDK5-ARM/Projects/CyaSSL-Full/echoclient.c b/3P/wolfssl/IDE/MDK5-ARM/Projects/CyaSSL-Full/echoclient.c new file mode 100644 index 00000000..73c46ab1 --- /dev/null +++ b/3P/wolfssl/IDE/MDK5-ARM/Projects/CyaSSL-Full/echoclient.c @@ -0,0 +1,282 @@ +/* echoclient.c + * + * Copyright (C) 2006-2015 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +#ifdef HAVE_CONFIG_H + #include +#endif + +#include + +#include + +#if defined(CYASSL_MDK_ARM) + #include + #include + + #if defined(CYASSL_MDK5) + #include "cmsis_os.h" + #include "rl_fs.h" + #include "rl_net.h" + #else + #include "rtl.h" + #endif + + #include "cyassl_MDK_ARM.h" +#endif + +#include + +#include "examples/echoclient/echoclient.h" + +void echoclient_test(void* args) +{ + SOCKET_T sockfd = 0; + + FILE* fin = stdin ; + FILE* fout = stdout; + + int inCreated = 0; + int outCreated = 0; + + char msg[1024]; + char reply[1024+1]; + + SSL_METHOD* method = 0; + SSL_CTX* ctx = 0; + SSL* ssl = 0; + + int doDTLS = 0; + int doPSK = 0; + int sendSz; + int argc = 0; + char** argv = 0; + word16 port = yasslPort; + + ((func_args*)args)->return_code = -1; /* error state */ + +#ifndef CYASSL_MDK_SHELL + argc = ((func_args*)args)->argc; + argv = ((func_args*)args)->argv; +#endif + + if (argc >= 2) { + fin = fopen(argv[1], "r"); + inCreated = 1; + } + if (argc >= 3) { + fout = fopen(argv[2], "w"); + outCreated = 1; + } + + if (!fin) err_sys("can't open input file"); + if (!fout) err_sys("can't open output file"); + +#ifdef CYASSL_DTLS + doDTLS = 1; +#endif + +#ifdef CYASSL_LEANPSK + doPSK = 1; +#endif + +#if defined(NO_RSA) && !defined(HAVE_ECC) + doPSK = 1; +#endif + +#if defined(NO_MAIN_DRIVER) && !defined(USE_WINDOWS_API) && !defined(CYASSL_MDK_SHELL) + port = ((func_args*)args)->signal->port; +#endif + +#if defined(CYASSL_DTLS) + method = DTLSv1_client_method(); +#elif !defined(NO_TLS) + method = CyaSSLv23_client_method(); +#else + method = SSLv3_client_method(); +#endif + ctx = SSL_CTX_new(method); + +#ifndef NO_FILESYSTEM + #ifndef NO_RSA + if (SSL_CTX_load_verify_locations(ctx, caCert, 0) != SSL_SUCCESS) + err_sys("can't load ca file, Please run from CyaSSL home dir"); + #endif + #ifdef HAVE_ECC + if (SSL_CTX_load_verify_locations(ctx, eccCert, 0) != SSL_SUCCESS) + err_sys("can't load ca file, Please run from CyaSSL home dir"); + #endif +#elif !defined(NO_CERTS) + if (!doPSK) + load_buffer(ctx, caCert, CYASSL_CA); +#endif + +#if defined(CYASSL_SNIFFER) && !defined(HAVE_NTRU) && !defined(HAVE_ECC) + /* don't use EDH, can't sniff tmp keys */ + SSL_CTX_set_cipher_list(ctx, "AES256-SHA"); +#endif + if (doPSK) { +#ifndef NO_PSK + const char *defaultCipherList; + + CyaSSL_CTX_set_psk_client_callback(ctx, my_psk_client_cb); + #ifdef HAVE_NULL_CIPHER + defaultCipherList = "PSK-NULL-SHA256"; + #else + defaultCipherList = "PSK-AES128-CBC-SHA256"; + #endif + if (CyaSSL_CTX_set_cipher_list(ctx,defaultCipherList) !=SSL_SUCCESS) + err_sys("client can't set cipher list 2"); +#endif + } + +#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) + SSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack); +#endif + + #if defined(CYASSL_MDK_ARM) + CyaSSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, 0); + #endif + + ssl = SSL_new(ctx); + + + if (doDTLS) { + SOCKADDR_IN_T addr; + build_addr(&addr, yasslIP, port, 1); + CyaSSL_dtls_set_peer(ssl, &addr, sizeof(addr)); + tcp_socket(&sockfd, 1); + } + else { + tcp_connect(&sockfd, yasslIP, port, 0); + } + + SSL_set_fd(ssl, sockfd); +#if defined(USE_WINDOWS_API) && defined(CYASSL_DTLS) && defined(NO_MAIN_DRIVER) + /* let echoserver bind first, TODO: add Windows signal like pthreads does */ + Sleep(100); +#endif + + if (SSL_connect(ssl) != SSL_SUCCESS) err_sys("SSL_connect failed"); + + while (fgets(msg, sizeof(msg), fin) != 0) { + + sendSz = (int)strlen(msg); + + if (SSL_write(ssl, msg, sendSz) != sendSz) + err_sys("SSL_write failed"); + + if (strncmp(msg, "quit", 4) == 0) { + fputs("sending server shutdown command: quit!\n", fout); + break; + } + + if (strncmp(msg, "break", 5) == 0) { + fputs("sending server session close: break!\n", fout); + break; + } + + #ifndef CYASSL_MDK_SHELL + while (sendSz) { + int got; + if ( (got = SSL_read(ssl, reply, sizeof(reply)-1)) > 0) { + reply[got] = 0; + fputs(reply, fout); + fflush(fout) ; + sendSz -= got; + } + else + break; + } + #else + { + int got; + if ( (got = SSL_read(ssl, reply, sizeof(reply)-1)) > 0) { + reply[got] = 0; + fputs(reply, fout); + fflush(fout) ; + sendSz -= got; + } + } + #endif + } + + +#ifdef CYASSL_DTLS + strncpy(msg, "break", 6); + sendSz = (int)strlen(msg); + /* try to tell server done */ + SSL_write(ssl, msg, sendSz); +#else + SSL_shutdown(ssl); +#endif + + SSL_free(ssl); + SSL_CTX_free(ctx); + + fflush(fout); + if (inCreated) fclose(fin); + if (outCreated) fclose(fout); + + CloseSocket(sockfd); + ((func_args*)args)->return_code = 0; +} + + +/* so overall tests can pull in test function */ +#ifndef NO_MAIN_DRIVER + + int main(int argc, char** argv) + { + func_args args; + +#ifdef HAVE_CAVIUM + int ret = OpenNitroxDevice(CAVIUM_DIRECT, CAVIUM_DEV_ID); + if (ret != 0) + err_sys("Cavium OpenNitroxDevice failed"); +#endif /* HAVE_CAVIUM */ + + StartTCP(); + + args.argc = argc; + args.argv = argv; + + CyaSSL_Init(); +#if defined(DEBUG_CYASSL) && !defined(CYASSL_MDK_SHELL) + CyaSSL_Debugging_ON(); +#endif + + if (CurrentDir("echoclient")) + ChangeDirBack(2); + else if (CurrentDir("Debug") || CurrentDir("Release")) + ChangeDirBack(3); + echoclient_test(&args); + + CyaSSL_Cleanup(); + +#ifdef HAVE_CAVIUM + CspShutdown(CAVIUM_DEV_ID); +#endif + return args.return_code; + } + +#endif /* NO_MAIN_DRIVER */ + + diff --git a/3P/wolfssl/IDE/MDK5-ARM/Projects/CyaSSL-Full/echoserver.c b/3P/wolfssl/IDE/MDK5-ARM/Projects/CyaSSL-Full/echoserver.c new file mode 100644 index 00000000..2ac1f7fd --- /dev/null +++ b/3P/wolfssl/IDE/MDK5-ARM/Projects/CyaSSL-Full/echoserver.c @@ -0,0 +1,368 @@ +/* echoserver.c + * + * Copyright (C) 2006-2015 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +#ifdef HAVE_CONFIG_H + #include +#endif + +#include + +#if defined(CYASSL_MDK_ARM) + #include + #include + + #if defined(CYASSL_MDK5) + #include "cmsis_os.h" + #include "rl_fs.h" + #include "rl_net.h" + #else + #include "rtl.h" + #endif + + #include "cyassl_MDK_ARM.h" +#endif + +#include +#include + +#ifndef NO_MAIN_DRIVER + #define ECHO_OUT +#endif + +#include "examples/echoserver/echoserver.h" + + +#ifdef SESSION_STATS + CYASSL_API void PrintSessionStats(void); +#endif + +#define SVR_COMMAND_SIZE 256 + +static void SignalReady(void* args, word16 port) +{ +#if defined(_POSIX_THREADS) && defined(NO_MAIN_DRIVER) && !defined(__MINGW32__) + /* signal ready to tcp_accept */ + func_args* server_args = (func_args*)args; + tcp_ready* ready = server_args->signal; + pthread_mutex_lock(&ready->mutex); + ready->ready = 1; + ready->port = port; + pthread_cond_signal(&ready->cond); + pthread_mutex_unlock(&ready->mutex); +#endif + (void)args; + (void)port; +} + + +THREAD_RETURN CYASSL_THREAD echoserver_test(void* args) +{ + SOCKET_T sockfd = 0; + CYASSL_METHOD* method = 0; + CYASSL_CTX* ctx = 0; + + int doDTLS = 0; + int doPSK = 0; + int outCreated = 0; + int shutDown = 0; + int useAnyAddr = 0; + word16 port = yasslPort; + int argc = ((func_args*)args)->argc; + char** argv = ((func_args*)args)->argv; + +#ifdef ECHO_OUT + FILE* fout = stdout; + if (argc >= 2) { + fout = fopen(argv[1], "w"); + outCreated = 1; + } + if (!fout) err_sys("can't open output file"); +#endif + (void)outCreated; + (void)argc; + (void)argv; + + ((func_args*)args)->return_code = -1; /* error state */ + +#ifdef CYASSL_DTLS + doDTLS = 1; +#endif + +#ifdef CYASSL_LEANPSK + doPSK = 1; +#endif + +#if defined(NO_RSA) && !defined(HAVE_ECC) + doPSK = 1; +#endif + + #if defined(NO_MAIN_DRIVER) && !defined(USE_WINDOWS_API) && \ + !defined(CYASSL_SNIFFER) && !defined(CYASSL_MDK_SHELL) + port = 0; + #endif + #if defined(USE_ANY_ADDR) + useAnyAddr = 1; + #endif + tcp_listen(&sockfd, &port, useAnyAddr, doDTLS); + +#if defined(CYASSL_DTLS) + method = CyaDTLSv1_server_method(); +#elif !defined(NO_TLS) + method = CyaSSLv23_server_method(); +#else + method = wolfSSLv3_server_method(); +#endif + ctx = CyaSSL_CTX_new(method); + /* CyaSSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_OFF); */ + +#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) + CyaSSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack); +#endif + +#ifndef NO_FILESYSTEM + if (doPSK == 0) { + #ifdef HAVE_NTRU + /* ntru */ + if (CyaSSL_CTX_use_certificate_file(ctx, ntruCert, SSL_FILETYPE_PEM) + != SSL_SUCCESS) + err_sys("can't load ntru cert file, " + "Please run from CyaSSL home dir"); + + if (CyaSSL_CTX_use_NTRUPrivateKey_file(ctx, ntruKey) + != SSL_SUCCESS) + err_sys("can't load ntru key file, " + "Please run from CyaSSL home dir"); + #elif defined(HAVE_ECC) + /* ecc */ + if (CyaSSL_CTX_use_certificate_file(ctx, eccCert, SSL_FILETYPE_PEM) + != SSL_SUCCESS) + err_sys("can't load server cert file, " + "Please run from CyaSSL home dir"); + + if (CyaSSL_CTX_use_PrivateKey_file(ctx, eccKey, SSL_FILETYPE_PEM) + != SSL_SUCCESS) + err_sys("can't load server key file, " + "Please run from CyaSSL home dir"); + #elif defined(NO_CERTS) + /* do nothing, just don't load cert files */ + #else + /* normal */ + if (CyaSSL_CTX_use_certificate_file(ctx, svrCert, SSL_FILETYPE_PEM) + != SSL_SUCCESS) + err_sys("can't load server cert file, " + "Please run from CyaSSL home dir"); + + if (CyaSSL_CTX_use_PrivateKey_file(ctx, svrKey, SSL_FILETYPE_PEM) + != SSL_SUCCESS) + err_sys("can't load server key file, " + "Please run from CyaSSL home dir"); + #endif + } /* doPSK */ +#elif !defined(NO_CERTS) + if (!doPSK) { + load_buffer(ctx, svrCert, CYASSL_CERT); + load_buffer(ctx, svrKey, CYASSL_KEY); + } +#endif + +#if defined(CYASSL_SNIFFER) && !defined(HAVE_NTRU) && !defined(HAVE_ECC) + /* don't use EDH, can't sniff tmp keys */ + CyaSSL_CTX_set_cipher_list(ctx, "AES256-SHA"); +#endif + + if (doPSK) { +#ifndef NO_PSK + const char *defaultCipherList; + + CyaSSL_CTX_set_psk_server_callback(ctx, my_psk_server_cb); + CyaSSL_CTX_use_psk_identity_hint(ctx, "cyassl server"); + #ifdef HAVE_NULL_CIPHER + defaultCipherList = "PSK-NULL-SHA256"; + #else + defaultCipherList = "PSK-AES128-CBC-SHA256"; + #endif + if (CyaSSL_CTX_set_cipher_list(ctx, defaultCipherList) != SSL_SUCCESS) + err_sys("server can't set cipher list 2"); +#endif + } + + SignalReady(args, port); + + while (!shutDown) { + CYASSL* ssl = 0; + char command[SVR_COMMAND_SIZE+1]; + int echoSz = 0; + int clientfd; + int firstRead = 1; + int gotFirstG = 0; + +#ifndef CYASSL_DTLS + SOCKADDR_IN_T client; + socklen_t client_len = sizeof(client); + clientfd = accept(sockfd, (struct sockaddr*)&client, + (ACCEPT_THIRD_T)&client_len); +#else + clientfd = udp_read_connect(sockfd); +#endif + if (clientfd == -1) err_sys("tcp accept failed"); + + ssl = CyaSSL_new(ctx); + if (ssl == NULL) err_sys("SSL_new failed"); + CyaSSL_set_fd(ssl, clientfd); + #if !defined(NO_FILESYSTEM) && defined(OPENSSL_EXTRA) + CyaSSL_SetTmpDH_file(ssl, dhParam, SSL_FILETYPE_PEM); + #elif !defined(NO_CERTS) + SetDH(ssl); /* will repick suites with DHE, higher than PSK */ + #endif + if (CyaSSL_accept(ssl) != SSL_SUCCESS) { + printf("SSL_accept failed\n"); + CyaSSL_free(ssl); + CloseSocket(clientfd); + continue; + } +#if defined(PEER_INFO) + showPeer(ssl); +#endif + + while ( (echoSz = CyaSSL_read(ssl, command, sizeof(command)-1)) > 0) { + + if (firstRead == 1) { + firstRead = 0; /* browser may send 1 byte 'G' to start */ + if (echoSz == 1 && command[0] == 'G') { + gotFirstG = 1; + continue; + } + } + else if (gotFirstG == 1 && strncmp(command, "ET /", 4) == 0) { + strncpy(command, "GET", 4); + /* fall through to normal GET */ + } + + if ( strncmp(command, "quit", 4) == 0) { + printf("client sent quit command: shutting down!\n"); + shutDown = 1; + break; + } + if ( strncmp(command, "break", 5) == 0) { + printf("client sent break command: closing session!\n"); + break; + } +#ifdef SESSION_STATS + if ( strncmp(command, "printstats", 10) == 0) { + PrintSessionStats(); + break; + } +#endif + if ( strncmp(command, "GET", 3) == 0) { + char type[] = "HTTP/1.0 200 ok\r\nContent-type:" + " text/html\r\n\r\n"; + char header[] = "\n
\n";
+                char body[]   = "greetings from CyaSSL\n";
+                char footer[] = "\r\n\r\n";
+            
+                strncpy(command, type, sizeof(type));
+                echoSz = sizeof(type) - 1;
+
+                strncpy(&command[echoSz], header, sizeof(header));
+                echoSz += (int)sizeof(header) - 1;
+                strncpy(&command[echoSz], body, sizeof(body));
+                echoSz += (int)sizeof(body) - 1;
+                strncpy(&command[echoSz], footer, sizeof(footer));
+                echoSz += (int)sizeof(footer);
+
+                if (CyaSSL_write(ssl, command, echoSz) != echoSz)
+                    err_sys("SSL_write failed");
+                break;
+            }
+            command[echoSz] = 0;
+
+            #ifdef ECHO_OUT
+                fputs(command, fout);
+            #endif
+
+            if (CyaSSL_write(ssl, command, echoSz) != echoSz)
+                err_sys("SSL_write failed");
+        }
+#ifndef CYASSL_DTLS
+        CyaSSL_shutdown(ssl);
+#endif
+        CyaSSL_free(ssl);
+        CloseSocket(clientfd);
+#ifdef CYASSL_DTLS
+        tcp_listen(&sockfd, &port, useAnyAddr, doDTLS);
+        SignalReady(args, port);
+#endif
+    }
+
+    CloseSocket(sockfd);
+    CyaSSL_CTX_free(ctx);
+
+#ifdef ECHO_OUT
+    if (outCreated)
+        fclose(fout);
+#endif
+
+    ((func_args*)args)->return_code = 0;
+    return 0;
+}
+
+
+/* so overall tests can pull in test function */
+#ifndef NO_MAIN_DRIVER
+
+    int main(int argc, char** argv)
+    {
+        func_args args;
+
+#ifdef HAVE_CAVIUM
+        int ret = OpenNitroxDevice(CAVIUM_DIRECT, CAVIUM_DEV_ID);
+        if (ret != 0)
+            err_sys("Cavium OpenNitroxDevice failed");
+#endif /* HAVE_CAVIUM */
+
+        StartTCP();
+
+        args.argc = argc;
+        args.argv = argv;
+
+        CyaSSL_Init();
+#if defined(DEBUG_CYASSL) && !defined(CYASSL_MDK_SHELL)
+        CyaSSL_Debugging_ON();
+#endif
+        if (CurrentDir("echoserver"))
+            ChangeDirBack(2);
+        else if (CurrentDir("Debug") || CurrentDir("Release"))
+            ChangeDirBack(3);
+        echoserver_test(&args);
+        CyaSSL_Cleanup();
+
+#ifdef HAVE_CAVIUM
+        CspShutdown(CAVIUM_DEV_ID);
+#endif
+        return args.return_code;
+    }
+
+        
+#endif /* NO_MAIN_DRIVER */
+
+
+
+
diff --git a/3P/wolfssl/IDE/MDK5-ARM/Projects/CyaSSL-Full/main.c b/3P/wolfssl/IDE/MDK5-ARM/Projects/CyaSSL-Full/main.c
new file mode 100644
index 00000000..ae487e70
--- /dev/null
+++ b/3P/wolfssl/IDE/MDK5-ARM/Projects/CyaSSL-Full/main.c
@@ -0,0 +1,102 @@
+/* main.c
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+ 
+#ifdef HAVE_CONFIG_H
+    #include 
+#endif
+
+#include 
+#include 
+
+#include "cmsis_os.h"
+#if !defined(NO_FILESYSTEM)
+#include "rl_fs.h" 
+#endif
+#include "rl_net.h" 
+#include 
+#include "cyassl_MDK_ARM.h"
+#include 
+
+/*-----------------------------------------------------------------------------
+ *        Initialize a Flash Memory Card
+ *----------------------------------------------------------------------------*/
+#if !defined(NO_FILESYSTEM)
+static void init_filesystem (void) {
+  int32_t retv;
+
+  retv = finit ("M0:");
+  if (retv == 0) {
+    retv = fmount ("M0:");
+    if (retv == 0) {
+      printf ("Drive M0 ready!\n");
+    }
+    else {
+      printf ("Drive M0 mount failed!\n");
+    }
+  }
+  else {
+    printf ("Drive M0 initialization failed!\n");
+  }
+}
+#endif
+
+/*-----------------------------------------------------------------------------
+ *        TCP/IP tasks
+ *----------------------------------------------------------------------------*/
+void tcp_poll (void const *arg)
+{
+    CYASSL_MSG("TCP polling started.\n") ;
+    while (1) {
+        net_main ();
+        osDelay(1) ;
+    }
+}
+
+extern void shell_main(void * args) ;
+extern void init_time(void) ;
+
+osThreadDef (tcp_poll, osPriorityHigh, 1, 0) ;
+/*-----------------------------------------------------------------------------
+ *       mian entry 
+ *----------------------------------------------------------------------------*/
+int myoptind = 0;
+char* myoptarg = NULL;
+
+int main() 
+{
+    void *arg = NULL ;
+	
+	#if !defined(NO_FILESYSTEM)
+    init_filesystem ();
+	#endif
+	
+    net_initialize() ;
+    
+    osThreadCreate (osThread (tcp_poll), NULL); 
+    osDelay(10000) ;  /* wait for DHCP */
+    #if defined(DEBUG_CYASSL)
+         printf("Turning ON Debug message\n") ;
+         CyaSSL_Debugging_ON() ;
+    #endif
+
+    shell_main(arg) ;   
+
+}
diff --git a/3P/wolfssl/IDE/MDK5-ARM/Projects/CyaSSL-Full/server.c b/3P/wolfssl/IDE/MDK5-ARM/Projects/CyaSSL-Full/server.c
new file mode 100644
index 00000000..4c79540c
--- /dev/null
+++ b/3P/wolfssl/IDE/MDK5-ARM/Projects/CyaSSL-Full/server.c
@@ -0,0 +1,605 @@
+/* server.c
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+#ifdef HAVE_CONFIG_H
+    #include 
+#endif
+
+#include 
+
+#if !defined(CYASSL_TRACK_MEMORY) && !defined(NO_MAIN_DRIVER)
+    /* in case memory tracker wants stats */
+    #define CYASSL_TRACK_MEMORY
+#endif
+
+#if defined(CYASSL_MDK_ARM)
+        #include 
+        #include 
+
+        #if defined(CYASSL_MDK5)
+            #include "cmsis_os.h"
+            #include "rl_fs.h" 
+            #include "rl_net.h" 
+        #else
+            #include "rtl.h"
+        #endif
+
+        #include "cyassl_MDK_ARM.h"
+#endif
+#include 
+#include 
+
+#include "examples/server/server.h"
+
+
+#ifdef CYASSL_CALLBACKS
+    int srvHandShakeCB(HandShakeInfo*);
+    int srvTimeoutCB(TimeoutInfo*);
+    Timeval srvTo;
+#endif
+
+static void NonBlockingSSL_Accept(SSL* ssl)
+{
+#ifndef CYASSL_CALLBACKS
+    int ret = SSL_accept(ssl);
+#else
+    int ret = CyaSSL_accept_ex(ssl, srvHandShakeCB, srvTimeoutCB, srvTo);
+#endif
+    int error = SSL_get_error(ssl, 0);
+    SOCKET_T sockfd = (SOCKET_T)CyaSSL_get_fd(ssl);
+    int select_ret;
+
+    while (ret != SSL_SUCCESS && (error == SSL_ERROR_WANT_READ ||
+                                  error == SSL_ERROR_WANT_WRITE)) {
+        int currTimeout = 1;
+
+        if (error == SSL_ERROR_WANT_READ)
+            printf("... server would read block\n");
+        else
+            printf("... server would write block\n");
+
+#ifdef CYASSL_DTLS
+        currTimeout = CyaSSL_dtls_get_current_timeout(ssl);
+#endif
+        select_ret = tcp_select(sockfd, currTimeout);
+
+        if ((select_ret == TEST_RECV_READY) ||
+                                        (select_ret == TEST_ERROR_READY)) {
+            #ifndef CYASSL_CALLBACKS
+                ret = SSL_accept(ssl);
+            #else
+                ret = CyaSSL_accept_ex(ssl,
+                                    srvHandShakeCB, srvTimeoutCB, srvTo);
+            #endif
+            error = SSL_get_error(ssl, 0);
+        }
+        else if (select_ret == TEST_TIMEOUT && !CyaSSL_dtls(ssl)) {
+            error = SSL_ERROR_WANT_READ;
+        }
+#ifdef CYASSL_DTLS
+        else if (select_ret == TEST_TIMEOUT && CyaSSL_dtls(ssl) &&
+                                            CyaSSL_dtls_got_timeout(ssl) >= 0) {
+            error = SSL_ERROR_WANT_READ;
+        }
+#endif
+        else {
+            error = SSL_FATAL_ERROR;
+        }
+    }
+    if (ret != SSL_SUCCESS)
+        err_sys("SSL_accept failed");
+}
+
+
+static void Usage(void)
+{
+    printf("server "    LIBCYASSL_VERSION_STRING
+           " NOTE: All files relative to CyaSSL home dir\n");
+    printf("-?          Help, print this usage\n");
+    printf("-p     Port to listen on, not 0, default %d\n", yasslPort);
+    printf("-v     SSL version [0-3], SSLv3(0) - TLS1.2(3)), default %d\n",
+                                 SERVER_DEFAULT_VERSION);
+    printf("-l     Cipher list\n");
+    printf("-c    Certificate file,           default %s\n", svrCert);
+    printf("-k    Key file,                   default %s\n", svrKey);
+    printf("-A    Certificate Authority file, default %s\n", cliCert);
+    printf("-d          Disable client cert check\n");
+    printf("-b          Bind to any interface instead of localhost only\n");
+    printf("-s          Use pre Shared keys\n");
+    printf("-t          Track CyaSSL memory use\n");
+    printf("-u          Use UDP DTLS,"
+           " add -v 2 for DTLSv1 (default), -v 3 for DTLSv1.2\n");
+    printf("-f          Fewer packets/group messages\n");
+    printf("-N          Use Non-blocking sockets\n");
+    printf("-S     Use Host Name Indication\n");
+#ifdef HAVE_OCSP
+    printf("-o          Perform OCSP lookup on peer certificate\n");
+    printf("-O     Perform OCSP lookup using  as responder\n");
+#endif
+#ifdef HAVE_PK_CALLBACKS 
+    printf("-P          Public Key Callbacks\n");
+#endif
+}
+
+THREAD_RETURN CYASSL_THREAD server_test(void* args)
+{
+    SOCKET_T sockfd   = 0;
+    SOCKET_T clientfd = 0;
+
+    SSL_METHOD* method = 0;
+    SSL_CTX*    ctx    = 0;
+    SSL*        ssl    = 0;
+
+    char   msg[] = "I hear you fa shizzle!";
+    char   input[80];
+    int    idx;
+    int    ch;
+    int    version = SERVER_DEFAULT_VERSION;
+    int    doCliCertCheck = 0; /* = 0 for no Realtime Clock environment */
+    int    useAnyAddr = 0;
+    word16 port = yasslPort;
+    int    usePsk = 0;
+    int    doDTLS = 0;
+    int    useNtruKey   = 0;
+    int    nonBlocking  = 0;
+    int    trackMemory  = 0;
+    int    fewerPackets = 0;
+    int    pkCallbacks  = 0;
+    char*  cipherList = NULL;
+    char*  verifyCert = (char*)cliCert;
+    char*  ourCert    = (char*)svrCert;
+    char*  ourKey     = (char*)svrKey;
+    int    argc = ((func_args*)args)->argc;
+    char** argv = ((func_args*)args)->argv;
+
+#ifdef HAVE_SNI
+    char*  sniHostName = NULL;
+#endif
+
+#ifdef HAVE_OCSP
+    int    useOcsp  = 0;
+    char*  ocspUrl  = NULL;
+#endif
+
+    ((func_args*)args)->return_code = -1; /* error state */
+
+#ifdef NO_RSA
+    verifyCert = (char*)cliEccCert;
+    ourCert    = (char*)eccCert;
+    ourKey     = (char*)eccKey;
+#endif
+    (void)trackMemory;
+    (void)pkCallbacks;
+
+    while ((ch = mygetopt(argc, argv, "?dbstnNufPp:v:l:A:c:k:S:oO:")) != -1) {
+        switch (ch) {
+            case '?' :
+                Usage();
+                exit(EXIT_SUCCESS);
+
+            case 'd' :
+                doCliCertCheck = 0;
+                break;
+
+            case 'b' :
+                useAnyAddr = 1;
+                break;
+
+            case 's' :
+                usePsk = 1;
+                break;
+
+            case 't' :
+            #ifdef USE_CYASSL_MEMORY
+                trackMemory = 1;
+            #endif
+                break;
+
+            case 'n' :
+                useNtruKey = 1;
+                break;
+
+            case 'u' :
+                doDTLS  = 1;
+                break;
+
+            case 'f' :
+                fewerPackets = 1;
+                break;
+
+            case 'P' :
+            #ifdef HAVE_PK_CALLBACKS 
+                pkCallbacks = 1;
+            #endif
+                break;
+
+            case 'p' :
+                port = (word16)atoi(myoptarg);
+                #if !defined(NO_MAIN_DRIVER) || defined(USE_WINDOWS_API)
+                    if (port == 0)
+                        err_sys("port number cannot be 0");
+                #endif
+                break;
+
+            case 'v' :
+                version = atoi(myoptarg);
+                if (version < 0 || version > 3) {
+                    Usage();
+                    exit(MY_EX_USAGE);
+                }
+                break;
+
+            case 'l' :
+                cipherList = myoptarg;
+                break;
+
+            case 'A' :
+                verifyCert = myoptarg;
+                break;
+
+            case 'c' :
+                ourCert = myoptarg;
+                break;
+
+            case 'k' :
+                ourKey = myoptarg;
+                break;
+
+            case 'N':
+                nonBlocking = 1;
+                break;
+
+            case 'S' :
+                #ifdef HAVE_SNI
+                    sniHostName = myoptarg;
+                #endif
+                break;
+
+            case 'o' :
+                #ifdef HAVE_OCSP
+                    useOcsp = 1;
+                #endif
+                break;
+
+            case 'O' :
+                #ifdef HAVE_OCSP
+                    useOcsp = 1;
+                    ocspUrl = myoptarg;
+                #endif
+                break;
+
+            default:
+                Usage();
+                exit(MY_EX_USAGE);
+        }
+    }
+
+    myoptind = 0;      /* reset for test cases */
+
+    /* sort out DTLS versus TLS versions */
+    if (version == CLIENT_INVALID_VERSION) {
+        if (doDTLS)
+            version = CLIENT_DTLS_DEFAULT_VERSION;
+        else
+            version = CLIENT_DEFAULT_VERSION;
+    }
+    else {
+        if (doDTLS) {
+            if (version == 3)
+                version = -2;
+            else
+                version = -1;
+        }
+    }
+
+#ifdef USE_CYASSL_MEMORY
+    if (trackMemory)
+        InitMemoryTracker(); 
+#endif
+
+    switch (version) {
+#ifndef NO_OLD_TLS
+        case 0:
+            method = SSLv3_server_method();
+            break;
+
+    #ifndef NO_TLS
+        case 1:
+            method = TLSv1_server_method();
+            break;
+
+
+        case 2:
+            method = TLSv1_1_server_method();
+            break;
+
+        #endif
+#endif
+
+#ifndef NO_TLS
+        case 3:
+            method = TLSv1_2_server_method();
+            break;
+#endif
+                
+#ifdef CYASSL_DTLS
+        case -1:
+            method = DTLSv1_server_method();
+            break;
+
+        case -2:
+            method = DTLSv1_2_server_method();
+            break;
+#endif
+
+        default:
+            err_sys("Bad SSL version");
+    }
+
+    if (method == NULL)
+        err_sys("unable to get method");
+
+    ctx = SSL_CTX_new(method);
+    if (ctx == NULL)
+        err_sys("unable to get ctx");
+
+    if (cipherList)
+        if (SSL_CTX_set_cipher_list(ctx, cipherList) != SSL_SUCCESS)
+            err_sys("server can't set cipher list 1");
+
+#ifdef CYASSL_LEANPSK
+    usePsk = 1;
+#endif
+
+#if defined(NO_RSA) && !defined(HAVE_ECC)
+    usePsk = 1;
+#endif
+
+    if (fewerPackets)
+        CyaSSL_CTX_set_group_messages(ctx);
+
+#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER)
+    SSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack);
+#endif
+
+#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS)
+    if (!usePsk) {
+        if (SSL_CTX_use_certificate_file(ctx, ourCert, SSL_FILETYPE_PEM)
+                                         != SSL_SUCCESS)
+            err_sys("can't load server cert file, check file and run from"
+                    " CyaSSL home dir");
+    }
+#endif
+
+#ifdef HAVE_NTRU
+    if (useNtruKey) {
+        if (CyaSSL_CTX_use_NTRUPrivateKey_file(ctx, ourKey)
+                                               != SSL_SUCCESS)
+            err_sys("can't load ntru key file, "
+                    "Please run from CyaSSL home dir");
+    }
+#endif
+
+#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS)
+    if (!useNtruKey && !usePsk) {
+        if (SSL_CTX_use_PrivateKey_file(ctx, ourKey, SSL_FILETYPE_PEM)
+                                         != SSL_SUCCESS)
+            err_sys("can't load server private key file, check file and run "
+                "from CyaSSL home dir");
+    }
+#endif
+
+    if (usePsk) {
+#ifndef NO_PSK
+        SSL_CTX_set_psk_server_callback(ctx, my_psk_server_cb);
+        SSL_CTX_use_psk_identity_hint(ctx, "cyassl server");
+        if (cipherList == NULL) {
+            const char *defaultCipherList;
+            #ifdef HAVE_NULL_CIPHER
+                defaultCipherList = "PSK-NULL-SHA256";
+            #else
+                defaultCipherList = "PSK-AES128-CBC-SHA256";
+            #endif
+            if (SSL_CTX_set_cipher_list(ctx, defaultCipherList) != SSL_SUCCESS)
+                err_sys("server can't set cipher list 2");
+        }
+#endif
+    }
+
+#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS)
+    /* if not using PSK, verify peer with certs */
+    if (doCliCertCheck && usePsk == 0) {
+        SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER |
+                                SSL_VERIFY_FAIL_IF_NO_PEER_CERT,0);
+        if (SSL_CTX_load_verify_locations(ctx, verifyCert, 0) != SSL_SUCCESS)
+            err_sys("can't load ca file, Please run from CyaSSL home dir");
+    }
+#endif
+
+#if defined(CYASSL_SNIFFER) && !defined(HAVE_NTRU) && !defined(HAVE_ECC)
+    /* don't use EDH, can't sniff tmp keys */
+    if (cipherList == NULL) {
+        if (SSL_CTX_set_cipher_list(ctx, "AES256-SHA256") != SSL_SUCCESS)
+            err_sys("server can't set cipher list 3");
+    }
+#endif
+
+#ifdef HAVE_SNI
+    if (sniHostName)
+        if (CyaSSL_CTX_UseSNI(ctx, CYASSL_SNI_HOST_NAME, sniHostName,
+                                           XSTRLEN(sniHostName)) != SSL_SUCCESS)
+            err_sys("UseSNI failed");
+#endif
+
+    ssl = SSL_new(ctx);
+    if (ssl == NULL)
+        err_sys("unable to get SSL");
+
+#ifdef HAVE_CRL
+    CyaSSL_EnableCRL(ssl, 0);
+    CyaSSL_LoadCRL(ssl, crlPemDir, SSL_FILETYPE_PEM, CYASSL_CRL_MONITOR |
+                                                     CYASSL_CRL_START_MON);
+    CyaSSL_SetCRL_Cb(ssl, CRL_CallBack);
+#endif
+#ifdef HAVE_OCSP
+    if (useOcsp) {
+        if (ocspUrl != NULL) {
+            CyaSSL_CTX_SetOCSP_OverrideURL(ctx, ocspUrl);
+            CyaSSL_CTX_EnableOCSP(ctx, CYASSL_OCSP_NO_NONCE
+                                                    | CYASSL_OCSP_URL_OVERRIDE);
+        }
+        else
+            CyaSSL_CTX_EnableOCSP(ctx, CYASSL_OCSP_NO_NONCE);
+    }
+#endif
+#ifdef HAVE_PK_CALLBACKS
+    if (pkCallbacks)
+        SetupPkCallbacks(ctx, ssl);
+#endif
+
+    tcp_accept(&sockfd, &clientfd, (func_args*)args, port, useAnyAddr, doDTLS,
+               0);
+    if (!doDTLS) 
+        CloseSocket(sockfd);
+
+    SSL_set_fd(ssl, clientfd);
+    if (usePsk == 0) {
+        #if !defined(NO_FILESYSTEM) && defined(OPENSSL_EXTRA)
+            CyaSSL_SetTmpDH_file(ssl, dhParam, SSL_FILETYPE_PEM);
+        #elif !defined(NO_CERTS)
+            SetDH(ssl);  /* repick suites with DHE, higher priority than PSK */
+        #endif
+    }
+
+#ifndef CYASSL_CALLBACKS
+    if (nonBlocking) {
+        CyaSSL_set_using_nonblock(ssl, 1);
+        tcp_set_nonblocking(&clientfd);
+        NonBlockingSSL_Accept(ssl);
+    } else if (SSL_accept(ssl) != SSL_SUCCESS) {
+        int err = SSL_get_error(ssl, 0);
+        char buffer[CYASSL_MAX_ERROR_SZ];
+        printf("error = %d, %s\n", err, ERR_error_string(err, buffer));
+        err_sys("SSL_accept failed");
+    }
+#else
+    NonBlockingSSL_Accept(ssl);
+#endif
+    showPeer(ssl);
+
+    idx = SSL_read(ssl, input, sizeof(input)-1);
+    if (idx > 0) {
+        input[idx] = 0;
+        printf("Client message: %s\n", input);
+
+    }
+    else if (idx < 0) {
+        int readErr = SSL_get_error(ssl, 0);
+        if (readErr != SSL_ERROR_WANT_READ)
+            err_sys("SSL_read failed");
+    }
+
+    if (SSL_write(ssl, msg, sizeof(msg)) != sizeof(msg))
+        err_sys("SSL_write failed");
+        
+    #if defined(CYASSL_MDK_SHELL) && defined(HAVE_MDK_RTX)
+        os_dly_wait(500) ;
+    #endif
+
+    SSL_shutdown(ssl);
+    SSL_free(ssl);
+    SSL_CTX_free(ctx);
+    
+    CloseSocket(clientfd);
+    ((func_args*)args)->return_code = 0;
+
+#ifdef USE_CYASSL_MEMORY
+    if (trackMemory)
+        ShowMemoryTracker();
+#endif /* USE_CYASSL_MEMORY */
+
+    return 0;
+}
+
+
+/* so overall tests can pull in test function */
+#ifndef NO_MAIN_DRIVER
+
+    int main(int argc, char** argv)
+    {
+        func_args args;
+
+#ifdef HAVE_CAVIUM
+        int ret = OpenNitroxDevice(CAVIUM_DIRECT, CAVIUM_DEV_ID);
+        if (ret != 0)
+            err_sys("Cavium OpenNitroxDevice failed");
+#endif /* HAVE_CAVIUM */
+
+        StartTCP();
+
+        args.argc = argc;
+        args.argv = argv;
+
+        CyaSSL_Init();
+#if defined(DEBUG_CYASSL) && !defined(CYASSL_MDK_SHELL)
+        CyaSSL_Debugging_ON();
+#endif
+        if (CurrentDir("server"))
+            ChangeDirBack(2);
+        else if (CurrentDir("Debug") || CurrentDir("Release"))
+            ChangeDirBack(3);
+   
+#ifdef HAVE_STACK_SIZE
+        StackSizeCheck(&args, server_test);
+#else 
+        server_test(&args);
+#endif
+        CyaSSL_Cleanup();
+
+#ifdef HAVE_CAVIUM
+        CspShutdown(CAVIUM_DEV_ID);
+#endif
+        return args.return_code;
+    }
+
+    int myoptind = 0;
+    char* myoptarg = NULL;
+
+#endif /* NO_MAIN_DRIVER */
+
+
+#ifdef CYASSL_CALLBACKS
+
+    int srvHandShakeCB(HandShakeInfo* info)
+    {
+        (void)info;
+        return 0;
+    }
+
+
+    int srvTimeoutCB(TimeoutInfo* info)
+    {
+        (void)info;
+        return 0;
+    }
+
+#endif
+
diff --git a/3P/wolfssl/IDE/MDK5-ARM/Projects/CyaSSL-Full/shell.c b/3P/wolfssl/IDE/MDK5-ARM/Projects/CyaSSL-Full/shell.c
new file mode 100644
index 00000000..7103e573
--- /dev/null
+++ b/3P/wolfssl/IDE/MDK5-ARM/Projects/CyaSSL-Full/shell.c
@@ -0,0 +1,657 @@
+/*shell.c
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+ 
+ /*** tiny Shell for CyaSSL apps ***/
+ 
+ #ifdef HAVE_CONFIG_H
+    #include 
+#endif
+
+#include "cyassl/internal.h"
+#undef RNG
+#include 
+
+#if defined(CYASSL_MDK_ARM)
+    #include 
+    #include 
+    #include 
+        #if defined(CYASSL_MDK5)
+            #include "cmsis_os.h"
+        #include "rl_fs.h" 
+    #else
+            #include 
+        #endif
+    #include "cyassl_MDK_ARM.h"
+#endif
+
+#ifdef CYASSL_KEIL_NET
+#include "cyassl/test.h"
+#else
+typedef struct func_args {
+    int    argc;
+    char** argv;
+    int    return_code;
+} func_args;
+#endif
+
+#ifdef NO_ECHOCLIENT
+#define echoclient_test command_not_found
+#endif
+#ifdef NO_ECHOSERVER
+#define echoserver_test command_not_found
+#endif
+#ifdef NO_SIMPLE_CLIENT
+#define client_test command_not_found
+#endif
+#ifdef NO_SIMPLE_SERVER
+#define server_test command_not_found
+#endif
+#ifdef NO_CRYPT_BENCHMARK
+#define benchmark_test command_not_found
+#endif
+#ifdef NO_CRYPT_TEST
+#define ctaocrypt_test command_not_found
+#endif
+
+#ifndef CYASSL_KEIL_NET
+#define ipaddr_comm command_not_found
+#endif
+
+#if !defined(HAVE_KEIL_RTX)
+#define stack_comm command_not_found
+#endif
+
+
+#if !defined(DEBUG_CYASSL)
+#define dbg_comm command_not_found
+#endif
+
+
+void command_not_found(void *argv) {
+        printf("Command not found\n") ;
+}
+
+extern void echoclient_test(void *args) ;
+extern void echoserver_test(void *args) ;
+extern void benchmark_test(void *args) ;
+extern void ctaocrypt_test(void *args) ;
+extern void client_test(void *args) ;
+extern void server_test(void *args) ;
+extern void kill_task(void *args) ;
+extern void ipaddr_comm(void *args) ;
+extern void stack_comm(void *args) ;
+extern void for_command(void *args) ;
+extern void dbg_comm(void *arg) ;
+extern void help_comm(void *arg) ;
+
+#if !defined(NO_CRYPT_TEST)
+
+#ifndef NO_MD5
+extern void md5_test(void *arg) ;
+#endif
+#ifdef CYASSL_MD2
+extern void md2_test(void *arg) ;
+#endif
+#ifndef NO_MD4
+extern void md4_test(void *arg) ;
+#endif
+
+extern void sha_test(void *arg) ;
+
+#ifndef NO_SHA256
+extern void sha256_test(void *arg) ;
+#endif
+#ifdef CYASSL_SHA384
+extern void sha384_test(void *arg) ;
+#endif
+
+#ifdef CYASSL_SHA512
+extern void sha512_test(void *arg) ;
+#endif
+
+#ifdef CYASSL_RIPEMD
+extern void ripemd_test(void *arg) ;
+#endif
+#ifndef NO_HMAC
+    #ifndef NO_MD5
+extern void hmac_md5_test(void *arg) ;
+    #endif
+extern void hmac_sha_test(void *arg) ;
+
+    #ifndef NO_SHA256
+extern void hmac_sha256_test(void *arg) ;
+    #endif
+
+    #ifdef CYASSL_SHA384
+extern void hmac_sha384_test(void *arg) ;
+    #endif
+#endif
+#ifndef NO_RC4
+extern void arc4_test(void *arg) ;
+#endif
+
+#ifndef NO_HC128
+extern void hc128_test(void *arg) ;
+#endif
+
+#ifndef NO_RABBIT
+extern void rabbit_test(void *arg) ;
+#endif
+
+#ifndef NO_DES3
+extern void des_test(void *arg) ;
+extern void des3_test(void *arg) ;
+#endif
+
+#ifndef NO_AES
+extern void aes_test(void *arg) ;
+#ifdef HAVE_AESGCM
+extern void aesgcm_test(void *arg) ;
+#endif
+
+#ifdef HAVE_AESCCM
+extern void aesccm_test(void *arg) ;
+#endif
+#endif
+
+#ifdef HAVE_CAMELLIA
+extern void camellia_test(void *arg) ;
+#endif
+extern void random_test(void *arg) ;
+
+#ifndef NO_RSA
+extern void rsa_test(void *arg) ;
+#endif
+
+#ifndef NO_DH
+extern void dh_test(void *arg) ;
+#endif
+
+#ifndef NO_DSA
+extern void dsa_test(void *arg) ;
+#endif
+    
+#ifndef NO_PWDBASED
+extern void pwdbased_test(void *arg) ;
+#endif
+
+#ifdef OPENSSL_EXTRA
+extern void openssl_test(void *arg) ;
+#endif
+
+#ifdef HAVE_ECC
+extern void ecc_test(void *arg) ;
+#endif
+
+#endif /* NO_CRYPT_TEST */
+
+static struct {
+  const char *command ;
+    void (*func)(void *args) ;
+}   commandTable[] = {
+    "echoclient", echoclient_test,
+    "echoserver", echoserver_test,
+    "benchmark", benchmark_test,
+    "test", ctaocrypt_test,
+    "client", client_test,
+    "server", server_test,
+    "ipaddr", ipaddr_comm,      /* TBD */
+    "stack", stack_comm,        /* On/Off check stack size */
+    "for", for_command,         /* iterate next command X times */
+    "debug", dbg_comm,          /* On/Off debug message  */
+    "help", help_comm,          /* Breif description about the commands */
+
+    /** short name **/
+    "ec", echoclient_test,
+    "es", echoserver_test,
+    "bm", benchmark_test,
+    "te", ctaocrypt_test,
+    "cl", client_test,
+    "sv", server_test,
+    "ip", ipaddr_comm,
+    "st", stack_comm,
+  "dbg", dbg_comm,
+    "?",    help_comm,
+
+/*** test suites ****/
+#if !defined(NO_CRYPT_TEST)
+#ifndef NO_MD5
+  "md5",  md5_test,
+#endif
+#ifdef CYASSL_MD2
+  "md2",  md2_test,
+#endif
+#ifndef NO_MD4
+  "md4",  md4_test,
+#endif
+  "sha",  sha_test,
+#ifndef NO_SHA256
+  "sha256",  sha256_test,
+#endif
+#ifdef CYASSL_SHA384
+  "sha384",  sha384_test,
+#endif
+#ifdef CYASSL_SHA512
+  "sha512",  sha512_test,
+#endif
+#ifdef CYASSL_RIPEMD
+  "ripemd",  ripemd_test,
+#endif
+#ifndef NO_HMAC
+  #ifndef NO_MD5
+  "hmac_md5",  hmac_md5_test,
+    #endif
+  "hmac_sha",  hmac_sha_test,
+    #ifndef NO_SHA256
+  "hmac_sha256",  hmac_sha256_test,
+    #endif
+    #ifdef CYASSL_SHA384
+  "hmac_sha384",  hmac_sha384_test,
+  #endif
+#endif
+#ifndef NO_RC4
+    "arc4",  arc4_test,
+#endif
+#ifndef NO_HC128
+  "hc128",  hc128_test,
+#endif
+#ifndef NO_RABBIT
+  "rabbit",  rabbit_test,
+#endif
+#ifndef NO_DES3
+  "des",  des_test,
+  "des3",  des3_test,
+#endif  
+#ifndef NO_AES  
+  "aes",  aes_test,
+    #ifdef HAVE_AESGCM
+  "aesgcm",  aesgcm_test,
+    #endif
+    #ifdef HAVE_AESCCM
+  "aesccm",  aesccm_test,
+    #endif
+#endif
+
+#ifdef HAVE_CAMELLIA
+  "camellia",  camellia_test,
+#endif
+  "random",  random_test,
+#ifndef NO_RSA
+  "rsa",  rsa_test,
+#endif
+#ifndef NO_DH
+  "dh",  dh_test,
+#endif
+#ifndef NO_DSA
+    "dsa",  dsa_test,
+#endif 
+#ifndef NO_PWDBASED
+  "pwdbased",  pwdbased_test,
+#endif  
+#ifdef OPENSSL_EXTRA
+  "openssl",  openssl_test,
+#endif
+#ifdef HAVE_ECC
+  "ecc",  ecc_test,
+#endif
+
+#endif /* NO_CRYPT_TEST */
+
+    "",  NULL
+} ;
+
+enum jobtype { FORGROUND, BACKGROUND }  ;
+
+#define IF_DELIMITER(ch) ((ch) == ' ' || (ch) == '\n')
+
+static int BackGround = 0 ; /* 1: background job is running */
+
+/*******  Get Command Line *****************************/
+static int getline(char * line, int sz, func_args *args, int*bf_flg) 
+{
+    char * ret ;
+    int i ;
+    
+    #define MAXARGS 10
+    #define MAXARGLEN 30
+    static char *argv[MAXARGS] ;
+    args->argv = argv ;
+    
+    putchar('>') ;
+    fflush(stdout) ;
+    ret = fgets(line, sz, stdin) ;
+    
+    #define SHELL_ERROR_FGETS -102
+    if(ret != line) return(SHELL_ERROR_FGETS) ;
+    
+    if(line[strlen(line)-2] == '&') {
+        (*bf_flg) = BACKGROUND ;
+        line[strlen(line)-2] = '\n' ;
+    } else {
+        (*bf_flg) = FORGROUND ;
+    }
+    args->argc = 0 ;
+    for(i=0; iargv[args->argc] = &(line[i]) ;
+        while(!IF_DELIMITER(line[i])) i++ ;
+        args->argc++ ;
+        if(line[i] == '\n') {
+            line[i]  = '\0' ;
+            break ;
+        } else {
+            line[i]  = '\0' ;
+        }
+    }
+    return i ;
+}
+
+
+/************* Embedded Shell Commands **********************************/
+#define IP_SIZE 16
+
+#ifdef CYASSL_KEIL_NET
+static void ipaddr_comm(void *args) 
+{
+    if(((func_args *)args)->argc == 1) {
+            printf("IP addr: %s, port %d\n", yasslIP, yasslPort) ;
+    } else {
+        if(BackGround != 0) {
+        printf("Cannot change IP addr while background server is running\n") ;
+        } else if(((func_args *)args)->argc == 3 && 
+                  ((func_args *)args)->argv[1][0] == '-'&& 
+                  ((func_args *)args)->argv[1][1] == 'a' ) {
+/*          strcpy(yasslIP, ((func_args *)args)->argv[2]) ; */
+        } else if(((func_args *)args)->argc == 3 && 
+                  ((func_args *)args)->argv[1][0] == '-' && 
+                  ((func_args *)args)->argv[1][1] == 'p' ) {
+/*          yasslPort = atoi(((func_args *)args)->argv[2]) ; */
+        } else printf("Invalid argument\n") ; 
+    }
+}
+
+#endif
+
+
+
+#if defined(HAVE_KEIL_RTX)
+static int stack_ck = 0 ;
+
+void stack_comm(void *args) 
+{
+    if(stack_ck) {
+        printf("Stack Check: Off\n") ;
+        stack_ck = 0 ;
+    } else {
+        printf("Stack Check: On\n") ;
+        stack_ck = 1 ;
+    }
+}
+    
+#define FILL_PATTERN 0xa596695a
+void stack_fill(char * stack, int size)
+{
+    int i ;
+
+    if(stack_ck == 0)return ;
+    for(i=1; iargc == 1) {
+        printf("For %d times\n", for_iteration) ;
+    } else if( args == NULL || ((func_args *)args)->argc == 2) {
+        for_iteration = atoi(((func_args *)args)->argv[1]) ;
+    } else printf("Invalid argument\n") ;
+}
+
+
+#if defined(DEBUG_CYASSL)
+
+static int CyasslDebug = 1 ;
+
+static void dbg_comm(void *args) 
+{
+    if(CyasslDebug == 1) {
+        CyasslDebug = 0 ;
+        printf("Turning OFF Debug message\n") ;
+        CyaSSL_Debugging_OFF() ;
+    } else {
+        CyasslDebug = 1 ;
+        printf("Turning ON Debug message\n") ;
+        CyaSSL_Debugging_ON() ;
+    }
+}
+#endif
+
+static void help_comm(void *args) 
+{
+    static char *commands[] = {
+        "test", 
+        "benchmark",
+        "echoserver&            : simple echo server in background mode",
+        "echoclient             : simple echo client followed by any input string, or \"quit\", \"break\"",
+        "server&                : simple server in background mode",
+        "client                 : simple client",
+        "client -g -v [0123] -h xxx.xxx.xxx.xxx -p 443  : usage example",
+        "server/client -h        :  help for server/client command",
+        "help",
+        ""  
+    } ;
+
+    int i ;
+    printf("Commands:\n") ;
+    for(i=0; commands[i][0] ; i++)
+        printf("    %s\n", commands[i]) ;
+
+}
+
+
+
+#define BG_JOB_STACK_SIZE 8000
+#if (!defined(NO_SIMPLE_SERVER) && !defined(NO_ECHOSERVER)) && \
+                                                   defined(HAVE_KEIL_RTX)
+#if !defined(CYASSL_CMSIS_RTOS)
+static char bg_job_stack[BG_JOB_STACK_SIZE] ;
+#endif
+
+#endif
+
+#define COMMAND_STACK_SIZE 10000
+#if defined(HAVE_KEIL_RTX) && !defined(CYASSL_CMSIS_RTOS)
+static char command_stack[COMMAND_STACK_SIZE] ;
+#endif
+
+
+#ifdef  HAVE_KEIL_RTX
+static   CyaSSL_Mutex command_mutex ;
+#endif
+
+void exit_command(void) {
+	  printf("Command Aborted\n") ;
+    #ifdef CYASSL_CMSIS_RTOS
+        osThreadTerminate(osThreadGetId()) ;
+    #else
+        os_tsk_delete_self() ;
+    #endif
+}
+
+
+/***********    Invoke Forground Command  *********************/
+static void command_invoke(void const *args) 
+{
+    void (*func)(void const * ) ;
+    int i,iteration ;
+    
+    func = (void(*)(void const *))((func_args *)args)->argv[0] ; 
+    #ifdef  HAVE_KEIL_RTX
+    LockMutex((CyaSSL_Mutex *)&command_mutex) ;
+    #endif
+    iteration = for_iteration ;
+    for(i=0; i< iteration; i++) {
+        if(iteration > 1) printf("--- Start for %d ---->\n", i) ;
+        #if defined(HAVE_KEIL_RTX) && !defined(CYASSL_CMSIS_RTOS)
+        stack_fill(command_stack, COMMAND_STACK_SIZE) ;
+        #endif
+                
+        func(args) ;        /* invoke command */
+                
+        #if defined(HAVE_KEIL_RTX)&& !defined(CYASSL_CMSIS_RTOS)
+        stack_check(command_stack, COMMAND_STACK_SIZE) ;
+        #endif
+    }
+
+    if(iteration > 1) 
+    for_iteration = 1 ;
+    osDelay(20000) ;
+    #ifdef HAVE_KEIL_RTX
+        UnLockMutex((CyaSSL_Mutex *)&command_mutex) ;
+        #ifdef CYASSL_CMSIS_RTOS
+            osThreadTerminate(osThreadGetId()) ;
+        #else
+            os_tsk_delete_self() ;
+        #endif
+    #endif
+}
+
+#if defined(HAVE_KEIL_RTX)
+/*******  Invoke Background Job   *******************************/
+static void bg_job_invoke(void const *args) 
+{
+    void (*func)(void const * ) ;
+    BackGround = 1 ; 
+    #if defined(HAVE_KEIL_RTX)&& !defined(CYASSL_CMSIS_RTOS)
+    stack_fill(bg_job_stack, BG_JOB_STACK_SIZE) ;
+    #endif
+
+    func = (void(*)(void const *))((func_args *)args)->argv[0] ; 
+    func(args) ;        /* invoke command */
+    #if defined(HAVE_KEIL_RTX) && !defined(CYASSL_CMSIS_RTOS)
+    stack_check(bg_job_stack, BG_JOB_STACK_SIZE) ;
+    #endif
+    
+    osDelay(20000) ;
+    BackGround = 0 ;
+
+    #ifdef CYASSL_CMSIS_RTOS
+        osThreadTerminate(osThreadGetId()) ;
+    #else   
+        os_tsk_delete_self() ; ;
+    #endif
+}
+#endif
+
+#define LINESIZE 100
+static char line[LINESIZE] ;
+
+#if defined(CYASSL_CMSIS_RTOS)
+    osThreadDef (command_invoke, osPriorityAboveNormal , 1, COMMAND_STACK_SIZE) ;
+    osThreadDef (bg_job_invoke, osPriorityNormal , 1 , BG_JOB_STACK_SIZE) ;
+#endif
+/********* SHEULL MAIN LOOP ***********************************/
+void shell_main(void *arg) {
+    int i ; 
+    func_args args ;
+    int bf_flg ;
+   
+    i = BackGround ; 
+        /* Dummy for avoiding warning: BackGround is defined but not used. */
+    
+ #if defined(HAVE_KEIL_RTX)
+    InitMutex(&command_mutex) ;
+#endif
+    help_comm(NULL) ;
+    
+    printf("Starting Shell\n") ;
+    while(1) {
+        if(getline(line,  LINESIZE, &args, &bf_flg) > 0) {
+        for(i=0; commandTable[i].func != NULL; i++) {
+            if(strcmp(commandTable[i].command, args.argv[0]) == 0) {
+            args.argv[0] = (char *) commandTable[i].func ;
+                if(bf_flg == FORGROUND) {
+                    #if defined(HAVE_KEIL_RTX) && !defined(CYASSL_CMSIS_RTOS)
+                        UnLockMutex((CyaSSL_Mutex *)&command_mutex) ;
+                        os_tsk_create_user_ex( (void(*)(void *))&command_invoke, 7,
+                                 command_stack, COMMAND_STACK_SIZE, &args) ;
+                    #else
+                        #if defined(CYASSL_CMSIS_RTOS)
+                             UnLockMutex((CyaSSL_Mutex *)&command_mutex) ;
+                             osThreadCreate (osThread (command_invoke) , &args);   
+                        #else
+                              command_invoke(&args) ;
+                        #endif
+                    #endif
+                    #ifdef  HAVE_KEIL_RTX
+                    LockMutex((CyaSSL_Mutex *)&command_mutex) ;
+                    #endif
+                } else {
+                    #if (!defined(NO_SIMPLE_SERVER) && \
+                         !defined(NO_ECHOSERVER)) && \
+                         defined(HAVE_KEIL_RTX)
+                    if(BackGround != 0) {
+                        printf("Multiple background servers not supported.\n") ;
+                    } else {
+                        printf("\"%s\" is running with the background mode.\n", 
+                                                     commandTable[i].command) ;
+                        #if  defined(HAVE_KEIL_RTX) && !defined(CYASSL_CMSIS_RTOS)
+                             os_tsk_create_user_ex( (void(*)(void *))&bg_job_invoke, 
+                                   6, bg_job_stack, BG_JOB_STACK_SIZE, &args) ;
+                        #else
+                                osThreadCreate (osThread (bg_job_invoke),  &args); 
+                                osDelay (500) ;
+                        #endif
+                    }
+                    #else
+                    printf("Invalid Command: no background job\n") ;
+                    #endif
+                }
+                break ;
+            }
+        }
+        if(commandTable[i].func == NULL)
+            printf("Command not found\n") ;
+        }
+    }
+}
+
diff --git a/3P/wolfssl/IDE/MDK5-ARM/Projects/CyaSSL-Full/test.c b/3P/wolfssl/IDE/MDK5-ARM/Projects/CyaSSL-Full/test.c
new file mode 100644
index 00000000..43f9e795
--- /dev/null
+++ b/3P/wolfssl/IDE/MDK5-ARM/Projects/CyaSSL-Full/test.c
@@ -0,0 +1,4758 @@
+/* test.c
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+#ifdef HAVE_CONFIG_H
+    #include 
+#endif
+
+#include 
+
+#ifdef XMALLOC_USER
+    #include   /* we're using malloc / free direct here */
+#endif
+
+#ifndef NO_CRYPT_TEST
+
+#ifdef CYASSL_TEST_CERT
+    #include 
+#else
+    #include 
+#endif
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#ifdef HAVE_ECC
+    #include 
+#endif
+#ifdef HAVE_BLAKE2
+    #include 
+#endif
+#ifdef HAVE_LIBZ
+    #include 
+#endif
+#ifdef HAVE_PKCS7
+    #include 
+#endif
+
+#ifdef _MSC_VER
+    /* 4996 warning to use MS extensions e.g., strcpy_s instead of strncpy */
+    #pragma warning(disable: 4996)
+#endif
+
+#ifdef OPENSSL_EXTRA
+    #include 
+    #include 
+    #include 
+    #include 
+#endif
+
+
+#if defined(USE_CERT_BUFFERS_1024) || defined(USE_CERT_BUFFERS_2048)
+    /* include test cert and key buffers for use with NO_FILESYSTEM */
+    #if defined(CYASSL_MDK_ARM)
+        #include "cert_data.h"
+                        /* use certs_test.c for initial data, so other
+                                               commands can share the data. */
+    #else
+        #include 
+    #endif
+#endif
+
+#if defined(CYASSL_MDK_ARM)
+        #include 
+        #include 
+    extern FILE * CyaSSL_fopen(const char *fname, const char *mode) ;
+    #define fopen CyaSSL_fopen
+#endif
+
+#ifdef HAVE_NTRU
+    #include "crypto_ntru.h"
+#endif
+#ifdef HAVE_CAVIUM
+    #include "cavium_sysdep.h"
+    #include "cavium_common.h"
+    #include "cavium_ioctl.h"
+#endif
+
+#ifdef FREESCALE_MQX
+    #include 
+    #include 
+    #include 
+#else
+    #include 
+#endif
+
+
+#ifdef THREADX
+    /* since just testing, use THREADX log printf instead */
+    int dc_log_printf(char*, ...);
+        #undef printf
+        #define printf dc_log_printf
+#endif
+
+#include "ctaocrypt/test/test.h"
+
+
+typedef struct testVector {
+    const char*  input;
+    const char*  output;
+    size_t inLen;
+    size_t outLen;
+} testVector;
+
+int  md2_test(void);
+int  md5_test(void);
+int  md4_test(void);
+int  sha_test(void);
+int  sha256_test(void);
+int  sha512_test(void);
+int  sha384_test(void);
+int  hmac_md5_test(void);
+int  hmac_sha_test(void);
+int  hmac_sha256_test(void);
+int  hmac_sha384_test(void);
+int  hmac_sha512_test(void);
+int  hmac_blake2b_test(void);
+int  hkdf_test(void);
+int  arc4_test(void);
+int  hc128_test(void);
+int  rabbit_test(void);
+int  des_test(void);
+int  des3_test(void);
+int  aes_test(void);
+int  aesgcm_test(void);
+int  gmac_test(void);
+int  aesccm_test(void);
+int  camellia_test(void);
+int  rsa_test(void);
+int  dh_test(void);
+int  dsa_test(void);
+int  random_test(void);
+int  pwdbased_test(void);
+int  ripemd_test(void);
+int  openssl_test(void);   /* test mini api */
+int pbkdf1_test(void);
+int pkcs12_test(void);
+int pbkdf2_test(void);
+#ifdef HAVE_ECC
+    int  ecc_test(void);
+    #ifdef HAVE_ECC_ENCRYPT
+        int  ecc_encrypt_test(void);
+    #endif
+#endif
+#ifdef HAVE_BLAKE2
+    int  blake2b_test(void);
+#endif
+#ifdef HAVE_LIBZ
+    int compress_test(void);
+#endif
+#ifdef HAVE_PKCS7
+    int pkcs7enveloped_test(void);
+    int pkcs7signed_test(void);
+#endif
+
+
+
+static void err_sys(const char* msg, int es)
+{
+    printf("%s error = %d\n", msg, es);
+    #if !defined(THREADX) && !defined(CYASSL_MDK_ARM)
+  	if (msg)
+        exit(es);
+    #endif
+    return;
+}
+
+/* func_args from test.h, so don't have to pull in other junk */
+typedef struct func_args {
+    int    argc;
+    char** argv;
+    int    return_code;
+} func_args;
+
+
+
+void ctaocrypt_test(void* args)
+{
+    int ret = 0;
+
+    ((func_args*)args)->return_code = -1; /* error state */
+
+#if !defined(NO_BIG_INT)
+    if (CheckCtcSettings() != 1)
+        err_sys("Build vs runtime math mismatch\n", -1234);
+
+#ifdef USE_FAST_MATH
+    if (CheckFastMathSettings() != 1)
+        err_sys("Build vs runtime fastmath FP_MAX_BITS mismatch\n", -1235);
+#endif /* USE_FAST_MATH */
+#endif /* !NO_BIG_INT */
+
+
+#ifndef NO_MD5
+    if ( (ret = md5_test()) != 0)
+        err_sys("MD5      test failed!\n", ret);
+    else
+        printf( "MD5      test passed!\n");
+#endif
+
+#ifdef CYASSL_MD2
+    if ( (ret = md2_test()) != 0)
+        err_sys("MD2      test failed!\n", ret);
+    else
+        printf( "MD2      test passed!\n");
+#endif
+
+#ifndef NO_MD4
+    if ( (ret = md4_test()) != 0)
+        err_sys("MD4      test failed!\n", ret);
+    else
+        printf( "MD4      test passed!\n");
+#endif
+
+#ifndef NO_SHA
+    if ( (ret = sha_test()) != 0)
+        err_sys("SHA      test failed!\n", ret);
+    else
+        printf( "SHA      test passed!\n");
+#endif
+
+#ifndef NO_SHA256
+    if ( (ret = sha256_test()) != 0)
+        err_sys("SHA-256  test failed!\n", ret);
+    else
+        printf( "SHA-256  test passed!\n");
+#endif
+
+#ifdef CYASSL_SHA384
+    if ( (ret = sha384_test()) != 0)
+        err_sys("SHA-384  test failed!\n", ret);
+    else
+        printf( "SHA-384  test passed!\n");
+#endif
+
+#ifdef CYASSL_SHA512
+    if ( (ret = sha512_test()) != 0)
+        err_sys("SHA-512  test failed!\n", ret);
+    else
+        printf( "SHA-512  test passed!\n");
+#endif
+
+#ifdef CYASSL_RIPEMD
+    if ( (ret = ripemd_test()) != 0)
+        err_sys("RIPEMD   test failed!\n", ret);
+    else
+        printf( "RIPEMD   test passed!\n");
+#endif
+
+#ifdef HAVE_BLAKE2
+    if ( (ret = blake2b_test()) != 0)
+        err_sys("BLAKE2b  test failed!\n", ret);
+    else
+        printf( "BLAKE2b  test passed!\n");
+#endif
+
+#ifndef NO_HMAC
+    #ifndef NO_MD5
+        if ( (ret = hmac_md5_test()) != 0)
+            err_sys("HMAC-MD5 test failed!\n", ret);
+        else
+            printf( "HMAC-MD5 test passed!\n");
+    #endif
+
+    #ifndef NO_SHA
+    if ( (ret = hmac_sha_test()) != 0)
+        err_sys("HMAC-SHA test failed!\n", ret);
+    else
+        printf( "HMAC-SHA test passed!\n");
+    #endif
+
+    #ifndef NO_SHA256
+        if ( (ret = hmac_sha256_test()) != 0)
+            err_sys("HMAC-SHA256 test failed!\n", ret);
+        else
+            printf( "HMAC-SHA256 test passed!\n");
+    #endif
+
+    #ifdef CYASSL_SHA384
+        if ( (ret = hmac_sha384_test()) != 0)
+            err_sys("HMAC-SHA384 test failed!\n", ret);
+        else
+            printf( "HMAC-SHA384 test passed!\n");
+    #endif
+
+    #ifdef CYASSL_SHA512
+        if ( (ret = hmac_sha512_test()) != 0)
+            err_sys("HMAC-SHA512 test failed!\n", ret);
+        else
+            printf( "HMAC-SHA512 test passed!\n");
+    #endif
+
+    #ifdef HAVE_BLAKE2
+        if ( (ret = hmac_blake2b_test()) != 0)
+            err_sys("HMAC-BLAKE2 test failed!\n", ret);
+        else
+            printf( "HMAC-BLAKE2 test passed!\n");
+    #endif
+
+    #ifdef HAVE_HKDF
+        if ( (ret = hkdf_test()) != 0)
+            err_sys("HMAC-KDF    test failed!\n", ret);
+        else
+            printf( "HMAC-KDF    test passed!\n");
+    #endif
+
+#endif
+
+#ifdef HAVE_AESGCM
+    if ( (ret = gmac_test()) != 0)
+        err_sys("GMAC     test passed!\n", ret);
+    else
+        printf( "GMAC     test passed!\n");
+#endif
+
+#ifndef NO_RC4
+    if ( (ret = arc4_test()) != 0)
+        err_sys("ARC4     test failed!\n", ret);
+    else
+        printf( "ARC4     test passed!\n");
+#endif
+
+#ifndef NO_HC128
+    if ( (ret = hc128_test()) != 0)
+        err_sys("HC-128   test failed!\n", ret);
+    else
+        printf( "HC-128   test passed!\n");
+#endif
+
+#ifndef NO_RABBIT
+    if ( (ret = rabbit_test()) != 0)
+        err_sys("Rabbit   test failed!\n", ret);
+    else
+        printf( "Rabbit   test passed!\n");
+#endif
+
+#ifndef NO_DES3
+    if ( (ret = des_test()) != 0)
+        err_sys("DES      test failed!\n", ret);
+    else
+        printf( "DES      test passed!\n");
+#endif
+
+#ifndef NO_DES3
+    if ( (ret = des3_test()) != 0)
+        err_sys("DES3     test failed!\n", ret);
+    else
+        printf( "DES3     test passed!\n");
+#endif
+
+#ifndef NO_AES
+    if ( (ret = aes_test()) != 0)
+        err_sys("AES      test failed!\n", ret);
+    else
+        printf( "AES      test passed!\n");
+
+#ifdef HAVE_AESGCM
+    if ( (ret = aesgcm_test()) != 0)
+        err_sys("AES-GCM  test failed!\n", ret);
+    else
+        printf( "AES-GCM  test passed!\n");
+#endif
+
+#ifdef HAVE_AESCCM
+    if ( (ret = aesccm_test()) != 0)
+        err_sys("AES-CCM  test failed!\n", ret);
+    else
+        printf( "AES-CCM  test passed!\n");
+#endif
+#endif
+
+#ifdef HAVE_CAMELLIA
+    if ( (ret = camellia_test()) != 0)
+        err_sys("CAMELLIA test failed!\n", ret);
+    else
+        printf( "CAMELLIA test passed!\n");
+#endif
+
+    if ( (ret = random_test()) != 0)
+        err_sys("RANDOM   test failed!\n", ret);
+    else
+        printf( "RANDOM   test passed!\n");
+
+#ifndef NO_RSA
+    if ( (ret = rsa_test()) != 0)
+        err_sys("RSA      test failed!\n", ret);
+    else
+        printf( "RSA      test passed!\n");
+#endif
+
+#ifndef NO_DH
+    if ( (ret = dh_test()) != 0)
+        err_sys("DH       test failed!\n", ret);
+    else
+        printf( "DH       test passed!\n");
+#endif
+
+#ifndef NO_DSA
+    if ( (ret = dsa_test()) != 0)
+        err_sys("DSA      test failed!\n", ret);
+    else
+        printf( "DSA      test passed!\n");
+#endif
+
+#ifndef NO_PWDBASED
+    if ( (ret = pwdbased_test()) != 0)
+        err_sys("PWDBASED test failed!\n", ret);
+    else
+        printf( "PWDBASED test passed!\n");
+#endif
+
+#ifdef OPENSSL_EXTRA
+    if ( (ret = openssl_test()) != 0)
+        err_sys("OPENSSL  test failed!\n", ret);
+    else
+        printf( "OPENSSL  test passed!\n");
+#endif
+
+#ifdef HAVE_ECC
+    if ( (ret = ecc_test()) != 0)
+        err_sys("ECC      test failed!\n", ret);
+    else
+        printf( "ECC      test passed!\n");
+    #ifdef HAVE_ECC_ENCRYPT
+        if ( (ret = ecc_encrypt_test()) != 0)
+            err_sys("ECC Enc  test failed!\n", ret);
+        else
+            printf( "ECC Enc  test passed!\n");
+    #endif
+#endif
+
+#ifdef HAVE_LIBZ
+    if ( (ret = compress_test()) != 0)
+        err_sys("COMPRESS test failed!\n", ret);
+    else
+        printf( "COMPRESS test passed!\n");
+#endif
+
+#ifdef HAVE_PKCS7
+    if ( (ret = pkcs7enveloped_test()) != 0)
+        err_sys("PKCS7enveloped test failed!\n", ret);
+    else
+        printf( "PKCS7enveloped test passed!\n");
+
+    if ( (ret = pkcs7signed_test()) != 0)
+        err_sys("PKCS7signed    test failed!\n", ret);
+    else
+        printf( "PKCS7signed    test passed!\n");
+#endif
+
+    ((func_args*)args)->return_code = ret;
+}
+
+
+#ifndef NO_MAIN_DRIVER
+
+#ifdef HAVE_CAVIUM
+
+static int OpenNitroxDevice(int dma_mode,int dev_id)
+{
+   Csp1CoreAssignment core_assign;
+   Uint32             device;
+
+   if (CspInitialize(CAVIUM_DIRECT,CAVIUM_DEV_ID))
+      return -1;
+   if (Csp1GetDevType(&device))
+      return -1;
+   if (device != NPX_DEVICE) {
+      if (ioctl(gpkpdev_hdlr[CAVIUM_DEV_ID], IOCTL_CSP1_GET_CORE_ASSIGNMENT,
+                (Uint32 *)&core_assign)!= 0)
+         return -1;
+   }
+   CspShutdown(CAVIUM_DEV_ID);
+
+   return CspInitialize(dma_mode, dev_id);
+}
+
+#endif /* HAVE_CAVIUM */
+
+    /* so overall tests can pull in test function */
+
+    int main(int argc, char** argv)
+    {
+
+        func_args args;
+
+
+#ifdef HAVE_CAVIUM
+        int ret = OpenNitroxDevice(CAVIUM_DIRECT, CAVIUM_DEV_ID);
+        if (ret != 0)
+            err_sys("Cavium OpenNitroxDevice failed", -1236);
+#endif /* HAVE_CAVIUM */
+
+        args.argc = argc;
+        args.argv = argv;
+
+        ctaocrypt_test(&args);
+
+#ifdef HAVE_CAVIUM
+        CspShutdown(CAVIUM_DEV_ID);
+#endif
+
+        return args.return_code;
+    }
+
+#endif /* NO_MAIN_DRIVER */
+
+
+#ifdef CYASSL_MD2
+int md2_test()
+{
+    Md2  md2;
+    byte hash[MD2_DIGEST_SIZE];
+
+    testVector a, b, c, d, e, f, g;
+    testVector test_md2[7];
+    int times = sizeof(test_md2) / sizeof(testVector), i;
+
+    a.input  = "";
+    a.output = "\x83\x50\xe5\xa3\xe2\x4c\x15\x3d\xf2\x27\x5c\x9f\x80\x69"
+               "\x27\x73";
+    a.inLen  = strlen(a.input);
+    a.outLen = MD2_DIGEST_SIZE;
+
+    b.input  = "a";
+    b.output = "\x32\xec\x01\xec\x4a\x6d\xac\x72\xc0\xab\x96\xfb\x34\xc0"
+               "\xb5\xd1";
+    b.inLen  = strlen(b.input);
+    b.outLen = MD2_DIGEST_SIZE;
+
+    c.input  = "abc";
+    c.output = "\xda\x85\x3b\x0d\x3f\x88\xd9\x9b\x30\x28\x3a\x69\xe6\xde"
+               "\xd6\xbb";
+    c.inLen  = strlen(c.input);
+    c.outLen = MD2_DIGEST_SIZE;
+
+    d.input  = "message digest";
+    d.output = "\xab\x4f\x49\x6b\xfb\x2a\x53\x0b\x21\x9f\xf3\x30\x31\xfe"
+               "\x06\xb0";
+    d.inLen  = strlen(d.input);
+    d.outLen = MD2_DIGEST_SIZE;
+
+    e.input  = "abcdefghijklmnopqrstuvwxyz";
+    e.output = "\x4e\x8d\xdf\xf3\x65\x02\x92\xab\x5a\x41\x08\xc3\xaa\x47"
+               "\x94\x0b";
+    e.inLen  = strlen(e.input);
+    e.outLen = MD2_DIGEST_SIZE;
+
+    f.input  = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz012345"
+               "6789";
+    f.output = "\xda\x33\xde\xf2\xa4\x2d\xf1\x39\x75\x35\x28\x46\xc3\x03"
+               "\x38\xcd";
+    f.inLen  = strlen(f.input);
+    f.outLen = MD2_DIGEST_SIZE;
+
+    g.input  = "1234567890123456789012345678901234567890123456789012345678"
+               "9012345678901234567890";
+    g.output = "\xd5\x97\x6f\x79\xd8\x3d\x3a\x0d\xc9\x80\x6c\x3c\x66\xf3"
+               "\xef\xd8";
+    g.inLen  = strlen(g.input);
+    g.outLen = MD2_DIGEST_SIZE;
+
+    test_md2[0] = a;
+    test_md2[1] = b;
+    test_md2[2] = c;
+    test_md2[3] = d;
+    test_md2[4] = e;
+    test_md2[5] = f;
+    test_md2[6] = g;
+
+    InitMd2(&md2);
+
+    for (i = 0; i < times; ++i) {
+        Md2Update(&md2, (byte*)test_md2[i].input, (word32)test_md2[i].inLen);
+        Md2Final(&md2, hash);
+
+        if (memcmp(hash, test_md2[i].output, MD2_DIGEST_SIZE) != 0)
+            return -155 - i;
+    }
+
+    return 0;
+}
+#endif
+
+#ifndef NO_MD5
+int md5_test(void)
+{
+    Md5  md5;
+    byte hash[MD5_DIGEST_SIZE];
+
+    testVector a, b, c, d, e;
+    testVector test_md5[5];
+    int times = sizeof(test_md5) / sizeof(testVector), i;
+
+    a.input  = "abc";
+    a.output = "\x90\x01\x50\x98\x3c\xd2\x4f\xb0\xd6\x96\x3f\x7d\x28\xe1\x7f"
+               "\x72";
+    a.inLen  = strlen(a.input);
+    a.outLen = MD5_DIGEST_SIZE;
+
+    b.input  = "message digest";
+    b.output = "\xf9\x6b\x69\x7d\x7c\xb7\x93\x8d\x52\x5a\x2f\x31\xaa\xf1\x61"
+               "\xd0";
+    b.inLen  = strlen(b.input);
+    b.outLen = MD5_DIGEST_SIZE;
+
+    c.input  = "abcdefghijklmnopqrstuvwxyz";
+    c.output = "\xc3\xfc\xd3\xd7\x61\x92\xe4\x00\x7d\xfb\x49\x6c\xca\x67\xe1"
+               "\x3b";
+    c.inLen  = strlen(c.input);
+    c.outLen = MD5_DIGEST_SIZE;
+
+    d.input  = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz012345"
+               "6789";
+    d.output = "\xd1\x74\xab\x98\xd2\x77\xd9\xf5\xa5\x61\x1c\x2c\x9f\x41\x9d"
+               "\x9f";
+    d.inLen  = strlen(d.input);
+    d.outLen = MD5_DIGEST_SIZE;
+
+    e.input  = "1234567890123456789012345678901234567890123456789012345678"
+               "9012345678901234567890";
+    e.output = "\x57\xed\xf4\xa2\x2b\xe3\xc9\x55\xac\x49\xda\x2e\x21\x07\xb6"
+               "\x7a";
+    e.inLen  = strlen(e.input);
+    e.outLen = MD5_DIGEST_SIZE;
+
+    test_md5[0] = a;
+    test_md5[1] = b;
+    test_md5[2] = c;
+    test_md5[3] = d;
+    test_md5[4] = e;
+
+    InitMd5(&md5);
+
+    for (i = 0; i < times; ++i) {
+        Md5Update(&md5, (byte*)test_md5[i].input, (word32)test_md5[i].inLen);
+        Md5Final(&md5, hash);
+
+        if (memcmp(hash, test_md5[i].output, MD5_DIGEST_SIZE) != 0)
+            return -5 - i;
+    }
+
+    return 0;
+}
+#endif /* NO_MD5 */
+
+
+#ifndef NO_MD4
+
+int md4_test(void)
+{
+    Md4  md4;
+    byte hash[MD4_DIGEST_SIZE];
+
+    testVector a, b, c, d, e, f, g;
+    testVector test_md4[7];
+    int times = sizeof(test_md4) / sizeof(testVector), i;
+
+    a.input  = "";
+    a.output = "\x31\xd6\xcf\xe0\xd1\x6a\xe9\x31\xb7\x3c\x59\xd7\xe0\xc0\x89"
+               "\xc0";
+    a.inLen  = strlen(a.input);
+    a.outLen = MD4_DIGEST_SIZE;
+
+    b.input  = "a";
+    b.output = "\xbd\xe5\x2c\xb3\x1d\xe3\x3e\x46\x24\x5e\x05\xfb\xdb\xd6\xfb"
+               "\x24";
+    b.inLen  = strlen(b.input);
+    b.outLen = MD4_DIGEST_SIZE;
+
+    c.input  = "abc";
+    c.output = "\xa4\x48\x01\x7a\xaf\x21\xd8\x52\x5f\xc1\x0a\xe8\x7a\xa6\x72"
+               "\x9d";
+    c.inLen  = strlen(c.input);
+    c.outLen = MD4_DIGEST_SIZE;
+
+    d.input  = "message digest";
+    d.output = "\xd9\x13\x0a\x81\x64\x54\x9f\xe8\x18\x87\x48\x06\xe1\xc7\x01"
+               "\x4b";
+    d.inLen  = strlen(d.input);
+    d.outLen = MD4_DIGEST_SIZE;
+
+    e.input  = "abcdefghijklmnopqrstuvwxyz";
+    e.output = "\xd7\x9e\x1c\x30\x8a\xa5\xbb\xcd\xee\xa8\xed\x63\xdf\x41\x2d"
+               "\xa9";
+    e.inLen  = strlen(e.input);
+    e.outLen = MD4_DIGEST_SIZE;
+
+    f.input  = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz012345"
+               "6789";
+    f.output = "\x04\x3f\x85\x82\xf2\x41\xdb\x35\x1c\xe6\x27\xe1\x53\xe7\xf0"
+               "\xe4";
+    f.inLen  = strlen(f.input);
+    f.outLen = MD4_DIGEST_SIZE;
+
+    g.input  = "1234567890123456789012345678901234567890123456789012345678"
+               "9012345678901234567890";
+    g.output = "\xe3\x3b\x4d\xdc\x9c\x38\xf2\x19\x9c\x3e\x7b\x16\x4f\xcc\x05"
+               "\x36";
+    g.inLen  = strlen(g.input);
+    g.outLen = MD4_DIGEST_SIZE;
+
+    test_md4[0] = a;
+    test_md4[1] = b;
+    test_md4[2] = c;
+    test_md4[3] = d;
+    test_md4[4] = e;
+    test_md4[5] = f;
+    test_md4[6] = g;
+
+    InitMd4(&md4);
+
+    for (i = 0; i < times; ++i) {
+        Md4Update(&md4, (byte*)test_md4[i].input, (word32)test_md4[i].inLen);
+        Md4Final(&md4, hash);
+
+        if (memcmp(hash, test_md4[i].output, MD4_DIGEST_SIZE) != 0)
+            return -205 - i;
+    }
+
+    return 0;
+}
+
+#endif /* NO_MD4 */
+
+#ifndef NO_SHA
+
+int sha_test(void)
+{
+    Sha  sha;
+    byte hash[SHA_DIGEST_SIZE];
+
+    testVector a, b, c, d;
+    testVector test_sha[4];
+    int ret;
+    int times = sizeof(test_sha) / sizeof(struct testVector), i;
+
+    a.input  = "abc";
+    a.output = "\xA9\x99\x3E\x36\x47\x06\x81\x6A\xBA\x3E\x25\x71\x78\x50\xC2"
+               "\x6C\x9C\xD0\xD8\x9D";
+    a.inLen  = strlen(a.input);
+    a.outLen = SHA_DIGEST_SIZE;
+
+    b.input  = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq";
+    b.output = "\x84\x98\x3E\x44\x1C\x3B\xD2\x6E\xBA\xAE\x4A\xA1\xF9\x51\x29"
+               "\xE5\xE5\x46\x70\xF1";
+    b.inLen  = strlen(b.input);
+    b.outLen = SHA_DIGEST_SIZE;
+
+    c.input  = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
+               "aaaaaa";
+    c.output = "\x00\x98\xBA\x82\x4B\x5C\x16\x42\x7B\xD7\xA1\x12\x2A\x5A\x44"
+               "\x2A\x25\xEC\x64\x4D";
+    c.inLen  = strlen(c.input);
+    c.outLen = SHA_DIGEST_SIZE;
+
+    d.input  = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
+               "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
+               "aaaaaaaaaa";
+    d.output = "\xAD\x5B\x3F\xDB\xCB\x52\x67\x78\xC2\x83\x9D\x2F\x15\x1E\xA7"
+               "\x53\x99\x5E\x26\xA0";
+    d.inLen  = strlen(d.input);
+    d.outLen = SHA_DIGEST_SIZE;
+
+    test_sha[0] = a;
+    test_sha[1] = b;
+    test_sha[2] = c;
+    test_sha[3] = d;
+
+    ret = InitSha(&sha);
+    if (ret != 0)
+        return -4001;
+
+    for (i = 0; i < times; ++i) {
+        ShaUpdate(&sha, (byte*)test_sha[i].input, (word32)test_sha[i].inLen);
+        ShaFinal(&sha, hash);
+
+        if (memcmp(hash, test_sha[i].output, SHA_DIGEST_SIZE) != 0)
+            return -10 - i;
+    }
+
+    return 0;
+}
+
+#endif /* NO_SHA */
+
+#ifdef CYASSL_RIPEMD
+int ripemd_test(void)
+{
+    RipeMd  ripemd;
+    byte hash[RIPEMD_DIGEST_SIZE];
+
+    testVector a, b, c, d;
+    testVector test_ripemd[4];
+    int times = sizeof(test_ripemd) / sizeof(struct testVector), i;
+
+    a.input  = "abc";
+    a.output = "\x8e\xb2\x08\xf7\xe0\x5d\x98\x7a\x9b\x04\x4a\x8e\x98\xc6"
+               "\xb0\x87\xf1\x5a\x0b\xfc";
+    a.inLen  = strlen(a.input);
+    a.outLen = RIPEMD_DIGEST_SIZE;
+
+    b.input  = "message digest";
+    b.output = "\x5d\x06\x89\xef\x49\xd2\xfa\xe5\x72\xb8\x81\xb1\x23\xa8"
+               "\x5f\xfa\x21\x59\x5f\x36";
+    b.inLen  = strlen(b.input);
+    b.outLen = RIPEMD_DIGEST_SIZE;
+
+    c.input  = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq";
+    c.output = "\x12\xa0\x53\x38\x4a\x9c\x0c\x88\xe4\x05\xa0\x6c\x27\xdc"
+               "\xf4\x9a\xda\x62\xeb\x2b";
+    c.inLen  = strlen(c.input);
+    c.outLen = RIPEMD_DIGEST_SIZE;
+
+    d.input  = "12345678901234567890123456789012345678901234567890123456"
+               "789012345678901234567890";
+    d.output = "\x9b\x75\x2e\x45\x57\x3d\x4b\x39\xf4\xdb\xd3\x32\x3c\xab"
+               "\x82\xbf\x63\x32\x6b\xfb";
+    d.inLen  = strlen(d.input);
+    d.outLen = RIPEMD_DIGEST_SIZE;
+
+    test_ripemd[0] = a;
+    test_ripemd[1] = b;
+    test_ripemd[2] = c;
+    test_ripemd[3] = d;
+
+    InitRipeMd(&ripemd);
+
+    for (i = 0; i < times; ++i) {
+        RipeMdUpdate(&ripemd, (byte*)test_ripemd[i].input,
+                     (word32)test_ripemd[i].inLen);
+        RipeMdFinal(&ripemd, hash);
+
+        if (memcmp(hash, test_ripemd[i].output, RIPEMD_DIGEST_SIZE) != 0)
+            return -10 - i;
+    }
+
+    return 0;
+}
+#endif /* CYASSL_RIPEMD */
+
+
+#ifdef HAVE_BLAKE2
+
+
+#define BLAKE2_TESTS 3
+
+static const byte blake2b_vec[BLAKE2_TESTS][BLAKE2B_OUTBYTES] =
+{
+  {
+    0x78, 0x6A, 0x02, 0xF7, 0x42, 0x01, 0x59, 0x03,
+    0xC6, 0xC6, 0xFD, 0x85, 0x25, 0x52, 0xD2, 0x72,
+    0x91, 0x2F, 0x47, 0x40, 0xE1, 0x58, 0x47, 0x61,
+    0x8A, 0x86, 0xE2, 0x17, 0xF7, 0x1F, 0x54, 0x19,
+    0xD2, 0x5E, 0x10, 0x31, 0xAF, 0xEE, 0x58, 0x53,
+    0x13, 0x89, 0x64, 0x44, 0x93, 0x4E, 0xB0, 0x4B,
+    0x90, 0x3A, 0x68, 0x5B, 0x14, 0x48, 0xB7, 0x55,
+    0xD5, 0x6F, 0x70, 0x1A, 0xFE, 0x9B, 0xE2, 0xCE
+  },
+  {
+    0x2F, 0xA3, 0xF6, 0x86, 0xDF, 0x87, 0x69, 0x95,
+    0x16, 0x7E, 0x7C, 0x2E, 0x5D, 0x74, 0xC4, 0xC7,
+    0xB6, 0xE4, 0x8F, 0x80, 0x68, 0xFE, 0x0E, 0x44,
+    0x20, 0x83, 0x44, 0xD4, 0x80, 0xF7, 0x90, 0x4C,
+    0x36, 0x96, 0x3E, 0x44, 0x11, 0x5F, 0xE3, 0xEB,
+    0x2A, 0x3A, 0xC8, 0x69, 0x4C, 0x28, 0xBC, 0xB4,
+    0xF5, 0xA0, 0xF3, 0x27, 0x6F, 0x2E, 0x79, 0x48,
+    0x7D, 0x82, 0x19, 0x05, 0x7A, 0x50, 0x6E, 0x4B
+  },
+  {
+    0x1C, 0x08, 0x79, 0x8D, 0xC6, 0x41, 0xAB, 0xA9,
+    0xDE, 0xE4, 0x35, 0xE2, 0x25, 0x19, 0xA4, 0x72,
+    0x9A, 0x09, 0xB2, 0xBF, 0xE0, 0xFF, 0x00, 0xEF,
+    0x2D, 0xCD, 0x8E, 0xD6, 0xF8, 0xA0, 0x7D, 0x15,
+    0xEA, 0xF4, 0xAE, 0xE5, 0x2B, 0xBF, 0x18, 0xAB,
+    0x56, 0x08, 0xA6, 0x19, 0x0F, 0x70, 0xB9, 0x04,
+    0x86, 0xC8, 0xA7, 0xD4, 0x87, 0x37, 0x10, 0xB1,
+    0x11, 0x5D, 0x3D, 0xEB, 0xBB, 0x43, 0x27, 0xB5
+  }
+};
+
+
+
+int blake2b_test(void)
+{
+    Blake2b b2b;
+    byte    digest[64];
+    byte    input[64];
+    int     i, ret;
+
+    for (i = 0; i < (int)sizeof(input); i++)
+        input[i] = (byte)i;
+
+    for (i = 0; i < BLAKE2_TESTS; i++) {
+        ret = InitBlake2b(&b2b, 64);
+        if (ret != 0)
+            return -4002;
+
+        ret = Blake2bUpdate(&b2b, input, i);
+        if (ret != 0)
+            return -4003;
+
+        ret = Blake2bFinal(&b2b, digest, 64);
+        if (ret != 0)
+            return -4004;
+
+        if (memcmp(digest, blake2b_vec[i], 64) != 0) {
+            return -300 - i;
+        }
+    }
+
+    return 0;
+}
+#endif /* HAVE_BLAKE2 */
+
+
+#ifndef NO_SHA256
+int sha256_test(void)
+{
+    Sha256 sha;
+    byte   hash[SHA256_DIGEST_SIZE];
+
+    testVector a, b;
+    testVector test_sha[2];
+    int ret;
+    int times = sizeof(test_sha) / sizeof(struct testVector), i;
+
+    a.input  = "abc";
+    a.output = "\xBA\x78\x16\xBF\x8F\x01\xCF\xEA\x41\x41\x40\xDE\x5D\xAE\x22"
+               "\x23\xB0\x03\x61\xA3\x96\x17\x7A\x9C\xB4\x10\xFF\x61\xF2\x00"
+               "\x15\xAD";
+    a.inLen  = strlen(a.input);
+    a.outLen = SHA256_DIGEST_SIZE;
+
+    b.input  = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq";
+    b.output = "\x24\x8D\x6A\x61\xD2\x06\x38\xB8\xE5\xC0\x26\x93\x0C\x3E\x60"
+               "\x39\xA3\x3C\xE4\x59\x64\xFF\x21\x67\xF6\xEC\xED\xD4\x19\xDB"
+               "\x06\xC1";
+    b.inLen  = strlen(b.input);
+    b.outLen = SHA256_DIGEST_SIZE;
+
+    test_sha[0] = a;
+    test_sha[1] = b;
+
+    ret = InitSha256(&sha);
+    if (ret != 0)
+        return -4005;
+
+    for (i = 0; i < times; ++i) {
+        ret = Sha256Update(&sha, (byte*)test_sha[i].input,(word32)test_sha[i].inLen);
+        if (ret != 0)
+            return -4006;
+        ret = Sha256Final(&sha, hash);
+        if (ret != 0)
+            return -4007;
+
+        if (memcmp(hash, test_sha[i].output, SHA256_DIGEST_SIZE) != 0)
+            return -10 - i;
+    }
+
+    return 0;
+}
+#endif
+
+
+#ifdef CYASSL_SHA512
+int sha512_test(void)
+{
+    Sha512 sha;
+    byte   hash[SHA512_DIGEST_SIZE];
+    int    ret;
+
+    testVector a, b;
+    testVector test_sha[2];
+    int times = sizeof(test_sha) / sizeof(struct testVector), i;
+
+    a.input  = "abc";
+    a.output = "\xdd\xaf\x35\xa1\x93\x61\x7a\xba\xcc\x41\x73\x49\xae\x20\x41"
+               "\x31\x12\xe6\xfa\x4e\x89\xa9\x7e\xa2\x0a\x9e\xee\xe6\x4b\x55"
+               "\xd3\x9a\x21\x92\x99\x2a\x27\x4f\xc1\xa8\x36\xba\x3c\x23\xa3"
+               "\xfe\xeb\xbd\x45\x4d\x44\x23\x64\x3c\xe8\x0e\x2a\x9a\xc9\x4f"
+               "\xa5\x4c\xa4\x9f";
+    a.inLen  = strlen(a.input);
+    a.outLen = SHA512_DIGEST_SIZE;
+
+    b.input  = "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhi"
+               "jklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu";
+    b.output = "\x8e\x95\x9b\x75\xda\xe3\x13\xda\x8c\xf4\xf7\x28\x14\xfc\x14"
+               "\x3f\x8f\x77\x79\xc6\xeb\x9f\x7f\xa1\x72\x99\xae\xad\xb6\x88"
+               "\x90\x18\x50\x1d\x28\x9e\x49\x00\xf7\xe4\x33\x1b\x99\xde\xc4"
+               "\xb5\x43\x3a\xc7\xd3\x29\xee\xb6\xdd\x26\x54\x5e\x96\xe5\x5b"
+               "\x87\x4b\xe9\x09";
+    b.inLen  = strlen(b.input);
+    b.outLen = SHA512_DIGEST_SIZE;
+
+    test_sha[0] = a;
+    test_sha[1] = b;
+
+    ret = InitSha512(&sha);
+    if (ret != 0)
+        return -4009;
+
+    for (i = 0; i < times; ++i) {
+        ret = Sha512Update(&sha, (byte*)test_sha[i].input,(word32)test_sha[i].inLen);
+        if (ret != 0)
+            return -4010;
+
+        ret = Sha512Final(&sha, hash);
+        if (ret != 0)
+            return -4011;
+
+        if (memcmp(hash, test_sha[i].output, SHA512_DIGEST_SIZE) != 0)
+            return -10 - i;
+    }
+
+    return 0;
+}
+#endif
+
+
+#ifdef CYASSL_SHA384
+int sha384_test(void)
+{
+    Sha384 sha;
+    byte   hash[SHA384_DIGEST_SIZE];
+    int    ret;
+
+    testVector a, b;
+    testVector test_sha[2];
+    int times = sizeof(test_sha) / sizeof(struct testVector), i;
+
+    a.input  = "abc";
+    a.output = "\xcb\x00\x75\x3f\x45\xa3\x5e\x8b\xb5\xa0\x3d\x69\x9a\xc6\x50"
+               "\x07\x27\x2c\x32\xab\x0e\xde\xd1\x63\x1a\x8b\x60\x5a\x43\xff"
+               "\x5b\xed\x80\x86\x07\x2b\xa1\xe7\xcc\x23\x58\xba\xec\xa1\x34"
+               "\xc8\x25\xa7";
+    a.inLen  = strlen(a.input);
+    a.outLen = SHA384_DIGEST_SIZE;
+
+    b.input  = "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhi"
+               "jklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu";
+    b.output = "\x09\x33\x0c\x33\xf7\x11\x47\xe8\x3d\x19\x2f\xc7\x82\xcd\x1b"
+               "\x47\x53\x11\x1b\x17\x3b\x3b\x05\xd2\x2f\xa0\x80\x86\xe3\xb0"
+               "\xf7\x12\xfc\xc7\xc7\x1a\x55\x7e\x2d\xb9\x66\xc3\xe9\xfa\x91"
+               "\x74\x60\x39";
+    b.inLen  = strlen(b.input);
+    b.outLen = SHA384_DIGEST_SIZE;
+
+    test_sha[0] = a;
+    test_sha[1] = b;
+
+    ret = InitSha384(&sha);
+    if (ret != 0)
+        return -4012;
+
+    for (i = 0; i < times; ++i) {
+        ret = Sha384Update(&sha, (byte*)test_sha[i].input,(word32)test_sha[i].inLen);
+        if (ret != 0)
+            return -4013;
+
+        ret = Sha384Final(&sha, hash);
+        if (ret != 0)
+            return -4014;
+
+        if (memcmp(hash, test_sha[i].output, SHA384_DIGEST_SIZE) != 0)
+            return -10 - i;
+    }
+
+    return 0;
+}
+#endif /* CYASSL_SHA384 */
+
+
+#if !defined(NO_HMAC) && !defined(NO_MD5)
+int hmac_md5_test(void)
+{
+    Hmac hmac;
+    byte hash[MD5_DIGEST_SIZE];
+
+    const char* keys[]=
+    {
+        "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b",
+        "Jefe",
+        "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
+    };
+
+    testVector a, b, c;
+    testVector test_hmac[3];
+
+    int ret;
+    int times = sizeof(test_hmac) / sizeof(testVector), i;
+
+    a.input  = "Hi There";
+    a.output = "\x92\x94\x72\x7a\x36\x38\xbb\x1c\x13\xf4\x8e\xf8\x15\x8b\xfc"
+               "\x9d";
+    a.inLen  = strlen(a.input);
+    a.outLen = MD5_DIGEST_SIZE;
+
+    b.input  = "what do ya want for nothing?";
+    b.output = "\x75\x0c\x78\x3e\x6a\xb0\xb5\x03\xea\xa8\x6e\x31\x0a\x5d\xb7"
+               "\x38";
+    b.inLen  = strlen(b.input);
+    b.outLen = MD5_DIGEST_SIZE;
+
+    c.input  = "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
+               "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
+               "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
+               "\xDD\xDD\xDD\xDD\xDD\xDD";
+    c.output = "\x56\xbe\x34\x52\x1d\x14\x4c\x88\xdb\xb8\xc7\x33\xf0\xe8\xb3"
+               "\xf6";
+    c.inLen  = strlen(c.input);
+    c.outLen = MD5_DIGEST_SIZE;
+
+    test_hmac[0] = a;
+    test_hmac[1] = b;
+    test_hmac[2] = c;
+
+    for (i = 0; i < times; ++i) {
+#ifdef HAVE_CAVIUM
+        if (i == 1)
+            continue; /* driver can't handle keys <= bytes */
+        if (HmacInitCavium(&hmac, CAVIUM_DEV_ID) != 0)
+            return -20009;
+#endif
+        ret = HmacSetKey(&hmac, MD5, (byte*)keys[i], (word32)strlen(keys[i]));
+        if (ret != 0)
+            return -4015;
+        ret = HmacUpdate(&hmac, (byte*)test_hmac[i].input,
+                   (word32)test_hmac[i].inLen);
+        if (ret != 0)
+            return -4016;
+        ret = HmacFinal(&hmac, hash);
+        if (ret != 0)
+            return -4017;
+
+        if (memcmp(hash, test_hmac[i].output, MD5_DIGEST_SIZE) != 0)
+            return -20 - i;
+#ifdef HAVE_CAVIUM
+        HmacFreeCavium(&hmac);
+#endif
+    }
+
+    return 0;
+}
+#endif /* NO_HMAC && NO_MD5 */
+
+#if !defined(NO_HMAC) && !defined(NO_SHA)
+int hmac_sha_test(void)
+{
+    Hmac hmac;
+    byte hash[SHA_DIGEST_SIZE];
+
+    const char* keys[]=
+    {
+        "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b"
+                                                                "\x0b\x0b\x0b",
+        "Jefe",
+        "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
+                                                                "\xAA\xAA\xAA"
+    };
+
+    testVector a, b, c;
+    testVector test_hmac[3];
+
+    int ret;
+    int times = sizeof(test_hmac) / sizeof(testVector), i;
+
+    a.input  = "Hi There";
+    a.output = "\xb6\x17\x31\x86\x55\x05\x72\x64\xe2\x8b\xc0\xb6\xfb\x37\x8c"
+               "\x8e\xf1\x46\xbe\x00";
+    a.inLen  = strlen(a.input);
+    a.outLen = SHA_DIGEST_SIZE;
+
+    b.input  = "what do ya want for nothing?";
+    b.output = "\xef\xfc\xdf\x6a\xe5\xeb\x2f\xa2\xd2\x74\x16\xd5\xf1\x84\xdf"
+               "\x9c\x25\x9a\x7c\x79";
+    b.inLen  = strlen(b.input);
+    b.outLen = SHA_DIGEST_SIZE;
+
+    c.input  = "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
+               "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
+               "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
+               "\xDD\xDD\xDD\xDD\xDD\xDD";
+    c.output = "\x12\x5d\x73\x42\xb9\xac\x11\xcd\x91\xa3\x9a\xf4\x8a\xa1\x7b"
+               "\x4f\x63\xf1\x75\xd3";
+    c.inLen  = strlen(c.input);
+    c.outLen = SHA_DIGEST_SIZE;
+
+    test_hmac[0] = a;
+    test_hmac[1] = b;
+    test_hmac[2] = c;
+
+    for (i = 0; i < times; ++i) {
+#ifdef HAVE_CAVIUM
+        if (i == 1)
+            continue; /* driver can't handle keys <= bytes */
+        if (HmacInitCavium(&hmac, CAVIUM_DEV_ID) != 0)
+            return -20010;
+#endif
+        ret = HmacSetKey(&hmac, SHA, (byte*)keys[i], (word32)strlen(keys[i]));
+        if (ret != 0)
+            return -4018;
+        ret = HmacUpdate(&hmac, (byte*)test_hmac[i].input,
+                   (word32)test_hmac[i].inLen);
+        if (ret != 0)
+            return -4019;
+        ret = HmacFinal(&hmac, hash);
+        if (ret != 0)
+            return -4020;
+
+        if (memcmp(hash, test_hmac[i].output, SHA_DIGEST_SIZE) != 0)
+            return -20 - i;
+#ifdef HAVE_CAVIUM
+        HmacFreeCavium(&hmac);
+#endif
+    }
+
+    return 0;
+}
+#endif
+
+
+#if !defined(NO_HMAC) && !defined(NO_SHA256)
+int hmac_sha256_test(void)
+{
+    Hmac hmac;
+    byte hash[SHA256_DIGEST_SIZE];
+
+    const char* keys[]=
+    {
+        "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b"
+                                                                "\x0b\x0b\x0b",
+        "Jefe",
+        "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
+                                                                "\xAA\xAA\xAA"
+    };
+
+    testVector a, b, c;
+    testVector test_hmac[3];
+
+    int ret;
+    int times = sizeof(test_hmac) / sizeof(testVector), i;
+
+    a.input  = "Hi There";
+    a.output = "\xb0\x34\x4c\x61\xd8\xdb\x38\x53\x5c\xa8\xaf\xce\xaf\x0b\xf1"
+               "\x2b\x88\x1d\xc2\x00\xc9\x83\x3d\xa7\x26\xe9\x37\x6c\x2e\x32"
+               "\xcf\xf7";
+    a.inLen  = strlen(a.input);
+    a.outLen = SHA256_DIGEST_SIZE;
+
+    b.input  = "what do ya want for nothing?";
+    b.output = "\x5b\xdc\xc1\x46\xbf\x60\x75\x4e\x6a\x04\x24\x26\x08\x95\x75"
+               "\xc7\x5a\x00\x3f\x08\x9d\x27\x39\x83\x9d\xec\x58\xb9\x64\xec"
+               "\x38\x43";
+    b.inLen  = strlen(b.input);
+    b.outLen = SHA256_DIGEST_SIZE;
+
+    c.input  = "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
+               "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
+               "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
+               "\xDD\xDD\xDD\xDD\xDD\xDD";
+    c.output = "\x77\x3e\xa9\x1e\x36\x80\x0e\x46\x85\x4d\xb8\xeb\xd0\x91\x81"
+               "\xa7\x29\x59\x09\x8b\x3e\xf8\xc1\x22\xd9\x63\x55\x14\xce\xd5"
+               "\x65\xfe";
+    c.inLen  = strlen(c.input);
+    c.outLen = SHA256_DIGEST_SIZE;
+
+    test_hmac[0] = a;
+    test_hmac[1] = b;
+    test_hmac[2] = c;
+
+    for (i = 0; i < times; ++i) {
+#ifdef HAVE_CAVIUM
+        if (i == 1)
+            continue; /* driver can't handle keys <= bytes */
+        if (HmacInitCavium(&hmac, CAVIUM_DEV_ID) != 0)
+            return -20011;
+#endif
+        ret = HmacSetKey(&hmac, SHA256, (byte*)keys[i],(word32)strlen(keys[i]));
+        if (ret != 0)
+            return -4021;
+        ret = HmacUpdate(&hmac, (byte*)test_hmac[i].input,
+                   (word32)test_hmac[i].inLen);
+        if (ret != 0)
+            return -4022;
+        ret = HmacFinal(&hmac, hash);
+        if (ret != 0)
+            return -4023;
+
+        if (memcmp(hash, test_hmac[i].output, SHA256_DIGEST_SIZE) != 0)
+            return -20 - i;
+#ifdef HAVE_CAVIUM
+        HmacFreeCavium(&hmac);
+#endif
+    }
+
+    return 0;
+}
+#endif
+
+
+#if !defined(NO_HMAC) && defined(HAVE_BLAKE2)
+int hmac_blake2b_test(void)
+{
+    Hmac hmac;
+    byte hash[BLAKE2B_256];
+
+    const char* keys[]=
+    {
+        "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b"
+                                                                "\x0b\x0b\x0b",
+        "Jefe",
+        "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
+                                                                "\xAA\xAA\xAA"
+    };
+
+    testVector a, b, c;
+    testVector test_hmac[3];
+
+    int ret;
+    int times = sizeof(test_hmac) / sizeof(testVector), i;
+
+    a.input  = "Hi There";
+    a.output = "\x72\x93\x0d\xdd\xf5\xf7\xe1\x78\x38\x07\x44\x18\x0b\x3f\x51"
+               "\x37\x25\xb5\x82\xc2\x08\x83\x2f\x1c\x99\xfd\x03\xa0\x16\x75"
+               "\xac\xfd";
+    a.inLen  = strlen(a.input);
+    a.outLen = BLAKE2B_256;
+
+    b.input  = "what do ya want for nothing?";
+    b.output = "\x3d\x20\x50\x71\x05\xc0\x8c\x0c\x38\x44\x1e\xf7\xf9\xd1\x67"
+               "\x21\xff\x64\xf5\x94\x00\xcf\xf9\x75\x41\xda\x88\x61\x9d\x7c"
+               "\xda\x2b";
+    b.inLen  = strlen(b.input);
+    b.outLen = BLAKE2B_256;
+
+    c.input  = "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
+               "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
+               "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
+               "\xDD\xDD\xDD\xDD\xDD\xDD";
+    c.output = "\xda\xfe\x2a\x24\xfc\xe7\xea\x36\x34\xbe\x41\x92\xc7\x11\xa7"
+               "\x00\xae\x53\x9c\x11\x9c\x80\x74\x55\x22\x25\x4a\xb9\x55\xd3"
+               "\x0f\x87";
+    c.inLen  = strlen(c.input);
+    c.outLen = BLAKE2B_256;
+
+    test_hmac[0] = a;
+    test_hmac[1] = b;
+    test_hmac[2] = c;
+
+    for (i = 0; i < times; ++i) {
+#ifdef HAVE_CAVIUM
+        if (i == 1)
+            continue; /* driver can't handle keys <= bytes */
+        if (HmacInitCavium(&hmac, CAVIUM_DEV_ID) != 0)
+            return -20011;
+#endif
+        ret = HmacSetKey(&hmac, BLAKE2B_ID, (byte*)keys[i],
+                         (word32)strlen(keys[i]));
+        if (ret != 0)
+            return -4024;
+        ret = HmacUpdate(&hmac, (byte*)test_hmac[i].input,
+                   (word32)test_hmac[i].inLen);
+        if (ret != 0)
+            return -4025;
+        ret = HmacFinal(&hmac, hash);
+        if (ret != 0)
+            return -4026;
+
+        if (memcmp(hash, test_hmac[i].output, BLAKE2B_256) != 0)
+            return -20 - i;
+#ifdef HAVE_CAVIUM
+        HmacFreeCavium(&hmac);
+#endif
+    }
+
+    return 0;
+}
+#endif
+
+
+#if !defined(NO_HMAC) && defined(CYASSL_SHA384)
+int hmac_sha384_test(void)
+{
+    Hmac hmac;
+    byte hash[SHA384_DIGEST_SIZE];
+
+    const char* keys[]=
+    {
+        "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b"
+                                                                "\x0b\x0b\x0b",
+        "Jefe",
+        "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
+                                                                "\xAA\xAA\xAA"
+    };
+
+    testVector a, b, c;
+    testVector test_hmac[3];
+
+    int ret;
+    int times = sizeof(test_hmac) / sizeof(testVector), i;
+
+    a.input  = "Hi There";
+    a.output = "\xaf\xd0\x39\x44\xd8\x48\x95\x62\x6b\x08\x25\xf4\xab\x46\x90"
+               "\x7f\x15\xf9\xda\xdb\xe4\x10\x1e\xc6\x82\xaa\x03\x4c\x7c\xeb"
+               "\xc5\x9c\xfa\xea\x9e\xa9\x07\x6e\xde\x7f\x4a\xf1\x52\xe8\xb2"
+               "\xfa\x9c\xb6";
+    a.inLen  = strlen(a.input);
+    a.outLen = SHA384_DIGEST_SIZE;
+
+    b.input  = "what do ya want for nothing?";
+    b.output = "\xaf\x45\xd2\xe3\x76\x48\x40\x31\x61\x7f\x78\xd2\xb5\x8a\x6b"
+               "\x1b\x9c\x7e\xf4\x64\xf5\xa0\x1b\x47\xe4\x2e\xc3\x73\x63\x22"
+               "\x44\x5e\x8e\x22\x40\xca\x5e\x69\xe2\xc7\x8b\x32\x39\xec\xfa"
+               "\xb2\x16\x49";
+    b.inLen  = strlen(b.input);
+    b.outLen = SHA384_DIGEST_SIZE;
+
+    c.input  = "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
+               "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
+               "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
+               "\xDD\xDD\xDD\xDD\xDD\xDD";
+    c.output = "\x88\x06\x26\x08\xd3\xe6\xad\x8a\x0a\xa2\xac\xe0\x14\xc8\xa8"
+               "\x6f\x0a\xa6\x35\xd9\x47\xac\x9f\xeb\xe8\x3e\xf4\xe5\x59\x66"
+               "\x14\x4b\x2a\x5a\xb3\x9d\xc1\x38\x14\xb9\x4e\x3a\xb6\xe1\x01"
+               "\xa3\x4f\x27";
+    c.inLen  = strlen(c.input);
+    c.outLen = SHA384_DIGEST_SIZE;
+
+    test_hmac[0] = a;
+    test_hmac[1] = b;
+    test_hmac[2] = c;
+
+    for (i = 0; i < times; ++i) {
+        ret = HmacSetKey(&hmac, SHA384, (byte*)keys[i],(word32)strlen(keys[i]));
+        if (ret != 0)
+            return -4027;
+        ret = HmacUpdate(&hmac, (byte*)test_hmac[i].input,
+                   (word32)test_hmac[i].inLen);
+        if (ret != 0)
+            return -4028;
+        ret = HmacFinal(&hmac, hash);
+        if (ret != 0)
+            return -4029;
+
+        if (memcmp(hash, test_hmac[i].output, SHA384_DIGEST_SIZE) != 0)
+            return -20 - i;
+    }
+
+    return 0;
+}
+#endif
+
+
+#if !defined(NO_HMAC) && defined(CYASSL_SHA512)
+int hmac_sha512_test(void)
+{
+    Hmac hmac;
+    byte hash[SHA512_DIGEST_SIZE];
+
+    const char* keys[]=
+    {
+        "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b"
+                                                                "\x0b\x0b\x0b",
+        "Jefe",
+        "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
+                                                                "\xAA\xAA\xAA"
+    };
+
+    testVector a, b, c;
+    testVector test_hmac[3];
+
+    int ret;
+    int times = sizeof(test_hmac) / sizeof(testVector), i;
+
+    a.input  = "Hi There";
+    a.output = "\x87\xaa\x7c\xde\xa5\xef\x61\x9d\x4f\xf0\xb4\x24\x1a\x1d\x6c"
+               "\xb0\x23\x79\xf4\xe2\xce\x4e\xc2\x78\x7a\xd0\xb3\x05\x45\xe1"
+               "\x7c\xde\xda\xa8\x33\xb7\xd6\xb8\xa7\x02\x03\x8b\x27\x4e\xae"
+               "\xa3\xf4\xe4\xbe\x9d\x91\x4e\xeb\x61\xf1\x70\x2e\x69\x6c\x20"
+               "\x3a\x12\x68\x54";
+    a.inLen  = strlen(a.input);
+    a.outLen = SHA512_DIGEST_SIZE;
+
+    b.input  = "what do ya want for nothing?";
+    b.output = "\x16\x4b\x7a\x7b\xfc\xf8\x19\xe2\xe3\x95\xfb\xe7\x3b\x56\xe0"
+               "\xa3\x87\xbd\x64\x22\x2e\x83\x1f\xd6\x10\x27\x0c\xd7\xea\x25"
+               "\x05\x54\x97\x58\xbf\x75\xc0\x5a\x99\x4a\x6d\x03\x4f\x65\xf8"
+               "\xf0\xe6\xfd\xca\xea\xb1\xa3\x4d\x4a\x6b\x4b\x63\x6e\x07\x0a"
+               "\x38\xbc\xe7\x37";
+    b.inLen  = strlen(b.input);
+    b.outLen = SHA512_DIGEST_SIZE;
+
+    c.input  = "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
+               "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
+               "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
+               "\xDD\xDD\xDD\xDD\xDD\xDD";
+    c.output = "\xfa\x73\xb0\x08\x9d\x56\xa2\x84\xef\xb0\xf0\x75\x6c\x89\x0b"
+               "\xe9\xb1\xb5\xdb\xdd\x8e\xe8\x1a\x36\x55\xf8\x3e\x33\xb2\x27"
+               "\x9d\x39\xbf\x3e\x84\x82\x79\xa7\x22\xc8\x06\xb4\x85\xa4\x7e"
+               "\x67\xc8\x07\xb9\x46\xa3\x37\xbe\xe8\x94\x26\x74\x27\x88\x59"
+               "\xe1\x32\x92\xfb";
+    c.inLen  = strlen(c.input);
+    c.outLen = SHA512_DIGEST_SIZE;
+
+    test_hmac[0] = a;
+    test_hmac[1] = b;
+    test_hmac[2] = c;
+
+    for (i = 0; i < times; ++i) {
+        ret = HmacSetKey(&hmac, SHA512, (byte*)keys[i],(word32)strlen(keys[i]));
+        if (ret != 0)
+            return -4030;
+        ret = HmacUpdate(&hmac, (byte*)test_hmac[i].input,
+                   (word32)test_hmac[i].inLen);
+        if (ret != 0)
+            return -4031;
+        ret = HmacFinal(&hmac, hash);
+        if (ret != 0)
+            return -4032;
+
+        if (memcmp(hash, test_hmac[i].output, SHA512_DIGEST_SIZE) != 0)
+            return -20 - i;
+    }
+
+    return 0;
+}
+#endif
+
+
+#ifndef NO_RC4
+int arc4_test(void)
+{
+    byte cipher[16];
+    byte plain[16];
+
+    const char* keys[] =
+    {
+        "\x01\x23\x45\x67\x89\xab\xcd\xef",
+        "\x01\x23\x45\x67\x89\xab\xcd\xef",
+        "\x00\x00\x00\x00\x00\x00\x00\x00",
+        "\xef\x01\x23\x45"
+    };
+
+    testVector a, b, c, d;
+    testVector test_arc4[4];
+
+    int times = sizeof(test_arc4) / sizeof(testVector), i;
+
+    a.input  = "\x01\x23\x45\x67\x89\xab\xcd\xef";
+    a.output = "\x75\xb7\x87\x80\x99\xe0\xc5\x96";
+    a.inLen  = 8;
+    a.outLen = 8;
+
+    b.input  = "\x00\x00\x00\x00\x00\x00\x00\x00";
+    b.output = "\x74\x94\xc2\xe7\x10\x4b\x08\x79";
+    b.inLen  = 8;
+    b.outLen = 8;
+
+    c.input  = "\x00\x00\x00\x00\x00\x00\x00\x00";
+    c.output = "\xde\x18\x89\x41\xa3\x37\x5d\x3a";
+    c.inLen  = 8;
+    c.outLen = 8;
+
+    d.input  = "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00";
+    d.output = "\xd6\xa1\x41\xa7\xec\x3c\x38\xdf\xbd\x61";
+    d.inLen  = 10;
+    d.outLen = 10;
+
+    test_arc4[0] = a;
+    test_arc4[1] = b;
+    test_arc4[2] = c;
+    test_arc4[3] = d;
+
+    for (i = 0; i < times; ++i) {
+        Arc4 enc;
+        Arc4 dec;
+        int  keylen = 8;  /* strlen with key 0x00 not good */
+        if (i == 3)
+            keylen = 4;
+
+#ifdef HAVE_CAVIUM
+        if (Arc4InitCavium(&enc, CAVIUM_DEV_ID) != 0)
+            return -20001;
+        if (Arc4InitCavium(&dec, CAVIUM_DEV_ID) != 0)
+            return -20002;
+#endif
+
+        Arc4SetKey(&enc, (byte*)keys[i], keylen);
+        Arc4SetKey(&dec, (byte*)keys[i], keylen);
+
+        Arc4Process(&enc, cipher, (byte*)test_arc4[i].input,
+                    (word32)test_arc4[i].outLen);
+        Arc4Process(&dec, plain,  cipher, (word32)test_arc4[i].outLen);
+
+        if (memcmp(plain, test_arc4[i].input, test_arc4[i].outLen))
+            return -20 - i;
+
+        if (memcmp(cipher, test_arc4[i].output, test_arc4[i].outLen))
+            return -20 - 5 - i;
+
+#ifdef HAVE_CAVIUM
+        Arc4FreeCavium(&enc);
+        Arc4FreeCavium(&dec);
+#endif
+    }
+
+    return 0;
+}
+#endif
+
+
+int hc128_test(void)
+{
+#ifdef HAVE_HC128
+    byte cipher[16];
+    byte plain[16];
+
+    const char* keys[] =
+    {
+        "\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
+        "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
+        "\x00\x53\xA6\xF9\x4C\x9F\xF2\x45\x98\xEB\x3E\x91\xE4\x37\x8A\xDD",
+        "\x0F\x62\xB5\x08\x5B\xAE\x01\x54\xA7\xFA\x4D\xA0\xF3\x46\x99\xEC"
+    };
+
+    const char* ivs[] =
+    {
+        "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
+        "\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
+        "\x0D\x74\xDB\x42\xA9\x10\x77\xDE\x45\xAC\x13\x7A\xE1\x48\xAF\x16",
+        "\x28\x8F\xF6\x5D\xC4\x2B\x92\xF9\x60\xC7\x2E\x95\xFC\x63\xCA\x31"
+    };
+
+
+    testVector a, b, c, d;
+    testVector test_hc128[4];
+
+    int times = sizeof(test_hc128) / sizeof(testVector), i;
+
+    a.input  = "\x00\x00\x00\x00\x00\x00\x00\x00";
+    a.output = "\x37\x86\x02\xB9\x8F\x32\xA7\x48";
+    a.inLen  = 8;
+    a.outLen = 8;
+
+    b.input  = "\x00\x00\x00\x00\x00\x00\x00\x00";
+    b.output = "\x33\x7F\x86\x11\xC6\xED\x61\x5F";
+    b.inLen  = 8;
+    b.outLen = 8;
+
+    c.input  = "\x00\x00\x00\x00\x00\x00\x00\x00";
+    c.output = "\x2E\x1E\xD1\x2A\x85\x51\xC0\x5A";
+    c.inLen  = 8;
+    c.outLen = 8;
+
+    d.input  = "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00";
+    d.output = "\x1C\xD8\xAE\xDD\xFE\x52\xE2\x17\xE8\x35\xD0\xB7\xE8\x4E\x29";
+    d.inLen  = 15;
+    d.outLen = 15;
+
+    test_hc128[0] = a;
+    test_hc128[1] = b;
+    test_hc128[2] = c;
+    test_hc128[3] = d;
+
+    for (i = 0; i < times; ++i) {
+        HC128 enc;
+        HC128 dec;
+
+        /* align keys/ivs in plain/cipher buffers */
+        memcpy(plain,  keys[i], 16);
+        memcpy(cipher, ivs[i],  16);
+
+        Hc128_SetKey(&enc, plain, cipher);
+        Hc128_SetKey(&dec, plain, cipher);
+
+        /* align input */
+        memcpy(plain, test_hc128[i].input, test_hc128[i].outLen);
+        Hc128_Process(&enc, cipher, plain,  (word32)test_hc128[i].outLen);
+        Hc128_Process(&dec, plain,  cipher, (word32)test_hc128[i].outLen);
+
+        if (memcmp(plain, test_hc128[i].input, test_hc128[i].outLen))
+            return -120 - i;
+
+        if (memcmp(cipher, test_hc128[i].output, test_hc128[i].outLen))
+            return -120 - 5 - i;
+    }
+
+#endif /* HAVE_HC128 */
+    return 0;
+}
+
+
+#ifndef NO_RABBIT
+int rabbit_test(void)
+{
+    byte cipher[16];
+    byte plain[16];
+
+    const char* keys[] =
+    {
+        "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
+        "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
+        "\xAC\xC3\x51\xDC\xF1\x62\xFC\x3B\xFE\x36\x3D\x2E\x29\x13\x28\x91"
+    };
+
+    const char* ivs[] =
+    {
+        "\x00\x00\x00\x00\x00\x00\x00\x00",
+        "\x59\x7E\x26\xC1\x75\xF5\x73\xC3",
+        0
+    };
+
+    testVector a, b, c;
+    testVector test_rabbit[3];
+
+    int times = sizeof(test_rabbit) / sizeof(testVector), i;
+
+    a.input  = "\x00\x00\x00\x00\x00\x00\x00\x00";
+    a.output = "\xED\xB7\x05\x67\x37\x5D\xCD\x7C";
+    a.inLen  = 8;
+    a.outLen = 8;
+
+    b.input  = "\x00\x00\x00\x00\x00\x00\x00\x00";
+    b.output = "\x6D\x7D\x01\x22\x92\xCC\xDC\xE0";
+    b.inLen  = 8;
+    b.outLen = 8;
+
+    c.input  = "\x00\x00\x00\x00\x00\x00\x00\x00";
+    c.output = "\x04\xCE\xCA\x7A\x1A\x86\x6E\x77";
+    c.inLen  = 8;
+    c.outLen = 8;
+
+    test_rabbit[0] = a;
+    test_rabbit[1] = b;
+    test_rabbit[2] = c;
+
+    for (i = 0; i < times; ++i) {
+        Rabbit enc;
+        Rabbit dec;
+        byte*  iv;
+
+        /* align keys/ivs in plain/cipher buffers */
+        memcpy(plain,  keys[i], 16);
+        if (ivs[i]) {
+            memcpy(cipher, ivs[i],   8);
+            iv = cipher;
+        } else
+            iv = NULL;
+        RabbitSetKey(&enc, plain, iv);
+        RabbitSetKey(&dec, plain, iv);
+
+        /* align input */
+        memcpy(plain, test_rabbit[i].input, test_rabbit[i].outLen);
+        RabbitProcess(&enc, cipher, plain,  (word32)test_rabbit[i].outLen);
+        RabbitProcess(&dec, plain,  cipher, (word32)test_rabbit[i].outLen);
+
+        if (memcmp(plain, test_rabbit[i].input, test_rabbit[i].outLen))
+            return -130 - i;
+
+        if (memcmp(cipher, test_rabbit[i].output, test_rabbit[i].outLen))
+            return -130 - 5 - i;
+    }
+
+    return 0;
+}
+#endif /* NO_RABBIT */
+
+
+#ifndef NO_DES3
+int des_test(void)
+{
+    const byte vector[] = { /* "now is the time for all " w/o trailing 0 */
+        0x6e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74,
+        0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20,
+        0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20
+    };
+
+    byte plain[24];
+    byte cipher[24];
+
+    Des enc;
+    Des dec;
+
+    const byte key[] =
+    {
+        0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef
+    };
+
+    const byte iv[] =
+    {
+        0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef
+    };
+
+    const byte verify[] =
+    {
+        0x8b,0x7c,0x52,0xb0,0x01,0x2b,0x6c,0xb8,
+        0x4f,0x0f,0xeb,0xf3,0xfb,0x5f,0x86,0x73,
+        0x15,0x85,0xb3,0x22,0x4b,0x86,0x2b,0x4b
+    };
+
+    int ret;
+
+    ret = Des_SetKey(&enc, key, iv, DES_ENCRYPTION);
+    if (ret != 0)
+        return -31;
+
+    Des_CbcEncrypt(&enc, cipher, vector, sizeof(vector));
+    ret = Des_SetKey(&dec, key, iv, DES_DECRYPTION);
+    if (ret != 0)
+        return -32;
+    Des_CbcDecrypt(&dec, plain, cipher, sizeof(cipher));
+
+    if (memcmp(plain, vector, sizeof(plain)))
+        return -33;
+
+    if (memcmp(cipher, verify, sizeof(cipher)))
+        return -34;
+
+    return 0;
+}
+#endif /* NO_DES3 */
+
+
+#ifndef NO_DES3
+int des3_test(void)
+{
+    const byte vector[] = { /* "Now is the time for all " w/o trailing 0 */
+        0x4e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74,
+        0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20,
+        0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20
+    };
+
+    byte plain[24];
+    byte cipher[24];
+
+    Des3 enc;
+    Des3 dec;
+
+    const byte key3[] =
+    {
+        0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef,
+        0xfe,0xde,0xba,0x98,0x76,0x54,0x32,0x10,
+        0x89,0xab,0xcd,0xef,0x01,0x23,0x45,0x67
+    };
+    const byte iv3[] =
+    {
+        0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef,
+        0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
+        0x11,0x21,0x31,0x41,0x51,0x61,0x71,0x81
+
+    };
+
+    const byte verify3[] =
+    {
+        0x43,0xa0,0x29,0x7e,0xd1,0x84,0xf8,0x0e,
+        0x89,0x64,0x84,0x32,0x12,0xd5,0x08,0x98,
+        0x18,0x94,0x15,0x74,0x87,0x12,0x7d,0xb0
+    };
+
+    int ret;
+
+
+#ifdef HAVE_CAVIUM
+    if (Des3_InitCavium(&enc, CAVIUM_DEV_ID) != 0)
+        return -20005;
+    if (Des3_InitCavium(&dec, CAVIUM_DEV_ID) != 0)
+        return -20006;
+#endif
+    ret = Des3_SetKey(&enc, key3, iv3, DES_ENCRYPTION);
+    if (ret != 0)
+        return -31;
+    ret = Des3_SetKey(&dec, key3, iv3, DES_DECRYPTION);
+    if (ret != 0)
+        return -32;
+    ret = Des3_CbcEncrypt(&enc, cipher, vector, sizeof(vector));
+    if (ret != 0)
+        return -33;
+    ret = Des3_CbcDecrypt(&dec, plain, cipher, sizeof(cipher));
+    if (ret != 0)
+        return -34;
+
+    if (memcmp(plain, vector, sizeof(plain)))
+        return -35;
+
+    if (memcmp(cipher, verify3, sizeof(cipher)))
+        return -36;
+
+#ifdef HAVE_CAVIUM
+    Des3_FreeCavium(&enc);
+    Des3_FreeCavium(&dec);
+#endif
+    return 0;
+}
+#endif /* NO_DES */
+
+
+#ifndef NO_AES
+int aes_test(void)
+{
+    Aes enc;
+    Aes dec;
+
+    const byte msg[] = { /* "Now is the time for all " w/o trailing 0 */
+        0x6e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74,
+        0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20,
+        0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20
+    };
+
+    const byte verify[] =
+    {
+        0x95,0x94,0x92,0x57,0x5f,0x42,0x81,0x53,
+        0x2c,0xcc,0x9d,0x46,0x77,0xa2,0x33,0xcb
+    };
+
+    byte key[] = "0123456789abcdef   ";  /* align */
+    byte iv[]  = "1234567890abcdef   ";  /* align */
+
+    byte cipher[AES_BLOCK_SIZE * 4];
+    byte plain [AES_BLOCK_SIZE * 4];
+    int  ret;
+
+#ifdef HAVE_CAVIUM
+        if (AesInitCavium(&enc, CAVIUM_DEV_ID) != 0)
+            return -20003;
+        if (AesInitCavium(&dec, CAVIUM_DEV_ID) != 0)
+            return -20004;
+#endif
+    ret = AesSetKey(&enc, key, AES_BLOCK_SIZE, iv, AES_ENCRYPTION);
+    if (ret != 0)
+        return -1001;
+    ret = AesSetKey(&dec, key, AES_BLOCK_SIZE, iv, AES_DECRYPTION);
+    if (ret != 0)
+        return -1002;
+
+    ret = AesCbcEncrypt(&enc, cipher, msg,   AES_BLOCK_SIZE);
+    if (ret != 0)
+        return -1005;
+    ret = AesCbcDecrypt(&dec, plain, cipher, AES_BLOCK_SIZE);
+    if (ret != 0)
+        return -1006;
+
+    if (memcmp(plain, msg, AES_BLOCK_SIZE))
+        return -60;
+
+    if (memcmp(cipher, verify, AES_BLOCK_SIZE))
+        return -61;
+
+#ifdef HAVE_CAVIUM
+        AesFreeCavium(&enc);
+        AesFreeCavium(&dec);
+#endif
+#ifdef CYASSL_AES_COUNTER
+    {
+        const byte ctrKey[] =
+        {
+            0x2b,0x7e,0x15,0x16,0x28,0xae,0xd2,0xa6,
+            0xab,0xf7,0x15,0x88,0x09,0xcf,0x4f,0x3c
+        };
+
+        const byte ctrIv[] =
+        {
+            0xf0,0xf1,0xf2,0xf3,0xf4,0xf5,0xf6,0xf7,
+            0xf8,0xf9,0xfa,0xfb,0xfc,0xfd,0xfe,0xff
+        };
+
+
+        const byte ctrPlain[] =
+        {
+            0x6b,0xc1,0xbe,0xe2,0x2e,0x40,0x9f,0x96,
+            0xe9,0x3d,0x7e,0x11,0x73,0x93,0x17,0x2a,
+            0xae,0x2d,0x8a,0x57,0x1e,0x03,0xac,0x9c,
+            0x9e,0xb7,0x6f,0xac,0x45,0xaf,0x8e,0x51,
+            0x30,0xc8,0x1c,0x46,0xa3,0x5c,0xe4,0x11,
+            0xe5,0xfb,0xc1,0x19,0x1a,0x0a,0x52,0xef,
+            0xf6,0x9f,0x24,0x45,0xdf,0x4f,0x9b,0x17,
+            0xad,0x2b,0x41,0x7b,0xe6,0x6c,0x37,0x10
+        };
+
+        const byte ctrCipher[] =
+        {
+            0x87,0x4d,0x61,0x91,0xb6,0x20,0xe3,0x26,
+            0x1b,0xef,0x68,0x64,0x99,0x0d,0xb6,0xce,
+            0x98,0x06,0xf6,0x6b,0x79,0x70,0xfd,0xff,
+            0x86,0x17,0x18,0x7b,0xb9,0xff,0xfd,0xff,
+            0x5a,0xe4,0xdf,0x3e,0xdb,0xd5,0xd3,0x5e,
+            0x5b,0x4f,0x09,0x02,0x0d,0xb0,0x3e,0xab,
+            0x1e,0x03,0x1d,0xda,0x2f,0xbe,0x03,0xd1,
+            0x79,0x21,0x70,0xa0,0xf3,0x00,0x9c,0xee
+        };
+
+        const byte oddCipher[] =
+        {
+            0xb9,0xd7,0xcb,0x08,0xb0,0xe1,0x7b,0xa0,
+            0xc2
+        };
+
+        AesSetKeyDirect(&enc, ctrKey, AES_BLOCK_SIZE, ctrIv, AES_ENCRYPTION);
+        /* Ctr only uses encrypt, even on key setup */
+        AesSetKeyDirect(&dec, ctrKey, AES_BLOCK_SIZE, ctrIv, AES_ENCRYPTION);
+
+        AesCtrEncrypt(&enc, cipher, ctrPlain, AES_BLOCK_SIZE*4);
+        AesCtrEncrypt(&dec, plain, cipher, AES_BLOCK_SIZE*4);
+
+        if (memcmp(plain, ctrPlain, AES_BLOCK_SIZE*4))
+            return -66;
+
+        if (memcmp(cipher, ctrCipher, AES_BLOCK_SIZE*4))
+            return -67;
+
+        /* let's try with just 9 bytes, non block size test */
+        AesSetKeyDirect(&enc, ctrKey, AES_BLOCK_SIZE, ctrIv, AES_ENCRYPTION);
+        /* Ctr only uses encrypt, even on key setup */
+        AesSetKeyDirect(&dec, ctrKey, AES_BLOCK_SIZE, ctrIv, AES_ENCRYPTION);
+
+        AesCtrEncrypt(&enc, cipher, ctrPlain, 9);
+        AesCtrEncrypt(&dec, plain, cipher, 9);
+
+        if (memcmp(plain, ctrPlain, 9))
+            return -68;
+
+        if (memcmp(cipher, ctrCipher, 9))
+            return -69;
+
+        /* and an additional 9 bytes to reuse tmp left buffer */
+        AesCtrEncrypt(&enc, cipher, ctrPlain, 9);
+        AesCtrEncrypt(&dec, plain, cipher, 9);
+
+        if (memcmp(plain, ctrPlain, 9))
+            return -70;
+
+        if (memcmp(cipher, oddCipher, 9))
+            return -71;
+    }
+#endif /* CYASSL_AES_COUNTER */
+
+#if defined(CYASSL_AESNI) && defined(CYASSL_AES_DIRECT)
+    {
+        const byte niPlain[] =
+        {
+            0x6b,0xc1,0xbe,0xe2,0x2e,0x40,0x9f,0x96,
+            0xe9,0x3d,0x7e,0x11,0x73,0x93,0x17,0x2a
+        };
+
+        const byte niCipher[] =
+        {
+            0xf3,0xee,0xd1,0xbd,0xb5,0xd2,0xa0,0x3c,
+            0x06,0x4b,0x5a,0x7e,0x3d,0xb1,0x81,0xf8
+        };
+
+        const byte niKey[] =
+        {
+            0x60,0x3d,0xeb,0x10,0x15,0xca,0x71,0xbe,
+            0x2b,0x73,0xae,0xf0,0x85,0x7d,0x77,0x81,
+            0x1f,0x35,0x2c,0x07,0x3b,0x61,0x08,0xd7,
+            0x2d,0x98,0x10,0xa3,0x09,0x14,0xdf,0xf4
+        };
+
+        XMEMSET(cipher, 0, AES_BLOCK_SIZE);
+        ret = AesSetKey(&enc, niKey, sizeof(niKey), cipher, AES_ENCRYPTION);
+        if (ret != 0)
+            return -1003;
+        AesEncryptDirect(&enc, cipher, niPlain);
+        if (XMEMCMP(cipher, niCipher, AES_BLOCK_SIZE) != 0)
+            return -20006;
+
+        XMEMSET(plain, 0, AES_BLOCK_SIZE);
+        ret = AesSetKey(&dec, niKey, sizeof(niKey), plain, AES_DECRYPTION);
+        if (ret != 0)
+            return -1004;
+        AesDecryptDirect(&dec, plain, niCipher);
+        if (XMEMCMP(plain, niPlain, AES_BLOCK_SIZE) != 0)
+            return -20007;
+    }
+#endif /* CYASSL_AESNI && CYASSL_AES_DIRECT */
+
+    return 0;
+}
+
+#ifdef HAVE_AESGCM
+int aesgcm_test(void)
+{
+    Aes enc;
+
+    /*
+     * This is Test Case 16 from the document Galois/
+     * Counter Mode of Operation (GCM) by McGrew and
+     * Viega.
+     */
+    const byte k[] =
+    {
+        0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c,
+        0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08,
+        0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c,
+        0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08
+    };
+
+    const byte iv[] =
+    {
+        0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad,
+        0xde, 0xca, 0xf8, 0x88
+    };
+
+    const byte p[] =
+    {
+        0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5,
+        0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a,
+        0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda,
+        0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72,
+        0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53,
+        0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25,
+        0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57,
+        0xba, 0x63, 0x7b, 0x39
+    };
+
+    const byte a[] =
+    {
+        0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
+        0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
+        0xab, 0xad, 0xda, 0xd2
+    };
+
+    const byte c[] =
+    {
+        0x52, 0x2d, 0xc1, 0xf0, 0x99, 0x56, 0x7d, 0x07,
+        0xf4, 0x7f, 0x37, 0xa3, 0x2a, 0x84, 0x42, 0x7d,
+        0x64, 0x3a, 0x8c, 0xdc, 0xbf, 0xe5, 0xc0, 0xc9,
+        0x75, 0x98, 0xa2, 0xbd, 0x25, 0x55, 0xd1, 0xaa,
+        0x8c, 0xb0, 0x8e, 0x48, 0x59, 0x0d, 0xbb, 0x3d,
+        0xa7, 0xb0, 0x8b, 0x10, 0x56, 0x82, 0x88, 0x38,
+        0xc5, 0xf6, 0x1e, 0x63, 0x93, 0xba, 0x7a, 0x0a,
+        0xbc, 0xc9, 0xf6, 0x62
+    };
+
+    const byte t[] =
+    {
+        0x76, 0xfc, 0x6e, 0xce, 0x0f, 0x4e, 0x17, 0x68,
+        0xcd, 0xdf, 0x88, 0x53, 0xbb, 0x2d, 0x55, 0x1b
+    };
+
+    byte t2[sizeof(t)];
+    byte p2[sizeof(c)];
+    byte c2[sizeof(p)];
+
+    int result;
+
+    memset(t2, 0, sizeof(t2));
+    memset(c2, 0, sizeof(c2));
+    memset(p2, 0, sizeof(p2));
+
+    AesGcmSetKey(&enc, k, sizeof(k));
+    /* AES-GCM encrypt and decrypt both use AES encrypt internally */
+    AesGcmEncrypt(&enc, c2, p, sizeof(c2), iv, sizeof(iv),
+                                                 t2, sizeof(t2), a, sizeof(a));
+    if (memcmp(c, c2, sizeof(c2)))
+        return -68;
+    if (memcmp(t, t2, sizeof(t2)))
+        return -69;
+
+    result = AesGcmDecrypt(&enc, p2, c2, sizeof(p2), iv, sizeof(iv),
+                                                 t2, sizeof(t2), a, sizeof(a));
+    if (result != 0)
+        return -70;
+    if (memcmp(p, p2, sizeof(p2)))
+        return -71;
+
+    return 0;
+}
+
+int gmac_test(void)
+{
+    Gmac gmac;
+
+    const byte k1[] =
+    {
+        0x89, 0xc9, 0x49, 0xe9, 0xc8, 0x04, 0xaf, 0x01,
+        0x4d, 0x56, 0x04, 0xb3, 0x94, 0x59, 0xf2, 0xc8
+    };
+    const byte iv1[] =
+    {
+        0xd1, 0xb1, 0x04, 0xc8, 0x15, 0xbf, 0x1e, 0x94,
+        0xe2, 0x8c, 0x8f, 0x16
+    };
+    const byte a1[] =
+    {
+       0x82, 0xad, 0xcd, 0x63, 0x8d, 0x3f, 0xa9, 0xd9,
+       0xf3, 0xe8, 0x41, 0x00, 0xd6, 0x1e, 0x07, 0x77
+    };
+    const byte t1[] =
+    {
+        0x88, 0xdb, 0x9d, 0x62, 0x17, 0x2e, 0xd0, 0x43,
+        0xaa, 0x10, 0xf1, 0x6d, 0x22, 0x7d, 0xc4, 0x1b
+    };
+
+    const byte k2[] =
+    {
+        0x40, 0xf7, 0xec, 0xb2, 0x52, 0x6d, 0xaa, 0xd4,
+        0x74, 0x25, 0x1d, 0xf4, 0x88, 0x9e, 0xf6, 0x5b
+    };
+    const byte iv2[] =
+    {
+        0xee, 0x9c, 0x6e, 0x06, 0x15, 0x45, 0x45, 0x03,
+        0x1a, 0x60, 0x24, 0xa7
+    };
+    const byte a2[] =
+    {
+        0x94, 0x81, 0x2c, 0x87, 0x07, 0x4e, 0x15, 0x18,
+        0x34, 0xb8, 0x35, 0xaf, 0x1c, 0xa5, 0x7e, 0x56
+    };
+    const byte t2[] =
+    {
+        0xc6, 0x81, 0x79, 0x8e, 0x3d, 0xda, 0xb0, 0x9f,
+        0x8d, 0x83, 0xb0, 0xbb, 0x14, 0xb6, 0x91
+    };
+
+    const byte k3[] =
+    {
+        0xb8, 0xe4, 0x9a, 0x5e, 0x37, 0xf9, 0x98, 0x2b,
+        0xb9, 0x6d, 0xd0, 0xc9, 0xb6, 0xab, 0x26, 0xac
+    };
+    const byte iv3[] =
+    {
+        0xe4, 0x4a, 0x42, 0x18, 0x8c, 0xae, 0x94, 0x92,
+        0x6a, 0x9c, 0x26, 0xb0
+    };
+    const byte a3[] =
+    {
+        0x9d, 0xb9, 0x61, 0x68, 0xa6, 0x76, 0x7a, 0x31,
+        0xf8, 0x29, 0xe4, 0x72, 0x61, 0x68, 0x3f, 0x8a
+    };
+    const byte t3[] =
+    {
+        0x23, 0xe2, 0x9f, 0x66, 0xe4, 0xc6, 0x52, 0x48
+    };
+
+    byte tag[16];
+
+    memset(tag, 0, sizeof(tag));
+    GmacSetKey(&gmac, k1, sizeof(k1));
+    GmacUpdate(&gmac, iv1, sizeof(iv1), a1, sizeof(a1), tag, sizeof(t1));
+    if (memcmp(t1, tag, sizeof(t1)) != 0)
+        return -126;
+
+    memset(tag, 0, sizeof(tag));
+    GmacSetKey(&gmac, k2, sizeof(k2));
+    GmacUpdate(&gmac, iv2, sizeof(iv2), a2, sizeof(a2), tag, sizeof(t2));
+    if (memcmp(t2, tag, sizeof(t2)) != 0)
+        return -127;
+
+    memset(tag, 0, sizeof(tag));
+    GmacSetKey(&gmac, k3, sizeof(k3));
+    GmacUpdate(&gmac, iv3, sizeof(iv3), a3, sizeof(a3), tag, sizeof(t3));
+    if (memcmp(t3, tag, sizeof(t3)) != 0)
+        return -128;
+
+    return 0;
+}
+#endif /* HAVE_AESGCM */
+
+#ifdef HAVE_AESCCM
+int aesccm_test(void)
+{
+    Aes enc;
+
+    /* key */
+    const byte k[] =
+    {
+        0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7,
+        0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf
+    };
+
+    /* nonce */
+    const byte iv[] =
+    {
+        0x00, 0x00, 0x00, 0x03, 0x02, 0x01, 0x00, 0xa0,
+        0xa1, 0xa2, 0xa3, 0xa4, 0xa5
+    };
+
+    /* plaintext */
+    const byte p[] =
+    {
+        0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
+        0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
+        0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e
+    };
+
+    const byte a[] =
+    {
+        0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07
+    };
+
+    const byte c[] =
+    {
+        0x58, 0x8c, 0x97, 0x9a, 0x61, 0xc6, 0x63, 0xd2,
+        0xf0, 0x66, 0xd0, 0xc2, 0xc0, 0xf9, 0x89, 0x80,
+        0x6d, 0x5f, 0x6b, 0x61, 0xda, 0xc3, 0x84
+    };
+
+    const byte t[] =
+    {
+        0x17, 0xe8, 0xd1, 0x2c, 0xfd, 0xf9, 0x26, 0xe0
+    };
+
+    byte t2[sizeof(t)];
+    byte p2[sizeof(p)];
+    byte c2[sizeof(c)];
+
+    int result;
+
+    memset(t2, 0, sizeof(t2));
+    memset(c2, 0, sizeof(c2));
+    memset(p2, 0, sizeof(p2));
+
+    AesCcmSetKey(&enc, k, sizeof(k));
+    /* AES-CCM encrypt and decrypt both use AES encrypt internally */
+    AesCcmEncrypt(&enc, c2, p, sizeof(c2), iv, sizeof(iv),
+                                                 t2, sizeof(t2), a, sizeof(a));
+    if (memcmp(c, c2, sizeof(c2)))
+        return -107;
+    if (memcmp(t, t2, sizeof(t2)))
+        return -108;
+
+    result = AesCcmDecrypt(&enc, p2, c2, sizeof(p2), iv, sizeof(iv),
+                                                 t2, sizeof(t2), a, sizeof(a));
+    if (result != 0)
+        return -109;
+    if (memcmp(p, p2, sizeof(p2)))
+        return -110;
+
+    /* Test the authentication failure */
+    t2[0]++; /* Corrupt the authentication tag. */
+    result = AesCcmDecrypt(&enc, p2, c, sizeof(p2), iv, sizeof(iv),
+                                                 t2, sizeof(t2), a, sizeof(a));
+    if (result == 0)
+        return -111;
+
+    /* Clear c2 to compare against p2. p2 should be set to zero in case of
+     * authentication fail. */
+    memset(c2, 0, sizeof(c2));
+    if (memcmp(p2, c2, sizeof(p2)))
+        return -112;
+
+    return 0;
+}
+#endif /* HAVE_AESCCM */
+
+
+#endif /* NO_AES */
+
+
+#ifdef HAVE_CAMELLIA
+
+enum {
+    CAM_ECB_ENC, CAM_ECB_DEC, CAM_CBC_ENC, CAM_CBC_DEC
+};
+
+typedef struct {
+    int type;
+    const byte* plaintext;
+    const byte* iv;
+    const byte* ciphertext;
+    const byte* key;
+    word32 keySz;
+    int errorCode;
+} test_vector_t;
+
+int camellia_test(void)
+{
+    /* Camellia ECB Test Plaintext */
+    static const byte pte[] =
+    {
+        0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
+        0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10
+    };
+
+    /* Camellia ECB Test Initialization Vector */
+    static const byte ive[] = {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0};
+
+    /* Test 1: Camellia ECB 128-bit key */
+    static const byte k1[] =
+    {
+        0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
+        0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10
+    };
+    static const byte c1[] =
+    {
+        0x67, 0x67, 0x31, 0x38, 0x54, 0x96, 0x69, 0x73,
+        0x08, 0x57, 0x06, 0x56, 0x48, 0xea, 0xbe, 0x43
+    };
+
+    /* Test 2: Camellia ECB 192-bit key */
+    static const byte k2[] =
+    {
+        0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
+        0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
+        0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77
+    };
+    static const byte c2[] =
+    {
+        0xb4, 0x99, 0x34, 0x01, 0xb3, 0xe9, 0x96, 0xf8,
+        0x4e, 0xe5, 0xce, 0xe7, 0xd7, 0x9b, 0x09, 0xb9
+    };
+
+    /* Test 3: Camellia ECB 256-bit key */
+    static const byte k3[] =
+    {
+        0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
+        0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
+        0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
+        0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff
+    };
+    static const byte c3[] =
+    {
+        0x9a, 0xcc, 0x23, 0x7d, 0xff, 0x16, 0xd7, 0x6c,
+        0x20, 0xef, 0x7c, 0x91, 0x9e, 0x3a, 0x75, 0x09
+    };
+
+    /* Camellia CBC Test Plaintext */
+    static const byte ptc[] =
+    {
+        0x6B, 0xC1, 0xBE, 0xE2, 0x2E, 0x40, 0x9F, 0x96,
+        0xE9, 0x3D, 0x7E, 0x11, 0x73, 0x93, 0x17, 0x2A
+    };
+
+    /* Camellia CBC Test Initialization Vector */
+    static const byte ivc[] =
+    {
+        0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+        0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F
+    };
+
+    /* Test 4: Camellia-CBC 128-bit key */
+    static const byte k4[] =
+    {
+        0x2B, 0x7E, 0x15, 0x16, 0x28, 0xAE, 0xD2, 0xA6,
+        0xAB, 0xF7, 0x15, 0x88, 0x09, 0xCF, 0x4F, 0x3C
+    };
+    static const byte c4[] =
+    {
+        0x16, 0x07, 0xCF, 0x49, 0x4B, 0x36, 0xBB, 0xF0,
+        0x0D, 0xAE, 0xB0, 0xB5, 0x03, 0xC8, 0x31, 0xAB
+    };
+
+    /* Test 5: Camellia-CBC 192-bit key */
+    static const byte k5[] =
+    {
+        0x8E, 0x73, 0xB0, 0xF7, 0xDA, 0x0E, 0x64, 0x52,
+        0xC8, 0x10, 0xF3, 0x2B, 0x80, 0x90, 0x79, 0xE5,
+        0x62, 0xF8, 0xEA, 0xD2, 0x52, 0x2C, 0x6B, 0x7B
+    };
+    static const byte c5[] =
+    {
+        0x2A, 0x48, 0x30, 0xAB, 0x5A, 0xC4, 0xA1, 0xA2,
+        0x40, 0x59, 0x55, 0xFD, 0x21, 0x95, 0xCF, 0x93
+    };
+
+    /* Test 6: CBC 256-bit key */
+    static const byte k6[] =
+    {
+        0x60, 0x3D, 0xEB, 0x10, 0x15, 0xCA, 0x71, 0xBE,
+        0x2B, 0x73, 0xAE, 0xF0, 0x85, 0x7D, 0x77, 0x81,
+        0x1F, 0x35, 0x2C, 0x07, 0x3B, 0x61, 0x08, 0xD7,
+        0x2D, 0x98, 0x10, 0xA3, 0x09, 0x14, 0xDF, 0xF4
+    };
+    static const byte c6[] =
+    {
+        0xE6, 0xCF, 0xA3, 0x5F, 0xC0, 0x2B, 0x13, 0x4A,
+        0x4D, 0x2C, 0x0B, 0x67, 0x37, 0xAC, 0x3E, 0xDA
+    };
+
+    byte out[CAMELLIA_BLOCK_SIZE];
+    Camellia cam;
+    int i, testsSz;
+    const test_vector_t testVectors[] =
+    {
+        {CAM_ECB_ENC, pte, ive, c1, k1, sizeof(k1), -114},
+        {CAM_ECB_ENC, pte, ive, c2, k2, sizeof(k2), -115},
+        {CAM_ECB_ENC, pte, ive, c3, k3, sizeof(k3), -116},
+        {CAM_ECB_DEC, pte, ive, c1, k1, sizeof(k1), -117},
+        {CAM_ECB_DEC, pte, ive, c2, k2, sizeof(k2), -118},
+        {CAM_ECB_DEC, pte, ive, c3, k3, sizeof(k3), -119},
+        {CAM_CBC_ENC, ptc, ivc, c4, k4, sizeof(k4), -120},
+        {CAM_CBC_ENC, ptc, ivc, c5, k5, sizeof(k5), -121},
+        {CAM_CBC_ENC, ptc, ivc, c6, k6, sizeof(k6), -122},
+        {CAM_CBC_DEC, ptc, ivc, c4, k4, sizeof(k4), -123},
+        {CAM_CBC_DEC, ptc, ivc, c5, k5, sizeof(k5), -124},
+        {CAM_CBC_DEC, ptc, ivc, c6, k6, sizeof(k6), -125}
+    };
+
+    testsSz = sizeof(testVectors)/sizeof(test_vector_t);
+    for (i = 0; i < testsSz; i++) {
+        if (CamelliaSetKey(&cam, testVectors[i].key, testVectors[i].keySz,
+                                                        testVectors[i].iv) != 0)
+            return testVectors[i].errorCode;
+
+        switch (testVectors[i].type) {
+            case CAM_ECB_ENC:
+                CamelliaEncryptDirect(&cam, out, testVectors[i].plaintext);
+                if (memcmp(out, testVectors[i].ciphertext, CAMELLIA_BLOCK_SIZE))
+                    return testVectors[i].errorCode;
+                break;
+            case CAM_ECB_DEC:
+                CamelliaDecryptDirect(&cam, out, testVectors[i].ciphertext);
+                if (memcmp(out, testVectors[i].plaintext, CAMELLIA_BLOCK_SIZE))
+                    return testVectors[i].errorCode;
+                break;
+            case CAM_CBC_ENC:
+                CamelliaCbcEncrypt(&cam, out, testVectors[i].plaintext,
+                                                           CAMELLIA_BLOCK_SIZE);
+                if (memcmp(out, testVectors[i].ciphertext, CAMELLIA_BLOCK_SIZE))
+                    return testVectors[i].errorCode;
+                break;
+            case CAM_CBC_DEC:
+                CamelliaCbcDecrypt(&cam, out, testVectors[i].ciphertext,
+                                                           CAMELLIA_BLOCK_SIZE);
+                if (memcmp(out, testVectors[i].plaintext, CAMELLIA_BLOCK_SIZE))
+                    return testVectors[i].errorCode;
+                break;
+            default:
+                break;
+        }
+    }
+
+    /* Setting the IV and checking it was actually set. */
+    CamelliaSetIV(&cam, ivc);
+    if (XMEMCMP(cam.reg, ivc, CAMELLIA_BLOCK_SIZE))
+        return -1;
+
+    /* Setting the IV to NULL should be same as all zeros IV */
+    if (CamelliaSetIV(&cam, NULL) != 0 ||
+                                    XMEMCMP(cam.reg, ive, CAMELLIA_BLOCK_SIZE))
+        return -1;
+
+    /* First parameter should never be null */
+    if (CamelliaSetIV(NULL, NULL) == 0)
+        return -1;
+
+    /* First parameter should never be null, check it fails */
+    if (CamelliaSetKey(NULL, k1, sizeof(k1), NULL) == 0)
+        return -1;
+
+    /* Key should have a size of 16, 24, or 32 */
+    if (CamelliaSetKey(&cam, k1, 0, NULL) == 0)
+        return -1;
+
+    return 0;
+}
+#endif /* HAVE_CAMELLIA */
+
+
+int random_test(void)
+{
+    RNG  rng;
+    byte block[32];
+    int ret;
+
+#ifdef HAVE_CAVIUM
+    ret = InitRngCavium(&rng, CAVIUM_DEV_ID);
+    if (ret != 0) return -2007;
+#endif
+    ret = InitRng(&rng);
+    if (ret != 0) return -39;
+
+    ret = RNG_GenerateBlock(&rng, block, sizeof(block));
+    if (ret != 0) return -40;
+
+    return 0;
+}
+
+
+#ifdef HAVE_NTRU
+
+byte GetEntropy(ENTROPY_CMD cmd, byte* out);
+
+byte GetEntropy(ENTROPY_CMD cmd, byte* out)
+{
+    static RNG rng;
+
+    if (cmd == INIT)
+        return (InitRng(&rng) == 0) ? 1 : 0;
+
+    if (out == NULL)
+        return 0;
+
+    if (cmd == GET_BYTE_OF_ENTROPY)
+        return (RNG_GenerateBlock(&rng, out, 1) == 0) ? 1 : 0;
+
+    if (cmd == GET_NUM_BYTES_PER_BYTE_OF_ENTROPY) {
+        *out = 1;
+        return 1;
+    }
+
+    return 0;
+}
+
+#endif /* HAVE_NTRU */
+
+#ifndef NO_RSA
+
+#if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048)
+    #ifdef FREESCALE_MQX
+        static const char* clientKey  = "a:\\certs\\client-key.der";
+        static const char* clientCert = "a:\\certs\\client-cert.der";
+        #ifdef CYASSL_CERT_GEN
+            static const char* caKeyFile  = "a:\\certs\\ca-key.der";
+            static const char* caCertFile = "a:\\certs\\ca-cert.pem";
+            #ifdef HAVE_ECC
+                static const char* eccCaKeyFile  = "a:\\certs\\ecc-key.der";
+                static const char* eccCaCertFile = "a:\\certs\\server-ecc.pem";
+            #endif
+        #endif
+    #elif defined(CYASSL_MKD_SHELL)
+        static char* clientKey = "certs/client-key.der";
+        static char* clientCert = "certs/client-cert.der";
+        void set_clientKey(char *key) {  clientKey = key ; }
+        void set_clientCert(char *cert) {  clientCert = cert ; }
+        #ifdef CYASSL_CERT_GEN
+            static char* caKeyFile  = "certs/ca-key.der";
+            static char* caCertFile = "certs/ca-cert.pem";
+            void set_caKeyFile (char * key)  { caKeyFile   = key ; }
+            void set_caCertFile(char * cert) { caCertFile = cert ; }
+            #ifdef HAVE_ECC
+                static const char* eccCaKeyFile  = "certs/ecc-key.der";
+                static const char* eccCaCertFile = "certs/server-ecc.pem";
+                void set_eccCaKeyFile (char * key)  { eccCaKeyFile  = key ; }
+                void set_eccCaCertFile(char * cert) { eccCaCertFile = cert ; }
+            #endif
+        #endif
+    #else
+        static const char* clientKey  = "./certs/client-key.der";
+        static const char* clientCert = "./certs/client-cert.der";
+        #ifdef CYASSL_CERT_GEN
+            static const char* caKeyFile  = "./certs/ca-key.der";
+            static const char* caCertFile = "./certs/ca-cert.pem";
+            #ifdef HAVE_ECC
+                static const char* eccCaKeyFile  = "./certs/ecc-key.der";
+                static const char* eccCaCertFile = "./certs/server-ecc.pem";
+            #endif
+        #endif
+    #endif
+#endif
+
+
+
+#define FOURK_BUF 4096
+
+int rsa_test(void)
+{
+    byte*   tmp;
+    size_t bytes;
+    RsaKey key;
+    RNG    rng;
+    word32 idx = 0;
+    int    ret;
+    byte   in[] = "Everyone gets Friday off.";
+    word32 inLen = (word32)strlen((char*)in);
+    byte   out[256];
+    byte   plain[256];
+#if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048)
+    FILE*  file, * file2;
+#endif
+#ifdef CYASSL_TEST_CERT
+    DecodedCert cert;
+#endif
+
+    tmp = (byte*)malloc(FOURK_BUF);
+    if (tmp == NULL)
+        return -40;
+
+#ifdef USE_CERT_BUFFERS_1024
+    XMEMCPY(tmp, client_key_der_1024, sizeof_client_key_der_1024);
+    bytes = sizeof_client_key_der_1024;
+#elif defined(USE_CERT_BUFFERS_2048)
+    XMEMCPY(tmp, client_key_der_2048, sizeof_client_key_der_2048);
+    bytes = sizeof_client_key_der_2048;
+#else
+    file = fopen(clientKey, "rb");
+
+    if (!file)
+        err_sys("can't open ./certs/client-key.der, "
+                "Please run from CyaSSL home dir", -40);
+
+    bytes = fread(tmp, 1, FOURK_BUF, file);
+    fclose(file);
+#endif /* USE_CERT_BUFFERS */
+
+#ifdef HAVE_CAVIUM
+    RsaInitCavium(&key, CAVIUM_DEV_ID);
+#endif
+    ret = InitRsaKey(&key, 0);
+    if (ret != 0) return -39;
+    ret = RsaPrivateKeyDecode(tmp, &idx, &key, (word32)bytes);
+    if (ret != 0) return -41;
+
+    ret = InitRng(&rng);
+    if (ret != 0) return -42;
+
+    ret = RsaPublicEncrypt(in, inLen, out, sizeof(out), &key, &rng);
+    if (ret < 0) return -43;
+
+    ret = RsaPrivateDecrypt(out, ret, plain, sizeof(plain), &key);
+    if (ret < 0) return -44;
+
+    if (memcmp(plain, in, inLen)) return -45;
+
+    ret = RsaSSL_Sign(in, inLen, out, sizeof(out), &key, &rng);
+    if (ret < 0) return -46;
+
+    memset(plain, 0, sizeof(plain));
+    ret = RsaSSL_Verify(out, ret, plain, sizeof(plain), &key);
+    if (ret < 0) return -47;
+
+    if (memcmp(plain, in, ret)) return -48;
+
+#if defined(CYASSL_MDK_ARM)
+    #define sizeof(s) strlen((char *)(s))
+#endif
+
+#ifdef USE_CERT_BUFFERS_1024
+    XMEMCPY(tmp, client_cert_der_1024, sizeof_client_cert_der_1024);
+    bytes = sizeof_client_cert_der_1024;
+#elif defined(USE_CERT_BUFFERS_2048)
+    XMEMCPY(tmp, client_cert_der_2048, sizeof_client_cert_der_2048);
+    bytes = sizeof_client_cert_der_2048;
+#else
+    file2 = fopen(clientCert, "rb");
+    if (!file2)
+        return -49;
+
+    bytes = fread(tmp, 1, FOURK_BUF, file2);
+    fclose(file2);
+#endif
+
+#ifdef sizeof
+		#undef sizeof
+#endif
+
+#ifdef CYASSL_TEST_CERT
+    InitDecodedCert(&cert, tmp, (word32)bytes, 0);
+
+    ret = ParseCert(&cert, CERT_TYPE, NO_VERIFY, 0);
+    if (ret != 0) return -491;
+
+    FreeDecodedCert(&cert);
+#else
+    (void)bytes;
+#endif
+
+
+#ifdef CYASSL_KEY_GEN
+    {
+        byte*  der;
+        byte*  pem;
+        int    derSz = 0;
+        int    pemSz = 0;
+        RsaKey derIn;
+        RsaKey genKey;
+        FILE* keyFile;
+        FILE* pemFile;
+
+        ret = InitRsaKey(&genKey, 0);
+        if (ret != 0)
+            return -300;
+        ret = MakeRsaKey(&genKey, 1024, 65537, &rng);
+        if (ret != 0)
+            return -301;
+
+        der = (byte*)malloc(FOURK_BUF);
+        if (der == NULL) {
+            FreeRsaKey(&genKey);
+            return -307;
+        }
+        pem = (byte*)malloc(FOURK_BUF);
+        if (pem == NULL) {
+            free(der);
+            FreeRsaKey(&genKey);
+            return -308;
+        }
+
+        derSz = RsaKeyToDer(&genKey, der, FOURK_BUF);
+        if (derSz < 0) {
+            free(der);
+            free(pem);
+            return -302;
+        }
+
+        keyFile = fopen("./key.der", "wb");
+        if (!keyFile) {
+            free(der);
+            free(pem);
+            FreeRsaKey(&genKey);
+            return -303;
+        }
+        ret = (int)fwrite(der, 1, derSz, keyFile);
+        fclose(keyFile);
+        if (ret != derSz) {
+            free(der);
+            free(pem);
+            FreeRsaKey(&genKey);
+            return -313;
+        }
+
+        pemSz = DerToPem(der, derSz, pem, FOURK_BUF, PRIVATEKEY_TYPE);
+        if (pemSz < 0) {
+            free(der);
+            free(pem);
+            FreeRsaKey(&genKey);
+            return -304;
+        }
+
+        pemFile = fopen("./key.pem", "wb");
+        if (!pemFile) {
+            free(der);
+            free(pem);
+            FreeRsaKey(&genKey);
+            return -305;
+        }
+        ret = (int)fwrite(pem, 1, pemSz, pemFile);
+        fclose(pemFile);
+        if (ret != pemSz) {
+            free(der);
+            free(pem);
+            FreeRsaKey(&genKey);
+            return -314;
+        }
+
+        ret = InitRsaKey(&derIn, 0);
+        if (ret != 0) {
+            free(der);
+            free(pem);
+            FreeRsaKey(&genKey);
+            return -3060;
+        }
+        idx = 0;
+        ret = RsaPrivateKeyDecode(der, &idx, &derIn, derSz);
+        if (ret != 0) {
+            free(der);
+            free(pem);
+            FreeRsaKey(&derIn);
+            FreeRsaKey(&genKey);
+            return -306;
+        }
+
+        FreeRsaKey(&derIn);
+        FreeRsaKey(&genKey);
+        free(pem);
+        free(der);
+    }
+#endif /* CYASSL_KEY_GEN */
+
+
+#ifdef CYASSL_CERT_GEN
+    /* self signed */
+    {
+        Cert        myCert;
+        byte*       derCert;
+        byte*       pem;
+        FILE*       derFile;
+        FILE*       pemFile;
+        int         certSz;
+        int         pemSz;
+#ifdef CYASSL_TEST_CERT
+        DecodedCert decode;
+#endif
+
+        derCert = (byte*)malloc(FOURK_BUF);
+        if (derCert == NULL)
+            return -309;
+        pem = (byte*)malloc(FOURK_BUF);
+        if (pem == NULL) {
+            free(derCert);
+            return -310;
+        }
+
+        InitCert(&myCert);
+
+        strncpy(myCert.subject.country, "US", CTC_NAME_SIZE);
+        strncpy(myCert.subject.state, "OR", CTC_NAME_SIZE);
+        strncpy(myCert.subject.locality, "Portland", CTC_NAME_SIZE);
+        strncpy(myCert.subject.org, "yaSSL", CTC_NAME_SIZE);
+        strncpy(myCert.subject.unit, "Development", CTC_NAME_SIZE);
+        strncpy(myCert.subject.commonName, "www.yassl.com", CTC_NAME_SIZE);
+        strncpy(myCert.subject.email, "info@yassl.com", CTC_NAME_SIZE);
+        myCert.isCA    = 1;
+        myCert.sigType = CTC_SHA256wRSA;
+
+        certSz = MakeSelfCert(&myCert, derCert, FOURK_BUF, &key, &rng);
+        if (certSz < 0) {
+            free(derCert);
+            free(pem);
+            return -401;
+        }
+
+#ifdef CYASSL_TEST_CERT
+        InitDecodedCert(&decode, derCert, certSz, 0);
+        ret = ParseCert(&decode, CERT_TYPE, NO_VERIFY, 0);
+        if (ret != 0) {
+            free(derCert);
+            free(pem);
+            return -402;
+        }
+        FreeDecodedCert(&decode);
+#endif
+        derFile = fopen("./cert.der", "wb");
+        if (!derFile) {
+            free(derCert);
+            free(pem);
+            return -403;
+        }
+        ret = (int)fwrite(derCert, 1, certSz, derFile);
+        fclose(derFile);
+        if (ret != certSz) {
+            free(derCert);
+            free(pem);
+            return -414;
+        }
+
+        pemSz = DerToPem(derCert, certSz, pem, FOURK_BUF, CERT_TYPE);
+        if (pemSz < 0) {
+            free(derCert);
+            free(pem);
+            return -404;
+        }
+
+        pemFile = fopen("./cert.pem", "wb");
+        if (!pemFile) {
+            free(derCert);
+            free(pem);
+            return -405;
+        }
+        ret = (int)fwrite(pem, 1, pemSz, pemFile);
+        fclose(pemFile);
+        if (ret != pemSz) {
+            free(derCert);
+            free(pem);
+            return -406;
+        }
+        free(pem);
+        free(derCert);
+    }
+    /* CA style */
+    {
+        RsaKey      caKey;
+        Cert        myCert;
+        byte*       derCert;
+        byte*       pem;
+        FILE*       derFile;
+        FILE*       pemFile;
+        int         certSz;
+        int         pemSz;
+        size_t      bytes3;
+        word32      idx3 = 0;
+			  FILE* file3 ;
+#ifdef CYASSL_TEST_CERT
+        DecodedCert decode;
+#endif
+
+        derCert = (byte*)malloc(FOURK_BUF);
+        if (derCert == NULL)
+            return -311;
+        pem = (byte*)malloc(FOURK_BUF);
+        if (pem == NULL) {
+            free(derCert);
+            return -312;
+        }
+
+        file3 = fopen(caKeyFile, "rb");
+
+        if (!file3) {
+            free(derCert);
+            free(pem);
+            return -412;
+        }
+
+        bytes3 = fread(tmp, 1, FOURK_BUF, file3);
+        fclose(file3);
+
+        ret = InitRsaKey(&caKey, 0);
+        if (ret != 0) {
+            free(derCert);
+            free(pem);
+            return -411;
+        }
+        ret = RsaPrivateKeyDecode(tmp, &idx3, &caKey, (word32)bytes3);
+        if (ret != 0) {
+            free(derCert);
+            free(pem);
+            FreeRsaKey(&caKey);
+            return -413;
+        }
+
+        InitCert(&myCert);
+
+        strncpy(myCert.subject.country, "US", CTC_NAME_SIZE);
+        strncpy(myCert.subject.state, "OR", CTC_NAME_SIZE);
+        strncpy(myCert.subject.locality, "Portland", CTC_NAME_SIZE);
+        strncpy(myCert.subject.org, "yaSSL", CTC_NAME_SIZE);
+        strncpy(myCert.subject.unit, "Development", CTC_NAME_SIZE);
+        strncpy(myCert.subject.commonName, "www.yassl.com", CTC_NAME_SIZE);
+        strncpy(myCert.subject.email, "info@yassl.com", CTC_NAME_SIZE);
+
+        ret = SetIssuer(&myCert, caCertFile);
+        if (ret < 0) {
+            free(derCert);
+            free(pem);
+            FreeRsaKey(&caKey);
+            return -405;
+        }
+
+        certSz = MakeCert(&myCert, derCert, FOURK_BUF, &key, NULL, &rng);
+        if (certSz < 0) {
+            free(derCert);
+            free(pem);
+            FreeRsaKey(&caKey);
+            return -407;
+        }
+
+        certSz = SignCert(myCert.bodySz, myCert.sigType, derCert, FOURK_BUF,
+                          &caKey, NULL, &rng);
+        if (certSz < 0) {
+            free(derCert);
+            free(pem);
+            FreeRsaKey(&caKey);
+            return -408;
+        }
+
+
+#ifdef CYASSL_TEST_CERT
+        InitDecodedCert(&decode, derCert, certSz, 0);
+        ret = ParseCert(&decode, CERT_TYPE, NO_VERIFY, 0);
+        if (ret != 0) {
+            free(derCert);
+            free(pem);
+            FreeRsaKey(&caKey);
+            return -409;
+        }
+        FreeDecodedCert(&decode);
+#endif
+
+        derFile = fopen("./othercert.der", "wb");
+        if (!derFile) {
+            free(derCert);
+            free(pem);
+            FreeRsaKey(&caKey);
+            return -410;
+        }
+        ret = (int)fwrite(derCert, 1, certSz, derFile);
+        fclose(derFile);
+        if (ret != certSz) {
+            free(derCert);
+            free(pem);
+            FreeRsaKey(&caKey);
+            return -416;
+        }
+
+        pemSz = DerToPem(derCert, certSz, pem, FOURK_BUF, CERT_TYPE);
+        if (pemSz < 0) {
+            free(derCert);
+            free(pem);
+            FreeRsaKey(&caKey);
+            return -411;
+        }
+
+        pemFile = fopen("./othercert.pem", "wb");
+        if (!pemFile) {
+            free(derCert);
+            free(pem);
+            FreeRsaKey(&caKey);
+            return -412;
+        }
+        ret = (int)fwrite(pem, 1, pemSz, pemFile);
+        if (ret != pemSz) {
+            free(derCert);
+            free(pem);
+            FreeRsaKey(&caKey);
+            return -415;
+        }
+        fclose(pemFile);
+        free(pem);
+        free(derCert);
+        FreeRsaKey(&caKey);
+    }
+#ifdef HAVE_ECC
+    /* ECC CA style */
+    {
+        ecc_key     caKey;
+        Cert        myCert;
+        byte*       derCert;
+        byte*       pem;
+        FILE*       derFile;
+        FILE*       pemFile;
+        int         certSz;
+        int         pemSz;
+        size_t      bytes3;
+        word32      idx3 = 0;
+        FILE*       file3;
+#ifdef CYASSL_TEST_CERT
+        DecodedCert decode;
+#endif
+
+        derCert = (byte*)malloc(FOURK_BUF);
+        if (derCert == NULL)
+            return -5311;
+        pem = (byte*)malloc(FOURK_BUF);
+        if (pem == NULL) {
+            free(derCert);
+            return -5312;
+        }
+
+        file3 = fopen(eccCaKeyFile, "rb");
+
+        if (!file3) {
+            free(derCert);
+            free(pem);
+            return -5412;
+        }
+
+        bytes3 = fread(tmp, 1, FOURK_BUF, file3);
+        fclose(file3);
+
+        ecc_init(&caKey);
+        ret = EccPrivateKeyDecode(tmp, &idx3, &caKey, (word32)bytes3);
+        if (ret != 0) {
+            free(derCert);
+            free(pem);
+            return -5413;
+        }
+
+        InitCert(&myCert);
+        myCert.sigType = CTC_SHA256wECDSA;
+
+        strncpy(myCert.subject.country, "US", CTC_NAME_SIZE);
+        strncpy(myCert.subject.state, "OR", CTC_NAME_SIZE);
+        strncpy(myCert.subject.locality, "Portland", CTC_NAME_SIZE);
+        strncpy(myCert.subject.org, "wolfSSL", CTC_NAME_SIZE);
+        strncpy(myCert.subject.unit, "Development", CTC_NAME_SIZE);
+        strncpy(myCert.subject.commonName, "www.wolfssl.com", CTC_NAME_SIZE);
+        strncpy(myCert.subject.email, "info@wolfssl.com", CTC_NAME_SIZE);
+
+        ret = SetIssuer(&myCert, eccCaCertFile);
+        if (ret < 0) {
+            free(pem);
+            free(derCert);
+            ecc_free(&caKey);
+            return -5405;
+        }
+
+        certSz = MakeCert(&myCert, derCert, FOURK_BUF, NULL, &caKey, &rng);
+        if (certSz < 0) {
+            free(pem);
+            free(derCert);
+            ecc_free(&caKey);
+            return -5407;
+        }
+
+        certSz = SignCert(myCert.bodySz, myCert.sigType, derCert, FOURK_BUF,
+                          NULL, &caKey, &rng);
+        if (certSz < 0) {
+            free(pem);
+            free(derCert);
+            ecc_free(&caKey);
+            return -5408;
+        }
+
+#ifdef CYASSL_TEST_CERT
+        InitDecodedCert(&decode, derCert, certSz, 0);
+        ret = ParseCert(&decode, CERT_TYPE, NO_VERIFY, 0);
+        if (ret != 0) {
+            free(pem);
+            free(derCert);
+            ecc_free(&caKey);
+            return -5409;
+        }
+        FreeDecodedCert(&decode);
+#endif
+
+        derFile = fopen("./certecc.der", "wb");
+        if (!derFile) {
+            free(pem);
+            free(derCert);
+            ecc_free(&caKey);
+            return -5410;
+        }
+        ret = (int)fwrite(derCert, 1, certSz, derFile);
+        fclose(derFile);
+        if (ret != certSz) {
+            free(pem);
+            free(derCert);
+            ecc_free(&caKey);
+            return -5414;
+        }
+
+        pemSz = DerToPem(derCert, certSz, pem, FOURK_BUF, CERT_TYPE);
+        if (pemSz < 0) {
+            free(pem);
+            free(derCert);
+            ecc_free(&caKey);
+            return -5411;
+        }
+
+        pemFile = fopen("./certecc.pem", "wb");
+        if (!pemFile) {
+            free(pem);
+            free(derCert);
+            ecc_free(&caKey);
+            return -5412;
+        }
+        ret = (int)fwrite(pem, 1, pemSz, pemFile);
+        if (ret != pemSz) {
+            free(pem);
+            free(derCert);
+            ecc_free(&caKey);
+            return -5415;
+        }
+        fclose(pemFile);
+        free(pem);
+        free(derCert);
+        ecc_free(&caKey);
+    }
+#endif /* HAVE_ECC */
+#ifdef HAVE_NTRU
+    {
+        RsaKey      caKey;
+        Cert        myCert;
+        byte*       derCert;
+        byte*       pem;
+        FILE*       derFile;
+        FILE*       pemFile;
+        FILE*       caFile;
+        FILE*       ntruPrivFile;
+        int         certSz;
+        int         pemSz;
+        word32      idx3;
+#ifdef CYASSL_TEST_CERT
+        DecodedCert decode;
+#endif
+        derCert = (byte*)malloc(FOURK_BUF);
+        if (derCert == NULL)
+            return -311;
+        pem = (byte*)malloc(FOURK_BUF);
+        if (pem == NULL) {
+            free(derCert);
+            return -312;
+        }
+
+        byte   public_key[557];          /* sized for EES401EP2 */
+        word16 public_key_len;           /* no. of octets in public key */
+        byte   private_key[607];         /* sized for EES401EP2 */
+        word16 private_key_len;          /* no. of octets in private key */
+        DRBG_HANDLE drbg;
+        static uint8_t const pers_str[] = {
+                'C', 'y', 'a', 'S', 'S', 'L', ' ', 't', 'e', 's', 't'
+        };
+        word32 rc = crypto_drbg_instantiate(112, pers_str, sizeof(pers_str),
+                                            GetEntropy, &drbg);
+        if (rc != DRBG_OK) {
+            free(derCert);
+            free(pem);
+            return -450;
+        }
+
+        rc = crypto_ntru_encrypt_keygen(drbg, NTRU_EES401EP2, &public_key_len,
+                                        NULL, &private_key_len, NULL);
+        if (rc != NTRU_OK) {
+            free(derCert);
+            free(pem);
+            return -451;
+        }
+
+        rc = crypto_ntru_encrypt_keygen(drbg, NTRU_EES401EP2, &public_key_len,
+                                     public_key, &private_key_len, private_key);
+        crypto_drbg_uninstantiate(drbg);
+
+        if (rc != NTRU_OK) {
+            free(derCert);
+            free(pem);
+            return -452;
+        }
+
+        caFile = fopen(caKeyFile, "rb");
+
+        if (!caFile) {
+            free(derCert);
+            free(pem);
+            return -453;
+        }
+
+        bytes = fread(tmp, 1, FOURK_BUF, caFile);
+        fclose(caFile);
+
+        ret = InitRsaKey(&caKey, 0);
+        if (ret != 0) {
+            free(derCert);
+            free(pem);
+            return -459;
+        }
+        ret = RsaPrivateKeyDecode(tmp, &idx3, &caKey, (word32)bytes);
+        if (ret != 0) {
+            free(derCert);
+            free(pem);
+            return -454;
+        }
+
+        InitCert(&myCert);
+
+        strncpy(myCert.subject.country, "US", CTC_NAME_SIZE);
+        strncpy(myCert.subject.state, "OR", CTC_NAME_SIZE);
+        strncpy(myCert.subject.locality, "Portland", CTC_NAME_SIZE);
+        strncpy(myCert.subject.org, "yaSSL", CTC_NAME_SIZE);
+        strncpy(myCert.subject.unit, "Development", CTC_NAME_SIZE);
+        strncpy(myCert.subject.commonName, "www.yassl.com", CTC_NAME_SIZE);
+        strncpy(myCert.subject.email, "info@yassl.com", CTC_NAME_SIZE);
+
+        ret = SetIssuer(&myCert, caCertFile);
+        if (ret < 0) {
+            free(derCert);
+            free(pem);
+            FreeRsaKey(&caKey);
+            return -455;
+        }
+
+        certSz = MakeNtruCert(&myCert, derCert, FOURK_BUF, public_key,
+                              public_key_len, &rng);
+        if (certSz < 0) {
+            free(derCert);
+            free(pem);
+            FreeRsaKey(&caKey);
+            return -456;
+        }
+
+        certSz = SignCert(myCert.bodySz, myCert.sigType, derCert, FOURK_BUF,
+                          &caKey, NULL, &rng);
+        FreeRsaKey(&caKey);
+        if (certSz < 0) {
+            free(derCert);
+            free(pem);
+            return -457;
+        }
+
+
+#ifdef CYASSL_TEST_CERT
+        InitDecodedCert(&decode, derCert, certSz, 0);
+        ret = ParseCert(&decode, CERT_TYPE, NO_VERIFY, 0);
+        if (ret != 0) {
+            free(derCert);
+            free(pem);
+            return -458;
+        }
+        FreeDecodedCert(&decode);
+#endif
+        derFile = fopen("./ntru-cert.der", "wb");
+        if (!derFile) {
+            free(derCert);
+            free(pem);
+            return -459;
+        }
+        ret = (int)fwrite(derCert, 1, certSz, derFile);
+        fclose(derFile);
+        if (ret != certSz) {
+            free(derCert);
+            free(pem);
+            return -473;
+        }
+
+        pemSz = DerToPem(derCert, certSz, pem, FOURK_BUF, CERT_TYPE);
+        if (pemSz < 0) {
+            free(derCert);
+            free(pem);
+            return -460;
+        }
+
+        pemFile = fopen("./ntru-cert.pem", "wb");
+        if (!pemFile) {
+            free(derCert);
+            free(pem);
+            return -461;
+        }
+        ret = (int)fwrite(pem, 1, pemSz, pemFile);
+        fclose(pemFile);
+        if (ret != pemSz) {
+            free(derCert);
+            free(pem);
+            return -474;
+        }
+
+        ntruPrivFile = fopen("./ntru-key.raw", "wb");
+        if (!ntruPrivFile) {
+            free(derCert);
+            free(pem);
+            return -462;
+        }
+        ret = (int)fwrite(private_key, 1, private_key_len, ntruPrivFile);
+        fclose(ntruPrivFile);
+        if (ret != private_key_len) {
+            free(pem);
+            free(derCert);
+            return -475;
+        }
+        free(pem);
+        free(derCert);
+    }
+#endif /* HAVE_NTRU */
+#ifdef CYASSL_CERT_REQ
+    {
+        Cert        req;
+        byte*       der;
+        byte*       pem;
+        int         derSz;
+        int         pemSz;
+        FILE*       reqFile;
+
+        der = (byte*)malloc(FOURK_BUF);
+        if (der == NULL)
+            return -463;
+        pem = (byte*)malloc(FOURK_BUF);
+        if (pem == NULL) {
+            free(der);
+            return -464;
+        }
+
+        InitCert(&req);
+
+        req.version = 0;
+        req.isCA    = 1;
+        strncpy(req.challengePw, "yassl123", CTC_NAME_SIZE);
+        strncpy(req.subject.country, "US", CTC_NAME_SIZE);
+        strncpy(req.subject.state, "OR", CTC_NAME_SIZE);
+        strncpy(req.subject.locality, "Portland", CTC_NAME_SIZE);
+        strncpy(req.subject.org, "yaSSL", CTC_NAME_SIZE);
+        strncpy(req.subject.unit, "Development", CTC_NAME_SIZE);
+        strncpy(req.subject.commonName, "www.yassl.com", CTC_NAME_SIZE);
+        strncpy(req.subject.email, "info@yassl.com", CTC_NAME_SIZE);
+        req.sigType = CTC_SHA256wRSA;
+
+        derSz = MakeCertReq(&req, der, FOURK_BUF, &key, NULL);
+        if (derSz < 0) {
+            free(pem);
+            free(der);
+            return -465;
+        }
+
+        derSz = SignCert(req.bodySz, req.sigType, der, FOURK_BUF,
+                          &key, NULL, &rng);
+        if (derSz < 0) {
+            free(pem);
+            free(der);
+            return -466;
+        }
+
+        pemSz = DerToPem(der, derSz, pem, FOURK_BUF, CERTREQ_TYPE);
+        if (pemSz < 0) {
+            free(pem);
+            free(der);
+            return -467;
+        }
+
+        reqFile = fopen("./certreq.der", "wb");
+        if (!reqFile) {
+            free(pem);
+            free(der);
+            return -468;
+        }
+
+        ret = (int)fwrite(der, 1, derSz, reqFile);
+        fclose(reqFile);
+        if (ret != derSz) {
+            free(pem);
+            free(der);
+            return -471;
+        }
+
+        reqFile = fopen("./certreq.pem", "wb");
+        if (!reqFile) {
+            free(pem);
+            free(der);
+            return -469;
+        }
+        ret = (int)fwrite(pem, 1, pemSz, reqFile);
+        fclose(reqFile);
+        if (ret != pemSz) {
+            free(pem);
+            free(der);
+            return -470;
+        }
+
+        free(pem);
+        free(der);
+    }
+#endif /* CYASSL_CERT_REQ */
+#endif /* CYASSL_CERT_GEN */
+
+    FreeRsaKey(&key);
+#ifdef HAVE_CAVIUM
+    RsaFreeCavium(&key);
+#endif
+    free(tmp);
+
+    return 0;
+}
+
+#endif
+
+
+#ifndef NO_DH
+
+#if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048)
+    #ifdef FREESCALE_MQX
+        static const char* dhKey = "a:\certs\\dh2048.der";
+    #else
+        static const char* dhKey = "./certs/dh2048.der";
+    #endif
+#endif
+
+int dh_test(void)
+{
+    int    ret;
+    word32 bytes;
+    word32 idx = 0, privSz, pubSz, privSz2, pubSz2, agreeSz, agreeSz2;
+    byte   tmp[1024];
+    byte   priv[256];
+    byte   pub[256];
+    byte   priv2[256];
+    byte   pub2[256];
+    byte   agree[256];
+    byte   agree2[256];
+    DhKey  key;
+    DhKey  key2;
+    RNG    rng;
+
+
+#ifdef USE_CERT_BUFFERS_1024
+    XMEMCPY(tmp, dh_key_der_1024, sizeof_dh_key_der_1024);
+    bytes = sizeof_dh_key_der_1024;
+#elif defined(USE_CERT_BUFFERS_2048)
+    XMEMCPY(tmp, dh_key_der_2048, sizeof_dh_key_der_2048);
+    bytes = sizeof_dh_key_der_2048;
+#else
+    FILE*  file = fopen(dhKey, "rb");
+
+    if (!file)
+        return -50;
+
+    bytes = (word32) fread(tmp, 1, sizeof(tmp), file);
+    fclose(file);
+#endif /* USE_CERT_BUFFERS */
+
+    InitDhKey(&key);
+    InitDhKey(&key2);
+    ret = DhKeyDecode(tmp, &idx, &key, bytes);
+    if (ret != 0)
+        return -51;
+
+    idx = 0;
+    ret = DhKeyDecode(tmp, &idx, &key2, bytes);
+    if (ret != 0)
+        return -52;
+
+    ret = InitRng(&rng);
+    if (ret != 0)
+        return -53;
+
+    ret =  DhGenerateKeyPair(&key, &rng, priv, &privSz, pub, &pubSz);
+    ret += DhGenerateKeyPair(&key2, &rng, priv2, &privSz2, pub2, &pubSz2);
+    if (ret != 0)
+        return -54;
+
+    ret =  DhAgree(&key, agree, &agreeSz, priv, privSz, pub2, pubSz2);
+    ret += DhAgree(&key2, agree2, &agreeSz2, priv2, privSz2, pub, pubSz);
+    if (ret != 0)
+        return -55;
+
+    if (memcmp(agree, agree2, agreeSz))
+        return -56;
+
+    FreeDhKey(&key);
+    FreeDhKey(&key2);
+
+    return 0;
+}
+
+#endif /* NO_DH */
+
+
+#ifndef NO_DSA
+
+#if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048)
+    #ifdef FREESCALE_MQX
+        static const char* dsaKey = "a:\\certs\\dsa2048.der";
+    #else
+        static const char* dsaKey = "./certs/dsa2048.der";
+    #endif
+#endif
+
+int dsa_test(void)
+{
+    int    ret, answer;
+    word32 bytes;
+    word32 idx = 0;
+    byte   tmp[1024];
+    DsaKey key;
+    RNG    rng;
+    Sha    sha;
+    byte   hash[SHA_DIGEST_SIZE];
+    byte   signature[40];
+
+
+#ifdef USE_CERT_BUFFERS_1024
+    XMEMCPY(tmp, dsa_key_der_1024, sizeof_dsa_key_der_1024);
+    bytes = sizeof_dsa_key_der_1024;
+#elif defined(USE_CERT_BUFFERS_2048)
+    XMEMCPY(tmp, dsa_key_der_2048, sizeof_dsa_key_der_2048);
+    bytes = sizeof_dsa_key_der_2048;
+#else
+    FILE*  file = fopen(dsaKey, "rb");
+
+    if (!file)
+        return -60;
+
+    bytes = (word32) fread(tmp, 1, sizeof(tmp), file);
+    fclose(file);
+#endif /* USE_CERT_BUFFERS */
+
+    ret = InitSha(&sha);
+    if (ret != 0)
+        return -4002;
+    ShaUpdate(&sha, tmp, bytes);
+    ShaFinal(&sha, hash);
+
+    InitDsaKey(&key);
+    ret = DsaPrivateKeyDecode(tmp, &idx, &key, bytes);
+    if (ret != 0) return -61;
+
+    ret = InitRng(&rng);
+    if (ret != 0) return -62;
+
+    ret = DsaSign(hash, signature, &key, &rng);
+    if (ret != 0) return -63;
+
+    ret = DsaVerify(hash, signature, &key, &answer);
+    if (ret != 0) return -64;
+    if (answer != 1) return -65;
+
+    FreeDsaKey(&key);
+
+    return 0;
+}
+
+#endif /* NO_DSA */
+
+
+#ifdef OPENSSL_EXTRA
+
+int openssl_test(void)
+{
+    EVP_MD_CTX md_ctx;
+    testVector a, b, c, d, e, f;
+    byte       hash[SHA_DIGEST_SIZE*4];  /* max size */
+
+    (void)e;
+    (void)f;
+
+    a.input  = "1234567890123456789012345678901234567890123456789012345678"
+               "9012345678901234567890";
+    a.output = "\x57\xed\xf4\xa2\x2b\xe3\xc9\x55\xac\x49\xda\x2e\x21\x07\xb6"
+               "\x7a";
+    a.inLen  = strlen(a.input);
+    a.outLen = MD5_DIGEST_SIZE;
+
+    EVP_MD_CTX_init(&md_ctx);
+    EVP_DigestInit(&md_ctx, EVP_md5());
+
+    EVP_DigestUpdate(&md_ctx, a.input, a.inLen);
+    EVP_DigestFinal(&md_ctx, hash, 0);
+
+    if (memcmp(hash, a.output, MD5_DIGEST_SIZE) != 0)
+        return -71;
+
+    b.input  = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
+               "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
+               "aaaaaaaaaa";
+    b.output = "\xAD\x5B\x3F\xDB\xCB\x52\x67\x78\xC2\x83\x9D\x2F\x15\x1E\xA7"
+               "\x53\x99\x5E\x26\xA0";
+    b.inLen  = strlen(b.input);
+    b.outLen = SHA_DIGEST_SIZE;
+
+    EVP_MD_CTX_init(&md_ctx);
+    EVP_DigestInit(&md_ctx, EVP_sha1());
+
+    EVP_DigestUpdate(&md_ctx, b.input, b.inLen);
+    EVP_DigestFinal(&md_ctx, hash, 0);
+
+    if (memcmp(hash, b.output, SHA_DIGEST_SIZE) != 0)
+        return -72;
+
+
+    d.input  = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq";
+    d.output = "\x24\x8D\x6A\x61\xD2\x06\x38\xB8\xE5\xC0\x26\x93\x0C\x3E\x60"
+               "\x39\xA3\x3C\xE4\x59\x64\xFF\x21\x67\xF6\xEC\xED\xD4\x19\xDB"
+               "\x06\xC1";
+    d.inLen  = strlen(d.input);
+    d.outLen = SHA256_DIGEST_SIZE;
+
+    EVP_MD_CTX_init(&md_ctx);
+    EVP_DigestInit(&md_ctx, EVP_sha256());
+
+    EVP_DigestUpdate(&md_ctx, d.input, d.inLen);
+    EVP_DigestFinal(&md_ctx, hash, 0);
+
+    if (memcmp(hash, d.output, SHA256_DIGEST_SIZE) != 0)
+        return -78;
+
+#ifdef CYASSL_SHA384
+
+    e.input  = "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhi"
+               "jklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu";
+    e.output = "\x09\x33\x0c\x33\xf7\x11\x47\xe8\x3d\x19\x2f\xc7\x82\xcd\x1b"
+               "\x47\x53\x11\x1b\x17\x3b\x3b\x05\xd2\x2f\xa0\x80\x86\xe3\xb0"
+               "\xf7\x12\xfc\xc7\xc7\x1a\x55\x7e\x2d\xb9\x66\xc3\xe9\xfa\x91"
+               "\x74\x60\x39";
+    e.inLen  = strlen(e.input);
+    e.outLen = SHA384_DIGEST_SIZE;
+
+    EVP_MD_CTX_init(&md_ctx);
+    EVP_DigestInit(&md_ctx, EVP_sha384());
+
+    EVP_DigestUpdate(&md_ctx, e.input, e.inLen);
+    EVP_DigestFinal(&md_ctx, hash, 0);
+
+    if (memcmp(hash, e.output, SHA384_DIGEST_SIZE) != 0)
+        return -79;
+
+#endif /* CYASSL_SHA384 */
+
+
+#ifdef CYASSL_SHA512
+
+    f.input  = "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhi"
+               "jklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu";
+    f.output = "\x8e\x95\x9b\x75\xda\xe3\x13\xda\x8c\xf4\xf7\x28\x14\xfc\x14"
+               "\x3f\x8f\x77\x79\xc6\xeb\x9f\x7f\xa1\x72\x99\xae\xad\xb6\x88"
+               "\x90\x18\x50\x1d\x28\x9e\x49\x00\xf7\xe4\x33\x1b\x99\xde\xc4"
+               "\xb5\x43\x3a\xc7\xd3\x29\xee\xb6\xdd\x26\x54\x5e\x96\xe5\x5b"
+               "\x87\x4b\xe9\x09";
+    f.inLen  = strlen(f.input);
+    f.outLen = SHA512_DIGEST_SIZE;
+
+    EVP_MD_CTX_init(&md_ctx);
+    EVP_DigestInit(&md_ctx, EVP_sha512());
+
+    EVP_DigestUpdate(&md_ctx, f.input, f.inLen);
+    EVP_DigestFinal(&md_ctx, hash, 0);
+
+    if (memcmp(hash, f.output, SHA512_DIGEST_SIZE) != 0)
+        return -80;
+
+#endif /* CYASSL_SHA512 */
+
+
+    if (RAND_bytes(hash, sizeof(hash)) != 1)
+        return -73;
+
+    c.input  = "what do ya want for nothing?";
+    c.output = "\x75\x0c\x78\x3e\x6a\xb0\xb5\x03\xea\xa8\x6e\x31\x0a\x5d\xb7"
+               "\x38";
+    c.inLen  = strlen(c.input);
+    c.outLen = MD5_DIGEST_SIZE;
+
+    HMAC(EVP_md5(), "Jefe", 4, (byte*)c.input, (int)c.inLen, hash, 0);
+
+    if (memcmp(hash, c.output, MD5_DIGEST_SIZE) != 0)
+        return -74;
+
+    { /* des test */
+    const byte vector[] = { /* "now is the time for all " w/o trailing 0 */
+        0x6e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74,
+        0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20,
+        0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20
+    };
+
+    byte plain[24];
+    byte cipher[24];
+
+    const_DES_cblock key =
+    {
+        0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef
+    };
+
+    DES_cblock iv =
+    {
+        0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef
+    };
+
+    DES_key_schedule sched;
+
+    const byte verify[] =
+    {
+        0x8b,0x7c,0x52,0xb0,0x01,0x2b,0x6c,0xb8,
+        0x4f,0x0f,0xeb,0xf3,0xfb,0x5f,0x86,0x73,
+        0x15,0x85,0xb3,0x22,0x4b,0x86,0x2b,0x4b
+    };
+
+    DES_key_sched(&key, &sched);
+
+    DES_cbc_encrypt(vector, cipher, sizeof(vector), &sched, &iv, DES_ENCRYPT);
+    DES_cbc_encrypt(cipher, plain, sizeof(vector), &sched, &iv, DES_DECRYPT);
+
+    if (memcmp(plain, vector, sizeof(vector)) != 0)
+        return -75;
+
+    if (memcmp(cipher, verify, sizeof(verify)) != 0)
+        return -76;
+
+        /* test changing iv */
+    DES_ncbc_encrypt(vector, cipher, 8, &sched, &iv, DES_ENCRYPT);
+    DES_ncbc_encrypt(vector + 8, cipher + 8, 16, &sched, &iv, DES_ENCRYPT);
+
+    if (memcmp(cipher, verify, sizeof(verify)) != 0)
+        return -77;
+
+    }  /* end des test */
+
+    {  /* evp_cipher test */
+        EVP_CIPHER_CTX ctx;
+
+
+        const byte msg[] = { /* "Now is the time for all " w/o trailing 0 */
+            0x6e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74,
+            0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20,
+            0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20
+        };
+
+        const byte verify[] =
+        {
+            0x95,0x94,0x92,0x57,0x5f,0x42,0x81,0x53,
+            0x2c,0xcc,0x9d,0x46,0x77,0xa2,0x33,0xcb
+        };
+
+        byte key[] = "0123456789abcdef   ";  /* align */
+        byte iv[]  = "1234567890abcdef   ";  /* align */
+
+        byte cipher[AES_BLOCK_SIZE * 4];
+        byte plain [AES_BLOCK_SIZE * 4];
+
+        EVP_CIPHER_CTX_init(&ctx);
+        if (EVP_CipherInit(&ctx, EVP_aes_128_cbc(), key, iv, 1) == 0)
+            return -81;
+
+        if (EVP_Cipher(&ctx, cipher, (byte*)msg, 16) == 0)
+            return -82;
+
+        if (memcmp(cipher, verify, AES_BLOCK_SIZE))
+            return -83;
+
+        EVP_CIPHER_CTX_init(&ctx);
+        if (EVP_CipherInit(&ctx, EVP_aes_128_cbc(), key, iv, 0) == 0)
+            return -84;
+
+        if (EVP_Cipher(&ctx, plain, cipher, 16) == 0)
+            return -85;
+
+        if (memcmp(plain, msg, AES_BLOCK_SIZE))
+            return -86;
+
+
+    }  /* end evp_cipher test */
+
+    return 0;
+}
+
+#endif /* OPENSSL_EXTRA */
+
+
+#ifndef NO_PWDBASED
+
+int pkcs12_test(void)
+{
+    const byte passwd[] = { 0x00, 0x73, 0x00, 0x6d, 0x00, 0x65, 0x00, 0x67,
+                            0x00, 0x00 };
+    const byte salt[] =   { 0x0a, 0x58, 0xCF, 0x64, 0x53, 0x0d, 0x82, 0x3f };
+
+    const byte passwd2[] = { 0x00, 0x71, 0x00, 0x75, 0x00, 0x65, 0x00, 0x65,
+                             0x00, 0x67, 0x00, 0x00 };
+    const byte salt2[] =   { 0x16, 0x82, 0xC0, 0xfC, 0x5b, 0x3f, 0x7e, 0xc5 };
+    byte  derived[64];
+
+    const byte verify[] = {
+        0x8A, 0xAA, 0xE6, 0x29, 0x7B, 0x6C, 0xB0, 0x46,
+        0x42, 0xAB, 0x5B, 0x07, 0x78, 0x51, 0x28, 0x4E,
+        0xB7, 0x12, 0x8F, 0x1A, 0x2A, 0x7F, 0xBC, 0xA3
+    };
+
+    const byte verify2[] = {
+        0x48, 0x3D, 0xD6, 0xE9, 0x19, 0xD7, 0xDE, 0x2E,
+        0x8E, 0x64, 0x8B, 0xA8, 0xF8, 0x62, 0xF3, 0xFB,
+        0xFB, 0xDC, 0x2B, 0xCB, 0x2C, 0x02, 0x95, 0x7F
+    };
+
+    int id         =  1;
+    int kLen       = 24;
+    int iterations =  1;
+    int ret = PKCS12_PBKDF(derived, passwd, sizeof(passwd), salt, 8, iterations,
+                           kLen, SHA, id);
+
+    if (ret < 0)
+        return -103;
+
+    if ( (ret = memcmp(derived, verify, kLen)) != 0)
+        return -104;
+
+    iterations = 1000;
+    ret = PKCS12_PBKDF(derived, passwd2, sizeof(passwd2), salt2, 8, iterations,
+                       kLen, SHA, id);
+    if (ret < 0)
+        return -105;
+
+    if ( (ret = memcmp(derived, verify2, 24)) != 0)
+        return -106;
+
+    return 0;
+}
+
+
+int pbkdf2_test(void)
+{
+    char passwd[] = "password";
+    const byte salt[] = { 0x78, 0x57, 0x8E, 0x5a, 0x5d, 0x63, 0xcb, 0x06 };
+    int   iterations = 2048;
+    int   kLen = 24;
+    byte  derived[64];
+
+    const byte verify[] = {
+        0xBF, 0xDE, 0x6B, 0xE9, 0x4D, 0xF7, 0xE1, 0x1D, 0xD4, 0x09, 0xBC, 0xE2,
+        0x0A, 0x02, 0x55, 0xEC, 0x32, 0x7C, 0xB9, 0x36, 0xFF, 0xE9, 0x36, 0x43
+
+    };
+
+    int ret = PBKDF2(derived, (byte*)passwd, (int)strlen(passwd), salt, 8,
+                                                         iterations, kLen, SHA);
+    if (ret != 0)
+        return ret;
+
+    if (memcmp(derived, verify, sizeof(verify)) != 0)
+        return -102;
+
+    return 0;
+}
+
+
+int pbkdf1_test(void)
+{
+    char passwd[] = "password";
+    const byte salt[] = { 0x78, 0x57, 0x8E, 0x5a, 0x5d, 0x63, 0xcb, 0x06 };
+    int   iterations = 1000;
+    int   kLen = 16;
+    byte  derived[16];
+
+    const byte verify[] = {
+        0xDC, 0x19, 0x84, 0x7E, 0x05, 0xC6, 0x4D, 0x2F, 0xAF, 0x10, 0xEB, 0xFB,
+        0x4A, 0x3D, 0x2A, 0x20
+    };
+
+    PBKDF1(derived, (byte*)passwd, (int)strlen(passwd), salt, 8, iterations,
+           kLen, SHA);
+
+    if (memcmp(derived, verify, sizeof(verify)) != 0)
+        return -101;
+
+    return 0;
+}
+
+
+int pwdbased_test(void)
+{
+   int ret =  pbkdf1_test();
+   ret += pbkdf2_test();
+
+   return ret + pkcs12_test();
+}
+
+#endif /* NO_PWDBASED */
+
+#if defined(HAVE_HKDF) && (!defined(NO_SHA) || !defined(NO_SHA256))
+
+int hkdf_test(void)
+{
+    int ret;
+    int L = 42;
+    byte okm1[42];
+    byte ikm1[22] = { 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
+                      0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
+                      0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b };
+    byte salt1[13] ={ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+                      0x08, 0x09, 0x0a, 0x0b, 0x0c };
+    byte info1[10] ={ 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7,
+                      0xf8, 0xf9 };
+    byte res1[42] = { 0x0a, 0xc1, 0xaf, 0x70, 0x02, 0xb3, 0xd7, 0x61,
+                      0xd1, 0xe5, 0x52, 0x98, 0xda, 0x9d, 0x05, 0x06,
+                      0xb9, 0xae, 0x52, 0x05, 0x72, 0x20, 0xa3, 0x06,
+                      0xe0, 0x7b, 0x6b, 0x87, 0xe8, 0xdf, 0x21, 0xd0,
+                      0xea, 0x00, 0x03, 0x3d, 0xe0, 0x39, 0x84, 0xd3,
+                      0x49, 0x18 };
+    byte res2[42] = { 0x08, 0x5a, 0x01, 0xea, 0x1b, 0x10, 0xf3, 0x69,
+                      0x33, 0x06, 0x8b, 0x56, 0xef, 0xa5, 0xad, 0x81,
+                      0xa4, 0xf1, 0x4b, 0x82, 0x2f, 0x5b, 0x09, 0x15,
+                      0x68, 0xa9, 0xcd, 0xd4, 0xf1, 0x55, 0xfd, 0xa2,
+                      0xc2, 0x2e, 0x42, 0x24, 0x78, 0xd3, 0x05, 0xf3,
+                      0xf8, 0x96 };
+    byte res3[42] = { 0x8d, 0xa4, 0xe7, 0x75, 0xa5, 0x63, 0xc1, 0x8f,
+                      0x71, 0x5f, 0x80, 0x2a, 0x06, 0x3c, 0x5a, 0x31,
+                      0xb8, 0xa1, 0x1f, 0x5c, 0x5e, 0xe1, 0x87, 0x9e,
+                      0xc3, 0x45, 0x4e, 0x5f, 0x3c, 0x73, 0x8d, 0x2d,
+                      0x9d, 0x20, 0x13, 0x95, 0xfa, 0xa4, 0xb6, 0x1a,
+                      0x96, 0xc8 };
+    byte res4[42] = { 0x3c, 0xb2, 0x5f, 0x25, 0xfa, 0xac, 0xd5, 0x7a,
+                      0x90, 0x43, 0x4f, 0x64, 0xd0, 0x36, 0x2f, 0x2a,
+                      0x2d, 0x2d, 0x0a, 0x90, 0xcf, 0x1a, 0x5a, 0x4c,
+                      0x5d, 0xb0, 0x2d, 0x56, 0xec, 0xc4, 0xc5, 0xbf,
+                      0x34, 0x00, 0x72, 0x08, 0xd5, 0xb8, 0x87, 0x18,
+                      0x58, 0x65 };
+
+    (void)res1;
+    (void)res2;
+    (void)res3;
+    (void)res4;
+
+#ifndef NO_SHA
+    ret = HKDF(SHA, ikm1, 22, NULL, 0, NULL, 0, okm1, L);
+    if (ret != 0)
+        return -2001;
+
+    if (memcmp(okm1, res1, L) != 0)
+        return -2002;
+
+    ret = HKDF(SHA, ikm1, 11, salt1, 13, info1, 10, okm1, L);
+    if (ret != 0)
+        return -2003;
+
+    if (memcmp(okm1, res2, L) != 0)
+        return -2004;
+#endif /* NO_SHA */
+
+#ifndef NO_SHA256
+    ret = HKDF(SHA256, ikm1, 22, NULL, 0, NULL, 0, okm1, L);
+    if (ret != 0)
+        return -2005;
+
+    if (memcmp(okm1, res3, L) != 0)
+        return -2006;
+
+    ret = HKDF(SHA256, ikm1, 22, salt1, 13, info1, 10, okm1, L);
+    if (ret != 0)
+        return -2007;
+
+    if (memcmp(okm1, res4, L) != 0)
+        return -2007;
+#endif /* NO_SHA256 */
+
+    return 0;
+}
+
+#endif /* HAVE_HKDF */
+
+
+#ifdef HAVE_ECC
+
+int ecc_test(void)
+{
+    RNG     rng;
+    byte    sharedA[1024];
+    byte    sharedB[1024];
+    byte    sig[1024];
+    byte    digest[20];
+    byte    exportBuf[1024];
+    word32  x, y;
+    int     i, verify, ret;
+    ecc_key userA, userB, pubKey;
+
+    ret = InitRng(&rng);
+    if (ret != 0)
+        return -1001;
+
+    ecc_init(&userA);
+    ecc_init(&userB);
+    ecc_init(&pubKey);
+
+    ret = ecc_make_key(&rng, 32, &userA);
+
+    if (ret != 0)
+        return -1014;
+
+    ret = ecc_make_key(&rng, 32, &userB);
+
+    if (ret != 0)
+        return -1002;
+
+    x = sizeof(sharedA);
+    ret = ecc_shared_secret(&userA, &userB, sharedA, &x);
+
+    if (ret != 0)
+        return -1015;
+
+    y = sizeof(sharedB);
+    ret = ecc_shared_secret(&userB, &userA, sharedB, &y);
+
+    if (ret != 0)
+        return -1003;
+
+    if (y != x)
+        return -1004;
+
+    if (memcmp(sharedA, sharedB, x))
+        return -1005;
+
+    x = sizeof(exportBuf);
+    ret = ecc_export_x963(&userA, exportBuf, &x);
+    if (ret != 0)
+        return -1006;
+
+    ret = ecc_import_x963(exportBuf, x, &pubKey);
+
+    if (ret != 0)
+        return -1007;
+
+    y = sizeof(sharedB);
+    ret = ecc_shared_secret(&userB, &pubKey, sharedB, &y);
+
+    if (ret != 0)
+        return -1008;
+
+    if (memcmp(sharedA, sharedB, y))
+        return -1010;
+
+    /* test DSA sign hash */
+    for (i = 0; i < (int)sizeof(digest); i++)
+        digest[i] = (byte)i;
+
+    x = sizeof(sig);
+    ret = ecc_sign_hash(digest, sizeof(digest), sig, &x, &rng, &userA);
+
+    if (ret != 0)
+        return -1016;
+
+    verify = 0;
+    ret = ecc_verify_hash(sig, x, digest, sizeof(digest), &verify, &userA);
+
+    if (ret != 0)
+        return -1011;
+
+    if (verify != 1)
+        return -1012;
+
+    x = sizeof(exportBuf);
+    ret = ecc_export_private_only(&userA, exportBuf, &x);
+    if (ret != 0)
+        return -1013;
+
+    ecc_free(&pubKey);
+    ecc_free(&userB);
+    ecc_free(&userA);
+
+    return 0;
+}
+
+#ifdef HAVE_ECC_ENCRYPT
+
+int ecc_encrypt_test(void)
+{
+    RNG     rng;
+    int     ret;
+    ecc_key userA, userB;
+    byte    msg[48];
+    byte    plain[48];
+    byte    out[80];
+    word32  outSz   = sizeof(out);
+    word32  plainSz = sizeof(plain);
+    int     i;
+
+    ret = InitRng(&rng);
+    if (ret != 0)
+        return -3001;
+
+    ecc_init(&userA);
+    ecc_init(&userB);
+
+    ret  = ecc_make_key(&rng, 32, &userA);
+    ret += ecc_make_key(&rng, 32, &userB);
+
+    if (ret != 0)
+        return -3002;
+
+    for (i = 0; i < 48; i++)
+        msg[i] = i;
+
+    /* encrypt msg to B */
+    ret = ecc_encrypt(&userA, &userB, msg, sizeof(msg), out, &outSz, NULL);
+    if (ret != 0)
+        return -3003;
+
+    /* decrypt msg from A */
+    ret = ecc_decrypt(&userB, &userA, out, outSz, plain, &plainSz, NULL);
+    if (ret != 0)
+        return -3004;
+
+    if (memcmp(plain, msg, sizeof(msg)) != 0)
+        return -3005;
+
+
+    {  /* let's verify message exchange works, A is client, B is server */
+        ecEncCtx* cliCtx = ecc_ctx_new(REQ_RESP_CLIENT, &rng);
+        ecEncCtx* srvCtx = ecc_ctx_new(REQ_RESP_SERVER, &rng);
+
+        byte cliSalt[EXCHANGE_SALT_SZ];
+        byte srvSalt[EXCHANGE_SALT_SZ];
+        const byte* tmpSalt;
+
+        if (cliCtx == NULL || srvCtx == NULL)
+            return -3006;
+
+        /* get salt to send to peer */
+        tmpSalt = ecc_ctx_get_own_salt(cliCtx);
+        if (tmpSalt == NULL)
+            return -3007;
+        memcpy(cliSalt, tmpSalt, EXCHANGE_SALT_SZ);
+
+        tmpSalt = ecc_ctx_get_own_salt(srvCtx);
+        if (tmpSalt == NULL)
+            return -3007;
+        memcpy(srvSalt, tmpSalt, EXCHANGE_SALT_SZ);
+
+        /* in actual use, we'd get the peer's salt over the transport */
+        ret  = ecc_ctx_set_peer_salt(cliCtx, srvSalt);
+        ret += ecc_ctx_set_peer_salt(srvCtx, cliSalt);
+
+        if (ret != 0)
+            return -3008;
+
+        /* get encrypted msg (request) to send to B */
+        outSz  = sizeof(out);
+        ret = ecc_encrypt(&userA, &userB, msg, sizeof(msg), out, &outSz,cliCtx);
+        if (ret != 0)
+            return -3009;
+
+        /* B decrypts msg (request) from A */
+        plainSz = sizeof(plain);
+        ret = ecc_decrypt(&userB, &userA, out, outSz, plain, &plainSz, srvCtx);
+        if (ret != 0)
+            return -3010;
+
+        if (memcmp(plain, msg, sizeof(msg)) != 0)
+            return -3011;
+
+        {
+            /* msg2 (response) from B to A */
+            byte    msg2[48];
+            byte    plain2[48];
+            byte    out2[80];
+            word32  outSz2   = sizeof(out2);
+            word32  plainSz2 = sizeof(plain2);
+
+            for (i = 0; i < 48; i++)
+                msg2[i] = i+48;
+
+            /* get encrypted msg (response) to send to B */
+            ret = ecc_encrypt(&userB, &userA, msg2, sizeof(msg2), out2,
+                              &outSz2, srvCtx);
+            if (ret != 0)
+                return -3012;
+
+            /* A decrypts msg (response) from B */
+            ret = ecc_decrypt(&userA, &userB, out2, outSz2, plain2, &plainSz2,
+                             cliCtx);
+            if (ret != 0)
+                return -3013;
+
+            if (memcmp(plain2, msg2, sizeof(msg2)) != 0)
+                return -3014;
+        }
+
+        /* cleanup */
+        ecc_ctx_free(srvCtx);
+        ecc_ctx_free(cliCtx);
+    }
+
+    /* cleanup */
+    ecc_free(&userB);
+    ecc_free(&userA);
+
+    return 0;
+}
+
+#endif /* HAVE_ECC_ENCRYPT */
+#endif /* HAVE_ECC */
+
+#ifdef HAVE_LIBZ
+
+const byte sample_text[] =
+    "Biodiesel cupidatat marfa, cliche aute put a bird on it incididunt elit\n"
+    "polaroid. Sunt tattooed bespoke reprehenderit. Sint twee organic id\n"
+    "marfa. Commodo veniam ad esse gastropub. 3 wolf moon sartorial vero,\n"
+    "plaid delectus biodiesel squid +1 vice. Post-ironic keffiyeh leggings\n"
+    "selfies cray fap hoodie, forage anim. Carles cupidatat shoreditch, VHS\n"
+    "small batch meggings kogi dolore food truck bespoke gastropub.\n"
+    "\n"
+    "Terry richardson adipisicing actually typewriter tumblr, twee whatever\n"
+    "four loko you probably haven't heard of them high life. Messenger bag\n"
+    "whatever tattooed deep v mlkshk. Brooklyn pinterest assumenda chillwave\n"
+    "et, banksy ullamco messenger bag umami pariatur direct trade forage.\n"
+    "Typewriter culpa try-hard, pariatur sint brooklyn meggings. Gentrify\n"
+    "food truck next level, tousled irony non semiotics PBR ethical anim cred\n"
+    "readymade. Mumblecore brunch lomo odd future, portland organic terry\n"
+    "richardson elit leggings adipisicing ennui raw denim banjo hella. Godard\n"
+    "mixtape polaroid, pork belly readymade organic cray typewriter helvetica\n"
+    "four loko whatever street art yr farm-to-table.\n"
+    "\n"
+    "Vinyl keytar vice tofu. Locavore you probably haven't heard of them pug\n"
+    "pickled, hella tonx labore truffaut DIY mlkshk elit cosby sweater sint\n"
+    "et mumblecore. Elit swag semiotics, reprehenderit DIY sartorial nisi ugh\n"
+    "nesciunt pug pork belly wayfarers selfies delectus. Ethical hoodie\n"
+    "seitan fingerstache kale chips. Terry richardson artisan williamsburg,\n"
+    "eiusmod fanny pack irony tonx ennui lo-fi incididunt tofu YOLO\n"
+    "readymade. 8-bit sed ethnic beard officia. Pour-over iphone DIY butcher,\n"
+    "ethnic art party qui letterpress nisi proident jean shorts mlkshk\n"
+    "locavore.\n"
+    "\n"
+    "Narwhal flexitarian letterpress, do gluten-free voluptate next level\n"
+    "banh mi tonx incididunt carles DIY. Odd future nulla 8-bit beard ut\n"
+    "cillum pickled velit, YOLO officia you probably haven't heard of them\n"
+    "trust fund gastropub. Nisi adipisicing tattooed, Austin mlkshk 90's\n"
+    "small batch american apparel. Put a bird on it cosby sweater before they\n"
+    "sold out pork belly kogi hella. Street art mollit sustainable polaroid,\n"
+    "DIY ethnic ea pug beard dreamcatcher cosby sweater magna scenester nisi.\n"
+    "Sed pork belly skateboard mollit, labore proident eiusmod. Sriracha\n"
+    "excepteur cosby sweater, anim deserunt laborum eu aliquip ethical et\n"
+    "neutra PBR selvage.\n"
+    "\n"
+    "Raw denim pork belly truffaut, irony plaid sustainable put a bird on it\n"
+    "next level jean shorts exercitation. Hashtag keytar whatever, nihil\n"
+    "authentic aliquip disrupt laborum. Tattooed selfies deserunt trust fund\n"
+    "wayfarers. 3 wolf moon synth church-key sartorial, gastropub leggings\n"
+    "tattooed. Labore high life commodo, meggings raw denim fingerstache pug\n"
+    "trust fund leggings seitan forage. Nostrud ullamco duis, reprehenderit\n"
+    "incididunt flannel sustainable helvetica pork belly pug banksy you\n"
+    "probably haven't heard of them nesciunt farm-to-table. Disrupt nostrud\n"
+    "mollit magna, sriracha sartorial helvetica.\n"
+    "\n"
+    "Nulla kogi reprehenderit, skateboard sustainable duis adipisicing viral\n"
+    "ad fanny pack salvia. Fanny pack trust fund you probably haven't heard\n"
+    "of them YOLO vice nihil. Keffiyeh cray lo-fi pinterest cardigan aliqua,\n"
+    "reprehenderit aute. Culpa tousled williamsburg, marfa lomo actually anim\n"
+    "skateboard. Iphone aliqua ugh, semiotics pariatur vero readymade\n"
+    "organic. Marfa squid nulla, in laborum disrupt laboris irure gastropub.\n"
+    "Veniam sunt food truck leggings, sint vinyl fap.\n"
+    "\n"
+    "Hella dolore pork belly, truffaut carles you probably haven't heard of\n"
+    "them PBR helvetica in sapiente. Fashion axe ugh bushwick american\n"
+    "apparel. Fingerstache sed iphone, jean shorts blue bottle nisi bushwick\n"
+    "flexitarian officia veniam plaid bespoke fap YOLO lo-fi. Blog\n"
+    "letterpress mumblecore, food truck id cray brooklyn cillum ad sed.\n"
+    "Assumenda chambray wayfarers vinyl mixtape sustainable. VHS vinyl\n"
+    "delectus, culpa williamsburg polaroid cliche swag church-key synth kogi\n"
+    "magna pop-up literally. Swag thundercats ennui shoreditch vegan\n"
+    "pitchfork neutra truffaut etsy, sed single-origin coffee craft beer.\n"
+    "\n"
+    "Odio letterpress brooklyn elit. Nulla single-origin coffee in occaecat\n"
+    "meggings. Irony meggings 8-bit, chillwave lo-fi adipisicing cred\n"
+    "dreamcatcher veniam. Put a bird on it irony umami, trust fund bushwick\n"
+    "locavore kale chips. Sriracha swag thundercats, chillwave disrupt\n"
+    "tousled beard mollit mustache leggings portland next level. Nihil esse\n"
+    "est, skateboard art party etsy thundercats sed dreamcatcher ut iphone\n"
+    "swag consectetur et. Irure skateboard banjo, nulla deserunt messenger\n"
+    "bag dolor terry richardson sapiente.\n";
+
+
+int compress_test(void)
+{
+    int ret = 0;
+    word32 dSz = sizeof(sample_text);
+    word32 cSz = (dSz + (word32)(dSz * 0.001) + 12);
+    byte *c = NULL;
+    byte *d = NULL;
+
+    c = calloc(cSz, sizeof(byte));
+    d = calloc(dSz, sizeof(byte));
+
+    if (c == NULL || d == NULL)
+        ret = -300;
+
+    if (ret == 0 && (ret = Compress(c, cSz, sample_text, dSz, 0)) < 0)
+        ret = -301;
+
+    if (ret > 0) {
+        cSz = (word32)ret;
+        ret = 0;
+    }
+
+    if (ret == 0 && DeCompress(d, dSz, c, cSz) != (int)dSz)
+        ret = -302;
+
+    if (ret == 0 && memcmp(d, sample_text, dSz))
+        ret = -303;
+
+    if (c) free(c);
+    if (d) free(d);
+
+    return ret;
+}
+
+#endif /* HAVE_LIBZ */
+
+#ifdef HAVE_PKCS7
+
+int pkcs7enveloped_test(void)
+{
+    int ret = 0;
+
+    int cipher = DES3b;
+    int envelopedSz, decodedSz;
+    PKCS7 pkcs7;
+    byte* cert;
+    byte* privKey;
+    byte  enveloped[2048];
+    byte  decoded[2048];
+
+    size_t certSz;
+    size_t privKeySz;
+    FILE*  certFile;
+    FILE*  keyFile;
+    FILE*  pkcs7File;
+    const char* pkcs7OutFile = "pkcs7envelopedData.der";
+
+    const byte data[] = { /* Hello World */
+        0x48,0x65,0x6c,0x6c,0x6f,0x20,0x57,0x6f,
+        0x72,0x6c,0x64
+    };
+
+    /* read client cert and key in DER format */
+    cert = (byte*)malloc(FOURK_BUF);
+    if (cert == NULL)
+        return -201;
+
+    privKey = (byte*)malloc(FOURK_BUF);
+    if (privKey == NULL) {
+        free(cert);
+        return -202;
+    }
+
+    certFile = fopen(clientCert, "rb");
+    if (!certFile) {
+        free(cert);
+        free(privKey);
+        err_sys("can't open ./certs/client-cert.der, "
+                "Please run from CyaSSL home dir", -42);
+    }
+
+    certSz = fread(cert, 1, FOURK_BUF, certFile);
+    fclose(certFile);
+
+    keyFile = fopen(clientKey, "rb");
+    if (!keyFile) {
+        free(cert);
+        free(privKey);
+        err_sys("can't open ./certs/client-key.der, "
+                "Please run from CyaSSL home dir", -43);
+    }
+
+    privKeySz = fread(privKey, 1, FOURK_BUF, keyFile);
+    fclose(keyFile);
+
+    PKCS7_InitWithCert(&pkcs7, cert, (word32)certSz);
+    pkcs7.content     = (byte*)data;
+    pkcs7.contentSz   = (word32)sizeof(data);
+    pkcs7.contentOID  = DATA;
+    pkcs7.encryptOID  = cipher;
+    pkcs7.privateKey  = privKey;
+    pkcs7.privateKeySz = (word32)privKeySz;
+
+    /* encode envelopedData */
+    envelopedSz = PKCS7_EncodeEnvelopedData(&pkcs7, enveloped,
+                                            sizeof(enveloped));
+    if (envelopedSz <= 0) {
+        free(cert);
+        free(privKey);
+        return -203;
+    }
+
+    /* decode envelopedData */
+    decodedSz = PKCS7_DecodeEnvelopedData(&pkcs7, enveloped, envelopedSz,
+                                          decoded, sizeof(decoded));
+    if (decodedSz <= 0) {
+        free(cert);
+        free(privKey);
+        return -204;
+    }
+
+    /* test decode result */
+    if (memcmp(decoded, data, sizeof(data)) != 0) {
+        free(cert);
+        free(privKey);
+        return -205;
+    }
+
+    /* output pkcs7 envelopedData for external testing */
+    pkcs7File = fopen(pkcs7OutFile, "wb");
+    if (!pkcs7File) {
+        free(cert);
+        free(privKey);
+        return -206;
+    }
+
+    ret = (int)fwrite(enveloped, envelopedSz, 1, pkcs7File);
+    fclose(pkcs7File);
+
+    free(cert);
+    free(privKey);
+    PKCS7_Free(&pkcs7);
+
+    if (ret > 0)
+        return 0;
+
+    return ret;
+}
+
+int pkcs7signed_test(void)
+{
+    int ret = 0;
+
+    FILE* file;
+    byte* certDer;
+    byte* keyDer;
+    byte* out;
+    char data[] = "Hello World";
+    word32 dataSz, outSz, certDerSz, keyDerSz;
+    PKCS7 msg;
+    RNG rng;
+
+    byte transIdOid[] =
+               { 0x06, 0x0a, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x45, 0x01,
+                 0x09, 0x07 };
+    byte messageTypeOid[] =
+               { 0x06, 0x0a, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x45, 0x01,
+                 0x09, 0x02 };
+    byte senderNonceOid[] =
+               { 0x06, 0x0a, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x45, 0x01,
+                 0x09, 0x05 };
+    byte transId[(SHA_DIGEST_SIZE + 1) * 2 + 1];
+    byte messageType[] = { 0x13, 2, '1', '9' };
+    byte senderNonce[PKCS7_NONCE_SZ + 2];
+
+    PKCS7Attrib attribs[] =
+    {
+        { transIdOid, sizeof(transIdOid),
+                     transId, sizeof(transId) - 1 }, /* take off the null */
+        { messageTypeOid, sizeof(messageTypeOid),
+                     messageType, sizeof(messageType) },
+        { senderNonceOid, sizeof(senderNonceOid),
+                     senderNonce, sizeof(senderNonce) }
+    };
+
+    dataSz = (word32) strlen(data);
+    outSz = FOURK_BUF;
+
+    certDer = (byte*)malloc(FOURK_BUF);
+    if (certDer == NULL)
+        return -207;
+    keyDer = (byte*)malloc(FOURK_BUF);
+    if (keyDer == NULL) {
+        free(certDer);
+        return -208;
+    }
+    out = (byte*)malloc(FOURK_BUF);
+    if (out == NULL) {
+        free(certDer);
+        free(keyDer);
+        return -209;
+    }
+
+    /* read in DER cert of recipient, into cert of size certSz */
+    file = fopen(clientCert, "rb");
+    if (!file) {
+        free(certDer);
+        free(keyDer);
+        free(out);
+        err_sys("can't open ./certs/client-cert.der, "
+                "Please run from CyaSSL home dir", -44);
+    }
+    certDerSz = (word32)fread(certDer, 1, FOURK_BUF, file);
+    fclose(file);
+
+    file = fopen(clientKey, "rb");
+    if (!file) {
+        free(certDer);
+        free(keyDer);
+        free(out);
+        err_sys("can't open ./certs/client-key.der, "
+                "Please run from CyaSSL home dir", -45);
+    }
+    keyDerSz = (word32)fread(keyDer, 1, FOURK_BUF, file);
+    fclose(file);
+
+    ret = InitRng(&rng);
+    if (ret != 0) {
+        free(certDer);
+        free(keyDer);
+        free(out);
+        return -210;
+    }
+
+    senderNonce[0] = 0x04;
+    senderNonce[1] = PKCS7_NONCE_SZ;
+
+    ret = RNG_GenerateBlock(&rng, &senderNonce[2], PKCS7_NONCE_SZ);
+    if (ret != 0) {
+        free(certDer);
+        free(keyDer);
+        free(out);
+        return -211;
+    }
+
+    PKCS7_InitWithCert(&msg, certDer, certDerSz);
+    msg.privateKey = keyDer;
+    msg.privateKeySz = keyDerSz;
+    msg.content = (byte*)data;
+    msg.contentSz = dataSz;
+    msg.hashOID = SHAh;
+    msg.encryptOID = RSAk;
+    msg.signedAttribs = attribs;
+    msg.signedAttribsSz = sizeof(attribs)/sizeof(PKCS7Attrib);
+    msg.rng = &rng;
+    {
+        Sha sha;
+        byte digest[SHA_DIGEST_SIZE];
+        int i,j;
+
+        transId[0] = 0x13;
+        transId[1] = SHA_DIGEST_SIZE * 2;
+
+        ret = InitSha(&sha);
+        if (ret != 0) {
+            free(certDer);
+            free(keyDer);
+            free(out);
+            return -4003;
+        }
+        ShaUpdate(&sha, msg.publicKey, msg.publicKeySz);
+        ShaFinal(&sha, digest);
+
+        for (i = 0, j = 2; i < SHA_DIGEST_SIZE; i++, j += 2) {
+            snprintf((char*)&transId[j], 3, "%02x", digest[i]);
+        }
+    }
+    ret = PKCS7_EncodeSignedData(&msg, out, outSz);
+    if (ret < 0) {
+        free(certDer);
+        free(keyDer);
+        free(out);
+        PKCS7_Free(&msg);
+        return -212;
+    }
+    else
+        outSz = ret;
+
+    /* write PKCS#7 to output file for more testing */
+    file = fopen("./pkcs7signedData.der", "wb");
+    if (!file) {
+        free(certDer);
+        free(keyDer);
+        free(out);
+        PKCS7_Free(&msg);
+        return -213;
+    }
+    ret = (int)fwrite(out, 1, outSz, file);
+    fclose(file);
+    if (ret != (int)outSz) {
+        free(certDer);
+        free(keyDer);
+        free(out);
+        PKCS7_Free(&msg);
+        return -218;
+    }
+
+    PKCS7_Free(&msg);
+    PKCS7_InitWithCert(&msg, NULL, 0);
+
+    ret = PKCS7_VerifySignedData(&msg, out, outSz);
+    if (ret < 0) {
+        free(certDer);
+        free(keyDer);
+        free(out);
+        PKCS7_Free(&msg);
+        return -214;
+    }
+
+    if (msg.singleCert == NULL || msg.singleCertSz == 0) {
+        free(certDer);
+        free(keyDer);
+        free(out);
+        PKCS7_Free(&msg);
+        return -215;
+    }
+
+    file = fopen("./pkcs7cert.der", "wb");
+    if (!file) {
+        free(certDer);
+        free(keyDer);
+        free(out);
+        PKCS7_Free(&msg);
+        return -216;
+    }
+    ret = (int)fwrite(msg.singleCert, 1, msg.singleCertSz, file);
+    fclose(file);
+
+    free(certDer);
+    free(keyDer);
+    free(out);
+    PKCS7_Free(&msg);
+
+    if (ret > 0)
+        return 0;
+
+    return ret;
+}
+
+#endif /* HAVE_PKCS7 */
+
+#endif /* NO_CRYPT_TEST */
diff --git a/3P/wolfssl/IDE/MDK5-ARM/Projects/CyaSSL-Full/time-CortexM3-4.c b/3P/wolfssl/IDE/MDK5-ARM/Projects/CyaSSL-Full/time-CortexM3-4.c
new file mode 100644
index 00000000..ca504613
--- /dev/null
+++ b/3P/wolfssl/IDE/MDK5-ARM/Projects/CyaSSL-Full/time-CortexM3-4.c
@@ -0,0 +1,41 @@
+/* time-STM32F2.c
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+ 
+#ifdef HAVE_CONFIG_H
+    #include 
+#endif
+
+
+#include        
+#define DWT                 ((DWT_Type       *)     (0xE0001000UL)     ) 
+typedef struct
+{
+  uint32_t CTRL;                    /*!< Offset: 0x000 (R/W)  Control Register                          */
+  uint32_t CYCCNT;                  /*!< Offset: 0x004 (R/W)  Cycle Count Register                      */
+} DWT_Type;
+
+extern uint32_t SystemCoreClock ;
+
+double current_time(int reset) 
+{
+      if(reset) DWT->CYCCNT = 0 ;
+      return ((double)DWT->CYCCNT/SystemCoreClock) ;
+}
diff --git a/3P/wolfssl/IDE/MDK5-ARM/Projects/CyaSSL-Full/time-dummy.c b/3P/wolfssl/IDE/MDK5-ARM/Projects/CyaSSL-Full/time-dummy.c
new file mode 100644
index 00000000..8f98da46
--- /dev/null
+++ b/3P/wolfssl/IDE/MDK5-ARM/Projects/CyaSSL-Full/time-dummy.c
@@ -0,0 +1,34 @@
+/* time-dummy.c.c
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+ 
+#ifdef HAVE_CONFIG_H
+    #include 
+#endif
+
+#include "time.h"
+
+struct tm *Cyassl_MDK_gmtime(const time_t *c) 
+{ 
+    static struct tm date ; 
+    return(&date) ;
+}
+
+time_t time(time_t * t) { return 0 ; }
diff --git a/3P/wolfssl/IDE/MDK5-ARM/Projects/EchoClient/Abstract.txt b/3P/wolfssl/IDE/MDK5-ARM/Projects/EchoClient/Abstract.txt
new file mode 100644
index 00000000..42ac37cf
--- /dev/null
+++ b/3P/wolfssl/IDE/MDK5-ARM/Projects/EchoClient/Abstract.txt
@@ -0,0 +1,22 @@
+This program is echo client with CyaSSL/wolfCrypt library.
+
+In order to run this program, 
+Copy {PACK}\wolfSSL\CyaSSL\{version}\cyassl\certs folder and files to the SD memory.
+Set config-EchoClient.h configuration file for the Callee IP or Port number.
+
+For further configuration, refer config-Crypt.h and config-CyaSSL.h.
+
+When testing this client, it is recommended to test against one of the standard 
+CyaSSL example applications running on a desktop machine.  The standard CyaSSL 
+example applications are located in the CyaSSL root directory under the 
+/examples directory.
+
+For the hardware crypt on config-Crypt.h, download 
+STSW-STM32062: STM32F2xx standard peripherals library at 
+http://www.st.com/. Copy Libraries\STM32F2xx_StdPeriph_Driver\{inc,src} to 
+ {PACK}\cyassl\IDE\MDK5-ARM\STM32F2xx_StdPeriph_Lib
+
+
+Support
+-------
+Please send questions or comments to support@wolfssl.com
\ No newline at end of file
diff --git a/3P/wolfssl/IDE/MDK5-ARM/Projects/EchoClient/EchoClient.uvoptx b/3P/wolfssl/IDE/MDK5-ARM/Projects/EchoClient/EchoClient.uvoptx
new file mode 100644
index 00000000..660fd450
--- /dev/null
+++ b/3P/wolfssl/IDE/MDK5-ARM/Projects/EchoClient/EchoClient.uvoptx
@@ -0,0 +1,1237 @@
+
+
+
+  1.0
+
+  
### uVision Project, (C) Keil Software

+
+  
+    *.c
+    *.s*; *.src; *.a*
+    *.obj
+    *.lib
+    *.txt; *.h; *.inc
+    *.plm
+    *.cpp
+  
+
+  
+    0
+    0
+  
+
+  
+    EchoClient
+    0x4
+    ARM-ADS
+    
+      120000000
+      
+        1
+        1
+        0
+        1
+      
+      
+        1
+        65535
+        0
+        0
+        0
+      
+      
+        79
+        66
+        8
+        .\Object\
+      
+      
+        1
+        1
+        1
+        0
+        1
+        1
+        0
+        1
+        0
+        0
+        0
+        0
+      
+      
+        1
+        1
+        1
+        1
+        1
+        1
+        1
+        0
+        0
+      
+      
+        1
+        0
+        1
+      
+      255
+      
+        
+          0
+          Schematics (MCBSTM32F200)
+          C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\Documents\mcbstm32f200-schematics.pdf
+        
+        
+          1
+          User Manual (MCBSTM32F200)
+          C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\Documents\mcbstm32f200.chm
+        
+        
+          2
+          MCBSTM32F200 Evaluation Board Web Page (MCBSTM32F200)
+          http://www.keil.com/mcbstm32f200/
+        
+      
+      
+        0
+        1
+        1
+        1
+        1
+        1
+        1
+        1
+        1
+        1
+        1
+        1
+        1
+        1
+        0
+        1
+        1
+        1
+        1
+        1
+        0
+        0
+        8
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        .\STM32_SWO.ini
+        BIN\ULP2CM3.DLL
+      
+      
+        
+          0
+          DLGTARM
+          (1010=-1,-1,-1,-1,0)(1007=-1,-1,-1,-1,0)(1008=-1,-1,-1,-1,0)(1009=-1,-1,-1,-1,0)(1012=-1,-1,-1,-1,0)
+        
+        
+          0
+          ARMDBGFLAGS
+          
+        
+        
+          0
+          ULP2CM3
+          -UP1135060 -O206 -S8 -C0 -P00 -N00("ARM CoreSight SW-DP") -D00(2BA01477) -L00(0) -TO19 -TC120000000 -TP18 -TDX0 -TDD0 -TDS8000 -TDT0 -TDC1F -TIE1 -TIP1 -FO7 -FD20000000 -FC1000 -FN1 -FF0STM32F2xx_1024.flm -FS08000000 -FL0100000 -FP0($$Device:STM32F207IG$Flash\STM32F2xx_1024.flm)
+        
+        
+          0
+          DLGUARM
+          
+        
+        
+          0
+          UL2CM3
+          UL2CM3(-S0 -C0 -P0 -FD20000000 -FC1000 -FN1 -FF0STM32F2xx_1024 -FS08000000 -FL0100000 -FP0($$Device:STM32F207IG$Flash\STM32F2xx_1024.flm))
+        
+      
+      
+      
+        
+          1
+          8
+          ((func_args*)args)->signal->port
+        
+      
+      
+        
+          2
+          8
+          0x8004dc8
+        
+      
+      
+        0
+      
+      
+        0
+        0
+        1
+        0
+        0
+        0
+        0
+        1
+        0
+        0
+        0
+        0
+        0
+        0
+        0
+        0
+        0
+        0
+        0
+        1
+        0
+        0
+        0
+        0
+      
+      
+      
+    
+  
+
+  
+    Source
+    1
+    0
+    0
+    0
+    
+      1
+      1
+      1
+      0
+      0
+      0
+      0
+      .\main.c
+      main.c
+      0
+      0
+    
+    
+      1
+      2
+      1
+      0
+      0
+      0
+      0
+      .\echoclient.c
+      echoclient.c
+      0
+      0
+    
+  
+
+  
+    Configuration
+    1
+    0
+    0
+    0
+    
+      2
+      3
+      5
+      0
+      0
+      0
+      0
+      .\RTE\wolfSSL\config-CyaSSL.h
+      config-CyaSSL.h
+      0
+      0
+    
+    
+      2
+      4
+      5
+      0
+      0
+      0
+      0
+      .\RTE\wolfSSL\config-Crypt.h
+      config-Crypt.h
+      0
+      0
+    
+    
+      2
+      5
+      5
+      0
+      0
+      0
+      0
+      .\RTE\Network\Net_Config_ETH_0.h
+      Net_Config_ETH_0.h
+      0
+      0
+    
+  
+
+  
+    Dcumentation
+    1
+    0
+    0
+    0
+    
+      3
+      6
+      5
+      0
+      0
+      0
+      0
+      .\Abstract.txt
+      Abstract.txt
+      0
+      0
+    
+  
+
+  
+    Devices
+    1
+    0
+    0
+    0
+    
+      4
+      7
+      1
+      0
+      0
+      0
+      0
+      .\time-dummy.c
+      time-dummy.c
+      0
+      0
+    
+  
+
+  
+    ::CMSIS
+    1
+    0
+    0
+    1
+    
+      5
+      8
+      1
+      0
+      0
+      0
+      0
+      RTE\CMSIS\RTX_Conf_CM.c
+      RTX_Conf_CM.c
+      1
+      0
+    
+    
+      5
+      9
+      4
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.4\CMSIS_RTX\Lib\ARM\RTX_CM3.lib
+      RTX_CM3.lib
+      1
+      0
+    
+  
+
+  
+    ::Device
+    1
+    0
+    0
+    1
+    
+      6
+      10
+      5
+      0
+      0
+      0
+      0
+      RTE\Device\STM32F207IG\RTE_Device.h
+      RTE_Device.h
+      1
+      0
+    
+    
+      6
+      11
+      2
+      0
+      0
+      0
+      0
+      RTE\Device\STM32F207IG\startup_stm32f2xx.s
+      startup_stm32f2xx.s
+      1
+      0
+    
+    
+      6
+      12
+      1
+      0
+      0
+      0
+      0
+      RTE\Device\STM32F207IG\system_stm32f2xx.c
+      system_stm32f2xx.c
+      1
+      0
+    
+    
+      6
+      13
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\DMA_STM32F2xx.c
+      DMA_STM32F2xx.c
+      1
+      0
+    
+    
+      6
+      14
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\GPIO_STM32F2xx.c
+      GPIO_STM32F2xx.c
+      1
+      0
+    
+  
+
+  
+    ::Drivers
+    0
+    0
+    0
+    1
+    
+      7
+      15
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\EMAC_STM32F2xx.c
+      EMAC_STM32F2xx.c
+      1
+      0
+    
+    
+      7
+      16
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\MCI_STM32F2xx.c
+      MCI_STM32F2xx.c
+      1
+      0
+    
+    
+      7
+      17
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.6\Network\Driver\PHY_ST802RT1.c
+      PHY_ST802RT1.c
+      1
+      0
+    
+  
+
+  
+    ::File System
+    0
+    0
+    0
+    1
+    
+      8
+      18
+      1
+      0
+      0
+      0
+      0
+      RTE\File_System\FS_Config.c
+      FS_Config.c
+      1
+      0
+    
+    
+      8
+      19
+      5
+      0
+      0
+      0
+      0
+      RTE\File_System\FS_Config_MC_0.h
+      FS_Config_MC_0.h
+      1
+      0
+    
+    
+      8
+      20
+      4
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.6\FileSystem\Lib\ARM\FS_LFN_CM3_L.lib
+      FS_LFN_CM3_L.lib
+      1
+      0
+    
+  
+
+  
+    ::Network
+    1
+    0
+    0
+    1
+    
+      9
+      21
+      1
+      0
+      0
+      0
+      0
+      RTE\Network\Net_Config.c
+      Net_Config.c
+      1
+      0
+    
+    
+      9
+      22
+      5
+      0
+      0
+      0
+      0
+      RTE\Network\Net_Config_BSD.h
+      Net_Config_BSD.h
+      1
+      0
+    
+    
+      9
+      23
+      5
+      0
+      0
+      0
+      0
+      RTE\Network\Net_Config_DNS_Client.h
+      Net_Config_DNS_Client.h
+      1
+      0
+    
+    
+      9
+      24
+      5
+      0
+      0
+      0
+      0
+      RTE\Network\Net_Config_ETH_0.h
+      Net_Config_ETH_0.h
+      1
+      0
+    
+    
+      9
+      25
+      5
+      0
+      0
+      0
+      0
+      RTE\Network\Net_Config_TCP.h
+      Net_Config_TCP.h
+      1
+      0
+    
+    
+      9
+      26
+      5
+      0
+      0
+      0
+      0
+      RTE\Network\Net_Config_UDP.h
+      Net_Config_UDP.h
+      1
+      0
+    
+    
+      9
+      27
+      1
+      1
+      0
+      0
+      0
+      RTE\Network\Net_Debug.c
+      Net_Debug.c
+      1
+      0
+    
+    
+      9
+      28
+      4
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.6\Network\Lib\ARM\Net_Dbg_CM3_L.lib
+      Net_Dbg_CM3_L.lib
+      1
+      0
+    
+  
+
+  
+    ::wolfSSL
+    0
+    0
+    0
+    1
+    
+      10
+      29
+      5
+      0
+      0
+      0
+      0
+      RTE\wolfSSL\config-Crypt.h
+      config-Crypt.h
+      1
+      0
+    
+    
+      10
+      30
+      5
+      0
+      0
+      0
+      0
+      RTE\wolfSSL\config-CyaSSL.h
+      config-CyaSSL.h
+      1
+      0
+    
+    
+      10
+      31
+      5
+      0
+      0
+      0
+      0
+      RTE\wolfSSL\settings.h
+      settings.h
+      1
+      0
+    
+    
+      10
+      32
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\IDE\MDK5-ARM\Src\cyassl_MDK_ARM.c
+      cyassl_MDK_ARM.c
+      1
+      0
+    
+    
+      10
+      33
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\aes.c
+      aes.c
+      1
+      0
+    
+    
+      10
+      34
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\arc4.c
+      arc4.c
+      1
+      0
+    
+    
+      10
+      35
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\asm.c
+      asm.c
+      1
+      0
+    
+    
+      10
+      36
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\asn.c
+      asn.c
+      1
+      0
+    
+    
+      10
+      37
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\blake2b.c
+      blake2b.c
+      1
+      0
+    
+    
+      10
+      38
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\camellia.c
+      camellia.c
+      1
+      0
+    
+    
+      10
+      39
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\coding.c
+      coding.c
+      1
+      0
+    
+    
+      10
+      40
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\compress.c
+      compress.c
+      1
+      0
+    
+    
+      10
+      41
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\des3.c
+      des3.c
+      1
+      0
+    
+    
+      10
+      42
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\dh.c
+      dh.c
+      1
+      0
+    
+    
+      10
+      43
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\dsa.c
+      dsa.c
+      1
+      0
+    
+    
+      10
+      44
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\ecc.c
+      ecc.c
+      1
+      0
+    
+    
+      10
+      45
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\ecc_fp.c
+      ecc_fp.c
+      1
+      0
+    
+    
+      10
+      46
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\error.c
+      error.c
+      1
+      0
+    
+    
+      10
+      47
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\hc128.c
+      hc128.c
+      1
+      0
+    
+    
+      10
+      48
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\hmac.c
+      hmac.c
+      1
+      0
+    
+    
+      10
+      49
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\integer.c
+      integer.c
+      1
+      0
+    
+    
+      10
+      50
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\logging.c
+      logging.c
+      1
+      0
+    
+    
+      10
+      51
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\md2.c
+      md2.c
+      1
+      0
+    
+    
+      10
+      52
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\md4.c
+      md4.c
+      1
+      0
+    
+    
+      10
+      53
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\md5.c
+      md5.c
+      1
+      0
+    
+    
+      10
+      54
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\memory.c
+      memory.c
+      1
+      0
+    
+    
+      10
+      55
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\misc.c
+      misc.c
+      1
+      0
+    
+    
+      10
+      56
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\pwdbased.c
+      pwdbased.c
+      1
+      0
+    
+    
+      10
+      57
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\rabbit.c
+      rabbit.c
+      1
+      0
+    
+    
+      10
+      58
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\random.c
+      random.c
+      1
+      0
+    
+    
+      10
+      59
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\ripemd.c
+      ripemd.c
+      1
+      0
+    
+    
+      10
+      60
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\rsa.c
+      rsa.c
+      1
+      0
+    
+    
+      10
+      61
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\sha.c
+      sha.c
+      1
+      0
+    
+    
+      10
+      62
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\sha256.c
+      sha256.c
+      1
+      0
+    
+    
+      10
+      63
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\sha512.c
+      sha512.c
+      1
+      0
+    
+    
+      10
+      64
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\tfm.c
+      tfm.c
+      1
+      0
+    
+    
+      10
+      65
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\wc_port.c
+      wc_port.c
+      1
+      0
+    
+    
+      10
+      66
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\src\crl.c
+      crl.c
+      1
+      0
+    
+    
+      10
+      67
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\src\internal.c
+      internal.c
+      1
+      0
+    
+    
+      10
+      68
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\src\io.c
+      io.c
+      1
+      0
+    
+    
+      10
+      69
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\src\keys.c
+      keys.c
+      1
+      0
+    
+    
+      10
+      70
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\src\ocsp.c
+      ocsp.c
+      1
+      0
+    
+    
+      10
+      71
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\src\sniffer.c
+      sniffer.c
+      1
+      0
+    
+    
+      10
+      72
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\src\ssl.c
+      ssl.c
+      1
+      0
+    
+    
+      10
+      73
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\src\tls.c
+      tls.c
+      1
+      0
+    
+  
+
+
diff --git a/3P/wolfssl/IDE/MDK5-ARM/Projects/EchoClient/EchoClient.uvprojx b/3P/wolfssl/IDE/MDK5-ARM/Projects/EchoClient/EchoClient.uvprojx
new file mode 100644
index 00000000..4ea46551
--- /dev/null
+++ b/3P/wolfssl/IDE/MDK5-ARM/Projects/EchoClient/EchoClient.uvprojx
@@ -0,0 +1,1152 @@
+
+
+
+  2.1
+
+  
### uVision Project, (C) Keil Software

+
+  
+    
+      EchoClient
+      0x4
+      ARM-ADS
+      
+        
+          STM32F207IG
+          STMicroelectronics
+          IRAM(0x20000000,0x20000) IROM(0x08000000,0x100000) CPUTYPE("Cortex-M3") CLOCK(120000000) ELITTLE
+          
+          
+          UL2CM3(-S0 -C0 -P0 -FD20000000 -FC1000 -FN1 -FF0STM32F2xx_1024 -FS08000000 -FL0100000 -FP0($$Device:STM32F207IG$Flash\STM32F2xx_1024.flm))
+          0
+          $$Device:STM32F207IG$Device\Include\stm32f2xx.h
+          
+          
+          
+          
+          
+          
+          
+          
+          
+          $$Device:STM32F207IG$SVD\STM32F20x.svd
+          0
+          0
+          
+          
+          
+          
+          
+          
+            0
+            0
+            0
+            0
+            1
+          
+          .\Object\
+          EchoClient
+          1
+          0
+          0
+          1
+          1
+          .\Object\
+          1
+          0
+          0
+          
+            0
+            0
+            
+            
+            0
+            0
+            0
+            0
+          
+          
+            0
+            0
+            
+            
+            0
+            0
+            0
+            0
+          
+          
+            0
+            0
+            
+            
+            0
+            0
+          
+          0
+          
+        
+        
+          0
+          0
+          0
+          0
+          0
+          1
+          0
+          0
+          0
+          0
+          3
+          
+          
+          1
+        
+        
+          SARMCM3.DLL
+          -REMAP -MPU
+          DCM.DLL
+          -pCM3
+          SARMCM3.DLL
+          -REMAP -MPU
+          TCM.DLL
+          -pCM3
+        
+        
+          
+            1
+            0
+            0
+            0
+            16
+          
+          
+            0
+            1
+            1
+            1
+            1
+            1
+            1
+            1
+            0
+            1
+          
+          
+            1
+            1
+            1
+            1
+            1
+            1
+            0
+            1
+            1
+            1
+            1
+          
+          0
+          8
+          
+            
+            
+            
+            
+            
+          
+          
+            
+            
+            
+            
+            .\STM32_SWO.ini
+            BIN\ULP2CM3.DLL
+          
+        
+        
+          
+            1
+            0
+            0
+            1
+            1
+            4100
+          
+          1
+          BIN\ULP2CM3.DLL
+          "" ()
+          
+          
+          
+          
+          0
+        
+        
+          
+            0
+            1
+            1
+            1
+            1
+            1
+            1
+            1
+            0
+            1
+            1
+            0
+            1
+            1
+            0
+            0
+            1
+            1
+            1
+            1
+            1
+            1
+            1
+            1
+            1
+            0
+            0
+            "Cortex-M3"
+            
+            1
+            0
+            0
+            1
+            1
+            0
+            0
+            0
+            0
+            0
+            8
+            0
+            0
+            0
+            3
+            3
+            0
+            0
+            0
+            0
+            0
+            0
+            0
+            0
+            0
+            0
+            1
+            0
+            0
+            0
+            0
+            1
+            0
+            
+              
+                0
+                0x0
+                0x0
+              
+              
+                0
+                0x0
+                0x0
+              
+              
+                0
+                0x0
+                0x0
+              
+              
+                0
+                0x0
+                0x0
+              
+              
+                0
+                0x0
+                0x0
+              
+              
+                0
+                0x0
+                0x0
+              
+              
+                0
+                0x20000000
+                0x20000
+              
+              
+                1
+                0x8000000
+                0x100000
+              
+              
+                0
+                0x0
+                0x0
+              
+              
+                1
+                0x0
+                0x0
+              
+              
+                1
+                0x0
+                0x0
+              
+              
+                1
+                0x0
+                0x0
+              
+              
+                1
+                0x8000000
+                0x100000
+              
+              
+                1
+                0x0
+                0x0
+              
+              
+                0
+                0x0
+                0x0
+              
+              
+                0
+                0x0
+                0x0
+              
+              
+                0
+                0x0
+                0x0
+              
+              
+                0
+                0x20000000
+                0x20000
+              
+              
+                0
+                0x0
+                0x0
+              
+            
+            
+          
+          
+            1
+            4
+            0
+            0
+            0
+            0
+            0
+            0
+            0
+            0
+            0
+            0
+            0
+            0
+            0
+            
+              
+              HAVE_CONFIG_H  MDK_CONF_EchoClient
+              
+              
+            
+          
+          
+            1
+            0
+            0
+            0
+            0
+            0
+            0
+            0
+            0
+            
+              
+              
+              
+              
+            
+          
+          
+            1
+            0
+            0
+            0
+            1
+            0
+            0x08000000
+            0x20000000
+            
+            
+            
+            
+            
+            
+            
+          
+        
+      
+      
+        
+          Source
+          
+            
+              main.c
+              1
+              .\main.c
+            
+            
+              echoclient.c
+              1
+              .\echoclient.c
+            
+          
+        
+        
+          Configuration
+          
+            
+              config-CyaSSL.h
+              5
+              .\RTE\wolfSSL\config-CyaSSL.h
+            
+            
+              config-Crypt.h
+              5
+              .\RTE\wolfSSL\config-Crypt.h
+            
+            
+              Net_Config_ETH_0.h
+              5
+              .\RTE\Network\Net_Config_ETH_0.h
+            
+          
+        
+        
+          Dcumentation
+          
+            
+              Abstract.txt
+              5
+              .\Abstract.txt
+            
+          
+        
+        
+          Devices
+          
+            
+              time-dummy.c
+              1
+              .\time-dummy.c
+            
+          
+        
+        
+          ::CMSIS
+          
+            
+              RTX_Conf_CM.c
+              1
+              RTE\CMSIS\RTX_Conf_CM.c
+            
+            
+              RTX_CM3.lib
+              4
+              C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.4\CMSIS_RTX\Lib\ARM\RTX_CM3.lib
+            
+          
+        
+        
+          ::Device
+          
+            
+              RTE_Device.h
+              5
+              RTE\Device\STM32F207IG\RTE_Device.h
+            
+            
+              startup_stm32f2xx.s
+              2
+              RTE\Device\STM32F207IG\startup_stm32f2xx.s
+            
+            
+              system_stm32f2xx.c
+              1
+              RTE\Device\STM32F207IG\system_stm32f2xx.c
+            
+            
+              DMA_STM32F2xx.c
+              1
+              C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\DMA_STM32F2xx.c
+            
+            
+              GPIO_STM32F2xx.c
+              1
+              C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\GPIO_STM32F2xx.c
+            
+          
+        
+        
+          ::Drivers
+          
+            
+              EMAC_STM32F2xx.c
+              1
+              C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\EMAC_STM32F2xx.c
+            
+            
+              MCI_STM32F2xx.c
+              1
+              C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\MCI_STM32F2xx.c
+            
+            
+              PHY_ST802RT1.c
+              1
+              C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.6\Network\Driver\PHY_ST802RT1.c
+            
+          
+        
+        
+          ::File System
+          
+            
+              FS_Config.c
+              1
+              RTE\File_System\FS_Config.c
+            
+            
+              FS_Config_MC_0.h
+              5
+              RTE\File_System\FS_Config_MC_0.h
+            
+            
+              FS_LFN_CM3_L.lib
+              4
+              C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.6\FileSystem\Lib\ARM\FS_LFN_CM3_L.lib
+            
+          
+        
+        
+          ::Network
+          
+            
+              Net_Config.c
+              1
+              RTE\Network\Net_Config.c
+            
+            
+              Net_Config_BSD.h
+              5
+              RTE\Network\Net_Config_BSD.h
+            
+            
+              Net_Config_DNS_Client.h
+              5
+              RTE\Network\Net_Config_DNS_Client.h
+            
+            
+              Net_Config_ETH_0.h
+              5
+              RTE\Network\Net_Config_ETH_0.h
+            
+            
+              Net_Config_TCP.h
+              5
+              RTE\Network\Net_Config_TCP.h
+            
+            
+              Net_Config_UDP.h
+              5
+              RTE\Network\Net_Config_UDP.h
+            
+            
+              Net_Debug.c
+              1
+              RTE\Network\Net_Debug.c
+            
+            
+              Net_Dbg_CM3_L.lib
+              4
+              C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.6\Network\Lib\ARM\Net_Dbg_CM3_L.lib
+            
+          
+        
+        
+          ::wolfSSL
+          
+            
+              config-Crypt.h
+              5
+              RTE\wolfSSL\config-Crypt.h
+            
+            
+              config-CyaSSL.h
+              5
+              RTE\wolfSSL\config-CyaSSL.h
+            
+            
+              settings.h
+              5
+              RTE\wolfSSL\settings.h
+            
+            
+              cyassl_MDK_ARM.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\IDE\MDK5-ARM\Src\cyassl_MDK_ARM.c
+            
+            
+              aes.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\aes.c
+            
+            
+              arc4.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\arc4.c
+            
+            
+              asm.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\asm.c
+            
+            
+              asn.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\asn.c
+            
+            
+              blake2b.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\blake2b.c
+            
+            
+              camellia.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\camellia.c
+            
+            
+              coding.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\coding.c
+            
+            
+              compress.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\compress.c
+            
+            
+              des3.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\des3.c
+            
+            
+              dh.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\dh.c
+            
+            
+              dsa.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\dsa.c
+            
+            
+              ecc.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\ecc.c
+            
+            
+              ecc_fp.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\ecc_fp.c
+            
+            
+              error.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\error.c
+            
+            
+              hc128.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\hc128.c
+            
+            
+              hmac.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\hmac.c
+            
+            
+              integer.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\integer.c
+            
+            
+              logging.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\logging.c
+            
+            
+              md2.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\md2.c
+            
+            
+              md4.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\md4.c
+            
+            
+              md5.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\md5.c
+            
+            
+              memory.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\memory.c
+            
+            
+              misc.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\misc.c
+            
+            
+              pwdbased.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\pwdbased.c
+            
+            
+              rabbit.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\rabbit.c
+            
+            
+              random.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\random.c
+            
+            
+              ripemd.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\ripemd.c
+            
+            
+              rsa.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\rsa.c
+            
+            
+              sha.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\sha.c
+            
+            
+              sha256.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\sha256.c
+            
+            
+              sha512.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\sha512.c
+            
+            
+              tfm.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\tfm.c
+            
+            
+              wc_port.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\wc_port.c
+            
+            
+              crl.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\src\crl.c
+            
+            
+              internal.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\src\internal.c
+            
+            
+              io.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\src\io.c
+            
+            
+              keys.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\src\keys.c
+            
+            
+              ocsp.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\src\ocsp.c
+            
+            
+              sniffer.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\src\sniffer.c
+            
+            
+              ssl.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\src\ssl.c
+            
+            
+              tls.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\src\tls.c
+            
+          
+        
+      
+    
+  
+
+  
+    
+      
+        
+          
+        
+      
+      
+        
+          
+        
+      
+      
+        
+          
+        
+      
+      
+        
+          
+        
+      
+      
+        
+          
+        
+      
+    
+    
+      
+        
+        
+          
+        
+      
+      
+        
+        
+          
+        
+      
+      
+        
+        
+          
+        
+      
+      
+        
+        
+          
+        
+      
+    
+    
+      
+        
+        
+          
+        
+      
+      
+        
+        
+          
+        
+      
+      
+        
+        
+          
+        
+      
+      
+        
+        
+          
+        
+      
+      
+        
+        
+          
+        
+      
+      
+        
+        
+          
+        
+      
+      
+        
+        
+          
+        
+      
+      
+        
+        
+          
+        
+      
+      
+        
+        
+          
+        
+      
+      
+        
+        
+          
+        
+      
+      
+        
+        
+          
+        
+      
+      
+        
+        
+          
+        
+      
+      
+        
+        
+          
+        
+      
+      
+        
+        
+          
+        
+      
+      
+        
+        
+          
+        
+      
+      
+        
+        
+          
+        
+      
+      
+        
+        
+          
+        
+      
+      
+        
+        
+          
+        
+      
+    
+    
+      
+        RTE\CMSIS\RTX_Conf_CM.c
+        
+        
+        
+          
+        
+      
+      
+        RTE\Device\STM32F207IG\RTE_Device.h
+        
+        
+        
+          
+        
+      
+      
+        RTE\Device\STM32F207IG\startup_stm32f2xx.s
+        
+        
+        
+          
+        
+      
+      
+        RTE\Device\STM32F207IG\system_stm32f2xx.c
+        
+        
+        
+          
+        
+      
+      
+        RTE\File_System\FS_Config.c
+        
+        
+        
+          
+        
+      
+      
+        RTE\File_System\FS_Config_MC_0.h
+        
+        
+        
+          
+        
+      
+      
+        RTE\Network\Net_Config.c
+        
+        
+        
+          
+        
+      
+      
+        RTE\Network\Net_Config_BSD.h
+        
+        
+        
+          
+        
+      
+      
+        RTE\Network\Net_Config_DNS_Client.h
+        
+        
+        
+          
+        
+      
+      
+        RTE\Network\Net_Config_ETH_0.h
+        
+        
+        
+          
+        
+      
+      
+        RTE\Network\Net_Config_TCP.h
+        
+        
+        
+          
+        
+      
+      
+        RTE\Network\Net_Config_UDP.h
+        
+        
+        
+          
+        
+      
+      
+        RTE\Network\Net_Debug.c
+        
+        
+        
+          
+        
+      
+      
+        RTE\Other\config-Crypt.h
+        
+        
+        
+      
+      
+        RTE\Other\config-CyaSSL.h
+        
+        
+        
+      
+      
+        RTE\Other\config-RTX-TCP-FS.h
+        
+        
+        
+      
+      
+        RTE\Other\config.h
+        
+        
+        
+      
+      
+        RTE\wolfSSL\config-Crypt.h
+        
+        
+        
+          
+        
+      
+      
+        RTE\wolfSSL\config-CyaSSL.h
+        
+        
+        
+          
+        
+      
+      
+        RTE\wolfSSL\config.h
+        
+        
+        
+      
+      
+        RTE\wolfSSL\settings.h
+        
+        
+        
+          
+        
+      
+    
+  
+
+
diff --git a/3P/wolfssl/IDE/MDK5-ARM/Projects/EchoClient/RTE/wolfSSL/settings.h b/3P/wolfssl/IDE/MDK5-ARM/Projects/EchoClient/RTE/wolfSSL/settings.h
new file mode 100644
index 00000000..5cfe60df
--- /dev/null
+++ b/3P/wolfssl/IDE/MDK5-ARM/Projects/EchoClient/RTE/wolfSSL/settings.h
@@ -0,0 +1,627 @@
+/* settings.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+/* Place OS specific preprocessor flags, defines, includes here, will be
+   included into every file because types.h includes it */
+
+
+#ifndef CTAO_CRYPT_SETTINGS_H
+#define CTAO_CRYPT_SETTINGS_H
+
+#ifdef __cplusplus
+    extern "C" {
+#endif
+
+/* Uncomment next line if using IPHONE */
+/* #define IPHONE */
+
+/* Uncomment next line if using ThreadX */
+/* #define THREADX */
+
+/* Uncomment next line if using Micrium ucOS */
+/* #define MICRIUM */
+
+/* Uncomment next line if using Mbed */
+/* #define MBED */
+
+/* Uncomment next line if using Microchip PIC32 ethernet starter kit */
+/* #define MICROCHIP_PIC32 */
+
+/* Uncomment next line if using Microchip TCP/IP stack, version 5 */
+/* #define MICROCHIP_TCPIP_V5 */
+
+/* Uncomment next line if using Microchip TCP/IP stack, version 6 or later */
+/* #define MICROCHIP_TCPIP */
+
+/* Uncomment next line if using FreeRTOS */
+/* #define FREERTOS */
+
+/* Uncomment next line if using FreeRTOS Windows Simulator */
+/* #define FREERTOS_WINSIM */
+
+/* Uncomment next line if using RTIP */
+/* #define EBSNET */
+
+/* Uncomment next line if using lwip */
+/* #define CYASSL_LWIP */
+
+/* Uncomment next line if building CyaSSL for a game console */
+/* #define CYASSL_GAME_BUILD */
+
+/* Uncomment next line if building CyaSSL for LSR */
+/* #define CYASSL_LSR */
+
+/* Uncomment next line if building CyaSSL for Freescale MQX/RTCS/MFS */
+/* #define FREESCALE_MQX */
+
+/* Uncomment next line if using STM32F2 */
+/* #define CYASSL_STM32F2 */
+
+/* Uncomment next line if using Comverge settings */
+/* #define COMVERGE */
+
+/* Uncomment next line if using QL SEP settings */
+/* #define CYASSL_QL */
+
+
+#include 
+
+#ifdef IPHONE
+    #define SIZEOF_LONG_LONG 8
+#endif
+
+
+#ifdef COMVERGE
+    #define THREADX
+    #define HAVE_NETX
+    #define CYASSL_USER_IO
+    #define NO_WRITEV
+    #define NO_DEV_RANDOM
+    #define NO_FILESYSTEM
+    #define NO_SHA512
+    #define NO_DH
+    #define NO_DSA
+    #define NO_HC128
+    #define NO_RSA
+    #define NO_SESSION_CACHE
+    #define HAVE_ECC 
+#endif
+
+
+#ifdef THREADX 
+    #define SIZEOF_LONG_LONG 8
+#endif
+
+#ifdef HAVE_NETX
+    #include "nx_api.h"
+#endif
+
+#ifdef MICROCHIP_PIC32
+    #define SIZEOF_LONG_LONG 8
+    #define SINGLE_THREADED
+    #define CYASSL_USER_IO
+    #define NO_WRITEV
+    #define NO_DEV_RANDOM
+    #define NO_FILESYSTEM
+    #define USE_FAST_MATH
+    #define TFM_TIMING_RESISTANT
+#endif
+
+#ifdef MICROCHIP_TCPIP_V5
+    /* include timer functions */
+    #include "TCPIP Stack/TCPIP.h"
+#endif
+
+#ifdef MICROCHIP_TCPIP
+    /* include timer, NTP functions */
+    #include "system/system_services.h"
+    #ifdef MICROCHIP_MPLAB_HARMONY
+        #include "tcpip/tcpip.h"
+    #else
+        #include "tcpip/sntp.h"
+    #endif
+#endif
+
+#ifdef MBED
+    #define SINGLE_THREADED
+    #define CYASSL_USER_IO
+    #define NO_WRITEV
+    #define NO_DEV_RANDOM
+    #define NO_SHA512
+    #define NO_DH
+    #define NO_DSA
+    #define NO_HC128
+#endif /* MBED */
+
+#ifdef CYASSL_TYTO
+    #include "rand.h"
+    #define FREERTOS
+    #define NO_FILESYSTEM
+    #define CYASSL_USER_IO
+    #define NO_DEV_RANDOM
+    #define HAVE_ECC
+    #define HAVE_ECC_ENCRYPT
+    #define ECC_SHAMIR
+    #define HAVE_HKDF
+    #define USE_FAST_MATH
+    #define TFM_TIMING_RESISTANT
+    #define FP_MAX_BITS 512
+    #define NO_OLD_TLS
+    #define NO_MD4
+    #define NO_RABBIT
+    #define NO_HC128
+    #define NO_RSA
+    #define NO_DSA
+    #define NO_PWDBASED
+    #define NO_PSK
+#endif
+
+#ifdef FREERTOS_WINSIM
+    #define FREERTOS
+    #define USE_WINDOWS_API
+#endif
+
+
+/* Micrium will use Visual Studio for compilation but not the Win32 API */
+#if defined(_WIN32) && !defined(MICRIUM) && !defined(FREERTOS) \
+        && !defined(EBSNET)
+    #define USE_WINDOWS_API
+#endif
+
+
+#if defined(CYASSL_LEANPSK) && !defined(XMALLOC_USER)
+    #include 
+    #define XMALLOC(s, h, type)  malloc((s))
+    #define XFREE(p, h, type)    free((p)) 
+    #define XREALLOC(p, n, h, t) realloc((p), (n))
+#endif
+
+#if defined(XMALLOC_USER) && defined(SSN_BUILDING_LIBYASSL)
+    #undef  XMALLOC
+    #define XMALLOC     yaXMALLOC
+    #undef  XFREE
+    #define XFREE       yaXFREE
+    #undef  XREALLOC
+    #define XREALLOC    yaXREALLOC
+#endif
+
+
+#ifdef FREERTOS
+    #ifndef NO_WRITEV
+        #define NO_WRITEV
+    #endif
+    #ifndef NO_SHA512
+        #define NO_SHA512
+    #endif
+    #ifndef NO_DH
+        #define NO_DH
+    #endif
+    #ifndef NO_DSA
+        #define NO_DSA
+    #endif
+    #ifndef NO_HC128
+        #define NO_HC128
+    #endif
+
+    #ifndef SINGLE_THREADED
+        #include "FreeRTOS.h"
+        #include "semphr.h"
+    #endif
+#endif
+
+#ifdef EBSNET
+    #include "rtip.h"
+
+    /* #define DEBUG_CYASSL */
+    #define NO_CYASSL_DIR  /* tbd */
+
+    #if (POLLOS)
+        #define SINGLE_THREADED
+    #endif
+
+    #if (RTPLATFORM)
+        #if (!RTP_LITTLE_ENDIAN)
+            #define BIG_ENDIAN_ORDER
+        #endif
+    #else
+        #if (!KS_LITTLE_ENDIAN)
+            #define BIG_ENDIAN_ORDER
+        #endif
+    #endif
+
+    #if (WINMSP3)
+        #undef SIZEOF_LONG
+        #define SIZEOF_LONG_LONG 8
+    #else
+        #sslpro: settings.h - please implement SIZEOF_LONG and SIZEOF_LONG_LONG
+    #endif
+
+    #define XMALLOC(s, h, type) ((void *)rtp_malloc((s), SSL_PRO_MALLOC))
+    #define XFREE(p, h, type) (rtp_free(p))
+    #define XREALLOC(p, n, h, t) realloc((p), (n))
+
+#endif /* EBSNET */
+
+#ifdef CYASSL_GAME_BUILD
+    #define SIZEOF_LONG_LONG 8
+    #if defined(__PPU) || defined(__XENON)
+        #define BIG_ENDIAN_ORDER
+    #endif
+#endif
+
+#ifdef CYASSL_LSR
+    #define HAVE_WEBSERVER
+    #define SIZEOF_LONG_LONG 8
+    #define CYASSL_LOW_MEMORY
+    #define NO_WRITEV
+    #define NO_SHA512
+    #define NO_DH
+    #define NO_DSA
+    #define NO_HC128
+    #define NO_DEV_RANDOM
+    #define NO_CYASSL_DIR
+    #define NO_RABBIT
+    #ifndef NO_FILESYSTEM
+        #define LSR_FS
+        #include "inc/hw_types.h"
+        #include "fs.h"
+    #endif
+    #define CYASSL_LWIP
+    #include   /* for tcp errno */
+    #define CYASSL_SAFERTOS
+    #if defined(__IAR_SYSTEMS_ICC__)
+        /* enum uses enum */
+        #pragma diag_suppress=Pa089
+    #endif
+#endif
+
+#ifdef CYASSL_SAFERTOS
+    #ifndef SINGLE_THREADED
+        #include "SafeRTOS/semphr.h"
+    #endif
+
+    #include "SafeRTOS/heap.h"
+    #define XMALLOC(s, h, type)  pvPortMalloc((s))
+    #define XFREE(p, h, type)    vPortFree((p)) 
+    #define XREALLOC(p, n, h, t) pvPortRealloc((p), (n))
+#endif
+
+#ifdef CYASSL_LOW_MEMORY
+    #undef  RSA_LOW_MEM
+    #define RSA_LOW_MEM
+    #undef  CYASSL_SMALL_STACK
+    #define CYASSL_SMALL_STACK
+    #undef  TFM_TIMING_RESISTANT
+    #define TFM_TIMING_RESISTANT
+#endif
+
+#ifdef FREESCALE_MQX
+    #define SIZEOF_LONG_LONG 8
+    #define NO_WRITEV
+    #define NO_DEV_RANDOM
+    #define NO_RABBIT
+    #define NO_CYASSL_DIR
+    #define USE_FAST_MATH
+    #define TFM_TIMING_RESISTANT
+    #define FREESCALE_K70_RNGA
+    /* #define FREESCALE_K53_RNGB */
+    #include "mqx.h"
+    #ifndef NO_FILESYSTEM
+        #include "mfs.h"
+        #include "fio.h"
+    #endif
+    #ifndef SINGLE_THREADED
+        #include "mutex.h"
+    #endif
+
+    #define XMALLOC(s, h, t)    (void *)_mem_alloc_system((s))
+    #define XFREE(p, h, t)      {void* xp = (p); if ((xp)) _mem_free((xp));}
+    /* Note: MQX has no realloc, using fastmath above */
+#endif
+
+#ifdef CYASSL_STM32F2
+    #define SIZEOF_LONG_LONG 8
+    #define NO_DEV_RANDOM
+    #define NO_CYASSL_DIR
+    #define NO_RABBIT
+    #define STM32F2_RNG
+    #define STM32F2_CRYPTO
+    #define KEIL_INTRINSICS
+#endif
+
+#ifdef MICRIUM
+
+    #include "stdlib.h"
+    #include "net_cfg.h"
+    #include "ssl_cfg.h"
+    #include "net_secure_os.h"
+
+    #define CYASSL_TYPES
+
+    typedef CPU_INT08U byte;
+    typedef CPU_INT16U word16;
+    typedef CPU_INT32U word32;
+
+    #if (NET_SECURE_MGR_CFG_WORD_SIZE == CPU_WORD_SIZE_32)
+        #define SIZEOF_LONG        4
+        #undef  SIZEOF_LONG_LONG
+    #else
+        #undef  SIZEOF_LONG
+        #define SIZEOF_LONG_LONG   8
+    #endif
+
+    #define STRING_USER
+
+    #define XSTRLEN(pstr) ((CPU_SIZE_T)Str_Len((CPU_CHAR *)(pstr)))
+    #define XSTRNCPY(pstr_dest, pstr_src, len_max) \
+                    ((CPU_CHAR *)Str_Copy_N((CPU_CHAR *)(pstr_dest), \
+                     (CPU_CHAR *)(pstr_src), (CPU_SIZE_T)(len_max)))
+    #define XSTRNCMP(pstr_1, pstr_2, len_max) \
+                    ((CPU_INT16S)Str_Cmp_N((CPU_CHAR *)(pstr_1), \
+                     (CPU_CHAR *)(pstr_2), (CPU_SIZE_T)(len_max)))  
+    #define XSTRSTR(pstr, pstr_srch) \
+                    ((CPU_CHAR *)Str_Str((CPU_CHAR *)(pstr), \
+                     (CPU_CHAR *)(pstr_srch)))
+    #define XMEMSET(pmem, data_val, size) \
+                    ((void)Mem_Set((void *)(pmem), (CPU_INT08U) (data_val), \
+                    (CPU_SIZE_T)(size)))
+    #define XMEMCPY(pdest, psrc, size) ((void)Mem_Copy((void *)(pdest), \
+                     (void *)(psrc), (CPU_SIZE_T)(size)))
+    #define XMEMCMP(pmem_1, pmem_2, size) \
+                   (((CPU_BOOLEAN)Mem_Cmp((void *)(pmem_1), (void *)(pmem_2), \
+                     (CPU_SIZE_T)(size))) ? DEF_NO : DEF_YES)
+    #define XMEMMOVE XMEMCPY
+
+#if (NET_SECURE_MGR_CFG_EN == DEF_ENABLED)
+    #define MICRIUM_MALLOC    
+    #define XMALLOC(s, h, type) ((void *)NetSecure_BlkGet((CPU_INT08U)(type), \
+                                 (CPU_SIZE_T)(s), (void *)0))
+    #define XFREE(p, h, type)   (NetSecure_BlkFree((CPU_INT08U)(type), \
+                                 (p), (void *)0))
+    #define XREALLOC(p, n, h, t) realloc((p), (n))
+#endif
+
+    #if (NET_SECURE_MGR_CFG_FS_EN == DEF_ENABLED)
+        #undef  NO_FILESYSTEM
+    #else
+        #define NO_FILESYSTEM
+    #endif
+
+    #if (SSL_CFG_TRACE_LEVEL == CYASSL_TRACE_LEVEL_DBG)
+        #define DEBUG_CYASSL
+    #else
+        #undef  DEBUG_CYASSL
+    #endif
+
+    #if (SSL_CFG_OPENSSL_EN == DEF_ENABLED)
+        #define OPENSSL_EXTRA
+    #else
+        #undef  OPENSSL_EXTRA
+    #endif
+
+    #if (SSL_CFG_MULTI_THREAD_EN == DEF_ENABLED)
+        #undef  SINGLE_THREADED
+    #else
+        #define SINGLE_THREADED
+    #endif
+
+    #if (SSL_CFG_DH_EN == DEF_ENABLED)
+        #undef  NO_DH
+    #else
+        #define NO_DH
+    #endif
+
+    #if (SSL_CFG_DSA_EN == DEF_ENABLED)
+        #undef  NO_DSA
+    #else
+        #define NO_DSA
+    #endif
+
+    #if (SSL_CFG_PSK_EN == DEF_ENABLED)
+        #undef  NO_PSK
+    #else
+        #define NO_PSK
+    #endif
+
+    #if (SSL_CFG_3DES_EN == DEF_ENABLED)
+        #undef  NO_DES
+    #else
+        #define NO_DES
+    #endif
+
+    #if (SSL_CFG_AES_EN == DEF_ENABLED)
+        #undef  NO_AES
+    #else
+        #define NO_AES
+    #endif
+
+    #if (SSL_CFG_RC4_EN == DEF_ENABLED)
+        #undef  NO_RC4
+    #else
+        #define NO_RC4
+    #endif
+
+    #if (SSL_CFG_RABBIT_EN == DEF_ENABLED)
+        #undef  NO_RABBIT
+    #else
+        #define NO_RABBIT
+    #endif
+
+    #if (SSL_CFG_HC128_EN == DEF_ENABLED)
+        #undef  NO_HC128
+    #else
+        #define NO_HC128
+    #endif
+
+    #if (CPU_CFG_ENDIAN_TYPE == CPU_ENDIAN_TYPE_BIG)
+        #define BIG_ENDIAN_ORDER
+    #else
+        #undef  BIG_ENDIAN_ORDER
+        #define LITTLE_ENDIAN_ORDER
+    #endif
+
+    #if (SSL_CFG_MD4_EN == DEF_ENABLED)
+        #undef  NO_MD4
+    #else
+        #define NO_MD4
+    #endif
+
+    #if (SSL_CFG_WRITEV_EN == DEF_ENABLED)
+        #undef  NO_WRITEV
+    #else
+        #define NO_WRITEV
+    #endif
+
+    #if (SSL_CFG_USER_RNG_SEED_EN == DEF_ENABLED)
+        #define NO_DEV_RANDOM   
+    #else
+        #undef  NO_DEV_RANDOM
+    #endif
+
+    #if (SSL_CFG_USER_IO_EN == DEF_ENABLED)
+        #define CYASSL_USER_IO   
+    #else
+        #undef  CYASSL_USER_IO
+    #endif
+
+    #if (SSL_CFG_DYNAMIC_BUFFERS_EN == DEF_ENABLED)
+        #undef  LARGE_STATIC_BUFFERS
+        #undef  STATIC_CHUNKS_ONLY
+    #else
+        #define LARGE_STATIC_BUFFERS
+        #define STATIC_CHUNKS_ONLY
+    #endif
+
+    #if (SSL_CFG_DER_LOAD_EN == DEF_ENABLED)
+        #define  CYASSL_DER_LOAD
+    #else
+        #undef   CYASSL_DER_LOAD
+    #endif
+
+    #if (SSL_CFG_DTLS_EN == DEF_ENABLED)
+        #define  CYASSL_DTLS
+    #else
+        #undef   CYASSL_DTLS
+    #endif
+
+    #if (SSL_CFG_CALLBACKS_EN == DEF_ENABLED)
+         #define CYASSL_CALLBACKS
+    #else
+         #undef  CYASSL_CALLBACKS
+    #endif
+
+    #if (SSL_CFG_FAST_MATH_EN == DEF_ENABLED)
+         #define USE_FAST_MATH
+    #else
+         #undef  USE_FAST_MATH
+    #endif
+
+    #if (SSL_CFG_TFM_TIMING_RESISTANT_EN == DEF_ENABLED)
+         #define TFM_TIMING_RESISTANT
+    #else
+         #undef  TFM_TIMING_RESISTANT
+    #endif
+
+#endif /* MICRIUM */
+
+
+#ifdef CYASSL_QL
+    #ifndef CYASSL_SEP
+        #define CYASSL_SEP
+    #endif
+    #ifndef OPENSSL_EXTRA
+        #define OPENSSL_EXTRA
+    #endif
+    #ifndef SESSION_CERTS
+        #define SESSION_CERTS
+    #endif
+    #ifndef HAVE_AESCCM
+        #define HAVE_AESCCM
+    #endif
+    #ifndef ATOMIC_USER
+        #define ATOMIC_USER
+    #endif
+    #ifndef CYASSL_DER_LOAD
+        #define CYASSL_DER_LOAD
+    #endif
+    #ifndef KEEP_PEER_CERT
+        #define KEEP_PEER_CERT
+    #endif
+    #ifndef HAVE_ECC
+        #define HAVE_ECC
+    #endif
+    #ifndef SESSION_INDEX
+        #define SESSION_INDEX
+    #endif
+#endif /* CYASSL_QL */
+
+
+#if !defined(XMALLOC_USER) && !defined(MICRIUM_MALLOC) && \
+    !defined(CYASSL_LEANPSK) && !defined(NO_CYASSL_MEMORY)
+    #define USE_CYASSL_MEMORY
+#endif
+
+
+#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS)
+    #undef  KEEP_PEER_CERT
+    #define KEEP_PEER_CERT
+#endif
+
+
+/* stream ciphers except arc4 need 32bit alignment, intel ok without */
+#ifndef XSTREAM_ALIGNMENT
+    #if defined(__x86_64__) || defined(__ia64__) || defined(__i386__)
+        #define NO_XSTREAM_ALIGNMENT
+    #else
+        #define XSTREAM_ALIGNMENT
+    #endif
+#endif
+
+
+/* if using hardware crypto and have alignment requirements, specify the
+   requirement here.  The record header of SSL/TLS will prvent easy alignment.
+   This hint tries to help as much as possible.  */
+#ifndef CYASSL_GENERAL_ALIGNMENT
+    #ifdef CYASSL_AESNI
+        #define CYASSL_GENERAL_ALIGNMENT 16
+    #elif defined(XSTREAM_ALIGNMENT)
+        #define CYASSL_GENERAL_ALIGNMENT  4
+    #else 
+        #define CYASSL_GENERAL_ALIGNMENT  0 
+    #endif
+#endif
+
+#ifdef HAVE_CRL
+    /* not widely supported yet */
+    #undef NO_SKID
+    #define NO_SKID
+#endif
+
+/* Place any other flags or defines here */
+
+
+#ifdef __cplusplus
+    }   /* extern "C" */
+#endif
+
+
+#endif /* CTAO_CRYPT_SETTINGS_H */
+
diff --git a/3P/wolfssl/IDE/MDK5-ARM/Projects/EchoClient/config-EchoClient.h b/3P/wolfssl/IDE/MDK5-ARM/Projects/EchoClient/config-EchoClient.h
new file mode 100644
index 00000000..43e39026
--- /dev/null
+++ b/3P/wolfssl/IDE/MDK5-ARM/Projects/EchoClient/config-EchoClient.h
@@ -0,0 +1,34 @@
+/* config-RTX-TCP-FS.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+
+
+// <<< Use Configuration Wizard in Context Menu >>>
+//  Build Target: Simple Client
+//   Callee IP Address
+//    Default: "192.168.1.100"
+#define CYASSL_CALLEE_IP           "192.168.11.3"
+//   Callee Port Number
+//    Default: "11111"
+#define CYASSL_CALLEE_PORT           443
+
+//     
+// <<< end of configuration section >>>
diff --git a/3P/wolfssl/IDE/MDK5-ARM/Projects/EchoClient/echoclient.c b/3P/wolfssl/IDE/MDK5-ARM/Projects/EchoClient/echoclient.c
new file mode 100644
index 00000000..73c46ab1
--- /dev/null
+++ b/3P/wolfssl/IDE/MDK5-ARM/Projects/EchoClient/echoclient.c
@@ -0,0 +1,282 @@
+/* echoclient.c
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+#ifdef HAVE_CONFIG_H
+    #include 
+#endif
+
+#include 
+
+#include 
+
+#if defined(CYASSL_MDK_ARM)
+        #include 
+        #include 
+
+        #if defined(CYASSL_MDK5)
+            #include "cmsis_os.h"
+            #include "rl_fs.h" 
+            #include "rl_net.h" 
+        #else
+            #include "rtl.h"
+        #endif
+
+        #include "cyassl_MDK_ARM.h"
+#endif
+
+#include 
+
+#include "examples/echoclient/echoclient.h"
+
+void echoclient_test(void* args)
+{
+    SOCKET_T sockfd = 0;
+
+    FILE* fin   = stdin  ;
+    FILE* fout = stdout;
+
+    int inCreated  = 0;
+    int outCreated = 0;
+
+    char msg[1024];
+    char reply[1024+1];
+
+    SSL_METHOD* method = 0;
+    SSL_CTX*    ctx    = 0;
+    SSL*        ssl    = 0;
+
+    int doDTLS = 0;
+    int doPSK = 0;
+    int sendSz;
+    int argc    = 0;
+    char** argv = 0;
+    word16 port = yasslPort;
+
+    ((func_args*)args)->return_code = -1; /* error state */
+    
+#ifndef CYASSL_MDK_SHELL
+    argc = ((func_args*)args)->argc;
+    argv = ((func_args*)args)->argv;
+#endif
+
+    if (argc >= 2) {
+        fin  = fopen(argv[1], "r"); 
+        inCreated = 1;
+    }
+    if (argc >= 3) {
+        fout = fopen(argv[2], "w");
+        outCreated = 1;
+    }
+
+    if (!fin)  err_sys("can't open input file");
+    if (!fout) err_sys("can't open output file");
+
+#ifdef CYASSL_DTLS
+    doDTLS  = 1;
+#endif
+
+#ifdef CYASSL_LEANPSK 
+    doPSK = 1;
+#endif
+
+#if defined(NO_RSA) && !defined(HAVE_ECC)
+    doPSK = 1;
+#endif
+
+#if defined(NO_MAIN_DRIVER) && !defined(USE_WINDOWS_API) && !defined(CYASSL_MDK_SHELL)
+    port = ((func_args*)args)->signal->port;
+#endif
+
+#if defined(CYASSL_DTLS)
+    method  = DTLSv1_client_method();
+#elif  !defined(NO_TLS)
+    method = CyaSSLv23_client_method();
+#else
+    method = SSLv3_client_method();
+#endif
+    ctx    = SSL_CTX_new(method);
+
+#ifndef NO_FILESYSTEM
+    #ifndef NO_RSA
+    if (SSL_CTX_load_verify_locations(ctx, caCert, 0) != SSL_SUCCESS)
+        err_sys("can't load ca file, Please run from CyaSSL home dir");
+    #endif
+    #ifdef HAVE_ECC
+        if (SSL_CTX_load_verify_locations(ctx, eccCert, 0) != SSL_SUCCESS)
+            err_sys("can't load ca file, Please run from CyaSSL home dir");
+    #endif
+#elif !defined(NO_CERTS)
+    if (!doPSK)
+        load_buffer(ctx, caCert, CYASSL_CA);
+#endif
+
+#if defined(CYASSL_SNIFFER) && !defined(HAVE_NTRU) && !defined(HAVE_ECC)
+    /* don't use EDH, can't sniff tmp keys */
+    SSL_CTX_set_cipher_list(ctx, "AES256-SHA");
+#endif
+    if (doPSK) {
+#ifndef NO_PSK
+        const char *defaultCipherList;
+
+        CyaSSL_CTX_set_psk_client_callback(ctx, my_psk_client_cb);
+        #ifdef HAVE_NULL_CIPHER
+            defaultCipherList = "PSK-NULL-SHA256";
+        #else
+            defaultCipherList = "PSK-AES128-CBC-SHA256";
+        #endif
+        if (CyaSSL_CTX_set_cipher_list(ctx,defaultCipherList) !=SSL_SUCCESS)
+            err_sys("client can't set cipher list 2");
+#endif
+    }
+
+#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER)
+    SSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack);
+#endif
+
+    #if defined(CYASSL_MDK_ARM)
+    CyaSSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, 0);
+    #endif
+
+    ssl = SSL_new(ctx);
+        
+
+    if (doDTLS) {
+        SOCKADDR_IN_T addr;
+        build_addr(&addr, yasslIP, port, 1);
+        CyaSSL_dtls_set_peer(ssl, &addr, sizeof(addr));
+        tcp_socket(&sockfd, 1);
+    }
+    else {
+        tcp_connect(&sockfd, yasslIP, port, 0);
+    }
+        
+    SSL_set_fd(ssl, sockfd);
+#if defined(USE_WINDOWS_API) && defined(CYASSL_DTLS) && defined(NO_MAIN_DRIVER)
+    /* let echoserver bind first, TODO: add Windows signal like pthreads does */
+    Sleep(100);
+#endif
+
+    if (SSL_connect(ssl) != SSL_SUCCESS) err_sys("SSL_connect failed");
+
+    while (fgets(msg, sizeof(msg), fin) != 0) {
+     
+        sendSz = (int)strlen(msg);
+
+        if (SSL_write(ssl, msg, sendSz) != sendSz)
+            err_sys("SSL_write failed");
+
+        if (strncmp(msg, "quit", 4) == 0) {
+            fputs("sending server shutdown command: quit!\n", fout);
+            break;
+        }
+
+        if (strncmp(msg, "break", 5) == 0) {
+            fputs("sending server session close: break!\n", fout);
+            break;
+        }
+
+        #ifndef CYASSL_MDK_SHELL
+        while (sendSz) {
+            int got;
+            if ( (got = SSL_read(ssl, reply, sizeof(reply)-1)) > 0) {
+                reply[got] = 0;
+                fputs(reply, fout);
+                fflush(fout) ;
+                sendSz -= got;
+            }
+            else
+                break;
+        }
+        #else
+        {
+            int got;
+            if ( (got = SSL_read(ssl, reply, sizeof(reply)-1)) > 0) {
+                reply[got] = 0;
+                fputs(reply, fout);
+                fflush(fout) ;
+                sendSz -= got;
+            }
+        }
+        #endif
+    }
+
+
+#ifdef CYASSL_DTLS
+    strncpy(msg, "break", 6);
+    sendSz = (int)strlen(msg);
+    /* try to tell server done */
+    SSL_write(ssl, msg, sendSz);
+#else
+    SSL_shutdown(ssl);
+#endif
+
+    SSL_free(ssl);
+    SSL_CTX_free(ctx);
+
+    fflush(fout);
+    if (inCreated)  fclose(fin);
+    if (outCreated) fclose(fout);
+
+    CloseSocket(sockfd);
+    ((func_args*)args)->return_code = 0; 
+}
+
+
+/* so overall tests can pull in test function */
+#ifndef NO_MAIN_DRIVER
+
+    int main(int argc, char** argv)
+    {
+        func_args args;
+
+#ifdef HAVE_CAVIUM
+        int ret = OpenNitroxDevice(CAVIUM_DIRECT, CAVIUM_DEV_ID);
+        if (ret != 0)
+            err_sys("Cavium OpenNitroxDevice failed");
+#endif /* HAVE_CAVIUM */
+
+        StartTCP();
+
+        args.argc = argc;
+        args.argv = argv;
+
+        CyaSSL_Init();
+#if defined(DEBUG_CYASSL) && !defined(CYASSL_MDK_SHELL)
+        CyaSSL_Debugging_ON();
+#endif
+
+        if (CurrentDir("echoclient"))
+            ChangeDirBack(2);
+        else if (CurrentDir("Debug") || CurrentDir("Release"))
+            ChangeDirBack(3);
+        echoclient_test(&args);
+
+        CyaSSL_Cleanup();
+
+#ifdef HAVE_CAVIUM
+        CspShutdown(CAVIUM_DEV_ID);
+#endif
+        return args.return_code;
+    }
+        
+#endif /* NO_MAIN_DRIVER */
+
+
diff --git a/3P/wolfssl/IDE/MDK5-ARM/Projects/EchoClient/main.c b/3P/wolfssl/IDE/MDK5-ARM/Projects/EchoClient/main.c
new file mode 100644
index 00000000..f2f7da98
--- /dev/null
+++ b/3P/wolfssl/IDE/MDK5-ARM/Projects/EchoClient/main.c
@@ -0,0 +1,101 @@
+/* main.c
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+ 
+#ifdef HAVE_CONFIG_H
+    #include 
+#endif
+
+#include 
+#include 
+
+#include "cmsis_os.h"
+#include "rl_fs.h" 
+#include "rl_net.h" 
+#include 
+#include "cyassl_MDK_ARM.h"
+#include 
+
+/*-----------------------------------------------------------------------------
+ *        Initialize a Flash Memory Card
+ *----------------------------------------------------------------------------*/
+static void init_filesystem (void) {
+  int32_t retv;
+
+  retv = finit ("M0:");
+  if (retv == 0) {
+    retv = fmount ("M0:");
+    if (retv == 0) {
+      printf ("Drive M0 ready!\n");
+    }
+    else {
+      printf ("Drive M0 mount failed!\n");
+    }
+  }
+  else {
+    printf ("Drive M0 initialization failed!\n");
+  }
+}
+
+/*-----------------------------------------------------------------------------
+ *        TCP/IP tasks
+ *----------------------------------------------------------------------------*/
+void tcp_poll (void const *arg)
+{
+    CYASSL_MSG("TCP polling started.\n") ;
+    while (1) {
+        net_main ();
+        osDelay(1) ;
+    }
+}
+
+typedef struct func_args {
+    int    argc;
+    char** argv;
+} func_args;
+
+extern void echoclient_test(func_args * args) ;
+extern void init_time(void) ;
+
+    osThreadDef (tcp_poll, osPriorityHigh , 1, 0) ;
+/*-----------------------------------------------------------------------------
+ *       mian entry 
+ *----------------------------------------------------------------------------*/
+int myoptind = 0;
+char* myoptarg = NULL;
+
+#include "config-EchoClient.h"
+
+int main() 
+{
+	  func_args args = { 0 } ;
+		
+    init_filesystem ();
+    net_initialize() ;
+    osThreadCreate (osThread (tcp_poll), NULL); 
+    osDelay(30000) ;  /* wait for DHCP */
+    #if defined(DEBUG_CYASSL)
+         printf("Turning ON Debug message\n") ;
+         CyaSSL_Debugging_ON() ;
+    #endif
+
+    echoclient_test(&args) ;
+
+}
diff --git a/3P/wolfssl/IDE/MDK5-ARM/Projects/EchoClient/time-dummy.c b/3P/wolfssl/IDE/MDK5-ARM/Projects/EchoClient/time-dummy.c
new file mode 100644
index 00000000..8f98da46
--- /dev/null
+++ b/3P/wolfssl/IDE/MDK5-ARM/Projects/EchoClient/time-dummy.c
@@ -0,0 +1,34 @@
+/* time-dummy.c.c
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+ 
+#ifdef HAVE_CONFIG_H
+    #include 
+#endif
+
+#include "time.h"
+
+struct tm *Cyassl_MDK_gmtime(const time_t *c) 
+{ 
+    static struct tm date ; 
+    return(&date) ;
+}
+
+time_t time(time_t * t) { return 0 ; }
diff --git a/3P/wolfssl/IDE/MDK5-ARM/Projects/EchoServer/Abstract.txt b/3P/wolfssl/IDE/MDK5-ARM/Projects/EchoServer/Abstract.txt
new file mode 100644
index 00000000..491c6102
--- /dev/null
+++ b/3P/wolfssl/IDE/MDK5-ARM/Projects/EchoServer/Abstract.txt
@@ -0,0 +1,24 @@
+This program is echo server with CyaSSL/wolfCrypt library.
+
+In order to run this program, 
+Copy {PACK}\wolfSSL\CyaSSL\{version}\cyassl\certs folder and files to the SD memory.
+Set the server IP address in Net_Config_ETH_0.h
+The server default port is 11111, defined in test.h.
+
+For further configuration, refer config-Crypt.h and config-CyaSSL.h.
+
+When testing this server, it is recommended to test against one of the standard 
+CyaSSL example applications running on a desktop machine.  The standard CyaSSL 
+example applications are located in the CyaSSL root directory under the 
+/examples directory.
+
+For the hardware crypt on config-Crypt.h, download 
+STSW-STM32062: STM32F2xx standard peripherals library at 
+http://www.st.com/. Copy Libraries\STM32F2xx_StdPeriph_Driver\{inc,src} to 
+ {PACK}\cyassl\IDE\MDK5-ARM\STM32F2xx_StdPeriph_Lib
+
+
+Support
+-------
+Please send questions or comments to support@wolfssl.com
+ 
\ No newline at end of file
diff --git a/3P/wolfssl/IDE/MDK5-ARM/Projects/EchoServer/EchoServer.uvoptx b/3P/wolfssl/IDE/MDK5-ARM/Projects/EchoServer/EchoServer.uvoptx
new file mode 100644
index 00000000..ae9dc935
--- /dev/null
+++ b/3P/wolfssl/IDE/MDK5-ARM/Projects/EchoServer/EchoServer.uvoptx
@@ -0,0 +1,1270 @@
+
+
+
+  1.0
+
+  
### uVision Project, (C) Keil Software

+
+  
+    *.c
+    *.s*; *.src; *.a*
+    *.obj
+    *.lib
+    *.txt; *.h; *.inc
+    *.plm
+    *.cpp
+  
+
+  
+    0
+    0
+  
+
+  
+    EchoServer
+    0x4
+    ARM-ADS
+    
+      120000000
+      
+        1
+        1
+        0
+        1
+      
+      
+        1
+        65535
+        0
+        0
+        0
+      
+      
+        79
+        66
+        8
+        .\Object\
+      
+      
+        1
+        1
+        1
+        0
+        1
+        1
+        0
+        1
+        0
+        0
+        0
+        0
+      
+      
+        1
+        1
+        1
+        1
+        1
+        1
+        1
+        0
+        0
+      
+      
+        1
+        0
+        1
+      
+      255
+      
+        
+          0
+          Schematics (MCBSTM32F200)
+          C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\Documents\mcbstm32f200-schematics.pdf
+        
+        
+          1
+          User Manual (MCBSTM32F200)
+          C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\Documents\mcbstm32f200.chm
+        
+        
+          2
+          MCBSTM32F200 Evaluation Board Web Page (MCBSTM32F200)
+          http://www.keil.com/mcbstm32f200/
+        
+      
+      
+        0
+        1
+        1
+        1
+        1
+        1
+        1
+        1
+        1
+        1
+        1
+        1
+        1
+        1
+        0
+        1
+        1
+        1
+        1
+        1
+        0
+        0
+        8
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        .\STM32_SWO.ini
+        BIN\ULP2CM3.DLL
+      
+      
+        
+          0
+          DLGTARM
+          (1010=-1,-1,-1,-1,0)(1007=-1,-1,-1,-1,0)(1008=-1,-1,-1,-1,0)(1009=-1,-1,-1,-1,0)(1012=-1,-1,-1,-1,0)
+        
+        
+          0
+          ARMDBGFLAGS
+          
+        
+        
+          0
+          ULP2CM3
+          -UP1135060 -O206 -S8 -C0 -P00 -N00("ARM CoreSight SW-DP") -D00(2BA01477) -L00(0) -TO19 -TC120000000 -TP18 -TDX0 -TDD0 -TDS8000 -TDT0 -TDC1F -TIE1 -TIP1 -FO7 -FD20000000 -FC1000 -FN1 -FF0STM32F2xx_1024.flm -FS08000000 -FL0100000 -FP0($$Device:STM32F207IG$Flash\STM32F2xx_1024.flm)
+        
+        
+          0
+          DLGUARM
+          
+        
+        
+          0
+          UL2CM3
+          UL2CM3(-S0 -C0 -P0 -FD20000000 -FC1000 -FN1 -FF0STM32F2xx_1024 -FS08000000 -FL0100000 -FP0($$Device:STM32F207IG$Flash\STM32F2xx_1024.flm))
+        
+      
+      
+        
+          0
+          0
+          96
+          1
+          
134218906

+          0
+          0
+          0
+          0
+          0
+          1
+          .\main.c
+          
+          
+        
+        
+          1
+          0
+          85
+          1
+          
134218858

+          0
+          0
+          0
+          0
+          0
+          1
+          .\main.c
+          
+          
+        
+      
+      
+        
+          1
+          8
+          0x20000408
+        
+      
+      
+        
+          2
+          8
+          0x8004dc8
+        
+      
+      
+        0
+      
+      
+        0
+        0
+        1
+        0
+        0
+        0
+        0
+        1
+        0
+        0
+        0
+        0
+        0
+        0
+        0
+        0
+        0
+        0
+        0
+        1
+        0
+        0
+        0
+        0
+      
+      
+      
+    
+  
+
+  
+    Source
+    1
+    0
+    0
+    0
+    
+      1
+      1
+      1
+      0
+      0
+      0
+      0
+      .\main.c
+      main.c
+      0
+      0
+    
+    
+      1
+      2
+      1
+      0
+      0
+      0
+      0
+      .\echoserver.c
+      echoserver.c
+      0
+      0
+    
+  
+
+  
+    Configuration
+    1
+    0
+    0
+    0
+    
+      2
+      3
+      5
+      0
+      0
+      0
+      0
+      .\RTE\wolfSSL\config-CyaSSL.h
+      config-CyaSSL.h
+      0
+      0
+    
+    
+      2
+      4
+      5
+      0
+      0
+      0
+      0
+      .\RTE\wolfSSL\config-Crypt.h
+      config-Crypt.h
+      0
+      0
+    
+    
+      2
+      5
+      5
+      0
+      0
+      0
+      0
+      .\RTE\Network\Net_Config_ETH_0.h
+      Net_Config_ETH_0.h
+      0
+      0
+    
+  
+
+  
+    Documentation
+    1
+    0
+    0
+    0
+    
+      3
+      6
+      5
+      0
+      0
+      0
+      0
+      .\Abstract.txt
+      Abstract.txt
+      0
+      0
+    
+  
+
+  
+    Devices
+    1
+    0
+    0
+    0
+    
+      4
+      7
+      1
+      0
+      0
+      0
+      0
+      .\time-dummy.c
+      time-dummy.c
+      0
+      0
+    
+  
+
+  
+    ::CMSIS
+    1
+    0
+    0
+    1
+    
+      5
+      8
+      1
+      0
+      0
+      0
+      0
+      RTE\CMSIS\RTX_Conf_CM.c
+      RTX_Conf_CM.c
+      1
+      0
+    
+    
+      5
+      9
+      4
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.4\CMSIS_RTX\Lib\ARM\RTX_CM3.lib
+      RTX_CM3.lib
+      1
+      0
+    
+  
+
+  
+    ::Device
+    0
+    0
+    0
+    1
+    
+      6
+      10
+      5
+      0
+      0
+      0
+      0
+      RTE\Device\STM32F207IG\RTE_Device.h
+      RTE_Device.h
+      1
+      0
+    
+    
+      6
+      11
+      2
+      0
+      0
+      0
+      0
+      RTE\Device\STM32F207IG\startup_stm32f2xx.s
+      startup_stm32f2xx.s
+      1
+      0
+    
+    
+      6
+      12
+      1
+      0
+      0
+      0
+      0
+      RTE\Device\STM32F207IG\system_stm32f2xx.c
+      system_stm32f2xx.c
+      1
+      0
+    
+    
+      6
+      13
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\DMA_STM32F2xx.c
+      DMA_STM32F2xx.c
+      1
+      0
+    
+    
+      6
+      14
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\GPIO_STM32F2xx.c
+      GPIO_STM32F2xx.c
+      1
+      0
+    
+  
+
+  
+    ::Drivers
+    0
+    0
+    0
+    1
+    
+      7
+      15
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\EMAC_STM32F2xx.c
+      EMAC_STM32F2xx.c
+      1
+      0
+    
+    
+      7
+      16
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\MCI_STM32F2xx.c
+      MCI_STM32F2xx.c
+      1
+      0
+    
+    
+      7
+      17
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.6\Network\Driver\PHY_ST802RT1.c
+      PHY_ST802RT1.c
+      1
+      0
+    
+  
+
+  
+    ::File System
+    0
+    0
+    0
+    1
+    
+      8
+      18
+      1
+      0
+      0
+      0
+      0
+      RTE\File_System\FS_Config.c
+      FS_Config.c
+      1
+      0
+    
+    
+      8
+      19
+      5
+      0
+      0
+      0
+      0
+      RTE\File_System\FS_Config_MC_0.h
+      FS_Config_MC_0.h
+      1
+      0
+    
+    
+      8
+      20
+      4
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.6\FileSystem\Lib\ARM\FS_LFN_CM3_L.lib
+      FS_LFN_CM3_L.lib
+      1
+      0
+    
+  
+
+  
+    ::Network
+    0
+    0
+    0
+    1
+    
+      9
+      21
+      1
+      0
+      0
+      0
+      0
+      RTE\Network\Net_Config.c
+      Net_Config.c
+      1
+      0
+    
+    
+      9
+      22
+      5
+      0
+      0
+      0
+      0
+      RTE\Network\Net_Config_BSD.h
+      Net_Config_BSD.h
+      1
+      0
+    
+    
+      9
+      23
+      5
+      0
+      0
+      0
+      0
+      RTE\Network\Net_Config_DNS_Client.h
+      Net_Config_DNS_Client.h
+      1
+      0
+    
+    
+      9
+      24
+      5
+      0
+      0
+      0
+      0
+      RTE\Network\Net_Config_ETH_0.h
+      Net_Config_ETH_0.h
+      1
+      0
+    
+    
+      9
+      25
+      5
+      0
+      0
+      0
+      0
+      RTE\Network\Net_Config_TCP.h
+      Net_Config_TCP.h
+      1
+      0
+    
+    
+      9
+      26
+      5
+      0
+      0
+      0
+      0
+      RTE\Network\Net_Config_UDP.h
+      Net_Config_UDP.h
+      1
+      0
+    
+    
+      9
+      27
+      1
+      0
+      0
+      0
+      0
+      RTE\Network\Net_Debug.c
+      Net_Debug.c
+      1
+      0
+    
+    
+      9
+      28
+      4
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.6\Network\Lib\ARM\Net_Dbg_CM3_L.lib
+      Net_Dbg_CM3_L.lib
+      1
+      0
+    
+  
+
+  
+    ::wolfSSL
+    1
+    0
+    0
+    1
+    
+      10
+      29
+      5
+      0
+      0
+      0
+      0
+      RTE\wolfSSL\config-Crypt.h
+      config-Crypt.h
+      1
+      0
+    
+    
+      10
+      30
+      5
+      0
+      0
+      0
+      0
+      RTE\wolfSSL\config-CyaSSL.h
+      config-CyaSSL.h
+      1
+      0
+    
+    
+      10
+      31
+      5
+      0
+      0
+      0
+      0
+      RTE\wolfSSL\settings.h
+      settings.h
+      1
+      0
+    
+    
+      10
+      32
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\IDE\MDK5-ARM\Src\cyassl_MDK_ARM.c
+      cyassl_MDK_ARM.c
+      1
+      0
+    
+    
+      10
+      33
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\aes.c
+      aes.c
+      1
+      0
+    
+    
+      10
+      34
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\arc4.c
+      arc4.c
+      1
+      0
+    
+    
+      10
+      35
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\asm.c
+      asm.c
+      1
+      0
+    
+    
+      10
+      36
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\asn.c
+      asn.c
+      1
+      0
+    
+    
+      10
+      37
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\blake2b.c
+      blake2b.c
+      1
+      0
+    
+    
+      10
+      38
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\camellia.c
+      camellia.c
+      1
+      0
+    
+    
+      10
+      39
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\coding.c
+      coding.c
+      1
+      0
+    
+    
+      10
+      40
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\compress.c
+      compress.c
+      1
+      0
+    
+    
+      10
+      41
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\des3.c
+      des3.c
+      1
+      0
+    
+    
+      10
+      42
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\dh.c
+      dh.c
+      1
+      0
+    
+    
+      10
+      43
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\dsa.c
+      dsa.c
+      1
+      0
+    
+    
+      10
+      44
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\ecc.c
+      ecc.c
+      1
+      0
+    
+    
+      10
+      45
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\ecc_fp.c
+      ecc_fp.c
+      1
+      0
+    
+    
+      10
+      46
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\error.c
+      error.c
+      1
+      0
+    
+    
+      10
+      47
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\hc128.c
+      hc128.c
+      1
+      0
+    
+    
+      10
+      48
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\hmac.c
+      hmac.c
+      1
+      0
+    
+    
+      10
+      49
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\integer.c
+      integer.c
+      1
+      0
+    
+    
+      10
+      50
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\logging.c
+      logging.c
+      1
+      0
+    
+    
+      10
+      51
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\md2.c
+      md2.c
+      1
+      0
+    
+    
+      10
+      52
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\md4.c
+      md4.c
+      1
+      0
+    
+    
+      10
+      53
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\md5.c
+      md5.c
+      1
+      0
+    
+    
+      10
+      54
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\memory.c
+      memory.c
+      1
+      0
+    
+    
+      10
+      55
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\misc.c
+      misc.c
+      1
+      0
+    
+    
+      10
+      56
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\pwdbased.c
+      pwdbased.c
+      1
+      0
+    
+    
+      10
+      57
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\rabbit.c
+      rabbit.c
+      1
+      0
+    
+    
+      10
+      58
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\random.c
+      random.c
+      1
+      0
+    
+    
+      10
+      59
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\ripemd.c
+      ripemd.c
+      1
+      0
+    
+    
+      10
+      60
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\rsa.c
+      rsa.c
+      1
+      0
+    
+    
+      10
+      61
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\sha.c
+      sha.c
+      1
+      0
+    
+    
+      10
+      62
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\sha256.c
+      sha256.c
+      1
+      0
+    
+    
+      10
+      63
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\sha512.c
+      sha512.c
+      1
+      0
+    
+    
+      10
+      64
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\tfm.c
+      tfm.c
+      1
+      0
+    
+    
+      10
+      65
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\wc_port.c
+      wc_port.c
+      1
+      0
+    
+    
+      10
+      66
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\src\crl.c
+      crl.c
+      1
+      0
+    
+    
+      10
+      67
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\src\internal.c
+      internal.c
+      1
+      0
+    
+    
+      10
+      68
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\src\io.c
+      io.c
+      1
+      0
+    
+    
+      10
+      69
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\src\keys.c
+      keys.c
+      1
+      0
+    
+    
+      10
+      70
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\src\ocsp.c
+      ocsp.c
+      1
+      0
+    
+    
+      10
+      71
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\src\sniffer.c
+      sniffer.c
+      1
+      0
+    
+    
+      10
+      72
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\src\ssl.c
+      ssl.c
+      1
+      0
+    
+    
+      10
+      73
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\src\tls.c
+      tls.c
+      1
+      0
+    
+  
+
+
diff --git a/3P/wolfssl/IDE/MDK5-ARM/Projects/EchoServer/EchoServer.uvprojx b/3P/wolfssl/IDE/MDK5-ARM/Projects/EchoServer/EchoServer.uvprojx
new file mode 100644
index 00000000..646373a0
--- /dev/null
+++ b/3P/wolfssl/IDE/MDK5-ARM/Projects/EchoServer/EchoServer.uvprojx
@@ -0,0 +1,1152 @@
+
+
+
+  2.1
+
+  
### uVision Project, (C) Keil Software

+
+  
+    
+      EchoServer
+      0x4
+      ARM-ADS
+      
+        
+          STM32F207IG
+          STMicroelectronics
+          IRAM(0x20000000,0x20000) IROM(0x08000000,0x100000) CPUTYPE("Cortex-M3") CLOCK(120000000) ELITTLE
+          
+          
+          UL2CM3(-S0 -C0 -P0 -FD20000000 -FC1000 -FN1 -FF0STM32F2xx_1024 -FS08000000 -FL0100000 -FP0($$Device:STM32F207IG$Flash\STM32F2xx_1024.flm))
+          0
+          $$Device:STM32F207IG$Device\Include\stm32f2xx.h
+          
+          
+          
+          
+          
+          
+          
+          
+          
+          $$Device:STM32F207IG$SVD\STM32F20x.svd
+          0
+          0
+          
+          
+          
+          
+          
+          
+            0
+            0
+            0
+            0
+            1
+          
+          .\Object\
+          EchoServer
+          1
+          0
+          0
+          1
+          1
+          .\Object\
+          1
+          0
+          0
+          
+            0
+            0
+            
+            
+            0
+            0
+            0
+            0
+          
+          
+            0
+            0
+            
+            
+            0
+            0
+            0
+            0
+          
+          
+            0
+            0
+            
+            
+            0
+            0
+          
+          0
+          
+        
+        
+          0
+          0
+          0
+          0
+          0
+          1
+          0
+          0
+          0
+          0
+          3
+          
+          
+          1
+        
+        
+          SARMCM3.DLL
+          -REMAP -MPU
+          DCM.DLL
+          -pCM3
+          SARMCM3.DLL
+          -REMAP -MPU
+          TCM.DLL
+          -pCM3
+        
+        
+          
+            1
+            0
+            0
+            0
+            16
+          
+          
+            0
+            1
+            1
+            1
+            1
+            1
+            1
+            1
+            0
+            1
+          
+          
+            1
+            1
+            1
+            1
+            1
+            1
+            0
+            1
+            1
+            1
+            1
+          
+          0
+          8
+          
+            
+            
+            
+            
+            
+          
+          
+            
+            
+            
+            
+            .\STM32_SWO.ini
+            BIN\ULP2CM3.DLL
+          
+        
+        
+          
+            1
+            0
+            0
+            1
+            1
+            4100
+          
+          1
+          BIN\ULP2CM3.DLL
+          "" ()
+          
+          
+          
+          
+          0
+        
+        
+          
+            0
+            1
+            1
+            1
+            1
+            1
+            1
+            1
+            0
+            1
+            1
+            0
+            1
+            1
+            0
+            0
+            1
+            1
+            1
+            1
+            1
+            1
+            1
+            1
+            1
+            0
+            0
+            "Cortex-M3"
+            
+            1
+            0
+            0
+            1
+            1
+            0
+            0
+            0
+            0
+            0
+            8
+            0
+            0
+            0
+            3
+            3
+            0
+            0
+            0
+            0
+            0
+            0
+            0
+            0
+            0
+            0
+            1
+            0
+            0
+            0
+            0
+            1
+            0
+            
+              
+                0
+                0x0
+                0x0
+              
+              
+                0
+                0x0
+                0x0
+              
+              
+                0
+                0x0
+                0x0
+              
+              
+                0
+                0x0
+                0x0
+              
+              
+                0
+                0x0
+                0x0
+              
+              
+                0
+                0x0
+                0x0
+              
+              
+                0
+                0x20000000
+                0x20000
+              
+              
+                1
+                0x8000000
+                0x100000
+              
+              
+                0
+                0x0
+                0x0
+              
+              
+                1
+                0x0
+                0x0
+              
+              
+                1
+                0x0
+                0x0
+              
+              
+                1
+                0x0
+                0x0
+              
+              
+                1
+                0x8000000
+                0x100000
+              
+              
+                1
+                0x0
+                0x0
+              
+              
+                0
+                0x0
+                0x0
+              
+              
+                0
+                0x0
+                0x0
+              
+              
+                0
+                0x0
+                0x0
+              
+              
+                0
+                0x20000000
+                0x20000
+              
+              
+                0
+                0x0
+                0x0
+              
+            
+            
+          
+          
+            1
+            4
+            0
+            0
+            0
+            0
+            0
+            0
+            0
+            0
+            0
+            0
+            0
+            0
+            0
+            
+              
+              HAVE_CONFIG_H  MDK_CONF_SimpleClient
+              
+              
+            
+          
+          
+            1
+            0
+            0
+            0
+            0
+            0
+            0
+            0
+            0
+            
+              
+              
+              
+              
+            
+          
+          
+            1
+            0
+            0
+            0
+            1
+            0
+            0x08000000
+            0x20000000
+            
+            
+            
+            
+            
+            
+            
+          
+        
+      
+      
+        
+          Source
+          
+            
+              main.c
+              1
+              .\main.c
+            
+            
+              echoserver.c
+              1
+              .\echoserver.c
+            
+          
+        
+        
+          Configuration
+          
+            
+              config-CyaSSL.h
+              5
+              .\RTE\wolfSSL\config-CyaSSL.h
+            
+            
+              config-Crypt.h
+              5
+              .\RTE\wolfSSL\config-Crypt.h
+            
+            
+              Net_Config_ETH_0.h
+              5
+              .\RTE\Network\Net_Config_ETH_0.h
+            
+          
+        
+        
+          Documentation
+          
+            
+              Abstract.txt
+              5
+              .\Abstract.txt
+            
+          
+        
+        
+          Devices
+          
+            
+              time-dummy.c
+              1
+              .\time-dummy.c
+            
+          
+        
+        
+          ::CMSIS
+          
+            
+              RTX_Conf_CM.c
+              1
+              RTE\CMSIS\RTX_Conf_CM.c
+            
+            
+              RTX_CM3.lib
+              4
+              C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.4\CMSIS_RTX\Lib\ARM\RTX_CM3.lib
+            
+          
+        
+        
+          ::Device
+          
+            
+              RTE_Device.h
+              5
+              RTE\Device\STM32F207IG\RTE_Device.h
+            
+            
+              startup_stm32f2xx.s
+              2
+              RTE\Device\STM32F207IG\startup_stm32f2xx.s
+            
+            
+              system_stm32f2xx.c
+              1
+              RTE\Device\STM32F207IG\system_stm32f2xx.c
+            
+            
+              DMA_STM32F2xx.c
+              1
+              C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\DMA_STM32F2xx.c
+            
+            
+              GPIO_STM32F2xx.c
+              1
+              C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\GPIO_STM32F2xx.c
+            
+          
+        
+        
+          ::Drivers
+          
+            
+              EMAC_STM32F2xx.c
+              1
+              C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\EMAC_STM32F2xx.c
+            
+            
+              MCI_STM32F2xx.c
+              1
+              C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\MCI_STM32F2xx.c
+            
+            
+              PHY_ST802RT1.c
+              1
+              C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.6\Network\Driver\PHY_ST802RT1.c
+            
+          
+        
+        
+          ::File System
+          
+            
+              FS_Config.c
+              1
+              RTE\File_System\FS_Config.c
+            
+            
+              FS_Config_MC_0.h
+              5
+              RTE\File_System\FS_Config_MC_0.h
+            
+            
+              FS_LFN_CM3_L.lib
+              4
+              C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.6\FileSystem\Lib\ARM\FS_LFN_CM3_L.lib
+            
+          
+        
+        
+          ::Network
+          
+            
+              Net_Config.c
+              1
+              RTE\Network\Net_Config.c
+            
+            
+              Net_Config_BSD.h
+              5
+              RTE\Network\Net_Config_BSD.h
+            
+            
+              Net_Config_DNS_Client.h
+              5
+              RTE\Network\Net_Config_DNS_Client.h
+            
+            
+              Net_Config_ETH_0.h
+              5
+              RTE\Network\Net_Config_ETH_0.h
+            
+            
+              Net_Config_TCP.h
+              5
+              RTE\Network\Net_Config_TCP.h
+            
+            
+              Net_Config_UDP.h
+              5
+              RTE\Network\Net_Config_UDP.h
+            
+            
+              Net_Debug.c
+              1
+              RTE\Network\Net_Debug.c
+            
+            
+              Net_Dbg_CM3_L.lib
+              4
+              C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.6\Network\Lib\ARM\Net_Dbg_CM3_L.lib
+            
+          
+        
+        
+          ::wolfSSL
+          
+            
+              config-Crypt.h
+              5
+              RTE\wolfSSL\config-Crypt.h
+            
+            
+              config-CyaSSL.h
+              5
+              RTE\wolfSSL\config-CyaSSL.h
+            
+            
+              settings.h
+              5
+              RTE\wolfSSL\settings.h
+            
+            
+              cyassl_MDK_ARM.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\IDE\MDK5-ARM\Src\cyassl_MDK_ARM.c
+            
+            
+              aes.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\aes.c
+            
+            
+              arc4.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\arc4.c
+            
+            
+              asm.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\asm.c
+            
+            
+              asn.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\asn.c
+            
+            
+              blake2b.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\blake2b.c
+            
+            
+              camellia.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\camellia.c
+            
+            
+              coding.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\coding.c
+            
+            
+              compress.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\compress.c
+            
+            
+              des3.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\des3.c
+            
+            
+              dh.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\dh.c
+            
+            
+              dsa.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\dsa.c
+            
+            
+              ecc.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\ecc.c
+            
+            
+              ecc_fp.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\ecc_fp.c
+            
+            
+              error.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\error.c
+            
+            
+              hc128.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\hc128.c
+            
+            
+              hmac.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\hmac.c
+            
+            
+              integer.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\integer.c
+            
+            
+              logging.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\logging.c
+            
+            
+              md2.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\md2.c
+            
+            
+              md4.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\md4.c
+            
+            
+              md5.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\md5.c
+            
+            
+              memory.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\memory.c
+            
+            
+              misc.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\misc.c
+            
+            
+              pwdbased.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\pwdbased.c
+            
+            
+              rabbit.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\rabbit.c
+            
+            
+              random.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\random.c
+            
+            
+              ripemd.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\ripemd.c
+            
+            
+              rsa.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\rsa.c
+            
+            
+              sha.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\sha.c
+            
+            
+              sha256.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\sha256.c
+            
+            
+              sha512.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\sha512.c
+            
+            
+              tfm.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\tfm.c
+            
+            
+              wc_port.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\wc_port.c
+            
+            
+              crl.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\src\crl.c
+            
+            
+              internal.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\src\internal.c
+            
+            
+              io.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\src\io.c
+            
+            
+              keys.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\src\keys.c
+            
+            
+              ocsp.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\src\ocsp.c
+            
+            
+              sniffer.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\src\sniffer.c
+            
+            
+              ssl.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\src\ssl.c
+            
+            
+              tls.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\src\tls.c
+            
+          
+        
+      
+    
+  
+
+  
+    
+      
+        
+          
+        
+      
+      
+        
+          
+        
+      
+      
+        
+          
+        
+      
+      
+        
+          
+        
+      
+      
+        
+          
+        
+      
+    
+    
+      
+        
+        
+          
+        
+      
+      
+        
+        
+          
+        
+      
+      
+        
+        
+          
+        
+      
+      
+        
+        
+          
+        
+      
+    
+    
+      
+        
+        
+          
+        
+      
+      
+        
+        
+          
+        
+      
+      
+        
+        
+          
+        
+      
+      
+        
+        
+          
+        
+      
+      
+        
+        
+          
+        
+      
+      
+        
+        
+          
+        
+      
+      
+        
+        
+          
+        
+      
+      
+        
+        
+          
+        
+      
+      
+        
+        
+          
+        
+      
+      
+        
+        
+          
+        
+      
+      
+        
+        
+          
+        
+      
+      
+        
+        
+          
+        
+      
+      
+        
+        
+          
+        
+      
+      
+        
+        
+          
+        
+      
+      
+        
+        
+          
+        
+      
+      
+        
+        
+          
+        
+      
+      
+        
+        
+          
+        
+      
+      
+        
+        
+          
+        
+      
+    
+    
+      
+        RTE\CMSIS\RTX_Conf_CM.c
+        
+        
+        
+          
+        
+      
+      
+        RTE\Device\STM32F207IG\RTE_Device.h
+        
+        
+        
+          
+        
+      
+      
+        RTE\Device\STM32F207IG\startup_stm32f2xx.s
+        
+        
+        
+          
+        
+      
+      
+        RTE\Device\STM32F207IG\system_stm32f2xx.c
+        
+        
+        
+          
+        
+      
+      
+        RTE\File_System\FS_Config.c
+        
+        
+        
+          
+        
+      
+      
+        RTE\File_System\FS_Config_MC_0.h
+        
+        
+        
+          
+        
+      
+      
+        RTE\Network\Net_Config.c
+        
+        
+        
+          
+        
+      
+      
+        RTE\Network\Net_Config_BSD.h
+        
+        
+        
+          
+        
+      
+      
+        RTE\Network\Net_Config_DNS_Client.h
+        
+        
+        
+          
+        
+      
+      
+        RTE\Network\Net_Config_ETH_0.h
+        
+        
+        
+          
+        
+      
+      
+        RTE\Network\Net_Config_TCP.h
+        
+        
+        
+          
+        
+      
+      
+        RTE\Network\Net_Config_UDP.h
+        
+        
+        
+          
+        
+      
+      
+        RTE\Network\Net_Debug.c
+        
+        
+        
+          
+        
+      
+      
+        RTE\Other\config-Crypt.h
+        
+        
+        
+      
+      
+        RTE\Other\config-CyaSSL.h
+        
+        
+        
+      
+      
+        RTE\Other\config-RTX-TCP-FS.h
+        
+        
+        
+      
+      
+        RTE\Other\config.h
+        
+        
+        
+      
+      
+        RTE\wolfSSL\config-Crypt.h
+        
+        
+        
+          
+        
+      
+      
+        RTE\wolfSSL\config-CyaSSL.h
+        
+        
+        
+          
+        
+      
+      
+        RTE\wolfSSL\config.h
+        
+        
+        
+      
+      
+        RTE\wolfSSL\settings.h
+        
+        
+        
+          
+        
+      
+    
+  
+
+
diff --git a/3P/wolfssl/IDE/MDK5-ARM/Projects/EchoServer/RTE/wolfSSL/settings.h b/3P/wolfssl/IDE/MDK5-ARM/Projects/EchoServer/RTE/wolfSSL/settings.h
new file mode 100644
index 00000000..5cfe60df
--- /dev/null
+++ b/3P/wolfssl/IDE/MDK5-ARM/Projects/EchoServer/RTE/wolfSSL/settings.h
@@ -0,0 +1,627 @@
+/* settings.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+/* Place OS specific preprocessor flags, defines, includes here, will be
+   included into every file because types.h includes it */
+
+
+#ifndef CTAO_CRYPT_SETTINGS_H
+#define CTAO_CRYPT_SETTINGS_H
+
+#ifdef __cplusplus
+    extern "C" {
+#endif
+
+/* Uncomment next line if using IPHONE */
+/* #define IPHONE */
+
+/* Uncomment next line if using ThreadX */
+/* #define THREADX */
+
+/* Uncomment next line if using Micrium ucOS */
+/* #define MICRIUM */
+
+/* Uncomment next line if using Mbed */
+/* #define MBED */
+
+/* Uncomment next line if using Microchip PIC32 ethernet starter kit */
+/* #define MICROCHIP_PIC32 */
+
+/* Uncomment next line if using Microchip TCP/IP stack, version 5 */
+/* #define MICROCHIP_TCPIP_V5 */
+
+/* Uncomment next line if using Microchip TCP/IP stack, version 6 or later */
+/* #define MICROCHIP_TCPIP */
+
+/* Uncomment next line if using FreeRTOS */
+/* #define FREERTOS */
+
+/* Uncomment next line if using FreeRTOS Windows Simulator */
+/* #define FREERTOS_WINSIM */
+
+/* Uncomment next line if using RTIP */
+/* #define EBSNET */
+
+/* Uncomment next line if using lwip */
+/* #define CYASSL_LWIP */
+
+/* Uncomment next line if building CyaSSL for a game console */
+/* #define CYASSL_GAME_BUILD */
+
+/* Uncomment next line if building CyaSSL for LSR */
+/* #define CYASSL_LSR */
+
+/* Uncomment next line if building CyaSSL for Freescale MQX/RTCS/MFS */
+/* #define FREESCALE_MQX */
+
+/* Uncomment next line if using STM32F2 */
+/* #define CYASSL_STM32F2 */
+
+/* Uncomment next line if using Comverge settings */
+/* #define COMVERGE */
+
+/* Uncomment next line if using QL SEP settings */
+/* #define CYASSL_QL */
+
+
+#include 
+
+#ifdef IPHONE
+    #define SIZEOF_LONG_LONG 8
+#endif
+
+
+#ifdef COMVERGE
+    #define THREADX
+    #define HAVE_NETX
+    #define CYASSL_USER_IO
+    #define NO_WRITEV
+    #define NO_DEV_RANDOM
+    #define NO_FILESYSTEM
+    #define NO_SHA512
+    #define NO_DH
+    #define NO_DSA
+    #define NO_HC128
+    #define NO_RSA
+    #define NO_SESSION_CACHE
+    #define HAVE_ECC 
+#endif
+
+
+#ifdef THREADX 
+    #define SIZEOF_LONG_LONG 8
+#endif
+
+#ifdef HAVE_NETX
+    #include "nx_api.h"
+#endif
+
+#ifdef MICROCHIP_PIC32
+    #define SIZEOF_LONG_LONG 8
+    #define SINGLE_THREADED
+    #define CYASSL_USER_IO
+    #define NO_WRITEV
+    #define NO_DEV_RANDOM
+    #define NO_FILESYSTEM
+    #define USE_FAST_MATH
+    #define TFM_TIMING_RESISTANT
+#endif
+
+#ifdef MICROCHIP_TCPIP_V5
+    /* include timer functions */
+    #include "TCPIP Stack/TCPIP.h"
+#endif
+
+#ifdef MICROCHIP_TCPIP
+    /* include timer, NTP functions */
+    #include "system/system_services.h"
+    #ifdef MICROCHIP_MPLAB_HARMONY
+        #include "tcpip/tcpip.h"
+    #else
+        #include "tcpip/sntp.h"
+    #endif
+#endif
+
+#ifdef MBED
+    #define SINGLE_THREADED
+    #define CYASSL_USER_IO
+    #define NO_WRITEV
+    #define NO_DEV_RANDOM
+    #define NO_SHA512
+    #define NO_DH
+    #define NO_DSA
+    #define NO_HC128
+#endif /* MBED */
+
+#ifdef CYASSL_TYTO
+    #include "rand.h"
+    #define FREERTOS
+    #define NO_FILESYSTEM
+    #define CYASSL_USER_IO
+    #define NO_DEV_RANDOM
+    #define HAVE_ECC
+    #define HAVE_ECC_ENCRYPT
+    #define ECC_SHAMIR
+    #define HAVE_HKDF
+    #define USE_FAST_MATH
+    #define TFM_TIMING_RESISTANT
+    #define FP_MAX_BITS 512
+    #define NO_OLD_TLS
+    #define NO_MD4
+    #define NO_RABBIT
+    #define NO_HC128
+    #define NO_RSA
+    #define NO_DSA
+    #define NO_PWDBASED
+    #define NO_PSK
+#endif
+
+#ifdef FREERTOS_WINSIM
+    #define FREERTOS
+    #define USE_WINDOWS_API
+#endif
+
+
+/* Micrium will use Visual Studio for compilation but not the Win32 API */
+#if defined(_WIN32) && !defined(MICRIUM) && !defined(FREERTOS) \
+        && !defined(EBSNET)
+    #define USE_WINDOWS_API
+#endif
+
+
+#if defined(CYASSL_LEANPSK) && !defined(XMALLOC_USER)
+    #include 
+    #define XMALLOC(s, h, type)  malloc((s))
+    #define XFREE(p, h, type)    free((p)) 
+    #define XREALLOC(p, n, h, t) realloc((p), (n))
+#endif
+
+#if defined(XMALLOC_USER) && defined(SSN_BUILDING_LIBYASSL)
+    #undef  XMALLOC
+    #define XMALLOC     yaXMALLOC
+    #undef  XFREE
+    #define XFREE       yaXFREE
+    #undef  XREALLOC
+    #define XREALLOC    yaXREALLOC
+#endif
+
+
+#ifdef FREERTOS
+    #ifndef NO_WRITEV
+        #define NO_WRITEV
+    #endif
+    #ifndef NO_SHA512
+        #define NO_SHA512
+    #endif
+    #ifndef NO_DH
+        #define NO_DH
+    #endif
+    #ifndef NO_DSA
+        #define NO_DSA
+    #endif
+    #ifndef NO_HC128
+        #define NO_HC128
+    #endif
+
+    #ifndef SINGLE_THREADED
+        #include "FreeRTOS.h"
+        #include "semphr.h"
+    #endif
+#endif
+
+#ifdef EBSNET
+    #include "rtip.h"
+
+    /* #define DEBUG_CYASSL */
+    #define NO_CYASSL_DIR  /* tbd */
+
+    #if (POLLOS)
+        #define SINGLE_THREADED
+    #endif
+
+    #if (RTPLATFORM)
+        #if (!RTP_LITTLE_ENDIAN)
+            #define BIG_ENDIAN_ORDER
+        #endif
+    #else
+        #if (!KS_LITTLE_ENDIAN)
+            #define BIG_ENDIAN_ORDER
+        #endif
+    #endif
+
+    #if (WINMSP3)
+        #undef SIZEOF_LONG
+        #define SIZEOF_LONG_LONG 8
+    #else
+        #sslpro: settings.h - please implement SIZEOF_LONG and SIZEOF_LONG_LONG
+    #endif
+
+    #define XMALLOC(s, h, type) ((void *)rtp_malloc((s), SSL_PRO_MALLOC))
+    #define XFREE(p, h, type) (rtp_free(p))
+    #define XREALLOC(p, n, h, t) realloc((p), (n))
+
+#endif /* EBSNET */
+
+#ifdef CYASSL_GAME_BUILD
+    #define SIZEOF_LONG_LONG 8
+    #if defined(__PPU) || defined(__XENON)
+        #define BIG_ENDIAN_ORDER
+    #endif
+#endif
+
+#ifdef CYASSL_LSR
+    #define HAVE_WEBSERVER
+    #define SIZEOF_LONG_LONG 8
+    #define CYASSL_LOW_MEMORY
+    #define NO_WRITEV
+    #define NO_SHA512
+    #define NO_DH
+    #define NO_DSA
+    #define NO_HC128
+    #define NO_DEV_RANDOM
+    #define NO_CYASSL_DIR
+    #define NO_RABBIT
+    #ifndef NO_FILESYSTEM
+        #define LSR_FS
+        #include "inc/hw_types.h"
+        #include "fs.h"
+    #endif
+    #define CYASSL_LWIP
+    #include   /* for tcp errno */
+    #define CYASSL_SAFERTOS
+    #if defined(__IAR_SYSTEMS_ICC__)
+        /* enum uses enum */
+        #pragma diag_suppress=Pa089
+    #endif
+#endif
+
+#ifdef CYASSL_SAFERTOS
+    #ifndef SINGLE_THREADED
+        #include "SafeRTOS/semphr.h"
+    #endif
+
+    #include "SafeRTOS/heap.h"
+    #define XMALLOC(s, h, type)  pvPortMalloc((s))
+    #define XFREE(p, h, type)    vPortFree((p)) 
+    #define XREALLOC(p, n, h, t) pvPortRealloc((p), (n))
+#endif
+
+#ifdef CYASSL_LOW_MEMORY
+    #undef  RSA_LOW_MEM
+    #define RSA_LOW_MEM
+    #undef  CYASSL_SMALL_STACK
+    #define CYASSL_SMALL_STACK
+    #undef  TFM_TIMING_RESISTANT
+    #define TFM_TIMING_RESISTANT
+#endif
+
+#ifdef FREESCALE_MQX
+    #define SIZEOF_LONG_LONG 8
+    #define NO_WRITEV
+    #define NO_DEV_RANDOM
+    #define NO_RABBIT
+    #define NO_CYASSL_DIR
+    #define USE_FAST_MATH
+    #define TFM_TIMING_RESISTANT
+    #define FREESCALE_K70_RNGA
+    /* #define FREESCALE_K53_RNGB */
+    #include "mqx.h"
+    #ifndef NO_FILESYSTEM
+        #include "mfs.h"
+        #include "fio.h"
+    #endif
+    #ifndef SINGLE_THREADED
+        #include "mutex.h"
+    #endif
+
+    #define XMALLOC(s, h, t)    (void *)_mem_alloc_system((s))
+    #define XFREE(p, h, t)      {void* xp = (p); if ((xp)) _mem_free((xp));}
+    /* Note: MQX has no realloc, using fastmath above */
+#endif
+
+#ifdef CYASSL_STM32F2
+    #define SIZEOF_LONG_LONG 8
+    #define NO_DEV_RANDOM
+    #define NO_CYASSL_DIR
+    #define NO_RABBIT
+    #define STM32F2_RNG
+    #define STM32F2_CRYPTO
+    #define KEIL_INTRINSICS
+#endif
+
+#ifdef MICRIUM
+
+    #include "stdlib.h"
+    #include "net_cfg.h"
+    #include "ssl_cfg.h"
+    #include "net_secure_os.h"
+
+    #define CYASSL_TYPES
+
+    typedef CPU_INT08U byte;
+    typedef CPU_INT16U word16;
+    typedef CPU_INT32U word32;
+
+    #if (NET_SECURE_MGR_CFG_WORD_SIZE == CPU_WORD_SIZE_32)
+        #define SIZEOF_LONG        4
+        #undef  SIZEOF_LONG_LONG
+    #else
+        #undef  SIZEOF_LONG
+        #define SIZEOF_LONG_LONG   8
+    #endif
+
+    #define STRING_USER
+
+    #define XSTRLEN(pstr) ((CPU_SIZE_T)Str_Len((CPU_CHAR *)(pstr)))
+    #define XSTRNCPY(pstr_dest, pstr_src, len_max) \
+                    ((CPU_CHAR *)Str_Copy_N((CPU_CHAR *)(pstr_dest), \
+                     (CPU_CHAR *)(pstr_src), (CPU_SIZE_T)(len_max)))
+    #define XSTRNCMP(pstr_1, pstr_2, len_max) \
+                    ((CPU_INT16S)Str_Cmp_N((CPU_CHAR *)(pstr_1), \
+                     (CPU_CHAR *)(pstr_2), (CPU_SIZE_T)(len_max)))  
+    #define XSTRSTR(pstr, pstr_srch) \
+                    ((CPU_CHAR *)Str_Str((CPU_CHAR *)(pstr), \
+                     (CPU_CHAR *)(pstr_srch)))
+    #define XMEMSET(pmem, data_val, size) \
+                    ((void)Mem_Set((void *)(pmem), (CPU_INT08U) (data_val), \
+                    (CPU_SIZE_T)(size)))
+    #define XMEMCPY(pdest, psrc, size) ((void)Mem_Copy((void *)(pdest), \
+                     (void *)(psrc), (CPU_SIZE_T)(size)))
+    #define XMEMCMP(pmem_1, pmem_2, size) \
+                   (((CPU_BOOLEAN)Mem_Cmp((void *)(pmem_1), (void *)(pmem_2), \
+                     (CPU_SIZE_T)(size))) ? DEF_NO : DEF_YES)
+    #define XMEMMOVE XMEMCPY
+
+#if (NET_SECURE_MGR_CFG_EN == DEF_ENABLED)
+    #define MICRIUM_MALLOC    
+    #define XMALLOC(s, h, type) ((void *)NetSecure_BlkGet((CPU_INT08U)(type), \
+                                 (CPU_SIZE_T)(s), (void *)0))
+    #define XFREE(p, h, type)   (NetSecure_BlkFree((CPU_INT08U)(type), \
+                                 (p), (void *)0))
+    #define XREALLOC(p, n, h, t) realloc((p), (n))
+#endif
+
+    #if (NET_SECURE_MGR_CFG_FS_EN == DEF_ENABLED)
+        #undef  NO_FILESYSTEM
+    #else
+        #define NO_FILESYSTEM
+    #endif
+
+    #if (SSL_CFG_TRACE_LEVEL == CYASSL_TRACE_LEVEL_DBG)
+        #define DEBUG_CYASSL
+    #else
+        #undef  DEBUG_CYASSL
+    #endif
+
+    #if (SSL_CFG_OPENSSL_EN == DEF_ENABLED)
+        #define OPENSSL_EXTRA
+    #else
+        #undef  OPENSSL_EXTRA
+    #endif
+
+    #if (SSL_CFG_MULTI_THREAD_EN == DEF_ENABLED)
+        #undef  SINGLE_THREADED
+    #else
+        #define SINGLE_THREADED
+    #endif
+
+    #if (SSL_CFG_DH_EN == DEF_ENABLED)
+        #undef  NO_DH
+    #else
+        #define NO_DH
+    #endif
+
+    #if (SSL_CFG_DSA_EN == DEF_ENABLED)
+        #undef  NO_DSA
+    #else
+        #define NO_DSA
+    #endif
+
+    #if (SSL_CFG_PSK_EN == DEF_ENABLED)
+        #undef  NO_PSK
+    #else
+        #define NO_PSK
+    #endif
+
+    #if (SSL_CFG_3DES_EN == DEF_ENABLED)
+        #undef  NO_DES
+    #else
+        #define NO_DES
+    #endif
+
+    #if (SSL_CFG_AES_EN == DEF_ENABLED)
+        #undef  NO_AES
+    #else
+        #define NO_AES
+    #endif
+
+    #if (SSL_CFG_RC4_EN == DEF_ENABLED)
+        #undef  NO_RC4
+    #else
+        #define NO_RC4
+    #endif
+
+    #if (SSL_CFG_RABBIT_EN == DEF_ENABLED)
+        #undef  NO_RABBIT
+    #else
+        #define NO_RABBIT
+    #endif
+
+    #if (SSL_CFG_HC128_EN == DEF_ENABLED)
+        #undef  NO_HC128
+    #else
+        #define NO_HC128
+    #endif
+
+    #if (CPU_CFG_ENDIAN_TYPE == CPU_ENDIAN_TYPE_BIG)
+        #define BIG_ENDIAN_ORDER
+    #else
+        #undef  BIG_ENDIAN_ORDER
+        #define LITTLE_ENDIAN_ORDER
+    #endif
+
+    #if (SSL_CFG_MD4_EN == DEF_ENABLED)
+        #undef  NO_MD4
+    #else
+        #define NO_MD4
+    #endif
+
+    #if (SSL_CFG_WRITEV_EN == DEF_ENABLED)
+        #undef  NO_WRITEV
+    #else
+        #define NO_WRITEV
+    #endif
+
+    #if (SSL_CFG_USER_RNG_SEED_EN == DEF_ENABLED)
+        #define NO_DEV_RANDOM   
+    #else
+        #undef  NO_DEV_RANDOM
+    #endif
+
+    #if (SSL_CFG_USER_IO_EN == DEF_ENABLED)
+        #define CYASSL_USER_IO   
+    #else
+        #undef  CYASSL_USER_IO
+    #endif
+
+    #if (SSL_CFG_DYNAMIC_BUFFERS_EN == DEF_ENABLED)
+        #undef  LARGE_STATIC_BUFFERS
+        #undef  STATIC_CHUNKS_ONLY
+    #else
+        #define LARGE_STATIC_BUFFERS
+        #define STATIC_CHUNKS_ONLY
+    #endif
+
+    #if (SSL_CFG_DER_LOAD_EN == DEF_ENABLED)
+        #define  CYASSL_DER_LOAD
+    #else
+        #undef   CYASSL_DER_LOAD
+    #endif
+
+    #if (SSL_CFG_DTLS_EN == DEF_ENABLED)
+        #define  CYASSL_DTLS
+    #else
+        #undef   CYASSL_DTLS
+    #endif
+
+    #if (SSL_CFG_CALLBACKS_EN == DEF_ENABLED)
+         #define CYASSL_CALLBACKS
+    #else
+         #undef  CYASSL_CALLBACKS
+    #endif
+
+    #if (SSL_CFG_FAST_MATH_EN == DEF_ENABLED)
+         #define USE_FAST_MATH
+    #else
+         #undef  USE_FAST_MATH
+    #endif
+
+    #if (SSL_CFG_TFM_TIMING_RESISTANT_EN == DEF_ENABLED)
+         #define TFM_TIMING_RESISTANT
+    #else
+         #undef  TFM_TIMING_RESISTANT
+    #endif
+
+#endif /* MICRIUM */
+
+
+#ifdef CYASSL_QL
+    #ifndef CYASSL_SEP
+        #define CYASSL_SEP
+    #endif
+    #ifndef OPENSSL_EXTRA
+        #define OPENSSL_EXTRA
+    #endif
+    #ifndef SESSION_CERTS
+        #define SESSION_CERTS
+    #endif
+    #ifndef HAVE_AESCCM
+        #define HAVE_AESCCM
+    #endif
+    #ifndef ATOMIC_USER
+        #define ATOMIC_USER
+    #endif
+    #ifndef CYASSL_DER_LOAD
+        #define CYASSL_DER_LOAD
+    #endif
+    #ifndef KEEP_PEER_CERT
+        #define KEEP_PEER_CERT
+    #endif
+    #ifndef HAVE_ECC
+        #define HAVE_ECC
+    #endif
+    #ifndef SESSION_INDEX
+        #define SESSION_INDEX
+    #endif
+#endif /* CYASSL_QL */
+
+
+#if !defined(XMALLOC_USER) && !defined(MICRIUM_MALLOC) && \
+    !defined(CYASSL_LEANPSK) && !defined(NO_CYASSL_MEMORY)
+    #define USE_CYASSL_MEMORY
+#endif
+
+
+#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS)
+    #undef  KEEP_PEER_CERT
+    #define KEEP_PEER_CERT
+#endif
+
+
+/* stream ciphers except arc4 need 32bit alignment, intel ok without */
+#ifndef XSTREAM_ALIGNMENT
+    #if defined(__x86_64__) || defined(__ia64__) || defined(__i386__)
+        #define NO_XSTREAM_ALIGNMENT
+    #else
+        #define XSTREAM_ALIGNMENT
+    #endif
+#endif
+
+
+/* if using hardware crypto and have alignment requirements, specify the
+   requirement here.  The record header of SSL/TLS will prvent easy alignment.
+   This hint tries to help as much as possible.  */
+#ifndef CYASSL_GENERAL_ALIGNMENT
+    #ifdef CYASSL_AESNI
+        #define CYASSL_GENERAL_ALIGNMENT 16
+    #elif defined(XSTREAM_ALIGNMENT)
+        #define CYASSL_GENERAL_ALIGNMENT  4
+    #else 
+        #define CYASSL_GENERAL_ALIGNMENT  0 
+    #endif
+#endif
+
+#ifdef HAVE_CRL
+    /* not widely supported yet */
+    #undef NO_SKID
+    #define NO_SKID
+#endif
+
+/* Place any other flags or defines here */
+
+
+#ifdef __cplusplus
+    }   /* extern "C" */
+#endif
+
+
+#endif /* CTAO_CRYPT_SETTINGS_H */
+
diff --git a/3P/wolfssl/IDE/MDK5-ARM/Projects/EchoServer/echoserver.c b/3P/wolfssl/IDE/MDK5-ARM/Projects/EchoServer/echoserver.c
new file mode 100644
index 00000000..40701896
--- /dev/null
+++ b/3P/wolfssl/IDE/MDK5-ARM/Projects/EchoServer/echoserver.c
@@ -0,0 +1,368 @@
+/* echoserver.c
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+#ifdef HAVE_CONFIG_H
+    #include 
+#endif
+
+#include 
+
+#if defined(CYASSL_MDK_ARM)
+        #include 
+        #include 
+
+        #if defined(CYASSL_MDK5)
+            #include "cmsis_os.h"
+            #include "rl_fs.h" 
+            #include "rl_net.h" 
+        #else
+            #include "rtl.h"
+        #endif
+
+        #include "cyassl_MDK_ARM.h"
+#endif
+
+#include 
+#include 
+
+#ifndef NO_MAIN_DRIVER
+    #define ECHO_OUT
+#endif
+
+#include "examples/echoserver/echoserver.h"
+
+
+#ifdef SESSION_STATS
+    CYASSL_API void PrintSessionStats(void);
+#endif
+
+#define SVR_COMMAND_SIZE 256
+
+static void SignalReady(void* args, word16 port)
+{
+#if defined(_POSIX_THREADS) && defined(NO_MAIN_DRIVER) && !defined(__MINGW32__)
+    /* signal ready to tcp_accept */
+    func_args* server_args = (func_args*)args;
+    tcp_ready* ready = server_args->signal;
+    pthread_mutex_lock(&ready->mutex);
+    ready->ready = 1;
+    ready->port = port;
+    pthread_cond_signal(&ready->cond);
+    pthread_mutex_unlock(&ready->mutex);
+#endif
+    (void)args;
+    (void)port;
+}
+
+
+THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
+{
+    SOCKET_T       sockfd = 0;
+    CYASSL_METHOD* method = 0;
+    CYASSL_CTX*    ctx    = 0;
+
+    int    doDTLS = 0;
+    int    doPSK = 0;
+    int    outCreated = 0;
+    int    shutDown = 0;
+    int    useAnyAddr = 0;
+    word16 port = yasslPort;
+    int    argc = ((func_args*)args)->argc;
+    char** argv = ((func_args*)args)->argv;
+
+#ifdef ECHO_OUT
+    FILE* fout = stdout;
+    if (argc >= 2) {
+        fout = fopen(argv[1], "w");
+        outCreated = 1;
+    }
+    if (!fout) err_sys("can't open output file");
+#endif
+    (void)outCreated;
+    (void)argc;
+    (void)argv;
+
+    ((func_args*)args)->return_code = -1; /* error state */
+
+#ifdef CYASSL_DTLS
+    doDTLS  = 1;
+#endif
+
+#ifdef CYASSL_LEANPSK
+    doPSK = 1;
+#endif
+
+#if defined(NO_RSA) && !defined(HAVE_ECC)
+    doPSK = 1;
+#endif
+
+    #if defined(NO_MAIN_DRIVER) && !defined(USE_WINDOWS_API) && \
+                      !defined(CYASSL_SNIFFER) && !defined(CYASSL_MDK_ARM)
+        port = 0;
+    #endif
+    #if defined(USE_ANY_ADDR)
+        useAnyAddr = 1;
+    #endif
+    tcp_listen(&sockfd, &port, useAnyAddr, doDTLS);
+
+#if defined(CYASSL_DTLS)
+    method  = CyaDTLSv1_server_method();
+#elif  !defined(NO_TLS)
+    method = CyaSSLv23_server_method();
+#else
+    method = wolfSSLv3_server_method();
+#endif
+    ctx    = CyaSSL_CTX_new(method);
+    /* CyaSSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_OFF); */
+
+#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER)
+    CyaSSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack);
+#endif
+
+#ifndef NO_FILESYSTEM
+    if (doPSK == 0) {
+    #ifdef HAVE_NTRU
+        /* ntru */
+        if (CyaSSL_CTX_use_certificate_file(ctx, ntruCert, SSL_FILETYPE_PEM)
+                != SSL_SUCCESS)
+            err_sys("can't load ntru cert file, "
+                    "Please run from CyaSSL home dir");
+
+        if (CyaSSL_CTX_use_NTRUPrivateKey_file(ctx, ntruKey)
+                != SSL_SUCCESS)
+            err_sys("can't load ntru key file, "
+                    "Please run from CyaSSL home dir");
+    #elif defined(HAVE_ECC)
+        /* ecc */
+        if (CyaSSL_CTX_use_certificate_file(ctx, eccCert, SSL_FILETYPE_PEM)
+                != SSL_SUCCESS)
+            err_sys("can't load server cert file, "
+                    "Please run from CyaSSL home dir");
+
+        if (CyaSSL_CTX_use_PrivateKey_file(ctx, eccKey, SSL_FILETYPE_PEM)
+                != SSL_SUCCESS)
+            err_sys("can't load server key file, "
+                    "Please run from CyaSSL home dir");
+    #elif defined(NO_CERTS)
+        /* do nothing, just don't load cert files */
+    #else
+        /* normal */
+        if (CyaSSL_CTX_use_certificate_file(ctx, svrCert, SSL_FILETYPE_PEM)
+                != SSL_SUCCESS)
+            err_sys("can't load server cert file, "
+                    "Please run from CyaSSL home dir");
+
+        if (CyaSSL_CTX_use_PrivateKey_file(ctx, svrKey, SSL_FILETYPE_PEM)
+                != SSL_SUCCESS)
+            err_sys("can't load server key file, "
+                    "Please run from CyaSSL home dir");
+    #endif
+    } /* doPSK */
+#elif !defined(NO_CERTS)
+    if (!doPSK) {
+        load_buffer(ctx, svrCert, CYASSL_CERT);
+        load_buffer(ctx, svrKey,  CYASSL_KEY);
+    }
+#endif
+
+#if defined(CYASSL_SNIFFER) && !defined(HAVE_NTRU) && !defined(HAVE_ECC)
+    /* don't use EDH, can't sniff tmp keys */
+    CyaSSL_CTX_set_cipher_list(ctx, "AES256-SHA");
+#endif
+
+    if (doPSK) {
+#ifndef NO_PSK
+        const char *defaultCipherList;
+
+        CyaSSL_CTX_set_psk_server_callback(ctx, my_psk_server_cb);
+        CyaSSL_CTX_use_psk_identity_hint(ctx, "cyassl server");
+        #ifdef HAVE_NULL_CIPHER
+            defaultCipherList = "PSK-NULL-SHA256";
+        #else
+            defaultCipherList = "PSK-AES128-CBC-SHA256";
+        #endif
+        if (CyaSSL_CTX_set_cipher_list(ctx, defaultCipherList) != SSL_SUCCESS)
+            err_sys("server can't set cipher list 2");
+#endif
+    }
+
+    SignalReady(args, port);
+
+    while (!shutDown) {
+        CYASSL* ssl = 0;
+        char    command[SVR_COMMAND_SIZE+1];
+        int     echoSz = 0;
+        int     clientfd;
+        int     firstRead = 1;
+        int     gotFirstG = 0;
+                
+#ifndef CYASSL_DTLS 
+        SOCKADDR_IN_T client;
+        socklen_t     client_len = sizeof(client);
+        clientfd = accept(sockfd, (struct sockaddr*)&client,
+                         (ACCEPT_THIRD_T)&client_len);
+#else
+        clientfd = udp_read_connect(sockfd);
+#endif
+        if (clientfd == -1) err_sys("tcp accept failed");
+
+        ssl = CyaSSL_new(ctx);
+        if (ssl == NULL) err_sys("SSL_new failed");
+        CyaSSL_set_fd(ssl, clientfd);
+        #if !defined(NO_FILESYSTEM) && !defined(NO_DH)
+            CyaSSL_SetTmpDH_file(ssl, dhParam, SSL_FILETYPE_PEM);
+        #elif !defined(NO_DH)
+            SetDH(ssl);  /* will repick suites with DHE, higher than PSK */
+        #endif
+        if (CyaSSL_accept(ssl) != SSL_SUCCESS) {
+            printf("SSL_accept failed\n");
+            CyaSSL_free(ssl);
+            CloseSocket(clientfd);
+            continue;
+        }
+#if defined(PEER_INFO)
+        showPeer(ssl);
+#endif
+
+        while ( (echoSz = CyaSSL_read(ssl, command, sizeof(command)-1)) > 0) {
+
+            if (firstRead == 1) {
+                firstRead = 0;  /* browser may send 1 byte 'G' to start */
+                if (echoSz == 1 && command[0] == 'G') {
+                    gotFirstG = 1;
+                    continue;
+                }
+            }
+            else if (gotFirstG == 1 && strncmp(command, "ET /", 4) == 0) {
+                strncpy(command, "GET", 4);
+                /* fall through to normal GET */
+            }
+           
+            if ( strncmp(command, "quit", 4) == 0) {
+                printf("client sent quit command: shutting down!\n");
+                shutDown = 1;
+                break;
+            }
+            if ( strncmp(command, "break", 5) == 0) {
+                printf("client sent break command: closing session!\n");
+                break;
+            }
+#ifdef SESSION_STATS
+            if ( strncmp(command, "printstats", 10) == 0) {
+                PrintSessionStats();
+                break;
+            }
+#endif
+            if ( strncmp(command, "GET", 3) == 0) {
+                char type[]   = "HTTP/1.0 200 ok\r\nContent-type:"
+                                " text/html\r\n\r\n";
+                char header[] = "\n
\n";
+                char body[]   = "greetings from CyaSSL\n";
+                char footer[] = "\r\n\r\n";
+            
+                strncpy(command, type, sizeof(type));
+                echoSz = sizeof(type) - 1;
+
+                strncpy(&command[echoSz], header, sizeof(header));
+                echoSz += (int)sizeof(header) - 1;
+                strncpy(&command[echoSz], body, sizeof(body));
+                echoSz += (int)sizeof(body) - 1;
+                strncpy(&command[echoSz], footer, sizeof(footer));
+                echoSz += (int)sizeof(footer);
+
+                if (CyaSSL_write(ssl, command, echoSz) != echoSz)
+                    err_sys("SSL_write failed");
+                break;
+            }
+            command[echoSz] = 0;
+
+            #ifdef ECHO_OUT
+                fputs(command, fout);
+            #endif
+
+            if (CyaSSL_write(ssl, command, echoSz) != echoSz)
+                err_sys("SSL_write failed");
+        }
+#ifndef CYASSL_DTLS
+        CyaSSL_shutdown(ssl);
+#endif
+        CyaSSL_free(ssl);
+        CloseSocket(clientfd);
+#ifdef CYASSL_DTLS
+        tcp_listen(&sockfd, &port, useAnyAddr, doDTLS);
+        SignalReady(args, port);
+#endif
+    }
+
+    CloseSocket(sockfd);
+    CyaSSL_CTX_free(ctx);
+
+#ifdef ECHO_OUT
+    if (outCreated)
+        fclose(fout);
+#endif
+
+    ((func_args*)args)->return_code = 0;
+    return 0;
+}
+
+
+/* so overall tests can pull in test function */
+#ifndef NO_MAIN_DRIVER
+
+    int main(int argc, char** argv)
+    {
+        func_args args;
+
+#ifdef HAVE_CAVIUM
+        int ret = OpenNitroxDevice(CAVIUM_DIRECT, CAVIUM_DEV_ID);
+        if (ret != 0)
+            err_sys("Cavium OpenNitroxDevice failed");
+#endif /* HAVE_CAVIUM */
+
+        StartTCP();
+
+        args.argc = argc;
+        args.argv = argv;
+
+        CyaSSL_Init();
+#if defined(DEBUG_CYASSL) && !defined(CYASSL_MDK_SHELL)
+        CyaSSL_Debugging_ON();
+#endif
+        if (CurrentDir("echoserver"))
+            ChangeDirBack(2);
+        else if (CurrentDir("Debug") || CurrentDir("Release"))
+            ChangeDirBack(3);
+        echoserver_test(&args);
+        CyaSSL_Cleanup();
+
+#ifdef HAVE_CAVIUM
+        CspShutdown(CAVIUM_DEV_ID);
+#endif
+        return args.return_code;
+    }
+
+        
+#endif /* NO_MAIN_DRIVER */
+
+
+
+
diff --git a/3P/wolfssl/IDE/MDK5-ARM/Projects/EchoServer/main.c b/3P/wolfssl/IDE/MDK5-ARM/Projects/EchoServer/main.c
new file mode 100644
index 00000000..b1194640
--- /dev/null
+++ b/3P/wolfssl/IDE/MDK5-ARM/Projects/EchoServer/main.c
@@ -0,0 +1,98 @@
+/* main.c
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+ 
+#ifdef HAVE_CONFIG_H
+    #include 
+#endif
+
+#include 
+#include 
+
+#include "cmsis_os.h"
+#include "rl_fs.h" 
+#include "rl_net.h" 
+#include 
+#include "cyassl_MDK_ARM.h"
+#include 
+
+/*-----------------------------------------------------------------------------
+ *        Initialize a Flash Memory Card
+ *----------------------------------------------------------------------------*/
+static void init_filesystem (void) {
+    int32_t retv;
+
+    retv = finit ("M0:");
+    if (retv == 0) {
+        retv = fmount ("M0:");
+        if (retv == 0) {
+            printf ("Drive M0 ready!\n");
+        }
+        else {
+          printf ("Drive M0 mount failed!\n");
+        }
+    } else {
+        printf ("Drive M0 initialization failed!\n");
+    }
+}
+
+/*-----------------------------------------------------------------------------
+ *        TCP/IP tasks
+ *----------------------------------------------------------------------------*/
+void tcp_poll (void const *arg)
+{
+    CYASSL_MSG("TCP polling started.\n") ;
+    while (1) {
+        net_main ();
+        osDelay(1) ;
+    }
+}
+
+typedef struct func_args {
+    int    argc;
+    char** argv;
+} func_args;
+
+extern void echoserver_test(func_args * args) ;
+extern void init_time(void) ;
+
+    osThreadDef (tcp_poll, osPriorityHigh, 1, 0) ;
+/*-----------------------------------------------------------------------------
+ *       mian entry 
+ *----------------------------------------------------------------------------*/
+int myoptind = 0;
+char* myoptarg = NULL;
+
+int main() 
+{
+    func_args args = { 0 } ;
+    init_filesystem ();
+    net_initialize() ;
+    osThreadCreate (osThread (tcp_poll), NULL); 
+    osDelay(10000) ;  /* wait for DHCP */
+    #if defined(DEBUG_CYASSL)
+        printf("Turning ON Debug message\n") ;
+        CyaSSL_Debugging_ON() ;
+    #endif
+
+        printf("echoserver: Started\n") ;
+    echoserver_test(&args) ;
+    printf("echoserver: Terminated\n") ;
+}
diff --git a/3P/wolfssl/IDE/MDK5-ARM/Projects/EchoServer/time-dummy.c b/3P/wolfssl/IDE/MDK5-ARM/Projects/EchoServer/time-dummy.c
new file mode 100644
index 00000000..8f98da46
--- /dev/null
+++ b/3P/wolfssl/IDE/MDK5-ARM/Projects/EchoServer/time-dummy.c
@@ -0,0 +1,34 @@
+/* time-dummy.c.c
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+ 
+#ifdef HAVE_CONFIG_H
+    #include 
+#endif
+
+#include "time.h"
+
+struct tm *Cyassl_MDK_gmtime(const time_t *c) 
+{ 
+    static struct tm date ; 
+    return(&date) ;
+}
+
+time_t time(time_t * t) { return 0 ; }
diff --git a/3P/wolfssl/IDE/MDK5-ARM/Projects/SimpleClient/Abstract.txt b/3P/wolfssl/IDE/MDK5-ARM/Projects/SimpleClient/Abstract.txt
new file mode 100644
index 00000000..1a9a172c
--- /dev/null
+++ b/3P/wolfssl/IDE/MDK5-ARM/Projects/SimpleClient/Abstract.txt
@@ -0,0 +1,23 @@
+This program is a simple client example with CyaSSL/wolfCrypt library.
+
+In order to run this program,
+Copy {PACK}\wolfSSL\CyaSSL\{version}\cyassl\certs folder and files to the SD memory.
+Set config-SimpleClient.h configuration file for the Callee IP or Port number.
+
+For further configuration, refer config-Crypt.h and config-CyaSSL.h.
+config-SimpleClient.h is to configure repote callee IP and port.
+
+When testing this client, it is recommended to test against one of the standard 
+CyaSSL example applications running on a desktop machine.  The standard CyaSSL 
+example applications are located in the CyaSSL root directory under the 
+/examples directory.
+
+For the hardware crypt on config-Crypt.h, download 
+STSW-STM32062: STM32F2xx standard peripherals library at 
+http://www.st.com/. Copy Libraries\STM32F2xx_StdPeriph_Driver\{inc,src} to 
+ {PACK}\cyassl\IDE\MDK5-ARM\STM32F2xx_StdPeriph_Lib
+
+
+Support
+-------
+Please send questions or comments to support@wolfssl.com
\ No newline at end of file
diff --git a/3P/wolfssl/IDE/MDK5-ARM/Projects/SimpleClient/RTE/wolfSSL/settings.h b/3P/wolfssl/IDE/MDK5-ARM/Projects/SimpleClient/RTE/wolfSSL/settings.h
new file mode 100644
index 00000000..86a57a0d
--- /dev/null
+++ b/3P/wolfssl/IDE/MDK5-ARM/Projects/SimpleClient/RTE/wolfSSL/settings.h
@@ -0,0 +1,667 @@
+/* settings.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+/* Place OS specific preprocessor flags, defines, includes here, will be
+   included into every file because types.h includes it */
+
+
+#ifndef CTAO_CRYPT_SETTINGS_H
+#define CTAO_CRYPT_SETTINGS_H
+
+#ifdef __cplusplus
+    extern "C" {
+#endif
+
+/* Uncomment next line if using IPHONE */
+/* #define IPHONE */
+
+/* Uncomment next line if using ThreadX */
+/* #define THREADX */
+
+/* Uncomment next line if using Micrium ucOS */
+/* #define MICRIUM */
+
+/* Uncomment next line if using Mbed */
+/* #define MBED */
+
+/* Uncomment next line if using Microchip PIC32 ethernet starter kit */
+/* #define MICROCHIP_PIC32 */
+
+/* Uncomment next line if using Microchip TCP/IP stack, version 5 */
+/* #define MICROCHIP_TCPIP_V5 */
+
+/* Uncomment next line if using Microchip TCP/IP stack, version 6 or later */
+/* #define MICROCHIP_TCPIP */
+
+/* Uncomment next line if using PIC32MZ Crypto Engine */
+/* #define CYASSL_MICROCHIP_PIC32MZ */
+        
+/* Uncomment next line if using FreeRTOS */
+/* #define FREERTOS */
+
+/* Uncomment next line if using FreeRTOS Windows Simulator */
+/* #define FREERTOS_WINSIM */
+
+/* Uncomment next line if using RTIP */
+/* #define EBSNET */
+
+/* Uncomment next line if using lwip */
+/* #define CYASSL_LWIP */
+
+/* Uncomment next line if building CyaSSL for a game console */
+/* #define CYASSL_GAME_BUILD */
+
+/* Uncomment next line if building CyaSSL for LSR */
+/* #define CYASSL_LSR */
+
+/* Uncomment next line if building CyaSSL for Freescale MQX/RTCS/MFS */
+/* #define FREESCALE_MQX */
+
+/* Uncomment next line if using STM32F2 */
+/* #define CYASSL_STM32F2 */
+
+/* Uncomment next line if using Comverge settings */
+/* #define COMVERGE */
+
+/* Uncomment next line if using QL SEP settings */
+/* #define CYASSL_QL */
+
+/* Uncomment next line if using LwIP native TCP socket settings */
+/* #define HAVE_LWIP_NATIVE */
+
+/* Uncomment next line if building for EROAD */
+/* #define CYASSL_EROAD */
+
+#include 
+
+#ifdef IPHONE
+    #define SIZEOF_LONG_LONG 8
+#endif
+
+
+#ifdef CYASSL_USER_SETTINGS
+    #include 
+#endif
+
+
+#ifdef COMVERGE
+    #define THREADX
+    #define HAVE_NETX
+    #define CYASSL_USER_IO
+    #define NO_WRITEV
+    #define NO_DEV_RANDOM
+    #define NO_FILESYSTEM
+    #define NO_SHA512
+    #define NO_DH
+    #define NO_DSA
+    #define NO_HC128
+    #define NO_RSA
+    #define NO_SESSION_CACHE
+    #define HAVE_ECC 
+#endif
+
+
+#ifdef THREADX 
+    #define SIZEOF_LONG_LONG 8
+#endif
+
+#ifdef HAVE_NETX
+    #include "nx_api.h"
+#endif
+
+#if defined(HAVE_LWIP_NATIVE) /* using LwIP native TCP socket */
+    #define CYASSL_LWIP
+    #define NO_WRITEV
+    #define SINGLE_THREADED
+    #define CYASSL_USER_IO
+    #define NO_FILESYSTEM
+#endif 
+
+#ifdef MICROCHIP_PIC32
+    /* #define CYASSL_MICROCHIP_PIC32MZ */
+    #define SIZEOF_LONG_LONG 8
+    #define SINGLE_THREADED
+    #define CYASSL_USER_IO
+    #define NO_WRITEV
+    #define NO_DEV_RANDOM
+    #define NO_FILESYSTEM
+    #define USE_FAST_MATH
+    #define TFM_TIMING_RESISTANT
+#endif
+
+#ifdef CYASSL_MICROCHIP_PIC32MZ
+    #define CYASSL_PIC32MZ_CE
+    #define CYASSL_PIC32MZ_CRYPT
+    #define HAVE_AES_ENGINE
+    #define CYASSL_PIC32MZ_RNG
+    /* #define CYASSL_PIC32MZ_HASH */
+    #define CYASSL_AES_COUNTER
+    #define HAVE_AESGCM
+    #define NO_BIG_INT
+
+#endif
+
+#ifdef MICROCHIP_TCPIP_V5
+    /* include timer functions */
+    #include "TCPIP Stack/TCPIP.h"
+#endif
+
+#ifdef MICROCHIP_TCPIP
+    /* include timer, NTP functions */
+    #ifdef MICROCHIP_MPLAB_HARMONY
+        #include "tcpip/tcpip.h"
+    #else
+        #include "system/system_services.h"
+        #include "tcpip/sntp.h"
+    #endif
+#endif
+
+#ifdef MBED
+    #define CYASSL_USER_IO
+    #define NO_FILESYSTEM
+    #define NO_CERT
+    #define USE_CERT_BUFFERS_1024
+    #define NO_WRITEV
+    #define NO_DEV_RANDOM
+    #define NO_SHA512
+    #define NO_DH
+    #define NO_DSA
+    #define NO_HC128
+    #define HAVE_ECC
+    #define NO_SESSION_CACHE
+    #define CYASSL_CMSIS_RTOS
+#endif
+
+
+#ifdef CYASSL_EROAD
+    #define FREESCALE_MQX
+    #define FREESCALE_MMCAU
+    #define SINGLE_THREADED
+    #define NO_STDIO_FILESYSTEM
+    #define CYASSL_LEANPSK
+    #define HAVE_NULL_CIPHER
+    #define NO_OLD_TLS
+    #define NO_ASN
+    #define NO_BIG_INT
+    #define NO_RSA
+    #define NO_DSA
+    #define NO_DH
+    #define NO_CERTS
+    #define NO_PWDBASED
+    #define NO_DES3
+    #define NO_MD4
+    #define NO_RC4
+    #define NO_MD5
+    #define NO_SESSION_CACHE
+    #define NO_MAIN_DRIVER
+#endif
+
+#ifdef FREERTOS_WINSIM
+    #define FREERTOS
+    #define USE_WINDOWS_API
+#endif
+
+
+/* Micrium will use Visual Studio for compilation but not the Win32 API */
+#if defined(_WIN32) && !defined(MICRIUM) && !defined(FREERTOS) \
+        && !defined(EBSNET) && !defined(CYASSL_EROAD)
+    #define USE_WINDOWS_API
+#endif
+
+
+#if defined(CYASSL_LEANPSK) && !defined(XMALLOC_USER)
+    #include 
+    #define XMALLOC(s, h, type)  malloc((s))
+    #define XFREE(p, h, type)    free((p)) 
+    #define XREALLOC(p, n, h, t) realloc((p), (n))
+#endif
+
+#if defined(XMALLOC_USER) && defined(SSN_BUILDING_LIBYASSL)
+    #undef  XMALLOC
+    #define XMALLOC     yaXMALLOC
+    #undef  XFREE
+    #define XFREE       yaXFREE
+    #undef  XREALLOC
+    #define XREALLOC    yaXREALLOC
+#endif
+
+
+#ifdef FREERTOS
+    #ifndef NO_WRITEV
+        #define NO_WRITEV
+    #endif
+    #ifndef NO_SHA512
+        #define NO_SHA512
+    #endif
+    #ifndef NO_DH
+        #define NO_DH
+    #endif
+    #ifndef NO_DSA
+        #define NO_DSA
+    #endif
+    #ifndef NO_HC128
+        #define NO_HC128
+    #endif
+
+    #ifndef SINGLE_THREADED
+        #include "FreeRTOS.h"
+        #include "semphr.h"
+    #endif
+#endif
+
+#ifdef EBSNET
+    #include "rtip.h"
+
+    /* #define DEBUG_CYASSL */
+    #define NO_CYASSL_DIR  /* tbd */
+
+    #if (POLLOS)
+        #define SINGLE_THREADED
+    #endif
+
+    #if (RTPLATFORM)
+        #if (!RTP_LITTLE_ENDIAN)
+            #define BIG_ENDIAN_ORDER
+        #endif
+    #else
+        #if (!KS_LITTLE_ENDIAN)
+            #define BIG_ENDIAN_ORDER
+        #endif
+    #endif
+
+    #if (WINMSP3)
+        #undef SIZEOF_LONG
+        #define SIZEOF_LONG_LONG 8
+    #else
+        #sslpro: settings.h - please implement SIZEOF_LONG and SIZEOF_LONG_LONG
+    #endif
+
+    #define XMALLOC(s, h, type) ((void *)rtp_malloc((s), SSL_PRO_MALLOC))
+    #define XFREE(p, h, type) (rtp_free(p))
+    #define XREALLOC(p, n, h, t) realloc((p), (n))
+
+#endif /* EBSNET */
+
+#ifdef CYASSL_GAME_BUILD
+    #define SIZEOF_LONG_LONG 8
+    #if defined(__PPU) || defined(__XENON)
+        #define BIG_ENDIAN_ORDER
+    #endif
+#endif
+
+#ifdef CYASSL_LSR
+    #define HAVE_WEBSERVER
+    #define SIZEOF_LONG_LONG 8
+    #define CYASSL_LOW_MEMORY
+    #define NO_WRITEV
+    #define NO_SHA512
+    #define NO_DH
+    #define NO_DSA
+    #define NO_HC128
+    #define NO_DEV_RANDOM
+    #define NO_CYASSL_DIR
+    #define NO_RABBIT
+    #ifndef NO_FILESYSTEM
+        #define LSR_FS
+        #include "inc/hw_types.h"
+        #include "fs.h"
+    #endif
+    #define CYASSL_LWIP
+    #include   /* for tcp errno */
+    #define CYASSL_SAFERTOS
+    #if defined(__IAR_SYSTEMS_ICC__)
+        /* enum uses enum */
+        #pragma diag_suppress=Pa089
+    #endif
+#endif
+
+#ifdef CYASSL_SAFERTOS
+    #ifndef SINGLE_THREADED
+        #include "SafeRTOS/semphr.h"
+    #endif
+
+    #include "SafeRTOS/heap.h"
+    #define XMALLOC(s, h, type)  pvPortMalloc((s))
+    #define XFREE(p, h, type)    vPortFree((p)) 
+    #define XREALLOC(p, n, h, t) pvPortRealloc((p), (n))
+#endif
+
+#ifdef CYASSL_LOW_MEMORY
+    #undef  RSA_LOW_MEM
+    #define RSA_LOW_MEM
+    #undef  CYASSL_SMALL_STACK
+    #define CYASSL_SMALL_STACK
+    #undef  TFM_TIMING_RESISTANT
+    #define TFM_TIMING_RESISTANT
+#endif
+
+#ifdef FREESCALE_MQX
+    #define SIZEOF_LONG_LONG 8
+    #define NO_WRITEV
+    #define NO_DEV_RANDOM
+    #define NO_RABBIT
+    #define NO_CYASSL_DIR
+    #define USE_FAST_MATH
+    #define TFM_TIMING_RESISTANT
+    #define FREESCALE_K70_RNGA
+    /* #define FREESCALE_K53_RNGB */
+    #include "mqx.h"
+    #ifndef NO_FILESYSTEM
+        #include "mfs.h"
+        #include "fio.h"
+    #endif
+    #ifndef SINGLE_THREADED
+        #include "mutex.h"
+    #endif
+
+    #define XMALLOC(s, h, t)    (void *)_mem_alloc_system((s))
+    #define XFREE(p, h, t)      {void* xp = (p); if ((xp)) _mem_free((xp));}
+    /* Note: MQX has no realloc, using fastmath above */
+#endif
+
+#ifdef CYASSL_STM32F2
+    #define SIZEOF_LONG_LONG 8
+    #define NO_DEV_RANDOM
+    #define NO_CYASSL_DIR
+    #define NO_RABBIT
+    #define STM32F2_RNG
+    #define STM32F2_CRYPTO
+    #define KEIL_INTRINSICS
+#endif
+
+#ifdef MICRIUM
+
+    #include "stdlib.h"
+    #include "net_cfg.h"
+    #include "ssl_cfg.h"
+    #include "net_secure_os.h"
+
+    #define CYASSL_TYPES
+
+    typedef CPU_INT08U byte;
+    typedef CPU_INT16U word16;
+    typedef CPU_INT32U word32;
+
+    #if (NET_SECURE_MGR_CFG_WORD_SIZE == CPU_WORD_SIZE_32)
+        #define SIZEOF_LONG        4
+        #undef  SIZEOF_LONG_LONG
+    #else
+        #undef  SIZEOF_LONG
+        #define SIZEOF_LONG_LONG   8
+    #endif
+
+    #define STRING_USER
+
+    #define XSTRLEN(pstr) ((CPU_SIZE_T)Str_Len((CPU_CHAR *)(pstr)))
+    #define XSTRNCPY(pstr_dest, pstr_src, len_max) \
+                    ((CPU_CHAR *)Str_Copy_N((CPU_CHAR *)(pstr_dest), \
+                     (CPU_CHAR *)(pstr_src), (CPU_SIZE_T)(len_max)))
+    #define XSTRNCMP(pstr_1, pstr_2, len_max) \
+                    ((CPU_INT16S)Str_Cmp_N((CPU_CHAR *)(pstr_1), \
+                     (CPU_CHAR *)(pstr_2), (CPU_SIZE_T)(len_max)))  
+    #define XSTRSTR(pstr, pstr_srch) \
+                    ((CPU_CHAR *)Str_Str((CPU_CHAR *)(pstr), \
+                     (CPU_CHAR *)(pstr_srch)))
+    #define XMEMSET(pmem, data_val, size) \
+                    ((void)Mem_Set((void *)(pmem), (CPU_INT08U) (data_val), \
+                    (CPU_SIZE_T)(size)))
+    #define XMEMCPY(pdest, psrc, size) ((void)Mem_Copy((void *)(pdest), \
+                     (void *)(psrc), (CPU_SIZE_T)(size)))
+    #define XMEMCMP(pmem_1, pmem_2, size) \
+                   (((CPU_BOOLEAN)Mem_Cmp((void *)(pmem_1), (void *)(pmem_2), \
+                     (CPU_SIZE_T)(size))) ? DEF_NO : DEF_YES)
+    #define XMEMMOVE XMEMCPY
+
+#if (NET_SECURE_MGR_CFG_EN == DEF_ENABLED)
+    #define MICRIUM_MALLOC    
+    #define XMALLOC(s, h, type) ((void *)NetSecure_BlkGet((CPU_INT08U)(type), \
+                                 (CPU_SIZE_T)(s), (void *)0))
+    #define XFREE(p, h, type)   (NetSecure_BlkFree((CPU_INT08U)(type), \
+                                 (p), (void *)0))
+    #define XREALLOC(p, n, h, t) realloc((p), (n))
+#endif
+
+    #if (NET_SECURE_MGR_CFG_FS_EN == DEF_ENABLED)
+        #undef  NO_FILESYSTEM
+    #else
+        #define NO_FILESYSTEM
+    #endif
+
+    #if (SSL_CFG_TRACE_LEVEL == CYASSL_TRACE_LEVEL_DBG)
+        #define DEBUG_CYASSL
+    #else
+        #undef  DEBUG_CYASSL
+    #endif
+
+    #if (SSL_CFG_OPENSSL_EN == DEF_ENABLED)
+        #define OPENSSL_EXTRA
+    #else
+        #undef  OPENSSL_EXTRA
+    #endif
+
+    #if (SSL_CFG_MULTI_THREAD_EN == DEF_ENABLED)
+        #undef  SINGLE_THREADED
+    #else
+        #define SINGLE_THREADED
+    #endif
+
+    #if (SSL_CFG_DH_EN == DEF_ENABLED)
+        #undef  NO_DH
+    #else
+        #define NO_DH
+    #endif
+
+    #if (SSL_CFG_DSA_EN == DEF_ENABLED)
+        #undef  NO_DSA
+    #else
+        #define NO_DSA
+    #endif
+
+    #if (SSL_CFG_PSK_EN == DEF_ENABLED)
+        #undef  NO_PSK
+    #else
+        #define NO_PSK
+    #endif
+
+    #if (SSL_CFG_3DES_EN == DEF_ENABLED)
+        #undef  NO_DES
+    #else
+        #define NO_DES
+    #endif
+
+    #if (SSL_CFG_AES_EN == DEF_ENABLED)
+        #undef  NO_AES
+    #else
+        #define NO_AES
+    #endif
+
+    #if (SSL_CFG_RC4_EN == DEF_ENABLED)
+        #undef  NO_RC4
+    #else
+        #define NO_RC4
+    #endif
+
+    #if (SSL_CFG_RABBIT_EN == DEF_ENABLED)
+        #undef  NO_RABBIT
+    #else
+        #define NO_RABBIT
+    #endif
+
+    #if (SSL_CFG_HC128_EN == DEF_ENABLED)
+        #undef  NO_HC128
+    #else
+        #define NO_HC128
+    #endif
+
+    #if (CPU_CFG_ENDIAN_TYPE == CPU_ENDIAN_TYPE_BIG)
+        #define BIG_ENDIAN_ORDER
+    #else
+        #undef  BIG_ENDIAN_ORDER
+        #define LITTLE_ENDIAN_ORDER
+    #endif
+
+    #if (SSL_CFG_MD4_EN == DEF_ENABLED)
+        #undef  NO_MD4
+    #else
+        #define NO_MD4
+    #endif
+
+    #if (SSL_CFG_WRITEV_EN == DEF_ENABLED)
+        #undef  NO_WRITEV
+    #else
+        #define NO_WRITEV
+    #endif
+
+    #if (SSL_CFG_USER_RNG_SEED_EN == DEF_ENABLED)
+        #define NO_DEV_RANDOM   
+    #else
+        #undef  NO_DEV_RANDOM
+    #endif
+
+    #if (SSL_CFG_USER_IO_EN == DEF_ENABLED)
+        #define CYASSL_USER_IO   
+    #else
+        #undef  CYASSL_USER_IO
+    #endif
+
+    #if (SSL_CFG_DYNAMIC_BUFFERS_EN == DEF_ENABLED)
+        #undef  LARGE_STATIC_BUFFERS
+        #undef  STATIC_CHUNKS_ONLY
+    #else
+        #define LARGE_STATIC_BUFFERS
+        #define STATIC_CHUNKS_ONLY
+    #endif
+
+    #if (SSL_CFG_DER_LOAD_EN == DEF_ENABLED)
+        #define  CYASSL_DER_LOAD
+    #else
+        #undef   CYASSL_DER_LOAD
+    #endif
+
+    #if (SSL_CFG_DTLS_EN == DEF_ENABLED)
+        #define  CYASSL_DTLS
+    #else
+        #undef   CYASSL_DTLS
+    #endif
+
+    #if (SSL_CFG_CALLBACKS_EN == DEF_ENABLED)
+         #define CYASSL_CALLBACKS
+    #else
+         #undef  CYASSL_CALLBACKS
+    #endif
+
+    #if (SSL_CFG_FAST_MATH_EN == DEF_ENABLED)
+         #define USE_FAST_MATH
+    #else
+         #undef  USE_FAST_MATH
+    #endif
+
+    #if (SSL_CFG_TFM_TIMING_RESISTANT_EN == DEF_ENABLED)
+         #define TFM_TIMING_RESISTANT
+    #else
+         #undef  TFM_TIMING_RESISTANT
+    #endif
+
+#endif /* MICRIUM */
+
+
+#ifdef CYASSL_QL
+    #ifndef CYASSL_SEP
+        #define CYASSL_SEP
+    #endif
+    #ifndef OPENSSL_EXTRA
+        #define OPENSSL_EXTRA
+    #endif
+    #ifndef SESSION_CERTS
+        #define SESSION_CERTS
+    #endif
+    #ifndef HAVE_AESCCM
+        #define HAVE_AESCCM
+    #endif
+    #ifndef ATOMIC_USER
+        #define ATOMIC_USER
+    #endif
+    #ifndef CYASSL_DER_LOAD
+        #define CYASSL_DER_LOAD
+    #endif
+    #ifndef KEEP_PEER_CERT
+        #define KEEP_PEER_CERT
+    #endif
+    #ifndef HAVE_ECC
+        #define HAVE_ECC
+    #endif
+    #ifndef SESSION_INDEX
+        #define SESSION_INDEX
+    #endif
+#endif /* CYASSL_QL */
+
+
+#if !defined(XMALLOC_USER) && !defined(MICRIUM_MALLOC) && \
+    !defined(CYASSL_LEANPSK) && !defined(NO_CYASSL_MEMORY)
+    #define USE_CYASSL_MEMORY
+#endif
+
+
+#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS)
+    #undef  KEEP_PEER_CERT
+    #define KEEP_PEER_CERT
+#endif
+
+
+/* stream ciphers except arc4 need 32bit alignment, intel ok without */
+#ifndef XSTREAM_ALIGNMENT
+    #if defined(__x86_64__) || defined(__ia64__) || defined(__i386__)
+        #define NO_XSTREAM_ALIGNMENT
+    #else
+        #define XSTREAM_ALIGNMENT
+    #endif
+#endif
+
+
+/* if using hardware crypto and have alignment requirements, specify the
+   requirement here.  The record header of SSL/TLS will prvent easy alignment.
+   This hint tries to help as much as possible.  */
+#ifndef CYASSL_GENERAL_ALIGNMENT
+    #ifdef CYASSL_AESNI
+        #define CYASSL_GENERAL_ALIGNMENT 16
+    #elif defined(XSTREAM_ALIGNMENT)
+        #define CYASSL_GENERAL_ALIGNMENT  4
+    #else 
+        #define CYASSL_GENERAL_ALIGNMENT  0 
+    #endif
+#endif
+
+#ifdef HAVE_CRL
+    /* not widely supported yet */
+    #undef NO_SKID
+    #define NO_SKID
+#endif
+
+/* Place any other flags or defines here */
+
+
+#ifdef __cplusplus
+    }   /* extern "C" */
+#endif
+
+
+#endif /* CTAO_CRYPT_SETTINGS_H */
+
diff --git a/3P/wolfssl/IDE/MDK5-ARM/Projects/SimpleClient/SimpleClient.uvoptx b/3P/wolfssl/IDE/MDK5-ARM/Projects/SimpleClient/SimpleClient.uvoptx
new file mode 100644
index 00000000..46654d1c
--- /dev/null
+++ b/3P/wolfssl/IDE/MDK5-ARM/Projects/SimpleClient/SimpleClient.uvoptx
@@ -0,0 +1,1263 @@
+
+
+
+  1.0
+
+  
### uVision Project, (C) Keil Software

+
+  
+    *.c
+    *.s*; *.src; *.a*
+    *.obj
+    *.lib
+    *.txt; *.h; *.inc
+    *.plm
+    *.cpp
+  
+
+  
+    0
+    0
+  
+
+  
+    SimpleClient
+    0x4
+    ARM-ADS
+    
+      120000000
+      
+        1
+        1
+        0
+        1
+      
+      
+        1
+        65535
+        0
+        0
+        0
+      
+      
+        79
+        66
+        8
+        .\Object\
+      
+      
+        1
+        1
+        1
+        0
+        1
+        1
+        0
+        1
+        0
+        0
+        0
+        0
+      
+      
+        1
+        1
+        1
+        1
+        1
+        1
+        1
+        0
+        0
+      
+      
+        1
+        0
+        1
+      
+      255
+      
+        
+          0
+          Schematics (MCBSTM32F200)
+          C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\Documents\mcbstm32f200-schematics.pdf
+        
+        
+          1
+          User Manual (MCBSTM32F200)
+          C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\Documents\mcbstm32f200.chm
+        
+        
+          2
+          MCBSTM32F200 Evaluation Board Web Page (MCBSTM32F200)
+          http://www.keil.com/mcbstm32f200/
+        
+      
+      
+        0
+        1
+        1
+        1
+        1
+        1
+        1
+        1
+        1
+        1
+        1
+        1
+        1
+        1
+        0
+        1
+        1
+        1
+        1
+        1
+        0
+        0
+        8
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        .\STM32_SWO.ini
+        BIN\ULP2CM3.DLL
+      
+      
+        
+          0
+          DLGTARM
+          (1010=-1,-1,-1,-1,0)(1007=-1,-1,-1,-1,0)(1008=-1,-1,-1,-1,0)(1009=-1,-1,-1,-1,0)(1012=-1,-1,-1,-1,0)
+        
+        
+          0
+          ARMDBGFLAGS
+          
+        
+        
+          0
+          ULP2CM3
+          -UP1135060 -O206 -S8 -C0 -P00 -N00("ARM CoreSight SW-DP") -D00(2BA01477) -L00(0) -TO19 -TC120000000 -TP18 -TDX0 -TDD0 -TDS8000 -TDT0 -TDC1F -TIE1 -TIP1 -FO7 -FD20000000 -FC1000 -FN1 -FF0STM32F2xx_1024.flm -FS08000000 -FL0100000 -FP0($$Device:STM32F207IG$Flash\STM32F2xx_1024.flm)
+        
+        
+          0
+          DLGUARM
+          
+        
+        
+          0
+          UL2CM3
+          UL2CM3(-S0 -C0 -P0 -FD20000000 -FC1000 -FN1 -FF0STM32F2xx_1024 -FS08000000 -FL0100000 -FP0($$Device:STM32F207IG$Flash\STM32F2xx_1024.flm))
+        
+      
+      
+      
+        
+          1
+          8
+          0x20000408
+        
+      
+      
+        
+          2
+          8
+          0x8004dc8
+        
+      
+      
+        0
+      
+      
+        0
+        0
+        1
+        0
+        0
+        0
+        0
+        1
+        0
+        0
+        0
+        0
+        0
+        0
+        0
+        0
+        0
+        0
+        0
+        1
+        0
+        0
+        0
+        0
+      
+      
+      
+    
+  
+
+  
+    Source
+    1
+    0
+    0
+    0
+    
+      1
+      1
+      1
+      0
+      0
+      0
+      0
+      .\main.c
+      main.c
+      0
+      0
+    
+    
+      1
+      2
+      1
+      0
+      0
+      0
+      0
+      .\client.c
+      client.c
+      0
+      0
+    
+  
+
+  
+    Configuration
+    1
+    0
+    0
+    0
+    
+      2
+      3
+      5
+      0
+      0
+      0
+      0
+      .\config-SimpleClient.h
+      config-SimpleClient.h
+      0
+      0
+    
+    
+      2
+      4
+      5
+      0
+      0
+      0
+      0
+      .\RTE\wolfSSL\config-CyaSSL.h
+      config-CyaSSL.h
+      0
+      0
+    
+    
+      2
+      5
+      5
+      0
+      0
+      0
+      0
+      .\RTE\wolfSSL\config-Crypt.h
+      config-Crypt.h
+      0
+      0
+    
+    
+      2
+      6
+      5
+      0
+      0
+      0
+      0
+      .\RTE\Network\Net_Config_ETH_0.h
+      Net_Config_ETH_0.h
+      0
+      0
+    
+  
+
+  
+    Documentation
+    1
+    0
+    0
+    0
+    
+      3
+      7
+      5
+      0
+      0
+      0
+      0
+      .\Abstract.txt
+      Abstract.txt
+      0
+      0
+    
+  
+
+  
+    Devices
+    1
+    0
+    0
+    0
+    
+      4
+      8
+      1
+      0
+      0
+      0
+      0
+      .\time-dummy.c
+      time-dummy.c
+      0
+      0
+    
+    
+      4
+      9
+      1
+      0
+      0
+      0
+      0
+      .\time-CortexM3-4.c
+      time-CortexM3-4.c
+      0
+      0
+    
+  
+
+  
+    ::CMSIS
+    1
+    0
+    0
+    1
+    
+      5
+      10
+      1
+      0
+      0
+      0
+      0
+      RTE\CMSIS\RTX_Conf_CM.c
+      RTX_Conf_CM.c
+      1
+      0
+    
+    
+      5
+      11
+      4
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.4\CMSIS_RTX\Lib\ARM\RTX_CM3.lib
+      RTX_CM3.lib
+      1
+      0
+    
+  
+
+  
+    ::Device
+    0
+    0
+    0
+    1
+    
+      6
+      12
+      5
+      0
+      0
+      0
+      0
+      RTE\Device\STM32F207IG\RTE_Device.h
+      RTE_Device.h
+      1
+      0
+    
+    
+      6
+      13
+      2
+      0
+      0
+      0
+      0
+      RTE\Device\STM32F207IG\startup_stm32f2xx.s
+      startup_stm32f2xx.s
+      1
+      0
+    
+    
+      6
+      14
+      1
+      0
+      0
+      0
+      0
+      RTE\Device\STM32F207IG\system_stm32f2xx.c
+      system_stm32f2xx.c
+      1
+      0
+    
+    
+      6
+      15
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\DMA_STM32F2xx.c
+      DMA_STM32F2xx.c
+      1
+      0
+    
+    
+      6
+      16
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\GPIO_STM32F2xx.c
+      GPIO_STM32F2xx.c
+      1
+      0
+    
+  
+
+  
+    ::Drivers
+    0
+    0
+    0
+    1
+    
+      7
+      17
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\EMAC_STM32F2xx.c
+      EMAC_STM32F2xx.c
+      1
+      0
+    
+    
+      7
+      18
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\MCI_STM32F2xx.c
+      MCI_STM32F2xx.c
+      1
+      0
+    
+    
+      7
+      19
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.6\Network\Driver\PHY_ST802RT1.c
+      PHY_ST802RT1.c
+      1
+      0
+    
+  
+
+  
+    ::File System
+    0
+    0
+    0
+    1
+    
+      8
+      20
+      1
+      0
+      0
+      0
+      0
+      RTE\File_System\FS_Config.c
+      FS_Config.c
+      1
+      0
+    
+    
+      8
+      21
+      5
+      0
+      0
+      0
+      0
+      RTE\File_System\FS_Config_MC_0.h
+      FS_Config_MC_0.h
+      1
+      0
+    
+    
+      8
+      22
+      4
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.6\FileSystem\Lib\ARM\FS_LFN_CM3_L.lib
+      FS_LFN_CM3_L.lib
+      1
+      0
+    
+  
+
+  
+    ::Network
+    0
+    0
+    0
+    1
+    
+      9
+      23
+      1
+      0
+      0
+      0
+      0
+      RTE\Network\Net_Config.c
+      Net_Config.c
+      1
+      0
+    
+    
+      9
+      24
+      5
+      0
+      0
+      0
+      0
+      RTE\Network\Net_Config_BSD.h
+      Net_Config_BSD.h
+      1
+      0
+    
+    
+      9
+      25
+      5
+      0
+      0
+      0
+      0
+      RTE\Network\Net_Config_DNS_Client.h
+      Net_Config_DNS_Client.h
+      1
+      0
+    
+    
+      9
+      26
+      5
+      0
+      0
+      0
+      0
+      RTE\Network\Net_Config_ETH_0.h
+      Net_Config_ETH_0.h
+      1
+      0
+    
+    
+      9
+      27
+      5
+      0
+      0
+      0
+      0
+      RTE\Network\Net_Config_TCP.h
+      Net_Config_TCP.h
+      1
+      0
+    
+    
+      9
+      28
+      5
+      0
+      0
+      0
+      0
+      RTE\Network\Net_Config_UDP.h
+      Net_Config_UDP.h
+      1
+      0
+    
+    
+      9
+      29
+      1
+      0
+      0
+      0
+      0
+      RTE\Network\Net_Debug.c
+      Net_Debug.c
+      1
+      0
+    
+    
+      9
+      30
+      4
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.6\Network\Lib\ARM\Net_Dbg_CM3_L.lib
+      Net_Dbg_CM3_L.lib
+      1
+      0
+    
+  
+
+  
+    ::wolfSSL
+    1
+    0
+    0
+    1
+    
+      10
+      31
+      5
+      0
+      0
+      0
+      0
+      RTE\wolfSSL\config-Crypt.h
+      config-Crypt.h
+      1
+      0
+    
+    
+      10
+      32
+      5
+      0
+      0
+      0
+      0
+      RTE\wolfSSL\config-CyaSSL.h
+      config-CyaSSL.h
+      1
+      0
+    
+    
+      10
+      33
+      5
+      0
+      0
+      0
+      0
+      RTE\wolfSSL\settings.h
+      settings.h
+      1
+      0
+    
+    
+      10
+      34
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\IDE\MDK5-ARM\Src\cyassl_MDK_ARM.c
+      cyassl_MDK_ARM.c
+      1
+      0
+    
+    
+      10
+      35
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\aes.c
+      aes.c
+      1
+      0
+    
+    
+      10
+      36
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\arc4.c
+      arc4.c
+      1
+      0
+    
+    
+      10
+      37
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\asm.c
+      asm.c
+      1
+      0
+    
+    
+      10
+      38
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\asn.c
+      asn.c
+      1
+      0
+    
+    
+      10
+      39
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\blake2b.c
+      blake2b.c
+      1
+      0
+    
+    
+      10
+      40
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\camellia.c
+      camellia.c
+      1
+      0
+    
+    
+      10
+      41
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\coding.c
+      coding.c
+      1
+      0
+    
+    
+      10
+      42
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\compress.c
+      compress.c
+      1
+      0
+    
+    
+      10
+      43
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\des3.c
+      des3.c
+      1
+      0
+    
+    
+      10
+      44
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\dh.c
+      dh.c
+      1
+      0
+    
+    
+      10
+      45
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\dsa.c
+      dsa.c
+      1
+      0
+    
+    
+      10
+      46
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\ecc.c
+      ecc.c
+      1
+      0
+    
+    
+      10
+      47
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\ecc_fp.c
+      ecc_fp.c
+      1
+      0
+    
+    
+      10
+      48
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\error.c
+      error.c
+      1
+      0
+    
+    
+      10
+      49
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\hc128.c
+      hc128.c
+      1
+      0
+    
+    
+      10
+      50
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\hmac.c
+      hmac.c
+      1
+      0
+    
+    
+      10
+      51
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\integer.c
+      integer.c
+      1
+      0
+    
+    
+      10
+      52
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\logging.c
+      logging.c
+      1
+      0
+    
+    
+      10
+      53
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\md2.c
+      md2.c
+      1
+      0
+    
+    
+      10
+      54
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\md4.c
+      md4.c
+      1
+      0
+    
+    
+      10
+      55
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\md5.c
+      md5.c
+      1
+      0
+    
+    
+      10
+      56
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\memory.c
+      memory.c
+      1
+      0
+    
+    
+      10
+      57
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\misc.c
+      misc.c
+      1
+      0
+    
+    
+      10
+      58
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\pwdbased.c
+      pwdbased.c
+      1
+      0
+    
+    
+      10
+      59
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\rabbit.c
+      rabbit.c
+      1
+      0
+    
+    
+      10
+      60
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\random.c
+      random.c
+      1
+      0
+    
+    
+      10
+      61
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\ripemd.c
+      ripemd.c
+      1
+      0
+    
+    
+      10
+      62
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\rsa.c
+      rsa.c
+      1
+      0
+    
+    
+      10
+      63
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\sha.c
+      sha.c
+      1
+      0
+    
+    
+      10
+      64
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\sha256.c
+      sha256.c
+      1
+      0
+    
+    
+      10
+      65
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\sha512.c
+      sha512.c
+      1
+      0
+    
+    
+      10
+      66
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\tfm.c
+      tfm.c
+      1
+      0
+    
+    
+      10
+      67
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\wc_port.c
+      wc_port.c
+      1
+      0
+    
+    
+      10
+      68
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\src\crl.c
+      crl.c
+      1
+      0
+    
+    
+      10
+      69
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\src\internal.c
+      internal.c
+      1
+      0
+    
+    
+      10
+      70
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\src\io.c
+      io.c
+      1
+      0
+    
+    
+      10
+      71
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\src\keys.c
+      keys.c
+      1
+      0
+    
+    
+      10
+      72
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\src\ocsp.c
+      ocsp.c
+      1
+      0
+    
+    
+      10
+      73
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\src\sniffer.c
+      sniffer.c
+      1
+      0
+    
+    
+      10
+      74
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\src\ssl.c
+      ssl.c
+      1
+      0
+    
+    
+      10
+      75
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\src\tls.c
+      tls.c
+      1
+      0
+    
+  
+
+
diff --git a/3P/wolfssl/IDE/MDK5-ARM/Projects/SimpleClient/client.c b/3P/wolfssl/IDE/MDK5-ARM/Projects/SimpleClient/client.c
new file mode 100644
index 00000000..8382a540
--- /dev/null
+++ b/3P/wolfssl/IDE/MDK5-ARM/Projects/SimpleClient/client.c
@@ -0,0 +1,862 @@
+/* client.c
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+#ifdef HAVE_CONFIG_H
+        #include 
+#endif
+
+#if defined(CYASSL_MDK_ARM)
+        #include 
+        #include 
+
+        #if defined(CYASSL_MDK5)
+            #include "cmsis_os.h"
+            #include "rl_fs.h" 
+            #include "rl_net.h" 
+        #else
+            #include "rtl.h"
+        #endif
+
+        #include "cyassl_MDK_ARM.h"
+#endif
+
+#include 
+
+#if !defined(CYASSL_TRACK_MEMORY) && !defined(NO_MAIN_DRIVER)
+    /* in case memory tracker wants stats */
+    #define CYASSL_TRACK_MEMORY
+#endif
+
+#include 
+
+#include 
+
+#include "examples/client/client.h"
+
+
+#ifdef CYASSL_CALLBACKS
+    int handShakeCB(HandShakeInfo*);
+    int timeoutCB(TimeoutInfo*);
+    Timeval timeout;
+#endif
+
+
+static void NonBlockingSSL_Connect(CYASSL* ssl)
+{
+#ifndef CYASSL_CALLBACKS
+    int ret = CyaSSL_connect(ssl);
+#else
+    int ret = CyaSSL_connect_ex(ssl, handShakeCB, timeoutCB, timeout);
+#endif
+    int error = CyaSSL_get_error(ssl, 0);
+    SOCKET_T sockfd = (SOCKET_T)CyaSSL_get_fd(ssl);
+    int select_ret;
+
+    while (ret != SSL_SUCCESS && (error == SSL_ERROR_WANT_READ ||
+                                  error == SSL_ERROR_WANT_WRITE)) {
+        int currTimeout = 1;
+
+        if (error == SSL_ERROR_WANT_READ)
+            printf("... client would read block\n");
+        else
+            printf("... client would write block\n");
+
+#ifdef CYASSL_DTLS
+        currTimeout = CyaSSL_dtls_get_current_timeout(ssl);
+#endif
+        select_ret = tcp_select(sockfd, currTimeout);
+
+        if ((select_ret == TEST_RECV_READY) ||
+                                        (select_ret == TEST_ERROR_READY)) {
+            #ifndef CYASSL_CALLBACKS
+                    ret = CyaSSL_connect(ssl);
+            #else
+                ret = CyaSSL_connect_ex(ssl,handShakeCB,timeoutCB,timeout);
+            #endif
+            error = CyaSSL_get_error(ssl, 0);
+        }
+        else if (select_ret == TEST_TIMEOUT && !CyaSSL_dtls(ssl)) {
+            error = SSL_ERROR_WANT_READ;
+        }
+#ifdef CYASSL_DTLS
+        else if (select_ret == TEST_TIMEOUT && CyaSSL_dtls(ssl) &&
+                                            CyaSSL_dtls_got_timeout(ssl) >= 0) {
+            error = SSL_ERROR_WANT_READ;
+        }
+#endif
+        else {
+            error = SSL_FATAL_ERROR;
+        }
+    }
+    if (ret != SSL_SUCCESS)
+        err_sys("SSL_connect failed");
+}
+
+
+static void Usage(void)
+{
+    printf("client "    LIBCYASSL_VERSION_STRING
+           " NOTE: All files relative to CyaSSL home dir\n");
+    printf("-?          Help, print this usage\n");
+    printf("-h    Host to connect to, default %s\n", yasslIP);
+    printf("-p     Port to connect on, not 0, default %d\n", yasslPort);
+    printf("-v     SSL version [0-3], SSLv3(0) - TLS1.2(3)), default %d\n",
+                                 CLIENT_DEFAULT_VERSION);
+    printf("-l     Cipher list\n");
+    printf("-c    Certificate file,           default %s\n", cliCert);
+    printf("-k    Key file,                   default %s\n", cliKey);
+    printf("-A    Certificate Authority file, default %s\n", caCert);
+    printf("-b     Benchmark  connections and print stats\n");
+    printf("-s          Use pre Shared keys\n");
+    printf("-t          Track CyaSSL memory use\n");
+    printf("-d          Disable peer checks\n");
+    printf("-D          Override Date Errors example\n");
+    printf("-g          Send server HTTP GET\n");
+    printf("-u          Use UDP DTLS,"
+           " add -v 2 for DTLSv1 (default), -v 3 for DTLSv1.2\n");
+    printf("-m          Match domain name in cert\n");
+    printf("-N          Use Non-blocking sockets\n");
+    printf("-r          Resume session\n");
+    printf("-f          Fewer packets/group messages\n");
+    printf("-x          Disable client cert/key loading\n");
+#ifdef SHOW_SIZES
+    printf("-z          Print structure sizes\n");
+#endif
+#ifdef HAVE_SNI
+    printf("-S     Use Host Name Indication\n");
+#endif
+#ifdef HAVE_MAX_FRAGMENT
+    printf("-L     Use Maximum Fragment Length [1-5]\n");
+#endif
+#ifdef HAVE_TRUNCATED_HMAC
+    printf("-T          Use Truncated HMAC\n");
+#endif
+#ifdef HAVE_OCSP
+    printf("-o          Perform OCSP lookup on peer certificate\n");
+    printf("-O     Perform OCSP lookup using  as responder\n");
+#endif
+#ifdef ATOMIC_USER
+    printf("-U          Atomic User Record Layer Callbacks\n");
+#endif
+#ifdef HAVE_PK_CALLBACKS 
+    printf("-P          Public Key Callbacks\n");
+#endif
+}
+
+THREAD_RETURN CYASSL_THREAD client_test(void* args)
+{
+    SOCKET_T sockfd = 0;
+
+    CYASSL_METHOD*  method  = 0;
+    CYASSL_CTX*     ctx     = 0;
+    CYASSL*         ssl     = 0;
+    
+    CYASSL*         sslResume = 0;
+    CYASSL_SESSION* session = 0;
+    char         resumeMsg[] = "resuming cyassl!";
+    int          resumeSz    = sizeof(resumeMsg);
+
+    char msg[32] = "hello cyassl!";   /* GET may make bigger */
+    char reply[80];
+    int  input;
+    int  msgSz = (int)strlen(msg);
+
+    word16 port   = yasslPort;
+    char* host   = (char*)yasslIP;
+    const char* domain = "www.yassl.com";
+
+    int    ch;
+    int    version = CLIENT_INVALID_VERSION;
+    int    usePsk   = 0;
+    int    sendGET  = 0;
+    int    benchmark = 0;
+    int    doDTLS    = 0;
+    int    matchName = 0;
+    int    doPeerCheck = 1;
+    int    nonBlocking = 0;
+    int    resumeSession = 0;
+    int    trackMemory   = 0;
+    int    useClientCert = 1;
+    int    fewerPackets  = 0;
+    int    atomicUser    = 0;
+    int    pkCallbacks   = 0;
+    int    overrideDateErrors = 0;
+    char*  cipherList = NULL;
+    const char* verifyCert = caCert;
+    const char* ourCert    = cliCert;
+    const char* ourKey     = cliKey;
+
+#ifdef HAVE_SNI
+    char*  sniHostName = NULL;
+#endif
+#ifdef HAVE_MAX_FRAGMENT
+    byte maxFragment = 0;
+#endif
+#ifdef HAVE_TRUNCATED_HMAC
+    byte  truncatedHMAC = 0;
+#endif
+
+
+#ifdef HAVE_OCSP
+    int    useOcsp  = 0;
+    char*  ocspUrl  = NULL;
+#endif
+
+    int     argc = ((func_args*)args)->argc;
+    char**  argv = ((func_args*)args)->argv;
+
+    ((func_args*)args)->return_code = -1; /* error state */
+
+#ifdef NO_RSA
+    verifyCert = (char*)eccCert;
+    ourCert    = (char*)cliEccCert;
+    ourKey     = (char*)cliEccKey;
+#endif
+    (void)resumeSz;
+    (void)session;
+    (void)sslResume;
+    (void)trackMemory;
+    (void)atomicUser;
+    (void)pkCallbacks;
+
+    StackTrap();
+
+    while ((ch = mygetopt(argc, argv,
+                          "?gdDusmNrtfxUPh:p:v:l:A:c:k:b:zS:L:ToO:")) != -1) {
+        switch (ch) {
+            case '?' :
+                Usage();
+                exit(EXIT_SUCCESS);
+
+            case 'g' :
+                sendGET = 1;
+                break;
+
+            case 'd' :
+                doPeerCheck = 0;
+                break;
+
+            case 'D' :
+                overrideDateErrors = 1;
+                break;
+
+            case 'u' :
+                doDTLS  = 1;
+                break;
+
+            case 's' :
+                usePsk = 1;
+                break;
+
+            case 't' :
+            #ifdef USE_CYASSL_MEMORY
+                trackMemory = 1;
+            #endif
+                break;
+
+            case 'm' :
+                matchName = 1;
+                break;
+
+            case 'x' :
+                useClientCert = 0;
+                break;
+
+            case 'f' :
+                fewerPackets = 1;
+                break;
+
+            case 'U' :
+            #ifdef ATOMIC_USER
+                atomicUser = 1;
+            #endif
+                break;
+
+            case 'P' :
+            #ifdef HAVE_PK_CALLBACKS 
+                pkCallbacks = 1;
+            #endif
+                break;
+
+            case 'h' :
+                host   = myoptarg;
+                domain = myoptarg;
+                break;
+
+            case 'p' :
+                port = (word16)atoi(myoptarg);
+                #if !defined(NO_MAIN_DRIVER) || defined(USE_WINDOWS_API)
+                    if (port == 0)
+                        err_sys("port number cannot be 0");
+                #endif
+                break;
+
+            case 'v' :
+                version = atoi(myoptarg);
+                if (version < 0 || version > 3) {
+                    Usage();
+                    exit(MY_EX_USAGE);
+                }
+                break;
+
+            case 'l' :
+                cipherList = myoptarg;
+                break;
+
+            case 'A' :
+                verifyCert = myoptarg;
+                break;
+
+            case 'c' :
+                ourCert = myoptarg;
+                break;
+
+            case 'k' :
+                ourKey = myoptarg;
+                break;
+
+            case 'b' :
+                benchmark = atoi(myoptarg);
+                if (benchmark < 0 || benchmark > 1000000) {
+                    Usage();
+                    exit(MY_EX_USAGE);
+                }
+                break;
+
+            case 'N' :
+                nonBlocking = 1;
+                break;
+
+            case 'r' :
+                resumeSession = 1;
+                break;
+
+            case 'z' :
+                #ifndef CYASSL_LEANPSK
+                    CyaSSL_GetObjectSize();
+                #endif
+                break;
+
+            case 'S' :
+                #ifdef HAVE_SNI
+                    sniHostName = myoptarg;
+                #endif
+                break;
+
+            case 'L' :
+                #ifdef HAVE_MAX_FRAGMENT
+                    maxFragment = atoi(myoptarg);
+                    if (maxFragment < CYASSL_MFL_2_9 ||
+                                                maxFragment > CYASSL_MFL_2_13) {
+                        Usage();
+                        exit(MY_EX_USAGE);
+                    }
+                #endif
+                break;
+
+            case 'T' :
+                #ifdef HAVE_TRUNCATED_HMAC
+                    truncatedHMAC = 1;
+                #endif
+                break;
+
+            case 'o' :
+                #ifdef HAVE_OCSP
+                    useOcsp = 1;
+                #endif
+                break;
+
+            case 'O' :
+                #ifdef HAVE_OCSP
+                    useOcsp = 1;
+                    ocspUrl = myoptarg;
+                #endif
+                break;
+
+            default:
+                Usage();
+                exit(MY_EX_USAGE);
+        }
+    }
+
+    myoptind = 0;      /* reset for test cases */
+
+    /* sort out DTLS versus TLS versions */
+    if (version == CLIENT_INVALID_VERSION) {
+        if (doDTLS)
+            version = CLIENT_DTLS_DEFAULT_VERSION;
+        else
+            version = CLIENT_DEFAULT_VERSION;
+    }
+    else {
+        if (doDTLS) {
+            if (version == 3)
+                version = -2;
+            else
+                version = -1;
+        }
+    }
+
+#ifdef USE_CYASSL_MEMORY
+    if (trackMemory)
+        InitMemoryTracker(); 
+#endif
+
+    switch (version) {
+#ifndef NO_OLD_TLS
+        case 0:
+            method = wolfSSLv3_client_method();
+            break;
+                
+                
+    #ifndef NO_TLS
+        case 1:
+            method = CyaTLSv1_client_method();
+            break;
+
+        case 2:
+            method = CyaTLSv1_1_client_method();
+            break;
+    #endif /* NO_TLS */
+                
+#endif  /* NO_OLD_TLS */
+                
+#ifndef NO_TLS
+        case 3:
+            method = CyaTLSv1_2_client_method();
+            break;
+#endif
+
+#ifdef CYASSL_DTLS
+        case -1:
+            method = CyaDTLSv1_client_method();
+            break;
+
+        case -2:
+            method = CyaDTLSv1_2_client_method();
+            break;
+#endif
+
+        default:
+            err_sys("Bad SSL version");
+            break;
+    }
+
+    if (method == NULL)
+        err_sys("unable to get method");
+
+    ctx = CyaSSL_CTX_new(method);
+    if (ctx == NULL)
+        err_sys("unable to get ctx");
+
+    if (cipherList)
+        if (CyaSSL_CTX_set_cipher_list(ctx, cipherList) != SSL_SUCCESS)
+            err_sys("client can't set cipher list 1");
+
+#ifdef CYASSL_LEANPSK
+    usePsk = 1;
+#endif
+
+#if defined(NO_RSA) && !defined(HAVE_ECC)
+    usePsk = 1;
+#endif
+
+    if (fewerPackets)
+        CyaSSL_CTX_set_group_messages(ctx);
+
+    if (usePsk) {
+#ifndef NO_PSK
+        CyaSSL_CTX_set_psk_client_callback(ctx, my_psk_client_cb);
+        if (cipherList == NULL) {
+            const char *defaultCipherList;
+            #ifdef HAVE_NULL_CIPHER
+                defaultCipherList = "PSK-NULL-SHA256";
+            #else
+                defaultCipherList = "PSK-AES128-CBC-SHA256";
+            #endif
+            if (CyaSSL_CTX_set_cipher_list(ctx,defaultCipherList) !=SSL_SUCCESS)
+                err_sys("client can't set cipher list 2");
+        }
+#endif
+        useClientCert = 0;
+    }
+
+#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER)
+    CyaSSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack);
+#endif
+
+#if defined(CYASSL_SNIFFER) && !defined(HAVE_NTRU) && !defined(HAVE_ECC)
+    if (cipherList == NULL) {
+        /* don't use EDH, can't sniff tmp keys */
+        if (CyaSSL_CTX_set_cipher_list(ctx, "AES256-SHA256") != SSL_SUCCESS) {
+            err_sys("client can't set cipher list 3");
+        }
+    }
+#endif
+
+#ifdef HAVE_OCSP
+    if (useOcsp) {
+        if (ocspUrl != NULL) {
+            CyaSSL_CTX_SetOCSP_OverrideURL(ctx, ocspUrl);
+            CyaSSL_CTX_EnableOCSP(ctx, CYASSL_OCSP_NO_NONCE
+                                                    | CYASSL_OCSP_URL_OVERRIDE);
+        }
+        else
+            CyaSSL_CTX_EnableOCSP(ctx, CYASSL_OCSP_NO_NONCE);
+    }
+#endif
+
+#ifdef USER_CA_CB
+    CyaSSL_CTX_SetCACb(ctx, CaCb);
+#endif
+
+#ifdef VERIFY_CALLBACK
+    CyaSSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, myVerify);
+#endif
+#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS)
+    if (useClientCert){
+        if (CyaSSL_CTX_use_certificate_chain_file(ctx, ourCert) != SSL_SUCCESS)
+            err_sys("can't load client cert file, check file and run from"
+                    " CyaSSL home dir");
+
+        if (CyaSSL_CTX_use_PrivateKey_file(ctx, ourKey, SSL_FILETYPE_PEM)
+                                         != SSL_SUCCESS)
+            err_sys("can't load client private key file, check file and run "
+                    "from CyaSSL home dir");
+    }
+
+    if (!usePsk) {
+        if (CyaSSL_CTX_load_verify_locations(ctx, verifyCert, 0) != SSL_SUCCESS)
+                err_sys("can't load ca file, Please run from CyaSSL home dir");
+    }
+#endif
+#if !defined(NO_CERTS)
+    if (!usePsk && doPeerCheck == 0)
+        CyaSSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, 0);
+    if (!usePsk && overrideDateErrors == 1)
+        CyaSSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, myDateCb);
+#endif
+
+#ifdef HAVE_CAVIUM
+    CyaSSL_CTX_UseCavium(ctx, CAVIUM_DEV_ID);
+#endif
+
+#ifdef HAVE_SNI
+    if (sniHostName)
+        if (CyaSSL_CTX_UseSNI(ctx, 0, sniHostName, XSTRLEN(sniHostName))
+                                                                 != SSL_SUCCESS)
+            err_sys("UseSNI failed");
+#endif
+#ifdef HAVE_MAX_FRAGMENT
+    if (maxFragment)
+        if (CyaSSL_CTX_UseMaxFragment(ctx, maxFragment) != SSL_SUCCESS)
+            err_sys("UseMaxFragment failed");
+#endif
+#ifdef HAVE_TRUNCATED_HMAC
+    if (truncatedHMAC)
+        if (CyaSSL_CTX_UseTruncatedHMAC(ctx) != SSL_SUCCESS)
+            err_sys("UseTruncatedHMAC failed");
+#endif
+
+    if (benchmark) {
+        /* time passed in number of connects give average */
+        int times = benchmark;
+        int i = 0;
+
+        double start = current_time(), avg;
+
+        for (i = 0; i < times; i++) {
+            tcp_connect(&sockfd, host, port, doDTLS);
+
+            ssl = CyaSSL_new(ctx);
+            CyaSSL_set_fd(ssl, sockfd);
+            if (CyaSSL_connect(ssl) != SSL_SUCCESS)
+                err_sys("SSL_connect failed");
+
+            CyaSSL_shutdown(ssl);
+            CyaSSL_free(ssl);
+            CloseSocket(sockfd);
+        }
+        avg = current_time() - start;
+        avg /= times;
+        avg *= 1000;   /* milliseconds */
+        printf("CyaSSL_connect avg took: %8.3f milliseconds\n", avg);
+
+        CyaSSL_CTX_free(ctx);
+        ((func_args*)args)->return_code = 0;
+
+        exit(EXIT_SUCCESS);
+    }
+    
+    #if defined(CYASSL_MDK_ARM)
+    CyaSSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, 0);
+    #endif
+    
+    ssl = CyaSSL_new(ctx);
+    if (ssl == NULL)
+        err_sys("unable to get SSL object");
+    if (doDTLS) {
+        SOCKADDR_IN_T addr;
+        build_addr(&addr, host, port, 1);
+        CyaSSL_dtls_set_peer(ssl, &addr, sizeof(addr));
+        tcp_socket(&sockfd, 1);
+    }
+    else {
+        tcp_connect(&sockfd, host, port, 0);
+    }
+    CyaSSL_set_fd(ssl, sockfd);
+#ifdef HAVE_CRL
+    if (CyaSSL_EnableCRL(ssl, CYASSL_CRL_CHECKALL) != SSL_SUCCESS)
+        err_sys("can't enable crl check");
+    if (CyaSSL_LoadCRL(ssl, crlPemDir, SSL_FILETYPE_PEM, 0) != SSL_SUCCESS)
+        err_sys("can't load crl, check crlfile and date validity");
+    if (CyaSSL_SetCRL_Cb(ssl, CRL_CallBack) != SSL_SUCCESS)
+        err_sys("can't set crl callback");
+#endif
+#ifdef ATOMIC_USER
+    if (atomicUser)
+        SetupAtomicUser(ctx, ssl);
+#endif
+#ifdef HAVE_PK_CALLBACKS
+    if (pkCallbacks)
+        SetupPkCallbacks(ctx, ssl);
+#endif
+    if (matchName && doPeerCheck)
+        CyaSSL_check_domain_name(ssl, domain);
+#ifndef CYASSL_CALLBACKS
+    if (nonBlocking) {
+        CyaSSL_set_using_nonblock(ssl, 1);
+        tcp_set_nonblocking(&sockfd);
+        NonBlockingSSL_Connect(ssl);
+    }
+    else if (CyaSSL_connect(ssl) != SSL_SUCCESS) {
+        /* see note at top of README */
+        int  err = CyaSSL_get_error(ssl, 0);
+        char buffer[CYASSL_MAX_ERROR_SZ];
+        printf("err = %d, %s\n", err,
+                                CyaSSL_ERR_error_string(err, buffer));
+        err_sys("SSL_connect failed");
+        /* if you're getting an error here  */
+    }
+#else
+    timeout.tv_sec  = 2;
+    timeout.tv_usec = 0;
+    NonBlockingSSL_Connect(ssl);  /* will keep retrying on timeout */
+#endif
+    showPeer(ssl);
+
+    if (sendGET) {
+        printf("SSL connect ok, sending GET...\n");
+        msgSz = 28;
+        strncpy(msg, "GET /index.html HTTP/1.0\r\n\r\n", msgSz);
+        msg[msgSz] = '\0';
+    }
+    if (CyaSSL_write(ssl, msg, msgSz) != msgSz)
+        err_sys("SSL_write failed");
+
+    input = CyaSSL_read(ssl, reply, sizeof(reply)-1);
+    if (input > 0) {
+        reply[input] = 0;
+        printf("Server response: %s\n", reply);
+
+        if (sendGET) {  /* get html */
+            while (1) {
+                input = CyaSSL_read(ssl, reply, sizeof(reply)-1);
+                if (input > 0) {
+                    reply[input] = 0;
+                    printf("%s\n", reply);
+                }
+                else
+                    break;
+            }
+        }
+    }
+    else if (input < 0) {
+        int readErr = CyaSSL_get_error(ssl, 0);
+        if (readErr != SSL_ERROR_WANT_READ)
+            err_sys("CyaSSL_read failed");
+    }
+
+#ifndef NO_SESSION_CACHE
+    if (resumeSession) {
+        if (doDTLS) {
+            strncpy(msg, "break", 6);
+            msgSz = (int)strlen(msg);
+            /* try to send session close */
+            CyaSSL_write(ssl, msg, msgSz);
+        }
+        session   = CyaSSL_get_session(ssl);
+        sslResume = CyaSSL_new(ctx);
+    }
+#endif
+
+    if (doDTLS == 0)            /* don't send alert after "break" command */
+        CyaSSL_shutdown(ssl);  /* echoserver will interpret as new conn */
+#ifdef ATOMIC_USER
+    if (atomicUser)
+        FreeAtomicUser(ssl);
+#endif
+    CyaSSL_free(ssl);
+    CloseSocket(sockfd);
+
+#ifndef NO_SESSION_CACHE
+    if (resumeSession) {
+        if (doDTLS) {
+            SOCKADDR_IN_T addr;
+            #ifdef USE_WINDOWS_API 
+                Sleep(500);
+            #else
+                sleep(1);
+            #endif
+            build_addr(&addr, host, port, 1);
+            CyaSSL_dtls_set_peer(sslResume, &addr, sizeof(addr));
+            tcp_socket(&sockfd, 1);
+        }
+        else {
+            tcp_connect(&sockfd, host, port, 0);
+        }
+        CyaSSL_set_fd(sslResume, sockfd);
+        CyaSSL_set_session(sslResume, session);
+       
+        showPeer(sslResume);
+#ifndef CYASSL_CALLBACKS
+        if (nonBlocking) {
+            CyaSSL_set_using_nonblock(sslResume, 1);
+            tcp_set_nonblocking(&sockfd);
+            NonBlockingSSL_Connect(sslResume);
+        }
+        else if (CyaSSL_connect(sslResume) != SSL_SUCCESS)
+            err_sys("SSL resume failed");
+#else
+        timeout.tv_sec  = 2;
+        timeout.tv_usec = 0;
+        NonBlockingSSL_Connect(ssl);  /* will keep retrying on timeout */
+#endif
+
+        if (CyaSSL_session_reused(sslResume))
+            printf("reused session id\n");
+        else
+            printf("didn't reuse session id!!!\n");
+
+        if (CyaSSL_write(sslResume, resumeMsg, resumeSz) != resumeSz)
+            err_sys("SSL_write failed");
+
+        if (nonBlocking) {
+            /* give server a chance to bounce a message back to client */
+            #ifdef USE_WINDOWS_API
+                Sleep(500);
+            #else
+                sleep(1);
+            #endif
+        }
+
+        input = CyaSSL_read(sslResume, reply, sizeof(reply)-1);
+        if (input > 0) {
+            reply[input] = 0;
+            printf("Server resume response: %s\n", reply);
+        }
+
+        /* try to send session break */
+        CyaSSL_write(sslResume, msg, msgSz); 
+
+        CyaSSL_shutdown(sslResume);
+        CyaSSL_free(sslResume);
+        CloseSocket(sockfd);
+    }
+#endif /* NO_SESSION_CACHE */
+
+    CyaSSL_CTX_free(ctx);
+
+    ((func_args*)args)->return_code = 0;
+
+#ifdef USE_CYASSL_MEMORY
+    if (trackMemory)
+        ShowMemoryTracker();
+#endif /* USE_CYASSL_MEMORY */
+
+    return 0;
+}
+
+
+/* so overall tests can pull in test function */
+#ifndef NO_MAIN_DRIVER
+
+    int main(int argc, char** argv)
+    {
+        func_args args;
+
+#ifdef HAVE_CAVIUM
+        int ret = OpenNitroxDevice(CAVIUM_DIRECT, CAVIUM_DEV_ID);
+        if (ret != 0)
+            err_sys("Cavium OpenNitroxDevice failed");
+#endif /* HAVE_CAVIUM */
+
+        StartTCP();
+
+        args.argc = argc;
+        args.argv = argv;
+
+        CyaSSL_Init();
+#if defined(DEBUG_CYASSL) && !defined(CYASSL_MDK_SHELL) && !defined(STACK_TRAP)
+        CyaSSL_Debugging_ON();
+#endif
+        if (CurrentDir("client"))
+            ChangeDirBack(2);
+        else if (CurrentDir("Debug") || CurrentDir("Release"))
+            ChangeDirBack(3);
+  
+#ifdef HAVE_STACK_SIZE
+        StackSizeCheck(&args, client_test);
+#else 
+        client_test(&args);
+#endif
+        CyaSSL_Cleanup();
+
+#ifdef HAVE_CAVIUM
+        CspShutdown(CAVIUM_DEV_ID);
+#endif
+        return args.return_code;
+    }
+
+    int myoptind = 0;
+    char* myoptarg = NULL;
+
+#endif /* NO_MAIN_DRIVER */
+
+
+
+#ifdef CYASSL_CALLBACKS
+
+    int handShakeCB(HandShakeInfo* info)
+    {
+        (void)info;
+        return 0;
+    }
+
+
+    int timeoutCB(TimeoutInfo* info)
+    {
+        (void)info;
+        return 0;
+    }
+
+#endif
+
diff --git a/3P/wolfssl/IDE/MDK5-ARM/Projects/SimpleClient/config-SimpleClient.h b/3P/wolfssl/IDE/MDK5-ARM/Projects/SimpleClient/config-SimpleClient.h
new file mode 100644
index 00000000..f6171d16
--- /dev/null
+++ b/3P/wolfssl/IDE/MDK5-ARM/Projects/SimpleClient/config-SimpleClient.h
@@ -0,0 +1,70 @@
+/* config-RTX-TCP-FS.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+
+/**** CyaSSL for KEIL-RL Configuration ****/
+
+#define __CORTEX_M3__
+#define CYASSL_MDK_ARM
+#define NO_WRITEV
+#define NO_CYASSL_DIR
+#define NO_MAIN_DRIVER
+
+
+#define CYASSL_DER_LOAD
+#define HAVE_NULL_CIPHER
+
+#define HAVE_KEIL_RTX
+#define CYASSL_CMSIS_RTOS
+#define CYASSL_KEIL_TCP_NET
+
+
+// <<< Use Configuration Wizard in Context Menu >>>
+//  Build Target: Simple Client
+//   Callee IP Address
+//    Default: "192.168.1.100"
+#define CYASSL_CALLEE_IP           "192.168.11.3"
+//   Callee Port Number
+//    Default: "443"
+#define CYASSL_CALLEE_PORT           "443"
+//        HTTP GET Option <0=> HTTP Get <1=> SSL/TLS Message
+#define MDK_CONF_HTTP_GET 0
+#if MDK_CONF_HTTP_GET == 0
+    #define CYASSL_HTTP_GET "-g"
+		#define CYASSL_HTTP_GET_COUNT  1
+#elif MDK_CONF_HTTP_GET == 1
+    #define CYASSL_HTTP_GET ""
+		#define CYASSL_HTTP_GET_COUNT  0
+#endif
+//        SSL/TLS Version <0=> SSL3 <1=> TLS 1.0 <2=> TLS 1.1 <3=> TLS 1.2
+#define MDK_CONF_SSL_VERSION 3
+#if MDK_CONF_SSL_VERSION  == 0
+    #define CYASSL_SSL_VER  "0"
+#elif MDK_CONF_SSL_VERSION  == 1
+    #define CYASSL_SSL_VER  "1"
+#elif MDK_CONF_SSL_VERSION  == 2
+    #define CYASSL_SSL_VER  "2"
+#elif MDK_CONF_SSL_VERSION  == 3
+    #define CYASSL_SSL_VER  "3"
+#endif
+
+//     
+// <<< end of configuration section >>>
diff --git a/3P/wolfssl/IDE/MDK5-ARM/Projects/SimpleClient/main.c b/3P/wolfssl/IDE/MDK5-ARM/Projects/SimpleClient/main.c
new file mode 100644
index 00000000..a882c24c
--- /dev/null
+++ b/3P/wolfssl/IDE/MDK5-ARM/Projects/SimpleClient/main.c
@@ -0,0 +1,113 @@
+/* main.c
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+ 
+#ifdef HAVE_CONFIG_H
+    #include 
+#endif
+
+#include 
+#include 
+
+#include "cmsis_os.h"
+#include "rl_fs.h" 
+#include "rl_net.h" 
+#include 
+#include "cyassl_MDK_ARM.h"
+#include 
+
+/*-----------------------------------------------------------------------------
+ *        Initialize a Flash Memory Card
+ *----------------------------------------------------------------------------*/
+static void init_filesystem (void) {
+    int32_t retv;
+
+    retv = finit ("M0:");
+    if (retv == 0) {
+        retv = fmount ("M0:");
+        if (retv == 0) {
+            printf ("Drive M0 ready!\n");
+        }
+        else {
+          printf ("Drive M0 mount failed!\n");
+        }
+    } else {
+        printf ("Drive M0 initialization failed!\n");
+    }
+}
+
+/*-----------------------------------------------------------------------------
+ *        TCP/IP tasks
+ *----------------------------------------------------------------------------*/
+void tcp_poll (void const *arg)
+{
+    CYASSL_MSG("TCP polling started.\n") ;
+    while (1) {
+        net_main ();
+        osDelay(100) ;
+    }
+}
+
+typedef struct func_args {
+    int    argc;
+    char** argv;
+} func_args;
+
+extern void client_test(func_args * args) ;
+
+    osThreadDef (tcp_poll, osPriorityHigh , 1, 0) ;
+/*-----------------------------------------------------------------------------
+ *       mian entry 
+ *----------------------------------------------------------------------------*/
+int myoptind = 0;
+char* myoptarg = NULL;
+
+#include "config-SimpleClient.h"
+
+int main() 
+{
+    static char *argv[] = 
+          {   "client",   "-h", CYASSL_CALLEE_IP, "-p", CYASSL_CALLEE_PORT, 
+                                   "-v",  CYASSL_SSL_VER,  CYASSL_HTTP_GET } ;
+    static   func_args args  = 
+          {  7 + CYASSL_HTTP_GET_COUNT, argv } ; 
+
+    init_filesystem ();
+    net_initialize() ;
+    osThreadCreate (osThread (tcp_poll), NULL); 
+    osDelay(50000) ;  /* wait for DHCP */
+    #if defined(DEBUG_CYASSL)
+         printf("Turning ON Debug message\n") ;
+         CyaSSL_Debugging_ON() ;
+    #endif
+        
+    if(args.argc == 7)
+        printf("Simple SSL/TLS, ") ;
+    else
+        printf("HTTP GET, ") ;
+
+    printf("Callee IP: %s, Port: %s, Version:%s\n", argv[2], argv[4], argv[6]) ; 
+
+    while(1) {
+          client_test(&args) ;
+          printf("Enter any key to iterate.\n") ;
+          getchar() ;
+    }
+}
diff --git a/3P/wolfssl/IDE/MDK5-ARM/Projects/SimpleClient/simpleClient.uvprojx b/3P/wolfssl/IDE/MDK5-ARM/Projects/SimpleClient/simpleClient.uvprojx
new file mode 100644
index 00000000..26744456
--- /dev/null
+++ b/3P/wolfssl/IDE/MDK5-ARM/Projects/SimpleClient/simpleClient.uvprojx
@@ -0,0 +1,1162 @@
+
+
+
+  2.1
+
+  
### uVision Project, (C) Keil Software

+
+  
+    
+      SimpleClient
+      0x4
+      ARM-ADS
+      
+        
+          STM32F207IG
+          STMicroelectronics
+          IRAM(0x20000000,0x20000) IROM(0x08000000,0x100000) CPUTYPE("Cortex-M3") CLOCK(120000000) ELITTLE
+          
+          
+          UL2CM3(-S0 -C0 -P0 -FD20000000 -FC1000 -FN1 -FF0STM32F2xx_1024 -FS08000000 -FL0100000 -FP0($$Device:STM32F207IG$Flash\STM32F2xx_1024.flm))
+          0
+          $$Device:STM32F207IG$Device\Include\stm32f2xx.h
+          
+          
+          
+          
+          
+          
+          
+          
+          
+          $$Device:STM32F207IG$SVD\STM32F20x.svd
+          0
+          0
+          
+          
+          
+          
+          
+          
+            0
+            0
+            0
+            0
+            1
+          
+          .\Object\
+          SimpleClient
+          1
+          0
+          0
+          1
+          1
+          .\Object\
+          1
+          0
+          0
+          
+            0
+            0
+            
+            
+            0
+            0
+            0
+            0
+          
+          
+            0
+            0
+            
+            
+            0
+            0
+            0
+            0
+          
+          
+            0
+            0
+            
+            
+            0
+            0
+          
+          0
+          
+        
+        
+          0
+          0
+          0
+          0
+          0
+          1
+          0
+          0
+          0
+          0
+          3
+          
+          
+          1
+        
+        
+          SARMCM3.DLL
+          -REMAP -MPU
+          DCM.DLL
+          -pCM3
+          SARMCM3.DLL
+          -REMAP -MPU
+          TCM.DLL
+          -pCM3
+        
+        
+          
+            1
+            0
+            0
+            0
+            16
+          
+          
+            0
+            1
+            1
+            1
+            1
+            1
+            1
+            1
+            0
+            1
+          
+          
+            1
+            1
+            1
+            1
+            1
+            1
+            0
+            1
+            1
+            1
+            1
+          
+          0
+          8
+          
+            
+            
+            
+            
+            
+          
+          
+            
+            
+            
+            
+            .\STM32_SWO.ini
+            BIN\ULP2CM3.DLL
+          
+        
+        
+          
+            1
+            0
+            0
+            1
+            1
+            4100
+          
+          1
+          BIN\ULP2CM3.DLL
+          "" ()
+          
+          
+          
+          
+          0
+        
+        
+          
+            0
+            1
+            1
+            1
+            1
+            1
+            1
+            1
+            0
+            1
+            1
+            0
+            1
+            1
+            0
+            0
+            1
+            1
+            1
+            1
+            1
+            1
+            1
+            1
+            1
+            0
+            0
+            "Cortex-M3"
+            
+            1
+            0
+            0
+            1
+            1
+            0
+            0
+            0
+            0
+            0
+            8
+            0
+            0
+            0
+            3
+            3
+            0
+            0
+            0
+            0
+            0
+            0
+            0
+            0
+            0
+            0
+            1
+            0
+            0
+            0
+            0
+            1
+            0
+            
+              
+                0
+                0x0
+                0x0
+              
+              
+                0
+                0x0
+                0x0
+              
+              
+                0
+                0x0
+                0x0
+              
+              
+                0
+                0x0
+                0x0
+              
+              
+                0
+                0x0
+                0x0
+              
+              
+                0
+                0x0
+                0x0
+              
+              
+                0
+                0x20000000
+                0x20000
+              
+              
+                1
+                0x8000000
+                0x100000
+              
+              
+                0
+                0x0
+                0x0
+              
+              
+                1
+                0x0
+                0x0
+              
+              
+                1
+                0x0
+                0x0
+              
+              
+                1
+                0x0
+                0x0
+              
+              
+                1
+                0x8000000
+                0x100000
+              
+              
+                1
+                0x0
+                0x0
+              
+              
+                0
+                0x0
+                0x0
+              
+              
+                0
+                0x0
+                0x0
+              
+              
+                0
+                0x0
+                0x0
+              
+              
+                0
+                0x20000000
+                0x20000
+              
+              
+                0
+                0x0
+                0x0
+              
+            
+            
+          
+          
+            1
+            4
+            0
+            0
+            0
+            0
+            0
+            0
+            0
+            0
+            0
+            0
+            0
+            0
+            0
+            
+              
+              HAVE_CONFIG_H  MDK_CONF_SimpleClient
+              
+              
+            
+          
+          
+            1
+            0
+            0
+            0
+            0
+            0
+            0
+            0
+            0
+            
+              
+              
+              
+              
+            
+          
+          
+            1
+            0
+            0
+            0
+            1
+            0
+            0x08000000
+            0x20000000
+            
+            
+            
+            
+            
+            
+            
+          
+        
+      
+      
+        
+          Source
+          
+            
+              main.c
+              1
+              .\main.c
+            
+            
+              client.c
+              1
+              .\client.c
+            
+          
+        
+        
+          Configuration
+          
+            
+              config-SimpleClient.h
+              5
+              .\config-SimpleClient.h
+            
+            
+              config-CyaSSL.h
+              5
+              .\RTE\wolfSSL\config-CyaSSL.h
+            
+            
+              config-Crypt.h
+              5
+              .\RTE\wolfSSL\config-Crypt.h
+            
+            
+              Net_Config_ETH_0.h
+              5
+              .\RTE\Network\Net_Config_ETH_0.h
+            
+          
+        
+        
+          Documentation
+          
+            
+              Abstract.txt
+              5
+              .\Abstract.txt
+            
+          
+        
+        
+          Devices
+          
+            
+              time-dummy.c
+              1
+              .\time-dummy.c
+            
+            
+              time-CortexM3-4.c
+              1
+              .\time-CortexM3-4.c
+            
+          
+        
+        
+          ::CMSIS
+          
+            
+              RTX_Conf_CM.c
+              1
+              RTE\CMSIS\RTX_Conf_CM.c
+            
+            
+              RTX_CM3.lib
+              4
+              C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.4\CMSIS_RTX\Lib\ARM\RTX_CM3.lib
+            
+          
+        
+        
+          ::Device
+          
+            
+              RTE_Device.h
+              5
+              RTE\Device\STM32F207IG\RTE_Device.h
+            
+            
+              startup_stm32f2xx.s
+              2
+              RTE\Device\STM32F207IG\startup_stm32f2xx.s
+            
+            
+              system_stm32f2xx.c
+              1
+              RTE\Device\STM32F207IG\system_stm32f2xx.c
+            
+            
+              DMA_STM32F2xx.c
+              1
+              C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\DMA_STM32F2xx.c
+            
+            
+              GPIO_STM32F2xx.c
+              1
+              C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\GPIO_STM32F2xx.c
+            
+          
+        
+        
+          ::Drivers
+          
+            
+              EMAC_STM32F2xx.c
+              1
+              C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\EMAC_STM32F2xx.c
+            
+            
+              MCI_STM32F2xx.c
+              1
+              C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\MCI_STM32F2xx.c
+            
+            
+              PHY_ST802RT1.c
+              1
+              C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.6\Network\Driver\PHY_ST802RT1.c
+            
+          
+        
+        
+          ::File System
+          
+            
+              FS_Config.c
+              1
+              RTE\File_System\FS_Config.c
+            
+            
+              FS_Config_MC_0.h
+              5
+              RTE\File_System\FS_Config_MC_0.h
+            
+            
+              FS_LFN_CM3_L.lib
+              4
+              C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.6\FileSystem\Lib\ARM\FS_LFN_CM3_L.lib
+            
+          
+        
+        
+          ::Network
+          
+            
+              Net_Config.c
+              1
+              RTE\Network\Net_Config.c
+            
+            
+              Net_Config_BSD.h
+              5
+              RTE\Network\Net_Config_BSD.h
+            
+            
+              Net_Config_DNS_Client.h
+              5
+              RTE\Network\Net_Config_DNS_Client.h
+            
+            
+              Net_Config_ETH_0.h
+              5
+              RTE\Network\Net_Config_ETH_0.h
+            
+            
+              Net_Config_TCP.h
+              5
+              RTE\Network\Net_Config_TCP.h
+            
+            
+              Net_Config_UDP.h
+              5
+              RTE\Network\Net_Config_UDP.h
+            
+            
+              Net_Debug.c
+              1
+              RTE\Network\Net_Debug.c
+            
+            
+              Net_Dbg_CM3_L.lib
+              4
+              C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.6\Network\Lib\ARM\Net_Dbg_CM3_L.lib
+            
+          
+        
+        
+          ::wolfSSL
+          
+            
+              config-Crypt.h
+              5
+              RTE\wolfSSL\config-Crypt.h
+            
+            
+              config-CyaSSL.h
+              5
+              RTE\wolfSSL\config-CyaSSL.h
+            
+            
+              settings.h
+              5
+              RTE\wolfSSL\settings.h
+            
+            
+              cyassl_MDK_ARM.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\IDE\MDK5-ARM\Src\cyassl_MDK_ARM.c
+            
+            
+              aes.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\aes.c
+            
+            
+              arc4.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\arc4.c
+            
+            
+              asm.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\asm.c
+            
+            
+              asn.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\asn.c
+            
+            
+              blake2b.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\blake2b.c
+            
+            
+              camellia.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\camellia.c
+            
+            
+              coding.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\coding.c
+            
+            
+              compress.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\compress.c
+            
+            
+              des3.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\des3.c
+            
+            
+              dh.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\dh.c
+            
+            
+              dsa.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\dsa.c
+            
+            
+              ecc.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\ecc.c
+            
+            
+              ecc_fp.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\ecc_fp.c
+            
+            
+              error.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\error.c
+            
+            
+              hc128.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\hc128.c
+            
+            
+              hmac.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\hmac.c
+            
+            
+              integer.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\integer.c
+            
+            
+              logging.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\logging.c
+            
+            
+              md2.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\md2.c
+            
+            
+              md4.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\md4.c
+            
+            
+              md5.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\md5.c
+            
+            
+              memory.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\memory.c
+            
+            
+              misc.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\misc.c
+            
+            
+              pwdbased.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\pwdbased.c
+            
+            
+              rabbit.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\rabbit.c
+            
+            
+              random.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\random.c
+            
+            
+              ripemd.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\ripemd.c
+            
+            
+              rsa.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\rsa.c
+            
+            
+              sha.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\sha.c
+            
+            
+              sha256.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\sha256.c
+            
+            
+              sha512.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\sha512.c
+            
+            
+              tfm.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\tfm.c
+            
+            
+              wc_port.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\wc_port.c
+            
+            
+              crl.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\src\crl.c
+            
+            
+              internal.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\src\internal.c
+            
+            
+              io.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\src\io.c
+            
+            
+              keys.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\src\keys.c
+            
+            
+              ocsp.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\src\ocsp.c
+            
+            
+              sniffer.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\src\sniffer.c
+            
+            
+              ssl.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\src\ssl.c
+            
+            
+              tls.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\src\tls.c
+            
+          
+        
+      
+    
+  
+
+  
+    
+      
+        
+          
+        
+      
+      
+        
+          
+        
+      
+      
+        
+          
+        
+      
+      
+        
+          
+        
+      
+      
+        
+          
+        
+      
+    
+    
+      
+        
+        
+          
+        
+      
+      
+        
+        
+          
+        
+      
+      
+        
+        
+          
+        
+      
+      
+        
+        
+          
+        
+      
+    
+    
+      
+        
+        
+          
+        
+      
+      
+        
+        
+          
+        
+      
+      
+        
+        
+          
+        
+      
+      
+        
+        
+          
+        
+      
+      
+        
+        
+          
+        
+      
+      
+        
+        
+          
+        
+      
+      
+        
+        
+          
+        
+      
+      
+        
+        
+          
+        
+      
+      
+        
+        
+          
+        
+      
+      
+        
+        
+          
+        
+      
+      
+        
+        
+          
+        
+      
+      
+        
+        
+          
+        
+      
+      
+        
+        
+          
+        
+      
+      
+        
+        
+          
+        
+      
+      
+        
+        
+          
+        
+      
+      
+        
+        
+          
+        
+      
+      
+        
+        
+          
+        
+      
+      
+        
+        
+          
+        
+      
+    
+    
+      
+        RTE\CMSIS\RTX_Conf_CM.c
+        
+        
+        
+          
+        
+      
+      
+        RTE\Device\STM32F207IG\RTE_Device.h
+        
+        
+        
+          
+        
+      
+      
+        RTE\Device\STM32F207IG\startup_stm32f2xx.s
+        
+        
+        
+          
+        
+      
+      
+        RTE\Device\STM32F207IG\system_stm32f2xx.c
+        
+        
+        
+          
+        
+      
+      
+        RTE\File_System\FS_Config.c
+        
+        
+        
+          
+        
+      
+      
+        RTE\File_System\FS_Config_MC_0.h
+        
+        
+        
+          
+        
+      
+      
+        RTE\Network\Net_Config.c
+        
+        
+        
+          
+        
+      
+      
+        RTE\Network\Net_Config_BSD.h
+        
+        
+        
+          
+        
+      
+      
+        RTE\Network\Net_Config_DNS_Client.h
+        
+        
+        
+          
+        
+      
+      
+        RTE\Network\Net_Config_ETH_0.h
+        
+        
+        
+          
+        
+      
+      
+        RTE\Network\Net_Config_TCP.h
+        
+        
+        
+          
+        
+      
+      
+        RTE\Network\Net_Config_UDP.h
+        
+        
+        
+          
+        
+      
+      
+        RTE\Network\Net_Debug.c
+        
+        
+        
+          
+        
+      
+      
+        RTE\Other\config-Crypt.h
+        
+        
+        
+      
+      
+        RTE\Other\config-CyaSSL.h
+        
+        
+        
+      
+      
+        RTE\Other\config-RTX-TCP-FS.h
+        
+        
+        
+      
+      
+        RTE\Other\config.h
+        
+        
+        
+      
+      
+        RTE\wolfSSL\config-Crypt.h
+        
+        
+        
+          
+        
+      
+      
+        RTE\wolfSSL\config-CyaSSL.h
+        
+        
+        
+          
+        
+      
+      
+        RTE\wolfSSL\config.h
+        
+        
+        
+      
+      
+        RTE\wolfSSL\settings.h
+        
+        
+        
+          
+        
+      
+    
+  
+
+
diff --git a/3P/wolfssl/IDE/MDK5-ARM/Projects/SimpleClient/time-CortexM3-4.c b/3P/wolfssl/IDE/MDK5-ARM/Projects/SimpleClient/time-CortexM3-4.c
new file mode 100644
index 00000000..ca504613
--- /dev/null
+++ b/3P/wolfssl/IDE/MDK5-ARM/Projects/SimpleClient/time-CortexM3-4.c
@@ -0,0 +1,41 @@
+/* time-STM32F2.c
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+ 
+#ifdef HAVE_CONFIG_H
+    #include 
+#endif
+
+
+#include        
+#define DWT                 ((DWT_Type       *)     (0xE0001000UL)     ) 
+typedef struct
+{
+  uint32_t CTRL;                    /*!< Offset: 0x000 (R/W)  Control Register                          */
+  uint32_t CYCCNT;                  /*!< Offset: 0x004 (R/W)  Cycle Count Register                      */
+} DWT_Type;
+
+extern uint32_t SystemCoreClock ;
+
+double current_time(int reset) 
+{
+      if(reset) DWT->CYCCNT = 0 ;
+      return ((double)DWT->CYCCNT/SystemCoreClock) ;
+}
diff --git a/3P/wolfssl/IDE/MDK5-ARM/Projects/SimpleClient/time-STM32F2xx.c b/3P/wolfssl/IDE/MDK5-ARM/Projects/SimpleClient/time-STM32F2xx.c
new file mode 100644
index 00000000..36702938
--- /dev/null
+++ b/3P/wolfssl/IDE/MDK5-ARM/Projects/SimpleClient/time-STM32F2xx.c
@@ -0,0 +1,82 @@
+/* time-STM32F2.c
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+ 
+#ifdef HAVE_CONFIG_H
+    #include 
+#endif
+
+#include "time.h"
+
+#define PERIPH_BASE           ((uint32_t)0x40000000) 
+/*-----------------------------------------------------------------------------
+ *        initialize RTC 
+ *----------------------------------------------------------------------------*/
+#include "stm32f2xx.h"
+
+#define assert_param(a)
+
+#if 0
+#define RTC_RSF_MASK         ((uint32_t)0xFFFFFF5F)
+#define SYNCHRO_TIMEOUT      ((uint32_t) 0x00008000)
+#define Bcd2ToByte(v) \
+   ((((uint8_t)(v & (uint8_t)0xF0) >> (uint8_t)0x4) * 10) + (v & (uint8_t)0x0F))
+#define RTC_TR_RESERVED_MASK ((uint32_t)0x007F7F7F)
+#define RTC_TR_MNT           ((uint32_t)0x00007000)
+#define RTC_TR_MNU           ((uint32_t)0x00000F00)
+
+#define PWR_OFFSET           (PWR_BASE - PERIPH_BASE)
+#define CR_OFFSET            (PWR_OFFSET + 0x00)
+#define DBP_BitNumber        0x08
+#define CR_DBP_BB     (PERIPH_BB_BASE + (CR_OFFSET * 32) + (DBP_BitNumber * 4))
+#define RTC_INIT_MASK        ((uint32_t)0xFFFFFFFF)  
+#define INITMODE_TIMEOUT     ((uint32_t) 0x00010000)
+#endif
+
+/*-----------------------------------------------------------------------------
+ *        initialize TIM
+ *----------------------------------------------------------------------------*/
+#define RCC_APB1Periph_TIM2              ((uint32_t)0x00000001)
+
+void init_time(void)
+{
+      uint16_t tmpcr1 = 0;
+
+    ((uint32_t *)RCC)[0x10] |= RCC_APB1Periph_TIM2 ;
+
+    tmpcr1 = TIM2->CR1 ;
+    tmpcr1 &=   (uint16_t) (~(((uint16_t)0x0010) | ((uint16_t)0x0060) )); 
+                                     /* CR1 &= ~(TIM_CR1_DIR | TIM_CR1_CMS) */
+    tmpcr1 |= (uint16_t)0x0000  ;    /* CR1 |= TIM_CounterMode_Up */
+    TIM2->CR1=  tmpcr1 ;
+
+    TIM2->ARR = 0xffffffff ;         /* ARR= TIM_Period */
+    TIM2->PSC = 60 ;                 /* PSC = TIM_Prescaler */
+    TIM2->EGR = ((uint16_t)0x0001) ; /* EGR = TIM_PSCReloadMode_Immediate */      
+
+    *(uint16_t *)(PERIPH_BASE+0x0) |=((uint16_t)0x0001) ; 
+                                     /* TIM_Cmd(TIM2, ENABLE) ; */
+}
+
+double current_time() 
+{
+      return ((double)TIM2->CNT/1000000.0) ;
+}
+
diff --git a/3P/wolfssl/IDE/MDK5-ARM/Projects/SimpleClient/time-dummy.c b/3P/wolfssl/IDE/MDK5-ARM/Projects/SimpleClient/time-dummy.c
new file mode 100644
index 00000000..8f98da46
--- /dev/null
+++ b/3P/wolfssl/IDE/MDK5-ARM/Projects/SimpleClient/time-dummy.c
@@ -0,0 +1,34 @@
+/* time-dummy.c.c
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+ 
+#ifdef HAVE_CONFIG_H
+    #include 
+#endif
+
+#include "time.h"
+
+struct tm *Cyassl_MDK_gmtime(const time_t *c) 
+{ 
+    static struct tm date ; 
+    return(&date) ;
+}
+
+time_t time(time_t * t) { return 0 ; }
diff --git a/3P/wolfssl/IDE/MDK5-ARM/Projects/SimpleServer/Abstract.txt b/3P/wolfssl/IDE/MDK5-ARM/Projects/SimpleServer/Abstract.txt
new file mode 100644
index 00000000..89a9fd42
--- /dev/null
+++ b/3P/wolfssl/IDE/MDK5-ARM/Projects/SimpleServer/Abstract.txt
@@ -0,0 +1,24 @@
+This program is a simple server example with CyaSSL/wolfCrypt library.
+
+In order to run this program,
+Copy {PACK}\wolfSSL\CyaSSL\{version}\cyassl\certs folder and files to the SD memory.
+Set the server IP address in Net_Config_ETH_0.h
+The default server listning port is 11111, defined in test.h
+
+For further configuration, refer config-Crypt.h and config-CyaSSL.h.
+config-SimpleServer.h is for configuring the server port number.
+
+When testing this server, it is recommended to test against one of the standard 
+CyaSSL example applications running on a desktop machine.  The standard CyaSSL 
+example applications are located in the CyaSSL root directory under the 
+/examples directory.
+
+For the hardware crypt on config-Crypt.h, download 
+STSW-STM32062: STM32F2xx standard peripherals library at 
+http://www.st.com/. Copy Libraries\STM32F2xx_StdPeriph_Driver\{inc,src} to 
+ {PACK}\cyassl\IDE\MDK5-ARM\STM32F2xx_StdPeriph_Lib
+
+
+Support
+-------
+Please send questions or comments to support@wolfssl.com
\ No newline at end of file
diff --git a/3P/wolfssl/IDE/MDK5-ARM/Projects/SimpleServer/RTE/wolfSSL/settings.h b/3P/wolfssl/IDE/MDK5-ARM/Projects/SimpleServer/RTE/wolfSSL/settings.h
new file mode 100644
index 00000000..5cfe60df
--- /dev/null
+++ b/3P/wolfssl/IDE/MDK5-ARM/Projects/SimpleServer/RTE/wolfSSL/settings.h
@@ -0,0 +1,627 @@
+/* settings.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+/* Place OS specific preprocessor flags, defines, includes here, will be
+   included into every file because types.h includes it */
+
+
+#ifndef CTAO_CRYPT_SETTINGS_H
+#define CTAO_CRYPT_SETTINGS_H
+
+#ifdef __cplusplus
+    extern "C" {
+#endif
+
+/* Uncomment next line if using IPHONE */
+/* #define IPHONE */
+
+/* Uncomment next line if using ThreadX */
+/* #define THREADX */
+
+/* Uncomment next line if using Micrium ucOS */
+/* #define MICRIUM */
+
+/* Uncomment next line if using Mbed */
+/* #define MBED */
+
+/* Uncomment next line if using Microchip PIC32 ethernet starter kit */
+/* #define MICROCHIP_PIC32 */
+
+/* Uncomment next line if using Microchip TCP/IP stack, version 5 */
+/* #define MICROCHIP_TCPIP_V5 */
+
+/* Uncomment next line if using Microchip TCP/IP stack, version 6 or later */
+/* #define MICROCHIP_TCPIP */
+
+/* Uncomment next line if using FreeRTOS */
+/* #define FREERTOS */
+
+/* Uncomment next line if using FreeRTOS Windows Simulator */
+/* #define FREERTOS_WINSIM */
+
+/* Uncomment next line if using RTIP */
+/* #define EBSNET */
+
+/* Uncomment next line if using lwip */
+/* #define CYASSL_LWIP */
+
+/* Uncomment next line if building CyaSSL for a game console */
+/* #define CYASSL_GAME_BUILD */
+
+/* Uncomment next line if building CyaSSL for LSR */
+/* #define CYASSL_LSR */
+
+/* Uncomment next line if building CyaSSL for Freescale MQX/RTCS/MFS */
+/* #define FREESCALE_MQX */
+
+/* Uncomment next line if using STM32F2 */
+/* #define CYASSL_STM32F2 */
+
+/* Uncomment next line if using Comverge settings */
+/* #define COMVERGE */
+
+/* Uncomment next line if using QL SEP settings */
+/* #define CYASSL_QL */
+
+
+#include 
+
+#ifdef IPHONE
+    #define SIZEOF_LONG_LONG 8
+#endif
+
+
+#ifdef COMVERGE
+    #define THREADX
+    #define HAVE_NETX
+    #define CYASSL_USER_IO
+    #define NO_WRITEV
+    #define NO_DEV_RANDOM
+    #define NO_FILESYSTEM
+    #define NO_SHA512
+    #define NO_DH
+    #define NO_DSA
+    #define NO_HC128
+    #define NO_RSA
+    #define NO_SESSION_CACHE
+    #define HAVE_ECC 
+#endif
+
+
+#ifdef THREADX 
+    #define SIZEOF_LONG_LONG 8
+#endif
+
+#ifdef HAVE_NETX
+    #include "nx_api.h"
+#endif
+
+#ifdef MICROCHIP_PIC32
+    #define SIZEOF_LONG_LONG 8
+    #define SINGLE_THREADED
+    #define CYASSL_USER_IO
+    #define NO_WRITEV
+    #define NO_DEV_RANDOM
+    #define NO_FILESYSTEM
+    #define USE_FAST_MATH
+    #define TFM_TIMING_RESISTANT
+#endif
+
+#ifdef MICROCHIP_TCPIP_V5
+    /* include timer functions */
+    #include "TCPIP Stack/TCPIP.h"
+#endif
+
+#ifdef MICROCHIP_TCPIP
+    /* include timer, NTP functions */
+    #include "system/system_services.h"
+    #ifdef MICROCHIP_MPLAB_HARMONY
+        #include "tcpip/tcpip.h"
+    #else
+        #include "tcpip/sntp.h"
+    #endif
+#endif
+
+#ifdef MBED
+    #define SINGLE_THREADED
+    #define CYASSL_USER_IO
+    #define NO_WRITEV
+    #define NO_DEV_RANDOM
+    #define NO_SHA512
+    #define NO_DH
+    #define NO_DSA
+    #define NO_HC128
+#endif /* MBED */
+
+#ifdef CYASSL_TYTO
+    #include "rand.h"
+    #define FREERTOS
+    #define NO_FILESYSTEM
+    #define CYASSL_USER_IO
+    #define NO_DEV_RANDOM
+    #define HAVE_ECC
+    #define HAVE_ECC_ENCRYPT
+    #define ECC_SHAMIR
+    #define HAVE_HKDF
+    #define USE_FAST_MATH
+    #define TFM_TIMING_RESISTANT
+    #define FP_MAX_BITS 512
+    #define NO_OLD_TLS
+    #define NO_MD4
+    #define NO_RABBIT
+    #define NO_HC128
+    #define NO_RSA
+    #define NO_DSA
+    #define NO_PWDBASED
+    #define NO_PSK
+#endif
+
+#ifdef FREERTOS_WINSIM
+    #define FREERTOS
+    #define USE_WINDOWS_API
+#endif
+
+
+/* Micrium will use Visual Studio for compilation but not the Win32 API */
+#if defined(_WIN32) && !defined(MICRIUM) && !defined(FREERTOS) \
+        && !defined(EBSNET)
+    #define USE_WINDOWS_API
+#endif
+
+
+#if defined(CYASSL_LEANPSK) && !defined(XMALLOC_USER)
+    #include 
+    #define XMALLOC(s, h, type)  malloc((s))
+    #define XFREE(p, h, type)    free((p)) 
+    #define XREALLOC(p, n, h, t) realloc((p), (n))
+#endif
+
+#if defined(XMALLOC_USER) && defined(SSN_BUILDING_LIBYASSL)
+    #undef  XMALLOC
+    #define XMALLOC     yaXMALLOC
+    #undef  XFREE
+    #define XFREE       yaXFREE
+    #undef  XREALLOC
+    #define XREALLOC    yaXREALLOC
+#endif
+
+
+#ifdef FREERTOS
+    #ifndef NO_WRITEV
+        #define NO_WRITEV
+    #endif
+    #ifndef NO_SHA512
+        #define NO_SHA512
+    #endif
+    #ifndef NO_DH
+        #define NO_DH
+    #endif
+    #ifndef NO_DSA
+        #define NO_DSA
+    #endif
+    #ifndef NO_HC128
+        #define NO_HC128
+    #endif
+
+    #ifndef SINGLE_THREADED
+        #include "FreeRTOS.h"
+        #include "semphr.h"
+    #endif
+#endif
+
+#ifdef EBSNET
+    #include "rtip.h"
+
+    /* #define DEBUG_CYASSL */
+    #define NO_CYASSL_DIR  /* tbd */
+
+    #if (POLLOS)
+        #define SINGLE_THREADED
+    #endif
+
+    #if (RTPLATFORM)
+        #if (!RTP_LITTLE_ENDIAN)
+            #define BIG_ENDIAN_ORDER
+        #endif
+    #else
+        #if (!KS_LITTLE_ENDIAN)
+            #define BIG_ENDIAN_ORDER
+        #endif
+    #endif
+
+    #if (WINMSP3)
+        #undef SIZEOF_LONG
+        #define SIZEOF_LONG_LONG 8
+    #else
+        #sslpro: settings.h - please implement SIZEOF_LONG and SIZEOF_LONG_LONG
+    #endif
+
+    #define XMALLOC(s, h, type) ((void *)rtp_malloc((s), SSL_PRO_MALLOC))
+    #define XFREE(p, h, type) (rtp_free(p))
+    #define XREALLOC(p, n, h, t) realloc((p), (n))
+
+#endif /* EBSNET */
+
+#ifdef CYASSL_GAME_BUILD
+    #define SIZEOF_LONG_LONG 8
+    #if defined(__PPU) || defined(__XENON)
+        #define BIG_ENDIAN_ORDER
+    #endif
+#endif
+
+#ifdef CYASSL_LSR
+    #define HAVE_WEBSERVER
+    #define SIZEOF_LONG_LONG 8
+    #define CYASSL_LOW_MEMORY
+    #define NO_WRITEV
+    #define NO_SHA512
+    #define NO_DH
+    #define NO_DSA
+    #define NO_HC128
+    #define NO_DEV_RANDOM
+    #define NO_CYASSL_DIR
+    #define NO_RABBIT
+    #ifndef NO_FILESYSTEM
+        #define LSR_FS
+        #include "inc/hw_types.h"
+        #include "fs.h"
+    #endif
+    #define CYASSL_LWIP
+    #include   /* for tcp errno */
+    #define CYASSL_SAFERTOS
+    #if defined(__IAR_SYSTEMS_ICC__)
+        /* enum uses enum */
+        #pragma diag_suppress=Pa089
+    #endif
+#endif
+
+#ifdef CYASSL_SAFERTOS
+    #ifndef SINGLE_THREADED
+        #include "SafeRTOS/semphr.h"
+    #endif
+
+    #include "SafeRTOS/heap.h"
+    #define XMALLOC(s, h, type)  pvPortMalloc((s))
+    #define XFREE(p, h, type)    vPortFree((p)) 
+    #define XREALLOC(p, n, h, t) pvPortRealloc((p), (n))
+#endif
+
+#ifdef CYASSL_LOW_MEMORY
+    #undef  RSA_LOW_MEM
+    #define RSA_LOW_MEM
+    #undef  CYASSL_SMALL_STACK
+    #define CYASSL_SMALL_STACK
+    #undef  TFM_TIMING_RESISTANT
+    #define TFM_TIMING_RESISTANT
+#endif
+
+#ifdef FREESCALE_MQX
+    #define SIZEOF_LONG_LONG 8
+    #define NO_WRITEV
+    #define NO_DEV_RANDOM
+    #define NO_RABBIT
+    #define NO_CYASSL_DIR
+    #define USE_FAST_MATH
+    #define TFM_TIMING_RESISTANT
+    #define FREESCALE_K70_RNGA
+    /* #define FREESCALE_K53_RNGB */
+    #include "mqx.h"
+    #ifndef NO_FILESYSTEM
+        #include "mfs.h"
+        #include "fio.h"
+    #endif
+    #ifndef SINGLE_THREADED
+        #include "mutex.h"
+    #endif
+
+    #define XMALLOC(s, h, t)    (void *)_mem_alloc_system((s))
+    #define XFREE(p, h, t)      {void* xp = (p); if ((xp)) _mem_free((xp));}
+    /* Note: MQX has no realloc, using fastmath above */
+#endif
+
+#ifdef CYASSL_STM32F2
+    #define SIZEOF_LONG_LONG 8
+    #define NO_DEV_RANDOM
+    #define NO_CYASSL_DIR
+    #define NO_RABBIT
+    #define STM32F2_RNG
+    #define STM32F2_CRYPTO
+    #define KEIL_INTRINSICS
+#endif
+
+#ifdef MICRIUM
+
+    #include "stdlib.h"
+    #include "net_cfg.h"
+    #include "ssl_cfg.h"
+    #include "net_secure_os.h"
+
+    #define CYASSL_TYPES
+
+    typedef CPU_INT08U byte;
+    typedef CPU_INT16U word16;
+    typedef CPU_INT32U word32;
+
+    #if (NET_SECURE_MGR_CFG_WORD_SIZE == CPU_WORD_SIZE_32)
+        #define SIZEOF_LONG        4
+        #undef  SIZEOF_LONG_LONG
+    #else
+        #undef  SIZEOF_LONG
+        #define SIZEOF_LONG_LONG   8
+    #endif
+
+    #define STRING_USER
+
+    #define XSTRLEN(pstr) ((CPU_SIZE_T)Str_Len((CPU_CHAR *)(pstr)))
+    #define XSTRNCPY(pstr_dest, pstr_src, len_max) \
+                    ((CPU_CHAR *)Str_Copy_N((CPU_CHAR *)(pstr_dest), \
+                     (CPU_CHAR *)(pstr_src), (CPU_SIZE_T)(len_max)))
+    #define XSTRNCMP(pstr_1, pstr_2, len_max) \
+                    ((CPU_INT16S)Str_Cmp_N((CPU_CHAR *)(pstr_1), \
+                     (CPU_CHAR *)(pstr_2), (CPU_SIZE_T)(len_max)))  
+    #define XSTRSTR(pstr, pstr_srch) \
+                    ((CPU_CHAR *)Str_Str((CPU_CHAR *)(pstr), \
+                     (CPU_CHAR *)(pstr_srch)))
+    #define XMEMSET(pmem, data_val, size) \
+                    ((void)Mem_Set((void *)(pmem), (CPU_INT08U) (data_val), \
+                    (CPU_SIZE_T)(size)))
+    #define XMEMCPY(pdest, psrc, size) ((void)Mem_Copy((void *)(pdest), \
+                     (void *)(psrc), (CPU_SIZE_T)(size)))
+    #define XMEMCMP(pmem_1, pmem_2, size) \
+                   (((CPU_BOOLEAN)Mem_Cmp((void *)(pmem_1), (void *)(pmem_2), \
+                     (CPU_SIZE_T)(size))) ? DEF_NO : DEF_YES)
+    #define XMEMMOVE XMEMCPY
+
+#if (NET_SECURE_MGR_CFG_EN == DEF_ENABLED)
+    #define MICRIUM_MALLOC    
+    #define XMALLOC(s, h, type) ((void *)NetSecure_BlkGet((CPU_INT08U)(type), \
+                                 (CPU_SIZE_T)(s), (void *)0))
+    #define XFREE(p, h, type)   (NetSecure_BlkFree((CPU_INT08U)(type), \
+                                 (p), (void *)0))
+    #define XREALLOC(p, n, h, t) realloc((p), (n))
+#endif
+
+    #if (NET_SECURE_MGR_CFG_FS_EN == DEF_ENABLED)
+        #undef  NO_FILESYSTEM
+    #else
+        #define NO_FILESYSTEM
+    #endif
+
+    #if (SSL_CFG_TRACE_LEVEL == CYASSL_TRACE_LEVEL_DBG)
+        #define DEBUG_CYASSL
+    #else
+        #undef  DEBUG_CYASSL
+    #endif
+
+    #if (SSL_CFG_OPENSSL_EN == DEF_ENABLED)
+        #define OPENSSL_EXTRA
+    #else
+        #undef  OPENSSL_EXTRA
+    #endif
+
+    #if (SSL_CFG_MULTI_THREAD_EN == DEF_ENABLED)
+        #undef  SINGLE_THREADED
+    #else
+        #define SINGLE_THREADED
+    #endif
+
+    #if (SSL_CFG_DH_EN == DEF_ENABLED)
+        #undef  NO_DH
+    #else
+        #define NO_DH
+    #endif
+
+    #if (SSL_CFG_DSA_EN == DEF_ENABLED)
+        #undef  NO_DSA
+    #else
+        #define NO_DSA
+    #endif
+
+    #if (SSL_CFG_PSK_EN == DEF_ENABLED)
+        #undef  NO_PSK
+    #else
+        #define NO_PSK
+    #endif
+
+    #if (SSL_CFG_3DES_EN == DEF_ENABLED)
+        #undef  NO_DES
+    #else
+        #define NO_DES
+    #endif
+
+    #if (SSL_CFG_AES_EN == DEF_ENABLED)
+        #undef  NO_AES
+    #else
+        #define NO_AES
+    #endif
+
+    #if (SSL_CFG_RC4_EN == DEF_ENABLED)
+        #undef  NO_RC4
+    #else
+        #define NO_RC4
+    #endif
+
+    #if (SSL_CFG_RABBIT_EN == DEF_ENABLED)
+        #undef  NO_RABBIT
+    #else
+        #define NO_RABBIT
+    #endif
+
+    #if (SSL_CFG_HC128_EN == DEF_ENABLED)
+        #undef  NO_HC128
+    #else
+        #define NO_HC128
+    #endif
+
+    #if (CPU_CFG_ENDIAN_TYPE == CPU_ENDIAN_TYPE_BIG)
+        #define BIG_ENDIAN_ORDER
+    #else
+        #undef  BIG_ENDIAN_ORDER
+        #define LITTLE_ENDIAN_ORDER
+    #endif
+
+    #if (SSL_CFG_MD4_EN == DEF_ENABLED)
+        #undef  NO_MD4
+    #else
+        #define NO_MD4
+    #endif
+
+    #if (SSL_CFG_WRITEV_EN == DEF_ENABLED)
+        #undef  NO_WRITEV
+    #else
+        #define NO_WRITEV
+    #endif
+
+    #if (SSL_CFG_USER_RNG_SEED_EN == DEF_ENABLED)
+        #define NO_DEV_RANDOM   
+    #else
+        #undef  NO_DEV_RANDOM
+    #endif
+
+    #if (SSL_CFG_USER_IO_EN == DEF_ENABLED)
+        #define CYASSL_USER_IO   
+    #else
+        #undef  CYASSL_USER_IO
+    #endif
+
+    #if (SSL_CFG_DYNAMIC_BUFFERS_EN == DEF_ENABLED)
+        #undef  LARGE_STATIC_BUFFERS
+        #undef  STATIC_CHUNKS_ONLY
+    #else
+        #define LARGE_STATIC_BUFFERS
+        #define STATIC_CHUNKS_ONLY
+    #endif
+
+    #if (SSL_CFG_DER_LOAD_EN == DEF_ENABLED)
+        #define  CYASSL_DER_LOAD
+    #else
+        #undef   CYASSL_DER_LOAD
+    #endif
+
+    #if (SSL_CFG_DTLS_EN == DEF_ENABLED)
+        #define  CYASSL_DTLS
+    #else
+        #undef   CYASSL_DTLS
+    #endif
+
+    #if (SSL_CFG_CALLBACKS_EN == DEF_ENABLED)
+         #define CYASSL_CALLBACKS
+    #else
+         #undef  CYASSL_CALLBACKS
+    #endif
+
+    #if (SSL_CFG_FAST_MATH_EN == DEF_ENABLED)
+         #define USE_FAST_MATH
+    #else
+         #undef  USE_FAST_MATH
+    #endif
+
+    #if (SSL_CFG_TFM_TIMING_RESISTANT_EN == DEF_ENABLED)
+         #define TFM_TIMING_RESISTANT
+    #else
+         #undef  TFM_TIMING_RESISTANT
+    #endif
+
+#endif /* MICRIUM */
+
+
+#ifdef CYASSL_QL
+    #ifndef CYASSL_SEP
+        #define CYASSL_SEP
+    #endif
+    #ifndef OPENSSL_EXTRA
+        #define OPENSSL_EXTRA
+    #endif
+    #ifndef SESSION_CERTS
+        #define SESSION_CERTS
+    #endif
+    #ifndef HAVE_AESCCM
+        #define HAVE_AESCCM
+    #endif
+    #ifndef ATOMIC_USER
+        #define ATOMIC_USER
+    #endif
+    #ifndef CYASSL_DER_LOAD
+        #define CYASSL_DER_LOAD
+    #endif
+    #ifndef KEEP_PEER_CERT
+        #define KEEP_PEER_CERT
+    #endif
+    #ifndef HAVE_ECC
+        #define HAVE_ECC
+    #endif
+    #ifndef SESSION_INDEX
+        #define SESSION_INDEX
+    #endif
+#endif /* CYASSL_QL */
+
+
+#if !defined(XMALLOC_USER) && !defined(MICRIUM_MALLOC) && \
+    !defined(CYASSL_LEANPSK) && !defined(NO_CYASSL_MEMORY)
+    #define USE_CYASSL_MEMORY
+#endif
+
+
+#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS)
+    #undef  KEEP_PEER_CERT
+    #define KEEP_PEER_CERT
+#endif
+
+
+/* stream ciphers except arc4 need 32bit alignment, intel ok without */
+#ifndef XSTREAM_ALIGNMENT
+    #if defined(__x86_64__) || defined(__ia64__) || defined(__i386__)
+        #define NO_XSTREAM_ALIGNMENT
+    #else
+        #define XSTREAM_ALIGNMENT
+    #endif
+#endif
+
+
+/* if using hardware crypto and have alignment requirements, specify the
+   requirement here.  The record header of SSL/TLS will prvent easy alignment.
+   This hint tries to help as much as possible.  */
+#ifndef CYASSL_GENERAL_ALIGNMENT
+    #ifdef CYASSL_AESNI
+        #define CYASSL_GENERAL_ALIGNMENT 16
+    #elif defined(XSTREAM_ALIGNMENT)
+        #define CYASSL_GENERAL_ALIGNMENT  4
+    #else 
+        #define CYASSL_GENERAL_ALIGNMENT  0 
+    #endif
+#endif
+
+#ifdef HAVE_CRL
+    /* not widely supported yet */
+    #undef NO_SKID
+    #define NO_SKID
+#endif
+
+/* Place any other flags or defines here */
+
+
+#ifdef __cplusplus
+    }   /* extern "C" */
+#endif
+
+
+#endif /* CTAO_CRYPT_SETTINGS_H */
+
diff --git a/3P/wolfssl/IDE/MDK5-ARM/Projects/SimpleServer/SimpleServer.uvoptx b/3P/wolfssl/IDE/MDK5-ARM/Projects/SimpleServer/SimpleServer.uvoptx
new file mode 100644
index 00000000..e58d8495
--- /dev/null
+++ b/3P/wolfssl/IDE/MDK5-ARM/Projects/SimpleServer/SimpleServer.uvoptx
@@ -0,0 +1,1250 @@
+
+
+
+  1.0
+
+  
### uVision Project, (C) Keil Software

+
+  
+    *.c
+    *.s*; *.src; *.a*
+    *.obj
+    *.lib
+    *.txt; *.h; *.inc
+    *.plm
+    *.cpp
+  
+
+  
+    0
+    0
+  
+
+  
+    SimpleServer
+    0x4
+    ARM-ADS
+    
+      120000000
+      
+        1
+        1
+        0
+        1
+      
+      
+        1
+        65535
+        0
+        0
+        0
+      
+      
+        79
+        66
+        8
+        .\Object\
+      
+      
+        1
+        1
+        1
+        0
+        1
+        1
+        0
+        1
+        0
+        0
+        0
+        0
+      
+      
+        1
+        1
+        1
+        1
+        1
+        1
+        1
+        0
+        0
+      
+      
+        1
+        0
+        1
+      
+      255
+      
+        
+          0
+          Schematics (MCBSTM32F200)
+          C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\Documents\mcbstm32f200-schematics.pdf
+        
+        
+          1
+          User Manual (MCBSTM32F200)
+          C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\Documents\mcbstm32f200.chm
+        
+        
+          2
+          MCBSTM32F200 Evaluation Board Web Page (MCBSTM32F200)
+          http://www.keil.com/mcbstm32f200/
+        
+      
+      
+        0
+        1
+        1
+        1
+        1
+        1
+        1
+        1
+        1
+        1
+        1
+        1
+        1
+        1
+        0
+        1
+        1
+        1
+        1
+        1
+        0
+        0
+        8
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        .\STM32_SWO.ini
+        BIN\ULP2CM3.DLL
+      
+      
+        
+          0
+          DLGTARM
+          (1010=-1,-1,-1,-1,0)(1007=-1,-1,-1,-1,0)(1008=-1,-1,-1,-1,0)(1009=-1,-1,-1,-1,0)(1012=-1,-1,-1,-1,0)
+        
+        
+          0
+          ARMDBGFLAGS
+          
+        
+        
+          0
+          ULP2CM3
+          -UP1135060 -O206 -S8 -C0 -P00 -N00("ARM CoreSight SW-DP") -D00(2BA01477) -L00(0) -TO19 -TC120000000 -TP18 -TDX0 -TDD0 -TDS8000 -TDT0 -TDC1F -TIE1 -TIP1 -FO7 -FD20000000 -FC1000 -FN1 -FF0STM32F2xx_1024.flm -FS08000000 -FL0100000 -FP0($$Device:STM32F207IG$Flash\STM32F2xx_1024.flm)
+        
+        
+          0
+          DLGUARM
+          
+        
+        
+          0
+          UL2CM3
+          UL2CM3(-S0 -C0 -P0 -FD20000000 -FC1000 -FN1 -FF0STM32F2xx_1024 -FS08000000 -FL0100000 -FP0($$Device:STM32F207IG$Flash\STM32F2xx_1024.flm))
+        
+      
+      
+      
+        
+          1
+          8
+          0x20000408
+        
+      
+      
+        
+          2
+          8
+          0x8004dc8
+        
+      
+      
+        0
+      
+      
+        0
+        0
+        1
+        0
+        0
+        0
+        0
+        1
+        0
+        0
+        0
+        0
+        0
+        0
+        0
+        0
+        0
+        0
+        0
+        1
+        0
+        0
+        0
+        0
+      
+      
+      
+    
+  
+
+  
+    Source
+    0
+    0
+    0
+    0
+    
+      1
+      1
+      1
+      0
+      0
+      0
+      0
+      .\main.c
+      main.c
+      0
+      0
+    
+    
+      1
+      2
+      1
+      0
+      0
+      0
+      0
+      .\server.c
+      server.c
+      0
+      0
+    
+  
+
+  
+    Configuration
+    1
+    0
+    0
+    0
+    
+      2
+      3
+      5
+      0
+      0
+      0
+      0
+      .\RTE\wolfSSL\config-CyaSSL.h
+      config-CyaSSL.h
+      0
+      0
+    
+    
+      2
+      4
+      5
+      0
+      0
+      0
+      0
+      .\RTE\wolfSSL\config-Crypt.h
+      config-Crypt.h
+      0
+      0
+    
+    
+      2
+      5
+      5
+      0
+      0
+      0
+      0
+      .\RTE\Network\Net_Config_ETH_0.h
+      Net_Config_ETH_0.h
+      0
+      0
+    
+    
+      2
+      6
+      5
+      0
+      0
+      0
+      0
+      .\config-SimpleServer.h
+      config-SimpleServer.h
+      0
+      0
+    
+  
+
+  
+    Documentation
+    0
+    0
+    0
+    0
+    
+      3
+      7
+      5
+      0
+      0
+      0
+      0
+      .\Abstract.txt
+      Abstract.txt
+      0
+      0
+    
+  
+
+  
+    Devices
+    1
+    0
+    0
+    0
+    
+      4
+      8
+      1
+      0
+      0
+      0
+      0
+      .\time-dummy.c
+      time-dummy.c
+      0
+      0
+    
+  
+
+  
+    ::CMSIS
+    0
+    0
+    0
+    1
+    
+      5
+      9
+      1
+      0
+      0
+      0
+      0
+      RTE\CMSIS\RTX_Conf_CM.c
+      RTX_Conf_CM.c
+      1
+      0
+    
+    
+      5
+      10
+      4
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.4\CMSIS_RTX\Lib\ARM\RTX_CM3.lib
+      RTX_CM3.lib
+      1
+      0
+    
+  
+
+  
+    ::Device
+    0
+    0
+    0
+    1
+    
+      6
+      11
+      5
+      0
+      0
+      0
+      0
+      RTE\Device\STM32F207IG\RTE_Device.h
+      RTE_Device.h
+      1
+      0
+    
+    
+      6
+      12
+      2
+      0
+      0
+      0
+      0
+      RTE\Device\STM32F207IG\startup_stm32f2xx.s
+      startup_stm32f2xx.s
+      1
+      0
+    
+    
+      6
+      13
+      1
+      0
+      0
+      0
+      0
+      RTE\Device\STM32F207IG\system_stm32f2xx.c
+      system_stm32f2xx.c
+      1
+      0
+    
+    
+      6
+      14
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\DMA_STM32F2xx.c
+      DMA_STM32F2xx.c
+      1
+      0
+    
+    
+      6
+      15
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\GPIO_STM32F2xx.c
+      GPIO_STM32F2xx.c
+      1
+      0
+    
+  
+
+  
+    ::Drivers
+    0
+    0
+    0
+    1
+    
+      7
+      16
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\EMAC_STM32F2xx.c
+      EMAC_STM32F2xx.c
+      1
+      0
+    
+    
+      7
+      17
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\MCI_STM32F2xx.c
+      MCI_STM32F2xx.c
+      1
+      0
+    
+    
+      7
+      18
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.6\Network\Driver\PHY_ST802RT1.c
+      PHY_ST802RT1.c
+      1
+      0
+    
+  
+
+  
+    ::File System
+    0
+    0
+    0
+    1
+    
+      8
+      19
+      1
+      0
+      0
+      0
+      0
+      RTE\File_System\FS_Config.c
+      FS_Config.c
+      1
+      0
+    
+    
+      8
+      20
+      5
+      0
+      0
+      0
+      0
+      RTE\File_System\FS_Config_MC_0.h
+      FS_Config_MC_0.h
+      1
+      0
+    
+    
+      8
+      21
+      4
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.6\FileSystem\Lib\ARM\FS_LFN_CM3_L.lib
+      FS_LFN_CM3_L.lib
+      1
+      0
+    
+  
+
+  
+    ::Network
+    0
+    0
+    0
+    1
+    
+      9
+      22
+      1
+      0
+      0
+      0
+      0
+      RTE\Network\Net_Config.c
+      Net_Config.c
+      1
+      0
+    
+    
+      9
+      23
+      5
+      0
+      0
+      0
+      0
+      RTE\Network\Net_Config_BSD.h
+      Net_Config_BSD.h
+      1
+      0
+    
+    
+      9
+      24
+      5
+      0
+      0
+      0
+      0
+      RTE\Network\Net_Config_DNS_Client.h
+      Net_Config_DNS_Client.h
+      1
+      0
+    
+    
+      9
+      25
+      5
+      0
+      0
+      0
+      0
+      RTE\Network\Net_Config_ETH_0.h
+      Net_Config_ETH_0.h
+      1
+      0
+    
+    
+      9
+      26
+      5
+      0
+      0
+      0
+      0
+      RTE\Network\Net_Config_TCP.h
+      Net_Config_TCP.h
+      1
+      0
+    
+    
+      9
+      27
+      5
+      0
+      0
+      0
+      0
+      RTE\Network\Net_Config_UDP.h
+      Net_Config_UDP.h
+      1
+      0
+    
+    
+      9
+      28
+      1
+      0
+      0
+      0
+      0
+      RTE\Network\Net_Debug.c
+      Net_Debug.c
+      1
+      0
+    
+    
+      9
+      29
+      4
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.6\Network\Lib\ARM\Net_Dbg_CM3_L.lib
+      Net_Dbg_CM3_L.lib
+      1
+      0
+    
+  
+
+  
+    ::wolfSSL
+    0
+    0
+    0
+    1
+    
+      10
+      30
+      5
+      0
+      0
+      0
+      0
+      RTE\wolfSSL\config-Crypt.h
+      config-Crypt.h
+      1
+      0
+    
+    
+      10
+      31
+      5
+      0
+      0
+      0
+      0
+      RTE\wolfSSL\config-CyaSSL.h
+      config-CyaSSL.h
+      1
+      0
+    
+    
+      10
+      32
+      5
+      0
+      0
+      0
+      0
+      RTE\wolfSSL\settings.h
+      settings.h
+      1
+      0
+    
+    
+      10
+      33
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\IDE\MDK5-ARM\Src\cyassl_MDK_ARM.c
+      cyassl_MDK_ARM.c
+      1
+      0
+    
+    
+      10
+      34
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\aes.c
+      aes.c
+      1
+      0
+    
+    
+      10
+      35
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\arc4.c
+      arc4.c
+      1
+      0
+    
+    
+      10
+      36
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\asm.c
+      asm.c
+      1
+      0
+    
+    
+      10
+      37
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\asn.c
+      asn.c
+      1
+      0
+    
+    
+      10
+      38
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\blake2b.c
+      blake2b.c
+      1
+      0
+    
+    
+      10
+      39
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\camellia.c
+      camellia.c
+      1
+      0
+    
+    
+      10
+      40
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\coding.c
+      coding.c
+      1
+      0
+    
+    
+      10
+      41
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\compress.c
+      compress.c
+      1
+      0
+    
+    
+      10
+      42
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\des3.c
+      des3.c
+      1
+      0
+    
+    
+      10
+      43
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\dh.c
+      dh.c
+      1
+      0
+    
+    
+      10
+      44
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\dsa.c
+      dsa.c
+      1
+      0
+    
+    
+      10
+      45
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\ecc.c
+      ecc.c
+      1
+      0
+    
+    
+      10
+      46
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\ecc_fp.c
+      ecc_fp.c
+      1
+      0
+    
+    
+      10
+      47
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\error.c
+      error.c
+      1
+      0
+    
+    
+      10
+      48
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\hc128.c
+      hc128.c
+      1
+      0
+    
+    
+      10
+      49
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\hmac.c
+      hmac.c
+      1
+      0
+    
+    
+      10
+      50
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\integer.c
+      integer.c
+      1
+      0
+    
+    
+      10
+      51
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\logging.c
+      logging.c
+      1
+      0
+    
+    
+      10
+      52
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\md2.c
+      md2.c
+      1
+      0
+    
+    
+      10
+      53
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\md4.c
+      md4.c
+      1
+      0
+    
+    
+      10
+      54
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\md5.c
+      md5.c
+      1
+      0
+    
+    
+      10
+      55
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\memory.c
+      memory.c
+      1
+      0
+    
+    
+      10
+      56
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\misc.c
+      misc.c
+      1
+      0
+    
+    
+      10
+      57
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\pwdbased.c
+      pwdbased.c
+      1
+      0
+    
+    
+      10
+      58
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\rabbit.c
+      rabbit.c
+      1
+      0
+    
+    
+      10
+      59
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\random.c
+      random.c
+      1
+      0
+    
+    
+      10
+      60
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\ripemd.c
+      ripemd.c
+      1
+      0
+    
+    
+      10
+      61
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\rsa.c
+      rsa.c
+      1
+      0
+    
+    
+      10
+      62
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\sha.c
+      sha.c
+      1
+      0
+    
+    
+      10
+      63
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\sha256.c
+      sha256.c
+      1
+      0
+    
+    
+      10
+      64
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\sha512.c
+      sha512.c
+      1
+      0
+    
+    
+      10
+      65
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\tfm.c
+      tfm.c
+      1
+      0
+    
+    
+      10
+      66
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\wc_port.c
+      wc_port.c
+      1
+      0
+    
+    
+      10
+      67
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\src\crl.c
+      crl.c
+      1
+      0
+    
+    
+      10
+      68
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\src\internal.c
+      internal.c
+      1
+      0
+    
+    
+      10
+      69
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\src\io.c
+      io.c
+      1
+      0
+    
+    
+      10
+      70
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\src\keys.c
+      keys.c
+      1
+      0
+    
+    
+      10
+      71
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\src\ocsp.c
+      ocsp.c
+      1
+      0
+    
+    
+      10
+      72
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\src\sniffer.c
+      sniffer.c
+      1
+      0
+    
+    
+      10
+      73
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\src\ssl.c
+      ssl.c
+      1
+      0
+    
+    
+      10
+      74
+      1
+      0
+      0
+      0
+      0
+      C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\src\tls.c
+      tls.c
+      1
+      0
+    
+  
+
+
diff --git a/3P/wolfssl/IDE/MDK5-ARM/Projects/SimpleServer/SimpleServer.uvprojx b/3P/wolfssl/IDE/MDK5-ARM/Projects/SimpleServer/SimpleServer.uvprojx
new file mode 100644
index 00000000..6480847b
--- /dev/null
+++ b/3P/wolfssl/IDE/MDK5-ARM/Projects/SimpleServer/SimpleServer.uvprojx
@@ -0,0 +1,1157 @@
+
+
+
+  2.1
+
+  
### uVision Project, (C) Keil Software

+
+  
+    
+      SimpleServer
+      0x4
+      ARM-ADS
+      
+        
+          STM32F207IG
+          STMicroelectronics
+          IRAM(0x20000000,0x20000) IROM(0x08000000,0x100000) CPUTYPE("Cortex-M3") CLOCK(120000000) ELITTLE
+          
+          
+          UL2CM3(-S0 -C0 -P0 -FD20000000 -FC1000 -FN1 -FF0STM32F2xx_1024 -FS08000000 -FL0100000 -FP0($$Device:STM32F207IG$Flash\STM32F2xx_1024.flm))
+          0
+          $$Device:STM32F207IG$Device\Include\stm32f2xx.h
+          
+          
+          
+          
+          
+          
+          
+          
+          
+          $$Device:STM32F207IG$SVD\STM32F20x.svd
+          0
+          0
+          
+          
+          
+          
+          
+          
+            0
+            0
+            0
+            0
+            1
+          
+          .\Object\
+          SimpleServer
+          1
+          0
+          0
+          1
+          1
+          .\Object\
+          1
+          0
+          0
+          
+            0
+            0
+            
+            
+            0
+            0
+            0
+            0
+          
+          
+            0
+            0
+            
+            
+            0
+            0
+            0
+            0
+          
+          
+            0
+            0
+            
+            
+            0
+            0
+          
+          0
+          
+        
+        
+          0
+          0
+          0
+          0
+          0
+          1
+          0
+          0
+          0
+          0
+          3
+          
+          
+          1
+        
+        
+          SARMCM3.DLL
+          -REMAP -MPU
+          DCM.DLL
+          -pCM3
+          SARMCM3.DLL
+          -REMAP -MPU
+          TCM.DLL
+          -pCM3
+        
+        
+          
+            1
+            0
+            0
+            0
+            16
+          
+          
+            0
+            1
+            1
+            1
+            1
+            1
+            1
+            1
+            0
+            1
+          
+          
+            1
+            1
+            1
+            1
+            1
+            1
+            0
+            1
+            1
+            1
+            1
+          
+          0
+          8
+          
+            
+            
+            
+            
+            
+          
+          
+            
+            
+            
+            
+            .\STM32_SWO.ini
+            BIN\ULP2CM3.DLL
+          
+        
+        
+          
+            1
+            0
+            0
+            1
+            1
+            4100
+          
+          1
+          BIN\ULP2CM3.DLL
+          "" ()
+          
+          
+          
+          
+          0
+        
+        
+          
+            0
+            1
+            1
+            1
+            1
+            1
+            1
+            1
+            0
+            1
+            1
+            0
+            1
+            1
+            0
+            0
+            1
+            1
+            1
+            1
+            1
+            1
+            1
+            1
+            1
+            0
+            0
+            "Cortex-M3"
+            
+            1
+            0
+            0
+            1
+            1
+            0
+            0
+            0
+            0
+            0
+            8
+            0
+            0
+            0
+            3
+            3
+            0
+            0
+            0
+            0
+            0
+            0
+            0
+            0
+            0
+            0
+            1
+            0
+            0
+            0
+            0
+            1
+            0
+            
+              
+                0
+                0x0
+                0x0
+              
+              
+                0
+                0x0
+                0x0
+              
+              
+                0
+                0x0
+                0x0
+              
+              
+                0
+                0x0
+                0x0
+              
+              
+                0
+                0x0
+                0x0
+              
+              
+                0
+                0x0
+                0x0
+              
+              
+                0
+                0x20000000
+                0x20000
+              
+              
+                1
+                0x8000000
+                0x100000
+              
+              
+                0
+                0x0
+                0x0
+              
+              
+                1
+                0x0
+                0x0
+              
+              
+                1
+                0x0
+                0x0
+              
+              
+                1
+                0x0
+                0x0
+              
+              
+                1
+                0x8000000
+                0x100000
+              
+              
+                1
+                0x0
+                0x0
+              
+              
+                0
+                0x0
+                0x0
+              
+              
+                0
+                0x0
+                0x0
+              
+              
+                0
+                0x0
+                0x0
+              
+              
+                0
+                0x20000000
+                0x20000
+              
+              
+                0
+                0x0
+                0x0
+              
+            
+            
+          
+          
+            1
+            4
+            0
+            0
+            0
+            0
+            0
+            0
+            0
+            0
+            0
+            0
+            0
+            0
+            0
+            
+              
+              HAVE_CONFIG_H  MDK_CONF_SimpleServer
+              
+              
+            
+          
+          
+            1
+            0
+            0
+            0
+            0
+            0
+            0
+            0
+            0
+            
+              
+              
+              
+              
+            
+          
+          
+            1
+            0
+            0
+            0
+            1
+            0
+            0x08000000
+            0x20000000
+            
+            
+            
+            
+            
+            
+            
+          
+        
+      
+      
+        
+          Source
+          
+            
+              main.c
+              1
+              .\main.c
+            
+            
+              server.c
+              1
+              .\server.c
+            
+          
+        
+        
+          Configuration
+          
+            
+              config-CyaSSL.h
+              5
+              .\RTE\wolfSSL\config-CyaSSL.h
+            
+            
+              config-Crypt.h
+              5
+              .\RTE\wolfSSL\config-Crypt.h
+            
+            
+              Net_Config_ETH_0.h
+              5
+              .\RTE\Network\Net_Config_ETH_0.h
+            
+            
+              config-SimpleServer.h
+              5
+              .\config-SimpleServer.h
+            
+          
+        
+        
+          Documentation
+          
+            
+              Abstract.txt
+              5
+              .\Abstract.txt
+            
+          
+        
+        
+          Devices
+          
+            
+              time-dummy.c
+              1
+              .\time-dummy.c
+            
+          
+        
+        
+          ::CMSIS
+          
+            
+              RTX_Conf_CM.c
+              1
+              RTE\CMSIS\RTX_Conf_CM.c
+            
+            
+              RTX_CM3.lib
+              4
+              C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.4\CMSIS_RTX\Lib\ARM\RTX_CM3.lib
+            
+          
+        
+        
+          ::Device
+          
+            
+              RTE_Device.h
+              5
+              RTE\Device\STM32F207IG\RTE_Device.h
+            
+            
+              startup_stm32f2xx.s
+              2
+              RTE\Device\STM32F207IG\startup_stm32f2xx.s
+            
+            
+              system_stm32f2xx.c
+              1
+              RTE\Device\STM32F207IG\system_stm32f2xx.c
+            
+            
+              DMA_STM32F2xx.c
+              1
+              C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\DMA_STM32F2xx.c
+            
+            
+              GPIO_STM32F2xx.c
+              1
+              C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\GPIO_STM32F2xx.c
+            
+          
+        
+        
+          ::Drivers
+          
+            
+              EMAC_STM32F2xx.c
+              1
+              C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\EMAC_STM32F2xx.c
+            
+            
+              MCI_STM32F2xx.c
+              1
+              C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\MCI_STM32F2xx.c
+            
+            
+              PHY_ST802RT1.c
+              1
+              C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.6\Network\Driver\PHY_ST802RT1.c
+            
+          
+        
+        
+          ::File System
+          
+            
+              FS_Config.c
+              1
+              RTE\File_System\FS_Config.c
+            
+            
+              FS_Config_MC_0.h
+              5
+              RTE\File_System\FS_Config_MC_0.h
+            
+            
+              FS_LFN_CM3_L.lib
+              4
+              C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.6\FileSystem\Lib\ARM\FS_LFN_CM3_L.lib
+            
+          
+        
+        
+          ::Network
+          
+            
+              Net_Config.c
+              1
+              RTE\Network\Net_Config.c
+            
+            
+              Net_Config_BSD.h
+              5
+              RTE\Network\Net_Config_BSD.h
+            
+            
+              Net_Config_DNS_Client.h
+              5
+              RTE\Network\Net_Config_DNS_Client.h
+            
+            
+              Net_Config_ETH_0.h
+              5
+              RTE\Network\Net_Config_ETH_0.h
+            
+            
+              Net_Config_TCP.h
+              5
+              RTE\Network\Net_Config_TCP.h
+            
+            
+              Net_Config_UDP.h
+              5
+              RTE\Network\Net_Config_UDP.h
+            
+            
+              Net_Debug.c
+              1
+              RTE\Network\Net_Debug.c
+            
+            
+              Net_Dbg_CM3_L.lib
+              4
+              C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.6\Network\Lib\ARM\Net_Dbg_CM3_L.lib
+            
+          
+        
+        
+          ::wolfSSL
+          
+            
+              config-Crypt.h
+              5
+              RTE\wolfSSL\config-Crypt.h
+            
+            
+              config-CyaSSL.h
+              5
+              RTE\wolfSSL\config-CyaSSL.h
+            
+            
+              settings.h
+              5
+              RTE\wolfSSL\settings.h
+            
+            
+              cyassl_MDK_ARM.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\IDE\MDK5-ARM\Src\cyassl_MDK_ARM.c
+            
+            
+              aes.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\aes.c
+            
+            
+              arc4.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\arc4.c
+            
+            
+              asm.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\asm.c
+            
+            
+              asn.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\asn.c
+            
+            
+              blake2b.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\blake2b.c
+            
+            
+              camellia.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\camellia.c
+            
+            
+              coding.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\coding.c
+            
+            
+              compress.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\compress.c
+            
+            
+              des3.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\des3.c
+            
+            
+              dh.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\dh.c
+            
+            
+              dsa.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\dsa.c
+            
+            
+              ecc.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\ecc.c
+            
+            
+              ecc_fp.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\ecc_fp.c
+            
+            
+              error.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\error.c
+            
+            
+              hc128.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\hc128.c
+            
+            
+              hmac.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\hmac.c
+            
+            
+              integer.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\integer.c
+            
+            
+              logging.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\logging.c
+            
+            
+              md2.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\md2.c
+            
+            
+              md4.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\md4.c
+            
+            
+              md5.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\md5.c
+            
+            
+              memory.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\memory.c
+            
+            
+              misc.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\misc.c
+            
+            
+              pwdbased.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\pwdbased.c
+            
+            
+              rabbit.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\rabbit.c
+            
+            
+              random.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\random.c
+            
+            
+              ripemd.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\ripemd.c
+            
+            
+              rsa.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\rsa.c
+            
+            
+              sha.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\sha.c
+            
+            
+              sha256.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\sha256.c
+            
+            
+              sha512.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\sha512.c
+            
+            
+              tfm.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\tfm.c
+            
+            
+              wc_port.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\ctaocrypt\src\wc_port.c
+            
+            
+              crl.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\src\crl.c
+            
+            
+              internal.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\src\internal.c
+            
+            
+              io.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\src\io.c
+            
+            
+              keys.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\src\keys.c
+            
+            
+              ocsp.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\src\ocsp.c
+            
+            
+              sniffer.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\src\sniffer.c
+            
+            
+              ssl.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\src\ssl.c
+            
+            
+              tls.c
+              1
+              C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.1.0\cyassl\src\tls.c
+            
+          
+        
+      
+    
+  
+
+  
+    
+      
+        
+          
+        
+      
+      
+        
+          
+        
+      
+      
+        
+          
+        
+      
+      
+        
+          
+        
+      
+      
+        
+          
+        
+      
+    
+    
+      
+        
+        
+          
+        
+      
+      
+        
+        
+          
+        
+      
+      
+        
+        
+          
+        
+      
+      
+        
+        
+          
+        
+      
+    
+    
+      
+        
+        
+          
+        
+      
+      
+        
+        
+          
+        
+      
+      
+        
+        
+          
+        
+      
+      
+        
+        
+          
+        
+      
+      
+        
+        
+          
+        
+      
+      
+        
+        
+          
+        
+      
+      
+        
+        
+          
+        
+      
+      
+        
+        
+          
+        
+      
+      
+        
+        
+          
+        
+      
+      
+        
+        
+          
+        
+      
+      
+        
+        
+          
+        
+      
+      
+        
+        
+          
+        
+      
+      
+        
+        
+          
+        
+      
+      
+        
+        
+          
+        
+      
+      
+        
+        
+          
+        
+      
+      
+        
+        
+          
+        
+      
+      
+        
+        
+          
+        
+      
+      
+        
+        
+          
+        
+      
+    
+    
+      
+        RTE\CMSIS\RTX_Conf_CM.c
+        
+        
+        
+          
+        
+      
+      
+        RTE\Device\STM32F207IG\RTE_Device.h
+        
+        
+        
+          
+        
+      
+      
+        RTE\Device\STM32F207IG\startup_stm32f2xx.s
+        
+        
+        
+          
+        
+      
+      
+        RTE\Device\STM32F207IG\system_stm32f2xx.c
+        
+        
+        
+          
+        
+      
+      
+        RTE\File_System\FS_Config.c
+        
+        
+        
+          
+        
+      
+      
+        RTE\File_System\FS_Config_MC_0.h
+        
+        
+        
+          
+        
+      
+      
+        RTE\Network\Net_Config.c
+        
+        
+        
+          
+        
+      
+      
+        RTE\Network\Net_Config_BSD.h
+        
+        
+        
+          
+        
+      
+      
+        RTE\Network\Net_Config_DNS_Client.h
+        
+        
+        
+          
+        
+      
+      
+        RTE\Network\Net_Config_ETH_0.h
+        
+        
+        
+          
+        
+      
+      
+        RTE\Network\Net_Config_TCP.h
+        
+        
+        
+          
+        
+      
+      
+        RTE\Network\Net_Config_UDP.h
+        
+        
+        
+          
+        
+      
+      
+        RTE\Network\Net_Debug.c
+        
+        
+        
+          
+        
+      
+      
+        RTE\Other\config-Crypt.h
+        
+        
+        
+      
+      
+        RTE\Other\config-CyaSSL.h
+        
+        
+        
+      
+      
+        RTE\Other\config-RTX-TCP-FS.h
+        
+        
+        
+      
+      
+        RTE\Other\config.h
+        
+        
+        
+      
+      
+        RTE\wolfSSL\config-Crypt.h
+        
+        
+        
+          
+        
+      
+      
+        RTE\wolfSSL\config-CyaSSL.h
+        
+        
+        
+          
+        
+      
+      
+        RTE\wolfSSL\config.h
+        
+        
+        
+      
+      
+        RTE\wolfSSL\settings.h
+        
+        
+        
+          
+        
+      
+    
+  
+
+
diff --git a/3P/wolfssl/IDE/MDK5-ARM/Projects/SimpleServer/config-SimpleServer.h b/3P/wolfssl/IDE/MDK5-ARM/Projects/SimpleServer/config-SimpleServer.h
new file mode 100644
index 00000000..eda721c8
--- /dev/null
+++ b/3P/wolfssl/IDE/MDK5-ARM/Projects/SimpleServer/config-SimpleServer.h
@@ -0,0 +1,31 @@
+/* config-RTX-TCP-FS.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+
+
+// <<< Use Configuration Wizard in Context Menu >>>
+//  Build Target: Simple Server
+//   Listen Port Number
+//    Default: "11111"
+#define CYASSL_LISTEN_PORT     "443"
+
+//     
+// <<< end of configuration section >>>
diff --git a/3P/wolfssl/IDE/MDK5-ARM/Projects/SimpleServer/main.c b/3P/wolfssl/IDE/MDK5-ARM/Projects/SimpleServer/main.c
new file mode 100644
index 00000000..9fd78f01
--- /dev/null
+++ b/3P/wolfssl/IDE/MDK5-ARM/Projects/SimpleServer/main.c
@@ -0,0 +1,105 @@
+/* main.c
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+ 
+#ifdef HAVE_CONFIG_H
+    #include 
+#endif
+
+#include 
+#include 
+
+#include "cmsis_os.h"
+#include "rl_fs.h" 
+#include "rl_net.h" 
+#include 
+#include "cyassl_MDK_ARM.h"
+#include 
+
+#include "config-SimpleServer.h"
+
+/*-----------------------------------------------------------------------------
+ *        Initialize a Flash Memory Card
+ *----------------------------------------------------------------------------*/
+static void init_filesystem (void) {
+    int32_t retv;
+
+    retv = finit ("M0:");
+    if (retv == 0) {
+        retv = fmount ("M0:");
+        if (retv == 0) {
+            printf ("Drive M0 ready!\n");
+        }
+        else {
+          printf ("Drive M0 mount failed!\n");
+        }
+    } else {
+        printf ("Drive M0 initialization failed!\n");
+    }
+}
+
+/*-----------------------------------------------------------------------------
+ *        TCP/IP tasks
+ *----------------------------------------------------------------------------*/
+void tcp_poll (void const *arg)
+{
+    CYASSL_MSG("TCP polling started.\n") ;
+    while (1) {
+        net_main ();
+        osDelay(1) ;
+    }
+}
+
+typedef struct func_args {
+    int    argc;
+    char** argv;
+} func_args;
+
+extern void server_test(func_args * args) ;
+extern void init_time(void) ;
+
+    osThreadDef (tcp_poll, osPriorityHigh , 1, 0) ;
+/*-----------------------------------------------------------------------------
+ *       mian entry 
+ *----------------------------------------------------------------------------*/
+int myoptind = 0;
+char* myoptarg = NULL;
+
+int main() 
+{
+    static char *argv[]    = {  "server",   "-p", CYASSL_LISTEN_PORT, "-d"} ;
+    static func_args args  = {  4, argv } ; 
+        
+    init_filesystem ();
+    net_initialize() ;
+    osThreadCreate (osThread (tcp_poll), NULL); 
+    osDelay(10000) ;  /* wait for DHCP */
+    #if defined(DEBUG_CYASSL)
+         printf("Turning ON Debug message\n") ;
+         CyaSSL_Debugging_ON() ;
+    #endif
+        
+    printf("Simple Server: Started\n") ;
+    while(1) {
+       server_test(&args) ;
+       printf("Enter any key to iterate.\n") ;
+       getchar() ;
+   }
+}
diff --git a/3P/wolfssl/IDE/MDK5-ARM/Projects/SimpleServer/server.c b/3P/wolfssl/IDE/MDK5-ARM/Projects/SimpleServer/server.c
new file mode 100644
index 00000000..b1a69440
--- /dev/null
+++ b/3P/wolfssl/IDE/MDK5-ARM/Projects/SimpleServer/server.c
@@ -0,0 +1,605 @@
+/* server.c
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+#ifdef HAVE_CONFIG_H
+    #include 
+#endif
+
+#include 
+
+#if !defined(CYASSL_TRACK_MEMORY) && !defined(NO_MAIN_DRIVER)
+    /* in case memory tracker wants stats */
+    #define CYASSL_TRACK_MEMORY
+#endif
+
+#if defined(CYASSL_MDK_ARM)
+        #include 
+        #include 
+
+        #if defined(CYASSL_MDK5)
+            #include "cmsis_os.h"
+            #include "rl_fs.h" 
+            #include "rl_net.h" 
+        #else
+            #include "rtl.h"
+        #endif
+
+        #include "cyassl_MDK_ARM.h"
+#endif
+#include 
+#include 
+
+#include "examples/server/server.h"
+
+
+#ifdef CYASSL_CALLBACKS
+    int srvHandShakeCB(HandShakeInfo*);
+    int srvTimeoutCB(TimeoutInfo*);
+    Timeval srvTo;
+#endif
+
+static void NonBlockingSSL_Accept(SSL* ssl)
+{
+#ifndef CYASSL_CALLBACKS
+    int ret = SSL_accept(ssl);
+#else
+    int ret = CyaSSL_accept_ex(ssl, srvHandShakeCB, srvTimeoutCB, srvTo);
+#endif
+    int error = SSL_get_error(ssl, 0);
+    SOCKET_T sockfd = (SOCKET_T)CyaSSL_get_fd(ssl);
+    int select_ret;
+
+    while (ret != SSL_SUCCESS && (error == SSL_ERROR_WANT_READ ||
+                                  error == SSL_ERROR_WANT_WRITE)) {
+        int currTimeout = 1;
+
+        if (error == SSL_ERROR_WANT_READ)
+            printf("... server would read block\n");
+        else
+            printf("... server would write block\n");
+
+#ifdef CYASSL_DTLS
+        currTimeout = CyaSSL_dtls_get_current_timeout(ssl);
+#endif
+        select_ret = tcp_select(sockfd, currTimeout);
+
+        if ((select_ret == TEST_RECV_READY) ||
+                                        (select_ret == TEST_ERROR_READY)) {
+            #ifndef CYASSL_CALLBACKS
+                ret = SSL_accept(ssl);
+            #else
+                ret = CyaSSL_accept_ex(ssl,
+                                    srvHandShakeCB, srvTimeoutCB, srvTo);
+            #endif
+            error = SSL_get_error(ssl, 0);
+        }
+        else if (select_ret == TEST_TIMEOUT && !CyaSSL_dtls(ssl)) {
+            error = SSL_ERROR_WANT_READ;
+        }
+#ifdef CYASSL_DTLS
+        else if (select_ret == TEST_TIMEOUT && CyaSSL_dtls(ssl) &&
+                                            CyaSSL_dtls_got_timeout(ssl) >= 0) {
+            error = SSL_ERROR_WANT_READ;
+        }
+#endif
+        else {
+            error = SSL_FATAL_ERROR;
+        }
+    }
+    if (ret != SSL_SUCCESS)
+        err_sys("SSL_accept failed");
+}
+
+
+static void Usage(void)
+{
+    printf("server "    LIBCYASSL_VERSION_STRING
+           " NOTE: All files relative to CyaSSL home dir\n");
+    printf("-?          Help, print this usage\n");
+    printf("-p     Port to listen on, not 0, default %d\n", yasslPort);
+    printf("-v     SSL version [0-3], SSLv3(0) - TLS1.2(3)), default %d\n",
+                                 SERVER_DEFAULT_VERSION);
+    printf("-l     Cipher list\n");
+    printf("-c    Certificate file,           default %s\n", svrCert);
+    printf("-k    Key file,                   default %s\n", svrKey);
+    printf("-A    Certificate Authority file, default %s\n", cliCert);
+    printf("-d          Disable client cert check\n");
+    printf("-b          Bind to any interface instead of localhost only\n");
+    printf("-s          Use pre Shared keys\n");
+    printf("-t          Track CyaSSL memory use\n");
+    printf("-u          Use UDP DTLS,"
+           " add -v 2 for DTLSv1 (default), -v 3 for DTLSv1.2\n");
+    printf("-f          Fewer packets/group messages\n");
+    printf("-N          Use Non-blocking sockets\n");
+    printf("-S     Use Host Name Indication\n");
+#ifdef HAVE_OCSP
+    printf("-o          Perform OCSP lookup on peer certificate\n");
+    printf("-O     Perform OCSP lookup using  as responder\n");
+#endif
+#ifdef HAVE_PK_CALLBACKS 
+    printf("-P          Public Key Callbacks\n");
+#endif
+}
+
+THREAD_RETURN CYASSL_THREAD server_test(void* args)
+{
+    SOCKET_T sockfd   = 0;
+    SOCKET_T clientfd = 0;
+
+    SSL_METHOD* method = 0;
+    SSL_CTX*    ctx    = 0;
+    SSL*        ssl    = 0;
+
+    char   msg[] = "I hear you fa shizzle!";
+    char   input[80];
+    int    idx;
+    int    ch;
+    int    version = SERVER_DEFAULT_VERSION;
+    int    doCliCertCheck = 1;
+    int    useAnyAddr = 0;
+    word16 port = yasslPort;
+    int    usePsk = 0;
+    int    doDTLS = 0;
+    int    useNtruKey   = 0;
+    int    nonBlocking  = 0;
+    int    trackMemory  = 0;
+    int    fewerPackets = 0;
+    int    pkCallbacks  = 0;
+    char*  cipherList = NULL;
+    const char* verifyCert = cliCert;
+    const char* ourCert    = svrCert;
+    const char* ourKey     = svrKey;
+    int    argc = ((func_args*)args)->argc;
+    char** argv = ((func_args*)args)->argv;
+
+#ifdef HAVE_SNI
+    char*  sniHostName = NULL;
+#endif
+
+#ifdef HAVE_OCSP
+    int    useOcsp  = 0;
+    char*  ocspUrl  = NULL;
+#endif
+
+    ((func_args*)args)->return_code = -1; /* error state */
+
+#ifdef NO_RSA
+    verifyCert = (char*)cliEccCert;
+    ourCert    = (char*)eccCert;
+    ourKey     = (char*)eccKey;
+#endif
+    (void)trackMemory;
+    (void)pkCallbacks;
+
+    while ((ch = mygetopt(argc, argv, "?dbstnNufPp:v:l:A:c:k:S:oO:")) != -1) {
+        switch (ch) {
+            case '?' :
+                Usage();
+                exit(EXIT_SUCCESS);
+
+            case 'd' :
+                doCliCertCheck = 0;
+                break;
+
+            case 'b' :
+                useAnyAddr = 1;
+                break;
+
+            case 's' :
+                usePsk = 1;
+                break;
+
+            case 't' :
+            #ifdef USE_CYASSL_MEMORY
+                trackMemory = 1;
+            #endif
+                break;
+
+            case 'n' :
+                useNtruKey = 1;
+                break;
+
+            case 'u' :
+                doDTLS  = 1;
+                break;
+
+            case 'f' :
+                fewerPackets = 1;
+                break;
+
+            case 'P' :
+            #ifdef HAVE_PK_CALLBACKS 
+                pkCallbacks = 1;
+            #endif
+                break;
+
+            case 'p' :
+                port = (word16)atoi(myoptarg);
+                #if !defined(NO_MAIN_DRIVER) || defined(USE_WINDOWS_API)
+                    if (port == 0)
+                        err_sys("port number cannot be 0");
+                #endif
+                break;
+
+            case 'v' :
+                version = atoi(myoptarg);
+                if (version < 0 || version > 3) {
+                    Usage();
+                    exit(MY_EX_USAGE);
+                }
+                break;
+
+            case 'l' :
+                cipherList = myoptarg;
+                break;
+
+            case 'A' :
+                verifyCert = myoptarg;
+                break;
+
+            case 'c' :
+                ourCert = myoptarg;
+                break;
+
+            case 'k' :
+                ourKey = myoptarg;
+                break;
+
+            case 'N':
+                nonBlocking = 1;
+                break;
+
+            case 'S' :
+                #ifdef HAVE_SNI
+                    sniHostName = myoptarg;
+                #endif
+                break;
+
+            case 'o' :
+                #ifdef HAVE_OCSP
+                    useOcsp = 1;
+                #endif
+                break;
+
+            case 'O' :
+                #ifdef HAVE_OCSP
+                    useOcsp = 1;
+                    ocspUrl = myoptarg;
+                #endif
+                break;
+
+            default:
+                Usage();
+                exit(MY_EX_USAGE);
+        }
+    }
+
+    myoptind = 0;      /* reset for test cases */
+
+    /* sort out DTLS versus TLS versions */
+    if (version == CLIENT_INVALID_VERSION) {
+        if (doDTLS)
+            version = CLIENT_DTLS_DEFAULT_VERSION;
+        else
+            version = CLIENT_DEFAULT_VERSION;
+    }
+    else {
+        if (doDTLS) {
+            if (version == 3)
+                version = -2;
+            else
+                version = -1;
+        }
+    }
+
+#ifdef USE_CYASSL_MEMORY
+    if (trackMemory)
+        InitMemoryTracker(); 
+#endif
+
+    switch (version) {
+#ifndef NO_OLD_TLS
+        case 0:
+            method = SSLv3_server_method();
+            break;
+
+    #ifndef NO_TLS
+        case 1:
+            method = TLSv1_server_method();
+            break;
+
+
+        case 2:
+            method = TLSv1_1_server_method();
+            break;
+
+        #endif
+#endif
+
+#ifndef NO_TLS
+        case 3:
+            method = TLSv1_2_server_method();
+            break;
+#endif
+                
+#ifdef CYASSL_DTLS
+        case -1:
+            method = DTLSv1_server_method();
+            break;
+
+        case -2:
+            method = DTLSv1_2_server_method();
+            break;
+#endif
+
+        default:
+            err_sys("Bad SSL version");
+    }
+
+    if (method == NULL)
+        err_sys("unable to get method");
+
+    ctx = SSL_CTX_new(method);
+    if (ctx == NULL)
+        err_sys("unable to get ctx");
+
+    if (cipherList)
+        if (SSL_CTX_set_cipher_list(ctx, cipherList) != SSL_SUCCESS)
+            err_sys("server can't set cipher list 1");
+
+#ifdef CYASSL_LEANPSK
+    usePsk = 1;
+#endif
+
+#if defined(NO_RSA) && !defined(HAVE_ECC)
+    usePsk = 1;
+#endif
+
+    if (fewerPackets)
+        CyaSSL_CTX_set_group_messages(ctx);
+
+#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER)
+    SSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack);
+#endif
+
+#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS)
+    if (!usePsk) {
+        if (SSL_CTX_use_certificate_file(ctx, ourCert, SSL_FILETYPE_PEM)
+                                         != SSL_SUCCESS)
+            err_sys("can't load server cert file, check file and run from"
+                    " CyaSSL home dir");
+    }
+#endif
+
+#ifdef HAVE_NTRU
+    if (useNtruKey) {
+        if (CyaSSL_CTX_use_NTRUPrivateKey_file(ctx, ourKey)
+                                               != SSL_SUCCESS)
+            err_sys("can't load ntru key file, "
+                    "Please run from CyaSSL home dir");
+    }
+#endif
+
+#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS)
+    if (!useNtruKey && !usePsk) {
+        if (SSL_CTX_use_PrivateKey_file(ctx, ourKey, SSL_FILETYPE_PEM)
+                                         != SSL_SUCCESS)
+            err_sys("can't load server private key file, check file and run "
+                "from CyaSSL home dir");
+    }
+#endif
+
+    if (usePsk) {
+#ifndef NO_PSK
+        SSL_CTX_set_psk_server_callback(ctx, my_psk_server_cb);
+        SSL_CTX_use_psk_identity_hint(ctx, "cyassl server");
+        if (cipherList == NULL) {
+            const char *defaultCipherList;
+            #ifdef HAVE_NULL_CIPHER
+                defaultCipherList = "PSK-NULL-SHA256";
+            #else
+                defaultCipherList = "PSK-AES128-CBC-SHA256";
+            #endif
+            if (SSL_CTX_set_cipher_list(ctx, defaultCipherList) != SSL_SUCCESS)
+                err_sys("server can't set cipher list 2");
+        }
+#endif
+    }
+
+#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS)
+    /* if not using PSK, verify peer with certs */
+    if (doCliCertCheck && usePsk == 0) {
+        SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER |
+                                SSL_VERIFY_FAIL_IF_NO_PEER_CERT,0);
+        if (SSL_CTX_load_verify_locations(ctx, verifyCert, 0) != SSL_SUCCESS)
+            err_sys("can't load ca file, Please run from CyaSSL home dir");
+    }
+#endif
+
+#if defined(CYASSL_SNIFFER) && !defined(HAVE_NTRU) && !defined(HAVE_ECC)
+    /* don't use EDH, can't sniff tmp keys */
+    if (cipherList == NULL) {
+        if (SSL_CTX_set_cipher_list(ctx, "AES256-SHA256") != SSL_SUCCESS)
+            err_sys("server can't set cipher list 3");
+    }
+#endif
+
+#ifdef HAVE_SNI
+    if (sniHostName)
+        if (CyaSSL_CTX_UseSNI(ctx, CYASSL_SNI_HOST_NAME, sniHostName,
+                                           XSTRLEN(sniHostName)) != SSL_SUCCESS)
+            err_sys("UseSNI failed");
+#endif
+
+    ssl = SSL_new(ctx);
+    if (ssl == NULL)
+        err_sys("unable to get SSL");
+
+#ifdef HAVE_CRL
+    CyaSSL_EnableCRL(ssl, 0);
+    CyaSSL_LoadCRL(ssl, crlPemDir, SSL_FILETYPE_PEM, CYASSL_CRL_MONITOR |
+                                                     CYASSL_CRL_START_MON);
+    CyaSSL_SetCRL_Cb(ssl, CRL_CallBack);
+#endif
+#ifdef HAVE_OCSP
+    if (useOcsp) {
+        if (ocspUrl != NULL) {
+            CyaSSL_CTX_SetOCSP_OverrideURL(ctx, ocspUrl);
+            CyaSSL_CTX_EnableOCSP(ctx, CYASSL_OCSP_NO_NONCE
+                                                    | CYASSL_OCSP_URL_OVERRIDE);
+        }
+        else
+            CyaSSL_CTX_EnableOCSP(ctx, CYASSL_OCSP_NO_NONCE);
+    }
+#endif
+#ifdef HAVE_PK_CALLBACKS
+    if (pkCallbacks)
+        SetupPkCallbacks(ctx, ssl);
+#endif
+
+    tcp_accept(&sockfd, &clientfd, (func_args*)args, port, useAnyAddr, doDTLS,
+               0);
+    if (!doDTLS) 
+        CloseSocket(sockfd);
+
+    SSL_set_fd(ssl, clientfd);
+    if (usePsk == 0 || cipherList != NULL) {
+        #if !defined(NO_FILESYSTEM) && !defined(NO_DH)
+            CyaSSL_SetTmpDH_file(ssl, dhParam, SSL_FILETYPE_PEM);
+        #elif !defined(NO_DH)
+            SetDH(ssl);  /* repick suites with DHE, higher priority than PSK */
+        #endif
+    }
+
+#ifndef CYASSL_CALLBACKS
+    if (nonBlocking) {
+        CyaSSL_set_using_nonblock(ssl, 1);
+        tcp_set_nonblocking(&clientfd);
+        NonBlockingSSL_Accept(ssl);
+    } else if (SSL_accept(ssl) != SSL_SUCCESS) {
+        int err = SSL_get_error(ssl, 0);
+        char buffer[CYASSL_MAX_ERROR_SZ];
+        printf("error = %d, %s\n", err, ERR_error_string(err, buffer));
+        err_sys("SSL_accept failed");
+    }
+#else
+    NonBlockingSSL_Accept(ssl);
+#endif
+    showPeer(ssl);
+
+    idx = SSL_read(ssl, input, sizeof(input)-1);
+    if (idx > 0) {
+        input[idx] = 0;
+        printf("Client message: %s\n", input);
+
+    }
+    else if (idx < 0) {
+        int readErr = SSL_get_error(ssl, 0);
+        if (readErr != SSL_ERROR_WANT_READ)
+            err_sys("SSL_read failed");
+    }
+
+    if (SSL_write(ssl, msg, sizeof(msg)) != sizeof(msg))
+        err_sys("SSL_write failed");
+        
+    #if defined(CYASSL_MDK_SHELL) && defined(HAVE_MDK_RTX)
+        os_dly_wait(500) ;
+    #endif
+
+    SSL_shutdown(ssl);
+    SSL_free(ssl);
+    SSL_CTX_free(ctx);
+    
+    CloseSocket(clientfd);
+    ((func_args*)args)->return_code = 0;
+
+#ifdef USE_CYASSL_MEMORY
+    if (trackMemory)
+        ShowMemoryTracker();
+#endif /* USE_CYASSL_MEMORY */
+
+    return 0;
+}
+
+
+/* so overall tests can pull in test function */
+#ifndef NO_MAIN_DRIVER
+
+    int main(int argc, char** argv)
+    {
+        func_args args;
+
+#ifdef HAVE_CAVIUM
+        int ret = OpenNitroxDevice(CAVIUM_DIRECT, CAVIUM_DEV_ID);
+        if (ret != 0)
+            err_sys("Cavium OpenNitroxDevice failed");
+#endif /* HAVE_CAVIUM */
+
+        StartTCP();
+
+        args.argc = argc;
+        args.argv = argv;
+
+        CyaSSL_Init();
+#if defined(DEBUG_CYASSL) && !defined(CYASSL_MDK_SHELL)
+        CyaSSL_Debugging_ON();
+#endif
+        if (CurrentDir("server"))
+            ChangeDirBack(2);
+        else if (CurrentDir("Debug") || CurrentDir("Release"))
+            ChangeDirBack(3);
+   
+#ifdef HAVE_STACK_SIZE
+        StackSizeCheck(&args, server_test);
+#else 
+        server_test(&args);
+#endif
+        CyaSSL_Cleanup();
+
+#ifdef HAVE_CAVIUM
+        CspShutdown(CAVIUM_DEV_ID);
+#endif
+        return args.return_code;
+    }
+
+    int myoptind = 0;
+    char* myoptarg = NULL;
+
+#endif /* NO_MAIN_DRIVER */
+
+
+#ifdef CYASSL_CALLBACKS
+
+    int srvHandShakeCB(HandShakeInfo* info)
+    {
+        (void)info;
+        return 0;
+    }
+
+
+    int srvTimeoutCB(TimeoutInfo* info)
+    {
+        (void)info;
+        return 0;
+    }
+
+#endif
+
diff --git a/3P/wolfssl/IDE/MDK5-ARM/Projects/SimpleServer/time-dummy.c b/3P/wolfssl/IDE/MDK5-ARM/Projects/SimpleServer/time-dummy.c
new file mode 100644
index 00000000..8f98da46
--- /dev/null
+++ b/3P/wolfssl/IDE/MDK5-ARM/Projects/SimpleServer/time-dummy.c
@@ -0,0 +1,34 @@
+/* time-dummy.c.c
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+ 
+#ifdef HAVE_CONFIG_H
+    #include 
+#endif
+
+#include "time.h"
+
+struct tm *Cyassl_MDK_gmtime(const time_t *c) 
+{ 
+    static struct tm date ; 
+    return(&date) ;
+}
+
+time_t time(time_t * t) { return 0 ; }
diff --git a/3P/wolfssl/IDE/MDK5-ARM/Src/cert_data.c b/3P/wolfssl/IDE/MDK5-ARM/Src/cert_data.c
new file mode 100644
index 00000000..d6cef016
--- /dev/null
+++ b/3P/wolfssl/IDE/MDK5-ARM/Src/cert_data.c
@@ -0,0 +1,28 @@
+/* certs_test.c
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+#ifdef HAVE_CONFIG_H
+    #include 
+#endif
+
+/* Define initial data for cert buffers */
+#include 
+
diff --git a/3P/wolfssl/IDE/MDK5-ARM/Src/cyassl_MDK_ARM.c b/3P/wolfssl/IDE/MDK5-ARM/Src/cyassl_MDK_ARM.c
new file mode 100644
index 00000000..5a2776cc
--- /dev/null
+++ b/3P/wolfssl/IDE/MDK5-ARM/Src/cyassl_MDK_ARM.c
@@ -0,0 +1,247 @@
+/* cyassl_KEIL_RL.c
+    *
+    * Copyright (C) 2006-2015 wolfSSL Inc.
+    *
+    * This file is part of wolfSSL. (formerly known as CyaSSL)
+    *
+    * wolfSSL is free software; you can redistribute it and/or modify
+    * it under the terms of the GNU General Public License as published by
+    * the Free Software Foundation; either version 2 of the License, or
+    * (at your option) any later version.
+    *
+    * wolfSSL is distributed in the hope that it will be useful,
+    * but WITHOUT ANY WARRANTY; without even the implied warranty of
+    * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+    * GNU General Public License for more details.
+    *
+    * You should have received a copy of the GNU General Public License
+    * along with this program; if not, write to the Free Software
+    * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+    */
+
+
+/***************************************************************************************/
+/**   This file is for defining functions for specific to KEIL-RL.                **/
+/***************************************************************************************/
+#ifdef HAVE_CONFIG_H
+    #include 
+#endif
+
+#include 
+#if defined (CYASSL_MDK5)
+    #include "cmsis_os.h"
+    #if defined(CYASSL_KEIL_TCP_NET)
+        #include "rl_net.h"
+    #endif
+#else
+    #include 
+#endif
+
+#include "cyassl_MDK_ARM.h"
+
+#include 
+#include 
+
+#if defined (CYASSL_CMSIS_RTOS)
+        #define os_dly_wait(t)    osDelay(10*t)
+#endif
+
+
+/** KEIL-RL TCPnet ****/
+/** TCPnet BSD socket does not have following functions. **/
+
+#if defined(CYASSL_KEIL_TCP_NET)
+char *inet_ntoa(struct in_addr in) 
+{
+    #define NAMESIZE 16
+    static char name[NAMESIZE] ;
+    sprintf(name, "%d.%d.%d.%d", (in.s_addr>>24)&0xff, (in.s_addr>>16)&0xff, (in.s_addr>>8)&0xff, in.s_addr&0xff) ;
+    return name ;
+}
+
+unsigned long inet_addr(const char *cp)
+{
+    unsigned int a[4] ; unsigned long ret ;
+    sscanf(cp, "%d.%d.%d.%d", &a[0], &a[1], &a[2], &a[3]) ;
+    ret = ((a[3]<<24) + (a[2]<<16) + (a[1]<<8) + a[0]) ;
+    return(ret) ;
+}
+
+
+/*** tcp_connect is actually associated with following syassl_tcp_connect. ***/
+int Cyassl_connect(int sd, const  struct sockaddr* sa, int sz) 
+{
+    int ret = 0 ;
+    #if defined(CYASSL_KEIL_TCP_NET)  
+    
+    SOCKADDR_IN addr ;
+
+    addr = *(SOCKADDR_IN *)sa ;
+
+    do {
+        #undef connect  /* Go to KEIL TCPnet connect */
+        ret = connect(sd, (SOCKADDR *)&addr, sizeof(addr)) ;
+        os_dly_wait(50);
+    } while(ret == SCK_EWOULDBLOCK) ;
+    #ifdef DEBUG_CYASSL
+    { 
+        char msg[50] ;
+        sprintf(msg, "BSD Connect return code: %d\n", ret) ;
+        CYASSL_MSG(msg) ;
+    }
+    #endif
+    
+    #endif /* CYASSL_KEIL_TCP_NET */
+    return(ret ) ;
+}
+
+
+int Cyassl_accept(int sd, struct sockaddr *addr, int *addrlen) 
+{
+    int ret = 0 ;
+
+    #if defined(CYASSL_KEIL_TCP_NET)
+    while(1) {
+        #undef accept  /* Go to KEIL TCPnet accept */
+        ret = accept(sd, addr,  addrlen) ;
+        if(ret != SCK_EWOULDBLOCK) break ;
+        os_dly_wait(1);
+    } 
+    #ifdef DEBUG_CYASSL
+    {
+        char msg[50] ;
+        sprintf(msg, "BSD Accept return code: %d\n", ret) ;
+        CYASSL_MSG(msg) ;   
+    }
+    #endif
+    
+    #endif /* CYASSL_KEIL_TCP_NET */
+    return(ret ) ;
+
+}
+    
+int Cyassl_recv(int sd, void *buf, size_t len, int flags) 
+{
+    int ret  = 0;
+    #if defined(CYASSL_KEIL_TCP_NET)  
+    while(1) {
+        #undef recv  /* Go to KEIL TCPnet recv */
+        ret = recv(sd, buf, len,  flags) ;
+        if((ret != SCK_EWOULDBLOCK) &&( ret != SCK_ETIMEOUT)) break ;
+        os_dly_wait(1);
+    }
+    #ifdef DEBUG_CYASSL
+    {       
+        char msg[50] ;
+        sprintf(msg, "BSD Recv return code: %d\n", ret) ;
+        CYASSL_MSG(msg) ;   
+    }
+    #endif
+
+    #endif  /* CYASSL_KEIL_TCP_NET */
+    return(ret ) ;
+}
+
+int Cyassl_send(int sd, const void *buf, size_t len, int flags) 
+{
+    int  ret = 0 ;
+
+    #if defined(CYASSL_KEIL_TCP_NET)  
+    while(1) {
+    #undef send  /* Go to KEIL TCPnet send */
+        ret = send(sd, buf, len,  flags) ;
+        if(ret != SCK_EWOULDBLOCK) break ;
+        os_dly_wait(1);
+    } 
+    #ifdef DEBUG_CYASSL
+    {
+        char msg[50] ;
+        sprintf(msg, "BSD Send return code: %d\n", ret) ;
+        CYASSL_MSG(msg) ;   
+    }
+    #endif
+
+#endif  /* CYASSL_KEIL_TCP_NET */
+    return(ret) ;
+
+}
+
+#endif /* CYASSL_KEIL_TCP_NET */
+
+#if defined(CYASSL_KEIL_TCP_NET)  
+void Cyassl_sleep(int t) 
+{
+    #if defined(HAVE_KEIL_RTX)
+    os_dly_wait(t/1000+1) ;
+    #endif
+}
+
+int Cyassl_tcp_select(int sd, int timeout) 
+{
+    
+    return 0 ;
+    
+}
+#endif
+
+extern int strlen(const char *s) ;
+
+FILE * CyaSSL_fopen(const char *name, const char *openmode) 
+{
+    int i ;  FILE * ret ;
+    #define PATHSIZE 100
+    char path[PATHSIZE] ; char *p ;
+    
+    if(strlen(name) > PATHSIZE)return(NULL) ;
+    
+    for(i = 0; i<= strlen(name); i++) {
+        if(name[i] == '/')path[i] = '\\' ;
+        else              path[i] = name[i] ;
+    }       
+    if(path[0] == '.' && path[1] == '\\') p = path + 2 ;
+    else                                  p = path ;
+
+    ret = fopen (p, openmode) ;
+    
+    return(ret) ;
+}
+
+#if defined (CYASSL_MDK5)
+#define getkey getchar
+#define sendchar putchar
+#else
+extern int getkey(void) ;
+extern int sendchar(int c) ;
+#endif
+
+char * Cyassl_fgets ( char * str, int num, FILE * f ) 
+{
+    int i ;
+    
+    for(i = 0 ; i< num ; i++) {
+            while((str[i] = getkey()) == 0) {
+            #if defined (HAVE_KEIL_RTX) && !defined(CYASSL_CMSIS_RTOS)
+                os_tsk_pass ();
+            #else 
+                osThreadYield ();
+            #endif
+        }
+        if(str[i] == '\n' || str[i] == '\012' || str[i] == '\015')  {
+            sendchar('\n') ;
+            str[i++] = '\n' ; 
+            str[i] = '\0' ; 
+            break ;
+        } else if(str[i] == '\010') { /* BS */
+            if(i) { /* erace one char */
+                sendchar('\010') ; sendchar(' ') ; sendchar('\010') ; 
+                i = (i>0 ? (i-2) : -1 ) ;
+                continue ;
+            } 
+        } else if(str[i] == '\033'  || str[i] == '\004' ) {  /* ESC or ^D */
+            str[i] = '\0' ;
+            return(0) ;
+        }
+        sendchar(str[i]) ;
+    }
+    return(str) ;
+}
diff --git a/3P/wolfssl/IDE/MDK5-ARM/Src/ssl-dummy.c b/3P/wolfssl/IDE/MDK5-ARM/Src/ssl-dummy.c
new file mode 100644
index 00000000..1ddc843e
--- /dev/null
+++ b/3P/wolfssl/IDE/MDK5-ARM/Src/ssl-dummy.c
@@ -0,0 +1,52 @@
+/* ssl-dummy.c
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+#ifdef HAVE_CONFIG_H
+    #include 
+#endif
+
+#include 
+#include 
+
+Signer* GetCA(void* vp, byte* hash) 
+{ 
+    return NULL  ;
+}
+
+int CyaSSL_dtls(CYASSL* ssl)
+{
+    return NULL ;
+}
+
+int CyaSSL_get_using_nonblock(CYASSL* ssl)
+{
+    return NULL ;
+}
+
+Signer* GetCAByName(void* vp, byte* hash)
+{
+    return NULL ;
+}
+
+int CyaSSL_PemCertToDer(const char* fileName, unsigned char* derBuf, int derSz) 
+{
+        return NULL ;
+}
diff --git a/3P/wolfssl/IDE/iOS/README.md b/3P/wolfssl/IDE/iOS/README.md
new file mode 100644
index 00000000..0c20d3fa
--- /dev/null
+++ b/3P/wolfssl/IDE/iOS/README.md
@@ -0,0 +1,82 @@
+# wolfSSL and wolfCrypt iOS Xcode Projects
+
+This directory contains two xcodeproj:
+
+1. `wolfssl.xcodeproj` -- builds wolfSSL and wolfCrypt
+2. `wolfssl-FIPS.xcodeproj` -- builds wolfSSL and wolfCrypt-FIPS if available
+
+Both projects will build the library `libwolfssl.a` and produce a directory
+named `include` with the wolfSSL and wolfCrypt headers, and the CyaSSL and
+CtaoCrypt compatibility headers. Specific build options may be added to the
+`IPHONE` section of the file `wolfssl/wolfcrypt/settings.h`.
+
+## wolfSSL
+
+This project should build wolfSSL and wolfCrypt using the default settings.
+
+## wolfSSL-FIPS
+
+To use the FIPS version, one must have the FIPS sources. The project won't
+build without them. Please contact info@wolfssl.com for more information about
+wolfCrypt with FIPS.
+
+By default, this builds the wolfSSL and wolfCrypt with FIPS library. The default
+configuration enables the settings required for FIPS. Others may be turned on.
+The project also ensures the FIPS related objects are linked in the proper
+order.
+
+
+# Building libwolfssl.a
+
+## Debug build
+
+## Release build
+
+A release build requires an Apple Developer account, as far as I can tell. I
+have not tried this yet.
+
+
+# Installing libwolfssl.a
+
+Simply drag the file libwolfssl.a and the directory `include` and drop it into
+your project file list pane where it makes sense for you. Allow it to copy the
+files over to the project directory. This should automatically add the library
+to the list of libraries to link against.
+
+Click on your project target, then the "Build Phases" tab. On the targets list
+click your target. Click the disclosure triangle on the section "Link Binary
+With Libraries" and verify libwolfssl.a is in the list. If not, click the "+",
+and on the "Choose framworks and libraries to add:" dialog, click the
+button "Add other..." then find the file libwolfssl.a.
+
+Click on the "Build Settings" tab. Scroll down to the section "Search Paths".
+Add the path to the include directory to the list "Header Search Paths".
+
+
+## When using FIPS
+
+When using the FIPS version, on the target window, in the "Build Settings" tab,
+scroll down to the "Apple LLVM 6.0 - Preprocessing" section. Open the disclosure
+for "Preprocessor Macros" and add the following under both `Release` and
+`Debug`:
+
+* `IPHONE`
+* `HAVE_FIPS`
+* `HAVE_HASHDRBG`
+* `HAVE_AESGCM`
+* `WOLFSSL_SHA512`
+* `WOLFSSL_SHA384`
+* `NO_PWDBASED` -- for now, can drop later
+
+
+# Using the FIPS library
+
+The FIPS library contains a self-check verify hash. Normally, on the desktop or
+server build, the library is built as a dynamic library. The library looks the
+same to every application that builds against it, and can be verified. For
+static libraries, when linking into your application, the addresses are all
+fixed, and the verify checksum becomes unusable. iOS does not allow dynamic
+libraries like this, so static builds are required. This creates a problem.
+Every time the application is changed, the FIPS checksum will change, because
+the FIPS library's position in the executable may change.
+
diff --git a/3P/wolfssl/IDE/iOS/wolfssl-FIPS.xcodeproj/project.pbxproj b/3P/wolfssl/IDE/iOS/wolfssl-FIPS.xcodeproj/project.pbxproj
new file mode 100644
index 00000000..001bdf15
--- /dev/null
+++ b/3P/wolfssl/IDE/iOS/wolfssl-FIPS.xcodeproj/project.pbxproj
@@ -0,0 +1,983 @@
+// !$*UTF8*$!
+{
+	archiveVersion = 1;
+	classes = {
+	};
+	objectVersion = 46;
+	objects = {
+
+/* Begin PBXBuildFile section */
+		521646091A89928E0062516A /* crl.c in Sources */ = {isa = PBXBuildFile; fileRef = 521646011A89928E0062516A /* crl.c */; };
+		5216460A1A89928E0062516A /* internal.c in Sources */ = {isa = PBXBuildFile; fileRef = 521646021A89928E0062516A /* internal.c */; };
+		5216460B1A89928E0062516A /* io.c in Sources */ = {isa = PBXBuildFile; fileRef = 521646031A89928E0062516A /* io.c */; };
+		5216460C1A89928E0062516A /* keys.c in Sources */ = {isa = PBXBuildFile; fileRef = 521646041A89928E0062516A /* keys.c */; };
+		5216460D1A89928E0062516A /* ocsp.c in Sources */ = {isa = PBXBuildFile; fileRef = 521646051A89928E0062516A /* ocsp.c */; };
+		5216460E1A89928E0062516A /* sniffer.c in Sources */ = {isa = PBXBuildFile; fileRef = 521646061A89928E0062516A /* sniffer.c */; };
+		5216460F1A89928E0062516A /* ssl.c in Sources */ = {isa = PBXBuildFile; fileRef = 521646071A89928E0062516A /* ssl.c */; };
+		521646101A89928E0062516A /* tls.c in Sources */ = {isa = PBXBuildFile; fileRef = 521646081A89928E0062516A /* tls.c */; };
+		521646321A8992CC0062516A /* aes.c in Sources */ = {isa = PBXBuildFile; fileRef = 521646111A8992CC0062516A /* aes.c */; };
+		521646331A8992CC0062516A /* arc4.c in Sources */ = {isa = PBXBuildFile; fileRef = 521646121A8992CC0062516A /* arc4.c */; };
+		521646341A8992CC0062516A /* asn.c in Sources */ = {isa = PBXBuildFile; fileRef = 521646131A8992CC0062516A /* asn.c */; };
+		521646351A8992CC0062516A /* blake2b.c in Sources */ = {isa = PBXBuildFile; fileRef = 521646141A8992CC0062516A /* blake2b.c */; };
+		521646361A8992CC0062516A /* camellia.c in Sources */ = {isa = PBXBuildFile; fileRef = 521646151A8992CC0062516A /* camellia.c */; };
+		521646371A8992CC0062516A /* chacha.c in Sources */ = {isa = PBXBuildFile; fileRef = 521646161A8992CC0062516A /* chacha.c */; };
+		521646381A8992CC0062516A /* coding.c in Sources */ = {isa = PBXBuildFile; fileRef = 521646171A8992CC0062516A /* coding.c */; };
+		521646391A8992CC0062516A /* des3.c in Sources */ = {isa = PBXBuildFile; fileRef = 521646181A8992CC0062516A /* des3.c */; };
+		5216463A1A8992CC0062516A /* dh.c in Sources */ = {isa = PBXBuildFile; fileRef = 521646191A8992CC0062516A /* dh.c */; };
+		5216463B1A8992CC0062516A /* dsa.c in Sources */ = {isa = PBXBuildFile; fileRef = 5216461A1A8992CC0062516A /* dsa.c */; };
+		5216463C1A8992CC0062516A /* ecc.c in Sources */ = {isa = PBXBuildFile; fileRef = 5216461B1A8992CC0062516A /* ecc.c */; };
+		5216463D1A8992CC0062516A /* error.c in Sources */ = {isa = PBXBuildFile; fileRef = 5216461C1A8992CC0062516A /* error.c */; };
+		5216463E1A8992CC0062516A /* hc128.c in Sources */ = {isa = PBXBuildFile; fileRef = 5216461D1A8992CC0062516A /* hc128.c */; };
+		5216463F1A8992CC0062516A /* hmac.c in Sources */ = {isa = PBXBuildFile; fileRef = 5216461E1A8992CC0062516A /* hmac.c */; };
+		521646401A8992CC0062516A /* integer.c in Sources */ = {isa = PBXBuildFile; fileRef = 5216461F1A8992CC0062516A /* integer.c */; };
+		521646411A8992CC0062516A /* logging.c in Sources */ = {isa = PBXBuildFile; fileRef = 521646201A8992CC0062516A /* logging.c */; };
+		521646421A8992CC0062516A /* md2.c in Sources */ = {isa = PBXBuildFile; fileRef = 521646211A8992CC0062516A /* md2.c */; };
+		521646431A8992CC0062516A /* md4.c in Sources */ = {isa = PBXBuildFile; fileRef = 521646221A8992CC0062516A /* md4.c */; };
+		521646441A8992CC0062516A /* md5.c in Sources */ = {isa = PBXBuildFile; fileRef = 521646231A8992CC0062516A /* md5.c */; };
+		521646451A8992CC0062516A /* memory.c in Sources */ = {isa = PBXBuildFile; fileRef = 521646241A8992CC0062516A /* memory.c */; };
+		521646461A8992CC0062516A /* misc.c in Sources */ = {isa = PBXBuildFile; fileRef = 521646251A8992CC0062516A /* misc.c */; };
+		521646471A8992CC0062516A /* pkcs7.c in Sources */ = {isa = PBXBuildFile; fileRef = 521646261A8992CC0062516A /* pkcs7.c */; };
+		521646481A8992CC0062516A /* poly1305.c in Sources */ = {isa = PBXBuildFile; fileRef = 521646271A8992CC0062516A /* poly1305.c */; };
+		521646491A8992CC0062516A /* pwdbased.c in Sources */ = {isa = PBXBuildFile; fileRef = 521646281A8992CC0062516A /* pwdbased.c */; };
+		5216464A1A8992CC0062516A /* rabbit.c in Sources */ = {isa = PBXBuildFile; fileRef = 521646291A8992CC0062516A /* rabbit.c */; };
+		5216464B1A8992CC0062516A /* random.c in Sources */ = {isa = PBXBuildFile; fileRef = 5216462A1A8992CC0062516A /* random.c */; };
+		5216464C1A8992CC0062516A /* ripemd.c in Sources */ = {isa = PBXBuildFile; fileRef = 5216462B1A8992CC0062516A /* ripemd.c */; };
+		5216464D1A8992CC0062516A /* rsa.c in Sources */ = {isa = PBXBuildFile; fileRef = 5216462C1A8992CC0062516A /* rsa.c */; };
+		5216464E1A8992CC0062516A /* sha.c in Sources */ = {isa = PBXBuildFile; fileRef = 5216462D1A8992CC0062516A /* sha.c */; };
+		5216464F1A8992CC0062516A /* sha256.c in Sources */ = {isa = PBXBuildFile; fileRef = 5216462E1A8992CC0062516A /* sha256.c */; };
+		521646501A8992CC0062516A /* sha512.c in Sources */ = {isa = PBXBuildFile; fileRef = 5216462F1A8992CC0062516A /* sha512.c */; };
+		521646511A8992CC0062516A /* tfm.c in Sources */ = {isa = PBXBuildFile; fileRef = 521646301A8992CC0062516A /* tfm.c */; };
+		521646521A8992CC0062516A /* wc_port.c in Sources */ = {isa = PBXBuildFile; fileRef = 521646311A8992CC0062516A /* wc_port.c */; };
+		521646C41A8A7FE10062516A /* callbacks.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646531A8993290062516A /* callbacks.h */; };
+		521646C51A8A7FE10062516A /* certs_test.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646541A8993290062516A /* certs_test.h */; };
+		521646C61A8A7FE10062516A /* crl.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646551A8993290062516A /* crl.h */; };
+		521646C71A8A7FE10062516A /* error-ssl.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646561A8993290062516A /* error-ssl.h */; };
+		521646C81A8A7FE10062516A /* internal.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646571A8993290062516A /* internal.h */; };
+		521646C91A8A7FE10062516A /* ocsp.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646581A8993290062516A /* ocsp.h */; };
+		521646CA1A8A7FE10062516A /* ssl.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216465B1A8993290062516A /* ssl.h */; };
+		521646CB1A8A7FE10062516A /* test.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216465C1A8993290062516A /* test.h */; };
+		521646CC1A8A7FE10062516A /* version.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216465D1A8993290062516A /* version.h */; };
+		521646CD1A8A7FF30062516A /* aes.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216465E1A8993770062516A /* aes.h */; };
+		521646CE1A8A7FF30062516A /* arc4.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216465F1A8993770062516A /* arc4.h */; };
+		521646CF1A8A7FF30062516A /* asn_public.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646601A8993770062516A /* asn_public.h */; };
+		521646D01A8A7FF30062516A /* asn.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646611A8993770062516A /* asn.h */; };
+		521646D11A8A7FF30062516A /* blake2-impl.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646621A8993770062516A /* blake2-impl.h */; };
+		521646D21A8A7FF30062516A /* blake2-int.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646631A8993770062516A /* blake2-int.h */; };
+		521646D31A8A7FF30062516A /* blake2.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646641A8993770062516A /* blake2.h */; };
+		521646D41A8A7FF30062516A /* camellia.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646651A8993770062516A /* camellia.h */; };
+		521646D51A8A7FF30062516A /* chacha.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646661A8993770062516A /* chacha.h */; };
+		521646D61A8A7FF30062516A /* coding.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646671A8993770062516A /* coding.h */; };
+		521646D71A8A7FF30062516A /* compress.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646681A8993770062516A /* compress.h */; };
+		521646D81A8A7FF30062516A /* des3.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646691A8993770062516A /* des3.h */; };
+		521646D91A8A7FF30062516A /* dh.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216466A1A8993770062516A /* dh.h */; };
+		521646DA1A8A7FF30062516A /* dsa.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216466B1A8993770062516A /* dsa.h */; };
+		521646DB1A8A7FF30062516A /* ecc.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216466C1A8993770062516A /* ecc.h */; };
+		521646DC1A8A7FF30062516A /* error-crypt.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216466D1A8993770062516A /* error-crypt.h */; };
+		521646DD1A8A7FF30062516A /* fips_test.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216466E1A8993770062516A /* fips_test.h */; };
+		521646DE1A8A7FF30062516A /* hc128.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216466F1A8993770062516A /* hc128.h */; };
+		521646DF1A8A7FF30062516A /* hmac.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646701A8993770062516A /* hmac.h */; };
+		521646E01A8A7FF30062516A /* integer.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646721A8993770062516A /* integer.h */; };
+		521646E11A8A7FF30062516A /* logging.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646731A8993770062516A /* logging.h */; };
+		521646E21A8A7FF30062516A /* md2.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646741A8993770062516A /* md2.h */; };
+		521646E31A8A7FF30062516A /* md4.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646751A8993770062516A /* md4.h */; };
+		521646E41A8A7FF30062516A /* md5.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646761A8993770062516A /* md5.h */; };
+		521646E51A8A7FF30062516A /* memory.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646771A8993770062516A /* memory.h */; };
+		521646E61A8A7FF30062516A /* misc.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646781A8993770062516A /* misc.h */; };
+		521646E71A8A7FF30062516A /* mpi_class.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646791A8993770062516A /* mpi_class.h */; };
+		521646E81A8A7FF30062516A /* mpi_superclass.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216467A1A8993770062516A /* mpi_superclass.h */; };
+		521646E91A8A7FF30062516A /* pkcs7.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216467B1A8993770062516A /* pkcs7.h */; };
+		521646EA1A8A7FF30062516A /* poly1305.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216467C1A8993770062516A /* poly1305.h */; };
+		521646EB1A8A7FF30062516A /* pwdbased.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216467D1A8993770062516A /* pwdbased.h */; };
+		521646EC1A8A7FF30062516A /* rabbit.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216467E1A8993770062516A /* rabbit.h */; };
+		521646ED1A8A7FF30062516A /* random.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216467F1A8993770062516A /* random.h */; };
+		521646EE1A8A7FF30062516A /* ripemd.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646801A8993770062516A /* ripemd.h */; };
+		521646EF1A8A7FF30062516A /* rsa.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646811A8993770062516A /* rsa.h */; };
+		521646F01A8A7FF30062516A /* settings.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646821A8993770062516A /* settings.h */; };
+		521646F11A8A7FF30062516A /* sha.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646831A8993770062516A /* sha.h */; };
+		521646F21A8A7FF30062516A /* sha256.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646841A8993770062516A /* sha256.h */; };
+		521646F31A8A7FF30062516A /* sha512.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646851A8993770062516A /* sha512.h */; };
+		521646F41A8A7FF30062516A /* tfm.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646861A8993770062516A /* tfm.h */; };
+		521646F51A8A7FF30062516A /* types.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646871A8993770062516A /* types.h */; };
+		521646F61A8A7FF30062516A /* visibility.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646881A8993770062516A /* visibility.h */; };
+		521646F71A8A7FF30062516A /* wc_port.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646891A8993770062516A /* wc_port.h */; };
+		521646F81A8A80030062516A /* callbacks.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216468A1A8993BB0062516A /* callbacks.h */; };
+		521646F91A8A80030062516A /* certs_test.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216468B1A8993BB0062516A /* certs_test.h */; };
+		521646FA1A8A80030062516A /* crl.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216468C1A8993BB0062516A /* crl.h */; };
+		521646FB1A8A80030062516A /* error-ssl.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216468D1A8993BB0062516A /* error-ssl.h */; };
+		521646FC1A8A80030062516A /* internal.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216468E1A8993BB0062516A /* internal.h */; };
+		521646FD1A8A80030062516A /* ocsp.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216468F1A8993BB0062516A /* ocsp.h */; };
+		521646FE1A8A80030062516A /* ssl.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646921A8993BB0062516A /* ssl.h */; };
+		521646FF1A8A80030062516A /* test.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646931A8993BB0062516A /* test.h */; };
+		521647001A8A80030062516A /* version.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646941A8993BB0062516A /* version.h */; };
+		521647011A8A80100062516A /* aes.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646951A8993F50062516A /* aes.h */; };
+		521647021A8A80100062516A /* arc4.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646961A8993F50062516A /* arc4.h */; };
+		521647031A8A80100062516A /* asn_public.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646971A8993F50062516A /* asn_public.h */; };
+		521647041A8A80100062516A /* asn.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646981A8993F50062516A /* asn.h */; };
+		521647051A8A80100062516A /* blake2-impl.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646991A8993F50062516A /* blake2-impl.h */; };
+		521647061A8A80100062516A /* blake2-int.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216469A1A8993F50062516A /* blake2-int.h */; };
+		521647071A8A80100062516A /* blake2.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216469B1A8993F50062516A /* blake2.h */; };
+		521647081A8A80100062516A /* camellia.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216469C1A8993F50062516A /* camellia.h */; };
+		521647091A8A80100062516A /* chacha.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216469D1A8993F50062516A /* chacha.h */; };
+		5216470A1A8A80100062516A /* coding.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216469E1A8993F50062516A /* coding.h */; };
+		5216470B1A8A80100062516A /* compress.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216469F1A8993F50062516A /* compress.h */; };
+		5216470C1A8A80100062516A /* des3.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A01A8993F50062516A /* des3.h */; };
+		5216470D1A8A80100062516A /* dh.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A11A8993F50062516A /* dh.h */; };
+		5216470E1A8A80100062516A /* dsa.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A21A8993F50062516A /* dsa.h */; };
+		5216470F1A8A80100062516A /* ecc.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A31A8993F50062516A /* ecc.h */; };
+		521647101A8A80100062516A /* error-crypt.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A41A8993F50062516A /* error-crypt.h */; };
+		521647111A8A80100062516A /* fips_test.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A51A8993F50062516A /* fips_test.h */; };
+		521647121A8A80100062516A /* hc128.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A61A8993F50062516A /* hc128.h */; };
+		521647131A8A80100062516A /* hmac.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A71A8993F50062516A /* hmac.h */; };
+		521647141A8A80100062516A /* integer.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A81A8993F50062516A /* integer.h */; };
+		521647151A8A80100062516A /* logging.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A91A8993F50062516A /* logging.h */; };
+		521647161A8A80100062516A /* md2.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646AA1A8993F50062516A /* md2.h */; };
+		521647171A8A80100062516A /* md4.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646AB1A8993F50062516A /* md4.h */; };
+		521647181A8A80100062516A /* md5.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646AC1A8993F50062516A /* md5.h */; };
+		521647191A8A80100062516A /* memory.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646AD1A8993F50062516A /* memory.h */; };
+		5216471A1A8A80100062516A /* misc.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646AE1A8993F50062516A /* misc.h */; };
+		5216471B1A8A80100062516A /* mpi_class.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646AF1A8993F50062516A /* mpi_class.h */; };
+		5216471C1A8A80100062516A /* mpi_superclass.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B01A8993F50062516A /* mpi_superclass.h */; };
+		5216471D1A8A80100062516A /* pkcs7.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B11A8993F50062516A /* pkcs7.h */; };
+		5216471E1A8A80100062516A /* poly1305.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B21A8993F50062516A /* poly1305.h */; };
+		5216471F1A8A80100062516A /* pwdbased.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B31A8993F50062516A /* pwdbased.h */; };
+		521647201A8A80100062516A /* rabbit.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B41A8993F50062516A /* rabbit.h */; };
+		521647211A8A80100062516A /* random.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B51A8993F50062516A /* random.h */; };
+		521647221A8A80100062516A /* ripemd.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B61A8993F50062516A /* ripemd.h */; };
+		521647231A8A80100062516A /* rsa.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B71A8993F50062516A /* rsa.h */; };
+		521647241A8A80100062516A /* settings_comp.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B81A8993F50062516A /* settings_comp.h */; };
+		521647251A8A80100062516A /* settings.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B91A8993F50062516A /* settings.h */; };
+		521647261A8A80100062516A /* sha.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646BA1A8993F50062516A /* sha.h */; };
+		521647271A8A80100062516A /* sha256.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646BB1A8993F50062516A /* sha256.h */; };
+		521647281A8A80100062516A /* sha512.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646BC1A8993F50062516A /* sha512.h */; };
+		521647291A8A80100062516A /* tfm.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646BD1A8993F50062516A /* tfm.h */; };
+		5216472A1A8A80100062516A /* types.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646BE1A8993F50062516A /* types.h */; };
+		5216472B1A8A80100062516A /* visibility.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646BF1A8993F50062516A /* visibility.h */; };
+		5216472C1A8A80100062516A /* wc_port.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646C01A8993F50062516A /* wc_port.h */; };
+		5216481D1A8AC2990062516A /* aes.c in Sources */ = {isa = PBXBuildFile; fileRef = 521648101A8AC2990062516A /* aes.c */; };
+		5216481E1A8AC2990062516A /* des3.c in Sources */ = {isa = PBXBuildFile; fileRef = 521648111A8AC2990062516A /* des3.c */; };
+		5216481F1A8AC2990062516A /* fips_test.c in Sources */ = {isa = PBXBuildFile; fileRef = 521648121A8AC2990062516A /* fips_test.c */; };
+		521648201A8AC2990062516A /* fips.c in Sources */ = {isa = PBXBuildFile; fileRef = 521648131A8AC2990062516A /* fips.c */; };
+		521648211A8AC2990062516A /* hmac.c in Sources */ = {isa = PBXBuildFile; fileRef = 521648141A8AC2990062516A /* hmac.c */; };
+		521648231A8AC2990062516A /* random.c in Sources */ = {isa = PBXBuildFile; fileRef = 521648161A8AC2990062516A /* random.c */; };
+		521648241A8AC2990062516A /* rsa.c in Sources */ = {isa = PBXBuildFile; fileRef = 521648171A8AC2990062516A /* rsa.c */; };
+		521648251A8AC2990062516A /* sha.c in Sources */ = {isa = PBXBuildFile; fileRef = 521648181A8AC2990062516A /* sha.c */; };
+		521648261A8AC2990062516A /* sha256.c in Sources */ = {isa = PBXBuildFile; fileRef = 521648191A8AC2990062516A /* sha256.c */; };
+		521648271A8AC2990062516A /* sha512.c in Sources */ = {isa = PBXBuildFile; fileRef = 5216481A1A8AC2990062516A /* sha512.c */; };
+		521648281A8AC2990062516A /* wolfcrypt_first.c in Sources */ = {isa = PBXBuildFile; fileRef = 5216481B1A8AC2990062516A /* wolfcrypt_first.c */; };
+		521648291A8AC2990062516A /* wolfcrypt_last.c in Sources */ = {isa = PBXBuildFile; fileRef = 5216481C1A8AC2990062516A /* wolfcrypt_last.c */; };
+/* End PBXBuildFile section */
+
+/* Begin PBXCopyFilesBuildPhase section */
+		521646C11A8A7B380062516A /* CopyFiles */ = {
+			isa = PBXCopyFilesBuildPhase;
+			buildActionMask = 2147483647;
+			dstPath = include/wolfssl/wolfcrypt;
+			dstSubfolderSpec = 7;
+			files = (
+				521646CD1A8A7FF30062516A /* aes.h in CopyFiles */,
+				521646CE1A8A7FF30062516A /* arc4.h in CopyFiles */,
+				521646CF1A8A7FF30062516A /* asn_public.h in CopyFiles */,
+				521646D01A8A7FF30062516A /* asn.h in CopyFiles */,
+				521646D11A8A7FF30062516A /* blake2-impl.h in CopyFiles */,
+				521646D21A8A7FF30062516A /* blake2-int.h in CopyFiles */,
+				521646D31A8A7FF30062516A /* blake2.h in CopyFiles */,
+				521646D41A8A7FF30062516A /* camellia.h in CopyFiles */,
+				521646D51A8A7FF30062516A /* chacha.h in CopyFiles */,
+				521646D61A8A7FF30062516A /* coding.h in CopyFiles */,
+				521646D71A8A7FF30062516A /* compress.h in CopyFiles */,
+				521646D81A8A7FF30062516A /* des3.h in CopyFiles */,
+				521646D91A8A7FF30062516A /* dh.h in CopyFiles */,
+				521646DA1A8A7FF30062516A /* dsa.h in CopyFiles */,
+				521646DB1A8A7FF30062516A /* ecc.h in CopyFiles */,
+				521646DC1A8A7FF30062516A /* error-crypt.h in CopyFiles */,
+				521646DD1A8A7FF30062516A /* fips_test.h in CopyFiles */,
+				521646DE1A8A7FF30062516A /* hc128.h in CopyFiles */,
+				521646DF1A8A7FF30062516A /* hmac.h in CopyFiles */,
+				521646E01A8A7FF30062516A /* integer.h in CopyFiles */,
+				521646E11A8A7FF30062516A /* logging.h in CopyFiles */,
+				521646E21A8A7FF30062516A /* md2.h in CopyFiles */,
+				521646E31A8A7FF30062516A /* md4.h in CopyFiles */,
+				521646E41A8A7FF30062516A /* md5.h in CopyFiles */,
+				521646E51A8A7FF30062516A /* memory.h in CopyFiles */,
+				521646E61A8A7FF30062516A /* misc.h in CopyFiles */,
+				521646E71A8A7FF30062516A /* mpi_class.h in CopyFiles */,
+				521646E81A8A7FF30062516A /* mpi_superclass.h in CopyFiles */,
+				521646E91A8A7FF30062516A /* pkcs7.h in CopyFiles */,
+				521646EA1A8A7FF30062516A /* poly1305.h in CopyFiles */,
+				521646EB1A8A7FF30062516A /* pwdbased.h in CopyFiles */,
+				521646EC1A8A7FF30062516A /* rabbit.h in CopyFiles */,
+				521646ED1A8A7FF30062516A /* random.h in CopyFiles */,
+				521646EE1A8A7FF30062516A /* ripemd.h in CopyFiles */,
+				521646EF1A8A7FF30062516A /* rsa.h in CopyFiles */,
+				521646F01A8A7FF30062516A /* settings.h in CopyFiles */,
+				521646F11A8A7FF30062516A /* sha.h in CopyFiles */,
+				521646F21A8A7FF30062516A /* sha256.h in CopyFiles */,
+				521646F31A8A7FF30062516A /* sha512.h in CopyFiles */,
+				521646F41A8A7FF30062516A /* tfm.h in CopyFiles */,
+				521646F51A8A7FF30062516A /* types.h in CopyFiles */,
+				521646F61A8A7FF30062516A /* visibility.h in CopyFiles */,
+				521646F71A8A7FF30062516A /* wc_port.h in CopyFiles */,
+			);
+			runOnlyForDeploymentPostprocessing = 0;
+		};
+		521646C21A8A7B3B0062516A /* CopyFiles */ = {
+			isa = PBXCopyFilesBuildPhase;
+			buildActionMask = 2147483647;
+			dstPath = include/cyassl;
+			dstSubfolderSpec = 7;
+			files = (
+				521646F81A8A80030062516A /* callbacks.h in CopyFiles */,
+				521646F91A8A80030062516A /* certs_test.h in CopyFiles */,
+				521646FA1A8A80030062516A /* crl.h in CopyFiles */,
+				521646FB1A8A80030062516A /* error-ssl.h in CopyFiles */,
+				521646FC1A8A80030062516A /* internal.h in CopyFiles */,
+				521646FD1A8A80030062516A /* ocsp.h in CopyFiles */,
+				521646FE1A8A80030062516A /* ssl.h in CopyFiles */,
+				521646FF1A8A80030062516A /* test.h in CopyFiles */,
+				521647001A8A80030062516A /* version.h in CopyFiles */,
+			);
+			runOnlyForDeploymentPostprocessing = 0;
+		};
+		521646C31A8A7B3D0062516A /* CopyFiles */ = {
+			isa = PBXCopyFilesBuildPhase;
+			buildActionMask = 2147483647;
+			dstPath = include/cyassl/ctaocrypt;
+			dstSubfolderSpec = 7;
+			files = (
+				521647011A8A80100062516A /* aes.h in CopyFiles */,
+				521647021A8A80100062516A /* arc4.h in CopyFiles */,
+				521647031A8A80100062516A /* asn_public.h in CopyFiles */,
+				521647041A8A80100062516A /* asn.h in CopyFiles */,
+				521647051A8A80100062516A /* blake2-impl.h in CopyFiles */,
+				521647061A8A80100062516A /* blake2-int.h in CopyFiles */,
+				521647071A8A80100062516A /* blake2.h in CopyFiles */,
+				521647081A8A80100062516A /* camellia.h in CopyFiles */,
+				521647091A8A80100062516A /* chacha.h in CopyFiles */,
+				5216470A1A8A80100062516A /* coding.h in CopyFiles */,
+				5216470B1A8A80100062516A /* compress.h in CopyFiles */,
+				5216470C1A8A80100062516A /* des3.h in CopyFiles */,
+				5216470D1A8A80100062516A /* dh.h in CopyFiles */,
+				5216470E1A8A80100062516A /* dsa.h in CopyFiles */,
+				5216470F1A8A80100062516A /* ecc.h in CopyFiles */,
+				521647101A8A80100062516A /* error-crypt.h in CopyFiles */,
+				521647111A8A80100062516A /* fips_test.h in CopyFiles */,
+				521647121A8A80100062516A /* hc128.h in CopyFiles */,
+				521647131A8A80100062516A /* hmac.h in CopyFiles */,
+				521647141A8A80100062516A /* integer.h in CopyFiles */,
+				521647151A8A80100062516A /* logging.h in CopyFiles */,
+				521647161A8A80100062516A /* md2.h in CopyFiles */,
+				521647171A8A80100062516A /* md4.h in CopyFiles */,
+				521647181A8A80100062516A /* md5.h in CopyFiles */,
+				521647191A8A80100062516A /* memory.h in CopyFiles */,
+				5216471A1A8A80100062516A /* misc.h in CopyFiles */,
+				5216471B1A8A80100062516A /* mpi_class.h in CopyFiles */,
+				5216471C1A8A80100062516A /* mpi_superclass.h in CopyFiles */,
+				5216471D1A8A80100062516A /* pkcs7.h in CopyFiles */,
+				5216471E1A8A80100062516A /* poly1305.h in CopyFiles */,
+				5216471F1A8A80100062516A /* pwdbased.h in CopyFiles */,
+				521647201A8A80100062516A /* rabbit.h in CopyFiles */,
+				521647211A8A80100062516A /* random.h in CopyFiles */,
+				521647221A8A80100062516A /* ripemd.h in CopyFiles */,
+				521647231A8A80100062516A /* rsa.h in CopyFiles */,
+				521647241A8A80100062516A /* settings_comp.h in CopyFiles */,
+				521647251A8A80100062516A /* settings.h in CopyFiles */,
+				521647261A8A80100062516A /* sha.h in CopyFiles */,
+				521647271A8A80100062516A /* sha256.h in CopyFiles */,
+				521647281A8A80100062516A /* sha512.h in CopyFiles */,
+				521647291A8A80100062516A /* tfm.h in CopyFiles */,
+				5216472A1A8A80100062516A /* types.h in CopyFiles */,
+				5216472B1A8A80100062516A /* visibility.h in CopyFiles */,
+				5216472C1A8A80100062516A /* wc_port.h in CopyFiles */,
+			);
+			runOnlyForDeploymentPostprocessing = 0;
+		};
+		52B1344B16F3C9E800C07B32 /* CopyFiles */ = {
+			isa = PBXCopyFilesBuildPhase;
+			buildActionMask = 2147483647;
+			dstPath = include/wolfssl;
+			dstSubfolderSpec = 16;
+			files = (
+				521646C41A8A7FE10062516A /* callbacks.h in CopyFiles */,
+				521646C51A8A7FE10062516A /* certs_test.h in CopyFiles */,
+				521646C61A8A7FE10062516A /* crl.h in CopyFiles */,
+				521646C71A8A7FE10062516A /* error-ssl.h in CopyFiles */,
+				521646C81A8A7FE10062516A /* internal.h in CopyFiles */,
+				521646C91A8A7FE10062516A /* ocsp.h in CopyFiles */,
+				521646CA1A8A7FE10062516A /* ssl.h in CopyFiles */,
+				521646CB1A8A7FE10062516A /* test.h in CopyFiles */,
+				521646CC1A8A7FE10062516A /* version.h in CopyFiles */,
+			);
+			runOnlyForDeploymentPostprocessing = 0;
+		};
+/* End PBXCopyFilesBuildPhase section */
+
+/* Begin PBXFileReference section */
+		521646011A89928E0062516A /* crl.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = crl.c; path = ../../src/crl.c; sourceTree = ""; };
+		521646021A89928E0062516A /* internal.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = internal.c; path = ../../src/internal.c; sourceTree = ""; };
+		521646031A89928E0062516A /* io.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = io.c; path = ../../src/io.c; sourceTree = ""; };
+		521646041A89928E0062516A /* keys.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = keys.c; path = ../../src/keys.c; sourceTree = ""; };
+		521646051A89928E0062516A /* ocsp.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = ocsp.c; path = ../../src/ocsp.c; sourceTree = ""; };
+		521646061A89928E0062516A /* sniffer.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = sniffer.c; path = ../../src/sniffer.c; sourceTree = ""; };
+		521646071A89928E0062516A /* ssl.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = ssl.c; path = ../../src/ssl.c; sourceTree = ""; };
+		521646081A89928E0062516A /* tls.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = tls.c; path = ../../src/tls.c; sourceTree = ""; };
+		521646111A8992CC0062516A /* aes.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = aes.c; path = ../../wolfcrypt/src/aes.c; sourceTree = SOURCE_ROOT; };
+		521646121A8992CC0062516A /* arc4.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = arc4.c; path = ../../wolfcrypt/src/arc4.c; sourceTree = SOURCE_ROOT; };
+		521646131A8992CC0062516A /* asn.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = asn.c; path = ../../wolfcrypt/src/asn.c; sourceTree = SOURCE_ROOT; };
+		521646141A8992CC0062516A /* blake2b.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = blake2b.c; path = ../../wolfcrypt/src/blake2b.c; sourceTree = SOURCE_ROOT; };
+		521646151A8992CC0062516A /* camellia.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = camellia.c; path = ../../wolfcrypt/src/camellia.c; sourceTree = SOURCE_ROOT; };
+		521646161A8992CC0062516A /* chacha.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = chacha.c; path = ../../wolfcrypt/src/chacha.c; sourceTree = SOURCE_ROOT; };
+		521646171A8992CC0062516A /* coding.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = coding.c; path = ../../wolfcrypt/src/coding.c; sourceTree = SOURCE_ROOT; };
+		521646181A8992CC0062516A /* des3.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = des3.c; path = ../../wolfcrypt/src/des3.c; sourceTree = SOURCE_ROOT; };
+		521646191A8992CC0062516A /* dh.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = dh.c; path = ../../wolfcrypt/src/dh.c; sourceTree = SOURCE_ROOT; };
+		5216461A1A8992CC0062516A /* dsa.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = dsa.c; path = ../../wolfcrypt/src/dsa.c; sourceTree = SOURCE_ROOT; };
+		5216461B1A8992CC0062516A /* ecc.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = ecc.c; path = ../../wolfcrypt/src/ecc.c; sourceTree = SOURCE_ROOT; };
+		5216461C1A8992CC0062516A /* error.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = error.c; path = ../../wolfcrypt/src/error.c; sourceTree = SOURCE_ROOT; };
+		5216461D1A8992CC0062516A /* hc128.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = hc128.c; path = ../../wolfcrypt/src/hc128.c; sourceTree = SOURCE_ROOT; };
+		5216461E1A8992CC0062516A /* hmac.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = hmac.c; path = ../../wolfcrypt/src/hmac.c; sourceTree = SOURCE_ROOT; };
+		5216461F1A8992CC0062516A /* integer.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = integer.c; path = ../../wolfcrypt/src/integer.c; sourceTree = SOURCE_ROOT; };
+		521646201A8992CC0062516A /* logging.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = logging.c; path = ../../wolfcrypt/src/logging.c; sourceTree = SOURCE_ROOT; };
+		521646211A8992CC0062516A /* md2.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = md2.c; path = ../../wolfcrypt/src/md2.c; sourceTree = SOURCE_ROOT; };
+		521646221A8992CC0062516A /* md4.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = md4.c; path = ../../wolfcrypt/src/md4.c; sourceTree = SOURCE_ROOT; };
+		521646231A8992CC0062516A /* md5.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = md5.c; path = ../../wolfcrypt/src/md5.c; sourceTree = SOURCE_ROOT; };
+		521646241A8992CC0062516A /* memory.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = memory.c; path = ../../wolfcrypt/src/memory.c; sourceTree = SOURCE_ROOT; };
+		521646251A8992CC0062516A /* misc.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = misc.c; path = ../../wolfcrypt/src/misc.c; sourceTree = SOURCE_ROOT; };
+		521646261A8992CC0062516A /* pkcs7.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = pkcs7.c; path = ../../wolfcrypt/src/pkcs7.c; sourceTree = SOURCE_ROOT; };
+		521646271A8992CC0062516A /* poly1305.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = poly1305.c; path = ../../wolfcrypt/src/poly1305.c; sourceTree = SOURCE_ROOT; };
+		521646281A8992CC0062516A /* pwdbased.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = pwdbased.c; path = ../../wolfcrypt/src/pwdbased.c; sourceTree = SOURCE_ROOT; };
+		521646291A8992CC0062516A /* rabbit.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = rabbit.c; path = ../../wolfcrypt/src/rabbit.c; sourceTree = SOURCE_ROOT; };
+		5216462A1A8992CC0062516A /* random.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = random.c; path = ../../wolfcrypt/src/random.c; sourceTree = SOURCE_ROOT; };
+		5216462B1A8992CC0062516A /* ripemd.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = ripemd.c; path = ../../wolfcrypt/src/ripemd.c; sourceTree = SOURCE_ROOT; };
+		5216462C1A8992CC0062516A /* rsa.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = rsa.c; path = ../../wolfcrypt/src/rsa.c; sourceTree = SOURCE_ROOT; };
+		5216462D1A8992CC0062516A /* sha.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = sha.c; path = ../../wolfcrypt/src/sha.c; sourceTree = SOURCE_ROOT; };
+		5216462E1A8992CC0062516A /* sha256.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = sha256.c; path = ../../wolfcrypt/src/sha256.c; sourceTree = SOURCE_ROOT; };
+		5216462F1A8992CC0062516A /* sha512.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = sha512.c; path = ../../wolfcrypt/src/sha512.c; sourceTree = SOURCE_ROOT; };
+		521646301A8992CC0062516A /* tfm.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = tfm.c; path = ../../wolfcrypt/src/tfm.c; sourceTree = SOURCE_ROOT; };
+		521646311A8992CC0062516A /* wc_port.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = wc_port.c; path = ../../wolfcrypt/src/wc_port.c; sourceTree = SOURCE_ROOT; };
+		521646531A8993290062516A /* callbacks.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = callbacks.h; path = ../../wolfssl/callbacks.h; sourceTree = ""; };
+		521646541A8993290062516A /* certs_test.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = certs_test.h; path = ../../wolfssl/certs_test.h; sourceTree = ""; };
+		521646551A8993290062516A /* crl.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = crl.h; path = ../../wolfssl/crl.h; sourceTree = ""; };
+		521646561A8993290062516A /* error-ssl.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = "error-ssl.h"; path = "../../wolfssl/error-ssl.h"; sourceTree = ""; };
+		521646571A8993290062516A /* internal.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = internal.h; path = ../../wolfssl/internal.h; sourceTree = ""; };
+		521646581A8993290062516A /* ocsp.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = ocsp.h; path = ../../wolfssl/ocsp.h; sourceTree = ""; };
+		5216465B1A8993290062516A /* ssl.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = ssl.h; path = ../../wolfssl/ssl.h; sourceTree = ""; };
+		5216465C1A8993290062516A /* test.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = test.h; path = ../../wolfssl/test.h; sourceTree = ""; };
+		5216465D1A8993290062516A /* version.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = version.h; path = ../../wolfssl/version.h; sourceTree = ""; };
+		5216465E1A8993770062516A /* aes.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = aes.h; path = ../../wolfssl/wolfcrypt/aes.h; sourceTree = ""; };
+		5216465F1A8993770062516A /* arc4.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = arc4.h; path = ../../wolfssl/wolfcrypt/arc4.h; sourceTree = ""; };
+		521646601A8993770062516A /* asn_public.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = asn_public.h; path = ../../wolfssl/wolfcrypt/asn_public.h; sourceTree = ""; };
+		521646611A8993770062516A /* asn.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = asn.h; path = ../../wolfssl/wolfcrypt/asn.h; sourceTree = ""; };
+		521646621A8993770062516A /* blake2-impl.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = "blake2-impl.h"; path = "../../wolfssl/wolfcrypt/blake2-impl.h"; sourceTree = ""; };
+		521646631A8993770062516A /* blake2-int.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = "blake2-int.h"; path = "../../wolfssl/wolfcrypt/blake2-int.h"; sourceTree = ""; };
+		521646641A8993770062516A /* blake2.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = blake2.h; path = ../../wolfssl/wolfcrypt/blake2.h; sourceTree = ""; };
+		521646651A8993770062516A /* camellia.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = camellia.h; path = ../../wolfssl/wolfcrypt/camellia.h; sourceTree = ""; };
+		521646661A8993770062516A /* chacha.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = chacha.h; path = ../../wolfssl/wolfcrypt/chacha.h; sourceTree = ""; };
+		521646671A8993770062516A /* coding.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = coding.h; path = ../../wolfssl/wolfcrypt/coding.h; sourceTree = ""; };
+		521646681A8993770062516A /* compress.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = compress.h; path = ../../wolfssl/wolfcrypt/compress.h; sourceTree = ""; };
+		521646691A8993770062516A /* des3.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = des3.h; path = ../../wolfssl/wolfcrypt/des3.h; sourceTree = ""; };
+		5216466A1A8993770062516A /* dh.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = dh.h; path = ../../wolfssl/wolfcrypt/dh.h; sourceTree = ""; };
+		5216466B1A8993770062516A /* dsa.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = dsa.h; path = ../../wolfssl/wolfcrypt/dsa.h; sourceTree = ""; };
+		5216466C1A8993770062516A /* ecc.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = ecc.h; path = ../../wolfssl/wolfcrypt/ecc.h; sourceTree = ""; };
+		5216466D1A8993770062516A /* error-crypt.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = "error-crypt.h"; path = "../../wolfssl/wolfcrypt/error-crypt.h"; sourceTree = ""; };
+		5216466E1A8993770062516A /* fips_test.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = fips_test.h; path = ../../wolfssl/wolfcrypt/fips_test.h; sourceTree = ""; };
+		5216466F1A8993770062516A /* hc128.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = hc128.h; path = ../../wolfssl/wolfcrypt/hc128.h; sourceTree = ""; };
+		521646701A8993770062516A /* hmac.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = hmac.h; path = ../../wolfssl/wolfcrypt/hmac.h; sourceTree = ""; };
+		521646721A8993770062516A /* integer.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = integer.h; path = ../../wolfssl/wolfcrypt/integer.h; sourceTree = ""; };
+		521646731A8993770062516A /* logging.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = logging.h; path = ../../wolfssl/wolfcrypt/logging.h; sourceTree = ""; };
+		521646741A8993770062516A /* md2.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = md2.h; path = ../../wolfssl/wolfcrypt/md2.h; sourceTree = ""; };
+		521646751A8993770062516A /* md4.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = md4.h; path = ../../wolfssl/wolfcrypt/md4.h; sourceTree = ""; };
+		521646761A8993770062516A /* md5.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = md5.h; path = ../../wolfssl/wolfcrypt/md5.h; sourceTree = ""; };
+		521646771A8993770062516A /* memory.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = memory.h; path = ../../wolfssl/wolfcrypt/memory.h; sourceTree = ""; };
+		521646781A8993770062516A /* misc.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = misc.h; path = ../../wolfssl/wolfcrypt/misc.h; sourceTree = ""; };
+		521646791A8993770062516A /* mpi_class.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = mpi_class.h; path = ../../wolfssl/wolfcrypt/mpi_class.h; sourceTree = ""; };
+		5216467A1A8993770062516A /* mpi_superclass.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = mpi_superclass.h; path = ../../wolfssl/wolfcrypt/mpi_superclass.h; sourceTree = ""; };
+		5216467B1A8993770062516A /* pkcs7.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = pkcs7.h; path = ../../wolfssl/wolfcrypt/pkcs7.h; sourceTree = ""; };
+		5216467C1A8993770062516A /* poly1305.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = poly1305.h; path = ../../wolfssl/wolfcrypt/poly1305.h; sourceTree = ""; };
+		5216467D1A8993770062516A /* pwdbased.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = pwdbased.h; path = ../../wolfssl/wolfcrypt/pwdbased.h; sourceTree = ""; };
+		5216467E1A8993770062516A /* rabbit.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = rabbit.h; path = ../../wolfssl/wolfcrypt/rabbit.h; sourceTree = ""; };
+		5216467F1A8993770062516A /* random.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = random.h; path = ../../wolfssl/wolfcrypt/random.h; sourceTree = ""; };
+		521646801A8993770062516A /* ripemd.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = ripemd.h; path = ../../wolfssl/wolfcrypt/ripemd.h; sourceTree = ""; };
+		521646811A8993770062516A /* rsa.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = rsa.h; path = ../../wolfssl/wolfcrypt/rsa.h; sourceTree = ""; };
+		521646821A8993770062516A /* settings.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = settings.h; path = ../../wolfssl/wolfcrypt/settings.h; sourceTree = ""; };
+		521646831A8993770062516A /* sha.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = sha.h; path = ../../wolfssl/wolfcrypt/sha.h; sourceTree = ""; };
+		521646841A8993770062516A /* sha256.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = sha256.h; path = ../../wolfssl/wolfcrypt/sha256.h; sourceTree = ""; };
+		521646851A8993770062516A /* sha512.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = sha512.h; path = ../../wolfssl/wolfcrypt/sha512.h; sourceTree = ""; };
+		521646861A8993770062516A /* tfm.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = tfm.h; path = ../../wolfssl/wolfcrypt/tfm.h; sourceTree = ""; };
+		521646871A8993770062516A /* types.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = types.h; path = ../../wolfssl/wolfcrypt/types.h; sourceTree = ""; };
+		521646881A8993770062516A /* visibility.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = visibility.h; path = ../../wolfssl/wolfcrypt/visibility.h; sourceTree = ""; };
+		521646891A8993770062516A /* wc_port.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = wc_port.h; path = ../../wolfssl/wolfcrypt/wc_port.h; sourceTree = ""; };
+		5216468A1A8993BB0062516A /* callbacks.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = callbacks.h; path = ../../cyassl/callbacks.h; sourceTree = ""; };
+		5216468B1A8993BB0062516A /* certs_test.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = certs_test.h; path = ../../cyassl/certs_test.h; sourceTree = ""; };
+		5216468C1A8993BB0062516A /* crl.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = crl.h; path = ../../cyassl/crl.h; sourceTree = ""; };
+		5216468D1A8993BB0062516A /* error-ssl.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = "error-ssl.h"; path = "../../cyassl/error-ssl.h"; sourceTree = ""; };
+		5216468E1A8993BB0062516A /* internal.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = internal.h; path = ../../cyassl/internal.h; sourceTree = ""; };
+		5216468F1A8993BB0062516A /* ocsp.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = ocsp.h; path = ../../cyassl/ocsp.h; sourceTree = ""; };
+		521646921A8993BB0062516A /* ssl.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = ssl.h; path = ../../cyassl/ssl.h; sourceTree = ""; };
+		521646931A8993BB0062516A /* test.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = test.h; path = ../../cyassl/test.h; sourceTree = ""; };
+		521646941A8993BB0062516A /* version.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = version.h; path = ../../cyassl/version.h; sourceTree = ""; };
+		521646951A8993F50062516A /* aes.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = aes.h; path = ../../cyassl/ctaocrypt/aes.h; sourceTree = ""; };
+		521646961A8993F50062516A /* arc4.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = arc4.h; path = ../../cyassl/ctaocrypt/arc4.h; sourceTree = ""; };
+		521646971A8993F50062516A /* asn_public.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = asn_public.h; path = ../../cyassl/ctaocrypt/asn_public.h; sourceTree = ""; };
+		521646981A8993F50062516A /* asn.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = asn.h; path = ../../cyassl/ctaocrypt/asn.h; sourceTree = ""; };
+		521646991A8993F50062516A /* blake2-impl.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = "blake2-impl.h"; path = "../../cyassl/ctaocrypt/blake2-impl.h"; sourceTree = ""; };
+		5216469A1A8993F50062516A /* blake2-int.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = "blake2-int.h"; path = "../../cyassl/ctaocrypt/blake2-int.h"; sourceTree = ""; };
+		5216469B1A8993F50062516A /* blake2.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = blake2.h; path = ../../cyassl/ctaocrypt/blake2.h; sourceTree = ""; };
+		5216469C1A8993F50062516A /* camellia.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = camellia.h; path = ../../cyassl/ctaocrypt/camellia.h; sourceTree = ""; };
+		5216469D1A8993F50062516A /* chacha.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = chacha.h; path = ../../cyassl/ctaocrypt/chacha.h; sourceTree = ""; };
+		5216469E1A8993F50062516A /* coding.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = coding.h; path = ../../cyassl/ctaocrypt/coding.h; sourceTree = ""; };
+		5216469F1A8993F50062516A /* compress.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = compress.h; path = ../../cyassl/ctaocrypt/compress.h; sourceTree = ""; };
+		521646A01A8993F50062516A /* des3.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = des3.h; path = ../../cyassl/ctaocrypt/des3.h; sourceTree = ""; };
+		521646A11A8993F50062516A /* dh.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = dh.h; path = ../../cyassl/ctaocrypt/dh.h; sourceTree = ""; };
+		521646A21A8993F50062516A /* dsa.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = dsa.h; path = ../../cyassl/ctaocrypt/dsa.h; sourceTree = ""; };
+		521646A31A8993F50062516A /* ecc.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = ecc.h; path = ../../cyassl/ctaocrypt/ecc.h; sourceTree = ""; };
+		521646A41A8993F50062516A /* error-crypt.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = "error-crypt.h"; path = "../../cyassl/ctaocrypt/error-crypt.h"; sourceTree = ""; };
+		521646A51A8993F50062516A /* fips_test.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = fips_test.h; path = ../../cyassl/ctaocrypt/fips_test.h; sourceTree = ""; };
+		521646A61A8993F50062516A /* hc128.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = hc128.h; path = ../../cyassl/ctaocrypt/hc128.h; sourceTree = ""; };
+		521646A71A8993F50062516A /* hmac.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = hmac.h; path = ../../cyassl/ctaocrypt/hmac.h; sourceTree = ""; };
+		521646A81A8993F50062516A /* integer.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = integer.h; path = ../../cyassl/ctaocrypt/integer.h; sourceTree = ""; };
+		521646A91A8993F50062516A /* logging.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = logging.h; path = ../../cyassl/ctaocrypt/logging.h; sourceTree = ""; };
+		521646AA1A8993F50062516A /* md2.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = md2.h; path = ../../cyassl/ctaocrypt/md2.h; sourceTree = ""; };
+		521646AB1A8993F50062516A /* md4.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = md4.h; path = ../../cyassl/ctaocrypt/md4.h; sourceTree = ""; };
+		521646AC1A8993F50062516A /* md5.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = md5.h; path = ../../cyassl/ctaocrypt/md5.h; sourceTree = ""; };
+		521646AD1A8993F50062516A /* memory.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = memory.h; path = ../../cyassl/ctaocrypt/memory.h; sourceTree = ""; };
+		521646AE1A8993F50062516A /* misc.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = misc.h; path = ../../cyassl/ctaocrypt/misc.h; sourceTree = ""; };
+		521646AF1A8993F50062516A /* mpi_class.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = mpi_class.h; path = ../../cyassl/ctaocrypt/mpi_class.h; sourceTree = ""; };
+		521646B01A8993F50062516A /* mpi_superclass.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = mpi_superclass.h; path = ../../cyassl/ctaocrypt/mpi_superclass.h; sourceTree = ""; };
+		521646B11A8993F50062516A /* pkcs7.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = pkcs7.h; path = ../../cyassl/ctaocrypt/pkcs7.h; sourceTree = ""; };
+		521646B21A8993F50062516A /* poly1305.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = poly1305.h; path = ../../cyassl/ctaocrypt/poly1305.h; sourceTree = ""; };
+		521646B31A8993F50062516A /* pwdbased.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = pwdbased.h; path = ../../cyassl/ctaocrypt/pwdbased.h; sourceTree = ""; };
+		521646B41A8993F50062516A /* rabbit.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = rabbit.h; path = ../../cyassl/ctaocrypt/rabbit.h; sourceTree = ""; };
+		521646B51A8993F50062516A /* random.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = random.h; path = ../../cyassl/ctaocrypt/random.h; sourceTree = ""; };
+		521646B61A8993F50062516A /* ripemd.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = ripemd.h; path = ../../cyassl/ctaocrypt/ripemd.h; sourceTree = ""; };
+		521646B71A8993F50062516A /* rsa.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = rsa.h; path = ../../cyassl/ctaocrypt/rsa.h; sourceTree = ""; };
+		521646B81A8993F50062516A /* settings_comp.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = settings_comp.h; path = ../../cyassl/ctaocrypt/settings_comp.h; sourceTree = ""; };
+		521646B91A8993F50062516A /* settings.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = settings.h; path = ../../cyassl/ctaocrypt/settings.h; sourceTree = ""; };
+		521646BA1A8993F50062516A /* sha.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = sha.h; path = ../../cyassl/ctaocrypt/sha.h; sourceTree = ""; };
+		521646BB1A8993F50062516A /* sha256.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = sha256.h; path = ../../cyassl/ctaocrypt/sha256.h; sourceTree = ""; };
+		521646BC1A8993F50062516A /* sha512.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = sha512.h; path = ../../cyassl/ctaocrypt/sha512.h; sourceTree = ""; };
+		521646BD1A8993F50062516A /* tfm.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = tfm.h; path = ../../cyassl/ctaocrypt/tfm.h; sourceTree = ""; };
+		521646BE1A8993F50062516A /* types.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = types.h; path = ../../cyassl/ctaocrypt/types.h; sourceTree = ""; };
+		521646BF1A8993F50062516A /* visibility.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = visibility.h; path = ../../cyassl/ctaocrypt/visibility.h; sourceTree = ""; };
+		521646C01A8993F50062516A /* wc_port.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = wc_port.h; path = ../../cyassl/ctaocrypt/wc_port.h; sourceTree = ""; };
+		521648101A8AC2990062516A /* aes.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = aes.c; path = ../../ctaocrypt/src/aes.c; sourceTree = ""; };
+		521648111A8AC2990062516A /* des3.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = des3.c; path = ../../ctaocrypt/src/des3.c; sourceTree = ""; };
+		521648121A8AC2990062516A /* fips_test.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = fips_test.c; path = ../../ctaocrypt/src/fips_test.c; sourceTree = ""; };
+		521648131A8AC2990062516A /* fips.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = fips.c; path = ../../ctaocrypt/src/fips.c; sourceTree = ""; };
+		521648141A8AC2990062516A /* hmac.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = hmac.c; path = ../../ctaocrypt/src/hmac.c; sourceTree = ""; };
+		521648161A8AC2990062516A /* random.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = random.c; path = ../../ctaocrypt/src/random.c; sourceTree = ""; };
+		521648171A8AC2990062516A /* rsa.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = rsa.c; path = ../../ctaocrypt/src/rsa.c; sourceTree = ""; };
+		521648181A8AC2990062516A /* sha.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = sha.c; path = ../../ctaocrypt/src/sha.c; sourceTree = ""; };
+		521648191A8AC2990062516A /* sha256.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = sha256.c; path = ../../ctaocrypt/src/sha256.c; sourceTree = ""; };
+		5216481A1A8AC2990062516A /* sha512.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = sha512.c; path = ../../ctaocrypt/src/sha512.c; sourceTree = ""; };
+		5216481B1A8AC2990062516A /* wolfcrypt_first.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = wolfcrypt_first.c; path = ../../ctaocrypt/src/wolfcrypt_first.c; sourceTree = ""; };
+		5216481C1A8AC2990062516A /* wolfcrypt_last.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = wolfcrypt_last.c; path = ../../ctaocrypt/src/wolfcrypt_last.c; sourceTree = ""; };
+		52B1344D16F3C9E800C07B32 /* libwolfssl.a */ = {isa = PBXFileReference; explicitFileType = archive.ar; includeInIndex = 0; path = libwolfssl.a; sourceTree = BUILT_PRODUCTS_DIR; };
+/* End PBXFileReference section */
+
+/* Begin PBXFrameworksBuildPhase section */
+		52B1344A16F3C9E800C07B32 /* Frameworks */ = {
+			isa = PBXFrameworksBuildPhase;
+			buildActionMask = 2147483647;
+			files = (
+			);
+			runOnlyForDeploymentPostprocessing = 0;
+		};
+/* End PBXFrameworksBuildPhase section */
+
+/* Begin PBXGroup section */
+		521645391A898E7B0062516A /* Headers */ = {
+			isa = PBXGroup;
+			children = (
+				521645F91A89916E0062516A /* wolfSSL */,
+				521645F81A89916A0062516A /* wolfCrypt */,
+				521645F71A8991680062516A /* CyaSSL */,
+				521645F61A8991640062516A /* CtaoCrypt */,
+			);
+			name = Headers;
+			sourceTree = SOURCE_ROOT;
+		};
+		521645F61A8991640062516A /* CtaoCrypt */ = {
+			isa = PBXGroup;
+			children = (
+				521646951A8993F50062516A /* aes.h */,
+				521646961A8993F50062516A /* arc4.h */,
+				521646971A8993F50062516A /* asn_public.h */,
+				521646981A8993F50062516A /* asn.h */,
+				521646991A8993F50062516A /* blake2-impl.h */,
+				5216469A1A8993F50062516A /* blake2-int.h */,
+				5216469B1A8993F50062516A /* blake2.h */,
+				5216469C1A8993F50062516A /* camellia.h */,
+				5216469D1A8993F50062516A /* chacha.h */,
+				5216469E1A8993F50062516A /* coding.h */,
+				5216469F1A8993F50062516A /* compress.h */,
+				521646A01A8993F50062516A /* des3.h */,
+				521646A11A8993F50062516A /* dh.h */,
+				521646A21A8993F50062516A /* dsa.h */,
+				521646A31A8993F50062516A /* ecc.h */,
+				521646A41A8993F50062516A /* error-crypt.h */,
+				521646A51A8993F50062516A /* fips_test.h */,
+				521646A61A8993F50062516A /* hc128.h */,
+				521646A71A8993F50062516A /* hmac.h */,
+				521646A81A8993F50062516A /* integer.h */,
+				521646A91A8993F50062516A /* logging.h */,
+				521646AA1A8993F50062516A /* md2.h */,
+				521646AB1A8993F50062516A /* md4.h */,
+				521646AC1A8993F50062516A /* md5.h */,
+				521646AD1A8993F50062516A /* memory.h */,
+				521646AE1A8993F50062516A /* misc.h */,
+				521646AF1A8993F50062516A /* mpi_class.h */,
+				521646B01A8993F50062516A /* mpi_superclass.h */,
+				521646B11A8993F50062516A /* pkcs7.h */,
+				521646B21A8993F50062516A /* poly1305.h */,
+				521646B31A8993F50062516A /* pwdbased.h */,
+				521646B41A8993F50062516A /* rabbit.h */,
+				521646B51A8993F50062516A /* random.h */,
+				521646B61A8993F50062516A /* ripemd.h */,
+				521646B71A8993F50062516A /* rsa.h */,
+				521646B81A8993F50062516A /* settings_comp.h */,
+				521646B91A8993F50062516A /* settings.h */,
+				521646BA1A8993F50062516A /* sha.h */,
+				521646BB1A8993F50062516A /* sha256.h */,
+				521646BC1A8993F50062516A /* sha512.h */,
+				521646BD1A8993F50062516A /* tfm.h */,
+				521646BE1A8993F50062516A /* types.h */,
+				521646BF1A8993F50062516A /* visibility.h */,
+				521646C01A8993F50062516A /* wc_port.h */,
+			);
+			name = CtaoCrypt;
+			sourceTree = SOURCE_ROOT;
+		};
+		521645F71A8991680062516A /* CyaSSL */ = {
+			isa = PBXGroup;
+			children = (
+				5216468A1A8993BB0062516A /* callbacks.h */,
+				5216468B1A8993BB0062516A /* certs_test.h */,
+				5216468C1A8993BB0062516A /* crl.h */,
+				5216468D1A8993BB0062516A /* error-ssl.h */,
+				5216468E1A8993BB0062516A /* internal.h */,
+				5216468F1A8993BB0062516A /* ocsp.h */,
+				521646921A8993BB0062516A /* ssl.h */,
+				521646931A8993BB0062516A /* test.h */,
+				521646941A8993BB0062516A /* version.h */,
+			);
+			name = CyaSSL;
+			sourceTree = SOURCE_ROOT;
+		};
+		521645F81A89916A0062516A /* wolfCrypt */ = {
+			isa = PBXGroup;
+			children = (
+				5216465E1A8993770062516A /* aes.h */,
+				5216465F1A8993770062516A /* arc4.h */,
+				521646601A8993770062516A /* asn_public.h */,
+				521646611A8993770062516A /* asn.h */,
+				521646621A8993770062516A /* blake2-impl.h */,
+				521646631A8993770062516A /* blake2-int.h */,
+				521646641A8993770062516A /* blake2.h */,
+				521646651A8993770062516A /* camellia.h */,
+				521646661A8993770062516A /* chacha.h */,
+				521646671A8993770062516A /* coding.h */,
+				521646681A8993770062516A /* compress.h */,
+				521646691A8993770062516A /* des3.h */,
+				5216466A1A8993770062516A /* dh.h */,
+				5216466B1A8993770062516A /* dsa.h */,
+				5216466C1A8993770062516A /* ecc.h */,
+				5216466D1A8993770062516A /* error-crypt.h */,
+				5216466E1A8993770062516A /* fips_test.h */,
+				5216466F1A8993770062516A /* hc128.h */,
+				521646701A8993770062516A /* hmac.h */,
+				521646721A8993770062516A /* integer.h */,
+				521646731A8993770062516A /* logging.h */,
+				521646741A8993770062516A /* md2.h */,
+				521646751A8993770062516A /* md4.h */,
+				521646761A8993770062516A /* md5.h */,
+				521646771A8993770062516A /* memory.h */,
+				521646781A8993770062516A /* misc.h */,
+				521646791A8993770062516A /* mpi_class.h */,
+				5216467A1A8993770062516A /* mpi_superclass.h */,
+				5216467B1A8993770062516A /* pkcs7.h */,
+				5216467C1A8993770062516A /* poly1305.h */,
+				5216467D1A8993770062516A /* pwdbased.h */,
+				5216467E1A8993770062516A /* rabbit.h */,
+				5216467F1A8993770062516A /* random.h */,
+				521646801A8993770062516A /* ripemd.h */,
+				521646811A8993770062516A /* rsa.h */,
+				521646821A8993770062516A /* settings.h */,
+				521646831A8993770062516A /* sha.h */,
+				521646841A8993770062516A /* sha256.h */,
+				521646851A8993770062516A /* sha512.h */,
+				521646861A8993770062516A /* tfm.h */,
+				521646871A8993770062516A /* types.h */,
+				521646881A8993770062516A /* visibility.h */,
+				521646891A8993770062516A /* wc_port.h */,
+			);
+			name = wolfCrypt;
+			sourceTree = SOURCE_ROOT;
+		};
+		521645F91A89916E0062516A /* wolfSSL */ = {
+			isa = PBXGroup;
+			children = (
+				521646531A8993290062516A /* callbacks.h */,
+				521646541A8993290062516A /* certs_test.h */,
+				521646551A8993290062516A /* crl.h */,
+				521646561A8993290062516A /* error-ssl.h */,
+				521646571A8993290062516A /* internal.h */,
+				521646581A8993290062516A /* ocsp.h */,
+				5216465B1A8993290062516A /* ssl.h */,
+				5216465C1A8993290062516A /* test.h */,
+				5216465D1A8993290062516A /* version.h */,
+			);
+			name = wolfSSL;
+			sourceTree = SOURCE_ROOT;
+		};
+		521645FB1A8991990062516A /* Source */ = {
+			isa = PBXGroup;
+			children = (
+				521646001A89924A0062516A /* wolfSSL */,
+				521645FF1A8992470062516A /* wolfCrypt */,
+				5216480F1A8ABDA50062516A /* CtaoCrypt */,
+			);
+			name = Source;
+			sourceTree = SOURCE_ROOT;
+		};
+		521645FF1A8992470062516A /* wolfCrypt */ = {
+			isa = PBXGroup;
+			children = (
+				521646111A8992CC0062516A /* aes.c */,
+				521646121A8992CC0062516A /* arc4.c */,
+				521646131A8992CC0062516A /* asn.c */,
+				521646141A8992CC0062516A /* blake2b.c */,
+				521646151A8992CC0062516A /* camellia.c */,
+				521646161A8992CC0062516A /* chacha.c */,
+				521646171A8992CC0062516A /* coding.c */,
+				521646181A8992CC0062516A /* des3.c */,
+				521646191A8992CC0062516A /* dh.c */,
+				5216461A1A8992CC0062516A /* dsa.c */,
+				5216461B1A8992CC0062516A /* ecc.c */,
+				5216461C1A8992CC0062516A /* error.c */,
+				5216461D1A8992CC0062516A /* hc128.c */,
+				5216461E1A8992CC0062516A /* hmac.c */,
+				5216461F1A8992CC0062516A /* integer.c */,
+				521646201A8992CC0062516A /* logging.c */,
+				521646211A8992CC0062516A /* md2.c */,
+				521646221A8992CC0062516A /* md4.c */,
+				521646231A8992CC0062516A /* md5.c */,
+				521646241A8992CC0062516A /* memory.c */,
+				521646251A8992CC0062516A /* misc.c */,
+				521646261A8992CC0062516A /* pkcs7.c */,
+				521646271A8992CC0062516A /* poly1305.c */,
+				521646281A8992CC0062516A /* pwdbased.c */,
+				521646291A8992CC0062516A /* rabbit.c */,
+				5216462A1A8992CC0062516A /* random.c */,
+				5216462B1A8992CC0062516A /* ripemd.c */,
+				5216462C1A8992CC0062516A /* rsa.c */,
+				5216462D1A8992CC0062516A /* sha.c */,
+				5216462E1A8992CC0062516A /* sha256.c */,
+				5216462F1A8992CC0062516A /* sha512.c */,
+				521646301A8992CC0062516A /* tfm.c */,
+				521646311A8992CC0062516A /* wc_port.c */,
+			);
+			name = wolfCrypt;
+			sourceTree = SOURCE_ROOT;
+		};
+		521646001A89924A0062516A /* wolfSSL */ = {
+			isa = PBXGroup;
+			children = (
+				521646011A89928E0062516A /* crl.c */,
+				521646021A89928E0062516A /* internal.c */,
+				521646031A89928E0062516A /* io.c */,
+				521646041A89928E0062516A /* keys.c */,
+				521646051A89928E0062516A /* ocsp.c */,
+				521646061A89928E0062516A /* sniffer.c */,
+				521646071A89928E0062516A /* ssl.c */,
+				521646081A89928E0062516A /* tls.c */,
+			);
+			name = wolfSSL;
+			sourceTree = SOURCE_ROOT;
+		};
+		5216480F1A8ABDA50062516A /* CtaoCrypt */ = {
+			isa = PBXGroup;
+			children = (
+				5216481B1A8AC2990062516A /* wolfcrypt_first.c */,
+				521648141A8AC2990062516A /* hmac.c */,
+				521648161A8AC2990062516A /* random.c */,
+				521648191A8AC2990062516A /* sha256.c */,
+				521648171A8AC2990062516A /* rsa.c */,
+				521648101A8AC2990062516A /* aes.c */,
+				521648111A8AC2990062516A /* des3.c */,
+				521648181A8AC2990062516A /* sha.c */,
+				5216481A1A8AC2990062516A /* sha512.c */,
+				521648131A8AC2990062516A /* fips.c */,
+				521648121A8AC2990062516A /* fips_test.c */,
+				5216481C1A8AC2990062516A /* wolfcrypt_last.c */,
+			);
+			name = CtaoCrypt;
+			sourceTree = SOURCE_ROOT;
+		};
+		52B1344416F3C9E800C07B32 = {
+			isa = PBXGroup;
+			children = (
+				521645FB1A8991990062516A /* Source */,
+				521645391A898E7B0062516A /* Headers */,
+				52B1344E16F3C9E800C07B32 /* Products */,
+			);
+			sourceTree = "";
+		};
+		52B1344E16F3C9E800C07B32 /* Products */ = {
+			isa = PBXGroup;
+			children = (
+				52B1344D16F3C9E800C07B32 /* libwolfssl.a */,
+			);
+			name = Products;
+			sourceTree = "";
+		};
+/* End PBXGroup section */
+
+/* Begin PBXNativeTarget section */
+		52B1344C16F3C9E800C07B32 /* wolfssl */ = {
+			isa = PBXNativeTarget;
+			buildConfigurationList = 52B1347216F3C9E800C07B32 /* Build configuration list for PBXNativeTarget "wolfssl" */;
+			buildPhases = (
+				52B1344916F3C9E800C07B32 /* Sources */,
+				52B1344A16F3C9E800C07B32 /* Frameworks */,
+				52B1344B16F3C9E800C07B32 /* CopyFiles */,
+				521646C11A8A7B380062516A /* CopyFiles */,
+				521646C21A8A7B3B0062516A /* CopyFiles */,
+				521646C31A8A7B3D0062516A /* CopyFiles */,
+			);
+			buildRules = (
+			);
+			dependencies = (
+			);
+			name = wolfssl;
+			productName = "wolfssl-ios";
+			productReference = 52B1344D16F3C9E800C07B32 /* libwolfssl.a */;
+			productType = "com.apple.product-type.library.static";
+		};
+/* End PBXNativeTarget section */
+
+/* Begin PBXProject section */
+		52B1344516F3C9E800C07B32 /* Project object */ = {
+			isa = PBXProject;
+			attributes = {
+				LastUpgradeCheck = 0460;
+				ORGANIZATIONNAME = "wolfSSL Inc";
+			};
+			buildConfigurationList = 52B1344816F3C9E800C07B32 /* Build configuration list for PBXProject "wolfssl-FIPS" */;
+			compatibilityVersion = "Xcode 3.2";
+			developmentRegion = English;
+			hasScannedForEncodings = 0;
+			knownRegions = (
+				en,
+			);
+			mainGroup = 52B1344416F3C9E800C07B32;
+			productRefGroup = 52B1344E16F3C9E800C07B32 /* Products */;
+			projectDirPath = "";
+			projectRoot = "";
+			targets = (
+				52B1344C16F3C9E800C07B32 /* wolfssl */,
+			);
+		};
+/* End PBXProject section */
+
+/* Begin PBXSourcesBuildPhase section */
+		52B1344916F3C9E800C07B32 /* Sources */ = {
+			isa = PBXSourcesBuildPhase;
+			buildActionMask = 2147483647;
+			files = (
+				521648281A8AC2990062516A /* wolfcrypt_first.c in Sources */,
+				521648211A8AC2990062516A /* hmac.c in Sources */,
+				521648231A8AC2990062516A /* random.c in Sources */,
+				521648261A8AC2990062516A /* sha256.c in Sources */,
+				521648241A8AC2990062516A /* rsa.c in Sources */,
+				5216481D1A8AC2990062516A /* aes.c in Sources */,
+				5216481E1A8AC2990062516A /* des3.c in Sources */,
+				521648251A8AC2990062516A /* sha.c in Sources */,
+				521648271A8AC2990062516A /* sha512.c in Sources */,
+				521648201A8AC2990062516A /* fips.c in Sources */,
+				5216481F1A8AC2990062516A /* fips_test.c in Sources */,
+				521648291A8AC2990062516A /* wolfcrypt_last.c in Sources */,
+				5216463B1A8992CC0062516A /* dsa.c in Sources */,
+				521646411A8992CC0062516A /* logging.c in Sources */,
+				5216464E1A8992CC0062516A /* sha.c in Sources */,
+				521646481A8992CC0062516A /* poly1305.c in Sources */,
+				5216463A1A8992CC0062516A /* dh.c in Sources */,
+				521646361A8992CC0062516A /* camellia.c in Sources */,
+				521646521A8992CC0062516A /* wc_port.c in Sources */,
+				521646491A8992CC0062516A /* pwdbased.c in Sources */,
+				521646461A8992CC0062516A /* misc.c in Sources */,
+				5216463E1A8992CC0062516A /* hc128.c in Sources */,
+				521646341A8992CC0062516A /* asn.c in Sources */,
+				521646501A8992CC0062516A /* sha512.c in Sources */,
+				5216464A1A8992CC0062516A /* rabbit.c in Sources */,
+				521646441A8992CC0062516A /* md5.c in Sources */,
+				5216460F1A89928E0062516A /* ssl.c in Sources */,
+				5216464D1A8992CC0062516A /* rsa.c in Sources */,
+				5216464B1A8992CC0062516A /* random.c in Sources */,
+				521646101A89928E0062516A /* tls.c in Sources */,
+				5216460D1A89928E0062516A /* ocsp.c in Sources */,
+				521646431A8992CC0062516A /* md4.c in Sources */,
+				521646321A8992CC0062516A /* aes.c in Sources */,
+				521646391A8992CC0062516A /* des3.c in Sources */,
+				521646351A8992CC0062516A /* blake2b.c in Sources */,
+				5216464C1A8992CC0062516A /* ripemd.c in Sources */,
+				521646451A8992CC0062516A /* memory.c in Sources */,
+				5216463C1A8992CC0062516A /* ecc.c in Sources */,
+				5216464F1A8992CC0062516A /* sha256.c in Sources */,
+				521646371A8992CC0062516A /* chacha.c in Sources */,
+				521646471A8992CC0062516A /* pkcs7.c in Sources */,
+				5216460E1A89928E0062516A /* sniffer.c in Sources */,
+				521646421A8992CC0062516A /* md2.c in Sources */,
+				521646381A8992CC0062516A /* coding.c in Sources */,
+				5216463D1A8992CC0062516A /* error.c in Sources */,
+				5216463F1A8992CC0062516A /* hmac.c in Sources */,
+				521646331A8992CC0062516A /* arc4.c in Sources */,
+				521646401A8992CC0062516A /* integer.c in Sources */,
+				5216460A1A89928E0062516A /* internal.c in Sources */,
+				5216460B1A89928E0062516A /* io.c in Sources */,
+				521646511A8992CC0062516A /* tfm.c in Sources */,
+				521646091A89928E0062516A /* crl.c in Sources */,
+				5216460C1A89928E0062516A /* keys.c in Sources */,
+			);
+			runOnlyForDeploymentPostprocessing = 0;
+		};
+/* End PBXSourcesBuildPhase section */
+
+/* Begin XCBuildConfiguration section */
+		52B1347016F3C9E800C07B32 /* Debug */ = {
+			isa = XCBuildConfiguration;
+			buildSettings = {
+				ALWAYS_SEARCH_USER_PATHS = NO;
+				CLANG_CXX_LANGUAGE_STANDARD = "gnu++0x";
+				CLANG_CXX_LIBRARY = "libc++";
+				CLANG_WARN_CONSTANT_CONVERSION = YES;
+				CLANG_WARN_EMPTY_BODY = YES;
+				CLANG_WARN_ENUM_CONVERSION = YES;
+				CLANG_WARN_INT_CONVERSION = YES;
+				CLANG_WARN__DUPLICATE_METHOD_MATCH = YES;
+				COPY_PHASE_STRIP = NO;
+				GCC_C_LANGUAGE_STANDARD = gnu99;
+				GCC_DYNAMIC_NO_PIC = NO;
+				GCC_OPTIMIZATION_LEVEL = 0;
+				GCC_PREPROCESSOR_DEFINITIONS = (
+					"DEBUG=1",
+					"$(inherited)",
+				);
+				GCC_SYMBOLS_PRIVATE_EXTERN = NO;
+				GCC_WARN_ABOUT_RETURN_TYPE = YES;
+				GCC_WARN_UNINITIALIZED_AUTOS = YES;
+				GCC_WARN_UNUSED_VARIABLE = YES;
+				IPHONEOS_DEPLOYMENT_TARGET = 6.1;
+				ONLY_ACTIVE_ARCH = YES;
+				SDKROOT = iphoneos;
+				USER_HEADER_SEARCH_PATHS = "wolfssl/wolfcrypt wolfssl include";
+			};
+			name = Debug;
+		};
+		52B1347116F3C9E800C07B32 /* Release */ = {
+			isa = XCBuildConfiguration;
+			buildSettings = {
+				ALWAYS_SEARCH_USER_PATHS = NO;
+				CLANG_CXX_LANGUAGE_STANDARD = "gnu++0x";
+				CLANG_CXX_LIBRARY = "libc++";
+				CLANG_WARN_CONSTANT_CONVERSION = YES;
+				CLANG_WARN_EMPTY_BODY = YES;
+				CLANG_WARN_ENUM_CONVERSION = YES;
+				CLANG_WARN_INT_CONVERSION = YES;
+				CLANG_WARN__DUPLICATE_METHOD_MATCH = YES;
+				COPY_PHASE_STRIP = YES;
+				GCC_C_LANGUAGE_STANDARD = gnu99;
+				GCC_WARN_ABOUT_RETURN_TYPE = YES;
+				GCC_WARN_UNINITIALIZED_AUTOS = YES;
+				GCC_WARN_UNUSED_VARIABLE = YES;
+				IPHONEOS_DEPLOYMENT_TARGET = 6.1;
+				SDKROOT = iphoneos;
+				USER_HEADER_SEARCH_PATHS = "wolfssl/wolfcrypt wolfssl include";
+				VALIDATE_PRODUCT = NO;
+			};
+			name = Release;
+		};
+		52B1347316F3C9E800C07B32 /* Debug */ = {
+			isa = XCBuildConfiguration;
+			buildSettings = {
+				ALWAYS_SEARCH_USER_PATHS = YES;
+				CLANG_LINK_OBJC_RUNTIME = NO;
+				DSTROOT = /tmp/wolfssl_ios.dst;
+				GCC_PRECOMPILE_PREFIX_HEADER = NO;
+				GCC_PREFIX_HEADER = "";
+				GCC_PREPROCESSOR_DEFINITIONS = (
+					"DEBUG=1",
+					IPHONE,
+					HAVE_FIPS,
+					HAVE_HASHDRBG,
+					HAVE_AESGCM,
+					WOLFSSL_SHA512,
+					WOLFSSL_SHA384,
+					NO_PWDBASED,
+				);
+				HEADER_SEARCH_PATHS = (
+					$SRCROOT,
+					$PROJECT_DIR/../..,
+				);
+				OTHER_CFLAGS = "";
+				OTHER_LDFLAGS = "";
+				PRODUCT_NAME = wolfssl;
+				SKIP_INSTALL = YES;
+				TARGETED_DEVICE_FAMILY = "1,2";
+				USER_HEADER_SEARCH_PATHS = "wolfssl/wolfcrypt wolfssl";
+			};
+			name = Debug;
+		};
+		52B1347416F3C9E800C07B32 /* Release */ = {
+			isa = XCBuildConfiguration;
+			buildSettings = {
+				ALWAYS_SEARCH_USER_PATHS = YES;
+				CLANG_LINK_OBJC_RUNTIME = NO;
+				DSTROOT = /tmp/wolfssl_ios.dst;
+				GCC_PRECOMPILE_PREFIX_HEADER = NO;
+				GCC_PREFIX_HEADER = "";
+				GCC_PREPROCESSOR_DEFINITIONS = (
+					IPHONE,
+					HAVE_FIPS,
+					HAVE_HASHDRBG,
+					HAVE_AESGCM,
+					WOLFSSL_SHA512,
+					WOLFSSL_SHA384,
+					NO_PWDBASED,
+				);
+				HEADER_SEARCH_PATHS = (
+					$SRCROOT,
+					$PROJECT_DIR/../..,
+				);
+				OTHER_CFLAGS = "";
+				OTHER_LDFLAGS = "";
+				PRODUCT_NAME = wolfssl;
+				SKIP_INSTALL = YES;
+				TARGETED_DEVICE_FAMILY = "1,2";
+				USER_HEADER_SEARCH_PATHS = "wolfssl/wolfcrypt wolfssl";
+			};
+			name = Release;
+		};
+/* End XCBuildConfiguration section */
+
+/* Begin XCConfigurationList section */
+		52B1344816F3C9E800C07B32 /* Build configuration list for PBXProject "wolfssl-FIPS" */ = {
+			isa = XCConfigurationList;
+			buildConfigurations = (
+				52B1347016F3C9E800C07B32 /* Debug */,
+				52B1347116F3C9E800C07B32 /* Release */,
+			);
+			defaultConfigurationIsVisible = 0;
+			defaultConfigurationName = Release;
+		};
+		52B1347216F3C9E800C07B32 /* Build configuration list for PBXNativeTarget "wolfssl" */ = {
+			isa = XCConfigurationList;
+			buildConfigurations = (
+				52B1347316F3C9E800C07B32 /* Debug */,
+				52B1347416F3C9E800C07B32 /* Release */,
+			);
+			defaultConfigurationIsVisible = 0;
+			defaultConfigurationName = Release;
+		};
+/* End XCConfigurationList section */
+	};
+	rootObject = 52B1344516F3C9E800C07B32 /* Project object */;
+}
diff --git a/3P/wolfssl/IDE/iOS/wolfssl.xcodeproj/project.pbxproj b/3P/wolfssl/IDE/iOS/wolfssl.xcodeproj/project.pbxproj
new file mode 100644
index 00000000..14fd4e4d
--- /dev/null
+++ b/3P/wolfssl/IDE/iOS/wolfssl.xcodeproj/project.pbxproj
@@ -0,0 +1,906 @@
+// !$*UTF8*$!
+{
+	archiveVersion = 1;
+	classes = {
+	};
+	objectVersion = 46;
+	objects = {
+
+/* Begin PBXBuildFile section */
+		521646091A89928E0062516A /* crl.c in Sources */ = {isa = PBXBuildFile; fileRef = 521646011A89928E0062516A /* crl.c */; };
+		5216460A1A89928E0062516A /* internal.c in Sources */ = {isa = PBXBuildFile; fileRef = 521646021A89928E0062516A /* internal.c */; };
+		5216460B1A89928E0062516A /* io.c in Sources */ = {isa = PBXBuildFile; fileRef = 521646031A89928E0062516A /* io.c */; };
+		5216460C1A89928E0062516A /* keys.c in Sources */ = {isa = PBXBuildFile; fileRef = 521646041A89928E0062516A /* keys.c */; };
+		5216460D1A89928E0062516A /* ocsp.c in Sources */ = {isa = PBXBuildFile; fileRef = 521646051A89928E0062516A /* ocsp.c */; };
+		5216460E1A89928E0062516A /* sniffer.c in Sources */ = {isa = PBXBuildFile; fileRef = 521646061A89928E0062516A /* sniffer.c */; };
+		5216460F1A89928E0062516A /* ssl.c in Sources */ = {isa = PBXBuildFile; fileRef = 521646071A89928E0062516A /* ssl.c */; };
+		521646101A89928E0062516A /* tls.c in Sources */ = {isa = PBXBuildFile; fileRef = 521646081A89928E0062516A /* tls.c */; };
+		521646321A8992CC0062516A /* aes.c in Sources */ = {isa = PBXBuildFile; fileRef = 521646111A8992CC0062516A /* aes.c */; };
+		521646331A8992CC0062516A /* arc4.c in Sources */ = {isa = PBXBuildFile; fileRef = 521646121A8992CC0062516A /* arc4.c */; };
+		521646341A8992CC0062516A /* asn.c in Sources */ = {isa = PBXBuildFile; fileRef = 521646131A8992CC0062516A /* asn.c */; };
+		521646351A8992CC0062516A /* blake2b.c in Sources */ = {isa = PBXBuildFile; fileRef = 521646141A8992CC0062516A /* blake2b.c */; };
+		521646361A8992CC0062516A /* camellia.c in Sources */ = {isa = PBXBuildFile; fileRef = 521646151A8992CC0062516A /* camellia.c */; };
+		521646371A8992CC0062516A /* chacha.c in Sources */ = {isa = PBXBuildFile; fileRef = 521646161A8992CC0062516A /* chacha.c */; };
+		521646381A8992CC0062516A /* coding.c in Sources */ = {isa = PBXBuildFile; fileRef = 521646171A8992CC0062516A /* coding.c */; };
+		521646391A8992CC0062516A /* des3.c in Sources */ = {isa = PBXBuildFile; fileRef = 521646181A8992CC0062516A /* des3.c */; };
+		5216463A1A8992CC0062516A /* dh.c in Sources */ = {isa = PBXBuildFile; fileRef = 521646191A8992CC0062516A /* dh.c */; };
+		5216463B1A8992CC0062516A /* dsa.c in Sources */ = {isa = PBXBuildFile; fileRef = 5216461A1A8992CC0062516A /* dsa.c */; };
+		5216463C1A8992CC0062516A /* ecc.c in Sources */ = {isa = PBXBuildFile; fileRef = 5216461B1A8992CC0062516A /* ecc.c */; };
+		5216463D1A8992CC0062516A /* error.c in Sources */ = {isa = PBXBuildFile; fileRef = 5216461C1A8992CC0062516A /* error.c */; };
+		5216463E1A8992CC0062516A /* hc128.c in Sources */ = {isa = PBXBuildFile; fileRef = 5216461D1A8992CC0062516A /* hc128.c */; };
+		5216463F1A8992CC0062516A /* hmac.c in Sources */ = {isa = PBXBuildFile; fileRef = 5216461E1A8992CC0062516A /* hmac.c */; };
+		521646401A8992CC0062516A /* integer.c in Sources */ = {isa = PBXBuildFile; fileRef = 5216461F1A8992CC0062516A /* integer.c */; };
+		521646411A8992CC0062516A /* logging.c in Sources */ = {isa = PBXBuildFile; fileRef = 521646201A8992CC0062516A /* logging.c */; };
+		521646421A8992CC0062516A /* md2.c in Sources */ = {isa = PBXBuildFile; fileRef = 521646211A8992CC0062516A /* md2.c */; };
+		521646431A8992CC0062516A /* md4.c in Sources */ = {isa = PBXBuildFile; fileRef = 521646221A8992CC0062516A /* md4.c */; };
+		521646441A8992CC0062516A /* md5.c in Sources */ = {isa = PBXBuildFile; fileRef = 521646231A8992CC0062516A /* md5.c */; };
+		521646451A8992CC0062516A /* memory.c in Sources */ = {isa = PBXBuildFile; fileRef = 521646241A8992CC0062516A /* memory.c */; };
+		521646461A8992CC0062516A /* misc.c in Sources */ = {isa = PBXBuildFile; fileRef = 521646251A8992CC0062516A /* misc.c */; };
+		521646471A8992CC0062516A /* pkcs7.c in Sources */ = {isa = PBXBuildFile; fileRef = 521646261A8992CC0062516A /* pkcs7.c */; };
+		521646481A8992CC0062516A /* poly1305.c in Sources */ = {isa = PBXBuildFile; fileRef = 521646271A8992CC0062516A /* poly1305.c */; };
+		521646491A8992CC0062516A /* pwdbased.c in Sources */ = {isa = PBXBuildFile; fileRef = 521646281A8992CC0062516A /* pwdbased.c */; };
+		5216464A1A8992CC0062516A /* rabbit.c in Sources */ = {isa = PBXBuildFile; fileRef = 521646291A8992CC0062516A /* rabbit.c */; };
+		5216464B1A8992CC0062516A /* random.c in Sources */ = {isa = PBXBuildFile; fileRef = 5216462A1A8992CC0062516A /* random.c */; };
+		5216464C1A8992CC0062516A /* ripemd.c in Sources */ = {isa = PBXBuildFile; fileRef = 5216462B1A8992CC0062516A /* ripemd.c */; };
+		5216464D1A8992CC0062516A /* rsa.c in Sources */ = {isa = PBXBuildFile; fileRef = 5216462C1A8992CC0062516A /* rsa.c */; };
+		5216464E1A8992CC0062516A /* sha.c in Sources */ = {isa = PBXBuildFile; fileRef = 5216462D1A8992CC0062516A /* sha.c */; };
+		5216464F1A8992CC0062516A /* sha256.c in Sources */ = {isa = PBXBuildFile; fileRef = 5216462E1A8992CC0062516A /* sha256.c */; };
+		521646501A8992CC0062516A /* sha512.c in Sources */ = {isa = PBXBuildFile; fileRef = 5216462F1A8992CC0062516A /* sha512.c */; };
+		521646511A8992CC0062516A /* tfm.c in Sources */ = {isa = PBXBuildFile; fileRef = 521646301A8992CC0062516A /* tfm.c */; };
+		521646521A8992CC0062516A /* wc_port.c in Sources */ = {isa = PBXBuildFile; fileRef = 521646311A8992CC0062516A /* wc_port.c */; };
+		521646C41A8A7FE10062516A /* callbacks.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646531A8993290062516A /* callbacks.h */; };
+		521646C51A8A7FE10062516A /* certs_test.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646541A8993290062516A /* certs_test.h */; };
+		521646C61A8A7FE10062516A /* crl.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646551A8993290062516A /* crl.h */; };
+		521646C71A8A7FE10062516A /* error-ssl.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646561A8993290062516A /* error-ssl.h */; };
+		521646C81A8A7FE10062516A /* internal.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646571A8993290062516A /* internal.h */; };
+		521646C91A8A7FE10062516A /* ocsp.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646581A8993290062516A /* ocsp.h */; };
+		521646CA1A8A7FE10062516A /* ssl.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216465B1A8993290062516A /* ssl.h */; };
+		521646CB1A8A7FE10062516A /* test.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216465C1A8993290062516A /* test.h */; };
+		521646CC1A8A7FE10062516A /* version.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216465D1A8993290062516A /* version.h */; };
+		521646CD1A8A7FF30062516A /* aes.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216465E1A8993770062516A /* aes.h */; };
+		521646CE1A8A7FF30062516A /* arc4.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216465F1A8993770062516A /* arc4.h */; };
+		521646CF1A8A7FF30062516A /* asn_public.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646601A8993770062516A /* asn_public.h */; };
+		521646D01A8A7FF30062516A /* asn.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646611A8993770062516A /* asn.h */; };
+		521646D11A8A7FF30062516A /* blake2-impl.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646621A8993770062516A /* blake2-impl.h */; };
+		521646D21A8A7FF30062516A /* blake2-int.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646631A8993770062516A /* blake2-int.h */; };
+		521646D31A8A7FF30062516A /* blake2.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646641A8993770062516A /* blake2.h */; };
+		521646D41A8A7FF30062516A /* camellia.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646651A8993770062516A /* camellia.h */; };
+		521646D51A8A7FF30062516A /* chacha.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646661A8993770062516A /* chacha.h */; };
+		521646D61A8A7FF30062516A /* coding.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646671A8993770062516A /* coding.h */; };
+		521646D71A8A7FF30062516A /* compress.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646681A8993770062516A /* compress.h */; };
+		521646D81A8A7FF30062516A /* des3.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646691A8993770062516A /* des3.h */; };
+		521646D91A8A7FF30062516A /* dh.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216466A1A8993770062516A /* dh.h */; };
+		521646DA1A8A7FF30062516A /* dsa.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216466B1A8993770062516A /* dsa.h */; };
+		521646DB1A8A7FF30062516A /* ecc.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216466C1A8993770062516A /* ecc.h */; };
+		521646DC1A8A7FF30062516A /* error-crypt.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216466D1A8993770062516A /* error-crypt.h */; };
+		521646DD1A8A7FF30062516A /* fips_test.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216466E1A8993770062516A /* fips_test.h */; };
+		521646DE1A8A7FF30062516A /* hc128.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216466F1A8993770062516A /* hc128.h */; };
+		521646DF1A8A7FF30062516A /* hmac.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646701A8993770062516A /* hmac.h */; };
+		521646E01A8A7FF30062516A /* integer.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646721A8993770062516A /* integer.h */; };
+		521646E11A8A7FF30062516A /* logging.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646731A8993770062516A /* logging.h */; };
+		521646E21A8A7FF30062516A /* md2.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646741A8993770062516A /* md2.h */; };
+		521646E31A8A7FF30062516A /* md4.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646751A8993770062516A /* md4.h */; };
+		521646E41A8A7FF30062516A /* md5.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646761A8993770062516A /* md5.h */; };
+		521646E51A8A7FF30062516A /* memory.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646771A8993770062516A /* memory.h */; };
+		521646E61A8A7FF30062516A /* misc.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646781A8993770062516A /* misc.h */; };
+		521646E71A8A7FF30062516A /* mpi_class.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646791A8993770062516A /* mpi_class.h */; };
+		521646E81A8A7FF30062516A /* mpi_superclass.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216467A1A8993770062516A /* mpi_superclass.h */; };
+		521646E91A8A7FF30062516A /* pkcs7.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216467B1A8993770062516A /* pkcs7.h */; };
+		521646EA1A8A7FF30062516A /* poly1305.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216467C1A8993770062516A /* poly1305.h */; };
+		521646EB1A8A7FF30062516A /* pwdbased.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216467D1A8993770062516A /* pwdbased.h */; };
+		521646EC1A8A7FF30062516A /* rabbit.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216467E1A8993770062516A /* rabbit.h */; };
+		521646ED1A8A7FF30062516A /* random.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216467F1A8993770062516A /* random.h */; };
+		521646EE1A8A7FF30062516A /* ripemd.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646801A8993770062516A /* ripemd.h */; };
+		521646EF1A8A7FF30062516A /* rsa.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646811A8993770062516A /* rsa.h */; };
+		521646F01A8A7FF30062516A /* settings.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646821A8993770062516A /* settings.h */; };
+		521646F11A8A7FF30062516A /* sha.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646831A8993770062516A /* sha.h */; };
+		521646F21A8A7FF30062516A /* sha256.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646841A8993770062516A /* sha256.h */; };
+		521646F31A8A7FF30062516A /* sha512.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646851A8993770062516A /* sha512.h */; };
+		521646F41A8A7FF30062516A /* tfm.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646861A8993770062516A /* tfm.h */; };
+		521646F51A8A7FF30062516A /* types.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646871A8993770062516A /* types.h */; };
+		521646F61A8A7FF30062516A /* visibility.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646881A8993770062516A /* visibility.h */; };
+		521646F71A8A7FF30062516A /* wc_port.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646891A8993770062516A /* wc_port.h */; };
+		521646F81A8A80030062516A /* callbacks.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216468A1A8993BB0062516A /* callbacks.h */; };
+		521646F91A8A80030062516A /* certs_test.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216468B1A8993BB0062516A /* certs_test.h */; };
+		521646FA1A8A80030062516A /* crl.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216468C1A8993BB0062516A /* crl.h */; };
+		521646FB1A8A80030062516A /* error-ssl.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216468D1A8993BB0062516A /* error-ssl.h */; };
+		521646FC1A8A80030062516A /* internal.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216468E1A8993BB0062516A /* internal.h */; };
+		521646FD1A8A80030062516A /* ocsp.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216468F1A8993BB0062516A /* ocsp.h */; };
+		521646FE1A8A80030062516A /* ssl.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646921A8993BB0062516A /* ssl.h */; };
+		521646FF1A8A80030062516A /* test.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646931A8993BB0062516A /* test.h */; };
+		521647001A8A80030062516A /* version.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646941A8993BB0062516A /* version.h */; };
+		521647011A8A80100062516A /* aes.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646951A8993F50062516A /* aes.h */; };
+		521647021A8A80100062516A /* arc4.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646961A8993F50062516A /* arc4.h */; };
+		521647031A8A80100062516A /* asn_public.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646971A8993F50062516A /* asn_public.h */; };
+		521647041A8A80100062516A /* asn.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646981A8993F50062516A /* asn.h */; };
+		521647051A8A80100062516A /* blake2-impl.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646991A8993F50062516A /* blake2-impl.h */; };
+		521647061A8A80100062516A /* blake2-int.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216469A1A8993F50062516A /* blake2-int.h */; };
+		521647071A8A80100062516A /* blake2.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216469B1A8993F50062516A /* blake2.h */; };
+		521647081A8A80100062516A /* camellia.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216469C1A8993F50062516A /* camellia.h */; };
+		521647091A8A80100062516A /* chacha.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216469D1A8993F50062516A /* chacha.h */; };
+		5216470A1A8A80100062516A /* coding.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216469E1A8993F50062516A /* coding.h */; };
+		5216470B1A8A80100062516A /* compress.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216469F1A8993F50062516A /* compress.h */; };
+		5216470C1A8A80100062516A /* des3.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A01A8993F50062516A /* des3.h */; };
+		5216470D1A8A80100062516A /* dh.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A11A8993F50062516A /* dh.h */; };
+		5216470E1A8A80100062516A /* dsa.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A21A8993F50062516A /* dsa.h */; };
+		5216470F1A8A80100062516A /* ecc.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A31A8993F50062516A /* ecc.h */; };
+		521647101A8A80100062516A /* error-crypt.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A41A8993F50062516A /* error-crypt.h */; };
+		521647111A8A80100062516A /* fips_test.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A51A8993F50062516A /* fips_test.h */; };
+		521647121A8A80100062516A /* hc128.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A61A8993F50062516A /* hc128.h */; };
+		521647131A8A80100062516A /* hmac.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A71A8993F50062516A /* hmac.h */; };
+		521647141A8A80100062516A /* integer.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A81A8993F50062516A /* integer.h */; };
+		521647151A8A80100062516A /* logging.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A91A8993F50062516A /* logging.h */; };
+		521647161A8A80100062516A /* md2.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646AA1A8993F50062516A /* md2.h */; };
+		521647171A8A80100062516A /* md4.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646AB1A8993F50062516A /* md4.h */; };
+		521647181A8A80100062516A /* md5.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646AC1A8993F50062516A /* md5.h */; };
+		521647191A8A80100062516A /* memory.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646AD1A8993F50062516A /* memory.h */; };
+		5216471A1A8A80100062516A /* misc.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646AE1A8993F50062516A /* misc.h */; };
+		5216471B1A8A80100062516A /* mpi_class.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646AF1A8993F50062516A /* mpi_class.h */; };
+		5216471C1A8A80100062516A /* mpi_superclass.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B01A8993F50062516A /* mpi_superclass.h */; };
+		5216471D1A8A80100062516A /* pkcs7.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B11A8993F50062516A /* pkcs7.h */; };
+		5216471E1A8A80100062516A /* poly1305.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B21A8993F50062516A /* poly1305.h */; };
+		5216471F1A8A80100062516A /* pwdbased.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B31A8993F50062516A /* pwdbased.h */; };
+		521647201A8A80100062516A /* rabbit.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B41A8993F50062516A /* rabbit.h */; };
+		521647211A8A80100062516A /* random.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B51A8993F50062516A /* random.h */; };
+		521647221A8A80100062516A /* ripemd.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B61A8993F50062516A /* ripemd.h */; };
+		521647231A8A80100062516A /* rsa.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B71A8993F50062516A /* rsa.h */; };
+		521647241A8A80100062516A /* settings_comp.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B81A8993F50062516A /* settings_comp.h */; };
+		521647251A8A80100062516A /* settings.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B91A8993F50062516A /* settings.h */; };
+		521647261A8A80100062516A /* sha.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646BA1A8993F50062516A /* sha.h */; };
+		521647271A8A80100062516A /* sha256.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646BB1A8993F50062516A /* sha256.h */; };
+		521647281A8A80100062516A /* sha512.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646BC1A8993F50062516A /* sha512.h */; };
+		521647291A8A80100062516A /* tfm.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646BD1A8993F50062516A /* tfm.h */; };
+		5216472A1A8A80100062516A /* types.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646BE1A8993F50062516A /* types.h */; };
+		5216472B1A8A80100062516A /* visibility.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646BF1A8993F50062516A /* visibility.h */; };
+		5216472C1A8A80100062516A /* wc_port.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646C01A8993F50062516A /* wc_port.h */; };
+/* End PBXBuildFile section */
+
+/* Begin PBXCopyFilesBuildPhase section */
+		521646C11A8A7B380062516A /* CopyFiles */ = {
+			isa = PBXCopyFilesBuildPhase;
+			buildActionMask = 2147483647;
+			dstPath = include/wolfssl/wolfcrypt;
+			dstSubfolderSpec = 7;
+			files = (
+				521646CD1A8A7FF30062516A /* aes.h in CopyFiles */,
+				521646CE1A8A7FF30062516A /* arc4.h in CopyFiles */,
+				521646CF1A8A7FF30062516A /* asn_public.h in CopyFiles */,
+				521646D01A8A7FF30062516A /* asn.h in CopyFiles */,
+				521646D11A8A7FF30062516A /* blake2-impl.h in CopyFiles */,
+				521646D21A8A7FF30062516A /* blake2-int.h in CopyFiles */,
+				521646D31A8A7FF30062516A /* blake2.h in CopyFiles */,
+				521646D41A8A7FF30062516A /* camellia.h in CopyFiles */,
+				521646D51A8A7FF30062516A /* chacha.h in CopyFiles */,
+				521646D61A8A7FF30062516A /* coding.h in CopyFiles */,
+				521646D71A8A7FF30062516A /* compress.h in CopyFiles */,
+				521646D81A8A7FF30062516A /* des3.h in CopyFiles */,
+				521646D91A8A7FF30062516A /* dh.h in CopyFiles */,
+				521646DA1A8A7FF30062516A /* dsa.h in CopyFiles */,
+				521646DB1A8A7FF30062516A /* ecc.h in CopyFiles */,
+				521646DC1A8A7FF30062516A /* error-crypt.h in CopyFiles */,
+				521646DD1A8A7FF30062516A /* fips_test.h in CopyFiles */,
+				521646DE1A8A7FF30062516A /* hc128.h in CopyFiles */,
+				521646DF1A8A7FF30062516A /* hmac.h in CopyFiles */,
+				521646E01A8A7FF30062516A /* integer.h in CopyFiles */,
+				521646E11A8A7FF30062516A /* logging.h in CopyFiles */,
+				521646E21A8A7FF30062516A /* md2.h in CopyFiles */,
+				521646E31A8A7FF30062516A /* md4.h in CopyFiles */,
+				521646E41A8A7FF30062516A /* md5.h in CopyFiles */,
+				521646E51A8A7FF30062516A /* memory.h in CopyFiles */,
+				521646E61A8A7FF30062516A /* misc.h in CopyFiles */,
+				521646E71A8A7FF30062516A /* mpi_class.h in CopyFiles */,
+				521646E81A8A7FF30062516A /* mpi_superclass.h in CopyFiles */,
+				521646E91A8A7FF30062516A /* pkcs7.h in CopyFiles */,
+				521646EA1A8A7FF30062516A /* poly1305.h in CopyFiles */,
+				521646EB1A8A7FF30062516A /* pwdbased.h in CopyFiles */,
+				521646EC1A8A7FF30062516A /* rabbit.h in CopyFiles */,
+				521646ED1A8A7FF30062516A /* random.h in CopyFiles */,
+				521646EE1A8A7FF30062516A /* ripemd.h in CopyFiles */,
+				521646EF1A8A7FF30062516A /* rsa.h in CopyFiles */,
+				521646F01A8A7FF30062516A /* settings.h in CopyFiles */,
+				521646F11A8A7FF30062516A /* sha.h in CopyFiles */,
+				521646F21A8A7FF30062516A /* sha256.h in CopyFiles */,
+				521646F31A8A7FF30062516A /* sha512.h in CopyFiles */,
+				521646F41A8A7FF30062516A /* tfm.h in CopyFiles */,
+				521646F51A8A7FF30062516A /* types.h in CopyFiles */,
+				521646F61A8A7FF30062516A /* visibility.h in CopyFiles */,
+				521646F71A8A7FF30062516A /* wc_port.h in CopyFiles */,
+			);
+			runOnlyForDeploymentPostprocessing = 0;
+		};
+		521646C21A8A7B3B0062516A /* CopyFiles */ = {
+			isa = PBXCopyFilesBuildPhase;
+			buildActionMask = 2147483647;
+			dstPath = include/cyassl;
+			dstSubfolderSpec = 7;
+			files = (
+				521646F81A8A80030062516A /* callbacks.h in CopyFiles */,
+				521646F91A8A80030062516A /* certs_test.h in CopyFiles */,
+				521646FA1A8A80030062516A /* crl.h in CopyFiles */,
+				521646FB1A8A80030062516A /* error-ssl.h in CopyFiles */,
+				521646FC1A8A80030062516A /* internal.h in CopyFiles */,
+				521646FD1A8A80030062516A /* ocsp.h in CopyFiles */,
+				521646FE1A8A80030062516A /* ssl.h in CopyFiles */,
+				521646FF1A8A80030062516A /* test.h in CopyFiles */,
+				521647001A8A80030062516A /* version.h in CopyFiles */,
+			);
+			runOnlyForDeploymentPostprocessing = 0;
+		};
+		521646C31A8A7B3D0062516A /* CopyFiles */ = {
+			isa = PBXCopyFilesBuildPhase;
+			buildActionMask = 2147483647;
+			dstPath = include/cyassl/ctaocrypt;
+			dstSubfolderSpec = 7;
+			files = (
+				521647011A8A80100062516A /* aes.h in CopyFiles */,
+				521647021A8A80100062516A /* arc4.h in CopyFiles */,
+				521647031A8A80100062516A /* asn_public.h in CopyFiles */,
+				521647041A8A80100062516A /* asn.h in CopyFiles */,
+				521647051A8A80100062516A /* blake2-impl.h in CopyFiles */,
+				521647061A8A80100062516A /* blake2-int.h in CopyFiles */,
+				521647071A8A80100062516A /* blake2.h in CopyFiles */,
+				521647081A8A80100062516A /* camellia.h in CopyFiles */,
+				521647091A8A80100062516A /* chacha.h in CopyFiles */,
+				5216470A1A8A80100062516A /* coding.h in CopyFiles */,
+				5216470B1A8A80100062516A /* compress.h in CopyFiles */,
+				5216470C1A8A80100062516A /* des3.h in CopyFiles */,
+				5216470D1A8A80100062516A /* dh.h in CopyFiles */,
+				5216470E1A8A80100062516A /* dsa.h in CopyFiles */,
+				5216470F1A8A80100062516A /* ecc.h in CopyFiles */,
+				521647101A8A80100062516A /* error-crypt.h in CopyFiles */,
+				521647111A8A80100062516A /* fips_test.h in CopyFiles */,
+				521647121A8A80100062516A /* hc128.h in CopyFiles */,
+				521647131A8A80100062516A /* hmac.h in CopyFiles */,
+				521647141A8A80100062516A /* integer.h in CopyFiles */,
+				521647151A8A80100062516A /* logging.h in CopyFiles */,
+				521647161A8A80100062516A /* md2.h in CopyFiles */,
+				521647171A8A80100062516A /* md4.h in CopyFiles */,
+				521647181A8A80100062516A /* md5.h in CopyFiles */,
+				521647191A8A80100062516A /* memory.h in CopyFiles */,
+				5216471A1A8A80100062516A /* misc.h in CopyFiles */,
+				5216471B1A8A80100062516A /* mpi_class.h in CopyFiles */,
+				5216471C1A8A80100062516A /* mpi_superclass.h in CopyFiles */,
+				5216471D1A8A80100062516A /* pkcs7.h in CopyFiles */,
+				5216471E1A8A80100062516A /* poly1305.h in CopyFiles */,
+				5216471F1A8A80100062516A /* pwdbased.h in CopyFiles */,
+				521647201A8A80100062516A /* rabbit.h in CopyFiles */,
+				521647211A8A80100062516A /* random.h in CopyFiles */,
+				521647221A8A80100062516A /* ripemd.h in CopyFiles */,
+				521647231A8A80100062516A /* rsa.h in CopyFiles */,
+				521647241A8A80100062516A /* settings_comp.h in CopyFiles */,
+				521647251A8A80100062516A /* settings.h in CopyFiles */,
+				521647261A8A80100062516A /* sha.h in CopyFiles */,
+				521647271A8A80100062516A /* sha256.h in CopyFiles */,
+				521647281A8A80100062516A /* sha512.h in CopyFiles */,
+				521647291A8A80100062516A /* tfm.h in CopyFiles */,
+				5216472A1A8A80100062516A /* types.h in CopyFiles */,
+				5216472B1A8A80100062516A /* visibility.h in CopyFiles */,
+				5216472C1A8A80100062516A /* wc_port.h in CopyFiles */,
+			);
+			runOnlyForDeploymentPostprocessing = 0;
+		};
+		52B1344B16F3C9E800C07B32 /* CopyFiles */ = {
+			isa = PBXCopyFilesBuildPhase;
+			buildActionMask = 2147483647;
+			dstPath = include/wolfssl;
+			dstSubfolderSpec = 16;
+			files = (
+				521646C41A8A7FE10062516A /* callbacks.h in CopyFiles */,
+				521646C51A8A7FE10062516A /* certs_test.h in CopyFiles */,
+				521646C61A8A7FE10062516A /* crl.h in CopyFiles */,
+				521646C71A8A7FE10062516A /* error-ssl.h in CopyFiles */,
+				521646C81A8A7FE10062516A /* internal.h in CopyFiles */,
+				521646C91A8A7FE10062516A /* ocsp.h in CopyFiles */,
+				521646CA1A8A7FE10062516A /* ssl.h in CopyFiles */,
+				521646CB1A8A7FE10062516A /* test.h in CopyFiles */,
+				521646CC1A8A7FE10062516A /* version.h in CopyFiles */,
+			);
+			runOnlyForDeploymentPostprocessing = 0;
+		};
+/* End PBXCopyFilesBuildPhase section */
+
+/* Begin PBXFileReference section */
+		521646011A89928E0062516A /* crl.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = crl.c; path = ../../src/crl.c; sourceTree = ""; };
+		521646021A89928E0062516A /* internal.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = internal.c; path = ../../src/internal.c; sourceTree = ""; };
+		521646031A89928E0062516A /* io.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = io.c; path = ../../src/io.c; sourceTree = ""; };
+		521646041A89928E0062516A /* keys.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = keys.c; path = ../../src/keys.c; sourceTree = ""; };
+		521646051A89928E0062516A /* ocsp.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = ocsp.c; path = ../../src/ocsp.c; sourceTree = ""; };
+		521646061A89928E0062516A /* sniffer.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = sniffer.c; path = ../../src/sniffer.c; sourceTree = ""; };
+		521646071A89928E0062516A /* ssl.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = ssl.c; path = ../../src/ssl.c; sourceTree = ""; };
+		521646081A89928E0062516A /* tls.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = tls.c; path = ../../src/tls.c; sourceTree = ""; };
+		521646111A8992CC0062516A /* aes.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = aes.c; path = ../../wolfcrypt/src/aes.c; sourceTree = SOURCE_ROOT; };
+		521646121A8992CC0062516A /* arc4.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = arc4.c; path = ../../wolfcrypt/src/arc4.c; sourceTree = SOURCE_ROOT; };
+		521646131A8992CC0062516A /* asn.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = asn.c; path = ../../wolfcrypt/src/asn.c; sourceTree = SOURCE_ROOT; };
+		521646141A8992CC0062516A /* blake2b.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = blake2b.c; path = ../../wolfcrypt/src/blake2b.c; sourceTree = SOURCE_ROOT; };
+		521646151A8992CC0062516A /* camellia.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = camellia.c; path = ../../wolfcrypt/src/camellia.c; sourceTree = SOURCE_ROOT; };
+		521646161A8992CC0062516A /* chacha.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = chacha.c; path = ../../wolfcrypt/src/chacha.c; sourceTree = SOURCE_ROOT; };
+		521646171A8992CC0062516A /* coding.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = coding.c; path = ../../wolfcrypt/src/coding.c; sourceTree = SOURCE_ROOT; };
+		521646181A8992CC0062516A /* des3.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = des3.c; path = ../../wolfcrypt/src/des3.c; sourceTree = SOURCE_ROOT; };
+		521646191A8992CC0062516A /* dh.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = dh.c; path = ../../wolfcrypt/src/dh.c; sourceTree = SOURCE_ROOT; };
+		5216461A1A8992CC0062516A /* dsa.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = dsa.c; path = ../../wolfcrypt/src/dsa.c; sourceTree = SOURCE_ROOT; };
+		5216461B1A8992CC0062516A /* ecc.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = ecc.c; path = ../../wolfcrypt/src/ecc.c; sourceTree = SOURCE_ROOT; };
+		5216461C1A8992CC0062516A /* error.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = error.c; path = ../../wolfcrypt/src/error.c; sourceTree = SOURCE_ROOT; };
+		5216461D1A8992CC0062516A /* hc128.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = hc128.c; path = ../../wolfcrypt/src/hc128.c; sourceTree = SOURCE_ROOT; };
+		5216461E1A8992CC0062516A /* hmac.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = hmac.c; path = ../../wolfcrypt/src/hmac.c; sourceTree = SOURCE_ROOT; };
+		5216461F1A8992CC0062516A /* integer.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = integer.c; path = ../../wolfcrypt/src/integer.c; sourceTree = SOURCE_ROOT; };
+		521646201A8992CC0062516A /* logging.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = logging.c; path = ../../wolfcrypt/src/logging.c; sourceTree = SOURCE_ROOT; };
+		521646211A8992CC0062516A /* md2.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = md2.c; path = ../../wolfcrypt/src/md2.c; sourceTree = SOURCE_ROOT; };
+		521646221A8992CC0062516A /* md4.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = md4.c; path = ../../wolfcrypt/src/md4.c; sourceTree = SOURCE_ROOT; };
+		521646231A8992CC0062516A /* md5.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = md5.c; path = ../../wolfcrypt/src/md5.c; sourceTree = SOURCE_ROOT; };
+		521646241A8992CC0062516A /* memory.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = memory.c; path = ../../wolfcrypt/src/memory.c; sourceTree = SOURCE_ROOT; };
+		521646251A8992CC0062516A /* misc.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = misc.c; path = ../../wolfcrypt/src/misc.c; sourceTree = SOURCE_ROOT; };
+		521646261A8992CC0062516A /* pkcs7.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = pkcs7.c; path = ../../wolfcrypt/src/pkcs7.c; sourceTree = SOURCE_ROOT; };
+		521646271A8992CC0062516A /* poly1305.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = poly1305.c; path = ../../wolfcrypt/src/poly1305.c; sourceTree = SOURCE_ROOT; };
+		521646281A8992CC0062516A /* pwdbased.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = pwdbased.c; path = ../../wolfcrypt/src/pwdbased.c; sourceTree = SOURCE_ROOT; };
+		521646291A8992CC0062516A /* rabbit.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = rabbit.c; path = ../../wolfcrypt/src/rabbit.c; sourceTree = SOURCE_ROOT; };
+		5216462A1A8992CC0062516A /* random.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = random.c; path = ../../wolfcrypt/src/random.c; sourceTree = SOURCE_ROOT; };
+		5216462B1A8992CC0062516A /* ripemd.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = ripemd.c; path = ../../wolfcrypt/src/ripemd.c; sourceTree = SOURCE_ROOT; };
+		5216462C1A8992CC0062516A /* rsa.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = rsa.c; path = ../../wolfcrypt/src/rsa.c; sourceTree = SOURCE_ROOT; };
+		5216462D1A8992CC0062516A /* sha.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = sha.c; path = ../../wolfcrypt/src/sha.c; sourceTree = SOURCE_ROOT; };
+		5216462E1A8992CC0062516A /* sha256.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = sha256.c; path = ../../wolfcrypt/src/sha256.c; sourceTree = SOURCE_ROOT; };
+		5216462F1A8992CC0062516A /* sha512.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = sha512.c; path = ../../wolfcrypt/src/sha512.c; sourceTree = SOURCE_ROOT; };
+		521646301A8992CC0062516A /* tfm.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = tfm.c; path = ../../wolfcrypt/src/tfm.c; sourceTree = SOURCE_ROOT; };
+		521646311A8992CC0062516A /* wc_port.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = wc_port.c; path = ../../wolfcrypt/src/wc_port.c; sourceTree = SOURCE_ROOT; };
+		521646531A8993290062516A /* callbacks.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = callbacks.h; path = ../../wolfssl/callbacks.h; sourceTree = ""; };
+		521646541A8993290062516A /* certs_test.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = certs_test.h; path = ../../wolfssl/certs_test.h; sourceTree = ""; };
+		521646551A8993290062516A /* crl.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = crl.h; path = ../../wolfssl/crl.h; sourceTree = ""; };
+		521646561A8993290062516A /* error-ssl.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = "error-ssl.h"; path = "../../wolfssl/error-ssl.h"; sourceTree = ""; };
+		521646571A8993290062516A /* internal.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = internal.h; path = ../../wolfssl/internal.h; sourceTree = ""; };
+		521646581A8993290062516A /* ocsp.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = ocsp.h; path = ../../wolfssl/ocsp.h; sourceTree = ""; };
+		5216465B1A8993290062516A /* ssl.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = ssl.h; path = ../../wolfssl/ssl.h; sourceTree = ""; };
+		5216465C1A8993290062516A /* test.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = test.h; path = ../../wolfssl/test.h; sourceTree = ""; };
+		5216465D1A8993290062516A /* version.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = version.h; path = ../../wolfssl/version.h; sourceTree = ""; };
+		5216465E1A8993770062516A /* aes.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = aes.h; path = ../../wolfssl/wolfcrypt/aes.h; sourceTree = ""; };
+		5216465F1A8993770062516A /* arc4.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = arc4.h; path = ../../wolfssl/wolfcrypt/arc4.h; sourceTree = ""; };
+		521646601A8993770062516A /* asn_public.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = asn_public.h; path = ../../wolfssl/wolfcrypt/asn_public.h; sourceTree = ""; };
+		521646611A8993770062516A /* asn.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = asn.h; path = ../../wolfssl/wolfcrypt/asn.h; sourceTree = ""; };
+		521646621A8993770062516A /* blake2-impl.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = "blake2-impl.h"; path = "../../wolfssl/wolfcrypt/blake2-impl.h"; sourceTree = ""; };
+		521646631A8993770062516A /* blake2-int.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = "blake2-int.h"; path = "../../wolfssl/wolfcrypt/blake2-int.h"; sourceTree = ""; };
+		521646641A8993770062516A /* blake2.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = blake2.h; path = ../../wolfssl/wolfcrypt/blake2.h; sourceTree = ""; };
+		521646651A8993770062516A /* camellia.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = camellia.h; path = ../../wolfssl/wolfcrypt/camellia.h; sourceTree = ""; };
+		521646661A8993770062516A /* chacha.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = chacha.h; path = ../../wolfssl/wolfcrypt/chacha.h; sourceTree = ""; };
+		521646671A8993770062516A /* coding.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = coding.h; path = ../../wolfssl/wolfcrypt/coding.h; sourceTree = ""; };
+		521646681A8993770062516A /* compress.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = compress.h; path = ../../wolfssl/wolfcrypt/compress.h; sourceTree = ""; };
+		521646691A8993770062516A /* des3.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = des3.h; path = ../../wolfssl/wolfcrypt/des3.h; sourceTree = ""; };
+		5216466A1A8993770062516A /* dh.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = dh.h; path = ../../wolfssl/wolfcrypt/dh.h; sourceTree = ""; };
+		5216466B1A8993770062516A /* dsa.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = dsa.h; path = ../../wolfssl/wolfcrypt/dsa.h; sourceTree = ""; };
+		5216466C1A8993770062516A /* ecc.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = ecc.h; path = ../../wolfssl/wolfcrypt/ecc.h; sourceTree = ""; };
+		5216466D1A8993770062516A /* error-crypt.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = "error-crypt.h"; path = "../../wolfssl/wolfcrypt/error-crypt.h"; sourceTree = ""; };
+		5216466E1A8993770062516A /* fips_test.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = fips_test.h; path = ../../wolfssl/wolfcrypt/fips_test.h; sourceTree = ""; };
+		5216466F1A8993770062516A /* hc128.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = hc128.h; path = ../../wolfssl/wolfcrypt/hc128.h; sourceTree = ""; };
+		521646701A8993770062516A /* hmac.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = hmac.h; path = ../../wolfssl/wolfcrypt/hmac.h; sourceTree = ""; };
+		521646721A8993770062516A /* integer.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = integer.h; path = ../../wolfssl/wolfcrypt/integer.h; sourceTree = ""; };
+		521646731A8993770062516A /* logging.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = logging.h; path = ../../wolfssl/wolfcrypt/logging.h; sourceTree = ""; };
+		521646741A8993770062516A /* md2.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = md2.h; path = ../../wolfssl/wolfcrypt/md2.h; sourceTree = ""; };
+		521646751A8993770062516A /* md4.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = md4.h; path = ../../wolfssl/wolfcrypt/md4.h; sourceTree = ""; };
+		521646761A8993770062516A /* md5.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = md5.h; path = ../../wolfssl/wolfcrypt/md5.h; sourceTree = ""; };
+		521646771A8993770062516A /* memory.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = memory.h; path = ../../wolfssl/wolfcrypt/memory.h; sourceTree = ""; };
+		521646781A8993770062516A /* misc.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = misc.h; path = ../../wolfssl/wolfcrypt/misc.h; sourceTree = ""; };
+		521646791A8993770062516A /* mpi_class.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = mpi_class.h; path = ../../wolfssl/wolfcrypt/mpi_class.h; sourceTree = ""; };
+		5216467A1A8993770062516A /* mpi_superclass.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = mpi_superclass.h; path = ../../wolfssl/wolfcrypt/mpi_superclass.h; sourceTree = ""; };
+		5216467B1A8993770062516A /* pkcs7.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = pkcs7.h; path = ../../wolfssl/wolfcrypt/pkcs7.h; sourceTree = ""; };
+		5216467C1A8993770062516A /* poly1305.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = poly1305.h; path = ../../wolfssl/wolfcrypt/poly1305.h; sourceTree = ""; };
+		5216467D1A8993770062516A /* pwdbased.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = pwdbased.h; path = ../../wolfssl/wolfcrypt/pwdbased.h; sourceTree = ""; };
+		5216467E1A8993770062516A /* rabbit.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = rabbit.h; path = ../../wolfssl/wolfcrypt/rabbit.h; sourceTree = ""; };
+		5216467F1A8993770062516A /* random.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = random.h; path = ../../wolfssl/wolfcrypt/random.h; sourceTree = ""; };
+		521646801A8993770062516A /* ripemd.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = ripemd.h; path = ../../wolfssl/wolfcrypt/ripemd.h; sourceTree = ""; };
+		521646811A8993770062516A /* rsa.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = rsa.h; path = ../../wolfssl/wolfcrypt/rsa.h; sourceTree = ""; };
+		521646821A8993770062516A /* settings.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = settings.h; path = ../../wolfssl/wolfcrypt/settings.h; sourceTree = ""; };
+		521646831A8993770062516A /* sha.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = sha.h; path = ../../wolfssl/wolfcrypt/sha.h; sourceTree = ""; };
+		521646841A8993770062516A /* sha256.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = sha256.h; path = ../../wolfssl/wolfcrypt/sha256.h; sourceTree = ""; };
+		521646851A8993770062516A /* sha512.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = sha512.h; path = ../../wolfssl/wolfcrypt/sha512.h; sourceTree = ""; };
+		521646861A8993770062516A /* tfm.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = tfm.h; path = ../../wolfssl/wolfcrypt/tfm.h; sourceTree = ""; };
+		521646871A8993770062516A /* types.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = types.h; path = ../../wolfssl/wolfcrypt/types.h; sourceTree = ""; };
+		521646881A8993770062516A /* visibility.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = visibility.h; path = ../../wolfssl/wolfcrypt/visibility.h; sourceTree = ""; };
+		521646891A8993770062516A /* wc_port.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = wc_port.h; path = ../../wolfssl/wolfcrypt/wc_port.h; sourceTree = ""; };
+		5216468A1A8993BB0062516A /* callbacks.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = callbacks.h; path = ../../cyassl/callbacks.h; sourceTree = ""; };
+		5216468B1A8993BB0062516A /* certs_test.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = certs_test.h; path = ../../cyassl/certs_test.h; sourceTree = ""; };
+		5216468C1A8993BB0062516A /* crl.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = crl.h; path = ../../cyassl/crl.h; sourceTree = ""; };
+		5216468D1A8993BB0062516A /* error-ssl.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = "error-ssl.h"; path = "../../cyassl/error-ssl.h"; sourceTree = ""; };
+		5216468E1A8993BB0062516A /* internal.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = internal.h; path = ../../cyassl/internal.h; sourceTree = ""; };
+		5216468F1A8993BB0062516A /* ocsp.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = ocsp.h; path = ../../cyassl/ocsp.h; sourceTree = ""; };
+		521646921A8993BB0062516A /* ssl.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = ssl.h; path = ../../cyassl/ssl.h; sourceTree = ""; };
+		521646931A8993BB0062516A /* test.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = test.h; path = ../../cyassl/test.h; sourceTree = ""; };
+		521646941A8993BB0062516A /* version.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = version.h; path = ../../cyassl/version.h; sourceTree = ""; };
+		521646951A8993F50062516A /* aes.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = aes.h; path = ../../cyassl/ctaocrypt/aes.h; sourceTree = ""; };
+		521646961A8993F50062516A /* arc4.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = arc4.h; path = ../../cyassl/ctaocrypt/arc4.h; sourceTree = ""; };
+		521646971A8993F50062516A /* asn_public.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = asn_public.h; path = ../../cyassl/ctaocrypt/asn_public.h; sourceTree = ""; };
+		521646981A8993F50062516A /* asn.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = asn.h; path = ../../cyassl/ctaocrypt/asn.h; sourceTree = ""; };
+		521646991A8993F50062516A /* blake2-impl.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = "blake2-impl.h"; path = "../../cyassl/ctaocrypt/blake2-impl.h"; sourceTree = ""; };
+		5216469A1A8993F50062516A /* blake2-int.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = "blake2-int.h"; path = "../../cyassl/ctaocrypt/blake2-int.h"; sourceTree = ""; };
+		5216469B1A8993F50062516A /* blake2.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = blake2.h; path = ../../cyassl/ctaocrypt/blake2.h; sourceTree = ""; };
+		5216469C1A8993F50062516A /* camellia.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = camellia.h; path = ../../cyassl/ctaocrypt/camellia.h; sourceTree = ""; };
+		5216469D1A8993F50062516A /* chacha.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = chacha.h; path = ../../cyassl/ctaocrypt/chacha.h; sourceTree = ""; };
+		5216469E1A8993F50062516A /* coding.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = coding.h; path = ../../cyassl/ctaocrypt/coding.h; sourceTree = ""; };
+		5216469F1A8993F50062516A /* compress.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = compress.h; path = ../../cyassl/ctaocrypt/compress.h; sourceTree = ""; };
+		521646A01A8993F50062516A /* des3.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = des3.h; path = ../../cyassl/ctaocrypt/des3.h; sourceTree = ""; };
+		521646A11A8993F50062516A /* dh.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = dh.h; path = ../../cyassl/ctaocrypt/dh.h; sourceTree = ""; };
+		521646A21A8993F50062516A /* dsa.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = dsa.h; path = ../../cyassl/ctaocrypt/dsa.h; sourceTree = ""; };
+		521646A31A8993F50062516A /* ecc.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = ecc.h; path = ../../cyassl/ctaocrypt/ecc.h; sourceTree = ""; };
+		521646A41A8993F50062516A /* error-crypt.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = "error-crypt.h"; path = "../../cyassl/ctaocrypt/error-crypt.h"; sourceTree = ""; };
+		521646A51A8993F50062516A /* fips_test.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = fips_test.h; path = ../../cyassl/ctaocrypt/fips_test.h; sourceTree = ""; };
+		521646A61A8993F50062516A /* hc128.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = hc128.h; path = ../../cyassl/ctaocrypt/hc128.h; sourceTree = ""; };
+		521646A71A8993F50062516A /* hmac.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = hmac.h; path = ../../cyassl/ctaocrypt/hmac.h; sourceTree = ""; };
+		521646A81A8993F50062516A /* integer.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = integer.h; path = ../../cyassl/ctaocrypt/integer.h; sourceTree = ""; };
+		521646A91A8993F50062516A /* logging.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = logging.h; path = ../../cyassl/ctaocrypt/logging.h; sourceTree = ""; };
+		521646AA1A8993F50062516A /* md2.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = md2.h; path = ../../cyassl/ctaocrypt/md2.h; sourceTree = ""; };
+		521646AB1A8993F50062516A /* md4.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = md4.h; path = ../../cyassl/ctaocrypt/md4.h; sourceTree = ""; };
+		521646AC1A8993F50062516A /* md5.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = md5.h; path = ../../cyassl/ctaocrypt/md5.h; sourceTree = ""; };
+		521646AD1A8993F50062516A /* memory.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = memory.h; path = ../../cyassl/ctaocrypt/memory.h; sourceTree = ""; };
+		521646AE1A8993F50062516A /* misc.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = misc.h; path = ../../cyassl/ctaocrypt/misc.h; sourceTree = ""; };
+		521646AF1A8993F50062516A /* mpi_class.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = mpi_class.h; path = ../../cyassl/ctaocrypt/mpi_class.h; sourceTree = ""; };
+		521646B01A8993F50062516A /* mpi_superclass.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = mpi_superclass.h; path = ../../cyassl/ctaocrypt/mpi_superclass.h; sourceTree = ""; };
+		521646B11A8993F50062516A /* pkcs7.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = pkcs7.h; path = ../../cyassl/ctaocrypt/pkcs7.h; sourceTree = ""; };
+		521646B21A8993F50062516A /* poly1305.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = poly1305.h; path = ../../cyassl/ctaocrypt/poly1305.h; sourceTree = ""; };
+		521646B31A8993F50062516A /* pwdbased.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = pwdbased.h; path = ../../cyassl/ctaocrypt/pwdbased.h; sourceTree = ""; };
+		521646B41A8993F50062516A /* rabbit.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = rabbit.h; path = ../../cyassl/ctaocrypt/rabbit.h; sourceTree = ""; };
+		521646B51A8993F50062516A /* random.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = random.h; path = ../../cyassl/ctaocrypt/random.h; sourceTree = ""; };
+		521646B61A8993F50062516A /* ripemd.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = ripemd.h; path = ../../cyassl/ctaocrypt/ripemd.h; sourceTree = ""; };
+		521646B71A8993F50062516A /* rsa.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = rsa.h; path = ../../cyassl/ctaocrypt/rsa.h; sourceTree = ""; };
+		521646B81A8993F50062516A /* settings_comp.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = settings_comp.h; path = ../../cyassl/ctaocrypt/settings_comp.h; sourceTree = ""; };
+		521646B91A8993F50062516A /* settings.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = settings.h; path = ../../cyassl/ctaocrypt/settings.h; sourceTree = ""; };
+		521646BA1A8993F50062516A /* sha.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = sha.h; path = ../../cyassl/ctaocrypt/sha.h; sourceTree = ""; };
+		521646BB1A8993F50062516A /* sha256.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = sha256.h; path = ../../cyassl/ctaocrypt/sha256.h; sourceTree = ""; };
+		521646BC1A8993F50062516A /* sha512.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = sha512.h; path = ../../cyassl/ctaocrypt/sha512.h; sourceTree = ""; };
+		521646BD1A8993F50062516A /* tfm.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = tfm.h; path = ../../cyassl/ctaocrypt/tfm.h; sourceTree = ""; };
+		521646BE1A8993F50062516A /* types.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = types.h; path = ../../cyassl/ctaocrypt/types.h; sourceTree = ""; };
+		521646BF1A8993F50062516A /* visibility.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = visibility.h; path = ../../cyassl/ctaocrypt/visibility.h; sourceTree = ""; };
+		521646C01A8993F50062516A /* wc_port.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = wc_port.h; path = ../../cyassl/ctaocrypt/wc_port.h; sourceTree = ""; };
+		52B1344D16F3C9E800C07B32 /* libwolfssl.a */ = {isa = PBXFileReference; explicitFileType = archive.ar; includeInIndex = 0; path = libwolfssl.a; sourceTree = BUILT_PRODUCTS_DIR; };
+/* End PBXFileReference section */
+
+/* Begin PBXFrameworksBuildPhase section */
+		52B1344A16F3C9E800C07B32 /* Frameworks */ = {
+			isa = PBXFrameworksBuildPhase;
+			buildActionMask = 2147483647;
+			files = (
+			);
+			runOnlyForDeploymentPostprocessing = 0;
+		};
+/* End PBXFrameworksBuildPhase section */
+
+/* Begin PBXGroup section */
+		521645391A898E7B0062516A /* Headers */ = {
+			isa = PBXGroup;
+			children = (
+				521645F91A89916E0062516A /* wolfSSL */,
+				521645F81A89916A0062516A /* wolfCrypt */,
+				521645F71A8991680062516A /* CyaSSL */,
+				521645F61A8991640062516A /* CtaoCrypt */,
+			);
+			name = Headers;
+			sourceTree = SOURCE_ROOT;
+		};
+		521645F61A8991640062516A /* CtaoCrypt */ = {
+			isa = PBXGroup;
+			children = (
+				521646951A8993F50062516A /* aes.h */,
+				521646961A8993F50062516A /* arc4.h */,
+				521646971A8993F50062516A /* asn_public.h */,
+				521646981A8993F50062516A /* asn.h */,
+				521646991A8993F50062516A /* blake2-impl.h */,
+				5216469A1A8993F50062516A /* blake2-int.h */,
+				5216469B1A8993F50062516A /* blake2.h */,
+				5216469C1A8993F50062516A /* camellia.h */,
+				5216469D1A8993F50062516A /* chacha.h */,
+				5216469E1A8993F50062516A /* coding.h */,
+				5216469F1A8993F50062516A /* compress.h */,
+				521646A01A8993F50062516A /* des3.h */,
+				521646A11A8993F50062516A /* dh.h */,
+				521646A21A8993F50062516A /* dsa.h */,
+				521646A31A8993F50062516A /* ecc.h */,
+				521646A41A8993F50062516A /* error-crypt.h */,
+				521646A51A8993F50062516A /* fips_test.h */,
+				521646A61A8993F50062516A /* hc128.h */,
+				521646A71A8993F50062516A /* hmac.h */,
+				521646A81A8993F50062516A /* integer.h */,
+				521646A91A8993F50062516A /* logging.h */,
+				521646AA1A8993F50062516A /* md2.h */,
+				521646AB1A8993F50062516A /* md4.h */,
+				521646AC1A8993F50062516A /* md5.h */,
+				521646AD1A8993F50062516A /* memory.h */,
+				521646AE1A8993F50062516A /* misc.h */,
+				521646AF1A8993F50062516A /* mpi_class.h */,
+				521646B01A8993F50062516A /* mpi_superclass.h */,
+				521646B11A8993F50062516A /* pkcs7.h */,
+				521646B21A8993F50062516A /* poly1305.h */,
+				521646B31A8993F50062516A /* pwdbased.h */,
+				521646B41A8993F50062516A /* rabbit.h */,
+				521646B51A8993F50062516A /* random.h */,
+				521646B61A8993F50062516A /* ripemd.h */,
+				521646B71A8993F50062516A /* rsa.h */,
+				521646B81A8993F50062516A /* settings_comp.h */,
+				521646B91A8993F50062516A /* settings.h */,
+				521646BA1A8993F50062516A /* sha.h */,
+				521646BB1A8993F50062516A /* sha256.h */,
+				521646BC1A8993F50062516A /* sha512.h */,
+				521646BD1A8993F50062516A /* tfm.h */,
+				521646BE1A8993F50062516A /* types.h */,
+				521646BF1A8993F50062516A /* visibility.h */,
+				521646C01A8993F50062516A /* wc_port.h */,
+			);
+			name = CtaoCrypt;
+			sourceTree = SOURCE_ROOT;
+		};
+		521645F71A8991680062516A /* CyaSSL */ = {
+			isa = PBXGroup;
+			children = (
+				5216468A1A8993BB0062516A /* callbacks.h */,
+				5216468B1A8993BB0062516A /* certs_test.h */,
+				5216468C1A8993BB0062516A /* crl.h */,
+				5216468D1A8993BB0062516A /* error-ssl.h */,
+				5216468E1A8993BB0062516A /* internal.h */,
+				5216468F1A8993BB0062516A /* ocsp.h */,
+				521646921A8993BB0062516A /* ssl.h */,
+				521646931A8993BB0062516A /* test.h */,
+				521646941A8993BB0062516A /* version.h */,
+			);
+			name = CyaSSL;
+			sourceTree = SOURCE_ROOT;
+		};
+		521645F81A89916A0062516A /* wolfCrypt */ = {
+			isa = PBXGroup;
+			children = (
+				5216465E1A8993770062516A /* aes.h */,
+				5216465F1A8993770062516A /* arc4.h */,
+				521646601A8993770062516A /* asn_public.h */,
+				521646611A8993770062516A /* asn.h */,
+				521646621A8993770062516A /* blake2-impl.h */,
+				521646631A8993770062516A /* blake2-int.h */,
+				521646641A8993770062516A /* blake2.h */,
+				521646651A8993770062516A /* camellia.h */,
+				521646661A8993770062516A /* chacha.h */,
+				521646671A8993770062516A /* coding.h */,
+				521646681A8993770062516A /* compress.h */,
+				521646691A8993770062516A /* des3.h */,
+				5216466A1A8993770062516A /* dh.h */,
+				5216466B1A8993770062516A /* dsa.h */,
+				5216466C1A8993770062516A /* ecc.h */,
+				5216466D1A8993770062516A /* error-crypt.h */,
+				5216466E1A8993770062516A /* fips_test.h */,
+				5216466F1A8993770062516A /* hc128.h */,
+				521646701A8993770062516A /* hmac.h */,
+				521646721A8993770062516A /* integer.h */,
+				521646731A8993770062516A /* logging.h */,
+				521646741A8993770062516A /* md2.h */,
+				521646751A8993770062516A /* md4.h */,
+				521646761A8993770062516A /* md5.h */,
+				521646771A8993770062516A /* memory.h */,
+				521646781A8993770062516A /* misc.h */,
+				521646791A8993770062516A /* mpi_class.h */,
+				5216467A1A8993770062516A /* mpi_superclass.h */,
+				5216467B1A8993770062516A /* pkcs7.h */,
+				5216467C1A8993770062516A /* poly1305.h */,
+				5216467D1A8993770062516A /* pwdbased.h */,
+				5216467E1A8993770062516A /* rabbit.h */,
+				5216467F1A8993770062516A /* random.h */,
+				521646801A8993770062516A /* ripemd.h */,
+				521646811A8993770062516A /* rsa.h */,
+				521646821A8993770062516A /* settings.h */,
+				521646831A8993770062516A /* sha.h */,
+				521646841A8993770062516A /* sha256.h */,
+				521646851A8993770062516A /* sha512.h */,
+				521646861A8993770062516A /* tfm.h */,
+				521646871A8993770062516A /* types.h */,
+				521646881A8993770062516A /* visibility.h */,
+				521646891A8993770062516A /* wc_port.h */,
+			);
+			name = wolfCrypt;
+			sourceTree = SOURCE_ROOT;
+		};
+		521645F91A89916E0062516A /* wolfSSL */ = {
+			isa = PBXGroup;
+			children = (
+				521646531A8993290062516A /* callbacks.h */,
+				521646541A8993290062516A /* certs_test.h */,
+				521646551A8993290062516A /* crl.h */,
+				521646561A8993290062516A /* error-ssl.h */,
+				521646571A8993290062516A /* internal.h */,
+				521646581A8993290062516A /* ocsp.h */,
+				5216465B1A8993290062516A /* ssl.h */,
+				5216465C1A8993290062516A /* test.h */,
+				5216465D1A8993290062516A /* version.h */,
+			);
+			name = wolfSSL;
+			sourceTree = SOURCE_ROOT;
+		};
+		521645FB1A8991990062516A /* Source */ = {
+			isa = PBXGroup;
+			children = (
+				521646001A89924A0062516A /* wolfSSL */,
+				521645FF1A8992470062516A /* wolfCrypt */,
+			);
+			name = Source;
+			sourceTree = SOURCE_ROOT;
+		};
+		521645FF1A8992470062516A /* wolfCrypt */ = {
+			isa = PBXGroup;
+			children = (
+				521646111A8992CC0062516A /* aes.c */,
+				521646121A8992CC0062516A /* arc4.c */,
+				521646131A8992CC0062516A /* asn.c */,
+				521646141A8992CC0062516A /* blake2b.c */,
+				521646151A8992CC0062516A /* camellia.c */,
+				521646161A8992CC0062516A /* chacha.c */,
+				521646171A8992CC0062516A /* coding.c */,
+				521646181A8992CC0062516A /* des3.c */,
+				521646191A8992CC0062516A /* dh.c */,
+				5216461A1A8992CC0062516A /* dsa.c */,
+				5216461B1A8992CC0062516A /* ecc.c */,
+				5216461C1A8992CC0062516A /* error.c */,
+				5216461D1A8992CC0062516A /* hc128.c */,
+				5216461E1A8992CC0062516A /* hmac.c */,
+				5216461F1A8992CC0062516A /* integer.c */,
+				521646201A8992CC0062516A /* logging.c */,
+				521646211A8992CC0062516A /* md2.c */,
+				521646221A8992CC0062516A /* md4.c */,
+				521646231A8992CC0062516A /* md5.c */,
+				521646241A8992CC0062516A /* memory.c */,
+				521646251A8992CC0062516A /* misc.c */,
+				521646261A8992CC0062516A /* pkcs7.c */,
+				521646271A8992CC0062516A /* poly1305.c */,
+				521646281A8992CC0062516A /* pwdbased.c */,
+				521646291A8992CC0062516A /* rabbit.c */,
+				5216462A1A8992CC0062516A /* random.c */,
+				5216462B1A8992CC0062516A /* ripemd.c */,
+				5216462C1A8992CC0062516A /* rsa.c */,
+				5216462D1A8992CC0062516A /* sha.c */,
+				5216462E1A8992CC0062516A /* sha256.c */,
+				5216462F1A8992CC0062516A /* sha512.c */,
+				521646301A8992CC0062516A /* tfm.c */,
+				521646311A8992CC0062516A /* wc_port.c */,
+			);
+			name = wolfCrypt;
+			sourceTree = SOURCE_ROOT;
+		};
+		521646001A89924A0062516A /* wolfSSL */ = {
+			isa = PBXGroup;
+			children = (
+				521646011A89928E0062516A /* crl.c */,
+				521646021A89928E0062516A /* internal.c */,
+				521646031A89928E0062516A /* io.c */,
+				521646041A89928E0062516A /* keys.c */,
+				521646051A89928E0062516A /* ocsp.c */,
+				521646061A89928E0062516A /* sniffer.c */,
+				521646071A89928E0062516A /* ssl.c */,
+				521646081A89928E0062516A /* tls.c */,
+			);
+			name = wolfSSL;
+			sourceTree = SOURCE_ROOT;
+		};
+		52B1344416F3C9E800C07B32 = {
+			isa = PBXGroup;
+			children = (
+				521645FB1A8991990062516A /* Source */,
+				521645391A898E7B0062516A /* Headers */,
+				52B1344E16F3C9E800C07B32 /* Products */,
+			);
+			sourceTree = "";
+		};
+		52B1344E16F3C9E800C07B32 /* Products */ = {
+			isa = PBXGroup;
+			children = (
+				52B1344D16F3C9E800C07B32 /* libwolfssl.a */,
+			);
+			name = Products;
+			sourceTree = "";
+		};
+/* End PBXGroup section */
+
+/* Begin PBXNativeTarget section */
+		52B1344C16F3C9E800C07B32 /* wolfssl */ = {
+			isa = PBXNativeTarget;
+			buildConfigurationList = 52B1347216F3C9E800C07B32 /* Build configuration list for PBXNativeTarget "wolfssl" */;
+			buildPhases = (
+				52B1344916F3C9E800C07B32 /* Sources */,
+				52B1344A16F3C9E800C07B32 /* Frameworks */,
+				52B1344B16F3C9E800C07B32 /* CopyFiles */,
+				521646C11A8A7B380062516A /* CopyFiles */,
+				521646C21A8A7B3B0062516A /* CopyFiles */,
+				521646C31A8A7B3D0062516A /* CopyFiles */,
+			);
+			buildRules = (
+			);
+			dependencies = (
+			);
+			name = wolfssl;
+			productName = "wolfssl-ios";
+			productReference = 52B1344D16F3C9E800C07B32 /* libwolfssl.a */;
+			productType = "com.apple.product-type.library.static";
+		};
+/* End PBXNativeTarget section */
+
+/* Begin PBXProject section */
+		52B1344516F3C9E800C07B32 /* Project object */ = {
+			isa = PBXProject;
+			attributes = {
+				LastUpgradeCheck = 0460;
+				ORGANIZATIONNAME = "wolfSSL Inc";
+			};
+			buildConfigurationList = 52B1344816F3C9E800C07B32 /* Build configuration list for PBXProject "wolfssl" */;
+			compatibilityVersion = "Xcode 3.2";
+			developmentRegion = English;
+			hasScannedForEncodings = 0;
+			knownRegions = (
+				en,
+			);
+			mainGroup = 52B1344416F3C9E800C07B32;
+			productRefGroup = 52B1344E16F3C9E800C07B32 /* Products */;
+			projectDirPath = "";
+			projectRoot = "";
+			targets = (
+				52B1344C16F3C9E800C07B32 /* wolfssl */,
+			);
+		};
+/* End PBXProject section */
+
+/* Begin PBXSourcesBuildPhase section */
+		52B1344916F3C9E800C07B32 /* Sources */ = {
+			isa = PBXSourcesBuildPhase;
+			buildActionMask = 2147483647;
+			files = (
+				5216463B1A8992CC0062516A /* dsa.c in Sources */,
+				521646411A8992CC0062516A /* logging.c in Sources */,
+				5216464E1A8992CC0062516A /* sha.c in Sources */,
+				521646481A8992CC0062516A /* poly1305.c in Sources */,
+				5216463A1A8992CC0062516A /* dh.c in Sources */,
+				521646361A8992CC0062516A /* camellia.c in Sources */,
+				521646521A8992CC0062516A /* wc_port.c in Sources */,
+				521646491A8992CC0062516A /* pwdbased.c in Sources */,
+				521646461A8992CC0062516A /* misc.c in Sources */,
+				5216463E1A8992CC0062516A /* hc128.c in Sources */,
+				521646341A8992CC0062516A /* asn.c in Sources */,
+				521646501A8992CC0062516A /* sha512.c in Sources */,
+				5216464A1A8992CC0062516A /* rabbit.c in Sources */,
+				521646441A8992CC0062516A /* md5.c in Sources */,
+				5216460F1A89928E0062516A /* ssl.c in Sources */,
+				5216464D1A8992CC0062516A /* rsa.c in Sources */,
+				5216464B1A8992CC0062516A /* random.c in Sources */,
+				521646101A89928E0062516A /* tls.c in Sources */,
+				5216460D1A89928E0062516A /* ocsp.c in Sources */,
+				521646431A8992CC0062516A /* md4.c in Sources */,
+				521646321A8992CC0062516A /* aes.c in Sources */,
+				521646391A8992CC0062516A /* des3.c in Sources */,
+				521646351A8992CC0062516A /* blake2b.c in Sources */,
+				5216464C1A8992CC0062516A /* ripemd.c in Sources */,
+				521646451A8992CC0062516A /* memory.c in Sources */,
+				5216463C1A8992CC0062516A /* ecc.c in Sources */,
+				5216464F1A8992CC0062516A /* sha256.c in Sources */,
+				521646371A8992CC0062516A /* chacha.c in Sources */,
+				521646471A8992CC0062516A /* pkcs7.c in Sources */,
+				5216460E1A89928E0062516A /* sniffer.c in Sources */,
+				521646421A8992CC0062516A /* md2.c in Sources */,
+				521646381A8992CC0062516A /* coding.c in Sources */,
+				5216463D1A8992CC0062516A /* error.c in Sources */,
+				5216463F1A8992CC0062516A /* hmac.c in Sources */,
+				521646331A8992CC0062516A /* arc4.c in Sources */,
+				521646401A8992CC0062516A /* integer.c in Sources */,
+				5216460A1A89928E0062516A /* internal.c in Sources */,
+				5216460B1A89928E0062516A /* io.c in Sources */,
+				521646511A8992CC0062516A /* tfm.c in Sources */,
+				521646091A89928E0062516A /* crl.c in Sources */,
+				5216460C1A89928E0062516A /* keys.c in Sources */,
+			);
+			runOnlyForDeploymentPostprocessing = 0;
+		};
+/* End PBXSourcesBuildPhase section */
+
+/* Begin XCBuildConfiguration section */
+		52B1347016F3C9E800C07B32 /* Debug */ = {
+			isa = XCBuildConfiguration;
+			buildSettings = {
+				ALWAYS_SEARCH_USER_PATHS = NO;
+				CLANG_CXX_LANGUAGE_STANDARD = "gnu++0x";
+				CLANG_CXX_LIBRARY = "libc++";
+				CLANG_WARN_CONSTANT_CONVERSION = YES;
+				CLANG_WARN_EMPTY_BODY = YES;
+				CLANG_WARN_ENUM_CONVERSION = YES;
+				CLANG_WARN_INT_CONVERSION = YES;
+				CLANG_WARN__DUPLICATE_METHOD_MATCH = YES;
+				COPY_PHASE_STRIP = NO;
+				GCC_C_LANGUAGE_STANDARD = gnu99;
+				GCC_DYNAMIC_NO_PIC = NO;
+				GCC_OPTIMIZATION_LEVEL = 0;
+				GCC_PREPROCESSOR_DEFINITIONS = (
+					"DEBUG=1",
+					"$(inherited)",
+				);
+				GCC_SYMBOLS_PRIVATE_EXTERN = NO;
+				GCC_WARN_ABOUT_RETURN_TYPE = YES;
+				GCC_WARN_UNINITIALIZED_AUTOS = YES;
+				GCC_WARN_UNUSED_VARIABLE = YES;
+				IPHONEOS_DEPLOYMENT_TARGET = 6.1;
+				ONLY_ACTIVE_ARCH = YES;
+				SDKROOT = iphoneos;
+				USER_HEADER_SEARCH_PATHS = "wolfssl/wolfcrypt wolfssl include";
+			};
+			name = Debug;
+		};
+		52B1347116F3C9E800C07B32 /* Release */ = {
+			isa = XCBuildConfiguration;
+			buildSettings = {
+				ALWAYS_SEARCH_USER_PATHS = NO;
+				CLANG_CXX_LANGUAGE_STANDARD = "gnu++0x";
+				CLANG_CXX_LIBRARY = "libc++";
+				CLANG_WARN_CONSTANT_CONVERSION = YES;
+				CLANG_WARN_EMPTY_BODY = YES;
+				CLANG_WARN_ENUM_CONVERSION = YES;
+				CLANG_WARN_INT_CONVERSION = YES;
+				CLANG_WARN__DUPLICATE_METHOD_MATCH = YES;
+				COPY_PHASE_STRIP = YES;
+				GCC_C_LANGUAGE_STANDARD = gnu99;
+				GCC_WARN_ABOUT_RETURN_TYPE = YES;
+				GCC_WARN_UNINITIALIZED_AUTOS = YES;
+				GCC_WARN_UNUSED_VARIABLE = YES;
+				IPHONEOS_DEPLOYMENT_TARGET = 6.1;
+				SDKROOT = iphoneos;
+				USER_HEADER_SEARCH_PATHS = "wolfssl/wolfcrypt wolfssl include";
+				VALIDATE_PRODUCT = NO;
+			};
+			name = Release;
+		};
+		52B1347316F3C9E800C07B32 /* Debug */ = {
+			isa = XCBuildConfiguration;
+			buildSettings = {
+				ALWAYS_SEARCH_USER_PATHS = YES;
+				CLANG_LINK_OBJC_RUNTIME = NO;
+				DSTROOT = /tmp/wolfssl_ios.dst;
+				GCC_PRECOMPILE_PREFIX_HEADER = NO;
+				GCC_PREFIX_HEADER = "";
+				HEADER_SEARCH_PATHS = (
+					$SRCROOT,
+					$PROJECT_DIR/../..,
+				);
+				OTHER_LDFLAGS = "";
+				PRODUCT_NAME = wolfssl;
+				SKIP_INSTALL = YES;
+				TARGETED_DEVICE_FAMILY = "1,2";
+				USER_HEADER_SEARCH_PATHS = "wolfssl/wolfcrypt wolfssl";
+			};
+			name = Debug;
+		};
+		52B1347416F3C9E800C07B32 /* Release */ = {
+			isa = XCBuildConfiguration;
+			buildSettings = {
+				ALWAYS_SEARCH_USER_PATHS = YES;
+				CLANG_LINK_OBJC_RUNTIME = NO;
+				DSTROOT = /tmp/wolfssl_ios.dst;
+				GCC_PRECOMPILE_PREFIX_HEADER = NO;
+				GCC_PREFIX_HEADER = "";
+				HEADER_SEARCH_PATHS = (
+					$SRCROOT,
+					$PROJECT_DIR/../..,
+				);
+				OTHER_LDFLAGS = "";
+				PRODUCT_NAME = wolfssl;
+				SKIP_INSTALL = YES;
+				TARGETED_DEVICE_FAMILY = "1,2";
+				USER_HEADER_SEARCH_PATHS = "wolfssl/wolfcrypt wolfssl";
+			};
+			name = Release;
+		};
+/* End XCBuildConfiguration section */
+
+/* Begin XCConfigurationList section */
+		52B1344816F3C9E800C07B32 /* Build configuration list for PBXProject "wolfssl" */ = {
+			isa = XCConfigurationList;
+			buildConfigurations = (
+				52B1347016F3C9E800C07B32 /* Debug */,
+				52B1347116F3C9E800C07B32 /* Release */,
+			);
+			defaultConfigurationIsVisible = 0;
+			defaultConfigurationName = Release;
+		};
+		52B1347216F3C9E800C07B32 /* Build configuration list for PBXNativeTarget "wolfssl" */ = {
+			isa = XCConfigurationList;
+			buildConfigurations = (
+				52B1347316F3C9E800C07B32 /* Debug */,
+				52B1347416F3C9E800C07B32 /* Release */,
+			);
+			defaultConfigurationIsVisible = 0;
+			defaultConfigurationName = Release;
+		};
+/* End XCConfigurationList section */
+	};
+	rootObject = 52B1344516F3C9E800C07B32 /* Project object */;
+}
diff --git a/3P/wolfssl/LICENSING b/3P/wolfssl/LICENSING
new file mode 100644
index 00000000..e43bb9f3
--- /dev/null
+++ b/3P/wolfssl/LICENSING
@@ -0,0 +1,11 @@
+
+CyaSSL and wolfCrypt are either licensed for use under the GPLv2 or a
+standard commercial license. For our users who cannot use CyaSSL under
+GPLv2, a commercial license to CyaSSL and wolfCrypt is available.
+Please contact wolfSSL Inc. directly at:
+
+Email: licensing@wolfssl.com
+Phone: +1 425 245-8247
+
+More information can be found on the wolfSSL website at www.wolfssl.com.
+
diff --git a/3P/wolfssl/Makefile.am b/3P/wolfssl/Makefile.am
new file mode 100644
index 00000000..43ae1caa
--- /dev/null
+++ b/3P/wolfssl/Makefile.am
@@ -0,0 +1,170 @@
+# includes append to these:
+SUFFIXES =
+TESTS =
+CLEANFILES =
+DISTCLEANFILES =
+bin_PROGRAMS =
+noinst_HEADERS =
+lib_LTLIBRARIES =
+man_MANS =
+noinst_LTLIBRARIES =
+noinst_PROGRAMS =
+include_HEADERS =
+nobase_include_HEADERS =
+check_PROGRAMS =
+EXTRA_HEADERS =
+BUILT_SOURCES=
+EXTRA_DIST=
+dist_doc_DATA=
+
+#includes additional rules from aminclude.am
+@INC_AMINCLUDE@
+DISTCLEANFILES+= aminclude.am
+
+CLEANFILES+= cert.der \
+             cert.pem \
+             certecc.der \
+             certecc.pem \
+             certreq.der \
+             certreq.pem \
+             key.der \
+             key.pem \
+             ntru-cert.der \
+             ntru-cert.pem \
+             ntru-key.raw \
+             othercert.der \
+             othercert.pem \
+             pkcs7cert.der \
+             pkcs7envelopedData.der \
+             pkcs7signedData.der
+
+exampledir = $(docdir)/example
+dist_example_DATA=
+
+ACLOCAL_AMFLAGS= -I m4
+
+EXTRA_DIST+= lib/dummy
+
+EXTRA_DIST+= wolfssl-ntru.vcproj
+EXTRA_DIST+= wolfssl.vcproj
+EXTRA_DIST+= wolfssl.vcxproj
+EXTRA_DIST+= wolfssl-iphone.xcodeproj/project.pbxproj
+EXTRA_DIST+= wolfssl-ios.xcodeproj/project.pbxproj
+EXTRA_DIST+= wolfssl-ntru.sln
+EXTRA_DIST+= wolfssl.sln
+EXTRA_DIST+= wolfssl64.sln
+EXTRA_DIST+= valgrind-error.sh
+EXTRA_DIST+= gencertbuf.pl
+EXTRA_DIST+= IDE 
+EXTRA_DIST+= README.md
+EXTRA_DIST+= LICENSING
+
+include cyassl/include.am
+include wolfssl/include.am
+include certs/include.am
+include certs/1024/include.am
+include certs/crl/include.am
+include doc/include.am
+include swig/include.am
+
+include src/include.am
+include support/include.am
+include wolfcrypt/benchmark/include.am
+include wolfcrypt/src/include.am
+include wolfcrypt/test/include.am
+include examples/client/include.am
+include examples/server/include.am
+include examples/echoclient/include.am
+include examples/echoserver/include.am
+include testsuite/include.am
+include tests/include.am
+include sslSniffer/sslSnifferTest/include.am
+include rpm/include.am
+# TODO: fix, this commented out mqx ones have spaces in file names
+#include mqx/wolfcrypt_test/Sources/include.am
+include mqx/cyassl/include.am
+#include mqx/cyassl_client/Sources/include.am
+include mqx/util_lib/Sources/include.am
+include mplabx/include.am
+include mplabx/wolfcrypt_benchmark.X/nbproject/include.am
+include mplabx/wolfcrypt_test.X/nbproject/include.am
+include mplabx/wolfssl.X/nbproject/include.am
+include mcapi/include.am
+include mcapi/wolfcrypt_mcapi.X/nbproject/include.am
+include mcapi/wolfcrypt_test.X/nbproject/include.am
+include mcapi/wolfssl.X/nbproject/include.am
+include mcapi/zlib.X/nbproject/include.am
+include tirtos/include.am
+
+if USE_VALGRIND
+TESTS_ENVIRONMENT=./valgrind-error.sh
+endif
+
+TEST_EXTENSIONS=.test
+TESTS += $(check_PROGRAMS)
+test: check
+tests/unit.log: testsuite/testsuite.log
+
+DISTCLEANFILES+= cyassl-config
+DISTCLEANFILES+= wolfssl-config
+# fips files shouldn't be left after make distclean
+DISTCLEANFILES+= ctaocrypt/src/fips.c
+DISTCLEANFILES+= ctaocrypt/src/fips_test.c
+
+maintainer-clean-local:
+	-rm Makefile.in
+	-rm aclocal.m4
+	-rm build-aux/compile
+	-rm build-aux/config.guess
+	-rm build-aux/config.sub
+	-rm build-aux/depcomp
+	-rm build-aux/install-sh
+	-rm build-aux/ltmain.sh
+	-rm build-aux/missing
+	-rm cyassl-config
+	-rmdir build-aux
+	-rm configure
+	-rm config.log
+	-rm config.status
+	-rm config.in
+	-rm m4/libtool.m4
+	-rm m4/ltoptions.m4
+	-rm m4/ltsugar.m4
+	-rm m4/ltversion.m4
+	-rm m4/lt~obsolete.m4
+	-rm support/wolfssl.pc
+	find . -type f -name '*~' -exec rm -f '{}' \;
+	-rm -f @PACKAGE@-*.tar.gz
+	-rm -f @PACKAGE@-*.rpm
+
+# !!!! first line of rule has to start with a hard (real) tab, not spaces
+egs:
+	$(MAKE) examples/client/client; \
+	$(MAKE) examples/echoclient/echoclient;\
+	$(MAKE) examples/server/server; \
+	$(MAKE) examples/echoserver/echoserver;
+
+wc_egs:
+	$(MAKE) wolfcrypt/test/testwolfcrypt; \
+	$(MAKE) wolfcrypt/benchmark/benchmark;
+
+install-exec-local:	install-generic-config
+
+install-generic-config:
+	$(mkinstalldirs) $(DESTDIR)$(bindir)
+	$(INSTALL_SCRIPT) @GENERIC_CONFIG@ $(DESTDIR)$(bindir)
+
+uninstall-local:
+	-rm -f $(DESTDIR)$(bindir)/@GENERIC_CONFIG@
+
+merge-clean:
+	@find ./ | $(GREP) \.gcda | xargs rm -f
+	@find ./ | $(GREP) \.gcno | xargs rm -f
+	@find ./ | $(GREP) \.gz | xargs rm -f
+	@find ./ | $(GREP) \.orig | xargs rm -f
+	@find ./ | $(GREP) \.rej | xargs rm -f
+	@find ./ | $(GREP) \.rpm | xargs rm -f
+	@find ./ | $(GREP) \.THIS | xargs rm -f
+	@find ./ | $(GREP) \.OTHER | xargs rm -f
+	@find ./ | $(GREP) \.BASE | xargs rm -f
+	@find ./ | $(GREP) \~$$ | xargs rm -f
diff --git a/3P/wolfssl/Makefile.in b/3P/wolfssl/Makefile.in
new file mode 100644
index 00000000..fd4d86c1
--- /dev/null
+++ b/3P/wolfssl/Makefile.in
@@ -0,0 +1,3341 @@
+# Makefile.in generated by automake 1.14.1 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+# vim:ft=automake
+# All paths should be given relative to the root
+#
+
+# vim:ft=automake
+# All paths should be given relative to the root
+
+# vim:ft=automake
+# All paths should be given relative to the root
+
+# vim:ft=automake
+# All paths should be given relative to the root
+#
+
+# vim:ft=automake
+# All paths should be given relative to the root
+
+# vim:ft=automake
+# All paths should be given relative to the root
+
+# vim:ft=automake
+# All paths should be given relative to the root
+#
+
+# vim:ft=automake
+# All paths should be given relative to the root
+#
+
+# vim:ft=automake
+# All paths should be given relative to the root
+#
+
+# vim:ft=automake
+# included from Top Level Makefile.am
+# All paths should be given relative to the root
+
+# vim:ft=automake
+# All paths should be given relative to the root
+
+# vim:ft=automake
+# included from Top Level Makefile.am
+# All paths should be given relative to the root
+
+# vim:ft=automake
+# All paths should be given relative to the root
+#
+
+# vim:ft=automake
+# All paths should be given relative to the root
+
+# vim:ft=automake
+# All paths should be given relative to the root
+
+# vim:ft=automake
+# All paths should be given relative to the root
+
+# vim:ft=automake
+# All paths should be given relative to the root
+
+# vim:ft=automake
+# included from Top Level Makefile.am
+# All paths should be given relative to the root
+
+# vim:ft=automake
+# included from Top Level Makefile.am
+# All paths should be given relative to the root
+
+# vim:ft=automake
+# included from Top Level Makefile.am
+# All paths should be given relative to the root
+
+# vim:ft=automake
+# included from Top Level Makefile.am
+# All paths should be given relative to the root
+
+# vim:ft=automake
+# included from Top Level Makefile.am
+# All paths should be given relative to the root
+
+# vim:ft=automake
+# included from Top Level Makefile.am
+# All paths should be given relative to the root
+
+# vim:ft=automake
+
+# vim:ft=automake
+# All paths should be given relative to the root
+#
+
+# vim:ft=automake
+# All paths should be given relative to the root
+#
+
+# vim:ft=automake
+# All paths should be given relative to the root
+#
+
+# vim:ft=automake
+# All paths should be given relative to the root
+#
+
+# vim:ft=automake
+# All paths should be given relative to the root
+#
+
+# vim:ft=automake
+# All paths should be given relative to the root
+#
+
+# vim:ft=automake
+# included from Top Level Makefile.am
+# All paths should be given relative to the root
+
+# vim:ft=automake
+# All paths should be given relative to the root
+#
+
+# vim:ft=automake
+# All paths should be given relative to the root
+#
+
+# vim:ft=automake
+# All paths should be given relative to the root
+#
+
+# vim:ft=automake
+# All paths should be given relative to the root
+#
+
+# vim:ft=automake
+# included from Top Level Makefile.am
+# All paths should be given relative to the root
+
+
+
+
+VPATH = @srcdir@
+am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__make_running_with_option = \
+  case $${target_option-} in \
+      ?) ;; \
+      *) echo "am__make_running_with_option: internal error: invalid" \
+              "target option '$${target_option-}' specified" >&2; \
+         exit 1;; \
+  esac; \
+  has_opt=no; \
+  sane_makeflags=$$MAKEFLAGS; \
+  if $(am__is_gnu_make); then \
+    sane_makeflags=$$MFLAGS; \
+  else \
+    case $$MAKEFLAGS in \
+      *\\[\ \	]*) \
+        bs=\\; \
+        sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \
+          | sed "s/$$bs$$bs[$$bs $$bs	]*//g"`;; \
+    esac; \
+  fi; \
+  skip_next=no; \
+  strip_trailopt () \
+  { \
+    flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \
+  }; \
+  for flg in $$sane_makeflags; do \
+    test $$skip_next = yes && { skip_next=no; continue; }; \
+    case $$flg in \
+      *=*|--*) continue;; \
+        -*I) strip_trailopt 'I'; skip_next=yes;; \
+      -*I?*) strip_trailopt 'I';; \
+        -*O) strip_trailopt 'O'; skip_next=yes;; \
+      -*O?*) strip_trailopt 'O';; \
+        -*l) strip_trailopt 'l'; skip_next=yes;; \
+      -*l?*) strip_trailopt 'l';; \
+      -[dEDm]) skip_next=yes;; \
+      -[JT]) skip_next=yes;; \
+    esac; \
+    case $$flg in \
+      *$$target_option*) has_opt=yes; break;; \
+    esac; \
+  done; \
+  test $$has_opt = yes
+am__make_dryrun = (target_option=n; $(am__make_running_with_option))
+am__make_keepgoing = (target_option=k; $(am__make_running_with_option))
+pkgdatadir = $(datadir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkglibexecdir = $(libexecdir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+bin_PROGRAMS =
+noinst_PROGRAMS = wolfcrypt/benchmark/benchmark$(EXEEXT) \
+	wolfcrypt/test/testwolfcrypt$(EXEEXT) $(am__EXEEXT_3) \
+	$(am__EXEEXT_4) $(am__EXEEXT_2)
+check_PROGRAMS = $(am__EXEEXT_1) $(am__EXEEXT_2)
+DIST_COMMON = $(srcdir)/cyassl/include.am \
+	$(srcdir)/cyassl/ctaocrypt/include.am \
+	$(srcdir)/cyassl/openssl/include.am \
+	$(srcdir)/wolfssl/include.am \
+	$(srcdir)/wolfssl/wolfcrypt/include.am \
+	$(srcdir)/wolfssl/openssl/include.am \
+	$(srcdir)/certs/include.am $(srcdir)/certs/1024/include.am \
+	$(srcdir)/certs/crl/include.am $(srcdir)/doc/include.am \
+	$(srcdir)/swig/include.am $(srcdir)/src/include.am \
+	$(srcdir)/support/include.am \
+	$(srcdir)/wolfcrypt/benchmark/include.am \
+	$(srcdir)/wolfcrypt/src/include.am \
+	$(srcdir)/wolfcrypt/test/include.am \
+	$(srcdir)/examples/client/include.am \
+	$(srcdir)/examples/server/include.am \
+	$(srcdir)/examples/echoclient/include.am \
+	$(srcdir)/examples/echoserver/include.am \
+	$(srcdir)/testsuite/include.am $(srcdir)/tests/include.am \
+	$(srcdir)/sslSniffer/sslSnifferTest/include.am \
+	$(srcdir)/rpm/include.am $(srcdir)/mqx/cyassl/include.am \
+	$(srcdir)/mqx/util_lib/Sources/include.am \
+	$(srcdir)/mplabx/include.am \
+	$(srcdir)/mplabx/wolfcrypt_benchmark.X/nbproject/include.am \
+	$(srcdir)/mplabx/wolfcrypt_test.X/nbproject/include.am \
+	$(srcdir)/mplabx/wolfssl.X/nbproject/include.am \
+	$(srcdir)/mcapi/include.am \
+	$(srcdir)/mcapi/wolfcrypt_mcapi.X/nbproject/include.am \
+	$(srcdir)/mcapi/wolfcrypt_test.X/nbproject/include.am \
+	$(srcdir)/mcapi/wolfssl.X/nbproject/include.am \
+	$(srcdir)/mcapi/zlib.X/nbproject/include.am \
+	$(srcdir)/tirtos/include.am $(srcdir)/Makefile.in \
+	$(srcdir)/Makefile.am $(top_srcdir)/configure \
+	$(am__configure_deps) $(srcdir)/config.in $(srcdir)/stamp-h.in \
+	$(top_srcdir)/wolfssl/version.h.in \
+	$(top_srcdir)/wolfssl/options.h.in \
+	$(top_srcdir)/support/wolfssl.pc.in $(top_srcdir)/rpm/spec.in \
+	$(top_srcdir)/build-aux/depcomp $(dist_doc_DATA) \
+	$(dist_example_DATA) $(include_HEADERS) \
+	$(nobase_include_HEADERS) $(am__noinst_HEADERS_DIST) \
+	$(top_srcdir)/build-aux/test-driver AUTHORS COPYING ChangeLog \
+	NEWS README build-aux/compile build-aux/config.guess \
+	build-aux/config.sub build-aux/depcomp build-aux/install-sh \
+	build-aux/missing build-aux/ltmain.sh \
+	$(top_srcdir)/build-aux/compile \
+	$(top_srcdir)/build-aux/config.guess \
+	$(top_srcdir)/build-aux/config.sub \
+	$(top_srcdir)/build-aux/install-sh \
+	$(top_srcdir)/build-aux/ltmain.sh \
+	$(top_srcdir)/build-aux/missing
+
+# fips first  file
+@BUILD_FIPS_TRUE@am__append_1 = ctaocrypt/src/wolfcrypt_first.c \
+@BUILD_FIPS_TRUE@	ctaocrypt/src/hmac.c ctaocrypt/src/random.c \
+@BUILD_FIPS_TRUE@	ctaocrypt/src/sha256.c
+@BUILD_FIPS_TRUE@@BUILD_RSA_TRUE@am__append_2 = ctaocrypt/src/rsa.c
+@BUILD_AES_TRUE@@BUILD_FIPS_TRUE@am__append_3 = ctaocrypt/src/aes.c
+@BUILD_DES3_TRUE@@BUILD_FIPS_TRUE@am__append_4 = ctaocrypt/src/des3.c
+@BUILD_FIPS_TRUE@@BUILD_SHA_TRUE@am__append_5 = ctaocrypt/src/sha.c
+@BUILD_FIPS_TRUE@@BUILD_SHA512_TRUE@am__append_6 = ctaocrypt/src/sha512.c
+
+# fips last file
+@BUILD_FIPS_TRUE@am__append_7 = ctaocrypt/src/fips.c \
+@BUILD_FIPS_TRUE@	ctaocrypt/src/fips_test.c \
+@BUILD_FIPS_TRUE@	ctaocrypt/src/wolfcrypt_last.c
+@BUILD_RSA_TRUE@am__append_8 = wolfcrypt/src/rsa.c
+@BUILD_AES_TRUE@am__append_9 = wolfcrypt/src/aes.c
+@BUILD_DES3_TRUE@am__append_10 = wolfcrypt/src/des3.c
+@BUILD_SHA_TRUE@am__append_11 = wolfcrypt/src/sha.c
+@BUILD_SHA512_TRUE@am__append_12 = wolfcrypt/src/sha512.c
+@BUILD_MEMORY_TRUE@am__append_13 = wolfcrypt/src/memory.c
+@BUILD_DH_TRUE@am__append_14 = wolfcrypt/src/dh.c
+@BUILD_ASN_TRUE@am__append_15 = wolfcrypt/src/asn.c
+@BUILD_CODING_TRUE@am__append_16 = wolfcrypt/src/coding.c
+@BUILD_POLY1305_TRUE@am__append_17 = wolfcrypt/src/poly1305.c
+@BUILD_RC4_TRUE@am__append_18 = wolfcrypt/src/arc4.c
+@BUILD_MD4_TRUE@am__append_19 = wolfcrypt/src/md4.c
+@BUILD_MD5_TRUE@am__append_20 = wolfcrypt/src/md5.c
+@BUILD_PWDBASED_TRUE@am__append_21 = wolfcrypt/src/pwdbased.c
+@BUILD_DSA_TRUE@am__append_22 = wolfcrypt/src/dsa.c
+@BUILD_AESNI_TRUE@am__append_23 = wolfcrypt/src/aes_asm.s
+@BUILD_CAMELLIA_TRUE@am__append_24 = wolfcrypt/src/camellia.c
+@BUILD_MD2_TRUE@am__append_25 = wolfcrypt/src/md2.c
+@BUILD_RIPEMD_TRUE@am__append_26 = wolfcrypt/src/ripemd.c
+@BUILD_BLAKE2_TRUE@am__append_27 = wolfcrypt/src/blake2b.c
+@BUILD_HC128_TRUE@am__append_28 = wolfcrypt/src/hc128.c
+@BUILD_RABBIT_TRUE@am__append_29 = wolfcrypt/src/rabbit.c
+@BUILD_CHACHA_TRUE@am__append_30 = wolfcrypt/src/chacha.c
+@BUILD_INLINE_FALSE@am__append_31 = wolfcrypt/src/misc.c
+@BUILD_FASTMATH_TRUE@am__append_32 = wolfcrypt/src/tfm.c
+@BUILD_SLOWMATH_TRUE@am__append_33 = wolfcrypt/src/integer.c
+@BUILD_ECC_TRUE@am__append_34 = wolfcrypt/src/ecc.c
+@BUILD_ECC25519_TRUE@am__append_35 = wolfcrypt/src/ecc25519.c \
+@BUILD_ECC25519_TRUE@	wolfcrypt/src/ecc25519_fe.c
+@BUILD_LIBZ_TRUE@am__append_36 = wolfcrypt/src/compress.c
+@BUILD_PKCS7_TRUE@am__append_37 = wolfcrypt/src/pkcs7.c
+@BUILD_OCSP_TRUE@am__append_38 = src/ocsp.c
+@BUILD_CRL_TRUE@am__append_39 = src/crl.c
+@BUILD_SNIFFER_TRUE@am__append_40 = src/sniffer.c
+@BUILD_EXAMPLES_TRUE@am__append_41 = examples/client/client \
+@BUILD_EXAMPLES_TRUE@	examples/server/server \
+@BUILD_EXAMPLES_TRUE@	examples/echoclient/echoclient \
+@BUILD_EXAMPLES_TRUE@	examples/echoserver/echoserver \
+@BUILD_EXAMPLES_TRUE@	testsuite/testsuite.test tests/unit.test
+@BUILD_EXAMPLES_TRUE@am__append_42 = examples/client/client.h \
+@BUILD_EXAMPLES_TRUE@	examples/server/server.h \
+@BUILD_EXAMPLES_TRUE@	examples/echoclient/echoclient.h \
+@BUILD_EXAMPLES_TRUE@	examples/echoserver/echoserver.h
+@BUILD_EXAMPLES_TRUE@am__append_43 = testsuite/testsuite.test \
+@BUILD_EXAMPLES_TRUE@	tests/unit.test
+@BUILD_SNIFFTEST_TRUE@am__append_44 = sslSniffer/sslSnifferTest/snifftest
+@BUILD_MCAPI_TRUE@am__append_45 = mcapi/test
+@BUILD_MCAPI_TRUE@am__append_46 = mcapi/test 
+subdir = .
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/m4/ax_add_am_macro.m4 \
+	$(top_srcdir)/m4/ax_am_jobserver.m4 \
+	$(top_srcdir)/m4/ax_am_macros.m4 \
+	$(top_srcdir)/m4/ax_append_compile_flags.m4 \
+	$(top_srcdir)/m4/ax_append_flag.m4 \
+	$(top_srcdir)/m4/ax_append_to_file.m4 \
+	$(top_srcdir)/m4/ax_check_compile_flag.m4 \
+	$(top_srcdir)/m4/ax_check_link_flag.m4 \
+	$(top_srcdir)/m4/ax_count_cpus.m4 \
+	$(top_srcdir)/m4/ax_create_generic_config.m4 \
+	$(top_srcdir)/m4/ax_debug.m4 \
+	$(top_srcdir)/m4/ax_file_escapes.m4 \
+	$(top_srcdir)/m4/ax_harden_compiler_flags.m4 \
+	$(top_srcdir)/m4/ax_print_to_file.m4 \
+	$(top_srcdir)/m4/ax_pthread.m4 $(top_srcdir)/m4/ax_tls.m4 \
+	$(top_srcdir)/m4/ax_vcs_checkout.m4 \
+	$(top_srcdir)/m4/hexversion.m4 \
+	$(top_srcdir)/m4/lib_socket_nsl.m4 $(top_srcdir)/m4/libtool.m4 \
+	$(top_srcdir)/m4/ltoptions.m4 $(top_srcdir)/m4/ltsugar.m4 \
+	$(top_srcdir)/m4/ltversion.m4 $(top_srcdir)/m4/lt~obsolete.m4 \
+	$(top_srcdir)/m4/visibility.m4 \
+	$(top_srcdir)/m4/wolfssl_darwin_clang.m4 \
+	$(top_srcdir)/configure.ac
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+	$(ACLOCAL_M4)
+am__CONFIG_DISTCLEAN_FILES = config.status config.cache config.log \
+ configure.lineno config.status.lineno
+mkinstalldirs = $(install_sh) -d
+CONFIG_HEADER = config.h
+CONFIG_CLEAN_FILES = stamp-h wolfssl/version.h wolfssl/options.h \
+	support/wolfssl.pc rpm/spec
+CONFIG_CLEAN_VPATH_FILES =
+am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
+am__vpath_adj = case $$p in \
+    $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \
+    *) f=$$p;; \
+  esac;
+am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`;
+am__install_max = 40
+am__nobase_strip_setup = \
+  srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'`
+am__nobase_strip = \
+  for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||"
+am__nobase_list = $(am__nobase_strip_setup); \
+  for p in $$list; do echo "$$p $$p"; done | \
+  sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \
+  $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \
+    if (++n[$$2] == $(am__install_max)) \
+      { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \
+    END { for (dir in files) print dir, files[dir] }'
+am__base_list = \
+  sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
+  sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
+am__uninstall_files_from_dir = { \
+  test -z "$$files" \
+    || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \
+    || { echo " ( cd '$$dir' && rm -f" $$files ")"; \
+         $(am__cd) "$$dir" && rm -f $$files; }; \
+  }
+am__installdirs = "$(DESTDIR)$(libdir)" "$(DESTDIR)$(bindir)" \
+	"$(DESTDIR)$(docdir)" "$(DESTDIR)$(exampledir)" \
+	"$(DESTDIR)$(pkgconfigdir)" "$(DESTDIR)$(includedir)" \
+	"$(DESTDIR)$(includedir)"
+LTLIBRARIES = $(lib_LTLIBRARIES) $(noinst_LTLIBRARIES)
+am__DEPENDENCIES_1 =
+src_libwolfssl_la_DEPENDENCIES = $(am__DEPENDENCIES_1)
+am__src_libwolfssl_la_SOURCES_DIST = ctaocrypt/src/wolfcrypt_first.c \
+	ctaocrypt/src/hmac.c ctaocrypt/src/random.c \
+	ctaocrypt/src/sha256.c ctaocrypt/src/rsa.c ctaocrypt/src/aes.c \
+	ctaocrypt/src/des3.c ctaocrypt/src/sha.c \
+	ctaocrypt/src/sha512.c ctaocrypt/src/fips.c \
+	ctaocrypt/src/fips_test.c ctaocrypt/src/wolfcrypt_last.c \
+	wolfcrypt/src/hmac.c wolfcrypt/src/random.c \
+	wolfcrypt/src/sha256.c wolfcrypt/src/rsa.c wolfcrypt/src/aes.c \
+	wolfcrypt/src/des3.c wolfcrypt/src/sha.c \
+	wolfcrypt/src/sha512.c wolfcrypt/src/logging.c \
+	wolfcrypt/src/wc_port.c wolfcrypt/src/error.c \
+	wolfcrypt/src/memory.c wolfcrypt/src/dh.c wolfcrypt/src/asn.c \
+	wolfcrypt/src/coding.c wolfcrypt/src/poly1305.c \
+	wolfcrypt/src/arc4.c wolfcrypt/src/md4.c wolfcrypt/src/md5.c \
+	wolfcrypt/src/pwdbased.c wolfcrypt/src/dsa.c \
+	wolfcrypt/src/aes_asm.s wolfcrypt/src/camellia.c \
+	wolfcrypt/src/md2.c wolfcrypt/src/ripemd.c \
+	wolfcrypt/src/blake2b.c wolfcrypt/src/hc128.c \
+	wolfcrypt/src/rabbit.c wolfcrypt/src/chacha.c \
+	wolfcrypt/src/misc.c wolfcrypt/src/tfm.c \
+	wolfcrypt/src/integer.c wolfcrypt/src/ecc.c \
+	wolfcrypt/src/ecc25519.c wolfcrypt/src/ecc25519_fe.c \
+	wolfcrypt/src/compress.c wolfcrypt/src/pkcs7.c src/internal.c \
+	src/io.c src/keys.c src/ssl.c src/tls.c src/ocsp.c src/crl.c \
+	src/sniffer.c
+am__dirstamp = $(am__leading_dot)dirstamp
+@BUILD_FIPS_TRUE@am__objects_1 = ctaocrypt/src/src_libwolfssl_la-wolfcrypt_first.lo \
+@BUILD_FIPS_TRUE@	ctaocrypt/src/src_libwolfssl_la-hmac.lo \
+@BUILD_FIPS_TRUE@	ctaocrypt/src/src_libwolfssl_la-random.lo \
+@BUILD_FIPS_TRUE@	ctaocrypt/src/src_libwolfssl_la-sha256.lo
+@BUILD_FIPS_TRUE@@BUILD_RSA_TRUE@am__objects_2 = ctaocrypt/src/src_libwolfssl_la-rsa.lo
+@BUILD_AES_TRUE@@BUILD_FIPS_TRUE@am__objects_3 = ctaocrypt/src/src_libwolfssl_la-aes.lo
+@BUILD_DES3_TRUE@@BUILD_FIPS_TRUE@am__objects_4 = ctaocrypt/src/src_libwolfssl_la-des3.lo
+@BUILD_FIPS_TRUE@@BUILD_SHA_TRUE@am__objects_5 = ctaocrypt/src/src_libwolfssl_la-sha.lo
+@BUILD_FIPS_TRUE@@BUILD_SHA512_TRUE@am__objects_6 = ctaocrypt/src/src_libwolfssl_la-sha512.lo
+@BUILD_FIPS_TRUE@am__objects_7 =  \
+@BUILD_FIPS_TRUE@	ctaocrypt/src/src_libwolfssl_la-fips.lo \
+@BUILD_FIPS_TRUE@	ctaocrypt/src/src_libwolfssl_la-fips_test.lo \
+@BUILD_FIPS_TRUE@	ctaocrypt/src/src_libwolfssl_la-wolfcrypt_last.lo
+@BUILD_RSA_TRUE@am__objects_8 =  \
+@BUILD_RSA_TRUE@	wolfcrypt/src/src_libwolfssl_la-rsa.lo
+@BUILD_AES_TRUE@am__objects_9 =  \
+@BUILD_AES_TRUE@	wolfcrypt/src/src_libwolfssl_la-aes.lo
+@BUILD_DES3_TRUE@am__objects_10 =  \
+@BUILD_DES3_TRUE@	wolfcrypt/src/src_libwolfssl_la-des3.lo
+@BUILD_SHA_TRUE@am__objects_11 =  \
+@BUILD_SHA_TRUE@	wolfcrypt/src/src_libwolfssl_la-sha.lo
+@BUILD_SHA512_TRUE@am__objects_12 =  \
+@BUILD_SHA512_TRUE@	wolfcrypt/src/src_libwolfssl_la-sha512.lo
+@BUILD_MEMORY_TRUE@am__objects_13 =  \
+@BUILD_MEMORY_TRUE@	wolfcrypt/src/src_libwolfssl_la-memory.lo
+@BUILD_DH_TRUE@am__objects_14 = wolfcrypt/src/src_libwolfssl_la-dh.lo
+@BUILD_ASN_TRUE@am__objects_15 =  \
+@BUILD_ASN_TRUE@	wolfcrypt/src/src_libwolfssl_la-asn.lo
+@BUILD_CODING_TRUE@am__objects_16 =  \
+@BUILD_CODING_TRUE@	wolfcrypt/src/src_libwolfssl_la-coding.lo
+@BUILD_POLY1305_TRUE@am__objects_17 = wolfcrypt/src/src_libwolfssl_la-poly1305.lo
+@BUILD_RC4_TRUE@am__objects_18 =  \
+@BUILD_RC4_TRUE@	wolfcrypt/src/src_libwolfssl_la-arc4.lo
+@BUILD_MD4_TRUE@am__objects_19 =  \
+@BUILD_MD4_TRUE@	wolfcrypt/src/src_libwolfssl_la-md4.lo
+@BUILD_MD5_TRUE@am__objects_20 =  \
+@BUILD_MD5_TRUE@	wolfcrypt/src/src_libwolfssl_la-md5.lo
+@BUILD_PWDBASED_TRUE@am__objects_21 = wolfcrypt/src/src_libwolfssl_la-pwdbased.lo
+@BUILD_DSA_TRUE@am__objects_22 =  \
+@BUILD_DSA_TRUE@	wolfcrypt/src/src_libwolfssl_la-dsa.lo
+@BUILD_AESNI_TRUE@am__objects_23 = wolfcrypt/src/aes_asm.lo
+@BUILD_CAMELLIA_TRUE@am__objects_24 = wolfcrypt/src/src_libwolfssl_la-camellia.lo
+@BUILD_MD2_TRUE@am__objects_25 =  \
+@BUILD_MD2_TRUE@	wolfcrypt/src/src_libwolfssl_la-md2.lo
+@BUILD_RIPEMD_TRUE@am__objects_26 =  \
+@BUILD_RIPEMD_TRUE@	wolfcrypt/src/src_libwolfssl_la-ripemd.lo
+@BUILD_BLAKE2_TRUE@am__objects_27 =  \
+@BUILD_BLAKE2_TRUE@	wolfcrypt/src/src_libwolfssl_la-blake2b.lo
+@BUILD_HC128_TRUE@am__objects_28 =  \
+@BUILD_HC128_TRUE@	wolfcrypt/src/src_libwolfssl_la-hc128.lo
+@BUILD_RABBIT_TRUE@am__objects_29 =  \
+@BUILD_RABBIT_TRUE@	wolfcrypt/src/src_libwolfssl_la-rabbit.lo
+@BUILD_CHACHA_TRUE@am__objects_30 =  \
+@BUILD_CHACHA_TRUE@	wolfcrypt/src/src_libwolfssl_la-chacha.lo
+@BUILD_INLINE_FALSE@am__objects_31 =  \
+@BUILD_INLINE_FALSE@	wolfcrypt/src/src_libwolfssl_la-misc.lo
+@BUILD_FASTMATH_TRUE@am__objects_32 =  \
+@BUILD_FASTMATH_TRUE@	wolfcrypt/src/src_libwolfssl_la-tfm.lo
+@BUILD_SLOWMATH_TRUE@am__objects_33 = wolfcrypt/src/src_libwolfssl_la-integer.lo
+@BUILD_ECC_TRUE@am__objects_34 =  \
+@BUILD_ECC_TRUE@	wolfcrypt/src/src_libwolfssl_la-ecc.lo
+@BUILD_ECC25519_TRUE@am__objects_35 = wolfcrypt/src/src_libwolfssl_la-ecc25519.lo \
+@BUILD_ECC25519_TRUE@	wolfcrypt/src/src_libwolfssl_la-ecc25519_fe.lo
+@BUILD_LIBZ_TRUE@am__objects_36 =  \
+@BUILD_LIBZ_TRUE@	wolfcrypt/src/src_libwolfssl_la-compress.lo
+@BUILD_PKCS7_TRUE@am__objects_37 =  \
+@BUILD_PKCS7_TRUE@	wolfcrypt/src/src_libwolfssl_la-pkcs7.lo
+@BUILD_OCSP_TRUE@am__objects_38 = src/src_libwolfssl_la-ocsp.lo
+@BUILD_CRL_TRUE@am__objects_39 = src/src_libwolfssl_la-crl.lo
+@BUILD_SNIFFER_TRUE@am__objects_40 = src/src_libwolfssl_la-sniffer.lo
+am_src_libwolfssl_la_OBJECTS = $(am__objects_1) $(am__objects_2) \
+	$(am__objects_3) $(am__objects_4) $(am__objects_5) \
+	$(am__objects_6) $(am__objects_7) \
+	wolfcrypt/src/src_libwolfssl_la-hmac.lo \
+	wolfcrypt/src/src_libwolfssl_la-random.lo \
+	wolfcrypt/src/src_libwolfssl_la-sha256.lo $(am__objects_8) \
+	$(am__objects_9) $(am__objects_10) $(am__objects_11) \
+	$(am__objects_12) wolfcrypt/src/src_libwolfssl_la-logging.lo \
+	wolfcrypt/src/src_libwolfssl_la-wc_port.lo \
+	wolfcrypt/src/src_libwolfssl_la-error.lo $(am__objects_13) \
+	$(am__objects_14) $(am__objects_15) $(am__objects_16) \
+	$(am__objects_17) $(am__objects_18) $(am__objects_19) \
+	$(am__objects_20) $(am__objects_21) $(am__objects_22) \
+	$(am__objects_23) $(am__objects_24) $(am__objects_25) \
+	$(am__objects_26) $(am__objects_27) $(am__objects_28) \
+	$(am__objects_29) $(am__objects_30) $(am__objects_31) \
+	$(am__objects_32) $(am__objects_33) $(am__objects_34) \
+	$(am__objects_35) $(am__objects_36) $(am__objects_37) \
+	src/src_libwolfssl_la-internal.lo src/src_libwolfssl_la-io.lo \
+	src/src_libwolfssl_la-keys.lo src/src_libwolfssl_la-ssl.lo \
+	src/src_libwolfssl_la-tls.lo $(am__objects_38) \
+	$(am__objects_39) $(am__objects_40)
+src_libwolfssl_la_OBJECTS = $(am_src_libwolfssl_la_OBJECTS)
+AM_V_lt = $(am__v_lt_@AM_V@)
+am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@)
+am__v_lt_0 = --silent
+am__v_lt_1 = 
+src_libwolfssl_la_LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC \
+	$(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=link $(CCLD) \
+	$(src_libwolfssl_la_CFLAGS) $(CFLAGS) \
+	$(src_libwolfssl_la_LDFLAGS) $(LDFLAGS) -o $@
+@BUILD_EXAMPLES_TRUE@am__EXEEXT_1 = testsuite/testsuite.test$(EXEEXT) \
+@BUILD_EXAMPLES_TRUE@	tests/unit.test$(EXEEXT)
+@BUILD_MCAPI_TRUE@am__EXEEXT_2 = mcapi/test$(EXEEXT)
+@BUILD_EXAMPLES_TRUE@am__EXEEXT_3 = examples/client/client$(EXEEXT) \
+@BUILD_EXAMPLES_TRUE@	examples/server/server$(EXEEXT) \
+@BUILD_EXAMPLES_TRUE@	examples/echoclient/echoclient$(EXEEXT) \
+@BUILD_EXAMPLES_TRUE@	examples/echoserver/echoserver$(EXEEXT) \
+@BUILD_EXAMPLES_TRUE@	testsuite/testsuite.test$(EXEEXT) \
+@BUILD_EXAMPLES_TRUE@	tests/unit.test$(EXEEXT)
+@BUILD_SNIFFTEST_TRUE@am__EXEEXT_4 = sslSniffer/sslSnifferTest/snifftest$(EXEEXT)
+PROGRAMS = $(bin_PROGRAMS) $(noinst_PROGRAMS)
+am__examples_client_client_SOURCES_DIST = examples/client/client.c
+@BUILD_EXAMPLES_TRUE@am_examples_client_client_OBJECTS =  \
+@BUILD_EXAMPLES_TRUE@	examples/client/client.$(OBJEXT)
+examples_client_client_OBJECTS = $(am_examples_client_client_OBJECTS)
+am__examples_echoclient_echoclient_SOURCES_DIST =  \
+	examples/echoclient/echoclient.c
+@BUILD_EXAMPLES_TRUE@am_examples_echoclient_echoclient_OBJECTS =  \
+@BUILD_EXAMPLES_TRUE@	examples/echoclient/echoclient.$(OBJEXT)
+examples_echoclient_echoclient_OBJECTS =  \
+	$(am_examples_echoclient_echoclient_OBJECTS)
+am__examples_echoserver_echoserver_SOURCES_DIST =  \
+	examples/echoserver/echoserver.c
+@BUILD_EXAMPLES_TRUE@am_examples_echoserver_echoserver_OBJECTS =  \
+@BUILD_EXAMPLES_TRUE@	examples/echoserver/echoserver.$(OBJEXT)
+examples_echoserver_echoserver_OBJECTS =  \
+	$(am_examples_echoserver_echoserver_OBJECTS)
+am__examples_server_server_SOURCES_DIST = examples/server/server.c
+@BUILD_EXAMPLES_TRUE@am_examples_server_server_OBJECTS =  \
+@BUILD_EXAMPLES_TRUE@	examples/server/server.$(OBJEXT)
+examples_server_server_OBJECTS = $(am_examples_server_server_OBJECTS)
+am__mcapi_test_SOURCES_DIST = mcapi/crypto.c mcapi/mcapi_test.c
+@BUILD_MCAPI_TRUE@am_mcapi_test_OBJECTS = mcapi/crypto.$(OBJEXT) \
+@BUILD_MCAPI_TRUE@	mcapi/mcapi_test.$(OBJEXT)
+mcapi_test_OBJECTS = $(am_mcapi_test_OBJECTS)
+am__sslSniffer_sslSnifferTest_snifftest_SOURCES_DIST =  \
+	sslSniffer/sslSnifferTest/snifftest.c
+@BUILD_SNIFFTEST_TRUE@am_sslSniffer_sslSnifferTest_snifftest_OBJECTS = sslSniffer/sslSnifferTest/snifftest.$(OBJEXT)
+sslSniffer_sslSnifferTest_snifftest_OBJECTS =  \
+	$(am_sslSniffer_sslSnifferTest_snifftest_OBJECTS)
+am__tests_unit_test_SOURCES_DIST = tests/unit.c tests/api.c \
+	tests/suites.c tests/hash.c examples/client/client.c \
+	examples/server/server.c
+@BUILD_EXAMPLES_TRUE@am_tests_unit_test_OBJECTS =  \
+@BUILD_EXAMPLES_TRUE@	tests/tests_unit_test-unit.$(OBJEXT) \
+@BUILD_EXAMPLES_TRUE@	tests/tests_unit_test-api.$(OBJEXT) \
+@BUILD_EXAMPLES_TRUE@	tests/tests_unit_test-suites.$(OBJEXT) \
+@BUILD_EXAMPLES_TRUE@	tests/tests_unit_test-hash.$(OBJEXT) \
+@BUILD_EXAMPLES_TRUE@	examples/client/tests_unit_test-client.$(OBJEXT) \
+@BUILD_EXAMPLES_TRUE@	examples/server/tests_unit_test-server.$(OBJEXT)
+tests_unit_test_OBJECTS = $(am_tests_unit_test_OBJECTS)
+tests_unit_test_LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC \
+	$(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=link $(CCLD) \
+	$(tests_unit_test_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) \
+	-o $@
+am__testsuite_testsuite_test_SOURCES_DIST = wolfcrypt/test/test.c \
+	examples/client/client.c examples/echoclient/echoclient.c \
+	examples/echoserver/echoserver.c examples/server/server.c \
+	testsuite/testsuite.c
+@BUILD_EXAMPLES_TRUE@am_testsuite_testsuite_test_OBJECTS = wolfcrypt/test/testsuite_testsuite_test-test.$(OBJEXT) \
+@BUILD_EXAMPLES_TRUE@	examples/client/testsuite_testsuite_test-client.$(OBJEXT) \
+@BUILD_EXAMPLES_TRUE@	examples/echoclient/testsuite_testsuite_test-echoclient.$(OBJEXT) \
+@BUILD_EXAMPLES_TRUE@	examples/echoserver/testsuite_testsuite_test-echoserver.$(OBJEXT) \
+@BUILD_EXAMPLES_TRUE@	examples/server/testsuite_testsuite_test-server.$(OBJEXT) \
+@BUILD_EXAMPLES_TRUE@	testsuite/testsuite_testsuite_test-testsuite.$(OBJEXT)
+testsuite_testsuite_test_OBJECTS =  \
+	$(am_testsuite_testsuite_test_OBJECTS)
+testsuite_testsuite_test_LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC \
+	$(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=link $(CCLD) \
+	$(testsuite_testsuite_test_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \
+	$(LDFLAGS) -o $@
+am_wolfcrypt_benchmark_benchmark_OBJECTS =  \
+	wolfcrypt/benchmark/benchmark.$(OBJEXT)
+wolfcrypt_benchmark_benchmark_OBJECTS =  \
+	$(am_wolfcrypt_benchmark_benchmark_OBJECTS)
+am_wolfcrypt_test_testwolfcrypt_OBJECTS =  \
+	wolfcrypt/test/test.$(OBJEXT)
+wolfcrypt_test_testwolfcrypt_OBJECTS =  \
+	$(am_wolfcrypt_test_testwolfcrypt_OBJECTS)
+AM_V_P = $(am__v_P_@AM_V@)
+am__v_P_ = $(am__v_P_@AM_DEFAULT_V@)
+am__v_P_0 = false
+am__v_P_1 = :
+AM_V_GEN = $(am__v_GEN_@AM_V@)
+am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@)
+am__v_GEN_0 = @echo "  GEN     " $@;
+am__v_GEN_1 = 
+AM_V_at = $(am__v_at_@AM_V@)
+am__v_at_ = $(am__v_at_@AM_DEFAULT_V@)
+am__v_at_0 = @
+am__v_at_1 = 
+DEFAULT_INCLUDES = -I.@am__isrc@
+depcomp = $(SHELL) $(top_srcdir)/build-aux/depcomp
+am__depfiles_maybe = depfiles
+am__mv = mv -f
+COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
+	$(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
+	$(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) \
+	$(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) \
+	$(AM_CFLAGS) $(CFLAGS)
+AM_V_CC = $(am__v_CC_@AM_V@)
+am__v_CC_ = $(am__v_CC_@AM_DEFAULT_V@)
+am__v_CC_0 = @echo "  CC      " $@;
+am__v_CC_1 = 
+CCLD = $(CC)
+LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
+	$(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
+	$(AM_LDFLAGS) $(LDFLAGS) -o $@
+AM_V_CCLD = $(am__v_CCLD_@AM_V@)
+am__v_CCLD_ = $(am__v_CCLD_@AM_DEFAULT_V@)
+am__v_CCLD_0 = @echo "  CCLD    " $@;
+am__v_CCLD_1 = 
+CCASCOMPILE = $(CCAS) $(AM_CCASFLAGS) $(CCASFLAGS)
+LTCCASCOMPILE = $(LIBTOOL) $(AM_V_lt) $(AM_LIBTOOLFLAGS) \
+	$(LIBTOOLFLAGS) --mode=compile $(CCAS) $(AM_CCASFLAGS) \
+	$(CCASFLAGS)
+AM_V_CCAS = $(am__v_CCAS_@AM_V@)
+am__v_CCAS_ = $(am__v_CCAS_@AM_DEFAULT_V@)
+am__v_CCAS_0 = @echo "  CCAS    " $@;
+am__v_CCAS_1 = 
+SOURCES = $(src_libwolfssl_la_SOURCES) \
+	$(examples_client_client_SOURCES) \
+	$(examples_echoclient_echoclient_SOURCES) \
+	$(examples_echoserver_echoserver_SOURCES) \
+	$(examples_server_server_SOURCES) $(mcapi_test_SOURCES) \
+	$(sslSniffer_sslSnifferTest_snifftest_SOURCES) \
+	$(tests_unit_test_SOURCES) $(testsuite_testsuite_test_SOURCES) \
+	$(wolfcrypt_benchmark_benchmark_SOURCES) \
+	$(wolfcrypt_test_testwolfcrypt_SOURCES)
+DIST_SOURCES = $(am__src_libwolfssl_la_SOURCES_DIST) \
+	$(am__examples_client_client_SOURCES_DIST) \
+	$(am__examples_echoclient_echoclient_SOURCES_DIST) \
+	$(am__examples_echoserver_echoserver_SOURCES_DIST) \
+	$(am__examples_server_server_SOURCES_DIST) \
+	$(am__mcapi_test_SOURCES_DIST) \
+	$(am__sslSniffer_sslSnifferTest_snifftest_SOURCES_DIST) \
+	$(am__tests_unit_test_SOURCES_DIST) \
+	$(am__testsuite_testsuite_test_SOURCES_DIST) \
+	$(wolfcrypt_benchmark_benchmark_SOURCES) \
+	$(wolfcrypt_test_testwolfcrypt_SOURCES)
+am__can_run_installinfo = \
+  case $$AM_UPDATE_INFO_DIR in \
+    n|no|NO) false;; \
+    *) (install-info --version) >/dev/null 2>&1;; \
+  esac
+DATA = $(dist_doc_DATA) $(dist_example_DATA) $(pkgconfig_DATA)
+am__noinst_HEADERS_DIST = cyassl/ctaocrypt/port/pic32/pic32mz-crypt.h \
+	cyassl/internal.h wolfssl/wolfcrypt/port/pic32/pic32mz-crypt.h \
+	wolfssl/internal.h wolfcrypt/test/test.h \
+	examples/client/client.h examples/server/server.h \
+	examples/echoclient/echoclient.h \
+	examples/echoserver/echoserver.h mcapi/crypto.h
+HEADERS = $(include_HEADERS) $(nobase_include_HEADERS) \
+	$(noinst_HEADERS)
+am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) \
+	$(LISP)config.in
+# Read a list of newline-separated strings from the standard input,
+# and print each of them once, without duplicates.  Input order is
+# *not* preserved.
+am__uniquify_input = $(AWK) '\
+  BEGIN { nonempty = 0; } \
+  { items[$$0] = 1; nonempty = 1; } \
+  END { if (nonempty) { for (i in items) print i; }; } \
+'
+# Make sure the list of sources is unique.  This is necessary because,
+# e.g., the same source file might be shared among _SOURCES variables
+# for different programs/libraries.
+am__define_uniq_tagged_files = \
+  list='$(am__tagged_files)'; \
+  unique=`for i in $$list; do \
+    if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+  done | $(am__uniquify_input)`
+ETAGS = etags
+CTAGS = ctags
+CSCOPE = cscope
+AM_RECURSIVE_TARGETS = cscope check recheck
+am__tty_colors_dummy = \
+  mgn= red= grn= lgn= blu= brg= std=; \
+  am__color_tests=no
+am__tty_colors = { \
+  $(am__tty_colors_dummy); \
+  if test "X$(AM_COLOR_TESTS)" = Xno; then \
+    am__color_tests=no; \
+  elif test "X$(AM_COLOR_TESTS)" = Xalways; then \
+    am__color_tests=yes; \
+  elif test "X$$TERM" != Xdumb && { test -t 1; } 2>/dev/null; then \
+    am__color_tests=yes; \
+  fi; \
+  if test $$am__color_tests = yes; then \
+    red=''; \
+    grn=''; \
+    lgn=''; \
+    blu=''; \
+    mgn=''; \
+    brg=''; \
+    std=''; \
+  fi; \
+}
+am__recheck_rx = ^[ 	]*:recheck:[ 	]*
+am__global_test_result_rx = ^[ 	]*:global-test-result:[ 	]*
+am__copy_in_global_log_rx = ^[ 	]*:copy-in-global-log:[ 	]*
+# A command that, given a newline-separated list of test names on the
+# standard input, print the name of the tests that are to be re-run
+# upon "make recheck".
+am__list_recheck_tests = $(AWK) '{ \
+  recheck = 1; \
+  while ((rc = (getline line < ($$0 ".trs"))) != 0) \
+    { \
+      if (rc < 0) \
+        { \
+          if ((getline line2 < ($$0 ".log")) < 0) \
+	    recheck = 0; \
+          break; \
+        } \
+      else if (line ~ /$(am__recheck_rx)[nN][Oo]/) \
+        { \
+          recheck = 0; \
+          break; \
+        } \
+      else if (line ~ /$(am__recheck_rx)[yY][eE][sS]/) \
+        { \
+          break; \
+        } \
+    }; \
+  if (recheck) \
+    print $$0; \
+  close ($$0 ".trs"); \
+  close ($$0 ".log"); \
+}'
+# A command that, given a newline-separated list of test names on the
+# standard input, create the global log from their .trs and .log files.
+am__create_global_log = $(AWK) ' \
+function fatal(msg) \
+{ \
+  print "fatal: making $@: " msg | "cat >&2"; \
+  exit 1; \
+} \
+function rst_section(header) \
+{ \
+  print header; \
+  len = length(header); \
+  for (i = 1; i <= len; i = i + 1) \
+    printf "="; \
+  printf "\n\n"; \
+} \
+{ \
+  copy_in_global_log = 1; \
+  global_test_result = "RUN"; \
+  while ((rc = (getline line < ($$0 ".trs"))) != 0) \
+    { \
+      if (rc < 0) \
+         fatal("failed to read from " $$0 ".trs"); \
+      if (line ~ /$(am__global_test_result_rx)/) \
+        { \
+          sub("$(am__global_test_result_rx)", "", line); \
+          sub("[ 	]*$$", "", line); \
+          global_test_result = line; \
+        } \
+      else if (line ~ /$(am__copy_in_global_log_rx)[nN][oO]/) \
+        copy_in_global_log = 0; \
+    }; \
+  if (copy_in_global_log) \
+    { \
+      rst_section(global_test_result ": " $$0); \
+      while ((rc = (getline line < ($$0 ".log"))) != 0) \
+      { \
+        if (rc < 0) \
+          fatal("failed to read from " $$0 ".log"); \
+        print line; \
+      }; \
+      printf "\n"; \
+    }; \
+  close ($$0 ".trs"); \
+  close ($$0 ".log"); \
+}'
+# Restructured Text title.
+am__rst_title = { sed 's/.*/   &   /;h;s/./=/g;p;x;s/ *$$//;p;g' && echo; }
+# Solaris 10 'make', and several other traditional 'make' implementations,
+# pass "-e" to $(SHELL), and POSIX 2008 even requires this.  Work around it
+# by disabling -e (using the XSI extension "set +e") if it's set.
+am__sh_e_setup = case $$- in *e*) set +e;; esac
+# Default flags passed to test drivers.
+am__common_driver_flags = \
+  --color-tests "$$am__color_tests" \
+  --enable-hard-errors "$$am__enable_hard_errors" \
+  --expect-failure "$$am__expect_failure"
+# To be inserted before the command running the test.  Creates the
+# directory for the log if needed.  Stores in $dir the directory
+# containing $f, in $tst the test, in $log the log.  Executes the
+# developer- defined test setup AM_TESTS_ENVIRONMENT (if any), and
+# passes TESTS_ENVIRONMENT.  Set up options for the wrapper that
+# will run the test scripts (or their associated LOG_COMPILER, if
+# thy have one).
+am__check_pre = \
+$(am__sh_e_setup);					\
+$(am__vpath_adj_setup) $(am__vpath_adj)			\
+$(am__tty_colors);					\
+srcdir=$(srcdir); export srcdir;			\
+case "$@" in						\
+  */*) am__odir=`echo "./$@" | sed 's|/[^/]*$$||'`;;	\
+    *) am__odir=.;; 					\
+esac;							\
+test "x$$am__odir" = x"." || test -d "$$am__odir" 	\
+  || $(MKDIR_P) "$$am__odir" || exit $$?;		\
+if test -f "./$$f"; then dir=./;			\
+elif test -f "$$f"; then dir=;				\
+else dir="$(srcdir)/"; fi;				\
+tst=$$dir$$f; log='$@'; 				\
+if test -n '$(DISABLE_HARD_ERRORS)'; then		\
+  am__enable_hard_errors=no; 				\
+else							\
+  am__enable_hard_errors=yes; 				\
+fi; 							\
+case " $(XFAIL_TESTS) " in				\
+  *[\ \	]$$f[\ \	]* | *[\ \	]$$dir$$f[\ \	]*) \
+    am__expect_failure=yes;;				\
+  *)							\
+    am__expect_failure=no;;				\
+esac; 							\
+$(AM_TESTS_ENVIRONMENT) $(TESTS_ENVIRONMENT)
+# A shell command to get the names of the tests scripts with any registered
+# extension removed (i.e., equivalently, the names of the test logs, with
+# the '.log' extension removed).  The result is saved in the shell variable
+# '$bases'.  This honors runtime overriding of TESTS and TEST_LOGS.  Sadly,
+# we cannot use something simpler, involving e.g., "$(TEST_LOGS:.log=)",
+# since that might cause problem with VPATH rewrites for suffix-less tests.
+# See also 'test-harness-vpath-rewrite.sh' and 'test-trs-basic.sh'.
+am__set_TESTS_bases = \
+  bases='$(TEST_LOGS)'; \
+  bases=`for i in $$bases; do echo $$i; done | sed 's/\.log$$//'`; \
+  bases=`echo $$bases`
+RECHECK_LOGS = $(TEST_LOGS)
+TEST_SUITE_LOG = test-suite.log
+LOG_DRIVER = $(SHELL) $(top_srcdir)/build-aux/test-driver
+LOG_COMPILE = $(LOG_COMPILER) $(AM_LOG_FLAGS) $(LOG_FLAGS)
+am__set_b = \
+  case '$@' in \
+    */*) \
+      case '$*' in \
+        */*) b='$*';; \
+          *) b=`echo '$@' | sed 's/\.log$$//'`; \
+       esac;; \
+    *) \
+      b='$*';; \
+  esac
+am__test_logs1 = $(TESTS:=.log)
+am__test_logs2 = $(am__test_logs1:@EXEEXT@.log=.log)
+TEST_LOGS = $(am__test_logs2:.test.log=.log)
+TEST_LOG_DRIVER = $(SHELL) $(top_srcdir)/build-aux/test-driver
+TEST_LOG_COMPILE = $(TEST_LOG_COMPILER) $(AM_TEST_LOG_FLAGS) \
+	$(TEST_LOG_FLAGS)
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+distdir = $(PACKAGE)-$(VERSION)
+top_distdir = $(distdir)
+am__remove_distdir = \
+  if test -d "$(distdir)"; then \
+    find "$(distdir)" -type d ! -perm -200 -exec chmod u+w {} ';' \
+      && rm -rf "$(distdir)" \
+      || { sleep 5 && rm -rf "$(distdir)"; }; \
+  else :; fi
+am__post_remove_distdir = $(am__remove_distdir)
+DIST_ARCHIVES = $(distdir).tar.gz
+GZIP_ENV = --best
+DIST_TARGETS = dist-gzip
+distuninstallcheck_listfiles = find . -type f -print
+am__distuninstallcheck_listfiles = $(distuninstallcheck_listfiles) \
+  | sed 's|^\./|$(prefix)/|' | grep -v '$(infodir)/dir$$'
+distcleancheck_listfiles = find . -type f -print
+ACLOCAL = @ACLOCAL@
+AMINCLUDE = @AMINCLUDE@
+AMTAR = @AMTAR@
+AM_CFLAGS = @AM_CFLAGS@
+AM_CPPFLAGS = @AM_CPPFLAGS@
+AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
+AM_LDFLAGS = @AM_LDFLAGS@
+AR = @AR@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+CC = @CC@
+CCAS = @CCAS@
+CCASDEPMODE = @CCASDEPMODE@
+CCASFLAGS = @CCASFLAGS@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CFLAG_VISIBILITY = @CFLAG_VISIBILITY@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
+CXXDEPMODE = @CXXDEPMODE@
+CXXFLAGS = @CXXFLAGS@
+CYGPATH_W = @CYGPATH_W@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+DLLTOOL = @DLLTOOL@
+DSYMUTIL = @DSYMUTIL@
+DUMPBIN = @DUMPBIN@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+EXEEXT = @EXEEXT@
+FGREP = @FGREP@
+GENERIC_CONFIG = @GENERIC_CONFIG@
+GREP = @GREP@
+HAVE_OPENSSL_CMD = @HAVE_OPENSSL_CMD@
+HAVE_VALGRIND = @HAVE_VALGRIND@
+HAVE_VISIBILITY = @HAVE_VISIBILITY@
+HEX_VERSION = @HEX_VERSION@
+INC_AMINCLUDE = @INC_AMINCLUDE@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+LD = @LD@
+LDFLAGS = @LDFLAGS@
+LIBM = @LIBM@
+LIBOBJS = @LIBOBJS@
+LIBS = @LIBS@
+LIBTOOL = @LIBTOOL@
+LIPO = @LIPO@
+LN_S = @LN_S@
+LTLIBOBJS = @LTLIBOBJS@
+MAKEINFO = @MAKEINFO@
+MANIFEST_TOOL = @MANIFEST_TOOL@
+MCHECK = @MCHECK@
+MKDIR_P = @MKDIR_P@
+NM = @NM@
+NMEDIT = @NMEDIT@
+OBJDUMP = @OBJDUMP@
+OBJEXT = @OBJEXT@
+OTOOL = @OTOOL@
+OTOOL64 = @OTOOL64@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_URL = @PACKAGE_URL@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PTHREAD_CC = @PTHREAD_CC@
+PTHREAD_CFLAGS = @PTHREAD_CFLAGS@
+PTHREAD_LIBS = @PTHREAD_LIBS@
+RANLIB = @RANLIB@
+SED = @SED@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+STRIP = @STRIP@
+VERSION = @VERSION@
+WOLFSSL_LIBRARY_VERSION = @WOLFSSL_LIBRARY_VERSION@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_CXX = @ac_ct_CXX@
+ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+ax_pthread_config = @ax_pthread_config@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pdfdir = @pdfdir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_build_prefix = @top_build_prefix@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+
+# includes append to these:
+SUFFIXES = 
+TESTS = $(check_PROGRAMS)
+CLEANFILES = cert.der cert.pem certecc.der certecc.pem certreq.der \
+	certreq.pem key.der key.pem ntru-cert.der ntru-cert.pem \
+	ntru-key.raw othercert.der othercert.pem pkcs7cert.der \
+	pkcs7envelopedData.der pkcs7signedData.der
+# fips files shouldn't be left after make distclean
+DISTCLEANFILES = aminclude.am wolfcrypt/benchmark/.libs/benchmark \
+	wolfcrypt/test/.libs/testwolfcrypt \
+	examples/client/.libs/client examples/server/.libs/server \
+	examples/echoclient/.libs/echoclient \
+	examples/echoserver/.libs/echoserver \
+	testsuite/.libs/testsuite.test tests/.libs/unit.test \
+	sslSniffer/sslSnifferTest/.libs/snifftest cyassl-config \
+	wolfssl-config ctaocrypt/src/fips.c ctaocrypt/src/fips_test.c
+noinst_HEADERS = cyassl/ctaocrypt/port/pic32/pic32mz-crypt.h \
+	cyassl/internal.h wolfssl/wolfcrypt/port/pic32/pic32mz-crypt.h \
+	wolfssl/internal.h wolfcrypt/test/test.h $(am__append_42) \
+	mcapi/crypto.h
+lib_LTLIBRARIES = src/libwolfssl.la
+man_MANS = 
+noinst_LTLIBRARIES = 
+include_HEADERS = 
+nobase_include_HEADERS = cyassl/ctaocrypt/aes.h \
+	cyassl/ctaocrypt/arc4.h cyassl/ctaocrypt/asn.h \
+	cyassl/ctaocrypt/asn_public.h cyassl/ctaocrypt/poly1305.h \
+	cyassl/ctaocrypt/camellia.h cyassl/ctaocrypt/coding.h \
+	cyassl/ctaocrypt/compress.h cyassl/ctaocrypt/des3.h \
+	cyassl/ctaocrypt/dh.h cyassl/ctaocrypt/dsa.h \
+	cyassl/ctaocrypt/ecc.h cyassl/ctaocrypt/error-crypt.h \
+	cyassl/ctaocrypt/fips_test.h cyassl/ctaocrypt/hc128.h \
+	cyassl/ctaocrypt/hmac.h cyassl/ctaocrypt/integer.h \
+	cyassl/ctaocrypt/md2.h cyassl/ctaocrypt/md4.h \
+	cyassl/ctaocrypt/md5.h cyassl/ctaocrypt/misc.h \
+	cyassl/ctaocrypt/pkcs7.h cyassl/ctaocrypt/wc_port.h \
+	cyassl/ctaocrypt/pwdbased.h cyassl/ctaocrypt/rabbit.h \
+	cyassl/ctaocrypt/chacha.h cyassl/ctaocrypt/random.h \
+	cyassl/ctaocrypt/ripemd.h cyassl/ctaocrypt/rsa.h \
+	cyassl/ctaocrypt/settings.h cyassl/ctaocrypt/settings_comp.h \
+	cyassl/ctaocrypt/sha256.h cyassl/ctaocrypt/sha512.h \
+	cyassl/ctaocrypt/sha.h cyassl/ctaocrypt/blake2.h \
+	cyassl/ctaocrypt/blake2-int.h cyassl/ctaocrypt/blake2-impl.h \
+	cyassl/ctaocrypt/tfm.h cyassl/ctaocrypt/types.h \
+	cyassl/ctaocrypt/visibility.h cyassl/ctaocrypt/logging.h \
+	cyassl/ctaocrypt/memory.h cyassl/ctaocrypt/mpi_class.h \
+	cyassl/ctaocrypt/mpi_superclass.h cyassl/openssl/asn1.h \
+	cyassl/openssl/bio.h cyassl/openssl/bn.h cyassl/openssl/conf.h \
+	cyassl/openssl/crypto.h cyassl/openssl/des.h \
+	cyassl/openssl/dh.h cyassl/openssl/dsa.h \
+	cyassl/openssl/ecdsa.h cyassl/openssl/ec.h \
+	cyassl/openssl/engine.h cyassl/openssl/err.h \
+	cyassl/openssl/evp.h cyassl/openssl/hmac.h \
+	cyassl/openssl/lhash.h cyassl/openssl/md4.h \
+	cyassl/openssl/md5.h cyassl/openssl/ripemd.h \
+	cyassl/openssl/ocsp.h cyassl/openssl/opensslconf.h \
+	cyassl/openssl/opensslv.h cyassl/openssl/ossl_typ.h \
+	cyassl/openssl/pem.h cyassl/openssl/pkcs12.h \
+	cyassl/openssl/rand.h cyassl/openssl/rsa.h \
+	cyassl/openssl/sha.h cyassl/openssl/ssl.h \
+	cyassl/openssl/stack.h cyassl/openssl/ui.h \
+	cyassl/openssl/x509.h cyassl/openssl/x509v3.h \
+	cyassl/error-ssl.h cyassl/ssl.h cyassl/sniffer_error.h \
+	cyassl/sniffer.h cyassl/callbacks.h cyassl/certs_test.h \
+	cyassl/test.h cyassl/version.h cyassl/options.h cyassl/ocsp.h \
+	cyassl/crl.h wolfssl/wolfcrypt/aes.h wolfssl/wolfcrypt/arc4.h \
+	wolfssl/wolfcrypt/asn.h wolfssl/wolfcrypt/asn_public.h \
+	wolfssl/wolfcrypt/poly1305.h wolfssl/wolfcrypt/camellia.h \
+	wolfssl/wolfcrypt/coding.h wolfssl/wolfcrypt/compress.h \
+	wolfssl/wolfcrypt/des3.h wolfssl/wolfcrypt/dh.h \
+	wolfssl/wolfcrypt/dsa.h wolfssl/wolfcrypt/ecc.h \
+	wolfssl/wolfcrypt/ecc25519.h wolfssl/wolfcrypt/ecc25519_fe.h \
+	wolfssl/wolfcrypt/ecc25519_pow225521.h \
+	wolfssl/wolfcrypt/ecc25519_montgomery.h \
+	wolfssl/wolfcrypt/error-crypt.h wolfssl/wolfcrypt/fips_test.h \
+	wolfssl/wolfcrypt/hc128.h wolfssl/wolfcrypt/hmac.h \
+	wolfssl/wolfcrypt/integer.h wolfssl/wolfcrypt/md2.h \
+	wolfssl/wolfcrypt/md4.h wolfssl/wolfcrypt/md5.h \
+	wolfssl/wolfcrypt/misc.h wolfssl/wolfcrypt/pkcs7.h \
+	wolfssl/wolfcrypt/wc_port.h wolfssl/wolfcrypt/pwdbased.h \
+	wolfssl/wolfcrypt/rabbit.h wolfssl/wolfcrypt/chacha.h \
+	wolfssl/wolfcrypt/random.h wolfssl/wolfcrypt/ripemd.h \
+	wolfssl/wolfcrypt/rsa.h wolfssl/wolfcrypt/settings.h \
+	wolfssl/wolfcrypt/sha256.h wolfssl/wolfcrypt/sha512.h \
+	wolfssl/wolfcrypt/sha.h wolfssl/wolfcrypt/blake2.h \
+	wolfssl/wolfcrypt/blake2-int.h wolfssl/wolfcrypt/blake2-impl.h \
+	wolfssl/wolfcrypt/tfm.h wolfssl/wolfcrypt/types.h \
+	wolfssl/wolfcrypt/visibility.h wolfssl/wolfcrypt/logging.h \
+	wolfssl/wolfcrypt/memory.h wolfssl/wolfcrypt/mpi_class.h \
+	wolfssl/wolfcrypt/mpi_superclass.h wolfssl/openssl/asn1.h \
+	wolfssl/openssl/bio.h wolfssl/openssl/bn.h \
+	wolfssl/openssl/conf.h wolfssl/openssl/crypto.h \
+	wolfssl/openssl/des.h wolfssl/openssl/dh.h \
+	wolfssl/openssl/dsa.h wolfssl/openssl/ecdsa.h \
+	wolfssl/openssl/ec.h wolfssl/openssl/engine.h \
+	wolfssl/openssl/err.h wolfssl/openssl/evp.h \
+	wolfssl/openssl/hmac.h wolfssl/openssl/lhash.h \
+	wolfssl/openssl/md4.h wolfssl/openssl/md5.h \
+	wolfssl/openssl/ripemd.h wolfssl/openssl/ocsp.h \
+	wolfssl/openssl/opensslconf.h wolfssl/openssl/opensslv.h \
+	wolfssl/openssl/ossl_typ.h wolfssl/openssl/pem.h \
+	wolfssl/openssl/pkcs12.h wolfssl/openssl/rand.h \
+	wolfssl/openssl/rsa.h wolfssl/openssl/sha.h \
+	wolfssl/openssl/ssl.h wolfssl/openssl/stack.h \
+	wolfssl/openssl/ui.h wolfssl/openssl/x509.h \
+	wolfssl/openssl/x509v3.h wolfssl/error-ssl.h wolfssl/ssl.h \
+	wolfssl/sniffer_error.h wolfssl/sniffer.h wolfssl/callbacks.h \
+	wolfssl/certs_test.h wolfssl/test.h wolfssl/version.h \
+	wolfssl/options.h wolfssl/ocsp.h wolfssl/crl.h
+EXTRA_HEADERS = 
+BUILT_SOURCES = 
+EXTRA_DIST = lib/dummy wolfssl-ntru.vcproj wolfssl.vcproj \
+	wolfssl.vcxproj wolfssl-iphone.xcodeproj/project.pbxproj \
+	wolfssl-ios.xcodeproj/project.pbxproj wolfssl-ntru.sln \
+	wolfssl.sln wolfssl64.sln valgrind-error.sh gencertbuf.pl IDE \
+	README.md LICENSING cyassl/sniffer_error.rc \
+	wolfssl/sniffer_error.rc certs/ca-cert.pem certs/ca-key.pem \
+	certs/client-cert.pem certs/client-keyEnc.pem \
+	certs/client-key.pem certs/ecc-key.pem certs/ecc-key-comp.pem \
+	certs/ecc-keyPkcs8.pem certs/ecc-client-key.pem \
+	certs/client-ecc-cert.pem certs/ntru-cert.pem certs/dh2048.pem \
+	certs/server-cert.pem certs/server-ecc.pem \
+	certs/server-ecc-comp.pem certs/server-ecc-rsa.pem \
+	certs/server-keyEnc.pem certs/server-key.pem \
+	certs/server-keyPkcs8Enc12.pem certs/server-keyPkcs8Enc2.pem \
+	certs/server-keyPkcs8Enc.pem certs/server-keyPkcs8.pem \
+	certs/ca-key.der certs/ca-cert.der certs/client-cert.der \
+	certs/client-key.der certs/dh2048.der certs/rsa2048.der \
+	certs/dsa2048.der certs/ecc-key.der certs/server-key.der \
+	certs/server-cert.der certs/ntru-key.raw \
+	certs/1024/client-cert.pem certs/1024/client-key.pem \
+	certs/1024/dh1024.pem certs/1024/dsa1024.pem \
+	certs/1024/client-cert.der certs/1024/client-key.der \
+	certs/1024/dh1024.der certs/1024/dsa1024.der \
+	certs/1024/rsa1024.der certs/crl/crl.pem certs/crl/cliCrl.pem \
+	certs/crl/eccSrvCRL.pem certs/crl/eccCliCRL.pem \
+	certs/crl/crl.revoked swig/PythonBuild.sh swig/README \
+	swig/wolfssl.i swig/wolfssl_adds.c swig/python_wolfssl.vcproj \
+	swig/rsasign.py swig/runme.py support/wolfssl.pc \
+	wolfcrypt/benchmark/benchmark.sln \
+	wolfcrypt/benchmark/benchmark.vcproj wolfcrypt/src/misc.c \
+	wolfcrypt/src/asm.c wolfcrypt/src/aes_asm.asm \
+	wolfcrypt/src/ecc_fp.c wolfcrypt/src/fp_mont_small.i \
+	wolfcrypt/src/fp_mul_comba_12.i \
+	wolfcrypt/src/fp_mul_comba_17.i \
+	wolfcrypt/src/fp_mul_comba_20.i \
+	wolfcrypt/src/fp_mul_comba_24.i \
+	wolfcrypt/src/fp_mul_comba_28.i \
+	wolfcrypt/src/fp_mul_comba_32.i wolfcrypt/src/fp_mul_comba_3.i \
+	wolfcrypt/src/fp_mul_comba_48.i wolfcrypt/src/fp_mul_comba_4.i \
+	wolfcrypt/src/fp_mul_comba_64.i wolfcrypt/src/fp_mul_comba_6.i \
+	wolfcrypt/src/fp_mul_comba_7.i wolfcrypt/src/fp_mul_comba_8.i \
+	wolfcrypt/src/fp_mul_comba_9.i \
+	wolfcrypt/src/fp_mul_comba_small_set.i \
+	wolfcrypt/src/fp_sqr_comba_12.i \
+	wolfcrypt/src/fp_sqr_comba_17.i \
+	wolfcrypt/src/fp_sqr_comba_20.i \
+	wolfcrypt/src/fp_sqr_comba_24.i \
+	wolfcrypt/src/fp_sqr_comba_28.i \
+	wolfcrypt/src/fp_sqr_comba_32.i wolfcrypt/src/fp_sqr_comba_3.i \
+	wolfcrypt/src/fp_sqr_comba_48.i wolfcrypt/src/fp_sqr_comba_4.i \
+	wolfcrypt/src/fp_sqr_comba_64.i wolfcrypt/src/fp_sqr_comba_6.i \
+	wolfcrypt/src/fp_sqr_comba_7.i wolfcrypt/src/fp_sqr_comba_8.i \
+	wolfcrypt/src/fp_sqr_comba_9.i \
+	wolfcrypt/src/fp_sqr_comba_small_set.i wolfcrypt/test/test.sln \
+	wolfcrypt/test/test.vcproj examples/client/client.sln \
+	examples/client/client-ntru.vcproj \
+	examples/client/client.vcproj examples/client/client.vcxproj \
+	examples/server/server.sln examples/server/server-ntru.vcproj \
+	examples/server/server.vcproj examples/server/server.vcxproj \
+	examples/echoclient/echoclient.sln \
+	examples/echoclient/echoclient-ntru.vcproj \
+	examples/echoclient/echoclient.vcproj \
+	examples/echoclient/echoclient.vcxproj \
+	examples/echoserver/echoserver.sln \
+	examples/echoserver/echoserver-ntru.vcproj \
+	examples/echoserver/echoserver.vcproj \
+	examples/echoserver/echoserver.vcxproj testsuite/testsuite.sln \
+	testsuite/testsuite-ntru.vcproj testsuite/testsuite.vcproj \
+	testsuite/testsuite.vcxproj input quit tests/unit.h \
+	tests/test.conf tests/test-dtls.conf \
+	sslSniffer/sslSniffer.vcproj sslSniffer/sslSniffer.vcxproj \
+	sslSniffer/sslSnifferTest/sslSniffTest.vcproj mqx/README \
+	mqx/cyassl/.cproject mqx/cyassl/.project \
+	mqx/util_lib/.cproject mqx/util_lib/.project \
+	mqx/util_lib/Sources/util.c mqx/util_lib/Sources/util.h \
+	mplabx/PIC32MZ-serial.h mplabx/README mplabx/benchmark_main.c \
+	mplabx/test_main.c mplabx/wolfcrypt_benchmark.X/Makefile \
+	mplabx/wolfcrypt_benchmark.X/nbproject/configurations.xml \
+	mplabx/wolfcrypt_benchmark.X/nbproject/project.xml \
+	mplabx/wolfcrypt_test.X/Makefile \
+	mplabx/wolfcrypt_test.X/nbproject/configurations.xml \
+	mplabx/wolfcrypt_test.X/nbproject/project.xml \
+	mplabx/wolfssl.X/Makefile \
+	mplabx/wolfssl.X/nbproject/configurations.xml \
+	mplabx/wolfssl.X/nbproject/project.xml mcapi/README \
+	mcapi/PIC32MZ-serial.h mcapi/wolfcrypt_mcapi.X/Makefile \
+	mcapi/wolfcrypt_mcapi.X/nbproject/configurations.xml \
+	mcapi/wolfcrypt_mcapi.X/nbproject/project.xml \
+	mcapi/wolfcrypt_test.X/Makefile \
+	mcapi/wolfcrypt_test.X/nbproject/configurations.xml \
+	mcapi/wolfcrypt_test.X/nbproject/project.xml \
+	mcapi/wolfssl.X/Makefile \
+	mcapi/wolfssl.X/nbproject/configurations.xml \
+	mcapi/wolfssl.X/nbproject/project.xml mcapi/zlib.X/Makefile \
+	mcapi/zlib.X/nbproject/configurations.xml \
+	mcapi/zlib.X/nbproject/project.xml tirtos/README \
+	tirtos/wolfssl.bld tirtos/wolfssl.mak \
+	tirtos/packages/ti/net/wolfssl/package.bld \
+	tirtos/packages/ti/net/wolfssl/package.xdc \
+	tirtos/packages/ti/net/wolfssl/package.xs \
+	tirtos/packages/ti/net/wolfssl/tests/wolfcrypt/test/package.bld \
+	tirtos/packages/ti/net/wolfssl/tests/wolfcrypt/test/package.xdc \
+	tirtos/packages/ti/net/wolfssl/tests/wolfcrypt/test/test.cfg \
+	tirtos/packages/ti/net/wolfssl/tests/wolfcrypt/test/TM4C1294NC.icf \
+	tirtos/packages/ti/net/wolfssl/tests/wolfcrypt/test/main.c \
+	tirtos/packages/ti/net/wolfssl/tests/wolfcrypt/benchmark/package.bld \
+	tirtos/packages/ti/net/wolfssl/tests/wolfcrypt/benchmark/package.xdc \
+	tirtos/packages/ti/net/wolfssl/tests/wolfcrypt/benchmark/benchmark.cfg \
+	tirtos/packages/ti/net/wolfssl/tests/wolfcrypt/benchmark/TM4C1294NC.icf \
+	tirtos/packages/ti/net/wolfssl/tests/wolfcrypt/benchmark/main.c
+dist_doc_DATA = certs/taoCert.txt doc/README.txt
+exampledir = $(docdir)/example
+dist_example_DATA = examples/client/client.c examples/server/server.c \
+	examples/echoclient/echoclient.c \
+	examples/echoserver/echoserver.c
+ACLOCAL_AMFLAGS = -I m4
+
+# ssl files
+src_libwolfssl_la_SOURCES = $(am__append_1) $(am__append_2) \
+	$(am__append_3) $(am__append_4) $(am__append_5) \
+	$(am__append_6) $(am__append_7) wolfcrypt/src/hmac.c \
+	wolfcrypt/src/random.c wolfcrypt/src/sha256.c $(am__append_8) \
+	$(am__append_9) $(am__append_10) $(am__append_11) \
+	$(am__append_12) wolfcrypt/src/logging.c \
+	wolfcrypt/src/wc_port.c wolfcrypt/src/error.c $(am__append_13) \
+	$(am__append_14) $(am__append_15) $(am__append_16) \
+	$(am__append_17) $(am__append_18) $(am__append_19) \
+	$(am__append_20) $(am__append_21) $(am__append_22) \
+	$(am__append_23) $(am__append_24) $(am__append_25) \
+	$(am__append_26) $(am__append_27) $(am__append_28) \
+	$(am__append_29) $(am__append_30) $(am__append_31) \
+	$(am__append_32) $(am__append_33) $(am__append_34) \
+	$(am__append_35) $(am__append_36) $(am__append_37) \
+	src/internal.c src/io.c src/keys.c src/ssl.c src/tls.c \
+	$(am__append_38) $(am__append_39) $(am__append_40)
+src_libwolfssl_la_LDFLAGS = ${AM_LDFLAGS} -no-undefined -version-info ${WOLFSSL_LIBRARY_VERSION}
+src_libwolfssl_la_LIBADD = $(LIBM)
+src_libwolfssl_la_CFLAGS = -DBUILDING_WOLFSSL $(AM_CFLAGS)
+src_libwolfssl_la_CPPFLAGS = -DBUILDING_WOLFSSL $(AM_CPPFLAGS)
+pkgconfigdir = $(libdir)/pkgconfig
+pkgconfig_DATA = support/wolfssl.pc
+wolfcrypt_benchmark_benchmark_SOURCES = wolfcrypt/benchmark/benchmark.c
+wolfcrypt_benchmark_benchmark_LDADD = src/libwolfssl.la
+wolfcrypt_benchmark_benchmark_DEPENDENCIES = src/libwolfssl.la
+wolfcrypt_test_testwolfcrypt_SOURCES = wolfcrypt/test/test.c
+wolfcrypt_test_testwolfcrypt_LDADD = src/libwolfssl.la
+wolfcrypt_test_testwolfcrypt_DEPENDENCIES = src/libwolfssl.la
+@BUILD_EXAMPLES_TRUE@examples_client_client_SOURCES = examples/client/client.c
+@BUILD_EXAMPLES_TRUE@examples_client_client_LDADD = src/libwolfssl.la
+@BUILD_EXAMPLES_TRUE@examples_client_client_DEPENDENCIES = src/libwolfssl.la
+@BUILD_EXAMPLES_TRUE@examples_server_server_SOURCES = examples/server/server.c
+@BUILD_EXAMPLES_TRUE@examples_server_server_LDADD = src/libwolfssl.la
+@BUILD_EXAMPLES_TRUE@examples_server_server_DEPENDENCIES = src/libwolfssl.la
+@BUILD_EXAMPLES_TRUE@examples_echoclient_echoclient_SOURCES = examples/echoclient/echoclient.c
+@BUILD_EXAMPLES_TRUE@examples_echoclient_echoclient_LDADD = src/libwolfssl.la
+@BUILD_EXAMPLES_TRUE@examples_echoclient_echoclient_DEPENDENCIES = src/libwolfssl.la
+@BUILD_EXAMPLES_TRUE@examples_echoserver_echoserver_SOURCES = examples/echoserver/echoserver.c
+@BUILD_EXAMPLES_TRUE@examples_echoserver_echoserver_LDADD = src/libwolfssl.la
+@BUILD_EXAMPLES_TRUE@examples_echoserver_echoserver_DEPENDENCIES = src/libwolfssl.la
+@BUILD_EXAMPLES_TRUE@testsuite_testsuite_test_SOURCES = \
+@BUILD_EXAMPLES_TRUE@			      wolfcrypt/test/test.c \
+@BUILD_EXAMPLES_TRUE@			      examples/client/client.c \
+@BUILD_EXAMPLES_TRUE@			      examples/echoclient/echoclient.c \
+@BUILD_EXAMPLES_TRUE@			      examples/echoserver/echoserver.c \
+@BUILD_EXAMPLES_TRUE@			      examples/server/server.c \
+@BUILD_EXAMPLES_TRUE@			      testsuite/testsuite.c
+
+@BUILD_EXAMPLES_TRUE@testsuite_testsuite_test_CFLAGS = -DNO_MAIN_DRIVER $(AM_CFLAGS)
+@BUILD_EXAMPLES_TRUE@testsuite_testsuite_test_LDADD = src/libwolfssl.la
+@BUILD_EXAMPLES_TRUE@testsuite_testsuite_test_DEPENDENCIES = src/libwolfssl.la
+@BUILD_EXAMPLES_TRUE@tests_unit_test_SOURCES = \
+@BUILD_EXAMPLES_TRUE@                  tests/unit.c \
+@BUILD_EXAMPLES_TRUE@                  tests/api.c \
+@BUILD_EXAMPLES_TRUE@                  tests/suites.c \
+@BUILD_EXAMPLES_TRUE@                  tests/hash.c \
+@BUILD_EXAMPLES_TRUE@                  examples/client/client.c \
+@BUILD_EXAMPLES_TRUE@                  examples/server/server.c
+
+@BUILD_EXAMPLES_TRUE@tests_unit_test_CFLAGS = -DNO_MAIN_DRIVER $(AM_CFLAGS)
+@BUILD_EXAMPLES_TRUE@tests_unit_test_LDADD = src/libwolfssl.la
+@BUILD_EXAMPLES_TRUE@tests_unit_test_DEPENDENCIES = src/libwolfssl.la
+@BUILD_SNIFFTEST_TRUE@sslSniffer_sslSnifferTest_snifftest_SOURCES = sslSniffer/sslSnifferTest/snifftest.c
+@BUILD_SNIFFTEST_TRUE@sslSniffer_sslSnifferTest_snifftest_LDADD = src/libwolfssl.la -lpcap
+@BUILD_SNIFFTEST_TRUE@sslSniffer_sslSnifferTest_snifftest_DEPENDENCIES = src/libwolfssl.la
+@BUILD_MCAPI_TRUE@mcapi_test_SOURCES = mcapi/crypto.c \
+@BUILD_MCAPI_TRUE@                     mcapi/mcapi_test.c
+
+@BUILD_MCAPI_TRUE@mcapi_test_LDADD = src/libwolfssl.la 
+@BUILD_MCAPI_TRUE@mcapi_test_DEPENDENCIES = src/libwolfssl.la
+
+# TODO: fix, this commented out mqx ones have spaces in file names
+#include mqx/wolfcrypt_test/Sources/include.am
+#include mqx/cyassl_client/Sources/include.am
+@USE_VALGRIND_TRUE@TESTS_ENVIRONMENT = ./valgrind-error.sh
+TEST_EXTENSIONS = .test
+all: $(BUILT_SOURCES) config.h
+	$(MAKE) $(AM_MAKEFLAGS) all-am
+
+.SUFFIXES:
+.SUFFIXES: .c .lo .log .o .obj .s .test .test$(EXEEXT) .trs
+am--refresh: Makefile
+	@:
+$(srcdir)/Makefile.in:  $(srcdir)/Makefile.am $(srcdir)/cyassl/include.am $(srcdir)/cyassl/ctaocrypt/include.am $(srcdir)/cyassl/openssl/include.am $(srcdir)/wolfssl/include.am $(srcdir)/wolfssl/wolfcrypt/include.am $(srcdir)/wolfssl/openssl/include.am $(srcdir)/certs/include.am $(srcdir)/certs/1024/include.am $(srcdir)/certs/crl/include.am $(srcdir)/doc/include.am $(srcdir)/swig/include.am $(srcdir)/src/include.am $(srcdir)/support/include.am $(srcdir)/wolfcrypt/benchmark/include.am $(srcdir)/wolfcrypt/src/include.am $(srcdir)/wolfcrypt/test/include.am $(srcdir)/examples/client/include.am $(srcdir)/examples/server/include.am $(srcdir)/examples/echoclient/include.am $(srcdir)/examples/echoserver/include.am $(srcdir)/testsuite/include.am $(srcdir)/tests/include.am $(srcdir)/sslSniffer/sslSnifferTest/include.am $(srcdir)/rpm/include.am $(srcdir)/mqx/cyassl/include.am $(srcdir)/mqx/util_lib/Sources/include.am $(srcdir)/mplabx/include.am $(srcdir)/mplabx/wolfcrypt_benchmark.X/nbproject/include.am $(srcdir)/mplabx/wolfcrypt_test.X/nbproject/include.am $(srcdir)/mplabx/wolfssl.X/nbproject/include.am $(srcdir)/mcapi/include.am $(srcdir)/mcapi/wolfcrypt_mcapi.X/nbproject/include.am $(srcdir)/mcapi/wolfcrypt_test.X/nbproject/include.am $(srcdir)/mcapi/wolfssl.X/nbproject/include.am $(srcdir)/mcapi/zlib.X/nbproject/include.am $(srcdir)/tirtos/include.am $(am__configure_deps)
+	@for dep in $?; do \
+	  case '$(am__configure_deps)' in \
+	    *$$dep*) \
+	      echo ' cd $(srcdir) && $(AUTOMAKE) --foreign'; \
+	      $(am__cd) $(srcdir) && $(AUTOMAKE) --foreign \
+		&& exit 0; \
+	      exit 1;; \
+	  esac; \
+	done; \
+	echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign Makefile'; \
+	$(am__cd) $(top_srcdir) && \
+	  $(AUTOMAKE) --foreign Makefile
+.PRECIOUS: Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+	@case '$?' in \
+	  *config.status*) \
+	    echo ' $(SHELL) ./config.status'; \
+	    $(SHELL) ./config.status;; \
+	  *) \
+	    echo ' cd $(top_builddir) && $(SHELL) ./config.status $@ $(am__depfiles_maybe)'; \
+	    cd $(top_builddir) && $(SHELL) ./config.status $@ $(am__depfiles_maybe);; \
+	esac;
+$(srcdir)/cyassl/include.am $(srcdir)/cyassl/ctaocrypt/include.am $(srcdir)/cyassl/openssl/include.am $(srcdir)/wolfssl/include.am $(srcdir)/wolfssl/wolfcrypt/include.am $(srcdir)/wolfssl/openssl/include.am $(srcdir)/certs/include.am $(srcdir)/certs/1024/include.am $(srcdir)/certs/crl/include.am $(srcdir)/doc/include.am $(srcdir)/swig/include.am $(srcdir)/src/include.am $(srcdir)/support/include.am $(srcdir)/wolfcrypt/benchmark/include.am $(srcdir)/wolfcrypt/src/include.am $(srcdir)/wolfcrypt/test/include.am $(srcdir)/examples/client/include.am $(srcdir)/examples/server/include.am $(srcdir)/examples/echoclient/include.am $(srcdir)/examples/echoserver/include.am $(srcdir)/testsuite/include.am $(srcdir)/tests/include.am $(srcdir)/sslSniffer/sslSnifferTest/include.am $(srcdir)/rpm/include.am $(srcdir)/mqx/cyassl/include.am $(srcdir)/mqx/util_lib/Sources/include.am $(srcdir)/mplabx/include.am $(srcdir)/mplabx/wolfcrypt_benchmark.X/nbproject/include.am $(srcdir)/mplabx/wolfcrypt_test.X/nbproject/include.am $(srcdir)/mplabx/wolfssl.X/nbproject/include.am $(srcdir)/mcapi/include.am $(srcdir)/mcapi/wolfcrypt_mcapi.X/nbproject/include.am $(srcdir)/mcapi/wolfcrypt_test.X/nbproject/include.am $(srcdir)/mcapi/wolfssl.X/nbproject/include.am $(srcdir)/mcapi/zlib.X/nbproject/include.am $(srcdir)/tirtos/include.am:
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+	$(SHELL) ./config.status --recheck
+
+$(top_srcdir)/configure:  $(am__configure_deps)
+	$(am__cd) $(srcdir) && $(AUTOCONF)
+$(ACLOCAL_M4):  $(am__aclocal_m4_deps)
+	$(am__cd) $(srcdir) && $(ACLOCAL) $(ACLOCAL_AMFLAGS)
+$(am__aclocal_m4_deps):
+
+config.h: stamp-h1
+	@test -f $@ || rm -f stamp-h1
+	@test -f $@ || $(MAKE) $(AM_MAKEFLAGS) stamp-h1
+
+stamp-h1: $(srcdir)/config.in $(top_builddir)/config.status
+	@rm -f stamp-h1
+	cd $(top_builddir) && $(SHELL) ./config.status config.h
+$(srcdir)/config.in:  $(am__configure_deps) 
+	($(am__cd) $(top_srcdir) && $(AUTOHEADER))
+	rm -f stamp-h1
+	touch $@
+
+distclean-hdr:
+	-rm -f config.h stamp-h1
+stamp-h: $(top_builddir)/config.status $(srcdir)/stamp-h.in
+	cd $(top_builddir) && $(SHELL) ./config.status $@
+wolfssl/version.h: $(top_builddir)/config.status $(top_srcdir)/wolfssl/version.h.in
+	cd $(top_builddir) && $(SHELL) ./config.status $@
+wolfssl/options.h: $(top_builddir)/config.status $(top_srcdir)/wolfssl/options.h.in
+	cd $(top_builddir) && $(SHELL) ./config.status $@
+support/wolfssl.pc: $(top_builddir)/config.status $(top_srcdir)/support/wolfssl.pc.in
+	cd $(top_builddir) && $(SHELL) ./config.status $@
+rpm/spec: $(top_builddir)/config.status $(top_srcdir)/rpm/spec.in
+	cd $(top_builddir) && $(SHELL) ./config.status $@
+
+install-libLTLIBRARIES: $(lib_LTLIBRARIES)
+	@$(NORMAL_INSTALL)
+	@list='$(lib_LTLIBRARIES)'; test -n "$(libdir)" || list=; \
+	list2=; for p in $$list; do \
+	  if test -f $$p; then \
+	    list2="$$list2 $$p"; \
+	  else :; fi; \
+	done; \
+	test -z "$$list2" || { \
+	  echo " $(MKDIR_P) '$(DESTDIR)$(libdir)'"; \
+	  $(MKDIR_P) "$(DESTDIR)$(libdir)" || exit 1; \
+	  echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 '$(DESTDIR)$(libdir)'"; \
+	  $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 "$(DESTDIR)$(libdir)"; \
+	}
+
+uninstall-libLTLIBRARIES:
+	@$(NORMAL_UNINSTALL)
+	@list='$(lib_LTLIBRARIES)'; test -n "$(libdir)" || list=; \
+	for p in $$list; do \
+	  $(am__strip_dir) \
+	  echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(libdir)/$$f'"; \
+	  $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(libdir)/$$f"; \
+	done
+
+clean-libLTLIBRARIES:
+	-test -z "$(lib_LTLIBRARIES)" || rm -f $(lib_LTLIBRARIES)
+	@list='$(lib_LTLIBRARIES)'; \
+	locs=`for p in $$list; do echo $$p; done | \
+	      sed 's|^[^/]*$$|.|; s|/[^/]*$$||; s|$$|/so_locations|' | \
+	      sort -u`; \
+	test -z "$$locs" || { \
+	  echo rm -f $${locs}; \
+	  rm -f $${locs}; \
+	}
+
+clean-noinstLTLIBRARIES:
+	-test -z "$(noinst_LTLIBRARIES)" || rm -f $(noinst_LTLIBRARIES)
+	@list='$(noinst_LTLIBRARIES)'; \
+	locs=`for p in $$list; do echo $$p; done | \
+	      sed 's|^[^/]*$$|.|; s|/[^/]*$$||; s|$$|/so_locations|' | \
+	      sort -u`; \
+	test -z "$$locs" || { \
+	  echo rm -f $${locs}; \
+	  rm -f $${locs}; \
+	}
+ctaocrypt/src/$(am__dirstamp):
+	@$(MKDIR_P) ctaocrypt/src
+	@: > ctaocrypt/src/$(am__dirstamp)
+ctaocrypt/src/$(DEPDIR)/$(am__dirstamp):
+	@$(MKDIR_P) ctaocrypt/src/$(DEPDIR)
+	@: > ctaocrypt/src/$(DEPDIR)/$(am__dirstamp)
+ctaocrypt/src/src_libwolfssl_la-wolfcrypt_first.lo:  \
+	ctaocrypt/src/$(am__dirstamp) \
+	ctaocrypt/src/$(DEPDIR)/$(am__dirstamp)
+ctaocrypt/src/src_libwolfssl_la-hmac.lo:  \
+	ctaocrypt/src/$(am__dirstamp) \
+	ctaocrypt/src/$(DEPDIR)/$(am__dirstamp)
+ctaocrypt/src/src_libwolfssl_la-random.lo:  \
+	ctaocrypt/src/$(am__dirstamp) \
+	ctaocrypt/src/$(DEPDIR)/$(am__dirstamp)
+ctaocrypt/src/src_libwolfssl_la-sha256.lo:  \
+	ctaocrypt/src/$(am__dirstamp) \
+	ctaocrypt/src/$(DEPDIR)/$(am__dirstamp)
+ctaocrypt/src/src_libwolfssl_la-rsa.lo: ctaocrypt/src/$(am__dirstamp) \
+	ctaocrypt/src/$(DEPDIR)/$(am__dirstamp)
+ctaocrypt/src/src_libwolfssl_la-aes.lo: ctaocrypt/src/$(am__dirstamp) \
+	ctaocrypt/src/$(DEPDIR)/$(am__dirstamp)
+ctaocrypt/src/src_libwolfssl_la-des3.lo:  \
+	ctaocrypt/src/$(am__dirstamp) \
+	ctaocrypt/src/$(DEPDIR)/$(am__dirstamp)
+ctaocrypt/src/src_libwolfssl_la-sha.lo: ctaocrypt/src/$(am__dirstamp) \
+	ctaocrypt/src/$(DEPDIR)/$(am__dirstamp)
+ctaocrypt/src/src_libwolfssl_la-sha512.lo:  \
+	ctaocrypt/src/$(am__dirstamp) \
+	ctaocrypt/src/$(DEPDIR)/$(am__dirstamp)
+ctaocrypt/src/src_libwolfssl_la-fips.lo:  \
+	ctaocrypt/src/$(am__dirstamp) \
+	ctaocrypt/src/$(DEPDIR)/$(am__dirstamp)
+ctaocrypt/src/src_libwolfssl_la-fips_test.lo:  \
+	ctaocrypt/src/$(am__dirstamp) \
+	ctaocrypt/src/$(DEPDIR)/$(am__dirstamp)
+ctaocrypt/src/src_libwolfssl_la-wolfcrypt_last.lo:  \
+	ctaocrypt/src/$(am__dirstamp) \
+	ctaocrypt/src/$(DEPDIR)/$(am__dirstamp)
+wolfcrypt/src/$(am__dirstamp):
+	@$(MKDIR_P) wolfcrypt/src
+	@: > wolfcrypt/src/$(am__dirstamp)
+wolfcrypt/src/$(DEPDIR)/$(am__dirstamp):
+	@$(MKDIR_P) wolfcrypt/src/$(DEPDIR)
+	@: > wolfcrypt/src/$(DEPDIR)/$(am__dirstamp)
+wolfcrypt/src/src_libwolfssl_la-hmac.lo:  \
+	wolfcrypt/src/$(am__dirstamp) \
+	wolfcrypt/src/$(DEPDIR)/$(am__dirstamp)
+wolfcrypt/src/src_libwolfssl_la-random.lo:  \
+	wolfcrypt/src/$(am__dirstamp) \
+	wolfcrypt/src/$(DEPDIR)/$(am__dirstamp)
+wolfcrypt/src/src_libwolfssl_la-sha256.lo:  \
+	wolfcrypt/src/$(am__dirstamp) \
+	wolfcrypt/src/$(DEPDIR)/$(am__dirstamp)
+wolfcrypt/src/src_libwolfssl_la-rsa.lo: wolfcrypt/src/$(am__dirstamp) \
+	wolfcrypt/src/$(DEPDIR)/$(am__dirstamp)
+wolfcrypt/src/src_libwolfssl_la-aes.lo: wolfcrypt/src/$(am__dirstamp) \
+	wolfcrypt/src/$(DEPDIR)/$(am__dirstamp)
+wolfcrypt/src/src_libwolfssl_la-des3.lo:  \
+	wolfcrypt/src/$(am__dirstamp) \
+	wolfcrypt/src/$(DEPDIR)/$(am__dirstamp)
+wolfcrypt/src/src_libwolfssl_la-sha.lo: wolfcrypt/src/$(am__dirstamp) \
+	wolfcrypt/src/$(DEPDIR)/$(am__dirstamp)
+wolfcrypt/src/src_libwolfssl_la-sha512.lo:  \
+	wolfcrypt/src/$(am__dirstamp) \
+	wolfcrypt/src/$(DEPDIR)/$(am__dirstamp)
+wolfcrypt/src/src_libwolfssl_la-logging.lo:  \
+	wolfcrypt/src/$(am__dirstamp) \
+	wolfcrypt/src/$(DEPDIR)/$(am__dirstamp)
+wolfcrypt/src/src_libwolfssl_la-wc_port.lo:  \
+	wolfcrypt/src/$(am__dirstamp) \
+	wolfcrypt/src/$(DEPDIR)/$(am__dirstamp)
+wolfcrypt/src/src_libwolfssl_la-error.lo:  \
+	wolfcrypt/src/$(am__dirstamp) \
+	wolfcrypt/src/$(DEPDIR)/$(am__dirstamp)
+wolfcrypt/src/src_libwolfssl_la-memory.lo:  \
+	wolfcrypt/src/$(am__dirstamp) \
+	wolfcrypt/src/$(DEPDIR)/$(am__dirstamp)
+wolfcrypt/src/src_libwolfssl_la-dh.lo: wolfcrypt/src/$(am__dirstamp) \
+	wolfcrypt/src/$(DEPDIR)/$(am__dirstamp)
+wolfcrypt/src/src_libwolfssl_la-asn.lo: wolfcrypt/src/$(am__dirstamp) \
+	wolfcrypt/src/$(DEPDIR)/$(am__dirstamp)
+wolfcrypt/src/src_libwolfssl_la-coding.lo:  \
+	wolfcrypt/src/$(am__dirstamp) \
+	wolfcrypt/src/$(DEPDIR)/$(am__dirstamp)
+wolfcrypt/src/src_libwolfssl_la-poly1305.lo:  \
+	wolfcrypt/src/$(am__dirstamp) \
+	wolfcrypt/src/$(DEPDIR)/$(am__dirstamp)
+wolfcrypt/src/src_libwolfssl_la-arc4.lo:  \
+	wolfcrypt/src/$(am__dirstamp) \
+	wolfcrypt/src/$(DEPDIR)/$(am__dirstamp)
+wolfcrypt/src/src_libwolfssl_la-md4.lo: wolfcrypt/src/$(am__dirstamp) \
+	wolfcrypt/src/$(DEPDIR)/$(am__dirstamp)
+wolfcrypt/src/src_libwolfssl_la-md5.lo: wolfcrypt/src/$(am__dirstamp) \
+	wolfcrypt/src/$(DEPDIR)/$(am__dirstamp)
+wolfcrypt/src/src_libwolfssl_la-pwdbased.lo:  \
+	wolfcrypt/src/$(am__dirstamp) \
+	wolfcrypt/src/$(DEPDIR)/$(am__dirstamp)
+wolfcrypt/src/src_libwolfssl_la-dsa.lo: wolfcrypt/src/$(am__dirstamp) \
+	wolfcrypt/src/$(DEPDIR)/$(am__dirstamp)
+wolfcrypt/src/aes_asm.lo: wolfcrypt/src/$(am__dirstamp) \
+	wolfcrypt/src/$(DEPDIR)/$(am__dirstamp)
+wolfcrypt/src/src_libwolfssl_la-camellia.lo:  \
+	wolfcrypt/src/$(am__dirstamp) \
+	wolfcrypt/src/$(DEPDIR)/$(am__dirstamp)
+wolfcrypt/src/src_libwolfssl_la-md2.lo: wolfcrypt/src/$(am__dirstamp) \
+	wolfcrypt/src/$(DEPDIR)/$(am__dirstamp)
+wolfcrypt/src/src_libwolfssl_la-ripemd.lo:  \
+	wolfcrypt/src/$(am__dirstamp) \
+	wolfcrypt/src/$(DEPDIR)/$(am__dirstamp)
+wolfcrypt/src/src_libwolfssl_la-blake2b.lo:  \
+	wolfcrypt/src/$(am__dirstamp) \
+	wolfcrypt/src/$(DEPDIR)/$(am__dirstamp)
+wolfcrypt/src/src_libwolfssl_la-hc128.lo:  \
+	wolfcrypt/src/$(am__dirstamp) \
+	wolfcrypt/src/$(DEPDIR)/$(am__dirstamp)
+wolfcrypt/src/src_libwolfssl_la-rabbit.lo:  \
+	wolfcrypt/src/$(am__dirstamp) \
+	wolfcrypt/src/$(DEPDIR)/$(am__dirstamp)
+wolfcrypt/src/src_libwolfssl_la-chacha.lo:  \
+	wolfcrypt/src/$(am__dirstamp) \
+	wolfcrypt/src/$(DEPDIR)/$(am__dirstamp)
+wolfcrypt/src/src_libwolfssl_la-misc.lo:  \
+	wolfcrypt/src/$(am__dirstamp) \
+	wolfcrypt/src/$(DEPDIR)/$(am__dirstamp)
+wolfcrypt/src/src_libwolfssl_la-tfm.lo: wolfcrypt/src/$(am__dirstamp) \
+	wolfcrypt/src/$(DEPDIR)/$(am__dirstamp)
+wolfcrypt/src/src_libwolfssl_la-integer.lo:  \
+	wolfcrypt/src/$(am__dirstamp) \
+	wolfcrypt/src/$(DEPDIR)/$(am__dirstamp)
+wolfcrypt/src/src_libwolfssl_la-ecc.lo: wolfcrypt/src/$(am__dirstamp) \
+	wolfcrypt/src/$(DEPDIR)/$(am__dirstamp)
+wolfcrypt/src/src_libwolfssl_la-ecc25519.lo:  \
+	wolfcrypt/src/$(am__dirstamp) \
+	wolfcrypt/src/$(DEPDIR)/$(am__dirstamp)
+wolfcrypt/src/src_libwolfssl_la-ecc25519_fe.lo:  \
+	wolfcrypt/src/$(am__dirstamp) \
+	wolfcrypt/src/$(DEPDIR)/$(am__dirstamp)
+wolfcrypt/src/src_libwolfssl_la-compress.lo:  \
+	wolfcrypt/src/$(am__dirstamp) \
+	wolfcrypt/src/$(DEPDIR)/$(am__dirstamp)
+wolfcrypt/src/src_libwolfssl_la-pkcs7.lo:  \
+	wolfcrypt/src/$(am__dirstamp) \
+	wolfcrypt/src/$(DEPDIR)/$(am__dirstamp)
+src/$(am__dirstamp):
+	@$(MKDIR_P) src
+	@: > src/$(am__dirstamp)
+src/$(DEPDIR)/$(am__dirstamp):
+	@$(MKDIR_P) src/$(DEPDIR)
+	@: > src/$(DEPDIR)/$(am__dirstamp)
+src/src_libwolfssl_la-internal.lo: src/$(am__dirstamp) \
+	src/$(DEPDIR)/$(am__dirstamp)
+src/src_libwolfssl_la-io.lo: src/$(am__dirstamp) \
+	src/$(DEPDIR)/$(am__dirstamp)
+src/src_libwolfssl_la-keys.lo: src/$(am__dirstamp) \
+	src/$(DEPDIR)/$(am__dirstamp)
+src/src_libwolfssl_la-ssl.lo: src/$(am__dirstamp) \
+	src/$(DEPDIR)/$(am__dirstamp)
+src/src_libwolfssl_la-tls.lo: src/$(am__dirstamp) \
+	src/$(DEPDIR)/$(am__dirstamp)
+src/src_libwolfssl_la-ocsp.lo: src/$(am__dirstamp) \
+	src/$(DEPDIR)/$(am__dirstamp)
+src/src_libwolfssl_la-crl.lo: src/$(am__dirstamp) \
+	src/$(DEPDIR)/$(am__dirstamp)
+src/src_libwolfssl_la-sniffer.lo: src/$(am__dirstamp) \
+	src/$(DEPDIR)/$(am__dirstamp)
+
+src/libwolfssl.la: $(src_libwolfssl_la_OBJECTS) $(src_libwolfssl_la_DEPENDENCIES) $(EXTRA_src_libwolfssl_la_DEPENDENCIES) src/$(am__dirstamp)
+	$(AM_V_CCLD)$(src_libwolfssl_la_LINK) -rpath $(libdir) $(src_libwolfssl_la_OBJECTS) $(src_libwolfssl_la_LIBADD) $(LIBS)
+install-binPROGRAMS: $(bin_PROGRAMS)
+	@$(NORMAL_INSTALL)
+	@list='$(bin_PROGRAMS)'; test -n "$(bindir)" || list=; \
+	if test -n "$$list"; then \
+	  echo " $(MKDIR_P) '$(DESTDIR)$(bindir)'"; \
+	  $(MKDIR_P) "$(DESTDIR)$(bindir)" || exit 1; \
+	fi; \
+	for p in $$list; do echo "$$p $$p"; done | \
+	sed 's/$(EXEEXT)$$//' | \
+	while read p p1; do if test -f $$p \
+	 || test -f $$p1 \
+	  ; then echo "$$p"; echo "$$p"; else :; fi; \
+	done | \
+	sed -e 'p;s,.*/,,;n;h' \
+	    -e 's|.*|.|' \
+	    -e 'p;x;s,.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/' | \
+	sed 'N;N;N;s,\n, ,g' | \
+	$(AWK) 'BEGIN { files["."] = ""; dirs["."] = 1 } \
+	  { d=$$3; if (dirs[d] != 1) { print "d", d; dirs[d] = 1 } \
+	    if ($$2 == $$4) files[d] = files[d] " " $$1; \
+	    else { print "f", $$3 "/" $$4, $$1; } } \
+	  END { for (d in files) print "f", d, files[d] }' | \
+	while read type dir files; do \
+	    if test "$$dir" = .; then dir=; else dir=/$$dir; fi; \
+	    test -z "$$files" || { \
+	    echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files '$(DESTDIR)$(bindir)$$dir'"; \
+	    $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files "$(DESTDIR)$(bindir)$$dir" || exit $$?; \
+	    } \
+	; done
+
+uninstall-binPROGRAMS:
+	@$(NORMAL_UNINSTALL)
+	@list='$(bin_PROGRAMS)'; test -n "$(bindir)" || list=; \
+	files=`for p in $$list; do echo "$$p"; done | \
+	  sed -e 'h;s,^.*/,,;s/$(EXEEXT)$$//;$(transform)' \
+	      -e 's/$$/$(EXEEXT)/' \
+	`; \
+	test -n "$$list" || exit 0; \
+	echo " ( cd '$(DESTDIR)$(bindir)' && rm -f" $$files ")"; \
+	cd "$(DESTDIR)$(bindir)" && rm -f $$files
+
+clean-binPROGRAMS:
+	@list='$(bin_PROGRAMS)'; test -n "$$list" || exit 0; \
+	echo " rm -f" $$list; \
+	rm -f $$list || exit $$?; \
+	test -n "$(EXEEXT)" || exit 0; \
+	list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \
+	echo " rm -f" $$list; \
+	rm -f $$list
+
+clean-checkPROGRAMS:
+	@list='$(check_PROGRAMS)'; test -n "$$list" || exit 0; \
+	echo " rm -f" $$list; \
+	rm -f $$list || exit $$?; \
+	test -n "$(EXEEXT)" || exit 0; \
+	list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \
+	echo " rm -f" $$list; \
+	rm -f $$list
+
+clean-noinstPROGRAMS:
+	@list='$(noinst_PROGRAMS)'; test -n "$$list" || exit 0; \
+	echo " rm -f" $$list; \
+	rm -f $$list || exit $$?; \
+	test -n "$(EXEEXT)" || exit 0; \
+	list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \
+	echo " rm -f" $$list; \
+	rm -f $$list
+examples/client/$(am__dirstamp):
+	@$(MKDIR_P) examples/client
+	@: > examples/client/$(am__dirstamp)
+examples/client/$(DEPDIR)/$(am__dirstamp):
+	@$(MKDIR_P) examples/client/$(DEPDIR)
+	@: > examples/client/$(DEPDIR)/$(am__dirstamp)
+examples/client/client.$(OBJEXT): examples/client/$(am__dirstamp) \
+	examples/client/$(DEPDIR)/$(am__dirstamp)
+
+examples/client/client$(EXEEXT): $(examples_client_client_OBJECTS) $(examples_client_client_DEPENDENCIES) $(EXTRA_examples_client_client_DEPENDENCIES) examples/client/$(am__dirstamp)
+	@rm -f examples/client/client$(EXEEXT)
+	$(AM_V_CCLD)$(LINK) $(examples_client_client_OBJECTS) $(examples_client_client_LDADD) $(LIBS)
+examples/echoclient/$(am__dirstamp):
+	@$(MKDIR_P) examples/echoclient
+	@: > examples/echoclient/$(am__dirstamp)
+examples/echoclient/$(DEPDIR)/$(am__dirstamp):
+	@$(MKDIR_P) examples/echoclient/$(DEPDIR)
+	@: > examples/echoclient/$(DEPDIR)/$(am__dirstamp)
+examples/echoclient/echoclient.$(OBJEXT):  \
+	examples/echoclient/$(am__dirstamp) \
+	examples/echoclient/$(DEPDIR)/$(am__dirstamp)
+
+examples/echoclient/echoclient$(EXEEXT): $(examples_echoclient_echoclient_OBJECTS) $(examples_echoclient_echoclient_DEPENDENCIES) $(EXTRA_examples_echoclient_echoclient_DEPENDENCIES) examples/echoclient/$(am__dirstamp)
+	@rm -f examples/echoclient/echoclient$(EXEEXT)
+	$(AM_V_CCLD)$(LINK) $(examples_echoclient_echoclient_OBJECTS) $(examples_echoclient_echoclient_LDADD) $(LIBS)
+examples/echoserver/$(am__dirstamp):
+	@$(MKDIR_P) examples/echoserver
+	@: > examples/echoserver/$(am__dirstamp)
+examples/echoserver/$(DEPDIR)/$(am__dirstamp):
+	@$(MKDIR_P) examples/echoserver/$(DEPDIR)
+	@: > examples/echoserver/$(DEPDIR)/$(am__dirstamp)
+examples/echoserver/echoserver.$(OBJEXT):  \
+	examples/echoserver/$(am__dirstamp) \
+	examples/echoserver/$(DEPDIR)/$(am__dirstamp)
+
+examples/echoserver/echoserver$(EXEEXT): $(examples_echoserver_echoserver_OBJECTS) $(examples_echoserver_echoserver_DEPENDENCIES) $(EXTRA_examples_echoserver_echoserver_DEPENDENCIES) examples/echoserver/$(am__dirstamp)
+	@rm -f examples/echoserver/echoserver$(EXEEXT)
+	$(AM_V_CCLD)$(LINK) $(examples_echoserver_echoserver_OBJECTS) $(examples_echoserver_echoserver_LDADD) $(LIBS)
+examples/server/$(am__dirstamp):
+	@$(MKDIR_P) examples/server
+	@: > examples/server/$(am__dirstamp)
+examples/server/$(DEPDIR)/$(am__dirstamp):
+	@$(MKDIR_P) examples/server/$(DEPDIR)
+	@: > examples/server/$(DEPDIR)/$(am__dirstamp)
+examples/server/server.$(OBJEXT): examples/server/$(am__dirstamp) \
+	examples/server/$(DEPDIR)/$(am__dirstamp)
+
+examples/server/server$(EXEEXT): $(examples_server_server_OBJECTS) $(examples_server_server_DEPENDENCIES) $(EXTRA_examples_server_server_DEPENDENCIES) examples/server/$(am__dirstamp)
+	@rm -f examples/server/server$(EXEEXT)
+	$(AM_V_CCLD)$(LINK) $(examples_server_server_OBJECTS) $(examples_server_server_LDADD) $(LIBS)
+mcapi/$(am__dirstamp):
+	@$(MKDIR_P) mcapi
+	@: > mcapi/$(am__dirstamp)
+mcapi/$(DEPDIR)/$(am__dirstamp):
+	@$(MKDIR_P) mcapi/$(DEPDIR)
+	@: > mcapi/$(DEPDIR)/$(am__dirstamp)
+mcapi/crypto.$(OBJEXT): mcapi/$(am__dirstamp) \
+	mcapi/$(DEPDIR)/$(am__dirstamp)
+mcapi/mcapi_test.$(OBJEXT): mcapi/$(am__dirstamp) \
+	mcapi/$(DEPDIR)/$(am__dirstamp)
+
+mcapi/test$(EXEEXT): $(mcapi_test_OBJECTS) $(mcapi_test_DEPENDENCIES) $(EXTRA_mcapi_test_DEPENDENCIES) mcapi/$(am__dirstamp)
+	@rm -f mcapi/test$(EXEEXT)
+	$(AM_V_CCLD)$(LINK) $(mcapi_test_OBJECTS) $(mcapi_test_LDADD) $(LIBS)
+sslSniffer/sslSnifferTest/$(am__dirstamp):
+	@$(MKDIR_P) sslSniffer/sslSnifferTest
+	@: > sslSniffer/sslSnifferTest/$(am__dirstamp)
+sslSniffer/sslSnifferTest/$(DEPDIR)/$(am__dirstamp):
+	@$(MKDIR_P) sslSniffer/sslSnifferTest/$(DEPDIR)
+	@: > sslSniffer/sslSnifferTest/$(DEPDIR)/$(am__dirstamp)
+sslSniffer/sslSnifferTest/snifftest.$(OBJEXT):  \
+	sslSniffer/sslSnifferTest/$(am__dirstamp) \
+	sslSniffer/sslSnifferTest/$(DEPDIR)/$(am__dirstamp)
+
+sslSniffer/sslSnifferTest/snifftest$(EXEEXT): $(sslSniffer_sslSnifferTest_snifftest_OBJECTS) $(sslSniffer_sslSnifferTest_snifftest_DEPENDENCIES) $(EXTRA_sslSniffer_sslSnifferTest_snifftest_DEPENDENCIES) sslSniffer/sslSnifferTest/$(am__dirstamp)
+	@rm -f sslSniffer/sslSnifferTest/snifftest$(EXEEXT)
+	$(AM_V_CCLD)$(LINK) $(sslSniffer_sslSnifferTest_snifftest_OBJECTS) $(sslSniffer_sslSnifferTest_snifftest_LDADD) $(LIBS)
+tests/$(am__dirstamp):
+	@$(MKDIR_P) tests
+	@: > tests/$(am__dirstamp)
+tests/$(DEPDIR)/$(am__dirstamp):
+	@$(MKDIR_P) tests/$(DEPDIR)
+	@: > tests/$(DEPDIR)/$(am__dirstamp)
+tests/tests_unit_test-unit.$(OBJEXT): tests/$(am__dirstamp) \
+	tests/$(DEPDIR)/$(am__dirstamp)
+tests/tests_unit_test-api.$(OBJEXT): tests/$(am__dirstamp) \
+	tests/$(DEPDIR)/$(am__dirstamp)
+tests/tests_unit_test-suites.$(OBJEXT): tests/$(am__dirstamp) \
+	tests/$(DEPDIR)/$(am__dirstamp)
+tests/tests_unit_test-hash.$(OBJEXT): tests/$(am__dirstamp) \
+	tests/$(DEPDIR)/$(am__dirstamp)
+examples/client/tests_unit_test-client.$(OBJEXT):  \
+	examples/client/$(am__dirstamp) \
+	examples/client/$(DEPDIR)/$(am__dirstamp)
+examples/server/tests_unit_test-server.$(OBJEXT):  \
+	examples/server/$(am__dirstamp) \
+	examples/server/$(DEPDIR)/$(am__dirstamp)
+
+tests/unit.test$(EXEEXT): $(tests_unit_test_OBJECTS) $(tests_unit_test_DEPENDENCIES) $(EXTRA_tests_unit_test_DEPENDENCIES) tests/$(am__dirstamp)
+	@rm -f tests/unit.test$(EXEEXT)
+	$(AM_V_CCLD)$(tests_unit_test_LINK) $(tests_unit_test_OBJECTS) $(tests_unit_test_LDADD) $(LIBS)
+wolfcrypt/test/$(am__dirstamp):
+	@$(MKDIR_P) wolfcrypt/test
+	@: > wolfcrypt/test/$(am__dirstamp)
+wolfcrypt/test/$(DEPDIR)/$(am__dirstamp):
+	@$(MKDIR_P) wolfcrypt/test/$(DEPDIR)
+	@: > wolfcrypt/test/$(DEPDIR)/$(am__dirstamp)
+wolfcrypt/test/testsuite_testsuite_test-test.$(OBJEXT):  \
+	wolfcrypt/test/$(am__dirstamp) \
+	wolfcrypt/test/$(DEPDIR)/$(am__dirstamp)
+examples/client/testsuite_testsuite_test-client.$(OBJEXT):  \
+	examples/client/$(am__dirstamp) \
+	examples/client/$(DEPDIR)/$(am__dirstamp)
+examples/echoclient/testsuite_testsuite_test-echoclient.$(OBJEXT):  \
+	examples/echoclient/$(am__dirstamp) \
+	examples/echoclient/$(DEPDIR)/$(am__dirstamp)
+examples/echoserver/testsuite_testsuite_test-echoserver.$(OBJEXT):  \
+	examples/echoserver/$(am__dirstamp) \
+	examples/echoserver/$(DEPDIR)/$(am__dirstamp)
+examples/server/testsuite_testsuite_test-server.$(OBJEXT):  \
+	examples/server/$(am__dirstamp) \
+	examples/server/$(DEPDIR)/$(am__dirstamp)
+testsuite/$(am__dirstamp):
+	@$(MKDIR_P) testsuite
+	@: > testsuite/$(am__dirstamp)
+testsuite/$(DEPDIR)/$(am__dirstamp):
+	@$(MKDIR_P) testsuite/$(DEPDIR)
+	@: > testsuite/$(DEPDIR)/$(am__dirstamp)
+testsuite/testsuite_testsuite_test-testsuite.$(OBJEXT):  \
+	testsuite/$(am__dirstamp) testsuite/$(DEPDIR)/$(am__dirstamp)
+
+testsuite/testsuite.test$(EXEEXT): $(testsuite_testsuite_test_OBJECTS) $(testsuite_testsuite_test_DEPENDENCIES) $(EXTRA_testsuite_testsuite_test_DEPENDENCIES) testsuite/$(am__dirstamp)
+	@rm -f testsuite/testsuite.test$(EXEEXT)
+	$(AM_V_CCLD)$(testsuite_testsuite_test_LINK) $(testsuite_testsuite_test_OBJECTS) $(testsuite_testsuite_test_LDADD) $(LIBS)
+wolfcrypt/benchmark/$(am__dirstamp):
+	@$(MKDIR_P) wolfcrypt/benchmark
+	@: > wolfcrypt/benchmark/$(am__dirstamp)
+wolfcrypt/benchmark/$(DEPDIR)/$(am__dirstamp):
+	@$(MKDIR_P) wolfcrypt/benchmark/$(DEPDIR)
+	@: > wolfcrypt/benchmark/$(DEPDIR)/$(am__dirstamp)
+wolfcrypt/benchmark/benchmark.$(OBJEXT):  \
+	wolfcrypt/benchmark/$(am__dirstamp) \
+	wolfcrypt/benchmark/$(DEPDIR)/$(am__dirstamp)
+
+wolfcrypt/benchmark/benchmark$(EXEEXT): $(wolfcrypt_benchmark_benchmark_OBJECTS) $(wolfcrypt_benchmark_benchmark_DEPENDENCIES) $(EXTRA_wolfcrypt_benchmark_benchmark_DEPENDENCIES) wolfcrypt/benchmark/$(am__dirstamp)
+	@rm -f wolfcrypt/benchmark/benchmark$(EXEEXT)
+	$(AM_V_CCLD)$(LINK) $(wolfcrypt_benchmark_benchmark_OBJECTS) $(wolfcrypt_benchmark_benchmark_LDADD) $(LIBS)
+wolfcrypt/test/test.$(OBJEXT): wolfcrypt/test/$(am__dirstamp) \
+	wolfcrypt/test/$(DEPDIR)/$(am__dirstamp)
+
+wolfcrypt/test/testwolfcrypt$(EXEEXT): $(wolfcrypt_test_testwolfcrypt_OBJECTS) $(wolfcrypt_test_testwolfcrypt_DEPENDENCIES) $(EXTRA_wolfcrypt_test_testwolfcrypt_DEPENDENCIES) wolfcrypt/test/$(am__dirstamp)
+	@rm -f wolfcrypt/test/testwolfcrypt$(EXEEXT)
+	$(AM_V_CCLD)$(LINK) $(wolfcrypt_test_testwolfcrypt_OBJECTS) $(wolfcrypt_test_testwolfcrypt_LDADD) $(LIBS)
+
+mostlyclean-compile:
+	-rm -f *.$(OBJEXT)
+	-rm -f ctaocrypt/src/*.$(OBJEXT)
+	-rm -f ctaocrypt/src/*.lo
+	-rm -f examples/client/*.$(OBJEXT)
+	-rm -f examples/echoclient/*.$(OBJEXT)
+	-rm -f examples/echoserver/*.$(OBJEXT)
+	-rm -f examples/server/*.$(OBJEXT)
+	-rm -f mcapi/*.$(OBJEXT)
+	-rm -f src/*.$(OBJEXT)
+	-rm -f src/*.lo
+	-rm -f sslSniffer/sslSnifferTest/*.$(OBJEXT)
+	-rm -f tests/*.$(OBJEXT)
+	-rm -f testsuite/*.$(OBJEXT)
+	-rm -f wolfcrypt/benchmark/*.$(OBJEXT)
+	-rm -f wolfcrypt/src/*.$(OBJEXT)
+	-rm -f wolfcrypt/src/*.lo
+	-rm -f wolfcrypt/test/*.$(OBJEXT)
+
+distclean-compile:
+	-rm -f *.tab.c
+
+@AMDEP_TRUE@@am__include@ @am__quote@ctaocrypt/src/$(DEPDIR)/src_libwolfssl_la-aes.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@ctaocrypt/src/$(DEPDIR)/src_libwolfssl_la-des3.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@ctaocrypt/src/$(DEPDIR)/src_libwolfssl_la-fips.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@ctaocrypt/src/$(DEPDIR)/src_libwolfssl_la-fips_test.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@ctaocrypt/src/$(DEPDIR)/src_libwolfssl_la-hmac.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@ctaocrypt/src/$(DEPDIR)/src_libwolfssl_la-random.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@ctaocrypt/src/$(DEPDIR)/src_libwolfssl_la-rsa.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@ctaocrypt/src/$(DEPDIR)/src_libwolfssl_la-sha.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@ctaocrypt/src/$(DEPDIR)/src_libwolfssl_la-sha256.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@ctaocrypt/src/$(DEPDIR)/src_libwolfssl_la-sha512.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@ctaocrypt/src/$(DEPDIR)/src_libwolfssl_la-wolfcrypt_first.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@ctaocrypt/src/$(DEPDIR)/src_libwolfssl_la-wolfcrypt_last.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@examples/client/$(DEPDIR)/client.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@examples/client/$(DEPDIR)/tests_unit_test-client.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@examples/client/$(DEPDIR)/testsuite_testsuite_test-client.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@examples/echoclient/$(DEPDIR)/echoclient.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@examples/echoclient/$(DEPDIR)/testsuite_testsuite_test-echoclient.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@examples/echoserver/$(DEPDIR)/echoserver.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@examples/echoserver/$(DEPDIR)/testsuite_testsuite_test-echoserver.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@examples/server/$(DEPDIR)/server.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@examples/server/$(DEPDIR)/tests_unit_test-server.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@examples/server/$(DEPDIR)/testsuite_testsuite_test-server.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@mcapi/$(DEPDIR)/crypto.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@mcapi/$(DEPDIR)/mcapi_test.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@src/$(DEPDIR)/src_libwolfssl_la-crl.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@src/$(DEPDIR)/src_libwolfssl_la-internal.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@src/$(DEPDIR)/src_libwolfssl_la-io.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@src/$(DEPDIR)/src_libwolfssl_la-keys.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@src/$(DEPDIR)/src_libwolfssl_la-ocsp.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@src/$(DEPDIR)/src_libwolfssl_la-sniffer.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@src/$(DEPDIR)/src_libwolfssl_la-ssl.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@src/$(DEPDIR)/src_libwolfssl_la-tls.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@sslSniffer/sslSnifferTest/$(DEPDIR)/snifftest.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@tests/$(DEPDIR)/tests_unit_test-api.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@tests/$(DEPDIR)/tests_unit_test-hash.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@tests/$(DEPDIR)/tests_unit_test-suites.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@tests/$(DEPDIR)/tests_unit_test-unit.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@testsuite/$(DEPDIR)/testsuite_testsuite_test-testsuite.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@wolfcrypt/benchmark/$(DEPDIR)/benchmark.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-aes.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-arc4.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-asn.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-blake2b.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-camellia.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-chacha.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-coding.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-compress.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-des3.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-dh.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-dsa.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-ecc.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-ecc25519.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-ecc25519_fe.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-error.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-hc128.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-hmac.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-integer.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-logging.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-md2.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-md4.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-md5.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-memory.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-misc.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-pkcs7.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-poly1305.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-pwdbased.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-rabbit.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-random.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-ripemd.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-rsa.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-sha.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-sha256.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-sha512.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-tfm.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-wc_port.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@wolfcrypt/test/$(DEPDIR)/test.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@wolfcrypt/test/$(DEPDIR)/testsuite_testsuite_test-test.Po@am__quote@
+
+.c.o:
+@am__fastdepCC_TRUE@	$(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.o$$||'`;\
+@am__fastdepCC_TRUE@	$(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\
+@am__fastdepCC_TRUE@	$(am__mv) $$depbase.Tpo $$depbase.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ $<
+
+.c.obj:
+@am__fastdepCC_TRUE@	$(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.obj$$||'`;\
+@am__fastdepCC_TRUE@	$(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ `$(CYGPATH_W) '$<'` &&\
+@am__fastdepCC_TRUE@	$(am__mv) $$depbase.Tpo $$depbase.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ `$(CYGPATH_W) '$<'`
+
+.c.lo:
+@am__fastdepCC_TRUE@	$(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.lo$$||'`;\
+@am__fastdepCC_TRUE@	$(LTCOMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\
+@am__fastdepCC_TRUE@	$(am__mv) $$depbase.Tpo $$depbase.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LTCOMPILE) -c -o $@ $<
+
+ctaocrypt/src/src_libwolfssl_la-wolfcrypt_first.lo: ctaocrypt/src/wolfcrypt_first.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -MT ctaocrypt/src/src_libwolfssl_la-wolfcrypt_first.lo -MD -MP -MF ctaocrypt/src/$(DEPDIR)/src_libwolfssl_la-wolfcrypt_first.Tpo -c -o ctaocrypt/src/src_libwolfssl_la-wolfcrypt_first.lo `test -f 'ctaocrypt/src/wolfcrypt_first.c' || echo '$(srcdir)/'`ctaocrypt/src/wolfcrypt_first.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) ctaocrypt/src/$(DEPDIR)/src_libwolfssl_la-wolfcrypt_first.Tpo ctaocrypt/src/$(DEPDIR)/src_libwolfssl_la-wolfcrypt_first.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='ctaocrypt/src/wolfcrypt_first.c' object='ctaocrypt/src/src_libwolfssl_la-wolfcrypt_first.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -c -o ctaocrypt/src/src_libwolfssl_la-wolfcrypt_first.lo `test -f 'ctaocrypt/src/wolfcrypt_first.c' || echo '$(srcdir)/'`ctaocrypt/src/wolfcrypt_first.c
+
+ctaocrypt/src/src_libwolfssl_la-hmac.lo: ctaocrypt/src/hmac.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -MT ctaocrypt/src/src_libwolfssl_la-hmac.lo -MD -MP -MF ctaocrypt/src/$(DEPDIR)/src_libwolfssl_la-hmac.Tpo -c -o ctaocrypt/src/src_libwolfssl_la-hmac.lo `test -f 'ctaocrypt/src/hmac.c' || echo '$(srcdir)/'`ctaocrypt/src/hmac.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) ctaocrypt/src/$(DEPDIR)/src_libwolfssl_la-hmac.Tpo ctaocrypt/src/$(DEPDIR)/src_libwolfssl_la-hmac.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='ctaocrypt/src/hmac.c' object='ctaocrypt/src/src_libwolfssl_la-hmac.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -c -o ctaocrypt/src/src_libwolfssl_la-hmac.lo `test -f 'ctaocrypt/src/hmac.c' || echo '$(srcdir)/'`ctaocrypt/src/hmac.c
+
+ctaocrypt/src/src_libwolfssl_la-random.lo: ctaocrypt/src/random.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -MT ctaocrypt/src/src_libwolfssl_la-random.lo -MD -MP -MF ctaocrypt/src/$(DEPDIR)/src_libwolfssl_la-random.Tpo -c -o ctaocrypt/src/src_libwolfssl_la-random.lo `test -f 'ctaocrypt/src/random.c' || echo '$(srcdir)/'`ctaocrypt/src/random.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) ctaocrypt/src/$(DEPDIR)/src_libwolfssl_la-random.Tpo ctaocrypt/src/$(DEPDIR)/src_libwolfssl_la-random.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='ctaocrypt/src/random.c' object='ctaocrypt/src/src_libwolfssl_la-random.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -c -o ctaocrypt/src/src_libwolfssl_la-random.lo `test -f 'ctaocrypt/src/random.c' || echo '$(srcdir)/'`ctaocrypt/src/random.c
+
+ctaocrypt/src/src_libwolfssl_la-sha256.lo: ctaocrypt/src/sha256.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -MT ctaocrypt/src/src_libwolfssl_la-sha256.lo -MD -MP -MF ctaocrypt/src/$(DEPDIR)/src_libwolfssl_la-sha256.Tpo -c -o ctaocrypt/src/src_libwolfssl_la-sha256.lo `test -f 'ctaocrypt/src/sha256.c' || echo '$(srcdir)/'`ctaocrypt/src/sha256.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) ctaocrypt/src/$(DEPDIR)/src_libwolfssl_la-sha256.Tpo ctaocrypt/src/$(DEPDIR)/src_libwolfssl_la-sha256.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='ctaocrypt/src/sha256.c' object='ctaocrypt/src/src_libwolfssl_la-sha256.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -c -o ctaocrypt/src/src_libwolfssl_la-sha256.lo `test -f 'ctaocrypt/src/sha256.c' || echo '$(srcdir)/'`ctaocrypt/src/sha256.c
+
+ctaocrypt/src/src_libwolfssl_la-rsa.lo: ctaocrypt/src/rsa.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -MT ctaocrypt/src/src_libwolfssl_la-rsa.lo -MD -MP -MF ctaocrypt/src/$(DEPDIR)/src_libwolfssl_la-rsa.Tpo -c -o ctaocrypt/src/src_libwolfssl_la-rsa.lo `test -f 'ctaocrypt/src/rsa.c' || echo '$(srcdir)/'`ctaocrypt/src/rsa.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) ctaocrypt/src/$(DEPDIR)/src_libwolfssl_la-rsa.Tpo ctaocrypt/src/$(DEPDIR)/src_libwolfssl_la-rsa.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='ctaocrypt/src/rsa.c' object='ctaocrypt/src/src_libwolfssl_la-rsa.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -c -o ctaocrypt/src/src_libwolfssl_la-rsa.lo `test -f 'ctaocrypt/src/rsa.c' || echo '$(srcdir)/'`ctaocrypt/src/rsa.c
+
+ctaocrypt/src/src_libwolfssl_la-aes.lo: ctaocrypt/src/aes.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -MT ctaocrypt/src/src_libwolfssl_la-aes.lo -MD -MP -MF ctaocrypt/src/$(DEPDIR)/src_libwolfssl_la-aes.Tpo -c -o ctaocrypt/src/src_libwolfssl_la-aes.lo `test -f 'ctaocrypt/src/aes.c' || echo '$(srcdir)/'`ctaocrypt/src/aes.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) ctaocrypt/src/$(DEPDIR)/src_libwolfssl_la-aes.Tpo ctaocrypt/src/$(DEPDIR)/src_libwolfssl_la-aes.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='ctaocrypt/src/aes.c' object='ctaocrypt/src/src_libwolfssl_la-aes.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -c -o ctaocrypt/src/src_libwolfssl_la-aes.lo `test -f 'ctaocrypt/src/aes.c' || echo '$(srcdir)/'`ctaocrypt/src/aes.c
+
+ctaocrypt/src/src_libwolfssl_la-des3.lo: ctaocrypt/src/des3.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -MT ctaocrypt/src/src_libwolfssl_la-des3.lo -MD -MP -MF ctaocrypt/src/$(DEPDIR)/src_libwolfssl_la-des3.Tpo -c -o ctaocrypt/src/src_libwolfssl_la-des3.lo `test -f 'ctaocrypt/src/des3.c' || echo '$(srcdir)/'`ctaocrypt/src/des3.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) ctaocrypt/src/$(DEPDIR)/src_libwolfssl_la-des3.Tpo ctaocrypt/src/$(DEPDIR)/src_libwolfssl_la-des3.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='ctaocrypt/src/des3.c' object='ctaocrypt/src/src_libwolfssl_la-des3.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -c -o ctaocrypt/src/src_libwolfssl_la-des3.lo `test -f 'ctaocrypt/src/des3.c' || echo '$(srcdir)/'`ctaocrypt/src/des3.c
+
+ctaocrypt/src/src_libwolfssl_la-sha.lo: ctaocrypt/src/sha.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -MT ctaocrypt/src/src_libwolfssl_la-sha.lo -MD -MP -MF ctaocrypt/src/$(DEPDIR)/src_libwolfssl_la-sha.Tpo -c -o ctaocrypt/src/src_libwolfssl_la-sha.lo `test -f 'ctaocrypt/src/sha.c' || echo '$(srcdir)/'`ctaocrypt/src/sha.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) ctaocrypt/src/$(DEPDIR)/src_libwolfssl_la-sha.Tpo ctaocrypt/src/$(DEPDIR)/src_libwolfssl_la-sha.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='ctaocrypt/src/sha.c' object='ctaocrypt/src/src_libwolfssl_la-sha.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -c -o ctaocrypt/src/src_libwolfssl_la-sha.lo `test -f 'ctaocrypt/src/sha.c' || echo '$(srcdir)/'`ctaocrypt/src/sha.c
+
+ctaocrypt/src/src_libwolfssl_la-sha512.lo: ctaocrypt/src/sha512.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -MT ctaocrypt/src/src_libwolfssl_la-sha512.lo -MD -MP -MF ctaocrypt/src/$(DEPDIR)/src_libwolfssl_la-sha512.Tpo -c -o ctaocrypt/src/src_libwolfssl_la-sha512.lo `test -f 'ctaocrypt/src/sha512.c' || echo '$(srcdir)/'`ctaocrypt/src/sha512.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) ctaocrypt/src/$(DEPDIR)/src_libwolfssl_la-sha512.Tpo ctaocrypt/src/$(DEPDIR)/src_libwolfssl_la-sha512.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='ctaocrypt/src/sha512.c' object='ctaocrypt/src/src_libwolfssl_la-sha512.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -c -o ctaocrypt/src/src_libwolfssl_la-sha512.lo `test -f 'ctaocrypt/src/sha512.c' || echo '$(srcdir)/'`ctaocrypt/src/sha512.c
+
+ctaocrypt/src/src_libwolfssl_la-fips.lo: ctaocrypt/src/fips.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -MT ctaocrypt/src/src_libwolfssl_la-fips.lo -MD -MP -MF ctaocrypt/src/$(DEPDIR)/src_libwolfssl_la-fips.Tpo -c -o ctaocrypt/src/src_libwolfssl_la-fips.lo `test -f 'ctaocrypt/src/fips.c' || echo '$(srcdir)/'`ctaocrypt/src/fips.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) ctaocrypt/src/$(DEPDIR)/src_libwolfssl_la-fips.Tpo ctaocrypt/src/$(DEPDIR)/src_libwolfssl_la-fips.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='ctaocrypt/src/fips.c' object='ctaocrypt/src/src_libwolfssl_la-fips.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -c -o ctaocrypt/src/src_libwolfssl_la-fips.lo `test -f 'ctaocrypt/src/fips.c' || echo '$(srcdir)/'`ctaocrypt/src/fips.c
+
+ctaocrypt/src/src_libwolfssl_la-fips_test.lo: ctaocrypt/src/fips_test.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -MT ctaocrypt/src/src_libwolfssl_la-fips_test.lo -MD -MP -MF ctaocrypt/src/$(DEPDIR)/src_libwolfssl_la-fips_test.Tpo -c -o ctaocrypt/src/src_libwolfssl_la-fips_test.lo `test -f 'ctaocrypt/src/fips_test.c' || echo '$(srcdir)/'`ctaocrypt/src/fips_test.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) ctaocrypt/src/$(DEPDIR)/src_libwolfssl_la-fips_test.Tpo ctaocrypt/src/$(DEPDIR)/src_libwolfssl_la-fips_test.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='ctaocrypt/src/fips_test.c' object='ctaocrypt/src/src_libwolfssl_la-fips_test.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -c -o ctaocrypt/src/src_libwolfssl_la-fips_test.lo `test -f 'ctaocrypt/src/fips_test.c' || echo '$(srcdir)/'`ctaocrypt/src/fips_test.c
+
+ctaocrypt/src/src_libwolfssl_la-wolfcrypt_last.lo: ctaocrypt/src/wolfcrypt_last.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -MT ctaocrypt/src/src_libwolfssl_la-wolfcrypt_last.lo -MD -MP -MF ctaocrypt/src/$(DEPDIR)/src_libwolfssl_la-wolfcrypt_last.Tpo -c -o ctaocrypt/src/src_libwolfssl_la-wolfcrypt_last.lo `test -f 'ctaocrypt/src/wolfcrypt_last.c' || echo '$(srcdir)/'`ctaocrypt/src/wolfcrypt_last.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) ctaocrypt/src/$(DEPDIR)/src_libwolfssl_la-wolfcrypt_last.Tpo ctaocrypt/src/$(DEPDIR)/src_libwolfssl_la-wolfcrypt_last.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='ctaocrypt/src/wolfcrypt_last.c' object='ctaocrypt/src/src_libwolfssl_la-wolfcrypt_last.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -c -o ctaocrypt/src/src_libwolfssl_la-wolfcrypt_last.lo `test -f 'ctaocrypt/src/wolfcrypt_last.c' || echo '$(srcdir)/'`ctaocrypt/src/wolfcrypt_last.c
+
+wolfcrypt/src/src_libwolfssl_la-hmac.lo: wolfcrypt/src/hmac.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -MT wolfcrypt/src/src_libwolfssl_la-hmac.lo -MD -MP -MF wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-hmac.Tpo -c -o wolfcrypt/src/src_libwolfssl_la-hmac.lo `test -f 'wolfcrypt/src/hmac.c' || echo '$(srcdir)/'`wolfcrypt/src/hmac.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-hmac.Tpo wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-hmac.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='wolfcrypt/src/hmac.c' object='wolfcrypt/src/src_libwolfssl_la-hmac.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -c -o wolfcrypt/src/src_libwolfssl_la-hmac.lo `test -f 'wolfcrypt/src/hmac.c' || echo '$(srcdir)/'`wolfcrypt/src/hmac.c
+
+wolfcrypt/src/src_libwolfssl_la-random.lo: wolfcrypt/src/random.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -MT wolfcrypt/src/src_libwolfssl_la-random.lo -MD -MP -MF wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-random.Tpo -c -o wolfcrypt/src/src_libwolfssl_la-random.lo `test -f 'wolfcrypt/src/random.c' || echo '$(srcdir)/'`wolfcrypt/src/random.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-random.Tpo wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-random.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='wolfcrypt/src/random.c' object='wolfcrypt/src/src_libwolfssl_la-random.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -c -o wolfcrypt/src/src_libwolfssl_la-random.lo `test -f 'wolfcrypt/src/random.c' || echo '$(srcdir)/'`wolfcrypt/src/random.c
+
+wolfcrypt/src/src_libwolfssl_la-sha256.lo: wolfcrypt/src/sha256.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -MT wolfcrypt/src/src_libwolfssl_la-sha256.lo -MD -MP -MF wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-sha256.Tpo -c -o wolfcrypt/src/src_libwolfssl_la-sha256.lo `test -f 'wolfcrypt/src/sha256.c' || echo '$(srcdir)/'`wolfcrypt/src/sha256.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-sha256.Tpo wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-sha256.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='wolfcrypt/src/sha256.c' object='wolfcrypt/src/src_libwolfssl_la-sha256.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -c -o wolfcrypt/src/src_libwolfssl_la-sha256.lo `test -f 'wolfcrypt/src/sha256.c' || echo '$(srcdir)/'`wolfcrypt/src/sha256.c
+
+wolfcrypt/src/src_libwolfssl_la-rsa.lo: wolfcrypt/src/rsa.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -MT wolfcrypt/src/src_libwolfssl_la-rsa.lo -MD -MP -MF wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-rsa.Tpo -c -o wolfcrypt/src/src_libwolfssl_la-rsa.lo `test -f 'wolfcrypt/src/rsa.c' || echo '$(srcdir)/'`wolfcrypt/src/rsa.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-rsa.Tpo wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-rsa.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='wolfcrypt/src/rsa.c' object='wolfcrypt/src/src_libwolfssl_la-rsa.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -c -o wolfcrypt/src/src_libwolfssl_la-rsa.lo `test -f 'wolfcrypt/src/rsa.c' || echo '$(srcdir)/'`wolfcrypt/src/rsa.c
+
+wolfcrypt/src/src_libwolfssl_la-aes.lo: wolfcrypt/src/aes.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -MT wolfcrypt/src/src_libwolfssl_la-aes.lo -MD -MP -MF wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-aes.Tpo -c -o wolfcrypt/src/src_libwolfssl_la-aes.lo `test -f 'wolfcrypt/src/aes.c' || echo '$(srcdir)/'`wolfcrypt/src/aes.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-aes.Tpo wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-aes.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='wolfcrypt/src/aes.c' object='wolfcrypt/src/src_libwolfssl_la-aes.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -c -o wolfcrypt/src/src_libwolfssl_la-aes.lo `test -f 'wolfcrypt/src/aes.c' || echo '$(srcdir)/'`wolfcrypt/src/aes.c
+
+wolfcrypt/src/src_libwolfssl_la-des3.lo: wolfcrypt/src/des3.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -MT wolfcrypt/src/src_libwolfssl_la-des3.lo -MD -MP -MF wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-des3.Tpo -c -o wolfcrypt/src/src_libwolfssl_la-des3.lo `test -f 'wolfcrypt/src/des3.c' || echo '$(srcdir)/'`wolfcrypt/src/des3.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-des3.Tpo wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-des3.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='wolfcrypt/src/des3.c' object='wolfcrypt/src/src_libwolfssl_la-des3.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -c -o wolfcrypt/src/src_libwolfssl_la-des3.lo `test -f 'wolfcrypt/src/des3.c' || echo '$(srcdir)/'`wolfcrypt/src/des3.c
+
+wolfcrypt/src/src_libwolfssl_la-sha.lo: wolfcrypt/src/sha.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -MT wolfcrypt/src/src_libwolfssl_la-sha.lo -MD -MP -MF wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-sha.Tpo -c -o wolfcrypt/src/src_libwolfssl_la-sha.lo `test -f 'wolfcrypt/src/sha.c' || echo '$(srcdir)/'`wolfcrypt/src/sha.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-sha.Tpo wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-sha.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='wolfcrypt/src/sha.c' object='wolfcrypt/src/src_libwolfssl_la-sha.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -c -o wolfcrypt/src/src_libwolfssl_la-sha.lo `test -f 'wolfcrypt/src/sha.c' || echo '$(srcdir)/'`wolfcrypt/src/sha.c
+
+wolfcrypt/src/src_libwolfssl_la-sha512.lo: wolfcrypt/src/sha512.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -MT wolfcrypt/src/src_libwolfssl_la-sha512.lo -MD -MP -MF wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-sha512.Tpo -c -o wolfcrypt/src/src_libwolfssl_la-sha512.lo `test -f 'wolfcrypt/src/sha512.c' || echo '$(srcdir)/'`wolfcrypt/src/sha512.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-sha512.Tpo wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-sha512.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='wolfcrypt/src/sha512.c' object='wolfcrypt/src/src_libwolfssl_la-sha512.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -c -o wolfcrypt/src/src_libwolfssl_la-sha512.lo `test -f 'wolfcrypt/src/sha512.c' || echo '$(srcdir)/'`wolfcrypt/src/sha512.c
+
+wolfcrypt/src/src_libwolfssl_la-logging.lo: wolfcrypt/src/logging.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -MT wolfcrypt/src/src_libwolfssl_la-logging.lo -MD -MP -MF wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-logging.Tpo -c -o wolfcrypt/src/src_libwolfssl_la-logging.lo `test -f 'wolfcrypt/src/logging.c' || echo '$(srcdir)/'`wolfcrypt/src/logging.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-logging.Tpo wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-logging.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='wolfcrypt/src/logging.c' object='wolfcrypt/src/src_libwolfssl_la-logging.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -c -o wolfcrypt/src/src_libwolfssl_la-logging.lo `test -f 'wolfcrypt/src/logging.c' || echo '$(srcdir)/'`wolfcrypt/src/logging.c
+
+wolfcrypt/src/src_libwolfssl_la-wc_port.lo: wolfcrypt/src/wc_port.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -MT wolfcrypt/src/src_libwolfssl_la-wc_port.lo -MD -MP -MF wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-wc_port.Tpo -c -o wolfcrypt/src/src_libwolfssl_la-wc_port.lo `test -f 'wolfcrypt/src/wc_port.c' || echo '$(srcdir)/'`wolfcrypt/src/wc_port.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-wc_port.Tpo wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-wc_port.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='wolfcrypt/src/wc_port.c' object='wolfcrypt/src/src_libwolfssl_la-wc_port.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -c -o wolfcrypt/src/src_libwolfssl_la-wc_port.lo `test -f 'wolfcrypt/src/wc_port.c' || echo '$(srcdir)/'`wolfcrypt/src/wc_port.c
+
+wolfcrypt/src/src_libwolfssl_la-error.lo: wolfcrypt/src/error.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -MT wolfcrypt/src/src_libwolfssl_la-error.lo -MD -MP -MF wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-error.Tpo -c -o wolfcrypt/src/src_libwolfssl_la-error.lo `test -f 'wolfcrypt/src/error.c' || echo '$(srcdir)/'`wolfcrypt/src/error.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-error.Tpo wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-error.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='wolfcrypt/src/error.c' object='wolfcrypt/src/src_libwolfssl_la-error.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -c -o wolfcrypt/src/src_libwolfssl_la-error.lo `test -f 'wolfcrypt/src/error.c' || echo '$(srcdir)/'`wolfcrypt/src/error.c
+
+wolfcrypt/src/src_libwolfssl_la-memory.lo: wolfcrypt/src/memory.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -MT wolfcrypt/src/src_libwolfssl_la-memory.lo -MD -MP -MF wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-memory.Tpo -c -o wolfcrypt/src/src_libwolfssl_la-memory.lo `test -f 'wolfcrypt/src/memory.c' || echo '$(srcdir)/'`wolfcrypt/src/memory.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-memory.Tpo wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-memory.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='wolfcrypt/src/memory.c' object='wolfcrypt/src/src_libwolfssl_la-memory.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -c -o wolfcrypt/src/src_libwolfssl_la-memory.lo `test -f 'wolfcrypt/src/memory.c' || echo '$(srcdir)/'`wolfcrypt/src/memory.c
+
+wolfcrypt/src/src_libwolfssl_la-dh.lo: wolfcrypt/src/dh.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -MT wolfcrypt/src/src_libwolfssl_la-dh.lo -MD -MP -MF wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-dh.Tpo -c -o wolfcrypt/src/src_libwolfssl_la-dh.lo `test -f 'wolfcrypt/src/dh.c' || echo '$(srcdir)/'`wolfcrypt/src/dh.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-dh.Tpo wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-dh.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='wolfcrypt/src/dh.c' object='wolfcrypt/src/src_libwolfssl_la-dh.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -c -o wolfcrypt/src/src_libwolfssl_la-dh.lo `test -f 'wolfcrypt/src/dh.c' || echo '$(srcdir)/'`wolfcrypt/src/dh.c
+
+wolfcrypt/src/src_libwolfssl_la-asn.lo: wolfcrypt/src/asn.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -MT wolfcrypt/src/src_libwolfssl_la-asn.lo -MD -MP -MF wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-asn.Tpo -c -o wolfcrypt/src/src_libwolfssl_la-asn.lo `test -f 'wolfcrypt/src/asn.c' || echo '$(srcdir)/'`wolfcrypt/src/asn.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-asn.Tpo wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-asn.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='wolfcrypt/src/asn.c' object='wolfcrypt/src/src_libwolfssl_la-asn.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -c -o wolfcrypt/src/src_libwolfssl_la-asn.lo `test -f 'wolfcrypt/src/asn.c' || echo '$(srcdir)/'`wolfcrypt/src/asn.c
+
+wolfcrypt/src/src_libwolfssl_la-coding.lo: wolfcrypt/src/coding.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -MT wolfcrypt/src/src_libwolfssl_la-coding.lo -MD -MP -MF wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-coding.Tpo -c -o wolfcrypt/src/src_libwolfssl_la-coding.lo `test -f 'wolfcrypt/src/coding.c' || echo '$(srcdir)/'`wolfcrypt/src/coding.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-coding.Tpo wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-coding.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='wolfcrypt/src/coding.c' object='wolfcrypt/src/src_libwolfssl_la-coding.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -c -o wolfcrypt/src/src_libwolfssl_la-coding.lo `test -f 'wolfcrypt/src/coding.c' || echo '$(srcdir)/'`wolfcrypt/src/coding.c
+
+wolfcrypt/src/src_libwolfssl_la-poly1305.lo: wolfcrypt/src/poly1305.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -MT wolfcrypt/src/src_libwolfssl_la-poly1305.lo -MD -MP -MF wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-poly1305.Tpo -c -o wolfcrypt/src/src_libwolfssl_la-poly1305.lo `test -f 'wolfcrypt/src/poly1305.c' || echo '$(srcdir)/'`wolfcrypt/src/poly1305.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-poly1305.Tpo wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-poly1305.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='wolfcrypt/src/poly1305.c' object='wolfcrypt/src/src_libwolfssl_la-poly1305.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -c -o wolfcrypt/src/src_libwolfssl_la-poly1305.lo `test -f 'wolfcrypt/src/poly1305.c' || echo '$(srcdir)/'`wolfcrypt/src/poly1305.c
+
+wolfcrypt/src/src_libwolfssl_la-arc4.lo: wolfcrypt/src/arc4.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -MT wolfcrypt/src/src_libwolfssl_la-arc4.lo -MD -MP -MF wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-arc4.Tpo -c -o wolfcrypt/src/src_libwolfssl_la-arc4.lo `test -f 'wolfcrypt/src/arc4.c' || echo '$(srcdir)/'`wolfcrypt/src/arc4.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-arc4.Tpo wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-arc4.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='wolfcrypt/src/arc4.c' object='wolfcrypt/src/src_libwolfssl_la-arc4.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -c -o wolfcrypt/src/src_libwolfssl_la-arc4.lo `test -f 'wolfcrypt/src/arc4.c' || echo '$(srcdir)/'`wolfcrypt/src/arc4.c
+
+wolfcrypt/src/src_libwolfssl_la-md4.lo: wolfcrypt/src/md4.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -MT wolfcrypt/src/src_libwolfssl_la-md4.lo -MD -MP -MF wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-md4.Tpo -c -o wolfcrypt/src/src_libwolfssl_la-md4.lo `test -f 'wolfcrypt/src/md4.c' || echo '$(srcdir)/'`wolfcrypt/src/md4.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-md4.Tpo wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-md4.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='wolfcrypt/src/md4.c' object='wolfcrypt/src/src_libwolfssl_la-md4.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -c -o wolfcrypt/src/src_libwolfssl_la-md4.lo `test -f 'wolfcrypt/src/md4.c' || echo '$(srcdir)/'`wolfcrypt/src/md4.c
+
+wolfcrypt/src/src_libwolfssl_la-md5.lo: wolfcrypt/src/md5.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -MT wolfcrypt/src/src_libwolfssl_la-md5.lo -MD -MP -MF wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-md5.Tpo -c -o wolfcrypt/src/src_libwolfssl_la-md5.lo `test -f 'wolfcrypt/src/md5.c' || echo '$(srcdir)/'`wolfcrypt/src/md5.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-md5.Tpo wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-md5.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='wolfcrypt/src/md5.c' object='wolfcrypt/src/src_libwolfssl_la-md5.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -c -o wolfcrypt/src/src_libwolfssl_la-md5.lo `test -f 'wolfcrypt/src/md5.c' || echo '$(srcdir)/'`wolfcrypt/src/md5.c
+
+wolfcrypt/src/src_libwolfssl_la-pwdbased.lo: wolfcrypt/src/pwdbased.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -MT wolfcrypt/src/src_libwolfssl_la-pwdbased.lo -MD -MP -MF wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-pwdbased.Tpo -c -o wolfcrypt/src/src_libwolfssl_la-pwdbased.lo `test -f 'wolfcrypt/src/pwdbased.c' || echo '$(srcdir)/'`wolfcrypt/src/pwdbased.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-pwdbased.Tpo wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-pwdbased.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='wolfcrypt/src/pwdbased.c' object='wolfcrypt/src/src_libwolfssl_la-pwdbased.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -c -o wolfcrypt/src/src_libwolfssl_la-pwdbased.lo `test -f 'wolfcrypt/src/pwdbased.c' || echo '$(srcdir)/'`wolfcrypt/src/pwdbased.c
+
+wolfcrypt/src/src_libwolfssl_la-dsa.lo: wolfcrypt/src/dsa.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -MT wolfcrypt/src/src_libwolfssl_la-dsa.lo -MD -MP -MF wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-dsa.Tpo -c -o wolfcrypt/src/src_libwolfssl_la-dsa.lo `test -f 'wolfcrypt/src/dsa.c' || echo '$(srcdir)/'`wolfcrypt/src/dsa.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-dsa.Tpo wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-dsa.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='wolfcrypt/src/dsa.c' object='wolfcrypt/src/src_libwolfssl_la-dsa.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -c -o wolfcrypt/src/src_libwolfssl_la-dsa.lo `test -f 'wolfcrypt/src/dsa.c' || echo '$(srcdir)/'`wolfcrypt/src/dsa.c
+
+wolfcrypt/src/src_libwolfssl_la-camellia.lo: wolfcrypt/src/camellia.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -MT wolfcrypt/src/src_libwolfssl_la-camellia.lo -MD -MP -MF wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-camellia.Tpo -c -o wolfcrypt/src/src_libwolfssl_la-camellia.lo `test -f 'wolfcrypt/src/camellia.c' || echo '$(srcdir)/'`wolfcrypt/src/camellia.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-camellia.Tpo wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-camellia.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='wolfcrypt/src/camellia.c' object='wolfcrypt/src/src_libwolfssl_la-camellia.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -c -o wolfcrypt/src/src_libwolfssl_la-camellia.lo `test -f 'wolfcrypt/src/camellia.c' || echo '$(srcdir)/'`wolfcrypt/src/camellia.c
+
+wolfcrypt/src/src_libwolfssl_la-md2.lo: wolfcrypt/src/md2.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -MT wolfcrypt/src/src_libwolfssl_la-md2.lo -MD -MP -MF wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-md2.Tpo -c -o wolfcrypt/src/src_libwolfssl_la-md2.lo `test -f 'wolfcrypt/src/md2.c' || echo '$(srcdir)/'`wolfcrypt/src/md2.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-md2.Tpo wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-md2.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='wolfcrypt/src/md2.c' object='wolfcrypt/src/src_libwolfssl_la-md2.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -c -o wolfcrypt/src/src_libwolfssl_la-md2.lo `test -f 'wolfcrypt/src/md2.c' || echo '$(srcdir)/'`wolfcrypt/src/md2.c
+
+wolfcrypt/src/src_libwolfssl_la-ripemd.lo: wolfcrypt/src/ripemd.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -MT wolfcrypt/src/src_libwolfssl_la-ripemd.lo -MD -MP -MF wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-ripemd.Tpo -c -o wolfcrypt/src/src_libwolfssl_la-ripemd.lo `test -f 'wolfcrypt/src/ripemd.c' || echo '$(srcdir)/'`wolfcrypt/src/ripemd.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-ripemd.Tpo wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-ripemd.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='wolfcrypt/src/ripemd.c' object='wolfcrypt/src/src_libwolfssl_la-ripemd.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -c -o wolfcrypt/src/src_libwolfssl_la-ripemd.lo `test -f 'wolfcrypt/src/ripemd.c' || echo '$(srcdir)/'`wolfcrypt/src/ripemd.c
+
+wolfcrypt/src/src_libwolfssl_la-blake2b.lo: wolfcrypt/src/blake2b.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -MT wolfcrypt/src/src_libwolfssl_la-blake2b.lo -MD -MP -MF wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-blake2b.Tpo -c -o wolfcrypt/src/src_libwolfssl_la-blake2b.lo `test -f 'wolfcrypt/src/blake2b.c' || echo '$(srcdir)/'`wolfcrypt/src/blake2b.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-blake2b.Tpo wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-blake2b.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='wolfcrypt/src/blake2b.c' object='wolfcrypt/src/src_libwolfssl_la-blake2b.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -c -o wolfcrypt/src/src_libwolfssl_la-blake2b.lo `test -f 'wolfcrypt/src/blake2b.c' || echo '$(srcdir)/'`wolfcrypt/src/blake2b.c
+
+wolfcrypt/src/src_libwolfssl_la-hc128.lo: wolfcrypt/src/hc128.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -MT wolfcrypt/src/src_libwolfssl_la-hc128.lo -MD -MP -MF wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-hc128.Tpo -c -o wolfcrypt/src/src_libwolfssl_la-hc128.lo `test -f 'wolfcrypt/src/hc128.c' || echo '$(srcdir)/'`wolfcrypt/src/hc128.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-hc128.Tpo wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-hc128.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='wolfcrypt/src/hc128.c' object='wolfcrypt/src/src_libwolfssl_la-hc128.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -c -o wolfcrypt/src/src_libwolfssl_la-hc128.lo `test -f 'wolfcrypt/src/hc128.c' || echo '$(srcdir)/'`wolfcrypt/src/hc128.c
+
+wolfcrypt/src/src_libwolfssl_la-rabbit.lo: wolfcrypt/src/rabbit.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -MT wolfcrypt/src/src_libwolfssl_la-rabbit.lo -MD -MP -MF wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-rabbit.Tpo -c -o wolfcrypt/src/src_libwolfssl_la-rabbit.lo `test -f 'wolfcrypt/src/rabbit.c' || echo '$(srcdir)/'`wolfcrypt/src/rabbit.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-rabbit.Tpo wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-rabbit.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='wolfcrypt/src/rabbit.c' object='wolfcrypt/src/src_libwolfssl_la-rabbit.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -c -o wolfcrypt/src/src_libwolfssl_la-rabbit.lo `test -f 'wolfcrypt/src/rabbit.c' || echo '$(srcdir)/'`wolfcrypt/src/rabbit.c
+
+wolfcrypt/src/src_libwolfssl_la-chacha.lo: wolfcrypt/src/chacha.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -MT wolfcrypt/src/src_libwolfssl_la-chacha.lo -MD -MP -MF wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-chacha.Tpo -c -o wolfcrypt/src/src_libwolfssl_la-chacha.lo `test -f 'wolfcrypt/src/chacha.c' || echo '$(srcdir)/'`wolfcrypt/src/chacha.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-chacha.Tpo wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-chacha.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='wolfcrypt/src/chacha.c' object='wolfcrypt/src/src_libwolfssl_la-chacha.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -c -o wolfcrypt/src/src_libwolfssl_la-chacha.lo `test -f 'wolfcrypt/src/chacha.c' || echo '$(srcdir)/'`wolfcrypt/src/chacha.c
+
+wolfcrypt/src/src_libwolfssl_la-misc.lo: wolfcrypt/src/misc.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -MT wolfcrypt/src/src_libwolfssl_la-misc.lo -MD -MP -MF wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-misc.Tpo -c -o wolfcrypt/src/src_libwolfssl_la-misc.lo `test -f 'wolfcrypt/src/misc.c' || echo '$(srcdir)/'`wolfcrypt/src/misc.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-misc.Tpo wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-misc.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='wolfcrypt/src/misc.c' object='wolfcrypt/src/src_libwolfssl_la-misc.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -c -o wolfcrypt/src/src_libwolfssl_la-misc.lo `test -f 'wolfcrypt/src/misc.c' || echo '$(srcdir)/'`wolfcrypt/src/misc.c
+
+wolfcrypt/src/src_libwolfssl_la-tfm.lo: wolfcrypt/src/tfm.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -MT wolfcrypt/src/src_libwolfssl_la-tfm.lo -MD -MP -MF wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-tfm.Tpo -c -o wolfcrypt/src/src_libwolfssl_la-tfm.lo `test -f 'wolfcrypt/src/tfm.c' || echo '$(srcdir)/'`wolfcrypt/src/tfm.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-tfm.Tpo wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-tfm.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='wolfcrypt/src/tfm.c' object='wolfcrypt/src/src_libwolfssl_la-tfm.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -c -o wolfcrypt/src/src_libwolfssl_la-tfm.lo `test -f 'wolfcrypt/src/tfm.c' || echo '$(srcdir)/'`wolfcrypt/src/tfm.c
+
+wolfcrypt/src/src_libwolfssl_la-integer.lo: wolfcrypt/src/integer.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -MT wolfcrypt/src/src_libwolfssl_la-integer.lo -MD -MP -MF wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-integer.Tpo -c -o wolfcrypt/src/src_libwolfssl_la-integer.lo `test -f 'wolfcrypt/src/integer.c' || echo '$(srcdir)/'`wolfcrypt/src/integer.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-integer.Tpo wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-integer.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='wolfcrypt/src/integer.c' object='wolfcrypt/src/src_libwolfssl_la-integer.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -c -o wolfcrypt/src/src_libwolfssl_la-integer.lo `test -f 'wolfcrypt/src/integer.c' || echo '$(srcdir)/'`wolfcrypt/src/integer.c
+
+wolfcrypt/src/src_libwolfssl_la-ecc.lo: wolfcrypt/src/ecc.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -MT wolfcrypt/src/src_libwolfssl_la-ecc.lo -MD -MP -MF wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-ecc.Tpo -c -o wolfcrypt/src/src_libwolfssl_la-ecc.lo `test -f 'wolfcrypt/src/ecc.c' || echo '$(srcdir)/'`wolfcrypt/src/ecc.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-ecc.Tpo wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-ecc.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='wolfcrypt/src/ecc.c' object='wolfcrypt/src/src_libwolfssl_la-ecc.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -c -o wolfcrypt/src/src_libwolfssl_la-ecc.lo `test -f 'wolfcrypt/src/ecc.c' || echo '$(srcdir)/'`wolfcrypt/src/ecc.c
+
+wolfcrypt/src/src_libwolfssl_la-ecc25519.lo: wolfcrypt/src/ecc25519.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -MT wolfcrypt/src/src_libwolfssl_la-ecc25519.lo -MD -MP -MF wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-ecc25519.Tpo -c -o wolfcrypt/src/src_libwolfssl_la-ecc25519.lo `test -f 'wolfcrypt/src/ecc25519.c' || echo '$(srcdir)/'`wolfcrypt/src/ecc25519.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-ecc25519.Tpo wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-ecc25519.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='wolfcrypt/src/ecc25519.c' object='wolfcrypt/src/src_libwolfssl_la-ecc25519.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -c -o wolfcrypt/src/src_libwolfssl_la-ecc25519.lo `test -f 'wolfcrypt/src/ecc25519.c' || echo '$(srcdir)/'`wolfcrypt/src/ecc25519.c
+
+wolfcrypt/src/src_libwolfssl_la-ecc25519_fe.lo: wolfcrypt/src/ecc25519_fe.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -MT wolfcrypt/src/src_libwolfssl_la-ecc25519_fe.lo -MD -MP -MF wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-ecc25519_fe.Tpo -c -o wolfcrypt/src/src_libwolfssl_la-ecc25519_fe.lo `test -f 'wolfcrypt/src/ecc25519_fe.c' || echo '$(srcdir)/'`wolfcrypt/src/ecc25519_fe.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-ecc25519_fe.Tpo wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-ecc25519_fe.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='wolfcrypt/src/ecc25519_fe.c' object='wolfcrypt/src/src_libwolfssl_la-ecc25519_fe.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -c -o wolfcrypt/src/src_libwolfssl_la-ecc25519_fe.lo `test -f 'wolfcrypt/src/ecc25519_fe.c' || echo '$(srcdir)/'`wolfcrypt/src/ecc25519_fe.c
+
+wolfcrypt/src/src_libwolfssl_la-compress.lo: wolfcrypt/src/compress.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -MT wolfcrypt/src/src_libwolfssl_la-compress.lo -MD -MP -MF wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-compress.Tpo -c -o wolfcrypt/src/src_libwolfssl_la-compress.lo `test -f 'wolfcrypt/src/compress.c' || echo '$(srcdir)/'`wolfcrypt/src/compress.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-compress.Tpo wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-compress.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='wolfcrypt/src/compress.c' object='wolfcrypt/src/src_libwolfssl_la-compress.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -c -o wolfcrypt/src/src_libwolfssl_la-compress.lo `test -f 'wolfcrypt/src/compress.c' || echo '$(srcdir)/'`wolfcrypt/src/compress.c
+
+wolfcrypt/src/src_libwolfssl_la-pkcs7.lo: wolfcrypt/src/pkcs7.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -MT wolfcrypt/src/src_libwolfssl_la-pkcs7.lo -MD -MP -MF wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-pkcs7.Tpo -c -o wolfcrypt/src/src_libwolfssl_la-pkcs7.lo `test -f 'wolfcrypt/src/pkcs7.c' || echo '$(srcdir)/'`wolfcrypt/src/pkcs7.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-pkcs7.Tpo wolfcrypt/src/$(DEPDIR)/src_libwolfssl_la-pkcs7.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='wolfcrypt/src/pkcs7.c' object='wolfcrypt/src/src_libwolfssl_la-pkcs7.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -c -o wolfcrypt/src/src_libwolfssl_la-pkcs7.lo `test -f 'wolfcrypt/src/pkcs7.c' || echo '$(srcdir)/'`wolfcrypt/src/pkcs7.c
+
+src/src_libwolfssl_la-internal.lo: src/internal.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -MT src/src_libwolfssl_la-internal.lo -MD -MP -MF src/$(DEPDIR)/src_libwolfssl_la-internal.Tpo -c -o src/src_libwolfssl_la-internal.lo `test -f 'src/internal.c' || echo '$(srcdir)/'`src/internal.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) src/$(DEPDIR)/src_libwolfssl_la-internal.Tpo src/$(DEPDIR)/src_libwolfssl_la-internal.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='src/internal.c' object='src/src_libwolfssl_la-internal.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -c -o src/src_libwolfssl_la-internal.lo `test -f 'src/internal.c' || echo '$(srcdir)/'`src/internal.c
+
+src/src_libwolfssl_la-io.lo: src/io.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -MT src/src_libwolfssl_la-io.lo -MD -MP -MF src/$(DEPDIR)/src_libwolfssl_la-io.Tpo -c -o src/src_libwolfssl_la-io.lo `test -f 'src/io.c' || echo '$(srcdir)/'`src/io.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) src/$(DEPDIR)/src_libwolfssl_la-io.Tpo src/$(DEPDIR)/src_libwolfssl_la-io.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='src/io.c' object='src/src_libwolfssl_la-io.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -c -o src/src_libwolfssl_la-io.lo `test -f 'src/io.c' || echo '$(srcdir)/'`src/io.c
+
+src/src_libwolfssl_la-keys.lo: src/keys.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -MT src/src_libwolfssl_la-keys.lo -MD -MP -MF src/$(DEPDIR)/src_libwolfssl_la-keys.Tpo -c -o src/src_libwolfssl_la-keys.lo `test -f 'src/keys.c' || echo '$(srcdir)/'`src/keys.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) src/$(DEPDIR)/src_libwolfssl_la-keys.Tpo src/$(DEPDIR)/src_libwolfssl_la-keys.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='src/keys.c' object='src/src_libwolfssl_la-keys.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -c -o src/src_libwolfssl_la-keys.lo `test -f 'src/keys.c' || echo '$(srcdir)/'`src/keys.c
+
+src/src_libwolfssl_la-ssl.lo: src/ssl.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -MT src/src_libwolfssl_la-ssl.lo -MD -MP -MF src/$(DEPDIR)/src_libwolfssl_la-ssl.Tpo -c -o src/src_libwolfssl_la-ssl.lo `test -f 'src/ssl.c' || echo '$(srcdir)/'`src/ssl.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) src/$(DEPDIR)/src_libwolfssl_la-ssl.Tpo src/$(DEPDIR)/src_libwolfssl_la-ssl.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='src/ssl.c' object='src/src_libwolfssl_la-ssl.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -c -o src/src_libwolfssl_la-ssl.lo `test -f 'src/ssl.c' || echo '$(srcdir)/'`src/ssl.c
+
+src/src_libwolfssl_la-tls.lo: src/tls.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -MT src/src_libwolfssl_la-tls.lo -MD -MP -MF src/$(DEPDIR)/src_libwolfssl_la-tls.Tpo -c -o src/src_libwolfssl_la-tls.lo `test -f 'src/tls.c' || echo '$(srcdir)/'`src/tls.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) src/$(DEPDIR)/src_libwolfssl_la-tls.Tpo src/$(DEPDIR)/src_libwolfssl_la-tls.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='src/tls.c' object='src/src_libwolfssl_la-tls.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -c -o src/src_libwolfssl_la-tls.lo `test -f 'src/tls.c' || echo '$(srcdir)/'`src/tls.c
+
+src/src_libwolfssl_la-ocsp.lo: src/ocsp.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -MT src/src_libwolfssl_la-ocsp.lo -MD -MP -MF src/$(DEPDIR)/src_libwolfssl_la-ocsp.Tpo -c -o src/src_libwolfssl_la-ocsp.lo `test -f 'src/ocsp.c' || echo '$(srcdir)/'`src/ocsp.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) src/$(DEPDIR)/src_libwolfssl_la-ocsp.Tpo src/$(DEPDIR)/src_libwolfssl_la-ocsp.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='src/ocsp.c' object='src/src_libwolfssl_la-ocsp.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -c -o src/src_libwolfssl_la-ocsp.lo `test -f 'src/ocsp.c' || echo '$(srcdir)/'`src/ocsp.c
+
+src/src_libwolfssl_la-crl.lo: src/crl.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -MT src/src_libwolfssl_la-crl.lo -MD -MP -MF src/$(DEPDIR)/src_libwolfssl_la-crl.Tpo -c -o src/src_libwolfssl_la-crl.lo `test -f 'src/crl.c' || echo '$(srcdir)/'`src/crl.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) src/$(DEPDIR)/src_libwolfssl_la-crl.Tpo src/$(DEPDIR)/src_libwolfssl_la-crl.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='src/crl.c' object='src/src_libwolfssl_la-crl.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -c -o src/src_libwolfssl_la-crl.lo `test -f 'src/crl.c' || echo '$(srcdir)/'`src/crl.c
+
+src/src_libwolfssl_la-sniffer.lo: src/sniffer.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -MT src/src_libwolfssl_la-sniffer.lo -MD -MP -MF src/$(DEPDIR)/src_libwolfssl_la-sniffer.Tpo -c -o src/src_libwolfssl_la-sniffer.lo `test -f 'src/sniffer.c' || echo '$(srcdir)/'`src/sniffer.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) src/$(DEPDIR)/src_libwolfssl_la-sniffer.Tpo src/$(DEPDIR)/src_libwolfssl_la-sniffer.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='src/sniffer.c' object='src/src_libwolfssl_la-sniffer.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libwolfssl_la_CPPFLAGS) $(CPPFLAGS) $(src_libwolfssl_la_CFLAGS) $(CFLAGS) -c -o src/src_libwolfssl_la-sniffer.lo `test -f 'src/sniffer.c' || echo '$(srcdir)/'`src/sniffer.c
+
+tests/tests_unit_test-unit.o: tests/unit.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_unit_test_CFLAGS) $(CFLAGS) -MT tests/tests_unit_test-unit.o -MD -MP -MF tests/$(DEPDIR)/tests_unit_test-unit.Tpo -c -o tests/tests_unit_test-unit.o `test -f 'tests/unit.c' || echo '$(srcdir)/'`tests/unit.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) tests/$(DEPDIR)/tests_unit_test-unit.Tpo tests/$(DEPDIR)/tests_unit_test-unit.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='tests/unit.c' object='tests/tests_unit_test-unit.o' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_unit_test_CFLAGS) $(CFLAGS) -c -o tests/tests_unit_test-unit.o `test -f 'tests/unit.c' || echo '$(srcdir)/'`tests/unit.c
+
+tests/tests_unit_test-unit.obj: tests/unit.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_unit_test_CFLAGS) $(CFLAGS) -MT tests/tests_unit_test-unit.obj -MD -MP -MF tests/$(DEPDIR)/tests_unit_test-unit.Tpo -c -o tests/tests_unit_test-unit.obj `if test -f 'tests/unit.c'; then $(CYGPATH_W) 'tests/unit.c'; else $(CYGPATH_W) '$(srcdir)/tests/unit.c'; fi`
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) tests/$(DEPDIR)/tests_unit_test-unit.Tpo tests/$(DEPDIR)/tests_unit_test-unit.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='tests/unit.c' object='tests/tests_unit_test-unit.obj' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_unit_test_CFLAGS) $(CFLAGS) -c -o tests/tests_unit_test-unit.obj `if test -f 'tests/unit.c'; then $(CYGPATH_W) 'tests/unit.c'; else $(CYGPATH_W) '$(srcdir)/tests/unit.c'; fi`
+
+tests/tests_unit_test-api.o: tests/api.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_unit_test_CFLAGS) $(CFLAGS) -MT tests/tests_unit_test-api.o -MD -MP -MF tests/$(DEPDIR)/tests_unit_test-api.Tpo -c -o tests/tests_unit_test-api.o `test -f 'tests/api.c' || echo '$(srcdir)/'`tests/api.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) tests/$(DEPDIR)/tests_unit_test-api.Tpo tests/$(DEPDIR)/tests_unit_test-api.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='tests/api.c' object='tests/tests_unit_test-api.o' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_unit_test_CFLAGS) $(CFLAGS) -c -o tests/tests_unit_test-api.o `test -f 'tests/api.c' || echo '$(srcdir)/'`tests/api.c
+
+tests/tests_unit_test-api.obj: tests/api.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_unit_test_CFLAGS) $(CFLAGS) -MT tests/tests_unit_test-api.obj -MD -MP -MF tests/$(DEPDIR)/tests_unit_test-api.Tpo -c -o tests/tests_unit_test-api.obj `if test -f 'tests/api.c'; then $(CYGPATH_W) 'tests/api.c'; else $(CYGPATH_W) '$(srcdir)/tests/api.c'; fi`
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) tests/$(DEPDIR)/tests_unit_test-api.Tpo tests/$(DEPDIR)/tests_unit_test-api.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='tests/api.c' object='tests/tests_unit_test-api.obj' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_unit_test_CFLAGS) $(CFLAGS) -c -o tests/tests_unit_test-api.obj `if test -f 'tests/api.c'; then $(CYGPATH_W) 'tests/api.c'; else $(CYGPATH_W) '$(srcdir)/tests/api.c'; fi`
+
+tests/tests_unit_test-suites.o: tests/suites.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_unit_test_CFLAGS) $(CFLAGS) -MT tests/tests_unit_test-suites.o -MD -MP -MF tests/$(DEPDIR)/tests_unit_test-suites.Tpo -c -o tests/tests_unit_test-suites.o `test -f 'tests/suites.c' || echo '$(srcdir)/'`tests/suites.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) tests/$(DEPDIR)/tests_unit_test-suites.Tpo tests/$(DEPDIR)/tests_unit_test-suites.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='tests/suites.c' object='tests/tests_unit_test-suites.o' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_unit_test_CFLAGS) $(CFLAGS) -c -o tests/tests_unit_test-suites.o `test -f 'tests/suites.c' || echo '$(srcdir)/'`tests/suites.c
+
+tests/tests_unit_test-suites.obj: tests/suites.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_unit_test_CFLAGS) $(CFLAGS) -MT tests/tests_unit_test-suites.obj -MD -MP -MF tests/$(DEPDIR)/tests_unit_test-suites.Tpo -c -o tests/tests_unit_test-suites.obj `if test -f 'tests/suites.c'; then $(CYGPATH_W) 'tests/suites.c'; else $(CYGPATH_W) '$(srcdir)/tests/suites.c'; fi`
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) tests/$(DEPDIR)/tests_unit_test-suites.Tpo tests/$(DEPDIR)/tests_unit_test-suites.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='tests/suites.c' object='tests/tests_unit_test-suites.obj' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_unit_test_CFLAGS) $(CFLAGS) -c -o tests/tests_unit_test-suites.obj `if test -f 'tests/suites.c'; then $(CYGPATH_W) 'tests/suites.c'; else $(CYGPATH_W) '$(srcdir)/tests/suites.c'; fi`
+
+tests/tests_unit_test-hash.o: tests/hash.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_unit_test_CFLAGS) $(CFLAGS) -MT tests/tests_unit_test-hash.o -MD -MP -MF tests/$(DEPDIR)/tests_unit_test-hash.Tpo -c -o tests/tests_unit_test-hash.o `test -f 'tests/hash.c' || echo '$(srcdir)/'`tests/hash.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) tests/$(DEPDIR)/tests_unit_test-hash.Tpo tests/$(DEPDIR)/tests_unit_test-hash.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='tests/hash.c' object='tests/tests_unit_test-hash.o' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_unit_test_CFLAGS) $(CFLAGS) -c -o tests/tests_unit_test-hash.o `test -f 'tests/hash.c' || echo '$(srcdir)/'`tests/hash.c
+
+tests/tests_unit_test-hash.obj: tests/hash.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_unit_test_CFLAGS) $(CFLAGS) -MT tests/tests_unit_test-hash.obj -MD -MP -MF tests/$(DEPDIR)/tests_unit_test-hash.Tpo -c -o tests/tests_unit_test-hash.obj `if test -f 'tests/hash.c'; then $(CYGPATH_W) 'tests/hash.c'; else $(CYGPATH_W) '$(srcdir)/tests/hash.c'; fi`
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) tests/$(DEPDIR)/tests_unit_test-hash.Tpo tests/$(DEPDIR)/tests_unit_test-hash.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='tests/hash.c' object='tests/tests_unit_test-hash.obj' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_unit_test_CFLAGS) $(CFLAGS) -c -o tests/tests_unit_test-hash.obj `if test -f 'tests/hash.c'; then $(CYGPATH_W) 'tests/hash.c'; else $(CYGPATH_W) '$(srcdir)/tests/hash.c'; fi`
+
+examples/client/tests_unit_test-client.o: examples/client/client.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_unit_test_CFLAGS) $(CFLAGS) -MT examples/client/tests_unit_test-client.o -MD -MP -MF examples/client/$(DEPDIR)/tests_unit_test-client.Tpo -c -o examples/client/tests_unit_test-client.o `test -f 'examples/client/client.c' || echo '$(srcdir)/'`examples/client/client.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) examples/client/$(DEPDIR)/tests_unit_test-client.Tpo examples/client/$(DEPDIR)/tests_unit_test-client.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='examples/client/client.c' object='examples/client/tests_unit_test-client.o' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_unit_test_CFLAGS) $(CFLAGS) -c -o examples/client/tests_unit_test-client.o `test -f 'examples/client/client.c' || echo '$(srcdir)/'`examples/client/client.c
+
+examples/client/tests_unit_test-client.obj: examples/client/client.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_unit_test_CFLAGS) $(CFLAGS) -MT examples/client/tests_unit_test-client.obj -MD -MP -MF examples/client/$(DEPDIR)/tests_unit_test-client.Tpo -c -o examples/client/tests_unit_test-client.obj `if test -f 'examples/client/client.c'; then $(CYGPATH_W) 'examples/client/client.c'; else $(CYGPATH_W) '$(srcdir)/examples/client/client.c'; fi`
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) examples/client/$(DEPDIR)/tests_unit_test-client.Tpo examples/client/$(DEPDIR)/tests_unit_test-client.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='examples/client/client.c' object='examples/client/tests_unit_test-client.obj' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_unit_test_CFLAGS) $(CFLAGS) -c -o examples/client/tests_unit_test-client.obj `if test -f 'examples/client/client.c'; then $(CYGPATH_W) 'examples/client/client.c'; else $(CYGPATH_W) '$(srcdir)/examples/client/client.c'; fi`
+
+examples/server/tests_unit_test-server.o: examples/server/server.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_unit_test_CFLAGS) $(CFLAGS) -MT examples/server/tests_unit_test-server.o -MD -MP -MF examples/server/$(DEPDIR)/tests_unit_test-server.Tpo -c -o examples/server/tests_unit_test-server.o `test -f 'examples/server/server.c' || echo '$(srcdir)/'`examples/server/server.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) examples/server/$(DEPDIR)/tests_unit_test-server.Tpo examples/server/$(DEPDIR)/tests_unit_test-server.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='examples/server/server.c' object='examples/server/tests_unit_test-server.o' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_unit_test_CFLAGS) $(CFLAGS) -c -o examples/server/tests_unit_test-server.o `test -f 'examples/server/server.c' || echo '$(srcdir)/'`examples/server/server.c
+
+examples/server/tests_unit_test-server.obj: examples/server/server.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_unit_test_CFLAGS) $(CFLAGS) -MT examples/server/tests_unit_test-server.obj -MD -MP -MF examples/server/$(DEPDIR)/tests_unit_test-server.Tpo -c -o examples/server/tests_unit_test-server.obj `if test -f 'examples/server/server.c'; then $(CYGPATH_W) 'examples/server/server.c'; else $(CYGPATH_W) '$(srcdir)/examples/server/server.c'; fi`
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) examples/server/$(DEPDIR)/tests_unit_test-server.Tpo examples/server/$(DEPDIR)/tests_unit_test-server.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='examples/server/server.c' object='examples/server/tests_unit_test-server.obj' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_unit_test_CFLAGS) $(CFLAGS) -c -o examples/server/tests_unit_test-server.obj `if test -f 'examples/server/server.c'; then $(CYGPATH_W) 'examples/server/server.c'; else $(CYGPATH_W) '$(srcdir)/examples/server/server.c'; fi`
+
+wolfcrypt/test/testsuite_testsuite_test-test.o: wolfcrypt/test/test.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(testsuite_testsuite_test_CFLAGS) $(CFLAGS) -MT wolfcrypt/test/testsuite_testsuite_test-test.o -MD -MP -MF wolfcrypt/test/$(DEPDIR)/testsuite_testsuite_test-test.Tpo -c -o wolfcrypt/test/testsuite_testsuite_test-test.o `test -f 'wolfcrypt/test/test.c' || echo '$(srcdir)/'`wolfcrypt/test/test.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) wolfcrypt/test/$(DEPDIR)/testsuite_testsuite_test-test.Tpo wolfcrypt/test/$(DEPDIR)/testsuite_testsuite_test-test.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='wolfcrypt/test/test.c' object='wolfcrypt/test/testsuite_testsuite_test-test.o' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(testsuite_testsuite_test_CFLAGS) $(CFLAGS) -c -o wolfcrypt/test/testsuite_testsuite_test-test.o `test -f 'wolfcrypt/test/test.c' || echo '$(srcdir)/'`wolfcrypt/test/test.c
+
+wolfcrypt/test/testsuite_testsuite_test-test.obj: wolfcrypt/test/test.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(testsuite_testsuite_test_CFLAGS) $(CFLAGS) -MT wolfcrypt/test/testsuite_testsuite_test-test.obj -MD -MP -MF wolfcrypt/test/$(DEPDIR)/testsuite_testsuite_test-test.Tpo -c -o wolfcrypt/test/testsuite_testsuite_test-test.obj `if test -f 'wolfcrypt/test/test.c'; then $(CYGPATH_W) 'wolfcrypt/test/test.c'; else $(CYGPATH_W) '$(srcdir)/wolfcrypt/test/test.c'; fi`
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) wolfcrypt/test/$(DEPDIR)/testsuite_testsuite_test-test.Tpo wolfcrypt/test/$(DEPDIR)/testsuite_testsuite_test-test.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='wolfcrypt/test/test.c' object='wolfcrypt/test/testsuite_testsuite_test-test.obj' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(testsuite_testsuite_test_CFLAGS) $(CFLAGS) -c -o wolfcrypt/test/testsuite_testsuite_test-test.obj `if test -f 'wolfcrypt/test/test.c'; then $(CYGPATH_W) 'wolfcrypt/test/test.c'; else $(CYGPATH_W) '$(srcdir)/wolfcrypt/test/test.c'; fi`
+
+examples/client/testsuite_testsuite_test-client.o: examples/client/client.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(testsuite_testsuite_test_CFLAGS) $(CFLAGS) -MT examples/client/testsuite_testsuite_test-client.o -MD -MP -MF examples/client/$(DEPDIR)/testsuite_testsuite_test-client.Tpo -c -o examples/client/testsuite_testsuite_test-client.o `test -f 'examples/client/client.c' || echo '$(srcdir)/'`examples/client/client.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) examples/client/$(DEPDIR)/testsuite_testsuite_test-client.Tpo examples/client/$(DEPDIR)/testsuite_testsuite_test-client.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='examples/client/client.c' object='examples/client/testsuite_testsuite_test-client.o' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(testsuite_testsuite_test_CFLAGS) $(CFLAGS) -c -o examples/client/testsuite_testsuite_test-client.o `test -f 'examples/client/client.c' || echo '$(srcdir)/'`examples/client/client.c
+
+examples/client/testsuite_testsuite_test-client.obj: examples/client/client.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(testsuite_testsuite_test_CFLAGS) $(CFLAGS) -MT examples/client/testsuite_testsuite_test-client.obj -MD -MP -MF examples/client/$(DEPDIR)/testsuite_testsuite_test-client.Tpo -c -o examples/client/testsuite_testsuite_test-client.obj `if test -f 'examples/client/client.c'; then $(CYGPATH_W) 'examples/client/client.c'; else $(CYGPATH_W) '$(srcdir)/examples/client/client.c'; fi`
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) examples/client/$(DEPDIR)/testsuite_testsuite_test-client.Tpo examples/client/$(DEPDIR)/testsuite_testsuite_test-client.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='examples/client/client.c' object='examples/client/testsuite_testsuite_test-client.obj' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(testsuite_testsuite_test_CFLAGS) $(CFLAGS) -c -o examples/client/testsuite_testsuite_test-client.obj `if test -f 'examples/client/client.c'; then $(CYGPATH_W) 'examples/client/client.c'; else $(CYGPATH_W) '$(srcdir)/examples/client/client.c'; fi`
+
+examples/echoclient/testsuite_testsuite_test-echoclient.o: examples/echoclient/echoclient.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(testsuite_testsuite_test_CFLAGS) $(CFLAGS) -MT examples/echoclient/testsuite_testsuite_test-echoclient.o -MD -MP -MF examples/echoclient/$(DEPDIR)/testsuite_testsuite_test-echoclient.Tpo -c -o examples/echoclient/testsuite_testsuite_test-echoclient.o `test -f 'examples/echoclient/echoclient.c' || echo '$(srcdir)/'`examples/echoclient/echoclient.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) examples/echoclient/$(DEPDIR)/testsuite_testsuite_test-echoclient.Tpo examples/echoclient/$(DEPDIR)/testsuite_testsuite_test-echoclient.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='examples/echoclient/echoclient.c' object='examples/echoclient/testsuite_testsuite_test-echoclient.o' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(testsuite_testsuite_test_CFLAGS) $(CFLAGS) -c -o examples/echoclient/testsuite_testsuite_test-echoclient.o `test -f 'examples/echoclient/echoclient.c' || echo '$(srcdir)/'`examples/echoclient/echoclient.c
+
+examples/echoclient/testsuite_testsuite_test-echoclient.obj: examples/echoclient/echoclient.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(testsuite_testsuite_test_CFLAGS) $(CFLAGS) -MT examples/echoclient/testsuite_testsuite_test-echoclient.obj -MD -MP -MF examples/echoclient/$(DEPDIR)/testsuite_testsuite_test-echoclient.Tpo -c -o examples/echoclient/testsuite_testsuite_test-echoclient.obj `if test -f 'examples/echoclient/echoclient.c'; then $(CYGPATH_W) 'examples/echoclient/echoclient.c'; else $(CYGPATH_W) '$(srcdir)/examples/echoclient/echoclient.c'; fi`
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) examples/echoclient/$(DEPDIR)/testsuite_testsuite_test-echoclient.Tpo examples/echoclient/$(DEPDIR)/testsuite_testsuite_test-echoclient.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='examples/echoclient/echoclient.c' object='examples/echoclient/testsuite_testsuite_test-echoclient.obj' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(testsuite_testsuite_test_CFLAGS) $(CFLAGS) -c -o examples/echoclient/testsuite_testsuite_test-echoclient.obj `if test -f 'examples/echoclient/echoclient.c'; then $(CYGPATH_W) 'examples/echoclient/echoclient.c'; else $(CYGPATH_W) '$(srcdir)/examples/echoclient/echoclient.c'; fi`
+
+examples/echoserver/testsuite_testsuite_test-echoserver.o: examples/echoserver/echoserver.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(testsuite_testsuite_test_CFLAGS) $(CFLAGS) -MT examples/echoserver/testsuite_testsuite_test-echoserver.o -MD -MP -MF examples/echoserver/$(DEPDIR)/testsuite_testsuite_test-echoserver.Tpo -c -o examples/echoserver/testsuite_testsuite_test-echoserver.o `test -f 'examples/echoserver/echoserver.c' || echo '$(srcdir)/'`examples/echoserver/echoserver.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) examples/echoserver/$(DEPDIR)/testsuite_testsuite_test-echoserver.Tpo examples/echoserver/$(DEPDIR)/testsuite_testsuite_test-echoserver.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='examples/echoserver/echoserver.c' object='examples/echoserver/testsuite_testsuite_test-echoserver.o' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(testsuite_testsuite_test_CFLAGS) $(CFLAGS) -c -o examples/echoserver/testsuite_testsuite_test-echoserver.o `test -f 'examples/echoserver/echoserver.c' || echo '$(srcdir)/'`examples/echoserver/echoserver.c
+
+examples/echoserver/testsuite_testsuite_test-echoserver.obj: examples/echoserver/echoserver.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(testsuite_testsuite_test_CFLAGS) $(CFLAGS) -MT examples/echoserver/testsuite_testsuite_test-echoserver.obj -MD -MP -MF examples/echoserver/$(DEPDIR)/testsuite_testsuite_test-echoserver.Tpo -c -o examples/echoserver/testsuite_testsuite_test-echoserver.obj `if test -f 'examples/echoserver/echoserver.c'; then $(CYGPATH_W) 'examples/echoserver/echoserver.c'; else $(CYGPATH_W) '$(srcdir)/examples/echoserver/echoserver.c'; fi`
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) examples/echoserver/$(DEPDIR)/testsuite_testsuite_test-echoserver.Tpo examples/echoserver/$(DEPDIR)/testsuite_testsuite_test-echoserver.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='examples/echoserver/echoserver.c' object='examples/echoserver/testsuite_testsuite_test-echoserver.obj' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(testsuite_testsuite_test_CFLAGS) $(CFLAGS) -c -o examples/echoserver/testsuite_testsuite_test-echoserver.obj `if test -f 'examples/echoserver/echoserver.c'; then $(CYGPATH_W) 'examples/echoserver/echoserver.c'; else $(CYGPATH_W) '$(srcdir)/examples/echoserver/echoserver.c'; fi`
+
+examples/server/testsuite_testsuite_test-server.o: examples/server/server.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(testsuite_testsuite_test_CFLAGS) $(CFLAGS) -MT examples/server/testsuite_testsuite_test-server.o -MD -MP -MF examples/server/$(DEPDIR)/testsuite_testsuite_test-server.Tpo -c -o examples/server/testsuite_testsuite_test-server.o `test -f 'examples/server/server.c' || echo '$(srcdir)/'`examples/server/server.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) examples/server/$(DEPDIR)/testsuite_testsuite_test-server.Tpo examples/server/$(DEPDIR)/testsuite_testsuite_test-server.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='examples/server/server.c' object='examples/server/testsuite_testsuite_test-server.o' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(testsuite_testsuite_test_CFLAGS) $(CFLAGS) -c -o examples/server/testsuite_testsuite_test-server.o `test -f 'examples/server/server.c' || echo '$(srcdir)/'`examples/server/server.c
+
+examples/server/testsuite_testsuite_test-server.obj: examples/server/server.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(testsuite_testsuite_test_CFLAGS) $(CFLAGS) -MT examples/server/testsuite_testsuite_test-server.obj -MD -MP -MF examples/server/$(DEPDIR)/testsuite_testsuite_test-server.Tpo -c -o examples/server/testsuite_testsuite_test-server.obj `if test -f 'examples/server/server.c'; then $(CYGPATH_W) 'examples/server/server.c'; else $(CYGPATH_W) '$(srcdir)/examples/server/server.c'; fi`
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) examples/server/$(DEPDIR)/testsuite_testsuite_test-server.Tpo examples/server/$(DEPDIR)/testsuite_testsuite_test-server.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='examples/server/server.c' object='examples/server/testsuite_testsuite_test-server.obj' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(testsuite_testsuite_test_CFLAGS) $(CFLAGS) -c -o examples/server/testsuite_testsuite_test-server.obj `if test -f 'examples/server/server.c'; then $(CYGPATH_W) 'examples/server/server.c'; else $(CYGPATH_W) '$(srcdir)/examples/server/server.c'; fi`
+
+testsuite/testsuite_testsuite_test-testsuite.o: testsuite/testsuite.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(testsuite_testsuite_test_CFLAGS) $(CFLAGS) -MT testsuite/testsuite_testsuite_test-testsuite.o -MD -MP -MF testsuite/$(DEPDIR)/testsuite_testsuite_test-testsuite.Tpo -c -o testsuite/testsuite_testsuite_test-testsuite.o `test -f 'testsuite/testsuite.c' || echo '$(srcdir)/'`testsuite/testsuite.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) testsuite/$(DEPDIR)/testsuite_testsuite_test-testsuite.Tpo testsuite/$(DEPDIR)/testsuite_testsuite_test-testsuite.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='testsuite/testsuite.c' object='testsuite/testsuite_testsuite_test-testsuite.o' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(testsuite_testsuite_test_CFLAGS) $(CFLAGS) -c -o testsuite/testsuite_testsuite_test-testsuite.o `test -f 'testsuite/testsuite.c' || echo '$(srcdir)/'`testsuite/testsuite.c
+
+testsuite/testsuite_testsuite_test-testsuite.obj: testsuite/testsuite.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(testsuite_testsuite_test_CFLAGS) $(CFLAGS) -MT testsuite/testsuite_testsuite_test-testsuite.obj -MD -MP -MF testsuite/$(DEPDIR)/testsuite_testsuite_test-testsuite.Tpo -c -o testsuite/testsuite_testsuite_test-testsuite.obj `if test -f 'testsuite/testsuite.c'; then $(CYGPATH_W) 'testsuite/testsuite.c'; else $(CYGPATH_W) '$(srcdir)/testsuite/testsuite.c'; fi`
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) testsuite/$(DEPDIR)/testsuite_testsuite_test-testsuite.Tpo testsuite/$(DEPDIR)/testsuite_testsuite_test-testsuite.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='testsuite/testsuite.c' object='testsuite/testsuite_testsuite_test-testsuite.obj' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(testsuite_testsuite_test_CFLAGS) $(CFLAGS) -c -o testsuite/testsuite_testsuite_test-testsuite.obj `if test -f 'testsuite/testsuite.c'; then $(CYGPATH_W) 'testsuite/testsuite.c'; else $(CYGPATH_W) '$(srcdir)/testsuite/testsuite.c'; fi`
+
+.s.o:
+	$(AM_V_CCAS)$(CCASCOMPILE) -c -o $@ $<
+
+.s.obj:
+	$(AM_V_CCAS)$(CCASCOMPILE) -c -o $@ `$(CYGPATH_W) '$<'`
+
+.s.lo:
+	$(AM_V_CCAS)$(LTCCASCOMPILE) -c -o $@ $<
+
+mostlyclean-libtool:
+	-rm -f *.lo
+
+clean-libtool:
+	-rm -rf .libs _libs
+	-rm -rf ctaocrypt/src/.libs ctaocrypt/src/_libs
+	-rm -rf examples/client/.libs examples/client/_libs
+	-rm -rf examples/echoclient/.libs examples/echoclient/_libs
+	-rm -rf examples/echoserver/.libs examples/echoserver/_libs
+	-rm -rf examples/server/.libs examples/server/_libs
+	-rm -rf mcapi/.libs mcapi/_libs
+	-rm -rf src/.libs src/_libs
+	-rm -rf sslSniffer/sslSnifferTest/.libs sslSniffer/sslSnifferTest/_libs
+	-rm -rf tests/.libs tests/_libs
+	-rm -rf testsuite/.libs testsuite/_libs
+	-rm -rf wolfcrypt/benchmark/.libs wolfcrypt/benchmark/_libs
+	-rm -rf wolfcrypt/src/.libs wolfcrypt/src/_libs
+	-rm -rf wolfcrypt/test/.libs wolfcrypt/test/_libs
+
+distclean-libtool:
+	-rm -f libtool config.lt
+install-dist_docDATA: $(dist_doc_DATA)
+	@$(NORMAL_INSTALL)
+	@list='$(dist_doc_DATA)'; test -n "$(docdir)" || list=; \
+	if test -n "$$list"; then \
+	  echo " $(MKDIR_P) '$(DESTDIR)$(docdir)'"; \
+	  $(MKDIR_P) "$(DESTDIR)$(docdir)" || exit 1; \
+	fi; \
+	for p in $$list; do \
+	  if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \
+	  echo "$$d$$p"; \
+	done | $(am__base_list) | \
+	while read files; do \
+	  echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(docdir)'"; \
+	  $(INSTALL_DATA) $$files "$(DESTDIR)$(docdir)" || exit $$?; \
+	done
+
+uninstall-dist_docDATA:
+	@$(NORMAL_UNINSTALL)
+	@list='$(dist_doc_DATA)'; test -n "$(docdir)" || list=; \
+	files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \
+	dir='$(DESTDIR)$(docdir)'; $(am__uninstall_files_from_dir)
+install-dist_exampleDATA: $(dist_example_DATA)
+	@$(NORMAL_INSTALL)
+	@list='$(dist_example_DATA)'; test -n "$(exampledir)" || list=; \
+	if test -n "$$list"; then \
+	  echo " $(MKDIR_P) '$(DESTDIR)$(exampledir)'"; \
+	  $(MKDIR_P) "$(DESTDIR)$(exampledir)" || exit 1; \
+	fi; \
+	for p in $$list; do \
+	  if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \
+	  echo "$$d$$p"; \
+	done | $(am__base_list) | \
+	while read files; do \
+	  echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(exampledir)'"; \
+	  $(INSTALL_DATA) $$files "$(DESTDIR)$(exampledir)" || exit $$?; \
+	done
+
+uninstall-dist_exampleDATA:
+	@$(NORMAL_UNINSTALL)
+	@list='$(dist_example_DATA)'; test -n "$(exampledir)" || list=; \
+	files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \
+	dir='$(DESTDIR)$(exampledir)'; $(am__uninstall_files_from_dir)
+install-pkgconfigDATA: $(pkgconfig_DATA)
+	@$(NORMAL_INSTALL)
+	@list='$(pkgconfig_DATA)'; test -n "$(pkgconfigdir)" || list=; \
+	if test -n "$$list"; then \
+	  echo " $(MKDIR_P) '$(DESTDIR)$(pkgconfigdir)'"; \
+	  $(MKDIR_P) "$(DESTDIR)$(pkgconfigdir)" || exit 1; \
+	fi; \
+	for p in $$list; do \
+	  if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \
+	  echo "$$d$$p"; \
+	done | $(am__base_list) | \
+	while read files; do \
+	  echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(pkgconfigdir)'"; \
+	  $(INSTALL_DATA) $$files "$(DESTDIR)$(pkgconfigdir)" || exit $$?; \
+	done
+
+uninstall-pkgconfigDATA:
+	@$(NORMAL_UNINSTALL)
+	@list='$(pkgconfig_DATA)'; test -n "$(pkgconfigdir)" || list=; \
+	files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \
+	dir='$(DESTDIR)$(pkgconfigdir)'; $(am__uninstall_files_from_dir)
+install-includeHEADERS: $(include_HEADERS)
+	@$(NORMAL_INSTALL)
+	@list='$(include_HEADERS)'; test -n "$(includedir)" || list=; \
+	if test -n "$$list"; then \
+	  echo " $(MKDIR_P) '$(DESTDIR)$(includedir)'"; \
+	  $(MKDIR_P) "$(DESTDIR)$(includedir)" || exit 1; \
+	fi; \
+	for p in $$list; do \
+	  if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \
+	  echo "$$d$$p"; \
+	done | $(am__base_list) | \
+	while read files; do \
+	  echo " $(INSTALL_HEADER) $$files '$(DESTDIR)$(includedir)'"; \
+	  $(INSTALL_HEADER) $$files "$(DESTDIR)$(includedir)" || exit $$?; \
+	done
+
+uninstall-includeHEADERS:
+	@$(NORMAL_UNINSTALL)
+	@list='$(include_HEADERS)'; test -n "$(includedir)" || list=; \
+	files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \
+	dir='$(DESTDIR)$(includedir)'; $(am__uninstall_files_from_dir)
+install-nobase_includeHEADERS: $(nobase_include_HEADERS)
+	@$(NORMAL_INSTALL)
+	@list='$(nobase_include_HEADERS)'; test -n "$(includedir)" || list=; \
+	if test -n "$$list"; then \
+	  echo " $(MKDIR_P) '$(DESTDIR)$(includedir)'"; \
+	  $(MKDIR_P) "$(DESTDIR)$(includedir)" || exit 1; \
+	fi; \
+	$(am__nobase_list) | while read dir files; do \
+	  xfiles=; for file in $$files; do \
+	    if test -f "$$file"; then xfiles="$$xfiles $$file"; \
+	    else xfiles="$$xfiles $(srcdir)/$$file"; fi; done; \
+	  test -z "$$xfiles" || { \
+	    test "x$$dir" = x. || { \
+	      echo " $(MKDIR_P) '$(DESTDIR)$(includedir)/$$dir'"; \
+	      $(MKDIR_P) "$(DESTDIR)$(includedir)/$$dir"; }; \
+	    echo " $(INSTALL_HEADER) $$xfiles '$(DESTDIR)$(includedir)/$$dir'"; \
+	    $(INSTALL_HEADER) $$xfiles "$(DESTDIR)$(includedir)/$$dir" || exit $$?; }; \
+	done
+
+uninstall-nobase_includeHEADERS:
+	@$(NORMAL_UNINSTALL)
+	@list='$(nobase_include_HEADERS)'; test -n "$(includedir)" || list=; \
+	$(am__nobase_strip_setup); files=`$(am__nobase_strip)`; \
+	dir='$(DESTDIR)$(includedir)'; $(am__uninstall_files_from_dir)
+
+ID: $(am__tagged_files)
+	$(am__define_uniq_tagged_files); mkid -fID $$unique
+tags: tags-am
+TAGS: tags
+
+tags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
+	set x; \
+	here=`pwd`; \
+	$(am__define_uniq_tagged_files); \
+	shift; \
+	if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \
+	  test -n "$$unique" || unique=$$empty_fix; \
+	  if test $$# -gt 0; then \
+	    $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+	      "$$@" $$unique; \
+	  else \
+	    $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+	      $$unique; \
+	  fi; \
+	fi
+ctags: ctags-am
+
+CTAGS: ctags
+ctags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
+	$(am__define_uniq_tagged_files); \
+	test -z "$(CTAGS_ARGS)$$unique" \
+	  || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+	     $$unique
+
+GTAGS:
+	here=`$(am__cd) $(top_builddir) && pwd` \
+	  && $(am__cd) $(top_srcdir) \
+	  && gtags -i $(GTAGS_ARGS) "$$here"
+cscope: cscope.files
+	test ! -s cscope.files \
+	  || $(CSCOPE) -b -q $(AM_CSCOPEFLAGS) $(CSCOPEFLAGS) -i cscope.files $(CSCOPE_ARGS)
+clean-cscope:
+	-rm -f cscope.files
+cscope.files: clean-cscope cscopelist
+cscopelist: cscopelist-am
+
+cscopelist-am: $(am__tagged_files)
+	list='$(am__tagged_files)'; \
+	case "$(srcdir)" in \
+	  [\\/]* | ?:[\\/]*) sdir="$(srcdir)" ;; \
+	  *) sdir=$(subdir)/$(srcdir) ;; \
+	esac; \
+	for i in $$list; do \
+	  if test -f "$$i"; then \
+	    echo "$(subdir)/$$i"; \
+	  else \
+	    echo "$$sdir/$$i"; \
+	  fi; \
+	done >> $(top_builddir)/cscope.files
+
+distclean-tags:
+	-rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+	-rm -f cscope.out cscope.in.out cscope.po.out cscope.files
+
+# Recover from deleted '.trs' file; this should ensure that
+# "rm -f foo.log; make foo.trs" re-run 'foo.test', and re-create
+# both 'foo.log' and 'foo.trs'.  Break the recipe in two subshells
+# to avoid problems with "make -n".
+.log.trs:
+	rm -f $< $@
+	$(MAKE) $(AM_MAKEFLAGS) $<
+
+# Leading 'am--fnord' is there to ensure the list of targets does not
+# expand to empty, as could happen e.g. with make check TESTS=''.
+am--fnord $(TEST_LOGS) $(TEST_LOGS:.log=.trs): $(am__force_recheck)
+am--force-recheck:
+	@:
+
+$(TEST_SUITE_LOG): $(TEST_LOGS)
+	@$(am__set_TESTS_bases); \
+	am__f_ok () { test -f "$$1" && test -r "$$1"; }; \
+	redo_bases=`for i in $$bases; do \
+	              am__f_ok $$i.trs && am__f_ok $$i.log || echo $$i; \
+	            done`; \
+	if test -n "$$redo_bases"; then \
+	  redo_logs=`for i in $$redo_bases; do echo $$i.log; done`; \
+	  redo_results=`for i in $$redo_bases; do echo $$i.trs; done`; \
+	  if $(am__make_dryrun); then :; else \
+	    rm -f $$redo_logs && rm -f $$redo_results || exit 1; \
+	  fi; \
+	fi; \
+	if test -n "$$am__remaking_logs"; then \
+	  echo "fatal: making $(TEST_SUITE_LOG): possible infinite" \
+	       "recursion detected" >&2; \
+	else \
+	  am__remaking_logs=yes $(MAKE) $(AM_MAKEFLAGS) $$redo_logs; \
+	fi; \
+	if $(am__make_dryrun); then :; else \
+	  st=0;  \
+	  errmsg="fatal: making $(TEST_SUITE_LOG): failed to create"; \
+	  for i in $$redo_bases; do \
+	    test -f $$i.trs && test -r $$i.trs \
+	      || { echo "$$errmsg $$i.trs" >&2; st=1; }; \
+	    test -f $$i.log && test -r $$i.log \
+	      || { echo "$$errmsg $$i.log" >&2; st=1; }; \
+	  done; \
+	  test $$st -eq 0 || exit 1; \
+	fi
+	@$(am__sh_e_setup); $(am__tty_colors); $(am__set_TESTS_bases); \
+	ws='[ 	]'; \
+	results=`for b in $$bases; do echo $$b.trs; done`; \
+	test -n "$$results" || results=/dev/null; \
+	all=`  grep "^$$ws*:test-result:"           $$results | wc -l`; \
+	pass=` grep "^$$ws*:test-result:$$ws*PASS"  $$results | wc -l`; \
+	fail=` grep "^$$ws*:test-result:$$ws*FAIL"  $$results | wc -l`; \
+	skip=` grep "^$$ws*:test-result:$$ws*SKIP"  $$results | wc -l`; \
+	xfail=`grep "^$$ws*:test-result:$$ws*XFAIL" $$results | wc -l`; \
+	xpass=`grep "^$$ws*:test-result:$$ws*XPASS" $$results | wc -l`; \
+	error=`grep "^$$ws*:test-result:$$ws*ERROR" $$results | wc -l`; \
+	if test `expr $$fail + $$xpass + $$error` -eq 0; then \
+	  success=true; \
+	else \
+	  success=false; \
+	fi; \
+	br='==================='; br=$$br$$br$$br$$br; \
+	result_count () \
+	{ \
+	    if test x"$$1" = x"--maybe-color"; then \
+	      maybe_colorize=yes; \
+	    elif test x"$$1" = x"--no-color"; then \
+	      maybe_colorize=no; \
+	    else \
+	      echo "$@: invalid 'result_count' usage" >&2; exit 4; \
+	    fi; \
+	    shift; \
+	    desc=$$1 count=$$2; \
+	    if test $$maybe_colorize = yes && test $$count -gt 0; then \
+	      color_start=$$3 color_end=$$std; \
+	    else \
+	      color_start= color_end=; \
+	    fi; \
+	    echo "$${color_start}# $$desc $$count$${color_end}"; \
+	}; \
+	create_testsuite_report () \
+	{ \
+	  result_count $$1 "TOTAL:" $$all   "$$brg"; \
+	  result_count $$1 "PASS: " $$pass  "$$grn"; \
+	  result_count $$1 "SKIP: " $$skip  "$$blu"; \
+	  result_count $$1 "XFAIL:" $$xfail "$$lgn"; \
+	  result_count $$1 "FAIL: " $$fail  "$$red"; \
+	  result_count $$1 "XPASS:" $$xpass "$$red"; \
+	  result_count $$1 "ERROR:" $$error "$$mgn"; \
+	}; \
+	{								\
+	  echo "$(PACKAGE_STRING): $(subdir)/$(TEST_SUITE_LOG)" |	\
+	    $(am__rst_title);						\
+	  create_testsuite_report --no-color;				\
+	  echo;								\
+	  echo ".. contents:: :depth: 2";				\
+	  echo;								\
+	  for b in $$bases; do echo $$b; done				\
+	    | $(am__create_global_log);					\
+	} >$(TEST_SUITE_LOG).tmp || exit 1;				\
+	mv $(TEST_SUITE_LOG).tmp $(TEST_SUITE_LOG);			\
+	if $$success; then						\
+	  col="$$grn";							\
+	 else								\
+	  col="$$red";							\
+	  test x"$$VERBOSE" = x || cat $(TEST_SUITE_LOG);		\
+	fi;								\
+	echo "$${col}$$br$${std}"; 					\
+	echo "$${col}Testsuite summary for $(PACKAGE_STRING)$${std}";	\
+	echo "$${col}$$br$${std}"; 					\
+	create_testsuite_report --maybe-color;				\
+	echo "$$col$$br$$std";						\
+	if $$success; then :; else					\
+	  echo "$${col}See $(subdir)/$(TEST_SUITE_LOG)$${std}";		\
+	  if test -n "$(PACKAGE_BUGREPORT)"; then			\
+	    echo "$${col}Please report to $(PACKAGE_BUGREPORT)$${std}";	\
+	  fi;								\
+	  echo "$$col$$br$$std";					\
+	fi;								\
+	$$success || exit 1
+
+check-TESTS:
+	@list='$(RECHECK_LOGS)';           test -z "$$list" || rm -f $$list
+	@list='$(RECHECK_LOGS:.log=.trs)'; test -z "$$list" || rm -f $$list
+	@test -z "$(TEST_SUITE_LOG)" || rm -f $(TEST_SUITE_LOG)
+	@set +e; $(am__set_TESTS_bases); \
+	log_list=`for i in $$bases; do echo $$i.log; done`; \
+	trs_list=`for i in $$bases; do echo $$i.trs; done`; \
+	log_list=`echo $$log_list`; trs_list=`echo $$trs_list`; \
+	$(MAKE) $(AM_MAKEFLAGS) $(TEST_SUITE_LOG) TEST_LOGS="$$log_list"; \
+	exit $$?;
+recheck: all $(check_PROGRAMS)
+	@test -z "$(TEST_SUITE_LOG)" || rm -f $(TEST_SUITE_LOG)
+	@set +e; $(am__set_TESTS_bases); \
+	bases=`for i in $$bases; do echo $$i; done \
+	         | $(am__list_recheck_tests)` || exit 1; \
+	log_list=`for i in $$bases; do echo $$i.log; done`; \
+	log_list=`echo $$log_list`; \
+	$(MAKE) $(AM_MAKEFLAGS) $(TEST_SUITE_LOG) \
+	        am__force_recheck=am--force-recheck \
+	        TEST_LOGS="$$log_list"; \
+	exit $$?
+mcapi/test.log: mcapi/test$(EXEEXT)
+	@p='mcapi/test$(EXEEXT)'; \
+	b='mcapi/test'; \
+	$(am__check_pre) $(LOG_DRIVER) --test-name "$$f" \
+	--log-file $$b.log --trs-file $$b.trs \
+	$(am__common_driver_flags) $(AM_LOG_DRIVER_FLAGS) $(LOG_DRIVER_FLAGS) -- $(LOG_COMPILE) \
+	"$$tst" $(AM_TESTS_FD_REDIRECT)
+.test.log:
+	@p='$<'; \
+	$(am__set_b); \
+	$(am__check_pre) $(TEST_LOG_DRIVER) --test-name "$$f" \
+	--log-file $$b.log --trs-file $$b.trs \
+	$(am__common_driver_flags) $(AM_TEST_LOG_DRIVER_FLAGS) $(TEST_LOG_DRIVER_FLAGS) -- $(TEST_LOG_COMPILE) \
+	"$$tst" $(AM_TESTS_FD_REDIRECT)
+@am__EXEEXT_TRUE@.test$(EXEEXT).log:
+@am__EXEEXT_TRUE@	@p='$<'; \
+@am__EXEEXT_TRUE@	$(am__set_b); \
+@am__EXEEXT_TRUE@	$(am__check_pre) $(TEST_LOG_DRIVER) --test-name "$$f" \
+@am__EXEEXT_TRUE@	--log-file $$b.log --trs-file $$b.trs \
+@am__EXEEXT_TRUE@	$(am__common_driver_flags) $(AM_TEST_LOG_DRIVER_FLAGS) $(TEST_LOG_DRIVER_FLAGS) -- $(TEST_LOG_COMPILE) \
+@am__EXEEXT_TRUE@	"$$tst" $(AM_TESTS_FD_REDIRECT)
+
+distdir: $(DISTFILES)
+	$(am__remove_distdir)
+	test -d "$(distdir)" || mkdir "$(distdir)"
+	@srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+	topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+	list='$(DISTFILES)'; \
+	  dist_files=`for file in $$list; do echo $$file; done | \
+	  sed -e "s|^$$srcdirstrip/||;t" \
+	      -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+	case $$dist_files in \
+	  */*) $(MKDIR_P) `echo "$$dist_files" | \
+			   sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+			   sort -u` ;; \
+	esac; \
+	for file in $$dist_files; do \
+	  if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+	  if test -d $$d/$$file; then \
+	    dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+	    if test -d "$(distdir)/$$file"; then \
+	      find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+	    fi; \
+	    if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+	      cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \
+	      find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+	    fi; \
+	    cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \
+	  else \
+	    test -f "$(distdir)/$$file" \
+	    || cp -p $$d/$$file "$(distdir)/$$file" \
+	    || exit 1; \
+	  fi; \
+	done
+	-test -n "$(am__skip_mode_fix)" \
+	|| find "$(distdir)" -type d ! -perm -755 \
+		-exec chmod u+rwx,go+rx {} \; -o \
+	  ! -type d ! -perm -444 -links 1 -exec chmod a+r {} \; -o \
+	  ! -type d ! -perm -400 -exec chmod a+r {} \; -o \
+	  ! -type d ! -perm -444 -exec $(install_sh) -c -m a+r {} {} \; \
+	|| chmod -R a+r "$(distdir)"
+dist-gzip: distdir
+	tardir=$(distdir) && $(am__tar) | GZIP=$(GZIP_ENV) gzip -c >$(distdir).tar.gz
+	$(am__post_remove_distdir)
+
+dist-bzip2: distdir
+	tardir=$(distdir) && $(am__tar) | BZIP2=$${BZIP2--9} bzip2 -c >$(distdir).tar.bz2
+	$(am__post_remove_distdir)
+
+dist-lzip: distdir
+	tardir=$(distdir) && $(am__tar) | lzip -c $${LZIP_OPT--9} >$(distdir).tar.lz
+	$(am__post_remove_distdir)
+
+dist-xz: distdir
+	tardir=$(distdir) && $(am__tar) | XZ_OPT=$${XZ_OPT--e} xz -c >$(distdir).tar.xz
+	$(am__post_remove_distdir)
+
+dist-tarZ: distdir
+	@echo WARNING: "Support for shar distribution archives is" \
+	               "deprecated." >&2
+	@echo WARNING: "It will be removed altogether in Automake 2.0" >&2
+	tardir=$(distdir) && $(am__tar) | compress -c >$(distdir).tar.Z
+	$(am__post_remove_distdir)
+
+dist-shar: distdir
+	@echo WARNING: "Support for distribution archives compressed with" \
+		       "legacy program 'compress' is deprecated." >&2
+	@echo WARNING: "It will be removed altogether in Automake 2.0" >&2
+	shar $(distdir) | GZIP=$(GZIP_ENV) gzip -c >$(distdir).shar.gz
+	$(am__post_remove_distdir)
+
+dist-zip: distdir
+	-rm -f $(distdir).zip
+	zip -rq $(distdir).zip $(distdir)
+	$(am__post_remove_distdir)
+
+dist dist-all:
+	$(MAKE) $(AM_MAKEFLAGS) $(DIST_TARGETS) am__post_remove_distdir='@:'
+	$(am__post_remove_distdir)
+
+# This target untars the dist file and tries a VPATH configuration.  Then
+# it guarantees that the distribution is self-contained by making another
+# tarfile.
+distcheck: dist
+	case '$(DIST_ARCHIVES)' in \
+	*.tar.gz*) \
+	  GZIP=$(GZIP_ENV) gzip -dc $(distdir).tar.gz | $(am__untar) ;;\
+	*.tar.bz2*) \
+	  bzip2 -dc $(distdir).tar.bz2 | $(am__untar) ;;\
+	*.tar.lz*) \
+	  lzip -dc $(distdir).tar.lz | $(am__untar) ;;\
+	*.tar.xz*) \
+	  xz -dc $(distdir).tar.xz | $(am__untar) ;;\
+	*.tar.Z*) \
+	  uncompress -c $(distdir).tar.Z | $(am__untar) ;;\
+	*.shar.gz*) \
+	  GZIP=$(GZIP_ENV) gzip -dc $(distdir).shar.gz | unshar ;;\
+	*.zip*) \
+	  unzip $(distdir).zip ;;\
+	esac
+	chmod -R a-w $(distdir)
+	chmod u+w $(distdir)
+	mkdir $(distdir)/_build $(distdir)/_inst
+	chmod a-w $(distdir)
+	test -d $(distdir)/_build || exit 0; \
+	dc_install_base=`$(am__cd) $(distdir)/_inst && pwd | sed -e 's,^[^:\\/]:[\\/],/,'` \
+	  && dc_destdir="$${TMPDIR-/tmp}/am-dc-$$$$/" \
+	  && am__cwd=`pwd` \
+	  && $(am__cd) $(distdir)/_build \
+	  && ../configure \
+	    $(AM_DISTCHECK_CONFIGURE_FLAGS) \
+	    $(DISTCHECK_CONFIGURE_FLAGS) \
+	    --srcdir=.. --prefix="$$dc_install_base" \
+	  && $(MAKE) $(AM_MAKEFLAGS) \
+	  && $(MAKE) $(AM_MAKEFLAGS) dvi \
+	  && $(MAKE) $(AM_MAKEFLAGS) check \
+	  && $(MAKE) $(AM_MAKEFLAGS) install \
+	  && $(MAKE) $(AM_MAKEFLAGS) installcheck \
+	  && $(MAKE) $(AM_MAKEFLAGS) uninstall \
+	  && $(MAKE) $(AM_MAKEFLAGS) distuninstallcheck_dir="$$dc_install_base" \
+	        distuninstallcheck \
+	  && chmod -R a-w "$$dc_install_base" \
+	  && ({ \
+	       (cd ../.. && umask 077 && mkdir "$$dc_destdir") \
+	       && $(MAKE) $(AM_MAKEFLAGS) DESTDIR="$$dc_destdir" install \
+	       && $(MAKE) $(AM_MAKEFLAGS) DESTDIR="$$dc_destdir" uninstall \
+	       && $(MAKE) $(AM_MAKEFLAGS) DESTDIR="$$dc_destdir" \
+	            distuninstallcheck_dir="$$dc_destdir" distuninstallcheck; \
+	      } || { rm -rf "$$dc_destdir"; exit 1; }) \
+	  && rm -rf "$$dc_destdir" \
+	  && $(MAKE) $(AM_MAKEFLAGS) dist \
+	  && rm -rf $(DIST_ARCHIVES) \
+	  && $(MAKE) $(AM_MAKEFLAGS) distcleancheck \
+	  && cd "$$am__cwd" \
+	  || exit 1
+	$(am__post_remove_distdir)
+	@(echo "$(distdir) archives ready for distribution: "; \
+	  list='$(DIST_ARCHIVES)'; for i in $$list; do echo $$i; done) | \
+	  sed -e 1h -e 1s/./=/g -e 1p -e 1x -e '$$p' -e '$$x'
+distuninstallcheck:
+	@test -n '$(distuninstallcheck_dir)' || { \
+	  echo 'ERROR: trying to run $@ with an empty' \
+	       '$$(distuninstallcheck_dir)' >&2; \
+	  exit 1; \
+	}; \
+	$(am__cd) '$(distuninstallcheck_dir)' || { \
+	  echo 'ERROR: cannot chdir into $(distuninstallcheck_dir)' >&2; \
+	  exit 1; \
+	}; \
+	test `$(am__distuninstallcheck_listfiles) | wc -l` -eq 0 \
+	   || { echo "ERROR: files left after uninstall:" ; \
+	        if test -n "$(DESTDIR)"; then \
+	          echo "  (check DESTDIR support)"; \
+	        fi ; \
+	        $(distuninstallcheck_listfiles) ; \
+	        exit 1; } >&2
+distcleancheck: distclean
+	@if test '$(srcdir)' = . ; then \
+	  echo "ERROR: distcleancheck can only run from a VPATH build" ; \
+	  exit 1 ; \
+	fi
+	@test `$(distcleancheck_listfiles) | wc -l` -eq 0 \
+	  || { echo "ERROR: files left in build directory after distclean:" ; \
+	       $(distcleancheck_listfiles) ; \
+	       exit 1; } >&2
+check-am: all-am
+	$(MAKE) $(AM_MAKEFLAGS) $(check_PROGRAMS)
+	$(MAKE) $(AM_MAKEFLAGS) check-TESTS
+check: $(BUILT_SOURCES)
+	$(MAKE) $(AM_MAKEFLAGS) check-am
+all-am: Makefile $(LTLIBRARIES) $(PROGRAMS) $(DATA) $(HEADERS) \
+		config.h
+install-binPROGRAMS: install-libLTLIBRARIES
+
+installdirs:
+	for dir in "$(DESTDIR)$(libdir)" "$(DESTDIR)$(bindir)" "$(DESTDIR)$(docdir)" "$(DESTDIR)$(exampledir)" "$(DESTDIR)$(pkgconfigdir)" "$(DESTDIR)$(includedir)" "$(DESTDIR)$(includedir)"; do \
+	  test -z "$$dir" || $(MKDIR_P) "$$dir"; \
+	done
+install: $(BUILT_SOURCES)
+	$(MAKE) $(AM_MAKEFLAGS) install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+	@$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+	if test -z '$(STRIP)'; then \
+	  $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+	    install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+	      install; \
+	else \
+	  $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+	    install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+	    "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+	fi
+mostlyclean-generic:
+	-test -z "$(TEST_LOGS)" || rm -f $(TEST_LOGS)
+	-test -z "$(TEST_LOGS:.log=.trs)" || rm -f $(TEST_LOGS:.log=.trs)
+	-test -z "$(TEST_SUITE_LOG)" || rm -f $(TEST_SUITE_LOG)
+
+clean-generic:
+	-test -z "$(CLEANFILES)" || rm -f $(CLEANFILES)
+
+distclean-generic:
+	-test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+	-test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES)
+	-rm -f ctaocrypt/src/$(DEPDIR)/$(am__dirstamp)
+	-rm -f ctaocrypt/src/$(am__dirstamp)
+	-rm -f examples/client/$(DEPDIR)/$(am__dirstamp)
+	-rm -f examples/client/$(am__dirstamp)
+	-rm -f examples/echoclient/$(DEPDIR)/$(am__dirstamp)
+	-rm -f examples/echoclient/$(am__dirstamp)
+	-rm -f examples/echoserver/$(DEPDIR)/$(am__dirstamp)
+	-rm -f examples/echoserver/$(am__dirstamp)
+	-rm -f examples/server/$(DEPDIR)/$(am__dirstamp)
+	-rm -f examples/server/$(am__dirstamp)
+	-rm -f mcapi/$(DEPDIR)/$(am__dirstamp)
+	-rm -f mcapi/$(am__dirstamp)
+	-rm -f src/$(DEPDIR)/$(am__dirstamp)
+	-rm -f src/$(am__dirstamp)
+	-rm -f sslSniffer/sslSnifferTest/$(DEPDIR)/$(am__dirstamp)
+	-rm -f sslSniffer/sslSnifferTest/$(am__dirstamp)
+	-rm -f tests/$(DEPDIR)/$(am__dirstamp)
+	-rm -f tests/$(am__dirstamp)
+	-rm -f testsuite/$(DEPDIR)/$(am__dirstamp)
+	-rm -f testsuite/$(am__dirstamp)
+	-rm -f wolfcrypt/benchmark/$(DEPDIR)/$(am__dirstamp)
+	-rm -f wolfcrypt/benchmark/$(am__dirstamp)
+	-rm -f wolfcrypt/src/$(DEPDIR)/$(am__dirstamp)
+	-rm -f wolfcrypt/src/$(am__dirstamp)
+	-rm -f wolfcrypt/test/$(DEPDIR)/$(am__dirstamp)
+	-rm -f wolfcrypt/test/$(am__dirstamp)
+	-test -z "$(DISTCLEANFILES)" || rm -f $(DISTCLEANFILES)
+
+maintainer-clean-generic:
+	@echo "This command is intended for maintainers to use"
+	@echo "it deletes files that may require special tools to rebuild."
+	-test -z "$(BUILT_SOURCES)" || rm -f $(BUILT_SOURCES)
+clean: clean-am
+
+clean-am: clean-binPROGRAMS clean-checkPROGRAMS clean-generic \
+	clean-libLTLIBRARIES clean-libtool clean-noinstLTLIBRARIES \
+	clean-noinstPROGRAMS mostlyclean-am
+
+distclean: distclean-am
+	-rm -f $(am__CONFIG_DISTCLEAN_FILES)
+	-rm -rf ctaocrypt/src/$(DEPDIR) examples/client/$(DEPDIR) examples/echoclient/$(DEPDIR) examples/echoserver/$(DEPDIR) examples/server/$(DEPDIR) mcapi/$(DEPDIR) src/$(DEPDIR) sslSniffer/sslSnifferTest/$(DEPDIR) tests/$(DEPDIR) testsuite/$(DEPDIR) wolfcrypt/benchmark/$(DEPDIR) wolfcrypt/src/$(DEPDIR) wolfcrypt/test/$(DEPDIR)
+	-rm -f Makefile
+distclean-am: clean-am distclean-compile distclean-generic \
+	distclean-hdr distclean-libtool distclean-tags
+
+dvi: dvi-am
+
+dvi-am:
+
+html: html-am
+
+html-am:
+
+info: info-am
+
+info-am:
+
+install-data-am: install-dist_docDATA install-dist_exampleDATA \
+	install-includeHEADERS install-nobase_includeHEADERS \
+	install-pkgconfigDATA
+
+install-dvi: install-dvi-am
+
+install-dvi-am:
+
+install-exec-am: install-binPROGRAMS install-exec-local \
+	install-libLTLIBRARIES
+
+install-html: install-html-am
+
+install-html-am:
+
+install-info: install-info-am
+
+install-info-am:
+
+install-man:
+
+install-pdf: install-pdf-am
+
+install-pdf-am:
+
+install-ps: install-ps-am
+
+install-ps-am:
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+	-rm -f $(am__CONFIG_DISTCLEAN_FILES)
+	-rm -rf $(top_srcdir)/autom4te.cache
+	-rm -rf ctaocrypt/src/$(DEPDIR) examples/client/$(DEPDIR) examples/echoclient/$(DEPDIR) examples/echoserver/$(DEPDIR) examples/server/$(DEPDIR) mcapi/$(DEPDIR) src/$(DEPDIR) sslSniffer/sslSnifferTest/$(DEPDIR) tests/$(DEPDIR) testsuite/$(DEPDIR) wolfcrypt/benchmark/$(DEPDIR) wolfcrypt/src/$(DEPDIR) wolfcrypt/test/$(DEPDIR)
+	-rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic \
+	maintainer-clean-local
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-compile mostlyclean-generic \
+	mostlyclean-libtool
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+uninstall-am: uninstall-binPROGRAMS uninstall-dist_docDATA \
+	uninstall-dist_exampleDATA uninstall-includeHEADERS \
+	uninstall-libLTLIBRARIES uninstall-local \
+	uninstall-nobase_includeHEADERS uninstall-pkgconfigDATA
+
+.MAKE: all check check-am install install-am install-strip
+
+.PHONY: CTAGS GTAGS TAGS all all-am am--refresh check check-TESTS \
+	check-am clean clean-binPROGRAMS clean-checkPROGRAMS \
+	clean-cscope clean-generic clean-libLTLIBRARIES clean-libtool \
+	clean-noinstLTLIBRARIES clean-noinstPROGRAMS cscope \
+	cscopelist-am ctags ctags-am dist dist-all dist-bzip2 \
+	dist-gzip dist-lzip dist-shar dist-tarZ dist-xz dist-zip \
+	distcheck distclean distclean-compile distclean-generic \
+	distclean-hdr distclean-libtool distclean-tags distcleancheck \
+	distdir distuninstallcheck dvi dvi-am html html-am info \
+	info-am install install-am install-binPROGRAMS install-data \
+	install-data-am install-dist_docDATA install-dist_exampleDATA \
+	install-dvi install-dvi-am install-exec install-exec-am \
+	install-exec-local install-html install-html-am \
+	install-includeHEADERS install-info install-info-am \
+	install-libLTLIBRARIES install-man \
+	install-nobase_includeHEADERS install-pdf install-pdf-am \
+	install-pkgconfigDATA install-ps install-ps-am install-strip \
+	installcheck installcheck-am installdirs maintainer-clean \
+	maintainer-clean-generic maintainer-clean-local mostlyclean \
+	mostlyclean-compile mostlyclean-generic mostlyclean-libtool \
+	pdf pdf-am ps ps-am recheck tags tags-am uninstall \
+	uninstall-am uninstall-binPROGRAMS uninstall-dist_docDATA \
+	uninstall-dist_exampleDATA uninstall-includeHEADERS \
+	uninstall-libLTLIBRARIES uninstall-local \
+	uninstall-nobase_includeHEADERS uninstall-pkgconfigDATA
+
+
+#includes additional rules from aminclude.am
+@INC_AMINCLUDE@
+
+rpm-build: rpm/spec dist
+	@rm -f *.rpm
+	@rm -f ~/rpmbuild/RPMS/x86_64/$(PACKAGE)-$(VERSION)*.rpm
+	@rm -f ~/rpmbuild/SRPMS/$(PACKAGE)-$(VERSION)*.rpm
+	@mkdir -p ~/rpmbuild/BUILD/
+	@mkdir -p ~/rpmbuild/RPMS/i386/
+	@mkdir -p ~/rpmbuild/RPMS/i686/
+	@mkdir -p ~/rpmbuild/RPMS/noarch/
+	@mkdir -p ~/rpmbuild/RPMS/x86_64/
+	@mkdir -p ~/rpmbuild/SOURCES/
+	@mkdir -p ~/rpmbuild/SPECS/
+	@mkdir -p ~/rpmbuild/SRPMS/
+	@cp $(PACKAGE)-$(VERSION).tar.gz ~/rpmbuild/SOURCES/
+	@rpmbuild -ba --clean rpm/spec
+	@cp ~/rpmbuild/RPMS/x86_64/$(PACKAGE)-$(VERSION)*.rpm .
+	@cp ~/rpmbuild/RPMS/x86_64/$(PACKAGE)-devel-$(VERSION)*.rpm .
+	@cp ~/rpmbuild/RPMS/x86_64/$(PACKAGE)-debuginfo-$(VERSION)*.rpm .
+	@cp ~/rpmbuild/SRPMS/$(PACKAGE)-$(VERSION)*.rpm .
+
+rpm-sign: rpm-build
+	@rpm --addsign *.rpm
+	@rpm --checksig *.rpm
+
+clean-rpm:
+	@rm -f *.tar.gz
+	@rm -f *.src.rpm
+	@rm -f *.rpm
+
+rpm: rpm-build
+
+release: rpm-sign
+
+auto-rpmbuild:
+	@auto-br-rpmbuild -ba rpm/spec
+test: check
+tests/unit.log: testsuite/testsuite.log
+
+maintainer-clean-local:
+	-rm Makefile.in
+	-rm aclocal.m4
+	-rm build-aux/compile
+	-rm build-aux/config.guess
+	-rm build-aux/config.sub
+	-rm build-aux/depcomp
+	-rm build-aux/install-sh
+	-rm build-aux/ltmain.sh
+	-rm build-aux/missing
+	-rm cyassl-config
+	-rmdir build-aux
+	-rm configure
+	-rm config.log
+	-rm config.status
+	-rm config.in
+	-rm m4/libtool.m4
+	-rm m4/ltoptions.m4
+	-rm m4/ltsugar.m4
+	-rm m4/ltversion.m4
+	-rm m4/lt~obsolete.m4
+	-rm support/wolfssl.pc
+	find . -type f -name '*~' -exec rm -f '{}' \;
+	-rm -f @PACKAGE@-*.tar.gz
+	-rm -f @PACKAGE@-*.rpm
+
+# !!!! first line of rule has to start with a hard (real) tab, not spaces
+egs:
+	$(MAKE) examples/client/client; \
+	$(MAKE) examples/echoclient/echoclient;\
+	$(MAKE) examples/server/server; \
+	$(MAKE) examples/echoserver/echoserver;
+
+wc_egs:
+	$(MAKE) wolfcrypt/test/testwolfcrypt; \
+	$(MAKE) wolfcrypt/benchmark/benchmark;
+
+install-exec-local:	install-generic-config
+
+install-generic-config:
+	$(mkinstalldirs) $(DESTDIR)$(bindir)
+	$(INSTALL_SCRIPT) @GENERIC_CONFIG@ $(DESTDIR)$(bindir)
+
+uninstall-local:
+	-rm -f $(DESTDIR)$(bindir)/@GENERIC_CONFIG@
+
+merge-clean:
+	@find ./ | $(GREP) \.gcda | xargs rm -f
+	@find ./ | $(GREP) \.gcno | xargs rm -f
+	@find ./ | $(GREP) \.gz | xargs rm -f
+	@find ./ | $(GREP) \.orig | xargs rm -f
+	@find ./ | $(GREP) \.rej | xargs rm -f
+	@find ./ | $(GREP) \.rpm | xargs rm -f
+	@find ./ | $(GREP) \.THIS | xargs rm -f
+	@find ./ | $(GREP) \.OTHER | xargs rm -f
+	@find ./ | $(GREP) \.BASE | xargs rm -f
+	@find ./ | $(GREP) \~$$ | xargs rm -f
+
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff --git a/3P/wolfssl/NEWS b/3P/wolfssl/NEWS
new file mode 100644
index 00000000..e69de29b
diff --git a/3P/wolfssl/README b/3P/wolfssl/README
new file mode 100644
index 00000000..136e5a1b
--- /dev/null
+++ b/3P/wolfssl/README
@@ -0,0 +1,1121 @@
+*** Notes, Please read ***
+
+Note 1)
+CyaSSL now needs all examples and tests to be run from the CyaSSL home
+directory.  This is because it finds certs and keys from ./certs/.  Trying to
+maintain the ability to run each program from its own directory, the testsuite
+directory, the main directory (for make check/test), and for the various
+different project layouts (with or without config) was becoming harder and 
+harder.  Now to run testsuite just do:
+
+./testsuite/testsuite
+
+or 
+
+make check    (when using autoconf)
+
+On *nix or Windows the examples and testsuite will check to see if the current
+directory is the source directory and if so, attempt to change to the CyaSSL
+home directory.  This should work in most setup cases, if not, just follow the
+beginning of the note and specify the full path.
+
+
+Note 2)
+CyaSSL takes a different approach to certificate verification than OpenSSL does.
+The default policy for the client is to verify the server, this means that if
+you don't load CAs to verify the server you'll get a connect error, no signer
+error to confirm failure (-188).  If you want to mimic OpenSSL behavior of
+having SSL_connect succeed even if verifying the server fails and reducing
+security you can do this by calling:
+
+SSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, 0);
+
+before calling SSL_new();  Though it's not recommended.
+
+*** end Notes ***
+
+wolfSSL (Formerly CyaSSL) Release 3.4.0 (02/23/2015)
+
+Release 3.4.0 wolfSSL has bug fixes and new features including:
+
+- wolfSSL API and wolfCrypt API, you can still include the cyassl and ctaocrypt
+  headers which will enable the compatibility APIs for the foreseeable future
+- Example use of the wolfCrypt API can be found in wolfcrypt/test/test.c
+- Example use of the wolfSSL API can be found in examples/client/client.c
+- Curve25519 now supported at the wolfCrypt level, wolfSSL layer coming soon
+- Improvements in the build configuration under AIX
+- Microchip Pic32 MZ updates
+- TIRTOS updates
+- PowerPC updates
+- Xcode project update
+- Bidirectional shutdown examples in client/server with -w (wait for full
+  shutdown) option
+- Cycle counts on benchmarks for x86_64, more coming soon
+- ALT_ECC_SIZE for reducing ecc heap use with fastmath when also using large RSA
+  keys
+- Various compile warnings
+- Scan-build warning fixes
+- Changed a memcpy to memmove in the sniffer (if using sniffer please update)
+- No high level security fixes that requires an update though we always
+  recommend updating to the latest
+
+
+ ***********CyaSSL Release 3.3.0 (12/05/2014)
+
+- Countermeasuers for Handshake message duplicates, CHANGE CIPHER without
+  FINISHED, and fast forward attempts.  Thanks to Karthikeyan Bhargavan from
+  the Prosecco team at INRIA Paris-Rocquencourt for the report.
+- FIPS version submitted
+- Removes SSLv2 Client Hello processing, can be enabled with OLD_HELLO_ALLOWED
+- User can set mimimum downgrade version with CyaSSL_SetMinVersion()
+- Small stack improvements at TLS/SSL layer
+- TLS Master Secret generation and Key Expansion are now exposed
+- Adds client side Secure Renegotiation, * not recommended *
+- Client side session ticket support, not fully tested with Secure Renegotiation
+- Allows up to 4096bit DHE at TLS Key Exchange layer
+- Handles non standard SessionID sizes in Hello Messages
+- PicoTCP Support
+- Sniffer now supports SNI Virtual Hosts
+- Sniffer now handles non HTTPS protocols using STARTTLS
+- Sniffer can now parse records with multiple messages
+- TI-RTOS updates
+- Fix for ColdFire optimized fp_digit read only in explicit 32bit case
+- ADH Cipher Suite ADH-AES128-SHA for EAP-FAST
+
+The CyaSSL manual is available at:
+http://www.wolfssl.com/documentation/CyaSSL-Manual.pdf.  For build instructions
+and comments about the new features please check the manual.
+
+
+***********CyaSSL Release 3.2.0 (09/10/2014)
+
+Release 3.2.0 CyaSSL has bug fixes and new features including:
+
+- ChaCha20 and Poly1305 crypto and suites
+- Small stack improvements for OCSP, CRL, TLS, DTLS
+- NTRU Encrypt and Decrypt benchmarks
+- Updated Visual Studio project files
+- Updated Keil MDK5 project files
+- Fix for DTLS sequence numbers with GCM/CCM
+- Updated HashDRBG with more secure struct declaration
+- TI-RTOS support and example Code Composer Studio project files
+- Ability to get enabled cipher suites, CyaSSL_get_ciphers()
+- AES-GCM/CCM/Direct support for Freescale mmCAU and CAU
+- Sniffer improvement checking for decrypt key setup
+- Support for raw ECC key import
+- Ability to convert ecc_key to DER, EccKeyToDer()
+- Security fix for RSA Padding check vulnerability reported by Intel Security
+  Advanced Threat Research team
+
+The CyaSSL manual is available at:
+http://www.wolfssl.com/documentation/CyaSSL-Manual.pdf.  For build instructions
+and comments about the new features please check the manual.
+
+
+************ CyaSSL Release 3.1.0 (07/14/2014)
+
+Release 3.1.0 CyaSSL has bug fixes and new features including:
+
+- Fix for older versions of icc without 128-bit type
+- Intel ASM syntax for AES-NI
+- Updated NTRU support, keygen benchmark
+- FIPS check for minimum required HMAC key length
+- Small stack (--enable-smallstack) improvements for PKCS#7, ASN
+- TLS extension support for DTLS
+- Default I/O callbacks external to user
+- Updated example client with bad clock test
+- Ability to set optional ECC context info
+- Ability to enable/disable DH separate from opensslextra
+- Additional test key/cert buffers for CA and server
+- Updated example certificates
+
+The CyaSSL manual is available at:
+http://www.wolfssl.com/documentation/CyaSSL-Manual.pdf.  For build instructions
+and comments about the new features please check the manual.
+
+
+************ CyaSSL Release 3.0.2 (05/30/2014)
+
+Release 3.0.2 CyaSSL has bug fixes and new features including:
+
+- Added the following cipher suites:
+  * TLS_PSK_WITH_AES_128_GCM_SHA256
+  * TLS_PSK_WITH_AES_256_GCM_SHA384
+  * TLS_PSK_WITH_AES_256_CBC_SHA384
+  * TLS_PSK_WITH_NULL_SHA384
+  * TLS_DHE_PSK_WITH_AES_128_GCM_SHA256
+  * TLS_DHE_PSK_WITH_AES_256_GCM_SHA384
+  * TLS_DHE_PSK_WITH_AES_128_CBC_SHA256
+  * TLS_DHE_PSK_WITH_AES_256_CBC_SHA384
+  * TLS_DHE_PSK_WITH_NULL_SHA256
+  * TLS_DHE_PSK_WITH_NULL_SHA384
+  * TLS_DHE_PSK_WITH_AES_128_CCM
+  * TLS_DHE_PSK_WITH_AES_256_CCM
+- Added AES-NI support for Microsoft Visual Studio builds.
+- Changed small stack build to be disabled by default.
+- Updated the Hash DRBG and provided a configure option to enable.
+
+The CyaSSL manual is available at:
+http://www.wolfssl.com/documentation/CyaSSL-Manual.pdf.  For build instructions
+and comments about the new features please check the manual.
+
+
+************ CyaSSL Release 3.0.0 (04/29/2014)
+
+Release 3.0.0 CyaSSL has bug fixes and new features including:
+
+- FIPS release candidate
+- X.509 improvements that address items reported by Suman Jana with security
+  researchers at UT Austin and UC Davis
+- Small stack size improvements, --enable-smallstack. Offloads large local
+  variables to the heap. (Note this is not complete.)
+- Updated AES-CCM-8 cipher suites to use approved suite numbers.
+
+The CyaSSL manual is available at:
+http://www.wolfssl.com/documentation/CyaSSL-Manual.pdf.  For build instructions
+and comments about the new features please check the manual.
+
+
+************ CyaSSL Release 2.9.4 (04/09/2014)
+
+Release 2.9.4 CyaSSL has bug fixes and new features including:
+
+- Security fixes that address items reported by Ivan Fratric of the Google
+  Security Team
+- X.509 Unknown critical extensions treated as errors, report by Suman Jana with
+  security researchers at UT Austin and UC Davis
+- Sniffer fixes for corrupted packet length and Jumbo frames
+- ARM thumb mode assembly fixes
+- Xcode 5.1 support including new clang
+- PIC32 MZ hardware support
+- CyaSSL Object has enough room to read the Record Header now w/o allocs
+- FIPS wrappers for AES, 3DES, SHA1, SHA256, SHA384, HMAC, and RSA.
+- A sample I/O pool is demonstrated with --enable-iopool to overtake memory
+  handling and reduce memory fragmentation on I/O large sizes
+
+The CyaSSL manual is available at:
+http://www.wolfssl.com/documentation/CyaSSL-Manual.pdf.  For build instructions 
+and comments about the new features please check the manual.
+
+
+************ CyaSSL Release 2.9.0 (02/07/2014)
+
+Release 2.9.0 CyaSSL has bug fixes and new features including:
+- Freescale Kinetis RNGB support
+- Freescale Kinetis mmCAU support
+- TLS Hello extensions
+  - ECC
+  - Secure Renegotiation (null) 
+  - Truncated HMAC
+- SCEP support
+  - PKCS #7 Enveloped data and signed data
+  - PKCS #10 Certificate Signing Request generation
+- DTLS sliding window
+- OCSP Improvements
+  - API change to integrate into Certificate Manager
+  - IPv4/IPv6 agnostic
+  - example client/server support for OCSP
+  - OCSP nonces are optional
+- GMAC hashing
+- Windows build additions
+- Windows CYGWIN build fixes
+- Updated test certificates
+- Microchip MPLAB Harmony support
+- Update autoconf scripts
+- Additional X.509 inspection functions
+- ECC encrypt/decrypt primitives
+- ECC Certificate generation
+
+The Freescale Kinetis K53 RNGB documentation can be found in Chapter 33 of the
+K53 Sub-Family Reference Manual:
+http://cache.freescale.com/files/32bit/doc/ref_manual/K53P144M100SF2RM.pdf
+
+Freescale Kinetis K60 mmCAU (AES, DES, 3DES, MD5, SHA, SHA256) documentation
+can be found in the "ColdFire/ColdFire+ CAU and Kinetis mmCAU Software Library
+User Guide":
+http://cache.freescale.com/files/32bit/doc/user_guide/CAUAPIUG.pdf
+
+
+*****************CyaSSL Release 2.8.0 (8/30/2013)
+
+Release 2.8.0 CyaSSL has bug fixes and new features including:
+- AES-GCM and AES-CCM use AES-NI
+- NetX default IO callback handlers
+- IPv6 fixes for DTLS Hello Cookies
+- The ability to unload Certs/Keys after the handshake, CyaSSL_UnloadCertsKeys()
+- SEP certificate extensions
+- Callback getters for easier resource freeing
+- External CYASSL_MAX_ERROR_SZ for correct error buffer sizing
+- MacEncrypt and DecryptVerify Callbacks for User Atomic Record Layer Processing
+- Public Key Callbacks for ECC and RSA
+- Client now sends blank cert upon request if doesn't have one with TLS <= 1.2
+
+
+The CyaSSL manual is available at:
+http://www.wolfssl.com/documentation/CyaSSL-Manual.pdf.  For build instructions 
+and comments about the new features please check the manual.
+
+
+*****************CyaSSL Release 2.7.0 (6/17/2013)
+
+Release 2.7.0 CyaSSL has bug fixes and new features including:
+- SNI support for client and server
+- KEIL MDK-ARM projects
+- Wildcard check to domain name match, and Subject altnames are checked too
+- Better error messages for certificate verification errors
+- Ability to discard session during handshake verify
+- More consistent error returns across all APIs
+- Ability to unload CAs at the CTX or CertManager level
+- Authority subject id support for Certificate matching
+- Persistent session cache functionality
+- Persistent CA cache functionality
+- Client session table lookups to push serverID table to library level
+- Camellia support to sniffer
+- User controllable settings for DTLS timeout values
+- Sniffer fixes for caching long lived sessions
+- DTLS reliability enhancements for the handshake
+- Better ThreadX support
+
+When compiling with Mingw, libtool may give the following warning due to
+path conversion errors:
+
+libtool: link: Could not determine host file name corresponding to **
+libtool: link: Continuing, but uninstalled executables may not work.
+
+If so, examples and testsuite will have problems when run, showing an
+error while loading shared libraries. To resolve, please run "make install".
+
+The CyaSSL manual is available at:
+http://www.wolfssl.com/documentation/CyaSSL-Manual.pdf.  For build instructions 
+and comments about the new features please check the manual.
+
+
+************** CyaSSL Release 2.6.0 (04/15/2013)
+
+Release 2.6.0 CyaSSL has bug fixes and new features including:
+- DTLS 1.2 support including AEAD ciphers
+- SHA-3 finalist Blake2 support, it's fast and uses little resources
+- SHA-384 cipher suites including ECC ones
+- HMAC now supports SHA-512
+- Track memory use for example client/server with -t option
+- Better IPv6 examples with --enable-ipv6, before if ipv6 examples/tests were
+  turned on, localhost only was used.  Now link-local (with scope ids) and ipv6
+  hosts can be used as well.
+- Xcode v4.6 project for iOS v6.1 update
+- settings.h is now checked in all *.c files for true one file setting detection
+- Better alignment at SSL layer for hardware crypto alignment needs
+    * Note, SSL itself isn't friendly to alignment with 5 byte TLS headers and
+      13 bytes DTLS headers, but every effort is now made to align with the
+      CYASSL_GENERAL_ALIGNMENT flag which sets desired alignment requirement
+- NO_64BIT flag to turn off 64bit data type accumulators in public key code
+    * Note, some systems are faster with 32bit accumulators 
+- --enable-stacksize for example client/server stack use
+    * Note, modern desktop Operating Systems may add bytes to each stack frame
+- Updated compression/decompression with direct crypto access
+- All ./configure options are now lowercase only for consistency
+- ./configure builds default to fastmath option
+    * Note, if on ia32 and building in shared mode this may produce a problem
+      with a missing register being available because of PIC, there are at least
+      5 solutions to this:
+      1) --disable-fastmath , don't use fastmath
+      2) --disable-shared, don't build a shared library
+      3) C_EXTRA_FLAGS=-DTFM_NO_ASM , turn off assembly use
+      4) use clang, it just seems to work
+      5) play around with no PIC options to force all registers being open
+- Many new ./configure switches for option enable/disable for example
+    * rsa
+    * dh
+    * dsa
+    * md5
+    * sha 
+    * arc4
+    * null    (allow NULL ciphers)
+    * oldtls  (only use TLS 1.2)
+    * asn     (no certs or public keys allowed)
+- ./configure generates cyassl/options.h which allows a header the user can 
+  include in their app to make sure the same options are set at the app and
+  CyaSSL level.
+- autoconf no longer needs serial-tests which lowers version requirements of
+  automake to 1.11 and autoconf to 2.63
+
+The CyaSSL manual is available at:
+http://www.wolfssl.com/documentation/CyaSSL-Manual.pdf.  For build instructions 
+and comments about the new features please check the manual.
+
+
+
+************** CyaSSL Release 2.5.0 (02/04/2013)
+
+Release 2.5.0 CyaSSL has bug fixes and new features including:
+- Fix for TLS CBC padding timing attack identified by Nadhem Alfardan and
+  Kenny Paterson: http://www.isg.rhul.ac.uk/tls/
+- Microchip PIC32 (MIPS16, MIPS32) support
+- Microchip MPLAB X example projects for PIC32 Ethernet Starter Kit
+- Updated CTaoCrypt benchmark app for embedded systems
+- 1024-bit test certs/keys and cert/key buffers
+- AES-CCM-8 crypto and cipher suites
+- Camellia crypto and cipher suites
+- Bumped minimum autoconf version to 2.65, automake version to 1.12
+- Addition of OCSP callbacks
+- STM32F2 support with hardware crypto and RNG 
+- Cavium NITROX support
+
+CTaoCrypt now has support for the Microchip PIC32 and has been tested with
+the Microchip PIC32 Ethernet Starter Kit, the XC32 compiler and
+MPLAB X IDE in both MIPS16 and MIPS32 instruction set modes. See the README
+located under the /mplabx directory for more details.
+
+To add Cavium NITROX support do:
+
+./configure --with-cavium=/home/user/cavium/software
+
+pointing to your licensed cavium/software directory.  Since Cavium doesn't
+build a library we pull in the cavium_common.o file which gives a libtool 
+warning about the portability of this.  Also, if you're using the github source
+tree you'll need to remove the -Wredundant-decls warning from the generated
+Makefile because the cavium headers don't conform to this warning.  Currently
+CyaSSL supports Cavium RNG, AES, 3DES, RC4, HMAC, and RSA directly at the crypto
+layer.  Support at the SSL level is partial and currently just does AES, 3DES,
+and RC4.  RSA and HMAC are slower until the Cavium calls can be utilized in non
+blocking mode.  The example client turns on cavium support as does the crypto
+test and benchmark.  Please see the HAVE_CAVIUM define.
+
+CyaSSL is able to use the STM32F2 hardware-based cryptography and random number
+generator through the STM32F2 Standard Peripheral Library. For necessary
+defines, see the CYASSL_STM32F2 define in settings.h. Documentation for the
+STM32F2 Standard Peripheral Library can be found in the following document: 
+http://www.st.com/internet/com/TECHNICAL_RESOURCES/TECHNICAL_LITERATURE/USER_MANUAL/DM00023896.pdf
+
+The CyaSSL manual is available at:
+http://www.wolfssl.com/documentation/CyaSSL-Manual.pdf.  For build instructions 
+and comments about the new features please check the manual.
+
+
+
+*************** CyaSSL Release 2.4.6 (12/20/2012)
+
+Release 2.4.6 CyaSSL has bug fixes and a few new features including:
+- ECC into main version
+- Lean PSK build (reduced code size, RAM usage, and stack usage)
+- FreeBSD CRL monitor support
+- CyaSSL_peek()
+- CyaSSL_send() and CyaSSL_recv() for I/O flag setting
+- CodeWarrior Support
+- MQX Support
+- Freescale Kinetis support including Hardware RNG
+- autoconf builds use jobserver
+- cyassl-config
+- Sniffer memory reductions
+
+Thanks to Brian Aker for the improved autoconf system, make rpm, cyassl-config,
+warning system, and general good ideas for improving CyaSSL!
+
+The Freescale Kinetis K70 RNGA documentation can be found in Chapter 37 of the
+K70 Sub-Family Reference Manual:
+http://cache.freescale.com/files/microcontrollers/doc/ref_manual/K70P256M150SF3RM.pdf
+
+The CyaSSL manual is available at:
+http://www.wolfssl.com/documentation/CyaSSL-Manual.pdf.  For build instructions 
+and comments about the new features please check the manual.
+
+
+*************** CyaSSL Release 2.4.0 (10/10/2012)
+
+Release 2.4.0 CyaSSL has bug fixes and a few new features including:
+- DTLS reliability
+- Reduced memory usage after handshake
+- Updated build process
+
+The CyaSSL manual is available at:
+http://www.wolfssl.com/documentation/CyaSSL-Manual.pdf.  For build instructions 
+and comments about the new features please check the manual.
+
+
+
+*************** CyaSSL Release 2.3.0 (8/10/2012)
+
+Release 2.3.0 CyaSSL has bug fixes and a few new features including:
+- AES-GCM crypto and cipher suites
+- make test cipher suite checks
+- Subject AltName processing
+- Command line support for client/server examples
+- Sniffer SessionTicket support
+- SHA-384 cipher suites
+- Verify cipher suite validity when user overrides
+- CRL dir monitoring
+- DTLS Cookie support, reliability coming soon
+
+The CyaSSL manual is available at:
+http://www.wolfssl.com/documentation/CyaSSL-Manual.pdf.  For build instructions 
+and comments about the new features please check the manual.
+
+
+
+***************CyaSSL Release 2.2.0 (5/18/2012)
+
+Release 2.2.0 CyaSSL has bug fixes and a few new features including:
+- Initial CRL support (--enable-crl)
+- Initial OCSP support (--enable-ocsp)
+- Add static ECDH suites
+- SHA-384 support
+- ECC client certificate support
+- Add medium session cache size (1055 sessions) 
+- Updated unit tests
+- Protection against mutex reinitialization
+
+
+The CyaSSL manual is available at:
+http://www.wolfssl.com/documentation/CyaSSL-Manual.pdf.  For build instructions 
+and comments about the new features please check the manual.
+
+
+
+***************CyaSSL Release 2.0.8 (2/24/2012)
+
+Release 2.0.8 CyaSSL has bug fixes and a few new features including:
+- A fix for malicious certificates pointed out by Remi Gacogne (thanks)
+  resulting in NULL pointer use.
+- Respond to renegotiation attempt with no_renegoatation alert
+- Add basic path support for load_verify_locations()
+- Add set Temp EC-DHE key size
+- Extra checks on rsa test when porting into
+
+
+The CyaSSL manual is available at:
+http://www.wolfssl.com/documentation/CyaSSL-Manual.pdf.  For build instructions 
+and comments about the new features please check the manual.
+
+
+
+************* CyaSSL Release 2.0.6 (1/27/2012)
+
+Release 2.0.6 CyaSSL has bug fixes and a few new features including:
+- Fixes for CA basis constraint check
+- CTX reference counting
+- Initial unit test additions
+- Lean and Mean Windows fix
+- ECC benchmarking
+- SSMTP build support
+- Ability to group handshake messages with set_group_messages(ctx/ssl)
+- CA cache addition callback
+- Export Base64_Encode for general use
+
+The CyaSSL manual is available at:
+http://www.wolfssl.com/documentation/CyaSSL-Manual.pdf.  For build instructions 
+and comments about the new features please check the manual.
+
+
+
+************* CyaSSL Release 2.0.2 (12/05/2011)
+
+Release 2.0.2 CyaSSL has bug fixes and a few new features including:
+- CTaoCrypt Runtime library detection settings when directly using the crypto
+  library
+- Default certificate generation now uses SHAwRSA and adds SHA256wRSA generation
+- All test certificates now use 2048bit and SHA-1 for better modern browser
+  support
+- Direct AES block access and AES-CTR (counter) mode
+- Microchip pic32 support
+
+The CyaSSL manual is available at:
+http://www.wolfssl.com/documentation/CyaSSL-Manual.pdf.  For build instructions 
+and comments about the new features please check the manual.
+
+
+
+************* CyaSSL Release 2.0.0rc3 (9/28/2011)
+
+Release 2.0.0rc3 for CyaSSL has bug fixes and a few new features including:
+- updated autoconf support
+- better make install and uninstall  (uses system directories)
+- make test / make check
+- CyaSSL headers now in 
+- CTaocrypt headers now in 
+- OpenSSL compatibility headers now in 
+- examples and tests all run from home directory so can use certs in ./certs
+        (see note 1)
+
+So previous applications that used the OpenSSL compatibility header
+ now need to include  instead, no other
+changes are required.
+
+Special Thanks to Brian Aker for his autoconf, install, and header patches.
+
+The CyaSSL manual is available at:
+http://www.wolfssl.com/documentation/CyaSSL-Manual.pdf.  For build instructions 
+and comments about the new features please check the manual.
+
+************CyaSSL Release 2.0.0rc2 (6/6/2011)
+
+Release 2.0.0rc2 for CyaSSL has bug fixes and a few new features including:
+- bug fixes (Alerts, DTLS with DHE)
+- FreeRTOS support
+- lwIP support
+- Wshadow warnings removed
+- asn public header
+- CTaoCrypt public headers now all have ctc_ prefix (the manual is still being
+        updated to reflect this change)
+- and more.
+
+This is the 2nd and perhaps final release candidate for version 2.
+Please send any comments or questions to support@wolfssl.com.
+
+The CyaSSL manual is available at:
+http://www.wolfssl.com/documentation/CyaSSL-Manual.pdf.  For build instructions 
+and comments about the new features please check the manual.
+
+***********CyaSSL Release 2.0.0rc1 (5/2/2011)
+
+Release 2.0.0rc1 for CyaSSL has many new features including:
+- bug fixes
+- SHA-256 cipher suites 
+- Root Certificate Verification (instead of needing all certs in the chain) 
+- PKCS #8 private key encryption (supports PKCS #5 v1-v2 and PKCS #12) 
+- Serial number retrieval for x509 
+- PBKDF2 and PKCS #12 PBKDF 
+- UID parsing for x509 
+- SHA-256 certificate signatures 
+- Client and server can send chains (SSL_CTX_use_certificate_chain_file) 
+- CA loading can now parse multiple certificates per file
+- Dynamic memory runtime hooks
+- Runtime hooks for logging
+- EDH on server side
+- More informative error codes
+- More informative logging messages
+- Version downgrade more robust (use SSL_v23*)
+- Shared build only by default through ./configure
+- Compiler visibility is now used, internal functions not polluting namespace
+- Single Makefile, no recursion, for faster and simpler building
+- Turn on all warnings possible build option, warning fixes
+- and more.
+
+Because of all the new features and the multiple OS, compiler, feature-set
+options that CyaSSL allows, there may be some configuration fixes needed.
+Please send any comments or questions to support@wolfssl.com.
+
+The CyaSSL manual is available at:
+http://www.wolfssl.com/documentation/CyaSSL-Manual.pdf.  For build instructions 
+and comments about the new features please check the manual.
+
+****************** CyaSSL Release 1.9.0 (3/2/2011)
+
+Release 1.9.0 for CyaSSL adds bug fixes, improved TLSv1.2 through testing and
+better hash/sig algo ids, --enable-webServer for the yaSSL embedded web server,
+improper AES key setup detection, user cert verify callback improvements, and
+more.
+
+The CyaSSL manual offering is included in the doc/ directory.  For build
+instructions and comments about the new features please check the manual.
+
+Please send any comments or questions to support@wolfssl.com.
+
+****************** CyaSSL Release 1.8.0 (12/23/2010)
+
+Release 1.8.0 for CyaSSL adds bug fixes, x509 v3 CA signed certificate
+generation, a C standard library abstraction layer, lower memory use, increased
+portability through the os_settings.h file, and the ability to use NTRU cipher
+suites when used in conjunction with an NTRU license and library.
+
+The initial CyaSSL manual offering is included in the doc/ directory.  For
+build instructions and comments about the new features please check the manual.
+
+Please send any comments or questions to support@wolfssl.com.
+
+Happy Holidays.
+ 
+
+********************* CyaSSL Release 1.6.5 (9/9/2010)
+
+Release 1.6.5 for CyaSSL adds bug fixes and x509 v3 self signed certificate
+generation.
+ 
+For general build instructions see doc/Building_CyaSSL.pdf.
+
+To enable certificate generation support add this option to ./configure
+./configure --enable-certgen
+
+An example is included in ctaocrypt/test/test.c and documentation is provided
+in doc/CyaSSL_Extensions_Reference.pdf item 11.
+
+********************** CyaSSL Release 1.6.0 (8/27/2010)
+
+Release 1.6.0 for CyaSSL adds bug fixes, RIPEMD-160, SHA-512, and RSA key
+generation.
+ 
+For general build instructions see doc/Building_CyaSSL.pdf.
+
+To add RIPEMD-160 support add this option to ./configure
+./configure --enable-ripemd
+
+To add SHA-512 support add this option to ./configure
+./configure --enable-sha512
+
+To add RSA key generation support add this option to ./configure
+./configure --enable-keygen
+
+Please see ctaocrypt/test/test.c for examples and usage.
+
+For Windows, RIPEMD-160 and SHA-512 are enabled by default but key generation is
+off by default.  To turn key generation on add the define CYASSL_KEY_GEN to
+CyaSSL.
+
+
+*************   CyaSSL Release 1.5.6 (7/28/2010)
+
+Release 1.5.6 for CyaSSL adds bug fixes, compatibility for our JSSE provider,
+and a fix for GCC builds on some systems.
+ 
+For general build instructions see doc/Building_CyaSSL.pdf.
+
+To add AES-NI support add this option to ./configure
+./configure --enable-aesni
+
+You'll need GCC 4.4.3 or later to make use of the assembly.
+
+**************  CyaSSL Release 1.5.4 (7/7/2010)
+
+Release 1.5.4 for CyaSSL adds bug fixes, support for AES-NI, SHA1 speed 
+improvements from loop unrolling, and support for the Mongoose Web Server.
+ 
+For general build instructions see doc/Building_CyaSSL.pdf.
+
+To add AES-NI support add this option to ./configure
+./configure --enable-aesni
+
+You'll need GCC 4.4.3 or later to make use of the assembly.
+
+***************  CyaSSL Release 1.5.0 (5/11/2010)
+
+Release 1.5.0 for CyaSSL adds bug fixes, GoAhead WebServer support, sniffer
+support, and initial swig interface support.
+
+For general build instructions see doc/Building_CyaSSL.pdf.
+
+To add support for GoAhead WebServer either --enable-opensslExtra or if you
+don't want all the features of opensslExtra you can just define GOAHEAD_WS
+instead.  GOAHEAD_WS can be added to ./configure with CFLAGS=-DGOAHEAD_WS or
+you can define it yourself.
+
+To look at the sniffer support please see the sniffertest app in
+sslSniffer/sslSnifferTest.  Build with --enable-sniffer on *nix or use the
+vcproj files on windows.  You'll need to have pcap installed on *nix and
+WinPcap on windows.
+
+A swig interface file is now located in the swig directory for using Python,
+Java, Perl, and others with CyaSSL.  This is initial support and experimental,
+please send questions or comments to support@wolfssl.com.
+
+When doing load testing with CyaSSL, on the echoserver example say, the client
+machine may run out of tcp ephemeral ports, they will end up in the TIME_WAIT
+queue, and can't be reused by default.  There are generally two ways to fix
+this.  1) Reduce the length sockets remain on the TIME_WAIT queue or 2) Allow
+items on the TIME_WAIT queue to be reused.
+
+
+To reduce the TIME_WAIT length in OS X to 3 seconds (3000 milliseconds)
+
+sudo sysctl -w net.inet.tcp.msl=3000
+
+In Linux
+
+sudo sysctl -w net.ipv4.tcp_tw_reuse=1
+
+allows reuse of sockets in TIME_WAIT
+
+sudo sysctl -w net.ipv4.tcp_tw_recycle=1
+
+works but seems to remove sockets from  TIME_WAIT entirely?
+
+sudo sysctl -w net.ipv4.tcp_fin_timeout=1
+
+doen't control TIME_WAIT, it controls FIN_WAIT(2) contrary to some posts
+
+
+******************** CyaSSL Release 1.4.0 (2/18/2010)
+
+Release 1.3.0 for CyaSSL adds bug fixes, better multi TLS/SSL version support
+through SSLv23_server_method(), and improved documentation in the doc/ folder.
+
+For general build instructions doc/Building_CyaSSL.pdf.
+
+******************** CyaSSL Release 1.3.0 (1/21/2010)
+
+Release 1.3.0 for CyaSSL adds bug fixes, a potential security problem fix,
+better porting support, removal of assert()s, and a complete THREADX port.
+
+For general build instructions see rc1 below.
+
+******************** CyaSSL Release 1.2.0 (11/2/2009)
+
+Release 1.2.0 for CyaSSL adds bug fixes and session negotiation if first use is
+read or write.
+
+For general build instructions see rc1 below.
+
+******************** CyaSSL Release 1.1.0 (9/2/2009)
+
+Release 1.1.0 for CyaSSL adds bug fixes, a check against malicious session
+cache use, support for lighttpd, and TLS 1.2.
+
+To get TLS 1.2 support please use the client and server functions:
+
+SSL_METHOD *TLSv1_2_server_method(void);
+SSL_METHOD *TLSv1_2_client_method(void);
+
+CyaSSL was tested against lighttpd 1.4.23.  To build CyaSSL for use with 
+lighttpd use the following commands from the CyaSSL install dir :
+
+./configure --disable-shared --enable-opensslExtra --enable-fastmath --without-zlib
+
+make
+make openssl-links
+
+Then to build lighttpd with CyaSSL use the following commands from the
+lighttpd install dir:
+
+./configure --with-openssl --with-openssl-includes=/include --with-openssl-libs=/lib LDFLAGS=-lm
+
+make
+
+On some systems you may get a linker error about a duplicate symbol for
+MD5_Init or other MD5 calls.  This seems to be caused by the lighttpd src file
+md5.c, which defines MD5_Init(), and is included in liblightcomp_la-md5.o.
+When liblightcomp is linked with the SSL_LIBs the linker may complain about
+the duplicate symbol.  This can be fixed by editing the lighttpd src file md5.c
+and adding this line to the beginning of the file:
+
+#if 0
+
+and this line to the end of the file
+
+#endif
+
+Then from the lighttpd src dir do a:
+
+make clean
+make
+
+
+If you get link errors about undefined symbols more than likely the actual
+OpenSSL libraries are found by the linker before the CyaSSL openssl-links that
+point to the CyaSSL library, causing the linker confusion.  This can be fixed
+by editing the Makefile in the lighttpd src directory and changing the line:
+
+SSL_LIB = -lssl -lcrypto
+
+to
+
+SSL_LIB = -lcyassl
+
+Then from the lighttpd src dir do a:
+
+make clean
+make
+
+This should remove any confusion the linker may be having with missing symbols.
+
+For any questions or concerns please contact support@wolfssl.com .
+
+For general build instructions see rc1 below.
+
+******************CyaSSL Release 1.0.6 (8/03/2009)
+
+Release 1.0.6 for CyaSSL adds bug fixes, an improved session cache, and faster
+math with a huge code option.
+
+The session cache now defaults to a client mode, also good for embedded servers.
+For servers not under heavy load (less than 200 new sessions per minute), define
+BIG_SESSION_CACHE.  If the server will be under heavy load, define
+HUGE_SESSION_CACHE.
+
+There is now a fasthugemath option for configure.  This enables fastmath plus
+even faster math by greatly increasing the code size of the math library. Use
+the benchmark utility to compare public key operations.
+
+
+For general build instructions see rc1 below.
+
+******************CyaSSL Release 1.0.3 (5/10/2009)
+
+Release 1.0.3 for CyaSSL adds bug fixes and add increased support for OpenSSL
+compatibility when building other applications.
+
+Release 1.0.3 includes an alpha release of DTLS for both client and servers.
+This is only for testing purposes at this time.  Rebroadcast and reordering
+aren't fully implemented at this time but will be for the next release.
+
+For general build instructions see rc1 below.
+
+******************CyaSSL Release 1.0.2 (4/3/2009)
+
+Release 1.0.2 for CyaSSL adds bug fixes for a couple I/O issues.  Some systems
+will send a SIGPIPE on socket recv() at any time and this should be handled by
+the application by turning off SIGPIPE through setsockopt() or returning from
+the handler.
+
+Release 1.0.2 includes an alpha release of DTLS for both client and servers.
+This is only for testing purposes at this time.  Rebroadcast and reordering
+aren't fully implemented at this time but will be for the next release.
+
+For general build instructions see rc1 below.
+
+*****************CyaSSL Release Candidiate 3 rc3-1.0.0 (2/25/2009)
+
+
+Release Candidate 3 for CyaSSL 1.0.0 adds bug fixes and adds a project file for
+iPhone development with Xcode.  cyassl-iphone.xcodeproj is located in the root
+directory.  This release also includes a fix for supporting other
+implementations that bundle multiple messages at the record layer, this was
+lost when cyassl i/o was re-implemented but is now fixed.
+
+For general build instructions see rc1 below.
+
+*****************CyaSSL Release Candidiate 2 rc2-1.0.0 (1/21/2009)
+
+
+Release Candidate 2 for CyaSSL 1.0.0 adds bug fixes and adds two new stream
+ciphers along with their respective cipher suites.  CyaSSL adds support for
+HC-128 and RABBIT stream ciphers.  The new suites are:
+
+TLS_RSA_WITH_HC_128_SHA
+TLS_RSA_WITH_RABBIT_SHA
+
+And the corresponding cipher names are
+
+HC128-SHA
+RABBIT-SHA
+
+CyaSSL also adds support for building with devkitPro for PPC by changing the
+library proper to use libogc.  The examples haven't been changed yet but if
+there's interest they can be.  Here's an example ./configure to build CyaSSL
+for devkitPro:
+
+./configure --disable-shared CC=/pathTo/devkitpro/devkitPPC/bin/powerpc-gekko-gcc --host=ppc --without-zlib --enable-singleThreaded RANLIB=/pathTo/devkitpro/devkitPPC/bin/powerpc-gekko-ranlib CFLAGS="-DDEVKITPRO -DGEKKO"
+
+For linking purposes you'll need
+
+LDFLAGS="-g -mrvl -mcpu=750 -meabi -mhard-float -Wl,-Map,$(notdir $@).map"
+
+For general build instructions see rc1 below.
+
+
+********************CyaSSL Release Candidiate 1 rc1-1.0.0 (12/17/2008)
+
+
+Release Candidate 1 for CyaSSL 1.0.0 contains major internal changes.  Several
+areas have optimization improvements, less dynamic memory use, and the I/O
+strategy has been refactored to allow alternate I/O handling or Library use.
+Many thanks to Thierry Fournier for providing these ideas and most of the work.
+
+Because of these changes, this release is only a candidate since some problems
+are probably inevitable on some platform with some I/O use.  Please report any
+problems and we'll try to resolve them as soon as possible.  You can contact us
+at support@wolfssl.com or todd@wolfssl.com.
+
+Using TomsFastMath by passing --enable-fastmath to ./configure now uses assembly
+on some platforms.  This is new so please report any problems as every compiler,
+mode, OS combination hasn't been tested.  On ia32 all of the registers need to
+be available so be sure to pass these options to CFLAGS:
+
+CFLAGS="-O3 -fomit-frame-pointer"
+
+OS X will also need -mdynamic-no-pic added to CFLAGS
+
+Also if you're building in shared mode for ia32 you'll need to pass options to
+LDFLAGS as well on OS X:
+
+LDFLAGS=-Wl,-read_only_relocs,warning
+
+This gives warnings for some symbols but seems to work.
+
+
+--To build on Linux, Solaris, *BSD, Mac OS X, or Cygwin:
+
+    ./configure
+    make
+
+    from the ./testsuite/ directory run ./testsuite 
+
+to make a debug build:
+
+    ./configure --enable-debug --disable-shared
+    make
+
+
+
+--To build on Win32
+
+Choose (Re)Build All from the project workspace
+
+Run the testsuite program
+
+
+
+
+
+*************************CyaSSL version 0.9.9 (7/25/2008) 
+
+This release of CyaSSL adds bug fixes, Pre-Shared Keys, over-rideable memory
+handling, and optionally TomsFastMath.  Thanks to Moisés Guimarães for the
+work on TomsFastMath.
+
+To optionally use TomsFastMath pass --enable-fastmath to ./configure
+Or define USE_FAST_MATH in each project from CyaSSL for MSVC.
+
+Please use the benchmark routine before and after to see the performance
+difference, on some platforms the gains will be little but RSA encryption
+always seems to be faster.  On x86-64 machines with GCC the normal math library
+may outperform the fast one when using CFLAGS=-m64 because TomsFastMath can't
+yet use -m64 because of GCCs inability to do 128bit division.
+
+     **** UPDATE GCC 4.2.1 can now do 128bit division ***
+
+See notes below (0.2.0) for complete build instructions.
+
+
+****************CyaSSL version 0.9.8 (5/7/2008) 
+
+This release of CyaSSL adds bug fixes, client side Diffie-Hellman, and better
+socket handling.
+
+See notes below (0.2.0) for complete build instructions.
+
+
+****************CyaSSL version 0.9.6 (1/31/2008) 
+
+This release of CyaSSL adds bug fixes, increased session management, and a fix
+for gnutls.
+
+See notes below (0.2.0) for complete build instructions.
+
+
+****************CyaSSL version 0.9.0 (10/15/2007) 
+
+This release of CyaSSL adds bug fixes, MSVC 2005 support, GCC 4.2 support, 
+IPV6 support and test, and new test certificates.
+
+See notes below (0.2.0) for complete build instructions.
+
+
+****************CyaSSL version 0.8.0 (1/10/2007) 
+
+This release of CyaSSL adds increased socket support, for non-blocking writes,
+connects, and interrupted system calls.
+
+See notes below (0.2.0) for complete build instructions.
+
+
+****************CyaSSL version 0.6.3 (10/30/2006) 
+
+This release of CyaSSL adds debug logging to stderr to aid in the debugging of
+CyaSSL on systems that may not provide the best support.
+
+If CyaSSL is built with debugging support then you need to call
+CyaSSL_Debugging_ON() to turn logging on.
+
+On Unix use ./configure --enable-debug
+
+On Windows define DEBUG_CYASSL when building CyaSSL
+
+
+To turn logging back off call CyaSSL_Debugging_OFF()
+
+See notes below (0.2.0) for complete build instructions.
+
+
+*****************CyaSSL version 0.6.2 (10/29/2006) 
+
+This release of CyaSSL adds TLS 1.1.
+
+Note that CyaSSL has certificate verification on by default, unlike OpenSSL.
+To emulate OpenSSL behavior, you must call SSL_CTX_set_verify() with
+SSL_VERIFY_NONE.  In order to have full security you should never do this, 
+provide CyaSSL with the proper certificates to eliminate impostors and call
+CyaSSL_check_domain_name() to prevent man in the middle attacks.
+
+See notes below (0.2.0) for build instructions.
+
+*****************CyaSSL version 0.6.0 (10/25/2006) 
+
+This release of CyaSSL adds more SSL functions, better autoconf, nonblocking
+I/O for accept, connect, and read.  There is now an --enable-small configure
+option that turns off TLS, AES, DES3, HMAC, and ERROR_STRINGS, see configure.in
+for the defines.  Note that TLS requires HMAC and AES requires TLS.
+
+See notes below (0.2.0) for build instructions.
+
+
+*****************CyaSSL version 0.5.5 (09/27/2006) 
+
+This mini release of CyaSSL adds better input processing through buffered input
+and big message support.  Added SSL_pending() and some sanity checks on user
+settings.
+
+See notes below (0.2.0) for build instructions.
+
+
+*****************CyaSSL version 0.5.0 (03/27/2006) 
+
+This release of CyaSSL adds AES support and minor bug fixes. 
+
+See notes below (0.2.0) for build instructions.
+
+
+*****************CyaSSL version 0.4.0 (03/15/2006)
+
+This release of CyaSSL adds TLSv1 client/server support and libtool. 
+
+See notes below for build instructions.
+
+
+*****************CyaSSL version 0.3.0 (02/26/2006)
+
+This release of CyaSSL adds SSLv3 server support and session resumption. 
+
+See notes below for build instructions.
+
+
+*****************CyaSSL version 0.2.0 (02/19/2006)
+
+
+This is the first release of CyaSSL and its crypt brother, CTaoCrypt.  CyaSSL
+is written in ANSI C with the idea of a small code size, footprint, and memory
+usage in mind.  CTaoCrypt can be as small as 32K, and the current client
+version of CyaSSL can be as small as 12K.
+
+
+The first release of CTaoCrypt supports MD5, SHA-1, 3DES, ARC4, Big Integer
+Support, RSA, ASN parsing, and basic x509 (en/de)coding.
+
+The first release of CyaSSL supports normal client RSA mode SSLv3 connections
+with support for SHA-1 and MD5 digests.  Ciphers include 3DES and RC4.
+
+
+--To build on Linux, Solaris, *BSD, Mac OS X, or Cygwin:
+
+    ./configure
+    make
+
+    from the ./testsuite/ directory run ./testsuite 
+
+to make a debug build:
+
+    ./configure --enable-debug --disable-shared
+    make
+
+
+
+--To build on Win32
+
+Choose (Re)Build All from the project workspace
+
+Run the testsuite program
+
+
+
+*** The next release of CyaSSL will support a server and more OpenSSL
+compatibility functions.
+
+
+Please send questions or comments to todd@wolfssl.com
+
diff --git a/3P/wolfssl/README.md b/3P/wolfssl/README.md
new file mode 100644
index 00000000..d839a810
--- /dev/null
+++ b/3P/wolfssl/README.md
@@ -0,0 +1,1122 @@
+# Notes - Please read 
+
+## Note 1
+```
+CyaSSL now needs all examples and tests to be run from the CyaSSL home
+directory.  This is because it finds certs and keys from ./certs/.  Trying to
+maintain the ability to run each program from its own directory, the testsuite
+directory, the main directory (for make check/test), and for the various
+different project layouts (with or without config) was becoming harder and 
+harder.  Now to run testsuite just do:
+
+./testsuite/testsuite
+
+or 
+
+make check    (when using autoconf)
+
+On *nix or Windows the examples and testsuite will check to see if the current
+directory is the source directory and if so, attempt to change to the CyaSSL
+home directory.  This should work in most setup cases, if not, just follow the
+beginning of the note and specify the full path.
+```
+
+## Note 2
+```
+CyaSSL takes a different approach to certificate verification than OpenSSL does.
+The default policy for the client is to verify the server, this means that if
+you don't load CAs to verify the server you'll get a connect error, no signer
+error to confirm failure (-188).  If you want to mimic OpenSSL behavior of
+having SSL_connect succeed even if verifying the server fails and reducing
+security you can do this by calling:
+
+SSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, 0);
+
+before calling SSL_new();  Though it's not recommended.
+```
+
+# CyaSSL Release 3.3.2 (01/07/2015)
+
+## Release 3.3.2 CyaSSL has bug fixes and new features including:
+
+- Improvements in the build configuration under AIX.
+- Various compile warnings.
+- Changed a memcpy to memmove in the sniffer
+
+# CyaSSL Release 3.3.0 (12/05/2014)
+
+- Countermeasuers for Handshake message duplicates, CHANGE CIPHER without
+  FINISHED, and fast forward attempts.  Thanks to Karthikeyan Bhargavan from
+  the Prosecco team at INRIA Paris-Rocquencourt for the report.
+- FIPS version submitted
+- Removes SSLv2 Client Hello processing, can be enabled with OLD_HELLO_ALLOWED
+- User can set mimimum downgrade version with CyaSSL_SetMinVersion()
+- Small stack improvements at TLS/SSL layer
+- TLS Master Secret generation and Key Expansion are now exposed
+- Adds client side Secure Renegotiation, * not recommended *
+- Client side session ticket support, not fully tested with Secure Renegotiation
+- Allows up to 4096bit DHE at TLS Key Exchange layer
+- Handles non standard SessionID sizes in Hello Messages
+- PicoTCP Support
+- Sniffer now supports SNI Virtual Hosts
+- Sniffer now handles non HTTPS protocols using STARTTLS
+- Sniffer can now parse records with multiple messages
+- TI-RTOS updates
+- Fix for ColdFire optimized fp_digit read only in explicit 32bit case
+- ADH Cipher Suite ADH-AES128-SHA for EAP-FAST
+
+The CyaSSL manual is available at:
+http://www.wolfssl.com/documentation/CyaSSL-Manual.pdf.  For build instructions
+and comments about the new features please check the manual.
+
+
+# CyaSSL Release 3.2.0 (09/10/2014)
+
+#### Release 3.2.0 CyaSSL has bug fixes and new features including:
+
+- ChaCha20 and Poly1305 crypto and suites
+- Small stack improvements for OCSP, CRL, TLS, DTLS
+- NTRU Encrypt and Decrypt benchmarks
+- Updated Visual Studio project files
+- Updated Keil MDK5 project files
+- Fix for DTLS sequence numbers with GCM/CCM
+- Updated HashDRBG with more secure struct declaration
+- TI-RTOS support and example Code Composer Studio project files
+- Ability to get enabled cipher suites, CyaSSL_get_ciphers()
+- AES-GCM/CCM/Direct support for Freescale mmCAU and CAU
+- Sniffer improvement checking for decrypt key setup
+- Support for raw ECC key import
+- Ability to convert ecc_key to DER, EccKeyToDer()
+- Security fix for RSA Padding check vulnerability reported by Intel Security
+  Advanced Threat Research team
+
+The CyaSSL manual is available at:
+http://www.wolfssl.com/documentation/CyaSSL-Manual.pdf.  For build instructions
+and comments about the new features please check the manual.
+
+
+# CyaSSL Release 3.1.0 (07/14/2014)
+
+#### Release 3.1.0 CyaSSL has bug fixes and new features including:
+
+- Fix for older versions of icc without 128-bit type
+- Intel ASM syntax for AES-NI
+- Updated NTRU support, keygen benchmark
+- FIPS check for minimum required HMAC key length
+- Small stack (--enable-smallstack) improvements for PKCS#7, ASN
+- TLS extension support for DTLS
+- Default I/O callbacks external to user
+- Updated example client with bad clock test
+- Ability to set optional ECC context info
+- Ability to enable/disable DH separate from opensslextra
+- Additional test key/cert buffers for CA and server
+- Updated example certificates
+
+The CyaSSL manual is available at:
+http://www.yassl.com/documentation/CyaSSL-Manual.pdf.  For build instructions
+and comments about the new features please check the manual.
+
+
+# CyaSSL Release 3.0.2 (05/30/2014)
+
+#### Release 3.0.2 CyaSSL has bug fixes and new features including:
+
+- Added the following cipher suites:
+  * TLS_PSK_WITH_AES_128_GCM_SHA256
+  * TLS_PSK_WITH_AES_256_GCM_SHA384
+  * TLS_PSK_WITH_AES_256_CBC_SHA384
+  * TLS_PSK_WITH_NULL_SHA384
+  * TLS_DHE_PSK_WITH_AES_128_GCM_SHA256
+  * TLS_DHE_PSK_WITH_AES_256_GCM_SHA384
+  * TLS_DHE_PSK_WITH_AES_128_CBC_SHA256
+  * TLS_DHE_PSK_WITH_AES_256_CBC_SHA384
+  * TLS_DHE_PSK_WITH_NULL_SHA256
+  * TLS_DHE_PSK_WITH_NULL_SHA384
+  * TLS_DHE_PSK_WITH_AES_128_CCM
+  * TLS_DHE_PSK_WITH_AES_256_CCM
+- Added AES-NI support for Microsoft Visual Studio builds.
+- Changed small stack build to be disabled by default.
+- Updated the Hash DRBG and provided a configure option to enable.
+
+The CyaSSL manual is available at:
+http://www.yassl.com/documentation/CyaSSL-Manual.pdf.  For build instructions
+and comments about the new features please check the manual.
+
+
+# CyaSSL Release 3.0.0 (04/29/2014)
+
+#### Release 3.0.0 CyaSSL has bug fixes and new features including:
+
+- FIPS release candidate
+- X.509 improvements that address items reported by Suman Jana with security
+  researchers at UT Austin and UC Davis
+- Small stack size improvements, --enable-smallstack. Offloads large local
+  variables to the heap. (Note this is not complete.)
+- Updated AES-CCM-8 cipher suites to use approved suite numbers.
+
+The CyaSSL manual is available at:
+http://www.yassl.com/documentation/CyaSSL-Manual.pdf.  For build instructions
+and comments about the new features please check the manual.
+
+
+# CyaSSL Release 2.9.4 (04/09/2014)
+
+#### Release 2.9.4 CyaSSL has bug fixes and new features including:
+
+- Security fixes that address items reported by Ivan Fratric of the Google
+  Security Team
+- X.509 Unknown critical extensions treated as errors, report by Suman Jana with
+  security researchers at UT Austin and UC Davis
+- Sniffer fixes for corrupted packet length and Jumbo frames
+- ARM thumb mode assembly fixes
+- Xcode 5.1 support including new clang
+- PIC32 MZ hardware support
+- CyaSSL Object has enough room to read the Record Header now w/o allocs
+- FIPS wrappers for AES, 3DES, SHA1, SHA256, SHA384, HMAC, and RSA.
+- A sample I/O pool is demonstrated with --enable-iopool to overtake memory
+  handling and reduce memory fragmentation on I/O large sizes
+
+The CyaSSL manual is available at:
+http://www.yassl.com/documentation/CyaSSL-Manual.pdf.  For build instructions 
+and comments about the new features please check the manual.
+
+
+# CyaSSL Release 2.9.0 (02/07/2014)
+
+#### Release 2.9.0 CyaSSL has bug fixes and new features including:
+- Freescale Kinetis RNGB support
+- Freescale Kinetis mmCAU support
+- TLS Hello extensions
+  - ECC
+  - Secure Renegotiation (null) 
+  - Truncated HMAC
+- SCEP support
+  - PKCS #7 Enveloped data and signed data
+  - PKCS #10 Certificate Signing Request generation
+- DTLS sliding window
+- OCSP Improvements
+  - API change to integrate into Certificate Manager
+  - IPv4/IPv6 agnostic
+  - example client/server support for OCSP
+  - OCSP nonces are optional
+- GMAC hashing
+- Windows build additions
+- Windows CYGWIN build fixes
+- Updated test certificates
+- Microchip MPLAB Harmony support
+- Update autoconf scripts
+- Additional X.509 inspection functions
+- ECC encrypt/decrypt primitives
+- ECC Certificate generation
+
+The Freescale Kinetis K53 RNGB documentation can be found in Chapter 33 of the
+K53 Sub-Family Reference Manual:
+http://cache.freescale.com/files/32bit/doc/ref_manual/K53P144M100SF2RM.pdf
+
+Freescale Kinetis K60 mmCAU (AES, DES, 3DES, MD5, SHA, SHA256) documentation
+can be found in the "ColdFire/ColdFire+ CAU and Kinetis mmCAU Software Library
+User Guide":
+http://cache.freescale.com/files/32bit/doc/user_guide/CAUAPIUG.pdf
+
+
+# CyaSSL Release 2.8.0 (8/30/2013)
+
+#### Release 2.8.0 CyaSSL has bug fixes and new features including:
+- AES-GCM and AES-CCM use AES-NI
+- NetX default IO callback handlers
+- IPv6 fixes for DTLS Hello Cookies
+- The ability to unload Certs/Keys after the handshake, CyaSSL_UnloadCertsKeys()
+- SEP certificate extensions
+- Callback getters for easier resource freeing
+- External CYASSL_MAX_ERROR_SZ for correct error buffer sizing
+- MacEncrypt and DecryptVerify Callbacks for User Atomic Record Layer Processing
+- Public Key Callbacks for ECC and RSA
+- Client now sends blank cert upon request if doesn't have one with TLS <= 1.2
+
+
+The CyaSSL manual is available at:
+http://www.yassl.com/documentation/CyaSSL-Manual.pdf.  For build instructions 
+and comments about the new features please check the manual.
+
+
+# CyaSSL Release 2.7.0 (6/17/2013)
+
+#### Release 2.7.0 CyaSSL has bug fixes and new features including:
+- SNI support for client and server
+- KEIL MDK-ARM projects
+- Wildcard check to domain name match, and Subject altnames are checked too
+- Better error messages for certificate verification errors
+- Ability to discard session during handshake verify
+- More consistent error returns across all APIs
+- Ability to unload CAs at the CTX or CertManager level
+- Authority subject id support for Certificate matching
+- Persistent session cache functionality
+- Persistent CA cache functionality
+- Client session table lookups to push serverID table to library level
+- Camellia support to sniffer
+- User controllable settings for DTLS timeout values
+- Sniffer fixes for caching long lived sessions
+- DTLS reliability enhancements for the handshake
+- Better ThreadX support
+
+When compiling with Mingw, libtool may give the following warning due to
+path conversion errors:
+ 
+```
+libtool: link: Could not determine host file name corresponding to **
+libtool: link: Continuing, but uninstalled executables may not work.
+```
+
+If so, examples and testsuite will have problems when run, showing an
+error while loading shared libraries. To resolve, please run "make install".
+
+The CyaSSL manual is available at:
+http://www.yassl.com/documentation/CyaSSL-Manual.pdf.  For build instructions 
+and comments about the new features please check the manual.
+
+
+# CyaSSL Release 2.6.0 (04/15/2013)
+
+#### Release 2.6.0 CyaSSL has bug fixes and new features including:
+- DTLS 1.2 support including AEAD ciphers
+- SHA-3 finalist Blake2 support, it's fast and uses little resources
+- SHA-384 cipher suites including ECC ones
+- HMAC now supports SHA-512
+- Track memory use for example client/server with -t option
+- Better IPv6 examples with --enable-ipv6, before if ipv6 examples/tests were
+  turned on, localhost only was used.  Now link-local (with scope ids) and ipv6
+  hosts can be used as well.
+- Xcode v4.6 project for iOS v6.1 update
+- settings.h is now checked in all *.c files for true one file setting detection
+- Better alignment at SSL layer for hardware crypto alignment needs
+    * Note, SSL itself isn't friendly to alignment with 5 byte TLS headers and
+      13 bytes DTLS headers, but every effort is now made to align with the
+      CYASSL_GENERAL_ALIGNMENT flag which sets desired alignment requirement
+- NO_64BIT flag to turn off 64bit data type accumulators in public key code
+    * Note, some systems are faster with 32bit accumulators 
+- --enable-stacksize for example client/server stack use
+    * Note, modern desktop Operating Systems may add bytes to each stack frame
+- Updated compression/decompression with direct crypto access
+- All ./configure options are now lowercase only for consistency
+- ./configure builds default to fastmath option
+    * Note, if on ia32 and building in shared mode this may produce a problem
+      with a missing register being available because of PIC, there are at least
+      5 solutions to this:
+      1) --disable-fastmath , don't use fastmath
+      2) --disable-shared, don't build a shared library
+      3) C_EXTRA_FLAGS=-DTFM_NO_ASM , turn off assembly use
+      4) use clang, it just seems to work
+      5) play around with no PIC options to force all registers being open
+- Many new ./configure switches for option enable/disable for example
+    * rsa
+    * dh
+    * dsa
+    * md5
+    * sha 
+    * arc4
+    * null    (allow NULL ciphers)
+    * oldtls  (only use TLS 1.2)
+    * asn     (no certs or public keys allowed)
+- ./configure generates cyassl/options.h which allows a header the user can 
+  include in their app to make sure the same options are set at the app and
+  CyaSSL level.
+- autoconf no longer needs serial-tests which lowers version requirements of
+  automake to 1.11 and autoconf to 2.63
+
+The CyaSSL manual is available at:
+http://www.yassl.com/documentation/CyaSSL-Manual.pdf.  For build instructions 
+and comments about the new features please check the manual.
+
+
+
+# CyaSSL Release 2.5.0 (02/04/2013)
+
+#### Release 2.5.0 CyaSSL has bug fixes and new features including:
+- Fix for TLS CBC padding timing attack identified by Nadhem Alfardan and
+  Kenny Paterson: http://www.isg.rhul.ac.uk/tls/
+- Microchip PIC32 (MIPS16, MIPS32) support
+- Microchip MPLAB X example projects for PIC32 Ethernet Starter Kit
+- Updated CTaoCrypt benchmark app for embedded systems
+- 1024-bit test certs/keys and cert/key buffers
+- AES-CCM-8 crypto and cipher suites
+- Camellia crypto and cipher suites
+- Bumped minimum autoconf version to 2.65, automake version to 1.12
+- Addition of OCSP callbacks
+- STM32F2 support with hardware crypto and RNG 
+- Cavium NITROX support
+
+CTaoCrypt now has support for the Microchip PIC32 and has been tested with
+the Microchip PIC32 Ethernet Starter Kit, the XC32 compiler and
+MPLAB X IDE in both MIPS16 and MIPS32 instruction set modes. See the README
+located under the /mplabx directory for more details.
+
+To add Cavium NITROX support do:
+
+./configure --with-cavium=/home/user/cavium/software
+
+pointing to your licensed cavium/software directory.  Since Cavium doesn't
+build a library we pull in the cavium_common.o file which gives a libtool 
+warning about the portability of this.  Also, if you're using the github source
+tree you'll need to remove the -Wredundant-decls warning from the generated
+Makefile because the cavium headers don't conform to this warning.  Currently
+CyaSSL supports Cavium RNG, AES, 3DES, RC4, HMAC, and RSA directly at the crypto
+layer.  Support at the SSL level is partial and currently just does AES, 3DES,
+and RC4.  RSA and HMAC are slower until the Cavium calls can be utilized in non
+blocking mode.  The example client turns on cavium support as does the crypto
+test and benchmark.  Please see the HAVE_CAVIUM define.
+
+CyaSSL is able to use the STM32F2 hardware-based cryptography and random number
+generator through the STM32F2 Standard Peripheral Library. For necessary
+defines, see the CYASSL_STM32F2 define in settings.h. Documentation for the
+STM32F2 Standard Peripheral Library can be found in the following document: 
+http://www.st.com/internet/com/TECHNICAL_RESOURCES/TECHNICAL_LITERATURE/USER_MANUAL/DM00023896.pdf
+
+The CyaSSL manual is available at:
+http://www.yassl.com/documentation/CyaSSL-Manual.pdf.  For build instructions 
+and comments about the new features please check the manual.
+
+
+
+# CyaSSL Release 2.4.6 (12/20/2012)
+
+#### Release 2.4.6 CyaSSL has bug fixes and a few new features including:
+- ECC into main version
+- Lean PSK build (reduced code size, RAM usage, and stack usage)
+- FreeBSD CRL monitor support
+- CyaSSL_peek()
+- CyaSSL_send() and CyaSSL_recv() for I/O flag setting
+- CodeWarrior Support
+- MQX Support
+- Freescale Kinetis support including Hardware RNG
+- autoconf builds use jobserver
+- cyassl-config
+- Sniffer memory reductions
+
+Thanks to Brian Aker for the improved autoconf system, make rpm, cyassl-config,
+warning system, and general good ideas for improving CyaSSL!
+
+The Freescale Kinetis K70 RNGA documentation can be found in Chapter 37 of the
+K70 Sub-Family Reference Manual:
+http://cache.freescale.com/files/microcontrollers/doc/ref_manual/K70P256M150SF3RM.pdf
+
+The CyaSSL manual is available at:
+http://www.yassl.com/documentation/CyaSSL-Manual.pdf.  For build instructions 
+and comments about the new features please check the manual.
+
+
+# CyaSSL Release 2.4.0 (10/10/2012)
+
+#### Release 2.4.0 CyaSSL has bug fixes and a few new features including:
+- DTLS reliability
+- Reduced memory usage after handshake
+- Updated build process
+
+The CyaSSL manual is available at:
+http://www.yassl.com/documentation/CyaSSL-Manual.pdf.  For build instructions 
+and comments about the new features please check the manual.
+
+
+
+# CyaSSL Release 2.3.0 (8/10/2012)
+
+#### Release 2.3.0 CyaSSL has bug fixes and a few new features including:
+- AES-GCM crypto and cipher suites
+- make test cipher suite checks
+- Subject AltName processing
+- Command line support for client/server examples
+- Sniffer SessionTicket support
+- SHA-384 cipher suites
+- Verify cipher suite validity when user overrides
+- CRL dir monitoring
+- DTLS Cookie support, reliability coming soon
+
+The CyaSSL manual is available at:
+http://www.yassl.com/documentation/CyaSSL-Manual.pdf.  For build instructions 
+and comments about the new features please check the manual.
+
+
+
+# CyaSSL Release 2.2.0 (5/18/2012)
+
+#### Release 2.2.0 CyaSSL has bug fixes and a few new features including:
+- Initial CRL support (--enable-crl)
+- Initial OCSP support (--enable-ocsp)
+- Add static ECDH suites
+- SHA-384 support
+- ECC client certificate support
+- Add medium session cache size (1055 sessions) 
+- Updated unit tests
+- Protection against mutex reinitialization
+
+
+The CyaSSL manual is available at:
+http://www.yassl.com/documentation/CyaSSL-Manual.pdf.  For build instructions 
+and comments about the new features please check the manual.
+
+
+
+# CyaSSL Release 2.0.8 (2/24/2012)
+
+#### Release 2.0.8 CyaSSL has bug fixes and a few new features including:
+- A fix for malicious certificates pointed out by Remi Gacogne (thanks)
+  resulting in NULL pointer use.
+- Respond to renegotiation attempt with no_renegoatation alert
+- Add basic path support for load_verify_locations()
+- Add set Temp EC-DHE key size
+- Extra checks on rsa test when porting into
+
+
+The CyaSSL manual is available at:
+http://www.yassl.com/documentation/CyaSSL-Manual.pdf.  For build instructions 
+and comments about the new features please check the manual.
+
+
+
+# CyaSSL Release 2.0.6 (1/27/2012)
+
+#### Release 2.0.6 CyaSSL has bug fixes and a few new features including:
+- Fixes for CA basis constraint check
+- CTX reference counting
+- Initial unit test additions
+- Lean and Mean Windows fix
+- ECC benchmarking
+- SSMTP build support
+- Ability to group handshake messages with set_group_messages(ctx/ssl)
+- CA cache addition callback
+- Export Base64_Encode for general use
+
+The CyaSSL manual is available at:
+http://www.yassl.com/documentation/CyaSSL-Manual.pdf.  For build instructions 
+and comments about the new features please check the manual.
+
+
+
+# CyaSSL Release 2.0.2 (12/05/2011)
+
+#### Release 2.0.2 CyaSSL has bug fixes and a few new features including:
+- CTaoCrypt Runtime library detection settings when directly using the crypto
+  library
+- Default certificate generation now uses SHAwRSA and adds SHA256wRSA generation
+- All test certificates now use 2048bit and SHA-1 for better modern browser
+  support
+- Direct AES block access and AES-CTR (counter) mode
+- Microchip pic32 support
+
+The CyaSSL manual is available at:
+http://www.yassl.com/documentation/CyaSSL-Manual.pdf.  For build instructions 
+and comments about the new features please check the manual.
+
+
+
+# CyaSSL Release 2.0.0rc3 (9/28/2011)
+
+#### Release 2.0.0rc3 for CyaSSL has bug fixes and a few new features including:
+- updated autoconf support
+- better make install and uninstall  (uses system directories)
+- make test / make check
+- CyaSSL headers now in 
+- CTaocrypt headers now in 
+- OpenSSL compatibility headers now in 
+- examples and tests all run from home directory so can use certs in ./certs
+        (see note 1)
+
+So previous applications that used the OpenSSL compatibility header
+ now need to include  instead, no other
+changes are required.
+
+Special Thanks to Brian Aker for his autoconf, install, and header patches.
+
+The CyaSSL manual is available at:
+http://www.yassl.com/documentation/CyaSSL-Manual.pdf.  For build instructions 
+and comments about the new features please check the manual.
+
+# CyaSSL Release 2.0.0rc2 (6/6/2011)
+
+#### Release 2.0.0rc2 for CyaSSL has bug fixes and a few new features including:
+- bug fixes (Alerts, DTLS with DHE)
+- FreeRTOS support
+- lwIP support
+- Wshadow warnings removed
+- asn public header
+- CTaoCrypt public headers now all have ctc_ prefix (the manual is still being
+        updated to reflect this change)
+- and more.
+
+This is the 2nd and perhaps final release candidate for version 2.
+Please send any comments or questions to support@yassl.com.
+
+The CyaSSL manual is available at:
+http://www.yassl.com/documentation/CyaSSL-Manual.pdf.  For build instructions 
+and comments about the new features please check the manual.
+
+# CyaSSL Release 2.0.0rc1 (5/2/2011)
+
+#### Release 2.0.0rc1 for CyaSSL has many new features including:
+- bug fixes
+- SHA-256 cipher suites 
+- Root Certificate Verification (instead of needing all certs in the chain) 
+- PKCS #8 private key encryption (supports PKCS #5 v1-v2 and PKCS #12) 
+- Serial number retrieval for x509 
+- PBKDF2 and PKCS #12 PBKDF 
+- UID parsing for x509 
+- SHA-256 certificate signatures 
+- Client and server can send chains (SSL_CTX_use_certificate_chain_file) 
+- CA loading can now parse multiple certificates per file
+- Dynamic memory runtime hooks
+- Runtime hooks for logging
+- EDH on server side
+- More informative error codes
+- More informative logging messages
+- Version downgrade more robust (use SSL_v23*)
+- Shared build only by default through ./configure
+- Compiler visibility is now used, internal functions not polluting namespace
+- Single Makefile, no recursion, for faster and simpler building
+- Turn on all warnings possible build option, warning fixes
+- and more.
+
+Because of all the new features and the multiple OS, compiler, feature-set
+options that CyaSSL allows, there may be some configuration fixes needed.
+Please send any comments or questions to support@yassl.com.
+
+The CyaSSL manual is available at:
+http://www.yassl.com/documentation/CyaSSL-Manual.pdf.  For build instructions 
+and comments about the new features please check the manual.
+
+# CyaSSL Release 1.9.0 (3/2/2011)
+
+Release 1.9.0 for CyaSSL adds bug fixes, improved TLSv1.2 through testing and
+better hash/sig algo ids, --enable-webServer for the yaSSL embedded web server,
+improper AES key setup detection, user cert verify callback improvements, and
+more.
+
+The CyaSSL manual offering is included in the doc/ directory.  For build
+instructions and comments about the new features please check the manual.
+
+Please send any comments or questions to support@yassl.com.
+
+# CyaSSL Release 1.8.0 (12/23/2010)
+
+Release 1.8.0 for CyaSSL adds bug fixes, x509 v3 CA signed certificate
+generation, a C standard library abstraction layer, lower memory use, increased
+portability through the os_settings.h file, and the ability to use NTRU cipher
+suites when used in conjunction with an NTRU license and library.
+
+The initial CyaSSL manual offering is included in the doc/ directory.  For
+build instructions and comments about the new features please check the manual.
+
+Please send any comments or questions to support@yassl.com.
+
+Happy Holidays.
+ 
+
+# CyaSSL Release 1.6.5 (9/9/2010)
+
+Release 1.6.5 for CyaSSL adds bug fixes and x509 v3 self signed certificate
+generation.
+ 
+For general build instructions see doc/Building_CyaSSL.pdf.
+
+To enable certificate generation support add this option to ./configure
+./configure --enable-certgen
+
+An example is included in ctaocrypt/test/test.c and documentation is provided
+in doc/CyaSSL_Extensions_Reference.pdf item 11.
+
+# CyaSSL Release 1.6.0 (8/27/2010)
+
+Release 1.6.0 for CyaSSL adds bug fixes, RIPEMD-160, SHA-512, and RSA key
+generation.
+ 
+For general build instructions see doc/Building_CyaSSL.pdf.
+
+To add RIPEMD-160 support add this option to ./configure
+./configure --enable-ripemd
+
+To add SHA-512 support add this option to ./configure
+./configure --enable-sha512
+
+To add RSA key generation support add this option to ./configure
+./configure --enable-keygen
+
+Please see ctaocrypt/test/test.c for examples and usage.
+
+For Windows, RIPEMD-160 and SHA-512 are enabled by default but key generation is
+off by default.  To turn key generation on add the define CYASSL_KEY_GEN to
+CyaSSL.
+
+
+# CyaSSL Release 1.5.6 (7/28/2010)
+
+Release 1.5.6 for CyaSSL adds bug fixes, compatibility for our JSSE provider,
+and a fix for GCC builds on some systems.
+ 
+For general build instructions see doc/Building_CyaSSL.pdf.
+
+To add AES-NI support add this option to ./configure
+./configure --enable-aesni
+
+You'll need GCC 4.4.3 or later to make use of the assembly.
+
+# CyaSSL Release 1.5.4 (7/7/2010)
+
+Release 1.5.4 for CyaSSL adds bug fixes, support for AES-NI, SHA1 speed 
+improvements from loop unrolling, and support for the Mongoose Web Server.
+ 
+For general build instructions see doc/Building_CyaSSL.pdf.
+
+To add AES-NI support add this option to ./configure
+./configure --enable-aesni
+
+You'll need GCC 4.4.3 or later to make use of the assembly.
+
+# CyaSSL Release 1.5.0 (5/11/2010)
+
+Release 1.5.0 for CyaSSL adds bug fixes, GoAhead WebServer support, sniffer
+support, and initial swig interface support.
+
+For general build instructions see doc/Building_CyaSSL.pdf.
+
+To add support for GoAhead WebServer either --enable-opensslExtra or if you
+don't want all the features of opensslExtra you can just define GOAHEAD_WS
+instead.  GOAHEAD_WS can be added to ./configure with CFLAGS=-DGOAHEAD_WS or
+you can define it yourself.
+
+To look at the sniffer support please see the sniffertest app in
+sslSniffer/sslSnifferTest.  Build with --enable-sniffer on *nix or use the
+vcproj files on windows.  You'll need to have pcap installed on *nix and
+WinPcap on windows.
+
+A swig interface file is now located in the swig directory for using Python,
+Java, Perl, and others with CyaSSL.  This is initial support and experimental,
+please send questions or comments to support@yassl.com.
+
+When doing load testing with CyaSSL, on the echoserver example say, the client
+machine may run out of tcp ephemeral ports, they will end up in the TIME_WAIT
+queue, and can't be reused by default.  There are generally two ways to fix
+this. 
+
+1. Reduce the length sockets remain on the TIME_WAIT queue OR
+2. Allow items on the TIME_WAIT queue to be reused.
+
+
+To reduce the TIME_WAIT length in OS X to 3 seconds (3000 milliseconds)
+
+`sudo sysctl -w net.inet.tcp.msl=3000`
+
+In Linux
+
+`sudo sysctl -w net.ipv4.tcp_tw_reuse=1`
+
+allows reuse of sockets in TIME_WAIT
+
+`sudo sysctl -w net.ipv4.tcp_tw_recycle=1`
+
+works but seems to remove sockets from  TIME_WAIT entirely?
+
+`sudo sysctl -w net.ipv4.tcp_fin_timeout=1`
+
+doen't control TIME_WAIT, it controls FIN_WAIT(2) contrary to some posts
+
+
+# CyaSSL Release 1.4.0 (2/18/2010)
+
+Release 1.3.0 for CyaSSL adds bug fixes, better multi TLS/SSL version support
+through SSLv23_server_method(), and improved documentation in the doc/ folder.
+
+For general build instructions doc/Building_CyaSSL.pdf.
+
+# CyaSSL Release 1.3.0 (1/21/2010)
+
+Release 1.3.0 for CyaSSL adds bug fixes, a potential security problem fix,
+better porting support, removal of assert()s, and a complete THREADX port.
+
+For general build instructions see rc1 below.
+
+# CyaSSL Release 1.2.0 (11/2/2009)
+
+Release 1.2.0 for CyaSSL adds bug fixes and session negotiation if first use is
+read or write.
+
+For general build instructions see rc1 below.
+
+# CyaSSL Release 1.1.0 (9/2/2009)
+
+Release 1.1.0 for CyaSSL adds bug fixes, a check against malicious session
+cache use, support for lighttpd, and TLS 1.2.
+
+To get TLS 1.2 support please use the client and server functions:
+
+```c
+SSL_METHOD *TLSv1_2_server_method(void);
+SSL_METHOD *TLSv1_2_client_method(void);
+```
+
+CyaSSL was tested against lighttpd 1.4.23.  To build CyaSSL for use with 
+lighttpd use the following commands from the CyaSSL install dir :
+
+```
+./configure --disable-shared --enable-opensslExtra --enable-fastmath --without-zlib
+
+make
+make openssl-links
+```
+
+Then to build lighttpd with CyaSSL use the following commands from the
+lighttpd install dir:
+
+```
+./configure --with-openssl --with-openssl-includes=/include --with-openssl-libs=/lib LDFLAGS=-lm
+
+make
+```
+
+On some systems you may get a linker error about a duplicate symbol for
+MD5_Init or other MD5 calls.  This seems to be caused by the lighttpd src file
+md5.c, which defines MD5_Init(), and is included in liblightcomp_la-md5.o.
+When liblightcomp is linked with the SSL_LIBs the linker may complain about
+the duplicate symbol.  This can be fixed by editing the lighttpd src file md5.c
+and adding this line to the beginning of the file:
+
+\#if 0
+
+and this line to the end of the file
+
+\#endif
+
+Then from the lighttpd src dir do a:
+
+```
+make clean
+make
+```
+
+If you get link errors about undefined symbols more than likely the actual
+OpenSSL libraries are found by the linker before the CyaSSL openssl-links that
+point to the CyaSSL library, causing the linker confusion.  This can be fixed
+by editing the Makefile in the lighttpd src directory and changing the line:
+
+`SSL_LIB = -lssl -lcrypto`
+
+to
+
+`SSL_LIB = -lcyassl`
+
+Then from the lighttpd src dir do a:
+
+```
+make clean
+make
+```
+
+This should remove any confusion the linker may be having with missing symbols.
+
+For any questions or concerns please contact support@yassl.com .
+
+For general build instructions see rc1 below.
+
+# CyaSSL Release 1.0.6 (8/03/2009)
+
+Release 1.0.6 for CyaSSL adds bug fixes, an improved session cache, and faster
+math with a huge code option.
+
+The session cache now defaults to a client mode, also good for embedded servers.
+For servers not under heavy load (less than 200 new sessions per minute), define
+BIG_SESSION_CACHE.  If the server will be under heavy load, define
+HUGE_SESSION_CACHE.
+
+There is now a fasthugemath option for configure.  This enables fastmath plus
+even faster math by greatly increasing the code size of the math library. Use
+the benchmark utility to compare public key operations.
+
+
+For general build instructions see rc1 below.
+
+# CyaSSL Release 1.0.3 (5/10/2009)
+
+Release 1.0.3 for CyaSSL adds bug fixes and add increased support for OpenSSL
+compatibility when building other applications.
+
+Release 1.0.3 includes an alpha release of DTLS for both client and servers.
+This is only for testing purposes at this time.  Rebroadcast and reordering
+aren't fully implemented at this time but will be for the next release.
+
+For general build instructions see rc1 below.
+
+# CyaSSL Release 1.0.2 (4/3/2009)
+
+Release 1.0.2 for CyaSSL adds bug fixes for a couple I/O issues.  Some systems
+will send a SIGPIPE on socket recv() at any time and this should be handled by
+the application by turning off SIGPIPE through setsockopt() or returning from
+the handler.
+
+Release 1.0.2 includes an alpha release of DTLS for both client and servers.
+This is only for testing purposes at this time.  Rebroadcast and reordering
+aren't fully implemented at this time but will be for the next release.
+
+For general build instructions see rc1 below.
+
+## CyaSSL Release Candidiate 3 rc3-1.0.0 (2/25/2009)
+
+
+Release Candidate 3 for CyaSSL 1.0.0 adds bug fixes and adds a project file for
+iPhone development with Xcode.  cyassl-iphone.xcodeproj is located in the root
+directory.  This release also includes a fix for supporting other
+implementations that bundle multiple messages at the record layer, this was
+lost when cyassl i/o was re-implemented but is now fixed.
+
+For general build instructions see rc1 below.
+
+## CyaSSL Release Candidiate 2 rc2-1.0.0 (1/21/2009)
+
+
+Release Candidate 2 for CyaSSL 1.0.0 adds bug fixes and adds two new stream
+ciphers along with their respective cipher suites.  CyaSSL adds support for
+HC-128 and RABBIT stream ciphers.  The new suites are:
+
+```
+TLS_RSA_WITH_HC_128_SHA
+TLS_RSA_WITH_RABBIT_SHA
+```
+
+And the corresponding cipher names are
+
+```
+HC128-SHA
+RABBIT-SHA
+```
+
+CyaSSL also adds support for building with devkitPro for PPC by changing the
+library proper to use libogc.  The examples haven't been changed yet but if
+there's interest they can be.  Here's an example ./configure to build CyaSSL
+for devkitPro:
+
+```
+./configure --disable-shared CC=/pathTo/devkitpro/devkitPPC/bin/powerpc-gekko-gcc --host=ppc --without-zlib --enable-singleThreaded RANLIB=/pathTo/devkitpro/devkitPPC/bin/powerpc-gekko-ranlib CFLAGS="-DDEVKITPRO -DGEKKO"
+```
+
+For linking purposes you'll need
+
+`LDFLAGS="-g -mrvl -mcpu=750 -meabi -mhard-float -Wl,-Map,$(notdir $@).map"`
+
+For general build instructions see rc1 below.
+
+
+## CyaSSL Release Candidiate 1 rc1-1.0.0 (12/17/2008)
+
+
+Release Candidate 1 for CyaSSL 1.0.0 contains major internal changes.  Several
+areas have optimization improvements, less dynamic memory use, and the I/O
+strategy has been refactored to allow alternate I/O handling or Library use.
+Many thanks to Thierry Fournier for providing these ideas and most of the work.
+
+Because of these changes, this release is only a candidate since some problems
+are probably inevitable on some platform with some I/O use.  Please report any
+problems and we'll try to resolve them as soon as possible.  You can contact us
+at support@yassl.com or todd@yassl.com.
+
+Using TomsFastMath by passing --enable-fastmath to ./configure now uses assembly
+on some platforms.  This is new so please report any problems as every compiler,
+mode, OS combination hasn't been tested.  On ia32 all of the registers need to
+be available so be sure to pass these options to CFLAGS:
+
+`CFLAGS="-O3 -fomit-frame-pointer"`
+
+OS X will also need -mdynamic-no-pic added to CFLAGS
+
+Also if you're building in shared mode for ia32 you'll need to pass options to
+LDFLAGS as well on OS X:
+
+`LDFLAGS=-Wl,-read_only_relocs,warning`
+
+This gives warnings for some symbols but seems to work.
+
+
+#### To build on Linux, Solaris, *BSD, Mac OS X, or Cygwin:
+
+    ./configure
+    make
+
+    from the ./testsuite/ directory run ./testsuite 
+
+#### To make a debug build:
+
+    ./configure --enable-debug --disable-shared
+    make
+
+
+
+#### To build on Win32
+
+Choose (Re)Build All from the project workspace
+
+Run the testsuite program
+
+
+
+
+
+# CyaSSL version 0.9.9 (7/25/2008) 
+
+This release of CyaSSL adds bug fixes, Pre-Shared Keys, over-rideable memory
+handling, and optionally TomsFastMath.  Thanks to Moisés Guimarães for the
+work on TomsFastMath.
+
+To optionally use TomsFastMath pass --enable-fastmath to ./configure
+Or define USE_FAST_MATH in each project from CyaSSL for MSVC.
+
+Please use the benchmark routine before and after to see the performance
+difference, on some platforms the gains will be little but RSA encryption
+always seems to be faster.  On x86-64 machines with GCC the normal math library
+may outperform the fast one when using CFLAGS=-m64 because TomsFastMath can't
+yet use -m64 because of GCCs inability to do 128bit division.
+
+     *** UPDATE GCC 4.2.1 can now do 128bit division ***
+
+See notes below (0.2.0) for complete build instructions.
+
+
+# CyaSSL version 0.9.8 (5/7/2008) 
+
+This release of CyaSSL adds bug fixes, client side Diffie-Hellman, and better
+socket handling.
+
+See notes below (0.2.0) for complete build instructions.
+
+
+# CyaSSL version 0.9.6 (1/31/2008) 
+
+This release of CyaSSL adds bug fixes, increased session management, and a fix
+for gnutls.
+
+See notes below (0.2.0) for complete build instructions.
+
+
+# CyaSSL version 0.9.0 (10/15/2007) 
+
+This release of CyaSSL adds bug fixes, MSVC 2005 support, GCC 4.2 support, 
+IPV6 support and test, and new test certificates.
+
+See notes below (0.2.0) for complete build instructions.
+
+
+# CyaSSL version 0.8.0 (1/10/2007) 
+
+This release of CyaSSL adds increased socket support, for non-blocking writes,
+connects, and interrupted system calls.
+
+See notes below (0.2.0) for complete build instructions.
+
+
+# CyaSSL version 0.6.3 (10/30/2006) 
+
+This release of CyaSSL adds debug logging to stderr to aid in the debugging of
+CyaSSL on systems that may not provide the best support.
+
+If CyaSSL is built with debugging support then you need to call
+CyaSSL_Debugging_ON() to turn logging on.
+
+On Unix use ./configure --enable-debug
+
+On Windows define DEBUG_CYASSL when building CyaSSL
+
+
+To turn logging back off call CyaSSL_Debugging_OFF()
+
+See notes below (0.2.0) for complete build instructions.
+
+
+# CyaSSL version 0.6.2 (10/29/2006) 
+
+This release of CyaSSL adds TLS 1.1.
+
+Note that CyaSSL has certificate verification on by default, unlike OpenSSL.
+To emulate OpenSSL behavior, you must call SSL_CTX_set_verify() with
+SSL_VERIFY_NONE.  In order to have full security you should never do this, 
+provide CyaSSL with the proper certificates to eliminate impostors and call
+CyaSSL_check_domain_name() to prevent man in the middle attacks.
+
+See notes below (0.2.0) for build instructions.
+
+# CyaSSL version 0.6.0 (10/25/2006) 
+
+This release of CyaSSL adds more SSL functions, better autoconf, nonblocking
+I/O for accept, connect, and read.  There is now an --enable-small configure
+option that turns off TLS, AES, DES3, HMAC, and ERROR_STRINGS, see configure.in
+for the defines.  Note that TLS requires HMAC and AES requires TLS.
+
+See notes below (0.2.0) for build instructions.
+
+
+# CyaSSL version 0.5.5 (09/27/2006) 
+
+This mini release of CyaSSL adds better input processing through buffered input
+and big message support.  Added SSL_pending() and some sanity checks on user
+settings.
+
+See notes below (0.2.0) for build instructions.
+
+
+# CyaSSL version 0.5.0 (03/27/2006) 
+
+This release of CyaSSL adds AES support and minor bug fixes. 
+
+See notes below (0.2.0) for build instructions.
+
+
+# CyaSSL version 0.4.0 (03/15/2006)
+
+This release of CyaSSL adds TLSv1 client/server support and libtool. 
+
+See notes below for build instructions.
+
+
+# CyaSSL version 0.3.0 (02/26/2006)
+
+This release of CyaSSL adds SSLv3 server support and session resumption. 
+
+See notes below for build instructions.
+
+
+# CyaSSL version 0.2.0 (02/19/2006)
+
+
+This is the first release of CyaSSL and its crypt brother, CTaoCrypt.  CyaSSL
+is written in ANSI C with the idea of a small code size, footprint, and memory
+usage in mind.  CTaoCrypt can be as small as 32K, and the current client
+version of CyaSSL can be as small as 12K.
+
+
+The first release of CTaoCrypt supports MD5, SHA-1, 3DES, ARC4, Big Integer
+Support, RSA, ASN parsing, and basic x509 (en/de)coding.
+
+The first release of CyaSSL supports normal client RSA mode SSLv3 connections
+with support for SHA-1 and MD5 digests.  Ciphers include 3DES and RC4.
+
+
+#### To build on Linux, Solaris, *BSD, Mac OS X, or Cygwin:
+
+    ./configure
+    make
+
+    from the ./testsuite/ directory run ./testsuite 
+
+#### to make a debug build:
+
+    ./configure --enable-debug --disable-shared
+    make
+
+
+
+#### To build on Win32
+
+Choose (Re)Build All from the project workspace
+
+Run the testsuite program
+
+
+
+*** The next release of CyaSSL will support a server and more OpenSSL
+compatibility functions.
+
+
+Please send questions or comments to todd@yassl.com
diff --git a/3P/wolfssl/aclocal.m4 b/3P/wolfssl/aclocal.m4
new file mode 100644
index 00000000..64fd2c65
--- /dev/null
+++ b/3P/wolfssl/aclocal.m4
@@ -0,0 +1,1195 @@
+# generated automatically by aclocal 1.14.1 -*- Autoconf -*-
+
+# Copyright (C) 1996-2013 Free Software Foundation, Inc.
+
+# This file is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+m4_ifndef([AC_CONFIG_MACRO_DIRS], [m4_defun([_AM_CONFIG_MACRO_DIRS], [])m4_defun([AC_CONFIG_MACRO_DIRS], [_AM_CONFIG_MACRO_DIRS($@)])])
+m4_ifndef([AC_AUTOCONF_VERSION],
+  [m4_copy([m4_PACKAGE_VERSION], [AC_AUTOCONF_VERSION])])dnl
+m4_if(m4_defn([AC_AUTOCONF_VERSION]), [2.69],,
+[m4_warning([this file was generated for autoconf 2.69.
+You have another version of autoconf.  It may work, but is not guaranteed to.
+If you have problems, you may need to regenerate the build system entirely.
+To do so, use the procedure documented by the package, typically 'autoreconf'.])])
+
+# Copyright (C) 2002-2013 Free Software Foundation, Inc.
+#
+# This file is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# AM_AUTOMAKE_VERSION(VERSION)
+# ----------------------------
+# Automake X.Y traces this macro to ensure aclocal.m4 has been
+# generated from the m4 files accompanying Automake X.Y.
+# (This private macro should not be called outside this file.)
+AC_DEFUN([AM_AUTOMAKE_VERSION],
+[am__api_version='1.14'
+dnl Some users find AM_AUTOMAKE_VERSION and mistake it for a way to
+dnl require some minimum version.  Point them to the right macro.
+m4_if([$1], [1.14.1], [],
+      [AC_FATAL([Do not call $0, use AM_INIT_AUTOMAKE([$1]).])])dnl
+])
+
+# _AM_AUTOCONF_VERSION(VERSION)
+# -----------------------------
+# aclocal traces this macro to find the Autoconf version.
+# This is a private macro too.  Using m4_define simplifies
+# the logic in aclocal, which can simply ignore this definition.
+m4_define([_AM_AUTOCONF_VERSION], [])
+
+# AM_SET_CURRENT_AUTOMAKE_VERSION
+# -------------------------------
+# Call AM_AUTOMAKE_VERSION and AM_AUTOMAKE_VERSION so they can be traced.
+# This function is AC_REQUIREd by AM_INIT_AUTOMAKE.
+AC_DEFUN([AM_SET_CURRENT_AUTOMAKE_VERSION],
+[AM_AUTOMAKE_VERSION([1.14.1])dnl
+m4_ifndef([AC_AUTOCONF_VERSION],
+  [m4_copy([m4_PACKAGE_VERSION], [AC_AUTOCONF_VERSION])])dnl
+_AM_AUTOCONF_VERSION(m4_defn([AC_AUTOCONF_VERSION]))])
+
+# Figure out how to run the assembler.                      -*- Autoconf -*-
+
+# Copyright (C) 2001-2013 Free Software Foundation, Inc.
+#
+# This file is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# AM_PROG_AS
+# ----------
+AC_DEFUN([AM_PROG_AS],
+[# By default we simply use the C compiler to build assembly code.
+AC_REQUIRE([AC_PROG_CC])
+test "${CCAS+set}" = set || CCAS=$CC
+test "${CCASFLAGS+set}" = set || CCASFLAGS=$CFLAGS
+AC_ARG_VAR([CCAS],      [assembler compiler command (defaults to CC)])
+AC_ARG_VAR([CCASFLAGS], [assembler compiler flags (defaults to CFLAGS)])
+_AM_IF_OPTION([no-dependencies],, [_AM_DEPENDENCIES([CCAS])])dnl
+])
+
+# AM_AUX_DIR_EXPAND                                         -*- Autoconf -*-
+
+# Copyright (C) 2001-2013 Free Software Foundation, Inc.
+#
+# This file is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# For projects using AC_CONFIG_AUX_DIR([foo]), Autoconf sets
+# $ac_aux_dir to '$srcdir/foo'.  In other projects, it is set to
+# '$srcdir', '$srcdir/..', or '$srcdir/../..'.
+#
+# Of course, Automake must honor this variable whenever it calls a
+# tool from the auxiliary directory.  The problem is that $srcdir (and
+# therefore $ac_aux_dir as well) can be either absolute or relative,
+# depending on how configure is run.  This is pretty annoying, since
+# it makes $ac_aux_dir quite unusable in subdirectories: in the top
+# source directory, any form will work fine, but in subdirectories a
+# relative path needs to be adjusted first.
+#
+# $ac_aux_dir/missing
+#    fails when called from a subdirectory if $ac_aux_dir is relative
+# $top_srcdir/$ac_aux_dir/missing
+#    fails if $ac_aux_dir is absolute,
+#    fails when called from a subdirectory in a VPATH build with
+#          a relative $ac_aux_dir
+#
+# The reason of the latter failure is that $top_srcdir and $ac_aux_dir
+# are both prefixed by $srcdir.  In an in-source build this is usually
+# harmless because $srcdir is '.', but things will broke when you
+# start a VPATH build or use an absolute $srcdir.
+#
+# So we could use something similar to $top_srcdir/$ac_aux_dir/missing,
+# iff we strip the leading $srcdir from $ac_aux_dir.  That would be:
+#   am_aux_dir='\$(top_srcdir)/'`expr "$ac_aux_dir" : "$srcdir//*\(.*\)"`
+# and then we would define $MISSING as
+#   MISSING="\${SHELL} $am_aux_dir/missing"
+# This will work as long as MISSING is not called from configure, because
+# unfortunately $(top_srcdir) has no meaning in configure.
+# However there are other variables, like CC, which are often used in
+# configure, and could therefore not use this "fixed" $ac_aux_dir.
+#
+# Another solution, used here, is to always expand $ac_aux_dir to an
+# absolute PATH.  The drawback is that using absolute paths prevent a
+# configured tree to be moved without reconfiguration.
+
+AC_DEFUN([AM_AUX_DIR_EXPAND],
+[dnl Rely on autoconf to set up CDPATH properly.
+AC_PREREQ([2.50])dnl
+# expand $ac_aux_dir to an absolute path
+am_aux_dir=`cd $ac_aux_dir && pwd`
+])
+
+# AM_CONDITIONAL                                            -*- Autoconf -*-
+
+# Copyright (C) 1997-2013 Free Software Foundation, Inc.
+#
+# This file is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# AM_CONDITIONAL(NAME, SHELL-CONDITION)
+# -------------------------------------
+# Define a conditional.
+AC_DEFUN([AM_CONDITIONAL],
+[AC_PREREQ([2.52])dnl
+ m4_if([$1], [TRUE],  [AC_FATAL([$0: invalid condition: $1])],
+       [$1], [FALSE], [AC_FATAL([$0: invalid condition: $1])])dnl
+AC_SUBST([$1_TRUE])dnl
+AC_SUBST([$1_FALSE])dnl
+_AM_SUBST_NOTMAKE([$1_TRUE])dnl
+_AM_SUBST_NOTMAKE([$1_FALSE])dnl
+m4_define([_AM_COND_VALUE_$1], [$2])dnl
+if $2; then
+  $1_TRUE=
+  $1_FALSE='#'
+else
+  $1_TRUE='#'
+  $1_FALSE=
+fi
+AC_CONFIG_COMMANDS_PRE(
+[if test -z "${$1_TRUE}" && test -z "${$1_FALSE}"; then
+  AC_MSG_ERROR([[conditional "$1" was never defined.
+Usually this means the macro was only invoked conditionally.]])
+fi])])
+
+# Copyright (C) 1999-2013 Free Software Foundation, Inc.
+#
+# This file is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+
+# There are a few dirty hacks below to avoid letting 'AC_PROG_CC' be
+# written in clear, in which case automake, when reading aclocal.m4,
+# will think it sees a *use*, and therefore will trigger all it's
+# C support machinery.  Also note that it means that autoscan, seeing
+# CC etc. in the Makefile, will ask for an AC_PROG_CC use...
+
+
+# _AM_DEPENDENCIES(NAME)
+# ----------------------
+# See how the compiler implements dependency checking.
+# NAME is "CC", "CXX", "OBJC", "OBJCXX", "UPC", or "GJC".
+# We try a few techniques and use that to set a single cache variable.
+#
+# We don't AC_REQUIRE the corresponding AC_PROG_CC since the latter was
+# modified to invoke _AM_DEPENDENCIES(CC); we would have a circular
+# dependency, and given that the user is not expected to run this macro,
+# just rely on AC_PROG_CC.
+AC_DEFUN([_AM_DEPENDENCIES],
+[AC_REQUIRE([AM_SET_DEPDIR])dnl
+AC_REQUIRE([AM_OUTPUT_DEPENDENCY_COMMANDS])dnl
+AC_REQUIRE([AM_MAKE_INCLUDE])dnl
+AC_REQUIRE([AM_DEP_TRACK])dnl
+
+m4_if([$1], [CC],   [depcc="$CC"   am_compiler_list=],
+      [$1], [CXX],  [depcc="$CXX"  am_compiler_list=],
+      [$1], [OBJC], [depcc="$OBJC" am_compiler_list='gcc3 gcc'],
+      [$1], [OBJCXX], [depcc="$OBJCXX" am_compiler_list='gcc3 gcc'],
+      [$1], [UPC],  [depcc="$UPC"  am_compiler_list=],
+      [$1], [GCJ],  [depcc="$GCJ"  am_compiler_list='gcc3 gcc'],
+                    [depcc="$$1"   am_compiler_list=])
+
+AC_CACHE_CHECK([dependency style of $depcc],
+               [am_cv_$1_dependencies_compiler_type],
+[if test -z "$AMDEP_TRUE" && test -f "$am_depcomp"; then
+  # We make a subdir and do the tests there.  Otherwise we can end up
+  # making bogus files that we don't know about and never remove.  For
+  # instance it was reported that on HP-UX the gcc test will end up
+  # making a dummy file named 'D' -- because '-MD' means "put the output
+  # in D".
+  rm -rf conftest.dir
+  mkdir conftest.dir
+  # Copy depcomp to subdir because otherwise we won't find it if we're
+  # using a relative directory.
+  cp "$am_depcomp" conftest.dir
+  cd conftest.dir
+  # We will build objects and dependencies in a subdirectory because
+  # it helps to detect inapplicable dependency modes.  For instance
+  # both Tru64's cc and ICC support -MD to output dependencies as a
+  # side effect of compilation, but ICC will put the dependencies in
+  # the current directory while Tru64 will put them in the object
+  # directory.
+  mkdir sub
+
+  am_cv_$1_dependencies_compiler_type=none
+  if test "$am_compiler_list" = ""; then
+     am_compiler_list=`sed -n ['s/^#*\([a-zA-Z0-9]*\))$/\1/p'] < ./depcomp`
+  fi
+  am__universal=false
+  m4_case([$1], [CC],
+    [case " $depcc " in #(
+     *\ -arch\ *\ -arch\ *) am__universal=true ;;
+     esac],
+    [CXX],
+    [case " $depcc " in #(
+     *\ -arch\ *\ -arch\ *) am__universal=true ;;
+     esac])
+
+  for depmode in $am_compiler_list; do
+    # Setup a source with many dependencies, because some compilers
+    # like to wrap large dependency lists on column 80 (with \), and
+    # we should not choose a depcomp mode which is confused by this.
+    #
+    # We need to recreate these files for each test, as the compiler may
+    # overwrite some of them when testing with obscure command lines.
+    # This happens at least with the AIX C compiler.
+    : > sub/conftest.c
+    for i in 1 2 3 4 5 6; do
+      echo '#include "conftst'$i'.h"' >> sub/conftest.c
+      # Using ": > sub/conftst$i.h" creates only sub/conftst1.h with
+      # Solaris 10 /bin/sh.
+      echo '/* dummy */' > sub/conftst$i.h
+    done
+    echo "${am__include} ${am__quote}sub/conftest.Po${am__quote}" > confmf
+
+    # We check with '-c' and '-o' for the sake of the "dashmstdout"
+    # mode.  It turns out that the SunPro C++ compiler does not properly
+    # handle '-M -o', and we need to detect this.  Also, some Intel
+    # versions had trouble with output in subdirs.
+    am__obj=sub/conftest.${OBJEXT-o}
+    am__minus_obj="-o $am__obj"
+    case $depmode in
+    gcc)
+      # This depmode causes a compiler race in universal mode.
+      test "$am__universal" = false || continue
+      ;;
+    nosideeffect)
+      # After this tag, mechanisms are not by side-effect, so they'll
+      # only be used when explicitly requested.
+      if test "x$enable_dependency_tracking" = xyes; then
+	continue
+      else
+	break
+      fi
+      ;;
+    msvc7 | msvc7msys | msvisualcpp | msvcmsys)
+      # This compiler won't grok '-c -o', but also, the minuso test has
+      # not run yet.  These depmodes are late enough in the game, and
+      # so weak that their functioning should not be impacted.
+      am__obj=conftest.${OBJEXT-o}
+      am__minus_obj=
+      ;;
+    none) break ;;
+    esac
+    if depmode=$depmode \
+       source=sub/conftest.c object=$am__obj \
+       depfile=sub/conftest.Po tmpdepfile=sub/conftest.TPo \
+       $SHELL ./depcomp $depcc -c $am__minus_obj sub/conftest.c \
+         >/dev/null 2>conftest.err &&
+       grep sub/conftst1.h sub/conftest.Po > /dev/null 2>&1 &&
+       grep sub/conftst6.h sub/conftest.Po > /dev/null 2>&1 &&
+       grep $am__obj sub/conftest.Po > /dev/null 2>&1 &&
+       ${MAKE-make} -s -f confmf > /dev/null 2>&1; then
+      # icc doesn't choke on unknown options, it will just issue warnings
+      # or remarks (even with -Werror).  So we grep stderr for any message
+      # that says an option was ignored or not supported.
+      # When given -MP, icc 7.0 and 7.1 complain thusly:
+      #   icc: Command line warning: ignoring option '-M'; no argument required
+      # The diagnosis changed in icc 8.0:
+      #   icc: Command line remark: option '-MP' not supported
+      if (grep 'ignoring option' conftest.err ||
+          grep 'not supported' conftest.err) >/dev/null 2>&1; then :; else
+        am_cv_$1_dependencies_compiler_type=$depmode
+        break
+      fi
+    fi
+  done
+
+  cd ..
+  rm -rf conftest.dir
+else
+  am_cv_$1_dependencies_compiler_type=none
+fi
+])
+AC_SUBST([$1DEPMODE], [depmode=$am_cv_$1_dependencies_compiler_type])
+AM_CONDITIONAL([am__fastdep$1], [
+  test "x$enable_dependency_tracking" != xno \
+  && test "$am_cv_$1_dependencies_compiler_type" = gcc3])
+])
+
+
+# AM_SET_DEPDIR
+# -------------
+# Choose a directory name for dependency files.
+# This macro is AC_REQUIREd in _AM_DEPENDENCIES.
+AC_DEFUN([AM_SET_DEPDIR],
+[AC_REQUIRE([AM_SET_LEADING_DOT])dnl
+AC_SUBST([DEPDIR], ["${am__leading_dot}deps"])dnl
+])
+
+
+# AM_DEP_TRACK
+# ------------
+AC_DEFUN([AM_DEP_TRACK],
+[AC_ARG_ENABLE([dependency-tracking], [dnl
+AS_HELP_STRING(
+  [--enable-dependency-tracking],
+  [do not reject slow dependency extractors])
+AS_HELP_STRING(
+  [--disable-dependency-tracking],
+  [speeds up one-time build])])
+if test "x$enable_dependency_tracking" != xno; then
+  am_depcomp="$ac_aux_dir/depcomp"
+  AMDEPBACKSLASH='\'
+  am__nodep='_no'
+fi
+AM_CONDITIONAL([AMDEP], [test "x$enable_dependency_tracking" != xno])
+AC_SUBST([AMDEPBACKSLASH])dnl
+_AM_SUBST_NOTMAKE([AMDEPBACKSLASH])dnl
+AC_SUBST([am__nodep])dnl
+_AM_SUBST_NOTMAKE([am__nodep])dnl
+])
+
+# Generate code to set up dependency tracking.              -*- Autoconf -*-
+
+# Copyright (C) 1999-2013 Free Software Foundation, Inc.
+#
+# This file is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+
+# _AM_OUTPUT_DEPENDENCY_COMMANDS
+# ------------------------------
+AC_DEFUN([_AM_OUTPUT_DEPENDENCY_COMMANDS],
+[{
+  # Older Autoconf quotes --file arguments for eval, but not when files
+  # are listed without --file.  Let's play safe and only enable the eval
+  # if we detect the quoting.
+  case $CONFIG_FILES in
+  *\'*) eval set x "$CONFIG_FILES" ;;
+  *)   set x $CONFIG_FILES ;;
+  esac
+  shift
+  for mf
+  do
+    # Strip MF so we end up with the name of the file.
+    mf=`echo "$mf" | sed -e 's/:.*$//'`
+    # Check whether this is an Automake generated Makefile or not.
+    # We used to match only the files named 'Makefile.in', but
+    # some people rename them; so instead we look at the file content.
+    # Grep'ing the first line is not enough: some people post-process
+    # each Makefile.in and add a new line on top of each file to say so.
+    # Grep'ing the whole file is not good either: AIX grep has a line
+    # limit of 2048, but all sed's we know have understand at least 4000.
+    if sed -n 's,^#.*generated by automake.*,X,p' "$mf" | grep X >/dev/null 2>&1; then
+      dirpart=`AS_DIRNAME("$mf")`
+    else
+      continue
+    fi
+    # Extract the definition of DEPDIR, am__include, and am__quote
+    # from the Makefile without running 'make'.
+    DEPDIR=`sed -n 's/^DEPDIR = //p' < "$mf"`
+    test -z "$DEPDIR" && continue
+    am__include=`sed -n 's/^am__include = //p' < "$mf"`
+    test -z "$am__include" && continue
+    am__quote=`sed -n 's/^am__quote = //p' < "$mf"`
+    # Find all dependency output files, they are included files with
+    # $(DEPDIR) in their names.  We invoke sed twice because it is the
+    # simplest approach to changing $(DEPDIR) to its actual value in the
+    # expansion.
+    for file in `sed -n "
+      s/^$am__include $am__quote\(.*(DEPDIR).*\)$am__quote"'$/\1/p' <"$mf" | \
+	 sed -e 's/\$(DEPDIR)/'"$DEPDIR"'/g'`; do
+      # Make sure the directory exists.
+      test -f "$dirpart/$file" && continue
+      fdir=`AS_DIRNAME(["$file"])`
+      AS_MKDIR_P([$dirpart/$fdir])
+      # echo "creating $dirpart/$file"
+      echo '# dummy' > "$dirpart/$file"
+    done
+  done
+}
+])# _AM_OUTPUT_DEPENDENCY_COMMANDS
+
+
+# AM_OUTPUT_DEPENDENCY_COMMANDS
+# -----------------------------
+# This macro should only be invoked once -- use via AC_REQUIRE.
+#
+# This code is only required when automatic dependency tracking
+# is enabled.  FIXME.  This creates each '.P' file that we will
+# need in order to bootstrap the dependency handling code.
+AC_DEFUN([AM_OUTPUT_DEPENDENCY_COMMANDS],
+[AC_CONFIG_COMMANDS([depfiles],
+     [test x"$AMDEP_TRUE" != x"" || _AM_OUTPUT_DEPENDENCY_COMMANDS],
+     [AMDEP_TRUE="$AMDEP_TRUE" ac_aux_dir="$ac_aux_dir"])
+])
+
+# Do all the work for Automake.                             -*- Autoconf -*-
+
+# Copyright (C) 1996-2013 Free Software Foundation, Inc.
+#
+# This file is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This macro actually does too much.  Some checks are only needed if
+# your package does certain things.  But this isn't really a big deal.
+
+dnl Redefine AC_PROG_CC to automatically invoke _AM_PROG_CC_C_O.
+m4_define([AC_PROG_CC],
+m4_defn([AC_PROG_CC])
+[_AM_PROG_CC_C_O
+])
+
+# AM_INIT_AUTOMAKE(PACKAGE, VERSION, [NO-DEFINE])
+# AM_INIT_AUTOMAKE([OPTIONS])
+# -----------------------------------------------
+# The call with PACKAGE and VERSION arguments is the old style
+# call (pre autoconf-2.50), which is being phased out.  PACKAGE
+# and VERSION should now be passed to AC_INIT and removed from
+# the call to AM_INIT_AUTOMAKE.
+# We support both call styles for the transition.  After
+# the next Automake release, Autoconf can make the AC_INIT
+# arguments mandatory, and then we can depend on a new Autoconf
+# release and drop the old call support.
+AC_DEFUN([AM_INIT_AUTOMAKE],
+[AC_PREREQ([2.65])dnl
+dnl Autoconf wants to disallow AM_ names.  We explicitly allow
+dnl the ones we care about.
+m4_pattern_allow([^AM_[A-Z]+FLAGS$])dnl
+AC_REQUIRE([AM_SET_CURRENT_AUTOMAKE_VERSION])dnl
+AC_REQUIRE([AC_PROG_INSTALL])dnl
+if test "`cd $srcdir && pwd`" != "`pwd`"; then
+  # Use -I$(srcdir) only when $(srcdir) != ., so that make's output
+  # is not polluted with repeated "-I."
+  AC_SUBST([am__isrc], [' -I$(srcdir)'])_AM_SUBST_NOTMAKE([am__isrc])dnl
+  # test to see if srcdir already configured
+  if test -f $srcdir/config.status; then
+    AC_MSG_ERROR([source directory already configured; run "make distclean" there first])
+  fi
+fi
+
+# test whether we have cygpath
+if test -z "$CYGPATH_W"; then
+  if (cygpath --version) >/dev/null 2>/dev/null; then
+    CYGPATH_W='cygpath -w'
+  else
+    CYGPATH_W=echo
+  fi
+fi
+AC_SUBST([CYGPATH_W])
+
+# Define the identity of the package.
+dnl Distinguish between old-style and new-style calls.
+m4_ifval([$2],
+[AC_DIAGNOSE([obsolete],
+             [$0: two- and three-arguments forms are deprecated.])
+m4_ifval([$3], [_AM_SET_OPTION([no-define])])dnl
+ AC_SUBST([PACKAGE], [$1])dnl
+ AC_SUBST([VERSION], [$2])],
+[_AM_SET_OPTIONS([$1])dnl
+dnl Diagnose old-style AC_INIT with new-style AM_AUTOMAKE_INIT.
+m4_if(
+  m4_ifdef([AC_PACKAGE_NAME], [ok]):m4_ifdef([AC_PACKAGE_VERSION], [ok]),
+  [ok:ok],,
+  [m4_fatal([AC_INIT should be called with package and version arguments])])dnl
+ AC_SUBST([PACKAGE], ['AC_PACKAGE_TARNAME'])dnl
+ AC_SUBST([VERSION], ['AC_PACKAGE_VERSION'])])dnl
+
+_AM_IF_OPTION([no-define],,
+[AC_DEFINE_UNQUOTED([PACKAGE], ["$PACKAGE"], [Name of package])
+ AC_DEFINE_UNQUOTED([VERSION], ["$VERSION"], [Version number of package])])dnl
+
+# Some tools Automake needs.
+AC_REQUIRE([AM_SANITY_CHECK])dnl
+AC_REQUIRE([AC_ARG_PROGRAM])dnl
+AM_MISSING_PROG([ACLOCAL], [aclocal-${am__api_version}])
+AM_MISSING_PROG([AUTOCONF], [autoconf])
+AM_MISSING_PROG([AUTOMAKE], [automake-${am__api_version}])
+AM_MISSING_PROG([AUTOHEADER], [autoheader])
+AM_MISSING_PROG([MAKEINFO], [makeinfo])
+AC_REQUIRE([AM_PROG_INSTALL_SH])dnl
+AC_REQUIRE([AM_PROG_INSTALL_STRIP])dnl
+AC_REQUIRE([AC_PROG_MKDIR_P])dnl
+# For better backward compatibility.  To be removed once Automake 1.9.x
+# dies out for good.  For more background, see:
+# 
+# 
+AC_SUBST([mkdir_p], ['$(MKDIR_P)'])
+# We need awk for the "check" target.  The system "awk" is bad on
+# some platforms.
+AC_REQUIRE([AC_PROG_AWK])dnl
+AC_REQUIRE([AC_PROG_MAKE_SET])dnl
+AC_REQUIRE([AM_SET_LEADING_DOT])dnl
+_AM_IF_OPTION([tar-ustar], [_AM_PROG_TAR([ustar])],
+	      [_AM_IF_OPTION([tar-pax], [_AM_PROG_TAR([pax])],
+			     [_AM_PROG_TAR([v7])])])
+_AM_IF_OPTION([no-dependencies],,
+[AC_PROVIDE_IFELSE([AC_PROG_CC],
+		  [_AM_DEPENDENCIES([CC])],
+		  [m4_define([AC_PROG_CC],
+			     m4_defn([AC_PROG_CC])[_AM_DEPENDENCIES([CC])])])dnl
+AC_PROVIDE_IFELSE([AC_PROG_CXX],
+		  [_AM_DEPENDENCIES([CXX])],
+		  [m4_define([AC_PROG_CXX],
+			     m4_defn([AC_PROG_CXX])[_AM_DEPENDENCIES([CXX])])])dnl
+AC_PROVIDE_IFELSE([AC_PROG_OBJC],
+		  [_AM_DEPENDENCIES([OBJC])],
+		  [m4_define([AC_PROG_OBJC],
+			     m4_defn([AC_PROG_OBJC])[_AM_DEPENDENCIES([OBJC])])])dnl
+AC_PROVIDE_IFELSE([AC_PROG_OBJCXX],
+		  [_AM_DEPENDENCIES([OBJCXX])],
+		  [m4_define([AC_PROG_OBJCXX],
+			     m4_defn([AC_PROG_OBJCXX])[_AM_DEPENDENCIES([OBJCXX])])])dnl
+])
+AC_REQUIRE([AM_SILENT_RULES])dnl
+dnl The testsuite driver may need to know about EXEEXT, so add the
+dnl 'am__EXEEXT' conditional if _AM_COMPILER_EXEEXT was seen.  This
+dnl macro is hooked onto _AC_COMPILER_EXEEXT early, see below.
+AC_CONFIG_COMMANDS_PRE(dnl
+[m4_provide_if([_AM_COMPILER_EXEEXT],
+  [AM_CONDITIONAL([am__EXEEXT], [test -n "$EXEEXT"])])])dnl
+
+# POSIX will say in a future version that running "rm -f" with no argument
+# is OK; and we want to be able to make that assumption in our Makefile
+# recipes.  So use an aggressive probe to check that the usage we want is
+# actually supported "in the wild" to an acceptable degree.
+# See automake bug#10828.
+# To make any issue more visible, cause the running configure to be aborted
+# by default if the 'rm' program in use doesn't match our expectations; the
+# user can still override this though.
+if rm -f && rm -fr && rm -rf; then : OK; else
+  cat >&2 <<'END'
+Oops!
+
+Your 'rm' program seems unable to run without file operands specified
+on the command line, even when the '-f' option is present.  This is contrary
+to the behaviour of most rm programs out there, and not conforming with
+the upcoming POSIX standard: 
+
+Please tell bug-automake@gnu.org about your system, including the value
+of your $PATH and any error possibly output before this message.  This
+can help us improve future automake versions.
+
+END
+  if test x"$ACCEPT_INFERIOR_RM_PROGRAM" = x"yes"; then
+    echo 'Configuration will proceed anyway, since you have set the' >&2
+    echo 'ACCEPT_INFERIOR_RM_PROGRAM variable to "yes"' >&2
+    echo >&2
+  else
+    cat >&2 <<'END'
+Aborting the configuration process, to ensure you take notice of the issue.
+
+You can download and install GNU coreutils to get an 'rm' implementation
+that behaves properly: .
+
+If you want to complete the configuration process using your problematic
+'rm' anyway, export the environment variable ACCEPT_INFERIOR_RM_PROGRAM
+to "yes", and re-run configure.
+
+END
+    AC_MSG_ERROR([Your 'rm' program is bad, sorry.])
+  fi
+fi])
+
+dnl Hook into '_AC_COMPILER_EXEEXT' early to learn its expansion.  Do not
+dnl add the conditional right here, as _AC_COMPILER_EXEEXT may be further
+dnl mangled by Autoconf and run in a shell conditional statement.
+m4_define([_AC_COMPILER_EXEEXT],
+m4_defn([_AC_COMPILER_EXEEXT])[m4_provide([_AM_COMPILER_EXEEXT])])
+
+# When config.status generates a header, we must update the stamp-h file.
+# This file resides in the same directory as the config header
+# that is generated.  The stamp files are numbered to have different names.
+
+# Autoconf calls _AC_AM_CONFIG_HEADER_HOOK (when defined) in the
+# loop where config.status creates the headers, so we can generate
+# our stamp files there.
+AC_DEFUN([_AC_AM_CONFIG_HEADER_HOOK],
+[# Compute $1's index in $config_headers.
+_am_arg=$1
+_am_stamp_count=1
+for _am_header in $config_headers :; do
+  case $_am_header in
+    $_am_arg | $_am_arg:* )
+      break ;;
+    * )
+      _am_stamp_count=`expr $_am_stamp_count + 1` ;;
+  esac
+done
+echo "timestamp for $_am_arg" >`AS_DIRNAME(["$_am_arg"])`/stamp-h[]$_am_stamp_count])
+
+# Copyright (C) 2001-2013 Free Software Foundation, Inc.
+#
+# This file is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# AM_PROG_INSTALL_SH
+# ------------------
+# Define $install_sh.
+AC_DEFUN([AM_PROG_INSTALL_SH],
+[AC_REQUIRE([AM_AUX_DIR_EXPAND])dnl
+if test x"${install_sh}" != xset; then
+  case $am_aux_dir in
+  *\ * | *\	*)
+    install_sh="\${SHELL} '$am_aux_dir/install-sh'" ;;
+  *)
+    install_sh="\${SHELL} $am_aux_dir/install-sh"
+  esac
+fi
+AC_SUBST([install_sh])])
+
+# Copyright (C) 2003-2013 Free Software Foundation, Inc.
+#
+# This file is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# Check whether the underlying file-system supports filenames
+# with a leading dot.  For instance MS-DOS doesn't.
+AC_DEFUN([AM_SET_LEADING_DOT],
+[rm -rf .tst 2>/dev/null
+mkdir .tst 2>/dev/null
+if test -d .tst; then
+  am__leading_dot=.
+else
+  am__leading_dot=_
+fi
+rmdir .tst 2>/dev/null
+AC_SUBST([am__leading_dot])])
+
+# Check to see how 'make' treats includes.	            -*- Autoconf -*-
+
+# Copyright (C) 2001-2013 Free Software Foundation, Inc.
+#
+# This file is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# AM_MAKE_INCLUDE()
+# -----------------
+# Check to see how make treats includes.
+AC_DEFUN([AM_MAKE_INCLUDE],
+[am_make=${MAKE-make}
+cat > confinc << 'END'
+am__doit:
+	@echo this is the am__doit target
+.PHONY: am__doit
+END
+# If we don't find an include directive, just comment out the code.
+AC_MSG_CHECKING([for style of include used by $am_make])
+am__include="#"
+am__quote=
+_am_result=none
+# First try GNU make style include.
+echo "include confinc" > confmf
+# Ignore all kinds of additional output from 'make'.
+case `$am_make -s -f confmf 2> /dev/null` in #(
+*the\ am__doit\ target*)
+  am__include=include
+  am__quote=
+  _am_result=GNU
+  ;;
+esac
+# Now try BSD make style include.
+if test "$am__include" = "#"; then
+   echo '.include "confinc"' > confmf
+   case `$am_make -s -f confmf 2> /dev/null` in #(
+   *the\ am__doit\ target*)
+     am__include=.include
+     am__quote="\""
+     _am_result=BSD
+     ;;
+   esac
+fi
+AC_SUBST([am__include])
+AC_SUBST([am__quote])
+AC_MSG_RESULT([$_am_result])
+rm -f confinc confmf
+])
+
+# Fake the existence of programs that GNU maintainers use.  -*- Autoconf -*-
+
+# Copyright (C) 1997-2013 Free Software Foundation, Inc.
+#
+# This file is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# AM_MISSING_PROG(NAME, PROGRAM)
+# ------------------------------
+AC_DEFUN([AM_MISSING_PROG],
+[AC_REQUIRE([AM_MISSING_HAS_RUN])
+$1=${$1-"${am_missing_run}$2"}
+AC_SUBST($1)])
+
+# AM_MISSING_HAS_RUN
+# ------------------
+# Define MISSING if not defined so far and test if it is modern enough.
+# If it is, set am_missing_run to use it, otherwise, to nothing.
+AC_DEFUN([AM_MISSING_HAS_RUN],
+[AC_REQUIRE([AM_AUX_DIR_EXPAND])dnl
+AC_REQUIRE_AUX_FILE([missing])dnl
+if test x"${MISSING+set}" != xset; then
+  case $am_aux_dir in
+  *\ * | *\	*)
+    MISSING="\${SHELL} \"$am_aux_dir/missing\"" ;;
+  *)
+    MISSING="\${SHELL} $am_aux_dir/missing" ;;
+  esac
+fi
+# Use eval to expand $SHELL
+if eval "$MISSING --is-lightweight"; then
+  am_missing_run="$MISSING "
+else
+  am_missing_run=
+  AC_MSG_WARN(['missing' script is too old or missing])
+fi
+])
+
+# Helper functions for option handling.                     -*- Autoconf -*-
+
+# Copyright (C) 2001-2013 Free Software Foundation, Inc.
+#
+# This file is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# _AM_MANGLE_OPTION(NAME)
+# -----------------------
+AC_DEFUN([_AM_MANGLE_OPTION],
+[[_AM_OPTION_]m4_bpatsubst($1, [[^a-zA-Z0-9_]], [_])])
+
+# _AM_SET_OPTION(NAME)
+# --------------------
+# Set option NAME.  Presently that only means defining a flag for this option.
+AC_DEFUN([_AM_SET_OPTION],
+[m4_define(_AM_MANGLE_OPTION([$1]), [1])])
+
+# _AM_SET_OPTIONS(OPTIONS)
+# ------------------------
+# OPTIONS is a space-separated list of Automake options.
+AC_DEFUN([_AM_SET_OPTIONS],
+[m4_foreach_w([_AM_Option], [$1], [_AM_SET_OPTION(_AM_Option)])])
+
+# _AM_IF_OPTION(OPTION, IF-SET, [IF-NOT-SET])
+# -------------------------------------------
+# Execute IF-SET if OPTION is set, IF-NOT-SET otherwise.
+AC_DEFUN([_AM_IF_OPTION],
+[m4_ifset(_AM_MANGLE_OPTION([$1]), [$2], [$3])])
+
+# Copyright (C) 1999-2013 Free Software Foundation, Inc.
+#
+# This file is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# _AM_PROG_CC_C_O
+# ---------------
+# Like AC_PROG_CC_C_O, but changed for automake.  We rewrite AC_PROG_CC
+# to automatically call this.
+AC_DEFUN([_AM_PROG_CC_C_O],
+[AC_REQUIRE([AM_AUX_DIR_EXPAND])dnl
+AC_REQUIRE_AUX_FILE([compile])dnl
+AC_LANG_PUSH([C])dnl
+AC_CACHE_CHECK(
+  [whether $CC understands -c and -o together],
+  [am_cv_prog_cc_c_o],
+  [AC_LANG_CONFTEST([AC_LANG_PROGRAM([])])
+  # Make sure it works both with $CC and with simple cc.
+  # Following AC_PROG_CC_C_O, we do the test twice because some
+  # compilers refuse to overwrite an existing .o file with -o,
+  # though they will create one.
+  am_cv_prog_cc_c_o=yes
+  for am_i in 1 2; do
+    if AM_RUN_LOG([$CC -c conftest.$ac_ext -o conftest2.$ac_objext]) \
+         && test -f conftest2.$ac_objext; then
+      : OK
+    else
+      am_cv_prog_cc_c_o=no
+      break
+    fi
+  done
+  rm -f core conftest*
+  unset am_i])
+if test "$am_cv_prog_cc_c_o" != yes; then
+   # Losing compiler, so override with the script.
+   # FIXME: It is wrong to rewrite CC.
+   # But if we don't then we get into trouble of one sort or another.
+   # A longer-term fix would be to have automake use am__CC in this case,
+   # and then we could set am__CC="\$(top_srcdir)/compile \$(CC)"
+   CC="$am_aux_dir/compile $CC"
+fi
+AC_LANG_POP([C])])
+
+# For backward compatibility.
+AC_DEFUN_ONCE([AM_PROG_CC_C_O], [AC_REQUIRE([AC_PROG_CC])])
+
+# Copyright (C) 2001-2013 Free Software Foundation, Inc.
+#
+# This file is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# AM_RUN_LOG(COMMAND)
+# -------------------
+# Run COMMAND, save the exit status in ac_status, and log it.
+# (This has been adapted from Autoconf's _AC_RUN_LOG macro.)
+AC_DEFUN([AM_RUN_LOG],
+[{ echo "$as_me:$LINENO: $1" >&AS_MESSAGE_LOG_FD
+   ($1) >&AS_MESSAGE_LOG_FD 2>&AS_MESSAGE_LOG_FD
+   ac_status=$?
+   echo "$as_me:$LINENO: \$? = $ac_status" >&AS_MESSAGE_LOG_FD
+   (exit $ac_status); }])
+
+# Check to make sure that the build environment is sane.    -*- Autoconf -*-
+
+# Copyright (C) 1996-2013 Free Software Foundation, Inc.
+#
+# This file is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# AM_SANITY_CHECK
+# ---------------
+AC_DEFUN([AM_SANITY_CHECK],
+[AC_MSG_CHECKING([whether build environment is sane])
+# Reject unsafe characters in $srcdir or the absolute working directory
+# name.  Accept space and tab only in the latter.
+am_lf='
+'
+case `pwd` in
+  *[[\\\"\#\$\&\'\`$am_lf]]*)
+    AC_MSG_ERROR([unsafe absolute working directory name]);;
+esac
+case $srcdir in
+  *[[\\\"\#\$\&\'\`$am_lf\ \	]]*)
+    AC_MSG_ERROR([unsafe srcdir value: '$srcdir']);;
+esac
+
+# Do 'set' in a subshell so we don't clobber the current shell's
+# arguments.  Must try -L first in case configure is actually a
+# symlink; some systems play weird games with the mod time of symlinks
+# (eg FreeBSD returns the mod time of the symlink's containing
+# directory).
+if (
+   am_has_slept=no
+   for am_try in 1 2; do
+     echo "timestamp, slept: $am_has_slept" > conftest.file
+     set X `ls -Lt "$srcdir/configure" conftest.file 2> /dev/null`
+     if test "$[*]" = "X"; then
+	# -L didn't work.
+	set X `ls -t "$srcdir/configure" conftest.file`
+     fi
+     if test "$[*]" != "X $srcdir/configure conftest.file" \
+	&& test "$[*]" != "X conftest.file $srcdir/configure"; then
+
+	# If neither matched, then we have a broken ls.  This can happen
+	# if, for instance, CONFIG_SHELL is bash and it inherits a
+	# broken ls alias from the environment.  This has actually
+	# happened.  Such a system could not be considered "sane".
+	AC_MSG_ERROR([ls -t appears to fail.  Make sure there is not a broken
+  alias in your environment])
+     fi
+     if test "$[2]" = conftest.file || test $am_try -eq 2; then
+       break
+     fi
+     # Just in case.
+     sleep 1
+     am_has_slept=yes
+   done
+   test "$[2]" = conftest.file
+   )
+then
+   # Ok.
+   :
+else
+   AC_MSG_ERROR([newly created file is older than distributed files!
+Check your system clock])
+fi
+AC_MSG_RESULT([yes])
+# If we didn't sleep, we still need to ensure time stamps of config.status and
+# generated files are strictly newer.
+am_sleep_pid=
+if grep 'slept: no' conftest.file >/dev/null 2>&1; then
+  ( sleep 1 ) &
+  am_sleep_pid=$!
+fi
+AC_CONFIG_COMMANDS_PRE(
+  [AC_MSG_CHECKING([that generated files are newer than configure])
+   if test -n "$am_sleep_pid"; then
+     # Hide warnings about reused PIDs.
+     wait $am_sleep_pid 2>/dev/null
+   fi
+   AC_MSG_RESULT([done])])
+rm -f conftest.file
+])
+
+# Copyright (C) 2009-2013 Free Software Foundation, Inc.
+#
+# This file is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# AM_SILENT_RULES([DEFAULT])
+# --------------------------
+# Enable less verbose build rules; with the default set to DEFAULT
+# ("yes" being less verbose, "no" or empty being verbose).
+AC_DEFUN([AM_SILENT_RULES],
+[AC_ARG_ENABLE([silent-rules], [dnl
+AS_HELP_STRING(
+  [--enable-silent-rules],
+  [less verbose build output (undo: "make V=1")])
+AS_HELP_STRING(
+  [--disable-silent-rules],
+  [verbose build output (undo: "make V=0")])dnl
+])
+case $enable_silent_rules in @%:@ (((
+  yes) AM_DEFAULT_VERBOSITY=0;;
+   no) AM_DEFAULT_VERBOSITY=1;;
+    *) AM_DEFAULT_VERBOSITY=m4_if([$1], [yes], [0], [1]);;
+esac
+dnl
+dnl A few 'make' implementations (e.g., NonStop OS and NextStep)
+dnl do not support nested variable expansions.
+dnl See automake bug#9928 and bug#10237.
+am_make=${MAKE-make}
+AC_CACHE_CHECK([whether $am_make supports nested variables],
+   [am_cv_make_support_nested_variables],
+   [if AS_ECHO([['TRUE=$(BAR$(V))
+BAR0=false
+BAR1=true
+V=1
+am__doit:
+	@$(TRUE)
+.PHONY: am__doit']]) | $am_make -f - >/dev/null 2>&1; then
+  am_cv_make_support_nested_variables=yes
+else
+  am_cv_make_support_nested_variables=no
+fi])
+if test $am_cv_make_support_nested_variables = yes; then
+  dnl Using '$V' instead of '$(V)' breaks IRIX make.
+  AM_V='$(V)'
+  AM_DEFAULT_V='$(AM_DEFAULT_VERBOSITY)'
+else
+  AM_V=$AM_DEFAULT_VERBOSITY
+  AM_DEFAULT_V=$AM_DEFAULT_VERBOSITY
+fi
+AC_SUBST([AM_V])dnl
+AM_SUBST_NOTMAKE([AM_V])dnl
+AC_SUBST([AM_DEFAULT_V])dnl
+AM_SUBST_NOTMAKE([AM_DEFAULT_V])dnl
+AC_SUBST([AM_DEFAULT_VERBOSITY])dnl
+AM_BACKSLASH='\'
+AC_SUBST([AM_BACKSLASH])dnl
+_AM_SUBST_NOTMAKE([AM_BACKSLASH])dnl
+])
+
+# Copyright (C) 2001-2013 Free Software Foundation, Inc.
+#
+# This file is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# AM_PROG_INSTALL_STRIP
+# ---------------------
+# One issue with vendor 'install' (even GNU) is that you can't
+# specify the program used to strip binaries.  This is especially
+# annoying in cross-compiling environments, where the build's strip
+# is unlikely to handle the host's binaries.
+# Fortunately install-sh will honor a STRIPPROG variable, so we
+# always use install-sh in "make install-strip", and initialize
+# STRIPPROG with the value of the STRIP variable (set by the user).
+AC_DEFUN([AM_PROG_INSTALL_STRIP],
+[AC_REQUIRE([AM_PROG_INSTALL_SH])dnl
+# Installed binaries are usually stripped using 'strip' when the user
+# run "make install-strip".  However 'strip' might not be the right
+# tool to use in cross-compilation environments, therefore Automake
+# will honor the 'STRIP' environment variable to overrule this program.
+dnl Don't test for $cross_compiling = yes, because it might be 'maybe'.
+if test "$cross_compiling" != no; then
+  AC_CHECK_TOOL([STRIP], [strip], :)
+fi
+INSTALL_STRIP_PROGRAM="\$(install_sh) -c -s"
+AC_SUBST([INSTALL_STRIP_PROGRAM])])
+
+# Copyright (C) 2006-2013 Free Software Foundation, Inc.
+#
+# This file is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# _AM_SUBST_NOTMAKE(VARIABLE)
+# ---------------------------
+# Prevent Automake from outputting VARIABLE = @VARIABLE@ in Makefile.in.
+# This macro is traced by Automake.
+AC_DEFUN([_AM_SUBST_NOTMAKE])
+
+# AM_SUBST_NOTMAKE(VARIABLE)
+# --------------------------
+# Public sister of _AM_SUBST_NOTMAKE.
+AC_DEFUN([AM_SUBST_NOTMAKE], [_AM_SUBST_NOTMAKE($@)])
+
+# Check how to create a tarball.                            -*- Autoconf -*-
+
+# Copyright (C) 2004-2013 Free Software Foundation, Inc.
+#
+# This file is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# _AM_PROG_TAR(FORMAT)
+# --------------------
+# Check how to create a tarball in format FORMAT.
+# FORMAT should be one of 'v7', 'ustar', or 'pax'.
+#
+# Substitute a variable $(am__tar) that is a command
+# writing to stdout a FORMAT-tarball containing the directory
+# $tardir.
+#     tardir=directory && $(am__tar) > result.tar
+#
+# Substitute a variable $(am__untar) that extract such
+# a tarball read from stdin.
+#     $(am__untar) < result.tar
+#
+AC_DEFUN([_AM_PROG_TAR],
+[# Always define AMTAR for backward compatibility.  Yes, it's still used
+# in the wild :-(  We should find a proper way to deprecate it ...
+AC_SUBST([AMTAR], ['$${TAR-tar}'])
+
+# We'll loop over all known methods to create a tar archive until one works.
+_am_tools='gnutar m4_if([$1], [ustar], [plaintar]) pax cpio none'
+
+m4_if([$1], [v7],
+  [am__tar='$${TAR-tar} chof - "$$tardir"' am__untar='$${TAR-tar} xf -'],
+
+  [m4_case([$1],
+    [ustar],
+     [# The POSIX 1988 'ustar' format is defined with fixed-size fields.
+      # There is notably a 21 bits limit for the UID and the GID.  In fact,
+      # the 'pax' utility can hang on bigger UID/GID (see automake bug#8343
+      # and bug#13588).
+      am_max_uid=2097151 # 2^21 - 1
+      am_max_gid=$am_max_uid
+      # The $UID and $GID variables are not portable, so we need to resort
+      # to the POSIX-mandated id(1) utility.  Errors in the 'id' calls
+      # below are definitely unexpected, so allow the users to see them
+      # (that is, avoid stderr redirection).
+      am_uid=`id -u || echo unknown`
+      am_gid=`id -g || echo unknown`
+      AC_MSG_CHECKING([whether UID '$am_uid' is supported by ustar format])
+      if test $am_uid -le $am_max_uid; then
+         AC_MSG_RESULT([yes])
+      else
+         AC_MSG_RESULT([no])
+         _am_tools=none
+      fi
+      AC_MSG_CHECKING([whether GID '$am_gid' is supported by ustar format])
+      if test $am_gid -le $am_max_gid; then
+         AC_MSG_RESULT([yes])
+      else
+        AC_MSG_RESULT([no])
+        _am_tools=none
+      fi],
+
+  [pax],
+    [],
+
+  [m4_fatal([Unknown tar format])])
+
+  AC_MSG_CHECKING([how to create a $1 tar archive])
+
+  # Go ahead even if we have the value already cached.  We do so because we
+  # need to set the values for the 'am__tar' and 'am__untar' variables.
+  _am_tools=${am_cv_prog_tar_$1-$_am_tools}
+
+  for _am_tool in $_am_tools; do
+    case $_am_tool in
+    gnutar)
+      for _am_tar in tar gnutar gtar; do
+        AM_RUN_LOG([$_am_tar --version]) && break
+      done
+      am__tar="$_am_tar --format=m4_if([$1], [pax], [posix], [$1]) -chf - "'"$$tardir"'
+      am__tar_="$_am_tar --format=m4_if([$1], [pax], [posix], [$1]) -chf - "'"$tardir"'
+      am__untar="$_am_tar -xf -"
+      ;;
+    plaintar)
+      # Must skip GNU tar: if it does not support --format= it doesn't create
+      # ustar tarball either.
+      (tar --version) >/dev/null 2>&1 && continue
+      am__tar='tar chf - "$$tardir"'
+      am__tar_='tar chf - "$tardir"'
+      am__untar='tar xf -'
+      ;;
+    pax)
+      am__tar='pax -L -x $1 -w "$$tardir"'
+      am__tar_='pax -L -x $1 -w "$tardir"'
+      am__untar='pax -r'
+      ;;
+    cpio)
+      am__tar='find "$$tardir" -print | cpio -o -H $1 -L'
+      am__tar_='find "$tardir" -print | cpio -o -H $1 -L'
+      am__untar='cpio -i -H $1 -d'
+      ;;
+    none)
+      am__tar=false
+      am__tar_=false
+      am__untar=false
+      ;;
+    esac
+
+    # If the value was cached, stop now.  We just wanted to have am__tar
+    # and am__untar set.
+    test -n "${am_cv_prog_tar_$1}" && break
+
+    # tar/untar a dummy directory, and stop if the command works.
+    rm -rf conftest.dir
+    mkdir conftest.dir
+    echo GrepMe > conftest.dir/file
+    AM_RUN_LOG([tardir=conftest.dir && eval $am__tar_ >conftest.tar])
+    rm -rf conftest.dir
+    if test -s conftest.tar; then
+      AM_RUN_LOG([$am__untar /dev/null 2>&1 && break
+    fi
+  done
+  rm -rf conftest.dir
+
+  AC_CACHE_VAL([am_cv_prog_tar_$1], [am_cv_prog_tar_$1=$_am_tool])
+  AC_MSG_RESULT([$am_cv_prog_tar_$1])])
+
+AC_SUBST([am__tar])
+AC_SUBST([am__untar])
+]) # _AM_PROG_TAR
+
+m4_include([m4/ax_add_am_macro.m4])
+m4_include([m4/ax_am_jobserver.m4])
+m4_include([m4/ax_am_macros.m4])
+m4_include([m4/ax_append_compile_flags.m4])
+m4_include([m4/ax_append_flag.m4])
+m4_include([m4/ax_append_to_file.m4])
+m4_include([m4/ax_check_compile_flag.m4])
+m4_include([m4/ax_check_link_flag.m4])
+m4_include([m4/ax_count_cpus.m4])
+m4_include([m4/ax_create_generic_config.m4])
+m4_include([m4/ax_debug.m4])
+m4_include([m4/ax_file_escapes.m4])
+m4_include([m4/ax_harden_compiler_flags.m4])
+m4_include([m4/ax_print_to_file.m4])
+m4_include([m4/ax_pthread.m4])
+m4_include([m4/ax_tls.m4])
+m4_include([m4/ax_vcs_checkout.m4])
+m4_include([m4/hexversion.m4])
+m4_include([m4/lib_socket_nsl.m4])
+m4_include([m4/libtool.m4])
+m4_include([m4/ltoptions.m4])
+m4_include([m4/ltsugar.m4])
+m4_include([m4/ltversion.m4])
+m4_include([m4/lt~obsolete.m4])
+m4_include([m4/visibility.m4])
+m4_include([m4/wolfssl_darwin_clang.m4])
diff --git a/3P/wolfssl/build-aux/compile b/3P/wolfssl/build-aux/compile
new file mode 100755
index 00000000..531136b0
--- /dev/null
+++ b/3P/wolfssl/build-aux/compile
@@ -0,0 +1,347 @@
+#! /bin/sh
+# Wrapper for compilers which do not understand '-c -o'.
+
+scriptversion=2012-10-14.11; # UTC
+
+# Copyright (C) 1999-2013 Free Software Foundation, Inc.
+# Written by Tom Tromey .
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2, or (at your option)
+# any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see .
+
+# As a special exception to the GNU General Public License, if you
+# distribute this file as part of a program that contains a
+# configuration script generated by Autoconf, you may include it under
+# the same distribution terms that you use for the rest of that program.
+
+# This file is maintained in Automake, please report
+# bugs to  or send patches to
+# .
+
+nl='
+'
+
+# We need space, tab and new line, in precisely that order.  Quoting is
+# there to prevent tools from complaining about whitespace usage.
+IFS=" ""	$nl"
+
+file_conv=
+
+# func_file_conv build_file lazy
+# Convert a $build file to $host form and store it in $file
+# Currently only supports Windows hosts. If the determined conversion
+# type is listed in (the comma separated) LAZY, no conversion will
+# take place.
+func_file_conv ()
+{
+  file=$1
+  case $file in
+    / | /[!/]*) # absolute file, and not a UNC file
+      if test -z "$file_conv"; then
+	# lazily determine how to convert abs files
+	case `uname -s` in
+	  MINGW*)
+	    file_conv=mingw
+	    ;;
+	  CYGWIN*)
+	    file_conv=cygwin
+	    ;;
+	  *)
+	    file_conv=wine
+	    ;;
+	esac
+      fi
+      case $file_conv/,$2, in
+	*,$file_conv,*)
+	  ;;
+	mingw/*)
+	  file=`cmd //C echo "$file " | sed -e 's/"\(.*\) " *$/\1/'`
+	  ;;
+	cygwin/*)
+	  file=`cygpath -m "$file" || echo "$file"`
+	  ;;
+	wine/*)
+	  file=`winepath -w "$file" || echo "$file"`
+	  ;;
+      esac
+      ;;
+  esac
+}
+
+# func_cl_dashL linkdir
+# Make cl look for libraries in LINKDIR
+func_cl_dashL ()
+{
+  func_file_conv "$1"
+  if test -z "$lib_path"; then
+    lib_path=$file
+  else
+    lib_path="$lib_path;$file"
+  fi
+  linker_opts="$linker_opts -LIBPATH:$file"
+}
+
+# func_cl_dashl library
+# Do a library search-path lookup for cl
+func_cl_dashl ()
+{
+  lib=$1
+  found=no
+  save_IFS=$IFS
+  IFS=';'
+  for dir in $lib_path $LIB
+  do
+    IFS=$save_IFS
+    if $shared && test -f "$dir/$lib.dll.lib"; then
+      found=yes
+      lib=$dir/$lib.dll.lib
+      break
+    fi
+    if test -f "$dir/$lib.lib"; then
+      found=yes
+      lib=$dir/$lib.lib
+      break
+    fi
+    if test -f "$dir/lib$lib.a"; then
+      found=yes
+      lib=$dir/lib$lib.a
+      break
+    fi
+  done
+  IFS=$save_IFS
+
+  if test "$found" != yes; then
+    lib=$lib.lib
+  fi
+}
+
+# func_cl_wrapper cl arg...
+# Adjust compile command to suit cl
+func_cl_wrapper ()
+{
+  # Assume a capable shell
+  lib_path=
+  shared=:
+  linker_opts=
+  for arg
+  do
+    if test -n "$eat"; then
+      eat=
+    else
+      case $1 in
+	-o)
+	  # configure might choose to run compile as 'compile cc -o foo foo.c'.
+	  eat=1
+	  case $2 in
+	    *.o | *.[oO][bB][jJ])
+	      func_file_conv "$2"
+	      set x "$@" -Fo"$file"
+	      shift
+	      ;;
+	    *)
+	      func_file_conv "$2"
+	      set x "$@" -Fe"$file"
+	      shift
+	      ;;
+	  esac
+	  ;;
+	-I)
+	  eat=1
+	  func_file_conv "$2" mingw
+	  set x "$@" -I"$file"
+	  shift
+	  ;;
+	-I*)
+	  func_file_conv "${1#-I}" mingw
+	  set x "$@" -I"$file"
+	  shift
+	  ;;
+	-l)
+	  eat=1
+	  func_cl_dashl "$2"
+	  set x "$@" "$lib"
+	  shift
+	  ;;
+	-l*)
+	  func_cl_dashl "${1#-l}"
+	  set x "$@" "$lib"
+	  shift
+	  ;;
+	-L)
+	  eat=1
+	  func_cl_dashL "$2"
+	  ;;
+	-L*)
+	  func_cl_dashL "${1#-L}"
+	  ;;
+	-static)
+	  shared=false
+	  ;;
+	-Wl,*)
+	  arg=${1#-Wl,}
+	  save_ifs="$IFS"; IFS=','
+	  for flag in $arg; do
+	    IFS="$save_ifs"
+	    linker_opts="$linker_opts $flag"
+	  done
+	  IFS="$save_ifs"
+	  ;;
+	-Xlinker)
+	  eat=1
+	  linker_opts="$linker_opts $2"
+	  ;;
+	-*)
+	  set x "$@" "$1"
+	  shift
+	  ;;
+	*.cc | *.CC | *.cxx | *.CXX | *.[cC]++)
+	  func_file_conv "$1"
+	  set x "$@" -Tp"$file"
+	  shift
+	  ;;
+	*.c | *.cpp | *.CPP | *.lib | *.LIB | *.Lib | *.OBJ | *.obj | *.[oO])
+	  func_file_conv "$1" mingw
+	  set x "$@" "$file"
+	  shift
+	  ;;
+	*)
+	  set x "$@" "$1"
+	  shift
+	  ;;
+      esac
+    fi
+    shift
+  done
+  if test -n "$linker_opts"; then
+    linker_opts="-link$linker_opts"
+  fi
+  exec "$@" $linker_opts
+  exit 1
+}
+
+eat=
+
+case $1 in
+  '')
+     echo "$0: No command.  Try '$0 --help' for more information." 1>&2
+     exit 1;
+     ;;
+  -h | --h*)
+    cat <<\EOF
+Usage: compile [--help] [--version] PROGRAM [ARGS]
+
+Wrapper for compilers which do not understand '-c -o'.
+Remove '-o dest.o' from ARGS, run PROGRAM with the remaining
+arguments, and rename the output as expected.
+
+If you are trying to build a whole package this is not the
+right script to run: please start by reading the file 'INSTALL'.
+
+Report bugs to .
+EOF
+    exit $?
+    ;;
+  -v | --v*)
+    echo "compile $scriptversion"
+    exit $?
+    ;;
+  cl | *[/\\]cl | cl.exe | *[/\\]cl.exe )
+    func_cl_wrapper "$@"      # Doesn't return...
+    ;;
+esac
+
+ofile=
+cfile=
+
+for arg
+do
+  if test -n "$eat"; then
+    eat=
+  else
+    case $1 in
+      -o)
+	# configure might choose to run compile as 'compile cc -o foo foo.c'.
+	# So we strip '-o arg' only if arg is an object.
+	eat=1
+	case $2 in
+	  *.o | *.obj)
+	    ofile=$2
+	    ;;
+	  *)
+	    set x "$@" -o "$2"
+	    shift
+	    ;;
+	esac
+	;;
+      *.c)
+	cfile=$1
+	set x "$@" "$1"
+	shift
+	;;
+      *)
+	set x "$@" "$1"
+	shift
+	;;
+    esac
+  fi
+  shift
+done
+
+if test -z "$ofile" || test -z "$cfile"; then
+  # If no '-o' option was seen then we might have been invoked from a
+  # pattern rule where we don't need one.  That is ok -- this is a
+  # normal compilation that the losing compiler can handle.  If no
+  # '.c' file was seen then we are probably linking.  That is also
+  # ok.
+  exec "$@"
+fi
+
+# Name of file we expect compiler to create.
+cofile=`echo "$cfile" | sed 's|^.*[\\/]||; s|^[a-zA-Z]:||; s/\.c$/.o/'`
+
+# Create the lock directory.
+# Note: use '[/\\:.-]' here to ensure that we don't use the same name
+# that we are using for the .o file.  Also, base the name on the expected
+# object file name, since that is what matters with a parallel build.
+lockdir=`echo "$cofile" | sed -e 's|[/\\:.-]|_|g'`.d
+while true; do
+  if mkdir "$lockdir" >/dev/null 2>&1; then
+    break
+  fi
+  sleep 1
+done
+# FIXME: race condition here if user kills between mkdir and trap.
+trap "rmdir '$lockdir'; exit 1" 1 2 15
+
+# Run the compile.
+"$@"
+ret=$?
+
+if test -f "$cofile"; then
+  test "$cofile" = "$ofile" || mv "$cofile" "$ofile"
+elif test -f "${cofile}bj"; then
+  test "${cofile}bj" = "$ofile" || mv "${cofile}bj" "$ofile"
+fi
+
+rmdir "$lockdir"
+exit $ret
+
+# Local Variables:
+# mode: shell-script
+# sh-indentation: 2
+# eval: (add-hook 'write-file-hooks 'time-stamp)
+# time-stamp-start: "scriptversion="
+# time-stamp-format: "%:y-%02m-%02d.%02H"
+# time-stamp-time-zone: "UTC"
+# time-stamp-end: "; # UTC"
+# End:
diff --git a/3P/wolfssl/build-aux/config.guess b/3P/wolfssl/build-aux/config.guess
new file mode 100755
index 00000000..9afd6762
--- /dev/null
+++ b/3P/wolfssl/build-aux/config.guess
@@ -0,0 +1,1568 @@
+#! /bin/sh
+# Attempt to guess a canonical system name.
+#   Copyright 1992-2013 Free Software Foundation, Inc.
+
+timestamp='2013-11-29'
+
+# This file is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, see .
+#
+# As a special exception to the GNU General Public License, if you
+# distribute this file as part of a program that contains a
+# configuration script generated by Autoconf, you may include it under
+# the same distribution terms that you use for the rest of that
+# program.  This Exception is an additional permission under section 7
+# of the GNU General Public License, version 3 ("GPLv3").
+#
+# Originally written by Per Bothner.
+#
+# You can get the latest version of this script from:
+# http://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.guess;hb=HEAD
+#
+# Please send patches with a ChangeLog entry to config-patches@gnu.org.
+
+
+me=`echo "$0" | sed -e 's,.*/,,'`
+
+usage="\
+Usage: $0 [OPTION]
+
+Output the configuration name of the system \`$me' is run on.
+
+Operation modes:
+  -h, --help         print this help, then exit
+  -t, --time-stamp   print date of last modification, then exit
+  -v, --version      print version number, then exit
+
+Report bugs and patches to ."
+
+version="\
+GNU config.guess ($timestamp)
+
+Originally written by Per Bothner.
+Copyright 1992-2013 Free Software Foundation, Inc.
+
+This is free software; see the source for copying conditions.  There is NO
+warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE."
+
+help="
+Try \`$me --help' for more information."
+
+# Parse command line
+while test $# -gt 0 ; do
+  case $1 in
+    --time-stamp | --time* | -t )
+       echo "$timestamp" ; exit ;;
+    --version | -v )
+       echo "$version" ; exit ;;
+    --help | --h* | -h )
+       echo "$usage"; exit ;;
+    -- )     # Stop option processing
+       shift; break ;;
+    - )	# Use stdin as input.
+       break ;;
+    -* )
+       echo "$me: invalid option $1$help" >&2
+       exit 1 ;;
+    * )
+       break ;;
+  esac
+done
+
+if test $# != 0; then
+  echo "$me: too many arguments$help" >&2
+  exit 1
+fi
+
+trap 'exit 1' 1 2 15
+
+# CC_FOR_BUILD -- compiler used by this script. Note that the use of a
+# compiler to aid in system detection is discouraged as it requires
+# temporary files to be created and, as you can see below, it is a
+# headache to deal with in a portable fashion.
+
+# Historically, `CC_FOR_BUILD' used to be named `HOST_CC'. We still
+# use `HOST_CC' if defined, but it is deprecated.
+
+# Portable tmp directory creation inspired by the Autoconf team.
+
+set_cc_for_build='
+trap "exitcode=\$?; (rm -f \$tmpfiles 2>/dev/null; rmdir \$tmp 2>/dev/null) && exit \$exitcode" 0 ;
+trap "rm -f \$tmpfiles 2>/dev/null; rmdir \$tmp 2>/dev/null; exit 1" 1 2 13 15 ;
+: ${TMPDIR=/tmp} ;
+ { tmp=`(umask 077 && mktemp -d "$TMPDIR/cgXXXXXX") 2>/dev/null` && test -n "$tmp" && test -d "$tmp" ; } ||
+ { test -n "$RANDOM" && tmp=$TMPDIR/cg$$-$RANDOM && (umask 077 && mkdir $tmp) ; } ||
+ { tmp=$TMPDIR/cg-$$ && (umask 077 && mkdir $tmp) && echo "Warning: creating insecure temp directory" >&2 ; } ||
+ { echo "$me: cannot create a temporary directory in $TMPDIR" >&2 ; exit 1 ; } ;
+dummy=$tmp/dummy ;
+tmpfiles="$dummy.c $dummy.o $dummy.rel $dummy" ;
+case $CC_FOR_BUILD,$HOST_CC,$CC in
+ ,,)    echo "int x;" > $dummy.c ;
+	for c in cc gcc c89 c99 ; do
+	  if ($c -c -o $dummy.o $dummy.c) >/dev/null 2>&1 ; then
+	     CC_FOR_BUILD="$c"; break ;
+	  fi ;
+	done ;
+	if test x"$CC_FOR_BUILD" = x ; then
+	  CC_FOR_BUILD=no_compiler_found ;
+	fi
+	;;
+ ,,*)   CC_FOR_BUILD=$CC ;;
+ ,*,*)  CC_FOR_BUILD=$HOST_CC ;;
+esac ; set_cc_for_build= ;'
+
+# This is needed to find uname on a Pyramid OSx when run in the BSD universe.
+# (ghazi@noc.rutgers.edu 1994-08-24)
+if (test -f /.attbin/uname) >/dev/null 2>&1 ; then
+	PATH=$PATH:/.attbin ; export PATH
+fi
+
+UNAME_MACHINE=`(uname -m) 2>/dev/null` || UNAME_MACHINE=unknown
+UNAME_RELEASE=`(uname -r) 2>/dev/null` || UNAME_RELEASE=unknown
+UNAME_SYSTEM=`(uname -s) 2>/dev/null`  || UNAME_SYSTEM=unknown
+UNAME_VERSION=`(uname -v) 2>/dev/null` || UNAME_VERSION=unknown
+
+case "${UNAME_SYSTEM}" in
+Linux|GNU|GNU/*)
+	# If the system lacks a compiler, then just pick glibc.
+	# We could probably try harder.
+	LIBC=gnu
+
+	eval $set_cc_for_build
+	cat <<-EOF > $dummy.c
+	#include 
+	#if defined(__UCLIBC__)
+	LIBC=uclibc
+	#elif defined(__dietlibc__)
+	LIBC=dietlibc
+	#else
+	LIBC=gnu
+	#endif
+	EOF
+	eval `$CC_FOR_BUILD -E $dummy.c 2>/dev/null | grep '^LIBC'`
+	;;
+esac
+
+# Note: order is significant - the case branches are not exclusive.
+
+case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in
+    *:NetBSD:*:*)
+	# NetBSD (nbsd) targets should (where applicable) match one or
+	# more of the tuples: *-*-netbsdelf*, *-*-netbsdaout*,
+	# *-*-netbsdecoff* and *-*-netbsd*.  For targets that recently
+	# switched to ELF, *-*-netbsd* would select the old
+	# object file format.  This provides both forward
+	# compatibility and a consistent mechanism for selecting the
+	# object file format.
+	#
+	# Note: NetBSD doesn't particularly care about the vendor
+	# portion of the name.  We always set it to "unknown".
+	sysctl="sysctl -n hw.machine_arch"
+	UNAME_MACHINE_ARCH=`(/sbin/$sysctl 2>/dev/null || \
+	    /usr/sbin/$sysctl 2>/dev/null || echo unknown)`
+	case "${UNAME_MACHINE_ARCH}" in
+	    armeb) machine=armeb-unknown ;;
+	    arm*) machine=arm-unknown ;;
+	    sh3el) machine=shl-unknown ;;
+	    sh3eb) machine=sh-unknown ;;
+	    sh5el) machine=sh5le-unknown ;;
+	    *) machine=${UNAME_MACHINE_ARCH}-unknown ;;
+	esac
+	# The Operating System including object format, if it has switched
+	# to ELF recently, or will in the future.
+	case "${UNAME_MACHINE_ARCH}" in
+	    arm*|i386|m68k|ns32k|sh3*|sparc|vax)
+		eval $set_cc_for_build
+		if echo __ELF__ | $CC_FOR_BUILD -E - 2>/dev/null \
+			| grep -q __ELF__
+		then
+		    # Once all utilities can be ECOFF (netbsdecoff) or a.out (netbsdaout).
+		    # Return netbsd for either.  FIX?
+		    os=netbsd
+		else
+		    os=netbsdelf
+		fi
+		;;
+	    *)
+		os=netbsd
+		;;
+	esac
+	# The OS release
+	# Debian GNU/NetBSD machines have a different userland, and
+	# thus, need a distinct triplet. However, they do not need
+	# kernel version information, so it can be replaced with a
+	# suitable tag, in the style of linux-gnu.
+	case "${UNAME_VERSION}" in
+	    Debian*)
+		release='-gnu'
+		;;
+	    *)
+		release=`echo ${UNAME_RELEASE}|sed -e 's/[-_].*/\./'`
+		;;
+	esac
+	# Since CPU_TYPE-MANUFACTURER-KERNEL-OPERATING_SYSTEM:
+	# contains redundant information, the shorter form:
+	# CPU_TYPE-MANUFACTURER-OPERATING_SYSTEM is used.
+	echo "${machine}-${os}${release}"
+	exit ;;
+    *:Bitrig:*:*)
+	UNAME_MACHINE_ARCH=`arch | sed 's/Bitrig.//'`
+	echo ${UNAME_MACHINE_ARCH}-unknown-bitrig${UNAME_RELEASE}
+	exit ;;
+    *:OpenBSD:*:*)
+	UNAME_MACHINE_ARCH=`arch | sed 's/OpenBSD.//'`
+	echo ${UNAME_MACHINE_ARCH}-unknown-openbsd${UNAME_RELEASE}
+	exit ;;
+    *:ekkoBSD:*:*)
+	echo ${UNAME_MACHINE}-unknown-ekkobsd${UNAME_RELEASE}
+	exit ;;
+    *:SolidBSD:*:*)
+	echo ${UNAME_MACHINE}-unknown-solidbsd${UNAME_RELEASE}
+	exit ;;
+    macppc:MirBSD:*:*)
+	echo powerpc-unknown-mirbsd${UNAME_RELEASE}
+	exit ;;
+    *:MirBSD:*:*)
+	echo ${UNAME_MACHINE}-unknown-mirbsd${UNAME_RELEASE}
+	exit ;;
+    alpha:OSF1:*:*)
+	case $UNAME_RELEASE in
+	*4.0)
+		UNAME_RELEASE=`/usr/sbin/sizer -v | awk '{print $3}'`
+		;;
+	*5.*)
+		UNAME_RELEASE=`/usr/sbin/sizer -v | awk '{print $4}'`
+		;;
+	esac
+	# According to Compaq, /usr/sbin/psrinfo has been available on
+	# OSF/1 and Tru64 systems produced since 1995.  I hope that
+	# covers most systems running today.  This code pipes the CPU
+	# types through head -n 1, so we only detect the type of CPU 0.
+	ALPHA_CPU_TYPE=`/usr/sbin/psrinfo -v | sed -n -e 's/^  The alpha \(.*\) processor.*$/\1/p' | head -n 1`
+	case "$ALPHA_CPU_TYPE" in
+	    "EV4 (21064)")
+		UNAME_MACHINE="alpha" ;;
+	    "EV4.5 (21064)")
+		UNAME_MACHINE="alpha" ;;
+	    "LCA4 (21066/21068)")
+		UNAME_MACHINE="alpha" ;;
+	    "EV5 (21164)")
+		UNAME_MACHINE="alphaev5" ;;
+	    "EV5.6 (21164A)")
+		UNAME_MACHINE="alphaev56" ;;
+	    "EV5.6 (21164PC)")
+		UNAME_MACHINE="alphapca56" ;;
+	    "EV5.7 (21164PC)")
+		UNAME_MACHINE="alphapca57" ;;
+	    "EV6 (21264)")
+		UNAME_MACHINE="alphaev6" ;;
+	    "EV6.7 (21264A)")
+		UNAME_MACHINE="alphaev67" ;;
+	    "EV6.8CB (21264C)")
+		UNAME_MACHINE="alphaev68" ;;
+	    "EV6.8AL (21264B)")
+		UNAME_MACHINE="alphaev68" ;;
+	    "EV6.8CX (21264D)")
+		UNAME_MACHINE="alphaev68" ;;
+	    "EV6.9A (21264/EV69A)")
+		UNAME_MACHINE="alphaev69" ;;
+	    "EV7 (21364)")
+		UNAME_MACHINE="alphaev7" ;;
+	    "EV7.9 (21364A)")
+		UNAME_MACHINE="alphaev79" ;;
+	esac
+	# A Pn.n version is a patched version.
+	# A Vn.n version is a released version.
+	# A Tn.n version is a released field test version.
+	# A Xn.n version is an unreleased experimental baselevel.
+	# 1.2 uses "1.2" for uname -r.
+	echo ${UNAME_MACHINE}-dec-osf`echo ${UNAME_RELEASE} | sed -e 's/^[PVTX]//' | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz'`
+	# Reset EXIT trap before exiting to avoid spurious non-zero exit code.
+	exitcode=$?
+	trap '' 0
+	exit $exitcode ;;
+    Alpha\ *:Windows_NT*:*)
+	# How do we know it's Interix rather than the generic POSIX subsystem?
+	# Should we change UNAME_MACHINE based on the output of uname instead
+	# of the specific Alpha model?
+	echo alpha-pc-interix
+	exit ;;
+    21064:Windows_NT:50:3)
+	echo alpha-dec-winnt3.5
+	exit ;;
+    Amiga*:UNIX_System_V:4.0:*)
+	echo m68k-unknown-sysv4
+	exit ;;
+    *:[Aa]miga[Oo][Ss]:*:*)
+	echo ${UNAME_MACHINE}-unknown-amigaos
+	exit ;;
+    *:[Mm]orph[Oo][Ss]:*:*)
+	echo ${UNAME_MACHINE}-unknown-morphos
+	exit ;;
+    *:OS/390:*:*)
+	echo i370-ibm-openedition
+	exit ;;
+    *:z/VM:*:*)
+	echo s390-ibm-zvmoe
+	exit ;;
+    *:OS400:*:*)
+	echo powerpc-ibm-os400
+	exit ;;
+    arm:RISC*:1.[012]*:*|arm:riscix:1.[012]*:*)
+	echo arm-acorn-riscix${UNAME_RELEASE}
+	exit ;;
+    arm*:riscos:*:*|arm*:RISCOS:*:*)
+	echo arm-unknown-riscos
+	exit ;;
+    SR2?01:HI-UX/MPP:*:* | SR8000:HI-UX/MPP:*:*)
+	echo hppa1.1-hitachi-hiuxmpp
+	exit ;;
+    Pyramid*:OSx*:*:* | MIS*:OSx*:*:* | MIS*:SMP_DC-OSx*:*:*)
+	# akee@wpdis03.wpafb.af.mil (Earle F. Ake) contributed MIS and NILE.
+	if test "`(/bin/universe) 2>/dev/null`" = att ; then
+		echo pyramid-pyramid-sysv3
+	else
+		echo pyramid-pyramid-bsd
+	fi
+	exit ;;
+    NILE*:*:*:dcosx)
+	echo pyramid-pyramid-svr4
+	exit ;;
+    DRS?6000:unix:4.0:6*)
+	echo sparc-icl-nx6
+	exit ;;
+    DRS?6000:UNIX_SV:4.2*:7* | DRS?6000:isis:4.2*:7*)
+	case `/usr/bin/uname -p` in
+	    sparc) echo sparc-icl-nx7; exit ;;
+	esac ;;
+    s390x:SunOS:*:*)
+	echo ${UNAME_MACHINE}-ibm-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'`
+	exit ;;
+    sun4H:SunOS:5.*:*)
+	echo sparc-hal-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'`
+	exit ;;
+    sun4*:SunOS:5.*:* | tadpole*:SunOS:5.*:*)
+	echo sparc-sun-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'`
+	exit ;;
+    i86pc:AuroraUX:5.*:* | i86xen:AuroraUX:5.*:*)
+	echo i386-pc-auroraux${UNAME_RELEASE}
+	exit ;;
+    i86pc:SunOS:5.*:* | i86xen:SunOS:5.*:*)
+	eval $set_cc_for_build
+	SUN_ARCH="i386"
+	# If there is a compiler, see if it is configured for 64-bit objects.
+	# Note that the Sun cc does not turn __LP64__ into 1 like gcc does.
+	# This test works for both compilers.
+	if [ "$CC_FOR_BUILD" != 'no_compiler_found' ]; then
+	    if (echo '#ifdef __amd64'; echo IS_64BIT_ARCH; echo '#endif') | \
+		(CCOPTS= $CC_FOR_BUILD -E - 2>/dev/null) | \
+		grep IS_64BIT_ARCH >/dev/null
+	    then
+		SUN_ARCH="x86_64"
+	    fi
+	fi
+	echo ${SUN_ARCH}-pc-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'`
+	exit ;;
+    sun4*:SunOS:6*:*)
+	# According to config.sub, this is the proper way to canonicalize
+	# SunOS6.  Hard to guess exactly what SunOS6 will be like, but
+	# it's likely to be more like Solaris than SunOS4.
+	echo sparc-sun-solaris3`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'`
+	exit ;;
+    sun4*:SunOS:*:*)
+	case "`/usr/bin/arch -k`" in
+	    Series*|S4*)
+		UNAME_RELEASE=`uname -v`
+		;;
+	esac
+	# Japanese Language versions have a version number like `4.1.3-JL'.
+	echo sparc-sun-sunos`echo ${UNAME_RELEASE}|sed -e 's/-/_/'`
+	exit ;;
+    sun3*:SunOS:*:*)
+	echo m68k-sun-sunos${UNAME_RELEASE}
+	exit ;;
+    sun*:*:4.2BSD:*)
+	UNAME_RELEASE=`(sed 1q /etc/motd | awk '{print substr($5,1,3)}') 2>/dev/null`
+	test "x${UNAME_RELEASE}" = "x" && UNAME_RELEASE=3
+	case "`/bin/arch`" in
+	    sun3)
+		echo m68k-sun-sunos${UNAME_RELEASE}
+		;;
+	    sun4)
+		echo sparc-sun-sunos${UNAME_RELEASE}
+		;;
+	esac
+	exit ;;
+    aushp:SunOS:*:*)
+	echo sparc-auspex-sunos${UNAME_RELEASE}
+	exit ;;
+    # The situation for MiNT is a little confusing.  The machine name
+    # can be virtually everything (everything which is not
+    # "atarist" or "atariste" at least should have a processor
+    # > m68000).  The system name ranges from "MiNT" over "FreeMiNT"
+    # to the lowercase version "mint" (or "freemint").  Finally
+    # the system name "TOS" denotes a system which is actually not
+    # MiNT.  But MiNT is downward compatible to TOS, so this should
+    # be no problem.
+    atarist[e]:*MiNT:*:* | atarist[e]:*mint:*:* | atarist[e]:*TOS:*:*)
+	echo m68k-atari-mint${UNAME_RELEASE}
+	exit ;;
+    atari*:*MiNT:*:* | atari*:*mint:*:* | atarist[e]:*TOS:*:*)
+	echo m68k-atari-mint${UNAME_RELEASE}
+	exit ;;
+    *falcon*:*MiNT:*:* | *falcon*:*mint:*:* | *falcon*:*TOS:*:*)
+	echo m68k-atari-mint${UNAME_RELEASE}
+	exit ;;
+    milan*:*MiNT:*:* | milan*:*mint:*:* | *milan*:*TOS:*:*)
+	echo m68k-milan-mint${UNAME_RELEASE}
+	exit ;;
+    hades*:*MiNT:*:* | hades*:*mint:*:* | *hades*:*TOS:*:*)
+	echo m68k-hades-mint${UNAME_RELEASE}
+	exit ;;
+    *:*MiNT:*:* | *:*mint:*:* | *:*TOS:*:*)
+	echo m68k-unknown-mint${UNAME_RELEASE}
+	exit ;;
+    m68k:machten:*:*)
+	echo m68k-apple-machten${UNAME_RELEASE}
+	exit ;;
+    powerpc:machten:*:*)
+	echo powerpc-apple-machten${UNAME_RELEASE}
+	exit ;;
+    RISC*:Mach:*:*)
+	echo mips-dec-mach_bsd4.3
+	exit ;;
+    RISC*:ULTRIX:*:*)
+	echo mips-dec-ultrix${UNAME_RELEASE}
+	exit ;;
+    VAX*:ULTRIX*:*:*)
+	echo vax-dec-ultrix${UNAME_RELEASE}
+	exit ;;
+    2020:CLIX:*:* | 2430:CLIX:*:*)
+	echo clipper-intergraph-clix${UNAME_RELEASE}
+	exit ;;
+    mips:*:*:UMIPS | mips:*:*:RISCos)
+	eval $set_cc_for_build
+	sed 's/^	//' << EOF >$dummy.c
+#ifdef __cplusplus
+#include   /* for printf() prototype */
+	int main (int argc, char *argv[]) {
+#else
+	int main (argc, argv) int argc; char *argv[]; {
+#endif
+	#if defined (host_mips) && defined (MIPSEB)
+	#if defined (SYSTYPE_SYSV)
+	  printf ("mips-mips-riscos%ssysv\n", argv[1]); exit (0);
+	#endif
+	#if defined (SYSTYPE_SVR4)
+	  printf ("mips-mips-riscos%ssvr4\n", argv[1]); exit (0);
+	#endif
+	#if defined (SYSTYPE_BSD43) || defined(SYSTYPE_BSD)
+	  printf ("mips-mips-riscos%sbsd\n", argv[1]); exit (0);
+	#endif
+	#endif
+	  exit (-1);
+	}
+EOF
+	$CC_FOR_BUILD -o $dummy $dummy.c &&
+	  dummyarg=`echo "${UNAME_RELEASE}" | sed -n 's/\([0-9]*\).*/\1/p'` &&
+	  SYSTEM_NAME=`$dummy $dummyarg` &&
+	    { echo "$SYSTEM_NAME"; exit; }
+	echo mips-mips-riscos${UNAME_RELEASE}
+	exit ;;
+    Motorola:PowerMAX_OS:*:*)
+	echo powerpc-motorola-powermax
+	exit ;;
+    Motorola:*:4.3:PL8-*)
+	echo powerpc-harris-powermax
+	exit ;;
+    Night_Hawk:*:*:PowerMAX_OS | Synergy:PowerMAX_OS:*:*)
+	echo powerpc-harris-powermax
+	exit ;;
+    Night_Hawk:Power_UNIX:*:*)
+	echo powerpc-harris-powerunix
+	exit ;;
+    m88k:CX/UX:7*:*)
+	echo m88k-harris-cxux7
+	exit ;;
+    m88k:*:4*:R4*)
+	echo m88k-motorola-sysv4
+	exit ;;
+    m88k:*:3*:R3*)
+	echo m88k-motorola-sysv3
+	exit ;;
+    AViiON:dgux:*:*)
+	# DG/UX returns AViiON for all architectures
+	UNAME_PROCESSOR=`/usr/bin/uname -p`
+	if [ $UNAME_PROCESSOR = mc88100 ] || [ $UNAME_PROCESSOR = mc88110 ]
+	then
+	    if [ ${TARGET_BINARY_INTERFACE}x = m88kdguxelfx ] || \
+	       [ ${TARGET_BINARY_INTERFACE}x = x ]
+	    then
+		echo m88k-dg-dgux${UNAME_RELEASE}
+	    else
+		echo m88k-dg-dguxbcs${UNAME_RELEASE}
+	    fi
+	else
+	    echo i586-dg-dgux${UNAME_RELEASE}
+	fi
+	exit ;;
+    M88*:DolphinOS:*:*)	# DolphinOS (SVR3)
+	echo m88k-dolphin-sysv3
+	exit ;;
+    M88*:*:R3*:*)
+	# Delta 88k system running SVR3
+	echo m88k-motorola-sysv3
+	exit ;;
+    XD88*:*:*:*) # Tektronix XD88 system running UTekV (SVR3)
+	echo m88k-tektronix-sysv3
+	exit ;;
+    Tek43[0-9][0-9]:UTek:*:*) # Tektronix 4300 system running UTek (BSD)
+	echo m68k-tektronix-bsd
+	exit ;;
+    *:IRIX*:*:*)
+	echo mips-sgi-irix`echo ${UNAME_RELEASE}|sed -e 's/-/_/g'`
+	exit ;;
+    ????????:AIX?:[12].1:2)   # AIX 2.2.1 or AIX 2.1.1 is RT/PC AIX.
+	echo romp-ibm-aix     # uname -m gives an 8 hex-code CPU id
+	exit ;;               # Note that: echo "'`uname -s`'" gives 'AIX '
+    i*86:AIX:*:*)
+	echo i386-ibm-aix
+	exit ;;
+    ia64:AIX:*:*)
+	if [ -x /usr/bin/oslevel ] ; then
+		IBM_REV=`/usr/bin/oslevel`
+	else
+		IBM_REV=${UNAME_VERSION}.${UNAME_RELEASE}
+	fi
+	echo ${UNAME_MACHINE}-ibm-aix${IBM_REV}
+	exit ;;
+    *:AIX:2:3)
+	if grep bos325 /usr/include/stdio.h >/dev/null 2>&1; then
+		eval $set_cc_for_build
+		sed 's/^		//' << EOF >$dummy.c
+		#include 
+
+		main()
+			{
+			if (!__power_pc())
+				exit(1);
+			puts("powerpc-ibm-aix3.2.5");
+			exit(0);
+			}
+EOF
+		if $CC_FOR_BUILD -o $dummy $dummy.c && SYSTEM_NAME=`$dummy`
+		then
+			echo "$SYSTEM_NAME"
+		else
+			echo rs6000-ibm-aix3.2.5
+		fi
+	elif grep bos324 /usr/include/stdio.h >/dev/null 2>&1; then
+		echo rs6000-ibm-aix3.2.4
+	else
+		echo rs6000-ibm-aix3.2
+	fi
+	exit ;;
+    *:AIX:*:[4567])
+	IBM_CPU_ID=`/usr/sbin/lsdev -C -c processor -S available | sed 1q | awk '{ print $1 }'`
+	if /usr/sbin/lsattr -El ${IBM_CPU_ID} | grep ' POWER' >/dev/null 2>&1; then
+		IBM_ARCH=rs6000
+	else
+		IBM_ARCH=powerpc
+	fi
+	if [ -x /usr/bin/oslevel ] ; then
+		IBM_REV=`/usr/bin/oslevel`
+	else
+		IBM_REV=${UNAME_VERSION}.${UNAME_RELEASE}
+	fi
+	echo ${IBM_ARCH}-ibm-aix${IBM_REV}
+	exit ;;
+    *:AIX:*:*)
+	echo rs6000-ibm-aix
+	exit ;;
+    ibmrt:4.4BSD:*|romp-ibm:BSD:*)
+	echo romp-ibm-bsd4.4
+	exit ;;
+    ibmrt:*BSD:*|romp-ibm:BSD:*)            # covers RT/PC BSD and
+	echo romp-ibm-bsd${UNAME_RELEASE}   # 4.3 with uname added to
+	exit ;;                             # report: romp-ibm BSD 4.3
+    *:BOSX:*:*)
+	echo rs6000-bull-bosx
+	exit ;;
+    DPX/2?00:B.O.S.:*:*)
+	echo m68k-bull-sysv3
+	exit ;;
+    9000/[34]??:4.3bsd:1.*:*)
+	echo m68k-hp-bsd
+	exit ;;
+    hp300:4.4BSD:*:* | 9000/[34]??:4.3bsd:2.*:*)
+	echo m68k-hp-bsd4.4
+	exit ;;
+    9000/[34678]??:HP-UX:*:*)
+	HPUX_REV=`echo ${UNAME_RELEASE}|sed -e 's/[^.]*.[0B]*//'`
+	case "${UNAME_MACHINE}" in
+	    9000/31? )            HP_ARCH=m68000 ;;
+	    9000/[34]?? )         HP_ARCH=m68k ;;
+	    9000/[678][0-9][0-9])
+		if [ -x /usr/bin/getconf ]; then
+		    sc_cpu_version=`/usr/bin/getconf SC_CPU_VERSION 2>/dev/null`
+		    sc_kernel_bits=`/usr/bin/getconf SC_KERNEL_BITS 2>/dev/null`
+		    case "${sc_cpu_version}" in
+		      523) HP_ARCH="hppa1.0" ;; # CPU_PA_RISC1_0
+		      528) HP_ARCH="hppa1.1" ;; # CPU_PA_RISC1_1
+		      532)                      # CPU_PA_RISC2_0
+			case "${sc_kernel_bits}" in
+			  32) HP_ARCH="hppa2.0n" ;;
+			  64) HP_ARCH="hppa2.0w" ;;
+			  '') HP_ARCH="hppa2.0" ;;   # HP-UX 10.20
+			esac ;;
+		    esac
+		fi
+		if [ "${HP_ARCH}" = "" ]; then
+		    eval $set_cc_for_build
+		    sed 's/^		//' << EOF >$dummy.c
+
+		#define _HPUX_SOURCE
+		#include 
+		#include 
+
+		int main ()
+		{
+		#if defined(_SC_KERNEL_BITS)
+		    long bits = sysconf(_SC_KERNEL_BITS);
+		#endif
+		    long cpu  = sysconf (_SC_CPU_VERSION);
+
+		    switch (cpu)
+			{
+			case CPU_PA_RISC1_0: puts ("hppa1.0"); break;
+			case CPU_PA_RISC1_1: puts ("hppa1.1"); break;
+			case CPU_PA_RISC2_0:
+		#if defined(_SC_KERNEL_BITS)
+			    switch (bits)
+				{
+				case 64: puts ("hppa2.0w"); break;
+				case 32: puts ("hppa2.0n"); break;
+				default: puts ("hppa2.0"); break;
+				} break;
+		#else  /* !defined(_SC_KERNEL_BITS) */
+			    puts ("hppa2.0"); break;
+		#endif
+			default: puts ("hppa1.0"); break;
+			}
+		    exit (0);
+		}
+EOF
+		    (CCOPTS= $CC_FOR_BUILD -o $dummy $dummy.c 2>/dev/null) && HP_ARCH=`$dummy`
+		    test -z "$HP_ARCH" && HP_ARCH=hppa
+		fi ;;
+	esac
+	if [ ${HP_ARCH} = "hppa2.0w" ]
+	then
+	    eval $set_cc_for_build
+
+	    # hppa2.0w-hp-hpux* has a 64-bit kernel and a compiler generating
+	    # 32-bit code.  hppa64-hp-hpux* has the same kernel and a compiler
+	    # generating 64-bit code.  GNU and HP use different nomenclature:
+	    #
+	    # $ CC_FOR_BUILD=cc ./config.guess
+	    # => hppa2.0w-hp-hpux11.23
+	    # $ CC_FOR_BUILD="cc +DA2.0w" ./config.guess
+	    # => hppa64-hp-hpux11.23
+
+	    if echo __LP64__ | (CCOPTS= $CC_FOR_BUILD -E - 2>/dev/null) |
+		grep -q __LP64__
+	    then
+		HP_ARCH="hppa2.0w"
+	    else
+		HP_ARCH="hppa64"
+	    fi
+	fi
+	echo ${HP_ARCH}-hp-hpux${HPUX_REV}
+	exit ;;
+    ia64:HP-UX:*:*)
+	HPUX_REV=`echo ${UNAME_RELEASE}|sed -e 's/[^.]*.[0B]*//'`
+	echo ia64-hp-hpux${HPUX_REV}
+	exit ;;
+    3050*:HI-UX:*:*)
+	eval $set_cc_for_build
+	sed 's/^	//' << EOF >$dummy.c
+	#include 
+	int
+	main ()
+	{
+	  long cpu = sysconf (_SC_CPU_VERSION);
+	  /* The order matters, because CPU_IS_HP_MC68K erroneously returns
+	     true for CPU_PA_RISC1_0.  CPU_IS_PA_RISC returns correct
+	     results, however.  */
+	  if (CPU_IS_PA_RISC (cpu))
+	    {
+	      switch (cpu)
+		{
+		  case CPU_PA_RISC1_0: puts ("hppa1.0-hitachi-hiuxwe2"); break;
+		  case CPU_PA_RISC1_1: puts ("hppa1.1-hitachi-hiuxwe2"); break;
+		  case CPU_PA_RISC2_0: puts ("hppa2.0-hitachi-hiuxwe2"); break;
+		  default: puts ("hppa-hitachi-hiuxwe2"); break;
+		}
+	    }
+	  else if (CPU_IS_HP_MC68K (cpu))
+	    puts ("m68k-hitachi-hiuxwe2");
+	  else puts ("unknown-hitachi-hiuxwe2");
+	  exit (0);
+	}
+EOF
+	$CC_FOR_BUILD -o $dummy $dummy.c && SYSTEM_NAME=`$dummy` &&
+		{ echo "$SYSTEM_NAME"; exit; }
+	echo unknown-hitachi-hiuxwe2
+	exit ;;
+    9000/7??:4.3bsd:*:* | 9000/8?[79]:4.3bsd:*:* )
+	echo hppa1.1-hp-bsd
+	exit ;;
+    9000/8??:4.3bsd:*:*)
+	echo hppa1.0-hp-bsd
+	exit ;;
+    *9??*:MPE/iX:*:* | *3000*:MPE/iX:*:*)
+	echo hppa1.0-hp-mpeix
+	exit ;;
+    hp7??:OSF1:*:* | hp8?[79]:OSF1:*:* )
+	echo hppa1.1-hp-osf
+	exit ;;
+    hp8??:OSF1:*:*)
+	echo hppa1.0-hp-osf
+	exit ;;
+    i*86:OSF1:*:*)
+	if [ -x /usr/sbin/sysversion ] ; then
+	    echo ${UNAME_MACHINE}-unknown-osf1mk
+	else
+	    echo ${UNAME_MACHINE}-unknown-osf1
+	fi
+	exit ;;
+    parisc*:Lites*:*:*)
+	echo hppa1.1-hp-lites
+	exit ;;
+    C1*:ConvexOS:*:* | convex:ConvexOS:C1*:*)
+	echo c1-convex-bsd
+	exit ;;
+    C2*:ConvexOS:*:* | convex:ConvexOS:C2*:*)
+	if getsysinfo -f scalar_acc
+	then echo c32-convex-bsd
+	else echo c2-convex-bsd
+	fi
+	exit ;;
+    C34*:ConvexOS:*:* | convex:ConvexOS:C34*:*)
+	echo c34-convex-bsd
+	exit ;;
+    C38*:ConvexOS:*:* | convex:ConvexOS:C38*:*)
+	echo c38-convex-bsd
+	exit ;;
+    C4*:ConvexOS:*:* | convex:ConvexOS:C4*:*)
+	echo c4-convex-bsd
+	exit ;;
+    CRAY*Y-MP:*:*:*)
+	echo ymp-cray-unicos${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/'
+	exit ;;
+    CRAY*[A-Z]90:*:*:*)
+	echo ${UNAME_MACHINE}-cray-unicos${UNAME_RELEASE} \
+	| sed -e 's/CRAY.*\([A-Z]90\)/\1/' \
+	      -e y/ABCDEFGHIJKLMNOPQRSTUVWXYZ/abcdefghijklmnopqrstuvwxyz/ \
+	      -e 's/\.[^.]*$/.X/'
+	exit ;;
+    CRAY*TS:*:*:*)
+	echo t90-cray-unicos${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/'
+	exit ;;
+    CRAY*T3E:*:*:*)
+	echo alphaev5-cray-unicosmk${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/'
+	exit ;;
+    CRAY*SV1:*:*:*)
+	echo sv1-cray-unicos${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/'
+	exit ;;
+    *:UNICOS/mp:*:*)
+	echo craynv-cray-unicosmp${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/'
+	exit ;;
+    F30[01]:UNIX_System_V:*:* | F700:UNIX_System_V:*:*)
+	FUJITSU_PROC=`uname -m | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz'`
+	FUJITSU_SYS=`uname -p | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/\///'`
+	FUJITSU_REL=`echo ${UNAME_RELEASE} | sed -e 's/ /_/'`
+	echo "${FUJITSU_PROC}-fujitsu-${FUJITSU_SYS}${FUJITSU_REL}"
+	exit ;;
+    5000:UNIX_System_V:4.*:*)
+	FUJITSU_SYS=`uname -p | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/\///'`
+	FUJITSU_REL=`echo ${UNAME_RELEASE} | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/ /_/'`
+	echo "sparc-fujitsu-${FUJITSU_SYS}${FUJITSU_REL}"
+	exit ;;
+    i*86:BSD/386:*:* | i*86:BSD/OS:*:* | *:Ascend\ Embedded/OS:*:*)
+	echo ${UNAME_MACHINE}-pc-bsdi${UNAME_RELEASE}
+	exit ;;
+    sparc*:BSD/OS:*:*)
+	echo sparc-unknown-bsdi${UNAME_RELEASE}
+	exit ;;
+    *:BSD/OS:*:*)
+	echo ${UNAME_MACHINE}-unknown-bsdi${UNAME_RELEASE}
+	exit ;;
+    *:FreeBSD:*:*)
+	UNAME_PROCESSOR=`/usr/bin/uname -p`
+	case ${UNAME_PROCESSOR} in
+	    amd64)
+		echo x86_64-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` ;;
+	    *)
+		echo ${UNAME_PROCESSOR}-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` ;;
+	esac
+	exit ;;
+    i*:CYGWIN*:*)
+	echo ${UNAME_MACHINE}-pc-cygwin
+	exit ;;
+    *:MINGW64*:*)
+	echo ${UNAME_MACHINE}-pc-mingw64
+	exit ;;
+    *:MINGW*:*)
+	echo ${UNAME_MACHINE}-pc-mingw32
+	exit ;;
+    i*:MSYS*:*)
+	echo ${UNAME_MACHINE}-pc-msys
+	exit ;;
+    i*:windows32*:*)
+	# uname -m includes "-pc" on this system.
+	echo ${UNAME_MACHINE}-mingw32
+	exit ;;
+    i*:PW*:*)
+	echo ${UNAME_MACHINE}-pc-pw32
+	exit ;;
+    *:Interix*:*)
+	case ${UNAME_MACHINE} in
+	    x86)
+		echo i586-pc-interix${UNAME_RELEASE}
+		exit ;;
+	    authenticamd | genuineintel | EM64T)
+		echo x86_64-unknown-interix${UNAME_RELEASE}
+		exit ;;
+	    IA64)
+		echo ia64-unknown-interix${UNAME_RELEASE}
+		exit ;;
+	esac ;;
+    [345]86:Windows_95:* | [345]86:Windows_98:* | [345]86:Windows_NT:*)
+	echo i${UNAME_MACHINE}-pc-mks
+	exit ;;
+    8664:Windows_NT:*)
+	echo x86_64-pc-mks
+	exit ;;
+    i*:Windows_NT*:* | Pentium*:Windows_NT*:*)
+	# How do we know it's Interix rather than the generic POSIX subsystem?
+	# It also conflicts with pre-2.0 versions of AT&T UWIN. Should we
+	# UNAME_MACHINE based on the output of uname instead of i386?
+	echo i586-pc-interix
+	exit ;;
+    i*:UWIN*:*)
+	echo ${UNAME_MACHINE}-pc-uwin
+	exit ;;
+    amd64:CYGWIN*:*:* | x86_64:CYGWIN*:*:*)
+	echo x86_64-unknown-cygwin
+	exit ;;
+    p*:CYGWIN*:*)
+	echo powerpcle-unknown-cygwin
+	exit ;;
+    prep*:SunOS:5.*:*)
+	echo powerpcle-unknown-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'`
+	exit ;;
+    *:GNU:*:*)
+	# the GNU system
+	echo `echo ${UNAME_MACHINE}|sed -e 's,[-/].*$,,'`-unknown-${LIBC}`echo ${UNAME_RELEASE}|sed -e 's,/.*$,,'`
+	exit ;;
+    *:GNU/*:*:*)
+	# other systems with GNU libc and userland
+	echo ${UNAME_MACHINE}-unknown-`echo ${UNAME_SYSTEM} | sed 's,^[^/]*/,,' | tr '[A-Z]' '[a-z]'``echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'`-${LIBC}
+	exit ;;
+    i*86:Minix:*:*)
+	echo ${UNAME_MACHINE}-pc-minix
+	exit ;;
+    aarch64:Linux:*:*)
+	echo ${UNAME_MACHINE}-unknown-linux-${LIBC}
+	exit ;;
+    aarch64_be:Linux:*:*)
+	UNAME_MACHINE=aarch64_be
+	echo ${UNAME_MACHINE}-unknown-linux-${LIBC}
+	exit ;;
+    alpha:Linux:*:*)
+	case `sed -n '/^cpu model/s/^.*: \(.*\)/\1/p' < /proc/cpuinfo` in
+	  EV5)   UNAME_MACHINE=alphaev5 ;;
+	  EV56)  UNAME_MACHINE=alphaev56 ;;
+	  PCA56) UNAME_MACHINE=alphapca56 ;;
+	  PCA57) UNAME_MACHINE=alphapca56 ;;
+	  EV6)   UNAME_MACHINE=alphaev6 ;;
+	  EV67)  UNAME_MACHINE=alphaev67 ;;
+	  EV68*) UNAME_MACHINE=alphaev68 ;;
+	esac
+	objdump --private-headers /bin/sh | grep -q ld.so.1
+	if test "$?" = 0 ; then LIBC="gnulibc1" ; fi
+	echo ${UNAME_MACHINE}-unknown-linux-${LIBC}
+	exit ;;
+    arc:Linux:*:* | arceb:Linux:*:*)
+	echo ${UNAME_MACHINE}-unknown-linux-${LIBC}
+	exit ;;
+    arm*:Linux:*:*)
+	eval $set_cc_for_build
+	if echo __ARM_EABI__ | $CC_FOR_BUILD -E - 2>/dev/null \
+	    | grep -q __ARM_EABI__
+	then
+	    echo ${UNAME_MACHINE}-unknown-linux-${LIBC}
+	else
+	    if echo __ARM_PCS_VFP | $CC_FOR_BUILD -E - 2>/dev/null \
+		| grep -q __ARM_PCS_VFP
+	    then
+		echo ${UNAME_MACHINE}-unknown-linux-${LIBC}eabi
+	    else
+		echo ${UNAME_MACHINE}-unknown-linux-${LIBC}eabihf
+	    fi
+	fi
+	exit ;;
+    avr32*:Linux:*:*)
+	echo ${UNAME_MACHINE}-unknown-linux-${LIBC}
+	exit ;;
+    cris:Linux:*:*)
+	echo ${UNAME_MACHINE}-axis-linux-${LIBC}
+	exit ;;
+    crisv32:Linux:*:*)
+	echo ${UNAME_MACHINE}-axis-linux-${LIBC}
+	exit ;;
+    frv:Linux:*:*)
+	echo ${UNAME_MACHINE}-unknown-linux-${LIBC}
+	exit ;;
+    hexagon:Linux:*:*)
+	echo ${UNAME_MACHINE}-unknown-linux-${LIBC}
+	exit ;;
+    i*86:Linux:*:*)
+	echo ${UNAME_MACHINE}-pc-linux-${LIBC}
+	exit ;;
+    ia64:Linux:*:*)
+	echo ${UNAME_MACHINE}-unknown-linux-${LIBC}
+	exit ;;
+    m32r*:Linux:*:*)
+	echo ${UNAME_MACHINE}-unknown-linux-${LIBC}
+	exit ;;
+    m68*:Linux:*:*)
+	echo ${UNAME_MACHINE}-unknown-linux-${LIBC}
+	exit ;;
+    mips:Linux:*:* | mips64:Linux:*:*)
+	eval $set_cc_for_build
+	sed 's/^	//' << EOF >$dummy.c
+	#undef CPU
+	#undef ${UNAME_MACHINE}
+	#undef ${UNAME_MACHINE}el
+	#if defined(__MIPSEL__) || defined(__MIPSEL) || defined(_MIPSEL) || defined(MIPSEL)
+	CPU=${UNAME_MACHINE}el
+	#else
+	#if defined(__MIPSEB__) || defined(__MIPSEB) || defined(_MIPSEB) || defined(MIPSEB)
+	CPU=${UNAME_MACHINE}
+	#else
+	CPU=
+	#endif
+	#endif
+EOF
+	eval `$CC_FOR_BUILD -E $dummy.c 2>/dev/null | grep '^CPU'`
+	test x"${CPU}" != x && { echo "${CPU}-unknown-linux-${LIBC}"; exit; }
+	;;
+    or1k:Linux:*:*)
+	echo ${UNAME_MACHINE}-unknown-linux-${LIBC}
+	exit ;;
+    or32:Linux:*:*)
+	echo ${UNAME_MACHINE}-unknown-linux-${LIBC}
+	exit ;;
+    padre:Linux:*:*)
+	echo sparc-unknown-linux-${LIBC}
+	exit ;;
+    parisc64:Linux:*:* | hppa64:Linux:*:*)
+	echo hppa64-unknown-linux-${LIBC}
+	exit ;;
+    parisc:Linux:*:* | hppa:Linux:*:*)
+	# Look for CPU level
+	case `grep '^cpu[^a-z]*:' /proc/cpuinfo 2>/dev/null | cut -d' ' -f2` in
+	  PA7*) echo hppa1.1-unknown-linux-${LIBC} ;;
+	  PA8*) echo hppa2.0-unknown-linux-${LIBC} ;;
+	  *)    echo hppa-unknown-linux-${LIBC} ;;
+	esac
+	exit ;;
+    ppc64:Linux:*:*)
+	echo powerpc64-unknown-linux-${LIBC}
+	exit ;;
+    ppc:Linux:*:*)
+	echo powerpc-unknown-linux-${LIBC}
+	exit ;;
+    ppc64le:Linux:*:*)
+	echo powerpc64le-unknown-linux-${LIBC}
+	exit ;;
+    ppcle:Linux:*:*)
+	echo powerpcle-unknown-linux-${LIBC}
+	exit ;;
+    s390:Linux:*:* | s390x:Linux:*:*)
+	echo ${UNAME_MACHINE}-ibm-linux-${LIBC}
+	exit ;;
+    sh64*:Linux:*:*)
+	echo ${UNAME_MACHINE}-unknown-linux-${LIBC}
+	exit ;;
+    sh*:Linux:*:*)
+	echo ${UNAME_MACHINE}-unknown-linux-${LIBC}
+	exit ;;
+    sparc:Linux:*:* | sparc64:Linux:*:*)
+	echo ${UNAME_MACHINE}-unknown-linux-${LIBC}
+	exit ;;
+    tile*:Linux:*:*)
+	echo ${UNAME_MACHINE}-unknown-linux-${LIBC}
+	exit ;;
+    vax:Linux:*:*)
+	echo ${UNAME_MACHINE}-dec-linux-${LIBC}
+	exit ;;
+    x86_64:Linux:*:*)
+	echo ${UNAME_MACHINE}-unknown-linux-${LIBC}
+	exit ;;
+    xtensa*:Linux:*:*)
+	echo ${UNAME_MACHINE}-unknown-linux-${LIBC}
+	exit ;;
+    i*86:DYNIX/ptx:4*:*)
+	# ptx 4.0 does uname -s correctly, with DYNIX/ptx in there.
+	# earlier versions are messed up and put the nodename in both
+	# sysname and nodename.
+	echo i386-sequent-sysv4
+	exit ;;
+    i*86:UNIX_SV:4.2MP:2.*)
+	# Unixware is an offshoot of SVR4, but it has its own version
+	# number series starting with 2...
+	# I am not positive that other SVR4 systems won't match this,
+	# I just have to hope.  -- rms.
+	# Use sysv4.2uw... so that sysv4* matches it.
+	echo ${UNAME_MACHINE}-pc-sysv4.2uw${UNAME_VERSION}
+	exit ;;
+    i*86:OS/2:*:*)
+	# If we were able to find `uname', then EMX Unix compatibility
+	# is probably installed.
+	echo ${UNAME_MACHINE}-pc-os2-emx
+	exit ;;
+    i*86:XTS-300:*:STOP)
+	echo ${UNAME_MACHINE}-unknown-stop
+	exit ;;
+    i*86:atheos:*:*)
+	echo ${UNAME_MACHINE}-unknown-atheos
+	exit ;;
+    i*86:syllable:*:*)
+	echo ${UNAME_MACHINE}-pc-syllable
+	exit ;;
+    i*86:LynxOS:2.*:* | i*86:LynxOS:3.[01]*:* | i*86:LynxOS:4.[02]*:*)
+	echo i386-unknown-lynxos${UNAME_RELEASE}
+	exit ;;
+    i*86:*DOS:*:*)
+	echo ${UNAME_MACHINE}-pc-msdosdjgpp
+	exit ;;
+    i*86:*:4.*:* | i*86:SYSTEM_V:4.*:*)
+	UNAME_REL=`echo ${UNAME_RELEASE} | sed 's/\/MP$//'`
+	if grep Novell /usr/include/link.h >/dev/null 2>/dev/null; then
+		echo ${UNAME_MACHINE}-univel-sysv${UNAME_REL}
+	else
+		echo ${UNAME_MACHINE}-pc-sysv${UNAME_REL}
+	fi
+	exit ;;
+    i*86:*:5:[678]*)
+	# UnixWare 7.x, OpenUNIX and OpenServer 6.
+	case `/bin/uname -X | grep "^Machine"` in
+	    *486*)	     UNAME_MACHINE=i486 ;;
+	    *Pentium)	     UNAME_MACHINE=i586 ;;
+	    *Pent*|*Celeron) UNAME_MACHINE=i686 ;;
+	esac
+	echo ${UNAME_MACHINE}-unknown-sysv${UNAME_RELEASE}${UNAME_SYSTEM}${UNAME_VERSION}
+	exit ;;
+    i*86:*:3.2:*)
+	if test -f /usr/options/cb.name; then
+		UNAME_REL=`sed -n 's/.*Version //p' /dev/null >/dev/null ; then
+		UNAME_REL=`(/bin/uname -X|grep Release|sed -e 's/.*= //')`
+		(/bin/uname -X|grep i80486 >/dev/null) && UNAME_MACHINE=i486
+		(/bin/uname -X|grep '^Machine.*Pentium' >/dev/null) \
+			&& UNAME_MACHINE=i586
+		(/bin/uname -X|grep '^Machine.*Pent *II' >/dev/null) \
+			&& UNAME_MACHINE=i686
+		(/bin/uname -X|grep '^Machine.*Pentium Pro' >/dev/null) \
+			&& UNAME_MACHINE=i686
+		echo ${UNAME_MACHINE}-pc-sco$UNAME_REL
+	else
+		echo ${UNAME_MACHINE}-pc-sysv32
+	fi
+	exit ;;
+    pc:*:*:*)
+	# Left here for compatibility:
+	# uname -m prints for DJGPP always 'pc', but it prints nothing about
+	# the processor, so we play safe by assuming i586.
+	# Note: whatever this is, it MUST be the same as what config.sub
+	# prints for the "djgpp" host, or else GDB configury will decide that
+	# this is a cross-build.
+	echo i586-pc-msdosdjgpp
+	exit ;;
+    Intel:Mach:3*:*)
+	echo i386-pc-mach3
+	exit ;;
+    paragon:*:*:*)
+	echo i860-intel-osf1
+	exit ;;
+    i860:*:4.*:*) # i860-SVR4
+	if grep Stardent /usr/include/sys/uadmin.h >/dev/null 2>&1 ; then
+	  echo i860-stardent-sysv${UNAME_RELEASE} # Stardent Vistra i860-SVR4
+	else # Add other i860-SVR4 vendors below as they are discovered.
+	  echo i860-unknown-sysv${UNAME_RELEASE}  # Unknown i860-SVR4
+	fi
+	exit ;;
+    mini*:CTIX:SYS*5:*)
+	# "miniframe"
+	echo m68010-convergent-sysv
+	exit ;;
+    mc68k:UNIX:SYSTEM5:3.51m)
+	echo m68k-convergent-sysv
+	exit ;;
+    M680?0:D-NIX:5.3:*)
+	echo m68k-diab-dnix
+	exit ;;
+    M68*:*:R3V[5678]*:*)
+	test -r /sysV68 && { echo 'm68k-motorola-sysv'; exit; } ;;
+    3[345]??:*:4.0:3.0 | 3[34]??A:*:4.0:3.0 | 3[34]??,*:*:4.0:3.0 | 3[34]??/*:*:4.0:3.0 | 4400:*:4.0:3.0 | 4850:*:4.0:3.0 | SKA40:*:4.0:3.0 | SDS2:*:4.0:3.0 | SHG2:*:4.0:3.0 | S7501*:*:4.0:3.0)
+	OS_REL=''
+	test -r /etc/.relid \
+	&& OS_REL=.`sed -n 's/[^ ]* [^ ]* \([0-9][0-9]\).*/\1/p' < /etc/.relid`
+	/bin/uname -p 2>/dev/null | grep 86 >/dev/null \
+	  && { echo i486-ncr-sysv4.3${OS_REL}; exit; }
+	/bin/uname -p 2>/dev/null | /bin/grep entium >/dev/null \
+	  && { echo i586-ncr-sysv4.3${OS_REL}; exit; } ;;
+    3[34]??:*:4.0:* | 3[34]??,*:*:4.0:*)
+	/bin/uname -p 2>/dev/null | grep 86 >/dev/null \
+	  && { echo i486-ncr-sysv4; exit; } ;;
+    NCR*:*:4.2:* | MPRAS*:*:4.2:*)
+	OS_REL='.3'
+	test -r /etc/.relid \
+	    && OS_REL=.`sed -n 's/[^ ]* [^ ]* \([0-9][0-9]\).*/\1/p' < /etc/.relid`
+	/bin/uname -p 2>/dev/null | grep 86 >/dev/null \
+	    && { echo i486-ncr-sysv4.3${OS_REL}; exit; }
+	/bin/uname -p 2>/dev/null | /bin/grep entium >/dev/null \
+	    && { echo i586-ncr-sysv4.3${OS_REL}; exit; }
+	/bin/uname -p 2>/dev/null | /bin/grep pteron >/dev/null \
+	    && { echo i586-ncr-sysv4.3${OS_REL}; exit; } ;;
+    m68*:LynxOS:2.*:* | m68*:LynxOS:3.0*:*)
+	echo m68k-unknown-lynxos${UNAME_RELEASE}
+	exit ;;
+    mc68030:UNIX_System_V:4.*:*)
+	echo m68k-atari-sysv4
+	exit ;;
+    TSUNAMI:LynxOS:2.*:*)
+	echo sparc-unknown-lynxos${UNAME_RELEASE}
+	exit ;;
+    rs6000:LynxOS:2.*:*)
+	echo rs6000-unknown-lynxos${UNAME_RELEASE}
+	exit ;;
+    PowerPC:LynxOS:2.*:* | PowerPC:LynxOS:3.[01]*:* | PowerPC:LynxOS:4.[02]*:*)
+	echo powerpc-unknown-lynxos${UNAME_RELEASE}
+	exit ;;
+    SM[BE]S:UNIX_SV:*:*)
+	echo mips-dde-sysv${UNAME_RELEASE}
+	exit ;;
+    RM*:ReliantUNIX-*:*:*)
+	echo mips-sni-sysv4
+	exit ;;
+    RM*:SINIX-*:*:*)
+	echo mips-sni-sysv4
+	exit ;;
+    *:SINIX-*:*:*)
+	if uname -p 2>/dev/null >/dev/null ; then
+		UNAME_MACHINE=`(uname -p) 2>/dev/null`
+		echo ${UNAME_MACHINE}-sni-sysv4
+	else
+		echo ns32k-sni-sysv
+	fi
+	exit ;;
+    PENTIUM:*:4.0*:*)	# Unisys `ClearPath HMP IX 4000' SVR4/MP effort
+			# says 
+	echo i586-unisys-sysv4
+	exit ;;
+    *:UNIX_System_V:4*:FTX*)
+	# From Gerald Hewes .
+	# How about differentiating between stratus architectures? -djm
+	echo hppa1.1-stratus-sysv4
+	exit ;;
+    *:*:*:FTX*)
+	# From seanf@swdc.stratus.com.
+	echo i860-stratus-sysv4
+	exit ;;
+    i*86:VOS:*:*)
+	# From Paul.Green@stratus.com.
+	echo ${UNAME_MACHINE}-stratus-vos
+	exit ;;
+    *:VOS:*:*)
+	# From Paul.Green@stratus.com.
+	echo hppa1.1-stratus-vos
+	exit ;;
+    mc68*:A/UX:*:*)
+	echo m68k-apple-aux${UNAME_RELEASE}
+	exit ;;
+    news*:NEWS-OS:6*:*)
+	echo mips-sony-newsos6
+	exit ;;
+    R[34]000:*System_V*:*:* | R4000:UNIX_SYSV:*:* | R*000:UNIX_SV:*:*)
+	if [ -d /usr/nec ]; then
+		echo mips-nec-sysv${UNAME_RELEASE}
+	else
+		echo mips-unknown-sysv${UNAME_RELEASE}
+	fi
+	exit ;;
+    BeBox:BeOS:*:*)	# BeOS running on hardware made by Be, PPC only.
+	echo powerpc-be-beos
+	exit ;;
+    BeMac:BeOS:*:*)	# BeOS running on Mac or Mac clone, PPC only.
+	echo powerpc-apple-beos
+	exit ;;
+    BePC:BeOS:*:*)	# BeOS running on Intel PC compatible.
+	echo i586-pc-beos
+	exit ;;
+    BePC:Haiku:*:*)	# Haiku running on Intel PC compatible.
+	echo i586-pc-haiku
+	exit ;;
+    x86_64:Haiku:*:*)
+	echo x86_64-unknown-haiku
+	exit ;;
+    SX-4:SUPER-UX:*:*)
+	echo sx4-nec-superux${UNAME_RELEASE}
+	exit ;;
+    SX-5:SUPER-UX:*:*)
+	echo sx5-nec-superux${UNAME_RELEASE}
+	exit ;;
+    SX-6:SUPER-UX:*:*)
+	echo sx6-nec-superux${UNAME_RELEASE}
+	exit ;;
+    SX-7:SUPER-UX:*:*)
+	echo sx7-nec-superux${UNAME_RELEASE}
+	exit ;;
+    SX-8:SUPER-UX:*:*)
+	echo sx8-nec-superux${UNAME_RELEASE}
+	exit ;;
+    SX-8R:SUPER-UX:*:*)
+	echo sx8r-nec-superux${UNAME_RELEASE}
+	exit ;;
+    Power*:Rhapsody:*:*)
+	echo powerpc-apple-rhapsody${UNAME_RELEASE}
+	exit ;;
+    *:Rhapsody:*:*)
+	echo ${UNAME_MACHINE}-apple-rhapsody${UNAME_RELEASE}
+	exit ;;
+    *:Darwin:*:*)
+	UNAME_PROCESSOR=`uname -p` || UNAME_PROCESSOR=unknown
+	eval $set_cc_for_build
+	if test "$UNAME_PROCESSOR" = unknown ; then
+	    UNAME_PROCESSOR=powerpc
+	fi
+	if test `echo "$UNAME_RELEASE" | sed -e 's/\..*//'` -le 10 ; then
+	    if [ "$CC_FOR_BUILD" != 'no_compiler_found' ]; then
+		if (echo '#ifdef __LP64__'; echo IS_64BIT_ARCH; echo '#endif') | \
+		    (CCOPTS= $CC_FOR_BUILD -E - 2>/dev/null) | \
+		    grep IS_64BIT_ARCH >/dev/null
+		then
+		    case $UNAME_PROCESSOR in
+			i386) UNAME_PROCESSOR=x86_64 ;;
+			powerpc) UNAME_PROCESSOR=powerpc64 ;;
+		    esac
+		fi
+	    fi
+	elif test "$UNAME_PROCESSOR" = i386 ; then
+	    # Avoid executing cc on OS X 10.9, as it ships with a stub
+	    # that puts up a graphical alert prompting to install
+	    # developer tools.  Any system running Mac OS X 10.7 or
+	    # later (Darwin 11 and later) is required to have a 64-bit
+	    # processor. This is not true of the ARM version of Darwin
+	    # that Apple uses in portable devices.
+	    UNAME_PROCESSOR=x86_64
+	fi
+	echo ${UNAME_PROCESSOR}-apple-darwin${UNAME_RELEASE}
+	exit ;;
+    *:procnto*:*:* | *:QNX:[0123456789]*:*)
+	UNAME_PROCESSOR=`uname -p`
+	if test "$UNAME_PROCESSOR" = "x86"; then
+		UNAME_PROCESSOR=i386
+		UNAME_MACHINE=pc
+	fi
+	echo ${UNAME_PROCESSOR}-${UNAME_MACHINE}-nto-qnx${UNAME_RELEASE}
+	exit ;;
+    *:QNX:*:4*)
+	echo i386-pc-qnx
+	exit ;;
+    NEO-?:NONSTOP_KERNEL:*:*)
+	echo neo-tandem-nsk${UNAME_RELEASE}
+	exit ;;
+    NSE-*:NONSTOP_KERNEL:*:*)
+	echo nse-tandem-nsk${UNAME_RELEASE}
+	exit ;;
+    NSR-?:NONSTOP_KERNEL:*:*)
+	echo nsr-tandem-nsk${UNAME_RELEASE}
+	exit ;;
+    *:NonStop-UX:*:*)
+	echo mips-compaq-nonstopux
+	exit ;;
+    BS2000:POSIX*:*:*)
+	echo bs2000-siemens-sysv
+	exit ;;
+    DS/*:UNIX_System_V:*:*)
+	echo ${UNAME_MACHINE}-${UNAME_SYSTEM}-${UNAME_RELEASE}
+	exit ;;
+    *:Plan9:*:*)
+	# "uname -m" is not consistent, so use $cputype instead. 386
+	# is converted to i386 for consistency with other x86
+	# operating systems.
+	if test "$cputype" = "386"; then
+	    UNAME_MACHINE=i386
+	else
+	    UNAME_MACHINE="$cputype"
+	fi
+	echo ${UNAME_MACHINE}-unknown-plan9
+	exit ;;
+    *:TOPS-10:*:*)
+	echo pdp10-unknown-tops10
+	exit ;;
+    *:TENEX:*:*)
+	echo pdp10-unknown-tenex
+	exit ;;
+    KS10:TOPS-20:*:* | KL10:TOPS-20:*:* | TYPE4:TOPS-20:*:*)
+	echo pdp10-dec-tops20
+	exit ;;
+    XKL-1:TOPS-20:*:* | TYPE5:TOPS-20:*:*)
+	echo pdp10-xkl-tops20
+	exit ;;
+    *:TOPS-20:*:*)
+	echo pdp10-unknown-tops20
+	exit ;;
+    *:ITS:*:*)
+	echo pdp10-unknown-its
+	exit ;;
+    SEI:*:*:SEIUX)
+	echo mips-sei-seiux${UNAME_RELEASE}
+	exit ;;
+    *:DragonFly:*:*)
+	echo ${UNAME_MACHINE}-unknown-dragonfly`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'`
+	exit ;;
+    *:*VMS:*:*)
+	UNAME_MACHINE=`(uname -p) 2>/dev/null`
+	case "${UNAME_MACHINE}" in
+	    A*) echo alpha-dec-vms ; exit ;;
+	    I*) echo ia64-dec-vms ; exit ;;
+	    V*) echo vax-dec-vms ; exit ;;
+	esac ;;
+    *:XENIX:*:SysV)
+	echo i386-pc-xenix
+	exit ;;
+    i*86:skyos:*:*)
+	echo ${UNAME_MACHINE}-pc-skyos`echo ${UNAME_RELEASE}` | sed -e 's/ .*$//'
+	exit ;;
+    i*86:rdos:*:*)
+	echo ${UNAME_MACHINE}-pc-rdos
+	exit ;;
+    i*86:AROS:*:*)
+	echo ${UNAME_MACHINE}-pc-aros
+	exit ;;
+    x86_64:VMkernel:*:*)
+	echo ${UNAME_MACHINE}-unknown-esx
+	exit ;;
+esac
+
+eval $set_cc_for_build
+cat >$dummy.c <
+# include 
+#endif
+main ()
+{
+#if defined (sony)
+#if defined (MIPSEB)
+  /* BFD wants "bsd" instead of "newsos".  Perhaps BFD should be changed,
+     I don't know....  */
+  printf ("mips-sony-bsd\n"); exit (0);
+#else
+#include 
+  printf ("m68k-sony-newsos%s\n",
+#ifdef NEWSOS4
+	"4"
+#else
+	""
+#endif
+	); exit (0);
+#endif
+#endif
+
+#if defined (__arm) && defined (__acorn) && defined (__unix)
+  printf ("arm-acorn-riscix\n"); exit (0);
+#endif
+
+#if defined (hp300) && !defined (hpux)
+  printf ("m68k-hp-bsd\n"); exit (0);
+#endif
+
+#if defined (NeXT)
+#if !defined (__ARCHITECTURE__)
+#define __ARCHITECTURE__ "m68k"
+#endif
+  int version;
+  version=`(hostinfo | sed -n 's/.*NeXT Mach \([0-9]*\).*/\1/p') 2>/dev/null`;
+  if (version < 4)
+    printf ("%s-next-nextstep%d\n", __ARCHITECTURE__, version);
+  else
+    printf ("%s-next-openstep%d\n", __ARCHITECTURE__, version);
+  exit (0);
+#endif
+
+#if defined (MULTIMAX) || defined (n16)
+#if defined (UMAXV)
+  printf ("ns32k-encore-sysv\n"); exit (0);
+#else
+#if defined (CMU)
+  printf ("ns32k-encore-mach\n"); exit (0);
+#else
+  printf ("ns32k-encore-bsd\n"); exit (0);
+#endif
+#endif
+#endif
+
+#if defined (__386BSD__)
+  printf ("i386-pc-bsd\n"); exit (0);
+#endif
+
+#if defined (sequent)
+#if defined (i386)
+  printf ("i386-sequent-dynix\n"); exit (0);
+#endif
+#if defined (ns32000)
+  printf ("ns32k-sequent-dynix\n"); exit (0);
+#endif
+#endif
+
+#if defined (_SEQUENT_)
+    struct utsname un;
+
+    uname(&un);
+
+    if (strncmp(un.version, "V2", 2) == 0) {
+	printf ("i386-sequent-ptx2\n"); exit (0);
+    }
+    if (strncmp(un.version, "V1", 2) == 0) { /* XXX is V1 correct? */
+	printf ("i386-sequent-ptx1\n"); exit (0);
+    }
+    printf ("i386-sequent-ptx\n"); exit (0);
+
+#endif
+
+#if defined (vax)
+# if !defined (ultrix)
+#  include 
+#  if defined (BSD)
+#   if BSD == 43
+      printf ("vax-dec-bsd4.3\n"); exit (0);
+#   else
+#    if BSD == 199006
+      printf ("vax-dec-bsd4.3reno\n"); exit (0);
+#    else
+      printf ("vax-dec-bsd\n"); exit (0);
+#    endif
+#   endif
+#  else
+    printf ("vax-dec-bsd\n"); exit (0);
+#  endif
+# else
+    printf ("vax-dec-ultrix\n"); exit (0);
+# endif
+#endif
+
+#if defined (alliant) && defined (i860)
+  printf ("i860-alliant-bsd\n"); exit (0);
+#endif
+
+  exit (1);
+}
+EOF
+
+$CC_FOR_BUILD -o $dummy $dummy.c 2>/dev/null && SYSTEM_NAME=`$dummy` &&
+	{ echo "$SYSTEM_NAME"; exit; }
+
+# Apollos put the system type in the environment.
+
+test -d /usr/apollo && { echo ${ISP}-apollo-${SYSTYPE}; exit; }
+
+# Convex versions that predate uname can use getsysinfo(1)
+
+if [ -x /usr/convex/getsysinfo ]
+then
+    case `getsysinfo -f cpu_type` in
+    c1*)
+	echo c1-convex-bsd
+	exit ;;
+    c2*)
+	if getsysinfo -f scalar_acc
+	then echo c32-convex-bsd
+	else echo c2-convex-bsd
+	fi
+	exit ;;
+    c34*)
+	echo c34-convex-bsd
+	exit ;;
+    c38*)
+	echo c38-convex-bsd
+	exit ;;
+    c4*)
+	echo c4-convex-bsd
+	exit ;;
+    esac
+fi
+
+cat >&2 < in order to provide the needed
+information to handle your system.
+
+config.guess timestamp = $timestamp
+
+uname -m = `(uname -m) 2>/dev/null || echo unknown`
+uname -r = `(uname -r) 2>/dev/null || echo unknown`
+uname -s = `(uname -s) 2>/dev/null || echo unknown`
+uname -v = `(uname -v) 2>/dev/null || echo unknown`
+
+/usr/bin/uname -p = `(/usr/bin/uname -p) 2>/dev/null`
+/bin/uname -X     = `(/bin/uname -X) 2>/dev/null`
+
+hostinfo               = `(hostinfo) 2>/dev/null`
+/bin/universe          = `(/bin/universe) 2>/dev/null`
+/usr/bin/arch -k       = `(/usr/bin/arch -k) 2>/dev/null`
+/bin/arch              = `(/bin/arch) 2>/dev/null`
+/usr/bin/oslevel       = `(/usr/bin/oslevel) 2>/dev/null`
+/usr/convex/getsysinfo = `(/usr/convex/getsysinfo) 2>/dev/null`
+
+UNAME_MACHINE = ${UNAME_MACHINE}
+UNAME_RELEASE = ${UNAME_RELEASE}
+UNAME_SYSTEM  = ${UNAME_SYSTEM}
+UNAME_VERSION = ${UNAME_VERSION}
+EOF
+
+exit 1
+
+# Local variables:
+# eval: (add-hook 'write-file-hooks 'time-stamp)
+# time-stamp-start: "timestamp='"
+# time-stamp-format: "%:y-%02m-%02d"
+# time-stamp-end: "'"
+# End:
diff --git a/3P/wolfssl/build-aux/config.sub b/3P/wolfssl/build-aux/config.sub
new file mode 100755
index 00000000..61cb4bc2
--- /dev/null
+++ b/3P/wolfssl/build-aux/config.sub
@@ -0,0 +1,1793 @@
+#! /bin/sh
+# Configuration validation subroutine script.
+#   Copyright 1992-2013 Free Software Foundation, Inc.
+
+timestamp='2013-10-01'
+
+# This file is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, see .
+#
+# As a special exception to the GNU General Public License, if you
+# distribute this file as part of a program that contains a
+# configuration script generated by Autoconf, you may include it under
+# the same distribution terms that you use for the rest of that
+# program.  This Exception is an additional permission under section 7
+# of the GNU General Public License, version 3 ("GPLv3").
+
+
+# Please send patches with a ChangeLog entry to config-patches@gnu.org.
+#
+# Configuration subroutine to validate and canonicalize a configuration type.
+# Supply the specified configuration type as an argument.
+# If it is invalid, we print an error message on stderr and exit with code 1.
+# Otherwise, we print the canonical config type on stdout and succeed.
+
+# You can get the latest version of this script from:
+# http://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.sub;hb=HEAD
+
+# This file is supposed to be the same for all GNU packages
+# and recognize all the CPU types, system types and aliases
+# that are meaningful with *any* GNU software.
+# Each package is responsible for reporting which valid configurations
+# it does not support.  The user should be able to distinguish
+# a failure to support a valid configuration from a meaningless
+# configuration.
+
+# The goal of this file is to map all the various variations of a given
+# machine specification into a single specification in the form:
+#	CPU_TYPE-MANUFACTURER-OPERATING_SYSTEM
+# or in some cases, the newer four-part form:
+#	CPU_TYPE-MANUFACTURER-KERNEL-OPERATING_SYSTEM
+# It is wrong to echo any other type of specification.
+
+me=`echo "$0" | sed -e 's,.*/,,'`
+
+usage="\
+Usage: $0 [OPTION] CPU-MFR-OPSYS
+       $0 [OPTION] ALIAS
+
+Canonicalize a configuration name.
+
+Operation modes:
+  -h, --help         print this help, then exit
+  -t, --time-stamp   print date of last modification, then exit
+  -v, --version      print version number, then exit
+
+Report bugs and patches to ."
+
+version="\
+GNU config.sub ($timestamp)
+
+Copyright 1992-2013 Free Software Foundation, Inc.
+
+This is free software; see the source for copying conditions.  There is NO
+warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE."
+
+help="
+Try \`$me --help' for more information."
+
+# Parse command line
+while test $# -gt 0 ; do
+  case $1 in
+    --time-stamp | --time* | -t )
+       echo "$timestamp" ; exit ;;
+    --version | -v )
+       echo "$version" ; exit ;;
+    --help | --h* | -h )
+       echo "$usage"; exit ;;
+    -- )     # Stop option processing
+       shift; break ;;
+    - )	# Use stdin as input.
+       break ;;
+    -* )
+       echo "$me: invalid option $1$help"
+       exit 1 ;;
+
+    *local*)
+       # First pass through any local machine types.
+       echo $1
+       exit ;;
+
+    * )
+       break ;;
+  esac
+done
+
+case $# in
+ 0) echo "$me: missing argument$help" >&2
+    exit 1;;
+ 1) ;;
+ *) echo "$me: too many arguments$help" >&2
+    exit 1;;
+esac
+
+# Separate what the user gave into CPU-COMPANY and OS or KERNEL-OS (if any).
+# Here we must recognize all the valid KERNEL-OS combinations.
+maybe_os=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\2/'`
+case $maybe_os in
+  nto-qnx* | linux-gnu* | linux-android* | linux-dietlibc | linux-newlib* | \
+  linux-musl* | linux-uclibc* | uclinux-uclibc* | uclinux-gnu* | kfreebsd*-gnu* | \
+  knetbsd*-gnu* | netbsd*-gnu* | \
+  kopensolaris*-gnu* | \
+  storm-chaos* | os2-emx* | rtmk-nova*)
+    os=-$maybe_os
+    basic_machine=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\1/'`
+    ;;
+  android-linux)
+    os=-linux-android
+    basic_machine=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\1/'`-unknown
+    ;;
+  *)
+    basic_machine=`echo $1 | sed 's/-[^-]*$//'`
+    if [ $basic_machine != $1 ]
+    then os=`echo $1 | sed 's/.*-/-/'`
+    else os=; fi
+    ;;
+esac
+
+### Let's recognize common machines as not being operating systems so
+### that things like config.sub decstation-3100 work.  We also
+### recognize some manufacturers as not being operating systems, so we
+### can provide default operating systems below.
+case $os in
+	-sun*os*)
+		# Prevent following clause from handling this invalid input.
+		;;
+	-dec* | -mips* | -sequent* | -encore* | -pc532* | -sgi* | -sony* | \
+	-att* | -7300* | -3300* | -delta* | -motorola* | -sun[234]* | \
+	-unicom* | -ibm* | -next | -hp | -isi* | -apollo | -altos* | \
+	-convergent* | -ncr* | -news | -32* | -3600* | -3100* | -hitachi* |\
+	-c[123]* | -convex* | -sun | -crds | -omron* | -dg | -ultra | -tti* | \
+	-harris | -dolphin | -highlevel | -gould | -cbm | -ns | -masscomp | \
+	-apple | -axis | -knuth | -cray | -microblaze*)
+		os=
+		basic_machine=$1
+		;;
+	-bluegene*)
+		os=-cnk
+		;;
+	-sim | -cisco | -oki | -wec | -winbond)
+		os=
+		basic_machine=$1
+		;;
+	-scout)
+		;;
+	-wrs)
+		os=-vxworks
+		basic_machine=$1
+		;;
+	-chorusos*)
+		os=-chorusos
+		basic_machine=$1
+		;;
+	-chorusrdb)
+		os=-chorusrdb
+		basic_machine=$1
+		;;
+	-hiux*)
+		os=-hiuxwe2
+		;;
+	-sco6)
+		os=-sco5v6
+		basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
+		;;
+	-sco5)
+		os=-sco3.2v5
+		basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
+		;;
+	-sco4)
+		os=-sco3.2v4
+		basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
+		;;
+	-sco3.2.[4-9]*)
+		os=`echo $os | sed -e 's/sco3.2./sco3.2v/'`
+		basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
+		;;
+	-sco3.2v[4-9]*)
+		# Don't forget version if it is 3.2v4 or newer.
+		basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
+		;;
+	-sco5v6*)
+		# Don't forget version if it is 3.2v4 or newer.
+		basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
+		;;
+	-sco*)
+		os=-sco3.2v2
+		basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
+		;;
+	-udk*)
+		basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
+		;;
+	-isc)
+		os=-isc2.2
+		basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
+		;;
+	-clix*)
+		basic_machine=clipper-intergraph
+		;;
+	-isc*)
+		basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
+		;;
+	-lynx*178)
+		os=-lynxos178
+		;;
+	-lynx*5)
+		os=-lynxos5
+		;;
+	-lynx*)
+		os=-lynxos
+		;;
+	-ptx*)
+		basic_machine=`echo $1 | sed -e 's/86-.*/86-sequent/'`
+		;;
+	-windowsnt*)
+		os=`echo $os | sed -e 's/windowsnt/winnt/'`
+		;;
+	-psos*)
+		os=-psos
+		;;
+	-mint | -mint[0-9]*)
+		basic_machine=m68k-atari
+		os=-mint
+		;;
+esac
+
+# Decode aliases for certain CPU-COMPANY combinations.
+case $basic_machine in
+	# Recognize the basic CPU types without company name.
+	# Some are omitted here because they have special meanings below.
+	1750a | 580 \
+	| a29k \
+	| aarch64 | aarch64_be \
+	| alpha | alphaev[4-8] | alphaev56 | alphaev6[78] | alphapca5[67] \
+	| alpha64 | alpha64ev[4-8] | alpha64ev56 | alpha64ev6[78] | alpha64pca5[67] \
+	| am33_2.0 \
+	| arc | arceb \
+	| arm | arm[bl]e | arme[lb] | armv[2-8] | armv[3-8][lb] | armv7[arm] \
+	| avr | avr32 \
+	| be32 | be64 \
+	| bfin \
+	| c4x | c8051 | clipper \
+	| d10v | d30v | dlx | dsp16xx \
+	| epiphany \
+	| fido | fr30 | frv \
+	| h8300 | h8500 | hppa | hppa1.[01] | hppa2.0 | hppa2.0[nw] | hppa64 \
+	| hexagon \
+	| i370 | i860 | i960 | ia64 \
+	| ip2k | iq2000 \
+	| k1om \
+	| le32 | le64 \
+	| lm32 \
+	| m32c | m32r | m32rle | m68000 | m68k | m88k \
+	| maxq | mb | microblaze | microblazeel | mcore | mep | metag \
+	| mips | mipsbe | mipseb | mipsel | mipsle \
+	| mips16 \
+	| mips64 | mips64el \
+	| mips64octeon | mips64octeonel \
+	| mips64orion | mips64orionel \
+	| mips64r5900 | mips64r5900el \
+	| mips64vr | mips64vrel \
+	| mips64vr4100 | mips64vr4100el \
+	| mips64vr4300 | mips64vr4300el \
+	| mips64vr5000 | mips64vr5000el \
+	| mips64vr5900 | mips64vr5900el \
+	| mipsisa32 | mipsisa32el \
+	| mipsisa32r2 | mipsisa32r2el \
+	| mipsisa64 | mipsisa64el \
+	| mipsisa64r2 | mipsisa64r2el \
+	| mipsisa64sb1 | mipsisa64sb1el \
+	| mipsisa64sr71k | mipsisa64sr71kel \
+	| mipsr5900 | mipsr5900el \
+	| mipstx39 | mipstx39el \
+	| mn10200 | mn10300 \
+	| moxie \
+	| mt \
+	| msp430 \
+	| nds32 | nds32le | nds32be \
+	| nios | nios2 | nios2eb | nios2el \
+	| ns16k | ns32k \
+	| open8 \
+	| or1k | or32 \
+	| pdp10 | pdp11 | pj | pjl \
+	| powerpc | powerpc64 | powerpc64le | powerpcle \
+	| pyramid \
+	| rl78 | rx \
+	| score \
+	| sh | sh[1234] | sh[24]a | sh[24]aeb | sh[23]e | sh[34]eb | sheb | shbe | shle | sh[1234]le | sh3ele \
+	| sh64 | sh64le \
+	| sparc | sparc64 | sparc64b | sparc64v | sparc86x | sparclet | sparclite \
+	| sparcv8 | sparcv9 | sparcv9b | sparcv9v \
+	| spu \
+	| tahoe | tic4x | tic54x | tic55x | tic6x | tic80 | tron \
+	| ubicom32 \
+	| v850 | v850e | v850e1 | v850e2 | v850es | v850e2v3 \
+	| we32k \
+	| x86 | xc16x | xstormy16 | xtensa \
+	| z8k | z80)
+		basic_machine=$basic_machine-unknown
+		;;
+	c54x)
+		basic_machine=tic54x-unknown
+		;;
+	c55x)
+		basic_machine=tic55x-unknown
+		;;
+	c6x)
+		basic_machine=tic6x-unknown
+		;;
+	m6811 | m68hc11 | m6812 | m68hc12 | m68hcs12x | nvptx | picochip)
+		basic_machine=$basic_machine-unknown
+		os=-none
+		;;
+	m88110 | m680[12346]0 | m683?2 | m68360 | m5200 | v70 | w65 | z8k)
+		;;
+	ms1)
+		basic_machine=mt-unknown
+		;;
+
+	strongarm | thumb | xscale)
+		basic_machine=arm-unknown
+		;;
+	xgate)
+		basic_machine=$basic_machine-unknown
+		os=-none
+		;;
+	xscaleeb)
+		basic_machine=armeb-unknown
+		;;
+
+	xscaleel)
+		basic_machine=armel-unknown
+		;;
+
+	# We use `pc' rather than `unknown'
+	# because (1) that's what they normally are, and
+	# (2) the word "unknown" tends to confuse beginning users.
+	i*86 | x86_64)
+	  basic_machine=$basic_machine-pc
+	  ;;
+	# Object if more than one company name word.
+	*-*-*)
+		echo Invalid configuration \`$1\': machine \`$basic_machine\' not recognized 1>&2
+		exit 1
+		;;
+	# Recognize the basic CPU types with company name.
+	580-* \
+	| a29k-* \
+	| aarch64-* | aarch64_be-* \
+	| alpha-* | alphaev[4-8]-* | alphaev56-* | alphaev6[78]-* \
+	| alpha64-* | alpha64ev[4-8]-* | alpha64ev56-* | alpha64ev6[78]-* \
+	| alphapca5[67]-* | alpha64pca5[67]-* | arc-* | arceb-* \
+	| arm-*  | armbe-* | armle-* | armeb-* | armv*-* \
+	| avr-* | avr32-* \
+	| be32-* | be64-* \
+	| bfin-* | bs2000-* \
+	| c[123]* | c30-* | [cjt]90-* | c4x-* \
+	| c8051-* | clipper-* | craynv-* | cydra-* \
+	| d10v-* | d30v-* | dlx-* \
+	| elxsi-* \
+	| f30[01]-* | f700-* | fido-* | fr30-* | frv-* | fx80-* \
+	| h8300-* | h8500-* \
+	| hppa-* | hppa1.[01]-* | hppa2.0-* | hppa2.0[nw]-* | hppa64-* \
+	| hexagon-* \
+	| i*86-* | i860-* | i960-* | ia64-* \
+	| ip2k-* | iq2000-* \
+	| k1om-* \
+	| le32-* | le64-* \
+	| lm32-* \
+	| m32c-* | m32r-* | m32rle-* \
+	| m68000-* | m680[012346]0-* | m68360-* | m683?2-* | m68k-* \
+	| m88110-* | m88k-* | maxq-* | mcore-* | metag-* \
+	| microblaze-* | microblazeel-* \
+	| mips-* | mipsbe-* | mipseb-* | mipsel-* | mipsle-* \
+	| mips16-* \
+	| mips64-* | mips64el-* \
+	| mips64octeon-* | mips64octeonel-* \
+	| mips64orion-* | mips64orionel-* \
+	| mips64r5900-* | mips64r5900el-* \
+	| mips64vr-* | mips64vrel-* \
+	| mips64vr4100-* | mips64vr4100el-* \
+	| mips64vr4300-* | mips64vr4300el-* \
+	| mips64vr5000-* | mips64vr5000el-* \
+	| mips64vr5900-* | mips64vr5900el-* \
+	| mipsisa32-* | mipsisa32el-* \
+	| mipsisa32r2-* | mipsisa32r2el-* \
+	| mipsisa64-* | mipsisa64el-* \
+	| mipsisa64r2-* | mipsisa64r2el-* \
+	| mipsisa64sb1-* | mipsisa64sb1el-* \
+	| mipsisa64sr71k-* | mipsisa64sr71kel-* \
+	| mipsr5900-* | mipsr5900el-* \
+	| mipstx39-* | mipstx39el-* \
+	| mmix-* \
+	| mt-* \
+	| msp430-* \
+	| nds32-* | nds32le-* | nds32be-* \
+	| nios-* | nios2-* | nios2eb-* | nios2el-* \
+	| none-* | np1-* | ns16k-* | ns32k-* \
+	| open8-* \
+	| orion-* \
+	| pdp10-* | pdp11-* | pj-* | pjl-* | pn-* | power-* \
+	| powerpc-* | powerpc64-* | powerpc64le-* | powerpcle-* \
+	| pyramid-* \
+	| rl78-* | romp-* | rs6000-* | rx-* \
+	| sh-* | sh[1234]-* | sh[24]a-* | sh[24]aeb-* | sh[23]e-* | sh[34]eb-* | sheb-* | shbe-* \
+	| shle-* | sh[1234]le-* | sh3ele-* | sh64-* | sh64le-* \
+	| sparc-* | sparc64-* | sparc64b-* | sparc64v-* | sparc86x-* | sparclet-* \
+	| sparclite-* \
+	| sparcv8-* | sparcv9-* | sparcv9b-* | sparcv9v-* | sv1-* | sx?-* \
+	| tahoe-* \
+	| tic30-* | tic4x-* | tic54x-* | tic55x-* | tic6x-* | tic80-* \
+	| tile*-* \
+	| tron-* \
+	| ubicom32-* \
+	| v850-* | v850e-* | v850e1-* | v850es-* | v850e2-* | v850e2v3-* \
+	| vax-* \
+	| we32k-* \
+	| x86-* | x86_64-* | xc16x-* | xps100-* \
+	| xstormy16-* | xtensa*-* \
+	| ymp-* \
+	| z8k-* | z80-*)
+		;;
+	# Recognize the basic CPU types without company name, with glob match.
+	xtensa*)
+		basic_machine=$basic_machine-unknown
+		;;
+	# Recognize the various machine names and aliases which stand
+	# for a CPU type and a company and sometimes even an OS.
+	386bsd)
+		basic_machine=i386-unknown
+		os=-bsd
+		;;
+	3b1 | 7300 | 7300-att | att-7300 | pc7300 | safari | unixpc)
+		basic_machine=m68000-att
+		;;
+	3b*)
+		basic_machine=we32k-att
+		;;
+	a29khif)
+		basic_machine=a29k-amd
+		os=-udi
+		;;
+	abacus)
+		basic_machine=abacus-unknown
+		;;
+	adobe68k)
+		basic_machine=m68010-adobe
+		os=-scout
+		;;
+	alliant | fx80)
+		basic_machine=fx80-alliant
+		;;
+	altos | altos3068)
+		basic_machine=m68k-altos
+		;;
+	am29k)
+		basic_machine=a29k-none
+		os=-bsd
+		;;
+	amd64)
+		basic_machine=x86_64-pc
+		;;
+	amd64-*)
+		basic_machine=x86_64-`echo $basic_machine | sed 's/^[^-]*-//'`
+		;;
+	amdahl)
+		basic_machine=580-amdahl
+		os=-sysv
+		;;
+	amiga | amiga-*)
+		basic_machine=m68k-unknown
+		;;
+	amigaos | amigados)
+		basic_machine=m68k-unknown
+		os=-amigaos
+		;;
+	amigaunix | amix)
+		basic_machine=m68k-unknown
+		os=-sysv4
+		;;
+	apollo68)
+		basic_machine=m68k-apollo
+		os=-sysv
+		;;
+	apollo68bsd)
+		basic_machine=m68k-apollo
+		os=-bsd
+		;;
+	aros)
+		basic_machine=i386-pc
+		os=-aros
+		;;
+	aux)
+		basic_machine=m68k-apple
+		os=-aux
+		;;
+	balance)
+		basic_machine=ns32k-sequent
+		os=-dynix
+		;;
+	blackfin)
+		basic_machine=bfin-unknown
+		os=-linux
+		;;
+	blackfin-*)
+		basic_machine=bfin-`echo $basic_machine | sed 's/^[^-]*-//'`
+		os=-linux
+		;;
+	bluegene*)
+		basic_machine=powerpc-ibm
+		os=-cnk
+		;;
+	c54x-*)
+		basic_machine=tic54x-`echo $basic_machine | sed 's/^[^-]*-//'`
+		;;
+	c55x-*)
+		basic_machine=tic55x-`echo $basic_machine | sed 's/^[^-]*-//'`
+		;;
+	c6x-*)
+		basic_machine=tic6x-`echo $basic_machine | sed 's/^[^-]*-//'`
+		;;
+	c90)
+		basic_machine=c90-cray
+		os=-unicos
+		;;
+	cegcc)
+		basic_machine=arm-unknown
+		os=-cegcc
+		;;
+	convex-c1)
+		basic_machine=c1-convex
+		os=-bsd
+		;;
+	convex-c2)
+		basic_machine=c2-convex
+		os=-bsd
+		;;
+	convex-c32)
+		basic_machine=c32-convex
+		os=-bsd
+		;;
+	convex-c34)
+		basic_machine=c34-convex
+		os=-bsd
+		;;
+	convex-c38)
+		basic_machine=c38-convex
+		os=-bsd
+		;;
+	cray | j90)
+		basic_machine=j90-cray
+		os=-unicos
+		;;
+	craynv)
+		basic_machine=craynv-cray
+		os=-unicosmp
+		;;
+	cr16 | cr16-*)
+		basic_machine=cr16-unknown
+		os=-elf
+		;;
+	crds | unos)
+		basic_machine=m68k-crds
+		;;
+	crisv32 | crisv32-* | etraxfs*)
+		basic_machine=crisv32-axis
+		;;
+	cris | cris-* | etrax*)
+		basic_machine=cris-axis
+		;;
+	crx)
+		basic_machine=crx-unknown
+		os=-elf
+		;;
+	da30 | da30-*)
+		basic_machine=m68k-da30
+		;;
+	decstation | decstation-3100 | pmax | pmax-* | pmin | dec3100 | decstatn)
+		basic_machine=mips-dec
+		;;
+	decsystem10* | dec10*)
+		basic_machine=pdp10-dec
+		os=-tops10
+		;;
+	decsystem20* | dec20*)
+		basic_machine=pdp10-dec
+		os=-tops20
+		;;
+	delta | 3300 | motorola-3300 | motorola-delta \
+	      | 3300-motorola | delta-motorola)
+		basic_machine=m68k-motorola
+		;;
+	delta88)
+		basic_machine=m88k-motorola
+		os=-sysv3
+		;;
+	dicos)
+		basic_machine=i686-pc
+		os=-dicos
+		;;
+	djgpp)
+		basic_machine=i586-pc
+		os=-msdosdjgpp
+		;;
+	dpx20 | dpx20-*)
+		basic_machine=rs6000-bull
+		os=-bosx
+		;;
+	dpx2* | dpx2*-bull)
+		basic_machine=m68k-bull
+		os=-sysv3
+		;;
+	ebmon29k)
+		basic_machine=a29k-amd
+		os=-ebmon
+		;;
+	elxsi)
+		basic_machine=elxsi-elxsi
+		os=-bsd
+		;;
+	encore | umax | mmax)
+		basic_machine=ns32k-encore
+		;;
+	es1800 | OSE68k | ose68k | ose | OSE)
+		basic_machine=m68k-ericsson
+		os=-ose
+		;;
+	fx2800)
+		basic_machine=i860-alliant
+		;;
+	genix)
+		basic_machine=ns32k-ns
+		;;
+	gmicro)
+		basic_machine=tron-gmicro
+		os=-sysv
+		;;
+	go32)
+		basic_machine=i386-pc
+		os=-go32
+		;;
+	h3050r* | hiux*)
+		basic_machine=hppa1.1-hitachi
+		os=-hiuxwe2
+		;;
+	h8300hms)
+		basic_machine=h8300-hitachi
+		os=-hms
+		;;
+	h8300xray)
+		basic_machine=h8300-hitachi
+		os=-xray
+		;;
+	h8500hms)
+		basic_machine=h8500-hitachi
+		os=-hms
+		;;
+	harris)
+		basic_machine=m88k-harris
+		os=-sysv3
+		;;
+	hp300-*)
+		basic_machine=m68k-hp
+		;;
+	hp300bsd)
+		basic_machine=m68k-hp
+		os=-bsd
+		;;
+	hp300hpux)
+		basic_machine=m68k-hp
+		os=-hpux
+		;;
+	hp3k9[0-9][0-9] | hp9[0-9][0-9])
+		basic_machine=hppa1.0-hp
+		;;
+	hp9k2[0-9][0-9] | hp9k31[0-9])
+		basic_machine=m68000-hp
+		;;
+	hp9k3[2-9][0-9])
+		basic_machine=m68k-hp
+		;;
+	hp9k6[0-9][0-9] | hp6[0-9][0-9])
+		basic_machine=hppa1.0-hp
+		;;
+	hp9k7[0-79][0-9] | hp7[0-79][0-9])
+		basic_machine=hppa1.1-hp
+		;;
+	hp9k78[0-9] | hp78[0-9])
+		# FIXME: really hppa2.0-hp
+		basic_machine=hppa1.1-hp
+		;;
+	hp9k8[67]1 | hp8[67]1 | hp9k80[24] | hp80[24] | hp9k8[78]9 | hp8[78]9 | hp9k893 | hp893)
+		# FIXME: really hppa2.0-hp
+		basic_machine=hppa1.1-hp
+		;;
+	hp9k8[0-9][13679] | hp8[0-9][13679])
+		basic_machine=hppa1.1-hp
+		;;
+	hp9k8[0-9][0-9] | hp8[0-9][0-9])
+		basic_machine=hppa1.0-hp
+		;;
+	hppa-next)
+		os=-nextstep3
+		;;
+	hppaosf)
+		basic_machine=hppa1.1-hp
+		os=-osf
+		;;
+	hppro)
+		basic_machine=hppa1.1-hp
+		os=-proelf
+		;;
+	i370-ibm* | ibm*)
+		basic_machine=i370-ibm
+		;;
+	i*86v32)
+		basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'`
+		os=-sysv32
+		;;
+	i*86v4*)
+		basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'`
+		os=-sysv4
+		;;
+	i*86v)
+		basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'`
+		os=-sysv
+		;;
+	i*86sol2)
+		basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'`
+		os=-solaris2
+		;;
+	i386mach)
+		basic_machine=i386-mach
+		os=-mach
+		;;
+	i386-vsta | vsta)
+		basic_machine=i386-unknown
+		os=-vsta
+		;;
+	iris | iris4d)
+		basic_machine=mips-sgi
+		case $os in
+		    -irix*)
+			;;
+		    *)
+			os=-irix4
+			;;
+		esac
+		;;
+	isi68 | isi)
+		basic_machine=m68k-isi
+		os=-sysv
+		;;
+	m68knommu)
+		basic_machine=m68k-unknown
+		os=-linux
+		;;
+	m68knommu-*)
+		basic_machine=m68k-`echo $basic_machine | sed 's/^[^-]*-//'`
+		os=-linux
+		;;
+	m88k-omron*)
+		basic_machine=m88k-omron
+		;;
+	magnum | m3230)
+		basic_machine=mips-mips
+		os=-sysv
+		;;
+	merlin)
+		basic_machine=ns32k-utek
+		os=-sysv
+		;;
+	microblaze*)
+		basic_machine=microblaze-xilinx
+		;;
+	mingw64)
+		basic_machine=x86_64-pc
+		os=-mingw64
+		;;
+	mingw32)
+		basic_machine=i686-pc
+		os=-mingw32
+		;;
+	mingw32ce)
+		basic_machine=arm-unknown
+		os=-mingw32ce
+		;;
+	miniframe)
+		basic_machine=m68000-convergent
+		;;
+	*mint | -mint[0-9]* | *MiNT | *MiNT[0-9]*)
+		basic_machine=m68k-atari
+		os=-mint
+		;;
+	mips3*-*)
+		basic_machine=`echo $basic_machine | sed -e 's/mips3/mips64/'`
+		;;
+	mips3*)
+		basic_machine=`echo $basic_machine | sed -e 's/mips3/mips64/'`-unknown
+		;;
+	monitor)
+		basic_machine=m68k-rom68k
+		os=-coff
+		;;
+	morphos)
+		basic_machine=powerpc-unknown
+		os=-morphos
+		;;
+	msdos)
+		basic_machine=i386-pc
+		os=-msdos
+		;;
+	ms1-*)
+		basic_machine=`echo $basic_machine | sed -e 's/ms1-/mt-/'`
+		;;
+	msys)
+		basic_machine=i686-pc
+		os=-msys
+		;;
+	mvs)
+		basic_machine=i370-ibm
+		os=-mvs
+		;;
+	nacl)
+		basic_machine=le32-unknown
+		os=-nacl
+		;;
+	ncr3000)
+		basic_machine=i486-ncr
+		os=-sysv4
+		;;
+	netbsd386)
+		basic_machine=i386-unknown
+		os=-netbsd
+		;;
+	netwinder)
+		basic_machine=armv4l-rebel
+		os=-linux
+		;;
+	news | news700 | news800 | news900)
+		basic_machine=m68k-sony
+		os=-newsos
+		;;
+	news1000)
+		basic_machine=m68030-sony
+		os=-newsos
+		;;
+	news-3600 | risc-news)
+		basic_machine=mips-sony
+		os=-newsos
+		;;
+	necv70)
+		basic_machine=v70-nec
+		os=-sysv
+		;;
+	next | m*-next )
+		basic_machine=m68k-next
+		case $os in
+		    -nextstep* )
+			;;
+		    -ns2*)
+		      os=-nextstep2
+			;;
+		    *)
+		      os=-nextstep3
+			;;
+		esac
+		;;
+	nh3000)
+		basic_machine=m68k-harris
+		os=-cxux
+		;;
+	nh[45]000)
+		basic_machine=m88k-harris
+		os=-cxux
+		;;
+	nindy960)
+		basic_machine=i960-intel
+		os=-nindy
+		;;
+	mon960)
+		basic_machine=i960-intel
+		os=-mon960
+		;;
+	nonstopux)
+		basic_machine=mips-compaq
+		os=-nonstopux
+		;;
+	np1)
+		basic_machine=np1-gould
+		;;
+	neo-tandem)
+		basic_machine=neo-tandem
+		;;
+	nse-tandem)
+		basic_machine=nse-tandem
+		;;
+	nsr-tandem)
+		basic_machine=nsr-tandem
+		;;
+	op50n-* | op60c-*)
+		basic_machine=hppa1.1-oki
+		os=-proelf
+		;;
+	openrisc | openrisc-*)
+		basic_machine=or32-unknown
+		;;
+	os400)
+		basic_machine=powerpc-ibm
+		os=-os400
+		;;
+	OSE68000 | ose68000)
+		basic_machine=m68000-ericsson
+		os=-ose
+		;;
+	os68k)
+		basic_machine=m68k-none
+		os=-os68k
+		;;
+	pa-hitachi)
+		basic_machine=hppa1.1-hitachi
+		os=-hiuxwe2
+		;;
+	paragon)
+		basic_machine=i860-intel
+		os=-osf
+		;;
+	parisc)
+		basic_machine=hppa-unknown
+		os=-linux
+		;;
+	parisc-*)
+		basic_machine=hppa-`echo $basic_machine | sed 's/^[^-]*-//'`
+		os=-linux
+		;;
+	pbd)
+		basic_machine=sparc-tti
+		;;
+	pbb)
+		basic_machine=m68k-tti
+		;;
+	pc532 | pc532-*)
+		basic_machine=ns32k-pc532
+		;;
+	pc98)
+		basic_machine=i386-pc
+		;;
+	pc98-*)
+		basic_machine=i386-`echo $basic_machine | sed 's/^[^-]*-//'`
+		;;
+	pentium | p5 | k5 | k6 | nexgen | viac3)
+		basic_machine=i586-pc
+		;;
+	pentiumpro | p6 | 6x86 | athlon | athlon_*)
+		basic_machine=i686-pc
+		;;
+	pentiumii | pentium2 | pentiumiii | pentium3)
+		basic_machine=i686-pc
+		;;
+	pentium4)
+		basic_machine=i786-pc
+		;;
+	pentium-* | p5-* | k5-* | k6-* | nexgen-* | viac3-*)
+		basic_machine=i586-`echo $basic_machine | sed 's/^[^-]*-//'`
+		;;
+	pentiumpro-* | p6-* | 6x86-* | athlon-*)
+		basic_machine=i686-`echo $basic_machine | sed 's/^[^-]*-//'`
+		;;
+	pentiumii-* | pentium2-* | pentiumiii-* | pentium3-*)
+		basic_machine=i686-`echo $basic_machine | sed 's/^[^-]*-//'`
+		;;
+	pentium4-*)
+		basic_machine=i786-`echo $basic_machine | sed 's/^[^-]*-//'`
+		;;
+	pn)
+		basic_machine=pn-gould
+		;;
+	power)	basic_machine=power-ibm
+		;;
+	ppc | ppcbe)	basic_machine=powerpc-unknown
+		;;
+	ppc-* | ppcbe-*)
+		basic_machine=powerpc-`echo $basic_machine | sed 's/^[^-]*-//'`
+		;;
+	ppcle | powerpclittle | ppc-le | powerpc-little)
+		basic_machine=powerpcle-unknown
+		;;
+	ppcle-* | powerpclittle-*)
+		basic_machine=powerpcle-`echo $basic_machine | sed 's/^[^-]*-//'`
+		;;
+	ppc64)	basic_machine=powerpc64-unknown
+		;;
+	ppc64-*) basic_machine=powerpc64-`echo $basic_machine | sed 's/^[^-]*-//'`
+		;;
+	ppc64le | powerpc64little | ppc64-le | powerpc64-little)
+		basic_machine=powerpc64le-unknown
+		;;
+	ppc64le-* | powerpc64little-*)
+		basic_machine=powerpc64le-`echo $basic_machine | sed 's/^[^-]*-//'`
+		;;
+	ps2)
+		basic_machine=i386-ibm
+		;;
+	pw32)
+		basic_machine=i586-unknown
+		os=-pw32
+		;;
+	rdos | rdos64)
+		basic_machine=x86_64-pc
+		os=-rdos
+		;;
+	rdos32)
+		basic_machine=i386-pc
+		os=-rdos
+		;;
+	rom68k)
+		basic_machine=m68k-rom68k
+		os=-coff
+		;;
+	rm[46]00)
+		basic_machine=mips-siemens
+		;;
+	rtpc | rtpc-*)
+		basic_machine=romp-ibm
+		;;
+	s390 | s390-*)
+		basic_machine=s390-ibm
+		;;
+	s390x | s390x-*)
+		basic_machine=s390x-ibm
+		;;
+	sa29200)
+		basic_machine=a29k-amd
+		os=-udi
+		;;
+	sb1)
+		basic_machine=mipsisa64sb1-unknown
+		;;
+	sb1el)
+		basic_machine=mipsisa64sb1el-unknown
+		;;
+	sde)
+		basic_machine=mipsisa32-sde
+		os=-elf
+		;;
+	sei)
+		basic_machine=mips-sei
+		os=-seiux
+		;;
+	sequent)
+		basic_machine=i386-sequent
+		;;
+	sh)
+		basic_machine=sh-hitachi
+		os=-hms
+		;;
+	sh5el)
+		basic_machine=sh5le-unknown
+		;;
+	sh64)
+		basic_machine=sh64-unknown
+		;;
+	sparclite-wrs | simso-wrs)
+		basic_machine=sparclite-wrs
+		os=-vxworks
+		;;
+	sps7)
+		basic_machine=m68k-bull
+		os=-sysv2
+		;;
+	spur)
+		basic_machine=spur-unknown
+		;;
+	st2000)
+		basic_machine=m68k-tandem
+		;;
+	stratus)
+		basic_machine=i860-stratus
+		os=-sysv4
+		;;
+	strongarm-* | thumb-*)
+		basic_machine=arm-`echo $basic_machine | sed 's/^[^-]*-//'`
+		;;
+	sun2)
+		basic_machine=m68000-sun
+		;;
+	sun2os3)
+		basic_machine=m68000-sun
+		os=-sunos3
+		;;
+	sun2os4)
+		basic_machine=m68000-sun
+		os=-sunos4
+		;;
+	sun3os3)
+		basic_machine=m68k-sun
+		os=-sunos3
+		;;
+	sun3os4)
+		basic_machine=m68k-sun
+		os=-sunos4
+		;;
+	sun4os3)
+		basic_machine=sparc-sun
+		os=-sunos3
+		;;
+	sun4os4)
+		basic_machine=sparc-sun
+		os=-sunos4
+		;;
+	sun4sol2)
+		basic_machine=sparc-sun
+		os=-solaris2
+		;;
+	sun3 | sun3-*)
+		basic_machine=m68k-sun
+		;;
+	sun4)
+		basic_machine=sparc-sun
+		;;
+	sun386 | sun386i | roadrunner)
+		basic_machine=i386-sun
+		;;
+	sv1)
+		basic_machine=sv1-cray
+		os=-unicos
+		;;
+	symmetry)
+		basic_machine=i386-sequent
+		os=-dynix
+		;;
+	t3e)
+		basic_machine=alphaev5-cray
+		os=-unicos
+		;;
+	t90)
+		basic_machine=t90-cray
+		os=-unicos
+		;;
+	tile*)
+		basic_machine=$basic_machine-unknown
+		os=-linux-gnu
+		;;
+	tx39)
+		basic_machine=mipstx39-unknown
+		;;
+	tx39el)
+		basic_machine=mipstx39el-unknown
+		;;
+	toad1)
+		basic_machine=pdp10-xkl
+		os=-tops20
+		;;
+	tower | tower-32)
+		basic_machine=m68k-ncr
+		;;
+	tpf)
+		basic_machine=s390x-ibm
+		os=-tpf
+		;;
+	udi29k)
+		basic_machine=a29k-amd
+		os=-udi
+		;;
+	ultra3)
+		basic_machine=a29k-nyu
+		os=-sym1
+		;;
+	v810 | necv810)
+		basic_machine=v810-nec
+		os=-none
+		;;
+	vaxv)
+		basic_machine=vax-dec
+		os=-sysv
+		;;
+	vms)
+		basic_machine=vax-dec
+		os=-vms
+		;;
+	vpp*|vx|vx-*)
+		basic_machine=f301-fujitsu
+		;;
+	vxworks960)
+		basic_machine=i960-wrs
+		os=-vxworks
+		;;
+	vxworks68)
+		basic_machine=m68k-wrs
+		os=-vxworks
+		;;
+	vxworks29k)
+		basic_machine=a29k-wrs
+		os=-vxworks
+		;;
+	w65*)
+		basic_machine=w65-wdc
+		os=-none
+		;;
+	w89k-*)
+		basic_machine=hppa1.1-winbond
+		os=-proelf
+		;;
+	xbox)
+		basic_machine=i686-pc
+		os=-mingw32
+		;;
+	xps | xps100)
+		basic_machine=xps100-honeywell
+		;;
+	xscale-* | xscalee[bl]-*)
+		basic_machine=`echo $basic_machine | sed 's/^xscale/arm/'`
+		;;
+	ymp)
+		basic_machine=ymp-cray
+		os=-unicos
+		;;
+	z8k-*-coff)
+		basic_machine=z8k-unknown
+		os=-sim
+		;;
+	z80-*-coff)
+		basic_machine=z80-unknown
+		os=-sim
+		;;
+	none)
+		basic_machine=none-none
+		os=-none
+		;;
+
+# Here we handle the default manufacturer of certain CPU types.  It is in
+# some cases the only manufacturer, in others, it is the most popular.
+	w89k)
+		basic_machine=hppa1.1-winbond
+		;;
+	op50n)
+		basic_machine=hppa1.1-oki
+		;;
+	op60c)
+		basic_machine=hppa1.1-oki
+		;;
+	romp)
+		basic_machine=romp-ibm
+		;;
+	mmix)
+		basic_machine=mmix-knuth
+		;;
+	rs6000)
+		basic_machine=rs6000-ibm
+		;;
+	vax)
+		basic_machine=vax-dec
+		;;
+	pdp10)
+		# there are many clones, so DEC is not a safe bet
+		basic_machine=pdp10-unknown
+		;;
+	pdp11)
+		basic_machine=pdp11-dec
+		;;
+	we32k)
+		basic_machine=we32k-att
+		;;
+	sh[1234] | sh[24]a | sh[24]aeb | sh[34]eb | sh[1234]le | sh[23]ele)
+		basic_machine=sh-unknown
+		;;
+	sparc | sparcv8 | sparcv9 | sparcv9b | sparcv9v)
+		basic_machine=sparc-sun
+		;;
+	cydra)
+		basic_machine=cydra-cydrome
+		;;
+	orion)
+		basic_machine=orion-highlevel
+		;;
+	orion105)
+		basic_machine=clipper-highlevel
+		;;
+	mac | mpw | mac-mpw)
+		basic_machine=m68k-apple
+		;;
+	pmac | pmac-mpw)
+		basic_machine=powerpc-apple
+		;;
+	*-unknown)
+		# Make sure to match an already-canonicalized machine name.
+		;;
+	*)
+		echo Invalid configuration \`$1\': machine \`$basic_machine\' not recognized 1>&2
+		exit 1
+		;;
+esac
+
+# Here we canonicalize certain aliases for manufacturers.
+case $basic_machine in
+	*-digital*)
+		basic_machine=`echo $basic_machine | sed 's/digital.*/dec/'`
+		;;
+	*-commodore*)
+		basic_machine=`echo $basic_machine | sed 's/commodore.*/cbm/'`
+		;;
+	*)
+		;;
+esac
+
+# Decode manufacturer-specific aliases for certain operating systems.
+
+if [ x"$os" != x"" ]
+then
+case $os in
+	# First match some system type aliases
+	# that might get confused with valid system types.
+	# -solaris* is a basic system type, with this one exception.
+	-auroraux)
+		os=-auroraux
+		;;
+	-solaris1 | -solaris1.*)
+		os=`echo $os | sed -e 's|solaris1|sunos4|'`
+		;;
+	-solaris)
+		os=-solaris2
+		;;
+	-svr4*)
+		os=-sysv4
+		;;
+	-unixware*)
+		os=-sysv4.2uw
+		;;
+	-gnu/linux*)
+		os=`echo $os | sed -e 's|gnu/linux|linux-gnu|'`
+		;;
+	# First accept the basic system types.
+	# The portable systems comes first.
+	# Each alternative MUST END IN A *, to match a version number.
+	# -sysv* is not here because it comes later, after sysvr4.
+	-gnu* | -bsd* | -mach* | -minix* | -genix* | -ultrix* | -irix* \
+	      | -*vms* | -sco* | -esix* | -isc* | -aix* | -cnk* | -sunos | -sunos[34]*\
+	      | -hpux* | -unos* | -osf* | -luna* | -dgux* | -auroraux* | -solaris* \
+	      | -sym* | -kopensolaris* | -plan9* \
+	      | -amigaos* | -amigados* | -msdos* | -newsos* | -unicos* | -aof* \
+	      | -aos* | -aros* \
+	      | -nindy* | -vxsim* | -vxworks* | -ebmon* | -hms* | -mvs* \
+	      | -clix* | -riscos* | -uniplus* | -iris* | -rtu* | -xenix* \
+	      | -hiux* | -386bsd* | -knetbsd* | -mirbsd* | -netbsd* \
+	      | -bitrig* | -openbsd* | -solidbsd* \
+	      | -ekkobsd* | -kfreebsd* | -freebsd* | -riscix* | -lynxos* \
+	      | -bosx* | -nextstep* | -cxux* | -aout* | -elf* | -oabi* \
+	      | -ptx* | -coff* | -ecoff* | -winnt* | -domain* | -vsta* \
+	      | -udi* | -eabi* | -lites* | -ieee* | -go32* | -aux* \
+	      | -chorusos* | -chorusrdb* | -cegcc* \
+	      | -cygwin* | -msys* | -pe* | -psos* | -moss* | -proelf* | -rtems* \
+	      | -mingw32* | -mingw64* | -linux-gnu* | -linux-android* \
+	      | -linux-newlib* | -linux-musl* | -linux-uclibc* \
+	      | -uxpv* | -beos* | -mpeix* | -udk* \
+	      | -interix* | -uwin* | -mks* | -rhapsody* | -darwin* | -opened* \
+	      | -openstep* | -oskit* | -conix* | -pw32* | -nonstopux* \
+	      | -storm-chaos* | -tops10* | -tenex* | -tops20* | -its* \
+	      | -os2* | -vos* | -palmos* | -uclinux* | -nucleus* \
+	      | -morphos* | -superux* | -rtmk* | -rtmk-nova* | -windiss* \
+	      | -powermax* | -dnix* | -nx6 | -nx7 | -sei* | -dragonfly* \
+	      | -skyos* | -haiku* | -rdos* | -toppers* | -drops* | -es*)
+	# Remember, each alternative MUST END IN *, to match a version number.
+		;;
+	-qnx*)
+		case $basic_machine in
+		    x86-* | i*86-*)
+			;;
+		    *)
+			os=-nto$os
+			;;
+		esac
+		;;
+	-nto-qnx*)
+		;;
+	-nto*)
+		os=`echo $os | sed -e 's|nto|nto-qnx|'`
+		;;
+	-sim | -es1800* | -hms* | -xray | -os68k* | -none* | -v88r* \
+	      | -windows* | -osx | -abug | -netware* | -os9* | -beos* | -haiku* \
+	      | -macos* | -mpw* | -magic* | -mmixware* | -mon960* | -lnews*)
+		;;
+	-mac*)
+		os=`echo $os | sed -e 's|mac|macos|'`
+		;;
+	-linux-dietlibc)
+		os=-linux-dietlibc
+		;;
+	-linux*)
+		os=`echo $os | sed -e 's|linux|linux-gnu|'`
+		;;
+	-sunos5*)
+		os=`echo $os | sed -e 's|sunos5|solaris2|'`
+		;;
+	-sunos6*)
+		os=`echo $os | sed -e 's|sunos6|solaris3|'`
+		;;
+	-opened*)
+		os=-openedition
+		;;
+	-os400*)
+		os=-os400
+		;;
+	-wince*)
+		os=-wince
+		;;
+	-osfrose*)
+		os=-osfrose
+		;;
+	-osf*)
+		os=-osf
+		;;
+	-utek*)
+		os=-bsd
+		;;
+	-dynix*)
+		os=-bsd
+		;;
+	-acis*)
+		os=-aos
+		;;
+	-atheos*)
+		os=-atheos
+		;;
+	-syllable*)
+		os=-syllable
+		;;
+	-386bsd)
+		os=-bsd
+		;;
+	-ctix* | -uts*)
+		os=-sysv
+		;;
+	-nova*)
+		os=-rtmk-nova
+		;;
+	-ns2 )
+		os=-nextstep2
+		;;
+	-nsk*)
+		os=-nsk
+		;;
+	# Preserve the version number of sinix5.
+	-sinix5.*)
+		os=`echo $os | sed -e 's|sinix|sysv|'`
+		;;
+	-sinix*)
+		os=-sysv4
+		;;
+	-tpf*)
+		os=-tpf
+		;;
+	-triton*)
+		os=-sysv3
+		;;
+	-oss*)
+		os=-sysv3
+		;;
+	-svr4)
+		os=-sysv4
+		;;
+	-svr3)
+		os=-sysv3
+		;;
+	-sysvr4)
+		os=-sysv4
+		;;
+	# This must come after -sysvr4.
+	-sysv*)
+		;;
+	-ose*)
+		os=-ose
+		;;
+	-es1800*)
+		os=-ose
+		;;
+	-xenix)
+		os=-xenix
+		;;
+	-*mint | -mint[0-9]* | -*MiNT | -MiNT[0-9]*)
+		os=-mint
+		;;
+	-aros*)
+		os=-aros
+		;;
+	-zvmoe)
+		os=-zvmoe
+		;;
+	-dicos*)
+		os=-dicos
+		;;
+	-nacl*)
+		;;
+	-none)
+		;;
+	*)
+		# Get rid of the `-' at the beginning of $os.
+		os=`echo $os | sed 's/[^-]*-//'`
+		echo Invalid configuration \`$1\': system \`$os\' not recognized 1>&2
+		exit 1
+		;;
+esac
+else
+
+# Here we handle the default operating systems that come with various machines.
+# The value should be what the vendor currently ships out the door with their
+# machine or put another way, the most popular os provided with the machine.
+
+# Note that if you're going to try to match "-MANUFACTURER" here (say,
+# "-sun"), then you have to tell the case statement up towards the top
+# that MANUFACTURER isn't an operating system.  Otherwise, code above
+# will signal an error saying that MANUFACTURER isn't an operating
+# system, and we'll never get to this point.
+
+case $basic_machine in
+	score-*)
+		os=-elf
+		;;
+	spu-*)
+		os=-elf
+		;;
+	*-acorn)
+		os=-riscix1.2
+		;;
+	arm*-rebel)
+		os=-linux
+		;;
+	arm*-semi)
+		os=-aout
+		;;
+	c4x-* | tic4x-*)
+		os=-coff
+		;;
+	c8051-*)
+		os=-elf
+		;;
+	hexagon-*)
+		os=-elf
+		;;
+	tic54x-*)
+		os=-coff
+		;;
+	tic55x-*)
+		os=-coff
+		;;
+	tic6x-*)
+		os=-coff
+		;;
+	# This must come before the *-dec entry.
+	pdp10-*)
+		os=-tops20
+		;;
+	pdp11-*)
+		os=-none
+		;;
+	*-dec | vax-*)
+		os=-ultrix4.2
+		;;
+	m68*-apollo)
+		os=-domain
+		;;
+	i386-sun)
+		os=-sunos4.0.2
+		;;
+	m68000-sun)
+		os=-sunos3
+		;;
+	m68*-cisco)
+		os=-aout
+		;;
+	mep-*)
+		os=-elf
+		;;
+	mips*-cisco)
+		os=-elf
+		;;
+	mips*-*)
+		os=-elf
+		;;
+	or1k-*)
+		os=-elf
+		;;
+	or32-*)
+		os=-coff
+		;;
+	*-tti)	# must be before sparc entry or we get the wrong os.
+		os=-sysv3
+		;;
+	sparc-* | *-sun)
+		os=-sunos4.1.1
+		;;
+	*-be)
+		os=-beos
+		;;
+	*-haiku)
+		os=-haiku
+		;;
+	*-ibm)
+		os=-aix
+		;;
+	*-knuth)
+		os=-mmixware
+		;;
+	*-wec)
+		os=-proelf
+		;;
+	*-winbond)
+		os=-proelf
+		;;
+	*-oki)
+		os=-proelf
+		;;
+	*-hp)
+		os=-hpux
+		;;
+	*-hitachi)
+		os=-hiux
+		;;
+	i860-* | *-att | *-ncr | *-altos | *-motorola | *-convergent)
+		os=-sysv
+		;;
+	*-cbm)
+		os=-amigaos
+		;;
+	*-dg)
+		os=-dgux
+		;;
+	*-dolphin)
+		os=-sysv3
+		;;
+	m68k-ccur)
+		os=-rtu
+		;;
+	m88k-omron*)
+		os=-luna
+		;;
+	*-next )
+		os=-nextstep
+		;;
+	*-sequent)
+		os=-ptx
+		;;
+	*-crds)
+		os=-unos
+		;;
+	*-ns)
+		os=-genix
+		;;
+	i370-*)
+		os=-mvs
+		;;
+	*-next)
+		os=-nextstep3
+		;;
+	*-gould)
+		os=-sysv
+		;;
+	*-highlevel)
+		os=-bsd
+		;;
+	*-encore)
+		os=-bsd
+		;;
+	*-sgi)
+		os=-irix
+		;;
+	*-siemens)
+		os=-sysv4
+		;;
+	*-masscomp)
+		os=-rtu
+		;;
+	f30[01]-fujitsu | f700-fujitsu)
+		os=-uxpv
+		;;
+	*-rom68k)
+		os=-coff
+		;;
+	*-*bug)
+		os=-coff
+		;;
+	*-apple)
+		os=-macos
+		;;
+	*-atari*)
+		os=-mint
+		;;
+	*)
+		os=-none
+		;;
+esac
+fi
+
+# Here we handle the case where we know the os, and the CPU type, but not the
+# manufacturer.  We pick the logical manufacturer.
+vendor=unknown
+case $basic_machine in
+	*-unknown)
+		case $os in
+			-riscix*)
+				vendor=acorn
+				;;
+			-sunos*)
+				vendor=sun
+				;;
+			-cnk*|-aix*)
+				vendor=ibm
+				;;
+			-beos*)
+				vendor=be
+				;;
+			-hpux*)
+				vendor=hp
+				;;
+			-mpeix*)
+				vendor=hp
+				;;
+			-hiux*)
+				vendor=hitachi
+				;;
+			-unos*)
+				vendor=crds
+				;;
+			-dgux*)
+				vendor=dg
+				;;
+			-luna*)
+				vendor=omron
+				;;
+			-genix*)
+				vendor=ns
+				;;
+			-mvs* | -opened*)
+				vendor=ibm
+				;;
+			-os400*)
+				vendor=ibm
+				;;
+			-ptx*)
+				vendor=sequent
+				;;
+			-tpf*)
+				vendor=ibm
+				;;
+			-vxsim* | -vxworks* | -windiss*)
+				vendor=wrs
+				;;
+			-aux*)
+				vendor=apple
+				;;
+			-hms*)
+				vendor=hitachi
+				;;
+			-mpw* | -macos*)
+				vendor=apple
+				;;
+			-*mint | -mint[0-9]* | -*MiNT | -MiNT[0-9]*)
+				vendor=atari
+				;;
+			-vos*)
+				vendor=stratus
+				;;
+		esac
+		basic_machine=`echo $basic_machine | sed "s/unknown/$vendor/"`
+		;;
+esac
+
+echo $basic_machine$os
+exit
+
+# Local variables:
+# eval: (add-hook 'write-file-hooks 'time-stamp)
+# time-stamp-start: "timestamp='"
+# time-stamp-format: "%:y-%02m-%02d"
+# time-stamp-end: "'"
+# End:
diff --git a/3P/wolfssl/build-aux/depcomp b/3P/wolfssl/build-aux/depcomp
new file mode 100755
index 00000000..4ebd5b3a
--- /dev/null
+++ b/3P/wolfssl/build-aux/depcomp
@@ -0,0 +1,791 @@
+#! /bin/sh
+# depcomp - compile a program generating dependencies as side-effects
+
+scriptversion=2013-05-30.07; # UTC
+
+# Copyright (C) 1999-2013 Free Software Foundation, Inc.
+
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2, or (at your option)
+# any later version.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see .
+
+# As a special exception to the GNU General Public License, if you
+# distribute this file as part of a program that contains a
+# configuration script generated by Autoconf, you may include it under
+# the same distribution terms that you use for the rest of that program.
+
+# Originally written by Alexandre Oliva .
+
+case $1 in
+  '')
+    echo "$0: No command.  Try '$0 --help' for more information." 1>&2
+    exit 1;
+    ;;
+  -h | --h*)
+    cat <<\EOF
+Usage: depcomp [--help] [--version] PROGRAM [ARGS]
+
+Run PROGRAMS ARGS to compile a file, generating dependencies
+as side-effects.
+
+Environment variables:
+  depmode     Dependency tracking mode.
+  source      Source file read by 'PROGRAMS ARGS'.
+  object      Object file output by 'PROGRAMS ARGS'.
+  DEPDIR      directory where to store dependencies.
+  depfile     Dependency file to output.
+  tmpdepfile  Temporary file to use when outputting dependencies.
+  libtool     Whether libtool is used (yes/no).
+
+Report bugs to .
+EOF
+    exit $?
+    ;;
+  -v | --v*)
+    echo "depcomp $scriptversion"
+    exit $?
+    ;;
+esac
+
+# Get the directory component of the given path, and save it in the
+# global variables '$dir'.  Note that this directory component will
+# be either empty or ending with a '/' character.  This is deliberate.
+set_dir_from ()
+{
+  case $1 in
+    */*) dir=`echo "$1" | sed -e 's|/[^/]*$|/|'`;;
+      *) dir=;;
+  esac
+}
+
+# Get the suffix-stripped basename of the given path, and save it the
+# global variable '$base'.
+set_base_from ()
+{
+  base=`echo "$1" | sed -e 's|^.*/||' -e 's/\.[^.]*$//'`
+}
+
+# If no dependency file was actually created by the compiler invocation,
+# we still have to create a dummy depfile, to avoid errors with the
+# Makefile "include basename.Plo" scheme.
+make_dummy_depfile ()
+{
+  echo "#dummy" > "$depfile"
+}
+
+# Factor out some common post-processing of the generated depfile.
+# Requires the auxiliary global variable '$tmpdepfile' to be set.
+aix_post_process_depfile ()
+{
+  # If the compiler actually managed to produce a dependency file,
+  # post-process it.
+  if test -f "$tmpdepfile"; then
+    # Each line is of the form 'foo.o: dependency.h'.
+    # Do two passes, one to just change these to
+    #   $object: dependency.h
+    # and one to simply output
+    #   dependency.h:
+    # which is needed to avoid the deleted-header problem.
+    { sed -e "s,^.*\.[$lower]*:,$object:," < "$tmpdepfile"
+      sed -e "s,^.*\.[$lower]*:[$tab ]*,," -e 's,$,:,' < "$tmpdepfile"
+    } > "$depfile"
+    rm -f "$tmpdepfile"
+  else
+    make_dummy_depfile
+  fi
+}
+
+# A tabulation character.
+tab='	'
+# A newline character.
+nl='
+'
+# Character ranges might be problematic outside the C locale.
+# These definitions help.
+upper=ABCDEFGHIJKLMNOPQRSTUVWXYZ
+lower=abcdefghijklmnopqrstuvwxyz
+digits=0123456789
+alpha=${upper}${lower}
+
+if test -z "$depmode" || test -z "$source" || test -z "$object"; then
+  echo "depcomp: Variables source, object and depmode must be set" 1>&2
+  exit 1
+fi
+
+# Dependencies for sub/bar.o or sub/bar.obj go into sub/.deps/bar.Po.
+depfile=${depfile-`echo "$object" |
+  sed 's|[^\\/]*$|'${DEPDIR-.deps}'/&|;s|\.\([^.]*\)$|.P\1|;s|Pobj$|Po|'`}
+tmpdepfile=${tmpdepfile-`echo "$depfile" | sed 's/\.\([^.]*\)$/.T\1/'`}
+
+rm -f "$tmpdepfile"
+
+# Avoid interferences from the environment.
+gccflag= dashmflag=
+
+# Some modes work just like other modes, but use different flags.  We
+# parameterize here, but still list the modes in the big case below,
+# to make depend.m4 easier to write.  Note that we *cannot* use a case
+# here, because this file can only contain one case statement.
+if test "$depmode" = hp; then
+  # HP compiler uses -M and no extra arg.
+  gccflag=-M
+  depmode=gcc
+fi
+
+if test "$depmode" = dashXmstdout; then
+  # This is just like dashmstdout with a different argument.
+  dashmflag=-xM
+  depmode=dashmstdout
+fi
+
+cygpath_u="cygpath -u -f -"
+if test "$depmode" = msvcmsys; then
+  # This is just like msvisualcpp but w/o cygpath translation.
+  # Just convert the backslash-escaped backslashes to single forward
+  # slashes to satisfy depend.m4
+  cygpath_u='sed s,\\\\,/,g'
+  depmode=msvisualcpp
+fi
+
+if test "$depmode" = msvc7msys; then
+  # This is just like msvc7 but w/o cygpath translation.
+  # Just convert the backslash-escaped backslashes to single forward
+  # slashes to satisfy depend.m4
+  cygpath_u='sed s,\\\\,/,g'
+  depmode=msvc7
+fi
+
+if test "$depmode" = xlc; then
+  # IBM C/C++ Compilers xlc/xlC can output gcc-like dependency information.
+  gccflag=-qmakedep=gcc,-MF
+  depmode=gcc
+fi
+
+case "$depmode" in
+gcc3)
+## gcc 3 implements dependency tracking that does exactly what
+## we want.  Yay!  Note: for some reason libtool 1.4 doesn't like
+## it if -MD -MP comes after the -MF stuff.  Hmm.
+## Unfortunately, FreeBSD c89 acceptance of flags depends upon
+## the command line argument order; so add the flags where they
+## appear in depend2.am.  Note that the slowdown incurred here
+## affects only configure: in makefiles, %FASTDEP% shortcuts this.
+  for arg
+  do
+    case $arg in
+    -c) set fnord "$@" -MT "$object" -MD -MP -MF "$tmpdepfile" "$arg" ;;
+    *)  set fnord "$@" "$arg" ;;
+    esac
+    shift # fnord
+    shift # $arg
+  done
+  "$@"
+  stat=$?
+  if test $stat -ne 0; then
+    rm -f "$tmpdepfile"
+    exit $stat
+  fi
+  mv "$tmpdepfile" "$depfile"
+  ;;
+
+gcc)
+## Note that this doesn't just cater to obsosete pre-3.x GCC compilers.
+## but also to in-use compilers like IMB xlc/xlC and the HP C compiler.
+## (see the conditional assignment to $gccflag above).
+## There are various ways to get dependency output from gcc.  Here's
+## why we pick this rather obscure method:
+## - Don't want to use -MD because we'd like the dependencies to end
+##   up in a subdir.  Having to rename by hand is ugly.
+##   (We might end up doing this anyway to support other compilers.)
+## - The DEPENDENCIES_OUTPUT environment variable makes gcc act like
+##   -MM, not -M (despite what the docs say).  Also, it might not be
+##   supported by the other compilers which use the 'gcc' depmode.
+## - Using -M directly means running the compiler twice (even worse
+##   than renaming).
+  if test -z "$gccflag"; then
+    gccflag=-MD,
+  fi
+  "$@" -Wp,"$gccflag$tmpdepfile"
+  stat=$?
+  if test $stat -ne 0; then
+    rm -f "$tmpdepfile"
+    exit $stat
+  fi
+  rm -f "$depfile"
+  echo "$object : \\" > "$depfile"
+  # The second -e expression handles DOS-style file names with drive
+  # letters.
+  sed -e 's/^[^:]*: / /' \
+      -e 's/^['$alpha']:\/[^:]*: / /' < "$tmpdepfile" >> "$depfile"
+## This next piece of magic avoids the "deleted header file" problem.
+## The problem is that when a header file which appears in a .P file
+## is deleted, the dependency causes make to die (because there is
+## typically no way to rebuild the header).  We avoid this by adding
+## dummy dependencies for each header file.  Too bad gcc doesn't do
+## this for us directly.
+## Some versions of gcc put a space before the ':'.  On the theory
+## that the space means something, we add a space to the output as
+## well.  hp depmode also adds that space, but also prefixes the VPATH
+## to the object.  Take care to not repeat it in the output.
+## Some versions of the HPUX 10.20 sed can't process this invocation
+## correctly.  Breaking it into two sed invocations is a workaround.
+  tr ' ' "$nl" < "$tmpdepfile" \
+    | sed -e 's/^\\$//' -e '/^$/d' -e "s|.*$object$||" -e '/:$/d' \
+    | sed -e 's/$/ :/' >> "$depfile"
+  rm -f "$tmpdepfile"
+  ;;
+
+hp)
+  # This case exists only to let depend.m4 do its work.  It works by
+  # looking at the text of this script.  This case will never be run,
+  # since it is checked for above.
+  exit 1
+  ;;
+
+sgi)
+  if test "$libtool" = yes; then
+    "$@" "-Wp,-MDupdate,$tmpdepfile"
+  else
+    "$@" -MDupdate "$tmpdepfile"
+  fi
+  stat=$?
+  if test $stat -ne 0; then
+    rm -f "$tmpdepfile"
+    exit $stat
+  fi
+  rm -f "$depfile"
+
+  if test -f "$tmpdepfile"; then  # yes, the sourcefile depend on other files
+    echo "$object : \\" > "$depfile"
+    # Clip off the initial element (the dependent).  Don't try to be
+    # clever and replace this with sed code, as IRIX sed won't handle
+    # lines with more than a fixed number of characters (4096 in
+    # IRIX 6.2 sed, 8192 in IRIX 6.5).  We also remove comment lines;
+    # the IRIX cc adds comments like '#:fec' to the end of the
+    # dependency line.
+    tr ' ' "$nl" < "$tmpdepfile" \
+      | sed -e 's/^.*\.o://' -e 's/#.*$//' -e '/^$/ d' \
+      | tr "$nl" ' ' >> "$depfile"
+    echo >> "$depfile"
+    # The second pass generates a dummy entry for each header file.
+    tr ' ' "$nl" < "$tmpdepfile" \
+      | sed -e 's/^.*\.o://' -e 's/#.*$//' -e '/^$/ d' -e 's/$/:/' \
+      >> "$depfile"
+  else
+    make_dummy_depfile
+  fi
+  rm -f "$tmpdepfile"
+  ;;
+
+xlc)
+  # This case exists only to let depend.m4 do its work.  It works by
+  # looking at the text of this script.  This case will never be run,
+  # since it is checked for above.
+  exit 1
+  ;;
+
+aix)
+  # The C for AIX Compiler uses -M and outputs the dependencies
+  # in a .u file.  In older versions, this file always lives in the
+  # current directory.  Also, the AIX compiler puts '$object:' at the
+  # start of each line; $object doesn't have directory information.
+  # Version 6 uses the directory in both cases.
+  set_dir_from "$object"
+  set_base_from "$object"
+  if test "$libtool" = yes; then
+    tmpdepfile1=$dir$base.u
+    tmpdepfile2=$base.u
+    tmpdepfile3=$dir.libs/$base.u
+    "$@" -Wc,-M
+  else
+    tmpdepfile1=$dir$base.u
+    tmpdepfile2=$dir$base.u
+    tmpdepfile3=$dir$base.u
+    "$@" -M
+  fi
+  stat=$?
+  if test $stat -ne 0; then
+    rm -f "$tmpdepfile1" "$tmpdepfile2" "$tmpdepfile3"
+    exit $stat
+  fi
+
+  for tmpdepfile in "$tmpdepfile1" "$tmpdepfile2" "$tmpdepfile3"
+  do
+    test -f "$tmpdepfile" && break
+  done
+  aix_post_process_depfile
+  ;;
+
+tcc)
+  # tcc (Tiny C Compiler) understand '-MD -MF file' since version 0.9.26
+  # FIXME: That version still under development at the moment of writing.
+  #        Make that this statement remains true also for stable, released
+  #        versions.
+  # It will wrap lines (doesn't matter whether long or short) with a
+  # trailing '\', as in:
+  #
+  #   foo.o : \
+  #    foo.c \
+  #    foo.h \
+  #
+  # It will put a trailing '\' even on the last line, and will use leading
+  # spaces rather than leading tabs (at least since its commit 0394caf7
+  # "Emit spaces for -MD").
+  "$@" -MD -MF "$tmpdepfile"
+  stat=$?
+  if test $stat -ne 0; then
+    rm -f "$tmpdepfile"
+    exit $stat
+  fi
+  rm -f "$depfile"
+  # Each non-empty line is of the form 'foo.o : \' or ' dep.h \'.
+  # We have to change lines of the first kind to '$object: \'.
+  sed -e "s|.*:|$object :|" < "$tmpdepfile" > "$depfile"
+  # And for each line of the second kind, we have to emit a 'dep.h:'
+  # dummy dependency, to avoid the deleted-header problem.
+  sed -n -e 's|^  *\(.*\) *\\$|\1:|p' < "$tmpdepfile" >> "$depfile"
+  rm -f "$tmpdepfile"
+  ;;
+
+## The order of this option in the case statement is important, since the
+## shell code in configure will try each of these formats in the order
+## listed in this file.  A plain '-MD' option would be understood by many
+## compilers, so we must ensure this comes after the gcc and icc options.
+pgcc)
+  # Portland's C compiler understands '-MD'.
+  # Will always output deps to 'file.d' where file is the root name of the
+  # source file under compilation, even if file resides in a subdirectory.
+  # The object file name does not affect the name of the '.d' file.
+  # pgcc 10.2 will output
+  #    foo.o: sub/foo.c sub/foo.h
+  # and will wrap long lines using '\' :
+  #    foo.o: sub/foo.c ... \
+  #     sub/foo.h ... \
+  #     ...
+  set_dir_from "$object"
+  # Use the source, not the object, to determine the base name, since
+  # that's sadly what pgcc will do too.
+  set_base_from "$source"
+  tmpdepfile=$base.d
+
+  # For projects that build the same source file twice into different object
+  # files, the pgcc approach of using the *source* file root name can cause
+  # problems in parallel builds.  Use a locking strategy to avoid stomping on
+  # the same $tmpdepfile.
+  lockdir=$base.d-lock
+  trap "
+    echo '$0: caught signal, cleaning up...' >&2
+    rmdir '$lockdir'
+    exit 1
+  " 1 2 13 15
+  numtries=100
+  i=$numtries
+  while test $i -gt 0; do
+    # mkdir is a portable test-and-set.
+    if mkdir "$lockdir" 2>/dev/null; then
+      # This process acquired the lock.
+      "$@" -MD
+      stat=$?
+      # Release the lock.
+      rmdir "$lockdir"
+      break
+    else
+      # If the lock is being held by a different process, wait
+      # until the winning process is done or we timeout.
+      while test -d "$lockdir" && test $i -gt 0; do
+        sleep 1
+        i=`expr $i - 1`
+      done
+    fi
+    i=`expr $i - 1`
+  done
+  trap - 1 2 13 15
+  if test $i -le 0; then
+    echo "$0: failed to acquire lock after $numtries attempts" >&2
+    echo "$0: check lockdir '$lockdir'" >&2
+    exit 1
+  fi
+
+  if test $stat -ne 0; then
+    rm -f "$tmpdepfile"
+    exit $stat
+  fi
+  rm -f "$depfile"
+  # Each line is of the form `foo.o: dependent.h',
+  # or `foo.o: dep1.h dep2.h \', or ` dep3.h dep4.h \'.
+  # Do two passes, one to just change these to
+  # `$object: dependent.h' and one to simply `dependent.h:'.
+  sed "s,^[^:]*:,$object :," < "$tmpdepfile" > "$depfile"
+  # Some versions of the HPUX 10.20 sed can't process this invocation
+  # correctly.  Breaking it into two sed invocations is a workaround.
+  sed 's,^[^:]*: \(.*\)$,\1,;s/^\\$//;/^$/d;/:$/d' < "$tmpdepfile" \
+    | sed -e 's/$/ :/' >> "$depfile"
+  rm -f "$tmpdepfile"
+  ;;
+
+hp2)
+  # The "hp" stanza above does not work with aCC (C++) and HP's ia64
+  # compilers, which have integrated preprocessors.  The correct option
+  # to use with these is +Maked; it writes dependencies to a file named
+  # 'foo.d', which lands next to the object file, wherever that
+  # happens to be.
+  # Much of this is similar to the tru64 case; see comments there.
+  set_dir_from  "$object"
+  set_base_from "$object"
+  if test "$libtool" = yes; then
+    tmpdepfile1=$dir$base.d
+    tmpdepfile2=$dir.libs/$base.d
+    "$@" -Wc,+Maked
+  else
+    tmpdepfile1=$dir$base.d
+    tmpdepfile2=$dir$base.d
+    "$@" +Maked
+  fi
+  stat=$?
+  if test $stat -ne 0; then
+     rm -f "$tmpdepfile1" "$tmpdepfile2"
+     exit $stat
+  fi
+
+  for tmpdepfile in "$tmpdepfile1" "$tmpdepfile2"
+  do
+    test -f "$tmpdepfile" && break
+  done
+  if test -f "$tmpdepfile"; then
+    sed -e "s,^.*\.[$lower]*:,$object:," "$tmpdepfile" > "$depfile"
+    # Add 'dependent.h:' lines.
+    sed -ne '2,${
+               s/^ *//
+               s/ \\*$//
+               s/$/:/
+               p
+             }' "$tmpdepfile" >> "$depfile"
+  else
+    make_dummy_depfile
+  fi
+  rm -f "$tmpdepfile" "$tmpdepfile2"
+  ;;
+
+tru64)
+  # The Tru64 compiler uses -MD to generate dependencies as a side
+  # effect.  'cc -MD -o foo.o ...' puts the dependencies into 'foo.o.d'.
+  # At least on Alpha/Redhat 6.1, Compaq CCC V6.2-504 seems to put
+  # dependencies in 'foo.d' instead, so we check for that too.
+  # Subdirectories are respected.
+  set_dir_from  "$object"
+  set_base_from "$object"
+
+  if test "$libtool" = yes; then
+    # Libtool generates 2 separate objects for the 2 libraries.  These
+    # two compilations output dependencies in $dir.libs/$base.o.d and
+    # in $dir$base.o.d.  We have to check for both files, because
+    # one of the two compilations can be disabled.  We should prefer
+    # $dir$base.o.d over $dir.libs/$base.o.d because the latter is
+    # automatically cleaned when .libs/ is deleted, while ignoring
+    # the former would cause a distcleancheck panic.
+    tmpdepfile1=$dir$base.o.d          # libtool 1.5
+    tmpdepfile2=$dir.libs/$base.o.d    # Likewise.
+    tmpdepfile3=$dir.libs/$base.d      # Compaq CCC V6.2-504
+    "$@" -Wc,-MD
+  else
+    tmpdepfile1=$dir$base.d
+    tmpdepfile2=$dir$base.d
+    tmpdepfile3=$dir$base.d
+    "$@" -MD
+  fi
+
+  stat=$?
+  if test $stat -ne 0; then
+    rm -f "$tmpdepfile1" "$tmpdepfile2" "$tmpdepfile3"
+    exit $stat
+  fi
+
+  for tmpdepfile in "$tmpdepfile1" "$tmpdepfile2" "$tmpdepfile3"
+  do
+    test -f "$tmpdepfile" && break
+  done
+  # Same post-processing that is required for AIX mode.
+  aix_post_process_depfile
+  ;;
+
+msvc7)
+  if test "$libtool" = yes; then
+    showIncludes=-Wc,-showIncludes
+  else
+    showIncludes=-showIncludes
+  fi
+  "$@" $showIncludes > "$tmpdepfile"
+  stat=$?
+  grep -v '^Note: including file: ' "$tmpdepfile"
+  if test $stat -ne 0; then
+    rm -f "$tmpdepfile"
+    exit $stat
+  fi
+  rm -f "$depfile"
+  echo "$object : \\" > "$depfile"
+  # The first sed program below extracts the file names and escapes
+  # backslashes for cygpath.  The second sed program outputs the file
+  # name when reading, but also accumulates all include files in the
+  # hold buffer in order to output them again at the end.  This only
+  # works with sed implementations that can handle large buffers.
+  sed < "$tmpdepfile" -n '
+/^Note: including file:  *\(.*\)/ {
+  s//\1/
+  s/\\/\\\\/g
+  p
+}' | $cygpath_u | sort -u | sed -n '
+s/ /\\ /g
+s/\(.*\)/'"$tab"'\1 \\/p
+s/.\(.*\) \\/\1:/
+H
+$ {
+  s/.*/'"$tab"'/
+  G
+  p
+}' >> "$depfile"
+  echo >> "$depfile" # make sure the fragment doesn't end with a backslash
+  rm -f "$tmpdepfile"
+  ;;
+
+msvc7msys)
+  # This case exists only to let depend.m4 do its work.  It works by
+  # looking at the text of this script.  This case will never be run,
+  # since it is checked for above.
+  exit 1
+  ;;
+
+#nosideeffect)
+  # This comment above is used by automake to tell side-effect
+  # dependency tracking mechanisms from slower ones.
+
+dashmstdout)
+  # Important note: in order to support this mode, a compiler *must*
+  # always write the preprocessed file to stdout, regardless of -o.
+  "$@" || exit $?
+
+  # Remove the call to Libtool.
+  if test "$libtool" = yes; then
+    while test "X$1" != 'X--mode=compile'; do
+      shift
+    done
+    shift
+  fi
+
+  # Remove '-o $object'.
+  IFS=" "
+  for arg
+  do
+    case $arg in
+    -o)
+      shift
+      ;;
+    $object)
+      shift
+      ;;
+    *)
+      set fnord "$@" "$arg"
+      shift # fnord
+      shift # $arg
+      ;;
+    esac
+  done
+
+  test -z "$dashmflag" && dashmflag=-M
+  # Require at least two characters before searching for ':'
+  # in the target name.  This is to cope with DOS-style filenames:
+  # a dependency such as 'c:/foo/bar' could be seen as target 'c' otherwise.
+  "$@" $dashmflag |
+    sed "s|^[$tab ]*[^:$tab ][^:][^:]*:[$tab ]*|$object: |" > "$tmpdepfile"
+  rm -f "$depfile"
+  cat < "$tmpdepfile" > "$depfile"
+  # Some versions of the HPUX 10.20 sed can't process this sed invocation
+  # correctly.  Breaking it into two sed invocations is a workaround.
+  tr ' ' "$nl" < "$tmpdepfile" \
+    | sed -e 's/^\\$//' -e '/^$/d' -e '/:$/d' \
+    | sed -e 's/$/ :/' >> "$depfile"
+  rm -f "$tmpdepfile"
+  ;;
+
+dashXmstdout)
+  # This case only exists to satisfy depend.m4.  It is never actually
+  # run, as this mode is specially recognized in the preamble.
+  exit 1
+  ;;
+
+makedepend)
+  "$@" || exit $?
+  # Remove any Libtool call
+  if test "$libtool" = yes; then
+    while test "X$1" != 'X--mode=compile'; do
+      shift
+    done
+    shift
+  fi
+  # X makedepend
+  shift
+  cleared=no eat=no
+  for arg
+  do
+    case $cleared in
+    no)
+      set ""; shift
+      cleared=yes ;;
+    esac
+    if test $eat = yes; then
+      eat=no
+      continue
+    fi
+    case "$arg" in
+    -D*|-I*)
+      set fnord "$@" "$arg"; shift ;;
+    # Strip any option that makedepend may not understand.  Remove
+    # the object too, otherwise makedepend will parse it as a source file.
+    -arch)
+      eat=yes ;;
+    -*|$object)
+      ;;
+    *)
+      set fnord "$@" "$arg"; shift ;;
+    esac
+  done
+  obj_suffix=`echo "$object" | sed 's/^.*\././'`
+  touch "$tmpdepfile"
+  ${MAKEDEPEND-makedepend} -o"$obj_suffix" -f"$tmpdepfile" "$@"
+  rm -f "$depfile"
+  # makedepend may prepend the VPATH from the source file name to the object.
+  # No need to regex-escape $object, excess matching of '.' is harmless.
+  sed "s|^.*\($object *:\)|\1|" "$tmpdepfile" > "$depfile"
+  # Some versions of the HPUX 10.20 sed can't process the last invocation
+  # correctly.  Breaking it into two sed invocations is a workaround.
+  sed '1,2d' "$tmpdepfile" \
+    | tr ' ' "$nl" \
+    | sed -e 's/^\\$//' -e '/^$/d' -e '/:$/d' \
+    | sed -e 's/$/ :/' >> "$depfile"
+  rm -f "$tmpdepfile" "$tmpdepfile".bak
+  ;;
+
+cpp)
+  # Important note: in order to support this mode, a compiler *must*
+  # always write the preprocessed file to stdout.
+  "$@" || exit $?
+
+  # Remove the call to Libtool.
+  if test "$libtool" = yes; then
+    while test "X$1" != 'X--mode=compile'; do
+      shift
+    done
+    shift
+  fi
+
+  # Remove '-o $object'.
+  IFS=" "
+  for arg
+  do
+    case $arg in
+    -o)
+      shift
+      ;;
+    $object)
+      shift
+      ;;
+    *)
+      set fnord "$@" "$arg"
+      shift # fnord
+      shift # $arg
+      ;;
+    esac
+  done
+
+  "$@" -E \
+    | sed -n -e '/^# [0-9][0-9]* "\([^"]*\)".*/ s:: \1 \\:p' \
+             -e '/^#line [0-9][0-9]* "\([^"]*\)".*/ s:: \1 \\:p' \
+    | sed '$ s: \\$::' > "$tmpdepfile"
+  rm -f "$depfile"
+  echo "$object : \\" > "$depfile"
+  cat < "$tmpdepfile" >> "$depfile"
+  sed < "$tmpdepfile" '/^$/d;s/^ //;s/ \\$//;s/$/ :/' >> "$depfile"
+  rm -f "$tmpdepfile"
+  ;;
+
+msvisualcpp)
+  # Important note: in order to support this mode, a compiler *must*
+  # always write the preprocessed file to stdout.
+  "$@" || exit $?
+
+  # Remove the call to Libtool.
+  if test "$libtool" = yes; then
+    while test "X$1" != 'X--mode=compile'; do
+      shift
+    done
+    shift
+  fi
+
+  IFS=" "
+  for arg
+  do
+    case "$arg" in
+    -o)
+      shift
+      ;;
+    $object)
+      shift
+      ;;
+    "-Gm"|"/Gm"|"-Gi"|"/Gi"|"-ZI"|"/ZI")
+        set fnord "$@"
+        shift
+        shift
+        ;;
+    *)
+        set fnord "$@" "$arg"
+        shift
+        shift
+        ;;
+    esac
+  done
+  "$@" -E 2>/dev/null |
+  sed -n '/^#line [0-9][0-9]* "\([^"]*\)"/ s::\1:p' | $cygpath_u | sort -u > "$tmpdepfile"
+  rm -f "$depfile"
+  echo "$object : \\" > "$depfile"
+  sed < "$tmpdepfile" -n -e 's% %\\ %g' -e '/^\(.*\)$/ s::'"$tab"'\1 \\:p' >> "$depfile"
+  echo "$tab" >> "$depfile"
+  sed < "$tmpdepfile" -n -e 's% %\\ %g' -e '/^\(.*\)$/ s::\1\::p' >> "$depfile"
+  rm -f "$tmpdepfile"
+  ;;
+
+msvcmsys)
+  # This case exists only to let depend.m4 do its work.  It works by
+  # looking at the text of this script.  This case will never be run,
+  # since it is checked for above.
+  exit 1
+  ;;
+
+none)
+  exec "$@"
+  ;;
+
+*)
+  echo "Unknown depmode $depmode" 1>&2
+  exit 1
+  ;;
+esac
+
+exit 0
+
+# Local Variables:
+# mode: shell-script
+# sh-indentation: 2
+# eval: (add-hook 'write-file-hooks 'time-stamp)
+# time-stamp-start: "scriptversion="
+# time-stamp-format: "%:y-%02m-%02d.%02H"
+# time-stamp-time-zone: "UTC"
+# time-stamp-end: "; # UTC"
+# End:
diff --git a/3P/wolfssl/build-aux/install-sh b/3P/wolfssl/build-aux/install-sh
new file mode 100755
index 00000000..377bb868
--- /dev/null
+++ b/3P/wolfssl/build-aux/install-sh
@@ -0,0 +1,527 @@
+#!/bin/sh
+# install - install a program, script, or datafile
+
+scriptversion=2011-11-20.07; # UTC
+
+# This originates from X11R5 (mit/util/scripts/install.sh), which was
+# later released in X11R6 (xc/config/util/install.sh) with the
+# following copyright and license.
+#
+# Copyright (C) 1994 X Consortium
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to
+# deal in the Software without restriction, including without limitation the
+# rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
+# sell copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.  IN NO EVENT SHALL THE
+# X CONSORTIUM BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN
+# AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNEC-
+# TION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+#
+# Except as contained in this notice, the name of the X Consortium shall not
+# be used in advertising or otherwise to promote the sale, use or other deal-
+# ings in this Software without prior written authorization from the X Consor-
+# tium.
+#
+#
+# FSF changes to this file are in the public domain.
+#
+# Calling this script install-sh is preferred over install.sh, to prevent
+# 'make' implicit rules from creating a file called install from it
+# when there is no Makefile.
+#
+# This script is compatible with the BSD install script, but was written
+# from scratch.
+
+nl='
+'
+IFS=" ""	$nl"
+
+# set DOITPROG to echo to test this script
+
+# Don't use :- since 4.3BSD and earlier shells don't like it.
+doit=${DOITPROG-}
+if test -z "$doit"; then
+  doit_exec=exec
+else
+  doit_exec=$doit
+fi
+
+# Put in absolute file names if you don't have them in your path;
+# or use environment vars.
+
+chgrpprog=${CHGRPPROG-chgrp}
+chmodprog=${CHMODPROG-chmod}
+chownprog=${CHOWNPROG-chown}
+cmpprog=${CMPPROG-cmp}
+cpprog=${CPPROG-cp}
+mkdirprog=${MKDIRPROG-mkdir}
+mvprog=${MVPROG-mv}
+rmprog=${RMPROG-rm}
+stripprog=${STRIPPROG-strip}
+
+posix_glob='?'
+initialize_posix_glob='
+  test "$posix_glob" != "?" || {
+    if (set -f) 2>/dev/null; then
+      posix_glob=
+    else
+      posix_glob=:
+    fi
+  }
+'
+
+posix_mkdir=
+
+# Desired mode of installed file.
+mode=0755
+
+chgrpcmd=
+chmodcmd=$chmodprog
+chowncmd=
+mvcmd=$mvprog
+rmcmd="$rmprog -f"
+stripcmd=
+
+src=
+dst=
+dir_arg=
+dst_arg=
+
+copy_on_change=false
+no_target_directory=
+
+usage="\
+Usage: $0 [OPTION]... [-T] SRCFILE DSTFILE
+   or: $0 [OPTION]... SRCFILES... DIRECTORY
+   or: $0 [OPTION]... -t DIRECTORY SRCFILES...
+   or: $0 [OPTION]... -d DIRECTORIES...
+
+In the 1st form, copy SRCFILE to DSTFILE.
+In the 2nd and 3rd, copy all SRCFILES to DIRECTORY.
+In the 4th, create DIRECTORIES.
+
+Options:
+     --help     display this help and exit.
+     --version  display version info and exit.
+
+  -c            (ignored)
+  -C            install only if different (preserve the last data modification time)
+  -d            create directories instead of installing files.
+  -g GROUP      $chgrpprog installed files to GROUP.
+  -m MODE       $chmodprog installed files to MODE.
+  -o USER       $chownprog installed files to USER.
+  -s            $stripprog installed files.
+  -t DIRECTORY  install into DIRECTORY.
+  -T            report an error if DSTFILE is a directory.
+
+Environment variables override the default commands:
+  CHGRPPROG CHMODPROG CHOWNPROG CMPPROG CPPROG MKDIRPROG MVPROG
+  RMPROG STRIPPROG
+"
+
+while test $# -ne 0; do
+  case $1 in
+    -c) ;;
+
+    -C) copy_on_change=true;;
+
+    -d) dir_arg=true;;
+
+    -g) chgrpcmd="$chgrpprog $2"
+	shift;;
+
+    --help) echo "$usage"; exit $?;;
+
+    -m) mode=$2
+	case $mode in
+	  *' '* | *'	'* | *'
+'*	  | *'*'* | *'?'* | *'['*)
+	    echo "$0: invalid mode: $mode" >&2
+	    exit 1;;
+	esac
+	shift;;
+
+    -o) chowncmd="$chownprog $2"
+	shift;;
+
+    -s) stripcmd=$stripprog;;
+
+    -t) dst_arg=$2
+	# Protect names problematic for 'test' and other utilities.
+	case $dst_arg in
+	  -* | [=\(\)!]) dst_arg=./$dst_arg;;
+	esac
+	shift;;
+
+    -T) no_target_directory=true;;
+
+    --version) echo "$0 $scriptversion"; exit $?;;
+
+    --)	shift
+	break;;
+
+    -*)	echo "$0: invalid option: $1" >&2
+	exit 1;;
+
+    *)  break;;
+  esac
+  shift
+done
+
+if test $# -ne 0 && test -z "$dir_arg$dst_arg"; then
+  # When -d is used, all remaining arguments are directories to create.
+  # When -t is used, the destination is already specified.
+  # Otherwise, the last argument is the destination.  Remove it from $@.
+  for arg
+  do
+    if test -n "$dst_arg"; then
+      # $@ is not empty: it contains at least $arg.
+      set fnord "$@" "$dst_arg"
+      shift # fnord
+    fi
+    shift # arg
+    dst_arg=$arg
+    # Protect names problematic for 'test' and other utilities.
+    case $dst_arg in
+      -* | [=\(\)!]) dst_arg=./$dst_arg;;
+    esac
+  done
+fi
+
+if test $# -eq 0; then
+  if test -z "$dir_arg"; then
+    echo "$0: no input file specified." >&2
+    exit 1
+  fi
+  # It's OK to call 'install-sh -d' without argument.
+  # This can happen when creating conditional directories.
+  exit 0
+fi
+
+if test -z "$dir_arg"; then
+  do_exit='(exit $ret); exit $ret'
+  trap "ret=129; $do_exit" 1
+  trap "ret=130; $do_exit" 2
+  trap "ret=141; $do_exit" 13
+  trap "ret=143; $do_exit" 15
+
+  # Set umask so as not to create temps with too-generous modes.
+  # However, 'strip' requires both read and write access to temps.
+  case $mode in
+    # Optimize common cases.
+    *644) cp_umask=133;;
+    *755) cp_umask=22;;
+
+    *[0-7])
+      if test -z "$stripcmd"; then
+	u_plus_rw=
+      else
+	u_plus_rw='% 200'
+      fi
+      cp_umask=`expr '(' 777 - $mode % 1000 ')' $u_plus_rw`;;
+    *)
+      if test -z "$stripcmd"; then
+	u_plus_rw=
+      else
+	u_plus_rw=,u+rw
+      fi
+      cp_umask=$mode$u_plus_rw;;
+  esac
+fi
+
+for src
+do
+  # Protect names problematic for 'test' and other utilities.
+  case $src in
+    -* | [=\(\)!]) src=./$src;;
+  esac
+
+  if test -n "$dir_arg"; then
+    dst=$src
+    dstdir=$dst
+    test -d "$dstdir"
+    dstdir_status=$?
+  else
+
+    # Waiting for this to be detected by the "$cpprog $src $dsttmp" command
+    # might cause directories to be created, which would be especially bad
+    # if $src (and thus $dsttmp) contains '*'.
+    if test ! -f "$src" && test ! -d "$src"; then
+      echo "$0: $src does not exist." >&2
+      exit 1
+    fi
+
+    if test -z "$dst_arg"; then
+      echo "$0: no destination specified." >&2
+      exit 1
+    fi
+    dst=$dst_arg
+
+    # If destination is a directory, append the input filename; won't work
+    # if double slashes aren't ignored.
+    if test -d "$dst"; then
+      if test -n "$no_target_directory"; then
+	echo "$0: $dst_arg: Is a directory" >&2
+	exit 1
+      fi
+      dstdir=$dst
+      dst=$dstdir/`basename "$src"`
+      dstdir_status=0
+    else
+      # Prefer dirname, but fall back on a substitute if dirname fails.
+      dstdir=`
+	(dirname "$dst") 2>/dev/null ||
+	expr X"$dst" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
+	     X"$dst" : 'X\(//\)[^/]' \| \
+	     X"$dst" : 'X\(//\)$' \| \
+	     X"$dst" : 'X\(/\)' \| . 2>/dev/null ||
+	echo X"$dst" |
+	    sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{
+		   s//\1/
+		   q
+		 }
+		 /^X\(\/\/\)[^/].*/{
+		   s//\1/
+		   q
+		 }
+		 /^X\(\/\/\)$/{
+		   s//\1/
+		   q
+		 }
+		 /^X\(\/\).*/{
+		   s//\1/
+		   q
+		 }
+		 s/.*/./; q'
+      `
+
+      test -d "$dstdir"
+      dstdir_status=$?
+    fi
+  fi
+
+  obsolete_mkdir_used=false
+
+  if test $dstdir_status != 0; then
+    case $posix_mkdir in
+      '')
+	# Create intermediate dirs using mode 755 as modified by the umask.
+	# This is like FreeBSD 'install' as of 1997-10-28.
+	umask=`umask`
+	case $stripcmd.$umask in
+	  # Optimize common cases.
+	  *[2367][2367]) mkdir_umask=$umask;;
+	  .*0[02][02] | .[02][02] | .[02]) mkdir_umask=22;;
+
+	  *[0-7])
+	    mkdir_umask=`expr $umask + 22 \
+	      - $umask % 100 % 40 + $umask % 20 \
+	      - $umask % 10 % 4 + $umask % 2
+	    `;;
+	  *) mkdir_umask=$umask,go-w;;
+	esac
+
+	# With -d, create the new directory with the user-specified mode.
+	# Otherwise, rely on $mkdir_umask.
+	if test -n "$dir_arg"; then
+	  mkdir_mode=-m$mode
+	else
+	  mkdir_mode=
+	fi
+
+	posix_mkdir=false
+	case $umask in
+	  *[123567][0-7][0-7])
+	    # POSIX mkdir -p sets u+wx bits regardless of umask, which
+	    # is incompatible with FreeBSD 'install' when (umask & 300) != 0.
+	    ;;
+	  *)
+	    tmpdir=${TMPDIR-/tmp}/ins$RANDOM-$$
+	    trap 'ret=$?; rmdir "$tmpdir/d" "$tmpdir" 2>/dev/null; exit $ret' 0
+
+	    if (umask $mkdir_umask &&
+		exec $mkdirprog $mkdir_mode -p -- "$tmpdir/d") >/dev/null 2>&1
+	    then
+	      if test -z "$dir_arg" || {
+		   # Check for POSIX incompatibilities with -m.
+		   # HP-UX 11.23 and IRIX 6.5 mkdir -m -p sets group- or
+		   # other-writable bit of parent directory when it shouldn't.
+		   # FreeBSD 6.1 mkdir -m -p sets mode of existing directory.
+		   ls_ld_tmpdir=`ls -ld "$tmpdir"`
+		   case $ls_ld_tmpdir in
+		     d????-?r-*) different_mode=700;;
+		     d????-?--*) different_mode=755;;
+		     *) false;;
+		   esac &&
+		   $mkdirprog -m$different_mode -p -- "$tmpdir" && {
+		     ls_ld_tmpdir_1=`ls -ld "$tmpdir"`
+		     test "$ls_ld_tmpdir" = "$ls_ld_tmpdir_1"
+		   }
+		 }
+	      then posix_mkdir=:
+	      fi
+	      rmdir "$tmpdir/d" "$tmpdir"
+	    else
+	      # Remove any dirs left behind by ancient mkdir implementations.
+	      rmdir ./$mkdir_mode ./-p ./-- 2>/dev/null
+	    fi
+	    trap '' 0;;
+	esac;;
+    esac
+
+    if
+      $posix_mkdir && (
+	umask $mkdir_umask &&
+	$doit_exec $mkdirprog $mkdir_mode -p -- "$dstdir"
+      )
+    then :
+    else
+
+      # The umask is ridiculous, or mkdir does not conform to POSIX,
+      # or it failed possibly due to a race condition.  Create the
+      # directory the slow way, step by step, checking for races as we go.
+
+      case $dstdir in
+	/*) prefix='/';;
+	[-=\(\)!]*) prefix='./';;
+	*)  prefix='';;
+      esac
+
+      eval "$initialize_posix_glob"
+
+      oIFS=$IFS
+      IFS=/
+      $posix_glob set -f
+      set fnord $dstdir
+      shift
+      $posix_glob set +f
+      IFS=$oIFS
+
+      prefixes=
+
+      for d
+      do
+	test X"$d" = X && continue
+
+	prefix=$prefix$d
+	if test -d "$prefix"; then
+	  prefixes=
+	else
+	  if $posix_mkdir; then
+	    (umask=$mkdir_umask &&
+	     $doit_exec $mkdirprog $mkdir_mode -p -- "$dstdir") && break
+	    # Don't fail if two instances are running concurrently.
+	    test -d "$prefix" || exit 1
+	  else
+	    case $prefix in
+	      *\'*) qprefix=`echo "$prefix" | sed "s/'/'\\\\\\\\''/g"`;;
+	      *) qprefix=$prefix;;
+	    esac
+	    prefixes="$prefixes '$qprefix'"
+	  fi
+	fi
+	prefix=$prefix/
+      done
+
+      if test -n "$prefixes"; then
+	# Don't fail if two instances are running concurrently.
+	(umask $mkdir_umask &&
+	 eval "\$doit_exec \$mkdirprog $prefixes") ||
+	  test -d "$dstdir" || exit 1
+	obsolete_mkdir_used=true
+      fi
+    fi
+  fi
+
+  if test -n "$dir_arg"; then
+    { test -z "$chowncmd" || $doit $chowncmd "$dst"; } &&
+    { test -z "$chgrpcmd" || $doit $chgrpcmd "$dst"; } &&
+    { test "$obsolete_mkdir_used$chowncmd$chgrpcmd" = false ||
+      test -z "$chmodcmd" || $doit $chmodcmd $mode "$dst"; } || exit 1
+  else
+
+    # Make a couple of temp file names in the proper directory.
+    dsttmp=$dstdir/_inst.$$_
+    rmtmp=$dstdir/_rm.$$_
+
+    # Trap to clean up those temp files at exit.
+    trap 'ret=$?; rm -f "$dsttmp" "$rmtmp" && exit $ret' 0
+
+    # Copy the file name to the temp name.
+    (umask $cp_umask && $doit_exec $cpprog "$src" "$dsttmp") &&
+
+    # and set any options; do chmod last to preserve setuid bits.
+    #
+    # If any of these fail, we abort the whole thing.  If we want to
+    # ignore errors from any of these, just make sure not to ignore
+    # errors from the above "$doit $cpprog $src $dsttmp" command.
+    #
+    { test -z "$chowncmd" || $doit $chowncmd "$dsttmp"; } &&
+    { test -z "$chgrpcmd" || $doit $chgrpcmd "$dsttmp"; } &&
+    { test -z "$stripcmd" || $doit $stripcmd "$dsttmp"; } &&
+    { test -z "$chmodcmd" || $doit $chmodcmd $mode "$dsttmp"; } &&
+
+    # If -C, don't bother to copy if it wouldn't change the file.
+    if $copy_on_change &&
+       old=`LC_ALL=C ls -dlL "$dst"	2>/dev/null` &&
+       new=`LC_ALL=C ls -dlL "$dsttmp"	2>/dev/null` &&
+
+       eval "$initialize_posix_glob" &&
+       $posix_glob set -f &&
+       set X $old && old=:$2:$4:$5:$6 &&
+       set X $new && new=:$2:$4:$5:$6 &&
+       $posix_glob set +f &&
+
+       test "$old" = "$new" &&
+       $cmpprog "$dst" "$dsttmp" >/dev/null 2>&1
+    then
+      rm -f "$dsttmp"
+    else
+      # Rename the file to the real destination.
+      $doit $mvcmd -f "$dsttmp" "$dst" 2>/dev/null ||
+
+      # The rename failed, perhaps because mv can't rename something else
+      # to itself, or perhaps because mv is so ancient that it does not
+      # support -f.
+      {
+	# Now remove or move aside any old file at destination location.
+	# We try this two ways since rm can't unlink itself on some
+	# systems and the destination file might be busy for other
+	# reasons.  In this case, the final cleanup might fail but the new
+	# file should still install successfully.
+	{
+	  test ! -f "$dst" ||
+	  $doit $rmcmd -f "$dst" 2>/dev/null ||
+	  { $doit $mvcmd -f "$dst" "$rmtmp" 2>/dev/null &&
+	    { $doit $rmcmd -f "$rmtmp" 2>/dev/null; :; }
+	  } ||
+	  { echo "$0: cannot unlink or rename $dst" >&2
+	    (exit 1); exit 1
+	  }
+	} &&
+
+	# Now rename the file to the real destination.
+	$doit $mvcmd "$dsttmp" "$dst"
+      }
+    fi || exit 1
+
+    trap '' 0
+  fi
+done
+
+# Local variables:
+# eval: (add-hook 'write-file-hooks 'time-stamp)
+# time-stamp-start: "scriptversion="
+# time-stamp-format: "%:y-%02m-%02d.%02H"
+# time-stamp-time-zone: "UTC"
+# time-stamp-end: "; # UTC"
+# End:
diff --git a/3P/wolfssl/build-aux/ltmain.sh b/3P/wolfssl/build-aux/ltmain.sh
new file mode 100644
index 00000000..9ae038c2
--- /dev/null
+++ b/3P/wolfssl/build-aux/ltmain.sh
@@ -0,0 +1,9656 @@
+
+# libtool (GNU libtool) 2.4.2
+# Written by Gordon Matzigkeit , 1996
+
+# Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2003, 2004, 2005, 2006,
+# 2007, 2008, 2009, 2010, 2011 Free Software Foundation, Inc.
+# This is free software; see the source for copying conditions.  There is NO
+# warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+
+# GNU Libtool is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# As a special exception to the GNU General Public License,
+# if you distribute this file as part of a program or library that
+# is built using GNU Libtool, you may include this file under the
+# same distribution terms that you use for the rest of that program.
+#
+# GNU Libtool is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with GNU Libtool; see the file COPYING.  If not, a copy
+# can be downloaded from http://www.gnu.org/licenses/gpl.html,
+# or obtained by writing to the Free Software Foundation, Inc.,
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+
+# Usage: $progname [OPTION]... [MODE-ARG]...
+#
+# Provide generalized library-building support services.
+#
+#       --config             show all configuration variables
+#       --debug              enable verbose shell tracing
+#   -n, --dry-run            display commands without modifying any files
+#       --features           display basic configuration information and exit
+#       --mode=MODE          use operation mode MODE
+#       --preserve-dup-deps  don't remove duplicate dependency libraries
+#       --quiet, --silent    don't print informational messages
+#       --no-quiet, --no-silent
+#                            print informational messages (default)
+#       --no-warn            don't display warning messages
+#       --tag=TAG            use configuration variables from tag TAG
+#   -v, --verbose            print more informational messages than default
+#       --no-verbose         don't print the extra informational messages
+#       --version            print version information
+#   -h, --help, --help-all   print short, long, or detailed help message
+#
+# MODE must be one of the following:
+#
+#         clean              remove files from the build directory
+#         compile            compile a source file into a libtool object
+#         execute            automatically set library path, then run a program
+#         finish             complete the installation of libtool libraries
+#         install            install libraries or executables
+#         link               create a library or an executable
+#         uninstall          remove libraries from an installed directory
+#
+# MODE-ARGS vary depending on the MODE.  When passed as first option,
+# `--mode=MODE' may be abbreviated as `MODE' or a unique abbreviation of that.
+# Try `$progname --help --mode=MODE' for a more detailed description of MODE.
+#
+# When reporting a bug, please describe a test case to reproduce it and
+# include the following information:
+#
+#         host-triplet:	$host
+#         shell:		$SHELL
+#         compiler:		$LTCC
+#         compiler flags:		$LTCFLAGS
+#         linker:		$LD (gnu? $with_gnu_ld)
+#         $progname:	(GNU libtool) 2.4.2
+#         automake:	$automake_version
+#         autoconf:	$autoconf_version
+#
+# Report bugs to .
+# GNU libtool home page: .
+# General help using GNU software: .
+
+PROGRAM=libtool
+PACKAGE=libtool
+VERSION=2.4.2
+TIMESTAMP=""
+package_revision=1.3337
+
+# Be Bourne compatible
+if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then
+  emulate sh
+  NULLCMD=:
+  # Zsh 3.x and 4.x performs word splitting on ${1+"$@"}, which
+  # is contrary to our usage.  Disable this feature.
+  alias -g '${1+"$@"}'='"$@"'
+  setopt NO_GLOB_SUBST
+else
+  case `(set -o) 2>/dev/null` in *posix*) set -o posix;; esac
+fi
+BIN_SH=xpg4; export BIN_SH # for Tru64
+DUALCASE=1; export DUALCASE # for MKS sh
+
+# A function that is used when there is no print builtin or printf.
+func_fallback_echo ()
+{
+  eval 'cat <<_LTECHO_EOF
+$1
+_LTECHO_EOF'
+}
+
+# NLS nuisances: We save the old values to restore during execute mode.
+lt_user_locale=
+lt_safe_locale=
+for lt_var in LANG LANGUAGE LC_ALL LC_CTYPE LC_COLLATE LC_MESSAGES
+do
+  eval "if test \"\${$lt_var+set}\" = set; then
+          save_$lt_var=\$$lt_var
+          $lt_var=C
+	  export $lt_var
+	  lt_user_locale=\"$lt_var=\\\$save_\$lt_var; \$lt_user_locale\"
+	  lt_safe_locale=\"$lt_var=C; \$lt_safe_locale\"
+	fi"
+done
+LC_ALL=C
+LANGUAGE=C
+export LANGUAGE LC_ALL
+
+$lt_unset CDPATH
+
+
+# Work around backward compatibility issue on IRIX 6.5. On IRIX 6.4+, sh
+# is ksh but when the shell is invoked as "sh" and the current value of
+# the _XPG environment variable is not equal to 1 (one), the special
+# positional parameter $0, within a function call, is the name of the
+# function.
+progpath="$0"
+
+
+
+: ${CP="cp -f"}
+test "${ECHO+set}" = set || ECHO=${as_echo-'printf %s\n'}
+: ${MAKE="make"}
+: ${MKDIR="mkdir"}
+: ${MV="mv -f"}
+: ${RM="rm -f"}
+: ${SHELL="${CONFIG_SHELL-/bin/sh}"}
+: ${Xsed="$SED -e 1s/^X//"}
+
+# Global variables:
+EXIT_SUCCESS=0
+EXIT_FAILURE=1
+EXIT_MISMATCH=63  # $? = 63 is used to indicate version mismatch to missing.
+EXIT_SKIP=77	  # $? = 77 is used to indicate a skipped test to automake.
+
+exit_status=$EXIT_SUCCESS
+
+# Make sure IFS has a sensible default
+lt_nl='
+'
+IFS=" 	$lt_nl"
+
+dirname="s,/[^/]*$,,"
+basename="s,^.*/,,"
+
+# func_dirname file append nondir_replacement
+# Compute the dirname of FILE.  If nonempty, add APPEND to the result,
+# otherwise set result to NONDIR_REPLACEMENT.
+func_dirname ()
+{
+    func_dirname_result=`$ECHO "${1}" | $SED "$dirname"`
+    if test "X$func_dirname_result" = "X${1}"; then
+      func_dirname_result="${3}"
+    else
+      func_dirname_result="$func_dirname_result${2}"
+    fi
+} # func_dirname may be replaced by extended shell implementation
+
+
+# func_basename file
+func_basename ()
+{
+    func_basename_result=`$ECHO "${1}" | $SED "$basename"`
+} # func_basename may be replaced by extended shell implementation
+
+
+# func_dirname_and_basename file append nondir_replacement
+# perform func_basename and func_dirname in a single function
+# call:
+#   dirname:  Compute the dirname of FILE.  If nonempty,
+#             add APPEND to the result, otherwise set result
+#             to NONDIR_REPLACEMENT.
+#             value returned in "$func_dirname_result"
+#   basename: Compute filename of FILE.
+#             value retuned in "$func_basename_result"
+# Implementation must be kept synchronized with func_dirname
+# and func_basename. For efficiency, we do not delegate to
+# those functions but instead duplicate the functionality here.
+func_dirname_and_basename ()
+{
+    # Extract subdirectory from the argument.
+    func_dirname_result=`$ECHO "${1}" | $SED -e "$dirname"`
+    if test "X$func_dirname_result" = "X${1}"; then
+      func_dirname_result="${3}"
+    else
+      func_dirname_result="$func_dirname_result${2}"
+    fi
+    func_basename_result=`$ECHO "${1}" | $SED -e "$basename"`
+} # func_dirname_and_basename may be replaced by extended shell implementation
+
+
+# func_stripname prefix suffix name
+# strip PREFIX and SUFFIX off of NAME.
+# PREFIX and SUFFIX must not contain globbing or regex special
+# characters, hashes, percent signs, but SUFFIX may contain a leading
+# dot (in which case that matches only a dot).
+# func_strip_suffix prefix name
+func_stripname ()
+{
+    case ${2} in
+      .*) func_stripname_result=`$ECHO "${3}" | $SED "s%^${1}%%; s%\\\\${2}\$%%"`;;
+      *)  func_stripname_result=`$ECHO "${3}" | $SED "s%^${1}%%; s%${2}\$%%"`;;
+    esac
+} # func_stripname may be replaced by extended shell implementation
+
+
+# These SED scripts presuppose an absolute path with a trailing slash.
+pathcar='s,^/\([^/]*\).*$,\1,'
+pathcdr='s,^/[^/]*,,'
+removedotparts=':dotsl
+		s@/\./@/@g
+		t dotsl
+		s,/\.$,/,'
+collapseslashes='s@/\{1,\}@/@g'
+finalslash='s,/*$,/,'
+
+# func_normal_abspath PATH
+# Remove doubled-up and trailing slashes, "." path components,
+# and cancel out any ".." path components in PATH after making
+# it an absolute path.
+#             value returned in "$func_normal_abspath_result"
+func_normal_abspath ()
+{
+  # Start from root dir and reassemble the path.
+  func_normal_abspath_result=
+  func_normal_abspath_tpath=$1
+  func_normal_abspath_altnamespace=
+  case $func_normal_abspath_tpath in
+    "")
+      # Empty path, that just means $cwd.
+      func_stripname '' '/' "`pwd`"
+      func_normal_abspath_result=$func_stripname_result
+      return
+    ;;
+    # The next three entries are used to spot a run of precisely
+    # two leading slashes without using negated character classes;
+    # we take advantage of case's first-match behaviour.
+    ///*)
+      # Unusual form of absolute path, do nothing.
+    ;;
+    //*)
+      # Not necessarily an ordinary path; POSIX reserves leading '//'
+      # and for example Cygwin uses it to access remote file shares
+      # over CIFS/SMB, so we conserve a leading double slash if found.
+      func_normal_abspath_altnamespace=/
+    ;;
+    /*)
+      # Absolute path, do nothing.
+    ;;
+    *)
+      # Relative path, prepend $cwd.
+      func_normal_abspath_tpath=`pwd`/$func_normal_abspath_tpath
+    ;;
+  esac
+  # Cancel out all the simple stuff to save iterations.  We also want
+  # the path to end with a slash for ease of parsing, so make sure
+  # there is one (and only one) here.
+  func_normal_abspath_tpath=`$ECHO "$func_normal_abspath_tpath" | $SED \
+        -e "$removedotparts" -e "$collapseslashes" -e "$finalslash"`
+  while :; do
+    # Processed it all yet?
+    if test "$func_normal_abspath_tpath" = / ; then
+      # If we ascended to the root using ".." the result may be empty now.
+      if test -z "$func_normal_abspath_result" ; then
+        func_normal_abspath_result=/
+      fi
+      break
+    fi
+    func_normal_abspath_tcomponent=`$ECHO "$func_normal_abspath_tpath" | $SED \
+        -e "$pathcar"`
+    func_normal_abspath_tpath=`$ECHO "$func_normal_abspath_tpath" | $SED \
+        -e "$pathcdr"`
+    # Figure out what to do with it
+    case $func_normal_abspath_tcomponent in
+      "")
+        # Trailing empty path component, ignore it.
+      ;;
+      ..)
+        # Parent dir; strip last assembled component from result.
+        func_dirname "$func_normal_abspath_result"
+        func_normal_abspath_result=$func_dirname_result
+      ;;
+      *)
+        # Actual path component, append it.
+        func_normal_abspath_result=$func_normal_abspath_result/$func_normal_abspath_tcomponent
+      ;;
+    esac
+  done
+  # Restore leading double-slash if one was found on entry.
+  func_normal_abspath_result=$func_normal_abspath_altnamespace$func_normal_abspath_result
+}
+
+# func_relative_path SRCDIR DSTDIR
+# generates a relative path from SRCDIR to DSTDIR, with a trailing
+# slash if non-empty, suitable for immediately appending a filename
+# without needing to append a separator.
+#             value returned in "$func_relative_path_result"
+func_relative_path ()
+{
+  func_relative_path_result=
+  func_normal_abspath "$1"
+  func_relative_path_tlibdir=$func_normal_abspath_result
+  func_normal_abspath "$2"
+  func_relative_path_tbindir=$func_normal_abspath_result
+
+  # Ascend the tree starting from libdir
+  while :; do
+    # check if we have found a prefix of bindir
+    case $func_relative_path_tbindir in
+      $func_relative_path_tlibdir)
+        # found an exact match
+        func_relative_path_tcancelled=
+        break
+        ;;
+      $func_relative_path_tlibdir*)
+        # found a matching prefix
+        func_stripname "$func_relative_path_tlibdir" '' "$func_relative_path_tbindir"
+        func_relative_path_tcancelled=$func_stripname_result
+        if test -z "$func_relative_path_result"; then
+          func_relative_path_result=.
+        fi
+        break
+        ;;
+      *)
+        func_dirname $func_relative_path_tlibdir
+        func_relative_path_tlibdir=${func_dirname_result}
+        if test "x$func_relative_path_tlibdir" = x ; then
+          # Have to descend all the way to the root!
+          func_relative_path_result=../$func_relative_path_result
+          func_relative_path_tcancelled=$func_relative_path_tbindir
+          break
+        fi
+        func_relative_path_result=../$func_relative_path_result
+        ;;
+    esac
+  done
+
+  # Now calculate path; take care to avoid doubling-up slashes.
+  func_stripname '' '/' "$func_relative_path_result"
+  func_relative_path_result=$func_stripname_result
+  func_stripname '/' '/' "$func_relative_path_tcancelled"
+  if test "x$func_stripname_result" != x ; then
+    func_relative_path_result=${func_relative_path_result}/${func_stripname_result}
+  fi
+
+  # Normalisation. If bindir is libdir, return empty string,
+  # else relative path ending with a slash; either way, target
+  # file name can be directly appended.
+  if test ! -z "$func_relative_path_result"; then
+    func_stripname './' '' "$func_relative_path_result/"
+    func_relative_path_result=$func_stripname_result
+  fi
+}
+
+# The name of this program:
+func_dirname_and_basename "$progpath"
+progname=$func_basename_result
+
+# Make sure we have an absolute path for reexecution:
+case $progpath in
+  [\\/]*|[A-Za-z]:\\*) ;;
+  *[\\/]*)
+     progdir=$func_dirname_result
+     progdir=`cd "$progdir" && pwd`
+     progpath="$progdir/$progname"
+     ;;
+  *)
+     save_IFS="$IFS"
+     IFS=${PATH_SEPARATOR-:}
+     for progdir in $PATH; do
+       IFS="$save_IFS"
+       test -x "$progdir/$progname" && break
+     done
+     IFS="$save_IFS"
+     test -n "$progdir" || progdir=`pwd`
+     progpath="$progdir/$progname"
+     ;;
+esac
+
+# Sed substitution that helps us do robust quoting.  It backslashifies
+# metacharacters that are still active within double-quoted strings.
+Xsed="${SED}"' -e 1s/^X//'
+sed_quote_subst='s/\([`"$\\]\)/\\\1/g'
+
+# Same as above, but do not quote variable references.
+double_quote_subst='s/\(["`\\]\)/\\\1/g'
+
+# Sed substitution that turns a string into a regex matching for the
+# string literally.
+sed_make_literal_regex='s,[].[^$\\*\/],\\&,g'
+
+# Sed substitution that converts a w32 file name or path
+# which contains forward slashes, into one that contains
+# (escaped) backslashes.  A very naive implementation.
+lt_sed_naive_backslashify='s|\\\\*|\\|g;s|/|\\|g;s|\\|\\\\|g'
+
+# Re-`\' parameter expansions in output of double_quote_subst that were
+# `\'-ed in input to the same.  If an odd number of `\' preceded a '$'
+# in input to double_quote_subst, that '$' was protected from expansion.
+# Since each input `\' is now two `\'s, look for any number of runs of
+# four `\'s followed by two `\'s and then a '$'.  `\' that '$'.
+bs='\\'
+bs2='\\\\'
+bs4='\\\\\\\\'
+dollar='\$'
+sed_double_backslash="\
+  s/$bs4/&\\
+/g
+  s/^$bs2$dollar/$bs&/
+  s/\\([^$bs]\\)$bs2$dollar/\\1$bs2$bs$dollar/g
+  s/\n//g"
+
+# Standard options:
+opt_dry_run=false
+opt_help=false
+opt_quiet=false
+opt_verbose=false
+opt_warning=:
+
+# func_echo arg...
+# Echo program name prefixed message, along with the current mode
+# name if it has been set yet.
+func_echo ()
+{
+    $ECHO "$progname: ${opt_mode+$opt_mode: }$*"
+}
+
+# func_verbose arg...
+# Echo program name prefixed message in verbose mode only.
+func_verbose ()
+{
+    $opt_verbose && func_echo ${1+"$@"}
+
+    # A bug in bash halts the script if the last line of a function
+    # fails when set -e is in force, so we need another command to
+    # work around that:
+    :
+}
+
+# func_echo_all arg...
+# Invoke $ECHO with all args, space-separated.
+func_echo_all ()
+{
+    $ECHO "$*"
+}
+
+# func_error arg...
+# Echo program name prefixed message to standard error.
+func_error ()
+{
+    $ECHO "$progname: ${opt_mode+$opt_mode: }"${1+"$@"} 1>&2
+}
+
+# func_warning arg...
+# Echo program name prefixed warning message to standard error.
+func_warning ()
+{
+    $opt_warning && $ECHO "$progname: ${opt_mode+$opt_mode: }warning: "${1+"$@"} 1>&2
+
+    # bash bug again:
+    :
+}
+
+# func_fatal_error arg...
+# Echo program name prefixed message to standard error, and exit.
+func_fatal_error ()
+{
+    func_error ${1+"$@"}
+    exit $EXIT_FAILURE
+}
+
+# func_fatal_help arg...
+# Echo program name prefixed message to standard error, followed by
+# a help hint, and exit.
+func_fatal_help ()
+{
+    func_error ${1+"$@"}
+    func_fatal_error "$help"
+}
+help="Try \`$progname --help' for more information."  ## default
+
+
+# func_grep expression filename
+# Check whether EXPRESSION matches any line of FILENAME, without output.
+func_grep ()
+{
+    $GREP "$1" "$2" >/dev/null 2>&1
+}
+
+
+# func_mkdir_p directory-path
+# Make sure the entire path to DIRECTORY-PATH is available.
+func_mkdir_p ()
+{
+    my_directory_path="$1"
+    my_dir_list=
+
+    if test -n "$my_directory_path" && test "$opt_dry_run" != ":"; then
+
+      # Protect directory names starting with `-'
+      case $my_directory_path in
+        -*) my_directory_path="./$my_directory_path" ;;
+      esac
+
+      # While some portion of DIR does not yet exist...
+      while test ! -d "$my_directory_path"; do
+        # ...make a list in topmost first order.  Use a colon delimited
+	# list incase some portion of path contains whitespace.
+        my_dir_list="$my_directory_path:$my_dir_list"
+
+        # If the last portion added has no slash in it, the list is done
+        case $my_directory_path in */*) ;; *) break ;; esac
+
+        # ...otherwise throw away the child directory and loop
+        my_directory_path=`$ECHO "$my_directory_path" | $SED -e "$dirname"`
+      done
+      my_dir_list=`$ECHO "$my_dir_list" | $SED 's,:*$,,'`
+
+      save_mkdir_p_IFS="$IFS"; IFS=':'
+      for my_dir in $my_dir_list; do
+	IFS="$save_mkdir_p_IFS"
+        # mkdir can fail with a `File exist' error if two processes
+        # try to create one of the directories concurrently.  Don't
+        # stop in that case!
+        $MKDIR "$my_dir" 2>/dev/null || :
+      done
+      IFS="$save_mkdir_p_IFS"
+
+      # Bail out if we (or some other process) failed to create a directory.
+      test -d "$my_directory_path" || \
+        func_fatal_error "Failed to create \`$1'"
+    fi
+}
+
+
+# func_mktempdir [string]
+# Make a temporary directory that won't clash with other running
+# libtool processes, and avoids race conditions if possible.  If
+# given, STRING is the basename for that directory.
+func_mktempdir ()
+{
+    my_template="${TMPDIR-/tmp}/${1-$progname}"
+
+    if test "$opt_dry_run" = ":"; then
+      # Return a directory name, but don't create it in dry-run mode
+      my_tmpdir="${my_template}-$$"
+    else
+
+      # If mktemp works, use that first and foremost
+      my_tmpdir=`mktemp -d "${my_template}-XXXXXXXX" 2>/dev/null`
+
+      if test ! -d "$my_tmpdir"; then
+        # Failing that, at least try and use $RANDOM to avoid a race
+        my_tmpdir="${my_template}-${RANDOM-0}$$"
+
+        save_mktempdir_umask=`umask`
+        umask 0077
+        $MKDIR "$my_tmpdir"
+        umask $save_mktempdir_umask
+      fi
+
+      # If we're not in dry-run mode, bomb out on failure
+      test -d "$my_tmpdir" || \
+        func_fatal_error "cannot create temporary directory \`$my_tmpdir'"
+    fi
+
+    $ECHO "$my_tmpdir"
+}
+
+
+# func_quote_for_eval arg
+# Aesthetically quote ARG to be evaled later.
+# This function returns two values: FUNC_QUOTE_FOR_EVAL_RESULT
+# is double-quoted, suitable for a subsequent eval, whereas
+# FUNC_QUOTE_FOR_EVAL_UNQUOTED_RESULT has merely all characters
+# which are still active within double quotes backslashified.
+func_quote_for_eval ()
+{
+    case $1 in
+      *[\\\`\"\$]*)
+	func_quote_for_eval_unquoted_result=`$ECHO "$1" | $SED "$sed_quote_subst"` ;;
+      *)
+        func_quote_for_eval_unquoted_result="$1" ;;
+    esac
+
+    case $func_quote_for_eval_unquoted_result in
+      # Double-quote args containing shell metacharacters to delay
+      # word splitting, command substitution and and variable
+      # expansion for a subsequent eval.
+      # Many Bourne shells cannot handle close brackets correctly
+      # in scan sets, so we specify it separately.
+      *[\[\~\#\^\&\*\(\)\{\}\|\;\<\>\?\'\ \	]*|*]*|"")
+        func_quote_for_eval_result="\"$func_quote_for_eval_unquoted_result\""
+        ;;
+      *)
+        func_quote_for_eval_result="$func_quote_for_eval_unquoted_result"
+    esac
+}
+
+
+# func_quote_for_expand arg
+# Aesthetically quote ARG to be evaled later; same as above,
+# but do not quote variable references.
+func_quote_for_expand ()
+{
+    case $1 in
+      *[\\\`\"]*)
+	my_arg=`$ECHO "$1" | $SED \
+	    -e "$double_quote_subst" -e "$sed_double_backslash"` ;;
+      *)
+        my_arg="$1" ;;
+    esac
+
+    case $my_arg in
+      # Double-quote args containing shell metacharacters to delay
+      # word splitting and command substitution for a subsequent eval.
+      # Many Bourne shells cannot handle close brackets correctly
+      # in scan sets, so we specify it separately.
+      *[\[\~\#\^\&\*\(\)\{\}\|\;\<\>\?\'\ \	]*|*]*|"")
+        my_arg="\"$my_arg\""
+        ;;
+    esac
+
+    func_quote_for_expand_result="$my_arg"
+}
+
+
+# func_show_eval cmd [fail_exp]
+# Unless opt_silent is true, then output CMD.  Then, if opt_dryrun is
+# not true, evaluate CMD.  If the evaluation of CMD fails, and FAIL_EXP
+# is given, then evaluate it.
+func_show_eval ()
+{
+    my_cmd="$1"
+    my_fail_exp="${2-:}"
+
+    ${opt_silent-false} || {
+      func_quote_for_expand "$my_cmd"
+      eval "func_echo $func_quote_for_expand_result"
+    }
+
+    if ${opt_dry_run-false}; then :; else
+      eval "$my_cmd"
+      my_status=$?
+      if test "$my_status" -eq 0; then :; else
+	eval "(exit $my_status); $my_fail_exp"
+      fi
+    fi
+}
+
+
+# func_show_eval_locale cmd [fail_exp]
+# Unless opt_silent is true, then output CMD.  Then, if opt_dryrun is
+# not true, evaluate CMD.  If the evaluation of CMD fails, and FAIL_EXP
+# is given, then evaluate it.  Use the saved locale for evaluation.
+func_show_eval_locale ()
+{
+    my_cmd="$1"
+    my_fail_exp="${2-:}"
+
+    ${opt_silent-false} || {
+      func_quote_for_expand "$my_cmd"
+      eval "func_echo $func_quote_for_expand_result"
+    }
+
+    if ${opt_dry_run-false}; then :; else
+      eval "$lt_user_locale
+	    $my_cmd"
+      my_status=$?
+      eval "$lt_safe_locale"
+      if test "$my_status" -eq 0; then :; else
+	eval "(exit $my_status); $my_fail_exp"
+      fi
+    fi
+}
+
+# func_tr_sh
+# Turn $1 into a string suitable for a shell variable name.
+# Result is stored in $func_tr_sh_result.  All characters
+# not in the set a-zA-Z0-9_ are replaced with '_'. Further,
+# if $1 begins with a digit, a '_' is prepended as well.
+func_tr_sh ()
+{
+  case $1 in
+  [0-9]* | *[!a-zA-Z0-9_]*)
+    func_tr_sh_result=`$ECHO "$1" | $SED 's/^\([0-9]\)/_\1/; s/[^a-zA-Z0-9_]/_/g'`
+    ;;
+  * )
+    func_tr_sh_result=$1
+    ;;
+  esac
+}
+
+
+# func_version
+# Echo version message to standard output and exit.
+func_version ()
+{
+    $opt_debug
+
+    $SED -n '/(C)/!b go
+	:more
+	/\./!{
+	  N
+	  s/\n# / /
+	  b more
+	}
+	:go
+	/^# '$PROGRAM' (GNU /,/# warranty; / {
+        s/^# //
+	s/^# *$//
+        s/\((C)\)[ 0-9,-]*\( [1-9][0-9]*\)/\1\2/
+        p
+     }' < "$progpath"
+     exit $?
+}
+
+# func_usage
+# Echo short help message to standard output and exit.
+func_usage ()
+{
+    $opt_debug
+
+    $SED -n '/^# Usage:/,/^#  *.*--help/ {
+        s/^# //
+	s/^# *$//
+	s/\$progname/'$progname'/
+	p
+    }' < "$progpath"
+    echo
+    $ECHO "run \`$progname --help | more' for full usage"
+    exit $?
+}
+
+# func_help [NOEXIT]
+# Echo long help message to standard output and exit,
+# unless 'noexit' is passed as argument.
+func_help ()
+{
+    $opt_debug
+
+    $SED -n '/^# Usage:/,/# Report bugs to/ {
+	:print
+        s/^# //
+	s/^# *$//
+	s*\$progname*'$progname'*
+	s*\$host*'"$host"'*
+	s*\$SHELL*'"$SHELL"'*
+	s*\$LTCC*'"$LTCC"'*
+	s*\$LTCFLAGS*'"$LTCFLAGS"'*
+	s*\$LD*'"$LD"'*
+	s/\$with_gnu_ld/'"$with_gnu_ld"'/
+	s/\$automake_version/'"`(${AUTOMAKE-automake} --version) 2>/dev/null |$SED 1q`"'/
+	s/\$autoconf_version/'"`(${AUTOCONF-autoconf} --version) 2>/dev/null |$SED 1q`"'/
+	p
+	d
+     }
+     /^# .* home page:/b print
+     /^# General help using/b print
+     ' < "$progpath"
+    ret=$?
+    if test -z "$1"; then
+      exit $ret
+    fi
+}
+
+# func_missing_arg argname
+# Echo program name prefixed message to standard error and set global
+# exit_cmd.
+func_missing_arg ()
+{
+    $opt_debug
+
+    func_error "missing argument for $1."
+    exit_cmd=exit
+}
+
+
+# func_split_short_opt shortopt
+# Set func_split_short_opt_name and func_split_short_opt_arg shell
+# variables after splitting SHORTOPT after the 2nd character.
+func_split_short_opt ()
+{
+    my_sed_short_opt='1s/^\(..\).*$/\1/;q'
+    my_sed_short_rest='1s/^..\(.*\)$/\1/;q'
+
+    func_split_short_opt_name=`$ECHO "$1" | $SED "$my_sed_short_opt"`
+    func_split_short_opt_arg=`$ECHO "$1" | $SED "$my_sed_short_rest"`
+} # func_split_short_opt may be replaced by extended shell implementation
+
+
+# func_split_long_opt longopt
+# Set func_split_long_opt_name and func_split_long_opt_arg shell
+# variables after splitting LONGOPT at the `=' sign.
+func_split_long_opt ()
+{
+    my_sed_long_opt='1s/^\(--[^=]*\)=.*/\1/;q'
+    my_sed_long_arg='1s/^--[^=]*=//'
+
+    func_split_long_opt_name=`$ECHO "$1" | $SED "$my_sed_long_opt"`
+    func_split_long_opt_arg=`$ECHO "$1" | $SED "$my_sed_long_arg"`
+} # func_split_long_opt may be replaced by extended shell implementation
+
+exit_cmd=:
+
+
+
+
+
+magic="%%%MAGIC variable%%%"
+magic_exe="%%%MAGIC EXE variable%%%"
+
+# Global variables.
+nonopt=
+preserve_args=
+lo2o="s/\\.lo\$/.${objext}/"
+o2lo="s/\\.${objext}\$/.lo/"
+extracted_archives=
+extracted_serial=0
+
+# If this variable is set in any of the actions, the command in it
+# will be execed at the end.  This prevents here-documents from being
+# left over by shells.
+exec_cmd=
+
+# func_append var value
+# Append VALUE to the end of shell variable VAR.
+func_append ()
+{
+    eval "${1}=\$${1}\${2}"
+} # func_append may be replaced by extended shell implementation
+
+# func_append_quoted var value
+# Quote VALUE and append to the end of shell variable VAR, separated
+# by a space.
+func_append_quoted ()
+{
+    func_quote_for_eval "${2}"
+    eval "${1}=\$${1}\\ \$func_quote_for_eval_result"
+} # func_append_quoted may be replaced by extended shell implementation
+
+
+# func_arith arithmetic-term...
+func_arith ()
+{
+    func_arith_result=`expr "${@}"`
+} # func_arith may be replaced by extended shell implementation
+
+
+# func_len string
+# STRING may not start with a hyphen.
+func_len ()
+{
+    func_len_result=`expr "${1}" : ".*" 2>/dev/null || echo $max_cmd_len`
+} # func_len may be replaced by extended shell implementation
+
+
+# func_lo2o object
+func_lo2o ()
+{
+    func_lo2o_result=`$ECHO "${1}" | $SED "$lo2o"`
+} # func_lo2o may be replaced by extended shell implementation
+
+
+# func_xform libobj-or-source
+func_xform ()
+{
+    func_xform_result=`$ECHO "${1}" | $SED 's/\.[^.]*$/.lo/'`
+} # func_xform may be replaced by extended shell implementation
+
+
+# func_fatal_configuration arg...
+# Echo program name prefixed message to standard error, followed by
+# a configuration failure hint, and exit.
+func_fatal_configuration ()
+{
+    func_error ${1+"$@"}
+    func_error "See the $PACKAGE documentation for more information."
+    func_fatal_error "Fatal configuration error."
+}
+
+
+# func_config
+# Display the configuration for all the tags in this script.
+func_config ()
+{
+    re_begincf='^# ### BEGIN LIBTOOL'
+    re_endcf='^# ### END LIBTOOL'
+
+    # Default configuration.
+    $SED "1,/$re_begincf CONFIG/d;/$re_endcf CONFIG/,\$d" < "$progpath"
+
+    # Now print the configurations for the tags.
+    for tagname in $taglist; do
+      $SED -n "/$re_begincf TAG CONFIG: $tagname\$/,/$re_endcf TAG CONFIG: $tagname\$/p" < "$progpath"
+    done
+
+    exit $?
+}
+
+# func_features
+# Display the features supported by this script.
+func_features ()
+{
+    echo "host: $host"
+    if test "$build_libtool_libs" = yes; then
+      echo "enable shared libraries"
+    else
+      echo "disable shared libraries"
+    fi
+    if test "$build_old_libs" = yes; then
+      echo "enable static libraries"
+    else
+      echo "disable static libraries"
+    fi
+
+    exit $?
+}
+
+# func_enable_tag tagname
+# Verify that TAGNAME is valid, and either flag an error and exit, or
+# enable the TAGNAME tag.  We also add TAGNAME to the global $taglist
+# variable here.
+func_enable_tag ()
+{
+  # Global variable:
+  tagname="$1"
+
+  re_begincf="^# ### BEGIN LIBTOOL TAG CONFIG: $tagname\$"
+  re_endcf="^# ### END LIBTOOL TAG CONFIG: $tagname\$"
+  sed_extractcf="/$re_begincf/,/$re_endcf/p"
+
+  # Validate tagname.
+  case $tagname in
+    *[!-_A-Za-z0-9,/]*)
+      func_fatal_error "invalid tag name: $tagname"
+      ;;
+  esac
+
+  # Don't test for the "default" C tag, as we know it's
+  # there but not specially marked.
+  case $tagname in
+    CC) ;;
+    *)
+      if $GREP "$re_begincf" "$progpath" >/dev/null 2>&1; then
+	taglist="$taglist $tagname"
+
+	# Evaluate the configuration.  Be careful to quote the path
+	# and the sed script, to avoid splitting on whitespace, but
+	# also don't use non-portable quotes within backquotes within
+	# quotes we have to do it in 2 steps:
+	extractedcf=`$SED -n -e "$sed_extractcf" < "$progpath"`
+	eval "$extractedcf"
+      else
+	func_error "ignoring unknown tag $tagname"
+      fi
+      ;;
+  esac
+}
+
+# func_check_version_match
+# Ensure that we are using m4 macros, and libtool script from the same
+# release of libtool.
+func_check_version_match ()
+{
+  if test "$package_revision" != "$macro_revision"; then
+    if test "$VERSION" != "$macro_version"; then
+      if test -z "$macro_version"; then
+        cat >&2 <<_LT_EOF
+$progname: Version mismatch error.  This is $PACKAGE $VERSION, but the
+$progname: definition of this LT_INIT comes from an older release.
+$progname: You should recreate aclocal.m4 with macros from $PACKAGE $VERSION
+$progname: and run autoconf again.
+_LT_EOF
+      else
+        cat >&2 <<_LT_EOF
+$progname: Version mismatch error.  This is $PACKAGE $VERSION, but the
+$progname: definition of this LT_INIT comes from $PACKAGE $macro_version.
+$progname: You should recreate aclocal.m4 with macros from $PACKAGE $VERSION
+$progname: and run autoconf again.
+_LT_EOF
+      fi
+    else
+      cat >&2 <<_LT_EOF
+$progname: Version mismatch error.  This is $PACKAGE $VERSION, revision $package_revision,
+$progname: but the definition of this LT_INIT comes from revision $macro_revision.
+$progname: You should recreate aclocal.m4 with macros from revision $package_revision
+$progname: of $PACKAGE $VERSION and run autoconf again.
+_LT_EOF
+    fi
+
+    exit $EXIT_MISMATCH
+  fi
+}
+
+
+# Shorthand for --mode=foo, only valid as the first argument
+case $1 in
+clean|clea|cle|cl)
+  shift; set dummy --mode clean ${1+"$@"}; shift
+  ;;
+compile|compil|compi|comp|com|co|c)
+  shift; set dummy --mode compile ${1+"$@"}; shift
+  ;;
+execute|execut|execu|exec|exe|ex|e)
+  shift; set dummy --mode execute ${1+"$@"}; shift
+  ;;
+finish|finis|fini|fin|fi|f)
+  shift; set dummy --mode finish ${1+"$@"}; shift
+  ;;
+install|instal|insta|inst|ins|in|i)
+  shift; set dummy --mode install ${1+"$@"}; shift
+  ;;
+link|lin|li|l)
+  shift; set dummy --mode link ${1+"$@"}; shift
+  ;;
+uninstall|uninstal|uninsta|uninst|unins|unin|uni|un|u)
+  shift; set dummy --mode uninstall ${1+"$@"}; shift
+  ;;
+esac
+
+
+
+# Option defaults:
+opt_debug=:
+opt_dry_run=false
+opt_config=false
+opt_preserve_dup_deps=false
+opt_features=false
+opt_finish=false
+opt_help=false
+opt_help_all=false
+opt_silent=:
+opt_warning=:
+opt_verbose=:
+opt_silent=false
+opt_verbose=false
+
+
+# Parse options once, thoroughly.  This comes as soon as possible in the
+# script to make things like `--version' happen as quickly as we can.
+{
+  # this just eases exit handling
+  while test $# -gt 0; do
+    opt="$1"
+    shift
+    case $opt in
+      --debug|-x)	opt_debug='set -x'
+			func_echo "enabling shell trace mode"
+			$opt_debug
+			;;
+      --dry-run|--dryrun|-n)
+			opt_dry_run=:
+			;;
+      --config)
+			opt_config=:
+func_config
+			;;
+      --dlopen|-dlopen)
+			optarg="$1"
+			opt_dlopen="${opt_dlopen+$opt_dlopen
+}$optarg"
+			shift
+			;;
+      --preserve-dup-deps)
+			opt_preserve_dup_deps=:
+			;;
+      --features)
+			opt_features=:
+func_features
+			;;
+      --finish)
+			opt_finish=:
+set dummy --mode finish ${1+"$@"}; shift
+			;;
+      --help)
+			opt_help=:
+			;;
+      --help-all)
+			opt_help_all=:
+opt_help=': help-all'
+			;;
+      --mode)
+			test $# = 0 && func_missing_arg $opt && break
+			optarg="$1"
+			opt_mode="$optarg"
+case $optarg in
+  # Valid mode arguments:
+  clean|compile|execute|finish|install|link|relink|uninstall) ;;
+
+  # Catch anything else as an error
+  *) func_error "invalid argument for $opt"
+     exit_cmd=exit
+     break
+     ;;
+esac
+			shift
+			;;
+      --no-silent|--no-quiet)
+			opt_silent=false
+func_append preserve_args " $opt"
+			;;
+      --no-warning|--no-warn)
+			opt_warning=false
+func_append preserve_args " $opt"
+			;;
+      --no-verbose)
+			opt_verbose=false
+func_append preserve_args " $opt"
+			;;
+      --silent|--quiet)
+			opt_silent=:
+func_append preserve_args " $opt"
+        opt_verbose=false
+			;;
+      --verbose|-v)
+			opt_verbose=:
+func_append preserve_args " $opt"
+opt_silent=false
+			;;
+      --tag)
+			test $# = 0 && func_missing_arg $opt && break
+			optarg="$1"
+			opt_tag="$optarg"
+func_append preserve_args " $opt $optarg"
+func_enable_tag "$optarg"
+			shift
+			;;
+
+      -\?|-h)		func_usage				;;
+      --help)		func_help				;;
+      --version)	func_version				;;
+
+      # Separate optargs to long options:
+      --*=*)
+			func_split_long_opt "$opt"
+			set dummy "$func_split_long_opt_name" "$func_split_long_opt_arg" ${1+"$@"}
+			shift
+			;;
+
+      # Separate non-argument short options:
+      -\?*|-h*|-n*|-v*)
+			func_split_short_opt "$opt"
+			set dummy "$func_split_short_opt_name" "-$func_split_short_opt_arg" ${1+"$@"}
+			shift
+			;;
+
+      --)		break					;;
+      -*)		func_fatal_help "unrecognized option \`$opt'" ;;
+      *)		set dummy "$opt" ${1+"$@"};	shift; break  ;;
+    esac
+  done
+
+  # Validate options:
+
+  # save first non-option argument
+  if test "$#" -gt 0; then
+    nonopt="$opt"
+    shift
+  fi
+
+  # preserve --debug
+  test "$opt_debug" = : || func_append preserve_args " --debug"
+
+  case $host in
+    *cygwin* | *mingw* | *pw32* | *cegcc*)
+      # don't eliminate duplications in $postdeps and $predeps
+      opt_duplicate_compiler_generated_deps=:
+      ;;
+    *)
+      opt_duplicate_compiler_generated_deps=$opt_preserve_dup_deps
+      ;;
+  esac
+
+  $opt_help || {
+    # Sanity checks first:
+    func_check_version_match
+
+    if test "$build_libtool_libs" != yes && test "$build_old_libs" != yes; then
+      func_fatal_configuration "not configured to build any kind of library"
+    fi
+
+    # Darwin sucks
+    eval std_shrext=\"$shrext_cmds\"
+
+    # Only execute mode is allowed to have -dlopen flags.
+    if test -n "$opt_dlopen" && test "$opt_mode" != execute; then
+      func_error "unrecognized option \`-dlopen'"
+      $ECHO "$help" 1>&2
+      exit $EXIT_FAILURE
+    fi
+
+    # Change the help message to a mode-specific one.
+    generic_help="$help"
+    help="Try \`$progname --help --mode=$opt_mode' for more information."
+  }
+
+
+  # Bail if the options were screwed
+  $exit_cmd $EXIT_FAILURE
+}
+
+
+
+
+## ----------- ##
+##    Main.    ##
+## ----------- ##
+
+# func_lalib_p file
+# True iff FILE is a libtool `.la' library or `.lo' object file.
+# This function is only a basic sanity check; it will hardly flush out
+# determined imposters.
+func_lalib_p ()
+{
+    test -f "$1" &&
+      $SED -e 4q "$1" 2>/dev/null \
+        | $GREP "^# Generated by .*$PACKAGE" > /dev/null 2>&1
+}
+
+# func_lalib_unsafe_p file
+# True iff FILE is a libtool `.la' library or `.lo' object file.
+# This function implements the same check as func_lalib_p without
+# resorting to external programs.  To this end, it redirects stdin and
+# closes it afterwards, without saving the original file descriptor.
+# As a safety measure, use it only where a negative result would be
+# fatal anyway.  Works if `file' does not exist.
+func_lalib_unsafe_p ()
+{
+    lalib_p=no
+    if test -f "$1" && test -r "$1" && exec 5<&0 <"$1"; then
+	for lalib_p_l in 1 2 3 4
+	do
+	    read lalib_p_line
+	    case "$lalib_p_line" in
+		\#\ Generated\ by\ *$PACKAGE* ) lalib_p=yes; break;;
+	    esac
+	done
+	exec 0<&5 5<&-
+    fi
+    test "$lalib_p" = yes
+}
+
+# func_ltwrapper_script_p file
+# True iff FILE is a libtool wrapper script
+# This function is only a basic sanity check; it will hardly flush out
+# determined imposters.
+func_ltwrapper_script_p ()
+{
+    func_lalib_p "$1"
+}
+
+# func_ltwrapper_executable_p file
+# True iff FILE is a libtool wrapper executable
+# This function is only a basic sanity check; it will hardly flush out
+# determined imposters.
+func_ltwrapper_executable_p ()
+{
+    func_ltwrapper_exec_suffix=
+    case $1 in
+    *.exe) ;;
+    *) func_ltwrapper_exec_suffix=.exe ;;
+    esac
+    $GREP "$magic_exe" "$1$func_ltwrapper_exec_suffix" >/dev/null 2>&1
+}
+
+# func_ltwrapper_scriptname file
+# Assumes file is an ltwrapper_executable
+# uses $file to determine the appropriate filename for a
+# temporary ltwrapper_script.
+func_ltwrapper_scriptname ()
+{
+    func_dirname_and_basename "$1" "" "."
+    func_stripname '' '.exe' "$func_basename_result"
+    func_ltwrapper_scriptname_result="$func_dirname_result/$objdir/${func_stripname_result}_ltshwrapper"
+}
+
+# func_ltwrapper_p file
+# True iff FILE is a libtool wrapper script or wrapper executable
+# This function is only a basic sanity check; it will hardly flush out
+# determined imposters.
+func_ltwrapper_p ()
+{
+    func_ltwrapper_script_p "$1" || func_ltwrapper_executable_p "$1"
+}
+
+
+# func_execute_cmds commands fail_cmd
+# Execute tilde-delimited COMMANDS.
+# If FAIL_CMD is given, eval that upon failure.
+# FAIL_CMD may read-access the current command in variable CMD!
+func_execute_cmds ()
+{
+    $opt_debug
+    save_ifs=$IFS; IFS='~'
+    for cmd in $1; do
+      IFS=$save_ifs
+      eval cmd=\"$cmd\"
+      func_show_eval "$cmd" "${2-:}"
+    done
+    IFS=$save_ifs
+}
+
+
+# func_source file
+# Source FILE, adding directory component if necessary.
+# Note that it is not necessary on cygwin/mingw to append a dot to
+# FILE even if both FILE and FILE.exe exist: automatic-append-.exe
+# behavior happens only for exec(3), not for open(2)!  Also, sourcing
+# `FILE.' does not work on cygwin managed mounts.
+func_source ()
+{
+    $opt_debug
+    case $1 in
+    */* | *\\*)	. "$1" ;;
+    *)		. "./$1" ;;
+    esac
+}
+
+
+# func_resolve_sysroot PATH
+# Replace a leading = in PATH with a sysroot.  Store the result into
+# func_resolve_sysroot_result
+func_resolve_sysroot ()
+{
+  func_resolve_sysroot_result=$1
+  case $func_resolve_sysroot_result in
+  =*)
+    func_stripname '=' '' "$func_resolve_sysroot_result"
+    func_resolve_sysroot_result=$lt_sysroot$func_stripname_result
+    ;;
+  esac
+}
+
+# func_replace_sysroot PATH
+# If PATH begins with the sysroot, replace it with = and
+# store the result into func_replace_sysroot_result.
+func_replace_sysroot ()
+{
+  case "$lt_sysroot:$1" in
+  ?*:"$lt_sysroot"*)
+    func_stripname "$lt_sysroot" '' "$1"
+    func_replace_sysroot_result="=$func_stripname_result"
+    ;;
+  *)
+    # Including no sysroot.
+    func_replace_sysroot_result=$1
+    ;;
+  esac
+}
+
+# func_infer_tag arg
+# Infer tagged configuration to use if any are available and
+# if one wasn't chosen via the "--tag" command line option.
+# Only attempt this if the compiler in the base compile
+# command doesn't match the default compiler.
+# arg is usually of the form 'gcc ...'
+func_infer_tag ()
+{
+    $opt_debug
+    if test -n "$available_tags" && test -z "$tagname"; then
+      CC_quoted=
+      for arg in $CC; do
+	func_append_quoted CC_quoted "$arg"
+      done
+      CC_expanded=`func_echo_all $CC`
+      CC_quoted_expanded=`func_echo_all $CC_quoted`
+      case $@ in
+      # Blanks in the command may have been stripped by the calling shell,
+      # but not from the CC environment variable when configure was run.
+      " $CC "* | "$CC "* | " $CC_expanded "* | "$CC_expanded "* | \
+      " $CC_quoted"* | "$CC_quoted "* | " $CC_quoted_expanded "* | "$CC_quoted_expanded "*) ;;
+      # Blanks at the start of $base_compile will cause this to fail
+      # if we don't check for them as well.
+      *)
+	for z in $available_tags; do
+	  if $GREP "^# ### BEGIN LIBTOOL TAG CONFIG: $z$" < "$progpath" > /dev/null; then
+	    # Evaluate the configuration.
+	    eval "`${SED} -n -e '/^# ### BEGIN LIBTOOL TAG CONFIG: '$z'$/,/^# ### END LIBTOOL TAG CONFIG: '$z'$/p' < $progpath`"
+	    CC_quoted=
+	    for arg in $CC; do
+	      # Double-quote args containing other shell metacharacters.
+	      func_append_quoted CC_quoted "$arg"
+	    done
+	    CC_expanded=`func_echo_all $CC`
+	    CC_quoted_expanded=`func_echo_all $CC_quoted`
+	    case "$@ " in
+	    " $CC "* | "$CC "* | " $CC_expanded "* | "$CC_expanded "* | \
+	    " $CC_quoted"* | "$CC_quoted "* | " $CC_quoted_expanded "* | "$CC_quoted_expanded "*)
+	      # The compiler in the base compile command matches
+	      # the one in the tagged configuration.
+	      # Assume this is the tagged configuration we want.
+	      tagname=$z
+	      break
+	      ;;
+	    esac
+	  fi
+	done
+	# If $tagname still isn't set, then no tagged configuration
+	# was found and let the user know that the "--tag" command
+	# line option must be used.
+	if test -z "$tagname"; then
+	  func_echo "unable to infer tagged configuration"
+	  func_fatal_error "specify a tag with \`--tag'"
+#	else
+#	  func_verbose "using $tagname tagged configuration"
+	fi
+	;;
+      esac
+    fi
+}
+
+
+
+# func_write_libtool_object output_name pic_name nonpic_name
+# Create a libtool object file (analogous to a ".la" file),
+# but don't create it if we're doing a dry run.
+func_write_libtool_object ()
+{
+    write_libobj=${1}
+    if test "$build_libtool_libs" = yes; then
+      write_lobj=\'${2}\'
+    else
+      write_lobj=none
+    fi
+
+    if test "$build_old_libs" = yes; then
+      write_oldobj=\'${3}\'
+    else
+      write_oldobj=none
+    fi
+
+    $opt_dry_run || {
+      cat >${write_libobj}T </dev/null`
+    if test "$?" -eq 0 && test -n "${func_convert_core_file_wine_to_w32_tmp}"; then
+      func_convert_core_file_wine_to_w32_result=`$ECHO "$func_convert_core_file_wine_to_w32_tmp" |
+        $SED -e "$lt_sed_naive_backslashify"`
+    else
+      func_convert_core_file_wine_to_w32_result=
+    fi
+  fi
+}
+# end: func_convert_core_file_wine_to_w32
+
+
+# func_convert_core_path_wine_to_w32 ARG
+# Helper function used by path conversion functions when $build is *nix, and
+# $host is mingw, cygwin, or some other w32 environment. Relies on a correctly
+# configured wine environment available, with the winepath program in $build's
+# $PATH. Assumes ARG has no leading or trailing path separator characters.
+#
+# ARG is path to be converted from $build format to win32.
+# Result is available in $func_convert_core_path_wine_to_w32_result.
+# Unconvertible file (directory) names in ARG are skipped; if no directory names
+# are convertible, then the result may be empty.
+func_convert_core_path_wine_to_w32 ()
+{
+  $opt_debug
+  # unfortunately, winepath doesn't convert paths, only file names
+  func_convert_core_path_wine_to_w32_result=""
+  if test -n "$1"; then
+    oldIFS=$IFS
+    IFS=:
+    for func_convert_core_path_wine_to_w32_f in $1; do
+      IFS=$oldIFS
+      func_convert_core_file_wine_to_w32 "$func_convert_core_path_wine_to_w32_f"
+      if test -n "$func_convert_core_file_wine_to_w32_result" ; then
+        if test -z "$func_convert_core_path_wine_to_w32_result"; then
+          func_convert_core_path_wine_to_w32_result="$func_convert_core_file_wine_to_w32_result"
+        else
+          func_append func_convert_core_path_wine_to_w32_result ";$func_convert_core_file_wine_to_w32_result"
+        fi
+      fi
+    done
+    IFS=$oldIFS
+  fi
+}
+# end: func_convert_core_path_wine_to_w32
+
+
+# func_cygpath ARGS...
+# Wrapper around calling the cygpath program via LT_CYGPATH. This is used when
+# when (1) $build is *nix and Cygwin is hosted via a wine environment; or (2)
+# $build is MSYS and $host is Cygwin, or (3) $build is Cygwin. In case (1) or
+# (2), returns the Cygwin file name or path in func_cygpath_result (input
+# file name or path is assumed to be in w32 format, as previously converted
+# from $build's *nix or MSYS format). In case (3), returns the w32 file name
+# or path in func_cygpath_result (input file name or path is assumed to be in
+# Cygwin format). Returns an empty string on error.
+#
+# ARGS are passed to cygpath, with the last one being the file name or path to
+# be converted.
+#
+# Specify the absolute *nix (or w32) name to cygpath in the LT_CYGPATH
+# environment variable; do not put it in $PATH.
+func_cygpath ()
+{
+  $opt_debug
+  if test -n "$LT_CYGPATH" && test -f "$LT_CYGPATH"; then
+    func_cygpath_result=`$LT_CYGPATH "$@" 2>/dev/null`
+    if test "$?" -ne 0; then
+      # on failure, ensure result is empty
+      func_cygpath_result=
+    fi
+  else
+    func_cygpath_result=
+    func_error "LT_CYGPATH is empty or specifies non-existent file: \`$LT_CYGPATH'"
+  fi
+}
+#end: func_cygpath
+
+
+# func_convert_core_msys_to_w32 ARG
+# Convert file name or path ARG from MSYS format to w32 format.  Return
+# result in func_convert_core_msys_to_w32_result.
+func_convert_core_msys_to_w32 ()
+{
+  $opt_debug
+  # awkward: cmd appends spaces to result
+  func_convert_core_msys_to_w32_result=`( cmd //c echo "$1" ) 2>/dev/null |
+    $SED -e 's/[ ]*$//' -e "$lt_sed_naive_backslashify"`
+}
+#end: func_convert_core_msys_to_w32
+
+
+# func_convert_file_check ARG1 ARG2
+# Verify that ARG1 (a file name in $build format) was converted to $host
+# format in ARG2. Otherwise, emit an error message, but continue (resetting
+# func_to_host_file_result to ARG1).
+func_convert_file_check ()
+{
+  $opt_debug
+  if test -z "$2" && test -n "$1" ; then
+    func_error "Could not determine host file name corresponding to"
+    func_error "  \`$1'"
+    func_error "Continuing, but uninstalled executables may not work."
+    # Fallback:
+    func_to_host_file_result="$1"
+  fi
+}
+# end func_convert_file_check
+
+
+# func_convert_path_check FROM_PATHSEP TO_PATHSEP FROM_PATH TO_PATH
+# Verify that FROM_PATH (a path in $build format) was converted to $host
+# format in TO_PATH. Otherwise, emit an error message, but continue, resetting
+# func_to_host_file_result to a simplistic fallback value (see below).
+func_convert_path_check ()
+{
+  $opt_debug
+  if test -z "$4" && test -n "$3"; then
+    func_error "Could not determine the host path corresponding to"
+    func_error "  \`$3'"
+    func_error "Continuing, but uninstalled executables may not work."
+    # Fallback.  This is a deliberately simplistic "conversion" and
+    # should not be "improved".  See libtool.info.
+    if test "x$1" != "x$2"; then
+      lt_replace_pathsep_chars="s|$1|$2|g"
+      func_to_host_path_result=`echo "$3" |
+        $SED -e "$lt_replace_pathsep_chars"`
+    else
+      func_to_host_path_result="$3"
+    fi
+  fi
+}
+# end func_convert_path_check
+
+
+# func_convert_path_front_back_pathsep FRONTPAT BACKPAT REPL ORIG
+# Modifies func_to_host_path_result by prepending REPL if ORIG matches FRONTPAT
+# and appending REPL if ORIG matches BACKPAT.
+func_convert_path_front_back_pathsep ()
+{
+  $opt_debug
+  case $4 in
+  $1 ) func_to_host_path_result="$3$func_to_host_path_result"
+    ;;
+  esac
+  case $4 in
+  $2 ) func_append func_to_host_path_result "$3"
+    ;;
+  esac
+}
+# end func_convert_path_front_back_pathsep
+
+
+##################################################
+# $build to $host FILE NAME CONVERSION FUNCTIONS #
+##################################################
+# invoked via `$to_host_file_cmd ARG'
+#
+# In each case, ARG is the path to be converted from $build to $host format.
+# Result will be available in $func_to_host_file_result.
+
+
+# func_to_host_file ARG
+# Converts the file name ARG from $build format to $host format. Return result
+# in func_to_host_file_result.
+func_to_host_file ()
+{
+  $opt_debug
+  $to_host_file_cmd "$1"
+}
+# end func_to_host_file
+
+
+# func_to_tool_file ARG LAZY
+# converts the file name ARG from $build format to toolchain format. Return
+# result in func_to_tool_file_result.  If the conversion in use is listed
+# in (the comma separated) LAZY, no conversion takes place.
+func_to_tool_file ()
+{
+  $opt_debug
+  case ,$2, in
+    *,"$to_tool_file_cmd",*)
+      func_to_tool_file_result=$1
+      ;;
+    *)
+      $to_tool_file_cmd "$1"
+      func_to_tool_file_result=$func_to_host_file_result
+      ;;
+  esac
+}
+# end func_to_tool_file
+
+
+# func_convert_file_noop ARG
+# Copy ARG to func_to_host_file_result.
+func_convert_file_noop ()
+{
+  func_to_host_file_result="$1"
+}
+# end func_convert_file_noop
+
+
+# func_convert_file_msys_to_w32 ARG
+# Convert file name ARG from (mingw) MSYS to (mingw) w32 format; automatic
+# conversion to w32 is not available inside the cwrapper.  Returns result in
+# func_to_host_file_result.
+func_convert_file_msys_to_w32 ()
+{
+  $opt_debug
+  func_to_host_file_result="$1"
+  if test -n "$1"; then
+    func_convert_core_msys_to_w32 "$1"
+    func_to_host_file_result="$func_convert_core_msys_to_w32_result"
+  fi
+  func_convert_file_check "$1" "$func_to_host_file_result"
+}
+# end func_convert_file_msys_to_w32
+
+
+# func_convert_file_cygwin_to_w32 ARG
+# Convert file name ARG from Cygwin to w32 format.  Returns result in
+# func_to_host_file_result.
+func_convert_file_cygwin_to_w32 ()
+{
+  $opt_debug
+  func_to_host_file_result="$1"
+  if test -n "$1"; then
+    # because $build is cygwin, we call "the" cygpath in $PATH; no need to use
+    # LT_CYGPATH in this case.
+    func_to_host_file_result=`cygpath -m "$1"`
+  fi
+  func_convert_file_check "$1" "$func_to_host_file_result"
+}
+# end func_convert_file_cygwin_to_w32
+
+
+# func_convert_file_nix_to_w32 ARG
+# Convert file name ARG from *nix to w32 format.  Requires a wine environment
+# and a working winepath. Returns result in func_to_host_file_result.
+func_convert_file_nix_to_w32 ()
+{
+  $opt_debug
+  func_to_host_file_result="$1"
+  if test -n "$1"; then
+    func_convert_core_file_wine_to_w32 "$1"
+    func_to_host_file_result="$func_convert_core_file_wine_to_w32_result"
+  fi
+  func_convert_file_check "$1" "$func_to_host_file_result"
+}
+# end func_convert_file_nix_to_w32
+
+
+# func_convert_file_msys_to_cygwin ARG
+# Convert file name ARG from MSYS to Cygwin format.  Requires LT_CYGPATH set.
+# Returns result in func_to_host_file_result.
+func_convert_file_msys_to_cygwin ()
+{
+  $opt_debug
+  func_to_host_file_result="$1"
+  if test -n "$1"; then
+    func_convert_core_msys_to_w32 "$1"
+    func_cygpath -u "$func_convert_core_msys_to_w32_result"
+    func_to_host_file_result="$func_cygpath_result"
+  fi
+  func_convert_file_check "$1" "$func_to_host_file_result"
+}
+# end func_convert_file_msys_to_cygwin
+
+
+# func_convert_file_nix_to_cygwin ARG
+# Convert file name ARG from *nix to Cygwin format.  Requires Cygwin installed
+# in a wine environment, working winepath, and LT_CYGPATH set.  Returns result
+# in func_to_host_file_result.
+func_convert_file_nix_to_cygwin ()
+{
+  $opt_debug
+  func_to_host_file_result="$1"
+  if test -n "$1"; then
+    # convert from *nix to w32, then use cygpath to convert from w32 to cygwin.
+    func_convert_core_file_wine_to_w32 "$1"
+    func_cygpath -u "$func_convert_core_file_wine_to_w32_result"
+    func_to_host_file_result="$func_cygpath_result"
+  fi
+  func_convert_file_check "$1" "$func_to_host_file_result"
+}
+# end func_convert_file_nix_to_cygwin
+
+
+#############################################
+# $build to $host PATH CONVERSION FUNCTIONS #
+#############################################
+# invoked via `$to_host_path_cmd ARG'
+#
+# In each case, ARG is the path to be converted from $build to $host format.
+# The result will be available in $func_to_host_path_result.
+#
+# Path separators are also converted from $build format to $host format.  If
+# ARG begins or ends with a path separator character, it is preserved (but
+# converted to $host format) on output.
+#
+# All path conversion functions are named using the following convention:
+#   file name conversion function    : func_convert_file_X_to_Y ()
+#   path conversion function         : func_convert_path_X_to_Y ()
+# where, for any given $build/$host combination the 'X_to_Y' value is the
+# same.  If conversion functions are added for new $build/$host combinations,
+# the two new functions must follow this pattern, or func_init_to_host_path_cmd
+# will break.
+
+
+# func_init_to_host_path_cmd
+# Ensures that function "pointer" variable $to_host_path_cmd is set to the
+# appropriate value, based on the value of $to_host_file_cmd.
+to_host_path_cmd=
+func_init_to_host_path_cmd ()
+{
+  $opt_debug
+  if test -z "$to_host_path_cmd"; then
+    func_stripname 'func_convert_file_' '' "$to_host_file_cmd"
+    to_host_path_cmd="func_convert_path_${func_stripname_result}"
+  fi
+}
+
+
+# func_to_host_path ARG
+# Converts the path ARG from $build format to $host format. Return result
+# in func_to_host_path_result.
+func_to_host_path ()
+{
+  $opt_debug
+  func_init_to_host_path_cmd
+  $to_host_path_cmd "$1"
+}
+# end func_to_host_path
+
+
+# func_convert_path_noop ARG
+# Copy ARG to func_to_host_path_result.
+func_convert_path_noop ()
+{
+  func_to_host_path_result="$1"
+}
+# end func_convert_path_noop
+
+
+# func_convert_path_msys_to_w32 ARG
+# Convert path ARG from (mingw) MSYS to (mingw) w32 format; automatic
+# conversion to w32 is not available inside the cwrapper.  Returns result in
+# func_to_host_path_result.
+func_convert_path_msys_to_w32 ()
+{
+  $opt_debug
+  func_to_host_path_result="$1"
+  if test -n "$1"; then
+    # Remove leading and trailing path separator characters from ARG.  MSYS
+    # behavior is inconsistent here; cygpath turns them into '.;' and ';.';
+    # and winepath ignores them completely.
+    func_stripname : : "$1"
+    func_to_host_path_tmp1=$func_stripname_result
+    func_convert_core_msys_to_w32 "$func_to_host_path_tmp1"
+    func_to_host_path_result="$func_convert_core_msys_to_w32_result"
+    func_convert_path_check : ";" \
+      "$func_to_host_path_tmp1" "$func_to_host_path_result"
+    func_convert_path_front_back_pathsep ":*" "*:" ";" "$1"
+  fi
+}
+# end func_convert_path_msys_to_w32
+
+
+# func_convert_path_cygwin_to_w32 ARG
+# Convert path ARG from Cygwin to w32 format.  Returns result in
+# func_to_host_file_result.
+func_convert_path_cygwin_to_w32 ()
+{
+  $opt_debug
+  func_to_host_path_result="$1"
+  if test -n "$1"; then
+    # See func_convert_path_msys_to_w32:
+    func_stripname : : "$1"
+    func_to_host_path_tmp1=$func_stripname_result
+    func_to_host_path_result=`cygpath -m -p "$func_to_host_path_tmp1"`
+    func_convert_path_check : ";" \
+      "$func_to_host_path_tmp1" "$func_to_host_path_result"
+    func_convert_path_front_back_pathsep ":*" "*:" ";" "$1"
+  fi
+}
+# end func_convert_path_cygwin_to_w32
+
+
+# func_convert_path_nix_to_w32 ARG
+# Convert path ARG from *nix to w32 format.  Requires a wine environment and
+# a working winepath.  Returns result in func_to_host_file_result.
+func_convert_path_nix_to_w32 ()
+{
+  $opt_debug
+  func_to_host_path_result="$1"
+  if test -n "$1"; then
+    # See func_convert_path_msys_to_w32:
+    func_stripname : : "$1"
+    func_to_host_path_tmp1=$func_stripname_result
+    func_convert_core_path_wine_to_w32 "$func_to_host_path_tmp1"
+    func_to_host_path_result="$func_convert_core_path_wine_to_w32_result"
+    func_convert_path_check : ";" \
+      "$func_to_host_path_tmp1" "$func_to_host_path_result"
+    func_convert_path_front_back_pathsep ":*" "*:" ";" "$1"
+  fi
+}
+# end func_convert_path_nix_to_w32
+
+
+# func_convert_path_msys_to_cygwin ARG
+# Convert path ARG from MSYS to Cygwin format.  Requires LT_CYGPATH set.
+# Returns result in func_to_host_file_result.
+func_convert_path_msys_to_cygwin ()
+{
+  $opt_debug
+  func_to_host_path_result="$1"
+  if test -n "$1"; then
+    # See func_convert_path_msys_to_w32:
+    func_stripname : : "$1"
+    func_to_host_path_tmp1=$func_stripname_result
+    func_convert_core_msys_to_w32 "$func_to_host_path_tmp1"
+    func_cygpath -u -p "$func_convert_core_msys_to_w32_result"
+    func_to_host_path_result="$func_cygpath_result"
+    func_convert_path_check : : \
+      "$func_to_host_path_tmp1" "$func_to_host_path_result"
+    func_convert_path_front_back_pathsep ":*" "*:" : "$1"
+  fi
+}
+# end func_convert_path_msys_to_cygwin
+
+
+# func_convert_path_nix_to_cygwin ARG
+# Convert path ARG from *nix to Cygwin format.  Requires Cygwin installed in a
+# a wine environment, working winepath, and LT_CYGPATH set.  Returns result in
+# func_to_host_file_result.
+func_convert_path_nix_to_cygwin ()
+{
+  $opt_debug
+  func_to_host_path_result="$1"
+  if test -n "$1"; then
+    # Remove leading and trailing path separator characters from
+    # ARG. msys behavior is inconsistent here, cygpath turns them
+    # into '.;' and ';.', and winepath ignores them completely.
+    func_stripname : : "$1"
+    func_to_host_path_tmp1=$func_stripname_result
+    func_convert_core_path_wine_to_w32 "$func_to_host_path_tmp1"
+    func_cygpath -u -p "$func_convert_core_path_wine_to_w32_result"
+    func_to_host_path_result="$func_cygpath_result"
+    func_convert_path_check : : \
+      "$func_to_host_path_tmp1" "$func_to_host_path_result"
+    func_convert_path_front_back_pathsep ":*" "*:" : "$1"
+  fi
+}
+# end func_convert_path_nix_to_cygwin
+
+
+# func_mode_compile arg...
+func_mode_compile ()
+{
+    $opt_debug
+    # Get the compilation command and the source file.
+    base_compile=
+    srcfile="$nonopt"  #  always keep a non-empty value in "srcfile"
+    suppress_opt=yes
+    suppress_output=
+    arg_mode=normal
+    libobj=
+    later=
+    pie_flag=
+
+    for arg
+    do
+      case $arg_mode in
+      arg  )
+	# do not "continue".  Instead, add this to base_compile
+	lastarg="$arg"
+	arg_mode=normal
+	;;
+
+      target )
+	libobj="$arg"
+	arg_mode=normal
+	continue
+	;;
+
+      normal )
+	# Accept any command-line options.
+	case $arg in
+	-o)
+	  test -n "$libobj" && \
+	    func_fatal_error "you cannot specify \`-o' more than once"
+	  arg_mode=target
+	  continue
+	  ;;
+
+	-pie | -fpie | -fPIE)
+          func_append pie_flag " $arg"
+	  continue
+	  ;;
+
+	-shared | -static | -prefer-pic | -prefer-non-pic)
+	  func_append later " $arg"
+	  continue
+	  ;;
+
+	-no-suppress)
+	  suppress_opt=no
+	  continue
+	  ;;
+
+	-Xcompiler)
+	  arg_mode=arg  #  the next one goes into the "base_compile" arg list
+	  continue      #  The current "srcfile" will either be retained or
+	  ;;            #  replaced later.  I would guess that would be a bug.
+
+	-Wc,*)
+	  func_stripname '-Wc,' '' "$arg"
+	  args=$func_stripname_result
+	  lastarg=
+	  save_ifs="$IFS"; IFS=','
+	  for arg in $args; do
+	    IFS="$save_ifs"
+	    func_append_quoted lastarg "$arg"
+	  done
+	  IFS="$save_ifs"
+	  func_stripname ' ' '' "$lastarg"
+	  lastarg=$func_stripname_result
+
+	  # Add the arguments to base_compile.
+	  func_append base_compile " $lastarg"
+	  continue
+	  ;;
+
+	*)
+	  # Accept the current argument as the source file.
+	  # The previous "srcfile" becomes the current argument.
+	  #
+	  lastarg="$srcfile"
+	  srcfile="$arg"
+	  ;;
+	esac  #  case $arg
+	;;
+      esac    #  case $arg_mode
+
+      # Aesthetically quote the previous argument.
+      func_append_quoted base_compile "$lastarg"
+    done # for arg
+
+    case $arg_mode in
+    arg)
+      func_fatal_error "you must specify an argument for -Xcompile"
+      ;;
+    target)
+      func_fatal_error "you must specify a target with \`-o'"
+      ;;
+    *)
+      # Get the name of the library object.
+      test -z "$libobj" && {
+	func_basename "$srcfile"
+	libobj="$func_basename_result"
+      }
+      ;;
+    esac
+
+    # Recognize several different file suffixes.
+    # If the user specifies -o file.o, it is replaced with file.lo
+    case $libobj in
+    *.[cCFSifmso] | \
+    *.ada | *.adb | *.ads | *.asm | \
+    *.c++ | *.cc | *.ii | *.class | *.cpp | *.cxx | \
+    *.[fF][09]? | *.for | *.java | *.go | *.obj | *.sx | *.cu | *.cup)
+      func_xform "$libobj"
+      libobj=$func_xform_result
+      ;;
+    esac
+
+    case $libobj in
+    *.lo) func_lo2o "$libobj"; obj=$func_lo2o_result ;;
+    *)
+      func_fatal_error "cannot determine name of library object from \`$libobj'"
+      ;;
+    esac
+
+    func_infer_tag $base_compile
+
+    for arg in $later; do
+      case $arg in
+      -shared)
+	test "$build_libtool_libs" != yes && \
+	  func_fatal_configuration "can not build a shared library"
+	build_old_libs=no
+	continue
+	;;
+
+      -static)
+	build_libtool_libs=no
+	build_old_libs=yes
+	continue
+	;;
+
+      -prefer-pic)
+	pic_mode=yes
+	continue
+	;;
+
+      -prefer-non-pic)
+	pic_mode=no
+	continue
+	;;
+      esac
+    done
+
+    func_quote_for_eval "$libobj"
+    test "X$libobj" != "X$func_quote_for_eval_result" \
+      && $ECHO "X$libobj" | $GREP '[]~#^*{};<>?"'"'"'	 &()|`$[]' \
+      && func_warning "libobj name \`$libobj' may not contain shell special characters."
+    func_dirname_and_basename "$obj" "/" ""
+    objname="$func_basename_result"
+    xdir="$func_dirname_result"
+    lobj=${xdir}$objdir/$objname
+
+    test -z "$base_compile" && \
+      func_fatal_help "you must specify a compilation command"
+
+    # Delete any leftover library objects.
+    if test "$build_old_libs" = yes; then
+      removelist="$obj $lobj $libobj ${libobj}T"
+    else
+      removelist="$lobj $libobj ${libobj}T"
+    fi
+
+    # On Cygwin there's no "real" PIC flag so we must build both object types
+    case $host_os in
+    cygwin* | mingw* | pw32* | os2* | cegcc*)
+      pic_mode=default
+      ;;
+    esac
+    if test "$pic_mode" = no && test "$deplibs_check_method" != pass_all; then
+      # non-PIC code in shared libraries is not supported
+      pic_mode=default
+    fi
+
+    # Calculate the filename of the output object if compiler does
+    # not support -o with -c
+    if test "$compiler_c_o" = no; then
+      output_obj=`$ECHO "$srcfile" | $SED 's%^.*/%%; s%\.[^.]*$%%'`.${objext}
+      lockfile="$output_obj.lock"
+    else
+      output_obj=
+      need_locks=no
+      lockfile=
+    fi
+
+    # Lock this critical section if it is needed
+    # We use this script file to make the link, it avoids creating a new file
+    if test "$need_locks" = yes; then
+      until $opt_dry_run || ln "$progpath" "$lockfile" 2>/dev/null; do
+	func_echo "Waiting for $lockfile to be removed"
+	sleep 2
+      done
+    elif test "$need_locks" = warn; then
+      if test -f "$lockfile"; then
+	$ECHO "\
+*** ERROR, $lockfile exists and contains:
+`cat $lockfile 2>/dev/null`
+
+This indicates that another process is trying to use the same
+temporary object file, and libtool could not work around it because
+your compiler does not support \`-c' and \`-o' together.  If you
+repeat this compilation, it may succeed, by chance, but you had better
+avoid parallel builds (make -j) in this platform, or get a better
+compiler."
+
+	$opt_dry_run || $RM $removelist
+	exit $EXIT_FAILURE
+      fi
+      func_append removelist " $output_obj"
+      $ECHO "$srcfile" > "$lockfile"
+    fi
+
+    $opt_dry_run || $RM $removelist
+    func_append removelist " $lockfile"
+    trap '$opt_dry_run || $RM $removelist; exit $EXIT_FAILURE' 1 2 15
+
+    func_to_tool_file "$srcfile" func_convert_file_msys_to_w32
+    srcfile=$func_to_tool_file_result
+    func_quote_for_eval "$srcfile"
+    qsrcfile=$func_quote_for_eval_result
+
+    # Only build a PIC object if we are building libtool libraries.
+    if test "$build_libtool_libs" = yes; then
+      # Without this assignment, base_compile gets emptied.
+      fbsd_hideous_sh_bug=$base_compile
+
+      if test "$pic_mode" != no; then
+	command="$base_compile $qsrcfile $pic_flag"
+      else
+	# Don't build PIC code
+	command="$base_compile $qsrcfile"
+      fi
+
+      func_mkdir_p "$xdir$objdir"
+
+      if test -z "$output_obj"; then
+	# Place PIC objects in $objdir
+	func_append command " -o $lobj"
+      fi
+
+      func_show_eval_locale "$command"	\
+          'test -n "$output_obj" && $RM $removelist; exit $EXIT_FAILURE'
+
+      if test "$need_locks" = warn &&
+	 test "X`cat $lockfile 2>/dev/null`" != "X$srcfile"; then
+	$ECHO "\
+*** ERROR, $lockfile contains:
+`cat $lockfile 2>/dev/null`
+
+but it should contain:
+$srcfile
+
+This indicates that another process is trying to use the same
+temporary object file, and libtool could not work around it because
+your compiler does not support \`-c' and \`-o' together.  If you
+repeat this compilation, it may succeed, by chance, but you had better
+avoid parallel builds (make -j) in this platform, or get a better
+compiler."
+
+	$opt_dry_run || $RM $removelist
+	exit $EXIT_FAILURE
+      fi
+
+      # Just move the object if needed, then go on to compile the next one
+      if test -n "$output_obj" && test "X$output_obj" != "X$lobj"; then
+	func_show_eval '$MV "$output_obj" "$lobj"' \
+	  'error=$?; $opt_dry_run || $RM $removelist; exit $error'
+      fi
+
+      # Allow error messages only from the first compilation.
+      if test "$suppress_opt" = yes; then
+	suppress_output=' >/dev/null 2>&1'
+      fi
+    fi
+
+    # Only build a position-dependent object if we build old libraries.
+    if test "$build_old_libs" = yes; then
+      if test "$pic_mode" != yes; then
+	# Don't build PIC code
+	command="$base_compile $qsrcfile$pie_flag"
+      else
+	command="$base_compile $qsrcfile $pic_flag"
+      fi
+      if test "$compiler_c_o" = yes; then
+	func_append command " -o $obj"
+      fi
+
+      # Suppress compiler output if we already did a PIC compilation.
+      func_append command "$suppress_output"
+      func_show_eval_locale "$command" \
+        '$opt_dry_run || $RM $removelist; exit $EXIT_FAILURE'
+
+      if test "$need_locks" = warn &&
+	 test "X`cat $lockfile 2>/dev/null`" != "X$srcfile"; then
+	$ECHO "\
+*** ERROR, $lockfile contains:
+`cat $lockfile 2>/dev/null`
+
+but it should contain:
+$srcfile
+
+This indicates that another process is trying to use the same
+temporary object file, and libtool could not work around it because
+your compiler does not support \`-c' and \`-o' together.  If you
+repeat this compilation, it may succeed, by chance, but you had better
+avoid parallel builds (make -j) in this platform, or get a better
+compiler."
+
+	$opt_dry_run || $RM $removelist
+	exit $EXIT_FAILURE
+      fi
+
+      # Just move the object if needed
+      if test -n "$output_obj" && test "X$output_obj" != "X$obj"; then
+	func_show_eval '$MV "$output_obj" "$obj"' \
+	  'error=$?; $opt_dry_run || $RM $removelist; exit $error'
+      fi
+    fi
+
+    $opt_dry_run || {
+      func_write_libtool_object "$libobj" "$objdir/$objname" "$objname"
+
+      # Unlock the critical section if it was locked
+      if test "$need_locks" != no; then
+	removelist=$lockfile
+        $RM "$lockfile"
+      fi
+    }
+
+    exit $EXIT_SUCCESS
+}
+
+$opt_help || {
+  test "$opt_mode" = compile && func_mode_compile ${1+"$@"}
+}
+
+func_mode_help ()
+{
+    # We need to display help for each of the modes.
+    case $opt_mode in
+      "")
+        # Generic help is extracted from the usage comments
+        # at the start of this file.
+        func_help
+        ;;
+
+      clean)
+        $ECHO \
+"Usage: $progname [OPTION]... --mode=clean RM [RM-OPTION]... FILE...
+
+Remove files from the build directory.
+
+RM is the name of the program to use to delete files associated with each FILE
+(typically \`/bin/rm').  RM-OPTIONS are options (such as \`-f') to be passed
+to RM.
+
+If FILE is a libtool library, object or program, all the files associated
+with it are deleted. Otherwise, only FILE itself is deleted using RM."
+        ;;
+
+      compile)
+      $ECHO \
+"Usage: $progname [OPTION]... --mode=compile COMPILE-COMMAND... SOURCEFILE
+
+Compile a source file into a libtool library object.
+
+This mode accepts the following additional options:
+
+  -o OUTPUT-FILE    set the output file name to OUTPUT-FILE
+  -no-suppress      do not suppress compiler output for multiple passes
+  -prefer-pic       try to build PIC objects only
+  -prefer-non-pic   try to build non-PIC objects only
+  -shared           do not build a \`.o' file suitable for static linking
+  -static           only build a \`.o' file suitable for static linking
+  -Wc,FLAG          pass FLAG directly to the compiler
+
+COMPILE-COMMAND is a command to be used in creating a \`standard' object file
+from the given SOURCEFILE.
+
+The output file name is determined by removing the directory component from
+SOURCEFILE, then substituting the C source code suffix \`.c' with the
+library object suffix, \`.lo'."
+        ;;
+
+      execute)
+        $ECHO \
+"Usage: $progname [OPTION]... --mode=execute COMMAND [ARGS]...
+
+Automatically set library path, then run a program.
+
+This mode accepts the following additional options:
+
+  -dlopen FILE      add the directory containing FILE to the library path
+
+This mode sets the library path environment variable according to \`-dlopen'
+flags.
+
+If any of the ARGS are libtool executable wrappers, then they are translated
+into their corresponding uninstalled binary, and any of their required library
+directories are added to the library path.
+
+Then, COMMAND is executed, with ARGS as arguments."
+        ;;
+
+      finish)
+        $ECHO \
+"Usage: $progname [OPTION]... --mode=finish [LIBDIR]...
+
+Complete the installation of libtool libraries.
+
+Each LIBDIR is a directory that contains libtool libraries.
+
+The commands that this mode executes may require superuser privileges.  Use
+the \`--dry-run' option if you just want to see what would be executed."
+        ;;
+
+      install)
+        $ECHO \
+"Usage: $progname [OPTION]... --mode=install INSTALL-COMMAND...
+
+Install executables or libraries.
+
+INSTALL-COMMAND is the installation command.  The first component should be
+either the \`install' or \`cp' program.
+
+The following components of INSTALL-COMMAND are treated specially:
+
+  -inst-prefix-dir PREFIX-DIR  Use PREFIX-DIR as a staging area for installation
+
+The rest of the components are interpreted as arguments to that command (only
+BSD-compatible install options are recognized)."
+        ;;
+
+      link)
+        $ECHO \
+"Usage: $progname [OPTION]... --mode=link LINK-COMMAND...
+
+Link object files or libraries together to form another library, or to
+create an executable program.
+
+LINK-COMMAND is a command using the C compiler that you would use to create
+a program from several object files.
+
+The following components of LINK-COMMAND are treated specially:
+
+  -all-static       do not do any dynamic linking at all
+  -avoid-version    do not add a version suffix if possible
+  -bindir BINDIR    specify path to binaries directory (for systems where
+                    libraries must be found in the PATH setting at runtime)
+  -dlopen FILE      \`-dlpreopen' FILE if it cannot be dlopened at runtime
+  -dlpreopen FILE   link in FILE and add its symbols to lt_preloaded_symbols
+  -export-dynamic   allow symbols from OUTPUT-FILE to be resolved with dlsym(3)
+  -export-symbols SYMFILE
+                    try to export only the symbols listed in SYMFILE
+  -export-symbols-regex REGEX
+                    try to export only the symbols matching REGEX
+  -LLIBDIR          search LIBDIR for required installed libraries
+  -lNAME            OUTPUT-FILE requires the installed library libNAME
+  -module           build a library that can dlopened
+  -no-fast-install  disable the fast-install mode
+  -no-install       link a not-installable executable
+  -no-undefined     declare that a library does not refer to external symbols
+  -o OUTPUT-FILE    create OUTPUT-FILE from the specified objects
+  -objectlist FILE  Use a list of object files found in FILE to specify objects
+  -precious-files-regex REGEX
+                    don't remove output files matching REGEX
+  -release RELEASE  specify package release information
+  -rpath LIBDIR     the created library will eventually be installed in LIBDIR
+  -R[ ]LIBDIR       add LIBDIR to the runtime path of programs and libraries
+  -shared           only do dynamic linking of libtool libraries
+  -shrext SUFFIX    override the standard shared library file extension
+  -static           do not do any dynamic linking of uninstalled libtool libraries
+  -static-libtool-libs
+                    do not do any dynamic linking of libtool libraries
+  -version-info CURRENT[:REVISION[:AGE]]
+                    specify library version info [each variable defaults to 0]
+  -weak LIBNAME     declare that the target provides the LIBNAME interface
+  -Wc,FLAG
+  -Xcompiler FLAG   pass linker-specific FLAG directly to the compiler
+  -Wl,FLAG
+  -Xlinker FLAG     pass linker-specific FLAG directly to the linker
+  -XCClinker FLAG   pass link-specific FLAG to the compiler driver (CC)
+
+All other options (arguments beginning with \`-') are ignored.
+
+Every other argument is treated as a filename.  Files ending in \`.la' are
+treated as uninstalled libtool libraries, other files are standard or library
+object files.
+
+If the OUTPUT-FILE ends in \`.la', then a libtool library is created,
+only library objects (\`.lo' files) may be specified, and \`-rpath' is
+required, except when creating a convenience library.
+
+If OUTPUT-FILE ends in \`.a' or \`.lib', then a standard library is created
+using \`ar' and \`ranlib', or on Windows using \`lib'.
+
+If OUTPUT-FILE ends in \`.lo' or \`.${objext}', then a reloadable object file
+is created, otherwise an executable program is created."
+        ;;
+
+      uninstall)
+        $ECHO \
+"Usage: $progname [OPTION]... --mode=uninstall RM [RM-OPTION]... FILE...
+
+Remove libraries from an installation directory.
+
+RM is the name of the program to use to delete files associated with each FILE
+(typically \`/bin/rm').  RM-OPTIONS are options (such as \`-f') to be passed
+to RM.
+
+If FILE is a libtool library, all the files associated with it are deleted.
+Otherwise, only FILE itself is deleted using RM."
+        ;;
+
+      *)
+        func_fatal_help "invalid operation mode \`$opt_mode'"
+        ;;
+    esac
+
+    echo
+    $ECHO "Try \`$progname --help' for more information about other modes."
+}
+
+# Now that we've collected a possible --mode arg, show help if necessary
+if $opt_help; then
+  if test "$opt_help" = :; then
+    func_mode_help
+  else
+    {
+      func_help noexit
+      for opt_mode in compile link execute install finish uninstall clean; do
+	func_mode_help
+      done
+    } | sed -n '1p; 2,$s/^Usage:/  or: /p'
+    {
+      func_help noexit
+      for opt_mode in compile link execute install finish uninstall clean; do
+	echo
+	func_mode_help
+      done
+    } |
+    sed '1d
+      /^When reporting/,/^Report/{
+	H
+	d
+      }
+      $x
+      /information about other modes/d
+      /more detailed .*MODE/d
+      s/^Usage:.*--mode=\([^ ]*\) .*/Description of \1 mode:/'
+  fi
+  exit $?
+fi
+
+
+# func_mode_execute arg...
+func_mode_execute ()
+{
+    $opt_debug
+    # The first argument is the command name.
+    cmd="$nonopt"
+    test -z "$cmd" && \
+      func_fatal_help "you must specify a COMMAND"
+
+    # Handle -dlopen flags immediately.
+    for file in $opt_dlopen; do
+      test -f "$file" \
+	|| func_fatal_help "\`$file' is not a file"
+
+      dir=
+      case $file in
+      *.la)
+	func_resolve_sysroot "$file"
+	file=$func_resolve_sysroot_result
+
+	# Check to see that this really is a libtool archive.
+	func_lalib_unsafe_p "$file" \
+	  || func_fatal_help "\`$lib' is not a valid libtool archive"
+
+	# Read the libtool library.
+	dlname=
+	library_names=
+	func_source "$file"
+
+	# Skip this library if it cannot be dlopened.
+	if test -z "$dlname"; then
+	  # Warn if it was a shared library.
+	  test -n "$library_names" && \
+	    func_warning "\`$file' was not linked with \`-export-dynamic'"
+	  continue
+	fi
+
+	func_dirname "$file" "" "."
+	dir="$func_dirname_result"
+
+	if test -f "$dir/$objdir/$dlname"; then
+	  func_append dir "/$objdir"
+	else
+	  if test ! -f "$dir/$dlname"; then
+	    func_fatal_error "cannot find \`$dlname' in \`$dir' or \`$dir/$objdir'"
+	  fi
+	fi
+	;;
+
+      *.lo)
+	# Just add the directory containing the .lo file.
+	func_dirname "$file" "" "."
+	dir="$func_dirname_result"
+	;;
+
+      *)
+	func_warning "\`-dlopen' is ignored for non-libtool libraries and objects"
+	continue
+	;;
+      esac
+
+      # Get the absolute pathname.
+      absdir=`cd "$dir" && pwd`
+      test -n "$absdir" && dir="$absdir"
+
+      # Now add the directory to shlibpath_var.
+      if eval "test -z \"\$$shlibpath_var\""; then
+	eval "$shlibpath_var=\"\$dir\""
+      else
+	eval "$shlibpath_var=\"\$dir:\$$shlibpath_var\""
+      fi
+    done
+
+    # This variable tells wrapper scripts just to set shlibpath_var
+    # rather than running their programs.
+    libtool_execute_magic="$magic"
+
+    # Check if any of the arguments is a wrapper script.
+    args=
+    for file
+    do
+      case $file in
+      -* | *.la | *.lo ) ;;
+      *)
+	# Do a test to see if this is really a libtool program.
+	if func_ltwrapper_script_p "$file"; then
+	  func_source "$file"
+	  # Transform arg to wrapped name.
+	  file="$progdir/$program"
+	elif func_ltwrapper_executable_p "$file"; then
+	  func_ltwrapper_scriptname "$file"
+	  func_source "$func_ltwrapper_scriptname_result"
+	  # Transform arg to wrapped name.
+	  file="$progdir/$program"
+	fi
+	;;
+      esac
+      # Quote arguments (to preserve shell metacharacters).
+      func_append_quoted args "$file"
+    done
+
+    if test "X$opt_dry_run" = Xfalse; then
+      if test -n "$shlibpath_var"; then
+	# Export the shlibpath_var.
+	eval "export $shlibpath_var"
+      fi
+
+      # Restore saved environment variables
+      for lt_var in LANG LANGUAGE LC_ALL LC_CTYPE LC_COLLATE LC_MESSAGES
+      do
+	eval "if test \"\${save_$lt_var+set}\" = set; then
+                $lt_var=\$save_$lt_var; export $lt_var
+	      else
+		$lt_unset $lt_var
+	      fi"
+      done
+
+      # Now prepare to actually exec the command.
+      exec_cmd="\$cmd$args"
+    else
+      # Display what would be done.
+      if test -n "$shlibpath_var"; then
+	eval "\$ECHO \"\$shlibpath_var=\$$shlibpath_var\""
+	echo "export $shlibpath_var"
+      fi
+      $ECHO "$cmd$args"
+      exit $EXIT_SUCCESS
+    fi
+}
+
+test "$opt_mode" = execute && func_mode_execute ${1+"$@"}
+
+
+# func_mode_finish arg...
+func_mode_finish ()
+{
+    $opt_debug
+    libs=
+    libdirs=
+    admincmds=
+
+    for opt in "$nonopt" ${1+"$@"}
+    do
+      if test -d "$opt"; then
+	func_append libdirs " $opt"
+
+      elif test -f "$opt"; then
+	if func_lalib_unsafe_p "$opt"; then
+	  func_append libs " $opt"
+	else
+	  func_warning "\`$opt' is not a valid libtool archive"
+	fi
+
+      else
+	func_fatal_error "invalid argument \`$opt'"
+      fi
+    done
+
+    if test -n "$libs"; then
+      if test -n "$lt_sysroot"; then
+        sysroot_regex=`$ECHO "$lt_sysroot" | $SED "$sed_make_literal_regex"`
+        sysroot_cmd="s/\([ ']\)$sysroot_regex/\1/g;"
+      else
+        sysroot_cmd=
+      fi
+
+      # Remove sysroot references
+      if $opt_dry_run; then
+        for lib in $libs; do
+          echo "removing references to $lt_sysroot and \`=' prefixes from $lib"
+        done
+      else
+        tmpdir=`func_mktempdir`
+        for lib in $libs; do
+	  sed -e "${sysroot_cmd} s/\([ ']-[LR]\)=/\1/g; s/\([ ']\)=/\1/g" $lib \
+	    > $tmpdir/tmp-la
+	  mv -f $tmpdir/tmp-la $lib
+	done
+        ${RM}r "$tmpdir"
+      fi
+    fi
+
+    if test -n "$finish_cmds$finish_eval" && test -n "$libdirs"; then
+      for libdir in $libdirs; do
+	if test -n "$finish_cmds"; then
+	  # Do each command in the finish commands.
+	  func_execute_cmds "$finish_cmds" 'admincmds="$admincmds
+'"$cmd"'"'
+	fi
+	if test -n "$finish_eval"; then
+	  # Do the single finish_eval.
+	  eval cmds=\"$finish_eval\"
+	  $opt_dry_run || eval "$cmds" || func_append admincmds "
+       $cmds"
+	fi
+      done
+    fi
+
+    # Exit here if they wanted silent mode.
+    $opt_silent && exit $EXIT_SUCCESS
+
+    if test -n "$finish_cmds$finish_eval" && test -n "$libdirs"; then
+      echo "----------------------------------------------------------------------"
+      echo "Libraries have been installed in:"
+      for libdir in $libdirs; do
+	$ECHO "   $libdir"
+      done
+      echo
+      echo "If you ever happen to want to link against installed libraries"
+      echo "in a given directory, LIBDIR, you must either use libtool, and"
+      echo "specify the full pathname of the library, or use the \`-LLIBDIR'"
+      echo "flag during linking and do at least one of the following:"
+      if test -n "$shlibpath_var"; then
+	echo "   - add LIBDIR to the \`$shlibpath_var' environment variable"
+	echo "     during execution"
+      fi
+      if test -n "$runpath_var"; then
+	echo "   - add LIBDIR to the \`$runpath_var' environment variable"
+	echo "     during linking"
+      fi
+      if test -n "$hardcode_libdir_flag_spec"; then
+	libdir=LIBDIR
+	eval flag=\"$hardcode_libdir_flag_spec\"
+
+	$ECHO "   - use the \`$flag' linker flag"
+      fi
+      if test -n "$admincmds"; then
+	$ECHO "   - have your system administrator run these commands:$admincmds"
+      fi
+      if test -f /etc/ld.so.conf; then
+	echo "   - have your system administrator add LIBDIR to \`/etc/ld.so.conf'"
+      fi
+      echo
+
+      echo "See any operating system documentation about shared libraries for"
+      case $host in
+	solaris2.[6789]|solaris2.1[0-9])
+	  echo "more information, such as the ld(1), crle(1) and ld.so(8) manual"
+	  echo "pages."
+	  ;;
+	*)
+	  echo "more information, such as the ld(1) and ld.so(8) manual pages."
+	  ;;
+      esac
+      echo "----------------------------------------------------------------------"
+    fi
+    exit $EXIT_SUCCESS
+}
+
+test "$opt_mode" = finish && func_mode_finish ${1+"$@"}
+
+
+# func_mode_install arg...
+func_mode_install ()
+{
+    $opt_debug
+    # There may be an optional sh(1) argument at the beginning of
+    # install_prog (especially on Windows NT).
+    if test "$nonopt" = "$SHELL" || test "$nonopt" = /bin/sh ||
+       # Allow the use of GNU shtool's install command.
+       case $nonopt in *shtool*) :;; *) false;; esac; then
+      # Aesthetically quote it.
+      func_quote_for_eval "$nonopt"
+      install_prog="$func_quote_for_eval_result "
+      arg=$1
+      shift
+    else
+      install_prog=
+      arg=$nonopt
+    fi
+
+    # The real first argument should be the name of the installation program.
+    # Aesthetically quote it.
+    func_quote_for_eval "$arg"
+    func_append install_prog "$func_quote_for_eval_result"
+    install_shared_prog=$install_prog
+    case " $install_prog " in
+      *[\\\ /]cp\ *) install_cp=: ;;
+      *) install_cp=false ;;
+    esac
+
+    # We need to accept at least all the BSD install flags.
+    dest=
+    files=
+    opts=
+    prev=
+    install_type=
+    isdir=no
+    stripme=
+    no_mode=:
+    for arg
+    do
+      arg2=
+      if test -n "$dest"; then
+	func_append files " $dest"
+	dest=$arg
+	continue
+      fi
+
+      case $arg in
+      -d) isdir=yes ;;
+      -f)
+	if $install_cp; then :; else
+	  prev=$arg
+	fi
+	;;
+      -g | -m | -o)
+	prev=$arg
+	;;
+      -s)
+	stripme=" -s"
+	continue
+	;;
+      -*)
+	;;
+      *)
+	# If the previous option needed an argument, then skip it.
+	if test -n "$prev"; then
+	  if test "x$prev" = x-m && test -n "$install_override_mode"; then
+	    arg2=$install_override_mode
+	    no_mode=false
+	  fi
+	  prev=
+	else
+	  dest=$arg
+	  continue
+	fi
+	;;
+      esac
+
+      # Aesthetically quote the argument.
+      func_quote_for_eval "$arg"
+      func_append install_prog " $func_quote_for_eval_result"
+      if test -n "$arg2"; then
+	func_quote_for_eval "$arg2"
+      fi
+      func_append install_shared_prog " $func_quote_for_eval_result"
+    done
+
+    test -z "$install_prog" && \
+      func_fatal_help "you must specify an install program"
+
+    test -n "$prev" && \
+      func_fatal_help "the \`$prev' option requires an argument"
+
+    if test -n "$install_override_mode" && $no_mode; then
+      if $install_cp; then :; else
+	func_quote_for_eval "$install_override_mode"
+	func_append install_shared_prog " -m $func_quote_for_eval_result"
+      fi
+    fi
+
+    if test -z "$files"; then
+      if test -z "$dest"; then
+	func_fatal_help "no file or destination specified"
+      else
+	func_fatal_help "you must specify a destination"
+      fi
+    fi
+
+    # Strip any trailing slash from the destination.
+    func_stripname '' '/' "$dest"
+    dest=$func_stripname_result
+
+    # Check to see that the destination is a directory.
+    test -d "$dest" && isdir=yes
+    if test "$isdir" = yes; then
+      destdir="$dest"
+      destname=
+    else
+      func_dirname_and_basename "$dest" "" "."
+      destdir="$func_dirname_result"
+      destname="$func_basename_result"
+
+      # Not a directory, so check to see that there is only one file specified.
+      set dummy $files; shift
+      test "$#" -gt 1 && \
+	func_fatal_help "\`$dest' is not a directory"
+    fi
+    case $destdir in
+    [\\/]* | [A-Za-z]:[\\/]*) ;;
+    *)
+      for file in $files; do
+	case $file in
+	*.lo) ;;
+	*)
+	  func_fatal_help "\`$destdir' must be an absolute directory name"
+	  ;;
+	esac
+      done
+      ;;
+    esac
+
+    # This variable tells wrapper scripts just to set variables rather
+    # than running their programs.
+    libtool_install_magic="$magic"
+
+    staticlibs=
+    future_libdirs=
+    current_libdirs=
+    for file in $files; do
+
+      # Do each installation.
+      case $file in
+      *.$libext)
+	# Do the static libraries later.
+	func_append staticlibs " $file"
+	;;
+
+      *.la)
+	func_resolve_sysroot "$file"
+	file=$func_resolve_sysroot_result
+
+	# Check to see that this really is a libtool archive.
+	func_lalib_unsafe_p "$file" \
+	  || func_fatal_help "\`$file' is not a valid libtool archive"
+
+	library_names=
+	old_library=
+	relink_command=
+	func_source "$file"
+
+	# Add the libdir to current_libdirs if it is the destination.
+	if test "X$destdir" = "X$libdir"; then
+	  case "$current_libdirs " in
+	  *" $libdir "*) ;;
+	  *) func_append current_libdirs " $libdir" ;;
+	  esac
+	else
+	  # Note the libdir as a future libdir.
+	  case "$future_libdirs " in
+	  *" $libdir "*) ;;
+	  *) func_append future_libdirs " $libdir" ;;
+	  esac
+	fi
+
+	func_dirname "$file" "/" ""
+	dir="$func_dirname_result"
+	func_append dir "$objdir"
+
+	if test -n "$relink_command"; then
+	  # Determine the prefix the user has applied to our future dir.
+	  inst_prefix_dir=`$ECHO "$destdir" | $SED -e "s%$libdir\$%%"`
+
+	  # Don't allow the user to place us outside of our expected
+	  # location b/c this prevents finding dependent libraries that
+	  # are installed to the same prefix.
+	  # At present, this check doesn't affect windows .dll's that
+	  # are installed into $libdir/../bin (currently, that works fine)
+	  # but it's something to keep an eye on.
+	  test "$inst_prefix_dir" = "$destdir" && \
+	    func_fatal_error "error: cannot install \`$file' to a directory not ending in $libdir"
+
+	  if test -n "$inst_prefix_dir"; then
+	    # Stick the inst_prefix_dir data into the link command.
+	    relink_command=`$ECHO "$relink_command" | $SED "s%@inst_prefix_dir@%-inst-prefix-dir $inst_prefix_dir%"`
+	  else
+	    relink_command=`$ECHO "$relink_command" | $SED "s%@inst_prefix_dir@%%"`
+	  fi
+
+	  func_warning "relinking \`$file'"
+	  func_show_eval "$relink_command" \
+	    'func_fatal_error "error: relink \`$file'\'' with the above command before installing it"'
+	fi
+
+	# See the names of the shared library.
+	set dummy $library_names; shift
+	if test -n "$1"; then
+	  realname="$1"
+	  shift
+
+	  srcname="$realname"
+	  test -n "$relink_command" && srcname="$realname"T
+
+	  # Install the shared library and build the symlinks.
+	  func_show_eval "$install_shared_prog $dir/$srcname $destdir/$realname" \
+	      'exit $?'
+	  tstripme="$stripme"
+	  case $host_os in
+	  cygwin* | mingw* | pw32* | cegcc*)
+	    case $realname in
+	    *.dll.a)
+	      tstripme=""
+	      ;;
+	    esac
+	    ;;
+	  esac
+	  if test -n "$tstripme" && test -n "$striplib"; then
+	    func_show_eval "$striplib $destdir/$realname" 'exit $?'
+	  fi
+
+	  if test "$#" -gt 0; then
+	    # Delete the old symlinks, and create new ones.
+	    # Try `ln -sf' first, because the `ln' binary might depend on
+	    # the symlink we replace!  Solaris /bin/ln does not understand -f,
+	    # so we also need to try rm && ln -s.
+	    for linkname
+	    do
+	      test "$linkname" != "$realname" \
+		&& func_show_eval "(cd $destdir && { $LN_S -f $realname $linkname || { $RM $linkname && $LN_S $realname $linkname; }; })"
+	    done
+	  fi
+
+	  # Do each command in the postinstall commands.
+	  lib="$destdir/$realname"
+	  func_execute_cmds "$postinstall_cmds" 'exit $?'
+	fi
+
+	# Install the pseudo-library for information purposes.
+	func_basename "$file"
+	name="$func_basename_result"
+	instname="$dir/$name"i
+	func_show_eval "$install_prog $instname $destdir/$name" 'exit $?'
+
+	# Maybe install the static library, too.
+	test -n "$old_library" && func_append staticlibs " $dir/$old_library"
+	;;
+
+      *.lo)
+	# Install (i.e. copy) a libtool object.
+
+	# Figure out destination file name, if it wasn't already specified.
+	if test -n "$destname"; then
+	  destfile="$destdir/$destname"
+	else
+	  func_basename "$file"
+	  destfile="$func_basename_result"
+	  destfile="$destdir/$destfile"
+	fi
+
+	# Deduce the name of the destination old-style object file.
+	case $destfile in
+	*.lo)
+	  func_lo2o "$destfile"
+	  staticdest=$func_lo2o_result
+	  ;;
+	*.$objext)
+	  staticdest="$destfile"
+	  destfile=
+	  ;;
+	*)
+	  func_fatal_help "cannot copy a libtool object to \`$destfile'"
+	  ;;
+	esac
+
+	# Install the libtool object if requested.
+	test -n "$destfile" && \
+	  func_show_eval "$install_prog $file $destfile" 'exit $?'
+
+	# Install the old object if enabled.
+	if test "$build_old_libs" = yes; then
+	  # Deduce the name of the old-style object file.
+	  func_lo2o "$file"
+	  staticobj=$func_lo2o_result
+	  func_show_eval "$install_prog \$staticobj \$staticdest" 'exit $?'
+	fi
+	exit $EXIT_SUCCESS
+	;;
+
+      *)
+	# Figure out destination file name, if it wasn't already specified.
+	if test -n "$destname"; then
+	  destfile="$destdir/$destname"
+	else
+	  func_basename "$file"
+	  destfile="$func_basename_result"
+	  destfile="$destdir/$destfile"
+	fi
+
+	# If the file is missing, and there is a .exe on the end, strip it
+	# because it is most likely a libtool script we actually want to
+	# install
+	stripped_ext=""
+	case $file in
+	  *.exe)
+	    if test ! -f "$file"; then
+	      func_stripname '' '.exe' "$file"
+	      file=$func_stripname_result
+	      stripped_ext=".exe"
+	    fi
+	    ;;
+	esac
+
+	# Do a test to see if this is really a libtool program.
+	case $host in
+	*cygwin* | *mingw*)
+	    if func_ltwrapper_executable_p "$file"; then
+	      func_ltwrapper_scriptname "$file"
+	      wrapper=$func_ltwrapper_scriptname_result
+	    else
+	      func_stripname '' '.exe' "$file"
+	      wrapper=$func_stripname_result
+	    fi
+	    ;;
+	*)
+	    wrapper=$file
+	    ;;
+	esac
+	if func_ltwrapper_script_p "$wrapper"; then
+	  notinst_deplibs=
+	  relink_command=
+
+	  func_source "$wrapper"
+
+	  # Check the variables that should have been set.
+	  test -z "$generated_by_libtool_version" && \
+	    func_fatal_error "invalid libtool wrapper script \`$wrapper'"
+
+	  finalize=yes
+	  for lib in $notinst_deplibs; do
+	    # Check to see that each library is installed.
+	    libdir=
+	    if test -f "$lib"; then
+	      func_source "$lib"
+	    fi
+	    libfile="$libdir/"`$ECHO "$lib" | $SED 's%^.*/%%g'` ### testsuite: skip nested quoting test
+	    if test -n "$libdir" && test ! -f "$libfile"; then
+	      func_warning "\`$lib' has not been installed in \`$libdir'"
+	      finalize=no
+	    fi
+	  done
+
+	  relink_command=
+	  func_source "$wrapper"
+
+	  outputname=
+	  if test "$fast_install" = no && test -n "$relink_command"; then
+	    $opt_dry_run || {
+	      if test "$finalize" = yes; then
+	        tmpdir=`func_mktempdir`
+		func_basename "$file$stripped_ext"
+		file="$func_basename_result"
+	        outputname="$tmpdir/$file"
+	        # Replace the output file specification.
+	        relink_command=`$ECHO "$relink_command" | $SED 's%@OUTPUT@%'"$outputname"'%g'`
+
+	        $opt_silent || {
+	          func_quote_for_expand "$relink_command"
+		  eval "func_echo $func_quote_for_expand_result"
+	        }
+	        if eval "$relink_command"; then :
+	          else
+		  func_error "error: relink \`$file' with the above command before installing it"
+		  $opt_dry_run || ${RM}r "$tmpdir"
+		  continue
+	        fi
+	        file="$outputname"
+	      else
+	        func_warning "cannot relink \`$file'"
+	      fi
+	    }
+	  else
+	    # Install the binary that we compiled earlier.
+	    file=`$ECHO "$file$stripped_ext" | $SED "s%\([^/]*\)$%$objdir/\1%"`
+	  fi
+	fi
+
+	# remove .exe since cygwin /usr/bin/install will append another
+	# one anyway
+	case $install_prog,$host in
+	*/usr/bin/install*,*cygwin*)
+	  case $file:$destfile in
+	  *.exe:*.exe)
+	    # this is ok
+	    ;;
+	  *.exe:*)
+	    destfile=$destfile.exe
+	    ;;
+	  *:*.exe)
+	    func_stripname '' '.exe' "$destfile"
+	    destfile=$func_stripname_result
+	    ;;
+	  esac
+	  ;;
+	esac
+	func_show_eval "$install_prog\$stripme \$file \$destfile" 'exit $?'
+	$opt_dry_run || if test -n "$outputname"; then
+	  ${RM}r "$tmpdir"
+	fi
+	;;
+      esac
+    done
+
+    for file in $staticlibs; do
+      func_basename "$file"
+      name="$func_basename_result"
+
+      # Set up the ranlib parameters.
+      oldlib="$destdir/$name"
+      func_to_tool_file "$oldlib" func_convert_file_msys_to_w32
+      tool_oldlib=$func_to_tool_file_result
+
+      func_show_eval "$install_prog \$file \$oldlib" 'exit $?'
+
+      if test -n "$stripme" && test -n "$old_striplib"; then
+	func_show_eval "$old_striplib $tool_oldlib" 'exit $?'
+      fi
+
+      # Do each command in the postinstall commands.
+      func_execute_cmds "$old_postinstall_cmds" 'exit $?'
+    done
+
+    test -n "$future_libdirs" && \
+      func_warning "remember to run \`$progname --finish$future_libdirs'"
+
+    if test -n "$current_libdirs"; then
+      # Maybe just do a dry run.
+      $opt_dry_run && current_libdirs=" -n$current_libdirs"
+      exec_cmd='$SHELL $progpath $preserve_args --finish$current_libdirs'
+    else
+      exit $EXIT_SUCCESS
+    fi
+}
+
+test "$opt_mode" = install && func_mode_install ${1+"$@"}
+
+
+# func_generate_dlsyms outputname originator pic_p
+# Extract symbols from dlprefiles and create ${outputname}S.o with
+# a dlpreopen symbol table.
+func_generate_dlsyms ()
+{
+    $opt_debug
+    my_outputname="$1"
+    my_originator="$2"
+    my_pic_p="${3-no}"
+    my_prefix=`$ECHO "$my_originator" | sed 's%[^a-zA-Z0-9]%_%g'`
+    my_dlsyms=
+
+    if test -n "$dlfiles$dlprefiles" || test "$dlself" != no; then
+      if test -n "$NM" && test -n "$global_symbol_pipe"; then
+	my_dlsyms="${my_outputname}S.c"
+      else
+	func_error "not configured to extract global symbols from dlpreopened files"
+      fi
+    fi
+
+    if test -n "$my_dlsyms"; then
+      case $my_dlsyms in
+      "") ;;
+      *.c)
+	# Discover the nlist of each of the dlfiles.
+	nlist="$output_objdir/${my_outputname}.nm"
+
+	func_show_eval "$RM $nlist ${nlist}S ${nlist}T"
+
+	# Parse the name list into a source file.
+	func_verbose "creating $output_objdir/$my_dlsyms"
+
+	$opt_dry_run || $ECHO > "$output_objdir/$my_dlsyms" "\
+/* $my_dlsyms - symbol resolution table for \`$my_outputname' dlsym emulation. */
+/* Generated by $PROGRAM (GNU $PACKAGE$TIMESTAMP) $VERSION */
+
+#ifdef __cplusplus
+extern \"C\" {
+#endif
+
+#if defined(__GNUC__) && (((__GNUC__ == 4) && (__GNUC_MINOR__ >= 4)) || (__GNUC__ > 4))
+#pragma GCC diagnostic ignored \"-Wstrict-prototypes\"
+#endif
+
+/* Keep this code in sync between libtool.m4, ltmain, lt_system.h, and tests.  */
+#if defined(_WIN32) || defined(__CYGWIN__) || defined(_WIN32_WCE)
+/* DATA imports from DLLs on WIN32 con't be const, because runtime
+   relocations are performed -- see ld's documentation on pseudo-relocs.  */
+# define LT_DLSYM_CONST
+#elif defined(__osf__)
+/* This system does not cope well with relocations in const data.  */
+# define LT_DLSYM_CONST
+#else
+# define LT_DLSYM_CONST const
+#endif
+
+/* External symbol declarations for the compiler. */\
+"
+
+	if test "$dlself" = yes; then
+	  func_verbose "generating symbol list for \`$output'"
+
+	  $opt_dry_run || echo ': @PROGRAM@ ' > "$nlist"
+
+	  # Add our own program objects to the symbol list.
+	  progfiles=`$ECHO "$objs$old_deplibs" | $SP2NL | $SED "$lo2o" | $NL2SP`
+	  for progfile in $progfiles; do
+	    func_to_tool_file "$progfile" func_convert_file_msys_to_w32
+	    func_verbose "extracting global C symbols from \`$func_to_tool_file_result'"
+	    $opt_dry_run || eval "$NM $func_to_tool_file_result | $global_symbol_pipe >> '$nlist'"
+	  done
+
+	  if test -n "$exclude_expsyms"; then
+	    $opt_dry_run || {
+	      eval '$EGREP -v " ($exclude_expsyms)$" "$nlist" > "$nlist"T'
+	      eval '$MV "$nlist"T "$nlist"'
+	    }
+	  fi
+
+	  if test -n "$export_symbols_regex"; then
+	    $opt_dry_run || {
+	      eval '$EGREP -e "$export_symbols_regex" "$nlist" > "$nlist"T'
+	      eval '$MV "$nlist"T "$nlist"'
+	    }
+	  fi
+
+	  # Prepare the list of exported symbols
+	  if test -z "$export_symbols"; then
+	    export_symbols="$output_objdir/$outputname.exp"
+	    $opt_dry_run || {
+	      $RM $export_symbols
+	      eval "${SED} -n -e '/^: @PROGRAM@ $/d' -e 's/^.* \(.*\)$/\1/p' "'< "$nlist" > "$export_symbols"'
+	      case $host in
+	      *cygwin* | *mingw* | *cegcc* )
+                eval "echo EXPORTS "'> "$output_objdir/$outputname.def"'
+                eval 'cat "$export_symbols" >> "$output_objdir/$outputname.def"'
+	        ;;
+	      esac
+	    }
+	  else
+	    $opt_dry_run || {
+	      eval "${SED} -e 's/\([].[*^$]\)/\\\\\1/g' -e 's/^/ /' -e 's/$/$/'"' < "$export_symbols" > "$output_objdir/$outputname.exp"'
+	      eval '$GREP -f "$output_objdir/$outputname.exp" < "$nlist" > "$nlist"T'
+	      eval '$MV "$nlist"T "$nlist"'
+	      case $host in
+	        *cygwin* | *mingw* | *cegcc* )
+	          eval "echo EXPORTS "'> "$output_objdir/$outputname.def"'
+	          eval 'cat "$nlist" >> "$output_objdir/$outputname.def"'
+	          ;;
+	      esac
+	    }
+	  fi
+	fi
+
+	for dlprefile in $dlprefiles; do
+	  func_verbose "extracting global C symbols from \`$dlprefile'"
+	  func_basename "$dlprefile"
+	  name="$func_basename_result"
+          case $host in
+	    *cygwin* | *mingw* | *cegcc* )
+	      # if an import library, we need to obtain dlname
+	      if func_win32_import_lib_p "$dlprefile"; then
+	        func_tr_sh "$dlprefile"
+	        eval "curr_lafile=\$libfile_$func_tr_sh_result"
+	        dlprefile_dlbasename=""
+	        if test -n "$curr_lafile" && func_lalib_p "$curr_lafile"; then
+	          # Use subshell, to avoid clobbering current variable values
+	          dlprefile_dlname=`source "$curr_lafile" && echo "$dlname"`
+	          if test -n "$dlprefile_dlname" ; then
+	            func_basename "$dlprefile_dlname"
+	            dlprefile_dlbasename="$func_basename_result"
+	          else
+	            # no lafile. user explicitly requested -dlpreopen .
+	            $sharedlib_from_linklib_cmd "$dlprefile"
+	            dlprefile_dlbasename=$sharedlib_from_linklib_result
+	          fi
+	        fi
+	        $opt_dry_run || {
+	          if test -n "$dlprefile_dlbasename" ; then
+	            eval '$ECHO ": $dlprefile_dlbasename" >> "$nlist"'
+	          else
+	            func_warning "Could not compute DLL name from $name"
+	            eval '$ECHO ": $name " >> "$nlist"'
+	          fi
+	          func_to_tool_file "$dlprefile" func_convert_file_msys_to_w32
+	          eval "$NM \"$func_to_tool_file_result\" 2>/dev/null | $global_symbol_pipe |
+	            $SED -e '/I __imp/d' -e 's/I __nm_/D /;s/_nm__//' >> '$nlist'"
+	        }
+	      else # not an import lib
+	        $opt_dry_run || {
+	          eval '$ECHO ": $name " >> "$nlist"'
+	          func_to_tool_file "$dlprefile" func_convert_file_msys_to_w32
+	          eval "$NM \"$func_to_tool_file_result\" 2>/dev/null | $global_symbol_pipe >> '$nlist'"
+	        }
+	      fi
+	    ;;
+	    *)
+	      $opt_dry_run || {
+	        eval '$ECHO ": $name " >> "$nlist"'
+	        func_to_tool_file "$dlprefile" func_convert_file_msys_to_w32
+	        eval "$NM \"$func_to_tool_file_result\" 2>/dev/null | $global_symbol_pipe >> '$nlist'"
+	      }
+	    ;;
+          esac
+	done
+
+	$opt_dry_run || {
+	  # Make sure we have at least an empty file.
+	  test -f "$nlist" || : > "$nlist"
+
+	  if test -n "$exclude_expsyms"; then
+	    $EGREP -v " ($exclude_expsyms)$" "$nlist" > "$nlist"T
+	    $MV "$nlist"T "$nlist"
+	  fi
+
+	  # Try sorting and uniquifying the output.
+	  if $GREP -v "^: " < "$nlist" |
+	      if sort -k 3 /dev/null 2>&1; then
+		sort -k 3
+	      else
+		sort +2
+	      fi |
+	      uniq > "$nlist"S; then
+	    :
+	  else
+	    $GREP -v "^: " < "$nlist" > "$nlist"S
+	  fi
+
+	  if test -f "$nlist"S; then
+	    eval "$global_symbol_to_cdecl"' < "$nlist"S >> "$output_objdir/$my_dlsyms"'
+	  else
+	    echo '/* NONE */' >> "$output_objdir/$my_dlsyms"
+	  fi
+
+	  echo >> "$output_objdir/$my_dlsyms" "\
+
+/* The mapping between symbol names and symbols.  */
+typedef struct {
+  const char *name;
+  void *address;
+} lt_dlsymlist;
+extern LT_DLSYM_CONST lt_dlsymlist
+lt_${my_prefix}_LTX_preloaded_symbols[];
+LT_DLSYM_CONST lt_dlsymlist
+lt_${my_prefix}_LTX_preloaded_symbols[] =
+{\
+  { \"$my_originator\", (void *) 0 },"
+
+	  case $need_lib_prefix in
+	  no)
+	    eval "$global_symbol_to_c_name_address" < "$nlist" >> "$output_objdir/$my_dlsyms"
+	    ;;
+	  *)
+	    eval "$global_symbol_to_c_name_address_lib_prefix" < "$nlist" >> "$output_objdir/$my_dlsyms"
+	    ;;
+	  esac
+	  echo >> "$output_objdir/$my_dlsyms" "\
+  {0, (void *) 0}
+};
+
+/* This works around a problem in FreeBSD linker */
+#ifdef FREEBSD_WORKAROUND
+static const void *lt_preloaded_setup() {
+  return lt_${my_prefix}_LTX_preloaded_symbols;
+}
+#endif
+
+#ifdef __cplusplus
+}
+#endif\
+"
+	} # !$opt_dry_run
+
+	pic_flag_for_symtable=
+	case "$compile_command " in
+	*" -static "*) ;;
+	*)
+	  case $host in
+	  # compiling the symbol table file with pic_flag works around
+	  # a FreeBSD bug that causes programs to crash when -lm is
+	  # linked before any other PIC object.  But we must not use
+	  # pic_flag when linking with -static.  The problem exists in
+	  # FreeBSD 2.2.6 and is fixed in FreeBSD 3.1.
+	  *-*-freebsd2.*|*-*-freebsd3.0*|*-*-freebsdelf3.0*)
+	    pic_flag_for_symtable=" $pic_flag -DFREEBSD_WORKAROUND" ;;
+	  *-*-hpux*)
+	    pic_flag_for_symtable=" $pic_flag"  ;;
+	  *)
+	    if test "X$my_pic_p" != Xno; then
+	      pic_flag_for_symtable=" $pic_flag"
+	    fi
+	    ;;
+	  esac
+	  ;;
+	esac
+	symtab_cflags=
+	for arg in $LTCFLAGS; do
+	  case $arg in
+	  -pie | -fpie | -fPIE) ;;
+	  *) func_append symtab_cflags " $arg" ;;
+	  esac
+	done
+
+	# Now compile the dynamic symbol file.
+	func_show_eval '(cd $output_objdir && $LTCC$symtab_cflags -c$no_builtin_flag$pic_flag_for_symtable "$my_dlsyms")' 'exit $?'
+
+	# Clean up the generated files.
+	func_show_eval '$RM "$output_objdir/$my_dlsyms" "$nlist" "${nlist}S" "${nlist}T"'
+
+	# Transform the symbol file into the correct name.
+	symfileobj="$output_objdir/${my_outputname}S.$objext"
+	case $host in
+	*cygwin* | *mingw* | *cegcc* )
+	  if test -f "$output_objdir/$my_outputname.def"; then
+	    compile_command=`$ECHO "$compile_command" | $SED "s%@SYMFILE@%$output_objdir/$my_outputname.def $symfileobj%"`
+	    finalize_command=`$ECHO "$finalize_command" | $SED "s%@SYMFILE@%$output_objdir/$my_outputname.def $symfileobj%"`
+	  else
+	    compile_command=`$ECHO "$compile_command" | $SED "s%@SYMFILE@%$symfileobj%"`
+	    finalize_command=`$ECHO "$finalize_command" | $SED "s%@SYMFILE@%$symfileobj%"`
+	  fi
+	  ;;
+	*)
+	  compile_command=`$ECHO "$compile_command" | $SED "s%@SYMFILE@%$symfileobj%"`
+	  finalize_command=`$ECHO "$finalize_command" | $SED "s%@SYMFILE@%$symfileobj%"`
+	  ;;
+	esac
+	;;
+      *)
+	func_fatal_error "unknown suffix for \`$my_dlsyms'"
+	;;
+      esac
+    else
+      # We keep going just in case the user didn't refer to
+      # lt_preloaded_symbols.  The linker will fail if global_symbol_pipe
+      # really was required.
+
+      # Nullify the symbol file.
+      compile_command=`$ECHO "$compile_command" | $SED "s% @SYMFILE@%%"`
+      finalize_command=`$ECHO "$finalize_command" | $SED "s% @SYMFILE@%%"`
+    fi
+}
+
+# func_win32_libid arg
+# return the library type of file 'arg'
+#
+# Need a lot of goo to handle *both* DLLs and import libs
+# Has to be a shell function in order to 'eat' the argument
+# that is supplied when $file_magic_command is called.
+# Despite the name, also deal with 64 bit binaries.
+func_win32_libid ()
+{
+  $opt_debug
+  win32_libid_type="unknown"
+  win32_fileres=`file -L $1 2>/dev/null`
+  case $win32_fileres in
+  *ar\ archive\ import\ library*) # definitely import
+    win32_libid_type="x86 archive import"
+    ;;
+  *ar\ archive*) # could be an import, or static
+    # Keep the egrep pattern in sync with the one in _LT_CHECK_MAGIC_METHOD.
+    if eval $OBJDUMP -f $1 | $SED -e '10q' 2>/dev/null |
+       $EGREP 'file format (pei*-i386(.*architecture: i386)?|pe-arm-wince|pe-x86-64)' >/dev/null; then
+      func_to_tool_file "$1" func_convert_file_msys_to_w32
+      win32_nmres=`eval $NM -f posix -A \"$func_to_tool_file_result\" |
+	$SED -n -e '
+	    1,100{
+		/ I /{
+		    s,.*,import,
+		    p
+		    q
+		}
+	    }'`
+      case $win32_nmres in
+      import*)  win32_libid_type="x86 archive import";;
+      *)        win32_libid_type="x86 archive static";;
+      esac
+    fi
+    ;;
+  *DLL*)
+    win32_libid_type="x86 DLL"
+    ;;
+  *executable*) # but shell scripts are "executable" too...
+    case $win32_fileres in
+    *MS\ Windows\ PE\ Intel*)
+      win32_libid_type="x86 DLL"
+      ;;
+    esac
+    ;;
+  esac
+  $ECHO "$win32_libid_type"
+}
+
+# func_cygming_dll_for_implib ARG
+#
+# Platform-specific function to extract the
+# name of the DLL associated with the specified
+# import library ARG.
+# Invoked by eval'ing the libtool variable
+#    $sharedlib_from_linklib_cmd
+# Result is available in the variable
+#    $sharedlib_from_linklib_result
+func_cygming_dll_for_implib ()
+{
+  $opt_debug
+  sharedlib_from_linklib_result=`$DLLTOOL --identify-strict --identify "$1"`
+}
+
+# func_cygming_dll_for_implib_fallback_core SECTION_NAME LIBNAMEs
+#
+# The is the core of a fallback implementation of a
+# platform-specific function to extract the name of the
+# DLL associated with the specified import library LIBNAME.
+#
+# SECTION_NAME is either .idata$6 or .idata$7, depending
+# on the platform and compiler that created the implib.
+#
+# Echos the name of the DLL associated with the
+# specified import library.
+func_cygming_dll_for_implib_fallback_core ()
+{
+  $opt_debug
+  match_literal=`$ECHO "$1" | $SED "$sed_make_literal_regex"`
+  $OBJDUMP -s --section "$1" "$2" 2>/dev/null |
+    $SED '/^Contents of section '"$match_literal"':/{
+      # Place marker at beginning of archive member dllname section
+      s/.*/====MARK====/
+      p
+      d
+    }
+    # These lines can sometimes be longer than 43 characters, but
+    # are always uninteresting
+    /:[	 ]*file format pe[i]\{,1\}-/d
+    /^In archive [^:]*:/d
+    # Ensure marker is printed
+    /^====MARK====/p
+    # Remove all lines with less than 43 characters
+    /^.\{43\}/!d
+    # From remaining lines, remove first 43 characters
+    s/^.\{43\}//' |
+    $SED -n '
+      # Join marker and all lines until next marker into a single line
+      /^====MARK====/ b para
+      H
+      $ b para
+      b
+      :para
+      x
+      s/\n//g
+      # Remove the marker
+      s/^====MARK====//
+      # Remove trailing dots and whitespace
+      s/[\. \t]*$//
+      # Print
+      /./p' |
+    # we now have a list, one entry per line, of the stringified
+    # contents of the appropriate section of all members of the
+    # archive which possess that section. Heuristic: eliminate
+    # all those which have a first or second character that is
+    # a '.' (that is, objdump's representation of an unprintable
+    # character.) This should work for all archives with less than
+    # 0x302f exports -- but will fail for DLLs whose name actually
+    # begins with a literal '.' or a single character followed by
+    # a '.'.
+    #
+    # Of those that remain, print the first one.
+    $SED -e '/^\./d;/^.\./d;q'
+}
+
+# func_cygming_gnu_implib_p ARG
+# This predicate returns with zero status (TRUE) if
+# ARG is a GNU/binutils-style import library. Returns
+# with nonzero status (FALSE) otherwise.
+func_cygming_gnu_implib_p ()
+{
+  $opt_debug
+  func_to_tool_file "$1" func_convert_file_msys_to_w32
+  func_cygming_gnu_implib_tmp=`$NM "$func_to_tool_file_result" | eval "$global_symbol_pipe" | $EGREP ' (_head_[A-Za-z0-9_]+_[ad]l*|[A-Za-z0-9_]+_[ad]l*_iname)$'`
+  test -n "$func_cygming_gnu_implib_tmp"
+}
+
+# func_cygming_ms_implib_p ARG
+# This predicate returns with zero status (TRUE) if
+# ARG is an MS-style import library. Returns
+# with nonzero status (FALSE) otherwise.
+func_cygming_ms_implib_p ()
+{
+  $opt_debug
+  func_to_tool_file "$1" func_convert_file_msys_to_w32
+  func_cygming_ms_implib_tmp=`$NM "$func_to_tool_file_result" | eval "$global_symbol_pipe" | $GREP '_NULL_IMPORT_DESCRIPTOR'`
+  test -n "$func_cygming_ms_implib_tmp"
+}
+
+# func_cygming_dll_for_implib_fallback ARG
+# Platform-specific function to extract the
+# name of the DLL associated with the specified
+# import library ARG.
+#
+# This fallback implementation is for use when $DLLTOOL
+# does not support the --identify-strict option.
+# Invoked by eval'ing the libtool variable
+#    $sharedlib_from_linklib_cmd
+# Result is available in the variable
+#    $sharedlib_from_linklib_result
+func_cygming_dll_for_implib_fallback ()
+{
+  $opt_debug
+  if func_cygming_gnu_implib_p "$1" ; then
+    # binutils import library
+    sharedlib_from_linklib_result=`func_cygming_dll_for_implib_fallback_core '.idata$7' "$1"`
+  elif func_cygming_ms_implib_p "$1" ; then
+    # ms-generated import library
+    sharedlib_from_linklib_result=`func_cygming_dll_for_implib_fallback_core '.idata$6' "$1"`
+  else
+    # unknown
+    sharedlib_from_linklib_result=""
+  fi
+}
+
+
+# func_extract_an_archive dir oldlib
+func_extract_an_archive ()
+{
+    $opt_debug
+    f_ex_an_ar_dir="$1"; shift
+    f_ex_an_ar_oldlib="$1"
+    if test "$lock_old_archive_extraction" = yes; then
+      lockfile=$f_ex_an_ar_oldlib.lock
+      until $opt_dry_run || ln "$progpath" "$lockfile" 2>/dev/null; do
+	func_echo "Waiting for $lockfile to be removed"
+	sleep 2
+      done
+    fi
+    func_show_eval "(cd \$f_ex_an_ar_dir && $AR x \"\$f_ex_an_ar_oldlib\")" \
+		   'stat=$?; rm -f "$lockfile"; exit $stat'
+    if test "$lock_old_archive_extraction" = yes; then
+      $opt_dry_run || rm -f "$lockfile"
+    fi
+    if ($AR t "$f_ex_an_ar_oldlib" | sort | sort -uc >/dev/null 2>&1); then
+     :
+    else
+      func_fatal_error "object name conflicts in archive: $f_ex_an_ar_dir/$f_ex_an_ar_oldlib"
+    fi
+}
+
+
+# func_extract_archives gentop oldlib ...
+func_extract_archives ()
+{
+    $opt_debug
+    my_gentop="$1"; shift
+    my_oldlibs=${1+"$@"}
+    my_oldobjs=""
+    my_xlib=""
+    my_xabs=""
+    my_xdir=""
+
+    for my_xlib in $my_oldlibs; do
+      # Extract the objects.
+      case $my_xlib in
+	[\\/]* | [A-Za-z]:[\\/]*) my_xabs="$my_xlib" ;;
+	*) my_xabs=`pwd`"/$my_xlib" ;;
+      esac
+      func_basename "$my_xlib"
+      my_xlib="$func_basename_result"
+      my_xlib_u=$my_xlib
+      while :; do
+        case " $extracted_archives " in
+	*" $my_xlib_u "*)
+	  func_arith $extracted_serial + 1
+	  extracted_serial=$func_arith_result
+	  my_xlib_u=lt$extracted_serial-$my_xlib ;;
+	*) break ;;
+	esac
+      done
+      extracted_archives="$extracted_archives $my_xlib_u"
+      my_xdir="$my_gentop/$my_xlib_u"
+
+      func_mkdir_p "$my_xdir"
+
+      case $host in
+      *-darwin*)
+	func_verbose "Extracting $my_xabs"
+	# Do not bother doing anything if just a dry run
+	$opt_dry_run || {
+	  darwin_orig_dir=`pwd`
+	  cd $my_xdir || exit $?
+	  darwin_archive=$my_xabs
+	  darwin_curdir=`pwd`
+	  darwin_base_archive=`basename "$darwin_archive"`
+	  darwin_arches=`$LIPO -info "$darwin_archive" 2>/dev/null | $GREP Architectures 2>/dev/null || true`
+	  if test -n "$darwin_arches"; then
+	    darwin_arches=`$ECHO "$darwin_arches" | $SED -e 's/.*are://'`
+	    darwin_arch=
+	    func_verbose "$darwin_base_archive has multiple architectures $darwin_arches"
+	    for darwin_arch in  $darwin_arches ; do
+	      func_mkdir_p "unfat-$$/${darwin_base_archive}-${darwin_arch}"
+	      $LIPO -thin $darwin_arch -output "unfat-$$/${darwin_base_archive}-${darwin_arch}/${darwin_base_archive}" "${darwin_archive}"
+	      cd "unfat-$$/${darwin_base_archive}-${darwin_arch}"
+	      func_extract_an_archive "`pwd`" "${darwin_base_archive}"
+	      cd "$darwin_curdir"
+	      $RM "unfat-$$/${darwin_base_archive}-${darwin_arch}/${darwin_base_archive}"
+	    done # $darwin_arches
+            ## Okay now we've a bunch of thin objects, gotta fatten them up :)
+	    darwin_filelist=`find unfat-$$ -type f -name \*.o -print -o -name \*.lo -print | $SED -e "$basename" | sort -u`
+	    darwin_file=
+	    darwin_files=
+	    for darwin_file in $darwin_filelist; do
+	      darwin_files=`find unfat-$$ -name $darwin_file -print | sort | $NL2SP`
+	      $LIPO -create -output "$darwin_file" $darwin_files
+	    done # $darwin_filelist
+	    $RM -rf unfat-$$
+	    cd "$darwin_orig_dir"
+	  else
+	    cd $darwin_orig_dir
+	    func_extract_an_archive "$my_xdir" "$my_xabs"
+	  fi # $darwin_arches
+	} # !$opt_dry_run
+	;;
+      *)
+        func_extract_an_archive "$my_xdir" "$my_xabs"
+	;;
+      esac
+      my_oldobjs="$my_oldobjs "`find $my_xdir -name \*.$objext -print -o -name \*.lo -print | sort | $NL2SP`
+    done
+
+    func_extract_archives_result="$my_oldobjs"
+}
+
+
+# func_emit_wrapper [arg=no]
+#
+# Emit a libtool wrapper script on stdout.
+# Don't directly open a file because we may want to
+# incorporate the script contents within a cygwin/mingw
+# wrapper executable.  Must ONLY be called from within
+# func_mode_link because it depends on a number of variables
+# set therein.
+#
+# ARG is the value that the WRAPPER_SCRIPT_BELONGS_IN_OBJDIR
+# variable will take.  If 'yes', then the emitted script
+# will assume that the directory in which it is stored is
+# the $objdir directory.  This is a cygwin/mingw-specific
+# behavior.
+func_emit_wrapper ()
+{
+	func_emit_wrapper_arg1=${1-no}
+
+	$ECHO "\
+#! $SHELL
+
+# $output - temporary wrapper script for $objdir/$outputname
+# Generated by $PROGRAM (GNU $PACKAGE$TIMESTAMP) $VERSION
+#
+# The $output program cannot be directly executed until all the libtool
+# libraries that it depends on are installed.
+#
+# This wrapper script should never be moved out of the build directory.
+# If it is, it will not operate correctly.
+
+# Sed substitution that helps us do robust quoting.  It backslashifies
+# metacharacters that are still active within double-quoted strings.
+sed_quote_subst='$sed_quote_subst'
+
+# Be Bourne compatible
+if test -n \"\${ZSH_VERSION+set}\" && (emulate sh) >/dev/null 2>&1; then
+  emulate sh
+  NULLCMD=:
+  # Zsh 3.x and 4.x performs word splitting on \${1+\"\$@\"}, which
+  # is contrary to our usage.  Disable this feature.
+  alias -g '\${1+\"\$@\"}'='\"\$@\"'
+  setopt NO_GLOB_SUBST
+else
+  case \`(set -o) 2>/dev/null\` in *posix*) set -o posix;; esac
+fi
+BIN_SH=xpg4; export BIN_SH # for Tru64
+DUALCASE=1; export DUALCASE # for MKS sh
+
+# The HP-UX ksh and POSIX shell print the target directory to stdout
+# if CDPATH is set.
+(unset CDPATH) >/dev/null 2>&1 && unset CDPATH
+
+relink_command=\"$relink_command\"
+
+# This environment variable determines our operation mode.
+if test \"\$libtool_install_magic\" = \"$magic\"; then
+  # install mode needs the following variables:
+  generated_by_libtool_version='$macro_version'
+  notinst_deplibs='$notinst_deplibs'
+else
+  # When we are sourced in execute mode, \$file and \$ECHO are already set.
+  if test \"\$libtool_execute_magic\" != \"$magic\"; then
+    file=\"\$0\""
+
+    qECHO=`$ECHO "$ECHO" | $SED "$sed_quote_subst"`
+    $ECHO "\
+
+# A function that is used when there is no print builtin or printf.
+func_fallback_echo ()
+{
+  eval 'cat <<_LTECHO_EOF
+\$1
+_LTECHO_EOF'
+}
+    ECHO=\"$qECHO\"
+  fi
+
+# Very basic option parsing. These options are (a) specific to
+# the libtool wrapper, (b) are identical between the wrapper
+# /script/ and the wrapper /executable/ which is used only on
+# windows platforms, and (c) all begin with the string "--lt-"
+# (application programs are unlikely to have options which match
+# this pattern).
+#
+# There are only two supported options: --lt-debug and
+# --lt-dump-script. There is, deliberately, no --lt-help.
+#
+# The first argument to this parsing function should be the
+# script's $0 value, followed by "$@".
+lt_option_debug=
+func_parse_lt_options ()
+{
+  lt_script_arg0=\$0
+  shift
+  for lt_opt
+  do
+    case \"\$lt_opt\" in
+    --lt-debug) lt_option_debug=1 ;;
+    --lt-dump-script)
+        lt_dump_D=\`\$ECHO \"X\$lt_script_arg0\" | $SED -e 's/^X//' -e 's%/[^/]*$%%'\`
+        test \"X\$lt_dump_D\" = \"X\$lt_script_arg0\" && lt_dump_D=.
+        lt_dump_F=\`\$ECHO \"X\$lt_script_arg0\" | $SED -e 's/^X//' -e 's%^.*/%%'\`
+        cat \"\$lt_dump_D/\$lt_dump_F\"
+        exit 0
+      ;;
+    --lt-*)
+        \$ECHO \"Unrecognized --lt- option: '\$lt_opt'\" 1>&2
+        exit 1
+      ;;
+    esac
+  done
+
+  # Print the debug banner immediately:
+  if test -n \"\$lt_option_debug\"; then
+    echo \"${outputname}:${output}:\${LINENO}: libtool wrapper (GNU $PACKAGE$TIMESTAMP) $VERSION\" 1>&2
+  fi
+}
+
+# Used when --lt-debug. Prints its arguments to stdout
+# (redirection is the responsibility of the caller)
+func_lt_dump_args ()
+{
+  lt_dump_args_N=1;
+  for lt_arg
+  do
+    \$ECHO \"${outputname}:${output}:\${LINENO}: newargv[\$lt_dump_args_N]: \$lt_arg\"
+    lt_dump_args_N=\`expr \$lt_dump_args_N + 1\`
+  done
+}
+
+# Core function for launching the target application
+func_exec_program_core ()
+{
+"
+  case $host in
+  # Backslashes separate directories on plain windows
+  *-*-mingw | *-*-os2* | *-cegcc*)
+    $ECHO "\
+      if test -n \"\$lt_option_debug\"; then
+        \$ECHO \"${outputname}:${output}:\${LINENO}: newargv[0]: \$progdir\\\\\$program\" 1>&2
+        func_lt_dump_args \${1+\"\$@\"} 1>&2
+      fi
+      exec \"\$progdir\\\\\$program\" \${1+\"\$@\"}
+"
+    ;;
+
+  *)
+    $ECHO "\
+      if test -n \"\$lt_option_debug\"; then
+        \$ECHO \"${outputname}:${output}:\${LINENO}: newargv[0]: \$progdir/\$program\" 1>&2
+        func_lt_dump_args \${1+\"\$@\"} 1>&2
+      fi
+      exec \"\$progdir/\$program\" \${1+\"\$@\"}
+"
+    ;;
+  esac
+  $ECHO "\
+      \$ECHO \"\$0: cannot exec \$program \$*\" 1>&2
+      exit 1
+}
+
+# A function to encapsulate launching the target application
+# Strips options in the --lt-* namespace from \$@ and
+# launches target application with the remaining arguments.
+func_exec_program ()
+{
+  case \" \$* \" in
+  *\\ --lt-*)
+    for lt_wr_arg
+    do
+      case \$lt_wr_arg in
+      --lt-*) ;;
+      *) set x \"\$@\" \"\$lt_wr_arg\"; shift;;
+      esac
+      shift
+    done ;;
+  esac
+  func_exec_program_core \${1+\"\$@\"}
+}
+
+  # Parse options
+  func_parse_lt_options \"\$0\" \${1+\"\$@\"}
+
+  # Find the directory that this script lives in.
+  thisdir=\`\$ECHO \"\$file\" | $SED 's%/[^/]*$%%'\`
+  test \"x\$thisdir\" = \"x\$file\" && thisdir=.
+
+  # Follow symbolic links until we get to the real thisdir.
+  file=\`ls -ld \"\$file\" | $SED -n 's/.*-> //p'\`
+  while test -n \"\$file\"; do
+    destdir=\`\$ECHO \"\$file\" | $SED 's%/[^/]*\$%%'\`
+
+    # If there was a directory component, then change thisdir.
+    if test \"x\$destdir\" != \"x\$file\"; then
+      case \"\$destdir\" in
+      [\\\\/]* | [A-Za-z]:[\\\\/]*) thisdir=\"\$destdir\" ;;
+      *) thisdir=\"\$thisdir/\$destdir\" ;;
+      esac
+    fi
+
+    file=\`\$ECHO \"\$file\" | $SED 's%^.*/%%'\`
+    file=\`ls -ld \"\$thisdir/\$file\" | $SED -n 's/.*-> //p'\`
+  done
+
+  # Usually 'no', except on cygwin/mingw when embedded into
+  # the cwrapper.
+  WRAPPER_SCRIPT_BELONGS_IN_OBJDIR=$func_emit_wrapper_arg1
+  if test \"\$WRAPPER_SCRIPT_BELONGS_IN_OBJDIR\" = \"yes\"; then
+    # special case for '.'
+    if test \"\$thisdir\" = \".\"; then
+      thisdir=\`pwd\`
+    fi
+    # remove .libs from thisdir
+    case \"\$thisdir\" in
+    *[\\\\/]$objdir ) thisdir=\`\$ECHO \"\$thisdir\" | $SED 's%[\\\\/][^\\\\/]*$%%'\` ;;
+    $objdir )   thisdir=. ;;
+    esac
+  fi
+
+  # Try to get the absolute directory name.
+  absdir=\`cd \"\$thisdir\" && pwd\`
+  test -n \"\$absdir\" && thisdir=\"\$absdir\"
+"
+
+	if test "$fast_install" = yes; then
+	  $ECHO "\
+  program=lt-'$outputname'$exeext
+  progdir=\"\$thisdir/$objdir\"
+
+  if test ! -f \"\$progdir/\$program\" ||
+     { file=\`ls -1dt \"\$progdir/\$program\" \"\$progdir/../\$program\" 2>/dev/null | ${SED} 1q\`; \\
+       test \"X\$file\" != \"X\$progdir/\$program\"; }; then
+
+    file=\"\$\$-\$program\"
+
+    if test ! -d \"\$progdir\"; then
+      $MKDIR \"\$progdir\"
+    else
+      $RM \"\$progdir/\$file\"
+    fi"
+
+	  $ECHO "\
+
+    # relink executable if necessary
+    if test -n \"\$relink_command\"; then
+      if relink_command_output=\`eval \$relink_command 2>&1\`; then :
+      else
+	$ECHO \"\$relink_command_output\" >&2
+	$RM \"\$progdir/\$file\"
+	exit 1
+      fi
+    fi
+
+    $MV \"\$progdir/\$file\" \"\$progdir/\$program\" 2>/dev/null ||
+    { $RM \"\$progdir/\$program\";
+      $MV \"\$progdir/\$file\" \"\$progdir/\$program\"; }
+    $RM \"\$progdir/\$file\"
+  fi"
+	else
+	  $ECHO "\
+  program='$outputname'
+  progdir=\"\$thisdir/$objdir\"
+"
+	fi
+
+	$ECHO "\
+
+  if test -f \"\$progdir/\$program\"; then"
+
+	# fixup the dll searchpath if we need to.
+	#
+	# Fix the DLL searchpath if we need to.  Do this before prepending
+	# to shlibpath, because on Windows, both are PATH and uninstalled
+	# libraries must come first.
+	if test -n "$dllsearchpath"; then
+	  $ECHO "\
+    # Add the dll search path components to the executable PATH
+    PATH=$dllsearchpath:\$PATH
+"
+	fi
+
+	# Export our shlibpath_var if we have one.
+	if test "$shlibpath_overrides_runpath" = yes && test -n "$shlibpath_var" && test -n "$temp_rpath"; then
+	  $ECHO "\
+    # Add our own library path to $shlibpath_var
+    $shlibpath_var=\"$temp_rpath\$$shlibpath_var\"
+
+    # Some systems cannot cope with colon-terminated $shlibpath_var
+    # The second colon is a workaround for a bug in BeOS R4 sed
+    $shlibpath_var=\`\$ECHO \"\$$shlibpath_var\" | $SED 's/::*\$//'\`
+
+    export $shlibpath_var
+"
+	fi
+
+	$ECHO "\
+    if test \"\$libtool_execute_magic\" != \"$magic\"; then
+      # Run the actual program with our arguments.
+      func_exec_program \${1+\"\$@\"}
+    fi
+  else
+    # The program doesn't exist.
+    \$ECHO \"\$0: error: \\\`\$progdir/\$program' does not exist\" 1>&2
+    \$ECHO \"This script is just a wrapper for \$program.\" 1>&2
+    \$ECHO \"See the $PACKAGE documentation for more information.\" 1>&2
+    exit 1
+  fi
+fi\
+"
+}
+
+
+# func_emit_cwrapperexe_src
+# emit the source code for a wrapper executable on stdout
+# Must ONLY be called from within func_mode_link because
+# it depends on a number of variable set therein.
+func_emit_cwrapperexe_src ()
+{
+	cat <
+#include 
+#ifdef _MSC_VER
+# include 
+# include 
+# include 
+#else
+# include 
+# include 
+# ifdef __CYGWIN__
+#  include 
+# endif
+#endif
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+
+/* declarations of non-ANSI functions */
+#if defined(__MINGW32__)
+# ifdef __STRICT_ANSI__
+int _putenv (const char *);
+# endif
+#elif defined(__CYGWIN__)
+# ifdef __STRICT_ANSI__
+char *realpath (const char *, char *);
+int putenv (char *);
+int setenv (const char *, const char *, int);
+# endif
+/* #elif defined (other platforms) ... */
+#endif
+
+/* portability defines, excluding path handling macros */
+#if defined(_MSC_VER)
+# define setmode _setmode
+# define stat    _stat
+# define chmod   _chmod
+# define getcwd  _getcwd
+# define putenv  _putenv
+# define S_IXUSR _S_IEXEC
+# ifndef _INTPTR_T_DEFINED
+#  define _INTPTR_T_DEFINED
+#  define intptr_t int
+# endif
+#elif defined(__MINGW32__)
+# define setmode _setmode
+# define stat    _stat
+# define chmod   _chmod
+# define getcwd  _getcwd
+# define putenv  _putenv
+#elif defined(__CYGWIN__)
+# define HAVE_SETENV
+# define FOPEN_WB "wb"
+/* #elif defined (other platforms) ... */
+#endif
+
+#if defined(PATH_MAX)
+# define LT_PATHMAX PATH_MAX
+#elif defined(MAXPATHLEN)
+# define LT_PATHMAX MAXPATHLEN
+#else
+# define LT_PATHMAX 1024
+#endif
+
+#ifndef S_IXOTH
+# define S_IXOTH 0
+#endif
+#ifndef S_IXGRP
+# define S_IXGRP 0
+#endif
+
+/* path handling portability macros */
+#ifndef DIR_SEPARATOR
+# define DIR_SEPARATOR '/'
+# define PATH_SEPARATOR ':'
+#endif
+
+#if defined (_WIN32) || defined (__MSDOS__) || defined (__DJGPP__) || \
+  defined (__OS2__)
+# define HAVE_DOS_BASED_FILE_SYSTEM
+# define FOPEN_WB "wb"
+# ifndef DIR_SEPARATOR_2
+#  define DIR_SEPARATOR_2 '\\'
+# endif
+# ifndef PATH_SEPARATOR_2
+#  define PATH_SEPARATOR_2 ';'
+# endif
+#endif
+
+#ifndef DIR_SEPARATOR_2
+# define IS_DIR_SEPARATOR(ch) ((ch) == DIR_SEPARATOR)
+#else /* DIR_SEPARATOR_2 */
+# define IS_DIR_SEPARATOR(ch) \
+	(((ch) == DIR_SEPARATOR) || ((ch) == DIR_SEPARATOR_2))
+#endif /* DIR_SEPARATOR_2 */
+
+#ifndef PATH_SEPARATOR_2
+# define IS_PATH_SEPARATOR(ch) ((ch) == PATH_SEPARATOR)
+#else /* PATH_SEPARATOR_2 */
+# define IS_PATH_SEPARATOR(ch) ((ch) == PATH_SEPARATOR_2)
+#endif /* PATH_SEPARATOR_2 */
+
+#ifndef FOPEN_WB
+# define FOPEN_WB "w"
+#endif
+#ifndef _O_BINARY
+# define _O_BINARY 0
+#endif
+
+#define XMALLOC(type, num)      ((type *) xmalloc ((num) * sizeof(type)))
+#define XFREE(stale) do { \
+  if (stale) { free ((void *) stale); stale = 0; } \
+} while (0)
+
+#if defined(LT_DEBUGWRAPPER)
+static int lt_debug = 1;
+#else
+static int lt_debug = 0;
+#endif
+
+const char *program_name = "libtool-wrapper"; /* in case xstrdup fails */
+
+void *xmalloc (size_t num);
+char *xstrdup (const char *string);
+const char *base_name (const char *name);
+char *find_executable (const char *wrapper);
+char *chase_symlinks (const char *pathspec);
+int make_executable (const char *path);
+int check_executable (const char *path);
+char *strendzap (char *str, const char *pat);
+void lt_debugprintf (const char *file, int line, const char *fmt, ...);
+void lt_fatal (const char *file, int line, const char *message, ...);
+static const char *nonnull (const char *s);
+static const char *nonempty (const char *s);
+void lt_setenv (const char *name, const char *value);
+char *lt_extend_str (const char *orig_value, const char *add, int to_end);
+void lt_update_exe_path (const char *name, const char *value);
+void lt_update_lib_path (const char *name, const char *value);
+char **prepare_spawn (char **argv);
+void lt_dump_script (FILE *f);
+EOF
+
+	    cat <= 0)
+      && (st.st_mode & (S_IXUSR | S_IXGRP | S_IXOTH)))
+    return 1;
+  else
+    return 0;
+}
+
+int
+make_executable (const char *path)
+{
+  int rval = 0;
+  struct stat st;
+
+  lt_debugprintf (__FILE__, __LINE__, "(make_executable): %s\n",
+                  nonempty (path));
+  if ((!path) || (!*path))
+    return 0;
+
+  if (stat (path, &st) >= 0)
+    {
+      rval = chmod (path, st.st_mode | S_IXOTH | S_IXGRP | S_IXUSR);
+    }
+  return rval;
+}
+
+/* Searches for the full path of the wrapper.  Returns
+   newly allocated full path name if found, NULL otherwise
+   Does not chase symlinks, even on platforms that support them.
+*/
+char *
+find_executable (const char *wrapper)
+{
+  int has_slash = 0;
+  const char *p;
+  const char *p_next;
+  /* static buffer for getcwd */
+  char tmp[LT_PATHMAX + 1];
+  int tmp_len;
+  char *concat_name;
+
+  lt_debugprintf (__FILE__, __LINE__, "(find_executable): %s\n",
+                  nonempty (wrapper));
+
+  if ((wrapper == NULL) || (*wrapper == '\0'))
+    return NULL;
+
+  /* Absolute path? */
+#if defined (HAVE_DOS_BASED_FILE_SYSTEM)
+  if (isalpha ((unsigned char) wrapper[0]) && wrapper[1] == ':')
+    {
+      concat_name = xstrdup (wrapper);
+      if (check_executable (concat_name))
+	return concat_name;
+      XFREE (concat_name);
+    }
+  else
+    {
+#endif
+      if (IS_DIR_SEPARATOR (wrapper[0]))
+	{
+	  concat_name = xstrdup (wrapper);
+	  if (check_executable (concat_name))
+	    return concat_name;
+	  XFREE (concat_name);
+	}
+#if defined (HAVE_DOS_BASED_FILE_SYSTEM)
+    }
+#endif
+
+  for (p = wrapper; *p; p++)
+    if (*p == '/')
+      {
+	has_slash = 1;
+	break;
+      }
+  if (!has_slash)
+    {
+      /* no slashes; search PATH */
+      const char *path = getenv ("PATH");
+      if (path != NULL)
+	{
+	  for (p = path; *p; p = p_next)
+	    {
+	      const char *q;
+	      size_t p_len;
+	      for (q = p; *q; q++)
+		if (IS_PATH_SEPARATOR (*q))
+		  break;
+	      p_len = q - p;
+	      p_next = (*q == '\0' ? q : q + 1);
+	      if (p_len == 0)
+		{
+		  /* empty path: current directory */
+		  if (getcwd (tmp, LT_PATHMAX) == NULL)
+		    lt_fatal (__FILE__, __LINE__, "getcwd failed: %s",
+                              nonnull (strerror (errno)));
+		  tmp_len = strlen (tmp);
+		  concat_name =
+		    XMALLOC (char, tmp_len + 1 + strlen (wrapper) + 1);
+		  memcpy (concat_name, tmp, tmp_len);
+		  concat_name[tmp_len] = '/';
+		  strcpy (concat_name + tmp_len + 1, wrapper);
+		}
+	      else
+		{
+		  concat_name =
+		    XMALLOC (char, p_len + 1 + strlen (wrapper) + 1);
+		  memcpy (concat_name, p, p_len);
+		  concat_name[p_len] = '/';
+		  strcpy (concat_name + p_len + 1, wrapper);
+		}
+	      if (check_executable (concat_name))
+		return concat_name;
+	      XFREE (concat_name);
+	    }
+	}
+      /* not found in PATH; assume curdir */
+    }
+  /* Relative path | not found in path: prepend cwd */
+  if (getcwd (tmp, LT_PATHMAX) == NULL)
+    lt_fatal (__FILE__, __LINE__, "getcwd failed: %s",
+              nonnull (strerror (errno)));
+  tmp_len = strlen (tmp);
+  concat_name = XMALLOC (char, tmp_len + 1 + strlen (wrapper) + 1);
+  memcpy (concat_name, tmp, tmp_len);
+  concat_name[tmp_len] = '/';
+  strcpy (concat_name + tmp_len + 1, wrapper);
+
+  if (check_executable (concat_name))
+    return concat_name;
+  XFREE (concat_name);
+  return NULL;
+}
+
+char *
+chase_symlinks (const char *pathspec)
+{
+#ifndef S_ISLNK
+  return xstrdup (pathspec);
+#else
+  char buf[LT_PATHMAX];
+  struct stat s;
+  char *tmp_pathspec = xstrdup (pathspec);
+  char *p;
+  int has_symlinks = 0;
+  while (strlen (tmp_pathspec) && !has_symlinks)
+    {
+      lt_debugprintf (__FILE__, __LINE__,
+		      "checking path component for symlinks: %s\n",
+		      tmp_pathspec);
+      if (lstat (tmp_pathspec, &s) == 0)
+	{
+	  if (S_ISLNK (s.st_mode) != 0)
+	    {
+	      has_symlinks = 1;
+	      break;
+	    }
+
+	  /* search backwards for last DIR_SEPARATOR */
+	  p = tmp_pathspec + strlen (tmp_pathspec) - 1;
+	  while ((p > tmp_pathspec) && (!IS_DIR_SEPARATOR (*p)))
+	    p--;
+	  if ((p == tmp_pathspec) && (!IS_DIR_SEPARATOR (*p)))
+	    {
+	      /* no more DIR_SEPARATORS left */
+	      break;
+	    }
+	  *p = '\0';
+	}
+      else
+	{
+	  lt_fatal (__FILE__, __LINE__,
+		    "error accessing file \"%s\": %s",
+		    tmp_pathspec, nonnull (strerror (errno)));
+	}
+    }
+  XFREE (tmp_pathspec);
+
+  if (!has_symlinks)
+    {
+      return xstrdup (pathspec);
+    }
+
+  tmp_pathspec = realpath (pathspec, buf);
+  if (tmp_pathspec == 0)
+    {
+      lt_fatal (__FILE__, __LINE__,
+		"could not follow symlinks for %s", pathspec);
+    }
+  return xstrdup (tmp_pathspec);
+#endif
+}
+
+char *
+strendzap (char *str, const char *pat)
+{
+  size_t len, patlen;
+
+  assert (str != NULL);
+  assert (pat != NULL);
+
+  len = strlen (str);
+  patlen = strlen (pat);
+
+  if (patlen <= len)
+    {
+      str += len - patlen;
+      if (strcmp (str, pat) == 0)
+	*str = '\0';
+    }
+  return str;
+}
+
+void
+lt_debugprintf (const char *file, int line, const char *fmt, ...)
+{
+  va_list args;
+  if (lt_debug)
+    {
+      (void) fprintf (stderr, "%s:%s:%d: ", program_name, file, line);
+      va_start (args, fmt);
+      (void) vfprintf (stderr, fmt, args);
+      va_end (args);
+    }
+}
+
+static void
+lt_error_core (int exit_status, const char *file,
+	       int line, const char *mode,
+	       const char *message, va_list ap)
+{
+  fprintf (stderr, "%s:%s:%d: %s: ", program_name, file, line, mode);
+  vfprintf (stderr, message, ap);
+  fprintf (stderr, ".\n");
+
+  if (exit_status >= 0)
+    exit (exit_status);
+}
+
+void
+lt_fatal (const char *file, int line, const char *message, ...)
+{
+  va_list ap;
+  va_start (ap, message);
+  lt_error_core (EXIT_FAILURE, file, line, "FATAL", message, ap);
+  va_end (ap);
+}
+
+static const char *
+nonnull (const char *s)
+{
+  return s ? s : "(null)";
+}
+
+static const char *
+nonempty (const char *s)
+{
+  return (s && !*s) ? "(empty)" : nonnull (s);
+}
+
+void
+lt_setenv (const char *name, const char *value)
+{
+  lt_debugprintf (__FILE__, __LINE__,
+		  "(lt_setenv) setting '%s' to '%s'\n",
+                  nonnull (name), nonnull (value));
+  {
+#ifdef HAVE_SETENV
+    /* always make a copy, for consistency with !HAVE_SETENV */
+    char *str = xstrdup (value);
+    setenv (name, str, 1);
+#else
+    int len = strlen (name) + 1 + strlen (value) + 1;
+    char *str = XMALLOC (char, len);
+    sprintf (str, "%s=%s", name, value);
+    if (putenv (str) != EXIT_SUCCESS)
+      {
+        XFREE (str);
+      }
+#endif
+  }
+}
+
+char *
+lt_extend_str (const char *orig_value, const char *add, int to_end)
+{
+  char *new_value;
+  if (orig_value && *orig_value)
+    {
+      int orig_value_len = strlen (orig_value);
+      int add_len = strlen (add);
+      new_value = XMALLOC (char, add_len + orig_value_len + 1);
+      if (to_end)
+        {
+          strcpy (new_value, orig_value);
+          strcpy (new_value + orig_value_len, add);
+        }
+      else
+        {
+          strcpy (new_value, add);
+          strcpy (new_value + add_len, orig_value);
+        }
+    }
+  else
+    {
+      new_value = xstrdup (add);
+    }
+  return new_value;
+}
+
+void
+lt_update_exe_path (const char *name, const char *value)
+{
+  lt_debugprintf (__FILE__, __LINE__,
+		  "(lt_update_exe_path) modifying '%s' by prepending '%s'\n",
+                  nonnull (name), nonnull (value));
+
+  if (name && *name && value && *value)
+    {
+      char *new_value = lt_extend_str (getenv (name), value, 0);
+      /* some systems can't cope with a ':'-terminated path #' */
+      int len = strlen (new_value);
+      while (((len = strlen (new_value)) > 0) && IS_PATH_SEPARATOR (new_value[len-1]))
+        {
+          new_value[len-1] = '\0';
+        }
+      lt_setenv (name, new_value);
+      XFREE (new_value);
+    }
+}
+
+void
+lt_update_lib_path (const char *name, const char *value)
+{
+  lt_debugprintf (__FILE__, __LINE__,
+		  "(lt_update_lib_path) modifying '%s' by prepending '%s'\n",
+                  nonnull (name), nonnull (value));
+
+  if (name && *name && value && *value)
+    {
+      char *new_value = lt_extend_str (getenv (name), value, 0);
+      lt_setenv (name, new_value);
+      XFREE (new_value);
+    }
+}
+
+EOF
+	    case $host_os in
+	      mingw*)
+		cat <<"EOF"
+
+/* Prepares an argument vector before calling spawn().
+   Note that spawn() does not by itself call the command interpreter
+     (getenv ("COMSPEC") != NULL ? getenv ("COMSPEC") :
+      ({ OSVERSIONINFO v; v.dwOSVersionInfoSize = sizeof(OSVERSIONINFO);
+         GetVersionEx(&v);
+         v.dwPlatformId == VER_PLATFORM_WIN32_NT;
+      }) ? "cmd.exe" : "command.com").
+   Instead it simply concatenates the arguments, separated by ' ', and calls
+   CreateProcess().  We must quote the arguments since Win32 CreateProcess()
+   interprets characters like ' ', '\t', '\\', '"' (but not '<' and '>') in a
+   special way:
+   - Space and tab are interpreted as delimiters. They are not treated as
+     delimiters if they are surrounded by double quotes: "...".
+   - Unescaped double quotes are removed from the input. Their only effect is
+     that within double quotes, space and tab are treated like normal
+     characters.
+   - Backslashes not followed by double quotes are not special.
+   - But 2*n+1 backslashes followed by a double quote become
+     n backslashes followed by a double quote (n >= 0):
+       \" -> "
+       \\\" -> \"
+       \\\\\" -> \\"
+ */
+#define SHELL_SPECIAL_CHARS "\"\\ \001\002\003\004\005\006\007\010\011\012\013\014\015\016\017\020\021\022\023\024\025\026\027\030\031\032\033\034\035\036\037"
+#define SHELL_SPACE_CHARS " \001\002\003\004\005\006\007\010\011\012\013\014\015\016\017\020\021\022\023\024\025\026\027\030\031\032\033\034\035\036\037"
+char **
+prepare_spawn (char **argv)
+{
+  size_t argc;
+  char **new_argv;
+  size_t i;
+
+  /* Count number of arguments.  */
+  for (argc = 0; argv[argc] != NULL; argc++)
+    ;
+
+  /* Allocate new argument vector.  */
+  new_argv = XMALLOC (char *, argc + 1);
+
+  /* Put quoted arguments into the new argument vector.  */
+  for (i = 0; i < argc; i++)
+    {
+      const char *string = argv[i];
+
+      if (string[0] == '\0')
+	new_argv[i] = xstrdup ("\"\"");
+      else if (strpbrk (string, SHELL_SPECIAL_CHARS) != NULL)
+	{
+	  int quote_around = (strpbrk (string, SHELL_SPACE_CHARS) != NULL);
+	  size_t length;
+	  unsigned int backslashes;
+	  const char *s;
+	  char *quoted_string;
+	  char *p;
+
+	  length = 0;
+	  backslashes = 0;
+	  if (quote_around)
+	    length++;
+	  for (s = string; *s != '\0'; s++)
+	    {
+	      char c = *s;
+	      if (c == '"')
+		length += backslashes + 1;
+	      length++;
+	      if (c == '\\')
+		backslashes++;
+	      else
+		backslashes = 0;
+	    }
+	  if (quote_around)
+	    length += backslashes + 1;
+
+	  quoted_string = XMALLOC (char, length + 1);
+
+	  p = quoted_string;
+	  backslashes = 0;
+	  if (quote_around)
+	    *p++ = '"';
+	  for (s = string; *s != '\0'; s++)
+	    {
+	      char c = *s;
+	      if (c == '"')
+		{
+		  unsigned int j;
+		  for (j = backslashes + 1; j > 0; j--)
+		    *p++ = '\\';
+		}
+	      *p++ = c;
+	      if (c == '\\')
+		backslashes++;
+	      else
+		backslashes = 0;
+	    }
+	  if (quote_around)
+	    {
+	      unsigned int j;
+	      for (j = backslashes; j > 0; j--)
+		*p++ = '\\';
+	      *p++ = '"';
+	    }
+	  *p = '\0';
+
+	  new_argv[i] = quoted_string;
+	}
+      else
+	new_argv[i] = (char *) string;
+    }
+  new_argv[argc] = NULL;
+
+  return new_argv;
+}
+EOF
+		;;
+	    esac
+
+            cat <<"EOF"
+void lt_dump_script (FILE* f)
+{
+EOF
+	    func_emit_wrapper yes |
+	      $SED -n -e '
+s/^\(.\{79\}\)\(..*\)/\1\
+\2/
+h
+s/\([\\"]\)/\\\1/g
+s/$/\\n/
+s/\([^\n]*\).*/  fputs ("\1", f);/p
+g
+D'
+            cat <<"EOF"
+}
+EOF
+}
+# end: func_emit_cwrapperexe_src
+
+# func_win32_import_lib_p ARG
+# True if ARG is an import lib, as indicated by $file_magic_cmd
+func_win32_import_lib_p ()
+{
+    $opt_debug
+    case `eval $file_magic_cmd \"\$1\" 2>/dev/null | $SED -e 10q` in
+    *import*) : ;;
+    *) false ;;
+    esac
+}
+
+# func_mode_link arg...
+func_mode_link ()
+{
+    $opt_debug
+    case $host in
+    *-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-os2* | *-cegcc*)
+      # It is impossible to link a dll without this setting, and
+      # we shouldn't force the makefile maintainer to figure out
+      # which system we are compiling for in order to pass an extra
+      # flag for every libtool invocation.
+      # allow_undefined=no
+
+      # FIXME: Unfortunately, there are problems with the above when trying
+      # to make a dll which has undefined symbols, in which case not
+      # even a static library is built.  For now, we need to specify
+      # -no-undefined on the libtool link line when we can be certain
+      # that all symbols are satisfied, otherwise we get a static library.
+      allow_undefined=yes
+      ;;
+    *)
+      allow_undefined=yes
+      ;;
+    esac
+    libtool_args=$nonopt
+    base_compile="$nonopt $@"
+    compile_command=$nonopt
+    finalize_command=$nonopt
+
+    compile_rpath=
+    finalize_rpath=
+    compile_shlibpath=
+    finalize_shlibpath=
+    convenience=
+    old_convenience=
+    deplibs=
+    old_deplibs=
+    compiler_flags=
+    linker_flags=
+    dllsearchpath=
+    lib_search_path=`pwd`
+    inst_prefix_dir=
+    new_inherited_linker_flags=
+
+    avoid_version=no
+    bindir=
+    dlfiles=
+    dlprefiles=
+    dlself=no
+    export_dynamic=no
+    export_symbols=
+    export_symbols_regex=
+    generated=
+    libobjs=
+    ltlibs=
+    module=no
+    no_install=no
+    objs=
+    non_pic_objects=
+    precious_files_regex=
+    prefer_static_libs=no
+    preload=no
+    prev=
+    prevarg=
+    release=
+    rpath=
+    xrpath=
+    perm_rpath=
+    temp_rpath=
+    thread_safe=no
+    vinfo=
+    vinfo_number=no
+    weak_libs=
+    single_module="${wl}-single_module"
+    func_infer_tag $base_compile
+
+    # We need to know -static, to get the right output filenames.
+    for arg
+    do
+      case $arg in
+      -shared)
+	test "$build_libtool_libs" != yes && \
+	  func_fatal_configuration "can not build a shared library"
+	build_old_libs=no
+	break
+	;;
+      -all-static | -static | -static-libtool-libs)
+	case $arg in
+	-all-static)
+	  if test "$build_libtool_libs" = yes && test -z "$link_static_flag"; then
+	    func_warning "complete static linking is impossible in this configuration"
+	  fi
+	  if test -n "$link_static_flag"; then
+	    dlopen_self=$dlopen_self_static
+	  fi
+	  prefer_static_libs=yes
+	  ;;
+	-static)
+	  if test -z "$pic_flag" && test -n "$link_static_flag"; then
+	    dlopen_self=$dlopen_self_static
+	  fi
+	  prefer_static_libs=built
+	  ;;
+	-static-libtool-libs)
+	  if test -z "$pic_flag" && test -n "$link_static_flag"; then
+	    dlopen_self=$dlopen_self_static
+	  fi
+	  prefer_static_libs=yes
+	  ;;
+	esac
+	build_libtool_libs=no
+	build_old_libs=yes
+	break
+	;;
+      esac
+    done
+
+    # See if our shared archives depend on static archives.
+    test -n "$old_archive_from_new_cmds" && build_old_libs=yes
+
+    # Go through the arguments, transforming them on the way.
+    while test "$#" -gt 0; do
+      arg="$1"
+      shift
+      func_quote_for_eval "$arg"
+      qarg=$func_quote_for_eval_unquoted_result
+      func_append libtool_args " $func_quote_for_eval_result"
+
+      # If the previous option needs an argument, assign it.
+      if test -n "$prev"; then
+	case $prev in
+	output)
+	  func_append compile_command " @OUTPUT@"
+	  func_append finalize_command " @OUTPUT@"
+	  ;;
+	esac
+
+	case $prev in
+	bindir)
+	  bindir="$arg"
+	  prev=
+	  continue
+	  ;;
+	dlfiles|dlprefiles)
+	  if test "$preload" = no; then
+	    # Add the symbol object into the linking commands.
+	    func_append compile_command " @SYMFILE@"
+	    func_append finalize_command " @SYMFILE@"
+	    preload=yes
+	  fi
+	  case $arg in
+	  *.la | *.lo) ;;  # We handle these cases below.
+	  force)
+	    if test "$dlself" = no; then
+	      dlself=needless
+	      export_dynamic=yes
+	    fi
+	    prev=
+	    continue
+	    ;;
+	  self)
+	    if test "$prev" = dlprefiles; then
+	      dlself=yes
+	    elif test "$prev" = dlfiles && test "$dlopen_self" != yes; then
+	      dlself=yes
+	    else
+	      dlself=needless
+	      export_dynamic=yes
+	    fi
+	    prev=
+	    continue
+	    ;;
+	  *)
+	    if test "$prev" = dlfiles; then
+	      func_append dlfiles " $arg"
+	    else
+	      func_append dlprefiles " $arg"
+	    fi
+	    prev=
+	    continue
+	    ;;
+	  esac
+	  ;;
+	expsyms)
+	  export_symbols="$arg"
+	  test -f "$arg" \
+	    || func_fatal_error "symbol file \`$arg' does not exist"
+	  prev=
+	  continue
+	  ;;
+	expsyms_regex)
+	  export_symbols_regex="$arg"
+	  prev=
+	  continue
+	  ;;
+	framework)
+	  case $host in
+	    *-*-darwin*)
+	      case "$deplibs " in
+		*" $qarg.ltframework "*) ;;
+		*) func_append deplibs " $qarg.ltframework" # this is fixed later
+		   ;;
+	      esac
+	      ;;
+	  esac
+	  prev=
+	  continue
+	  ;;
+	inst_prefix)
+	  inst_prefix_dir="$arg"
+	  prev=
+	  continue
+	  ;;
+	objectlist)
+	  if test -f "$arg"; then
+	    save_arg=$arg
+	    moreargs=
+	    for fil in `cat "$save_arg"`
+	    do
+#	      func_append moreargs " $fil"
+	      arg=$fil
+	      # A libtool-controlled object.
+
+	      # Check to see that this really is a libtool object.
+	      if func_lalib_unsafe_p "$arg"; then
+		pic_object=
+		non_pic_object=
+
+		# Read the .lo file
+		func_source "$arg"
+
+		if test -z "$pic_object" ||
+		   test -z "$non_pic_object" ||
+		   test "$pic_object" = none &&
+		   test "$non_pic_object" = none; then
+		  func_fatal_error "cannot find name of object for \`$arg'"
+		fi
+
+		# Extract subdirectory from the argument.
+		func_dirname "$arg" "/" ""
+		xdir="$func_dirname_result"
+
+		if test "$pic_object" != none; then
+		  # Prepend the subdirectory the object is found in.
+		  pic_object="$xdir$pic_object"
+
+		  if test "$prev" = dlfiles; then
+		    if test "$build_libtool_libs" = yes && test "$dlopen_support" = yes; then
+		      func_append dlfiles " $pic_object"
+		      prev=
+		      continue
+		    else
+		      # If libtool objects are unsupported, then we need to preload.
+		      prev=dlprefiles
+		    fi
+		  fi
+
+		  # CHECK ME:  I think I busted this.  -Ossama
+		  if test "$prev" = dlprefiles; then
+		    # Preload the old-style object.
+		    func_append dlprefiles " $pic_object"
+		    prev=
+		  fi
+
+		  # A PIC object.
+		  func_append libobjs " $pic_object"
+		  arg="$pic_object"
+		fi
+
+		# Non-PIC object.
+		if test "$non_pic_object" != none; then
+		  # Prepend the subdirectory the object is found in.
+		  non_pic_object="$xdir$non_pic_object"
+
+		  # A standard non-PIC object
+		  func_append non_pic_objects " $non_pic_object"
+		  if test -z "$pic_object" || test "$pic_object" = none ; then
+		    arg="$non_pic_object"
+		  fi
+		else
+		  # If the PIC object exists, use it instead.
+		  # $xdir was prepended to $pic_object above.
+		  non_pic_object="$pic_object"
+		  func_append non_pic_objects " $non_pic_object"
+		fi
+	      else
+		# Only an error if not doing a dry-run.
+		if $opt_dry_run; then
+		  # Extract subdirectory from the argument.
+		  func_dirname "$arg" "/" ""
+		  xdir="$func_dirname_result"
+
+		  func_lo2o "$arg"
+		  pic_object=$xdir$objdir/$func_lo2o_result
+		  non_pic_object=$xdir$func_lo2o_result
+		  func_append libobjs " $pic_object"
+		  func_append non_pic_objects " $non_pic_object"
+	        else
+		  func_fatal_error "\`$arg' is not a valid libtool object"
+		fi
+	      fi
+	    done
+	  else
+	    func_fatal_error "link input file \`$arg' does not exist"
+	  fi
+	  arg=$save_arg
+	  prev=
+	  continue
+	  ;;
+	precious_regex)
+	  precious_files_regex="$arg"
+	  prev=
+	  continue
+	  ;;
+	release)
+	  release="-$arg"
+	  prev=
+	  continue
+	  ;;
+	rpath | xrpath)
+	  # We need an absolute path.
+	  case $arg in
+	  [\\/]* | [A-Za-z]:[\\/]*) ;;
+	  *)
+	    func_fatal_error "only absolute run-paths are allowed"
+	    ;;
+	  esac
+	  if test "$prev" = rpath; then
+	    case "$rpath " in
+	    *" $arg "*) ;;
+	    *) func_append rpath " $arg" ;;
+	    esac
+	  else
+	    case "$xrpath " in
+	    *" $arg "*) ;;
+	    *) func_append xrpath " $arg" ;;
+	    esac
+	  fi
+	  prev=
+	  continue
+	  ;;
+	shrext)
+	  shrext_cmds="$arg"
+	  prev=
+	  continue
+	  ;;
+	weak)
+	  func_append weak_libs " $arg"
+	  prev=
+	  continue
+	  ;;
+	xcclinker)
+	  func_append linker_flags " $qarg"
+	  func_append compiler_flags " $qarg"
+	  prev=
+	  func_append compile_command " $qarg"
+	  func_append finalize_command " $qarg"
+	  continue
+	  ;;
+	xcompiler)
+	  func_append compiler_flags " $qarg"
+	  prev=
+	  func_append compile_command " $qarg"
+	  func_append finalize_command " $qarg"
+	  continue
+	  ;;
+	xlinker)
+	  func_append linker_flags " $qarg"
+	  func_append compiler_flags " $wl$qarg"
+	  prev=
+	  func_append compile_command " $wl$qarg"
+	  func_append finalize_command " $wl$qarg"
+	  continue
+	  ;;
+	*)
+	  eval "$prev=\"\$arg\""
+	  prev=
+	  continue
+	  ;;
+	esac
+      fi # test -n "$prev"
+
+      prevarg="$arg"
+
+      case $arg in
+      -all-static)
+	if test -n "$link_static_flag"; then
+	  # See comment for -static flag below, for more details.
+	  func_append compile_command " $link_static_flag"
+	  func_append finalize_command " $link_static_flag"
+	fi
+	continue
+	;;
+
+      -allow-undefined)
+	# FIXME: remove this flag sometime in the future.
+	func_fatal_error "\`-allow-undefined' must not be used because it is the default"
+	;;
+
+      -avoid-version)
+	avoid_version=yes
+	continue
+	;;
+
+      -bindir)
+	prev=bindir
+	continue
+	;;
+
+      -dlopen)
+	prev=dlfiles
+	continue
+	;;
+
+      -dlpreopen)
+	prev=dlprefiles
+	continue
+	;;
+
+      -export-dynamic)
+	export_dynamic=yes
+	continue
+	;;
+
+      -export-symbols | -export-symbols-regex)
+	if test -n "$export_symbols" || test -n "$export_symbols_regex"; then
+	  func_fatal_error "more than one -exported-symbols argument is not allowed"
+	fi
+	if test "X$arg" = "X-export-symbols"; then
+	  prev=expsyms
+	else
+	  prev=expsyms_regex
+	fi
+	continue
+	;;
+
+      -framework)
+	prev=framework
+	continue
+	;;
+
+      -inst-prefix-dir)
+	prev=inst_prefix
+	continue
+	;;
+
+      # The native IRIX linker understands -LANG:*, -LIST:* and -LNO:*
+      # so, if we see these flags be careful not to treat them like -L
+      -L[A-Z][A-Z]*:*)
+	case $with_gcc/$host in
+	no/*-*-irix* | /*-*-irix*)
+	  func_append compile_command " $arg"
+	  func_append finalize_command " $arg"
+	  ;;
+	esac
+	continue
+	;;
+
+      -L*)
+	func_stripname "-L" '' "$arg"
+	if test -z "$func_stripname_result"; then
+	  if test "$#" -gt 0; then
+	    func_fatal_error "require no space between \`-L' and \`$1'"
+	  else
+	    func_fatal_error "need path for \`-L' option"
+	  fi
+	fi
+	func_resolve_sysroot "$func_stripname_result"
+	dir=$func_resolve_sysroot_result
+	# We need an absolute path.
+	case $dir in
+	[\\/]* | [A-Za-z]:[\\/]*) ;;
+	*)
+	  absdir=`cd "$dir" && pwd`
+	  test -z "$absdir" && \
+	    func_fatal_error "cannot determine absolute directory name of \`$dir'"
+	  dir="$absdir"
+	  ;;
+	esac
+	case "$deplibs " in
+	*" -L$dir "* | *" $arg "*)
+	  # Will only happen for absolute or sysroot arguments
+	  ;;
+	*)
+	  # Preserve sysroot, but never include relative directories
+	  case $dir in
+	    [\\/]* | [A-Za-z]:[\\/]* | =*) func_append deplibs " $arg" ;;
+	    *) func_append deplibs " -L$dir" ;;
+	  esac
+	  func_append lib_search_path " $dir"
+	  ;;
+	esac
+	case $host in
+	*-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-os2* | *-cegcc*)
+	  testbindir=`$ECHO "$dir" | $SED 's*/lib$*/bin*'`
+	  case :$dllsearchpath: in
+	  *":$dir:"*) ;;
+	  ::) dllsearchpath=$dir;;
+	  *) func_append dllsearchpath ":$dir";;
+	  esac
+	  case :$dllsearchpath: in
+	  *":$testbindir:"*) ;;
+	  ::) dllsearchpath=$testbindir;;
+	  *) func_append dllsearchpath ":$testbindir";;
+	  esac
+	  ;;
+	esac
+	continue
+	;;
+
+      -l*)
+	if test "X$arg" = "X-lc" || test "X$arg" = "X-lm"; then
+	  case $host in
+	  *-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-beos* | *-cegcc* | *-*-haiku*)
+	    # These systems don't actually have a C or math library (as such)
+	    continue
+	    ;;
+	  *-*-os2*)
+	    # These systems don't actually have a C library (as such)
+	    test "X$arg" = "X-lc" && continue
+	    ;;
+	  *-*-openbsd* | *-*-freebsd* | *-*-dragonfly*)
+	    # Do not include libc due to us having libc/libc_r.
+	    test "X$arg" = "X-lc" && continue
+	    ;;
+	  *-*-rhapsody* | *-*-darwin1.[012])
+	    # Rhapsody C and math libraries are in the System framework
+	    func_append deplibs " System.ltframework"
+	    continue
+	    ;;
+	  *-*-sco3.2v5* | *-*-sco5v6*)
+	    # Causes problems with __ctype
+	    test "X$arg" = "X-lc" && continue
+	    ;;
+	  *-*-sysv4.2uw2* | *-*-sysv5* | *-*-unixware* | *-*-OpenUNIX*)
+	    # Compiler inserts libc in the correct place for threads to work
+	    test "X$arg" = "X-lc" && continue
+	    ;;
+	  esac
+	elif test "X$arg" = "X-lc_r"; then
+	 case $host in
+	 *-*-openbsd* | *-*-freebsd* | *-*-dragonfly*)
+	   # Do not include libc_r directly, use -pthread flag.
+	   continue
+	   ;;
+	 esac
+	fi
+	func_append deplibs " $arg"
+	continue
+	;;
+
+      -module)
+	module=yes
+	continue
+	;;
+
+      # Tru64 UNIX uses -model [arg] to determine the layout of C++
+      # classes, name mangling, and exception handling.
+      # Darwin uses the -arch flag to determine output architecture.
+      -model|-arch|-isysroot|--sysroot)
+	func_append compiler_flags " $arg"
+	func_append compile_command " $arg"
+	func_append finalize_command " $arg"
+	prev=xcompiler
+	continue
+	;;
+
+      -mt|-mthreads|-kthread|-Kthread|-pthread|-pthreads|--thread-safe \
+      |-threads|-fopenmp|-openmp|-mp|-xopenmp|-omp|-qsmp=*)
+	func_append compiler_flags " $arg"
+	func_append compile_command " $arg"
+	func_append finalize_command " $arg"
+	case "$new_inherited_linker_flags " in
+	    *" $arg "*) ;;
+	    * ) func_append new_inherited_linker_flags " $arg" ;;
+	esac
+	continue
+	;;
+
+      -multi_module)
+	single_module="${wl}-multi_module"
+	continue
+	;;
+
+      -no-fast-install)
+	fast_install=no
+	continue
+	;;
+
+      -no-install)
+	case $host in
+	*-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-os2* | *-*-darwin* | *-cegcc*)
+	  # The PATH hackery in wrapper scripts is required on Windows
+	  # and Darwin in order for the loader to find any dlls it needs.
+	  func_warning "\`-no-install' is ignored for $host"
+	  func_warning "assuming \`-no-fast-install' instead"
+	  fast_install=no
+	  ;;
+	*) no_install=yes ;;
+	esac
+	continue
+	;;
+
+      -no-undefined)
+	allow_undefined=no
+	continue
+	;;
+
+      -objectlist)
+	prev=objectlist
+	continue
+	;;
+
+      -o) prev=output ;;
+
+      -precious-files-regex)
+	prev=precious_regex
+	continue
+	;;
+
+      -release)
+	prev=release
+	continue
+	;;
+
+      -rpath)
+	prev=rpath
+	continue
+	;;
+
+      -R)
+	prev=xrpath
+	continue
+	;;
+
+      -R*)
+	func_stripname '-R' '' "$arg"
+	dir=$func_stripname_result
+	# We need an absolute path.
+	case $dir in
+	[\\/]* | [A-Za-z]:[\\/]*) ;;
+	=*)
+	  func_stripname '=' '' "$dir"
+	  dir=$lt_sysroot$func_stripname_result
+	  ;;
+	*)
+	  func_fatal_error "only absolute run-paths are allowed"
+	  ;;
+	esac
+	case "$xrpath " in
+	*" $dir "*) ;;
+	*) func_append xrpath " $dir" ;;
+	esac
+	continue
+	;;
+
+      -shared)
+	# The effects of -shared are defined in a previous loop.
+	continue
+	;;
+
+      -shrext)
+	prev=shrext
+	continue
+	;;
+
+      -static | -static-libtool-libs)
+	# The effects of -static are defined in a previous loop.
+	# We used to do the same as -all-static on platforms that
+	# didn't have a PIC flag, but the assumption that the effects
+	# would be equivalent was wrong.  It would break on at least
+	# Digital Unix and AIX.
+	continue
+	;;
+
+      -thread-safe)
+	thread_safe=yes
+	continue
+	;;
+
+      -version-info)
+	prev=vinfo
+	continue
+	;;
+
+      -version-number)
+	prev=vinfo
+	vinfo_number=yes
+	continue
+	;;
+
+      -weak)
+        prev=weak
+	continue
+	;;
+
+      -Wc,*)
+	func_stripname '-Wc,' '' "$arg"
+	args=$func_stripname_result
+	arg=
+	save_ifs="$IFS"; IFS=','
+	for flag in $args; do
+	  IFS="$save_ifs"
+          func_quote_for_eval "$flag"
+	  func_append arg " $func_quote_for_eval_result"
+	  func_append compiler_flags " $func_quote_for_eval_result"
+	done
+	IFS="$save_ifs"
+	func_stripname ' ' '' "$arg"
+	arg=$func_stripname_result
+	;;
+
+      -Wl,*)
+	func_stripname '-Wl,' '' "$arg"
+	args=$func_stripname_result
+	arg=
+	save_ifs="$IFS"; IFS=','
+	for flag in $args; do
+	  IFS="$save_ifs"
+          func_quote_for_eval "$flag"
+	  func_append arg " $wl$func_quote_for_eval_result"
+	  func_append compiler_flags " $wl$func_quote_for_eval_result"
+	  func_append linker_flags " $func_quote_for_eval_result"
+	done
+	IFS="$save_ifs"
+	func_stripname ' ' '' "$arg"
+	arg=$func_stripname_result
+	;;
+
+      -Xcompiler)
+	prev=xcompiler
+	continue
+	;;
+
+      -Xlinker)
+	prev=xlinker
+	continue
+	;;
+
+      -XCClinker)
+	prev=xcclinker
+	continue
+	;;
+
+      # -msg_* for osf cc
+      -msg_*)
+	func_quote_for_eval "$arg"
+	arg="$func_quote_for_eval_result"
+	;;
+
+      # Flags to be passed through unchanged, with rationale:
+      # -64, -mips[0-9]      enable 64-bit mode for the SGI compiler
+      # -r[0-9][0-9]*        specify processor for the SGI compiler
+      # -xarch=*, -xtarget=* enable 64-bit mode for the Sun compiler
+      # +DA*, +DD*           enable 64-bit mode for the HP compiler
+      # -q*                  compiler args for the IBM compiler
+      # -m*, -t[45]*, -txscale* architecture-specific flags for GCC
+      # -F/path              path to uninstalled frameworks, gcc on darwin
+      # -p, -pg, --coverage, -fprofile-*  profiling flags for GCC
+      # @file                GCC response files
+      # -tp=*                Portland pgcc target processor selection
+      # --sysroot=*          for sysroot support
+      # -O*, -flto*, -fwhopr*, -fuse-linker-plugin GCC link-time optimization
+      # -stdlib=*            select c++ std lib with clang
+      -64|-mips[0-9]|-r[0-9][0-9]*|-xarch=*|-xtarget=*|+DA*|+DD*|-q*|-m*| \
+      -t[45]*|-txscale*|-p|-pg|--coverage|-fprofile-*|-F*|@*|-tp=*|--sysroot=*| \
+      -O*|-flto*|-fwhopr*|-fuse-linker-plugin|-stdlib=*)
+        func_quote_for_eval "$arg"
+	arg="$func_quote_for_eval_result"
+        func_append compile_command " $arg"
+        func_append finalize_command " $arg"
+        func_append compiler_flags " $arg"
+        continue
+        ;;
+
+      # Some other compiler flag.
+      -* | +*)
+        func_quote_for_eval "$arg"
+	arg="$func_quote_for_eval_result"
+	;;
+
+      *.$objext)
+	# A standard object.
+	func_append objs " $arg"
+	;;
+
+      *.lo)
+	# A libtool-controlled object.
+
+	# Check to see that this really is a libtool object.
+	if func_lalib_unsafe_p "$arg"; then
+	  pic_object=
+	  non_pic_object=
+
+	  # Read the .lo file
+	  func_source "$arg"
+
+	  if test -z "$pic_object" ||
+	     test -z "$non_pic_object" ||
+	     test "$pic_object" = none &&
+	     test "$non_pic_object" = none; then
+	    func_fatal_error "cannot find name of object for \`$arg'"
+	  fi
+
+	  # Extract subdirectory from the argument.
+	  func_dirname "$arg" "/" ""
+	  xdir="$func_dirname_result"
+
+	  if test "$pic_object" != none; then
+	    # Prepend the subdirectory the object is found in.
+	    pic_object="$xdir$pic_object"
+
+	    if test "$prev" = dlfiles; then
+	      if test "$build_libtool_libs" = yes && test "$dlopen_support" = yes; then
+		func_append dlfiles " $pic_object"
+		prev=
+		continue
+	      else
+		# If libtool objects are unsupported, then we need to preload.
+		prev=dlprefiles
+	      fi
+	    fi
+
+	    # CHECK ME:  I think I busted this.  -Ossama
+	    if test "$prev" = dlprefiles; then
+	      # Preload the old-style object.
+	      func_append dlprefiles " $pic_object"
+	      prev=
+	    fi
+
+	    # A PIC object.
+	    func_append libobjs " $pic_object"
+	    arg="$pic_object"
+	  fi
+
+	  # Non-PIC object.
+	  if test "$non_pic_object" != none; then
+	    # Prepend the subdirectory the object is found in.
+	    non_pic_object="$xdir$non_pic_object"
+
+	    # A standard non-PIC object
+	    func_append non_pic_objects " $non_pic_object"
+	    if test -z "$pic_object" || test "$pic_object" = none ; then
+	      arg="$non_pic_object"
+	    fi
+	  else
+	    # If the PIC object exists, use it instead.
+	    # $xdir was prepended to $pic_object above.
+	    non_pic_object="$pic_object"
+	    func_append non_pic_objects " $non_pic_object"
+	  fi
+	else
+	  # Only an error if not doing a dry-run.
+	  if $opt_dry_run; then
+	    # Extract subdirectory from the argument.
+	    func_dirname "$arg" "/" ""
+	    xdir="$func_dirname_result"
+
+	    func_lo2o "$arg"
+	    pic_object=$xdir$objdir/$func_lo2o_result
+	    non_pic_object=$xdir$func_lo2o_result
+	    func_append libobjs " $pic_object"
+	    func_append non_pic_objects " $non_pic_object"
+	  else
+	    func_fatal_error "\`$arg' is not a valid libtool object"
+	  fi
+	fi
+	;;
+
+      *.$libext)
+	# An archive.
+	func_append deplibs " $arg"
+	func_append old_deplibs " $arg"
+	continue
+	;;
+
+      *.la)
+	# A libtool-controlled library.
+
+	func_resolve_sysroot "$arg"
+	if test "$prev" = dlfiles; then
+	  # This library was specified with -dlopen.
+	  func_append dlfiles " $func_resolve_sysroot_result"
+	  prev=
+	elif test "$prev" = dlprefiles; then
+	  # The library was specified with -dlpreopen.
+	  func_append dlprefiles " $func_resolve_sysroot_result"
+	  prev=
+	else
+	  func_append deplibs " $func_resolve_sysroot_result"
+	fi
+	continue
+	;;
+
+      # Some other compiler argument.
+      *)
+	# Unknown arguments in both finalize_command and compile_command need
+	# to be aesthetically quoted because they are evaled later.
+	func_quote_for_eval "$arg"
+	arg="$func_quote_for_eval_result"
+	;;
+      esac # arg
+
+      # Now actually substitute the argument into the commands.
+      if test -n "$arg"; then
+	func_append compile_command " $arg"
+	func_append finalize_command " $arg"
+      fi
+    done # argument parsing loop
+
+    test -n "$prev" && \
+      func_fatal_help "the \`$prevarg' option requires an argument"
+
+    if test "$export_dynamic" = yes && test -n "$export_dynamic_flag_spec"; then
+      eval arg=\"$export_dynamic_flag_spec\"
+      func_append compile_command " $arg"
+      func_append finalize_command " $arg"
+    fi
+
+    oldlibs=
+    # calculate the name of the file, without its directory
+    func_basename "$output"
+    outputname="$func_basename_result"
+    libobjs_save="$libobjs"
+
+    if test -n "$shlibpath_var"; then
+      # get the directories listed in $shlibpath_var
+      eval shlib_search_path=\`\$ECHO \"\${$shlibpath_var}\" \| \$SED \'s/:/ /g\'\`
+    else
+      shlib_search_path=
+    fi
+    eval sys_lib_search_path=\"$sys_lib_search_path_spec\"
+    eval sys_lib_dlsearch_path=\"$sys_lib_dlsearch_path_spec\"
+
+    func_dirname "$output" "/" ""
+    output_objdir="$func_dirname_result$objdir"
+    func_to_tool_file "$output_objdir/"
+    tool_output_objdir=$func_to_tool_file_result
+    # Create the object directory.
+    func_mkdir_p "$output_objdir"
+
+    # Determine the type of output
+    case $output in
+    "")
+      func_fatal_help "you must specify an output file"
+      ;;
+    *.$libext) linkmode=oldlib ;;
+    *.lo | *.$objext) linkmode=obj ;;
+    *.la) linkmode=lib ;;
+    *) linkmode=prog ;; # Anything else should be a program.
+    esac
+
+    specialdeplibs=
+
+    libs=
+    # Find all interdependent deplibs by searching for libraries
+    # that are linked more than once (e.g. -la -lb -la)
+    for deplib in $deplibs; do
+      if $opt_preserve_dup_deps ; then
+	case "$libs " in
+	*" $deplib "*) func_append specialdeplibs " $deplib" ;;
+	esac
+      fi
+      func_append libs " $deplib"
+    done
+
+    if test "$linkmode" = lib; then
+      libs="$predeps $libs $compiler_lib_search_path $postdeps"
+
+      # Compute libraries that are listed more than once in $predeps
+      # $postdeps and mark them as special (i.e., whose duplicates are
+      # not to be eliminated).
+      pre_post_deps=
+      if $opt_duplicate_compiler_generated_deps; then
+	for pre_post_dep in $predeps $postdeps; do
+	  case "$pre_post_deps " in
+	  *" $pre_post_dep "*) func_append specialdeplibs " $pre_post_deps" ;;
+	  esac
+	  func_append pre_post_deps " $pre_post_dep"
+	done
+      fi
+      pre_post_deps=
+    fi
+
+    deplibs=
+    newdependency_libs=
+    newlib_search_path=
+    need_relink=no # whether we're linking any uninstalled libtool libraries
+    notinst_deplibs= # not-installed libtool libraries
+    notinst_path= # paths that contain not-installed libtool libraries
+
+    case $linkmode in
+    lib)
+	passes="conv dlpreopen link"
+	for file in $dlfiles $dlprefiles; do
+	  case $file in
+	  *.la) ;;
+	  *)
+	    func_fatal_help "libraries can \`-dlopen' only libtool libraries: $file"
+	    ;;
+	  esac
+	done
+	;;
+    prog)
+	compile_deplibs=
+	finalize_deplibs=
+	alldeplibs=no
+	newdlfiles=
+	newdlprefiles=
+	passes="conv scan dlopen dlpreopen link"
+	;;
+    *)  passes="conv"
+	;;
+    esac
+
+    for pass in $passes; do
+      # The preopen pass in lib mode reverses $deplibs; put it back here
+      # so that -L comes before libs that need it for instance...
+      if test "$linkmode,$pass" = "lib,link"; then
+	## FIXME: Find the place where the list is rebuilt in the wrong
+	##        order, and fix it there properly
+        tmp_deplibs=
+	for deplib in $deplibs; do
+	  tmp_deplibs="$deplib $tmp_deplibs"
+	done
+	deplibs="$tmp_deplibs"
+      fi
+
+      if test "$linkmode,$pass" = "lib,link" ||
+	 test "$linkmode,$pass" = "prog,scan"; then
+	libs="$deplibs"
+	deplibs=
+      fi
+      if test "$linkmode" = prog; then
+	case $pass in
+	dlopen) libs="$dlfiles" ;;
+	dlpreopen) libs="$dlprefiles" ;;
+	link) libs="$deplibs %DEPLIBS% $dependency_libs" ;;
+	esac
+      fi
+      if test "$linkmode,$pass" = "lib,dlpreopen"; then
+	# Collect and forward deplibs of preopened libtool libs
+	for lib in $dlprefiles; do
+	  # Ignore non-libtool-libs
+	  dependency_libs=
+	  func_resolve_sysroot "$lib"
+	  case $lib in
+	  *.la)	func_source "$func_resolve_sysroot_result" ;;
+	  esac
+
+	  # Collect preopened libtool deplibs, except any this library
+	  # has declared as weak libs
+	  for deplib in $dependency_libs; do
+	    func_basename "$deplib"
+            deplib_base=$func_basename_result
+	    case " $weak_libs " in
+	    *" $deplib_base "*) ;;
+	    *) func_append deplibs " $deplib" ;;
+	    esac
+	  done
+	done
+	libs="$dlprefiles"
+      fi
+      if test "$pass" = dlopen; then
+	# Collect dlpreopened libraries
+	save_deplibs="$deplibs"
+	deplibs=
+      fi
+
+      for deplib in $libs; do
+	lib=
+	found=no
+	case $deplib in
+	-mt|-mthreads|-kthread|-Kthread|-pthread|-pthreads|--thread-safe \
+        |-threads|-fopenmp|-openmp|-mp|-xopenmp|-omp|-qsmp=*)
+	  if test "$linkmode,$pass" = "prog,link"; then
+	    compile_deplibs="$deplib $compile_deplibs"
+	    finalize_deplibs="$deplib $finalize_deplibs"
+	  else
+	    func_append compiler_flags " $deplib"
+	    if test "$linkmode" = lib ; then
+		case "$new_inherited_linker_flags " in
+		    *" $deplib "*) ;;
+		    * ) func_append new_inherited_linker_flags " $deplib" ;;
+		esac
+	    fi
+	  fi
+	  continue
+	  ;;
+	-l*)
+	  if test "$linkmode" != lib && test "$linkmode" != prog; then
+	    func_warning "\`-l' is ignored for archives/objects"
+	    continue
+	  fi
+	  func_stripname '-l' '' "$deplib"
+	  name=$func_stripname_result
+	  if test "$linkmode" = lib; then
+	    searchdirs="$newlib_search_path $lib_search_path $compiler_lib_search_dirs $sys_lib_search_path $shlib_search_path"
+	  else
+	    searchdirs="$newlib_search_path $lib_search_path $sys_lib_search_path $shlib_search_path"
+	  fi
+	  for searchdir in $searchdirs; do
+	    for search_ext in .la $std_shrext .so .a; do
+	      # Search the libtool library
+	      lib="$searchdir/lib${name}${search_ext}"
+	      if test -f "$lib"; then
+		if test "$search_ext" = ".la"; then
+		  found=yes
+		else
+		  found=no
+		fi
+		break 2
+	      fi
+	    done
+	  done
+	  if test "$found" != yes; then
+	    # deplib doesn't seem to be a libtool library
+	    if test "$linkmode,$pass" = "prog,link"; then
+	      compile_deplibs="$deplib $compile_deplibs"
+	      finalize_deplibs="$deplib $finalize_deplibs"
+	    else
+	      deplibs="$deplib $deplibs"
+	      test "$linkmode" = lib && newdependency_libs="$deplib $newdependency_libs"
+	    fi
+	    continue
+	  else # deplib is a libtool library
+	    # If $allow_libtool_libs_with_static_runtimes && $deplib is a stdlib,
+	    # We need to do some special things here, and not later.
+	    if test "X$allow_libtool_libs_with_static_runtimes" = "Xyes" ; then
+	      case " $predeps $postdeps " in
+	      *" $deplib "*)
+		if func_lalib_p "$lib"; then
+		  library_names=
+		  old_library=
+		  func_source "$lib"
+		  for l in $old_library $library_names; do
+		    ll="$l"
+		  done
+		  if test "X$ll" = "X$old_library" ; then # only static version available
+		    found=no
+		    func_dirname "$lib" "" "."
+		    ladir="$func_dirname_result"
+		    lib=$ladir/$old_library
+		    if test "$linkmode,$pass" = "prog,link"; then
+		      compile_deplibs="$deplib $compile_deplibs"
+		      finalize_deplibs="$deplib $finalize_deplibs"
+		    else
+		      deplibs="$deplib $deplibs"
+		      test "$linkmode" = lib && newdependency_libs="$deplib $newdependency_libs"
+		    fi
+		    continue
+		  fi
+		fi
+		;;
+	      *) ;;
+	      esac
+	    fi
+	  fi
+	  ;; # -l
+	*.ltframework)
+	  if test "$linkmode,$pass" = "prog,link"; then
+	    compile_deplibs="$deplib $compile_deplibs"
+	    finalize_deplibs="$deplib $finalize_deplibs"
+	  else
+	    deplibs="$deplib $deplibs"
+	    if test "$linkmode" = lib ; then
+		case "$new_inherited_linker_flags " in
+		    *" $deplib "*) ;;
+		    * ) func_append new_inherited_linker_flags " $deplib" ;;
+		esac
+	    fi
+	  fi
+	  continue
+	  ;;
+	-L*)
+	  case $linkmode in
+	  lib)
+	    deplibs="$deplib $deplibs"
+	    test "$pass" = conv && continue
+	    newdependency_libs="$deplib $newdependency_libs"
+	    func_stripname '-L' '' "$deplib"
+	    func_resolve_sysroot "$func_stripname_result"
+	    func_append newlib_search_path " $func_resolve_sysroot_result"
+	    ;;
+	  prog)
+	    if test "$pass" = conv; then
+	      deplibs="$deplib $deplibs"
+	      continue
+	    fi
+	    if test "$pass" = scan; then
+	      deplibs="$deplib $deplibs"
+	    else
+	      compile_deplibs="$deplib $compile_deplibs"
+	      finalize_deplibs="$deplib $finalize_deplibs"
+	    fi
+	    func_stripname '-L' '' "$deplib"
+	    func_resolve_sysroot "$func_stripname_result"
+	    func_append newlib_search_path " $func_resolve_sysroot_result"
+	    ;;
+	  *)
+	    func_warning "\`-L' is ignored for archives/objects"
+	    ;;
+	  esac # linkmode
+	  continue
+	  ;; # -L
+	-R*)
+	  if test "$pass" = link; then
+	    func_stripname '-R' '' "$deplib"
+	    func_resolve_sysroot "$func_stripname_result"
+	    dir=$func_resolve_sysroot_result
+	    # Make sure the xrpath contains only unique directories.
+	    case "$xrpath " in
+	    *" $dir "*) ;;
+	    *) func_append xrpath " $dir" ;;
+	    esac
+	  fi
+	  deplibs="$deplib $deplibs"
+	  continue
+	  ;;
+	*.la)
+	  func_resolve_sysroot "$deplib"
+	  lib=$func_resolve_sysroot_result
+	  ;;
+	*.$libext)
+	  if test "$pass" = conv; then
+	    deplibs="$deplib $deplibs"
+	    continue
+	  fi
+	  case $linkmode in
+	  lib)
+	    # Linking convenience modules into shared libraries is allowed,
+	    # but linking other static libraries is non-portable.
+	    case " $dlpreconveniencelibs " in
+	    *" $deplib "*) ;;
+	    *)
+	      valid_a_lib=no
+	      case $deplibs_check_method in
+		match_pattern*)
+		  set dummy $deplibs_check_method; shift
+		  match_pattern_regex=`expr "$deplibs_check_method" : "$1 \(.*\)"`
+		  if eval "\$ECHO \"$deplib\"" 2>/dev/null | $SED 10q \
+		    | $EGREP "$match_pattern_regex" > /dev/null; then
+		    valid_a_lib=yes
+		  fi
+		;;
+		pass_all)
+		  valid_a_lib=yes
+		;;
+	      esac
+	      if test "$valid_a_lib" != yes; then
+		echo
+		$ECHO "*** Warning: Trying to link with static lib archive $deplib."
+		echo "*** I have the capability to make that library automatically link in when"
+		echo "*** you link to this library.  But I can only do this if you have a"
+		echo "*** shared version of the library, which you do not appear to have"
+		echo "*** because the file extensions .$libext of this argument makes me believe"
+		echo "*** that it is just a static archive that I should not use here."
+	      else
+		echo
+		$ECHO "*** Warning: Linking the shared library $output against the"
+		$ECHO "*** static library $deplib is not portable!"
+		deplibs="$deplib $deplibs"
+	      fi
+	      ;;
+	    esac
+	    continue
+	    ;;
+	  prog)
+	    if test "$pass" != link; then
+	      deplibs="$deplib $deplibs"
+	    else
+	      compile_deplibs="$deplib $compile_deplibs"
+	      finalize_deplibs="$deplib $finalize_deplibs"
+	    fi
+	    continue
+	    ;;
+	  esac # linkmode
+	  ;; # *.$libext
+	*.lo | *.$objext)
+	  if test "$pass" = conv; then
+	    deplibs="$deplib $deplibs"
+	  elif test "$linkmode" = prog; then
+	    if test "$pass" = dlpreopen || test "$dlopen_support" != yes || test "$build_libtool_libs" = no; then
+	      # If there is no dlopen support or we're linking statically,
+	      # we need to preload.
+	      func_append newdlprefiles " $deplib"
+	      compile_deplibs="$deplib $compile_deplibs"
+	      finalize_deplibs="$deplib $finalize_deplibs"
+	    else
+	      func_append newdlfiles " $deplib"
+	    fi
+	  fi
+	  continue
+	  ;;
+	%DEPLIBS%)
+	  alldeplibs=yes
+	  continue
+	  ;;
+	esac # case $deplib
+
+	if test "$found" = yes || test -f "$lib"; then :
+	else
+	  func_fatal_error "cannot find the library \`$lib' or unhandled argument \`$deplib'"
+	fi
+
+	# Check to see that this really is a libtool archive.
+	func_lalib_unsafe_p "$lib" \
+	  || func_fatal_error "\`$lib' is not a valid libtool archive"
+
+	func_dirname "$lib" "" "."
+	ladir="$func_dirname_result"
+
+	dlname=
+	dlopen=
+	dlpreopen=
+	libdir=
+	library_names=
+	old_library=
+	inherited_linker_flags=
+	# If the library was installed with an old release of libtool,
+	# it will not redefine variables installed, or shouldnotlink
+	installed=yes
+	shouldnotlink=no
+	avoidtemprpath=
+
+
+	# Read the .la file
+	func_source "$lib"
+
+	# Convert "-framework foo" to "foo.ltframework"
+	if test -n "$inherited_linker_flags"; then
+	  tmp_inherited_linker_flags=`$ECHO "$inherited_linker_flags" | $SED 's/-framework \([^ $]*\)/\1.ltframework/g'`
+	  for tmp_inherited_linker_flag in $tmp_inherited_linker_flags; do
+	    case " $new_inherited_linker_flags " in
+	      *" $tmp_inherited_linker_flag "*) ;;
+	      *) func_append new_inherited_linker_flags " $tmp_inherited_linker_flag";;
+	    esac
+	  done
+	fi
+	dependency_libs=`$ECHO " $dependency_libs" | $SED 's% \([^ $]*\).ltframework% -framework \1%g'`
+	if test "$linkmode,$pass" = "lib,link" ||
+	   test "$linkmode,$pass" = "prog,scan" ||
+	   { test "$linkmode" != prog && test "$linkmode" != lib; }; then
+	  test -n "$dlopen" && func_append dlfiles " $dlopen"
+	  test -n "$dlpreopen" && func_append dlprefiles " $dlpreopen"
+	fi
+
+	if test "$pass" = conv; then
+	  # Only check for convenience libraries
+	  deplibs="$lib $deplibs"
+	  if test -z "$libdir"; then
+	    if test -z "$old_library"; then
+	      func_fatal_error "cannot find name of link library for \`$lib'"
+	    fi
+	    # It is a libtool convenience library, so add in its objects.
+	    func_append convenience " $ladir/$objdir/$old_library"
+	    func_append old_convenience " $ladir/$objdir/$old_library"
+	  elif test "$linkmode" != prog && test "$linkmode" != lib; then
+	    func_fatal_error "\`$lib' is not a convenience library"
+	  fi
+	  tmp_libs=
+	  for deplib in $dependency_libs; do
+	    deplibs="$deplib $deplibs"
+	    if $opt_preserve_dup_deps ; then
+	      case "$tmp_libs " in
+	      *" $deplib "*) func_append specialdeplibs " $deplib" ;;
+	      esac
+	    fi
+	    func_append tmp_libs " $deplib"
+	  done
+	  continue
+	fi # $pass = conv
+
+
+	# Get the name of the library we link against.
+	linklib=
+	if test -n "$old_library" &&
+	   { test "$prefer_static_libs" = yes ||
+	     test "$prefer_static_libs,$installed" = "built,no"; }; then
+	  linklib=$old_library
+	else
+	  for l in $old_library $library_names; do
+	    linklib="$l"
+	  done
+	fi
+	if test -z "$linklib"; then
+	  func_fatal_error "cannot find name of link library for \`$lib'"
+	fi
+
+	# This library was specified with -dlopen.
+	if test "$pass" = dlopen; then
+	  if test -z "$libdir"; then
+	    func_fatal_error "cannot -dlopen a convenience library: \`$lib'"
+	  fi
+	  if test -z "$dlname" ||
+	     test "$dlopen_support" != yes ||
+	     test "$build_libtool_libs" = no; then
+	    # If there is no dlname, no dlopen support or we're linking
+	    # statically, we need to preload.  We also need to preload any
+	    # dependent libraries so libltdl's deplib preloader doesn't
+	    # bomb out in the load deplibs phase.
+	    func_append dlprefiles " $lib $dependency_libs"
+	  else
+	    func_append newdlfiles " $lib"
+	  fi
+	  continue
+	fi # $pass = dlopen
+
+	# We need an absolute path.
+	case $ladir in
+	[\\/]* | [A-Za-z]:[\\/]*) abs_ladir="$ladir" ;;
+	*)
+	  abs_ladir=`cd "$ladir" && pwd`
+	  if test -z "$abs_ladir"; then
+	    func_warning "cannot determine absolute directory name of \`$ladir'"
+	    func_warning "passing it literally to the linker, although it might fail"
+	    abs_ladir="$ladir"
+	  fi
+	  ;;
+	esac
+	func_basename "$lib"
+	laname="$func_basename_result"
+
+	# Find the relevant object directory and library name.
+	if test "X$installed" = Xyes; then
+	  if test ! -f "$lt_sysroot$libdir/$linklib" && test -f "$abs_ladir/$linklib"; then
+	    func_warning "library \`$lib' was moved."
+	    dir="$ladir"
+	    absdir="$abs_ladir"
+	    libdir="$abs_ladir"
+	  else
+	    dir="$lt_sysroot$libdir"
+	    absdir="$lt_sysroot$libdir"
+	  fi
+	  test "X$hardcode_automatic" = Xyes && avoidtemprpath=yes
+	else
+	  if test ! -f "$ladir/$objdir/$linklib" && test -f "$abs_ladir/$linklib"; then
+	    dir="$ladir"
+	    absdir="$abs_ladir"
+	    # Remove this search path later
+	    func_append notinst_path " $abs_ladir"
+	  else
+	    dir="$ladir/$objdir"
+	    absdir="$abs_ladir/$objdir"
+	    # Remove this search path later
+	    func_append notinst_path " $abs_ladir"
+	  fi
+	fi # $installed = yes
+	func_stripname 'lib' '.la' "$laname"
+	name=$func_stripname_result
+
+	# This library was specified with -dlpreopen.
+	if test "$pass" = dlpreopen; then
+	  if test -z "$libdir" && test "$linkmode" = prog; then
+	    func_fatal_error "only libraries may -dlpreopen a convenience library: \`$lib'"
+	  fi
+	  case "$host" in
+	    # special handling for platforms with PE-DLLs.
+	    *cygwin* | *mingw* | *cegcc* )
+	      # Linker will automatically link against shared library if both
+	      # static and shared are present.  Therefore, ensure we extract
+	      # symbols from the import library if a shared library is present
+	      # (otherwise, the dlopen module name will be incorrect).  We do
+	      # this by putting the import library name into $newdlprefiles.
+	      # We recover the dlopen module name by 'saving' the la file
+	      # name in a special purpose variable, and (later) extracting the
+	      # dlname from the la file.
+	      if test -n "$dlname"; then
+	        func_tr_sh "$dir/$linklib"
+	        eval "libfile_$func_tr_sh_result=\$abs_ladir/\$laname"
+	        func_append newdlprefiles " $dir/$linklib"
+	      else
+	        func_append newdlprefiles " $dir/$old_library"
+	        # Keep a list of preopened convenience libraries to check
+	        # that they are being used correctly in the link pass.
+	        test -z "$libdir" && \
+	          func_append dlpreconveniencelibs " $dir/$old_library"
+	      fi
+	    ;;
+	    * )
+	      # Prefer using a static library (so that no silly _DYNAMIC symbols
+	      # are required to link).
+	      if test -n "$old_library"; then
+	        func_append newdlprefiles " $dir/$old_library"
+	        # Keep a list of preopened convenience libraries to check
+	        # that they are being used correctly in the link pass.
+	        test -z "$libdir" && \
+	          func_append dlpreconveniencelibs " $dir/$old_library"
+	      # Otherwise, use the dlname, so that lt_dlopen finds it.
+	      elif test -n "$dlname"; then
+	        func_append newdlprefiles " $dir/$dlname"
+	      else
+	        func_append newdlprefiles " $dir/$linklib"
+	      fi
+	    ;;
+	  esac
+	fi # $pass = dlpreopen
+
+	if test -z "$libdir"; then
+	  # Link the convenience library
+	  if test "$linkmode" = lib; then
+	    deplibs="$dir/$old_library $deplibs"
+	  elif test "$linkmode,$pass" = "prog,link"; then
+	    compile_deplibs="$dir/$old_library $compile_deplibs"
+	    finalize_deplibs="$dir/$old_library $finalize_deplibs"
+	  else
+	    deplibs="$lib $deplibs" # used for prog,scan pass
+	  fi
+	  continue
+	fi
+
+
+	if test "$linkmode" = prog && test "$pass" != link; then
+	  func_append newlib_search_path " $ladir"
+	  deplibs="$lib $deplibs"
+
+	  linkalldeplibs=no
+	  if test "$link_all_deplibs" != no || test -z "$library_names" ||
+	     test "$build_libtool_libs" = no; then
+	    linkalldeplibs=yes
+	  fi
+
+	  tmp_libs=
+	  for deplib in $dependency_libs; do
+	    case $deplib in
+	    -L*) func_stripname '-L' '' "$deplib"
+	         func_resolve_sysroot "$func_stripname_result"
+	         func_append newlib_search_path " $func_resolve_sysroot_result"
+		 ;;
+	    esac
+	    # Need to link against all dependency_libs?
+	    if test "$linkalldeplibs" = yes; then
+	      deplibs="$deplib $deplibs"
+	    else
+	      # Need to hardcode shared library paths
+	      # or/and link against static libraries
+	      newdependency_libs="$deplib $newdependency_libs"
+	    fi
+	    if $opt_preserve_dup_deps ; then
+	      case "$tmp_libs " in
+	      *" $deplib "*) func_append specialdeplibs " $deplib" ;;
+	      esac
+	    fi
+	    func_append tmp_libs " $deplib"
+	  done # for deplib
+	  continue
+	fi # $linkmode = prog...
+
+	if test "$linkmode,$pass" = "prog,link"; then
+	  if test -n "$library_names" &&
+	     { { test "$prefer_static_libs" = no ||
+	         test "$prefer_static_libs,$installed" = "built,yes"; } ||
+	       test -z "$old_library"; }; then
+	    # We need to hardcode the library path
+	    if test -n "$shlibpath_var" && test -z "$avoidtemprpath" ; then
+	      # Make sure the rpath contains only unique directories.
+	      case "$temp_rpath:" in
+	      *"$absdir:"*) ;;
+	      *) func_append temp_rpath "$absdir:" ;;
+	      esac
+	    fi
+
+	    # Hardcode the library path.
+	    # Skip directories that are in the system default run-time
+	    # search path.
+	    case " $sys_lib_dlsearch_path " in
+	    *" $absdir "*) ;;
+	    *)
+	      case "$compile_rpath " in
+	      *" $absdir "*) ;;
+	      *) func_append compile_rpath " $absdir" ;;
+	      esac
+	      ;;
+	    esac
+	    case " $sys_lib_dlsearch_path " in
+	    *" $libdir "*) ;;
+	    *)
+	      case "$finalize_rpath " in
+	      *" $libdir "*) ;;
+	      *) func_append finalize_rpath " $libdir" ;;
+	      esac
+	      ;;
+	    esac
+	  fi # $linkmode,$pass = prog,link...
+
+	  if test "$alldeplibs" = yes &&
+	     { test "$deplibs_check_method" = pass_all ||
+	       { test "$build_libtool_libs" = yes &&
+		 test -n "$library_names"; }; }; then
+	    # We only need to search for static libraries
+	    continue
+	  fi
+	fi
+
+	link_static=no # Whether the deplib will be linked statically
+	use_static_libs=$prefer_static_libs
+	if test "$use_static_libs" = built && test "$installed" = yes; then
+	  use_static_libs=no
+	fi
+	if test -n "$library_names" &&
+	   { test "$use_static_libs" = no || test -z "$old_library"; }; then
+	  case $host in
+	  *cygwin* | *mingw* | *cegcc*)
+	      # No point in relinking DLLs because paths are not encoded
+	      func_append notinst_deplibs " $lib"
+	      need_relink=no
+	    ;;
+	  *)
+	    if test "$installed" = no; then
+	      func_append notinst_deplibs " $lib"
+	      need_relink=yes
+	    fi
+	    ;;
+	  esac
+	  # This is a shared library
+
+	  # Warn about portability, can't link against -module's on some
+	  # systems (darwin).  Don't bleat about dlopened modules though!
+	  dlopenmodule=""
+	  for dlpremoduletest in $dlprefiles; do
+	    if test "X$dlpremoduletest" = "X$lib"; then
+	      dlopenmodule="$dlpremoduletest"
+	      break
+	    fi
+	  done
+	  if test -z "$dlopenmodule" && test "$shouldnotlink" = yes && test "$pass" = link; then
+	    echo
+	    if test "$linkmode" = prog; then
+	      $ECHO "*** Warning: Linking the executable $output against the loadable module"
+	    else
+	      $ECHO "*** Warning: Linking the shared library $output against the loadable module"
+	    fi
+	    $ECHO "*** $linklib is not portable!"
+	  fi
+	  if test "$linkmode" = lib &&
+	     test "$hardcode_into_libs" = yes; then
+	    # Hardcode the library path.
+	    # Skip directories that are in the system default run-time
+	    # search path.
+	    case " $sys_lib_dlsearch_path " in
+	    *" $absdir "*) ;;
+	    *)
+	      case "$compile_rpath " in
+	      *" $absdir "*) ;;
+	      *) func_append compile_rpath " $absdir" ;;
+	      esac
+	      ;;
+	    esac
+	    case " $sys_lib_dlsearch_path " in
+	    *" $libdir "*) ;;
+	    *)
+	      case "$finalize_rpath " in
+	      *" $libdir "*) ;;
+	      *) func_append finalize_rpath " $libdir" ;;
+	      esac
+	      ;;
+	    esac
+	  fi
+
+	  if test -n "$old_archive_from_expsyms_cmds"; then
+	    # figure out the soname
+	    set dummy $library_names
+	    shift
+	    realname="$1"
+	    shift
+	    libname=`eval "\\$ECHO \"$libname_spec\""`
+	    # use dlname if we got it. it's perfectly good, no?
+	    if test -n "$dlname"; then
+	      soname="$dlname"
+	    elif test -n "$soname_spec"; then
+	      # bleh windows
+	      case $host in
+	      *cygwin* | mingw* | *cegcc*)
+	        func_arith $current - $age
+		major=$func_arith_result
+		versuffix="-$major"
+		;;
+	      esac
+	      eval soname=\"$soname_spec\"
+	    else
+	      soname="$realname"
+	    fi
+
+	    # Make a new name for the extract_expsyms_cmds to use
+	    soroot="$soname"
+	    func_basename "$soroot"
+	    soname="$func_basename_result"
+	    func_stripname 'lib' '.dll' "$soname"
+	    newlib=libimp-$func_stripname_result.a
+
+	    # If the library has no export list, then create one now
+	    if test -f "$output_objdir/$soname-def"; then :
+	    else
+	      func_verbose "extracting exported symbol list from \`$soname'"
+	      func_execute_cmds "$extract_expsyms_cmds" 'exit $?'
+	    fi
+
+	    # Create $newlib
+	    if test -f "$output_objdir/$newlib"; then :; else
+	      func_verbose "generating import library for \`$soname'"
+	      func_execute_cmds "$old_archive_from_expsyms_cmds" 'exit $?'
+	    fi
+	    # make sure the library variables are pointing to the new library
+	    dir=$output_objdir
+	    linklib=$newlib
+	  fi # test -n "$old_archive_from_expsyms_cmds"
+
+	  if test "$linkmode" = prog || test "$opt_mode" != relink; then
+	    add_shlibpath=
+	    add_dir=
+	    add=
+	    lib_linked=yes
+	    case $hardcode_action in
+	    immediate | unsupported)
+	      if test "$hardcode_direct" = no; then
+		add="$dir/$linklib"
+		case $host in
+		  *-*-sco3.2v5.0.[024]*) add_dir="-L$dir" ;;
+		  *-*-sysv4*uw2*) add_dir="-L$dir" ;;
+		  *-*-sysv5OpenUNIX* | *-*-sysv5UnixWare7.[01].[10]* | \
+		    *-*-unixware7*) add_dir="-L$dir" ;;
+		  *-*-darwin* )
+		    # if the lib is a (non-dlopened) module then we can not
+		    # link against it, someone is ignoring the earlier warnings
+		    if /usr/bin/file -L $add 2> /dev/null |
+			 $GREP ": [^:]* bundle" >/dev/null ; then
+		      if test "X$dlopenmodule" != "X$lib"; then
+			$ECHO "*** Warning: lib $linklib is a module, not a shared library"
+			if test -z "$old_library" ; then
+			  echo
+			  echo "*** And there doesn't seem to be a static archive available"
+			  echo "*** The link will probably fail, sorry"
+			else
+			  add="$dir/$old_library"
+			fi
+		      elif test -n "$old_library"; then
+			add="$dir/$old_library"
+		      fi
+		    fi
+		esac
+	      elif test "$hardcode_minus_L" = no; then
+		case $host in
+		*-*-sunos*) add_shlibpath="$dir" ;;
+		esac
+		add_dir="-L$dir"
+		add="-l$name"
+	      elif test "$hardcode_shlibpath_var" = no; then
+		add_shlibpath="$dir"
+		add="-l$name"
+	      else
+		lib_linked=no
+	      fi
+	      ;;
+	    relink)
+	      if test "$hardcode_direct" = yes &&
+	         test "$hardcode_direct_absolute" = no; then
+		add="$dir/$linklib"
+	      elif test "$hardcode_minus_L" = yes; then
+		add_dir="-L$absdir"
+		# Try looking first in the location we're being installed to.
+		if test -n "$inst_prefix_dir"; then
+		  case $libdir in
+		    [\\/]*)
+		      func_append add_dir " -L$inst_prefix_dir$libdir"
+		      ;;
+		  esac
+		fi
+		add="-l$name"
+	      elif test "$hardcode_shlibpath_var" = yes; then
+		add_shlibpath="$dir"
+		add="-l$name"
+	      else
+		lib_linked=no
+	      fi
+	      ;;
+	    *) lib_linked=no ;;
+	    esac
+
+	    if test "$lib_linked" != yes; then
+	      func_fatal_configuration "unsupported hardcode properties"
+	    fi
+
+	    if test -n "$add_shlibpath"; then
+	      case :$compile_shlibpath: in
+	      *":$add_shlibpath:"*) ;;
+	      *) func_append compile_shlibpath "$add_shlibpath:" ;;
+	      esac
+	    fi
+	    if test "$linkmode" = prog; then
+	      test -n "$add_dir" && compile_deplibs="$add_dir $compile_deplibs"
+	      test -n "$add" && compile_deplibs="$add $compile_deplibs"
+	    else
+	      test -n "$add_dir" && deplibs="$add_dir $deplibs"
+	      test -n "$add" && deplibs="$add $deplibs"
+	      if test "$hardcode_direct" != yes &&
+		 test "$hardcode_minus_L" != yes &&
+		 test "$hardcode_shlibpath_var" = yes; then
+		case :$finalize_shlibpath: in
+		*":$libdir:"*) ;;
+		*) func_append finalize_shlibpath "$libdir:" ;;
+		esac
+	      fi
+	    fi
+	  fi
+
+	  if test "$linkmode" = prog || test "$opt_mode" = relink; then
+	    add_shlibpath=
+	    add_dir=
+	    add=
+	    # Finalize command for both is simple: just hardcode it.
+	    if test "$hardcode_direct" = yes &&
+	       test "$hardcode_direct_absolute" = no; then
+	      add="$libdir/$linklib"
+	    elif test "$hardcode_minus_L" = yes; then
+	      add_dir="-L$libdir"
+	      add="-l$name"
+	    elif test "$hardcode_shlibpath_var" = yes; then
+	      case :$finalize_shlibpath: in
+	      *":$libdir:"*) ;;
+	      *) func_append finalize_shlibpath "$libdir:" ;;
+	      esac
+	      add="-l$name"
+	    elif test "$hardcode_automatic" = yes; then
+	      if test -n "$inst_prefix_dir" &&
+		 test -f "$inst_prefix_dir$libdir/$linklib" ; then
+		add="$inst_prefix_dir$libdir/$linklib"
+	      else
+		add="$libdir/$linklib"
+	      fi
+	    else
+	      # We cannot seem to hardcode it, guess we'll fake it.
+	      add_dir="-L$libdir"
+	      # Try looking first in the location we're being installed to.
+	      if test -n "$inst_prefix_dir"; then
+		case $libdir in
+		  [\\/]*)
+		    func_append add_dir " -L$inst_prefix_dir$libdir"
+		    ;;
+		esac
+	      fi
+	      add="-l$name"
+	    fi
+
+	    if test "$linkmode" = prog; then
+	      test -n "$add_dir" && finalize_deplibs="$add_dir $finalize_deplibs"
+	      test -n "$add" && finalize_deplibs="$add $finalize_deplibs"
+	    else
+	      test -n "$add_dir" && deplibs="$add_dir $deplibs"
+	      test -n "$add" && deplibs="$add $deplibs"
+	    fi
+	  fi
+	elif test "$linkmode" = prog; then
+	  # Here we assume that one of hardcode_direct or hardcode_minus_L
+	  # is not unsupported.  This is valid on all known static and
+	  # shared platforms.
+	  if test "$hardcode_direct" != unsupported; then
+	    test -n "$old_library" && linklib="$old_library"
+	    compile_deplibs="$dir/$linklib $compile_deplibs"
+	    finalize_deplibs="$dir/$linklib $finalize_deplibs"
+	  else
+	    compile_deplibs="-l$name -L$dir $compile_deplibs"
+	    finalize_deplibs="-l$name -L$dir $finalize_deplibs"
+	  fi
+	elif test "$build_libtool_libs" = yes; then
+	  # Not a shared library
+	  if test "$deplibs_check_method" != pass_all; then
+	    # We're trying link a shared library against a static one
+	    # but the system doesn't support it.
+
+	    # Just print a warning and add the library to dependency_libs so
+	    # that the program can be linked against the static library.
+	    echo
+	    $ECHO "*** Warning: This system can not link to static lib archive $lib."
+	    echo "*** I have the capability to make that library automatically link in when"
+	    echo "*** you link to this library.  But I can only do this if you have a"
+	    echo "*** shared version of the library, which you do not appear to have."
+	    if test "$module" = yes; then
+	      echo "*** But as you try to build a module library, libtool will still create "
+	      echo "*** a static module, that should work as long as the dlopening application"
+	      echo "*** is linked with the -dlopen flag to resolve symbols at runtime."
+	      if test -z "$global_symbol_pipe"; then
+		echo
+		echo "*** However, this would only work if libtool was able to extract symbol"
+		echo "*** lists from a program, using \`nm' or equivalent, but libtool could"
+		echo "*** not find such a program.  So, this module is probably useless."
+		echo "*** \`nm' from GNU binutils and a full rebuild may help."
+	      fi
+	      if test "$build_old_libs" = no; then
+		build_libtool_libs=module
+		build_old_libs=yes
+	      else
+		build_libtool_libs=no
+	      fi
+	    fi
+	  else
+	    deplibs="$dir/$old_library $deplibs"
+	    link_static=yes
+	  fi
+	fi # link shared/static library?
+
+	if test "$linkmode" = lib; then
+	  if test -n "$dependency_libs" &&
+	     { test "$hardcode_into_libs" != yes ||
+	       test "$build_old_libs" = yes ||
+	       test "$link_static" = yes; }; then
+	    # Extract -R from dependency_libs
+	    temp_deplibs=
+	    for libdir in $dependency_libs; do
+	      case $libdir in
+	      -R*) func_stripname '-R' '' "$libdir"
+	           temp_xrpath=$func_stripname_result
+		   case " $xrpath " in
+		   *" $temp_xrpath "*) ;;
+		   *) func_append xrpath " $temp_xrpath";;
+		   esac;;
+	      *) func_append temp_deplibs " $libdir";;
+	      esac
+	    done
+	    dependency_libs="$temp_deplibs"
+	  fi
+
+	  func_append newlib_search_path " $absdir"
+	  # Link against this library
+	  test "$link_static" = no && newdependency_libs="$abs_ladir/$laname $newdependency_libs"
+	  # ... and its dependency_libs
+	  tmp_libs=
+	  for deplib in $dependency_libs; do
+	    newdependency_libs="$deplib $newdependency_libs"
+	    case $deplib in
+              -L*) func_stripname '-L' '' "$deplib"
+                   func_resolve_sysroot "$func_stripname_result";;
+              *) func_resolve_sysroot "$deplib" ;;
+            esac
+	    if $opt_preserve_dup_deps ; then
+	      case "$tmp_libs " in
+	      *" $func_resolve_sysroot_result "*)
+                func_append specialdeplibs " $func_resolve_sysroot_result" ;;
+	      esac
+	    fi
+	    func_append tmp_libs " $func_resolve_sysroot_result"
+	  done
+
+	  if test "$link_all_deplibs" != no; then
+	    # Add the search paths of all dependency libraries
+	    for deplib in $dependency_libs; do
+	      path=
+	      case $deplib in
+	      -L*) path="$deplib" ;;
+	      *.la)
+	        func_resolve_sysroot "$deplib"
+	        deplib=$func_resolve_sysroot_result
+	        func_dirname "$deplib" "" "."
+		dir=$func_dirname_result
+		# We need an absolute path.
+		case $dir in
+		[\\/]* | [A-Za-z]:[\\/]*) absdir="$dir" ;;
+		*)
+		  absdir=`cd "$dir" && pwd`
+		  if test -z "$absdir"; then
+		    func_warning "cannot determine absolute directory name of \`$dir'"
+		    absdir="$dir"
+		  fi
+		  ;;
+		esac
+		if $GREP "^installed=no" $deplib > /dev/null; then
+		case $host in
+		*-*-darwin*)
+		  depdepl=
+		  eval deplibrary_names=`${SED} -n -e 's/^library_names=\(.*\)$/\1/p' $deplib`
+		  if test -n "$deplibrary_names" ; then
+		    for tmp in $deplibrary_names ; do
+		      depdepl=$tmp
+		    done
+		    if test -f "$absdir/$objdir/$depdepl" ; then
+		      depdepl="$absdir/$objdir/$depdepl"
+		      darwin_install_name=`${OTOOL} -L $depdepl | awk '{if (NR == 2) {print $1;exit}}'`
+                      if test -z "$darwin_install_name"; then
+                          darwin_install_name=`${OTOOL64} -L $depdepl  | awk '{if (NR == 2) {print $1;exit}}'`
+                      fi
+		      func_append compiler_flags " ${wl}-dylib_file ${wl}${darwin_install_name}:${depdepl}"
+		      func_append linker_flags " -dylib_file ${darwin_install_name}:${depdepl}"
+		      path=
+		    fi
+		  fi
+		  ;;
+		*)
+		  path="-L$absdir/$objdir"
+		  ;;
+		esac
+		else
+		  eval libdir=`${SED} -n -e 's/^libdir=\(.*\)$/\1/p' $deplib`
+		  test -z "$libdir" && \
+		    func_fatal_error "\`$deplib' is not a valid libtool archive"
+		  test "$absdir" != "$libdir" && \
+		    func_warning "\`$deplib' seems to be moved"
+
+		  path="-L$absdir"
+		fi
+		;;
+	      esac
+	      case " $deplibs " in
+	      *" $path "*) ;;
+	      *) deplibs="$path $deplibs" ;;
+	      esac
+	    done
+	  fi # link_all_deplibs != no
+	fi # linkmode = lib
+      done # for deplib in $libs
+      if test "$pass" = link; then
+	if test "$linkmode" = "prog"; then
+	  compile_deplibs="$new_inherited_linker_flags $compile_deplibs"
+	  finalize_deplibs="$new_inherited_linker_flags $finalize_deplibs"
+	else
+	  compiler_flags="$compiler_flags "`$ECHO " $new_inherited_linker_flags" | $SED 's% \([^ $]*\).ltframework% -framework \1%g'`
+	fi
+      fi
+      dependency_libs="$newdependency_libs"
+      if test "$pass" = dlpreopen; then
+	# Link the dlpreopened libraries before other libraries
+	for deplib in $save_deplibs; do
+	  deplibs="$deplib $deplibs"
+	done
+      fi
+      if test "$pass" != dlopen; then
+	if test "$pass" != conv; then
+	  # Make sure lib_search_path contains only unique directories.
+	  lib_search_path=
+	  for dir in $newlib_search_path; do
+	    case "$lib_search_path " in
+	    *" $dir "*) ;;
+	    *) func_append lib_search_path " $dir" ;;
+	    esac
+	  done
+	  newlib_search_path=
+	fi
+
+	if test "$linkmode,$pass" != "prog,link"; then
+	  vars="deplibs"
+	else
+	  vars="compile_deplibs finalize_deplibs"
+	fi
+	for var in $vars dependency_libs; do
+	  # Add libraries to $var in reverse order
+	  eval tmp_libs=\"\$$var\"
+	  new_libs=
+	  for deplib in $tmp_libs; do
+	    # FIXME: Pedantically, this is the right thing to do, so
+	    #        that some nasty dependency loop isn't accidentally
+	    #        broken:
+	    #new_libs="$deplib $new_libs"
+	    # Pragmatically, this seems to cause very few problems in
+	    # practice:
+	    case $deplib in
+	    -L*) new_libs="$deplib $new_libs" ;;
+	    -R*) ;;
+	    *)
+	      # And here is the reason: when a library appears more
+	      # than once as an explicit dependence of a library, or
+	      # is implicitly linked in more than once by the
+	      # compiler, it is considered special, and multiple
+	      # occurrences thereof are not removed.  Compare this
+	      # with having the same library being listed as a
+	      # dependency of multiple other libraries: in this case,
+	      # we know (pedantically, we assume) the library does not
+	      # need to be listed more than once, so we keep only the
+	      # last copy.  This is not always right, but it is rare
+	      # enough that we require users that really mean to play
+	      # such unportable linking tricks to link the library
+	      # using -Wl,-lname, so that libtool does not consider it
+	      # for duplicate removal.
+	      case " $specialdeplibs " in
+	      *" $deplib "*) new_libs="$deplib $new_libs" ;;
+	      *)
+		case " $new_libs " in
+		*" $deplib "*) ;;
+		*) new_libs="$deplib $new_libs" ;;
+		esac
+		;;
+	      esac
+	      ;;
+	    esac
+	  done
+	  tmp_libs=
+	  for deplib in $new_libs; do
+	    case $deplib in
+	    -L*)
+	      case " $tmp_libs " in
+	      *" $deplib "*) ;;
+	      *) func_append tmp_libs " $deplib" ;;
+	      esac
+	      ;;
+	    *) func_append tmp_libs " $deplib" ;;
+	    esac
+	  done
+	  eval $var=\"$tmp_libs\"
+	done # for var
+      fi
+      # Last step: remove runtime libs from dependency_libs
+      # (they stay in deplibs)
+      tmp_libs=
+      for i in $dependency_libs ; do
+	case " $predeps $postdeps $compiler_lib_search_path " in
+	*" $i "*)
+	  i=""
+	  ;;
+	esac
+	if test -n "$i" ; then
+	  func_append tmp_libs " $i"
+	fi
+      done
+      dependency_libs=$tmp_libs
+    done # for pass
+    if test "$linkmode" = prog; then
+      dlfiles="$newdlfiles"
+    fi
+    if test "$linkmode" = prog || test "$linkmode" = lib; then
+      dlprefiles="$newdlprefiles"
+    fi
+
+    case $linkmode in
+    oldlib)
+      if test -n "$dlfiles$dlprefiles" || test "$dlself" != no; then
+	func_warning "\`-dlopen' is ignored for archives"
+      fi
+
+      case " $deplibs" in
+      *\ -l* | *\ -L*)
+	func_warning "\`-l' and \`-L' are ignored for archives" ;;
+      esac
+
+      test -n "$rpath" && \
+	func_warning "\`-rpath' is ignored for archives"
+
+      test -n "$xrpath" && \
+	func_warning "\`-R' is ignored for archives"
+
+      test -n "$vinfo" && \
+	func_warning "\`-version-info/-version-number' is ignored for archives"
+
+      test -n "$release" && \
+	func_warning "\`-release' is ignored for archives"
+
+      test -n "$export_symbols$export_symbols_regex" && \
+	func_warning "\`-export-symbols' is ignored for archives"
+
+      # Now set the variables for building old libraries.
+      build_libtool_libs=no
+      oldlibs="$output"
+      func_append objs "$old_deplibs"
+      ;;
+
+    lib)
+      # Make sure we only generate libraries of the form `libNAME.la'.
+      case $outputname in
+      lib*)
+	func_stripname 'lib' '.la' "$outputname"
+	name=$func_stripname_result
+	eval shared_ext=\"$shrext_cmds\"
+	eval libname=\"$libname_spec\"
+	;;
+      *)
+	test "$module" = no && \
+	  func_fatal_help "libtool library \`$output' must begin with \`lib'"
+
+	if test "$need_lib_prefix" != no; then
+	  # Add the "lib" prefix for modules if required
+	  func_stripname '' '.la' "$outputname"
+	  name=$func_stripname_result
+	  eval shared_ext=\"$shrext_cmds\"
+	  eval libname=\"$libname_spec\"
+	else
+	  func_stripname '' '.la' "$outputname"
+	  libname=$func_stripname_result
+	fi
+	;;
+      esac
+
+      if test -n "$objs"; then
+	if test "$deplibs_check_method" != pass_all; then
+	  func_fatal_error "cannot build libtool library \`$output' from non-libtool objects on this host:$objs"
+	else
+	  echo
+	  $ECHO "*** Warning: Linking the shared library $output against the non-libtool"
+	  $ECHO "*** objects $objs is not portable!"
+	  func_append libobjs " $objs"
+	fi
+      fi
+
+      test "$dlself" != no && \
+	func_warning "\`-dlopen self' is ignored for libtool libraries"
+
+      set dummy $rpath
+      shift
+      test "$#" -gt 1 && \
+	func_warning "ignoring multiple \`-rpath's for a libtool library"
+
+      install_libdir="$1"
+
+      oldlibs=
+      if test -z "$rpath"; then
+	if test "$build_libtool_libs" = yes; then
+	  # Building a libtool convenience library.
+	  # Some compilers have problems with a `.al' extension so
+	  # convenience libraries should have the same extension an
+	  # archive normally would.
+	  oldlibs="$output_objdir/$libname.$libext $oldlibs"
+	  build_libtool_libs=convenience
+	  build_old_libs=yes
+	fi
+
+	test -n "$vinfo" && \
+	  func_warning "\`-version-info/-version-number' is ignored for convenience libraries"
+
+	test -n "$release" && \
+	  func_warning "\`-release' is ignored for convenience libraries"
+      else
+
+	# Parse the version information argument.
+	save_ifs="$IFS"; IFS=':'
+	set dummy $vinfo 0 0 0
+	shift
+	IFS="$save_ifs"
+
+	test -n "$7" && \
+	  func_fatal_help "too many parameters to \`-version-info'"
+
+	# convert absolute version numbers to libtool ages
+	# this retains compatibility with .la files and attempts
+	# to make the code below a bit more comprehensible
+
+	case $vinfo_number in
+	yes)
+	  number_major="$1"
+	  number_minor="$2"
+	  number_revision="$3"
+	  #
+	  # There are really only two kinds -- those that
+	  # use the current revision as the major version
+	  # and those that subtract age and use age as
+	  # a minor version.  But, then there is irix
+	  # which has an extra 1 added just for fun
+	  #
+	  case $version_type in
+	  # correct linux to gnu/linux during the next big refactor
+	  darwin|linux|osf|windows|none)
+	    func_arith $number_major + $number_minor
+	    current=$func_arith_result
+	    age="$number_minor"
+	    revision="$number_revision"
+	    ;;
+	  freebsd-aout|freebsd-elf|qnx|sunos)
+	    current="$number_major"
+	    revision="$number_minor"
+	    age="0"
+	    ;;
+	  irix|nonstopux)
+	    func_arith $number_major + $number_minor
+	    current=$func_arith_result
+	    age="$number_minor"
+	    revision="$number_minor"
+	    lt_irix_increment=no
+	    ;;
+	  esac
+	  ;;
+	no)
+	  current="$1"
+	  revision="$2"
+	  age="$3"
+	  ;;
+	esac
+
+	# Check that each of the things are valid numbers.
+	case $current in
+	0|[1-9]|[1-9][0-9]|[1-9][0-9][0-9]|[1-9][0-9][0-9][0-9]|[1-9][0-9][0-9][0-9][0-9]) ;;
+	*)
+	  func_error "CURRENT \`$current' must be a nonnegative integer"
+	  func_fatal_error "\`$vinfo' is not valid version information"
+	  ;;
+	esac
+
+	case $revision in
+	0|[1-9]|[1-9][0-9]|[1-9][0-9][0-9]|[1-9][0-9][0-9][0-9]|[1-9][0-9][0-9][0-9][0-9]) ;;
+	*)
+	  func_error "REVISION \`$revision' must be a nonnegative integer"
+	  func_fatal_error "\`$vinfo' is not valid version information"
+	  ;;
+	esac
+
+	case $age in
+	0|[1-9]|[1-9][0-9]|[1-9][0-9][0-9]|[1-9][0-9][0-9][0-9]|[1-9][0-9][0-9][0-9][0-9]) ;;
+	*)
+	  func_error "AGE \`$age' must be a nonnegative integer"
+	  func_fatal_error "\`$vinfo' is not valid version information"
+	  ;;
+	esac
+
+	if test "$age" -gt "$current"; then
+	  func_error "AGE \`$age' is greater than the current interface number \`$current'"
+	  func_fatal_error "\`$vinfo' is not valid version information"
+	fi
+
+	# Calculate the version variables.
+	major=
+	versuffix=
+	verstring=
+	case $version_type in
+	none) ;;
+
+	darwin)
+	  # Like Linux, but with the current version available in
+	  # verstring for coding it into the library header
+	  func_arith $current - $age
+	  major=.$func_arith_result
+	  versuffix="$major.$age.$revision"
+	  # Darwin ld doesn't like 0 for these options...
+	  func_arith $current + 1
+	  minor_current=$func_arith_result
+	  xlcverstring="${wl}-compatibility_version ${wl}$minor_current ${wl}-current_version ${wl}$minor_current.$revision"
+	  verstring="-compatibility_version $minor_current -current_version $minor_current.$revision"
+	  ;;
+
+	freebsd-aout)
+	  major=".$current"
+	  versuffix=".$current.$revision";
+	  ;;
+
+	freebsd-elf)
+	  major=".$current"
+	  versuffix=".$current"
+	  ;;
+
+	irix | nonstopux)
+	  if test "X$lt_irix_increment" = "Xno"; then
+	    func_arith $current - $age
+	  else
+	    func_arith $current - $age + 1
+	  fi
+	  major=$func_arith_result
+
+	  case $version_type in
+	    nonstopux) verstring_prefix=nonstopux ;;
+	    *)         verstring_prefix=sgi ;;
+	  esac
+	  verstring="$verstring_prefix$major.$revision"
+
+	  # Add in all the interfaces that we are compatible with.
+	  loop=$revision
+	  while test "$loop" -ne 0; do
+	    func_arith $revision - $loop
+	    iface=$func_arith_result
+	    func_arith $loop - 1
+	    loop=$func_arith_result
+	    verstring="$verstring_prefix$major.$iface:$verstring"
+	  done
+
+	  # Before this point, $major must not contain `.'.
+	  major=.$major
+	  versuffix="$major.$revision"
+	  ;;
+
+	linux) # correct to gnu/linux during the next big refactor
+	  func_arith $current - $age
+	  major=.$func_arith_result
+	  versuffix="$major.$age.$revision"
+	  ;;
+
+	osf)
+	  func_arith $current - $age
+	  major=.$func_arith_result
+	  versuffix=".$current.$age.$revision"
+	  verstring="$current.$age.$revision"
+
+	  # Add in all the interfaces that we are compatible with.
+	  loop=$age
+	  while test "$loop" -ne 0; do
+	    func_arith $current - $loop
+	    iface=$func_arith_result
+	    func_arith $loop - 1
+	    loop=$func_arith_result
+	    verstring="$verstring:${iface}.0"
+	  done
+
+	  # Make executables depend on our current version.
+	  func_append verstring ":${current}.0"
+	  ;;
+
+	qnx)
+	  major=".$current"
+	  versuffix=".$current"
+	  ;;
+
+	sunos)
+	  major=".$current"
+	  versuffix=".$current.$revision"
+	  ;;
+
+	windows)
+	  # Use '-' rather than '.', since we only want one
+	  # extension on DOS 8.3 filesystems.
+	  func_arith $current - $age
+	  major=$func_arith_result
+	  versuffix="-$major"
+	  ;;
+
+	*)
+	  func_fatal_configuration "unknown library version type \`$version_type'"
+	  ;;
+	esac
+
+	# Clear the version info if we defaulted, and they specified a release.
+	if test -z "$vinfo" && test -n "$release"; then
+	  major=
+	  case $version_type in
+	  darwin)
+	    # we can't check for "0.0" in archive_cmds due to quoting
+	    # problems, so we reset it completely
+	    verstring=
+	    ;;
+	  *)
+	    verstring="0.0"
+	    ;;
+	  esac
+	  if test "$need_version" = no; then
+	    versuffix=
+	  else
+	    versuffix=".0.0"
+	  fi
+	fi
+
+	# Remove version info from name if versioning should be avoided
+	if test "$avoid_version" = yes && test "$need_version" = no; then
+	  major=
+	  versuffix=
+	  verstring=""
+	fi
+
+	# Check to see if the archive will have undefined symbols.
+	if test "$allow_undefined" = yes; then
+	  if test "$allow_undefined_flag" = unsupported; then
+	    func_warning "undefined symbols not allowed in $host shared libraries"
+	    build_libtool_libs=no
+	    build_old_libs=yes
+	  fi
+	else
+	  # Don't allow undefined symbols.
+	  allow_undefined_flag="$no_undefined_flag"
+	fi
+
+      fi
+
+      func_generate_dlsyms "$libname" "$libname" "yes"
+      func_append libobjs " $symfileobj"
+      test "X$libobjs" = "X " && libobjs=
+
+      if test "$opt_mode" != relink; then
+	# Remove our outputs, but don't remove object files since they
+	# may have been created when compiling PIC objects.
+	removelist=
+	tempremovelist=`$ECHO "$output_objdir/*"`
+	for p in $tempremovelist; do
+	  case $p in
+	    *.$objext | *.gcno)
+	       ;;
+	    $output_objdir/$outputname | $output_objdir/$libname.* | $output_objdir/${libname}${release}.*)
+	       if test "X$precious_files_regex" != "X"; then
+		 if $ECHO "$p" | $EGREP -e "$precious_files_regex" >/dev/null 2>&1
+		 then
+		   continue
+		 fi
+	       fi
+	       func_append removelist " $p"
+	       ;;
+	    *) ;;
+	  esac
+	done
+	test -n "$removelist" && \
+	  func_show_eval "${RM}r \$removelist"
+      fi
+
+      # Now set the variables for building old libraries.
+      if test "$build_old_libs" = yes && test "$build_libtool_libs" != convenience ; then
+	func_append oldlibs " $output_objdir/$libname.$libext"
+
+	# Transform .lo files to .o files.
+	oldobjs="$objs "`$ECHO "$libobjs" | $SP2NL | $SED "/\.${libext}$/d; $lo2o" | $NL2SP`
+      fi
+
+      # Eliminate all temporary directories.
+      #for path in $notinst_path; do
+      #	lib_search_path=`$ECHO "$lib_search_path " | $SED "s% $path % %g"`
+      #	deplibs=`$ECHO "$deplibs " | $SED "s% -L$path % %g"`
+      #	dependency_libs=`$ECHO "$dependency_libs " | $SED "s% -L$path % %g"`
+      #done
+
+      if test -n "$xrpath"; then
+	# If the user specified any rpath flags, then add them.
+	temp_xrpath=
+	for libdir in $xrpath; do
+	  func_replace_sysroot "$libdir"
+	  func_append temp_xrpath " -R$func_replace_sysroot_result"
+	  case "$finalize_rpath " in
+	  *" $libdir "*) ;;
+	  *) func_append finalize_rpath " $libdir" ;;
+	  esac
+	done
+	if test "$hardcode_into_libs" != yes || test "$build_old_libs" = yes; then
+	  dependency_libs="$temp_xrpath $dependency_libs"
+	fi
+      fi
+
+      # Make sure dlfiles contains only unique files that won't be dlpreopened
+      old_dlfiles="$dlfiles"
+      dlfiles=
+      for lib in $old_dlfiles; do
+	case " $dlprefiles $dlfiles " in
+	*" $lib "*) ;;
+	*) func_append dlfiles " $lib" ;;
+	esac
+      done
+
+      # Make sure dlprefiles contains only unique files
+      old_dlprefiles="$dlprefiles"
+      dlprefiles=
+      for lib in $old_dlprefiles; do
+	case "$dlprefiles " in
+	*" $lib "*) ;;
+	*) func_append dlprefiles " $lib" ;;
+	esac
+      done
+
+      if test "$build_libtool_libs" = yes; then
+	if test -n "$rpath"; then
+	  case $host in
+	  *-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-os2* | *-*-beos* | *-cegcc* | *-*-haiku*)
+	    # these systems don't actually have a c library (as such)!
+	    ;;
+	  *-*-rhapsody* | *-*-darwin1.[012])
+	    # Rhapsody C library is in the System framework
+	    func_append deplibs " System.ltframework"
+	    ;;
+	  *-*-netbsd*)
+	    # Don't link with libc until the a.out ld.so is fixed.
+	    ;;
+	  *-*-openbsd* | *-*-freebsd* | *-*-dragonfly*)
+	    # Do not include libc due to us having libc/libc_r.
+	    ;;
+	  *-*-sco3.2v5* | *-*-sco5v6*)
+	    # Causes problems with __ctype
+	    ;;
+	  *-*-sysv4.2uw2* | *-*-sysv5* | *-*-unixware* | *-*-OpenUNIX*)
+	    # Compiler inserts libc in the correct place for threads to work
+	    ;;
+	  *)
+	    # Add libc to deplibs on all other systems if necessary.
+	    if test "$build_libtool_need_lc" = "yes"; then
+	      func_append deplibs " -lc"
+	    fi
+	    ;;
+	  esac
+	fi
+
+	# Transform deplibs into only deplibs that can be linked in shared.
+	name_save=$name
+	libname_save=$libname
+	release_save=$release
+	versuffix_save=$versuffix
+	major_save=$major
+	# I'm not sure if I'm treating the release correctly.  I think
+	# release should show up in the -l (ie -lgmp5) so we don't want to
+	# add it in twice.  Is that correct?
+	release=""
+	versuffix=""
+	major=""
+	newdeplibs=
+	droppeddeps=no
+	case $deplibs_check_method in
+	pass_all)
+	  # Don't check for shared/static.  Everything works.
+	  # This might be a little naive.  We might want to check
+	  # whether the library exists or not.  But this is on
+	  # osf3 & osf4 and I'm not really sure... Just
+	  # implementing what was already the behavior.
+	  newdeplibs=$deplibs
+	  ;;
+	test_compile)
+	  # This code stresses the "libraries are programs" paradigm to its
+	  # limits. Maybe even breaks it.  We compile a program, linking it
+	  # against the deplibs as a proxy for the library.  Then we can check
+	  # whether they linked in statically or dynamically with ldd.
+	  $opt_dry_run || $RM conftest.c
+	  cat > conftest.c </dev/null`
+		    $nocaseglob
+		  else
+		    potential_libs=`ls $i/$libnameglob[.-]* 2>/dev/null`
+		  fi
+		  for potent_lib in $potential_libs; do
+		      # Follow soft links.
+		      if ls -lLd "$potent_lib" 2>/dev/null |
+			 $GREP " -> " >/dev/null; then
+			continue
+		      fi
+		      # The statement above tries to avoid entering an
+		      # endless loop below, in case of cyclic links.
+		      # We might still enter an endless loop, since a link
+		      # loop can be closed while we follow links,
+		      # but so what?
+		      potlib="$potent_lib"
+		      while test -h "$potlib" 2>/dev/null; do
+			potliblink=`ls -ld $potlib | ${SED} 's/.* -> //'`
+			case $potliblink in
+			[\\/]* | [A-Za-z]:[\\/]*) potlib="$potliblink";;
+			*) potlib=`$ECHO "$potlib" | $SED 's,[^/]*$,,'`"$potliblink";;
+			esac
+		      done
+		      if eval $file_magic_cmd \"\$potlib\" 2>/dev/null |
+			 $SED -e 10q |
+			 $EGREP "$file_magic_regex" > /dev/null; then
+			func_append newdeplibs " $a_deplib"
+			a_deplib=""
+			break 2
+		      fi
+		  done
+		done
+	      fi
+	      if test -n "$a_deplib" ; then
+		droppeddeps=yes
+		echo
+		$ECHO "*** Warning: linker path does not have real file for library $a_deplib."
+		echo "*** I have the capability to make that library automatically link in when"
+		echo "*** you link to this library.  But I can only do this if you have a"
+		echo "*** shared version of the library, which you do not appear to have"
+		echo "*** because I did check the linker path looking for a file starting"
+		if test -z "$potlib" ; then
+		  $ECHO "*** with $libname but no candidates were found. (...for file magic test)"
+		else
+		  $ECHO "*** with $libname and none of the candidates passed a file format test"
+		  $ECHO "*** using a file magic. Last file checked: $potlib"
+		fi
+	      fi
+	      ;;
+	    *)
+	      # Add a -L argument.
+	      func_append newdeplibs " $a_deplib"
+	      ;;
+	    esac
+	  done # Gone through all deplibs.
+	  ;;
+	match_pattern*)
+	  set dummy $deplibs_check_method; shift
+	  match_pattern_regex=`expr "$deplibs_check_method" : "$1 \(.*\)"`
+	  for a_deplib in $deplibs; do
+	    case $a_deplib in
+	    -l*)
+	      func_stripname -l '' "$a_deplib"
+	      name=$func_stripname_result
+	      if test "X$allow_libtool_libs_with_static_runtimes" = "Xyes" ; then
+		case " $predeps $postdeps " in
+		*" $a_deplib "*)
+		  func_append newdeplibs " $a_deplib"
+		  a_deplib=""
+		  ;;
+		esac
+	      fi
+	      if test -n "$a_deplib" ; then
+		libname=`eval "\\$ECHO \"$libname_spec\""`
+		for i in $lib_search_path $sys_lib_search_path $shlib_search_path; do
+		  potential_libs=`ls $i/$libname[.-]* 2>/dev/null`
+		  for potent_lib in $potential_libs; do
+		    potlib="$potent_lib" # see symlink-check above in file_magic test
+		    if eval "\$ECHO \"$potent_lib\"" 2>/dev/null | $SED 10q | \
+		       $EGREP "$match_pattern_regex" > /dev/null; then
+		      func_append newdeplibs " $a_deplib"
+		      a_deplib=""
+		      break 2
+		    fi
+		  done
+		done
+	      fi
+	      if test -n "$a_deplib" ; then
+		droppeddeps=yes
+		echo
+		$ECHO "*** Warning: linker path does not have real file for library $a_deplib."
+		echo "*** I have the capability to make that library automatically link in when"
+		echo "*** you link to this library.  But I can only do this if you have a"
+		echo "*** shared version of the library, which you do not appear to have"
+		echo "*** because I did check the linker path looking for a file starting"
+		if test -z "$potlib" ; then
+		  $ECHO "*** with $libname but no candidates were found. (...for regex pattern test)"
+		else
+		  $ECHO "*** with $libname and none of the candidates passed a file format test"
+		  $ECHO "*** using a regex pattern. Last file checked: $potlib"
+		fi
+	      fi
+	      ;;
+	    *)
+	      # Add a -L argument.
+	      func_append newdeplibs " $a_deplib"
+	      ;;
+	    esac
+	  done # Gone through all deplibs.
+	  ;;
+	none | unknown | *)
+	  newdeplibs=""
+	  tmp_deplibs=`$ECHO " $deplibs" | $SED 's/ -lc$//; s/ -[LR][^ ]*//g'`
+	  if test "X$allow_libtool_libs_with_static_runtimes" = "Xyes" ; then
+	    for i in $predeps $postdeps ; do
+	      # can't use Xsed below, because $i might contain '/'
+	      tmp_deplibs=`$ECHO " $tmp_deplibs" | $SED "s,$i,,"`
+	    done
+	  fi
+	  case $tmp_deplibs in
+	  *[!\	\ ]*)
+	    echo
+	    if test "X$deplibs_check_method" = "Xnone"; then
+	      echo "*** Warning: inter-library dependencies are not supported in this platform."
+	    else
+	      echo "*** Warning: inter-library dependencies are not known to be supported."
+	    fi
+	    echo "*** All declared inter-library dependencies are being dropped."
+	    droppeddeps=yes
+	    ;;
+	  esac
+	  ;;
+	esac
+	versuffix=$versuffix_save
+	major=$major_save
+	release=$release_save
+	libname=$libname_save
+	name=$name_save
+
+	case $host in
+	*-*-rhapsody* | *-*-darwin1.[012])
+	  # On Rhapsody replace the C library with the System framework
+	  newdeplibs=`$ECHO " $newdeplibs" | $SED 's/ -lc / System.ltframework /'`
+	  ;;
+	esac
+
+	if test "$droppeddeps" = yes; then
+	  if test "$module" = yes; then
+	    echo
+	    echo "*** Warning: libtool could not satisfy all declared inter-library"
+	    $ECHO "*** dependencies of module $libname.  Therefore, libtool will create"
+	    echo "*** a static module, that should work as long as the dlopening"
+	    echo "*** application is linked with the -dlopen flag."
+	    if test -z "$global_symbol_pipe"; then
+	      echo
+	      echo "*** However, this would only work if libtool was able to extract symbol"
+	      echo "*** lists from a program, using \`nm' or equivalent, but libtool could"
+	      echo "*** not find such a program.  So, this module is probably useless."
+	      echo "*** \`nm' from GNU binutils and a full rebuild may help."
+	    fi
+	    if test "$build_old_libs" = no; then
+	      oldlibs="$output_objdir/$libname.$libext"
+	      build_libtool_libs=module
+	      build_old_libs=yes
+	    else
+	      build_libtool_libs=no
+	    fi
+	  else
+	    echo "*** The inter-library dependencies that have been dropped here will be"
+	    echo "*** automatically added whenever a program is linked with this library"
+	    echo "*** or is declared to -dlopen it."
+
+	    if test "$allow_undefined" = no; then
+	      echo
+	      echo "*** Since this library must not contain undefined symbols,"
+	      echo "*** because either the platform does not support them or"
+	      echo "*** it was explicitly requested with -no-undefined,"
+	      echo "*** libtool will only create a static version of it."
+	      if test "$build_old_libs" = no; then
+		oldlibs="$output_objdir/$libname.$libext"
+		build_libtool_libs=module
+		build_old_libs=yes
+	      else
+		build_libtool_libs=no
+	      fi
+	    fi
+	  fi
+	fi
+	# Done checking deplibs!
+	deplibs=$newdeplibs
+      fi
+      # Time to change all our "foo.ltframework" stuff back to "-framework foo"
+      case $host in
+	*-*-darwin*)
+	  newdeplibs=`$ECHO " $newdeplibs" | $SED 's% \([^ $]*\).ltframework% -framework \1%g'`
+	  new_inherited_linker_flags=`$ECHO " $new_inherited_linker_flags" | $SED 's% \([^ $]*\).ltframework% -framework \1%g'`
+	  deplibs=`$ECHO " $deplibs" | $SED 's% \([^ $]*\).ltframework% -framework \1%g'`
+	  ;;
+      esac
+
+      # move library search paths that coincide with paths to not yet
+      # installed libraries to the beginning of the library search list
+      new_libs=
+      for path in $notinst_path; do
+	case " $new_libs " in
+	*" -L$path/$objdir "*) ;;
+	*)
+	  case " $deplibs " in
+	  *" -L$path/$objdir "*)
+	    func_append new_libs " -L$path/$objdir" ;;
+	  esac
+	  ;;
+	esac
+      done
+      for deplib in $deplibs; do
+	case $deplib in
+	-L*)
+	  case " $new_libs " in
+	  *" $deplib "*) ;;
+	  *) func_append new_libs " $deplib" ;;
+	  esac
+	  ;;
+	*) func_append new_libs " $deplib" ;;
+	esac
+      done
+      deplibs="$new_libs"
+
+      # All the library-specific variables (install_libdir is set above).
+      library_names=
+      old_library=
+      dlname=
+
+      # Test again, we may have decided not to build it any more
+      if test "$build_libtool_libs" = yes; then
+	# Remove ${wl} instances when linking with ld.
+	# FIXME: should test the right _cmds variable.
+	case $archive_cmds in
+	  *\$LD\ *) wl= ;;
+        esac
+	if test "$hardcode_into_libs" = yes; then
+	  # Hardcode the library paths
+	  hardcode_libdirs=
+	  dep_rpath=
+	  rpath="$finalize_rpath"
+	  test "$opt_mode" != relink && rpath="$compile_rpath$rpath"
+	  for libdir in $rpath; do
+	    if test -n "$hardcode_libdir_flag_spec"; then
+	      if test -n "$hardcode_libdir_separator"; then
+		func_replace_sysroot "$libdir"
+		libdir=$func_replace_sysroot_result
+		if test -z "$hardcode_libdirs"; then
+		  hardcode_libdirs="$libdir"
+		else
+		  # Just accumulate the unique libdirs.
+		  case $hardcode_libdir_separator$hardcode_libdirs$hardcode_libdir_separator in
+		  *"$hardcode_libdir_separator$libdir$hardcode_libdir_separator"*)
+		    ;;
+		  *)
+		    func_append hardcode_libdirs "$hardcode_libdir_separator$libdir"
+		    ;;
+		  esac
+		fi
+	      else
+		eval flag=\"$hardcode_libdir_flag_spec\"
+		func_append dep_rpath " $flag"
+	      fi
+	    elif test -n "$runpath_var"; then
+	      case "$perm_rpath " in
+	      *" $libdir "*) ;;
+	      *) func_append perm_rpath " $libdir" ;;
+	      esac
+	    fi
+	  done
+	  # Substitute the hardcoded libdirs into the rpath.
+	  if test -n "$hardcode_libdir_separator" &&
+	     test -n "$hardcode_libdirs"; then
+	    libdir="$hardcode_libdirs"
+	    eval "dep_rpath=\"$hardcode_libdir_flag_spec\""
+	  fi
+	  if test -n "$runpath_var" && test -n "$perm_rpath"; then
+	    # We should set the runpath_var.
+	    rpath=
+	    for dir in $perm_rpath; do
+	      func_append rpath "$dir:"
+	    done
+	    eval "$runpath_var='$rpath\$$runpath_var'; export $runpath_var"
+	  fi
+	  test -n "$dep_rpath" && deplibs="$dep_rpath $deplibs"
+	fi
+
+	shlibpath="$finalize_shlibpath"
+	test "$opt_mode" != relink && shlibpath="$compile_shlibpath$shlibpath"
+	if test -n "$shlibpath"; then
+	  eval "$shlibpath_var='$shlibpath\$$shlibpath_var'; export $shlibpath_var"
+	fi
+
+	# Get the real and link names of the library.
+	eval shared_ext=\"$shrext_cmds\"
+	eval library_names=\"$library_names_spec\"
+	set dummy $library_names
+	shift
+	realname="$1"
+	shift
+
+	if test -n "$soname_spec"; then
+	  eval soname=\"$soname_spec\"
+	else
+	  soname="$realname"
+	fi
+	if test -z "$dlname"; then
+	  dlname=$soname
+	fi
+
+	lib="$output_objdir/$realname"
+	linknames=
+	for link
+	do
+	  func_append linknames " $link"
+	done
+
+	# Use standard objects if they are pic
+	test -z "$pic_flag" && libobjs=`$ECHO "$libobjs" | $SP2NL | $SED "$lo2o" | $NL2SP`
+	test "X$libobjs" = "X " && libobjs=
+
+	delfiles=
+	if test -n "$export_symbols" && test -n "$include_expsyms"; then
+	  $opt_dry_run || cp "$export_symbols" "$output_objdir/$libname.uexp"
+	  export_symbols="$output_objdir/$libname.uexp"
+	  func_append delfiles " $export_symbols"
+	fi
+
+	orig_export_symbols=
+	case $host_os in
+	cygwin* | mingw* | cegcc*)
+	  if test -n "$export_symbols" && test -z "$export_symbols_regex"; then
+	    # exporting using user supplied symfile
+	    if test "x`$SED 1q $export_symbols`" != xEXPORTS; then
+	      # and it's NOT already a .def file. Must figure out
+	      # which of the given symbols are data symbols and tag
+	      # them as such. So, trigger use of export_symbols_cmds.
+	      # export_symbols gets reassigned inside the "prepare
+	      # the list of exported symbols" if statement, so the
+	      # include_expsyms logic still works.
+	      orig_export_symbols="$export_symbols"
+	      export_symbols=
+	      always_export_symbols=yes
+	    fi
+	  fi
+	  ;;
+	esac
+
+	# Prepare the list of exported symbols
+	if test -z "$export_symbols"; then
+	  if test "$always_export_symbols" = yes || test -n "$export_symbols_regex"; then
+	    func_verbose "generating symbol list for \`$libname.la'"
+	    export_symbols="$output_objdir/$libname.exp"
+	    $opt_dry_run || $RM $export_symbols
+	    cmds=$export_symbols_cmds
+	    save_ifs="$IFS"; IFS='~'
+	    for cmd1 in $cmds; do
+	      IFS="$save_ifs"
+	      # Take the normal branch if the nm_file_list_spec branch
+	      # doesn't work or if tool conversion is not needed.
+	      case $nm_file_list_spec~$to_tool_file_cmd in
+		*~func_convert_file_noop | *~func_convert_file_msys_to_w32 | ~*)
+		  try_normal_branch=yes
+		  eval cmd=\"$cmd1\"
+		  func_len " $cmd"
+		  len=$func_len_result
+		  ;;
+		*)
+		  try_normal_branch=no
+		  ;;
+	      esac
+	      if test "$try_normal_branch" = yes \
+		 && { test "$len" -lt "$max_cmd_len" \
+		      || test "$max_cmd_len" -le -1; }
+	      then
+		func_show_eval "$cmd" 'exit $?'
+		skipped_export=false
+	      elif test -n "$nm_file_list_spec"; then
+		func_basename "$output"
+		output_la=$func_basename_result
+		save_libobjs=$libobjs
+		save_output=$output
+		output=${output_objdir}/${output_la}.nm
+		func_to_tool_file "$output"
+		libobjs=$nm_file_list_spec$func_to_tool_file_result
+		func_append delfiles " $output"
+		func_verbose "creating $NM input file list: $output"
+		for obj in $save_libobjs; do
+		  func_to_tool_file "$obj"
+		  $ECHO "$func_to_tool_file_result"
+		done > "$output"
+		eval cmd=\"$cmd1\"
+		func_show_eval "$cmd" 'exit $?'
+		output=$save_output
+		libobjs=$save_libobjs
+		skipped_export=false
+	      else
+		# The command line is too long to execute in one step.
+		func_verbose "using reloadable object file for export list..."
+		skipped_export=:
+		# Break out early, otherwise skipped_export may be
+		# set to false by a later but shorter cmd.
+		break
+	      fi
+	    done
+	    IFS="$save_ifs"
+	    if test -n "$export_symbols_regex" && test "X$skipped_export" != "X:"; then
+	      func_show_eval '$EGREP -e "$export_symbols_regex" "$export_symbols" > "${export_symbols}T"'
+	      func_show_eval '$MV "${export_symbols}T" "$export_symbols"'
+	    fi
+	  fi
+	fi
+
+	if test -n "$export_symbols" && test -n "$include_expsyms"; then
+	  tmp_export_symbols="$export_symbols"
+	  test -n "$orig_export_symbols" && tmp_export_symbols="$orig_export_symbols"
+	  $opt_dry_run || eval '$ECHO "$include_expsyms" | $SP2NL >> "$tmp_export_symbols"'
+	fi
+
+	if test "X$skipped_export" != "X:" && test -n "$orig_export_symbols"; then
+	  # The given exports_symbols file has to be filtered, so filter it.
+	  func_verbose "filter symbol list for \`$libname.la' to tag DATA exports"
+	  # FIXME: $output_objdir/$libname.filter potentially contains lots of
+	  # 's' commands which not all seds can handle. GNU sed should be fine
+	  # though. Also, the filter scales superlinearly with the number of
+	  # global variables. join(1) would be nice here, but unfortunately
+	  # isn't a blessed tool.
+	  $opt_dry_run || $SED -e '/[ ,]DATA/!d;s,\(.*\)\([ \,].*\),s|^\1$|\1\2|,' < $export_symbols > $output_objdir/$libname.filter
+	  func_append delfiles " $export_symbols $output_objdir/$libname.filter"
+	  export_symbols=$output_objdir/$libname.def
+	  $opt_dry_run || $SED -f $output_objdir/$libname.filter < $orig_export_symbols > $export_symbols
+	fi
+
+	tmp_deplibs=
+	for test_deplib in $deplibs; do
+	  case " $convenience " in
+	  *" $test_deplib "*) ;;
+	  *)
+	    func_append tmp_deplibs " $test_deplib"
+	    ;;
+	  esac
+	done
+	deplibs="$tmp_deplibs"
+
+	if test -n "$convenience"; then
+	  if test -n "$whole_archive_flag_spec" &&
+	    test "$compiler_needs_object" = yes &&
+	    test -z "$libobjs"; then
+	    # extract the archives, so we have objects to list.
+	    # TODO: could optimize this to just extract one archive.
+	    whole_archive_flag_spec=
+	  fi
+	  if test -n "$whole_archive_flag_spec"; then
+	    save_libobjs=$libobjs
+	    eval libobjs=\"\$libobjs $whole_archive_flag_spec\"
+	    test "X$libobjs" = "X " && libobjs=
+	  else
+	    gentop="$output_objdir/${outputname}x"
+	    func_append generated " $gentop"
+
+	    func_extract_archives $gentop $convenience
+	    func_append libobjs " $func_extract_archives_result"
+	    test "X$libobjs" = "X " && libobjs=
+	  fi
+	fi
+
+	if test "$thread_safe" = yes && test -n "$thread_safe_flag_spec"; then
+	  eval flag=\"$thread_safe_flag_spec\"
+	  func_append linker_flags " $flag"
+	fi
+
+	# Make a backup of the uninstalled library when relinking
+	if test "$opt_mode" = relink; then
+	  $opt_dry_run || eval '(cd $output_objdir && $RM ${realname}U && $MV $realname ${realname}U)' || exit $?
+	fi
+
+	# Do each of the archive commands.
+	if test "$module" = yes && test -n "$module_cmds" ; then
+	  if test -n "$export_symbols" && test -n "$module_expsym_cmds"; then
+	    eval test_cmds=\"$module_expsym_cmds\"
+	    cmds=$module_expsym_cmds
+	  else
+	    eval test_cmds=\"$module_cmds\"
+	    cmds=$module_cmds
+	  fi
+	else
+	  if test -n "$export_symbols" && test -n "$archive_expsym_cmds"; then
+	    eval test_cmds=\"$archive_expsym_cmds\"
+	    cmds=$archive_expsym_cmds
+	  else
+	    eval test_cmds=\"$archive_cmds\"
+	    cmds=$archive_cmds
+	  fi
+	fi
+
+	if test "X$skipped_export" != "X:" &&
+	   func_len " $test_cmds" &&
+	   len=$func_len_result &&
+	   test "$len" -lt "$max_cmd_len" || test "$max_cmd_len" -le -1; then
+	  :
+	else
+	  # The command line is too long to link in one step, link piecewise
+	  # or, if using GNU ld and skipped_export is not :, use a linker
+	  # script.
+
+	  # Save the value of $output and $libobjs because we want to
+	  # use them later.  If we have whole_archive_flag_spec, we
+	  # want to use save_libobjs as it was before
+	  # whole_archive_flag_spec was expanded, because we can't
+	  # assume the linker understands whole_archive_flag_spec.
+	  # This may have to be revisited, in case too many
+	  # convenience libraries get linked in and end up exceeding
+	  # the spec.
+	  if test -z "$convenience" || test -z "$whole_archive_flag_spec"; then
+	    save_libobjs=$libobjs
+	  fi
+	  save_output=$output
+	  func_basename "$output"
+	  output_la=$func_basename_result
+
+	  # Clear the reloadable object creation command queue and
+	  # initialize k to one.
+	  test_cmds=
+	  concat_cmds=
+	  objlist=
+	  last_robj=
+	  k=1
+
+	  if test -n "$save_libobjs" && test "X$skipped_export" != "X:" && test "$with_gnu_ld" = yes; then
+	    output=${output_objdir}/${output_la}.lnkscript
+	    func_verbose "creating GNU ld script: $output"
+	    echo 'INPUT (' > $output
+	    for obj in $save_libobjs
+	    do
+	      func_to_tool_file "$obj"
+	      $ECHO "$func_to_tool_file_result" >> $output
+	    done
+	    echo ')' >> $output
+	    func_append delfiles " $output"
+	    func_to_tool_file "$output"
+	    output=$func_to_tool_file_result
+	  elif test -n "$save_libobjs" && test "X$skipped_export" != "X:" && test "X$file_list_spec" != X; then
+	    output=${output_objdir}/${output_la}.lnk
+	    func_verbose "creating linker input file list: $output"
+	    : > $output
+	    set x $save_libobjs
+	    shift
+	    firstobj=
+	    if test "$compiler_needs_object" = yes; then
+	      firstobj="$1 "
+	      shift
+	    fi
+	    for obj
+	    do
+	      func_to_tool_file "$obj"
+	      $ECHO "$func_to_tool_file_result" >> $output
+	    done
+	    func_append delfiles " $output"
+	    func_to_tool_file "$output"
+	    output=$firstobj\"$file_list_spec$func_to_tool_file_result\"
+	  else
+	    if test -n "$save_libobjs"; then
+	      func_verbose "creating reloadable object files..."
+	      output=$output_objdir/$output_la-${k}.$objext
+	      eval test_cmds=\"$reload_cmds\"
+	      func_len " $test_cmds"
+	      len0=$func_len_result
+	      len=$len0
+
+	      # Loop over the list of objects to be linked.
+	      for obj in $save_libobjs
+	      do
+		func_len " $obj"
+		func_arith $len + $func_len_result
+		len=$func_arith_result
+		if test "X$objlist" = X ||
+		   test "$len" -lt "$max_cmd_len"; then
+		  func_append objlist " $obj"
+		else
+		  # The command $test_cmds is almost too long, add a
+		  # command to the queue.
+		  if test "$k" -eq 1 ; then
+		    # The first file doesn't have a previous command to add.
+		    reload_objs=$objlist
+		    eval concat_cmds=\"$reload_cmds\"
+		  else
+		    # All subsequent reloadable object files will link in
+		    # the last one created.
+		    reload_objs="$objlist $last_robj"
+		    eval concat_cmds=\"\$concat_cmds~$reload_cmds~\$RM $last_robj\"
+		  fi
+		  last_robj=$output_objdir/$output_la-${k}.$objext
+		  func_arith $k + 1
+		  k=$func_arith_result
+		  output=$output_objdir/$output_la-${k}.$objext
+		  objlist=" $obj"
+		  func_len " $last_robj"
+		  func_arith $len0 + $func_len_result
+		  len=$func_arith_result
+		fi
+	      done
+	      # Handle the remaining objects by creating one last
+	      # reloadable object file.  All subsequent reloadable object
+	      # files will link in the last one created.
+	      test -z "$concat_cmds" || concat_cmds=$concat_cmds~
+	      reload_objs="$objlist $last_robj"
+	      eval concat_cmds=\"\${concat_cmds}$reload_cmds\"
+	      if test -n "$last_robj"; then
+	        eval concat_cmds=\"\${concat_cmds}~\$RM $last_robj\"
+	      fi
+	      func_append delfiles " $output"
+
+	    else
+	      output=
+	    fi
+
+	    if ${skipped_export-false}; then
+	      func_verbose "generating symbol list for \`$libname.la'"
+	      export_symbols="$output_objdir/$libname.exp"
+	      $opt_dry_run || $RM $export_symbols
+	      libobjs=$output
+	      # Append the command to create the export file.
+	      test -z "$concat_cmds" || concat_cmds=$concat_cmds~
+	      eval concat_cmds=\"\$concat_cmds$export_symbols_cmds\"
+	      if test -n "$last_robj"; then
+		eval concat_cmds=\"\$concat_cmds~\$RM $last_robj\"
+	      fi
+	    fi
+
+	    test -n "$save_libobjs" &&
+	      func_verbose "creating a temporary reloadable object file: $output"
+
+	    # Loop through the commands generated above and execute them.
+	    save_ifs="$IFS"; IFS='~'
+	    for cmd in $concat_cmds; do
+	      IFS="$save_ifs"
+	      $opt_silent || {
+		  func_quote_for_expand "$cmd"
+		  eval "func_echo $func_quote_for_expand_result"
+	      }
+	      $opt_dry_run || eval "$cmd" || {
+		lt_exit=$?
+
+		# Restore the uninstalled library and exit
+		if test "$opt_mode" = relink; then
+		  ( cd "$output_objdir" && \
+		    $RM "${realname}T" && \
+		    $MV "${realname}U" "$realname" )
+		fi
+
+		exit $lt_exit
+	      }
+	    done
+	    IFS="$save_ifs"
+
+	    if test -n "$export_symbols_regex" && ${skipped_export-false}; then
+	      func_show_eval '$EGREP -e "$export_symbols_regex" "$export_symbols" > "${export_symbols}T"'
+	      func_show_eval '$MV "${export_symbols}T" "$export_symbols"'
+	    fi
+	  fi
+
+          if ${skipped_export-false}; then
+	    if test -n "$export_symbols" && test -n "$include_expsyms"; then
+	      tmp_export_symbols="$export_symbols"
+	      test -n "$orig_export_symbols" && tmp_export_symbols="$orig_export_symbols"
+	      $opt_dry_run || eval '$ECHO "$include_expsyms" | $SP2NL >> "$tmp_export_symbols"'
+	    fi
+
+	    if test -n "$orig_export_symbols"; then
+	      # The given exports_symbols file has to be filtered, so filter it.
+	      func_verbose "filter symbol list for \`$libname.la' to tag DATA exports"
+	      # FIXME: $output_objdir/$libname.filter potentially contains lots of
+	      # 's' commands which not all seds can handle. GNU sed should be fine
+	      # though. Also, the filter scales superlinearly with the number of
+	      # global variables. join(1) would be nice here, but unfortunately
+	      # isn't a blessed tool.
+	      $opt_dry_run || $SED -e '/[ ,]DATA/!d;s,\(.*\)\([ \,].*\),s|^\1$|\1\2|,' < $export_symbols > $output_objdir/$libname.filter
+	      func_append delfiles " $export_symbols $output_objdir/$libname.filter"
+	      export_symbols=$output_objdir/$libname.def
+	      $opt_dry_run || $SED -f $output_objdir/$libname.filter < $orig_export_symbols > $export_symbols
+	    fi
+	  fi
+
+	  libobjs=$output
+	  # Restore the value of output.
+	  output=$save_output
+
+	  if test -n "$convenience" && test -n "$whole_archive_flag_spec"; then
+	    eval libobjs=\"\$libobjs $whole_archive_flag_spec\"
+	    test "X$libobjs" = "X " && libobjs=
+	  fi
+	  # Expand the library linking commands again to reset the
+	  # value of $libobjs for piecewise linking.
+
+	  # Do each of the archive commands.
+	  if test "$module" = yes && test -n "$module_cmds" ; then
+	    if test -n "$export_symbols" && test -n "$module_expsym_cmds"; then
+	      cmds=$module_expsym_cmds
+	    else
+	      cmds=$module_cmds
+	    fi
+	  else
+	    if test -n "$export_symbols" && test -n "$archive_expsym_cmds"; then
+	      cmds=$archive_expsym_cmds
+	    else
+	      cmds=$archive_cmds
+	    fi
+	  fi
+	fi
+
+	if test -n "$delfiles"; then
+	  # Append the command to remove temporary files to $cmds.
+	  eval cmds=\"\$cmds~\$RM $delfiles\"
+	fi
+
+	# Add any objects from preloaded convenience libraries
+	if test -n "$dlprefiles"; then
+	  gentop="$output_objdir/${outputname}x"
+	  func_append generated " $gentop"
+
+	  func_extract_archives $gentop $dlprefiles
+	  func_append libobjs " $func_extract_archives_result"
+	  test "X$libobjs" = "X " && libobjs=
+	fi
+
+	save_ifs="$IFS"; IFS='~'
+	for cmd in $cmds; do
+	  IFS="$save_ifs"
+	  eval cmd=\"$cmd\"
+	  $opt_silent || {
+	    func_quote_for_expand "$cmd"
+	    eval "func_echo $func_quote_for_expand_result"
+	  }
+	  $opt_dry_run || eval "$cmd" || {
+	    lt_exit=$?
+
+	    # Restore the uninstalled library and exit
+	    if test "$opt_mode" = relink; then
+	      ( cd "$output_objdir" && \
+	        $RM "${realname}T" && \
+		$MV "${realname}U" "$realname" )
+	    fi
+
+	    exit $lt_exit
+	  }
+	done
+	IFS="$save_ifs"
+
+	# Restore the uninstalled library and exit
+	if test "$opt_mode" = relink; then
+	  $opt_dry_run || eval '(cd $output_objdir && $RM ${realname}T && $MV $realname ${realname}T && $MV ${realname}U $realname)' || exit $?
+
+	  if test -n "$convenience"; then
+	    if test -z "$whole_archive_flag_spec"; then
+	      func_show_eval '${RM}r "$gentop"'
+	    fi
+	  fi
+
+	  exit $EXIT_SUCCESS
+	fi
+
+	# Create links to the real library.
+	for linkname in $linknames; do
+	  if test "$realname" != "$linkname"; then
+	    func_show_eval '(cd "$output_objdir" && $RM "$linkname" && $LN_S "$realname" "$linkname")' 'exit $?'
+	  fi
+	done
+
+	# If -module or -export-dynamic was specified, set the dlname.
+	if test "$module" = yes || test "$export_dynamic" = yes; then
+	  # On all known operating systems, these are identical.
+	  dlname="$soname"
+	fi
+      fi
+      ;;
+
+    obj)
+      if test -n "$dlfiles$dlprefiles" || test "$dlself" != no; then
+	func_warning "\`-dlopen' is ignored for objects"
+      fi
+
+      case " $deplibs" in
+      *\ -l* | *\ -L*)
+	func_warning "\`-l' and \`-L' are ignored for objects" ;;
+      esac
+
+      test -n "$rpath" && \
+	func_warning "\`-rpath' is ignored for objects"
+
+      test -n "$xrpath" && \
+	func_warning "\`-R' is ignored for objects"
+
+      test -n "$vinfo" && \
+	func_warning "\`-version-info' is ignored for objects"
+
+      test -n "$release" && \
+	func_warning "\`-release' is ignored for objects"
+
+      case $output in
+      *.lo)
+	test -n "$objs$old_deplibs" && \
+	  func_fatal_error "cannot build library object \`$output' from non-libtool objects"
+
+	libobj=$output
+	func_lo2o "$libobj"
+	obj=$func_lo2o_result
+	;;
+      *)
+	libobj=
+	obj="$output"
+	;;
+      esac
+
+      # Delete the old objects.
+      $opt_dry_run || $RM $obj $libobj
+
+      # Objects from convenience libraries.  This assumes
+      # single-version convenience libraries.  Whenever we create
+      # different ones for PIC/non-PIC, this we'll have to duplicate
+      # the extraction.
+      reload_conv_objs=
+      gentop=
+      # reload_cmds runs $LD directly, so let us get rid of
+      # -Wl from whole_archive_flag_spec and hope we can get by with
+      # turning comma into space..
+      wl=
+
+      if test -n "$convenience"; then
+	if test -n "$whole_archive_flag_spec"; then
+	  eval tmp_whole_archive_flags=\"$whole_archive_flag_spec\"
+	  reload_conv_objs=$reload_objs\ `$ECHO "$tmp_whole_archive_flags" | $SED 's|,| |g'`
+	else
+	  gentop="$output_objdir/${obj}x"
+	  func_append generated " $gentop"
+
+	  func_extract_archives $gentop $convenience
+	  reload_conv_objs="$reload_objs $func_extract_archives_result"
+	fi
+      fi
+
+      # If we're not building shared, we need to use non_pic_objs
+      test "$build_libtool_libs" != yes && libobjs="$non_pic_objects"
+
+      # Create the old-style object.
+      reload_objs="$objs$old_deplibs "`$ECHO "$libobjs" | $SP2NL | $SED "/\.${libext}$/d; /\.lib$/d; $lo2o" | $NL2SP`" $reload_conv_objs" ### testsuite: skip nested quoting test
+
+      output="$obj"
+      func_execute_cmds "$reload_cmds" 'exit $?'
+
+      # Exit if we aren't doing a library object file.
+      if test -z "$libobj"; then
+	if test -n "$gentop"; then
+	  func_show_eval '${RM}r "$gentop"'
+	fi
+
+	exit $EXIT_SUCCESS
+      fi
+
+      if test "$build_libtool_libs" != yes; then
+	if test -n "$gentop"; then
+	  func_show_eval '${RM}r "$gentop"'
+	fi
+
+	# Create an invalid libtool object if no PIC, so that we don't
+	# accidentally link it into a program.
+	# $show "echo timestamp > $libobj"
+	# $opt_dry_run || eval "echo timestamp > $libobj" || exit $?
+	exit $EXIT_SUCCESS
+      fi
+
+      if test -n "$pic_flag" || test "$pic_mode" != default; then
+	# Only do commands if we really have different PIC objects.
+	reload_objs="$libobjs $reload_conv_objs"
+	output="$libobj"
+	func_execute_cmds "$reload_cmds" 'exit $?'
+      fi
+
+      if test -n "$gentop"; then
+	func_show_eval '${RM}r "$gentop"'
+      fi
+
+      exit $EXIT_SUCCESS
+      ;;
+
+    prog)
+      case $host in
+	*cygwin*) func_stripname '' '.exe' "$output"
+	          output=$func_stripname_result.exe;;
+      esac
+      test -n "$vinfo" && \
+	func_warning "\`-version-info' is ignored for programs"
+
+      test -n "$release" && \
+	func_warning "\`-release' is ignored for programs"
+
+      test "$preload" = yes \
+        && test "$dlopen_support" = unknown \
+	&& test "$dlopen_self" = unknown \
+	&& test "$dlopen_self_static" = unknown && \
+	  func_warning "\`LT_INIT([dlopen])' not used. Assuming no dlopen support."
+
+      case $host in
+      *-*-rhapsody* | *-*-darwin1.[012])
+	# On Rhapsody replace the C library is the System framework
+	compile_deplibs=`$ECHO " $compile_deplibs" | $SED 's/ -lc / System.ltframework /'`
+	finalize_deplibs=`$ECHO " $finalize_deplibs" | $SED 's/ -lc / System.ltframework /'`
+	;;
+      esac
+
+      case $host in
+      *-*-darwin*)
+	# Don't allow lazy linking, it breaks C++ global constructors
+	# But is supposedly fixed on 10.4 or later (yay!).
+	if test "$tagname" = CXX ; then
+	  case ${MACOSX_DEPLOYMENT_TARGET-10.0} in
+	    10.[0123])
+	      func_append compile_command " ${wl}-bind_at_load"
+	      func_append finalize_command " ${wl}-bind_at_load"
+	    ;;
+	  esac
+	fi
+	# Time to change all our "foo.ltframework" stuff back to "-framework foo"
+	compile_deplibs=`$ECHO " $compile_deplibs" | $SED 's% \([^ $]*\).ltframework% -framework \1%g'`
+	finalize_deplibs=`$ECHO " $finalize_deplibs" | $SED 's% \([^ $]*\).ltframework% -framework \1%g'`
+	;;
+      esac
+
+
+      # move library search paths that coincide with paths to not yet
+      # installed libraries to the beginning of the library search list
+      new_libs=
+      for path in $notinst_path; do
+	case " $new_libs " in
+	*" -L$path/$objdir "*) ;;
+	*)
+	  case " $compile_deplibs " in
+	  *" -L$path/$objdir "*)
+	    func_append new_libs " -L$path/$objdir" ;;
+	  esac
+	  ;;
+	esac
+      done
+      for deplib in $compile_deplibs; do
+	case $deplib in
+	-L*)
+	  case " $new_libs " in
+	  *" $deplib "*) ;;
+	  *) func_append new_libs " $deplib" ;;
+	  esac
+	  ;;
+	*) func_append new_libs " $deplib" ;;
+	esac
+      done
+      compile_deplibs="$new_libs"
+
+
+      func_append compile_command " $compile_deplibs"
+      func_append finalize_command " $finalize_deplibs"
+
+      if test -n "$rpath$xrpath"; then
+	# If the user specified any rpath flags, then add them.
+	for libdir in $rpath $xrpath; do
+	  # This is the magic to use -rpath.
+	  case "$finalize_rpath " in
+	  *" $libdir "*) ;;
+	  *) func_append finalize_rpath " $libdir" ;;
+	  esac
+	done
+      fi
+
+      # Now hardcode the library paths
+      rpath=
+      hardcode_libdirs=
+      for libdir in $compile_rpath $finalize_rpath; do
+	if test -n "$hardcode_libdir_flag_spec"; then
+	  if test -n "$hardcode_libdir_separator"; then
+	    if test -z "$hardcode_libdirs"; then
+	      hardcode_libdirs="$libdir"
+	    else
+	      # Just accumulate the unique libdirs.
+	      case $hardcode_libdir_separator$hardcode_libdirs$hardcode_libdir_separator in
+	      *"$hardcode_libdir_separator$libdir$hardcode_libdir_separator"*)
+		;;
+	      *)
+		func_append hardcode_libdirs "$hardcode_libdir_separator$libdir"
+		;;
+	      esac
+	    fi
+	  else
+	    eval flag=\"$hardcode_libdir_flag_spec\"
+	    func_append rpath " $flag"
+	  fi
+	elif test -n "$runpath_var"; then
+	  case "$perm_rpath " in
+	  *" $libdir "*) ;;
+	  *) func_append perm_rpath " $libdir" ;;
+	  esac
+	fi
+	case $host in
+	*-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-os2* | *-cegcc*)
+	  testbindir=`${ECHO} "$libdir" | ${SED} -e 's*/lib$*/bin*'`
+	  case :$dllsearchpath: in
+	  *":$libdir:"*) ;;
+	  ::) dllsearchpath=$libdir;;
+	  *) func_append dllsearchpath ":$libdir";;
+	  esac
+	  case :$dllsearchpath: in
+	  *":$testbindir:"*) ;;
+	  ::) dllsearchpath=$testbindir;;
+	  *) func_append dllsearchpath ":$testbindir";;
+	  esac
+	  ;;
+	esac
+      done
+      # Substitute the hardcoded libdirs into the rpath.
+      if test -n "$hardcode_libdir_separator" &&
+	 test -n "$hardcode_libdirs"; then
+	libdir="$hardcode_libdirs"
+	eval rpath=\" $hardcode_libdir_flag_spec\"
+      fi
+      compile_rpath="$rpath"
+
+      rpath=
+      hardcode_libdirs=
+      for libdir in $finalize_rpath; do
+	if test -n "$hardcode_libdir_flag_spec"; then
+	  if test -n "$hardcode_libdir_separator"; then
+	    if test -z "$hardcode_libdirs"; then
+	      hardcode_libdirs="$libdir"
+	    else
+	      # Just accumulate the unique libdirs.
+	      case $hardcode_libdir_separator$hardcode_libdirs$hardcode_libdir_separator in
+	      *"$hardcode_libdir_separator$libdir$hardcode_libdir_separator"*)
+		;;
+	      *)
+		func_append hardcode_libdirs "$hardcode_libdir_separator$libdir"
+		;;
+	      esac
+	    fi
+	  else
+	    eval flag=\"$hardcode_libdir_flag_spec\"
+	    func_append rpath " $flag"
+	  fi
+	elif test -n "$runpath_var"; then
+	  case "$finalize_perm_rpath " in
+	  *" $libdir "*) ;;
+	  *) func_append finalize_perm_rpath " $libdir" ;;
+	  esac
+	fi
+      done
+      # Substitute the hardcoded libdirs into the rpath.
+      if test -n "$hardcode_libdir_separator" &&
+	 test -n "$hardcode_libdirs"; then
+	libdir="$hardcode_libdirs"
+	eval rpath=\" $hardcode_libdir_flag_spec\"
+      fi
+      finalize_rpath="$rpath"
+
+      if test -n "$libobjs" && test "$build_old_libs" = yes; then
+	# Transform all the library objects into standard objects.
+	compile_command=`$ECHO "$compile_command" | $SP2NL | $SED "$lo2o" | $NL2SP`
+	finalize_command=`$ECHO "$finalize_command" | $SP2NL | $SED "$lo2o" | $NL2SP`
+      fi
+
+      func_generate_dlsyms "$outputname" "@PROGRAM@" "no"
+
+      # template prelinking step
+      if test -n "$prelink_cmds"; then
+	func_execute_cmds "$prelink_cmds" 'exit $?'
+      fi
+
+      wrappers_required=yes
+      case $host in
+      *cegcc* | *mingw32ce*)
+        # Disable wrappers for cegcc and mingw32ce hosts, we are cross compiling anyway.
+        wrappers_required=no
+        ;;
+      *cygwin* | *mingw* )
+        if test "$build_libtool_libs" != yes; then
+          wrappers_required=no
+        fi
+        ;;
+      *)
+        if test "$need_relink" = no || test "$build_libtool_libs" != yes; then
+          wrappers_required=no
+        fi
+        ;;
+      esac
+      if test "$wrappers_required" = no; then
+	# Replace the output file specification.
+	compile_command=`$ECHO "$compile_command" | $SED 's%@OUTPUT@%'"$output"'%g'`
+	link_command="$compile_command$compile_rpath"
+
+	# We have no uninstalled library dependencies, so finalize right now.
+	exit_status=0
+	func_show_eval "$link_command" 'exit_status=$?'
+
+	if test -n "$postlink_cmds"; then
+	  func_to_tool_file "$output"
+	  postlink_cmds=`func_echo_all "$postlink_cmds" | $SED -e 's%@OUTPUT@%'"$output"'%g' -e 's%@TOOL_OUTPUT@%'"$func_to_tool_file_result"'%g'`
+	  func_execute_cmds "$postlink_cmds" 'exit $?'
+	fi
+
+	# Delete the generated files.
+	if test -f "$output_objdir/${outputname}S.${objext}"; then
+	  func_show_eval '$RM "$output_objdir/${outputname}S.${objext}"'
+	fi
+
+	exit $exit_status
+      fi
+
+      if test -n "$compile_shlibpath$finalize_shlibpath"; then
+	compile_command="$shlibpath_var=\"$compile_shlibpath$finalize_shlibpath\$$shlibpath_var\" $compile_command"
+      fi
+      if test -n "$finalize_shlibpath"; then
+	finalize_command="$shlibpath_var=\"$finalize_shlibpath\$$shlibpath_var\" $finalize_command"
+      fi
+
+      compile_var=
+      finalize_var=
+      if test -n "$runpath_var"; then
+	if test -n "$perm_rpath"; then
+	  # We should set the runpath_var.
+	  rpath=
+	  for dir in $perm_rpath; do
+	    func_append rpath "$dir:"
+	  done
+	  compile_var="$runpath_var=\"$rpath\$$runpath_var\" "
+	fi
+	if test -n "$finalize_perm_rpath"; then
+	  # We should set the runpath_var.
+	  rpath=
+	  for dir in $finalize_perm_rpath; do
+	    func_append rpath "$dir:"
+	  done
+	  finalize_var="$runpath_var=\"$rpath\$$runpath_var\" "
+	fi
+      fi
+
+      if test "$no_install" = yes; then
+	# We don't need to create a wrapper script.
+	link_command="$compile_var$compile_command$compile_rpath"
+	# Replace the output file specification.
+	link_command=`$ECHO "$link_command" | $SED 's%@OUTPUT@%'"$output"'%g'`
+	# Delete the old output file.
+	$opt_dry_run || $RM $output
+	# Link the executable and exit
+	func_show_eval "$link_command" 'exit $?'
+
+	if test -n "$postlink_cmds"; then
+	  func_to_tool_file "$output"
+	  postlink_cmds=`func_echo_all "$postlink_cmds" | $SED -e 's%@OUTPUT@%'"$output"'%g' -e 's%@TOOL_OUTPUT@%'"$func_to_tool_file_result"'%g'`
+	  func_execute_cmds "$postlink_cmds" 'exit $?'
+	fi
+
+	exit $EXIT_SUCCESS
+      fi
+
+      if test "$hardcode_action" = relink; then
+	# Fast installation is not supported
+	link_command="$compile_var$compile_command$compile_rpath"
+	relink_command="$finalize_var$finalize_command$finalize_rpath"
+
+	func_warning "this platform does not like uninstalled shared libraries"
+	func_warning "\`$output' will be relinked during installation"
+      else
+	if test "$fast_install" != no; then
+	  link_command="$finalize_var$compile_command$finalize_rpath"
+	  if test "$fast_install" = yes; then
+	    relink_command=`$ECHO "$compile_var$compile_command$compile_rpath" | $SED 's%@OUTPUT@%\$progdir/\$file%g'`
+	  else
+	    # fast_install is set to needless
+	    relink_command=
+	  fi
+	else
+	  link_command="$compile_var$compile_command$compile_rpath"
+	  relink_command="$finalize_var$finalize_command$finalize_rpath"
+	fi
+      fi
+
+      # Replace the output file specification.
+      link_command=`$ECHO "$link_command" | $SED 's%@OUTPUT@%'"$output_objdir/$outputname"'%g'`
+
+      # Delete the old output files.
+      $opt_dry_run || $RM $output $output_objdir/$outputname $output_objdir/lt-$outputname
+
+      func_show_eval "$link_command" 'exit $?'
+
+      if test -n "$postlink_cmds"; then
+	func_to_tool_file "$output_objdir/$outputname"
+	postlink_cmds=`func_echo_all "$postlink_cmds" | $SED -e 's%@OUTPUT@%'"$output_objdir/$outputname"'%g' -e 's%@TOOL_OUTPUT@%'"$func_to_tool_file_result"'%g'`
+	func_execute_cmds "$postlink_cmds" 'exit $?'
+      fi
+
+      # Now create the wrapper script.
+      func_verbose "creating $output"
+
+      # Quote the relink command for shipping.
+      if test -n "$relink_command"; then
+	# Preserve any variables that may affect compiler behavior
+	for var in $variables_saved_for_relink; do
+	  if eval test -z \"\${$var+set}\"; then
+	    relink_command="{ test -z \"\${$var+set}\" || $lt_unset $var || { $var=; export $var; }; }; $relink_command"
+	  elif eval var_value=\$$var; test -z "$var_value"; then
+	    relink_command="$var=; export $var; $relink_command"
+	  else
+	    func_quote_for_eval "$var_value"
+	    relink_command="$var=$func_quote_for_eval_result; export $var; $relink_command"
+	  fi
+	done
+	relink_command="(cd `pwd`; $relink_command)"
+	relink_command=`$ECHO "$relink_command" | $SED "$sed_quote_subst"`
+      fi
+
+      # Only actually do things if not in dry run mode.
+      $opt_dry_run || {
+	# win32 will think the script is a binary if it has
+	# a .exe suffix, so we strip it off here.
+	case $output in
+	  *.exe) func_stripname '' '.exe' "$output"
+	         output=$func_stripname_result ;;
+	esac
+	# test for cygwin because mv fails w/o .exe extensions
+	case $host in
+	  *cygwin*)
+	    exeext=.exe
+	    func_stripname '' '.exe' "$outputname"
+	    outputname=$func_stripname_result ;;
+	  *) exeext= ;;
+	esac
+	case $host in
+	  *cygwin* | *mingw* )
+	    func_dirname_and_basename "$output" "" "."
+	    output_name=$func_basename_result
+	    output_path=$func_dirname_result
+	    cwrappersource="$output_path/$objdir/lt-$output_name.c"
+	    cwrapper="$output_path/$output_name.exe"
+	    $RM $cwrappersource $cwrapper
+	    trap "$RM $cwrappersource $cwrapper; exit $EXIT_FAILURE" 1 2 15
+
+	    func_emit_cwrapperexe_src > $cwrappersource
+
+	    # The wrapper executable is built using the $host compiler,
+	    # because it contains $host paths and files. If cross-
+	    # compiling, it, like the target executable, must be
+	    # executed on the $host or under an emulation environment.
+	    $opt_dry_run || {
+	      $LTCC $LTCFLAGS -o $cwrapper $cwrappersource
+	      $STRIP $cwrapper
+	    }
+
+	    # Now, create the wrapper script for func_source use:
+	    func_ltwrapper_scriptname $cwrapper
+	    $RM $func_ltwrapper_scriptname_result
+	    trap "$RM $func_ltwrapper_scriptname_result; exit $EXIT_FAILURE" 1 2 15
+	    $opt_dry_run || {
+	      # note: this script will not be executed, so do not chmod.
+	      if test "x$build" = "x$host" ; then
+		$cwrapper --lt-dump-script > $func_ltwrapper_scriptname_result
+	      else
+		func_emit_wrapper no > $func_ltwrapper_scriptname_result
+	      fi
+	    }
+	  ;;
+	  * )
+	    $RM $output
+	    trap "$RM $output; exit $EXIT_FAILURE" 1 2 15
+
+	    func_emit_wrapper no > $output
+	    chmod +x $output
+	  ;;
+	esac
+      }
+      exit $EXIT_SUCCESS
+      ;;
+    esac
+
+    # See if we need to build an old-fashioned archive.
+    for oldlib in $oldlibs; do
+
+      if test "$build_libtool_libs" = convenience; then
+	oldobjs="$libobjs_save $symfileobj"
+	addlibs="$convenience"
+	build_libtool_libs=no
+      else
+	if test "$build_libtool_libs" = module; then
+	  oldobjs="$libobjs_save"
+	  build_libtool_libs=no
+	else
+	  oldobjs="$old_deplibs $non_pic_objects"
+	  if test "$preload" = yes && test -f "$symfileobj"; then
+	    func_append oldobjs " $symfileobj"
+	  fi
+	fi
+	addlibs="$old_convenience"
+      fi
+
+      if test -n "$addlibs"; then
+	gentop="$output_objdir/${outputname}x"
+	func_append generated " $gentop"
+
+	func_extract_archives $gentop $addlibs
+	func_append oldobjs " $func_extract_archives_result"
+      fi
+
+      # Do each command in the archive commands.
+      if test -n "$old_archive_from_new_cmds" && test "$build_libtool_libs" = yes; then
+	cmds=$old_archive_from_new_cmds
+      else
+
+	# Add any objects from preloaded convenience libraries
+	if test -n "$dlprefiles"; then
+	  gentop="$output_objdir/${outputname}x"
+	  func_append generated " $gentop"
+
+	  func_extract_archives $gentop $dlprefiles
+	  func_append oldobjs " $func_extract_archives_result"
+	fi
+
+	# POSIX demands no paths to be encoded in archives.  We have
+	# to avoid creating archives with duplicate basenames if we
+	# might have to extract them afterwards, e.g., when creating a
+	# static archive out of a convenience library, or when linking
+	# the entirety of a libtool archive into another (currently
+	# not supported by libtool).
+	if (for obj in $oldobjs
+	    do
+	      func_basename "$obj"
+	      $ECHO "$func_basename_result"
+	    done | sort | sort -uc >/dev/null 2>&1); then
+	  :
+	else
+	  echo "copying selected object files to avoid basename conflicts..."
+	  gentop="$output_objdir/${outputname}x"
+	  func_append generated " $gentop"
+	  func_mkdir_p "$gentop"
+	  save_oldobjs=$oldobjs
+	  oldobjs=
+	  counter=1
+	  for obj in $save_oldobjs
+	  do
+	    func_basename "$obj"
+	    objbase="$func_basename_result"
+	    case " $oldobjs " in
+	    " ") oldobjs=$obj ;;
+	    *[\ /]"$objbase "*)
+	      while :; do
+		# Make sure we don't pick an alternate name that also
+		# overlaps.
+		newobj=lt$counter-$objbase
+		func_arith $counter + 1
+		counter=$func_arith_result
+		case " $oldobjs " in
+		*[\ /]"$newobj "*) ;;
+		*) if test ! -f "$gentop/$newobj"; then break; fi ;;
+		esac
+	      done
+	      func_show_eval "ln $obj $gentop/$newobj || cp $obj $gentop/$newobj"
+	      func_append oldobjs " $gentop/$newobj"
+	      ;;
+	    *) func_append oldobjs " $obj" ;;
+	    esac
+	  done
+	fi
+	func_to_tool_file "$oldlib" func_convert_file_msys_to_w32
+	tool_oldlib=$func_to_tool_file_result
+	eval cmds=\"$old_archive_cmds\"
+
+	func_len " $cmds"
+	len=$func_len_result
+	if test "$len" -lt "$max_cmd_len" || test "$max_cmd_len" -le -1; then
+	  cmds=$old_archive_cmds
+	elif test -n "$archiver_list_spec"; then
+	  func_verbose "using command file archive linking..."
+	  for obj in $oldobjs
+	  do
+	    func_to_tool_file "$obj"
+	    $ECHO "$func_to_tool_file_result"
+	  done > $output_objdir/$libname.libcmd
+	  func_to_tool_file "$output_objdir/$libname.libcmd"
+	  oldobjs=" $archiver_list_spec$func_to_tool_file_result"
+	  cmds=$old_archive_cmds
+	else
+	  # the command line is too long to link in one step, link in parts
+	  func_verbose "using piecewise archive linking..."
+	  save_RANLIB=$RANLIB
+	  RANLIB=:
+	  objlist=
+	  concat_cmds=
+	  save_oldobjs=$oldobjs
+	  oldobjs=
+	  # Is there a better way of finding the last object in the list?
+	  for obj in $save_oldobjs
+	  do
+	    last_oldobj=$obj
+	  done
+	  eval test_cmds=\"$old_archive_cmds\"
+	  func_len " $test_cmds"
+	  len0=$func_len_result
+	  len=$len0
+	  for obj in $save_oldobjs
+	  do
+	    func_len " $obj"
+	    func_arith $len + $func_len_result
+	    len=$func_arith_result
+	    func_append objlist " $obj"
+	    if test "$len" -lt "$max_cmd_len"; then
+	      :
+	    else
+	      # the above command should be used before it gets too long
+	      oldobjs=$objlist
+	      if test "$obj" = "$last_oldobj" ; then
+		RANLIB=$save_RANLIB
+	      fi
+	      test -z "$concat_cmds" || concat_cmds=$concat_cmds~
+	      eval concat_cmds=\"\${concat_cmds}$old_archive_cmds\"
+	      objlist=
+	      len=$len0
+	    fi
+	  done
+	  RANLIB=$save_RANLIB
+	  oldobjs=$objlist
+	  if test "X$oldobjs" = "X" ; then
+	    eval cmds=\"\$concat_cmds\"
+	  else
+	    eval cmds=\"\$concat_cmds~\$old_archive_cmds\"
+	  fi
+	fi
+      fi
+      func_execute_cmds "$cmds" 'exit $?'
+    done
+
+    test -n "$generated" && \
+      func_show_eval "${RM}r$generated"
+
+    # Now create the libtool archive.
+    case $output in
+    *.la)
+      old_library=
+      test "$build_old_libs" = yes && old_library="$libname.$libext"
+      func_verbose "creating $output"
+
+      # Preserve any variables that may affect compiler behavior
+      for var in $variables_saved_for_relink; do
+	if eval test -z \"\${$var+set}\"; then
+	  relink_command="{ test -z \"\${$var+set}\" || $lt_unset $var || { $var=; export $var; }; }; $relink_command"
+	elif eval var_value=\$$var; test -z "$var_value"; then
+	  relink_command="$var=; export $var; $relink_command"
+	else
+	  func_quote_for_eval "$var_value"
+	  relink_command="$var=$func_quote_for_eval_result; export $var; $relink_command"
+	fi
+      done
+      # Quote the link command for shipping.
+      relink_command="(cd `pwd`; $SHELL $progpath $preserve_args --mode=relink $libtool_args @inst_prefix_dir@)"
+      relink_command=`$ECHO "$relink_command" | $SED "$sed_quote_subst"`
+      if test "$hardcode_automatic" = yes ; then
+	relink_command=
+      fi
+
+      # Only create the output if not a dry run.
+      $opt_dry_run || {
+	for installed in no yes; do
+	  if test "$installed" = yes; then
+	    if test -z "$install_libdir"; then
+	      break
+	    fi
+	    output="$output_objdir/$outputname"i
+	    # Replace all uninstalled libtool libraries with the installed ones
+	    newdependency_libs=
+	    for deplib in $dependency_libs; do
+	      case $deplib in
+	      *.la)
+		func_basename "$deplib"
+		name="$func_basename_result"
+		func_resolve_sysroot "$deplib"
+		eval libdir=`${SED} -n -e 's/^libdir=\(.*\)$/\1/p' $func_resolve_sysroot_result`
+		test -z "$libdir" && \
+		  func_fatal_error "\`$deplib' is not a valid libtool archive"
+		func_append newdependency_libs " ${lt_sysroot:+=}$libdir/$name"
+		;;
+	      -L*)
+		func_stripname -L '' "$deplib"
+		func_replace_sysroot "$func_stripname_result"
+		func_append newdependency_libs " -L$func_replace_sysroot_result"
+		;;
+	      -R*)
+		func_stripname -R '' "$deplib"
+		func_replace_sysroot "$func_stripname_result"
+		func_append newdependency_libs " -R$func_replace_sysroot_result"
+		;;
+	      *) func_append newdependency_libs " $deplib" ;;
+	      esac
+	    done
+	    dependency_libs="$newdependency_libs"
+	    newdlfiles=
+
+	    for lib in $dlfiles; do
+	      case $lib in
+	      *.la)
+	        func_basename "$lib"
+		name="$func_basename_result"
+		eval libdir=`${SED} -n -e 's/^libdir=\(.*\)$/\1/p' $lib`
+		test -z "$libdir" && \
+		  func_fatal_error "\`$lib' is not a valid libtool archive"
+		func_append newdlfiles " ${lt_sysroot:+=}$libdir/$name"
+		;;
+	      *) func_append newdlfiles " $lib" ;;
+	      esac
+	    done
+	    dlfiles="$newdlfiles"
+	    newdlprefiles=
+	    for lib in $dlprefiles; do
+	      case $lib in
+	      *.la)
+		# Only pass preopened files to the pseudo-archive (for
+		# eventual linking with the app. that links it) if we
+		# didn't already link the preopened objects directly into
+		# the library:
+		func_basename "$lib"
+		name="$func_basename_result"
+		eval libdir=`${SED} -n -e 's/^libdir=\(.*\)$/\1/p' $lib`
+		test -z "$libdir" && \
+		  func_fatal_error "\`$lib' is not a valid libtool archive"
+		func_append newdlprefiles " ${lt_sysroot:+=}$libdir/$name"
+		;;
+	      esac
+	    done
+	    dlprefiles="$newdlprefiles"
+	  else
+	    newdlfiles=
+	    for lib in $dlfiles; do
+	      case $lib in
+		[\\/]* | [A-Za-z]:[\\/]*) abs="$lib" ;;
+		*) abs=`pwd`"/$lib" ;;
+	      esac
+	      func_append newdlfiles " $abs"
+	    done
+	    dlfiles="$newdlfiles"
+	    newdlprefiles=
+	    for lib in $dlprefiles; do
+	      case $lib in
+		[\\/]* | [A-Za-z]:[\\/]*) abs="$lib" ;;
+		*) abs=`pwd`"/$lib" ;;
+	      esac
+	      func_append newdlprefiles " $abs"
+	    done
+	    dlprefiles="$newdlprefiles"
+	  fi
+	  $RM $output
+	  # place dlname in correct position for cygwin
+	  # In fact, it would be nice if we could use this code for all target
+	  # systems that can't hard-code library paths into their executables
+	  # and that have no shared library path variable independent of PATH,
+	  # but it turns out we can't easily determine that from inspecting
+	  # libtool variables, so we have to hard-code the OSs to which it
+	  # applies here; at the moment, that means platforms that use the PE
+	  # object format with DLL files.  See the long comment at the top of
+	  # tests/bindir.at for full details.
+	  tdlname=$dlname
+	  case $host,$output,$installed,$module,$dlname in
+	    *cygwin*,*lai,yes,no,*.dll | *mingw*,*lai,yes,no,*.dll | *cegcc*,*lai,yes,no,*.dll)
+	      # If a -bindir argument was supplied, place the dll there.
+	      if test "x$bindir" != x ;
+	      then
+		func_relative_path "$install_libdir" "$bindir"
+		tdlname=$func_relative_path_result$dlname
+	      else
+		# Otherwise fall back on heuristic.
+		tdlname=../bin/$dlname
+	      fi
+	      ;;
+	  esac
+	  $ECHO > $output "\
+# $outputname - a libtool library file
+# Generated by $PROGRAM (GNU $PACKAGE$TIMESTAMP) $VERSION
+#
+# Please DO NOT delete this file!
+# It is necessary for linking the library.
+
+# The name that we can dlopen(3).
+dlname='$tdlname'
+
+# Names of this library.
+library_names='$library_names'
+
+# The name of the static archive.
+old_library='$old_library'
+
+# Linker flags that can not go in dependency_libs.
+inherited_linker_flags='$new_inherited_linker_flags'
+
+# Libraries that this one depends upon.
+dependency_libs='$dependency_libs'
+
+# Names of additional weak libraries provided by this library
+weak_library_names='$weak_libs'
+
+# Version information for $libname.
+current=$current
+age=$age
+revision=$revision
+
+# Is this an already installed library?
+installed=$installed
+
+# Should we warn about portability when linking against -modules?
+shouldnotlink=$module
+
+# Files to dlopen/dlpreopen
+dlopen='$dlfiles'
+dlpreopen='$dlprefiles'
+
+# Directory that this library needs to be installed in:
+libdir='$install_libdir'"
+	  if test "$installed" = no && test "$need_relink" = yes; then
+	    $ECHO >> $output "\
+relink_command=\"$relink_command\""
+	  fi
+	done
+      }
+
+      # Do a symbolic link so that the libtool archive can be found in
+      # LD_LIBRARY_PATH before the program is installed.
+      func_show_eval '( cd "$output_objdir" && $RM "$outputname" && $LN_S "../$outputname" "$outputname" )' 'exit $?'
+      ;;
+    esac
+    exit $EXIT_SUCCESS
+}
+
+{ test "$opt_mode" = link || test "$opt_mode" = relink; } &&
+    func_mode_link ${1+"$@"}
+
+
+# func_mode_uninstall arg...
+func_mode_uninstall ()
+{
+    $opt_debug
+    RM="$nonopt"
+    files=
+    rmforce=
+    exit_status=0
+
+    # This variable tells wrapper scripts just to set variables rather
+    # than running their programs.
+    libtool_install_magic="$magic"
+
+    for arg
+    do
+      case $arg in
+      -f) func_append RM " $arg"; rmforce=yes ;;
+      -*) func_append RM " $arg" ;;
+      *) func_append files " $arg" ;;
+      esac
+    done
+
+    test -z "$RM" && \
+      func_fatal_help "you must specify an RM program"
+
+    rmdirs=
+
+    for file in $files; do
+      func_dirname "$file" "" "."
+      dir="$func_dirname_result"
+      if test "X$dir" = X.; then
+	odir="$objdir"
+      else
+	odir="$dir/$objdir"
+      fi
+      func_basename "$file"
+      name="$func_basename_result"
+      test "$opt_mode" = uninstall && odir="$dir"
+
+      # Remember odir for removal later, being careful to avoid duplicates
+      if test "$opt_mode" = clean; then
+	case " $rmdirs " in
+	  *" $odir "*) ;;
+	  *) func_append rmdirs " $odir" ;;
+	esac
+      fi
+
+      # Don't error if the file doesn't exist and rm -f was used.
+      if { test -L "$file"; } >/dev/null 2>&1 ||
+	 { test -h "$file"; } >/dev/null 2>&1 ||
+	 test -f "$file"; then
+	:
+      elif test -d "$file"; then
+	exit_status=1
+	continue
+      elif test "$rmforce" = yes; then
+	continue
+      fi
+
+      rmfiles="$file"
+
+      case $name in
+      *.la)
+	# Possibly a libtool archive, so verify it.
+	if func_lalib_p "$file"; then
+	  func_source $dir/$name
+
+	  # Delete the libtool libraries and symlinks.
+	  for n in $library_names; do
+	    func_append rmfiles " $odir/$n"
+	  done
+	  test -n "$old_library" && func_append rmfiles " $odir/$old_library"
+
+	  case "$opt_mode" in
+	  clean)
+	    case " $library_names " in
+	    *" $dlname "*) ;;
+	    *) test -n "$dlname" && func_append rmfiles " $odir/$dlname" ;;
+	    esac
+	    test -n "$libdir" && func_append rmfiles " $odir/$name $odir/${name}i"
+	    ;;
+	  uninstall)
+	    if test -n "$library_names"; then
+	      # Do each command in the postuninstall commands.
+	      func_execute_cmds "$postuninstall_cmds" 'test "$rmforce" = yes || exit_status=1'
+	    fi
+
+	    if test -n "$old_library"; then
+	      # Do each command in the old_postuninstall commands.
+	      func_execute_cmds "$old_postuninstall_cmds" 'test "$rmforce" = yes || exit_status=1'
+	    fi
+	    # FIXME: should reinstall the best remaining shared library.
+	    ;;
+	  esac
+	fi
+	;;
+
+      *.lo)
+	# Possibly a libtool object, so verify it.
+	if func_lalib_p "$file"; then
+
+	  # Read the .lo file
+	  func_source $dir/$name
+
+	  # Add PIC object to the list of files to remove.
+	  if test -n "$pic_object" &&
+	     test "$pic_object" != none; then
+	    func_append rmfiles " $dir/$pic_object"
+	  fi
+
+	  # Add non-PIC object to the list of files to remove.
+	  if test -n "$non_pic_object" &&
+	     test "$non_pic_object" != none; then
+	    func_append rmfiles " $dir/$non_pic_object"
+	  fi
+	fi
+	;;
+
+      *)
+	if test "$opt_mode" = clean ; then
+	  noexename=$name
+	  case $file in
+	  *.exe)
+	    func_stripname '' '.exe' "$file"
+	    file=$func_stripname_result
+	    func_stripname '' '.exe' "$name"
+	    noexename=$func_stripname_result
+	    # $file with .exe has already been added to rmfiles,
+	    # add $file without .exe
+	    func_append rmfiles " $file"
+	    ;;
+	  esac
+	  # Do a test to see if this is a libtool program.
+	  if func_ltwrapper_p "$file"; then
+	    if func_ltwrapper_executable_p "$file"; then
+	      func_ltwrapper_scriptname "$file"
+	      relink_command=
+	      func_source $func_ltwrapper_scriptname_result
+	      func_append rmfiles " $func_ltwrapper_scriptname_result"
+	    else
+	      relink_command=
+	      func_source $dir/$noexename
+	    fi
+
+	    # note $name still contains .exe if it was in $file originally
+	    # as does the version of $file that was added into $rmfiles
+	    func_append rmfiles " $odir/$name $odir/${name}S.${objext}"
+	    if test "$fast_install" = yes && test -n "$relink_command"; then
+	      func_append rmfiles " $odir/lt-$name"
+	    fi
+	    if test "X$noexename" != "X$name" ; then
+	      func_append rmfiles " $odir/lt-${noexename}.c"
+	    fi
+	  fi
+	fi
+	;;
+      esac
+      func_show_eval "$RM $rmfiles" 'exit_status=1'
+    done
+
+    # Try to remove the ${objdir}s in the directories where we deleted files
+    for dir in $rmdirs; do
+      if test -d "$dir"; then
+	func_show_eval "rmdir $dir >/dev/null 2>&1"
+      fi
+    done
+
+    exit $exit_status
+}
+
+{ test "$opt_mode" = uninstall || test "$opt_mode" = clean; } &&
+    func_mode_uninstall ${1+"$@"}
+
+test -z "$opt_mode" && {
+  help="$generic_help"
+  func_fatal_help "you must specify a MODE"
+}
+
+test -z "$exec_cmd" && \
+  func_fatal_help "invalid operation mode \`$opt_mode'"
+
+if test -n "$exec_cmd"; then
+  eval exec "$exec_cmd"
+  exit $EXIT_FAILURE
+fi
+
+exit $exit_status
+
+
+# The TAGs below are defined such that we never get into a situation
+# in which we disable both kinds of libraries.  Given conflicting
+# choices, we go for a static library, that is the most portable,
+# since we can't tell whether shared libraries were disabled because
+# the user asked for that or because the platform doesn't support
+# them.  This is particularly important on AIX, because we don't
+# support having both static and shared libraries enabled at the same
+# time on that platform, so we default to a shared-only configuration.
+# If a disable-shared tag is given, we'll fallback to a static-only
+# configuration.  But we'll never go from static-only to shared-only.
+
+# ### BEGIN LIBTOOL TAG CONFIG: disable-shared
+build_libtool_libs=no
+build_old_libs=yes
+# ### END LIBTOOL TAG CONFIG: disable-shared
+
+# ### BEGIN LIBTOOL TAG CONFIG: disable-static
+build_old_libs=`case $build_libtool_libs in yes) echo no;; *) echo yes;; esac`
+# ### END LIBTOOL TAG CONFIG: disable-static
+
+# Local Variables:
+# mode:shell-script
+# sh-indentation:2
+# End:
+# vi:sw=2
+
diff --git a/3P/wolfssl/build-aux/missing b/3P/wolfssl/build-aux/missing
new file mode 100755
index 00000000..db98974f
--- /dev/null
+++ b/3P/wolfssl/build-aux/missing
@@ -0,0 +1,215 @@
+#! /bin/sh
+# Common wrapper for a few potentially missing GNU programs.
+
+scriptversion=2013-10-28.13; # UTC
+
+# Copyright (C) 1996-2013 Free Software Foundation, Inc.
+# Originally written by Fran,cois Pinard , 1996.
+
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2, or (at your option)
+# any later version.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see .
+
+# As a special exception to the GNU General Public License, if you
+# distribute this file as part of a program that contains a
+# configuration script generated by Autoconf, you may include it under
+# the same distribution terms that you use for the rest of that program.
+
+if test $# -eq 0; then
+  echo 1>&2 "Try '$0 --help' for more information"
+  exit 1
+fi
+
+case $1 in
+
+  --is-lightweight)
+    # Used by our autoconf macros to check whether the available missing
+    # script is modern enough.
+    exit 0
+    ;;
+
+  --run)
+    # Back-compat with the calling convention used by older automake.
+    shift
+    ;;
+
+  -h|--h|--he|--hel|--help)
+    echo "\
+$0 [OPTION]... PROGRAM [ARGUMENT]...
+
+Run 'PROGRAM [ARGUMENT]...', returning a proper advice when this fails due
+to PROGRAM being missing or too old.
+
+Options:
+  -h, --help      display this help and exit
+  -v, --version   output version information and exit
+
+Supported PROGRAM values:
+  aclocal   autoconf  autoheader   autom4te  automake  makeinfo
+  bison     yacc      flex         lex       help2man
+
+Version suffixes to PROGRAM as well as the prefixes 'gnu-', 'gnu', and
+'g' are ignored when checking the name.
+
+Send bug reports to ."
+    exit $?
+    ;;
+
+  -v|--v|--ve|--ver|--vers|--versi|--versio|--version)
+    echo "missing $scriptversion (GNU Automake)"
+    exit $?
+    ;;
+
+  -*)
+    echo 1>&2 "$0: unknown '$1' option"
+    echo 1>&2 "Try '$0 --help' for more information"
+    exit 1
+    ;;
+
+esac
+
+# Run the given program, remember its exit status.
+"$@"; st=$?
+
+# If it succeeded, we are done.
+test $st -eq 0 && exit 0
+
+# Also exit now if we it failed (or wasn't found), and '--version' was
+# passed; such an option is passed most likely to detect whether the
+# program is present and works.
+case $2 in --version|--help) exit $st;; esac
+
+# Exit code 63 means version mismatch.  This often happens when the user
+# tries to use an ancient version of a tool on a file that requires a
+# minimum version.
+if test $st -eq 63; then
+  msg="probably too old"
+elif test $st -eq 127; then
+  # Program was missing.
+  msg="missing on your system"
+else
+  # Program was found and executed, but failed.  Give up.
+  exit $st
+fi
+
+perl_URL=http://www.perl.org/
+flex_URL=http://flex.sourceforge.net/
+gnu_software_URL=http://www.gnu.org/software
+
+program_details ()
+{
+  case $1 in
+    aclocal|automake)
+      echo "The '$1' program is part of the GNU Automake package:"
+      echo "<$gnu_software_URL/automake>"
+      echo "It also requires GNU Autoconf, GNU m4 and Perl in order to run:"
+      echo "<$gnu_software_URL/autoconf>"
+      echo "<$gnu_software_URL/m4/>"
+      echo "<$perl_URL>"
+      ;;
+    autoconf|autom4te|autoheader)
+      echo "The '$1' program is part of the GNU Autoconf package:"
+      echo "<$gnu_software_URL/autoconf/>"
+      echo "It also requires GNU m4 and Perl in order to run:"
+      echo "<$gnu_software_URL/m4/>"
+      echo "<$perl_URL>"
+      ;;
+  esac
+}
+
+give_advice ()
+{
+  # Normalize program name to check for.
+  normalized_program=`echo "$1" | sed '
+    s/^gnu-//; t
+    s/^gnu//; t
+    s/^g//; t'`
+
+  printf '%s\n' "'$1' is $msg."
+
+  configure_deps="'configure.ac' or m4 files included by 'configure.ac'"
+  case $normalized_program in
+    autoconf*)
+      echo "You should only need it if you modified 'configure.ac',"
+      echo "or m4 files included by it."
+      program_details 'autoconf'
+      ;;
+    autoheader*)
+      echo "You should only need it if you modified 'acconfig.h' or"
+      echo "$configure_deps."
+      program_details 'autoheader'
+      ;;
+    automake*)
+      echo "You should only need it if you modified 'Makefile.am' or"
+      echo "$configure_deps."
+      program_details 'automake'
+      ;;
+    aclocal*)
+      echo "You should only need it if you modified 'acinclude.m4' or"
+      echo "$configure_deps."
+      program_details 'aclocal'
+      ;;
+   autom4te*)
+      echo "You might have modified some maintainer files that require"
+      echo "the 'autom4te' program to be rebuilt."
+      program_details 'autom4te'
+      ;;
+    bison*|yacc*)
+      echo "You should only need it if you modified a '.y' file."
+      echo "You may want to install the GNU Bison package:"
+      echo "<$gnu_software_URL/bison/>"
+      ;;
+    lex*|flex*)
+      echo "You should only need it if you modified a '.l' file."
+      echo "You may want to install the Fast Lexical Analyzer package:"
+      echo "<$flex_URL>"
+      ;;
+    help2man*)
+      echo "You should only need it if you modified a dependency" \
+           "of a man page."
+      echo "You may want to install the GNU Help2man package:"
+      echo "<$gnu_software_URL/help2man/>"
+    ;;
+    makeinfo*)
+      echo "You should only need it if you modified a '.texi' file, or"
+      echo "any other file indirectly affecting the aspect of the manual."
+      echo "You might want to install the Texinfo package:"
+      echo "<$gnu_software_URL/texinfo/>"
+      echo "The spurious makeinfo call might also be the consequence of"
+      echo "using a buggy 'make' (AIX, DU, IRIX), in which case you might"
+      echo "want to install GNU make:"
+      echo "<$gnu_software_URL/make/>"
+      ;;
+    *)
+      echo "You might have modified some files without having the proper"
+      echo "tools for further handling them.  Check the 'README' file, it"
+      echo "often tells you about the needed prerequisites for installing"
+      echo "this package.  You may also peek at any GNU archive site, in"
+      echo "case some other package contains this missing '$1' program."
+      ;;
+  esac
+}
+
+give_advice "$1" | sed -e '1s/^/WARNING: /' \
+                       -e '2,$s/^/         /' >&2
+
+# Propagate the correct exit status (expected to be 127 for a program
+# not found, 63 for a program that failed due to version mismatch).
+exit $st
+
+# Local variables:
+# eval: (add-hook 'write-file-hooks 'time-stamp)
+# time-stamp-start: "scriptversion="
+# time-stamp-format: "%:y-%02m-%02d.%02H"
+# time-stamp-time-zone: "UTC"
+# time-stamp-end: "; # UTC"
+# End:
diff --git a/3P/wolfssl/build-aux/test-driver b/3P/wolfssl/build-aux/test-driver
new file mode 100755
index 00000000..d3060566
--- /dev/null
+++ b/3P/wolfssl/build-aux/test-driver
@@ -0,0 +1,139 @@
+#! /bin/sh
+# test-driver - basic testsuite driver script.
+
+scriptversion=2013-07-13.22; # UTC
+
+# Copyright (C) 2011-2013 Free Software Foundation, Inc.
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2, or (at your option)
+# any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see .
+
+# As a special exception to the GNU General Public License, if you
+# distribute this file as part of a program that contains a
+# configuration script generated by Autoconf, you may include it under
+# the same distribution terms that you use for the rest of that program.
+
+# This file is maintained in Automake, please report
+# bugs to  or send patches to
+# .
+
+# Make unconditional expansion of undefined variables an error.  This
+# helps a lot in preventing typo-related bugs.
+set -u
+
+usage_error ()
+{
+  echo "$0: $*" >&2
+  print_usage >&2
+  exit 2
+}
+
+print_usage ()
+{
+  cat <$log_file 2>&1
+estatus=$?
+if test $enable_hard_errors = no && test $estatus -eq 99; then
+  estatus=1
+fi
+
+case $estatus:$expect_failure in
+  0:yes) col=$red res=XPASS recheck=yes gcopy=yes;;
+  0:*)   col=$grn res=PASS  recheck=no  gcopy=no;;
+  77:*)  col=$blu res=SKIP  recheck=no  gcopy=yes;;
+  99:*)  col=$mgn res=ERROR recheck=yes gcopy=yes;;
+  *:yes) col=$lgn res=XFAIL recheck=no  gcopy=yes;;
+  *:*)   col=$red res=FAIL  recheck=yes gcopy=yes;;
+esac
+
+# Report outcome to console.
+echo "${col}${res}${std}: $test_name"
+
+# Register the test result, and other relevant metadata.
+echo ":test-result: $res" > $trs_file
+echo ":global-test-result: $res" >> $trs_file
+echo ":recheck: $recheck" >> $trs_file
+echo ":copy-in-global-log: $gcopy" >> $trs_file
+
+# Local Variables:
+# mode: shell-script
+# sh-indentation: 2
+# eval: (add-hook 'write-file-hooks 'time-stamp)
+# time-stamp-start: "scriptversion="
+# time-stamp-format: "%:y-%02m-%02d.%02H"
+# time-stamp-time-zone: "UTC"
+# time-stamp-end: "; # UTC"
+# End:
diff --git a/3P/wolfssl/builders/cmake/CMakeLists.txt b/3P/wolfssl/builders/cmake/CMakeLists.txt
new file mode 100644
index 00000000..ff85a8b9
--- /dev/null
+++ b/3P/wolfssl/builders/cmake/CMakeLists.txt
@@ -0,0 +1,45 @@
+cmake_minimum_required(VERSION 2.8.11)
+
+project(libwolfssl)
+
+
+include (libwolfssl)
+
+include_directories(../../src/
+					../../)
+
+ADD_DEFINITIONS(-fvisibility=hidden -fvisibility=hidden)
+
+ADD_DEFINITIONS(-Wall -Wno-unused -O2 -fomit-frame-pointer -Wno-pragmas -Wall -Wno-strict-aliasing -Wextra -Wunknown-pragmas --param=ssp-buffer-size=1 -Waddress -Warray-bounds -Wbad-function-cast -Wchar-subscripts -Wcomment -Wfloat-equal -Wformat-security -Wformat=2 -Wmaybe-uninitialized -Wmissing-field-initializers -Wmissing-noreturn -Wmissing-prototypes -Wnested-externs -Wnormalized=id -Woverride-init -Wpointer-arith -Wpointer-sign -Wredundant-decls -Wshadow -Wsign-compare -Wstrict-overflow=1 -Wswitch-enum -Wundef -Wunused -Wunused-result -Wunused-variable -Wwrite-strings -fwrapv -fPIE)
+
+file(
+	GLOB_RECURSE
+	source_files
+	../../wolfcrypt/src/hmac.c
+	../../wolfcrypt/src/sha256.c
+	../../wolfcrypt/src/random.c
+	../../wolfcrypt/src/rsa.c
+	../../wolfcrypt/src/aes.c
+	../../wolfcrypt/src/des3.c	
+	../../wolfcrypt/src/sha.c
+	../../wolfcrypt/src/logging.c
+	../../wolfcrypt/src/wc_port.c
+	../../wolfcrypt/src/error.c
+	../../wolfcrypt/src/memory.c
+	../../wolfcrypt/src/asn.c
+	../../wolfcrypt/src/coding.c
+	../../wolfcrypt/src/arc4.c
+	../../wolfcrypt/src/md5.c
+	../../wolfcrypt/src/tfm.c
+	../../src/internal.c
+	../../src/io.c
+	../../src/keys.c
+	../../src/ssl.c
+	../../src/tls.c
+)
+
+add_library(
+        wolfssl
+        STATIC
+        ${source_files}
+)
diff --git a/3P/wolfssl/certs/1024/client-cert.der b/3P/wolfssl/certs/1024/client-cert.der
new file mode 100644
index 0000000000000000000000000000000000000000..d7bf4ed87bd135f346bc1fba664e3cf9b2cdcc6c
GIT binary patch
literal 937
zcmXqLVqR*{#LTyVnTe5!iId^Q|C8)HzIy~2@Un4gwRyCC=VfGMWo0mEoMOmrz{$oO
z%EBhh6dG(OV893BaPYAE=I50p<|V>J*m>BU@~cvF6Z2pqTs-XM`8jF9!9Io}20|cR
z+&tU?MfvGPiMhF%dFh4{24WylW*+|X@^U?p+T!9Iz2y8{LwN&PxHC8z#RM|*(()aU
z6d1^f^BS5O7#Wxvm>C-z8$?LZud|n*<
z>y@u9|GsP8w+Ts4Q{-N2+oYekqt5VcVn*spCT2zk#>I_)3>tp|L!UWRmXAe@MWiv4
z|Hu8i=S?)Prk57B9xoNhjC^CzcoHP9%+h$!pmARVRy7M7XDw-*K1k!C2`RnvfV?8i
z!fL?G$oL;Qc7Um$85k`E`+nPK#s=@2w&!$R(@LH9@2o$(_`+Bb5Ev@$KKo9Tz%$F1
zSqpWU&ukWZX{0vYmjBI3e?bnz#WM2dml;@`&YUz6v3mIF=RUptDeiV|Q#qGf`*>9=
y^Vx(jUJ3mb{2?_j!~4wR=J>eQVK##PtF3-_CA*CgrMzM~s5s0yq6B8N_xJOv+D!ruyIzfH
zNZfbHC=Md&YosQ+Oz6S=N^dJ4?~1PWkYeRz9_uSSXUNgYIlC8Ase&J93(G3CT?&6|QdSP6zZW?$SfknvB|+ZEm3*E^MyF&HrpUZd8c8gXuc
zNE}Pg+m3pMVKUtNRlyc*Cz2#Zi}AQfu}dAS-rC)cFT#=grKxWCI%@I#P#Eu@=flc)
z>Q>X!a$A<&P6kdo!`Z%awq*wgOaTHx0QyJNdVG>RRquiDK`-g7
zf*LXD>GwyK8BkM+Ot_bau`J;ql#3>#EI
z0zm+seg)p`^tZD6{4h&Z9pf(nN0w;?%?>Usy@O-6t9-X@%3EZo&c247!qBXyiRM6GEOR_*{{WEN)Ad~_=nw4(mM2x}T$Kadi!1%@#x+u7ou9V*2D

literal 0
HcmV?d00001

diff --git a/3P/wolfssl/certs/1024/client-key.pem b/3P/wolfssl/certs/1024/client-key.pem
new file mode 100644
index 00000000..79e398cc
--- /dev/null
+++ b/3P/wolfssl/certs/1024/client-key.pem
@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXAIBAAKBgQC8cw6oSfN0oqnvGKXaVZkh+cjss21I5TU1dXc37NFhkF8+2eTV
+35TKwanXGdqGyehNxGE2gv6rrX53JbuNEaW8YjqoOMw5ogRmtPf386raTQIOu16N
+aUjcd8koDiLpa6Qmukzowf1Kbysf74qu9pBi5WQe6ys8Z8jcJwD2kWhlqQIDAQAB
+AoGAE5fq6Dh4JaJcBM4NQHwx5cRwzZuCO1gJhjtmX9wxkPFP1dsV3d7XO5WTMRgx
+Dl6j1qIacW6BSBxLz9uOeoZhMtz7VcEWbSeSJEWL8bhIsUsdrN7a3Y4vwpH7palu
++Dpq8f1QGO+f58PKeOpW09NyW5bdTgZOOsPZvnK2ZQcHTAECQQD6R9R6fJI8Ve+B
+8EEwLaPPjxzmhycFcA3fmDXW8Ys4LyS10IS2eU9xKZRa8GRqrOdyxu1NWZg+Zzrz
+dCz5YRdpAkEAwMGCDQzrxi/ckvmdghox6en3S/KChxzuFmrRHRiCcPPAti/28/cd
+8YYjyE7rj1aOj/W/8fcrtcw9xlc5DBtUQQJBAJ1+Bd7t9Ley+/wwS1Ud4y8BR5Zp
+Bc0OLiy9g2O2q3y3bcpbZKfOvobfO1PeYdIe66X2N+2sq3jZTOdV+9cRmcECQBiY
+GCnmHic5cCForAovoXLBIYaVOMZYkKBXnLrjp7EVyN72G8JhI3bvsJ0cRL4TQzln
+F8idyvv1RWSLOIIs8oECQDmJ5ZwZVTC6t0iMSBQO9J9+d5dD4bQZNTEjdZw7RK1p
+ElbuAGFkFmbTfHQrFbSi/r8IaxpdP5ASsQWGMSnb2eI=
+-----END RSA PRIVATE KEY-----
diff --git a/3P/wolfssl/certs/1024/dh1024.der b/3P/wolfssl/certs/1024/dh1024.der
new file mode 100644
index 0000000000000000000000000000000000000000..f29e6dc0448fdc367f4adc816c98018f6a4cf3fd
GIT binary patch
literal 138
zcmV;50CoQ`frkQtfdHh^xNdm$+3hWS-L@8nT1y3XklkisxouLX9Is-=X-9iG^81wR
zym|j5UhjFkS+e}f2iElIH23H@=hrht9iwD+8ibcrbU=h375;oBDk~-Zp23MTj5#GM
sK<3T(sG*8e#z(TC*N^KiU)qZSPH~8Z^0&I;O4@cn&1p!UgM1P9Wifd5
zB`x>2_)N3HGmI|ljic}#
z$dC4Z_|Fpcw4o7i4Ak%jt;GBkMaPsCyctWb?~`gz%oNy1i#cY80@Nr9xb6uz^Z=j)
zr+KH+Johw1R*uko!q`m@iR~1@ESyXko1WZL37_9B@C+wZI(HN;-U5Mv0O%ilx4=|U
zrzkC0eBRVt-PLx4JT@S}!zI@`IN?;t{Xl3MAyg(g6u0_sJ!?013-~3`!*Z
z6&4jp%?naQKzop5E07|^7zKb+uY(^{;;^C%T9PE;Vkkei%DIWwptr5A1>wP2K=wu+BQLI06(UI6I*kb>Exya#K$^;T-G}gn}5VDAub0

literal 0
HcmV?d00001

diff --git a/3P/wolfssl/certs/1024/dsa1024.pem b/3P/wolfssl/certs/1024/dsa1024.pem
new file mode 100644
index 00000000..c5bb0675
--- /dev/null
+++ b/3P/wolfssl/certs/1024/dsa1024.pem
@@ -0,0 +1,12 @@
+-----BEGIN DSA PRIVATE KEY-----
+MIIBvAIBAAKBgQD3S/m7FZjr3d4eTnGIhfK3uuJK2nZAzWlInoN8EfdlMXj1JS33
+t/hSP77YtsX+GBVbudWShryyF3zYsL6gfPLVc3pYj43lSgCZg0rAnhYJoRA01Rm7
+Y+Pdg3R/EMpzde4xSt2f4AJqne6yS6drKmzHhnfoBBXckrR6KR9Og2OFVQIVANIF
+5HP7wZnF3GikjZInPeJSX4mLAoGBAKohAglDbvuiVBSFCvQofMvM2/UeohipId6I
+iDOMLuuNo/AdyI/2fvjPEvW0oRFvDNTwBq3E/BRFx5QVvBlLru+Tak/MFNhHizlm
+hwLUKAq47gk39ACgBKd5p9I89zRDVo7QfMLYTQ+J7RTBLJxMGZue3FMJn98t8Awn
+VDp3FC3eAoGBAOgffLfAVFGnKC1YfN7UXN3VdoQ8NiDAwyXXOjjhVMj9QGgaIVQm
+ORS/9qOcXtkr98klugAJy38MSiT9FRYVSM0LUkRAe5BjK5AixRgFgFOvgx9U4rCi
+C1qSJOFiKD+3yrmJ1qC3ra4F4cFZQO1KG2ine/vDIIHvS/NpkbDOOrA4AhQlODuh
+GXXfm/VyU0854RzsE4SCGA==
+-----END DSA PRIVATE KEY-----
diff --git a/3P/wolfssl/certs/1024/include.am b/3P/wolfssl/certs/1024/include.am
new file mode 100644
index 00000000..c9684978
--- /dev/null
+++ b/3P/wolfssl/certs/1024/include.am
@@ -0,0 +1,17 @@
+# vim:ft=automake
+# All paths should be given relative to the root
+#
+
+EXTRA_DIST += \
+         certs/1024/client-cert.pem \
+         certs/1024/client-key.pem \
+         certs/1024/dh1024.pem \
+         certs/1024/dsa1024.pem
+
+EXTRA_DIST += \
+	     certs/1024/client-cert.der \
+         certs/1024/client-key.der \
+         certs/1024/dh1024.der \
+         certs/1024/dsa1024.der \
+         certs/1024/rsa1024.der
+
diff --git a/3P/wolfssl/certs/1024/rsa1024.der b/3P/wolfssl/certs/1024/rsa1024.der
new file mode 100644
index 0000000000000000000000000000000000000000..173d32bce3b9bc4fdf64d3771cc412d8cb22579e
GIT binary patch
literal 609
zcmV-n0-pUaf&yIv0RRGlfdIa6aJU2*MDTJQLr_y2lMh>BsxonR!AE>B%0cAfW17614;~o
zao*ztaH6+h2^(I=J)mS@flJf!s0RRC4fq)L~
z9mp?w3@t>Ir;*)BRcZvz5KW>ScFh+%RFZI;f^c#&BnLk{Y+t-griLe!twP<0+`wx@
ziSs`iJ`qHOE@@1=N^u&yno>M#-n_DWQSVQWI^0kMPPQ>-sE!6ZQK`X-%fx}oEotnC
z{4x{)AL2&{>0R0!3LR1_h_}5+UNl&lYHE#&U$3R?uScbx~
z7C9uv2CzM^0@8^$sF`Bka8iFt;C2K*p3Ts$1XiRC5v`6U^K
z!UlpMA#NTn=ls0l(wvgaymUhe12K>wGY@}xdAVMBeok6(agJVcey*Xsfh^n^oQz@u
znR#jX4oC_NyvM(z{hQ-^Y5RkWu9?)%{}I{cUm8BY^cp+58)P=
zq3GLiT1esf8UK5(wI_?pjb5FausbtIfLVXV=cz|Ob|-~NzfaF!BH%c6E!XVFOAl$e>8Zz$d=mUhw&p7T%YPwna|Gy56$T54F+&t-{Nw6FZw
zvo+&%Mtz}z_SXf;U&Hhlt6kcjzcEVuy2VV6f0HBf{~Z?g>H7A6)%;z1vQ+HZZ&Geqt!f{f$Vƶu*t4cYkwpLtE~3BKQY)5G<2
z)cbpr4t4O|`fr%+7Ze=-d4-kJkB7Wm2U^y@QQW+I#)cEwNvMmj?R>
T^6$O9w#9e1%-1VFQ0fQ(dQ_%?

literal 0
HcmV?d00001

diff --git a/3P/wolfssl/certs/ca-cert.pem b/3P/wolfssl/certs/ca-cert.pem
new file mode 100644
index 00000000..d98a51a5
--- /dev/null
+++ b/3P/wolfssl/certs/ca-cert.pem
@@ -0,0 +1,86 @@
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number: 18049645117592769049 (0xfa7d389a73fb1219)
+    Signature Algorithm: sha1WithRSAEncryption
+        Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
+        Validity
+            Not Before: Feb  5 06:33:30 2015 GMT
+            Not After : Nov  1 06:33:30 2017 GMT
+        Subject: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+                Public-Key: (2048 bit)
+                Modulus:
+                    00:bf:0c:ca:2d:14:b2:1e:84:42:5b:cd:38:1f:4a:
+                    f2:4d:75:10:f1:b6:35:9f:df:ca:7d:03:98:d3:ac:
+                    de:03:66:ee:2a:f1:d8:b0:7d:6e:07:54:0b:10:98:
+                    21:4d:80:cb:12:20:e7:cc:4f:de:45:7d:c9:72:77:
+                    32:ea:ca:90:bb:69:52:10:03:2f:a8:f3:95:c5:f1:
+                    8b:62:56:1b:ef:67:6f:a4:10:41:95:ad:0a:9b:e3:
+                    a5:c0:b0:d2:70:76:50:30:5b:a8:e8:08:2c:7c:ed:
+                    a7:a2:7a:8d:38:29:1c:ac:c7:ed:f2:7c:95:b0:95:
+                    82:7d:49:5c:38:cd:77:25:ef:bd:80:75:53:94:3c:
+                    3d:ca:63:5b:9f:15:b5:d3:1d:13:2f:19:d1:3c:db:
+                    76:3a:cc:b8:7d:c9:e5:c2:d7:da:40:6f:d8:21:dc:
+                    73:1b:42:2d:53:9c:fe:1a:fc:7d:ab:7a:36:3f:98:
+                    de:84:7c:05:67:ce:6a:14:38:87:a9:f1:8c:b5:68:
+                    cb:68:7f:71:20:2b:f5:a0:63:f5:56:2f:a3:26:d2:
+                    b7:6f:b1:5a:17:d7:38:99:08:fe:93:58:6f:fe:c3:
+                    13:49:08:16:0b:a7:4d:67:00:52:31:67:23:4e:98:
+                    ed:51:45:1d:b9:04:d9:0b:ec:d8:28:b3:4b:bd:ed:
+                    36:79
+                Exponent: 65537 (0x10001)
+        X509v3 extensions:
+            X509v3 Subject Key Identifier: 
+                27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
+            X509v3 Authority Key Identifier: 
+                keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
+                DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
+                serial:FA:7D:38:9A:73:FB:12:19
+
+            X509v3 Basic Constraints: 
+                CA:TRUE
+    Signature Algorithm: sha1WithRSAEncryption
+         2c:02:0c:de:b2:46:a1:d8:59:0f:08:69:ad:d2:52:2e:ee:55:
+         78:bd:bb:71:d2:d7:b7:fe:7b:0f:8a:bc:6a:25:fd:d4:6d:1d:
+         ab:00:e2:9d:d6:98:21:11:a4:41:e0:0d:4b:a4:38:7f:2e:0c:
+         d6:80:dc:30:d7:cf:19:1b:43:2f:e7:b3:99:74:9c:b4:01:69:
+         b1:c3:9b:9f:4a:89:2f:60:38:cb:7c:a1:78:93:38:5c:a8:ca:
+         46:0d:23:2d:99:a3:cf:0a:49:38:eb:07:06:57:cd:4a:55:35:
+         04:08:36:30:ca:75:69:4b:9a:84:08:c9:23:78:a9:f0:80:ce:
+         8a:25:bb:31:07:0e:11:e6:4a:95:8c:53:df:85:d9:48:45:cb:
+         5a:ef:de:92:c2:88:0e:da:ff:31:6b:4e:52:53:5f:f3:a8:3a:
+         42:f8:e1:0d:0a:c0:84:af:ec:21:b3:a7:98:b0:c8:6b:77:04:
+         ef:f5:06:a5:51:3b:20:6f:bf:55:80:8c:cf:d4:78:ee:a2:d9:
+         e3:52:34:9a:17:3d:87:10:4d:23:21:38:9b:35:f7:18:ac:34:
+         bd:18:ae:a4:e2:32:2f:5d:a4:41:4c:bc:aa:88:b7:9e:45:14:
+         92:e9:e8:ee:fc:1d:28:f5:59:fd:de:bd:3d:73:dd:b4:9f:2e:
+         77:c0:75:41
+-----BEGIN CERTIFICATE-----
+MIIEqjCCA5KgAwIBAgIJAPp9OJpz+xIZMA0GCSqGSIb3DQEBBQUAMIGUMQswCQYD
+VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8G
+A1UECgwIU2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3
+dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTAe
+Fw0xNTAyMDUwNjMzMzBaFw0xNzExMDEwNjMzMzBaMIGUMQswCQYDVQQGEwJVUzEQ
+MA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwIU2F3
+dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xmc3Ns
+LmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTCCASIwDQYJKoZI
+hvcNAQEBBQADggEPADCCAQoCggEBAL8Myi0Ush6EQlvNOB9K8k11EPG2NZ/fyn0D
+mNOs3gNm7irx2LB9bgdUCxCYIU2AyxIg58xP3kV9yXJ3MurKkLtpUhADL6jzlcXx
+i2JWG+9nb6QQQZWtCpvjpcCw0nB2UDBbqOgILHztp6J6jTgpHKzH7fJ8lbCVgn1J
+XDjNdyXvvYB1U5Q8PcpjW58VtdMdEy8Z0TzbdjrMuH3J5cLX2kBv2CHccxtCLVOc
+/hr8fat6Nj+Y3oR8BWfOahQ4h6nxjLVoy2h/cSAr9aBj9VYvoybSt2+xWhfXOJkI
+/pNYb/7DE0kIFgunTWcAUjFnI06Y7VFFHbkE2Qvs2CizS73tNnkCAwEAAaOB/DCB
++TAdBgNVHQ4EFgQUJ45nEXTDJh0/7TNjs6TYHTDl6NUwgckGA1UdIwSBwTCBvoAU
+J45nEXTDJh0/7TNjs6TYHTDl6NWhgZqkgZcwgZQxCzAJBgNVBAYTAlVTMRAwDgYD
+VQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQKDAhTYXd0b290
+aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29t
+MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tggkA+n04mnP7EhkwDAYD
+VR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEALAIM3rJGodhZDwhprdJSLu5V
+eL27cdLXt/57D4q8aiX91G0dqwDindaYIRGkQeANS6Q4fy4M1oDcMNfPGRtDL+ez
+mXSctAFpscObn0qJL2A4y3yheJM4XKjKRg0jLZmjzwpJOOsHBlfNSlU1BAg2MMp1
+aUuahAjJI3ip8IDOiiW7MQcOEeZKlYxT34XZSEXLWu/eksKIDtr/MWtOUlNf86g6
+QvjhDQrAhK/sIbOnmLDIa3cE7/UGpVE7IG+/VYCMz9R47qLZ41I0mhc9hxBNIyE4
+mzX3GKw0vRiupOIyL12kQUy8qoi3nkUUkuno7vwdKPVZ/d69PXPdtJ8ud8B1QQ==
+-----END CERTIFICATE-----
diff --git a/3P/wolfssl/certs/ca-key.der b/3P/wolfssl/certs/ca-key.der
new file mode 100644
index 0000000000000000000000000000000000000000..14456f3e453ba04c32952d0db72fecdeb153eb3e
GIT binary patch
literal 1192
zcmV;Z1Xueof&`=j0RRGm0RaHN49YDOvL1v&Tg^BhO7cy05b?G(pWn)T1DMmS-UDXt
zD)HE`eQpO-3lNwgO@PZ1Am_|a-bH=Ma(6Q7%8Xw{Njp7uPtM2>z2;Z~ns*NeC7Tr%h)7QZZ*EPMGac
zMIE^W*$eF0D6>nw?KXJ=0|5X50)hbmJ#J258iaqHg?!;l2YlexnJV6$`8G5TcMd)X
z>QChcCe-#g_umZ<94-c;^eSkaV{+p)<^++EwZXBZRIJy=`$3@Ab#J{3PQS5I=wC@D
zm{v!}-s$Q*U;)1<+%dmNUz16PdVyP(OHImLI8V3XveU;Q+B_162jm;vL+t46RAJ}#
z?WPMZ_1}Vj#vfrBoTP&}-ywyGZ+EYT6*35-S_>v&`)~}(oH%{FBJS&>s1^YEihv#f
zgs4hE_=E#zFC$won`%rvXL$JO;FFoh2=BRNw4JjL0)c@5;dVuUS+>(j-wN*%)(`Nv%PKd&r}(u^^)WTA
zw5tsL;n*Cwp*?YEX}_weM=&jFZE
z+;mi`ZC+YIG5-IWwx9*wsSs57YtX8L0)c=b(*%k{>rl6RX1|9k<|t0;gW~Bm;qnnj
z|DpB#pDpD&f&2jjZ&R&QC$>`VR%;d67!vbzew(y
z4#ABO|7Dt;EgFiHTFAhqrG#Og)Fip@sh!Dp3&(I~J-WzL-_kST^?&&%VZK*I-M2*-
zB=sZYI1Z5~?&BcX6v&iEcR+VV7@iHzc|TV%RtZUGzLZ!`_Qb2=iR0snzy(z-B*03S
G1Sgsk)I)m!

literal 0
HcmV?d00001

diff --git a/3P/wolfssl/certs/ca-key.pem b/3P/wolfssl/certs/ca-key.pem
new file mode 100644
index 00000000..774feba0
--- /dev/null
+++ b/3P/wolfssl/certs/ca-key.pem
@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEpAIBAAKCAQEAvwzKLRSyHoRCW804H0ryTXUQ8bY1n9/KfQOY06zeA2buKvHY
+sH1uB1QLEJghTYDLEiDnzE/eRX3Jcncy6sqQu2lSEAMvqPOVxfGLYlYb72dvpBBB
+la0Km+OlwLDScHZQMFuo6AgsfO2nonqNOCkcrMft8nyVsJWCfUlcOM13Je+9gHVT
+lDw9ymNbnxW10x0TLxnRPNt2Osy4fcnlwtfaQG/YIdxzG0ItU5z+Gvx9q3o2P5je
+hHwFZ85qFDiHqfGMtWjLaH9xICv1oGP1Vi+jJtK3b7FaF9c4mQj+k1hv/sMTSQgW
+C6dNZwBSMWcjTpjtUUUduQTZC+zYKLNLve02eQIDAQABAoIBAD1uTmAahH+dhXzh
+Swd84NaZKt6d+TY0DncOPgjqT+UGJtT2OPffDQ8cLgai9CponGNy4zXmBJGRtcGx
+pFSs18b7QaDWdW+9C06/sVLoX0kmmFZHx97p6jxgAb8o3DG/SV+TSYd6gVuWS03K
+XDhPt+Gy08ch2jwShwfkG9xD7OjsVGHn9u2mCy7134J/xh9hGZykgznfIYWJb3ev
+hhUyCKJaCyZh+3AMypw4fbwi7uujqBYA+YqAHgCEqEpB+IQDZy8jWy+baybDBzSU
+owM7ctWfcuCtzDSrvcfV9SYwhQ8wIzlS/zzLmSFNiKWr7mK5x+C7R4fBac9z8zC+
+zjkEnOUCgYEA4XZFgFm200nfCu8S1g/wt8sqN7+n+LVN9TE1reSjlKHb8ZattQVk
+hYP8G1spqr74Jj92fq0c8MvXJrQbBY5Whn4IYiHBhtZHeT63XaTGOtexdCD2UJdB
+BFPtPybWb5H6aCbsKtya8efc+3PweUMbIaNZBGNSB8nX5tEbXV6W+lMCgYEA2O1O
+ZGFrkQxhAbUPu0RnUx7cB8Qkfp5shCORDOQSBBZNeJjMlj0gTg9Fmrb4s5MNsqIb
+KfImecjF0nh+XnPy13Bhu0DOYQX+aR6CKeYUuKHnltAjPwWTAPLhTX7tt5Zs9/Dk
+0c8BmE/cdFSqbV5aQTH+/5q2oAXdqRBU+GvQqoMCgYAh0wSKROtQt3xmv4cr5ihO
+6oPi6TXh8hFH/6H1/J8t5TqB/AEDb1OtVCe2Uu7lVtETq+GzD3WQCoS0ocCMDNae
+RrorPrUx7WO7pNUNj3LN0R4mNeu+G3L9mzm0h7cT9eqDRZOYuo/kSsy0TKh/CLpB
+SahJKD1ePcHONwDL+SzdUQKBgQChV58+udavg22DP4/70NyozgMJI7GhG2PKxElW
+NSvRLmVglQVVmRE1/dXfRMeliHJfsoJRqHFFkzbPXB9hUQwFgOivxXu6XiLjPHXD
+hAVVbdY6LYSJkzPLONqqMQXNzmwt3VXTVwvwpTVqsK4xukOWygDHS+MZEkPTQvpv
+6oDA0QKBgQC524kgNCdwYjTqXyViEvOdgb9I7poOwY0Q/2WanS0aipRayMClpYRh
+ntQkue+pncl3C8dwZj26yFTf0jPh9X/5J2G+V0Xdt0UXJPUj5DgOkSfu4yDYFMiU
+R3dAd0UYng3OeT9XMVYJSWe+lFhP9sSr4onj44rABVUsJMBKlwQnmg==
+-----END RSA PRIVATE KEY-----
diff --git a/3P/wolfssl/certs/client-cert.der b/3P/wolfssl/certs/client-cert.der
new file mode 100644
index 0000000000000000000000000000000000000000..ea1f65e4012c856d88d69fc032b32a99c4b8f09b
GIT binary patch
literal 1198
zcmXqLVp(O-#5`#MGZP~d6DPyjoNIN*-haMrz{|#|)#lOmotKf3m6gGuaf%_g0Vf-C
zC<~h~Q)sZEfB_$f!@Vdr6Y%CAbzP0WLdaPhF0=jWsa2m2U`7zlxM
zar1Bo6y>KECFbU4=A|1-7>I#HnR)oj%ggmZYKx0=^pf*)4do4F;m+V>6cfnIOUrja
zQeYq_&TD9DU}RuwU}kJ=Y!C(Hnj0D#7(%&&)!9vqO2`4s$jZRn#K_NJ(8S2a)Wpch
zaG3d`_CL!dMy}SuCt9?%YD#A9U8NPo?tX2V*(P?Qz6-lDtB)OanRlhp3Cg|{@%UoJnzr#rXddzn6Ycy8K#>AL-X(=Q0TSixb?xL$$V
zS>$L*`WB<6{NA=h9S$?ins>=L6e)>c4@y-j-f-@{+)*?THBhy>jbi?$oi+-;^
zuFI?z+sx%*epFxbcrc<4<4;U=Ee#V-aH!F}~rNc0HqAqArBDKz-tIwd<{^
z2Miidg5;H18V?#Y?rXrRW?|#3C5_VuX7I3UrFa2Luxr{@U;b+_ZiJQ*M
z{Pl0=>&c-n884JSxRJN{=3+HA)rT*;YyQPvw~RXU{n593S!GNTbz&DTT;}YVWU=T}
z-HM%OID9@tu2MDKd3lwLfXp54tBHT+e4P66ocrIf1vUqLPlcRe(6=k?6L%2tWZb><
zcM#Y9-JFV7mKjHAyfeP@??>5@FMYeyGp0u$t5R;go7LCD#47vlk?oc_yOZ+_W21Zb
z+KAseX|=#o{$AG^x!NLC>#+abyVpl8Ptp0Y;K-+f@DJxLJZf?lWjzZ0a(<=ab~~qs
OHw43@bMEK1TF_lvsE4f*fv@qr$Dn*&Fhzh%sSWh7~)=oE=t
zIH
zQ{ItG9c}7ad-8Xx*~Zz5tJvWdb
z-nWk2K-Hq|;2xp$zL(pEW0n-nmX;qbG(B&l8|4j%w5{vn!ETW!-TtCWIhLpIp)
zLTDrqMbuE_7dc4KHH(yO5#Eo=SptE90O};C`DruhaokdUh#@F1N#4407U|4KdWa2_
zSA;rXjg**Jr2>J0
z0M$4f!;i(23`YxZHIl`!jYi0l7?1UU3it1!{(!l)D!R%TuwA7G(36eWoCF-yVveRJ
zfdT){iYj9?H9)FufZmBCYFAC3Zmp9}R*(yAopXx}t|vX-PVlP5Yqng$pj6Bem*@U
z62lmK^C|OR4t8u=b>u;WX`M3j%_6I?HM&Z&JmuL~wqj3R-sPSO%2To|_nxzB3R`()
z>~4`xk|6f{{1)xgb`0X|f3j&4Yj_S?Mr5>Jwmw{U*2|#F+}3bH2kF
z0)c@5x|*!YeY|8%B0LWA)=~9`*qOi)AYBhB{afO$*&Nv+R&D%*
z&|mEk6&x5L=fpir*U+A7mCqu{1ACt1U;+Fu0)c=L&`Zx7XStscbw`F}t}(*KFsxYy
zP}vW)a0d7A)5v0csM>D!AwSc9U+RjhKiMi?^HI{mFgN2Zqje1)O(8VZS8!a3zjEwK
zZfMob7<4mEj5lu%QSBoCp)TSq413FxB+{!B0e|*6&KjB_|x{(w0*ST#?
NKo6^CG#lCV}r{|I8)Sq()guZ%{Rkgw9F;
z=@NcgG1oKvArp4Y7BJfk{KaCYHMsA$u&lr~_SwlsNcljJ04p1+Y~vck3j>}T!baps
zP9k$}!(Y^z)-VT1){Ky=)b{b?NYhwLrn${2zi1x_OJjyFTx-_024(lA+yG~5yThqL
SgZsz&$l@M;uK+)j0s#Vkbb);U

literal 0
HcmV?d00001

diff --git a/3P/wolfssl/certs/dh2048.pem b/3P/wolfssl/certs/dh2048.pem
new file mode 100644
index 00000000..1e2b848d
--- /dev/null
+++ b/3P/wolfssl/certs/dh2048.pem
@@ -0,0 +1,29 @@
+Diffie-Hellman-Parameters: (2048 bit)
+    prime:
+        00:b0:a1:08:06:9c:08:13:ba:59:06:3c:bc:30:d5:
+        f5:00:c1:4f:44:a7:d6:ef:4a:c6:25:27:1c:e8:d2:
+        96:53:0a:5c:91:dd:a2:c2:94:84:bf:7d:b2:44:9f:
+        9b:d2:c1:8a:c5:be:72:5c:a7:e7:91:e6:d4:9f:73:
+        07:85:5b:66:48:c7:70:fa:b4:ee:02:c9:3d:9a:4a:
+        da:3d:c1:46:3e:19:69:d1:17:46:07:a3:4d:9f:2b:
+        96:17:39:6d:30:8d:2a:f3:94:d3:75:cf:a0:75:e6:
+        f2:92:1f:1a:70:05:aa:04:83:57:30:fb:da:76:93:
+        38:50:e8:27:fd:63:ee:3c:e5:b7:c8:09:ae:6f:50:
+        35:8e:84:ce:4a:00:e9:12:7e:5a:31:d7:33:fc:21:
+        13:76:cc:16:30:db:0c:fc:c5:62:a7:35:b8:ef:b7:
+        b0:ac:c0:36:f6:d9:c9:46:48:f9:40:90:00:2b:1b:
+        aa:6c:e3:1a:c3:0b:03:9e:1b:c2:46:e4:48:4e:22:
+        73:6f:c3:5f:d4:9a:d6:30:07:48:d6:8c:90:ab:d4:
+        f6:f1:e3:48:d3:58:4b:a6:b9:cd:29:bf:68:1f:08:
+        4b:63:86:2f:5c:6b:d6:b6:06:65:f7:a6:dc:00:67:
+        6b:bb:c3:a9:41:83:fb:c7:fa:c8:e2:1e:7e:af:00:
+        3f:93
+    generator: 2 (0x2)
+-----BEGIN DH PARAMETERS-----
+MIIBCAKCAQEAsKEIBpwIE7pZBjy8MNX1AMFPRKfW70rGJScc6NKWUwpckd2iwpSE
+v32yRJ+b0sGKxb5yXKfnkebUn3MHhVtmSMdw+rTuAsk9mkraPcFGPhlp0RdGB6NN
+nyuWFzltMI0q85TTdc+gdebykh8acAWqBINXMPvadpM4UOgn/WPuPOW3yAmub1A1
+joTOSgDpEn5aMdcz/CETdswWMNsM/MVipzW477ewrMA29tnJRkj5QJAAKxuqbOMa
+wwsDnhvCRuRITiJzb8Nf1JrWMAdI1oyQq9T28eNI01hLprnNKb9oHwhLY4YvXGvW
+tgZl96bcAGdru8OpQYP7x/rI4h5+rwA/kwIBAg==
+-----END DH PARAMETERS-----
diff --git a/3P/wolfssl/certs/dsa2048.der b/3P/wolfssl/certs/dsa2048.der
new file mode 100644
index 0000000000000000000000000000000000000000..0bcb0b44d95d1ce20ee8b9e5feb2718bc9050334
GIT binary patch
literal 835
zcmV-J1HAk&f&)JS0RRGm0RaHaj>(|ankO9EQs2kG<_4rbie^dBSu;^-#GGDag~#!$
z)!AaK{h{C+SO1pp44=qEhwEIC&_+TDP--K~iEmZuY7wcZGOIHUQMGwdw5y^e5sl>}
zzS!}dP7-gdL{xyOw1H?&L=Lz)^S*-!bfU(3*J^zVh*yJ1+|OQb?r046{{sY&s`m$&
z_-9&!BW6cn!$WQZk*p|Y%ka|$$O)IVt^r!=JKK
zVF4+smdhYuLLItwOJl(T6#(a@In-)5UX=zp2X_kVpabi8f|~+@0RaG-)J$Zc>(ONG>2zTDS)UuhxX{9=*=4(hB)@o3`Q=<;K?v1)hvI(
z2*1o)f{xVGNvfjy=E0rt*_N>X3|ljf2Hl+~sp)`0JJ@=ZA&*w^qO>cC9CZJFk=!4V
z6PT~Z2GUHBqP^M{x@E8}Xooy*C5@2BybY;C1IfP6g>TyjdyM$8!buQmV^%lCFw*;R
zn&^TDEBWF``PpYf&l<#OS`wpNR}oZ1T=q#Gc6>xDVO5}caw<|+Z&U(ERY%rJ0{s#^C}5g+^i+EsYN@YI&5Kt
zzi8Czo5d+eU=aDt)L(`Zq
zgV+>j==jx7tl&Gpr&JbRNn|Eeq-$w>x{8C@E@cX$C-0e=2-mfrpaJiG7r%pRF5SR6
zI3sAZc5CIz_k8ZaQsUjMSvo=nMX<-gcLlNxGC)SE+Ie>bao>6Z6#$s-xluPhbrTZ?
NkCfBq=>W@OZJIn>m1zI~

literal 0
HcmV?d00001

diff --git a/3P/wolfssl/certs/ecc-client-key.pem b/3P/wolfssl/certs/ecc-client-key.pem
new file mode 100644
index 00000000..cf9812d8
--- /dev/null
+++ b/3P/wolfssl/certs/ecc-client-key.pem
@@ -0,0 +1,9 @@
+ASN1 OID: prime256v1
+-----BEGIN EC PARAMETERS-----
+BggqhkjOPQMBBw==
+-----END EC PARAMETERS-----
+-----BEGIN EC PRIVATE KEY-----
+MHcCAQEEIPjPkmu9HijxqKuhI08ydBiIUK1+x+yS+I+XTa9WiWXHoAoGCCqGSM49
+AwEHoUQDQgAEVb/0D0RQmj3Om7fwxU31cHvU7CSOGYDsWkyiJANiLJva76I1EkOE
+dhbGVpUGzAGpvfZ1GkL3vamyNiJfx11/tA==
+-----END EC PRIVATE KEY-----
diff --git a/3P/wolfssl/certs/ecc-key-comp.pem b/3P/wolfssl/certs/ecc-key-comp.pem
new file mode 100644
index 00000000..de76b8e0
--- /dev/null
+++ b/3P/wolfssl/certs/ecc-key-comp.pem
@@ -0,0 +1,4 @@
+-----BEGIN EC PRIVATE KEY-----
+MFcCAQEEIEW2aQJznGyFoThbcujox6zEA41TNQT6bCjcNI3hqAmMoAoGCCqGSM49
+AwEHoSQDIgACuzOsTCdQSsZKpQTDPN6fNttyLc6U6iv6yyAJOSwW6GE=
+-----END EC PRIVATE KEY-----
diff --git a/3P/wolfssl/certs/ecc-key.der b/3P/wolfssl/certs/ecc-key.der
new file mode 100644
index 0000000000000000000000000000000000000000..a88d141e08cceb829f2bc756ffcabd7d8e8c0b79
GIT binary patch
literal 121
zcmV-<0EYiCcLD(c1RzDWX##VcY=xmXTXN{=$E?HyjZ-xQ`fMoNG>ze?35=i$1_&yK
zNX|V20SBQ(13~}x++j1?=l_m#iS3ZqD{3|xDUGu^?Xnt`o5XwVSiLa@I)$`+f6^a^B
zAt5nj($Hf9CDOfVJHXG$dl$$GKcg*xi~AZIf3Kokl>Xm`U5Ya=VTjMuzkDjM;-N>(
zMMe5c`j&(ux*~P@M8s8_6d$p~4vNHSI5~ou)m^(I40s=RcEe!*++mrd!v9kL9t08XI51lz
zE_hSs)rVQ$cW({Vj|ly_yu}nkrkBDedOlkjY^Zy3jEX;oF8N9Y2a
zL4`$OH*E530L+V4?@Lrm{BRbq|$j^LKO~tK1Ta$uu
zpCQ33nn3NOIqb8h^L3FoK{9x{$o0l@cQWW(MYB>y9=Q
t^A-h3sCuFWeIZMoRY3tI^bIjZNJrAqT||;9I5Eal8MAQ^s#?Zz7Qh-aDv1C9

literal 0
HcmV?d00001

diff --git a/3P/wolfssl/certs/rsa2048.der b/3P/wolfssl/certs/rsa2048.der
new file mode 100644
index 0000000000000000000000000000000000000000..837095b95480b655c2bacfa354644799fbcb64cc
GIT binary patch
literal 1191
zcmV;Y1X%kpf&`-i0RRGm0RaH%id_|?)HJzSqS~)?$jJjHIQmHZO)zfic8ShU_J`gw
zI!10d5?D7P4S=jIuP+ilVsl_-XppjRM;8Pu%C{!B5W*ArdSVKbGLS+I7B2eNDc7G=
z%WE7O-hzR@2wgwGwy~(CoPltsPBMoT9C!}!82;-^H!JDk_xe%B
zSh?5+1MR>A7*&gy{;~GZJ^Ew7I2p$P?@gItw7SmY&e>}%c9j47cNj|kW$+4-TstC^
zh0q`vSuUkB1FRcgcrpem4c0
zAaiT4V@o42+&5+viM-(Wpj|CjW#Govn`S3s?8CT>*sit7zYhL{a%j~@4i5OPomQ+*
zt%#ta_WU@_mRnwawwSx~itPHxw~%$94tHz)Sw&h5|CNo-{+sq0jtij-?#6lDoneJs
z8Ei+)2>+#G+vF`R-4timN@OZ#NmQKUg&5~CLgLUYAfR*)A0UaktAN-z*+yx*@63y#
zbEop;I9=9tpNI}t&DexlDRcFqdD?m(zjK4YZJ&!Y6~Jw2Y9QuO&qZ#`1;jeQo~pqH
zFRPg_;clHpdjF};aJUv44j}r$0)c@5|1c54JZrSpo@>FA(MZmKExxb!y0X{9#8Yk+
z0;*xT>IIv5XA92R`gt0#il^MkUBGJB(i{k60GBUCS%Wtx&L${H&XD#CtXD!0)c@5
z>PV;Eb3s-i7573#O{w8#TfHTH_o!tPt}Qqb&6E5vqbx+b&(I-{`@#9G9qyLTmq}n#
zfTg1N?zz=>MBV)vD)E8z**xrX&??wGCx>|whUZrdS+IT<7V;efA7YDlT4ZM0)c@5#kL@fH1pl?N?n3wTu9_~I{W&n9OPqn
zF|5)hMI&tk_2kk>g(e8)s-Vs;9c}!s()mJu>TOwivyn?4R}pRYvqa
zkMayKeq7y%Njq7&hrGtcB#IDYAs=QMKJ-}8Yz;uNz#U^k4#ZXtz|6wdW)8%wwKMin
z0)c=Te&(gN(K%{JRjeeIn-VB(dt3!2T5<(`LiK|hcq~n>v^JKhy5OuPovCUmgSl_J~C96*EXSytDnPOGkPXVIhaY}b#L4vnmM|4$&zeC3fq-{EwiJ!U69|6E#Ol<#4Wyp4Zr&Pt
z_=$+`Haro$gXl19fqX~vP0H$40b*4yONptyZvpmn0;=PLW(Jisq2kJA{-Z5Jmz8X9
z)wDSF`IRvG_?#sxwiHp!F0)(K+#2jH30prp(6~+~AKWVLtf^UD2V)U~3)FOgwtZqn
FzgDSPO>O`H

literal 0
HcmV?d00001

diff --git a/3P/wolfssl/certs/server-cert.der b/3P/wolfssl/certs/server-cert.der
new file mode 100644
index 0000000000000000000000000000000000000000..6d18c29b87099f0674ba555d4fd26e281989d72b
GIT binary patch
literal 1186
zcmXqLVwq>q#N4)knTe5!iILHOmyJ`a&7D}zDf6hm$UPB!LH7B*p~&|pIW
z13nOkgNNNWKd&S)FA*lf&cp7MUzM7hm}e+xzzHU$U!z`VxI!ya5(P>^3#
zLWz@`7?qF%mywl$xrvdV!Jvtei>Zl`k>S8pj)&onp9*ugUvhO+XG}fjy6)2+6@wj9
z&*}SJ`zF(|r)K`|73uZ=V&(*ve(yTP{@hf*|KZ;11Nt?qQ&x!oITc&I>w)6aBE5XQ
zwi{E6Z>^CI-WhLyU6NPT|6y`+U^jP){aWW8OJ!nAHm_q?kbLx8J$GbAMe(v8iIq&b
z>kmsZ>g^DCeC&+FmdwR&#+mJTM|O)Z`~2eW+TuOc`ifisrUmls4cYuKH(q9sa`8n@
z=1!4I0y|RRZeTR6!AN=P!t!0hm!=m#id8+C#e3K?
zVab*anNCieFK=+{F;>_dp|pI}>mv`JB{mZPM)mqFd{w*YFzytD%Fbk^zGb7`F>(sjC?e?Nv$sg^(J2U9sDKZx|vGrn`_F^eRbAlSql>m
zXfD;;{gP?#o~7BRZT~L4oYqnn;a0_IxOJ!VZc|}-BgH94IG&5G*1Wa9_oBhd1@D*L
z`t>0|G5@9cvi9Vznv9aw#+LH0E}qk=-}>4saL%r+hZLU1Un$U7*}(C-*Y4f#LicG}
zy2mT|mjB$PQu%wS{?XSHH%Y|j9+bF|F;(bH#?OmvZ5ur{L@{h-(F-u&qyIJhlBc+H
QtbPikbrz?~vPW_(01w=$1ONa4

literal 0
HcmV?d00001

diff --git a/3P/wolfssl/certs/server-cert.pem b/3P/wolfssl/certs/server-cert.pem
new file mode 100644
index 00000000..2f0e93d4
--- /dev/null
+++ b/3P/wolfssl/certs/server-cert.pem
@@ -0,0 +1,172 @@
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number: 1 (0x1)
+    Signature Algorithm: sha1WithRSAEncryption
+        Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
+        Validity
+            Not Before: Feb  5 06:33:30 2015 GMT
+            Not After : Nov  1 06:33:30 2017 GMT
+        Subject: C=US, ST=Montana, L=Bozeman, O=wolfSSL, OU=Support, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+                Public-Key: (2048 bit)
+                Modulus:
+                    00:c0:95:08:e1:57:41:f2:71:6d:b7:d2:45:41:27:
+                    01:65:c6:45:ae:f2:bc:24:30:b8:95:ce:2f:4e:d6:
+                    f6:1c:88:bc:7c:9f:fb:a8:67:7f:fe:5c:9c:51:75:
+                    f7:8a:ca:07:e7:35:2f:8f:e1:bd:7b:c0:2f:7c:ab:
+                    64:a8:17:fc:ca:5d:7b:ba:e0:21:e5:72:2e:6f:2e:
+                    86:d8:95:73:da:ac:1b:53:b9:5f:3f:d7:19:0d:25:
+                    4f:e1:63:63:51:8b:0b:64:3f:ad:43:b8:a5:1c:5c:
+                    34:b3:ae:00:a0:63:c5:f6:7f:0b:59:68:78:73:a6:
+                    8c:18:a9:02:6d:af:c3:19:01:2e:b8:10:e3:c6:cc:
+                    40:b4:69:a3:46:33:69:87:6e:c4:bb:17:a6:f3:e8:
+                    dd:ad:73:bc:7b:2f:21:b5:fd:66:51:0c:bd:54:b3:
+                    e1:6d:5f:1c:bc:23:73:d1:09:03:89:14:d2:10:b9:
+                    64:c3:2a:d0:a1:96:4a:bc:e1:d4:1a:5b:c7:a0:c0:
+                    c1:63:78:0f:44:37:30:32:96:80:32:23:95:a1:77:
+                    ba:13:d2:97:73:e2:5d:25:c9:6a:0d:c3:39:60:a4:
+                    b4:b0:69:42:42:09:e9:d8:08:bc:33:20:b3:58:22:
+                    a7:aa:eb:c4:e1:e6:61:83:c5:d2:96:df:d9:d0:4f:
+                    ad:d7
+                Exponent: 65537 (0x10001)
+        X509v3 extensions:
+            X509v3 Subject Key Identifier: 
+                B3:11:32:C9:92:98:84:E2:C9:F8:D0:3B:6E:03:42:CA:1F:0E:8E:3C
+            X509v3 Authority Key Identifier: 
+                keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
+                DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
+                serial:FA:7D:38:9A:73:FB:12:19
+
+            X509v3 Basic Constraints: 
+                CA:TRUE
+    Signature Algorithm: sha1WithRSAEncryption
+         4e:0e:2c:de:ab:bb:e9:9e:ab:65:0f:c8:9a:da:ca:ae:a7:87:
+         3f:15:06:ee:7d:22:88:8e:b0:88:fc:b8:b4:69:39:bf:ca:49:
+         65:75:01:90:85:8b:af:08:f1:ce:ac:2e:ad:30:34:80:58:77:
+         ee:bc:bb:9b:74:c2:9c:91:b5:93:e2:f1:33:83:b8:0b:7e:0c:
+         58:0f:2e:91:d0:fb:53:f4:68:d7:36:24:85:ec:d6:23:5b:8e:
+         7e:3b:76:6a:a1:60:c0:29:a5:2e:bb:e9:02:bd:bc:a5:6b:cb:
+         3d:fd:a5:d3:66:84:76:58:46:7a:09:31:b5:b9:43:bb:35:13:
+         1f:32:21:94:c4:08:e7:16:ab:29:da:bf:8d:d1:30:a9:a0:ef:
+         a6:da:fa:f0:50:21:6f:e9:37:a6:87:63:8a:7c:68:74:ab:33:
+         39:1f:ea:d1:ce:2c:7f:b5:eb:4a:51:9c:ba:b5:c2:20:e5:5f:
+         d4:70:28:a9:80:08:eb:8d:3e:ee:fb:71:47:96:2a:2d:c7:79:
+         0e:a7:f9:ba:24:79:fb:a5:2f:c5:eb:91:b2:18:5f:6d:c1:18:
+         d8:68:95:12:cc:68:f9:d1:06:86:b1:48:b0:5a:00:b5:04:2e:
+         50:37:bc:2f:f5:57:d2:49:17:43:5d:2f:64:01:3b:6a:09:44:
+         a6:e2:1e:04
+-----BEGIN CERTIFICATE-----
+MIIEnjCCA4agAwIBAgIBATANBgkqhkiG9w0BAQUFADCBlDELMAkGA1UEBhMCVVMx
+EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh
+d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz
+bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTUwMjA1
+MDYzMzMwWhcNMTcxMTAxMDYzMzMwWjCBkDELMAkGA1UEBhMCVVMxEDAOBgNVBAgM
+B01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xEDAOBgNVBAoMB3dvbGZTU0wxEDAO
+BgNVBAsMB1N1cHBvcnQxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqG
+SIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
+ADCCAQoCggEBAMCVCOFXQfJxbbfSRUEnAWXGRa7yvCQwuJXOL07W9hyIvHyf+6hn
+f/5cnFF194rKB+c1L4/hvXvAL3yrZKgX/Mpde7rgIeVyLm8uhtiVc9qsG1O5Xz/X
+GQ0lT+FjY1GLC2Q/rUO4pRxcNLOuAKBjxfZ/C1loeHOmjBipAm2vwxkBLrgQ48bM
+QLRpo0YzaYduxLsXpvPo3a1zvHsvIbX9ZlEMvVSz4W1fHLwjc9EJA4kU0hC5ZMMq
+0KGWSrzh1Bpbx6DAwWN4D0Q3MDKWgDIjlaF3uhPSl3PiXSXJag3DOWCktLBpQkIJ
+6dgIvDMgs1gip6rrxOHmYYPF0pbf2dBPrdcCAwEAAaOB/DCB+TAdBgNVHQ4EFgQU
+sxEyyZKYhOLJ+NA7bgNCyh8OjjwwgckGA1UdIwSBwTCBvoAUJ45nEXTDJh0/7TNj
+s6TYHTDl6NWhgZqkgZcwgZQxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5h
+MRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQKDAhTYXd0b290aDETMBEGA1UECwwK
+Q29uc3VsdGluZzEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcN
+AQkBFhBpbmZvQHdvbGZzc2wuY29tggkA+n04mnP7EhkwDAYDVR0TBAUwAwEB/zAN
+BgkqhkiG9w0BAQUFAAOCAQEATg4s3qu76Z6rZQ/ImtrKrqeHPxUG7n0iiI6wiPy4
+tGk5v8pJZXUBkIWLrwjxzqwurTA0gFh37ry7m3TCnJG1k+LxM4O4C34MWA8ukdD7
+U/Ro1zYkhezWI1uOfjt2aqFgwCmlLrvpAr28pWvLPf2l02aEdlhGegkxtblDuzUT
+HzIhlMQI5xarKdq/jdEwqaDvptr68FAhb+k3podjinxodKszOR/q0c4sf7XrSlGc
+urXCIOVf1HAoqYAI640+7vtxR5YqLcd5Dqf5uiR5+6UvxeuRshhfbcEY2GiVEsxo
++dEGhrFIsFoAtQQuUDe8L/VX0kkXQ10vZAE7aglEpuIeBA==
+-----END CERTIFICATE-----
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number: 18049645117592769049 (0xfa7d389a73fb1219)
+    Signature Algorithm: sha1WithRSAEncryption
+        Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
+        Validity
+            Not Before: Feb  5 06:33:30 2015 GMT
+            Not After : Nov  1 06:33:30 2017 GMT
+        Subject: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+                Public-Key: (2048 bit)
+                Modulus:
+                    00:bf:0c:ca:2d:14:b2:1e:84:42:5b:cd:38:1f:4a:
+                    f2:4d:75:10:f1:b6:35:9f:df:ca:7d:03:98:d3:ac:
+                    de:03:66:ee:2a:f1:d8:b0:7d:6e:07:54:0b:10:98:
+                    21:4d:80:cb:12:20:e7:cc:4f:de:45:7d:c9:72:77:
+                    32:ea:ca:90:bb:69:52:10:03:2f:a8:f3:95:c5:f1:
+                    8b:62:56:1b:ef:67:6f:a4:10:41:95:ad:0a:9b:e3:
+                    a5:c0:b0:d2:70:76:50:30:5b:a8:e8:08:2c:7c:ed:
+                    a7:a2:7a:8d:38:29:1c:ac:c7:ed:f2:7c:95:b0:95:
+                    82:7d:49:5c:38:cd:77:25:ef:bd:80:75:53:94:3c:
+                    3d:ca:63:5b:9f:15:b5:d3:1d:13:2f:19:d1:3c:db:
+                    76:3a:cc:b8:7d:c9:e5:c2:d7:da:40:6f:d8:21:dc:
+                    73:1b:42:2d:53:9c:fe:1a:fc:7d:ab:7a:36:3f:98:
+                    de:84:7c:05:67:ce:6a:14:38:87:a9:f1:8c:b5:68:
+                    cb:68:7f:71:20:2b:f5:a0:63:f5:56:2f:a3:26:d2:
+                    b7:6f:b1:5a:17:d7:38:99:08:fe:93:58:6f:fe:c3:
+                    13:49:08:16:0b:a7:4d:67:00:52:31:67:23:4e:98:
+                    ed:51:45:1d:b9:04:d9:0b:ec:d8:28:b3:4b:bd:ed:
+                    36:79
+                Exponent: 65537 (0x10001)
+        X509v3 extensions:
+            X509v3 Subject Key Identifier: 
+                27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
+            X509v3 Authority Key Identifier: 
+                keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
+                DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
+                serial:FA:7D:38:9A:73:FB:12:19
+
+            X509v3 Basic Constraints: 
+                CA:TRUE
+    Signature Algorithm: sha1WithRSAEncryption
+         2c:02:0c:de:b2:46:a1:d8:59:0f:08:69:ad:d2:52:2e:ee:55:
+         78:bd:bb:71:d2:d7:b7:fe:7b:0f:8a:bc:6a:25:fd:d4:6d:1d:
+         ab:00:e2:9d:d6:98:21:11:a4:41:e0:0d:4b:a4:38:7f:2e:0c:
+         d6:80:dc:30:d7:cf:19:1b:43:2f:e7:b3:99:74:9c:b4:01:69:
+         b1:c3:9b:9f:4a:89:2f:60:38:cb:7c:a1:78:93:38:5c:a8:ca:
+         46:0d:23:2d:99:a3:cf:0a:49:38:eb:07:06:57:cd:4a:55:35:
+         04:08:36:30:ca:75:69:4b:9a:84:08:c9:23:78:a9:f0:80:ce:
+         8a:25:bb:31:07:0e:11:e6:4a:95:8c:53:df:85:d9:48:45:cb:
+         5a:ef:de:92:c2:88:0e:da:ff:31:6b:4e:52:53:5f:f3:a8:3a:
+         42:f8:e1:0d:0a:c0:84:af:ec:21:b3:a7:98:b0:c8:6b:77:04:
+         ef:f5:06:a5:51:3b:20:6f:bf:55:80:8c:cf:d4:78:ee:a2:d9:
+         e3:52:34:9a:17:3d:87:10:4d:23:21:38:9b:35:f7:18:ac:34:
+         bd:18:ae:a4:e2:32:2f:5d:a4:41:4c:bc:aa:88:b7:9e:45:14:
+         92:e9:e8:ee:fc:1d:28:f5:59:fd:de:bd:3d:73:dd:b4:9f:2e:
+         77:c0:75:41
+-----BEGIN CERTIFICATE-----
+MIIEqjCCA5KgAwIBAgIJAPp9OJpz+xIZMA0GCSqGSIb3DQEBBQUAMIGUMQswCQYD
+VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8G
+A1UECgwIU2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3
+dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTAe
+Fw0xNTAyMDUwNjMzMzBaFw0xNzExMDEwNjMzMzBaMIGUMQswCQYDVQQGEwJVUzEQ
+MA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwIU2F3
+dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xmc3Ns
+LmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTCCASIwDQYJKoZI
+hvcNAQEBBQADggEPADCCAQoCggEBAL8Myi0Ush6EQlvNOB9K8k11EPG2NZ/fyn0D
+mNOs3gNm7irx2LB9bgdUCxCYIU2AyxIg58xP3kV9yXJ3MurKkLtpUhADL6jzlcXx
+i2JWG+9nb6QQQZWtCpvjpcCw0nB2UDBbqOgILHztp6J6jTgpHKzH7fJ8lbCVgn1J
+XDjNdyXvvYB1U5Q8PcpjW58VtdMdEy8Z0TzbdjrMuH3J5cLX2kBv2CHccxtCLVOc
+/hr8fat6Nj+Y3oR8BWfOahQ4h6nxjLVoy2h/cSAr9aBj9VYvoybSt2+xWhfXOJkI
+/pNYb/7DE0kIFgunTWcAUjFnI06Y7VFFHbkE2Qvs2CizS73tNnkCAwEAAaOB/DCB
++TAdBgNVHQ4EFgQUJ45nEXTDJh0/7TNjs6TYHTDl6NUwgckGA1UdIwSBwTCBvoAU
+J45nEXTDJh0/7TNjs6TYHTDl6NWhgZqkgZcwgZQxCzAJBgNVBAYTAlVTMRAwDgYD
+VQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQKDAhTYXd0b290
+aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29t
+MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tggkA+n04mnP7EhkwDAYD
+VR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEALAIM3rJGodhZDwhprdJSLu5V
+eL27cdLXt/57D4q8aiX91G0dqwDindaYIRGkQeANS6Q4fy4M1oDcMNfPGRtDL+ez
+mXSctAFpscObn0qJL2A4y3yheJM4XKjKRg0jLZmjzwpJOOsHBlfNSlU1BAg2MMp1
+aUuahAjJI3ip8IDOiiW7MQcOEeZKlYxT34XZSEXLWu/eksKIDtr/MWtOUlNf86g6
+QvjhDQrAhK/sIbOnmLDIa3cE7/UGpVE7IG+/VYCMz9R47qLZ41I0mhc9hxBNIyE4
+mzX3GKw0vRiupOIyL12kQUy8qoi3nkUUkuno7vwdKPVZ/d69PXPdtJ8ud8B1QQ==
+-----END CERTIFICATE-----
diff --git a/3P/wolfssl/certs/server-ecc-comp.pem b/3P/wolfssl/certs/server-ecc-comp.pem
new file mode 100644
index 00000000..a0012646
--- /dev/null
+++ b/3P/wolfssl/certs/server-ecc-comp.pem
@@ -0,0 +1,51 @@
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number: 16258826233447050485 (0xe1a2f450fd69ecf5)
+    Signature Algorithm: ecdsa-with-SHA1
+        Issuer: C=US, ST=Montana, L=Bozeman, O=wolfSSL, OU=Programming, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
+        Validity
+            Not Before: Feb  5 06:33:30 2015 GMT
+            Not After : Nov  1 06:33:30 2017 GMT
+        Subject: C=US, ST=Montana, L=Bozeman, O=wolfSSL, OU=Programming, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
+        Subject Public Key Info:
+            Public Key Algorithm: id-ecPublicKey
+                Public-Key: (256 bit)
+                pub: 
+                    02:bb:33:ac:4c:27:50:4a:c6:4a:a5:04:c3:3c:de:
+                    9f:36:db:72:2d:ce:94:ea:2b:fa:cb:20:09:39:2c:
+                    16:e8:61
+                ASN1 OID: prime256v1
+        X509v3 extensions:
+            X509v3 Subject Key Identifier: 
+                8C:38:3A:6B:B8:24:B7:DF:6E:F4:59:AC:56:4E:AA:E2:58:A6:5A:18
+            X509v3 Authority Key Identifier: 
+                keyid:8C:38:3A:6B:B8:24:B7:DF:6E:F4:59:AC:56:4E:AA:E2:58:A6:5A:18
+                DirName:/C=US/ST=Montana/L=Bozeman/O=wolfSSL/OU=Programming/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
+                serial:E1:A2:F4:50:FD:69:EC:F5
+
+            X509v3 Basic Constraints: 
+                CA:TRUE
+    Signature Algorithm: ecdsa-with-SHA1
+         30:44:02:20:72:05:71:ab:5b:4b:64:03:ff:77:0e:f7:a7:8b:
+         70:85:52:5a:45:a7:85:90:3d:54:a4:49:23:98:23:2c:f6:db:
+         02:20:76:f5:ad:98:20:b7:00:e2:b9:a2:97:5e:cd:18:16:90:
+         a7:cc:e5:eb:34:60:83:01:49:0a:0e:e7:62:ef:85:ca
+-----BEGIN CERTIFICATE-----
+MIIC+zCCAqOgAwIBAgIJAOGi9FD9aez1MAkGByqGSM49BAEwgZQxCzAJBgNVBAYT
+AlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRAwDgYDVQQK
+DAd3b2xmU1NMMRQwEgYDVQQLDAtQcm9ncmFtbWluZzEYMBYGA1UEAwwPd3d3Lndv
+bGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTE1
+MDIwNTA2MzMzMFoXDTE3MTEwMTA2MzMzMFowgZQxCzAJBgNVBAYTAlVTMRAwDgYD
+VQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRAwDgYDVQQKDAd3b2xmU1NM
+MRQwEgYDVQQLDAtQcm9ncmFtbWluZzEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29t
+MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMDkwEwYHKoZIzj0CAQYI
+KoZIzj0DAQcDIgACuzOsTCdQSsZKpQTDPN6fNttyLc6U6iv6yyAJOSwW6GGjgfww
+gfkwHQYDVR0OBBYEFIw4Omu4JLffbvRZrFZOquJYploYMIHJBgNVHSMEgcEwgb6A
+FIw4Omu4JLffbvRZrFZOquJYploYoYGapIGXMIGUMQswCQYDVQQGEwJVUzEQMA4G
+A1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEQMA4GA1UECgwHd29sZlNT
+TDEUMBIGA1UECwwLUHJvZ3JhbW1pbmcxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNv
+bTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIJAOGi9FD9aez1MAwG
+A1UdEwQFMAMBAf8wCQYHKoZIzj0EAQNHADBEAiByBXGrW0tkA/93Dveni3CFUlpF
+p4WQPVSkSSOYIyz22wIgdvWtmCC3AOK5opdezRgWkKfM5es0YIMBSQoO52Lvhco=
+-----END CERTIFICATE-----
diff --git a/3P/wolfssl/certs/server-ecc-rsa.pem b/3P/wolfssl/certs/server-ecc-rsa.pem
new file mode 100644
index 00000000..c3496213
--- /dev/null
+++ b/3P/wolfssl/certs/server-ecc-rsa.pem
@@ -0,0 +1,69 @@
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number: 1 (0x1)
+    Signature Algorithm: sha1WithRSAEncryption
+        Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
+        Validity
+            Not Before: Feb  5 06:33:30 2015 GMT
+            Not After : Nov  1 06:33:30 2017 GMT
+        Subject: C=US, ST=Montana, L=Bozeman, O=Elliptic - RSAsig, OU=ECC-RSAsig, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
+        Subject Public Key Info:
+            Public Key Algorithm: id-ecPublicKey
+                Public-Key: (256 bit)
+                pub: 
+                    04:bb:33:ac:4c:27:50:4a:c6:4a:a5:04:c3:3c:de:
+                    9f:36:db:72:2d:ce:94:ea:2b:fa:cb:20:09:39:2c:
+                    16:e8:61:02:e9:af:4d:d3:02:93:9a:31:5b:97:92:
+                    21:7f:f0:cf:18:da:91:11:02:34:86:e8:20:58:33:
+                    0b:80:34:89:d8
+                ASN1 OID: prime256v1
+        X509v3 extensions:
+            X509v3 Subject Key Identifier: 
+                5D:5D:26:EF:AC:7E:36:F9:9B:76:15:2B:4A:25:02:23:EF:B2:89:30
+            X509v3 Authority Key Identifier: 
+                keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
+                DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
+                serial:FA:7D:38:9A:73:FB:12:19
+
+            X509v3 Basic Constraints: 
+                CA:TRUE
+    Signature Algorithm: sha1WithRSAEncryption
+         18:f4:db:2f:82:5d:c3:07:31:1f:e6:af:4e:ea:dd:00:37:8c:
+         79:2f:33:37:0c:c9:fc:78:ad:77:31:24:32:09:0b:e6:43:d5:
+         94:c1:b3:d9:a7:09:14:4e:fa:5f:19:52:97:eb:b2:4c:7d:c0:
+         08:d1:2e:ea:74:11:ee:a8:e7:bc:82:a4:18:b1:44:e8:5e:a8:
+         1f:b9:10:d2:74:09:a7:2d:fc:42:88:3e:ff:79:ef:93:4f:7e:
+         5e:d8:5c:2e:07:13:4a:1b:fc:fd:31:70:e3:ab:b5:8a:6e:bb:
+         cf:03:e3:60:3e:89:7f:40:09:a4:41:ad:57:58:5a:15:0f:a9:
+         ae:d0:58:06:de:44:6b:fd:fb:d1:52:42:9b:29:3c:2a:98:f6:
+         e9:bc:c1:a5:05:38:a0:42:aa:63:b0:de:97:22:ab:99:0e:30:
+         4d:d0:bc:34:5d:dc:81:ff:0b:e9:33:3e:91:ad:d9:96:90:76:
+         65:37:35:fb:b5:85:01:b2:b6:70:fe:a8:6e:00:cb:4b:d6:83:
+         42:6c:96:88:28:d4:26:e9:09:82:d6:d3:67:65:2d:c2:8e:c7:
+         dc:d5:3b:39:7b:d2:f5:9b:85:25:a6:f2:16:d1:05:31:27:fb:
+         6b:20:c4:ae:b9:85:46:bb:e3:06:89:96:c8:95:bd:34:5d:dc:
+         b1:16:bc:77
+-----BEGIN CERTIFICATE-----
+MIID4DCCAsigAwIBAgIBATANBgkqhkiG9w0BAQUFADCBlDELMAkGA1UEBhMCVVMx
+EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh
+d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz
+bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTUwMjA1
+MDYzMzMwWhcNMTcxMTAxMDYzMzMwWjCBnTELMAkGA1UEBhMCVVMxEDAOBgNVBAgM
+B01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xGjAYBgNVBAoMEUVsbGlwdGljIC0g
+UlNBc2lnMRMwEQYDVQQLDApFQ0MtUlNBc2lnMRgwFgYDVQQDDA93d3cud29sZnNz
+bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wWTATBgcqhkjO
+PQIBBggqhkjOPQMBBwNCAAS7M6xMJ1BKxkqlBMM83p8223ItzpTqK/rLIAk5LBbo
+YQLpr03TApOaMVuXkiF/8M8Y2pERAjSG6CBYMwuANInYo4H8MIH5MB0GA1UdDgQW
+BBRdXSbvrH42+Zt2FStKJQIj77KJMDCByQYDVR0jBIHBMIG+gBQnjmcRdMMmHT/t
+M2OzpNgdMOXo1aGBmqSBlzCBlDELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRh
+bmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNhd3Rvb3RoMRMwEQYDVQQL
+DApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG
+9w0BCQEWEGluZm9Ad29sZnNzbC5jb22CCQD6fTiac/sSGTAMBgNVHRMEBTADAQH/
+MA0GCSqGSIb3DQEBBQUAA4IBAQAY9Nsvgl3DBzEf5q9O6t0AN4x5LzM3DMn8eK13
+MSQyCQvmQ9WUwbPZpwkUTvpfGVKX67JMfcAI0S7qdBHuqOe8gqQYsUToXqgfuRDS
+dAmnLfxCiD7/ee+TT35e2FwuBxNKG/z9MXDjq7WKbrvPA+NgPol/QAmkQa1XWFoV
+D6mu0FgG3kRr/fvRUkKbKTwqmPbpvMGlBTigQqpjsN6XIquZDjBN0Lw0XdyB/wvp
+Mz6RrdmWkHZlNzX7tYUBsrZw/qhuAMtL1oNCbJaIKNQm6QmC1tNnZS3Cjsfc1Ts5
+e9L1m4UlpvIW0QUxJ/trIMSuuYVGu+MGiZbIlb00XdyxFrx3
+-----END CERTIFICATE-----
diff --git a/3P/wolfssl/certs/server-ecc.pem b/3P/wolfssl/certs/server-ecc.pem
new file mode 100644
index 00000000..26beb0be
--- /dev/null
+++ b/3P/wolfssl/certs/server-ecc.pem
@@ -0,0 +1,54 @@
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number: 9356926451288716285 (0x81da7b08468533fd)
+    Signature Algorithm: ecdsa-with-SHA1
+        Issuer: C=US, ST=Montana, L=Bozeman, O=wolfSSL, OU=Programming, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
+        Validity
+            Not Before: Feb  5 06:33:30 2015 GMT
+            Not After : Nov  1 06:33:30 2017 GMT
+        Subject: C=US, ST=Montana, L=Bozeman, O=wolfSSL, OU=Programming, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
+        Subject Public Key Info:
+            Public Key Algorithm: id-ecPublicKey
+                Public-Key: (256 bit)
+                pub: 
+                    04:bb:33:ac:4c:27:50:4a:c6:4a:a5:04:c3:3c:de:
+                    9f:36:db:72:2d:ce:94:ea:2b:fa:cb:20:09:39:2c:
+                    16:e8:61:02:e9:af:4d:d3:02:93:9a:31:5b:97:92:
+                    21:7f:f0:cf:18:da:91:11:02:34:86:e8:20:58:33:
+                    0b:80:34:89:d8
+                ASN1 OID: prime256v1
+        X509v3 extensions:
+            X509v3 Subject Key Identifier: 
+                5D:5D:26:EF:AC:7E:36:F9:9B:76:15:2B:4A:25:02:23:EF:B2:89:30
+            X509v3 Authority Key Identifier: 
+                keyid:5D:5D:26:EF:AC:7E:36:F9:9B:76:15:2B:4A:25:02:23:EF:B2:89:30
+                DirName:/C=US/ST=Montana/L=Bozeman/O=wolfSSL/OU=Programming/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
+                serial:81:DA:7B:08:46:85:33:FD
+
+            X509v3 Basic Constraints: 
+                CA:TRUE
+    Signature Algorithm: ecdsa-with-SHA1
+         30:45:02:21:00:a0:70:22:57:ad:97:06:b5:9b:fa:5a:1c:b2:
+         77:ed:54:09:7d:9a:5c:ca:02:56:d7:32:1d:41:e6:d5:5a:09:
+         29:02:20:4e:95:75:27:3d:3c:93:ba:97:3f:f4:2d:35:3e:c8:
+         57:75:e1:81:3d:5e:09:bf:86:a2:8b:ef:0b:d1:77:4f:b5
+-----BEGIN CERTIFICATE-----
+MIIDHDCCAsOgAwIBAgIJAIHaewhGhTP9MAkGByqGSM49BAEwgZQxCzAJBgNVBAYT
+AlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRAwDgYDVQQK
+DAd3b2xmU1NMMRQwEgYDVQQLDAtQcm9ncmFtbWluZzEYMBYGA1UEAwwPd3d3Lndv
+bGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTE1
+MDIwNTA2MzMzMFoXDTE3MTEwMTA2MzMzMFowgZQxCzAJBgNVBAYTAlVTMRAwDgYD
+VQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRAwDgYDVQQKDAd3b2xmU1NM
+MRQwEgYDVQQLDAtQcm9ncmFtbWluZzEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29t
+MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMFkwEwYHKoZIzj0CAQYI
+KoZIzj0DAQcDQgAEuzOsTCdQSsZKpQTDPN6fNttyLc6U6iv6yyAJOSwW6GEC6a9N
+0wKTmjFbl5Ihf/DPGNqREQI0huggWDMLgDSJ2KOB/DCB+TAdBgNVHQ4EFgQUXV0m
+76x+NvmbdhUrSiUCI++yiTAwgckGA1UdIwSBwTCBvoAUXV0m76x+NvmbdhUrSiUC
+I++yiTChgZqkgZcwgZQxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAw
+DgYDVQQHDAdCb3plbWFuMRAwDgYDVQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtQcm9n
+cmFtbWluZzEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkB
+FhBpbmZvQHdvbGZzc2wuY29tggkAgdp7CEaFM/0wDAYDVR0TBAUwAwEB/zAJBgcq
+hkjOPQQBA0gAMEUCIQCgcCJXrZcGtZv6Whyyd+1UCX2aXMoCVtcyHUHm1VoJKQIg
+TpV1Jz08k7qXP/QtNT7IV3XhgT1eCb+GoovvC9F3T7U=
+-----END CERTIFICATE-----
diff --git a/3P/wolfssl/certs/server-key.der b/3P/wolfssl/certs/server-key.der
new file mode 100644
index 0000000000000000000000000000000000000000..868f0543c9d09c857365dd50b3c21740eb8ca9f9
GIT binary patch
literal 1193
zcmV;a1XlYnf&`@k0RRGm0RaHOl?dTiLGp2Jx6(yHCjn)~MXvI^Brv#@&M!{Z_8f@3
ze4qQMXMg@&oKbc6ipmG)H7}3hy?ekfe5+)r7yQayd%EBu<#H}>E{52ZbK0yMQ@LM1
z*BK2ZPvK)@QHu*?KdnQ!r5s!|v#tQ3W5xD=3t4D*bEb?KsRC`U!x;fCxDeyU%s{kh
zqee4nhi=5X7pC**-K}%HdoLli{bo@Ny;QT|ZC@O`BXiLS1Bn#U5V>T-D$t>pO1$CJ
z8e7Mpz`%`&aVS~lemfzXXPp#Ji0|5X50)hbn0GiM=4^maR8}MYxnp*`6TdK?D<3DaPA_eo%`tNj7f#P3u)4l&OgGF`vV|te^*0veOk|yLR
z22fBAcrK}U4HTEO64)_7tDylw!Z7#;Ul!zHchX?;pN;7By6a=!Dwl!pOl;;=G*K%k
zH1ty(#8?VHyRWtPN`*r$Jn>jqfdYYn0P-wUb~z(s$q+KPldZ458FiL{WahQFi9$iq
zZO|MW_#3Qg%Qie@ecbdJxWizvS4dw{Pgy!ue=@)sLr_1i&Tkj<4xd2EPOTL?$$9C(
zSvYfWoCmSK~EnCLK7oQ%lh;bq}BJHHhf#3s64@iUv$zr
zE&tGj-}|#5dM=w6uI9Q6u3uB6QtcbWkph8%0PL9ByVd^rQc8USRY`AEZc;CVqbsw9
zVzX4zV^Z4Vh<2dwixs8Q7!-1MUdN*ZAD$UvwHq6r!}7H<`Aos8>kKA+)L%+bT%<(?
za73q8z|GP!;=h5Fk}*MtIT}L?7^PDmIT~LdL%fG--)_?)0RAGFa84Q-
zDFT6k0E$6YC{dnY)Se4Fn4?tkY*y5&>1i{CBn;Zr3@yaJPXcK;eAMRLOzqbe5yL(J
z=fftzQ3Bq(b)0WjoO<()@6U?GE7IBqYDCF%{%)Cv_*=g5eCB1fPi*kX#s3z{iyIf>
zSUsXQs{y>fK+aQ)j_vR6S)Jfx=6qiDj!W@7!2*GRO-1=YjKy2@DjJHk@*J#d=?qpj
zw@z}F)#ZxP;{WmS7!y5)3AosHr^y^~Qj{=5;PH5L{b3tS3C!kbDsinG-$T4s+ohzw
zHE^U}&rkdSRhc?HBhP1A^&oqP$zWt6EvR|mb88V^u+ymx(njZ{&sjv client-key.pem
+
+2) openssl req -new -x509 -nodes -sha1 -days 1000 -key client-key.pem > client-cert.pem
+
+3) note md5 would be -md5
+
+-- adding metadata to beginning
+
+3) openssl x509 -in client-cert.pem -text > tmp.pem
+
+4) mv tmp.pem client-cert.pem
+
+
+***** Create a CA, signing authority **********
+
+same as self signed, use ca prefix instead of client
+
+
+***** Create a cert signed by CA **************
+
+1) openssl req -newkey rsa:1024 -sha1 -days 1000 -nodes -keyout server-key.pem > server-req.pem
+
+* note if using exisitng key do: -new -key keyName
+
+2) copy ca-key.pem ca-cert.srl   (why ????)
+
+3) openssl x509 -req -in server-req.pem -days 1000 -sha1 -CA ca-cert.pem -CAkey ca-key.pem -set_serial 01 > server-cert.pem
+
+
+***** Adding Subject Key ID and Authentication Key ID extensions to a cert *****
+
+Create a config file for OpenSSL with the example contents:
+
+    [skidakid]
+    subjectKeyIdentifier=hash
+    authorityKeyIdentifier=keyid
+
+Add to the openssl command for creating a cert signed by a CA step 3 the
+following options:
+
+    -extfile  -extensions skidakid
+
+anywhere before the redirect. This will add the cert's public key hash as the
+Subject Key Identifier, and the signer's SKID as the Authentication Key ID.
+
+
+***** To create a dsa cert ********************
+
+1) openssl dsaparam 512 > dsa512.param       # creates group params
+
+2) openssl gendsa dsa512.param > dsa512.pem  # creates private key
+
+3) openssl req -new -x509 -nodes -days 1000 -key dsa512.pem > dsa-cert.pem 
+
+
+
+
+***** To convert from PEM to DER **************
+
+a) openssl x509 -in cert.pem -inform PEM -out cert.der -outform DER
+
+to convert rsa private PEM to DER :
+
+b) openssl rsa -in key.pem -outform DER -out key.der
+
+
+**** To encrypt rsa key already in pem **********
+
+a) openssl rsa server-keyEnc.pem
+
+note location of des, pass = yassl123
+
+
+*** To make a public key from a private key ******
+
+
+openssl rsa -in 1024rsa.priv -pubout -out 1024rsa.pub
+
+
+**** To convert to pkcs8 *******
+
+openssl pkcs8 -nocrypt -topk8 -in server-key.pem -out server-keyPkcs8.pem
+
+
+**** To convert to pkcs8 encrypted *******
+
+openssl pkcs8 -topk8 -in server-key.pem -out server-keyPkcs8Enc.pem
+
+passwd: yassl123
+
+to use PKCS#5 v2 instead of v1.5 which is default add
+
+-v2 des3       # file Pkcs8Enc2
+
+to use PKCS#12 instead use -v1 witch a 12 algo like
+
+-v1 PBE-SHA1-RC4-128   # file Pkcs8Enc12 , see man pkcs8 for more info
+
+
+**** To convert from pkcs8 to traditional ****
+
+openssl pkcs8 -nocrypt -in server-keyPkcs8.pem -out server-key.pem
+
+
+*** DH paramters ***
+
+openssl dhparam 2048 > dh2048.param
+
+to add metadata
+
+openssl dhparam -in dh2048.param -text > dh2048.pem
+
+**** ECC ******
+
+1) make a key
+
+    to see types available do
+        openssl ecparam -list_curves
+
+    make a new key
+        openssl ecparam -genkey -text -name secp256r1 -out ecc-key.pem
+
+    convert to compressed
+        openssl ec -in ecc-key.pem -conv_form compressed -out ecc-key-comp.pem 
+
+*** CRL ***
+
+1) create a crl
+
+a) openssl ca -gencrl -crldays 120 -out crl.pem -keyfile ./ca-key.pem -cert ./ca-cert.pem
+
+Error No ./CA root/index.txt so:
+
+b) touch ./CA root/index.txt
+
+a) again
+
+Error No ./CA root/crlnumber so:
+
+c) touch ./CA root/crlnumber
+
+a) again
+
+Error unable to load CRL number
+
+d) add '01' to crlnumber file
+
+a) again
+
+2)  view crl file
+
+openssl crl -in crl.pem -text
+
+3) revoke
+
+openssl ca -revoke server-cert.pem -keyfile ./ca-key.pem -cert ./ca-cert.pem
+
+Then regenerate crl with a)
+
+4) verify
+
+openssl verify -CAfile ./ca-cert.pem  ./server-cert.pem
+
+OK
+
+Make file with both ca and crl
+
+cat ca-cert.pem crl.pem > ca-crl.pem
+
+openssl verify -CAfile ./ca-crl.pem -crl_check ./ca-cert.pem
+
+revoked
diff --git a/3P/wolfssl/config.h b/3P/wolfssl/config.h
new file mode 100644
index 00000000..00cf1556
--- /dev/null
+++ b/3P/wolfssl/config.h
@@ -0,0 +1,179 @@
+/* config.h.  Generated from config.in by configure.  */
+/* config.in.  Generated from configure.ac by autoheader.  */
+
+/* Define if building universal (internal helper macro) */
+/* #undef AC_APPLE_UNIVERSAL_BUILD */
+
+/* Define to 1 to enable debugging code. */
+#define DEBUG 0
+
+/* Define to 1 if you have the  header file. */
+#define HAVE_ARPA_INET_H 1
+
+/* Define to 1 if you have the  header file. */
+#define HAVE_DLFCN_H 1
+
+/* Define to 1 if you have the  header file. */
+#define HAVE_ERRNO_H 1
+
+/* Define to 1 if you have the  header file. */
+#define HAVE_FCNTL_H 1
+
+/* Define to 1 if you have the `getaddrinfo' function. */
+#define HAVE_GETADDRINFO 1
+
+/* Define to 1 if you have the `gethostbyname' function. */
+#define HAVE_GETHOSTBYNAME 1
+
+/* Define to 1 if you have the `gettimeofday' function. */
+#define HAVE_GETTIMEOFDAY 1
+
+/* Define to 1 if you have the `inet_ntoa' function. */
+#define HAVE_INET_NTOA 1
+
+/* Define to 1 if you have the  header file. */
+#define HAVE_INTTYPES_H 1
+
+/* Define to 1 if you have the `network' library (-lnetwork). */
+/* #undef HAVE_LIBNETWORK */
+
+/* Define to 1 if you have the `pthread' library (-lpthread). */
+/* #undef HAVE_LIBPTHREAD */
+
+/* Define to 1 if you have the  header file. */
+#define HAVE_LIMITS_H 1
+
+/* Define to 1 if you have the  header file. */
+#define HAVE_MEMORY_H 1
+
+/* Define to 1 if you have the `memset' function. */
+#define HAVE_MEMSET 1
+
+/* Define to 1 if you have the  header file. */
+#define HAVE_NETDB_H 1
+
+/* Define to 1 if you have the  header file. */
+#define HAVE_NETINET_IN_H 1
+
+/* Define to 1 if you have the  header file. */
+/* #undef HAVE_PCAP_PCAP_H */
+
+/* Define if you have POSIX threads libraries and header files. */
+#define HAVE_PTHREAD 1
+
+/* Have PTHREAD_PRIO_INHERIT. */
+#define HAVE_PTHREAD_PRIO_INHERIT 1
+
+/* Define to 1 if you have the `socket' function. */
+#define HAVE_SOCKET 1
+
+/* Define to 1 if you have the  header file. */
+#define HAVE_STDDEF_H 1
+
+/* Define to 1 if you have the  header file. */
+#define HAVE_STDINT_H 1
+
+/* Define to 1 if you have the  header file. */
+#define HAVE_STDLIB_H 1
+
+/* Define to 1 if you have the  header file. */
+#define HAVE_STRINGS_H 1
+
+/* Define to 1 if you have the  header file. */
+#define HAVE_STRING_H 1
+
+/* Define to 1 if you have the  header file. */
+#define HAVE_SYS_IOCTL_H 1
+
+/* Define to 1 if you have the  header file. */
+#define HAVE_SYS_SOCKET_H 1
+
+/* Define to 1 if you have the  header file. */
+#define HAVE_SYS_STAT_H 1
+
+/* Define to 1 if you have the  header file. */
+#define HAVE_SYS_TIME_H 1
+
+/* Define to 1 if you have the  header file. */
+#define HAVE_SYS_TYPES_H 1
+
+/* Define to 1 if you have the  header file. */
+#define HAVE_UNISTD_H 1
+
+/* Define to 1 or 0, depending whether the compiler supports simple visibility
+   declarations. */
+#define HAVE_VISIBILITY 1
+
+/* Define to 1 if the system has the type `__uint128_t'. */
+/* #undef HAVE___UINT128_T */
+
+/* Define to the sub-directory in which libtool stores uninstalled libraries.
+   */
+#define LT_OBJDIR ".libs/"
+
+/* Define to 1 if your C compiler doesn't accept -c and -o together. */
+/* #undef NO_MINUS_C_MINUS_O */
+
+/* Define to the address where bug reports for this package should be sent. */
+#define PACKAGE_BUGREPORT "https://github.com/wolfssl/wolfssl/issues"
+
+/* Define to the full name of this package. */
+#define PACKAGE_NAME "wolfssl"
+
+/* Define to the full name and version of this package. */
+#define PACKAGE_STRING "wolfssl 3.4.0"
+
+/* Define to the one symbol short name of this package. */
+#define PACKAGE_TARNAME "wolfssl"
+
+/* Define to the home page for this package. */
+#define PACKAGE_URL "http://www.wolfssl.com"
+
+/* Define to the version of this package. */
+#define PACKAGE_VERSION "3.4.0"
+
+/* Define to necessary symbol if this constant uses a non-standard name on
+   your system. */
+/* #undef PTHREAD_CREATE_JOINABLE */
+
+/* The size of `long', as computed by sizeof. */
+#define SIZEOF_LONG 4
+
+/* The size of `long long', as computed by sizeof. */
+#define SIZEOF_LONG_LONG 8
+
+/* Define to 1 if you have the ANSI C header files. */
+#define STDC_HEADERS 1
+
+/* If the compiler supports a TLS storage class define it to that here */
+#define TLS __thread
+
+/* Define if the code was built from VCS. */
+#define VCS_CHECKOUT 0
+
+/* VCS system */
+#define VCS_SYSTEM "none"
+
+/* Define WORDS_BIGENDIAN to 1 if your processor stores words with the most
+   significant byte first (like Motorola and SPARC, unlike Intel). */
+#if defined AC_APPLE_UNIVERSAL_BUILD
+# if defined __BIG_ENDIAN__
+#  define WORDS_BIGENDIAN 1
+# endif
+#else
+# ifndef WORDS_BIGENDIAN
+/* #  undef WORDS_BIGENDIAN */
+# endif
+#endif
+
+/* Define for Solaris 2.5.1 so the uint8_t typedef from ,
+   , or  is not used. If the typedef were allowed, the
+   #define below would cause a syntax error. */
+/* #undef _UINT8_T */
+
+/* Define to `unsigned int' if  does not define. */
+/* #undef size_t */
+
+/* Define to the type of an unsigned integer type of width exactly 8 bits if
+   such a type exists and the standard includes do not define it. */
+/* #undef uint8_t */
diff --git a/3P/wolfssl/config.in b/3P/wolfssl/config.in
new file mode 100644
index 00000000..e040f366
--- /dev/null
+++ b/3P/wolfssl/config.in
@@ -0,0 +1,178 @@
+/* config.in.  Generated from configure.ac by autoheader.  */
+
+/* Define if building universal (internal helper macro) */
+#undef AC_APPLE_UNIVERSAL_BUILD
+
+/* Define to 1 to enable debugging code. */
+#undef DEBUG
+
+/* Define to 1 if you have the  header file. */
+#undef HAVE_ARPA_INET_H
+
+/* Define to 1 if you have the  header file. */
+#undef HAVE_DLFCN_H
+
+/* Define to 1 if you have the  header file. */
+#undef HAVE_ERRNO_H
+
+/* Define to 1 if you have the  header file. */
+#undef HAVE_FCNTL_H
+
+/* Define to 1 if you have the `getaddrinfo' function. */
+#undef HAVE_GETADDRINFO
+
+/* Define to 1 if you have the `gethostbyname' function. */
+#undef HAVE_GETHOSTBYNAME
+
+/* Define to 1 if you have the `gettimeofday' function. */
+#undef HAVE_GETTIMEOFDAY
+
+/* Define to 1 if you have the `inet_ntoa' function. */
+#undef HAVE_INET_NTOA
+
+/* Define to 1 if you have the  header file. */
+#undef HAVE_INTTYPES_H
+
+/* Define to 1 if you have the `network' library (-lnetwork). */
+#undef HAVE_LIBNETWORK
+
+/* Define to 1 if you have the `pthread' library (-lpthread). */
+#undef HAVE_LIBPTHREAD
+
+/* Define to 1 if you have the  header file. */
+#undef HAVE_LIMITS_H
+
+/* Define to 1 if you have the  header file. */
+#undef HAVE_MEMORY_H
+
+/* Define to 1 if you have the `memset' function. */
+#undef HAVE_MEMSET
+
+/* Define to 1 if you have the  header file. */
+#undef HAVE_NETDB_H
+
+/* Define to 1 if you have the  header file. */
+#undef HAVE_NETINET_IN_H
+
+/* Define to 1 if you have the  header file. */
+#undef HAVE_PCAP_PCAP_H
+
+/* Define if you have POSIX threads libraries and header files. */
+#undef HAVE_PTHREAD
+
+/* Have PTHREAD_PRIO_INHERIT. */
+#undef HAVE_PTHREAD_PRIO_INHERIT
+
+/* Define to 1 if you have the `socket' function. */
+#undef HAVE_SOCKET
+
+/* Define to 1 if you have the  header file. */
+#undef HAVE_STDDEF_H
+
+/* Define to 1 if you have the  header file. */
+#undef HAVE_STDINT_H
+
+/* Define to 1 if you have the  header file. */
+#undef HAVE_STDLIB_H
+
+/* Define to 1 if you have the  header file. */
+#undef HAVE_STRINGS_H
+
+/* Define to 1 if you have the  header file. */
+#undef HAVE_STRING_H
+
+/* Define to 1 if you have the  header file. */
+#undef HAVE_SYS_IOCTL_H
+
+/* Define to 1 if you have the  header file. */
+#undef HAVE_SYS_SOCKET_H
+
+/* Define to 1 if you have the  header file. */
+#undef HAVE_SYS_STAT_H
+
+/* Define to 1 if you have the  header file. */
+#undef HAVE_SYS_TIME_H
+
+/* Define to 1 if you have the  header file. */
+#undef HAVE_SYS_TYPES_H
+
+/* Define to 1 if you have the  header file. */
+#undef HAVE_UNISTD_H
+
+/* Define to 1 or 0, depending whether the compiler supports simple visibility
+   declarations. */
+#undef HAVE_VISIBILITY
+
+/* Define to 1 if the system has the type `__uint128_t'. */
+#undef HAVE___UINT128_T
+
+/* Define to the sub-directory in which libtool stores uninstalled libraries.
+   */
+#undef LT_OBJDIR
+
+/* Define to 1 if your C compiler doesn't accept -c and -o together. */
+#undef NO_MINUS_C_MINUS_O
+
+/* Define to the address where bug reports for this package should be sent. */
+#undef PACKAGE_BUGREPORT
+
+/* Define to the full name of this package. */
+#undef PACKAGE_NAME
+
+/* Define to the full name and version of this package. */
+#undef PACKAGE_STRING
+
+/* Define to the one symbol short name of this package. */
+#undef PACKAGE_TARNAME
+
+/* Define to the home page for this package. */
+#undef PACKAGE_URL
+
+/* Define to the version of this package. */
+#undef PACKAGE_VERSION
+
+/* Define to necessary symbol if this constant uses a non-standard name on
+   your system. */
+#undef PTHREAD_CREATE_JOINABLE
+
+/* The size of `long', as computed by sizeof. */
+#undef SIZEOF_LONG
+
+/* The size of `long long', as computed by sizeof. */
+#undef SIZEOF_LONG_LONG
+
+/* Define to 1 if you have the ANSI C header files. */
+#undef STDC_HEADERS
+
+/* If the compiler supports a TLS storage class define it to that here */
+#undef TLS
+
+/* Define if the code was built from VCS. */
+#undef VCS_CHECKOUT
+
+/* VCS system */
+#undef VCS_SYSTEM
+
+/* Define WORDS_BIGENDIAN to 1 if your processor stores words with the most
+   significant byte first (like Motorola and SPARC, unlike Intel). */
+#if defined AC_APPLE_UNIVERSAL_BUILD
+# if defined __BIG_ENDIAN__
+#  define WORDS_BIGENDIAN 1
+# endif
+#else
+# ifndef WORDS_BIGENDIAN
+#  undef WORDS_BIGENDIAN
+# endif
+#endif
+
+/* Define for Solaris 2.5.1 so the uint8_t typedef from ,
+   , or  is not used. If the typedef were allowed, the
+   #define below would cause a syntax error. */
+#undef _UINT8_T
+
+/* Define to `unsigned int' if  does not define. */
+#undef size_t
+
+/* Define to the type of an unsigned integer type of width exactly 8 bits if
+   such a type exists and the standard includes do not define it. */
+#undef uint8_t
diff --git a/3P/wolfssl/configure b/3P/wolfssl/configure
new file mode 100755
index 00000000..7f8f0bf5
--- /dev/null
+++ b/3P/wolfssl/configure
@@ -0,0 +1,27668 @@
+#! /bin/sh
+# Guess values for system-dependent variables and create Makefiles.
+# Generated by GNU Autoconf 2.69 for wolfssl 3.4.0.
+#
+# Report bugs to .
+#
+#
+# Copyright (C) 1992-1996, 1998-2012 Free Software Foundation, Inc.
+#
+#
+# This configure script is free software; the Free Software Foundation
+# gives unlimited permission to copy, distribute and modify it.
+## -------------------- ##
+## M4sh Initialization. ##
+## -------------------- ##
+
+# Be more Bourne compatible
+DUALCASE=1; export DUALCASE # for MKS sh
+if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then :
+  emulate sh
+  NULLCMD=:
+  # Pre-4.2 versions of Zsh do word splitting on ${1+"$@"}, which
+  # is contrary to our usage.  Disable this feature.
+  alias -g '${1+"$@"}'='"$@"'
+  setopt NO_GLOB_SUBST
+else
+  case `(set -o) 2>/dev/null` in #(
+  *posix*) :
+    set -o posix ;; #(
+  *) :
+     ;;
+esac
+fi
+
+
+as_nl='
+'
+export as_nl
+# Printing a long string crashes Solaris 7 /usr/bin/printf.
+as_echo='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\'
+as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo
+as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo$as_echo
+# Prefer a ksh shell builtin over an external printf program on Solaris,
+# but without wasting forks for bash or zsh.
+if test -z "$BASH_VERSION$ZSH_VERSION" \
+    && (test "X`print -r -- $as_echo`" = "X$as_echo") 2>/dev/null; then
+  as_echo='print -r --'
+  as_echo_n='print -rn --'
+elif (test "X`printf %s $as_echo`" = "X$as_echo") 2>/dev/null; then
+  as_echo='printf %s\n'
+  as_echo_n='printf %s'
+else
+  if test "X`(/usr/ucb/echo -n -n $as_echo) 2>/dev/null`" = "X-n $as_echo"; then
+    as_echo_body='eval /usr/ucb/echo -n "$1$as_nl"'
+    as_echo_n='/usr/ucb/echo -n'
+  else
+    as_echo_body='eval expr "X$1" : "X\\(.*\\)"'
+    as_echo_n_body='eval
+      arg=$1;
+      case $arg in #(
+      *"$as_nl"*)
+	expr "X$arg" : "X\\(.*\\)$as_nl";
+	arg=`expr "X$arg" : ".*$as_nl\\(.*\\)"`;;
+      esac;
+      expr "X$arg" : "X\\(.*\\)" | tr -d "$as_nl"
+    '
+    export as_echo_n_body
+    as_echo_n='sh -c $as_echo_n_body as_echo'
+  fi
+  export as_echo_body
+  as_echo='sh -c $as_echo_body as_echo'
+fi
+
+# The user is always right.
+if test "${PATH_SEPARATOR+set}" != set; then
+  PATH_SEPARATOR=:
+  (PATH='/bin;/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 && {
+    (PATH='/bin:/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 ||
+      PATH_SEPARATOR=';'
+  }
+fi
+
+
+# IFS
+# We need space, tab and new line, in precisely that order.  Quoting is
+# there to prevent editors from complaining about space-tab.
+# (If _AS_PATH_WALK were called with IFS unset, it would disable word
+# splitting by setting IFS to empty value.)
+IFS=" ""	$as_nl"
+
+# Find who we are.  Look in the path if we contain no directory separator.
+as_myself=
+case $0 in #((
+  *[\\/]* ) as_myself=$0 ;;
+  *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    test -r "$as_dir/$0" && as_myself=$as_dir/$0 && break
+  done
+IFS=$as_save_IFS
+
+     ;;
+esac
+# We did not find ourselves, most probably we were run as `sh COMMAND'
+# in which case we are not to be found in the path.
+if test "x$as_myself" = x; then
+  as_myself=$0
+fi
+if test ! -f "$as_myself"; then
+  $as_echo "$as_myself: error: cannot find myself; rerun with an absolute file name" >&2
+  exit 1
+fi
+
+# Unset variables that we do not need and which cause bugs (e.g. in
+# pre-3.0 UWIN ksh).  But do not cause bugs in bash 2.01; the "|| exit 1"
+# suppresses any "Segmentation fault" message there.  '((' could
+# trigger a bug in pdksh 5.2.14.
+for as_var in BASH_ENV ENV MAIL MAILPATH
+do eval test x\${$as_var+set} = xset \
+  && ( (unset $as_var) || exit 1) >/dev/null 2>&1 && unset $as_var || :
+done
+PS1='$ '
+PS2='> '
+PS4='+ '
+
+# NLS nuisances.
+LC_ALL=C
+export LC_ALL
+LANGUAGE=C
+export LANGUAGE
+
+# CDPATH.
+(unset CDPATH) >/dev/null 2>&1 && unset CDPATH
+
+# Use a proper internal environment variable to ensure we don't fall
+  # into an infinite loop, continuously re-executing ourselves.
+  if test x"${_as_can_reexec}" != xno && test "x$CONFIG_SHELL" != x; then
+    _as_can_reexec=no; export _as_can_reexec;
+    # We cannot yet assume a decent shell, so we have to provide a
+# neutralization value for shells without unset; and this also
+# works around shells that cannot unset nonexistent variables.
+# Preserve -v and -x to the replacement shell.
+BASH_ENV=/dev/null
+ENV=/dev/null
+(unset BASH_ENV) >/dev/null 2>&1 && unset BASH_ENV ENV
+case $- in # ((((
+  *v*x* | *x*v* ) as_opts=-vx ;;
+  *v* ) as_opts=-v ;;
+  *x* ) as_opts=-x ;;
+  * ) as_opts= ;;
+esac
+exec $CONFIG_SHELL $as_opts "$as_myself" ${1+"$@"}
+# Admittedly, this is quite paranoid, since all the known shells bail
+# out after a failed `exec'.
+$as_echo "$0: could not re-execute with $CONFIG_SHELL" >&2
+as_fn_exit 255
+  fi
+  # We don't want this to propagate to other subprocesses.
+          { _as_can_reexec=; unset _as_can_reexec;}
+if test "x$CONFIG_SHELL" = x; then
+  as_bourne_compatible="if test -n \"\${ZSH_VERSION+set}\" && (emulate sh) >/dev/null 2>&1; then :
+  emulate sh
+  NULLCMD=:
+  # Pre-4.2 versions of Zsh do word splitting on \${1+\"\$@\"}, which
+  # is contrary to our usage.  Disable this feature.
+  alias -g '\${1+\"\$@\"}'='\"\$@\"'
+  setopt NO_GLOB_SUBST
+else
+  case \`(set -o) 2>/dev/null\` in #(
+  *posix*) :
+    set -o posix ;; #(
+  *) :
+     ;;
+esac
+fi
+"
+  as_required="as_fn_return () { (exit \$1); }
+as_fn_success () { as_fn_return 0; }
+as_fn_failure () { as_fn_return 1; }
+as_fn_ret_success () { return 0; }
+as_fn_ret_failure () { return 1; }
+
+exitcode=0
+as_fn_success || { exitcode=1; echo as_fn_success failed.; }
+as_fn_failure && { exitcode=1; echo as_fn_failure succeeded.; }
+as_fn_ret_success || { exitcode=1; echo as_fn_ret_success failed.; }
+as_fn_ret_failure && { exitcode=1; echo as_fn_ret_failure succeeded.; }
+if ( set x; as_fn_ret_success y && test x = \"\$1\" ); then :
+
+else
+  exitcode=1; echo positional parameters were not saved.
+fi
+test x\$exitcode = x0 || exit 1
+test -x / || exit 1"
+  as_suggested="  as_lineno_1=";as_suggested=$as_suggested$LINENO;as_suggested=$as_suggested" as_lineno_1a=\$LINENO
+  as_lineno_2=";as_suggested=$as_suggested$LINENO;as_suggested=$as_suggested" as_lineno_2a=\$LINENO
+  eval 'test \"x\$as_lineno_1'\$as_run'\" != \"x\$as_lineno_2'\$as_run'\" &&
+  test \"x\`expr \$as_lineno_1'\$as_run' + 1\`\" = \"x\$as_lineno_2'\$as_run'\"' || exit 1
+
+  test -n \"\${ZSH_VERSION+set}\${BASH_VERSION+set}\" || (
+    ECHO='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\'
+    ECHO=\$ECHO\$ECHO\$ECHO\$ECHO\$ECHO
+    ECHO=\$ECHO\$ECHO\$ECHO\$ECHO\$ECHO\$ECHO
+    PATH=/empty FPATH=/empty; export PATH FPATH
+    test \"X\`printf %s \$ECHO\`\" = \"X\$ECHO\" \\
+      || test \"X\`print -r -- \$ECHO\`\" = \"X\$ECHO\" ) || exit 1
+test \$(( 1 + 1 )) = 2 || exit 1"
+  if (eval "$as_required") 2>/dev/null; then :
+  as_have_required=yes
+else
+  as_have_required=no
+fi
+  if test x$as_have_required = xyes && (eval "$as_suggested") 2>/dev/null; then :
+
+else
+  as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+as_found=false
+for as_dir in /bin$PATH_SEPARATOR/usr/bin$PATH_SEPARATOR$PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+  as_found=:
+  case $as_dir in #(
+	 /*)
+	   for as_base in sh bash ksh sh5; do
+	     # Try only shells that exist, to save several forks.
+	     as_shell=$as_dir/$as_base
+	     if { test -f "$as_shell" || test -f "$as_shell.exe"; } &&
+		    { $as_echo "$as_bourne_compatible""$as_required" | as_run=a "$as_shell"; } 2>/dev/null; then :
+  CONFIG_SHELL=$as_shell as_have_required=yes
+		   if { $as_echo "$as_bourne_compatible""$as_suggested" | as_run=a "$as_shell"; } 2>/dev/null; then :
+  break 2
+fi
+fi
+	   done;;
+       esac
+  as_found=false
+done
+$as_found || { if { test -f "$SHELL" || test -f "$SHELL.exe"; } &&
+	      { $as_echo "$as_bourne_compatible""$as_required" | as_run=a "$SHELL"; } 2>/dev/null; then :
+  CONFIG_SHELL=$SHELL as_have_required=yes
+fi; }
+IFS=$as_save_IFS
+
+
+      if test "x$CONFIG_SHELL" != x; then :
+  export CONFIG_SHELL
+             # We cannot yet assume a decent shell, so we have to provide a
+# neutralization value for shells without unset; and this also
+# works around shells that cannot unset nonexistent variables.
+# Preserve -v and -x to the replacement shell.
+BASH_ENV=/dev/null
+ENV=/dev/null
+(unset BASH_ENV) >/dev/null 2>&1 && unset BASH_ENV ENV
+case $- in # ((((
+  *v*x* | *x*v* ) as_opts=-vx ;;
+  *v* ) as_opts=-v ;;
+  *x* ) as_opts=-x ;;
+  * ) as_opts= ;;
+esac
+exec $CONFIG_SHELL $as_opts "$as_myself" ${1+"$@"}
+# Admittedly, this is quite paranoid, since all the known shells bail
+# out after a failed `exec'.
+$as_echo "$0: could not re-execute with $CONFIG_SHELL" >&2
+exit 255
+fi
+
+    if test x$as_have_required = xno; then :
+  $as_echo "$0: This script requires a shell more modern than all"
+  $as_echo "$0: the shells that I found on your system."
+  if test x${ZSH_VERSION+set} = xset ; then
+    $as_echo "$0: In particular, zsh $ZSH_VERSION has bugs and should"
+    $as_echo "$0: be upgraded to zsh 4.3.4 or later."
+  else
+    $as_echo "$0: Please tell bug-autoconf@gnu.org and
+$0: https://github.com/wolfssl/wolfssl/issues about your
+$0: system, including any error possibly output before this
+$0: message. Then install a modern shell, or manually run
+$0: the script under such a shell if you do have one."
+  fi
+  exit 1
+fi
+fi
+fi
+SHELL=${CONFIG_SHELL-/bin/sh}
+export SHELL
+# Unset more variables known to interfere with behavior of common tools.
+CLICOLOR_FORCE= GREP_OPTIONS=
+unset CLICOLOR_FORCE GREP_OPTIONS
+
+## --------------------- ##
+## M4sh Shell Functions. ##
+## --------------------- ##
+# as_fn_unset VAR
+# ---------------
+# Portably unset VAR.
+as_fn_unset ()
+{
+  { eval $1=; unset $1;}
+}
+as_unset=as_fn_unset
+
+# as_fn_set_status STATUS
+# -----------------------
+# Set $? to STATUS, without forking.
+as_fn_set_status ()
+{
+  return $1
+} # as_fn_set_status
+
+# as_fn_exit STATUS
+# -----------------
+# Exit the shell with STATUS, even in a "trap 0" or "set -e" context.
+as_fn_exit ()
+{
+  set +e
+  as_fn_set_status $1
+  exit $1
+} # as_fn_exit
+
+# as_fn_mkdir_p
+# -------------
+# Create "$as_dir" as a directory, including parents if necessary.
+as_fn_mkdir_p ()
+{
+
+  case $as_dir in #(
+  -*) as_dir=./$as_dir;;
+  esac
+  test -d "$as_dir" || eval $as_mkdir_p || {
+    as_dirs=
+    while :; do
+      case $as_dir in #(
+      *\'*) as_qdir=`$as_echo "$as_dir" | sed "s/'/'\\\\\\\\''/g"`;; #'(
+      *) as_qdir=$as_dir;;
+      esac
+      as_dirs="'$as_qdir' $as_dirs"
+      as_dir=`$as_dirname -- "$as_dir" ||
+$as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
+	 X"$as_dir" : 'X\(//\)[^/]' \| \
+	 X"$as_dir" : 'X\(//\)$' \| \
+	 X"$as_dir" : 'X\(/\)' \| . 2>/dev/null ||
+$as_echo X"$as_dir" |
+    sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{
+	    s//\1/
+	    q
+	  }
+	  /^X\(\/\/\)[^/].*/{
+	    s//\1/
+	    q
+	  }
+	  /^X\(\/\/\)$/{
+	    s//\1/
+	    q
+	  }
+	  /^X\(\/\).*/{
+	    s//\1/
+	    q
+	  }
+	  s/.*/./; q'`
+      test -d "$as_dir" && break
+    done
+    test -z "$as_dirs" || eval "mkdir $as_dirs"
+  } || test -d "$as_dir" || as_fn_error $? "cannot create directory $as_dir"
+
+
+} # as_fn_mkdir_p
+
+# as_fn_executable_p FILE
+# -----------------------
+# Test if FILE is an executable regular file.
+as_fn_executable_p ()
+{
+  test -f "$1" && test -x "$1"
+} # as_fn_executable_p
+# as_fn_append VAR VALUE
+# ----------------------
+# Append the text in VALUE to the end of the definition contained in VAR. Take
+# advantage of any shell optimizations that allow amortized linear growth over
+# repeated appends, instead of the typical quadratic growth present in naive
+# implementations.
+if (eval "as_var=1; as_var+=2; test x\$as_var = x12") 2>/dev/null; then :
+  eval 'as_fn_append ()
+  {
+    eval $1+=\$2
+  }'
+else
+  as_fn_append ()
+  {
+    eval $1=\$$1\$2
+  }
+fi # as_fn_append
+
+# as_fn_arith ARG...
+# ------------------
+# Perform arithmetic evaluation on the ARGs, and store the result in the
+# global $as_val. Take advantage of shells that can avoid forks. The arguments
+# must be portable across $(()) and expr.
+if (eval "test \$(( 1 + 1 )) = 2") 2>/dev/null; then :
+  eval 'as_fn_arith ()
+  {
+    as_val=$(( $* ))
+  }'
+else
+  as_fn_arith ()
+  {
+    as_val=`expr "$@" || test $? -eq 1`
+  }
+fi # as_fn_arith
+
+
+# as_fn_error STATUS ERROR [LINENO LOG_FD]
+# ----------------------------------------
+# Output "`basename $0`: error: ERROR" to stderr. If LINENO and LOG_FD are
+# provided, also output the error to LOG_FD, referencing LINENO. Then exit the
+# script with STATUS, using 1 if that was 0.
+as_fn_error ()
+{
+  as_status=$1; test $as_status -eq 0 && as_status=1
+  if test "$4"; then
+    as_lineno=${as_lineno-"$3"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
+    $as_echo "$as_me:${as_lineno-$LINENO}: error: $2" >&$4
+  fi
+  $as_echo "$as_me: error: $2" >&2
+  as_fn_exit $as_status
+} # as_fn_error
+
+if expr a : '\(a\)' >/dev/null 2>&1 &&
+   test "X`expr 00001 : '.*\(...\)'`" = X001; then
+  as_expr=expr
+else
+  as_expr=false
+fi
+
+if (basename -- /) >/dev/null 2>&1 && test "X`basename -- / 2>&1`" = "X/"; then
+  as_basename=basename
+else
+  as_basename=false
+fi
+
+if (as_dir=`dirname -- /` && test "X$as_dir" = X/) >/dev/null 2>&1; then
+  as_dirname=dirname
+else
+  as_dirname=false
+fi
+
+as_me=`$as_basename -- "$0" ||
+$as_expr X/"$0" : '.*/\([^/][^/]*\)/*$' \| \
+	 X"$0" : 'X\(//\)$' \| \
+	 X"$0" : 'X\(/\)' \| . 2>/dev/null ||
+$as_echo X/"$0" |
+    sed '/^.*\/\([^/][^/]*\)\/*$/{
+	    s//\1/
+	    q
+	  }
+	  /^X\/\(\/\/\)$/{
+	    s//\1/
+	    q
+	  }
+	  /^X\/\(\/\).*/{
+	    s//\1/
+	    q
+	  }
+	  s/.*/./; q'`
+
+# Avoid depending upon Character Ranges.
+as_cr_letters='abcdefghijklmnopqrstuvwxyz'
+as_cr_LETTERS='ABCDEFGHIJKLMNOPQRSTUVWXYZ'
+as_cr_Letters=$as_cr_letters$as_cr_LETTERS
+as_cr_digits='0123456789'
+as_cr_alnum=$as_cr_Letters$as_cr_digits
+
+
+  as_lineno_1=$LINENO as_lineno_1a=$LINENO
+  as_lineno_2=$LINENO as_lineno_2a=$LINENO
+  eval 'test "x$as_lineno_1'$as_run'" != "x$as_lineno_2'$as_run'" &&
+  test "x`expr $as_lineno_1'$as_run' + 1`" = "x$as_lineno_2'$as_run'"' || {
+  # Blame Lee E. McMahon (1931-1989) for sed's syntax.  :-)
+  sed -n '
+    p
+    /[$]LINENO/=
+  ' <$as_myself |
+    sed '
+      s/[$]LINENO.*/&-/
+      t lineno
+      b
+      :lineno
+      N
+      :loop
+      s/[$]LINENO\([^'$as_cr_alnum'_].*\n\)\(.*\)/\2\1\2/
+      t loop
+      s/-\n.*//
+    ' >$as_me.lineno &&
+  chmod +x "$as_me.lineno" ||
+    { $as_echo "$as_me: error: cannot create $as_me.lineno; rerun with a POSIX shell" >&2; as_fn_exit 1; }
+
+  # If we had to re-execute with $CONFIG_SHELL, we're ensured to have
+  # already done that, so ensure we don't try to do so again and fall
+  # in an infinite loop.  This has already happened in practice.
+  _as_can_reexec=no; export _as_can_reexec
+  # Don't try to exec as it changes $[0], causing all sort of problems
+  # (the dirname of $[0] is not the place where we might find the
+  # original and so on.  Autoconf is especially sensitive to this).
+  . "./$as_me.lineno"
+  # Exit status is that of the last command.
+  exit
+}
+
+ECHO_C= ECHO_N= ECHO_T=
+case `echo -n x` in #(((((
+-n*)
+  case `echo 'xy\c'` in
+  *c*) ECHO_T='	';;	# ECHO_T is single tab character.
+  xy)  ECHO_C='\c';;
+  *)   echo `echo ksh88 bug on AIX 6.1` > /dev/null
+       ECHO_T='	';;
+  esac;;
+*)
+  ECHO_N='-n';;
+esac
+
+rm -f conf$$ conf$$.exe conf$$.file
+if test -d conf$$.dir; then
+  rm -f conf$$.dir/conf$$.file
+else
+  rm -f conf$$.dir
+  mkdir conf$$.dir 2>/dev/null
+fi
+if (echo >conf$$.file) 2>/dev/null; then
+  if ln -s conf$$.file conf$$ 2>/dev/null; then
+    as_ln_s='ln -s'
+    # ... but there are two gotchas:
+    # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail.
+    # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable.
+    # In both cases, we have to default to `cp -pR'.
+    ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe ||
+      as_ln_s='cp -pR'
+  elif ln conf$$.file conf$$ 2>/dev/null; then
+    as_ln_s=ln
+  else
+    as_ln_s='cp -pR'
+  fi
+else
+  as_ln_s='cp -pR'
+fi
+rm -f conf$$ conf$$.exe conf$$.dir/conf$$.file conf$$.file
+rmdir conf$$.dir 2>/dev/null
+
+if mkdir -p . 2>/dev/null; then
+  as_mkdir_p='mkdir -p "$as_dir"'
+else
+  test -d ./-p && rmdir ./-p
+  as_mkdir_p=false
+fi
+
+as_test_x='test -x'
+as_executable_p=as_fn_executable_p
+
+# Sed expression to map a string onto a valid CPP name.
+as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'"
+
+# Sed expression to map a string onto a valid variable name.
+as_tr_sh="eval sed 'y%*+%pp%;s%[^_$as_cr_alnum]%_%g'"
+
+SHELL=${CONFIG_SHELL-/bin/sh}
+
+
+test -n "$DJDIR" || exec 7<&0 &1
+
+# Name of the host.
+# hostname on some systems (SVR3.2, old GNU/Linux) returns a bogus exit status,
+# so uname gets run too.
+ac_hostname=`(hostname || uname -n) 2>/dev/null | sed 1q`
+
+#
+# Initializations.
+#
+ac_default_prefix=/usr/local
+ac_clean_files=
+ac_config_libobj_dir=.
+LIBOBJS=
+cross_compiling=no
+subdirs=
+MFLAGS=
+MAKEFLAGS=
+
+# Identity of this package.
+PACKAGE_NAME='wolfssl'
+PACKAGE_TARNAME='wolfssl'
+PACKAGE_VERSION='3.4.0'
+PACKAGE_STRING='wolfssl 3.4.0'
+PACKAGE_BUGREPORT='https://github.com/wolfssl/wolfssl/issues'
+PACKAGE_URL='http://www.wolfssl.com'
+
+# Factoring default headers for most tests.
+ac_includes_default="\
+#include 
+#ifdef HAVE_SYS_TYPES_H
+# include 
+#endif
+#ifdef HAVE_SYS_STAT_H
+# include 
+#endif
+#ifdef STDC_HEADERS
+# include 
+# include 
+#else
+# ifdef HAVE_STDLIB_H
+#  include 
+# endif
+#endif
+#ifdef HAVE_STRING_H
+# if !defined STDC_HEADERS && defined HAVE_MEMORY_H
+#  include 
+# endif
+# include 
+#endif
+#ifdef HAVE_STRINGS_H
+# include 
+#endif
+#ifdef HAVE_INTTYPES_H
+# include 
+#endif
+#ifdef HAVE_STDINT_H
+# include 
+#endif
+#ifdef HAVE_UNISTD_H
+# include 
+#endif"
+
+ac_subst_vars='am__EXEEXT_FALSE
+am__EXEEXT_TRUE
+LTLIBOBJS
+LIBOBJS
+INC_AMINCLUDE
+AMINCLUDE
+GENERIC_CONFIG
+AM_LDFLAGS
+AM_CFLAGS
+AM_CPPFLAGS
+HEX_VERSION
+IS_VCS_CHECKOUT_FALSE
+IS_VCS_CHECKOUT_TRUE
+BUILD_MCAPI_FALSE
+BUILD_MCAPI_TRUE
+BUILD_LIBZ_FALSE
+BUILD_LIBZ_TRUE
+BUILD_EXAMPLES_FALSE
+BUILD_EXAMPLES_TRUE
+BUILD_SLOWMATH_FALSE
+BUILD_SLOWMATH_TRUE
+BUILD_FASTMATH_FALSE
+BUILD_FASTMATH_TRUE
+BUILD_PWDBASED_FALSE
+BUILD_PWDBASED_TRUE
+USE_VALGRIND_FALSE
+USE_VALGRIND_TRUE
+HAVE_VALGRIND
+BUILD_PKCS7_FALSE
+BUILD_PKCS7_TRUE
+BUILD_NTRU_FALSE
+BUILD_NTRU_TRUE
+BUILD_CRL_MONITOR_FALSE
+BUILD_CRL_MONITOR_TRUE
+BUILD_CRL_FALSE
+BUILD_CRL_TRUE
+HAVE_OPENSSL_CMD
+BUILD_OCSP_FALSE
+BUILD_OCSP_TRUE
+BUILD_INLINE_FALSE
+BUILD_INLINE_TRUE
+BUILD_FIPS_FALSE
+BUILD_FIPS_TRUE
+BUILD_CHACHA_FALSE
+BUILD_CHACHA_TRUE
+BUILD_RABBIT_FALSE
+BUILD_RABBIT_TRUE
+BUILD_HC128_FALSE
+BUILD_HC128_TRUE
+BUILD_MD4_FALSE
+BUILD_MD4_TRUE
+BUILD_SHA_FALSE
+BUILD_SHA_TRUE
+BUILD_MD5_FALSE
+BUILD_MD5_TRUE
+BUILD_RC4_FALSE
+BUILD_RC4_TRUE
+BUILD_DES3_FALSE
+BUILD_DES3_TRUE
+BUILD_CODING_FALSE
+BUILD_CODING_TRUE
+BUILD_AES_FALSE
+BUILD_AES_TRUE
+BUILD_ASN_FALSE
+BUILD_ASN_TRUE
+BUILD_DH_FALSE
+BUILD_DH_TRUE
+BUILD_RSA_FALSE
+BUILD_RSA_TRUE
+BUILD_MEMORY_FALSE
+BUILD_MEMORY_TRUE
+BUILD_ECC25519_FALSE
+BUILD_ECC25519_TRUE
+BUILD_ECC_FALSE
+BUILD_ECC_TRUE
+BUILD_DSA_FALSE
+BUILD_DSA_TRUE
+BUILD_SHA512_FALSE
+BUILD_SHA512_TRUE
+BUILD_BLAKE2_FALSE
+BUILD_BLAKE2_TRUE
+BUILD_RIPEMD_FALSE
+BUILD_RIPEMD_TRUE
+BUILD_MD2_FALSE
+BUILD_MD2_TRUE
+BUILD_CAMELLIA_FALSE
+BUILD_CAMELLIA_TRUE
+BUILD_POLY1305_FALSE
+BUILD_POLY1305_TRUE
+BUILD_AESNI_FALSE
+BUILD_AESNI_TRUE
+BUILD_AESCCM_FALSE
+BUILD_AESCCM_TRUE
+BUILD_AESGCM_FALSE
+BUILD_AESGCM_TRUE
+BUILD_SNIFFTEST_FALSE
+BUILD_SNIFFTEST_TRUE
+BUILD_SNIFFER_FALSE
+BUILD_SNIFFER_TRUE
+BUILD_LEANPSK_FALSE
+BUILD_LEANPSK_TRUE
+PTHREAD_CFLAGS
+PTHREAD_LIBS
+PTHREAD_CC
+ax_pthread_config
+DEBUG_FALSE
+DEBUG_TRUE
+MCHECK
+LIBM
+am__fastdepCCAS_FALSE
+am__fastdepCCAS_TRUE
+CCASDEPMODE
+CCASFLAGS
+CCAS
+HAVE_VISIBILITY
+CFLAG_VISIBILITY
+CXXCPP
+am__fastdepCXX_FALSE
+am__fastdepCXX_TRUE
+CXXDEPMODE
+ac_ct_CXX
+CXXFLAGS
+CXX
+CPP
+OTOOL64
+OTOOL
+LIPO
+NMEDIT
+DSYMUTIL
+MANIFEST_TOOL
+RANLIB
+ac_ct_AR
+AR
+DLLTOOL
+OBJDUMP
+LN_S
+NM
+ac_ct_DUMPBIN
+DUMPBIN
+LD
+FGREP
+EGREP
+GREP
+SED
+am__fastdepCC_FALSE
+am__fastdepCC_TRUE
+CCDEPMODE
+am__nodep
+AMDEPBACKSLASH
+AMDEP_FALSE
+AMDEP_TRUE
+am__quote
+am__include
+DEPDIR
+OBJEXT
+EXEEXT
+ac_ct_CC
+CPPFLAGS
+LDFLAGS
+CFLAGS
+CC
+LIBTOOL
+WOLFSSL_LIBRARY_VERSION
+AM_BACKSLASH
+AM_DEFAULT_VERBOSITY
+AM_DEFAULT_V
+AM_V
+am__untar
+am__tar
+AMTAR
+am__leading_dot
+SET_MAKE
+AWK
+mkdir_p
+MKDIR_P
+INSTALL_STRIP_PROGRAM
+STRIP
+install_sh
+MAKEINFO
+AUTOHEADER
+AUTOMAKE
+AUTOCONF
+ACLOCAL
+VERSION
+PACKAGE
+CYGPATH_W
+am__isrc
+INSTALL_DATA
+INSTALL_SCRIPT
+INSTALL_PROGRAM
+host_os
+host_vendor
+host_cpu
+host
+build_os
+build_vendor
+build_cpu
+build
+target_alias
+host_alias
+build_alias
+LIBS
+ECHO_T
+ECHO_N
+ECHO_C
+DEFS
+mandir
+localedir
+libdir
+psdir
+pdfdir
+dvidir
+htmldir
+infodir
+docdir
+oldincludedir
+includedir
+localstatedir
+sharedstatedir
+sysconfdir
+datadir
+datarootdir
+libexecdir
+sbindir
+bindir
+program_transform_name
+prefix
+exec_prefix
+PACKAGE_URL
+PACKAGE_BUGREPORT
+PACKAGE_STRING
+PACKAGE_VERSION
+PACKAGE_TARNAME
+PACKAGE_NAME
+PATH_SEPARATOR
+SHELL'
+ac_subst_files=''
+ac_user_opts='
+enable_option_checking
+enable_silent_rules
+enable_static
+enable_shared
+with_pic
+enable_fast_install
+enable_dependency_tracking
+with_gnu_ld
+with_sysroot
+enable_libtool_lock
+enable_debug
+enable_singlethreaded
+enable_dtls
+enable_opensslextra
+enable_ipv6
+enable_fortress
+enable_bump
+enable_leanpsk
+enable_bigcache
+enable_hugecache
+enable_smallcache
+enable_savesession
+enable_savecert
+enable_atomicuser
+enable_pkcallbacks
+enable_sniffer
+enable_aesgcm
+enable_aesccm
+enable_aesni
+enable_poly1305
+enable_camellia
+enable_md2
+enable_nullcipher
+enable_ripemd
+enable_blake2
+enable_sha512
+enable_sessioncerts
+enable_keygen
+enable_certgen
+enable_certreq
+enable_sep
+enable_hkdf
+enable_dsa
+enable_ecc
+enable_ecc25519
+enable_fpecc
+enable_eccencrypt
+enable_psk
+enable_errorstrings
+enable_oldtls
+enable_stacksize
+enable_memory
+enable_rsa
+enable_dh
+enable_anon
+enable_asn
+enable_aes
+enable_coding
+enable_des3
+enable_arc4
+enable_md5
+enable_sha
+enable_md4
+enable_webserver
+enable_hc128
+enable_rabbit
+enable_chacha
+enable_fips
+enable_hashdrbg
+enable_filesystem
+enable_inline
+enable_ocsp
+enable_crl
+enable_crl_monitor
+with_ntru
+enable_sni
+enable_maxfragment
+enable_truncatedhmac
+enable_renegotiation_indication
+enable_secure_renegotiation
+enable_supportedcurves
+enable_session_ticket
+enable_tlsx
+enable_pkcs7
+enable_scep
+enable_smallstack
+enable_valgrind
+enable_testcert
+enable_iopool
+enable_certservice
+enable_pwdbased
+enable_fastmath
+enable_fasthugemath
+enable_examples
+with_libz
+with_cavium
+enable_mcapi
+enable_jobserver
+'
+      ac_precious_vars='build_alias
+host_alias
+target_alias
+CC
+CFLAGS
+LDFLAGS
+LIBS
+CPPFLAGS
+CPP
+CXX
+CXXFLAGS
+CCC
+CXXCPP
+CCAS
+CCASFLAGS'
+
+
+# Initialize some variables set by options.
+ac_init_help=
+ac_init_version=false
+ac_unrecognized_opts=
+ac_unrecognized_sep=
+# The variables have the same names as the options, with
+# dashes changed to underlines.
+cache_file=/dev/null
+exec_prefix=NONE
+no_create=
+no_recursion=
+prefix=NONE
+program_prefix=NONE
+program_suffix=NONE
+program_transform_name=s,x,x,
+silent=
+site=
+srcdir=
+verbose=
+x_includes=NONE
+x_libraries=NONE
+
+# Installation directory options.
+# These are left unexpanded so users can "make install exec_prefix=/foo"
+# and all the variables that are supposed to be based on exec_prefix
+# by default will actually change.
+# Use braces instead of parens because sh, perl, etc. also accept them.
+# (The list follows the same order as the GNU Coding Standards.)
+bindir='${exec_prefix}/bin'
+sbindir='${exec_prefix}/sbin'
+libexecdir='${exec_prefix}/libexec'
+datarootdir='${prefix}/share'
+datadir='${datarootdir}'
+sysconfdir='${prefix}/etc'
+sharedstatedir='${prefix}/com'
+localstatedir='${prefix}/var'
+includedir='${prefix}/include'
+oldincludedir='/usr/include'
+docdir='${datarootdir}/doc/${PACKAGE_TARNAME}'
+infodir='${datarootdir}/info'
+htmldir='${docdir}'
+dvidir='${docdir}'
+pdfdir='${docdir}'
+psdir='${docdir}'
+libdir='${exec_prefix}/lib'
+localedir='${datarootdir}/locale'
+mandir='${datarootdir}/man'
+
+ac_prev=
+ac_dashdash=
+for ac_option
+do
+  # If the previous option needs an argument, assign it.
+  if test -n "$ac_prev"; then
+    eval $ac_prev=\$ac_option
+    ac_prev=
+    continue
+  fi
+
+  case $ac_option in
+  *=?*) ac_optarg=`expr "X$ac_option" : '[^=]*=\(.*\)'` ;;
+  *=)   ac_optarg= ;;
+  *)    ac_optarg=yes ;;
+  esac
+
+  # Accept the important Cygnus configure options, so we can diagnose typos.
+
+  case $ac_dashdash$ac_option in
+  --)
+    ac_dashdash=yes ;;
+
+  -bindir | --bindir | --bindi | --bind | --bin | --bi)
+    ac_prev=bindir ;;
+  -bindir=* | --bindir=* | --bindi=* | --bind=* | --bin=* | --bi=*)
+    bindir=$ac_optarg ;;
+
+  -build | --build | --buil | --bui | --bu)
+    ac_prev=build_alias ;;
+  -build=* | --build=* | --buil=* | --bui=* | --bu=*)
+    build_alias=$ac_optarg ;;
+
+  -cache-file | --cache-file | --cache-fil | --cache-fi \
+  | --cache-f | --cache- | --cache | --cach | --cac | --ca | --c)
+    ac_prev=cache_file ;;
+  -cache-file=* | --cache-file=* | --cache-fil=* | --cache-fi=* \
+  | --cache-f=* | --cache-=* | --cache=* | --cach=* | --cac=* | --ca=* | --c=*)
+    cache_file=$ac_optarg ;;
+
+  --config-cache | -C)
+    cache_file=config.cache ;;
+
+  -datadir | --datadir | --datadi | --datad)
+    ac_prev=datadir ;;
+  -datadir=* | --datadir=* | --datadi=* | --datad=*)
+    datadir=$ac_optarg ;;
+
+  -datarootdir | --datarootdir | --datarootdi | --datarootd | --dataroot \
+  | --dataroo | --dataro | --datar)
+    ac_prev=datarootdir ;;
+  -datarootdir=* | --datarootdir=* | --datarootdi=* | --datarootd=* \
+  | --dataroot=* | --dataroo=* | --dataro=* | --datar=*)
+    datarootdir=$ac_optarg ;;
+
+  -disable-* | --disable-*)
+    ac_useropt=`expr "x$ac_option" : 'x-*disable-\(.*\)'`
+    # Reject names that are not valid shell variable names.
+    expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null &&
+      as_fn_error $? "invalid feature name: $ac_useropt"
+    ac_useropt_orig=$ac_useropt
+    ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'`
+    case $ac_user_opts in
+      *"
+"enable_$ac_useropt"
+"*) ;;
+      *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--disable-$ac_useropt_orig"
+	 ac_unrecognized_sep=', ';;
+    esac
+    eval enable_$ac_useropt=no ;;
+
+  -docdir | --docdir | --docdi | --doc | --do)
+    ac_prev=docdir ;;
+  -docdir=* | --docdir=* | --docdi=* | --doc=* | --do=*)
+    docdir=$ac_optarg ;;
+
+  -dvidir | --dvidir | --dvidi | --dvid | --dvi | --dv)
+    ac_prev=dvidir ;;
+  -dvidir=* | --dvidir=* | --dvidi=* | --dvid=* | --dvi=* | --dv=*)
+    dvidir=$ac_optarg ;;
+
+  -enable-* | --enable-*)
+    ac_useropt=`expr "x$ac_option" : 'x-*enable-\([^=]*\)'`
+    # Reject names that are not valid shell variable names.
+    expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null &&
+      as_fn_error $? "invalid feature name: $ac_useropt"
+    ac_useropt_orig=$ac_useropt
+    ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'`
+    case $ac_user_opts in
+      *"
+"enable_$ac_useropt"
+"*) ;;
+      *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--enable-$ac_useropt_orig"
+	 ac_unrecognized_sep=', ';;
+    esac
+    eval enable_$ac_useropt=\$ac_optarg ;;
+
+  -exec-prefix | --exec_prefix | --exec-prefix | --exec-prefi \
+  | --exec-pref | --exec-pre | --exec-pr | --exec-p | --exec- \
+  | --exec | --exe | --ex)
+    ac_prev=exec_prefix ;;
+  -exec-prefix=* | --exec_prefix=* | --exec-prefix=* | --exec-prefi=* \
+  | --exec-pref=* | --exec-pre=* | --exec-pr=* | --exec-p=* | --exec-=* \
+  | --exec=* | --exe=* | --ex=*)
+    exec_prefix=$ac_optarg ;;
+
+  -gas | --gas | --ga | --g)
+    # Obsolete; use --with-gas.
+    with_gas=yes ;;
+
+  -help | --help | --hel | --he | -h)
+    ac_init_help=long ;;
+  -help=r* | --help=r* | --hel=r* | --he=r* | -hr*)
+    ac_init_help=recursive ;;
+  -help=s* | --help=s* | --hel=s* | --he=s* | -hs*)
+    ac_init_help=short ;;
+
+  -host | --host | --hos | --ho)
+    ac_prev=host_alias ;;
+  -host=* | --host=* | --hos=* | --ho=*)
+    host_alias=$ac_optarg ;;
+
+  -htmldir | --htmldir | --htmldi | --htmld | --html | --htm | --ht)
+    ac_prev=htmldir ;;
+  -htmldir=* | --htmldir=* | --htmldi=* | --htmld=* | --html=* | --htm=* \
+  | --ht=*)
+    htmldir=$ac_optarg ;;
+
+  -includedir | --includedir | --includedi | --included | --include \
+  | --includ | --inclu | --incl | --inc)
+    ac_prev=includedir ;;
+  -includedir=* | --includedir=* | --includedi=* | --included=* | --include=* \
+  | --includ=* | --inclu=* | --incl=* | --inc=*)
+    includedir=$ac_optarg ;;
+
+  -infodir | --infodir | --infodi | --infod | --info | --inf)
+    ac_prev=infodir ;;
+  -infodir=* | --infodir=* | --infodi=* | --infod=* | --info=* | --inf=*)
+    infodir=$ac_optarg ;;
+
+  -libdir | --libdir | --libdi | --libd)
+    ac_prev=libdir ;;
+  -libdir=* | --libdir=* | --libdi=* | --libd=*)
+    libdir=$ac_optarg ;;
+
+  -libexecdir | --libexecdir | --libexecdi | --libexecd | --libexec \
+  | --libexe | --libex | --libe)
+    ac_prev=libexecdir ;;
+  -libexecdir=* | --libexecdir=* | --libexecdi=* | --libexecd=* | --libexec=* \
+  | --libexe=* | --libex=* | --libe=*)
+    libexecdir=$ac_optarg ;;
+
+  -localedir | --localedir | --localedi | --localed | --locale)
+    ac_prev=localedir ;;
+  -localedir=* | --localedir=* | --localedi=* | --localed=* | --locale=*)
+    localedir=$ac_optarg ;;
+
+  -localstatedir | --localstatedir | --localstatedi | --localstated \
+  | --localstate | --localstat | --localsta | --localst | --locals)
+    ac_prev=localstatedir ;;
+  -localstatedir=* | --localstatedir=* | --localstatedi=* | --localstated=* \
+  | --localstate=* | --localstat=* | --localsta=* | --localst=* | --locals=*)
+    localstatedir=$ac_optarg ;;
+
+  -mandir | --mandir | --mandi | --mand | --man | --ma | --m)
+    ac_prev=mandir ;;
+  -mandir=* | --mandir=* | --mandi=* | --mand=* | --man=* | --ma=* | --m=*)
+    mandir=$ac_optarg ;;
+
+  -nfp | --nfp | --nf)
+    # Obsolete; use --without-fp.
+    with_fp=no ;;
+
+  -no-create | --no-create | --no-creat | --no-crea | --no-cre \
+  | --no-cr | --no-c | -n)
+    no_create=yes ;;
+
+  -no-recursion | --no-recursion | --no-recursio | --no-recursi \
+  | --no-recurs | --no-recur | --no-recu | --no-rec | --no-re | --no-r)
+    no_recursion=yes ;;
+
+  -oldincludedir | --oldincludedir | --oldincludedi | --oldincluded \
+  | --oldinclude | --oldinclud | --oldinclu | --oldincl | --oldinc \
+  | --oldin | --oldi | --old | --ol | --o)
+    ac_prev=oldincludedir ;;
+  -oldincludedir=* | --oldincludedir=* | --oldincludedi=* | --oldincluded=* \
+  | --oldinclude=* | --oldinclud=* | --oldinclu=* | --oldincl=* | --oldinc=* \
+  | --oldin=* | --oldi=* | --old=* | --ol=* | --o=*)
+    oldincludedir=$ac_optarg ;;
+
+  -prefix | --prefix | --prefi | --pref | --pre | --pr | --p)
+    ac_prev=prefix ;;
+  -prefix=* | --prefix=* | --prefi=* | --pref=* | --pre=* | --pr=* | --p=*)
+    prefix=$ac_optarg ;;
+
+  -program-prefix | --program-prefix | --program-prefi | --program-pref \
+  | --program-pre | --program-pr | --program-p)
+    ac_prev=program_prefix ;;
+  -program-prefix=* | --program-prefix=* | --program-prefi=* \
+  | --program-pref=* | --program-pre=* | --program-pr=* | --program-p=*)
+    program_prefix=$ac_optarg ;;
+
+  -program-suffix | --program-suffix | --program-suffi | --program-suff \
+  | --program-suf | --program-su | --program-s)
+    ac_prev=program_suffix ;;
+  -program-suffix=* | --program-suffix=* | --program-suffi=* \
+  | --program-suff=* | --program-suf=* | --program-su=* | --program-s=*)
+    program_suffix=$ac_optarg ;;
+
+  -program-transform-name | --program-transform-name \
+  | --program-transform-nam | --program-transform-na \
+  | --program-transform-n | --program-transform- \
+  | --program-transform | --program-transfor \
+  | --program-transfo | --program-transf \
+  | --program-trans | --program-tran \
+  | --progr-tra | --program-tr | --program-t)
+    ac_prev=program_transform_name ;;
+  -program-transform-name=* | --program-transform-name=* \
+  | --program-transform-nam=* | --program-transform-na=* \
+  | --program-transform-n=* | --program-transform-=* \
+  | --program-transform=* | --program-transfor=* \
+  | --program-transfo=* | --program-transf=* \
+  | --program-trans=* | --program-tran=* \
+  | --progr-tra=* | --program-tr=* | --program-t=*)
+    program_transform_name=$ac_optarg ;;
+
+  -pdfdir | --pdfdir | --pdfdi | --pdfd | --pdf | --pd)
+    ac_prev=pdfdir ;;
+  -pdfdir=* | --pdfdir=* | --pdfdi=* | --pdfd=* | --pdf=* | --pd=*)
+    pdfdir=$ac_optarg ;;
+
+  -psdir | --psdir | --psdi | --psd | --ps)
+    ac_prev=psdir ;;
+  -psdir=* | --psdir=* | --psdi=* | --psd=* | --ps=*)
+    psdir=$ac_optarg ;;
+
+  -q | -quiet | --quiet | --quie | --qui | --qu | --q \
+  | -silent | --silent | --silen | --sile | --sil)
+    silent=yes ;;
+
+  -sbindir | --sbindir | --sbindi | --sbind | --sbin | --sbi | --sb)
+    ac_prev=sbindir ;;
+  -sbindir=* | --sbindir=* | --sbindi=* | --sbind=* | --sbin=* \
+  | --sbi=* | --sb=*)
+    sbindir=$ac_optarg ;;
+
+  -sharedstatedir | --sharedstatedir | --sharedstatedi \
+  | --sharedstated | --sharedstate | --sharedstat | --sharedsta \
+  | --sharedst | --shareds | --shared | --share | --shar \
+  | --sha | --sh)
+    ac_prev=sharedstatedir ;;
+  -sharedstatedir=* | --sharedstatedir=* | --sharedstatedi=* \
+  | --sharedstated=* | --sharedstate=* | --sharedstat=* | --sharedsta=* \
+  | --sharedst=* | --shareds=* | --shared=* | --share=* | --shar=* \
+  | --sha=* | --sh=*)
+    sharedstatedir=$ac_optarg ;;
+
+  -site | --site | --sit)
+    ac_prev=site ;;
+  -site=* | --site=* | --sit=*)
+    site=$ac_optarg ;;
+
+  -srcdir | --srcdir | --srcdi | --srcd | --src | --sr)
+    ac_prev=srcdir ;;
+  -srcdir=* | --srcdir=* | --srcdi=* | --srcd=* | --src=* | --sr=*)
+    srcdir=$ac_optarg ;;
+
+  -sysconfdir | --sysconfdir | --sysconfdi | --sysconfd | --sysconf \
+  | --syscon | --sysco | --sysc | --sys | --sy)
+    ac_prev=sysconfdir ;;
+  -sysconfdir=* | --sysconfdir=* | --sysconfdi=* | --sysconfd=* | --sysconf=* \
+  | --syscon=* | --sysco=* | --sysc=* | --sys=* | --sy=*)
+    sysconfdir=$ac_optarg ;;
+
+  -target | --target | --targe | --targ | --tar | --ta | --t)
+    ac_prev=target_alias ;;
+  -target=* | --target=* | --targe=* | --targ=* | --tar=* | --ta=* | --t=*)
+    target_alias=$ac_optarg ;;
+
+  -v | -verbose | --verbose | --verbos | --verbo | --verb)
+    verbose=yes ;;
+
+  -version | --version | --versio | --versi | --vers | -V)
+    ac_init_version=: ;;
+
+  -with-* | --with-*)
+    ac_useropt=`expr "x$ac_option" : 'x-*with-\([^=]*\)'`
+    # Reject names that are not valid shell variable names.
+    expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null &&
+      as_fn_error $? "invalid package name: $ac_useropt"
+    ac_useropt_orig=$ac_useropt
+    ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'`
+    case $ac_user_opts in
+      *"
+"with_$ac_useropt"
+"*) ;;
+      *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--with-$ac_useropt_orig"
+	 ac_unrecognized_sep=', ';;
+    esac
+    eval with_$ac_useropt=\$ac_optarg ;;
+
+  -without-* | --without-*)
+    ac_useropt=`expr "x$ac_option" : 'x-*without-\(.*\)'`
+    # Reject names that are not valid shell variable names.
+    expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null &&
+      as_fn_error $? "invalid package name: $ac_useropt"
+    ac_useropt_orig=$ac_useropt
+    ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'`
+    case $ac_user_opts in
+      *"
+"with_$ac_useropt"
+"*) ;;
+      *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--without-$ac_useropt_orig"
+	 ac_unrecognized_sep=', ';;
+    esac
+    eval with_$ac_useropt=no ;;
+
+  --x)
+    # Obsolete; use --with-x.
+    with_x=yes ;;
+
+  -x-includes | --x-includes | --x-include | --x-includ | --x-inclu \
+  | --x-incl | --x-inc | --x-in | --x-i)
+    ac_prev=x_includes ;;
+  -x-includes=* | --x-includes=* | --x-include=* | --x-includ=* | --x-inclu=* \
+  | --x-incl=* | --x-inc=* | --x-in=* | --x-i=*)
+    x_includes=$ac_optarg ;;
+
+  -x-libraries | --x-libraries | --x-librarie | --x-librari \
+  | --x-librar | --x-libra | --x-libr | --x-lib | --x-li | --x-l)
+    ac_prev=x_libraries ;;
+  -x-libraries=* | --x-libraries=* | --x-librarie=* | --x-librari=* \
+  | --x-librar=* | --x-libra=* | --x-libr=* | --x-lib=* | --x-li=* | --x-l=*)
+    x_libraries=$ac_optarg ;;
+
+  -*) as_fn_error $? "unrecognized option: \`$ac_option'
+Try \`$0 --help' for more information"
+    ;;
+
+  *=*)
+    ac_envvar=`expr "x$ac_option" : 'x\([^=]*\)='`
+    # Reject names that are not valid shell variable names.
+    case $ac_envvar in #(
+      '' | [0-9]* | *[!_$as_cr_alnum]* )
+      as_fn_error $? "invalid variable name: \`$ac_envvar'" ;;
+    esac
+    eval $ac_envvar=\$ac_optarg
+    export $ac_envvar ;;
+
+  *)
+    # FIXME: should be removed in autoconf 3.0.
+    $as_echo "$as_me: WARNING: you should use --build, --host, --target" >&2
+    expr "x$ac_option" : ".*[^-._$as_cr_alnum]" >/dev/null &&
+      $as_echo "$as_me: WARNING: invalid host type: $ac_option" >&2
+    : "${build_alias=$ac_option} ${host_alias=$ac_option} ${target_alias=$ac_option}"
+    ;;
+
+  esac
+done
+
+if test -n "$ac_prev"; then
+  ac_option=--`echo $ac_prev | sed 's/_/-/g'`
+  as_fn_error $? "missing argument to $ac_option"
+fi
+
+if test -n "$ac_unrecognized_opts"; then
+  case $enable_option_checking in
+    no) ;;
+    fatal) as_fn_error $? "unrecognized options: $ac_unrecognized_opts" ;;
+    *)     $as_echo "$as_me: WARNING: unrecognized options: $ac_unrecognized_opts" >&2 ;;
+  esac
+fi
+
+# Check all directory arguments for consistency.
+for ac_var in	exec_prefix prefix bindir sbindir libexecdir datarootdir \
+		datadir sysconfdir sharedstatedir localstatedir includedir \
+		oldincludedir docdir infodir htmldir dvidir pdfdir psdir \
+		libdir localedir mandir
+do
+  eval ac_val=\$$ac_var
+  # Remove trailing slashes.
+  case $ac_val in
+    */ )
+      ac_val=`expr "X$ac_val" : 'X\(.*[^/]\)' \| "X$ac_val" : 'X\(.*\)'`
+      eval $ac_var=\$ac_val;;
+  esac
+  # Be sure to have absolute directory names.
+  case $ac_val in
+    [\\/$]* | ?:[\\/]* )  continue;;
+    NONE | '' ) case $ac_var in *prefix ) continue;; esac;;
+  esac
+  as_fn_error $? "expected an absolute directory name for --$ac_var: $ac_val"
+done
+
+# There might be people who depend on the old broken behavior: `$host'
+# used to hold the argument of --host etc.
+# FIXME: To remove some day.
+build=$build_alias
+host=$host_alias
+target=$target_alias
+
+# FIXME: To remove some day.
+if test "x$host_alias" != x; then
+  if test "x$build_alias" = x; then
+    cross_compiling=maybe
+  elif test "x$build_alias" != "x$host_alias"; then
+    cross_compiling=yes
+  fi
+fi
+
+ac_tool_prefix=
+test -n "$host_alias" && ac_tool_prefix=$host_alias-
+
+test "$silent" = yes && exec 6>/dev/null
+
+
+ac_pwd=`pwd` && test -n "$ac_pwd" &&
+ac_ls_di=`ls -di .` &&
+ac_pwd_ls_di=`cd "$ac_pwd" && ls -di .` ||
+  as_fn_error $? "working directory cannot be determined"
+test "X$ac_ls_di" = "X$ac_pwd_ls_di" ||
+  as_fn_error $? "pwd does not report name of working directory"
+
+
+# Find the source files, if location was not specified.
+if test -z "$srcdir"; then
+  ac_srcdir_defaulted=yes
+  # Try the directory containing this script, then the parent directory.
+  ac_confdir=`$as_dirname -- "$as_myself" ||
+$as_expr X"$as_myself" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
+	 X"$as_myself" : 'X\(//\)[^/]' \| \
+	 X"$as_myself" : 'X\(//\)$' \| \
+	 X"$as_myself" : 'X\(/\)' \| . 2>/dev/null ||
+$as_echo X"$as_myself" |
+    sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{
+	    s//\1/
+	    q
+	  }
+	  /^X\(\/\/\)[^/].*/{
+	    s//\1/
+	    q
+	  }
+	  /^X\(\/\/\)$/{
+	    s//\1/
+	    q
+	  }
+	  /^X\(\/\).*/{
+	    s//\1/
+	    q
+	  }
+	  s/.*/./; q'`
+  srcdir=$ac_confdir
+  if test ! -r "$srcdir/$ac_unique_file"; then
+    srcdir=..
+  fi
+else
+  ac_srcdir_defaulted=no
+fi
+if test ! -r "$srcdir/$ac_unique_file"; then
+  test "$ac_srcdir_defaulted" = yes && srcdir="$ac_confdir or .."
+  as_fn_error $? "cannot find sources ($ac_unique_file) in $srcdir"
+fi
+ac_msg="sources are in $srcdir, but \`cd $srcdir' does not work"
+ac_abs_confdir=`(
+	cd "$srcdir" && test -r "./$ac_unique_file" || as_fn_error $? "$ac_msg"
+	pwd)`
+# When building in place, set srcdir=.
+if test "$ac_abs_confdir" = "$ac_pwd"; then
+  srcdir=.
+fi
+# Remove unnecessary trailing slashes from srcdir.
+# Double slashes in file names in object file debugging info
+# mess up M-x gdb in Emacs.
+case $srcdir in
+*/) srcdir=`expr "X$srcdir" : 'X\(.*[^/]\)' \| "X$srcdir" : 'X\(.*\)'`;;
+esac
+for ac_var in $ac_precious_vars; do
+  eval ac_env_${ac_var}_set=\${${ac_var}+set}
+  eval ac_env_${ac_var}_value=\$${ac_var}
+  eval ac_cv_env_${ac_var}_set=\${${ac_var}+set}
+  eval ac_cv_env_${ac_var}_value=\$${ac_var}
+done
+
+#
+# Report the --help message.
+#
+if test "$ac_init_help" = "long"; then
+  # Omit some internal or obsolete options to make the list less imposing.
+  # This message is too long to be a string in the A/UX 3.1 sh.
+  cat <<_ACEOF
+\`configure' configures wolfssl 3.4.0 to adapt to many kinds of systems.
+
+Usage: $0 [OPTION]... [VAR=VALUE]...
+
+To assign environment variables (e.g., CC, CFLAGS...), specify them as
+VAR=VALUE.  See below for descriptions of some of the useful variables.
+
+Defaults for the options are specified in brackets.
+
+Configuration:
+  -h, --help              display this help and exit
+      --help=short        display options specific to this package
+      --help=recursive    display the short help of all the included packages
+  -V, --version           display version information and exit
+  -q, --quiet, --silent   do not print \`checking ...' messages
+      --cache-file=FILE   cache test results in FILE [disabled]
+  -C, --config-cache      alias for \`--cache-file=config.cache'
+  -n, --no-create         do not create output files
+      --srcdir=DIR        find the sources in DIR [configure dir or \`..']
+
+Installation directories:
+  --prefix=PREFIX         install architecture-independent files in PREFIX
+                          [$ac_default_prefix]
+  --exec-prefix=EPREFIX   install architecture-dependent files in EPREFIX
+                          [PREFIX]
+
+By default, \`make install' will install all the files in
+\`$ac_default_prefix/bin', \`$ac_default_prefix/lib' etc.  You can specify
+an installation prefix other than \`$ac_default_prefix' using \`--prefix',
+for instance \`--prefix=\$HOME'.
+
+For better control, use the options below.
+
+Fine tuning of the installation directories:
+  --bindir=DIR            user executables [EPREFIX/bin]
+  --sbindir=DIR           system admin executables [EPREFIX/sbin]
+  --libexecdir=DIR        program executables [EPREFIX/libexec]
+  --sysconfdir=DIR        read-only single-machine data [PREFIX/etc]
+  --sharedstatedir=DIR    modifiable architecture-independent data [PREFIX/com]
+  --localstatedir=DIR     modifiable single-machine data [PREFIX/var]
+  --libdir=DIR            object code libraries [EPREFIX/lib]
+  --includedir=DIR        C header files [PREFIX/include]
+  --oldincludedir=DIR     C header files for non-gcc [/usr/include]
+  --datarootdir=DIR       read-only arch.-independent data root [PREFIX/share]
+  --datadir=DIR           read-only architecture-independent data [DATAROOTDIR]
+  --infodir=DIR           info documentation [DATAROOTDIR/info]
+  --localedir=DIR         locale-dependent data [DATAROOTDIR/locale]
+  --mandir=DIR            man documentation [DATAROOTDIR/man]
+  --docdir=DIR            documentation root [DATAROOTDIR/doc/wolfssl]
+  --htmldir=DIR           html documentation [DOCDIR]
+  --dvidir=DIR            dvi documentation [DOCDIR]
+  --pdfdir=DIR            pdf documentation [DOCDIR]
+  --psdir=DIR             ps documentation [DOCDIR]
+_ACEOF
+
+  cat <<\_ACEOF
+
+Program names:
+  --program-prefix=PREFIX            prepend PREFIX to installed program names
+  --program-suffix=SUFFIX            append SUFFIX to installed program names
+  --program-transform-name=PROGRAM   run sed PROGRAM on installed program names
+
+System types:
+  --build=BUILD     configure for building on BUILD [guessed]
+  --host=HOST       cross-compile to build programs to run on HOST [BUILD]
+_ACEOF
+fi
+
+if test -n "$ac_init_help"; then
+  case $ac_init_help in
+     short | recursive ) echo "Configuration of wolfssl 3.4.0:";;
+   esac
+  cat <<\_ACEOF
+
+Optional Features:
+  --disable-option-checking  ignore unrecognized --enable/--with options
+  --disable-FEATURE       do not include FEATURE (same as --enable-FEATURE=no)
+  --enable-FEATURE[=ARG]  include FEATURE [ARG=yes]
+  --enable-silent-rules   less verbose build output (undo: "make V=1")
+  --disable-silent-rules  verbose build output (undo: "make V=0")
+  --enable-static[=PKGS]  build static libraries [default=no]
+  --enable-shared[=PKGS]  build shared libraries [default=yes]
+  --enable-fast-install[=PKGS]
+                          optimize for fast installation [default=yes]
+  --enable-dependency-tracking
+                          do not reject slow dependency extractors
+  --disable-dependency-tracking
+                          speeds up one-time build
+  --disable-libtool-lock  avoid locking (might break parallel builds)
+  --enable-debug          Add debug code/turns off optimizations (yes|no)
+                          [default=no]
+  --enable-singlethreaded Enable wolfSSL single threaded (default: disabled)
+  --enable-dtls           Enable wolfSSL DTLS (default: disabled)
+  --enable-opensslextra   Enable extra OpenSSL API, size+ (default: disabled)
+  --enable-ipv6           Enable testing of IPV6 (default: disabled)
+  --enable-fortress       Enable SSL fortress build (default: disabled)
+  --enable-bump           Enable SSL Bump build (default: disabled)
+  --enable-leanpsk        Enable Lean PSK build (default: disabled)
+  --enable-bigcache       Enable big session cache (default: disabled)
+  --enable-hugecache      Enable huge session cache (default: disabled)
+  --enable-smallcache     Enable small session cache (default: disabled)
+  --enable-savesession    Enable persistent session cache (default: disabled)
+  --enable-savecert       Enable persistent cert cache (default: disabled)
+  --enable-atomicuser     Enable Atomic User Record Layer (default: disabled)
+  --enable-pkcallbacks    Enable Public Key Callbacks (default: disabled)
+  --enable-sniffer        Enable wolfSSL sniffer support (default: disabled)
+  --enable-aesgcm         Enable wolfSSL AES-GCM support (default: disabled)
+  --enable-aesccm         Enable wolfSSL AES-CCM support (default: disabled)
+  --enable-aesni          Enable wolfSSL AES-NI support (default: disabled)
+  --enable-poly1305         Enable wolfSSL POLY1305 support (default: disabled)
+  --enable-camellia       Enable wolfSSL Camellia support (default: disabled)
+  --enable-md2            Enable wolfSSL MD2 support (default: disabled)
+  --enable-nullcipher     Enable wolfSSL NULL cipher support (default: disabled)
+  --enable-ripemd         Enable wolfSSL RIPEMD-160 support (default: disabled)
+  --enable-blake2         Enable wolfSSL BLAKE2 support (default: disabled)
+  --enable-sha512         Enable wolfSSL SHA-512 support (default: disabled)
+  --enable-sessioncerts   Enable session cert storing (default: disabled)
+  --enable-keygen         Enable key generation (default: disabled)
+  --enable-certgen        Enable cert generation (default: disabled)
+  --enable-certreq        Enable cert request generation (default: disabled)
+  --enable-sep            Enable sep extensions (default: disabled)
+  --enable-hkdf           Enable HKDF (HMAC-KDF) support (default: disabled)
+  --enable-dsa            Enable DSA (default: disabled)
+  --enable-ecc            Enable ECC (default: disabled)
+  --enable-ecc25519            Enable ECC25519 (default: disabled)
+  --enable-fpecc          Enable Fixed Point cache ECC (default: disabled)
+  --enable-eccencrypt     Enable ECC encrypt (default: disabled)
+  --enable-psk            Enable PSK (default: disabled)
+  --enable-errorstrings   Enable error strings table (default: enabled)
+  --enable-oldtls         Enable old TLS versions < 1.2 (default: enabled)
+  --enable-stacksize      Enable stack size info on examples (default: disabled)
+  --enable-memory         Enable memory callbacks (default: enabled)
+  --enable-rsa            Enable RSA (default: enabled)
+  --enable-dh             Enable DH (default: disabled)
+  --enable-anon           Enable Anonymous (default: disabled)
+  --enable-asn            Enable ASN (default: enabled)
+  --enable-aes            Enable AES (default: enabled)
+  --enable-coding         Enable Coding base 16/64 (default: enabled)
+  --enable-des3           Enable DES3 (default: enabled)
+  --enable-arc4           Enable ARC4 (default: enabled)
+  --enable-md5            Enable MD5 (default: enabled)
+  --enable-sha            Enable SHA (default: enabled)
+  --enable-md4            Enable MD4 (default: disabled)
+  --enable-webserver      Enable Web Server (default: disabled)
+  --enable-hc128          Enable HC-128 (default: disabled)
+  --enable-rabbit         Enable RABBIT (default: disabled)
+  --enable-chacha         Enable CHACHA (default: disabled)
+  --enable-fips           Enable FIPS 140-2 (default: disabled)
+  --enable-hashdrbg       Enable Hash DRBG support (default: enabled)
+  --enable-filesystem     Enable Filesystem support (default: enabled)
+  --enable-inline         Enable inline functions (default: enabled)
+  --enable-ocsp           Enable OCSP (default: disabled)
+  --enable-crl            Enable CRL (default: disabled)
+  --enable-crl-monitor    Enable CRL Monitor (default: disabled)
+  --enable-sni            Enable SNI (default: disabled)
+  --enable-maxfragment    Enable Maximum Fragment Length (default: disabled)
+  --enable-truncatedhmac  Enable Truncated HMAC (default: disabled)
+  --enable-renegotiation-indication  Enable Renegotiation Indication (default: disabled)
+  --enable-secure-renegotiation Enable Secure Renegotiation (default: disabled)
+  --enable-supportedcurves Enable Supported Elliptic Curves (default: disabled)
+  --enable-session-ticket  Enable Session Ticket (default: disabled)
+  --enable-tlsx           Enable all TLS Extensions (default: disabled)
+  --enable-pkcs7          Enable PKCS7 (default: disabled)
+  --enable-scep           Enable wolfSCEP (default: disabled)
+  --enable-smallstack     Enable Small Stack Usage (default: disabled)
+  --enable-valgrind       Enable valgrind for unit tests (default: disabled)
+  --enable-testcert       Enable Test Cert (default: disabled)
+  --enable-iopool         Enable I/O Pool example (default: disabled)
+  --enable-certservice    Enable cert service (default: disabled)
+  --enable-pwdbased       Enable PWDBASED (default: disabled)
+  --enable-fastmath       Enable fast math ops (default: enabled on x86_64)
+  --enable-fasthugemath   Enable fast math + huge code (default: disabled)
+  --enable-examples       Enable Examples  (default: enabled)
+  --enable-mcapi          Enable Microchip API (default: disabled)
+  --enable-jobserver[=no/yes/#] default=yes
+                        Enable up to # make jobs
+                        yes: enable one more than CPU count
+
+
+Optional Packages:
+  --with-PACKAGE[=ARG]    use PACKAGE [ARG=yes]
+  --without-PACKAGE       do not use PACKAGE (same as --with-PACKAGE=no)
+  --with-pic[=PKGS]       try to use only PIC/non-PIC objects [default=use
+                          both]
+  --with-gnu-ld           assume the C compiler uses GNU ld [default=no]
+  --with-sysroot=DIR Search for dependent libraries within DIR
+                        (or the compiler's sysroot if not specified).
+  --with-ntru=PATH        Path to NTRU install (default /usr/)
+  --with-libz=PATH        PATH to libz install (default /usr/)
+  --with-cavium=PATH      PATH to cavium/software dir
+
+Some influential environment variables:
+  CC          C compiler command
+  CFLAGS      C compiler flags
+  LDFLAGS     linker flags, e.g. -L if you have libraries in a
+              nonstandard directory 
+  LIBS        libraries to pass to the linker, e.g. -l
+  CPPFLAGS    (Objective) C/C++ preprocessor flags, e.g. -I if
+              you have headers in a nonstandard directory 
+  CPP         C preprocessor
+  CXX         C++ compiler command
+  CXXFLAGS    C++ compiler flags
+  CXXCPP      C++ preprocessor
+  CCAS        assembler compiler command (defaults to CC)
+  CCASFLAGS   assembler compiler flags (defaults to CFLAGS)
+
+Use these variables to override the choices made by `configure' or to help
+it to find libraries and programs with nonstandard names/locations.
+
+Report bugs to .
+wolfssl home page: .
+_ACEOF
+ac_status=$?
+fi
+
+if test "$ac_init_help" = "recursive"; then
+  # If there are subdirs, report their specific --help.
+  for ac_dir in : $ac_subdirs_all; do test "x$ac_dir" = x: && continue
+    test -d "$ac_dir" ||
+      { cd "$srcdir" && ac_pwd=`pwd` && srcdir=. && test -d "$ac_dir"; } ||
+      continue
+    ac_builddir=.
+
+case "$ac_dir" in
+.) ac_dir_suffix= ac_top_builddir_sub=. ac_top_build_prefix= ;;
+*)
+  ac_dir_suffix=/`$as_echo "$ac_dir" | sed 's|^\.[\\/]||'`
+  # A ".." for each directory in $ac_dir_suffix.
+  ac_top_builddir_sub=`$as_echo "$ac_dir_suffix" | sed 's|/[^\\/]*|/..|g;s|/||'`
+  case $ac_top_builddir_sub in
+  "") ac_top_builddir_sub=. ac_top_build_prefix= ;;
+  *)  ac_top_build_prefix=$ac_top_builddir_sub/ ;;
+  esac ;;
+esac
+ac_abs_top_builddir=$ac_pwd
+ac_abs_builddir=$ac_pwd$ac_dir_suffix
+# for backward compatibility:
+ac_top_builddir=$ac_top_build_prefix
+
+case $srcdir in
+  .)  # We are building in place.
+    ac_srcdir=.
+    ac_top_srcdir=$ac_top_builddir_sub
+    ac_abs_top_srcdir=$ac_pwd ;;
+  [\\/]* | ?:[\\/]* )  # Absolute name.
+    ac_srcdir=$srcdir$ac_dir_suffix;
+    ac_top_srcdir=$srcdir
+    ac_abs_top_srcdir=$srcdir ;;
+  *) # Relative name.
+    ac_srcdir=$ac_top_build_prefix$srcdir$ac_dir_suffix
+    ac_top_srcdir=$ac_top_build_prefix$srcdir
+    ac_abs_top_srcdir=$ac_pwd/$srcdir ;;
+esac
+ac_abs_srcdir=$ac_abs_top_srcdir$ac_dir_suffix
+
+    cd "$ac_dir" || { ac_status=$?; continue; }
+    # Check for guested configure.
+    if test -f "$ac_srcdir/configure.gnu"; then
+      echo &&
+      $SHELL "$ac_srcdir/configure.gnu" --help=recursive
+    elif test -f "$ac_srcdir/configure"; then
+      echo &&
+      $SHELL "$ac_srcdir/configure" --help=recursive
+    else
+      $as_echo "$as_me: WARNING: no configuration information is in $ac_dir" >&2
+    fi || ac_status=$?
+    cd "$ac_pwd" || { ac_status=$?; break; }
+  done
+fi
+
+test -n "$ac_init_help" && exit $ac_status
+if $ac_init_version; then
+  cat <<\_ACEOF
+wolfssl configure 3.4.0
+generated by GNU Autoconf 2.69
+
+Copyright (C) 2012 Free Software Foundation, Inc.
+This configure script is free software; the Free Software Foundation
+gives unlimited permission to copy, distribute and modify it.
+_ACEOF
+  exit
+fi
+
+## ------------------------ ##
+## Autoconf initialization. ##
+## ------------------------ ##
+
+# ac_fn_c_try_compile LINENO
+# --------------------------
+# Try to compile conftest.$ac_ext, and return whether this succeeded.
+ac_fn_c_try_compile ()
+{
+  as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
+  rm -f conftest.$ac_objext
+  if { { ac_try="$ac_compile"
+case "(($ac_try" in
+  *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+  *) ac_try_echo=$ac_try;;
+esac
+eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\""
+$as_echo "$ac_try_echo"; } >&5
+  (eval "$ac_compile") 2>conftest.err
+  ac_status=$?
+  if test -s conftest.err; then
+    grep -v '^ *+' conftest.err >conftest.er1
+    cat conftest.er1 >&5
+    mv -f conftest.er1 conftest.err
+  fi
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; } && {
+	 test -z "$ac_c_werror_flag" ||
+	 test ! -s conftest.err
+       } && test -s conftest.$ac_objext; then :
+  ac_retval=0
+else
+  $as_echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+	ac_retval=1
+fi
+  eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
+  as_fn_set_status $ac_retval
+
+} # ac_fn_c_try_compile
+
+# ac_fn_c_try_link LINENO
+# -----------------------
+# Try to link conftest.$ac_ext, and return whether this succeeded.
+ac_fn_c_try_link ()
+{
+  as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
+  rm -f conftest.$ac_objext conftest$ac_exeext
+  if { { ac_try="$ac_link"
+case "(($ac_try" in
+  *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+  *) ac_try_echo=$ac_try;;
+esac
+eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\""
+$as_echo "$ac_try_echo"; } >&5
+  (eval "$ac_link") 2>conftest.err
+  ac_status=$?
+  if test -s conftest.err; then
+    grep -v '^ *+' conftest.err >conftest.er1
+    cat conftest.er1 >&5
+    mv -f conftest.er1 conftest.err
+  fi
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; } && {
+	 test -z "$ac_c_werror_flag" ||
+	 test ! -s conftest.err
+       } && test -s conftest$ac_exeext && {
+	 test "$cross_compiling" = yes ||
+	 test -x conftest$ac_exeext
+       }; then :
+  ac_retval=0
+else
+  $as_echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+	ac_retval=1
+fi
+  # Delete the IPA/IPO (Inter Procedural Analysis/Optimization) information
+  # created by the PGI compiler (conftest_ipa8_conftest.oo), as it would
+  # interfere with the next link command; also delete a directory that is
+  # left behind by Apple's compiler.  We do this before executing the actions.
+  rm -rf conftest.dSYM conftest_ipa8_conftest.oo
+  eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
+  as_fn_set_status $ac_retval
+
+} # ac_fn_c_try_link
+
+# ac_fn_c_check_header_compile LINENO HEADER VAR INCLUDES
+# -------------------------------------------------------
+# Tests whether HEADER exists and can be compiled using the include files in
+# INCLUDES, setting the cache variable VAR accordingly.
+ac_fn_c_check_header_compile ()
+{
+  as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
+  { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5
+$as_echo_n "checking for $2... " >&6; }
+if eval \${$3+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+$4
+#include <$2>
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  eval "$3=yes"
+else
+  eval "$3=no"
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+fi
+eval ac_res=\$$3
+	       { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
+$as_echo "$ac_res" >&6; }
+  eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
+
+} # ac_fn_c_check_header_compile
+
+# ac_fn_c_try_cpp LINENO
+# ----------------------
+# Try to preprocess conftest.$ac_ext, and return whether this succeeded.
+ac_fn_c_try_cpp ()
+{
+  as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
+  if { { ac_try="$ac_cpp conftest.$ac_ext"
+case "(($ac_try" in
+  *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+  *) ac_try_echo=$ac_try;;
+esac
+eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\""
+$as_echo "$ac_try_echo"; } >&5
+  (eval "$ac_cpp conftest.$ac_ext") 2>conftest.err
+  ac_status=$?
+  if test -s conftest.err; then
+    grep -v '^ *+' conftest.err >conftest.er1
+    cat conftest.er1 >&5
+    mv -f conftest.er1 conftest.err
+  fi
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; } > conftest.i && {
+	 test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" ||
+	 test ! -s conftest.err
+       }; then :
+  ac_retval=0
+else
+  $as_echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+    ac_retval=1
+fi
+  eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
+  as_fn_set_status $ac_retval
+
+} # ac_fn_c_try_cpp
+
+# ac_fn_c_try_run LINENO
+# ----------------------
+# Try to link conftest.$ac_ext, and return whether this succeeded. Assumes
+# that executables *can* be run.
+ac_fn_c_try_run ()
+{
+  as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
+  if { { ac_try="$ac_link"
+case "(($ac_try" in
+  *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+  *) ac_try_echo=$ac_try;;
+esac
+eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\""
+$as_echo "$ac_try_echo"; } >&5
+  (eval "$ac_link") 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; } && { ac_try='./conftest$ac_exeext'
+  { { case "(($ac_try" in
+  *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+  *) ac_try_echo=$ac_try;;
+esac
+eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\""
+$as_echo "$ac_try_echo"; } >&5
+  (eval "$ac_try") 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }; }; then :
+  ac_retval=0
+else
+  $as_echo "$as_me: program exited with status $ac_status" >&5
+       $as_echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+       ac_retval=$ac_status
+fi
+  rm -rf conftest.dSYM conftest_ipa8_conftest.oo
+  eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
+  as_fn_set_status $ac_retval
+
+} # ac_fn_c_try_run
+
+# ac_fn_c_check_func LINENO FUNC VAR
+# ----------------------------------
+# Tests whether FUNC exists, setting the cache variable VAR accordingly
+ac_fn_c_check_func ()
+{
+  as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
+  { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5
+$as_echo_n "checking for $2... " >&6; }
+if eval \${$3+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+/* Define $2 to an innocuous variant, in case  declares $2.
+   For example, HP-UX 11i  declares gettimeofday.  */
+#define $2 innocuous_$2
+
+/* System header to define __stub macros and hopefully few prototypes,
+    which can conflict with char $2 (); below.
+    Prefer  to  if __STDC__ is defined, since
+     exists even on freestanding compilers.  */
+
+#ifdef __STDC__
+# include 
+#else
+# include 
+#endif
+
+#undef $2
+
+/* Override any GCC internal prototype to avoid an error.
+   Use char because int might match the return type of a GCC
+   builtin and then its argument prototype would still apply.  */
+#ifdef __cplusplus
+extern "C"
+#endif
+char $2 ();
+/* The GNU C library defines this for functions which it implements
+    to always fail with ENOSYS.  Some functions are actually named
+    something starting with __ and the normal name is an alias.  */
+#if defined __stub_$2 || defined __stub___$2
+choke me
+#endif
+
+int
+main ()
+{
+return $2 ();
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_link "$LINENO"; then :
+  eval "$3=yes"
+else
+  eval "$3=no"
+fi
+rm -f core conftest.err conftest.$ac_objext \
+    conftest$ac_exeext conftest.$ac_ext
+fi
+eval ac_res=\$$3
+	       { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
+$as_echo "$ac_res" >&6; }
+  eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
+
+} # ac_fn_c_check_func
+
+# ac_fn_cxx_try_compile LINENO
+# ----------------------------
+# Try to compile conftest.$ac_ext, and return whether this succeeded.
+ac_fn_cxx_try_compile ()
+{
+  as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
+  rm -f conftest.$ac_objext
+  if { { ac_try="$ac_compile"
+case "(($ac_try" in
+  *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+  *) ac_try_echo=$ac_try;;
+esac
+eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\""
+$as_echo "$ac_try_echo"; } >&5
+  (eval "$ac_compile") 2>conftest.err
+  ac_status=$?
+  if test -s conftest.err; then
+    grep -v '^ *+' conftest.err >conftest.er1
+    cat conftest.er1 >&5
+    mv -f conftest.er1 conftest.err
+  fi
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; } && {
+	 test -z "$ac_cxx_werror_flag" ||
+	 test ! -s conftest.err
+       } && test -s conftest.$ac_objext; then :
+  ac_retval=0
+else
+  $as_echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+	ac_retval=1
+fi
+  eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
+  as_fn_set_status $ac_retval
+
+} # ac_fn_cxx_try_compile
+
+# ac_fn_cxx_try_cpp LINENO
+# ------------------------
+# Try to preprocess conftest.$ac_ext, and return whether this succeeded.
+ac_fn_cxx_try_cpp ()
+{
+  as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
+  if { { ac_try="$ac_cpp conftest.$ac_ext"
+case "(($ac_try" in
+  *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+  *) ac_try_echo=$ac_try;;
+esac
+eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\""
+$as_echo "$ac_try_echo"; } >&5
+  (eval "$ac_cpp conftest.$ac_ext") 2>conftest.err
+  ac_status=$?
+  if test -s conftest.err; then
+    grep -v '^ *+' conftest.err >conftest.er1
+    cat conftest.er1 >&5
+    mv -f conftest.er1 conftest.err
+  fi
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; } > conftest.i && {
+	 test -z "$ac_cxx_preproc_warn_flag$ac_cxx_werror_flag" ||
+	 test ! -s conftest.err
+       }; then :
+  ac_retval=0
+else
+  $as_echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+    ac_retval=1
+fi
+  eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
+  as_fn_set_status $ac_retval
+
+} # ac_fn_cxx_try_cpp
+
+# ac_fn_cxx_try_link LINENO
+# -------------------------
+# Try to link conftest.$ac_ext, and return whether this succeeded.
+ac_fn_cxx_try_link ()
+{
+  as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
+  rm -f conftest.$ac_objext conftest$ac_exeext
+  if { { ac_try="$ac_link"
+case "(($ac_try" in
+  *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+  *) ac_try_echo=$ac_try;;
+esac
+eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\""
+$as_echo "$ac_try_echo"; } >&5
+  (eval "$ac_link") 2>conftest.err
+  ac_status=$?
+  if test -s conftest.err; then
+    grep -v '^ *+' conftest.err >conftest.er1
+    cat conftest.er1 >&5
+    mv -f conftest.er1 conftest.err
+  fi
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; } && {
+	 test -z "$ac_cxx_werror_flag" ||
+	 test ! -s conftest.err
+       } && test -s conftest$ac_exeext && {
+	 test "$cross_compiling" = yes ||
+	 test -x conftest$ac_exeext
+       }; then :
+  ac_retval=0
+else
+  $as_echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+	ac_retval=1
+fi
+  # Delete the IPA/IPO (Inter Procedural Analysis/Optimization) information
+  # created by the PGI compiler (conftest_ipa8_conftest.oo), as it would
+  # interfere with the next link command; also delete a directory that is
+  # left behind by Apple's compiler.  We do this before executing the actions.
+  rm -rf conftest.dSYM conftest_ipa8_conftest.oo
+  eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
+  as_fn_set_status $ac_retval
+
+} # ac_fn_cxx_try_link
+
+# ac_fn_c_check_header_mongrel LINENO HEADER VAR INCLUDES
+# -------------------------------------------------------
+# Tests whether HEADER exists, giving a warning if it cannot be compiled using
+# the include files in INCLUDES and setting the cache variable VAR
+# accordingly.
+ac_fn_c_check_header_mongrel ()
+{
+  as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
+  if eval \${$3+:} false; then :
+  { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5
+$as_echo_n "checking for $2... " >&6; }
+if eval \${$3+:} false; then :
+  $as_echo_n "(cached) " >&6
+fi
+eval ac_res=\$$3
+	       { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
+$as_echo "$ac_res" >&6; }
+else
+  # Is the header compilable?
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking $2 usability" >&5
+$as_echo_n "checking $2 usability... " >&6; }
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+$4
+#include <$2>
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  ac_header_compiler=yes
+else
+  ac_header_compiler=no
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_header_compiler" >&5
+$as_echo "$ac_header_compiler" >&6; }
+
+# Is the header present?
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking $2 presence" >&5
+$as_echo_n "checking $2 presence... " >&6; }
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+#include <$2>
+_ACEOF
+if ac_fn_c_try_cpp "$LINENO"; then :
+  ac_header_preproc=yes
+else
+  ac_header_preproc=no
+fi
+rm -f conftest.err conftest.i conftest.$ac_ext
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_header_preproc" >&5
+$as_echo "$ac_header_preproc" >&6; }
+
+# So?  What about this header?
+case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in #((
+  yes:no: )
+    { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: accepted by the compiler, rejected by the preprocessor!" >&5
+$as_echo "$as_me: WARNING: $2: accepted by the compiler, rejected by the preprocessor!" >&2;}
+    { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: proceeding with the compiler's result" >&5
+$as_echo "$as_me: WARNING: $2: proceeding with the compiler's result" >&2;}
+    ;;
+  no:yes:* )
+    { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: present but cannot be compiled" >&5
+$as_echo "$as_me: WARNING: $2: present but cannot be compiled" >&2;}
+    { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2:     check for missing prerequisite headers?" >&5
+$as_echo "$as_me: WARNING: $2:     check for missing prerequisite headers?" >&2;}
+    { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: see the Autoconf documentation" >&5
+$as_echo "$as_me: WARNING: $2: see the Autoconf documentation" >&2;}
+    { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2:     section \"Present But Cannot Be Compiled\"" >&5
+$as_echo "$as_me: WARNING: $2:     section \"Present But Cannot Be Compiled\"" >&2;}
+    { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: proceeding with the compiler's result" >&5
+$as_echo "$as_me: WARNING: $2: proceeding with the compiler's result" >&2;}
+( $as_echo "## -------------------------------------------------------- ##
+## Report this to https://github.com/wolfssl/wolfssl/issues ##
+## -------------------------------------------------------- ##"
+     ) | sed "s/^/$as_me: WARNING:     /" >&2
+    ;;
+esac
+  { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5
+$as_echo_n "checking for $2... " >&6; }
+if eval \${$3+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  eval "$3=\$ac_header_compiler"
+fi
+eval ac_res=\$$3
+	       { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
+$as_echo "$ac_res" >&6; }
+fi
+  eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
+
+} # ac_fn_c_check_header_mongrel
+
+# ac_fn_c_compute_int LINENO EXPR VAR INCLUDES
+# --------------------------------------------
+# Tries to find the compile-time value of EXPR in a program that includes
+# INCLUDES, setting VAR accordingly. Returns whether the value could be
+# computed
+ac_fn_c_compute_int ()
+{
+  as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
+  if test "$cross_compiling" = yes; then
+    # Depending upon the size, compute the lo and hi bounds.
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+$4
+int
+main ()
+{
+static int test_array [1 - 2 * !(($2) >= 0)];
+test_array [0] = 0;
+return test_array [0];
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  ac_lo=0 ac_mid=0
+  while :; do
+    cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+$4
+int
+main ()
+{
+static int test_array [1 - 2 * !(($2) <= $ac_mid)];
+test_array [0] = 0;
+return test_array [0];
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  ac_hi=$ac_mid; break
+else
+  as_fn_arith $ac_mid + 1 && ac_lo=$as_val
+			if test $ac_lo -le $ac_mid; then
+			  ac_lo= ac_hi=
+			  break
+			fi
+			as_fn_arith 2 '*' $ac_mid + 1 && ac_mid=$as_val
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+  done
+else
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+$4
+int
+main ()
+{
+static int test_array [1 - 2 * !(($2) < 0)];
+test_array [0] = 0;
+return test_array [0];
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  ac_hi=-1 ac_mid=-1
+  while :; do
+    cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+$4
+int
+main ()
+{
+static int test_array [1 - 2 * !(($2) >= $ac_mid)];
+test_array [0] = 0;
+return test_array [0];
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  ac_lo=$ac_mid; break
+else
+  as_fn_arith '(' $ac_mid ')' - 1 && ac_hi=$as_val
+			if test $ac_mid -le $ac_hi; then
+			  ac_lo= ac_hi=
+			  break
+			fi
+			as_fn_arith 2 '*' $ac_mid && ac_mid=$as_val
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+  done
+else
+  ac_lo= ac_hi=
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+# Binary search between lo and hi bounds.
+while test "x$ac_lo" != "x$ac_hi"; do
+  as_fn_arith '(' $ac_hi - $ac_lo ')' / 2 + $ac_lo && ac_mid=$as_val
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+$4
+int
+main ()
+{
+static int test_array [1 - 2 * !(($2) <= $ac_mid)];
+test_array [0] = 0;
+return test_array [0];
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  ac_hi=$ac_mid
+else
+  as_fn_arith '(' $ac_mid ')' + 1 && ac_lo=$as_val
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+done
+case $ac_lo in #((
+?*) eval "$3=\$ac_lo"; ac_retval=0 ;;
+'') ac_retval=1 ;;
+esac
+  else
+    cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+$4
+static long int longval () { return $2; }
+static unsigned long int ulongval () { return $2; }
+#include 
+#include 
+int
+main ()
+{
+
+  FILE *f = fopen ("conftest.val", "w");
+  if (! f)
+    return 1;
+  if (($2) < 0)
+    {
+      long int i = longval ();
+      if (i != ($2))
+	return 1;
+      fprintf (f, "%ld", i);
+    }
+  else
+    {
+      unsigned long int i = ulongval ();
+      if (i != ($2))
+	return 1;
+      fprintf (f, "%lu", i);
+    }
+  /* Do not output a trailing newline, as this causes \r\n confusion
+     on some platforms.  */
+  return ferror (f) || fclose (f) != 0;
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_run "$LINENO"; then :
+  echo >>conftest.val; read $3 &5
+$as_echo_n "checking for $2... " >&6; }
+if eval \${$3+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  eval "$3=no"
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+$4
+int
+main ()
+{
+if (sizeof ($2))
+	 return 0;
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+$4
+int
+main ()
+{
+if (sizeof (($2)))
+	    return 0;
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+
+else
+  eval "$3=yes"
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+fi
+eval ac_res=\$$3
+	       { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
+$as_echo "$ac_res" >&6; }
+  eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
+
+} # ac_fn_c_check_type
+
+# ac_fn_c_find_uintX_t LINENO BITS VAR
+# ------------------------------------
+# Finds an unsigned integer type with width BITS, setting cache variable VAR
+# accordingly.
+ac_fn_c_find_uintX_t ()
+{
+  as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
+  { $as_echo "$as_me:${as_lineno-$LINENO}: checking for uint$2_t" >&5
+$as_echo_n "checking for uint$2_t... " >&6; }
+if eval \${$3+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  eval "$3=no"
+     # Order is important - never check a type that is potentially smaller
+     # than half of the expected target width.
+     for ac_type in uint$2_t 'unsigned int' 'unsigned long int' \
+	 'unsigned long long int' 'unsigned short int' 'unsigned char'; do
+       cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+$ac_includes_default
+int
+main ()
+{
+static int test_array [1 - 2 * !((($ac_type) -1 >> ($2 / 2 - 1)) >> ($2 / 2 - 1) == 3)];
+test_array [0] = 0;
+return test_array [0];
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  case $ac_type in #(
+  uint$2_t) :
+    eval "$3=yes" ;; #(
+  *) :
+    eval "$3=\$ac_type" ;;
+esac
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+       if eval test \"x\$"$3"\" = x"no"; then :
+
+else
+  break
+fi
+     done
+fi
+eval ac_res=\$$3
+	       { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
+$as_echo "$ac_res" >&6; }
+  eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
+
+} # ac_fn_c_find_uintX_t
+cat >config.log <<_ACEOF
+This file contains any messages produced by compilers while
+running configure, to aid debugging if configure makes a mistake.
+
+It was created by wolfssl $as_me 3.4.0, which was
+generated by GNU Autoconf 2.69.  Invocation command line was
+
+  $ $0 $@
+
+_ACEOF
+exec 5>>config.log
+{
+cat <<_ASUNAME
+## --------- ##
+## Platform. ##
+## --------- ##
+
+hostname = `(hostname || uname -n) 2>/dev/null | sed 1q`
+uname -m = `(uname -m) 2>/dev/null || echo unknown`
+uname -r = `(uname -r) 2>/dev/null || echo unknown`
+uname -s = `(uname -s) 2>/dev/null || echo unknown`
+uname -v = `(uname -v) 2>/dev/null || echo unknown`
+
+/usr/bin/uname -p = `(/usr/bin/uname -p) 2>/dev/null || echo unknown`
+/bin/uname -X     = `(/bin/uname -X) 2>/dev/null     || echo unknown`
+
+/bin/arch              = `(/bin/arch) 2>/dev/null              || echo unknown`
+/usr/bin/arch -k       = `(/usr/bin/arch -k) 2>/dev/null       || echo unknown`
+/usr/convex/getsysinfo = `(/usr/convex/getsysinfo) 2>/dev/null || echo unknown`
+/usr/bin/hostinfo      = `(/usr/bin/hostinfo) 2>/dev/null      || echo unknown`
+/bin/machine           = `(/bin/machine) 2>/dev/null           || echo unknown`
+/usr/bin/oslevel       = `(/usr/bin/oslevel) 2>/dev/null       || echo unknown`
+/bin/universe          = `(/bin/universe) 2>/dev/null          || echo unknown`
+
+_ASUNAME
+
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    $as_echo "PATH: $as_dir"
+  done
+IFS=$as_save_IFS
+
+} >&5
+
+cat >&5 <<_ACEOF
+
+
+## ----------- ##
+## Core tests. ##
+## ----------- ##
+
+_ACEOF
+
+
+# Keep a trace of the command line.
+# Strip out --no-create and --no-recursion so they do not pile up.
+# Strip out --silent because we don't want to record it for future runs.
+# Also quote any args containing shell meta-characters.
+# Make two passes to allow for proper duplicate-argument suppression.
+ac_configure_args=
+ac_configure_args0=
+ac_configure_args1=
+ac_must_keep_next=false
+for ac_pass in 1 2
+do
+  for ac_arg
+  do
+    case $ac_arg in
+    -no-create | --no-c* | -n | -no-recursion | --no-r*) continue ;;
+    -q | -quiet | --quiet | --quie | --qui | --qu | --q \
+    | -silent | --silent | --silen | --sile | --sil)
+      continue ;;
+    *\'*)
+      ac_arg=`$as_echo "$ac_arg" | sed "s/'/'\\\\\\\\''/g"` ;;
+    esac
+    case $ac_pass in
+    1) as_fn_append ac_configure_args0 " '$ac_arg'" ;;
+    2)
+      as_fn_append ac_configure_args1 " '$ac_arg'"
+      if test $ac_must_keep_next = true; then
+	ac_must_keep_next=false # Got value, back to normal.
+      else
+	case $ac_arg in
+	  *=* | --config-cache | -C | -disable-* | --disable-* \
+	  | -enable-* | --enable-* | -gas | --g* | -nfp | --nf* \
+	  | -q | -quiet | --q* | -silent | --sil* | -v | -verb* \
+	  | -with-* | --with-* | -without-* | --without-* | --x)
+	    case "$ac_configure_args0 " in
+	      "$ac_configure_args1"*" '$ac_arg' "* ) continue ;;
+	    esac
+	    ;;
+	  -* ) ac_must_keep_next=true ;;
+	esac
+      fi
+      as_fn_append ac_configure_args " '$ac_arg'"
+      ;;
+    esac
+  done
+done
+{ ac_configure_args0=; unset ac_configure_args0;}
+{ ac_configure_args1=; unset ac_configure_args1;}
+
+# When interrupted or exit'd, cleanup temporary files, and complete
+# config.log.  We remove comments because anyway the quotes in there
+# would cause problems or look ugly.
+# WARNING: Use '\'' to represent an apostrophe within the trap.
+# WARNING: Do not start the trap code with a newline, due to a FreeBSD 4.0 bug.
+trap 'exit_status=$?
+  # Save into config.log some information that might help in debugging.
+  {
+    echo
+
+    $as_echo "## ---------------- ##
+## Cache variables. ##
+## ---------------- ##"
+    echo
+    # The following way of writing the cache mishandles newlines in values,
+(
+  for ac_var in `(set) 2>&1 | sed -n '\''s/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'\''`; do
+    eval ac_val=\$$ac_var
+    case $ac_val in #(
+    *${as_nl}*)
+      case $ac_var in #(
+      *_cv_*) { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cache variable $ac_var contains a newline" >&5
+$as_echo "$as_me: WARNING: cache variable $ac_var contains a newline" >&2;} ;;
+      esac
+      case $ac_var in #(
+      _ | IFS | as_nl) ;; #(
+      BASH_ARGV | BASH_SOURCE) eval $ac_var= ;; #(
+      *) { eval $ac_var=; unset $ac_var;} ;;
+      esac ;;
+    esac
+  done
+  (set) 2>&1 |
+    case $as_nl`(ac_space='\'' '\''; set) 2>&1` in #(
+    *${as_nl}ac_space=\ *)
+      sed -n \
+	"s/'\''/'\''\\\\'\'''\''/g;
+	  s/^\\([_$as_cr_alnum]*_cv_[_$as_cr_alnum]*\\)=\\(.*\\)/\\1='\''\\2'\''/p"
+      ;; #(
+    *)
+      sed -n "/^[_$as_cr_alnum]*_cv_[_$as_cr_alnum]*=/p"
+      ;;
+    esac |
+    sort
+)
+    echo
+
+    $as_echo "## ----------------- ##
+## Output variables. ##
+## ----------------- ##"
+    echo
+    for ac_var in $ac_subst_vars
+    do
+      eval ac_val=\$$ac_var
+      case $ac_val in
+      *\'\''*) ac_val=`$as_echo "$ac_val" | sed "s/'\''/'\''\\\\\\\\'\'''\''/g"`;;
+      esac
+      $as_echo "$ac_var='\''$ac_val'\''"
+    done | sort
+    echo
+
+    if test -n "$ac_subst_files"; then
+      $as_echo "## ------------------- ##
+## File substitutions. ##
+## ------------------- ##"
+      echo
+      for ac_var in $ac_subst_files
+      do
+	eval ac_val=\$$ac_var
+	case $ac_val in
+	*\'\''*) ac_val=`$as_echo "$ac_val" | sed "s/'\''/'\''\\\\\\\\'\'''\''/g"`;;
+	esac
+	$as_echo "$ac_var='\''$ac_val'\''"
+      done | sort
+      echo
+    fi
+
+    if test -s confdefs.h; then
+      $as_echo "## ----------- ##
+## confdefs.h. ##
+## ----------- ##"
+      echo
+      cat confdefs.h
+      echo
+    fi
+    test "$ac_signal" != 0 &&
+      $as_echo "$as_me: caught signal $ac_signal"
+    $as_echo "$as_me: exit $exit_status"
+  } >&5
+  rm -f core *.core core.conftest.* &&
+    rm -f -r conftest* confdefs* conf$$* $ac_clean_files &&
+    exit $exit_status
+' 0
+for ac_signal in 1 2 13 15; do
+  trap 'ac_signal='$ac_signal'; as_fn_exit 1' $ac_signal
+done
+ac_signal=0
+
+# confdefs.h avoids OS command line length limits that DEFS can exceed.
+rm -f -r conftest* confdefs.h
+
+$as_echo "/* confdefs.h */" > confdefs.h
+
+# Predefined preprocessor variables.
+
+cat >>confdefs.h <<_ACEOF
+#define PACKAGE_NAME "$PACKAGE_NAME"
+_ACEOF
+
+cat >>confdefs.h <<_ACEOF
+#define PACKAGE_TARNAME "$PACKAGE_TARNAME"
+_ACEOF
+
+cat >>confdefs.h <<_ACEOF
+#define PACKAGE_VERSION "$PACKAGE_VERSION"
+_ACEOF
+
+cat >>confdefs.h <<_ACEOF
+#define PACKAGE_STRING "$PACKAGE_STRING"
+_ACEOF
+
+cat >>confdefs.h <<_ACEOF
+#define PACKAGE_BUGREPORT "$PACKAGE_BUGREPORT"
+_ACEOF
+
+cat >>confdefs.h <<_ACEOF
+#define PACKAGE_URL "$PACKAGE_URL"
+_ACEOF
+
+
+# Let the site file select an alternate cache file if it wants to.
+# Prefer an explicitly selected file to automatically selected ones.
+ac_site_file1=NONE
+ac_site_file2=NONE
+if test -n "$CONFIG_SITE"; then
+  # We do not want a PATH search for config.site.
+  case $CONFIG_SITE in #((
+    -*)  ac_site_file1=./$CONFIG_SITE;;
+    */*) ac_site_file1=$CONFIG_SITE;;
+    *)   ac_site_file1=./$CONFIG_SITE;;
+  esac
+elif test "x$prefix" != xNONE; then
+  ac_site_file1=$prefix/share/config.site
+  ac_site_file2=$prefix/etc/config.site
+else
+  ac_site_file1=$ac_default_prefix/share/config.site
+  ac_site_file2=$ac_default_prefix/etc/config.site
+fi
+for ac_site_file in "$ac_site_file1" "$ac_site_file2"
+do
+  test "x$ac_site_file" = xNONE && continue
+  if test /dev/null != "$ac_site_file" && test -r "$ac_site_file"; then
+    { $as_echo "$as_me:${as_lineno-$LINENO}: loading site script $ac_site_file" >&5
+$as_echo "$as_me: loading site script $ac_site_file" >&6;}
+    sed 's/^/| /' "$ac_site_file" >&5
+    . "$ac_site_file" \
+      || { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
+$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
+as_fn_error $? "failed to load site script $ac_site_file
+See \`config.log' for more details" "$LINENO" 5; }
+  fi
+done
+
+if test -r "$cache_file"; then
+  # Some versions of bash will fail to source /dev/null (special files
+  # actually), so we avoid doing that.  DJGPP emulates it as a regular file.
+  if test /dev/null != "$cache_file" && test -f "$cache_file"; then
+    { $as_echo "$as_me:${as_lineno-$LINENO}: loading cache $cache_file" >&5
+$as_echo "$as_me: loading cache $cache_file" >&6;}
+    case $cache_file in
+      [\\/]* | ?:[\\/]* ) . "$cache_file";;
+      *)                      . "./$cache_file";;
+    esac
+  fi
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: creating cache $cache_file" >&5
+$as_echo "$as_me: creating cache $cache_file" >&6;}
+  >$cache_file
+fi
+
+# Check that the precious variables saved in the cache have kept the same
+# value.
+ac_cache_corrupted=false
+for ac_var in $ac_precious_vars; do
+  eval ac_old_set=\$ac_cv_env_${ac_var}_set
+  eval ac_new_set=\$ac_env_${ac_var}_set
+  eval ac_old_val=\$ac_cv_env_${ac_var}_value
+  eval ac_new_val=\$ac_env_${ac_var}_value
+  case $ac_old_set,$ac_new_set in
+    set,)
+      { $as_echo "$as_me:${as_lineno-$LINENO}: error: \`$ac_var' was set to \`$ac_old_val' in the previous run" >&5
+$as_echo "$as_me: error: \`$ac_var' was set to \`$ac_old_val' in the previous run" >&2;}
+      ac_cache_corrupted=: ;;
+    ,set)
+      { $as_echo "$as_me:${as_lineno-$LINENO}: error: \`$ac_var' was not set in the previous run" >&5
+$as_echo "$as_me: error: \`$ac_var' was not set in the previous run" >&2;}
+      ac_cache_corrupted=: ;;
+    ,);;
+    *)
+      if test "x$ac_old_val" != "x$ac_new_val"; then
+	# differences in whitespace do not lead to failure.
+	ac_old_val_w=`echo x $ac_old_val`
+	ac_new_val_w=`echo x $ac_new_val`
+	if test "$ac_old_val_w" != "$ac_new_val_w"; then
+	  { $as_echo "$as_me:${as_lineno-$LINENO}: error: \`$ac_var' has changed since the previous run:" >&5
+$as_echo "$as_me: error: \`$ac_var' has changed since the previous run:" >&2;}
+	  ac_cache_corrupted=:
+	else
+	  { $as_echo "$as_me:${as_lineno-$LINENO}: warning: ignoring whitespace changes in \`$ac_var' since the previous run:" >&5
+$as_echo "$as_me: warning: ignoring whitespace changes in \`$ac_var' since the previous run:" >&2;}
+	  eval $ac_var=\$ac_old_val
+	fi
+	{ $as_echo "$as_me:${as_lineno-$LINENO}:   former value:  \`$ac_old_val'" >&5
+$as_echo "$as_me:   former value:  \`$ac_old_val'" >&2;}
+	{ $as_echo "$as_me:${as_lineno-$LINENO}:   current value: \`$ac_new_val'" >&5
+$as_echo "$as_me:   current value: \`$ac_new_val'" >&2;}
+      fi;;
+  esac
+  # Pass precious variables to config.status.
+  if test "$ac_new_set" = set; then
+    case $ac_new_val in
+    *\'*) ac_arg=$ac_var=`$as_echo "$ac_new_val" | sed "s/'/'\\\\\\\\''/g"` ;;
+    *) ac_arg=$ac_var=$ac_new_val ;;
+    esac
+    case " $ac_configure_args " in
+      *" '$ac_arg' "*) ;; # Avoid dups.  Use of quotes ensures accuracy.
+      *) as_fn_append ac_configure_args " '$ac_arg'" ;;
+    esac
+  fi
+done
+if $ac_cache_corrupted; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
+$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
+  { $as_echo "$as_me:${as_lineno-$LINENO}: error: changes in the environment can compromise the build" >&5
+$as_echo "$as_me: error: changes in the environment can compromise the build" >&2;}
+  as_fn_error $? "run \`make distclean' and/or \`rm $cache_file' and start over" "$LINENO" 5
+fi
+## -------------------- ##
+## Main body of script. ##
+## -------------------- ##
+
+ac_ext=c
+ac_cpp='$CPP $CPPFLAGS'
+ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
+ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
+ac_compiler_gnu=$ac_cv_c_compiler_gnu
+
+
+
+ac_aux_dir=
+for ac_dir in build-aux "$srcdir"/build-aux; do
+  if test -f "$ac_dir/install-sh"; then
+    ac_aux_dir=$ac_dir
+    ac_install_sh="$ac_aux_dir/install-sh -c"
+    break
+  elif test -f "$ac_dir/install.sh"; then
+    ac_aux_dir=$ac_dir
+    ac_install_sh="$ac_aux_dir/install.sh -c"
+    break
+  elif test -f "$ac_dir/shtool"; then
+    ac_aux_dir=$ac_dir
+    ac_install_sh="$ac_aux_dir/shtool install -c"
+    break
+  fi
+done
+if test -z "$ac_aux_dir"; then
+  as_fn_error $? "cannot find install-sh, install.sh, or shtool in build-aux \"$srcdir\"/build-aux" "$LINENO" 5
+fi
+
+# These three variables are undocumented and unsupported,
+# and are intended to be withdrawn in a future Autoconf release.
+# They can cause serious problems if a builder's source tree is in a directory
+# whose full name contains unusual characters.
+ac_config_guess="$SHELL $ac_aux_dir/config.guess"  # Please don't use this var.
+ac_config_sub="$SHELL $ac_aux_dir/config.sub"  # Please don't use this var.
+ac_configure="$SHELL $ac_aux_dir/configure"  # Please don't use this var.
+
+
+
+# Make sure we can run config.sub.
+$SHELL "$ac_aux_dir/config.sub" sun4 >/dev/null 2>&1 ||
+  as_fn_error $? "cannot run $SHELL $ac_aux_dir/config.sub" "$LINENO" 5
+
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking build system type" >&5
+$as_echo_n "checking build system type... " >&6; }
+if ${ac_cv_build+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  ac_build_alias=$build_alias
+test "x$ac_build_alias" = x &&
+  ac_build_alias=`$SHELL "$ac_aux_dir/config.guess"`
+test "x$ac_build_alias" = x &&
+  as_fn_error $? "cannot guess build type; you must specify one" "$LINENO" 5
+ac_cv_build=`$SHELL "$ac_aux_dir/config.sub" $ac_build_alias` ||
+  as_fn_error $? "$SHELL $ac_aux_dir/config.sub $ac_build_alias failed" "$LINENO" 5
+
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_build" >&5
+$as_echo "$ac_cv_build" >&6; }
+case $ac_cv_build in
+*-*-*) ;;
+*) as_fn_error $? "invalid value of canonical build" "$LINENO" 5;;
+esac
+build=$ac_cv_build
+ac_save_IFS=$IFS; IFS='-'
+set x $ac_cv_build
+shift
+build_cpu=$1
+build_vendor=$2
+shift; shift
+# Remember, the first character of IFS is used to create $*,
+# except with old shells:
+build_os=$*
+IFS=$ac_save_IFS
+case $build_os in *\ *) build_os=`echo "$build_os" | sed 's/ /-/g'`;; esac
+
+
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking host system type" >&5
+$as_echo_n "checking host system type... " >&6; }
+if ${ac_cv_host+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if test "x$host_alias" = x; then
+  ac_cv_host=$ac_cv_build
+else
+  ac_cv_host=`$SHELL "$ac_aux_dir/config.sub" $host_alias` ||
+    as_fn_error $? "$SHELL $ac_aux_dir/config.sub $host_alias failed" "$LINENO" 5
+fi
+
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_host" >&5
+$as_echo "$ac_cv_host" >&6; }
+case $ac_cv_host in
+*-*-*) ;;
+*) as_fn_error $? "invalid value of canonical host" "$LINENO" 5;;
+esac
+host=$ac_cv_host
+ac_save_IFS=$IFS; IFS='-'
+set x $ac_cv_host
+shift
+host_cpu=$1
+host_vendor=$2
+shift; shift
+# Remember, the first character of IFS is used to create $*,
+# except with old shells:
+host_os=$*
+IFS=$ac_save_IFS
+case $host_os in *\ *) host_os=`echo "$host_os" | sed 's/ /-/g'`;; esac
+
+
+
+
+am__api_version='1.14'
+
+# Find a good install program.  We prefer a C program (faster),
+# so one script is as good as another.  But avoid the broken or
+# incompatible versions:
+# SysV /etc/install, /usr/sbin/install
+# SunOS /usr/etc/install
+# IRIX /sbin/install
+# AIX /bin/install
+# AmigaOS /C/install, which installs bootblocks on floppy discs
+# AIX 4 /usr/bin/installbsd, which doesn't work without a -g flag
+# AFS /usr/afsws/bin/install, which mishandles nonexistent args
+# SVR4 /usr/ucb/install, which tries to use the nonexistent group "staff"
+# OS/2's system install, which has a completely different semantic
+# ./install, which can be erroneously created by make from ./install.sh.
+# Reject install programs that cannot install multiple files.
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for a BSD-compatible install" >&5
+$as_echo_n "checking for a BSD-compatible install... " >&6; }
+if test -z "$INSTALL"; then
+if ${ac_cv_path_install+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    # Account for people who put trailing slashes in PATH elements.
+case $as_dir/ in #((
+  ./ | .// | /[cC]/* | \
+  /etc/* | /usr/sbin/* | /usr/etc/* | /sbin/* | /usr/afsws/bin/* | \
+  ?:[\\/]os2[\\/]install[\\/]* | ?:[\\/]OS2[\\/]INSTALL[\\/]* | \
+  /usr/ucb/* ) ;;
+  *)
+    # OSF1 and SCO ODT 3.0 have their own names for install.
+    # Don't use installbsd from OSF since it installs stuff as root
+    # by default.
+    for ac_prog in ginstall scoinst install; do
+      for ac_exec_ext in '' $ac_executable_extensions; do
+	if as_fn_executable_p "$as_dir/$ac_prog$ac_exec_ext"; then
+	  if test $ac_prog = install &&
+	    grep dspmsg "$as_dir/$ac_prog$ac_exec_ext" >/dev/null 2>&1; then
+	    # AIX install.  It has an incompatible calling convention.
+	    :
+	  elif test $ac_prog = install &&
+	    grep pwplus "$as_dir/$ac_prog$ac_exec_ext" >/dev/null 2>&1; then
+	    # program-specific install script used by HP pwplus--don't use.
+	    :
+	  else
+	    rm -rf conftest.one conftest.two conftest.dir
+	    echo one > conftest.one
+	    echo two > conftest.two
+	    mkdir conftest.dir
+	    if "$as_dir/$ac_prog$ac_exec_ext" -c conftest.one conftest.two "`pwd`/conftest.dir" &&
+	      test -s conftest.one && test -s conftest.two &&
+	      test -s conftest.dir/conftest.one &&
+	      test -s conftest.dir/conftest.two
+	    then
+	      ac_cv_path_install="$as_dir/$ac_prog$ac_exec_ext -c"
+	      break 3
+	    fi
+	  fi
+	fi
+      done
+    done
+    ;;
+esac
+
+  done
+IFS=$as_save_IFS
+
+rm -rf conftest.one conftest.two conftest.dir
+
+fi
+  if test "${ac_cv_path_install+set}" = set; then
+    INSTALL=$ac_cv_path_install
+  else
+    # As a last resort, use the slow shell script.  Don't cache a
+    # value for INSTALL within a source directory, because that will
+    # break other packages using the cache if that directory is
+    # removed, or if the value is a relative name.
+    INSTALL=$ac_install_sh
+  fi
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $INSTALL" >&5
+$as_echo "$INSTALL" >&6; }
+
+# Use test -z because SunOS4 sh mishandles braces in ${var-val}.
+# It thinks the first close brace ends the variable substitution.
+test -z "$INSTALL_PROGRAM" && INSTALL_PROGRAM='${INSTALL}'
+
+test -z "$INSTALL_SCRIPT" && INSTALL_SCRIPT='${INSTALL}'
+
+test -z "$INSTALL_DATA" && INSTALL_DATA='${INSTALL} -m 644'
+
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether build environment is sane" >&5
+$as_echo_n "checking whether build environment is sane... " >&6; }
+# Reject unsafe characters in $srcdir or the absolute working directory
+# name.  Accept space and tab only in the latter.
+am_lf='
+'
+case `pwd` in
+  *[\\\"\#\$\&\'\`$am_lf]*)
+    as_fn_error $? "unsafe absolute working directory name" "$LINENO" 5;;
+esac
+case $srcdir in
+  *[\\\"\#\$\&\'\`$am_lf\ \	]*)
+    as_fn_error $? "unsafe srcdir value: '$srcdir'" "$LINENO" 5;;
+esac
+
+# Do 'set' in a subshell so we don't clobber the current shell's
+# arguments.  Must try -L first in case configure is actually a
+# symlink; some systems play weird games with the mod time of symlinks
+# (eg FreeBSD returns the mod time of the symlink's containing
+# directory).
+if (
+   am_has_slept=no
+   for am_try in 1 2; do
+     echo "timestamp, slept: $am_has_slept" > conftest.file
+     set X `ls -Lt "$srcdir/configure" conftest.file 2> /dev/null`
+     if test "$*" = "X"; then
+	# -L didn't work.
+	set X `ls -t "$srcdir/configure" conftest.file`
+     fi
+     if test "$*" != "X $srcdir/configure conftest.file" \
+	&& test "$*" != "X conftest.file $srcdir/configure"; then
+
+	# If neither matched, then we have a broken ls.  This can happen
+	# if, for instance, CONFIG_SHELL is bash and it inherits a
+	# broken ls alias from the environment.  This has actually
+	# happened.  Such a system could not be considered "sane".
+	as_fn_error $? "ls -t appears to fail.  Make sure there is not a broken
+  alias in your environment" "$LINENO" 5
+     fi
+     if test "$2" = conftest.file || test $am_try -eq 2; then
+       break
+     fi
+     # Just in case.
+     sleep 1
+     am_has_slept=yes
+   done
+   test "$2" = conftest.file
+   )
+then
+   # Ok.
+   :
+else
+   as_fn_error $? "newly created file is older than distributed files!
+Check your system clock" "$LINENO" 5
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+$as_echo "yes" >&6; }
+# If we didn't sleep, we still need to ensure time stamps of config.status and
+# generated files are strictly newer.
+am_sleep_pid=
+if grep 'slept: no' conftest.file >/dev/null 2>&1; then
+  ( sleep 1 ) &
+  am_sleep_pid=$!
+fi
+
+rm -f conftest.file
+
+test "$program_prefix" != NONE &&
+  program_transform_name="s&^&$program_prefix&;$program_transform_name"
+# Use a double $ so make ignores it.
+test "$program_suffix" != NONE &&
+  program_transform_name="s&\$&$program_suffix&;$program_transform_name"
+# Double any \ or $.
+# By default was `s,x,x', remove it if useless.
+ac_script='s/[\\$]/&&/g;s/;s,x,x,$//'
+program_transform_name=`$as_echo "$program_transform_name" | sed "$ac_script"`
+
+# expand $ac_aux_dir to an absolute path
+am_aux_dir=`cd $ac_aux_dir && pwd`
+
+if test x"${MISSING+set}" != xset; then
+  case $am_aux_dir in
+  *\ * | *\	*)
+    MISSING="\${SHELL} \"$am_aux_dir/missing\"" ;;
+  *)
+    MISSING="\${SHELL} $am_aux_dir/missing" ;;
+  esac
+fi
+# Use eval to expand $SHELL
+if eval "$MISSING --is-lightweight"; then
+  am_missing_run="$MISSING "
+else
+  am_missing_run=
+  { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: 'missing' script is too old or missing" >&5
+$as_echo "$as_me: WARNING: 'missing' script is too old or missing" >&2;}
+fi
+
+if test x"${install_sh}" != xset; then
+  case $am_aux_dir in
+  *\ * | *\	*)
+    install_sh="\${SHELL} '$am_aux_dir/install-sh'" ;;
+  *)
+    install_sh="\${SHELL} $am_aux_dir/install-sh"
+  esac
+fi
+
+# Installed binaries are usually stripped using 'strip' when the user
+# run "make install-strip".  However 'strip' might not be the right
+# tool to use in cross-compilation environments, therefore Automake
+# will honor the 'STRIP' environment variable to overrule this program.
+if test "$cross_compiling" != no; then
+  if test -n "$ac_tool_prefix"; then
+  # Extract the first word of "${ac_tool_prefix}strip", so it can be a program name with args.
+set dummy ${ac_tool_prefix}strip; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_STRIP+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if test -n "$STRIP"; then
+  ac_cv_prog_STRIP="$STRIP" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    for ac_exec_ext in '' $ac_executable_extensions; do
+  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
+    ac_cv_prog_STRIP="${ac_tool_prefix}strip"
+    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
+    break 2
+  fi
+done
+  done
+IFS=$as_save_IFS
+
+fi
+fi
+STRIP=$ac_cv_prog_STRIP
+if test -n "$STRIP"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $STRIP" >&5
+$as_echo "$STRIP" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+fi
+if test -z "$ac_cv_prog_STRIP"; then
+  ac_ct_STRIP=$STRIP
+  # Extract the first word of "strip", so it can be a program name with args.
+set dummy strip; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_ac_ct_STRIP+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if test -n "$ac_ct_STRIP"; then
+  ac_cv_prog_ac_ct_STRIP="$ac_ct_STRIP" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    for ac_exec_ext in '' $ac_executable_extensions; do
+  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
+    ac_cv_prog_ac_ct_STRIP="strip"
+    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
+    break 2
+  fi
+done
+  done
+IFS=$as_save_IFS
+
+fi
+fi
+ac_ct_STRIP=$ac_cv_prog_ac_ct_STRIP
+if test -n "$ac_ct_STRIP"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_STRIP" >&5
+$as_echo "$ac_ct_STRIP" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+  if test "x$ac_ct_STRIP" = x; then
+    STRIP=":"
+  else
+    case $cross_compiling:$ac_tool_warned in
+yes:)
+{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5
+$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;}
+ac_tool_warned=yes ;;
+esac
+    STRIP=$ac_ct_STRIP
+  fi
+else
+  STRIP="$ac_cv_prog_STRIP"
+fi
+
+fi
+INSTALL_STRIP_PROGRAM="\$(install_sh) -c -s"
+
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for a thread-safe mkdir -p" >&5
+$as_echo_n "checking for a thread-safe mkdir -p... " >&6; }
+if test -z "$MKDIR_P"; then
+  if ${ac_cv_path_mkdir+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH$PATH_SEPARATOR/opt/sfw/bin
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    for ac_prog in mkdir gmkdir; do
+	 for ac_exec_ext in '' $ac_executable_extensions; do
+	   as_fn_executable_p "$as_dir/$ac_prog$ac_exec_ext" || continue
+	   case `"$as_dir/$ac_prog$ac_exec_ext" --version 2>&1` in #(
+	     'mkdir (GNU coreutils) '* | \
+	     'mkdir (coreutils) '* | \
+	     'mkdir (fileutils) '4.1*)
+	       ac_cv_path_mkdir=$as_dir/$ac_prog$ac_exec_ext
+	       break 3;;
+	   esac
+	 done
+       done
+  done
+IFS=$as_save_IFS
+
+fi
+
+  test -d ./--version && rmdir ./--version
+  if test "${ac_cv_path_mkdir+set}" = set; then
+    MKDIR_P="$ac_cv_path_mkdir -p"
+  else
+    # As a last resort, use the slow shell script.  Don't cache a
+    # value for MKDIR_P within a source directory, because that will
+    # break other packages using the cache if that directory is
+    # removed, or if the value is a relative name.
+    MKDIR_P="$ac_install_sh -d"
+  fi
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $MKDIR_P" >&5
+$as_echo "$MKDIR_P" >&6; }
+
+for ac_prog in gawk mawk nawk awk
+do
+  # Extract the first word of "$ac_prog", so it can be a program name with args.
+set dummy $ac_prog; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_AWK+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if test -n "$AWK"; then
+  ac_cv_prog_AWK="$AWK" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    for ac_exec_ext in '' $ac_executable_extensions; do
+  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
+    ac_cv_prog_AWK="$ac_prog"
+    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
+    break 2
+  fi
+done
+  done
+IFS=$as_save_IFS
+
+fi
+fi
+AWK=$ac_cv_prog_AWK
+if test -n "$AWK"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $AWK" >&5
+$as_echo "$AWK" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+  test -n "$AWK" && break
+done
+
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether ${MAKE-make} sets \$(MAKE)" >&5
+$as_echo_n "checking whether ${MAKE-make} sets \$(MAKE)... " >&6; }
+set x ${MAKE-make}
+ac_make=`$as_echo "$2" | sed 's/+/p/g; s/[^a-zA-Z0-9_]/_/g'`
+if eval \${ac_cv_prog_make_${ac_make}_set+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  cat >conftest.make <<\_ACEOF
+SHELL = /bin/sh
+all:
+	@echo '@@@%%%=$(MAKE)=@@@%%%'
+_ACEOF
+# GNU make sometimes prints "make[1]: Entering ...", which would confuse us.
+case `${MAKE-make} -f conftest.make 2>/dev/null` in
+  *@@@%%%=?*=@@@%%%*)
+    eval ac_cv_prog_make_${ac_make}_set=yes;;
+  *)
+    eval ac_cv_prog_make_${ac_make}_set=no;;
+esac
+rm -f conftest.make
+fi
+if eval test \$ac_cv_prog_make_${ac_make}_set = yes; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+$as_echo "yes" >&6; }
+  SET_MAKE=
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+  SET_MAKE="MAKE=${MAKE-make}"
+fi
+
+rm -rf .tst 2>/dev/null
+mkdir .tst 2>/dev/null
+if test -d .tst; then
+  am__leading_dot=.
+else
+  am__leading_dot=_
+fi
+rmdir .tst 2>/dev/null
+
+# Check whether --enable-silent-rules was given.
+if test "${enable_silent_rules+set}" = set; then :
+  enableval=$enable_silent_rules;
+fi
+
+case $enable_silent_rules in # (((
+  yes) AM_DEFAULT_VERBOSITY=0;;
+   no) AM_DEFAULT_VERBOSITY=1;;
+    *) AM_DEFAULT_VERBOSITY=1;;
+esac
+am_make=${MAKE-make}
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $am_make supports nested variables" >&5
+$as_echo_n "checking whether $am_make supports nested variables... " >&6; }
+if ${am_cv_make_support_nested_variables+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if $as_echo 'TRUE=$(BAR$(V))
+BAR0=false
+BAR1=true
+V=1
+am__doit:
+	@$(TRUE)
+.PHONY: am__doit' | $am_make -f - >/dev/null 2>&1; then
+  am_cv_make_support_nested_variables=yes
+else
+  am_cv_make_support_nested_variables=no
+fi
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $am_cv_make_support_nested_variables" >&5
+$as_echo "$am_cv_make_support_nested_variables" >&6; }
+if test $am_cv_make_support_nested_variables = yes; then
+    AM_V='$(V)'
+  AM_DEFAULT_V='$(AM_DEFAULT_VERBOSITY)'
+else
+  AM_V=$AM_DEFAULT_VERBOSITY
+  AM_DEFAULT_V=$AM_DEFAULT_VERBOSITY
+fi
+AM_BACKSLASH='\'
+
+if test "`cd $srcdir && pwd`" != "`pwd`"; then
+  # Use -I$(srcdir) only when $(srcdir) != ., so that make's output
+  # is not polluted with repeated "-I."
+  am__isrc=' -I$(srcdir)'
+  # test to see if srcdir already configured
+  if test -f $srcdir/config.status; then
+    as_fn_error $? "source directory already configured; run \"make distclean\" there first" "$LINENO" 5
+  fi
+fi
+
+# test whether we have cygpath
+if test -z "$CYGPATH_W"; then
+  if (cygpath --version) >/dev/null 2>/dev/null; then
+    CYGPATH_W='cygpath -w'
+  else
+    CYGPATH_W=echo
+  fi
+fi
+
+
+# Define the identity of the package.
+ PACKAGE='wolfssl'
+ VERSION='3.4.0'
+
+
+# Some tools Automake needs.
+
+ACLOCAL=${ACLOCAL-"${am_missing_run}aclocal-${am__api_version}"}
+
+
+AUTOCONF=${AUTOCONF-"${am_missing_run}autoconf"}
+
+
+AUTOMAKE=${AUTOMAKE-"${am_missing_run}automake-${am__api_version}"}
+
+
+AUTOHEADER=${AUTOHEADER-"${am_missing_run}autoheader"}
+
+
+MAKEINFO=${MAKEINFO-"${am_missing_run}makeinfo"}
+
+# For better backward compatibility.  To be removed once Automake 1.9.x
+# dies out for good.  For more background, see:
+# 
+# 
+mkdir_p='$(MKDIR_P)'
+
+# We need awk for the "check" target.  The system "awk" is bad on
+# some platforms.
+# Always define AMTAR for backward compatibility.  Yes, it's still used
+# in the wild :-(  We should find a proper way to deprecate it ...
+AMTAR='$${TAR-tar}'
+
+
+# We'll loop over all known methods to create a tar archive until one works.
+_am_tools='gnutar plaintar pax cpio none'
+
+# The POSIX 1988 'ustar' format is defined with fixed-size fields.
+      # There is notably a 21 bits limit for the UID and the GID.  In fact,
+      # the 'pax' utility can hang on bigger UID/GID (see automake bug#8343
+      # and bug#13588).
+      am_max_uid=2097151 # 2^21 - 1
+      am_max_gid=$am_max_uid
+      # The $UID and $GID variables are not portable, so we need to resort
+      # to the POSIX-mandated id(1) utility.  Errors in the 'id' calls
+      # below are definitely unexpected, so allow the users to see them
+      # (that is, avoid stderr redirection).
+      am_uid=`id -u || echo unknown`
+      am_gid=`id -g || echo unknown`
+      { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether UID '$am_uid' is supported by ustar format" >&5
+$as_echo_n "checking whether UID '$am_uid' is supported by ustar format... " >&6; }
+      if test $am_uid -le $am_max_uid; then
+         { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+$as_echo "yes" >&6; }
+      else
+         { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+         _am_tools=none
+      fi
+      { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether GID '$am_gid' is supported by ustar format" >&5
+$as_echo_n "checking whether GID '$am_gid' is supported by ustar format... " >&6; }
+      if test $am_gid -le $am_max_gid; then
+         { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+$as_echo "yes" >&6; }
+      else
+        { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+        _am_tools=none
+      fi
+
+  { $as_echo "$as_me:${as_lineno-$LINENO}: checking how to create a ustar tar archive" >&5
+$as_echo_n "checking how to create a ustar tar archive... " >&6; }
+
+  # Go ahead even if we have the value already cached.  We do so because we
+  # need to set the values for the 'am__tar' and 'am__untar' variables.
+  _am_tools=${am_cv_prog_tar_ustar-$_am_tools}
+
+  for _am_tool in $_am_tools; do
+    case $_am_tool in
+    gnutar)
+      for _am_tar in tar gnutar gtar; do
+        { echo "$as_me:$LINENO: $_am_tar --version" >&5
+   ($_am_tar --version) >&5 2>&5
+   ac_status=$?
+   echo "$as_me:$LINENO: \$? = $ac_status" >&5
+   (exit $ac_status); } && break
+      done
+      am__tar="$_am_tar --format=ustar -chf - "'"$$tardir"'
+      am__tar_="$_am_tar --format=ustar -chf - "'"$tardir"'
+      am__untar="$_am_tar -xf -"
+      ;;
+    plaintar)
+      # Must skip GNU tar: if it does not support --format= it doesn't create
+      # ustar tarball either.
+      (tar --version) >/dev/null 2>&1 && continue
+      am__tar='tar chf - "$$tardir"'
+      am__tar_='tar chf - "$tardir"'
+      am__untar='tar xf -'
+      ;;
+    pax)
+      am__tar='pax -L -x ustar -w "$$tardir"'
+      am__tar_='pax -L -x ustar -w "$tardir"'
+      am__untar='pax -r'
+      ;;
+    cpio)
+      am__tar='find "$$tardir" -print | cpio -o -H ustar -L'
+      am__tar_='find "$tardir" -print | cpio -o -H ustar -L'
+      am__untar='cpio -i -H ustar -d'
+      ;;
+    none)
+      am__tar=false
+      am__tar_=false
+      am__untar=false
+      ;;
+    esac
+
+    # If the value was cached, stop now.  We just wanted to have am__tar
+    # and am__untar set.
+    test -n "${am_cv_prog_tar_ustar}" && break
+
+    # tar/untar a dummy directory, and stop if the command works.
+    rm -rf conftest.dir
+    mkdir conftest.dir
+    echo GrepMe > conftest.dir/file
+    { echo "$as_me:$LINENO: tardir=conftest.dir && eval $am__tar_ >conftest.tar" >&5
+   (tardir=conftest.dir && eval $am__tar_ >conftest.tar) >&5 2>&5
+   ac_status=$?
+   echo "$as_me:$LINENO: \$? = $ac_status" >&5
+   (exit $ac_status); }
+    rm -rf conftest.dir
+    if test -s conftest.tar; then
+      { echo "$as_me:$LINENO: $am__untar &5
+   ($am__untar &5 2>&5
+   ac_status=$?
+   echo "$as_me:$LINENO: \$? = $ac_status" >&5
+   (exit $ac_status); }
+      { echo "$as_me:$LINENO: cat conftest.dir/file" >&5
+   (cat conftest.dir/file) >&5 2>&5
+   ac_status=$?
+   echo "$as_me:$LINENO: \$? = $ac_status" >&5
+   (exit $ac_status); }
+      grep GrepMe conftest.dir/file >/dev/null 2>&1 && break
+    fi
+  done
+  rm -rf conftest.dir
+
+  if ${am_cv_prog_tar_ustar+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  am_cv_prog_tar_ustar=$_am_tool
+fi
+
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $am_cv_prog_tar_ustar" >&5
+$as_echo "$am_cv_prog_tar_ustar" >&6; }
+
+
+
+
+
+
+# POSIX will say in a future version that running "rm -f" with no argument
+# is OK; and we want to be able to make that assumption in our Makefile
+# recipes.  So use an aggressive probe to check that the usage we want is
+# actually supported "in the wild" to an acceptable degree.
+# See automake bug#10828.
+# To make any issue more visible, cause the running configure to be aborted
+# by default if the 'rm' program in use doesn't match our expectations; the
+# user can still override this though.
+if rm -f && rm -fr && rm -rf; then : OK; else
+  cat >&2 <<'END'
+Oops!
+
+Your 'rm' program seems unable to run without file operands specified
+on the command line, even when the '-f' option is present.  This is contrary
+to the behaviour of most rm programs out there, and not conforming with
+the upcoming POSIX standard: 
+
+Please tell bug-automake@gnu.org about your system, including the value
+of your $PATH and any error possibly output before this message.  This
+can help us improve future automake versions.
+
+END
+  if test x"$ACCEPT_INFERIOR_RM_PROGRAM" = x"yes"; then
+    echo 'Configuration will proceed anyway, since you have set the' >&2
+    echo 'ACCEPT_INFERIOR_RM_PROGRAM variable to "yes"' >&2
+    echo >&2
+  else
+    cat >&2 <<'END'
+Aborting the configuration process, to ensure you take notice of the issue.
+
+You can download and install GNU coreutils to get an 'rm' implementation
+that behaves properly: .
+
+If you want to complete the configuration process using your problematic
+'rm' anyway, export the environment variable ACCEPT_INFERIOR_RM_PROGRAM
+to "yes", and re-run configure.
+
+END
+    as_fn_error $? "Your 'rm' program is bad, sorry." "$LINENO" 5
+  fi
+fi
+
+
+
+
+#PROTECT_AC_USE_SYSTEM_EXTENSIONS
+
+
+
+ac_config_headers="$ac_config_headers config.h:config.in"
+
+#shared library versioning
+WOLFSSL_LIBRARY_VERSION=0:0:0
+#                       | | |
+#                +------+ | +---+
+#                |        |     |
+#               current:revision:age
+#                |        |     |
+#                |        |     +- increment if interfaces have been added
+#                |        |        set to zero if interfaces have been removed
+#                |        |        or changed
+#                |        +- increment if source code has changed
+#                |           set to zero if current is incremented
+#                +- increment if interfaces have been added, removed or changed
+
+
+# capture user C_EXTRA_FLAGS from ./configure line, CFLAGS may hold -g -O2 even
+# if user doesn't override, no way to tell
+USER_C_EXTRA_FLAGS="$C_EXTRA_FLAGS"
+
+
+case `pwd` in
+  *\ * | *\	*)
+    { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: Libtool does not cope well with whitespace in \`pwd\`" >&5
+$as_echo "$as_me: WARNING: Libtool does not cope well with whitespace in \`pwd\`" >&2;} ;;
+esac
+
+
+
+macro_version='2.4.2'
+macro_revision='1.3337'
+
+
+
+
+
+
+
+
+
+
+
+
+
+ltmain="$ac_aux_dir/ltmain.sh"
+
+# Backslashify metacharacters that are still active within
+# double-quoted strings.
+sed_quote_subst='s/\(["`$\\]\)/\\\1/g'
+
+# Same as above, but do not quote variable references.
+double_quote_subst='s/\(["`\\]\)/\\\1/g'
+
+# Sed substitution to delay expansion of an escaped shell variable in a
+# double_quote_subst'ed string.
+delay_variable_subst='s/\\\\\\\\\\\$/\\\\\\$/g'
+
+# Sed substitution to delay expansion of an escaped single quote.
+delay_single_quote_subst='s/'\''/'\'\\\\\\\'\''/g'
+
+# Sed substitution to avoid accidental globbing in evaled expressions
+no_glob_subst='s/\*/\\\*/g'
+
+ECHO='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\'
+ECHO=$ECHO$ECHO$ECHO$ECHO$ECHO
+ECHO=$ECHO$ECHO$ECHO$ECHO$ECHO$ECHO
+
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking how to print strings" >&5
+$as_echo_n "checking how to print strings... " >&6; }
+# Test print first, because it will be a builtin if present.
+if test "X`( print -r -- -n ) 2>/dev/null`" = X-n && \
+   test "X`print -r -- $ECHO 2>/dev/null`" = "X$ECHO"; then
+  ECHO='print -r --'
+elif test "X`printf %s $ECHO 2>/dev/null`" = "X$ECHO"; then
+  ECHO='printf %s\n'
+else
+  # Use this function as a fallback that always works.
+  func_fallback_echo ()
+  {
+    eval 'cat <<_LTECHO_EOF
+$1
+_LTECHO_EOF'
+  }
+  ECHO='func_fallback_echo'
+fi
+
+# func_echo_all arg...
+# Invoke $ECHO with all args, space-separated.
+func_echo_all ()
+{
+    $ECHO ""
+}
+
+case "$ECHO" in
+  printf*) { $as_echo "$as_me:${as_lineno-$LINENO}: result: printf" >&5
+$as_echo "printf" >&6; } ;;
+  print*) { $as_echo "$as_me:${as_lineno-$LINENO}: result: print -r" >&5
+$as_echo "print -r" >&6; } ;;
+  *) { $as_echo "$as_me:${as_lineno-$LINENO}: result: cat" >&5
+$as_echo "cat" >&6; } ;;
+esac
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+DEPDIR="${am__leading_dot}deps"
+
+ac_config_commands="$ac_config_commands depfiles"
+
+
+am_make=${MAKE-make}
+cat > confinc << 'END'
+am__doit:
+	@echo this is the am__doit target
+.PHONY: am__doit
+END
+# If we don't find an include directive, just comment out the code.
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for style of include used by $am_make" >&5
+$as_echo_n "checking for style of include used by $am_make... " >&6; }
+am__include="#"
+am__quote=
+_am_result=none
+# First try GNU make style include.
+echo "include confinc" > confmf
+# Ignore all kinds of additional output from 'make'.
+case `$am_make -s -f confmf 2> /dev/null` in #(
+*the\ am__doit\ target*)
+  am__include=include
+  am__quote=
+  _am_result=GNU
+  ;;
+esac
+# Now try BSD make style include.
+if test "$am__include" = "#"; then
+   echo '.include "confinc"' > confmf
+   case `$am_make -s -f confmf 2> /dev/null` in #(
+   *the\ am__doit\ target*)
+     am__include=.include
+     am__quote="\""
+     _am_result=BSD
+     ;;
+   esac
+fi
+
+
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $_am_result" >&5
+$as_echo "$_am_result" >&6; }
+rm -f confinc confmf
+
+# Check whether --enable-dependency-tracking was given.
+if test "${enable_dependency_tracking+set}" = set; then :
+  enableval=$enable_dependency_tracking;
+fi
+
+if test "x$enable_dependency_tracking" != xno; then
+  am_depcomp="$ac_aux_dir/depcomp"
+  AMDEPBACKSLASH='\'
+  am__nodep='_no'
+fi
+ if test "x$enable_dependency_tracking" != xno; then
+  AMDEP_TRUE=
+  AMDEP_FALSE='#'
+else
+  AMDEP_TRUE='#'
+  AMDEP_FALSE=
+fi
+
+
+ac_ext=c
+ac_cpp='$CPP $CPPFLAGS'
+ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
+ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
+ac_compiler_gnu=$ac_cv_c_compiler_gnu
+if test -n "$ac_tool_prefix"; then
+  # Extract the first word of "${ac_tool_prefix}gcc", so it can be a program name with args.
+set dummy ${ac_tool_prefix}gcc; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_CC+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if test -n "$CC"; then
+  ac_cv_prog_CC="$CC" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    for ac_exec_ext in '' $ac_executable_extensions; do
+  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
+    ac_cv_prog_CC="${ac_tool_prefix}gcc"
+    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
+    break 2
+  fi
+done
+  done
+IFS=$as_save_IFS
+
+fi
+fi
+CC=$ac_cv_prog_CC
+if test -n "$CC"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5
+$as_echo "$CC" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+fi
+if test -z "$ac_cv_prog_CC"; then
+  ac_ct_CC=$CC
+  # Extract the first word of "gcc", so it can be a program name with args.
+set dummy gcc; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_ac_ct_CC+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if test -n "$ac_ct_CC"; then
+  ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    for ac_exec_ext in '' $ac_executable_extensions; do
+  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
+    ac_cv_prog_ac_ct_CC="gcc"
+    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
+    break 2
+  fi
+done
+  done
+IFS=$as_save_IFS
+
+fi
+fi
+ac_ct_CC=$ac_cv_prog_ac_ct_CC
+if test -n "$ac_ct_CC"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_CC" >&5
+$as_echo "$ac_ct_CC" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+  if test "x$ac_ct_CC" = x; then
+    CC=""
+  else
+    case $cross_compiling:$ac_tool_warned in
+yes:)
+{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5
+$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;}
+ac_tool_warned=yes ;;
+esac
+    CC=$ac_ct_CC
+  fi
+else
+  CC="$ac_cv_prog_CC"
+fi
+
+if test -z "$CC"; then
+          if test -n "$ac_tool_prefix"; then
+    # Extract the first word of "${ac_tool_prefix}cc", so it can be a program name with args.
+set dummy ${ac_tool_prefix}cc; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_CC+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if test -n "$CC"; then
+  ac_cv_prog_CC="$CC" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    for ac_exec_ext in '' $ac_executable_extensions; do
+  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
+    ac_cv_prog_CC="${ac_tool_prefix}cc"
+    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
+    break 2
+  fi
+done
+  done
+IFS=$as_save_IFS
+
+fi
+fi
+CC=$ac_cv_prog_CC
+if test -n "$CC"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5
+$as_echo "$CC" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+  fi
+fi
+if test -z "$CC"; then
+  # Extract the first word of "cc", so it can be a program name with args.
+set dummy cc; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_CC+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if test -n "$CC"; then
+  ac_cv_prog_CC="$CC" # Let the user override the test.
+else
+  ac_prog_rejected=no
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    for ac_exec_ext in '' $ac_executable_extensions; do
+  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
+    if test "$as_dir/$ac_word$ac_exec_ext" = "/usr/ucb/cc"; then
+       ac_prog_rejected=yes
+       continue
+     fi
+    ac_cv_prog_CC="cc"
+    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
+    break 2
+  fi
+done
+  done
+IFS=$as_save_IFS
+
+if test $ac_prog_rejected = yes; then
+  # We found a bogon in the path, so make sure we never use it.
+  set dummy $ac_cv_prog_CC
+  shift
+  if test $# != 0; then
+    # We chose a different compiler from the bogus one.
+    # However, it has the same basename, so the bogon will be chosen
+    # first if we set CC to just the basename; use the full file name.
+    shift
+    ac_cv_prog_CC="$as_dir/$ac_word${1+' '}$@"
+  fi
+fi
+fi
+fi
+CC=$ac_cv_prog_CC
+if test -n "$CC"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5
+$as_echo "$CC" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+fi
+if test -z "$CC"; then
+  if test -n "$ac_tool_prefix"; then
+  for ac_prog in cl.exe
+  do
+    # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args.
+set dummy $ac_tool_prefix$ac_prog; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_CC+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if test -n "$CC"; then
+  ac_cv_prog_CC="$CC" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    for ac_exec_ext in '' $ac_executable_extensions; do
+  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
+    ac_cv_prog_CC="$ac_tool_prefix$ac_prog"
+    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
+    break 2
+  fi
+done
+  done
+IFS=$as_save_IFS
+
+fi
+fi
+CC=$ac_cv_prog_CC
+if test -n "$CC"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5
+$as_echo "$CC" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+    test -n "$CC" && break
+  done
+fi
+if test -z "$CC"; then
+  ac_ct_CC=$CC
+  for ac_prog in cl.exe
+do
+  # Extract the first word of "$ac_prog", so it can be a program name with args.
+set dummy $ac_prog; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_ac_ct_CC+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if test -n "$ac_ct_CC"; then
+  ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    for ac_exec_ext in '' $ac_executable_extensions; do
+  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
+    ac_cv_prog_ac_ct_CC="$ac_prog"
+    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
+    break 2
+  fi
+done
+  done
+IFS=$as_save_IFS
+
+fi
+fi
+ac_ct_CC=$ac_cv_prog_ac_ct_CC
+if test -n "$ac_ct_CC"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_CC" >&5
+$as_echo "$ac_ct_CC" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+  test -n "$ac_ct_CC" && break
+done
+
+  if test "x$ac_ct_CC" = x; then
+    CC=""
+  else
+    case $cross_compiling:$ac_tool_warned in
+yes:)
+{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5
+$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;}
+ac_tool_warned=yes ;;
+esac
+    CC=$ac_ct_CC
+  fi
+fi
+
+fi
+
+
+test -z "$CC" && { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
+$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
+as_fn_error $? "no acceptable C compiler found in \$PATH
+See \`config.log' for more details" "$LINENO" 5; }
+
+# Provide some information about the compiler.
+$as_echo "$as_me:${as_lineno-$LINENO}: checking for C compiler version" >&5
+set X $ac_compile
+ac_compiler=$2
+for ac_option in --version -v -V -qversion; do
+  { { ac_try="$ac_compiler $ac_option >&5"
+case "(($ac_try" in
+  *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+  *) ac_try_echo=$ac_try;;
+esac
+eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\""
+$as_echo "$ac_try_echo"; } >&5
+  (eval "$ac_compiler $ac_option >&5") 2>conftest.err
+  ac_status=$?
+  if test -s conftest.err; then
+    sed '10a\
+... rest of stderr output deleted ...
+         10q' conftest.err >conftest.er1
+    cat conftest.er1 >&5
+  fi
+  rm -f conftest.er1 conftest.err
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+done
+
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+ac_clean_files_save=$ac_clean_files
+ac_clean_files="$ac_clean_files a.out a.out.dSYM a.exe b.out"
+# Try to create an executable without -o first, disregard a.out.
+# It will help us diagnose broken compilers, and finding out an intuition
+# of exeext.
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the C compiler works" >&5
+$as_echo_n "checking whether the C compiler works... " >&6; }
+ac_link_default=`$as_echo "$ac_link" | sed 's/ -o *conftest[^ ]*//'`
+
+# The possible output files:
+ac_files="a.out conftest.exe conftest a.exe a_out.exe b.out conftest.*"
+
+ac_rmfiles=
+for ac_file in $ac_files
+do
+  case $ac_file in
+    *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM | *.o | *.obj ) ;;
+    * ) ac_rmfiles="$ac_rmfiles $ac_file";;
+  esac
+done
+rm -f $ac_rmfiles
+
+if { { ac_try="$ac_link_default"
+case "(($ac_try" in
+  *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+  *) ac_try_echo=$ac_try;;
+esac
+eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\""
+$as_echo "$ac_try_echo"; } >&5
+  (eval "$ac_link_default") 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }; then :
+  # Autoconf-2.13 could set the ac_cv_exeext variable to `no'.
+# So ignore a value of `no', otherwise this would lead to `EXEEXT = no'
+# in a Makefile.  We should not override ac_cv_exeext if it was cached,
+# so that the user can short-circuit this test for compilers unknown to
+# Autoconf.
+for ac_file in $ac_files ''
+do
+  test -f "$ac_file" || continue
+  case $ac_file in
+    *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM | *.o | *.obj )
+	;;
+    [ab].out )
+	# We found the default executable, but exeext='' is most
+	# certainly right.
+	break;;
+    *.* )
+	if test "${ac_cv_exeext+set}" = set && test "$ac_cv_exeext" != no;
+	then :; else
+	   ac_cv_exeext=`expr "$ac_file" : '[^.]*\(\..*\)'`
+	fi
+	# We set ac_cv_exeext here because the later test for it is not
+	# safe: cross compilers may not add the suffix if given an `-o'
+	# argument, so we may need to know it at that point already.
+	# Even if this section looks crufty: it has the advantage of
+	# actually working.
+	break;;
+    * )
+	break;;
+  esac
+done
+test "$ac_cv_exeext" = no && ac_cv_exeext=
+
+else
+  ac_file=''
+fi
+if test -z "$ac_file"; then :
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+$as_echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+{ { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
+$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
+as_fn_error 77 "C compiler cannot create executables
+See \`config.log' for more details" "$LINENO" 5; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+$as_echo "yes" >&6; }
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for C compiler default output file name" >&5
+$as_echo_n "checking for C compiler default output file name... " >&6; }
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_file" >&5
+$as_echo "$ac_file" >&6; }
+ac_exeext=$ac_cv_exeext
+
+rm -f -r a.out a.out.dSYM a.exe conftest$ac_cv_exeext b.out
+ac_clean_files=$ac_clean_files_save
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for suffix of executables" >&5
+$as_echo_n "checking for suffix of executables... " >&6; }
+if { { ac_try="$ac_link"
+case "(($ac_try" in
+  *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+  *) ac_try_echo=$ac_try;;
+esac
+eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\""
+$as_echo "$ac_try_echo"; } >&5
+  (eval "$ac_link") 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }; then :
+  # If both `conftest.exe' and `conftest' are `present' (well, observable)
+# catch `conftest.exe'.  For instance with Cygwin, `ls conftest' will
+# work properly (i.e., refer to `conftest.exe'), while it won't with
+# `rm'.
+for ac_file in conftest.exe conftest conftest.*; do
+  test -f "$ac_file" || continue
+  case $ac_file in
+    *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM | *.o | *.obj ) ;;
+    *.* ) ac_cv_exeext=`expr "$ac_file" : '[^.]*\(\..*\)'`
+	  break;;
+    * ) break;;
+  esac
+done
+else
+  { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
+$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
+as_fn_error $? "cannot compute suffix of executables: cannot compile and link
+See \`config.log' for more details" "$LINENO" 5; }
+fi
+rm -f conftest conftest$ac_cv_exeext
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_exeext" >&5
+$as_echo "$ac_cv_exeext" >&6; }
+
+rm -f conftest.$ac_ext
+EXEEXT=$ac_cv_exeext
+ac_exeext=$EXEEXT
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+#include 
+int
+main ()
+{
+FILE *f = fopen ("conftest.out", "w");
+ return ferror (f) || fclose (f) != 0;
+
+  ;
+  return 0;
+}
+_ACEOF
+ac_clean_files="$ac_clean_files conftest.out"
+# Check that the compiler produces executables we can run.  If not, either
+# the compiler is broken, or we cross compile.
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether we are cross compiling" >&5
+$as_echo_n "checking whether we are cross compiling... " >&6; }
+if test "$cross_compiling" != yes; then
+  { { ac_try="$ac_link"
+case "(($ac_try" in
+  *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+  *) ac_try_echo=$ac_try;;
+esac
+eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\""
+$as_echo "$ac_try_echo"; } >&5
+  (eval "$ac_link") 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+  if { ac_try='./conftest$ac_cv_exeext'
+  { { case "(($ac_try" in
+  *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+  *) ac_try_echo=$ac_try;;
+esac
+eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\""
+$as_echo "$ac_try_echo"; } >&5
+  (eval "$ac_try") 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }; }; then
+    cross_compiling=no
+  else
+    if test "$cross_compiling" = maybe; then
+	cross_compiling=yes
+    else
+	{ { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
+$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
+as_fn_error $? "cannot run C compiled programs.
+If you meant to cross compile, use \`--host'.
+See \`config.log' for more details" "$LINENO" 5; }
+    fi
+  fi
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $cross_compiling" >&5
+$as_echo "$cross_compiling" >&6; }
+
+rm -f conftest.$ac_ext conftest$ac_cv_exeext conftest.out
+ac_clean_files=$ac_clean_files_save
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for suffix of object files" >&5
+$as_echo_n "checking for suffix of object files... " >&6; }
+if ${ac_cv_objext+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+rm -f conftest.o conftest.obj
+if { { ac_try="$ac_compile"
+case "(($ac_try" in
+  *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+  *) ac_try_echo=$ac_try;;
+esac
+eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\""
+$as_echo "$ac_try_echo"; } >&5
+  (eval "$ac_compile") 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }; then :
+  for ac_file in conftest.o conftest.obj conftest.*; do
+  test -f "$ac_file" || continue;
+  case $ac_file in
+    *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM ) ;;
+    *) ac_cv_objext=`expr "$ac_file" : '.*\.\(.*\)'`
+       break;;
+  esac
+done
+else
+  $as_echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+{ { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
+$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
+as_fn_error $? "cannot compute suffix of object files: cannot compile
+See \`config.log' for more details" "$LINENO" 5; }
+fi
+rm -f conftest.$ac_cv_objext conftest.$ac_ext
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_objext" >&5
+$as_echo "$ac_cv_objext" >&6; }
+OBJEXT=$ac_cv_objext
+ac_objext=$OBJEXT
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether we are using the GNU C compiler" >&5
+$as_echo_n "checking whether we are using the GNU C compiler... " >&6; }
+if ${ac_cv_c_compiler_gnu+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+#ifndef __GNUC__
+       choke me
+#endif
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  ac_compiler_gnu=yes
+else
+  ac_compiler_gnu=no
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+ac_cv_c_compiler_gnu=$ac_compiler_gnu
+
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_c_compiler_gnu" >&5
+$as_echo "$ac_cv_c_compiler_gnu" >&6; }
+if test $ac_compiler_gnu = yes; then
+  GCC=yes
+else
+  GCC=
+fi
+ac_test_CFLAGS=${CFLAGS+set}
+ac_save_CFLAGS=$CFLAGS
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $CC accepts -g" >&5
+$as_echo_n "checking whether $CC accepts -g... " >&6; }
+if ${ac_cv_prog_cc_g+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  ac_save_c_werror_flag=$ac_c_werror_flag
+   ac_c_werror_flag=yes
+   ac_cv_prog_cc_g=no
+   CFLAGS="-g"
+   cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  ac_cv_prog_cc_g=yes
+else
+  CFLAGS=""
+      cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+
+else
+  ac_c_werror_flag=$ac_save_c_werror_flag
+	 CFLAGS="-g"
+	 cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  ac_cv_prog_cc_g=yes
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+   ac_c_werror_flag=$ac_save_c_werror_flag
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_g" >&5
+$as_echo "$ac_cv_prog_cc_g" >&6; }
+if test "$ac_test_CFLAGS" = set; then
+  CFLAGS=$ac_save_CFLAGS
+elif test $ac_cv_prog_cc_g = yes; then
+  if test "$GCC" = yes; then
+    CFLAGS="-g -O2"
+  else
+    CFLAGS="-g"
+  fi
+else
+  if test "$GCC" = yes; then
+    CFLAGS="-O2"
+  else
+    CFLAGS=
+  fi
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $CC option to accept ISO C89" >&5
+$as_echo_n "checking for $CC option to accept ISO C89... " >&6; }
+if ${ac_cv_prog_cc_c89+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  ac_cv_prog_cc_c89=no
+ac_save_CC=$CC
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+#include 
+#include 
+struct stat;
+/* Most of the following tests are stolen from RCS 5.7's src/conf.sh.  */
+struct buf { int x; };
+FILE * (*rcsopen) (struct buf *, struct stat *, int);
+static char *e (p, i)
+     char **p;
+     int i;
+{
+  return p[i];
+}
+static char *f (char * (*g) (char **, int), char **p, ...)
+{
+  char *s;
+  va_list v;
+  va_start (v,p);
+  s = g (p, va_arg (v,int));
+  va_end (v);
+  return s;
+}
+
+/* OSF 4.0 Compaq cc is some sort of almost-ANSI by default.  It has
+   function prototypes and stuff, but not '\xHH' hex character constants.
+   These don't provoke an error unfortunately, instead are silently treated
+   as 'x'.  The following induces an error, until -std is added to get
+   proper ANSI mode.  Curiously '\x00'!='x' always comes out true, for an
+   array size at least.  It's necessary to write '\x00'==0 to get something
+   that's true only with -std.  */
+int osf4_cc_array ['\x00' == 0 ? 1 : -1];
+
+/* IBM C 6 for AIX is almost-ANSI by default, but it replaces macro parameters
+   inside strings and character constants.  */
+#define FOO(x) 'x'
+int xlc6_cc_array[FOO(a) == 'x' ? 1 : -1];
+
+int test (int i, double x);
+struct s1 {int (*f) (int a);};
+struct s2 {int (*f) (double a);};
+int pairnames (int, char **, FILE *(*)(struct buf *, struct stat *, int), int, int);
+int argc;
+char **argv;
+int
+main ()
+{
+return f (e, argv, 0) != argv[0]  ||  f (e, argv, 1) != argv[1];
+  ;
+  return 0;
+}
+_ACEOF
+for ac_arg in '' -qlanglvl=extc89 -qlanglvl=ansi -std \
+	-Ae "-Aa -D_HPUX_SOURCE" "-Xc -D__EXTENSIONS__"
+do
+  CC="$ac_save_CC $ac_arg"
+  if ac_fn_c_try_compile "$LINENO"; then :
+  ac_cv_prog_cc_c89=$ac_arg
+fi
+rm -f core conftest.err conftest.$ac_objext
+  test "x$ac_cv_prog_cc_c89" != "xno" && break
+done
+rm -f conftest.$ac_ext
+CC=$ac_save_CC
+
+fi
+# AC_CACHE_VAL
+case "x$ac_cv_prog_cc_c89" in
+  x)
+    { $as_echo "$as_me:${as_lineno-$LINENO}: result: none needed" >&5
+$as_echo "none needed" >&6; } ;;
+  xno)
+    { $as_echo "$as_me:${as_lineno-$LINENO}: result: unsupported" >&5
+$as_echo "unsupported" >&6; } ;;
+  *)
+    CC="$CC $ac_cv_prog_cc_c89"
+    { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_c89" >&5
+$as_echo "$ac_cv_prog_cc_c89" >&6; } ;;
+esac
+if test "x$ac_cv_prog_cc_c89" != xno; then :
+
+fi
+
+ac_ext=c
+ac_cpp='$CPP $CPPFLAGS'
+ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
+ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
+ac_compiler_gnu=$ac_cv_c_compiler_gnu
+
+ac_ext=c
+ac_cpp='$CPP $CPPFLAGS'
+ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
+ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
+ac_compiler_gnu=$ac_cv_c_compiler_gnu
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $CC understands -c and -o together" >&5
+$as_echo_n "checking whether $CC understands -c and -o together... " >&6; }
+if ${am_cv_prog_cc_c_o+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+  # Make sure it works both with $CC and with simple cc.
+  # Following AC_PROG_CC_C_O, we do the test twice because some
+  # compilers refuse to overwrite an existing .o file with -o,
+  # though they will create one.
+  am_cv_prog_cc_c_o=yes
+  for am_i in 1 2; do
+    if { echo "$as_me:$LINENO: $CC -c conftest.$ac_ext -o conftest2.$ac_objext" >&5
+   ($CC -c conftest.$ac_ext -o conftest2.$ac_objext) >&5 2>&5
+   ac_status=$?
+   echo "$as_me:$LINENO: \$? = $ac_status" >&5
+   (exit $ac_status); } \
+         && test -f conftest2.$ac_objext; then
+      : OK
+    else
+      am_cv_prog_cc_c_o=no
+      break
+    fi
+  done
+  rm -f core conftest*
+  unset am_i
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $am_cv_prog_cc_c_o" >&5
+$as_echo "$am_cv_prog_cc_c_o" >&6; }
+if test "$am_cv_prog_cc_c_o" != yes; then
+   # Losing compiler, so override with the script.
+   # FIXME: It is wrong to rewrite CC.
+   # But if we don't then we get into trouble of one sort or another.
+   # A longer-term fix would be to have automake use am__CC in this case,
+   # and then we could set am__CC="\$(top_srcdir)/compile \$(CC)"
+   CC="$am_aux_dir/compile $CC"
+fi
+ac_ext=c
+ac_cpp='$CPP $CPPFLAGS'
+ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
+ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
+ac_compiler_gnu=$ac_cv_c_compiler_gnu
+
+
+depcc="$CC"   am_compiler_list=
+
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking dependency style of $depcc" >&5
+$as_echo_n "checking dependency style of $depcc... " >&6; }
+if ${am_cv_CC_dependencies_compiler_type+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if test -z "$AMDEP_TRUE" && test -f "$am_depcomp"; then
+  # We make a subdir and do the tests there.  Otherwise we can end up
+  # making bogus files that we don't know about and never remove.  For
+  # instance it was reported that on HP-UX the gcc test will end up
+  # making a dummy file named 'D' -- because '-MD' means "put the output
+  # in D".
+  rm -rf conftest.dir
+  mkdir conftest.dir
+  # Copy depcomp to subdir because otherwise we won't find it if we're
+  # using a relative directory.
+  cp "$am_depcomp" conftest.dir
+  cd conftest.dir
+  # We will build objects and dependencies in a subdirectory because
+  # it helps to detect inapplicable dependency modes.  For instance
+  # both Tru64's cc and ICC support -MD to output dependencies as a
+  # side effect of compilation, but ICC will put the dependencies in
+  # the current directory while Tru64 will put them in the object
+  # directory.
+  mkdir sub
+
+  am_cv_CC_dependencies_compiler_type=none
+  if test "$am_compiler_list" = ""; then
+     am_compiler_list=`sed -n 's/^#*\([a-zA-Z0-9]*\))$/\1/p' < ./depcomp`
+  fi
+  am__universal=false
+  case " $depcc " in #(
+     *\ -arch\ *\ -arch\ *) am__universal=true ;;
+     esac
+
+  for depmode in $am_compiler_list; do
+    # Setup a source with many dependencies, because some compilers
+    # like to wrap large dependency lists on column 80 (with \), and
+    # we should not choose a depcomp mode which is confused by this.
+    #
+    # We need to recreate these files for each test, as the compiler may
+    # overwrite some of them when testing with obscure command lines.
+    # This happens at least with the AIX C compiler.
+    : > sub/conftest.c
+    for i in 1 2 3 4 5 6; do
+      echo '#include "conftst'$i'.h"' >> sub/conftest.c
+      # Using ": > sub/conftst$i.h" creates only sub/conftst1.h with
+      # Solaris 10 /bin/sh.
+      echo '/* dummy */' > sub/conftst$i.h
+    done
+    echo "${am__include} ${am__quote}sub/conftest.Po${am__quote}" > confmf
+
+    # We check with '-c' and '-o' for the sake of the "dashmstdout"
+    # mode.  It turns out that the SunPro C++ compiler does not properly
+    # handle '-M -o', and we need to detect this.  Also, some Intel
+    # versions had trouble with output in subdirs.
+    am__obj=sub/conftest.${OBJEXT-o}
+    am__minus_obj="-o $am__obj"
+    case $depmode in
+    gcc)
+      # This depmode causes a compiler race in universal mode.
+      test "$am__universal" = false || continue
+      ;;
+    nosideeffect)
+      # After this tag, mechanisms are not by side-effect, so they'll
+      # only be used when explicitly requested.
+      if test "x$enable_dependency_tracking" = xyes; then
+	continue
+      else
+	break
+      fi
+      ;;
+    msvc7 | msvc7msys | msvisualcpp | msvcmsys)
+      # This compiler won't grok '-c -o', but also, the minuso test has
+      # not run yet.  These depmodes are late enough in the game, and
+      # so weak that their functioning should not be impacted.
+      am__obj=conftest.${OBJEXT-o}
+      am__minus_obj=
+      ;;
+    none) break ;;
+    esac
+    if depmode=$depmode \
+       source=sub/conftest.c object=$am__obj \
+       depfile=sub/conftest.Po tmpdepfile=sub/conftest.TPo \
+       $SHELL ./depcomp $depcc -c $am__minus_obj sub/conftest.c \
+         >/dev/null 2>conftest.err &&
+       grep sub/conftst1.h sub/conftest.Po > /dev/null 2>&1 &&
+       grep sub/conftst6.h sub/conftest.Po > /dev/null 2>&1 &&
+       grep $am__obj sub/conftest.Po > /dev/null 2>&1 &&
+       ${MAKE-make} -s -f confmf > /dev/null 2>&1; then
+      # icc doesn't choke on unknown options, it will just issue warnings
+      # or remarks (even with -Werror).  So we grep stderr for any message
+      # that says an option was ignored or not supported.
+      # When given -MP, icc 7.0 and 7.1 complain thusly:
+      #   icc: Command line warning: ignoring option '-M'; no argument required
+      # The diagnosis changed in icc 8.0:
+      #   icc: Command line remark: option '-MP' not supported
+      if (grep 'ignoring option' conftest.err ||
+          grep 'not supported' conftest.err) >/dev/null 2>&1; then :; else
+        am_cv_CC_dependencies_compiler_type=$depmode
+        break
+      fi
+    fi
+  done
+
+  cd ..
+  rm -rf conftest.dir
+else
+  am_cv_CC_dependencies_compiler_type=none
+fi
+
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $am_cv_CC_dependencies_compiler_type" >&5
+$as_echo "$am_cv_CC_dependencies_compiler_type" >&6; }
+CCDEPMODE=depmode=$am_cv_CC_dependencies_compiler_type
+
+ if
+  test "x$enable_dependency_tracking" != xno \
+  && test "$am_cv_CC_dependencies_compiler_type" = gcc3; then
+  am__fastdepCC_TRUE=
+  am__fastdepCC_FALSE='#'
+else
+  am__fastdepCC_TRUE='#'
+  am__fastdepCC_FALSE=
+fi
+
+
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for a sed that does not truncate output" >&5
+$as_echo_n "checking for a sed that does not truncate output... " >&6; }
+if ${ac_cv_path_SED+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+            ac_script=s/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb/
+     for ac_i in 1 2 3 4 5 6 7; do
+       ac_script="$ac_script$as_nl$ac_script"
+     done
+     echo "$ac_script" 2>/dev/null | sed 99q >conftest.sed
+     { ac_script=; unset ac_script;}
+     if test -z "$SED"; then
+  ac_path_SED_found=false
+  # Loop through the user's path and test for each of PROGNAME-LIST
+  as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    for ac_prog in sed gsed; do
+    for ac_exec_ext in '' $ac_executable_extensions; do
+      ac_path_SED="$as_dir/$ac_prog$ac_exec_ext"
+      as_fn_executable_p "$ac_path_SED" || continue
+# Check for GNU ac_path_SED and select it if it is found.
+  # Check for GNU $ac_path_SED
+case `"$ac_path_SED" --version 2>&1` in
+*GNU*)
+  ac_cv_path_SED="$ac_path_SED" ac_path_SED_found=:;;
+*)
+  ac_count=0
+  $as_echo_n 0123456789 >"conftest.in"
+  while :
+  do
+    cat "conftest.in" "conftest.in" >"conftest.tmp"
+    mv "conftest.tmp" "conftest.in"
+    cp "conftest.in" "conftest.nl"
+    $as_echo '' >> "conftest.nl"
+    "$ac_path_SED" -f conftest.sed < "conftest.nl" >"conftest.out" 2>/dev/null || break
+    diff "conftest.out" "conftest.nl" >/dev/null 2>&1 || break
+    as_fn_arith $ac_count + 1 && ac_count=$as_val
+    if test $ac_count -gt ${ac_path_SED_max-0}; then
+      # Best one so far, save it but keep looking for a better one
+      ac_cv_path_SED="$ac_path_SED"
+      ac_path_SED_max=$ac_count
+    fi
+    # 10*(2^10) chars as input seems more than enough
+    test $ac_count -gt 10 && break
+  done
+  rm -f conftest.in conftest.tmp conftest.nl conftest.out;;
+esac
+
+      $ac_path_SED_found && break 3
+    done
+  done
+  done
+IFS=$as_save_IFS
+  if test -z "$ac_cv_path_SED"; then
+    as_fn_error $? "no acceptable sed could be found in \$PATH" "$LINENO" 5
+  fi
+else
+  ac_cv_path_SED=$SED
+fi
+
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_path_SED" >&5
+$as_echo "$ac_cv_path_SED" >&6; }
+ SED="$ac_cv_path_SED"
+  rm -f conftest.sed
+
+test -z "$SED" && SED=sed
+Xsed="$SED -e 1s/^X//"
+
+
+
+
+
+
+
+
+
+
+
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for grep that handles long lines and -e" >&5
+$as_echo_n "checking for grep that handles long lines and -e... " >&6; }
+if ${ac_cv_path_GREP+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if test -z "$GREP"; then
+  ac_path_GREP_found=false
+  # Loop through the user's path and test for each of PROGNAME-LIST
+  as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH$PATH_SEPARATOR/usr/xpg4/bin
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    for ac_prog in grep ggrep; do
+    for ac_exec_ext in '' $ac_executable_extensions; do
+      ac_path_GREP="$as_dir/$ac_prog$ac_exec_ext"
+      as_fn_executable_p "$ac_path_GREP" || continue
+# Check for GNU ac_path_GREP and select it if it is found.
+  # Check for GNU $ac_path_GREP
+case `"$ac_path_GREP" --version 2>&1` in
+*GNU*)
+  ac_cv_path_GREP="$ac_path_GREP" ac_path_GREP_found=:;;
+*)
+  ac_count=0
+  $as_echo_n 0123456789 >"conftest.in"
+  while :
+  do
+    cat "conftest.in" "conftest.in" >"conftest.tmp"
+    mv "conftest.tmp" "conftest.in"
+    cp "conftest.in" "conftest.nl"
+    $as_echo 'GREP' >> "conftest.nl"
+    "$ac_path_GREP" -e 'GREP$' -e '-(cannot match)-' < "conftest.nl" >"conftest.out" 2>/dev/null || break
+    diff "conftest.out" "conftest.nl" >/dev/null 2>&1 || break
+    as_fn_arith $ac_count + 1 && ac_count=$as_val
+    if test $ac_count -gt ${ac_path_GREP_max-0}; then
+      # Best one so far, save it but keep looking for a better one
+      ac_cv_path_GREP="$ac_path_GREP"
+      ac_path_GREP_max=$ac_count
+    fi
+    # 10*(2^10) chars as input seems more than enough
+    test $ac_count -gt 10 && break
+  done
+  rm -f conftest.in conftest.tmp conftest.nl conftest.out;;
+esac
+
+      $ac_path_GREP_found && break 3
+    done
+  done
+  done
+IFS=$as_save_IFS
+  if test -z "$ac_cv_path_GREP"; then
+    as_fn_error $? "no acceptable grep could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" "$LINENO" 5
+  fi
+else
+  ac_cv_path_GREP=$GREP
+fi
+
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_path_GREP" >&5
+$as_echo "$ac_cv_path_GREP" >&6; }
+ GREP="$ac_cv_path_GREP"
+
+
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for egrep" >&5
+$as_echo_n "checking for egrep... " >&6; }
+if ${ac_cv_path_EGREP+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if echo a | $GREP -E '(a|b)' >/dev/null 2>&1
+   then ac_cv_path_EGREP="$GREP -E"
+   else
+     if test -z "$EGREP"; then
+  ac_path_EGREP_found=false
+  # Loop through the user's path and test for each of PROGNAME-LIST
+  as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH$PATH_SEPARATOR/usr/xpg4/bin
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    for ac_prog in egrep; do
+    for ac_exec_ext in '' $ac_executable_extensions; do
+      ac_path_EGREP="$as_dir/$ac_prog$ac_exec_ext"
+      as_fn_executable_p "$ac_path_EGREP" || continue
+# Check for GNU ac_path_EGREP and select it if it is found.
+  # Check for GNU $ac_path_EGREP
+case `"$ac_path_EGREP" --version 2>&1` in
+*GNU*)
+  ac_cv_path_EGREP="$ac_path_EGREP" ac_path_EGREP_found=:;;
+*)
+  ac_count=0
+  $as_echo_n 0123456789 >"conftest.in"
+  while :
+  do
+    cat "conftest.in" "conftest.in" >"conftest.tmp"
+    mv "conftest.tmp" "conftest.in"
+    cp "conftest.in" "conftest.nl"
+    $as_echo 'EGREP' >> "conftest.nl"
+    "$ac_path_EGREP" 'EGREP$' < "conftest.nl" >"conftest.out" 2>/dev/null || break
+    diff "conftest.out" "conftest.nl" >/dev/null 2>&1 || break
+    as_fn_arith $ac_count + 1 && ac_count=$as_val
+    if test $ac_count -gt ${ac_path_EGREP_max-0}; then
+      # Best one so far, save it but keep looking for a better one
+      ac_cv_path_EGREP="$ac_path_EGREP"
+      ac_path_EGREP_max=$ac_count
+    fi
+    # 10*(2^10) chars as input seems more than enough
+    test $ac_count -gt 10 && break
+  done
+  rm -f conftest.in conftest.tmp conftest.nl conftest.out;;
+esac
+
+      $ac_path_EGREP_found && break 3
+    done
+  done
+  done
+IFS=$as_save_IFS
+  if test -z "$ac_cv_path_EGREP"; then
+    as_fn_error $? "no acceptable egrep could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" "$LINENO" 5
+  fi
+else
+  ac_cv_path_EGREP=$EGREP
+fi
+
+   fi
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_path_EGREP" >&5
+$as_echo "$ac_cv_path_EGREP" >&6; }
+ EGREP="$ac_cv_path_EGREP"
+
+
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for fgrep" >&5
+$as_echo_n "checking for fgrep... " >&6; }
+if ${ac_cv_path_FGREP+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if echo 'ab*c' | $GREP -F 'ab*c' >/dev/null 2>&1
+   then ac_cv_path_FGREP="$GREP -F"
+   else
+     if test -z "$FGREP"; then
+  ac_path_FGREP_found=false
+  # Loop through the user's path and test for each of PROGNAME-LIST
+  as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH$PATH_SEPARATOR/usr/xpg4/bin
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    for ac_prog in fgrep; do
+    for ac_exec_ext in '' $ac_executable_extensions; do
+      ac_path_FGREP="$as_dir/$ac_prog$ac_exec_ext"
+      as_fn_executable_p "$ac_path_FGREP" || continue
+# Check for GNU ac_path_FGREP and select it if it is found.
+  # Check for GNU $ac_path_FGREP
+case `"$ac_path_FGREP" --version 2>&1` in
+*GNU*)
+  ac_cv_path_FGREP="$ac_path_FGREP" ac_path_FGREP_found=:;;
+*)
+  ac_count=0
+  $as_echo_n 0123456789 >"conftest.in"
+  while :
+  do
+    cat "conftest.in" "conftest.in" >"conftest.tmp"
+    mv "conftest.tmp" "conftest.in"
+    cp "conftest.in" "conftest.nl"
+    $as_echo 'FGREP' >> "conftest.nl"
+    "$ac_path_FGREP" FGREP < "conftest.nl" >"conftest.out" 2>/dev/null || break
+    diff "conftest.out" "conftest.nl" >/dev/null 2>&1 || break
+    as_fn_arith $ac_count + 1 && ac_count=$as_val
+    if test $ac_count -gt ${ac_path_FGREP_max-0}; then
+      # Best one so far, save it but keep looking for a better one
+      ac_cv_path_FGREP="$ac_path_FGREP"
+      ac_path_FGREP_max=$ac_count
+    fi
+    # 10*(2^10) chars as input seems more than enough
+    test $ac_count -gt 10 && break
+  done
+  rm -f conftest.in conftest.tmp conftest.nl conftest.out;;
+esac
+
+      $ac_path_FGREP_found && break 3
+    done
+  done
+  done
+IFS=$as_save_IFS
+  if test -z "$ac_cv_path_FGREP"; then
+    as_fn_error $? "no acceptable fgrep could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" "$LINENO" 5
+  fi
+else
+  ac_cv_path_FGREP=$FGREP
+fi
+
+   fi
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_path_FGREP" >&5
+$as_echo "$ac_cv_path_FGREP" >&6; }
+ FGREP="$ac_cv_path_FGREP"
+
+
+test -z "$GREP" && GREP=grep
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+# Check whether --with-gnu-ld was given.
+if test "${with_gnu_ld+set}" = set; then :
+  withval=$with_gnu_ld; test "$withval" = no || with_gnu_ld=yes
+else
+  with_gnu_ld=no
+fi
+
+ac_prog=ld
+if test "$GCC" = yes; then
+  # Check if gcc -print-prog-name=ld gives a path.
+  { $as_echo "$as_me:${as_lineno-$LINENO}: checking for ld used by $CC" >&5
+$as_echo_n "checking for ld used by $CC... " >&6; }
+  case $host in
+  *-*-mingw*)
+    # gcc leaves a trailing carriage return which upsets mingw
+    ac_prog=`($CC -print-prog-name=ld) 2>&5 | tr -d '\015'` ;;
+  *)
+    ac_prog=`($CC -print-prog-name=ld) 2>&5` ;;
+  esac
+  case $ac_prog in
+    # Accept absolute paths.
+    [\\/]* | ?:[\\/]*)
+      re_direlt='/[^/][^/]*/\.\./'
+      # Canonicalize the pathname of ld
+      ac_prog=`$ECHO "$ac_prog"| $SED 's%\\\\%/%g'`
+      while $ECHO "$ac_prog" | $GREP "$re_direlt" > /dev/null 2>&1; do
+	ac_prog=`$ECHO $ac_prog| $SED "s%$re_direlt%/%"`
+      done
+      test -z "$LD" && LD="$ac_prog"
+      ;;
+  "")
+    # If it fails, then pretend we aren't using GCC.
+    ac_prog=ld
+    ;;
+  *)
+    # If it is relative, then search for the first ld in PATH.
+    with_gnu_ld=unknown
+    ;;
+  esac
+elif test "$with_gnu_ld" = yes; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: checking for GNU ld" >&5
+$as_echo_n "checking for GNU ld... " >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: checking for non-GNU ld" >&5
+$as_echo_n "checking for non-GNU ld... " >&6; }
+fi
+if ${lt_cv_path_LD+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if test -z "$LD"; then
+  lt_save_ifs="$IFS"; IFS=$PATH_SEPARATOR
+  for ac_dir in $PATH; do
+    IFS="$lt_save_ifs"
+    test -z "$ac_dir" && ac_dir=.
+    if test -f "$ac_dir/$ac_prog" || test -f "$ac_dir/$ac_prog$ac_exeext"; then
+      lt_cv_path_LD="$ac_dir/$ac_prog"
+      # Check to see if the program is GNU ld.  I'd rather use --version,
+      # but apparently some variants of GNU ld only accept -v.
+      # Break only if it was the GNU/non-GNU ld that we prefer.
+      case `"$lt_cv_path_LD" -v 2>&1 &5
+$as_echo "$LD" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+test -z "$LD" && as_fn_error $? "no acceptable ld found in \$PATH" "$LINENO" 5
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if the linker ($LD) is GNU ld" >&5
+$as_echo_n "checking if the linker ($LD) is GNU ld... " >&6; }
+if ${lt_cv_prog_gnu_ld+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  # I'd rather use --version here, but apparently some GNU lds only accept -v.
+case `$LD -v 2>&1 &5
+$as_echo "$lt_cv_prog_gnu_ld" >&6; }
+with_gnu_ld=$lt_cv_prog_gnu_ld
+
+
+
+
+
+
+
+
+
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for BSD- or MS-compatible name lister (nm)" >&5
+$as_echo_n "checking for BSD- or MS-compatible name lister (nm)... " >&6; }
+if ${lt_cv_path_NM+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if test -n "$NM"; then
+  # Let the user override the test.
+  lt_cv_path_NM="$NM"
+else
+  lt_nm_to_check="${ac_tool_prefix}nm"
+  if test -n "$ac_tool_prefix" && test "$build" = "$host"; then
+    lt_nm_to_check="$lt_nm_to_check nm"
+  fi
+  for lt_tmp_nm in $lt_nm_to_check; do
+    lt_save_ifs="$IFS"; IFS=$PATH_SEPARATOR
+    for ac_dir in $PATH /usr/ccs/bin/elf /usr/ccs/bin /usr/ucb /bin; do
+      IFS="$lt_save_ifs"
+      test -z "$ac_dir" && ac_dir=.
+      tmp_nm="$ac_dir/$lt_tmp_nm"
+      if test -f "$tmp_nm" || test -f "$tmp_nm$ac_exeext" ; then
+	# Check to see if the nm accepts a BSD-compat flag.
+	# Adding the `sed 1q' prevents false positives on HP-UX, which says:
+	#   nm: unknown option "B" ignored
+	# Tru64's nm complains that /dev/null is an invalid object file
+	case `"$tmp_nm" -B /dev/null 2>&1 | sed '1q'` in
+	*/dev/null* | *'Invalid file or object type'*)
+	  lt_cv_path_NM="$tmp_nm -B"
+	  break
+	  ;;
+	*)
+	  case `"$tmp_nm" -p /dev/null 2>&1 | sed '1q'` in
+	  */dev/null*)
+	    lt_cv_path_NM="$tmp_nm -p"
+	    break
+	    ;;
+	  *)
+	    lt_cv_path_NM=${lt_cv_path_NM="$tmp_nm"} # keep the first match, but
+	    continue # so that we can try to find one that supports BSD flags
+	    ;;
+	  esac
+	  ;;
+	esac
+      fi
+    done
+    IFS="$lt_save_ifs"
+  done
+  : ${lt_cv_path_NM=no}
+fi
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_path_NM" >&5
+$as_echo "$lt_cv_path_NM" >&6; }
+if test "$lt_cv_path_NM" != "no"; then
+  NM="$lt_cv_path_NM"
+else
+  # Didn't find any BSD compatible name lister, look for dumpbin.
+  if test -n "$DUMPBIN"; then :
+    # Let the user override the test.
+  else
+    if test -n "$ac_tool_prefix"; then
+  for ac_prog in dumpbin "link -dump"
+  do
+    # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args.
+set dummy $ac_tool_prefix$ac_prog; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_DUMPBIN+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if test -n "$DUMPBIN"; then
+  ac_cv_prog_DUMPBIN="$DUMPBIN" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    for ac_exec_ext in '' $ac_executable_extensions; do
+  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
+    ac_cv_prog_DUMPBIN="$ac_tool_prefix$ac_prog"
+    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
+    break 2
+  fi
+done
+  done
+IFS=$as_save_IFS
+
+fi
+fi
+DUMPBIN=$ac_cv_prog_DUMPBIN
+if test -n "$DUMPBIN"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $DUMPBIN" >&5
+$as_echo "$DUMPBIN" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+    test -n "$DUMPBIN" && break
+  done
+fi
+if test -z "$DUMPBIN"; then
+  ac_ct_DUMPBIN=$DUMPBIN
+  for ac_prog in dumpbin "link -dump"
+do
+  # Extract the first word of "$ac_prog", so it can be a program name with args.
+set dummy $ac_prog; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_ac_ct_DUMPBIN+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if test -n "$ac_ct_DUMPBIN"; then
+  ac_cv_prog_ac_ct_DUMPBIN="$ac_ct_DUMPBIN" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    for ac_exec_ext in '' $ac_executable_extensions; do
+  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
+    ac_cv_prog_ac_ct_DUMPBIN="$ac_prog"
+    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
+    break 2
+  fi
+done
+  done
+IFS=$as_save_IFS
+
+fi
+fi
+ac_ct_DUMPBIN=$ac_cv_prog_ac_ct_DUMPBIN
+if test -n "$ac_ct_DUMPBIN"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_DUMPBIN" >&5
+$as_echo "$ac_ct_DUMPBIN" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+  test -n "$ac_ct_DUMPBIN" && break
+done
+
+  if test "x$ac_ct_DUMPBIN" = x; then
+    DUMPBIN=":"
+  else
+    case $cross_compiling:$ac_tool_warned in
+yes:)
+{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5
+$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;}
+ac_tool_warned=yes ;;
+esac
+    DUMPBIN=$ac_ct_DUMPBIN
+  fi
+fi
+
+    case `$DUMPBIN -symbols /dev/null 2>&1 | sed '1q'` in
+    *COFF*)
+      DUMPBIN="$DUMPBIN -symbols"
+      ;;
+    *)
+      DUMPBIN=:
+      ;;
+    esac
+  fi
+
+  if test "$DUMPBIN" != ":"; then
+    NM="$DUMPBIN"
+  fi
+fi
+test -z "$NM" && NM=nm
+
+
+
+
+
+
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking the name lister ($NM) interface" >&5
+$as_echo_n "checking the name lister ($NM) interface... " >&6; }
+if ${lt_cv_nm_interface+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  lt_cv_nm_interface="BSD nm"
+  echo "int some_variable = 0;" > conftest.$ac_ext
+  (eval echo "\"\$as_me:$LINENO: $ac_compile\"" >&5)
+  (eval "$ac_compile" 2>conftest.err)
+  cat conftest.err >&5
+  (eval echo "\"\$as_me:$LINENO: $NM \\\"conftest.$ac_objext\\\"\"" >&5)
+  (eval "$NM \"conftest.$ac_objext\"" 2>conftest.err > conftest.out)
+  cat conftest.err >&5
+  (eval echo "\"\$as_me:$LINENO: output\"" >&5)
+  cat conftest.out >&5
+  if $GREP 'External.*some_variable' conftest.out > /dev/null; then
+    lt_cv_nm_interface="MS dumpbin"
+  fi
+  rm -f conftest*
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_nm_interface" >&5
+$as_echo "$lt_cv_nm_interface" >&6; }
+
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether ln -s works" >&5
+$as_echo_n "checking whether ln -s works... " >&6; }
+LN_S=$as_ln_s
+if test "$LN_S" = "ln -s"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+$as_echo "yes" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no, using $LN_S" >&5
+$as_echo "no, using $LN_S" >&6; }
+fi
+
+# find the maximum length of command line arguments
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking the maximum length of command line arguments" >&5
+$as_echo_n "checking the maximum length of command line arguments... " >&6; }
+if ${lt_cv_sys_max_cmd_len+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+    i=0
+  teststring="ABCD"
+
+  case $build_os in
+  msdosdjgpp*)
+    # On DJGPP, this test can blow up pretty badly due to problems in libc
+    # (any single argument exceeding 2000 bytes causes a buffer overrun
+    # during glob expansion).  Even if it were fixed, the result of this
+    # check would be larger than it should be.
+    lt_cv_sys_max_cmd_len=12288;    # 12K is about right
+    ;;
+
+  gnu*)
+    # Under GNU Hurd, this test is not required because there is
+    # no limit to the length of command line arguments.
+    # Libtool will interpret -1 as no limit whatsoever
+    lt_cv_sys_max_cmd_len=-1;
+    ;;
+
+  cygwin* | mingw* | cegcc*)
+    # On Win9x/ME, this test blows up -- it succeeds, but takes
+    # about 5 minutes as the teststring grows exponentially.
+    # Worse, since 9x/ME are not pre-emptively multitasking,
+    # you end up with a "frozen" computer, even though with patience
+    # the test eventually succeeds (with a max line length of 256k).
+    # Instead, let's just punt: use the minimum linelength reported by
+    # all of the supported platforms: 8192 (on NT/2K/XP).
+    lt_cv_sys_max_cmd_len=8192;
+    ;;
+
+  mint*)
+    # On MiNT this can take a long time and run out of memory.
+    lt_cv_sys_max_cmd_len=8192;
+    ;;
+
+  amigaos*)
+    # On AmigaOS with pdksh, this test takes hours, literally.
+    # So we just punt and use a minimum line length of 8192.
+    lt_cv_sys_max_cmd_len=8192;
+    ;;
+
+  netbsd* | freebsd* | openbsd* | darwin* | dragonfly*)
+    # This has been around since 386BSD, at least.  Likely further.
+    if test -x /sbin/sysctl; then
+      lt_cv_sys_max_cmd_len=`/sbin/sysctl -n kern.argmax`
+    elif test -x /usr/sbin/sysctl; then
+      lt_cv_sys_max_cmd_len=`/usr/sbin/sysctl -n kern.argmax`
+    else
+      lt_cv_sys_max_cmd_len=65536	# usable default for all BSDs
+    fi
+    # And add a safety zone
+    lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \/ 4`
+    lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \* 3`
+    ;;
+
+  interix*)
+    # We know the value 262144 and hardcode it with a safety zone (like BSD)
+    lt_cv_sys_max_cmd_len=196608
+    ;;
+
+  os2*)
+    # The test takes a long time on OS/2.
+    lt_cv_sys_max_cmd_len=8192
+    ;;
+
+  osf*)
+    # Dr. Hans Ekkehard Plesser reports seeing a kernel panic running configure
+    # due to this test when exec_disable_arg_limit is 1 on Tru64. It is not
+    # nice to cause kernel panics so lets avoid the loop below.
+    # First set a reasonable default.
+    lt_cv_sys_max_cmd_len=16384
+    #
+    if test -x /sbin/sysconfig; then
+      case `/sbin/sysconfig -q proc exec_disable_arg_limit` in
+        *1*) lt_cv_sys_max_cmd_len=-1 ;;
+      esac
+    fi
+    ;;
+  sco3.2v5*)
+    lt_cv_sys_max_cmd_len=102400
+    ;;
+  sysv5* | sco5v6* | sysv4.2uw2*)
+    kargmax=`grep ARG_MAX /etc/conf/cf.d/stune 2>/dev/null`
+    if test -n "$kargmax"; then
+      lt_cv_sys_max_cmd_len=`echo $kargmax | sed 's/.*[	 ]//'`
+    else
+      lt_cv_sys_max_cmd_len=32768
+    fi
+    ;;
+  *)
+    lt_cv_sys_max_cmd_len=`(getconf ARG_MAX) 2> /dev/null`
+    if test -n "$lt_cv_sys_max_cmd_len"; then
+      lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \/ 4`
+      lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \* 3`
+    else
+      # Make teststring a little bigger before we do anything with it.
+      # a 1K string should be a reasonable start.
+      for i in 1 2 3 4 5 6 7 8 ; do
+        teststring=$teststring$teststring
+      done
+      SHELL=${SHELL-${CONFIG_SHELL-/bin/sh}}
+      # If test is not a shell built-in, we'll probably end up computing a
+      # maximum length that is only half of the actual maximum length, but
+      # we can't tell.
+      while { test "X"`env echo "$teststring$teststring" 2>/dev/null` \
+	         = "X$teststring$teststring"; } >/dev/null 2>&1 &&
+	      test $i != 17 # 1/2 MB should be enough
+      do
+        i=`expr $i + 1`
+        teststring=$teststring$teststring
+      done
+      # Only check the string length outside the loop.
+      lt_cv_sys_max_cmd_len=`expr "X$teststring" : ".*" 2>&1`
+      teststring=
+      # Add a significant safety factor because C++ compilers can tack on
+      # massive amounts of additional arguments before passing them to the
+      # linker.  It appears as though 1/2 is a usable value.
+      lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \/ 2`
+    fi
+    ;;
+  esac
+
+fi
+
+if test -n $lt_cv_sys_max_cmd_len ; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_sys_max_cmd_len" >&5
+$as_echo "$lt_cv_sys_max_cmd_len" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: none" >&5
+$as_echo "none" >&6; }
+fi
+max_cmd_len=$lt_cv_sys_max_cmd_len
+
+
+
+
+
+
+: ${CP="cp -f"}
+: ${MV="mv -f"}
+: ${RM="rm -f"}
+
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the shell understands some XSI constructs" >&5
+$as_echo_n "checking whether the shell understands some XSI constructs... " >&6; }
+# Try some XSI features
+xsi_shell=no
+( _lt_dummy="a/b/c"
+  test "${_lt_dummy##*/},${_lt_dummy%/*},${_lt_dummy#??}"${_lt_dummy%"$_lt_dummy"}, \
+      = c,a/b,b/c, \
+    && eval 'test $(( 1 + 1 )) -eq 2 \
+    && test "${#_lt_dummy}" -eq 5' ) >/dev/null 2>&1 \
+  && xsi_shell=yes
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $xsi_shell" >&5
+$as_echo "$xsi_shell" >&6; }
+
+
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the shell understands \"+=\"" >&5
+$as_echo_n "checking whether the shell understands \"+=\"... " >&6; }
+lt_shell_append=no
+( foo=bar; set foo baz; eval "$1+=\$2" && test "$foo" = barbaz ) \
+    >/dev/null 2>&1 \
+  && lt_shell_append=yes
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_shell_append" >&5
+$as_echo "$lt_shell_append" >&6; }
+
+
+if ( (MAIL=60; unset MAIL) || exit) >/dev/null 2>&1; then
+  lt_unset=unset
+else
+  lt_unset=false
+fi
+
+
+
+
+
+# test EBCDIC or ASCII
+case `echo X|tr X '\101'` in
+ A) # ASCII based system
+    # \n is not interpreted correctly by Solaris 8 /usr/ucb/tr
+  lt_SP2NL='tr \040 \012'
+  lt_NL2SP='tr \015\012 \040\040'
+  ;;
+ *) # EBCDIC based system
+  lt_SP2NL='tr \100 \n'
+  lt_NL2SP='tr \r\n \100\100'
+  ;;
+esac
+
+
+
+
+
+
+
+
+
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking how to convert $build file names to $host format" >&5
+$as_echo_n "checking how to convert $build file names to $host format... " >&6; }
+if ${lt_cv_to_host_file_cmd+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  case $host in
+  *-*-mingw* )
+    case $build in
+      *-*-mingw* ) # actually msys
+        lt_cv_to_host_file_cmd=func_convert_file_msys_to_w32
+        ;;
+      *-*-cygwin* )
+        lt_cv_to_host_file_cmd=func_convert_file_cygwin_to_w32
+        ;;
+      * ) # otherwise, assume *nix
+        lt_cv_to_host_file_cmd=func_convert_file_nix_to_w32
+        ;;
+    esac
+    ;;
+  *-*-cygwin* )
+    case $build in
+      *-*-mingw* ) # actually msys
+        lt_cv_to_host_file_cmd=func_convert_file_msys_to_cygwin
+        ;;
+      *-*-cygwin* )
+        lt_cv_to_host_file_cmd=func_convert_file_noop
+        ;;
+      * ) # otherwise, assume *nix
+        lt_cv_to_host_file_cmd=func_convert_file_nix_to_cygwin
+        ;;
+    esac
+    ;;
+  * ) # unhandled hosts (and "normal" native builds)
+    lt_cv_to_host_file_cmd=func_convert_file_noop
+    ;;
+esac
+
+fi
+
+to_host_file_cmd=$lt_cv_to_host_file_cmd
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_to_host_file_cmd" >&5
+$as_echo "$lt_cv_to_host_file_cmd" >&6; }
+
+
+
+
+
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking how to convert $build file names to toolchain format" >&5
+$as_echo_n "checking how to convert $build file names to toolchain format... " >&6; }
+if ${lt_cv_to_tool_file_cmd+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  #assume ordinary cross tools, or native build.
+lt_cv_to_tool_file_cmd=func_convert_file_noop
+case $host in
+  *-*-mingw* )
+    case $build in
+      *-*-mingw* ) # actually msys
+        lt_cv_to_tool_file_cmd=func_convert_file_msys_to_w32
+        ;;
+    esac
+    ;;
+esac
+
+fi
+
+to_tool_file_cmd=$lt_cv_to_tool_file_cmd
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_to_tool_file_cmd" >&5
+$as_echo "$lt_cv_to_tool_file_cmd" >&6; }
+
+
+
+
+
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $LD option to reload object files" >&5
+$as_echo_n "checking for $LD option to reload object files... " >&6; }
+if ${lt_cv_ld_reload_flag+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  lt_cv_ld_reload_flag='-r'
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_ld_reload_flag" >&5
+$as_echo "$lt_cv_ld_reload_flag" >&6; }
+reload_flag=$lt_cv_ld_reload_flag
+case $reload_flag in
+"" | " "*) ;;
+*) reload_flag=" $reload_flag" ;;
+esac
+reload_cmds='$LD$reload_flag -o $output$reload_objs'
+case $host_os in
+  cygwin* | mingw* | pw32* | cegcc*)
+    if test "$GCC" != yes; then
+      reload_cmds=false
+    fi
+    ;;
+  darwin*)
+    if test "$GCC" = yes; then
+      reload_cmds='$LTCC $LTCFLAGS -nostdlib ${wl}-r -o $output$reload_objs'
+    else
+      reload_cmds='$LD$reload_flag -o $output$reload_objs'
+    fi
+    ;;
+esac
+
+
+
+
+
+
+
+
+
+if test -n "$ac_tool_prefix"; then
+  # Extract the first word of "${ac_tool_prefix}objdump", so it can be a program name with args.
+set dummy ${ac_tool_prefix}objdump; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_OBJDUMP+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if test -n "$OBJDUMP"; then
+  ac_cv_prog_OBJDUMP="$OBJDUMP" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    for ac_exec_ext in '' $ac_executable_extensions; do
+  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
+    ac_cv_prog_OBJDUMP="${ac_tool_prefix}objdump"
+    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
+    break 2
+  fi
+done
+  done
+IFS=$as_save_IFS
+
+fi
+fi
+OBJDUMP=$ac_cv_prog_OBJDUMP
+if test -n "$OBJDUMP"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $OBJDUMP" >&5
+$as_echo "$OBJDUMP" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+fi
+if test -z "$ac_cv_prog_OBJDUMP"; then
+  ac_ct_OBJDUMP=$OBJDUMP
+  # Extract the first word of "objdump", so it can be a program name with args.
+set dummy objdump; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_ac_ct_OBJDUMP+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if test -n "$ac_ct_OBJDUMP"; then
+  ac_cv_prog_ac_ct_OBJDUMP="$ac_ct_OBJDUMP" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    for ac_exec_ext in '' $ac_executable_extensions; do
+  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
+    ac_cv_prog_ac_ct_OBJDUMP="objdump"
+    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
+    break 2
+  fi
+done
+  done
+IFS=$as_save_IFS
+
+fi
+fi
+ac_ct_OBJDUMP=$ac_cv_prog_ac_ct_OBJDUMP
+if test -n "$ac_ct_OBJDUMP"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_OBJDUMP" >&5
+$as_echo "$ac_ct_OBJDUMP" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+  if test "x$ac_ct_OBJDUMP" = x; then
+    OBJDUMP="false"
+  else
+    case $cross_compiling:$ac_tool_warned in
+yes:)
+{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5
+$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;}
+ac_tool_warned=yes ;;
+esac
+    OBJDUMP=$ac_ct_OBJDUMP
+  fi
+else
+  OBJDUMP="$ac_cv_prog_OBJDUMP"
+fi
+
+test -z "$OBJDUMP" && OBJDUMP=objdump
+
+
+
+
+
+
+
+
+
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking how to recognize dependent libraries" >&5
+$as_echo_n "checking how to recognize dependent libraries... " >&6; }
+if ${lt_cv_deplibs_check_method+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  lt_cv_file_magic_cmd='$MAGIC_CMD'
+lt_cv_file_magic_test_file=
+lt_cv_deplibs_check_method='unknown'
+# Need to set the preceding variable on all platforms that support
+# interlibrary dependencies.
+# 'none' -- dependencies not supported.
+# `unknown' -- same as none, but documents that we really don't know.
+# 'pass_all' -- all dependencies passed with no checks.
+# 'test_compile' -- check by making test program.
+# 'file_magic [[regex]]' -- check by looking for files in library path
+# which responds to the $file_magic_cmd with a given extended regex.
+# If you have `file' or equivalent on your system and you're not sure
+# whether `pass_all' will *always* work, you probably want this one.
+
+case $host_os in
+aix[4-9]*)
+  lt_cv_deplibs_check_method=pass_all
+  ;;
+
+beos*)
+  lt_cv_deplibs_check_method=pass_all
+  ;;
+
+bsdi[45]*)
+  lt_cv_deplibs_check_method='file_magic ELF [0-9][0-9]*-bit [ML]SB (shared object|dynamic lib)'
+  lt_cv_file_magic_cmd='/usr/bin/file -L'
+  lt_cv_file_magic_test_file=/shlib/libc.so
+  ;;
+
+cygwin*)
+  # func_win32_libid is a shell function defined in ltmain.sh
+  lt_cv_deplibs_check_method='file_magic ^x86 archive import|^x86 DLL'
+  lt_cv_file_magic_cmd='func_win32_libid'
+  ;;
+
+mingw* | pw32*)
+  # Base MSYS/MinGW do not provide the 'file' command needed by
+  # func_win32_libid shell function, so use a weaker test based on 'objdump',
+  # unless we find 'file', for example because we are cross-compiling.
+  # func_win32_libid assumes BSD nm, so disallow it if using MS dumpbin.
+  if ( test "$lt_cv_nm_interface" = "BSD nm" && file / ) >/dev/null 2>&1; then
+    lt_cv_deplibs_check_method='file_magic ^x86 archive import|^x86 DLL'
+    lt_cv_file_magic_cmd='func_win32_libid'
+  else
+    # Keep this pattern in sync with the one in func_win32_libid.
+    lt_cv_deplibs_check_method='file_magic file format (pei*-i386(.*architecture: i386)?|pe-arm-wince|pe-x86-64)'
+    lt_cv_file_magic_cmd='$OBJDUMP -f'
+  fi
+  ;;
+
+cegcc*)
+  # use the weaker test based on 'objdump'. See mingw*.
+  lt_cv_deplibs_check_method='file_magic file format pe-arm-.*little(.*architecture: arm)?'
+  lt_cv_file_magic_cmd='$OBJDUMP -f'
+  ;;
+
+darwin* | rhapsody*)
+  lt_cv_deplibs_check_method=pass_all
+  ;;
+
+freebsd* | dragonfly*)
+  if echo __ELF__ | $CC -E - | $GREP __ELF__ > /dev/null; then
+    case $host_cpu in
+    i*86 )
+      # Not sure whether the presence of OpenBSD here was a mistake.
+      # Let's accept both of them until this is cleared up.
+      lt_cv_deplibs_check_method='file_magic (FreeBSD|OpenBSD|DragonFly)/i[3-9]86 (compact )?demand paged shared library'
+      lt_cv_file_magic_cmd=/usr/bin/file
+      lt_cv_file_magic_test_file=`echo /usr/lib/libc.so.*`
+      ;;
+    esac
+  else
+    lt_cv_deplibs_check_method=pass_all
+  fi
+  ;;
+
+gnu*)
+  lt_cv_deplibs_check_method=pass_all
+  ;;
+
+haiku*)
+  lt_cv_deplibs_check_method=pass_all
+  ;;
+
+hpux10.20* | hpux11*)
+  lt_cv_file_magic_cmd=/usr/bin/file
+  case $host_cpu in
+  ia64*)
+    lt_cv_deplibs_check_method='file_magic (s[0-9][0-9][0-9]|ELF-[0-9][0-9]) shared object file - IA64'
+    lt_cv_file_magic_test_file=/usr/lib/hpux32/libc.so
+    ;;
+  hppa*64*)
+    lt_cv_deplibs_check_method='file_magic (s[0-9][0-9][0-9]|ELF[ -][0-9][0-9])(-bit)?( [LM]SB)? shared object( file)?[, -]* PA-RISC [0-9]\.[0-9]'
+    lt_cv_file_magic_test_file=/usr/lib/pa20_64/libc.sl
+    ;;
+  *)
+    lt_cv_deplibs_check_method='file_magic (s[0-9][0-9][0-9]|PA-RISC[0-9]\.[0-9]) shared library'
+    lt_cv_file_magic_test_file=/usr/lib/libc.sl
+    ;;
+  esac
+  ;;
+
+interix[3-9]*)
+  # PIC code is broken on Interix 3.x, that's why |\.a not |_pic\.a here
+  lt_cv_deplibs_check_method='match_pattern /lib[^/]+(\.so|\.a)$'
+  ;;
+
+irix5* | irix6* | nonstopux*)
+  case $LD in
+  *-32|*"-32 ") libmagic=32-bit;;
+  *-n32|*"-n32 ") libmagic=N32;;
+  *-64|*"-64 ") libmagic=64-bit;;
+  *) libmagic=never-match;;
+  esac
+  lt_cv_deplibs_check_method=pass_all
+  ;;
+
+# This must be glibc/ELF.
+linux* | k*bsd*-gnu | kopensolaris*-gnu)
+  lt_cv_deplibs_check_method=pass_all
+  ;;
+
+netbsd*)
+  if echo __ELF__ | $CC -E - | $GREP __ELF__ > /dev/null; then
+    lt_cv_deplibs_check_method='match_pattern /lib[^/]+(\.so\.[0-9]+\.[0-9]+|_pic\.a)$'
+  else
+    lt_cv_deplibs_check_method='match_pattern /lib[^/]+(\.so|_pic\.a)$'
+  fi
+  ;;
+
+newos6*)
+  lt_cv_deplibs_check_method='file_magic ELF [0-9][0-9]*-bit [ML]SB (executable|dynamic lib)'
+  lt_cv_file_magic_cmd=/usr/bin/file
+  lt_cv_file_magic_test_file=/usr/lib/libnls.so
+  ;;
+
+*nto* | *qnx*)
+  lt_cv_deplibs_check_method=pass_all
+  ;;
+
+openbsd*)
+  if test -z "`echo __ELF__ | $CC -E - | $GREP __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then
+    lt_cv_deplibs_check_method='match_pattern /lib[^/]+(\.so\.[0-9]+\.[0-9]+|\.so|_pic\.a)$'
+  else
+    lt_cv_deplibs_check_method='match_pattern /lib[^/]+(\.so\.[0-9]+\.[0-9]+|_pic\.a)$'
+  fi
+  ;;
+
+osf3* | osf4* | osf5*)
+  lt_cv_deplibs_check_method=pass_all
+  ;;
+
+rdos*)
+  lt_cv_deplibs_check_method=pass_all
+  ;;
+
+solaris*)
+  lt_cv_deplibs_check_method=pass_all
+  ;;
+
+sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX* | sysv4*uw2*)
+  lt_cv_deplibs_check_method=pass_all
+  ;;
+
+sysv4 | sysv4.3*)
+  case $host_vendor in
+  motorola)
+    lt_cv_deplibs_check_method='file_magic ELF [0-9][0-9]*-bit [ML]SB (shared object|dynamic lib) M[0-9][0-9]* Version [0-9]'
+    lt_cv_file_magic_test_file=`echo /usr/lib/libc.so*`
+    ;;
+  ncr)
+    lt_cv_deplibs_check_method=pass_all
+    ;;
+  sequent)
+    lt_cv_file_magic_cmd='/bin/file'
+    lt_cv_deplibs_check_method='file_magic ELF [0-9][0-9]*-bit [LM]SB (shared object|dynamic lib )'
+    ;;
+  sni)
+    lt_cv_file_magic_cmd='/bin/file'
+    lt_cv_deplibs_check_method="file_magic ELF [0-9][0-9]*-bit [LM]SB dynamic lib"
+    lt_cv_file_magic_test_file=/lib/libc.so
+    ;;
+  siemens)
+    lt_cv_deplibs_check_method=pass_all
+    ;;
+  pc)
+    lt_cv_deplibs_check_method=pass_all
+    ;;
+  esac
+  ;;
+
+tpf*)
+  lt_cv_deplibs_check_method=pass_all
+  ;;
+esac
+
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_deplibs_check_method" >&5
+$as_echo "$lt_cv_deplibs_check_method" >&6; }
+
+file_magic_glob=
+want_nocaseglob=no
+if test "$build" = "$host"; then
+  case $host_os in
+  mingw* | pw32*)
+    if ( shopt | grep nocaseglob ) >/dev/null 2>&1; then
+      want_nocaseglob=yes
+    else
+      file_magic_glob=`echo aAbBcCdDeEfFgGhHiIjJkKlLmMnNoOpPqQrRsStTuUvVwWxXyYzZ | $SED -e "s/\(..\)/s\/[\1]\/[\1]\/g;/g"`
+    fi
+    ;;
+  esac
+fi
+
+file_magic_cmd=$lt_cv_file_magic_cmd
+deplibs_check_method=$lt_cv_deplibs_check_method
+test -z "$deplibs_check_method" && deplibs_check_method=unknown
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+if test -n "$ac_tool_prefix"; then
+  # Extract the first word of "${ac_tool_prefix}dlltool", so it can be a program name with args.
+set dummy ${ac_tool_prefix}dlltool; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_DLLTOOL+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if test -n "$DLLTOOL"; then
+  ac_cv_prog_DLLTOOL="$DLLTOOL" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    for ac_exec_ext in '' $ac_executable_extensions; do
+  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
+    ac_cv_prog_DLLTOOL="${ac_tool_prefix}dlltool"
+    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
+    break 2
+  fi
+done
+  done
+IFS=$as_save_IFS
+
+fi
+fi
+DLLTOOL=$ac_cv_prog_DLLTOOL
+if test -n "$DLLTOOL"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $DLLTOOL" >&5
+$as_echo "$DLLTOOL" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+fi
+if test -z "$ac_cv_prog_DLLTOOL"; then
+  ac_ct_DLLTOOL=$DLLTOOL
+  # Extract the first word of "dlltool", so it can be a program name with args.
+set dummy dlltool; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_ac_ct_DLLTOOL+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if test -n "$ac_ct_DLLTOOL"; then
+  ac_cv_prog_ac_ct_DLLTOOL="$ac_ct_DLLTOOL" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    for ac_exec_ext in '' $ac_executable_extensions; do
+  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
+    ac_cv_prog_ac_ct_DLLTOOL="dlltool"
+    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
+    break 2
+  fi
+done
+  done
+IFS=$as_save_IFS
+
+fi
+fi
+ac_ct_DLLTOOL=$ac_cv_prog_ac_ct_DLLTOOL
+if test -n "$ac_ct_DLLTOOL"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_DLLTOOL" >&5
+$as_echo "$ac_ct_DLLTOOL" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+  if test "x$ac_ct_DLLTOOL" = x; then
+    DLLTOOL="false"
+  else
+    case $cross_compiling:$ac_tool_warned in
+yes:)
+{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5
+$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;}
+ac_tool_warned=yes ;;
+esac
+    DLLTOOL=$ac_ct_DLLTOOL
+  fi
+else
+  DLLTOOL="$ac_cv_prog_DLLTOOL"
+fi
+
+test -z "$DLLTOOL" && DLLTOOL=dlltool
+
+
+
+
+
+
+
+
+
+
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking how to associate runtime and link libraries" >&5
+$as_echo_n "checking how to associate runtime and link libraries... " >&6; }
+if ${lt_cv_sharedlib_from_linklib_cmd+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  lt_cv_sharedlib_from_linklib_cmd='unknown'
+
+case $host_os in
+cygwin* | mingw* | pw32* | cegcc*)
+  # two different shell functions defined in ltmain.sh
+  # decide which to use based on capabilities of $DLLTOOL
+  case `$DLLTOOL --help 2>&1` in
+  *--identify-strict*)
+    lt_cv_sharedlib_from_linklib_cmd=func_cygming_dll_for_implib
+    ;;
+  *)
+    lt_cv_sharedlib_from_linklib_cmd=func_cygming_dll_for_implib_fallback
+    ;;
+  esac
+  ;;
+*)
+  # fallback: assume linklib IS sharedlib
+  lt_cv_sharedlib_from_linklib_cmd="$ECHO"
+  ;;
+esac
+
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_sharedlib_from_linklib_cmd" >&5
+$as_echo "$lt_cv_sharedlib_from_linklib_cmd" >&6; }
+sharedlib_from_linklib_cmd=$lt_cv_sharedlib_from_linklib_cmd
+test -z "$sharedlib_from_linklib_cmd" && sharedlib_from_linklib_cmd=$ECHO
+
+
+
+
+
+
+
+
+if test -n "$ac_tool_prefix"; then
+  for ac_prog in ar
+  do
+    # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args.
+set dummy $ac_tool_prefix$ac_prog; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_AR+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if test -n "$AR"; then
+  ac_cv_prog_AR="$AR" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    for ac_exec_ext in '' $ac_executable_extensions; do
+  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
+    ac_cv_prog_AR="$ac_tool_prefix$ac_prog"
+    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
+    break 2
+  fi
+done
+  done
+IFS=$as_save_IFS
+
+fi
+fi
+AR=$ac_cv_prog_AR
+if test -n "$AR"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $AR" >&5
+$as_echo "$AR" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+    test -n "$AR" && break
+  done
+fi
+if test -z "$AR"; then
+  ac_ct_AR=$AR
+  for ac_prog in ar
+do
+  # Extract the first word of "$ac_prog", so it can be a program name with args.
+set dummy $ac_prog; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_ac_ct_AR+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if test -n "$ac_ct_AR"; then
+  ac_cv_prog_ac_ct_AR="$ac_ct_AR" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    for ac_exec_ext in '' $ac_executable_extensions; do
+  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
+    ac_cv_prog_ac_ct_AR="$ac_prog"
+    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
+    break 2
+  fi
+done
+  done
+IFS=$as_save_IFS
+
+fi
+fi
+ac_ct_AR=$ac_cv_prog_ac_ct_AR
+if test -n "$ac_ct_AR"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_AR" >&5
+$as_echo "$ac_ct_AR" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+  test -n "$ac_ct_AR" && break
+done
+
+  if test "x$ac_ct_AR" = x; then
+    AR="false"
+  else
+    case $cross_compiling:$ac_tool_warned in
+yes:)
+{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5
+$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;}
+ac_tool_warned=yes ;;
+esac
+    AR=$ac_ct_AR
+  fi
+fi
+
+: ${AR=ar}
+: ${AR_FLAGS=cru}
+
+
+
+
+
+
+
+
+
+
+
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for archiver @FILE support" >&5
+$as_echo_n "checking for archiver @FILE support... " >&6; }
+if ${lt_cv_ar_at_file+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  lt_cv_ar_at_file=no
+   cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  echo conftest.$ac_objext > conftest.lst
+      lt_ar_try='$AR $AR_FLAGS libconftest.a @conftest.lst >&5'
+      { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$lt_ar_try\""; } >&5
+  (eval $lt_ar_try) 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+      if test "$ac_status" -eq 0; then
+	# Ensure the archiver fails upon bogus file names.
+	rm -f conftest.$ac_objext libconftest.a
+	{ { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$lt_ar_try\""; } >&5
+  (eval $lt_ar_try) 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+	if test "$ac_status" -ne 0; then
+          lt_cv_ar_at_file=@
+        fi
+      fi
+      rm -f conftest.* libconftest.a
+
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_ar_at_file" >&5
+$as_echo "$lt_cv_ar_at_file" >&6; }
+
+if test "x$lt_cv_ar_at_file" = xno; then
+  archiver_list_spec=
+else
+  archiver_list_spec=$lt_cv_ar_at_file
+fi
+
+
+
+
+
+
+
+if test -n "$ac_tool_prefix"; then
+  # Extract the first word of "${ac_tool_prefix}strip", so it can be a program name with args.
+set dummy ${ac_tool_prefix}strip; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_STRIP+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if test -n "$STRIP"; then
+  ac_cv_prog_STRIP="$STRIP" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    for ac_exec_ext in '' $ac_executable_extensions; do
+  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
+    ac_cv_prog_STRIP="${ac_tool_prefix}strip"
+    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
+    break 2
+  fi
+done
+  done
+IFS=$as_save_IFS
+
+fi
+fi
+STRIP=$ac_cv_prog_STRIP
+if test -n "$STRIP"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $STRIP" >&5
+$as_echo "$STRIP" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+fi
+if test -z "$ac_cv_prog_STRIP"; then
+  ac_ct_STRIP=$STRIP
+  # Extract the first word of "strip", so it can be a program name with args.
+set dummy strip; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_ac_ct_STRIP+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if test -n "$ac_ct_STRIP"; then
+  ac_cv_prog_ac_ct_STRIP="$ac_ct_STRIP" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    for ac_exec_ext in '' $ac_executable_extensions; do
+  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
+    ac_cv_prog_ac_ct_STRIP="strip"
+    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
+    break 2
+  fi
+done
+  done
+IFS=$as_save_IFS
+
+fi
+fi
+ac_ct_STRIP=$ac_cv_prog_ac_ct_STRIP
+if test -n "$ac_ct_STRIP"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_STRIP" >&5
+$as_echo "$ac_ct_STRIP" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+  if test "x$ac_ct_STRIP" = x; then
+    STRIP=":"
+  else
+    case $cross_compiling:$ac_tool_warned in
+yes:)
+{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5
+$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;}
+ac_tool_warned=yes ;;
+esac
+    STRIP=$ac_ct_STRIP
+  fi
+else
+  STRIP="$ac_cv_prog_STRIP"
+fi
+
+test -z "$STRIP" && STRIP=:
+
+
+
+
+
+
+if test -n "$ac_tool_prefix"; then
+  # Extract the first word of "${ac_tool_prefix}ranlib", so it can be a program name with args.
+set dummy ${ac_tool_prefix}ranlib; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_RANLIB+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if test -n "$RANLIB"; then
+  ac_cv_prog_RANLIB="$RANLIB" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    for ac_exec_ext in '' $ac_executable_extensions; do
+  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
+    ac_cv_prog_RANLIB="${ac_tool_prefix}ranlib"
+    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
+    break 2
+  fi
+done
+  done
+IFS=$as_save_IFS
+
+fi
+fi
+RANLIB=$ac_cv_prog_RANLIB
+if test -n "$RANLIB"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $RANLIB" >&5
+$as_echo "$RANLIB" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+fi
+if test -z "$ac_cv_prog_RANLIB"; then
+  ac_ct_RANLIB=$RANLIB
+  # Extract the first word of "ranlib", so it can be a program name with args.
+set dummy ranlib; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_ac_ct_RANLIB+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if test -n "$ac_ct_RANLIB"; then
+  ac_cv_prog_ac_ct_RANLIB="$ac_ct_RANLIB" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    for ac_exec_ext in '' $ac_executable_extensions; do
+  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
+    ac_cv_prog_ac_ct_RANLIB="ranlib"
+    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
+    break 2
+  fi
+done
+  done
+IFS=$as_save_IFS
+
+fi
+fi
+ac_ct_RANLIB=$ac_cv_prog_ac_ct_RANLIB
+if test -n "$ac_ct_RANLIB"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_RANLIB" >&5
+$as_echo "$ac_ct_RANLIB" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+  if test "x$ac_ct_RANLIB" = x; then
+    RANLIB=":"
+  else
+    case $cross_compiling:$ac_tool_warned in
+yes:)
+{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5
+$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;}
+ac_tool_warned=yes ;;
+esac
+    RANLIB=$ac_ct_RANLIB
+  fi
+else
+  RANLIB="$ac_cv_prog_RANLIB"
+fi
+
+test -z "$RANLIB" && RANLIB=:
+
+
+
+
+
+
+# Determine commands to create old-style static archives.
+old_archive_cmds='$AR $AR_FLAGS $oldlib$oldobjs'
+old_postinstall_cmds='chmod 644 $oldlib'
+old_postuninstall_cmds=
+
+if test -n "$RANLIB"; then
+  case $host_os in
+  openbsd*)
+    old_postinstall_cmds="$old_postinstall_cmds~\$RANLIB -t \$tool_oldlib"
+    ;;
+  *)
+    old_postinstall_cmds="$old_postinstall_cmds~\$RANLIB \$tool_oldlib"
+    ;;
+  esac
+  old_archive_cmds="$old_archive_cmds~\$RANLIB \$tool_oldlib"
+fi
+
+case $host_os in
+  darwin*)
+    lock_old_archive_extraction=yes ;;
+  *)
+    lock_old_archive_extraction=no ;;
+esac
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+# If no C compiler was specified, use CC.
+LTCC=${LTCC-"$CC"}
+
+# If no C compiler flags were specified, use CFLAGS.
+LTCFLAGS=${LTCFLAGS-"$CFLAGS"}
+
+# Allow CC to be a program name with arguments.
+compiler=$CC
+
+
+# Check for command to grab the raw symbol name followed by C symbol from nm.
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking command to parse $NM output from $compiler object" >&5
+$as_echo_n "checking command to parse $NM output from $compiler object... " >&6; }
+if ${lt_cv_sys_global_symbol_pipe+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+
+# These are sane defaults that work on at least a few old systems.
+# [They come from Ultrix.  What could be older than Ultrix?!! ;)]
+
+# Character class describing NM global symbol codes.
+symcode='[BCDEGRST]'
+
+# Regexp to match symbols that can be accessed directly from C.
+sympat='\([_A-Za-z][_A-Za-z0-9]*\)'
+
+# Define system-specific variables.
+case $host_os in
+aix*)
+  symcode='[BCDT]'
+  ;;
+cygwin* | mingw* | pw32* | cegcc*)
+  symcode='[ABCDGISTW]'
+  ;;
+hpux*)
+  if test "$host_cpu" = ia64; then
+    symcode='[ABCDEGRST]'
+  fi
+  ;;
+irix* | nonstopux*)
+  symcode='[BCDEGRST]'
+  ;;
+osf*)
+  symcode='[BCDEGQRST]'
+  ;;
+solaris*)
+  symcode='[BDRT]'
+  ;;
+sco3.2v5*)
+  symcode='[DT]'
+  ;;
+sysv4.2uw2*)
+  symcode='[DT]'
+  ;;
+sysv5* | sco5v6* | unixware* | OpenUNIX*)
+  symcode='[ABDT]'
+  ;;
+sysv4)
+  symcode='[DFNSTU]'
+  ;;
+esac
+
+# If we're using GNU nm, then use its standard symbol codes.
+case `$NM -V 2>&1` in
+*GNU* | *'with BFD'*)
+  symcode='[ABCDGIRSTW]' ;;
+esac
+
+# Transform an extracted symbol line into a proper C declaration.
+# Some systems (esp. on ia64) link data and code symbols differently,
+# so use this general approach.
+lt_cv_sys_global_symbol_to_cdecl="sed -n -e 's/^T .* \(.*\)$/extern int \1();/p' -e 's/^$symcode* .* \(.*\)$/extern char \1;/p'"
+
+# Transform an extracted symbol line into symbol name and symbol address
+lt_cv_sys_global_symbol_to_c_name_address="sed -n -e 's/^: \([^ ]*\)[ ]*$/  {\\\"\1\\\", (void *) 0},/p' -e 's/^$symcode* \([^ ]*\) \([^ ]*\)$/  {\"\2\", (void *) \&\2},/p'"
+lt_cv_sys_global_symbol_to_c_name_address_lib_prefix="sed -n -e 's/^: \([^ ]*\)[ ]*$/  {\\\"\1\\\", (void *) 0},/p' -e 's/^$symcode* \([^ ]*\) \(lib[^ ]*\)$/  {\"\2\", (void *) \&\2},/p' -e 's/^$symcode* \([^ ]*\) \([^ ]*\)$/  {\"lib\2\", (void *) \&\2},/p'"
+
+# Handle CRLF in mingw tool chain
+opt_cr=
+case $build_os in
+mingw*)
+  opt_cr=`$ECHO 'x\{0,1\}' | tr x '\015'` # option cr in regexp
+  ;;
+esac
+
+# Try without a prefix underscore, then with it.
+for ac_symprfx in "" "_"; do
+
+  # Transform symcode, sympat, and symprfx into a raw symbol and a C symbol.
+  symxfrm="\\1 $ac_symprfx\\2 \\2"
+
+  # Write the raw and C identifiers.
+  if test "$lt_cv_nm_interface" = "MS dumpbin"; then
+    # Fake it for dumpbin and say T for any non-static function
+    # and D for any global variable.
+    # Also find C++ and __fastcall symbols from MSVC++,
+    # which start with @ or ?.
+    lt_cv_sys_global_symbol_pipe="$AWK '"\
+"     {last_section=section; section=\$ 3};"\
+"     /^COFF SYMBOL TABLE/{for(i in hide) delete hide[i]};"\
+"     /Section length .*#relocs.*(pick any)/{hide[last_section]=1};"\
+"     \$ 0!~/External *\|/{next};"\
+"     / 0+ UNDEF /{next}; / UNDEF \([^|]\)*()/{next};"\
+"     {if(hide[section]) next};"\
+"     {f=0}; \$ 0~/\(\).*\|/{f=1}; {printf f ? \"T \" : \"D \"};"\
+"     {split(\$ 0, a, /\||\r/); split(a[2], s)};"\
+"     s[1]~/^[@?]/{print s[1], s[1]; next};"\
+"     s[1]~prfx {split(s[1],t,\"@\"); print t[1], substr(t[1],length(prfx))}"\
+"     ' prfx=^$ac_symprfx"
+  else
+    lt_cv_sys_global_symbol_pipe="sed -n -e 's/^.*[	 ]\($symcode$symcode*\)[	 ][	 ]*$ac_symprfx$sympat$opt_cr$/$symxfrm/p'"
+  fi
+  lt_cv_sys_global_symbol_pipe="$lt_cv_sys_global_symbol_pipe | sed '/ __gnu_lto/d'"
+
+  # Check to see that the pipe works correctly.
+  pipe_works=no
+
+  rm -f conftest*
+  cat > conftest.$ac_ext <<_LT_EOF
+#ifdef __cplusplus
+extern "C" {
+#endif
+char nm_test_var;
+void nm_test_func(void);
+void nm_test_func(void){}
+#ifdef __cplusplus
+}
+#endif
+int main(){nm_test_var='a';nm_test_func();return(0);}
+_LT_EOF
+
+  if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_compile\""; } >&5
+  (eval $ac_compile) 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }; then
+    # Now try to grab the symbols.
+    nlist=conftest.nm
+    if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$NM conftest.$ac_objext \| "$lt_cv_sys_global_symbol_pipe" \> $nlist\""; } >&5
+  (eval $NM conftest.$ac_objext \| "$lt_cv_sys_global_symbol_pipe" \> $nlist) 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; } && test -s "$nlist"; then
+      # Try sorting and uniquifying the output.
+      if sort "$nlist" | uniq > "$nlist"T; then
+	mv -f "$nlist"T "$nlist"
+      else
+	rm -f "$nlist"T
+      fi
+
+      # Make sure that we snagged all the symbols we need.
+      if $GREP ' nm_test_var$' "$nlist" >/dev/null; then
+	if $GREP ' nm_test_func$' "$nlist" >/dev/null; then
+	  cat <<_LT_EOF > conftest.$ac_ext
+/* Keep this code in sync between libtool.m4, ltmain, lt_system.h, and tests.  */
+#if defined(_WIN32) || defined(__CYGWIN__) || defined(_WIN32_WCE)
+/* DATA imports from DLLs on WIN32 con't be const, because runtime
+   relocations are performed -- see ld's documentation on pseudo-relocs.  */
+# define LT_DLSYM_CONST
+#elif defined(__osf__)
+/* This system does not cope well with relocations in const data.  */
+# define LT_DLSYM_CONST
+#else
+# define LT_DLSYM_CONST const
+#endif
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+_LT_EOF
+	  # Now generate the symbol file.
+	  eval "$lt_cv_sys_global_symbol_to_cdecl"' < "$nlist" | $GREP -v main >> conftest.$ac_ext'
+
+	  cat <<_LT_EOF >> conftest.$ac_ext
+
+/* The mapping between symbol names and symbols.  */
+LT_DLSYM_CONST struct {
+  const char *name;
+  void       *address;
+}
+lt__PROGRAM__LTX_preloaded_symbols[] =
+{
+  { "@PROGRAM@", (void *) 0 },
+_LT_EOF
+	  $SED "s/^$symcode$symcode* \(.*\) \(.*\)$/  {\"\2\", (void *) \&\2},/" < "$nlist" | $GREP -v main >> conftest.$ac_ext
+	  cat <<\_LT_EOF >> conftest.$ac_ext
+  {0, (void *) 0}
+};
+
+/* This works around a problem in FreeBSD linker */
+#ifdef FREEBSD_WORKAROUND
+static const void *lt_preloaded_setup() {
+  return lt__PROGRAM__LTX_preloaded_symbols;
+}
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+_LT_EOF
+	  # Now try linking the two files.
+	  mv conftest.$ac_objext conftstm.$ac_objext
+	  lt_globsym_save_LIBS=$LIBS
+	  lt_globsym_save_CFLAGS=$CFLAGS
+	  LIBS="conftstm.$ac_objext"
+	  CFLAGS="$CFLAGS$lt_prog_compiler_no_builtin_flag"
+	  if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_link\""; } >&5
+  (eval $ac_link) 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; } && test -s conftest${ac_exeext}; then
+	    pipe_works=yes
+	  fi
+	  LIBS=$lt_globsym_save_LIBS
+	  CFLAGS=$lt_globsym_save_CFLAGS
+	else
+	  echo "cannot find nm_test_func in $nlist" >&5
+	fi
+      else
+	echo "cannot find nm_test_var in $nlist" >&5
+      fi
+    else
+      echo "cannot run $lt_cv_sys_global_symbol_pipe" >&5
+    fi
+  else
+    echo "$progname: failed program was:" >&5
+    cat conftest.$ac_ext >&5
+  fi
+  rm -rf conftest* conftst*
+
+  # Do not use the global_symbol_pipe unless it works.
+  if test "$pipe_works" = yes; then
+    break
+  else
+    lt_cv_sys_global_symbol_pipe=
+  fi
+done
+
+fi
+
+if test -z "$lt_cv_sys_global_symbol_pipe"; then
+  lt_cv_sys_global_symbol_to_cdecl=
+fi
+if test -z "$lt_cv_sys_global_symbol_pipe$lt_cv_sys_global_symbol_to_cdecl"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: failed" >&5
+$as_echo "failed" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: ok" >&5
+$as_echo "ok" >&6; }
+fi
+
+# Response file support.
+if test "$lt_cv_nm_interface" = "MS dumpbin"; then
+  nm_file_list_spec='@'
+elif $NM --help 2>/dev/null | grep '[@]FILE' >/dev/null; then
+  nm_file_list_spec='@'
+fi
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for sysroot" >&5
+$as_echo_n "checking for sysroot... " >&6; }
+
+# Check whether --with-sysroot was given.
+if test "${with_sysroot+set}" = set; then :
+  withval=$with_sysroot;
+else
+  with_sysroot=no
+fi
+
+
+lt_sysroot=
+case ${with_sysroot} in #(
+ yes)
+   if test "$GCC" = yes; then
+     lt_sysroot=`$CC --print-sysroot 2>/dev/null`
+   fi
+   ;; #(
+ /*)
+   lt_sysroot=`echo "$with_sysroot" | sed -e "$sed_quote_subst"`
+   ;; #(
+ no|'')
+   ;; #(
+ *)
+   { $as_echo "$as_me:${as_lineno-$LINENO}: result: ${with_sysroot}" >&5
+$as_echo "${with_sysroot}" >&6; }
+   as_fn_error $? "The sysroot must be an absolute path." "$LINENO" 5
+   ;;
+esac
+
+ { $as_echo "$as_me:${as_lineno-$LINENO}: result: ${lt_sysroot:-no}" >&5
+$as_echo "${lt_sysroot:-no}" >&6; }
+
+
+
+
+
+# Check whether --enable-libtool-lock was given.
+if test "${enable_libtool_lock+set}" = set; then :
+  enableval=$enable_libtool_lock;
+fi
+
+test "x$enable_libtool_lock" != xno && enable_libtool_lock=yes
+
+# Some flags need to be propagated to the compiler or linker for good
+# libtool support.
+case $host in
+ia64-*-hpux*)
+  # Find out which ABI we are using.
+  echo 'int i;' > conftest.$ac_ext
+  if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_compile\""; } >&5
+  (eval $ac_compile) 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }; then
+    case `/usr/bin/file conftest.$ac_objext` in
+      *ELF-32*)
+	HPUX_IA64_MODE="32"
+	;;
+      *ELF-64*)
+	HPUX_IA64_MODE="64"
+	;;
+    esac
+  fi
+  rm -rf conftest*
+  ;;
+*-*-irix6*)
+  # Find out which ABI we are using.
+  echo '#line '$LINENO' "configure"' > conftest.$ac_ext
+  if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_compile\""; } >&5
+  (eval $ac_compile) 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }; then
+    if test "$lt_cv_prog_gnu_ld" = yes; then
+      case `/usr/bin/file conftest.$ac_objext` in
+	*32-bit*)
+	  LD="${LD-ld} -melf32bsmip"
+	  ;;
+	*N32*)
+	  LD="${LD-ld} -melf32bmipn32"
+	  ;;
+	*64-bit*)
+	  LD="${LD-ld} -melf64bmip"
+	;;
+      esac
+    else
+      case `/usr/bin/file conftest.$ac_objext` in
+	*32-bit*)
+	  LD="${LD-ld} -32"
+	  ;;
+	*N32*)
+	  LD="${LD-ld} -n32"
+	  ;;
+	*64-bit*)
+	  LD="${LD-ld} -64"
+	  ;;
+      esac
+    fi
+  fi
+  rm -rf conftest*
+  ;;
+
+x86_64-*kfreebsd*-gnu|x86_64-*linux*|ppc*-*linux*|powerpc*-*linux*| \
+s390*-*linux*|s390*-*tpf*|sparc*-*linux*)
+  # Find out which ABI we are using.
+  echo 'int i;' > conftest.$ac_ext
+  if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_compile\""; } >&5
+  (eval $ac_compile) 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }; then
+    case `/usr/bin/file conftest.o` in
+      *32-bit*)
+	case $host in
+	  x86_64-*kfreebsd*-gnu)
+	    LD="${LD-ld} -m elf_i386_fbsd"
+	    ;;
+	  x86_64-*linux*)
+	    LD="${LD-ld} -m elf_i386"
+	    ;;
+	  ppc64-*linux*|powerpc64-*linux*)
+	    LD="${LD-ld} -m elf32ppclinux"
+	    ;;
+	  s390x-*linux*)
+	    LD="${LD-ld} -m elf_s390"
+	    ;;
+	  sparc64-*linux*)
+	    LD="${LD-ld} -m elf32_sparc"
+	    ;;
+	esac
+	;;
+      *64-bit*)
+	case $host in
+	  x86_64-*kfreebsd*-gnu)
+	    LD="${LD-ld} -m elf_x86_64_fbsd"
+	    ;;
+	  x86_64-*linux*)
+	    LD="${LD-ld} -m elf_x86_64"
+	    ;;
+	  ppc*-*linux*|powerpc*-*linux*)
+	    LD="${LD-ld} -m elf64ppc"
+	    ;;
+	  s390*-*linux*|s390*-*tpf*)
+	    LD="${LD-ld} -m elf64_s390"
+	    ;;
+	  sparc*-*linux*)
+	    LD="${LD-ld} -m elf64_sparc"
+	    ;;
+	esac
+	;;
+    esac
+  fi
+  rm -rf conftest*
+  ;;
+
+*-*-sco3.2v5*)
+  # On SCO OpenServer 5, we need -belf to get full-featured binaries.
+  SAVE_CFLAGS="$CFLAGS"
+  CFLAGS="$CFLAGS -belf"
+  { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the C compiler needs -belf" >&5
+$as_echo_n "checking whether the C compiler needs -belf... " >&6; }
+if ${lt_cv_cc_needs_belf+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  ac_ext=c
+ac_cpp='$CPP $CPPFLAGS'
+ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
+ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
+ac_compiler_gnu=$ac_cv_c_compiler_gnu
+
+     cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_link "$LINENO"; then :
+  lt_cv_cc_needs_belf=yes
+else
+  lt_cv_cc_needs_belf=no
+fi
+rm -f core conftest.err conftest.$ac_objext \
+    conftest$ac_exeext conftest.$ac_ext
+     ac_ext=c
+ac_cpp='$CPP $CPPFLAGS'
+ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
+ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
+ac_compiler_gnu=$ac_cv_c_compiler_gnu
+
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_cc_needs_belf" >&5
+$as_echo "$lt_cv_cc_needs_belf" >&6; }
+  if test x"$lt_cv_cc_needs_belf" != x"yes"; then
+    # this is probably gcc 2.8.0, egcs 1.0 or newer; no need for -belf
+    CFLAGS="$SAVE_CFLAGS"
+  fi
+  ;;
+*-*solaris*)
+  # Find out which ABI we are using.
+  echo 'int i;' > conftest.$ac_ext
+  if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_compile\""; } >&5
+  (eval $ac_compile) 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }; then
+    case `/usr/bin/file conftest.o` in
+    *64-bit*)
+      case $lt_cv_prog_gnu_ld in
+      yes*)
+        case $host in
+        i?86-*-solaris*)
+          LD="${LD-ld} -m elf_x86_64"
+          ;;
+        sparc*-*-solaris*)
+          LD="${LD-ld} -m elf64_sparc"
+          ;;
+        esac
+        # GNU ld 2.21 introduced _sol2 emulations.  Use them if available.
+        if ${LD-ld} -V | grep _sol2 >/dev/null 2>&1; then
+          LD="${LD-ld}_sol2"
+        fi
+        ;;
+      *)
+	if ${LD-ld} -64 -r -o conftest2.o conftest.o >/dev/null 2>&1; then
+	  LD="${LD-ld} -64"
+	fi
+	;;
+      esac
+      ;;
+    esac
+  fi
+  rm -rf conftest*
+  ;;
+esac
+
+need_locks="$enable_libtool_lock"
+
+if test -n "$ac_tool_prefix"; then
+  # Extract the first word of "${ac_tool_prefix}mt", so it can be a program name with args.
+set dummy ${ac_tool_prefix}mt; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_MANIFEST_TOOL+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if test -n "$MANIFEST_TOOL"; then
+  ac_cv_prog_MANIFEST_TOOL="$MANIFEST_TOOL" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    for ac_exec_ext in '' $ac_executable_extensions; do
+  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
+    ac_cv_prog_MANIFEST_TOOL="${ac_tool_prefix}mt"
+    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
+    break 2
+  fi
+done
+  done
+IFS=$as_save_IFS
+
+fi
+fi
+MANIFEST_TOOL=$ac_cv_prog_MANIFEST_TOOL
+if test -n "$MANIFEST_TOOL"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $MANIFEST_TOOL" >&5
+$as_echo "$MANIFEST_TOOL" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+fi
+if test -z "$ac_cv_prog_MANIFEST_TOOL"; then
+  ac_ct_MANIFEST_TOOL=$MANIFEST_TOOL
+  # Extract the first word of "mt", so it can be a program name with args.
+set dummy mt; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_ac_ct_MANIFEST_TOOL+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if test -n "$ac_ct_MANIFEST_TOOL"; then
+  ac_cv_prog_ac_ct_MANIFEST_TOOL="$ac_ct_MANIFEST_TOOL" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    for ac_exec_ext in '' $ac_executable_extensions; do
+  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
+    ac_cv_prog_ac_ct_MANIFEST_TOOL="mt"
+    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
+    break 2
+  fi
+done
+  done
+IFS=$as_save_IFS
+
+fi
+fi
+ac_ct_MANIFEST_TOOL=$ac_cv_prog_ac_ct_MANIFEST_TOOL
+if test -n "$ac_ct_MANIFEST_TOOL"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_MANIFEST_TOOL" >&5
+$as_echo "$ac_ct_MANIFEST_TOOL" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+  if test "x$ac_ct_MANIFEST_TOOL" = x; then
+    MANIFEST_TOOL=":"
+  else
+    case $cross_compiling:$ac_tool_warned in
+yes:)
+{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5
+$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;}
+ac_tool_warned=yes ;;
+esac
+    MANIFEST_TOOL=$ac_ct_MANIFEST_TOOL
+  fi
+else
+  MANIFEST_TOOL="$ac_cv_prog_MANIFEST_TOOL"
+fi
+
+test -z "$MANIFEST_TOOL" && MANIFEST_TOOL=mt
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if $MANIFEST_TOOL is a manifest tool" >&5
+$as_echo_n "checking if $MANIFEST_TOOL is a manifest tool... " >&6; }
+if ${lt_cv_path_mainfest_tool+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  lt_cv_path_mainfest_tool=no
+  echo "$as_me:$LINENO: $MANIFEST_TOOL '-?'" >&5
+  $MANIFEST_TOOL '-?' 2>conftest.err > conftest.out
+  cat conftest.err >&5
+  if $GREP 'Manifest Tool' conftest.out > /dev/null; then
+    lt_cv_path_mainfest_tool=yes
+  fi
+  rm -f conftest*
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_path_mainfest_tool" >&5
+$as_echo "$lt_cv_path_mainfest_tool" >&6; }
+if test "x$lt_cv_path_mainfest_tool" != xyes; then
+  MANIFEST_TOOL=:
+fi
+
+
+
+
+
+
+  case $host_os in
+    rhapsody* | darwin*)
+    if test -n "$ac_tool_prefix"; then
+  # Extract the first word of "${ac_tool_prefix}dsymutil", so it can be a program name with args.
+set dummy ${ac_tool_prefix}dsymutil; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_DSYMUTIL+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if test -n "$DSYMUTIL"; then
+  ac_cv_prog_DSYMUTIL="$DSYMUTIL" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    for ac_exec_ext in '' $ac_executable_extensions; do
+  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
+    ac_cv_prog_DSYMUTIL="${ac_tool_prefix}dsymutil"
+    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
+    break 2
+  fi
+done
+  done
+IFS=$as_save_IFS
+
+fi
+fi
+DSYMUTIL=$ac_cv_prog_DSYMUTIL
+if test -n "$DSYMUTIL"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $DSYMUTIL" >&5
+$as_echo "$DSYMUTIL" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+fi
+if test -z "$ac_cv_prog_DSYMUTIL"; then
+  ac_ct_DSYMUTIL=$DSYMUTIL
+  # Extract the first word of "dsymutil", so it can be a program name with args.
+set dummy dsymutil; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_ac_ct_DSYMUTIL+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if test -n "$ac_ct_DSYMUTIL"; then
+  ac_cv_prog_ac_ct_DSYMUTIL="$ac_ct_DSYMUTIL" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    for ac_exec_ext in '' $ac_executable_extensions; do
+  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
+    ac_cv_prog_ac_ct_DSYMUTIL="dsymutil"
+    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
+    break 2
+  fi
+done
+  done
+IFS=$as_save_IFS
+
+fi
+fi
+ac_ct_DSYMUTIL=$ac_cv_prog_ac_ct_DSYMUTIL
+if test -n "$ac_ct_DSYMUTIL"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_DSYMUTIL" >&5
+$as_echo "$ac_ct_DSYMUTIL" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+  if test "x$ac_ct_DSYMUTIL" = x; then
+    DSYMUTIL=":"
+  else
+    case $cross_compiling:$ac_tool_warned in
+yes:)
+{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5
+$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;}
+ac_tool_warned=yes ;;
+esac
+    DSYMUTIL=$ac_ct_DSYMUTIL
+  fi
+else
+  DSYMUTIL="$ac_cv_prog_DSYMUTIL"
+fi
+
+    if test -n "$ac_tool_prefix"; then
+  # Extract the first word of "${ac_tool_prefix}nmedit", so it can be a program name with args.
+set dummy ${ac_tool_prefix}nmedit; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_NMEDIT+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if test -n "$NMEDIT"; then
+  ac_cv_prog_NMEDIT="$NMEDIT" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    for ac_exec_ext in '' $ac_executable_extensions; do
+  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
+    ac_cv_prog_NMEDIT="${ac_tool_prefix}nmedit"
+    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
+    break 2
+  fi
+done
+  done
+IFS=$as_save_IFS
+
+fi
+fi
+NMEDIT=$ac_cv_prog_NMEDIT
+if test -n "$NMEDIT"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $NMEDIT" >&5
+$as_echo "$NMEDIT" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+fi
+if test -z "$ac_cv_prog_NMEDIT"; then
+  ac_ct_NMEDIT=$NMEDIT
+  # Extract the first word of "nmedit", so it can be a program name with args.
+set dummy nmedit; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_ac_ct_NMEDIT+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if test -n "$ac_ct_NMEDIT"; then
+  ac_cv_prog_ac_ct_NMEDIT="$ac_ct_NMEDIT" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    for ac_exec_ext in '' $ac_executable_extensions; do
+  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
+    ac_cv_prog_ac_ct_NMEDIT="nmedit"
+    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
+    break 2
+  fi
+done
+  done
+IFS=$as_save_IFS
+
+fi
+fi
+ac_ct_NMEDIT=$ac_cv_prog_ac_ct_NMEDIT
+if test -n "$ac_ct_NMEDIT"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_NMEDIT" >&5
+$as_echo "$ac_ct_NMEDIT" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+  if test "x$ac_ct_NMEDIT" = x; then
+    NMEDIT=":"
+  else
+    case $cross_compiling:$ac_tool_warned in
+yes:)
+{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5
+$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;}
+ac_tool_warned=yes ;;
+esac
+    NMEDIT=$ac_ct_NMEDIT
+  fi
+else
+  NMEDIT="$ac_cv_prog_NMEDIT"
+fi
+
+    if test -n "$ac_tool_prefix"; then
+  # Extract the first word of "${ac_tool_prefix}lipo", so it can be a program name with args.
+set dummy ${ac_tool_prefix}lipo; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_LIPO+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if test -n "$LIPO"; then
+  ac_cv_prog_LIPO="$LIPO" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    for ac_exec_ext in '' $ac_executable_extensions; do
+  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
+    ac_cv_prog_LIPO="${ac_tool_prefix}lipo"
+    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
+    break 2
+  fi
+done
+  done
+IFS=$as_save_IFS
+
+fi
+fi
+LIPO=$ac_cv_prog_LIPO
+if test -n "$LIPO"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $LIPO" >&5
+$as_echo "$LIPO" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+fi
+if test -z "$ac_cv_prog_LIPO"; then
+  ac_ct_LIPO=$LIPO
+  # Extract the first word of "lipo", so it can be a program name with args.
+set dummy lipo; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_ac_ct_LIPO+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if test -n "$ac_ct_LIPO"; then
+  ac_cv_prog_ac_ct_LIPO="$ac_ct_LIPO" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    for ac_exec_ext in '' $ac_executable_extensions; do
+  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
+    ac_cv_prog_ac_ct_LIPO="lipo"
+    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
+    break 2
+  fi
+done
+  done
+IFS=$as_save_IFS
+
+fi
+fi
+ac_ct_LIPO=$ac_cv_prog_ac_ct_LIPO
+if test -n "$ac_ct_LIPO"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_LIPO" >&5
+$as_echo "$ac_ct_LIPO" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+  if test "x$ac_ct_LIPO" = x; then
+    LIPO=":"
+  else
+    case $cross_compiling:$ac_tool_warned in
+yes:)
+{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5
+$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;}
+ac_tool_warned=yes ;;
+esac
+    LIPO=$ac_ct_LIPO
+  fi
+else
+  LIPO="$ac_cv_prog_LIPO"
+fi
+
+    if test -n "$ac_tool_prefix"; then
+  # Extract the first word of "${ac_tool_prefix}otool", so it can be a program name with args.
+set dummy ${ac_tool_prefix}otool; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_OTOOL+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if test -n "$OTOOL"; then
+  ac_cv_prog_OTOOL="$OTOOL" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    for ac_exec_ext in '' $ac_executable_extensions; do
+  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
+    ac_cv_prog_OTOOL="${ac_tool_prefix}otool"
+    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
+    break 2
+  fi
+done
+  done
+IFS=$as_save_IFS
+
+fi
+fi
+OTOOL=$ac_cv_prog_OTOOL
+if test -n "$OTOOL"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $OTOOL" >&5
+$as_echo "$OTOOL" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+fi
+if test -z "$ac_cv_prog_OTOOL"; then
+  ac_ct_OTOOL=$OTOOL
+  # Extract the first word of "otool", so it can be a program name with args.
+set dummy otool; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_ac_ct_OTOOL+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if test -n "$ac_ct_OTOOL"; then
+  ac_cv_prog_ac_ct_OTOOL="$ac_ct_OTOOL" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    for ac_exec_ext in '' $ac_executable_extensions; do
+  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
+    ac_cv_prog_ac_ct_OTOOL="otool"
+    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
+    break 2
+  fi
+done
+  done
+IFS=$as_save_IFS
+
+fi
+fi
+ac_ct_OTOOL=$ac_cv_prog_ac_ct_OTOOL
+if test -n "$ac_ct_OTOOL"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_OTOOL" >&5
+$as_echo "$ac_ct_OTOOL" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+  if test "x$ac_ct_OTOOL" = x; then
+    OTOOL=":"
+  else
+    case $cross_compiling:$ac_tool_warned in
+yes:)
+{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5
+$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;}
+ac_tool_warned=yes ;;
+esac
+    OTOOL=$ac_ct_OTOOL
+  fi
+else
+  OTOOL="$ac_cv_prog_OTOOL"
+fi
+
+    if test -n "$ac_tool_prefix"; then
+  # Extract the first word of "${ac_tool_prefix}otool64", so it can be a program name with args.
+set dummy ${ac_tool_prefix}otool64; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_OTOOL64+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if test -n "$OTOOL64"; then
+  ac_cv_prog_OTOOL64="$OTOOL64" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    for ac_exec_ext in '' $ac_executable_extensions; do
+  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
+    ac_cv_prog_OTOOL64="${ac_tool_prefix}otool64"
+    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
+    break 2
+  fi
+done
+  done
+IFS=$as_save_IFS
+
+fi
+fi
+OTOOL64=$ac_cv_prog_OTOOL64
+if test -n "$OTOOL64"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $OTOOL64" >&5
+$as_echo "$OTOOL64" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+fi
+if test -z "$ac_cv_prog_OTOOL64"; then
+  ac_ct_OTOOL64=$OTOOL64
+  # Extract the first word of "otool64", so it can be a program name with args.
+set dummy otool64; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_ac_ct_OTOOL64+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if test -n "$ac_ct_OTOOL64"; then
+  ac_cv_prog_ac_ct_OTOOL64="$ac_ct_OTOOL64" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    for ac_exec_ext in '' $ac_executable_extensions; do
+  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
+    ac_cv_prog_ac_ct_OTOOL64="otool64"
+    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
+    break 2
+  fi
+done
+  done
+IFS=$as_save_IFS
+
+fi
+fi
+ac_ct_OTOOL64=$ac_cv_prog_ac_ct_OTOOL64
+if test -n "$ac_ct_OTOOL64"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_OTOOL64" >&5
+$as_echo "$ac_ct_OTOOL64" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+  if test "x$ac_ct_OTOOL64" = x; then
+    OTOOL64=":"
+  else
+    case $cross_compiling:$ac_tool_warned in
+yes:)
+{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5
+$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;}
+ac_tool_warned=yes ;;
+esac
+    OTOOL64=$ac_ct_OTOOL64
+  fi
+else
+  OTOOL64="$ac_cv_prog_OTOOL64"
+fi
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+    { $as_echo "$as_me:${as_lineno-$LINENO}: checking for -single_module linker flag" >&5
+$as_echo_n "checking for -single_module linker flag... " >&6; }
+if ${lt_cv_apple_cc_single_mod+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  lt_cv_apple_cc_single_mod=no
+      if test -z "${LT_MULTI_MODULE}"; then
+	# By default we will add the -single_module flag. You can override
+	# by either setting the environment variable LT_MULTI_MODULE
+	# non-empty at configure time, or by adding -multi_module to the
+	# link flags.
+	rm -rf libconftest.dylib*
+	echo "int foo(void){return 1;}" > conftest.c
+	echo "$LTCC $LTCFLAGS $LDFLAGS -o libconftest.dylib \
+-dynamiclib -Wl,-single_module conftest.c" >&5
+	$LTCC $LTCFLAGS $LDFLAGS -o libconftest.dylib \
+	  -dynamiclib -Wl,-single_module conftest.c 2>conftest.err
+        _lt_result=$?
+	# If there is a non-empty error log, and "single_module"
+	# appears in it, assume the flag caused a linker warning
+        if test -s conftest.err && $GREP single_module conftest.err; then
+	  cat conftest.err >&5
+	# Otherwise, if the output was created with a 0 exit code from
+	# the compiler, it worked.
+	elif test -f libconftest.dylib && test $_lt_result -eq 0; then
+	  lt_cv_apple_cc_single_mod=yes
+	else
+	  cat conftest.err >&5
+	fi
+	rm -rf libconftest.dylib*
+	rm -f conftest.*
+      fi
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_apple_cc_single_mod" >&5
+$as_echo "$lt_cv_apple_cc_single_mod" >&6; }
+
+    { $as_echo "$as_me:${as_lineno-$LINENO}: checking for -exported_symbols_list linker flag" >&5
+$as_echo_n "checking for -exported_symbols_list linker flag... " >&6; }
+if ${lt_cv_ld_exported_symbols_list+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  lt_cv_ld_exported_symbols_list=no
+      save_LDFLAGS=$LDFLAGS
+      echo "_main" > conftest.sym
+      LDFLAGS="$LDFLAGS -Wl,-exported_symbols_list,conftest.sym"
+      cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_link "$LINENO"; then :
+  lt_cv_ld_exported_symbols_list=yes
+else
+  lt_cv_ld_exported_symbols_list=no
+fi
+rm -f core conftest.err conftest.$ac_objext \
+    conftest$ac_exeext conftest.$ac_ext
+	LDFLAGS="$save_LDFLAGS"
+
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_ld_exported_symbols_list" >&5
+$as_echo "$lt_cv_ld_exported_symbols_list" >&6; }
+
+    { $as_echo "$as_me:${as_lineno-$LINENO}: checking for -force_load linker flag" >&5
+$as_echo_n "checking for -force_load linker flag... " >&6; }
+if ${lt_cv_ld_force_load+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  lt_cv_ld_force_load=no
+      cat > conftest.c << _LT_EOF
+int forced_loaded() { return 2;}
+_LT_EOF
+      echo "$LTCC $LTCFLAGS -c -o conftest.o conftest.c" >&5
+      $LTCC $LTCFLAGS -c -o conftest.o conftest.c 2>&5
+      echo "$AR cru libconftest.a conftest.o" >&5
+      $AR cru libconftest.a conftest.o 2>&5
+      echo "$RANLIB libconftest.a" >&5
+      $RANLIB libconftest.a 2>&5
+      cat > conftest.c << _LT_EOF
+int main() { return 0;}
+_LT_EOF
+      echo "$LTCC $LTCFLAGS $LDFLAGS -o conftest conftest.c -Wl,-force_load,./libconftest.a" >&5
+      $LTCC $LTCFLAGS $LDFLAGS -o conftest conftest.c -Wl,-force_load,./libconftest.a 2>conftest.err
+      _lt_result=$?
+      if test -s conftest.err && $GREP force_load conftest.err; then
+	cat conftest.err >&5
+      elif test -f conftest && test $_lt_result -eq 0 && $GREP forced_load conftest >/dev/null 2>&1 ; then
+	lt_cv_ld_force_load=yes
+      else
+	cat conftest.err >&5
+      fi
+        rm -f conftest.err libconftest.a conftest conftest.c
+        rm -rf conftest.dSYM
+
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_ld_force_load" >&5
+$as_echo "$lt_cv_ld_force_load" >&6; }
+    case $host_os in
+    rhapsody* | darwin1.[012])
+      _lt_dar_allow_undefined='${wl}-undefined ${wl}suppress' ;;
+    darwin1.*)
+      _lt_dar_allow_undefined='${wl}-flat_namespace ${wl}-undefined ${wl}suppress' ;;
+    darwin*) # darwin 5.x on
+      # if running on 10.5 or later, the deployment target defaults
+      # to the OS version, if on x86, and 10.4, the deployment
+      # target defaults to 10.4. Don't you love it?
+      case ${MACOSX_DEPLOYMENT_TARGET-10.0},$host in
+	10.0,*86*-darwin8*|10.0,*-darwin[91]*)
+	  _lt_dar_allow_undefined='${wl}-undefined ${wl}dynamic_lookup' ;;
+	10.[012][,.]*)
+	  _lt_dar_allow_undefined='${wl}-flat_namespace ${wl}-undefined ${wl}suppress' ;;
+	10.*)
+	  _lt_dar_allow_undefined='${wl}-undefined ${wl}dynamic_lookup' ;;
+      esac
+    ;;
+  esac
+    if test "$lt_cv_apple_cc_single_mod" = "yes"; then
+      _lt_dar_single_mod='$single_module'
+    fi
+    if test "$lt_cv_ld_exported_symbols_list" = "yes"; then
+      _lt_dar_export_syms=' ${wl}-exported_symbols_list,$output_objdir/${libname}-symbols.expsym'
+    else
+      _lt_dar_export_syms='~$NMEDIT -s $output_objdir/${libname}-symbols.expsym ${lib}'
+    fi
+    if test "$DSYMUTIL" != ":" && test "$lt_cv_ld_force_load" = "no"; then
+      _lt_dsymutil='~$DSYMUTIL $lib || :'
+    else
+      _lt_dsymutil=
+    fi
+    ;;
+  esac
+
+ac_ext=c
+ac_cpp='$CPP $CPPFLAGS'
+ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
+ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
+ac_compiler_gnu=$ac_cv_c_compiler_gnu
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking how to run the C preprocessor" >&5
+$as_echo_n "checking how to run the C preprocessor... " >&6; }
+# On Suns, sometimes $CPP names a directory.
+if test -n "$CPP" && test -d "$CPP"; then
+  CPP=
+fi
+if test -z "$CPP"; then
+  if ${ac_cv_prog_CPP+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+      # Double quotes because CPP needs to be expanded
+    for CPP in "$CC -E" "$CC -E -traditional-cpp" "/lib/cpp"
+    do
+      ac_preproc_ok=false
+for ac_c_preproc_warn_flag in '' yes
+do
+  # Use a header file that comes with gcc, so configuring glibc
+  # with a fresh cross-compiler works.
+  # Prefer  to  if __STDC__ is defined, since
+  #  exists even on freestanding compilers.
+  # On the NeXT, cc -E runs the code through the compiler's parser,
+  # not just through cpp. "Syntax error" is here to catch this case.
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+#ifdef __STDC__
+# include 
+#else
+# include 
+#endif
+		     Syntax error
+_ACEOF
+if ac_fn_c_try_cpp "$LINENO"; then :
+
+else
+  # Broken: fails on valid input.
+continue
+fi
+rm -f conftest.err conftest.i conftest.$ac_ext
+
+  # OK, works on sane cases.  Now check whether nonexistent headers
+  # can be detected and how.
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+#include 
+_ACEOF
+if ac_fn_c_try_cpp "$LINENO"; then :
+  # Broken: success on invalid input.
+continue
+else
+  # Passes both tests.
+ac_preproc_ok=:
+break
+fi
+rm -f conftest.err conftest.i conftest.$ac_ext
+
+done
+# Because of `break', _AC_PREPROC_IFELSE's cleaning code was skipped.
+rm -f conftest.i conftest.err conftest.$ac_ext
+if $ac_preproc_ok; then :
+  break
+fi
+
+    done
+    ac_cv_prog_CPP=$CPP
+
+fi
+  CPP=$ac_cv_prog_CPP
+else
+  ac_cv_prog_CPP=$CPP
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $CPP" >&5
+$as_echo "$CPP" >&6; }
+ac_preproc_ok=false
+for ac_c_preproc_warn_flag in '' yes
+do
+  # Use a header file that comes with gcc, so configuring glibc
+  # with a fresh cross-compiler works.
+  # Prefer  to  if __STDC__ is defined, since
+  #  exists even on freestanding compilers.
+  # On the NeXT, cc -E runs the code through the compiler's parser,
+  # not just through cpp. "Syntax error" is here to catch this case.
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+#ifdef __STDC__
+# include 
+#else
+# include 
+#endif
+		     Syntax error
+_ACEOF
+if ac_fn_c_try_cpp "$LINENO"; then :
+
+else
+  # Broken: fails on valid input.
+continue
+fi
+rm -f conftest.err conftest.i conftest.$ac_ext
+
+  # OK, works on sane cases.  Now check whether nonexistent headers
+  # can be detected and how.
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+#include 
+_ACEOF
+if ac_fn_c_try_cpp "$LINENO"; then :
+  # Broken: success on invalid input.
+continue
+else
+  # Passes both tests.
+ac_preproc_ok=:
+break
+fi
+rm -f conftest.err conftest.i conftest.$ac_ext
+
+done
+# Because of `break', _AC_PREPROC_IFELSE's cleaning code was skipped.
+rm -f conftest.i conftest.err conftest.$ac_ext
+if $ac_preproc_ok; then :
+
+else
+  { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
+$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
+as_fn_error $? "C preprocessor \"$CPP\" fails sanity check
+See \`config.log' for more details" "$LINENO" 5; }
+fi
+
+ac_ext=c
+ac_cpp='$CPP $CPPFLAGS'
+ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
+ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
+ac_compiler_gnu=$ac_cv_c_compiler_gnu
+
+
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for ANSI C header files" >&5
+$as_echo_n "checking for ANSI C header files... " >&6; }
+if ${ac_cv_header_stdc+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+#include 
+#include 
+#include 
+#include 
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  ac_cv_header_stdc=yes
+else
+  ac_cv_header_stdc=no
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+
+if test $ac_cv_header_stdc = yes; then
+  # SunOS 4.x string.h does not declare mem*, contrary to ANSI.
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+#include 
+
+_ACEOF
+if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
+  $EGREP "memchr" >/dev/null 2>&1; then :
+
+else
+  ac_cv_header_stdc=no
+fi
+rm -f conftest*
+
+fi
+
+if test $ac_cv_header_stdc = yes; then
+  # ISC 2.0.2 stdlib.h does not declare free, contrary to ANSI.
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+#include 
+
+_ACEOF
+if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
+  $EGREP "free" >/dev/null 2>&1; then :
+
+else
+  ac_cv_header_stdc=no
+fi
+rm -f conftest*
+
+fi
+
+if test $ac_cv_header_stdc = yes; then
+  # /bin/cc in Irix-4.0.5 gets non-ANSI ctype macros unless using -ansi.
+  if test "$cross_compiling" = yes; then :
+  :
+else
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+#include 
+#include 
+#if ((' ' & 0x0FF) == 0x020)
+# define ISLOWER(c) ('a' <= (c) && (c) <= 'z')
+# define TOUPPER(c) (ISLOWER(c) ? 'A' + ((c) - 'a') : (c))
+#else
+# define ISLOWER(c) \
+		   (('a' <= (c) && (c) <= 'i') \
+		     || ('j' <= (c) && (c) <= 'r') \
+		     || ('s' <= (c) && (c) <= 'z'))
+# define TOUPPER(c) (ISLOWER(c) ? ((c) | 0x40) : (c))
+#endif
+
+#define XOR(e, f) (((e) && !(f)) || (!(e) && (f)))
+int
+main ()
+{
+  int i;
+  for (i = 0; i < 256; i++)
+    if (XOR (islower (i), ISLOWER (i))
+	|| toupper (i) != TOUPPER (i))
+      return 2;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_run "$LINENO"; then :
+
+else
+  ac_cv_header_stdc=no
+fi
+rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \
+  conftest.$ac_objext conftest.beam conftest.$ac_ext
+fi
+
+fi
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_header_stdc" >&5
+$as_echo "$ac_cv_header_stdc" >&6; }
+if test $ac_cv_header_stdc = yes; then
+
+$as_echo "#define STDC_HEADERS 1" >>confdefs.h
+
+fi
+
+# On IRIX 5.3, sys/types and inttypes.h are conflicting.
+for ac_header in sys/types.h sys/stat.h stdlib.h string.h memory.h strings.h \
+		  inttypes.h stdint.h unistd.h
+do :
+  as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh`
+ac_fn_c_check_header_compile "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default
+"
+if eval test \"x\$"$as_ac_Header"\" = x"yes"; then :
+  cat >>confdefs.h <<_ACEOF
+#define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1
+_ACEOF
+
+fi
+
+done
+
+
+for ac_header in dlfcn.h
+do :
+  ac_fn_c_check_header_compile "$LINENO" "dlfcn.h" "ac_cv_header_dlfcn_h" "$ac_includes_default
+"
+if test "x$ac_cv_header_dlfcn_h" = xyes; then :
+  cat >>confdefs.h <<_ACEOF
+#define HAVE_DLFCN_H 1
+_ACEOF
+
+fi
+
+done
+
+
+
+
+
+# Set options
+# Check whether --enable-static was given.
+if test "${enable_static+set}" = set; then :
+  enableval=$enable_static; p=${PACKAGE-default}
+    case $enableval in
+    yes) enable_static=yes ;;
+    no) enable_static=no ;;
+    *)
+     enable_static=no
+      # Look at the argument we got.  We use all the common list separators.
+      lt_save_ifs="$IFS"; IFS="${IFS}$PATH_SEPARATOR,"
+      for pkg in $enableval; do
+	IFS="$lt_save_ifs"
+	if test "X$pkg" = "X$p"; then
+	  enable_static=yes
+	fi
+      done
+      IFS="$lt_save_ifs"
+      ;;
+    esac
+else
+  enable_static=no
+fi
+
+
+
+
+
+
+
+
+
+
+        enable_dlopen=no
+
+
+  enable_win32_dll=no
+
+
+            # Check whether --enable-shared was given.
+if test "${enable_shared+set}" = set; then :
+  enableval=$enable_shared; p=${PACKAGE-default}
+    case $enableval in
+    yes) enable_shared=yes ;;
+    no) enable_shared=no ;;
+    *)
+      enable_shared=no
+      # Look at the argument we got.  We use all the common list separators.
+      lt_save_ifs="$IFS"; IFS="${IFS}$PATH_SEPARATOR,"
+      for pkg in $enableval; do
+	IFS="$lt_save_ifs"
+	if test "X$pkg" = "X$p"; then
+	  enable_shared=yes
+	fi
+      done
+      IFS="$lt_save_ifs"
+      ;;
+    esac
+else
+  enable_shared=yes
+fi
+
+
+
+
+
+
+
+
+
+
+
+# Check whether --with-pic was given.
+if test "${with_pic+set}" = set; then :
+  withval=$with_pic; lt_p=${PACKAGE-default}
+    case $withval in
+    yes|no) pic_mode=$withval ;;
+    *)
+      pic_mode=default
+      # Look at the argument we got.  We use all the common list separators.
+      lt_save_ifs="$IFS"; IFS="${IFS}$PATH_SEPARATOR,"
+      for lt_pkg in $withval; do
+	IFS="$lt_save_ifs"
+	if test "X$lt_pkg" = "X$lt_p"; then
+	  pic_mode=yes
+	fi
+      done
+      IFS="$lt_save_ifs"
+      ;;
+    esac
+else
+  pic_mode=default
+fi
+
+
+test -z "$pic_mode" && pic_mode=default
+
+
+
+
+
+
+
+  # Check whether --enable-fast-install was given.
+if test "${enable_fast_install+set}" = set; then :
+  enableval=$enable_fast_install; p=${PACKAGE-default}
+    case $enableval in
+    yes) enable_fast_install=yes ;;
+    no) enable_fast_install=no ;;
+    *)
+      enable_fast_install=no
+      # Look at the argument we got.  We use all the common list separators.
+      lt_save_ifs="$IFS"; IFS="${IFS}$PATH_SEPARATOR,"
+      for pkg in $enableval; do
+	IFS="$lt_save_ifs"
+	if test "X$pkg" = "X$p"; then
+	  enable_fast_install=yes
+	fi
+      done
+      IFS="$lt_save_ifs"
+      ;;
+    esac
+else
+  enable_fast_install=yes
+fi
+
+
+
+
+
+
+
+
+
+
+
+# This can be used to rebuild libtool when needed
+LIBTOOL_DEPS="$ltmain"
+
+# Always use our own libtool.
+LIBTOOL='$(SHELL) $(top_builddir)/libtool'
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+test -z "$LN_S" && LN_S="ln -s"
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+if test -n "${ZSH_VERSION+set}" ; then
+   setopt NO_GLOB_SUBST
+fi
+
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for objdir" >&5
+$as_echo_n "checking for objdir... " >&6; }
+if ${lt_cv_objdir+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  rm -f .libs 2>/dev/null
+mkdir .libs 2>/dev/null
+if test -d .libs; then
+  lt_cv_objdir=.libs
+else
+  # MS-DOS does not allow filenames that begin with a dot.
+  lt_cv_objdir=_libs
+fi
+rmdir .libs 2>/dev/null
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_objdir" >&5
+$as_echo "$lt_cv_objdir" >&6; }
+objdir=$lt_cv_objdir
+
+
+
+
+
+cat >>confdefs.h <<_ACEOF
+#define LT_OBJDIR "$lt_cv_objdir/"
+_ACEOF
+
+
+
+
+case $host_os in
+aix3*)
+  # AIX sometimes has problems with the GCC collect2 program.  For some
+  # reason, if we set the COLLECT_NAMES environment variable, the problems
+  # vanish in a puff of smoke.
+  if test "X${COLLECT_NAMES+set}" != Xset; then
+    COLLECT_NAMES=
+    export COLLECT_NAMES
+  fi
+  ;;
+esac
+
+# Global variables:
+ofile=libtool
+can_build_shared=yes
+
+# All known linkers require a `.a' archive for static linking (except MSVC,
+# which needs '.lib').
+libext=a
+
+with_gnu_ld="$lt_cv_prog_gnu_ld"
+
+old_CC="$CC"
+old_CFLAGS="$CFLAGS"
+
+# Set sane defaults for various variables
+test -z "$CC" && CC=cc
+test -z "$LTCC" && LTCC=$CC
+test -z "$LTCFLAGS" && LTCFLAGS=$CFLAGS
+test -z "$LD" && LD=ld
+test -z "$ac_objext" && ac_objext=o
+
+for cc_temp in $compiler""; do
+  case $cc_temp in
+    compile | *[\\/]compile | ccache | *[\\/]ccache ) ;;
+    distcc | *[\\/]distcc | purify | *[\\/]purify ) ;;
+    \-*) ;;
+    *) break;;
+  esac
+done
+cc_basename=`$ECHO "$cc_temp" | $SED "s%.*/%%; s%^$host_alias-%%"`
+
+
+# Only perform the check for file, if the check method requires it
+test -z "$MAGIC_CMD" && MAGIC_CMD=file
+case $deplibs_check_method in
+file_magic*)
+  if test "$file_magic_cmd" = '$MAGIC_CMD'; then
+    { $as_echo "$as_me:${as_lineno-$LINENO}: checking for ${ac_tool_prefix}file" >&5
+$as_echo_n "checking for ${ac_tool_prefix}file... " >&6; }
+if ${lt_cv_path_MAGIC_CMD+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  case $MAGIC_CMD in
+[\\/*] |  ?:[\\/]*)
+  lt_cv_path_MAGIC_CMD="$MAGIC_CMD" # Let the user override the test with a path.
+  ;;
+*)
+  lt_save_MAGIC_CMD="$MAGIC_CMD"
+  lt_save_ifs="$IFS"; IFS=$PATH_SEPARATOR
+  ac_dummy="/usr/bin$PATH_SEPARATOR$PATH"
+  for ac_dir in $ac_dummy; do
+    IFS="$lt_save_ifs"
+    test -z "$ac_dir" && ac_dir=.
+    if test -f $ac_dir/${ac_tool_prefix}file; then
+      lt_cv_path_MAGIC_CMD="$ac_dir/${ac_tool_prefix}file"
+      if test -n "$file_magic_test_file"; then
+	case $deplibs_check_method in
+	"file_magic "*)
+	  file_magic_regex=`expr "$deplibs_check_method" : "file_magic \(.*\)"`
+	  MAGIC_CMD="$lt_cv_path_MAGIC_CMD"
+	  if eval $file_magic_cmd \$file_magic_test_file 2> /dev/null |
+	    $EGREP "$file_magic_regex" > /dev/null; then
+	    :
+	  else
+	    cat <<_LT_EOF 1>&2
+
+*** Warning: the command libtool uses to detect shared libraries,
+*** $file_magic_cmd, produces output that libtool cannot recognize.
+*** The result is that libtool may fail to recognize shared libraries
+*** as such.  This will affect the creation of libtool libraries that
+*** depend on shared libraries, but programs linked with such libtool
+*** libraries will work regardless of this problem.  Nevertheless, you
+*** may want to report the problem to your system manager and/or to
+*** bug-libtool@gnu.org
+
+_LT_EOF
+	  fi ;;
+	esac
+      fi
+      break
+    fi
+  done
+  IFS="$lt_save_ifs"
+  MAGIC_CMD="$lt_save_MAGIC_CMD"
+  ;;
+esac
+fi
+
+MAGIC_CMD="$lt_cv_path_MAGIC_CMD"
+if test -n "$MAGIC_CMD"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $MAGIC_CMD" >&5
+$as_echo "$MAGIC_CMD" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+
+
+
+if test -z "$lt_cv_path_MAGIC_CMD"; then
+  if test -n "$ac_tool_prefix"; then
+    { $as_echo "$as_me:${as_lineno-$LINENO}: checking for file" >&5
+$as_echo_n "checking for file... " >&6; }
+if ${lt_cv_path_MAGIC_CMD+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  case $MAGIC_CMD in
+[\\/*] |  ?:[\\/]*)
+  lt_cv_path_MAGIC_CMD="$MAGIC_CMD" # Let the user override the test with a path.
+  ;;
+*)
+  lt_save_MAGIC_CMD="$MAGIC_CMD"
+  lt_save_ifs="$IFS"; IFS=$PATH_SEPARATOR
+  ac_dummy="/usr/bin$PATH_SEPARATOR$PATH"
+  for ac_dir in $ac_dummy; do
+    IFS="$lt_save_ifs"
+    test -z "$ac_dir" && ac_dir=.
+    if test -f $ac_dir/file; then
+      lt_cv_path_MAGIC_CMD="$ac_dir/file"
+      if test -n "$file_magic_test_file"; then
+	case $deplibs_check_method in
+	"file_magic "*)
+	  file_magic_regex=`expr "$deplibs_check_method" : "file_magic \(.*\)"`
+	  MAGIC_CMD="$lt_cv_path_MAGIC_CMD"
+	  if eval $file_magic_cmd \$file_magic_test_file 2> /dev/null |
+	    $EGREP "$file_magic_regex" > /dev/null; then
+	    :
+	  else
+	    cat <<_LT_EOF 1>&2
+
+*** Warning: the command libtool uses to detect shared libraries,
+*** $file_magic_cmd, produces output that libtool cannot recognize.
+*** The result is that libtool may fail to recognize shared libraries
+*** as such.  This will affect the creation of libtool libraries that
+*** depend on shared libraries, but programs linked with such libtool
+*** libraries will work regardless of this problem.  Nevertheless, you
+*** may want to report the problem to your system manager and/or to
+*** bug-libtool@gnu.org
+
+_LT_EOF
+	  fi ;;
+	esac
+      fi
+      break
+    fi
+  done
+  IFS="$lt_save_ifs"
+  MAGIC_CMD="$lt_save_MAGIC_CMD"
+  ;;
+esac
+fi
+
+MAGIC_CMD="$lt_cv_path_MAGIC_CMD"
+if test -n "$MAGIC_CMD"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $MAGIC_CMD" >&5
+$as_echo "$MAGIC_CMD" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+  else
+    MAGIC_CMD=:
+  fi
+fi
+
+  fi
+  ;;
+esac
+
+# Use C for the default configuration in the libtool script
+
+lt_save_CC="$CC"
+ac_ext=c
+ac_cpp='$CPP $CPPFLAGS'
+ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
+ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
+ac_compiler_gnu=$ac_cv_c_compiler_gnu
+
+
+# Source file extension for C test sources.
+ac_ext=c
+
+# Object file extension for compiled C test sources.
+objext=o
+objext=$objext
+
+# Code to be used in simple compile tests
+lt_simple_compile_test_code="int some_variable = 0;"
+
+# Code to be used in simple link tests
+lt_simple_link_test_code='int main(){return(0);}'
+
+
+
+
+
+
+
+# If no C compiler was specified, use CC.
+LTCC=${LTCC-"$CC"}
+
+# If no C compiler flags were specified, use CFLAGS.
+LTCFLAGS=${LTCFLAGS-"$CFLAGS"}
+
+# Allow CC to be a program name with arguments.
+compiler=$CC
+
+# Save the default compiler, since it gets overwritten when the other
+# tags are being tested, and _LT_TAGVAR(compiler, []) is a NOP.
+compiler_DEFAULT=$CC
+
+# save warnings/boilerplate of simple test code
+ac_outfile=conftest.$ac_objext
+echo "$lt_simple_compile_test_code" >conftest.$ac_ext
+eval "$ac_compile" 2>&1 >/dev/null | $SED '/^$/d; /^ *+/d' >conftest.err
+_lt_compiler_boilerplate=`cat conftest.err`
+$RM conftest*
+
+ac_outfile=conftest.$ac_objext
+echo "$lt_simple_link_test_code" >conftest.$ac_ext
+eval "$ac_link" 2>&1 >/dev/null | $SED '/^$/d; /^ *+/d' >conftest.err
+_lt_linker_boilerplate=`cat conftest.err`
+$RM -r conftest*
+
+
+## CAVEAT EMPTOR:
+## There is no encapsulation within the following macros, do not change
+## the running order or otherwise move them around unless you know exactly
+## what you are doing...
+if test -n "$compiler"; then
+
+lt_prog_compiler_no_builtin_flag=
+
+if test "$GCC" = yes; then
+  case $cc_basename in
+  nvcc*)
+    lt_prog_compiler_no_builtin_flag=' -Xcompiler -fno-builtin' ;;
+  *)
+    lt_prog_compiler_no_builtin_flag=' -fno-builtin' ;;
+  esac
+
+  { $as_echo "$as_me:${as_lineno-$LINENO}: checking if $compiler supports -fno-rtti -fno-exceptions" >&5
+$as_echo_n "checking if $compiler supports -fno-rtti -fno-exceptions... " >&6; }
+if ${lt_cv_prog_compiler_rtti_exceptions+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  lt_cv_prog_compiler_rtti_exceptions=no
+   ac_outfile=conftest.$ac_objext
+   echo "$lt_simple_compile_test_code" > conftest.$ac_ext
+   lt_compiler_flag="-fno-rtti -fno-exceptions"
+   # Insert the option either (1) after the last *FLAGS variable, or
+   # (2) before a word containing "conftest.", or (3) at the end.
+   # Note that $ac_compile itself does not contain backslashes and begins
+   # with a dollar sign (not a hyphen), so the echo should work correctly.
+   # The option is referenced via a variable to avoid confusing sed.
+   lt_compile=`echo "$ac_compile" | $SED \
+   -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
+   -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \
+   -e 's:$: $lt_compiler_flag:'`
+   (eval echo "\"\$as_me:$LINENO: $lt_compile\"" >&5)
+   (eval "$lt_compile" 2>conftest.err)
+   ac_status=$?
+   cat conftest.err >&5
+   echo "$as_me:$LINENO: \$? = $ac_status" >&5
+   if (exit $ac_status) && test -s "$ac_outfile"; then
+     # The compiler can only warn and ignore the option if not recognized
+     # So say no if there are warnings other than the usual output.
+     $ECHO "$_lt_compiler_boilerplate" | $SED '/^$/d' >conftest.exp
+     $SED '/^$/d; /^ *+/d' conftest.err >conftest.er2
+     if test ! -s conftest.er2 || diff conftest.exp conftest.er2 >/dev/null; then
+       lt_cv_prog_compiler_rtti_exceptions=yes
+     fi
+   fi
+   $RM conftest*
+
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_compiler_rtti_exceptions" >&5
+$as_echo "$lt_cv_prog_compiler_rtti_exceptions" >&6; }
+
+if test x"$lt_cv_prog_compiler_rtti_exceptions" = xyes; then
+    lt_prog_compiler_no_builtin_flag="$lt_prog_compiler_no_builtin_flag -fno-rtti -fno-exceptions"
+else
+    :
+fi
+
+fi
+
+
+
+
+
+
+  lt_prog_compiler_wl=
+lt_prog_compiler_pic=
+lt_prog_compiler_static=
+
+
+  if test "$GCC" = yes; then
+    lt_prog_compiler_wl='-Wl,'
+    lt_prog_compiler_static='-static'
+
+    case $host_os in
+      aix*)
+      # All AIX code is PIC.
+      if test "$host_cpu" = ia64; then
+	# AIX 5 now supports IA64 processor
+	lt_prog_compiler_static='-Bstatic'
+      fi
+      ;;
+
+    amigaos*)
+      case $host_cpu in
+      powerpc)
+            # see comment about AmigaOS4 .so support
+            lt_prog_compiler_pic='-fPIC'
+        ;;
+      m68k)
+            # FIXME: we need at least 68020 code to build shared libraries, but
+            # adding the `-m68020' flag to GCC prevents building anything better,
+            # like `-m68040'.
+            lt_prog_compiler_pic='-m68020 -resident32 -malways-restore-a4'
+        ;;
+      esac
+      ;;
+
+    beos* | irix5* | irix6* | nonstopux* | osf3* | osf4* | osf5*)
+      # PIC is the default for these OSes.
+      ;;
+
+    mingw* | cygwin* | pw32* | os2* | cegcc*)
+      # This hack is so that the source file can tell whether it is being
+      # built for inclusion in a dll (and should export symbols for example).
+      # Although the cygwin gcc ignores -fPIC, still need this for old-style
+      # (--disable-auto-import) libraries
+      lt_prog_compiler_pic='-DDLL_EXPORT'
+      ;;
+
+    darwin* | rhapsody*)
+      # PIC is the default on this platform
+      # Common symbols not allowed in MH_DYLIB files
+      lt_prog_compiler_pic='-fno-common'
+      ;;
+
+    haiku*)
+      # PIC is the default for Haiku.
+      # The "-static" flag exists, but is broken.
+      lt_prog_compiler_static=
+      ;;
+
+    hpux*)
+      # PIC is the default for 64-bit PA HP-UX, but not for 32-bit
+      # PA HP-UX.  On IA64 HP-UX, PIC is the default but the pic flag
+      # sets the default TLS model and affects inlining.
+      case $host_cpu in
+      hppa*64*)
+	# +Z the default
+	;;
+      *)
+	lt_prog_compiler_pic='-fPIC'
+	;;
+      esac
+      ;;
+
+    interix[3-9]*)
+      # Interix 3.x gcc -fpic/-fPIC options generate broken code.
+      # Instead, we relocate shared libraries at runtime.
+      ;;
+
+    msdosdjgpp*)
+      # Just because we use GCC doesn't mean we suddenly get shared libraries
+      # on systems that don't support them.
+      lt_prog_compiler_can_build_shared=no
+      enable_shared=no
+      ;;
+
+    *nto* | *qnx*)
+      # QNX uses GNU C++, but need to define -shared option too, otherwise
+      # it will coredump.
+      lt_prog_compiler_pic='-fPIC -shared'
+      ;;
+
+    sysv4*MP*)
+      if test -d /usr/nec; then
+	lt_prog_compiler_pic=-Kconform_pic
+      fi
+      ;;
+
+    *)
+      lt_prog_compiler_pic='-fPIC'
+      ;;
+    esac
+
+    case $cc_basename in
+    nvcc*) # Cuda Compiler Driver 2.2
+      lt_prog_compiler_wl='-Xlinker '
+      if test -n "$lt_prog_compiler_pic"; then
+        lt_prog_compiler_pic="-Xcompiler $lt_prog_compiler_pic"
+      fi
+      ;;
+    esac
+  else
+    # PORTME Check for flag to pass linker flags through the system compiler.
+    case $host_os in
+    aix*)
+      lt_prog_compiler_wl='-Wl,'
+      if test "$host_cpu" = ia64; then
+	# AIX 5 now supports IA64 processor
+	lt_prog_compiler_static='-Bstatic'
+      else
+	lt_prog_compiler_static='-bnso -bI:/lib/syscalls.exp'
+      fi
+      ;;
+
+    mingw* | cygwin* | pw32* | os2* | cegcc*)
+      # This hack is so that the source file can tell whether it is being
+      # built for inclusion in a dll (and should export symbols for example).
+      lt_prog_compiler_pic='-DDLL_EXPORT'
+      ;;
+
+    hpux9* | hpux10* | hpux11*)
+      lt_prog_compiler_wl='-Wl,'
+      # PIC is the default for IA64 HP-UX and 64-bit HP-UX, but
+      # not for PA HP-UX.
+      case $host_cpu in
+      hppa*64*|ia64*)
+	# +Z the default
+	;;
+      *)
+	lt_prog_compiler_pic='+Z'
+	;;
+      esac
+      # Is there a better lt_prog_compiler_static that works with the bundled CC?
+      lt_prog_compiler_static='${wl}-a ${wl}archive'
+      ;;
+
+    irix5* | irix6* | nonstopux*)
+      lt_prog_compiler_wl='-Wl,'
+      # PIC (with -KPIC) is the default.
+      lt_prog_compiler_static='-non_shared'
+      ;;
+
+    linux* | k*bsd*-gnu | kopensolaris*-gnu)
+      case $cc_basename in
+      # old Intel for x86_64 which still supported -KPIC.
+      ecc*)
+	lt_prog_compiler_wl='-Wl,'
+	lt_prog_compiler_pic='-KPIC'
+	lt_prog_compiler_static='-static'
+        ;;
+      # icc used to be incompatible with GCC.
+      # ICC 10 doesn't accept -KPIC any more.
+      icc* | ifort*)
+	lt_prog_compiler_wl='-Wl,'
+	lt_prog_compiler_pic='-fPIC'
+	lt_prog_compiler_static='-static'
+        ;;
+      # Lahey Fortran 8.1.
+      lf95*)
+	lt_prog_compiler_wl='-Wl,'
+	lt_prog_compiler_pic='--shared'
+	lt_prog_compiler_static='--static'
+	;;
+      nagfor*)
+	# NAG Fortran compiler
+	lt_prog_compiler_wl='-Wl,-Wl,,'
+	lt_prog_compiler_pic='-PIC'
+	lt_prog_compiler_static='-Bstatic'
+	;;
+      pgcc* | pgf77* | pgf90* | pgf95* | pgfortran*)
+        # Portland Group compilers (*not* the Pentium gcc compiler,
+	# which looks to be a dead project)
+	lt_prog_compiler_wl='-Wl,'
+	lt_prog_compiler_pic='-fpic'
+	lt_prog_compiler_static='-Bstatic'
+        ;;
+      ccc*)
+        lt_prog_compiler_wl='-Wl,'
+        # All Alpha code is PIC.
+        lt_prog_compiler_static='-non_shared'
+        ;;
+      xl* | bgxl* | bgf* | mpixl*)
+	# IBM XL C 8.0/Fortran 10.1, 11.1 on PPC and BlueGene
+	lt_prog_compiler_wl='-Wl,'
+	lt_prog_compiler_pic='-qpic'
+	lt_prog_compiler_static='-qstaticlink'
+	;;
+      *)
+	case `$CC -V 2>&1 | sed 5q` in
+	*Sun\ Ceres\ Fortran* | *Sun*Fortran*\ [1-7].* | *Sun*Fortran*\ 8.[0-3]*)
+	  # Sun Fortran 8.3 passes all unrecognized flags to the linker
+	  lt_prog_compiler_pic='-KPIC'
+	  lt_prog_compiler_static='-Bstatic'
+	  lt_prog_compiler_wl=''
+	  ;;
+	*Sun\ F* | *Sun*Fortran*)
+	  lt_prog_compiler_pic='-KPIC'
+	  lt_prog_compiler_static='-Bstatic'
+	  lt_prog_compiler_wl='-Qoption ld '
+	  ;;
+	*Sun\ C*)
+	  # Sun C 5.9
+	  lt_prog_compiler_pic='-KPIC'
+	  lt_prog_compiler_static='-Bstatic'
+	  lt_prog_compiler_wl='-Wl,'
+	  ;;
+        *Intel*\ [CF]*Compiler*)
+	  lt_prog_compiler_wl='-Wl,'
+	  lt_prog_compiler_pic='-fPIC'
+	  lt_prog_compiler_static='-static'
+	  ;;
+	*Portland\ Group*)
+	  lt_prog_compiler_wl='-Wl,'
+	  lt_prog_compiler_pic='-fpic'
+	  lt_prog_compiler_static='-Bstatic'
+	  ;;
+	esac
+	;;
+      esac
+      ;;
+
+    newsos6)
+      lt_prog_compiler_pic='-KPIC'
+      lt_prog_compiler_static='-Bstatic'
+      ;;
+
+    *nto* | *qnx*)
+      # QNX uses GNU C++, but need to define -shared option too, otherwise
+      # it will coredump.
+      lt_prog_compiler_pic='-fPIC -shared'
+      ;;
+
+    osf3* | osf4* | osf5*)
+      lt_prog_compiler_wl='-Wl,'
+      # All OSF/1 code is PIC.
+      lt_prog_compiler_static='-non_shared'
+      ;;
+
+    rdos*)
+      lt_prog_compiler_static='-non_shared'
+      ;;
+
+    solaris*)
+      lt_prog_compiler_pic='-KPIC'
+      lt_prog_compiler_static='-Bstatic'
+      case $cc_basename in
+      f77* | f90* | f95* | sunf77* | sunf90* | sunf95*)
+	lt_prog_compiler_wl='-Qoption ld ';;
+      *)
+	lt_prog_compiler_wl='-Wl,';;
+      esac
+      ;;
+
+    sunos4*)
+      lt_prog_compiler_wl='-Qoption ld '
+      lt_prog_compiler_pic='-PIC'
+      lt_prog_compiler_static='-Bstatic'
+      ;;
+
+    sysv4 | sysv4.2uw2* | sysv4.3*)
+      lt_prog_compiler_wl='-Wl,'
+      lt_prog_compiler_pic='-KPIC'
+      lt_prog_compiler_static='-Bstatic'
+      ;;
+
+    sysv4*MP*)
+      if test -d /usr/nec ;then
+	lt_prog_compiler_pic='-Kconform_pic'
+	lt_prog_compiler_static='-Bstatic'
+      fi
+      ;;
+
+    sysv5* | unixware* | sco3.2v5* | sco5v6* | OpenUNIX*)
+      lt_prog_compiler_wl='-Wl,'
+      lt_prog_compiler_pic='-KPIC'
+      lt_prog_compiler_static='-Bstatic'
+      ;;
+
+    unicos*)
+      lt_prog_compiler_wl='-Wl,'
+      lt_prog_compiler_can_build_shared=no
+      ;;
+
+    uts4*)
+      lt_prog_compiler_pic='-pic'
+      lt_prog_compiler_static='-Bstatic'
+      ;;
+
+    *)
+      lt_prog_compiler_can_build_shared=no
+      ;;
+    esac
+  fi
+
+case $host_os in
+  # For platforms which do not support PIC, -DPIC is meaningless:
+  *djgpp*)
+    lt_prog_compiler_pic=
+    ;;
+  *)
+    lt_prog_compiler_pic="$lt_prog_compiler_pic -DPIC"
+    ;;
+esac
+
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $compiler option to produce PIC" >&5
+$as_echo_n "checking for $compiler option to produce PIC... " >&6; }
+if ${lt_cv_prog_compiler_pic+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  lt_cv_prog_compiler_pic=$lt_prog_compiler_pic
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_compiler_pic" >&5
+$as_echo "$lt_cv_prog_compiler_pic" >&6; }
+lt_prog_compiler_pic=$lt_cv_prog_compiler_pic
+
+#
+# Check to make sure the PIC flag actually works.
+#
+if test -n "$lt_prog_compiler_pic"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: checking if $compiler PIC flag $lt_prog_compiler_pic works" >&5
+$as_echo_n "checking if $compiler PIC flag $lt_prog_compiler_pic works... " >&6; }
+if ${lt_cv_prog_compiler_pic_works+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  lt_cv_prog_compiler_pic_works=no
+   ac_outfile=conftest.$ac_objext
+   echo "$lt_simple_compile_test_code" > conftest.$ac_ext
+   lt_compiler_flag="$lt_prog_compiler_pic -DPIC"
+   # Insert the option either (1) after the last *FLAGS variable, or
+   # (2) before a word containing "conftest.", or (3) at the end.
+   # Note that $ac_compile itself does not contain backslashes and begins
+   # with a dollar sign (not a hyphen), so the echo should work correctly.
+   # The option is referenced via a variable to avoid confusing sed.
+   lt_compile=`echo "$ac_compile" | $SED \
+   -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
+   -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \
+   -e 's:$: $lt_compiler_flag:'`
+   (eval echo "\"\$as_me:$LINENO: $lt_compile\"" >&5)
+   (eval "$lt_compile" 2>conftest.err)
+   ac_status=$?
+   cat conftest.err >&5
+   echo "$as_me:$LINENO: \$? = $ac_status" >&5
+   if (exit $ac_status) && test -s "$ac_outfile"; then
+     # The compiler can only warn and ignore the option if not recognized
+     # So say no if there are warnings other than the usual output.
+     $ECHO "$_lt_compiler_boilerplate" | $SED '/^$/d' >conftest.exp
+     $SED '/^$/d; /^ *+/d' conftest.err >conftest.er2
+     if test ! -s conftest.er2 || diff conftest.exp conftest.er2 >/dev/null; then
+       lt_cv_prog_compiler_pic_works=yes
+     fi
+   fi
+   $RM conftest*
+
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_compiler_pic_works" >&5
+$as_echo "$lt_cv_prog_compiler_pic_works" >&6; }
+
+if test x"$lt_cv_prog_compiler_pic_works" = xyes; then
+    case $lt_prog_compiler_pic in
+     "" | " "*) ;;
+     *) lt_prog_compiler_pic=" $lt_prog_compiler_pic" ;;
+     esac
+else
+    lt_prog_compiler_pic=
+     lt_prog_compiler_can_build_shared=no
+fi
+
+fi
+
+
+
+
+
+
+
+
+
+
+
+#
+# Check to make sure the static flag actually works.
+#
+wl=$lt_prog_compiler_wl eval lt_tmp_static_flag=\"$lt_prog_compiler_static\"
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if $compiler static flag $lt_tmp_static_flag works" >&5
+$as_echo_n "checking if $compiler static flag $lt_tmp_static_flag works... " >&6; }
+if ${lt_cv_prog_compiler_static_works+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  lt_cv_prog_compiler_static_works=no
+   save_LDFLAGS="$LDFLAGS"
+   LDFLAGS="$LDFLAGS $lt_tmp_static_flag"
+   echo "$lt_simple_link_test_code" > conftest.$ac_ext
+   if (eval $ac_link 2>conftest.err) && test -s conftest$ac_exeext; then
+     # The linker can only warn and ignore the option if not recognized
+     # So say no if there are warnings
+     if test -s conftest.err; then
+       # Append any errors to the config.log.
+       cat conftest.err 1>&5
+       $ECHO "$_lt_linker_boilerplate" | $SED '/^$/d' > conftest.exp
+       $SED '/^$/d; /^ *+/d' conftest.err >conftest.er2
+       if diff conftest.exp conftest.er2 >/dev/null; then
+         lt_cv_prog_compiler_static_works=yes
+       fi
+     else
+       lt_cv_prog_compiler_static_works=yes
+     fi
+   fi
+   $RM -r conftest*
+   LDFLAGS="$save_LDFLAGS"
+
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_compiler_static_works" >&5
+$as_echo "$lt_cv_prog_compiler_static_works" >&6; }
+
+if test x"$lt_cv_prog_compiler_static_works" = xyes; then
+    :
+else
+    lt_prog_compiler_static=
+fi
+
+
+
+
+
+
+
+  { $as_echo "$as_me:${as_lineno-$LINENO}: checking if $compiler supports -c -o file.$ac_objext" >&5
+$as_echo_n "checking if $compiler supports -c -o file.$ac_objext... " >&6; }
+if ${lt_cv_prog_compiler_c_o+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  lt_cv_prog_compiler_c_o=no
+   $RM -r conftest 2>/dev/null
+   mkdir conftest
+   cd conftest
+   mkdir out
+   echo "$lt_simple_compile_test_code" > conftest.$ac_ext
+
+   lt_compiler_flag="-o out/conftest2.$ac_objext"
+   # Insert the option either (1) after the last *FLAGS variable, or
+   # (2) before a word containing "conftest.", or (3) at the end.
+   # Note that $ac_compile itself does not contain backslashes and begins
+   # with a dollar sign (not a hyphen), so the echo should work correctly.
+   lt_compile=`echo "$ac_compile" | $SED \
+   -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
+   -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \
+   -e 's:$: $lt_compiler_flag:'`
+   (eval echo "\"\$as_me:$LINENO: $lt_compile\"" >&5)
+   (eval "$lt_compile" 2>out/conftest.err)
+   ac_status=$?
+   cat out/conftest.err >&5
+   echo "$as_me:$LINENO: \$? = $ac_status" >&5
+   if (exit $ac_status) && test -s out/conftest2.$ac_objext
+   then
+     # The compiler can only warn and ignore the option if not recognized
+     # So say no if there are warnings
+     $ECHO "$_lt_compiler_boilerplate" | $SED '/^$/d' > out/conftest.exp
+     $SED '/^$/d; /^ *+/d' out/conftest.err >out/conftest.er2
+     if test ! -s out/conftest.er2 || diff out/conftest.exp out/conftest.er2 >/dev/null; then
+       lt_cv_prog_compiler_c_o=yes
+     fi
+   fi
+   chmod u+w . 2>&5
+   $RM conftest*
+   # SGI C++ compiler will create directory out/ii_files/ for
+   # template instantiation
+   test -d out/ii_files && $RM out/ii_files/* && rmdir out/ii_files
+   $RM out/* && rmdir out
+   cd ..
+   $RM -r conftest
+   $RM conftest*
+
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_compiler_c_o" >&5
+$as_echo "$lt_cv_prog_compiler_c_o" >&6; }
+
+
+
+
+
+
+  { $as_echo "$as_me:${as_lineno-$LINENO}: checking if $compiler supports -c -o file.$ac_objext" >&5
+$as_echo_n "checking if $compiler supports -c -o file.$ac_objext... " >&6; }
+if ${lt_cv_prog_compiler_c_o+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  lt_cv_prog_compiler_c_o=no
+   $RM -r conftest 2>/dev/null
+   mkdir conftest
+   cd conftest
+   mkdir out
+   echo "$lt_simple_compile_test_code" > conftest.$ac_ext
+
+   lt_compiler_flag="-o out/conftest2.$ac_objext"
+   # Insert the option either (1) after the last *FLAGS variable, or
+   # (2) before a word containing "conftest.", or (3) at the end.
+   # Note that $ac_compile itself does not contain backslashes and begins
+   # with a dollar sign (not a hyphen), so the echo should work correctly.
+   lt_compile=`echo "$ac_compile" | $SED \
+   -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
+   -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \
+   -e 's:$: $lt_compiler_flag:'`
+   (eval echo "\"\$as_me:$LINENO: $lt_compile\"" >&5)
+   (eval "$lt_compile" 2>out/conftest.err)
+   ac_status=$?
+   cat out/conftest.err >&5
+   echo "$as_me:$LINENO: \$? = $ac_status" >&5
+   if (exit $ac_status) && test -s out/conftest2.$ac_objext
+   then
+     # The compiler can only warn and ignore the option if not recognized
+     # So say no if there are warnings
+     $ECHO "$_lt_compiler_boilerplate" | $SED '/^$/d' > out/conftest.exp
+     $SED '/^$/d; /^ *+/d' out/conftest.err >out/conftest.er2
+     if test ! -s out/conftest.er2 || diff out/conftest.exp out/conftest.er2 >/dev/null; then
+       lt_cv_prog_compiler_c_o=yes
+     fi
+   fi
+   chmod u+w . 2>&5
+   $RM conftest*
+   # SGI C++ compiler will create directory out/ii_files/ for
+   # template instantiation
+   test -d out/ii_files && $RM out/ii_files/* && rmdir out/ii_files
+   $RM out/* && rmdir out
+   cd ..
+   $RM -r conftest
+   $RM conftest*
+
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_compiler_c_o" >&5
+$as_echo "$lt_cv_prog_compiler_c_o" >&6; }
+
+
+
+
+hard_links="nottested"
+if test "$lt_cv_prog_compiler_c_o" = no && test "$need_locks" != no; then
+  # do not overwrite the value of need_locks provided by the user
+  { $as_echo "$as_me:${as_lineno-$LINENO}: checking if we can lock with hard links" >&5
+$as_echo_n "checking if we can lock with hard links... " >&6; }
+  hard_links=yes
+  $RM conftest*
+  ln conftest.a conftest.b 2>/dev/null && hard_links=no
+  touch conftest.a
+  ln conftest.a conftest.b 2>&5 || hard_links=no
+  ln conftest.a conftest.b 2>/dev/null && hard_links=no
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $hard_links" >&5
+$as_echo "$hard_links" >&6; }
+  if test "$hard_links" = no; then
+    { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: \`$CC' does not support \`-c -o', so \`make -j' may be unsafe" >&5
+$as_echo "$as_me: WARNING: \`$CC' does not support \`-c -o', so \`make -j' may be unsafe" >&2;}
+    need_locks=warn
+  fi
+else
+  need_locks=no
+fi
+
+
+
+
+
+
+  { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the $compiler linker ($LD) supports shared libraries" >&5
+$as_echo_n "checking whether the $compiler linker ($LD) supports shared libraries... " >&6; }
+
+  runpath_var=
+  allow_undefined_flag=
+  always_export_symbols=no
+  archive_cmds=
+  archive_expsym_cmds=
+  compiler_needs_object=no
+  enable_shared_with_static_runtimes=no
+  export_dynamic_flag_spec=
+  export_symbols_cmds='$NM $libobjs $convenience | $global_symbol_pipe | $SED '\''s/.* //'\'' | sort | uniq > $export_symbols'
+  hardcode_automatic=no
+  hardcode_direct=no
+  hardcode_direct_absolute=no
+  hardcode_libdir_flag_spec=
+  hardcode_libdir_separator=
+  hardcode_minus_L=no
+  hardcode_shlibpath_var=unsupported
+  inherit_rpath=no
+  link_all_deplibs=unknown
+  module_cmds=
+  module_expsym_cmds=
+  old_archive_from_new_cmds=
+  old_archive_from_expsyms_cmds=
+  thread_safe_flag_spec=
+  whole_archive_flag_spec=
+  # include_expsyms should be a list of space-separated symbols to be *always*
+  # included in the symbol list
+  include_expsyms=
+  # exclude_expsyms can be an extended regexp of symbols to exclude
+  # it will be wrapped by ` (' and `)$', so one must not match beginning or
+  # end of line.  Example: `a|bc|.*d.*' will exclude the symbols `a' and `bc',
+  # as well as any symbol that contains `d'.
+  exclude_expsyms='_GLOBAL_OFFSET_TABLE_|_GLOBAL__F[ID]_.*'
+  # Although _GLOBAL_OFFSET_TABLE_ is a valid symbol C name, most a.out
+  # platforms (ab)use it in PIC code, but their linkers get confused if
+  # the symbol is explicitly referenced.  Since portable code cannot
+  # rely on this symbol name, it's probably fine to never include it in
+  # preloaded symbol tables.
+  # Exclude shared library initialization/finalization symbols.
+  extract_expsyms_cmds=
+
+  case $host_os in
+  cygwin* | mingw* | pw32* | cegcc*)
+    # FIXME: the MSVC++ port hasn't been tested in a loooong time
+    # When not using gcc, we currently assume that we are using
+    # Microsoft Visual C++.
+    if test "$GCC" != yes; then
+      with_gnu_ld=no
+    fi
+    ;;
+  interix*)
+    # we just hope/assume this is gcc and not c89 (= MSVC++)
+    with_gnu_ld=yes
+    ;;
+  openbsd*)
+    with_gnu_ld=no
+    ;;
+  esac
+
+  ld_shlibs=yes
+
+  # On some targets, GNU ld is compatible enough with the native linker
+  # that we're better off using the native interface for both.
+  lt_use_gnu_ld_interface=no
+  if test "$with_gnu_ld" = yes; then
+    case $host_os in
+      aix*)
+	# The AIX port of GNU ld has always aspired to compatibility
+	# with the native linker.  However, as the warning in the GNU ld
+	# block says, versions before 2.19.5* couldn't really create working
+	# shared libraries, regardless of the interface used.
+	case `$LD -v 2>&1` in
+	  *\ \(GNU\ Binutils\)\ 2.19.5*) ;;
+	  *\ \(GNU\ Binutils\)\ 2.[2-9]*) ;;
+	  *\ \(GNU\ Binutils\)\ [3-9]*) ;;
+	  *)
+	    lt_use_gnu_ld_interface=yes
+	    ;;
+	esac
+	;;
+      *)
+	lt_use_gnu_ld_interface=yes
+	;;
+    esac
+  fi
+
+  if test "$lt_use_gnu_ld_interface" = yes; then
+    # If archive_cmds runs LD, not CC, wlarc should be empty
+    wlarc='${wl}'
+
+    # Set some defaults for GNU ld with shared library support. These
+    # are reset later if shared libraries are not supported. Putting them
+    # here allows them to be overridden if necessary.
+    runpath_var=LD_RUN_PATH
+    hardcode_libdir_flag_spec='${wl}-rpath ${wl}$libdir'
+    export_dynamic_flag_spec='${wl}--export-dynamic'
+    # ancient GNU ld didn't support --whole-archive et. al.
+    if $LD --help 2>&1 | $GREP 'no-whole-archive' > /dev/null; then
+      whole_archive_flag_spec="$wlarc"'--whole-archive$convenience '"$wlarc"'--no-whole-archive'
+    else
+      whole_archive_flag_spec=
+    fi
+    supports_anon_versioning=no
+    case `$LD -v 2>&1` in
+      *GNU\ gold*) supports_anon_versioning=yes ;;
+      *\ [01].* | *\ 2.[0-9].* | *\ 2.10.*) ;; # catch versions < 2.11
+      *\ 2.11.93.0.2\ *) supports_anon_versioning=yes ;; # RH7.3 ...
+      *\ 2.11.92.0.12\ *) supports_anon_versioning=yes ;; # Mandrake 8.2 ...
+      *\ 2.11.*) ;; # other 2.11 versions
+      *) supports_anon_versioning=yes ;;
+    esac
+
+    # See if GNU ld supports shared libraries.
+    case $host_os in
+    aix[3-9]*)
+      # On AIX/PPC, the GNU linker is very broken
+      if test "$host_cpu" != ia64; then
+	ld_shlibs=no
+	cat <<_LT_EOF 1>&2
+
+*** Warning: the GNU linker, at least up to release 2.19, is reported
+*** to be unable to reliably create shared libraries on AIX.
+*** Therefore, libtool is disabling shared libraries support.  If you
+*** really care for shared libraries, you may want to install binutils
+*** 2.20 or above, or modify your PATH so that a non-GNU linker is found.
+*** You will then need to restart the configuration process.
+
+_LT_EOF
+      fi
+      ;;
+
+    amigaos*)
+      case $host_cpu in
+      powerpc)
+            # see comment about AmigaOS4 .so support
+            archive_cmds='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
+            archive_expsym_cmds=''
+        ;;
+      m68k)
+            archive_cmds='$RM $output_objdir/a2ixlibrary.data~$ECHO "#define NAME $libname" > $output_objdir/a2ixlibrary.data~$ECHO "#define LIBRARY_ID 1" >> $output_objdir/a2ixlibrary.data~$ECHO "#define VERSION $major" >> $output_objdir/a2ixlibrary.data~$ECHO "#define REVISION $revision" >> $output_objdir/a2ixlibrary.data~$AR $AR_FLAGS $lib $libobjs~$RANLIB $lib~(cd $output_objdir && a2ixlibrary -32)'
+            hardcode_libdir_flag_spec='-L$libdir'
+            hardcode_minus_L=yes
+        ;;
+      esac
+      ;;
+
+    beos*)
+      if $LD --help 2>&1 | $GREP ': supported targets:.* elf' > /dev/null; then
+	allow_undefined_flag=unsupported
+	# Joseph Beckenbach  says some releases of gcc
+	# support --undefined.  This deserves some investigation.  FIXME
+	archive_cmds='$CC -nostart $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
+      else
+	ld_shlibs=no
+      fi
+      ;;
+
+    cygwin* | mingw* | pw32* | cegcc*)
+      # _LT_TAGVAR(hardcode_libdir_flag_spec, ) is actually meaningless,
+      # as there is no search path for DLLs.
+      hardcode_libdir_flag_spec='-L$libdir'
+      export_dynamic_flag_spec='${wl}--export-all-symbols'
+      allow_undefined_flag=unsupported
+      always_export_symbols=no
+      enable_shared_with_static_runtimes=yes
+      export_symbols_cmds='$NM $libobjs $convenience | $global_symbol_pipe | $SED -e '\''/^[BCDGRS][ ]/s/.*[ ]\([^ ]*\)/\1 DATA/;s/^.*[ ]__nm__\([^ ]*\)[ ][^ ]*/\1 DATA/;/^I[ ]/d;/^[AITW][ ]/s/.* //'\'' | sort | uniq > $export_symbols'
+      exclude_expsyms='[_]+GLOBAL_OFFSET_TABLE_|[_]+GLOBAL__[FID]_.*|[_]+head_[A-Za-z0-9_]+_dll|[A-Za-z0-9_]+_dll_iname'
+
+      if $LD --help 2>&1 | $GREP 'auto-import' > /dev/null; then
+        archive_cmds='$CC -shared $libobjs $deplibs $compiler_flags -o $output_objdir/$soname ${wl}--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib'
+	# If the export-symbols file already is a .def file (1st line
+	# is EXPORTS), use it as is; otherwise, prepend...
+	archive_expsym_cmds='if test "x`$SED 1q $export_symbols`" = xEXPORTS; then
+	  cp $export_symbols $output_objdir/$soname.def;
+	else
+	  echo EXPORTS > $output_objdir/$soname.def;
+	  cat $export_symbols >> $output_objdir/$soname.def;
+	fi~
+	$CC -shared $output_objdir/$soname.def $libobjs $deplibs $compiler_flags -o $output_objdir/$soname ${wl}--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib'
+      else
+	ld_shlibs=no
+      fi
+      ;;
+
+    haiku*)
+      archive_cmds='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
+      link_all_deplibs=yes
+      ;;
+
+    interix[3-9]*)
+      hardcode_direct=no
+      hardcode_shlibpath_var=no
+      hardcode_libdir_flag_spec='${wl}-rpath,$libdir'
+      export_dynamic_flag_spec='${wl}-E'
+      # Hack: On Interix 3.x, we cannot compile PIC because of a broken gcc.
+      # Instead, shared libraries are loaded at an image base (0x10000000 by
+      # default) and relocated if they conflict, which is a slow very memory
+      # consuming and fragmenting process.  To avoid this, we pick a random,
+      # 256 KiB-aligned image base between 0x50000000 and 0x6FFC0000 at link
+      # time.  Moving up from 0x10000000 also allows more sbrk(2) space.
+      archive_cmds='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-h,$soname ${wl}--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib'
+      archive_expsym_cmds='sed "s,^,_," $export_symbols >$output_objdir/$soname.expsym~$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-h,$soname ${wl}--retain-symbols-file,$output_objdir/$soname.expsym ${wl}--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib'
+      ;;
+
+    gnu* | linux* | tpf* | k*bsd*-gnu | kopensolaris*-gnu)
+      tmp_diet=no
+      if test "$host_os" = linux-dietlibc; then
+	case $cc_basename in
+	  diet\ *) tmp_diet=yes;;	# linux-dietlibc with static linking (!diet-dyn)
+	esac
+      fi
+      if $LD --help 2>&1 | $EGREP ': supported targets:.* elf' > /dev/null \
+	 && test "$tmp_diet" = no
+      then
+	tmp_addflag=' $pic_flag'
+	tmp_sharedflag='-shared'
+	case $cc_basename,$host_cpu in
+        pgcc*)				# Portland Group C compiler
+	  whole_archive_flag_spec='${wl}--whole-archive`for conv in $convenience\"\"; do test  -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; func_echo_all \"$new_convenience\"` ${wl}--no-whole-archive'
+	  tmp_addflag=' $pic_flag'
+	  ;;
+	pgf77* | pgf90* | pgf95* | pgfortran*)
+					# Portland Group f77 and f90 compilers
+	  whole_archive_flag_spec='${wl}--whole-archive`for conv in $convenience\"\"; do test  -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; func_echo_all \"$new_convenience\"` ${wl}--no-whole-archive'
+	  tmp_addflag=' $pic_flag -Mnomain' ;;
+	ecc*,ia64* | icc*,ia64*)	# Intel C compiler on ia64
+	  tmp_addflag=' -i_dynamic' ;;
+	efc*,ia64* | ifort*,ia64*)	# Intel Fortran compiler on ia64
+	  tmp_addflag=' -i_dynamic -nofor_main' ;;
+	ifc* | ifort*)			# Intel Fortran compiler
+	  tmp_addflag=' -nofor_main' ;;
+	lf95*)				# Lahey Fortran 8.1
+	  whole_archive_flag_spec=
+	  tmp_sharedflag='--shared' ;;
+	xl[cC]* | bgxl[cC]* | mpixl[cC]*) # IBM XL C 8.0 on PPC (deal with xlf below)
+	  tmp_sharedflag='-qmkshrobj'
+	  tmp_addflag= ;;
+	nvcc*)	# Cuda Compiler Driver 2.2
+	  whole_archive_flag_spec='${wl}--whole-archive`for conv in $convenience\"\"; do test  -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; func_echo_all \"$new_convenience\"` ${wl}--no-whole-archive'
+	  compiler_needs_object=yes
+	  ;;
+	esac
+	case `$CC -V 2>&1 | sed 5q` in
+	*Sun\ C*)			# Sun C 5.9
+	  whole_archive_flag_spec='${wl}--whole-archive`new_convenience=; for conv in $convenience\"\"; do test -z \"$conv\" || new_convenience=\"$new_convenience,$conv\"; done; func_echo_all \"$new_convenience\"` ${wl}--no-whole-archive'
+	  compiler_needs_object=yes
+	  tmp_sharedflag='-G' ;;
+	*Sun\ F*)			# Sun Fortran 8.3
+	  tmp_sharedflag='-G' ;;
+	esac
+	archive_cmds='$CC '"$tmp_sharedflag""$tmp_addflag"' $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
+
+        if test "x$supports_anon_versioning" = xyes; then
+          archive_expsym_cmds='echo "{ global:" > $output_objdir/$libname.ver~
+	    cat $export_symbols | sed -e "s/\(.*\)/\1;/" >> $output_objdir/$libname.ver~
+	    echo "local: *; };" >> $output_objdir/$libname.ver~
+	    $CC '"$tmp_sharedflag""$tmp_addflag"' $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-version-script ${wl}$output_objdir/$libname.ver -o $lib'
+        fi
+
+	case $cc_basename in
+	xlf* | bgf* | bgxlf* | mpixlf*)
+	  # IBM XL Fortran 10.1 on PPC cannot create shared libs itself
+	  whole_archive_flag_spec='--whole-archive$convenience --no-whole-archive'
+	  hardcode_libdir_flag_spec='${wl}-rpath ${wl}$libdir'
+	  archive_cmds='$LD -shared $libobjs $deplibs $linker_flags -soname $soname -o $lib'
+	  if test "x$supports_anon_versioning" = xyes; then
+	    archive_expsym_cmds='echo "{ global:" > $output_objdir/$libname.ver~
+	      cat $export_symbols | sed -e "s/\(.*\)/\1;/" >> $output_objdir/$libname.ver~
+	      echo "local: *; };" >> $output_objdir/$libname.ver~
+	      $LD -shared $libobjs $deplibs $linker_flags -soname $soname -version-script $output_objdir/$libname.ver -o $lib'
+	  fi
+	  ;;
+	esac
+      else
+        ld_shlibs=no
+      fi
+      ;;
+
+    netbsd*)
+      if echo __ELF__ | $CC -E - | $GREP __ELF__ >/dev/null; then
+	archive_cmds='$LD -Bshareable $libobjs $deplibs $linker_flags -o $lib'
+	wlarc=
+      else
+	archive_cmds='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
+	archive_expsym_cmds='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib'
+      fi
+      ;;
+
+    solaris*)
+      if $LD -v 2>&1 | $GREP 'BFD 2\.8' > /dev/null; then
+	ld_shlibs=no
+	cat <<_LT_EOF 1>&2
+
+*** Warning: The releases 2.8.* of the GNU linker cannot reliably
+*** create shared libraries on Solaris systems.  Therefore, libtool
+*** is disabling shared libraries support.  We urge you to upgrade GNU
+*** binutils to release 2.9.1 or newer.  Another option is to modify
+*** your PATH or compiler configuration so that the native linker is
+*** used, and then restart.
+
+_LT_EOF
+      elif $LD --help 2>&1 | $GREP ': supported targets:.* elf' > /dev/null; then
+	archive_cmds='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
+	archive_expsym_cmds='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib'
+      else
+	ld_shlibs=no
+      fi
+      ;;
+
+    sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX*)
+      case `$LD -v 2>&1` in
+        *\ [01].* | *\ 2.[0-9].* | *\ 2.1[0-5].*)
+	ld_shlibs=no
+	cat <<_LT_EOF 1>&2
+
+*** Warning: Releases of the GNU linker prior to 2.16.91.0.3 can not
+*** reliably create shared libraries on SCO systems.  Therefore, libtool
+*** is disabling shared libraries support.  We urge you to upgrade GNU
+*** binutils to release 2.16.91.0.3 or newer.  Another option is to modify
+*** your PATH or compiler configuration so that the native linker is
+*** used, and then restart.
+
+_LT_EOF
+	;;
+	*)
+	  # For security reasons, it is highly recommended that you always
+	  # use absolute paths for naming shared libraries, and exclude the
+	  # DT_RUNPATH tag from executables and libraries.  But doing so
+	  # requires that you compile everything twice, which is a pain.
+	  if $LD --help 2>&1 | $GREP ': supported targets:.* elf' > /dev/null; then
+	    hardcode_libdir_flag_spec='${wl}-rpath ${wl}$libdir'
+	    archive_cmds='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
+	    archive_expsym_cmds='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib'
+	  else
+	    ld_shlibs=no
+	  fi
+	;;
+      esac
+      ;;
+
+    sunos4*)
+      archive_cmds='$LD -assert pure-text -Bshareable -o $lib $libobjs $deplibs $linker_flags'
+      wlarc=
+      hardcode_direct=yes
+      hardcode_shlibpath_var=no
+      ;;
+
+    *)
+      if $LD --help 2>&1 | $GREP ': supported targets:.* elf' > /dev/null; then
+	archive_cmds='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
+	archive_expsym_cmds='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib'
+      else
+	ld_shlibs=no
+      fi
+      ;;
+    esac
+
+    if test "$ld_shlibs" = no; then
+      runpath_var=
+      hardcode_libdir_flag_spec=
+      export_dynamic_flag_spec=
+      whole_archive_flag_spec=
+    fi
+  else
+    # PORTME fill in a description of your system's linker (not GNU ld)
+    case $host_os in
+    aix3*)
+      allow_undefined_flag=unsupported
+      always_export_symbols=yes
+      archive_expsym_cmds='$LD -o $output_objdir/$soname $libobjs $deplibs $linker_flags -bE:$export_symbols -T512 -H512 -bM:SRE~$AR $AR_FLAGS $lib $output_objdir/$soname'
+      # Note: this linker hardcodes the directories in LIBPATH if there
+      # are no directories specified by -L.
+      hardcode_minus_L=yes
+      if test "$GCC" = yes && test -z "$lt_prog_compiler_static"; then
+	# Neither direct hardcoding nor static linking is supported with a
+	# broken collect2.
+	hardcode_direct=unsupported
+      fi
+      ;;
+
+    aix[4-9]*)
+      if test "$host_cpu" = ia64; then
+	# On IA64, the linker does run time linking by default, so we don't
+	# have to do anything special.
+	aix_use_runtimelinking=no
+	exp_sym_flag='-Bexport'
+	no_entry_flag=""
+      else
+	# If we're using GNU nm, then we don't want the "-C" option.
+	# -C means demangle to AIX nm, but means don't demangle with GNU nm
+	# Also, AIX nm treats weak defined symbols like other global
+	# defined symbols, whereas GNU nm marks them as "W".
+	if $NM -V 2>&1 | $GREP 'GNU' > /dev/null; then
+	  export_symbols_cmds='$NM -Bpg $libobjs $convenience | awk '\''{ if (((\$ 2 == "T") || (\$ 2 == "D") || (\$ 2 == "B") || (\$ 2 == "W")) && (substr(\$ 3,1,1) != ".")) { print \$ 3 } }'\'' | sort -u > $export_symbols'
+	else
+	  export_symbols_cmds='$NM -BCpg $libobjs $convenience | awk '\''{ if (((\$ 2 == "T") || (\$ 2 == "D") || (\$ 2 == "B")) && (substr(\$ 3,1,1) != ".")) { print \$ 3 } }'\'' | sort -u > $export_symbols'
+	fi
+	aix_use_runtimelinking=no
+
+	# Test if we are trying to use run time linking or normal
+	# AIX style linking. If -brtl is somewhere in LDFLAGS, we
+	# need to do runtime linking.
+	case $host_os in aix4.[23]|aix4.[23].*|aix[5-9]*)
+	  for ld_flag in $LDFLAGS; do
+	  if (test $ld_flag = "-brtl" || test $ld_flag = "-Wl,-brtl"); then
+	    aix_use_runtimelinking=yes
+	    break
+	  fi
+	  done
+	  ;;
+	esac
+
+	exp_sym_flag='-bexport'
+	no_entry_flag='-bnoentry'
+      fi
+
+      # When large executables or shared objects are built, AIX ld can
+      # have problems creating the table of contents.  If linking a library
+      # or program results in "error TOC overflow" add -mminimal-toc to
+      # CXXFLAGS/CFLAGS for g++/gcc.  In the cases where that is not
+      # enough to fix the problem, add -Wl,-bbigtoc to LDFLAGS.
+
+      archive_cmds=''
+      hardcode_direct=yes
+      hardcode_direct_absolute=yes
+      hardcode_libdir_separator=':'
+      link_all_deplibs=yes
+      file_list_spec='${wl}-f,'
+
+      if test "$GCC" = yes; then
+	case $host_os in aix4.[012]|aix4.[012].*)
+	# We only want to do this on AIX 4.2 and lower, the check
+	# below for broken collect2 doesn't work under 4.3+
+	  collect2name=`${CC} -print-prog-name=collect2`
+	  if test -f "$collect2name" &&
+	   strings "$collect2name" | $GREP resolve_lib_name >/dev/null
+	  then
+	  # We have reworked collect2
+	  :
+	  else
+	  # We have old collect2
+	  hardcode_direct=unsupported
+	  # It fails to find uninstalled libraries when the uninstalled
+	  # path is not listed in the libpath.  Setting hardcode_minus_L
+	  # to unsupported forces relinking
+	  hardcode_minus_L=yes
+	  hardcode_libdir_flag_spec='-L$libdir'
+	  hardcode_libdir_separator=
+	  fi
+	  ;;
+	esac
+	shared_flag='-shared'
+	if test "$aix_use_runtimelinking" = yes; then
+	  shared_flag="$shared_flag "'${wl}-G'
+	fi
+      else
+	# not using gcc
+	if test "$host_cpu" = ia64; then
+	# VisualAge C++, Version 5.5 for AIX 5L for IA-64, Beta 3 Release
+	# chokes on -Wl,-G. The following line is correct:
+	  shared_flag='-G'
+	else
+	  if test "$aix_use_runtimelinking" = yes; then
+	    shared_flag='${wl}-G'
+	  else
+	    shared_flag='${wl}-bM:SRE'
+	  fi
+	fi
+      fi
+
+      export_dynamic_flag_spec='${wl}-bexpall'
+      # It seems that -bexpall does not export symbols beginning with
+      # underscore (_), so it is better to generate a list of symbols to export.
+      always_export_symbols=yes
+      if test "$aix_use_runtimelinking" = yes; then
+	# Warning - without using the other runtime loading flags (-brtl),
+	# -berok will link without error, but may produce a broken library.
+	allow_undefined_flag='-berok'
+        # Determine the default libpath from the value encoded in an
+        # empty executable.
+        if test "${lt_cv_aix_libpath+set}" = set; then
+  aix_libpath=$lt_cv_aix_libpath
+else
+  if ${lt_cv_aix_libpath_+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_link "$LINENO"; then :
+
+  lt_aix_libpath_sed='
+      /Import File Strings/,/^$/ {
+	  /^0/ {
+	      s/^0  *\([^ ]*\) *$/\1/
+	      p
+	  }
+      }'
+  lt_cv_aix_libpath_=`dump -H conftest$ac_exeext 2>/dev/null | $SED -n -e "$lt_aix_libpath_sed"`
+  # Check for a 64-bit object if we didn't find anything.
+  if test -z "$lt_cv_aix_libpath_"; then
+    lt_cv_aix_libpath_=`dump -HX64 conftest$ac_exeext 2>/dev/null | $SED -n -e "$lt_aix_libpath_sed"`
+  fi
+fi
+rm -f core conftest.err conftest.$ac_objext \
+    conftest$ac_exeext conftest.$ac_ext
+  if test -z "$lt_cv_aix_libpath_"; then
+    lt_cv_aix_libpath_="/usr/lib:/lib"
+  fi
+
+fi
+
+  aix_libpath=$lt_cv_aix_libpath_
+fi
+
+        hardcode_libdir_flag_spec='${wl}-blibpath:$libdir:'"$aix_libpath"
+        archive_expsym_cmds='$CC -o $output_objdir/$soname $libobjs $deplibs '"\${wl}$no_entry_flag"' $compiler_flags `if test "x${allow_undefined_flag}" != "x"; then func_echo_all "${wl}${allow_undefined_flag}"; else :; fi` '"\${wl}$exp_sym_flag:\$export_symbols $shared_flag"
+      else
+	if test "$host_cpu" = ia64; then
+	  hardcode_libdir_flag_spec='${wl}-R $libdir:/usr/lib:/lib'
+	  allow_undefined_flag="-z nodefs"
+	  archive_expsym_cmds="\$CC $shared_flag"' -o $output_objdir/$soname $libobjs $deplibs '"\${wl}$no_entry_flag"' $compiler_flags ${wl}${allow_undefined_flag} '"\${wl}$exp_sym_flag:\$export_symbols"
+	else
+	 # Determine the default libpath from the value encoded in an
+	 # empty executable.
+	 if test "${lt_cv_aix_libpath+set}" = set; then
+  aix_libpath=$lt_cv_aix_libpath
+else
+  if ${lt_cv_aix_libpath_+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_link "$LINENO"; then :
+
+  lt_aix_libpath_sed='
+      /Import File Strings/,/^$/ {
+	  /^0/ {
+	      s/^0  *\([^ ]*\) *$/\1/
+	      p
+	  }
+      }'
+  lt_cv_aix_libpath_=`dump -H conftest$ac_exeext 2>/dev/null | $SED -n -e "$lt_aix_libpath_sed"`
+  # Check for a 64-bit object if we didn't find anything.
+  if test -z "$lt_cv_aix_libpath_"; then
+    lt_cv_aix_libpath_=`dump -HX64 conftest$ac_exeext 2>/dev/null | $SED -n -e "$lt_aix_libpath_sed"`
+  fi
+fi
+rm -f core conftest.err conftest.$ac_objext \
+    conftest$ac_exeext conftest.$ac_ext
+  if test -z "$lt_cv_aix_libpath_"; then
+    lt_cv_aix_libpath_="/usr/lib:/lib"
+  fi
+
+fi
+
+  aix_libpath=$lt_cv_aix_libpath_
+fi
+
+	 hardcode_libdir_flag_spec='${wl}-blibpath:$libdir:'"$aix_libpath"
+	  # Warning - without using the other run time loading flags,
+	  # -berok will link without error, but may produce a broken library.
+	  no_undefined_flag=' ${wl}-bernotok'
+	  allow_undefined_flag=' ${wl}-berok'
+	  if test "$with_gnu_ld" = yes; then
+	    # We only use this code for GNU lds that support --whole-archive.
+	    whole_archive_flag_spec='${wl}--whole-archive$convenience ${wl}--no-whole-archive'
+	  else
+	    # Exported symbols can be pulled into shared objects from archives
+	    whole_archive_flag_spec='$convenience'
+	  fi
+	  archive_cmds_need_lc=yes
+	  # This is similar to how AIX traditionally builds its shared libraries.
+	  archive_expsym_cmds="\$CC $shared_flag"' -o $output_objdir/$soname $libobjs $deplibs ${wl}-bnoentry $compiler_flags ${wl}-bE:$export_symbols${allow_undefined_flag}~$AR $AR_FLAGS $output_objdir/$libname$release.a $output_objdir/$soname'
+	fi
+      fi
+      ;;
+
+    amigaos*)
+      case $host_cpu in
+      powerpc)
+            # see comment about AmigaOS4 .so support
+            archive_cmds='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
+            archive_expsym_cmds=''
+        ;;
+      m68k)
+            archive_cmds='$RM $output_objdir/a2ixlibrary.data~$ECHO "#define NAME $libname" > $output_objdir/a2ixlibrary.data~$ECHO "#define LIBRARY_ID 1" >> $output_objdir/a2ixlibrary.data~$ECHO "#define VERSION $major" >> $output_objdir/a2ixlibrary.data~$ECHO "#define REVISION $revision" >> $output_objdir/a2ixlibrary.data~$AR $AR_FLAGS $lib $libobjs~$RANLIB $lib~(cd $output_objdir && a2ixlibrary -32)'
+            hardcode_libdir_flag_spec='-L$libdir'
+            hardcode_minus_L=yes
+        ;;
+      esac
+      ;;
+
+    bsdi[45]*)
+      export_dynamic_flag_spec=-rdynamic
+      ;;
+
+    cygwin* | mingw* | pw32* | cegcc*)
+      # When not using gcc, we currently assume that we are using
+      # Microsoft Visual C++.
+      # hardcode_libdir_flag_spec is actually meaningless, as there is
+      # no search path for DLLs.
+      case $cc_basename in
+      cl*)
+	# Native MSVC
+	hardcode_libdir_flag_spec=' '
+	allow_undefined_flag=unsupported
+	always_export_symbols=yes
+	file_list_spec='@'
+	# Tell ltmain to make .lib files, not .a files.
+	libext=lib
+	# Tell ltmain to make .dll files, not .so files.
+	shrext_cmds=".dll"
+	# FIXME: Setting linknames here is a bad hack.
+	archive_cmds='$CC -o $output_objdir/$soname $libobjs $compiler_flags $deplibs -Wl,-dll~linknames='
+	archive_expsym_cmds='if test "x`$SED 1q $export_symbols`" = xEXPORTS; then
+	    sed -n -e 's/\\\\\\\(.*\\\\\\\)/-link\\\ -EXPORT:\\\\\\\1/' -e '1\\\!p' < $export_symbols > $output_objdir/$soname.exp;
+	  else
+	    sed -e 's/\\\\\\\(.*\\\\\\\)/-link\\\ -EXPORT:\\\\\\\1/' < $export_symbols > $output_objdir/$soname.exp;
+	  fi~
+	  $CC -o $tool_output_objdir$soname $libobjs $compiler_flags $deplibs "@$tool_output_objdir$soname.exp" -Wl,-DLL,-IMPLIB:"$tool_output_objdir$libname.dll.lib"~
+	  linknames='
+	# The linker will not automatically build a static lib if we build a DLL.
+	# _LT_TAGVAR(old_archive_from_new_cmds, )='true'
+	enable_shared_with_static_runtimes=yes
+	exclude_expsyms='_NULL_IMPORT_DESCRIPTOR|_IMPORT_DESCRIPTOR_.*'
+	export_symbols_cmds='$NM $libobjs $convenience | $global_symbol_pipe | $SED -e '\''/^[BCDGRS][ ]/s/.*[ ]\([^ ]*\)/\1,DATA/'\'' | $SED -e '\''/^[AITW][ ]/s/.*[ ]//'\'' | sort | uniq > $export_symbols'
+	# Don't use ranlib
+	old_postinstall_cmds='chmod 644 $oldlib'
+	postlink_cmds='lt_outputfile="@OUTPUT@"~
+	  lt_tool_outputfile="@TOOL_OUTPUT@"~
+	  case $lt_outputfile in
+	    *.exe|*.EXE) ;;
+	    *)
+	      lt_outputfile="$lt_outputfile.exe"
+	      lt_tool_outputfile="$lt_tool_outputfile.exe"
+	      ;;
+	  esac~
+	  if test "$MANIFEST_TOOL" != ":" && test -f "$lt_outputfile.manifest"; then
+	    $MANIFEST_TOOL -manifest "$lt_tool_outputfile.manifest" -outputresource:"$lt_tool_outputfile" || exit 1;
+	    $RM "$lt_outputfile.manifest";
+	  fi'
+	;;
+      *)
+	# Assume MSVC wrapper
+	hardcode_libdir_flag_spec=' '
+	allow_undefined_flag=unsupported
+	# Tell ltmain to make .lib files, not .a files.
+	libext=lib
+	# Tell ltmain to make .dll files, not .so files.
+	shrext_cmds=".dll"
+	# FIXME: Setting linknames here is a bad hack.
+	archive_cmds='$CC -o $lib $libobjs $compiler_flags `func_echo_all "$deplibs" | $SED '\''s/ -lc$//'\''` -link -dll~linknames='
+	# The linker will automatically build a .lib file if we build a DLL.
+	old_archive_from_new_cmds='true'
+	# FIXME: Should let the user specify the lib program.
+	old_archive_cmds='lib -OUT:$oldlib$oldobjs$old_deplibs'
+	enable_shared_with_static_runtimes=yes
+	;;
+      esac
+      ;;
+
+    darwin* | rhapsody*)
+
+
+  archive_cmds_need_lc=no
+  hardcode_direct=no
+  hardcode_automatic=yes
+  hardcode_shlibpath_var=unsupported
+  if test "$lt_cv_ld_force_load" = "yes"; then
+    whole_archive_flag_spec='`for conv in $convenience\"\"; do test  -n \"$conv\" && new_convenience=\"$new_convenience ${wl}-force_load,$conv\"; done; func_echo_all \"$new_convenience\"`'
+
+  else
+    whole_archive_flag_spec=''
+  fi
+  link_all_deplibs=yes
+  allow_undefined_flag="$_lt_dar_allow_undefined"
+  case $cc_basename in
+     ifort*) _lt_dar_can_shared=yes ;;
+     *) _lt_dar_can_shared=$GCC ;;
+  esac
+  if test "$_lt_dar_can_shared" = "yes"; then
+    output_verbose_link_cmd=func_echo_all
+    archive_cmds="\$CC -dynamiclib \$allow_undefined_flag -o \$lib \$libobjs \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring $_lt_dar_single_mod${_lt_dsymutil}"
+    module_cmds="\$CC \$allow_undefined_flag -o \$lib -bundle \$libobjs \$deplibs \$compiler_flags${_lt_dsymutil}"
+    archive_expsym_cmds="sed 's,^,_,' < \$export_symbols > \$output_objdir/\${libname}-symbols.expsym~\$CC -dynamiclib \$allow_undefined_flag -o \$lib \$libobjs \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring ${_lt_dar_single_mod}${_lt_dar_export_syms}${_lt_dsymutil}"
+    module_expsym_cmds="sed -e 's,^,_,' < \$export_symbols > \$output_objdir/\${libname}-symbols.expsym~\$CC \$allow_undefined_flag -o \$lib -bundle \$libobjs \$deplibs \$compiler_flags${_lt_dar_export_syms}${_lt_dsymutil}"
+
+  else
+  ld_shlibs=no
+  fi
+
+      ;;
+
+    dgux*)
+      archive_cmds='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags'
+      hardcode_libdir_flag_spec='-L$libdir'
+      hardcode_shlibpath_var=no
+      ;;
+
+    # FreeBSD 2.2.[012] allows us to include c++rt0.o to get C++ constructor
+    # support.  Future versions do this automatically, but an explicit c++rt0.o
+    # does not break anything, and helps significantly (at the cost of a little
+    # extra space).
+    freebsd2.2*)
+      archive_cmds='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags /usr/lib/c++rt0.o'
+      hardcode_libdir_flag_spec='-R$libdir'
+      hardcode_direct=yes
+      hardcode_shlibpath_var=no
+      ;;
+
+    # Unfortunately, older versions of FreeBSD 2 do not have this feature.
+    freebsd2.*)
+      archive_cmds='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags'
+      hardcode_direct=yes
+      hardcode_minus_L=yes
+      hardcode_shlibpath_var=no
+      ;;
+
+    # FreeBSD 3 and greater uses gcc -shared to do shared libraries.
+    freebsd* | dragonfly*)
+      archive_cmds='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags'
+      hardcode_libdir_flag_spec='-R$libdir'
+      hardcode_direct=yes
+      hardcode_shlibpath_var=no
+      ;;
+
+    hpux9*)
+      if test "$GCC" = yes; then
+	archive_cmds='$RM $output_objdir/$soname~$CC -shared $pic_flag ${wl}+b ${wl}$install_libdir -o $output_objdir/$soname $libobjs $deplibs $compiler_flags~test $output_objdir/$soname = $lib || mv $output_objdir/$soname $lib'
+      else
+	archive_cmds='$RM $output_objdir/$soname~$LD -b +b $install_libdir -o $output_objdir/$soname $libobjs $deplibs $linker_flags~test $output_objdir/$soname = $lib || mv $output_objdir/$soname $lib'
+      fi
+      hardcode_libdir_flag_spec='${wl}+b ${wl}$libdir'
+      hardcode_libdir_separator=:
+      hardcode_direct=yes
+
+      # hardcode_minus_L: Not really in the search PATH,
+      # but as the default location of the library.
+      hardcode_minus_L=yes
+      export_dynamic_flag_spec='${wl}-E'
+      ;;
+
+    hpux10*)
+      if test "$GCC" = yes && test "$with_gnu_ld" = no; then
+	archive_cmds='$CC -shared $pic_flag ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags'
+      else
+	archive_cmds='$LD -b +h $soname +b $install_libdir -o $lib $libobjs $deplibs $linker_flags'
+      fi
+      if test "$with_gnu_ld" = no; then
+	hardcode_libdir_flag_spec='${wl}+b ${wl}$libdir'
+	hardcode_libdir_separator=:
+	hardcode_direct=yes
+	hardcode_direct_absolute=yes
+	export_dynamic_flag_spec='${wl}-E'
+	# hardcode_minus_L: Not really in the search PATH,
+	# but as the default location of the library.
+	hardcode_minus_L=yes
+      fi
+      ;;
+
+    hpux11*)
+      if test "$GCC" = yes && test "$with_gnu_ld" = no; then
+	case $host_cpu in
+	hppa*64*)
+	  archive_cmds='$CC -shared ${wl}+h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags'
+	  ;;
+	ia64*)
+	  archive_cmds='$CC -shared $pic_flag ${wl}+h ${wl}$soname ${wl}+nodefaultrpath -o $lib $libobjs $deplibs $compiler_flags'
+	  ;;
+	*)
+	  archive_cmds='$CC -shared $pic_flag ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags'
+	  ;;
+	esac
+      else
+	case $host_cpu in
+	hppa*64*)
+	  archive_cmds='$CC -b ${wl}+h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags'
+	  ;;
+	ia64*)
+	  archive_cmds='$CC -b ${wl}+h ${wl}$soname ${wl}+nodefaultrpath -o $lib $libobjs $deplibs $compiler_flags'
+	  ;;
+	*)
+
+	  # Older versions of the 11.00 compiler do not understand -b yet
+	  # (HP92453-01 A.11.01.20 doesn't, HP92453-01 B.11.X.35175-35176.GP does)
+	  { $as_echo "$as_me:${as_lineno-$LINENO}: checking if $CC understands -b" >&5
+$as_echo_n "checking if $CC understands -b... " >&6; }
+if ${lt_cv_prog_compiler__b+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  lt_cv_prog_compiler__b=no
+   save_LDFLAGS="$LDFLAGS"
+   LDFLAGS="$LDFLAGS -b"
+   echo "$lt_simple_link_test_code" > conftest.$ac_ext
+   if (eval $ac_link 2>conftest.err) && test -s conftest$ac_exeext; then
+     # The linker can only warn and ignore the option if not recognized
+     # So say no if there are warnings
+     if test -s conftest.err; then
+       # Append any errors to the config.log.
+       cat conftest.err 1>&5
+       $ECHO "$_lt_linker_boilerplate" | $SED '/^$/d' > conftest.exp
+       $SED '/^$/d; /^ *+/d' conftest.err >conftest.er2
+       if diff conftest.exp conftest.er2 >/dev/null; then
+         lt_cv_prog_compiler__b=yes
+       fi
+     else
+       lt_cv_prog_compiler__b=yes
+     fi
+   fi
+   $RM -r conftest*
+   LDFLAGS="$save_LDFLAGS"
+
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_compiler__b" >&5
+$as_echo "$lt_cv_prog_compiler__b" >&6; }
+
+if test x"$lt_cv_prog_compiler__b" = xyes; then
+    archive_cmds='$CC -b ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags'
+else
+    archive_cmds='$LD -b +h $soname +b $install_libdir -o $lib $libobjs $deplibs $linker_flags'
+fi
+
+	  ;;
+	esac
+      fi
+      if test "$with_gnu_ld" = no; then
+	hardcode_libdir_flag_spec='${wl}+b ${wl}$libdir'
+	hardcode_libdir_separator=:
+
+	case $host_cpu in
+	hppa*64*|ia64*)
+	  hardcode_direct=no
+	  hardcode_shlibpath_var=no
+	  ;;
+	*)
+	  hardcode_direct=yes
+	  hardcode_direct_absolute=yes
+	  export_dynamic_flag_spec='${wl}-E'
+
+	  # hardcode_minus_L: Not really in the search PATH,
+	  # but as the default location of the library.
+	  hardcode_minus_L=yes
+	  ;;
+	esac
+      fi
+      ;;
+
+    irix5* | irix6* | nonstopux*)
+      if test "$GCC" = yes; then
+	archive_cmds='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib'
+	# Try to use the -exported_symbol ld option, if it does not
+	# work, assume that -exports_file does not work either and
+	# implicitly export all symbols.
+	# This should be the same for all languages, so no per-tag cache variable.
+	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the $host_os linker accepts -exported_symbol" >&5
+$as_echo_n "checking whether the $host_os linker accepts -exported_symbol... " >&6; }
+if ${lt_cv_irix_exported_symbol+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  save_LDFLAGS="$LDFLAGS"
+	   LDFLAGS="$LDFLAGS -shared ${wl}-exported_symbol ${wl}foo ${wl}-update_registry ${wl}/dev/null"
+	   cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+int foo (void) { return 0; }
+_ACEOF
+if ac_fn_c_try_link "$LINENO"; then :
+  lt_cv_irix_exported_symbol=yes
+else
+  lt_cv_irix_exported_symbol=no
+fi
+rm -f core conftest.err conftest.$ac_objext \
+    conftest$ac_exeext conftest.$ac_ext
+           LDFLAGS="$save_LDFLAGS"
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_irix_exported_symbol" >&5
+$as_echo "$lt_cv_irix_exported_symbol" >&6; }
+	if test "$lt_cv_irix_exported_symbol" = yes; then
+          archive_expsym_cmds='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` ${wl}-update_registry ${wl}${output_objdir}/so_locations ${wl}-exports_file ${wl}$export_symbols -o $lib'
+	fi
+      else
+	archive_cmds='$CC -shared $libobjs $deplibs $compiler_flags -soname $soname `test -n "$verstring" && func_echo_all "-set_version $verstring"` -update_registry ${output_objdir}/so_locations -o $lib'
+	archive_expsym_cmds='$CC -shared $libobjs $deplibs $compiler_flags -soname $soname `test -n "$verstring" && func_echo_all "-set_version $verstring"` -update_registry ${output_objdir}/so_locations -exports_file $export_symbols -o $lib'
+      fi
+      archive_cmds_need_lc='no'
+      hardcode_libdir_flag_spec='${wl}-rpath ${wl}$libdir'
+      hardcode_libdir_separator=:
+      inherit_rpath=yes
+      link_all_deplibs=yes
+      ;;
+
+    netbsd*)
+      if echo __ELF__ | $CC -E - | $GREP __ELF__ >/dev/null; then
+	archive_cmds='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags'  # a.out
+      else
+	archive_cmds='$LD -shared -o $lib $libobjs $deplibs $linker_flags'      # ELF
+      fi
+      hardcode_libdir_flag_spec='-R$libdir'
+      hardcode_direct=yes
+      hardcode_shlibpath_var=no
+      ;;
+
+    newsos6)
+      archive_cmds='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags'
+      hardcode_direct=yes
+      hardcode_libdir_flag_spec='${wl}-rpath ${wl}$libdir'
+      hardcode_libdir_separator=:
+      hardcode_shlibpath_var=no
+      ;;
+
+    *nto* | *qnx*)
+      ;;
+
+    openbsd*)
+      if test -f /usr/libexec/ld.so; then
+	hardcode_direct=yes
+	hardcode_shlibpath_var=no
+	hardcode_direct_absolute=yes
+	if test -z "`echo __ELF__ | $CC -E - | $GREP __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then
+	  archive_cmds='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags'
+	  archive_expsym_cmds='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags ${wl}-retain-symbols-file,$export_symbols'
+	  hardcode_libdir_flag_spec='${wl}-rpath,$libdir'
+	  export_dynamic_flag_spec='${wl}-E'
+	else
+	  case $host_os in
+	   openbsd[01].* | openbsd2.[0-7] | openbsd2.[0-7].*)
+	     archive_cmds='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags'
+	     hardcode_libdir_flag_spec='-R$libdir'
+	     ;;
+	   *)
+	     archive_cmds='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags'
+	     hardcode_libdir_flag_spec='${wl}-rpath,$libdir'
+	     ;;
+	  esac
+	fi
+      else
+	ld_shlibs=no
+      fi
+      ;;
+
+    os2*)
+      hardcode_libdir_flag_spec='-L$libdir'
+      hardcode_minus_L=yes
+      allow_undefined_flag=unsupported
+      archive_cmds='$ECHO "LIBRARY $libname INITINSTANCE" > $output_objdir/$libname.def~$ECHO "DESCRIPTION \"$libname\"" >> $output_objdir/$libname.def~echo DATA >> $output_objdir/$libname.def~echo " SINGLE NONSHARED" >> $output_objdir/$libname.def~echo EXPORTS >> $output_objdir/$libname.def~emxexp $libobjs >> $output_objdir/$libname.def~$CC -Zdll -Zcrtdll -o $lib $libobjs $deplibs $compiler_flags $output_objdir/$libname.def'
+      old_archive_from_new_cmds='emximp -o $output_objdir/$libname.a $output_objdir/$libname.def'
+      ;;
+
+    osf3*)
+      if test "$GCC" = yes; then
+	allow_undefined_flag=' ${wl}-expect_unresolved ${wl}\*'
+	archive_cmds='$CC -shared${allow_undefined_flag} $libobjs $deplibs $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib'
+      else
+	allow_undefined_flag=' -expect_unresolved \*'
+	archive_cmds='$CC -shared${allow_undefined_flag} $libobjs $deplibs $compiler_flags -soname $soname `test -n "$verstring" && func_echo_all "-set_version $verstring"` -update_registry ${output_objdir}/so_locations -o $lib'
+      fi
+      archive_cmds_need_lc='no'
+      hardcode_libdir_flag_spec='${wl}-rpath ${wl}$libdir'
+      hardcode_libdir_separator=:
+      ;;
+
+    osf4* | osf5*)	# as osf3* with the addition of -msym flag
+      if test "$GCC" = yes; then
+	allow_undefined_flag=' ${wl}-expect_unresolved ${wl}\*'
+	archive_cmds='$CC -shared${allow_undefined_flag} $pic_flag $libobjs $deplibs $compiler_flags ${wl}-msym ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib'
+	hardcode_libdir_flag_spec='${wl}-rpath ${wl}$libdir'
+      else
+	allow_undefined_flag=' -expect_unresolved \*'
+	archive_cmds='$CC -shared${allow_undefined_flag} $libobjs $deplibs $compiler_flags -msym -soname $soname `test -n "$verstring" && func_echo_all "-set_version $verstring"` -update_registry ${output_objdir}/so_locations -o $lib'
+	archive_expsym_cmds='for i in `cat $export_symbols`; do printf "%s %s\\n" -exported_symbol "\$i" >> $lib.exp; done; printf "%s\\n" "-hidden">> $lib.exp~
+	$CC -shared${allow_undefined_flag} ${wl}-input ${wl}$lib.exp $compiler_flags $libobjs $deplibs -soname $soname `test -n "$verstring" && $ECHO "-set_version $verstring"` -update_registry ${output_objdir}/so_locations -o $lib~$RM $lib.exp'
+
+	# Both c and cxx compiler support -rpath directly
+	hardcode_libdir_flag_spec='-rpath $libdir'
+      fi
+      archive_cmds_need_lc='no'
+      hardcode_libdir_separator=:
+      ;;
+
+    solaris*)
+      no_undefined_flag=' -z defs'
+      if test "$GCC" = yes; then
+	wlarc='${wl}'
+	archive_cmds='$CC -shared $pic_flag ${wl}-z ${wl}text ${wl}-h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags'
+	archive_expsym_cmds='echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~echo "local: *; };" >> $lib.exp~
+	  $CC -shared $pic_flag ${wl}-z ${wl}text ${wl}-M ${wl}$lib.exp ${wl}-h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags~$RM $lib.exp'
+      else
+	case `$CC -V 2>&1` in
+	*"Compilers 5.0"*)
+	  wlarc=''
+	  archive_cmds='$LD -G${allow_undefined_flag} -h $soname -o $lib $libobjs $deplibs $linker_flags'
+	  archive_expsym_cmds='echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~echo "local: *; };" >> $lib.exp~
+	  $LD -G${allow_undefined_flag} -M $lib.exp -h $soname -o $lib $libobjs $deplibs $linker_flags~$RM $lib.exp'
+	  ;;
+	*)
+	  wlarc='${wl}'
+	  archive_cmds='$CC -G${allow_undefined_flag} -h $soname -o $lib $libobjs $deplibs $compiler_flags'
+	  archive_expsym_cmds='echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~echo "local: *; };" >> $lib.exp~
+	  $CC -G${allow_undefined_flag} -M $lib.exp -h $soname -o $lib $libobjs $deplibs $compiler_flags~$RM $lib.exp'
+	  ;;
+	esac
+      fi
+      hardcode_libdir_flag_spec='-R$libdir'
+      hardcode_shlibpath_var=no
+      case $host_os in
+      solaris2.[0-5] | solaris2.[0-5].*) ;;
+      *)
+	# The compiler driver will combine and reorder linker options,
+	# but understands `-z linker_flag'.  GCC discards it without `$wl',
+	# but is careful enough not to reorder.
+	# Supported since Solaris 2.6 (maybe 2.5.1?)
+	if test "$GCC" = yes; then
+	  whole_archive_flag_spec='${wl}-z ${wl}allextract$convenience ${wl}-z ${wl}defaultextract'
+	else
+	  whole_archive_flag_spec='-z allextract$convenience -z defaultextract'
+	fi
+	;;
+      esac
+      link_all_deplibs=yes
+      ;;
+
+    sunos4*)
+      if test "x$host_vendor" = xsequent; then
+	# Use $CC to link under sequent, because it throws in some extra .o
+	# files that make .init and .fini sections work.
+	archive_cmds='$CC -G ${wl}-h $soname -o $lib $libobjs $deplibs $compiler_flags'
+      else
+	archive_cmds='$LD -assert pure-text -Bstatic -o $lib $libobjs $deplibs $linker_flags'
+      fi
+      hardcode_libdir_flag_spec='-L$libdir'
+      hardcode_direct=yes
+      hardcode_minus_L=yes
+      hardcode_shlibpath_var=no
+      ;;
+
+    sysv4)
+      case $host_vendor in
+	sni)
+	  archive_cmds='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags'
+	  hardcode_direct=yes # is this really true???
+	;;
+	siemens)
+	  ## LD is ld it makes a PLAMLIB
+	  ## CC just makes a GrossModule.
+	  archive_cmds='$LD -G -o $lib $libobjs $deplibs $linker_flags'
+	  reload_cmds='$CC -r -o $output$reload_objs'
+	  hardcode_direct=no
+        ;;
+	motorola)
+	  archive_cmds='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags'
+	  hardcode_direct=no #Motorola manual says yes, but my tests say they lie
+	;;
+      esac
+      runpath_var='LD_RUN_PATH'
+      hardcode_shlibpath_var=no
+      ;;
+
+    sysv4.3*)
+      archive_cmds='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags'
+      hardcode_shlibpath_var=no
+      export_dynamic_flag_spec='-Bexport'
+      ;;
+
+    sysv4*MP*)
+      if test -d /usr/nec; then
+	archive_cmds='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags'
+	hardcode_shlibpath_var=no
+	runpath_var=LD_RUN_PATH
+	hardcode_runpath_var=yes
+	ld_shlibs=yes
+      fi
+      ;;
+
+    sysv4*uw2* | sysv5OpenUNIX* | sysv5UnixWare7.[01].[10]* | unixware7* | sco3.2v5.0.[024]*)
+      no_undefined_flag='${wl}-z,text'
+      archive_cmds_need_lc=no
+      hardcode_shlibpath_var=no
+      runpath_var='LD_RUN_PATH'
+
+      if test "$GCC" = yes; then
+	archive_cmds='$CC -shared ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+	archive_expsym_cmds='$CC -shared ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+      else
+	archive_cmds='$CC -G ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+	archive_expsym_cmds='$CC -G ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+      fi
+      ;;
+
+    sysv5* | sco3.2v5* | sco5v6*)
+      # Note: We can NOT use -z defs as we might desire, because we do not
+      # link with -lc, and that would cause any symbols used from libc to
+      # always be unresolved, which means just about no library would
+      # ever link correctly.  If we're not using GNU ld we use -z text
+      # though, which does catch some bad symbols but isn't as heavy-handed
+      # as -z defs.
+      no_undefined_flag='${wl}-z,text'
+      allow_undefined_flag='${wl}-z,nodefs'
+      archive_cmds_need_lc=no
+      hardcode_shlibpath_var=no
+      hardcode_libdir_flag_spec='${wl}-R,$libdir'
+      hardcode_libdir_separator=':'
+      link_all_deplibs=yes
+      export_dynamic_flag_spec='${wl}-Bexport'
+      runpath_var='LD_RUN_PATH'
+
+      if test "$GCC" = yes; then
+	archive_cmds='$CC -shared ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+	archive_expsym_cmds='$CC -shared ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+      else
+	archive_cmds='$CC -G ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+	archive_expsym_cmds='$CC -G ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+      fi
+      ;;
+
+    uts4*)
+      archive_cmds='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags'
+      hardcode_libdir_flag_spec='-L$libdir'
+      hardcode_shlibpath_var=no
+      ;;
+
+    *)
+      ld_shlibs=no
+      ;;
+    esac
+
+    if test x$host_vendor = xsni; then
+      case $host in
+      sysv4 | sysv4.2uw2* | sysv4.3* | sysv5*)
+	export_dynamic_flag_spec='${wl}-Blargedynsym'
+	;;
+      esac
+    fi
+  fi
+
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ld_shlibs" >&5
+$as_echo "$ld_shlibs" >&6; }
+test "$ld_shlibs" = no && can_build_shared=no
+
+with_gnu_ld=$with_gnu_ld
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+#
+# Do we need to explicitly link libc?
+#
+case "x$archive_cmds_need_lc" in
+x|xyes)
+  # Assume -lc should be added
+  archive_cmds_need_lc=yes
+
+  if test "$enable_shared" = yes && test "$GCC" = yes; then
+    case $archive_cmds in
+    *'~'*)
+      # FIXME: we may have to deal with multi-command sequences.
+      ;;
+    '$CC '*)
+      # Test whether the compiler implicitly links with -lc since on some
+      # systems, -lgcc has to come before -lc. If gcc already passes -lc
+      # to ld, don't add -lc before -lgcc.
+      { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether -lc should be explicitly linked in" >&5
+$as_echo_n "checking whether -lc should be explicitly linked in... " >&6; }
+if ${lt_cv_archive_cmds_need_lc+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  $RM conftest*
+	echo "$lt_simple_compile_test_code" > conftest.$ac_ext
+
+	if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_compile\""; } >&5
+  (eval $ac_compile) 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; } 2>conftest.err; then
+	  soname=conftest
+	  lib=conftest
+	  libobjs=conftest.$ac_objext
+	  deplibs=
+	  wl=$lt_prog_compiler_wl
+	  pic_flag=$lt_prog_compiler_pic
+	  compiler_flags=-v
+	  linker_flags=-v
+	  verstring=
+	  output_objdir=.
+	  libname=conftest
+	  lt_save_allow_undefined_flag=$allow_undefined_flag
+	  allow_undefined_flag=
+	  if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$archive_cmds 2\>\&1 \| $GREP \" -lc \" \>/dev/null 2\>\&1\""; } >&5
+  (eval $archive_cmds 2\>\&1 \| $GREP \" -lc \" \>/dev/null 2\>\&1) 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+	  then
+	    lt_cv_archive_cmds_need_lc=no
+	  else
+	    lt_cv_archive_cmds_need_lc=yes
+	  fi
+	  allow_undefined_flag=$lt_save_allow_undefined_flag
+	else
+	  cat conftest.err 1>&5
+	fi
+	$RM conftest*
+
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_archive_cmds_need_lc" >&5
+$as_echo "$lt_cv_archive_cmds_need_lc" >&6; }
+      archive_cmds_need_lc=$lt_cv_archive_cmds_need_lc
+      ;;
+    esac
+  fi
+  ;;
+esac
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+  { $as_echo "$as_me:${as_lineno-$LINENO}: checking dynamic linker characteristics" >&5
+$as_echo_n "checking dynamic linker characteristics... " >&6; }
+
+if test "$GCC" = yes; then
+  case $host_os in
+    darwin*) lt_awk_arg="/^libraries:/,/LR/" ;;
+    *) lt_awk_arg="/^libraries:/" ;;
+  esac
+  case $host_os in
+    mingw* | cegcc*) lt_sed_strip_eq="s,=\([A-Za-z]:\),\1,g" ;;
+    *) lt_sed_strip_eq="s,=/,/,g" ;;
+  esac
+  lt_search_path_spec=`$CC -print-search-dirs | awk $lt_awk_arg | $SED -e "s/^libraries://" -e $lt_sed_strip_eq`
+  case $lt_search_path_spec in
+  *\;*)
+    # if the path contains ";" then we assume it to be the separator
+    # otherwise default to the standard path separator (i.e. ":") - it is
+    # assumed that no part of a normal pathname contains ";" but that should
+    # okay in the real world where ";" in dirpaths is itself problematic.
+    lt_search_path_spec=`$ECHO "$lt_search_path_spec" | $SED 's/;/ /g'`
+    ;;
+  *)
+    lt_search_path_spec=`$ECHO "$lt_search_path_spec" | $SED "s/$PATH_SEPARATOR/ /g"`
+    ;;
+  esac
+  # Ok, now we have the path, separated by spaces, we can step through it
+  # and add multilib dir if necessary.
+  lt_tmp_lt_search_path_spec=
+  lt_multi_os_dir=`$CC $CPPFLAGS $CFLAGS $LDFLAGS -print-multi-os-directory 2>/dev/null`
+  for lt_sys_path in $lt_search_path_spec; do
+    if test -d "$lt_sys_path/$lt_multi_os_dir"; then
+      lt_tmp_lt_search_path_spec="$lt_tmp_lt_search_path_spec $lt_sys_path/$lt_multi_os_dir"
+    else
+      test -d "$lt_sys_path" && \
+	lt_tmp_lt_search_path_spec="$lt_tmp_lt_search_path_spec $lt_sys_path"
+    fi
+  done
+  lt_search_path_spec=`$ECHO "$lt_tmp_lt_search_path_spec" | awk '
+BEGIN {RS=" "; FS="/|\n";} {
+  lt_foo="";
+  lt_count=0;
+  for (lt_i = NF; lt_i > 0; lt_i--) {
+    if ($lt_i != "" && $lt_i != ".") {
+      if ($lt_i == "..") {
+        lt_count++;
+      } else {
+        if (lt_count == 0) {
+          lt_foo="/" $lt_i lt_foo;
+        } else {
+          lt_count--;
+        }
+      }
+    }
+  }
+  if (lt_foo != "") { lt_freq[lt_foo]++; }
+  if (lt_freq[lt_foo] == 1) { print lt_foo; }
+}'`
+  # AWK program above erroneously prepends '/' to C:/dos/paths
+  # for these hosts.
+  case $host_os in
+    mingw* | cegcc*) lt_search_path_spec=`$ECHO "$lt_search_path_spec" |\
+      $SED 's,/\([A-Za-z]:\),\1,g'` ;;
+  esac
+  sys_lib_search_path_spec=`$ECHO "$lt_search_path_spec" | $lt_NL2SP`
+else
+  sys_lib_search_path_spec="/lib /usr/lib /usr/local/lib"
+fi
+library_names_spec=
+libname_spec='lib$name'
+soname_spec=
+shrext_cmds=".so"
+postinstall_cmds=
+postuninstall_cmds=
+finish_cmds=
+finish_eval=
+shlibpath_var=
+shlibpath_overrides_runpath=unknown
+version_type=none
+dynamic_linker="$host_os ld.so"
+sys_lib_dlsearch_path_spec="/lib /usr/lib"
+need_lib_prefix=unknown
+hardcode_into_libs=no
+
+# when you set need_version to no, make sure it does not cause -set_version
+# flags to be left without arguments
+need_version=unknown
+
+case $host_os in
+aix3*)
+  version_type=linux # correct to gnu/linux during the next big refactor
+  library_names_spec='${libname}${release}${shared_ext}$versuffix $libname.a'
+  shlibpath_var=LIBPATH
+
+  # AIX 3 has no versioning support, so we append a major version to the name.
+  soname_spec='${libname}${release}${shared_ext}$major'
+  ;;
+
+aix[4-9]*)
+  version_type=linux # correct to gnu/linux during the next big refactor
+  need_lib_prefix=no
+  need_version=no
+  hardcode_into_libs=yes
+  if test "$host_cpu" = ia64; then
+    # AIX 5 supports IA64
+    library_names_spec='${libname}${release}${shared_ext}$major ${libname}${release}${shared_ext}$versuffix $libname${shared_ext}'
+    shlibpath_var=LD_LIBRARY_PATH
+  else
+    # With GCC up to 2.95.x, collect2 would create an import file
+    # for dependence libraries.  The import file would start with
+    # the line `#! .'.  This would cause the generated library to
+    # depend on `.', always an invalid library.  This was fixed in
+    # development snapshots of GCC prior to 3.0.
+    case $host_os in
+      aix4 | aix4.[01] | aix4.[01].*)
+      if { echo '#if __GNUC__ > 2 || (__GNUC__ == 2 && __GNUC_MINOR__ >= 97)'
+	   echo ' yes '
+	   echo '#endif'; } | ${CC} -E - | $GREP yes > /dev/null; then
+	:
+      else
+	can_build_shared=no
+      fi
+      ;;
+    esac
+    # AIX (on Power*) has no versioning support, so currently we can not hardcode correct
+    # soname into executable. Probably we can add versioning support to
+    # collect2, so additional links can be useful in future.
+    if test "$aix_use_runtimelinking" = yes; then
+      # If using run time linking (on AIX 4.2 or later) use lib.so
+      # instead of lib.a to let people know that these are not
+      # typical AIX shared libraries.
+      library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+    else
+      # We preserve .a as extension for shared libraries through AIX4.2
+      # and later when we are not doing run time linking.
+      library_names_spec='${libname}${release}.a $libname.a'
+      soname_spec='${libname}${release}${shared_ext}$major'
+    fi
+    shlibpath_var=LIBPATH
+  fi
+  ;;
+
+amigaos*)
+  case $host_cpu in
+  powerpc)
+    # Since July 2007 AmigaOS4 officially supports .so libraries.
+    # When compiling the executable, add -use-dynld -Lsobjs: to the compileline.
+    library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+    ;;
+  m68k)
+    library_names_spec='$libname.ixlibrary $libname.a'
+    # Create ${libname}_ixlibrary.a entries in /sys/libs.
+    finish_eval='for lib in `ls $libdir/*.ixlibrary 2>/dev/null`; do libname=`func_echo_all "$lib" | $SED '\''s%^.*/\([^/]*\)\.ixlibrary$%\1%'\''`; test $RM /sys/libs/${libname}_ixlibrary.a; $show "cd /sys/libs && $LN_S $lib ${libname}_ixlibrary.a"; cd /sys/libs && $LN_S $lib ${libname}_ixlibrary.a || exit 1; done'
+    ;;
+  esac
+  ;;
+
+beos*)
+  library_names_spec='${libname}${shared_ext}'
+  dynamic_linker="$host_os ld.so"
+  shlibpath_var=LIBRARY_PATH
+  ;;
+
+bsdi[45]*)
+  version_type=linux # correct to gnu/linux during the next big refactor
+  need_version=no
+  library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+  soname_spec='${libname}${release}${shared_ext}$major'
+  finish_cmds='PATH="\$PATH:/sbin" ldconfig $libdir'
+  shlibpath_var=LD_LIBRARY_PATH
+  sys_lib_search_path_spec="/shlib /usr/lib /usr/X11/lib /usr/contrib/lib /lib /usr/local/lib"
+  sys_lib_dlsearch_path_spec="/shlib /usr/lib /usr/local/lib"
+  # the default ld.so.conf also contains /usr/contrib/lib and
+  # /usr/X11R6/lib (/usr/X11 is a link to /usr/X11R6), but let us allow
+  # libtool to hard-code these into programs
+  ;;
+
+cygwin* | mingw* | pw32* | cegcc*)
+  version_type=windows
+  shrext_cmds=".dll"
+  need_version=no
+  need_lib_prefix=no
+
+  case $GCC,$cc_basename in
+  yes,*)
+    # gcc
+    library_names_spec='$libname.dll.a'
+    # DLL is installed to $(libdir)/../bin by postinstall_cmds
+    postinstall_cmds='base_file=`basename \${file}`~
+      dlpath=`$SHELL 2>&1 -c '\''. $dir/'\''\${base_file}'\''i; echo \$dlname'\''`~
+      dldir=$destdir/`dirname \$dlpath`~
+      test -d \$dldir || mkdir -p \$dldir~
+      $install_prog $dir/$dlname \$dldir/$dlname~
+      chmod a+x \$dldir/$dlname~
+      if test -n '\''$stripme'\'' && test -n '\''$striplib'\''; then
+        eval '\''$striplib \$dldir/$dlname'\'' || exit \$?;
+      fi'
+    postuninstall_cmds='dldll=`$SHELL 2>&1 -c '\''. $file; echo \$dlname'\''`~
+      dlpath=$dir/\$dldll~
+       $RM \$dlpath'
+    shlibpath_overrides_runpath=yes
+
+    case $host_os in
+    cygwin*)
+      # Cygwin DLLs use 'cyg' prefix rather than 'lib'
+      soname_spec='`echo ${libname} | sed -e 's/^lib/cyg/'``echo ${release} | $SED -e 's/[.]/-/g'`${versuffix}${shared_ext}'
+
+      sys_lib_search_path_spec="$sys_lib_search_path_spec /usr/lib/w32api"
+      ;;
+    mingw* | cegcc*)
+      # MinGW DLLs use traditional 'lib' prefix
+      soname_spec='${libname}`echo ${release} | $SED -e 's/[.]/-/g'`${versuffix}${shared_ext}'
+      ;;
+    pw32*)
+      # pw32 DLLs use 'pw' prefix rather than 'lib'
+      library_names_spec='`echo ${libname} | sed -e 's/^lib/pw/'``echo ${release} | $SED -e 's/[.]/-/g'`${versuffix}${shared_ext}'
+      ;;
+    esac
+    dynamic_linker='Win32 ld.exe'
+    ;;
+
+  *,cl*)
+    # Native MSVC
+    libname_spec='$name'
+    soname_spec='${libname}`echo ${release} | $SED -e 's/[.]/-/g'`${versuffix}${shared_ext}'
+    library_names_spec='${libname}.dll.lib'
+
+    case $build_os in
+    mingw*)
+      sys_lib_search_path_spec=
+      lt_save_ifs=$IFS
+      IFS=';'
+      for lt_path in $LIB
+      do
+        IFS=$lt_save_ifs
+        # Let DOS variable expansion print the short 8.3 style file name.
+        lt_path=`cd "$lt_path" 2>/dev/null && cmd //C "for %i in (".") do @echo %~si"`
+        sys_lib_search_path_spec="$sys_lib_search_path_spec $lt_path"
+      done
+      IFS=$lt_save_ifs
+      # Convert to MSYS style.
+      sys_lib_search_path_spec=`$ECHO "$sys_lib_search_path_spec" | sed -e 's|\\\\|/|g' -e 's| \\([a-zA-Z]\\):| /\\1|g' -e 's|^ ||'`
+      ;;
+    cygwin*)
+      # Convert to unix form, then to dos form, then back to unix form
+      # but this time dos style (no spaces!) so that the unix form looks
+      # like /cygdrive/c/PROGRA~1:/cygdr...
+      sys_lib_search_path_spec=`cygpath --path --unix "$LIB"`
+      sys_lib_search_path_spec=`cygpath --path --dos "$sys_lib_search_path_spec" 2>/dev/null`
+      sys_lib_search_path_spec=`cygpath --path --unix "$sys_lib_search_path_spec" | $SED -e "s/$PATH_SEPARATOR/ /g"`
+      ;;
+    *)
+      sys_lib_search_path_spec="$LIB"
+      if $ECHO "$sys_lib_search_path_spec" | $GREP ';[c-zC-Z]:/' >/dev/null; then
+        # It is most probably a Windows format PATH.
+        sys_lib_search_path_spec=`$ECHO "$sys_lib_search_path_spec" | $SED -e 's/;/ /g'`
+      else
+        sys_lib_search_path_spec=`$ECHO "$sys_lib_search_path_spec" | $SED -e "s/$PATH_SEPARATOR/ /g"`
+      fi
+      # FIXME: find the short name or the path components, as spaces are
+      # common. (e.g. "Program Files" -> "PROGRA~1")
+      ;;
+    esac
+
+    # DLL is installed to $(libdir)/../bin by postinstall_cmds
+    postinstall_cmds='base_file=`basename \${file}`~
+      dlpath=`$SHELL 2>&1 -c '\''. $dir/'\''\${base_file}'\''i; echo \$dlname'\''`~
+      dldir=$destdir/`dirname \$dlpath`~
+      test -d \$dldir || mkdir -p \$dldir~
+      $install_prog $dir/$dlname \$dldir/$dlname'
+    postuninstall_cmds='dldll=`$SHELL 2>&1 -c '\''. $file; echo \$dlname'\''`~
+      dlpath=$dir/\$dldll~
+       $RM \$dlpath'
+    shlibpath_overrides_runpath=yes
+    dynamic_linker='Win32 link.exe'
+    ;;
+
+  *)
+    # Assume MSVC wrapper
+    library_names_spec='${libname}`echo ${release} | $SED -e 's/[.]/-/g'`${versuffix}${shared_ext} $libname.lib'
+    dynamic_linker='Win32 ld.exe'
+    ;;
+  esac
+  # FIXME: first we should search . and the directory the executable is in
+  shlibpath_var=PATH
+  ;;
+
+darwin* | rhapsody*)
+  dynamic_linker="$host_os dyld"
+  version_type=darwin
+  need_lib_prefix=no
+  need_version=no
+  library_names_spec='${libname}${release}${major}$shared_ext ${libname}$shared_ext'
+  soname_spec='${libname}${release}${major}$shared_ext'
+  shlibpath_overrides_runpath=yes
+  shlibpath_var=DYLD_LIBRARY_PATH
+  shrext_cmds='`test .$module = .yes && echo .so || echo .dylib`'
+
+  sys_lib_search_path_spec="$sys_lib_search_path_spec /usr/local/lib"
+  sys_lib_dlsearch_path_spec='/usr/local/lib /lib /usr/lib'
+  ;;
+
+dgux*)
+  version_type=linux # correct to gnu/linux during the next big refactor
+  need_lib_prefix=no
+  need_version=no
+  library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname$shared_ext'
+  soname_spec='${libname}${release}${shared_ext}$major'
+  shlibpath_var=LD_LIBRARY_PATH
+  ;;
+
+freebsd* | dragonfly*)
+  # DragonFly does not have aout.  When/if they implement a new
+  # versioning mechanism, adjust this.
+  if test -x /usr/bin/objformat; then
+    objformat=`/usr/bin/objformat`
+  else
+    case $host_os in
+    freebsd[23].*) objformat=aout ;;
+    *) objformat=elf ;;
+    esac
+  fi
+  version_type=freebsd-$objformat
+  case $version_type in
+    freebsd-elf*)
+      library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext} $libname${shared_ext}'
+      need_version=no
+      need_lib_prefix=no
+      ;;
+    freebsd-*)
+      library_names_spec='${libname}${release}${shared_ext}$versuffix $libname${shared_ext}$versuffix'
+      need_version=yes
+      ;;
+  esac
+  shlibpath_var=LD_LIBRARY_PATH
+  case $host_os in
+  freebsd2.*)
+    shlibpath_overrides_runpath=yes
+    ;;
+  freebsd3.[01]* | freebsdelf3.[01]*)
+    shlibpath_overrides_runpath=yes
+    hardcode_into_libs=yes
+    ;;
+  freebsd3.[2-9]* | freebsdelf3.[2-9]* | \
+  freebsd4.[0-5] | freebsdelf4.[0-5] | freebsd4.1.1 | freebsdelf4.1.1)
+    shlibpath_overrides_runpath=no
+    hardcode_into_libs=yes
+    ;;
+  *) # from 4.6 on, and DragonFly
+    shlibpath_overrides_runpath=yes
+    hardcode_into_libs=yes
+    ;;
+  esac
+  ;;
+
+gnu*)
+  version_type=linux # correct to gnu/linux during the next big refactor
+  need_lib_prefix=no
+  need_version=no
+  library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}${major} ${libname}${shared_ext}'
+  soname_spec='${libname}${release}${shared_ext}$major'
+  shlibpath_var=LD_LIBRARY_PATH
+  shlibpath_overrides_runpath=no
+  hardcode_into_libs=yes
+  ;;
+
+haiku*)
+  version_type=linux # correct to gnu/linux during the next big refactor
+  need_lib_prefix=no
+  need_version=no
+  dynamic_linker="$host_os runtime_loader"
+  library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}${major} ${libname}${shared_ext}'
+  soname_spec='${libname}${release}${shared_ext}$major'
+  shlibpath_var=LIBRARY_PATH
+  shlibpath_overrides_runpath=yes
+  sys_lib_dlsearch_path_spec='/boot/home/config/lib /boot/common/lib /boot/system/lib'
+  hardcode_into_libs=yes
+  ;;
+
+hpux9* | hpux10* | hpux11*)
+  # Give a soname corresponding to the major version so that dld.sl refuses to
+  # link against other versions.
+  version_type=sunos
+  need_lib_prefix=no
+  need_version=no
+  case $host_cpu in
+  ia64*)
+    shrext_cmds='.so'
+    hardcode_into_libs=yes
+    dynamic_linker="$host_os dld.so"
+    shlibpath_var=LD_LIBRARY_PATH
+    shlibpath_overrides_runpath=yes # Unless +noenvvar is specified.
+    library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+    soname_spec='${libname}${release}${shared_ext}$major'
+    if test "X$HPUX_IA64_MODE" = X32; then
+      sys_lib_search_path_spec="/usr/lib/hpux32 /usr/local/lib/hpux32 /usr/local/lib"
+    else
+      sys_lib_search_path_spec="/usr/lib/hpux64 /usr/local/lib/hpux64"
+    fi
+    sys_lib_dlsearch_path_spec=$sys_lib_search_path_spec
+    ;;
+  hppa*64*)
+    shrext_cmds='.sl'
+    hardcode_into_libs=yes
+    dynamic_linker="$host_os dld.sl"
+    shlibpath_var=LD_LIBRARY_PATH # How should we handle SHLIB_PATH
+    shlibpath_overrides_runpath=yes # Unless +noenvvar is specified.
+    library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+    soname_spec='${libname}${release}${shared_ext}$major'
+    sys_lib_search_path_spec="/usr/lib/pa20_64 /usr/ccs/lib/pa20_64"
+    sys_lib_dlsearch_path_spec=$sys_lib_search_path_spec
+    ;;
+  *)
+    shrext_cmds='.sl'
+    dynamic_linker="$host_os dld.sl"
+    shlibpath_var=SHLIB_PATH
+    shlibpath_overrides_runpath=no # +s is required to enable SHLIB_PATH
+    library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+    soname_spec='${libname}${release}${shared_ext}$major'
+    ;;
+  esac
+  # HP-UX runs *really* slowly unless shared libraries are mode 555, ...
+  postinstall_cmds='chmod 555 $lib'
+  # or fails outright, so override atomically:
+  install_override_mode=555
+  ;;
+
+interix[3-9]*)
+  version_type=linux # correct to gnu/linux during the next big refactor
+  need_lib_prefix=no
+  need_version=no
+  library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}'
+  soname_spec='${libname}${release}${shared_ext}$major'
+  dynamic_linker='Interix 3.x ld.so.1 (PE, like ELF)'
+  shlibpath_var=LD_LIBRARY_PATH
+  shlibpath_overrides_runpath=no
+  hardcode_into_libs=yes
+  ;;
+
+irix5* | irix6* | nonstopux*)
+  case $host_os in
+    nonstopux*) version_type=nonstopux ;;
+    *)
+	if test "$lt_cv_prog_gnu_ld" = yes; then
+		version_type=linux # correct to gnu/linux during the next big refactor
+	else
+		version_type=irix
+	fi ;;
+  esac
+  need_lib_prefix=no
+  need_version=no
+  soname_spec='${libname}${release}${shared_ext}$major'
+  library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${release}${shared_ext} $libname${shared_ext}'
+  case $host_os in
+  irix5* | nonstopux*)
+    libsuff= shlibsuff=
+    ;;
+  *)
+    case $LD in # libtool.m4 will add one of these switches to LD
+    *-32|*"-32 "|*-melf32bsmip|*"-melf32bsmip ")
+      libsuff= shlibsuff= libmagic=32-bit;;
+    *-n32|*"-n32 "|*-melf32bmipn32|*"-melf32bmipn32 ")
+      libsuff=32 shlibsuff=N32 libmagic=N32;;
+    *-64|*"-64 "|*-melf64bmip|*"-melf64bmip ")
+      libsuff=64 shlibsuff=64 libmagic=64-bit;;
+    *) libsuff= shlibsuff= libmagic=never-match;;
+    esac
+    ;;
+  esac
+  shlibpath_var=LD_LIBRARY${shlibsuff}_PATH
+  shlibpath_overrides_runpath=no
+  sys_lib_search_path_spec="/usr/lib${libsuff} /lib${libsuff} /usr/local/lib${libsuff}"
+  sys_lib_dlsearch_path_spec="/usr/lib${libsuff} /lib${libsuff}"
+  hardcode_into_libs=yes
+  ;;
+
+# No shared lib support for Linux oldld, aout, or coff.
+linux*oldld* | linux*aout* | linux*coff*)
+  dynamic_linker=no
+  ;;
+
+# This must be glibc/ELF.
+linux* | k*bsd*-gnu | kopensolaris*-gnu)
+  version_type=linux # correct to gnu/linux during the next big refactor
+  need_lib_prefix=no
+  need_version=no
+  library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+  soname_spec='${libname}${release}${shared_ext}$major'
+  finish_cmds='PATH="\$PATH:/sbin" ldconfig -n $libdir'
+  shlibpath_var=LD_LIBRARY_PATH
+  shlibpath_overrides_runpath=no
+
+  # Some binutils ld are patched to set DT_RUNPATH
+  if ${lt_cv_shlibpath_overrides_runpath+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  lt_cv_shlibpath_overrides_runpath=no
+    save_LDFLAGS=$LDFLAGS
+    save_libdir=$libdir
+    eval "libdir=/foo; wl=\"$lt_prog_compiler_wl\"; \
+	 LDFLAGS=\"\$LDFLAGS $hardcode_libdir_flag_spec\""
+    cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_link "$LINENO"; then :
+  if  ($OBJDUMP -p conftest$ac_exeext) 2>/dev/null | grep "RUNPATH.*$libdir" >/dev/null; then :
+  lt_cv_shlibpath_overrides_runpath=yes
+fi
+fi
+rm -f core conftest.err conftest.$ac_objext \
+    conftest$ac_exeext conftest.$ac_ext
+    LDFLAGS=$save_LDFLAGS
+    libdir=$save_libdir
+
+fi
+
+  shlibpath_overrides_runpath=$lt_cv_shlibpath_overrides_runpath
+
+  # This implies no fast_install, which is unacceptable.
+  # Some rework will be needed to allow for fast_install
+  # before this can be enabled.
+  hardcode_into_libs=yes
+
+  # Append ld.so.conf contents to the search path
+  if test -f /etc/ld.so.conf; then
+    lt_ld_extra=`awk '/^include / { system(sprintf("cd /etc; cat %s 2>/dev/null", \$2)); skip = 1; } { if (!skip) print \$0; skip = 0; }' < /etc/ld.so.conf | $SED -e 's/#.*//;/^[	 ]*hwcap[	 ]/d;s/[:,	]/ /g;s/=[^=]*$//;s/=[^= ]* / /g;s/"//g;/^$/d' | tr '\n' ' '`
+    sys_lib_dlsearch_path_spec="/lib /usr/lib $lt_ld_extra"
+  fi
+
+  # We used to test for /lib/ld.so.1 and disable shared libraries on
+  # powerpc, because MkLinux only supported shared libraries with the
+  # GNU dynamic linker.  Since this was broken with cross compilers,
+  # most powerpc-linux boxes support dynamic linking these days and
+  # people can always --disable-shared, the test was removed, and we
+  # assume the GNU/Linux dynamic linker is in use.
+  dynamic_linker='GNU/Linux ld.so'
+  ;;
+
+netbsd*)
+  version_type=sunos
+  need_lib_prefix=no
+  need_version=no
+  if echo __ELF__ | $CC -E - | $GREP __ELF__ >/dev/null; then
+    library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${shared_ext}$versuffix'
+    finish_cmds='PATH="\$PATH:/sbin" ldconfig -m $libdir'
+    dynamic_linker='NetBSD (a.out) ld.so'
+  else
+    library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}'
+    soname_spec='${libname}${release}${shared_ext}$major'
+    dynamic_linker='NetBSD ld.elf_so'
+  fi
+  shlibpath_var=LD_LIBRARY_PATH
+  shlibpath_overrides_runpath=yes
+  hardcode_into_libs=yes
+  ;;
+
+newsos6)
+  version_type=linux # correct to gnu/linux during the next big refactor
+  library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+  shlibpath_var=LD_LIBRARY_PATH
+  shlibpath_overrides_runpath=yes
+  ;;
+
+*nto* | *qnx*)
+  version_type=qnx
+  need_lib_prefix=no
+  need_version=no
+  library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+  soname_spec='${libname}${release}${shared_ext}$major'
+  shlibpath_var=LD_LIBRARY_PATH
+  shlibpath_overrides_runpath=no
+  hardcode_into_libs=yes
+  dynamic_linker='ldqnx.so'
+  ;;
+
+openbsd*)
+  version_type=sunos
+  sys_lib_dlsearch_path_spec="/usr/lib"
+  need_lib_prefix=no
+  # Some older versions of OpenBSD (3.3 at least) *do* need versioned libs.
+  case $host_os in
+    openbsd3.3 | openbsd3.3.*)	need_version=yes ;;
+    *)				need_version=no  ;;
+  esac
+  library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${shared_ext}$versuffix'
+  finish_cmds='PATH="\$PATH:/sbin" ldconfig -m $libdir'
+  shlibpath_var=LD_LIBRARY_PATH
+  if test -z "`echo __ELF__ | $CC -E - | $GREP __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then
+    case $host_os in
+      openbsd2.[89] | openbsd2.[89].*)
+	shlibpath_overrides_runpath=no
+	;;
+      *)
+	shlibpath_overrides_runpath=yes
+	;;
+      esac
+  else
+    shlibpath_overrides_runpath=yes
+  fi
+  ;;
+
+os2*)
+  libname_spec='$name'
+  shrext_cmds=".dll"
+  need_lib_prefix=no
+  library_names_spec='$libname${shared_ext} $libname.a'
+  dynamic_linker='OS/2 ld.exe'
+  shlibpath_var=LIBPATH
+  ;;
+
+osf3* | osf4* | osf5*)
+  version_type=osf
+  need_lib_prefix=no
+  need_version=no
+  soname_spec='${libname}${release}${shared_ext}$major'
+  library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+  shlibpath_var=LD_LIBRARY_PATH
+  sys_lib_search_path_spec="/usr/shlib /usr/ccs/lib /usr/lib/cmplrs/cc /usr/lib /usr/local/lib /var/shlib"
+  sys_lib_dlsearch_path_spec="$sys_lib_search_path_spec"
+  ;;
+
+rdos*)
+  dynamic_linker=no
+  ;;
+
+solaris*)
+  version_type=linux # correct to gnu/linux during the next big refactor
+  need_lib_prefix=no
+  need_version=no
+  library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+  soname_spec='${libname}${release}${shared_ext}$major'
+  shlibpath_var=LD_LIBRARY_PATH
+  shlibpath_overrides_runpath=yes
+  hardcode_into_libs=yes
+  # ldd complains unless libraries are executable
+  postinstall_cmds='chmod +x $lib'
+  ;;
+
+sunos4*)
+  version_type=sunos
+  library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${shared_ext}$versuffix'
+  finish_cmds='PATH="\$PATH:/usr/etc" ldconfig $libdir'
+  shlibpath_var=LD_LIBRARY_PATH
+  shlibpath_overrides_runpath=yes
+  if test "$with_gnu_ld" = yes; then
+    need_lib_prefix=no
+  fi
+  need_version=yes
+  ;;
+
+sysv4 | sysv4.3*)
+  version_type=linux # correct to gnu/linux during the next big refactor
+  library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+  soname_spec='${libname}${release}${shared_ext}$major'
+  shlibpath_var=LD_LIBRARY_PATH
+  case $host_vendor in
+    sni)
+      shlibpath_overrides_runpath=no
+      need_lib_prefix=no
+      runpath_var=LD_RUN_PATH
+      ;;
+    siemens)
+      need_lib_prefix=no
+      ;;
+    motorola)
+      need_lib_prefix=no
+      need_version=no
+      shlibpath_overrides_runpath=no
+      sys_lib_search_path_spec='/lib /usr/lib /usr/ccs/lib'
+      ;;
+  esac
+  ;;
+
+sysv4*MP*)
+  if test -d /usr/nec ;then
+    version_type=linux # correct to gnu/linux during the next big refactor
+    library_names_spec='$libname${shared_ext}.$versuffix $libname${shared_ext}.$major $libname${shared_ext}'
+    soname_spec='$libname${shared_ext}.$major'
+    shlibpath_var=LD_LIBRARY_PATH
+  fi
+  ;;
+
+sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX* | sysv4*uw2*)
+  version_type=freebsd-elf
+  need_lib_prefix=no
+  need_version=no
+  library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext} $libname${shared_ext}'
+  soname_spec='${libname}${release}${shared_ext}$major'
+  shlibpath_var=LD_LIBRARY_PATH
+  shlibpath_overrides_runpath=yes
+  hardcode_into_libs=yes
+  if test "$with_gnu_ld" = yes; then
+    sys_lib_search_path_spec='/usr/local/lib /usr/gnu/lib /usr/ccs/lib /usr/lib /lib'
+  else
+    sys_lib_search_path_spec='/usr/ccs/lib /usr/lib'
+    case $host_os in
+      sco3.2v5*)
+        sys_lib_search_path_spec="$sys_lib_search_path_spec /lib"
+	;;
+    esac
+  fi
+  sys_lib_dlsearch_path_spec='/usr/lib'
+  ;;
+
+tpf*)
+  # TPF is a cross-target only.  Preferred cross-host = GNU/Linux.
+  version_type=linux # correct to gnu/linux during the next big refactor
+  need_lib_prefix=no
+  need_version=no
+  library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+  shlibpath_var=LD_LIBRARY_PATH
+  shlibpath_overrides_runpath=no
+  hardcode_into_libs=yes
+  ;;
+
+uts4*)
+  version_type=linux # correct to gnu/linux during the next big refactor
+  library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+  soname_spec='${libname}${release}${shared_ext}$major'
+  shlibpath_var=LD_LIBRARY_PATH
+  ;;
+
+*)
+  dynamic_linker=no
+  ;;
+esac
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $dynamic_linker" >&5
+$as_echo "$dynamic_linker" >&6; }
+test "$dynamic_linker" = no && can_build_shared=no
+
+variables_saved_for_relink="PATH $shlibpath_var $runpath_var"
+if test "$GCC" = yes; then
+  variables_saved_for_relink="$variables_saved_for_relink GCC_EXEC_PREFIX COMPILER_PATH LIBRARY_PATH"
+fi
+
+if test "${lt_cv_sys_lib_search_path_spec+set}" = set; then
+  sys_lib_search_path_spec="$lt_cv_sys_lib_search_path_spec"
+fi
+if test "${lt_cv_sys_lib_dlsearch_path_spec+set}" = set; then
+  sys_lib_dlsearch_path_spec="$lt_cv_sys_lib_dlsearch_path_spec"
+fi
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+  { $as_echo "$as_me:${as_lineno-$LINENO}: checking how to hardcode library paths into programs" >&5
+$as_echo_n "checking how to hardcode library paths into programs... " >&6; }
+hardcode_action=
+if test -n "$hardcode_libdir_flag_spec" ||
+   test -n "$runpath_var" ||
+   test "X$hardcode_automatic" = "Xyes" ; then
+
+  # We can hardcode non-existent directories.
+  if test "$hardcode_direct" != no &&
+     # If the only mechanism to avoid hardcoding is shlibpath_var, we
+     # have to relink, otherwise we might link with an installed library
+     # when we should be linking with a yet-to-be-installed one
+     ## test "$_LT_TAGVAR(hardcode_shlibpath_var, )" != no &&
+     test "$hardcode_minus_L" != no; then
+    # Linking always hardcodes the temporary library directory.
+    hardcode_action=relink
+  else
+    # We can link without hardcoding, and we can hardcode nonexisting dirs.
+    hardcode_action=immediate
+  fi
+else
+  # We cannot hardcode anything, or else we can only hardcode existing
+  # directories.
+  hardcode_action=unsupported
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $hardcode_action" >&5
+$as_echo "$hardcode_action" >&6; }
+
+if test "$hardcode_action" = relink ||
+   test "$inherit_rpath" = yes; then
+  # Fast installation is not supported
+  enable_fast_install=no
+elif test "$shlibpath_overrides_runpath" = yes ||
+     test "$enable_shared" = no; then
+  # Fast installation is not necessary
+  enable_fast_install=needless
+fi
+
+
+
+
+
+
+  if test "x$enable_dlopen" != xyes; then
+  enable_dlopen=unknown
+  enable_dlopen_self=unknown
+  enable_dlopen_self_static=unknown
+else
+  lt_cv_dlopen=no
+  lt_cv_dlopen_libs=
+
+  case $host_os in
+  beos*)
+    lt_cv_dlopen="load_add_on"
+    lt_cv_dlopen_libs=
+    lt_cv_dlopen_self=yes
+    ;;
+
+  mingw* | pw32* | cegcc*)
+    lt_cv_dlopen="LoadLibrary"
+    lt_cv_dlopen_libs=
+    ;;
+
+  cygwin*)
+    lt_cv_dlopen="dlopen"
+    lt_cv_dlopen_libs=
+    ;;
+
+  darwin*)
+  # if libdl is installed we need to link against it
+    { $as_echo "$as_me:${as_lineno-$LINENO}: checking for dlopen in -ldl" >&5
+$as_echo_n "checking for dlopen in -ldl... " >&6; }
+if ${ac_cv_lib_dl_dlopen+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  ac_check_lib_save_LIBS=$LIBS
+LIBS="-ldl  $LIBS"
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+/* Override any GCC internal prototype to avoid an error.
+   Use char because int might match the return type of a GCC
+   builtin and then its argument prototype would still apply.  */
+#ifdef __cplusplus
+extern "C"
+#endif
+char dlopen ();
+int
+main ()
+{
+return dlopen ();
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_link "$LINENO"; then :
+  ac_cv_lib_dl_dlopen=yes
+else
+  ac_cv_lib_dl_dlopen=no
+fi
+rm -f core conftest.err conftest.$ac_objext \
+    conftest$ac_exeext conftest.$ac_ext
+LIBS=$ac_check_lib_save_LIBS
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_dl_dlopen" >&5
+$as_echo "$ac_cv_lib_dl_dlopen" >&6; }
+if test "x$ac_cv_lib_dl_dlopen" = xyes; then :
+  lt_cv_dlopen="dlopen" lt_cv_dlopen_libs="-ldl"
+else
+
+    lt_cv_dlopen="dyld"
+    lt_cv_dlopen_libs=
+    lt_cv_dlopen_self=yes
+
+fi
+
+    ;;
+
+  *)
+    ac_fn_c_check_func "$LINENO" "shl_load" "ac_cv_func_shl_load"
+if test "x$ac_cv_func_shl_load" = xyes; then :
+  lt_cv_dlopen="shl_load"
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: checking for shl_load in -ldld" >&5
+$as_echo_n "checking for shl_load in -ldld... " >&6; }
+if ${ac_cv_lib_dld_shl_load+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  ac_check_lib_save_LIBS=$LIBS
+LIBS="-ldld  $LIBS"
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+/* Override any GCC internal prototype to avoid an error.
+   Use char because int might match the return type of a GCC
+   builtin and then its argument prototype would still apply.  */
+#ifdef __cplusplus
+extern "C"
+#endif
+char shl_load ();
+int
+main ()
+{
+return shl_load ();
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_link "$LINENO"; then :
+  ac_cv_lib_dld_shl_load=yes
+else
+  ac_cv_lib_dld_shl_load=no
+fi
+rm -f core conftest.err conftest.$ac_objext \
+    conftest$ac_exeext conftest.$ac_ext
+LIBS=$ac_check_lib_save_LIBS
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_dld_shl_load" >&5
+$as_echo "$ac_cv_lib_dld_shl_load" >&6; }
+if test "x$ac_cv_lib_dld_shl_load" = xyes; then :
+  lt_cv_dlopen="shl_load" lt_cv_dlopen_libs="-ldld"
+else
+  ac_fn_c_check_func "$LINENO" "dlopen" "ac_cv_func_dlopen"
+if test "x$ac_cv_func_dlopen" = xyes; then :
+  lt_cv_dlopen="dlopen"
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: checking for dlopen in -ldl" >&5
+$as_echo_n "checking for dlopen in -ldl... " >&6; }
+if ${ac_cv_lib_dl_dlopen+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  ac_check_lib_save_LIBS=$LIBS
+LIBS="-ldl  $LIBS"
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+/* Override any GCC internal prototype to avoid an error.
+   Use char because int might match the return type of a GCC
+   builtin and then its argument prototype would still apply.  */
+#ifdef __cplusplus
+extern "C"
+#endif
+char dlopen ();
+int
+main ()
+{
+return dlopen ();
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_link "$LINENO"; then :
+  ac_cv_lib_dl_dlopen=yes
+else
+  ac_cv_lib_dl_dlopen=no
+fi
+rm -f core conftest.err conftest.$ac_objext \
+    conftest$ac_exeext conftest.$ac_ext
+LIBS=$ac_check_lib_save_LIBS
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_dl_dlopen" >&5
+$as_echo "$ac_cv_lib_dl_dlopen" >&6; }
+if test "x$ac_cv_lib_dl_dlopen" = xyes; then :
+  lt_cv_dlopen="dlopen" lt_cv_dlopen_libs="-ldl"
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: checking for dlopen in -lsvld" >&5
+$as_echo_n "checking for dlopen in -lsvld... " >&6; }
+if ${ac_cv_lib_svld_dlopen+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  ac_check_lib_save_LIBS=$LIBS
+LIBS="-lsvld  $LIBS"
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+/* Override any GCC internal prototype to avoid an error.
+   Use char because int might match the return type of a GCC
+   builtin and then its argument prototype would still apply.  */
+#ifdef __cplusplus
+extern "C"
+#endif
+char dlopen ();
+int
+main ()
+{
+return dlopen ();
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_link "$LINENO"; then :
+  ac_cv_lib_svld_dlopen=yes
+else
+  ac_cv_lib_svld_dlopen=no
+fi
+rm -f core conftest.err conftest.$ac_objext \
+    conftest$ac_exeext conftest.$ac_ext
+LIBS=$ac_check_lib_save_LIBS
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_svld_dlopen" >&5
+$as_echo "$ac_cv_lib_svld_dlopen" >&6; }
+if test "x$ac_cv_lib_svld_dlopen" = xyes; then :
+  lt_cv_dlopen="dlopen" lt_cv_dlopen_libs="-lsvld"
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: checking for dld_link in -ldld" >&5
+$as_echo_n "checking for dld_link in -ldld... " >&6; }
+if ${ac_cv_lib_dld_dld_link+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  ac_check_lib_save_LIBS=$LIBS
+LIBS="-ldld  $LIBS"
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+/* Override any GCC internal prototype to avoid an error.
+   Use char because int might match the return type of a GCC
+   builtin and then its argument prototype would still apply.  */
+#ifdef __cplusplus
+extern "C"
+#endif
+char dld_link ();
+int
+main ()
+{
+return dld_link ();
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_link "$LINENO"; then :
+  ac_cv_lib_dld_dld_link=yes
+else
+  ac_cv_lib_dld_dld_link=no
+fi
+rm -f core conftest.err conftest.$ac_objext \
+    conftest$ac_exeext conftest.$ac_ext
+LIBS=$ac_check_lib_save_LIBS
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_dld_dld_link" >&5
+$as_echo "$ac_cv_lib_dld_dld_link" >&6; }
+if test "x$ac_cv_lib_dld_dld_link" = xyes; then :
+  lt_cv_dlopen="dld_link" lt_cv_dlopen_libs="-ldld"
+fi
+
+
+fi
+
+
+fi
+
+
+fi
+
+
+fi
+
+
+fi
+
+    ;;
+  esac
+
+  if test "x$lt_cv_dlopen" != xno; then
+    enable_dlopen=yes
+  else
+    enable_dlopen=no
+  fi
+
+  case $lt_cv_dlopen in
+  dlopen)
+    save_CPPFLAGS="$CPPFLAGS"
+    test "x$ac_cv_header_dlfcn_h" = xyes && CPPFLAGS="$CPPFLAGS -DHAVE_DLFCN_H"
+
+    save_LDFLAGS="$LDFLAGS"
+    wl=$lt_prog_compiler_wl eval LDFLAGS=\"\$LDFLAGS $export_dynamic_flag_spec\"
+
+    save_LIBS="$LIBS"
+    LIBS="$lt_cv_dlopen_libs $LIBS"
+
+    { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether a program can dlopen itself" >&5
+$as_echo_n "checking whether a program can dlopen itself... " >&6; }
+if ${lt_cv_dlopen_self+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  	  if test "$cross_compiling" = yes; then :
+  lt_cv_dlopen_self=cross
+else
+  lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2
+  lt_status=$lt_dlunknown
+  cat > conftest.$ac_ext <<_LT_EOF
+#line $LINENO "configure"
+#include "confdefs.h"
+
+#if HAVE_DLFCN_H
+#include 
+#endif
+
+#include 
+
+#ifdef RTLD_GLOBAL
+#  define LT_DLGLOBAL		RTLD_GLOBAL
+#else
+#  ifdef DL_GLOBAL
+#    define LT_DLGLOBAL		DL_GLOBAL
+#  else
+#    define LT_DLGLOBAL		0
+#  endif
+#endif
+
+/* We may have to define LT_DLLAZY_OR_NOW in the command line if we
+   find out it does not work in some platform. */
+#ifndef LT_DLLAZY_OR_NOW
+#  ifdef RTLD_LAZY
+#    define LT_DLLAZY_OR_NOW		RTLD_LAZY
+#  else
+#    ifdef DL_LAZY
+#      define LT_DLLAZY_OR_NOW		DL_LAZY
+#    else
+#      ifdef RTLD_NOW
+#        define LT_DLLAZY_OR_NOW	RTLD_NOW
+#      else
+#        ifdef DL_NOW
+#          define LT_DLLAZY_OR_NOW	DL_NOW
+#        else
+#          define LT_DLLAZY_OR_NOW	0
+#        endif
+#      endif
+#    endif
+#  endif
+#endif
+
+/* When -fvisbility=hidden is used, assume the code has been annotated
+   correspondingly for the symbols needed.  */
+#if defined(__GNUC__) && (((__GNUC__ == 3) && (__GNUC_MINOR__ >= 3)) || (__GNUC__ > 3))
+int fnord () __attribute__((visibility("default")));
+#endif
+
+int fnord () { return 42; }
+int main ()
+{
+  void *self = dlopen (0, LT_DLGLOBAL|LT_DLLAZY_OR_NOW);
+  int status = $lt_dlunknown;
+
+  if (self)
+    {
+      if (dlsym (self,"fnord"))       status = $lt_dlno_uscore;
+      else
+        {
+	  if (dlsym( self,"_fnord"))  status = $lt_dlneed_uscore;
+          else puts (dlerror ());
+	}
+      /* dlclose (self); */
+    }
+  else
+    puts (dlerror ());
+
+  return status;
+}
+_LT_EOF
+  if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_link\""; } >&5
+  (eval $ac_link) 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; } && test -s conftest${ac_exeext} 2>/dev/null; then
+    (./conftest; exit; ) >&5 2>/dev/null
+    lt_status=$?
+    case x$lt_status in
+      x$lt_dlno_uscore) lt_cv_dlopen_self=yes ;;
+      x$lt_dlneed_uscore) lt_cv_dlopen_self=yes ;;
+      x$lt_dlunknown|x*) lt_cv_dlopen_self=no ;;
+    esac
+  else :
+    # compilation failed
+    lt_cv_dlopen_self=no
+  fi
+fi
+rm -fr conftest*
+
+
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_dlopen_self" >&5
+$as_echo "$lt_cv_dlopen_self" >&6; }
+
+    if test "x$lt_cv_dlopen_self" = xyes; then
+      wl=$lt_prog_compiler_wl eval LDFLAGS=\"\$LDFLAGS $lt_prog_compiler_static\"
+      { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether a statically linked program can dlopen itself" >&5
+$as_echo_n "checking whether a statically linked program can dlopen itself... " >&6; }
+if ${lt_cv_dlopen_self_static+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  	  if test "$cross_compiling" = yes; then :
+  lt_cv_dlopen_self_static=cross
+else
+  lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2
+  lt_status=$lt_dlunknown
+  cat > conftest.$ac_ext <<_LT_EOF
+#line $LINENO "configure"
+#include "confdefs.h"
+
+#if HAVE_DLFCN_H
+#include 
+#endif
+
+#include 
+
+#ifdef RTLD_GLOBAL
+#  define LT_DLGLOBAL		RTLD_GLOBAL
+#else
+#  ifdef DL_GLOBAL
+#    define LT_DLGLOBAL		DL_GLOBAL
+#  else
+#    define LT_DLGLOBAL		0
+#  endif
+#endif
+
+/* We may have to define LT_DLLAZY_OR_NOW in the command line if we
+   find out it does not work in some platform. */
+#ifndef LT_DLLAZY_OR_NOW
+#  ifdef RTLD_LAZY
+#    define LT_DLLAZY_OR_NOW		RTLD_LAZY
+#  else
+#    ifdef DL_LAZY
+#      define LT_DLLAZY_OR_NOW		DL_LAZY
+#    else
+#      ifdef RTLD_NOW
+#        define LT_DLLAZY_OR_NOW	RTLD_NOW
+#      else
+#        ifdef DL_NOW
+#          define LT_DLLAZY_OR_NOW	DL_NOW
+#        else
+#          define LT_DLLAZY_OR_NOW	0
+#        endif
+#      endif
+#    endif
+#  endif
+#endif
+
+/* When -fvisbility=hidden is used, assume the code has been annotated
+   correspondingly for the symbols needed.  */
+#if defined(__GNUC__) && (((__GNUC__ == 3) && (__GNUC_MINOR__ >= 3)) || (__GNUC__ > 3))
+int fnord () __attribute__((visibility("default")));
+#endif
+
+int fnord () { return 42; }
+int main ()
+{
+  void *self = dlopen (0, LT_DLGLOBAL|LT_DLLAZY_OR_NOW);
+  int status = $lt_dlunknown;
+
+  if (self)
+    {
+      if (dlsym (self,"fnord"))       status = $lt_dlno_uscore;
+      else
+        {
+	  if (dlsym( self,"_fnord"))  status = $lt_dlneed_uscore;
+          else puts (dlerror ());
+	}
+      /* dlclose (self); */
+    }
+  else
+    puts (dlerror ());
+
+  return status;
+}
+_LT_EOF
+  if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_link\""; } >&5
+  (eval $ac_link) 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; } && test -s conftest${ac_exeext} 2>/dev/null; then
+    (./conftest; exit; ) >&5 2>/dev/null
+    lt_status=$?
+    case x$lt_status in
+      x$lt_dlno_uscore) lt_cv_dlopen_self_static=yes ;;
+      x$lt_dlneed_uscore) lt_cv_dlopen_self_static=yes ;;
+      x$lt_dlunknown|x*) lt_cv_dlopen_self_static=no ;;
+    esac
+  else :
+    # compilation failed
+    lt_cv_dlopen_self_static=no
+  fi
+fi
+rm -fr conftest*
+
+
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_dlopen_self_static" >&5
+$as_echo "$lt_cv_dlopen_self_static" >&6; }
+    fi
+
+    CPPFLAGS="$save_CPPFLAGS"
+    LDFLAGS="$save_LDFLAGS"
+    LIBS="$save_LIBS"
+    ;;
+  esac
+
+  case $lt_cv_dlopen_self in
+  yes|no) enable_dlopen_self=$lt_cv_dlopen_self ;;
+  *) enable_dlopen_self=unknown ;;
+  esac
+
+  case $lt_cv_dlopen_self_static in
+  yes|no) enable_dlopen_self_static=$lt_cv_dlopen_self_static ;;
+  *) enable_dlopen_self_static=unknown ;;
+  esac
+fi
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+striplib=
+old_striplib=
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether stripping libraries is possible" >&5
+$as_echo_n "checking whether stripping libraries is possible... " >&6; }
+if test -n "$STRIP" && $STRIP -V 2>&1 | $GREP "GNU strip" >/dev/null; then
+  test -z "$old_striplib" && old_striplib="$STRIP --strip-debug"
+  test -z "$striplib" && striplib="$STRIP --strip-unneeded"
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+$as_echo "yes" >&6; }
+else
+# FIXME - insert some real tests, host_os isn't really good enough
+  case $host_os in
+  darwin*)
+    if test -n "$STRIP" ; then
+      striplib="$STRIP -x"
+      old_striplib="$STRIP -S"
+      { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+$as_echo "yes" >&6; }
+    else
+      { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+    fi
+    ;;
+  *)
+    { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+    ;;
+  esac
+fi
+
+
+
+
+
+
+
+
+
+
+
+
+  # Report which library types will actually be built
+  { $as_echo "$as_me:${as_lineno-$LINENO}: checking if libtool supports shared libraries" >&5
+$as_echo_n "checking if libtool supports shared libraries... " >&6; }
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $can_build_shared" >&5
+$as_echo "$can_build_shared" >&6; }
+
+  { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether to build shared libraries" >&5
+$as_echo_n "checking whether to build shared libraries... " >&6; }
+  test "$can_build_shared" = "no" && enable_shared=no
+
+  # On AIX, shared libraries and static libraries use the same namespace, and
+  # are all built from PIC.
+  case $host_os in
+  aix3*)
+    test "$enable_shared" = yes && enable_static=no
+    if test -n "$RANLIB"; then
+      archive_cmds="$archive_cmds~\$RANLIB \$lib"
+      postinstall_cmds='$RANLIB $lib'
+    fi
+    ;;
+
+  aix[4-9]*)
+    if test "$host_cpu" != ia64 && test "$aix_use_runtimelinking" = no ; then
+      test "$enable_shared" = yes && enable_static=no
+    fi
+    ;;
+  esac
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $enable_shared" >&5
+$as_echo "$enable_shared" >&6; }
+
+  { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether to build static libraries" >&5
+$as_echo_n "checking whether to build static libraries... " >&6; }
+  # Make sure either enable_shared or enable_static is yes.
+  test "$enable_shared" = yes || enable_static=yes
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $enable_static" >&5
+$as_echo "$enable_static" >&6; }
+
+
+
+
+fi
+ac_ext=c
+ac_cpp='$CPP $CPPFLAGS'
+ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
+ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
+ac_compiler_gnu=$ac_cv_c_compiler_gnu
+
+CC="$lt_save_CC"
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+        ac_config_commands="$ac_config_commands libtool"
+
+
+
+
+# Only expand once:
+
+
+ac_ext=cpp
+ac_cpp='$CXXCPP $CPPFLAGS'
+ac_compile='$CXX -c $CXXFLAGS $CPPFLAGS conftest.$ac_ext >&5'
+ac_link='$CXX -o conftest$ac_exeext $CXXFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
+ac_compiler_gnu=$ac_cv_cxx_compiler_gnu
+if test -z "$CXX"; then
+  if test -n "$CCC"; then
+    CXX=$CCC
+  else
+    if test -n "$ac_tool_prefix"; then
+  for ac_prog in g++ c++ gpp aCC CC cxx cc++ cl.exe FCC KCC RCC xlC_r xlC
+  do
+    # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args.
+set dummy $ac_tool_prefix$ac_prog; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_CXX+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if test -n "$CXX"; then
+  ac_cv_prog_CXX="$CXX" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    for ac_exec_ext in '' $ac_executable_extensions; do
+  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
+    ac_cv_prog_CXX="$ac_tool_prefix$ac_prog"
+    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
+    break 2
+  fi
+done
+  done
+IFS=$as_save_IFS
+
+fi
+fi
+CXX=$ac_cv_prog_CXX
+if test -n "$CXX"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CXX" >&5
+$as_echo "$CXX" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+    test -n "$CXX" && break
+  done
+fi
+if test -z "$CXX"; then
+  ac_ct_CXX=$CXX
+  for ac_prog in g++ c++ gpp aCC CC cxx cc++ cl.exe FCC KCC RCC xlC_r xlC
+do
+  # Extract the first word of "$ac_prog", so it can be a program name with args.
+set dummy $ac_prog; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_ac_ct_CXX+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if test -n "$ac_ct_CXX"; then
+  ac_cv_prog_ac_ct_CXX="$ac_ct_CXX" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    for ac_exec_ext in '' $ac_executable_extensions; do
+  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
+    ac_cv_prog_ac_ct_CXX="$ac_prog"
+    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
+    break 2
+  fi
+done
+  done
+IFS=$as_save_IFS
+
+fi
+fi
+ac_ct_CXX=$ac_cv_prog_ac_ct_CXX
+if test -n "$ac_ct_CXX"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_CXX" >&5
+$as_echo "$ac_ct_CXX" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+  test -n "$ac_ct_CXX" && break
+done
+
+  if test "x$ac_ct_CXX" = x; then
+    CXX="g++"
+  else
+    case $cross_compiling:$ac_tool_warned in
+yes:)
+{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5
+$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;}
+ac_tool_warned=yes ;;
+esac
+    CXX=$ac_ct_CXX
+  fi
+fi
+
+  fi
+fi
+# Provide some information about the compiler.
+$as_echo "$as_me:${as_lineno-$LINENO}: checking for C++ compiler version" >&5
+set X $ac_compile
+ac_compiler=$2
+for ac_option in --version -v -V -qversion; do
+  { { ac_try="$ac_compiler $ac_option >&5"
+case "(($ac_try" in
+  *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+  *) ac_try_echo=$ac_try;;
+esac
+eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\""
+$as_echo "$ac_try_echo"; } >&5
+  (eval "$ac_compiler $ac_option >&5") 2>conftest.err
+  ac_status=$?
+  if test -s conftest.err; then
+    sed '10a\
+... rest of stderr output deleted ...
+         10q' conftest.err >conftest.er1
+    cat conftest.er1 >&5
+  fi
+  rm -f conftest.er1 conftest.err
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+done
+
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether we are using the GNU C++ compiler" >&5
+$as_echo_n "checking whether we are using the GNU C++ compiler... " >&6; }
+if ${ac_cv_cxx_compiler_gnu+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+#ifndef __GNUC__
+       choke me
+#endif
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_cxx_try_compile "$LINENO"; then :
+  ac_compiler_gnu=yes
+else
+  ac_compiler_gnu=no
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+ac_cv_cxx_compiler_gnu=$ac_compiler_gnu
+
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_cxx_compiler_gnu" >&5
+$as_echo "$ac_cv_cxx_compiler_gnu" >&6; }
+if test $ac_compiler_gnu = yes; then
+  GXX=yes
+else
+  GXX=
+fi
+ac_test_CXXFLAGS=${CXXFLAGS+set}
+ac_save_CXXFLAGS=$CXXFLAGS
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $CXX accepts -g" >&5
+$as_echo_n "checking whether $CXX accepts -g... " >&6; }
+if ${ac_cv_prog_cxx_g+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  ac_save_cxx_werror_flag=$ac_cxx_werror_flag
+   ac_cxx_werror_flag=yes
+   ac_cv_prog_cxx_g=no
+   CXXFLAGS="-g"
+   cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_cxx_try_compile "$LINENO"; then :
+  ac_cv_prog_cxx_g=yes
+else
+  CXXFLAGS=""
+      cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_cxx_try_compile "$LINENO"; then :
+
+else
+  ac_cxx_werror_flag=$ac_save_cxx_werror_flag
+	 CXXFLAGS="-g"
+	 cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_cxx_try_compile "$LINENO"; then :
+  ac_cv_prog_cxx_g=yes
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+   ac_cxx_werror_flag=$ac_save_cxx_werror_flag
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cxx_g" >&5
+$as_echo "$ac_cv_prog_cxx_g" >&6; }
+if test "$ac_test_CXXFLAGS" = set; then
+  CXXFLAGS=$ac_save_CXXFLAGS
+elif test $ac_cv_prog_cxx_g = yes; then
+  if test "$GXX" = yes; then
+    CXXFLAGS="-g -O2"
+  else
+    CXXFLAGS="-g"
+  fi
+else
+  if test "$GXX" = yes; then
+    CXXFLAGS="-O2"
+  else
+    CXXFLAGS=
+  fi
+fi
+ac_ext=c
+ac_cpp='$CPP $CPPFLAGS'
+ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
+ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
+ac_compiler_gnu=$ac_cv_c_compiler_gnu
+
+depcc="$CXX"  am_compiler_list=
+
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking dependency style of $depcc" >&5
+$as_echo_n "checking dependency style of $depcc... " >&6; }
+if ${am_cv_CXX_dependencies_compiler_type+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if test -z "$AMDEP_TRUE" && test -f "$am_depcomp"; then
+  # We make a subdir and do the tests there.  Otherwise we can end up
+  # making bogus files that we don't know about and never remove.  For
+  # instance it was reported that on HP-UX the gcc test will end up
+  # making a dummy file named 'D' -- because '-MD' means "put the output
+  # in D".
+  rm -rf conftest.dir
+  mkdir conftest.dir
+  # Copy depcomp to subdir because otherwise we won't find it if we're
+  # using a relative directory.
+  cp "$am_depcomp" conftest.dir
+  cd conftest.dir
+  # We will build objects and dependencies in a subdirectory because
+  # it helps to detect inapplicable dependency modes.  For instance
+  # both Tru64's cc and ICC support -MD to output dependencies as a
+  # side effect of compilation, but ICC will put the dependencies in
+  # the current directory while Tru64 will put them in the object
+  # directory.
+  mkdir sub
+
+  am_cv_CXX_dependencies_compiler_type=none
+  if test "$am_compiler_list" = ""; then
+     am_compiler_list=`sed -n 's/^#*\([a-zA-Z0-9]*\))$/\1/p' < ./depcomp`
+  fi
+  am__universal=false
+  case " $depcc " in #(
+     *\ -arch\ *\ -arch\ *) am__universal=true ;;
+     esac
+
+  for depmode in $am_compiler_list; do
+    # Setup a source with many dependencies, because some compilers
+    # like to wrap large dependency lists on column 80 (with \), and
+    # we should not choose a depcomp mode which is confused by this.
+    #
+    # We need to recreate these files for each test, as the compiler may
+    # overwrite some of them when testing with obscure command lines.
+    # This happens at least with the AIX C compiler.
+    : > sub/conftest.c
+    for i in 1 2 3 4 5 6; do
+      echo '#include "conftst'$i'.h"' >> sub/conftest.c
+      # Using ": > sub/conftst$i.h" creates only sub/conftst1.h with
+      # Solaris 10 /bin/sh.
+      echo '/* dummy */' > sub/conftst$i.h
+    done
+    echo "${am__include} ${am__quote}sub/conftest.Po${am__quote}" > confmf
+
+    # We check with '-c' and '-o' for the sake of the "dashmstdout"
+    # mode.  It turns out that the SunPro C++ compiler does not properly
+    # handle '-M -o', and we need to detect this.  Also, some Intel
+    # versions had trouble with output in subdirs.
+    am__obj=sub/conftest.${OBJEXT-o}
+    am__minus_obj="-o $am__obj"
+    case $depmode in
+    gcc)
+      # This depmode causes a compiler race in universal mode.
+      test "$am__universal" = false || continue
+      ;;
+    nosideeffect)
+      # After this tag, mechanisms are not by side-effect, so they'll
+      # only be used when explicitly requested.
+      if test "x$enable_dependency_tracking" = xyes; then
+	continue
+      else
+	break
+      fi
+      ;;
+    msvc7 | msvc7msys | msvisualcpp | msvcmsys)
+      # This compiler won't grok '-c -o', but also, the minuso test has
+      # not run yet.  These depmodes are late enough in the game, and
+      # so weak that their functioning should not be impacted.
+      am__obj=conftest.${OBJEXT-o}
+      am__minus_obj=
+      ;;
+    none) break ;;
+    esac
+    if depmode=$depmode \
+       source=sub/conftest.c object=$am__obj \
+       depfile=sub/conftest.Po tmpdepfile=sub/conftest.TPo \
+       $SHELL ./depcomp $depcc -c $am__minus_obj sub/conftest.c \
+         >/dev/null 2>conftest.err &&
+       grep sub/conftst1.h sub/conftest.Po > /dev/null 2>&1 &&
+       grep sub/conftst6.h sub/conftest.Po > /dev/null 2>&1 &&
+       grep $am__obj sub/conftest.Po > /dev/null 2>&1 &&
+       ${MAKE-make} -s -f confmf > /dev/null 2>&1; then
+      # icc doesn't choke on unknown options, it will just issue warnings
+      # or remarks (even with -Werror).  So we grep stderr for any message
+      # that says an option was ignored or not supported.
+      # When given -MP, icc 7.0 and 7.1 complain thusly:
+      #   icc: Command line warning: ignoring option '-M'; no argument required
+      # The diagnosis changed in icc 8.0:
+      #   icc: Command line remark: option '-MP' not supported
+      if (grep 'ignoring option' conftest.err ||
+          grep 'not supported' conftest.err) >/dev/null 2>&1; then :; else
+        am_cv_CXX_dependencies_compiler_type=$depmode
+        break
+      fi
+    fi
+  done
+
+  cd ..
+  rm -rf conftest.dir
+else
+  am_cv_CXX_dependencies_compiler_type=none
+fi
+
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $am_cv_CXX_dependencies_compiler_type" >&5
+$as_echo "$am_cv_CXX_dependencies_compiler_type" >&6; }
+CXXDEPMODE=depmode=$am_cv_CXX_dependencies_compiler_type
+
+ if
+  test "x$enable_dependency_tracking" != xno \
+  && test "$am_cv_CXX_dependencies_compiler_type" = gcc3; then
+  am__fastdepCXX_TRUE=
+  am__fastdepCXX_FALSE='#'
+else
+  am__fastdepCXX_TRUE='#'
+  am__fastdepCXX_FALSE=
+fi
+
+
+
+
+
+func_stripname_cnf ()
+{
+  case ${2} in
+  .*) func_stripname_result=`$ECHO "${3}" | $SED "s%^${1}%%; s%\\\\${2}\$%%"`;;
+  *)  func_stripname_result=`$ECHO "${3}" | $SED "s%^${1}%%; s%${2}\$%%"`;;
+  esac
+} # func_stripname_cnf
+
+      if test -n "$CXX" && ( test "X$CXX" != "Xno" &&
+    ( (test "X$CXX" = "Xg++" && `g++ -v >/dev/null 2>&1` ) ||
+    (test "X$CXX" != "Xg++"))) ; then
+  ac_ext=cpp
+ac_cpp='$CXXCPP $CPPFLAGS'
+ac_compile='$CXX -c $CXXFLAGS $CPPFLAGS conftest.$ac_ext >&5'
+ac_link='$CXX -o conftest$ac_exeext $CXXFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
+ac_compiler_gnu=$ac_cv_cxx_compiler_gnu
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking how to run the C++ preprocessor" >&5
+$as_echo_n "checking how to run the C++ preprocessor... " >&6; }
+if test -z "$CXXCPP"; then
+  if ${ac_cv_prog_CXXCPP+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+      # Double quotes because CXXCPP needs to be expanded
+    for CXXCPP in "$CXX -E" "/lib/cpp"
+    do
+      ac_preproc_ok=false
+for ac_cxx_preproc_warn_flag in '' yes
+do
+  # Use a header file that comes with gcc, so configuring glibc
+  # with a fresh cross-compiler works.
+  # Prefer  to  if __STDC__ is defined, since
+  #  exists even on freestanding compilers.
+  # On the NeXT, cc -E runs the code through the compiler's parser,
+  # not just through cpp. "Syntax error" is here to catch this case.
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+#ifdef __STDC__
+# include 
+#else
+# include 
+#endif
+		     Syntax error
+_ACEOF
+if ac_fn_cxx_try_cpp "$LINENO"; then :
+
+else
+  # Broken: fails on valid input.
+continue
+fi
+rm -f conftest.err conftest.i conftest.$ac_ext
+
+  # OK, works on sane cases.  Now check whether nonexistent headers
+  # can be detected and how.
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+#include 
+_ACEOF
+if ac_fn_cxx_try_cpp "$LINENO"; then :
+  # Broken: success on invalid input.
+continue
+else
+  # Passes both tests.
+ac_preproc_ok=:
+break
+fi
+rm -f conftest.err conftest.i conftest.$ac_ext
+
+done
+# Because of `break', _AC_PREPROC_IFELSE's cleaning code was skipped.
+rm -f conftest.i conftest.err conftest.$ac_ext
+if $ac_preproc_ok; then :
+  break
+fi
+
+    done
+    ac_cv_prog_CXXCPP=$CXXCPP
+
+fi
+  CXXCPP=$ac_cv_prog_CXXCPP
+else
+  ac_cv_prog_CXXCPP=$CXXCPP
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $CXXCPP" >&5
+$as_echo "$CXXCPP" >&6; }
+ac_preproc_ok=false
+for ac_cxx_preproc_warn_flag in '' yes
+do
+  # Use a header file that comes with gcc, so configuring glibc
+  # with a fresh cross-compiler works.
+  # Prefer  to  if __STDC__ is defined, since
+  #  exists even on freestanding compilers.
+  # On the NeXT, cc -E runs the code through the compiler's parser,
+  # not just through cpp. "Syntax error" is here to catch this case.
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+#ifdef __STDC__
+# include 
+#else
+# include 
+#endif
+		     Syntax error
+_ACEOF
+if ac_fn_cxx_try_cpp "$LINENO"; then :
+
+else
+  # Broken: fails on valid input.
+continue
+fi
+rm -f conftest.err conftest.i conftest.$ac_ext
+
+  # OK, works on sane cases.  Now check whether nonexistent headers
+  # can be detected and how.
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+#include 
+_ACEOF
+if ac_fn_cxx_try_cpp "$LINENO"; then :
+  # Broken: success on invalid input.
+continue
+else
+  # Passes both tests.
+ac_preproc_ok=:
+break
+fi
+rm -f conftest.err conftest.i conftest.$ac_ext
+
+done
+# Because of `break', _AC_PREPROC_IFELSE's cleaning code was skipped.
+rm -f conftest.i conftest.err conftest.$ac_ext
+if $ac_preproc_ok; then :
+
+else
+  { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
+$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
+as_fn_error $? "C++ preprocessor \"$CXXCPP\" fails sanity check
+See \`config.log' for more details" "$LINENO" 5; }
+fi
+
+ac_ext=c
+ac_cpp='$CPP $CPPFLAGS'
+ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
+ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
+ac_compiler_gnu=$ac_cv_c_compiler_gnu
+
+else
+  _lt_caught_CXX_error=yes
+fi
+
+ac_ext=cpp
+ac_cpp='$CXXCPP $CPPFLAGS'
+ac_compile='$CXX -c $CXXFLAGS $CPPFLAGS conftest.$ac_ext >&5'
+ac_link='$CXX -o conftest$ac_exeext $CXXFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
+ac_compiler_gnu=$ac_cv_cxx_compiler_gnu
+
+archive_cmds_need_lc_CXX=no
+allow_undefined_flag_CXX=
+always_export_symbols_CXX=no
+archive_expsym_cmds_CXX=
+compiler_needs_object_CXX=no
+export_dynamic_flag_spec_CXX=
+hardcode_direct_CXX=no
+hardcode_direct_absolute_CXX=no
+hardcode_libdir_flag_spec_CXX=
+hardcode_libdir_separator_CXX=
+hardcode_minus_L_CXX=no
+hardcode_shlibpath_var_CXX=unsupported
+hardcode_automatic_CXX=no
+inherit_rpath_CXX=no
+module_cmds_CXX=
+module_expsym_cmds_CXX=
+link_all_deplibs_CXX=unknown
+old_archive_cmds_CXX=$old_archive_cmds
+reload_flag_CXX=$reload_flag
+reload_cmds_CXX=$reload_cmds
+no_undefined_flag_CXX=
+whole_archive_flag_spec_CXX=
+enable_shared_with_static_runtimes_CXX=no
+
+# Source file extension for C++ test sources.
+ac_ext=cpp
+
+# Object file extension for compiled C++ test sources.
+objext=o
+objext_CXX=$objext
+
+# No sense in running all these tests if we already determined that
+# the CXX compiler isn't working.  Some variables (like enable_shared)
+# are currently assumed to apply to all compilers on this platform,
+# and will be corrupted by setting them based on a non-working compiler.
+if test "$_lt_caught_CXX_error" != yes; then
+  # Code to be used in simple compile tests
+  lt_simple_compile_test_code="int some_variable = 0;"
+
+  # Code to be used in simple link tests
+  lt_simple_link_test_code='int main(int, char *[]) { return(0); }'
+
+  # ltmain only uses $CC for tagged configurations so make sure $CC is set.
+
+
+
+
+
+
+# If no C compiler was specified, use CC.
+LTCC=${LTCC-"$CC"}
+
+# If no C compiler flags were specified, use CFLAGS.
+LTCFLAGS=${LTCFLAGS-"$CFLAGS"}
+
+# Allow CC to be a program name with arguments.
+compiler=$CC
+
+
+  # save warnings/boilerplate of simple test code
+  ac_outfile=conftest.$ac_objext
+echo "$lt_simple_compile_test_code" >conftest.$ac_ext
+eval "$ac_compile" 2>&1 >/dev/null | $SED '/^$/d; /^ *+/d' >conftest.err
+_lt_compiler_boilerplate=`cat conftest.err`
+$RM conftest*
+
+  ac_outfile=conftest.$ac_objext
+echo "$lt_simple_link_test_code" >conftest.$ac_ext
+eval "$ac_link" 2>&1 >/dev/null | $SED '/^$/d; /^ *+/d' >conftest.err
+_lt_linker_boilerplate=`cat conftest.err`
+$RM -r conftest*
+
+
+  # Allow CC to be a program name with arguments.
+  lt_save_CC=$CC
+  lt_save_CFLAGS=$CFLAGS
+  lt_save_LD=$LD
+  lt_save_GCC=$GCC
+  GCC=$GXX
+  lt_save_with_gnu_ld=$with_gnu_ld
+  lt_save_path_LD=$lt_cv_path_LD
+  if test -n "${lt_cv_prog_gnu_ldcxx+set}"; then
+    lt_cv_prog_gnu_ld=$lt_cv_prog_gnu_ldcxx
+  else
+    $as_unset lt_cv_prog_gnu_ld
+  fi
+  if test -n "${lt_cv_path_LDCXX+set}"; then
+    lt_cv_path_LD=$lt_cv_path_LDCXX
+  else
+    $as_unset lt_cv_path_LD
+  fi
+  test -z "${LDCXX+set}" || LD=$LDCXX
+  CC=${CXX-"c++"}
+  CFLAGS=$CXXFLAGS
+  compiler=$CC
+  compiler_CXX=$CC
+  for cc_temp in $compiler""; do
+  case $cc_temp in
+    compile | *[\\/]compile | ccache | *[\\/]ccache ) ;;
+    distcc | *[\\/]distcc | purify | *[\\/]purify ) ;;
+    \-*) ;;
+    *) break;;
+  esac
+done
+cc_basename=`$ECHO "$cc_temp" | $SED "s%.*/%%; s%^$host_alias-%%"`
+
+
+  if test -n "$compiler"; then
+    # We don't want -fno-exception when compiling C++ code, so set the
+    # no_builtin_flag separately
+    if test "$GXX" = yes; then
+      lt_prog_compiler_no_builtin_flag_CXX=' -fno-builtin'
+    else
+      lt_prog_compiler_no_builtin_flag_CXX=
+    fi
+
+    if test "$GXX" = yes; then
+      # Set up default GNU C++ configuration
+
+
+
+# Check whether --with-gnu-ld was given.
+if test "${with_gnu_ld+set}" = set; then :
+  withval=$with_gnu_ld; test "$withval" = no || with_gnu_ld=yes
+else
+  with_gnu_ld=no
+fi
+
+ac_prog=ld
+if test "$GCC" = yes; then
+  # Check if gcc -print-prog-name=ld gives a path.
+  { $as_echo "$as_me:${as_lineno-$LINENO}: checking for ld used by $CC" >&5
+$as_echo_n "checking for ld used by $CC... " >&6; }
+  case $host in
+  *-*-mingw*)
+    # gcc leaves a trailing carriage return which upsets mingw
+    ac_prog=`($CC -print-prog-name=ld) 2>&5 | tr -d '\015'` ;;
+  *)
+    ac_prog=`($CC -print-prog-name=ld) 2>&5` ;;
+  esac
+  case $ac_prog in
+    # Accept absolute paths.
+    [\\/]* | ?:[\\/]*)
+      re_direlt='/[^/][^/]*/\.\./'
+      # Canonicalize the pathname of ld
+      ac_prog=`$ECHO "$ac_prog"| $SED 's%\\\\%/%g'`
+      while $ECHO "$ac_prog" | $GREP "$re_direlt" > /dev/null 2>&1; do
+	ac_prog=`$ECHO $ac_prog| $SED "s%$re_direlt%/%"`
+      done
+      test -z "$LD" && LD="$ac_prog"
+      ;;
+  "")
+    # If it fails, then pretend we aren't using GCC.
+    ac_prog=ld
+    ;;
+  *)
+    # If it is relative, then search for the first ld in PATH.
+    with_gnu_ld=unknown
+    ;;
+  esac
+elif test "$with_gnu_ld" = yes; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: checking for GNU ld" >&5
+$as_echo_n "checking for GNU ld... " >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: checking for non-GNU ld" >&5
+$as_echo_n "checking for non-GNU ld... " >&6; }
+fi
+if ${lt_cv_path_LD+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if test -z "$LD"; then
+  lt_save_ifs="$IFS"; IFS=$PATH_SEPARATOR
+  for ac_dir in $PATH; do
+    IFS="$lt_save_ifs"
+    test -z "$ac_dir" && ac_dir=.
+    if test -f "$ac_dir/$ac_prog" || test -f "$ac_dir/$ac_prog$ac_exeext"; then
+      lt_cv_path_LD="$ac_dir/$ac_prog"
+      # Check to see if the program is GNU ld.  I'd rather use --version,
+      # but apparently some variants of GNU ld only accept -v.
+      # Break only if it was the GNU/non-GNU ld that we prefer.
+      case `"$lt_cv_path_LD" -v 2>&1 &5
+$as_echo "$LD" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+test -z "$LD" && as_fn_error $? "no acceptable ld found in \$PATH" "$LINENO" 5
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if the linker ($LD) is GNU ld" >&5
+$as_echo_n "checking if the linker ($LD) is GNU ld... " >&6; }
+if ${lt_cv_prog_gnu_ld+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  # I'd rather use --version here, but apparently some GNU lds only accept -v.
+case `$LD -v 2>&1 &5
+$as_echo "$lt_cv_prog_gnu_ld" >&6; }
+with_gnu_ld=$lt_cv_prog_gnu_ld
+
+
+
+
+
+
+
+      # Check if GNU C++ uses GNU ld as the underlying linker, since the
+      # archiving commands below assume that GNU ld is being used.
+      if test "$with_gnu_ld" = yes; then
+        archive_cmds_CXX='$CC $pic_flag -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname -o $lib'
+        archive_expsym_cmds_CXX='$CC $pic_flag -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib'
+
+        hardcode_libdir_flag_spec_CXX='${wl}-rpath ${wl}$libdir'
+        export_dynamic_flag_spec_CXX='${wl}--export-dynamic'
+
+        # If archive_cmds runs LD, not CC, wlarc should be empty
+        # XXX I think wlarc can be eliminated in ltcf-cxx, but I need to
+        #     investigate it a little bit more. (MM)
+        wlarc='${wl}'
+
+        # ancient GNU ld didn't support --whole-archive et. al.
+        if eval "`$CC -print-prog-name=ld` --help 2>&1" |
+	  $GREP 'no-whole-archive' > /dev/null; then
+          whole_archive_flag_spec_CXX="$wlarc"'--whole-archive$convenience '"$wlarc"'--no-whole-archive'
+        else
+          whole_archive_flag_spec_CXX=
+        fi
+      else
+        with_gnu_ld=no
+        wlarc=
+
+        # A generic and very simple default shared library creation
+        # command for GNU C++ for the case where it uses the native
+        # linker, instead of GNU ld.  If possible, this setting should
+        # overridden to take advantage of the native linker features on
+        # the platform it is being used on.
+        archive_cmds_CXX='$CC -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -o $lib'
+      fi
+
+      # Commands to make compiler produce verbose output that lists
+      # what "hidden" libraries, object files and flags are used when
+      # linking a shared library.
+      output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP -v "^Configured with:" | $GREP "\-L"'
+
+    else
+      GXX=no
+      with_gnu_ld=no
+      wlarc=
+    fi
+
+    # PORTME: fill in a description of your system's C++ link characteristics
+    { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the $compiler linker ($LD) supports shared libraries" >&5
+$as_echo_n "checking whether the $compiler linker ($LD) supports shared libraries... " >&6; }
+    ld_shlibs_CXX=yes
+    case $host_os in
+      aix3*)
+        # FIXME: insert proper C++ library support
+        ld_shlibs_CXX=no
+        ;;
+      aix[4-9]*)
+        if test "$host_cpu" = ia64; then
+          # On IA64, the linker does run time linking by default, so we don't
+          # have to do anything special.
+          aix_use_runtimelinking=no
+          exp_sym_flag='-Bexport'
+          no_entry_flag=""
+        else
+          aix_use_runtimelinking=no
+
+          # Test if we are trying to use run time linking or normal
+          # AIX style linking. If -brtl is somewhere in LDFLAGS, we
+          # need to do runtime linking.
+          case $host_os in aix4.[23]|aix4.[23].*|aix[5-9]*)
+	    for ld_flag in $LDFLAGS; do
+	      case $ld_flag in
+	      *-brtl*)
+	        aix_use_runtimelinking=yes
+	        break
+	        ;;
+	      esac
+	    done
+	    ;;
+          esac
+
+          exp_sym_flag='-bexport'
+          no_entry_flag='-bnoentry'
+        fi
+
+        # When large executables or shared objects are built, AIX ld can
+        # have problems creating the table of contents.  If linking a library
+        # or program results in "error TOC overflow" add -mminimal-toc to
+        # CXXFLAGS/CFLAGS for g++/gcc.  In the cases where that is not
+        # enough to fix the problem, add -Wl,-bbigtoc to LDFLAGS.
+
+        archive_cmds_CXX=''
+        hardcode_direct_CXX=yes
+        hardcode_direct_absolute_CXX=yes
+        hardcode_libdir_separator_CXX=':'
+        link_all_deplibs_CXX=yes
+        file_list_spec_CXX='${wl}-f,'
+
+        if test "$GXX" = yes; then
+          case $host_os in aix4.[012]|aix4.[012].*)
+          # We only want to do this on AIX 4.2 and lower, the check
+          # below for broken collect2 doesn't work under 4.3+
+	  collect2name=`${CC} -print-prog-name=collect2`
+	  if test -f "$collect2name" &&
+	     strings "$collect2name" | $GREP resolve_lib_name >/dev/null
+	  then
+	    # We have reworked collect2
+	    :
+	  else
+	    # We have old collect2
+	    hardcode_direct_CXX=unsupported
+	    # It fails to find uninstalled libraries when the uninstalled
+	    # path is not listed in the libpath.  Setting hardcode_minus_L
+	    # to unsupported forces relinking
+	    hardcode_minus_L_CXX=yes
+	    hardcode_libdir_flag_spec_CXX='-L$libdir'
+	    hardcode_libdir_separator_CXX=
+	  fi
+          esac
+          shared_flag='-shared'
+	  if test "$aix_use_runtimelinking" = yes; then
+	    shared_flag="$shared_flag "'${wl}-G'
+	  fi
+        else
+          # not using gcc
+          if test "$host_cpu" = ia64; then
+	  # VisualAge C++, Version 5.5 for AIX 5L for IA-64, Beta 3 Release
+	  # chokes on -Wl,-G. The following line is correct:
+	  shared_flag='-G'
+          else
+	    if test "$aix_use_runtimelinking" = yes; then
+	      shared_flag='${wl}-G'
+	    else
+	      shared_flag='${wl}-bM:SRE'
+	    fi
+          fi
+        fi
+
+        export_dynamic_flag_spec_CXX='${wl}-bexpall'
+        # It seems that -bexpall does not export symbols beginning with
+        # underscore (_), so it is better to generate a list of symbols to
+	# export.
+        always_export_symbols_CXX=yes
+        if test "$aix_use_runtimelinking" = yes; then
+          # Warning - without using the other runtime loading flags (-brtl),
+          # -berok will link without error, but may produce a broken library.
+          allow_undefined_flag_CXX='-berok'
+          # Determine the default libpath from the value encoded in an empty
+          # executable.
+          if test "${lt_cv_aix_libpath+set}" = set; then
+  aix_libpath=$lt_cv_aix_libpath
+else
+  if ${lt_cv_aix_libpath__CXX+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_cxx_try_link "$LINENO"; then :
+
+  lt_aix_libpath_sed='
+      /Import File Strings/,/^$/ {
+	  /^0/ {
+	      s/^0  *\([^ ]*\) *$/\1/
+	      p
+	  }
+      }'
+  lt_cv_aix_libpath__CXX=`dump -H conftest$ac_exeext 2>/dev/null | $SED -n -e "$lt_aix_libpath_sed"`
+  # Check for a 64-bit object if we didn't find anything.
+  if test -z "$lt_cv_aix_libpath__CXX"; then
+    lt_cv_aix_libpath__CXX=`dump -HX64 conftest$ac_exeext 2>/dev/null | $SED -n -e "$lt_aix_libpath_sed"`
+  fi
+fi
+rm -f core conftest.err conftest.$ac_objext \
+    conftest$ac_exeext conftest.$ac_ext
+  if test -z "$lt_cv_aix_libpath__CXX"; then
+    lt_cv_aix_libpath__CXX="/usr/lib:/lib"
+  fi
+
+fi
+
+  aix_libpath=$lt_cv_aix_libpath__CXX
+fi
+
+          hardcode_libdir_flag_spec_CXX='${wl}-blibpath:$libdir:'"$aix_libpath"
+
+          archive_expsym_cmds_CXX='$CC -o $output_objdir/$soname $libobjs $deplibs '"\${wl}$no_entry_flag"' $compiler_flags `if test "x${allow_undefined_flag}" != "x"; then func_echo_all "${wl}${allow_undefined_flag}"; else :; fi` '"\${wl}$exp_sym_flag:\$export_symbols $shared_flag"
+        else
+          if test "$host_cpu" = ia64; then
+	    hardcode_libdir_flag_spec_CXX='${wl}-R $libdir:/usr/lib:/lib'
+	    allow_undefined_flag_CXX="-z nodefs"
+	    archive_expsym_cmds_CXX="\$CC $shared_flag"' -o $output_objdir/$soname $libobjs $deplibs '"\${wl}$no_entry_flag"' $compiler_flags ${wl}${allow_undefined_flag} '"\${wl}$exp_sym_flag:\$export_symbols"
+          else
+	    # Determine the default libpath from the value encoded in an
+	    # empty executable.
+	    if test "${lt_cv_aix_libpath+set}" = set; then
+  aix_libpath=$lt_cv_aix_libpath
+else
+  if ${lt_cv_aix_libpath__CXX+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_cxx_try_link "$LINENO"; then :
+
+  lt_aix_libpath_sed='
+      /Import File Strings/,/^$/ {
+	  /^0/ {
+	      s/^0  *\([^ ]*\) *$/\1/
+	      p
+	  }
+      }'
+  lt_cv_aix_libpath__CXX=`dump -H conftest$ac_exeext 2>/dev/null | $SED -n -e "$lt_aix_libpath_sed"`
+  # Check for a 64-bit object if we didn't find anything.
+  if test -z "$lt_cv_aix_libpath__CXX"; then
+    lt_cv_aix_libpath__CXX=`dump -HX64 conftest$ac_exeext 2>/dev/null | $SED -n -e "$lt_aix_libpath_sed"`
+  fi
+fi
+rm -f core conftest.err conftest.$ac_objext \
+    conftest$ac_exeext conftest.$ac_ext
+  if test -z "$lt_cv_aix_libpath__CXX"; then
+    lt_cv_aix_libpath__CXX="/usr/lib:/lib"
+  fi
+
+fi
+
+  aix_libpath=$lt_cv_aix_libpath__CXX
+fi
+
+	    hardcode_libdir_flag_spec_CXX='${wl}-blibpath:$libdir:'"$aix_libpath"
+	    # Warning - without using the other run time loading flags,
+	    # -berok will link without error, but may produce a broken library.
+	    no_undefined_flag_CXX=' ${wl}-bernotok'
+	    allow_undefined_flag_CXX=' ${wl}-berok'
+	    if test "$with_gnu_ld" = yes; then
+	      # We only use this code for GNU lds that support --whole-archive.
+	      whole_archive_flag_spec_CXX='${wl}--whole-archive$convenience ${wl}--no-whole-archive'
+	    else
+	      # Exported symbols can be pulled into shared objects from archives
+	      whole_archive_flag_spec_CXX='$convenience'
+	    fi
+	    archive_cmds_need_lc_CXX=yes
+	    # This is similar to how AIX traditionally builds its shared
+	    # libraries.
+	    archive_expsym_cmds_CXX="\$CC $shared_flag"' -o $output_objdir/$soname $libobjs $deplibs ${wl}-bnoentry $compiler_flags ${wl}-bE:$export_symbols${allow_undefined_flag}~$AR $AR_FLAGS $output_objdir/$libname$release.a $output_objdir/$soname'
+          fi
+        fi
+        ;;
+
+      beos*)
+	if $LD --help 2>&1 | $GREP ': supported targets:.* elf' > /dev/null; then
+	  allow_undefined_flag_CXX=unsupported
+	  # Joseph Beckenbach  says some releases of gcc
+	  # support --undefined.  This deserves some investigation.  FIXME
+	  archive_cmds_CXX='$CC -nostart $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
+	else
+	  ld_shlibs_CXX=no
+	fi
+	;;
+
+      chorus*)
+        case $cc_basename in
+          *)
+	  # FIXME: insert proper C++ library support
+	  ld_shlibs_CXX=no
+	  ;;
+        esac
+        ;;
+
+      cygwin* | mingw* | pw32* | cegcc*)
+	case $GXX,$cc_basename in
+	,cl* | no,cl*)
+	  # Native MSVC
+	  # hardcode_libdir_flag_spec is actually meaningless, as there is
+	  # no search path for DLLs.
+	  hardcode_libdir_flag_spec_CXX=' '
+	  allow_undefined_flag_CXX=unsupported
+	  always_export_symbols_CXX=yes
+	  file_list_spec_CXX='@'
+	  # Tell ltmain to make .lib files, not .a files.
+	  libext=lib
+	  # Tell ltmain to make .dll files, not .so files.
+	  shrext_cmds=".dll"
+	  # FIXME: Setting linknames here is a bad hack.
+	  archive_cmds_CXX='$CC -o $output_objdir/$soname $libobjs $compiler_flags $deplibs -Wl,-dll~linknames='
+	  archive_expsym_cmds_CXX='if test "x`$SED 1q $export_symbols`" = xEXPORTS; then
+	      $SED -n -e 's/\\\\\\\(.*\\\\\\\)/-link\\\ -EXPORT:\\\\\\\1/' -e '1\\\!p' < $export_symbols > $output_objdir/$soname.exp;
+	    else
+	      $SED -e 's/\\\\\\\(.*\\\\\\\)/-link\\\ -EXPORT:\\\\\\\1/' < $export_symbols > $output_objdir/$soname.exp;
+	    fi~
+	    $CC -o $tool_output_objdir$soname $libobjs $compiler_flags $deplibs "@$tool_output_objdir$soname.exp" -Wl,-DLL,-IMPLIB:"$tool_output_objdir$libname.dll.lib"~
+	    linknames='
+	  # The linker will not automatically build a static lib if we build a DLL.
+	  # _LT_TAGVAR(old_archive_from_new_cmds, CXX)='true'
+	  enable_shared_with_static_runtimes_CXX=yes
+	  # Don't use ranlib
+	  old_postinstall_cmds_CXX='chmod 644 $oldlib'
+	  postlink_cmds_CXX='lt_outputfile="@OUTPUT@"~
+	    lt_tool_outputfile="@TOOL_OUTPUT@"~
+	    case $lt_outputfile in
+	      *.exe|*.EXE) ;;
+	      *)
+		lt_outputfile="$lt_outputfile.exe"
+		lt_tool_outputfile="$lt_tool_outputfile.exe"
+		;;
+	    esac~
+	    func_to_tool_file "$lt_outputfile"~
+	    if test "$MANIFEST_TOOL" != ":" && test -f "$lt_outputfile.manifest"; then
+	      $MANIFEST_TOOL -manifest "$lt_tool_outputfile.manifest" -outputresource:"$lt_tool_outputfile" || exit 1;
+	      $RM "$lt_outputfile.manifest";
+	    fi'
+	  ;;
+	*)
+	  # g++
+	  # _LT_TAGVAR(hardcode_libdir_flag_spec, CXX) is actually meaningless,
+	  # as there is no search path for DLLs.
+	  hardcode_libdir_flag_spec_CXX='-L$libdir'
+	  export_dynamic_flag_spec_CXX='${wl}--export-all-symbols'
+	  allow_undefined_flag_CXX=unsupported
+	  always_export_symbols_CXX=no
+	  enable_shared_with_static_runtimes_CXX=yes
+
+	  if $LD --help 2>&1 | $GREP 'auto-import' > /dev/null; then
+	    archive_cmds_CXX='$CC -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -o $output_objdir/$soname ${wl}--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib'
+	    # If the export-symbols file already is a .def file (1st line
+	    # is EXPORTS), use it as is; otherwise, prepend...
+	    archive_expsym_cmds_CXX='if test "x`$SED 1q $export_symbols`" = xEXPORTS; then
+	      cp $export_symbols $output_objdir/$soname.def;
+	    else
+	      echo EXPORTS > $output_objdir/$soname.def;
+	      cat $export_symbols >> $output_objdir/$soname.def;
+	    fi~
+	    $CC -shared -nostdlib $output_objdir/$soname.def $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -o $output_objdir/$soname ${wl}--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib'
+	  else
+	    ld_shlibs_CXX=no
+	  fi
+	  ;;
+	esac
+	;;
+      darwin* | rhapsody*)
+
+
+  archive_cmds_need_lc_CXX=no
+  hardcode_direct_CXX=no
+  hardcode_automatic_CXX=yes
+  hardcode_shlibpath_var_CXX=unsupported
+  if test "$lt_cv_ld_force_load" = "yes"; then
+    whole_archive_flag_spec_CXX='`for conv in $convenience\"\"; do test  -n \"$conv\" && new_convenience=\"$new_convenience ${wl}-force_load,$conv\"; done; func_echo_all \"$new_convenience\"`'
+
+  else
+    whole_archive_flag_spec_CXX=''
+  fi
+  link_all_deplibs_CXX=yes
+  allow_undefined_flag_CXX="$_lt_dar_allow_undefined"
+  case $cc_basename in
+     ifort*) _lt_dar_can_shared=yes ;;
+     *) _lt_dar_can_shared=$GCC ;;
+  esac
+  if test "$_lt_dar_can_shared" = "yes"; then
+    output_verbose_link_cmd=func_echo_all
+    archive_cmds_CXX="\$CC -dynamiclib \$allow_undefined_flag -o \$lib \$libobjs \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring $_lt_dar_single_mod${_lt_dsymutil}"
+    module_cmds_CXX="\$CC \$allow_undefined_flag -o \$lib -bundle \$libobjs \$deplibs \$compiler_flags${_lt_dsymutil}"
+    archive_expsym_cmds_CXX="sed 's,^,_,' < \$export_symbols > \$output_objdir/\${libname}-symbols.expsym~\$CC -dynamiclib \$allow_undefined_flag -o \$lib \$libobjs \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring ${_lt_dar_single_mod}${_lt_dar_export_syms}${_lt_dsymutil}"
+    module_expsym_cmds_CXX="sed -e 's,^,_,' < \$export_symbols > \$output_objdir/\${libname}-symbols.expsym~\$CC \$allow_undefined_flag -o \$lib -bundle \$libobjs \$deplibs \$compiler_flags${_lt_dar_export_syms}${_lt_dsymutil}"
+       if test "$lt_cv_apple_cc_single_mod" != "yes"; then
+      archive_cmds_CXX="\$CC -r -keep_private_externs -nostdlib -o \${lib}-master.o \$libobjs~\$CC -dynamiclib \$allow_undefined_flag -o \$lib \${lib}-master.o \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring${_lt_dsymutil}"
+      archive_expsym_cmds_CXX="sed 's,^,_,' < \$export_symbols > \$output_objdir/\${libname}-symbols.expsym~\$CC -r -keep_private_externs -nostdlib -o \${lib}-master.o \$libobjs~\$CC -dynamiclib \$allow_undefined_flag -o \$lib \${lib}-master.o \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring${_lt_dar_export_syms}${_lt_dsymutil}"
+    fi
+
+  else
+  ld_shlibs_CXX=no
+  fi
+
+	;;
+
+      dgux*)
+        case $cc_basename in
+          ec++*)
+	    # FIXME: insert proper C++ library support
+	    ld_shlibs_CXX=no
+	    ;;
+          ghcx*)
+	    # Green Hills C++ Compiler
+	    # FIXME: insert proper C++ library support
+	    ld_shlibs_CXX=no
+	    ;;
+          *)
+	    # FIXME: insert proper C++ library support
+	    ld_shlibs_CXX=no
+	    ;;
+        esac
+        ;;
+
+      freebsd2.*)
+        # C++ shared libraries reported to be fairly broken before
+	# switch to ELF
+        ld_shlibs_CXX=no
+        ;;
+
+      freebsd-elf*)
+        archive_cmds_need_lc_CXX=no
+        ;;
+
+      freebsd* | dragonfly*)
+        # FreeBSD 3 and later use GNU C++ and GNU ld with standard ELF
+        # conventions
+        ld_shlibs_CXX=yes
+        ;;
+
+      gnu*)
+        ;;
+
+      haiku*)
+        archive_cmds_CXX='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
+        link_all_deplibs_CXX=yes
+        ;;
+
+      hpux9*)
+        hardcode_libdir_flag_spec_CXX='${wl}+b ${wl}$libdir'
+        hardcode_libdir_separator_CXX=:
+        export_dynamic_flag_spec_CXX='${wl}-E'
+        hardcode_direct_CXX=yes
+        hardcode_minus_L_CXX=yes # Not in the search PATH,
+				             # but as the default
+				             # location of the library.
+
+        case $cc_basename in
+          CC*)
+            # FIXME: insert proper C++ library support
+            ld_shlibs_CXX=no
+            ;;
+          aCC*)
+            archive_cmds_CXX='$RM $output_objdir/$soname~$CC -b ${wl}+b ${wl}$install_libdir -o $output_objdir/$soname $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags~test $output_objdir/$soname = $lib || mv $output_objdir/$soname $lib'
+            # Commands to make compiler produce verbose output that lists
+            # what "hidden" libraries, object files and flags are used when
+            # linking a shared library.
+            #
+            # There doesn't appear to be a way to prevent this compiler from
+            # explicitly linking system object files so we need to strip them
+            # from the output so that they don't get included in the library
+            # dependencies.
+            output_verbose_link_cmd='templist=`($CC -b $CFLAGS -v conftest.$objext 2>&1) | $EGREP "\-L"`; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; func_echo_all "$list"'
+            ;;
+          *)
+            if test "$GXX" = yes; then
+              archive_cmds_CXX='$RM $output_objdir/$soname~$CC -shared -nostdlib $pic_flag ${wl}+b ${wl}$install_libdir -o $output_objdir/$soname $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags~test $output_objdir/$soname = $lib || mv $output_objdir/$soname $lib'
+            else
+              # FIXME: insert proper C++ library support
+              ld_shlibs_CXX=no
+            fi
+            ;;
+        esac
+        ;;
+
+      hpux10*|hpux11*)
+        if test $with_gnu_ld = no; then
+	  hardcode_libdir_flag_spec_CXX='${wl}+b ${wl}$libdir'
+	  hardcode_libdir_separator_CXX=:
+
+          case $host_cpu in
+            hppa*64*|ia64*)
+              ;;
+            *)
+	      export_dynamic_flag_spec_CXX='${wl}-E'
+              ;;
+          esac
+        fi
+        case $host_cpu in
+          hppa*64*|ia64*)
+            hardcode_direct_CXX=no
+            hardcode_shlibpath_var_CXX=no
+            ;;
+          *)
+            hardcode_direct_CXX=yes
+            hardcode_direct_absolute_CXX=yes
+            hardcode_minus_L_CXX=yes # Not in the search PATH,
+					         # but as the default
+					         # location of the library.
+            ;;
+        esac
+
+        case $cc_basename in
+          CC*)
+	    # FIXME: insert proper C++ library support
+	    ld_shlibs_CXX=no
+	    ;;
+          aCC*)
+	    case $host_cpu in
+	      hppa*64*)
+	        archive_cmds_CXX='$CC -b ${wl}+h ${wl}$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags'
+	        ;;
+	      ia64*)
+	        archive_cmds_CXX='$CC -b ${wl}+h ${wl}$soname ${wl}+nodefaultrpath -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags'
+	        ;;
+	      *)
+	        archive_cmds_CXX='$CC -b ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags'
+	        ;;
+	    esac
+	    # Commands to make compiler produce verbose output that lists
+	    # what "hidden" libraries, object files and flags are used when
+	    # linking a shared library.
+	    #
+	    # There doesn't appear to be a way to prevent this compiler from
+	    # explicitly linking system object files so we need to strip them
+	    # from the output so that they don't get included in the library
+	    # dependencies.
+	    output_verbose_link_cmd='templist=`($CC -b $CFLAGS -v conftest.$objext 2>&1) | $GREP "\-L"`; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; func_echo_all "$list"'
+	    ;;
+          *)
+	    if test "$GXX" = yes; then
+	      if test $with_gnu_ld = no; then
+	        case $host_cpu in
+	          hppa*64*)
+	            archive_cmds_CXX='$CC -shared -nostdlib -fPIC ${wl}+h ${wl}$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags'
+	            ;;
+	          ia64*)
+	            archive_cmds_CXX='$CC -shared -nostdlib $pic_flag ${wl}+h ${wl}$soname ${wl}+nodefaultrpath -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags'
+	            ;;
+	          *)
+	            archive_cmds_CXX='$CC -shared -nostdlib $pic_flag ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags'
+	            ;;
+	        esac
+	      fi
+	    else
+	      # FIXME: insert proper C++ library support
+	      ld_shlibs_CXX=no
+	    fi
+	    ;;
+        esac
+        ;;
+
+      interix[3-9]*)
+	hardcode_direct_CXX=no
+	hardcode_shlibpath_var_CXX=no
+	hardcode_libdir_flag_spec_CXX='${wl}-rpath,$libdir'
+	export_dynamic_flag_spec_CXX='${wl}-E'
+	# Hack: On Interix 3.x, we cannot compile PIC because of a broken gcc.
+	# Instead, shared libraries are loaded at an image base (0x10000000 by
+	# default) and relocated if they conflict, which is a slow very memory
+	# consuming and fragmenting process.  To avoid this, we pick a random,
+	# 256 KiB-aligned image base between 0x50000000 and 0x6FFC0000 at link
+	# time.  Moving up from 0x10000000 also allows more sbrk(2) space.
+	archive_cmds_CXX='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-h,$soname ${wl}--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib'
+	archive_expsym_cmds_CXX='sed "s,^,_," $export_symbols >$output_objdir/$soname.expsym~$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-h,$soname ${wl}--retain-symbols-file,$output_objdir/$soname.expsym ${wl}--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib'
+	;;
+      irix5* | irix6*)
+        case $cc_basename in
+          CC*)
+	    # SGI C++
+	    archive_cmds_CXX='$CC -shared -all -multigot $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -soname $soname `test -n "$verstring" && func_echo_all "-set_version $verstring"` -update_registry ${output_objdir}/so_locations -o $lib'
+
+	    # Archives containing C++ object files must be created using
+	    # "CC -ar", where "CC" is the IRIX C++ compiler.  This is
+	    # necessary to make sure instantiated templates are included
+	    # in the archive.
+	    old_archive_cmds_CXX='$CC -ar -WR,-u -o $oldlib $oldobjs'
+	    ;;
+          *)
+	    if test "$GXX" = yes; then
+	      if test "$with_gnu_ld" = no; then
+	        archive_cmds_CXX='$CC -shared $pic_flag -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib'
+	      else
+	        archive_cmds_CXX='$CC -shared $pic_flag -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` -o $lib'
+	      fi
+	    fi
+	    link_all_deplibs_CXX=yes
+	    ;;
+        esac
+        hardcode_libdir_flag_spec_CXX='${wl}-rpath ${wl}$libdir'
+        hardcode_libdir_separator_CXX=:
+        inherit_rpath_CXX=yes
+        ;;
+
+      linux* | k*bsd*-gnu | kopensolaris*-gnu)
+        case $cc_basename in
+          KCC*)
+	    # Kuck and Associates, Inc. (KAI) C++ Compiler
+
+	    # KCC will only create a shared library if the output file
+	    # ends with ".so" (or ".sl" for HP-UX), so rename the library
+	    # to its proper name (with version) after linking.
+	    archive_cmds_CXX='tempext=`echo $shared_ext | $SED -e '\''s/\([^()0-9A-Za-z{}]\)/\\\\\1/g'\''`; templib=`echo $lib | $SED -e "s/\${tempext}\..*/.so/"`; $CC $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags --soname $soname -o \$templib; mv \$templib $lib'
+	    archive_expsym_cmds_CXX='tempext=`echo $shared_ext | $SED -e '\''s/\([^()0-9A-Za-z{}]\)/\\\\\1/g'\''`; templib=`echo $lib | $SED -e "s/\${tempext}\..*/.so/"`; $CC $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags --soname $soname -o \$templib ${wl}-retain-symbols-file,$export_symbols; mv \$templib $lib'
+	    # Commands to make compiler produce verbose output that lists
+	    # what "hidden" libraries, object files and flags are used when
+	    # linking a shared library.
+	    #
+	    # There doesn't appear to be a way to prevent this compiler from
+	    # explicitly linking system object files so we need to strip them
+	    # from the output so that they don't get included in the library
+	    # dependencies.
+	    output_verbose_link_cmd='templist=`$CC $CFLAGS -v conftest.$objext -o libconftest$shared_ext 2>&1 | $GREP "ld"`; rm -f libconftest$shared_ext; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; func_echo_all "$list"'
+
+	    hardcode_libdir_flag_spec_CXX='${wl}-rpath,$libdir'
+	    export_dynamic_flag_spec_CXX='${wl}--export-dynamic'
+
+	    # Archives containing C++ object files must be created using
+	    # "CC -Bstatic", where "CC" is the KAI C++ compiler.
+	    old_archive_cmds_CXX='$CC -Bstatic -o $oldlib $oldobjs'
+	    ;;
+	  icpc* | ecpc* )
+	    # Intel C++
+	    with_gnu_ld=yes
+	    # version 8.0 and above of icpc choke on multiply defined symbols
+	    # if we add $predep_objects and $postdep_objects, however 7.1 and
+	    # earlier do not add the objects themselves.
+	    case `$CC -V 2>&1` in
+	      *"Version 7."*)
+	        archive_cmds_CXX='$CC -shared $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname -o $lib'
+		archive_expsym_cmds_CXX='$CC -shared $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib'
+		;;
+	      *)  # Version 8.0 or newer
+	        tmp_idyn=
+	        case $host_cpu in
+		  ia64*) tmp_idyn=' -i_dynamic';;
+		esac
+	        archive_cmds_CXX='$CC -shared'"$tmp_idyn"' $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
+		archive_expsym_cmds_CXX='$CC -shared'"$tmp_idyn"' $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib'
+		;;
+	    esac
+	    archive_cmds_need_lc_CXX=no
+	    hardcode_libdir_flag_spec_CXX='${wl}-rpath,$libdir'
+	    export_dynamic_flag_spec_CXX='${wl}--export-dynamic'
+	    whole_archive_flag_spec_CXX='${wl}--whole-archive$convenience ${wl}--no-whole-archive'
+	    ;;
+          pgCC* | pgcpp*)
+            # Portland Group C++ compiler
+	    case `$CC -V` in
+	    *pgCC\ [1-5].* | *pgcpp\ [1-5].*)
+	      prelink_cmds_CXX='tpldir=Template.dir~
+		rm -rf $tpldir~
+		$CC --prelink_objects --instantiation_dir $tpldir $objs $libobjs $compile_deplibs~
+		compile_command="$compile_command `find $tpldir -name \*.o | sort | $NL2SP`"'
+	      old_archive_cmds_CXX='tpldir=Template.dir~
+		rm -rf $tpldir~
+		$CC --prelink_objects --instantiation_dir $tpldir $oldobjs$old_deplibs~
+		$AR $AR_FLAGS $oldlib$oldobjs$old_deplibs `find $tpldir -name \*.o | sort | $NL2SP`~
+		$RANLIB $oldlib'
+	      archive_cmds_CXX='tpldir=Template.dir~
+		rm -rf $tpldir~
+		$CC --prelink_objects --instantiation_dir $tpldir $predep_objects $libobjs $deplibs $convenience $postdep_objects~
+		$CC -shared $pic_flag $predep_objects $libobjs $deplibs `find $tpldir -name \*.o | sort | $NL2SP` $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname -o $lib'
+	      archive_expsym_cmds_CXX='tpldir=Template.dir~
+		rm -rf $tpldir~
+		$CC --prelink_objects --instantiation_dir $tpldir $predep_objects $libobjs $deplibs $convenience $postdep_objects~
+		$CC -shared $pic_flag $predep_objects $libobjs $deplibs `find $tpldir -name \*.o | sort | $NL2SP` $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname ${wl}-retain-symbols-file ${wl}$export_symbols -o $lib'
+	      ;;
+	    *) # Version 6 and above use weak symbols
+	      archive_cmds_CXX='$CC -shared $pic_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname -o $lib'
+	      archive_expsym_cmds_CXX='$CC -shared $pic_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname ${wl}-retain-symbols-file ${wl}$export_symbols -o $lib'
+	      ;;
+	    esac
+
+	    hardcode_libdir_flag_spec_CXX='${wl}--rpath ${wl}$libdir'
+	    export_dynamic_flag_spec_CXX='${wl}--export-dynamic'
+	    whole_archive_flag_spec_CXX='${wl}--whole-archive`for conv in $convenience\"\"; do test  -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; func_echo_all \"$new_convenience\"` ${wl}--no-whole-archive'
+            ;;
+	  cxx*)
+	    # Compaq C++
+	    archive_cmds_CXX='$CC -shared $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname -o $lib'
+	    archive_expsym_cmds_CXX='$CC -shared $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname  -o $lib ${wl}-retain-symbols-file $wl$export_symbols'
+
+	    runpath_var=LD_RUN_PATH
+	    hardcode_libdir_flag_spec_CXX='-rpath $libdir'
+	    hardcode_libdir_separator_CXX=:
+
+	    # Commands to make compiler produce verbose output that lists
+	    # what "hidden" libraries, object files and flags are used when
+	    # linking a shared library.
+	    #
+	    # There doesn't appear to be a way to prevent this compiler from
+	    # explicitly linking system object files so we need to strip them
+	    # from the output so that they don't get included in the library
+	    # dependencies.
+	    output_verbose_link_cmd='templist=`$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP "ld"`; templist=`func_echo_all "$templist" | $SED "s/\(^.*ld.*\)\( .*ld .*$\)/\1/"`; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; func_echo_all "X$list" | $Xsed'
+	    ;;
+	  xl* | mpixl* | bgxl*)
+	    # IBM XL 8.0 on PPC, with GNU ld
+	    hardcode_libdir_flag_spec_CXX='${wl}-rpath ${wl}$libdir'
+	    export_dynamic_flag_spec_CXX='${wl}--export-dynamic'
+	    archive_cmds_CXX='$CC -qmkshrobj $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
+	    if test "x$supports_anon_versioning" = xyes; then
+	      archive_expsym_cmds_CXX='echo "{ global:" > $output_objdir/$libname.ver~
+		cat $export_symbols | sed -e "s/\(.*\)/\1;/" >> $output_objdir/$libname.ver~
+		echo "local: *; };" >> $output_objdir/$libname.ver~
+		$CC -qmkshrobj $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-version-script ${wl}$output_objdir/$libname.ver -o $lib'
+	    fi
+	    ;;
+	  *)
+	    case `$CC -V 2>&1 | sed 5q` in
+	    *Sun\ C*)
+	      # Sun C++ 5.9
+	      no_undefined_flag_CXX=' -zdefs'
+	      archive_cmds_CXX='$CC -G${allow_undefined_flag} -h$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags'
+	      archive_expsym_cmds_CXX='$CC -G${allow_undefined_flag} -h$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-retain-symbols-file ${wl}$export_symbols'
+	      hardcode_libdir_flag_spec_CXX='-R$libdir'
+	      whole_archive_flag_spec_CXX='${wl}--whole-archive`new_convenience=; for conv in $convenience\"\"; do test -z \"$conv\" || new_convenience=\"$new_convenience,$conv\"; done; func_echo_all \"$new_convenience\"` ${wl}--no-whole-archive'
+	      compiler_needs_object_CXX=yes
+
+	      # Not sure whether something based on
+	      # $CC $CFLAGS -v conftest.$objext -o libconftest$shared_ext 2>&1
+	      # would be better.
+	      output_verbose_link_cmd='func_echo_all'
+
+	      # Archives containing C++ object files must be created using
+	      # "CC -xar", where "CC" is the Sun C++ compiler.  This is
+	      # necessary to make sure instantiated templates are included
+	      # in the archive.
+	      old_archive_cmds_CXX='$CC -xar -o $oldlib $oldobjs'
+	      ;;
+	    esac
+	    ;;
+	esac
+	;;
+
+      lynxos*)
+        # FIXME: insert proper C++ library support
+	ld_shlibs_CXX=no
+	;;
+
+      m88k*)
+        # FIXME: insert proper C++ library support
+        ld_shlibs_CXX=no
+	;;
+
+      mvs*)
+        case $cc_basename in
+          cxx*)
+	    # FIXME: insert proper C++ library support
+	    ld_shlibs_CXX=no
+	    ;;
+	  *)
+	    # FIXME: insert proper C++ library support
+	    ld_shlibs_CXX=no
+	    ;;
+	esac
+	;;
+
+      netbsd*)
+        if echo __ELF__ | $CC -E - | $GREP __ELF__ >/dev/null; then
+	  archive_cmds_CXX='$LD -Bshareable  -o $lib $predep_objects $libobjs $deplibs $postdep_objects $linker_flags'
+	  wlarc=
+	  hardcode_libdir_flag_spec_CXX='-R$libdir'
+	  hardcode_direct_CXX=yes
+	  hardcode_shlibpath_var_CXX=no
+	fi
+	# Workaround some broken pre-1.5 toolchains
+	output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP conftest.$objext | $SED -e "s:-lgcc -lc -lgcc::"'
+	;;
+
+      *nto* | *qnx*)
+        ld_shlibs_CXX=yes
+	;;
+
+      openbsd2*)
+        # C++ shared libraries are fairly broken
+	ld_shlibs_CXX=no
+	;;
+
+      openbsd*)
+	if test -f /usr/libexec/ld.so; then
+	  hardcode_direct_CXX=yes
+	  hardcode_shlibpath_var_CXX=no
+	  hardcode_direct_absolute_CXX=yes
+	  archive_cmds_CXX='$CC -shared $pic_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -o $lib'
+	  hardcode_libdir_flag_spec_CXX='${wl}-rpath,$libdir'
+	  if test -z "`echo __ELF__ | $CC -E - | grep __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then
+	    archive_expsym_cmds_CXX='$CC -shared $pic_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-retain-symbols-file,$export_symbols -o $lib'
+	    export_dynamic_flag_spec_CXX='${wl}-E'
+	    whole_archive_flag_spec_CXX="$wlarc"'--whole-archive$convenience '"$wlarc"'--no-whole-archive'
+	  fi
+	  output_verbose_link_cmd=func_echo_all
+	else
+	  ld_shlibs_CXX=no
+	fi
+	;;
+
+      osf3* | osf4* | osf5*)
+        case $cc_basename in
+          KCC*)
+	    # Kuck and Associates, Inc. (KAI) C++ Compiler
+
+	    # KCC will only create a shared library if the output file
+	    # ends with ".so" (or ".sl" for HP-UX), so rename the library
+	    # to its proper name (with version) after linking.
+	    archive_cmds_CXX='tempext=`echo $shared_ext | $SED -e '\''s/\([^()0-9A-Za-z{}]\)/\\\\\1/g'\''`; templib=`echo "$lib" | $SED -e "s/\${tempext}\..*/.so/"`; $CC $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags --soname $soname -o \$templib; mv \$templib $lib'
+
+	    hardcode_libdir_flag_spec_CXX='${wl}-rpath,$libdir'
+	    hardcode_libdir_separator_CXX=:
+
+	    # Archives containing C++ object files must be created using
+	    # the KAI C++ compiler.
+	    case $host in
+	      osf3*) old_archive_cmds_CXX='$CC -Bstatic -o $oldlib $oldobjs' ;;
+	      *) old_archive_cmds_CXX='$CC -o $oldlib $oldobjs' ;;
+	    esac
+	    ;;
+          RCC*)
+	    # Rational C++ 2.4.1
+	    # FIXME: insert proper C++ library support
+	    ld_shlibs_CXX=no
+	    ;;
+          cxx*)
+	    case $host in
+	      osf3*)
+	        allow_undefined_flag_CXX=' ${wl}-expect_unresolved ${wl}\*'
+	        archive_cmds_CXX='$CC -shared${allow_undefined_flag} $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $soname `test -n "$verstring" && func_echo_all "${wl}-set_version $verstring"` -update_registry ${output_objdir}/so_locations -o $lib'
+	        hardcode_libdir_flag_spec_CXX='${wl}-rpath ${wl}$libdir'
+		;;
+	      *)
+	        allow_undefined_flag_CXX=' -expect_unresolved \*'
+	        archive_cmds_CXX='$CC -shared${allow_undefined_flag} $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -msym -soname $soname `test -n "$verstring" && func_echo_all "-set_version $verstring"` -update_registry ${output_objdir}/so_locations -o $lib'
+	        archive_expsym_cmds_CXX='for i in `cat $export_symbols`; do printf "%s %s\\n" -exported_symbol "\$i" >> $lib.exp; done~
+	          echo "-hidden">> $lib.exp~
+	          $CC -shared$allow_undefined_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -msym -soname $soname ${wl}-input ${wl}$lib.exp  `test -n "$verstring" && $ECHO "-set_version $verstring"` -update_registry ${output_objdir}/so_locations -o $lib~
+	          $RM $lib.exp'
+	        hardcode_libdir_flag_spec_CXX='-rpath $libdir'
+		;;
+	    esac
+
+	    hardcode_libdir_separator_CXX=:
+
+	    # Commands to make compiler produce verbose output that lists
+	    # what "hidden" libraries, object files and flags are used when
+	    # linking a shared library.
+	    #
+	    # There doesn't appear to be a way to prevent this compiler from
+	    # explicitly linking system object files so we need to strip them
+	    # from the output so that they don't get included in the library
+	    # dependencies.
+	    output_verbose_link_cmd='templist=`$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP "ld" | $GREP -v "ld:"`; templist=`func_echo_all "$templist" | $SED "s/\(^.*ld.*\)\( .*ld.*$\)/\1/"`; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; func_echo_all "$list"'
+	    ;;
+	  *)
+	    if test "$GXX" = yes && test "$with_gnu_ld" = no; then
+	      allow_undefined_flag_CXX=' ${wl}-expect_unresolved ${wl}\*'
+	      case $host in
+	        osf3*)
+	          archive_cmds_CXX='$CC -shared -nostdlib ${allow_undefined_flag} $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib'
+		  ;;
+	        *)
+	          archive_cmds_CXX='$CC -shared $pic_flag -nostdlib ${allow_undefined_flag} $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-msym ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib'
+		  ;;
+	      esac
+
+	      hardcode_libdir_flag_spec_CXX='${wl}-rpath ${wl}$libdir'
+	      hardcode_libdir_separator_CXX=:
+
+	      # Commands to make compiler produce verbose output that lists
+	      # what "hidden" libraries, object files and flags are used when
+	      # linking a shared library.
+	      output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP -v "^Configured with:" | $GREP "\-L"'
+
+	    else
+	      # FIXME: insert proper C++ library support
+	      ld_shlibs_CXX=no
+	    fi
+	    ;;
+        esac
+        ;;
+
+      psos*)
+        # FIXME: insert proper C++ library support
+        ld_shlibs_CXX=no
+        ;;
+
+      sunos4*)
+        case $cc_basename in
+          CC*)
+	    # Sun C++ 4.x
+	    # FIXME: insert proper C++ library support
+	    ld_shlibs_CXX=no
+	    ;;
+          lcc*)
+	    # Lucid
+	    # FIXME: insert proper C++ library support
+	    ld_shlibs_CXX=no
+	    ;;
+          *)
+	    # FIXME: insert proper C++ library support
+	    ld_shlibs_CXX=no
+	    ;;
+        esac
+        ;;
+
+      solaris*)
+        case $cc_basename in
+          CC* | sunCC*)
+	    # Sun C++ 4.2, 5.x and Centerline C++
+            archive_cmds_need_lc_CXX=yes
+	    no_undefined_flag_CXX=' -zdefs'
+	    archive_cmds_CXX='$CC -G${allow_undefined_flag}  -h$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags'
+	    archive_expsym_cmds_CXX='echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~echo "local: *; };" >> $lib.exp~
+	      $CC -G${allow_undefined_flag} ${wl}-M ${wl}$lib.exp -h$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags~$RM $lib.exp'
+
+	    hardcode_libdir_flag_spec_CXX='-R$libdir'
+	    hardcode_shlibpath_var_CXX=no
+	    case $host_os in
+	      solaris2.[0-5] | solaris2.[0-5].*) ;;
+	      *)
+		# The compiler driver will combine and reorder linker options,
+		# but understands `-z linker_flag'.
+	        # Supported since Solaris 2.6 (maybe 2.5.1?)
+		whole_archive_flag_spec_CXX='-z allextract$convenience -z defaultextract'
+	        ;;
+	    esac
+	    link_all_deplibs_CXX=yes
+
+	    output_verbose_link_cmd='func_echo_all'
+
+	    # Archives containing C++ object files must be created using
+	    # "CC -xar", where "CC" is the Sun C++ compiler.  This is
+	    # necessary to make sure instantiated templates are included
+	    # in the archive.
+	    old_archive_cmds_CXX='$CC -xar -o $oldlib $oldobjs'
+	    ;;
+          gcx*)
+	    # Green Hills C++ Compiler
+	    archive_cmds_CXX='$CC -shared $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-h $wl$soname -o $lib'
+
+	    # The C++ compiler must be used to create the archive.
+	    old_archive_cmds_CXX='$CC $LDFLAGS -archive -o $oldlib $oldobjs'
+	    ;;
+          *)
+	    # GNU C++ compiler with Solaris linker
+	    if test "$GXX" = yes && test "$with_gnu_ld" = no; then
+	      no_undefined_flag_CXX=' ${wl}-z ${wl}defs'
+	      if $CC --version | $GREP -v '^2\.7' > /dev/null; then
+	        archive_cmds_CXX='$CC -shared $pic_flag -nostdlib $LDFLAGS $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-h $wl$soname -o $lib'
+	        archive_expsym_cmds_CXX='echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~echo "local: *; };" >> $lib.exp~
+		  $CC -shared $pic_flag -nostdlib ${wl}-M $wl$lib.exp -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags~$RM $lib.exp'
+
+	        # Commands to make compiler produce verbose output that lists
+	        # what "hidden" libraries, object files and flags are used when
+	        # linking a shared library.
+	        output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP -v "^Configured with:" | $GREP "\-L"'
+	      else
+	        # g++ 2.7 appears to require `-G' NOT `-shared' on this
+	        # platform.
+	        archive_cmds_CXX='$CC -G -nostdlib $LDFLAGS $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-h $wl$soname -o $lib'
+	        archive_expsym_cmds_CXX='echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~echo "local: *; };" >> $lib.exp~
+		  $CC -G -nostdlib ${wl}-M $wl$lib.exp -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags~$RM $lib.exp'
+
+	        # Commands to make compiler produce verbose output that lists
+	        # what "hidden" libraries, object files and flags are used when
+	        # linking a shared library.
+	        output_verbose_link_cmd='$CC -G $CFLAGS -v conftest.$objext 2>&1 | $GREP -v "^Configured with:" | $GREP "\-L"'
+	      fi
+
+	      hardcode_libdir_flag_spec_CXX='${wl}-R $wl$libdir'
+	      case $host_os in
+		solaris2.[0-5] | solaris2.[0-5].*) ;;
+		*)
+		  whole_archive_flag_spec_CXX='${wl}-z ${wl}allextract$convenience ${wl}-z ${wl}defaultextract'
+		  ;;
+	      esac
+	    fi
+	    ;;
+        esac
+        ;;
+
+    sysv4*uw2* | sysv5OpenUNIX* | sysv5UnixWare7.[01].[10]* | unixware7* | sco3.2v5.0.[024]*)
+      no_undefined_flag_CXX='${wl}-z,text'
+      archive_cmds_need_lc_CXX=no
+      hardcode_shlibpath_var_CXX=no
+      runpath_var='LD_RUN_PATH'
+
+      case $cc_basename in
+        CC*)
+	  archive_cmds_CXX='$CC -G ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+	  archive_expsym_cmds_CXX='$CC -G ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+	  ;;
+	*)
+	  archive_cmds_CXX='$CC -shared ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+	  archive_expsym_cmds_CXX='$CC -shared ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+	  ;;
+      esac
+      ;;
+
+      sysv5* | sco3.2v5* | sco5v6*)
+	# Note: We can NOT use -z defs as we might desire, because we do not
+	# link with -lc, and that would cause any symbols used from libc to
+	# always be unresolved, which means just about no library would
+	# ever link correctly.  If we're not using GNU ld we use -z text
+	# though, which does catch some bad symbols but isn't as heavy-handed
+	# as -z defs.
+	no_undefined_flag_CXX='${wl}-z,text'
+	allow_undefined_flag_CXX='${wl}-z,nodefs'
+	archive_cmds_need_lc_CXX=no
+	hardcode_shlibpath_var_CXX=no
+	hardcode_libdir_flag_spec_CXX='${wl}-R,$libdir'
+	hardcode_libdir_separator_CXX=':'
+	link_all_deplibs_CXX=yes
+	export_dynamic_flag_spec_CXX='${wl}-Bexport'
+	runpath_var='LD_RUN_PATH'
+
+	case $cc_basename in
+          CC*)
+	    archive_cmds_CXX='$CC -G ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+	    archive_expsym_cmds_CXX='$CC -G ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+	    old_archive_cmds_CXX='$CC -Tprelink_objects $oldobjs~
+	      '"$old_archive_cmds_CXX"
+	    reload_cmds_CXX='$CC -Tprelink_objects $reload_objs~
+	      '"$reload_cmds_CXX"
+	    ;;
+	  *)
+	    archive_cmds_CXX='$CC -shared ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+	    archive_expsym_cmds_CXX='$CC -shared ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+	    ;;
+	esac
+      ;;
+
+      tandem*)
+        case $cc_basename in
+          NCC*)
+	    # NonStop-UX NCC 3.20
+	    # FIXME: insert proper C++ library support
+	    ld_shlibs_CXX=no
+	    ;;
+          *)
+	    # FIXME: insert proper C++ library support
+	    ld_shlibs_CXX=no
+	    ;;
+        esac
+        ;;
+
+      vxworks*)
+        # FIXME: insert proper C++ library support
+        ld_shlibs_CXX=no
+        ;;
+
+      *)
+        # FIXME: insert proper C++ library support
+        ld_shlibs_CXX=no
+        ;;
+    esac
+
+    { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ld_shlibs_CXX" >&5
+$as_echo "$ld_shlibs_CXX" >&6; }
+    test "$ld_shlibs_CXX" = no && can_build_shared=no
+
+    GCC_CXX="$GXX"
+    LD_CXX="$LD"
+
+    ## CAVEAT EMPTOR:
+    ## There is no encapsulation within the following macros, do not change
+    ## the running order or otherwise move them around unless you know exactly
+    ## what you are doing...
+    # Dependencies to place before and after the object being linked:
+predep_objects_CXX=
+postdep_objects_CXX=
+predeps_CXX=
+postdeps_CXX=
+compiler_lib_search_path_CXX=
+
+cat > conftest.$ac_ext <<_LT_EOF
+class Foo
+{
+public:
+  Foo (void) { a = 0; }
+private:
+  int a;
+};
+_LT_EOF
+
+
+_lt_libdeps_save_CFLAGS=$CFLAGS
+case "$CC $CFLAGS " in #(
+*\ -flto*\ *) CFLAGS="$CFLAGS -fno-lto" ;;
+*\ -fwhopr*\ *) CFLAGS="$CFLAGS -fno-whopr" ;;
+*\ -fuse-linker-plugin*\ *) CFLAGS="$CFLAGS -fno-use-linker-plugin" ;;
+esac
+
+if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_compile\""; } >&5
+  (eval $ac_compile) 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }; then
+  # Parse the compiler output and extract the necessary
+  # objects, libraries and library flags.
+
+  # Sentinel used to keep track of whether or not we are before
+  # the conftest object file.
+  pre_test_object_deps_done=no
+
+  for p in `eval "$output_verbose_link_cmd"`; do
+    case ${prev}${p} in
+
+    -L* | -R* | -l*)
+       # Some compilers place space between "-{L,R}" and the path.
+       # Remove the space.
+       if test $p = "-L" ||
+          test $p = "-R"; then
+	 prev=$p
+	 continue
+       fi
+
+       # Expand the sysroot to ease extracting the directories later.
+       if test -z "$prev"; then
+         case $p in
+         -L*) func_stripname_cnf '-L' '' "$p"; prev=-L; p=$func_stripname_result ;;
+         -R*) func_stripname_cnf '-R' '' "$p"; prev=-R; p=$func_stripname_result ;;
+         -l*) func_stripname_cnf '-l' '' "$p"; prev=-l; p=$func_stripname_result ;;
+         esac
+       fi
+       case $p in
+       =*) func_stripname_cnf '=' '' "$p"; p=$lt_sysroot$func_stripname_result ;;
+       esac
+       if test "$pre_test_object_deps_done" = no; then
+	 case ${prev} in
+	 -L | -R)
+	   # Internal compiler library paths should come after those
+	   # provided the user.  The postdeps already come after the
+	   # user supplied libs so there is no need to process them.
+	   if test -z "$compiler_lib_search_path_CXX"; then
+	     compiler_lib_search_path_CXX="${prev}${p}"
+	   else
+	     compiler_lib_search_path_CXX="${compiler_lib_search_path_CXX} ${prev}${p}"
+	   fi
+	   ;;
+	 # The "-l" case would never come before the object being
+	 # linked, so don't bother handling this case.
+	 esac
+       else
+	 if test -z "$postdeps_CXX"; then
+	   postdeps_CXX="${prev}${p}"
+	 else
+	   postdeps_CXX="${postdeps_CXX} ${prev}${p}"
+	 fi
+       fi
+       prev=
+       ;;
+
+    *.lto.$objext) ;; # Ignore GCC LTO objects
+    *.$objext)
+       # This assumes that the test object file only shows up
+       # once in the compiler output.
+       if test "$p" = "conftest.$objext"; then
+	 pre_test_object_deps_done=yes
+	 continue
+       fi
+
+       if test "$pre_test_object_deps_done" = no; then
+	 if test -z "$predep_objects_CXX"; then
+	   predep_objects_CXX="$p"
+	 else
+	   predep_objects_CXX="$predep_objects_CXX $p"
+	 fi
+       else
+	 if test -z "$postdep_objects_CXX"; then
+	   postdep_objects_CXX="$p"
+	 else
+	   postdep_objects_CXX="$postdep_objects_CXX $p"
+	 fi
+       fi
+       ;;
+
+    *) ;; # Ignore the rest.
+
+    esac
+  done
+
+  # Clean up.
+  rm -f a.out a.exe
+else
+  echo "libtool.m4: error: problem compiling CXX test program"
+fi
+
+$RM -f confest.$objext
+CFLAGS=$_lt_libdeps_save_CFLAGS
+
+# PORTME: override above test on systems where it is broken
+case $host_os in
+interix[3-9]*)
+  # Interix 3.5 installs completely hosed .la files for C++, so rather than
+  # hack all around it, let's just trust "g++" to DTRT.
+  predep_objects_CXX=
+  postdep_objects_CXX=
+  postdeps_CXX=
+  ;;
+
+linux*)
+  case `$CC -V 2>&1 | sed 5q` in
+  *Sun\ C*)
+    # Sun C++ 5.9
+
+    # The more standards-conforming stlport4 library is
+    # incompatible with the Cstd library. Avoid specifying
+    # it if it's in CXXFLAGS. Ignore libCrun as
+    # -library=stlport4 depends on it.
+    case " $CXX $CXXFLAGS " in
+    *" -library=stlport4 "*)
+      solaris_use_stlport4=yes
+      ;;
+    esac
+
+    if test "$solaris_use_stlport4" != yes; then
+      postdeps_CXX='-library=Cstd -library=Crun'
+    fi
+    ;;
+  esac
+  ;;
+
+solaris*)
+  case $cc_basename in
+  CC* | sunCC*)
+    # The more standards-conforming stlport4 library is
+    # incompatible with the Cstd library. Avoid specifying
+    # it if it's in CXXFLAGS. Ignore libCrun as
+    # -library=stlport4 depends on it.
+    case " $CXX $CXXFLAGS " in
+    *" -library=stlport4 "*)
+      solaris_use_stlport4=yes
+      ;;
+    esac
+
+    # Adding this requires a known-good setup of shared libraries for
+    # Sun compiler versions before 5.6, else PIC objects from an old
+    # archive will be linked into the output, leading to subtle bugs.
+    if test "$solaris_use_stlport4" != yes; then
+      postdeps_CXX='-library=Cstd -library=Crun'
+    fi
+    ;;
+  esac
+  ;;
+esac
+
+
+case " $postdeps_CXX " in
+*" -lc "*) archive_cmds_need_lc_CXX=no ;;
+esac
+ compiler_lib_search_dirs_CXX=
+if test -n "${compiler_lib_search_path_CXX}"; then
+ compiler_lib_search_dirs_CXX=`echo " ${compiler_lib_search_path_CXX}" | ${SED} -e 's! -L! !g' -e 's!^ !!'`
+fi
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+    lt_prog_compiler_wl_CXX=
+lt_prog_compiler_pic_CXX=
+lt_prog_compiler_static_CXX=
+
+
+  # C++ specific cases for pic, static, wl, etc.
+  if test "$GXX" = yes; then
+    lt_prog_compiler_wl_CXX='-Wl,'
+    lt_prog_compiler_static_CXX='-static'
+
+    case $host_os in
+    aix*)
+      # All AIX code is PIC.
+      if test "$host_cpu" = ia64; then
+	# AIX 5 now supports IA64 processor
+	lt_prog_compiler_static_CXX='-Bstatic'
+      fi
+      ;;
+
+    amigaos*)
+      case $host_cpu in
+      powerpc)
+            # see comment about AmigaOS4 .so support
+            lt_prog_compiler_pic_CXX='-fPIC'
+        ;;
+      m68k)
+            # FIXME: we need at least 68020 code to build shared libraries, but
+            # adding the `-m68020' flag to GCC prevents building anything better,
+            # like `-m68040'.
+            lt_prog_compiler_pic_CXX='-m68020 -resident32 -malways-restore-a4'
+        ;;
+      esac
+      ;;
+
+    beos* | irix5* | irix6* | nonstopux* | osf3* | osf4* | osf5*)
+      # PIC is the default for these OSes.
+      ;;
+    mingw* | cygwin* | os2* | pw32* | cegcc*)
+      # This hack is so that the source file can tell whether it is being
+      # built for inclusion in a dll (and should export symbols for example).
+      # Although the cygwin gcc ignores -fPIC, still need this for old-style
+      # (--disable-auto-import) libraries
+      lt_prog_compiler_pic_CXX='-DDLL_EXPORT'
+      ;;
+    darwin* | rhapsody*)
+      # PIC is the default on this platform
+      # Common symbols not allowed in MH_DYLIB files
+      lt_prog_compiler_pic_CXX='-fno-common'
+      ;;
+    *djgpp*)
+      # DJGPP does not support shared libraries at all
+      lt_prog_compiler_pic_CXX=
+      ;;
+    haiku*)
+      # PIC is the default for Haiku.
+      # The "-static" flag exists, but is broken.
+      lt_prog_compiler_static_CXX=
+      ;;
+    interix[3-9]*)
+      # Interix 3.x gcc -fpic/-fPIC options generate broken code.
+      # Instead, we relocate shared libraries at runtime.
+      ;;
+    sysv4*MP*)
+      if test -d /usr/nec; then
+	lt_prog_compiler_pic_CXX=-Kconform_pic
+      fi
+      ;;
+    hpux*)
+      # PIC is the default for 64-bit PA HP-UX, but not for 32-bit
+      # PA HP-UX.  On IA64 HP-UX, PIC is the default but the pic flag
+      # sets the default TLS model and affects inlining.
+      case $host_cpu in
+      hppa*64*)
+	;;
+      *)
+	lt_prog_compiler_pic_CXX='-fPIC'
+	;;
+      esac
+      ;;
+    *qnx* | *nto*)
+      # QNX uses GNU C++, but need to define -shared option too, otherwise
+      # it will coredump.
+      lt_prog_compiler_pic_CXX='-fPIC -shared'
+      ;;
+    *)
+      lt_prog_compiler_pic_CXX='-fPIC'
+      ;;
+    esac
+  else
+    case $host_os in
+      aix[4-9]*)
+	# All AIX code is PIC.
+	if test "$host_cpu" = ia64; then
+	  # AIX 5 now supports IA64 processor
+	  lt_prog_compiler_static_CXX='-Bstatic'
+	else
+	  lt_prog_compiler_static_CXX='-bnso -bI:/lib/syscalls.exp'
+	fi
+	;;
+      chorus*)
+	case $cc_basename in
+	cxch68*)
+	  # Green Hills C++ Compiler
+	  # _LT_TAGVAR(lt_prog_compiler_static, CXX)="--no_auto_instantiation -u __main -u __premain -u _abort -r $COOL_DIR/lib/libOrb.a $MVME_DIR/lib/CC/libC.a $MVME_DIR/lib/classix/libcx.s.a"
+	  ;;
+	esac
+	;;
+      mingw* | cygwin* | os2* | pw32* | cegcc*)
+	# This hack is so that the source file can tell whether it is being
+	# built for inclusion in a dll (and should export symbols for example).
+	lt_prog_compiler_pic_CXX='-DDLL_EXPORT'
+	;;
+      dgux*)
+	case $cc_basename in
+	  ec++*)
+	    lt_prog_compiler_pic_CXX='-KPIC'
+	    ;;
+	  ghcx*)
+	    # Green Hills C++ Compiler
+	    lt_prog_compiler_pic_CXX='-pic'
+	    ;;
+	  *)
+	    ;;
+	esac
+	;;
+      freebsd* | dragonfly*)
+	# FreeBSD uses GNU C++
+	;;
+      hpux9* | hpux10* | hpux11*)
+	case $cc_basename in
+	  CC*)
+	    lt_prog_compiler_wl_CXX='-Wl,'
+	    lt_prog_compiler_static_CXX='${wl}-a ${wl}archive'
+	    if test "$host_cpu" != ia64; then
+	      lt_prog_compiler_pic_CXX='+Z'
+	    fi
+	    ;;
+	  aCC*)
+	    lt_prog_compiler_wl_CXX='-Wl,'
+	    lt_prog_compiler_static_CXX='${wl}-a ${wl}archive'
+	    case $host_cpu in
+	    hppa*64*|ia64*)
+	      # +Z the default
+	      ;;
+	    *)
+	      lt_prog_compiler_pic_CXX='+Z'
+	      ;;
+	    esac
+	    ;;
+	  *)
+	    ;;
+	esac
+	;;
+      interix*)
+	# This is c89, which is MS Visual C++ (no shared libs)
+	# Anyone wants to do a port?
+	;;
+      irix5* | irix6* | nonstopux*)
+	case $cc_basename in
+	  CC*)
+	    lt_prog_compiler_wl_CXX='-Wl,'
+	    lt_prog_compiler_static_CXX='-non_shared'
+	    # CC pic flag -KPIC is the default.
+	    ;;
+	  *)
+	    ;;
+	esac
+	;;
+      linux* | k*bsd*-gnu | kopensolaris*-gnu)
+	case $cc_basename in
+	  KCC*)
+	    # KAI C++ Compiler
+	    lt_prog_compiler_wl_CXX='--backend -Wl,'
+	    lt_prog_compiler_pic_CXX='-fPIC'
+	    ;;
+	  ecpc* )
+	    # old Intel C++ for x86_64 which still supported -KPIC.
+	    lt_prog_compiler_wl_CXX='-Wl,'
+	    lt_prog_compiler_pic_CXX='-KPIC'
+	    lt_prog_compiler_static_CXX='-static'
+	    ;;
+	  icpc* )
+	    # Intel C++, used to be incompatible with GCC.
+	    # ICC 10 doesn't accept -KPIC any more.
+	    lt_prog_compiler_wl_CXX='-Wl,'
+	    lt_prog_compiler_pic_CXX='-fPIC'
+	    lt_prog_compiler_static_CXX='-static'
+	    ;;
+	  pgCC* | pgcpp*)
+	    # Portland Group C++ compiler
+	    lt_prog_compiler_wl_CXX='-Wl,'
+	    lt_prog_compiler_pic_CXX='-fpic'
+	    lt_prog_compiler_static_CXX='-Bstatic'
+	    ;;
+	  cxx*)
+	    # Compaq C++
+	    # Make sure the PIC flag is empty.  It appears that all Alpha
+	    # Linux and Compaq Tru64 Unix objects are PIC.
+	    lt_prog_compiler_pic_CXX=
+	    lt_prog_compiler_static_CXX='-non_shared'
+	    ;;
+	  xlc* | xlC* | bgxl[cC]* | mpixl[cC]*)
+	    # IBM XL 8.0, 9.0 on PPC and BlueGene
+	    lt_prog_compiler_wl_CXX='-Wl,'
+	    lt_prog_compiler_pic_CXX='-qpic'
+	    lt_prog_compiler_static_CXX='-qstaticlink'
+	    ;;
+	  *)
+	    case `$CC -V 2>&1 | sed 5q` in
+	    *Sun\ C*)
+	      # Sun C++ 5.9
+	      lt_prog_compiler_pic_CXX='-KPIC'
+	      lt_prog_compiler_static_CXX='-Bstatic'
+	      lt_prog_compiler_wl_CXX='-Qoption ld '
+	      ;;
+	    esac
+	    ;;
+	esac
+	;;
+      lynxos*)
+	;;
+      m88k*)
+	;;
+      mvs*)
+	case $cc_basename in
+	  cxx*)
+	    lt_prog_compiler_pic_CXX='-W c,exportall'
+	    ;;
+	  *)
+	    ;;
+	esac
+	;;
+      netbsd*)
+	;;
+      *qnx* | *nto*)
+        # QNX uses GNU C++, but need to define -shared option too, otherwise
+        # it will coredump.
+        lt_prog_compiler_pic_CXX='-fPIC -shared'
+        ;;
+      osf3* | osf4* | osf5*)
+	case $cc_basename in
+	  KCC*)
+	    lt_prog_compiler_wl_CXX='--backend -Wl,'
+	    ;;
+	  RCC*)
+	    # Rational C++ 2.4.1
+	    lt_prog_compiler_pic_CXX='-pic'
+	    ;;
+	  cxx*)
+	    # Digital/Compaq C++
+	    lt_prog_compiler_wl_CXX='-Wl,'
+	    # Make sure the PIC flag is empty.  It appears that all Alpha
+	    # Linux and Compaq Tru64 Unix objects are PIC.
+	    lt_prog_compiler_pic_CXX=
+	    lt_prog_compiler_static_CXX='-non_shared'
+	    ;;
+	  *)
+	    ;;
+	esac
+	;;
+      psos*)
+	;;
+      solaris*)
+	case $cc_basename in
+	  CC* | sunCC*)
+	    # Sun C++ 4.2, 5.x and Centerline C++
+	    lt_prog_compiler_pic_CXX='-KPIC'
+	    lt_prog_compiler_static_CXX='-Bstatic'
+	    lt_prog_compiler_wl_CXX='-Qoption ld '
+	    ;;
+	  gcx*)
+	    # Green Hills C++ Compiler
+	    lt_prog_compiler_pic_CXX='-PIC'
+	    ;;
+	  *)
+	    ;;
+	esac
+	;;
+      sunos4*)
+	case $cc_basename in
+	  CC*)
+	    # Sun C++ 4.x
+	    lt_prog_compiler_pic_CXX='-pic'
+	    lt_prog_compiler_static_CXX='-Bstatic'
+	    ;;
+	  lcc*)
+	    # Lucid
+	    lt_prog_compiler_pic_CXX='-pic'
+	    ;;
+	  *)
+	    ;;
+	esac
+	;;
+      sysv5* | unixware* | sco3.2v5* | sco5v6* | OpenUNIX*)
+	case $cc_basename in
+	  CC*)
+	    lt_prog_compiler_wl_CXX='-Wl,'
+	    lt_prog_compiler_pic_CXX='-KPIC'
+	    lt_prog_compiler_static_CXX='-Bstatic'
+	    ;;
+	esac
+	;;
+      tandem*)
+	case $cc_basename in
+	  NCC*)
+	    # NonStop-UX NCC 3.20
+	    lt_prog_compiler_pic_CXX='-KPIC'
+	    ;;
+	  *)
+	    ;;
+	esac
+	;;
+      vxworks*)
+	;;
+      *)
+	lt_prog_compiler_can_build_shared_CXX=no
+	;;
+    esac
+  fi
+
+case $host_os in
+  # For platforms which do not support PIC, -DPIC is meaningless:
+  *djgpp*)
+    lt_prog_compiler_pic_CXX=
+    ;;
+  *)
+    lt_prog_compiler_pic_CXX="$lt_prog_compiler_pic_CXX -DPIC"
+    ;;
+esac
+
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $compiler option to produce PIC" >&5
+$as_echo_n "checking for $compiler option to produce PIC... " >&6; }
+if ${lt_cv_prog_compiler_pic_CXX+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  lt_cv_prog_compiler_pic_CXX=$lt_prog_compiler_pic_CXX
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_compiler_pic_CXX" >&5
+$as_echo "$lt_cv_prog_compiler_pic_CXX" >&6; }
+lt_prog_compiler_pic_CXX=$lt_cv_prog_compiler_pic_CXX
+
+#
+# Check to make sure the PIC flag actually works.
+#
+if test -n "$lt_prog_compiler_pic_CXX"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: checking if $compiler PIC flag $lt_prog_compiler_pic_CXX works" >&5
+$as_echo_n "checking if $compiler PIC flag $lt_prog_compiler_pic_CXX works... " >&6; }
+if ${lt_cv_prog_compiler_pic_works_CXX+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  lt_cv_prog_compiler_pic_works_CXX=no
+   ac_outfile=conftest.$ac_objext
+   echo "$lt_simple_compile_test_code" > conftest.$ac_ext
+   lt_compiler_flag="$lt_prog_compiler_pic_CXX -DPIC"
+   # Insert the option either (1) after the last *FLAGS variable, or
+   # (2) before a word containing "conftest.", or (3) at the end.
+   # Note that $ac_compile itself does not contain backslashes and begins
+   # with a dollar sign (not a hyphen), so the echo should work correctly.
+   # The option is referenced via a variable to avoid confusing sed.
+   lt_compile=`echo "$ac_compile" | $SED \
+   -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
+   -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \
+   -e 's:$: $lt_compiler_flag:'`
+   (eval echo "\"\$as_me:$LINENO: $lt_compile\"" >&5)
+   (eval "$lt_compile" 2>conftest.err)
+   ac_status=$?
+   cat conftest.err >&5
+   echo "$as_me:$LINENO: \$? = $ac_status" >&5
+   if (exit $ac_status) && test -s "$ac_outfile"; then
+     # The compiler can only warn and ignore the option if not recognized
+     # So say no if there are warnings other than the usual output.
+     $ECHO "$_lt_compiler_boilerplate" | $SED '/^$/d' >conftest.exp
+     $SED '/^$/d; /^ *+/d' conftest.err >conftest.er2
+     if test ! -s conftest.er2 || diff conftest.exp conftest.er2 >/dev/null; then
+       lt_cv_prog_compiler_pic_works_CXX=yes
+     fi
+   fi
+   $RM conftest*
+
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_compiler_pic_works_CXX" >&5
+$as_echo "$lt_cv_prog_compiler_pic_works_CXX" >&6; }
+
+if test x"$lt_cv_prog_compiler_pic_works_CXX" = xyes; then
+    case $lt_prog_compiler_pic_CXX in
+     "" | " "*) ;;
+     *) lt_prog_compiler_pic_CXX=" $lt_prog_compiler_pic_CXX" ;;
+     esac
+else
+    lt_prog_compiler_pic_CXX=
+     lt_prog_compiler_can_build_shared_CXX=no
+fi
+
+fi
+
+
+
+
+
+#
+# Check to make sure the static flag actually works.
+#
+wl=$lt_prog_compiler_wl_CXX eval lt_tmp_static_flag=\"$lt_prog_compiler_static_CXX\"
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if $compiler static flag $lt_tmp_static_flag works" >&5
+$as_echo_n "checking if $compiler static flag $lt_tmp_static_flag works... " >&6; }
+if ${lt_cv_prog_compiler_static_works_CXX+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  lt_cv_prog_compiler_static_works_CXX=no
+   save_LDFLAGS="$LDFLAGS"
+   LDFLAGS="$LDFLAGS $lt_tmp_static_flag"
+   echo "$lt_simple_link_test_code" > conftest.$ac_ext
+   if (eval $ac_link 2>conftest.err) && test -s conftest$ac_exeext; then
+     # The linker can only warn and ignore the option if not recognized
+     # So say no if there are warnings
+     if test -s conftest.err; then
+       # Append any errors to the config.log.
+       cat conftest.err 1>&5
+       $ECHO "$_lt_linker_boilerplate" | $SED '/^$/d' > conftest.exp
+       $SED '/^$/d; /^ *+/d' conftest.err >conftest.er2
+       if diff conftest.exp conftest.er2 >/dev/null; then
+         lt_cv_prog_compiler_static_works_CXX=yes
+       fi
+     else
+       lt_cv_prog_compiler_static_works_CXX=yes
+     fi
+   fi
+   $RM -r conftest*
+   LDFLAGS="$save_LDFLAGS"
+
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_compiler_static_works_CXX" >&5
+$as_echo "$lt_cv_prog_compiler_static_works_CXX" >&6; }
+
+if test x"$lt_cv_prog_compiler_static_works_CXX" = xyes; then
+    :
+else
+    lt_prog_compiler_static_CXX=
+fi
+
+
+
+
+    { $as_echo "$as_me:${as_lineno-$LINENO}: checking if $compiler supports -c -o file.$ac_objext" >&5
+$as_echo_n "checking if $compiler supports -c -o file.$ac_objext... " >&6; }
+if ${lt_cv_prog_compiler_c_o_CXX+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  lt_cv_prog_compiler_c_o_CXX=no
+   $RM -r conftest 2>/dev/null
+   mkdir conftest
+   cd conftest
+   mkdir out
+   echo "$lt_simple_compile_test_code" > conftest.$ac_ext
+
+   lt_compiler_flag="-o out/conftest2.$ac_objext"
+   # Insert the option either (1) after the last *FLAGS variable, or
+   # (2) before a word containing "conftest.", or (3) at the end.
+   # Note that $ac_compile itself does not contain backslashes and begins
+   # with a dollar sign (not a hyphen), so the echo should work correctly.
+   lt_compile=`echo "$ac_compile" | $SED \
+   -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
+   -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \
+   -e 's:$: $lt_compiler_flag:'`
+   (eval echo "\"\$as_me:$LINENO: $lt_compile\"" >&5)
+   (eval "$lt_compile" 2>out/conftest.err)
+   ac_status=$?
+   cat out/conftest.err >&5
+   echo "$as_me:$LINENO: \$? = $ac_status" >&5
+   if (exit $ac_status) && test -s out/conftest2.$ac_objext
+   then
+     # The compiler can only warn and ignore the option if not recognized
+     # So say no if there are warnings
+     $ECHO "$_lt_compiler_boilerplate" | $SED '/^$/d' > out/conftest.exp
+     $SED '/^$/d; /^ *+/d' out/conftest.err >out/conftest.er2
+     if test ! -s out/conftest.er2 || diff out/conftest.exp out/conftest.er2 >/dev/null; then
+       lt_cv_prog_compiler_c_o_CXX=yes
+     fi
+   fi
+   chmod u+w . 2>&5
+   $RM conftest*
+   # SGI C++ compiler will create directory out/ii_files/ for
+   # template instantiation
+   test -d out/ii_files && $RM out/ii_files/* && rmdir out/ii_files
+   $RM out/* && rmdir out
+   cd ..
+   $RM -r conftest
+   $RM conftest*
+
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_compiler_c_o_CXX" >&5
+$as_echo "$lt_cv_prog_compiler_c_o_CXX" >&6; }
+
+
+
+    { $as_echo "$as_me:${as_lineno-$LINENO}: checking if $compiler supports -c -o file.$ac_objext" >&5
+$as_echo_n "checking if $compiler supports -c -o file.$ac_objext... " >&6; }
+if ${lt_cv_prog_compiler_c_o_CXX+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  lt_cv_prog_compiler_c_o_CXX=no
+   $RM -r conftest 2>/dev/null
+   mkdir conftest
+   cd conftest
+   mkdir out
+   echo "$lt_simple_compile_test_code" > conftest.$ac_ext
+
+   lt_compiler_flag="-o out/conftest2.$ac_objext"
+   # Insert the option either (1) after the last *FLAGS variable, or
+   # (2) before a word containing "conftest.", or (3) at the end.
+   # Note that $ac_compile itself does not contain backslashes and begins
+   # with a dollar sign (not a hyphen), so the echo should work correctly.
+   lt_compile=`echo "$ac_compile" | $SED \
+   -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
+   -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \
+   -e 's:$: $lt_compiler_flag:'`
+   (eval echo "\"\$as_me:$LINENO: $lt_compile\"" >&5)
+   (eval "$lt_compile" 2>out/conftest.err)
+   ac_status=$?
+   cat out/conftest.err >&5
+   echo "$as_me:$LINENO: \$? = $ac_status" >&5
+   if (exit $ac_status) && test -s out/conftest2.$ac_objext
+   then
+     # The compiler can only warn and ignore the option if not recognized
+     # So say no if there are warnings
+     $ECHO "$_lt_compiler_boilerplate" | $SED '/^$/d' > out/conftest.exp
+     $SED '/^$/d; /^ *+/d' out/conftest.err >out/conftest.er2
+     if test ! -s out/conftest.er2 || diff out/conftest.exp out/conftest.er2 >/dev/null; then
+       lt_cv_prog_compiler_c_o_CXX=yes
+     fi
+   fi
+   chmod u+w . 2>&5
+   $RM conftest*
+   # SGI C++ compiler will create directory out/ii_files/ for
+   # template instantiation
+   test -d out/ii_files && $RM out/ii_files/* && rmdir out/ii_files
+   $RM out/* && rmdir out
+   cd ..
+   $RM -r conftest
+   $RM conftest*
+
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_compiler_c_o_CXX" >&5
+$as_echo "$lt_cv_prog_compiler_c_o_CXX" >&6; }
+
+
+
+
+hard_links="nottested"
+if test "$lt_cv_prog_compiler_c_o_CXX" = no && test "$need_locks" != no; then
+  # do not overwrite the value of need_locks provided by the user
+  { $as_echo "$as_me:${as_lineno-$LINENO}: checking if we can lock with hard links" >&5
+$as_echo_n "checking if we can lock with hard links... " >&6; }
+  hard_links=yes
+  $RM conftest*
+  ln conftest.a conftest.b 2>/dev/null && hard_links=no
+  touch conftest.a
+  ln conftest.a conftest.b 2>&5 || hard_links=no
+  ln conftest.a conftest.b 2>/dev/null && hard_links=no
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $hard_links" >&5
+$as_echo "$hard_links" >&6; }
+  if test "$hard_links" = no; then
+    { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: \`$CC' does not support \`-c -o', so \`make -j' may be unsafe" >&5
+$as_echo "$as_me: WARNING: \`$CC' does not support \`-c -o', so \`make -j' may be unsafe" >&2;}
+    need_locks=warn
+  fi
+else
+  need_locks=no
+fi
+
+
+
+    { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the $compiler linker ($LD) supports shared libraries" >&5
+$as_echo_n "checking whether the $compiler linker ($LD) supports shared libraries... " >&6; }
+
+  export_symbols_cmds_CXX='$NM $libobjs $convenience | $global_symbol_pipe | $SED '\''s/.* //'\'' | sort | uniq > $export_symbols'
+  exclude_expsyms_CXX='_GLOBAL_OFFSET_TABLE_|_GLOBAL__F[ID]_.*'
+  case $host_os in
+  aix[4-9]*)
+    # If we're using GNU nm, then we don't want the "-C" option.
+    # -C means demangle to AIX nm, but means don't demangle with GNU nm
+    # Also, AIX nm treats weak defined symbols like other global defined
+    # symbols, whereas GNU nm marks them as "W".
+    if $NM -V 2>&1 | $GREP 'GNU' > /dev/null; then
+      export_symbols_cmds_CXX='$NM -Bpg $libobjs $convenience | awk '\''{ if (((\$ 2 == "T") || (\$ 2 == "D") || (\$ 2 == "B") || (\$ 2 == "W")) && (substr(\$ 3,1,1) != ".")) { print \$ 3 } }'\'' | sort -u > $export_symbols'
+    else
+      export_symbols_cmds_CXX='$NM -BCpg $libobjs $convenience | awk '\''{ if (((\$ 2 == "T") || (\$ 2 == "D") || (\$ 2 == "B")) && (substr(\$ 3,1,1) != ".")) { print \$ 3 } }'\'' | sort -u > $export_symbols'
+    fi
+    ;;
+  pw32*)
+    export_symbols_cmds_CXX="$ltdll_cmds"
+    ;;
+  cygwin* | mingw* | cegcc*)
+    case $cc_basename in
+    cl*)
+      exclude_expsyms_CXX='_NULL_IMPORT_DESCRIPTOR|_IMPORT_DESCRIPTOR_.*'
+      ;;
+    *)
+      export_symbols_cmds_CXX='$NM $libobjs $convenience | $global_symbol_pipe | $SED -e '\''/^[BCDGRS][ ]/s/.*[ ]\([^ ]*\)/\1 DATA/;s/^.*[ ]__nm__\([^ ]*\)[ ][^ ]*/\1 DATA/;/^I[ ]/d;/^[AITW][ ]/s/.* //'\'' | sort | uniq > $export_symbols'
+      exclude_expsyms_CXX='[_]+GLOBAL_OFFSET_TABLE_|[_]+GLOBAL__[FID]_.*|[_]+head_[A-Za-z0-9_]+_dll|[A-Za-z0-9_]+_dll_iname'
+      ;;
+    esac
+    ;;
+  *)
+    export_symbols_cmds_CXX='$NM $libobjs $convenience | $global_symbol_pipe | $SED '\''s/.* //'\'' | sort | uniq > $export_symbols'
+    ;;
+  esac
+
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ld_shlibs_CXX" >&5
+$as_echo "$ld_shlibs_CXX" >&6; }
+test "$ld_shlibs_CXX" = no && can_build_shared=no
+
+with_gnu_ld_CXX=$with_gnu_ld
+
+
+
+
+
+
+#
+# Do we need to explicitly link libc?
+#
+case "x$archive_cmds_need_lc_CXX" in
+x|xyes)
+  # Assume -lc should be added
+  archive_cmds_need_lc_CXX=yes
+
+  if test "$enable_shared" = yes && test "$GCC" = yes; then
+    case $archive_cmds_CXX in
+    *'~'*)
+      # FIXME: we may have to deal with multi-command sequences.
+      ;;
+    '$CC '*)
+      # Test whether the compiler implicitly links with -lc since on some
+      # systems, -lgcc has to come before -lc. If gcc already passes -lc
+      # to ld, don't add -lc before -lgcc.
+      { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether -lc should be explicitly linked in" >&5
+$as_echo_n "checking whether -lc should be explicitly linked in... " >&6; }
+if ${lt_cv_archive_cmds_need_lc_CXX+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  $RM conftest*
+	echo "$lt_simple_compile_test_code" > conftest.$ac_ext
+
+	if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_compile\""; } >&5
+  (eval $ac_compile) 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; } 2>conftest.err; then
+	  soname=conftest
+	  lib=conftest
+	  libobjs=conftest.$ac_objext
+	  deplibs=
+	  wl=$lt_prog_compiler_wl_CXX
+	  pic_flag=$lt_prog_compiler_pic_CXX
+	  compiler_flags=-v
+	  linker_flags=-v
+	  verstring=
+	  output_objdir=.
+	  libname=conftest
+	  lt_save_allow_undefined_flag=$allow_undefined_flag_CXX
+	  allow_undefined_flag_CXX=
+	  if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$archive_cmds_CXX 2\>\&1 \| $GREP \" -lc \" \>/dev/null 2\>\&1\""; } >&5
+  (eval $archive_cmds_CXX 2\>\&1 \| $GREP \" -lc \" \>/dev/null 2\>\&1) 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+	  then
+	    lt_cv_archive_cmds_need_lc_CXX=no
+	  else
+	    lt_cv_archive_cmds_need_lc_CXX=yes
+	  fi
+	  allow_undefined_flag_CXX=$lt_save_allow_undefined_flag
+	else
+	  cat conftest.err 1>&5
+	fi
+	$RM conftest*
+
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_archive_cmds_need_lc_CXX" >&5
+$as_echo "$lt_cv_archive_cmds_need_lc_CXX" >&6; }
+      archive_cmds_need_lc_CXX=$lt_cv_archive_cmds_need_lc_CXX
+      ;;
+    esac
+  fi
+  ;;
+esac
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+    { $as_echo "$as_me:${as_lineno-$LINENO}: checking dynamic linker characteristics" >&5
+$as_echo_n "checking dynamic linker characteristics... " >&6; }
+
+library_names_spec=
+libname_spec='lib$name'
+soname_spec=
+shrext_cmds=".so"
+postinstall_cmds=
+postuninstall_cmds=
+finish_cmds=
+finish_eval=
+shlibpath_var=
+shlibpath_overrides_runpath=unknown
+version_type=none
+dynamic_linker="$host_os ld.so"
+sys_lib_dlsearch_path_spec="/lib /usr/lib"
+need_lib_prefix=unknown
+hardcode_into_libs=no
+
+# when you set need_version to no, make sure it does not cause -set_version
+# flags to be left without arguments
+need_version=unknown
+
+case $host_os in
+aix3*)
+  version_type=linux # correct to gnu/linux during the next big refactor
+  library_names_spec='${libname}${release}${shared_ext}$versuffix $libname.a'
+  shlibpath_var=LIBPATH
+
+  # AIX 3 has no versioning support, so we append a major version to the name.
+  soname_spec='${libname}${release}${shared_ext}$major'
+  ;;
+
+aix[4-9]*)
+  version_type=linux # correct to gnu/linux during the next big refactor
+  need_lib_prefix=no
+  need_version=no
+  hardcode_into_libs=yes
+  if test "$host_cpu" = ia64; then
+    # AIX 5 supports IA64
+    library_names_spec='${libname}${release}${shared_ext}$major ${libname}${release}${shared_ext}$versuffix $libname${shared_ext}'
+    shlibpath_var=LD_LIBRARY_PATH
+  else
+    # With GCC up to 2.95.x, collect2 would create an import file
+    # for dependence libraries.  The import file would start with
+    # the line `#! .'.  This would cause the generated library to
+    # depend on `.', always an invalid library.  This was fixed in
+    # development snapshots of GCC prior to 3.0.
+    case $host_os in
+      aix4 | aix4.[01] | aix4.[01].*)
+      if { echo '#if __GNUC__ > 2 || (__GNUC__ == 2 && __GNUC_MINOR__ >= 97)'
+	   echo ' yes '
+	   echo '#endif'; } | ${CC} -E - | $GREP yes > /dev/null; then
+	:
+      else
+	can_build_shared=no
+      fi
+      ;;
+    esac
+    # AIX (on Power*) has no versioning support, so currently we can not hardcode correct
+    # soname into executable. Probably we can add versioning support to
+    # collect2, so additional links can be useful in future.
+    if test "$aix_use_runtimelinking" = yes; then
+      # If using run time linking (on AIX 4.2 or later) use lib.so
+      # instead of lib.a to let people know that these are not
+      # typical AIX shared libraries.
+      library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+    else
+      # We preserve .a as extension for shared libraries through AIX4.2
+      # and later when we are not doing run time linking.
+      library_names_spec='${libname}${release}.a $libname.a'
+      soname_spec='${libname}${release}${shared_ext}$major'
+    fi
+    shlibpath_var=LIBPATH
+  fi
+  ;;
+
+amigaos*)
+  case $host_cpu in
+  powerpc)
+    # Since July 2007 AmigaOS4 officially supports .so libraries.
+    # When compiling the executable, add -use-dynld -Lsobjs: to the compileline.
+    library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+    ;;
+  m68k)
+    library_names_spec='$libname.ixlibrary $libname.a'
+    # Create ${libname}_ixlibrary.a entries in /sys/libs.
+    finish_eval='for lib in `ls $libdir/*.ixlibrary 2>/dev/null`; do libname=`func_echo_all "$lib" | $SED '\''s%^.*/\([^/]*\)\.ixlibrary$%\1%'\''`; test $RM /sys/libs/${libname}_ixlibrary.a; $show "cd /sys/libs && $LN_S $lib ${libname}_ixlibrary.a"; cd /sys/libs && $LN_S $lib ${libname}_ixlibrary.a || exit 1; done'
+    ;;
+  esac
+  ;;
+
+beos*)
+  library_names_spec='${libname}${shared_ext}'
+  dynamic_linker="$host_os ld.so"
+  shlibpath_var=LIBRARY_PATH
+  ;;
+
+bsdi[45]*)
+  version_type=linux # correct to gnu/linux during the next big refactor
+  need_version=no
+  library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+  soname_spec='${libname}${release}${shared_ext}$major'
+  finish_cmds='PATH="\$PATH:/sbin" ldconfig $libdir'
+  shlibpath_var=LD_LIBRARY_PATH
+  sys_lib_search_path_spec="/shlib /usr/lib /usr/X11/lib /usr/contrib/lib /lib /usr/local/lib"
+  sys_lib_dlsearch_path_spec="/shlib /usr/lib /usr/local/lib"
+  # the default ld.so.conf also contains /usr/contrib/lib and
+  # /usr/X11R6/lib (/usr/X11 is a link to /usr/X11R6), but let us allow
+  # libtool to hard-code these into programs
+  ;;
+
+cygwin* | mingw* | pw32* | cegcc*)
+  version_type=windows
+  shrext_cmds=".dll"
+  need_version=no
+  need_lib_prefix=no
+
+  case $GCC,$cc_basename in
+  yes,*)
+    # gcc
+    library_names_spec='$libname.dll.a'
+    # DLL is installed to $(libdir)/../bin by postinstall_cmds
+    postinstall_cmds='base_file=`basename \${file}`~
+      dlpath=`$SHELL 2>&1 -c '\''. $dir/'\''\${base_file}'\''i; echo \$dlname'\''`~
+      dldir=$destdir/`dirname \$dlpath`~
+      test -d \$dldir || mkdir -p \$dldir~
+      $install_prog $dir/$dlname \$dldir/$dlname~
+      chmod a+x \$dldir/$dlname~
+      if test -n '\''$stripme'\'' && test -n '\''$striplib'\''; then
+        eval '\''$striplib \$dldir/$dlname'\'' || exit \$?;
+      fi'
+    postuninstall_cmds='dldll=`$SHELL 2>&1 -c '\''. $file; echo \$dlname'\''`~
+      dlpath=$dir/\$dldll~
+       $RM \$dlpath'
+    shlibpath_overrides_runpath=yes
+
+    case $host_os in
+    cygwin*)
+      # Cygwin DLLs use 'cyg' prefix rather than 'lib'
+      soname_spec='`echo ${libname} | sed -e 's/^lib/cyg/'``echo ${release} | $SED -e 's/[.]/-/g'`${versuffix}${shared_ext}'
+
+      ;;
+    mingw* | cegcc*)
+      # MinGW DLLs use traditional 'lib' prefix
+      soname_spec='${libname}`echo ${release} | $SED -e 's/[.]/-/g'`${versuffix}${shared_ext}'
+      ;;
+    pw32*)
+      # pw32 DLLs use 'pw' prefix rather than 'lib'
+      library_names_spec='`echo ${libname} | sed -e 's/^lib/pw/'``echo ${release} | $SED -e 's/[.]/-/g'`${versuffix}${shared_ext}'
+      ;;
+    esac
+    dynamic_linker='Win32 ld.exe'
+    ;;
+
+  *,cl*)
+    # Native MSVC
+    libname_spec='$name'
+    soname_spec='${libname}`echo ${release} | $SED -e 's/[.]/-/g'`${versuffix}${shared_ext}'
+    library_names_spec='${libname}.dll.lib'
+
+    case $build_os in
+    mingw*)
+      sys_lib_search_path_spec=
+      lt_save_ifs=$IFS
+      IFS=';'
+      for lt_path in $LIB
+      do
+        IFS=$lt_save_ifs
+        # Let DOS variable expansion print the short 8.3 style file name.
+        lt_path=`cd "$lt_path" 2>/dev/null && cmd //C "for %i in (".") do @echo %~si"`
+        sys_lib_search_path_spec="$sys_lib_search_path_spec $lt_path"
+      done
+      IFS=$lt_save_ifs
+      # Convert to MSYS style.
+      sys_lib_search_path_spec=`$ECHO "$sys_lib_search_path_spec" | sed -e 's|\\\\|/|g' -e 's| \\([a-zA-Z]\\):| /\\1|g' -e 's|^ ||'`
+      ;;
+    cygwin*)
+      # Convert to unix form, then to dos form, then back to unix form
+      # but this time dos style (no spaces!) so that the unix form looks
+      # like /cygdrive/c/PROGRA~1:/cygdr...
+      sys_lib_search_path_spec=`cygpath --path --unix "$LIB"`
+      sys_lib_search_path_spec=`cygpath --path --dos "$sys_lib_search_path_spec" 2>/dev/null`
+      sys_lib_search_path_spec=`cygpath --path --unix "$sys_lib_search_path_spec" | $SED -e "s/$PATH_SEPARATOR/ /g"`
+      ;;
+    *)
+      sys_lib_search_path_spec="$LIB"
+      if $ECHO "$sys_lib_search_path_spec" | $GREP ';[c-zC-Z]:/' >/dev/null; then
+        # It is most probably a Windows format PATH.
+        sys_lib_search_path_spec=`$ECHO "$sys_lib_search_path_spec" | $SED -e 's/;/ /g'`
+      else
+        sys_lib_search_path_spec=`$ECHO "$sys_lib_search_path_spec" | $SED -e "s/$PATH_SEPARATOR/ /g"`
+      fi
+      # FIXME: find the short name or the path components, as spaces are
+      # common. (e.g. "Program Files" -> "PROGRA~1")
+      ;;
+    esac
+
+    # DLL is installed to $(libdir)/../bin by postinstall_cmds
+    postinstall_cmds='base_file=`basename \${file}`~
+      dlpath=`$SHELL 2>&1 -c '\''. $dir/'\''\${base_file}'\''i; echo \$dlname'\''`~
+      dldir=$destdir/`dirname \$dlpath`~
+      test -d \$dldir || mkdir -p \$dldir~
+      $install_prog $dir/$dlname \$dldir/$dlname'
+    postuninstall_cmds='dldll=`$SHELL 2>&1 -c '\''. $file; echo \$dlname'\''`~
+      dlpath=$dir/\$dldll~
+       $RM \$dlpath'
+    shlibpath_overrides_runpath=yes
+    dynamic_linker='Win32 link.exe'
+    ;;
+
+  *)
+    # Assume MSVC wrapper
+    library_names_spec='${libname}`echo ${release} | $SED -e 's/[.]/-/g'`${versuffix}${shared_ext} $libname.lib'
+    dynamic_linker='Win32 ld.exe'
+    ;;
+  esac
+  # FIXME: first we should search . and the directory the executable is in
+  shlibpath_var=PATH
+  ;;
+
+darwin* | rhapsody*)
+  dynamic_linker="$host_os dyld"
+  version_type=darwin
+  need_lib_prefix=no
+  need_version=no
+  library_names_spec='${libname}${release}${major}$shared_ext ${libname}$shared_ext'
+  soname_spec='${libname}${release}${major}$shared_ext'
+  shlibpath_overrides_runpath=yes
+  shlibpath_var=DYLD_LIBRARY_PATH
+  shrext_cmds='`test .$module = .yes && echo .so || echo .dylib`'
+
+  sys_lib_dlsearch_path_spec='/usr/local/lib /lib /usr/lib'
+  ;;
+
+dgux*)
+  version_type=linux # correct to gnu/linux during the next big refactor
+  need_lib_prefix=no
+  need_version=no
+  library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname$shared_ext'
+  soname_spec='${libname}${release}${shared_ext}$major'
+  shlibpath_var=LD_LIBRARY_PATH
+  ;;
+
+freebsd* | dragonfly*)
+  # DragonFly does not have aout.  When/if they implement a new
+  # versioning mechanism, adjust this.
+  if test -x /usr/bin/objformat; then
+    objformat=`/usr/bin/objformat`
+  else
+    case $host_os in
+    freebsd[23].*) objformat=aout ;;
+    *) objformat=elf ;;
+    esac
+  fi
+  version_type=freebsd-$objformat
+  case $version_type in
+    freebsd-elf*)
+      library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext} $libname${shared_ext}'
+      need_version=no
+      need_lib_prefix=no
+      ;;
+    freebsd-*)
+      library_names_spec='${libname}${release}${shared_ext}$versuffix $libname${shared_ext}$versuffix'
+      need_version=yes
+      ;;
+  esac
+  shlibpath_var=LD_LIBRARY_PATH
+  case $host_os in
+  freebsd2.*)
+    shlibpath_overrides_runpath=yes
+    ;;
+  freebsd3.[01]* | freebsdelf3.[01]*)
+    shlibpath_overrides_runpath=yes
+    hardcode_into_libs=yes
+    ;;
+  freebsd3.[2-9]* | freebsdelf3.[2-9]* | \
+  freebsd4.[0-5] | freebsdelf4.[0-5] | freebsd4.1.1 | freebsdelf4.1.1)
+    shlibpath_overrides_runpath=no
+    hardcode_into_libs=yes
+    ;;
+  *) # from 4.6 on, and DragonFly
+    shlibpath_overrides_runpath=yes
+    hardcode_into_libs=yes
+    ;;
+  esac
+  ;;
+
+gnu*)
+  version_type=linux # correct to gnu/linux during the next big refactor
+  need_lib_prefix=no
+  need_version=no
+  library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}${major} ${libname}${shared_ext}'
+  soname_spec='${libname}${release}${shared_ext}$major'
+  shlibpath_var=LD_LIBRARY_PATH
+  shlibpath_overrides_runpath=no
+  hardcode_into_libs=yes
+  ;;
+
+haiku*)
+  version_type=linux # correct to gnu/linux during the next big refactor
+  need_lib_prefix=no
+  need_version=no
+  dynamic_linker="$host_os runtime_loader"
+  library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}${major} ${libname}${shared_ext}'
+  soname_spec='${libname}${release}${shared_ext}$major'
+  shlibpath_var=LIBRARY_PATH
+  shlibpath_overrides_runpath=yes
+  sys_lib_dlsearch_path_spec='/boot/home/config/lib /boot/common/lib /boot/system/lib'
+  hardcode_into_libs=yes
+  ;;
+
+hpux9* | hpux10* | hpux11*)
+  # Give a soname corresponding to the major version so that dld.sl refuses to
+  # link against other versions.
+  version_type=sunos
+  need_lib_prefix=no
+  need_version=no
+  case $host_cpu in
+  ia64*)
+    shrext_cmds='.so'
+    hardcode_into_libs=yes
+    dynamic_linker="$host_os dld.so"
+    shlibpath_var=LD_LIBRARY_PATH
+    shlibpath_overrides_runpath=yes # Unless +noenvvar is specified.
+    library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+    soname_spec='${libname}${release}${shared_ext}$major'
+    if test "X$HPUX_IA64_MODE" = X32; then
+      sys_lib_search_path_spec="/usr/lib/hpux32 /usr/local/lib/hpux32 /usr/local/lib"
+    else
+      sys_lib_search_path_spec="/usr/lib/hpux64 /usr/local/lib/hpux64"
+    fi
+    sys_lib_dlsearch_path_spec=$sys_lib_search_path_spec
+    ;;
+  hppa*64*)
+    shrext_cmds='.sl'
+    hardcode_into_libs=yes
+    dynamic_linker="$host_os dld.sl"
+    shlibpath_var=LD_LIBRARY_PATH # How should we handle SHLIB_PATH
+    shlibpath_overrides_runpath=yes # Unless +noenvvar is specified.
+    library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+    soname_spec='${libname}${release}${shared_ext}$major'
+    sys_lib_search_path_spec="/usr/lib/pa20_64 /usr/ccs/lib/pa20_64"
+    sys_lib_dlsearch_path_spec=$sys_lib_search_path_spec
+    ;;
+  *)
+    shrext_cmds='.sl'
+    dynamic_linker="$host_os dld.sl"
+    shlibpath_var=SHLIB_PATH
+    shlibpath_overrides_runpath=no # +s is required to enable SHLIB_PATH
+    library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+    soname_spec='${libname}${release}${shared_ext}$major'
+    ;;
+  esac
+  # HP-UX runs *really* slowly unless shared libraries are mode 555, ...
+  postinstall_cmds='chmod 555 $lib'
+  # or fails outright, so override atomically:
+  install_override_mode=555
+  ;;
+
+interix[3-9]*)
+  version_type=linux # correct to gnu/linux during the next big refactor
+  need_lib_prefix=no
+  need_version=no
+  library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}'
+  soname_spec='${libname}${release}${shared_ext}$major'
+  dynamic_linker='Interix 3.x ld.so.1 (PE, like ELF)'
+  shlibpath_var=LD_LIBRARY_PATH
+  shlibpath_overrides_runpath=no
+  hardcode_into_libs=yes
+  ;;
+
+irix5* | irix6* | nonstopux*)
+  case $host_os in
+    nonstopux*) version_type=nonstopux ;;
+    *)
+	if test "$lt_cv_prog_gnu_ld" = yes; then
+		version_type=linux # correct to gnu/linux during the next big refactor
+	else
+		version_type=irix
+	fi ;;
+  esac
+  need_lib_prefix=no
+  need_version=no
+  soname_spec='${libname}${release}${shared_ext}$major'
+  library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${release}${shared_ext} $libname${shared_ext}'
+  case $host_os in
+  irix5* | nonstopux*)
+    libsuff= shlibsuff=
+    ;;
+  *)
+    case $LD in # libtool.m4 will add one of these switches to LD
+    *-32|*"-32 "|*-melf32bsmip|*"-melf32bsmip ")
+      libsuff= shlibsuff= libmagic=32-bit;;
+    *-n32|*"-n32 "|*-melf32bmipn32|*"-melf32bmipn32 ")
+      libsuff=32 shlibsuff=N32 libmagic=N32;;
+    *-64|*"-64 "|*-melf64bmip|*"-melf64bmip ")
+      libsuff=64 shlibsuff=64 libmagic=64-bit;;
+    *) libsuff= shlibsuff= libmagic=never-match;;
+    esac
+    ;;
+  esac
+  shlibpath_var=LD_LIBRARY${shlibsuff}_PATH
+  shlibpath_overrides_runpath=no
+  sys_lib_search_path_spec="/usr/lib${libsuff} /lib${libsuff} /usr/local/lib${libsuff}"
+  sys_lib_dlsearch_path_spec="/usr/lib${libsuff} /lib${libsuff}"
+  hardcode_into_libs=yes
+  ;;
+
+# No shared lib support for Linux oldld, aout, or coff.
+linux*oldld* | linux*aout* | linux*coff*)
+  dynamic_linker=no
+  ;;
+
+# This must be glibc/ELF.
+linux* | k*bsd*-gnu | kopensolaris*-gnu)
+  version_type=linux # correct to gnu/linux during the next big refactor
+  need_lib_prefix=no
+  need_version=no
+  library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+  soname_spec='${libname}${release}${shared_ext}$major'
+  finish_cmds='PATH="\$PATH:/sbin" ldconfig -n $libdir'
+  shlibpath_var=LD_LIBRARY_PATH
+  shlibpath_overrides_runpath=no
+
+  # Some binutils ld are patched to set DT_RUNPATH
+  if ${lt_cv_shlibpath_overrides_runpath+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  lt_cv_shlibpath_overrides_runpath=no
+    save_LDFLAGS=$LDFLAGS
+    save_libdir=$libdir
+    eval "libdir=/foo; wl=\"$lt_prog_compiler_wl_CXX\"; \
+	 LDFLAGS=\"\$LDFLAGS $hardcode_libdir_flag_spec_CXX\""
+    cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_cxx_try_link "$LINENO"; then :
+  if  ($OBJDUMP -p conftest$ac_exeext) 2>/dev/null | grep "RUNPATH.*$libdir" >/dev/null; then :
+  lt_cv_shlibpath_overrides_runpath=yes
+fi
+fi
+rm -f core conftest.err conftest.$ac_objext \
+    conftest$ac_exeext conftest.$ac_ext
+    LDFLAGS=$save_LDFLAGS
+    libdir=$save_libdir
+
+fi
+
+  shlibpath_overrides_runpath=$lt_cv_shlibpath_overrides_runpath
+
+  # This implies no fast_install, which is unacceptable.
+  # Some rework will be needed to allow for fast_install
+  # before this can be enabled.
+  hardcode_into_libs=yes
+
+  # Append ld.so.conf contents to the search path
+  if test -f /etc/ld.so.conf; then
+    lt_ld_extra=`awk '/^include / { system(sprintf("cd /etc; cat %s 2>/dev/null", \$2)); skip = 1; } { if (!skip) print \$0; skip = 0; }' < /etc/ld.so.conf | $SED -e 's/#.*//;/^[	 ]*hwcap[	 ]/d;s/[:,	]/ /g;s/=[^=]*$//;s/=[^= ]* / /g;s/"//g;/^$/d' | tr '\n' ' '`
+    sys_lib_dlsearch_path_spec="/lib /usr/lib $lt_ld_extra"
+  fi
+
+  # We used to test for /lib/ld.so.1 and disable shared libraries on
+  # powerpc, because MkLinux only supported shared libraries with the
+  # GNU dynamic linker.  Since this was broken with cross compilers,
+  # most powerpc-linux boxes support dynamic linking these days and
+  # people can always --disable-shared, the test was removed, and we
+  # assume the GNU/Linux dynamic linker is in use.
+  dynamic_linker='GNU/Linux ld.so'
+  ;;
+
+netbsd*)
+  version_type=sunos
+  need_lib_prefix=no
+  need_version=no
+  if echo __ELF__ | $CC -E - | $GREP __ELF__ >/dev/null; then
+    library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${shared_ext}$versuffix'
+    finish_cmds='PATH="\$PATH:/sbin" ldconfig -m $libdir'
+    dynamic_linker='NetBSD (a.out) ld.so'
+  else
+    library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}'
+    soname_spec='${libname}${release}${shared_ext}$major'
+    dynamic_linker='NetBSD ld.elf_so'
+  fi
+  shlibpath_var=LD_LIBRARY_PATH
+  shlibpath_overrides_runpath=yes
+  hardcode_into_libs=yes
+  ;;
+
+newsos6)
+  version_type=linux # correct to gnu/linux during the next big refactor
+  library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+  shlibpath_var=LD_LIBRARY_PATH
+  shlibpath_overrides_runpath=yes
+  ;;
+
+*nto* | *qnx*)
+  version_type=qnx
+  need_lib_prefix=no
+  need_version=no
+  library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+  soname_spec='${libname}${release}${shared_ext}$major'
+  shlibpath_var=LD_LIBRARY_PATH
+  shlibpath_overrides_runpath=no
+  hardcode_into_libs=yes
+  dynamic_linker='ldqnx.so'
+  ;;
+
+openbsd*)
+  version_type=sunos
+  sys_lib_dlsearch_path_spec="/usr/lib"
+  need_lib_prefix=no
+  # Some older versions of OpenBSD (3.3 at least) *do* need versioned libs.
+  case $host_os in
+    openbsd3.3 | openbsd3.3.*)	need_version=yes ;;
+    *)				need_version=no  ;;
+  esac
+  library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${shared_ext}$versuffix'
+  finish_cmds='PATH="\$PATH:/sbin" ldconfig -m $libdir'
+  shlibpath_var=LD_LIBRARY_PATH
+  if test -z "`echo __ELF__ | $CC -E - | $GREP __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then
+    case $host_os in
+      openbsd2.[89] | openbsd2.[89].*)
+	shlibpath_overrides_runpath=no
+	;;
+      *)
+	shlibpath_overrides_runpath=yes
+	;;
+      esac
+  else
+    shlibpath_overrides_runpath=yes
+  fi
+  ;;
+
+os2*)
+  libname_spec='$name'
+  shrext_cmds=".dll"
+  need_lib_prefix=no
+  library_names_spec='$libname${shared_ext} $libname.a'
+  dynamic_linker='OS/2 ld.exe'
+  shlibpath_var=LIBPATH
+  ;;
+
+osf3* | osf4* | osf5*)
+  version_type=osf
+  need_lib_prefix=no
+  need_version=no
+  soname_spec='${libname}${release}${shared_ext}$major'
+  library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+  shlibpath_var=LD_LIBRARY_PATH
+  sys_lib_search_path_spec="/usr/shlib /usr/ccs/lib /usr/lib/cmplrs/cc /usr/lib /usr/local/lib /var/shlib"
+  sys_lib_dlsearch_path_spec="$sys_lib_search_path_spec"
+  ;;
+
+rdos*)
+  dynamic_linker=no
+  ;;
+
+solaris*)
+  version_type=linux # correct to gnu/linux during the next big refactor
+  need_lib_prefix=no
+  need_version=no
+  library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+  soname_spec='${libname}${release}${shared_ext}$major'
+  shlibpath_var=LD_LIBRARY_PATH
+  shlibpath_overrides_runpath=yes
+  hardcode_into_libs=yes
+  # ldd complains unless libraries are executable
+  postinstall_cmds='chmod +x $lib'
+  ;;
+
+sunos4*)
+  version_type=sunos
+  library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${shared_ext}$versuffix'
+  finish_cmds='PATH="\$PATH:/usr/etc" ldconfig $libdir'
+  shlibpath_var=LD_LIBRARY_PATH
+  shlibpath_overrides_runpath=yes
+  if test "$with_gnu_ld" = yes; then
+    need_lib_prefix=no
+  fi
+  need_version=yes
+  ;;
+
+sysv4 | sysv4.3*)
+  version_type=linux # correct to gnu/linux during the next big refactor
+  library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+  soname_spec='${libname}${release}${shared_ext}$major'
+  shlibpath_var=LD_LIBRARY_PATH
+  case $host_vendor in
+    sni)
+      shlibpath_overrides_runpath=no
+      need_lib_prefix=no
+      runpath_var=LD_RUN_PATH
+      ;;
+    siemens)
+      need_lib_prefix=no
+      ;;
+    motorola)
+      need_lib_prefix=no
+      need_version=no
+      shlibpath_overrides_runpath=no
+      sys_lib_search_path_spec='/lib /usr/lib /usr/ccs/lib'
+      ;;
+  esac
+  ;;
+
+sysv4*MP*)
+  if test -d /usr/nec ;then
+    version_type=linux # correct to gnu/linux during the next big refactor
+    library_names_spec='$libname${shared_ext}.$versuffix $libname${shared_ext}.$major $libname${shared_ext}'
+    soname_spec='$libname${shared_ext}.$major'
+    shlibpath_var=LD_LIBRARY_PATH
+  fi
+  ;;
+
+sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX* | sysv4*uw2*)
+  version_type=freebsd-elf
+  need_lib_prefix=no
+  need_version=no
+  library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext} $libname${shared_ext}'
+  soname_spec='${libname}${release}${shared_ext}$major'
+  shlibpath_var=LD_LIBRARY_PATH
+  shlibpath_overrides_runpath=yes
+  hardcode_into_libs=yes
+  if test "$with_gnu_ld" = yes; then
+    sys_lib_search_path_spec='/usr/local/lib /usr/gnu/lib /usr/ccs/lib /usr/lib /lib'
+  else
+    sys_lib_search_path_spec='/usr/ccs/lib /usr/lib'
+    case $host_os in
+      sco3.2v5*)
+        sys_lib_search_path_spec="$sys_lib_search_path_spec /lib"
+	;;
+    esac
+  fi
+  sys_lib_dlsearch_path_spec='/usr/lib'
+  ;;
+
+tpf*)
+  # TPF is a cross-target only.  Preferred cross-host = GNU/Linux.
+  version_type=linux # correct to gnu/linux during the next big refactor
+  need_lib_prefix=no
+  need_version=no
+  library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+  shlibpath_var=LD_LIBRARY_PATH
+  shlibpath_overrides_runpath=no
+  hardcode_into_libs=yes
+  ;;
+
+uts4*)
+  version_type=linux # correct to gnu/linux during the next big refactor
+  library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+  soname_spec='${libname}${release}${shared_ext}$major'
+  shlibpath_var=LD_LIBRARY_PATH
+  ;;
+
+*)
+  dynamic_linker=no
+  ;;
+esac
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $dynamic_linker" >&5
+$as_echo "$dynamic_linker" >&6; }
+test "$dynamic_linker" = no && can_build_shared=no
+
+variables_saved_for_relink="PATH $shlibpath_var $runpath_var"
+if test "$GCC" = yes; then
+  variables_saved_for_relink="$variables_saved_for_relink GCC_EXEC_PREFIX COMPILER_PATH LIBRARY_PATH"
+fi
+
+if test "${lt_cv_sys_lib_search_path_spec+set}" = set; then
+  sys_lib_search_path_spec="$lt_cv_sys_lib_search_path_spec"
+fi
+if test "${lt_cv_sys_lib_dlsearch_path_spec+set}" = set; then
+  sys_lib_dlsearch_path_spec="$lt_cv_sys_lib_dlsearch_path_spec"
+fi
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+    { $as_echo "$as_me:${as_lineno-$LINENO}: checking how to hardcode library paths into programs" >&5
+$as_echo_n "checking how to hardcode library paths into programs... " >&6; }
+hardcode_action_CXX=
+if test -n "$hardcode_libdir_flag_spec_CXX" ||
+   test -n "$runpath_var_CXX" ||
+   test "X$hardcode_automatic_CXX" = "Xyes" ; then
+
+  # We can hardcode non-existent directories.
+  if test "$hardcode_direct_CXX" != no &&
+     # If the only mechanism to avoid hardcoding is shlibpath_var, we
+     # have to relink, otherwise we might link with an installed library
+     # when we should be linking with a yet-to-be-installed one
+     ## test "$_LT_TAGVAR(hardcode_shlibpath_var, CXX)" != no &&
+     test "$hardcode_minus_L_CXX" != no; then
+    # Linking always hardcodes the temporary library directory.
+    hardcode_action_CXX=relink
+  else
+    # We can link without hardcoding, and we can hardcode nonexisting dirs.
+    hardcode_action_CXX=immediate
+  fi
+else
+  # We cannot hardcode anything, or else we can only hardcode existing
+  # directories.
+  hardcode_action_CXX=unsupported
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $hardcode_action_CXX" >&5
+$as_echo "$hardcode_action_CXX" >&6; }
+
+if test "$hardcode_action_CXX" = relink ||
+   test "$inherit_rpath_CXX" = yes; then
+  # Fast installation is not supported
+  enable_fast_install=no
+elif test "$shlibpath_overrides_runpath" = yes ||
+     test "$enable_shared" = no; then
+  # Fast installation is not necessary
+  enable_fast_install=needless
+fi
+
+
+
+
+
+
+
+  fi # test -n "$compiler"
+
+  CC=$lt_save_CC
+  CFLAGS=$lt_save_CFLAGS
+  LDCXX=$LD
+  LD=$lt_save_LD
+  GCC=$lt_save_GCC
+  with_gnu_ld=$lt_save_with_gnu_ld
+  lt_cv_path_LDCXX=$lt_cv_path_LD
+  lt_cv_path_LD=$lt_save_path_LD
+  lt_cv_prog_gnu_ldcxx=$lt_cv_prog_gnu_ld
+  lt_cv_prog_gnu_ld=$lt_save_with_gnu_ld
+fi # test "$_lt_caught_CXX_error" != yes
+
+ac_ext=c
+ac_cpp='$CPP $CPPFLAGS'
+ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
+ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
+ac_compiler_gnu=$ac_cv_c_compiler_gnu
+
+
+
+
+
+
+  CFLAG_VISIBILITY=
+  HAVE_VISIBILITY=0
+  if test -n "$GCC"; then
+                { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the -Werror option is usable" >&5
+$as_echo_n "checking whether the -Werror option is usable... " >&6; }
+    if ${gl_cv_cc_vis_werror+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+
+      gl_save_CFLAGS="$CFLAGS"
+      CFLAGS="$CFLAGS -Werror"
+      cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  gl_cv_cc_vis_werror=yes
+else
+  gl_cv_cc_vis_werror=no
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+      CFLAGS="$gl_save_CFLAGS"
+fi
+
+    { $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_cc_vis_werror" >&5
+$as_echo "$gl_cv_cc_vis_werror" >&6; }
+        { $as_echo "$as_me:${as_lineno-$LINENO}: checking for simple visibility declarations" >&5
+$as_echo_n "checking for simple visibility declarations... " >&6; }
+    if ${gl_cv_cc_visibility+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+
+      gl_save_CFLAGS="$CFLAGS"
+      CFLAGS="$CFLAGS -fvisibility=hidden"
+                                    if test $gl_cv_cc_vis_werror = yes; then
+        CFLAGS="$CFLAGS -Werror"
+      fi
+      cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+extern __attribute__((__visibility__("hidden"))) int hiddenvar;
+             extern __attribute__((__visibility__("default"))) int exportedvar;
+             extern __attribute__((__visibility__("hidden"))) int hiddenfunc (void);
+             extern __attribute__((__visibility__("default"))) int exportedfunc (void);
+             void dummyfunc (void) {}
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  gl_cv_cc_visibility=yes
+else
+  gl_cv_cc_visibility=no
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+      CFLAGS="$gl_save_CFLAGS"
+fi
+
+    { $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_cc_visibility" >&5
+$as_echo "$gl_cv_cc_visibility" >&6; }
+    if test $gl_cv_cc_visibility = yes; then
+      CFLAG_VISIBILITY="-fvisibility=hidden"
+      HAVE_VISIBILITY=1
+    fi
+  fi
+
+
+
+cat >>confdefs.h <<_ACEOF
+#define HAVE_VISIBILITY $HAVE_VISIBILITY
+_ACEOF
+
+
+if  test -n "$CFLAG_VISIBILITY" ; then :
+
+       AM_CPPFLAGS="$AM_CPPFLAGS $CFLAG_VISIBILITY"
+       CPPFLAGS="$CPPFLAGS $CFLAG_VISIBILITY"
+
+fi
+
+# Check whether --enable-silent-rules was given.
+if test "${enable_silent_rules+set}" = set; then :
+  enableval=$enable_silent_rules;
+fi
+
+case $enable_silent_rules in # (((
+  yes) AM_DEFAULT_VERBOSITY=0;;
+   no) AM_DEFAULT_VERBOSITY=1;;
+    *) AM_DEFAULT_VERBOSITY=0;;
+esac
+am_make=${MAKE-make}
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $am_make supports nested variables" >&5
+$as_echo_n "checking whether $am_make supports nested variables... " >&6; }
+if ${am_cv_make_support_nested_variables+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if $as_echo 'TRUE=$(BAR$(V))
+BAR0=false
+BAR1=true
+V=1
+am__doit:
+	@$(TRUE)
+.PHONY: am__doit' | $am_make -f - >/dev/null 2>&1; then
+  am_cv_make_support_nested_variables=yes
+else
+  am_cv_make_support_nested_variables=no
+fi
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $am_cv_make_support_nested_variables" >&5
+$as_echo "$am_cv_make_support_nested_variables" >&6; }
+if test $am_cv_make_support_nested_variables = yes; then
+    AM_V='$(V)'
+  AM_DEFAULT_V='$(AM_DEFAULT_VERBOSITY)'
+else
+  AM_V=$AM_DEFAULT_VERBOSITY
+  AM_DEFAULT_V=$AM_DEFAULT_VERBOSITY
+fi
+AM_BACKSLASH='\'
+
+
+for ac_func in gethostbyname
+do :
+  ac_fn_c_check_func "$LINENO" "gethostbyname" "ac_cv_func_gethostbyname"
+if test "x$ac_cv_func_gethostbyname" = xyes; then :
+  cat >>confdefs.h <<_ACEOF
+#define HAVE_GETHOSTBYNAME 1
+_ACEOF
+
+fi
+done
+
+for ac_func in getaddrinfo
+do :
+  ac_fn_c_check_func "$LINENO" "getaddrinfo" "ac_cv_func_getaddrinfo"
+if test "x$ac_cv_func_getaddrinfo" = xyes; then :
+  cat >>confdefs.h <<_ACEOF
+#define HAVE_GETADDRINFO 1
+_ACEOF
+
+fi
+done
+
+for ac_func in gettimeofday
+do :
+  ac_fn_c_check_func "$LINENO" "gettimeofday" "ac_cv_func_gettimeofday"
+if test "x$ac_cv_func_gettimeofday" = xyes; then :
+  cat >>confdefs.h <<_ACEOF
+#define HAVE_GETTIMEOFDAY 1
+_ACEOF
+
+fi
+done
+
+for ac_func in inet_ntoa
+do :
+  ac_fn_c_check_func "$LINENO" "inet_ntoa" "ac_cv_func_inet_ntoa"
+if test "x$ac_cv_func_inet_ntoa" = xyes; then :
+  cat >>confdefs.h <<_ACEOF
+#define HAVE_INET_NTOA 1
+_ACEOF
+
+fi
+done
+
+for ac_func in memset
+do :
+  ac_fn_c_check_func "$LINENO" "memset" "ac_cv_func_memset"
+if test "x$ac_cv_func_memset" = xyes; then :
+  cat >>confdefs.h <<_ACEOF
+#define HAVE_MEMSET 1
+_ACEOF
+
+fi
+done
+
+for ac_func in socket
+do :
+  ac_fn_c_check_func "$LINENO" "socket" "ac_cv_func_socket"
+if test "x$ac_cv_func_socket" = xyes; then :
+  cat >>confdefs.h <<_ACEOF
+#define HAVE_SOCKET 1
+_ACEOF
+
+fi
+done
+
+for ac_header in arpa/inet.h
+do :
+  ac_fn_c_check_header_mongrel "$LINENO" "arpa/inet.h" "ac_cv_header_arpa_inet_h" "$ac_includes_default"
+if test "x$ac_cv_header_arpa_inet_h" = xyes; then :
+  cat >>confdefs.h <<_ACEOF
+#define HAVE_ARPA_INET_H 1
+_ACEOF
+
+fi
+
+done
+
+for ac_header in fcntl.h
+do :
+  ac_fn_c_check_header_mongrel "$LINENO" "fcntl.h" "ac_cv_header_fcntl_h" "$ac_includes_default"
+if test "x$ac_cv_header_fcntl_h" = xyes; then :
+  cat >>confdefs.h <<_ACEOF
+#define HAVE_FCNTL_H 1
+_ACEOF
+
+fi
+
+done
+
+for ac_header in limits.h
+do :
+  ac_fn_c_check_header_mongrel "$LINENO" "limits.h" "ac_cv_header_limits_h" "$ac_includes_default"
+if test "x$ac_cv_header_limits_h" = xyes; then :
+  cat >>confdefs.h <<_ACEOF
+#define HAVE_LIMITS_H 1
+_ACEOF
+
+fi
+
+done
+
+for ac_header in netdb.h
+do :
+  ac_fn_c_check_header_mongrel "$LINENO" "netdb.h" "ac_cv_header_netdb_h" "$ac_includes_default"
+if test "x$ac_cv_header_netdb_h" = xyes; then :
+  cat >>confdefs.h <<_ACEOF
+#define HAVE_NETDB_H 1
+_ACEOF
+
+fi
+
+done
+
+for ac_header in netinet/in.h
+do :
+  ac_fn_c_check_header_mongrel "$LINENO" "netinet/in.h" "ac_cv_header_netinet_in_h" "$ac_includes_default"
+if test "x$ac_cv_header_netinet_in_h" = xyes; then :
+  cat >>confdefs.h <<_ACEOF
+#define HAVE_NETINET_IN_H 1
+_ACEOF
+
+fi
+
+done
+
+for ac_header in stddef.h
+do :
+  ac_fn_c_check_header_mongrel "$LINENO" "stddef.h" "ac_cv_header_stddef_h" "$ac_includes_default"
+if test "x$ac_cv_header_stddef_h" = xyes; then :
+  cat >>confdefs.h <<_ACEOF
+#define HAVE_STDDEF_H 1
+_ACEOF
+
+fi
+
+done
+
+for ac_header in sys/ioctl.h
+do :
+  ac_fn_c_check_header_mongrel "$LINENO" "sys/ioctl.h" "ac_cv_header_sys_ioctl_h" "$ac_includes_default"
+if test "x$ac_cv_header_sys_ioctl_h" = xyes; then :
+  cat >>confdefs.h <<_ACEOF
+#define HAVE_SYS_IOCTL_H 1
+_ACEOF
+
+fi
+
+done
+
+for ac_header in sys/socket.h
+do :
+  ac_fn_c_check_header_mongrel "$LINENO" "sys/socket.h" "ac_cv_header_sys_socket_h" "$ac_includes_default"
+if test "x$ac_cv_header_sys_socket_h" = xyes; then :
+  cat >>confdefs.h <<_ACEOF
+#define HAVE_SYS_SOCKET_H 1
+_ACEOF
+
+fi
+
+done
+
+for ac_header in sys/time.h
+do :
+  ac_fn_c_check_header_mongrel "$LINENO" "sys/time.h" "ac_cv_header_sys_time_h" "$ac_includes_default"
+if test "x$ac_cv_header_sys_time_h" = xyes; then :
+  cat >>confdefs.h <<_ACEOF
+#define HAVE_SYS_TIME_H 1
+_ACEOF
+
+fi
+
+done
+
+for ac_header in errno.h
+do :
+  ac_fn_c_check_header_mongrel "$LINENO" "errno.h" "ac_cv_header_errno_h" "$ac_includes_default"
+if test "x$ac_cv_header_errno_h" = xyes; then :
+  cat >>confdefs.h <<_ACEOF
+#define HAVE_ERRNO_H 1
+_ACEOF
+
+fi
+
+done
+
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for socket in -lnetwork" >&5
+$as_echo_n "checking for socket in -lnetwork... " >&6; }
+if ${ac_cv_lib_network_socket+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  ac_check_lib_save_LIBS=$LIBS
+LIBS="-lnetwork  $LIBS"
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+/* Override any GCC internal prototype to avoid an error.
+   Use char because int might match the return type of a GCC
+   builtin and then its argument prototype would still apply.  */
+#ifdef __cplusplus
+extern "C"
+#endif
+char socket ();
+int
+main ()
+{
+return socket ();
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_link "$LINENO"; then :
+  ac_cv_lib_network_socket=yes
+else
+  ac_cv_lib_network_socket=no
+fi
+rm -f core conftest.err conftest.$ac_objext \
+    conftest$ac_exeext conftest.$ac_ext
+LIBS=$ac_check_lib_save_LIBS
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_network_socket" >&5
+$as_echo "$ac_cv_lib_network_socket" >&6; }
+if test "x$ac_cv_lib_network_socket" = xyes; then :
+  cat >>confdefs.h <<_ACEOF
+#define HAVE_LIBNETWORK 1
+_ACEOF
+
+  LIBS="-lnetwork $LIBS"
+
+fi
+
+# The cast to long int works around a bug in the HP C Compiler
+# version HP92453-01 B.11.11.23709.GP, which incorrectly rejects
+# declarations like `int a3[[(sizeof (unsigned char)) >= 0]];'.
+# This bug is HP SR number 8606223364.
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking size of long long" >&5
+$as_echo_n "checking size of long long... " >&6; }
+if ${ac_cv_sizeof_long_long+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if ac_fn_c_compute_int "$LINENO" "(long int) (sizeof (long long))" "ac_cv_sizeof_long_long"        "$ac_includes_default"; then :
+
+else
+  if test "$ac_cv_type_long_long" = yes; then
+     { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
+$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
+as_fn_error 77 "cannot compute sizeof (long long)
+See \`config.log' for more details" "$LINENO" 5; }
+   else
+     ac_cv_sizeof_long_long=0
+   fi
+fi
+
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_sizeof_long_long" >&5
+$as_echo "$ac_cv_sizeof_long_long" >&6; }
+
+
+
+cat >>confdefs.h <<_ACEOF
+#define SIZEOF_LONG_LONG $ac_cv_sizeof_long_long
+_ACEOF
+
+
+# The cast to long int works around a bug in the HP C Compiler
+# version HP92453-01 B.11.11.23709.GP, which incorrectly rejects
+# declarations like `int a3[[(sizeof (unsigned char)) >= 0]];'.
+# This bug is HP SR number 8606223364.
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking size of long" >&5
+$as_echo_n "checking size of long... " >&6; }
+if ${ac_cv_sizeof_long+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if ac_fn_c_compute_int "$LINENO" "(long int) (sizeof (long))" "ac_cv_sizeof_long"        "$ac_includes_default"; then :
+
+else
+  if test "$ac_cv_type_long" = yes; then
+     { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
+$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
+as_fn_error 77 "cannot compute sizeof (long)
+See \`config.log' for more details" "$LINENO" 5; }
+   else
+     ac_cv_sizeof_long=0
+   fi
+fi
+
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_sizeof_long" >&5
+$as_echo "$ac_cv_sizeof_long" >&6; }
+
+
+
+cat >>confdefs.h <<_ACEOF
+#define SIZEOF_LONG $ac_cv_sizeof_long
+_ACEOF
+
+
+ac_fn_c_check_type "$LINENO" "__uint128_t" "ac_cv_type___uint128_t" "$ac_includes_default"
+if test "x$ac_cv_type___uint128_t" = xyes; then :
+
+cat >>confdefs.h <<_ACEOF
+#define HAVE___UINT128_T 1
+_ACEOF
+
+
+fi
+
+ { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether byte ordering is bigendian" >&5
+$as_echo_n "checking whether byte ordering is bigendian... " >&6; }
+if ${ac_cv_c_bigendian+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  ac_cv_c_bigendian=unknown
+    # See if we're dealing with a universal compiler.
+    cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+#ifndef __APPLE_CC__
+	       not a universal capable compiler
+	     #endif
+	     typedef int dummy;
+
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+
+	# Check for potential -arch flags.  It is not universal unless
+	# there are at least two -arch flags with different values.
+	ac_arch=
+	ac_prev=
+	for ac_word in $CC $CFLAGS $CPPFLAGS $LDFLAGS; do
+	 if test -n "$ac_prev"; then
+	   case $ac_word in
+	     i?86 | x86_64 | ppc | ppc64)
+	       if test -z "$ac_arch" || test "$ac_arch" = "$ac_word"; then
+		 ac_arch=$ac_word
+	       else
+		 ac_cv_c_bigendian=universal
+		 break
+	       fi
+	       ;;
+	   esac
+	   ac_prev=
+	 elif test "x$ac_word" = "x-arch"; then
+	   ac_prev=arch
+	 fi
+       done
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+    if test $ac_cv_c_bigendian = unknown; then
+      # See if sys/param.h defines the BYTE_ORDER macro.
+      cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+#include 
+	     #include 
+
+int
+main ()
+{
+#if ! (defined BYTE_ORDER && defined BIG_ENDIAN \
+		     && defined LITTLE_ENDIAN && BYTE_ORDER && BIG_ENDIAN \
+		     && LITTLE_ENDIAN)
+	      bogus endian macros
+	     #endif
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  # It does; now see whether it defined to BIG_ENDIAN or not.
+	 cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+#include 
+		#include 
+
+int
+main ()
+{
+#if BYTE_ORDER != BIG_ENDIAN
+		 not big endian
+		#endif
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  ac_cv_c_bigendian=yes
+else
+  ac_cv_c_bigendian=no
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+    fi
+    if test $ac_cv_c_bigendian = unknown; then
+      # See if  defines _LITTLE_ENDIAN or _BIG_ENDIAN (e.g., Solaris).
+      cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+#include 
+
+int
+main ()
+{
+#if ! (defined _LITTLE_ENDIAN || defined _BIG_ENDIAN)
+	      bogus endian macros
+	     #endif
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  # It does; now see whether it defined to _BIG_ENDIAN or not.
+	 cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+#include 
+
+int
+main ()
+{
+#ifndef _BIG_ENDIAN
+		 not big endian
+		#endif
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  ac_cv_c_bigendian=yes
+else
+  ac_cv_c_bigendian=no
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+    fi
+    if test $ac_cv_c_bigendian = unknown; then
+      # Compile a test program.
+      if test "$cross_compiling" = yes; then :
+  # Try to guess by grepping values from an object file.
+	 cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+short int ascii_mm[] =
+		  { 0x4249, 0x4765, 0x6E44, 0x6961, 0x6E53, 0x7953, 0 };
+		short int ascii_ii[] =
+		  { 0x694C, 0x5454, 0x656C, 0x6E45, 0x6944, 0x6E61, 0 };
+		int use_ascii (int i) {
+		  return ascii_mm[i] + ascii_ii[i];
+		}
+		short int ebcdic_ii[] =
+		  { 0x89D3, 0xE3E3, 0x8593, 0x95C5, 0x89C4, 0x9581, 0 };
+		short int ebcdic_mm[] =
+		  { 0xC2C9, 0xC785, 0x95C4, 0x8981, 0x95E2, 0xA8E2, 0 };
+		int use_ebcdic (int i) {
+		  return ebcdic_mm[i] + ebcdic_ii[i];
+		}
+		extern int foo;
+
+int
+main ()
+{
+return use_ascii (foo) == use_ebcdic (foo);
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  if grep BIGenDianSyS conftest.$ac_objext >/dev/null; then
+	      ac_cv_c_bigendian=yes
+	    fi
+	    if grep LiTTleEnDian conftest.$ac_objext >/dev/null ; then
+	      if test "$ac_cv_c_bigendian" = unknown; then
+		ac_cv_c_bigendian=no
+	      else
+		# finding both strings is unlikely to happen, but who knows?
+		ac_cv_c_bigendian=unknown
+	      fi
+	    fi
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+else
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+$ac_includes_default
+int
+main ()
+{
+
+	     /* Are we little or big endian?  From Harbison&Steele.  */
+	     union
+	     {
+	       long int l;
+	       char c[sizeof (long int)];
+	     } u;
+	     u.l = 1;
+	     return u.c[sizeof (long int) - 1] == 1;
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_run "$LINENO"; then :
+  ac_cv_c_bigendian=no
+else
+  ac_cv_c_bigendian=yes
+fi
+rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \
+  conftest.$ac_objext conftest.beam conftest.$ac_ext
+fi
+
+    fi
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_c_bigendian" >&5
+$as_echo "$ac_cv_c_bigendian" >&6; }
+ case $ac_cv_c_bigendian in #(
+   yes)
+     $as_echo "#define WORDS_BIGENDIAN 1" >>confdefs.h
+;; #(
+   no)
+      ;; #(
+   universal)
+
+$as_echo "#define AC_APPLE_UNIVERSAL_BUILD 1" >>confdefs.h
+
+     ;; #(
+   *)
+     as_fn_error $? "unknown endianness
+ presetting ac_cv_c_bigendian=no (or yes) will help" "$LINENO" 5 ;;
+ esac
+
+# mktime check takes forever on some systems, if time supported it would be
+# highly unusual for mktime to be missing
+#AC_FUNC_MKTIME
+
+ac_ext=c
+ac_cpp='$CPP $CPPFLAGS'
+ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
+ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
+ac_compiler_gnu=$ac_cv_c_compiler_gnu
+if test -n "$ac_tool_prefix"; then
+  # Extract the first word of "${ac_tool_prefix}gcc", so it can be a program name with args.
+set dummy ${ac_tool_prefix}gcc; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_CC+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if test -n "$CC"; then
+  ac_cv_prog_CC="$CC" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    for ac_exec_ext in '' $ac_executable_extensions; do
+  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
+    ac_cv_prog_CC="${ac_tool_prefix}gcc"
+    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
+    break 2
+  fi
+done
+  done
+IFS=$as_save_IFS
+
+fi
+fi
+CC=$ac_cv_prog_CC
+if test -n "$CC"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5
+$as_echo "$CC" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+fi
+if test -z "$ac_cv_prog_CC"; then
+  ac_ct_CC=$CC
+  # Extract the first word of "gcc", so it can be a program name with args.
+set dummy gcc; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_ac_ct_CC+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if test -n "$ac_ct_CC"; then
+  ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    for ac_exec_ext in '' $ac_executable_extensions; do
+  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
+    ac_cv_prog_ac_ct_CC="gcc"
+    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
+    break 2
+  fi
+done
+  done
+IFS=$as_save_IFS
+
+fi
+fi
+ac_ct_CC=$ac_cv_prog_ac_ct_CC
+if test -n "$ac_ct_CC"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_CC" >&5
+$as_echo "$ac_ct_CC" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+  if test "x$ac_ct_CC" = x; then
+    CC=""
+  else
+    case $cross_compiling:$ac_tool_warned in
+yes:)
+{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5
+$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;}
+ac_tool_warned=yes ;;
+esac
+    CC=$ac_ct_CC
+  fi
+else
+  CC="$ac_cv_prog_CC"
+fi
+
+if test -z "$CC"; then
+          if test -n "$ac_tool_prefix"; then
+    # Extract the first word of "${ac_tool_prefix}cc", so it can be a program name with args.
+set dummy ${ac_tool_prefix}cc; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_CC+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if test -n "$CC"; then
+  ac_cv_prog_CC="$CC" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    for ac_exec_ext in '' $ac_executable_extensions; do
+  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
+    ac_cv_prog_CC="${ac_tool_prefix}cc"
+    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
+    break 2
+  fi
+done
+  done
+IFS=$as_save_IFS
+
+fi
+fi
+CC=$ac_cv_prog_CC
+if test -n "$CC"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5
+$as_echo "$CC" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+  fi
+fi
+if test -z "$CC"; then
+  # Extract the first word of "cc", so it can be a program name with args.
+set dummy cc; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_CC+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if test -n "$CC"; then
+  ac_cv_prog_CC="$CC" # Let the user override the test.
+else
+  ac_prog_rejected=no
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    for ac_exec_ext in '' $ac_executable_extensions; do
+  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
+    if test "$as_dir/$ac_word$ac_exec_ext" = "/usr/ucb/cc"; then
+       ac_prog_rejected=yes
+       continue
+     fi
+    ac_cv_prog_CC="cc"
+    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
+    break 2
+  fi
+done
+  done
+IFS=$as_save_IFS
+
+if test $ac_prog_rejected = yes; then
+  # We found a bogon in the path, so make sure we never use it.
+  set dummy $ac_cv_prog_CC
+  shift
+  if test $# != 0; then
+    # We chose a different compiler from the bogus one.
+    # However, it has the same basename, so the bogon will be chosen
+    # first if we set CC to just the basename; use the full file name.
+    shift
+    ac_cv_prog_CC="$as_dir/$ac_word${1+' '}$@"
+  fi
+fi
+fi
+fi
+CC=$ac_cv_prog_CC
+if test -n "$CC"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5
+$as_echo "$CC" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+fi
+if test -z "$CC"; then
+  if test -n "$ac_tool_prefix"; then
+  for ac_prog in cl.exe
+  do
+    # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args.
+set dummy $ac_tool_prefix$ac_prog; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_CC+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if test -n "$CC"; then
+  ac_cv_prog_CC="$CC" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    for ac_exec_ext in '' $ac_executable_extensions; do
+  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
+    ac_cv_prog_CC="$ac_tool_prefix$ac_prog"
+    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
+    break 2
+  fi
+done
+  done
+IFS=$as_save_IFS
+
+fi
+fi
+CC=$ac_cv_prog_CC
+if test -n "$CC"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5
+$as_echo "$CC" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+    test -n "$CC" && break
+  done
+fi
+if test -z "$CC"; then
+  ac_ct_CC=$CC
+  for ac_prog in cl.exe
+do
+  # Extract the first word of "$ac_prog", so it can be a program name with args.
+set dummy $ac_prog; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_ac_ct_CC+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if test -n "$ac_ct_CC"; then
+  ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    for ac_exec_ext in '' $ac_executable_extensions; do
+  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
+    ac_cv_prog_ac_ct_CC="$ac_prog"
+    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
+    break 2
+  fi
+done
+  done
+IFS=$as_save_IFS
+
+fi
+fi
+ac_ct_CC=$ac_cv_prog_ac_ct_CC
+if test -n "$ac_ct_CC"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_CC" >&5
+$as_echo "$ac_ct_CC" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+  test -n "$ac_ct_CC" && break
+done
+
+  if test "x$ac_ct_CC" = x; then
+    CC=""
+  else
+    case $cross_compiling:$ac_tool_warned in
+yes:)
+{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5
+$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;}
+ac_tool_warned=yes ;;
+esac
+    CC=$ac_ct_CC
+  fi
+fi
+
+fi
+
+
+test -z "$CC" && { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
+$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
+as_fn_error $? "no acceptable C compiler found in \$PATH
+See \`config.log' for more details" "$LINENO" 5; }
+
+# Provide some information about the compiler.
+$as_echo "$as_me:${as_lineno-$LINENO}: checking for C compiler version" >&5
+set X $ac_compile
+ac_compiler=$2
+for ac_option in --version -v -V -qversion; do
+  { { ac_try="$ac_compiler $ac_option >&5"
+case "(($ac_try" in
+  *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+  *) ac_try_echo=$ac_try;;
+esac
+eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\""
+$as_echo "$ac_try_echo"; } >&5
+  (eval "$ac_compiler $ac_option >&5") 2>conftest.err
+  ac_status=$?
+  if test -s conftest.err; then
+    sed '10a\
+... rest of stderr output deleted ...
+         10q' conftest.err >conftest.er1
+    cat conftest.er1 >&5
+  fi
+  rm -f conftest.er1 conftest.err
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+done
+
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether we are using the GNU C compiler" >&5
+$as_echo_n "checking whether we are using the GNU C compiler... " >&6; }
+if ${ac_cv_c_compiler_gnu+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+#ifndef __GNUC__
+       choke me
+#endif
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  ac_compiler_gnu=yes
+else
+  ac_compiler_gnu=no
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+ac_cv_c_compiler_gnu=$ac_compiler_gnu
+
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_c_compiler_gnu" >&5
+$as_echo "$ac_cv_c_compiler_gnu" >&6; }
+if test $ac_compiler_gnu = yes; then
+  GCC=yes
+else
+  GCC=
+fi
+ac_test_CFLAGS=${CFLAGS+set}
+ac_save_CFLAGS=$CFLAGS
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $CC accepts -g" >&5
+$as_echo_n "checking whether $CC accepts -g... " >&6; }
+if ${ac_cv_prog_cc_g+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  ac_save_c_werror_flag=$ac_c_werror_flag
+   ac_c_werror_flag=yes
+   ac_cv_prog_cc_g=no
+   CFLAGS="-g"
+   cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  ac_cv_prog_cc_g=yes
+else
+  CFLAGS=""
+      cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+
+else
+  ac_c_werror_flag=$ac_save_c_werror_flag
+	 CFLAGS="-g"
+	 cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  ac_cv_prog_cc_g=yes
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+   ac_c_werror_flag=$ac_save_c_werror_flag
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_g" >&5
+$as_echo "$ac_cv_prog_cc_g" >&6; }
+if test "$ac_test_CFLAGS" = set; then
+  CFLAGS=$ac_save_CFLAGS
+elif test $ac_cv_prog_cc_g = yes; then
+  if test "$GCC" = yes; then
+    CFLAGS="-g -O2"
+  else
+    CFLAGS="-g"
+  fi
+else
+  if test "$GCC" = yes; then
+    CFLAGS="-O2"
+  else
+    CFLAGS=
+  fi
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $CC option to accept ISO C89" >&5
+$as_echo_n "checking for $CC option to accept ISO C89... " >&6; }
+if ${ac_cv_prog_cc_c89+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  ac_cv_prog_cc_c89=no
+ac_save_CC=$CC
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+#include 
+#include 
+struct stat;
+/* Most of the following tests are stolen from RCS 5.7's src/conf.sh.  */
+struct buf { int x; };
+FILE * (*rcsopen) (struct buf *, struct stat *, int);
+static char *e (p, i)
+     char **p;
+     int i;
+{
+  return p[i];
+}
+static char *f (char * (*g) (char **, int), char **p, ...)
+{
+  char *s;
+  va_list v;
+  va_start (v,p);
+  s = g (p, va_arg (v,int));
+  va_end (v);
+  return s;
+}
+
+/* OSF 4.0 Compaq cc is some sort of almost-ANSI by default.  It has
+   function prototypes and stuff, but not '\xHH' hex character constants.
+   These don't provoke an error unfortunately, instead are silently treated
+   as 'x'.  The following induces an error, until -std is added to get
+   proper ANSI mode.  Curiously '\x00'!='x' always comes out true, for an
+   array size at least.  It's necessary to write '\x00'==0 to get something
+   that's true only with -std.  */
+int osf4_cc_array ['\x00' == 0 ? 1 : -1];
+
+/* IBM C 6 for AIX is almost-ANSI by default, but it replaces macro parameters
+   inside strings and character constants.  */
+#define FOO(x) 'x'
+int xlc6_cc_array[FOO(a) == 'x' ? 1 : -1];
+
+int test (int i, double x);
+struct s1 {int (*f) (int a);};
+struct s2 {int (*f) (double a);};
+int pairnames (int, char **, FILE *(*)(struct buf *, struct stat *, int), int, int);
+int argc;
+char **argv;
+int
+main ()
+{
+return f (e, argv, 0) != argv[0]  ||  f (e, argv, 1) != argv[1];
+  ;
+  return 0;
+}
+_ACEOF
+for ac_arg in '' -qlanglvl=extc89 -qlanglvl=ansi -std \
+	-Ae "-Aa -D_HPUX_SOURCE" "-Xc -D__EXTENSIONS__"
+do
+  CC="$ac_save_CC $ac_arg"
+  if ac_fn_c_try_compile "$LINENO"; then :
+  ac_cv_prog_cc_c89=$ac_arg
+fi
+rm -f core conftest.err conftest.$ac_objext
+  test "x$ac_cv_prog_cc_c89" != "xno" && break
+done
+rm -f conftest.$ac_ext
+CC=$ac_save_CC
+
+fi
+# AC_CACHE_VAL
+case "x$ac_cv_prog_cc_c89" in
+  x)
+    { $as_echo "$as_me:${as_lineno-$LINENO}: result: none needed" >&5
+$as_echo "none needed" >&6; } ;;
+  xno)
+    { $as_echo "$as_me:${as_lineno-$LINENO}: result: unsupported" >&5
+$as_echo "unsupported" >&6; } ;;
+  *)
+    CC="$CC $ac_cv_prog_cc_c89"
+    { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_c89" >&5
+$as_echo "$ac_cv_prog_cc_c89" >&6; } ;;
+esac
+if test "x$ac_cv_prog_cc_c89" != xno; then :
+
+fi
+
+ac_ext=c
+ac_cpp='$CPP $CPPFLAGS'
+ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
+ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
+ac_compiler_gnu=$ac_cv_c_compiler_gnu
+
+ac_ext=c
+ac_cpp='$CPP $CPPFLAGS'
+ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
+ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
+ac_compiler_gnu=$ac_cv_c_compiler_gnu
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $CC understands -c and -o together" >&5
+$as_echo_n "checking whether $CC understands -c and -o together... " >&6; }
+if ${am_cv_prog_cc_c_o+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+  # Make sure it works both with $CC and with simple cc.
+  # Following AC_PROG_CC_C_O, we do the test twice because some
+  # compilers refuse to overwrite an existing .o file with -o,
+  # though they will create one.
+  am_cv_prog_cc_c_o=yes
+  for am_i in 1 2; do
+    if { echo "$as_me:$LINENO: $CC -c conftest.$ac_ext -o conftest2.$ac_objext" >&5
+   ($CC -c conftest.$ac_ext -o conftest2.$ac_objext) >&5 2>&5
+   ac_status=$?
+   echo "$as_me:$LINENO: \$? = $ac_status" >&5
+   (exit $ac_status); } \
+         && test -f conftest2.$ac_objext; then
+      : OK
+    else
+      am_cv_prog_cc_c_o=no
+      break
+    fi
+  done
+  rm -f core conftest*
+  unset am_i
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $am_cv_prog_cc_c_o" >&5
+$as_echo "$am_cv_prog_cc_c_o" >&6; }
+if test "$am_cv_prog_cc_c_o" != yes; then
+   # Losing compiler, so override with the script.
+   # FIXME: It is wrong to rewrite CC.
+   # But if we don't then we get into trouble of one sort or another.
+   # A longer-term fix would be to have automake use am__CC in this case,
+   # and then we could set am__CC="\$(top_srcdir)/compile \$(CC)"
+   CC="$am_aux_dir/compile $CC"
+fi
+ac_ext=c
+ac_cpp='$CPP $CPPFLAGS'
+ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
+ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
+ac_compiler_gnu=$ac_cv_c_compiler_gnu
+
+
+depcc="$CC"   am_compiler_list=
+
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking dependency style of $depcc" >&5
+$as_echo_n "checking dependency style of $depcc... " >&6; }
+if ${am_cv_CC_dependencies_compiler_type+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if test -z "$AMDEP_TRUE" && test -f "$am_depcomp"; then
+  # We make a subdir and do the tests there.  Otherwise we can end up
+  # making bogus files that we don't know about and never remove.  For
+  # instance it was reported that on HP-UX the gcc test will end up
+  # making a dummy file named 'D' -- because '-MD' means "put the output
+  # in D".
+  rm -rf conftest.dir
+  mkdir conftest.dir
+  # Copy depcomp to subdir because otherwise we won't find it if we're
+  # using a relative directory.
+  cp "$am_depcomp" conftest.dir
+  cd conftest.dir
+  # We will build objects and dependencies in a subdirectory because
+  # it helps to detect inapplicable dependency modes.  For instance
+  # both Tru64's cc and ICC support -MD to output dependencies as a
+  # side effect of compilation, but ICC will put the dependencies in
+  # the current directory while Tru64 will put them in the object
+  # directory.
+  mkdir sub
+
+  am_cv_CC_dependencies_compiler_type=none
+  if test "$am_compiler_list" = ""; then
+     am_compiler_list=`sed -n 's/^#*\([a-zA-Z0-9]*\))$/\1/p' < ./depcomp`
+  fi
+  am__universal=false
+  case " $depcc " in #(
+     *\ -arch\ *\ -arch\ *) am__universal=true ;;
+     esac
+
+  for depmode in $am_compiler_list; do
+    # Setup a source with many dependencies, because some compilers
+    # like to wrap large dependency lists on column 80 (with \), and
+    # we should not choose a depcomp mode which is confused by this.
+    #
+    # We need to recreate these files for each test, as the compiler may
+    # overwrite some of them when testing with obscure command lines.
+    # This happens at least with the AIX C compiler.
+    : > sub/conftest.c
+    for i in 1 2 3 4 5 6; do
+      echo '#include "conftst'$i'.h"' >> sub/conftest.c
+      # Using ": > sub/conftst$i.h" creates only sub/conftst1.h with
+      # Solaris 10 /bin/sh.
+      echo '/* dummy */' > sub/conftst$i.h
+    done
+    echo "${am__include} ${am__quote}sub/conftest.Po${am__quote}" > confmf
+
+    # We check with '-c' and '-o' for the sake of the "dashmstdout"
+    # mode.  It turns out that the SunPro C++ compiler does not properly
+    # handle '-M -o', and we need to detect this.  Also, some Intel
+    # versions had trouble with output in subdirs.
+    am__obj=sub/conftest.${OBJEXT-o}
+    am__minus_obj="-o $am__obj"
+    case $depmode in
+    gcc)
+      # This depmode causes a compiler race in universal mode.
+      test "$am__universal" = false || continue
+      ;;
+    nosideeffect)
+      # After this tag, mechanisms are not by side-effect, so they'll
+      # only be used when explicitly requested.
+      if test "x$enable_dependency_tracking" = xyes; then
+	continue
+      else
+	break
+      fi
+      ;;
+    msvc7 | msvc7msys | msvisualcpp | msvcmsys)
+      # This compiler won't grok '-c -o', but also, the minuso test has
+      # not run yet.  These depmodes are late enough in the game, and
+      # so weak that their functioning should not be impacted.
+      am__obj=conftest.${OBJEXT-o}
+      am__minus_obj=
+      ;;
+    none) break ;;
+    esac
+    if depmode=$depmode \
+       source=sub/conftest.c object=$am__obj \
+       depfile=sub/conftest.Po tmpdepfile=sub/conftest.TPo \
+       $SHELL ./depcomp $depcc -c $am__minus_obj sub/conftest.c \
+         >/dev/null 2>conftest.err &&
+       grep sub/conftst1.h sub/conftest.Po > /dev/null 2>&1 &&
+       grep sub/conftst6.h sub/conftest.Po > /dev/null 2>&1 &&
+       grep $am__obj sub/conftest.Po > /dev/null 2>&1 &&
+       ${MAKE-make} -s -f confmf > /dev/null 2>&1; then
+      # icc doesn't choke on unknown options, it will just issue warnings
+      # or remarks (even with -Werror).  So we grep stderr for any message
+      # that says an option was ignored or not supported.
+      # When given -MP, icc 7.0 and 7.1 complain thusly:
+      #   icc: Command line warning: ignoring option '-M'; no argument required
+      # The diagnosis changed in icc 8.0:
+      #   icc: Command line remark: option '-MP' not supported
+      if (grep 'ignoring option' conftest.err ||
+          grep 'not supported' conftest.err) >/dev/null 2>&1; then :; else
+        am_cv_CC_dependencies_compiler_type=$depmode
+        break
+      fi
+    fi
+  done
+
+  cd ..
+  rm -rf conftest.dir
+else
+  am_cv_CC_dependencies_compiler_type=none
+fi
+
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $am_cv_CC_dependencies_compiler_type" >&5
+$as_echo "$am_cv_CC_dependencies_compiler_type" >&6; }
+CCDEPMODE=depmode=$am_cv_CC_dependencies_compiler_type
+
+ if
+  test "x$enable_dependency_tracking" != xno \
+  && test "$am_cv_CC_dependencies_compiler_type" = gcc3; then
+  am__fastdepCC_TRUE=
+  am__fastdepCC_FALSE='#'
+else
+  am__fastdepCC_TRUE='#'
+  am__fastdepCC_FALSE=
+fi
+
+
+if test "x$CC" != xcc; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $CC and cc understand -c and -o together" >&5
+$as_echo_n "checking whether $CC and cc understand -c and -o together... " >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether cc understands -c and -o together" >&5
+$as_echo_n "checking whether cc understands -c and -o together... " >&6; }
+fi
+set dummy $CC; ac_cc=`$as_echo "$2" |
+		      sed 's/[^a-zA-Z0-9_]/_/g;s/^[0-9]/_/'`
+if eval \${ac_cv_prog_cc_${ac_cc}_c_o+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+# Make sure it works both with $CC and with simple cc.
+# We do the test twice because some compilers refuse to overwrite an
+# existing .o file with -o, though they will create one.
+ac_try='$CC -c conftest.$ac_ext -o conftest2.$ac_objext >&5'
+rm -f conftest2.*
+if { { case "(($ac_try" in
+  *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+  *) ac_try_echo=$ac_try;;
+esac
+eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\""
+$as_echo "$ac_try_echo"; } >&5
+  (eval "$ac_try") 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; } &&
+   test -f conftest2.$ac_objext && { { case "(($ac_try" in
+  *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+  *) ac_try_echo=$ac_try;;
+esac
+eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\""
+$as_echo "$ac_try_echo"; } >&5
+  (eval "$ac_try") 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; };
+then
+  eval ac_cv_prog_cc_${ac_cc}_c_o=yes
+  if test "x$CC" != xcc; then
+    # Test first that cc exists at all.
+    if { ac_try='cc -c conftest.$ac_ext >&5'
+  { { case "(($ac_try" in
+  *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+  *) ac_try_echo=$ac_try;;
+esac
+eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\""
+$as_echo "$ac_try_echo"; } >&5
+  (eval "$ac_try") 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }; }; then
+      ac_try='cc -c conftest.$ac_ext -o conftest2.$ac_objext >&5'
+      rm -f conftest2.*
+      if { { case "(($ac_try" in
+  *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+  *) ac_try_echo=$ac_try;;
+esac
+eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\""
+$as_echo "$ac_try_echo"; } >&5
+  (eval "$ac_try") 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; } &&
+	 test -f conftest2.$ac_objext && { { case "(($ac_try" in
+  *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+  *) ac_try_echo=$ac_try;;
+esac
+eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\""
+$as_echo "$ac_try_echo"; } >&5
+  (eval "$ac_try") 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; };
+      then
+	# cc works too.
+	:
+      else
+	# cc exists but doesn't like -o.
+	eval ac_cv_prog_cc_${ac_cc}_c_o=no
+      fi
+    fi
+  fi
+else
+  eval ac_cv_prog_cc_${ac_cc}_c_o=no
+fi
+rm -f core conftest*
+
+fi
+if eval test \$ac_cv_prog_cc_${ac_cc}_c_o = yes; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+$as_echo "yes" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+
+$as_echo "#define NO_MINUS_C_MINUS_O 1" >>confdefs.h
+
+fi
+
+ac_ext=cpp
+ac_cpp='$CXXCPP $CPPFLAGS'
+ac_compile='$CXX -c $CXXFLAGS $CPPFLAGS conftest.$ac_ext >&5'
+ac_link='$CXX -o conftest$ac_exeext $CXXFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
+ac_compiler_gnu=$ac_cv_cxx_compiler_gnu
+if test -z "$CXX"; then
+  if test -n "$CCC"; then
+    CXX=$CCC
+  else
+    if test -n "$ac_tool_prefix"; then
+  for ac_prog in g++ c++ gpp aCC CC cxx cc++ cl.exe FCC KCC RCC xlC_r xlC
+  do
+    # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args.
+set dummy $ac_tool_prefix$ac_prog; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_CXX+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if test -n "$CXX"; then
+  ac_cv_prog_CXX="$CXX" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    for ac_exec_ext in '' $ac_executable_extensions; do
+  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
+    ac_cv_prog_CXX="$ac_tool_prefix$ac_prog"
+    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
+    break 2
+  fi
+done
+  done
+IFS=$as_save_IFS
+
+fi
+fi
+CXX=$ac_cv_prog_CXX
+if test -n "$CXX"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CXX" >&5
+$as_echo "$CXX" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+    test -n "$CXX" && break
+  done
+fi
+if test -z "$CXX"; then
+  ac_ct_CXX=$CXX
+  for ac_prog in g++ c++ gpp aCC CC cxx cc++ cl.exe FCC KCC RCC xlC_r xlC
+do
+  # Extract the first word of "$ac_prog", so it can be a program name with args.
+set dummy $ac_prog; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_ac_ct_CXX+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if test -n "$ac_ct_CXX"; then
+  ac_cv_prog_ac_ct_CXX="$ac_ct_CXX" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    for ac_exec_ext in '' $ac_executable_extensions; do
+  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
+    ac_cv_prog_ac_ct_CXX="$ac_prog"
+    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
+    break 2
+  fi
+done
+  done
+IFS=$as_save_IFS
+
+fi
+fi
+ac_ct_CXX=$ac_cv_prog_ac_ct_CXX
+if test -n "$ac_ct_CXX"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_CXX" >&5
+$as_echo "$ac_ct_CXX" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+  test -n "$ac_ct_CXX" && break
+done
+
+  if test "x$ac_ct_CXX" = x; then
+    CXX="g++"
+  else
+    case $cross_compiling:$ac_tool_warned in
+yes:)
+{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5
+$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;}
+ac_tool_warned=yes ;;
+esac
+    CXX=$ac_ct_CXX
+  fi
+fi
+
+  fi
+fi
+# Provide some information about the compiler.
+$as_echo "$as_me:${as_lineno-$LINENO}: checking for C++ compiler version" >&5
+set X $ac_compile
+ac_compiler=$2
+for ac_option in --version -v -V -qversion; do
+  { { ac_try="$ac_compiler $ac_option >&5"
+case "(($ac_try" in
+  *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+  *) ac_try_echo=$ac_try;;
+esac
+eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\""
+$as_echo "$ac_try_echo"; } >&5
+  (eval "$ac_compiler $ac_option >&5") 2>conftest.err
+  ac_status=$?
+  if test -s conftest.err; then
+    sed '10a\
+... rest of stderr output deleted ...
+         10q' conftest.err >conftest.er1
+    cat conftest.er1 >&5
+  fi
+  rm -f conftest.er1 conftest.err
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+done
+
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether we are using the GNU C++ compiler" >&5
+$as_echo_n "checking whether we are using the GNU C++ compiler... " >&6; }
+if ${ac_cv_cxx_compiler_gnu+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+#ifndef __GNUC__
+       choke me
+#endif
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_cxx_try_compile "$LINENO"; then :
+  ac_compiler_gnu=yes
+else
+  ac_compiler_gnu=no
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+ac_cv_cxx_compiler_gnu=$ac_compiler_gnu
+
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_cxx_compiler_gnu" >&5
+$as_echo "$ac_cv_cxx_compiler_gnu" >&6; }
+if test $ac_compiler_gnu = yes; then
+  GXX=yes
+else
+  GXX=
+fi
+ac_test_CXXFLAGS=${CXXFLAGS+set}
+ac_save_CXXFLAGS=$CXXFLAGS
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $CXX accepts -g" >&5
+$as_echo_n "checking whether $CXX accepts -g... " >&6; }
+if ${ac_cv_prog_cxx_g+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  ac_save_cxx_werror_flag=$ac_cxx_werror_flag
+   ac_cxx_werror_flag=yes
+   ac_cv_prog_cxx_g=no
+   CXXFLAGS="-g"
+   cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_cxx_try_compile "$LINENO"; then :
+  ac_cv_prog_cxx_g=yes
+else
+  CXXFLAGS=""
+      cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_cxx_try_compile "$LINENO"; then :
+
+else
+  ac_cxx_werror_flag=$ac_save_cxx_werror_flag
+	 CXXFLAGS="-g"
+	 cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_cxx_try_compile "$LINENO"; then :
+  ac_cv_prog_cxx_g=yes
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+   ac_cxx_werror_flag=$ac_save_cxx_werror_flag
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cxx_g" >&5
+$as_echo "$ac_cv_prog_cxx_g" >&6; }
+if test "$ac_test_CXXFLAGS" = set; then
+  CXXFLAGS=$ac_save_CXXFLAGS
+elif test $ac_cv_prog_cxx_g = yes; then
+  if test "$GXX" = yes; then
+    CXXFLAGS="-g -O2"
+  else
+    CXXFLAGS="-g"
+  fi
+else
+  if test "$GXX" = yes; then
+    CXXFLAGS="-O2"
+  else
+    CXXFLAGS=
+  fi
+fi
+ac_ext=c
+ac_cpp='$CPP $CPPFLAGS'
+ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
+ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
+ac_compiler_gnu=$ac_cv_c_compiler_gnu
+
+depcc="$CXX"  am_compiler_list=
+
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking dependency style of $depcc" >&5
+$as_echo_n "checking dependency style of $depcc... " >&6; }
+if ${am_cv_CXX_dependencies_compiler_type+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if test -z "$AMDEP_TRUE" && test -f "$am_depcomp"; then
+  # We make a subdir and do the tests there.  Otherwise we can end up
+  # making bogus files that we don't know about and never remove.  For
+  # instance it was reported that on HP-UX the gcc test will end up
+  # making a dummy file named 'D' -- because '-MD' means "put the output
+  # in D".
+  rm -rf conftest.dir
+  mkdir conftest.dir
+  # Copy depcomp to subdir because otherwise we won't find it if we're
+  # using a relative directory.
+  cp "$am_depcomp" conftest.dir
+  cd conftest.dir
+  # We will build objects and dependencies in a subdirectory because
+  # it helps to detect inapplicable dependency modes.  For instance
+  # both Tru64's cc and ICC support -MD to output dependencies as a
+  # side effect of compilation, but ICC will put the dependencies in
+  # the current directory while Tru64 will put them in the object
+  # directory.
+  mkdir sub
+
+  am_cv_CXX_dependencies_compiler_type=none
+  if test "$am_compiler_list" = ""; then
+     am_compiler_list=`sed -n 's/^#*\([a-zA-Z0-9]*\))$/\1/p' < ./depcomp`
+  fi
+  am__universal=false
+  case " $depcc " in #(
+     *\ -arch\ *\ -arch\ *) am__universal=true ;;
+     esac
+
+  for depmode in $am_compiler_list; do
+    # Setup a source with many dependencies, because some compilers
+    # like to wrap large dependency lists on column 80 (with \), and
+    # we should not choose a depcomp mode which is confused by this.
+    #
+    # We need to recreate these files for each test, as the compiler may
+    # overwrite some of them when testing with obscure command lines.
+    # This happens at least with the AIX C compiler.
+    : > sub/conftest.c
+    for i in 1 2 3 4 5 6; do
+      echo '#include "conftst'$i'.h"' >> sub/conftest.c
+      # Using ": > sub/conftst$i.h" creates only sub/conftst1.h with
+      # Solaris 10 /bin/sh.
+      echo '/* dummy */' > sub/conftst$i.h
+    done
+    echo "${am__include} ${am__quote}sub/conftest.Po${am__quote}" > confmf
+
+    # We check with '-c' and '-o' for the sake of the "dashmstdout"
+    # mode.  It turns out that the SunPro C++ compiler does not properly
+    # handle '-M -o', and we need to detect this.  Also, some Intel
+    # versions had trouble with output in subdirs.
+    am__obj=sub/conftest.${OBJEXT-o}
+    am__minus_obj="-o $am__obj"
+    case $depmode in
+    gcc)
+      # This depmode causes a compiler race in universal mode.
+      test "$am__universal" = false || continue
+      ;;
+    nosideeffect)
+      # After this tag, mechanisms are not by side-effect, so they'll
+      # only be used when explicitly requested.
+      if test "x$enable_dependency_tracking" = xyes; then
+	continue
+      else
+	break
+      fi
+      ;;
+    msvc7 | msvc7msys | msvisualcpp | msvcmsys)
+      # This compiler won't grok '-c -o', but also, the minuso test has
+      # not run yet.  These depmodes are late enough in the game, and
+      # so weak that their functioning should not be impacted.
+      am__obj=conftest.${OBJEXT-o}
+      am__minus_obj=
+      ;;
+    none) break ;;
+    esac
+    if depmode=$depmode \
+       source=sub/conftest.c object=$am__obj \
+       depfile=sub/conftest.Po tmpdepfile=sub/conftest.TPo \
+       $SHELL ./depcomp $depcc -c $am__minus_obj sub/conftest.c \
+         >/dev/null 2>conftest.err &&
+       grep sub/conftst1.h sub/conftest.Po > /dev/null 2>&1 &&
+       grep sub/conftst6.h sub/conftest.Po > /dev/null 2>&1 &&
+       grep $am__obj sub/conftest.Po > /dev/null 2>&1 &&
+       ${MAKE-make} -s -f confmf > /dev/null 2>&1; then
+      # icc doesn't choke on unknown options, it will just issue warnings
+      # or remarks (even with -Werror).  So we grep stderr for any message
+      # that says an option was ignored or not supported.
+      # When given -MP, icc 7.0 and 7.1 complain thusly:
+      #   icc: Command line warning: ignoring option '-M'; no argument required
+      # The diagnosis changed in icc 8.0:
+      #   icc: Command line remark: option '-MP' not supported
+      if (grep 'ignoring option' conftest.err ||
+          grep 'not supported' conftest.err) >/dev/null 2>&1; then :; else
+        am_cv_CXX_dependencies_compiler_type=$depmode
+        break
+      fi
+    fi
+  done
+
+  cd ..
+  rm -rf conftest.dir
+else
+  am_cv_CXX_dependencies_compiler_type=none
+fi
+
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $am_cv_CXX_dependencies_compiler_type" >&5
+$as_echo "$am_cv_CXX_dependencies_compiler_type" >&6; }
+CXXDEPMODE=depmode=$am_cv_CXX_dependencies_compiler_type
+
+ if
+  test "x$enable_dependency_tracking" != xno \
+  && test "$am_cv_CXX_dependencies_compiler_type" = gcc3; then
+  am__fastdepCXX_TRUE=
+  am__fastdepCXX_FALSE='#'
+else
+  am__fastdepCXX_TRUE='#'
+  am__fastdepCXX_FALSE=
+fi
+
+
+
+ac_fn_c_check_type "$LINENO" "size_t" "ac_cv_type_size_t" "$ac_includes_default"
+if test "x$ac_cv_type_size_t" = xyes; then :
+
+else
+
+cat >>confdefs.h <<_ACEOF
+#define size_t unsigned int
+_ACEOF
+
+fi
+
+ac_fn_c_find_uintX_t "$LINENO" "8" "ac_cv_c_uint8_t"
+case $ac_cv_c_uint8_t in #(
+  no|yes) ;; #(
+  *)
+
+$as_echo "#define _UINT8_T 1" >>confdefs.h
+
+
+cat >>confdefs.h <<_ACEOF
+#define uint8_t $ac_cv_c_uint8_t
+_ACEOF
+;;
+  esac
+
+# By default we simply use the C compiler to build assembly code.
+
+test "${CCAS+set}" = set || CCAS=$CC
+test "${CCASFLAGS+set}" = set || CCASFLAGS=$CFLAGS
+
+
+
+depcc="$CCAS"   am_compiler_list=
+
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking dependency style of $depcc" >&5
+$as_echo_n "checking dependency style of $depcc... " >&6; }
+if ${am_cv_CCAS_dependencies_compiler_type+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if test -z "$AMDEP_TRUE" && test -f "$am_depcomp"; then
+  # We make a subdir and do the tests there.  Otherwise we can end up
+  # making bogus files that we don't know about and never remove.  For
+  # instance it was reported that on HP-UX the gcc test will end up
+  # making a dummy file named 'D' -- because '-MD' means "put the output
+  # in D".
+  rm -rf conftest.dir
+  mkdir conftest.dir
+  # Copy depcomp to subdir because otherwise we won't find it if we're
+  # using a relative directory.
+  cp "$am_depcomp" conftest.dir
+  cd conftest.dir
+  # We will build objects and dependencies in a subdirectory because
+  # it helps to detect inapplicable dependency modes.  For instance
+  # both Tru64's cc and ICC support -MD to output dependencies as a
+  # side effect of compilation, but ICC will put the dependencies in
+  # the current directory while Tru64 will put them in the object
+  # directory.
+  mkdir sub
+
+  am_cv_CCAS_dependencies_compiler_type=none
+  if test "$am_compiler_list" = ""; then
+     am_compiler_list=`sed -n 's/^#*\([a-zA-Z0-9]*\))$/\1/p' < ./depcomp`
+  fi
+  am__universal=false
+
+
+  for depmode in $am_compiler_list; do
+    # Setup a source with many dependencies, because some compilers
+    # like to wrap large dependency lists on column 80 (with \), and
+    # we should not choose a depcomp mode which is confused by this.
+    #
+    # We need to recreate these files for each test, as the compiler may
+    # overwrite some of them when testing with obscure command lines.
+    # This happens at least with the AIX C compiler.
+    : > sub/conftest.c
+    for i in 1 2 3 4 5 6; do
+      echo '#include "conftst'$i'.h"' >> sub/conftest.c
+      # Using ": > sub/conftst$i.h" creates only sub/conftst1.h with
+      # Solaris 10 /bin/sh.
+      echo '/* dummy */' > sub/conftst$i.h
+    done
+    echo "${am__include} ${am__quote}sub/conftest.Po${am__quote}" > confmf
+
+    # We check with '-c' and '-o' for the sake of the "dashmstdout"
+    # mode.  It turns out that the SunPro C++ compiler does not properly
+    # handle '-M -o', and we need to detect this.  Also, some Intel
+    # versions had trouble with output in subdirs.
+    am__obj=sub/conftest.${OBJEXT-o}
+    am__minus_obj="-o $am__obj"
+    case $depmode in
+    gcc)
+      # This depmode causes a compiler race in universal mode.
+      test "$am__universal" = false || continue
+      ;;
+    nosideeffect)
+      # After this tag, mechanisms are not by side-effect, so they'll
+      # only be used when explicitly requested.
+      if test "x$enable_dependency_tracking" = xyes; then
+	continue
+      else
+	break
+      fi
+      ;;
+    msvc7 | msvc7msys | msvisualcpp | msvcmsys)
+      # This compiler won't grok '-c -o', but also, the minuso test has
+      # not run yet.  These depmodes are late enough in the game, and
+      # so weak that their functioning should not be impacted.
+      am__obj=conftest.${OBJEXT-o}
+      am__minus_obj=
+      ;;
+    none) break ;;
+    esac
+    if depmode=$depmode \
+       source=sub/conftest.c object=$am__obj \
+       depfile=sub/conftest.Po tmpdepfile=sub/conftest.TPo \
+       $SHELL ./depcomp $depcc -c $am__minus_obj sub/conftest.c \
+         >/dev/null 2>conftest.err &&
+       grep sub/conftst1.h sub/conftest.Po > /dev/null 2>&1 &&
+       grep sub/conftst6.h sub/conftest.Po > /dev/null 2>&1 &&
+       grep $am__obj sub/conftest.Po > /dev/null 2>&1 &&
+       ${MAKE-make} -s -f confmf > /dev/null 2>&1; then
+      # icc doesn't choke on unknown options, it will just issue warnings
+      # or remarks (even with -Werror).  So we grep stderr for any message
+      # that says an option was ignored or not supported.
+      # When given -MP, icc 7.0 and 7.1 complain thusly:
+      #   icc: Command line warning: ignoring option '-M'; no argument required
+      # The diagnosis changed in icc 8.0:
+      #   icc: Command line remark: option '-MP' not supported
+      if (grep 'ignoring option' conftest.err ||
+          grep 'not supported' conftest.err) >/dev/null 2>&1; then :; else
+        am_cv_CCAS_dependencies_compiler_type=$depmode
+        break
+      fi
+    fi
+  done
+
+  cd ..
+  rm -rf conftest.dir
+else
+  am_cv_CCAS_dependencies_compiler_type=none
+fi
+
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $am_cv_CCAS_dependencies_compiler_type" >&5
+$as_echo "$am_cv_CCAS_dependencies_compiler_type" >&6; }
+CCASDEPMODE=depmode=$am_cv_CCAS_dependencies_compiler_type
+
+ if
+  test "x$enable_dependency_tracking" != xno \
+  && test "$am_cv_CCAS_dependencies_compiler_type" = gcc3; then
+  am__fastdepCCAS_TRUE=
+  am__fastdepCCAS_FALSE='#'
+else
+  am__fastdepCCAS_TRUE='#'
+  am__fastdepCCAS_FALSE=
+fi
+
+
+
+LIBM=
+case $host in
+*-*-beos* | *-*-cegcc* | *-*-cygwin* | *-*-haiku* | *-*-pw32* | *-*-darwin*)
+  # These system don't have libm, or don't need it
+  ;;
+*-ncr-sysv4.3*)
+  { $as_echo "$as_me:${as_lineno-$LINENO}: checking for _mwvalidcheckl in -lmw" >&5
+$as_echo_n "checking for _mwvalidcheckl in -lmw... " >&6; }
+if ${ac_cv_lib_mw__mwvalidcheckl+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  ac_check_lib_save_LIBS=$LIBS
+LIBS="-lmw  $LIBS"
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+/* Override any GCC internal prototype to avoid an error.
+   Use char because int might match the return type of a GCC
+   builtin and then its argument prototype would still apply.  */
+#ifdef __cplusplus
+extern "C"
+#endif
+char _mwvalidcheckl ();
+int
+main ()
+{
+return _mwvalidcheckl ();
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_link "$LINENO"; then :
+  ac_cv_lib_mw__mwvalidcheckl=yes
+else
+  ac_cv_lib_mw__mwvalidcheckl=no
+fi
+rm -f core conftest.err conftest.$ac_objext \
+    conftest$ac_exeext conftest.$ac_ext
+LIBS=$ac_check_lib_save_LIBS
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_mw__mwvalidcheckl" >&5
+$as_echo "$ac_cv_lib_mw__mwvalidcheckl" >&6; }
+if test "x$ac_cv_lib_mw__mwvalidcheckl" = xyes; then :
+  LIBM="-lmw"
+fi
+
+  { $as_echo "$as_me:${as_lineno-$LINENO}: checking for cos in -lm" >&5
+$as_echo_n "checking for cos in -lm... " >&6; }
+if ${ac_cv_lib_m_cos+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  ac_check_lib_save_LIBS=$LIBS
+LIBS="-lm  $LIBS"
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+/* Override any GCC internal prototype to avoid an error.
+   Use char because int might match the return type of a GCC
+   builtin and then its argument prototype would still apply.  */
+#ifdef __cplusplus
+extern "C"
+#endif
+char cos ();
+int
+main ()
+{
+return cos ();
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_link "$LINENO"; then :
+  ac_cv_lib_m_cos=yes
+else
+  ac_cv_lib_m_cos=no
+fi
+rm -f core conftest.err conftest.$ac_objext \
+    conftest$ac_exeext conftest.$ac_ext
+LIBS=$ac_check_lib_save_LIBS
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_m_cos" >&5
+$as_echo "$ac_cv_lib_m_cos" >&6; }
+if test "x$ac_cv_lib_m_cos" = xyes; then :
+  LIBM="$LIBM -lm"
+fi
+
+  ;;
+*)
+  { $as_echo "$as_me:${as_lineno-$LINENO}: checking for cos in -lm" >&5
+$as_echo_n "checking for cos in -lm... " >&6; }
+if ${ac_cv_lib_m_cos+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  ac_check_lib_save_LIBS=$LIBS
+LIBS="-lm  $LIBS"
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+/* Override any GCC internal prototype to avoid an error.
+   Use char because int might match the return type of a GCC
+   builtin and then its argument prototype would still apply.  */
+#ifdef __cplusplus
+extern "C"
+#endif
+char cos ();
+int
+main ()
+{
+return cos ();
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_link "$LINENO"; then :
+  ac_cv_lib_m_cos=yes
+else
+  ac_cv_lib_m_cos=no
+fi
+rm -f core conftest.err conftest.$ac_objext \
+    conftest$ac_exeext conftest.$ac_ext
+LIBS=$ac_check_lib_save_LIBS
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_m_cos" >&5
+$as_echo "$ac_cv_lib_m_cos" >&6; }
+if test "x$ac_cv_lib_m_cos" = xyes; then :
+  LIBM="-lm"
+fi
+
+  ;;
+esac
+
+
+
+OPTIMIZE_CFLAGS="-Os -fomit-frame-pointer"
+OPTIMIZE_FAST_CFLAGS="-O2 -fomit-frame-pointer"
+OPTIMIZE_HUGE_CFLAGS="-funroll-loops -DTFM_SMALL_SET -DTFM_HUGE_SET"
+DEBUG_CFLAGS="-g -DDEBUG -DDEBUG_WOLFSSL"
+
+thread_ls_on=no
+# Thread local storage
+
+  { $as_echo "$as_me:${as_lineno-$LINENO}: checking for thread local storage (TLS) class" >&5
+$as_echo_n "checking for thread local storage (TLS) class... " >&6; }
+  if ${ac_cv_tls+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+
+    ax_tls_keywords="__thread __declspec(thread) none"
+    for ax_tls_keyword in $ax_tls_keywords; do
+       case $ax_tls_keyword in #(
+  none) :
+    ac_cv_tls=none ; break ;; #(
+  *) :
+    cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+#include 
+               static void
+               foo(void) {
+               static  $ax_tls_keyword  int bar;
+               exit(1);
+               }
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  ac_cv_tls=$ax_tls_keyword ; break
+else
+  ac_cv_tls=none
+
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext ;;
+esac
+    done
+
+fi
+
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_tls" >&5
+$as_echo "$ac_cv_tls" >&6; }
+
+  if test "$ac_cv_tls" != "none"; then :
+
+cat >>confdefs.h <<_ACEOF
+#define TLS $ac_cv_tls
+_ACEOF
+
+
+        AM_CFLAGS="$AM_CFLAGS -DHAVE_THREAD_LS"
+        thread_ls_on=yes
+
+else
+  :
+
+fi
+
+
+
+# DEBUG
+    # Check whether --enable-debug was given.
+if test "${enable_debug+set}" = set; then :
+  enableval=$enable_debug; ax_enable_debug=$enableval
+else
+  ax_enable_debug=no
+fi
+
+
+	if test "x$ax_enable_debug" = xyes; then :
+
+$as_echo "#define DEBUG 1" >>confdefs.h
+
+else
+
+
+$as_echo "#define DEBUG 0" >>confdefs.h
+
+fi
+
+    { $as_echo "$as_me:${as_lineno-$LINENO}: checking for debug" >&5
+$as_echo_n "checking for debug... " >&6; }
+    { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ax_enable_debug" >&5
+$as_echo "$ax_enable_debug" >&6; }
+     if test "x${ax_enable_debug}" = xyes; then
+  DEBUG_TRUE=
+  DEBUG_FALSE='#'
+else
+  DEBUG_TRUE='#'
+  DEBUG_FALSE=
+fi
+
+if test "$ax_enable_debug" = "yes"; then :
+  AM_CFLAGS="$DEBUG_CFLAGS $AM_CFLAGS"
+else
+  AM_CFLAGS="$AM_CFLAGS -DNDEBUG"
+fi
+
+
+# SINGLE THREADED
+# Check whether --enable-singlethreaded was given.
+if test "${enable_singlethreaded+set}" = set; then :
+  enableval=$enable_singlethreaded;  ENABLED_SINGLETHREADED=$enableval
+else
+   ENABLED_SINGLETHREADED=no
+fi
+
+
+
+            if test x"$CC" = xclang; then
+                wolfssl_darwin_clang=yes
+            elif test x"$CC" = x || test x"$CC" = xgcc; then
+                if /usr/bin/gcc -v 2>&1 | grep 'clang' >/dev/null 2>&1; then
+                    wolfssl_darwin_clang=yes
+                fi
+            fi
+
+if  test "x$ENABLED_SINGLETHREADED" = "xno" ; then :
+
+
+
+ac_ext=c
+ac_cpp='$CPP $CPPFLAGS'
+ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
+ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
+ac_compiler_gnu=$ac_cv_c_compiler_gnu
+
+ax_pthread_ok=no
+
+# We used to check for pthread.h first, but this fails if pthread.h
+# requires special compiler flags (e.g. on True64 or Sequent).
+# It gets checked for in the link test anyway.
+
+# First of all, check if the user has set any of the PTHREAD_LIBS,
+# etcetera environment variables, and if threads linking works using
+# them:
+if test x"$PTHREAD_LIBS$PTHREAD_CFLAGS" != x; then
+        save_CFLAGS="$CFLAGS"
+        CFLAGS="$CFLAGS $PTHREAD_CFLAGS"
+        save_LIBS="$LIBS"
+        LIBS="$PTHREAD_LIBS $LIBS"
+        { $as_echo "$as_me:${as_lineno-$LINENO}: checking for pthread_join in LIBS=$PTHREAD_LIBS with CFLAGS=$PTHREAD_CFLAGS" >&5
+$as_echo_n "checking for pthread_join in LIBS=$PTHREAD_LIBS with CFLAGS=$PTHREAD_CFLAGS... " >&6; }
+        cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+/* Override any GCC internal prototype to avoid an error.
+   Use char because int might match the return type of a GCC
+   builtin and then its argument prototype would still apply.  */
+#ifdef __cplusplus
+extern "C"
+#endif
+char pthread_join ();
+int
+main ()
+{
+return pthread_join ();
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_link "$LINENO"; then :
+  ax_pthread_ok=yes
+fi
+rm -f core conftest.err conftest.$ac_objext \
+    conftest$ac_exeext conftest.$ac_ext
+        { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ax_pthread_ok" >&5
+$as_echo "$ax_pthread_ok" >&6; }
+        if test x"$ax_pthread_ok" = xno; then
+                PTHREAD_LIBS=""
+                PTHREAD_CFLAGS=""
+        fi
+        LIBS="$save_LIBS"
+        CFLAGS="$save_CFLAGS"
+fi
+
+# We must check for the threads library under a number of different
+# names; the ordering is very important because some systems
+# (e.g. DEC) have both -lpthread and -lpthreads, where one of the
+# libraries is broken (non-POSIX).
+
+# Create a list of thread flags to try.  Items starting with a "-" are
+# C compiler flags, and other items are library names, except for "none"
+# which indicates that we try without any flags at all, and "pthread-config"
+# which is a program returning the flags for the Pth emulation library.
+
+ax_pthread_flags="pthreads none -Kthread -kthread lthread -pthread -pthreads -mthreads pthread --thread-safe -mt pthread-config"
+
+# The ordering *is* (sometimes) important.  Some notes on the
+# individual items follow:
+
+# pthreads: AIX (must check this before -lpthread)
+# none: in case threads are in libc; should be tried before -Kthread and
+#       other compiler flags to prevent continual compiler warnings
+# -Kthread: Sequent (threads in libc, but -Kthread needed for pthread.h)
+# -kthread: FreeBSD kernel threads (preferred to -pthread since SMP-able)
+# lthread: LinuxThreads port on FreeBSD (also preferred to -pthread)
+# -pthread: Linux/gcc (kernel threads), BSD/gcc (userland threads)
+# -pthreads: Solaris/gcc
+# -mthreads: Mingw32/gcc, Lynx/gcc
+# -mt: Sun Workshop C (may only link SunOS threads [-lthread], but it
+#      doesn't hurt to check since this sometimes defines pthreads too;
+#      also defines -D_REENTRANT)
+#      ... -mt is also the pthreads flag for HP/aCC
+# pthread: Linux, etcetera
+# --thread-safe: KAI C++
+# pthread-config: use pthread-config program (for GNU Pth library)
+
+case ${host_os} in
+        solaris*)
+
+        # On Solaris (at least, for some versions), libc contains stubbed
+        # (non-functional) versions of the pthreads routines, so link-based
+        # tests will erroneously succeed.  (We need to link with -pthreads/-mt/
+        # -lpthread.)  (The stubs are missing pthread_cleanup_push, or rather
+        # a function called by this macro, so we could check for that, but
+        # who knows whether they'll stub that too in a future libc.)  So,
+        # we'll just look for -pthreads and -lpthread first:
+
+        ax_pthread_flags="-pthreads pthread -mt -pthread $ax_pthread_flags"
+        ;;
+
+        darwin*)
+
+        if test x"$wolfssl_darwin_clang" = x"yes"; then :
+  ax_pthread_flags="$ax_pthread_flags"
+else
+  ax_pthread_flags="-pthread $ax_pthread_flags"
+fi
+        ;;
+esac
+
+if test x"$ax_pthread_ok" = xno; then
+for flag in $ax_pthread_flags; do
+
+        case $flag in
+                none)
+                { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether pthreads work without any flags" >&5
+$as_echo_n "checking whether pthreads work without any flags... " >&6; }
+                ;;
+
+                -*)
+                { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether pthreads work with $flag" >&5
+$as_echo_n "checking whether pthreads work with $flag... " >&6; }
+                PTHREAD_CFLAGS="$flag"
+                ;;
+
+                pthread-config)
+                # Extract the first word of "pthread-config", so it can be a program name with args.
+set dummy pthread-config; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_ax_pthread_config+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if test -n "$ax_pthread_config"; then
+  ac_cv_prog_ax_pthread_config="$ax_pthread_config" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    for ac_exec_ext in '' $ac_executable_extensions; do
+  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
+    ac_cv_prog_ax_pthread_config="yes"
+    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
+    break 2
+  fi
+done
+  done
+IFS=$as_save_IFS
+
+  test -z "$ac_cv_prog_ax_pthread_config" && ac_cv_prog_ax_pthread_config="no"
+fi
+fi
+ax_pthread_config=$ac_cv_prog_ax_pthread_config
+if test -n "$ax_pthread_config"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ax_pthread_config" >&5
+$as_echo "$ax_pthread_config" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+                if test x"$ax_pthread_config" = xno; then continue; fi
+                PTHREAD_CFLAGS="`pthread-config --cflags`"
+                PTHREAD_LIBS="`pthread-config --ldflags` `pthread-config --libs`"
+                ;;
+
+                *)
+                { $as_echo "$as_me:${as_lineno-$LINENO}: checking for the pthreads library -l$flag" >&5
+$as_echo_n "checking for the pthreads library -l$flag... " >&6; }
+                PTHREAD_LIBS="-l$flag"
+                ;;
+        esac
+
+        save_LIBS="$LIBS"
+        save_CFLAGS="$CFLAGS"
+        LIBS="$PTHREAD_LIBS $LIBS"
+        CFLAGS="$CFLAGS $PTHREAD_CFLAGS"
+
+        # Check for various functions.  We must include pthread.h,
+        # since some functions may be macros.  (On the Sequent, we
+        # need a special flag -Kthread to make this header compile.)
+        # We check for pthread_join because it is in -lpthread on IRIX
+        # while pthread_create is in libc.  We check for pthread_attr_init
+        # due to DEC craziness with -lpthreads.  We check for
+        # pthread_cleanup_push because it is one of the few pthread
+        # functions on Solaris that doesn't have a non-functional libc stub.
+        # We try pthread_create on general principles.
+        cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+#include 
+                        static void routine(void *a) { a = 0; }
+                        static void *start_routine(void *a) { return a; }
+int
+main ()
+{
+pthread_t th; pthread_attr_t attr;
+                        pthread_create(&th, 0, start_routine, 0);
+                        pthread_join(th, 0);
+                        pthread_attr_init(&attr);
+                        pthread_cleanup_push(routine, 0);
+                        pthread_cleanup_pop(0) /* ; */
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_link "$LINENO"; then :
+  ax_pthread_ok=yes
+fi
+rm -f core conftest.err conftest.$ac_objext \
+    conftest$ac_exeext conftest.$ac_ext
+
+        LIBS="$save_LIBS"
+        CFLAGS="$save_CFLAGS"
+
+        { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ax_pthread_ok" >&5
+$as_echo "$ax_pthread_ok" >&6; }
+        if test "x$ax_pthread_ok" = xyes; then
+                break;
+        fi
+
+        PTHREAD_LIBS=""
+        PTHREAD_CFLAGS=""
+done
+fi
+
+# Various other checks:
+if test "x$ax_pthread_ok" = xyes; then
+        save_LIBS="$LIBS"
+        LIBS="$PTHREAD_LIBS $LIBS"
+        save_CFLAGS="$CFLAGS"
+        CFLAGS="$CFLAGS $PTHREAD_CFLAGS"
+
+        # Detect AIX lossage: JOINABLE attribute is called UNDETACHED.
+        { $as_echo "$as_me:${as_lineno-$LINENO}: checking for joinable pthread attribute" >&5
+$as_echo_n "checking for joinable pthread attribute... " >&6; }
+        attr_name=unknown
+        for attr in PTHREAD_CREATE_JOINABLE PTHREAD_CREATE_UNDETACHED; do
+            cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+#include 
+int
+main ()
+{
+int attr = $attr; return attr /* ; */
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_link "$LINENO"; then :
+  attr_name=$attr; break
+fi
+rm -f core conftest.err conftest.$ac_objext \
+    conftest$ac_exeext conftest.$ac_ext
+        done
+        { $as_echo "$as_me:${as_lineno-$LINENO}: result: $attr_name" >&5
+$as_echo "$attr_name" >&6; }
+        if test "$attr_name" != PTHREAD_CREATE_JOINABLE; then
+
+cat >>confdefs.h <<_ACEOF
+#define PTHREAD_CREATE_JOINABLE $attr_name
+_ACEOF
+
+        fi
+
+        { $as_echo "$as_me:${as_lineno-$LINENO}: checking if more special flags are required for pthreads" >&5
+$as_echo_n "checking if more special flags are required for pthreads... " >&6; }
+        flag=no
+        case ${host_os} in
+            aix* | freebsd* | darwin*) flag="-D_THREAD_SAFE";;
+            osf* | hpux*) flag="-D_REENTRANT";;
+            solaris*)
+            if test "$GCC" = "yes"; then
+                flag="-D_REENTRANT"
+            else
+                flag="-mt -D_REENTRANT"
+            fi
+            ;;
+        esac
+        { $as_echo "$as_me:${as_lineno-$LINENO}: result: ${flag}" >&5
+$as_echo "${flag}" >&6; }
+        if test "x$flag" != xno; then
+            PTHREAD_CFLAGS="$flag $PTHREAD_CFLAGS"
+        fi
+
+        { $as_echo "$as_me:${as_lineno-$LINENO}: checking for PTHREAD_PRIO_INHERIT" >&5
+$as_echo_n "checking for PTHREAD_PRIO_INHERIT... " >&6; }
+if ${ax_cv_PTHREAD_PRIO_INHERIT+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+
+                cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+                    #include 
+int
+main ()
+{
+int i = PTHREAD_PRIO_INHERIT;
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_link "$LINENO"; then :
+  ax_cv_PTHREAD_PRIO_INHERIT=yes
+else
+  ax_cv_PTHREAD_PRIO_INHERIT=no
+fi
+rm -f core conftest.err conftest.$ac_objext \
+    conftest$ac_exeext conftest.$ac_ext
+
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ax_cv_PTHREAD_PRIO_INHERIT" >&5
+$as_echo "$ax_cv_PTHREAD_PRIO_INHERIT" >&6; }
+        if test "x$ax_cv_PTHREAD_PRIO_INHERIT" = "xyes"; then :
+
+$as_echo "#define HAVE_PTHREAD_PRIO_INHERIT 1" >>confdefs.h
+
+fi
+
+        LIBS="$save_LIBS"
+        CFLAGS="$save_CFLAGS"
+
+        # More AIX lossage: compile with *_r variant
+        if test "x$GCC" != xyes; then
+            case $host_os in
+                aix*)
+                case "x/$CC" in #(
+  x*/c89|x*/c89_128|x*/c99|x*/c99_128|x*/cc|x*/cc128|x*/xlc|x*/xlc_v6|x*/xlc128|x*/xlc128_v6) :
+    #handle absolute path differently from PATH based program lookup
+                   case "x$CC" in #(
+  x/*) :
+    if as_fn_executable_p ${CC}_r; then :
+  PTHREAD_CC="${CC}_r"
+fi ;; #(
+  *) :
+    for ac_prog in ${CC}_r
+do
+  # Extract the first word of "$ac_prog", so it can be a program name with args.
+set dummy $ac_prog; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_PTHREAD_CC+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if test -n "$PTHREAD_CC"; then
+  ac_cv_prog_PTHREAD_CC="$PTHREAD_CC" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    for ac_exec_ext in '' $ac_executable_extensions; do
+  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
+    ac_cv_prog_PTHREAD_CC="$ac_prog"
+    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
+    break 2
+  fi
+done
+  done
+IFS=$as_save_IFS
+
+fi
+fi
+PTHREAD_CC=$ac_cv_prog_PTHREAD_CC
+if test -n "$PTHREAD_CC"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $PTHREAD_CC" >&5
+$as_echo "$PTHREAD_CC" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+  test -n "$PTHREAD_CC" && break
+done
+test -n "$PTHREAD_CC" || PTHREAD_CC="$CC"
+ ;;
+esac ;; #(
+  *) :
+     ;;
+esac
+                ;;
+            esac
+        fi
+fi
+
+test -n "$PTHREAD_CC" || PTHREAD_CC="$CC"
+
+
+
+
+
+# Finally, execute ACTION-IF-FOUND/ACTION-IF-NOT-FOUND:
+if test x"$ax_pthread_ok" = xyes; then
+
+
+$as_echo "#define HAVE_PTHREAD 1" >>confdefs.h
+
+                   AM_CFLAGS="-D_POSIX_THREADS $AM_CFLAGS $PTHREAD_CFLAGS"
+                   LIBS="$LIBS $PTHREAD_LIBS"
+
+        :
+else
+        ax_pthread_ok=no
+
+                      ENABLED_SINGLETHREADED=yes
+
+fi
+ac_ext=c
+ac_cpp='$CPP $CPPFLAGS'
+ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
+ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
+ac_compiler_gnu=$ac_cv_c_compiler_gnu
+
+
+
+fi
+
+if  test "x$ENABLED_SINGLETHREADED" = "xyes" ; then :
+   AM_CFLAGS="-DSINGLE_THREADED $AM_CFLAGS"
+fi
+
+
+# DTLS
+# Check whether --enable-dtls was given.
+if test "${enable_dtls+set}" = set; then :
+  enableval=$enable_dtls;  ENABLED_DTLS=$enableval
+else
+   ENABLED_DTLS=no
+
+fi
+
+if test "$ENABLED_DTLS" = "yes"
+then
+  AM_CFLAGS="-DWOLFSSL_DTLS $AM_CFLAGS"
+fi
+
+
+# OPENSSL Extra Compatibility
+# Check whether --enable-opensslextra was given.
+if test "${enable_opensslextra+set}" = set; then :
+  enableval=$enable_opensslextra;  ENABLED_OPENSSLEXTRA=$enableval
+else
+   ENABLED_OPENSSLEXTRA=no
+
+fi
+
+if test "$ENABLED_OPENSSLEXTRA" = "yes"
+then
+  AM_CFLAGS="-DOPENSSL_EXTRA $AM_CFLAGS"
+fi
+
+if test "$ENABLED_OPENSSLEXTRA" = "yes" && test "$ENABLED_SMALL" = "yes"
+then
+    as_fn_error $? "cannot enable small and opensslextra, only one or the other." "$LINENO" 5
+fi
+
+
+# IPv6 Test Apps
+# Check whether --enable-ipv6 was given.
+if test "${enable_ipv6+set}" = set; then :
+  enableval=$enable_ipv6;  ENABLED_IPV6=$enableval
+else
+   ENABLED_IPV6=no
+
+fi
+
+
+if test "$ENABLED_IPV6" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DTEST_IPV6"
+fi
+
+
+# Fortress build
+# Check whether --enable-fortress was given.
+if test "${enable_fortress+set}" = set; then :
+  enableval=$enable_fortress;  ENABLED_FORTRESS=$enableval
+else
+   ENABLED_FORTRESS=no
+
+fi
+
+
+if test "$ENABLED_FORTRESS" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DFORTRESS -DWOLFSSL_ALWAYS_VERIFY_CB -DOPENSSL_EXTRA -DWOLFSSL_DES_ECB -DWOLFSSL_AES_COUNTER -DWOLFSSL_AES_DIRECT -DWOLFSSL_DER_LOAD -DWOLFSSL_SHA512 -DWOLFSSL_SHA384 -DWOLFSSL_KEY_GEN"
+fi
+
+
+# ssl bump build
+# Check whether --enable-bump was given.
+if test "${enable_bump+set}" = set; then :
+  enableval=$enable_bump;  ENABLED_BUMP=$enableval
+else
+   ENABLED_BUMP=no
+
+fi
+
+
+if test "$ENABLED_BUMP" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DLARGE_STATIC_BUFFERS -DWOLFSSL_CERT_GEN -DWOLFSSL_KEY_GEN -DHUGE_SESSION_CACHE -DOPENSSL_EXTRA -DFP_MAX_BITS=8192 -DWOLFSSL_DER_LOAD -DWOLFSSL_ALT_NAMES -DWOLFSSL_TEST_CERT"
+fi
+
+ENABLED_SLOWMATH="yes"
+
+# lean psk build
+# Check whether --enable-leanpsk was given.
+if test "${enable_leanpsk+set}" = set; then :
+  enableval=$enable_leanpsk;  ENABLED_LEANPSK=$enableval
+else
+   ENABLED_LEANPSK=no
+
+fi
+
+
+if test "$ENABLED_LEANPSK" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_LEANPSK -DHAVE_NULL_CIPHER -DSINGLE_THREADED -DNO_AES -DNO_FILESYSTEM -DNO_RABBIT -DNO_RSA -DNO_DSA -DNO_DH -DNO_CERTS -DNO_PWDBASED -DNO_DES3 -DNO_MD4 -DNO_MD5 -DNO_ERROR_STRINGS -DNO_OLD_TLS -DNO_RC4 -DNO_WRITEV -DNO_SESSION_CACHE -DNO_DEV_RANDOM -DWOLFSSL_USER_IO -DNO_SHA -DUSE_SLOW_SHA"
+    ENABLED_SLOWMATH="no"
+    ENABLED_SINGLETHREADED="yes"
+fi
+
+ if test "x$ENABLED_LEANPSK" = "xyes"; then
+  BUILD_LEANPSK_TRUE=
+  BUILD_LEANPSK_FALSE='#'
+else
+  BUILD_LEANPSK_TRUE='#'
+  BUILD_LEANPSK_FALSE=
+fi
+
+
+
+# big cache
+# Check whether --enable-bigcache was given.
+if test "${enable_bigcache+set}" = set; then :
+  enableval=$enable_bigcache;  ENABLED_BIGCACHE=$enableval
+else
+   ENABLED_BIGCACHE=no
+
+fi
+
+
+if test "$ENABLED_BIGCACHE" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DBIG_SESSION_CACHE"
+fi
+
+
+# HUGE cache
+# Check whether --enable-hugecache was given.
+if test "${enable_hugecache+set}" = set; then :
+  enableval=$enable_hugecache;  ENABLED_HUGECACHE=$enableval
+else
+   ENABLED_HUGECACHE=no
+
+fi
+
+
+if test "$ENABLED_HUGECACHE" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DHUGE_SESSION_CACHE"
+fi
+
+
+# SMALL cache
+# Check whether --enable-smallcache was given.
+if test "${enable_smallcache+set}" = set; then :
+  enableval=$enable_smallcache;  ENABLED_SMALLCACHE=$enableval
+else
+   ENABLED_SMALLCACHE=no
+
+fi
+
+
+if test "$ENABLED_SMALLCACHE" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DSMALL_SESSION_CACHE"
+fi
+
+
+# Persistent session cache
+# Check whether --enable-savesession was given.
+if test "${enable_savesession+set}" = set; then :
+  enableval=$enable_savesession;  ENABLED_SAVESESSION=$enableval
+else
+   ENABLED_SAVESESSION=no
+
+fi
+
+
+if test "$ENABLED_SAVESESSION" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DPERSIST_SESSION_CACHE"
+fi
+
+
+# Persistent cert cache
+# Check whether --enable-savecert was given.
+if test "${enable_savecert+set}" = set; then :
+  enableval=$enable_savecert;  ENABLED_SAVECERT=$enableval
+else
+   ENABLED_SAVECERT=no
+
+fi
+
+
+if test "$ENABLED_SAVECERT" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DPERSIST_CERT_CACHE"
+fi
+
+
+# Atomic User Record Layer
+# Check whether --enable-atomicuser was given.
+if test "${enable_atomicuser+set}" = set; then :
+  enableval=$enable_atomicuser;  ENABLED_ATOMICUSER=$enableval
+else
+   ENABLED_ATOMICUSER=no
+
+fi
+
+
+if test "$ENABLED_ATOMICUSER" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DATOMIC_USER"
+fi
+
+
+# Public Key Callbacks
+# Check whether --enable-pkcallbacks was given.
+if test "${enable_pkcallbacks+set}" = set; then :
+  enableval=$enable_pkcallbacks;  ENABLED_PKCALLBACKS=$enableval
+else
+   ENABLED_PKCALLBACKS=no
+
+fi
+
+
+if test "$ENABLED_PKCALLBACKS" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DHAVE_PK_CALLBACKS"
+fi
+
+
+# SNIFFER
+ENABLED_SNIFFTEST=no
+# Check whether --enable-sniffer was given.
+if test "${enable_sniffer+set}" = set; then :
+  enableval=$enable_sniffer;
+       ENABLED_SNIFFER=yes
+       AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SNIFFER -DOPENSSL_EXTRA"
+       if  test "x$enableval" = "xyes" ; then :
+   for ac_header in pcap/pcap.h
+do :
+  ac_fn_c_check_header_mongrel "$LINENO" "pcap/pcap.h" "ac_cv_header_pcap_pcap_h" "$ac_includes_default"
+if test "x$ac_cv_header_pcap_pcap_h" = xyes; then :
+  cat >>confdefs.h <<_ACEOF
+#define HAVE_PCAP_PCAP_H 1
+_ACEOF
+
+           ENABLED_SNIFFTEST=yes
+
+else
+   { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cannot enable sniffer test without having libpcap available." >&5
+$as_echo "$as_me: WARNING: cannot enable sniffer test without having libpcap available." >&2;}
+fi
+
+done
+
+fi
+
+else
+
+       ENABLED_SNIFFER=no
+
+fi
+
+
+ if  test "x$ENABLED_SNIFFER"   = "xyes" ; then
+  BUILD_SNIFFER_TRUE=
+  BUILD_SNIFFER_FALSE='#'
+else
+  BUILD_SNIFFER_TRUE='#'
+  BUILD_SNIFFER_FALSE=
+fi
+
+ if  test "x$ENABLED_SNIFFTEST" = "xyes" ; then
+  BUILD_SNIFFTEST_TRUE=
+  BUILD_SNIFFTEST_FALSE='#'
+else
+  BUILD_SNIFFTEST_TRUE='#'
+  BUILD_SNIFFTEST_FALSE=
+fi
+
+
+# AES-GCM
+# Check whether --enable-aesgcm was given.
+if test "${enable_aesgcm+set}" = set; then :
+  enableval=$enable_aesgcm;  ENABLED_AESGCM=$enableval
+else
+   ENABLED_AESGCM=no
+
+fi
+
+
+if test "$ENABLED_AESGCM" = "word32"
+then
+    AM_CFLAGS="$AM_CFLAGS -DGCM_WORD32"
+    ENABLED_AESGCM=yes
+fi
+
+if test "$ENABLED_AESGCM" = "small"
+then
+    AM_CFLAGS="$AM_CFLAGS -DGCM_SMALL"
+    ENABLED_AESGCM=yes
+fi
+
+if test "$ENABLED_AESGCM" = "table"
+then
+    AM_CFLAGS="$AM_CFLAGS -DGCM_TABLE"
+    ENABLED_AESGCM=yes
+fi
+
+if test "$ENABLED_AESGCM" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DHAVE_AESGCM"
+fi
+
+ if test "x$ENABLED_AESGCM" = "xyes"; then
+  BUILD_AESGCM_TRUE=
+  BUILD_AESGCM_FALSE='#'
+else
+  BUILD_AESGCM_TRUE='#'
+  BUILD_AESGCM_FALSE=
+fi
+
+
+
+# AES-CCM
+# Check whether --enable-aesccm was given.
+if test "${enable_aesccm+set}" = set; then :
+  enableval=$enable_aesccm;  ENABLED_AESCCM=$enableval
+else
+   ENABLED_AESCCM=no
+
+fi
+
+
+if test "$ENABLED_AESCCM" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DHAVE_AESCCM"
+fi
+
+ if test "x$ENABLED_AESCCM" = "xyes"; then
+  BUILD_AESCCM_TRUE=
+  BUILD_AESCCM_FALSE='#'
+else
+  BUILD_AESCCM_TRUE='#'
+  BUILD_AESCCM_FALSE=
+fi
+
+
+
+# AES-NI
+# Check whether --enable-aesni was given.
+if test "${enable_aesni+set}" = set; then :
+  enableval=$enable_aesni;  ENABLED_AESNI=$enableval
+else
+   ENABLED_AESNI=no
+
+fi
+
+
+if test "$ENABLED_AESNI" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_AESNI"
+    if test "$GCC" = "yes"
+    then
+        # GCC needs these flags, icc doesn't
+        # opt levels greater than 2 may cause problems on systems w/o aesni
+        if test "$CC" != "icc"
+        then
+            AM_CFLAGS="$AM_CFLAGS -maes -msse4"
+        fi
+    fi
+fi
+
+ if test "x$ENABLED_AESNI" = "xyes"; then
+  BUILD_AESNI_TRUE=
+  BUILD_AESNI_FALSE='#'
+else
+  BUILD_AESNI_TRUE='#'
+  BUILD_AESNI_FALSE=
+fi
+
+
+
+# POLY1305
+# Check whether --enable-poly1305 was given.
+if test "${enable_poly1305+set}" = set; then :
+  enableval=$enable_poly1305;  ENABLED_POLY1305=$enableval
+else
+   ENABLED_POLY1305=no
+
+fi
+
+
+if test "$ENABLED_POLY1305" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DHAVE_POLY1305 -DHAVE_ONE_TIME_AUTH"
+fi
+
+ if test "x$ENABLED_POLY1305" = "xyes"; then
+  BUILD_POLY1305_TRUE=
+  BUILD_POLY1305_FALSE='#'
+else
+  BUILD_POLY1305_TRUE='#'
+  BUILD_POLY1305_FALSE=
+fi
+
+
+
+# Camellia
+# Check whether --enable-camellia was given.
+if test "${enable_camellia+set}" = set; then :
+  enableval=$enable_camellia;  ENABLED_CAMELLIA=$enableval
+else
+   ENABLED_CAMELLIA=no
+
+fi
+
+
+if test "$ENABLED_CAMELLIA" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DHAVE_CAMELLIA"
+fi
+
+ if test "x$ENABLED_CAMELLIA" = "xyes"; then
+  BUILD_CAMELLIA_TRUE=
+  BUILD_CAMELLIA_FALSE='#'
+else
+  BUILD_CAMELLIA_TRUE='#'
+  BUILD_CAMELLIA_FALSE=
+fi
+
+
+
+# MD2
+# Check whether --enable-md2 was given.
+if test "${enable_md2+set}" = set; then :
+  enableval=$enable_md2;  ENABLED_MD2=$enableval
+else
+   ENABLED_MD2=no
+
+fi
+
+
+if test "$ENABLED_BUMP" = "yes"
+then
+    ENABLED_MD2="yes"
+fi
+
+if test "$ENABLED_MD2" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_MD2"
+fi
+
+ if test "x$ENABLED_MD2" = "xyes"; then
+  BUILD_MD2_TRUE=
+  BUILD_MD2_FALSE='#'
+else
+  BUILD_MD2_TRUE='#'
+  BUILD_MD2_FALSE=
+fi
+
+
+
+# NULL CIPHER
+# Check whether --enable-nullcipher was given.
+if test "${enable_nullcipher+set}" = set; then :
+  enableval=$enable_nullcipher;  ENABLED_NULL_CIPHER=$enableval
+else
+   ENABLED_NULL_CIPHER=no
+
+fi
+
+
+if test "$ENABLED_NULL_CIPHER" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DHAVE_NULL_CIPHER"
+fi
+
+# RIPEMD
+# Check whether --enable-ripemd was given.
+if test "${enable_ripemd+set}" = set; then :
+  enableval=$enable_ripemd;  ENABLED_RIPEMD=$enableval
+else
+   ENABLED_RIPEMD=no
+
+fi
+
+
+if test "$ENABLED_RIPEMD" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_RIPEMD"
+fi
+
+ if test "x$ENABLED_RIPEMD" = "xyes"; then
+  BUILD_RIPEMD_TRUE=
+  BUILD_RIPEMD_FALSE='#'
+else
+  BUILD_RIPEMD_TRUE='#'
+  BUILD_RIPEMD_FALSE=
+fi
+
+
+
+# BLAKE2
+# Check whether --enable-blake2 was given.
+if test "${enable_blake2+set}" = set; then :
+  enableval=$enable_blake2;  ENABLED_BLAKE2=$enableval
+else
+   ENABLED_BLAKE2=no
+
+fi
+
+
+if test "$ENABLED_BLAKE2" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DHAVE_BLAKE2"
+fi
+
+ if test "x$ENABLED_BLAKE2" = "xyes"; then
+  BUILD_BLAKE2_TRUE=
+  BUILD_BLAKE2_FALSE='#'
+else
+  BUILD_BLAKE2_TRUE='#'
+  BUILD_BLAKE2_FALSE=
+fi
+
+
+
+# SHA512
+# Check whether --enable-sha512 was given.
+if test "${enable_sha512+set}" = set; then :
+  enableval=$enable_sha512;  ENABLED_SHA512=$enableval
+else
+   ENABLED_SHA512=no
+
+fi
+
+
+if test "$ENABLED_SHA512" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SHA512 -DWOLFSSL_SHA384"
+fi
+
+if test "$ENABLED_FORTRESS" = "yes"
+then
+    ENABLED_SHA512="yes"
+fi
+
+
+ if test "x$ENABLED_SHA512" = "xyes"; then
+  BUILD_SHA512_TRUE=
+  BUILD_SHA512_FALSE='#'
+else
+  BUILD_SHA512_TRUE='#'
+  BUILD_SHA512_FALSE=
+fi
+
+
+
+# SESSION CERTS
+# Check whether --enable-sessioncerts was given.
+if test "${enable_sessioncerts+set}" = set; then :
+  enableval=$enable_sessioncerts;  ENABLED_SESSIONCERTS=$enableval
+else
+   ENABLED_SESSIONCERTS=no
+
+fi
+
+
+if test "$ENABLED_SESSIONCERTS" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DSESSION_CERTS"
+fi
+
+
+# KEY GENERATION
+# Check whether --enable-keygen was given.
+if test "${enable_keygen+set}" = set; then :
+  enableval=$enable_keygen;  ENABLED_KEYGEN=$enableval
+else
+   ENABLED_KEYGEN=no
+
+fi
+
+
+if test "$ENABLED_KEYGEN" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_KEY_GEN"
+fi
+
+
+# CERT GENERATION
+# Check whether --enable-certgen was given.
+if test "${enable_certgen+set}" = set; then :
+  enableval=$enable_certgen;  ENABLED_CERTGEN=$enableval
+else
+   ENABLED_CERTGEN=no
+
+fi
+
+
+if test "$ENABLED_CERTGEN" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_CERT_GEN"
+fi
+
+
+# CERT REQUEST GENERATION
+# Check whether --enable-certreq was given.
+if test "${enable_certreq+set}" = set; then :
+  enableval=$enable_certreq;  ENABLED_CERTREQ=$enableval
+else
+   ENABLED_CERTREQ=no
+
+fi
+
+
+if test "$ENABLED_CERTREQ" = "yes"
+then
+    if test "$ENABLED_CERTGEN" = "no"
+    then
+        as_fn_error $? "cannot enable certreq without enabling certgen." "$LINENO" 5
+    fi
+    AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_CERT_REQ"
+fi
+
+
+# SEP
+# Check whether --enable-sep was given.
+if test "${enable_sep+set}" = set; then :
+  enableval=$enable_sep;  ENABLED_SEP=$enableval
+else
+   ENABLED_SEP=no
+
+fi
+
+if test "$ENABLED_SEP" = "yes"
+then
+  AM_CFLAGS="-DWOLFSSL_SEP -DKEEP_PEER_CERT $AM_CFLAGS"
+fi
+
+
+# HKDF
+# Check whether --enable-hkdf was given.
+if test "${enable_hkdf+set}" = set; then :
+  enableval=$enable_hkdf;  ENABLED_HKDF=$enableval
+else
+   ENABLED_HKDF=no
+
+fi
+
+if test "$ENABLED_HKDF" = "yes"
+then
+  AM_CFLAGS="$AM_CFLAGS -DHAVE_HKDF"
+fi
+
+
+# DSA
+# Check whether --enable-dsa was given.
+if test "${enable_dsa+set}" = set; then :
+  enableval=$enable_dsa;  ENABLED_DSA=$enableval
+else
+   ENABLED_DSA=no
+
+fi
+
+
+if test "$ENABLED_DSA" = "no"
+then
+    AM_CFLAGS="$AM_CFLAGS -DNO_DSA"
+fi
+
+ if test "x$ENABLED_DSA" = "xyes"; then
+  BUILD_DSA_TRUE=
+  BUILD_DSA_FALSE='#'
+else
+  BUILD_DSA_TRUE='#'
+  BUILD_DSA_FALSE=
+fi
+
+
+
+# ECC
+# Check whether --enable-ecc was given.
+if test "${enable_ecc+set}" = set; then :
+  enableval=$enable_ecc;  ENABLED_ECC=$enableval
+else
+   ENABLED_ECC=no
+
+fi
+
+
+if test "$ENABLED_ECC" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DHAVE_ECC -DTFM_ECC256 -DECC_SHAMIR"
+fi
+
+ if test "x$ENABLED_ECC" = "xyes"; then
+  BUILD_ECC_TRUE=
+  BUILD_ECC_FALSE='#'
+else
+  BUILD_ECC_TRUE='#'
+  BUILD_ECC_FALSE=
+fi
+
+
+
+if test "$ENABLED_ECC" = "yes" && test "$ENABLED_SMALL" = "yes"
+then
+    as_fn_error $? "cannot enable ecc and small, ecc requires TLS which small turns off." "$LINENO" 5
+fi
+
+
+# ECC25519
+# Check whether --enable-ecc25519 was given.
+if test "${enable_ecc25519+set}" = set; then :
+  enableval=$enable_ecc25519;  ENABLED_ECC25519=$enableval
+else
+   ENABLED_ECC25519=no
+
+fi
+
+
+if test "$ENABLED_ECC25519" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DHAVE_ECC25519"
+fi
+
+
+ if test "x$ENABLED_ECC25519" = "xyes"; then
+  BUILD_ECC25519_TRUE=
+  BUILD_ECC25519_FALSE='#'
+else
+  BUILD_ECC25519_TRUE='#'
+  BUILD_ECC25519_FALSE=
+fi
+
+
+
+# FP ECC, Fixed Point cache ECC
+# Check whether --enable-fpecc was given.
+if test "${enable_fpecc+set}" = set; then :
+  enableval=$enable_fpecc;  ENABLED_FPECC=$enableval
+else
+   ENABLED_FPECC=no
+
+fi
+
+
+if test "$ENABLED_FPECC" = "yes"
+then
+    if test "$ENABLED_ECC" = "no"
+    then
+        as_fn_error $? "cannot enable fpecc without enabling ecc." "$LINENO" 5
+    fi
+    AM_CFLAGS="$AM_CFLAGS -DFP_ECC"
+fi
+
+
+# ECC encrypt
+# Check whether --enable-eccencrypt was given.
+if test "${enable_eccencrypt+set}" = set; then :
+  enableval=$enable_eccencrypt;  ENABLED_ECC_ENCRYPT=$enableval
+else
+   ENABLED_ECC_ENCRYPT=no
+
+fi
+
+
+if test "$ENABLED_ECC_ENCRYPT" = "yes"
+then
+    if test "$ENABLED_ECC" = "no"
+    then
+        as_fn_error $? "cannot enable eccencrypt without enabling ecc." "$LINENO" 5
+    fi
+    if test "$ENABLED_HKDF" = "no"
+    then
+        as_fn_error $? "cannot enable eccencrypt without enabling hkdf." "$LINENO" 5
+    fi
+    AM_CFLAGS="$AM_CFLAGS -DHAVE_ECC_ENCRYPT"
+fi
+
+
+# PSK
+# Check whether --enable-psk was given.
+if test "${enable_psk+set}" = set; then :
+  enableval=$enable_psk;  ENABLED_PSK=$enableval
+else
+   ENABLED_PSK=no
+
+fi
+
+
+if test "$ENABLED_PSK" = "no" && test "$ENABLED_LEANPSK" = "no"
+then
+    AM_CFLAGS="$AM_CFLAGS -DNO_PSK"
+fi
+
+if test "$ENABLED_PSK" = "no" && test "$ENABLED_LEANPSK" = "yes"
+then
+    ENABLED_PSK=yes
+fi
+
+
+# ERROR STRINGS
+# Check whether --enable-errorstrings was given.
+if test "${enable_errorstrings+set}" = set; then :
+  enableval=$enable_errorstrings;  ENABLED_ERROR_STRINGS=$enableval
+else
+   ENABLED_ERROR_STRINGS=yes
+
+fi
+
+
+if test "$ENABLED_ERROR_STRINGS" = "no"
+then
+    AM_CFLAGS="$AM_CFLAGS -DNO_ERROR_STRINGS"
+else
+    # turn off error strings if leanpsk on
+    if test "$ENABLED_LEANPSK" = "yes"
+    then
+        AM_CFLAGS="$AM_CFLAGS -DNO_ERROR_STRINGS"
+        ENABLED_ERROR_STRINGS=no
+    fi
+fi
+
+
+# OLD TLS
+# Check whether --enable-oldtls was given.
+if test "${enable_oldtls+set}" = set; then :
+  enableval=$enable_oldtls;  ENABLED_OLD_TLS=$enableval
+else
+   ENABLED_OLD_TLS=yes
+
+fi
+
+
+if test "$ENABLED_OLD_TLS" = "no"
+then
+    AM_CFLAGS="$AM_CFLAGS -DNO_OLD_TLS"
+else
+    # turn off old if leanpsk on
+    if test "$ENABLED_LEANPSK" = "yes"
+    then
+        AM_CFLAGS="$AM_CFLAGS -DNO_OLD_TLS"
+        ENABLED_OLD_TLS=no
+    fi
+fi
+
+
+# STACK SIZE info for examples
+# Check whether --enable-stacksize was given.
+if test "${enable_stacksize+set}" = set; then :
+  enableval=$enable_stacksize;  ENABLED_STACKSIZE=$enableval
+else
+   ENABLED_STACKSIZE=no
+
+fi
+
+
+if test "$ENABLED_STACKSIZE" = "yes"
+then
+    ac_fn_c_check_func "$LINENO" "posix_memalign" "ac_cv_func_posix_memalign"
+if test "x$ac_cv_func_posix_memalign" = xyes; then :
+
+else
+  as_fn_error $? "stacksize needs posix_memalign" "$LINENO" 5
+fi
+
+    ac_fn_c_check_func "$LINENO" "pthread_attr_setstack" "ac_cv_func_pthread_attr_setstack"
+if test "x$ac_cv_func_pthread_attr_setstack" = xyes; then :
+
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: checking for pthread_attr_setstack in -lpthread" >&5
+$as_echo_n "checking for pthread_attr_setstack in -lpthread... " >&6; }
+if ${ac_cv_lib_pthread_pthread_attr_setstack+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  ac_check_lib_save_LIBS=$LIBS
+LIBS="-lpthread  $LIBS"
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+/* Override any GCC internal prototype to avoid an error.
+   Use char because int might match the return type of a GCC
+   builtin and then its argument prototype would still apply.  */
+#ifdef __cplusplus
+extern "C"
+#endif
+char pthread_attr_setstack ();
+int
+main ()
+{
+return pthread_attr_setstack ();
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_link "$LINENO"; then :
+  ac_cv_lib_pthread_pthread_attr_setstack=yes
+else
+  ac_cv_lib_pthread_pthread_attr_setstack=no
+fi
+rm -f core conftest.err conftest.$ac_objext \
+    conftest$ac_exeext conftest.$ac_ext
+LIBS=$ac_check_lib_save_LIBS
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_pthread_pthread_attr_setstack" >&5
+$as_echo "$ac_cv_lib_pthread_pthread_attr_setstack" >&6; }
+if test "x$ac_cv_lib_pthread_pthread_attr_setstack" = xyes; then :
+  cat >>confdefs.h <<_ACEOF
+#define HAVE_LIBPTHREAD 1
+_ACEOF
+
+  LIBS="-lpthread $LIBS"
+
+fi
+
+fi
+
+    AM_CFLAGS="$AM_CFLAGS -DHAVE_STACK_SIZE -DWOLFSSL_LOW_MEMORY"
+fi
+
+
+# MEMORY
+# Check whether --enable-memory was given.
+if test "${enable_memory+set}" = set; then :
+  enableval=$enable_memory;  ENABLED_MEMORY=$enableval
+else
+   ENABLED_MEMORY=yes
+
+fi
+
+
+if test "$ENABLED_MEMORY" = "no"
+then
+    AM_CFLAGS="$AM_CFLAGS -DNO_WOLFSSL_MEMORY"
+else
+    # turn off memory cb if leanpsk on
+    if test "$ENABLED_LEANPSK" = "yes"
+    then
+        # but don't turn on NO_WOLFSSL_MEMORY because using own
+        ENABLED_MEMORY=no
+    fi
+fi
+
+ if test "x$ENABLED_MEMORY" = "xyes"; then
+  BUILD_MEMORY_TRUE=
+  BUILD_MEMORY_FALSE='#'
+else
+  BUILD_MEMORY_TRUE='#'
+  BUILD_MEMORY_FALSE=
+fi
+
+
+
+# RSA
+# Check whether --enable-rsa was given.
+if test "${enable_rsa+set}" = set; then :
+  enableval=$enable_rsa;  ENABLED_RSA=$enableval
+else
+   ENABLED_RSA=yes
+
+fi
+
+
+if test "$ENABLED_RSA" = "no"
+then
+    AM_CFLAGS="$AM_CFLAGS -DNO_RSA"
+else
+    # turn off RSA if leanpsk on
+    if test "$ENABLED_LEANPSK" = "yes"
+    then
+        AM_CFLAGS="$AM_CFLAGS -DNO_RSA"
+        ENABLED_RSA=no
+    fi
+fi
+
+ if test "x$ENABLED_RSA" = "xyes"; then
+  BUILD_RSA_TRUE=
+  BUILD_RSA_FALSE='#'
+else
+  BUILD_RSA_TRUE='#'
+  BUILD_RSA_FALSE=
+fi
+
+
+
+# DH
+# Check whether --enable-dh was given.
+if test "${enable_dh+set}" = set; then :
+  enableval=$enable_dh;  ENABLED_DH=$enableval
+else
+   ENABLED_DH=no
+
+fi
+
+
+if test "$ENABLED_DH" = "no"
+then
+    AM_CFLAGS="$AM_CFLAGS -DNO_DH"
+else
+    # turn off DH if leanpsk on
+    if test "$ENABLED_LEANPSK" = "yes"
+    then
+        AM_CFLAGS="$AM_CFLAGS -DNO_DH"
+        ENABLED_DH=no
+    fi
+fi
+
+ if test "x$ENABLED_DH" = "xyes"; then
+  BUILD_DH_TRUE=
+  BUILD_DH_FALSE='#'
+else
+  BUILD_DH_TRUE='#'
+  BUILD_DH_FALSE=
+fi
+
+
+
+# Anonymous
+# Check whether --enable-anon was given.
+if test "${enable_anon+set}" = set; then :
+  enableval=$enable_anon;  ENABLED_ANON=$enableval
+else
+   ENABLED_ANON=no
+
+fi
+
+
+
+if test "x$ENABLED_ANON" = "xyes"
+then
+    if test "x$ENABLED_DH" != "xyes"
+    then
+        as_fn_error $? "Anonymous suite requires DH." "$LINENO" 5
+    fi
+    AM_CFLAGS="$AM_CFLAGS -DHAVE_ANON"
+fi
+
+
+# ASN
+# turn off asn, which means no certs, no rsa, no dh, no dsa, no ecc,
+# and no big int, use this to disable all public key stuff
+# Check whether --enable-asn was given.
+if test "${enable_asn+set}" = set; then :
+  enableval=$enable_asn;  ENABLED_ASN=$enableval
+else
+   ENABLED_ASN=yes
+
+fi
+
+
+if test "$ENABLED_ASN" = "no"
+then
+    AM_CFLAGS="$AM_CFLAGS -DNO_ASN -DNO_CERTS -DNO_BIG_INT"
+else
+    # turn off ASN if leanpsk on
+    if test "$ENABLED_LEANPSK" = "yes"
+    then
+        AM_CFLAGS="$AM_CFLAGS -DNO_ASN -DNO_CERTS -DNO_BIG_INT"
+        ENABLED_ASN=no
+    fi
+fi
+
+if test "$ENABLED_RSA" = "yes" && test "$ENABLED_ASN" = "no"
+then
+    as_fn_error $? "please disable rsa if disabling asn." "$LINENO" 5
+fi
+
+if test "$ENABLED_DSA" = "yes" && test "$ENABLED_ASN" = "no"
+then
+    as_fn_error $? "please disable dsa if disabling asn." "$LINENO" 5
+fi
+
+if test "$ENABLED_DH" = "yes" && test "$ENABLED_ASN" = "no"
+then
+    as_fn_error $? "please disable dh if disabling asn." "$LINENO" 5
+fi
+
+if test "$ENABLED_ECC" = "yes" && test "$ENABLED_ASN" = "no"
+then
+    as_fn_error $? "please disable ecc if disabling asn." "$LINENO" 5
+fi
+
+if test "$ENABLED_PSK" = "no" && test "$ENABLED_ASN" = "no"
+then
+    as_fn_error $? "please enable psk if disabling asn." "$LINENO" 5
+fi
+
+if test "$ENABLED_ASN" = "no"
+then
+    ENABLED_FASTMATH=no
+    ENABLED_SLOWMATH=no
+fi
+
+ if test "x$ENABLED_ASN" = "xyes"; then
+  BUILD_ASN_TRUE=
+  BUILD_ASN_FALSE='#'
+else
+  BUILD_ASN_TRUE='#'
+  BUILD_ASN_FALSE=
+fi
+
+
+
+# AES
+# Check whether --enable-aes was given.
+if test "${enable_aes+set}" = set; then :
+  enableval=$enable_aes;  ENABLED_AES=$enableval
+else
+   ENABLED_AES=yes
+
+fi
+
+
+if test "$ENABLED_AES" = "no"
+then
+    AM_CFLAGS="$AM_CFLAGS -DNO_AES"
+else
+    # turn off AES if leanpsk on
+    if test "$ENABLED_LEANPSK" = "yes"
+    then
+        AM_CFLAGS="$AM_CFLAGS -DNO_AES"
+        ENABLED_AES=no
+    fi
+fi
+
+ if test "x$ENABLED_AES" = "xyes"; then
+  BUILD_AES_TRUE=
+  BUILD_AES_FALSE='#'
+else
+  BUILD_AES_TRUE='#'
+  BUILD_AES_FALSE=
+fi
+
+
+
+# CODING
+# Check whether --enable-coding was given.
+if test "${enable_coding+set}" = set; then :
+  enableval=$enable_coding;  ENABLED_CODING=$enableval
+else
+   ENABLED_CODING=yes
+
+fi
+
+
+if test "$ENABLED_CODING" = "no"
+then
+    AM_CFLAGS="$AM_CFLAGS -DNO_CODING"
+else
+    # turn off CODING if leanpsk on
+    if test "$ENABLED_LEANPSK" = "yes"
+    then
+        AM_CFLAGS="$AM_CFLAGS -DNO_CODING"
+        ENABLED_CODING=no
+    fi
+fi
+
+ if test "x$ENABLED_CODING" = "xyes"; then
+  BUILD_CODING_TRUE=
+  BUILD_CODING_FALSE='#'
+else
+  BUILD_CODING_TRUE='#'
+  BUILD_CODING_FALSE=
+fi
+
+
+
+# DES3
+# Check whether --enable-des3 was given.
+if test "${enable_des3+set}" = set; then :
+  enableval=$enable_des3;  ENABLED_DES3=$enableval
+else
+   ENABLED_DES3=yes
+
+fi
+
+
+if test "$ENABLED_DES3" = "no"
+then
+    AM_CFLAGS="$AM_CFLAGS -DNO_DES3"
+else
+    # turn off DES3 if leanpsk on
+    if test "$ENABLED_LEANPSK" = "yes"
+    then
+        AM_CFLAGS="$AM_CFLAGS -DNO_DES3"
+        ENABLED_DES3=no
+    fi
+fi
+
+ if test "x$ENABLED_DES3" = "xyes"; then
+  BUILD_DES3_TRUE=
+  BUILD_DES3_FALSE='#'
+else
+  BUILD_DES3_TRUE='#'
+  BUILD_DES3_FALSE=
+fi
+
+
+
+# ARC4
+# Check whether --enable-arc4 was given.
+if test "${enable_arc4+set}" = set; then :
+  enableval=$enable_arc4;  ENABLED_ARC4=$enableval
+else
+   ENABLED_ARC4=yes
+
+fi
+
+
+if test "$ENABLED_ARC4" = "no"
+then
+    AM_CFLAGS="$AM_CFLAGS -DNO_RC4"
+else
+    # turn off ARC4 if leanpsk on
+    if test "$ENABLED_LEANPSK" = "yes"
+    then
+        AM_CFLAGS="$AM_CFLAGS -DNO_RC4"
+        ENABLED_ARC4=no
+    fi
+fi
+
+ if test "x$ENABLED_ARC4" = "xyes"; then
+  BUILD_RC4_TRUE=
+  BUILD_RC4_FALSE='#'
+else
+  BUILD_RC4_TRUE='#'
+  BUILD_RC4_FALSE=
+fi
+
+
+
+# MD5
+# Check whether --enable-md5 was given.
+if test "${enable_md5+set}" = set; then :
+  enableval=$enable_md5;  ENABLED_MD5=$enableval
+else
+   ENABLED_MD5=yes
+
+fi
+
+
+if test "$ENABLED_MD5" = "no"
+then
+    AM_CFLAGS="$AM_CFLAGS -DNO_MD5 -DNO_OLD_TLS"
+else
+    # turn off MD5 if leanpsk on
+    if test "$ENABLED_LEANPSK" = "yes"
+    then
+        AM_CFLAGS="$AM_CFLAGS -DNO_MD5 -DNO_OLD_TLS"
+        ENABLED_MD5=no
+    fi
+fi
+
+ if test "x$ENABLED_MD5" = "xyes"; then
+  BUILD_MD5_TRUE=
+  BUILD_MD5_FALSE='#'
+else
+  BUILD_MD5_TRUE='#'
+  BUILD_MD5_FALSE=
+fi
+
+
+
+# SHA
+# Check whether --enable-sha was given.
+if test "${enable_sha+set}" = set; then :
+  enableval=$enable_sha;  ENABLED_SHA=$enableval
+else
+   ENABLED_SHA=yes
+
+fi
+
+
+if test "$ENABLED_SHA" = "no"
+then
+    AM_CFLAGS="$AM_CFLAGS -DNO_SHA -DNO_OLD_TLS"
+else
+    # turn off SHA if leanpsk on
+    if test "$ENABLED_LEANPSK" = "yes"
+    then
+        AM_CFLAGS="$AM_CFLAGS -DNO_SHA -DNO_OLD_TLS"
+        ENABLED_SHA=no
+    fi
+fi
+
+ if test "x$ENABLED_SHA" = "xyes"; then
+  BUILD_SHA_TRUE=
+  BUILD_SHA_FALSE='#'
+else
+  BUILD_SHA_TRUE='#'
+  BUILD_SHA_FALSE=
+fi
+
+
+
+# MD4
+# Check whether --enable-md4 was given.
+if test "${enable_md4+set}" = set; then :
+  enableval=$enable_md4;  ENABLED_MD4=$enableval
+else
+   ENABLED_MD4=no
+
+fi
+
+
+if test "$ENABLED_MD4" = "no"
+then
+    AM_CFLAGS="$AM_CFLAGS -DNO_MD4"
+fi
+
+ if test "x$ENABLED_MD4" = "xyes"; then
+  BUILD_MD4_TRUE=
+  BUILD_MD4_FALSE='#'
+else
+  BUILD_MD4_TRUE='#'
+  BUILD_MD4_FALSE=
+fi
+
+
+
+# Web Server Build
+# Check whether --enable-webserver was given.
+if test "${enable_webserver+set}" = set; then :
+  enableval=$enable_webserver;  ENABLED_WEBSERVER=$enableval
+else
+   ENABLED_WEBSERVER=no
+
+fi
+
+
+if test "$ENABLED_WEBSERVER" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DHAVE_WEBSERVER"
+fi
+
+
+
+# HC128
+# Check whether --enable-hc128 was given.
+if test "${enable_hc128+set}" = set; then :
+  enableval=$enable_hc128;  ENABLED_HC128=$enableval
+else
+   ENABLED_HC128=no
+
+fi
+
+
+if test "$ENABLED_HC128" = "no"
+then
+    AM_CFLAGS="$AM_CFLAGS -DNO_HC128"
+else
+    AM_CFLAGS="$AM_CFLAGS -DHAVE_HC128"
+fi
+
+ if test "x$ENABLED_HC128" = "xyes"; then
+  BUILD_HC128_TRUE=
+  BUILD_HC128_FALSE='#'
+else
+  BUILD_HC128_TRUE='#'
+  BUILD_HC128_FALSE=
+fi
+
+
+
+# RABBIT
+# Check whether --enable-rabbit was given.
+if test "${enable_rabbit+set}" = set; then :
+  enableval=$enable_rabbit;  ENABLED_RABBIT=$enableval
+else
+   ENABLED_RABBIT=no
+
+fi
+
+
+if test "$ENABLED_RABBIT" = "no"
+then
+    AM_CFLAGS="$AM_CFLAGS -DNO_RABBIT"
+else
+    AM_CFLAGS="$AM_CFLAGS -DHAVE_RABBIT"
+fi
+
+ if test "x$ENABLED_RABBIT" = "xyes"; then
+  BUILD_RABBIT_TRUE=
+  BUILD_RABBIT_FALSE='#'
+else
+  BUILD_RABBIT_TRUE='#'
+  BUILD_RABBIT_FALSE=
+fi
+
+
+
+# CHACHA
+# Check whether --enable-chacha was given.
+if test "${enable_chacha+set}" = set; then :
+  enableval=$enable_chacha;  ENABLED_CHACHA=$enableval
+else
+   ENABLED_CHACHA=no
+
+fi
+
+
+if test "$ENABLED_CHACHA" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DHAVE_CHACHA"
+fi
+
+ if test "x$ENABLED_CHACHA" = "xyes"; then
+  BUILD_CHACHA_TRUE=
+  BUILD_CHACHA_FALSE='#'
+else
+  BUILD_CHACHA_TRUE='#'
+  BUILD_CHACHA_FALSE=
+fi
+
+
+
+# FIPS
+# Check whether --enable-fips was given.
+if test "${enable_fips+set}" = set; then :
+  enableval=$enable_fips;  ENABLED_FIPS=$enableval
+else
+   ENABLED_FIPS=no
+
+fi
+
+
+if test "x$ENABLED_FIPS" = "xyes"
+then
+    # requires thread local storage
+    if test "$thread_ls_on" = "no"
+    then
+        as_fn_error $? "FIPS requires Thread Local Storage" "$LINENO" 5
+    fi
+    # requires SHA512
+    if test "x$ENABLED_SHA512" = "xno"
+    then
+        ENABLED_SHA512="yes"
+        AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SHA512 -DWOLFSSL_SHA384"
+         if test "x$ENABLED_SHA512" = "xyes"; then
+  BUILD_SHA512_TRUE=
+  BUILD_SHA512_FALSE='#'
+else
+  BUILD_SHA512_TRUE='#'
+  BUILD_SHA512_FALSE=
+fi
+
+    fi
+    # requires AESGCM
+    if test "x$ENABLED_AESGCM" != "xyes"
+    then
+        ENABLED_AESGCM="yes"
+        AM_CFLAGS="$AM_CFLAGS -DHAVE_AESGCM"
+         if test "x$ENABLED_SHA512" = "xyes"; then
+  BUILD_SHA512_TRUE=
+  BUILD_SHA512_FALSE='#'
+else
+  BUILD_SHA512_TRUE='#'
+  BUILD_SHA512_FALSE=
+fi
+
+    fi
+    AM_CFLAGS="$AM_CFLAGS -DHAVE_FIPS"
+fi
+
+ if test "x$ENABLED_FIPS" = "xyes"; then
+  BUILD_FIPS_TRUE=
+  BUILD_FIPS_FALSE='#'
+else
+  BUILD_FIPS_TRUE='#'
+  BUILD_FIPS_FALSE=
+fi
+
+
+
+# Hash DRBG
+# Check whether --enable-hashdrbg was given.
+if test "${enable_hashdrbg+set}" = set; then :
+  enableval=$enable_hashdrbg;  ENABLED_HASHDRBG=$enableval
+else
+   ENABLED_HASHDRBG=yes
+
+fi
+
+
+if test "x$ENABLED_HASHDRBG" = "xyes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DHAVE_HASHDRBG"
+else
+    # turn on Hash DRBG if FIPS is on or ARC4 is off
+    if test "x$ENABLED_FIPS" = "xyes" || test "x$ENABLED_ARC4" = "xno"
+    then
+        AM_CFLAGS="$AM_CFLAGS -DHAVE_HASHDRBG"
+        ENABLED_HASHDRBG=yes
+    fi
+fi
+
+
+# Filesystem Build
+# Check whether --enable-filesystem was given.
+if test "${enable_filesystem+set}" = set; then :
+  enableval=$enable_filesystem;  ENABLED_FILESYSTEM=$enableval
+else
+   ENABLED_FILESYSTEM=yes
+
+fi
+
+
+if test "$ENABLED_FILESYSTEM" = "no"
+then
+    AM_CFLAGS="$AM_CFLAGS -DNO_FILESYSTEM"
+else
+    # turn off filesystem if leanpsk on
+    if test "$ENABLED_LEANPSK" = "yes"
+    then
+        AM_CFLAGS="$AM_CFLAGS -DNO_FILESYSTEM"
+        ENABLED_FILESYSTEM=no
+    fi
+fi
+
+
+# inline Build
+# Check whether --enable-inline was given.
+if test "${enable_inline+set}" = set; then :
+  enableval=$enable_inline;  ENABLED_INLINE=$enableval
+else
+   ENABLED_INLINE=yes
+
+fi
+
+
+if test "$ENABLED_INLINE" = "no"
+then
+    AM_CFLAGS="$AM_CFLAGS -DNO_INLINE"
+fi
+
+ if test "x$ENABLED_INLINE" = "xyes"; then
+  BUILD_INLINE_TRUE=
+  BUILD_INLINE_FALSE='#'
+else
+  BUILD_INLINE_TRUE='#'
+  BUILD_INLINE_FALSE=
+fi
+
+
+
+# OCSP
+# Check whether --enable-ocsp was given.
+if test "${enable_ocsp+set}" = set; then :
+  enableval=$enable_ocsp;  ENABLED_OCSP=$enableval
+else
+   ENABLED_OCSP=no
+fi
+
+
+if test "$ENABLED_OCSP" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DHAVE_OCSP"
+fi
+
+ if test "x$ENABLED_OCSP" = "xyes"; then
+  BUILD_OCSP_TRUE=
+  BUILD_OCSP_FALSE='#'
+else
+  BUILD_OCSP_TRUE='#'
+  BUILD_OCSP_FALSE=
+fi
+
+
+
+if test "$ENABLED_OCSP" = "yes"
+then
+    # check openssl command tool for testing ocsp
+    # Extract the first word of "openssl", so it can be a program name with args.
+set dummy openssl; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_HAVE_OPENSSL_CMD+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if test -n "$HAVE_OPENSSL_CMD"; then
+  ac_cv_prog_HAVE_OPENSSL_CMD="$HAVE_OPENSSL_CMD" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    for ac_exec_ext in '' $ac_executable_extensions; do
+  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
+    ac_cv_prog_HAVE_OPENSSL_CMD="yes"
+    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
+    break 2
+  fi
+done
+  done
+IFS=$as_save_IFS
+
+  test -z "$ac_cv_prog_HAVE_OPENSSL_CMD" && ac_cv_prog_HAVE_OPENSSL_CMD="no"
+fi
+fi
+HAVE_OPENSSL_CMD=$ac_cv_prog_HAVE_OPENSSL_CMD
+if test -n "$HAVE_OPENSSL_CMD"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $HAVE_OPENSSL_CMD" >&5
+$as_echo "$HAVE_OPENSSL_CMD" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+
+    if test "$HAVE_OPENSSL_CMD" = "yes"
+    then
+        AM_CFLAGS="$AM_CFLAGS -DHAVE_OPENSSL_CMD"
+    else
+        { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: openssl command line tool not available for testing ocsp" >&5
+$as_echo "$as_me: WARNING: openssl command line tool not available for testing ocsp" >&2;}
+    fi
+fi
+
+
+# CRL
+# Check whether --enable-crl was given.
+if test "${enable_crl+set}" = set; then :
+  enableval=$enable_crl;  ENABLED_CRL=$enableval
+else
+   ENABLED_CRL=no
+fi
+
+
+if test "$ENABLED_CRL" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DHAVE_CRL"
+fi
+
+ if test "x$ENABLED_CRL" = "xyes"; then
+  BUILD_CRL_TRUE=
+  BUILD_CRL_FALSE='#'
+else
+  BUILD_CRL_TRUE='#'
+  BUILD_CRL_FALSE=
+fi
+
+
+
+# CRL Monitor
+# Check whether --enable-crl-monitor was given.
+if test "${enable_crl_monitor+set}" = set; then :
+  enableval=$enable_crl_monitor;  ENABLED_CRL_MONITOR=$enableval
+else
+   ENABLED_CRL_MONITOR=no
+fi
+
+
+if test "$ENABLED_CRL_MONITOR" = "yes"
+then
+    case $host_os in
+    *linux* | *darwin* | *freebsd*)
+        AM_CFLAGS="$AM_CFLAGS -DHAVE_CRL_MONITOR" ;;
+    *)
+        as_fn_error $? "crl monitor only allowed on linux, OS X, or freebsd" "$LINENO" 5 ;;
+    esac
+fi
+
+ if test "x$ENABLED_CRL_MONITOR" = "xyes"; then
+  BUILD_CRL_MONITOR_TRUE=
+  BUILD_CRL_MONITOR_FALSE='#'
+else
+  BUILD_CRL_MONITOR_TRUE='#'
+  BUILD_CRL_MONITOR_FALSE=
+fi
+
+
+
+# NTRU
+ENABLED_NTRU="no"
+tryntrudir=""
+
+# Check whether --with-ntru was given.
+if test "${with_ntru+set}" = set; then :
+  withval=$with_ntru;
+        { $as_echo "$as_me:${as_lineno-$LINENO}: checking for NTRU" >&5
+$as_echo_n "checking for NTRU... " >&6; }
+        CPPFLAGS="$CPPFLAGS -DHAVE_NTRU"
+        LIBS="$LIBS -lNTRUEncrypt"
+
+        cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+#include 
+int
+main ()
+{
+ ntru_crypto_drbg_instantiate(0, 0, 0, 0, 0);
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_link "$LINENO"; then :
+   ntru_linked=yes
+else
+   ntru_linked=no
+fi
+rm -f core conftest.err conftest.$ac_objext \
+    conftest$ac_exeext conftest.$ac_ext
+
+        if test "x$ntru_linked" == "xno" ; then
+            if test "x$withval" != "xno" ; then
+                tryntrudir=$withval
+            fi
+            if test "x$withval" == "xyes" ; then
+                tryntrudir="/usr"
+            fi
+
+            LDFLAGS="$AM_LDFLAGS -L$tryntrudir/lib"
+            CPPFLAGS="$CPPFLAGS -I$tryntrudir/include"
+
+            cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+#include 
+int
+main ()
+{
+ ntru_crypto_drbg_instantiate(0, 0, 0, 0, 0);
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_link "$LINENO"; then :
+   ntru_linked=yes
+else
+   ntru_linked=no
+fi
+rm -f core conftest.err conftest.$ac_objext \
+    conftest$ac_exeext conftest.$ac_ext
+
+            if test "x$ntru_linked" == "xno" ; then
+                as_fn_error $? "NTRU isn't found.
+                If it's already installed, specify its path using --with-ntru=/dir/" "$LINENO" 5
+            fi
+            { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+$as_echo "yes" >&6; }
+            AM_LDFLAGS="$AM_LDFLAGS -L$tryntrudir/lib"
+        else
+            { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+$as_echo "yes" >&6; }
+        fi
+
+        AM_CFLAGS="$AM_CFLAGS -DHAVE_NTRU"
+        ENABLED_NTRU="yes"
+
+
+fi
+
+
+ if test "x$ENABLED_NTRU" = "xyes"; then
+  BUILD_NTRU_TRUE=
+  BUILD_NTRU_FALSE='#'
+else
+  BUILD_NTRU_TRUE='#'
+  BUILD_NTRU_FALSE=
+fi
+
+
+if test "$ENABLED_NTRU" = "yes" && test "$ENABLED_SMALL" = "yes"
+then
+    as_fn_error $? "cannot enable ntru and small, ntru requires TLS which small turns off." "$LINENO" 5
+fi
+
+# SNI
+# Check whether --enable-sni was given.
+if test "${enable_sni+set}" = set; then :
+  enableval=$enable_sni;  ENABLED_SNI=$enableval
+else
+   ENABLED_SNI=no
+
+fi
+
+
+if test "x$ENABLED_SNI" = "xyes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DHAVE_TLS_EXTENSIONS -DHAVE_SNI"
+fi
+
+# Maximum Fragment Length
+# Check whether --enable-maxfragment was given.
+if test "${enable_maxfragment+set}" = set; then :
+  enableval=$enable_maxfragment;  ENABLED_MAX_FRAGMENT=$enableval
+else
+   ENABLED_MAX_FRAGMENT=no
+
+fi
+
+
+if test "x$ENABLED_MAX_FRAGMENT" = "xyes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DHAVE_TLS_EXTENSIONS -DHAVE_MAX_FRAGMENT"
+fi
+
+# Truncated HMAC
+# Check whether --enable-truncatedhmac was given.
+if test "${enable_truncatedhmac+set}" = set; then :
+  enableval=$enable_truncatedhmac;  ENABLED_TRUNCATED_HMAC=$enableval
+else
+   ENABLED_TRUNCATED_HMAC=no
+
+fi
+
+
+if test "x$ENABLED_TRUNCATED_HMAC" = "xyes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DHAVE_TLS_EXTENSIONS -DHAVE_TRUNCATED_HMAC"
+fi
+
+# Renegotiation Indication - (FAKE Secure Renegotiation)
+# Check whether --enable-renegotiation-indication was given.
+if test "${enable_renegotiation_indication+set}" = set; then :
+  enableval=$enable_renegotiation_indication;  ENABLED_RENEGOTIATION_INDICATION=$enableval
+else
+   ENABLED_RENEGOTIATION_INDICATION=no
+
+fi
+
+
+if test "x$ENABLED_RENEGOTIATION_INDICATION" = "xyes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DHAVE_RENEGOTIATION_INDICATION"
+fi
+
+# Secure Renegotiation
+# Check whether --enable-secure-renegotiation was given.
+if test "${enable_secure_renegotiation+set}" = set; then :
+  enableval=$enable_secure_renegotiation;  ENABLED_SECURE_RENEGOTIATION=$enableval
+else
+   ENABLED_SECURE_RENEGOTIATION=no
+
+fi
+
+
+if test "x$ENABLED_SECURE_RENEGOTIATION" = "xyes"
+then
+    if test "x$ENABLED_RENEGOTIATION_INDICATION" = "xyes"
+    then
+        as_fn_error $? "cannot enable renegotiation-indication and secure-renegotiation." "$LINENO" 5
+    fi
+    AM_CFLAGS="$AM_CFLAGS -DHAVE_TLS_EXTENSIONS -DHAVE_SECURE_RENEGOTIATION"
+fi
+
+# Supported Elliptic Curves Extensions
+# Check whether --enable-supportedcurves was given.
+if test "${enable_supportedcurves+set}" = set; then :
+  enableval=$enable_supportedcurves;  ENABLED_SUPPORTED_CURVES=$enableval
+else
+   ENABLED_SUPPORTED_CURVES=no
+
+fi
+
+
+if test "x$ENABLED_SUPPORTED_CURVES" = "xyes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DHAVE_TLS_EXTENSIONS -DHAVE_SUPPORTED_CURVES"
+fi
+
+# Session Ticket Extension
+# Check whether --enable-session-ticket was given.
+if test "${enable_session_ticket+set}" = set; then :
+  enableval=$enable_session_ticket;  ENABLED_SESSION_TICKET=$enableval
+else
+   ENABLED_SESSION_TICKET=no
+
+fi
+
+
+if test "x$ENABLED_SESSION_TICKET" = "xyes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DHAVE_TLS_EXTENSIONS -DHAVE_SESSION_TICKET"
+fi
+
+# TLS Extensions
+# Check whether --enable-tlsx was given.
+if test "${enable_tlsx+set}" = set; then :
+  enableval=$enable_tlsx;  ENABLED_TLSX=$enableval
+else
+   ENABLED_TLSX=no
+
+fi
+
+
+if test "x$ENABLED_TLSX" = "xyes"
+then
+	ENABLED_SNI=yes
+	ENABLED_MAX_FRAGMENT=yes
+	ENABLED_TRUNCATED_HMAC=yes
+	ENABLED_SUPPORTED_CURVES=yes
+    AM_CFLAGS="$AM_CFLAGS -DHAVE_TLS_EXTENSIONS -DHAVE_SNI -DHAVE_MAX_FRAGMENT -DHAVE_TRUNCATED_HMAC -DHAVE_SUPPORTED_CURVES"
+fi
+
+# PKCS7
+# Check whether --enable-pkcs7 was given.
+if test "${enable_pkcs7+set}" = set; then :
+  enableval=$enable_pkcs7;  ENABLED_PKCS7=$enableval
+else
+   ENABLED_PKCS7=no
+fi
+
+
+if test "$ENABLED_PKCS7" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DHAVE_PKCS7"
+fi
+
+ if test "x$ENABLED_PKCS7" = "xyes"; then
+  BUILD_PKCS7_TRUE=
+  BUILD_PKCS7_FALSE='#'
+else
+  BUILD_PKCS7_TRUE='#'
+  BUILD_PKCS7_FALSE=
+fi
+
+
+
+# Simple Certificate Enrollment Protocol (SCEP)
+# Check whether --enable-scep was given.
+if test "${enable_scep+set}" = set; then :
+  enableval=$enable_scep;  ENABLED_WOLFSCEP=$enableval
+else
+   ENABLED_WOLFSCEP=no
+
+fi
+
+if test "$ENABLED_WOLFSCEP" = "yes"
+then
+    # Enable prereqs if not already enabled
+    if test "x$ENABLED_KEYGEN" = "xno"
+    then
+        ENABLED_KEYGEN="yes"
+        AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_KEY_GEN"
+    fi
+    if test "x$ENABLED_CERTGEN" = "xno"
+    then
+        ENABLED_CERTGEN="yes"
+        AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_CERT_GEN"
+    fi
+    if test "x$ENABLED_CERTREQ" = "xno"
+    then
+        ENABLED_CERTREQ="yes"
+        AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_CERT_REQ"
+    fi
+    if test "x$ENABLED_PKCS7" = "xno"
+    then
+        ENABLED_PKCS7="yes"
+        AM_CFLAGS="$AM_CFLAGS -DHAVE_PKCS7"
+         if test "x$ENABLED_PKCS7" = "xyes"; then
+  BUILD_PKCS7_TRUE=
+  BUILD_PKCS7_FALSE='#'
+else
+  BUILD_PKCS7_TRUE='#'
+  BUILD_PKCS7_FALSE=
+fi
+
+    fi
+    AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_HAVE_WOLFSCEP"
+fi
+
+
+# Small Stack
+# Check whether --enable-smallstack was given.
+if test "${enable_smallstack+set}" = set; then :
+  enableval=$enable_smallstack;  ENABLED_SMALL_STACK=$enableval
+else
+   ENABLED_SMALL_STACK=no
+
+fi
+
+
+if test "x$ENABLED_SMALL_STACK" = "xyes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SMALL_STACK"
+fi
+
+
+#valgrind
+# Check whether --enable-valgrind was given.
+if test "${enable_valgrind+set}" = set; then :
+  enableval=$enable_valgrind;  ENABLED_VALGRIND=$enableval
+else
+   ENABLED_VALGRIND=no
+
+fi
+
+
+if test "$ENABLED_VALGRIND" = "yes"
+then
+    # Extract the first word of "valgrind", so it can be a program name with args.
+set dummy valgrind; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_HAVE_VALGRIND+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if test -n "$HAVE_VALGRIND"; then
+  ac_cv_prog_HAVE_VALGRIND="$HAVE_VALGRIND" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    for ac_exec_ext in '' $ac_executable_extensions; do
+  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
+    ac_cv_prog_HAVE_VALGRIND="yes"
+    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
+    break 2
+  fi
+done
+  done
+IFS=$as_save_IFS
+
+  test -z "$ac_cv_prog_HAVE_VALGRIND" && ac_cv_prog_HAVE_VALGRIND="no"
+fi
+fi
+HAVE_VALGRIND=$ac_cv_prog_HAVE_VALGRIND
+if test -n "$HAVE_VALGRIND"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $HAVE_VALGRIND" >&5
+$as_echo "$HAVE_VALGRIND" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+
+    if test "$HAVE_VALGRIND" = "no"
+    then
+        as_fn_error $? "Valgrind not found." "$LINENO" 5
+    fi
+    enable_shared=no
+    enable_static=yes
+    AM_CFLAGS="$AM_CFLAGS -DHAVE_VALGRIND"
+fi
+
+ if test "x$ENABLED_VALGRIND" = "xyes"; then
+  USE_VALGRIND_TRUE=
+  USE_VALGRIND_FALSE='#'
+else
+  USE_VALGRIND_TRUE='#'
+  USE_VALGRIND_FALSE=
+fi
+
+
+
+# Test certs, use internal cert functions for extra testing
+# Check whether --enable-testcert was given.
+if test "${enable_testcert+set}" = set; then :
+  enableval=$enable_testcert;  ENABLED_TESTCERT=$enableval
+else
+   ENABLED_TESTCERT=no
+
+fi
+
+
+if test "$ENABLED_TESTCERT" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_TEST_CERT"
+fi
+
+
+# I/O Pool, an example to show user how to override memory handler and use
+# a pool for the input/output buffer requests
+# Check whether --enable-iopool was given.
+if test "${enable_iopool+set}" = set; then :
+  enableval=$enable_iopool;  ENABLED_IOPOOL=$enableval
+else
+   ENABLED_IOPOOL=no
+
+fi
+
+
+if test "$ENABLED_IOPOOL" = "yes"
+then
+    if test "$thread_ls_on" = "no"
+    then
+        as_fn_error $? "I/O Pool example requires Thread Local Storage" "$LINENO" 5
+    fi
+    AM_CFLAGS="$AM_CFLAGS -DHAVE_IO_POOL -DXMALLOC_USER"
+fi
+
+
+# Certificate Service Support
+# Check whether --enable-certservice was given.
+if test "${enable_certservice+set}" = set; then :
+  enableval=$enable_certservice;  ENABLED_CERT_SERVICE=$enableval
+else
+   ENABLED_CERT_SERVICE=no
+
+fi
+
+if test "$ENABLED_CERT_SERVICE" = "yes"
+then
+    # Requires ecc,certgen, and opensslextra make sure on
+    if test "x$ENABLED_CERTGEN" = "xno"
+    then
+        ENABLED_CERTGEN="yes"
+        AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_CERT_GEN"
+    fi
+    if test "x$ENABLED_ECC" = "xno"
+    then
+        ENABLED_ECC="yes"
+        AM_CFLAGS="$AM_CFLAGS -DHAVE_ECC -DTFM_ECC256 -DECC_SHAMIR"
+         if test "x$ENABLED_ECC" = "xyes"; then
+  BUILD_ECC_TRUE=
+  BUILD_ECC_FALSE='#'
+else
+  BUILD_ECC_TRUE='#'
+  BUILD_ECC_FALSE=
+fi
+
+    fi
+    if test "x$ENABLED_OPENSSLEXTRA" = "xno"
+    then
+        ENABLED_OPENSSLEXTRA="yes"
+        AM_CFLAGS="-DOPENSSL_EXTRA $AM_CFLAGS"
+    fi
+    AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_HAVE_CERT_SERVICE"
+fi
+
+
+# PWDBASED has to come after certservice since we want it on w/o explicit on
+# PWDBASED
+# Check whether --enable-pwdbased was given.
+if test "${enable_pwdbased+set}" = set; then :
+  enableval=$enable_pwdbased;  ENABLED_PWDBASED=$enableval
+else
+   ENABLED_PWDBASED=no
+
+fi
+
+
+if test "$ENABLED_PWDBASED" = "no"
+then
+    if test "$ENABLED_OPENSSLEXTRA" = "yes" || test "$ENABLED_WEBSERVER" = "yes"
+    then
+        # opensslextra and webserver needs pwdbased
+        ENABLED_PWDBASED=yes
+    else
+        AM_CFLAGS="$AM_CFLAGS -DNO_PWDBASED"
+    fi
+fi
+
+ if test "x$ENABLED_PWDBASED" = "xyes"; then
+  BUILD_PWDBASED_TRUE=
+  BUILD_PWDBASED_FALSE='#'
+else
+  BUILD_PWDBASED_TRUE='#'
+  BUILD_PWDBASED_FALSE=
+fi
+
+
+
+# set fastmath default
+FASTMATH_DEFAULT=no
+
+if test "$host_cpu" = "x86_64"
+then
+FASTMATH_DEFAULT=yes
+fi
+
+# fastmath
+# Check whether --enable-fastmath was given.
+if test "${enable_fastmath+set}" = set; then :
+  enableval=$enable_fastmath;  ENABLED_FASTMATH=$enableval
+else
+   ENABLED_FASTMATH=$FASTMATH_DEFAULT
+
+fi
+
+
+if test "x$ENABLED_FASTMATH" = "xyes"
+then
+    # turn off fastmth if leanpsk on or asn off
+    if test "$ENABLED_LEANPSK" = "yes" || test "$ENABLED_ASN" = "no"
+    then
+        ENABLED_FASTMATH=no
+    else
+        AM_CFLAGS="$AM_CFLAGS -DUSE_FAST_MATH"
+        ENABLED_SLOWMATH="no"
+    fi
+fi
+
+
+# fast HUGE math
+# Check whether --enable-fasthugemath was given.
+if test "${enable_fasthugemath+set}" = set; then :
+  enableval=$enable_fasthugemath;  ENABLED_FASTHUGEMATH=$enableval
+else
+   ENABLED_FASTHUGEMATH=no
+
+fi
+
+
+if test "$ENABLED_BUMP" = "yes"
+then
+    ENABLED_FASTHUGEMATH="yes"
+fi
+
+if test "$ENABLED_FASTHUGEMATH" = "yes"
+then
+    ENABLED_FASTMATH="yes"
+    AM_CFLAGS="$AM_CFLAGS -DUSE_FAST_MATH"
+    ENABLED_SLOWMATH="no"
+fi
+
+ if test "x$ENABLED_FASTMATH" = "xyes"; then
+  BUILD_FASTMATH_TRUE=
+  BUILD_FASTMATH_FALSE='#'
+else
+  BUILD_FASTMATH_TRUE='#'
+  BUILD_FASTMATH_FALSE=
+fi
+
+ if test "x$ENABLED_SLOWMATH" = "xyes"; then
+  BUILD_SLOWMATH_TRUE=
+  BUILD_SLOWMATH_FALSE='#'
+else
+  BUILD_SLOWMATH_TRUE='#'
+  BUILD_SLOWMATH_FALSE=
+fi
+
+
+
+# Enable Examples, used to disable examples
+# Check whether --enable-examples was given.
+if test "${enable_examples+set}" = set; then :
+  enableval=$enable_examples;  ENABLED_EXAMPLES=$enableval
+else
+   ENABLED_EXAMPLES=yes
+
+fi
+
+
+if test "x$ENABLED_FILESYSTEM" = "xno"; then :
+  ENABLED_EXAMPLES="no"
+fi
+if test "x$ENABLED_INLINE" = "xno"; then :
+  ENABLED_EXAMPLES="no"
+fi
+# certs still have sha signatures for now
+if test "x$ENABLED_SHA" = "xno"; then :
+  ENABLED_EXAMPLES="no"
+fi
+ if test "x$ENABLED_EXAMPLES" = "xyes"; then
+  BUILD_EXAMPLES_TRUE=
+  BUILD_EXAMPLES_FALSE='#'
+else
+  BUILD_EXAMPLES_TRUE='#'
+  BUILD_EXAMPLES_FALSE=
+fi
+
+
+
+# LIBZ
+ENABLED_LIBZ="no"
+trylibzdir=""
+
+# Check whether --with-libz was given.
+if test "${with_libz+set}" = set; then :
+  withval=$with_libz;
+        { $as_echo "$as_me:${as_lineno-$LINENO}: checking for libz" >&5
+$as_echo_n "checking for libz... " >&6; }
+        CPPFLAGS="$CPPFLAGS -DHAVE_LIBZ"
+        LIBS="$LIBS -lz"
+
+        cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+#include 
+int
+main ()
+{
+ deflateInit(0, 8);
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_link "$LINENO"; then :
+   libz_linked=yes
+else
+   libz_linked=no
+fi
+rm -f core conftest.err conftest.$ac_objext \
+    conftest$ac_exeext conftest.$ac_ext
+
+        if test "x$libz_linked" == "xno" ; then
+            if test "x$withval" != "xno" ; then
+                trylibzdir=$withval
+            fi
+            if test "x$withval" == "xyes" ; then
+                trylibzdir="/usr"
+            fi
+
+            AM_LDFLAGS="$AM_LDFLAGS -L$trylibzdir/lib"
+            CPPFLAGS="$CPPFLAGS -I$trylibzdir/include"
+
+            cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+#include 
+int
+main ()
+{
+ deflateInit(0, 8);
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_link "$LINENO"; then :
+   libz_linked=yes
+else
+   libz_linked=no
+fi
+rm -f core conftest.err conftest.$ac_objext \
+    conftest$ac_exeext conftest.$ac_ext
+
+            if test "x$libz_linked" == "xno" ; then
+                as_fn_error $? "libz isn't found.
+                If it's already installed, specify its path using --with-libz=/dir/" "$LINENO" 5
+            fi
+            { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+$as_echo "yes" >&6; }
+        else
+            { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+$as_echo "yes" >&6; }
+        fi
+        ENABLED_LIBZ="yes"
+
+
+fi
+
+ if test "x$ENABLED_LIBZ" = "xyes"; then
+  BUILD_LIBZ_TRUE=
+  BUILD_LIBZ_FALSE='#'
+else
+  BUILD_LIBZ_TRUE='#'
+  BUILD_LIBZ_FALSE=
+fi
+
+
+
+# cavium
+trycaviumdir=""
+
+# Check whether --with-cavium was given.
+if test "${with_cavium+set}" = set; then :
+  withval=$with_cavium;
+        { $as_echo "$as_me:${as_lineno-$LINENO}: checking for cavium" >&5
+$as_echo_n "checking for cavium... " >&6; }
+        CPPFLAGS="$CPPFLAGS -DHAVE_CAVIUM"
+
+            if test "x$withval" == "xyes" ; then
+                as_fn_error $? "need a PATH for --with-cavium" "$LINENO" 5
+            fi
+            if test "x$withval" != "xno" ; then
+                trycaviumdir=$withval
+            fi
+
+            LDFLAGS="$AM_LDFLAGS $trycaviumdir/api/cavium_common.o"
+            CPPFLAGS="$CPPFLAGS -I$trycaviumdir/include"
+
+            cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+#include "cavium_common.h"
+int
+main ()
+{
+ CspShutdown(CAVIUM_DEV_ID);
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_link "$LINENO"; then :
+   cavium_linked=yes
+else
+   cavium_linked=no
+fi
+rm -f core conftest.err conftest.$ac_objext \
+    conftest$ac_exeext conftest.$ac_ext
+
+            if test "x$cavium_linked" == "xno" ; then
+                as_fn_error $? "cavium isn't found.
+                If it's already installed, specify its path using --with-cavium=/dir/" "$LINENO" 5
+            fi
+            { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+$as_echo "yes" >&6; }
+            enable_shared=no
+            enable_static=yes
+
+
+fi
+
+
+
+# microchip api
+# Check whether --enable-mcapi was given.
+if test "${enable_mcapi+set}" = set; then :
+  enableval=$enable_mcapi;  ENABLED_MCAPI=$enableval
+else
+   ENABLED_MCAPI=no
+
+fi
+
+
+if test "$ENABLED_MCAPI" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DHAVE_MCAPI -DWOLFSSL_AES_COUNTER -DWOLFSSL_AES_DIRECT"
+fi
+
+if test "$ENABLED_MCAPI" = "yes" && test "$ENABLED_SHA512" = "no"
+then
+    as_fn_error $? "please enable sha512 if enabling mcapi." "$LINENO" 5
+fi
+
+if test "$ENABLED_MCAPI" = "yes" && test "$ENABLED_ECC" = "no"
+then
+    as_fn_error $? "please enable ecc if enabling mcapi." "$LINENO" 5
+fi
+
+if test "$ENABLED_MCAPI" = "yes" && test "$ENABLED_LIBZ" = "no"
+then
+    as_fn_error $? "please use --with-libz if enabling mcapi." "$LINENO" 5
+fi
+
+ if test "x$ENABLED_MCAPI" = "xyes"; then
+  BUILD_MCAPI_TRUE=
+  BUILD_MCAPI_FALSE='#'
+else
+  BUILD_MCAPI_TRUE='#'
+  BUILD_MCAPI_FALSE=
+fi
+
+
+
+
+# OPTIMIZE FLAGS
+if test "$GCC" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -Wall -Wno-unused"
+    if test "$ax_enable_debug" = "no"
+    then
+        if test "$ENABLED_FASTMATH" = "yes"
+        then
+            AM_CFLAGS="$AM_CFLAGS $OPTIMIZE_FAST_CFLAGS"
+            if test "$ENABLED_FASTHUGEMATH" = "yes"
+            then
+                AM_CFLAGS="$AM_CFLAGS $OPTIMIZE_HUGE_CFLAGS"
+            fi
+        else
+            AM_CFLAGS="$AM_CFLAGS $OPTIMIZE_CFLAGS"
+        fi
+    fi
+fi
+
+# ICC command line warning for non supported warning flags
+if test "$CC" = "icc"
+then
+    AM_CFLAGS="$AM_CFLAGS -wd10006"
+fi
+
+
+
+	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing gethostbyname" >&5
+$as_echo_n "checking for library containing gethostbyname... " >&6; }
+if ${ac_cv_search_gethostbyname+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  ac_func_search_save_LIBS=$LIBS
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+/* Override any GCC internal prototype to avoid an error.
+   Use char because int might match the return type of a GCC
+   builtin and then its argument prototype would still apply.  */
+#ifdef __cplusplus
+extern "C"
+#endif
+char gethostbyname ();
+int
+main ()
+{
+return gethostbyname ();
+  ;
+  return 0;
+}
+_ACEOF
+for ac_lib in '' nsl; do
+  if test -z "$ac_lib"; then
+    ac_res="none required"
+  else
+    ac_res=-l$ac_lib
+    LIBS="-l$ac_lib  $ac_func_search_save_LIBS"
+  fi
+  if ac_fn_c_try_link "$LINENO"; then :
+  ac_cv_search_gethostbyname=$ac_res
+fi
+rm -f core conftest.err conftest.$ac_objext \
+    conftest$ac_exeext
+  if ${ac_cv_search_gethostbyname+:} false; then :
+  break
+fi
+done
+if ${ac_cv_search_gethostbyname+:} false; then :
+
+else
+  ac_cv_search_gethostbyname=no
+fi
+rm conftest.$ac_ext
+LIBS=$ac_func_search_save_LIBS
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_gethostbyname" >&5
+$as_echo "$ac_cv_search_gethostbyname" >&6; }
+ac_res=$ac_cv_search_gethostbyname
+if test "$ac_res" != no; then :
+  test "$ac_res" = "none required" || LIBS="$ac_res $LIBS"
+
+fi
+
+	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing socket" >&5
+$as_echo_n "checking for library containing socket... " >&6; }
+if ${ac_cv_search_socket+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  ac_func_search_save_LIBS=$LIBS
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+/* Override any GCC internal prototype to avoid an error.
+   Use char because int might match the return type of a GCC
+   builtin and then its argument prototype would still apply.  */
+#ifdef __cplusplus
+extern "C"
+#endif
+char socket ();
+int
+main ()
+{
+return socket ();
+  ;
+  return 0;
+}
+_ACEOF
+for ac_lib in '' socket; do
+  if test -z "$ac_lib"; then
+    ac_res="none required"
+  else
+    ac_res=-l$ac_lib
+    LIBS="-l$ac_lib  $ac_func_search_save_LIBS"
+  fi
+  if ac_fn_c_try_link "$LINENO"; then :
+  ac_cv_search_socket=$ac_res
+fi
+rm -f core conftest.err conftest.$ac_objext \
+    conftest$ac_exeext
+  if ${ac_cv_search_socket+:} false; then :
+  break
+fi
+done
+if ${ac_cv_search_socket+:} false; then :
+
+else
+  ac_cv_search_socket=no
+fi
+rm conftest.$ac_ext
+LIBS=$ac_func_search_save_LIBS
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_socket" >&5
+$as_echo "$ac_cv_search_socket" >&6; }
+ac_res=$ac_cv_search_socket
+if test "$ac_res" != no; then :
+  test "$ac_res" = "none required" || LIBS="$ac_res $LIBS"
+
+else
+
+		{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for socket in -lsocket" >&5
+$as_echo_n "checking for socket in -lsocket... " >&6; }
+if ${ac_cv_lib_socket_socket+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  ac_check_lib_save_LIBS=$LIBS
+LIBS="-lsocket -lnsl $LIBS"
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+/* Override any GCC internal prototype to avoid an error.
+   Use char because int might match the return type of a GCC
+   builtin and then its argument prototype would still apply.  */
+#ifdef __cplusplus
+extern "C"
+#endif
+char socket ();
+int
+main ()
+{
+return socket ();
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_link "$LINENO"; then :
+  ac_cv_lib_socket_socket=yes
+else
+  ac_cv_lib_socket_socket=no
+fi
+rm -f core conftest.err conftest.$ac_objext \
+    conftest$ac_exeext conftest.$ac_ext
+LIBS=$ac_check_lib_save_LIBS
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_socket_socket" >&5
+$as_echo "$ac_cv_lib_socket_socket" >&6; }
+if test "x$ac_cv_lib_socket_socket" = xyes; then :
+  LIBS="-lsocket -lnsl $LIBS"
+fi
+
+fi
+
+
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts " >&5
+$as_echo_n "checking whether C compiler accepts ... " >&6; }
+if ${ax_cv_check_cflags__+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+
+  ax_check_save_flags=$CFLAGS
+  CFLAGS="$CFLAGS  "
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  ax_cv_check_cflags__=yes
+else
+  ax_cv_check_cflags__=no
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+  CFLAGS=$ax_check_save_flags
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ax_cv_check_cflags__" >&5
+$as_echo "$ax_cv_check_cflags__" >&6; }
+if test x"$ax_cv_check_cflags__" = xyes; then :
+  :
+else
+  :
+fi
+
+if ${CFLAGS+:} false; then :
+  case " $CFLAGS " in
+    *"  "*)
+      { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains "; } >&5
+  (: CFLAGS already contains ) 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+      ;;
+    *)
+      { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \""; } >&5
+  (: CFLAGS="$CFLAGS ") 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+      CFLAGS="$CFLAGS "
+      ;;
+   esac
+else
+  CFLAGS=""
+fi
+
+
+
+for flag in ; do
+  as_CACHEVAR=`$as_echo "ax_cv_check_cflags__$flag" | $as_tr_sh`
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5
+$as_echo_n "checking whether C compiler accepts $flag... " >&6; }
+if eval \${$as_CACHEVAR+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+
+  ax_check_save_flags=$CFLAGS
+  CFLAGS="$CFLAGS  $flag"
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  eval "$as_CACHEVAR=yes"
+else
+  eval "$as_CACHEVAR=no"
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+  CFLAGS=$ax_check_save_flags
+fi
+eval ac_res=\$$as_CACHEVAR
+	       { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
+$as_echo "$ac_res" >&6; }
+if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then :
+  if ${CFLAGS+:} false; then :
+  case " $CFLAGS " in
+    *" $flag "*)
+      { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains \$flag"; } >&5
+  (: CFLAGS already contains $flag) 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+      ;;
+    *)
+      { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \$flag\""; } >&5
+  (: CFLAGS="$CFLAGS $flag") 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+      CFLAGS="$CFLAGS $flag"
+      ;;
+   esac
+else
+  CFLAGS="$flag"
+fi
+
+else
+  :
+fi
+
+done
+
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the linker accepts " >&5
+$as_echo_n "checking whether the linker accepts ... " >&6; }
+if ${ax_cv_check_ldflags__+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+
+  ax_check_save_flags=$LDFLAGS
+  LDFLAGS="$LDFLAGS  "
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_link "$LINENO"; then :
+  ax_cv_check_ldflags__=yes
+else
+  ax_cv_check_ldflags__=no
+fi
+rm -f core conftest.err conftest.$ac_objext \
+    conftest$ac_exeext conftest.$ac_ext
+  LDFLAGS=$ax_check_save_flags
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ax_cv_check_ldflags__" >&5
+$as_echo "$ax_cv_check_ldflags__" >&6; }
+if test x"$ax_cv_check_ldflags__" = xyes; then :
+  :
+else
+  :
+fi
+
+    { $as_echo "$as_me:${as_lineno-$LINENO}: checking for vcs system" >&5
+$as_echo_n "checking for vcs system... " >&6; }
+if ${ac_cv_vcs_system+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  ac_cv_vcs_system="none"
+      if test -d ".bzr"; then :
+  ac_cv_vcs_system="bazaar"
+fi
+      if test -d ".svn"; then :
+  ac_cv_vcs_system="svn"
+fi
+      if test -d ".hg"; then :
+  ac_cv_vcs_system="mercurial"
+fi
+      if test -d ".git"; then :
+  ac_cv_vcs_system="git"
+fi
+
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_vcs_system" >&5
+$as_echo "$ac_cv_vcs_system" >&6; }
+
+cat >>confdefs.h <<_ACEOF
+#define VCS_SYSTEM "$ac_cv_vcs_system"
+_ACEOF
+
+
+
+    { $as_echo "$as_me:${as_lineno-$LINENO}: checking for vcs checkout" >&5
+$as_echo_n "checking for vcs checkout... " >&6; }
+if ${ac_cv_vcs_checkout+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if test "x$ac_cv_vcs_system" != "xnone"; then :
+  ac_cv_vcs_checkout=yes
+else
+  ac_cv_vcs_checkout=no
+fi
+
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_vcs_checkout" >&5
+$as_echo "$ac_cv_vcs_checkout" >&6; }
+
+     if test "x$ac_cv_vcs_checkout" = "xyes"; then
+  IS_VCS_CHECKOUT_TRUE=
+  IS_VCS_CHECKOUT_FALSE='#'
+else
+  IS_VCS_CHECKOUT_TRUE='#'
+  IS_VCS_CHECKOUT_FALSE=
+fi
+
+    if test "x$ac_cv_vcs_checkout" = "xyes"; then :
+
+$as_echo "#define VCS_CHECKOUT 1" >>confdefs.h
+
+else
+
+$as_echo "#define VCS_CHECKOUT 0" >>confdefs.h
+
+fi
+
+
+
+
+
+
+            AX_HARDEN_LIB=
+      ax_append_compile_link_flags_extra=
+      if test "x$ac_cv_vcs_checkout" = "xyes"; then :
+
+        { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the linker accepts -Werror" >&5
+$as_echo_n "checking whether the linker accepts -Werror... " >&6; }
+if ${ax_cv_check_ldflags___Werror+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+
+  ax_check_save_flags=$LDFLAGS
+  LDFLAGS="$LDFLAGS  -Werror"
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_link "$LINENO"; then :
+  ax_cv_check_ldflags___Werror=yes
+else
+  ax_cv_check_ldflags___Werror=no
+fi
+rm -f core conftest.err conftest.$ac_objext \
+    conftest$ac_exeext conftest.$ac_ext
+  LDFLAGS=$ax_check_save_flags
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ax_cv_check_ldflags___Werror" >&5
+$as_echo "$ax_cv_check_ldflags___Werror" >&6; }
+if test x"$ax_cv_check_ldflags___Werror" = xyes; then :
+
+          AX_HARDEN_LIB="-Werror $AX_HARDEN_LIB"
+
+else
+  :
+fi
+
+
+else
+
+        { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the linker accepts -Werror" >&5
+$as_echo_n "checking whether the linker accepts -Werror... " >&6; }
+if ${ax_cv_check_ldflags___Werror+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+
+  ax_check_save_flags=$LDFLAGS
+  LDFLAGS="$LDFLAGS  -Werror"
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_link "$LINENO"; then :
+  ax_cv_check_ldflags___Werror=yes
+else
+  ax_cv_check_ldflags___Werror=no
+fi
+rm -f core conftest.err conftest.$ac_objext \
+    conftest$ac_exeext conftest.$ac_ext
+  LDFLAGS=$ax_check_save_flags
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ax_cv_check_ldflags___Werror" >&5
+$as_echo "$ax_cv_check_ldflags___Werror" >&6; }
+if test x"$ax_cv_check_ldflags___Werror" = xyes; then :
+
+          ax_append_compile_link_flags_extra='-Werror'
+
+else
+  :
+fi
+
+
+fi
+
+      as_CACHEVAR=`$as_echo "ax_cv_check_ldflags_$ax_append_compile_link_flags_extra_-z relro -z now" | $as_tr_sh`
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the linker accepts -z relro -z now" >&5
+$as_echo_n "checking whether the linker accepts -z relro -z now... " >&6; }
+if eval \${$as_CACHEVAR+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+
+  ax_check_save_flags=$LDFLAGS
+  LDFLAGS="$LDFLAGS $ax_append_compile_link_flags_extra -z relro -z now"
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_link "$LINENO"; then :
+  eval "$as_CACHEVAR=yes"
+else
+  eval "$as_CACHEVAR=no"
+fi
+rm -f core conftest.err conftest.$ac_objext \
+    conftest$ac_exeext conftest.$ac_ext
+  LDFLAGS=$ax_check_save_flags
+fi
+eval ac_res=\$$as_CACHEVAR
+	       { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
+$as_echo "$ac_res" >&6; }
+if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then :
+
+        AX_HARDEN_LIB="-z relro -z now $AX_HARDEN_LIB"
+
+else
+  :
+fi
+
+
+      as_CACHEVAR=`$as_echo "ax_cv_check_ldflags_$ax_append_compile_link_flags_extra_-pie" | $as_tr_sh`
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the linker accepts -pie" >&5
+$as_echo_n "checking whether the linker accepts -pie... " >&6; }
+if eval \${$as_CACHEVAR+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+
+  ax_check_save_flags=$LDFLAGS
+  LDFLAGS="$LDFLAGS $ax_append_compile_link_flags_extra -pie"
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_link "$LINENO"; then :
+  eval "$as_CACHEVAR=yes"
+else
+  eval "$as_CACHEVAR=no"
+fi
+rm -f core conftest.err conftest.$ac_objext \
+    conftest$ac_exeext conftest.$ac_ext
+  LDFLAGS=$ax_check_save_flags
+fi
+eval ac_res=\$$as_CACHEVAR
+	       { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
+$as_echo "$ac_res" >&6; }
+if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then :
+
+          AX_HARDEN_LIB="-pie $AX_HARDEN_LIB"
+
+else
+  :
+fi
+
+
+      LIB="$LIB $AX_HARDEN_LIB"
+
+
+
+
+
+      ac_ext=c
+ac_cpp='$CPP $CPPFLAGS'
+ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
+ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
+ac_compiler_gnu=$ac_cv_c_compiler_gnu
+
+
+      CFLAGS=
+      ac_cv_warnings_as_errors=no
+      ax_append_compile_cflags_extra=
+      if test "$ac_cv_vcs_checkout" = "yes"; then :
+
+
+
+for flag in -Werror; do
+  as_CACHEVAR=`$as_echo "ax_cv_check_cflags__$flag" | $as_tr_sh`
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5
+$as_echo_n "checking whether C compiler accepts $flag... " >&6; }
+if eval \${$as_CACHEVAR+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+
+  ax_check_save_flags=$CFLAGS
+  CFLAGS="$CFLAGS  $flag"
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  eval "$as_CACHEVAR=yes"
+else
+  eval "$as_CACHEVAR=no"
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+  CFLAGS=$ax_check_save_flags
+fi
+eval ac_res=\$$as_CACHEVAR
+	       { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
+$as_echo "$ac_res" >&6; }
+if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then :
+  if ${CFLAGS+:} false; then :
+  case " $CFLAGS " in
+    *" $flag "*)
+      { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains \$flag"; } >&5
+  (: CFLAGS already contains $flag) 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+      ;;
+    *)
+      { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \$flag\""; } >&5
+  (: CFLAGS="$CFLAGS $flag") 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+      CFLAGS="$CFLAGS $flag"
+      ;;
+   esac
+else
+  CFLAGS="$flag"
+fi
+
+else
+  :
+fi
+
+done
+
+        ac_cv_warnings_as_errors=yes
+
+else
+
+
+
+for flag in -Werror; do
+  as_CACHEVAR=`$as_echo "ax_cv_check_cflags__$flag" | $as_tr_sh`
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5
+$as_echo_n "checking whether C compiler accepts $flag... " >&6; }
+if eval \${$as_CACHEVAR+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+
+  ax_check_save_flags=$CFLAGS
+  CFLAGS="$CFLAGS  $flag"
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  eval "$as_CACHEVAR=yes"
+else
+  eval "$as_CACHEVAR=no"
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+  CFLAGS=$ax_check_save_flags
+fi
+eval ac_res=\$$as_CACHEVAR
+	       { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
+$as_echo "$ac_res" >&6; }
+if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then :
+  if ${ax_append_compile_cflags_extra+:} false; then :
+  case " $ax_append_compile_cflags_extra " in
+    *" $flag "*)
+      { { $as_echo "$as_me:${as_lineno-$LINENO}: : ax_append_compile_cflags_extra already contains \$flag"; } >&5
+  (: ax_append_compile_cflags_extra already contains $flag) 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+      ;;
+    *)
+      { { $as_echo "$as_me:${as_lineno-$LINENO}: : ax_append_compile_cflags_extra=\"\$ax_append_compile_cflags_extra \$flag\""; } >&5
+  (: ax_append_compile_cflags_extra="$ax_append_compile_cflags_extra $flag") 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+      ax_append_compile_cflags_extra="$ax_append_compile_cflags_extra $flag"
+      ;;
+   esac
+else
+  ax_append_compile_cflags_extra="$flag"
+fi
+
+else
+  :
+fi
+
+done
+
+
+fi
+
+      if test "$ax_enable_debug" = "yes"; then :
+
+
+
+for flag in -g; do
+  as_CACHEVAR=`$as_echo "ax_cv_check_cflags__$flag" | $as_tr_sh`
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5
+$as_echo_n "checking whether C compiler accepts $flag... " >&6; }
+if eval \${$as_CACHEVAR+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+
+  ax_check_save_flags=$CFLAGS
+  CFLAGS="$CFLAGS  $flag"
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  eval "$as_CACHEVAR=yes"
+else
+  eval "$as_CACHEVAR=no"
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+  CFLAGS=$ax_check_save_flags
+fi
+eval ac_res=\$$as_CACHEVAR
+	       { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
+$as_echo "$ac_res" >&6; }
+if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then :
+  if ${CFLAGS+:} false; then :
+  case " $CFLAGS " in
+    *" $flag "*)
+      { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains \$flag"; } >&5
+  (: CFLAGS already contains $flag) 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+      ;;
+    *)
+      { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \$flag\""; } >&5
+  (: CFLAGS="$CFLAGS $flag") 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+      CFLAGS="$CFLAGS $flag"
+      ;;
+   esac
+else
+  CFLAGS="$flag"
+fi
+
+else
+  :
+fi
+
+done
+
+
+
+for flag in -ggdb; do
+  as_CACHEVAR=`$as_echo "ax_cv_check_cflags_$ax_append_compile_cflags_extra_$flag" | $as_tr_sh`
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5
+$as_echo_n "checking whether C compiler accepts $flag... " >&6; }
+if eval \${$as_CACHEVAR+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+
+  ax_check_save_flags=$CFLAGS
+  CFLAGS="$CFLAGS $ax_append_compile_cflags_extra $flag"
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  eval "$as_CACHEVAR=yes"
+else
+  eval "$as_CACHEVAR=no"
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+  CFLAGS=$ax_check_save_flags
+fi
+eval ac_res=\$$as_CACHEVAR
+	       { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
+$as_echo "$ac_res" >&6; }
+if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then :
+  if ${CFLAGS+:} false; then :
+  case " $CFLAGS " in
+    *" $flag "*)
+      { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains \$flag"; } >&5
+  (: CFLAGS already contains $flag) 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+      ;;
+    *)
+      { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \$flag\""; } >&5
+  (: CFLAGS="$CFLAGS $flag") 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+      CFLAGS="$CFLAGS $flag"
+      ;;
+   esac
+else
+  CFLAGS="$flag"
+fi
+
+else
+  :
+fi
+
+done
+
+
+
+for flag in -O0; do
+  as_CACHEVAR=`$as_echo "ax_cv_check_cflags_$ax_append_compile_cflags_extra_$flag" | $as_tr_sh`
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5
+$as_echo_n "checking whether C compiler accepts $flag... " >&6; }
+if eval \${$as_CACHEVAR+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+
+  ax_check_save_flags=$CFLAGS
+  CFLAGS="$CFLAGS $ax_append_compile_cflags_extra $flag"
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  eval "$as_CACHEVAR=yes"
+else
+  eval "$as_CACHEVAR=no"
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+  CFLAGS=$ax_check_save_flags
+fi
+eval ac_res=\$$as_CACHEVAR
+	       { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
+$as_echo "$ac_res" >&6; }
+if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then :
+  if ${CFLAGS+:} false; then :
+  case " $CFLAGS " in
+    *" $flag "*)
+      { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains \$flag"; } >&5
+  (: CFLAGS already contains $flag) 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+      ;;
+    *)
+      { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \$flag\""; } >&5
+  (: CFLAGS="$CFLAGS $flag") 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+      CFLAGS="$CFLAGS $flag"
+      ;;
+   esac
+else
+  CFLAGS="$flag"
+fi
+
+else
+  :
+fi
+
+done
+
+
+fi
+
+
+
+for flag in -Wno-pragmas; do
+  as_CACHEVAR=`$as_echo "ax_cv_check_cflags_$ax_append_compile_cflags_extra_$flag" | $as_tr_sh`
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5
+$as_echo_n "checking whether C compiler accepts $flag... " >&6; }
+if eval \${$as_CACHEVAR+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+
+  ax_check_save_flags=$CFLAGS
+  CFLAGS="$CFLAGS $ax_append_compile_cflags_extra $flag"
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  eval "$as_CACHEVAR=yes"
+else
+  eval "$as_CACHEVAR=no"
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+  CFLAGS=$ax_check_save_flags
+fi
+eval ac_res=\$$as_CACHEVAR
+	       { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
+$as_echo "$ac_res" >&6; }
+if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then :
+  if ${CFLAGS+:} false; then :
+  case " $CFLAGS " in
+    *" $flag "*)
+      { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains \$flag"; } >&5
+  (: CFLAGS already contains $flag) 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+      ;;
+    *)
+      { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \$flag\""; } >&5
+  (: CFLAGS="$CFLAGS $flag") 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+      CFLAGS="$CFLAGS $flag"
+      ;;
+   esac
+else
+  CFLAGS="$flag"
+fi
+
+else
+  :
+fi
+
+done
+
+
+
+
+for flag in -Wall; do
+  as_CACHEVAR=`$as_echo "ax_cv_check_cflags_$ax_append_compile_cflags_extra_$flag" | $as_tr_sh`
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5
+$as_echo_n "checking whether C compiler accepts $flag... " >&6; }
+if eval \${$as_CACHEVAR+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+
+  ax_check_save_flags=$CFLAGS
+  CFLAGS="$CFLAGS $ax_append_compile_cflags_extra $flag"
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  eval "$as_CACHEVAR=yes"
+else
+  eval "$as_CACHEVAR=no"
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+  CFLAGS=$ax_check_save_flags
+fi
+eval ac_res=\$$as_CACHEVAR
+	       { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
+$as_echo "$ac_res" >&6; }
+if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then :
+  if ${CFLAGS+:} false; then :
+  case " $CFLAGS " in
+    *" $flag "*)
+      { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains \$flag"; } >&5
+  (: CFLAGS already contains $flag) 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+      ;;
+    *)
+      { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \$flag\""; } >&5
+  (: CFLAGS="$CFLAGS $flag") 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+      CFLAGS="$CFLAGS $flag"
+      ;;
+   esac
+else
+  CFLAGS="$flag"
+fi
+
+else
+  :
+fi
+
+done
+
+
+
+for flag in -Wno-strict-aliasing; do
+  as_CACHEVAR=`$as_echo "ax_cv_check_cflags_$ax_append_compile_cflags_extra_$flag" | $as_tr_sh`
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5
+$as_echo_n "checking whether C compiler accepts $flag... " >&6; }
+if eval \${$as_CACHEVAR+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+
+  ax_check_save_flags=$CFLAGS
+  CFLAGS="$CFLAGS $ax_append_compile_cflags_extra $flag"
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  eval "$as_CACHEVAR=yes"
+else
+  eval "$as_CACHEVAR=no"
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+  CFLAGS=$ax_check_save_flags
+fi
+eval ac_res=\$$as_CACHEVAR
+	       { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
+$as_echo "$ac_res" >&6; }
+if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then :
+  if ${CFLAGS+:} false; then :
+  case " $CFLAGS " in
+    *" $flag "*)
+      { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains \$flag"; } >&5
+  (: CFLAGS already contains $flag) 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+      ;;
+    *)
+      { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \$flag\""; } >&5
+  (: CFLAGS="$CFLAGS $flag") 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+      CFLAGS="$CFLAGS $flag"
+      ;;
+   esac
+else
+  CFLAGS="$flag"
+fi
+
+else
+  :
+fi
+
+done
+
+
+
+for flag in -Wextra; do
+  as_CACHEVAR=`$as_echo "ax_cv_check_cflags_$ax_append_compile_cflags_extra_$flag" | $as_tr_sh`
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5
+$as_echo_n "checking whether C compiler accepts $flag... " >&6; }
+if eval \${$as_CACHEVAR+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+
+  ax_check_save_flags=$CFLAGS
+  CFLAGS="$CFLAGS $ax_append_compile_cflags_extra $flag"
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  eval "$as_CACHEVAR=yes"
+else
+  eval "$as_CACHEVAR=no"
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+  CFLAGS=$ax_check_save_flags
+fi
+eval ac_res=\$$as_CACHEVAR
+	       { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
+$as_echo "$ac_res" >&6; }
+if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then :
+  if ${CFLAGS+:} false; then :
+  case " $CFLAGS " in
+    *" $flag "*)
+      { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains \$flag"; } >&5
+  (: CFLAGS already contains $flag) 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+      ;;
+    *)
+      { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \$flag\""; } >&5
+  (: CFLAGS="$CFLAGS $flag") 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+      CFLAGS="$CFLAGS $flag"
+      ;;
+   esac
+else
+  CFLAGS="$flag"
+fi
+
+else
+  :
+fi
+
+done
+
+
+
+for flag in -Wunknown-pragmas; do
+  as_CACHEVAR=`$as_echo "ax_cv_check_cflags_$ax_append_compile_cflags_extra_$flag" | $as_tr_sh`
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5
+$as_echo_n "checking whether C compiler accepts $flag... " >&6; }
+if eval \${$as_CACHEVAR+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+
+  ax_check_save_flags=$CFLAGS
+  CFLAGS="$CFLAGS $ax_append_compile_cflags_extra $flag"
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  eval "$as_CACHEVAR=yes"
+else
+  eval "$as_CACHEVAR=no"
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+  CFLAGS=$ax_check_save_flags
+fi
+eval ac_res=\$$as_CACHEVAR
+	       { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
+$as_echo "$ac_res" >&6; }
+if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then :
+  if ${CFLAGS+:} false; then :
+  case " $CFLAGS " in
+    *" $flag "*)
+      { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains \$flag"; } >&5
+  (: CFLAGS already contains $flag) 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+      ;;
+    *)
+      { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \$flag\""; } >&5
+  (: CFLAGS="$CFLAGS $flag") 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+      CFLAGS="$CFLAGS $flag"
+      ;;
+   esac
+else
+  CFLAGS="$flag"
+fi
+
+else
+  :
+fi
+
+done
+
+
+
+for flag in -Wthis-test-should-fail; do
+  as_CACHEVAR=`$as_echo "ax_cv_check_cflags_$ax_append_compile_cflags_extra_$flag" | $as_tr_sh`
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5
+$as_echo_n "checking whether C compiler accepts $flag... " >&6; }
+if eval \${$as_CACHEVAR+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+
+  ax_check_save_flags=$CFLAGS
+  CFLAGS="$CFLAGS $ax_append_compile_cflags_extra $flag"
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  eval "$as_CACHEVAR=yes"
+else
+  eval "$as_CACHEVAR=no"
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+  CFLAGS=$ax_check_save_flags
+fi
+eval ac_res=\$$as_CACHEVAR
+	       { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
+$as_echo "$ac_res" >&6; }
+if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then :
+  if ${CFLAGS+:} false; then :
+  case " $CFLAGS " in
+    *" $flag "*)
+      { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains \$flag"; } >&5
+  (: CFLAGS already contains $flag) 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+      ;;
+    *)
+      { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \$flag\""; } >&5
+  (: CFLAGS="$CFLAGS $flag") 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+      CFLAGS="$CFLAGS $flag"
+      ;;
+   esac
+else
+  CFLAGS="$flag"
+fi
+
+else
+  :
+fi
+
+done
+
+            if test "$CC" = "clang"; then :
+
+else
+
+
+
+for flag in --param=ssp-buffer-size=1; do
+  as_CACHEVAR=`$as_echo "ax_cv_check_cflags_$ax_append_compile_cflags_extra_$flag" | $as_tr_sh`
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5
+$as_echo_n "checking whether C compiler accepts $flag... " >&6; }
+if eval \${$as_CACHEVAR+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+
+  ax_check_save_flags=$CFLAGS
+  CFLAGS="$CFLAGS $ax_append_compile_cflags_extra $flag"
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  eval "$as_CACHEVAR=yes"
+else
+  eval "$as_CACHEVAR=no"
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+  CFLAGS=$ax_check_save_flags
+fi
+eval ac_res=\$$as_CACHEVAR
+	       { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
+$as_echo "$ac_res" >&6; }
+if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then :
+  if ${CFLAGS+:} false; then :
+  case " $CFLAGS " in
+    *" $flag "*)
+      { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains \$flag"; } >&5
+  (: CFLAGS already contains $flag) 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+      ;;
+    *)
+      { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \$flag\""; } >&5
+  (: CFLAGS="$CFLAGS $flag") 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+      CFLAGS="$CFLAGS $flag"
+      ;;
+   esac
+else
+  CFLAGS="$flag"
+fi
+
+else
+  :
+fi
+
+done
+
+
+fi
+
+
+for flag in -Waddress; do
+  as_CACHEVAR=`$as_echo "ax_cv_check_cflags_$ax_append_compile_cflags_extra_$flag" | $as_tr_sh`
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5
+$as_echo_n "checking whether C compiler accepts $flag... " >&6; }
+if eval \${$as_CACHEVAR+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+
+  ax_check_save_flags=$CFLAGS
+  CFLAGS="$CFLAGS $ax_append_compile_cflags_extra $flag"
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  eval "$as_CACHEVAR=yes"
+else
+  eval "$as_CACHEVAR=no"
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+  CFLAGS=$ax_check_save_flags
+fi
+eval ac_res=\$$as_CACHEVAR
+	       { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
+$as_echo "$ac_res" >&6; }
+if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then :
+  if ${CFLAGS+:} false; then :
+  case " $CFLAGS " in
+    *" $flag "*)
+      { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains \$flag"; } >&5
+  (: CFLAGS already contains $flag) 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+      ;;
+    *)
+      { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \$flag\""; } >&5
+  (: CFLAGS="$CFLAGS $flag") 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+      CFLAGS="$CFLAGS $flag"
+      ;;
+   esac
+else
+  CFLAGS="$flag"
+fi
+
+else
+  :
+fi
+
+done
+
+
+
+for flag in -Warray-bounds; do
+  as_CACHEVAR=`$as_echo "ax_cv_check_cflags_$ax_append_compile_cflags_extra_$flag" | $as_tr_sh`
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5
+$as_echo_n "checking whether C compiler accepts $flag... " >&6; }
+if eval \${$as_CACHEVAR+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+
+  ax_check_save_flags=$CFLAGS
+  CFLAGS="$CFLAGS $ax_append_compile_cflags_extra $flag"
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  eval "$as_CACHEVAR=yes"
+else
+  eval "$as_CACHEVAR=no"
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+  CFLAGS=$ax_check_save_flags
+fi
+eval ac_res=\$$as_CACHEVAR
+	       { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
+$as_echo "$ac_res" >&6; }
+if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then :
+  if ${CFLAGS+:} false; then :
+  case " $CFLAGS " in
+    *" $flag "*)
+      { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains \$flag"; } >&5
+  (: CFLAGS already contains $flag) 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+      ;;
+    *)
+      { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \$flag\""; } >&5
+  (: CFLAGS="$CFLAGS $flag") 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+      CFLAGS="$CFLAGS $flag"
+      ;;
+   esac
+else
+  CFLAGS="$flag"
+fi
+
+else
+  :
+fi
+
+done
+
+
+
+for flag in -Wbad-function-cast; do
+  as_CACHEVAR=`$as_echo "ax_cv_check_cflags_$ax_append_compile_cflags_extra_$flag" | $as_tr_sh`
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5
+$as_echo_n "checking whether C compiler accepts $flag... " >&6; }
+if eval \${$as_CACHEVAR+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+
+  ax_check_save_flags=$CFLAGS
+  CFLAGS="$CFLAGS $ax_append_compile_cflags_extra $flag"
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  eval "$as_CACHEVAR=yes"
+else
+  eval "$as_CACHEVAR=no"
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+  CFLAGS=$ax_check_save_flags
+fi
+eval ac_res=\$$as_CACHEVAR
+	       { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
+$as_echo "$ac_res" >&6; }
+if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then :
+  if ${CFLAGS+:} false; then :
+  case " $CFLAGS " in
+    *" $flag "*)
+      { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains \$flag"; } >&5
+  (: CFLAGS already contains $flag) 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+      ;;
+    *)
+      { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \$flag\""; } >&5
+  (: CFLAGS="$CFLAGS $flag") 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+      CFLAGS="$CFLAGS $flag"
+      ;;
+   esac
+else
+  CFLAGS="$flag"
+fi
+
+else
+  :
+fi
+
+done
+
+
+
+for flag in -Wchar-subscripts; do
+  as_CACHEVAR=`$as_echo "ax_cv_check_cflags_$ax_append_compile_cflags_extra_$flag" | $as_tr_sh`
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5
+$as_echo_n "checking whether C compiler accepts $flag... " >&6; }
+if eval \${$as_CACHEVAR+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+
+  ax_check_save_flags=$CFLAGS
+  CFLAGS="$CFLAGS $ax_append_compile_cflags_extra $flag"
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  eval "$as_CACHEVAR=yes"
+else
+  eval "$as_CACHEVAR=no"
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+  CFLAGS=$ax_check_save_flags
+fi
+eval ac_res=\$$as_CACHEVAR
+	       { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
+$as_echo "$ac_res" >&6; }
+if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then :
+  if ${CFLAGS+:} false; then :
+  case " $CFLAGS " in
+    *" $flag "*)
+      { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains \$flag"; } >&5
+  (: CFLAGS already contains $flag) 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+      ;;
+    *)
+      { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \$flag\""; } >&5
+  (: CFLAGS="$CFLAGS $flag") 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+      CFLAGS="$CFLAGS $flag"
+      ;;
+   esac
+else
+  CFLAGS="$flag"
+fi
+
+else
+  :
+fi
+
+done
+
+
+
+for flag in -Wcomment; do
+  as_CACHEVAR=`$as_echo "ax_cv_check_cflags_$ax_append_compile_cflags_extra_$flag" | $as_tr_sh`
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5
+$as_echo_n "checking whether C compiler accepts $flag... " >&6; }
+if eval \${$as_CACHEVAR+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+
+  ax_check_save_flags=$CFLAGS
+  CFLAGS="$CFLAGS $ax_append_compile_cflags_extra $flag"
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  eval "$as_CACHEVAR=yes"
+else
+  eval "$as_CACHEVAR=no"
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+  CFLAGS=$ax_check_save_flags
+fi
+eval ac_res=\$$as_CACHEVAR
+	       { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
+$as_echo "$ac_res" >&6; }
+if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then :
+  if ${CFLAGS+:} false; then :
+  case " $CFLAGS " in
+    *" $flag "*)
+      { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains \$flag"; } >&5
+  (: CFLAGS already contains $flag) 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+      ;;
+    *)
+      { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \$flag\""; } >&5
+  (: CFLAGS="$CFLAGS $flag") 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+      CFLAGS="$CFLAGS $flag"
+      ;;
+   esac
+else
+  CFLAGS="$flag"
+fi
+
+else
+  :
+fi
+
+done
+
+
+
+for flag in -Wfloat-equal; do
+  as_CACHEVAR=`$as_echo "ax_cv_check_cflags_$ax_append_compile_cflags_extra_$flag" | $as_tr_sh`
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5
+$as_echo_n "checking whether C compiler accepts $flag... " >&6; }
+if eval \${$as_CACHEVAR+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+
+  ax_check_save_flags=$CFLAGS
+  CFLAGS="$CFLAGS $ax_append_compile_cflags_extra $flag"
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  eval "$as_CACHEVAR=yes"
+else
+  eval "$as_CACHEVAR=no"
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+  CFLAGS=$ax_check_save_flags
+fi
+eval ac_res=\$$as_CACHEVAR
+	       { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
+$as_echo "$ac_res" >&6; }
+if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then :
+  if ${CFLAGS+:} false; then :
+  case " $CFLAGS " in
+    *" $flag "*)
+      { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains \$flag"; } >&5
+  (: CFLAGS already contains $flag) 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+      ;;
+    *)
+      { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \$flag\""; } >&5
+  (: CFLAGS="$CFLAGS $flag") 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+      CFLAGS="$CFLAGS $flag"
+      ;;
+   esac
+else
+  CFLAGS="$flag"
+fi
+
+else
+  :
+fi
+
+done
+
+
+
+for flag in -Wformat-security; do
+  as_CACHEVAR=`$as_echo "ax_cv_check_cflags_$ax_append_compile_cflags_extra_$flag" | $as_tr_sh`
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5
+$as_echo_n "checking whether C compiler accepts $flag... " >&6; }
+if eval \${$as_CACHEVAR+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+
+  ax_check_save_flags=$CFLAGS
+  CFLAGS="$CFLAGS $ax_append_compile_cflags_extra $flag"
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  eval "$as_CACHEVAR=yes"
+else
+  eval "$as_CACHEVAR=no"
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+  CFLAGS=$ax_check_save_flags
+fi
+eval ac_res=\$$as_CACHEVAR
+	       { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
+$as_echo "$ac_res" >&6; }
+if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then :
+  if ${CFLAGS+:} false; then :
+  case " $CFLAGS " in
+    *" $flag "*)
+      { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains \$flag"; } >&5
+  (: CFLAGS already contains $flag) 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+      ;;
+    *)
+      { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \$flag\""; } >&5
+  (: CFLAGS="$CFLAGS $flag") 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+      CFLAGS="$CFLAGS $flag"
+      ;;
+   esac
+else
+  CFLAGS="$flag"
+fi
+
+else
+  :
+fi
+
+done
+
+
+
+for flag in -Wformat=2; do
+  as_CACHEVAR=`$as_echo "ax_cv_check_cflags_$ax_append_compile_cflags_extra_$flag" | $as_tr_sh`
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5
+$as_echo_n "checking whether C compiler accepts $flag... " >&6; }
+if eval \${$as_CACHEVAR+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+
+  ax_check_save_flags=$CFLAGS
+  CFLAGS="$CFLAGS $ax_append_compile_cflags_extra $flag"
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  eval "$as_CACHEVAR=yes"
+else
+  eval "$as_CACHEVAR=no"
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+  CFLAGS=$ax_check_save_flags
+fi
+eval ac_res=\$$as_CACHEVAR
+	       { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
+$as_echo "$ac_res" >&6; }
+if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then :
+  if ${CFLAGS+:} false; then :
+  case " $CFLAGS " in
+    *" $flag "*)
+      { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains \$flag"; } >&5
+  (: CFLAGS already contains $flag) 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+      ;;
+    *)
+      { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \$flag\""; } >&5
+  (: CFLAGS="$CFLAGS $flag") 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+      CFLAGS="$CFLAGS $flag"
+      ;;
+   esac
+else
+  CFLAGS="$flag"
+fi
+
+else
+  :
+fi
+
+done
+
+
+
+for flag in -Wmaybe-uninitialized; do
+  as_CACHEVAR=`$as_echo "ax_cv_check_cflags_$ax_append_compile_cflags_extra_$flag" | $as_tr_sh`
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5
+$as_echo_n "checking whether C compiler accepts $flag... " >&6; }
+if eval \${$as_CACHEVAR+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+
+  ax_check_save_flags=$CFLAGS
+  CFLAGS="$CFLAGS $ax_append_compile_cflags_extra $flag"
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  eval "$as_CACHEVAR=yes"
+else
+  eval "$as_CACHEVAR=no"
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+  CFLAGS=$ax_check_save_flags
+fi
+eval ac_res=\$$as_CACHEVAR
+	       { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
+$as_echo "$ac_res" >&6; }
+if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then :
+  if ${CFLAGS+:} false; then :
+  case " $CFLAGS " in
+    *" $flag "*)
+      { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains \$flag"; } >&5
+  (: CFLAGS already contains $flag) 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+      ;;
+    *)
+      { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \$flag\""; } >&5
+  (: CFLAGS="$CFLAGS $flag") 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+      CFLAGS="$CFLAGS $flag"
+      ;;
+   esac
+else
+  CFLAGS="$flag"
+fi
+
+else
+  :
+fi
+
+done
+
+
+
+for flag in -Wmissing-field-initializers; do
+  as_CACHEVAR=`$as_echo "ax_cv_check_cflags_$ax_append_compile_cflags_extra_$flag" | $as_tr_sh`
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5
+$as_echo_n "checking whether C compiler accepts $flag... " >&6; }
+if eval \${$as_CACHEVAR+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+
+  ax_check_save_flags=$CFLAGS
+  CFLAGS="$CFLAGS $ax_append_compile_cflags_extra $flag"
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  eval "$as_CACHEVAR=yes"
+else
+  eval "$as_CACHEVAR=no"
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+  CFLAGS=$ax_check_save_flags
+fi
+eval ac_res=\$$as_CACHEVAR
+	       { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
+$as_echo "$ac_res" >&6; }
+if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then :
+  if ${CFLAGS+:} false; then :
+  case " $CFLAGS " in
+    *" $flag "*)
+      { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains \$flag"; } >&5
+  (: CFLAGS already contains $flag) 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+      ;;
+    *)
+      { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \$flag\""; } >&5
+  (: CFLAGS="$CFLAGS $flag") 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+      CFLAGS="$CFLAGS $flag"
+      ;;
+   esac
+else
+  CFLAGS="$flag"
+fi
+
+else
+  :
+fi
+
+done
+
+
+
+for flag in -Wmissing-noreturn; do
+  as_CACHEVAR=`$as_echo "ax_cv_check_cflags_$ax_append_compile_cflags_extra_$flag" | $as_tr_sh`
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5
+$as_echo_n "checking whether C compiler accepts $flag... " >&6; }
+if eval \${$as_CACHEVAR+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+
+  ax_check_save_flags=$CFLAGS
+  CFLAGS="$CFLAGS $ax_append_compile_cflags_extra $flag"
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  eval "$as_CACHEVAR=yes"
+else
+  eval "$as_CACHEVAR=no"
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+  CFLAGS=$ax_check_save_flags
+fi
+eval ac_res=\$$as_CACHEVAR
+	       { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
+$as_echo "$ac_res" >&6; }
+if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then :
+  if ${CFLAGS+:} false; then :
+  case " $CFLAGS " in
+    *" $flag "*)
+      { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains \$flag"; } >&5
+  (: CFLAGS already contains $flag) 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+      ;;
+    *)
+      { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \$flag\""; } >&5
+  (: CFLAGS="$CFLAGS $flag") 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+      CFLAGS="$CFLAGS $flag"
+      ;;
+   esac
+else
+  CFLAGS="$flag"
+fi
+
+else
+  :
+fi
+
+done
+
+
+
+for flag in -Wmissing-prototypes; do
+  as_CACHEVAR=`$as_echo "ax_cv_check_cflags_$ax_append_compile_cflags_extra_$flag" | $as_tr_sh`
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5
+$as_echo_n "checking whether C compiler accepts $flag... " >&6; }
+if eval \${$as_CACHEVAR+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+
+  ax_check_save_flags=$CFLAGS
+  CFLAGS="$CFLAGS $ax_append_compile_cflags_extra $flag"
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  eval "$as_CACHEVAR=yes"
+else
+  eval "$as_CACHEVAR=no"
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+  CFLAGS=$ax_check_save_flags
+fi
+eval ac_res=\$$as_CACHEVAR
+	       { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
+$as_echo "$ac_res" >&6; }
+if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then :
+  if ${CFLAGS+:} false; then :
+  case " $CFLAGS " in
+    *" $flag "*)
+      { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains \$flag"; } >&5
+  (: CFLAGS already contains $flag) 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+      ;;
+    *)
+      { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \$flag\""; } >&5
+  (: CFLAGS="$CFLAGS $flag") 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+      CFLAGS="$CFLAGS $flag"
+      ;;
+   esac
+else
+  CFLAGS="$flag"
+fi
+
+else
+  :
+fi
+
+done
+
+
+
+for flag in -Wnested-externs; do
+  as_CACHEVAR=`$as_echo "ax_cv_check_cflags_$ax_append_compile_cflags_extra_$flag" | $as_tr_sh`
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5
+$as_echo_n "checking whether C compiler accepts $flag... " >&6; }
+if eval \${$as_CACHEVAR+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+
+  ax_check_save_flags=$CFLAGS
+  CFLAGS="$CFLAGS $ax_append_compile_cflags_extra $flag"
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  eval "$as_CACHEVAR=yes"
+else
+  eval "$as_CACHEVAR=no"
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+  CFLAGS=$ax_check_save_flags
+fi
+eval ac_res=\$$as_CACHEVAR
+	       { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
+$as_echo "$ac_res" >&6; }
+if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then :
+  if ${CFLAGS+:} false; then :
+  case " $CFLAGS " in
+    *" $flag "*)
+      { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains \$flag"; } >&5
+  (: CFLAGS already contains $flag) 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+      ;;
+    *)
+      { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \$flag\""; } >&5
+  (: CFLAGS="$CFLAGS $flag") 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+      CFLAGS="$CFLAGS $flag"
+      ;;
+   esac
+else
+  CFLAGS="$flag"
+fi
+
+else
+  :
+fi
+
+done
+
+
+
+for flag in -Wnormalized=id; do
+  as_CACHEVAR=`$as_echo "ax_cv_check_cflags_$ax_append_compile_cflags_extra_$flag" | $as_tr_sh`
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5
+$as_echo_n "checking whether C compiler accepts $flag... " >&6; }
+if eval \${$as_CACHEVAR+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+
+  ax_check_save_flags=$CFLAGS
+  CFLAGS="$CFLAGS $ax_append_compile_cflags_extra $flag"
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  eval "$as_CACHEVAR=yes"
+else
+  eval "$as_CACHEVAR=no"
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+  CFLAGS=$ax_check_save_flags
+fi
+eval ac_res=\$$as_CACHEVAR
+	       { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
+$as_echo "$ac_res" >&6; }
+if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then :
+  if ${CFLAGS+:} false; then :
+  case " $CFLAGS " in
+    *" $flag "*)
+      { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains \$flag"; } >&5
+  (: CFLAGS already contains $flag) 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+      ;;
+    *)
+      { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \$flag\""; } >&5
+  (: CFLAGS="$CFLAGS $flag") 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+      CFLAGS="$CFLAGS $flag"
+      ;;
+   esac
+else
+  CFLAGS="$flag"
+fi
+
+else
+  :
+fi
+
+done
+
+
+
+for flag in -Woverride-init; do
+  as_CACHEVAR=`$as_echo "ax_cv_check_cflags_$ax_append_compile_cflags_extra_$flag" | $as_tr_sh`
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5
+$as_echo_n "checking whether C compiler accepts $flag... " >&6; }
+if eval \${$as_CACHEVAR+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+
+  ax_check_save_flags=$CFLAGS
+  CFLAGS="$CFLAGS $ax_append_compile_cflags_extra $flag"
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  eval "$as_CACHEVAR=yes"
+else
+  eval "$as_CACHEVAR=no"
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+  CFLAGS=$ax_check_save_flags
+fi
+eval ac_res=\$$as_CACHEVAR
+	       { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
+$as_echo "$ac_res" >&6; }
+if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then :
+  if ${CFLAGS+:} false; then :
+  case " $CFLAGS " in
+    *" $flag "*)
+      { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains \$flag"; } >&5
+  (: CFLAGS already contains $flag) 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+      ;;
+    *)
+      { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \$flag\""; } >&5
+  (: CFLAGS="$CFLAGS $flag") 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+      CFLAGS="$CFLAGS $flag"
+      ;;
+   esac
+else
+  CFLAGS="$flag"
+fi
+
+else
+  :
+fi
+
+done
+
+
+
+for flag in -Wpointer-arith; do
+  as_CACHEVAR=`$as_echo "ax_cv_check_cflags_$ax_append_compile_cflags_extra_$flag" | $as_tr_sh`
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5
+$as_echo_n "checking whether C compiler accepts $flag... " >&6; }
+if eval \${$as_CACHEVAR+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+
+  ax_check_save_flags=$CFLAGS
+  CFLAGS="$CFLAGS $ax_append_compile_cflags_extra $flag"
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  eval "$as_CACHEVAR=yes"
+else
+  eval "$as_CACHEVAR=no"
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+  CFLAGS=$ax_check_save_flags
+fi
+eval ac_res=\$$as_CACHEVAR
+	       { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
+$as_echo "$ac_res" >&6; }
+if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then :
+  if ${CFLAGS+:} false; then :
+  case " $CFLAGS " in
+    *" $flag "*)
+      { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains \$flag"; } >&5
+  (: CFLAGS already contains $flag) 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+      ;;
+    *)
+      { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \$flag\""; } >&5
+  (: CFLAGS="$CFLAGS $flag") 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+      CFLAGS="$CFLAGS $flag"
+      ;;
+   esac
+else
+  CFLAGS="$flag"
+fi
+
+else
+  :
+fi
+
+done
+
+
+
+for flag in -Wpointer-sign; do
+  as_CACHEVAR=`$as_echo "ax_cv_check_cflags_$ax_append_compile_cflags_extra_$flag" | $as_tr_sh`
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5
+$as_echo_n "checking whether C compiler accepts $flag... " >&6; }
+if eval \${$as_CACHEVAR+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+
+  ax_check_save_flags=$CFLAGS
+  CFLAGS="$CFLAGS $ax_append_compile_cflags_extra $flag"
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  eval "$as_CACHEVAR=yes"
+else
+  eval "$as_CACHEVAR=no"
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+  CFLAGS=$ax_check_save_flags
+fi
+eval ac_res=\$$as_CACHEVAR
+	       { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
+$as_echo "$ac_res" >&6; }
+if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then :
+  if ${CFLAGS+:} false; then :
+  case " $CFLAGS " in
+    *" $flag "*)
+      { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains \$flag"; } >&5
+  (: CFLAGS already contains $flag) 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+      ;;
+    *)
+      { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \$flag\""; } >&5
+  (: CFLAGS="$CFLAGS $flag") 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+      CFLAGS="$CFLAGS $flag"
+      ;;
+   esac
+else
+  CFLAGS="$flag"
+fi
+
+else
+  :
+fi
+
+done
+
+
+
+for flag in -Wredundant-decls; do
+  as_CACHEVAR=`$as_echo "ax_cv_check_cflags_$ax_append_compile_cflags_extra_$flag" | $as_tr_sh`
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5
+$as_echo_n "checking whether C compiler accepts $flag... " >&6; }
+if eval \${$as_CACHEVAR+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+
+  ax_check_save_flags=$CFLAGS
+  CFLAGS="$CFLAGS $ax_append_compile_cflags_extra $flag"
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  eval "$as_CACHEVAR=yes"
+else
+  eval "$as_CACHEVAR=no"
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+  CFLAGS=$ax_check_save_flags
+fi
+eval ac_res=\$$as_CACHEVAR
+	       { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
+$as_echo "$ac_res" >&6; }
+if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then :
+  if ${CFLAGS+:} false; then :
+  case " $CFLAGS " in
+    *" $flag "*)
+      { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains \$flag"; } >&5
+  (: CFLAGS already contains $flag) 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+      ;;
+    *)
+      { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \$flag\""; } >&5
+  (: CFLAGS="$CFLAGS $flag") 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+      CFLAGS="$CFLAGS $flag"
+      ;;
+   esac
+else
+  CFLAGS="$flag"
+fi
+
+else
+  :
+fi
+
+done
+
+
+
+for flag in -Wshadow; do
+  as_CACHEVAR=`$as_echo "ax_cv_check_cflags_$ax_append_compile_cflags_extra_$flag" | $as_tr_sh`
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5
+$as_echo_n "checking whether C compiler accepts $flag... " >&6; }
+if eval \${$as_CACHEVAR+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+
+  ax_check_save_flags=$CFLAGS
+  CFLAGS="$CFLAGS $ax_append_compile_cflags_extra $flag"
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  eval "$as_CACHEVAR=yes"
+else
+  eval "$as_CACHEVAR=no"
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+  CFLAGS=$ax_check_save_flags
+fi
+eval ac_res=\$$as_CACHEVAR
+	       { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
+$as_echo "$ac_res" >&6; }
+if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then :
+  if ${CFLAGS+:} false; then :
+  case " $CFLAGS " in
+    *" $flag "*)
+      { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains \$flag"; } >&5
+  (: CFLAGS already contains $flag) 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+      ;;
+    *)
+      { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \$flag\""; } >&5
+  (: CFLAGS="$CFLAGS $flag") 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+      CFLAGS="$CFLAGS $flag"
+      ;;
+   esac
+else
+  CFLAGS="$flag"
+fi
+
+else
+  :
+fi
+
+done
+
+
+
+for flag in -Wshorten-64-to-32; do
+  as_CACHEVAR=`$as_echo "ax_cv_check_cflags_$ax_append_compile_cflags_extra_$flag" | $as_tr_sh`
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5
+$as_echo_n "checking whether C compiler accepts $flag... " >&6; }
+if eval \${$as_CACHEVAR+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+
+  ax_check_save_flags=$CFLAGS
+  CFLAGS="$CFLAGS $ax_append_compile_cflags_extra $flag"
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  eval "$as_CACHEVAR=yes"
+else
+  eval "$as_CACHEVAR=no"
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+  CFLAGS=$ax_check_save_flags
+fi
+eval ac_res=\$$as_CACHEVAR
+	       { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
+$as_echo "$ac_res" >&6; }
+if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then :
+  if ${CFLAGS+:} false; then :
+  case " $CFLAGS " in
+    *" $flag "*)
+      { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains \$flag"; } >&5
+  (: CFLAGS already contains $flag) 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+      ;;
+    *)
+      { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \$flag\""; } >&5
+  (: CFLAGS="$CFLAGS $flag") 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+      CFLAGS="$CFLAGS $flag"
+      ;;
+   esac
+else
+  CFLAGS="$flag"
+fi
+
+else
+  :
+fi
+
+done
+
+
+
+for flag in -Wsign-compare; do
+  as_CACHEVAR=`$as_echo "ax_cv_check_cflags_$ax_append_compile_cflags_extra_$flag" | $as_tr_sh`
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5
+$as_echo_n "checking whether C compiler accepts $flag... " >&6; }
+if eval \${$as_CACHEVAR+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+
+  ax_check_save_flags=$CFLAGS
+  CFLAGS="$CFLAGS $ax_append_compile_cflags_extra $flag"
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  eval "$as_CACHEVAR=yes"
+else
+  eval "$as_CACHEVAR=no"
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+  CFLAGS=$ax_check_save_flags
+fi
+eval ac_res=\$$as_CACHEVAR
+	       { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
+$as_echo "$ac_res" >&6; }
+if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then :
+  if ${CFLAGS+:} false; then :
+  case " $CFLAGS " in
+    *" $flag "*)
+      { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains \$flag"; } >&5
+  (: CFLAGS already contains $flag) 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+      ;;
+    *)
+      { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \$flag\""; } >&5
+  (: CFLAGS="$CFLAGS $flag") 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+      CFLAGS="$CFLAGS $flag"
+      ;;
+   esac
+else
+  CFLAGS="$flag"
+fi
+
+else
+  :
+fi
+
+done
+
+
+
+for flag in -Wstrict-overflow=1; do
+  as_CACHEVAR=`$as_echo "ax_cv_check_cflags_$ax_append_compile_cflags_extra_$flag" | $as_tr_sh`
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5
+$as_echo_n "checking whether C compiler accepts $flag... " >&6; }
+if eval \${$as_CACHEVAR+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+
+  ax_check_save_flags=$CFLAGS
+  CFLAGS="$CFLAGS $ax_append_compile_cflags_extra $flag"
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  eval "$as_CACHEVAR=yes"
+else
+  eval "$as_CACHEVAR=no"
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+  CFLAGS=$ax_check_save_flags
+fi
+eval ac_res=\$$as_CACHEVAR
+	       { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
+$as_echo "$ac_res" >&6; }
+if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then :
+  if ${CFLAGS+:} false; then :
+  case " $CFLAGS " in
+    *" $flag "*)
+      { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains \$flag"; } >&5
+  (: CFLAGS already contains $flag) 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+      ;;
+    *)
+      { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \$flag\""; } >&5
+  (: CFLAGS="$CFLAGS $flag") 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+      CFLAGS="$CFLAGS $flag"
+      ;;
+   esac
+else
+  CFLAGS="$flag"
+fi
+
+else
+  :
+fi
+
+done
+
+
+
+for flag in -Wstrict-prototypes; do
+  as_CACHEVAR=`$as_echo "ax_cv_check_cflags_$ax_append_compile_cflags_extra_$flag" | $as_tr_sh`
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5
+$as_echo_n "checking whether C compiler accepts $flag... " >&6; }
+if eval \${$as_CACHEVAR+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+
+  ax_check_save_flags=$CFLAGS
+  CFLAGS="$CFLAGS $ax_append_compile_cflags_extra $flag"
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  eval "$as_CACHEVAR=yes"
+else
+  eval "$as_CACHEVAR=no"
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+  CFLAGS=$ax_check_save_flags
+fi
+eval ac_res=\$$as_CACHEVAR
+	       { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
+$as_echo "$ac_res" >&6; }
+if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then :
+  if ${CFLAGS+:} false; then :
+  case " $CFLAGS " in
+    *" $flag "*)
+      { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains \$flag"; } >&5
+  (: CFLAGS already contains $flag) 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+      ;;
+    *)
+      { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \$flag\""; } >&5
+  (: CFLAGS="$CFLAGS $flag") 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+      CFLAGS="$CFLAGS $flag"
+      ;;
+   esac
+else
+  CFLAGS="$flag"
+fi
+
+else
+  :
+fi
+
+done
+
+
+
+for flag in -Wswitch-enum; do
+  as_CACHEVAR=`$as_echo "ax_cv_check_cflags_$ax_append_compile_cflags_extra_$flag" | $as_tr_sh`
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5
+$as_echo_n "checking whether C compiler accepts $flag... " >&6; }
+if eval \${$as_CACHEVAR+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+
+  ax_check_save_flags=$CFLAGS
+  CFLAGS="$CFLAGS $ax_append_compile_cflags_extra $flag"
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  eval "$as_CACHEVAR=yes"
+else
+  eval "$as_CACHEVAR=no"
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+  CFLAGS=$ax_check_save_flags
+fi
+eval ac_res=\$$as_CACHEVAR
+	       { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
+$as_echo "$ac_res" >&6; }
+if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then :
+  if ${CFLAGS+:} false; then :
+  case " $CFLAGS " in
+    *" $flag "*)
+      { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains \$flag"; } >&5
+  (: CFLAGS already contains $flag) 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+      ;;
+    *)
+      { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \$flag\""; } >&5
+  (: CFLAGS="$CFLAGS $flag") 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+      CFLAGS="$CFLAGS $flag"
+      ;;
+   esac
+else
+  CFLAGS="$flag"
+fi
+
+else
+  :
+fi
+
+done
+
+
+
+for flag in -Wundef; do
+  as_CACHEVAR=`$as_echo "ax_cv_check_cflags_$ax_append_compile_cflags_extra_$flag" | $as_tr_sh`
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5
+$as_echo_n "checking whether C compiler accepts $flag... " >&6; }
+if eval \${$as_CACHEVAR+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+
+  ax_check_save_flags=$CFLAGS
+  CFLAGS="$CFLAGS $ax_append_compile_cflags_extra $flag"
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  eval "$as_CACHEVAR=yes"
+else
+  eval "$as_CACHEVAR=no"
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+  CFLAGS=$ax_check_save_flags
+fi
+eval ac_res=\$$as_CACHEVAR
+	       { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
+$as_echo "$ac_res" >&6; }
+if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then :
+  if ${CFLAGS+:} false; then :
+  case " $CFLAGS " in
+    *" $flag "*)
+      { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains \$flag"; } >&5
+  (: CFLAGS already contains $flag) 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+      ;;
+    *)
+      { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \$flag\""; } >&5
+  (: CFLAGS="$CFLAGS $flag") 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+      CFLAGS="$CFLAGS $flag"
+      ;;
+   esac
+else
+  CFLAGS="$flag"
+fi
+
+else
+  :
+fi
+
+done
+
+
+
+for flag in -Wunused; do
+  as_CACHEVAR=`$as_echo "ax_cv_check_cflags_$ax_append_compile_cflags_extra_$flag" | $as_tr_sh`
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5
+$as_echo_n "checking whether C compiler accepts $flag... " >&6; }
+if eval \${$as_CACHEVAR+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+
+  ax_check_save_flags=$CFLAGS
+  CFLAGS="$CFLAGS $ax_append_compile_cflags_extra $flag"
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  eval "$as_CACHEVAR=yes"
+else
+  eval "$as_CACHEVAR=no"
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+  CFLAGS=$ax_check_save_flags
+fi
+eval ac_res=\$$as_CACHEVAR
+	       { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
+$as_echo "$ac_res" >&6; }
+if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then :
+  if ${CFLAGS+:} false; then :
+  case " $CFLAGS " in
+    *" $flag "*)
+      { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains \$flag"; } >&5
+  (: CFLAGS already contains $flag) 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+      ;;
+    *)
+      { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \$flag\""; } >&5
+  (: CFLAGS="$CFLAGS $flag") 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+      CFLAGS="$CFLAGS $flag"
+      ;;
+   esac
+else
+  CFLAGS="$flag"
+fi
+
+else
+  :
+fi
+
+done
+
+
+
+for flag in -Wunused-result; do
+  as_CACHEVAR=`$as_echo "ax_cv_check_cflags_$ax_append_compile_cflags_extra_$flag" | $as_tr_sh`
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5
+$as_echo_n "checking whether C compiler accepts $flag... " >&6; }
+if eval \${$as_CACHEVAR+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+
+  ax_check_save_flags=$CFLAGS
+  CFLAGS="$CFLAGS $ax_append_compile_cflags_extra $flag"
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  eval "$as_CACHEVAR=yes"
+else
+  eval "$as_CACHEVAR=no"
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+  CFLAGS=$ax_check_save_flags
+fi
+eval ac_res=\$$as_CACHEVAR
+	       { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
+$as_echo "$ac_res" >&6; }
+if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then :
+  if ${CFLAGS+:} false; then :
+  case " $CFLAGS " in
+    *" $flag "*)
+      { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains \$flag"; } >&5
+  (: CFLAGS already contains $flag) 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+      ;;
+    *)
+      { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \$flag\""; } >&5
+  (: CFLAGS="$CFLAGS $flag") 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+      CFLAGS="$CFLAGS $flag"
+      ;;
+   esac
+else
+  CFLAGS="$flag"
+fi
+
+else
+  :
+fi
+
+done
+
+
+
+for flag in -Wunused-variable; do
+  as_CACHEVAR=`$as_echo "ax_cv_check_cflags_$ax_append_compile_cflags_extra_$flag" | $as_tr_sh`
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5
+$as_echo_n "checking whether C compiler accepts $flag... " >&6; }
+if eval \${$as_CACHEVAR+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+
+  ax_check_save_flags=$CFLAGS
+  CFLAGS="$CFLAGS $ax_append_compile_cflags_extra $flag"
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  eval "$as_CACHEVAR=yes"
+else
+  eval "$as_CACHEVAR=no"
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+  CFLAGS=$ax_check_save_flags
+fi
+eval ac_res=\$$as_CACHEVAR
+	       { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
+$as_echo "$ac_res" >&6; }
+if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then :
+  if ${CFLAGS+:} false; then :
+  case " $CFLAGS " in
+    *" $flag "*)
+      { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains \$flag"; } >&5
+  (: CFLAGS already contains $flag) 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+      ;;
+    *)
+      { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \$flag\""; } >&5
+  (: CFLAGS="$CFLAGS $flag") 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+      CFLAGS="$CFLAGS $flag"
+      ;;
+   esac
+else
+  CFLAGS="$flag"
+fi
+
+else
+  :
+fi
+
+done
+
+
+
+for flag in -Wwrite-strings; do
+  as_CACHEVAR=`$as_echo "ax_cv_check_cflags_$ax_append_compile_cflags_extra_$flag" | $as_tr_sh`
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5
+$as_echo_n "checking whether C compiler accepts $flag... " >&6; }
+if eval \${$as_CACHEVAR+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+
+  ax_check_save_flags=$CFLAGS
+  CFLAGS="$CFLAGS $ax_append_compile_cflags_extra $flag"
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  eval "$as_CACHEVAR=yes"
+else
+  eval "$as_CACHEVAR=no"
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+  CFLAGS=$ax_check_save_flags
+fi
+eval ac_res=\$$as_CACHEVAR
+	       { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
+$as_echo "$ac_res" >&6; }
+if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then :
+  if ${CFLAGS+:} false; then :
+  case " $CFLAGS " in
+    *" $flag "*)
+      { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains \$flag"; } >&5
+  (: CFLAGS already contains $flag) 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+      ;;
+    *)
+      { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \$flag\""; } >&5
+  (: CFLAGS="$CFLAGS $flag") 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+      CFLAGS="$CFLAGS $flag"
+      ;;
+   esac
+else
+  CFLAGS="$flag"
+fi
+
+else
+  :
+fi
+
+done
+
+
+
+for flag in -fwrapv; do
+  as_CACHEVAR=`$as_echo "ax_cv_check_cflags_$ax_append_compile_cflags_extra_$flag" | $as_tr_sh`
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5
+$as_echo_n "checking whether C compiler accepts $flag... " >&6; }
+if eval \${$as_CACHEVAR+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+
+  ax_check_save_flags=$CFLAGS
+  CFLAGS="$CFLAGS $ax_append_compile_cflags_extra $flag"
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  eval "$as_CACHEVAR=yes"
+else
+  eval "$as_CACHEVAR=no"
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+  CFLAGS=$ax_check_save_flags
+fi
+eval ac_res=\$$as_CACHEVAR
+	       { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
+$as_echo "$ac_res" >&6; }
+if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then :
+  if ${CFLAGS+:} false; then :
+  case " $CFLAGS " in
+    *" $flag "*)
+      { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains \$flag"; } >&5
+  (: CFLAGS already contains $flag) 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+      ;;
+    *)
+      { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \$flag\""; } >&5
+  (: CFLAGS="$CFLAGS $flag") 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+      CFLAGS="$CFLAGS $flag"
+      ;;
+   esac
+else
+  CFLAGS="$flag"
+fi
+
+else
+  :
+fi
+
+done
+
+
+
+for flag in -fPIE; do
+  as_CACHEVAR=`$as_echo "ax_cv_check_cflags_$ax_append_compile_cflags_extra_$flag" | $as_tr_sh`
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5
+$as_echo_n "checking whether C compiler accepts $flag... " >&6; }
+if eval \${$as_CACHEVAR+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+
+  ax_check_save_flags=$CFLAGS
+  CFLAGS="$CFLAGS $ax_append_compile_cflags_extra $flag"
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  eval "$as_CACHEVAR=yes"
+else
+  eval "$as_CACHEVAR=no"
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+  CFLAGS=$ax_check_save_flags
+fi
+eval ac_res=\$$as_CACHEVAR
+	       { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
+$as_echo "$ac_res" >&6; }
+if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then :
+  if ${CFLAGS+:} false; then :
+  case " $CFLAGS " in
+    *" $flag "*)
+      { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains \$flag"; } >&5
+  (: CFLAGS already contains $flag) 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+      ;;
+    *)
+      { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \$flag\""; } >&5
+  (: CFLAGS="$CFLAGS $flag") 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+      CFLAGS="$CFLAGS $flag"
+      ;;
+   esac
+else
+  CFLAGS="$flag"
+fi
+
+else
+  :
+fi
+
+done
+
+      ac_ext=c
+ac_cpp='$CPP $CPPFLAGS'
+ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
+ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
+ac_compiler_gnu=$ac_cv_c_compiler_gnu
+
+
+
+# link to ws2_32 if on mingw
+case $host_os in
+    *mingw32)
+        LDFLAGS="$LDFLAGS -lws2_32" ;;
+esac
+
+# add user C_EXTRA_FLAGS back
+CFLAGS="$CFLAGS $USER_C_EXTRA_FLAGS"
+OPTION_FLAGS="$USER_C_EXTRA_FLAGS $AM_CFLAGS"
+
+
+
+  HEX_VERSION=`echo $VERSION | sed 's|\-a-z0-9*$||' | \
+    awk -F. '{printf "0x%0.2d%0.3d%0.3d", $1, $2, $3}'`
+
+
+
+
+
+
+# FINAL
+ac_config_files="$ac_config_files stamp-h"
+
+ac_config_files="$ac_config_files Makefile"
+
+ac_config_files="$ac_config_files wolfssl/version.h"
+
+ac_config_files="$ac_config_files wolfssl/options.h"
+
+#have options.h and version.h for autoconf fips tag and build
+#if test "x$ENABLED_FIPS" = "xyes"
+#then
+#    AC_CONFIG_FILES([cyassl/version.h])
+#    AC_CONFIG_FILES([cyassl/options.h])
+#fi
+ac_config_files="$ac_config_files support/wolfssl.pc"
+
+ac_config_files="$ac_config_files rpm/spec"
+
+
+# create a generic PACKAGE-config file
+L=`echo $PACKAGE $LIBS`
+P=`echo $L | sed -e 's/ -.*//'`
+P=`echo $P`
+V=`echo $VERSION`
+F=`echo $P-config`
+L=`echo -l$L | sed -e 's/^-llib/-l/'`
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: creating $F - generic $V for $L" >&5
+$as_echo "creating $F - generic $V for $L" >&6; }
+test "x$prefix" = xNONE && prefix="$ac_default_prefix"
+test "x$exec_prefix" = xNONE && exec_prefix='${prefix}'
+echo '#! /bin/sh' >$F
+echo ' ' >>$F
+echo 'package="'$P'"' >>$F
+echo 'version="'$V'"' >>$F
+echo 'libs="'$L'"' >>$F
+echo ' ' >>$F
+# in the order of occurence a standard automake Makefile
+echo 'prefix="'$prefix'"' >>$F
+echo 'exec_prefix="'$exec_prefix'"' >>$F
+echo 'bindir="'$bindir'"' >>$F
+echo 'sbindir="'$sbindir'"' >>$F
+echo 'libexecdir="'$libexecdir'"' >>$F
+echo 'datadir="'$datadir'"' >>$F
+echo 'sysconfdir="'$sysconfdir'"' >>$F
+echo 'sharedstatedir="'$sharedstatedir'"' >>$F
+echo 'localstatedir="'$localstatedir'"' >>$F
+echo 'libdir="'$libdir'"' >>$F
+echo 'infodir="'$infodir'"' >>$F
+echo 'mandir="'$mandir'"' >>$F
+echo 'includedir="'$includedir'"' >>$F
+echo 'target="'$target'"' >>$F
+echo 'host="'$host'"' >>$F
+echo 'build="'$build'"' >>$F
+echo ' ' >>$F
+echo 'if test "'"\$""#"'" -eq 0; then' >>$F
+echo '   cat <>$F
+echo 'Usage: $package-config OPTIONS' >>$F
+echo 'Options:' >>$F
+echo '  --prefix=DIR) : \$prefix' >>$F
+echo '  --package) : \$package' >>$F
+echo '  --version) : \$version' >>$F
+echo '  --cflags) : -I\$includedir' >>$F
+echo '  --libs) : -L\$libdir -l\$package' >>$F
+echo '  --help) print all the options (not just these)' >>$F
+echo 'EOF' >>$F
+echo 'fi' >>$F
+echo ' ' >>$F
+echo 'o=""' >>$F
+echo 'h=""' >>$F
+echo 'for i in "$@"; do' >>$F
+echo '  case $i in' >>$F
+echo '  --prefix=*) prefix=`echo $i | sed -e "s/--prefix=//"` ;;' >>$F
+echo '  --prefix)    o="$o $prefix" ;;' >>$F
+echo '  --package)   o="$o $package" ;;' >>$F
+echo '  --version)   o="$o $version" ;;' >>$F
+echo '  --cflags) if test "_$includedir" != "_/usr/include"' >>$F
+echo '          then o="$o -I$includedir" ; fi' >>$F
+echo '  ;;' >>$F
+echo '  --libs)      o="$o -L$libdir $libs" ;;' >>$F
+echo '  --exec_prefix|--eprefix) o="$o $exec_prefix" ;;' >>$F
+echo '  --bindir)                o="$o $bindir" ;;' >>$F
+echo '  --sbindir)               o="$o $sbindir" ;;' >>$F
+echo '  --libexecdir)            o="$o $libexecdir" ;;' >>$F
+echo '  --datadir)               o="$o $datadir" ;;' >>$F
+echo '  --datainc)               o="$o -I$datadir" ;;' >>$F
+echo '  --datalib)               o="$o -L$datadir" ;;' >>$F
+echo '  --sysconfdir)            o="$o $sysconfdir" ;;' >>$F
+echo '  --sharedstatedir)        o="$o $sharedstatedir" ;;' >>$F
+echo '  --localstatedir)         o="$o $localstatedir" ;;' >>$F
+echo '  --libdir)                o="$o $libdir" ;;' >>$F
+echo '  --libadd)                o="$o -L$libdir" ;;' >>$F
+echo '  --infodir)               o="$o $infodir" ;;' >>$F
+echo '  --mandir)                o="$o $mandir" ;;' >>$F
+echo '  --target)                o="$o $target" ;;' >>$F
+echo '  --host)                  o="$o $host" ;;' >>$F
+echo '  --build)                 o="$o $build" ;;' >>$F
+echo '  --data)                  o="$o -I$datadir/$package" ;;' >>$F
+echo '  --pkgdatadir)            o="$o $datadir/$package" ;;' >>$F
+echo '  --pkgdatainc)            o="$o -I$datadir/$package" ;;' >>$F
+echo '  --pkgdatalib)            o="$o -L$datadir/$package" ;;' >>$F
+echo '  --pkglibdir)             o="$o $libdir/$package" ;;' >>$F
+echo '  --pkglibinc)             o="$o -I$libinc/$package" ;;' >>$F
+echo '  --pkglibadd)             o="$o -L$libadd/$package" ;;' >>$F
+echo '  --pkgincludedir)         o="$o $includedir/$package" ;;' >>$F
+echo '  --help) h="1" ;;' >>$F
+echo '  -?//*|-?/*//*|-?./*//*|//*|/*//*|./*//*) ' >>$F
+echo '       v=`echo $i | sed -e s://:\$:g`' >>$F
+echo '       v=`eval "echo $v"` ' >>$F
+echo '       o="$o $v" ;; ' >>$F
+echo '  esac' >>$F
+echo 'done' >>$F
+echo ' ' >>$F
+echo 'o=`eval "echo $o"`' >>$F
+echo 'o=`eval "echo $o"`' >>$F
+echo 'eval "echo $o"' >>$F
+echo ' ' >>$F
+echo 'if test ! -z "$h" ; then ' >>$F
+echo 'cat <>$F
+echo '  --prefix=xxx)      (what is that for anyway?)' >>$F
+echo '  --prefix)         \$prefix        $prefix' >>$F
+echo '  --package)        \$package       $package' >>$F
+echo '  --version)        \$version       $version' >>$F
+echo '  --cflags)         -I\$includedir    unless it is /usr/include' >>$F
+echo '  --libs)           -L\$libdir -l\$PACKAGE \$LIBS' >>$F
+echo '  --exec_prefix) or... ' >>$F
+echo '  --eprefix)        \$exec_prefix   $exec_prefix' >>$F
+echo '  --bindir)         \$bindir        $bindir' >>$F
+echo '  --sbindir)        \$sbindir       $sbindir' >>$F
+echo '  --libexecdir)     \$libexecdir    $libexecdir' >>$F
+echo '  --datadir)        \$datadir       $datadir' >>$F
+echo '  --sysconfdir)     \$sysconfdir    $sysconfdir' >>$F
+echo '  --sharedstatedir) \$sharedstatedir$sharedstatedir' >>$F
+echo '  --localstatedir)  \$localstatedir $localstatedir' >>$F
+echo '  --libdir)         \$libdir        $libdir' >>$F
+echo '  --infodir)        \$infodir       $infodir' >>$F
+echo '  --mandir)         \$mandir        $mandir' >>$F
+echo '  --target)         \$target        $target' >>$F
+echo '  --host)           \$host          $host' >>$F
+echo '  --build)          \$build         $build' >>$F
+echo '  --data)           -I\$datadir/\$package' >>$F
+echo '  --pkgdatadir)     \$datadir/\$package' >>$F
+echo '  --pkglibdir)      \$libdir/\$package' >>$F
+echo '  --pkgincludedir)  \$includedir/\$package' >>$F
+echo '  --help)           generated by ax_create_generic_config.m4' >>$F
+echo '  -I//varname and other inc-targets like --pkgdatainc supported' >>$F
+echo '  -L//varname and other lib-targets, e.g. --pkgdatalib or --libadd' >>$F
+echo 'EOF' >>$F
+echo 'fi' >>$F
+GENERIC_CONFIG="$F"
+
+
+
+
+
+      { $as_echo "$as_me:${as_lineno-$LINENO}: checking the number of available CPUs" >&5
+$as_echo_n "checking the number of available CPUs... " >&6; }
+      CPU_COUNT="0"
+
+      case $host_os in #(
+
+        *darwin*) :
+
+        if test -x /usr/sbin/sysctl; then :
+
+          sysctl_a=`/usr/sbin/sysctl -a 2>/dev/null| grep -c hw.cpu`
+          if test sysctl_a; then :
+
+            CPU_COUNT=`/usr/sbin/sysctl -n hw.ncpu`
+
+fi
+
+fi ;; #(
+
+        *linux*) :
+
+        if test "x$CPU_COUNT" = "x0" -a -e /proc/cpuinfo; then :
+
+          if test "x$CPU_COUNT" = "x0" -a -e /proc/cpuinfo; then :
+
+            CPU_COUNT=`$EGREP -c '^processor' /proc/cpuinfo`
+
+fi
+
+fi
+         ;; #(
+  *) :
+     ;;
+esac
+
+      if test "x$CPU_COUNT" = "x0"; then :
+
+        CPU_COUNT="1"
+        { $as_echo "$as_me:${as_lineno-$LINENO}: result: unable to detect (assuming 1) " >&5
+$as_echo "unable to detect (assuming 1) " >&6; }
+
+else
+
+        { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CPU_COUNT " >&5
+$as_echo "$CPU_COUNT " >&6; }
+
+fi
+
+
+AX_DOLLAR="\$"
+AX_SRB="\\135"
+AX_SLB="\\133"
+AX_BS="\\\\"
+AX_DQ="\""
+
+
+{ $as_echo "$as_me:${as_lineno-$LINENO}: adding automake macro support" >&5
+$as_echo "$as_me: adding automake macro support" >&6;}
+AMINCLUDE="aminclude.am"
+
+{ $as_echo "$as_me:${as_lineno-$LINENO}: creating $AMINCLUDE" >&5
+$as_echo "$as_me: creating $AMINCLUDE" >&6;}
+AMINCLUDE_TIME=`date`
+
+
+printf "
+# generated automatically by configure from AX_AUTOMAKE_MACROS
+# on $AMINCLUDE_TIME
+
+" > "$AMINCLUDE"
+
+
+INC_AMINCLUDE="include \$(top_builddir)/$AMINCLUDE"
+
+
+
+
+
+    # Check whether --enable-jobserver was given.
+if test "${enable_jobserver+set}" = set; then :
+  enableval=$enable_jobserver;
+else
+  enable_jobserver=yes
+fi
+
+    if test "x$enable_jobserver" = "xyes"; then
+        let enable_jobserver=$CPU_COUNT+1
+    fi
+
+    if test "x$enable_jobserver" != "xno"; then
+        { $as_echo "$as_me:${as_lineno-$LINENO}: added jobserver support to make for $enable_jobserver jobs" >&5
+$as_echo "$as_me: added jobserver support to make for $enable_jobserver jobs" >&6;}
+
+
+
+
+printf "AM_MAKEFLAGS += -j$enable_jobserver \n" >> "$AMINCLUDE"
+
+
+    fi
+
+
+cat >confcache <<\_ACEOF
+# This file is a shell script that caches the results of configure
+# tests run on this system so they can be shared between configure
+# scripts and configure runs, see configure's option --config-cache.
+# It is not useful on other systems.  If it contains results you don't
+# want to keep, you may remove or edit it.
+#
+# config.status only pays attention to the cache file if you give it
+# the --recheck option to rerun configure.
+#
+# `ac_cv_env_foo' variables (set or unset) will be overridden when
+# loading this file, other *unset* `ac_cv_foo' will be assigned the
+# following values.
+
+_ACEOF
+
+# The following way of writing the cache mishandles newlines in values,
+# but we know of no workaround that is simple, portable, and efficient.
+# So, we kill variables containing newlines.
+# Ultrix sh set writes to stderr and can't be redirected directly,
+# and sets the high bit in the cache file unless we assign to the vars.
+(
+  for ac_var in `(set) 2>&1 | sed -n 's/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'`; do
+    eval ac_val=\$$ac_var
+    case $ac_val in #(
+    *${as_nl}*)
+      case $ac_var in #(
+      *_cv_*) { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cache variable $ac_var contains a newline" >&5
+$as_echo "$as_me: WARNING: cache variable $ac_var contains a newline" >&2;} ;;
+      esac
+      case $ac_var in #(
+      _ | IFS | as_nl) ;; #(
+      BASH_ARGV | BASH_SOURCE) eval $ac_var= ;; #(
+      *) { eval $ac_var=; unset $ac_var;} ;;
+      esac ;;
+    esac
+  done
+
+  (set) 2>&1 |
+    case $as_nl`(ac_space=' '; set) 2>&1` in #(
+    *${as_nl}ac_space=\ *)
+      # `set' does not quote correctly, so add quotes: double-quote
+      # substitution turns \\\\ into \\, and sed turns \\ into \.
+      sed -n \
+	"s/'/'\\\\''/g;
+	  s/^\\([_$as_cr_alnum]*_cv_[_$as_cr_alnum]*\\)=\\(.*\\)/\\1='\\2'/p"
+      ;; #(
+    *)
+      # `set' quotes correctly as required by POSIX, so do not add quotes.
+      sed -n "/^[_$as_cr_alnum]*_cv_[_$as_cr_alnum]*=/p"
+      ;;
+    esac |
+    sort
+) |
+  sed '
+     /^ac_cv_env_/b end
+     t clear
+     :clear
+     s/^\([^=]*\)=\(.*[{}].*\)$/test "${\1+set}" = set || &/
+     t end
+     s/^\([^=]*\)=\(.*\)$/\1=${\1=\2}/
+     :end' >>confcache
+if diff "$cache_file" confcache >/dev/null 2>&1; then :; else
+  if test -w "$cache_file"; then
+    if test "x$cache_file" != "x/dev/null"; then
+      { $as_echo "$as_me:${as_lineno-$LINENO}: updating cache $cache_file" >&5
+$as_echo "$as_me: updating cache $cache_file" >&6;}
+      if test ! -f "$cache_file" || test -h "$cache_file"; then
+	cat confcache >"$cache_file"
+      else
+        case $cache_file in #(
+        */* | ?:*)
+	  mv -f confcache "$cache_file"$$ &&
+	  mv -f "$cache_file"$$ "$cache_file" ;; #(
+        *)
+	  mv -f confcache "$cache_file" ;;
+	esac
+      fi
+    fi
+  else
+    { $as_echo "$as_me:${as_lineno-$LINENO}: not updating unwritable cache $cache_file" >&5
+$as_echo "$as_me: not updating unwritable cache $cache_file" >&6;}
+  fi
+fi
+rm -f confcache
+
+test "x$prefix" = xNONE && prefix=$ac_default_prefix
+# Let make expand exec_prefix.
+test "x$exec_prefix" = xNONE && exec_prefix='${prefix}'
+
+DEFS=-DHAVE_CONFIG_H
+
+ac_libobjs=
+ac_ltlibobjs=
+U=
+for ac_i in : $LIBOBJS; do test "x$ac_i" = x: && continue
+  # 1. Remove the extension, and $U if already installed.
+  ac_script='s/\$U\././;s/\.o$//;s/\.obj$//'
+  ac_i=`$as_echo "$ac_i" | sed "$ac_script"`
+  # 2. Prepend LIBOBJDIR.  When used with automake>=1.10 LIBOBJDIR
+  #    will be set to the directory where LIBOBJS objects are built.
+  as_fn_append ac_libobjs " \${LIBOBJDIR}$ac_i\$U.$ac_objext"
+  as_fn_append ac_ltlibobjs " \${LIBOBJDIR}$ac_i"'$U.lo'
+done
+LIBOBJS=$ac_libobjs
+
+LTLIBOBJS=$ac_ltlibobjs
+
+
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking that generated files are newer than configure" >&5
+$as_echo_n "checking that generated files are newer than configure... " >&6; }
+   if test -n "$am_sleep_pid"; then
+     # Hide warnings about reused PIDs.
+     wait $am_sleep_pid 2>/dev/null
+   fi
+   { $as_echo "$as_me:${as_lineno-$LINENO}: result: done" >&5
+$as_echo "done" >&6; }
+ if test -n "$EXEEXT"; then
+  am__EXEEXT_TRUE=
+  am__EXEEXT_FALSE='#'
+else
+  am__EXEEXT_TRUE='#'
+  am__EXEEXT_FALSE=
+fi
+
+if test -z "${AMDEP_TRUE}" && test -z "${AMDEP_FALSE}"; then
+  as_fn_error $? "conditional \"AMDEP\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${am__fastdepCC_TRUE}" && test -z "${am__fastdepCC_FALSE}"; then
+  as_fn_error $? "conditional \"am__fastdepCC\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${am__fastdepCXX_TRUE}" && test -z "${am__fastdepCXX_FALSE}"; then
+  as_fn_error $? "conditional \"am__fastdepCXX\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+
+if test -z "${am__fastdepCC_TRUE}" && test -z "${am__fastdepCC_FALSE}"; then
+  as_fn_error $? "conditional \"am__fastdepCC\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${am__fastdepCXX_TRUE}" && test -z "${am__fastdepCXX_FALSE}"; then
+  as_fn_error $? "conditional \"am__fastdepCXX\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${am__fastdepCCAS_TRUE}" && test -z "${am__fastdepCCAS_FALSE}"; then
+  as_fn_error $? "conditional \"am__fastdepCCAS\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${DEBUG_TRUE}" && test -z "${DEBUG_FALSE}"; then
+  as_fn_error $? "conditional \"DEBUG\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${BUILD_LEANPSK_TRUE}" && test -z "${BUILD_LEANPSK_FALSE}"; then
+  as_fn_error $? "conditional \"BUILD_LEANPSK\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${BUILD_SNIFFER_TRUE}" && test -z "${BUILD_SNIFFER_FALSE}"; then
+  as_fn_error $? "conditional \"BUILD_SNIFFER\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${BUILD_SNIFFTEST_TRUE}" && test -z "${BUILD_SNIFFTEST_FALSE}"; then
+  as_fn_error $? "conditional \"BUILD_SNIFFTEST\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${BUILD_AESGCM_TRUE}" && test -z "${BUILD_AESGCM_FALSE}"; then
+  as_fn_error $? "conditional \"BUILD_AESGCM\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${BUILD_AESCCM_TRUE}" && test -z "${BUILD_AESCCM_FALSE}"; then
+  as_fn_error $? "conditional \"BUILD_AESCCM\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${BUILD_AESNI_TRUE}" && test -z "${BUILD_AESNI_FALSE}"; then
+  as_fn_error $? "conditional \"BUILD_AESNI\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${BUILD_POLY1305_TRUE}" && test -z "${BUILD_POLY1305_FALSE}"; then
+  as_fn_error $? "conditional \"BUILD_POLY1305\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${BUILD_CAMELLIA_TRUE}" && test -z "${BUILD_CAMELLIA_FALSE}"; then
+  as_fn_error $? "conditional \"BUILD_CAMELLIA\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${BUILD_MD2_TRUE}" && test -z "${BUILD_MD2_FALSE}"; then
+  as_fn_error $? "conditional \"BUILD_MD2\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${BUILD_RIPEMD_TRUE}" && test -z "${BUILD_RIPEMD_FALSE}"; then
+  as_fn_error $? "conditional \"BUILD_RIPEMD\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${BUILD_BLAKE2_TRUE}" && test -z "${BUILD_BLAKE2_FALSE}"; then
+  as_fn_error $? "conditional \"BUILD_BLAKE2\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${BUILD_SHA512_TRUE}" && test -z "${BUILD_SHA512_FALSE}"; then
+  as_fn_error $? "conditional \"BUILD_SHA512\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${BUILD_DSA_TRUE}" && test -z "${BUILD_DSA_FALSE}"; then
+  as_fn_error $? "conditional \"BUILD_DSA\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${BUILD_ECC_TRUE}" && test -z "${BUILD_ECC_FALSE}"; then
+  as_fn_error $? "conditional \"BUILD_ECC\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${BUILD_ECC25519_TRUE}" && test -z "${BUILD_ECC25519_FALSE}"; then
+  as_fn_error $? "conditional \"BUILD_ECC25519\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${BUILD_MEMORY_TRUE}" && test -z "${BUILD_MEMORY_FALSE}"; then
+  as_fn_error $? "conditional \"BUILD_MEMORY\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${BUILD_RSA_TRUE}" && test -z "${BUILD_RSA_FALSE}"; then
+  as_fn_error $? "conditional \"BUILD_RSA\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${BUILD_DH_TRUE}" && test -z "${BUILD_DH_FALSE}"; then
+  as_fn_error $? "conditional \"BUILD_DH\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${BUILD_ASN_TRUE}" && test -z "${BUILD_ASN_FALSE}"; then
+  as_fn_error $? "conditional \"BUILD_ASN\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${BUILD_AES_TRUE}" && test -z "${BUILD_AES_FALSE}"; then
+  as_fn_error $? "conditional \"BUILD_AES\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${BUILD_CODING_TRUE}" && test -z "${BUILD_CODING_FALSE}"; then
+  as_fn_error $? "conditional \"BUILD_CODING\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${BUILD_DES3_TRUE}" && test -z "${BUILD_DES3_FALSE}"; then
+  as_fn_error $? "conditional \"BUILD_DES3\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${BUILD_RC4_TRUE}" && test -z "${BUILD_RC4_FALSE}"; then
+  as_fn_error $? "conditional \"BUILD_RC4\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${BUILD_MD5_TRUE}" && test -z "${BUILD_MD5_FALSE}"; then
+  as_fn_error $? "conditional \"BUILD_MD5\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${BUILD_SHA_TRUE}" && test -z "${BUILD_SHA_FALSE}"; then
+  as_fn_error $? "conditional \"BUILD_SHA\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${BUILD_MD4_TRUE}" && test -z "${BUILD_MD4_FALSE}"; then
+  as_fn_error $? "conditional \"BUILD_MD4\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${BUILD_HC128_TRUE}" && test -z "${BUILD_HC128_FALSE}"; then
+  as_fn_error $? "conditional \"BUILD_HC128\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${BUILD_RABBIT_TRUE}" && test -z "${BUILD_RABBIT_FALSE}"; then
+  as_fn_error $? "conditional \"BUILD_RABBIT\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${BUILD_CHACHA_TRUE}" && test -z "${BUILD_CHACHA_FALSE}"; then
+  as_fn_error $? "conditional \"BUILD_CHACHA\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${BUILD_SHA512_TRUE}" && test -z "${BUILD_SHA512_FALSE}"; then
+  as_fn_error $? "conditional \"BUILD_SHA512\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${BUILD_SHA512_TRUE}" && test -z "${BUILD_SHA512_FALSE}"; then
+  as_fn_error $? "conditional \"BUILD_SHA512\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${BUILD_FIPS_TRUE}" && test -z "${BUILD_FIPS_FALSE}"; then
+  as_fn_error $? "conditional \"BUILD_FIPS\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${BUILD_INLINE_TRUE}" && test -z "${BUILD_INLINE_FALSE}"; then
+  as_fn_error $? "conditional \"BUILD_INLINE\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${BUILD_OCSP_TRUE}" && test -z "${BUILD_OCSP_FALSE}"; then
+  as_fn_error $? "conditional \"BUILD_OCSP\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${BUILD_CRL_TRUE}" && test -z "${BUILD_CRL_FALSE}"; then
+  as_fn_error $? "conditional \"BUILD_CRL\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${BUILD_CRL_MONITOR_TRUE}" && test -z "${BUILD_CRL_MONITOR_FALSE}"; then
+  as_fn_error $? "conditional \"BUILD_CRL_MONITOR\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${BUILD_NTRU_TRUE}" && test -z "${BUILD_NTRU_FALSE}"; then
+  as_fn_error $? "conditional \"BUILD_NTRU\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${BUILD_PKCS7_TRUE}" && test -z "${BUILD_PKCS7_FALSE}"; then
+  as_fn_error $? "conditional \"BUILD_PKCS7\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${BUILD_PKCS7_TRUE}" && test -z "${BUILD_PKCS7_FALSE}"; then
+  as_fn_error $? "conditional \"BUILD_PKCS7\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${USE_VALGRIND_TRUE}" && test -z "${USE_VALGRIND_FALSE}"; then
+  as_fn_error $? "conditional \"USE_VALGRIND\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${BUILD_ECC_TRUE}" && test -z "${BUILD_ECC_FALSE}"; then
+  as_fn_error $? "conditional \"BUILD_ECC\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${BUILD_PWDBASED_TRUE}" && test -z "${BUILD_PWDBASED_FALSE}"; then
+  as_fn_error $? "conditional \"BUILD_PWDBASED\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${BUILD_FASTMATH_TRUE}" && test -z "${BUILD_FASTMATH_FALSE}"; then
+  as_fn_error $? "conditional \"BUILD_FASTMATH\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${BUILD_SLOWMATH_TRUE}" && test -z "${BUILD_SLOWMATH_FALSE}"; then
+  as_fn_error $? "conditional \"BUILD_SLOWMATH\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${BUILD_EXAMPLES_TRUE}" && test -z "${BUILD_EXAMPLES_FALSE}"; then
+  as_fn_error $? "conditional \"BUILD_EXAMPLES\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${BUILD_LIBZ_TRUE}" && test -z "${BUILD_LIBZ_FALSE}"; then
+  as_fn_error $? "conditional \"BUILD_LIBZ\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${BUILD_MCAPI_TRUE}" && test -z "${BUILD_MCAPI_FALSE}"; then
+  as_fn_error $? "conditional \"BUILD_MCAPI\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${IS_VCS_CHECKOUT_TRUE}" && test -z "${IS_VCS_CHECKOUT_FALSE}"; then
+  as_fn_error $? "conditional \"IS_VCS_CHECKOUT\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+
+: "${CONFIG_STATUS=./config.status}"
+ac_write_fail=0
+ac_clean_files_save=$ac_clean_files
+ac_clean_files="$ac_clean_files $CONFIG_STATUS"
+{ $as_echo "$as_me:${as_lineno-$LINENO}: creating $CONFIG_STATUS" >&5
+$as_echo "$as_me: creating $CONFIG_STATUS" >&6;}
+as_write_fail=0
+cat >$CONFIG_STATUS <<_ASEOF || as_write_fail=1
+#! $SHELL
+# Generated by $as_me.
+# Run this file to recreate the current configuration.
+# Compiler output produced by configure, useful for debugging
+# configure, is in config.log if it exists.
+
+debug=false
+ac_cs_recheck=false
+ac_cs_silent=false
+
+SHELL=\${CONFIG_SHELL-$SHELL}
+export SHELL
+_ASEOF
+cat >>$CONFIG_STATUS <<\_ASEOF || as_write_fail=1
+## -------------------- ##
+## M4sh Initialization. ##
+## -------------------- ##
+
+# Be more Bourne compatible
+DUALCASE=1; export DUALCASE # for MKS sh
+if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then :
+  emulate sh
+  NULLCMD=:
+  # Pre-4.2 versions of Zsh do word splitting on ${1+"$@"}, which
+  # is contrary to our usage.  Disable this feature.
+  alias -g '${1+"$@"}'='"$@"'
+  setopt NO_GLOB_SUBST
+else
+  case `(set -o) 2>/dev/null` in #(
+  *posix*) :
+    set -o posix ;; #(
+  *) :
+     ;;
+esac
+fi
+
+
+as_nl='
+'
+export as_nl
+# Printing a long string crashes Solaris 7 /usr/bin/printf.
+as_echo='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\'
+as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo
+as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo$as_echo
+# Prefer a ksh shell builtin over an external printf program on Solaris,
+# but without wasting forks for bash or zsh.
+if test -z "$BASH_VERSION$ZSH_VERSION" \
+    && (test "X`print -r -- $as_echo`" = "X$as_echo") 2>/dev/null; then
+  as_echo='print -r --'
+  as_echo_n='print -rn --'
+elif (test "X`printf %s $as_echo`" = "X$as_echo") 2>/dev/null; then
+  as_echo='printf %s\n'
+  as_echo_n='printf %s'
+else
+  if test "X`(/usr/ucb/echo -n -n $as_echo) 2>/dev/null`" = "X-n $as_echo"; then
+    as_echo_body='eval /usr/ucb/echo -n "$1$as_nl"'
+    as_echo_n='/usr/ucb/echo -n'
+  else
+    as_echo_body='eval expr "X$1" : "X\\(.*\\)"'
+    as_echo_n_body='eval
+      arg=$1;
+      case $arg in #(
+      *"$as_nl"*)
+	expr "X$arg" : "X\\(.*\\)$as_nl";
+	arg=`expr "X$arg" : ".*$as_nl\\(.*\\)"`;;
+      esac;
+      expr "X$arg" : "X\\(.*\\)" | tr -d "$as_nl"
+    '
+    export as_echo_n_body
+    as_echo_n='sh -c $as_echo_n_body as_echo'
+  fi
+  export as_echo_body
+  as_echo='sh -c $as_echo_body as_echo'
+fi
+
+# The user is always right.
+if test "${PATH_SEPARATOR+set}" != set; then
+  PATH_SEPARATOR=:
+  (PATH='/bin;/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 && {
+    (PATH='/bin:/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 ||
+      PATH_SEPARATOR=';'
+  }
+fi
+
+
+# IFS
+# We need space, tab and new line, in precisely that order.  Quoting is
+# there to prevent editors from complaining about space-tab.
+# (If _AS_PATH_WALK were called with IFS unset, it would disable word
+# splitting by setting IFS to empty value.)
+IFS=" ""	$as_nl"
+
+# Find who we are.  Look in the path if we contain no directory separator.
+as_myself=
+case $0 in #((
+  *[\\/]* ) as_myself=$0 ;;
+  *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    test -r "$as_dir/$0" && as_myself=$as_dir/$0 && break
+  done
+IFS=$as_save_IFS
+
+     ;;
+esac
+# We did not find ourselves, most probably we were run as `sh COMMAND'
+# in which case we are not to be found in the path.
+if test "x$as_myself" = x; then
+  as_myself=$0
+fi
+if test ! -f "$as_myself"; then
+  $as_echo "$as_myself: error: cannot find myself; rerun with an absolute file name" >&2
+  exit 1
+fi
+
+# Unset variables that we do not need and which cause bugs (e.g. in
+# pre-3.0 UWIN ksh).  But do not cause bugs in bash 2.01; the "|| exit 1"
+# suppresses any "Segmentation fault" message there.  '((' could
+# trigger a bug in pdksh 5.2.14.
+for as_var in BASH_ENV ENV MAIL MAILPATH
+do eval test x\${$as_var+set} = xset \
+  && ( (unset $as_var) || exit 1) >/dev/null 2>&1 && unset $as_var || :
+done
+PS1='$ '
+PS2='> '
+PS4='+ '
+
+# NLS nuisances.
+LC_ALL=C
+export LC_ALL
+LANGUAGE=C
+export LANGUAGE
+
+# CDPATH.
+(unset CDPATH) >/dev/null 2>&1 && unset CDPATH
+
+
+# as_fn_error STATUS ERROR [LINENO LOG_FD]
+# ----------------------------------------
+# Output "`basename $0`: error: ERROR" to stderr. If LINENO and LOG_FD are
+# provided, also output the error to LOG_FD, referencing LINENO. Then exit the
+# script with STATUS, using 1 if that was 0.
+as_fn_error ()
+{
+  as_status=$1; test $as_status -eq 0 && as_status=1
+  if test "$4"; then
+    as_lineno=${as_lineno-"$3"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
+    $as_echo "$as_me:${as_lineno-$LINENO}: error: $2" >&$4
+  fi
+  $as_echo "$as_me: error: $2" >&2
+  as_fn_exit $as_status
+} # as_fn_error
+
+
+# as_fn_set_status STATUS
+# -----------------------
+# Set $? to STATUS, without forking.
+as_fn_set_status ()
+{
+  return $1
+} # as_fn_set_status
+
+# as_fn_exit STATUS
+# -----------------
+# Exit the shell with STATUS, even in a "trap 0" or "set -e" context.
+as_fn_exit ()
+{
+  set +e
+  as_fn_set_status $1
+  exit $1
+} # as_fn_exit
+
+# as_fn_unset VAR
+# ---------------
+# Portably unset VAR.
+as_fn_unset ()
+{
+  { eval $1=; unset $1;}
+}
+as_unset=as_fn_unset
+# as_fn_append VAR VALUE
+# ----------------------
+# Append the text in VALUE to the end of the definition contained in VAR. Take
+# advantage of any shell optimizations that allow amortized linear growth over
+# repeated appends, instead of the typical quadratic growth present in naive
+# implementations.
+if (eval "as_var=1; as_var+=2; test x\$as_var = x12") 2>/dev/null; then :
+  eval 'as_fn_append ()
+  {
+    eval $1+=\$2
+  }'
+else
+  as_fn_append ()
+  {
+    eval $1=\$$1\$2
+  }
+fi # as_fn_append
+
+# as_fn_arith ARG...
+# ------------------
+# Perform arithmetic evaluation on the ARGs, and store the result in the
+# global $as_val. Take advantage of shells that can avoid forks. The arguments
+# must be portable across $(()) and expr.
+if (eval "test \$(( 1 + 1 )) = 2") 2>/dev/null; then :
+  eval 'as_fn_arith ()
+  {
+    as_val=$(( $* ))
+  }'
+else
+  as_fn_arith ()
+  {
+    as_val=`expr "$@" || test $? -eq 1`
+  }
+fi # as_fn_arith
+
+
+if expr a : '\(a\)' >/dev/null 2>&1 &&
+   test "X`expr 00001 : '.*\(...\)'`" = X001; then
+  as_expr=expr
+else
+  as_expr=false
+fi
+
+if (basename -- /) >/dev/null 2>&1 && test "X`basename -- / 2>&1`" = "X/"; then
+  as_basename=basename
+else
+  as_basename=false
+fi
+
+if (as_dir=`dirname -- /` && test "X$as_dir" = X/) >/dev/null 2>&1; then
+  as_dirname=dirname
+else
+  as_dirname=false
+fi
+
+as_me=`$as_basename -- "$0" ||
+$as_expr X/"$0" : '.*/\([^/][^/]*\)/*$' \| \
+	 X"$0" : 'X\(//\)$' \| \
+	 X"$0" : 'X\(/\)' \| . 2>/dev/null ||
+$as_echo X/"$0" |
+    sed '/^.*\/\([^/][^/]*\)\/*$/{
+	    s//\1/
+	    q
+	  }
+	  /^X\/\(\/\/\)$/{
+	    s//\1/
+	    q
+	  }
+	  /^X\/\(\/\).*/{
+	    s//\1/
+	    q
+	  }
+	  s/.*/./; q'`
+
+# Avoid depending upon Character Ranges.
+as_cr_letters='abcdefghijklmnopqrstuvwxyz'
+as_cr_LETTERS='ABCDEFGHIJKLMNOPQRSTUVWXYZ'
+as_cr_Letters=$as_cr_letters$as_cr_LETTERS
+as_cr_digits='0123456789'
+as_cr_alnum=$as_cr_Letters$as_cr_digits
+
+ECHO_C= ECHO_N= ECHO_T=
+case `echo -n x` in #(((((
+-n*)
+  case `echo 'xy\c'` in
+  *c*) ECHO_T='	';;	# ECHO_T is single tab character.
+  xy)  ECHO_C='\c';;
+  *)   echo `echo ksh88 bug on AIX 6.1` > /dev/null
+       ECHO_T='	';;
+  esac;;
+*)
+  ECHO_N='-n';;
+esac
+
+rm -f conf$$ conf$$.exe conf$$.file
+if test -d conf$$.dir; then
+  rm -f conf$$.dir/conf$$.file
+else
+  rm -f conf$$.dir
+  mkdir conf$$.dir 2>/dev/null
+fi
+if (echo >conf$$.file) 2>/dev/null; then
+  if ln -s conf$$.file conf$$ 2>/dev/null; then
+    as_ln_s='ln -s'
+    # ... but there are two gotchas:
+    # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail.
+    # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable.
+    # In both cases, we have to default to `cp -pR'.
+    ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe ||
+      as_ln_s='cp -pR'
+  elif ln conf$$.file conf$$ 2>/dev/null; then
+    as_ln_s=ln
+  else
+    as_ln_s='cp -pR'
+  fi
+else
+  as_ln_s='cp -pR'
+fi
+rm -f conf$$ conf$$.exe conf$$.dir/conf$$.file conf$$.file
+rmdir conf$$.dir 2>/dev/null
+
+
+# as_fn_mkdir_p
+# -------------
+# Create "$as_dir" as a directory, including parents if necessary.
+as_fn_mkdir_p ()
+{
+
+  case $as_dir in #(
+  -*) as_dir=./$as_dir;;
+  esac
+  test -d "$as_dir" || eval $as_mkdir_p || {
+    as_dirs=
+    while :; do
+      case $as_dir in #(
+      *\'*) as_qdir=`$as_echo "$as_dir" | sed "s/'/'\\\\\\\\''/g"`;; #'(
+      *) as_qdir=$as_dir;;
+      esac
+      as_dirs="'$as_qdir' $as_dirs"
+      as_dir=`$as_dirname -- "$as_dir" ||
+$as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
+	 X"$as_dir" : 'X\(//\)[^/]' \| \
+	 X"$as_dir" : 'X\(//\)$' \| \
+	 X"$as_dir" : 'X\(/\)' \| . 2>/dev/null ||
+$as_echo X"$as_dir" |
+    sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{
+	    s//\1/
+	    q
+	  }
+	  /^X\(\/\/\)[^/].*/{
+	    s//\1/
+	    q
+	  }
+	  /^X\(\/\/\)$/{
+	    s//\1/
+	    q
+	  }
+	  /^X\(\/\).*/{
+	    s//\1/
+	    q
+	  }
+	  s/.*/./; q'`
+      test -d "$as_dir" && break
+    done
+    test -z "$as_dirs" || eval "mkdir $as_dirs"
+  } || test -d "$as_dir" || as_fn_error $? "cannot create directory $as_dir"
+
+
+} # as_fn_mkdir_p
+if mkdir -p . 2>/dev/null; then
+  as_mkdir_p='mkdir -p "$as_dir"'
+else
+  test -d ./-p && rmdir ./-p
+  as_mkdir_p=false
+fi
+
+
+# as_fn_executable_p FILE
+# -----------------------
+# Test if FILE is an executable regular file.
+as_fn_executable_p ()
+{
+  test -f "$1" && test -x "$1"
+} # as_fn_executable_p
+as_test_x='test -x'
+as_executable_p=as_fn_executable_p
+
+# Sed expression to map a string onto a valid CPP name.
+as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'"
+
+# Sed expression to map a string onto a valid variable name.
+as_tr_sh="eval sed 'y%*+%pp%;s%[^_$as_cr_alnum]%_%g'"
+
+
+exec 6>&1
+## ----------------------------------- ##
+## Main body of $CONFIG_STATUS script. ##
+## ----------------------------------- ##
+_ASEOF
+test $as_write_fail = 0 && chmod +x $CONFIG_STATUS || ac_write_fail=1
+
+cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
+# Save the log message, to keep $0 and so on meaningful, and to
+# report actual input values of CONFIG_FILES etc. instead of their
+# values after options handling.
+ac_log="
+This file was extended by wolfssl $as_me 3.4.0, which was
+generated by GNU Autoconf 2.69.  Invocation command line was
+
+  CONFIG_FILES    = $CONFIG_FILES
+  CONFIG_HEADERS  = $CONFIG_HEADERS
+  CONFIG_LINKS    = $CONFIG_LINKS
+  CONFIG_COMMANDS = $CONFIG_COMMANDS
+  $ $0 $@
+
+on `(hostname || uname -n) 2>/dev/null | sed 1q`
+"
+
+_ACEOF
+
+case $ac_config_files in *"
+"*) set x $ac_config_files; shift; ac_config_files=$*;;
+esac
+
+case $ac_config_headers in *"
+"*) set x $ac_config_headers; shift; ac_config_headers=$*;;
+esac
+
+
+cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
+# Files that config.status was made for.
+config_files="$ac_config_files"
+config_headers="$ac_config_headers"
+config_commands="$ac_config_commands"
+
+_ACEOF
+
+cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
+ac_cs_usage="\
+\`$as_me' instantiates files and other configuration actions
+from templates according to the current configuration.  Unless the files
+and actions are specified as TAGs, all are instantiated by default.
+
+Usage: $0 [OPTION]... [TAG]...
+
+  -h, --help       print this help, then exit
+  -V, --version    print version number and configuration settings, then exit
+      --config     print configuration, then exit
+  -q, --quiet, --silent
+                   do not print progress messages
+  -d, --debug      don't remove temporary files
+      --recheck    update $as_me by reconfiguring in the same conditions
+      --file=FILE[:TEMPLATE]
+                   instantiate the configuration file FILE
+      --header=FILE[:TEMPLATE]
+                   instantiate the configuration header FILE
+
+Configuration files:
+$config_files
+
+Configuration headers:
+$config_headers
+
+Configuration commands:
+$config_commands
+
+Report bugs to .
+wolfssl home page: ."
+
+_ACEOF
+cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
+ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
+ac_cs_version="\\
+wolfssl config.status 3.4.0
+configured by $0, generated by GNU Autoconf 2.69,
+  with options \\"\$ac_cs_config\\"
+
+Copyright (C) 2012 Free Software Foundation, Inc.
+This config.status script is free software; the Free Software Foundation
+gives unlimited permission to copy, distribute and modify it."
+
+ac_pwd='$ac_pwd'
+srcdir='$srcdir'
+INSTALL='$INSTALL'
+MKDIR_P='$MKDIR_P'
+AWK='$AWK'
+test -n "\$AWK" || AWK=awk
+_ACEOF
+
+cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
+# The default lists apply if the user does not specify any file.
+ac_need_defaults=:
+while test $# != 0
+do
+  case $1 in
+  --*=?*)
+    ac_option=`expr "X$1" : 'X\([^=]*\)='`
+    ac_optarg=`expr "X$1" : 'X[^=]*=\(.*\)'`
+    ac_shift=:
+    ;;
+  --*=)
+    ac_option=`expr "X$1" : 'X\([^=]*\)='`
+    ac_optarg=
+    ac_shift=:
+    ;;
+  *)
+    ac_option=$1
+    ac_optarg=$2
+    ac_shift=shift
+    ;;
+  esac
+
+  case $ac_option in
+  # Handling of the options.
+  -recheck | --recheck | --rechec | --reche | --rech | --rec | --re | --r)
+    ac_cs_recheck=: ;;
+  --version | --versio | --versi | --vers | --ver | --ve | --v | -V )
+    $as_echo "$ac_cs_version"; exit ;;
+  --config | --confi | --conf | --con | --co | --c )
+    $as_echo "$ac_cs_config"; exit ;;
+  --debug | --debu | --deb | --de | --d | -d )
+    debug=: ;;
+  --file | --fil | --fi | --f )
+    $ac_shift
+    case $ac_optarg in
+    *\'*) ac_optarg=`$as_echo "$ac_optarg" | sed "s/'/'\\\\\\\\''/g"` ;;
+    '') as_fn_error $? "missing file argument" ;;
+    esac
+    as_fn_append CONFIG_FILES " '$ac_optarg'"
+    ac_need_defaults=false;;
+  --header | --heade | --head | --hea )
+    $ac_shift
+    case $ac_optarg in
+    *\'*) ac_optarg=`$as_echo "$ac_optarg" | sed "s/'/'\\\\\\\\''/g"` ;;
+    esac
+    as_fn_append CONFIG_HEADERS " '$ac_optarg'"
+    ac_need_defaults=false;;
+  --he | --h)
+    # Conflict between --help and --header
+    as_fn_error $? "ambiguous option: \`$1'
+Try \`$0 --help' for more information.";;
+  --help | --hel | -h )
+    $as_echo "$ac_cs_usage"; exit ;;
+  -q | -quiet | --quiet | --quie | --qui | --qu | --q \
+  | -silent | --silent | --silen | --sile | --sil | --si | --s)
+    ac_cs_silent=: ;;
+
+  # This is an error.
+  -*) as_fn_error $? "unrecognized option: \`$1'
+Try \`$0 --help' for more information." ;;
+
+  *) as_fn_append ac_config_targets " $1"
+     ac_need_defaults=false ;;
+
+  esac
+  shift
+done
+
+ac_configure_extra_args=
+
+if $ac_cs_silent; then
+  exec 6>/dev/null
+  ac_configure_extra_args="$ac_configure_extra_args --silent"
+fi
+
+_ACEOF
+cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
+if \$ac_cs_recheck; then
+  set X $SHELL '$0' $ac_configure_args \$ac_configure_extra_args --no-create --no-recursion
+  shift
+  \$as_echo "running CONFIG_SHELL=$SHELL \$*" >&6
+  CONFIG_SHELL='$SHELL'
+  export CONFIG_SHELL
+  exec "\$@"
+fi
+
+_ACEOF
+cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
+exec 5>>config.log
+{
+  echo
+  sed 'h;s/./-/g;s/^.../## /;s/...$/ ##/;p;x;p;x' <<_ASBOX
+## Running $as_me. ##
+_ASBOX
+  $as_echo "$ac_log"
+} >&5
+
+_ACEOF
+cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
+#
+# INIT-COMMANDS
+#
+AMDEP_TRUE="$AMDEP_TRUE" ac_aux_dir="$ac_aux_dir"
+
+
+# The HP-UX ksh and POSIX shell print the target directory to stdout
+# if CDPATH is set.
+(unset CDPATH) >/dev/null 2>&1 && unset CDPATH
+
+sed_quote_subst='$sed_quote_subst'
+double_quote_subst='$double_quote_subst'
+delay_variable_subst='$delay_variable_subst'
+macro_version='`$ECHO "$macro_version" | $SED "$delay_single_quote_subst"`'
+macro_revision='`$ECHO "$macro_revision" | $SED "$delay_single_quote_subst"`'
+enable_static='`$ECHO "$enable_static" | $SED "$delay_single_quote_subst"`'
+enable_shared='`$ECHO "$enable_shared" | $SED "$delay_single_quote_subst"`'
+pic_mode='`$ECHO "$pic_mode" | $SED "$delay_single_quote_subst"`'
+enable_fast_install='`$ECHO "$enable_fast_install" | $SED "$delay_single_quote_subst"`'
+SHELL='`$ECHO "$SHELL" | $SED "$delay_single_quote_subst"`'
+ECHO='`$ECHO "$ECHO" | $SED "$delay_single_quote_subst"`'
+PATH_SEPARATOR='`$ECHO "$PATH_SEPARATOR" | $SED "$delay_single_quote_subst"`'
+host_alias='`$ECHO "$host_alias" | $SED "$delay_single_quote_subst"`'
+host='`$ECHO "$host" | $SED "$delay_single_quote_subst"`'
+host_os='`$ECHO "$host_os" | $SED "$delay_single_quote_subst"`'
+build_alias='`$ECHO "$build_alias" | $SED "$delay_single_quote_subst"`'
+build='`$ECHO "$build" | $SED "$delay_single_quote_subst"`'
+build_os='`$ECHO "$build_os" | $SED "$delay_single_quote_subst"`'
+SED='`$ECHO "$SED" | $SED "$delay_single_quote_subst"`'
+Xsed='`$ECHO "$Xsed" | $SED "$delay_single_quote_subst"`'
+GREP='`$ECHO "$GREP" | $SED "$delay_single_quote_subst"`'
+EGREP='`$ECHO "$EGREP" | $SED "$delay_single_quote_subst"`'
+FGREP='`$ECHO "$FGREP" | $SED "$delay_single_quote_subst"`'
+LD='`$ECHO "$LD" | $SED "$delay_single_quote_subst"`'
+NM='`$ECHO "$NM" | $SED "$delay_single_quote_subst"`'
+LN_S='`$ECHO "$LN_S" | $SED "$delay_single_quote_subst"`'
+max_cmd_len='`$ECHO "$max_cmd_len" | $SED "$delay_single_quote_subst"`'
+ac_objext='`$ECHO "$ac_objext" | $SED "$delay_single_quote_subst"`'
+exeext='`$ECHO "$exeext" | $SED "$delay_single_quote_subst"`'
+lt_unset='`$ECHO "$lt_unset" | $SED "$delay_single_quote_subst"`'
+lt_SP2NL='`$ECHO "$lt_SP2NL" | $SED "$delay_single_quote_subst"`'
+lt_NL2SP='`$ECHO "$lt_NL2SP" | $SED "$delay_single_quote_subst"`'
+lt_cv_to_host_file_cmd='`$ECHO "$lt_cv_to_host_file_cmd" | $SED "$delay_single_quote_subst"`'
+lt_cv_to_tool_file_cmd='`$ECHO "$lt_cv_to_tool_file_cmd" | $SED "$delay_single_quote_subst"`'
+reload_flag='`$ECHO "$reload_flag" | $SED "$delay_single_quote_subst"`'
+reload_cmds='`$ECHO "$reload_cmds" | $SED "$delay_single_quote_subst"`'
+OBJDUMP='`$ECHO "$OBJDUMP" | $SED "$delay_single_quote_subst"`'
+deplibs_check_method='`$ECHO "$deplibs_check_method" | $SED "$delay_single_quote_subst"`'
+file_magic_cmd='`$ECHO "$file_magic_cmd" | $SED "$delay_single_quote_subst"`'
+file_magic_glob='`$ECHO "$file_magic_glob" | $SED "$delay_single_quote_subst"`'
+want_nocaseglob='`$ECHO "$want_nocaseglob" | $SED "$delay_single_quote_subst"`'
+DLLTOOL='`$ECHO "$DLLTOOL" | $SED "$delay_single_quote_subst"`'
+sharedlib_from_linklib_cmd='`$ECHO "$sharedlib_from_linklib_cmd" | $SED "$delay_single_quote_subst"`'
+AR='`$ECHO "$AR" | $SED "$delay_single_quote_subst"`'
+AR_FLAGS='`$ECHO "$AR_FLAGS" | $SED "$delay_single_quote_subst"`'
+archiver_list_spec='`$ECHO "$archiver_list_spec" | $SED "$delay_single_quote_subst"`'
+STRIP='`$ECHO "$STRIP" | $SED "$delay_single_quote_subst"`'
+RANLIB='`$ECHO "$RANLIB" | $SED "$delay_single_quote_subst"`'
+old_postinstall_cmds='`$ECHO "$old_postinstall_cmds" | $SED "$delay_single_quote_subst"`'
+old_postuninstall_cmds='`$ECHO "$old_postuninstall_cmds" | $SED "$delay_single_quote_subst"`'
+old_archive_cmds='`$ECHO "$old_archive_cmds" | $SED "$delay_single_quote_subst"`'
+lock_old_archive_extraction='`$ECHO "$lock_old_archive_extraction" | $SED "$delay_single_quote_subst"`'
+CC='`$ECHO "$CC" | $SED "$delay_single_quote_subst"`'
+CFLAGS='`$ECHO "$CFLAGS" | $SED "$delay_single_quote_subst"`'
+compiler='`$ECHO "$compiler" | $SED "$delay_single_quote_subst"`'
+GCC='`$ECHO "$GCC" | $SED "$delay_single_quote_subst"`'
+lt_cv_sys_global_symbol_pipe='`$ECHO "$lt_cv_sys_global_symbol_pipe" | $SED "$delay_single_quote_subst"`'
+lt_cv_sys_global_symbol_to_cdecl='`$ECHO "$lt_cv_sys_global_symbol_to_cdecl" | $SED "$delay_single_quote_subst"`'
+lt_cv_sys_global_symbol_to_c_name_address='`$ECHO "$lt_cv_sys_global_symbol_to_c_name_address" | $SED "$delay_single_quote_subst"`'
+lt_cv_sys_global_symbol_to_c_name_address_lib_prefix='`$ECHO "$lt_cv_sys_global_symbol_to_c_name_address_lib_prefix" | $SED "$delay_single_quote_subst"`'
+nm_file_list_spec='`$ECHO "$nm_file_list_spec" | $SED "$delay_single_quote_subst"`'
+lt_sysroot='`$ECHO "$lt_sysroot" | $SED "$delay_single_quote_subst"`'
+objdir='`$ECHO "$objdir" | $SED "$delay_single_quote_subst"`'
+MAGIC_CMD='`$ECHO "$MAGIC_CMD" | $SED "$delay_single_quote_subst"`'
+lt_prog_compiler_no_builtin_flag='`$ECHO "$lt_prog_compiler_no_builtin_flag" | $SED "$delay_single_quote_subst"`'
+lt_prog_compiler_pic='`$ECHO "$lt_prog_compiler_pic" | $SED "$delay_single_quote_subst"`'
+lt_prog_compiler_wl='`$ECHO "$lt_prog_compiler_wl" | $SED "$delay_single_quote_subst"`'
+lt_prog_compiler_static='`$ECHO "$lt_prog_compiler_static" | $SED "$delay_single_quote_subst"`'
+lt_cv_prog_compiler_c_o='`$ECHO "$lt_cv_prog_compiler_c_o" | $SED "$delay_single_quote_subst"`'
+need_locks='`$ECHO "$need_locks" | $SED "$delay_single_quote_subst"`'
+MANIFEST_TOOL='`$ECHO "$MANIFEST_TOOL" | $SED "$delay_single_quote_subst"`'
+DSYMUTIL='`$ECHO "$DSYMUTIL" | $SED "$delay_single_quote_subst"`'
+NMEDIT='`$ECHO "$NMEDIT" | $SED "$delay_single_quote_subst"`'
+LIPO='`$ECHO "$LIPO" | $SED "$delay_single_quote_subst"`'
+OTOOL='`$ECHO "$OTOOL" | $SED "$delay_single_quote_subst"`'
+OTOOL64='`$ECHO "$OTOOL64" | $SED "$delay_single_quote_subst"`'
+libext='`$ECHO "$libext" | $SED "$delay_single_quote_subst"`'
+shrext_cmds='`$ECHO "$shrext_cmds" | $SED "$delay_single_quote_subst"`'
+extract_expsyms_cmds='`$ECHO "$extract_expsyms_cmds" | $SED "$delay_single_quote_subst"`'
+archive_cmds_need_lc='`$ECHO "$archive_cmds_need_lc" | $SED "$delay_single_quote_subst"`'
+enable_shared_with_static_runtimes='`$ECHO "$enable_shared_with_static_runtimes" | $SED "$delay_single_quote_subst"`'
+export_dynamic_flag_spec='`$ECHO "$export_dynamic_flag_spec" | $SED "$delay_single_quote_subst"`'
+whole_archive_flag_spec='`$ECHO "$whole_archive_flag_spec" | $SED "$delay_single_quote_subst"`'
+compiler_needs_object='`$ECHO "$compiler_needs_object" | $SED "$delay_single_quote_subst"`'
+old_archive_from_new_cmds='`$ECHO "$old_archive_from_new_cmds" | $SED "$delay_single_quote_subst"`'
+old_archive_from_expsyms_cmds='`$ECHO "$old_archive_from_expsyms_cmds" | $SED "$delay_single_quote_subst"`'
+archive_cmds='`$ECHO "$archive_cmds" | $SED "$delay_single_quote_subst"`'
+archive_expsym_cmds='`$ECHO "$archive_expsym_cmds" | $SED "$delay_single_quote_subst"`'
+module_cmds='`$ECHO "$module_cmds" | $SED "$delay_single_quote_subst"`'
+module_expsym_cmds='`$ECHO "$module_expsym_cmds" | $SED "$delay_single_quote_subst"`'
+with_gnu_ld='`$ECHO "$with_gnu_ld" | $SED "$delay_single_quote_subst"`'
+allow_undefined_flag='`$ECHO "$allow_undefined_flag" | $SED "$delay_single_quote_subst"`'
+no_undefined_flag='`$ECHO "$no_undefined_flag" | $SED "$delay_single_quote_subst"`'
+hardcode_libdir_flag_spec='`$ECHO "$hardcode_libdir_flag_spec" | $SED "$delay_single_quote_subst"`'
+hardcode_libdir_separator='`$ECHO "$hardcode_libdir_separator" | $SED "$delay_single_quote_subst"`'
+hardcode_direct='`$ECHO "$hardcode_direct" | $SED "$delay_single_quote_subst"`'
+hardcode_direct_absolute='`$ECHO "$hardcode_direct_absolute" | $SED "$delay_single_quote_subst"`'
+hardcode_minus_L='`$ECHO "$hardcode_minus_L" | $SED "$delay_single_quote_subst"`'
+hardcode_shlibpath_var='`$ECHO "$hardcode_shlibpath_var" | $SED "$delay_single_quote_subst"`'
+hardcode_automatic='`$ECHO "$hardcode_automatic" | $SED "$delay_single_quote_subst"`'
+inherit_rpath='`$ECHO "$inherit_rpath" | $SED "$delay_single_quote_subst"`'
+link_all_deplibs='`$ECHO "$link_all_deplibs" | $SED "$delay_single_quote_subst"`'
+always_export_symbols='`$ECHO "$always_export_symbols" | $SED "$delay_single_quote_subst"`'
+export_symbols_cmds='`$ECHO "$export_symbols_cmds" | $SED "$delay_single_quote_subst"`'
+exclude_expsyms='`$ECHO "$exclude_expsyms" | $SED "$delay_single_quote_subst"`'
+include_expsyms='`$ECHO "$include_expsyms" | $SED "$delay_single_quote_subst"`'
+prelink_cmds='`$ECHO "$prelink_cmds" | $SED "$delay_single_quote_subst"`'
+postlink_cmds='`$ECHO "$postlink_cmds" | $SED "$delay_single_quote_subst"`'
+file_list_spec='`$ECHO "$file_list_spec" | $SED "$delay_single_quote_subst"`'
+variables_saved_for_relink='`$ECHO "$variables_saved_for_relink" | $SED "$delay_single_quote_subst"`'
+need_lib_prefix='`$ECHO "$need_lib_prefix" | $SED "$delay_single_quote_subst"`'
+need_version='`$ECHO "$need_version" | $SED "$delay_single_quote_subst"`'
+version_type='`$ECHO "$version_type" | $SED "$delay_single_quote_subst"`'
+runpath_var='`$ECHO "$runpath_var" | $SED "$delay_single_quote_subst"`'
+shlibpath_var='`$ECHO "$shlibpath_var" | $SED "$delay_single_quote_subst"`'
+shlibpath_overrides_runpath='`$ECHO "$shlibpath_overrides_runpath" | $SED "$delay_single_quote_subst"`'
+libname_spec='`$ECHO "$libname_spec" | $SED "$delay_single_quote_subst"`'
+library_names_spec='`$ECHO "$library_names_spec" | $SED "$delay_single_quote_subst"`'
+soname_spec='`$ECHO "$soname_spec" | $SED "$delay_single_quote_subst"`'
+install_override_mode='`$ECHO "$install_override_mode" | $SED "$delay_single_quote_subst"`'
+postinstall_cmds='`$ECHO "$postinstall_cmds" | $SED "$delay_single_quote_subst"`'
+postuninstall_cmds='`$ECHO "$postuninstall_cmds" | $SED "$delay_single_quote_subst"`'
+finish_cmds='`$ECHO "$finish_cmds" | $SED "$delay_single_quote_subst"`'
+finish_eval='`$ECHO "$finish_eval" | $SED "$delay_single_quote_subst"`'
+hardcode_into_libs='`$ECHO "$hardcode_into_libs" | $SED "$delay_single_quote_subst"`'
+sys_lib_search_path_spec='`$ECHO "$sys_lib_search_path_spec" | $SED "$delay_single_quote_subst"`'
+sys_lib_dlsearch_path_spec='`$ECHO "$sys_lib_dlsearch_path_spec" | $SED "$delay_single_quote_subst"`'
+hardcode_action='`$ECHO "$hardcode_action" | $SED "$delay_single_quote_subst"`'
+enable_dlopen='`$ECHO "$enable_dlopen" | $SED "$delay_single_quote_subst"`'
+enable_dlopen_self='`$ECHO "$enable_dlopen_self" | $SED "$delay_single_quote_subst"`'
+enable_dlopen_self_static='`$ECHO "$enable_dlopen_self_static" | $SED "$delay_single_quote_subst"`'
+old_striplib='`$ECHO "$old_striplib" | $SED "$delay_single_quote_subst"`'
+striplib='`$ECHO "$striplib" | $SED "$delay_single_quote_subst"`'
+compiler_lib_search_dirs='`$ECHO "$compiler_lib_search_dirs" | $SED "$delay_single_quote_subst"`'
+predep_objects='`$ECHO "$predep_objects" | $SED "$delay_single_quote_subst"`'
+postdep_objects='`$ECHO "$postdep_objects" | $SED "$delay_single_quote_subst"`'
+predeps='`$ECHO "$predeps" | $SED "$delay_single_quote_subst"`'
+postdeps='`$ECHO "$postdeps" | $SED "$delay_single_quote_subst"`'
+compiler_lib_search_path='`$ECHO "$compiler_lib_search_path" | $SED "$delay_single_quote_subst"`'
+LD_CXX='`$ECHO "$LD_CXX" | $SED "$delay_single_quote_subst"`'
+reload_flag_CXX='`$ECHO "$reload_flag_CXX" | $SED "$delay_single_quote_subst"`'
+reload_cmds_CXX='`$ECHO "$reload_cmds_CXX" | $SED "$delay_single_quote_subst"`'
+old_archive_cmds_CXX='`$ECHO "$old_archive_cmds_CXX" | $SED "$delay_single_quote_subst"`'
+compiler_CXX='`$ECHO "$compiler_CXX" | $SED "$delay_single_quote_subst"`'
+GCC_CXX='`$ECHO "$GCC_CXX" | $SED "$delay_single_quote_subst"`'
+lt_prog_compiler_no_builtin_flag_CXX='`$ECHO "$lt_prog_compiler_no_builtin_flag_CXX" | $SED "$delay_single_quote_subst"`'
+lt_prog_compiler_pic_CXX='`$ECHO "$lt_prog_compiler_pic_CXX" | $SED "$delay_single_quote_subst"`'
+lt_prog_compiler_wl_CXX='`$ECHO "$lt_prog_compiler_wl_CXX" | $SED "$delay_single_quote_subst"`'
+lt_prog_compiler_static_CXX='`$ECHO "$lt_prog_compiler_static_CXX" | $SED "$delay_single_quote_subst"`'
+lt_cv_prog_compiler_c_o_CXX='`$ECHO "$lt_cv_prog_compiler_c_o_CXX" | $SED "$delay_single_quote_subst"`'
+archive_cmds_need_lc_CXX='`$ECHO "$archive_cmds_need_lc_CXX" | $SED "$delay_single_quote_subst"`'
+enable_shared_with_static_runtimes_CXX='`$ECHO "$enable_shared_with_static_runtimes_CXX" | $SED "$delay_single_quote_subst"`'
+export_dynamic_flag_spec_CXX='`$ECHO "$export_dynamic_flag_spec_CXX" | $SED "$delay_single_quote_subst"`'
+whole_archive_flag_spec_CXX='`$ECHO "$whole_archive_flag_spec_CXX" | $SED "$delay_single_quote_subst"`'
+compiler_needs_object_CXX='`$ECHO "$compiler_needs_object_CXX" | $SED "$delay_single_quote_subst"`'
+old_archive_from_new_cmds_CXX='`$ECHO "$old_archive_from_new_cmds_CXX" | $SED "$delay_single_quote_subst"`'
+old_archive_from_expsyms_cmds_CXX='`$ECHO "$old_archive_from_expsyms_cmds_CXX" | $SED "$delay_single_quote_subst"`'
+archive_cmds_CXX='`$ECHO "$archive_cmds_CXX" | $SED "$delay_single_quote_subst"`'
+archive_expsym_cmds_CXX='`$ECHO "$archive_expsym_cmds_CXX" | $SED "$delay_single_quote_subst"`'
+module_cmds_CXX='`$ECHO "$module_cmds_CXX" | $SED "$delay_single_quote_subst"`'
+module_expsym_cmds_CXX='`$ECHO "$module_expsym_cmds_CXX" | $SED "$delay_single_quote_subst"`'
+with_gnu_ld_CXX='`$ECHO "$with_gnu_ld_CXX" | $SED "$delay_single_quote_subst"`'
+allow_undefined_flag_CXX='`$ECHO "$allow_undefined_flag_CXX" | $SED "$delay_single_quote_subst"`'
+no_undefined_flag_CXX='`$ECHO "$no_undefined_flag_CXX" | $SED "$delay_single_quote_subst"`'
+hardcode_libdir_flag_spec_CXX='`$ECHO "$hardcode_libdir_flag_spec_CXX" | $SED "$delay_single_quote_subst"`'
+hardcode_libdir_separator_CXX='`$ECHO "$hardcode_libdir_separator_CXX" | $SED "$delay_single_quote_subst"`'
+hardcode_direct_CXX='`$ECHO "$hardcode_direct_CXX" | $SED "$delay_single_quote_subst"`'
+hardcode_direct_absolute_CXX='`$ECHO "$hardcode_direct_absolute_CXX" | $SED "$delay_single_quote_subst"`'
+hardcode_minus_L_CXX='`$ECHO "$hardcode_minus_L_CXX" | $SED "$delay_single_quote_subst"`'
+hardcode_shlibpath_var_CXX='`$ECHO "$hardcode_shlibpath_var_CXX" | $SED "$delay_single_quote_subst"`'
+hardcode_automatic_CXX='`$ECHO "$hardcode_automatic_CXX" | $SED "$delay_single_quote_subst"`'
+inherit_rpath_CXX='`$ECHO "$inherit_rpath_CXX" | $SED "$delay_single_quote_subst"`'
+link_all_deplibs_CXX='`$ECHO "$link_all_deplibs_CXX" | $SED "$delay_single_quote_subst"`'
+always_export_symbols_CXX='`$ECHO "$always_export_symbols_CXX" | $SED "$delay_single_quote_subst"`'
+export_symbols_cmds_CXX='`$ECHO "$export_symbols_cmds_CXX" | $SED "$delay_single_quote_subst"`'
+exclude_expsyms_CXX='`$ECHO "$exclude_expsyms_CXX" | $SED "$delay_single_quote_subst"`'
+include_expsyms_CXX='`$ECHO "$include_expsyms_CXX" | $SED "$delay_single_quote_subst"`'
+prelink_cmds_CXX='`$ECHO "$prelink_cmds_CXX" | $SED "$delay_single_quote_subst"`'
+postlink_cmds_CXX='`$ECHO "$postlink_cmds_CXX" | $SED "$delay_single_quote_subst"`'
+file_list_spec_CXX='`$ECHO "$file_list_spec_CXX" | $SED "$delay_single_quote_subst"`'
+hardcode_action_CXX='`$ECHO "$hardcode_action_CXX" | $SED "$delay_single_quote_subst"`'
+compiler_lib_search_dirs_CXX='`$ECHO "$compiler_lib_search_dirs_CXX" | $SED "$delay_single_quote_subst"`'
+predep_objects_CXX='`$ECHO "$predep_objects_CXX" | $SED "$delay_single_quote_subst"`'
+postdep_objects_CXX='`$ECHO "$postdep_objects_CXX" | $SED "$delay_single_quote_subst"`'
+predeps_CXX='`$ECHO "$predeps_CXX" | $SED "$delay_single_quote_subst"`'
+postdeps_CXX='`$ECHO "$postdeps_CXX" | $SED "$delay_single_quote_subst"`'
+compiler_lib_search_path_CXX='`$ECHO "$compiler_lib_search_path_CXX" | $SED "$delay_single_quote_subst"`'
+
+LTCC='$LTCC'
+LTCFLAGS='$LTCFLAGS'
+compiler='$compiler_DEFAULT'
+
+# A function that is used when there is no print builtin or printf.
+func_fallback_echo ()
+{
+  eval 'cat <<_LTECHO_EOF
+\$1
+_LTECHO_EOF'
+}
+
+# Quote evaled strings.
+for var in SHELL \
+ECHO \
+PATH_SEPARATOR \
+SED \
+GREP \
+EGREP \
+FGREP \
+LD \
+NM \
+LN_S \
+lt_SP2NL \
+lt_NL2SP \
+reload_flag \
+OBJDUMP \
+deplibs_check_method \
+file_magic_cmd \
+file_magic_glob \
+want_nocaseglob \
+DLLTOOL \
+sharedlib_from_linklib_cmd \
+AR \
+AR_FLAGS \
+archiver_list_spec \
+STRIP \
+RANLIB \
+CC \
+CFLAGS \
+compiler \
+lt_cv_sys_global_symbol_pipe \
+lt_cv_sys_global_symbol_to_cdecl \
+lt_cv_sys_global_symbol_to_c_name_address \
+lt_cv_sys_global_symbol_to_c_name_address_lib_prefix \
+nm_file_list_spec \
+lt_prog_compiler_no_builtin_flag \
+lt_prog_compiler_pic \
+lt_prog_compiler_wl \
+lt_prog_compiler_static \
+lt_cv_prog_compiler_c_o \
+need_locks \
+MANIFEST_TOOL \
+DSYMUTIL \
+NMEDIT \
+LIPO \
+OTOOL \
+OTOOL64 \
+shrext_cmds \
+export_dynamic_flag_spec \
+whole_archive_flag_spec \
+compiler_needs_object \
+with_gnu_ld \
+allow_undefined_flag \
+no_undefined_flag \
+hardcode_libdir_flag_spec \
+hardcode_libdir_separator \
+exclude_expsyms \
+include_expsyms \
+file_list_spec \
+variables_saved_for_relink \
+libname_spec \
+library_names_spec \
+soname_spec \
+install_override_mode \
+finish_eval \
+old_striplib \
+striplib \
+compiler_lib_search_dirs \
+predep_objects \
+postdep_objects \
+predeps \
+postdeps \
+compiler_lib_search_path \
+LD_CXX \
+reload_flag_CXX \
+compiler_CXX \
+lt_prog_compiler_no_builtin_flag_CXX \
+lt_prog_compiler_pic_CXX \
+lt_prog_compiler_wl_CXX \
+lt_prog_compiler_static_CXX \
+lt_cv_prog_compiler_c_o_CXX \
+export_dynamic_flag_spec_CXX \
+whole_archive_flag_spec_CXX \
+compiler_needs_object_CXX \
+with_gnu_ld_CXX \
+allow_undefined_flag_CXX \
+no_undefined_flag_CXX \
+hardcode_libdir_flag_spec_CXX \
+hardcode_libdir_separator_CXX \
+exclude_expsyms_CXX \
+include_expsyms_CXX \
+file_list_spec_CXX \
+compiler_lib_search_dirs_CXX \
+predep_objects_CXX \
+postdep_objects_CXX \
+predeps_CXX \
+postdeps_CXX \
+compiler_lib_search_path_CXX; do
+    case \`eval \\\\\$ECHO \\\\""\\\\\$\$var"\\\\"\` in
+    *[\\\\\\\`\\"\\\$]*)
+      eval "lt_\$var=\\\\\\"\\\`\\\$ECHO \\"\\\$\$var\\" | \\\$SED \\"\\\$sed_quote_subst\\"\\\`\\\\\\""
+      ;;
+    *)
+      eval "lt_\$var=\\\\\\"\\\$\$var\\\\\\""
+      ;;
+    esac
+done
+
+# Double-quote double-evaled strings.
+for var in reload_cmds \
+old_postinstall_cmds \
+old_postuninstall_cmds \
+old_archive_cmds \
+extract_expsyms_cmds \
+old_archive_from_new_cmds \
+old_archive_from_expsyms_cmds \
+archive_cmds \
+archive_expsym_cmds \
+module_cmds \
+module_expsym_cmds \
+export_symbols_cmds \
+prelink_cmds \
+postlink_cmds \
+postinstall_cmds \
+postuninstall_cmds \
+finish_cmds \
+sys_lib_search_path_spec \
+sys_lib_dlsearch_path_spec \
+reload_cmds_CXX \
+old_archive_cmds_CXX \
+old_archive_from_new_cmds_CXX \
+old_archive_from_expsyms_cmds_CXX \
+archive_cmds_CXX \
+archive_expsym_cmds_CXX \
+module_cmds_CXX \
+module_expsym_cmds_CXX \
+export_symbols_cmds_CXX \
+prelink_cmds_CXX \
+postlink_cmds_CXX; do
+    case \`eval \\\\\$ECHO \\\\""\\\\\$\$var"\\\\"\` in
+    *[\\\\\\\`\\"\\\$]*)
+      eval "lt_\$var=\\\\\\"\\\`\\\$ECHO \\"\\\$\$var\\" | \\\$SED -e \\"\\\$double_quote_subst\\" -e \\"\\\$sed_quote_subst\\" -e \\"\\\$delay_variable_subst\\"\\\`\\\\\\""
+      ;;
+    *)
+      eval "lt_\$var=\\\\\\"\\\$\$var\\\\\\""
+      ;;
+    esac
+done
+
+ac_aux_dir='$ac_aux_dir'
+xsi_shell='$xsi_shell'
+lt_shell_append='$lt_shell_append'
+
+# See if we are running on zsh, and set the options which allow our
+# commands through without removal of \ escapes INIT.
+if test -n "\${ZSH_VERSION+set}" ; then
+   setopt NO_GLOB_SUBST
+fi
+
+
+    PACKAGE='$PACKAGE'
+    VERSION='$VERSION'
+    TIMESTAMP='$TIMESTAMP'
+    RM='$RM'
+    ofile='$ofile'
+
+
+
+
+
+
+_ACEOF
+
+cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
+
+# Handling of arguments.
+for ac_config_target in $ac_config_targets
+do
+  case $ac_config_target in
+    "config.h") CONFIG_HEADERS="$CONFIG_HEADERS config.h:config.in" ;;
+    "depfiles") CONFIG_COMMANDS="$CONFIG_COMMANDS depfiles" ;;
+    "libtool") CONFIG_COMMANDS="$CONFIG_COMMANDS libtool" ;;
+    "stamp-h") CONFIG_FILES="$CONFIG_FILES stamp-h" ;;
+    "Makefile") CONFIG_FILES="$CONFIG_FILES Makefile" ;;
+    "wolfssl/version.h") CONFIG_FILES="$CONFIG_FILES wolfssl/version.h" ;;
+    "wolfssl/options.h") CONFIG_FILES="$CONFIG_FILES wolfssl/options.h" ;;
+    "support/wolfssl.pc") CONFIG_FILES="$CONFIG_FILES support/wolfssl.pc" ;;
+    "rpm/spec") CONFIG_FILES="$CONFIG_FILES rpm/spec" ;;
+
+  *) as_fn_error $? "invalid argument: \`$ac_config_target'" "$LINENO" 5;;
+  esac
+done
+
+
+# If the user did not use the arguments to specify the items to instantiate,
+# then the envvar interface is used.  Set only those that are not.
+# We use the long form for the default assignment because of an extremely
+# bizarre bug on SunOS 4.1.3.
+if $ac_need_defaults; then
+  test "${CONFIG_FILES+set}" = set || CONFIG_FILES=$config_files
+  test "${CONFIG_HEADERS+set}" = set || CONFIG_HEADERS=$config_headers
+  test "${CONFIG_COMMANDS+set}" = set || CONFIG_COMMANDS=$config_commands
+fi
+
+# Have a temporary directory for convenience.  Make it in the build tree
+# simply because there is no reason against having it here, and in addition,
+# creating and moving files from /tmp can sometimes cause problems.
+# Hook for its removal unless debugging.
+# Note that there is a small window in which the directory will not be cleaned:
+# after its creation but before its name has been assigned to `$tmp'.
+$debug ||
+{
+  tmp= ac_tmp=
+  trap 'exit_status=$?
+  : "${ac_tmp:=$tmp}"
+  { test ! -d "$ac_tmp" || rm -fr "$ac_tmp"; } && exit $exit_status
+' 0
+  trap 'as_fn_exit 1' 1 2 13 15
+}
+# Create a (secure) tmp directory for tmp files.
+
+{
+  tmp=`(umask 077 && mktemp -d "./confXXXXXX") 2>/dev/null` &&
+  test -d "$tmp"
+}  ||
+{
+  tmp=./conf$$-$RANDOM
+  (umask 077 && mkdir "$tmp")
+} || as_fn_error $? "cannot create a temporary directory in ." "$LINENO" 5
+ac_tmp=$tmp
+
+# Set up the scripts for CONFIG_FILES section.
+# No need to generate them if there are no CONFIG_FILES.
+# This happens for instance with `./config.status config.h'.
+if test -n "$CONFIG_FILES"; then
+
+
+ac_cr=`echo X | tr X '\015'`
+# On cygwin, bash can eat \r inside `` if the user requested igncr.
+# But we know of no other shell where ac_cr would be empty at this
+# point, so we can use a bashism as a fallback.
+if test "x$ac_cr" = x; then
+  eval ac_cr=\$\'\\r\'
+fi
+ac_cs_awk_cr=`$AWK 'BEGIN { print "a\rb" }' /dev/null`
+if test "$ac_cs_awk_cr" = "a${ac_cr}b"; then
+  ac_cs_awk_cr='\\r'
+else
+  ac_cs_awk_cr=$ac_cr
+fi
+
+echo 'BEGIN {' >"$ac_tmp/subs1.awk" &&
+_ACEOF
+
+
+{
+  echo "cat >conf$$subs.awk <<_ACEOF" &&
+  echo "$ac_subst_vars" | sed 's/.*/&!$&$ac_delim/' &&
+  echo "_ACEOF"
+} >conf$$subs.sh ||
+  as_fn_error $? "could not make $CONFIG_STATUS" "$LINENO" 5
+ac_delim_num=`echo "$ac_subst_vars" | grep -c '^'`
+ac_delim='%!_!# '
+for ac_last_try in false false false false false :; do
+  . ./conf$$subs.sh ||
+    as_fn_error $? "could not make $CONFIG_STATUS" "$LINENO" 5
+
+  ac_delim_n=`sed -n "s/.*$ac_delim\$/X/p" conf$$subs.awk | grep -c X`
+  if test $ac_delim_n = $ac_delim_num; then
+    break
+  elif $ac_last_try; then
+    as_fn_error $? "could not make $CONFIG_STATUS" "$LINENO" 5
+  else
+    ac_delim="$ac_delim!$ac_delim _$ac_delim!! "
+  fi
+done
+rm -f conf$$subs.sh
+
+cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
+cat >>"\$ac_tmp/subs1.awk" <<\\_ACAWK &&
+_ACEOF
+sed -n '
+h
+s/^/S["/; s/!.*/"]=/
+p
+g
+s/^[^!]*!//
+:repl
+t repl
+s/'"$ac_delim"'$//
+t delim
+:nl
+h
+s/\(.\{148\}\)..*/\1/
+t more1
+s/["\\]/\\&/g; s/^/"/; s/$/\\n"\\/
+p
+n
+b repl
+:more1
+s/["\\]/\\&/g; s/^/"/; s/$/"\\/
+p
+g
+s/.\{148\}//
+t nl
+:delim
+h
+s/\(.\{148\}\)..*/\1/
+t more2
+s/["\\]/\\&/g; s/^/"/; s/$/"/
+p
+b
+:more2
+s/["\\]/\\&/g; s/^/"/; s/$/"\\/
+p
+g
+s/.\{148\}//
+t delim
+' >$CONFIG_STATUS || ac_write_fail=1
+rm -f conf$$subs.awk
+cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
+_ACAWK
+cat >>"\$ac_tmp/subs1.awk" <<_ACAWK &&
+  for (key in S) S_is_set[key] = 1
+  FS = ""
+
+}
+{
+  line = $ 0
+  nfields = split(line, field, "@")
+  substed = 0
+  len = length(field[1])
+  for (i = 2; i < nfields; i++) {
+    key = field[i]
+    keylen = length(key)
+    if (S_is_set[key]) {
+      value = S[key]
+      line = substr(line, 1, len) "" value "" substr(line, len + keylen + 3)
+      len += length(value) + length(field[++i])
+      substed = 1
+    } else
+      len += 1 + keylen
+  }
+
+  print line
+}
+
+_ACAWK
+_ACEOF
+cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
+if sed "s/$ac_cr//" < /dev/null > /dev/null 2>&1; then
+  sed "s/$ac_cr\$//; s/$ac_cr/$ac_cs_awk_cr/g"
+else
+  cat
+fi < "$ac_tmp/subs1.awk" > "$ac_tmp/subs.awk" \
+  || as_fn_error $? "could not setup config files machinery" "$LINENO" 5
+_ACEOF
+
+# VPATH may cause trouble with some makes, so we remove sole $(srcdir),
+# ${srcdir} and @srcdir@ entries from VPATH if srcdir is ".", strip leading and
+# trailing colons and then remove the whole line if VPATH becomes empty
+# (actually we leave an empty line to preserve line numbers).
+if test "x$srcdir" = x.; then
+  ac_vpsub='/^[	 ]*VPATH[	 ]*=[	 ]*/{
+h
+s///
+s/^/:/
+s/[	 ]*$/:/
+s/:\$(srcdir):/:/g
+s/:\${srcdir}:/:/g
+s/:@srcdir@:/:/g
+s/^:*//
+s/:*$//
+x
+s/\(=[	 ]*\).*/\1/
+G
+s/\n//
+s/^[^=]*=[	 ]*$//
+}'
+fi
+
+cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
+fi # test -n "$CONFIG_FILES"
+
+# Set up the scripts for CONFIG_HEADERS section.
+# No need to generate them if there are no CONFIG_HEADERS.
+# This happens for instance with `./config.status Makefile'.
+if test -n "$CONFIG_HEADERS"; then
+cat >"$ac_tmp/defines.awk" <<\_ACAWK ||
+BEGIN {
+_ACEOF
+
+# Transform confdefs.h into an awk script `defines.awk', embedded as
+# here-document in config.status, that substitutes the proper values into
+# config.h.in to produce config.h.
+
+# Create a delimiter string that does not exist in confdefs.h, to ease
+# handling of long lines.
+ac_delim='%!_!# '
+for ac_last_try in false false :; do
+  ac_tt=`sed -n "/$ac_delim/p" confdefs.h`
+  if test -z "$ac_tt"; then
+    break
+  elif $ac_last_try; then
+    as_fn_error $? "could not make $CONFIG_HEADERS" "$LINENO" 5
+  else
+    ac_delim="$ac_delim!$ac_delim _$ac_delim!! "
+  fi
+done
+
+# For the awk script, D is an array of macro values keyed by name,
+# likewise P contains macro parameters if any.  Preserve backslash
+# newline sequences.
+
+ac_word_re=[_$as_cr_Letters][_$as_cr_alnum]*
+sed -n '
+s/.\{148\}/&'"$ac_delim"'/g
+t rset
+:rset
+s/^[	 ]*#[	 ]*define[	 ][	 ]*/ /
+t def
+d
+:def
+s/\\$//
+t bsnl
+s/["\\]/\\&/g
+s/^ \('"$ac_word_re"'\)\(([^()]*)\)[	 ]*\(.*\)/P["\1"]="\2"\
+D["\1"]=" \3"/p
+s/^ \('"$ac_word_re"'\)[	 ]*\(.*\)/D["\1"]=" \2"/p
+d
+:bsnl
+s/["\\]/\\&/g
+s/^ \('"$ac_word_re"'\)\(([^()]*)\)[	 ]*\(.*\)/P["\1"]="\2"\
+D["\1"]=" \3\\\\\\n"\\/p
+t cont
+s/^ \('"$ac_word_re"'\)[	 ]*\(.*\)/D["\1"]=" \2\\\\\\n"\\/p
+t cont
+d
+:cont
+n
+s/.\{148\}/&'"$ac_delim"'/g
+t clear
+:clear
+s/\\$//
+t bsnlc
+s/["\\]/\\&/g; s/^/"/; s/$/"/p
+d
+:bsnlc
+s/["\\]/\\&/g; s/^/"/; s/$/\\\\\\n"\\/p
+b cont
+' >$CONFIG_STATUS || ac_write_fail=1
+
+cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
+  for (key in D) D_is_set[key] = 1
+  FS = ""
+}
+/^[\t ]*#[\t ]*(define|undef)[\t ]+$ac_word_re([\t (]|\$)/ {
+  line = \$ 0
+  split(line, arg, " ")
+  if (arg[1] == "#") {
+    defundef = arg[2]
+    mac1 = arg[3]
+  } else {
+    defundef = substr(arg[1], 2)
+    mac1 = arg[2]
+  }
+  split(mac1, mac2, "(") #)
+  macro = mac2[1]
+  prefix = substr(line, 1, index(line, defundef) - 1)
+  if (D_is_set[macro]) {
+    # Preserve the white space surrounding the "#".
+    print prefix "define", macro P[macro] D[macro]
+    next
+  } else {
+    # Replace #undef with comments.  This is necessary, for example,
+    # in the case of _POSIX_SOURCE, which is predefined and required
+    # on some systems where configure will not decide to define it.
+    if (defundef == "undef") {
+      print "/*", prefix defundef, macro, "*/"
+      next
+    }
+  }
+}
+{ print }
+_ACAWK
+_ACEOF
+cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
+  as_fn_error $? "could not setup config headers machinery" "$LINENO" 5
+fi # test -n "$CONFIG_HEADERS"
+
+
+eval set X "  :F $CONFIG_FILES  :H $CONFIG_HEADERS    :C $CONFIG_COMMANDS"
+shift
+for ac_tag
+do
+  case $ac_tag in
+  :[FHLC]) ac_mode=$ac_tag; continue;;
+  esac
+  case $ac_mode$ac_tag in
+  :[FHL]*:*);;
+  :L* | :C*:*) as_fn_error $? "invalid tag \`$ac_tag'" "$LINENO" 5;;
+  :[FH]-) ac_tag=-:-;;
+  :[FH]*) ac_tag=$ac_tag:$ac_tag.in;;
+  esac
+  ac_save_IFS=$IFS
+  IFS=:
+  set x $ac_tag
+  IFS=$ac_save_IFS
+  shift
+  ac_file=$1
+  shift
+
+  case $ac_mode in
+  :L) ac_source=$1;;
+  :[FH])
+    ac_file_inputs=
+    for ac_f
+    do
+      case $ac_f in
+      -) ac_f="$ac_tmp/stdin";;
+      *) # Look for the file first in the build tree, then in the source tree
+	 # (if the path is not absolute).  The absolute path cannot be DOS-style,
+	 # because $ac_f cannot contain `:'.
+	 test -f "$ac_f" ||
+	   case $ac_f in
+	   [\\/$]*) false;;
+	   *) test -f "$srcdir/$ac_f" && ac_f="$srcdir/$ac_f";;
+	   esac ||
+	   as_fn_error 1 "cannot find input file: \`$ac_f'" "$LINENO" 5;;
+      esac
+      case $ac_f in *\'*) ac_f=`$as_echo "$ac_f" | sed "s/'/'\\\\\\\\''/g"`;; esac
+      as_fn_append ac_file_inputs " '$ac_f'"
+    done
+
+    # Let's still pretend it is `configure' which instantiates (i.e., don't
+    # use $as_me), people would be surprised to read:
+    #    /* config.h.  Generated by config.status.  */
+    configure_input='Generated from '`
+	  $as_echo "$*" | sed 's|^[^:]*/||;s|:[^:]*/|, |g'
+	`' by configure.'
+    if test x"$ac_file" != x-; then
+      configure_input="$ac_file.  $configure_input"
+      { $as_echo "$as_me:${as_lineno-$LINENO}: creating $ac_file" >&5
+$as_echo "$as_me: creating $ac_file" >&6;}
+    fi
+    # Neutralize special characters interpreted by sed in replacement strings.
+    case $configure_input in #(
+    *\&* | *\|* | *\\* )
+       ac_sed_conf_input=`$as_echo "$configure_input" |
+       sed 's/[\\\\&|]/\\\\&/g'`;; #(
+    *) ac_sed_conf_input=$configure_input;;
+    esac
+
+    case $ac_tag in
+    *:-:* | *:-) cat >"$ac_tmp/stdin" \
+      || as_fn_error $? "could not create $ac_file" "$LINENO" 5 ;;
+    esac
+    ;;
+  esac
+
+  ac_dir=`$as_dirname -- "$ac_file" ||
+$as_expr X"$ac_file" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
+	 X"$ac_file" : 'X\(//\)[^/]' \| \
+	 X"$ac_file" : 'X\(//\)$' \| \
+	 X"$ac_file" : 'X\(/\)' \| . 2>/dev/null ||
+$as_echo X"$ac_file" |
+    sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{
+	    s//\1/
+	    q
+	  }
+	  /^X\(\/\/\)[^/].*/{
+	    s//\1/
+	    q
+	  }
+	  /^X\(\/\/\)$/{
+	    s//\1/
+	    q
+	  }
+	  /^X\(\/\).*/{
+	    s//\1/
+	    q
+	  }
+	  s/.*/./; q'`
+  as_dir="$ac_dir"; as_fn_mkdir_p
+  ac_builddir=.
+
+case "$ac_dir" in
+.) ac_dir_suffix= ac_top_builddir_sub=. ac_top_build_prefix= ;;
+*)
+  ac_dir_suffix=/`$as_echo "$ac_dir" | sed 's|^\.[\\/]||'`
+  # A ".." for each directory in $ac_dir_suffix.
+  ac_top_builddir_sub=`$as_echo "$ac_dir_suffix" | sed 's|/[^\\/]*|/..|g;s|/||'`
+  case $ac_top_builddir_sub in
+  "") ac_top_builddir_sub=. ac_top_build_prefix= ;;
+  *)  ac_top_build_prefix=$ac_top_builddir_sub/ ;;
+  esac ;;
+esac
+ac_abs_top_builddir=$ac_pwd
+ac_abs_builddir=$ac_pwd$ac_dir_suffix
+# for backward compatibility:
+ac_top_builddir=$ac_top_build_prefix
+
+case $srcdir in
+  .)  # We are building in place.
+    ac_srcdir=.
+    ac_top_srcdir=$ac_top_builddir_sub
+    ac_abs_top_srcdir=$ac_pwd ;;
+  [\\/]* | ?:[\\/]* )  # Absolute name.
+    ac_srcdir=$srcdir$ac_dir_suffix;
+    ac_top_srcdir=$srcdir
+    ac_abs_top_srcdir=$srcdir ;;
+  *) # Relative name.
+    ac_srcdir=$ac_top_build_prefix$srcdir$ac_dir_suffix
+    ac_top_srcdir=$ac_top_build_prefix$srcdir
+    ac_abs_top_srcdir=$ac_pwd/$srcdir ;;
+esac
+ac_abs_srcdir=$ac_abs_top_srcdir$ac_dir_suffix
+
+
+  case $ac_mode in
+  :F)
+  #
+  # CONFIG_FILE
+  #
+
+  case $INSTALL in
+  [\\/$]* | ?:[\\/]* ) ac_INSTALL=$INSTALL ;;
+  *) ac_INSTALL=$ac_top_build_prefix$INSTALL ;;
+  esac
+  ac_MKDIR_P=$MKDIR_P
+  case $MKDIR_P in
+  [\\/$]* | ?:[\\/]* ) ;;
+  */*) ac_MKDIR_P=$ac_top_build_prefix$MKDIR_P ;;
+  esac
+_ACEOF
+
+cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
+# If the template does not know about datarootdir, expand it.
+# FIXME: This hack should be removed a few years after 2.60.
+ac_datarootdir_hack=; ac_datarootdir_seen=
+ac_sed_dataroot='
+/datarootdir/ {
+  p
+  q
+}
+/@datadir@/p
+/@docdir@/p
+/@infodir@/p
+/@localedir@/p
+/@mandir@/p'
+case `eval "sed -n \"\$ac_sed_dataroot\" $ac_file_inputs"` in
+*datarootdir*) ac_datarootdir_seen=yes;;
+*@datadir@*|*@docdir@*|*@infodir@*|*@localedir@*|*@mandir@*)
+  { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $ac_file_inputs seems to ignore the --datarootdir setting" >&5
+$as_echo "$as_me: WARNING: $ac_file_inputs seems to ignore the --datarootdir setting" >&2;}
+_ACEOF
+cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
+  ac_datarootdir_hack='
+  s&@datadir@&$datadir&g
+  s&@docdir@&$docdir&g
+  s&@infodir@&$infodir&g
+  s&@localedir@&$localedir&g
+  s&@mandir@&$mandir&g
+  s&\\\${datarootdir}&$datarootdir&g' ;;
+esac
+_ACEOF
+
+# Neutralize VPATH when `$srcdir' = `.'.
+# Shell code in configure.ac might set extrasub.
+# FIXME: do we really want to maintain this feature?
+cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
+ac_sed_extra="$ac_vpsub
+$extrasub
+_ACEOF
+cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
+:t
+/@[a-zA-Z_][a-zA-Z_0-9]*@/!b
+s|@configure_input@|$ac_sed_conf_input|;t t
+s&@top_builddir@&$ac_top_builddir_sub&;t t
+s&@top_build_prefix@&$ac_top_build_prefix&;t t
+s&@srcdir@&$ac_srcdir&;t t
+s&@abs_srcdir@&$ac_abs_srcdir&;t t
+s&@top_srcdir@&$ac_top_srcdir&;t t
+s&@abs_top_srcdir@&$ac_abs_top_srcdir&;t t
+s&@builddir@&$ac_builddir&;t t
+s&@abs_builddir@&$ac_abs_builddir&;t t
+s&@abs_top_builddir@&$ac_abs_top_builddir&;t t
+s&@INSTALL@&$ac_INSTALL&;t t
+s&@MKDIR_P@&$ac_MKDIR_P&;t t
+$ac_datarootdir_hack
+"
+eval sed \"\$ac_sed_extra\" "$ac_file_inputs" | $AWK -f "$ac_tmp/subs.awk" \
+  >$ac_tmp/out || as_fn_error $? "could not create $ac_file" "$LINENO" 5
+
+test -z "$ac_datarootdir_hack$ac_datarootdir_seen" &&
+  { ac_out=`sed -n '/\${datarootdir}/p' "$ac_tmp/out"`; test -n "$ac_out"; } &&
+  { ac_out=`sed -n '/^[	 ]*datarootdir[	 ]*:*=/p' \
+      "$ac_tmp/out"`; test -z "$ac_out"; } &&
+  { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $ac_file contains a reference to the variable \`datarootdir'
+which seems to be undefined.  Please make sure it is defined" >&5
+$as_echo "$as_me: WARNING: $ac_file contains a reference to the variable \`datarootdir'
+which seems to be undefined.  Please make sure it is defined" >&2;}
+
+  rm -f "$ac_tmp/stdin"
+  case $ac_file in
+  -) cat "$ac_tmp/out" && rm -f "$ac_tmp/out";;
+  *) rm -f "$ac_file" && mv "$ac_tmp/out" "$ac_file";;
+  esac \
+  || as_fn_error $? "could not create $ac_file" "$LINENO" 5
+ ;;
+  :H)
+  #
+  # CONFIG_HEADER
+  #
+  if test x"$ac_file" != x-; then
+    {
+      $as_echo "/* $configure_input  */" \
+      && eval '$AWK -f "$ac_tmp/defines.awk"' "$ac_file_inputs"
+    } >"$ac_tmp/config.h" \
+      || as_fn_error $? "could not create $ac_file" "$LINENO" 5
+    if diff "$ac_file" "$ac_tmp/config.h" >/dev/null 2>&1; then
+      { $as_echo "$as_me:${as_lineno-$LINENO}: $ac_file is unchanged" >&5
+$as_echo "$as_me: $ac_file is unchanged" >&6;}
+    else
+      rm -f "$ac_file"
+      mv "$ac_tmp/config.h" "$ac_file" \
+	|| as_fn_error $? "could not create $ac_file" "$LINENO" 5
+    fi
+  else
+    $as_echo "/* $configure_input  */" \
+      && eval '$AWK -f "$ac_tmp/defines.awk"' "$ac_file_inputs" \
+      || as_fn_error $? "could not create -" "$LINENO" 5
+  fi
+# Compute "$ac_file"'s index in $config_headers.
+_am_arg="$ac_file"
+_am_stamp_count=1
+for _am_header in $config_headers :; do
+  case $_am_header in
+    $_am_arg | $_am_arg:* )
+      break ;;
+    * )
+      _am_stamp_count=`expr $_am_stamp_count + 1` ;;
+  esac
+done
+echo "timestamp for $_am_arg" >`$as_dirname -- "$_am_arg" ||
+$as_expr X"$_am_arg" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
+	 X"$_am_arg" : 'X\(//\)[^/]' \| \
+	 X"$_am_arg" : 'X\(//\)$' \| \
+	 X"$_am_arg" : 'X\(/\)' \| . 2>/dev/null ||
+$as_echo X"$_am_arg" |
+    sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{
+	    s//\1/
+	    q
+	  }
+	  /^X\(\/\/\)[^/].*/{
+	    s//\1/
+	    q
+	  }
+	  /^X\(\/\/\)$/{
+	    s//\1/
+	    q
+	  }
+	  /^X\(\/\).*/{
+	    s//\1/
+	    q
+	  }
+	  s/.*/./; q'`/stamp-h$_am_stamp_count
+ ;;
+
+  :C)  { $as_echo "$as_me:${as_lineno-$LINENO}: executing $ac_file commands" >&5
+$as_echo "$as_me: executing $ac_file commands" >&6;}
+ ;;
+  esac
+
+
+  case $ac_file$ac_mode in
+    "depfiles":C) test x"$AMDEP_TRUE" != x"" || {
+  # Older Autoconf quotes --file arguments for eval, but not when files
+  # are listed without --file.  Let's play safe and only enable the eval
+  # if we detect the quoting.
+  case $CONFIG_FILES in
+  *\'*) eval set x "$CONFIG_FILES" ;;
+  *)   set x $CONFIG_FILES ;;
+  esac
+  shift
+  for mf
+  do
+    # Strip MF so we end up with the name of the file.
+    mf=`echo "$mf" | sed -e 's/:.*$//'`
+    # Check whether this is an Automake generated Makefile or not.
+    # We used to match only the files named 'Makefile.in', but
+    # some people rename them; so instead we look at the file content.
+    # Grep'ing the first line is not enough: some people post-process
+    # each Makefile.in and add a new line on top of each file to say so.
+    # Grep'ing the whole file is not good either: AIX grep has a line
+    # limit of 2048, but all sed's we know have understand at least 4000.
+    if sed -n 's,^#.*generated by automake.*,X,p' "$mf" | grep X >/dev/null 2>&1; then
+      dirpart=`$as_dirname -- "$mf" ||
+$as_expr X"$mf" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
+	 X"$mf" : 'X\(//\)[^/]' \| \
+	 X"$mf" : 'X\(//\)$' \| \
+	 X"$mf" : 'X\(/\)' \| . 2>/dev/null ||
+$as_echo X"$mf" |
+    sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{
+	    s//\1/
+	    q
+	  }
+	  /^X\(\/\/\)[^/].*/{
+	    s//\1/
+	    q
+	  }
+	  /^X\(\/\/\)$/{
+	    s//\1/
+	    q
+	  }
+	  /^X\(\/\).*/{
+	    s//\1/
+	    q
+	  }
+	  s/.*/./; q'`
+    else
+      continue
+    fi
+    # Extract the definition of DEPDIR, am__include, and am__quote
+    # from the Makefile without running 'make'.
+    DEPDIR=`sed -n 's/^DEPDIR = //p' < "$mf"`
+    test -z "$DEPDIR" && continue
+    am__include=`sed -n 's/^am__include = //p' < "$mf"`
+    test -z "$am__include" && continue
+    am__quote=`sed -n 's/^am__quote = //p' < "$mf"`
+    # Find all dependency output files, they are included files with
+    # $(DEPDIR) in their names.  We invoke sed twice because it is the
+    # simplest approach to changing $(DEPDIR) to its actual value in the
+    # expansion.
+    for file in `sed -n "
+      s/^$am__include $am__quote\(.*(DEPDIR).*\)$am__quote"'$/\1/p' <"$mf" | \
+	 sed -e 's/\$(DEPDIR)/'"$DEPDIR"'/g'`; do
+      # Make sure the directory exists.
+      test -f "$dirpart/$file" && continue
+      fdir=`$as_dirname -- "$file" ||
+$as_expr X"$file" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
+	 X"$file" : 'X\(//\)[^/]' \| \
+	 X"$file" : 'X\(//\)$' \| \
+	 X"$file" : 'X\(/\)' \| . 2>/dev/null ||
+$as_echo X"$file" |
+    sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{
+	    s//\1/
+	    q
+	  }
+	  /^X\(\/\/\)[^/].*/{
+	    s//\1/
+	    q
+	  }
+	  /^X\(\/\/\)$/{
+	    s//\1/
+	    q
+	  }
+	  /^X\(\/\).*/{
+	    s//\1/
+	    q
+	  }
+	  s/.*/./; q'`
+      as_dir=$dirpart/$fdir; as_fn_mkdir_p
+      # echo "creating $dirpart/$file"
+      echo '# dummy' > "$dirpart/$file"
+    done
+  done
+}
+ ;;
+    "libtool":C)
+
+    # See if we are running on zsh, and set the options which allow our
+    # commands through without removal of \ escapes.
+    if test -n "${ZSH_VERSION+set}" ; then
+      setopt NO_GLOB_SUBST
+    fi
+
+    cfgfile="${ofile}T"
+    trap "$RM \"$cfgfile\"; exit 1" 1 2 15
+    $RM "$cfgfile"
+
+    cat <<_LT_EOF >> "$cfgfile"
+#! $SHELL
+
+# `$ECHO "$ofile" | sed 's%^.*/%%'` - Provide generalized library-building support services.
+# Generated automatically by $as_me ($PACKAGE$TIMESTAMP) $VERSION
+# Libtool was configured on host `(hostname || uname -n) 2>/dev/null | sed 1q`:
+# NOTE: Changes made to this file will be lost: look at ltmain.sh.
+#
+#   Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2003, 2004, 2005,
+#                 2006, 2007, 2008, 2009, 2010, 2011 Free Software
+#                 Foundation, Inc.
+#   Written by Gordon Matzigkeit, 1996
+#
+#   This file is part of GNU Libtool.
+#
+# GNU Libtool is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License as
+# published by the Free Software Foundation; either version 2 of
+# the License, or (at your option) any later version.
+#
+# As a special exception to the GNU General Public License,
+# if you distribute this file as part of a program or library that
+# is built using GNU Libtool, you may include this file under the
+# same distribution terms that you use for the rest of that program.
+#
+# GNU Libtool is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with GNU Libtool; see the file COPYING.  If not, a copy
+# can be downloaded from http://www.gnu.org/licenses/gpl.html, or
+# obtained by writing to the Free Software Foundation, Inc.,
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+
+
+# The names of the tagged configurations supported by this script.
+available_tags="CXX "
+
+# ### BEGIN LIBTOOL CONFIG
+
+# Which release of libtool.m4 was used?
+macro_version=$macro_version
+macro_revision=$macro_revision
+
+# Whether or not to build static libraries.
+build_old_libs=$enable_static
+
+# Whether or not to build shared libraries.
+build_libtool_libs=$enable_shared
+
+# What type of objects to build.
+pic_mode=$pic_mode
+
+# Whether or not to optimize for fast installation.
+fast_install=$enable_fast_install
+
+# Shell to use when invoking shell scripts.
+SHELL=$lt_SHELL
+
+# An echo program that protects backslashes.
+ECHO=$lt_ECHO
+
+# The PATH separator for the build system.
+PATH_SEPARATOR=$lt_PATH_SEPARATOR
+
+# The host system.
+host_alias=$host_alias
+host=$host
+host_os=$host_os
+
+# The build system.
+build_alias=$build_alias
+build=$build
+build_os=$build_os
+
+# A sed program that does not truncate output.
+SED=$lt_SED
+
+# Sed that helps us avoid accidentally triggering echo(1) options like -n.
+Xsed="\$SED -e 1s/^X//"
+
+# A grep program that handles long lines.
+GREP=$lt_GREP
+
+# An ERE matcher.
+EGREP=$lt_EGREP
+
+# A literal string matcher.
+FGREP=$lt_FGREP
+
+# A BSD- or MS-compatible name lister.
+NM=$lt_NM
+
+# Whether we need soft or hard links.
+LN_S=$lt_LN_S
+
+# What is the maximum length of a command?
+max_cmd_len=$max_cmd_len
+
+# Object file suffix (normally "o").
+objext=$ac_objext
+
+# Executable file suffix (normally "").
+exeext=$exeext
+
+# whether the shell understands "unset".
+lt_unset=$lt_unset
+
+# turn spaces into newlines.
+SP2NL=$lt_lt_SP2NL
+
+# turn newlines into spaces.
+NL2SP=$lt_lt_NL2SP
+
+# convert \$build file names to \$host format.
+to_host_file_cmd=$lt_cv_to_host_file_cmd
+
+# convert \$build files to toolchain format.
+to_tool_file_cmd=$lt_cv_to_tool_file_cmd
+
+# An object symbol dumper.
+OBJDUMP=$lt_OBJDUMP
+
+# Method to check whether dependent libraries are shared objects.
+deplibs_check_method=$lt_deplibs_check_method
+
+# Command to use when deplibs_check_method = "file_magic".
+file_magic_cmd=$lt_file_magic_cmd
+
+# How to find potential files when deplibs_check_method = "file_magic".
+file_magic_glob=$lt_file_magic_glob
+
+# Find potential files using nocaseglob when deplibs_check_method = "file_magic".
+want_nocaseglob=$lt_want_nocaseglob
+
+# DLL creation program.
+DLLTOOL=$lt_DLLTOOL
+
+# Command to associate shared and link libraries.
+sharedlib_from_linklib_cmd=$lt_sharedlib_from_linklib_cmd
+
+# The archiver.
+AR=$lt_AR
+
+# Flags to create an archive.
+AR_FLAGS=$lt_AR_FLAGS
+
+# How to feed a file listing to the archiver.
+archiver_list_spec=$lt_archiver_list_spec
+
+# A symbol stripping program.
+STRIP=$lt_STRIP
+
+# Commands used to install an old-style archive.
+RANLIB=$lt_RANLIB
+old_postinstall_cmds=$lt_old_postinstall_cmds
+old_postuninstall_cmds=$lt_old_postuninstall_cmds
+
+# Whether to use a lock for old archive extraction.
+lock_old_archive_extraction=$lock_old_archive_extraction
+
+# A C compiler.
+LTCC=$lt_CC
+
+# LTCC compiler flags.
+LTCFLAGS=$lt_CFLAGS
+
+# Take the output of nm and produce a listing of raw symbols and C names.
+global_symbol_pipe=$lt_lt_cv_sys_global_symbol_pipe
+
+# Transform the output of nm in a proper C declaration.
+global_symbol_to_cdecl=$lt_lt_cv_sys_global_symbol_to_cdecl
+
+# Transform the output of nm in a C name address pair.
+global_symbol_to_c_name_address=$lt_lt_cv_sys_global_symbol_to_c_name_address
+
+# Transform the output of nm in a C name address pair when lib prefix is needed.
+global_symbol_to_c_name_address_lib_prefix=$lt_lt_cv_sys_global_symbol_to_c_name_address_lib_prefix
+
+# Specify filename containing input files for \$NM.
+nm_file_list_spec=$lt_nm_file_list_spec
+
+# The root where to search for dependent libraries,and in which our libraries should be installed.
+lt_sysroot=$lt_sysroot
+
+# The name of the directory that contains temporary libtool files.
+objdir=$objdir
+
+# Used to examine libraries when file_magic_cmd begins with "file".
+MAGIC_CMD=$MAGIC_CMD
+
+# Must we lock files when doing compilation?
+need_locks=$lt_need_locks
+
+# Manifest tool.
+MANIFEST_TOOL=$lt_MANIFEST_TOOL
+
+# Tool to manipulate archived DWARF debug symbol files on Mac OS X.
+DSYMUTIL=$lt_DSYMUTIL
+
+# Tool to change global to local symbols on Mac OS X.
+NMEDIT=$lt_NMEDIT
+
+# Tool to manipulate fat objects and archives on Mac OS X.
+LIPO=$lt_LIPO
+
+# ldd/readelf like tool for Mach-O binaries on Mac OS X.
+OTOOL=$lt_OTOOL
+
+# ldd/readelf like tool for 64 bit Mach-O binaries on Mac OS X 10.4.
+OTOOL64=$lt_OTOOL64
+
+# Old archive suffix (normally "a").
+libext=$libext
+
+# Shared library suffix (normally ".so").
+shrext_cmds=$lt_shrext_cmds
+
+# The commands to extract the exported symbol list from a shared archive.
+extract_expsyms_cmds=$lt_extract_expsyms_cmds
+
+# Variables whose values should be saved in libtool wrapper scripts and
+# restored at link time.
+variables_saved_for_relink=$lt_variables_saved_for_relink
+
+# Do we need the "lib" prefix for modules?
+need_lib_prefix=$need_lib_prefix
+
+# Do we need a version for libraries?
+need_version=$need_version
+
+# Library versioning type.
+version_type=$version_type
+
+# Shared library runtime path variable.
+runpath_var=$runpath_var
+
+# Shared library path variable.
+shlibpath_var=$shlibpath_var
+
+# Is shlibpath searched before the hard-coded library search path?
+shlibpath_overrides_runpath=$shlibpath_overrides_runpath
+
+# Format of library name prefix.
+libname_spec=$lt_libname_spec
+
+# List of archive names.  First name is the real one, the rest are links.
+# The last name is the one that the linker finds with -lNAME
+library_names_spec=$lt_library_names_spec
+
+# The coded name of the library, if different from the real name.
+soname_spec=$lt_soname_spec
+
+# Permission mode override for installation of shared libraries.
+install_override_mode=$lt_install_override_mode
+
+# Command to use after installation of a shared archive.
+postinstall_cmds=$lt_postinstall_cmds
+
+# Command to use after uninstallation of a shared archive.
+postuninstall_cmds=$lt_postuninstall_cmds
+
+# Commands used to finish a libtool library installation in a directory.
+finish_cmds=$lt_finish_cmds
+
+# As "finish_cmds", except a single script fragment to be evaled but
+# not shown.
+finish_eval=$lt_finish_eval
+
+# Whether we should hardcode library paths into libraries.
+hardcode_into_libs=$hardcode_into_libs
+
+# Compile-time system search path for libraries.
+sys_lib_search_path_spec=$lt_sys_lib_search_path_spec
+
+# Run-time system search path for libraries.
+sys_lib_dlsearch_path_spec=$lt_sys_lib_dlsearch_path_spec
+
+# Whether dlopen is supported.
+dlopen_support=$enable_dlopen
+
+# Whether dlopen of programs is supported.
+dlopen_self=$enable_dlopen_self
+
+# Whether dlopen of statically linked programs is supported.
+dlopen_self_static=$enable_dlopen_self_static
+
+# Commands to strip libraries.
+old_striplib=$lt_old_striplib
+striplib=$lt_striplib
+
+
+# The linker used to build libraries.
+LD=$lt_LD
+
+# How to create reloadable object files.
+reload_flag=$lt_reload_flag
+reload_cmds=$lt_reload_cmds
+
+# Commands used to build an old-style archive.
+old_archive_cmds=$lt_old_archive_cmds
+
+# A language specific compiler.
+CC=$lt_compiler
+
+# Is the compiler the GNU compiler?
+with_gcc=$GCC
+
+# Compiler flag to turn off builtin functions.
+no_builtin_flag=$lt_lt_prog_compiler_no_builtin_flag
+
+# Additional compiler flags for building library objects.
+pic_flag=$lt_lt_prog_compiler_pic
+
+# How to pass a linker flag through the compiler.
+wl=$lt_lt_prog_compiler_wl
+
+# Compiler flag to prevent dynamic linking.
+link_static_flag=$lt_lt_prog_compiler_static
+
+# Does compiler simultaneously support -c and -o options?
+compiler_c_o=$lt_lt_cv_prog_compiler_c_o
+
+# Whether or not to add -lc for building shared libraries.
+build_libtool_need_lc=$archive_cmds_need_lc
+
+# Whether or not to disallow shared libs when runtime libs are static.
+allow_libtool_libs_with_static_runtimes=$enable_shared_with_static_runtimes
+
+# Compiler flag to allow reflexive dlopens.
+export_dynamic_flag_spec=$lt_export_dynamic_flag_spec
+
+# Compiler flag to generate shared objects directly from archives.
+whole_archive_flag_spec=$lt_whole_archive_flag_spec
+
+# Whether the compiler copes with passing no objects directly.
+compiler_needs_object=$lt_compiler_needs_object
+
+# Create an old-style archive from a shared archive.
+old_archive_from_new_cmds=$lt_old_archive_from_new_cmds
+
+# Create a temporary old-style archive to link instead of a shared archive.
+old_archive_from_expsyms_cmds=$lt_old_archive_from_expsyms_cmds
+
+# Commands used to build a shared archive.
+archive_cmds=$lt_archive_cmds
+archive_expsym_cmds=$lt_archive_expsym_cmds
+
+# Commands used to build a loadable module if different from building
+# a shared archive.
+module_cmds=$lt_module_cmds
+module_expsym_cmds=$lt_module_expsym_cmds
+
+# Whether we are building with GNU ld or not.
+with_gnu_ld=$lt_with_gnu_ld
+
+# Flag that allows shared libraries with undefined symbols to be built.
+allow_undefined_flag=$lt_allow_undefined_flag
+
+# Flag that enforces no undefined symbols.
+no_undefined_flag=$lt_no_undefined_flag
+
+# Flag to hardcode \$libdir into a binary during linking.
+# This must work even if \$libdir does not exist
+hardcode_libdir_flag_spec=$lt_hardcode_libdir_flag_spec
+
+# Whether we need a single "-rpath" flag with a separated argument.
+hardcode_libdir_separator=$lt_hardcode_libdir_separator
+
+# Set to "yes" if using DIR/libNAME\${shared_ext} during linking hardcodes
+# DIR into the resulting binary.
+hardcode_direct=$hardcode_direct
+
+# Set to "yes" if using DIR/libNAME\${shared_ext} during linking hardcodes
+# DIR into the resulting binary and the resulting library dependency is
+# "absolute",i.e impossible to change by setting \${shlibpath_var} if the
+# library is relocated.
+hardcode_direct_absolute=$hardcode_direct_absolute
+
+# Set to "yes" if using the -LDIR flag during linking hardcodes DIR
+# into the resulting binary.
+hardcode_minus_L=$hardcode_minus_L
+
+# Set to "yes" if using SHLIBPATH_VAR=DIR during linking hardcodes DIR
+# into the resulting binary.
+hardcode_shlibpath_var=$hardcode_shlibpath_var
+
+# Set to "yes" if building a shared library automatically hardcodes DIR
+# into the library and all subsequent libraries and executables linked
+# against it.
+hardcode_automatic=$hardcode_automatic
+
+# Set to yes if linker adds runtime paths of dependent libraries
+# to runtime path list.
+inherit_rpath=$inherit_rpath
+
+# Whether libtool must link a program against all its dependency libraries.
+link_all_deplibs=$link_all_deplibs
+
+# Set to "yes" if exported symbols are required.
+always_export_symbols=$always_export_symbols
+
+# The commands to list exported symbols.
+export_symbols_cmds=$lt_export_symbols_cmds
+
+# Symbols that should not be listed in the preloaded symbols.
+exclude_expsyms=$lt_exclude_expsyms
+
+# Symbols that must always be exported.
+include_expsyms=$lt_include_expsyms
+
+# Commands necessary for linking programs (against libraries) with templates.
+prelink_cmds=$lt_prelink_cmds
+
+# Commands necessary for finishing linking programs.
+postlink_cmds=$lt_postlink_cmds
+
+# Specify filename containing input files.
+file_list_spec=$lt_file_list_spec
+
+# How to hardcode a shared library path into an executable.
+hardcode_action=$hardcode_action
+
+# The directories searched by this compiler when creating a shared library.
+compiler_lib_search_dirs=$lt_compiler_lib_search_dirs
+
+# Dependencies to place before and after the objects being linked to
+# create a shared library.
+predep_objects=$lt_predep_objects
+postdep_objects=$lt_postdep_objects
+predeps=$lt_predeps
+postdeps=$lt_postdeps
+
+# The library search path used internally by the compiler when linking
+# a shared library.
+compiler_lib_search_path=$lt_compiler_lib_search_path
+
+# ### END LIBTOOL CONFIG
+
+_LT_EOF
+
+  case $host_os in
+  aix3*)
+    cat <<\_LT_EOF >> "$cfgfile"
+# AIX sometimes has problems with the GCC collect2 program.  For some
+# reason, if we set the COLLECT_NAMES environment variable, the problems
+# vanish in a puff of smoke.
+if test "X${COLLECT_NAMES+set}" != Xset; then
+  COLLECT_NAMES=
+  export COLLECT_NAMES
+fi
+_LT_EOF
+    ;;
+  esac
+
+
+ltmain="$ac_aux_dir/ltmain.sh"
+
+
+  # We use sed instead of cat because bash on DJGPP gets confused if
+  # if finds mixed CR/LF and LF-only lines.  Since sed operates in
+  # text mode, it properly converts lines to CR/LF.  This bash problem
+  # is reportedly fixed, but why not run on old versions too?
+  sed '$q' "$ltmain" >> "$cfgfile" \
+     || (rm -f "$cfgfile"; exit 1)
+
+  if test x"$xsi_shell" = xyes; then
+  sed -e '/^func_dirname ()$/,/^} # func_dirname /c\
+func_dirname ()\
+{\
+\    case ${1} in\
+\      */*) func_dirname_result="${1%/*}${2}" ;;\
+\      *  ) func_dirname_result="${3}" ;;\
+\    esac\
+} # Extended-shell func_dirname implementation' "$cfgfile" > $cfgfile.tmp \
+  && mv -f "$cfgfile.tmp" "$cfgfile" \
+    || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp")
+test 0 -eq $? || _lt_function_replace_fail=:
+
+
+  sed -e '/^func_basename ()$/,/^} # func_basename /c\
+func_basename ()\
+{\
+\    func_basename_result="${1##*/}"\
+} # Extended-shell func_basename implementation' "$cfgfile" > $cfgfile.tmp \
+  && mv -f "$cfgfile.tmp" "$cfgfile" \
+    || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp")
+test 0 -eq $? || _lt_function_replace_fail=:
+
+
+  sed -e '/^func_dirname_and_basename ()$/,/^} # func_dirname_and_basename /c\
+func_dirname_and_basename ()\
+{\
+\    case ${1} in\
+\      */*) func_dirname_result="${1%/*}${2}" ;;\
+\      *  ) func_dirname_result="${3}" ;;\
+\    esac\
+\    func_basename_result="${1##*/}"\
+} # Extended-shell func_dirname_and_basename implementation' "$cfgfile" > $cfgfile.tmp \
+  && mv -f "$cfgfile.tmp" "$cfgfile" \
+    || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp")
+test 0 -eq $? || _lt_function_replace_fail=:
+
+
+  sed -e '/^func_stripname ()$/,/^} # func_stripname /c\
+func_stripname ()\
+{\
+\    # pdksh 5.2.14 does not do ${X%$Y} correctly if both X and Y are\
+\    # positional parameters, so assign one to ordinary parameter first.\
+\    func_stripname_result=${3}\
+\    func_stripname_result=${func_stripname_result#"${1}"}\
+\    func_stripname_result=${func_stripname_result%"${2}"}\
+} # Extended-shell func_stripname implementation' "$cfgfile" > $cfgfile.tmp \
+  && mv -f "$cfgfile.tmp" "$cfgfile" \
+    || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp")
+test 0 -eq $? || _lt_function_replace_fail=:
+
+
+  sed -e '/^func_split_long_opt ()$/,/^} # func_split_long_opt /c\
+func_split_long_opt ()\
+{\
+\    func_split_long_opt_name=${1%%=*}\
+\    func_split_long_opt_arg=${1#*=}\
+} # Extended-shell func_split_long_opt implementation' "$cfgfile" > $cfgfile.tmp \
+  && mv -f "$cfgfile.tmp" "$cfgfile" \
+    || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp")
+test 0 -eq $? || _lt_function_replace_fail=:
+
+
+  sed -e '/^func_split_short_opt ()$/,/^} # func_split_short_opt /c\
+func_split_short_opt ()\
+{\
+\    func_split_short_opt_arg=${1#??}\
+\    func_split_short_opt_name=${1%"$func_split_short_opt_arg"}\
+} # Extended-shell func_split_short_opt implementation' "$cfgfile" > $cfgfile.tmp \
+  && mv -f "$cfgfile.tmp" "$cfgfile" \
+    || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp")
+test 0 -eq $? || _lt_function_replace_fail=:
+
+
+  sed -e '/^func_lo2o ()$/,/^} # func_lo2o /c\
+func_lo2o ()\
+{\
+\    case ${1} in\
+\      *.lo) func_lo2o_result=${1%.lo}.${objext} ;;\
+\      *)    func_lo2o_result=${1} ;;\
+\    esac\
+} # Extended-shell func_lo2o implementation' "$cfgfile" > $cfgfile.tmp \
+  && mv -f "$cfgfile.tmp" "$cfgfile" \
+    || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp")
+test 0 -eq $? || _lt_function_replace_fail=:
+
+
+  sed -e '/^func_xform ()$/,/^} # func_xform /c\
+func_xform ()\
+{\
+    func_xform_result=${1%.*}.lo\
+} # Extended-shell func_xform implementation' "$cfgfile" > $cfgfile.tmp \
+  && mv -f "$cfgfile.tmp" "$cfgfile" \
+    || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp")
+test 0 -eq $? || _lt_function_replace_fail=:
+
+
+  sed -e '/^func_arith ()$/,/^} # func_arith /c\
+func_arith ()\
+{\
+    func_arith_result=$(( $* ))\
+} # Extended-shell func_arith implementation' "$cfgfile" > $cfgfile.tmp \
+  && mv -f "$cfgfile.tmp" "$cfgfile" \
+    || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp")
+test 0 -eq $? || _lt_function_replace_fail=:
+
+
+  sed -e '/^func_len ()$/,/^} # func_len /c\
+func_len ()\
+{\
+    func_len_result=${#1}\
+} # Extended-shell func_len implementation' "$cfgfile" > $cfgfile.tmp \
+  && mv -f "$cfgfile.tmp" "$cfgfile" \
+    || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp")
+test 0 -eq $? || _lt_function_replace_fail=:
+
+fi
+
+if test x"$lt_shell_append" = xyes; then
+  sed -e '/^func_append ()$/,/^} # func_append /c\
+func_append ()\
+{\
+    eval "${1}+=\\${2}"\
+} # Extended-shell func_append implementation' "$cfgfile" > $cfgfile.tmp \
+  && mv -f "$cfgfile.tmp" "$cfgfile" \
+    || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp")
+test 0 -eq $? || _lt_function_replace_fail=:
+
+
+  sed -e '/^func_append_quoted ()$/,/^} # func_append_quoted /c\
+func_append_quoted ()\
+{\
+\    func_quote_for_eval "${2}"\
+\    eval "${1}+=\\\\ \\$func_quote_for_eval_result"\
+} # Extended-shell func_append_quoted implementation' "$cfgfile" > $cfgfile.tmp \
+  && mv -f "$cfgfile.tmp" "$cfgfile" \
+    || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp")
+test 0 -eq $? || _lt_function_replace_fail=:
+
+
+  # Save a `func_append' function call where possible by direct use of '+='
+  sed -e 's%func_append \([a-zA-Z_]\{1,\}\) "%\1+="%g' $cfgfile > $cfgfile.tmp \
+    && mv -f "$cfgfile.tmp" "$cfgfile" \
+      || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp")
+  test 0 -eq $? || _lt_function_replace_fail=:
+else
+  # Save a `func_append' function call even when '+=' is not available
+  sed -e 's%func_append \([a-zA-Z_]\{1,\}\) "%\1="$\1%g' $cfgfile > $cfgfile.tmp \
+    && mv -f "$cfgfile.tmp" "$cfgfile" \
+      || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp")
+  test 0 -eq $? || _lt_function_replace_fail=:
+fi
+
+if test x"$_lt_function_replace_fail" = x":"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: Unable to substitute extended shell functions in $ofile" >&5
+$as_echo "$as_me: WARNING: Unable to substitute extended shell functions in $ofile" >&2;}
+fi
+
+
+   mv -f "$cfgfile" "$ofile" ||
+    (rm -f "$ofile" && cp "$cfgfile" "$ofile" && rm -f "$cfgfile")
+  chmod +x "$ofile"
+
+
+    cat <<_LT_EOF >> "$ofile"
+
+# ### BEGIN LIBTOOL TAG CONFIG: CXX
+
+# The linker used to build libraries.
+LD=$lt_LD_CXX
+
+# How to create reloadable object files.
+reload_flag=$lt_reload_flag_CXX
+reload_cmds=$lt_reload_cmds_CXX
+
+# Commands used to build an old-style archive.
+old_archive_cmds=$lt_old_archive_cmds_CXX
+
+# A language specific compiler.
+CC=$lt_compiler_CXX
+
+# Is the compiler the GNU compiler?
+with_gcc=$GCC_CXX
+
+# Compiler flag to turn off builtin functions.
+no_builtin_flag=$lt_lt_prog_compiler_no_builtin_flag_CXX
+
+# Additional compiler flags for building library objects.
+pic_flag=$lt_lt_prog_compiler_pic_CXX
+
+# How to pass a linker flag through the compiler.
+wl=$lt_lt_prog_compiler_wl_CXX
+
+# Compiler flag to prevent dynamic linking.
+link_static_flag=$lt_lt_prog_compiler_static_CXX
+
+# Does compiler simultaneously support -c and -o options?
+compiler_c_o=$lt_lt_cv_prog_compiler_c_o_CXX
+
+# Whether or not to add -lc for building shared libraries.
+build_libtool_need_lc=$archive_cmds_need_lc_CXX
+
+# Whether or not to disallow shared libs when runtime libs are static.
+allow_libtool_libs_with_static_runtimes=$enable_shared_with_static_runtimes_CXX
+
+# Compiler flag to allow reflexive dlopens.
+export_dynamic_flag_spec=$lt_export_dynamic_flag_spec_CXX
+
+# Compiler flag to generate shared objects directly from archives.
+whole_archive_flag_spec=$lt_whole_archive_flag_spec_CXX
+
+# Whether the compiler copes with passing no objects directly.
+compiler_needs_object=$lt_compiler_needs_object_CXX
+
+# Create an old-style archive from a shared archive.
+old_archive_from_new_cmds=$lt_old_archive_from_new_cmds_CXX
+
+# Create a temporary old-style archive to link instead of a shared archive.
+old_archive_from_expsyms_cmds=$lt_old_archive_from_expsyms_cmds_CXX
+
+# Commands used to build a shared archive.
+archive_cmds=$lt_archive_cmds_CXX
+archive_expsym_cmds=$lt_archive_expsym_cmds_CXX
+
+# Commands used to build a loadable module if different from building
+# a shared archive.
+module_cmds=$lt_module_cmds_CXX
+module_expsym_cmds=$lt_module_expsym_cmds_CXX
+
+# Whether we are building with GNU ld or not.
+with_gnu_ld=$lt_with_gnu_ld_CXX
+
+# Flag that allows shared libraries with undefined symbols to be built.
+allow_undefined_flag=$lt_allow_undefined_flag_CXX
+
+# Flag that enforces no undefined symbols.
+no_undefined_flag=$lt_no_undefined_flag_CXX
+
+# Flag to hardcode \$libdir into a binary during linking.
+# This must work even if \$libdir does not exist
+hardcode_libdir_flag_spec=$lt_hardcode_libdir_flag_spec_CXX
+
+# Whether we need a single "-rpath" flag with a separated argument.
+hardcode_libdir_separator=$lt_hardcode_libdir_separator_CXX
+
+# Set to "yes" if using DIR/libNAME\${shared_ext} during linking hardcodes
+# DIR into the resulting binary.
+hardcode_direct=$hardcode_direct_CXX
+
+# Set to "yes" if using DIR/libNAME\${shared_ext} during linking hardcodes
+# DIR into the resulting binary and the resulting library dependency is
+# "absolute",i.e impossible to change by setting \${shlibpath_var} if the
+# library is relocated.
+hardcode_direct_absolute=$hardcode_direct_absolute_CXX
+
+# Set to "yes" if using the -LDIR flag during linking hardcodes DIR
+# into the resulting binary.
+hardcode_minus_L=$hardcode_minus_L_CXX
+
+# Set to "yes" if using SHLIBPATH_VAR=DIR during linking hardcodes DIR
+# into the resulting binary.
+hardcode_shlibpath_var=$hardcode_shlibpath_var_CXX
+
+# Set to "yes" if building a shared library automatically hardcodes DIR
+# into the library and all subsequent libraries and executables linked
+# against it.
+hardcode_automatic=$hardcode_automatic_CXX
+
+# Set to yes if linker adds runtime paths of dependent libraries
+# to runtime path list.
+inherit_rpath=$inherit_rpath_CXX
+
+# Whether libtool must link a program against all its dependency libraries.
+link_all_deplibs=$link_all_deplibs_CXX
+
+# Set to "yes" if exported symbols are required.
+always_export_symbols=$always_export_symbols_CXX
+
+# The commands to list exported symbols.
+export_symbols_cmds=$lt_export_symbols_cmds_CXX
+
+# Symbols that should not be listed in the preloaded symbols.
+exclude_expsyms=$lt_exclude_expsyms_CXX
+
+# Symbols that must always be exported.
+include_expsyms=$lt_include_expsyms_CXX
+
+# Commands necessary for linking programs (against libraries) with templates.
+prelink_cmds=$lt_prelink_cmds_CXX
+
+# Commands necessary for finishing linking programs.
+postlink_cmds=$lt_postlink_cmds_CXX
+
+# Specify filename containing input files.
+file_list_spec=$lt_file_list_spec_CXX
+
+# How to hardcode a shared library path into an executable.
+hardcode_action=$hardcode_action_CXX
+
+# The directories searched by this compiler when creating a shared library.
+compiler_lib_search_dirs=$lt_compiler_lib_search_dirs_CXX
+
+# Dependencies to place before and after the objects being linked to
+# create a shared library.
+predep_objects=$lt_predep_objects_CXX
+postdep_objects=$lt_postdep_objects_CXX
+predeps=$lt_predeps_CXX
+postdeps=$lt_postdeps_CXX
+
+# The library search path used internally by the compiler when linking
+# a shared library.
+compiler_lib_search_path=$lt_compiler_lib_search_path_CXX
+
+# ### END LIBTOOL TAG CONFIG: CXX
+_LT_EOF
+
+ ;;
+    "stamp-h":F) echo timestamp > stamp-h ;;
+
+  esac
+done # for ac_tag
+
+
+as_fn_exit 0
+_ACEOF
+ac_clean_files=$ac_clean_files_save
+
+test $ac_write_fail = 0 ||
+  as_fn_error $? "write failure creating $CONFIG_STATUS" "$LINENO" 5
+
+
+# configure is writing to config.log, and then calls config.status.
+# config.status does its own redirection, appending to config.log.
+# Unfortunately, on DOS this fails, as config.log is still kept open
+# by configure, so config.status won't be able to write to it; its
+# output is simply discarded.  So we exec the FD to /dev/null,
+# effectively closing config.log, so it can be properly (re)opened and
+# appended to by config.status.  When coming back to configure, we
+# need to make the FD available again.
+if test "$no_create" != yes; then
+  ac_cs_success=:
+  ac_config_status_args=
+  test "$silent" = yes &&
+    ac_config_status_args="$ac_config_status_args --quiet"
+  exec 5>/dev/null
+  $SHELL $CONFIG_STATUS $ac_config_status_args || ac_cs_success=false
+  exec 5>>config.log
+  # Use ||, not &&, to avoid exiting from the if with $? = 1, which
+  # would make configure fail if this is the last instruction.
+  $ac_cs_success || as_fn_exit 1
+fi
+if test -n "$ac_unrecognized_opts" && test "$enable_option_checking" != no; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: unrecognized options: $ac_unrecognized_opts" >&5
+$as_echo "$as_me: WARNING: unrecognized options: $ac_unrecognized_opts" >&2;}
+fi
+
+
+
+# force make clean
+echo "---"
+echo "Running make clean..."
+make clean >/dev/null 2>&1
+# Touch files that may not be in repository
+echo "Touching File..."
+touch ctaocrypt/src/fips.c
+touch ctaocrypt/src/fips_test.c
+echo
+
+# generate user options header
+echo "---"
+echo "Generating user options header..."
+
+OPTION_FILE="wolfssl/options.h"
+#if
+#OPTION_FILE+="cyassl/options.h"
+#fi
+rm -f $OPTION_FILE
+
+echo "/* wolfssl options.h" > $OPTION_FILE
+echo " * generated from configure options" >> $OPTION_FILE
+echo " *" >> $OPTION_FILE
+echo " * Copyright (C) 2006-2015 wolfSSL Inc." >> $OPTION_FILE
+echo " *" >> $OPTION_FILE
+echo " * This file is part of wolfSSL. (formerly known as CyaSSL)" >> $OPTION_FILE
+echo " *" >> $OPTION_FILE
+echo " */" >> $OPTION_FILE
+
+echo "" >> $OPTION_FILE
+echo "#pragma once" >> $OPTION_FILE
+echo "" >> $OPTION_FILE
+echo "#ifdef __cplusplus" >> $OPTION_FILE
+echo "extern \"C\" {" >> $OPTION_FILE
+echo "#endif" >> $OPTION_FILE
+echo "" >> $OPTION_FILE
+
+for option in $OPTION_FLAGS; do
+    defonly=`echo $option | sed 's/-D//'`
+    if test "$defonly" != "$option"
+    then
+        noequalsign=`echo $defonly | sed 's/=/ /'`
+        echo "#undef  $noequalsign" >> $OPTION_FILE
+        echo "#define $noequalsign" >> $OPTION_FILE
+        echo "" >> $OPTION_FILE
+    else
+        echo "option w/o begin -D is $option, not saving to $OPTION_FILE"
+    fi
+done
+
+echo "" >> $OPTION_FILE
+echo "#ifdef __cplusplus" >> $OPTION_FILE
+echo "}" >> $OPTION_FILE
+echo "#endif" >> $OPTION_FILE
+echo "" >> $OPTION_FILE
+echo
+
+#backwards compatability for those who have included options or version
+touch cyassl/options.h
+echo "/* cyassl options.h" > cyassl/options.h
+echo " * generated from wolfssl/options.h" >> cyassl/options.h
+echo " */" >> cyassl/options.h
+echo ""
+while read -r line
+do
+    echo "$line" >> cyassl/options.h
+done < $OPTION_FILE
+
+# output config summary
+echo "---"
+echo "Configuration summary for $PACKAGE_NAME version $VERSION"
+echo ""
+echo "   * Installation prefix:       $prefix"
+echo "   * System type:               $host_vendor-$host_os"
+echo "   * Host CPU:                  $host_cpu"
+echo "   * C Compiler:                $CC"
+echo "   * C Flags:                   $CFLAGS"
+echo "   * C++ Compiler:              $CXX"
+echo "   * C++ Flags:                 $CXXFLAGS"
+echo "   * CPP Flags:                 $CPPFLAGS"
+echo "   * LIB Flags:                 $LIB"
+echo "   * Debug enabled:             $ax_enable_debug"
+echo "   * Warnings as failure:       $ac_cv_warnings_as_errors"
+echo "   * make -j:                   $enable_jobserver"
+echo "   * VCS checkout:              $ac_cv_vcs_checkout"
+echo
+echo "   Features "
+echo "   * Single threaded:           $ENABLED_SINGLETHREADED"
+echo "   * Filesystem:                $ENABLED_FILESYSTEM"
+echo "   * OpenSSL Extra API:         $ENABLED_OPENSSLEXTRA"
+echo "   * fastmath:                  $ENABLED_FASTMATH"
+echo "   * sniffer:                   $ENABLED_SNIFFER"
+echo "   * snifftest:                 $ENABLED_SNIFFTEST"
+echo "   * ARC4:                      $ENABLED_ARC4"
+echo "   * AES:                       $ENABLED_AES"
+echo "   * AES-NI:                    $ENABLED_AESNI"
+echo "   * AES-GCM:                   $ENABLED_AESGCM"
+echo "   * AES-CCM:                   $ENABLED_AESCCM"
+echo "   * DES3:                      $ENABLED_DES3"
+echo "   * Camellia:                  $ENABLED_CAMELLIA"
+echo "   * NULL Cipher:               $ENABLED_NULL_CIPHER"
+echo "   * MD5:                       $ENABLED_MD5"
+echo "   * RIPEMD:                    $ENABLED_RIPEMD"
+echo "   * SHA:                       $ENABLED_SHA"
+echo "   * SHA-512:                   $ENABLED_SHA512"
+echo "   * BLAKE2:                    $ENABLED_BLAKE2"
+echo "   * keygen:                    $ENABLED_KEYGEN"
+echo "   * certgen:                   $ENABLED_CERTGEN"
+echo "   * certreq:                   $ENABLED_CERTREQ"
+echo "   * HC-128:                    $ENABLED_HC128"
+echo "   * RABBIT:                    $ENABLED_RABBIT"
+echo "   * CHACHA:                    $ENABLED_CHACHA"
+echo "   * Hash DRBG:                 $ENABLED_HASHDRBG"
+echo "   * PWDBASED:                  $ENABLED_PWDBASED"
+echo "   * HKDF:                      $ENABLED_HKDF"
+echo "   * MD4:                       $ENABLED_MD4"
+echo "   * PSK:                       $ENABLED_PSK"
+echo "   * Poly1305:                  $ENABLED_POLY1305"
+echo "   * LEANPSK:                   $ENABLED_LEANPSK"
+echo "   * RSA:                       $ENABLED_RSA"
+echo "   * DSA:                       $ENABLED_DSA"
+echo "   * DH:                        $ENABLED_DH"
+echo "   * ECC:                       $ENABLED_ECC"
+echo "   * FPECC:                     $ENABLED_FPECC"
+echo "   * ECC_ENCRYPT:               $ENABLED_ECC_ENCRYPT"
+echo "   * ASN:                       $ENABLED_ASN"
+echo "   * Anonymous cipher:          $ENABLED_ANON"
+echo "   * CODING:                    $ENABLED_CODING"
+echo "   * MEMORY:                    $ENABLED_MEMORY"
+echo "   * I/O POOL:                  $ENABLED_IOPOOL"
+echo "   * ERROR_STRINGS:             $ENABLED_ERROR_STRINGS"
+echo "   * DTLS:                      $ENABLED_DTLS"
+echo "   * Old TLS Versions:          $ENABLED_OLD_TLS"
+echo "   * OCSP:                      $ENABLED_OCSP"
+echo "   * CRL:                       $ENABLED_CRL"
+echo "   * CRL-MONITOR:               $ENABLED_CRL_MONITOR"
+echo "   * Persistent session cache:  $ENABLED_SAVESESSION"
+echo "   * Persistent cert    cache:  $ENABLED_SAVECERT"
+echo "   * Atomic User Record Layer:  $ENABLED_ATOMICUSER"
+echo "   * Public Key Callbacks:      $ENABLED_PKCALLBACKS"
+echo "   * NTRU:                      $ENABLED_NTRU"
+echo "   * SNI:                       $ENABLED_SNI"
+echo "   * Maximum Fragment Length:   $ENABLED_MAX_FRAGMENT"
+echo "   * Truncated HMAC:            $ENABLED_TRUNCATED_HMAC"
+echo "   * Renegotiation Indication:  $ENABLED_RENEGOTIATION_INDICATION"
+echo "   * Secure Renegotiation:      $ENABLED_SECURE_RENEGOTIATION"
+echo "   * Supported Elliptic Curves: $ENABLED_SUPPORTED_CURVES"
+echo "   * Session Ticket:            $ENABLED_SESSION_TICKET"
+echo "   * All TLS Extensions:        $ENABLED_TLSX"
+echo "   * PKCS#7                     $ENABLED_PKCS7"
+echo "   * wolfSCEP                   $ENABLED_WOLFSCEP"
+echo "   * Small Stack:               $ENABLED_SMALL_STACK"
+echo "   * valgrind unit tests:       $ENABLED_VALGRIND"
+echo "   * LIBZ:                      $ENABLED_LIBZ"
+echo "   * Examples:                  $ENABLED_EXAMPLES"
+echo ""
+echo "---"
+
diff --git a/3P/wolfssl/configure.ac b/3P/wolfssl/configure.ac
new file mode 100644
index 00000000..2c4871ca
--- /dev/null
+++ b/3P/wolfssl/configure.ac
@@ -0,0 +1,1967 @@
+# configure.ac
+#
+# Copyright (C) 2006-2015 wolfSSL Inc.
+#
+# This file is part of wolfSSL. (formerly known as CyaSSL)
+#
+#
+
+AC_INIT([wolfssl],[3.4.0],[https://github.com/wolfssl/wolfssl/issues],[wolfssl],[http://www.wolfssl.com])
+
+AC_CONFIG_AUX_DIR([build-aux])
+
+AC_CANONICAL_HOST
+AC_CANONICAL_BUILD
+
+AM_INIT_AUTOMAKE([1.11 -Wall -Werror -Wno-portability foreign tar-ustar subdir-objects no-define color-tests])
+AC_PREREQ([2.63])
+
+AC_ARG_PROGRAM
+AC_DEFUN([PROTECT_AC_USE_SYSTEM_EXTENSIONS],
+         [AX_SAVE_FLAGS
+          AC_LANG_PUSH([C])
+          AC_USE_SYSTEM_EXTENSIONS
+          AC_LANG_POP([C])
+          AX_RESTORE_FLAGS
+          ])
+#PROTECT_AC_USE_SYSTEM_EXTENSIONS
+
+AC_CONFIG_MACRO_DIR([m4])
+
+AC_CONFIG_HEADERS([config.h:config.in])dnl Keep filename to 8.3 for MS-DOS.
+
+#shared library versioning
+WOLFSSL_LIBRARY_VERSION=0:0:0
+#                       | | |
+#                +------+ | +---+
+#                |        |     |
+#               current:revision:age
+#                |        |     |
+#                |        |     +- increment if interfaces have been added
+#                |        |        set to zero if interfaces have been removed
+#                |        |        or changed
+#                |        +- increment if source code has changed
+#                |           set to zero if current is incremented
+#                +- increment if interfaces have been added, removed or changed
+AC_SUBST([WOLFSSL_LIBRARY_VERSION])
+
+# capture user C_EXTRA_FLAGS from ./configure line, CFLAGS may hold -g -O2 even
+# if user doesn't override, no way to tell
+USER_C_EXTRA_FLAGS="$C_EXTRA_FLAGS"
+
+LT_PREREQ([2.2])
+LT_INIT([disable-static],[win32-dll])
+LT_LANG([C++])
+LT_LANG([C])
+
+gl_VISIBILITY
+AS_IF([ test -n "$CFLAG_VISIBILITY" ], [
+       AM_CPPFLAGS="$AM_CPPFLAGS $CFLAG_VISIBILITY"
+       CPPFLAGS="$CPPFLAGS $CFLAG_VISIBILITY"
+       ])
+
+m4_ifdef([AM_SILENT_RULES],[AM_SILENT_RULES([yes])])
+
+AC_CHECK_FUNCS([gethostbyname])
+AC_CHECK_FUNCS([getaddrinfo])
+AC_CHECK_FUNCS([gettimeofday])
+AC_CHECK_FUNCS([inet_ntoa])
+AC_CHECK_FUNCS([memset])
+AC_CHECK_FUNCS([socket])
+AC_CHECK_HEADERS([arpa/inet.h])
+AC_CHECK_HEADERS([fcntl.h])
+AC_CHECK_HEADERS([limits.h])
+AC_CHECK_HEADERS([netdb.h])
+AC_CHECK_HEADERS([netinet/in.h])
+AC_CHECK_HEADERS([stddef.h])
+AC_CHECK_HEADERS([sys/ioctl.h])
+AC_CHECK_HEADERS([sys/socket.h])
+AC_CHECK_HEADERS([sys/time.h])
+AC_CHECK_HEADERS([errno.h])
+AC_CHECK_LIB(network,socket)
+AC_CHECK_SIZEOF(long long, 8)
+AC_CHECK_SIZEOF(long, 4)
+AC_CHECK_TYPES(__uint128_t)
+AC_C_BIGENDIAN
+# mktime check takes forever on some systems, if time supported it would be
+# highly unusual for mktime to be missing
+#AC_FUNC_MKTIME 
+
+AC_PROG_CC
+AC_PROG_CC_C_O
+AC_PROG_CXX
+AC_PROG_INSTALL
+AC_TYPE_SIZE_T
+AC_TYPE_UINT8_T
+AM_PROG_AS
+AM_PROG_CC_C_O
+LT_LIB_M
+
+OPTIMIZE_CFLAGS="-Os -fomit-frame-pointer"
+OPTIMIZE_FAST_CFLAGS="-O2 -fomit-frame-pointer"
+OPTIMIZE_HUGE_CFLAGS="-funroll-loops -DTFM_SMALL_SET -DTFM_HUGE_SET"
+DEBUG_CFLAGS="-g -DDEBUG -DDEBUG_WOLFSSL"
+
+thread_ls_on=no
+# Thread local storage
+AX_TLS([
+        [AM_CFLAGS="$AM_CFLAGS -DHAVE_THREAD_LS"]
+        [thread_ls_on=yes]
+       ] , [:])
+
+
+# DEBUG
+AX_DEBUG
+AS_IF([test "$ax_enable_debug" = "yes"],
+      [AM_CFLAGS="$DEBUG_CFLAGS $AM_CFLAGS"],
+      [AM_CFLAGS="$AM_CFLAGS -DNDEBUG"])
+
+
+# SINGLE THREADED
+AC_ARG_ENABLE([singlethreaded],
+    [  --enable-singlethreaded Enable wolfSSL single threaded (default: disabled)],
+    [ ENABLED_SINGLETHREADED=$enableval ],
+    [ ENABLED_SINGLETHREADED=no ])
+
+AS_IF([ test "x$ENABLED_SINGLETHREADED" = "xno" ],[
+       AX_PTHREAD([
+                   AC_DEFINE([HAVE_PTHREAD], [1], [Define if you have POSIX threads libraries and header files.])
+                   AM_CFLAGS="-D_POSIX_THREADS $AM_CFLAGS $PTHREAD_CFLAGS"
+                   LIBS="$LIBS $PTHREAD_LIBS"
+                   ],[
+                      ENABLED_SINGLETHREADED=yes
+                      ])
+       ])
+
+AS_IF([ test "x$ENABLED_SINGLETHREADED" = "xyes" ],[ AM_CFLAGS="-DSINGLE_THREADED $AM_CFLAGS" ])
+
+
+# DTLS
+AC_ARG_ENABLE([dtls],
+    [  --enable-dtls           Enable wolfSSL DTLS (default: disabled)],
+    [ ENABLED_DTLS=$enableval ],
+    [ ENABLED_DTLS=no ]
+    )
+if test "$ENABLED_DTLS" = "yes"
+then
+  AM_CFLAGS="-DWOLFSSL_DTLS $AM_CFLAGS"
+fi
+
+
+# OPENSSL Extra Compatibility
+AC_ARG_ENABLE([opensslextra],
+    [  --enable-opensslextra   Enable extra OpenSSL API, size+ (default: disabled)],
+    [ ENABLED_OPENSSLEXTRA=$enableval ],
+    [ ENABLED_OPENSSLEXTRA=no ]
+    )
+if test "$ENABLED_OPENSSLEXTRA" = "yes"
+then
+  AM_CFLAGS="-DOPENSSL_EXTRA $AM_CFLAGS"
+fi
+
+if test "$ENABLED_OPENSSLEXTRA" = "yes" && test "$ENABLED_SMALL" = "yes"
+then
+    AC_MSG_ERROR([cannot enable small and opensslextra, only one or the other.])
+fi
+
+
+# IPv6 Test Apps
+AC_ARG_ENABLE([ipv6],
+    [  --enable-ipv6           Enable testing of IPV6 (default: disabled)],
+    [ ENABLED_IPV6=$enableval ],
+    [ ENABLED_IPV6=no ]
+    )
+
+if test "$ENABLED_IPV6" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DTEST_IPV6"
+fi
+
+
+# Fortress build 
+AC_ARG_ENABLE([fortress],
+    [  --enable-fortress       Enable SSL fortress build (default: disabled)],
+    [ ENABLED_FORTRESS=$enableval ],
+    [ ENABLED_FORTRESS=no ]
+    )
+
+if test "$ENABLED_FORTRESS" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DFORTRESS -DWOLFSSL_ALWAYS_VERIFY_CB -DOPENSSL_EXTRA -DWOLFSSL_DES_ECB -DWOLFSSL_AES_COUNTER -DWOLFSSL_AES_DIRECT -DWOLFSSL_DER_LOAD -DWOLFSSL_SHA512 -DWOLFSSL_SHA384 -DWOLFSSL_KEY_GEN"
+fi
+
+
+# ssl bump build 
+AC_ARG_ENABLE([bump],
+    [  --enable-bump           Enable SSL Bump build (default: disabled)],
+    [ ENABLED_BUMP=$enableval ],
+    [ ENABLED_BUMP=no ]
+    )
+
+if test "$ENABLED_BUMP" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DLARGE_STATIC_BUFFERS -DWOLFSSL_CERT_GEN -DWOLFSSL_KEY_GEN -DHUGE_SESSION_CACHE -DOPENSSL_EXTRA -DFP_MAX_BITS=8192 -DWOLFSSL_DER_LOAD -DWOLFSSL_ALT_NAMES -DWOLFSSL_TEST_CERT"
+fi
+
+ENABLED_SLOWMATH="yes"
+
+# lean psk build 
+AC_ARG_ENABLE([leanpsk],
+    [  --enable-leanpsk        Enable Lean PSK build (default: disabled)],
+    [ ENABLED_LEANPSK=$enableval ],
+    [ ENABLED_LEANPSK=no ]
+    )
+
+if test "$ENABLED_LEANPSK" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_LEANPSK -DHAVE_NULL_CIPHER -DSINGLE_THREADED -DNO_AES -DNO_FILESYSTEM -DNO_RABBIT -DNO_RSA -DNO_DSA -DNO_DH -DNO_CERTS -DNO_PWDBASED -DNO_DES3 -DNO_MD4 -DNO_MD5 -DNO_ERROR_STRINGS -DNO_OLD_TLS -DNO_RC4 -DNO_WRITEV -DNO_SESSION_CACHE -DNO_DEV_RANDOM -DWOLFSSL_USER_IO -DNO_SHA -DUSE_SLOW_SHA"
+    ENABLED_SLOWMATH="no"
+    ENABLED_SINGLETHREADED="yes"
+fi
+
+AM_CONDITIONAL([BUILD_LEANPSK], [test "x$ENABLED_LEANPSK" = "xyes"])
+
+
+# big cache
+AC_ARG_ENABLE([bigcache],
+    [  --enable-bigcache       Enable big session cache (default: disabled)],
+    [ ENABLED_BIGCACHE=$enableval ],
+    [ ENABLED_BIGCACHE=no ]
+    )
+
+if test "$ENABLED_BIGCACHE" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DBIG_SESSION_CACHE"
+fi
+
+
+# HUGE cache
+AC_ARG_ENABLE([hugecache],
+    [  --enable-hugecache      Enable huge session cache (default: disabled)],
+    [ ENABLED_HUGECACHE=$enableval ],
+    [ ENABLED_HUGECACHE=no ]
+    )
+
+if test "$ENABLED_HUGECACHE" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DHUGE_SESSION_CACHE"
+fi
+
+
+# SMALL cache
+AC_ARG_ENABLE([smallcache],
+    [  --enable-smallcache     Enable small session cache (default: disabled)],
+    [ ENABLED_SMALLCACHE=$enableval ],
+    [ ENABLED_SMALLCACHE=no ]
+    )
+
+if test "$ENABLED_SMALLCACHE" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DSMALL_SESSION_CACHE"
+fi
+
+
+# Persistent session cache 
+AC_ARG_ENABLE([savesession],
+    [  --enable-savesession    Enable persistent session cache (default: disabled)],
+    [ ENABLED_SAVESESSION=$enableval ],
+    [ ENABLED_SAVESESSION=no ]
+    )
+
+if test "$ENABLED_SAVESESSION" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DPERSIST_SESSION_CACHE"
+fi
+
+
+# Persistent cert cache 
+AC_ARG_ENABLE([savecert],
+    [  --enable-savecert       Enable persistent cert cache (default: disabled)],
+    [ ENABLED_SAVECERT=$enableval ],
+    [ ENABLED_SAVECERT=no ]
+    )
+
+if test "$ENABLED_SAVECERT" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DPERSIST_CERT_CACHE"
+fi
+
+
+# Atomic User Record Layer  
+AC_ARG_ENABLE([atomicuser],
+    [  --enable-atomicuser     Enable Atomic User Record Layer (default: disabled)],
+    [ ENABLED_ATOMICUSER=$enableval ],
+    [ ENABLED_ATOMICUSER=no ]
+    )
+
+if test "$ENABLED_ATOMICUSER" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DATOMIC_USER"
+fi
+
+
+# Public Key Callbacks  
+AC_ARG_ENABLE([pkcallbacks],
+    [  --enable-pkcallbacks    Enable Public Key Callbacks (default: disabled)],
+    [ ENABLED_PKCALLBACKS=$enableval ],
+    [ ENABLED_PKCALLBACKS=no ]
+    )
+
+if test "$ENABLED_PKCALLBACKS" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DHAVE_PK_CALLBACKS"
+fi
+
+
+# SNIFFER
+ENABLED_SNIFFTEST=no
+AC_ARG_ENABLE([sniffer],
+   [AS_HELP_STRING([--enable-sniffer],[ Enable wolfSSL sniffer support (default: disabled) ])],[
+       ENABLED_SNIFFER=yes
+       AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SNIFFER -DOPENSSL_EXTRA"
+       AS_IF([ test "x$enableval" = "xyes" ],[ AC_CHECK_HEADERS([pcap/pcap.h],[ 
+           ENABLED_SNIFFTEST=yes 
+   ],[ AC_MSG_WARN([cannot enable sniffer test without having libpcap available.]) ]) ])
+   ],[
+       ENABLED_SNIFFER=no
+   ])
+
+AM_CONDITIONAL([BUILD_SNIFFER],   [ test "x$ENABLED_SNIFFER"   = "xyes" ])
+AM_CONDITIONAL([BUILD_SNIFFTEST], [ test "x$ENABLED_SNIFFTEST" = "xyes" ])
+
+# AES-GCM
+AC_ARG_ENABLE([aesgcm],
+    [  --enable-aesgcm         Enable wolfSSL AES-GCM support (default: disabled)],
+    [ ENABLED_AESGCM=$enableval ],
+    [ ENABLED_AESGCM=no ]
+    )
+
+if test "$ENABLED_AESGCM" = "word32"
+then
+    AM_CFLAGS="$AM_CFLAGS -DGCM_WORD32"
+    ENABLED_AESGCM=yes
+fi
+
+if test "$ENABLED_AESGCM" = "small"
+then
+    AM_CFLAGS="$AM_CFLAGS -DGCM_SMALL"
+    ENABLED_AESGCM=yes
+fi
+
+if test "$ENABLED_AESGCM" = "table"
+then
+    AM_CFLAGS="$AM_CFLAGS -DGCM_TABLE"
+    ENABLED_AESGCM=yes
+fi
+
+if test "$ENABLED_AESGCM" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DHAVE_AESGCM"
+fi
+
+AM_CONDITIONAL([BUILD_AESGCM], [test "x$ENABLED_AESGCM" = "xyes"])
+
+
+# AES-CCM
+AC_ARG_ENABLE([aesccm],
+    [  --enable-aesccm         Enable wolfSSL AES-CCM support (default: disabled)],
+    [ ENABLED_AESCCM=$enableval ],
+    [ ENABLED_AESCCM=no ]
+    )
+
+if test "$ENABLED_AESCCM" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DHAVE_AESCCM"
+fi
+
+AM_CONDITIONAL([BUILD_AESCCM], [test "x$ENABLED_AESCCM" = "xyes"])
+
+
+# AES-NI
+AC_ARG_ENABLE([aesni],
+    [  --enable-aesni          Enable wolfSSL AES-NI support (default: disabled)],
+    [ ENABLED_AESNI=$enableval ],
+    [ ENABLED_AESNI=no ]
+    )
+
+if test "$ENABLED_AESNI" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_AESNI"
+    if test "$GCC" = "yes"
+    then
+        # GCC needs these flags, icc doesn't
+        # opt levels greater than 2 may cause problems on systems w/o aesni
+        if test "$CC" != "icc"
+        then
+            AM_CFLAGS="$AM_CFLAGS -maes -msse4"
+        fi
+    fi
+fi
+
+AM_CONDITIONAL([BUILD_AESNI], [test "x$ENABLED_AESNI" = "xyes"])
+
+
+# POLY1305
+AC_ARG_ENABLE([poly1305],
+    [  --enable-poly1305         Enable wolfSSL POLY1305 support (default: disabled)],
+    [ ENABLED_POLY1305=$enableval ],
+    [ ENABLED_POLY1305=no ]
+    )
+
+if test "$ENABLED_POLY1305" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DHAVE_POLY1305 -DHAVE_ONE_TIME_AUTH"
+fi
+
+AM_CONDITIONAL([BUILD_POLY1305], [test "x$ENABLED_POLY1305" = "xyes"])
+
+
+# Camellia
+AC_ARG_ENABLE([camellia],
+    [  --enable-camellia       Enable wolfSSL Camellia support (default: disabled)],
+    [ ENABLED_CAMELLIA=$enableval ],
+    [ ENABLED_CAMELLIA=no ]
+    )
+
+if test "$ENABLED_CAMELLIA" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DHAVE_CAMELLIA"
+fi
+
+AM_CONDITIONAL([BUILD_CAMELLIA], [test "x$ENABLED_CAMELLIA" = "xyes"])
+
+
+# MD2
+AC_ARG_ENABLE([md2],
+    [  --enable-md2            Enable wolfSSL MD2 support (default: disabled)],
+    [ ENABLED_MD2=$enableval ],
+    [ ENABLED_MD2=no ]
+    )
+
+if test "$ENABLED_BUMP" = "yes"
+then
+    ENABLED_MD2="yes"
+fi
+
+if test "$ENABLED_MD2" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_MD2"
+fi
+
+AM_CONDITIONAL([BUILD_MD2], [test "x$ENABLED_MD2" = "xyes"])
+
+
+# NULL CIPHER 
+AC_ARG_ENABLE([nullcipher],
+    [  --enable-nullcipher     Enable wolfSSL NULL cipher support (default: disabled)],
+    [ ENABLED_NULL_CIPHER=$enableval ],
+    [ ENABLED_NULL_CIPHER=no ]
+    )
+
+if test "$ENABLED_NULL_CIPHER" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DHAVE_NULL_CIPHER"
+fi
+
+# RIPEMD
+AC_ARG_ENABLE([ripemd],
+    [  --enable-ripemd         Enable wolfSSL RIPEMD-160 support (default: disabled)],
+    [ ENABLED_RIPEMD=$enableval ],
+    [ ENABLED_RIPEMD=no ]
+    )
+
+if test "$ENABLED_RIPEMD" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_RIPEMD"
+fi
+
+AM_CONDITIONAL([BUILD_RIPEMD], [test "x$ENABLED_RIPEMD" = "xyes"])
+
+
+# BLAKE2
+AC_ARG_ENABLE([blake2],
+    [  --enable-blake2         Enable wolfSSL BLAKE2 support (default: disabled)],
+    [ ENABLED_BLAKE2=$enableval ],
+    [ ENABLED_BLAKE2=no ]
+    )
+
+if test "$ENABLED_BLAKE2" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DHAVE_BLAKE2"
+fi
+
+AM_CONDITIONAL([BUILD_BLAKE2], [test "x$ENABLED_BLAKE2" = "xyes"])
+
+
+# SHA512
+AC_ARG_ENABLE([sha512],
+    [  --enable-sha512         Enable wolfSSL SHA-512 support (default: disabled)],
+    [ ENABLED_SHA512=$enableval ],
+    [ ENABLED_SHA512=no ]
+    )
+
+if test "$ENABLED_SHA512" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SHA512 -DWOLFSSL_SHA384"
+fi
+
+if test "$ENABLED_FORTRESS" = "yes"
+then
+    ENABLED_SHA512="yes"
+fi
+
+
+AM_CONDITIONAL([BUILD_SHA512], [test "x$ENABLED_SHA512" = "xyes"])
+
+
+# SESSION CERTS
+AC_ARG_ENABLE([sessioncerts],
+    [  --enable-sessioncerts   Enable session cert storing (default: disabled)],
+    [ ENABLED_SESSIONCERTS=$enableval ],
+    [ ENABLED_SESSIONCERTS=no ]
+    )
+
+if test "$ENABLED_SESSIONCERTS" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DSESSION_CERTS"
+fi
+
+
+# KEY GENERATION
+AC_ARG_ENABLE([keygen],
+    [  --enable-keygen         Enable key generation (default: disabled)],
+    [ ENABLED_KEYGEN=$enableval ],
+    [ ENABLED_KEYGEN=no ]
+    )
+
+if test "$ENABLED_KEYGEN" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_KEY_GEN"
+fi
+
+
+# CERT GENERATION
+AC_ARG_ENABLE([certgen],
+    [  --enable-certgen        Enable cert generation (default: disabled)],
+    [ ENABLED_CERTGEN=$enableval ],
+    [ ENABLED_CERTGEN=no ]
+    )
+
+if test "$ENABLED_CERTGEN" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_CERT_GEN"
+fi
+
+
+# CERT REQUEST GENERATION
+AC_ARG_ENABLE([certreq],
+    [  --enable-certreq        Enable cert request generation (default: disabled)],
+    [ ENABLED_CERTREQ=$enableval ],
+    [ ENABLED_CERTREQ=no ]
+    )
+
+if test "$ENABLED_CERTREQ" = "yes"
+then
+    if test "$ENABLED_CERTGEN" = "no"
+    then
+        AC_MSG_ERROR([cannot enable certreq without enabling certgen.])
+    fi
+    AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_CERT_REQ"
+fi
+
+
+# SEP
+AC_ARG_ENABLE([sep],
+    [  --enable-sep            Enable sep extensions (default: disabled)],
+    [ ENABLED_SEP=$enableval ],
+    [ ENABLED_SEP=no ]
+    )
+if test "$ENABLED_SEP" = "yes"
+then
+  AM_CFLAGS="-DWOLFSSL_SEP -DKEEP_PEER_CERT $AM_CFLAGS"
+fi
+
+
+# HKDF 
+AC_ARG_ENABLE([hkdf],
+    [  --enable-hkdf           Enable HKDF (HMAC-KDF) support (default: disabled)],
+    [ ENABLED_HKDF=$enableval ],
+    [ ENABLED_HKDF=no ]
+    )
+if test "$ENABLED_HKDF" = "yes"
+then
+  AM_CFLAGS="$AM_CFLAGS -DHAVE_HKDF"
+fi
+
+
+# DSA
+AC_ARG_ENABLE([dsa],
+    [  --enable-dsa            Enable DSA (default: disabled)],
+    [ ENABLED_DSA=$enableval ],
+    [ ENABLED_DSA=no ]
+    )
+
+if test "$ENABLED_DSA" = "no"
+then
+    AM_CFLAGS="$AM_CFLAGS -DNO_DSA"
+fi
+
+AM_CONDITIONAL([BUILD_DSA], [test "x$ENABLED_DSA" = "xyes"])
+
+
+# ECC 
+AC_ARG_ENABLE([ecc],
+    [  --enable-ecc            Enable ECC (default: disabled)],
+    [ ENABLED_ECC=$enableval ],
+    [ ENABLED_ECC=no ]
+    )
+
+if test "$ENABLED_ECC" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DHAVE_ECC -DTFM_ECC256 -DECC_SHAMIR"
+fi
+
+AM_CONDITIONAL([BUILD_ECC], [test "x$ENABLED_ECC" = "xyes"])
+
+
+if test "$ENABLED_ECC" = "yes" && test "$ENABLED_SMALL" = "yes"
+then
+    AC_MSG_ERROR([cannot enable ecc and small, ecc requires TLS which small turns off.]) 
+fi
+
+
+# ECC25519
+AC_ARG_ENABLE([ecc25519],
+    [  --enable-ecc25519            Enable ECC25519 (default: disabled)],
+    [ ENABLED_ECC25519=$enableval ],
+    [ ENABLED_ECC25519=no ]
+    )
+
+if test "$ENABLED_ECC25519" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DHAVE_ECC25519"
+fi
+
+
+AM_CONDITIONAL([BUILD_ECC25519], [test "x$ENABLED_ECC25519" = "xyes"])
+
+
+# FP ECC, Fixed Point cache ECC 
+AC_ARG_ENABLE([fpecc],
+    [  --enable-fpecc          Enable Fixed Point cache ECC (default: disabled)],
+    [ ENABLED_FPECC=$enableval ],
+    [ ENABLED_FPECC=no ]
+    )
+
+if test "$ENABLED_FPECC" = "yes"
+then
+    if test "$ENABLED_ECC" = "no"
+    then
+        AC_MSG_ERROR([cannot enable fpecc without enabling ecc.]) 
+    fi
+    AM_CFLAGS="$AM_CFLAGS -DFP_ECC"
+fi
+
+
+# ECC encrypt
+AC_ARG_ENABLE([eccencrypt],
+    [  --enable-eccencrypt     Enable ECC encrypt (default: disabled)],
+    [ ENABLED_ECC_ENCRYPT=$enableval ],
+    [ ENABLED_ECC_ENCRYPT=no ]
+    )
+
+if test "$ENABLED_ECC_ENCRYPT" = "yes"
+then
+    if test "$ENABLED_ECC" = "no"
+    then
+        AC_MSG_ERROR([cannot enable eccencrypt without enabling ecc.]) 
+    fi
+    if test "$ENABLED_HKDF" = "no"
+    then
+        AC_MSG_ERROR([cannot enable eccencrypt without enabling hkdf.]) 
+    fi
+    AM_CFLAGS="$AM_CFLAGS -DHAVE_ECC_ENCRYPT"
+fi
+
+
+# PSK 
+AC_ARG_ENABLE([psk],
+    [  --enable-psk            Enable PSK (default: disabled)],
+    [ ENABLED_PSK=$enableval ],
+    [ ENABLED_PSK=no ]
+    )
+
+if test "$ENABLED_PSK" = "no" && test "$ENABLED_LEANPSK" = "no"
+then
+    AM_CFLAGS="$AM_CFLAGS -DNO_PSK"
+fi
+
+if test "$ENABLED_PSK" = "no" && test "$ENABLED_LEANPSK" = "yes"
+then
+    ENABLED_PSK=yes
+fi
+
+
+# ERROR STRINGS
+AC_ARG_ENABLE([errorstrings],
+    [  --enable-errorstrings   Enable error strings table (default: enabled)],
+    [ ENABLED_ERROR_STRINGS=$enableval ],
+    [ ENABLED_ERROR_STRINGS=yes ]
+    )
+
+if test "$ENABLED_ERROR_STRINGS" = "no"
+then
+    AM_CFLAGS="$AM_CFLAGS -DNO_ERROR_STRINGS"
+else
+    # turn off error strings if leanpsk on
+    if test "$ENABLED_LEANPSK" = "yes"
+    then
+        AM_CFLAGS="$AM_CFLAGS -DNO_ERROR_STRINGS"
+        ENABLED_ERROR_STRINGS=no
+    fi
+fi
+
+
+# OLD TLS 
+AC_ARG_ENABLE([oldtls],
+    [  --enable-oldtls         Enable old TLS versions < 1.2 (default: enabled)],
+    [ ENABLED_OLD_TLS=$enableval ],
+    [ ENABLED_OLD_TLS=yes ]
+    )
+
+if test "$ENABLED_OLD_TLS" = "no"
+then
+    AM_CFLAGS="$AM_CFLAGS -DNO_OLD_TLS"
+else
+    # turn off old if leanpsk on
+    if test "$ENABLED_LEANPSK" = "yes"
+    then
+        AM_CFLAGS="$AM_CFLAGS -DNO_OLD_TLS"
+        ENABLED_OLD_TLS=no
+    fi
+fi
+
+
+# STACK SIZE info for examples 
+AC_ARG_ENABLE([stacksize],
+    [  --enable-stacksize      Enable stack size info on examples (default: disabled)],
+    [ ENABLED_STACKSIZE=$enableval ],
+    [ ENABLED_STACKSIZE=no ]
+    )
+
+if test "$ENABLED_STACKSIZE" = "yes"
+then
+    AC_CHECK_FUNC([posix_memalign], [], [AC_MSG_ERROR(stacksize needs posix_memalign)])
+    AC_CHECK_FUNC([pthread_attr_setstack], [], AC_CHECK_LIB([pthread],[pthread_attr_setstack]))
+    AM_CFLAGS="$AM_CFLAGS -DHAVE_STACK_SIZE -DWOLFSSL_LOW_MEMORY"
+fi
+
+
+# MEMORY 
+AC_ARG_ENABLE([memory],
+    [  --enable-memory         Enable memory callbacks (default: enabled)],
+    [ ENABLED_MEMORY=$enableval ],
+    [ ENABLED_MEMORY=yes ]
+    )
+
+if test "$ENABLED_MEMORY" = "no"
+then
+    AM_CFLAGS="$AM_CFLAGS -DNO_WOLFSSL_MEMORY"
+else
+    # turn off memory cb if leanpsk on
+    if test "$ENABLED_LEANPSK" = "yes"
+    then
+        # but don't turn on NO_WOLFSSL_MEMORY because using own
+        ENABLED_MEMORY=no
+    fi
+fi
+
+AM_CONDITIONAL([BUILD_MEMORY], [test "x$ENABLED_MEMORY" = "xyes"])
+
+
+# RSA 
+AC_ARG_ENABLE([rsa],
+    [  --enable-rsa            Enable RSA (default: enabled)],
+    [ ENABLED_RSA=$enableval ],
+    [ ENABLED_RSA=yes ]
+    )
+
+if test "$ENABLED_RSA" = "no"
+then
+    AM_CFLAGS="$AM_CFLAGS -DNO_RSA"
+else
+    # turn off RSA if leanpsk on
+    if test "$ENABLED_LEANPSK" = "yes"
+    then
+        AM_CFLAGS="$AM_CFLAGS -DNO_RSA"
+        ENABLED_RSA=no
+    fi
+fi
+
+AM_CONDITIONAL([BUILD_RSA], [test "x$ENABLED_RSA" = "xyes"])
+
+
+# DH
+AC_ARG_ENABLE([dh],
+    [  --enable-dh             Enable DH (default: disabled)],
+    [ ENABLED_DH=$enableval ],
+    [ ENABLED_DH=no ]
+    )
+
+if test "$ENABLED_DH" = "no"
+then
+    AM_CFLAGS="$AM_CFLAGS -DNO_DH"
+else
+    # turn off DH if leanpsk on
+    if test "$ENABLED_LEANPSK" = "yes"
+    then
+        AM_CFLAGS="$AM_CFLAGS -DNO_DH"
+        ENABLED_DH=no
+    fi
+fi
+
+AM_CONDITIONAL([BUILD_DH], [test "x$ENABLED_DH" = "xyes"])
+
+
+# Anonymous
+AC_ARG_ENABLE([anon],
+    [AS_HELP_STRING([--enable-anon],[Enable Anonymous (default: disabled)])],
+    [ ENABLED_ANON=$enableval ],
+    [ ENABLED_ANON=no ]
+    )
+
+
+if test "x$ENABLED_ANON" = "xyes"
+then
+    if test "x$ENABLED_DH" != "xyes"
+    then
+        AC_MSG_ERROR([Anonymous suite requires DH.])
+    fi
+    AM_CFLAGS="$AM_CFLAGS -DHAVE_ANON"
+fi
+
+
+# ASN
+# turn off asn, which means no certs, no rsa, no dh, no dsa, no ecc,
+# and no big int, use this to disable all public key stuff
+AC_ARG_ENABLE([asn],
+    [  --enable-asn            Enable ASN (default: enabled)],
+    [ ENABLED_ASN=$enableval ],
+    [ ENABLED_ASN=yes ]
+    )
+
+if test "$ENABLED_ASN" = "no"
+then
+    AM_CFLAGS="$AM_CFLAGS -DNO_ASN -DNO_CERTS -DNO_BIG_INT"
+else
+    # turn off ASN if leanpsk on
+    if test "$ENABLED_LEANPSK" = "yes"
+    then
+        AM_CFLAGS="$AM_CFLAGS -DNO_ASN -DNO_CERTS -DNO_BIG_INT"
+        ENABLED_ASN=no
+    fi
+fi
+
+if test "$ENABLED_RSA" = "yes" && test "$ENABLED_ASN" = "no"
+then
+    AC_MSG_ERROR([please disable rsa if disabling asn.])
+fi
+
+if test "$ENABLED_DSA" = "yes" && test "$ENABLED_ASN" = "no"
+then
+    AC_MSG_ERROR([please disable dsa if disabling asn.])
+fi
+
+if test "$ENABLED_DH" = "yes" && test "$ENABLED_ASN" = "no"
+then
+    AC_MSG_ERROR([please disable dh if disabling asn.])
+fi
+
+if test "$ENABLED_ECC" = "yes" && test "$ENABLED_ASN" = "no"
+then
+    AC_MSG_ERROR([please disable ecc if disabling asn.])
+fi
+
+if test "$ENABLED_PSK" = "no" && test "$ENABLED_ASN" = "no"
+then
+    AC_MSG_ERROR([please enable psk if disabling asn.])
+fi
+
+if test "$ENABLED_ASN" = "no"
+then
+    ENABLED_FASTMATH=no
+    ENABLED_SLOWMATH=no
+fi
+
+AM_CONDITIONAL([BUILD_ASN], [test "x$ENABLED_ASN" = "xyes"])
+
+
+# AES
+AC_ARG_ENABLE([aes],
+    [  --enable-aes            Enable AES (default: enabled)],
+    [ ENABLED_AES=$enableval ],
+    [ ENABLED_AES=yes ]
+    )
+
+if test "$ENABLED_AES" = "no"
+then
+    AM_CFLAGS="$AM_CFLAGS -DNO_AES"
+else
+    # turn off AES if leanpsk on
+    if test "$ENABLED_LEANPSK" = "yes"
+    then
+        AM_CFLAGS="$AM_CFLAGS -DNO_AES"
+        ENABLED_AES=no
+    fi
+fi
+
+AM_CONDITIONAL([BUILD_AES], [test "x$ENABLED_AES" = "xyes"])
+
+
+# CODING
+AC_ARG_ENABLE([coding],
+    [  --enable-coding         Enable Coding base 16/64 (default: enabled)],
+    [ ENABLED_CODING=$enableval ],
+    [ ENABLED_CODING=yes ]
+    )
+
+if test "$ENABLED_CODING" = "no"
+then
+    AM_CFLAGS="$AM_CFLAGS -DNO_CODING"
+else
+    # turn off CODING if leanpsk on
+    if test "$ENABLED_LEANPSK" = "yes"
+    then
+        AM_CFLAGS="$AM_CFLAGS -DNO_CODING"
+        ENABLED_CODING=no
+    fi
+fi
+
+AM_CONDITIONAL([BUILD_CODING], [test "x$ENABLED_CODING" = "xyes"])
+
+
+# DES3
+AC_ARG_ENABLE([des3],
+    [  --enable-des3           Enable DES3 (default: enabled)],
+    [ ENABLED_DES3=$enableval ],
+    [ ENABLED_DES3=yes ]
+    )
+
+if test "$ENABLED_DES3" = "no"
+then
+    AM_CFLAGS="$AM_CFLAGS -DNO_DES3"
+else
+    # turn off DES3 if leanpsk on
+    if test "$ENABLED_LEANPSK" = "yes"
+    then
+        AM_CFLAGS="$AM_CFLAGS -DNO_DES3"
+        ENABLED_DES3=no
+    fi
+fi
+
+AM_CONDITIONAL([BUILD_DES3], [test "x$ENABLED_DES3" = "xyes"])
+
+
+# ARC4 
+AC_ARG_ENABLE([arc4],
+    [  --enable-arc4           Enable ARC4 (default: enabled)],
+    [ ENABLED_ARC4=$enableval ],
+    [ ENABLED_ARC4=yes ]
+    )
+
+if test "$ENABLED_ARC4" = "no"
+then
+    AM_CFLAGS="$AM_CFLAGS -DNO_RC4"
+else
+    # turn off ARC4 if leanpsk on
+    if test "$ENABLED_LEANPSK" = "yes"
+    then
+        AM_CFLAGS="$AM_CFLAGS -DNO_RC4"
+        ENABLED_ARC4=no
+    fi
+fi
+
+AM_CONDITIONAL([BUILD_RC4], [test "x$ENABLED_ARC4" = "xyes"])
+
+
+# MD5 
+AC_ARG_ENABLE([md5],
+    [  --enable-md5            Enable MD5 (default: enabled)],
+    [ ENABLED_MD5=$enableval ],
+    [ ENABLED_MD5=yes ]
+    )
+
+if test "$ENABLED_MD5" = "no"
+then
+    AM_CFLAGS="$AM_CFLAGS -DNO_MD5 -DNO_OLD_TLS"
+else
+    # turn off MD5 if leanpsk on
+    if test "$ENABLED_LEANPSK" = "yes"
+    then
+        AM_CFLAGS="$AM_CFLAGS -DNO_MD5 -DNO_OLD_TLS"
+        ENABLED_MD5=no
+    fi
+fi
+
+AM_CONDITIONAL([BUILD_MD5], [test "x$ENABLED_MD5" = "xyes"])
+
+
+# SHA 
+AC_ARG_ENABLE([sha],
+    [  --enable-sha            Enable SHA (default: enabled)],
+    [ ENABLED_SHA=$enableval ],
+    [ ENABLED_SHA=yes ]
+    )
+
+if test "$ENABLED_SHA" = "no"
+then
+    AM_CFLAGS="$AM_CFLAGS -DNO_SHA -DNO_OLD_TLS"
+else
+    # turn off SHA if leanpsk on
+    if test "$ENABLED_LEANPSK" = "yes"
+    then
+        AM_CFLAGS="$AM_CFLAGS -DNO_SHA -DNO_OLD_TLS"
+        ENABLED_SHA=no
+    fi
+fi
+
+AM_CONDITIONAL([BUILD_SHA], [test "x$ENABLED_SHA" = "xyes"])
+
+
+# MD4 
+AC_ARG_ENABLE([md4],
+    [  --enable-md4            Enable MD4 (default: disabled)],
+    [ ENABLED_MD4=$enableval ],
+    [ ENABLED_MD4=no ]
+    )
+
+if test "$ENABLED_MD4" = "no"
+then
+    AM_CFLAGS="$AM_CFLAGS -DNO_MD4"
+fi
+
+AM_CONDITIONAL([BUILD_MD4], [test "x$ENABLED_MD4" = "xyes"])
+
+
+# Web Server Build 
+AC_ARG_ENABLE([webserver],
+    [  --enable-webserver      Enable Web Server (default: disabled)],
+    [ ENABLED_WEBSERVER=$enableval ],
+    [ ENABLED_WEBSERVER=no ]
+    )
+
+if test "$ENABLED_WEBSERVER" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DHAVE_WEBSERVER"
+fi
+
+
+
+# HC128 
+AC_ARG_ENABLE([hc128],
+    [  --enable-hc128          Enable HC-128 (default: disabled)],
+    [ ENABLED_HC128=$enableval ],
+    [ ENABLED_HC128=no ]
+    )
+
+if test "$ENABLED_HC128" = "no"
+then
+    AM_CFLAGS="$AM_CFLAGS -DNO_HC128"
+else
+    AM_CFLAGS="$AM_CFLAGS -DHAVE_HC128"
+fi
+
+AM_CONDITIONAL([BUILD_HC128], [test "x$ENABLED_HC128" = "xyes"])
+
+
+# RABBIT
+AC_ARG_ENABLE([rabbit],
+    [  --enable-rabbit         Enable RABBIT (default: disabled)],
+    [ ENABLED_RABBIT=$enableval ],
+    [ ENABLED_RABBIT=no ]
+    )
+
+if test "$ENABLED_RABBIT" = "no"
+then
+    AM_CFLAGS="$AM_CFLAGS -DNO_RABBIT"
+else
+    AM_CFLAGS="$AM_CFLAGS -DHAVE_RABBIT"
+fi
+
+AM_CONDITIONAL([BUILD_RABBIT], [test "x$ENABLED_RABBIT" = "xyes"])
+
+
+# CHACHA
+AC_ARG_ENABLE([chacha],
+    [  --enable-chacha         Enable CHACHA (default: disabled)],
+    [ ENABLED_CHACHA=$enableval ],
+    [ ENABLED_CHACHA=no ]
+    )
+
+if test "$ENABLED_CHACHA" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DHAVE_CHACHA"
+fi
+
+AM_CONDITIONAL([BUILD_CHACHA], [test "x$ENABLED_CHACHA" = "xyes"])
+
+
+# FIPS 
+AC_ARG_ENABLE([fips],
+    [  --enable-fips           Enable FIPS 140-2 (default: disabled)],
+    [ ENABLED_FIPS=$enableval ],
+    [ ENABLED_FIPS=no ]
+    )
+
+if test "x$ENABLED_FIPS" = "xyes"
+then
+    # requires thread local storage
+    if test "$thread_ls_on" = "no"
+    then
+        AC_MSG_ERROR([FIPS requires Thread Local Storage])
+    fi
+    # requires SHA512
+    if test "x$ENABLED_SHA512" = "xno"
+    then
+        ENABLED_SHA512="yes"
+        AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SHA512 -DWOLFSSL_SHA384"
+        AM_CONDITIONAL([BUILD_SHA512], [test "x$ENABLED_SHA512" = "xyes"])
+    fi
+    # requires AESGCM
+    if test "x$ENABLED_AESGCM" != "xyes"
+    then
+        ENABLED_AESGCM="yes"
+        AM_CFLAGS="$AM_CFLAGS -DHAVE_AESGCM"
+        AM_CONDITIONAL([BUILD_SHA512], [test "x$ENABLED_SHA512" = "xyes"])
+    fi
+    AM_CFLAGS="$AM_CFLAGS -DHAVE_FIPS"
+fi
+
+AM_CONDITIONAL([BUILD_FIPS], [test "x$ENABLED_FIPS" = "xyes"])
+
+
+# Hash DRBG
+AC_ARG_ENABLE([hashdrbg],
+    [  --enable-hashdrbg       Enable Hash DRBG support (default: enabled)],
+    [ ENABLED_HASHDRBG=$enableval ],
+    [ ENABLED_HASHDRBG=yes ]
+    )
+
+if test "x$ENABLED_HASHDRBG" = "xyes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DHAVE_HASHDRBG"
+else
+    # turn on Hash DRBG if FIPS is on or ARC4 is off
+    if test "x$ENABLED_FIPS" = "xyes" || test "x$ENABLED_ARC4" = "xno"
+    then
+        AM_CFLAGS="$AM_CFLAGS -DHAVE_HASHDRBG"
+        ENABLED_HASHDRBG=yes
+    fi
+fi
+
+
+# Filesystem Build 
+AC_ARG_ENABLE([filesystem],
+    [  --enable-filesystem     Enable Filesystem support (default: enabled)],
+    [ ENABLED_FILESYSTEM=$enableval ],
+    [ ENABLED_FILESYSTEM=yes ]
+    )
+
+if test "$ENABLED_FILESYSTEM" = "no"
+then
+    AM_CFLAGS="$AM_CFLAGS -DNO_FILESYSTEM"
+else
+    # turn off filesystem if leanpsk on
+    if test "$ENABLED_LEANPSK" = "yes"
+    then
+        AM_CFLAGS="$AM_CFLAGS -DNO_FILESYSTEM"
+        ENABLED_FILESYSTEM=no
+    fi
+fi
+
+
+# inline Build 
+AC_ARG_ENABLE([inline],
+    [  --enable-inline         Enable inline functions (default: enabled)],
+    [ ENABLED_INLINE=$enableval ],
+    [ ENABLED_INLINE=yes ]
+    )
+
+if test "$ENABLED_INLINE" = "no"
+then
+    AM_CFLAGS="$AM_CFLAGS -DNO_INLINE"
+fi
+
+AM_CONDITIONAL([BUILD_INLINE], [test "x$ENABLED_INLINE" = "xyes"])
+
+
+# OCSP
+AC_ARG_ENABLE([ocsp],
+    [  --enable-ocsp           Enable OCSP (default: disabled)],
+    [ ENABLED_OCSP=$enableval ],
+    [ ENABLED_OCSP=no ],
+    )
+
+if test "$ENABLED_OCSP" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DHAVE_OCSP"
+fi
+
+AM_CONDITIONAL([BUILD_OCSP], [test "x$ENABLED_OCSP" = "xyes"])
+
+
+if test "$ENABLED_OCSP" = "yes"
+then
+    # check openssl command tool for testing ocsp
+    AC_CHECK_PROG([HAVE_OPENSSL_CMD],[openssl],[yes],[no])
+
+    if test "$HAVE_OPENSSL_CMD" = "yes"
+    then
+        AM_CFLAGS="$AM_CFLAGS -DHAVE_OPENSSL_CMD"
+    else
+        AC_MSG_WARN([openssl command line tool not available for testing ocsp])
+    fi
+fi
+
+
+# CRL 
+AC_ARG_ENABLE([crl],
+    [  --enable-crl            Enable CRL (default: disabled)],
+    [ ENABLED_CRL=$enableval ],
+    [ ENABLED_CRL=no ],
+    )
+
+if test "$ENABLED_CRL" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DHAVE_CRL"
+fi
+
+AM_CONDITIONAL([BUILD_CRL], [test "x$ENABLED_CRL" = "xyes"])
+
+
+# CRL Monitor
+AC_ARG_ENABLE([crl-monitor],
+    [  --enable-crl-monitor    Enable CRL Monitor (default: disabled)],
+    [ ENABLED_CRL_MONITOR=$enableval ],
+    [ ENABLED_CRL_MONITOR=no ],
+    )
+
+if test "$ENABLED_CRL_MONITOR" = "yes"
+then
+    case $host_os in
+    *linux* | *darwin* | *freebsd*)
+        AM_CFLAGS="$AM_CFLAGS -DHAVE_CRL_MONITOR" ;;
+    *)
+        AC_MSG_ERROR([crl monitor only allowed on linux, OS X, or freebsd]) ;;
+    esac
+fi
+
+AM_CONDITIONAL([BUILD_CRL_MONITOR], [test "x$ENABLED_CRL_MONITOR" = "xyes"])
+
+
+# NTRU
+ENABLED_NTRU="no"
+tryntrudir=""
+AC_ARG_WITH([ntru],
+    [  --with-ntru=PATH        Path to NTRU install (default /usr/) ],
+    [
+        AC_MSG_CHECKING([for NTRU])
+        CPPFLAGS="$CPPFLAGS -DHAVE_NTRU"
+        LIBS="$LIBS -lNTRUEncrypt"
+
+        AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include ]], [[ ntru_crypto_drbg_instantiate(0, 0, 0, 0, 0); ]])], [ ntru_linked=yes ],[ ntru_linked=no ])
+
+        if test "x$ntru_linked" == "xno" ; then
+            if test "x$withval" != "xno" ; then
+                tryntrudir=$withval
+            fi
+            if test "x$withval" == "xyes" ; then
+                tryntrudir="/usr"
+            fi
+
+            LDFLAGS="$AM_LDFLAGS -L$tryntrudir/lib"
+            CPPFLAGS="$CPPFLAGS -I$tryntrudir/include"
+
+            AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include ]], [[ ntru_crypto_drbg_instantiate(0, 0, 0, 0, 0); ]])], [ ntru_linked=yes ],[ ntru_linked=no ])
+
+            if test "x$ntru_linked" == "xno" ; then
+                AC_MSG_ERROR([NTRU isn't found.
+                If it's already installed, specify its path using --with-ntru=/dir/])
+            fi
+            AC_MSG_RESULT([yes])
+            AM_LDFLAGS="$AM_LDFLAGS -L$tryntrudir/lib"
+        else
+            AC_MSG_RESULT([yes])
+        fi
+
+        AM_CFLAGS="$AM_CFLAGS -DHAVE_NTRU"
+        ENABLED_NTRU="yes"
+    ]
+)
+
+AM_CONDITIONAL([BUILD_NTRU], [test "x$ENABLED_NTRU" = "xyes"])
+
+if test "$ENABLED_NTRU" = "yes" && test "$ENABLED_SMALL" = "yes"
+then
+    AC_MSG_ERROR([cannot enable ntru and small, ntru requires TLS which small turns off.]) 
+fi
+
+# SNI
+AC_ARG_ENABLE([sni],
+    [  --enable-sni            Enable SNI (default: disabled)],
+    [ ENABLED_SNI=$enableval ],
+    [ ENABLED_SNI=no ]
+    )
+
+if test "x$ENABLED_SNI" = "xyes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DHAVE_TLS_EXTENSIONS -DHAVE_SNI"
+fi
+
+# Maximum Fragment Length
+AC_ARG_ENABLE([maxfragment],
+    [  --enable-maxfragment    Enable Maximum Fragment Length (default: disabled)],
+    [ ENABLED_MAX_FRAGMENT=$enableval ],
+    [ ENABLED_MAX_FRAGMENT=no ]
+    )
+
+if test "x$ENABLED_MAX_FRAGMENT" = "xyes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DHAVE_TLS_EXTENSIONS -DHAVE_MAX_FRAGMENT"
+fi
+
+# Truncated HMAC
+AC_ARG_ENABLE([truncatedhmac],
+    [  --enable-truncatedhmac  Enable Truncated HMAC (default: disabled)],
+    [ ENABLED_TRUNCATED_HMAC=$enableval ],
+    [ ENABLED_TRUNCATED_HMAC=no ]
+    )
+
+if test "x$ENABLED_TRUNCATED_HMAC" = "xyes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DHAVE_TLS_EXTENSIONS -DHAVE_TRUNCATED_HMAC"
+fi
+
+# Renegotiation Indication - (FAKE Secure Renegotiation)
+AC_ARG_ENABLE([renegotiation-indication],
+    [  --enable-renegotiation-indication  Enable Renegotiation Indication (default: disabled)],
+    [ ENABLED_RENEGOTIATION_INDICATION=$enableval ],
+    [ ENABLED_RENEGOTIATION_INDICATION=no ]
+    )
+
+if test "x$ENABLED_RENEGOTIATION_INDICATION" = "xyes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DHAVE_RENEGOTIATION_INDICATION"
+fi
+
+# Secure Renegotiation
+AC_ARG_ENABLE([secure-renegotiation],
+    [  --enable-secure-renegotiation Enable Secure Renegotiation (default: disabled)],
+    [ ENABLED_SECURE_RENEGOTIATION=$enableval ],
+    [ ENABLED_SECURE_RENEGOTIATION=no ]
+    )
+
+if test "x$ENABLED_SECURE_RENEGOTIATION" = "xyes"
+then
+    if test "x$ENABLED_RENEGOTIATION_INDICATION" = "xyes"
+    then
+        AC_MSG_ERROR([cannot enable renegotiation-indication and secure-renegotiation.])
+    fi
+    AM_CFLAGS="$AM_CFLAGS -DHAVE_TLS_EXTENSIONS -DHAVE_SECURE_RENEGOTIATION"
+fi
+
+# Supported Elliptic Curves Extensions
+AC_ARG_ENABLE([supportedcurves],
+    [  --enable-supportedcurves Enable Supported Elliptic Curves (default: disabled)],
+    [ ENABLED_SUPPORTED_CURVES=$enableval ],
+    [ ENABLED_SUPPORTED_CURVES=no ]
+    )
+
+if test "x$ENABLED_SUPPORTED_CURVES" = "xyes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DHAVE_TLS_EXTENSIONS -DHAVE_SUPPORTED_CURVES"
+fi
+
+# Session Ticket Extension
+AC_ARG_ENABLE([session-ticket],
+    [  --enable-session-ticket  Enable Session Ticket (default: disabled)],
+    [ ENABLED_SESSION_TICKET=$enableval ],
+    [ ENABLED_SESSION_TICKET=no ]
+    )
+
+if test "x$ENABLED_SESSION_TICKET" = "xyes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DHAVE_TLS_EXTENSIONS -DHAVE_SESSION_TICKET"
+fi
+
+# TLS Extensions
+AC_ARG_ENABLE([tlsx],
+    [  --enable-tlsx           Enable all TLS Extensions (default: disabled)],
+    [ ENABLED_TLSX=$enableval ],
+    [ ENABLED_TLSX=no ]
+    )
+
+if test "x$ENABLED_TLSX" = "xyes"
+then
+	ENABLED_SNI=yes
+	ENABLED_MAX_FRAGMENT=yes
+	ENABLED_TRUNCATED_HMAC=yes
+	ENABLED_SUPPORTED_CURVES=yes
+    AM_CFLAGS="$AM_CFLAGS -DHAVE_TLS_EXTENSIONS -DHAVE_SNI -DHAVE_MAX_FRAGMENT -DHAVE_TRUNCATED_HMAC -DHAVE_SUPPORTED_CURVES"
+fi
+
+# PKCS7
+AC_ARG_ENABLE([pkcs7],
+    [  --enable-pkcs7          Enable PKCS7 (default: disabled)],
+    [ ENABLED_PKCS7=$enableval ],
+    [ ENABLED_PKCS7=no ],
+    )
+
+if test "$ENABLED_PKCS7" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DHAVE_PKCS7"
+fi
+
+AM_CONDITIONAL([BUILD_PKCS7], [test "x$ENABLED_PKCS7" = "xyes"])
+
+
+# Simple Certificate Enrollment Protocol (SCEP)
+AC_ARG_ENABLE([scep],
+    [  --enable-scep           Enable wolfSCEP (default: disabled)],
+    [ ENABLED_WOLFSCEP=$enableval ],
+    [ ENABLED_WOLFSCEP=no ]
+    )
+if test "$ENABLED_WOLFSCEP" = "yes"
+then
+    # Enable prereqs if not already enabled
+    if test "x$ENABLED_KEYGEN" = "xno"
+    then
+        ENABLED_KEYGEN="yes"
+        AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_KEY_GEN"
+    fi
+    if test "x$ENABLED_CERTGEN" = "xno"
+    then
+        ENABLED_CERTGEN="yes"
+        AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_CERT_GEN"
+    fi
+    if test "x$ENABLED_CERTREQ" = "xno"
+    then
+        ENABLED_CERTREQ="yes"
+        AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_CERT_REQ"
+    fi
+    if test "x$ENABLED_PKCS7" = "xno"
+    then
+        ENABLED_PKCS7="yes"
+        AM_CFLAGS="$AM_CFLAGS -DHAVE_PKCS7"
+        AM_CONDITIONAL([BUILD_PKCS7], [test "x$ENABLED_PKCS7" = "xyes"])
+    fi
+    AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_HAVE_WOLFSCEP"
+fi
+
+
+# Small Stack
+AC_ARG_ENABLE([smallstack],
+    [  --enable-smallstack     Enable Small Stack Usage (default: disabled)],
+    [ ENABLED_SMALL_STACK=$enableval ],
+    [ ENABLED_SMALL_STACK=no ]
+    )
+
+if test "x$ENABLED_SMALL_STACK" = "xyes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SMALL_STACK"
+fi
+
+
+#valgrind
+AC_ARG_ENABLE([valgrind],
+    [  --enable-valgrind       Enable valgrind for unit tests (default: disabled)],
+    [ ENABLED_VALGRIND=$enableval ],
+    [ ENABLED_VALGRIND=no ]
+    )
+
+if test "$ENABLED_VALGRIND" = "yes"
+then
+    AC_CHECK_PROG([HAVE_VALGRIND],[valgrind],[yes],[no])
+
+    if test "$HAVE_VALGRIND" = "no"
+    then
+        AC_MSG_ERROR([Valgrind not found.])
+    fi
+    enable_shared=no
+    enable_static=yes
+    AM_CFLAGS="$AM_CFLAGS -DHAVE_VALGRIND"
+fi
+
+AM_CONDITIONAL([USE_VALGRIND], [test "x$ENABLED_VALGRIND" = "xyes"])
+
+
+# Test certs, use internal cert functions for extra testing 
+AC_ARG_ENABLE([testcert],
+    [  --enable-testcert       Enable Test Cert (default: disabled)],
+    [ ENABLED_TESTCERT=$enableval ],
+    [ ENABLED_TESTCERT=no ]
+    )
+
+if test "$ENABLED_TESTCERT" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_TEST_CERT"
+fi
+
+
+# I/O Pool, an example to show user how to override memory handler and use
+# a pool for the input/output buffer requests
+AC_ARG_ENABLE([iopool],
+    [  --enable-iopool         Enable I/O Pool example (default: disabled)],
+    [ ENABLED_IOPOOL=$enableval ],
+    [ ENABLED_IOPOOL=no ]
+    )
+
+if test "$ENABLED_IOPOOL" = "yes"
+then
+    if test "$thread_ls_on" = "no"
+    then
+        AC_MSG_ERROR([I/O Pool example requires Thread Local Storage])
+    fi
+    AM_CFLAGS="$AM_CFLAGS -DHAVE_IO_POOL -DXMALLOC_USER"
+fi
+
+
+# Certificate Service Support 
+AC_ARG_ENABLE([certservice],
+    [  --enable-certservice    Enable cert service (default: disabled)],
+    [ ENABLED_CERT_SERVICE=$enableval ],
+    [ ENABLED_CERT_SERVICE=no ]
+    )
+if test "$ENABLED_CERT_SERVICE" = "yes"
+then
+    # Requires ecc,certgen, and opensslextra make sure on
+    if test "x$ENABLED_CERTGEN" = "xno"
+    then
+        ENABLED_CERTGEN="yes"
+        AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_CERT_GEN"
+    fi
+    if test "x$ENABLED_ECC" = "xno"
+    then
+        ENABLED_ECC="yes"
+        AM_CFLAGS="$AM_CFLAGS -DHAVE_ECC -DTFM_ECC256 -DECC_SHAMIR"
+        AM_CONDITIONAL([BUILD_ECC], [test "x$ENABLED_ECC" = "xyes"])
+    fi
+    if test "x$ENABLED_OPENSSLEXTRA" = "xno"
+    then
+        ENABLED_OPENSSLEXTRA="yes"
+        AM_CFLAGS="-DOPENSSL_EXTRA $AM_CFLAGS"
+    fi
+    AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_HAVE_CERT_SERVICE"
+fi
+
+
+# PWDBASED has to come after certservice since we want it on w/o explicit on
+# PWDBASED
+AC_ARG_ENABLE([pwdbased],
+    [  --enable-pwdbased       Enable PWDBASED (default: disabled)],
+    [ ENABLED_PWDBASED=$enableval ],
+    [ ENABLED_PWDBASED=no ]
+    )
+
+if test "$ENABLED_PWDBASED" = "no"
+then
+    if test "$ENABLED_OPENSSLEXTRA" = "yes" || test "$ENABLED_WEBSERVER" = "yes"
+    then
+        # opensslextra and webserver needs pwdbased
+        ENABLED_PWDBASED=yes
+    else
+        AM_CFLAGS="$AM_CFLAGS -DNO_PWDBASED"
+    fi
+fi
+
+AM_CONDITIONAL([BUILD_PWDBASED], [test "x$ENABLED_PWDBASED" = "xyes"])
+
+
+# set fastmath default
+FASTMATH_DEFAULT=no
+
+if test "$host_cpu" = "x86_64"
+then
+FASTMATH_DEFAULT=yes
+fi
+
+# fastmath
+AC_ARG_ENABLE([fastmath],
+    [  --enable-fastmath       Enable fast math ops (default: enabled on x86_64)],
+    [ ENABLED_FASTMATH=$enableval ],
+    [ ENABLED_FASTMATH=$FASTMATH_DEFAULT]
+    )
+
+if test "x$ENABLED_FASTMATH" = "xyes"
+then
+    # turn off fastmth if leanpsk on or asn off
+    if test "$ENABLED_LEANPSK" = "yes" || test "$ENABLED_ASN" = "no"
+    then
+        ENABLED_FASTMATH=no
+    else
+        AM_CFLAGS="$AM_CFLAGS -DUSE_FAST_MATH"
+        ENABLED_SLOWMATH="no"
+    fi
+fi
+
+
+# fast HUGE math
+AC_ARG_ENABLE([fasthugemath],
+    [  --enable-fasthugemath   Enable fast math + huge code (default: disabled)],
+    [ ENABLED_FASTHUGEMATH=$enableval ],
+    [ ENABLED_FASTHUGEMATH=no ]
+    )
+
+if test "$ENABLED_BUMP" = "yes"
+then
+    ENABLED_FASTHUGEMATH="yes"
+fi
+
+if test "$ENABLED_FASTHUGEMATH" = "yes"
+then
+    ENABLED_FASTMATH="yes"
+    AM_CFLAGS="$AM_CFLAGS -DUSE_FAST_MATH"
+    ENABLED_SLOWMATH="no"
+fi
+
+AM_CONDITIONAL([BUILD_FASTMATH], [test "x$ENABLED_FASTMATH" = "xyes"])
+AM_CONDITIONAL([BUILD_SLOWMATH], [test "x$ENABLED_SLOWMATH" = "xyes"])
+
+
+# Enable Examples, used to disable examples
+AC_ARG_ENABLE([examples],
+    [  --enable-examples       Enable Examples  (default: enabled)],
+    [ ENABLED_EXAMPLES=$enableval ],
+    [ ENABLED_EXAMPLES=yes ]
+    )
+
+AS_IF([test "x$ENABLED_FILESYSTEM" = "xno"], [ENABLED_EXAMPLES="no"])
+AS_IF([test "x$ENABLED_INLINE" = "xno"], [ENABLED_EXAMPLES="no"])
+# certs still have sha signatures for now 
+AS_IF([test "x$ENABLED_SHA" = "xno"], [ENABLED_EXAMPLES="no"])
+AM_CONDITIONAL([BUILD_EXAMPLES], [test "x$ENABLED_EXAMPLES" = "xyes"])
+
+
+# LIBZ
+ENABLED_LIBZ="no"
+trylibzdir=""
+AC_ARG_WITH([libz],
+    [  --with-libz=PATH        PATH to libz install (default /usr/) ],
+    [
+        AC_MSG_CHECKING([for libz])
+        CPPFLAGS="$CPPFLAGS -DHAVE_LIBZ"
+        LIBS="$LIBS -lz"
+
+        AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include ]], [[ deflateInit(0, 8); ]])],[ libz_linked=yes ],[ libz_linked=no ])
+
+        if test "x$libz_linked" == "xno" ; then
+            if test "x$withval" != "xno" ; then
+                trylibzdir=$withval
+            fi
+            if test "x$withval" == "xyes" ; then
+                trylibzdir="/usr"
+            fi
+
+            AM_LDFLAGS="$AM_LDFLAGS -L$trylibzdir/lib"
+            CPPFLAGS="$CPPFLAGS -I$trylibzdir/include"
+
+            AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include ]], [[ deflateInit(0, 8); ]])],[ libz_linked=yes ],[ libz_linked=no ])
+
+            if test "x$libz_linked" == "xno" ; then
+                AC_MSG_ERROR([libz isn't found.
+                If it's already installed, specify its path using --with-libz=/dir/])
+            fi
+            AC_MSG_RESULT([yes])
+        else
+            AC_MSG_RESULT([yes])
+        fi
+        ENABLED_LIBZ="yes"
+    ]
+)
+AM_CONDITIONAL([BUILD_LIBZ], [test "x$ENABLED_LIBZ" = "xyes"])
+
+
+# cavium 
+trycaviumdir=""
+AC_ARG_WITH([cavium],
+    [  --with-cavium=PATH      PATH to cavium/software dir ],
+    [
+        AC_MSG_CHECKING([for cavium])
+        CPPFLAGS="$CPPFLAGS -DHAVE_CAVIUM"
+
+            if test "x$withval" == "xyes" ; then
+                AC_MSG_ERROR([need a PATH for --with-cavium])
+            fi
+            if test "x$withval" != "xno" ; then
+                trycaviumdir=$withval
+            fi
+
+            LDFLAGS="$AM_LDFLAGS $trycaviumdir/api/cavium_common.o"
+            CPPFLAGS="$CPPFLAGS -I$trycaviumdir/include"
+
+            AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include "cavium_common.h"]], [[ CspShutdown(CAVIUM_DEV_ID); ]])],[ cavium_linked=yes ],[ cavium_linked=no ])
+
+            if test "x$cavium_linked" == "xno" ; then
+                AC_MSG_ERROR([cavium isn't found.
+                If it's already installed, specify its path using --with-cavium=/dir/])
+            fi
+            AC_MSG_RESULT([yes])
+            enable_shared=no
+            enable_static=yes
+    ]
+)
+
+
+# microchip api
+AC_ARG_ENABLE([mcapi],
+    [  --enable-mcapi          Enable Microchip API (default: disabled)],
+    [ ENABLED_MCAPI=$enableval ],
+    [ ENABLED_MCAPI=no ]
+    )
+
+if test "$ENABLED_MCAPI" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DHAVE_MCAPI -DWOLFSSL_AES_COUNTER -DWOLFSSL_AES_DIRECT"
+fi
+
+if test "$ENABLED_MCAPI" = "yes" && test "$ENABLED_SHA512" = "no"
+then
+    AC_MSG_ERROR([please enable sha512 if enabling mcapi.])
+fi
+
+if test "$ENABLED_MCAPI" = "yes" && test "$ENABLED_ECC" = "no"
+then
+    AC_MSG_ERROR([please enable ecc if enabling mcapi.])
+fi
+
+if test "$ENABLED_MCAPI" = "yes" && test "$ENABLED_LIBZ" = "no"
+then
+    AC_MSG_ERROR([please use --with-libz if enabling mcapi.])
+fi
+
+AM_CONDITIONAL([BUILD_MCAPI], [test "x$ENABLED_MCAPI" = "xyes"])
+
+
+
+# OPTIMIZE FLAGS
+if test "$GCC" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -Wall -Wno-unused"
+    if test "$ax_enable_debug" = "no"
+    then
+        if test "$ENABLED_FASTMATH" = "yes"
+        then
+            AM_CFLAGS="$AM_CFLAGS $OPTIMIZE_FAST_CFLAGS"
+            if test "$ENABLED_FASTHUGEMATH" = "yes"
+            then
+                AM_CFLAGS="$AM_CFLAGS $OPTIMIZE_HUGE_CFLAGS"
+            fi
+        else
+            AM_CFLAGS="$AM_CFLAGS $OPTIMIZE_CFLAGS"
+        fi
+    fi
+fi
+
+# ICC command line warning for non supported warning flags
+if test "$CC" = "icc"
+then
+    AM_CFLAGS="$AM_CFLAGS -wd10006"
+fi
+
+
+LIB_SOCKET_NSL
+AX_HARDEN_CC_COMPILER_FLAGS
+
+# link to ws2_32 if on mingw
+case $host_os in
+    *mingw32)
+        LDFLAGS="$LDFLAGS -lws2_32" ;;
+esac
+
+# add user C_EXTRA_FLAGS back
+CFLAGS="$CFLAGS $USER_C_EXTRA_FLAGS"
+OPTION_FLAGS="$USER_C_EXTRA_FLAGS $AM_CFLAGS"
+
+CREATE_HEX_VERSION
+AC_SUBST([AM_CPPFLAGS])
+AC_SUBST([AM_CFLAGS])
+AC_SUBST([AM_LDFLAGS])
+
+# FINAL
+AC_CONFIG_FILES([stamp-h], [echo timestamp > stamp-h])
+AC_CONFIG_FILES([Makefile])
+AC_CONFIG_FILES([wolfssl/version.h])
+AC_CONFIG_FILES([wolfssl/options.h])
+#have options.h and version.h for autoconf fips tag and build
+#if test "x$ENABLED_FIPS" = "xyes"
+#then
+#    AC_CONFIG_FILES([cyassl/version.h])
+#    AC_CONFIG_FILES([cyassl/options.h])
+#fi
+AC_CONFIG_FILES([support/wolfssl.pc])
+AC_CONFIG_FILES([rpm/spec])
+
+AX_CREATE_GENERIC_CONFIG
+AX_AM_JOBSERVER([yes])
+
+AC_OUTPUT
+
+
+# force make clean
+echo "---"
+echo "Running make clean..."
+make clean >/dev/null 2>&1
+# Touch files that may not be in repository
+echo "Touching File..."
+touch ctaocrypt/src/fips.c
+touch ctaocrypt/src/fips_test.c
+echo
+
+# generate user options header 
+echo "---"
+echo "Generating user options header..."
+
+OPTION_FILE="wolfssl/options.h"
+#if
+#OPTION_FILE+="cyassl/options.h"
+#fi
+rm -f $OPTION_FILE
+
+echo "/* wolfssl options.h" > $OPTION_FILE 
+echo " * generated from configure options" >> $OPTION_FILE
+echo " *" >> $OPTION_FILE
+echo " * Copyright (C) 2006-2015 wolfSSL Inc." >> $OPTION_FILE
+echo " *" >> $OPTION_FILE
+echo " * This file is part of wolfSSL. (formerly known as CyaSSL)" >> $OPTION_FILE
+echo " *" >> $OPTION_FILE
+echo " */" >> $OPTION_FILE
+
+echo "" >> $OPTION_FILE 
+echo "#pragma once" >> $OPTION_FILE 
+echo "" >> $OPTION_FILE 
+echo "#ifdef __cplusplus" >> $OPTION_FILE 
+echo "extern \"C\" {" >> $OPTION_FILE 
+echo "#endif" >> $OPTION_FILE 
+echo "" >> $OPTION_FILE 
+
+for option in $OPTION_FLAGS; do
+    defonly=`echo $option | sed 's/-D//'`
+    if test "$defonly" != "$option"
+    then
+        noequalsign=`echo $defonly | sed 's/=/ /'`
+        echo "#undef  $noequalsign" >> $OPTION_FILE 
+        echo "#define $noequalsign" >> $OPTION_FILE 
+        echo "" >> $OPTION_FILE 
+    else
+        echo "option w/o begin -D is $option, not saving to $OPTION_FILE"
+    fi
+done
+
+echo "" >> $OPTION_FILE 
+echo "#ifdef __cplusplus" >> $OPTION_FILE 
+echo "}" >> $OPTION_FILE 
+echo "#endif" >> $OPTION_FILE 
+echo "" >> $OPTION_FILE 
+echo
+
+#backwards compatability for those who have included options or version
+touch cyassl/options.h
+echo "/* cyassl options.h" > cyassl/options.h
+echo " * generated from wolfssl/options.h" >> cyassl/options.h
+echo " */" >> cyassl/options.h
+echo ""
+while read -r line
+do
+    echo "$line" >> cyassl/options.h
+done < $OPTION_FILE
+
+# output config summary
+echo "---"
+echo "Configuration summary for $PACKAGE_NAME version $VERSION"
+echo ""
+echo "   * Installation prefix:       $prefix"
+echo "   * System type:               $host_vendor-$host_os"
+echo "   * Host CPU:                  $host_cpu"
+echo "   * C Compiler:                $CC"
+echo "   * C Flags:                   $CFLAGS"
+echo "   * C++ Compiler:              $CXX"
+echo "   * C++ Flags:                 $CXXFLAGS"
+echo "   * CPP Flags:                 $CPPFLAGS"
+echo "   * LIB Flags:                 $LIB"
+echo "   * Debug enabled:             $ax_enable_debug"
+echo "   * Warnings as failure:       $ac_cv_warnings_as_errors"
+echo "   * make -j:                   $enable_jobserver"
+echo "   * VCS checkout:              $ac_cv_vcs_checkout"
+echo 
+echo "   Features "
+echo "   * Single threaded:           $ENABLED_SINGLETHREADED"
+echo "   * Filesystem:                $ENABLED_FILESYSTEM"
+echo "   * OpenSSL Extra API:         $ENABLED_OPENSSLEXTRA"
+echo "   * fastmath:                  $ENABLED_FASTMATH"
+echo "   * sniffer:                   $ENABLED_SNIFFER"
+echo "   * snifftest:                 $ENABLED_SNIFFTEST"
+echo "   * ARC4:                      $ENABLED_ARC4"
+echo "   * AES:                       $ENABLED_AES"
+echo "   * AES-NI:                    $ENABLED_AESNI"
+echo "   * AES-GCM:                   $ENABLED_AESGCM"
+echo "   * AES-CCM:                   $ENABLED_AESCCM"
+echo "   * DES3:                      $ENABLED_DES3"
+echo "   * Camellia:                  $ENABLED_CAMELLIA"
+echo "   * NULL Cipher:               $ENABLED_NULL_CIPHER"
+echo "   * MD5:                       $ENABLED_MD5"
+echo "   * RIPEMD:                    $ENABLED_RIPEMD"
+echo "   * SHA:                       $ENABLED_SHA"
+echo "   * SHA-512:                   $ENABLED_SHA512"
+echo "   * BLAKE2:                    $ENABLED_BLAKE2"
+echo "   * keygen:                    $ENABLED_KEYGEN"
+echo "   * certgen:                   $ENABLED_CERTGEN"
+echo "   * certreq:                   $ENABLED_CERTREQ"
+echo "   * HC-128:                    $ENABLED_HC128"
+echo "   * RABBIT:                    $ENABLED_RABBIT"
+echo "   * CHACHA:                    $ENABLED_CHACHA"
+echo "   * Hash DRBG:                 $ENABLED_HASHDRBG"
+echo "   * PWDBASED:                  $ENABLED_PWDBASED"
+echo "   * HKDF:                      $ENABLED_HKDF"
+echo "   * MD4:                       $ENABLED_MD4"
+echo "   * PSK:                       $ENABLED_PSK"
+echo "   * Poly1305:                  $ENABLED_POLY1305"
+echo "   * LEANPSK:                   $ENABLED_LEANPSK"
+echo "   * RSA:                       $ENABLED_RSA"
+echo "   * DSA:                       $ENABLED_DSA"
+echo "   * DH:                        $ENABLED_DH"
+echo "   * ECC:                       $ENABLED_ECC"
+echo "   * FPECC:                     $ENABLED_FPECC"
+echo "   * ECC_ENCRYPT:               $ENABLED_ECC_ENCRYPT"
+echo "   * ASN:                       $ENABLED_ASN"
+echo "   * Anonymous cipher:          $ENABLED_ANON"
+echo "   * CODING:                    $ENABLED_CODING"
+echo "   * MEMORY:                    $ENABLED_MEMORY"
+echo "   * I/O POOL:                  $ENABLED_IOPOOL"
+echo "   * ERROR_STRINGS:             $ENABLED_ERROR_STRINGS"
+echo "   * DTLS:                      $ENABLED_DTLS"
+echo "   * Old TLS Versions:          $ENABLED_OLD_TLS"
+echo "   * OCSP:                      $ENABLED_OCSP"
+echo "   * CRL:                       $ENABLED_CRL"
+echo "   * CRL-MONITOR:               $ENABLED_CRL_MONITOR"
+echo "   * Persistent session cache:  $ENABLED_SAVESESSION"
+echo "   * Persistent cert    cache:  $ENABLED_SAVECERT"
+echo "   * Atomic User Record Layer:  $ENABLED_ATOMICUSER"
+echo "   * Public Key Callbacks:      $ENABLED_PKCALLBACKS"
+echo "   * NTRU:                      $ENABLED_NTRU"
+echo "   * SNI:                       $ENABLED_SNI"
+echo "   * Maximum Fragment Length:   $ENABLED_MAX_FRAGMENT"
+echo "   * Truncated HMAC:            $ENABLED_TRUNCATED_HMAC"
+echo "   * Renegotiation Indication:  $ENABLED_RENEGOTIATION_INDICATION"
+echo "   * Secure Renegotiation:      $ENABLED_SECURE_RENEGOTIATION"
+echo "   * Supported Elliptic Curves: $ENABLED_SUPPORTED_CURVES"
+echo "   * Session Ticket:            $ENABLED_SESSION_TICKET"
+echo "   * All TLS Extensions:        $ENABLED_TLSX"
+echo "   * PKCS#7                     $ENABLED_PKCS7"
+echo "   * wolfSCEP                   $ENABLED_WOLFSCEP"
+echo "   * Small Stack:               $ENABLED_SMALL_STACK"
+echo "   * valgrind unit tests:       $ENABLED_VALGRIND"
+echo "   * LIBZ:                      $ENABLED_LIBZ"
+echo "   * Examples:                  $ENABLED_EXAMPLES"
+echo ""
+echo "---"
+
diff --git a/3P/wolfssl/ctaocrypt/src/aes.c b/3P/wolfssl/ctaocrypt/src/aes.c
new file mode 100644
index 00000000..e9f58866
--- /dev/null
+++ b/3P/wolfssl/ctaocrypt/src/aes.c
@@ -0,0 +1 @@
+/* dummy file for autoconf */
diff --git a/3P/wolfssl/ctaocrypt/src/des3.c b/3P/wolfssl/ctaocrypt/src/des3.c
new file mode 100644
index 00000000..e9f58866
--- /dev/null
+++ b/3P/wolfssl/ctaocrypt/src/des3.c
@@ -0,0 +1 @@
+/* dummy file for autoconf */
diff --git a/3P/wolfssl/ctaocrypt/src/fips.c b/3P/wolfssl/ctaocrypt/src/fips.c
new file mode 100644
index 00000000..e69de29b
diff --git a/3P/wolfssl/ctaocrypt/src/fips_test.c b/3P/wolfssl/ctaocrypt/src/fips_test.c
new file mode 100644
index 00000000..e69de29b
diff --git a/3P/wolfssl/ctaocrypt/src/hmac.c b/3P/wolfssl/ctaocrypt/src/hmac.c
new file mode 100644
index 00000000..e9f58866
--- /dev/null
+++ b/3P/wolfssl/ctaocrypt/src/hmac.c
@@ -0,0 +1 @@
+/* dummy file for autoconf */
diff --git a/3P/wolfssl/ctaocrypt/src/random.c b/3P/wolfssl/ctaocrypt/src/random.c
new file mode 100644
index 00000000..e9f58866
--- /dev/null
+++ b/3P/wolfssl/ctaocrypt/src/random.c
@@ -0,0 +1 @@
+/* dummy file for autoconf */
diff --git a/3P/wolfssl/ctaocrypt/src/rsa.c b/3P/wolfssl/ctaocrypt/src/rsa.c
new file mode 100644
index 00000000..e9f58866
--- /dev/null
+++ b/3P/wolfssl/ctaocrypt/src/rsa.c
@@ -0,0 +1 @@
+/* dummy file for autoconf */
diff --git a/3P/wolfssl/ctaocrypt/src/sha.c b/3P/wolfssl/ctaocrypt/src/sha.c
new file mode 100644
index 00000000..e9f58866
--- /dev/null
+++ b/3P/wolfssl/ctaocrypt/src/sha.c
@@ -0,0 +1 @@
+/* dummy file for autoconf */
diff --git a/3P/wolfssl/ctaocrypt/src/sha256.c b/3P/wolfssl/ctaocrypt/src/sha256.c
new file mode 100644
index 00000000..e9f58866
--- /dev/null
+++ b/3P/wolfssl/ctaocrypt/src/sha256.c
@@ -0,0 +1 @@
+/* dummy file for autoconf */
diff --git a/3P/wolfssl/ctaocrypt/src/sha512.c b/3P/wolfssl/ctaocrypt/src/sha512.c
new file mode 100644
index 00000000..e9f58866
--- /dev/null
+++ b/3P/wolfssl/ctaocrypt/src/sha512.c
@@ -0,0 +1 @@
+/* dummy file for autoconf */
diff --git a/3P/wolfssl/ctaocrypt/src/wolfcrypt_first.c b/3P/wolfssl/ctaocrypt/src/wolfcrypt_first.c
new file mode 100644
index 00000000..c694aa04
--- /dev/null
+++ b/3P/wolfssl/ctaocrypt/src/wolfcrypt_first.c
@@ -0,0 +1,47 @@
+/* wolfcrypt_first.c
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+/* This file needs to be linked first in order to work correctly */
+
+#ifdef HAVE_CONFIG_H
+    #include 
+#endif
+
+/* in case user set HAVE_FIPS there */
+#include 
+
+#ifdef HAVE_FIPS
+
+/* read only start address */
+const unsigned int wolfCrypt_FIPS_ro_start[] =
+{ 0x1a2b3c4d, 0x00000001 };
+
+
+/* first function of text/code segment */
+int wolfCrypt_FIPS_first(void);
+int wolfCrypt_FIPS_first(void)
+{
+    return 0;
+}
+
+
+#endif /* HAVE_FIPS */
+
diff --git a/3P/wolfssl/ctaocrypt/src/wolfcrypt_last.c b/3P/wolfssl/ctaocrypt/src/wolfcrypt_last.c
new file mode 100644
index 00000000..cdcd741a
--- /dev/null
+++ b/3P/wolfssl/ctaocrypt/src/wolfcrypt_last.c
@@ -0,0 +1,47 @@
+/* wolfcrypt_last.c
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+/* This file needs to be linked last in order to work correctly */
+
+#ifdef HAVE_CONFIG_H
+    #include 
+#endif
+
+/* in case user set HAVE_FIPS there */
+#include 
+
+#ifdef HAVE_FIPS
+
+/* last function of text/code segment */
+int wolfCrypt_FIPS_last(void);
+int wolfCrypt_FIPS_last(void)
+{
+    return 0;
+}
+
+
+/* read only end address */
+const unsigned int wolfCrypt_FIPS_ro_end[] =
+{ 0x1a2b3c4d, 0xffffffff };
+
+
+#endif /* HAVE_FIPS */
+
diff --git a/3P/wolfssl/cyassl/callbacks.h b/3P/wolfssl/cyassl/callbacks.h
new file mode 100644
index 00000000..f74f7a65
--- /dev/null
+++ b/3P/wolfssl/cyassl/callbacks.h
@@ -0,0 +1,22 @@
+/* callbacks.h
+ *
+ * Copyright (C) 2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+#include 
diff --git a/3P/wolfssl/cyassl/certs_test.h b/3P/wolfssl/cyassl/certs_test.h
new file mode 100644
index 00000000..c8465ac8
--- /dev/null
+++ b/3P/wolfssl/cyassl/certs_test.h
@@ -0,0 +1,10 @@
+/* certs_test.h */
+
+#include 
+
+#ifndef CYASSL_CERTS_TEST_H
+    #define CYASSL_CERTS_TEST_H WOLFSSL_CERTS_TEST_H
+#else
+    #undef CYASSL_CERTS_TEST_H
+    #define CYASSL_CERTS_TEST_H WOLFSSL_CERTS_TEST_H
+#endif
diff --git a/3P/wolfssl/cyassl/crl.h b/3P/wolfssl/cyassl/crl.h
new file mode 100644
index 00000000..87e402f3
--- /dev/null
+++ b/3P/wolfssl/cyassl/crl.h
@@ -0,0 +1,22 @@
+/* crl.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+#include 
diff --git a/3P/wolfssl/cyassl/ctaocrypt/aes.h b/3P/wolfssl/cyassl/ctaocrypt/aes.h
new file mode 100644
index 00000000..2bb21358
--- /dev/null
+++ b/3P/wolfssl/cyassl/ctaocrypt/aes.h
@@ -0,0 +1,65 @@
+/* aes.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#ifndef NO_AES
+
+#ifndef CTAO_CRYPT_AES_H
+#define CTAO_CRYPT_AES_H
+
+#include 
+#define AesSetKey            wc_AesSetKey
+#define AesSetIV             wc_AesSetIV
+#define AesCbcEncrypt        wc_AesCbcEncrypt
+#define AesCbcDecrypt        wc_AesCbcDecrypt
+#define AesCbcDecryptWithKey wc_AesCbcDecryptWithKey
+
+/* AES-CTR */
+#ifdef WOLFSSL_AES_COUNTER
+    #define AesCtrEncrypt wc_AesCtrEncrypt
+#endif
+/* AES-DIRECT */
+#if defined(WOLFSSL_AES_DIRECT)
+    #define AesEncryptDirect wc_AesEncryptDirect
+    #define AesDecryptDirect wc_AesDecryptDirect
+    #define AesSetKeyDirect  wc_AesSetKeyDirect
+#endif
+#ifdef HAVE_AESGCM
+    #define AesGcmSetKey  wc_AesGcmSetKey
+    #define AesGcmEncrypt wc_AesGcmEncrypt
+    #define AesGcmDecrypt wc_AesGcmDecrypt
+    #define GmacSetKey    wc_GmacSetKey
+    #define GmacUpdate    wc_GmacUpdate
+#endif /* HAVE_AESGCM */
+#ifdef HAVE_AESCCM
+    #define AesCcmSetKey  wc_AesCcmSetKey
+    #define AesCcmEncrypt wc_AesCcmEncrypt
+    #define AesCcmDecrypt wc_AesCcmDecrypt
+#endif /* HAVE_AESCCM */
+
+#ifdef HAVE_CAVIUM
+    #define AesInitCavium wc_AesInitCavium
+    #define AesFreeCavium wc_AesFreeCavium
+#endif
+
+#endif /* CTAO_CRYPT_AES_H */
+#endif /* NO_AES */
+
diff --git a/3P/wolfssl/cyassl/ctaocrypt/arc4.h b/3P/wolfssl/cyassl/ctaocrypt/arc4.h
new file mode 100644
index 00000000..965b079a
--- /dev/null
+++ b/3P/wolfssl/cyassl/ctaocrypt/arc4.h
@@ -0,0 +1,36 @@
+/* arc4.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+#ifndef CTAO_CRYPT_ARC4_H
+#define CTAO_CRYPT_ARC4_H
+
+/* for arc4 reverse compatibility */
+#ifndef NO_RC4
+#include 
+    #define CYASSL_ARC4_CAVIUM_MAGIC WOLFSSL_ARC4_CAVIUM_MAGIC
+    #define Arc4Process wc_Arc4Process
+    #define Arc4SetKey wc_Arc4SetKey
+    #define Arc4InitCavium wc_Arc4InitCavium
+    #define Arc4FreeCavium wc_Arc4FreeCavium
+#endif
+
+#endif /* CTAO_CRYPT_ARC4_H */
+
diff --git a/3P/wolfssl/cyassl/ctaocrypt/asn.h b/3P/wolfssl/cyassl/ctaocrypt/asn.h
new file mode 100644
index 00000000..c27c144d
--- /dev/null
+++ b/3P/wolfssl/cyassl/ctaocrypt/asn.h
@@ -0,0 +1,49 @@
+/* asn.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+#ifndef NO_ASN
+
+#ifndef CTAO_CRYPT_ASN_H
+#define CTAO_CRYPT_ASN_H
+
+/* pull in compatibility for each include */
+#include 
+#include 
+#include 
+#include 
+#include    /* public interface */
+#ifdef HAVE_ECC
+    #include 
+#endif
+
+
+#include 
+
+#ifndef WOLFSSL_PEMCERT_TODER_DEFINED
+#ifndef NO_FILESYSTEM
+    #define CyaSSL_PemCertToDer wolfSSL_PemCertToDer
+#endif
+#endif
+
+#endif /* CTAO_CRYPT_ASN_H */
+
+#endif /* !NO_ASN */
+
diff --git a/3P/wolfssl/cyassl/ctaocrypt/asn_public.h b/3P/wolfssl/cyassl/ctaocrypt/asn_public.h
new file mode 100644
index 00000000..040734ea
--- /dev/null
+++ b/3P/wolfssl/cyassl/ctaocrypt/asn_public.h
@@ -0,0 +1,78 @@
+/* asn_public.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#ifndef CTAO_CRYPT_ASN_PUBLIC_H
+#define CTAO_CRYPT_ASN_PUBLIC_H
+
+/* pull in compatibility for each of the includes */
+#include 
+#include 
+#include 
+#ifdef WOLFSSL_CERT_GEN
+    #include 
+#endif
+
+#include 
+#ifdef WOLFSSL_CERT_GEN
+    #define InitCert wc_InitCert
+    #define MakeCert wc_MakeCert
+
+    #ifdef WOLFSSL_CERT_REQ
+    #define MakeCertReq wc_MakeCertReq
+#endif
+
+    #define SignCert     wc_SignCert
+    #define MakeSelfCert wc_MakeSelfCert
+    #define SetIssuer    wc_SetIssuer
+    #define SetSubject   wc_SetSubject
+
+    #ifdef WOLFSSL_ALT_NAMES
+    #define SetAltNames wc_SetAltNames
+#endif
+
+    #define SetIssuerBuffer   wc_SetIssuerBuffer
+    #define SetSubjectBuffer  wc_SetSubjectBuffer
+    #define SetAltNamesBuffer wc_SetAltNamesBuffer
+    #define SetDatesBuffer    wc_SetDatesBuffer
+
+    #ifdef HAVE_NTRU
+        #define MakeNtruCert wc_MakeNtruCert
+    #endif
+
+#endif /* WOLFSSL_CERT_GEN */
+
+    #if defined(WOLFSSL_KEY_GEN) || defined(WOLFSSL_CERT_GEN)
+    #define DerToPem wc_DerToPem
+#endif
+
+#ifdef HAVE_ECC
+    /* private key helpers */
+    #define EccPrivateKeyDecode wc_EccPrivateKeyDecode
+    #define EccKeyToDer         wc_EccKeyToDer
+#endif
+
+    /* DER encode signature */
+    #define EncodeSignature wc_EncodeSignature
+    #define GetCTC_HashOID  wc_GetCTC_HashOID
+
+#endif /* CTAO_CRYPT_ASN_PUBLIC_H */
+
diff --git a/3P/wolfssl/cyassl/ctaocrypt/blake2-impl.h b/3P/wolfssl/cyassl/ctaocrypt/blake2-impl.h
new file mode 100644
index 00000000..fc5ec3a4
--- /dev/null
+++ b/3P/wolfssl/cyassl/ctaocrypt/blake2-impl.h
@@ -0,0 +1,42 @@
+/*
+   BLAKE2 reference source code package - reference C implementations
+
+   Written in 2012 by Samuel Neves 
+
+   To the extent possible under law, the author(s) have dedicated all copyright
+   and related and neighboring rights to this software to the public domain
+   worldwide. This software is distributed without any warranty.
+
+   You should have received a copy of the CC0 Public Domain Dedication along with
+   this software. If not, see .
+*/
+/* blake2-impl.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#ifndef CTAOCRYPT_BLAKE2_IMPL_H
+#define CTAOCRYPT_BLAKE2_IMPL_H
+
+#include 
+#include 
+
+#endif  /* CTAOCRYPT_BLAKE2_IMPL_H */
+
diff --git a/3P/wolfssl/cyassl/ctaocrypt/blake2-int.h b/3P/wolfssl/cyassl/ctaocrypt/blake2-int.h
new file mode 100644
index 00000000..07ea8e74
--- /dev/null
+++ b/3P/wolfssl/cyassl/ctaocrypt/blake2-int.h
@@ -0,0 +1,43 @@
+/*
+   BLAKE2 reference source code package - reference C implementations
+
+   Written in 2012 by Samuel Neves 
+
+   To the extent possible under law, the author(s) have dedicated all copyright
+   and related and neighboring rights to this software to the public domain
+   worldwide. This software is distributed without any warranty.
+
+   You should have received a copy of the CC0 Public Domain Dedication along with
+   this software. If not, see .
+*/
+/* blake2-int.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+
+#ifndef CTAOCRYPT_BLAKE2_INT_H
+#define CTAOCRYPT_BLAKE2_INT_H
+
+#include 
+#include 
+
+#endif  /* CTAOCRYPT_BLAKE2_INT_H */
+
diff --git a/3P/wolfssl/cyassl/ctaocrypt/blake2.h b/3P/wolfssl/cyassl/ctaocrypt/blake2.h
new file mode 100644
index 00000000..b7749173
--- /dev/null
+++ b/3P/wolfssl/cyassl/ctaocrypt/blake2.h
@@ -0,0 +1,44 @@
+/* blake2.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#ifdef HAVE_BLAKE2
+
+#ifndef CTAOCRYPT_BLAKE2_H
+#define CTAOCRYPT_BLAKE2_H
+
+#include 
+
+/* for blake2 reverse compatibility */
+#ifndef HAVE_FIPS
+    #define InitBlake2b   wc_InitBlake2b
+    #define Blake2bUpdate wc_Blake2bUpdate
+    #define Blake2bFinal  wc_Blake2bFinal
+#else
+    /* name for when fips hmac calls blake */
+    #define wc_InitBlake2b   InitBlake2b
+    #define wc_Blake2bUpdate Blake2bUpdate
+    #define wc_Blake2bFinal  Blake2bFinal
+#endif /* HAVE_FIPS */
+
+#endif  /* CTAOCRYPT_BLAKE2_H */
+#endif  /* HAVE_BLAKE2 */
+
diff --git a/3P/wolfssl/cyassl/ctaocrypt/camellia.h b/3P/wolfssl/cyassl/ctaocrypt/camellia.h
new file mode 100644
index 00000000..bbe7dcf1
--- /dev/null
+++ b/3P/wolfssl/cyassl/ctaocrypt/camellia.h
@@ -0,0 +1,38 @@
+/* camellia.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+#ifndef CTAO_CRYPT_CAMELLIA_H
+#define CTAO_CRYPT_CAMELLIA_H
+
+
+/* for camellia reverse compatibility */
+#ifdef HAVE_CAMELLIA
+    #include 
+	#define CamelliaSetKey        wc_CamelliaSetKey
+	#define CamelliaSetIV         wc_CamelliaSetIV
+	#define CamelliaEncryptDirect wc_CamelliaEncryptDirect
+	#define CamelliaDecryptDirect wc_CamelliaDecryptDirect
+	#define CamelliaCbcEncrypt    wc_CamelliaCbcEncrypt
+	#define CamelliaCbcDecrypt    wc_CamelliaCbcDecrypt
+#endif
+
+#endif /* CTAO_CRYPT_CAMELLIA_H */
+
diff --git a/3P/wolfssl/cyassl/ctaocrypt/chacha.h b/3P/wolfssl/cyassl/ctaocrypt/chacha.h
new file mode 100644
index 00000000..7651d28a
--- /dev/null
+++ b/3P/wolfssl/cyassl/ctaocrypt/chacha.h
@@ -0,0 +1,35 @@
+/* chacha.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+#ifndef CTAO_CRYPT_CHACHA_H
+#define CTAO_CRYPT_CHACHA_H
+
+
+/* for chacha reverse compatibility */
+#ifdef HAVE_CHACHA
+    #include 
+    #define Chacha_Process wc_Chacha_Process
+    #define Chacha_SetKey  wc_Chacha_SetKey
+    #define Chacha_SetIV   wc_Chacha_SetIV
+#endif
+
+#endif /* CTAO_CRYPT_CHACHA_H */
+
diff --git a/3P/wolfssl/cyassl/ctaocrypt/coding.h b/3P/wolfssl/cyassl/ctaocrypt/coding.h
new file mode 100644
index 00000000..47f5d253
--- /dev/null
+++ b/3P/wolfssl/cyassl/ctaocrypt/coding.h
@@ -0,0 +1,29 @@
+/* coding.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#ifndef CTAO_CRYPT_CODING_H
+#define CTAO_CRYPT_CODING_H
+
+#include 
+
+#endif /* CTAO_CRYPT_CODING_H */
+
diff --git a/3P/wolfssl/cyassl/ctaocrypt/compress.h b/3P/wolfssl/cyassl/ctaocrypt/compress.h
new file mode 100644
index 00000000..632af2ec
--- /dev/null
+++ b/3P/wolfssl/cyassl/ctaocrypt/compress.h
@@ -0,0 +1,37 @@
+/* compress.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#ifdef HAVE_LIBZ
+
+#ifndef CTAO_CRYPT_COMPRESS_H
+#define CTAO_CRYPT_COMPRESS_H
+
+#include 
+
+/* reverse compatibility */
+#define Compress   wc_Compress
+#define DeCompress wc_DeCompress
+
+#endif /* CTAO_CRYPT_COMPRESS_H */
+
+#endif /* HAVE_LIBZ */
+
diff --git a/3P/wolfssl/cyassl/ctaocrypt/des3.h b/3P/wolfssl/cyassl/ctaocrypt/des3.h
new file mode 100644
index 00000000..c6fbaa8b
--- /dev/null
+++ b/3P/wolfssl/cyassl/ctaocrypt/des3.h
@@ -0,0 +1,48 @@
+/* des3.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#ifndef NO_DES3
+
+#ifndef CTAO_CRYPT_DES3_H
+#define CTAO_CRYPT_DES3_H
+
+
+#include 
+#define Des_SetKey     wc_Des_SetKey
+#define Des_SetIV      wc_Des_SetIV
+#define Des_CbcEncrypt wc_Des_CbcEncrypt
+#define Des_CbcDecrypt wc_Des_CbcDecrypt
+#define Des_EcbEncrypt wc_Des_EcbEncrypt
+#define Des_CbcDecryptWithKey  wc_Des_CbcDecryptWithKey
+#define Des3_SetKey            wc_Des3_SetKey
+#define Des3_SetIV             wc_Des3_SetIV
+#define Des3_CbcEncrypt        wc_Des3_CbcEncrypt
+#define Des3_CbcDecrypt        wc_Des3_CbcDecrypt
+#define Des3_CbcDecryptWithKey wc_Des3_CbcDecryptWithKey
+#ifdef HAVE_CAVIUM
+    #define Des3_InitCavium wc_Des3_InitCavium
+    #define Des3_FreeCavium wc_Des3_FreeCavium
+#endif
+
+#endif /* NO_DES3 */
+#endif /* CTAO_CRYPT_DES3_H */
+
diff --git a/3P/wolfssl/cyassl/ctaocrypt/dh.h b/3P/wolfssl/cyassl/ctaocrypt/dh.h
new file mode 100644
index 00000000..4bd7757b
--- /dev/null
+++ b/3P/wolfssl/cyassl/ctaocrypt/dh.h
@@ -0,0 +1,41 @@
+/* dh.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#ifndef NO_DH
+
+#ifndef CTAO_CRYPT_DH_H
+#define CTAO_CRYPT_DH_H
+
+/* for dh reverse compatibility */
+#include 
+#define InitDhKey         wc_InitDhKey
+#define FreeDhKey         wc_FreeDhKey
+#define DhGenerateKeyPair wc_DhGenerateKeyPair
+#define DhAgree           wc_DhAgree
+#define DhKeyDecode       wc_DhKeyDecode
+#define DhSetKey          wc_DhSetKey
+#define DhParamsLoad      wc_DhParamsLoad
+
+#endif /* CTAO_CRYPT_DH_H */
+
+#endif /* NO_DH */
+
diff --git a/3P/wolfssl/cyassl/ctaocrypt/dsa.h b/3P/wolfssl/cyassl/ctaocrypt/dsa.h
new file mode 100644
index 00000000..bdc8cd5a
--- /dev/null
+++ b/3P/wolfssl/cyassl/ctaocrypt/dsa.h
@@ -0,0 +1,32 @@
+/* dsa.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#ifndef NO_DSA
+
+#ifndef CTAO_CRYPT_DSA_H
+#define CTAO_CRYPT_DSA_H
+
+#include 
+
+#endif /* CTAO_CRYPT_DSA_H */
+#endif /* NO_DSA */
+
diff --git a/3P/wolfssl/cyassl/ctaocrypt/ecc.h b/3P/wolfssl/cyassl/ctaocrypt/ecc.h
new file mode 100644
index 00000000..3ae13f76
--- /dev/null
+++ b/3P/wolfssl/cyassl/ctaocrypt/ecc.h
@@ -0,0 +1,68 @@
+/* ecc.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+#ifdef HAVE_ECC
+
+#ifndef CTAO_CRYPT_ECC_H
+#define CTAO_CRYPT_ECC_H
+
+#include 
+
+/* includes for compatibility */
+#include 
+#include 
+#include 
+
+/* for ecc reverse compatibility */
+#ifdef HAVE_ECC
+	#define ecc_make_key      wc_ecc_make_key
+	#define ecc_shared_secret wc_ecc_shared_secret
+	#define ecc_sign_hash     wc_ecc_sign_hash
+	#define ecc_verify_hash   wc_ecc_verify_hash
+	#define ecc_init          wc_ecc_init
+	#define ecc_free          wc_ecc_free
+	#define ecc_fp_free       wc_ecc_fp_free
+	#define ecc_export_x963   wc_ecc_export_x963
+	#define ecc_size          wc_ecc_size
+	#define ecc_sig_size      wc_ecc_sig_size
+	#define ecc_export_x963_ex      wc_ecc_export_x963_ex
+	#define ecc_import_x963         wc_ecc_import_x963
+	#define ecc_import_private_key  wc_ecc_import_private_key
+	#define ecc_rs_to_sig           wc_ecc_rs_to_sig
+	#define ecc_import_raw          wc_ecc_import_raw
+	#define ecc_export_private_only wc_ecc_export_private_only
+
+#ifdef HAVE_ECC_ENCRYPT
+	/* ecc encrypt */
+	#define ecc_ctx_new           wc_ecc_ctx_new
+	#define ecc_ctx_free          wc_ecc_ctx_free
+	#define ecc_ctx_reset         wc_ecc_ctx_reset
+	#define ecc_ctx_get_own_salt  wc_ecc_ctx_get_own_salt
+	#define ecc_ctx_set_peer_salt wc_ecc_ctx_set_peer_salt
+	#define ecc_ctx_set_info      wc_ecc_ctx_set_info
+	#define ecc_encrypt           wc_ecc_encrypt
+	#define ecc_decrypt           wc_ecc_decrypt
+#endif /* HAVE_ECC_ENCRYPT */
+#endif
+
+#endif /* CTAO_CRYPT_ECC_H */
+#endif /* HAVE_ECC */
+
diff --git a/3P/wolfssl/cyassl/ctaocrypt/error-crypt.h b/3P/wolfssl/cyassl/ctaocrypt/error-crypt.h
new file mode 100644
index 00000000..f2014554
--- /dev/null
+++ b/3P/wolfssl/cyassl/ctaocrypt/error-crypt.h
@@ -0,0 +1,32 @@
+/* error-crypt.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#ifndef CTAO_CRYPT_ERROR_H
+#define CTAO_CRYPT_ERROR_H
+
+/* for name change and fips compatibility @wc_fips */
+#include 
+#define CTaoCryptErrorString    wc_ErrorString
+#define CTaoCryptGetErrorString wc_GetErrorString
+
+#endif /* CTAO_CRYPT_ERROR_H */
+
diff --git a/3P/wolfssl/cyassl/ctaocrypt/fips_test.h b/3P/wolfssl/cyassl/ctaocrypt/fips_test.h
new file mode 100644
index 00000000..12e1ce0a
--- /dev/null
+++ b/3P/wolfssl/cyassl/ctaocrypt/fips_test.h
@@ -0,0 +1,58 @@
+/* fips_test.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#ifndef CTAO_CRYPT_FIPS_TEST_H
+#define CTAO_CRYPT_FIPS_TEST_H
+
+#include 
+
+
+#ifdef __cplusplus
+    extern "C" {
+#endif
+
+/* Known Answer Test string inputs are hex, internal */
+CYASSL_LOCAL int DoKnownAnswerTests(char*, int);
+
+
+/* FIPS failure callback */
+typedef void(*wolfCrypt_fips_cb)(int ok, int err, const char* hash);
+
+/* Public set function */
+CYASSL_API int wolfCrypt_SetCb_fips(wolfCrypt_fips_cb cbf);
+
+/* Public get status functions */
+CYASSL_API int wolfCrypt_GetStatus_fips(void);
+CYASSL_API const char* wolfCrypt_GetCoreHash_fips(void);
+
+#ifdef HAVE_FORCE_FIPS_FAILURE
+    /* Public function to force failure mode for operational testing */
+    CYASSL_API int wolfCrypt_SetStatus_fips(int);
+#endif
+
+
+#ifdef __cplusplus
+    } /* extern "C" */
+#endif
+
+#endif /* CTAO_CRYPT_FIPS_TEST_H */
+
diff --git a/3P/wolfssl/cyassl/ctaocrypt/hc128.h b/3P/wolfssl/cyassl/ctaocrypt/hc128.h
new file mode 100644
index 00000000..b2c9bc9d
--- /dev/null
+++ b/3P/wolfssl/cyassl/ctaocrypt/hc128.h
@@ -0,0 +1,39 @@
+/* hc128.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#ifndef NO_HC128
+
+#ifndef CTAO_CRYPT_HC128_H
+#define CTAO_CRYPT_HC128_H
+
+#include 
+
+/* for hc128 reverse compatibility */
+#ifdef HAVE_HC128
+    #define Hc128_Process wc_Hc128_Process
+    #define Hc128_SetKey  wc_Hc128_SetKey
+#endif
+
+#endif /* CTAO_CRYPT_HC128_H */
+
+#endif /* HAVE_HC128 */
+
diff --git a/3P/wolfssl/cyassl/ctaocrypt/hmac.h b/3P/wolfssl/cyassl/ctaocrypt/hmac.h
new file mode 100644
index 00000000..4625f10e
--- /dev/null
+++ b/3P/wolfssl/cyassl/ctaocrypt/hmac.h
@@ -0,0 +1,44 @@
+/* hmac.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#ifndef NO_HMAC
+
+#ifndef CTAO_CRYPT_HMAC_H
+#define CTAO_CRYPT_HMAC_H
+
+#include 
+#define HmacSetKey wc_HmacSetKey
+#define HmacUpdate wc_HmacUpdate
+#define HmacFinal  wc_HmacFinal
+#ifdef HAVE_CAVIUM
+    #define HmacInitCavium wc_HmacInitCavium
+    #define HmacFreeCavium wc_HmacFreeCavium
+#endif
+#define CyaSSL_GetHmacMaxSize wolfSSL_GetHmacMaxSize
+#ifdef HAVE_HKDF
+    #define HKDF wc_HKDF
+#endif /* HAVE_HKDF */
+
+#endif /* CTAO_CRYPT_HMAC_H */
+
+#endif /* NO_HMAC */
+
diff --git a/3P/wolfssl/cyassl/ctaocrypt/include.am b/3P/wolfssl/cyassl/ctaocrypt/include.am
new file mode 100644
index 00000000..23d393db
--- /dev/null
+++ b/3P/wolfssl/cyassl/ctaocrypt/include.am
@@ -0,0 +1,52 @@
+# vim:ft=automake
+# All paths should be given relative to the root
+
+nobase_include_HEADERS+= \
+                         cyassl/ctaocrypt/aes.h \
+                         cyassl/ctaocrypt/arc4.h \
+                         cyassl/ctaocrypt/asn.h \
+                         cyassl/ctaocrypt/asn_public.h \
+                         cyassl/ctaocrypt/poly1305.h \
+                         cyassl/ctaocrypt/camellia.h \
+                         cyassl/ctaocrypt/coding.h \
+                         cyassl/ctaocrypt/compress.h \
+                         cyassl/ctaocrypt/des3.h \
+                         cyassl/ctaocrypt/dh.h \
+                         cyassl/ctaocrypt/dsa.h \
+                         cyassl/ctaocrypt/ecc.h \
+                         cyassl/ctaocrypt/error-crypt.h \
+                         cyassl/ctaocrypt/fips_test.h \
+                         cyassl/ctaocrypt/hc128.h \
+                         cyassl/ctaocrypt/hmac.h \
+                         cyassl/ctaocrypt/integer.h \
+                         cyassl/ctaocrypt/md2.h \
+                         cyassl/ctaocrypt/md4.h \
+                         cyassl/ctaocrypt/md5.h \
+                         cyassl/ctaocrypt/misc.h \
+                         cyassl/ctaocrypt/pkcs7.h \
+                         cyassl/ctaocrypt/wc_port.h \
+                         cyassl/ctaocrypt/pwdbased.h \
+                         cyassl/ctaocrypt/rabbit.h \
+                         cyassl/ctaocrypt/chacha.h \
+                         cyassl/ctaocrypt/random.h \
+                         cyassl/ctaocrypt/ripemd.h \
+                         cyassl/ctaocrypt/rsa.h \
+                         cyassl/ctaocrypt/settings.h \
+                         cyassl/ctaocrypt/settings_comp.h \
+                         cyassl/ctaocrypt/sha256.h \
+                         cyassl/ctaocrypt/sha512.h \
+                         cyassl/ctaocrypt/sha.h \
+                         cyassl/ctaocrypt/blake2.h \
+                         cyassl/ctaocrypt/blake2-int.h \
+                         cyassl/ctaocrypt/blake2-impl.h \
+                         cyassl/ctaocrypt/tfm.h \
+                         cyassl/ctaocrypt/types.h \
+                         cyassl/ctaocrypt/visibility.h \
+                         cyassl/ctaocrypt/logging.h \
+                         cyassl/ctaocrypt/memory.h \
+                         cyassl/ctaocrypt/mpi_class.h \
+                         cyassl/ctaocrypt/mpi_superclass.h
+
+noinst_HEADERS+= \
+                         cyassl/ctaocrypt/port/pic32/pic32mz-crypt.h
+
diff --git a/3P/wolfssl/cyassl/ctaocrypt/integer.h b/3P/wolfssl/cyassl/ctaocrypt/integer.h
new file mode 100644
index 00000000..97b22822
--- /dev/null
+++ b/3P/wolfssl/cyassl/ctaocrypt/integer.h
@@ -0,0 +1,34 @@
+/* integer.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+/*
+ * Based on public domain LibTomMath 0.38 by Tom St Denis, tomstdenis@iahu.ca,
+ * http://math.libtomcrypt.com
+ */
+
+
+#ifndef CTAO_CRYPT_INTEGER_H
+#define CTAO_CRYPT_INTEGER_H
+
+#include 
+
+#endif  /* CTAO_CRYPT_INTEGER_H */
+
diff --git a/3P/wolfssl/cyassl/ctaocrypt/logging.h b/3P/wolfssl/cyassl/ctaocrypt/logging.h
new file mode 100644
index 00000000..faa85d44
--- /dev/null
+++ b/3P/wolfssl/cyassl/ctaocrypt/logging.h
@@ -0,0 +1,40 @@
+/* logging.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+/* submitted by eof */
+
+
+#ifndef CYASSL_LOGGING_H
+#define CYASSL_LOGGING_H
+
+/* for fips compatibility @wc_fips */
+#include 
+#define CYASSL_LEAVE WOLFSSL_LEAVE
+#define CYASSL_ERROR WOLFSSL_ERROR
+#define CYASSL_ENTER WOLFSSL_ENTER
+#define CYASSL_MSG   WOLFSSL_MSG
+/* check old macros possibly declared */
+#if defined(DEBUG_CYASSL) && !defined(DEBUG_WOLFSSL)
+    #define DEBUG_WOLFSSL
+#endif
+
+#endif /* CYASSL_LOGGING_H */
+
diff --git a/3P/wolfssl/cyassl/ctaocrypt/md2.h b/3P/wolfssl/cyassl/ctaocrypt/md2.h
new file mode 100644
index 00000000..cb763375
--- /dev/null
+++ b/3P/wolfssl/cyassl/ctaocrypt/md2.h
@@ -0,0 +1,42 @@
+/* md2.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+/* check for old macro */
+#if !defined(CYASSL_MD2) && defined(WOLFSSL_MD2)
+    #define CYASSL_MD2
+#endif
+
+#ifdef CYASSL_MD2
+
+#ifndef CTAO_CRYPT_MD2_H
+#define CTAO_CRYPT_MD2_H
+
+#include 
+
+#define InitMd2   wc_InitMd2
+#define Md2Update wc_Md2Update
+#define Md2Final  wc_Md2Final
+#define Md2Hash   wc_Md2Hash
+
+#endif /* CTAO_CRYPT_MD2_H */
+#endif /* CYASSL_MD2 */
+
diff --git a/3P/wolfssl/cyassl/ctaocrypt/md4.h b/3P/wolfssl/cyassl/ctaocrypt/md4.h
new file mode 100644
index 00000000..45846562
--- /dev/null
+++ b/3P/wolfssl/cyassl/ctaocrypt/md4.h
@@ -0,0 +1,37 @@
+/* md4.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#ifndef NO_MD4
+
+#ifndef CTAO_CRYPT_MD4_H
+#define CTAO_CRYPT_MD4_H
+
+#include 
+
+#define InitMd4   wc_InitMd4
+#define Md4Update wc_Md4Update
+#define Md4Final  wc_Md4Final
+
+#endif /* CTAO_CRYPT_MD4_H */
+
+#endif /* NO_MD4 */
+
diff --git a/3P/wolfssl/cyassl/ctaocrypt/md5.h b/3P/wolfssl/cyassl/ctaocrypt/md5.h
new file mode 100644
index 00000000..3f5d0175
--- /dev/null
+++ b/3P/wolfssl/cyassl/ctaocrypt/md5.h
@@ -0,0 +1,44 @@
+/* md5.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+#ifndef NO_MD5
+
+#ifndef CTAO_CRYPT_MD5_H
+#define CTAO_CRYPT_MD5_H
+
+#include 
+
+#ifndef HAVE_FIPS
+    #define InitMd5   wc_InitMd5
+    #define Md5Update wc_Md5Update
+    #define Md5Final  wc_Md5Final
+    #define Md5Hash   wc_Md5Hash
+#else
+    /* redfined name so that hmac is calling same function names with fips */
+    #define wc_InitMd5   InitMd5
+    #define wc_Md5Update Md5Update
+    #define wc_Md5Final  Md5Final
+    #define wc_Md5Hash   Md5Hash
+#endif
+
+#endif /* CTAO_CRYPT_MD5_H */
+#endif /* NO_MD5 */
+
diff --git a/3P/wolfssl/cyassl/ctaocrypt/memory.h b/3P/wolfssl/cyassl/ctaocrypt/memory.h
new file mode 100644
index 00000000..28500535
--- /dev/null
+++ b/3P/wolfssl/cyassl/ctaocrypt/memory.h
@@ -0,0 +1,41 @@
+/* memory.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+/* submitted by eof */
+
+
+#ifndef CYASSL_MEMORY_H
+#define CYASSL_MEMORY_H
+
+
+#include 
+#define CyaSSL_Malloc_cb     wolfSSL_Malloc_cb
+#define CyaSSL_Free_cb       wolfSSL_Free_cb
+#define CyaSSL_Realloc_cb    wolfSSL_Realloc_cb
+#define CyaSSL_SetAllocators wolfSSL_SetAllocators
+
+/* Public in case user app wants to use XMALLOC/XFREE */
+#define CyaSSL_Malloc  wolfSSL_Malloc
+#define CyaSSL_Free    wolfSSL_Free
+#define CyaSSL_Realloc wolfSSL_Realloc
+
+#endif /* CYASSL_MEMORY_H */
+
diff --git a/3P/wolfssl/cyassl/ctaocrypt/misc.h b/3P/wolfssl/cyassl/ctaocrypt/misc.h
new file mode 100644
index 00000000..a640044e
--- /dev/null
+++ b/3P/wolfssl/cyassl/ctaocrypt/misc.h
@@ -0,0 +1,29 @@
+/* misc.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#ifndef CTAO_CRYPT_MISC_H
+#define CTAO_CRYPT_MISC_H
+
+#include 
+
+#endif /* CTAO_CRYPT_MISC_H */
+
diff --git a/3P/wolfssl/cyassl/ctaocrypt/mpi_class.h b/3P/wolfssl/cyassl/ctaocrypt/mpi_class.h
new file mode 100644
index 00000000..0ce92a64
--- /dev/null
+++ b/3P/wolfssl/cyassl/ctaocrypt/mpi_class.h
@@ -0,0 +1,23 @@
+/* mpi_class.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+#include 
+
diff --git a/3P/wolfssl/cyassl/ctaocrypt/mpi_superclass.h b/3P/wolfssl/cyassl/ctaocrypt/mpi_superclass.h
new file mode 100644
index 00000000..68cd0a6e
--- /dev/null
+++ b/3P/wolfssl/cyassl/ctaocrypt/mpi_superclass.h
@@ -0,0 +1,26 @@
+/* mpi_superclass.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+/* super class file for PK algos */
+
+#include 
+
diff --git a/3P/wolfssl/cyassl/ctaocrypt/pkcs7.h b/3P/wolfssl/cyassl/ctaocrypt/pkcs7.h
new file mode 100644
index 00000000..dfb7c2fd
--- /dev/null
+++ b/3P/wolfssl/cyassl/ctaocrypt/pkcs7.h
@@ -0,0 +1,52 @@
+/* pkcs7.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#ifdef HAVE_PKCS7
+
+#ifndef CTAO_CRYPT_PKCS7_H
+#define CTAO_CRYPT_PKCS7_H
+
+/* pull in compatibility for old includes */
+#include 
+#include 
+#include 
+#include 
+#include 
+
+#include 
+
+/* for pkcs7 reverse compatibility */
+#define SetContentType      wc_SetContentType
+#define GetContentType      wc_GetContentType
+#define CreateRecipientInfo wc_CreateRecipientInfo
+#define PKCS7_InitWithCert  wc_PKCS7_InitWithCert
+#define PKCS7_Free          wc_PKCS7_Free
+#define PKCS7_EncodeData    wc_PKCS7_EncodeData
+#define PKCS7_EncodeSignedData    wc_PKCS7_EncodeSignedData
+#define PKCS7_VerifySignedData    wc_PKCS7_VerifySignedData
+#define PKCS7_EncodeEnvelopedData wc_PKCS7_EncodeEnvelopedData
+#define PKCS7_DecodeEnvelopedData wc_PKCS7_DecodeEnvelopedData
+
+#endif /* CTAO_CRYPT_PKCS7_H */
+
+#endif /* HAVE_PKCS7 */
+
diff --git a/3P/wolfssl/cyassl/ctaocrypt/poly1305.h b/3P/wolfssl/cyassl/ctaocrypt/poly1305.h
new file mode 100644
index 00000000..bceb772a
--- /dev/null
+++ b/3P/wolfssl/cyassl/ctaocrypt/poly1305.h
@@ -0,0 +1,38 @@
+/* poly1305.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#ifdef HAVE_POLY1305
+
+#ifndef CTAO_CRYPT_POLY1305_H
+#define CTAO_CRYPT_POLY1305_H
+
+#include 
+
+/* for poly1305 reverse compatibility */
+#define Poly1305SetKey wc_Poly1305SetKey
+#define Poly1305Update wc_Poly1305Update
+#define Poly1305Final  wc_Poly1305Final
+
+#endif /* CTAO_CRYPT_POLY1305_H */
+
+#endif /* HAVE_POLY1305 */
+
diff --git a/3P/wolfssl/cyassl/ctaocrypt/port/pic32/pic32mz-crypt.h b/3P/wolfssl/cyassl/ctaocrypt/port/pic32/pic32mz-crypt.h
new file mode 100644
index 00000000..a5dca890
--- /dev/null
+++ b/3P/wolfssl/cyassl/ctaocrypt/port/pic32/pic32mz-crypt.h
@@ -0,0 +1,28 @@
+/* pic32mz-crypt.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+#ifndef PIC32MZ_CRYPT_H
+#define PIC32MZ_CRYPT_H
+
+#include 
+
+#endif /* PIC32MZ_CRYPT_H */
+
diff --git a/3P/wolfssl/cyassl/ctaocrypt/pwdbased.h b/3P/wolfssl/cyassl/ctaocrypt/pwdbased.h
new file mode 100644
index 00000000..7d6dced5
--- /dev/null
+++ b/3P/wolfssl/cyassl/ctaocrypt/pwdbased.h
@@ -0,0 +1,36 @@
+/* pwdbased.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#ifndef NO_PWDBASED
+
+#ifndef CTAO_CRYPT_PWDBASED_H
+#define CTAO_CRYPT_PWDBASED_H
+
+/* for pwdbased reverse compatibility */
+#include 
+#define PBKDF1       wc_PBKDF1
+#define PBKDF2       wc_PBKDF2
+#define PKCS12_PBKDF wc_PKCS12_PBKDF
+
+#endif /* CTAO_CRYPT_PWDBASED_H */
+#endif /* NO_PWDBASED */
+
diff --git a/3P/wolfssl/cyassl/ctaocrypt/rabbit.h b/3P/wolfssl/cyassl/ctaocrypt/rabbit.h
new file mode 100644
index 00000000..a6e92ec2
--- /dev/null
+++ b/3P/wolfssl/cyassl/ctaocrypt/rabbit.h
@@ -0,0 +1,39 @@
+/* rabbit.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#ifndef NO_RABBIT
+
+#ifndef CTAO_CRYPT_RABBIT_H
+#define CTAO_CRYPT_RABBIT_H
+
+#include 
+
+/* for rabbit reverse compatibility */
+#ifndef NO_RABBIT
+    #define RabbitProcess wc_RabbitProcess
+    #define RabbitSetKey  wc_RabbitSetKey
+#endif
+
+#endif /* CTAO_CRYPT_RABBIT_H */
+
+#endif /* NO_RABBIT */
+
diff --git a/3P/wolfssl/cyassl/ctaocrypt/random.h b/3P/wolfssl/cyassl/ctaocrypt/random.h
new file mode 100644
index 00000000..9018da5a
--- /dev/null
+++ b/3P/wolfssl/cyassl/ctaocrypt/random.h
@@ -0,0 +1,38 @@
+/* random.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#ifndef CTAO_CRYPT_RANDOM_H
+#define CTAO_CRYPT_RANDOM_H
+
+    /* for random.h compatibility */
+    #include 
+    #define InitRng           wc_InitRng
+    #define RNG_GenerateBlock wc_RNG_GenerateBlock
+    #define RNG_GenerateByte  wc_RNG_GenerateByte
+
+	#if defined(HAVE_HASHDRBG) || defined(NO_RC4)
+	    #define FreeRng        wc_FreeRng
+	    #define RNG_HealthTest wc_RNG_HealthTest
+	#endif /* HAVE_HASHDRBG || NO_RC4 */
+
+#endif /* CTAO_CRYPT_RANDOM_H */
+
diff --git a/3P/wolfssl/cyassl/ctaocrypt/ripemd.h b/3P/wolfssl/cyassl/ctaocrypt/ripemd.h
new file mode 100644
index 00000000..4458fcc4
--- /dev/null
+++ b/3P/wolfssl/cyassl/ctaocrypt/ripemd.h
@@ -0,0 +1,37 @@
+/* ripemd.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+
+#ifndef CTAO_CRYPT_RIPEMD_H
+#define CTAO_CRYPT_RIPEME_H
+
+#include 
+
+/* for ripemd reverse compatibility */
+#ifdef WOLFSSL_RIPEMD
+    #define InitRipeMd   wc_InitRipeMd
+    #define RipeMdUpdate wc_RipeMdUpdate
+    #define RipeMdFinal  wc_RipeMdFinal
+#endif
+
+#endif /* CTAO_CRYPT_RIPEMD_H */
+
diff --git a/3P/wolfssl/cyassl/ctaocrypt/rsa.h b/3P/wolfssl/cyassl/ctaocrypt/rsa.h
new file mode 100644
index 00000000..72f8dc5d
--- /dev/null
+++ b/3P/wolfssl/cyassl/ctaocrypt/rsa.h
@@ -0,0 +1,56 @@
+/* rsa.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+#ifndef NO_RSA
+
+#ifndef CTAO_CRYPT_RSA_H
+#define CTAO_CRYPT_RSA_H
+
+#include 
+/* includes for their compatibility */
+#include 
+#include 
+#include 
+
+#define InitRsaKey       wc_InitRsaKey
+#define FreeRsaKey       wc_FreeRsaKey
+#define RsaPublicEncrypt wc_RsaPublicEncrypt
+#define RsaPrivateDecryptInline wc_RsaPrivateDecryptInline
+#define RsaPrivateDecrypt       wc_RsaPrivateDecrypt
+#define RsaSSL_Sign             wc_RsaSSL_Sign
+#define RsaSSL_VerifyInline     wc_RsaSSL_VerifyInline
+#define RsaSSL_Verify           wc_RsaSSL_Verify
+#define RsaEncryptSize          wc_RsaEncryptSize
+#define RsaFlattenPublicKey     wc_RsaFlattenPublicKey
+
+#ifdef WOLFSSL_KEY_GEN
+    #define MakeRsaKey  wc_MakeRsaKey
+    #define RsaKeyToDer wc_RsaKeyToDer
+#endif
+
+#ifdef HAVE_CAVIUM
+    #define RsaInitCavium wc_RsaInitCavium
+    #define RsaFreeCavium wc_RsaFreeCavium
+#endif
+
+#endif /* CTAO_CRYPT_RSA_H */
+
+#endif /* NO_RSA */
diff --git a/3P/wolfssl/cyassl/ctaocrypt/settings.h b/3P/wolfssl/cyassl/ctaocrypt/settings.h
new file mode 100644
index 00000000..2d1ab55d
--- /dev/null
+++ b/3P/wolfssl/cyassl/ctaocrypt/settings.h
@@ -0,0 +1,745 @@
+/* settings.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+/* Place OS specific preprocessor flags, defines, includes here, will be
+   included into every file because types.h includes it */
+
+
+#ifndef CTAO_CRYPT_SETTINGS_H
+#define CTAO_CRYPT_SETTINGS_H
+
+/* for reverse compatibility after name change */
+#include 
+
+#ifdef __cplusplus
+    extern "C" {
+#endif
+
+/* Uncomment next line if using IPHONE */
+/* #define IPHONE */
+
+/* Uncomment next line if using ThreadX */
+/* #define THREADX */
+
+/* Uncomment next line if using Micrium ucOS */
+/* #define MICRIUM */
+
+/* Uncomment next line if using Mbed */
+/* #define MBED */
+
+/* Uncomment next line if using Microchip PIC32 ethernet starter kit */
+/* #define MICROCHIP_PIC32 */
+
+/* Uncomment next line if using Microchip TCP/IP stack, version 5 */
+/* #define MICROCHIP_TCPIP_V5 */
+
+/* Uncomment next line if using Microchip TCP/IP stack, version 6 or later */
+/* #define MICROCHIP_TCPIP */
+
+/* Uncomment next line if using PIC32MZ Crypto Engine */
+/* #define CYASSL_MICROCHIP_PIC32MZ */
+        
+/* Uncomment next line if using FreeRTOS */
+/* #define FREERTOS */
+
+/* Uncomment next line if using FreeRTOS Windows Simulator */
+/* #define FREERTOS_WINSIM */
+
+/* Uncomment next line if using RTIP */
+/* #define EBSNET */
+
+/* Uncomment next line if using lwip */
+/* #define CYASSL_LWIP */
+
+/* Uncomment next line if building CyaSSL for a game console */
+/* #define CYASSL_GAME_BUILD */
+
+/* Uncomment next line if building CyaSSL for LSR */
+/* #define CYASSL_LSR */
+
+/* Uncomment next line if building CyaSSL for Freescale MQX/RTCS/MFS */
+/* #define FREESCALE_MQX */
+
+/* Uncomment next line if using STM32F2 */
+/* #define CYASSL_STM32F2 */
+
+/* Uncomment next line if using Comverge settings */
+/* #define COMVERGE */
+
+/* Uncomment next line if using QL SEP settings */
+/* #define CYASSL_QL */
+
+/* Uncomment next line if building for EROAD */
+/* #define CYASSL_EROAD */
+      
+/* Uncomment next line if building for IAR EWARM */
+/* #define CYASSL_IAR_ARM */
+
+/* Uncomment next line if using TI-RTOS settings */
+/* #define CYASSL_TIRTOS */
+
+/* Uncomment next line if building with PicoTCP */
+/* #define CYASSL_PICOTCP */
+
+/* Uncomment next line if building for PicoTCP demo bundle */
+/* #define CYASSL_PICOTCP_DEMO */
+
+#include 
+
+#ifdef IPHONE
+    #define SIZEOF_LONG_LONG 8
+#endif
+
+
+#ifdef CYASSL_USER_SETTINGS
+    #include 
+#endif
+
+
+#ifdef COMVERGE
+    #define THREADX
+    #define HAVE_NETX
+    #define CYASSL_USER_IO
+    #define NO_WRITEV
+    #define NO_DEV_RANDOM
+    #define NO_FILESYSTEM
+    #define NO_SHA512
+    #define NO_DH
+    #define NO_DSA
+    #define NO_HC128
+    #define NO_RSA
+    #define NO_SESSION_CACHE
+    #define HAVE_ECC 
+#endif
+
+
+#ifdef THREADX 
+    #define SIZEOF_LONG_LONG 8
+#endif
+
+#ifdef HAVE_NETX
+    #include "nx_api.h"
+#endif
+
+#if defined(HAVE_LWIP_NATIVE) /* using LwIP native TCP socket */
+    #define CYASSL_LWIP
+    #define NO_WRITEV
+    #define SINGLE_THREADED
+    #define CYASSL_USER_IO
+    #define NO_FILESYSTEM
+#endif 
+    
+#if defined(CYASSL_IAR_ARM)
+    #define NO_MAIN_DRIVER
+    #define SINGLE_THREADED
+    #define USE_CERT_BUFFERS_1024
+    #define BENCH_EMBEDDED
+    #define NO_FILESYSTEM
+    #define NO_WRITEV
+    #define CYASSL_USER_IO
+    #define  BENCH_EMBEDDED
+#endif
+      
+#ifdef MICROCHIP_PIC32
+    /* #define CYASSL_MICROCHIP_PIC32MZ */
+    #define SIZEOF_LONG_LONG 8
+    #define SINGLE_THREADED
+    #define CYASSL_USER_IO
+    #define NO_WRITEV
+    #define NO_DEV_RANDOM
+    #define NO_FILESYSTEM
+    #define USE_FAST_MATH
+    #define TFM_TIMING_RESISTANT
+#endif
+
+#ifdef CYASSL_MICROCHIP_PIC32MZ
+    #define CYASSL_PIC32MZ_CE
+    #define CYASSL_PIC32MZ_CRYPT
+    #define HAVE_AES_ENGINE
+    #define CYASSL_PIC32MZ_RNG
+    /* #define CYASSL_PIC32MZ_HASH */
+    #define CYASSL_AES_COUNTER
+    #define HAVE_AESGCM
+    #define NO_BIG_INT
+
+#endif
+
+#ifdef MICROCHIP_TCPIP_V5
+    /* include timer functions */
+    #include "TCPIP Stack/TCPIP.h"
+#endif
+
+#ifdef MICROCHIP_TCPIP
+    /* include timer, NTP functions */
+    #ifdef MICROCHIP_MPLAB_HARMONY
+        #include "tcpip/tcpip.h"
+    #else
+        #include "system/system_services.h"
+        #include "tcpip/sntp.h"
+    #endif
+#endif
+
+#ifdef MBED
+    #define CYASSL_USER_IO
+    #define NO_FILESYSTEM
+    #define NO_CERT
+    #define USE_CERT_BUFFERS_1024
+    #define NO_WRITEV
+    #define NO_DEV_RANDOM
+    #define NO_SHA512
+    #define NO_DH
+    #define NO_DSA
+    #define NO_HC128
+    #define HAVE_ECC
+    #define NO_SESSION_CACHE
+    #define CYASSL_CMSIS_RTOS
+#endif
+
+
+#ifdef CYASSL_EROAD
+    #define FREESCALE_MQX
+    #define FREESCALE_MMCAU
+    #define SINGLE_THREADED
+    #define NO_STDIO_FILESYSTEM
+    #define CYASSL_LEANPSK
+    #define HAVE_NULL_CIPHER
+    #define NO_OLD_TLS
+    #define NO_ASN
+    #define NO_BIG_INT
+    #define NO_RSA
+    #define NO_DSA
+    #define NO_DH
+    #define NO_CERTS
+    #define NO_PWDBASED
+    #define NO_DES3
+    #define NO_MD4
+    #define NO_RC4
+    #define NO_MD5
+    #define NO_SESSION_CACHE
+    #define NO_MAIN_DRIVER
+#endif
+
+#ifdef CYASSL_PICOTCP
+    #define errno pico_err
+    #include "pico_defines.h"
+    #include "pico_stack.h"
+    #include "pico_constants.h"
+    #define CUSTOM_RAND_GENERATE pico_rand
+#endif
+
+#ifdef CYASSL_PICOTCP_DEMO
+    #define CYASSL_STM32
+    #define USE_FAST_MATH
+    #define TFM_TIMING_RESISTANT
+    #define XMALLOC(s, h, type)  PICO_ZALLOC((s))
+    #define XFREE(p, h, type)    PICO_FREE((p))
+    #define SINGLE_THREADED
+    #define NO_WRITEV
+    #define CYASSL_USER_IO
+    #define NO_DEV_RANDOM
+    #define NO_FILESYSTEM
+#endif
+
+#ifdef FREERTOS_WINSIM
+    #define FREERTOS
+    #define USE_WINDOWS_API
+#endif
+
+
+/* Micrium will use Visual Studio for compilation but not the Win32 API */
+#if defined(_WIN32) && !defined(MICRIUM) && !defined(FREERTOS) \
+        && !defined(EBSNET) && !defined(CYASSL_EROAD)
+    #define USE_WINDOWS_API
+#endif
+
+
+#if defined(CYASSL_LEANPSK) && !defined(XMALLOC_USER)
+    #include 
+    #define XMALLOC(s, h, type)  malloc((s))
+    #define XFREE(p, h, type)    free((p)) 
+    #define XREALLOC(p, n, h, t) realloc((p), (n))
+#endif
+
+#if defined(XMALLOC_USER) && defined(SSN_BUILDING_LIBYASSL)
+    #undef  XMALLOC
+    #define XMALLOC     yaXMALLOC
+    #undef  XFREE
+    #define XFREE       yaXFREE
+    #undef  XREALLOC
+    #define XREALLOC    yaXREALLOC
+#endif
+
+
+#ifdef FREERTOS
+    #ifndef NO_WRITEV
+        #define NO_WRITEV
+    #endif
+    #ifndef NO_SHA512
+        #define NO_SHA512
+    #endif
+    #ifndef NO_DH
+        #define NO_DH
+    #endif
+    #ifndef NO_DSA
+        #define NO_DSA
+    #endif
+    #ifndef NO_HC128
+        #define NO_HC128
+    #endif
+
+    #ifndef SINGLE_THREADED
+        #include "FreeRTOS.h"
+        #include "semphr.h"
+    #endif
+#endif
+
+#ifdef CYASSL_TIRTOS
+    #define SIZEOF_LONG_LONG 8
+    #define NO_WRITEV
+    #define NO_CYASSL_DIR
+    #define USE_FAST_MATH
+    #define TFM_TIMING_RESISTANT
+    #define NO_DEV_RANDOM
+    #define NO_FILESYSTEM
+    #define USE_CERT_BUFFERS_2048
+    #define NO_ERROR_STRINGS
+    #define USER_TIME
+
+    #ifdef __IAR_SYSTEMS_ICC__
+        #pragma diag_suppress=Pa089
+    #elif !defined(__GNUC__)
+        /* Suppress the sslpro warning */
+        #pragma diag_suppress=11
+    #endif
+
+    #include 
+#endif
+
+#ifdef EBSNET
+    #include "rtip.h"
+
+    /* #define DEBUG_CYASSL */
+    #define NO_CYASSL_DIR  /* tbd */
+
+    #if (POLLOS)
+        #define SINGLE_THREADED
+    #endif
+
+    #if (RTPLATFORM)
+        #if (!RTP_LITTLE_ENDIAN)
+            #define BIG_ENDIAN_ORDER
+        #endif
+    #else
+        #if (!KS_LITTLE_ENDIAN)
+            #define BIG_ENDIAN_ORDER
+        #endif
+    #endif
+
+    #if (WINMSP3)
+        #undef SIZEOF_LONG
+        #define SIZEOF_LONG_LONG 8
+    #else
+        #sslpro: settings.h - please implement SIZEOF_LONG and SIZEOF_LONG_LONG
+    #endif
+
+    #define XMALLOC(s, h, type) ((void *)rtp_malloc((s), SSL_PRO_MALLOC))
+    #define XFREE(p, h, type) (rtp_free(p))
+    #define XREALLOC(p, n, h, t) realloc((p), (n))
+
+#endif /* EBSNET */
+
+#ifdef CYASSL_GAME_BUILD
+    #define SIZEOF_LONG_LONG 8
+    #if defined(__PPU) || defined(__XENON)
+        #define BIG_ENDIAN_ORDER
+    #endif
+#endif
+
+#ifdef CYASSL_LSR
+    #define HAVE_WEBSERVER
+    #define SIZEOF_LONG_LONG 8
+    #define CYASSL_LOW_MEMORY
+    #define NO_WRITEV
+    #define NO_SHA512
+    #define NO_DH
+    #define NO_DSA
+    #define NO_HC128
+    #define NO_DEV_RANDOM
+    #define NO_CYASSL_DIR
+    #define NO_RABBIT
+    #ifndef NO_FILESYSTEM
+        #define LSR_FS
+        #include "inc/hw_types.h"
+        #include "fs.h"
+    #endif
+    #define CYASSL_LWIP
+    #include   /* for tcp errno */
+    #define CYASSL_SAFERTOS
+    #if defined(__IAR_SYSTEMS_ICC__)
+        /* enum uses enum */
+        #pragma diag_suppress=Pa089
+    #endif
+#endif
+
+#ifdef CYASSL_SAFERTOS
+    #ifndef SINGLE_THREADED
+        #include "SafeRTOS/semphr.h"
+    #endif
+
+    #include "SafeRTOS/heap.h"
+    #define XMALLOC(s, h, type)  pvPortMalloc((s))
+    #define XFREE(p, h, type)    vPortFree((p)) 
+    #define XREALLOC(p, n, h, t) pvPortRealloc((p), (n))
+#endif
+
+#ifdef CYASSL_LOW_MEMORY
+    #undef  RSA_LOW_MEM
+    #define RSA_LOW_MEM
+    #undef  CYASSL_SMALL_STACK
+    #define CYASSL_SMALL_STACK
+    #undef  TFM_TIMING_RESISTANT
+    #define TFM_TIMING_RESISTANT
+#endif
+
+#ifdef FREESCALE_MQX
+    #define SIZEOF_LONG_LONG 8
+    #define NO_WRITEV
+    #define NO_DEV_RANDOM
+    #define NO_RABBIT
+    #define NO_CYASSL_DIR
+    #define USE_FAST_MATH
+    #define TFM_TIMING_RESISTANT
+    #define FREESCALE_K70_RNGA
+    /* #define FREESCALE_K53_RNGB */
+    #include "mqx.h"
+    #ifndef NO_FILESYSTEM
+        #include "mfs.h"
+        #include "fio.h"
+    #endif
+    #ifndef SINGLE_THREADED
+        #include "mutex.h"
+    #endif
+
+    #define XMALLOC(s, h, t)    (void *)_mem_alloc_system((s))
+    #define XFREE(p, h, t)      {void* xp = (p); if ((xp)) _mem_free((xp));}
+    /* Note: MQX has no realloc, using fastmath above */
+#endif
+
+#ifdef CYASSL_STM32F2
+    #define SIZEOF_LONG_LONG 8
+    #define NO_DEV_RANDOM
+    #define NO_CYASSL_DIR
+    #define NO_RABBIT
+    #define STM32F2_RNG
+    #define STM32F2_CRYPTO
+    #define KEIL_INTRINSICS
+#endif
+
+#ifdef MICRIUM
+
+    #include "stdlib.h"
+    #include "net_cfg.h"
+    #include "ssl_cfg.h"
+    #include "net_secure_os.h"
+
+    #define CYASSL_TYPES
+
+    typedef CPU_INT08U byte;
+    typedef CPU_INT16U word16;
+    typedef CPU_INT32U word32;
+
+    #if (NET_SECURE_MGR_CFG_WORD_SIZE == CPU_WORD_SIZE_32)
+        #define SIZEOF_LONG        4
+        #undef  SIZEOF_LONG_LONG
+    #else
+        #undef  SIZEOF_LONG
+        #define SIZEOF_LONG_LONG   8
+    #endif
+
+    #define STRING_USER
+
+    #define XSTRLEN(pstr) ((CPU_SIZE_T)Str_Len((CPU_CHAR *)(pstr)))
+    #define XSTRNCPY(pstr_dest, pstr_src, len_max) \
+                    ((CPU_CHAR *)Str_Copy_N((CPU_CHAR *)(pstr_dest), \
+                     (CPU_CHAR *)(pstr_src), (CPU_SIZE_T)(len_max)))
+    #define XSTRNCMP(pstr_1, pstr_2, len_max) \
+                    ((CPU_INT16S)Str_Cmp_N((CPU_CHAR *)(pstr_1), \
+                     (CPU_CHAR *)(pstr_2), (CPU_SIZE_T)(len_max)))  
+    #define XSTRSTR(pstr, pstr_srch) \
+                    ((CPU_CHAR *)Str_Str((CPU_CHAR *)(pstr), \
+                     (CPU_CHAR *)(pstr_srch)))
+    #define XMEMSET(pmem, data_val, size) \
+                    ((void)Mem_Set((void *)(pmem), (CPU_INT08U) (data_val), \
+                    (CPU_SIZE_T)(size)))
+    #define XMEMCPY(pdest, psrc, size) ((void)Mem_Copy((void *)(pdest), \
+                     (void *)(psrc), (CPU_SIZE_T)(size)))
+    #define XMEMCMP(pmem_1, pmem_2, size) \
+                   (((CPU_BOOLEAN)Mem_Cmp((void *)(pmem_1), (void *)(pmem_2), \
+                     (CPU_SIZE_T)(size))) ? DEF_NO : DEF_YES)
+    #define XMEMMOVE XMEMCPY
+
+#if (NET_SECURE_MGR_CFG_EN == DEF_ENABLED)
+    #define MICRIUM_MALLOC    
+    #define XMALLOC(s, h, type) ((void *)NetSecure_BlkGet((CPU_INT08U)(type), \
+                                 (CPU_SIZE_T)(s), (void *)0))
+    #define XFREE(p, h, type)   (NetSecure_BlkFree((CPU_INT08U)(type), \
+                                 (p), (void *)0))
+    #define XREALLOC(p, n, h, t) realloc((p), (n))
+#endif
+
+    #if (NET_SECURE_MGR_CFG_FS_EN == DEF_ENABLED)
+        #undef  NO_FILESYSTEM
+    #else
+        #define NO_FILESYSTEM
+    #endif
+
+    #if (SSL_CFG_TRACE_LEVEL == CYASSL_TRACE_LEVEL_DBG)
+        #define DEBUG_CYASSL
+    #else
+        #undef  DEBUG_CYASSL
+    #endif
+
+    #if (SSL_CFG_OPENSSL_EN == DEF_ENABLED)
+        #define OPENSSL_EXTRA
+    #else
+        #undef  OPENSSL_EXTRA
+    #endif
+
+    #if (SSL_CFG_MULTI_THREAD_EN == DEF_ENABLED)
+        #undef  SINGLE_THREADED
+    #else
+        #define SINGLE_THREADED
+    #endif
+
+    #if (SSL_CFG_DH_EN == DEF_ENABLED)
+        #undef  NO_DH
+    #else
+        #define NO_DH
+    #endif
+
+    #if (SSL_CFG_DSA_EN == DEF_ENABLED)
+        #undef  NO_DSA
+    #else
+        #define NO_DSA
+    #endif
+
+    #if (SSL_CFG_PSK_EN == DEF_ENABLED)
+        #undef  NO_PSK
+    #else
+        #define NO_PSK
+    #endif
+
+    #if (SSL_CFG_3DES_EN == DEF_ENABLED)
+        #undef  NO_DES
+    #else
+        #define NO_DES
+    #endif
+
+    #if (SSL_CFG_AES_EN == DEF_ENABLED)
+        #undef  NO_AES
+    #else
+        #define NO_AES
+    #endif
+
+    #if (SSL_CFG_RC4_EN == DEF_ENABLED)
+        #undef  NO_RC4
+    #else
+        #define NO_RC4
+    #endif
+
+    #if (SSL_CFG_RABBIT_EN == DEF_ENABLED)
+        #undef  NO_RABBIT
+    #else
+        #define NO_RABBIT
+    #endif
+
+    #if (SSL_CFG_HC128_EN == DEF_ENABLED)
+        #undef  NO_HC128
+    #else
+        #define NO_HC128
+    #endif
+
+    #if (CPU_CFG_ENDIAN_TYPE == CPU_ENDIAN_TYPE_BIG)
+        #define BIG_ENDIAN_ORDER
+    #else
+        #undef  BIG_ENDIAN_ORDER
+        #define LITTLE_ENDIAN_ORDER
+    #endif
+
+    #if (SSL_CFG_MD4_EN == DEF_ENABLED)
+        #undef  NO_MD4
+    #else
+        #define NO_MD4
+    #endif
+
+    #if (SSL_CFG_WRITEV_EN == DEF_ENABLED)
+        #undef  NO_WRITEV
+    #else
+        #define NO_WRITEV
+    #endif
+
+    #if (SSL_CFG_USER_RNG_SEED_EN == DEF_ENABLED)
+        #define NO_DEV_RANDOM   
+    #else
+        #undef  NO_DEV_RANDOM
+    #endif
+
+    #if (SSL_CFG_USER_IO_EN == DEF_ENABLED)
+        #define CYASSL_USER_IO   
+    #else
+        #undef  CYASSL_USER_IO
+    #endif
+
+    #if (SSL_CFG_DYNAMIC_BUFFERS_EN == DEF_ENABLED)
+        #undef  LARGE_STATIC_BUFFERS
+        #undef  STATIC_CHUNKS_ONLY
+    #else
+        #define LARGE_STATIC_BUFFERS
+        #define STATIC_CHUNKS_ONLY
+    #endif
+
+    #if (SSL_CFG_DER_LOAD_EN == DEF_ENABLED)
+        #define  CYASSL_DER_LOAD
+    #else
+        #undef   CYASSL_DER_LOAD
+    #endif
+
+    #if (SSL_CFG_DTLS_EN == DEF_ENABLED)
+        #define  CYASSL_DTLS
+    #else
+        #undef   CYASSL_DTLS
+    #endif
+
+    #if (SSL_CFG_CALLBACKS_EN == DEF_ENABLED)
+         #define CYASSL_CALLBACKS
+    #else
+         #undef  CYASSL_CALLBACKS
+    #endif
+
+    #if (SSL_CFG_FAST_MATH_EN == DEF_ENABLED)
+         #define USE_FAST_MATH
+    #else
+         #undef  USE_FAST_MATH
+    #endif
+
+    #if (SSL_CFG_TFM_TIMING_RESISTANT_EN == DEF_ENABLED)
+         #define TFM_TIMING_RESISTANT
+    #else
+         #undef  TFM_TIMING_RESISTANT
+    #endif
+
+#endif /* MICRIUM */
+
+
+#ifdef CYASSL_QL
+    #ifndef CYASSL_SEP
+        #define CYASSL_SEP
+    #endif
+    #ifndef OPENSSL_EXTRA
+        #define OPENSSL_EXTRA
+    #endif
+    #ifndef SESSION_CERTS
+        #define SESSION_CERTS
+    #endif
+    #ifndef HAVE_AESCCM
+        #define HAVE_AESCCM
+    #endif
+    #ifndef ATOMIC_USER
+        #define ATOMIC_USER
+    #endif
+    #ifndef CYASSL_DER_LOAD
+        #define CYASSL_DER_LOAD
+    #endif
+    #ifndef KEEP_PEER_CERT
+        #define KEEP_PEER_CERT
+    #endif
+    #ifndef HAVE_ECC
+        #define HAVE_ECC
+    #endif
+    #ifndef SESSION_INDEX
+        #define SESSION_INDEX
+    #endif
+#endif /* CYASSL_QL */
+
+
+#if !defined(XMALLOC_USER) && !defined(MICRIUM_MALLOC) && \
+    !defined(CYASSL_LEANPSK) && !defined(NO_CYASSL_MEMORY)
+    #define USE_CYASSL_MEMORY
+#endif
+
+
+#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS)
+    #undef  KEEP_PEER_CERT
+    #define KEEP_PEER_CERT
+#endif
+
+
+/* stream ciphers except arc4 need 32bit alignment, intel ok without */
+#ifndef XSTREAM_ALIGNMENT
+    #if defined(__x86_64__) || defined(__ia64__) || defined(__i386__)
+        #define NO_XSTREAM_ALIGNMENT
+    #else
+        #define XSTREAM_ALIGNMENT
+    #endif
+#endif
+
+
+/* FreeScale MMCAU hardware crypto has 4 byte alignment */
+#ifdef FREESCALE_MMCAU
+    #define CYASSL_MMCAU_ALIGNMENT 4
+#endif
+
+/* if using hardware crypto and have alignment requirements, specify the
+   requirement here.  The record header of SSL/TLS will prvent easy alignment.
+   This hint tries to help as much as possible.  */
+#ifndef CYASSL_GENERAL_ALIGNMENT
+    #ifdef CYASSL_AESNI
+        #define CYASSL_GENERAL_ALIGNMENT 16
+    #elif defined(XSTREAM_ALIGNMENT)
+        #define CYASSL_GENERAL_ALIGNMENT  4
+    #elif defined(FREESCALE_MMCAU)
+        #define CYASSL_GENERAL_ALIGNMENT  CYASSL_MMCAU_ALIGNMENT
+    #else 
+        #define CYASSL_GENERAL_ALIGNMENT  0 
+    #endif
+#endif
+
+#ifdef HAVE_CRL
+    /* not widely supported yet */
+    #undef NO_SKID
+    #define NO_SKID
+#endif
+
+
+#ifdef __INTEL_COMPILER
+    #pragma warning(disable:2259) /* explicit casts to smaller sizes, disable */
+#endif
+
+
+/* Place any other flags or defines here */
+
+
+#ifdef __cplusplus
+    }   /* extern "C" */
+#endif
+
+
+#endif /* CTAO_CRYPT_SETTINGS_H */
diff --git a/3P/wolfssl/cyassl/ctaocrypt/settings_comp.h b/3P/wolfssl/cyassl/ctaocrypt/settings_comp.h
new file mode 100644
index 00000000..89278a2d
--- /dev/null
+++ b/3P/wolfssl/cyassl/ctaocrypt/settings_comp.h
@@ -0,0 +1,58 @@
+/* settings_comp.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+#ifndef CTAO_CRYPT_SETTINGS_C_H
+#define CTAO_CRYPT_SETTINGS_C_H
+
+
+/* since fips overrides rsa.h map compatibility here */
+#if !defined(NO_RSA)
+	#ifdef WOLFSSL_KEY_GEN
+	    #define RsaKeyToDer wc_RsaKeyToDer
+	#endif
+
+	#define RsaPrivateKeyDecode   wc_RsaPrivateKeyDecode
+	#define RsaPublicKeyDecode    wc_RsaPublicKeyDecode
+	#define RsaPublicKeyDecodeRaw wc_RsaPublicKeyDecodeRaw
+#endif /* have rsa and HAVE_FIPS */
+
+/* Macro redefinitions for compatibility */
+#ifdef HAVE_NTRU
+    #define MakeNtruCert wc_MakeNtruCert
+#endif
+#if defined(WOLFSSL_SHA512) && !defined(CYASSL_SHA512)
+    #define CYASSL_SHA512
+#endif
+#if defined(WOLFSSL_SHA384) && !defined(CYASSL_SHA384)
+    #define CYASSL_SHA384
+#endif
+#if defined(WOLFSSL_LEANPSK) && !defined(CYASSL_LEANPSK)
+    #define CYASSL_LEANPSK
+#endif
+#if defined(NO_WOLFSSL_MEMORY) && !defined(NO_CYASSL_MEMORY)
+    #define NO_CYASSL_MEMORY
+#endif
+#ifdef WOLFSSL_KEY_GEN
+    #define CYASSL_KEY_GEN
+#endif
+
+#endif /* CTAO_CRYPT_SETTINGS_C_H */
+
diff --git a/3P/wolfssl/cyassl/ctaocrypt/sha.h b/3P/wolfssl/cyassl/ctaocrypt/sha.h
new file mode 100644
index 00000000..56927e2d
--- /dev/null
+++ b/3P/wolfssl/cyassl/ctaocrypt/sha.h
@@ -0,0 +1,36 @@
+/* sha.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#ifndef NO_SHA
+
+#ifndef CTAO_CRYPT_SHA_H
+#define CTAO_CRYPT_SHA_H
+
+#include 
+#define InitSha   wc_InitSha
+#define ShaUpdate wc_ShaUpdate
+#define ShaFinal  wc_ShaFinal
+#define ShaHash   wc_ShaHash
+
+#endif /* CTAO_CRYPT_SHA_H */
+#endif /* NO_SHA */
+
diff --git a/3P/wolfssl/cyassl/ctaocrypt/sha256.h b/3P/wolfssl/cyassl/ctaocrypt/sha256.h
new file mode 100644
index 00000000..b8b1f246
--- /dev/null
+++ b/3P/wolfssl/cyassl/ctaocrypt/sha256.h
@@ -0,0 +1,39 @@
+/* sha256.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+/* code submitted by raphael.huck@efixo.com */
+
+
+#ifndef NO_SHA256
+
+#ifndef CTAO_CRYPT_SHA256_H
+#define CTAO_CRYPT_SHA256_H
+
+#include 
+#define InitSha256   wc_InitSha256
+#define Sha256Update wc_Sha256Update
+#define Sha256Final  wc_Sha256Final
+#define Sha256Hash   wc_Sha256Hash
+
+#endif /* CTAO_CRYPT_SHA256_H */
+#endif /* NO_SHA256 */
+
diff --git a/3P/wolfssl/cyassl/ctaocrypt/sha512.h b/3P/wolfssl/cyassl/ctaocrypt/sha512.h
new file mode 100644
index 00000000..3eab7600
--- /dev/null
+++ b/3P/wolfssl/cyassl/ctaocrypt/sha512.h
@@ -0,0 +1,40 @@
+/* sha512.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#ifndef CTAO_CRYPT_SHA512_H
+#define CTAO_CRYPT_SHA512_H
+
+#include 
+#define InitSha512   wc_InitSha512
+#define Sha512Update wc_Sha512Update
+#define Sha512Final  wc_Sha512Final
+#define Sha512Hash   wc_Sha512Hash
+
+#if defined(WOLFSSL_SHA384) || defined(HAVE_AESGCM)
+    #define InitSha384   wc_InitSha384
+    #define Sha384Update wc_Sha384Update
+    #define Sha384Final  wc_Sha384Final
+    #define Sha384Hash   wc_Sha384Hash
+#endif /* WOLFSSL_SHA384 */
+
+#endif /* CTAO_CRYPT_SHA512_H */
+
diff --git a/3P/wolfssl/cyassl/ctaocrypt/tfm.h b/3P/wolfssl/cyassl/ctaocrypt/tfm.h
new file mode 100644
index 00000000..0b16b518
--- /dev/null
+++ b/3P/wolfssl/cyassl/ctaocrypt/tfm.h
@@ -0,0 +1,41 @@
+/* tfm.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+/*
+ * Based on public domain TomsFastMath 0.10 by Tom St Denis, tomstdenis@iahu.ca,
+ * http://math.libtomcrypt.com
+ */
+
+
+/**
+ *  Edited by Moisés Guimarães (moises.guimaraes@phoebus.com.br)
+ *  to fit CyaSSL's needs.
+ */
+
+
+#ifndef CTAO_CRYPT_TFM_H
+#define CTAO_CRYPT_TFM_H
+
+#include 
+
+#endif  /* CTAO_CRYPT_TFM_H */
+
diff --git a/3P/wolfssl/cyassl/ctaocrypt/types.h b/3P/wolfssl/cyassl/ctaocrypt/types.h
new file mode 100644
index 00000000..95bfb45e
--- /dev/null
+++ b/3P/wolfssl/cyassl/ctaocrypt/types.h
@@ -0,0 +1,39 @@
+/* types.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#ifndef CTAO_CRYPT_TYPES_H
+#define CTAO_CRYPT_TYPES_H
+
+#include 
+#include 
+#include 
+
+/* compatibility macros */
+#define CYASSL_WORD_SIZE    WOLFSSL_WORD_SIZE
+#define CYASSL_BIT_SIZE     WOLFSSL_BIT_SIZE
+#define CYASSL_MAX_16BIT    WOLFSSL_MAX_16BIT
+#define CYASSL_MAX_ERROR_SZ WOLFSSL_MAX_ERROR_SZ
+#define cyassl_word         wolfssl_word
+#define CYASSL_MAX_ERROR_SZ WOLFSSL_MAX_ERROR_SZ
+
+#endif /* CTAO_CRYPT_TYPES_H */
+
diff --git a/3P/wolfssl/cyassl/ctaocrypt/visibility.h b/3P/wolfssl/cyassl/ctaocrypt/visibility.h
new file mode 100644
index 00000000..6bb4953a
--- /dev/null
+++ b/3P/wolfssl/cyassl/ctaocrypt/visibility.h
@@ -0,0 +1,72 @@
+/* visibility.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+/* Visibility control macros */
+
+#ifndef CTAO_CRYPT_VISIBILITY_H
+#define CTAO_CRYPT_VISIBILITY_H
+
+/* fips compatibility @wc_fips */
+#ifndef HAVE_FIPS
+    #include 
+    #define CYASSL_API   WOLFSSL_API
+	#define CYASSL_LOCAL WOLFSSL_LOCAL
+#else
+/* CYASSL_API is used for the public API symbols.
+        It either imports or exports (or does nothing for static builds)
+
+   CYASSL_LOCAL is used for non-API symbols (private).
+*/
+
+#if defined(BUILDING_WOLFSSL)
+    #if defined(HAVE_VISIBILITY) && HAVE_VISIBILITY
+        #define CYASSL_API   __attribute__ ((visibility("default")))
+        #define CYASSL_LOCAL __attribute__ ((visibility("hidden")))
+    #elif defined(__SUNPRO_C) && (__SUNPRO_C >= 0x550)
+        #define CYASSL_API   __global
+        #define CYASSL_LOCAL __hidden
+    #elif defined(_MSC_VER)
+        #ifdef CYASSL_DLL
+            #define CYASSL_API extern __declspec(dllexport)
+        #else
+            #define CYASSL_API
+        #endif
+        #define CYASSL_LOCAL
+    #else
+        #define CYASSL_API
+        #define CYASSL_LOCAL
+    #endif /* HAVE_VISIBILITY */
+#else /* BUILDING_WOLFSSL */
+    #if defined(_MSC_VER)
+        #ifdef CYASSL_DLL
+            #define CYASSL_API extern __declspec(dllimport)
+        #else
+            #define CYASSL_API
+        #endif
+        #define CYASSL_LOCAL
+    #else
+        #define CYASSL_API
+        #define CYASSL_LOCAL
+    #endif
+#endif /* BUILDING_WOLFSSL */
+#endif /* HAVE_FIPS */
+#endif /* CTAO_CRYPT_VISIBILITY_H */
+
diff --git a/3P/wolfssl/cyassl/ctaocrypt/wc_port.h b/3P/wolfssl/cyassl/ctaocrypt/wc_port.h
new file mode 100644
index 00000000..f35a451c
--- /dev/null
+++ b/3P/wolfssl/cyassl/ctaocrypt/wc_port.h
@@ -0,0 +1,31 @@
+/* port.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#ifndef CTAO_CRYPT_PORT_H
+#define CTAO_CRYPT_PORT_H
+
+#include 
+#include 
+#define CyaSSL_Mutex wolfSSL_Mutex
+
+#endif /* CTAO_CRYPT_PORT_H */
+
diff --git a/3P/wolfssl/cyassl/error-ssl.h b/3P/wolfssl/cyassl/error-ssl.h
new file mode 100644
index 00000000..8eab8435
--- /dev/null
+++ b/3P/wolfssl/cyassl/error-ssl.h
@@ -0,0 +1,22 @@
+/* error-ssl.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+#include 
diff --git a/3P/wolfssl/cyassl/include.am b/3P/wolfssl/cyassl/include.am
new file mode 100644
index 00000000..db1f089e
--- /dev/null
+++ b/3P/wolfssl/cyassl/include.am
@@ -0,0 +1,25 @@
+# vim:ft=automake
+# All paths should be given relative to the root
+#
+
+include cyassl/ctaocrypt/include.am
+include cyassl/openssl/include.am
+
+EXTRA_DIST+= cyassl/sniffer_error.rc
+
+nobase_include_HEADERS+= \
+                         cyassl/error-ssl.h \
+                         cyassl/ssl.h \
+                         cyassl/sniffer_error.h \
+                         cyassl/sniffer.h \
+                         cyassl/callbacks.h \
+                         cyassl/certs_test.h \
+                         cyassl/test.h \
+                         cyassl/version.h \
+                         cyassl/options.h \
+                         cyassl/ocsp.h \
+                         cyassl/crl.h
+
+noinst_HEADERS+= \
+                         cyassl/internal.h
+
diff --git a/3P/wolfssl/cyassl/internal.h b/3P/wolfssl/cyassl/internal.h
new file mode 100644
index 00000000..c0ba722e
--- /dev/null
+++ b/3P/wolfssl/cyassl/internal.h
@@ -0,0 +1,22 @@
+/* internal.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+#include 
diff --git a/3P/wolfssl/cyassl/ocsp.h b/3P/wolfssl/cyassl/ocsp.h
new file mode 100644
index 00000000..1ad9efe0
--- /dev/null
+++ b/3P/wolfssl/cyassl/ocsp.h
@@ -0,0 +1,22 @@
+/* ocsp.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+#include 
diff --git a/3P/wolfssl/cyassl/openssl/asn1.h b/3P/wolfssl/cyassl/openssl/asn1.h
new file mode 100644
index 00000000..35be23f7
--- /dev/null
+++ b/3P/wolfssl/cyassl/openssl/asn1.h
@@ -0,0 +1,3 @@
+/* asn1.h for openssl */
+
+#include 
diff --git a/3P/wolfssl/cyassl/openssl/bio.h b/3P/wolfssl/cyassl/openssl/bio.h
new file mode 100644
index 00000000..8f529835
--- /dev/null
+++ b/3P/wolfssl/cyassl/openssl/bio.h
@@ -0,0 +1,4 @@
+/* bio.h for openssl */
+
+#include 
+
diff --git a/3P/wolfssl/cyassl/openssl/bn.h b/3P/wolfssl/cyassl/openssl/bn.h
new file mode 100644
index 00000000..e14f4e28
--- /dev/null
+++ b/3P/wolfssl/cyassl/openssl/bn.h
@@ -0,0 +1,3 @@
+/* bn.h for openssl */
+
+#include 
diff --git a/3P/wolfssl/cyassl/openssl/conf.h b/3P/wolfssl/cyassl/openssl/conf.h
new file mode 100644
index 00000000..4005ea9d
--- /dev/null
+++ b/3P/wolfssl/cyassl/openssl/conf.h
@@ -0,0 +1,3 @@
+/* conf.h for openssl */
+
+#include 
diff --git a/3P/wolfssl/cyassl/openssl/crypto.h b/3P/wolfssl/cyassl/openssl/crypto.h
new file mode 100644
index 00000000..32e11082
--- /dev/null
+++ b/3P/wolfssl/cyassl/openssl/crypto.h
@@ -0,0 +1,4 @@
+/* crypto.h for openSSL */
+
+#include 
+
diff --git a/3P/wolfssl/cyassl/openssl/des.h b/3P/wolfssl/cyassl/openssl/des.h
new file mode 100644
index 00000000..0c8d55c1
--- /dev/null
+++ b/3P/wolfssl/cyassl/openssl/des.h
@@ -0,0 +1,27 @@
+/* des.h
+ *
+ * Copyright (C) 2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+/*  des.h defines mini des openssl compatibility layer 
+ *
+ */
+
+#include 
diff --git a/3P/wolfssl/cyassl/openssl/dh.h b/3P/wolfssl/cyassl/openssl/dh.h
new file mode 100644
index 00000000..6fd8e36e
--- /dev/null
+++ b/3P/wolfssl/cyassl/openssl/dh.h
@@ -0,0 +1,4 @@
+/* dh.h for openSSL */
+
+
+#include 
diff --git a/3P/wolfssl/cyassl/openssl/dsa.h b/3P/wolfssl/cyassl/openssl/dsa.h
new file mode 100644
index 00000000..2bb476bb
--- /dev/null
+++ b/3P/wolfssl/cyassl/openssl/dsa.h
@@ -0,0 +1,3 @@
+/* dsa.h for openSSL */
+
+#include 
diff --git a/3P/wolfssl/cyassl/openssl/ec.h b/3P/wolfssl/cyassl/openssl/ec.h
new file mode 100644
index 00000000..1ce8aa94
--- /dev/null
+++ b/3P/wolfssl/cyassl/openssl/ec.h
@@ -0,0 +1,3 @@
+/* ec.h for openssl */
+
+#include 
diff --git a/3P/wolfssl/cyassl/openssl/ecdsa.h b/3P/wolfssl/cyassl/openssl/ecdsa.h
new file mode 100644
index 00000000..9a1c02b3
--- /dev/null
+++ b/3P/wolfssl/cyassl/openssl/ecdsa.h
@@ -0,0 +1,3 @@
+/* ecdsa.h for openssl */
+
+#include 
\ No newline at end of file
diff --git a/3P/wolfssl/cyassl/openssl/engine.h b/3P/wolfssl/cyassl/openssl/engine.h
new file mode 100644
index 00000000..fcce4bdb
--- /dev/null
+++ b/3P/wolfssl/cyassl/openssl/engine.h
@@ -0,0 +1,5 @@
+/* engine.h for libcurl */
+
+#include 
+
+
diff --git a/3P/wolfssl/cyassl/openssl/err.h b/3P/wolfssl/cyassl/openssl/err.h
new file mode 100644
index 00000000..36111170
--- /dev/null
+++ b/3P/wolfssl/cyassl/openssl/err.h
@@ -0,0 +1,3 @@
+/* err.h for openssl */
+
+#include 
diff --git a/3P/wolfssl/cyassl/openssl/evp.h b/3P/wolfssl/cyassl/openssl/evp.h
new file mode 100644
index 00000000..fe9f4241
--- /dev/null
+++ b/3P/wolfssl/cyassl/openssl/evp.h
@@ -0,0 +1,27 @@
+/* evp.h
+ *
+ * Copyright (C) 2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+/*  evp.h defines mini evp openssl compatibility layer 
+ *
+ */
+
+#include 
diff --git a/3P/wolfssl/cyassl/openssl/hmac.h b/3P/wolfssl/cyassl/openssl/hmac.h
new file mode 100644
index 00000000..f35fd754
--- /dev/null
+++ b/3P/wolfssl/cyassl/openssl/hmac.h
@@ -0,0 +1,27 @@
+/* hmac.h
+ *
+ * Copyright (C) 2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+/*  hmac.h defines mini hamc openssl compatibility layer 
+ *
+ */
+
+#include 
diff --git a/3P/wolfssl/cyassl/openssl/include.am b/3P/wolfssl/cyassl/openssl/include.am
new file mode 100644
index 00000000..e531f767
--- /dev/null
+++ b/3P/wolfssl/cyassl/openssl/include.am
@@ -0,0 +1,36 @@
+# vim:ft=automake
+# All paths should be given relative to the root
+
+nobase_include_HEADERS+= \
+                         cyassl/openssl/asn1.h \
+                         cyassl/openssl/bio.h \
+                         cyassl/openssl/bn.h \
+                         cyassl/openssl/conf.h \
+                         cyassl/openssl/crypto.h \
+                         cyassl/openssl/des.h \
+                         cyassl/openssl/dh.h \
+                         cyassl/openssl/dsa.h \
+                         cyassl/openssl/ecdsa.h \
+                         cyassl/openssl/ec.h \
+                         cyassl/openssl/engine.h \
+                         cyassl/openssl/err.h \
+                         cyassl/openssl/evp.h \
+                         cyassl/openssl/hmac.h \
+                         cyassl/openssl/lhash.h \
+                         cyassl/openssl/md4.h \
+                         cyassl/openssl/md5.h \
+                         cyassl/openssl/ripemd.h \
+                         cyassl/openssl/ocsp.h \
+                         cyassl/openssl/opensslconf.h \
+                         cyassl/openssl/opensslv.h \
+                         cyassl/openssl/ossl_typ.h \
+                         cyassl/openssl/pem.h \
+                         cyassl/openssl/pkcs12.h \
+                         cyassl/openssl/rand.h \
+                         cyassl/openssl/rsa.h \
+                         cyassl/openssl/sha.h \
+                         cyassl/openssl/ssl.h \
+                         cyassl/openssl/stack.h \
+                         cyassl/openssl/ui.h \
+                         cyassl/openssl/x509.h \
+                         cyassl/openssl/x509v3.h
diff --git a/3P/wolfssl/cyassl/openssl/lhash.h b/3P/wolfssl/cyassl/openssl/lhash.h
new file mode 100644
index 00000000..6285f6a5
--- /dev/null
+++ b/3P/wolfssl/cyassl/openssl/lhash.h
@@ -0,0 +1,3 @@
+/* lhash.h for openSSL */
+
+#include 
\ No newline at end of file
diff --git a/3P/wolfssl/cyassl/openssl/md4.h b/3P/wolfssl/cyassl/openssl/md4.h
new file mode 100644
index 00000000..fb0d437a
--- /dev/null
+++ b/3P/wolfssl/cyassl/openssl/md4.h
@@ -0,0 +1,3 @@
+/* md4.h for libcurl */
+
+#include 
diff --git a/3P/wolfssl/cyassl/openssl/md5.h b/3P/wolfssl/cyassl/openssl/md5.h
new file mode 100644
index 00000000..f3dd4e4b
--- /dev/null
+++ b/3P/wolfssl/cyassl/openssl/md5.h
@@ -0,0 +1,5 @@
+/* md5.h for openssl */
+
+
+#include 
+
diff --git a/3P/wolfssl/cyassl/openssl/ocsp.h b/3P/wolfssl/cyassl/openssl/ocsp.h
new file mode 100644
index 00000000..8c0f4680
--- /dev/null
+++ b/3P/wolfssl/cyassl/openssl/ocsp.h
@@ -0,0 +1,3 @@
+/* ocsp.h for libcurl */
+
+#include 
diff --git a/3P/wolfssl/cyassl/openssl/opensslconf.h b/3P/wolfssl/cyassl/openssl/opensslconf.h
new file mode 100644
index 00000000..7f21cd95
--- /dev/null
+++ b/3P/wolfssl/cyassl/openssl/opensslconf.h
@@ -0,0 +1,3 @@
+/* opensslconf.h for openSSL */
+
+#include 
diff --git a/3P/wolfssl/cyassl/openssl/opensslv.h b/3P/wolfssl/cyassl/openssl/opensslv.h
new file mode 100644
index 00000000..d119f82e
--- /dev/null
+++ b/3P/wolfssl/cyassl/openssl/opensslv.h
@@ -0,0 +1,3 @@
+/* opensslv.h compatibility */
+
+#include 
diff --git a/3P/wolfssl/cyassl/openssl/ossl_typ.h b/3P/wolfssl/cyassl/openssl/ossl_typ.h
new file mode 100644
index 00000000..5e6e627d
--- /dev/null
+++ b/3P/wolfssl/cyassl/openssl/ossl_typ.h
@@ -0,0 +1,3 @@
+/* ossl_typ.h for openssl */
+
+#include 
diff --git a/3P/wolfssl/cyassl/openssl/pem.h b/3P/wolfssl/cyassl/openssl/pem.h
new file mode 100644
index 00000000..a07b9120
--- /dev/null
+++ b/3P/wolfssl/cyassl/openssl/pem.h
@@ -0,0 +1,3 @@
+/* pem.h for openssl */
+
+#include 
diff --git a/3P/wolfssl/cyassl/openssl/pkcs12.h b/3P/wolfssl/cyassl/openssl/pkcs12.h
new file mode 100644
index 00000000..1fb089fb
--- /dev/null
+++ b/3P/wolfssl/cyassl/openssl/pkcs12.h
@@ -0,0 +1,3 @@
+/* pkcs12.h for openssl */
+
+#include 
diff --git a/3P/wolfssl/cyassl/openssl/rand.h b/3P/wolfssl/cyassl/openssl/rand.h
new file mode 100644
index 00000000..5bd77b6c
--- /dev/null
+++ b/3P/wolfssl/cyassl/openssl/rand.h
@@ -0,0 +1,3 @@
+/* rand.h for openSSL */
+
+#include 
diff --git a/3P/wolfssl/cyassl/openssl/ripemd.h b/3P/wolfssl/cyassl/openssl/ripemd.h
new file mode 100644
index 00000000..b25de783
--- /dev/null
+++ b/3P/wolfssl/cyassl/openssl/ripemd.h
@@ -0,0 +1,3 @@
+/* ripemd.h for openssl */
+
+#include 
diff --git a/3P/wolfssl/cyassl/openssl/rsa.h b/3P/wolfssl/cyassl/openssl/rsa.h
new file mode 100644
index 00000000..06f10a57
--- /dev/null
+++ b/3P/wolfssl/cyassl/openssl/rsa.h
@@ -0,0 +1,3 @@
+/* rsa.h for openSSL */
+
+#include 
diff --git a/3P/wolfssl/cyassl/openssl/sha.h b/3P/wolfssl/cyassl/openssl/sha.h
new file mode 100644
index 00000000..ced3ca19
--- /dev/null
+++ b/3P/wolfssl/cyassl/openssl/sha.h
@@ -0,0 +1,3 @@
+/* sha.h for openssl */
+
+#include 
diff --git a/3P/wolfssl/cyassl/openssl/ssl.h b/3P/wolfssl/cyassl/openssl/ssl.h
new file mode 100644
index 00000000..094b9943
--- /dev/null
+++ b/3P/wolfssl/cyassl/openssl/ssl.h
@@ -0,0 +1,27 @@
+/* ssl.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * a with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+/*  ssl.h defines openssl compatibility layer 
+ *
+ */
+
+#include 
diff --git a/3P/wolfssl/cyassl/openssl/stack.h b/3P/wolfssl/cyassl/openssl/stack.h
new file mode 100644
index 00000000..831502f5
--- /dev/null
+++ b/3P/wolfssl/cyassl/openssl/stack.h
@@ -0,0 +1,3 @@
+/* stack.h for openssl */
+
+#include 
diff --git a/3P/wolfssl/cyassl/openssl/ui.h b/3P/wolfssl/cyassl/openssl/ui.h
new file mode 100644
index 00000000..b1f4042e
--- /dev/null
+++ b/3P/wolfssl/cyassl/openssl/ui.h
@@ -0,0 +1,3 @@
+/* ui.h for openssl */
+
+#include 
diff --git a/3P/wolfssl/cyassl/openssl/x509.h b/3P/wolfssl/cyassl/openssl/x509.h
new file mode 100644
index 00000000..9d130028
--- /dev/null
+++ b/3P/wolfssl/cyassl/openssl/x509.h
@@ -0,0 +1,3 @@
+/* x509.h for openssl */
+
+#include 
diff --git a/3P/wolfssl/cyassl/openssl/x509v3.h b/3P/wolfssl/cyassl/openssl/x509v3.h
new file mode 100644
index 00000000..2a5240d9
--- /dev/null
+++ b/3P/wolfssl/cyassl/openssl/x509v3.h
@@ -0,0 +1,3 @@
+/* x509v3.h for openssl */
+
+#include 
diff --git a/3P/wolfssl/cyassl/options.h b/3P/wolfssl/cyassl/options.h
new file mode 100644
index 00000000..93d565d2
--- /dev/null
+++ b/3P/wolfssl/cyassl/options.h
@@ -0,0 +1,62 @@
+/* cyassl options.h
+ * generated from wolfssl/options.h
+ */
+/* wolfssl options.h
+* generated from configure options
+*
+* Copyright (C) 2006-2015 wolfSSL Inc.
+*
+* This file is part of wolfSSL. (formerly known as CyaSSL)
+*
+*/
+
+#pragma once
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#undef  _POSIX_THREADS
+#define _POSIX_THREADS
+
+#undef  HAVE_THREAD_LS
+#define HAVE_THREAD_LS
+
+#undef  NDEBUG
+#define NDEBUG
+
+#undef  _THREAD_SAFE
+#define _THREAD_SAFE
+
+#undef  NO_DSA
+#define NO_DSA
+
+#undef  NO_PSK
+#define NO_PSK
+
+#undef  NO_DH
+#define NO_DH
+
+#undef  NO_MD4
+#define NO_MD4
+
+#undef  NO_HC128
+#define NO_HC128
+
+#undef  NO_RABBIT
+#define NO_RABBIT
+
+#undef  HAVE_HASHDRBG
+#define HAVE_HASHDRBG
+
+#undef  NO_PWDBASED
+#define NO_PWDBASED
+
+#undef  USE_FAST_MATH
+#define USE_FAST_MATH
+
+
+#ifdef __cplusplus
+}
+#endif
+
diff --git a/3P/wolfssl/cyassl/sniffer.h b/3P/wolfssl/cyassl/sniffer.h
new file mode 100644
index 00000000..2ae67440
--- /dev/null
+++ b/3P/wolfssl/cyassl/sniffer.h
@@ -0,0 +1,22 @@
+/* sniffer.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+#include 
diff --git a/3P/wolfssl/cyassl/sniffer_error.h b/3P/wolfssl/cyassl/sniffer_error.h
new file mode 100644
index 00000000..8b3e0034
--- /dev/null
+++ b/3P/wolfssl/cyassl/sniffer_error.h
@@ -0,0 +1,22 @@
+/* sniffer_error.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+#include 
diff --git a/3P/wolfssl/cyassl/sniffer_error.rc b/3P/wolfssl/cyassl/sniffer_error.rc
new file mode 100644
index 00000000..f787f064
--- /dev/null
+++ b/3P/wolfssl/cyassl/sniffer_error.rc
@@ -0,0 +1,91 @@
+
+STRINGTABLE 
+{
+    1, "Out of Memory"
+    2, "New SSL Sniffer Server Registered"
+    3, "Checking IP Header"
+    4, "SSL Sniffer Server Not Registered"
+    5, "Checking TCP Header"
+
+    6, "SSL Sniffer Server Port Not Registered"
+    7, "RSA Private Decrypt Error"
+    8, "RSA Private Decode Error"
+    9, "Set Cipher Spec Error"
+    10, "Server Hello Input Malformed"
+
+    11, "Couldn't Resume Session Error"
+    12, "Server Did Resumption"
+    13, "Client Hello Input Malformed"
+    14, "Client Trying to Resume"
+    15, "Handshake Input Malformed"
+
+    16, "Got Hello Verify msg"
+    17, "Got Server Hello msg"
+    18, "Got Cert Request msg"
+    19, "Got Server Key Exchange msg"
+    20, "Got Cert msg"
+
+    21, "Got Server Hello Done msg"
+    22, "Got Finished msg"
+    23, "Got Client Hello msg"
+    24, "Got Client Key Exchange msg"
+    25, "Got Cert Verify msg"
+
+    26, "Got Unknown Handshake msg"
+    27, "New SSL Sniffer Session created"
+    28, "Couldn't create new SSL"
+    29, "Got a Packet to decode"
+    30, "No data present"
+
+    31, "Session Not Found"
+    32, "Got an Old Client Hello msg"
+    33, "Old Client Hello Input Malformed"
+    34, "Old Client Hello OK"
+    35, "Bad Old Client Hello"
+
+    36, "Bad Record Header"
+    37, "Record Header Input Malformed"
+    38, "Got a HandShake msg"
+    39, "Bad HandShake msg"
+    40, "Got a Change Cipher Spec msg"
+
+    41, "Got Application Data msg"
+    42, "Bad Application Data"
+    43, "Got an Alert msg"
+    44, "Another msg to Process"
+    45, "Removing Session From Table"
+
+    46, "Bad Key File"
+    47, "Wrong IP Version"
+    48, "Wrong Protocol type"
+    49, "Packet Short for header processing"
+    50, "Got Unknown Record Type"
+    
+    51, "Can't Open Trace File"
+    52, "Session in Fatal Error State"
+    53, "Partial SSL record received"
+    54, "Buffer Error, malformed input"
+    55, "Added to Partial Input"
+
+    56, "Received a Duplicate Packet"
+    57, "Received an Out of Order Packet"
+    58, "Received an Overlap Duplicate Packet"
+    59, "Received an Overlap Reassembly Begin Duplicate Packet"
+    60, "Received an Overlap Reassembly End Duplicate Packet"
+    
+    61, "Missed the Client Hello Entirely"
+    62, "Got Hello Request msg"
+    63, "Got Session Ticket msg"
+    64, "Bad Input"
+    65, "Bad Decrypt Type"
+
+    66, "Bad Finished Message Processing"
+    67, "Bad Compression Type"
+    68, "Bad DeriveKeys Error"
+    69, "Saw ACK for Missing Packet Error"
+    70, "Bad Decrypt Operation"
+
+    71, "Decrypt Keys Not Set Up"
+    72, "Late Key Load Error"
+}
+
diff --git a/3P/wolfssl/cyassl/ssl.h b/3P/wolfssl/cyassl/ssl.h
new file mode 100644
index 00000000..de559317
--- /dev/null
+++ b/3P/wolfssl/cyassl/ssl.h
@@ -0,0 +1,718 @@
+/* ssl.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * a with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+/*
+ * ssl.h makes wolfssl backwards compatibile with cyassl
+ */
+
+#ifndef WOLFSSL_CYASSL_H_
+#define WOLFSSL_CYASSL_H_
+/*
+ * Name change
+ * include the new ssl.h
+ */
+#include 
+#include 
+#include 
+
+#ifdef __cplusplus
+    extern "C" {
+#endif
+
+#ifdef _WIN32
+    /* wincrypt.h clashes */
+    #undef X509_NAME
+#endif
+
+#ifdef CYASSL_TIRTOS
+    #undef CYASSL_TIRTOS
+    #define CYASSL_TIRTOS WOLFSSL_TIRTOS
+#endif
+
+#define CYASSL          WOLFSSL
+#define DEBUG_CYASSL    DEBUG_WOLFSSL
+#define CYASSL_CTX      WOLFSSL_CTX
+#define CYASSL_METHOD   WOLFSSL_METHOD
+#define CYASSL_SESSION  WOLFSSL_SESSION
+
+#define CYASSL_X509       WOLFSSL_X509
+#define CYASSL_X509_NAME  WOLFSSL_X509_NAME
+#define CYASSL_X509_CHAIN WOLFSSL_X509_CHAIN
+#ifdef WOLFSSL_SNIFFER
+    #define CYASSL_SNIFFER    WOLFSSL_SNIFFER
+#endif
+
+/* redeclare guard */
+#define CYASSL_TYPES_DEFINED WOLFSSL_TYPES_DEFINED
+
+/* legacy defines */
+#define yasslIP          wolfSSLIP                                         /**/
+#define yasslPort        wolfSSLPort                                       /**/
+
+/* cyassl/ssl.h (structs) */
+#define CYASSL_RSA                WOLFSSL_RSA
+#define CYASSL_DSA                WOLFSSL_DSA
+#define CYASSL_BIO                WOLFSSL_BIO
+#define CYASSL_CIPHER             WOLFSSL_CIPHER
+#define CYASSL_MD4_CTX            WOLFSSL_MD4_CTX
+#define CYASSL_MFL_2_9            WOLFSSL_MFL_2_9                          /**/
+#define CYASSL_MFL_2_13           WOLFSSL_MFL_2_13                         /**/
+#define CYASSL_EVP_PKEY           WOLFSSL_EVP_PKEY
+#define CYASSL_X509_CRL           WOLFSSL_X509_CRL
+#define CYASSL_ASN1_TIME          WOLFSSL_ASN1_TIME
+#define CYASSL_BIO_METHOD         WOLFSSL_BIO_METHOD
+#define CYASSL_X509_STORE         WOLFSSL_X509_STORE
+#define CYASSL_X509_OBJECT        WOLFSSL_X509_OBJECT
+#define CYASSL_X509_LOOKUP        WOLFSSL_X509_LOOKUP
+#define CYASSL_ASN1_OBJECT        WOLFSSL_ASN1_OBJECT
+#define CYASSL_ASN1_STRING        WOLFSSL_ASN1_STRING
+#define CYASSL_COMP_METHOD        WOLFSSL_COMP_METHOD
+#define CYASSL_CRL_CHECKALL       WOLFSSL_CRL_CHECKALL
+#define CYASSL_ASN1_INTEGER       WOLFSSL_ASN1_INTEGER
+#define CYASSL_X509_REVOKED       WOLFSSL_X509_REVOKED
+#define CYASSL_dynlock_value      WOLFSSL_dynlock_value
+#define CYASSL_X509_EXTENSION     WOLFSSL_X509_EXTENSION
+#define CYASSL_X509_STORE_CTX     WOLFSSL_X509_STORE_CTX
+#define CYASSL_X509_LOOKUP_METHOD WOLFSSL_X509_LOOKUP_METHOD
+
+#define CyaSSL_LoadCRL            wolfSSL_LoadCRL
+#define CyaSSL_EnableCRL          wolfSSL_EnableCRL
+#define CyaSSL_SetCRL_Cb          wolfSSL_SetCRL_Cb
+
+/* cyassl/test.h */
+#ifdef CyaSSL_TEST_H
+    #define CYASSL_THREAD         WOLFSSL_THREAD
+#endif
+
+/* src/ssl.c */
+#define CYASSL_CRL                       WOLFSSL_CRL
+#define CYASSL_SSLV3                     WOLFSSL_SSLV3
+#define CYASSL_TLSV1                     WOLFSSL_TLSV1
+#define CYASSL_TLSV1_1                   WOLFSSL_TLSV1_1
+#define CYASSL_TLSV1_2                   WOLFSSL_TLSV1_2
+#define CYASSL_USER_CA                   WOLFSSL_USER_CA
+#define CYASSL_CLIENT_END                WOLFSSL_CLIENT_END
+#define CYASSL_CERT_MANAGER              WOLFSSL_CERT_MANAGER
+#define MAX_CYASSL_FILE_SIZE             MAX_WOLFSSL_FILE_SIZE
+
+#define CyaSSL_get_cipher                wolfSSL_get_cipher
+#define CyaSSL_get_ciphers               wolfSSL_get_ciphers
+#define CyaSSL_KeyPemToDer               wolfSSL_KeyPemToDer
+#define CyaSSL_get_version               wolfSSL_get_version
+#define CyaSSL_SetServerID               wolfSSL_SetServerID
+#define CyaSSL_use_old_poly              wolfSSL_use_old_poly
+#define CyaSSL_SetCertCbCtx              wolfSSL_SetCertCbCtx
+#define CyaSSL_CertPemToDer              wolfSSL_CertPemToDer
+#define CyaSSL_get_shutdown              wolfSSL_get_shutdown
+#define CyaSSL_SetMinVersion             wolfSSL_SetMinVersion
+#define CyaSSL_CTX_UnloadCAs             wolfSSL_CTX_UnloadCAs
+#define CyaSSL_session_reused            wolfSSL_session_reused
+#define CyaSSL_UnloadCertsKeys           wolfSSL_UnloadCertsKeys
+#define CyaSSL_CIPHER_get_name           wolfSSL_CIPHER_get_name
+#define CyaSSL_is_init_finished          wolfSSL_is_init_finished
+#define CyaSSL_get_alert_history         wolfSSL_get_alert_history
+#define CyaSSL_get_current_cipher        wolfSSL_get_current_cipher
+#define CyaSSL_CertManagerUnloadCAs      wolfSSL_CertManagerUnloadCAs
+#define CyaSSL_CertManagerEnableOCSP     wolfSSL_CertManagerEnableOCSP
+#define CyaSSL_CTX_check_private_key     wolfSSL_CTX_check_private_key
+#define CyaSSL_CertManagerDisableOCSP    wolfSSL_CertManagerDisableOCSP
+#define CyaSSL_get_current_cipher_suite  wolfSSL_get_current_cipher_suite
+#define CyaSSL_CTX_load_verify_locations wolfSSL_CTX_load_verify_locations
+#define CyaSSL_CTX_set_default_passwd_cb wolfSSL_CTX_set_default_passwd_cb
+
+#define CyaSSL_save_session_cache        wolfSSL_save_session_cache
+#define CyaSSL_restore_session_cache     wolfSSL_restore_session_cache
+#define CyaSSL_memsave_session_cache     wolfSSL_memsave_session_cache
+#define CyaSSL_memrestore_session_cache  wolfSSL_memrestore_session_cache
+#define CyaSSL_get_session_cache_memsize wolfSSL_get_session_cache_memsize
+
+/* certificate cache persistence, uses ctx since certs are per ctx */
+#define CyaSSL_CTX_save_cert_cache        wolfSSL_CTX_save_cert_cache
+#define CyaSSL_CTX_restore_cert_cache     wolfSSL_CTX_restore_cert_cache
+#define CyaSSL_CTX_memsave_cert_cache     wolfSSL_CTX_memsave_cert_cache
+#define CyaSSL_CTX_memrestore_cert_cache  wolfSSL_CTX_memrestore_cert_cache
+#define CyaSSL_CTX_get_cert_cache_memsize wolfSSL_CTX_get_cert_cache_memsize
+
+/* wolfSSL extensions */
+/* get wolfSSL peer X509_CHAIN */
+#define CyaSSL_get_chain_count wolfSSL_get_chain_count
+/* index cert length */
+#define CyaSSL_get_chain_length wolfSSL_get_chain_length
+/* index cert in X509 */
+#define CyaSSL_get_chain_X509 wolfSSL_get_chain_X509
+/* free X509 */
+#define CyaSSL_FreeX509 wolfSSL_FreeX509
+/* get index cert in PEM */
+#define CyaSSL_X509_get_subjectCN wolfSSL_X509_get_subjectCN
+#define CyaSSL_X509_get_der       wolfSSL_X509_get_der
+#define CyaSSL_X509_notBefore     wolfSSL_X509_notBefore
+#define CyaSSL_X509_notAfter      wolfSSL_X509_notAfter
+#define CyaSSL_X509_version       wolfSSL_X509_version
+
+#define CyaSSL_cmp_peer_cert_to_file wolfSSL_cmp_peer_cert_to_file
+
+#define CyaSSL_X509_get_next_altname wolfSSL_X509_get_next_altname
+
+#define CyaSSL_X509_d2i wolfSSL_X509_d2i
+#ifndef NO_FILESYSTEM
+    #ifndef NO_STDIO_FILESYSTEM
+        #define CyaSSL_X509_d2i_fp wolfSSL_X509_d2i_fp
+    #endif
+#define CyaSSL_X509_load_certificate_file wolfSSL_X509_load_certificate_file
+#endif
+
+#ifdef WOLFSSL_SEP
+#define CyaSSL_X509_get_device_type      wolfSSL_X509_get_device_type
+#define CyaSSL_X509_get_hw_type          wolfSSL_X509_get_hw_type
+#define CyaSSL_X509_get_hw_serial_number wolfSSL_X509_get_hw_serial_number
+#endif
+
+#define CyaSSL_CTX_SetGenCookie wolfSSL_CTX_SetGenCookie
+#define CyaSSL_SetCookieCtx     wolfSSL_SetCookieCtx
+#define CyaSSL_GetCookieCtx     wolfSSL_GetCookieCtx
+#define CyaSSL_ERR_get_error_line_data wolfSSL_ERR_get_error_line_data
+#define CyaSSL_ERR_get_error           wolfSSL_ERR_get_error
+#define CyaSSL_ERR_clear_error         wolfSSL_ERR_clear_error
+#define CyaSSL_RAND_status             wolfSSL_RAND_status
+#define CyaSSL_RAND_bytes              wolfSSL_RAND_bytes
+#define CyaSSL_CTX_set_options         wolfSSL_CTX_set_options
+#define CyaSSL_ERR_free_strings        wolfSSL_ERR_free_strings
+#define CyaSSL_ERR_remove_state        wolfSSL_ERR_remove_state
+#define CyaSSL_EVP_cleanup             wolfSSL_EVP_cleanup
+#define CyaSSL_cleanup_all_ex_data     wolfSSL_cleanup_all_ex_data
+#define CyaSSL_CTX_set_mode            wolfSSL_CTX_set_mode
+#define CyaSSL_CTX_get_mode            wolfSSL_CTX_get_mode
+#define CyaSSL_CTX_set_default_read_ahead   wolfSSL_CTX_set_default_read_ahead
+#define CyaSSL_CTX_sess_set_cache_size      wolfSSL_CTX_sess_set_cache_size
+#define CyaSSL_CTX_set_default_verify_paths wolfSSL_CTX_set_default_verify_paths
+#define CyaSSL_CTX_set_session_id_context   wolfSSL_CTX_set_session_id_context
+#define CyaSSL_get_peer_certificate         wolfSSL_get_peer_certificate
+#define CyaSSL_BIO_printf                   wolfSSL_BIO_printf
+#define CyaSSL_ASN1_UTCTIME_print           wolfSSL_ASN1_UTCTIME_print
+#define CyaSSL_sk_num                       wolfSSL_sk_num
+#define CyaSSL_sk_value                     wolfSSL_sk_value
+
+/* stunnel 4.28 needs */
+#define CyaSSL_CTX_get_ex_data        wolfSSL_CTX_get_ex_data
+#define CyaSSL_CTX_set_ex_data        wolfSSL_CTX_set_ex_data
+#define CyaSSL_CTX_sess_set_get_cb    wolfSSL_CTX_sess_set_get_cb
+#define CyaSSL_CTX_sess_set_new_cb    wolfSSL_CTX_sess_set_new_cb
+#define CyaSSL_CTX_sess_set_remove_cb wolfSSL_CTX_sess_set_remove_cb
+
+#define CyaSSL_i2d_SSL_SESSION wolfSSL_i2d_SSL_SESSION
+#define CyaSSL_d2i_SSL_SESSION wolfSSL_d2i_SSL_SESSION
+
+#define CyaSSL_SESSION_get_timeout  wolfSSL_SESSION_get_timeout
+#define CyaSSL_SESSION_get_time     wolfSSL_SESSION_get_time
+#define CyaSSL_CTX_get_ex_new_index wolfSSL_CTX_get_ex_new_index
+
+
+/* io.c */
+#define CYASSL_CBIO_ERR_ISR        WOLFSSL_CBIO_ERR_ISR
+#define CYASSL_CBIO_ERR_TIMEOUT    WOLFSSL_CBIO_ERR_TIMEOUT
+#define CYASSL_CBIO_ERR_GENERAL    WOLFSSL_CBIO_ERR_GENERAL
+#define CYASSL_CBIO_ERR_CONN_RST   WOLFSSL_CBIO_ERR_CONN_RST
+#define CYASSL_CBIO_ERR_WANT_READ  WOLFSSL_CBIO_ERR_WANT_READ
+#define CYASSL_CBIO_ERR_WANT_WRITE WOLFSSL_CBIO_ERR_WANT_WRITE
+#define CYASSL_CBIO_ERR_CONN_CLOSE WOLFSSL_CBIO_ERR_CONN_CLOSE
+
+#define CyaSSL_GetIOReadCtx        wolfSSL_GetIOReadCtx
+#define CyaSSL_GetIOWriteCtx       wolfSSL_GetIOWriteCtx
+
+/* src/tls.c */
+#define CYASSL_SERVER_END          WOLFSSL_SERVER_END
+#define CYASSL_TLS_HMAC_INNER_SZ   WOLFSSL_TLS_HMAC_INNER_SZ
+
+#define CyaSSL_DeriveTlsKeys       wolfSSL_DeriveTlsKeys
+#define CyaSSL_make_eap_keys       wolfSSL_make_eap_keys
+#define CyaSSL_MakeTlsMasterSecret wolfSSL_MakeTlsMasterSecret
+
+/* src/internal.c */
+#define CYASSL_CHAIN_CA                WOLFSSL_CHAIN_CA
+#define CYASSL_ALERT_HISTORY           WOLFSSL_ALERT_HISTORY
+#define CYASSL_SESSION_TIMEOUT         WOLFSSL_SESSION_TIMEOUT
+#define CYASSL_CBIO_ERR_CONN_RST       WOLFSSL_CBIO_ERR_CONN_RST
+
+#define cyassl_rc4                     wolfssl_rc4
+#define cyassl_aes                     wolfssl_aes
+#define cyassl_chacha                  wolfssl_chacha
+#define CyaSSL_ERR_reason_error_string wolfSSL_ERR_reason_error_string
+
+#define CyaSSL_set_ex_data  wolfSSL_set_ex_data
+#define CyaSSL_get_shutdown wolfSSL_get_shutdown
+#define CyaSSL_set_rfd      wolfSSL_set_rfd
+#define CyaSSL_set_wfd      wolfSSL_set_wfd
+#define CyaSSL_set_shutdown wolfSSL_set_shutdown
+#define CyaSSL_set_session_id_context wolfSSL_set_session_id_context
+#define CyaSSL_set_connect_state      wolfSSL_set_connect_state
+#define CyaSSL_set_accept_state       wolfSSL_set_accept_state
+#define CyaSSL_session_reused         wolfSSL_session_reused
+#define CyaSSL_SESSION_free           wolfSSL_SESSION_free
+#define CyaSSL_is_init_finished       wolfSSL_is_init_finished
+
+#define CyaSSL_get_version              wolfSSL_get_version
+#define CyaSSL_get_current_cipher_suite wolfSSL_get_current_cipher_suite
+#define CyaSSL_get_current_cipher       wolfSSL_get_current_cipher
+#define CyaSSL_CIPHER_description       wolfSSL_CIPHER_description
+#define CyaSSL_CIPHER_get_name          wolfSSL_CIPHER_get_name
+#define CyaSSL_get_cipher               wolfSSL_get_cipher
+#define CyaSSL_get1_session             wolfSSL_get1_session
+
+#define CyaSSL_X509_free      wolfSSL_X509_free
+#define CyaSSL_OPENSSL_free   wolfSSL_OPENSSL_free
+#define CyaSSL_OCSP_parse_url wolfSSL_OCSP_parse_url
+
+#define CyaSSLv23_client_method wolfSSLv23_client_method
+#define CyaSSLv2_client_method  wolfSSLv2_client_method
+#define CyaSSLv2_server_method  wolfSSLv2_server_method
+
+#define CyaSSL_MD4_Init     wolfSSL_MD4_Init
+#define CyaSSL_MD4_Update   wolfSSL_MD4_Update
+#define CyaSSL_MD4_Final    wolfSSL_MD4_Final
+
+
+#define CyaSSL_BIO_new      wolfSSL_BIO_new
+#define CyaSSL_BIO_free     wolfSSL_BIO_free
+#define CyaSSL_BIO_free_all wolfSSL_BIO_free_all
+#define CyaSSL_BIO_read     wolfSSL_BIO_read
+#define CyaSSL_BIO_write    wolfSSL_BIO_write
+#define CyaSSL_BIO_push     wolfSSL_BIO_push
+#define CyaSSL_BIO_pop      wolfSSL_BIO_pop
+#define CyaSSL_BIO_flush    wolfSSL_BIO_flush
+#define CyaSSL_BIO_pending  wolfSSL_BIO_pending
+
+#define CyaSSL_BIO_f_buffer              wolfSSL_BIO_f_buffer
+#define CyaSSL_BIO_set_write_buffer_size wolfSSL_BIO_set_write_buffer_size
+#define CyaSSL_BIO_f_ssl                 wolfSSL_BIO_f_ssl
+#define CyaSSL_BIO_new_socket            wolfSSL_BIO_new_socket
+#define CyaSSL_BIO_eof                   wolfSSL_BIO_eof
+
+#define CyaSSL_BIO_s_mem        wolfSSL_BIO_s_mem
+#define CyaSSL_BIO_f_base64     wolfSSL_BIO_f_base64
+#define CyaSSL_BIO_set_flags    wolfSSL_BIO_set_flags
+#define CyaSSL_BIO_get_mem_data wolfSSL_BIO_get_mem_data
+#define CyaSSL_BIO_new_mem_buf  wolfSSL_BIO_new_mem_buf
+
+
+#define CyaSSL_BIO_set_ssl wolfSSL_BIO_set_ssl
+#define CyaSSL_set_bio     wolfSSL_set_bio
+
+#define CyaSSL_add_all_algorithms wolfSSL_add_all_algorithms
+#define CyaSSL_RAND_screen        wolfSSL_RAND_screen
+#define CyaSSL_RAND_file_name     wolfSSL_RAND_file_name
+#define CyaSSL_RAND_write_file    wolfSSL_RAND_write_file
+#define CyaSSL_RAND_load_file     wolfSSL_RAND_load_file
+#define CyaSSL_RAND_egd           wolfSSL_RAND_egd
+#define CyaSSL_RAND_seed          wolfSSL_RAND_seed
+#define CyaSSL_RAND_add           wolfSSL_RAND_add
+
+#define CyaSSL_COMP_zlib wolfSSL_COMP_zlib
+#define CyaSSL_COMP_rle  wolfSSL_COMP_rle
+#define CyaSSL_COMP_add_compression_method  wolfSSL_COMP_add_compression_method
+#define CyaSSL_set_dynlock_create_callback  wolfSSL_set_dynlock_create_callback
+#define CyaSSL_set_dynlock_lock_callback    wolfSSL_set_dynlock_lock_callback
+#define CyaSSL_set_dynlock_destroy_callback wolfSSL_set_dynlock_destroy_callback
+#define CyaSSL_get_ex_new_index     wolfSSL_get_ex_new_index
+#define CyaSSL_set_id_callback      wolfSSL_set_id_callback
+#define CyaSSL_set_locking_callback wolfSSL_set_locking_callback
+#define CyaSSL_num_locks            wolfSSL_num_locks
+
+#define CyaSSL_X509_STORE_CTX_get_current_cert wolfSSL_X509_STORE_CTX_get_current_cert
+#define CyaSSL_X509_STORE_CTX_get_error        wolfSSL_X509_STORE_CTX_get_error
+#define CyaSSL_X509_STORE_CTX_get_error_depth  wolfSSL_X509_STORE_CTX_get_error_depth
+
+#define CyaSSL_X509_NAME_oneline            wolfSSL_X509_NAME_oneline
+#define CyaSSL_X509_get_issuer_name         wolfSSL_X509_get_issuer_name
+#define CyaSSL_X509_get_subject_name        wolfSSL_X509_get_subject_name
+#define CyaSSL_X509_ext_isSet_by_NID        wolfSSL_X509_ext_isSet_by_NID
+#define CyaSSL_X509_ext_get_critical_by_NID wolfSSL_X509_ext_get_critical_by_NID
+#define CyaSSL_X509_get_isCA                wolfSSL_X509_get_isCA
+#define CyaSSL_X509_get_isSet_pathLength    wolfSSL_X509_get_isSet_pathLength
+#define CyaSSL_X509_get_pathLength          wolfSSL_X509_get_pathLength
+#define CyaSSL_X509_get_keyUsage            wolfSSL_X509_get_keyUsage
+#define CyaSSL_X509_get_authorityKeyID      wolfSSL_X509_get_authorityKeyID
+#define CyaSSL_X509_get_subjectKeyID        wolfSSL_X509_get_subjectKeyID
+#define CyaSSL_X509_NAME_entry_count        wolfSSL_X509_NAME_entry_count
+#define CyaSSL_X509_NAME_get_text_by_NID    wolfSSL_X509_NAME_get_text_by_NID
+#define CyaSSL_X509_verify_cert             wolfSSL_X509_verify_cert
+#define CyaSSL_X509_verify_cert_error_string wolfSSL_X509_verify_cert_error_string
+#define CyaSSL_X509_get_signature_type      wolfSSL_X509_get_signature_type
+#define CyaSSL_X509_get_signature           wolfSSL_X509_get_signature
+
+#define CyaSSL_X509_LOOKUP_add_dir   wolfSSL_X509_LOOKUP_add_dir
+#define CyaSSL_X509_LOOKUP_load_file wolfSSL_X509_LOOKUP_load_file
+#define CyaSSL_X509_LOOKUP_hash_dir  wolfSSL_X509_LOOKUP_hash_dir
+#define CyaSSL_X509_LOOKUP_file      wolfSSL_X509_LOOKUP_file
+
+#define CyaSSL_X509_STORE_add_lookup wolfSSL_X509_STORE_add_lookup
+#define CyaSSL_X509_STORE_new        wolfSSL_X509_STORE_new
+#define CyaSSL_X509_STORE_free       wolfSSL_X509_STORE_free
+#define CyaSSL_X509_STORE_add_cert   wolfSSL_X509_STORE_add_cert
+#define CyaSSL_X509_STORE_set_default_paths wolfSSL_X509_STORE_set_default_paths
+#define CyaSSL_X509_STORE_get_by_subject    wolfSSL_X509_STORE_get_by_subject
+#define CyaSSL_X509_STORE_CTX_new           wolfSSL_X509_STORE_CTX_new
+#define CyaSSL_X509_STORE_CTX_init          wolfSSL_X509_STORE_CTX_init
+#define CyaSSL_X509_STORE_CTX_free          wolfSSL_X509_STORE_CTX_free
+#define CyaSSL_X509_STORE_CTX_cleanup       wolfSSL_X509_STORE_CTX_cleanup
+
+#define CyaSSL_X509_CRL_get_lastUpdate wolfSSL_X509_CRL_get_lastUpdate
+#define CyaSSL_X509_CRL_get_nextUpdate wolfSSL_X509_CRL_get_nextUpdate
+
+#define CyaSSL_X509_get_pubkey wolfSSL_X509_get_pubkey
+#define CyaSSL_X509_CRL_verify wolfSSL_X509_CRL_verify
+#define CyaSSL_X509_STORE_CTX_set_error  wolfSSL_X509_STORE_CTX_set_error
+#define CyaSSL_X509_OBJECT_free_contents wolfSSL_X509_OBJECT_free_contents
+#define CyaSSL_EVP_PKEY_free             wolfSSL_EVP_PKEY_free
+#define CyaSSL_X509_cmp_current_time     wolfSSL_X509_cmp_current_time
+#define CyaSSL_sk_X509_REVOKED_num       wolfSSL_sk_X509_REVOKED_num
+
+#define CyaSSL_X509_CRL_get_REVOKED     wolfSSL_X509_CRL_get_REVOKED
+#define CyaSSL_sk_X509_REVOKED_value    wolfSSL_sk_X509_REVOKED_value
+#define CyaSSL_X509_get_serialNumber    wolfSSL_X509_get_serialNumber
+#define CyaSSL_ASN1_TIME_print          wolfSSL_ASN1_TIME_print
+#define CyaSSL_ASN1_INTEGER_cmp         wolfSSL_ASN1_INTEGER_cmp
+#define CyaSSL_ASN1_INTEGER_get         wolfSSL_ASN1_INTEGER_get
+#define CyaSSL_load_client_CA_file      wolfSSL_load_client_CA_file
+#define CyaSSL_CTX_set_client_CA_list   wolfSSL_CTX_set_client_CA_list
+#define CyaSSL_X509_STORE_CTX_get_ex_data     wolfSSL_X509_STORE_CTX_get_ex_data
+#define CyaSSL_get_ex_data_X509_STORE_CTX_idx wolfSSL_get_ex_data_X509_STORE_CTX_idx
+#define CyaSSL_get_ex_data                    wolfSSL_get_ex_data
+
+#define CyaSSL_CTX_set_default_passwd_cb_userdata wolfSSL_CTX_set_default_passwd_cb_userdata
+#define CyaSSL_CTX_set_default_passwd_cb          wolfSSL_CTX_set_default_passwd_cb
+#define CyaSSL_CTX_set_info_callback  wolfSSL_CTX_set_info_callback
+#define CyaSSL_ERR_peek_error         wolfSSL_ERR_peek_error
+#define CyaSSL_GET_REASON             wolfSSL_GET_REASON
+#define CyaSSL_alert_type_string_long wolfSSL_alert_type_string_long
+#define CyaSSL_alert_desc_string_long wolfSSL_alert_desc_string_long
+#define CyaSSL_state_string_long      wolfSSL_state_string_long
+
+#define CyaSSL_RSA_generate_key         wolfSSL_RSA_generate_key
+#define CyaSSL_CTX_set_tmp_rsa_callback wolfSSL_CTX_set_tmp_rsa_callback
+#define CyaSSL_PEM_def_callback         wolfSSL_PEM_def_callback
+#define CyaSSL_CTX_sess_accept          wolfSSL_CTX_sess_accept
+#define CyaSSL_CTX_sess_connect         wolfSSL_CTX_sess_connect
+#define CyaSSL_CTX_sess_accept_good     wolfSSL_CTX_sess_accept_good
+#define CyaSSL_CTX_sess_connect_good    wolfSSL_CTX_sess_connect_good
+#define CyaSSL_CTX_sess_accept_renegotiate  wolfSSL_CTX_sess_accept_renegotiate
+#define CyaSSL_CTX_sess_connect_renegotiate wolfSSL_CTX_sess_connect_renegotiate
+#define CyaSSL_CTX_sess_hits                wolfSSL_CTX_sess_hits
+#define CyaSSL_CTX_sess_cb_hits             wolfSSL_CTX_sess_cb_hits
+#define CyaSSL_CTX_sess_cache_full          wolfSSL_CTX_sess_cache_full
+#define CyaSSL_CTX_sess_misses              wolfSSL_CTX_sess_misses
+#define CyaSSL_CTX_sess_timeouts            wolfSSL_CTX_sess_timeouts
+#define CyaSSL_CTX_sess_number              wolfSSL_CTX_sess_number
+#define CyaSSL_CTX_sess_get_cache_size      wolfSSL_CTX_sess_get_cache_size
+
+
+
+/* src/keys.c */
+#define cyassl_triple_des wolfssl_triple_des
+
+/* Initialization and Shutdown */
+#define CyaSSL_Init         wolfSSL_Init
+#define CyaSSL_library_init wolfSSL_library_init
+#define CyaSSL_Cleanup      wolfSSL_Cleanup
+#define CyaSSL_shutdown     wolfSSL_shutdown
+
+/* Certs and keys */
+#define CyaSSL_SetTmpDH                     wolfSSL_SetTmpDH
+#define CyaSSL_KeepArrays                   wolfSSL_KeepArrays
+#define CyaSSL_FreeArrays                   wolfSSL_FreeArrays
+#define CyaSSL_SetTmpDH_file                wolfSSL_SetTmpDH_file
+#define CyaSSL_use_PrivateKey_buffer        wolfSSL_use_PrivateKey_buffer
+#define CyaSSL_use_certificate_buffer       wolfSSL_use_certificate_buffer
+#define CyaSSL_CTX_load_verify_buffer       wolfSSL_CTX_load_verify_buffer
+#define CyaSSL_CTX_use_PrivateKey_file      wolfSSL_CTX_use_PrivateKey_file
+#define CyaSSL_CTX_use_certificate_file     wolfSSL_CTX_use_certificate_file
+#define CyaSSL_CTX_use_PrivateKey_buffer    wolfSSL_CTX_use_PrivateKey_buffer
+#define CyaSSL_CTX_use_PrivateKey_buffer    wolfSSL_CTX_use_PrivateKey_buffer
+#define CyaSSL_CTX_use_certificate_buffer   wolfSSL_CTX_use_certificate_buffer
+#define CyaSSL_CTX_use_NTRUPrivateKey_file  wolfSSL_CTX_use_NTRUPrivateKey_file
+#define CyaSSL_use_certificate_chain_buffer wolfSSL_use_certificate_chain_buffer
+#define CyaSSL_CTX_der_load_verify_locations    \
+                                            wolfSSL_CTX_der_load_verify_locations
+#define CyaSSL_CTX_use_certificate_chain_file   \
+                                            wolfSSL_CTX_use_certificate_chain_file
+#define CyaSSL_CTX_use_certificate_chain_buffer \
+                                            wolfSSL_CTX_use_certificate_chain_buffer
+
+/* Context and Session Setup*/
+#define CyaSSL_new                        wolfSSL_new
+#define CyaSSL_free                       wolfSSL_free
+#define CyaSSL_set_fd                     wolfSSL_set_fd
+#define CyaSSL_CTX_new                    wolfSSL_CTX_new
+#define CyaSSL_CTX_free                   wolfSSL_CTX_free
+#define CyaSSL_SetVersion                 wolfSSL_SetVersion
+#define CyaSSL_set_verify                 wolfSSL_set_verify
+#define CyaSSL_set_session                wolfSSL_set_session
+#define CyaSSL_set_timeout                wolfSSL_set_timeout
+#define CyaSSL_CTX_set_verify             wolfSSL_CTX_set_verify
+#define CyaSSL_CTX_set_timeout            wolfSSL_CTX_set_timeout
+#define CyaSSL_set_cipher_list            wolfSSL_set_cipher_list
+#define CyaSSL_set_compression            wolfSSL_set_compression
+#define CyaTLSv1_client_method            wolfTLSv1_client_method
+#define CyaTLSv1_server_method            wolfTLSv1_server_method
+#define CyaSSLv3_client_method            wolfSSLv3_client_method
+#define CyaSSLv3_server_method            wolfSSLv3_server_method
+#define CyaSSLv23_client_method           wolfSSLv23_client_method
+#define CyaSSLv23_server_method           wolfSSLv23_server_method
+#define CyaDTLSv1_client_method           wolfDTLSv1_client_method
+#define CyaDTLSv1_server_method           wolfDTLSv1_server_method
+#define CyaSSL_check_domain_name          wolfSSL_check_domain_name
+#define CyaTLSv1_1_client_method          wolfTLSv1_1_client_method
+#define CyaTLSv1_1_server_method          wolfTLSv1_1_server_method
+#define CyaTLSv1_2_client_method          wolfTLSv1_2_client_method
+#define CyaTLSv1_2_server_method          wolfTLSv1_2_server_method
+#define CyaDTLSv1_2_client_method         wolfDTLSv1_2_client_method
+#define CyaDTLSv1_2_server_method         wolfDTLSv1_2_server_method
+#define CyaSSL_set_group_messages         wolfSSL_set_group_messages
+#define CyaSSL_set_using_nonblock         wolfSSL_set_using_nonblock
+#define CyaSSL_CTX_set_cipher_list        wolfSSL_CTX_set_cipher_list
+#define CyaSSL_CTX_set_group_messages     wolfSSL_CTX_set_group_messages
+#define CyaSSL_CTX_set_session_cache_mode wolfSSL_CTX_set_session_cache_mode
+
+/* Callbacks */
+
+/* 
+ * Empty commment denotes not listed in CyaSSL Manual
+ * (soon to be wolfSSL Manual) 
+ */
+
+#define CyaSSL_accept_ex              wolfSSL_accept_ex
+#define CyaSSL_SetIORecv              wolfSSL_SetIORecv
+#define CyaSSL_SetIOSend              wolfSSL_SetIOSend
+#define CyaSSL_connect_ex             wolfSSL_connect_ex
+#define CyaSSL_CTX_SetCACb            wolfSSL_CTX_SetCACb
+#define CyaSSL_SetIOReadCtx           wolfSSL_SetIOReadCtx
+#define CyaSSL_SetRsaEncCtx           wolfSSL_SetRsaEncCtx
+#define CyaSSL_GetRsaEncCtx           wolfSSL_GetRsaEncCtx
+#define CyaSSL_SetRsaDecCtx           wolfSSL_SetRsaDecCtx
+#define CyaSSL_GetRsaDecCtx           wolfSSL_GetRsaDecCtx
+#define CyaSSL_SetLoggingCb           wolfSSL_SetLoggingCb
+#define CyaSSL_SetEccSignCtx          wolfSSL_SetEccSignCtx
+#define CyaSSL_GetEccSignCtx          wolfSSL_GetEccSignCtx
+#define CyaSSL_SetRsaSignCtx          wolfSSL_SetRsaSignCtx
+#define CyaSSL_GetRsaSignCtx          wolfSSL_GetRsaSignCtx
+#define CyaSSL_SetIOWriteCtx          wolfSSL_SetIOWriteCtx
+#define CyaSSL_SetIOReadFlags         wolfSSL_SetIOReadFlags
+#define CyaSSL_SetEccVerifyCtx        wolfSSL_SetEccVerifyCtx
+#define CyaSSL_GetEccVerifyCtx        wolfSSL_GetEccVerifyCtx
+#define CyaSSL_SetRsaVerifyCtx        wolfSSL_SetRsaVerifyCtx
+#define CyaSSL_GetRsaVerifyCtx        wolfSSL_GetRsaVerifyCtx
+#define CyaSSL_CTX_SetRsaEncCb        wolfSSL_CTX_SetRsaEncCb
+#define CyaSSL_CTX_SetRsaDecCb        wolfSSL_CTX_SetRsaDecCb
+#define CyaSSL_SetIOWriteFlags        wolfSSL_SetIOWriteFlags
+#define CyaSSL_SetTlsHmacInner        wolfSSL_SetTlsHmacInner
+#define CyaSSL_SetMacEncryptCtx       wolfSSL_SetMacEncryptCtx
+#define CyaSSL_GetMacEncryptCtx       wolfSSL_GetMacEncryptCtx
+#define CyaSSL_CTX_SetEccSignCb       wolfSSL_CTX_SetEccSignCb
+#define CyaSSL_CTX_SetRsaSignCb       wolfSSL_CTX_SetRsaSignCb
+#define CyaSSL_CTX_SetEccVerifyCb     wolfSSL_CTX_SetEccVerifyCb
+#define CyaSSL_CTX_SetRsaVerifyCb     wolfSSL_CTX_SetRsaVerifyCb
+#define CyaSSL_CTX_SetMacEncryptCb    wolfSSL_CTX_SetMacEncryptCb
+#define CyaSSL_SetDecryptVerifyCtx    wolfSSL_SetDecryptVerifyCtx
+#define CyaSSL_GetDecryptVerifyCtx    wolfSSL_GetDecryptVerifyCtx
+#define CyaSSL_CTX_SetDecryptVerifyCb wolfSSL_CTX_SetDecryptVerifyCb
+
+/* psk specific */
+#ifndef NO_PSK
+
+#define CyaSSL_get_psk_identity          wolfSSL_get_psk_identity          /**/
+#define CyaSSL_get_psk_identity_hint     wolfSSL_get_psk_identity_hint     /**/
+#define CyaSSL_use_psk_identity_hint     wolfSSL_use_psk_identity_hint     /**/
+#define CyaSSL_set_psk_client_callback   wolfSSL_set_psk_client_callback   /**/
+#define CyaSSL_set_psk_server_callback   wolfSSL_set_psk_server_callback   /**/
+#define CyaSSL_CTX_use_psk_identity_hint wolfSSL_CTX_use_psk_identity_hint /**/
+#define CyaSSL_CTX_set_psk_client_callback \
+                                      wolfSSL_CTX_set_psk_client_callback  /**/
+#define CyaSSL_CTX_set_psk_server_callback \
+                                      wolfSSL_CTX_set_psk_server_callback  /**/
+
+#endif
+/* end psk specific */
+
+/* Anonymous */
+#define CyaSSL_CTX_allow_anon_cipher wolfSSL_CTX_allow_anon_cipher         /**/
+
+/* Error Handling and Debugging*/
+#define CyaSSL_get_error           wolfSSL_get_error
+#define CyaSSL_want_read           wolfSSL_want_read
+#define CyaSSL_want_write          wolfSSL_want_write
+#define CyaSSL_Debugging_ON        wolfSSL_Debugging_ON
+#define CyaSSL_Debugging_OFF       wolfSSL_Debugging_OFF
+#define CyaSSL_ERR_error_string    wolfSSL_ERR_error_string
+#define CyaSSL_load_error_strings  wolfSSL_load_error_strings
+#define CyaSSL_ERR_error_string_n  wolfSSL_ERR_error_string_n
+#define CyaSSL_ERR_print_errors_fp wolfSSL_ERR_print_errors_fp
+
+/* OCSP and CRL */
+
+/* 
+ * Empty commment denotes not listed in CyaSSL Manual
+ * (soon to be wolfSSL Manual) 
+ */
+
+#define CYASSL_CRL_MONITOR               WOLFSSL_CRL_MONITOR               /**/
+#define CYASSL_CRL_START_MON             WOLFSSL_CRL_START_MON             /**/
+#define CYASSL_OCSP_NO_NONCE             WOLFSSL_OCSP_NO_NONCE             /**/
+#define CYASSL_OCSP_URL_OVERRIDE         WOLFSSL_OCSP_URL_OVERRIDE
+
+#define CyaSSL_CTX_EnableOCSP            wolfSSL_CTX_EnableOCSP
+#define CyaSSL_CTX_OCSP_set_options      wolfSSL_CTX_OCSP_set_options      /**/
+#define CyaSSL_CTX_SetOCSP_OverrideURL   wolfSSL_CTX_SetOCSP_OverrideURL   /**/
+#define CyaSSL_CTX_OCSP_set_override_url wolfSSL_CTX_OCSP_set_override_url /**/
+
+/* Informational */
+#define CyaSSL_GetSide            wolfSSL_GetSide
+#define CyaSSL_IsTLSv1_1          wolfSSL_IsTLSv1_1
+#define CyaSSL_GetKeySize         wolfSSL_GetKeySize
+#define CyaSSL_GetHmacSize        wolfSSL_GetHmacSize
+#define CyaSSL_GetHmacType        wolfSSL_GetHmacType
+#define CyaSSL_GetMacSecret       wolfSSL_GetMacSecret
+#define CyaSSL_GetObjectSize      wolfSSL_GetObjectSize
+#define CyaSSL_GetBulkCipher      wolfSSL_GetBulkCipher
+#define CyaSSL_GetCipherType      wolfSSL_GetCipherType
+#define CyaSSL_GetAeadMacSize     wolfSSL_GetAeadMacSize
+#define CyaSSL_GetClientWriteIV   wolfSSL_GetClientWriteIV
+#define CyaSSL_GetServerWriteIV   wolfSSL_GetServerWriteIV
+#define CyaSSL_GetClientWriteKey  wolfSSL_GetClientWriteKey
+#define CyaSSL_GetServerWriteKey  wolfSSL_GetServerWriteKey
+#define CyaSSL_GetCipherBlockSize wolfSSL_GetCipherBlockSize
+
+/* Connection, Session, and I/O */
+#define CyaSSL_peek               wolfSSL_peek
+#define CyaSSL_read               wolfSSL_read
+#define CyaSSL_recv               wolfSSL_recv
+#define CyaSSL_send               wolfSSL_send
+#define CyaSSL_write              wolfSSL_write
+#define CyaSSL_writev             wolfSSL_writev
+#define CyaSSL_accept             wolfSSL_accept
+#define CyaSSL_get_fd             wolfSSL_get_fd
+#define CyaSSL_connect            wolfSSL_connect
+#define CyaSSL_pending            wolfSSL_pending
+#define CyaSSL_negotiate          wolfSSL_negotiate
+#define CyaSSL_get_session        wolfSSL_get_session
+#define CyaSSL_connect_cert       wolfSSL_connect_cert
+#define CyaSSL_flush_sessions     wolfSSL_flush_sessions
+#define CyaSSL_get_using_nonblock wolfSSL_get_using_nonblock
+
+/* DTLS Specific */
+#define CyaSSL_dtls                     wolfSSL_dtls
+#define CyaSSL_dtls_set_peer            wolfSSL_dtls_set_peer
+#define CyaSSL_dtls_get_peer            wolfSSL_dtls_get_peer
+#define CyaSSL_dtls_got_timeout         wolfSSL_dtls_got_timeout
+#define CyaSSL_dtls_get_current_timeout wolfSSL_dtls_get_current_timeout
+
+/* Certificate Manager */
+#define CyaSSL_CertManagerNew          wolfSSL_CertManagerNew
+#define CyaSSL_CertManagerFree         wolfSSL_CertManagerFree
+#define CyaSSL_CertManagerLoadCA       wolfSSL_CertManagerLoadCA
+#define CyaSSL_CertManagerVerify       wolfSSL_CertManagerVerify
+#define CyaSSL_CertManagerEnableCRL    wolfSSL_CertManagerEnableCRL
+#define CyaSSL_CertManagerDisableCRL   wolfSSL_CertManagerDisableCRL
+#define CyaSSL_CertManagerVerifyBuffer wolfSSL_CertManagerVerifyBuffer
+#ifndef NO_CERTS
+	#define CyaSSL_CertManagerCheckCRL   wolfSSL_CertManagerCheckCRL
+	#define CyaSSL_CertManagerLoadCRL    wolfSSL_CertManagerLoadCRL
+	#define CyaSSL_CertManagerSetCRL_Cb  wolfSSL_CertManagerSetCRL_Cb
+	#define CyaSSL_CertManagerCheckOCSP  wolfSSL_CertManagerCheckOCSP
+	#define CyaSSL_CertManagerSetOCSP_Cb wolfSSL_CertManagerSetOCSP_Cb
+	#define CyaSSL_CertManagerSetOCSPOverrideURL \
+                                          wolfSSL_CertManagerSetOCSPOverrideURL
+
+	#define CyaSSL_DisableCRL          wolfSSL_DisableCRL
+	#define CyaSSL_EnableOCSP          wolfSSL_EnableOCSP
+	#define CyaSSL_DisableOCSP         wolfSSL_DisableOCSP
+	#define CyaSSL_SetOCSP_OverrideURL wolfSSL_SetOCSP_OverrideURL
+	#define CyaSSL_SetOCSP_Cb          wolfSSL_SetOCSP_Cb
+
+	#define CyaSSL_CTX_EnableCRL   wolfSSL_CTX_EnableCRL
+	#define CyaSSL_CTX_DisableCRL  wolfSSL_CTX_DisableCRL
+	#define CyaSSL_CTX_LoadCRL     wolfSSL_CTX_LoadCRL
+	#define CyaSSL_CTX_SetCRL_Cb   wolfSSL_CTX_SetCRL_Cb
+	#define CyaSSL_CTX_DisableOCSP wolfSSL_CTX_DisableOCSP
+	#define CyaSSL_CTX_SetOCSP_Cb  wolfSSL_CTX_SetOCSP_Cb
+#endif /* !NO_CERTS */
+
+
+/* OpenSSL Compatibility Layer */
+#define CyaSSL_PemCertToDer               wolfSSL_PemCertToDer
+#define CyaSSL_get_sessionID              wolfSSL_get_sessionID
+#define CyaSSL_get_peer_count             wolfSSL_get_peer_count
+#define CyaSSL_get_chain_cert             wolfSSL_get_chain_cert
+#define CyaSSL_get_peer_chain             wolfSSL_get_peer_chain
+#define CyaSSL_get_peer_length            wolfSSL_get_peer_length
+#define CyaSSL_get_chain_cert_pem         wolfSSL_get_chain_cert_pem
+#define CyaSSL_use_PrivateKey_file        wolfSSL_use_PrivateKey_file
+#define CyaSSL_use_certificate_file       wolfSSL_use_certificate_file
+#define CyaSSL_use_RSAPrivateKey_file     wolfSSL_use_RSAPrivateKey_file
+#define CyaSSL_X509_get_serial_number     wolfSSL_X509_get_serial_number
+#define CyaSSL_CTX_use_RSAPrivateKey_file wolfSSL_CTX_use_RSAPrivateKey_file
+#define CyaSSL_use_certificate_chain_file wolfSSL_use_certificate_chain_file
+
+/* TLS Extensions */
+#define CYASSL_SNI_HOST_NAME         WOLFSSL_SNI_HOST_NAME
+
+#define CyaSSL_UseSNI                wolfSSL_UseSNI
+#define CyaSSL_CTX_UseSNI            wolfSSL_CTX_UseSNI
+#define CyaSSL_SNI_SetOptions        wolfSSL_SNI_SetOptions
+#define CyaSSL_SNI_GetRequest        wolfSSL_SNI_GetRequest
+#define CyaSSL_UseMaxFragment        wolfSSL_UseMaxFragment
+#define CyaSSL_UseTruncatedHMAC      wolfSSL_UseTruncatedHMAC
+#define CyaSSL_UseSupportedCurve     wolfSSL_UseSupportedCurve
+#define CyaSSL_SNI_GetFromBuffer     wolfSSL_SNI_GetFromBuffer
+#define CyaSSL_CTX_SNI_SetOptions    wolfSSL_CTX_SNI_SetOptions
+#define CyaSSL_CTX_UseMaxFragment    wolfSSL_CTX_UseMaxFragment
+#define CyaSSL_CTX_UseTruncatedHMAC  wolfSSL_CTX_UseTruncatedHMAC
+#define CyaSSL_CTX_UseSupportedCurve wolfSSL_CTX_UseSupportedCurve
+
+/* End wolfssl -> cyassl -> openssl compatibility */
+
+/* JRB macro redefinitions and api calls for cryptography for reverse compat. */
+
+#ifdef WOLFSSL_SMALL_STACK
+    #define CYASSL_SMALL_STACK
+#endif
+
+
+/*
+ * wrapper around macros until they are changed in cyassl code
+ * needs investigation in regards to macros in fips
+ */
+#define NO_WOLFSSL_ALLOC_ALIGN NO_CYASSL_ALLOC_ALIGN /* @TODO */
+
+
+/* examples/client/client.h */
+#define CYASSL_THREAD WOLFSSL_THREAD
+#ifdef WOLFSSL_DTLS
+    #define CYASSL_DTLS   WOLFSSL_DTLS
+#endif
+
+/* examples/client/client.c */
+#define LIBCYASSL_VERSION_STRING LIBWOLFSSL_VERSION_STRING
+
+#ifdef __cplusplus
+    } /* extern "C" */
+#endif
+
+
+#endif /* CyaSSL_openssl_h__ */
diff --git a/3P/wolfssl/cyassl/test.h b/3P/wolfssl/cyassl/test.h
new file mode 100644
index 00000000..428b141b
--- /dev/null
+++ b/3P/wolfssl/cyassl/test.h
@@ -0,0 +1,3 @@
+/* test.h */
+
+#include 
diff --git a/3P/wolfssl/cyassl/version.h b/3P/wolfssl/cyassl/version.h
new file mode 100644
index 00000000..79bcc179
--- /dev/null
+++ b/3P/wolfssl/cyassl/version.h
@@ -0,0 +1,26 @@
+/* cyassl/version.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+#include 
+
+#define LIBCYASSL_VERSION_STRING LIBWOLFSSL_VERSION_STRING
+#define LIBCYASSL_VERSION_HEX LIBWOLFSSL_VERSION_HEX
+
diff --git a/3P/wolfssl/doc/README.txt b/3P/wolfssl/doc/README.txt
new file mode 100644
index 00000000..e9698940
--- /dev/null
+++ b/3P/wolfssl/doc/README.txt
@@ -0,0 +1,3 @@
+The wolfSSL manual is available at:
+http://www.wolfssl.com/documentation/wolfSSL-Manual.pdf
+
diff --git a/3P/wolfssl/doc/include.am b/3P/wolfssl/doc/include.am
new file mode 100644
index 00000000..5bef623a
--- /dev/null
+++ b/3P/wolfssl/doc/include.am
@@ -0,0 +1,5 @@
+# vim:ft=automake
+# included from Top Level Makefile.am
+# All paths should be given relative to the root
+
+dist_doc_DATA+= doc/README.txt
diff --git a/3P/wolfssl/examples/client/client-ntru.vcproj b/3P/wolfssl/examples/client/client-ntru.vcproj
new file mode 100755
index 00000000..c8910039
--- /dev/null
+++ b/3P/wolfssl/examples/client/client-ntru.vcproj
@@ -0,0 +1,199 @@
+
+
+	
+		
+	
+	
+	
+	
+		
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+		
+		
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+		
+	
+	
+	
+	
+		
+			
+			
+		
+		
+		
+		
+		
+	
+	
+	
+
diff --git a/3P/wolfssl/examples/client/client.c b/3P/wolfssl/examples/client/client.c
new file mode 100644
index 00000000..9fa77d09
--- /dev/null
+++ b/3P/wolfssl/examples/client/client.c
@@ -0,0 +1,995 @@
+/* client.c
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+#ifdef HAVE_CONFIG_H
+        #include 
+#endif
+
+#include 
+
+#if defined(WOLFSSL_MDK_ARM)
+        #include 
+        #include 
+
+        #if defined(WOLFSSL_MDK5)
+            #include "cmsis_os.h"
+            #include "rl_fs.h" 
+            #include "rl_net.h" 
+        #else
+            #include "rtl.h"
+        #endif
+
+        #include "wolfssl_MDK_ARM.h"
+#endif
+
+#include 
+
+#if !defined(WOLFSSL_TRACK_MEMORY) && !defined(NO_MAIN_DRIVER)
+    /* in case memory tracker wants stats */
+    #define WOLFSSL_TRACK_MEMORY
+#endif
+
+#include 
+
+#include 
+
+#include "examples/client/client.h"
+
+
+#ifdef WOLFSSL_CALLBACKS
+    int handShakeCB(HandShakeInfo*);
+    int timeoutCB(TimeoutInfo*);
+    Timeval timeout;
+#endif
+
+#ifdef HAVE_SESSION_TICKET
+    int sessionTicketCB(WOLFSSL*, const unsigned char*, int, void*);
+#endif
+
+
+static void NonBlockingSSL_Connect(WOLFSSL* ssl)
+{
+#ifndef WOLFSSL_CALLBACKS
+    int ret = wolfSSL_connect(ssl);
+#else
+    int ret = wolfSSL_connect_ex(ssl, handShakeCB, timeoutCB, timeout);
+#endif
+    int error = wolfSSL_get_error(ssl, 0);
+    SOCKET_T sockfd = (SOCKET_T)wolfSSL_get_fd(ssl);
+    int select_ret;
+
+    while (ret != SSL_SUCCESS && (error == SSL_ERROR_WANT_READ ||
+                                  error == SSL_ERROR_WANT_WRITE)) {
+        int currTimeout = 1;
+
+        if (error == SSL_ERROR_WANT_READ)
+            printf("... client would read block\n");
+        else
+            printf("... client would write block\n");
+
+#ifdef WOLFSSL_DTLS
+        currTimeout = wolfSSL_dtls_get_current_timeout(ssl);
+#endif
+        select_ret = tcp_select(sockfd, currTimeout);
+
+        if ((select_ret == TEST_RECV_READY) ||
+                                        (select_ret == TEST_ERROR_READY)) {
+            #ifndef WOLFSSL_CALLBACKS
+                    ret = wolfSSL_connect(ssl);
+            #else
+                ret = wolfSSL_connect_ex(ssl,handShakeCB,timeoutCB,timeout);
+            #endif
+            error = wolfSSL_get_error(ssl, 0);
+        }
+        else if (select_ret == TEST_TIMEOUT && !wolfSSL_dtls(ssl)) {
+            error = SSL_ERROR_WANT_READ;
+        }
+#ifdef WOLFSSL_DTLS
+        else if (select_ret == TEST_TIMEOUT && wolfSSL_dtls(ssl) &&
+                                            wolfSSL_dtls_got_timeout(ssl) >= 0) {
+            error = SSL_ERROR_WANT_READ;
+        }
+#endif
+        else {
+            error = SSL_FATAL_ERROR;
+        }
+    }
+    if (ret != SSL_SUCCESS)
+        err_sys("SSL_connect failed");
+}
+
+
+static void Usage(void)
+{
+    printf("client "    LIBWOLFSSL_VERSION_STRING
+           " NOTE: All files relative to wolfSSL home dir\n");
+    printf("-?          Help, print this usage\n");
+    printf("-h    Host to connect to, default %s\n", yasslIP);
+    printf("-p     Port to connect on, not 0, default %d\n", yasslPort);
+    printf("-v     SSL version [0-3], SSLv3(0) - TLS1.2(3)), default %d\n",
+                                 CLIENT_DEFAULT_VERSION);
+    printf("-l     Cipher list\n");
+    printf("-c    Certificate file,           default %s\n", cliCert);
+    printf("-k    Key file,                   default %s\n", cliKey);
+    printf("-A    Certificate Authority file, default %s\n", caCert);
+    printf("-b     Benchmark  connections and print stats\n");
+    printf("-s          Use pre Shared keys\n");
+    printf("-t          Track wolfSSL memory use\n");
+    printf("-d          Disable peer checks\n");
+    printf("-D          Override Date Errors example\n");
+    printf("-g          Send server HTTP GET\n");
+    printf("-u          Use UDP DTLS,"
+           " add -v 2 for DTLSv1 (default), -v 3 for DTLSv1.2\n");
+    printf("-m          Match domain name in cert\n");
+    printf("-N          Use Non-blocking sockets\n");
+    printf("-r          Resume session\n");
+    printf("-w          Wait for bidirectional shutdown\n");
+#ifdef HAVE_SECURE_RENEGOTIATION
+    printf("-R          Allow Secure Renegotiation\n");
+    printf("-i          Force client Initiated Secure Renegotiation\n");
+#endif
+    printf("-f          Fewer packets/group messages\n");
+    printf("-x          Disable client cert/key loading\n");
+#ifdef SHOW_SIZES
+    printf("-z          Print structure sizes\n");
+#endif
+#ifdef HAVE_SNI
+    printf("-S     Use Host Name Indication\n");
+#endif
+#ifdef HAVE_MAX_FRAGMENT
+    printf("-L     Use Maximum Fragment Length [1-5]\n");
+#endif
+#ifdef HAVE_TRUNCATED_HMAC
+    printf("-T          Use Truncated HMAC\n");
+#endif
+#ifdef HAVE_OCSP
+    printf("-o          Perform OCSP lookup on peer certificate\n");
+    printf("-O     Perform OCSP lookup using  as responder\n");
+#endif
+#ifdef ATOMIC_USER
+    printf("-U          Atomic User Record Layer Callbacks\n");
+#endif
+#ifdef HAVE_PK_CALLBACKS 
+    printf("-P          Public Key Callbacks\n");
+#endif
+#ifdef HAVE_ANON
+    printf("-a          Anonymous client\n");
+#endif
+}
+
+THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
+{
+    SOCKET_T sockfd = 0;
+
+    WOLFSSL_METHOD*  method  = 0;
+    WOLFSSL_CTX*     ctx     = 0;
+    WOLFSSL*         ssl     = 0;
+    
+    WOLFSSL*         sslResume = 0;
+    WOLFSSL_SESSION* session = 0;
+    char         resumeMsg[] = "resuming wolfssl!";
+    int          resumeSz    = sizeof(resumeMsg);
+
+    char msg[32] = "hello wolfssl!";   /* GET may make bigger */
+    char reply[80];
+    int  input;
+    int  msgSz = (int)strlen(msg);
+
+    word16 port   = yasslPort;
+    char* host   = (char*)yasslIP;
+    const char* domain = "www.yassl.com";
+
+    int    ch;
+    int    version = CLIENT_INVALID_VERSION;
+    int    usePsk   = 0;
+    int    useAnon  = 0;
+    int    sendGET  = 0;
+    int    benchmark = 0;
+    int    doDTLS    = 0;
+    int    matchName = 0;
+    int    doPeerCheck = 1;
+    int    nonBlocking = 0;
+    int    resumeSession = 0;
+    int    wc_shutdown      = 0;
+    int    ret;
+    int    scr           = 0;    /* allow secure renegotiation */
+    int    forceScr      = 0;    /* force client initiaed scr */
+    int    trackMemory   = 0;
+    int    useClientCert = 1;
+    int    fewerPackets  = 0;
+    int    atomicUser    = 0;
+    int    pkCallbacks   = 0;
+    int    overrideDateErrors = 0;
+    char*  cipherList = NULL;
+    const char* verifyCert = caCert;
+    const char* ourCert    = cliCert;
+    const char* ourKey     = cliKey;
+
+#ifdef HAVE_SNI
+    char*  sniHostName = NULL;
+#endif
+#ifdef HAVE_MAX_FRAGMENT
+    byte maxFragment = 0;
+#endif
+#ifdef HAVE_TRUNCATED_HMAC
+    byte  truncatedHMAC = 0;
+#endif
+
+
+#ifdef HAVE_OCSP
+    int    useOcsp  = 0;
+    char*  ocspUrl  = NULL;
+#endif
+
+    int     argc = ((func_args*)args)->argc;
+    char**  argv = ((func_args*)args)->argv;
+
+    ((func_args*)args)->return_code = -1; /* error state */
+
+#ifdef NO_RSA
+    verifyCert = (char*)eccCert;
+    ourCert    = (char*)cliEccCert;
+    ourKey     = (char*)cliEccKey;
+#endif
+    (void)resumeSz;
+    (void)session;
+    (void)sslResume;
+    (void)trackMemory;
+    (void)atomicUser;
+    (void)pkCallbacks;
+    (void)scr;
+    (void)forceScr;
+
+    StackTrap();
+
+    while ((ch = mygetopt(argc, argv,
+                          "?gdDusmNrwRitfxUPh:p:v:l:A:c:k:b:zS:L:ToO:a")) != -1) {
+        switch (ch) {
+            case '?' :
+                Usage();
+                exit(EXIT_SUCCESS);
+
+            case 'g' :
+                sendGET = 1;
+                break;
+
+            case 'd' :
+                doPeerCheck = 0;
+                break;
+
+            case 'D' :
+                overrideDateErrors = 1;
+                break;
+
+            case 'u' :
+                doDTLS  = 1;
+                break;
+
+            case 's' :
+                usePsk = 1;
+                break;
+
+            case 't' :
+            #ifdef USE_WOLFSSL_MEMORY
+                trackMemory = 1;
+            #endif
+                break;
+
+            case 'm' :
+                matchName = 1;
+                break;
+
+            case 'x' :
+                useClientCert = 0;
+                break;
+
+            case 'f' :
+                fewerPackets = 1;
+                break;
+
+            case 'U' :
+            #ifdef ATOMIC_USER
+                atomicUser = 1;
+            #endif
+                break;
+
+            case 'P' :
+            #ifdef HAVE_PK_CALLBACKS 
+                pkCallbacks = 1;
+            #endif
+                break;
+
+            case 'h' :
+                host   = myoptarg;
+                domain = myoptarg;
+                break;
+
+            case 'p' :
+                port = (word16)atoi(myoptarg);
+                #if !defined(NO_MAIN_DRIVER) || defined(USE_WINDOWS_API)
+                    if (port == 0)
+                        err_sys("port number cannot be 0");
+                #endif
+                break;
+
+            case 'v' :
+                version = atoi(myoptarg);
+                if (version < 0 || version > 3) {
+                    Usage();
+                    exit(MY_EX_USAGE);
+                }
+                break;
+
+            case 'l' :
+                cipherList = myoptarg;
+                break;
+
+            case 'A' :
+                verifyCert = myoptarg;
+                break;
+
+            case 'c' :
+                ourCert = myoptarg;
+                break;
+
+            case 'k' :
+                ourKey = myoptarg;
+                break;
+
+            case 'b' :
+                benchmark = atoi(myoptarg);
+                if (benchmark < 0 || benchmark > 1000000) {
+                    Usage();
+                    exit(MY_EX_USAGE);
+                }
+                break;
+
+            case 'N' :
+                nonBlocking = 1;
+                break;
+
+            case 'r' :
+                resumeSession = 1;
+                break;
+
+            case 'w' :
+                wc_shutdown = 1;
+                break;
+
+            case 'R' :
+                #ifdef HAVE_SECURE_RENEGOTIATION
+                    scr = 1;
+                #endif
+                break;
+
+            case 'i' :
+                #ifdef HAVE_SECURE_RENEGOTIATION
+                    scr      = 1;
+                    forceScr = 1;
+                #endif
+                break;
+
+            case 'z' :
+                #ifndef WOLFSSL_LEANPSK
+                    wolfSSL_GetObjectSize();
+                #endif
+                break;
+
+            case 'S' :
+                #ifdef HAVE_SNI
+                    sniHostName = myoptarg;
+                #endif
+                break;
+
+            case 'L' :
+                #ifdef HAVE_MAX_FRAGMENT
+                    maxFragment = atoi(myoptarg);
+                    if (maxFragment < WOLFSSL_MFL_2_9 ||
+                                                maxFragment > WOLFSSL_MFL_2_13) {
+                        Usage();
+                        exit(MY_EX_USAGE);
+                    }
+                #endif
+                break;
+
+            case 'T' :
+                #ifdef HAVE_TRUNCATED_HMAC
+                    truncatedHMAC = 1;
+                #endif
+                break;
+
+            case 'o' :
+                #ifdef HAVE_OCSP
+                    useOcsp = 1;
+                #endif
+                break;
+
+            case 'O' :
+                #ifdef HAVE_OCSP
+                    useOcsp = 1;
+                    ocspUrl = myoptarg;
+                #endif
+                break;
+
+            case 'a' :
+                #ifdef HAVE_ANON
+                    useAnon = 1;
+                #endif
+                break;
+
+            default:
+                Usage();
+                exit(MY_EX_USAGE);
+        }
+    }
+
+    myoptind = 0;      /* reset for test cases */
+
+    /* sort out DTLS versus TLS versions */
+    if (version == CLIENT_INVALID_VERSION) {
+        if (doDTLS)
+            version = CLIENT_DTLS_DEFAULT_VERSION;
+        else
+            version = CLIENT_DEFAULT_VERSION;
+    }
+    else {
+        if (doDTLS) {
+            if (version == 3)
+                version = -2;
+            else
+                version = -1;
+        }
+    }
+
+#ifdef USE_WOLFSSL_MEMORY
+    if (trackMemory)
+        InitMemoryTracker(); 
+#endif
+
+    switch (version) {
+#ifndef NO_OLD_TLS
+        case 0:
+            method = wolfSSLv3_client_method();
+            break;
+                
+                
+    #ifndef NO_TLS
+        case 1:
+            method = wolfTLSv1_client_method();
+            break;
+
+        case 2:
+            method = wolfTLSv1_1_client_method();
+            break;
+    #endif /* NO_TLS */
+                
+#endif  /* NO_OLD_TLS */
+                
+#ifndef NO_TLS
+        case 3:
+            method = wolfTLSv1_2_client_method();
+            break;
+#endif
+
+#ifdef WOLFSSL_DTLS
+        case -1:
+            method = wolfDTLSv1_client_method();
+            break;
+
+        case -2:
+            method = wolfDTLSv1_2_client_method();
+            break;
+#endif
+
+        default:
+            err_sys("Bad SSL version");
+            break;
+    }
+
+    if (method == NULL)
+        err_sys("unable to get method");
+
+    ctx = wolfSSL_CTX_new(method);
+    if (ctx == NULL)
+        err_sys("unable to get ctx");
+
+    if (cipherList)
+        if (wolfSSL_CTX_set_cipher_list(ctx, cipherList) != SSL_SUCCESS)
+            err_sys("client can't set cipher list 1");
+
+#ifdef WOLFSSL_LEANPSK
+    usePsk = 1;
+#endif
+
+#if defined(NO_RSA) && !defined(HAVE_ECC)
+    usePsk = 1;
+#endif
+
+    if (fewerPackets)
+        wolfSSL_CTX_set_group_messages(ctx);
+
+    if (usePsk) {
+#ifndef NO_PSK
+        wolfSSL_CTX_set_psk_client_callback(ctx, my_psk_client_cb);
+        if (cipherList == NULL) {
+            const char *defaultCipherList;
+            #ifdef HAVE_NULL_CIPHER
+                defaultCipherList = "PSK-NULL-SHA256";
+            #else
+                defaultCipherList = "PSK-AES128-CBC-SHA256";
+            #endif
+            if (wolfSSL_CTX_set_cipher_list(ctx,defaultCipherList) !=SSL_SUCCESS)
+                err_sys("client can't set cipher list 2");
+        }
+#endif
+        useClientCert = 0;
+    }
+
+    if (useAnon) {
+#ifdef HAVE_ANON
+        if (cipherList == NULL) {
+            wolfSSL_CTX_allow_anon_cipher(ctx);
+            if (wolfSSL_CTX_set_cipher_list(ctx,"ADH-AES128-SHA") != SSL_SUCCESS)
+                err_sys("client can't set cipher list 4");
+        }
+#endif
+        useClientCert = 0;
+    }
+
+#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER)
+    wolfSSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack);
+#endif
+
+#if defined(WOLFSSL_SNIFFER) && !defined(HAVE_NTRU) && !defined(HAVE_ECC)
+    if (cipherList == NULL) {
+        /* don't use EDH, can't sniff tmp keys */
+        if (wolfSSL_CTX_set_cipher_list(ctx, "AES256-SHA256") != SSL_SUCCESS) {
+            err_sys("client can't set cipher list 3");
+        }
+    }
+#endif
+
+#ifdef HAVE_OCSP
+    if (useOcsp) {
+        if (ocspUrl != NULL) {
+            wolfSSL_CTX_SetOCSP_OverrideURL(ctx, ocspUrl);
+            wolfSSL_CTX_EnableOCSP(ctx, WOLFSSL_OCSP_NO_NONCE
+                                                    | WOLFSSL_OCSP_URL_OVERRIDE);
+        }
+        else
+            wolfSSL_CTX_EnableOCSP(ctx, WOLFSSL_OCSP_NO_NONCE);
+    }
+#endif
+
+#ifdef USER_CA_CB
+    wolfSSL_CTX_SetCACb(ctx, CaCb);
+#endif
+
+#ifdef VERIFY_CALLBACK
+    wolfSSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, myVerify);
+#endif
+#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS)
+    if (useClientCert){
+        if (wolfSSL_CTX_use_certificate_chain_file(ctx, ourCert) != SSL_SUCCESS)
+            err_sys("can't load client cert file, check file and run from"
+                    " wolfSSL home dir");
+
+        if (wolfSSL_CTX_use_PrivateKey_file(ctx, ourKey, SSL_FILETYPE_PEM)
+                                         != SSL_SUCCESS)
+            err_sys("can't load client private key file, check file and run "
+                    "from wolfSSL home dir");
+    }
+
+    if (!usePsk && !useAnon) {
+        if (wolfSSL_CTX_load_verify_locations(ctx, verifyCert, 0) != SSL_SUCCESS)
+                err_sys("can't load ca file, Please run from wolfSSL home dir");
+    }
+#endif
+#if !defined(NO_CERTS)
+    if (!usePsk && !useAnon && doPeerCheck == 0)
+        wolfSSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, 0);
+    if (!usePsk && !useAnon && overrideDateErrors == 1)
+        wolfSSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, myDateCb);
+#endif
+
+#ifdef HAVE_CAVIUM
+    wolfSSL_CTX_UseCavium(ctx, CAVIUM_DEV_ID);
+#endif
+
+#ifdef HAVE_SNI
+    if (sniHostName)
+        if (wolfSSL_CTX_UseSNI(ctx, 0, sniHostName, XSTRLEN(sniHostName))
+                                                                 != SSL_SUCCESS)
+            err_sys("UseSNI failed");
+#endif
+#ifdef HAVE_MAX_FRAGMENT
+    if (maxFragment)
+        if (wolfSSL_CTX_UseMaxFragment(ctx, maxFragment) != SSL_SUCCESS)
+            err_sys("UseMaxFragment failed");
+#endif
+#ifdef HAVE_TRUNCATED_HMAC
+    if (truncatedHMAC)
+        if (wolfSSL_CTX_UseTruncatedHMAC(ctx) != SSL_SUCCESS)
+            err_sys("UseTruncatedHMAC failed");
+#endif
+#ifdef HAVE_SESSION_TICKET
+    if (wolfSSL_CTX_UseSessionTicket(ctx) != SSL_SUCCESS)
+        err_sys("UseSessionTicket failed");
+#endif
+
+    if (benchmark) {
+        /* time passed in number of connects give average */
+        int times = benchmark;
+        int i = 0;
+
+        double start = current_time(), avg;
+
+        for (i = 0; i < times; i++) {
+            tcp_connect(&sockfd, host, port, doDTLS);
+
+            ssl = wolfSSL_new(ctx);
+            wolfSSL_set_fd(ssl, sockfd);
+            if (wolfSSL_connect(ssl) != SSL_SUCCESS)
+                err_sys("SSL_connect failed");
+
+            wolfSSL_shutdown(ssl);
+            wolfSSL_free(ssl);
+            CloseSocket(sockfd);
+        }
+        avg = current_time() - start;
+        avg /= times;
+        avg *= 1000;   /* milliseconds */
+        printf("wolfSSL_connect avg took: %8.3f milliseconds\n", avg);
+
+        wolfSSL_CTX_free(ctx);
+        ((func_args*)args)->return_code = 0;
+
+        exit(EXIT_SUCCESS);
+    }
+    
+    #if defined(WOLFSSL_MDK_ARM)
+    wolfSSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, 0);
+    #endif
+    
+    ssl = wolfSSL_new(ctx);
+    if (ssl == NULL)
+        err_sys("unable to get SSL object");
+    #ifdef HAVE_SESSION_TICKET
+    wolfSSL_set_SessionTicket_cb(ssl, sessionTicketCB, (void*)"initial session");
+    #endif
+    if (doDTLS) {
+        SOCKADDR_IN_T addr;
+        build_addr(&addr, host, port, 1);
+        wolfSSL_dtls_set_peer(ssl, &addr, sizeof(addr));
+        tcp_socket(&sockfd, 1);
+    }
+    else {
+        tcp_connect(&sockfd, host, port, 0);
+    }
+
+#ifdef HAVE_POLY1305
+    /* use old poly to connect with google server */
+    if (!XSTRNCMP(domain, "www.google.com", 14)) {
+        if (wolfSSL_use_old_poly(ssl, 1) != 0)
+            err_sys("unable to set to old poly");
+    }
+#endif
+
+    wolfSSL_set_fd(ssl, sockfd);
+#ifdef HAVE_CRL
+    if (wolfSSL_EnableCRL(ssl, WOLFSSL_CRL_CHECKALL) != SSL_SUCCESS)
+        err_sys("can't enable crl check");
+    if (wolfSSL_LoadCRL(ssl, crlPemDir, SSL_FILETYPE_PEM, 0) != SSL_SUCCESS)
+        err_sys("can't load crl, check crlfile and date validity");
+    if (wolfSSL_SetCRL_Cb(ssl, CRL_CallBack) != SSL_SUCCESS)
+        err_sys("can't set crl callback");
+#endif
+#ifdef HAVE_SECURE_RENEGOTIATION
+    if (scr) {
+        if (wolfSSL_UseSecureRenegotiation(ssl) != SSL_SUCCESS)
+            err_sys("can't enable secure renegotiation");
+    }
+#endif
+#ifdef ATOMIC_USER
+    if (atomicUser)
+        SetupAtomicUser(ctx, ssl);
+#endif
+#ifdef HAVE_PK_CALLBACKS
+    if (pkCallbacks)
+        SetupPkCallbacks(ctx, ssl);
+#endif
+    if (matchName && doPeerCheck)
+        wolfSSL_check_domain_name(ssl, domain);
+#ifndef WOLFSSL_CALLBACKS
+    if (nonBlocking) {
+        wolfSSL_set_using_nonblock(ssl, 1);
+        tcp_set_nonblocking(&sockfd);
+        NonBlockingSSL_Connect(ssl);
+    }
+    else if (wolfSSL_connect(ssl) != SSL_SUCCESS) {
+        /* see note at top of README */
+        int  err = wolfSSL_get_error(ssl, 0);
+        char buffer[WOLFSSL_MAX_ERROR_SZ];
+        printf("err = %d, %s\n", err,
+                                wolfSSL_ERR_error_string(err, buffer));
+        err_sys("SSL_connect failed");
+        /* if you're getting an error here  */
+    }
+#else
+    timeout.tv_sec  = 2;
+    timeout.tv_usec = 0;
+    NonBlockingSSL_Connect(ssl);  /* will keep retrying on timeout */
+#endif
+    showPeer(ssl);
+
+#ifdef HAVE_SECURE_RENEGOTIATION
+    if (scr && forceScr) {
+        if (nonBlocking) {
+            printf("not doing secure renegotiation on example with"
+                   " nonblocking yet");
+        } else {
+            #ifndef NO_SESSION_CACHE
+                if (resumeSession) {
+                    session = wolfSSL_get_session(ssl);
+                    wolfSSL_set_session(ssl, session);
+                    resumeSession = 0;  /* only resume once */
+                }
+            #endif
+            if (wolfSSL_Rehandshake(ssl) != SSL_SUCCESS) {
+                int  err = wolfSSL_get_error(ssl, 0);
+                char buffer[WOLFSSL_MAX_ERROR_SZ];
+                printf("err = %d, %s\n", err,
+                                wolfSSL_ERR_error_string(err, buffer));
+                err_sys("wolfSSL_Rehandshake failed");
+            }
+        }
+    }
+#endif /* HAVE_SECURE_RENEGOTIATION */
+
+    if (sendGET) {
+        printf("SSL connect ok, sending GET...\n");
+        msgSz = 28;
+        strncpy(msg, "GET /index.html HTTP/1.0\r\n\r\n", msgSz);
+        msg[msgSz] = '\0';
+    }
+    if (wolfSSL_write(ssl, msg, msgSz) != msgSz)
+        err_sys("SSL_write failed");
+
+    input = wolfSSL_read(ssl, reply, sizeof(reply)-1);
+    if (input > 0) {
+        reply[input] = 0;
+        printf("Server response: %s\n", reply);
+
+        if (sendGET) {  /* get html */
+            while (1) {
+                input = wolfSSL_read(ssl, reply, sizeof(reply)-1);
+                if (input > 0) {
+                    reply[input] = 0;
+                    printf("%s\n", reply);
+                }
+                else
+                    break;
+            }
+        }
+    }
+    else if (input < 0) {
+        int readErr = wolfSSL_get_error(ssl, 0);
+        if (readErr != SSL_ERROR_WANT_READ)
+            err_sys("wolfSSL_read failed");
+    }
+
+#ifndef NO_SESSION_CACHE
+    if (resumeSession) {
+        if (doDTLS) {
+            strncpy(msg, "break", 6);
+            msgSz = (int)strlen(msg);
+            /* try to send session close */
+            wolfSSL_write(ssl, msg, msgSz);
+        }
+        session   = wolfSSL_get_session(ssl);
+        sslResume = wolfSSL_new(ctx);
+    }
+#endif
+
+    if (doDTLS == 0) {           /* don't send alert after "break" command */
+        ret = wolfSSL_shutdown(ssl);
+        if (wc_shutdown && ret == SSL_SHUTDOWN_NOT_DONE)
+            wolfSSL_shutdown(ssl);    /* bidirectional shutdown */
+    }
+#ifdef ATOMIC_USER
+    if (atomicUser)
+        FreeAtomicUser(ssl);
+#endif
+    wolfSSL_free(ssl);
+    CloseSocket(sockfd);
+
+#ifndef NO_SESSION_CACHE
+    if (resumeSession) {
+        if (doDTLS) {
+            SOCKADDR_IN_T addr;
+            #ifdef USE_WINDOWS_API 
+                Sleep(500);
+            #elif defined(WOLFSSL_TIRTOS)
+                Task_sleep(1);
+            #else
+                sleep(1);
+            #endif
+            build_addr(&addr, host, port, 1);
+            wolfSSL_dtls_set_peer(sslResume, &addr, sizeof(addr));
+            tcp_socket(&sockfd, 1);
+        }
+        else {
+            tcp_connect(&sockfd, host, port, 0);
+        }
+        wolfSSL_set_fd(sslResume, sockfd);
+        wolfSSL_set_session(sslResume, session);
+#ifdef HAVE_SESSION_TICKET
+        wolfSSL_set_SessionTicket_cb(sslResume, sessionTicketCB,
+                                    (void*)"resumed session");
+#endif
+       
+        showPeer(sslResume);
+#ifndef WOLFSSL_CALLBACKS
+        if (nonBlocking) {
+            wolfSSL_set_using_nonblock(sslResume, 1);
+            tcp_set_nonblocking(&sockfd);
+            NonBlockingSSL_Connect(sslResume);
+        }
+        else if (wolfSSL_connect(sslResume) != SSL_SUCCESS)
+            err_sys("SSL resume failed");
+#else
+        timeout.tv_sec  = 2;
+        timeout.tv_usec = 0;
+        NonBlockingSSL_Connect(ssl);  /* will keep retrying on timeout */
+#endif
+
+        if (wolfSSL_session_reused(sslResume))
+            printf("reused session id\n");
+        else
+            printf("didn't reuse session id!!!\n");
+
+        if (wolfSSL_write(sslResume, resumeMsg, resumeSz) != resumeSz)
+            err_sys("SSL_write failed");
+
+        if (nonBlocking) {
+            /* give server a chance to bounce a message back to client */
+            #ifdef USE_WINDOWS_API
+                Sleep(500);
+            #elif defined(WOLFSSL_TIRTOS)
+                Task_sleep(1);
+            #else
+                sleep(1);
+            #endif
+        }
+
+        input = wolfSSL_read(sslResume, reply, sizeof(reply)-1);
+        if (input > 0) {
+            reply[input] = 0;
+            printf("Server resume response: %s\n", reply);
+        }
+
+        /* try to send session break */
+        wolfSSL_write(sslResume, msg, msgSz); 
+
+        ret = wolfSSL_shutdown(sslResume);
+        if (wc_shutdown && ret == SSL_SHUTDOWN_NOT_DONE)
+            wolfSSL_shutdown(sslResume);    /* bidirectional shutdown */
+
+        wolfSSL_free(sslResume);
+        CloseSocket(sockfd);
+    }
+#endif /* NO_SESSION_CACHE */
+
+    wolfSSL_CTX_free(ctx);
+
+    ((func_args*)args)->return_code = 0;
+
+#ifdef USE_WOLFSSL_MEMORY
+    if (trackMemory)
+        ShowMemoryTracker();
+#endif /* USE_WOLFSSL_MEMORY */
+
+#if !defined(WOLFSSL_TIRTOS)
+    return 0;
+#endif
+}
+
+
+/* so overall tests can pull in test function */
+#ifndef NO_MAIN_DRIVER
+
+    int main(int argc, char** argv)
+    {
+        func_args args;
+
+#ifdef HAVE_CAVIUM
+        int ret = OpenNitroxDevice(CAVIUM_DIRECT, CAVIUM_DEV_ID);
+        if (ret != 0)
+            err_sys("Cavium OpenNitroxDevice failed");
+#endif /* HAVE_CAVIUM */
+
+        StartTCP();
+
+        args.argc = argc;
+        args.argv = argv;
+
+        wolfSSL_Init();
+#if defined(DEBUG_WOLFSSL) && !defined(WOLFSSL_MDK_SHELL) && !defined(STACK_TRAP)
+        wolfSSL_Debugging_ON();
+#endif
+        if (CurrentDir("client"))
+            ChangeDirBack(2);
+        else if (CurrentDir("Debug") || CurrentDir("Release"))
+            ChangeDirBack(3);
+  
+#ifdef HAVE_STACK_SIZE
+        StackSizeCheck(&args, client_test);
+#else 
+        client_test(&args);
+#endif
+        wolfSSL_Cleanup();
+
+#ifdef HAVE_CAVIUM
+        CspShutdown(CAVIUM_DEV_ID);
+#endif
+        return args.return_code;
+    }
+
+    int myoptind = 0;
+    char* myoptarg = NULL;
+
+#endif /* NO_MAIN_DRIVER */
+
+
+
+#ifdef WOLFSSL_CALLBACKS
+
+    int handShakeCB(HandShakeInfo* info)
+    {
+        (void)info;
+        return 0;
+    }
+
+
+    int timeoutCB(TimeoutInfo* info)
+    {
+        (void)info;
+        return 0;
+    }
+
+#endif
+
+
+#ifdef HAVE_SESSION_TICKET
+
+    int sessionTicketCB(WOLFSSL* ssl,
+                        const unsigned char* ticket, int ticketSz,
+                        void* ctx)
+    {
+        (void)ssl;
+        (void)ticket;
+        printf("Session Ticket CB: ticketSz = %d, ctx = %s\n",
+               ticketSz, (char*)ctx);
+        return 0;
+    }
+
+#endif
+
diff --git a/3P/wolfssl/examples/client/client.h b/3P/wolfssl/examples/client/client.h
new file mode 100644
index 00000000..e4b13be4
--- /dev/null
+++ b/3P/wolfssl/examples/client/client.h
@@ -0,0 +1,25 @@
+/* client.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+#pragma once
+
+THREAD_RETURN WOLFSSL_THREAD client_test(void* args);
+
diff --git a/3P/wolfssl/examples/client/client.sln b/3P/wolfssl/examples/client/client.sln
new file mode 100755
index 00000000..3c4bbb12
--- /dev/null
+++ b/3P/wolfssl/examples/client/client.sln
@@ -0,0 +1,20 @@
+
+Microsoft Visual Studio Solution File, Format Version 9.00
+# Visual C++ Express 2005
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "client", "client.vcproj", "{F117DD21-2672-4001-9FF8-8DBEBBFCA380}"
+EndProject
+Global
+	GlobalSection(SolutionConfigurationPlatforms) = preSolution
+		Debug|Win32 = Debug|Win32
+		Release|Win32 = Release|Win32
+	EndGlobalSection
+	GlobalSection(ProjectConfigurationPlatforms) = postSolution
+		{F117DD21-2672-4001-9FF8-8DBEBBFCA380}.Debug|Win32.ActiveCfg = Debug|Win32
+		{F117DD21-2672-4001-9FF8-8DBEBBFCA380}.Debug|Win32.Build.0 = Debug|Win32
+		{F117DD21-2672-4001-9FF8-8DBEBBFCA380}.Release|Win32.ActiveCfg = Release|Win32
+		{F117DD21-2672-4001-9FF8-8DBEBBFCA380}.Release|Win32.Build.0 = Release|Win32
+	EndGlobalSection
+	GlobalSection(SolutionProperties) = preSolution
+		HideSolutionNode = FALSE
+	EndGlobalSection
+EndGlobal
diff --git a/3P/wolfssl/examples/client/client.vcproj b/3P/wolfssl/examples/client/client.vcproj
new file mode 100755
index 00000000..a743bcaf
--- /dev/null
+++ b/3P/wolfssl/examples/client/client.vcproj
@@ -0,0 +1,197 @@
+
+
+	
+		
+	
+	
+	
+	
+		
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+		
+		
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+		
+	
+	
+	
+	
+		
+			
+			
+		
+		
+		
+		
+		
+	
+	
+	
+
diff --git a/3P/wolfssl/examples/client/client.vcxproj b/3P/wolfssl/examples/client/client.vcxproj
new file mode 100644
index 00000000..9f682562
--- /dev/null
+++ b/3P/wolfssl/examples/client/client.vcxproj
@@ -0,0 +1,175 @@
+
+
+  
+    
+      Debug
+      Win32
+    
+    
+      Debug
+      x64
+    
+    
+      Release
+      Win32
+    
+    
+      Release
+      x64
+    
+  
+  
+    {3ADE9549-582D-4D8E-9826-B172197A7959}
+    client
+    Win32Proj
+  
+  
+  
+    Application
+    v110
+    Unicode
+    true
+  
+  
+    Application
+    v110
+    Unicode
+    true
+  
+  
+    Application
+    v110
+    Unicode
+  
+  
+    Application
+    v110
+    Unicode
+  
+  
+  
+  
+  
+    
+  
+  
+    
+  
+  
+    
+  
+  
+    
+  
+  
+  
+    <_ProjectFileVersion>11.0.61030.0
+  
+  
+    $(SolutionDir)$(Configuration)\
+    $(Configuration)\
+    true
+  
+  
+    true
+  
+  
+    $(SolutionDir)$(Configuration)\
+    $(Configuration)\
+    false
+  
+  
+    false
+  
+  
+    
+      Disabled
+      ../../;%(AdditionalIncludeDirectories)
+      WIN32;_DEBUG;_CONSOLE;OPENSSL_EXTRA;NO_PSK;%(PreprocessorDefinitions)
+      true
+      EnableFastChecks
+      MultiThreadedDebugDLL
+      
+      Level3
+      EditAndContinue
+    
+    
+      Ws2_32.lib;%(AdditionalDependencies)
+      true
+      Console
+      MachineX86
+    
+  
+  
+    
+      Disabled
+      ../../;%(AdditionalIncludeDirectories)
+      WIN32;_DEBUG;_CONSOLE;OPENSSL_EXTRA;NO_PSK;%(PreprocessorDefinitions)
+      EnableFastChecks
+      MultiThreadedDebugDLL
+      
+      
+      Level3
+      ProgramDatabase
+    
+    
+      Ws2_32.lib;%(AdditionalDependencies)
+      true
+      Console
+    
+  
+  
+    
+      MaxSpeed
+      true
+      ../../;%(AdditionalIncludeDirectories)
+      WIN32;NDEBUG;_CONSOLE;OPENSSL_EXTRA;NO_PSK;%(PreprocessorDefinitions)
+      MultiThreadedDLL
+      true
+      
+      Level3
+      ProgramDatabase
+    
+    
+      Ws2_32.lib;%(AdditionalDependencies)
+      true
+      Console
+      true
+      true
+      MachineX86
+    
+  
+  
+    
+      MaxSpeed
+      true
+      ../../;%(AdditionalIncludeDirectories)
+      WIN32;NDEBUG;_CONSOLE;OPENSSL_EXTRA;NO_PSK;%(PreprocessorDefinitions)
+      MultiThreadedDLL
+      true
+      
+      
+      Level3
+      ProgramDatabase
+    
+    
+      Ws2_32.lib;%(AdditionalDependencies)
+      true
+      Console
+      true
+      true
+    
+  
+  
+    
+  
+  
+    
+      {73973223-5ee8-41ca-8e88-1d60e89a237b}
+      false
+    
+  
+  
+  
+  
+
diff --git a/3P/wolfssl/examples/client/include.am b/3P/wolfssl/examples/client/include.am
new file mode 100644
index 00000000..d0ddcdfa
--- /dev/null
+++ b/3P/wolfssl/examples/client/include.am
@@ -0,0 +1,17 @@
+# vim:ft=automake
+# All paths should be given relative to the root
+
+if BUILD_EXAMPLES
+noinst_PROGRAMS += examples/client/client
+noinst_HEADERS += examples/client/client.h
+examples_client_client_SOURCES      = examples/client/client.c
+examples_client_client_LDADD        = src/libwolfssl.la
+examples_client_client_DEPENDENCIES = src/libwolfssl.la
+endif
+EXTRA_DIST += examples/client/client.sln
+EXTRA_DIST += examples/client/client-ntru.vcproj
+EXTRA_DIST += examples/client/client.vcproj
+EXTRA_DIST += examples/client/client.vcxproj
+
+dist_example_DATA+= examples/client/client.c
+DISTCLEANFILES+= examples/client/.libs/client
diff --git a/3P/wolfssl/examples/echoclient/echoclient-ntru.vcproj b/3P/wolfssl/examples/echoclient/echoclient-ntru.vcproj
new file mode 100755
index 00000000..3fa0caf6
--- /dev/null
+++ b/3P/wolfssl/examples/echoclient/echoclient-ntru.vcproj
@@ -0,0 +1,199 @@
+
+
+	
+		
+	
+	
+	
+	
+		
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+		
+		
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+		
+	
+	
+	
+	
+		
+			
+			
+		
+		
+		
+		
+		
+	
+	
+	
+
diff --git a/3P/wolfssl/examples/echoclient/echoclient.c b/3P/wolfssl/examples/echoclient/echoclient.c
new file mode 100644
index 00000000..759961e8
--- /dev/null
+++ b/3P/wolfssl/examples/echoclient/echoclient.c
@@ -0,0 +1,282 @@
+/* echoclient.c
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+#ifdef HAVE_CONFIG_H
+    #include 
+#endif
+
+#include 
+
+#include 
+
+#if defined(CYASSL_MDK_ARM)
+        #include 
+        #include 
+
+        #if defined(CYASSL_MDK5)
+            #include "cmsis_os.h"
+            #include "rl_fs.h" 
+            #include "rl_net.h" 
+        #else
+            #include "rtl.h"
+        #endif
+
+        #include "cyassl_MDK_ARM.h"
+#endif
+
+#include 
+
+#include "examples/echoclient/echoclient.h"
+
+void echoclient_test(void* args)
+{
+    SOCKET_T sockfd = 0;
+
+    FILE* fin   = stdin  ;
+    FILE* fout = stdout;
+
+    int inCreated  = 0;
+    int outCreated = 0;
+
+    char msg[1024];
+    char reply[1024+1];
+
+    SSL_METHOD* method = 0;
+    SSL_CTX*    ctx    = 0;
+    SSL*        ssl    = 0;
+
+    int doDTLS = 0;
+    int doPSK = 0;
+    int sendSz;
+    int argc    = 0;
+    char** argv = 0;
+    word16 port = yasslPort;
+
+    ((func_args*)args)->return_code = -1; /* error state */
+    
+#ifndef CYASSL_MDK_SHELL
+    argc = ((func_args*)args)->argc;
+    argv = ((func_args*)args)->argv;
+#endif
+
+    if (argc >= 2) {
+        fin  = fopen(argv[1], "r"); 
+        inCreated = 1;
+    }
+    if (argc >= 3) {
+        fout = fopen(argv[2], "w");
+        outCreated = 1;
+    }
+
+    if (!fin)  err_sys("can't open input file");
+    if (!fout) err_sys("can't open output file");
+
+#ifdef CYASSL_DTLS
+    doDTLS  = 1;
+#endif
+
+#ifdef CYASSL_LEANPSK 
+    doPSK = 1;
+#endif
+
+#if defined(NO_RSA) && !defined(HAVE_ECC)
+    doPSK = 1;
+#endif
+
+#if defined(NO_MAIN_DRIVER) && !defined(USE_WINDOWS_API) && !defined(CYASSL_MDK_SHELL)
+    port = ((func_args*)args)->signal->port;
+#endif
+
+#if defined(CYASSL_DTLS)
+    method  = DTLSv1_client_method();
+#elif  !defined(NO_TLS)
+    method = CyaSSLv23_client_method();
+#else
+    method = SSLv3_client_method();
+#endif
+    ctx    = SSL_CTX_new(method);
+
+#ifndef NO_FILESYSTEM
+    #ifndef NO_RSA
+    if (SSL_CTX_load_verify_locations(ctx, caCert, 0) != SSL_SUCCESS)
+        err_sys("can't load ca file, Please run from wolfSSL home dir");
+    #endif
+    #ifdef HAVE_ECC
+        if (SSL_CTX_load_verify_locations(ctx, eccCert, 0) != SSL_SUCCESS)
+            err_sys("can't load ca file, Please run from wolfSSL home dir");
+    #endif
+#elif !defined(NO_CERTS)
+    if (!doPSK)
+        load_buffer(ctx, caCert, CYASSL_CA);
+#endif
+
+#if defined(CYASSL_SNIFFER) && !defined(HAVE_NTRU) && !defined(HAVE_ECC)
+    /* don't use EDH, can't sniff tmp keys */
+    SSL_CTX_set_cipher_list(ctx, "AES256-SHA");
+#endif
+    if (doPSK) {
+#ifndef NO_PSK
+        const char *defaultCipherList;
+
+        CyaSSL_CTX_set_psk_client_callback(ctx, my_psk_client_cb);
+        #ifdef HAVE_NULL_CIPHER
+            defaultCipherList = "PSK-NULL-SHA256";
+        #else
+            defaultCipherList = "PSK-AES128-CBC-SHA256";
+        #endif
+        if (CyaSSL_CTX_set_cipher_list(ctx,defaultCipherList) !=SSL_SUCCESS)
+            err_sys("client can't set cipher list 2");
+#endif
+    }
+
+#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER)
+    SSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack);
+#endif
+
+    #if defined(CYASSL_MDK_ARM)
+    CyaSSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, 0);
+    #endif
+
+    ssl = SSL_new(ctx);
+
+    if (doDTLS) {
+        SOCKADDR_IN_T addr;
+        build_addr(&addr, yasslIP, port, 1);
+        CyaSSL_dtls_set_peer(ssl, &addr, sizeof(addr));
+        tcp_socket(&sockfd, 1);
+    }
+    else {
+        tcp_connect(&sockfd, yasslIP, port, 0);
+    }
+        
+    SSL_set_fd(ssl, sockfd);
+#if defined(USE_WINDOWS_API) && defined(CYASSL_DTLS) && defined(NO_MAIN_DRIVER)
+    /* let echoserver bind first, TODO: add Windows signal like pthreads does */
+    Sleep(100);
+#endif
+
+    if (SSL_connect(ssl) != SSL_SUCCESS) err_sys("SSL_connect failed");
+
+    while (fgets(msg, sizeof(msg), fin) != 0) {
+     
+        sendSz = (int)strlen(msg);
+
+        if (SSL_write(ssl, msg, sendSz) != sendSz)
+            err_sys("SSL_write failed");
+
+        if (strncmp(msg, "quit", 4) == 0) {
+            fputs("sending server shutdown command: quit!\n", fout);
+            break;
+        }
+
+        if (strncmp(msg, "break", 5) == 0) {
+            fputs("sending server session close: break!\n", fout);
+            break;
+        }
+
+        #ifndef CYASSL_MDK_SHELL
+        while (sendSz) {
+            int got;
+            if ( (got = SSL_read(ssl, reply, sizeof(reply)-1)) > 0) {
+                reply[got] = 0;
+                fputs(reply, fout);
+                fflush(fout) ;
+                sendSz -= got;
+            }
+            else
+                break;
+        }
+        #else
+        {
+            int got;
+            if ( (got = SSL_read(ssl, reply, sizeof(reply)-1)) > 0) {
+                reply[got] = 0;
+                fputs(reply, fout);
+                fflush(fout) ;
+                sendSz -= got;
+            }
+        }
+        #endif
+    }
+
+
+#ifdef CYASSL_DTLS
+    strncpy(msg, "break", 6);
+    sendSz = (int)strlen(msg);
+    /* try to tell server done */
+    SSL_write(ssl, msg, sendSz);
+#else
+    SSL_shutdown(ssl);
+#endif
+
+    SSL_free(ssl);
+    SSL_CTX_free(ctx);
+
+    fflush(fout);
+    if (inCreated)  fclose(fin);
+    if (outCreated) fclose(fout);
+
+    CloseSocket(sockfd);
+    ((func_args*)args)->return_code = 0; 
+}
+
+
+/* so overall tests can pull in test function */
+#ifndef NO_MAIN_DRIVER
+
+    int main(int argc, char** argv)
+    {
+        func_args args;
+
+#ifdef HAVE_CAVIUM
+        int ret = OpenNitroxDevice(CAVIUM_DIRECT, CAVIUM_DEV_ID);
+        if (ret != 0)
+            err_sys("Cavium OpenNitroxDevice failed");
+#endif /* HAVE_CAVIUM */
+
+        StartTCP();
+
+        args.argc = argc;
+        args.argv = argv;
+
+        CyaSSL_Init();
+#if defined(DEBUG_CYASSL) && !defined(CYASSL_MDK_SHELL)
+        CyaSSL_Debugging_ON();
+#endif
+#ifndef CYASSL_TIRTOS
+        if (CurrentDir("echoclient"))
+            ChangeDirBack(2);
+        else if (CurrentDir("Debug") || CurrentDir("Release"))
+            ChangeDirBack(3);
+#endif
+        echoclient_test(&args);
+
+        CyaSSL_Cleanup();
+
+#ifdef HAVE_CAVIUM
+        CspShutdown(CAVIUM_DEV_ID);
+#endif
+        return args.return_code;
+    }
+        
+#endif /* NO_MAIN_DRIVER */
+
+
diff --git a/3P/wolfssl/examples/echoclient/echoclient.h b/3P/wolfssl/examples/echoclient/echoclient.h
new file mode 100644
index 00000000..d945edb4
--- /dev/null
+++ b/3P/wolfssl/examples/echoclient/echoclient.h
@@ -0,0 +1,23 @@
+/* echoclient.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+#pragma once
+void echoclient_test(void* args);
diff --git a/3P/wolfssl/examples/echoclient/echoclient.sln b/3P/wolfssl/examples/echoclient/echoclient.sln
new file mode 100755
index 00000000..3fb7851d
--- /dev/null
+++ b/3P/wolfssl/examples/echoclient/echoclient.sln
@@ -0,0 +1,20 @@
+
+Microsoft Visual Studio Solution File, Format Version 9.00
+# Visual C++ Express 2005
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "echoclient", "echoclient.vcproj", "{A7AA93AD-AFF0-4FF0-8AED-14685DE55CF3}"
+EndProject
+Global
+	GlobalSection(SolutionConfigurationPlatforms) = preSolution
+		Debug|Win32 = Debug|Win32
+		Release|Win32 = Release|Win32
+	EndGlobalSection
+	GlobalSection(ProjectConfigurationPlatforms) = postSolution
+		{A7AA93AD-AFF0-4FF0-8AED-14685DE55CF3}.Debug|Win32.ActiveCfg = Debug|Win32
+		{A7AA93AD-AFF0-4FF0-8AED-14685DE55CF3}.Debug|Win32.Build.0 = Debug|Win32
+		{A7AA93AD-AFF0-4FF0-8AED-14685DE55CF3}.Release|Win32.ActiveCfg = Release|Win32
+		{A7AA93AD-AFF0-4FF0-8AED-14685DE55CF3}.Release|Win32.Build.0 = Release|Win32
+	EndGlobalSection
+	GlobalSection(SolutionProperties) = preSolution
+		HideSolutionNode = FALSE
+	EndGlobalSection
+EndGlobal
diff --git a/3P/wolfssl/examples/echoclient/echoclient.vcproj b/3P/wolfssl/examples/echoclient/echoclient.vcproj
new file mode 100755
index 00000000..3a2a085a
--- /dev/null
+++ b/3P/wolfssl/examples/echoclient/echoclient.vcproj
@@ -0,0 +1,197 @@
+
+
+	
+		
+	
+	
+	
+	
+		
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+		
+		
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+		
+	
+	
+	
+	
+		
+			
+			
+		
+		
+		
+		
+		
+	
+	
+	
+
diff --git a/3P/wolfssl/examples/echoclient/echoclient.vcxproj b/3P/wolfssl/examples/echoclient/echoclient.vcxproj
new file mode 100644
index 00000000..147362c4
--- /dev/null
+++ b/3P/wolfssl/examples/echoclient/echoclient.vcxproj
@@ -0,0 +1,175 @@
+
+
+  
+    
+      Debug
+      Win32
+    
+    
+      Debug
+      x64
+    
+    
+      Release
+      Win32
+    
+    
+      Release
+      x64
+    
+  
+  
+    {8362A816-C5DC-4E22-B5C5-9E6806387073}
+    echoclient
+    Win32Proj
+  
+  
+  
+    Application
+    v110
+    Unicode
+    true
+  
+  
+    Application
+    v110
+    Unicode
+    true
+  
+  
+    Application
+    v110
+    Unicode
+  
+  
+    Application
+    v110
+    Unicode
+  
+  
+  
+  
+  
+    
+  
+  
+    
+  
+  
+    
+  
+  
+    
+  
+  
+  
+    <_ProjectFileVersion>11.0.61030.0
+  
+  
+    $(SolutionDir)$(Configuration)\
+    $(Configuration)\
+    true
+  
+  
+    true
+  
+  
+    $(SolutionDir)$(Configuration)\
+    $(Configuration)\
+    false
+  
+  
+    false
+  
+  
+    
+      Disabled
+      ../../;%(AdditionalIncludeDirectories)
+      WIN32;_DEBUG;_CONSOLE;OPENSSL_EXTRA;NO_PSK;%(PreprocessorDefinitions)
+      true
+      EnableFastChecks
+      MultiThreadedDebugDLL
+      
+      Level3
+      EditAndContinue
+    
+    
+      Ws2_32.lib;%(AdditionalDependencies)
+      true
+      Console
+      MachineX86
+    
+  
+  
+    
+      Disabled
+      ../../;%(AdditionalIncludeDirectories)
+      WIN32;_DEBUG;_CONSOLE;OPENSSL_EXTRA;NO_PSK;%(PreprocessorDefinitions)
+      EnableFastChecks
+      MultiThreadedDebugDLL
+      
+      
+      Level3
+      ProgramDatabase
+    
+    
+      Ws2_32.lib;%(AdditionalDependencies)
+      true
+      Console
+    
+  
+  
+    
+      MaxSpeed
+      true
+      ../../;%(AdditionalIncludeDirectories)
+      WIN32;NDEBUG;_CONSOLE;OPENSSL_EXTRA;NO_PSK;%(PreprocessorDefinitions)
+      MultiThreadedDLL
+      true
+      
+      Level3
+      ProgramDatabase
+    
+    
+      Ws2_32.lib;%(AdditionalDependencies)
+      true
+      Console
+      true
+      true
+      MachineX86
+    
+  
+  
+    
+      MaxSpeed
+      true
+      ../../;%(AdditionalIncludeDirectories)
+      WIN32;NDEBUG;_CONSOLE;OPENSSL_EXTRA;NO_PSK;%(PreprocessorDefinitions)
+      MultiThreadedDLL
+      true
+      
+      
+      Level3
+      ProgramDatabase
+    
+    
+      Ws2_32.lib;%(AdditionalDependencies)
+      true
+      Console
+      true
+      true
+    
+  
+  
+    
+  
+  
+    
+      {73973223-5ee8-41ca-8e88-1d60e89a237b}
+      false
+    
+  
+  
+  
+  
+
diff --git a/3P/wolfssl/examples/echoclient/include.am b/3P/wolfssl/examples/echoclient/include.am
new file mode 100644
index 00000000..179cf990
--- /dev/null
+++ b/3P/wolfssl/examples/echoclient/include.am
@@ -0,0 +1,20 @@
+# vim:ft=automake
+# included from Top Level Makefile.am
+# All paths should be given relative to the root
+
+
+if BUILD_EXAMPLES
+noinst_PROGRAMS += examples/echoclient/echoclient
+noinst_HEADERS += examples/echoclient/echoclient.h
+examples_echoclient_echoclient_SOURCES      = examples/echoclient/echoclient.c
+examples_echoclient_echoclient_LDADD        = src/libwolfssl.la
+examples_echoclient_echoclient_DEPENDENCIES = src/libwolfssl.la
+endif
+EXTRA_DIST += examples/echoclient/echoclient.sln
+EXTRA_DIST += examples/echoclient/echoclient-ntru.vcproj
+EXTRA_DIST += examples/echoclient/echoclient.vcproj
+EXTRA_DIST += examples/echoclient/echoclient.vcxproj
+
+dist_example_DATA+= examples/echoclient/echoclient.c
+DISTCLEANFILES+= examples/echoclient/.libs/echoclient
+
diff --git a/3P/wolfssl/examples/echoserver/echoserver-ntru.vcproj b/3P/wolfssl/examples/echoserver/echoserver-ntru.vcproj
new file mode 100755
index 00000000..539b2e78
--- /dev/null
+++ b/3P/wolfssl/examples/echoserver/echoserver-ntru.vcproj
@@ -0,0 +1,199 @@
+
+
+	
+		
+	
+	
+	
+	
+		
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+		
+		
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+		
+	
+	
+	
+	
+		
+			
+			
+		
+		
+		
+		
+		
+	
+	
+	
+
diff --git a/3P/wolfssl/examples/echoserver/echoserver.c b/3P/wolfssl/examples/echoserver/echoserver.c
new file mode 100644
index 00000000..18b39100
--- /dev/null
+++ b/3P/wolfssl/examples/echoserver/echoserver.c
@@ -0,0 +1,390 @@
+/* echoserver.c
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+#ifdef HAVE_CONFIG_H
+    #include 
+#endif
+
+#include  /* name change portability layer */
+#include 
+#ifdef HAVE_ECC
+    #include    /* ecc_fp_free */
+#endif
+
+#if defined(CYASSL_MDK_ARM)
+        #include 
+        #include 
+
+        #if defined(CYASSL_MDK5)
+            #include "cmsis_os.h"
+            #include "rl_fs.h" 
+            #include "rl_net.h" 
+        #else
+            #include "rtl.h"
+        #endif
+
+        #include "cyassl_MDK_ARM.h"
+#endif
+
+#include 
+#include 
+
+#ifndef NO_MAIN_DRIVER
+    #define ECHO_OUT
+#endif
+
+#include "examples/echoserver/echoserver.h"
+
+
+#ifdef SESSION_STATS
+    CYASSL_API void PrintSessionStats(void);
+#endif
+
+#define SVR_COMMAND_SIZE 256
+
+static void SignalReady(void* args, word16 port)
+{
+#if defined(_POSIX_THREADS) && defined(NO_MAIN_DRIVER) && !defined(__MINGW32__)
+    /* signal ready to tcp_accept */
+    func_args* server_args = (func_args*)args;
+    tcp_ready* ready = server_args->signal;
+    pthread_mutex_lock(&ready->mutex);
+    ready->ready = 1;
+    ready->port = port;
+    pthread_cond_signal(&ready->cond);
+    pthread_mutex_unlock(&ready->mutex);
+#endif
+    (void)args;
+    (void)port;
+}
+
+
+THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
+{
+    SOCKET_T       sockfd = 0;
+    CYASSL_METHOD* method = 0;
+    CYASSL_CTX*    ctx    = 0;
+
+    int    doDTLS = 0;
+    int    doPSK = 0;
+    int    outCreated = 0;
+    int    shutDown = 0;
+    int    useAnyAddr = 0;
+    word16 port = yasslPort;
+    int    argc = ((func_args*)args)->argc;
+    char** argv = ((func_args*)args)->argv;
+
+#ifdef ECHO_OUT
+    FILE* fout = stdout;
+    if (argc >= 2) {
+        fout = fopen(argv[1], "w");
+        outCreated = 1;
+    }
+    if (!fout) err_sys("can't open output file");
+#endif
+    (void)outCreated;
+    (void)argc;
+    (void)argv;
+
+    ((func_args*)args)->return_code = -1; /* error state */
+
+#ifdef CYASSL_DTLS
+    doDTLS  = 1;
+#endif
+
+#ifdef CYASSL_LEANPSK
+    doPSK = 1;
+#endif
+
+#if defined(NO_RSA) && !defined(HAVE_ECC)
+    doPSK = 1;
+#endif
+
+    #if defined(NO_MAIN_DRIVER) && !defined(USE_WINDOWS_API) && \
+        !defined(CYASSL_SNIFFER) && !defined(CYASSL_MDK_SHELL) && \
+        !defined(CYASSL_TIRTOS)
+        port = 0;
+    #endif
+    #if defined(USE_ANY_ADDR)
+        useAnyAddr = 1;
+    #endif
+
+#ifdef CYASSL_TIRTOS
+    fdOpenSession(Task_self());
+#endif
+
+    tcp_listen(&sockfd, &port, useAnyAddr, doDTLS);
+
+#if defined(CYASSL_DTLS)
+    method  = CyaDTLSv1_server_method();
+#elif  !defined(NO_TLS)
+    method = CyaSSLv23_server_method();
+#else
+    method = CyaSSLv3_server_method();
+#endif
+    ctx    = CyaSSL_CTX_new(method);
+    /* CyaSSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_OFF); */
+
+#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER)
+    CyaSSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack);
+#endif
+
+#ifndef NO_FILESYSTEM
+    if (doPSK == 0) {
+    #ifdef HAVE_NTRU
+        /* ntru */
+        if (CyaSSL_CTX_use_certificate_file(ctx, ntruCert, SSL_FILETYPE_PEM)
+                != SSL_SUCCESS)
+            err_sys("can't load ntru cert file, "
+                    "Please run from wolfSSL home dir");
+
+        if (CyaSSL_CTX_use_NTRUPrivateKey_file(ctx, ntruKey)
+                != SSL_SUCCESS)
+            err_sys("can't load ntru key file, "
+                    "Please run from wolfSSL home dir");
+    #elif defined(HAVE_ECC)
+        /* ecc */
+        if (CyaSSL_CTX_use_certificate_file(ctx, eccCert, SSL_FILETYPE_PEM)
+                != SSL_SUCCESS)
+            err_sys("can't load server cert file, "
+                    "Please run from wolfSSL home dir");
+
+        if (CyaSSL_CTX_use_PrivateKey_file(ctx, eccKey, SSL_FILETYPE_PEM)
+                != SSL_SUCCESS)
+            err_sys("can't load server key file, "
+                    "Please run from wolfSSL home dir");
+    #elif defined(NO_CERTS)
+        /* do nothing, just don't load cert files */
+    #else
+        /* normal */
+        if (CyaSSL_CTX_use_certificate_file(ctx, svrCert, SSL_FILETYPE_PEM)
+                != SSL_SUCCESS)
+            err_sys("can't load server cert file, "
+                    "Please run from wolfSSL home dir");
+
+        if (CyaSSL_CTX_use_PrivateKey_file(ctx, svrKey, SSL_FILETYPE_PEM)
+                != SSL_SUCCESS)
+            err_sys("can't load server key file, "
+                    "Please run from wolfSSL home dir");
+    #endif
+    } /* doPSK */
+#elif !defined(NO_CERTS)
+    if (!doPSK) {
+        load_buffer(ctx, svrCert, CYASSL_CERT);
+        load_buffer(ctx, svrKey,  CYASSL_KEY);
+    }
+#endif
+
+#if defined(CYASSL_SNIFFER) && !defined(HAVE_NTRU) && !defined(HAVE_ECC)
+    /* don't use EDH, can't sniff tmp keys */
+    CyaSSL_CTX_set_cipher_list(ctx, "AES256-SHA");
+#endif
+
+    if (doPSK) {
+#ifndef NO_PSK
+        const char *defaultCipherList;
+
+        CyaSSL_CTX_set_psk_server_callback(ctx, my_psk_server_cb);
+        CyaSSL_CTX_use_psk_identity_hint(ctx, "cyassl server");
+        #ifdef HAVE_NULL_CIPHER
+            defaultCipherList = "PSK-NULL-SHA256";
+        #else
+            defaultCipherList = "PSK-AES128-CBC-SHA256";
+        #endif
+        if (CyaSSL_CTX_set_cipher_list(ctx, defaultCipherList) != SSL_SUCCESS)
+            err_sys("server can't set cipher list 2");
+#endif
+    }
+
+    SignalReady(args, port);
+
+    while (!shutDown) {
+        CYASSL* ssl = 0;
+        char    command[SVR_COMMAND_SIZE+1];
+        int     echoSz = 0;
+        int     clientfd;
+        int     firstRead = 1;
+        int     gotFirstG = 0;
+                
+#ifndef CYASSL_DTLS 
+        SOCKADDR_IN_T client;
+        socklen_t     client_len = sizeof(client);
+        clientfd = accept(sockfd, (struct sockaddr*)&client,
+                         (ACCEPT_THIRD_T)&client_len);
+#else
+        clientfd = udp_read_connect(sockfd);
+#endif
+        if (clientfd == -1) err_sys("tcp accept failed");
+
+        ssl = CyaSSL_new(ctx);
+        if (ssl == NULL) err_sys("SSL_new failed");
+        CyaSSL_set_fd(ssl, clientfd);
+        #if !defined(NO_FILESYSTEM) && !defined(NO_DH)
+            CyaSSL_SetTmpDH_file(ssl, dhParam, SSL_FILETYPE_PEM);
+        #elif !defined(NO_DH)
+            SetDH(ssl);  /* will repick suites with DHE, higher than PSK */
+        #endif
+        if (CyaSSL_accept(ssl) != SSL_SUCCESS) {
+            printf("SSL_accept failed\n");
+            CyaSSL_free(ssl);
+            CloseSocket(clientfd);
+            continue;
+        }
+#if defined(PEER_INFO)
+        showPeer(ssl);
+#endif
+
+        while ( (echoSz = CyaSSL_read(ssl, command, sizeof(command)-1)) > 0) {
+
+            if (firstRead == 1) {
+                firstRead = 0;  /* browser may send 1 byte 'G' to start */
+                if (echoSz == 1 && command[0] == 'G') {
+                    gotFirstG = 1;
+                    continue;
+                }
+            }
+            else if (gotFirstG == 1 && strncmp(command, "ET /", 4) == 0) {
+                strncpy(command, "GET", 4);
+                /* fall through to normal GET */
+            }
+           
+            if ( strncmp(command, "quit", 4) == 0) {
+                printf("client sent quit command: shutting down!\n");
+                shutDown = 1;
+                break;
+            }
+            if ( strncmp(command, "break", 5) == 0) {
+                printf("client sent break command: closing session!\n");
+                break;
+            }
+#ifdef SESSION_STATS
+            if ( strncmp(command, "printstats", 10) == 0) {
+                PrintSessionStats();
+                break;
+            }
+#endif
+            if ( strncmp(command, "GET", 3) == 0) {
+                char type[]   = "HTTP/1.0 200 ok\r\nContent-type:"
+                                " text/html\r\n\r\n";
+                char header[] = "\n
\n";
+                char body[]   = "greetings from wolfSSL\n";
+                char footer[] = "\r\n\r\n";
+            
+                strncpy(command, type, sizeof(type));
+                echoSz = sizeof(type) - 1;
+
+                strncpy(&command[echoSz], header, sizeof(header));
+                echoSz += (int)sizeof(header) - 1;
+                strncpy(&command[echoSz], body, sizeof(body));
+                echoSz += (int)sizeof(body) - 1;
+                strncpy(&command[echoSz], footer, sizeof(footer));
+                echoSz += (int)sizeof(footer);
+
+                if (CyaSSL_write(ssl, command, echoSz) != echoSz)
+                    err_sys("SSL_write failed");
+                break;
+            }
+            command[echoSz] = 0;
+
+            #ifdef ECHO_OUT
+                fputs(command, fout);
+            #endif
+
+            if (CyaSSL_write(ssl, command, echoSz) != echoSz)
+                err_sys("SSL_write failed");
+        }
+#ifndef CYASSL_DTLS
+        CyaSSL_shutdown(ssl);
+#endif
+        CyaSSL_free(ssl);
+        CloseSocket(clientfd);
+#ifdef CYASSL_DTLS
+        tcp_listen(&sockfd, &port, useAnyAddr, doDTLS);
+        SignalReady(args, port);
+#endif
+    }
+
+    CloseSocket(sockfd);
+    CyaSSL_CTX_free(ctx);
+
+#ifdef ECHO_OUT
+    if (outCreated)
+        fclose(fout);
+#endif
+
+    ((func_args*)args)->return_code = 0;
+
+#if defined(NO_MAIN_DRIVER) && defined(HAVE_ECC) && defined(FP_ECC) \
+                            && defined(HAVE_THREAD_LS)
+    ecc_fp_free();  /* free per thread cache */
+#endif
+
+#ifdef CYASSL_TIRTOS
+    fdCloseSession(Task_self());
+#endif
+
+#ifndef CYASSL_TIRTOS
+    return 0;
+#endif
+}
+
+
+/* so overall tests can pull in test function */
+#ifndef NO_MAIN_DRIVER
+
+    int main(int argc, char** argv)
+    {
+        func_args args;
+
+#ifdef HAVE_CAVIUM
+        int ret = OpenNitroxDevice(CAVIUM_DIRECT, CAVIUM_DEV_ID);
+        if (ret != 0)
+            err_sys("Cavium OpenNitroxDevice failed");
+#endif /* HAVE_CAVIUM */
+
+        StartTCP();
+
+        args.argc = argc;
+        args.argv = argv;
+
+        CyaSSL_Init();
+#if defined(DEBUG_CYASSL) && !defined(CYASSL_MDK_SHELL)
+        CyaSSL_Debugging_ON();
+#endif
+        if (CurrentDir("echoserver"))
+            ChangeDirBack(2);
+        else if (CurrentDir("Debug") || CurrentDir("Release"))
+            ChangeDirBack(3);
+        echoserver_test(&args);
+        CyaSSL_Cleanup();
+
+#ifdef HAVE_CAVIUM
+        CspShutdown(CAVIUM_DEV_ID);
+#endif
+        return args.return_code;
+    }
+
+        
+#endif /* NO_MAIN_DRIVER */
+
+
+
+
diff --git a/3P/wolfssl/examples/echoserver/echoserver.h b/3P/wolfssl/examples/echoserver/echoserver.h
new file mode 100644
index 00000000..c9406bcc
--- /dev/null
+++ b/3P/wolfssl/examples/echoserver/echoserver.h
@@ -0,0 +1,24 @@
+/* echoserver.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+#pragma once
+
+THREAD_RETURN CYASSL_THREAD echoserver_test(void* args);
diff --git a/3P/wolfssl/examples/echoserver/echoserver.sln b/3P/wolfssl/examples/echoserver/echoserver.sln
new file mode 100755
index 00000000..6bda3549
--- /dev/null
+++ b/3P/wolfssl/examples/echoserver/echoserver.sln
@@ -0,0 +1,20 @@
+
+Microsoft Visual Studio Solution File, Format Version 9.00
+# Visual C++ Express 2005
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "echoserver", "echoserver.vcproj", "{4F3F3EF1-BB95-466A-87B2-A91C059D0197}"
+EndProject
+Global
+	GlobalSection(SolutionConfigurationPlatforms) = preSolution
+		Debug|Win32 = Debug|Win32
+		Release|Win32 = Release|Win32
+	EndGlobalSection
+	GlobalSection(ProjectConfigurationPlatforms) = postSolution
+		{4F3F3EF1-BB95-466A-87B2-A91C059D0197}.Debug|Win32.ActiveCfg = Debug|Win32
+		{4F3F3EF1-BB95-466A-87B2-A91C059D0197}.Debug|Win32.Build.0 = Debug|Win32
+		{4F3F3EF1-BB95-466A-87B2-A91C059D0197}.Release|Win32.ActiveCfg = Release|Win32
+		{4F3F3EF1-BB95-466A-87B2-A91C059D0197}.Release|Win32.Build.0 = Release|Win32
+	EndGlobalSection
+	GlobalSection(SolutionProperties) = preSolution
+		HideSolutionNode = FALSE
+	EndGlobalSection
+EndGlobal
diff --git a/3P/wolfssl/examples/echoserver/echoserver.vcproj b/3P/wolfssl/examples/echoserver/echoserver.vcproj
new file mode 100755
index 00000000..0fc396f0
--- /dev/null
+++ b/3P/wolfssl/examples/echoserver/echoserver.vcproj
@@ -0,0 +1,197 @@
+
+
+	
+		
+	
+	
+	
+	
+		
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+		
+		
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+		
+	
+	
+	
+	
+		
+			
+			
+		
+		
+		
+		
+		
+	
+	
+	
+
diff --git a/3P/wolfssl/examples/echoserver/echoserver.vcxproj b/3P/wolfssl/examples/echoserver/echoserver.vcxproj
new file mode 100644
index 00000000..0d07f2ac
--- /dev/null
+++ b/3P/wolfssl/examples/echoserver/echoserver.vcxproj
@@ -0,0 +1,175 @@
+
+
+  
+    
+      Debug
+      Win32
+    
+    
+      Debug
+      x64
+    
+    
+      Release
+      Win32
+    
+    
+      Release
+      x64
+    
+  
+  
+    {07D97C48-E08F-4E34-9F67-3064039FF2CB}
+    echoserver
+    Win32Proj
+  
+  
+  
+    Application
+    v110
+    Unicode
+    true
+  
+  
+    Application
+    v110
+    Unicode
+    true
+  
+  
+    Application
+    v110
+    Unicode
+  
+  
+    Application
+    v110
+    Unicode
+  
+  
+  
+  
+  
+    
+  
+  
+    
+  
+  
+    
+  
+  
+    
+  
+  
+  
+    <_ProjectFileVersion>11.0.61030.0
+  
+  
+    $(SolutionDir)$(Configuration)\
+    $(Configuration)\
+    true
+  
+  
+    true
+  
+  
+    $(SolutionDir)$(Configuration)\
+    $(Configuration)\
+    false
+  
+  
+    false
+  
+  
+    
+      Disabled
+      ../../;%(AdditionalIncludeDirectories)
+      USE_ANY_ADDR;OPENSSL_EXTRA;NO_PSK;%(PreprocessorDefinitions)
+      true
+      EnableFastChecks
+      MultiThreadedDebugDLL
+      
+      Level3
+      EditAndContinue
+    
+    
+      Ws2_32.lib;%(AdditionalDependencies)
+      true
+      Console
+      MachineX86
+    
+  
+  
+    
+      Disabled
+      ../../;%(AdditionalIncludeDirectories)
+      USE_ANY_ADDR;OPENSSL_EXTRA;NO_PSK;%(PreprocessorDefinitions)
+      EnableFastChecks
+      MultiThreadedDebugDLL
+      
+      
+      Level3
+      ProgramDatabase
+    
+    
+      Ws2_32.lib;%(AdditionalDependencies)
+      true
+      Console
+    
+  
+  
+    
+      MaxSpeed
+      true
+      ../../;%(AdditionalIncludeDirectories)
+      USE_ANY_ADDR;OPENSSL_EXTRA;NO_PSK;%(PreprocessorDefinitions)
+      MultiThreadedDLL
+      true
+      
+      Level3
+      ProgramDatabase
+    
+    
+      Ws2_32.lib;%(AdditionalDependencies)
+      true
+      Console
+      true
+      true
+      MachineX86
+    
+  
+  
+    
+      MaxSpeed
+      true
+      ../../;%(AdditionalIncludeDirectories)
+      USE_ANY_ADDR;OPENSSL_EXTRA;NO_PSK;%(PreprocessorDefinitions)
+      MultiThreadedDLL
+      true
+      
+      
+      Level3
+      ProgramDatabase
+    
+    
+      Ws2_32.lib;%(AdditionalDependencies)
+      true
+      Console
+      true
+      true
+    
+  
+  
+    
+  
+  
+    
+      {73973223-5ee8-41ca-8e88-1d60e89a237b}
+      false
+    
+  
+  
+  
+  
+
diff --git a/3P/wolfssl/examples/echoserver/include.am b/3P/wolfssl/examples/echoserver/include.am
new file mode 100644
index 00000000..a8431219
--- /dev/null
+++ b/3P/wolfssl/examples/echoserver/include.am
@@ -0,0 +1,19 @@
+# vim:ft=automake
+# included from Top Level Makefile.am
+# All paths should be given relative to the root
+
+
+if BUILD_EXAMPLES
+noinst_PROGRAMS += examples/echoserver/echoserver
+noinst_HEADERS += examples/echoserver/echoserver.h
+examples_echoserver_echoserver_SOURCES      = examples/echoserver/echoserver.c
+examples_echoserver_echoserver_LDADD        = src/libwolfssl.la
+examples_echoserver_echoserver_DEPENDENCIES = src/libwolfssl.la
+endif
+EXTRA_DIST += examples/echoserver/echoserver.sln
+EXTRA_DIST += examples/echoserver/echoserver-ntru.vcproj
+EXTRA_DIST += examples/echoserver/echoserver.vcproj
+EXTRA_DIST += examples/echoserver/echoserver.vcxproj
+
+dist_example_DATA+= examples/echoserver/echoserver.c
+DISTCLEANFILES+= examples/echoserver/.libs/echoserver
diff --git a/3P/wolfssl/examples/server/include.am b/3P/wolfssl/examples/server/include.am
new file mode 100644
index 00000000..bd703768
--- /dev/null
+++ b/3P/wolfssl/examples/server/include.am
@@ -0,0 +1,20 @@
+# vim:ft=automake
+# included from Top Level Makefile.am
+# All paths should be given relative to the root
+
+
+if BUILD_EXAMPLES
+noinst_PROGRAMS += examples/server/server
+noinst_HEADERS += examples/server/server.h
+examples_server_server_SOURCES      = examples/server/server.c
+examples_server_server_LDADD        = src/libwolfssl.la
+examples_server_server_DEPENDENCIES = src/libwolfssl.la
+endif
+EXTRA_DIST += examples/server/server.sln
+EXTRA_DIST += examples/server/server-ntru.vcproj
+EXTRA_DIST += examples/server/server.vcproj
+EXTRA_DIST += examples/server/server.vcxproj
+
+dist_example_DATA+= examples/server/server.c
+DISTCLEANFILES+= examples/server/.libs/server
+
diff --git a/3P/wolfssl/examples/server/server-ntru.vcproj b/3P/wolfssl/examples/server/server-ntru.vcproj
new file mode 100755
index 00000000..c6e204b7
--- /dev/null
+++ b/3P/wolfssl/examples/server/server-ntru.vcproj
@@ -0,0 +1,199 @@
+
+
+	
+		
+	
+	
+	
+	
+		
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+		
+		
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+		
+	
+	
+	
+	
+		
+			
+			
+		
+		
+		
+		
+		
+	
+	
+	
+
diff --git a/3P/wolfssl/examples/server/server.c b/3P/wolfssl/examples/server/server.c
new file mode 100644
index 00000000..1639f86b
--- /dev/null
+++ b/3P/wolfssl/examples/server/server.c
@@ -0,0 +1,662 @@
+/* server.c
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+#ifdef HAVE_CONFIG_H
+    #include 
+#endif
+#include  /* name change portability layer */
+
+#include 
+#ifdef HAVE_ECC
+    #include    /* ecc_fp_free */
+#endif
+
+#if !defined(CYASSL_TRACK_MEMORY) && !defined(NO_MAIN_DRIVER)
+    /* in case memory tracker wants stats */
+    #define CYASSL_TRACK_MEMORY
+#endif
+
+#if defined(CYASSL_MDK_ARM)
+        #include 
+        #include 
+
+        #if defined(CYASSL_MDK5)
+            #include "cmsis_os.h"
+            #include "rl_fs.h" 
+            #include "rl_net.h" 
+        #else
+            #include "rtl.h"
+        #endif
+
+        #include "cyassl_MDK_ARM.h"
+#endif
+#include 
+#include 
+
+#include "examples/server/server.h"
+
+
+#ifdef CYASSL_CALLBACKS
+    int srvHandShakeCB(HandShakeInfo*);
+    int srvTimeoutCB(TimeoutInfo*);
+    Timeval srvTo;
+#endif
+
+static void NonBlockingSSL_Accept(SSL* ssl)
+{
+#ifndef CYASSL_CALLBACKS
+    int ret = SSL_accept(ssl);
+#else
+    int ret = CyaSSL_accept_ex(ssl, srvHandShakeCB, srvTimeoutCB, srvTo);
+#endif
+    int error = SSL_get_error(ssl, 0);
+    SOCKET_T sockfd = (SOCKET_T)CyaSSL_get_fd(ssl);
+    int select_ret;
+
+    while (ret != SSL_SUCCESS && (error == SSL_ERROR_WANT_READ ||
+                                  error == SSL_ERROR_WANT_WRITE)) {
+        int currTimeout = 1;
+
+        if (error == SSL_ERROR_WANT_READ)
+            printf("... server would read block\n");
+        else
+            printf("... server would write block\n");
+
+#ifdef CYASSL_DTLS
+        currTimeout = CyaSSL_dtls_get_current_timeout(ssl);
+#endif
+        select_ret = tcp_select(sockfd, currTimeout);
+
+        if ((select_ret == TEST_RECV_READY) ||
+                                        (select_ret == TEST_ERROR_READY)) {
+            #ifndef CYASSL_CALLBACKS
+                ret = SSL_accept(ssl);
+            #else
+                ret = CyaSSL_accept_ex(ssl,
+                                    srvHandShakeCB, srvTimeoutCB, srvTo);
+            #endif
+            error = SSL_get_error(ssl, 0);
+        }
+        else if (select_ret == TEST_TIMEOUT && !CyaSSL_dtls(ssl)) {
+            error = SSL_ERROR_WANT_READ;
+        }
+#ifdef CYASSL_DTLS
+        else if (select_ret == TEST_TIMEOUT && CyaSSL_dtls(ssl) &&
+                                            CyaSSL_dtls_got_timeout(ssl) >= 0) {
+            error = SSL_ERROR_WANT_READ;
+        }
+#endif
+        else {
+            error = SSL_FATAL_ERROR;
+        }
+    }
+    if (ret != SSL_SUCCESS)
+        err_sys("SSL_accept failed");
+}
+
+
+static void Usage(void)
+{
+    printf("server "    LIBCYASSL_VERSION_STRING
+           " NOTE: All files relative to wolfSSL home dir\n");
+    printf("-?          Help, print this usage\n");
+    printf("-p     Port to listen on, not 0, default %d\n", yasslPort);
+    printf("-v     SSL version [0-3], SSLv3(0) - TLS1.2(3)), default %d\n",
+                                 SERVER_DEFAULT_VERSION);
+    printf("-l     Cipher list\n");
+    printf("-c    Certificate file,           default %s\n", svrCert);
+    printf("-k    Key file,                   default %s\n", svrKey);
+    printf("-A    Certificate Authority file, default %s\n", cliCert);
+    printf("-d          Disable client cert check\n");
+    printf("-b          Bind to any interface instead of localhost only\n");
+    printf("-s          Use pre Shared keys\n");
+    printf("-t          Track wolfSSL memory use\n");
+    printf("-u          Use UDP DTLS,"
+           " add -v 2 for DTLSv1 (default), -v 3 for DTLSv1.2\n");
+    printf("-f          Fewer packets/group messages\n");
+    printf("-r          Create server ready file, for external monitor\n");
+    printf("-N          Use Non-blocking sockets\n");
+    printf("-S     Use Host Name Indication\n");
+    printf("-w          Wait for bidirectional shutdown\n");
+#ifdef HAVE_OCSP
+    printf("-o          Perform OCSP lookup on peer certificate\n");
+    printf("-O     Perform OCSP lookup using  as responder\n");
+#endif
+#ifdef HAVE_PK_CALLBACKS 
+    printf("-P          Public Key Callbacks\n");
+#endif
+#ifdef HAVE_ANON
+    printf("-a          Anonymous server\n");
+#endif
+}
+
+THREAD_RETURN CYASSL_THREAD server_test(void* args)
+{
+    SOCKET_T sockfd   = 0;
+    SOCKET_T clientfd = 0;
+
+    SSL_METHOD* method = 0;
+    SSL_CTX*    ctx    = 0;
+    SSL*        ssl    = 0;
+
+    char   msg[] = "I hear you fa shizzle!";
+    char   input[80];
+    int    idx;
+    int    ch;
+    int    version = SERVER_DEFAULT_VERSION;
+    int    doCliCertCheck = 1;
+    int    useAnyAddr = 0;
+    word16 port = yasslPort;
+    int    usePsk = 0;
+    int    useAnon = 0;
+    int    doDTLS = 0;
+    int    useNtruKey   = 0;
+    int    nonBlocking  = 0;
+    int    trackMemory  = 0;
+    int    fewerPackets = 0;
+    int    pkCallbacks  = 0;
+    int    serverReadyFile = 0;
+    int    wc_shutdown        = 0;
+    int    ret;
+    char*  cipherList = NULL;
+    const char* verifyCert = cliCert;
+    const char* ourCert    = svrCert;
+    const char* ourKey     = svrKey;
+    int    argc = ((func_args*)args)->argc;
+    char** argv = ((func_args*)args)->argv;
+
+#ifdef HAVE_SNI
+    char*  sniHostName = NULL;
+#endif
+
+#ifdef HAVE_OCSP
+    int    useOcsp  = 0;
+    char*  ocspUrl  = NULL;
+#endif
+
+    ((func_args*)args)->return_code = -1; /* error state */
+
+#ifdef NO_RSA
+    verifyCert = (char*)cliEccCert;
+    ourCert    = (char*)eccCert;
+    ourKey     = (char*)eccKey;
+#endif
+    (void)trackMemory;
+    (void)pkCallbacks;
+
+#ifdef CYASSL_TIRTOS
+    fdOpenSession(Task_self());
+#endif
+
+    while ((ch = mygetopt(argc, argv, "?dbstnNufrawPp:v:l:A:c:k:S:oO:")) != -1) {
+        switch (ch) {
+            case '?' :
+                Usage();
+                exit(EXIT_SUCCESS);
+
+            case 'd' :
+                doCliCertCheck = 0;
+                break;
+
+            case 'b' :
+                useAnyAddr = 1;
+                break;
+
+            case 's' :
+                usePsk = 1;
+                break;
+
+            case 't' :
+            #ifdef USE_CYASSL_MEMORY
+                trackMemory = 1;
+            #endif
+                break;
+
+            case 'n' :
+                useNtruKey = 1;
+                break;
+
+            case 'u' :
+                doDTLS  = 1;
+                break;
+
+            case 'f' :
+                fewerPackets = 1;
+                break;
+
+            case 'r' :
+                serverReadyFile = 1;
+                break;
+
+            case 'P' :
+            #ifdef HAVE_PK_CALLBACKS 
+                pkCallbacks = 1;
+            #endif
+                break;
+
+            case 'p' :
+                port = (word16)atoi(myoptarg);
+                #if !defined(NO_MAIN_DRIVER) || defined(USE_WINDOWS_API)
+                    if (port == 0)
+                        err_sys("port number cannot be 0");
+                #endif
+                break;
+
+            case 'w' :
+                wc_shutdown = 1;
+                break;
+
+            case 'v' :
+                version = atoi(myoptarg);
+                if (version < 0 || version > 3) {
+                    Usage();
+                    exit(MY_EX_USAGE);
+                }
+                break;
+
+            case 'l' :
+                cipherList = myoptarg;
+                break;
+
+            case 'A' :
+                verifyCert = myoptarg;
+                break;
+
+            case 'c' :
+                ourCert = myoptarg;
+                break;
+
+            case 'k' :
+                ourKey = myoptarg;
+                break;
+
+            case 'N':
+                nonBlocking = 1;
+                break;
+
+            case 'S' :
+                #ifdef HAVE_SNI
+                    sniHostName = myoptarg;
+                #endif
+                break;
+
+            case 'o' :
+                #ifdef HAVE_OCSP
+                    useOcsp = 1;
+                #endif
+                break;
+
+            case 'O' :
+                #ifdef HAVE_OCSP
+                    useOcsp = 1;
+                    ocspUrl = myoptarg;
+                #endif
+                break;
+
+            case 'a' :
+                #ifdef HAVE_ANON
+                    useAnon = 1;
+                #endif
+                break;
+
+            default:
+                Usage();
+                exit(MY_EX_USAGE);
+        }
+    }
+
+    myoptind = 0;      /* reset for test cases */
+
+    /* sort out DTLS versus TLS versions */
+    if (version == CLIENT_INVALID_VERSION) {
+        if (doDTLS)
+            version = CLIENT_DTLS_DEFAULT_VERSION;
+        else
+            version = CLIENT_DEFAULT_VERSION;
+    }
+    else {
+        if (doDTLS) {
+            if (version == 3)
+                version = -2;
+            else
+                version = -1;
+        }
+    }
+
+#ifdef USE_CYASSL_MEMORY
+    if (trackMemory)
+        InitMemoryTracker(); 
+#endif
+
+    switch (version) {
+#ifndef NO_OLD_TLS
+        case 0:
+            method = SSLv3_server_method();
+            break;
+
+    #ifndef NO_TLS
+        case 1:
+            method = TLSv1_server_method();
+            break;
+
+
+        case 2:
+            method = TLSv1_1_server_method();
+            break;
+
+        #endif
+#endif
+
+#ifndef NO_TLS
+        case 3:
+            method = TLSv1_2_server_method();
+            break;
+#endif
+                
+#ifdef CYASSL_DTLS
+        case -1:
+            method = DTLSv1_server_method();
+            break;
+
+        case -2:
+            method = DTLSv1_2_server_method();
+            break;
+#endif
+
+        default:
+            err_sys("Bad SSL version");
+    }
+
+    if (method == NULL)
+        err_sys("unable to get method");
+
+    ctx = SSL_CTX_new(method);
+    if (ctx == NULL)
+        err_sys("unable to get ctx");
+
+    if (cipherList)
+        if (SSL_CTX_set_cipher_list(ctx, cipherList) != SSL_SUCCESS)
+            err_sys("server can't set cipher list 1");
+
+#ifdef CYASSL_LEANPSK
+    usePsk = 1;
+#endif
+
+#if defined(NO_RSA) && !defined(HAVE_ECC)
+    usePsk = 1;
+#endif
+
+    if (fewerPackets)
+        CyaSSL_CTX_set_group_messages(ctx);
+
+#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER)
+    SSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack);
+#endif
+
+#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS)
+    if (!usePsk && !useAnon) {
+        if (SSL_CTX_use_certificate_file(ctx, ourCert, SSL_FILETYPE_PEM)
+                                         != SSL_SUCCESS)
+            err_sys("can't load server cert file, check file and run from"
+                    " wolfSSL home dir");
+    }
+#endif
+
+#ifdef HAVE_NTRU
+    if (useNtruKey) {
+        if (CyaSSL_CTX_use_NTRUPrivateKey_file(ctx, ourKey)
+                                               != SSL_SUCCESS)
+            err_sys("can't load ntru key file, "
+                    "Please run from wolfSSL home dir");
+    }
+#endif
+
+#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS)
+    if (!useNtruKey && !usePsk && !useAnon) {
+        if (SSL_CTX_use_PrivateKey_file(ctx, ourKey, SSL_FILETYPE_PEM)
+                                         != SSL_SUCCESS)
+            err_sys("can't load server private key file, check file and run "
+                "from wolfSSL home dir");
+    }
+#endif
+
+    if (usePsk) {
+#ifndef NO_PSK
+        SSL_CTX_set_psk_server_callback(ctx, my_psk_server_cb);
+        SSL_CTX_use_psk_identity_hint(ctx, "cyassl server");
+        if (cipherList == NULL) {
+            const char *defaultCipherList;
+            #ifdef HAVE_NULL_CIPHER
+                defaultCipherList = "PSK-NULL-SHA256";
+            #else
+                defaultCipherList = "PSK-AES128-CBC-SHA256";
+            #endif
+            if (SSL_CTX_set_cipher_list(ctx, defaultCipherList) != SSL_SUCCESS)
+                err_sys("server can't set cipher list 2");
+        }
+#endif
+    }
+
+    if (useAnon) {
+#ifdef HAVE_ANON
+        CyaSSL_CTX_allow_anon_cipher(ctx);
+        if (cipherList == NULL) {
+            if (SSL_CTX_set_cipher_list(ctx, "ADH-AES128-SHA") != SSL_SUCCESS)
+                err_sys("server can't set cipher list 4");
+        }
+#endif
+    }
+
+#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS)
+    /* if not using PSK, verify peer with certs */
+    if (doCliCertCheck && usePsk == 0 && useAnon == 0) {
+        SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER |
+                                SSL_VERIFY_FAIL_IF_NO_PEER_CERT,0);
+        if (SSL_CTX_load_verify_locations(ctx, verifyCert, 0) != SSL_SUCCESS)
+            err_sys("can't load ca file, Please run from wolfSSL home dir");
+    }
+#endif
+
+#if defined(CYASSL_SNIFFER) && !defined(HAVE_NTRU) && !defined(HAVE_ECC)
+    /* don't use EDH, can't sniff tmp keys */
+    if (cipherList == NULL) {
+        if (SSL_CTX_set_cipher_list(ctx, "AES256-SHA256") != SSL_SUCCESS)
+            err_sys("server can't set cipher list 3");
+    }
+#endif
+
+#ifdef HAVE_SNI
+    if (sniHostName)
+        if (CyaSSL_CTX_UseSNI(ctx, CYASSL_SNI_HOST_NAME, sniHostName,
+                                           XSTRLEN(sniHostName)) != SSL_SUCCESS)
+            err_sys("UseSNI failed");
+#endif
+
+    ssl = SSL_new(ctx);
+    if (ssl == NULL)
+        err_sys("unable to get SSL");
+
+#ifdef HAVE_CRL
+    CyaSSL_EnableCRL(ssl, 0);
+    CyaSSL_LoadCRL(ssl, crlPemDir, SSL_FILETYPE_PEM, CYASSL_CRL_MONITOR |
+                                                     CYASSL_CRL_START_MON);
+    CyaSSL_SetCRL_Cb(ssl, CRL_CallBack);
+#endif
+#ifdef HAVE_OCSP
+    if (useOcsp) {
+        if (ocspUrl != NULL) {
+            CyaSSL_CTX_SetOCSP_OverrideURL(ctx, ocspUrl);
+            CyaSSL_CTX_EnableOCSP(ctx, CYASSL_OCSP_NO_NONCE
+                                                    | CYASSL_OCSP_URL_OVERRIDE);
+        }
+        else
+            CyaSSL_CTX_EnableOCSP(ctx, CYASSL_OCSP_NO_NONCE);
+    }
+#endif
+#ifdef HAVE_PK_CALLBACKS
+    if (pkCallbacks)
+        SetupPkCallbacks(ctx, ssl);
+#endif
+
+    tcp_accept(&sockfd, &clientfd, (func_args*)args, port, useAnyAddr, doDTLS,
+               serverReadyFile);
+    if (!doDTLS) 
+        CloseSocket(sockfd);
+
+    SSL_set_fd(ssl, clientfd);
+    if (usePsk == 0 || useAnon == 1 || cipherList != NULL) {
+        #if !defined(NO_FILESYSTEM) && !defined(NO_DH)
+            CyaSSL_SetTmpDH_file(ssl, dhParam, SSL_FILETYPE_PEM);
+        #elif !defined(NO_DH)
+            SetDH(ssl);  /* repick suites with DHE, higher priority than PSK */
+        #endif
+    }
+
+#ifndef CYASSL_CALLBACKS
+    if (nonBlocking) {
+        CyaSSL_set_using_nonblock(ssl, 1);
+        tcp_set_nonblocking(&clientfd);
+        NonBlockingSSL_Accept(ssl);
+    } else if (SSL_accept(ssl) != SSL_SUCCESS) {
+        int err = SSL_get_error(ssl, 0);
+        char buffer[CYASSL_MAX_ERROR_SZ];
+        printf("error = %d, %s\n", err, ERR_error_string(err, buffer));
+        err_sys("SSL_accept failed");
+    }
+#else
+    NonBlockingSSL_Accept(ssl);
+#endif
+    showPeer(ssl);
+
+    idx = SSL_read(ssl, input, sizeof(input)-1);
+    if (idx > 0) {
+        input[idx] = 0;
+        printf("Client message: %s\n", input);
+
+    }
+    else if (idx < 0) {
+        int readErr = SSL_get_error(ssl, 0);
+        if (readErr != SSL_ERROR_WANT_READ)
+            err_sys("SSL_read failed");
+    }
+
+    if (SSL_write(ssl, msg, sizeof(msg)) != sizeof(msg))
+        err_sys("SSL_write failed");
+        
+    #if defined(CYASSL_MDK_SHELL) && defined(HAVE_MDK_RTX)
+        os_dly_wait(500) ;
+    #elif defined (CYASSL_TIRTOS)
+        Task_yield();
+    #endif
+
+    ret = SSL_shutdown(ssl);
+    if (wc_shutdown && ret == SSL_SHUTDOWN_NOT_DONE)
+        SSL_shutdown(ssl);    /* bidirectional shutdown */
+    SSL_free(ssl);
+    SSL_CTX_free(ctx);
+    
+    CloseSocket(clientfd);
+    ((func_args*)args)->return_code = 0;
+
+
+#if defined(NO_MAIN_DRIVER) && defined(HAVE_ECC) && defined(FP_ECC) \
+                            && defined(HAVE_THREAD_LS)
+    ecc_fp_free();  /* free per thread cache */
+#endif
+
+#ifdef USE_CYASSL_MEMORY
+    if (trackMemory)
+        ShowMemoryTracker();
+#endif
+
+#ifdef CYASSL_TIRTOS
+    fdCloseSession(Task_self());
+#endif
+
+#ifndef CYASSL_TIRTOS
+    return 0;
+#endif
+}
+
+
+/* so overall tests can pull in test function */
+#ifndef NO_MAIN_DRIVER
+
+    int main(int argc, char** argv)
+    {
+        func_args args;
+
+#ifdef HAVE_CAVIUM
+        int ret = OpenNitroxDevice(CAVIUM_DIRECT, CAVIUM_DEV_ID);
+        if (ret != 0)
+            err_sys("Cavium OpenNitroxDevice failed");
+#endif /* HAVE_CAVIUM */
+
+        StartTCP();
+
+        args.argc = argc;
+        args.argv = argv;
+
+        CyaSSL_Init();
+#if defined(DEBUG_CYASSL) && !defined(CYASSL_MDK_SHELL)
+        CyaSSL_Debugging_ON();
+#endif
+        if (CurrentDir("server"))
+            ChangeDirBack(2);
+        else if (CurrentDir("Debug") || CurrentDir("Release"))
+            ChangeDirBack(3);
+   
+#ifdef HAVE_STACK_SIZE
+        StackSizeCheck(&args, server_test);
+#else 
+        server_test(&args);
+#endif
+        CyaSSL_Cleanup();
+
+#ifdef HAVE_CAVIUM
+        CspShutdown(CAVIUM_DEV_ID);
+#endif
+        return args.return_code;
+    }
+
+    int myoptind = 0;
+    char* myoptarg = NULL;
+
+#endif /* NO_MAIN_DRIVER */
+
+
+#ifdef CYASSL_CALLBACKS
+
+    int srvHandShakeCB(HandShakeInfo* info)
+    {
+        (void)info;
+        return 0;
+    }
+
+
+    int srvTimeoutCB(TimeoutInfo* info)
+    {
+        (void)info;
+        return 0;
+    }
+
+#endif
+
diff --git a/3P/wolfssl/examples/server/server.h b/3P/wolfssl/examples/server/server.h
new file mode 100644
index 00000000..b3f6b1d9
--- /dev/null
+++ b/3P/wolfssl/examples/server/server.h
@@ -0,0 +1,24 @@
+/* server.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+#pragma once
+
+THREAD_RETURN CYASSL_THREAD server_test(void* args);
diff --git a/3P/wolfssl/examples/server/server.sln b/3P/wolfssl/examples/server/server.sln
new file mode 100755
index 00000000..7c9de302
--- /dev/null
+++ b/3P/wolfssl/examples/server/server.sln
@@ -0,0 +1,20 @@
+
+Microsoft Visual Studio Solution File, Format Version 9.00
+# Visual C++ Express 2005
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "server", "server.vcproj", "{13A60276-EFB2-4D3F-AFC3-D66E4C4CC27B}"
+EndProject
+Global
+	GlobalSection(SolutionConfigurationPlatforms) = preSolution
+		Debug|Win32 = Debug|Win32
+		Release|Win32 = Release|Win32
+	EndGlobalSection
+	GlobalSection(ProjectConfigurationPlatforms) = postSolution
+		{13A60276-EFB2-4D3F-AFC3-D66E4C4CC27B}.Debug|Win32.ActiveCfg = Debug|Win32
+		{13A60276-EFB2-4D3F-AFC3-D66E4C4CC27B}.Debug|Win32.Build.0 = Debug|Win32
+		{13A60276-EFB2-4D3F-AFC3-D66E4C4CC27B}.Release|Win32.ActiveCfg = Release|Win32
+		{13A60276-EFB2-4D3F-AFC3-D66E4C4CC27B}.Release|Win32.Build.0 = Release|Win32
+	EndGlobalSection
+	GlobalSection(SolutionProperties) = preSolution
+		HideSolutionNode = FALSE
+	EndGlobalSection
+EndGlobal
diff --git a/3P/wolfssl/examples/server/server.vcproj b/3P/wolfssl/examples/server/server.vcproj
new file mode 100755
index 00000000..ebb1af4a
--- /dev/null
+++ b/3P/wolfssl/examples/server/server.vcproj
@@ -0,0 +1,197 @@
+
+
+	
+		
+	
+	
+	
+	
+		
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+		
+		
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+		
+	
+	
+	
+	
+		
+			
+			
+		
+		
+		
+		
+		
+	
+	
+	
+
diff --git a/3P/wolfssl/examples/server/server.vcxproj b/3P/wolfssl/examples/server/server.vcxproj
new file mode 100644
index 00000000..c04ab754
--- /dev/null
+++ b/3P/wolfssl/examples/server/server.vcxproj
@@ -0,0 +1,175 @@
+
+
+  
+    
+      Debug
+      Win32
+    
+    
+      Debug
+      x64
+    
+    
+      Release
+      Win32
+    
+    
+      Release
+      x64
+    
+  
+  
+    {E9FB0BA5-BA46-4A59-A953-39C18CD1DCB1}
+    server
+    Win32Proj
+  
+  
+  
+    Application
+    v110
+    Unicode
+    true
+  
+  
+    Application
+    v110
+    Unicode
+    true
+  
+  
+    Application
+    v110
+    Unicode
+  
+  
+    Application
+    v110
+    Unicode
+  
+  
+  
+  
+  
+    
+  
+  
+    
+  
+  
+    
+  
+  
+    
+  
+  
+  
+    <_ProjectFileVersion>11.0.61030.0
+  
+  
+    $(SolutionDir)$(Configuration)\
+    $(Configuration)\
+    true
+  
+  
+    true
+  
+  
+    $(SolutionDir)$(Configuration)\
+    $(Configuration)\
+    false
+  
+  
+    false
+  
+  
+    
+      Disabled
+      ../../;%(AdditionalIncludeDirectories)
+      WIN32;_DEBUG;_CONSOLE;OPENSSL_EXTRA;NO_PSK;%(PreprocessorDefinitions)
+      true
+      EnableFastChecks
+      MultiThreadedDebugDLL
+      
+      Level3
+      EditAndContinue
+    
+    
+      Ws2_32.lib;%(AdditionalDependencies)
+      true
+      Console
+      MachineX86
+    
+  
+  
+    
+      Disabled
+      ../../;%(AdditionalIncludeDirectories)
+      WIN32;_DEBUG;_CONSOLE;OPENSSL_EXTRA;NO_PSK;%(PreprocessorDefinitions)
+      EnableFastChecks
+      MultiThreadedDebugDLL
+      
+      
+      Level3
+      ProgramDatabase
+    
+    
+      Ws2_32.lib;%(AdditionalDependencies)
+      true
+      Console
+    
+  
+  
+    
+      MaxSpeed
+      true
+      ../../;%(AdditionalIncludeDirectories)
+      WIN32;NDEBUG;_CONSOLE;OPENSSL_EXTRA;NO_PSK;%(PreprocessorDefinitions)
+      MultiThreadedDLL
+      true
+      
+      Level3
+      ProgramDatabase
+    
+    
+      Ws2_32.lib;%(AdditionalDependencies)
+      true
+      Console
+      true
+      true
+      MachineX86
+    
+  
+  
+    
+      MaxSpeed
+      true
+      ../../;%(AdditionalIncludeDirectories)
+      WIN32;NDEBUG;_CONSOLE;OPENSSL_EXTRA;NO_PSK;%(PreprocessorDefinitions)
+      MultiThreadedDLL
+      true
+      
+      
+      Level3
+      ProgramDatabase
+    
+    
+      Ws2_32.lib;%(AdditionalDependencies)
+      true
+      Console
+      true
+      true
+    
+  
+  
+    
+  
+  
+    
+      {73973223-5ee8-41ca-8e88-1d60e89a237b}
+      false
+    
+  
+  
+  
+  
+
diff --git a/3P/wolfssl/gencertbuf.pl b/3P/wolfssl/gencertbuf.pl
new file mode 100755
index 00000000..257b17b0
--- /dev/null
+++ b/3P/wolfssl/gencertbuf.pl
@@ -0,0 +1,124 @@
+#!/usr/bin/perl
+
+# gencertbuf.pl
+# version 1.1
+# Updated 07/01/2014
+#
+# Copyright (C) 2006-2015 wolfSSL Inc.
+#
+
+use strict;
+use warnings;
+
+# ---- SCRIPT SETTINGS -------------------------------------------------------
+
+# output C header file to write cert/key buffers to
+my $outputFile = "./wolfssl/certs_test.h";
+
+# 1024-bit certs/keys to be converted
+# Used with USE_CERT_BUFFERS_1024 define.
+
+my @fileList_1024 = (
+        [ "./certs/1024/client-key.der", "client_key_der_1024" ],
+        [ "./certs/1024/client-cert.der", "client_cert_der_1024" ],
+        [ "./certs/1024/dh1024.der", "dh_key_der_1024" ],
+        [ "./certs/1024/dsa1024.der", "dsa_key_der_1024" ],
+        [ "./certs/1024/rsa1024.der", "rsa_key_der_1024" ]
+        );
+
+# 2048-bit certs/keys to be converted
+# Used with USE_CERT_BUFFERS_2048 define.
+
+my @fileList_2048 = (
+        [ "./certs/client-key.der", "client_key_der_2048" ],
+        [ "./certs/client-cert.der", "client_cert_der_2048" ],
+        [ "./certs/dh2048.der", "dh_key_der_2048" ],
+        [ "./certs/dsa2048.der", "dsa_key_der_2048" ],
+        [ "./certs/rsa2048.der", "rsa_key_der_2048" ],
+        [ "./certs/ca-cert.der", "ca_cert_der_2048" ],
+        [ "./certs/server-key.der", "server_key_der_2048" ],
+        [ "./certs/server-cert.der", "server_cert_der_2048" ]
+        );
+
+# ----------------------------------------------------------------------------
+
+my $num_1024 = @fileList_1024;
+my $num_2048 = @fileList_2048;
+
+# open our output file, "+>" creates and/or truncates
+open OUT_FILE, "+>", $outputFile  or die $!;
+
+print OUT_FILE "/* certs_test.h */\n\n";
+print OUT_FILE "#ifndef WOLFSSL_CERTS_TEST_H\n";
+print OUT_FILE "#define WOLFSSL_CERTS_TEST_H\n\n";
+
+# convert and print 1024-bit cert/keys
+print OUT_FILE "#ifdef USE_CERT_BUFFERS_1024\n\n";
+for (my $i = 0; $i < $num_1024; $i++) {
+
+    my $fname = $fileList_1024[$i][0];
+    my $sname = $fileList_1024[$i][1];
+
+    print OUT_FILE "/* $fname, 1024-bit */\n";
+    print OUT_FILE "const unsigned char $sname\[] =\n";
+    print OUT_FILE "{\n";
+    file_to_hex($fname);
+    print OUT_FILE "};\n";
+    print OUT_FILE "const int sizeof_$sname = sizeof($sname);\n\n";
+}
+
+# convert and print 2048-bit certs/keys
+print OUT_FILE "#elif defined(USE_CERT_BUFFERS_2048)\n\n";
+for (my $i = 0; $i < $num_2048; $i++) {
+
+    my $fname = $fileList_2048[$i][0];
+    my $sname = $fileList_2048[$i][1];
+
+    print OUT_FILE "/* $fname, 2048-bit */\n";
+    print OUT_FILE "const unsigned char $sname\[] =\n";
+    print OUT_FILE "{\n";
+    file_to_hex($fname);
+    print OUT_FILE "};\n";
+    print OUT_FILE "const int sizeof_$sname = sizeof($sname);\n\n";
+}
+
+print OUT_FILE "#endif /* USE_CERT_BUFFERS_1024 */\n\n";
+print OUT_FILE "#endif /* CYASSL_CERTS_TEST_H */\n\n";
+
+# close certs_test.h file
+close OUT_FILE or die $!;
+
+# print file as hex, comma-separated, as needed by C buffer
+sub file_to_hex {
+    my $fileName = $_[0];
+
+    open my $fp, "<", $fileName or die $!;
+    binmode($fp);
+
+    my $fileLen = -s $fileName;
+    my $byte;
+
+    for (my $i = 0, my $j = 1; $i < $fileLen; $i++, $j++)
+    {
+        if ($j == 1) {
+            print OUT_FILE "\t";
+        }
+        read($fp, $byte, 1) or die "Error reading $fileName";
+        my $output = sprintf("0x%02X", ord($byte));
+        print OUT_FILE $output;
+
+        if ($i != ($fileLen - 1)) {
+            print OUT_FILE ", ";
+        }
+
+        if ($j == 10) {
+            $j = 0;
+            print OUT_FILE "\n";
+        }
+    }
+
+    print OUT_FILE "\n";
+
+    close($fp); 
+}
+
diff --git a/3P/wolfssl/input b/3P/wolfssl/input
new file mode 100644
index 00000000..06dbbf07
--- /dev/null
+++ b/3P/wolfssl/input
@@ -0,0 +1,87 @@
+/* echoclient.c  */
+
+#include "openssl/ssl.h"
+#include "../test.h"
+
+
+int main(int argc, char** argv)
+{
+    SOCKET_T sockfd = 0;
+
+    FILE* fin  = stdin;
+    FILE* fout = stdout;
+
+    int inCreated  = 0;
+    int outCreated = 0;
+
+    char send[1024];
+    char reply[1024];
+
+    SSL_METHOD* method = 0;
+    SSL_CTX*    ctx    = 0;
+    SSL*        ssl    = 0;
+
+#ifdef _WIN32
+    WSADATA wsd;
+    WSAStartup(0x0002, &wsd);
+#endif
+
+    if (argc >= 2) {
+        fin  = fopen(argv[1], "r"); 
+        inCreated = 1;
+    }
+    if (argc >= 3) {
+        fout = fopen(argv[2], "w");
+        outCreated = 1;
+    }
+
+    if (!fin)  err_sys("can't open input file");
+    if (!fout) err_sys("can't open output file");
+
+    tcp_connect(&sockfd);
+
+    method = SSLv3_client_method();
+    ctx    = SSL_CTX_new(method);
+
+    if (SSL_CTX_load_verify_locations(ctx, caCert, 0) != SSL_SUCCESS)
+        err_sys("can't load ca file");
+
+    ssl = SSL_new(ctx);
+
+    SSL_set_fd(ssl, sockfd);
+    if (SSL_connect(ssl) != SSL_SUCCESS) err_sys("SSL_connect failed");
+
+    while (fgets(send, sizeof(send), fin)) {
+
+        int  sendSz = strlen(send) + 1;
+
+        if (SSL_write(ssl, send, sendSz) != sendSz)
+            err_sys("SSL_write failed");
+
+        if (strncmp(send, "quit", 4) == 0) {
+            fputs("sending server shutdown command: quit!\n", fout);
+            break;
+        }
+
+        if (SSL_read(ssl, reply, sizeof(reply)) > 0) 
+            fputs(reply, fout);
+    }
+
+    SSL_shutdown(ssl);
+    SSL_free(ssl);
+    SSL_CTX_free(ctx);
+
+    fflush(fout);
+    if (inCreated)  fclose(fin);
+    if (outCreated) fclose(fout);
+
+#ifdef _WIN32
+    closesocket(sockfd);
+#else
+    close(sockfd);
+#endif
+
+    return 0;
+}
+
+
diff --git a/3P/wolfssl/lib/dummy b/3P/wolfssl/lib/dummy
new file mode 100644
index 00000000..13c3b18c
--- /dev/null
+++ b/3P/wolfssl/lib/dummy
@@ -0,0 +1,2 @@
+// this is a dummy file
+
diff --git a/3P/wolfssl/m4/ax_add_am_macro.m4 b/3P/wolfssl/m4/ax_add_am_macro.m4
new file mode 100644
index 00000000..51ce0d0c
--- /dev/null
+++ b/3P/wolfssl/m4/ax_add_am_macro.m4
@@ -0,0 +1,29 @@
+# ===========================================================================
+#      http://www.gnu.org/software/autoconf-archive/ax_add_am_macro.html
+# ===========================================================================
+#
+# SYNOPSIS
+#
+#   AX_ADD_AM_MACRO([RULE])
+#
+# DESCRIPTION
+#
+#   Adds the specified rule to $AMINCLUDE. This macro will only work
+#   properly with implementations of Make which allow include statements.
+#   See also AX_ADD_AM_MACRO_STATIC.
+#
+# LICENSE
+#
+#   Copyright (c) 2009 Tom Howard 
+#
+#   Copying and distribution of this file, with or without modification, are
+#   permitted in any medium without royalty provided the copyright notice
+#   and this notice are preserved. This file is offered as-is, without any
+#   warranty.
+
+#serial 9
+
+AC_DEFUN([AX_ADD_AM_MACRO],[
+  AC_REQUIRE([AX_AM_MACROS])
+  AX_APPEND_TO_FILE([$AMINCLUDE],[$1])
+])
diff --git a/3P/wolfssl/m4/ax_am_jobserver.m4 b/3P/wolfssl/m4/ax_am_jobserver.m4
new file mode 100644
index 00000000..85b3f8cc
--- /dev/null
+++ b/3P/wolfssl/m4/ax_am_jobserver.m4
@@ -0,0 +1,54 @@
+# ===========================================================================
+#      http://www.gnu.org/software/autoconf-archive/ax_am_jobserver.html
+# ===========================================================================
+#
+# SYNOPSIS
+#
+#   AX_AM_JOBSERVER([default_value])
+#
+# DESCRIPTION
+#
+#   Enables the use of make's jobserver for the purpose of parallel building
+#   by passing the -j option to make.
+#
+#   The option --enable-jobserver is added to configure which can accept a
+#   yes, no, or an integer. The integer is the number of separate jobs to
+#   allow. If 'yes' is given, then the is assumed to be one more than the
+#   number of CPUs (determined through AX_COUNT_CPUS). If the value of no is
+#   given, then the jobserver is disabled. The default value is given by the
+#   first argument of the macro, or 'yes' if the argument is omitted.
+#
+#   This macro makes use of AX_AM_MACROS, so you must add the following line
+#
+#     @INC_AMINCLUDE@
+#
+#   to your Makefile.am files.
+#
+# LICENSE
+#
+#   Copyright (c) 2008 Michael Paul Bailey 
+#
+#   Copying and distribution of this file, with or without modification, are
+#   permitted in any medium without royalty provided the copyright notice
+#   and this notice are preserved. This file is offered as-is, without any
+#   warranty.
+
+#serial 7
+
+AC_DEFUN([AX_AM_JOBSERVER], [
+    AC_REQUIRE([AX_COUNT_CPUS])
+    AC_REQUIRE([AX_AM_MACROS])
+    AC_ARG_ENABLE( jobserver,
+    [  --enable-jobserver@<:@=no/yes/@%:@@:>@ default=m4_ifval([$1],[$1],[yes])
+                        Enable up to @%:@ make jobs
+                        yes: enable one more than CPU count
+    ],, [enable_jobserver=m4_ifval([$1],[$1],[yes])])
+    if test "x$enable_jobserver" = "xyes"; then
+        let enable_jobserver=$CPU_COUNT+1
+    fi
+    m4_pattern_allow(AM_MAKEFLAGS)
+    if test "x$enable_jobserver" != "xno"; then
+        AC_MSG_NOTICE([added jobserver support to make for $enable_jobserver jobs])
+        AX_ADD_AM_MACRO( AM_MAKEFLAGS += -j$enable_jobserver )
+    fi
+])
diff --git a/3P/wolfssl/m4/ax_am_macros.m4 b/3P/wolfssl/m4/ax_am_macros.m4
new file mode 100644
index 00000000..6b4bd223
--- /dev/null
+++ b/3P/wolfssl/m4/ax_am_macros.m4
@@ -0,0 +1,44 @@
+# ===========================================================================
+#       http://www.gnu.org/software/autoconf-archive/ax_am_macros.html
+# ===========================================================================
+#
+# SYNOPSIS
+#
+#   AX_AM_MACROS
+#
+# DESCRIPTION
+#
+#   Adds support for macros that create Make rules. You must manually add
+#   the following line
+#
+#     @INC_AMINCLUDE@
+#
+#   to your Makefile.in (or Makefile.am if you use Automake) files.
+#
+# LICENSE
+#
+#   Copyright (c) 2009 Tom Howard 
+#
+#   Copying and distribution of this file, with or without modification, are
+#   permitted in any medium without royalty provided the copyright notice
+#   and this notice are preserved. This file is offered as-is, without any
+#   warranty.
+
+#serial 9
+
+AC_DEFUN([AX_AM_MACROS],
+[
+AC_MSG_NOTICE([adding automake macro support])
+AMINCLUDE="aminclude.am"
+AC_SUBST(AMINCLUDE)
+AC_MSG_NOTICE([creating $AMINCLUDE])
+AMINCLUDE_TIME=`date`
+AX_PRINT_TO_FILE([$AMINCLUDE],[[
+# generated automatically by configure from AX_AUTOMAKE_MACROS
+# on $AMINCLUDE_TIME
+
+]])
+
+INC_AMINCLUDE="include \$(top_builddir)/$AMINCLUDE"
+AC_SUBST(INC_AMINCLUDE)
+])
diff --git a/3P/wolfssl/m4/ax_append_compile_flags.m4 b/3P/wolfssl/m4/ax_append_compile_flags.m4
new file mode 100644
index 00000000..1f8e7084
--- /dev/null
+++ b/3P/wolfssl/m4/ax_append_compile_flags.m4
@@ -0,0 +1,65 @@
+# ===========================================================================
+#  http://www.gnu.org/software/autoconf-archive/ax_append_compile_flags.html
+# ===========================================================================
+#
+# SYNOPSIS
+#
+#   AX_APPEND_COMPILE_FLAGS([FLAG1 FLAG2 ...], [FLAGS-VARIABLE], [EXTRA-FLAGS])
+#
+# DESCRIPTION
+#
+#   For every FLAG1, FLAG2 it is checked whether the compiler works with the
+#   flag.  If it does, the flag is added FLAGS-VARIABLE
+#
+#   If FLAGS-VARIABLE is not specified, the current language's flags (e.g.
+#   CFLAGS) is used.  During the check the flag is always added to the
+#   current language's flags.
+#
+#   If EXTRA-FLAGS is defined, it is added to the current language's default
+#   flags (e.g. CFLAGS) when the check is done.  The check is thus made with
+#   the flags: "CFLAGS EXTRA-FLAGS FLAG".  This can for example be used to
+#   force the compiler to issue an error when a bad flag is given.
+#
+#   NOTE: This macro depends on the AX_APPEND_FLAG and
+#   AX_CHECK_COMPILE_FLAG. Please keep this macro in sync with
+#   AX_APPEND_LINK_FLAGS.
+#
+# LICENSE
+#
+#   Copyright (c) 2011 Maarten Bosmans 
+#
+#   This program is free software: you can redistribute it and/or modify it
+#   under the terms of the GNU General Public License as published by the
+#   Free Software Foundation, either version 3 of the License, or (at your
+#   option) any later version.
+#
+#   This program is distributed in the hope that it will be useful, but
+#   WITHOUT ANY WARRANTY; without even the implied warranty of
+#   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General
+#   Public License for more details.
+#
+#   You should have received a copy of the GNU General Public License along
+#   with this program. If not, see .
+#
+#   As a special exception, the respective Autoconf Macro's copyright owner
+#   gives unlimited permission to copy, distribute and modify the configure
+#   scripts that are the output of Autoconf when processing the Macro. You
+#   need not follow the terms of the GNU General Public License when using
+#   or distributing such scripts, even though portions of the text of the
+#   Macro appear in them. The GNU General Public License (GPL) does govern
+#   all other use of the material that constitutes the Autoconf Macro.
+#
+#   This special exception to the GPL applies to versions of the Autoconf
+#   Macro released by the Autoconf Archive. When you make and distribute a
+#   modified version of the Autoconf Macro, you may extend this special
+#   exception to the GPL to apply to your modified version as well.
+
+#serial 3
+
+AC_DEFUN([AX_APPEND_COMPILE_FLAGS],
+[AC_REQUIRE([AX_CHECK_COMPILE_FLAG])
+AC_REQUIRE([AX_APPEND_FLAG])
+for flag in $1; do
+  AX_CHECK_COMPILE_FLAG([$flag], [AX_APPEND_FLAG([$flag], [$2])], [], [$3])
+done
+])dnl AX_APPEND_COMPILE_FLAGS
diff --git a/3P/wolfssl/m4/ax_append_flag.m4 b/3P/wolfssl/m4/ax_append_flag.m4
new file mode 100644
index 00000000..1d38b76f
--- /dev/null
+++ b/3P/wolfssl/m4/ax_append_flag.m4
@@ -0,0 +1,69 @@
+# ===========================================================================
+#      http://www.gnu.org/software/autoconf-archive/ax_append_flag.html
+# ===========================================================================
+#
+# SYNOPSIS
+#
+#   AX_APPEND_FLAG(FLAG, [FLAGS-VARIABLE])
+#
+# DESCRIPTION
+#
+#   FLAG is appended to the FLAGS-VARIABLE shell variable, with a space
+#   added in between.
+#
+#   If FLAGS-VARIABLE is not specified, the current language's flags (e.g.
+#   CFLAGS) is used.  FLAGS-VARIABLE is not changed if it already contains
+#   FLAG.  If FLAGS-VARIABLE is unset in the shell, it is set to exactly
+#   FLAG.
+#
+#   NOTE: Implementation based on AX_CFLAGS_GCC_OPTION.
+#
+# LICENSE
+#
+#   Copyright (c) 2008 Guido U. Draheim 
+#   Copyright (c) 2011 Maarten Bosmans 
+#
+#   This program is free software: you can redistribute it and/or modify it
+#   under the terms of the GNU General Public License as published by the
+#   Free Software Foundation, either version 3 of the License, or (at your
+#   option) any later version.
+#
+#   This program is distributed in the hope that it will be useful, but
+#   WITHOUT ANY WARRANTY; without even the implied warranty of
+#   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General
+#   Public License for more details.
+#
+#   You should have received a copy of the GNU General Public License along
+#   with this program. If not, see .
+#
+#   As a special exception, the respective Autoconf Macro's copyright owner
+#   gives unlimited permission to copy, distribute and modify the configure
+#   scripts that are the output of Autoconf when processing the Macro. You
+#   need not follow the terms of the GNU General Public License when using
+#   or distributing such scripts, even though portions of the text of the
+#   Macro appear in them. The GNU General Public License (GPL) does govern
+#   all other use of the material that constitutes the Autoconf Macro.
+#
+#   This special exception to the GPL applies to versions of the Autoconf
+#   Macro released by the Autoconf Archive. When you make and distribute a
+#   modified version of the Autoconf Macro, you may extend this special
+#   exception to the GPL to apply to your modified version as well.
+
+#serial 2
+
+AC_DEFUN([AX_APPEND_FLAG],
+[AC_PREREQ(2.59)dnl for _AC_LANG_PREFIX
+AS_VAR_PUSHDEF([FLAGS], [m4_default($2,_AC_LANG_PREFIX[FLAGS])])dnl
+AS_VAR_SET_IF(FLAGS,
+  [case " AS_VAR_GET(FLAGS) " in
+    *" $1 "*)
+      AC_RUN_LOG([: FLAGS already contains $1])
+      ;;
+    *)
+      AC_RUN_LOG([: FLAGS="$FLAGS $1"])
+      AS_VAR_SET(FLAGS, ["AS_VAR_GET(FLAGS) $1"])
+      ;;
+   esac],
+  [AS_VAR_SET(FLAGS,["$1"])])
+AS_VAR_POPDEF([FLAGS])dnl
+])dnl AX_APPEND_FLAG
diff --git a/3P/wolfssl/m4/ax_append_to_file.m4 b/3P/wolfssl/m4/ax_append_to_file.m4
new file mode 100644
index 00000000..f9f54e08
--- /dev/null
+++ b/3P/wolfssl/m4/ax_append_to_file.m4
@@ -0,0 +1,27 @@
+# ===========================================================================
+#     http://www.gnu.org/software/autoconf-archive/ax_append_to_file.html
+# ===========================================================================
+#
+# SYNOPSIS
+#
+#   AX_APPEND_TO_FILE([FILE],[DATA])
+#
+# DESCRIPTION
+#
+#   Appends the specified data to the specified file.
+#
+# LICENSE
+#
+#   Copyright (c) 2008 Tom Howard 
+#
+#   Copying and distribution of this file, with or without modification, are
+#   permitted in any medium without royalty provided the copyright notice
+#   and this notice are preserved. This file is offered as-is, without any
+#   warranty.
+
+#serial 8
+
+AC_DEFUN([AX_APPEND_TO_FILE],[
+AC_REQUIRE([AX_FILE_ESCAPES])
+printf "$2\n" >> "$1"
+])
diff --git a/3P/wolfssl/m4/ax_check_compile_flag.m4 b/3P/wolfssl/m4/ax_check_compile_flag.m4
new file mode 100644
index 00000000..c3a8d695
--- /dev/null
+++ b/3P/wolfssl/m4/ax_check_compile_flag.m4
@@ -0,0 +1,72 @@
+# ===========================================================================
+#   http://www.gnu.org/software/autoconf-archive/ax_check_compile_flag.html
+# ===========================================================================
+#
+# SYNOPSIS
+#
+#   AX_CHECK_COMPILE_FLAG(FLAG, [ACTION-SUCCESS], [ACTION-FAILURE], [EXTRA-FLAGS])
+#
+# DESCRIPTION
+#
+#   Check whether the given FLAG works with the current language's compiler
+#   or gives an error.  (Warnings, however, are ignored)
+#
+#   ACTION-SUCCESS/ACTION-FAILURE are shell commands to execute on
+#   success/failure.
+#
+#   If EXTRA-FLAGS is defined, it is added to the current language's default
+#   flags (e.g. CFLAGS) when the check is done.  The check is thus made with
+#   the flags: "CFLAGS EXTRA-FLAGS FLAG".  This can for example be used to
+#   force the compiler to issue an error when a bad flag is given.
+#
+#   NOTE: Implementation based on AX_CFLAGS_GCC_OPTION. Please keep this
+#   macro in sync with AX_CHECK_{PREPROC,LINK}_FLAG.
+#
+# LICENSE
+#
+#   Copyright (c) 2008 Guido U. Draheim 
+#   Copyright (c) 2011 Maarten Bosmans 
+#
+#   This program is free software: you can redistribute it and/or modify it
+#   under the terms of the GNU General Public License as published by the
+#   Free Software Foundation, either version 3 of the License, or (at your
+#   option) any later version.
+#
+#   This program is distributed in the hope that it will be useful, but
+#   WITHOUT ANY WARRANTY; without even the implied warranty of
+#   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General
+#   Public License for more details.
+#
+#   You should have received a copy of the GNU General Public License along
+#   with this program. If not, see .
+#
+#   As a special exception, the respective Autoconf Macro's copyright owner
+#   gives unlimited permission to copy, distribute and modify the configure
+#   scripts that are the output of Autoconf when processing the Macro. You
+#   need not follow the terms of the GNU General Public License when using
+#   or distributing such scripts, even though portions of the text of the
+#   Macro appear in them. The GNU General Public License (GPL) does govern
+#   all other use of the material that constitutes the Autoconf Macro.
+#
+#   This special exception to the GPL applies to versions of the Autoconf
+#   Macro released by the Autoconf Archive. When you make and distribute a
+#   modified version of the Autoconf Macro, you may extend this special
+#   exception to the GPL to apply to your modified version as well.
+
+#serial 2
+
+AC_DEFUN([AX_CHECK_COMPILE_FLAG],
+[AC_PREREQ(2.59)dnl for _AC_LANG_PREFIX
+AS_VAR_PUSHDEF([CACHEVAR],[ax_cv_check_[]_AC_LANG_ABBREV[]flags_$4_$1])dnl
+AC_CACHE_CHECK([whether _AC_LANG compiler accepts $1], CACHEVAR, [
+  ax_check_save_flags=$[]_AC_LANG_PREFIX[]FLAGS
+  _AC_LANG_PREFIX[]FLAGS="$[]_AC_LANG_PREFIX[]FLAGS $4 $1"
+  AC_COMPILE_IFELSE([AC_LANG_PROGRAM()],
+    [AS_VAR_SET(CACHEVAR,[yes])],
+    [AS_VAR_SET(CACHEVAR,[no])])
+  _AC_LANG_PREFIX[]FLAGS=$ax_check_save_flags])
+AS_IF([test x"AS_VAR_GET(CACHEVAR)" = xyes],
+  [m4_default([$2], :)],
+  [m4_default([$3], :)])
+AS_VAR_POPDEF([CACHEVAR])dnl
+])dnl AX_CHECK_COMPILE_FLAGS
diff --git a/3P/wolfssl/m4/ax_check_link_flag.m4 b/3P/wolfssl/m4/ax_check_link_flag.m4
new file mode 100644
index 00000000..e2d0d363
--- /dev/null
+++ b/3P/wolfssl/m4/ax_check_link_flag.m4
@@ -0,0 +1,71 @@
+# ===========================================================================
+#    http://www.gnu.org/software/autoconf-archive/ax_check_link_flag.html
+# ===========================================================================
+#
+# SYNOPSIS
+#
+#   AX_CHECK_LINK_FLAG(FLAG, [ACTION-SUCCESS], [ACTION-FAILURE], [EXTRA-FLAGS])
+#
+# DESCRIPTION
+#
+#   Check whether the given FLAG works with the linker or gives an error.
+#   (Warnings, however, are ignored)
+#
+#   ACTION-SUCCESS/ACTION-FAILURE are shell commands to execute on
+#   success/failure.
+#
+#   If EXTRA-FLAGS is defined, it is added to the linker's default flags
+#   when the check is done.  The check is thus made with the flags: "LDFLAGS
+#   EXTRA-FLAGS FLAG".  This can for example be used to force the linker to
+#   issue an error when a bad flag is given.
+#
+#   NOTE: Implementation based on AX_CFLAGS_GCC_OPTION. Please keep this
+#   macro in sync with AX_CHECK_{PREPROC,COMPILE}_FLAG.
+#
+# LICENSE
+#
+#   Copyright (c) 2008 Guido U. Draheim 
+#   Copyright (c) 2011 Maarten Bosmans 
+#
+#   This program is free software: you can redistribute it and/or modify it
+#   under the terms of the GNU General Public License as published by the
+#   Free Software Foundation, either version 3 of the License, or (at your
+#   option) any later version.
+#
+#   This program is distributed in the hope that it will be useful, but
+#   WITHOUT ANY WARRANTY; without even the implied warranty of
+#   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General
+#   Public License for more details.
+#
+#   You should have received a copy of the GNU General Public License along
+#   with this program. If not, see .
+#
+#   As a special exception, the respective Autoconf Macro's copyright owner
+#   gives unlimited permission to copy, distribute and modify the configure
+#   scripts that are the output of Autoconf when processing the Macro. You
+#   need not follow the terms of the GNU General Public License when using
+#   or distributing such scripts, even though portions of the text of the
+#   Macro appear in them. The GNU General Public License (GPL) does govern
+#   all other use of the material that constitutes the Autoconf Macro.
+#
+#   This special exception to the GPL applies to versions of the Autoconf
+#   Macro released by the Autoconf Archive. When you make and distribute a
+#   modified version of the Autoconf Macro, you may extend this special
+#   exception to the GPL to apply to your modified version as well.
+
+#serial 2
+
+AC_DEFUN([AX_CHECK_LINK_FLAG],
+[AS_VAR_PUSHDEF([CACHEVAR],[ax_cv_check_ldflags_$4_$1])dnl
+AC_CACHE_CHECK([whether the linker accepts $1], CACHEVAR, [
+  ax_check_save_flags=$LDFLAGS
+  LDFLAGS="$LDFLAGS $4 $1"
+  AC_LINK_IFELSE([AC_LANG_PROGRAM()],
+    [AS_VAR_SET(CACHEVAR,[yes])],
+    [AS_VAR_SET(CACHEVAR,[no])])
+  LDFLAGS=$ax_check_save_flags])
+AS_IF([test x"AS_VAR_GET(CACHEVAR)" = xyes],
+  [m4_default([$2], :)],
+  [m4_default([$3], :)])
+AS_VAR_POPDEF([CACHEVAR])dnl
+])dnl AX_CHECK_LINK_FLAGS
diff --git a/3P/wolfssl/m4/ax_count_cpus.m4 b/3P/wolfssl/m4/ax_count_cpus.m4
new file mode 100644
index 00000000..d4f3d290
--- /dev/null
+++ b/3P/wolfssl/m4/ax_count_cpus.m4
@@ -0,0 +1,57 @@
+# ===========================================================================
+#       http://www.gnu.org/software/autoconf-archive/ax_count_cpus.html
+# ===========================================================================
+#
+# SYNOPSIS
+#
+#   AX_COUNT_CPUS
+#
+# DESCRIPTION
+#
+#   Attempt to count the number of processors present on the machine. If the
+#   detection fails, then a value of 1 is assumed.
+#
+#   The value is placed in the CPU_COUNT variable.
+#
+# LICENSE
+#
+#   Copyright (c) 2012 Brian Aker 
+#   Copyright (c) 2008 Michael Paul Bailey 
+#   Copyright (c) 2008 Christophe Tournayre 
+#
+#   Copying and distribution of this file, with or without modification, are
+#   permitted in any medium without royalty provided the copyright notice
+#   and this notice are preserved. This file is offered as-is, without any
+#   warranty.
+
+#serial 10
+
+  AC_DEFUN([AX_COUNT_CPUS],[
+      AC_REQUIRE([AC_CANONICAL_HOST])
+      AC_REQUIRE([AC_PROG_EGREP])
+      AC_MSG_CHECKING([the number of available CPUs])
+      CPU_COUNT="0"
+
+      AS_CASE([$host_os],[
+        *darwin*],[
+        AS_IF([test -x /usr/sbin/sysctl],[
+          sysctl_a=`/usr/sbin/sysctl -a 2>/dev/null| grep -c hw.cpu`
+          AS_IF([test sysctl_a],[
+            CPU_COUNT=`/usr/sbin/sysctl -n hw.ncpu`
+            ])
+          ])],[
+        *linux*],[
+        AS_IF([test "x$CPU_COUNT" = "x0" -a -e /proc/cpuinfo],[
+          AS_IF([test "x$CPU_COUNT" = "x0" -a -e /proc/cpuinfo],[
+            CPU_COUNT=`$EGREP -c '^processor' /proc/cpuinfo`
+            ])
+          ])
+        ])
+
+      AS_IF([test "x$CPU_COUNT" = "x0"],[
+        CPU_COUNT="1"
+        AC_MSG_RESULT( [unable to detect (assuming 1)] )
+        ],[
+        AC_MSG_RESULT( $CPU_COUNT )
+        ])
+      ])
diff --git a/3P/wolfssl/m4/ax_create_generic_config.m4 b/3P/wolfssl/m4/ax_create_generic_config.m4
new file mode 100644
index 00000000..535838f4
--- /dev/null
+++ b/3P/wolfssl/m4/ax_create_generic_config.m4
@@ -0,0 +1,195 @@
+# ============================================================================
+#  http://www.gnu.org/software/autoconf-archive/ax_create_generic_config.html
+# ============================================================================
+#
+# SYNOPSIS
+#
+#   AX_CREATE_GENERIC_CONFIG [(PACKAGEnlibs [, VERSION])]
+#
+# DESCRIPTION
+#
+#   Creates a generic PACKAGE-config file that has all the things that you
+#   want, hmm, well, atleast it has --cflags, --version, --libs. Ahhm, did
+#   you see ax_path_generic in the autoconf-archive? ;-)
+#
+#   this macros saves you all the typing for a pkg-config.in script, you
+#   don't even need to distribute one along. Place this macro in your
+#   configure.ac, et voila, you got one that you want to install.
+#
+#   oh, btw, if the first arg looks like "mylib -lwhat' then it will go to
+#   be added to the --libs, and mylib is extracted.
+#
+#   the defaults: $1 = $PACKAGE $LIBS $2 = $VERSION there is also an
+#   AC_SUBST(GENERIC_CONFIG) that will be set to the name of the file that
+#   we did output in this macro. Use as:
+#
+#    install-exec-local:    install-generic-config
+#
+#    install-generic-config:
+#       $(mkinstalldirs) $(DESTDIR)$(bindir)
+#       $(INSTALL_SCRIPT) @GENERIC_CONFIG@ $(DESTDIR)$(bindir)
+#
+# LICENSE
+#
+#   Copyright (c) 2008 Guido U. Draheim 
+#
+#   This program is free software; you can redistribute it and/or modify it
+#   under the terms of the GNU General Public License as published by the
+#   Free Software Foundation; either version 3 of the License, or (at your
+#   option) any later version.
+#
+#   This program is distributed in the hope that it will be useful, but
+#   WITHOUT ANY WARRANTY; without even the implied warranty of
+#   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General
+#   Public License for more details.
+#
+#   You should have received a copy of the GNU General Public License along
+#   with this program. If not, see .
+#
+#   As a special exception, the respective Autoconf Macro's copyright owner
+#   gives unlimited permission to copy, distribute and modify the configure
+#   scripts that are the output of Autoconf when processing the Macro. You
+#   need not follow the terms of the GNU General Public License when using
+#   or distributing such scripts, even though portions of the text of the
+#   Macro appear in them. The GNU General Public License (GPL) does govern
+#   all other use of the material that constitutes the Autoconf Macro.
+#
+#   This special exception to the GPL applies to versions of the Autoconf
+#   Macro released by the Autoconf Archive. When you make and distribute a
+#   modified version of the Autoconf Macro, you may extend this special
+#   exception to the GPL to apply to your modified version as well.
+
+#serial 6
+
+AU_ALIAS([AC_CREATE_GENERIC_CONFIG], [AX_CREATE_GENERIC_CONFIG])
+AC_DEFUN([AX_CREATE_GENERIC_CONFIG],[# create a generic PACKAGE-config file
+L=`echo ifelse($1, , $PACKAGE $LIBS, $1)`
+P=`echo $L | sed -e 's/ -.*//'`
+P=`echo $P`
+V=`echo ifelse($2, , $VERSION, $2)`
+F=`echo $P-config`
+L=`echo -l$L | sed -e 's/^-llib/-l/'`
+AC_MSG_RESULT(creating $F - generic $V for $L)
+test "x$prefix" = xNONE && prefix="$ac_default_prefix"
+test "x$exec_prefix" = xNONE && exec_prefix='${prefix}'
+echo '#! /bin/sh' >$F
+echo ' ' >>$F
+echo 'package="'$P'"' >>$F
+echo 'version="'$V'"' >>$F
+echo 'libs="'$L'"' >>$F
+echo ' ' >>$F
+# in the order of occurence a standard automake Makefile
+echo 'prefix="'$prefix'"' >>$F
+echo 'exec_prefix="'$exec_prefix'"' >>$F
+echo 'bindir="'$bindir'"' >>$F
+echo 'sbindir="'$sbindir'"' >>$F
+echo 'libexecdir="'$libexecdir'"' >>$F
+echo 'datadir="'$datadir'"' >>$F
+echo 'sysconfdir="'$sysconfdir'"' >>$F
+echo 'sharedstatedir="'$sharedstatedir'"' >>$F
+echo 'localstatedir="'$localstatedir'"' >>$F
+echo 'libdir="'$libdir'"' >>$F
+echo 'infodir="'$infodir'"' >>$F
+echo 'mandir="'$mandir'"' >>$F
+echo 'includedir="'$includedir'"' >>$F
+echo 'target="'$target'"' >>$F
+echo 'host="'$host'"' >>$F
+echo 'build="'$build'"' >>$F
+echo ' ' >>$F
+echo 'if test "'"\$""#"'" -eq 0; then' >>$F
+echo '   cat <>$F
+echo 'Usage: $package-config [OPTIONS]' >>$F
+echo 'Options:' >>$F
+echo '  --prefix[=DIR]) : \$prefix' >>$F
+echo '  --package) : \$package' >>$F
+echo '  --version) : \$version' >>$F
+echo '  --cflags) : -I\$includedir' >>$F
+echo '  --libs) : -L\$libdir -l\$package' >>$F
+echo '  --help) print all the options (not just these)' >>$F
+echo 'EOF' >>$F
+echo 'fi' >>$F
+echo ' ' >>$F
+echo 'o=""' >>$F
+echo 'h=""' >>$F
+echo 'for i in "[$]@"; do' >>$F
+echo '  case $i in' >>$F
+echo '  --prefix=*) prefix=`echo $i | sed -e "s/--prefix=//"` ;;' >>$F
+echo '  --prefix)    o="$o $prefix" ;;' >>$F
+echo '  --package)   o="$o $package" ;;' >>$F
+echo '  --version)   o="$o $version" ;;' >>$F
+echo '  --cflags) if test "_$includedir" != "_/usr/include"' >>$F
+echo '          then o="$o -I$includedir" ; fi' >>$F
+echo '  ;;' >>$F
+echo '  --libs)      o="$o -L$libdir $libs" ;;' >>$F
+echo '  --exec_prefix|--eprefix) o="$o $exec_prefix" ;;' >>$F
+echo '  --bindir)                o="$o $bindir" ;;' >>$F
+echo '  --sbindir)               o="$o $sbindir" ;;' >>$F
+echo '  --libexecdir)            o="$o $libexecdir" ;;' >>$F
+echo '  --datadir)               o="$o $datadir" ;;' >>$F
+echo '  --datainc)               o="$o -I$datadir" ;;' >>$F
+echo '  --datalib)               o="$o -L$datadir" ;;' >>$F
+echo '  --sysconfdir)            o="$o $sysconfdir" ;;' >>$F
+echo '  --sharedstatedir)        o="$o $sharedstatedir" ;;' >>$F
+echo '  --localstatedir)         o="$o $localstatedir" ;;' >>$F
+echo '  --libdir)                o="$o $libdir" ;;' >>$F
+echo '  --libadd)                o="$o -L$libdir" ;;' >>$F
+echo '  --infodir)               o="$o $infodir" ;;' >>$F
+echo '  --mandir)                o="$o $mandir" ;;' >>$F
+echo '  --target)                o="$o $target" ;;' >>$F
+echo '  --host)                  o="$o $host" ;;' >>$F
+echo '  --build)                 o="$o $build" ;;' >>$F
+echo '  --data)                  o="$o -I$datadir/$package" ;;' >>$F
+echo '  --pkgdatadir)            o="$o $datadir/$package" ;;' >>$F
+echo '  --pkgdatainc)            o="$o -I$datadir/$package" ;;' >>$F
+echo '  --pkgdatalib)            o="$o -L$datadir/$package" ;;' >>$F
+echo '  --pkglibdir)             o="$o $libdir/$package" ;;' >>$F
+echo '  --pkglibinc)             o="$o -I$libinc/$package" ;;' >>$F
+echo '  --pkglibadd)             o="$o -L$libadd/$package" ;;' >>$F
+echo '  --pkgincludedir)         o="$o $includedir/$package" ;;' >>$F
+echo '  --help) h="1" ;;' >>$F
+echo '  -?//*|-?/*//*|-?./*//*|//*|/*//*|./*//*) ' >>$F
+echo '       v=`echo $i | sed -e s://:\$:g`' >>$F
+echo '       v=`eval "echo $v"` ' >>$F
+echo '       o="$o $v" ;; ' >>$F
+echo '  esac' >>$F
+echo 'done' >>$F
+echo ' ' >>$F
+echo 'o=`eval "echo $o"`' >>$F
+echo 'o=`eval "echo $o"`' >>$F
+echo 'eval "echo $o"' >>$F
+echo ' ' >>$F
+echo 'if test ! -z "$h" ; then ' >>$F
+echo 'cat <>$F
+echo '  --prefix=xxx)      (what is that for anyway?)' >>$F
+echo '  --prefix)         \$prefix        $prefix' >>$F
+echo '  --package)        \$package       $package' >>$F
+echo '  --version)        \$version       $version' >>$F
+echo '  --cflags)         -I\$includedir    unless it is /usr/include' >>$F
+echo '  --libs)           -L\$libdir -l\$PACKAGE \$LIBS' >>$F
+echo '  --exec_prefix) or... ' >>$F
+echo '  --eprefix)        \$exec_prefix   $exec_prefix' >>$F
+echo '  --bindir)         \$bindir        $bindir' >>$F
+echo '  --sbindir)        \$sbindir       $sbindir' >>$F
+echo '  --libexecdir)     \$libexecdir    $libexecdir' >>$F
+echo '  --datadir)        \$datadir       $datadir' >>$F
+echo '  --sysconfdir)     \$sysconfdir    $sysconfdir' >>$F
+echo '  --sharedstatedir) \$sharedstatedir$sharedstatedir' >>$F
+echo '  --localstatedir)  \$localstatedir $localstatedir' >>$F
+echo '  --libdir)         \$libdir        $libdir' >>$F
+echo '  --infodir)        \$infodir       $infodir' >>$F
+echo '  --mandir)         \$mandir        $mandir' >>$F
+echo '  --target)         \$target        $target' >>$F
+echo '  --host)           \$host          $host' >>$F
+echo '  --build)          \$build         $build' >>$F
+echo '  --data)           -I\$datadir/\$package' >>$F
+echo '  --pkgdatadir)     \$datadir/\$package' >>$F
+echo '  --pkglibdir)      \$libdir/\$package' >>$F
+echo '  --pkgincludedir)  \$includedir/\$package' >>$F
+echo '  --help)           generated by ax_create_generic_config.m4' >>$F
+echo '  -I//varname and other inc-targets like --pkgdatainc supported' >>$F
+echo '  -L//varname and other lib-targets, e.g. --pkgdatalib or --libadd' >>$F
+echo 'EOF' >>$F
+echo 'fi' >>$F
+GENERIC_CONFIG="$F"
+AC_SUBST(GENERIC_CONFIG)
+])
diff --git a/3P/wolfssl/m4/ax_debug.m4 b/3P/wolfssl/m4/ax_debug.m4
new file mode 100644
index 00000000..94e4c9cb
--- /dev/null
+++ b/3P/wolfssl/m4/ax_debug.m4
@@ -0,0 +1,63 @@
+# ===========================================================================
+#      https://github.com/BrianAker/ddm4/
+# ===========================================================================
+#
+# SYNOPSIS
+#
+#   AX_DEBUG()
+#
+# DESCRIPTION
+#
+#   --enable-debug
+#
+# LICENSE
+#
+#  Copyright (C) 2012 Brian Aker
+#  All rights reserved.
+#  
+#  Redistribution and use in source and binary forms, with or without
+#  modification, are permitted provided that the following conditions are
+#  met:
+#  
+#      * Redistributions of source code must retain the above copyright
+#  notice, this list of conditions and the following disclaimer.
+#  
+#      * Redistributions in binary form must reproduce the above
+#  copyright notice, this list of conditions and the following disclaimer
+#  in the documentation and/or other materials provided with the
+#  distribution.
+#  
+#      * The names of its contributors may not be used to endorse or
+#  promote products derived from this software without specific prior
+#  written permission.
+#  
+#  THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+#  "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+#  LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+#  A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+#  OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+#  SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+#  LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+#  DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+#  THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+#  (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+#  OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+#serial 6.1
+
+AC_DEFUN([AX_DEBUG],
+    [AC_PREREQ([2.63])dnl
+    AC_ARG_ENABLE([debug],
+      [AS_HELP_STRING([--enable-debug],
+        [Add debug code/turns off optimizations (yes|no) @<:@default=no@:>@])],
+      [ax_enable_debug=$enableval],
+      [ax_enable_debug=no])
+
+	AS_IF([test "x$ax_enable_debug" = xyes],
+		[AC_DEFINE([DEBUG],[1],[Define to 1 to enable debugging code.])],
+		[AC_SUBST([MCHECK])
+         AC_DEFINE([DEBUG],[0],[Define to 1 to enable debugging code.])])
+
+    AC_MSG_CHECKING([for debug])
+    AC_MSG_RESULT([$ax_enable_debug])
+    AM_CONDITIONAL([DEBUG],[test "x${ax_enable_debug}" = xyes])])
diff --git a/3P/wolfssl/m4/ax_file_escapes.m4 b/3P/wolfssl/m4/ax_file_escapes.m4
new file mode 100644
index 00000000..f4c6a06a
--- /dev/null
+++ b/3P/wolfssl/m4/ax_file_escapes.m4
@@ -0,0 +1,30 @@
+# ===========================================================================
+#      http://www.gnu.org/software/autoconf-archive/ax_file_escapes.html
+# ===========================================================================
+#
+# SYNOPSIS
+#
+#   AX_FILE_ESCAPES
+#
+# DESCRIPTION
+#
+#   Writes the specified data to the specified file.
+#
+# LICENSE
+#
+#   Copyright (c) 2008 Tom Howard 
+#
+#   Copying and distribution of this file, with or without modification, are
+#   permitted in any medium without royalty provided the copyright notice
+#   and this notice are preserved. This file is offered as-is, without any
+#   warranty.
+
+#serial 7
+
+AC_DEFUN([AX_FILE_ESCAPES],[
+AX_DOLLAR="\$"
+AX_SRB="\\135"
+AX_SLB="\\133"
+AX_BS="\\\\"
+AX_DQ="\""
+])
diff --git a/3P/wolfssl/m4/ax_harden_compiler_flags.m4 b/3P/wolfssl/m4/ax_harden_compiler_flags.m4
new file mode 100644
index 00000000..93240607
--- /dev/null
+++ b/3P/wolfssl/m4/ax_harden_compiler_flags.m4
@@ -0,0 +1,238 @@
+# ===========================================================================
+#      https://github.com/BrianAker/ddm4/
+# ===========================================================================
+#
+# SYNOPSIS
+#
+#   AX_HARDEN_COMPILER_FLAGS()
+#   AX_HARDEN_LINKER_FLAGS()
+#   AX_HARDEN_CC_COMPILER_FLAGS()
+#   AX_HARDEN_CXX_COMPILER_FLAGS()
+#
+# DESCRIPTION
+#
+#   Any compiler flag that "hardens" or tests code. C99 is assumed.
+#
+#   NOTE: Implementation based on AX_APPEND_FLAG.
+#
+# LICENSE
+#
+#  Copyright (C) 2012 Brian Aker
+#  All rights reserved.
+#  
+#  Redistribution and use in source and binary forms, with or without
+#  modification, are permitted provided that the following conditions are
+#  met:
+#  
+#      * Redistributions of source code must retain the above copyright
+#  notice, this list of conditions and the following disclaimer.
+#  
+#      * Redistributions in binary form must reproduce the above
+#  copyright notice, this list of conditions and the following disclaimer
+#  in the documentation and/or other materials provided with the
+#  distribution.
+#  
+#      * The names of its contributors may not be used to endorse or
+#  promote products derived from this software without specific prior
+#  written permission.
+#  
+#  THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+#  "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+#  LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+#  A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+#  OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+#  SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+#  LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+#  DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+#  THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+#  (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+#  OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+# The Following flags are not checked for
+# -Wdeclaration-after-statement is counter to C99
+# AX_APPEND_COMPILE_FLAGS([-std=c++11]) -- Not ready yet
+# AX_APPEND_COMPILE_FLAGS([-pedantic]) -- ?
+# AX_APPEND_COMPILE_FLAGS([-Wstack-protector]) -- Issues on 32bit compile
+# AX_APPEND_COMPILE_FLAGS([-fstack-protector-all]) -- Issues on 32bit compile
+# AX_APPEND_COMPILE_FLAGS([-Wlong-long]) -- Don't turn on for compatibility issues memcached_stat_st
+# AX_APPEND_COMPILE_FLAGS([-Wold-style-definition],,[$ax_append_compile_cflags_extra])
+# AX_APPEND_COMPILE_FLAGS([-std=c99],,[$ax_append_compile_cflags_extra])
+# AX_APPEND_COMPILE_FLAGS([-Wlogical-op],,[$ax_append_compile_cflags_extra])
+# AX_APPEND_COMPILE_FLAGS([-fstack-check],,[$ax_append_compile_cflags_extra]) -- problems with fastmath stack size checks
+# AX_APPEND_COMPILE_FLAGS([-floop-parallelize-all],,[$ax_append_compile_cflags_extra]) -- causes RSA verify problem on x64
+# AX_APPEND_COMPILE_FLAGS([-Wunreachable-code],,[$ax_append_compile_cflags_extra])  -- older clang and when gcc had it are buggy
+
+#serial 4
+
+  AC_DEFUN([AX_HARDEN_LINKER_FLAGS], [
+      AC_REQUIRE([AX_CHECK_LINK_FLAG])
+      AC_REQUIRE([AX_VCS_CHECKOUT])
+      AC_REQUIRE([AX_DEBUG])
+
+      dnl If we are inside of VCS we append -Werror, otherwise we just use it to test other flags
+      AX_HARDEN_LIB=
+      ax_append_compile_link_flags_extra=
+      AS_IF([test "x$ac_cv_vcs_checkout" = "xyes"],[
+        AX_CHECK_LINK_FLAG([-Werror],[
+          AX_HARDEN_LIB="-Werror $AX_HARDEN_LIB"
+          ])
+        ],[
+        AX_CHECK_LINK_FLAG([-Werror],[
+          ax_append_compile_link_flags_extra='-Werror'
+          ])
+        ])
+
+      AX_CHECK_LINK_FLAG([-z relro -z now],[
+        AX_HARDEN_LIB="-z relro -z now $AX_HARDEN_LIB"
+        ],,[$ax_append_compile_link_flags_extra])
+
+      AX_CHECK_LINK_FLAG([-pie],[
+          AX_HARDEN_LIB="-pie $AX_HARDEN_LIB"
+          ],,[$ax_append_compile_link_flags_extra])
+
+      LIB="$LIB $AX_HARDEN_LIB"
+      ])
+
+  AC_DEFUN([AX_HARDEN_CC_COMPILER_FLAGS], [
+      AC_REQUIRE([AX_APPEND_COMPILE_FLAGS])
+      AC_REQUIRE([AX_HARDEN_LINKER_FLAGS])
+
+      AC_LANG_PUSH([C])
+
+      CFLAGS=
+      ac_cv_warnings_as_errors=no
+      ax_append_compile_cflags_extra=
+      AS_IF([test "$ac_cv_vcs_checkout" = "yes"],[
+        AX_APPEND_COMPILE_FLAGS([-Werror])
+        ac_cv_warnings_as_errors=yes
+        ],[
+        AX_APPEND_COMPILE_FLAGS([-Werror],[ax_append_compile_cflags_extra])
+        ])
+
+      AS_IF([test "$ax_enable_debug" = "yes"], [
+        AX_APPEND_COMPILE_FLAGS([-g])
+        AX_APPEND_COMPILE_FLAGS([-ggdb],,[$ax_append_compile_cflags_extra])
+        AX_APPEND_COMPILE_FLAGS([-O0],,[$ax_append_compile_cflags_extra])
+        ],[])
+
+      AX_APPEND_COMPILE_FLAGS([-Wno-pragmas],,[$ax_append_compile_cflags_extra])
+
+      AX_APPEND_COMPILE_FLAGS([-Wall],,[$ax_append_compile_cflags_extra])
+      AX_APPEND_COMPILE_FLAGS([-Wno-strict-aliasing],,[$ax_append_compile_cflags_extra])
+      AX_APPEND_COMPILE_FLAGS([-Wextra],,[$ax_append_compile_cflags_extra])
+      AX_APPEND_COMPILE_FLAGS([-Wunknown-pragmas],,[$ax_append_compile_cflags_extra])
+      AX_APPEND_COMPILE_FLAGS([-Wthis-test-should-fail],,[$ax_append_compile_cflags_extra])
+      dnl Anything below this comment please keep sorted.
+      AS_IF([test "$CC" = "clang"],[],[
+        AX_APPEND_COMPILE_FLAGS([--param=ssp-buffer-size=1],,[$ax_append_compile_cflags_extra])
+        ])
+      AX_APPEND_COMPILE_FLAGS([-Waddress],,[$ax_append_compile_cflags_extra])
+      AX_APPEND_COMPILE_FLAGS([-Warray-bounds],,[$ax_append_compile_cflags_extra])
+      AX_APPEND_COMPILE_FLAGS([-Wbad-function-cast],,[$ax_append_compile_cflags_extra])
+      dnl Not in use -Wc++-compat
+      AX_APPEND_COMPILE_FLAGS([-Wchar-subscripts],,[$ax_append_compile_cflags_extra])
+      AX_APPEND_COMPILE_FLAGS([-Wcomment],,[$ax_append_compile_cflags_extra])
+      AX_APPEND_COMPILE_FLAGS([-Wfloat-equal],,[$ax_append_compile_cflags_extra])
+      AX_APPEND_COMPILE_FLAGS([-Wformat-security],,[$ax_append_compile_cflags_extra])
+      AX_APPEND_COMPILE_FLAGS([-Wformat=2],,[$ax_append_compile_cflags_extra])
+      AX_APPEND_COMPILE_FLAGS([-Wmaybe-uninitialized],,[$ax_append_compile_cflags_extra])
+      AX_APPEND_COMPILE_FLAGS([-Wmissing-field-initializers],,[$ax_append_compile_cflags_extra])
+      AX_APPEND_COMPILE_FLAGS([-Wmissing-noreturn],,[$ax_append_compile_cflags_extra])
+      AX_APPEND_COMPILE_FLAGS([-Wmissing-prototypes],,[$ax_append_compile_cflags_extra])
+      AX_APPEND_COMPILE_FLAGS([-Wnested-externs],,[$ax_append_compile_cflags_extra])
+      AX_APPEND_COMPILE_FLAGS([-Wnormalized=id],,[$ax_append_compile_cflags_extra])
+      AX_APPEND_COMPILE_FLAGS([-Woverride-init],,[$ax_append_compile_cflags_extra])
+      AX_APPEND_COMPILE_FLAGS([-Wpointer-arith],,[$ax_append_compile_cflags_extra])
+      AX_APPEND_COMPILE_FLAGS([-Wpointer-sign],,[$ax_append_compile_cflags_extra])
+      AX_APPEND_COMPILE_FLAGS([-Wredundant-decls],,[$ax_append_compile_cflags_extra])
+      AX_APPEND_COMPILE_FLAGS([-Wshadow],,[$ax_append_compile_cflags_extra])
+      AX_APPEND_COMPILE_FLAGS([-Wshorten-64-to-32],,[$ax_append_compile_cflags_extra])
+      AX_APPEND_COMPILE_FLAGS([-Wsign-compare],,[$ax_append_compile_cflags_extra])
+      AX_APPEND_COMPILE_FLAGS([-Wstrict-overflow=1],,[$ax_append_compile_cflags_extra])
+      AX_APPEND_COMPILE_FLAGS([-Wstrict-prototypes],,[$ax_append_compile_cflags_extra])
+      AX_APPEND_COMPILE_FLAGS([-Wswitch-enum],,[$ax_append_compile_cflags_extra])
+      AX_APPEND_COMPILE_FLAGS([-Wundef],,[$ax_append_compile_cflags_extra])
+      AX_APPEND_COMPILE_FLAGS([-Wunused],,[$ax_append_compile_cflags_extra])
+      AX_APPEND_COMPILE_FLAGS([-Wunused-result],,[$ax_append_compile_cflags_extra])
+      AX_APPEND_COMPILE_FLAGS([-Wunused-variable],,[$ax_append_compile_cflags_extra])
+      AX_APPEND_COMPILE_FLAGS([-Wwrite-strings],,[$ax_append_compile_cflags_extra])
+      AX_APPEND_COMPILE_FLAGS([-fwrapv],,[$ax_append_compile_cflags_extra])
+      AX_APPEND_COMPILE_FLAGS([-fPIE],,[$ax_append_compile_cflags_extra])
+      AC_LANG_POP
+      ])
+
+  AC_DEFUN([AX_HARDEN_CXX_COMPILER_FLAGS], [
+      AC_REQUIRE([AX_HARDEN_CC_COMPILER_FLAGS])
+      AC_LANG_PUSH([C++])
+
+      ax_append_compile_cxxflags_extra=
+      AS_IF([test "$ac_cv_warnings_as_errors" = "yes"],[
+        AX_APPEND_COMPILE_FLAGS([-Werror])
+        ],[
+        AX_APPEND_COMPILE_FLAGS([-Werror],[ax_append_compile_cxxflags_extra])
+        ])
+
+      AS_IF([test "$ax_enable_debug" = "yes" ], [
+        AX_APPEND_COMPILE_FLAGS([-g],,[$ax_append_compile_cxxflags_extra])
+        AX_APPEND_COMPILE_FLAGS([-O0],,[$ax_append_compile_cxxflags_extra])
+        AX_APPEND_COMPILE_FLAGS([-ggdb],,[$ax_append_compile_cxxflags_extra])
+        ],[
+        AX_APPEND_COMPILE_FLAGS([-D_FORTIFY_SOURCE=2],,[$ax_append_compile_cxxflags_extra])
+        ])
+
+      AS_IF([test "$ac_cv_vcs_checkout" = "yes" ], [
+        AX_APPEND_COMPILE_FLAGS([-Werror],,[$ax_append_compile_cxxflags_extra])
+        ],[
+        AX_APPEND_COMPILE_FLAGS([-Wno-pragmas],,[$ax_append_compile_cxxflags_extra])
+        ])
+
+      AX_APPEND_COMPILE_FLAGS([-Wall],,[$ax_append_compile_cxxflags_extra])
+      AX_APPEND_COMPILE_FLAGS([-Wno-strict-aliasing],,[$ax_append_compile_cxxflags_extra])
+      AX_APPEND_COMPILE_FLAGS([-Wextra],,[$ax_append_compile_cxxflags_extra])
+      AX_APPEND_COMPILE_FLAGS([-Wunknown-pragmas],,[$ax_append_compile_cxxflags_extra])
+      AX_APPEND_COMPILE_FLAGS([-Wthis-test-should-fail],,[$ax_append_compile_cxxflags_extra])
+      dnl Anything below this comment please keep sorted.
+      AX_APPEND_COMPILE_FLAGS([--param=ssp-buffer-size=1],,[$ax_append_compile_cxxflags_extra])
+      AX_APPEND_COMPILE_FLAGS([-Waddress],,[$ax_append_compile_cxxflags_extra])
+      AX_APPEND_COMPILE_FLAGS([-Warray-bounds],,[$ax_append_compile_cxxflags_extra])
+      AX_APPEND_COMPILE_FLAGS([-Wchar-subscripts],,[$ax_append_compile_cxxflags_extra])
+      AX_APPEND_COMPILE_FLAGS([-Wcomment],,[$ax_append_compile_cxxflags_extra])
+      AX_APPEND_COMPILE_FLAGS([-Wctor-dtor-privacy],,[$ax_append_compile_cxxflags_extra])
+      AX_APPEND_COMPILE_FLAGS([-Wfloat-equal],,[$ax_append_compile_cxxflags_extra])
+      AX_APPEND_COMPILE_FLAGS([-Wformat=2],,[$ax_append_compile_cxxflags_extra])
+      AX_APPEND_COMPILE_FLAGS([-Wmaybe-uninitialized],,[$ax_append_compile_cxxflags_extra])
+      AX_APPEND_COMPILE_FLAGS([-Wmissing-field-initializers],,[$ax_append_compile_cxxflags_extra])
+      AX_APPEND_COMPILE_FLAGS([-Wmissing-noreturn],,[$ax_append_compile_cxxflags_extra])
+      AX_APPEND_COMPILE_FLAGS([-Wnon-virtual-dtor],,[$ax_append_compile_cxxflags_extra])
+      AX_APPEND_COMPILE_FLAGS([-Wnormalized=id],,[$ax_append_compile_cxxflags_extra])
+      AX_APPEND_COMPILE_FLAGS([-Woverloaded-virtual],,[$ax_append_compile_cxxflags_extra])
+      AX_APPEND_COMPILE_FLAGS([-Wpointer-arith],,[$ax_append_compile_cxxflags_extra])
+      AX_APPEND_COMPILE_FLAGS([-Wredundant-decls],,[$ax_append_compile_cxxflags_extra])
+      AX_APPEND_COMPILE_FLAGS([-Wshadow],,[$ax_append_compile_cxxflags_extra])
+      AX_APPEND_COMPILE_FLAGS([-Wshorten-64-to-32],,[$ax_append_compile_cxxflags_extra])
+      AX_APPEND_COMPILE_FLAGS([-Wsign-compare],,[$ax_append_compile_cxxflags_extra])
+      AX_APPEND_COMPILE_FLAGS([-Wstrict-overflow=1],,[$ax_append_compile_cxxflags_extra])
+      AX_APPEND_COMPILE_FLAGS([-Wswitch-enum],,[$ax_append_compile_cxxflags_extra])
+      AX_APPEND_COMPILE_FLAGS([-Wundef],,[$ax_append_compile_cxxflags_extra])
+      AX_APPEND_COMPILE_FLAGS([-Wc++11-compat],,[$ax_append_compile_cxxflags_extra])
+      AX_APPEND_COMPILE_FLAGS([-Wunused],,[$ax_append_compile_cxxflags_extra])
+      AX_APPEND_COMPILE_FLAGS([-Wunused-result],,[$ax_append_compile_cxxflags_extra])
+      AX_APPEND_COMPILE_FLAGS([-Wunused-variable],,[$ax_append_compile_cxxflags_extra])
+      AX_APPEND_COMPILE_FLAGS([-Wwrite-strings],,[$ax_append_compile_cxxflags_extra])
+      AX_APPEND_COMPILE_FLAGS([-Wformat-security],,[$ax_append_compile_cxxflags_extra])
+      AX_APPEND_COMPILE_FLAGS([-fwrapv],,[$ax_append_compile_cxxflags_extra])
+      AC_LANG_POP
+  ])
+
+  AC_DEFUN([AX_HARDEN_COMPILER_FLAGS], [
+      AC_REQUIRE([AX_HARDEN_CXX_COMPILER_FLAGS])
+      ])
+
+  AC_DEFUN([AX_CC_OTHER_FLAGS], [
+      AC_REQUIRE([AX_APPEND_COMPILE_FLAGS])
+      AC_REQUIRE([AX_HARDEN_CC_COMPILER_FLAGS])
+
+      AC_LANG_PUSH([C])
+      AX_APPEND_COMPILE_FLAGS([-pipe],,[$ax_append_compile_cflags_extra])
+      AC_LANG_POP
+      ])
diff --git a/3P/wolfssl/m4/ax_print_to_file.m4 b/3P/wolfssl/m4/ax_print_to_file.m4
new file mode 100644
index 00000000..5b9d1c39
--- /dev/null
+++ b/3P/wolfssl/m4/ax_print_to_file.m4
@@ -0,0 +1,27 @@
+# ===========================================================================
+#     http://www.gnu.org/software/autoconf-archive/ax_print_to_file.html
+# ===========================================================================
+#
+# SYNOPSIS
+#
+#   AX_PRINT_TO_FILE([FILE],[DATA])
+#
+# DESCRIPTION
+#
+#   Writes the specified data to the specified file.
+#
+# LICENSE
+#
+#   Copyright (c) 2008 Tom Howard 
+#
+#   Copying and distribution of this file, with or without modification, are
+#   permitted in any medium without royalty provided the copyright notice
+#   and this notice are preserved. This file is offered as-is, without any
+#   warranty.
+
+#serial 7
+
+AC_DEFUN([AX_PRINT_TO_FILE],[
+AC_REQUIRE([AX_FILE_ESCAPES])
+printf "$2" > "$1"
+])
diff --git a/3P/wolfssl/m4/ax_pthread.m4 b/3P/wolfssl/m4/ax_pthread.m4
new file mode 100644
index 00000000..bdb34b0a
--- /dev/null
+++ b/3P/wolfssl/m4/ax_pthread.m4
@@ -0,0 +1,320 @@
+# ===========================================================================
+#        http://www.gnu.org/software/autoconf-archive/ax_pthread.html
+# ===========================================================================
+#
+# SYNOPSIS
+#
+#   AX_PTHREAD([ACTION-IF-FOUND[, ACTION-IF-NOT-FOUND]])
+#
+# DESCRIPTION
+#
+#   This macro figures out how to build C programs using POSIX threads. It
+#   sets the PTHREAD_LIBS output variable to the threads library and linker
+#   flags, and the PTHREAD_CFLAGS output variable to any special C compiler
+#   flags that are needed. (The user can also force certain compiler
+#   flags/libs to be tested by setting these environment variables.)
+#
+#   Also sets PTHREAD_CC to any special C compiler that is needed for
+#   multi-threaded programs (defaults to the value of CC otherwise). (This
+#   is necessary on AIX to use the special cc_r compiler alias.)
+#
+#   NOTE: You are assumed to not only compile your program with these flags,
+#   but also link it with them as well. e.g. you should link with
+#   $PTHREAD_CC $CFLAGS $PTHREAD_CFLAGS $LDFLAGS ... $PTHREAD_LIBS $LIBS
+#
+#   If you are only building threads programs, you may wish to use these
+#   variables in your default LIBS, CFLAGS, and CC:
+#
+#     LIBS="$PTHREAD_LIBS $LIBS"
+#     CFLAGS="$CFLAGS $PTHREAD_CFLAGS"
+#     CC="$PTHREAD_CC"
+#
+#   In addition, if the PTHREAD_CREATE_JOINABLE thread-attribute constant
+#   has a nonstandard name, defines PTHREAD_CREATE_JOINABLE to that name
+#   (e.g. PTHREAD_CREATE_UNDETACHED on AIX).
+#
+#   Also HAVE_PTHREAD_PRIO_INHERIT is defined if pthread is found and the
+#   PTHREAD_PRIO_INHERIT symbol is defined when compiling with
+#   PTHREAD_CFLAGS.
+#
+#   ACTION-IF-FOUND is a list of shell commands to run if a threads library
+#   is found, and ACTION-IF-NOT-FOUND is a list of commands to run it if it
+#   is not found. If ACTION-IF-FOUND is not specified, the default action
+#   will define HAVE_PTHREAD.
+#
+#   Please let the authors know if this macro fails on any platform, or if
+#   you have any other suggestions or comments. This macro was based on work
+#   by SGJ on autoconf scripts for FFTW (http://www.fftw.org/) (with help
+#   from M. Frigo), as well as ac_pthread and hb_pthread macros posted by
+#   Alejandro Forero Cuervo to the autoconf macro repository. We are also
+#   grateful for the helpful feedback of numerous users.
+#
+#   Updated for Autoconf 2.68 by Daniel Richard G.
+#
+# LICENSE
+#
+#   Copyright (c) 2008 Steven G. Johnson 
+#   Copyright (c) 2011 Daniel Richard G. 
+#
+#   This program is free software: you can redistribute it and/or modify it
+#   under the terms of the GNU General Public License as published by the
+#   Free Software Foundation, either version 3 of the License, or (at your
+#   option) any later version.
+#
+#   This program is distributed in the hope that it will be useful, but
+#   WITHOUT ANY WARRANTY; without even the implied warranty of
+#   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General
+#   Public License for more details.
+#
+#   You should have received a copy of the GNU General Public License along
+#   with this program. If not, see .
+#
+#   As a special exception, the respective Autoconf Macro's copyright owner
+#   gives unlimited permission to copy, distribute and modify the configure
+#   scripts that are the output of Autoconf when processing the Macro. You
+#   need not follow the terms of the GNU General Public License when using
+#   or distributing such scripts, even though portions of the text of the
+#   Macro appear in them. The GNU General Public License (GPL) does govern
+#   all other use of the material that constitutes the Autoconf Macro.
+#
+#   This special exception to the GPL applies to versions of the Autoconf
+#   Macro released by the Autoconf Archive. When you make and distribute a
+#   modified version of the Autoconf Macro, you may extend this special
+#   exception to the GPL to apply to your modified version as well.
+
+#serial 20
+
+AU_ALIAS([ACX_PTHREAD], [AX_PTHREAD])
+AC_DEFUN([AX_PTHREAD], [
+AC_REQUIRE([AC_CANONICAL_HOST])
+AC_LANG_PUSH([C])
+ax_pthread_ok=no
+
+# We used to check for pthread.h first, but this fails if pthread.h
+# requires special compiler flags (e.g. on True64 or Sequent).
+# It gets checked for in the link test anyway.
+
+# First of all, check if the user has set any of the PTHREAD_LIBS,
+# etcetera environment variables, and if threads linking works using
+# them:
+if test x"$PTHREAD_LIBS$PTHREAD_CFLAGS" != x; then
+        save_CFLAGS="$CFLAGS"
+        CFLAGS="$CFLAGS $PTHREAD_CFLAGS"
+        save_LIBS="$LIBS"
+        LIBS="$PTHREAD_LIBS $LIBS"
+        AC_MSG_CHECKING([for pthread_join in LIBS=$PTHREAD_LIBS with CFLAGS=$PTHREAD_CFLAGS])
+        AC_TRY_LINK_FUNC(pthread_join, ax_pthread_ok=yes)
+        AC_MSG_RESULT($ax_pthread_ok)
+        if test x"$ax_pthread_ok" = xno; then
+                PTHREAD_LIBS=""
+                PTHREAD_CFLAGS=""
+        fi
+        LIBS="$save_LIBS"
+        CFLAGS="$save_CFLAGS"
+fi
+
+# We must check for the threads library under a number of different
+# names; the ordering is very important because some systems
+# (e.g. DEC) have both -lpthread and -lpthreads, where one of the
+# libraries is broken (non-POSIX).
+
+# Create a list of thread flags to try.  Items starting with a "-" are
+# C compiler flags, and other items are library names, except for "none"
+# which indicates that we try without any flags at all, and "pthread-config"
+# which is a program returning the flags for the Pth emulation library.
+
+ax_pthread_flags="pthreads none -Kthread -kthread lthread -pthread -pthreads -mthreads pthread --thread-safe -mt pthread-config"
+
+# The ordering *is* (sometimes) important.  Some notes on the
+# individual items follow:
+
+# pthreads: AIX (must check this before -lpthread)
+# none: in case threads are in libc; should be tried before -Kthread and
+#       other compiler flags to prevent continual compiler warnings
+# -Kthread: Sequent (threads in libc, but -Kthread needed for pthread.h)
+# -kthread: FreeBSD kernel threads (preferred to -pthread since SMP-able)
+# lthread: LinuxThreads port on FreeBSD (also preferred to -pthread)
+# -pthread: Linux/gcc (kernel threads), BSD/gcc (userland threads)
+# -pthreads: Solaris/gcc
+# -mthreads: Mingw32/gcc, Lynx/gcc
+# -mt: Sun Workshop C (may only link SunOS threads [-lthread], but it
+#      doesn't hurt to check since this sometimes defines pthreads too;
+#      also defines -D_REENTRANT)
+#      ... -mt is also the pthreads flag for HP/aCC
+# pthread: Linux, etcetera
+# --thread-safe: KAI C++
+# pthread-config: use pthread-config program (for GNU Pth library)
+
+case ${host_os} in
+        solaris*)
+
+        # On Solaris (at least, for some versions), libc contains stubbed
+        # (non-functional) versions of the pthreads routines, so link-based
+        # tests will erroneously succeed.  (We need to link with -pthreads/-mt/
+        # -lpthread.)  (The stubs are missing pthread_cleanup_push, or rather
+        # a function called by this macro, so we could check for that, but
+        # who knows whether they'll stub that too in a future libc.)  So,
+        # we'll just look for -pthreads and -lpthread first:
+
+        ax_pthread_flags="-pthreads pthread -mt -pthread $ax_pthread_flags"
+        ;;
+
+        darwin*)
+        AC_REQUIRE([WOLFSSL_DARWIN_USING_CLANG])
+        AS_IF([test x"$wolfssl_darwin_clang" = x"yes"],
+                [ax_pthread_flags="$ax_pthread_flags"],
+                [ax_pthread_flags="-pthread $ax_pthread_flags"])
+        ;;
+esac
+
+if test x"$ax_pthread_ok" = xno; then
+for flag in $ax_pthread_flags; do
+
+        case $flag in
+                none)
+                AC_MSG_CHECKING([whether pthreads work without any flags])
+                ;;
+
+                -*)
+                AC_MSG_CHECKING([whether pthreads work with $flag])
+                PTHREAD_CFLAGS="$flag"
+                ;;
+
+                pthread-config)
+                AC_CHECK_PROG(ax_pthread_config, pthread-config, yes, no)
+                if test x"$ax_pthread_config" = xno; then continue; fi
+                PTHREAD_CFLAGS="`pthread-config --cflags`"
+                PTHREAD_LIBS="`pthread-config --ldflags` `pthread-config --libs`"
+                ;;
+
+                *)
+                AC_MSG_CHECKING([for the pthreads library -l$flag])
+                PTHREAD_LIBS="-l$flag"
+                ;;
+        esac
+
+        save_LIBS="$LIBS"
+        save_CFLAGS="$CFLAGS"
+        LIBS="$PTHREAD_LIBS $LIBS"
+        CFLAGS="$CFLAGS $PTHREAD_CFLAGS"
+
+        # Check for various functions.  We must include pthread.h,
+        # since some functions may be macros.  (On the Sequent, we
+        # need a special flag -Kthread to make this header compile.)
+        # We check for pthread_join because it is in -lpthread on IRIX
+        # while pthread_create is in libc.  We check for pthread_attr_init
+        # due to DEC craziness with -lpthreads.  We check for
+        # pthread_cleanup_push because it is one of the few pthread
+        # functions on Solaris that doesn't have a non-functional libc stub.
+        # We try pthread_create on general principles.
+        AC_LINK_IFELSE([AC_LANG_PROGRAM([#include 
+                        static void routine(void *a) { a = 0; }
+                        static void *start_routine(void *a) { return a; }],
+                       [pthread_t th; pthread_attr_t attr;
+                        pthread_create(&th, 0, start_routine, 0);
+                        pthread_join(th, 0);
+                        pthread_attr_init(&attr);
+                        pthread_cleanup_push(routine, 0);
+                        pthread_cleanup_pop(0) /* ; */])],
+                [ax_pthread_ok=yes],
+                [])
+
+        LIBS="$save_LIBS"
+        CFLAGS="$save_CFLAGS"
+
+        AC_MSG_RESULT($ax_pthread_ok)
+        if test "x$ax_pthread_ok" = xyes; then
+                break;
+        fi
+
+        PTHREAD_LIBS=""
+        PTHREAD_CFLAGS=""
+done
+fi
+
+# Various other checks:
+if test "x$ax_pthread_ok" = xyes; then
+        save_LIBS="$LIBS"
+        LIBS="$PTHREAD_LIBS $LIBS"
+        save_CFLAGS="$CFLAGS"
+        CFLAGS="$CFLAGS $PTHREAD_CFLAGS"
+
+        # Detect AIX lossage: JOINABLE attribute is called UNDETACHED.
+        AC_MSG_CHECKING([for joinable pthread attribute])
+        attr_name=unknown
+        for attr in PTHREAD_CREATE_JOINABLE PTHREAD_CREATE_UNDETACHED; do
+            AC_LINK_IFELSE([AC_LANG_PROGRAM([#include ],
+                           [int attr = $attr; return attr /* ; */])],
+                [attr_name=$attr; break],
+                [])
+        done
+        AC_MSG_RESULT($attr_name)
+        if test "$attr_name" != PTHREAD_CREATE_JOINABLE; then
+            AC_DEFINE_UNQUOTED(PTHREAD_CREATE_JOINABLE, $attr_name,
+                               [Define to necessary symbol if this constant
+                                uses a non-standard name on your system.])
+        fi
+
+        AC_MSG_CHECKING([if more special flags are required for pthreads])
+        flag=no
+        case ${host_os} in
+            aix* | freebsd* | darwin*) flag="-D_THREAD_SAFE";;
+            osf* | hpux*) flag="-D_REENTRANT";;
+            solaris*)
+            if test "$GCC" = "yes"; then
+                flag="-D_REENTRANT"
+            else
+                flag="-mt -D_REENTRANT"
+            fi
+            ;;
+        esac
+        AC_MSG_RESULT(${flag})
+        if test "x$flag" != xno; then
+            PTHREAD_CFLAGS="$flag $PTHREAD_CFLAGS"
+        fi
+
+        AC_CACHE_CHECK([for PTHREAD_PRIO_INHERIT],
+            ax_cv_PTHREAD_PRIO_INHERIT, [
+                AC_LINK_IFELSE([
+                    AC_LANG_PROGRAM([[#include ]], [[int i = PTHREAD_PRIO_INHERIT;]])],
+                    [ax_cv_PTHREAD_PRIO_INHERIT=yes],
+                    [ax_cv_PTHREAD_PRIO_INHERIT=no])
+            ])
+        AS_IF([test "x$ax_cv_PTHREAD_PRIO_INHERIT" = "xyes"],
+            AC_DEFINE([HAVE_PTHREAD_PRIO_INHERIT], 1, [Have PTHREAD_PRIO_INHERIT.]))
+
+        LIBS="$save_LIBS"
+        CFLAGS="$save_CFLAGS"
+
+        # More AIX lossage: compile with *_r variant
+        if test "x$GCC" != xyes; then
+            case $host_os in
+                aix*)
+                AS_CASE(["x/$CC"],
+                  [x*/c89|x*/c89_128|x*/c99|x*/c99_128|x*/cc|x*/cc128|x*/xlc|x*/xlc_v6|x*/xlc128|x*/xlc128_v6],
+                  [#handle absolute path differently from PATH based program lookup
+                   AS_CASE(["x$CC"],
+                     [x/*],
+                     [AS_IF([AS_EXECUTABLE_P([${CC}_r])],[PTHREAD_CC="${CC}_r"])],
+                     [AC_CHECK_PROGS([PTHREAD_CC],[${CC}_r],[$CC])])])
+                ;;
+            esac
+        fi
+fi
+
+test -n "$PTHREAD_CC" || PTHREAD_CC="$CC"
+
+AC_SUBST(PTHREAD_LIBS)
+AC_SUBST(PTHREAD_CFLAGS)
+AC_SUBST(PTHREAD_CC)
+
+# Finally, execute ACTION-IF-FOUND/ACTION-IF-NOT-FOUND:
+if test x"$ax_pthread_ok" = xyes; then
+        ifelse([$1],,AC_DEFINE(HAVE_PTHREAD,1,[Define if you have POSIX threads libraries and header files.]),[$1])
+        :
+else
+        ax_pthread_ok=no
+        $2
+fi
+AC_LANG_POP
+])dnl AX_PTHREAD
diff --git a/3P/wolfssl/m4/ax_tls.m4 b/3P/wolfssl/m4/ax_tls.m4
new file mode 100644
index 00000000..3f6b5e10
--- /dev/null
+++ b/3P/wolfssl/m4/ax_tls.m4
@@ -0,0 +1,92 @@
+# ===========================================================================
+#          http://www.gnu.org/software/autoconf-archive/ax_tls.html
+# ===========================================================================
+#
+# SYNOPSIS
+#
+#   AX_TLS([action-if-found], [action-if-not-found])
+#
+# DESCRIPTION
+#
+#   Provides a test for the compiler support of thread local storage (TLS)
+#   extensions. Defines TLS if it is found. Currently knows about GCC/ICC
+#   and MSVC. I think SunPro uses the same as GCC, and Borland apparently
+#   supports either.
+#
+# LICENSE
+#
+#   Copyright (c) 2008 Alan Woodland 
+#   Copyright (c) 2010 Diego Elio Petteno` 
+#
+#   This program is free software: you can redistribute it and/or modify it
+#   under the terms of the GNU General Public License as published by the
+#   Free Software Foundation, either version 3 of the License, or (at your
+#   option) any later version.
+#
+#   This program is distributed in the hope that it will be useful, but
+#   WITHOUT ANY WARRANTY; without even the implied warranty of
+#   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General
+#   Public License for more details.
+#
+#   You should have received a copy of the GNU General Public License along
+#   with this program. If not, see .
+#
+#   As a special exception, the respective Autoconf Macro's copyright owner
+#   gives unlimited permission to copy, distribute and modify the configure
+#   scripts that are the output of Autoconf when processing the Macro. You
+#   need not follow the terms of the GNU General Public License when using
+#   or distributing such scripts, even though portions of the text of the
+#   Macro appear in them. The GNU General Public License (GPL) does govern
+#   all other use of the material that constitutes the Autoconf Macro.
+#
+#   This special exception to the GPL applies to versions of the Autoconf
+#   Macro released by the Autoconf Archive. When you make and distribute a
+#   modified version of the Autoconf Macro, you may extend this special
+#   exception to the GPL to apply to your modified version as well.
+
+#serial 11
+
+#   Define m4_ifblank and m4_ifnblank macros from introduced in
+#   autotools 2.64 m4sugar.m4 if using an earlier autotools.
+
+ifdef([m4_ifblank], [], [
+    m4_define([m4_ifblank],
+    [m4_if(m4_translit([[$1]], [ ][	][
+]), [], [$2], [$3])])
+    ])
+
+
+ifdef([m4_ifnblank], [], [
+    m4_define([m4_ifnblank],
+    [m4_if(m4_translit([[$1]], [ ][	][
+]), [], [$3], [$2])])
+    ])
+
+AC_DEFUN([AX_TLS], [
+  AC_MSG_CHECKING(for thread local storage (TLS) class)
+  AC_CACHE_VAL(ac_cv_tls, [
+    ax_tls_keywords="__thread __declspec(thread) none"
+    for ax_tls_keyword in $ax_tls_keywords; do
+       AS_CASE([$ax_tls_keyword],
+          [none], [ac_cv_tls=none ; break],
+          [AC_TRY_COMPILE(
+              [#include 
+               static void
+               foo(void) {
+               static ] $ax_tls_keyword [ int bar;
+               exit(1);
+               }],
+               [],
+               [ac_cv_tls=$ax_tls_keyword ; break],
+               ac_cv_tls=none
+           )])
+    done
+  ])
+  AC_MSG_RESULT($ac_cv_tls)
+
+  AS_IF([test "$ac_cv_tls" != "none"],
+    AC_DEFINE_UNQUOTED([TLS], $ac_cv_tls, [If the compiler supports a TLS storage class define it to that here])
+      m4_ifnblank([$1], [$1]),
+    m4_ifnblank([$2], [$2])
+  )
+])
diff --git a/3P/wolfssl/m4/ax_vcs_checkout.m4 b/3P/wolfssl/m4/ax_vcs_checkout.m4
new file mode 100644
index 00000000..8047b65e
--- /dev/null
+++ b/3P/wolfssl/m4/ax_vcs_checkout.m4
@@ -0,0 +1,75 @@
+# ===========================================================================
+#      http://
+# ===========================================================================
+#
+# SYNOPSIS
+#
+#   AX_VCS_CHECKOUT
+#
+# DESCRIPTION
+#
+#   Discover whether or not we are operating with a tree which
+#   has been checked out of a version control system.
+#
+#
+# LICENSE
+#
+#  Copyright (C) 2012 Brian Aker
+#  All rights reserved.
+#  
+#  Redistribution and use in source and binary forms, with or without
+#  modification, are permitted provided that the following conditions are
+#  met:
+#  
+#      * Redistributions of source code must retain the above copyright
+#  notice, this list of conditions and the following disclaimer.
+#  
+#      * Redistributions in binary form must reproduce the above
+#  copyright notice, this list of conditions and the following disclaimer
+#  in the documentation and/or other materials provided with the
+#  distribution.
+#  
+#      * The names of its contributors may not be used to endorse or
+#  promote products derived from this software without specific prior
+#  written permission.
+#  
+#  THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+#  "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+#  LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+#  A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+#  OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+#  SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+#  LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+#  DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+#  THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+#  (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+#  OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+#serial 6
+
+AC_DEFUN([AX_VCS_SYSTEM],
+    [AC_PREREQ([2.63])dnl
+    AC_CACHE_CHECK([for vcs system], [ac_cv_vcs_system],
+      [ac_cv_vcs_system="none"
+      AS_IF([test -d ".bzr"],[ac_cv_vcs_system="bazaar"])
+      AS_IF([test -d ".svn"],[ac_cv_vcs_system="svn"])
+      AS_IF([test -d ".hg"],[ac_cv_vcs_system="mercurial"])
+      AS_IF([test -d ".git"],[ac_cv_vcs_system="git"])
+      ])
+    AC_DEFINE_UNQUOTED([VCS_SYSTEM],["$ac_cv_vcs_system"],[VCS system])
+    ])
+
+AC_DEFUN([AX_VCS_CHECKOUT],
+    [AC_PREREQ([2.63])dnl
+    AC_REQUIRE([AX_VCS_SYSTEM])
+    AC_CACHE_CHECK([for vcs checkout],[ac_cv_vcs_checkout],
+      [AS_IF([test "x$ac_cv_vcs_system" != "xnone"],
+        [ac_cv_vcs_checkout=yes],
+        [ac_cv_vcs_checkout=no])
+      ])
+
+    AM_CONDITIONAL([IS_VCS_CHECKOUT],[test "x$ac_cv_vcs_checkout" = "xyes"])
+    AS_IF([test "x$ac_cv_vcs_checkout" = "xyes"],
+      [AC_DEFINE([VCS_CHECKOUT],[1],[Define if the code was built from VCS.])],
+      [AC_DEFINE([VCS_CHECKOUT],[0],[Define if the code was built from VCS.])])
+    ])
diff --git a/3P/wolfssl/m4/hexversion.m4 b/3P/wolfssl/m4/hexversion.m4
new file mode 100644
index 00000000..8d26155e
--- /dev/null
+++ b/3P/wolfssl/m4/hexversion.m4
@@ -0,0 +1,6 @@
+AC_DEFUN([CREATE_HEX_VERSION],[
+
+  HEX_VERSION=`echo $VERSION | sed 's|[\-a-z0-9]*$||' | \
+    awk -F. '{printf "0x%0.2d%0.3d%0.3d", $[]1, $[]2, $[]3}'`
+  AC_SUBST([HEX_VERSION])
+])
diff --git a/3P/wolfssl/m4/lib_socket_nsl.m4 b/3P/wolfssl/m4/lib_socket_nsl.m4
new file mode 100644
index 00000000..e786e61c
--- /dev/null
+++ b/3P/wolfssl/m4/lib_socket_nsl.m4
@@ -0,0 +1,25 @@
+dnl @synopsis LIB_SOCKET_NSL
+dnl
+dnl This macro figures out what libraries are required on this platform
+dnl to link sockets programs.
+dnl
+dnl The common cases are not to need any extra libraries, or to need
+dnl -lsocket and -lnsl. We need to avoid linking with libnsl unless we
+dnl need it, though, since on some OSes where it isn't necessary it
+dnl will totally break networking. Unisys also includes gethostbyname()
+dnl in libsocket but needs libnsl for socket().
+dnl
+dnl @category Misc
+dnl @author Russ Allbery 
+dnl @author Stepan Kasal 
+dnl @author Warren Young 
+dnl @version 2005-09-06
+dnl @license AllPermissive
+
+AC_DEFUN([LIB_SOCKET_NSL],
+[
+	AC_SEARCH_LIBS([gethostbyname], [nsl])
+	AC_SEARCH_LIBS([socket], [socket], [], [
+		AC_CHECK_LIB([socket], [socket], [LIBS="-lsocket -lnsl $LIBS"],
+		[], [-lnsl])])
+])
diff --git a/3P/wolfssl/m4/libtool.m4 b/3P/wolfssl/m4/libtool.m4
new file mode 100644
index 00000000..4adcf73b
--- /dev/null
+++ b/3P/wolfssl/m4/libtool.m4
@@ -0,0 +1,7982 @@
+# libtool.m4 - Configure libtool for the host system. -*-Autoconf-*-
+#
+#   Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2003, 2004, 2005,
+#                 2006, 2007, 2008, 2009, 2010, 2011 Free Software
+#                 Foundation, Inc.
+#   Written by Gordon Matzigkeit, 1996
+#
+# This file is free software; the Free Software Foundation gives
+# unlimited permission to copy and/or distribute it, with or without
+# modifications, as long as this notice is preserved.
+
+m4_define([_LT_COPYING], [dnl
+#   Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2003, 2004, 2005,
+#                 2006, 2007, 2008, 2009, 2010, 2011 Free Software
+#                 Foundation, Inc.
+#   Written by Gordon Matzigkeit, 1996
+#
+#   This file is part of GNU Libtool.
+#
+# GNU Libtool is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License as
+# published by the Free Software Foundation; either version 2 of
+# the License, or (at your option) any later version.
+#
+# As a special exception to the GNU General Public License,
+# if you distribute this file as part of a program or library that
+# is built using GNU Libtool, you may include this file under the
+# same distribution terms that you use for the rest of that program.
+#
+# GNU Libtool is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with GNU Libtool; see the file COPYING.  If not, a copy
+# can be downloaded from http://www.gnu.org/licenses/gpl.html, or
+# obtained by writing to the Free Software Foundation, Inc.,
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+])
+
+# serial 57 LT_INIT
+
+
+# LT_PREREQ(VERSION)
+# ------------------
+# Complain and exit if this libtool version is less that VERSION.
+m4_defun([LT_PREREQ],
+[m4_if(m4_version_compare(m4_defn([LT_PACKAGE_VERSION]), [$1]), -1,
+       [m4_default([$3],
+		   [m4_fatal([Libtool version $1 or higher is required],
+		             63)])],
+       [$2])])
+
+
+# _LT_CHECK_BUILDDIR
+# ------------------
+# Complain if the absolute build directory name contains unusual characters
+m4_defun([_LT_CHECK_BUILDDIR],
+[case `pwd` in
+  *\ * | *\	*)
+    AC_MSG_WARN([Libtool does not cope well with whitespace in `pwd`]) ;;
+esac
+])
+
+
+# LT_INIT([OPTIONS])
+# ------------------
+AC_DEFUN([LT_INIT],
+[AC_PREREQ([2.58])dnl We use AC_INCLUDES_DEFAULT
+AC_REQUIRE([AC_CONFIG_AUX_DIR_DEFAULT])dnl
+AC_BEFORE([$0], [LT_LANG])dnl
+AC_BEFORE([$0], [LT_OUTPUT])dnl
+AC_BEFORE([$0], [LTDL_INIT])dnl
+m4_require([_LT_CHECK_BUILDDIR])dnl
+
+dnl Autoconf doesn't catch unexpanded LT_ macros by default:
+m4_pattern_forbid([^_?LT_[A-Z_]+$])dnl
+m4_pattern_allow([^(_LT_EOF|LT_DLGLOBAL|LT_DLLAZY_OR_NOW|LT_MULTI_MODULE)$])dnl
+dnl aclocal doesn't pull ltoptions.m4, ltsugar.m4, or ltversion.m4
+dnl unless we require an AC_DEFUNed macro:
+AC_REQUIRE([LTOPTIONS_VERSION])dnl
+AC_REQUIRE([LTSUGAR_VERSION])dnl
+AC_REQUIRE([LTVERSION_VERSION])dnl
+AC_REQUIRE([LTOBSOLETE_VERSION])dnl
+m4_require([_LT_PROG_LTMAIN])dnl
+
+_LT_SHELL_INIT([SHELL=${CONFIG_SHELL-/bin/sh}])
+
+dnl Parse OPTIONS
+_LT_SET_OPTIONS([$0], [$1])
+
+# This can be used to rebuild libtool when needed
+LIBTOOL_DEPS="$ltmain"
+
+# Always use our own libtool.
+LIBTOOL='$(SHELL) $(top_builddir)/libtool'
+AC_SUBST(LIBTOOL)dnl
+
+_LT_SETUP
+
+# Only expand once:
+m4_define([LT_INIT])
+])# LT_INIT
+
+# Old names:
+AU_ALIAS([AC_PROG_LIBTOOL], [LT_INIT])
+AU_ALIAS([AM_PROG_LIBTOOL], [LT_INIT])
+dnl aclocal-1.4 backwards compatibility:
+dnl AC_DEFUN([AC_PROG_LIBTOOL], [])
+dnl AC_DEFUN([AM_PROG_LIBTOOL], [])
+
+
+# _LT_CC_BASENAME(CC)
+# -------------------
+# Calculate cc_basename.  Skip known compiler wrappers and cross-prefix.
+m4_defun([_LT_CC_BASENAME],
+[for cc_temp in $1""; do
+  case $cc_temp in
+    compile | *[[\\/]]compile | ccache | *[[\\/]]ccache ) ;;
+    distcc | *[[\\/]]distcc | purify | *[[\\/]]purify ) ;;
+    \-*) ;;
+    *) break;;
+  esac
+done
+cc_basename=`$ECHO "$cc_temp" | $SED "s%.*/%%; s%^$host_alias-%%"`
+])
+
+
+# _LT_FILEUTILS_DEFAULTS
+# ----------------------
+# It is okay to use these file commands and assume they have been set
+# sensibly after `m4_require([_LT_FILEUTILS_DEFAULTS])'.
+m4_defun([_LT_FILEUTILS_DEFAULTS],
+[: ${CP="cp -f"}
+: ${MV="mv -f"}
+: ${RM="rm -f"}
+])# _LT_FILEUTILS_DEFAULTS
+
+
+# _LT_SETUP
+# ---------
+m4_defun([_LT_SETUP],
+[AC_REQUIRE([AC_CANONICAL_HOST])dnl
+AC_REQUIRE([AC_CANONICAL_BUILD])dnl
+AC_REQUIRE([_LT_PREPARE_SED_QUOTE_VARS])dnl
+AC_REQUIRE([_LT_PROG_ECHO_BACKSLASH])dnl
+
+_LT_DECL([], [PATH_SEPARATOR], [1], [The PATH separator for the build system])dnl
+dnl
+_LT_DECL([], [host_alias], [0], [The host system])dnl
+_LT_DECL([], [host], [0])dnl
+_LT_DECL([], [host_os], [0])dnl
+dnl
+_LT_DECL([], [build_alias], [0], [The build system])dnl
+_LT_DECL([], [build], [0])dnl
+_LT_DECL([], [build_os], [0])dnl
+dnl
+AC_REQUIRE([AC_PROG_CC])dnl
+AC_REQUIRE([LT_PATH_LD])dnl
+AC_REQUIRE([LT_PATH_NM])dnl
+dnl
+AC_REQUIRE([AC_PROG_LN_S])dnl
+test -z "$LN_S" && LN_S="ln -s"
+_LT_DECL([], [LN_S], [1], [Whether we need soft or hard links])dnl
+dnl
+AC_REQUIRE([LT_CMD_MAX_LEN])dnl
+_LT_DECL([objext], [ac_objext], [0], [Object file suffix (normally "o")])dnl
+_LT_DECL([], [exeext], [0], [Executable file suffix (normally "")])dnl
+dnl
+m4_require([_LT_FILEUTILS_DEFAULTS])dnl
+m4_require([_LT_CHECK_SHELL_FEATURES])dnl
+m4_require([_LT_PATH_CONVERSION_FUNCTIONS])dnl
+m4_require([_LT_CMD_RELOAD])dnl
+m4_require([_LT_CHECK_MAGIC_METHOD])dnl
+m4_require([_LT_CHECK_SHAREDLIB_FROM_LINKLIB])dnl
+m4_require([_LT_CMD_OLD_ARCHIVE])dnl
+m4_require([_LT_CMD_GLOBAL_SYMBOLS])dnl
+m4_require([_LT_WITH_SYSROOT])dnl
+
+_LT_CONFIG_LIBTOOL_INIT([
+# See if we are running on zsh, and set the options which allow our
+# commands through without removal of \ escapes INIT.
+if test -n "\${ZSH_VERSION+set}" ; then
+   setopt NO_GLOB_SUBST
+fi
+])
+if test -n "${ZSH_VERSION+set}" ; then
+   setopt NO_GLOB_SUBST
+fi
+
+_LT_CHECK_OBJDIR
+
+m4_require([_LT_TAG_COMPILER])dnl
+
+case $host_os in
+aix3*)
+  # AIX sometimes has problems with the GCC collect2 program.  For some
+  # reason, if we set the COLLECT_NAMES environment variable, the problems
+  # vanish in a puff of smoke.
+  if test "X${COLLECT_NAMES+set}" != Xset; then
+    COLLECT_NAMES=
+    export COLLECT_NAMES
+  fi
+  ;;
+esac
+
+# Global variables:
+ofile=libtool
+can_build_shared=yes
+
+# All known linkers require a `.a' archive for static linking (except MSVC,
+# which needs '.lib').
+libext=a
+
+with_gnu_ld="$lt_cv_prog_gnu_ld"
+
+old_CC="$CC"
+old_CFLAGS="$CFLAGS"
+
+# Set sane defaults for various variables
+test -z "$CC" && CC=cc
+test -z "$LTCC" && LTCC=$CC
+test -z "$LTCFLAGS" && LTCFLAGS=$CFLAGS
+test -z "$LD" && LD=ld
+test -z "$ac_objext" && ac_objext=o
+
+_LT_CC_BASENAME([$compiler])
+
+# Only perform the check for file, if the check method requires it
+test -z "$MAGIC_CMD" && MAGIC_CMD=file
+case $deplibs_check_method in
+file_magic*)
+  if test "$file_magic_cmd" = '$MAGIC_CMD'; then
+    _LT_PATH_MAGIC
+  fi
+  ;;
+esac
+
+# Use C for the default configuration in the libtool script
+LT_SUPPORTED_TAG([CC])
+_LT_LANG_C_CONFIG
+_LT_LANG_DEFAULT_CONFIG
+_LT_CONFIG_COMMANDS
+])# _LT_SETUP
+
+
+# _LT_PREPARE_SED_QUOTE_VARS
+# --------------------------
+# Define a few sed substitution that help us do robust quoting.
+m4_defun([_LT_PREPARE_SED_QUOTE_VARS],
+[# Backslashify metacharacters that are still active within
+# double-quoted strings.
+sed_quote_subst='s/\([["`$\\]]\)/\\\1/g'
+
+# Same as above, but do not quote variable references.
+double_quote_subst='s/\([["`\\]]\)/\\\1/g'
+
+# Sed substitution to delay expansion of an escaped shell variable in a
+# double_quote_subst'ed string.
+delay_variable_subst='s/\\\\\\\\\\\$/\\\\\\$/g'
+
+# Sed substitution to delay expansion of an escaped single quote.
+delay_single_quote_subst='s/'\''/'\'\\\\\\\'\''/g'
+
+# Sed substitution to avoid accidental globbing in evaled expressions
+no_glob_subst='s/\*/\\\*/g'
+])
+
+# _LT_PROG_LTMAIN
+# ---------------
+# Note that this code is called both from `configure', and `config.status'
+# now that we use AC_CONFIG_COMMANDS to generate libtool.  Notably,
+# `config.status' has no value for ac_aux_dir unless we are using Automake,
+# so we pass a copy along to make sure it has a sensible value anyway.
+m4_defun([_LT_PROG_LTMAIN],
+[m4_ifdef([AC_REQUIRE_AUX_FILE], [AC_REQUIRE_AUX_FILE([ltmain.sh])])dnl
+_LT_CONFIG_LIBTOOL_INIT([ac_aux_dir='$ac_aux_dir'])
+ltmain="$ac_aux_dir/ltmain.sh"
+])# _LT_PROG_LTMAIN
+
+
+## ------------------------------------- ##
+## Accumulate code for creating libtool. ##
+## ------------------------------------- ##
+
+# So that we can recreate a full libtool script including additional
+# tags, we accumulate the chunks of code to send to AC_CONFIG_COMMANDS
+# in macros and then make a single call at the end using the `libtool'
+# label.
+
+
+# _LT_CONFIG_LIBTOOL_INIT([INIT-COMMANDS])
+# ----------------------------------------
+# Register INIT-COMMANDS to be passed to AC_CONFIG_COMMANDS later.
+m4_define([_LT_CONFIG_LIBTOOL_INIT],
+[m4_ifval([$1],
+          [m4_append([_LT_OUTPUT_LIBTOOL_INIT],
+                     [$1
+])])])
+
+# Initialize.
+m4_define([_LT_OUTPUT_LIBTOOL_INIT])
+
+
+# _LT_CONFIG_LIBTOOL([COMMANDS])
+# ------------------------------
+# Register COMMANDS to be passed to AC_CONFIG_COMMANDS later.
+m4_define([_LT_CONFIG_LIBTOOL],
+[m4_ifval([$1],
+          [m4_append([_LT_OUTPUT_LIBTOOL_COMMANDS],
+                     [$1
+])])])
+
+# Initialize.
+m4_define([_LT_OUTPUT_LIBTOOL_COMMANDS])
+
+
+# _LT_CONFIG_SAVE_COMMANDS([COMMANDS], [INIT_COMMANDS])
+# -----------------------------------------------------
+m4_defun([_LT_CONFIG_SAVE_COMMANDS],
+[_LT_CONFIG_LIBTOOL([$1])
+_LT_CONFIG_LIBTOOL_INIT([$2])
+])
+
+
+# _LT_FORMAT_COMMENT([COMMENT])
+# -----------------------------
+# Add leading comment marks to the start of each line, and a trailing
+# full-stop to the whole comment if one is not present already.
+m4_define([_LT_FORMAT_COMMENT],
+[m4_ifval([$1], [
+m4_bpatsubst([m4_bpatsubst([$1], [^ *], [# ])],
+              [['`$\]], [\\\&])]m4_bmatch([$1], [[!?.]$], [], [.])
+)])
+
+
+
+## ------------------------ ##
+## FIXME: Eliminate VARNAME ##
+## ------------------------ ##
+
+
+# _LT_DECL([CONFIGNAME], VARNAME, VALUE, [DESCRIPTION], [IS-TAGGED?])
+# -------------------------------------------------------------------
+# CONFIGNAME is the name given to the value in the libtool script.
+# VARNAME is the (base) name used in the configure script.
+# VALUE may be 0, 1 or 2 for a computed quote escaped value based on
+# VARNAME.  Any other value will be used directly.
+m4_define([_LT_DECL],
+[lt_if_append_uniq([lt_decl_varnames], [$2], [, ],
+    [lt_dict_add_subkey([lt_decl_dict], [$2], [libtool_name],
+	[m4_ifval([$1], [$1], [$2])])
+    lt_dict_add_subkey([lt_decl_dict], [$2], [value], [$3])
+    m4_ifval([$4],
+	[lt_dict_add_subkey([lt_decl_dict], [$2], [description], [$4])])
+    lt_dict_add_subkey([lt_decl_dict], [$2],
+	[tagged?], [m4_ifval([$5], [yes], [no])])])
+])
+
+
+# _LT_TAGDECL([CONFIGNAME], VARNAME, VALUE, [DESCRIPTION])
+# --------------------------------------------------------
+m4_define([_LT_TAGDECL], [_LT_DECL([$1], [$2], [$3], [$4], [yes])])
+
+
+# lt_decl_tag_varnames([SEPARATOR], [VARNAME1...])
+# ------------------------------------------------
+m4_define([lt_decl_tag_varnames],
+[_lt_decl_filter([tagged?], [yes], $@)])
+
+
+# _lt_decl_filter(SUBKEY, VALUE, [SEPARATOR], [VARNAME1..])
+# ---------------------------------------------------------
+m4_define([_lt_decl_filter],
+[m4_case([$#],
+  [0], [m4_fatal([$0: too few arguments: $#])],
+  [1], [m4_fatal([$0: too few arguments: $#: $1])],
+  [2], [lt_dict_filter([lt_decl_dict], [$1], [$2], [], lt_decl_varnames)],
+  [3], [lt_dict_filter([lt_decl_dict], [$1], [$2], [$3], lt_decl_varnames)],
+  [lt_dict_filter([lt_decl_dict], $@)])[]dnl
+])
+
+
+# lt_decl_quote_varnames([SEPARATOR], [VARNAME1...])
+# --------------------------------------------------
+m4_define([lt_decl_quote_varnames],
+[_lt_decl_filter([value], [1], $@)])
+
+
+# lt_decl_dquote_varnames([SEPARATOR], [VARNAME1...])
+# ---------------------------------------------------
+m4_define([lt_decl_dquote_varnames],
+[_lt_decl_filter([value], [2], $@)])
+
+
+# lt_decl_varnames_tagged([SEPARATOR], [VARNAME1...])
+# ---------------------------------------------------
+m4_define([lt_decl_varnames_tagged],
+[m4_assert([$# <= 2])dnl
+_$0(m4_quote(m4_default([$1], [[, ]])),
+    m4_ifval([$2], [[$2]], [m4_dquote(lt_decl_tag_varnames)]),
+    m4_split(m4_normalize(m4_quote(_LT_TAGS)), [ ]))])
+m4_define([_lt_decl_varnames_tagged],
+[m4_ifval([$3], [lt_combine([$1], [$2], [_], $3)])])
+
+
+# lt_decl_all_varnames([SEPARATOR], [VARNAME1...])
+# ------------------------------------------------
+m4_define([lt_decl_all_varnames],
+[_$0(m4_quote(m4_default([$1], [[, ]])),
+     m4_if([$2], [],
+	   m4_quote(lt_decl_varnames),
+	m4_quote(m4_shift($@))))[]dnl
+])
+m4_define([_lt_decl_all_varnames],
+[lt_join($@, lt_decl_varnames_tagged([$1],
+			lt_decl_tag_varnames([[, ]], m4_shift($@))))dnl
+])
+
+
+# _LT_CONFIG_STATUS_DECLARE([VARNAME])
+# ------------------------------------
+# Quote a variable value, and forward it to `config.status' so that its
+# declaration there will have the same value as in `configure'.  VARNAME
+# must have a single quote delimited value for this to work.
+m4_define([_LT_CONFIG_STATUS_DECLARE],
+[$1='`$ECHO "$][$1" | $SED "$delay_single_quote_subst"`'])
+
+
+# _LT_CONFIG_STATUS_DECLARATIONS
+# ------------------------------
+# We delimit libtool config variables with single quotes, so when
+# we write them to config.status, we have to be sure to quote all
+# embedded single quotes properly.  In configure, this macro expands
+# each variable declared with _LT_DECL (and _LT_TAGDECL) into:
+#
+#    ='`$ECHO "$" | $SED "$delay_single_quote_subst"`'
+m4_defun([_LT_CONFIG_STATUS_DECLARATIONS],
+[m4_foreach([_lt_var], m4_quote(lt_decl_all_varnames),
+    [m4_n([_LT_CONFIG_STATUS_DECLARE(_lt_var)])])])
+
+
+# _LT_LIBTOOL_TAGS
+# ----------------
+# Output comment and list of tags supported by the script
+m4_defun([_LT_LIBTOOL_TAGS],
+[_LT_FORMAT_COMMENT([The names of the tagged configurations supported by this script])dnl
+available_tags="_LT_TAGS"dnl
+])
+
+
+# _LT_LIBTOOL_DECLARE(VARNAME, [TAG])
+# -----------------------------------
+# Extract the dictionary values for VARNAME (optionally with TAG) and
+# expand to a commented shell variable setting:
+#
+#    # Some comment about what VAR is for.
+#    visible_name=$lt_internal_name
+m4_define([_LT_LIBTOOL_DECLARE],
+[_LT_FORMAT_COMMENT(m4_quote(lt_dict_fetch([lt_decl_dict], [$1],
+					   [description])))[]dnl
+m4_pushdef([_libtool_name],
+    m4_quote(lt_dict_fetch([lt_decl_dict], [$1], [libtool_name])))[]dnl
+m4_case(m4_quote(lt_dict_fetch([lt_decl_dict], [$1], [value])),
+    [0], [_libtool_name=[$]$1],
+    [1], [_libtool_name=$lt_[]$1],
+    [2], [_libtool_name=$lt_[]$1],
+    [_libtool_name=lt_dict_fetch([lt_decl_dict], [$1], [value])])[]dnl
+m4_ifval([$2], [_$2])[]m4_popdef([_libtool_name])[]dnl
+])
+
+
+# _LT_LIBTOOL_CONFIG_VARS
+# -----------------------
+# Produce commented declarations of non-tagged libtool config variables
+# suitable for insertion in the LIBTOOL CONFIG section of the `libtool'
+# script.  Tagged libtool config variables (even for the LIBTOOL CONFIG
+# section) are produced by _LT_LIBTOOL_TAG_VARS.
+m4_defun([_LT_LIBTOOL_CONFIG_VARS],
+[m4_foreach([_lt_var],
+    m4_quote(_lt_decl_filter([tagged?], [no], [], lt_decl_varnames)),
+    [m4_n([_LT_LIBTOOL_DECLARE(_lt_var)])])])
+
+
+# _LT_LIBTOOL_TAG_VARS(TAG)
+# -------------------------
+m4_define([_LT_LIBTOOL_TAG_VARS],
+[m4_foreach([_lt_var], m4_quote(lt_decl_tag_varnames),
+    [m4_n([_LT_LIBTOOL_DECLARE(_lt_var, [$1])])])])
+
+
+# _LT_TAGVAR(VARNAME, [TAGNAME])
+# ------------------------------
+m4_define([_LT_TAGVAR], [m4_ifval([$2], [$1_$2], [$1])])
+
+
+# _LT_CONFIG_COMMANDS
+# -------------------
+# Send accumulated output to $CONFIG_STATUS.  Thanks to the lists of
+# variables for single and double quote escaping we saved from calls
+# to _LT_DECL, we can put quote escaped variables declarations
+# into `config.status', and then the shell code to quote escape them in
+# for loops in `config.status'.  Finally, any additional code accumulated
+# from calls to _LT_CONFIG_LIBTOOL_INIT is expanded.
+m4_defun([_LT_CONFIG_COMMANDS],
+[AC_PROVIDE_IFELSE([LT_OUTPUT],
+	dnl If the libtool generation code has been placed in $CONFIG_LT,
+	dnl instead of duplicating it all over again into config.status,
+	dnl then we will have config.status run $CONFIG_LT later, so it
+	dnl needs to know what name is stored there:
+        [AC_CONFIG_COMMANDS([libtool],
+            [$SHELL $CONFIG_LT || AS_EXIT(1)], [CONFIG_LT='$CONFIG_LT'])],
+    dnl If the libtool generation code is destined for config.status,
+    dnl expand the accumulated commands and init code now:
+    [AC_CONFIG_COMMANDS([libtool],
+        [_LT_OUTPUT_LIBTOOL_COMMANDS], [_LT_OUTPUT_LIBTOOL_COMMANDS_INIT])])
+])#_LT_CONFIG_COMMANDS
+
+
+# Initialize.
+m4_define([_LT_OUTPUT_LIBTOOL_COMMANDS_INIT],
+[
+
+# The HP-UX ksh and POSIX shell print the target directory to stdout
+# if CDPATH is set.
+(unset CDPATH) >/dev/null 2>&1 && unset CDPATH
+
+sed_quote_subst='$sed_quote_subst'
+double_quote_subst='$double_quote_subst'
+delay_variable_subst='$delay_variable_subst'
+_LT_CONFIG_STATUS_DECLARATIONS
+LTCC='$LTCC'
+LTCFLAGS='$LTCFLAGS'
+compiler='$compiler_DEFAULT'
+
+# A function that is used when there is no print builtin or printf.
+func_fallback_echo ()
+{
+  eval 'cat <<_LTECHO_EOF
+\$[]1
+_LTECHO_EOF'
+}
+
+# Quote evaled strings.
+for var in lt_decl_all_varnames([[ \
+]], lt_decl_quote_varnames); do
+    case \`eval \\\\\$ECHO \\\\""\\\\\$\$var"\\\\"\` in
+    *[[\\\\\\\`\\"\\\$]]*)
+      eval "lt_\$var=\\\\\\"\\\`\\\$ECHO \\"\\\$\$var\\" | \\\$SED \\"\\\$sed_quote_subst\\"\\\`\\\\\\""
+      ;;
+    *)
+      eval "lt_\$var=\\\\\\"\\\$\$var\\\\\\""
+      ;;
+    esac
+done
+
+# Double-quote double-evaled strings.
+for var in lt_decl_all_varnames([[ \
+]], lt_decl_dquote_varnames); do
+    case \`eval \\\\\$ECHO \\\\""\\\\\$\$var"\\\\"\` in
+    *[[\\\\\\\`\\"\\\$]]*)
+      eval "lt_\$var=\\\\\\"\\\`\\\$ECHO \\"\\\$\$var\\" | \\\$SED -e \\"\\\$double_quote_subst\\" -e \\"\\\$sed_quote_subst\\" -e \\"\\\$delay_variable_subst\\"\\\`\\\\\\""
+      ;;
+    *)
+      eval "lt_\$var=\\\\\\"\\\$\$var\\\\\\""
+      ;;
+    esac
+done
+
+_LT_OUTPUT_LIBTOOL_INIT
+])
+
+# _LT_GENERATED_FILE_INIT(FILE, [COMMENT])
+# ------------------------------------
+# Generate a child script FILE with all initialization necessary to
+# reuse the environment learned by the parent script, and make the
+# file executable.  If COMMENT is supplied, it is inserted after the
+# `#!' sequence but before initialization text begins.  After this
+# macro, additional text can be appended to FILE to form the body of
+# the child script.  The macro ends with non-zero status if the
+# file could not be fully written (such as if the disk is full).
+m4_ifdef([AS_INIT_GENERATED],
+[m4_defun([_LT_GENERATED_FILE_INIT],[AS_INIT_GENERATED($@)])],
+[m4_defun([_LT_GENERATED_FILE_INIT],
+[m4_require([AS_PREPARE])]dnl
+[m4_pushdef([AS_MESSAGE_LOG_FD])]dnl
+[lt_write_fail=0
+cat >$1 <<_ASEOF || lt_write_fail=1
+#! $SHELL
+# Generated by $as_me.
+$2
+SHELL=\${CONFIG_SHELL-$SHELL}
+export SHELL
+_ASEOF
+cat >>$1 <<\_ASEOF || lt_write_fail=1
+AS_SHELL_SANITIZE
+_AS_PREPARE
+exec AS_MESSAGE_FD>&1
+_ASEOF
+test $lt_write_fail = 0 && chmod +x $1[]dnl
+m4_popdef([AS_MESSAGE_LOG_FD])])])# _LT_GENERATED_FILE_INIT
+
+# LT_OUTPUT
+# ---------
+# This macro allows early generation of the libtool script (before
+# AC_OUTPUT is called), incase it is used in configure for compilation
+# tests.
+AC_DEFUN([LT_OUTPUT],
+[: ${CONFIG_LT=./config.lt}
+AC_MSG_NOTICE([creating $CONFIG_LT])
+_LT_GENERATED_FILE_INIT(["$CONFIG_LT"],
+[# Run this file to recreate a libtool stub with the current configuration.])
+
+cat >>"$CONFIG_LT" <<\_LTEOF
+lt_cl_silent=false
+exec AS_MESSAGE_LOG_FD>>config.log
+{
+  echo
+  AS_BOX([Running $as_me.])
+} >&AS_MESSAGE_LOG_FD
+
+lt_cl_help="\
+\`$as_me' creates a local libtool stub from the current configuration,
+for use in further configure time tests before the real libtool is
+generated.
+
+Usage: $[0] [[OPTIONS]]
+
+  -h, --help      print this help, then exit
+  -V, --version   print version number, then exit
+  -q, --quiet     do not print progress messages
+  -d, --debug     don't remove temporary files
+
+Report bugs to ."
+
+lt_cl_version="\
+m4_ifset([AC_PACKAGE_NAME], [AC_PACKAGE_NAME ])config.lt[]dnl
+m4_ifset([AC_PACKAGE_VERSION], [ AC_PACKAGE_VERSION])
+configured by $[0], generated by m4_PACKAGE_STRING.
+
+Copyright (C) 2011 Free Software Foundation, Inc.
+This config.lt script is free software; the Free Software Foundation
+gives unlimited permision to copy, distribute and modify it."
+
+while test $[#] != 0
+do
+  case $[1] in
+    --version | --v* | -V )
+      echo "$lt_cl_version"; exit 0 ;;
+    --help | --h* | -h )
+      echo "$lt_cl_help"; exit 0 ;;
+    --debug | --d* | -d )
+      debug=: ;;
+    --quiet | --q* | --silent | --s* | -q )
+      lt_cl_silent=: ;;
+
+    -*) AC_MSG_ERROR([unrecognized option: $[1]
+Try \`$[0] --help' for more information.]) ;;
+
+    *) AC_MSG_ERROR([unrecognized argument: $[1]
+Try \`$[0] --help' for more information.]) ;;
+  esac
+  shift
+done
+
+if $lt_cl_silent; then
+  exec AS_MESSAGE_FD>/dev/null
+fi
+_LTEOF
+
+cat >>"$CONFIG_LT" <<_LTEOF
+_LT_OUTPUT_LIBTOOL_COMMANDS_INIT
+_LTEOF
+
+cat >>"$CONFIG_LT" <<\_LTEOF
+AC_MSG_NOTICE([creating $ofile])
+_LT_OUTPUT_LIBTOOL_COMMANDS
+AS_EXIT(0)
+_LTEOF
+chmod +x "$CONFIG_LT"
+
+# configure is writing to config.log, but config.lt does its own redirection,
+# appending to config.log, which fails on DOS, as config.log is still kept
+# open by configure.  Here we exec the FD to /dev/null, effectively closing
+# config.log, so it can be properly (re)opened and appended to by config.lt.
+lt_cl_success=:
+test "$silent" = yes &&
+  lt_config_lt_args="$lt_config_lt_args --quiet"
+exec AS_MESSAGE_LOG_FD>/dev/null
+$SHELL "$CONFIG_LT" $lt_config_lt_args || lt_cl_success=false
+exec AS_MESSAGE_LOG_FD>>config.log
+$lt_cl_success || AS_EXIT(1)
+])# LT_OUTPUT
+
+
+# _LT_CONFIG(TAG)
+# ---------------
+# If TAG is the built-in tag, create an initial libtool script with a
+# default configuration from the untagged config vars.  Otherwise add code
+# to config.status for appending the configuration named by TAG from the
+# matching tagged config vars.
+m4_defun([_LT_CONFIG],
+[m4_require([_LT_FILEUTILS_DEFAULTS])dnl
+_LT_CONFIG_SAVE_COMMANDS([
+  m4_define([_LT_TAG], m4_if([$1], [], [C], [$1]))dnl
+  m4_if(_LT_TAG, [C], [
+    # See if we are running on zsh, and set the options which allow our
+    # commands through without removal of \ escapes.
+    if test -n "${ZSH_VERSION+set}" ; then
+      setopt NO_GLOB_SUBST
+    fi
+
+    cfgfile="${ofile}T"
+    trap "$RM \"$cfgfile\"; exit 1" 1 2 15
+    $RM "$cfgfile"
+
+    cat <<_LT_EOF >> "$cfgfile"
+#! $SHELL
+
+# `$ECHO "$ofile" | sed 's%^.*/%%'` - Provide generalized library-building support services.
+# Generated automatically by $as_me ($PACKAGE$TIMESTAMP) $VERSION
+# Libtool was configured on host `(hostname || uname -n) 2>/dev/null | sed 1q`:
+# NOTE: Changes made to this file will be lost: look at ltmain.sh.
+#
+_LT_COPYING
+_LT_LIBTOOL_TAGS
+
+# ### BEGIN LIBTOOL CONFIG
+_LT_LIBTOOL_CONFIG_VARS
+_LT_LIBTOOL_TAG_VARS
+# ### END LIBTOOL CONFIG
+
+_LT_EOF
+
+  case $host_os in
+  aix3*)
+    cat <<\_LT_EOF >> "$cfgfile"
+# AIX sometimes has problems with the GCC collect2 program.  For some
+# reason, if we set the COLLECT_NAMES environment variable, the problems
+# vanish in a puff of smoke.
+if test "X${COLLECT_NAMES+set}" != Xset; then
+  COLLECT_NAMES=
+  export COLLECT_NAMES
+fi
+_LT_EOF
+    ;;
+  esac
+
+  _LT_PROG_LTMAIN
+
+  # We use sed instead of cat because bash on DJGPP gets confused if
+  # if finds mixed CR/LF and LF-only lines.  Since sed operates in
+  # text mode, it properly converts lines to CR/LF.  This bash problem
+  # is reportedly fixed, but why not run on old versions too?
+  sed '$q' "$ltmain" >> "$cfgfile" \
+     || (rm -f "$cfgfile"; exit 1)
+
+  _LT_PROG_REPLACE_SHELLFNS
+
+   mv -f "$cfgfile" "$ofile" ||
+    (rm -f "$ofile" && cp "$cfgfile" "$ofile" && rm -f "$cfgfile")
+  chmod +x "$ofile"
+],
+[cat <<_LT_EOF >> "$ofile"
+
+dnl Unfortunately we have to use $1 here, since _LT_TAG is not expanded
+dnl in a comment (ie after a #).
+# ### BEGIN LIBTOOL TAG CONFIG: $1
+_LT_LIBTOOL_TAG_VARS(_LT_TAG)
+# ### END LIBTOOL TAG CONFIG: $1
+_LT_EOF
+])dnl /m4_if
+],
+[m4_if([$1], [], [
+    PACKAGE='$PACKAGE'
+    VERSION='$VERSION'
+    TIMESTAMP='$TIMESTAMP'
+    RM='$RM'
+    ofile='$ofile'], [])
+])dnl /_LT_CONFIG_SAVE_COMMANDS
+])# _LT_CONFIG
+
+
+# LT_SUPPORTED_TAG(TAG)
+# ---------------------
+# Trace this macro to discover what tags are supported by the libtool
+# --tag option, using:
+#    autoconf --trace 'LT_SUPPORTED_TAG:$1'
+AC_DEFUN([LT_SUPPORTED_TAG], [])
+
+
+# C support is built-in for now
+m4_define([_LT_LANG_C_enabled], [])
+m4_define([_LT_TAGS], [])
+
+
+# LT_LANG(LANG)
+# -------------
+# Enable libtool support for the given language if not already enabled.
+AC_DEFUN([LT_LANG],
+[AC_BEFORE([$0], [LT_OUTPUT])dnl
+m4_case([$1],
+  [C],			[_LT_LANG(C)],
+  [C++],		[_LT_LANG(CXX)],
+  [Go],			[_LT_LANG(GO)],
+  [Java],		[_LT_LANG(GCJ)],
+  [Fortran 77],		[_LT_LANG(F77)],
+  [Fortran],		[_LT_LANG(FC)],
+  [Windows Resource],	[_LT_LANG(RC)],
+  [m4_ifdef([_LT_LANG_]$1[_CONFIG],
+    [_LT_LANG($1)],
+    [m4_fatal([$0: unsupported language: "$1"])])])dnl
+])# LT_LANG
+
+
+# _LT_LANG(LANGNAME)
+# ------------------
+m4_defun([_LT_LANG],
+[m4_ifdef([_LT_LANG_]$1[_enabled], [],
+  [LT_SUPPORTED_TAG([$1])dnl
+  m4_append([_LT_TAGS], [$1 ])dnl
+  m4_define([_LT_LANG_]$1[_enabled], [])dnl
+  _LT_LANG_$1_CONFIG($1)])dnl
+])# _LT_LANG
+
+
+m4_ifndef([AC_PROG_GO], [
+############################################################
+# NOTE: This macro has been submitted for inclusion into   #
+#  GNU Autoconf as AC_PROG_GO.  When it is available in    #
+#  a released version of Autoconf we should remove this    #
+#  macro and use it instead.                               #
+############################################################
+m4_defun([AC_PROG_GO],
+[AC_LANG_PUSH(Go)dnl
+AC_ARG_VAR([GOC],     [Go compiler command])dnl
+AC_ARG_VAR([GOFLAGS], [Go compiler flags])dnl
+_AC_ARG_VAR_LDFLAGS()dnl
+AC_CHECK_TOOL(GOC, gccgo)
+if test -z "$GOC"; then
+  if test -n "$ac_tool_prefix"; then
+    AC_CHECK_PROG(GOC, [${ac_tool_prefix}gccgo], [${ac_tool_prefix}gccgo])
+  fi
+fi
+if test -z "$GOC"; then
+  AC_CHECK_PROG(GOC, gccgo, gccgo, false)
+fi
+])#m4_defun
+])#m4_ifndef
+
+
+# _LT_LANG_DEFAULT_CONFIG
+# -----------------------
+m4_defun([_LT_LANG_DEFAULT_CONFIG],
+[AC_PROVIDE_IFELSE([AC_PROG_CXX],
+  [LT_LANG(CXX)],
+  [m4_define([AC_PROG_CXX], defn([AC_PROG_CXX])[LT_LANG(CXX)])])
+
+AC_PROVIDE_IFELSE([AC_PROG_F77],
+  [LT_LANG(F77)],
+  [m4_define([AC_PROG_F77], defn([AC_PROG_F77])[LT_LANG(F77)])])
+
+AC_PROVIDE_IFELSE([AC_PROG_FC],
+  [LT_LANG(FC)],
+  [m4_define([AC_PROG_FC], defn([AC_PROG_FC])[LT_LANG(FC)])])
+
+dnl The call to [A][M_PROG_GCJ] is quoted like that to stop aclocal
+dnl pulling things in needlessly.
+AC_PROVIDE_IFELSE([AC_PROG_GCJ],
+  [LT_LANG(GCJ)],
+  [AC_PROVIDE_IFELSE([A][M_PROG_GCJ],
+    [LT_LANG(GCJ)],
+    [AC_PROVIDE_IFELSE([LT_PROG_GCJ],
+      [LT_LANG(GCJ)],
+      [m4_ifdef([AC_PROG_GCJ],
+	[m4_define([AC_PROG_GCJ], defn([AC_PROG_GCJ])[LT_LANG(GCJ)])])
+       m4_ifdef([A][M_PROG_GCJ],
+	[m4_define([A][M_PROG_GCJ], defn([A][M_PROG_GCJ])[LT_LANG(GCJ)])])
+       m4_ifdef([LT_PROG_GCJ],
+	[m4_define([LT_PROG_GCJ], defn([LT_PROG_GCJ])[LT_LANG(GCJ)])])])])])
+
+AC_PROVIDE_IFELSE([AC_PROG_GO],
+  [LT_LANG(GO)],
+  [m4_define([AC_PROG_GO], defn([AC_PROG_GO])[LT_LANG(GO)])])
+
+AC_PROVIDE_IFELSE([LT_PROG_RC],
+  [LT_LANG(RC)],
+  [m4_define([LT_PROG_RC], defn([LT_PROG_RC])[LT_LANG(RC)])])
+])# _LT_LANG_DEFAULT_CONFIG
+
+# Obsolete macros:
+AU_DEFUN([AC_LIBTOOL_CXX], [LT_LANG(C++)])
+AU_DEFUN([AC_LIBTOOL_F77], [LT_LANG(Fortran 77)])
+AU_DEFUN([AC_LIBTOOL_FC], [LT_LANG(Fortran)])
+AU_DEFUN([AC_LIBTOOL_GCJ], [LT_LANG(Java)])
+AU_DEFUN([AC_LIBTOOL_RC], [LT_LANG(Windows Resource)])
+dnl aclocal-1.4 backwards compatibility:
+dnl AC_DEFUN([AC_LIBTOOL_CXX], [])
+dnl AC_DEFUN([AC_LIBTOOL_F77], [])
+dnl AC_DEFUN([AC_LIBTOOL_FC], [])
+dnl AC_DEFUN([AC_LIBTOOL_GCJ], [])
+dnl AC_DEFUN([AC_LIBTOOL_RC], [])
+
+
+# _LT_TAG_COMPILER
+# ----------------
+m4_defun([_LT_TAG_COMPILER],
+[AC_REQUIRE([AC_PROG_CC])dnl
+
+_LT_DECL([LTCC], [CC], [1], [A C compiler])dnl
+_LT_DECL([LTCFLAGS], [CFLAGS], [1], [LTCC compiler flags])dnl
+_LT_TAGDECL([CC], [compiler], [1], [A language specific compiler])dnl
+_LT_TAGDECL([with_gcc], [GCC], [0], [Is the compiler the GNU compiler?])dnl
+
+# If no C compiler was specified, use CC.
+LTCC=${LTCC-"$CC"}
+
+# If no C compiler flags were specified, use CFLAGS.
+LTCFLAGS=${LTCFLAGS-"$CFLAGS"}
+
+# Allow CC to be a program name with arguments.
+compiler=$CC
+])# _LT_TAG_COMPILER
+
+
+# _LT_COMPILER_BOILERPLATE
+# ------------------------
+# Check for compiler boilerplate output or warnings with
+# the simple compiler test code.
+m4_defun([_LT_COMPILER_BOILERPLATE],
+[m4_require([_LT_DECL_SED])dnl
+ac_outfile=conftest.$ac_objext
+echo "$lt_simple_compile_test_code" >conftest.$ac_ext
+eval "$ac_compile" 2>&1 >/dev/null | $SED '/^$/d; /^ *+/d' >conftest.err
+_lt_compiler_boilerplate=`cat conftest.err`
+$RM conftest*
+])# _LT_COMPILER_BOILERPLATE
+
+
+# _LT_LINKER_BOILERPLATE
+# ----------------------
+# Check for linker boilerplate output or warnings with
+# the simple link test code.
+m4_defun([_LT_LINKER_BOILERPLATE],
+[m4_require([_LT_DECL_SED])dnl
+ac_outfile=conftest.$ac_objext
+echo "$lt_simple_link_test_code" >conftest.$ac_ext
+eval "$ac_link" 2>&1 >/dev/null | $SED '/^$/d; /^ *+/d' >conftest.err
+_lt_linker_boilerplate=`cat conftest.err`
+$RM -r conftest*
+])# _LT_LINKER_BOILERPLATE
+
+# _LT_REQUIRED_DARWIN_CHECKS
+# -------------------------
+m4_defun_once([_LT_REQUIRED_DARWIN_CHECKS],[
+  case $host_os in
+    rhapsody* | darwin*)
+    AC_CHECK_TOOL([DSYMUTIL], [dsymutil], [:])
+    AC_CHECK_TOOL([NMEDIT], [nmedit], [:])
+    AC_CHECK_TOOL([LIPO], [lipo], [:])
+    AC_CHECK_TOOL([OTOOL], [otool], [:])
+    AC_CHECK_TOOL([OTOOL64], [otool64], [:])
+    _LT_DECL([], [DSYMUTIL], [1],
+      [Tool to manipulate archived DWARF debug symbol files on Mac OS X])
+    _LT_DECL([], [NMEDIT], [1],
+      [Tool to change global to local symbols on Mac OS X])
+    _LT_DECL([], [LIPO], [1],
+      [Tool to manipulate fat objects and archives on Mac OS X])
+    _LT_DECL([], [OTOOL], [1],
+      [ldd/readelf like tool for Mach-O binaries on Mac OS X])
+    _LT_DECL([], [OTOOL64], [1],
+      [ldd/readelf like tool for 64 bit Mach-O binaries on Mac OS X 10.4])
+
+    AC_CACHE_CHECK([for -single_module linker flag],[lt_cv_apple_cc_single_mod],
+      [lt_cv_apple_cc_single_mod=no
+      if test -z "${LT_MULTI_MODULE}"; then
+	# By default we will add the -single_module flag. You can override
+	# by either setting the environment variable LT_MULTI_MODULE
+	# non-empty at configure time, or by adding -multi_module to the
+	# link flags.
+	rm -rf libconftest.dylib*
+	echo "int foo(void){return 1;}" > conftest.c
+	echo "$LTCC $LTCFLAGS $LDFLAGS -o libconftest.dylib \
+-dynamiclib -Wl,-single_module conftest.c" >&AS_MESSAGE_LOG_FD
+	$LTCC $LTCFLAGS $LDFLAGS -o libconftest.dylib \
+	  -dynamiclib -Wl,-single_module conftest.c 2>conftest.err
+        _lt_result=$?
+	# If there is a non-empty error log, and "single_module"
+	# appears in it, assume the flag caused a linker warning
+        if test -s conftest.err && $GREP single_module conftest.err; then
+	  cat conftest.err >&AS_MESSAGE_LOG_FD
+	# Otherwise, if the output was created with a 0 exit code from
+	# the compiler, it worked.
+	elif test -f libconftest.dylib && test $_lt_result -eq 0; then
+	  lt_cv_apple_cc_single_mod=yes
+	else
+	  cat conftest.err >&AS_MESSAGE_LOG_FD
+	fi
+	rm -rf libconftest.dylib*
+	rm -f conftest.*
+      fi])
+
+    AC_CACHE_CHECK([for -exported_symbols_list linker flag],
+      [lt_cv_ld_exported_symbols_list],
+      [lt_cv_ld_exported_symbols_list=no
+      save_LDFLAGS=$LDFLAGS
+      echo "_main" > conftest.sym
+      LDFLAGS="$LDFLAGS -Wl,-exported_symbols_list,conftest.sym"
+      AC_LINK_IFELSE([AC_LANG_PROGRAM([],[])],
+	[lt_cv_ld_exported_symbols_list=yes],
+	[lt_cv_ld_exported_symbols_list=no])
+	LDFLAGS="$save_LDFLAGS"
+    ])
+
+    AC_CACHE_CHECK([for -force_load linker flag],[lt_cv_ld_force_load],
+      [lt_cv_ld_force_load=no
+      cat > conftest.c << _LT_EOF
+int forced_loaded() { return 2;}
+_LT_EOF
+      echo "$LTCC $LTCFLAGS -c -o conftest.o conftest.c" >&AS_MESSAGE_LOG_FD
+      $LTCC $LTCFLAGS -c -o conftest.o conftest.c 2>&AS_MESSAGE_LOG_FD
+      echo "$AR cru libconftest.a conftest.o" >&AS_MESSAGE_LOG_FD
+      $AR cru libconftest.a conftest.o 2>&AS_MESSAGE_LOG_FD
+      echo "$RANLIB libconftest.a" >&AS_MESSAGE_LOG_FD
+      $RANLIB libconftest.a 2>&AS_MESSAGE_LOG_FD
+      cat > conftest.c << _LT_EOF
+int main() { return 0;}
+_LT_EOF
+      echo "$LTCC $LTCFLAGS $LDFLAGS -o conftest conftest.c -Wl,-force_load,./libconftest.a" >&AS_MESSAGE_LOG_FD
+      $LTCC $LTCFLAGS $LDFLAGS -o conftest conftest.c -Wl,-force_load,./libconftest.a 2>conftest.err
+      _lt_result=$?
+      if test -s conftest.err && $GREP force_load conftest.err; then
+	cat conftest.err >&AS_MESSAGE_LOG_FD
+      elif test -f conftest && test $_lt_result -eq 0 && $GREP forced_load conftest >/dev/null 2>&1 ; then
+	lt_cv_ld_force_load=yes
+      else
+	cat conftest.err >&AS_MESSAGE_LOG_FD
+      fi
+        rm -f conftest.err libconftest.a conftest conftest.c
+        rm -rf conftest.dSYM
+    ])
+    case $host_os in
+    rhapsody* | darwin1.[[012]])
+      _lt_dar_allow_undefined='${wl}-undefined ${wl}suppress' ;;
+    darwin1.*)
+      _lt_dar_allow_undefined='${wl}-flat_namespace ${wl}-undefined ${wl}suppress' ;;
+    darwin*) # darwin 5.x on
+      # if running on 10.5 or later, the deployment target defaults
+      # to the OS version, if on x86, and 10.4, the deployment
+      # target defaults to 10.4. Don't you love it?
+      case ${MACOSX_DEPLOYMENT_TARGET-10.0},$host in
+	10.0,*86*-darwin8*|10.0,*-darwin[[91]]*)
+	  _lt_dar_allow_undefined='${wl}-undefined ${wl}dynamic_lookup' ;;
+	10.[[012]][[,.]]*)
+	  _lt_dar_allow_undefined='${wl}-flat_namespace ${wl}-undefined ${wl}suppress' ;;
+	10.*)
+	  _lt_dar_allow_undefined='${wl}-undefined ${wl}dynamic_lookup' ;;
+      esac
+    ;;
+  esac
+    if test "$lt_cv_apple_cc_single_mod" = "yes"; then
+      _lt_dar_single_mod='$single_module'
+    fi
+    if test "$lt_cv_ld_exported_symbols_list" = "yes"; then
+      _lt_dar_export_syms=' ${wl}-exported_symbols_list,$output_objdir/${libname}-symbols.expsym'
+    else
+      _lt_dar_export_syms='~$NMEDIT -s $output_objdir/${libname}-symbols.expsym ${lib}'
+    fi
+    if test "$DSYMUTIL" != ":" && test "$lt_cv_ld_force_load" = "no"; then
+      _lt_dsymutil='~$DSYMUTIL $lib || :'
+    else
+      _lt_dsymutil=
+    fi
+    ;;
+  esac
+])
+
+
+# _LT_DARWIN_LINKER_FEATURES([TAG])
+# ---------------------------------
+# Checks for linker and compiler features on darwin
+m4_defun([_LT_DARWIN_LINKER_FEATURES],
+[
+  m4_require([_LT_REQUIRED_DARWIN_CHECKS])
+  _LT_TAGVAR(archive_cmds_need_lc, $1)=no
+  _LT_TAGVAR(hardcode_direct, $1)=no
+  _LT_TAGVAR(hardcode_automatic, $1)=yes
+  _LT_TAGVAR(hardcode_shlibpath_var, $1)=unsupported
+  if test "$lt_cv_ld_force_load" = "yes"; then
+    _LT_TAGVAR(whole_archive_flag_spec, $1)='`for conv in $convenience\"\"; do test  -n \"$conv\" && new_convenience=\"$new_convenience ${wl}-force_load,$conv\"; done; func_echo_all \"$new_convenience\"`'
+    m4_case([$1], [F77], [_LT_TAGVAR(compiler_needs_object, $1)=yes],
+                  [FC],  [_LT_TAGVAR(compiler_needs_object, $1)=yes])
+  else
+    _LT_TAGVAR(whole_archive_flag_spec, $1)=''
+  fi
+  _LT_TAGVAR(link_all_deplibs, $1)=yes
+  _LT_TAGVAR(allow_undefined_flag, $1)="$_lt_dar_allow_undefined"
+  case $cc_basename in
+     ifort*) _lt_dar_can_shared=yes ;;
+     *) _lt_dar_can_shared=$GCC ;;
+  esac
+  if test "$_lt_dar_can_shared" = "yes"; then
+    output_verbose_link_cmd=func_echo_all
+    _LT_TAGVAR(archive_cmds, $1)="\$CC -dynamiclib \$allow_undefined_flag -o \$lib \$libobjs \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring $_lt_dar_single_mod${_lt_dsymutil}"
+    _LT_TAGVAR(module_cmds, $1)="\$CC \$allow_undefined_flag -o \$lib -bundle \$libobjs \$deplibs \$compiler_flags${_lt_dsymutil}"
+    _LT_TAGVAR(archive_expsym_cmds, $1)="sed 's,^,_,' < \$export_symbols > \$output_objdir/\${libname}-symbols.expsym~\$CC -dynamiclib \$allow_undefined_flag -o \$lib \$libobjs \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring ${_lt_dar_single_mod}${_lt_dar_export_syms}${_lt_dsymutil}"
+    _LT_TAGVAR(module_expsym_cmds, $1)="sed -e 's,^,_,' < \$export_symbols > \$output_objdir/\${libname}-symbols.expsym~\$CC \$allow_undefined_flag -o \$lib -bundle \$libobjs \$deplibs \$compiler_flags${_lt_dar_export_syms}${_lt_dsymutil}"
+    m4_if([$1], [CXX],
+[   if test "$lt_cv_apple_cc_single_mod" != "yes"; then
+      _LT_TAGVAR(archive_cmds, $1)="\$CC -r -keep_private_externs -nostdlib -o \${lib}-master.o \$libobjs~\$CC -dynamiclib \$allow_undefined_flag -o \$lib \${lib}-master.o \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring${_lt_dsymutil}"
+      _LT_TAGVAR(archive_expsym_cmds, $1)="sed 's,^,_,' < \$export_symbols > \$output_objdir/\${libname}-symbols.expsym~\$CC -r -keep_private_externs -nostdlib -o \${lib}-master.o \$libobjs~\$CC -dynamiclib \$allow_undefined_flag -o \$lib \${lib}-master.o \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring${_lt_dar_export_syms}${_lt_dsymutil}"
+    fi
+],[])
+  else
+  _LT_TAGVAR(ld_shlibs, $1)=no
+  fi
+])
+
+# _LT_SYS_MODULE_PATH_AIX([TAGNAME])
+# ----------------------------------
+# Links a minimal program and checks the executable
+# for the system default hardcoded library path. In most cases,
+# this is /usr/lib:/lib, but when the MPI compilers are used
+# the location of the communication and MPI libs are included too.
+# If we don't find anything, use the default library path according
+# to the aix ld manual.
+# Store the results from the different compilers for each TAGNAME.
+# Allow to override them for all tags through lt_cv_aix_libpath.
+m4_defun([_LT_SYS_MODULE_PATH_AIX],
+[m4_require([_LT_DECL_SED])dnl
+if test "${lt_cv_aix_libpath+set}" = set; then
+  aix_libpath=$lt_cv_aix_libpath
+else
+  AC_CACHE_VAL([_LT_TAGVAR([lt_cv_aix_libpath_], [$1])],
+  [AC_LINK_IFELSE([AC_LANG_PROGRAM],[
+  lt_aix_libpath_sed='[
+      /Import File Strings/,/^$/ {
+	  /^0/ {
+	      s/^0  *\([^ ]*\) *$/\1/
+	      p
+	  }
+      }]'
+  _LT_TAGVAR([lt_cv_aix_libpath_], [$1])=`dump -H conftest$ac_exeext 2>/dev/null | $SED -n -e "$lt_aix_libpath_sed"`
+  # Check for a 64-bit object if we didn't find anything.
+  if test -z "$_LT_TAGVAR([lt_cv_aix_libpath_], [$1])"; then
+    _LT_TAGVAR([lt_cv_aix_libpath_], [$1])=`dump -HX64 conftest$ac_exeext 2>/dev/null | $SED -n -e "$lt_aix_libpath_sed"`
+  fi],[])
+  if test -z "$_LT_TAGVAR([lt_cv_aix_libpath_], [$1])"; then
+    _LT_TAGVAR([lt_cv_aix_libpath_], [$1])="/usr/lib:/lib"
+  fi
+  ])
+  aix_libpath=$_LT_TAGVAR([lt_cv_aix_libpath_], [$1])
+fi
+])# _LT_SYS_MODULE_PATH_AIX
+
+
+# _LT_SHELL_INIT(ARG)
+# -------------------
+m4_define([_LT_SHELL_INIT],
+[m4_divert_text([M4SH-INIT], [$1
+])])# _LT_SHELL_INIT
+
+
+
+# _LT_PROG_ECHO_BACKSLASH
+# -----------------------
+# Find how we can fake an echo command that does not interpret backslash.
+# In particular, with Autoconf 2.60 or later we add some code to the start
+# of the generated configure script which will find a shell with a builtin
+# printf (which we can use as an echo command).
+m4_defun([_LT_PROG_ECHO_BACKSLASH],
+[ECHO='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\'
+ECHO=$ECHO$ECHO$ECHO$ECHO$ECHO
+ECHO=$ECHO$ECHO$ECHO$ECHO$ECHO$ECHO
+
+AC_MSG_CHECKING([how to print strings])
+# Test print first, because it will be a builtin if present.
+if test "X`( print -r -- -n ) 2>/dev/null`" = X-n && \
+   test "X`print -r -- $ECHO 2>/dev/null`" = "X$ECHO"; then
+  ECHO='print -r --'
+elif test "X`printf %s $ECHO 2>/dev/null`" = "X$ECHO"; then
+  ECHO='printf %s\n'
+else
+  # Use this function as a fallback that always works.
+  func_fallback_echo ()
+  {
+    eval 'cat <<_LTECHO_EOF
+$[]1
+_LTECHO_EOF'
+  }
+  ECHO='func_fallback_echo'
+fi
+
+# func_echo_all arg...
+# Invoke $ECHO with all args, space-separated.
+func_echo_all ()
+{
+    $ECHO "$*" 
+}
+
+case "$ECHO" in
+  printf*) AC_MSG_RESULT([printf]) ;;
+  print*) AC_MSG_RESULT([print -r]) ;;
+  *) AC_MSG_RESULT([cat]) ;;
+esac
+
+m4_ifdef([_AS_DETECT_SUGGESTED],
+[_AS_DETECT_SUGGESTED([
+  test -n "${ZSH_VERSION+set}${BASH_VERSION+set}" || (
+    ECHO='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\'
+    ECHO=$ECHO$ECHO$ECHO$ECHO$ECHO
+    ECHO=$ECHO$ECHO$ECHO$ECHO$ECHO$ECHO
+    PATH=/empty FPATH=/empty; export PATH FPATH
+    test "X`printf %s $ECHO`" = "X$ECHO" \
+      || test "X`print -r -- $ECHO`" = "X$ECHO" )])])
+
+_LT_DECL([], [SHELL], [1], [Shell to use when invoking shell scripts])
+_LT_DECL([], [ECHO], [1], [An echo program that protects backslashes])
+])# _LT_PROG_ECHO_BACKSLASH
+
+
+# _LT_WITH_SYSROOT
+# ----------------
+AC_DEFUN([_LT_WITH_SYSROOT],
+[AC_MSG_CHECKING([for sysroot])
+AC_ARG_WITH([sysroot],
+[  --with-sysroot[=DIR] Search for dependent libraries within DIR
+                        (or the compiler's sysroot if not specified).],
+[], [with_sysroot=no])
+
+dnl lt_sysroot will always be passed unquoted.  We quote it here
+dnl in case the user passed a directory name.
+lt_sysroot=
+case ${with_sysroot} in #(
+ yes)
+   if test "$GCC" = yes; then
+     lt_sysroot=`$CC --print-sysroot 2>/dev/null`
+   fi
+   ;; #(
+ /*)
+   lt_sysroot=`echo "$with_sysroot" | sed -e "$sed_quote_subst"`
+   ;; #(
+ no|'')
+   ;; #(
+ *)
+   AC_MSG_RESULT([${with_sysroot}])
+   AC_MSG_ERROR([The sysroot must be an absolute path.])
+   ;;
+esac
+
+ AC_MSG_RESULT([${lt_sysroot:-no}])
+_LT_DECL([], [lt_sysroot], [0], [The root where to search for ]dnl
+[dependent libraries, and in which our libraries should be installed.])])
+
+# _LT_ENABLE_LOCK
+# ---------------
+m4_defun([_LT_ENABLE_LOCK],
+[AC_ARG_ENABLE([libtool-lock],
+  [AS_HELP_STRING([--disable-libtool-lock],
+    [avoid locking (might break parallel builds)])])
+test "x$enable_libtool_lock" != xno && enable_libtool_lock=yes
+
+# Some flags need to be propagated to the compiler or linker for good
+# libtool support.
+case $host in
+ia64-*-hpux*)
+  # Find out which ABI we are using.
+  echo 'int i;' > conftest.$ac_ext
+  if AC_TRY_EVAL(ac_compile); then
+    case `/usr/bin/file conftest.$ac_objext` in
+      *ELF-32*)
+	HPUX_IA64_MODE="32"
+	;;
+      *ELF-64*)
+	HPUX_IA64_MODE="64"
+	;;
+    esac
+  fi
+  rm -rf conftest*
+  ;;
+*-*-irix6*)
+  # Find out which ABI we are using.
+  echo '[#]line '$LINENO' "configure"' > conftest.$ac_ext
+  if AC_TRY_EVAL(ac_compile); then
+    if test "$lt_cv_prog_gnu_ld" = yes; then
+      case `/usr/bin/file conftest.$ac_objext` in
+	*32-bit*)
+	  LD="${LD-ld} -melf32bsmip"
+	  ;;
+	*N32*)
+	  LD="${LD-ld} -melf32bmipn32"
+	  ;;
+	*64-bit*)
+	  LD="${LD-ld} -melf64bmip"
+	;;
+      esac
+    else
+      case `/usr/bin/file conftest.$ac_objext` in
+	*32-bit*)
+	  LD="${LD-ld} -32"
+	  ;;
+	*N32*)
+	  LD="${LD-ld} -n32"
+	  ;;
+	*64-bit*)
+	  LD="${LD-ld} -64"
+	  ;;
+      esac
+    fi
+  fi
+  rm -rf conftest*
+  ;;
+
+x86_64-*kfreebsd*-gnu|x86_64-*linux*|ppc*-*linux*|powerpc*-*linux*| \
+s390*-*linux*|s390*-*tpf*|sparc*-*linux*)
+  # Find out which ABI we are using.
+  echo 'int i;' > conftest.$ac_ext
+  if AC_TRY_EVAL(ac_compile); then
+    case `/usr/bin/file conftest.o` in
+      *32-bit*)
+	case $host in
+	  x86_64-*kfreebsd*-gnu)
+	    LD="${LD-ld} -m elf_i386_fbsd"
+	    ;;
+	  x86_64-*linux*)
+	    LD="${LD-ld} -m elf_i386"
+	    ;;
+	  ppc64-*linux*|powerpc64-*linux*)
+	    LD="${LD-ld} -m elf32ppclinux"
+	    ;;
+	  s390x-*linux*)
+	    LD="${LD-ld} -m elf_s390"
+	    ;;
+	  sparc64-*linux*)
+	    LD="${LD-ld} -m elf32_sparc"
+	    ;;
+	esac
+	;;
+      *64-bit*)
+	case $host in
+	  x86_64-*kfreebsd*-gnu)
+	    LD="${LD-ld} -m elf_x86_64_fbsd"
+	    ;;
+	  x86_64-*linux*)
+	    LD="${LD-ld} -m elf_x86_64"
+	    ;;
+	  ppc*-*linux*|powerpc*-*linux*)
+	    LD="${LD-ld} -m elf64ppc"
+	    ;;
+	  s390*-*linux*|s390*-*tpf*)
+	    LD="${LD-ld} -m elf64_s390"
+	    ;;
+	  sparc*-*linux*)
+	    LD="${LD-ld} -m elf64_sparc"
+	    ;;
+	esac
+	;;
+    esac
+  fi
+  rm -rf conftest*
+  ;;
+
+*-*-sco3.2v5*)
+  # On SCO OpenServer 5, we need -belf to get full-featured binaries.
+  SAVE_CFLAGS="$CFLAGS"
+  CFLAGS="$CFLAGS -belf"
+  AC_CACHE_CHECK([whether the C compiler needs -belf], lt_cv_cc_needs_belf,
+    [AC_LANG_PUSH(C)
+     AC_LINK_IFELSE([AC_LANG_PROGRAM([[]],[[]])],[lt_cv_cc_needs_belf=yes],[lt_cv_cc_needs_belf=no])
+     AC_LANG_POP])
+  if test x"$lt_cv_cc_needs_belf" != x"yes"; then
+    # this is probably gcc 2.8.0, egcs 1.0 or newer; no need for -belf
+    CFLAGS="$SAVE_CFLAGS"
+  fi
+  ;;
+*-*solaris*)
+  # Find out which ABI we are using.
+  echo 'int i;' > conftest.$ac_ext
+  if AC_TRY_EVAL(ac_compile); then
+    case `/usr/bin/file conftest.o` in
+    *64-bit*)
+      case $lt_cv_prog_gnu_ld in
+      yes*)
+        case $host in
+        i?86-*-solaris*)
+          LD="${LD-ld} -m elf_x86_64"
+          ;;
+        sparc*-*-solaris*)
+          LD="${LD-ld} -m elf64_sparc"
+          ;;
+        esac
+        # GNU ld 2.21 introduced _sol2 emulations.  Use them if available.
+        if ${LD-ld} -V | grep _sol2 >/dev/null 2>&1; then
+          LD="${LD-ld}_sol2"
+        fi
+        ;;
+      *)
+	if ${LD-ld} -64 -r -o conftest2.o conftest.o >/dev/null 2>&1; then
+	  LD="${LD-ld} -64"
+	fi
+	;;
+      esac
+      ;;
+    esac
+  fi
+  rm -rf conftest*
+  ;;
+esac
+
+need_locks="$enable_libtool_lock"
+])# _LT_ENABLE_LOCK
+
+
+# _LT_PROG_AR
+# -----------
+m4_defun([_LT_PROG_AR],
+[AC_CHECK_TOOLS(AR, [ar], false)
+: ${AR=ar}
+: ${AR_FLAGS=cru}
+_LT_DECL([], [AR], [1], [The archiver])
+_LT_DECL([], [AR_FLAGS], [1], [Flags to create an archive])
+
+AC_CACHE_CHECK([for archiver @FILE support], [lt_cv_ar_at_file],
+  [lt_cv_ar_at_file=no
+   AC_COMPILE_IFELSE([AC_LANG_PROGRAM],
+     [echo conftest.$ac_objext > conftest.lst
+      lt_ar_try='$AR $AR_FLAGS libconftest.a @conftest.lst >&AS_MESSAGE_LOG_FD'
+      AC_TRY_EVAL([lt_ar_try])
+      if test "$ac_status" -eq 0; then
+	# Ensure the archiver fails upon bogus file names.
+	rm -f conftest.$ac_objext libconftest.a
+	AC_TRY_EVAL([lt_ar_try])
+	if test "$ac_status" -ne 0; then
+          lt_cv_ar_at_file=@
+        fi
+      fi
+      rm -f conftest.* libconftest.a
+     ])
+  ])
+
+if test "x$lt_cv_ar_at_file" = xno; then
+  archiver_list_spec=
+else
+  archiver_list_spec=$lt_cv_ar_at_file
+fi
+_LT_DECL([], [archiver_list_spec], [1],
+  [How to feed a file listing to the archiver])
+])# _LT_PROG_AR
+
+
+# _LT_CMD_OLD_ARCHIVE
+# -------------------
+m4_defun([_LT_CMD_OLD_ARCHIVE],
+[_LT_PROG_AR
+
+AC_CHECK_TOOL(STRIP, strip, :)
+test -z "$STRIP" && STRIP=:
+_LT_DECL([], [STRIP], [1], [A symbol stripping program])
+
+AC_CHECK_TOOL(RANLIB, ranlib, :)
+test -z "$RANLIB" && RANLIB=:
+_LT_DECL([], [RANLIB], [1],
+    [Commands used to install an old-style archive])
+
+# Determine commands to create old-style static archives.
+old_archive_cmds='$AR $AR_FLAGS $oldlib$oldobjs'
+old_postinstall_cmds='chmod 644 $oldlib'
+old_postuninstall_cmds=
+
+if test -n "$RANLIB"; then
+  case $host_os in
+  openbsd*)
+    old_postinstall_cmds="$old_postinstall_cmds~\$RANLIB -t \$tool_oldlib"
+    ;;
+  *)
+    old_postinstall_cmds="$old_postinstall_cmds~\$RANLIB \$tool_oldlib"
+    ;;
+  esac
+  old_archive_cmds="$old_archive_cmds~\$RANLIB \$tool_oldlib"
+fi
+
+case $host_os in
+  darwin*)
+    lock_old_archive_extraction=yes ;;
+  *)
+    lock_old_archive_extraction=no ;;
+esac
+_LT_DECL([], [old_postinstall_cmds], [2])
+_LT_DECL([], [old_postuninstall_cmds], [2])
+_LT_TAGDECL([], [old_archive_cmds], [2],
+    [Commands used to build an old-style archive])
+_LT_DECL([], [lock_old_archive_extraction], [0],
+    [Whether to use a lock for old archive extraction])
+])# _LT_CMD_OLD_ARCHIVE
+
+
+# _LT_COMPILER_OPTION(MESSAGE, VARIABLE-NAME, FLAGS,
+#		[OUTPUT-FILE], [ACTION-SUCCESS], [ACTION-FAILURE])
+# ----------------------------------------------------------------
+# Check whether the given compiler option works
+AC_DEFUN([_LT_COMPILER_OPTION],
+[m4_require([_LT_FILEUTILS_DEFAULTS])dnl
+m4_require([_LT_DECL_SED])dnl
+AC_CACHE_CHECK([$1], [$2],
+  [$2=no
+   m4_if([$4], , [ac_outfile=conftest.$ac_objext], [ac_outfile=$4])
+   echo "$lt_simple_compile_test_code" > conftest.$ac_ext
+   lt_compiler_flag="$3"
+   # Insert the option either (1) after the last *FLAGS variable, or
+   # (2) before a word containing "conftest.", or (3) at the end.
+   # Note that $ac_compile itself does not contain backslashes and begins
+   # with a dollar sign (not a hyphen), so the echo should work correctly.
+   # The option is referenced via a variable to avoid confusing sed.
+   lt_compile=`echo "$ac_compile" | $SED \
+   -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
+   -e 's: [[^ ]]*conftest\.: $lt_compiler_flag&:; t' \
+   -e 's:$: $lt_compiler_flag:'`
+   (eval echo "\"\$as_me:$LINENO: $lt_compile\"" >&AS_MESSAGE_LOG_FD)
+   (eval "$lt_compile" 2>conftest.err)
+   ac_status=$?
+   cat conftest.err >&AS_MESSAGE_LOG_FD
+   echo "$as_me:$LINENO: \$? = $ac_status" >&AS_MESSAGE_LOG_FD
+   if (exit $ac_status) && test -s "$ac_outfile"; then
+     # The compiler can only warn and ignore the option if not recognized
+     # So say no if there are warnings other than the usual output.
+     $ECHO "$_lt_compiler_boilerplate" | $SED '/^$/d' >conftest.exp
+     $SED '/^$/d; /^ *+/d' conftest.err >conftest.er2
+     if test ! -s conftest.er2 || diff conftest.exp conftest.er2 >/dev/null; then
+       $2=yes
+     fi
+   fi
+   $RM conftest*
+])
+
+if test x"[$]$2" = xyes; then
+    m4_if([$5], , :, [$5])
+else
+    m4_if([$6], , :, [$6])
+fi
+])# _LT_COMPILER_OPTION
+
+# Old name:
+AU_ALIAS([AC_LIBTOOL_COMPILER_OPTION], [_LT_COMPILER_OPTION])
+dnl aclocal-1.4 backwards compatibility:
+dnl AC_DEFUN([AC_LIBTOOL_COMPILER_OPTION], [])
+
+
+# _LT_LINKER_OPTION(MESSAGE, VARIABLE-NAME, FLAGS,
+#                  [ACTION-SUCCESS], [ACTION-FAILURE])
+# ----------------------------------------------------
+# Check whether the given linker option works
+AC_DEFUN([_LT_LINKER_OPTION],
+[m4_require([_LT_FILEUTILS_DEFAULTS])dnl
+m4_require([_LT_DECL_SED])dnl
+AC_CACHE_CHECK([$1], [$2],
+  [$2=no
+   save_LDFLAGS="$LDFLAGS"
+   LDFLAGS="$LDFLAGS $3"
+   echo "$lt_simple_link_test_code" > conftest.$ac_ext
+   if (eval $ac_link 2>conftest.err) && test -s conftest$ac_exeext; then
+     # The linker can only warn and ignore the option if not recognized
+     # So say no if there are warnings
+     if test -s conftest.err; then
+       # Append any errors to the config.log.
+       cat conftest.err 1>&AS_MESSAGE_LOG_FD
+       $ECHO "$_lt_linker_boilerplate" | $SED '/^$/d' > conftest.exp
+       $SED '/^$/d; /^ *+/d' conftest.err >conftest.er2
+       if diff conftest.exp conftest.er2 >/dev/null; then
+         $2=yes
+       fi
+     else
+       $2=yes
+     fi
+   fi
+   $RM -r conftest*
+   LDFLAGS="$save_LDFLAGS"
+])
+
+if test x"[$]$2" = xyes; then
+    m4_if([$4], , :, [$4])
+else
+    m4_if([$5], , :, [$5])
+fi
+])# _LT_LINKER_OPTION
+
+# Old name:
+AU_ALIAS([AC_LIBTOOL_LINKER_OPTION], [_LT_LINKER_OPTION])
+dnl aclocal-1.4 backwards compatibility:
+dnl AC_DEFUN([AC_LIBTOOL_LINKER_OPTION], [])
+
+
+# LT_CMD_MAX_LEN
+#---------------
+AC_DEFUN([LT_CMD_MAX_LEN],
+[AC_REQUIRE([AC_CANONICAL_HOST])dnl
+# find the maximum length of command line arguments
+AC_MSG_CHECKING([the maximum length of command line arguments])
+AC_CACHE_VAL([lt_cv_sys_max_cmd_len], [dnl
+  i=0
+  teststring="ABCD"
+
+  case $build_os in
+  msdosdjgpp*)
+    # On DJGPP, this test can blow up pretty badly due to problems in libc
+    # (any single argument exceeding 2000 bytes causes a buffer overrun
+    # during glob expansion).  Even if it were fixed, the result of this
+    # check would be larger than it should be.
+    lt_cv_sys_max_cmd_len=12288;    # 12K is about right
+    ;;
+
+  gnu*)
+    # Under GNU Hurd, this test is not required because there is
+    # no limit to the length of command line arguments.
+    # Libtool will interpret -1 as no limit whatsoever
+    lt_cv_sys_max_cmd_len=-1;
+    ;;
+
+  cygwin* | mingw* | cegcc*)
+    # On Win9x/ME, this test blows up -- it succeeds, but takes
+    # about 5 minutes as the teststring grows exponentially.
+    # Worse, since 9x/ME are not pre-emptively multitasking,
+    # you end up with a "frozen" computer, even though with patience
+    # the test eventually succeeds (with a max line length of 256k).
+    # Instead, let's just punt: use the minimum linelength reported by
+    # all of the supported platforms: 8192 (on NT/2K/XP).
+    lt_cv_sys_max_cmd_len=8192;
+    ;;
+
+  mint*)
+    # On MiNT this can take a long time and run out of memory.
+    lt_cv_sys_max_cmd_len=8192;
+    ;;
+
+  amigaos*)
+    # On AmigaOS with pdksh, this test takes hours, literally.
+    # So we just punt and use a minimum line length of 8192.
+    lt_cv_sys_max_cmd_len=8192;
+    ;;
+
+  netbsd* | freebsd* | openbsd* | darwin* | dragonfly*)
+    # This has been around since 386BSD, at least.  Likely further.
+    if test -x /sbin/sysctl; then
+      lt_cv_sys_max_cmd_len=`/sbin/sysctl -n kern.argmax`
+    elif test -x /usr/sbin/sysctl; then
+      lt_cv_sys_max_cmd_len=`/usr/sbin/sysctl -n kern.argmax`
+    else
+      lt_cv_sys_max_cmd_len=65536	# usable default for all BSDs
+    fi
+    # And add a safety zone
+    lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \/ 4`
+    lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \* 3`
+    ;;
+
+  interix*)
+    # We know the value 262144 and hardcode it with a safety zone (like BSD)
+    lt_cv_sys_max_cmd_len=196608
+    ;;
+
+  os2*)
+    # The test takes a long time on OS/2.
+    lt_cv_sys_max_cmd_len=8192
+    ;;
+
+  osf*)
+    # Dr. Hans Ekkehard Plesser reports seeing a kernel panic running configure
+    # due to this test when exec_disable_arg_limit is 1 on Tru64. It is not
+    # nice to cause kernel panics so lets avoid the loop below.
+    # First set a reasonable default.
+    lt_cv_sys_max_cmd_len=16384
+    #
+    if test -x /sbin/sysconfig; then
+      case `/sbin/sysconfig -q proc exec_disable_arg_limit` in
+        *1*) lt_cv_sys_max_cmd_len=-1 ;;
+      esac
+    fi
+    ;;
+  sco3.2v5*)
+    lt_cv_sys_max_cmd_len=102400
+    ;;
+  sysv5* | sco5v6* | sysv4.2uw2*)
+    kargmax=`grep ARG_MAX /etc/conf/cf.d/stune 2>/dev/null`
+    if test -n "$kargmax"; then
+      lt_cv_sys_max_cmd_len=`echo $kargmax | sed 's/.*[[	 ]]//'`
+    else
+      lt_cv_sys_max_cmd_len=32768
+    fi
+    ;;
+  *)
+    lt_cv_sys_max_cmd_len=`(getconf ARG_MAX) 2> /dev/null`
+    if test -n "$lt_cv_sys_max_cmd_len"; then
+      lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \/ 4`
+      lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \* 3`
+    else
+      # Make teststring a little bigger before we do anything with it.
+      # a 1K string should be a reasonable start.
+      for i in 1 2 3 4 5 6 7 8 ; do
+        teststring=$teststring$teststring
+      done
+      SHELL=${SHELL-${CONFIG_SHELL-/bin/sh}}
+      # If test is not a shell built-in, we'll probably end up computing a
+      # maximum length that is only half of the actual maximum length, but
+      # we can't tell.
+      while { test "X"`env echo "$teststring$teststring" 2>/dev/null` \
+	         = "X$teststring$teststring"; } >/dev/null 2>&1 &&
+	      test $i != 17 # 1/2 MB should be enough
+      do
+        i=`expr $i + 1`
+        teststring=$teststring$teststring
+      done
+      # Only check the string length outside the loop.
+      lt_cv_sys_max_cmd_len=`expr "X$teststring" : ".*" 2>&1`
+      teststring=
+      # Add a significant safety factor because C++ compilers can tack on
+      # massive amounts of additional arguments before passing them to the
+      # linker.  It appears as though 1/2 is a usable value.
+      lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \/ 2`
+    fi
+    ;;
+  esac
+])
+if test -n $lt_cv_sys_max_cmd_len ; then
+  AC_MSG_RESULT($lt_cv_sys_max_cmd_len)
+else
+  AC_MSG_RESULT(none)
+fi
+max_cmd_len=$lt_cv_sys_max_cmd_len
+_LT_DECL([], [max_cmd_len], [0],
+    [What is the maximum length of a command?])
+])# LT_CMD_MAX_LEN
+
+# Old name:
+AU_ALIAS([AC_LIBTOOL_SYS_MAX_CMD_LEN], [LT_CMD_MAX_LEN])
+dnl aclocal-1.4 backwards compatibility:
+dnl AC_DEFUN([AC_LIBTOOL_SYS_MAX_CMD_LEN], [])
+
+
+# _LT_HEADER_DLFCN
+# ----------------
+m4_defun([_LT_HEADER_DLFCN],
+[AC_CHECK_HEADERS([dlfcn.h], [], [], [AC_INCLUDES_DEFAULT])dnl
+])# _LT_HEADER_DLFCN
+
+
+# _LT_TRY_DLOPEN_SELF (ACTION-IF-TRUE, ACTION-IF-TRUE-W-USCORE,
+#                      ACTION-IF-FALSE, ACTION-IF-CROSS-COMPILING)
+# ----------------------------------------------------------------
+m4_defun([_LT_TRY_DLOPEN_SELF],
+[m4_require([_LT_HEADER_DLFCN])dnl
+if test "$cross_compiling" = yes; then :
+  [$4]
+else
+  lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2
+  lt_status=$lt_dlunknown
+  cat > conftest.$ac_ext <<_LT_EOF
+[#line $LINENO "configure"
+#include "confdefs.h"
+
+#if HAVE_DLFCN_H
+#include 
+#endif
+
+#include 
+
+#ifdef RTLD_GLOBAL
+#  define LT_DLGLOBAL		RTLD_GLOBAL
+#else
+#  ifdef DL_GLOBAL
+#    define LT_DLGLOBAL		DL_GLOBAL
+#  else
+#    define LT_DLGLOBAL		0
+#  endif
+#endif
+
+/* We may have to define LT_DLLAZY_OR_NOW in the command line if we
+   find out it does not work in some platform. */
+#ifndef LT_DLLAZY_OR_NOW
+#  ifdef RTLD_LAZY
+#    define LT_DLLAZY_OR_NOW		RTLD_LAZY
+#  else
+#    ifdef DL_LAZY
+#      define LT_DLLAZY_OR_NOW		DL_LAZY
+#    else
+#      ifdef RTLD_NOW
+#        define LT_DLLAZY_OR_NOW	RTLD_NOW
+#      else
+#        ifdef DL_NOW
+#          define LT_DLLAZY_OR_NOW	DL_NOW
+#        else
+#          define LT_DLLAZY_OR_NOW	0
+#        endif
+#      endif
+#    endif
+#  endif
+#endif
+
+/* When -fvisbility=hidden is used, assume the code has been annotated
+   correspondingly for the symbols needed.  */
+#if defined(__GNUC__) && (((__GNUC__ == 3) && (__GNUC_MINOR__ >= 3)) || (__GNUC__ > 3))
+int fnord () __attribute__((visibility("default")));
+#endif
+
+int fnord () { return 42; }
+int main ()
+{
+  void *self = dlopen (0, LT_DLGLOBAL|LT_DLLAZY_OR_NOW);
+  int status = $lt_dlunknown;
+
+  if (self)
+    {
+      if (dlsym (self,"fnord"))       status = $lt_dlno_uscore;
+      else
+        {
+	  if (dlsym( self,"_fnord"))  status = $lt_dlneed_uscore;
+          else puts (dlerror ());
+	}
+      /* dlclose (self); */
+    }
+  else
+    puts (dlerror ());
+
+  return status;
+}]
+_LT_EOF
+  if AC_TRY_EVAL(ac_link) && test -s conftest${ac_exeext} 2>/dev/null; then
+    (./conftest; exit; ) >&AS_MESSAGE_LOG_FD 2>/dev/null
+    lt_status=$?
+    case x$lt_status in
+      x$lt_dlno_uscore) $1 ;;
+      x$lt_dlneed_uscore) $2 ;;
+      x$lt_dlunknown|x*) $3 ;;
+    esac
+  else :
+    # compilation failed
+    $3
+  fi
+fi
+rm -fr conftest*
+])# _LT_TRY_DLOPEN_SELF
+
+
+# LT_SYS_DLOPEN_SELF
+# ------------------
+AC_DEFUN([LT_SYS_DLOPEN_SELF],
+[m4_require([_LT_HEADER_DLFCN])dnl
+if test "x$enable_dlopen" != xyes; then
+  enable_dlopen=unknown
+  enable_dlopen_self=unknown
+  enable_dlopen_self_static=unknown
+else
+  lt_cv_dlopen=no
+  lt_cv_dlopen_libs=
+
+  case $host_os in
+  beos*)
+    lt_cv_dlopen="load_add_on"
+    lt_cv_dlopen_libs=
+    lt_cv_dlopen_self=yes
+    ;;
+
+  mingw* | pw32* | cegcc*)
+    lt_cv_dlopen="LoadLibrary"
+    lt_cv_dlopen_libs=
+    ;;
+
+  cygwin*)
+    lt_cv_dlopen="dlopen"
+    lt_cv_dlopen_libs=
+    ;;
+
+  darwin*)
+  # if libdl is installed we need to link against it
+    AC_CHECK_LIB([dl], [dlopen],
+		[lt_cv_dlopen="dlopen" lt_cv_dlopen_libs="-ldl"],[
+    lt_cv_dlopen="dyld"
+    lt_cv_dlopen_libs=
+    lt_cv_dlopen_self=yes
+    ])
+    ;;
+
+  *)
+    AC_CHECK_FUNC([shl_load],
+	  [lt_cv_dlopen="shl_load"],
+      [AC_CHECK_LIB([dld], [shl_load],
+	    [lt_cv_dlopen="shl_load" lt_cv_dlopen_libs="-ldld"],
+	[AC_CHECK_FUNC([dlopen],
+	      [lt_cv_dlopen="dlopen"],
+	  [AC_CHECK_LIB([dl], [dlopen],
+		[lt_cv_dlopen="dlopen" lt_cv_dlopen_libs="-ldl"],
+	    [AC_CHECK_LIB([svld], [dlopen],
+		  [lt_cv_dlopen="dlopen" lt_cv_dlopen_libs="-lsvld"],
+	      [AC_CHECK_LIB([dld], [dld_link],
+		    [lt_cv_dlopen="dld_link" lt_cv_dlopen_libs="-ldld"])
+	      ])
+	    ])
+	  ])
+	])
+      ])
+    ;;
+  esac
+
+  if test "x$lt_cv_dlopen" != xno; then
+    enable_dlopen=yes
+  else
+    enable_dlopen=no
+  fi
+
+  case $lt_cv_dlopen in
+  dlopen)
+    save_CPPFLAGS="$CPPFLAGS"
+    test "x$ac_cv_header_dlfcn_h" = xyes && CPPFLAGS="$CPPFLAGS -DHAVE_DLFCN_H"
+
+    save_LDFLAGS="$LDFLAGS"
+    wl=$lt_prog_compiler_wl eval LDFLAGS=\"\$LDFLAGS $export_dynamic_flag_spec\"
+
+    save_LIBS="$LIBS"
+    LIBS="$lt_cv_dlopen_libs $LIBS"
+
+    AC_CACHE_CHECK([whether a program can dlopen itself],
+	  lt_cv_dlopen_self, [dnl
+	  _LT_TRY_DLOPEN_SELF(
+	    lt_cv_dlopen_self=yes, lt_cv_dlopen_self=yes,
+	    lt_cv_dlopen_self=no, lt_cv_dlopen_self=cross)
+    ])
+
+    if test "x$lt_cv_dlopen_self" = xyes; then
+      wl=$lt_prog_compiler_wl eval LDFLAGS=\"\$LDFLAGS $lt_prog_compiler_static\"
+      AC_CACHE_CHECK([whether a statically linked program can dlopen itself],
+	  lt_cv_dlopen_self_static, [dnl
+	  _LT_TRY_DLOPEN_SELF(
+	    lt_cv_dlopen_self_static=yes, lt_cv_dlopen_self_static=yes,
+	    lt_cv_dlopen_self_static=no,  lt_cv_dlopen_self_static=cross)
+      ])
+    fi
+
+    CPPFLAGS="$save_CPPFLAGS"
+    LDFLAGS="$save_LDFLAGS"
+    LIBS="$save_LIBS"
+    ;;
+  esac
+
+  case $lt_cv_dlopen_self in
+  yes|no) enable_dlopen_self=$lt_cv_dlopen_self ;;
+  *) enable_dlopen_self=unknown ;;
+  esac
+
+  case $lt_cv_dlopen_self_static in
+  yes|no) enable_dlopen_self_static=$lt_cv_dlopen_self_static ;;
+  *) enable_dlopen_self_static=unknown ;;
+  esac
+fi
+_LT_DECL([dlopen_support], [enable_dlopen], [0],
+	 [Whether dlopen is supported])
+_LT_DECL([dlopen_self], [enable_dlopen_self], [0],
+	 [Whether dlopen of programs is supported])
+_LT_DECL([dlopen_self_static], [enable_dlopen_self_static], [0],
+	 [Whether dlopen of statically linked programs is supported])
+])# LT_SYS_DLOPEN_SELF
+
+# Old name:
+AU_ALIAS([AC_LIBTOOL_DLOPEN_SELF], [LT_SYS_DLOPEN_SELF])
+dnl aclocal-1.4 backwards compatibility:
+dnl AC_DEFUN([AC_LIBTOOL_DLOPEN_SELF], [])
+
+
+# _LT_COMPILER_C_O([TAGNAME])
+# ---------------------------
+# Check to see if options -c and -o are simultaneously supported by compiler.
+# This macro does not hard code the compiler like AC_PROG_CC_C_O.
+m4_defun([_LT_COMPILER_C_O],
+[m4_require([_LT_DECL_SED])dnl
+m4_require([_LT_FILEUTILS_DEFAULTS])dnl
+m4_require([_LT_TAG_COMPILER])dnl
+AC_CACHE_CHECK([if $compiler supports -c -o file.$ac_objext],
+  [_LT_TAGVAR(lt_cv_prog_compiler_c_o, $1)],
+  [_LT_TAGVAR(lt_cv_prog_compiler_c_o, $1)=no
+   $RM -r conftest 2>/dev/null
+   mkdir conftest
+   cd conftest
+   mkdir out
+   echo "$lt_simple_compile_test_code" > conftest.$ac_ext
+
+   lt_compiler_flag="-o out/conftest2.$ac_objext"
+   # Insert the option either (1) after the last *FLAGS variable, or
+   # (2) before a word containing "conftest.", or (3) at the end.
+   # Note that $ac_compile itself does not contain backslashes and begins
+   # with a dollar sign (not a hyphen), so the echo should work correctly.
+   lt_compile=`echo "$ac_compile" | $SED \
+   -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
+   -e 's: [[^ ]]*conftest\.: $lt_compiler_flag&:; t' \
+   -e 's:$: $lt_compiler_flag:'`
+   (eval echo "\"\$as_me:$LINENO: $lt_compile\"" >&AS_MESSAGE_LOG_FD)
+   (eval "$lt_compile" 2>out/conftest.err)
+   ac_status=$?
+   cat out/conftest.err >&AS_MESSAGE_LOG_FD
+   echo "$as_me:$LINENO: \$? = $ac_status" >&AS_MESSAGE_LOG_FD
+   if (exit $ac_status) && test -s out/conftest2.$ac_objext
+   then
+     # The compiler can only warn and ignore the option if not recognized
+     # So say no if there are warnings
+     $ECHO "$_lt_compiler_boilerplate" | $SED '/^$/d' > out/conftest.exp
+     $SED '/^$/d; /^ *+/d' out/conftest.err >out/conftest.er2
+     if test ! -s out/conftest.er2 || diff out/conftest.exp out/conftest.er2 >/dev/null; then
+       _LT_TAGVAR(lt_cv_prog_compiler_c_o, $1)=yes
+     fi
+   fi
+   chmod u+w . 2>&AS_MESSAGE_LOG_FD
+   $RM conftest*
+   # SGI C++ compiler will create directory out/ii_files/ for
+   # template instantiation
+   test -d out/ii_files && $RM out/ii_files/* && rmdir out/ii_files
+   $RM out/* && rmdir out
+   cd ..
+   $RM -r conftest
+   $RM conftest*
+])
+_LT_TAGDECL([compiler_c_o], [lt_cv_prog_compiler_c_o], [1],
+	[Does compiler simultaneously support -c and -o options?])
+])# _LT_COMPILER_C_O
+
+
+# _LT_COMPILER_FILE_LOCKS([TAGNAME])
+# ----------------------------------
+# Check to see if we can do hard links to lock some files if needed
+m4_defun([_LT_COMPILER_FILE_LOCKS],
+[m4_require([_LT_ENABLE_LOCK])dnl
+m4_require([_LT_FILEUTILS_DEFAULTS])dnl
+_LT_COMPILER_C_O([$1])
+
+hard_links="nottested"
+if test "$_LT_TAGVAR(lt_cv_prog_compiler_c_o, $1)" = no && test "$need_locks" != no; then
+  # do not overwrite the value of need_locks provided by the user
+  AC_MSG_CHECKING([if we can lock with hard links])
+  hard_links=yes
+  $RM conftest*
+  ln conftest.a conftest.b 2>/dev/null && hard_links=no
+  touch conftest.a
+  ln conftest.a conftest.b 2>&5 || hard_links=no
+  ln conftest.a conftest.b 2>/dev/null && hard_links=no
+  AC_MSG_RESULT([$hard_links])
+  if test "$hard_links" = no; then
+    AC_MSG_WARN([`$CC' does not support `-c -o', so `make -j' may be unsafe])
+    need_locks=warn
+  fi
+else
+  need_locks=no
+fi
+_LT_DECL([], [need_locks], [1], [Must we lock files when doing compilation?])
+])# _LT_COMPILER_FILE_LOCKS
+
+
+# _LT_CHECK_OBJDIR
+# ----------------
+m4_defun([_LT_CHECK_OBJDIR],
+[AC_CACHE_CHECK([for objdir], [lt_cv_objdir],
+[rm -f .libs 2>/dev/null
+mkdir .libs 2>/dev/null
+if test -d .libs; then
+  lt_cv_objdir=.libs
+else
+  # MS-DOS does not allow filenames that begin with a dot.
+  lt_cv_objdir=_libs
+fi
+rmdir .libs 2>/dev/null])
+objdir=$lt_cv_objdir
+_LT_DECL([], [objdir], [0],
+         [The name of the directory that contains temporary libtool files])dnl
+m4_pattern_allow([LT_OBJDIR])dnl
+AC_DEFINE_UNQUOTED(LT_OBJDIR, "$lt_cv_objdir/",
+  [Define to the sub-directory in which libtool stores uninstalled libraries.])
+])# _LT_CHECK_OBJDIR
+
+
+# _LT_LINKER_HARDCODE_LIBPATH([TAGNAME])
+# --------------------------------------
+# Check hardcoding attributes.
+m4_defun([_LT_LINKER_HARDCODE_LIBPATH],
+[AC_MSG_CHECKING([how to hardcode library paths into programs])
+_LT_TAGVAR(hardcode_action, $1)=
+if test -n "$_LT_TAGVAR(hardcode_libdir_flag_spec, $1)" ||
+   test -n "$_LT_TAGVAR(runpath_var, $1)" ||
+   test "X$_LT_TAGVAR(hardcode_automatic, $1)" = "Xyes" ; then
+
+  # We can hardcode non-existent directories.
+  if test "$_LT_TAGVAR(hardcode_direct, $1)" != no &&
+     # If the only mechanism to avoid hardcoding is shlibpath_var, we
+     # have to relink, otherwise we might link with an installed library
+     # when we should be linking with a yet-to-be-installed one
+     ## test "$_LT_TAGVAR(hardcode_shlibpath_var, $1)" != no &&
+     test "$_LT_TAGVAR(hardcode_minus_L, $1)" != no; then
+    # Linking always hardcodes the temporary library directory.
+    _LT_TAGVAR(hardcode_action, $1)=relink
+  else
+    # We can link without hardcoding, and we can hardcode nonexisting dirs.
+    _LT_TAGVAR(hardcode_action, $1)=immediate
+  fi
+else
+  # We cannot hardcode anything, or else we can only hardcode existing
+  # directories.
+  _LT_TAGVAR(hardcode_action, $1)=unsupported
+fi
+AC_MSG_RESULT([$_LT_TAGVAR(hardcode_action, $1)])
+
+if test "$_LT_TAGVAR(hardcode_action, $1)" = relink ||
+   test "$_LT_TAGVAR(inherit_rpath, $1)" = yes; then
+  # Fast installation is not supported
+  enable_fast_install=no
+elif test "$shlibpath_overrides_runpath" = yes ||
+     test "$enable_shared" = no; then
+  # Fast installation is not necessary
+  enable_fast_install=needless
+fi
+_LT_TAGDECL([], [hardcode_action], [0],
+    [How to hardcode a shared library path into an executable])
+])# _LT_LINKER_HARDCODE_LIBPATH
+
+
+# _LT_CMD_STRIPLIB
+# ----------------
+m4_defun([_LT_CMD_STRIPLIB],
+[m4_require([_LT_DECL_EGREP])
+striplib=
+old_striplib=
+AC_MSG_CHECKING([whether stripping libraries is possible])
+if test -n "$STRIP" && $STRIP -V 2>&1 | $GREP "GNU strip" >/dev/null; then
+  test -z "$old_striplib" && old_striplib="$STRIP --strip-debug"
+  test -z "$striplib" && striplib="$STRIP --strip-unneeded"
+  AC_MSG_RESULT([yes])
+else
+# FIXME - insert some real tests, host_os isn't really good enough
+  case $host_os in
+  darwin*)
+    if test -n "$STRIP" ; then
+      striplib="$STRIP -x"
+      old_striplib="$STRIP -S"
+      AC_MSG_RESULT([yes])
+    else
+      AC_MSG_RESULT([no])
+    fi
+    ;;
+  *)
+    AC_MSG_RESULT([no])
+    ;;
+  esac
+fi
+_LT_DECL([], [old_striplib], [1], [Commands to strip libraries])
+_LT_DECL([], [striplib], [1])
+])# _LT_CMD_STRIPLIB
+
+
+# _LT_SYS_DYNAMIC_LINKER([TAG])
+# -----------------------------
+# PORTME Fill in your ld.so characteristics
+m4_defun([_LT_SYS_DYNAMIC_LINKER],
+[AC_REQUIRE([AC_CANONICAL_HOST])dnl
+m4_require([_LT_DECL_EGREP])dnl
+m4_require([_LT_FILEUTILS_DEFAULTS])dnl
+m4_require([_LT_DECL_OBJDUMP])dnl
+m4_require([_LT_DECL_SED])dnl
+m4_require([_LT_CHECK_SHELL_FEATURES])dnl
+AC_MSG_CHECKING([dynamic linker characteristics])
+m4_if([$1],
+	[], [
+if test "$GCC" = yes; then
+  case $host_os in
+    darwin*) lt_awk_arg="/^libraries:/,/LR/" ;;
+    *) lt_awk_arg="/^libraries:/" ;;
+  esac
+  case $host_os in
+    mingw* | cegcc*) lt_sed_strip_eq="s,=\([[A-Za-z]]:\),\1,g" ;;
+    *) lt_sed_strip_eq="s,=/,/,g" ;;
+  esac
+  lt_search_path_spec=`$CC -print-search-dirs | awk $lt_awk_arg | $SED -e "s/^libraries://" -e $lt_sed_strip_eq`
+  case $lt_search_path_spec in
+  *\;*)
+    # if the path contains ";" then we assume it to be the separator
+    # otherwise default to the standard path separator (i.e. ":") - it is
+    # assumed that no part of a normal pathname contains ";" but that should
+    # okay in the real world where ";" in dirpaths is itself problematic.
+    lt_search_path_spec=`$ECHO "$lt_search_path_spec" | $SED 's/;/ /g'`
+    ;;
+  *)
+    lt_search_path_spec=`$ECHO "$lt_search_path_spec" | $SED "s/$PATH_SEPARATOR/ /g"`
+    ;;
+  esac
+  # Ok, now we have the path, separated by spaces, we can step through it
+  # and add multilib dir if necessary.
+  lt_tmp_lt_search_path_spec=
+  lt_multi_os_dir=`$CC $CPPFLAGS $CFLAGS $LDFLAGS -print-multi-os-directory 2>/dev/null`
+  for lt_sys_path in $lt_search_path_spec; do
+    if test -d "$lt_sys_path/$lt_multi_os_dir"; then
+      lt_tmp_lt_search_path_spec="$lt_tmp_lt_search_path_spec $lt_sys_path/$lt_multi_os_dir"
+    else
+      test -d "$lt_sys_path" && \
+	lt_tmp_lt_search_path_spec="$lt_tmp_lt_search_path_spec $lt_sys_path"
+    fi
+  done
+  lt_search_path_spec=`$ECHO "$lt_tmp_lt_search_path_spec" | awk '
+BEGIN {RS=" "; FS="/|\n";} {
+  lt_foo="";
+  lt_count=0;
+  for (lt_i = NF; lt_i > 0; lt_i--) {
+    if ($lt_i != "" && $lt_i != ".") {
+      if ($lt_i == "..") {
+        lt_count++;
+      } else {
+        if (lt_count == 0) {
+          lt_foo="/" $lt_i lt_foo;
+        } else {
+          lt_count--;
+        }
+      }
+    }
+  }
+  if (lt_foo != "") { lt_freq[[lt_foo]]++; }
+  if (lt_freq[[lt_foo]] == 1) { print lt_foo; }
+}'`
+  # AWK program above erroneously prepends '/' to C:/dos/paths
+  # for these hosts.
+  case $host_os in
+    mingw* | cegcc*) lt_search_path_spec=`$ECHO "$lt_search_path_spec" |\
+      $SED 's,/\([[A-Za-z]]:\),\1,g'` ;;
+  esac
+  sys_lib_search_path_spec=`$ECHO "$lt_search_path_spec" | $lt_NL2SP`
+else
+  sys_lib_search_path_spec="/lib /usr/lib /usr/local/lib"
+fi])
+library_names_spec=
+libname_spec='lib$name'
+soname_spec=
+shrext_cmds=".so"
+postinstall_cmds=
+postuninstall_cmds=
+finish_cmds=
+finish_eval=
+shlibpath_var=
+shlibpath_overrides_runpath=unknown
+version_type=none
+dynamic_linker="$host_os ld.so"
+sys_lib_dlsearch_path_spec="/lib /usr/lib"
+need_lib_prefix=unknown
+hardcode_into_libs=no
+
+# when you set need_version to no, make sure it does not cause -set_version
+# flags to be left without arguments
+need_version=unknown
+
+case $host_os in
+aix3*)
+  version_type=linux # correct to gnu/linux during the next big refactor
+  library_names_spec='${libname}${release}${shared_ext}$versuffix $libname.a'
+  shlibpath_var=LIBPATH
+
+  # AIX 3 has no versioning support, so we append a major version to the name.
+  soname_spec='${libname}${release}${shared_ext}$major'
+  ;;
+
+aix[[4-9]]*)
+  version_type=linux # correct to gnu/linux during the next big refactor
+  need_lib_prefix=no
+  need_version=no
+  hardcode_into_libs=yes
+  if test "$host_cpu" = ia64; then
+    # AIX 5 supports IA64
+    library_names_spec='${libname}${release}${shared_ext}$major ${libname}${release}${shared_ext}$versuffix $libname${shared_ext}'
+    shlibpath_var=LD_LIBRARY_PATH
+  else
+    # With GCC up to 2.95.x, collect2 would create an import file
+    # for dependence libraries.  The import file would start with
+    # the line `#! .'.  This would cause the generated library to
+    # depend on `.', always an invalid library.  This was fixed in
+    # development snapshots of GCC prior to 3.0.
+    case $host_os in
+      aix4 | aix4.[[01]] | aix4.[[01]].*)
+      if { echo '#if __GNUC__ > 2 || (__GNUC__ == 2 && __GNUC_MINOR__ >= 97)'
+	   echo ' yes '
+	   echo '#endif'; } | ${CC} -E - | $GREP yes > /dev/null; then
+	:
+      else
+	can_build_shared=no
+      fi
+      ;;
+    esac
+    # AIX (on Power*) has no versioning support, so currently we can not hardcode correct
+    # soname into executable. Probably we can add versioning support to
+    # collect2, so additional links can be useful in future.
+    if test "$aix_use_runtimelinking" = yes; then
+      # If using run time linking (on AIX 4.2 or later) use lib.so
+      # instead of lib.a to let people know that these are not
+      # typical AIX shared libraries.
+      library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+    else
+      # We preserve .a as extension for shared libraries through AIX4.2
+      # and later when we are not doing run time linking.
+      library_names_spec='${libname}${release}.a $libname.a'
+      soname_spec='${libname}${release}${shared_ext}$major'
+    fi
+    shlibpath_var=LIBPATH
+  fi
+  ;;
+
+amigaos*)
+  case $host_cpu in
+  powerpc)
+    # Since July 2007 AmigaOS4 officially supports .so libraries.
+    # When compiling the executable, add -use-dynld -Lsobjs: to the compileline.
+    library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+    ;;
+  m68k)
+    library_names_spec='$libname.ixlibrary $libname.a'
+    # Create ${libname}_ixlibrary.a entries in /sys/libs.
+    finish_eval='for lib in `ls $libdir/*.ixlibrary 2>/dev/null`; do libname=`func_echo_all "$lib" | $SED '\''s%^.*/\([[^/]]*\)\.ixlibrary$%\1%'\''`; test $RM /sys/libs/${libname}_ixlibrary.a; $show "cd /sys/libs && $LN_S $lib ${libname}_ixlibrary.a"; cd /sys/libs && $LN_S $lib ${libname}_ixlibrary.a || exit 1; done'
+    ;;
+  esac
+  ;;
+
+beos*)
+  library_names_spec='${libname}${shared_ext}'
+  dynamic_linker="$host_os ld.so"
+  shlibpath_var=LIBRARY_PATH
+  ;;
+
+bsdi[[45]]*)
+  version_type=linux # correct to gnu/linux during the next big refactor
+  need_version=no
+  library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+  soname_spec='${libname}${release}${shared_ext}$major'
+  finish_cmds='PATH="\$PATH:/sbin" ldconfig $libdir'
+  shlibpath_var=LD_LIBRARY_PATH
+  sys_lib_search_path_spec="/shlib /usr/lib /usr/X11/lib /usr/contrib/lib /lib /usr/local/lib"
+  sys_lib_dlsearch_path_spec="/shlib /usr/lib /usr/local/lib"
+  # the default ld.so.conf also contains /usr/contrib/lib and
+  # /usr/X11R6/lib (/usr/X11 is a link to /usr/X11R6), but let us allow
+  # libtool to hard-code these into programs
+  ;;
+
+cygwin* | mingw* | pw32* | cegcc*)
+  version_type=windows
+  shrext_cmds=".dll"
+  need_version=no
+  need_lib_prefix=no
+
+  case $GCC,$cc_basename in
+  yes,*)
+    # gcc
+    library_names_spec='$libname.dll.a'
+    # DLL is installed to $(libdir)/../bin by postinstall_cmds
+    postinstall_cmds='base_file=`basename \${file}`~
+      dlpath=`$SHELL 2>&1 -c '\''. $dir/'\''\${base_file}'\''i; echo \$dlname'\''`~
+      dldir=$destdir/`dirname \$dlpath`~
+      test -d \$dldir || mkdir -p \$dldir~
+      $install_prog $dir/$dlname \$dldir/$dlname~
+      chmod a+x \$dldir/$dlname~
+      if test -n '\''$stripme'\'' && test -n '\''$striplib'\''; then
+        eval '\''$striplib \$dldir/$dlname'\'' || exit \$?;
+      fi'
+    postuninstall_cmds='dldll=`$SHELL 2>&1 -c '\''. $file; echo \$dlname'\''`~
+      dlpath=$dir/\$dldll~
+       $RM \$dlpath'
+    shlibpath_overrides_runpath=yes
+
+    case $host_os in
+    cygwin*)
+      # Cygwin DLLs use 'cyg' prefix rather than 'lib'
+      soname_spec='`echo ${libname} | sed -e 's/^lib/cyg/'``echo ${release} | $SED -e 's/[[.]]/-/g'`${versuffix}${shared_ext}'
+m4_if([$1], [],[
+      sys_lib_search_path_spec="$sys_lib_search_path_spec /usr/lib/w32api"])
+      ;;
+    mingw* | cegcc*)
+      # MinGW DLLs use traditional 'lib' prefix
+      soname_spec='${libname}`echo ${release} | $SED -e 's/[[.]]/-/g'`${versuffix}${shared_ext}'
+      ;;
+    pw32*)
+      # pw32 DLLs use 'pw' prefix rather than 'lib'
+      library_names_spec='`echo ${libname} | sed -e 's/^lib/pw/'``echo ${release} | $SED -e 's/[[.]]/-/g'`${versuffix}${shared_ext}'
+      ;;
+    esac
+    dynamic_linker='Win32 ld.exe'
+    ;;
+
+  *,cl*)
+    # Native MSVC
+    libname_spec='$name'
+    soname_spec='${libname}`echo ${release} | $SED -e 's/[[.]]/-/g'`${versuffix}${shared_ext}'
+    library_names_spec='${libname}.dll.lib'
+
+    case $build_os in
+    mingw*)
+      sys_lib_search_path_spec=
+      lt_save_ifs=$IFS
+      IFS=';'
+      for lt_path in $LIB
+      do
+        IFS=$lt_save_ifs
+        # Let DOS variable expansion print the short 8.3 style file name.
+        lt_path=`cd "$lt_path" 2>/dev/null && cmd //C "for %i in (".") do @echo %~si"`
+        sys_lib_search_path_spec="$sys_lib_search_path_spec $lt_path"
+      done
+      IFS=$lt_save_ifs
+      # Convert to MSYS style.
+      sys_lib_search_path_spec=`$ECHO "$sys_lib_search_path_spec" | sed -e 's|\\\\|/|g' -e 's| \\([[a-zA-Z]]\\):| /\\1|g' -e 's|^ ||'`
+      ;;
+    cygwin*)
+      # Convert to unix form, then to dos form, then back to unix form
+      # but this time dos style (no spaces!) so that the unix form looks
+      # like /cygdrive/c/PROGRA~1:/cygdr...
+      sys_lib_search_path_spec=`cygpath --path --unix "$LIB"`
+      sys_lib_search_path_spec=`cygpath --path --dos "$sys_lib_search_path_spec" 2>/dev/null`
+      sys_lib_search_path_spec=`cygpath --path --unix "$sys_lib_search_path_spec" | $SED -e "s/$PATH_SEPARATOR/ /g"`
+      ;;
+    *)
+      sys_lib_search_path_spec="$LIB"
+      if $ECHO "$sys_lib_search_path_spec" | [$GREP ';[c-zC-Z]:/' >/dev/null]; then
+        # It is most probably a Windows format PATH.
+        sys_lib_search_path_spec=`$ECHO "$sys_lib_search_path_spec" | $SED -e 's/;/ /g'`
+      else
+        sys_lib_search_path_spec=`$ECHO "$sys_lib_search_path_spec" | $SED -e "s/$PATH_SEPARATOR/ /g"`
+      fi
+      # FIXME: find the short name or the path components, as spaces are
+      # common. (e.g. "Program Files" -> "PROGRA~1")
+      ;;
+    esac
+
+    # DLL is installed to $(libdir)/../bin by postinstall_cmds
+    postinstall_cmds='base_file=`basename \${file}`~
+      dlpath=`$SHELL 2>&1 -c '\''. $dir/'\''\${base_file}'\''i; echo \$dlname'\''`~
+      dldir=$destdir/`dirname \$dlpath`~
+      test -d \$dldir || mkdir -p \$dldir~
+      $install_prog $dir/$dlname \$dldir/$dlname'
+    postuninstall_cmds='dldll=`$SHELL 2>&1 -c '\''. $file; echo \$dlname'\''`~
+      dlpath=$dir/\$dldll~
+       $RM \$dlpath'
+    shlibpath_overrides_runpath=yes
+    dynamic_linker='Win32 link.exe'
+    ;;
+
+  *)
+    # Assume MSVC wrapper
+    library_names_spec='${libname}`echo ${release} | $SED -e 's/[[.]]/-/g'`${versuffix}${shared_ext} $libname.lib'
+    dynamic_linker='Win32 ld.exe'
+    ;;
+  esac
+  # FIXME: first we should search . and the directory the executable is in
+  shlibpath_var=PATH
+  ;;
+
+darwin* | rhapsody*)
+  dynamic_linker="$host_os dyld"
+  version_type=darwin
+  need_lib_prefix=no
+  need_version=no
+  library_names_spec='${libname}${release}${major}$shared_ext ${libname}$shared_ext'
+  soname_spec='${libname}${release}${major}$shared_ext'
+  shlibpath_overrides_runpath=yes
+  shlibpath_var=DYLD_LIBRARY_PATH
+  shrext_cmds='`test .$module = .yes && echo .so || echo .dylib`'
+m4_if([$1], [],[
+  sys_lib_search_path_spec="$sys_lib_search_path_spec /usr/local/lib"])
+  sys_lib_dlsearch_path_spec='/usr/local/lib /lib /usr/lib'
+  ;;
+
+dgux*)
+  version_type=linux # correct to gnu/linux during the next big refactor
+  need_lib_prefix=no
+  need_version=no
+  library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname$shared_ext'
+  soname_spec='${libname}${release}${shared_ext}$major'
+  shlibpath_var=LD_LIBRARY_PATH
+  ;;
+
+freebsd* | dragonfly*)
+  # DragonFly does not have aout.  When/if they implement a new
+  # versioning mechanism, adjust this.
+  if test -x /usr/bin/objformat; then
+    objformat=`/usr/bin/objformat`
+  else
+    case $host_os in
+    freebsd[[23]].*) objformat=aout ;;
+    *) objformat=elf ;;
+    esac
+  fi
+  version_type=freebsd-$objformat
+  case $version_type in
+    freebsd-elf*)
+      library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext} $libname${shared_ext}'
+      need_version=no
+      need_lib_prefix=no
+      ;;
+    freebsd-*)
+      library_names_spec='${libname}${release}${shared_ext}$versuffix $libname${shared_ext}$versuffix'
+      need_version=yes
+      ;;
+  esac
+  shlibpath_var=LD_LIBRARY_PATH
+  case $host_os in
+  freebsd2.*)
+    shlibpath_overrides_runpath=yes
+    ;;
+  freebsd3.[[01]]* | freebsdelf3.[[01]]*)
+    shlibpath_overrides_runpath=yes
+    hardcode_into_libs=yes
+    ;;
+  freebsd3.[[2-9]]* | freebsdelf3.[[2-9]]* | \
+  freebsd4.[[0-5]] | freebsdelf4.[[0-5]] | freebsd4.1.1 | freebsdelf4.1.1)
+    shlibpath_overrides_runpath=no
+    hardcode_into_libs=yes
+    ;;
+  *) # from 4.6 on, and DragonFly
+    shlibpath_overrides_runpath=yes
+    hardcode_into_libs=yes
+    ;;
+  esac
+  ;;
+
+gnu*)
+  version_type=linux # correct to gnu/linux during the next big refactor
+  need_lib_prefix=no
+  need_version=no
+  library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}${major} ${libname}${shared_ext}'
+  soname_spec='${libname}${release}${shared_ext}$major'
+  shlibpath_var=LD_LIBRARY_PATH
+  shlibpath_overrides_runpath=no
+  hardcode_into_libs=yes
+  ;;
+
+haiku*)
+  version_type=linux # correct to gnu/linux during the next big refactor
+  need_lib_prefix=no
+  need_version=no
+  dynamic_linker="$host_os runtime_loader"
+  library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}${major} ${libname}${shared_ext}'
+  soname_spec='${libname}${release}${shared_ext}$major'
+  shlibpath_var=LIBRARY_PATH
+  shlibpath_overrides_runpath=yes
+  sys_lib_dlsearch_path_spec='/boot/home/config/lib /boot/common/lib /boot/system/lib'
+  hardcode_into_libs=yes
+  ;;
+
+hpux9* | hpux10* | hpux11*)
+  # Give a soname corresponding to the major version so that dld.sl refuses to
+  # link against other versions.
+  version_type=sunos
+  need_lib_prefix=no
+  need_version=no
+  case $host_cpu in
+  ia64*)
+    shrext_cmds='.so'
+    hardcode_into_libs=yes
+    dynamic_linker="$host_os dld.so"
+    shlibpath_var=LD_LIBRARY_PATH
+    shlibpath_overrides_runpath=yes # Unless +noenvvar is specified.
+    library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+    soname_spec='${libname}${release}${shared_ext}$major'
+    if test "X$HPUX_IA64_MODE" = X32; then
+      sys_lib_search_path_spec="/usr/lib/hpux32 /usr/local/lib/hpux32 /usr/local/lib"
+    else
+      sys_lib_search_path_spec="/usr/lib/hpux64 /usr/local/lib/hpux64"
+    fi
+    sys_lib_dlsearch_path_spec=$sys_lib_search_path_spec
+    ;;
+  hppa*64*)
+    shrext_cmds='.sl'
+    hardcode_into_libs=yes
+    dynamic_linker="$host_os dld.sl"
+    shlibpath_var=LD_LIBRARY_PATH # How should we handle SHLIB_PATH
+    shlibpath_overrides_runpath=yes # Unless +noenvvar is specified.
+    library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+    soname_spec='${libname}${release}${shared_ext}$major'
+    sys_lib_search_path_spec="/usr/lib/pa20_64 /usr/ccs/lib/pa20_64"
+    sys_lib_dlsearch_path_spec=$sys_lib_search_path_spec
+    ;;
+  *)
+    shrext_cmds='.sl'
+    dynamic_linker="$host_os dld.sl"
+    shlibpath_var=SHLIB_PATH
+    shlibpath_overrides_runpath=no # +s is required to enable SHLIB_PATH
+    library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+    soname_spec='${libname}${release}${shared_ext}$major'
+    ;;
+  esac
+  # HP-UX runs *really* slowly unless shared libraries are mode 555, ...
+  postinstall_cmds='chmod 555 $lib'
+  # or fails outright, so override atomically:
+  install_override_mode=555
+  ;;
+
+interix[[3-9]]*)
+  version_type=linux # correct to gnu/linux during the next big refactor
+  need_lib_prefix=no
+  need_version=no
+  library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}'
+  soname_spec='${libname}${release}${shared_ext}$major'
+  dynamic_linker='Interix 3.x ld.so.1 (PE, like ELF)'
+  shlibpath_var=LD_LIBRARY_PATH
+  shlibpath_overrides_runpath=no
+  hardcode_into_libs=yes
+  ;;
+
+irix5* | irix6* | nonstopux*)
+  case $host_os in
+    nonstopux*) version_type=nonstopux ;;
+    *)
+	if test "$lt_cv_prog_gnu_ld" = yes; then
+		version_type=linux # correct to gnu/linux during the next big refactor
+	else
+		version_type=irix
+	fi ;;
+  esac
+  need_lib_prefix=no
+  need_version=no
+  soname_spec='${libname}${release}${shared_ext}$major'
+  library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${release}${shared_ext} $libname${shared_ext}'
+  case $host_os in
+  irix5* | nonstopux*)
+    libsuff= shlibsuff=
+    ;;
+  *)
+    case $LD in # libtool.m4 will add one of these switches to LD
+    *-32|*"-32 "|*-melf32bsmip|*"-melf32bsmip ")
+      libsuff= shlibsuff= libmagic=32-bit;;
+    *-n32|*"-n32 "|*-melf32bmipn32|*"-melf32bmipn32 ")
+      libsuff=32 shlibsuff=N32 libmagic=N32;;
+    *-64|*"-64 "|*-melf64bmip|*"-melf64bmip ")
+      libsuff=64 shlibsuff=64 libmagic=64-bit;;
+    *) libsuff= shlibsuff= libmagic=never-match;;
+    esac
+    ;;
+  esac
+  shlibpath_var=LD_LIBRARY${shlibsuff}_PATH
+  shlibpath_overrides_runpath=no
+  sys_lib_search_path_spec="/usr/lib${libsuff} /lib${libsuff} /usr/local/lib${libsuff}"
+  sys_lib_dlsearch_path_spec="/usr/lib${libsuff} /lib${libsuff}"
+  hardcode_into_libs=yes
+  ;;
+
+# No shared lib support for Linux oldld, aout, or coff.
+linux*oldld* | linux*aout* | linux*coff*)
+  dynamic_linker=no
+  ;;
+
+# This must be glibc/ELF.
+linux* | k*bsd*-gnu | kopensolaris*-gnu)
+  version_type=linux # correct to gnu/linux during the next big refactor
+  need_lib_prefix=no
+  need_version=no
+  library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+  soname_spec='${libname}${release}${shared_ext}$major'
+  finish_cmds='PATH="\$PATH:/sbin" ldconfig -n $libdir'
+  shlibpath_var=LD_LIBRARY_PATH
+  shlibpath_overrides_runpath=no
+
+  # Some binutils ld are patched to set DT_RUNPATH
+  AC_CACHE_VAL([lt_cv_shlibpath_overrides_runpath],
+    [lt_cv_shlibpath_overrides_runpath=no
+    save_LDFLAGS=$LDFLAGS
+    save_libdir=$libdir
+    eval "libdir=/foo; wl=\"$_LT_TAGVAR(lt_prog_compiler_wl, $1)\"; \
+	 LDFLAGS=\"\$LDFLAGS $_LT_TAGVAR(hardcode_libdir_flag_spec, $1)\""
+    AC_LINK_IFELSE([AC_LANG_PROGRAM([],[])],
+      [AS_IF([ ($OBJDUMP -p conftest$ac_exeext) 2>/dev/null | grep "RUNPATH.*$libdir" >/dev/null],
+	 [lt_cv_shlibpath_overrides_runpath=yes])])
+    LDFLAGS=$save_LDFLAGS
+    libdir=$save_libdir
+    ])
+  shlibpath_overrides_runpath=$lt_cv_shlibpath_overrides_runpath
+
+  # This implies no fast_install, which is unacceptable.
+  # Some rework will be needed to allow for fast_install
+  # before this can be enabled.
+  hardcode_into_libs=yes
+
+  # Append ld.so.conf contents to the search path
+  if test -f /etc/ld.so.conf; then
+    lt_ld_extra=`awk '/^include / { system(sprintf("cd /etc; cat %s 2>/dev/null", \[$]2)); skip = 1; } { if (!skip) print \[$]0; skip = 0; }' < /etc/ld.so.conf | $SED -e 's/#.*//;/^[	 ]*hwcap[	 ]/d;s/[:,	]/ /g;s/=[^=]*$//;s/=[^= ]* / /g;s/"//g;/^$/d' | tr '\n' ' '`
+    sys_lib_dlsearch_path_spec="/lib /usr/lib $lt_ld_extra"
+  fi
+
+  # We used to test for /lib/ld.so.1 and disable shared libraries on
+  # powerpc, because MkLinux only supported shared libraries with the
+  # GNU dynamic linker.  Since this was broken with cross compilers,
+  # most powerpc-linux boxes support dynamic linking these days and
+  # people can always --disable-shared, the test was removed, and we
+  # assume the GNU/Linux dynamic linker is in use.
+  dynamic_linker='GNU/Linux ld.so'
+  ;;
+
+netbsd*)
+  version_type=sunos
+  need_lib_prefix=no
+  need_version=no
+  if echo __ELF__ | $CC -E - | $GREP __ELF__ >/dev/null; then
+    library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${shared_ext}$versuffix'
+    finish_cmds='PATH="\$PATH:/sbin" ldconfig -m $libdir'
+    dynamic_linker='NetBSD (a.out) ld.so'
+  else
+    library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}'
+    soname_spec='${libname}${release}${shared_ext}$major'
+    dynamic_linker='NetBSD ld.elf_so'
+  fi
+  shlibpath_var=LD_LIBRARY_PATH
+  shlibpath_overrides_runpath=yes
+  hardcode_into_libs=yes
+  ;;
+
+newsos6)
+  version_type=linux # correct to gnu/linux during the next big refactor
+  library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+  shlibpath_var=LD_LIBRARY_PATH
+  shlibpath_overrides_runpath=yes
+  ;;
+
+*nto* | *qnx*)
+  version_type=qnx
+  need_lib_prefix=no
+  need_version=no
+  library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+  soname_spec='${libname}${release}${shared_ext}$major'
+  shlibpath_var=LD_LIBRARY_PATH
+  shlibpath_overrides_runpath=no
+  hardcode_into_libs=yes
+  dynamic_linker='ldqnx.so'
+  ;;
+
+openbsd*)
+  version_type=sunos
+  sys_lib_dlsearch_path_spec="/usr/lib"
+  need_lib_prefix=no
+  # Some older versions of OpenBSD (3.3 at least) *do* need versioned libs.
+  case $host_os in
+    openbsd3.3 | openbsd3.3.*)	need_version=yes ;;
+    *)				need_version=no  ;;
+  esac
+  library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${shared_ext}$versuffix'
+  finish_cmds='PATH="\$PATH:/sbin" ldconfig -m $libdir'
+  shlibpath_var=LD_LIBRARY_PATH
+  if test -z "`echo __ELF__ | $CC -E - | $GREP __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then
+    case $host_os in
+      openbsd2.[[89]] | openbsd2.[[89]].*)
+	shlibpath_overrides_runpath=no
+	;;
+      *)
+	shlibpath_overrides_runpath=yes
+	;;
+      esac
+  else
+    shlibpath_overrides_runpath=yes
+  fi
+  ;;
+
+os2*)
+  libname_spec='$name'
+  shrext_cmds=".dll"
+  need_lib_prefix=no
+  library_names_spec='$libname${shared_ext} $libname.a'
+  dynamic_linker='OS/2 ld.exe'
+  shlibpath_var=LIBPATH
+  ;;
+
+osf3* | osf4* | osf5*)
+  version_type=osf
+  need_lib_prefix=no
+  need_version=no
+  soname_spec='${libname}${release}${shared_ext}$major'
+  library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+  shlibpath_var=LD_LIBRARY_PATH
+  sys_lib_search_path_spec="/usr/shlib /usr/ccs/lib /usr/lib/cmplrs/cc /usr/lib /usr/local/lib /var/shlib"
+  sys_lib_dlsearch_path_spec="$sys_lib_search_path_spec"
+  ;;
+
+rdos*)
+  dynamic_linker=no
+  ;;
+
+solaris*)
+  version_type=linux # correct to gnu/linux during the next big refactor
+  need_lib_prefix=no
+  need_version=no
+  library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+  soname_spec='${libname}${release}${shared_ext}$major'
+  shlibpath_var=LD_LIBRARY_PATH
+  shlibpath_overrides_runpath=yes
+  hardcode_into_libs=yes
+  # ldd complains unless libraries are executable
+  postinstall_cmds='chmod +x $lib'
+  ;;
+
+sunos4*)
+  version_type=sunos
+  library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${shared_ext}$versuffix'
+  finish_cmds='PATH="\$PATH:/usr/etc" ldconfig $libdir'
+  shlibpath_var=LD_LIBRARY_PATH
+  shlibpath_overrides_runpath=yes
+  if test "$with_gnu_ld" = yes; then
+    need_lib_prefix=no
+  fi
+  need_version=yes
+  ;;
+
+sysv4 | sysv4.3*)
+  version_type=linux # correct to gnu/linux during the next big refactor
+  library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+  soname_spec='${libname}${release}${shared_ext}$major'
+  shlibpath_var=LD_LIBRARY_PATH
+  case $host_vendor in
+    sni)
+      shlibpath_overrides_runpath=no
+      need_lib_prefix=no
+      runpath_var=LD_RUN_PATH
+      ;;
+    siemens)
+      need_lib_prefix=no
+      ;;
+    motorola)
+      need_lib_prefix=no
+      need_version=no
+      shlibpath_overrides_runpath=no
+      sys_lib_search_path_spec='/lib /usr/lib /usr/ccs/lib'
+      ;;
+  esac
+  ;;
+
+sysv4*MP*)
+  if test -d /usr/nec ;then
+    version_type=linux # correct to gnu/linux during the next big refactor
+    library_names_spec='$libname${shared_ext}.$versuffix $libname${shared_ext}.$major $libname${shared_ext}'
+    soname_spec='$libname${shared_ext}.$major'
+    shlibpath_var=LD_LIBRARY_PATH
+  fi
+  ;;
+
+sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX* | sysv4*uw2*)
+  version_type=freebsd-elf
+  need_lib_prefix=no
+  need_version=no
+  library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext} $libname${shared_ext}'
+  soname_spec='${libname}${release}${shared_ext}$major'
+  shlibpath_var=LD_LIBRARY_PATH
+  shlibpath_overrides_runpath=yes
+  hardcode_into_libs=yes
+  if test "$with_gnu_ld" = yes; then
+    sys_lib_search_path_spec='/usr/local/lib /usr/gnu/lib /usr/ccs/lib /usr/lib /lib'
+  else
+    sys_lib_search_path_spec='/usr/ccs/lib /usr/lib'
+    case $host_os in
+      sco3.2v5*)
+        sys_lib_search_path_spec="$sys_lib_search_path_spec /lib"
+	;;
+    esac
+  fi
+  sys_lib_dlsearch_path_spec='/usr/lib'
+  ;;
+
+tpf*)
+  # TPF is a cross-target only.  Preferred cross-host = GNU/Linux.
+  version_type=linux # correct to gnu/linux during the next big refactor
+  need_lib_prefix=no
+  need_version=no
+  library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+  shlibpath_var=LD_LIBRARY_PATH
+  shlibpath_overrides_runpath=no
+  hardcode_into_libs=yes
+  ;;
+
+uts4*)
+  version_type=linux # correct to gnu/linux during the next big refactor
+  library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
+  soname_spec='${libname}${release}${shared_ext}$major'
+  shlibpath_var=LD_LIBRARY_PATH
+  ;;
+
+*)
+  dynamic_linker=no
+  ;;
+esac
+AC_MSG_RESULT([$dynamic_linker])
+test "$dynamic_linker" = no && can_build_shared=no
+
+variables_saved_for_relink="PATH $shlibpath_var $runpath_var"
+if test "$GCC" = yes; then
+  variables_saved_for_relink="$variables_saved_for_relink GCC_EXEC_PREFIX COMPILER_PATH LIBRARY_PATH"
+fi
+
+if test "${lt_cv_sys_lib_search_path_spec+set}" = set; then
+  sys_lib_search_path_spec="$lt_cv_sys_lib_search_path_spec"
+fi
+if test "${lt_cv_sys_lib_dlsearch_path_spec+set}" = set; then
+  sys_lib_dlsearch_path_spec="$lt_cv_sys_lib_dlsearch_path_spec"
+fi
+
+_LT_DECL([], [variables_saved_for_relink], [1],
+    [Variables whose values should be saved in libtool wrapper scripts and
+    restored at link time])
+_LT_DECL([], [need_lib_prefix], [0],
+    [Do we need the "lib" prefix for modules?])
+_LT_DECL([], [need_version], [0], [Do we need a version for libraries?])
+_LT_DECL([], [version_type], [0], [Library versioning type])
+_LT_DECL([], [runpath_var], [0],  [Shared library runtime path variable])
+_LT_DECL([], [shlibpath_var], [0],[Shared library path variable])
+_LT_DECL([], [shlibpath_overrides_runpath], [0],
+    [Is shlibpath searched before the hard-coded library search path?])
+_LT_DECL([], [libname_spec], [1], [Format of library name prefix])
+_LT_DECL([], [library_names_spec], [1],
+    [[List of archive names.  First name is the real one, the rest are links.
+    The last name is the one that the linker finds with -lNAME]])
+_LT_DECL([], [soname_spec], [1],
+    [[The coded name of the library, if different from the real name]])
+_LT_DECL([], [install_override_mode], [1],
+    [Permission mode override for installation of shared libraries])
+_LT_DECL([], [postinstall_cmds], [2],
+    [Command to use after installation of a shared archive])
+_LT_DECL([], [postuninstall_cmds], [2],
+    [Command to use after uninstallation of a shared archive])
+_LT_DECL([], [finish_cmds], [2],
+    [Commands used to finish a libtool library installation in a directory])
+_LT_DECL([], [finish_eval], [1],
+    [[As "finish_cmds", except a single script fragment to be evaled but
+    not shown]])
+_LT_DECL([], [hardcode_into_libs], [0],
+    [Whether we should hardcode library paths into libraries])
+_LT_DECL([], [sys_lib_search_path_spec], [2],
+    [Compile-time system search path for libraries])
+_LT_DECL([], [sys_lib_dlsearch_path_spec], [2],
+    [Run-time system search path for libraries])
+])# _LT_SYS_DYNAMIC_LINKER
+
+
+# _LT_PATH_TOOL_PREFIX(TOOL)
+# --------------------------
+# find a file program which can recognize shared library
+AC_DEFUN([_LT_PATH_TOOL_PREFIX],
+[m4_require([_LT_DECL_EGREP])dnl
+AC_MSG_CHECKING([for $1])
+AC_CACHE_VAL(lt_cv_path_MAGIC_CMD,
+[case $MAGIC_CMD in
+[[\\/*] |  ?:[\\/]*])
+  lt_cv_path_MAGIC_CMD="$MAGIC_CMD" # Let the user override the test with a path.
+  ;;
+*)
+  lt_save_MAGIC_CMD="$MAGIC_CMD"
+  lt_save_ifs="$IFS"; IFS=$PATH_SEPARATOR
+dnl $ac_dummy forces splitting on constant user-supplied paths.
+dnl POSIX.2 word splitting is done only on the output of word expansions,
+dnl not every word.  This closes a longstanding sh security hole.
+  ac_dummy="m4_if([$2], , $PATH, [$2])"
+  for ac_dir in $ac_dummy; do
+    IFS="$lt_save_ifs"
+    test -z "$ac_dir" && ac_dir=.
+    if test -f $ac_dir/$1; then
+      lt_cv_path_MAGIC_CMD="$ac_dir/$1"
+      if test -n "$file_magic_test_file"; then
+	case $deplibs_check_method in
+	"file_magic "*)
+	  file_magic_regex=`expr "$deplibs_check_method" : "file_magic \(.*\)"`
+	  MAGIC_CMD="$lt_cv_path_MAGIC_CMD"
+	  if eval $file_magic_cmd \$file_magic_test_file 2> /dev/null |
+	    $EGREP "$file_magic_regex" > /dev/null; then
+	    :
+	  else
+	    cat <<_LT_EOF 1>&2
+
+*** Warning: the command libtool uses to detect shared libraries,
+*** $file_magic_cmd, produces output that libtool cannot recognize.
+*** The result is that libtool may fail to recognize shared libraries
+*** as such.  This will affect the creation of libtool libraries that
+*** depend on shared libraries, but programs linked with such libtool
+*** libraries will work regardless of this problem.  Nevertheless, you
+*** may want to report the problem to your system manager and/or to
+*** bug-libtool@gnu.org
+
+_LT_EOF
+	  fi ;;
+	esac
+      fi
+      break
+    fi
+  done
+  IFS="$lt_save_ifs"
+  MAGIC_CMD="$lt_save_MAGIC_CMD"
+  ;;
+esac])
+MAGIC_CMD="$lt_cv_path_MAGIC_CMD"
+if test -n "$MAGIC_CMD"; then
+  AC_MSG_RESULT($MAGIC_CMD)
+else
+  AC_MSG_RESULT(no)
+fi
+_LT_DECL([], [MAGIC_CMD], [0],
+	 [Used to examine libraries when file_magic_cmd begins with "file"])dnl
+])# _LT_PATH_TOOL_PREFIX
+
+# Old name:
+AU_ALIAS([AC_PATH_TOOL_PREFIX], [_LT_PATH_TOOL_PREFIX])
+dnl aclocal-1.4 backwards compatibility:
+dnl AC_DEFUN([AC_PATH_TOOL_PREFIX], [])
+
+
+# _LT_PATH_MAGIC
+# --------------
+# find a file program which can recognize a shared library
+m4_defun([_LT_PATH_MAGIC],
+[_LT_PATH_TOOL_PREFIX(${ac_tool_prefix}file, /usr/bin$PATH_SEPARATOR$PATH)
+if test -z "$lt_cv_path_MAGIC_CMD"; then
+  if test -n "$ac_tool_prefix"; then
+    _LT_PATH_TOOL_PREFIX(file, /usr/bin$PATH_SEPARATOR$PATH)
+  else
+    MAGIC_CMD=:
+  fi
+fi
+])# _LT_PATH_MAGIC
+
+
+# LT_PATH_LD
+# ----------
+# find the pathname to the GNU or non-GNU linker
+AC_DEFUN([LT_PATH_LD],
+[AC_REQUIRE([AC_PROG_CC])dnl
+AC_REQUIRE([AC_CANONICAL_HOST])dnl
+AC_REQUIRE([AC_CANONICAL_BUILD])dnl
+m4_require([_LT_DECL_SED])dnl
+m4_require([_LT_DECL_EGREP])dnl
+m4_require([_LT_PROG_ECHO_BACKSLASH])dnl
+
+AC_ARG_WITH([gnu-ld],
+    [AS_HELP_STRING([--with-gnu-ld],
+	[assume the C compiler uses GNU ld @<:@default=no@:>@])],
+    [test "$withval" = no || with_gnu_ld=yes],
+    [with_gnu_ld=no])dnl
+
+ac_prog=ld
+if test "$GCC" = yes; then
+  # Check if gcc -print-prog-name=ld gives a path.
+  AC_MSG_CHECKING([for ld used by $CC])
+  case $host in
+  *-*-mingw*)
+    # gcc leaves a trailing carriage return which upsets mingw
+    ac_prog=`($CC -print-prog-name=ld) 2>&5 | tr -d '\015'` ;;
+  *)
+    ac_prog=`($CC -print-prog-name=ld) 2>&5` ;;
+  esac
+  case $ac_prog in
+    # Accept absolute paths.
+    [[\\/]]* | ?:[[\\/]]*)
+      re_direlt='/[[^/]][[^/]]*/\.\./'
+      # Canonicalize the pathname of ld
+      ac_prog=`$ECHO "$ac_prog"| $SED 's%\\\\%/%g'`
+      while $ECHO "$ac_prog" | $GREP "$re_direlt" > /dev/null 2>&1; do
+	ac_prog=`$ECHO $ac_prog| $SED "s%$re_direlt%/%"`
+      done
+      test -z "$LD" && LD="$ac_prog"
+      ;;
+  "")
+    # If it fails, then pretend we aren't using GCC.
+    ac_prog=ld
+    ;;
+  *)
+    # If it is relative, then search for the first ld in PATH.
+    with_gnu_ld=unknown
+    ;;
+  esac
+elif test "$with_gnu_ld" = yes; then
+  AC_MSG_CHECKING([for GNU ld])
+else
+  AC_MSG_CHECKING([for non-GNU ld])
+fi
+AC_CACHE_VAL(lt_cv_path_LD,
+[if test -z "$LD"; then
+  lt_save_ifs="$IFS"; IFS=$PATH_SEPARATOR
+  for ac_dir in $PATH; do
+    IFS="$lt_save_ifs"
+    test -z "$ac_dir" && ac_dir=.
+    if test -f "$ac_dir/$ac_prog" || test -f "$ac_dir/$ac_prog$ac_exeext"; then
+      lt_cv_path_LD="$ac_dir/$ac_prog"
+      # Check to see if the program is GNU ld.  I'd rather use --version,
+      # but apparently some variants of GNU ld only accept -v.
+      # Break only if it was the GNU/non-GNU ld that we prefer.
+      case `"$lt_cv_path_LD" -v 2>&1 &1 /dev/null 2>&1; then
+    lt_cv_deplibs_check_method='file_magic ^x86 archive import|^x86 DLL'
+    lt_cv_file_magic_cmd='func_win32_libid'
+  else
+    # Keep this pattern in sync with the one in func_win32_libid.
+    lt_cv_deplibs_check_method='file_magic file format (pei*-i386(.*architecture: i386)?|pe-arm-wince|pe-x86-64)'
+    lt_cv_file_magic_cmd='$OBJDUMP -f'
+  fi
+  ;;
+
+cegcc*)
+  # use the weaker test based on 'objdump'. See mingw*.
+  lt_cv_deplibs_check_method='file_magic file format pe-arm-.*little(.*architecture: arm)?'
+  lt_cv_file_magic_cmd='$OBJDUMP -f'
+  ;;
+
+darwin* | rhapsody*)
+  lt_cv_deplibs_check_method=pass_all
+  ;;
+
+freebsd* | dragonfly*)
+  if echo __ELF__ | $CC -E - | $GREP __ELF__ > /dev/null; then
+    case $host_cpu in
+    i*86 )
+      # Not sure whether the presence of OpenBSD here was a mistake.
+      # Let's accept both of them until this is cleared up.
+      lt_cv_deplibs_check_method='file_magic (FreeBSD|OpenBSD|DragonFly)/i[[3-9]]86 (compact )?demand paged shared library'
+      lt_cv_file_magic_cmd=/usr/bin/file
+      lt_cv_file_magic_test_file=`echo /usr/lib/libc.so.*`
+      ;;
+    esac
+  else
+    lt_cv_deplibs_check_method=pass_all
+  fi
+  ;;
+
+gnu*)
+  lt_cv_deplibs_check_method=pass_all
+  ;;
+
+haiku*)
+  lt_cv_deplibs_check_method=pass_all
+  ;;
+
+hpux10.20* | hpux11*)
+  lt_cv_file_magic_cmd=/usr/bin/file
+  case $host_cpu in
+  ia64*)
+    lt_cv_deplibs_check_method='file_magic (s[[0-9]][[0-9]][[0-9]]|ELF-[[0-9]][[0-9]]) shared object file - IA64'
+    lt_cv_file_magic_test_file=/usr/lib/hpux32/libc.so
+    ;;
+  hppa*64*)
+    [lt_cv_deplibs_check_method='file_magic (s[0-9][0-9][0-9]|ELF[ -][0-9][0-9])(-bit)?( [LM]SB)? shared object( file)?[, -]* PA-RISC [0-9]\.[0-9]']
+    lt_cv_file_magic_test_file=/usr/lib/pa20_64/libc.sl
+    ;;
+  *)
+    lt_cv_deplibs_check_method='file_magic (s[[0-9]][[0-9]][[0-9]]|PA-RISC[[0-9]]\.[[0-9]]) shared library'
+    lt_cv_file_magic_test_file=/usr/lib/libc.sl
+    ;;
+  esac
+  ;;
+
+interix[[3-9]]*)
+  # PIC code is broken on Interix 3.x, that's why |\.a not |_pic\.a here
+  lt_cv_deplibs_check_method='match_pattern /lib[[^/]]+(\.so|\.a)$'
+  ;;
+
+irix5* | irix6* | nonstopux*)
+  case $LD in
+  *-32|*"-32 ") libmagic=32-bit;;
+  *-n32|*"-n32 ") libmagic=N32;;
+  *-64|*"-64 ") libmagic=64-bit;;
+  *) libmagic=never-match;;
+  esac
+  lt_cv_deplibs_check_method=pass_all
+  ;;
+
+# This must be glibc/ELF.
+linux* | k*bsd*-gnu | kopensolaris*-gnu)
+  lt_cv_deplibs_check_method=pass_all
+  ;;
+
+netbsd*)
+  if echo __ELF__ | $CC -E - | $GREP __ELF__ > /dev/null; then
+    lt_cv_deplibs_check_method='match_pattern /lib[[^/]]+(\.so\.[[0-9]]+\.[[0-9]]+|_pic\.a)$'
+  else
+    lt_cv_deplibs_check_method='match_pattern /lib[[^/]]+(\.so|_pic\.a)$'
+  fi
+  ;;
+
+newos6*)
+  lt_cv_deplibs_check_method='file_magic ELF [[0-9]][[0-9]]*-bit [[ML]]SB (executable|dynamic lib)'
+  lt_cv_file_magic_cmd=/usr/bin/file
+  lt_cv_file_magic_test_file=/usr/lib/libnls.so
+  ;;
+
+*nto* | *qnx*)
+  lt_cv_deplibs_check_method=pass_all
+  ;;
+
+openbsd*)
+  if test -z "`echo __ELF__ | $CC -E - | $GREP __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then
+    lt_cv_deplibs_check_method='match_pattern /lib[[^/]]+(\.so\.[[0-9]]+\.[[0-9]]+|\.so|_pic\.a)$'
+  else
+    lt_cv_deplibs_check_method='match_pattern /lib[[^/]]+(\.so\.[[0-9]]+\.[[0-9]]+|_pic\.a)$'
+  fi
+  ;;
+
+osf3* | osf4* | osf5*)
+  lt_cv_deplibs_check_method=pass_all
+  ;;
+
+rdos*)
+  lt_cv_deplibs_check_method=pass_all
+  ;;
+
+solaris*)
+  lt_cv_deplibs_check_method=pass_all
+  ;;
+
+sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX* | sysv4*uw2*)
+  lt_cv_deplibs_check_method=pass_all
+  ;;
+
+sysv4 | sysv4.3*)
+  case $host_vendor in
+  motorola)
+    lt_cv_deplibs_check_method='file_magic ELF [[0-9]][[0-9]]*-bit [[ML]]SB (shared object|dynamic lib) M[[0-9]][[0-9]]* Version [[0-9]]'
+    lt_cv_file_magic_test_file=`echo /usr/lib/libc.so*`
+    ;;
+  ncr)
+    lt_cv_deplibs_check_method=pass_all
+    ;;
+  sequent)
+    lt_cv_file_magic_cmd='/bin/file'
+    lt_cv_deplibs_check_method='file_magic ELF [[0-9]][[0-9]]*-bit [[LM]]SB (shared object|dynamic lib )'
+    ;;
+  sni)
+    lt_cv_file_magic_cmd='/bin/file'
+    lt_cv_deplibs_check_method="file_magic ELF [[0-9]][[0-9]]*-bit [[LM]]SB dynamic lib"
+    lt_cv_file_magic_test_file=/lib/libc.so
+    ;;
+  siemens)
+    lt_cv_deplibs_check_method=pass_all
+    ;;
+  pc)
+    lt_cv_deplibs_check_method=pass_all
+    ;;
+  esac
+  ;;
+
+tpf*)
+  lt_cv_deplibs_check_method=pass_all
+  ;;
+esac
+])
+
+file_magic_glob=
+want_nocaseglob=no
+if test "$build" = "$host"; then
+  case $host_os in
+  mingw* | pw32*)
+    if ( shopt | grep nocaseglob ) >/dev/null 2>&1; then
+      want_nocaseglob=yes
+    else
+      file_magic_glob=`echo aAbBcCdDeEfFgGhHiIjJkKlLmMnNoOpPqQrRsStTuUvVwWxXyYzZ | $SED -e "s/\(..\)/s\/[[\1]]\/[[\1]]\/g;/g"`
+    fi
+    ;;
+  esac
+fi
+
+file_magic_cmd=$lt_cv_file_magic_cmd
+deplibs_check_method=$lt_cv_deplibs_check_method
+test -z "$deplibs_check_method" && deplibs_check_method=unknown
+
+_LT_DECL([], [deplibs_check_method], [1],
+    [Method to check whether dependent libraries are shared objects])
+_LT_DECL([], [file_magic_cmd], [1],
+    [Command to use when deplibs_check_method = "file_magic"])
+_LT_DECL([], [file_magic_glob], [1],
+    [How to find potential files when deplibs_check_method = "file_magic"])
+_LT_DECL([], [want_nocaseglob], [1],
+    [Find potential files using nocaseglob when deplibs_check_method = "file_magic"])
+])# _LT_CHECK_MAGIC_METHOD
+
+
+# LT_PATH_NM
+# ----------
+# find the pathname to a BSD- or MS-compatible name lister
+AC_DEFUN([LT_PATH_NM],
+[AC_REQUIRE([AC_PROG_CC])dnl
+AC_CACHE_CHECK([for BSD- or MS-compatible name lister (nm)], lt_cv_path_NM,
+[if test -n "$NM"; then
+  # Let the user override the test.
+  lt_cv_path_NM="$NM"
+else
+  lt_nm_to_check="${ac_tool_prefix}nm"
+  if test -n "$ac_tool_prefix" && test "$build" = "$host"; then
+    lt_nm_to_check="$lt_nm_to_check nm"
+  fi
+  for lt_tmp_nm in $lt_nm_to_check; do
+    lt_save_ifs="$IFS"; IFS=$PATH_SEPARATOR
+    for ac_dir in $PATH /usr/ccs/bin/elf /usr/ccs/bin /usr/ucb /bin; do
+      IFS="$lt_save_ifs"
+      test -z "$ac_dir" && ac_dir=.
+      tmp_nm="$ac_dir/$lt_tmp_nm"
+      if test -f "$tmp_nm" || test -f "$tmp_nm$ac_exeext" ; then
+	# Check to see if the nm accepts a BSD-compat flag.
+	# Adding the `sed 1q' prevents false positives on HP-UX, which says:
+	#   nm: unknown option "B" ignored
+	# Tru64's nm complains that /dev/null is an invalid object file
+	case `"$tmp_nm" -B /dev/null 2>&1 | sed '1q'` in
+	*/dev/null* | *'Invalid file or object type'*)
+	  lt_cv_path_NM="$tmp_nm -B"
+	  break
+	  ;;
+	*)
+	  case `"$tmp_nm" -p /dev/null 2>&1 | sed '1q'` in
+	  */dev/null*)
+	    lt_cv_path_NM="$tmp_nm -p"
+	    break
+	    ;;
+	  *)
+	    lt_cv_path_NM=${lt_cv_path_NM="$tmp_nm"} # keep the first match, but
+	    continue # so that we can try to find one that supports BSD flags
+	    ;;
+	  esac
+	  ;;
+	esac
+      fi
+    done
+    IFS="$lt_save_ifs"
+  done
+  : ${lt_cv_path_NM=no}
+fi])
+if test "$lt_cv_path_NM" != "no"; then
+  NM="$lt_cv_path_NM"
+else
+  # Didn't find any BSD compatible name lister, look for dumpbin.
+  if test -n "$DUMPBIN"; then :
+    # Let the user override the test.
+  else
+    AC_CHECK_TOOLS(DUMPBIN, [dumpbin "link -dump"], :)
+    case `$DUMPBIN -symbols /dev/null 2>&1 | sed '1q'` in
+    *COFF*)
+      DUMPBIN="$DUMPBIN -symbols"
+      ;;
+    *)
+      DUMPBIN=:
+      ;;
+    esac
+  fi
+  AC_SUBST([DUMPBIN])
+  if test "$DUMPBIN" != ":"; then
+    NM="$DUMPBIN"
+  fi
+fi
+test -z "$NM" && NM=nm
+AC_SUBST([NM])
+_LT_DECL([], [NM], [1], [A BSD- or MS-compatible name lister])dnl
+
+AC_CACHE_CHECK([the name lister ($NM) interface], [lt_cv_nm_interface],
+  [lt_cv_nm_interface="BSD nm"
+  echo "int some_variable = 0;" > conftest.$ac_ext
+  (eval echo "\"\$as_me:$LINENO: $ac_compile\"" >&AS_MESSAGE_LOG_FD)
+  (eval "$ac_compile" 2>conftest.err)
+  cat conftest.err >&AS_MESSAGE_LOG_FD
+  (eval echo "\"\$as_me:$LINENO: $NM \\\"conftest.$ac_objext\\\"\"" >&AS_MESSAGE_LOG_FD)
+  (eval "$NM \"conftest.$ac_objext\"" 2>conftest.err > conftest.out)
+  cat conftest.err >&AS_MESSAGE_LOG_FD
+  (eval echo "\"\$as_me:$LINENO: output\"" >&AS_MESSAGE_LOG_FD)
+  cat conftest.out >&AS_MESSAGE_LOG_FD
+  if $GREP 'External.*some_variable' conftest.out > /dev/null; then
+    lt_cv_nm_interface="MS dumpbin"
+  fi
+  rm -f conftest*])
+])# LT_PATH_NM
+
+# Old names:
+AU_ALIAS([AM_PROG_NM], [LT_PATH_NM])
+AU_ALIAS([AC_PROG_NM], [LT_PATH_NM])
+dnl aclocal-1.4 backwards compatibility:
+dnl AC_DEFUN([AM_PROG_NM], [])
+dnl AC_DEFUN([AC_PROG_NM], [])
+
+# _LT_CHECK_SHAREDLIB_FROM_LINKLIB
+# --------------------------------
+# how to determine the name of the shared library
+# associated with a specific link library.
+#  -- PORTME fill in with the dynamic library characteristics
+m4_defun([_LT_CHECK_SHAREDLIB_FROM_LINKLIB],
+[m4_require([_LT_DECL_EGREP])
+m4_require([_LT_DECL_OBJDUMP])
+m4_require([_LT_DECL_DLLTOOL])
+AC_CACHE_CHECK([how to associate runtime and link libraries],
+lt_cv_sharedlib_from_linklib_cmd,
+[lt_cv_sharedlib_from_linklib_cmd='unknown'
+
+case $host_os in
+cygwin* | mingw* | pw32* | cegcc*)
+  # two different shell functions defined in ltmain.sh
+  # decide which to use based on capabilities of $DLLTOOL
+  case `$DLLTOOL --help 2>&1` in
+  *--identify-strict*)
+    lt_cv_sharedlib_from_linklib_cmd=func_cygming_dll_for_implib
+    ;;
+  *)
+    lt_cv_sharedlib_from_linklib_cmd=func_cygming_dll_for_implib_fallback
+    ;;
+  esac
+  ;;
+*)
+  # fallback: assume linklib IS sharedlib
+  lt_cv_sharedlib_from_linklib_cmd="$ECHO"
+  ;;
+esac
+])
+sharedlib_from_linklib_cmd=$lt_cv_sharedlib_from_linklib_cmd
+test -z "$sharedlib_from_linklib_cmd" && sharedlib_from_linklib_cmd=$ECHO
+
+_LT_DECL([], [sharedlib_from_linklib_cmd], [1],
+    [Command to associate shared and link libraries])
+])# _LT_CHECK_SHAREDLIB_FROM_LINKLIB
+
+
+# _LT_PATH_MANIFEST_TOOL
+# ----------------------
+# locate the manifest tool
+m4_defun([_LT_PATH_MANIFEST_TOOL],
+[AC_CHECK_TOOL(MANIFEST_TOOL, mt, :)
+test -z "$MANIFEST_TOOL" && MANIFEST_TOOL=mt
+AC_CACHE_CHECK([if $MANIFEST_TOOL is a manifest tool], [lt_cv_path_mainfest_tool],
+  [lt_cv_path_mainfest_tool=no
+  echo "$as_me:$LINENO: $MANIFEST_TOOL '-?'" >&AS_MESSAGE_LOG_FD
+  $MANIFEST_TOOL '-?' 2>conftest.err > conftest.out
+  cat conftest.err >&AS_MESSAGE_LOG_FD
+  if $GREP 'Manifest Tool' conftest.out > /dev/null; then
+    lt_cv_path_mainfest_tool=yes
+  fi
+  rm -f conftest*])
+if test "x$lt_cv_path_mainfest_tool" != xyes; then
+  MANIFEST_TOOL=:
+fi
+_LT_DECL([], [MANIFEST_TOOL], [1], [Manifest tool])dnl
+])# _LT_PATH_MANIFEST_TOOL
+
+
+# LT_LIB_M
+# --------
+# check for math library
+AC_DEFUN([LT_LIB_M],
+[AC_REQUIRE([AC_CANONICAL_HOST])dnl
+LIBM=
+case $host in
+*-*-beos* | *-*-cegcc* | *-*-cygwin* | *-*-haiku* | *-*-pw32* | *-*-darwin*)
+  # These system don't have libm, or don't need it
+  ;;
+*-ncr-sysv4.3*)
+  AC_CHECK_LIB(mw, _mwvalidcheckl, LIBM="-lmw")
+  AC_CHECK_LIB(m, cos, LIBM="$LIBM -lm")
+  ;;
+*)
+  AC_CHECK_LIB(m, cos, LIBM="-lm")
+  ;;
+esac
+AC_SUBST([LIBM])
+])# LT_LIB_M
+
+# Old name:
+AU_ALIAS([AC_CHECK_LIBM], [LT_LIB_M])
+dnl aclocal-1.4 backwards compatibility:
+dnl AC_DEFUN([AC_CHECK_LIBM], [])
+
+
+# _LT_COMPILER_NO_RTTI([TAGNAME])
+# -------------------------------
+m4_defun([_LT_COMPILER_NO_RTTI],
+[m4_require([_LT_TAG_COMPILER])dnl
+
+_LT_TAGVAR(lt_prog_compiler_no_builtin_flag, $1)=
+
+if test "$GCC" = yes; then
+  case $cc_basename in
+  nvcc*)
+    _LT_TAGVAR(lt_prog_compiler_no_builtin_flag, $1)=' -Xcompiler -fno-builtin' ;;
+  *)
+    _LT_TAGVAR(lt_prog_compiler_no_builtin_flag, $1)=' -fno-builtin' ;;
+  esac
+
+  _LT_COMPILER_OPTION([if $compiler supports -fno-rtti -fno-exceptions],
+    lt_cv_prog_compiler_rtti_exceptions,
+    [-fno-rtti -fno-exceptions], [],
+    [_LT_TAGVAR(lt_prog_compiler_no_builtin_flag, $1)="$_LT_TAGVAR(lt_prog_compiler_no_builtin_flag, $1) -fno-rtti -fno-exceptions"])
+fi
+_LT_TAGDECL([no_builtin_flag], [lt_prog_compiler_no_builtin_flag], [1],
+	[Compiler flag to turn off builtin functions])
+])# _LT_COMPILER_NO_RTTI
+
+
+# _LT_CMD_GLOBAL_SYMBOLS
+# ----------------------
+m4_defun([_LT_CMD_GLOBAL_SYMBOLS],
+[AC_REQUIRE([AC_CANONICAL_HOST])dnl
+AC_REQUIRE([AC_PROG_CC])dnl
+AC_REQUIRE([AC_PROG_AWK])dnl
+AC_REQUIRE([LT_PATH_NM])dnl
+AC_REQUIRE([LT_PATH_LD])dnl
+m4_require([_LT_DECL_SED])dnl
+m4_require([_LT_DECL_EGREP])dnl
+m4_require([_LT_TAG_COMPILER])dnl
+
+# Check for command to grab the raw symbol name followed by C symbol from nm.
+AC_MSG_CHECKING([command to parse $NM output from $compiler object])
+AC_CACHE_VAL([lt_cv_sys_global_symbol_pipe],
+[
+# These are sane defaults that work on at least a few old systems.
+# [They come from Ultrix.  What could be older than Ultrix?!! ;)]
+
+# Character class describing NM global symbol codes.
+symcode='[[BCDEGRST]]'
+
+# Regexp to match symbols that can be accessed directly from C.
+sympat='\([[_A-Za-z]][[_A-Za-z0-9]]*\)'
+
+# Define system-specific variables.
+case $host_os in
+aix*)
+  symcode='[[BCDT]]'
+  ;;
+cygwin* | mingw* | pw32* | cegcc*)
+  symcode='[[ABCDGISTW]]'
+  ;;
+hpux*)
+  if test "$host_cpu" = ia64; then
+    symcode='[[ABCDEGRST]]'
+  fi
+  ;;
+irix* | nonstopux*)
+  symcode='[[BCDEGRST]]'
+  ;;
+osf*)
+  symcode='[[BCDEGQRST]]'
+  ;;
+solaris*)
+  symcode='[[BDRT]]'
+  ;;
+sco3.2v5*)
+  symcode='[[DT]]'
+  ;;
+sysv4.2uw2*)
+  symcode='[[DT]]'
+  ;;
+sysv5* | sco5v6* | unixware* | OpenUNIX*)
+  symcode='[[ABDT]]'
+  ;;
+sysv4)
+  symcode='[[DFNSTU]]'
+  ;;
+esac
+
+# If we're using GNU nm, then use its standard symbol codes.
+case `$NM -V 2>&1` in
+*GNU* | *'with BFD'*)
+  symcode='[[ABCDGIRSTW]]' ;;
+esac
+
+# Transform an extracted symbol line into a proper C declaration.
+# Some systems (esp. on ia64) link data and code symbols differently,
+# so use this general approach.
+lt_cv_sys_global_symbol_to_cdecl="sed -n -e 's/^T .* \(.*\)$/extern int \1();/p' -e 's/^$symcode* .* \(.*\)$/extern char \1;/p'"
+
+# Transform an extracted symbol line into symbol name and symbol address
+lt_cv_sys_global_symbol_to_c_name_address="sed -n -e 's/^: \([[^ ]]*\)[[ ]]*$/  {\\\"\1\\\", (void *) 0},/p' -e 's/^$symcode* \([[^ ]]*\) \([[^ ]]*\)$/  {\"\2\", (void *) \&\2},/p'"
+lt_cv_sys_global_symbol_to_c_name_address_lib_prefix="sed -n -e 's/^: \([[^ ]]*\)[[ ]]*$/  {\\\"\1\\\", (void *) 0},/p' -e 's/^$symcode* \([[^ ]]*\) \(lib[[^ ]]*\)$/  {\"\2\", (void *) \&\2},/p' -e 's/^$symcode* \([[^ ]]*\) \([[^ ]]*\)$/  {\"lib\2\", (void *) \&\2},/p'"
+
+# Handle CRLF in mingw tool chain
+opt_cr=
+case $build_os in
+mingw*)
+  opt_cr=`$ECHO 'x\{0,1\}' | tr x '\015'` # option cr in regexp
+  ;;
+esac
+
+# Try without a prefix underscore, then with it.
+for ac_symprfx in "" "_"; do
+
+  # Transform symcode, sympat, and symprfx into a raw symbol and a C symbol.
+  symxfrm="\\1 $ac_symprfx\\2 \\2"
+
+  # Write the raw and C identifiers.
+  if test "$lt_cv_nm_interface" = "MS dumpbin"; then
+    # Fake it for dumpbin and say T for any non-static function
+    # and D for any global variable.
+    # Also find C++ and __fastcall symbols from MSVC++,
+    # which start with @ or ?.
+    lt_cv_sys_global_symbol_pipe="$AWK ['"\
+"     {last_section=section; section=\$ 3};"\
+"     /^COFF SYMBOL TABLE/{for(i in hide) delete hide[i]};"\
+"     /Section length .*#relocs.*(pick any)/{hide[last_section]=1};"\
+"     \$ 0!~/External *\|/{next};"\
+"     / 0+ UNDEF /{next}; / UNDEF \([^|]\)*()/{next};"\
+"     {if(hide[section]) next};"\
+"     {f=0}; \$ 0~/\(\).*\|/{f=1}; {printf f ? \"T \" : \"D \"};"\
+"     {split(\$ 0, a, /\||\r/); split(a[2], s)};"\
+"     s[1]~/^[@?]/{print s[1], s[1]; next};"\
+"     s[1]~prfx {split(s[1],t,\"@\"); print t[1], substr(t[1],length(prfx))}"\
+"     ' prfx=^$ac_symprfx]"
+  else
+    lt_cv_sys_global_symbol_pipe="sed -n -e 's/^.*[[	 ]]\($symcode$symcode*\)[[	 ]][[	 ]]*$ac_symprfx$sympat$opt_cr$/$symxfrm/p'"
+  fi
+  lt_cv_sys_global_symbol_pipe="$lt_cv_sys_global_symbol_pipe | sed '/ __gnu_lto/d'"
+
+  # Check to see that the pipe works correctly.
+  pipe_works=no
+
+  rm -f conftest*
+  cat > conftest.$ac_ext <<_LT_EOF
+#ifdef __cplusplus
+extern "C" {
+#endif
+char nm_test_var;
+void nm_test_func(void);
+void nm_test_func(void){}
+#ifdef __cplusplus
+}
+#endif
+int main(){nm_test_var='a';nm_test_func();return(0);}
+_LT_EOF
+
+  if AC_TRY_EVAL(ac_compile); then
+    # Now try to grab the symbols.
+    nlist=conftest.nm
+    if AC_TRY_EVAL(NM conftest.$ac_objext \| "$lt_cv_sys_global_symbol_pipe" \> $nlist) && test -s "$nlist"; then
+      # Try sorting and uniquifying the output.
+      if sort "$nlist" | uniq > "$nlist"T; then
+	mv -f "$nlist"T "$nlist"
+      else
+	rm -f "$nlist"T
+      fi
+
+      # Make sure that we snagged all the symbols we need.
+      if $GREP ' nm_test_var$' "$nlist" >/dev/null; then
+	if $GREP ' nm_test_func$' "$nlist" >/dev/null; then
+	  cat <<_LT_EOF > conftest.$ac_ext
+/* Keep this code in sync between libtool.m4, ltmain, lt_system.h, and tests.  */
+#if defined(_WIN32) || defined(__CYGWIN__) || defined(_WIN32_WCE)
+/* DATA imports from DLLs on WIN32 con't be const, because runtime
+   relocations are performed -- see ld's documentation on pseudo-relocs.  */
+# define LT@&t@_DLSYM_CONST
+#elif defined(__osf__)
+/* This system does not cope well with relocations in const data.  */
+# define LT@&t@_DLSYM_CONST
+#else
+# define LT@&t@_DLSYM_CONST const
+#endif
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+_LT_EOF
+	  # Now generate the symbol file.
+	  eval "$lt_cv_sys_global_symbol_to_cdecl"' < "$nlist" | $GREP -v main >> conftest.$ac_ext'
+
+	  cat <<_LT_EOF >> conftest.$ac_ext
+
+/* The mapping between symbol names and symbols.  */
+LT@&t@_DLSYM_CONST struct {
+  const char *name;
+  void       *address;
+}
+lt__PROGRAM__LTX_preloaded_symbols[[]] =
+{
+  { "@PROGRAM@", (void *) 0 },
+_LT_EOF
+	  $SED "s/^$symcode$symcode* \(.*\) \(.*\)$/  {\"\2\", (void *) \&\2},/" < "$nlist" | $GREP -v main >> conftest.$ac_ext
+	  cat <<\_LT_EOF >> conftest.$ac_ext
+  {0, (void *) 0}
+};
+
+/* This works around a problem in FreeBSD linker */
+#ifdef FREEBSD_WORKAROUND
+static const void *lt_preloaded_setup() {
+  return lt__PROGRAM__LTX_preloaded_symbols;
+}
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+_LT_EOF
+	  # Now try linking the two files.
+	  mv conftest.$ac_objext conftstm.$ac_objext
+	  lt_globsym_save_LIBS=$LIBS
+	  lt_globsym_save_CFLAGS=$CFLAGS
+	  LIBS="conftstm.$ac_objext"
+	  CFLAGS="$CFLAGS$_LT_TAGVAR(lt_prog_compiler_no_builtin_flag, $1)"
+	  if AC_TRY_EVAL(ac_link) && test -s conftest${ac_exeext}; then
+	    pipe_works=yes
+	  fi
+	  LIBS=$lt_globsym_save_LIBS
+	  CFLAGS=$lt_globsym_save_CFLAGS
+	else
+	  echo "cannot find nm_test_func in $nlist" >&AS_MESSAGE_LOG_FD
+	fi
+      else
+	echo "cannot find nm_test_var in $nlist" >&AS_MESSAGE_LOG_FD
+      fi
+    else
+      echo "cannot run $lt_cv_sys_global_symbol_pipe" >&AS_MESSAGE_LOG_FD
+    fi
+  else
+    echo "$progname: failed program was:" >&AS_MESSAGE_LOG_FD
+    cat conftest.$ac_ext >&5
+  fi
+  rm -rf conftest* conftst*
+
+  # Do not use the global_symbol_pipe unless it works.
+  if test "$pipe_works" = yes; then
+    break
+  else
+    lt_cv_sys_global_symbol_pipe=
+  fi
+done
+])
+if test -z "$lt_cv_sys_global_symbol_pipe"; then
+  lt_cv_sys_global_symbol_to_cdecl=
+fi
+if test -z "$lt_cv_sys_global_symbol_pipe$lt_cv_sys_global_symbol_to_cdecl"; then
+  AC_MSG_RESULT(failed)
+else
+  AC_MSG_RESULT(ok)
+fi
+
+# Response file support.
+if test "$lt_cv_nm_interface" = "MS dumpbin"; then
+  nm_file_list_spec='@'
+elif $NM --help 2>/dev/null | grep '[[@]]FILE' >/dev/null; then
+  nm_file_list_spec='@'
+fi
+
+_LT_DECL([global_symbol_pipe], [lt_cv_sys_global_symbol_pipe], [1],
+    [Take the output of nm and produce a listing of raw symbols and C names])
+_LT_DECL([global_symbol_to_cdecl], [lt_cv_sys_global_symbol_to_cdecl], [1],
+    [Transform the output of nm in a proper C declaration])
+_LT_DECL([global_symbol_to_c_name_address],
+    [lt_cv_sys_global_symbol_to_c_name_address], [1],
+    [Transform the output of nm in a C name address pair])
+_LT_DECL([global_symbol_to_c_name_address_lib_prefix],
+    [lt_cv_sys_global_symbol_to_c_name_address_lib_prefix], [1],
+    [Transform the output of nm in a C name address pair when lib prefix is needed])
+_LT_DECL([], [nm_file_list_spec], [1],
+    [Specify filename containing input files for $NM])
+]) # _LT_CMD_GLOBAL_SYMBOLS
+
+
+# _LT_COMPILER_PIC([TAGNAME])
+# ---------------------------
+m4_defun([_LT_COMPILER_PIC],
+[m4_require([_LT_TAG_COMPILER])dnl
+_LT_TAGVAR(lt_prog_compiler_wl, $1)=
+_LT_TAGVAR(lt_prog_compiler_pic, $1)=
+_LT_TAGVAR(lt_prog_compiler_static, $1)=
+
+m4_if([$1], [CXX], [
+  # C++ specific cases for pic, static, wl, etc.
+  if test "$GXX" = yes; then
+    _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+    _LT_TAGVAR(lt_prog_compiler_static, $1)='-static'
+
+    case $host_os in
+    aix*)
+      # All AIX code is PIC.
+      if test "$host_cpu" = ia64; then
+	# AIX 5 now supports IA64 processor
+	_LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
+      fi
+      ;;
+
+    amigaos*)
+      case $host_cpu in
+      powerpc)
+            # see comment about AmigaOS4 .so support
+            _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC'
+        ;;
+      m68k)
+            # FIXME: we need at least 68020 code to build shared libraries, but
+            # adding the `-m68020' flag to GCC prevents building anything better,
+            # like `-m68040'.
+            _LT_TAGVAR(lt_prog_compiler_pic, $1)='-m68020 -resident32 -malways-restore-a4'
+        ;;
+      esac
+      ;;
+
+    beos* | irix5* | irix6* | nonstopux* | osf3* | osf4* | osf5*)
+      # PIC is the default for these OSes.
+      ;;
+    mingw* | cygwin* | os2* | pw32* | cegcc*)
+      # This hack is so that the source file can tell whether it is being
+      # built for inclusion in a dll (and should export symbols for example).
+      # Although the cygwin gcc ignores -fPIC, still need this for old-style
+      # (--disable-auto-import) libraries
+      m4_if([$1], [GCJ], [],
+	[_LT_TAGVAR(lt_prog_compiler_pic, $1)='-DDLL_EXPORT'])
+      ;;
+    darwin* | rhapsody*)
+      # PIC is the default on this platform
+      # Common symbols not allowed in MH_DYLIB files
+      _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fno-common'
+      ;;
+    *djgpp*)
+      # DJGPP does not support shared libraries at all
+      _LT_TAGVAR(lt_prog_compiler_pic, $1)=
+      ;;
+    haiku*)
+      # PIC is the default for Haiku.
+      # The "-static" flag exists, but is broken.
+      _LT_TAGVAR(lt_prog_compiler_static, $1)=
+      ;;
+    interix[[3-9]]*)
+      # Interix 3.x gcc -fpic/-fPIC options generate broken code.
+      # Instead, we relocate shared libraries at runtime.
+      ;;
+    sysv4*MP*)
+      if test -d /usr/nec; then
+	_LT_TAGVAR(lt_prog_compiler_pic, $1)=-Kconform_pic
+      fi
+      ;;
+    hpux*)
+      # PIC is the default for 64-bit PA HP-UX, but not for 32-bit
+      # PA HP-UX.  On IA64 HP-UX, PIC is the default but the pic flag
+      # sets the default TLS model and affects inlining.
+      case $host_cpu in
+      hppa*64*)
+	;;
+      *)
+	_LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC'
+	;;
+      esac
+      ;;
+    *qnx* | *nto*)
+      # QNX uses GNU C++, but need to define -shared option too, otherwise
+      # it will coredump.
+      _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC -shared'
+      ;;
+    *)
+      _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC'
+      ;;
+    esac
+  else
+    case $host_os in
+      aix[[4-9]]*)
+	# All AIX code is PIC.
+	if test "$host_cpu" = ia64; then
+	  # AIX 5 now supports IA64 processor
+	  _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
+	else
+	  _LT_TAGVAR(lt_prog_compiler_static, $1)='-bnso -bI:/lib/syscalls.exp'
+	fi
+	;;
+      chorus*)
+	case $cc_basename in
+	cxch68*)
+	  # Green Hills C++ Compiler
+	  # _LT_TAGVAR(lt_prog_compiler_static, $1)="--no_auto_instantiation -u __main -u __premain -u _abort -r $COOL_DIR/lib/libOrb.a $MVME_DIR/lib/CC/libC.a $MVME_DIR/lib/classix/libcx.s.a"
+	  ;;
+	esac
+	;;
+      mingw* | cygwin* | os2* | pw32* | cegcc*)
+	# This hack is so that the source file can tell whether it is being
+	# built for inclusion in a dll (and should export symbols for example).
+	m4_if([$1], [GCJ], [],
+	  [_LT_TAGVAR(lt_prog_compiler_pic, $1)='-DDLL_EXPORT'])
+	;;
+      dgux*)
+	case $cc_basename in
+	  ec++*)
+	    _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC'
+	    ;;
+	  ghcx*)
+	    # Green Hills C++ Compiler
+	    _LT_TAGVAR(lt_prog_compiler_pic, $1)='-pic'
+	    ;;
+	  *)
+	    ;;
+	esac
+	;;
+      freebsd* | dragonfly*)
+	# FreeBSD uses GNU C++
+	;;
+      hpux9* | hpux10* | hpux11*)
+	case $cc_basename in
+	  CC*)
+	    _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+	    _LT_TAGVAR(lt_prog_compiler_static, $1)='${wl}-a ${wl}archive'
+	    if test "$host_cpu" != ia64; then
+	      _LT_TAGVAR(lt_prog_compiler_pic, $1)='+Z'
+	    fi
+	    ;;
+	  aCC*)
+	    _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+	    _LT_TAGVAR(lt_prog_compiler_static, $1)='${wl}-a ${wl}archive'
+	    case $host_cpu in
+	    hppa*64*|ia64*)
+	      # +Z the default
+	      ;;
+	    *)
+	      _LT_TAGVAR(lt_prog_compiler_pic, $1)='+Z'
+	      ;;
+	    esac
+	    ;;
+	  *)
+	    ;;
+	esac
+	;;
+      interix*)
+	# This is c89, which is MS Visual C++ (no shared libs)
+	# Anyone wants to do a port?
+	;;
+      irix5* | irix6* | nonstopux*)
+	case $cc_basename in
+	  CC*)
+	    _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+	    _LT_TAGVAR(lt_prog_compiler_static, $1)='-non_shared'
+	    # CC pic flag -KPIC is the default.
+	    ;;
+	  *)
+	    ;;
+	esac
+	;;
+      linux* | k*bsd*-gnu | kopensolaris*-gnu)
+	case $cc_basename in
+	  KCC*)
+	    # KAI C++ Compiler
+	    _LT_TAGVAR(lt_prog_compiler_wl, $1)='--backend -Wl,'
+	    _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC'
+	    ;;
+	  ecpc* )
+	    # old Intel C++ for x86_64 which still supported -KPIC.
+	    _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+	    _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC'
+	    _LT_TAGVAR(lt_prog_compiler_static, $1)='-static'
+	    ;;
+	  icpc* )
+	    # Intel C++, used to be incompatible with GCC.
+	    # ICC 10 doesn't accept -KPIC any more.
+	    _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+	    _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC'
+	    _LT_TAGVAR(lt_prog_compiler_static, $1)='-static'
+	    ;;
+	  pgCC* | pgcpp*)
+	    # Portland Group C++ compiler
+	    _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+	    _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fpic'
+	    _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
+	    ;;
+	  cxx*)
+	    # Compaq C++
+	    # Make sure the PIC flag is empty.  It appears that all Alpha
+	    # Linux and Compaq Tru64 Unix objects are PIC.
+	    _LT_TAGVAR(lt_prog_compiler_pic, $1)=
+	    _LT_TAGVAR(lt_prog_compiler_static, $1)='-non_shared'
+	    ;;
+	  xlc* | xlC* | bgxl[[cC]]* | mpixl[[cC]]*)
+	    # IBM XL 8.0, 9.0 on PPC and BlueGene
+	    _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+	    _LT_TAGVAR(lt_prog_compiler_pic, $1)='-qpic'
+	    _LT_TAGVAR(lt_prog_compiler_static, $1)='-qstaticlink'
+	    ;;
+	  *)
+	    case `$CC -V 2>&1 | sed 5q` in
+	    *Sun\ C*)
+	      # Sun C++ 5.9
+	      _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC'
+	      _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
+	      _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Qoption ld '
+	      ;;
+	    esac
+	    ;;
+	esac
+	;;
+      lynxos*)
+	;;
+      m88k*)
+	;;
+      mvs*)
+	case $cc_basename in
+	  cxx*)
+	    _LT_TAGVAR(lt_prog_compiler_pic, $1)='-W c,exportall'
+	    ;;
+	  *)
+	    ;;
+	esac
+	;;
+      netbsd*)
+	;;
+      *qnx* | *nto*)
+        # QNX uses GNU C++, but need to define -shared option too, otherwise
+        # it will coredump.
+        _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC -shared'
+        ;;
+      osf3* | osf4* | osf5*)
+	case $cc_basename in
+	  KCC*)
+	    _LT_TAGVAR(lt_prog_compiler_wl, $1)='--backend -Wl,'
+	    ;;
+	  RCC*)
+	    # Rational C++ 2.4.1
+	    _LT_TAGVAR(lt_prog_compiler_pic, $1)='-pic'
+	    ;;
+	  cxx*)
+	    # Digital/Compaq C++
+	    _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+	    # Make sure the PIC flag is empty.  It appears that all Alpha
+	    # Linux and Compaq Tru64 Unix objects are PIC.
+	    _LT_TAGVAR(lt_prog_compiler_pic, $1)=
+	    _LT_TAGVAR(lt_prog_compiler_static, $1)='-non_shared'
+	    ;;
+	  *)
+	    ;;
+	esac
+	;;
+      psos*)
+	;;
+      solaris*)
+	case $cc_basename in
+	  CC* | sunCC*)
+	    # Sun C++ 4.2, 5.x and Centerline C++
+	    _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC'
+	    _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
+	    _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Qoption ld '
+	    ;;
+	  gcx*)
+	    # Green Hills C++ Compiler
+	    _LT_TAGVAR(lt_prog_compiler_pic, $1)='-PIC'
+	    ;;
+	  *)
+	    ;;
+	esac
+	;;
+      sunos4*)
+	case $cc_basename in
+	  CC*)
+	    # Sun C++ 4.x
+	    _LT_TAGVAR(lt_prog_compiler_pic, $1)='-pic'
+	    _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
+	    ;;
+	  lcc*)
+	    # Lucid
+	    _LT_TAGVAR(lt_prog_compiler_pic, $1)='-pic'
+	    ;;
+	  *)
+	    ;;
+	esac
+	;;
+      sysv5* | unixware* | sco3.2v5* | sco5v6* | OpenUNIX*)
+	case $cc_basename in
+	  CC*)
+	    _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+	    _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC'
+	    _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
+	    ;;
+	esac
+	;;
+      tandem*)
+	case $cc_basename in
+	  NCC*)
+	    # NonStop-UX NCC 3.20
+	    _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC'
+	    ;;
+	  *)
+	    ;;
+	esac
+	;;
+      vxworks*)
+	;;
+      *)
+	_LT_TAGVAR(lt_prog_compiler_can_build_shared, $1)=no
+	;;
+    esac
+  fi
+],
+[
+  if test "$GCC" = yes; then
+    _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+    _LT_TAGVAR(lt_prog_compiler_static, $1)='-static'
+
+    case $host_os in
+      aix*)
+      # All AIX code is PIC.
+      if test "$host_cpu" = ia64; then
+	# AIX 5 now supports IA64 processor
+	_LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
+      fi
+      ;;
+
+    amigaos*)
+      case $host_cpu in
+      powerpc)
+            # see comment about AmigaOS4 .so support
+            _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC'
+        ;;
+      m68k)
+            # FIXME: we need at least 68020 code to build shared libraries, but
+            # adding the `-m68020' flag to GCC prevents building anything better,
+            # like `-m68040'.
+            _LT_TAGVAR(lt_prog_compiler_pic, $1)='-m68020 -resident32 -malways-restore-a4'
+        ;;
+      esac
+      ;;
+
+    beos* | irix5* | irix6* | nonstopux* | osf3* | osf4* | osf5*)
+      # PIC is the default for these OSes.
+      ;;
+
+    mingw* | cygwin* | pw32* | os2* | cegcc*)
+      # This hack is so that the source file can tell whether it is being
+      # built for inclusion in a dll (and should export symbols for example).
+      # Although the cygwin gcc ignores -fPIC, still need this for old-style
+      # (--disable-auto-import) libraries
+      m4_if([$1], [GCJ], [],
+	[_LT_TAGVAR(lt_prog_compiler_pic, $1)='-DDLL_EXPORT'])
+      ;;
+
+    darwin* | rhapsody*)
+      # PIC is the default on this platform
+      # Common symbols not allowed in MH_DYLIB files
+      _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fno-common'
+      ;;
+
+    haiku*)
+      # PIC is the default for Haiku.
+      # The "-static" flag exists, but is broken.
+      _LT_TAGVAR(lt_prog_compiler_static, $1)=
+      ;;
+
+    hpux*)
+      # PIC is the default for 64-bit PA HP-UX, but not for 32-bit
+      # PA HP-UX.  On IA64 HP-UX, PIC is the default but the pic flag
+      # sets the default TLS model and affects inlining.
+      case $host_cpu in
+      hppa*64*)
+	# +Z the default
+	;;
+      *)
+	_LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC'
+	;;
+      esac
+      ;;
+
+    interix[[3-9]]*)
+      # Interix 3.x gcc -fpic/-fPIC options generate broken code.
+      # Instead, we relocate shared libraries at runtime.
+      ;;
+
+    msdosdjgpp*)
+      # Just because we use GCC doesn't mean we suddenly get shared libraries
+      # on systems that don't support them.
+      _LT_TAGVAR(lt_prog_compiler_can_build_shared, $1)=no
+      enable_shared=no
+      ;;
+
+    *nto* | *qnx*)
+      # QNX uses GNU C++, but need to define -shared option too, otherwise
+      # it will coredump.
+      _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC -shared'
+      ;;
+
+    sysv4*MP*)
+      if test -d /usr/nec; then
+	_LT_TAGVAR(lt_prog_compiler_pic, $1)=-Kconform_pic
+      fi
+      ;;
+
+    *)
+      _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC'
+      ;;
+    esac
+
+    case $cc_basename in
+    nvcc*) # Cuda Compiler Driver 2.2
+      _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Xlinker '
+      if test -n "$_LT_TAGVAR(lt_prog_compiler_pic, $1)"; then
+        _LT_TAGVAR(lt_prog_compiler_pic, $1)="-Xcompiler $_LT_TAGVAR(lt_prog_compiler_pic, $1)"
+      fi
+      ;;
+    esac
+  else
+    # PORTME Check for flag to pass linker flags through the system compiler.
+    case $host_os in
+    aix*)
+      _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+      if test "$host_cpu" = ia64; then
+	# AIX 5 now supports IA64 processor
+	_LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
+      else
+	_LT_TAGVAR(lt_prog_compiler_static, $1)='-bnso -bI:/lib/syscalls.exp'
+      fi
+      ;;
+
+    mingw* | cygwin* | pw32* | os2* | cegcc*)
+      # This hack is so that the source file can tell whether it is being
+      # built for inclusion in a dll (and should export symbols for example).
+      m4_if([$1], [GCJ], [],
+	[_LT_TAGVAR(lt_prog_compiler_pic, $1)='-DDLL_EXPORT'])
+      ;;
+
+    hpux9* | hpux10* | hpux11*)
+      _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+      # PIC is the default for IA64 HP-UX and 64-bit HP-UX, but
+      # not for PA HP-UX.
+      case $host_cpu in
+      hppa*64*|ia64*)
+	# +Z the default
+	;;
+      *)
+	_LT_TAGVAR(lt_prog_compiler_pic, $1)='+Z'
+	;;
+      esac
+      # Is there a better lt_prog_compiler_static that works with the bundled CC?
+      _LT_TAGVAR(lt_prog_compiler_static, $1)='${wl}-a ${wl}archive'
+      ;;
+
+    irix5* | irix6* | nonstopux*)
+      _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+      # PIC (with -KPIC) is the default.
+      _LT_TAGVAR(lt_prog_compiler_static, $1)='-non_shared'
+      ;;
+
+    linux* | k*bsd*-gnu | kopensolaris*-gnu)
+      case $cc_basename in
+      # old Intel for x86_64 which still supported -KPIC.
+      ecc*)
+	_LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+	_LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC'
+	_LT_TAGVAR(lt_prog_compiler_static, $1)='-static'
+        ;;
+      # icc used to be incompatible with GCC.
+      # ICC 10 doesn't accept -KPIC any more.
+      icc* | ifort*)
+	_LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+	_LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC'
+	_LT_TAGVAR(lt_prog_compiler_static, $1)='-static'
+        ;;
+      # Lahey Fortran 8.1.
+      lf95*)
+	_LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+	_LT_TAGVAR(lt_prog_compiler_pic, $1)='--shared'
+	_LT_TAGVAR(lt_prog_compiler_static, $1)='--static'
+	;;
+      nagfor*)
+	# NAG Fortran compiler
+	_LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,-Wl,,'
+	_LT_TAGVAR(lt_prog_compiler_pic, $1)='-PIC'
+	_LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
+	;;
+      pgcc* | pgf77* | pgf90* | pgf95* | pgfortran*)
+        # Portland Group compilers (*not* the Pentium gcc compiler,
+	# which looks to be a dead project)
+	_LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+	_LT_TAGVAR(lt_prog_compiler_pic, $1)='-fpic'
+	_LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
+        ;;
+      ccc*)
+        _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+        # All Alpha code is PIC.
+        _LT_TAGVAR(lt_prog_compiler_static, $1)='-non_shared'
+        ;;
+      xl* | bgxl* | bgf* | mpixl*)
+	# IBM XL C 8.0/Fortran 10.1, 11.1 on PPC and BlueGene
+	_LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+	_LT_TAGVAR(lt_prog_compiler_pic, $1)='-qpic'
+	_LT_TAGVAR(lt_prog_compiler_static, $1)='-qstaticlink'
+	;;
+      *)
+	case `$CC -V 2>&1 | sed 5q` in
+	*Sun\ Ceres\ Fortran* | *Sun*Fortran*\ [[1-7]].* | *Sun*Fortran*\ 8.[[0-3]]*)
+	  # Sun Fortran 8.3 passes all unrecognized flags to the linker
+	  _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC'
+	  _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
+	  _LT_TAGVAR(lt_prog_compiler_wl, $1)=''
+	  ;;
+	*Sun\ F* | *Sun*Fortran*)
+	  _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC'
+	  _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
+	  _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Qoption ld '
+	  ;;
+	*Sun\ C*)
+	  # Sun C 5.9
+	  _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC'
+	  _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
+	  _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+	  ;;
+        *Intel*\ [[CF]]*Compiler*)
+	  _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+	  _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC'
+	  _LT_TAGVAR(lt_prog_compiler_static, $1)='-static'
+	  ;;
+	*Portland\ Group*)
+	  _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+	  _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fpic'
+	  _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
+	  ;;
+	esac
+	;;
+      esac
+      ;;
+
+    newsos6)
+      _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC'
+      _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
+      ;;
+
+    *nto* | *qnx*)
+      # QNX uses GNU C++, but need to define -shared option too, otherwise
+      # it will coredump.
+      _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC -shared'
+      ;;
+
+    osf3* | osf4* | osf5*)
+      _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+      # All OSF/1 code is PIC.
+      _LT_TAGVAR(lt_prog_compiler_static, $1)='-non_shared'
+      ;;
+
+    rdos*)
+      _LT_TAGVAR(lt_prog_compiler_static, $1)='-non_shared'
+      ;;
+
+    solaris*)
+      _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC'
+      _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
+      case $cc_basename in
+      f77* | f90* | f95* | sunf77* | sunf90* | sunf95*)
+	_LT_TAGVAR(lt_prog_compiler_wl, $1)='-Qoption ld ';;
+      *)
+	_LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,';;
+      esac
+      ;;
+
+    sunos4*)
+      _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Qoption ld '
+      _LT_TAGVAR(lt_prog_compiler_pic, $1)='-PIC'
+      _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
+      ;;
+
+    sysv4 | sysv4.2uw2* | sysv4.3*)
+      _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+      _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC'
+      _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
+      ;;
+
+    sysv4*MP*)
+      if test -d /usr/nec ;then
+	_LT_TAGVAR(lt_prog_compiler_pic, $1)='-Kconform_pic'
+	_LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
+      fi
+      ;;
+
+    sysv5* | unixware* | sco3.2v5* | sco5v6* | OpenUNIX*)
+      _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+      _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC'
+      _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
+      ;;
+
+    unicos*)
+      _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+      _LT_TAGVAR(lt_prog_compiler_can_build_shared, $1)=no
+      ;;
+
+    uts4*)
+      _LT_TAGVAR(lt_prog_compiler_pic, $1)='-pic'
+      _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
+      ;;
+
+    *)
+      _LT_TAGVAR(lt_prog_compiler_can_build_shared, $1)=no
+      ;;
+    esac
+  fi
+])
+case $host_os in
+  # For platforms which do not support PIC, -DPIC is meaningless:
+  *djgpp*)
+    _LT_TAGVAR(lt_prog_compiler_pic, $1)=
+    ;;
+  *)
+    _LT_TAGVAR(lt_prog_compiler_pic, $1)="$_LT_TAGVAR(lt_prog_compiler_pic, $1)@&t@m4_if([$1],[],[ -DPIC],[m4_if([$1],[CXX],[ -DPIC],[])])"
+    ;;
+esac
+
+AC_CACHE_CHECK([for $compiler option to produce PIC],
+  [_LT_TAGVAR(lt_cv_prog_compiler_pic, $1)],
+  [_LT_TAGVAR(lt_cv_prog_compiler_pic, $1)=$_LT_TAGVAR(lt_prog_compiler_pic, $1)])
+_LT_TAGVAR(lt_prog_compiler_pic, $1)=$_LT_TAGVAR(lt_cv_prog_compiler_pic, $1)
+
+#
+# Check to make sure the PIC flag actually works.
+#
+if test -n "$_LT_TAGVAR(lt_prog_compiler_pic, $1)"; then
+  _LT_COMPILER_OPTION([if $compiler PIC flag $_LT_TAGVAR(lt_prog_compiler_pic, $1) works],
+    [_LT_TAGVAR(lt_cv_prog_compiler_pic_works, $1)],
+    [$_LT_TAGVAR(lt_prog_compiler_pic, $1)@&t@m4_if([$1],[],[ -DPIC],[m4_if([$1],[CXX],[ -DPIC],[])])], [],
+    [case $_LT_TAGVAR(lt_prog_compiler_pic, $1) in
+     "" | " "*) ;;
+     *) _LT_TAGVAR(lt_prog_compiler_pic, $1)=" $_LT_TAGVAR(lt_prog_compiler_pic, $1)" ;;
+     esac],
+    [_LT_TAGVAR(lt_prog_compiler_pic, $1)=
+     _LT_TAGVAR(lt_prog_compiler_can_build_shared, $1)=no])
+fi
+_LT_TAGDECL([pic_flag], [lt_prog_compiler_pic], [1],
+	[Additional compiler flags for building library objects])
+
+_LT_TAGDECL([wl], [lt_prog_compiler_wl], [1],
+	[How to pass a linker flag through the compiler])
+#
+# Check to make sure the static flag actually works.
+#
+wl=$_LT_TAGVAR(lt_prog_compiler_wl, $1) eval lt_tmp_static_flag=\"$_LT_TAGVAR(lt_prog_compiler_static, $1)\"
+_LT_LINKER_OPTION([if $compiler static flag $lt_tmp_static_flag works],
+  _LT_TAGVAR(lt_cv_prog_compiler_static_works, $1),
+  $lt_tmp_static_flag,
+  [],
+  [_LT_TAGVAR(lt_prog_compiler_static, $1)=])
+_LT_TAGDECL([link_static_flag], [lt_prog_compiler_static], [1],
+	[Compiler flag to prevent dynamic linking])
+])# _LT_COMPILER_PIC
+
+
+# _LT_LINKER_SHLIBS([TAGNAME])
+# ----------------------------
+# See if the linker supports building shared libraries.
+m4_defun([_LT_LINKER_SHLIBS],
+[AC_REQUIRE([LT_PATH_LD])dnl
+AC_REQUIRE([LT_PATH_NM])dnl
+m4_require([_LT_PATH_MANIFEST_TOOL])dnl
+m4_require([_LT_FILEUTILS_DEFAULTS])dnl
+m4_require([_LT_DECL_EGREP])dnl
+m4_require([_LT_DECL_SED])dnl
+m4_require([_LT_CMD_GLOBAL_SYMBOLS])dnl
+m4_require([_LT_TAG_COMPILER])dnl
+AC_MSG_CHECKING([whether the $compiler linker ($LD) supports shared libraries])
+m4_if([$1], [CXX], [
+  _LT_TAGVAR(export_symbols_cmds, $1)='$NM $libobjs $convenience | $global_symbol_pipe | $SED '\''s/.* //'\'' | sort | uniq > $export_symbols'
+  _LT_TAGVAR(exclude_expsyms, $1)=['_GLOBAL_OFFSET_TABLE_|_GLOBAL__F[ID]_.*']
+  case $host_os in
+  aix[[4-9]]*)
+    # If we're using GNU nm, then we don't want the "-C" option.
+    # -C means demangle to AIX nm, but means don't demangle with GNU nm
+    # Also, AIX nm treats weak defined symbols like other global defined
+    # symbols, whereas GNU nm marks them as "W".
+    if $NM -V 2>&1 | $GREP 'GNU' > /dev/null; then
+      _LT_TAGVAR(export_symbols_cmds, $1)='$NM -Bpg $libobjs $convenience | awk '\''{ if (((\$ 2 == "T") || (\$ 2 == "D") || (\$ 2 == "B") || (\$ 2 == "W")) && ([substr](\$ 3,1,1) != ".")) { print \$ 3 } }'\'' | sort -u > $export_symbols'
+    else
+      _LT_TAGVAR(export_symbols_cmds, $1)='$NM -BCpg $libobjs $convenience | awk '\''{ if (((\$ 2 == "T") || (\$ 2 == "D") || (\$ 2 == "B")) && ([substr](\$ 3,1,1) != ".")) { print \$ 3 } }'\'' | sort -u > $export_symbols'
+    fi
+    ;;
+  pw32*)
+    _LT_TAGVAR(export_symbols_cmds, $1)="$ltdll_cmds"
+    ;;
+  cygwin* | mingw* | cegcc*)
+    case $cc_basename in
+    cl*)
+      _LT_TAGVAR(exclude_expsyms, $1)='_NULL_IMPORT_DESCRIPTOR|_IMPORT_DESCRIPTOR_.*'
+      ;;
+    *)
+      _LT_TAGVAR(export_symbols_cmds, $1)='$NM $libobjs $convenience | $global_symbol_pipe | $SED -e '\''/^[[BCDGRS]][[ ]]/s/.*[[ ]]\([[^ ]]*\)/\1 DATA/;s/^.*[[ ]]__nm__\([[^ ]]*\)[[ ]][[^ ]]*/\1 DATA/;/^I[[ ]]/d;/^[[AITW]][[ ]]/s/.* //'\'' | sort | uniq > $export_symbols'
+      _LT_TAGVAR(exclude_expsyms, $1)=['[_]+GLOBAL_OFFSET_TABLE_|[_]+GLOBAL__[FID]_.*|[_]+head_[A-Za-z0-9_]+_dll|[A-Za-z0-9_]+_dll_iname']
+      ;;
+    esac
+    ;;
+  *)
+    _LT_TAGVAR(export_symbols_cmds, $1)='$NM $libobjs $convenience | $global_symbol_pipe | $SED '\''s/.* //'\'' | sort | uniq > $export_symbols'
+    ;;
+  esac
+], [
+  runpath_var=
+  _LT_TAGVAR(allow_undefined_flag, $1)=
+  _LT_TAGVAR(always_export_symbols, $1)=no
+  _LT_TAGVAR(archive_cmds, $1)=
+  _LT_TAGVAR(archive_expsym_cmds, $1)=
+  _LT_TAGVAR(compiler_needs_object, $1)=no
+  _LT_TAGVAR(enable_shared_with_static_runtimes, $1)=no
+  _LT_TAGVAR(export_dynamic_flag_spec, $1)=
+  _LT_TAGVAR(export_symbols_cmds, $1)='$NM $libobjs $convenience | $global_symbol_pipe | $SED '\''s/.* //'\'' | sort | uniq > $export_symbols'
+  _LT_TAGVAR(hardcode_automatic, $1)=no
+  _LT_TAGVAR(hardcode_direct, $1)=no
+  _LT_TAGVAR(hardcode_direct_absolute, $1)=no
+  _LT_TAGVAR(hardcode_libdir_flag_spec, $1)=
+  _LT_TAGVAR(hardcode_libdir_separator, $1)=
+  _LT_TAGVAR(hardcode_minus_L, $1)=no
+  _LT_TAGVAR(hardcode_shlibpath_var, $1)=unsupported
+  _LT_TAGVAR(inherit_rpath, $1)=no
+  _LT_TAGVAR(link_all_deplibs, $1)=unknown
+  _LT_TAGVAR(module_cmds, $1)=
+  _LT_TAGVAR(module_expsym_cmds, $1)=
+  _LT_TAGVAR(old_archive_from_new_cmds, $1)=
+  _LT_TAGVAR(old_archive_from_expsyms_cmds, $1)=
+  _LT_TAGVAR(thread_safe_flag_spec, $1)=
+  _LT_TAGVAR(whole_archive_flag_spec, $1)=
+  # include_expsyms should be a list of space-separated symbols to be *always*
+  # included in the symbol list
+  _LT_TAGVAR(include_expsyms, $1)=
+  # exclude_expsyms can be an extended regexp of symbols to exclude
+  # it will be wrapped by ` (' and `)$', so one must not match beginning or
+  # end of line.  Example: `a|bc|.*d.*' will exclude the symbols `a' and `bc',
+  # as well as any symbol that contains `d'.
+  _LT_TAGVAR(exclude_expsyms, $1)=['_GLOBAL_OFFSET_TABLE_|_GLOBAL__F[ID]_.*']
+  # Although _GLOBAL_OFFSET_TABLE_ is a valid symbol C name, most a.out
+  # platforms (ab)use it in PIC code, but their linkers get confused if
+  # the symbol is explicitly referenced.  Since portable code cannot
+  # rely on this symbol name, it's probably fine to never include it in
+  # preloaded symbol tables.
+  # Exclude shared library initialization/finalization symbols.
+dnl Note also adjust exclude_expsyms for C++ above.
+  extract_expsyms_cmds=
+
+  case $host_os in
+  cygwin* | mingw* | pw32* | cegcc*)
+    # FIXME: the MSVC++ port hasn't been tested in a loooong time
+    # When not using gcc, we currently assume that we are using
+    # Microsoft Visual C++.
+    if test "$GCC" != yes; then
+      with_gnu_ld=no
+    fi
+    ;;
+  interix*)
+    # we just hope/assume this is gcc and not c89 (= MSVC++)
+    with_gnu_ld=yes
+    ;;
+  openbsd*)
+    with_gnu_ld=no
+    ;;
+  esac
+
+  _LT_TAGVAR(ld_shlibs, $1)=yes
+
+  # On some targets, GNU ld is compatible enough with the native linker
+  # that we're better off using the native interface for both.
+  lt_use_gnu_ld_interface=no
+  if test "$with_gnu_ld" = yes; then
+    case $host_os in
+      aix*)
+	# The AIX port of GNU ld has always aspired to compatibility
+	# with the native linker.  However, as the warning in the GNU ld
+	# block says, versions before 2.19.5* couldn't really create working
+	# shared libraries, regardless of the interface used.
+	case `$LD -v 2>&1` in
+	  *\ \(GNU\ Binutils\)\ 2.19.5*) ;;
+	  *\ \(GNU\ Binutils\)\ 2.[[2-9]]*) ;;
+	  *\ \(GNU\ Binutils\)\ [[3-9]]*) ;;
+	  *)
+	    lt_use_gnu_ld_interface=yes
+	    ;;
+	esac
+	;;
+      *)
+	lt_use_gnu_ld_interface=yes
+	;;
+    esac
+  fi
+
+  if test "$lt_use_gnu_ld_interface" = yes; then
+    # If archive_cmds runs LD, not CC, wlarc should be empty
+    wlarc='${wl}'
+
+    # Set some defaults for GNU ld with shared library support. These
+    # are reset later if shared libraries are not supported. Putting them
+    # here allows them to be overridden if necessary.
+    runpath_var=LD_RUN_PATH
+    _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir'
+    _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}--export-dynamic'
+    # ancient GNU ld didn't support --whole-archive et. al.
+    if $LD --help 2>&1 | $GREP 'no-whole-archive' > /dev/null; then
+      _LT_TAGVAR(whole_archive_flag_spec, $1)="$wlarc"'--whole-archive$convenience '"$wlarc"'--no-whole-archive'
+    else
+      _LT_TAGVAR(whole_archive_flag_spec, $1)=
+    fi
+    supports_anon_versioning=no
+    case `$LD -v 2>&1` in
+      *GNU\ gold*) supports_anon_versioning=yes ;;
+      *\ [[01]].* | *\ 2.[[0-9]].* | *\ 2.10.*) ;; # catch versions < 2.11
+      *\ 2.11.93.0.2\ *) supports_anon_versioning=yes ;; # RH7.3 ...
+      *\ 2.11.92.0.12\ *) supports_anon_versioning=yes ;; # Mandrake 8.2 ...
+      *\ 2.11.*) ;; # other 2.11 versions
+      *) supports_anon_versioning=yes ;;
+    esac
+
+    # See if GNU ld supports shared libraries.
+    case $host_os in
+    aix[[3-9]]*)
+      # On AIX/PPC, the GNU linker is very broken
+      if test "$host_cpu" != ia64; then
+	_LT_TAGVAR(ld_shlibs, $1)=no
+	cat <<_LT_EOF 1>&2
+
+*** Warning: the GNU linker, at least up to release 2.19, is reported
+*** to be unable to reliably create shared libraries on AIX.
+*** Therefore, libtool is disabling shared libraries support.  If you
+*** really care for shared libraries, you may want to install binutils
+*** 2.20 or above, or modify your PATH so that a non-GNU linker is found.
+*** You will then need to restart the configuration process.
+
+_LT_EOF
+      fi
+      ;;
+
+    amigaos*)
+      case $host_cpu in
+      powerpc)
+            # see comment about AmigaOS4 .so support
+            _LT_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
+            _LT_TAGVAR(archive_expsym_cmds, $1)=''
+        ;;
+      m68k)
+            _LT_TAGVAR(archive_cmds, $1)='$RM $output_objdir/a2ixlibrary.data~$ECHO "#define NAME $libname" > $output_objdir/a2ixlibrary.data~$ECHO "#define LIBRARY_ID 1" >> $output_objdir/a2ixlibrary.data~$ECHO "#define VERSION $major" >> $output_objdir/a2ixlibrary.data~$ECHO "#define REVISION $revision" >> $output_objdir/a2ixlibrary.data~$AR $AR_FLAGS $lib $libobjs~$RANLIB $lib~(cd $output_objdir && a2ixlibrary -32)'
+            _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir'
+            _LT_TAGVAR(hardcode_minus_L, $1)=yes
+        ;;
+      esac
+      ;;
+
+    beos*)
+      if $LD --help 2>&1 | $GREP ': supported targets:.* elf' > /dev/null; then
+	_LT_TAGVAR(allow_undefined_flag, $1)=unsupported
+	# Joseph Beckenbach  says some releases of gcc
+	# support --undefined.  This deserves some investigation.  FIXME
+	_LT_TAGVAR(archive_cmds, $1)='$CC -nostart $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
+      else
+	_LT_TAGVAR(ld_shlibs, $1)=no
+      fi
+      ;;
+
+    cygwin* | mingw* | pw32* | cegcc*)
+      # _LT_TAGVAR(hardcode_libdir_flag_spec, $1) is actually meaningless,
+      # as there is no search path for DLLs.
+      _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir'
+      _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}--export-all-symbols'
+      _LT_TAGVAR(allow_undefined_flag, $1)=unsupported
+      _LT_TAGVAR(always_export_symbols, $1)=no
+      _LT_TAGVAR(enable_shared_with_static_runtimes, $1)=yes
+      _LT_TAGVAR(export_symbols_cmds, $1)='$NM $libobjs $convenience | $global_symbol_pipe | $SED -e '\''/^[[BCDGRS]][[ ]]/s/.*[[ ]]\([[^ ]]*\)/\1 DATA/;s/^.*[[ ]]__nm__\([[^ ]]*\)[[ ]][[^ ]]*/\1 DATA/;/^I[[ ]]/d;/^[[AITW]][[ ]]/s/.* //'\'' | sort | uniq > $export_symbols'
+      _LT_TAGVAR(exclude_expsyms, $1)=['[_]+GLOBAL_OFFSET_TABLE_|[_]+GLOBAL__[FID]_.*|[_]+head_[A-Za-z0-9_]+_dll|[A-Za-z0-9_]+_dll_iname']
+
+      if $LD --help 2>&1 | $GREP 'auto-import' > /dev/null; then
+        _LT_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags -o $output_objdir/$soname ${wl}--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib'
+	# If the export-symbols file already is a .def file (1st line
+	# is EXPORTS), use it as is; otherwise, prepend...
+	_LT_TAGVAR(archive_expsym_cmds, $1)='if test "x`$SED 1q $export_symbols`" = xEXPORTS; then
+	  cp $export_symbols $output_objdir/$soname.def;
+	else
+	  echo EXPORTS > $output_objdir/$soname.def;
+	  cat $export_symbols >> $output_objdir/$soname.def;
+	fi~
+	$CC -shared $output_objdir/$soname.def $libobjs $deplibs $compiler_flags -o $output_objdir/$soname ${wl}--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib'
+      else
+	_LT_TAGVAR(ld_shlibs, $1)=no
+      fi
+      ;;
+
+    haiku*)
+      _LT_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
+      _LT_TAGVAR(link_all_deplibs, $1)=yes
+      ;;
+
+    interix[[3-9]]*)
+      _LT_TAGVAR(hardcode_direct, $1)=no
+      _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
+      _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath,$libdir'
+      _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-E'
+      # Hack: On Interix 3.x, we cannot compile PIC because of a broken gcc.
+      # Instead, shared libraries are loaded at an image base (0x10000000 by
+      # default) and relocated if they conflict, which is a slow very memory
+      # consuming and fragmenting process.  To avoid this, we pick a random,
+      # 256 KiB-aligned image base between 0x50000000 and 0x6FFC0000 at link
+      # time.  Moving up from 0x10000000 also allows more sbrk(2) space.
+      _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-h,$soname ${wl}--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib'
+      _LT_TAGVAR(archive_expsym_cmds, $1)='sed "s,^,_," $export_symbols >$output_objdir/$soname.expsym~$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-h,$soname ${wl}--retain-symbols-file,$output_objdir/$soname.expsym ${wl}--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib'
+      ;;
+
+    gnu* | linux* | tpf* | k*bsd*-gnu | kopensolaris*-gnu)
+      tmp_diet=no
+      if test "$host_os" = linux-dietlibc; then
+	case $cc_basename in
+	  diet\ *) tmp_diet=yes;;	# linux-dietlibc with static linking (!diet-dyn)
+	esac
+      fi
+      if $LD --help 2>&1 | $EGREP ': supported targets:.* elf' > /dev/null \
+	 && test "$tmp_diet" = no
+      then
+	tmp_addflag=' $pic_flag'
+	tmp_sharedflag='-shared'
+	case $cc_basename,$host_cpu in
+        pgcc*)				# Portland Group C compiler
+	  _LT_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive`for conv in $convenience\"\"; do test  -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; func_echo_all \"$new_convenience\"` ${wl}--no-whole-archive'
+	  tmp_addflag=' $pic_flag'
+	  ;;
+	pgf77* | pgf90* | pgf95* | pgfortran*)
+					# Portland Group f77 and f90 compilers
+	  _LT_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive`for conv in $convenience\"\"; do test  -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; func_echo_all \"$new_convenience\"` ${wl}--no-whole-archive'
+	  tmp_addflag=' $pic_flag -Mnomain' ;;
+	ecc*,ia64* | icc*,ia64*)	# Intel C compiler on ia64
+	  tmp_addflag=' -i_dynamic' ;;
+	efc*,ia64* | ifort*,ia64*)	# Intel Fortran compiler on ia64
+	  tmp_addflag=' -i_dynamic -nofor_main' ;;
+	ifc* | ifort*)			# Intel Fortran compiler
+	  tmp_addflag=' -nofor_main' ;;
+	lf95*)				# Lahey Fortran 8.1
+	  _LT_TAGVAR(whole_archive_flag_spec, $1)=
+	  tmp_sharedflag='--shared' ;;
+	xl[[cC]]* | bgxl[[cC]]* | mpixl[[cC]]*) # IBM XL C 8.0 on PPC (deal with xlf below)
+	  tmp_sharedflag='-qmkshrobj'
+	  tmp_addflag= ;;
+	nvcc*)	# Cuda Compiler Driver 2.2
+	  _LT_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive`for conv in $convenience\"\"; do test  -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; func_echo_all \"$new_convenience\"` ${wl}--no-whole-archive'
+	  _LT_TAGVAR(compiler_needs_object, $1)=yes
+	  ;;
+	esac
+	case `$CC -V 2>&1 | sed 5q` in
+	*Sun\ C*)			# Sun C 5.9
+	  _LT_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive`new_convenience=; for conv in $convenience\"\"; do test -z \"$conv\" || new_convenience=\"$new_convenience,$conv\"; done; func_echo_all \"$new_convenience\"` ${wl}--no-whole-archive'
+	  _LT_TAGVAR(compiler_needs_object, $1)=yes
+	  tmp_sharedflag='-G' ;;
+	*Sun\ F*)			# Sun Fortran 8.3
+	  tmp_sharedflag='-G' ;;
+	esac
+	_LT_TAGVAR(archive_cmds, $1)='$CC '"$tmp_sharedflag""$tmp_addflag"' $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
+
+        if test "x$supports_anon_versioning" = xyes; then
+          _LT_TAGVAR(archive_expsym_cmds, $1)='echo "{ global:" > $output_objdir/$libname.ver~
+	    cat $export_symbols | sed -e "s/\(.*\)/\1;/" >> $output_objdir/$libname.ver~
+	    echo "local: *; };" >> $output_objdir/$libname.ver~
+	    $CC '"$tmp_sharedflag""$tmp_addflag"' $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-version-script ${wl}$output_objdir/$libname.ver -o $lib'
+        fi
+
+	case $cc_basename in
+	xlf* | bgf* | bgxlf* | mpixlf*)
+	  # IBM XL Fortran 10.1 on PPC cannot create shared libs itself
+	  _LT_TAGVAR(whole_archive_flag_spec, $1)='--whole-archive$convenience --no-whole-archive'
+	  _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir'
+	  _LT_TAGVAR(archive_cmds, $1)='$LD -shared $libobjs $deplibs $linker_flags -soname $soname -o $lib'
+	  if test "x$supports_anon_versioning" = xyes; then
+	    _LT_TAGVAR(archive_expsym_cmds, $1)='echo "{ global:" > $output_objdir/$libname.ver~
+	      cat $export_symbols | sed -e "s/\(.*\)/\1;/" >> $output_objdir/$libname.ver~
+	      echo "local: *; };" >> $output_objdir/$libname.ver~
+	      $LD -shared $libobjs $deplibs $linker_flags -soname $soname -version-script $output_objdir/$libname.ver -o $lib'
+	  fi
+	  ;;
+	esac
+      else
+        _LT_TAGVAR(ld_shlibs, $1)=no
+      fi
+      ;;
+
+    netbsd*)
+      if echo __ELF__ | $CC -E - | $GREP __ELF__ >/dev/null; then
+	_LT_TAGVAR(archive_cmds, $1)='$LD -Bshareable $libobjs $deplibs $linker_flags -o $lib'
+	wlarc=
+      else
+	_LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
+	_LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib'
+      fi
+      ;;
+
+    solaris*)
+      if $LD -v 2>&1 | $GREP 'BFD 2\.8' > /dev/null; then
+	_LT_TAGVAR(ld_shlibs, $1)=no
+	cat <<_LT_EOF 1>&2
+
+*** Warning: The releases 2.8.* of the GNU linker cannot reliably
+*** create shared libraries on Solaris systems.  Therefore, libtool
+*** is disabling shared libraries support.  We urge you to upgrade GNU
+*** binutils to release 2.9.1 or newer.  Another option is to modify
+*** your PATH or compiler configuration so that the native linker is
+*** used, and then restart.
+
+_LT_EOF
+      elif $LD --help 2>&1 | $GREP ': supported targets:.* elf' > /dev/null; then
+	_LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
+	_LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib'
+      else
+	_LT_TAGVAR(ld_shlibs, $1)=no
+      fi
+      ;;
+
+    sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX*)
+      case `$LD -v 2>&1` in
+        *\ [[01]].* | *\ 2.[[0-9]].* | *\ 2.1[[0-5]].*)
+	_LT_TAGVAR(ld_shlibs, $1)=no
+	cat <<_LT_EOF 1>&2
+
+*** Warning: Releases of the GNU linker prior to 2.16.91.0.3 can not
+*** reliably create shared libraries on SCO systems.  Therefore, libtool
+*** is disabling shared libraries support.  We urge you to upgrade GNU
+*** binutils to release 2.16.91.0.3 or newer.  Another option is to modify
+*** your PATH or compiler configuration so that the native linker is
+*** used, and then restart.
+
+_LT_EOF
+	;;
+	*)
+	  # For security reasons, it is highly recommended that you always
+	  # use absolute paths for naming shared libraries, and exclude the
+	  # DT_RUNPATH tag from executables and libraries.  But doing so
+	  # requires that you compile everything twice, which is a pain.
+	  if $LD --help 2>&1 | $GREP ': supported targets:.* elf' > /dev/null; then
+	    _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir'
+	    _LT_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
+	    _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib'
+	  else
+	    _LT_TAGVAR(ld_shlibs, $1)=no
+	  fi
+	;;
+      esac
+      ;;
+
+    sunos4*)
+      _LT_TAGVAR(archive_cmds, $1)='$LD -assert pure-text -Bshareable -o $lib $libobjs $deplibs $linker_flags'
+      wlarc=
+      _LT_TAGVAR(hardcode_direct, $1)=yes
+      _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
+      ;;
+
+    *)
+      if $LD --help 2>&1 | $GREP ': supported targets:.* elf' > /dev/null; then
+	_LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
+	_LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib'
+      else
+	_LT_TAGVAR(ld_shlibs, $1)=no
+      fi
+      ;;
+    esac
+
+    if test "$_LT_TAGVAR(ld_shlibs, $1)" = no; then
+      runpath_var=
+      _LT_TAGVAR(hardcode_libdir_flag_spec, $1)=
+      _LT_TAGVAR(export_dynamic_flag_spec, $1)=
+      _LT_TAGVAR(whole_archive_flag_spec, $1)=
+    fi
+  else
+    # PORTME fill in a description of your system's linker (not GNU ld)
+    case $host_os in
+    aix3*)
+      _LT_TAGVAR(allow_undefined_flag, $1)=unsupported
+      _LT_TAGVAR(always_export_symbols, $1)=yes
+      _LT_TAGVAR(archive_expsym_cmds, $1)='$LD -o $output_objdir/$soname $libobjs $deplibs $linker_flags -bE:$export_symbols -T512 -H512 -bM:SRE~$AR $AR_FLAGS $lib $output_objdir/$soname'
+      # Note: this linker hardcodes the directories in LIBPATH if there
+      # are no directories specified by -L.
+      _LT_TAGVAR(hardcode_minus_L, $1)=yes
+      if test "$GCC" = yes && test -z "$lt_prog_compiler_static"; then
+	# Neither direct hardcoding nor static linking is supported with a
+	# broken collect2.
+	_LT_TAGVAR(hardcode_direct, $1)=unsupported
+      fi
+      ;;
+
+    aix[[4-9]]*)
+      if test "$host_cpu" = ia64; then
+	# On IA64, the linker does run time linking by default, so we don't
+	# have to do anything special.
+	aix_use_runtimelinking=no
+	exp_sym_flag='-Bexport'
+	no_entry_flag=""
+      else
+	# If we're using GNU nm, then we don't want the "-C" option.
+	# -C means demangle to AIX nm, but means don't demangle with GNU nm
+	# Also, AIX nm treats weak defined symbols like other global
+	# defined symbols, whereas GNU nm marks them as "W".
+	if $NM -V 2>&1 | $GREP 'GNU' > /dev/null; then
+	  _LT_TAGVAR(export_symbols_cmds, $1)='$NM -Bpg $libobjs $convenience | awk '\''{ if (((\$ 2 == "T") || (\$ 2 == "D") || (\$ 2 == "B") || (\$ 2 == "W")) && ([substr](\$ 3,1,1) != ".")) { print \$ 3 } }'\'' | sort -u > $export_symbols'
+	else
+	  _LT_TAGVAR(export_symbols_cmds, $1)='$NM -BCpg $libobjs $convenience | awk '\''{ if (((\$ 2 == "T") || (\$ 2 == "D") || (\$ 2 == "B")) && ([substr](\$ 3,1,1) != ".")) { print \$ 3 } }'\'' | sort -u > $export_symbols'
+	fi
+	aix_use_runtimelinking=no
+
+	# Test if we are trying to use run time linking or normal
+	# AIX style linking. If -brtl is somewhere in LDFLAGS, we
+	# need to do runtime linking.
+	case $host_os in aix4.[[23]]|aix4.[[23]].*|aix[[5-9]]*)
+	  for ld_flag in $LDFLAGS; do
+	  if (test $ld_flag = "-brtl" || test $ld_flag = "-Wl,-brtl"); then
+	    aix_use_runtimelinking=yes
+	    break
+	  fi
+	  done
+	  ;;
+	esac
+
+	exp_sym_flag='-bexport'
+	no_entry_flag='-bnoentry'
+      fi
+
+      # When large executables or shared objects are built, AIX ld can
+      # have problems creating the table of contents.  If linking a library
+      # or program results in "error TOC overflow" add -mminimal-toc to
+      # CXXFLAGS/CFLAGS for g++/gcc.  In the cases where that is not
+      # enough to fix the problem, add -Wl,-bbigtoc to LDFLAGS.
+
+      _LT_TAGVAR(archive_cmds, $1)=''
+      _LT_TAGVAR(hardcode_direct, $1)=yes
+      _LT_TAGVAR(hardcode_direct_absolute, $1)=yes
+      _LT_TAGVAR(hardcode_libdir_separator, $1)=':'
+      _LT_TAGVAR(link_all_deplibs, $1)=yes
+      _LT_TAGVAR(file_list_spec, $1)='${wl}-f,'
+
+      if test "$GCC" = yes; then
+	case $host_os in aix4.[[012]]|aix4.[[012]].*)
+	# We only want to do this on AIX 4.2 and lower, the check
+	# below for broken collect2 doesn't work under 4.3+
+	  collect2name=`${CC} -print-prog-name=collect2`
+	  if test -f "$collect2name" &&
+	   strings "$collect2name" | $GREP resolve_lib_name >/dev/null
+	  then
+	  # We have reworked collect2
+	  :
+	  else
+	  # We have old collect2
+	  _LT_TAGVAR(hardcode_direct, $1)=unsupported
+	  # It fails to find uninstalled libraries when the uninstalled
+	  # path is not listed in the libpath.  Setting hardcode_minus_L
+	  # to unsupported forces relinking
+	  _LT_TAGVAR(hardcode_minus_L, $1)=yes
+	  _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir'
+	  _LT_TAGVAR(hardcode_libdir_separator, $1)=
+	  fi
+	  ;;
+	esac
+	shared_flag='-shared'
+	if test "$aix_use_runtimelinking" = yes; then
+	  shared_flag="$shared_flag "'${wl}-G'
+	fi
+      else
+	# not using gcc
+	if test "$host_cpu" = ia64; then
+	# VisualAge C++, Version 5.5 for AIX 5L for IA-64, Beta 3 Release
+	# chokes on -Wl,-G. The following line is correct:
+	  shared_flag='-G'
+	else
+	  if test "$aix_use_runtimelinking" = yes; then
+	    shared_flag='${wl}-G'
+	  else
+	    shared_flag='${wl}-bM:SRE'
+	  fi
+	fi
+      fi
+
+      _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-bexpall'
+      # It seems that -bexpall does not export symbols beginning with
+      # underscore (_), so it is better to generate a list of symbols to export.
+      _LT_TAGVAR(always_export_symbols, $1)=yes
+      if test "$aix_use_runtimelinking" = yes; then
+	# Warning - without using the other runtime loading flags (-brtl),
+	# -berok will link without error, but may produce a broken library.
+	_LT_TAGVAR(allow_undefined_flag, $1)='-berok'
+        # Determine the default libpath from the value encoded in an
+        # empty executable.
+        _LT_SYS_MODULE_PATH_AIX([$1])
+        _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-blibpath:$libdir:'"$aix_libpath"
+        _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -o $output_objdir/$soname $libobjs $deplibs '"\${wl}$no_entry_flag"' $compiler_flags `if test "x${allow_undefined_flag}" != "x"; then func_echo_all "${wl}${allow_undefined_flag}"; else :; fi` '"\${wl}$exp_sym_flag:\$export_symbols $shared_flag"
+      else
+	if test "$host_cpu" = ia64; then
+	  _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-R $libdir:/usr/lib:/lib'
+	  _LT_TAGVAR(allow_undefined_flag, $1)="-z nodefs"
+	  _LT_TAGVAR(archive_expsym_cmds, $1)="\$CC $shared_flag"' -o $output_objdir/$soname $libobjs $deplibs '"\${wl}$no_entry_flag"' $compiler_flags ${wl}${allow_undefined_flag} '"\${wl}$exp_sym_flag:\$export_symbols"
+	else
+	 # Determine the default libpath from the value encoded in an
+	 # empty executable.
+	 _LT_SYS_MODULE_PATH_AIX([$1])
+	 _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-blibpath:$libdir:'"$aix_libpath"
+	  # Warning - without using the other run time loading flags,
+	  # -berok will link without error, but may produce a broken library.
+	  _LT_TAGVAR(no_undefined_flag, $1)=' ${wl}-bernotok'
+	  _LT_TAGVAR(allow_undefined_flag, $1)=' ${wl}-berok'
+	  if test "$with_gnu_ld" = yes; then
+	    # We only use this code for GNU lds that support --whole-archive.
+	    _LT_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive$convenience ${wl}--no-whole-archive'
+	  else
+	    # Exported symbols can be pulled into shared objects from archives
+	    _LT_TAGVAR(whole_archive_flag_spec, $1)='$convenience'
+	  fi
+	  _LT_TAGVAR(archive_cmds_need_lc, $1)=yes
+	  # This is similar to how AIX traditionally builds its shared libraries.
+	  _LT_TAGVAR(archive_expsym_cmds, $1)="\$CC $shared_flag"' -o $output_objdir/$soname $libobjs $deplibs ${wl}-bnoentry $compiler_flags ${wl}-bE:$export_symbols${allow_undefined_flag}~$AR $AR_FLAGS $output_objdir/$libname$release.a $output_objdir/$soname'
+	fi
+      fi
+      ;;
+
+    amigaos*)
+      case $host_cpu in
+      powerpc)
+            # see comment about AmigaOS4 .so support
+            _LT_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
+            _LT_TAGVAR(archive_expsym_cmds, $1)=''
+        ;;
+      m68k)
+            _LT_TAGVAR(archive_cmds, $1)='$RM $output_objdir/a2ixlibrary.data~$ECHO "#define NAME $libname" > $output_objdir/a2ixlibrary.data~$ECHO "#define LIBRARY_ID 1" >> $output_objdir/a2ixlibrary.data~$ECHO "#define VERSION $major" >> $output_objdir/a2ixlibrary.data~$ECHO "#define REVISION $revision" >> $output_objdir/a2ixlibrary.data~$AR $AR_FLAGS $lib $libobjs~$RANLIB $lib~(cd $output_objdir && a2ixlibrary -32)'
+            _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir'
+            _LT_TAGVAR(hardcode_minus_L, $1)=yes
+        ;;
+      esac
+      ;;
+
+    bsdi[[45]]*)
+      _LT_TAGVAR(export_dynamic_flag_spec, $1)=-rdynamic
+      ;;
+
+    cygwin* | mingw* | pw32* | cegcc*)
+      # When not using gcc, we currently assume that we are using
+      # Microsoft Visual C++.
+      # hardcode_libdir_flag_spec is actually meaningless, as there is
+      # no search path for DLLs.
+      case $cc_basename in
+      cl*)
+	# Native MSVC
+	_LT_TAGVAR(hardcode_libdir_flag_spec, $1)=' '
+	_LT_TAGVAR(allow_undefined_flag, $1)=unsupported
+	_LT_TAGVAR(always_export_symbols, $1)=yes
+	_LT_TAGVAR(file_list_spec, $1)='@'
+	# Tell ltmain to make .lib files, not .a files.
+	libext=lib
+	# Tell ltmain to make .dll files, not .so files.
+	shrext_cmds=".dll"
+	# FIXME: Setting linknames here is a bad hack.
+	_LT_TAGVAR(archive_cmds, $1)='$CC -o $output_objdir/$soname $libobjs $compiler_flags $deplibs -Wl,-dll~linknames='
+	_LT_TAGVAR(archive_expsym_cmds, $1)='if test "x`$SED 1q $export_symbols`" = xEXPORTS; then
+	    sed -n -e 's/\\\\\\\(.*\\\\\\\)/-link\\\ -EXPORT:\\\\\\\1/' -e '1\\\!p' < $export_symbols > $output_objdir/$soname.exp;
+	  else
+	    sed -e 's/\\\\\\\(.*\\\\\\\)/-link\\\ -EXPORT:\\\\\\\1/' < $export_symbols > $output_objdir/$soname.exp;
+	  fi~
+	  $CC -o $tool_output_objdir$soname $libobjs $compiler_flags $deplibs "@$tool_output_objdir$soname.exp" -Wl,-DLL,-IMPLIB:"$tool_output_objdir$libname.dll.lib"~
+	  linknames='
+	# The linker will not automatically build a static lib if we build a DLL.
+	# _LT_TAGVAR(old_archive_from_new_cmds, $1)='true'
+	_LT_TAGVAR(enable_shared_with_static_runtimes, $1)=yes
+	_LT_TAGVAR(exclude_expsyms, $1)='_NULL_IMPORT_DESCRIPTOR|_IMPORT_DESCRIPTOR_.*'
+	_LT_TAGVAR(export_symbols_cmds, $1)='$NM $libobjs $convenience | $global_symbol_pipe | $SED -e '\''/^[[BCDGRS]][[ ]]/s/.*[[ ]]\([[^ ]]*\)/\1,DATA/'\'' | $SED -e '\''/^[[AITW]][[ ]]/s/.*[[ ]]//'\'' | sort | uniq > $export_symbols'
+	# Don't use ranlib
+	_LT_TAGVAR(old_postinstall_cmds, $1)='chmod 644 $oldlib'
+	_LT_TAGVAR(postlink_cmds, $1)='lt_outputfile="@OUTPUT@"~
+	  lt_tool_outputfile="@TOOL_OUTPUT@"~
+	  case $lt_outputfile in
+	    *.exe|*.EXE) ;;
+	    *)
+	      lt_outputfile="$lt_outputfile.exe"
+	      lt_tool_outputfile="$lt_tool_outputfile.exe"
+	      ;;
+	  esac~
+	  if test "$MANIFEST_TOOL" != ":" && test -f "$lt_outputfile.manifest"; then
+	    $MANIFEST_TOOL -manifest "$lt_tool_outputfile.manifest" -outputresource:"$lt_tool_outputfile" || exit 1;
+	    $RM "$lt_outputfile.manifest";
+	  fi'
+	;;
+      *)
+	# Assume MSVC wrapper
+	_LT_TAGVAR(hardcode_libdir_flag_spec, $1)=' '
+	_LT_TAGVAR(allow_undefined_flag, $1)=unsupported
+	# Tell ltmain to make .lib files, not .a files.
+	libext=lib
+	# Tell ltmain to make .dll files, not .so files.
+	shrext_cmds=".dll"
+	# FIXME: Setting linknames here is a bad hack.
+	_LT_TAGVAR(archive_cmds, $1)='$CC -o $lib $libobjs $compiler_flags `func_echo_all "$deplibs" | $SED '\''s/ -lc$//'\''` -link -dll~linknames='
+	# The linker will automatically build a .lib file if we build a DLL.
+	_LT_TAGVAR(old_archive_from_new_cmds, $1)='true'
+	# FIXME: Should let the user specify the lib program.
+	_LT_TAGVAR(old_archive_cmds, $1)='lib -OUT:$oldlib$oldobjs$old_deplibs'
+	_LT_TAGVAR(enable_shared_with_static_runtimes, $1)=yes
+	;;
+      esac
+      ;;
+
+    darwin* | rhapsody*)
+      _LT_DARWIN_LINKER_FEATURES($1)
+      ;;
+
+    dgux*)
+      _LT_TAGVAR(archive_cmds, $1)='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags'
+      _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir'
+      _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
+      ;;
+
+    # FreeBSD 2.2.[012] allows us to include c++rt0.o to get C++ constructor
+    # support.  Future versions do this automatically, but an explicit c++rt0.o
+    # does not break anything, and helps significantly (at the cost of a little
+    # extra space).
+    freebsd2.2*)
+      _LT_TAGVAR(archive_cmds, $1)='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags /usr/lib/c++rt0.o'
+      _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir'
+      _LT_TAGVAR(hardcode_direct, $1)=yes
+      _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
+      ;;
+
+    # Unfortunately, older versions of FreeBSD 2 do not have this feature.
+    freebsd2.*)
+      _LT_TAGVAR(archive_cmds, $1)='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags'
+      _LT_TAGVAR(hardcode_direct, $1)=yes
+      _LT_TAGVAR(hardcode_minus_L, $1)=yes
+      _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
+      ;;
+
+    # FreeBSD 3 and greater uses gcc -shared to do shared libraries.
+    freebsd* | dragonfly*)
+      _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags'
+      _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir'
+      _LT_TAGVAR(hardcode_direct, $1)=yes
+      _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
+      ;;
+
+    hpux9*)
+      if test "$GCC" = yes; then
+	_LT_TAGVAR(archive_cmds, $1)='$RM $output_objdir/$soname~$CC -shared $pic_flag ${wl}+b ${wl}$install_libdir -o $output_objdir/$soname $libobjs $deplibs $compiler_flags~test $output_objdir/$soname = $lib || mv $output_objdir/$soname $lib'
+      else
+	_LT_TAGVAR(archive_cmds, $1)='$RM $output_objdir/$soname~$LD -b +b $install_libdir -o $output_objdir/$soname $libobjs $deplibs $linker_flags~test $output_objdir/$soname = $lib || mv $output_objdir/$soname $lib'
+      fi
+      _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}+b ${wl}$libdir'
+      _LT_TAGVAR(hardcode_libdir_separator, $1)=:
+      _LT_TAGVAR(hardcode_direct, $1)=yes
+
+      # hardcode_minus_L: Not really in the search PATH,
+      # but as the default location of the library.
+      _LT_TAGVAR(hardcode_minus_L, $1)=yes
+      _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-E'
+      ;;
+
+    hpux10*)
+      if test "$GCC" = yes && test "$with_gnu_ld" = no; then
+	_LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags'
+      else
+	_LT_TAGVAR(archive_cmds, $1)='$LD -b +h $soname +b $install_libdir -o $lib $libobjs $deplibs $linker_flags'
+      fi
+      if test "$with_gnu_ld" = no; then
+	_LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}+b ${wl}$libdir'
+	_LT_TAGVAR(hardcode_libdir_separator, $1)=:
+	_LT_TAGVAR(hardcode_direct, $1)=yes
+	_LT_TAGVAR(hardcode_direct_absolute, $1)=yes
+	_LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-E'
+	# hardcode_minus_L: Not really in the search PATH,
+	# but as the default location of the library.
+	_LT_TAGVAR(hardcode_minus_L, $1)=yes
+      fi
+      ;;
+
+    hpux11*)
+      if test "$GCC" = yes && test "$with_gnu_ld" = no; then
+	case $host_cpu in
+	hppa*64*)
+	  _LT_TAGVAR(archive_cmds, $1)='$CC -shared ${wl}+h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags'
+	  ;;
+	ia64*)
+	  _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag ${wl}+h ${wl}$soname ${wl}+nodefaultrpath -o $lib $libobjs $deplibs $compiler_flags'
+	  ;;
+	*)
+	  _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags'
+	  ;;
+	esac
+      else
+	case $host_cpu in
+	hppa*64*)
+	  _LT_TAGVAR(archive_cmds, $1)='$CC -b ${wl}+h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags'
+	  ;;
+	ia64*)
+	  _LT_TAGVAR(archive_cmds, $1)='$CC -b ${wl}+h ${wl}$soname ${wl}+nodefaultrpath -o $lib $libobjs $deplibs $compiler_flags'
+	  ;;
+	*)
+	m4_if($1, [], [
+	  # Older versions of the 11.00 compiler do not understand -b yet
+	  # (HP92453-01 A.11.01.20 doesn't, HP92453-01 B.11.X.35175-35176.GP does)
+	  _LT_LINKER_OPTION([if $CC understands -b],
+	    _LT_TAGVAR(lt_cv_prog_compiler__b, $1), [-b],
+	    [_LT_TAGVAR(archive_cmds, $1)='$CC -b ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags'],
+	    [_LT_TAGVAR(archive_cmds, $1)='$LD -b +h $soname +b $install_libdir -o $lib $libobjs $deplibs $linker_flags'])],
+	  [_LT_TAGVAR(archive_cmds, $1)='$CC -b ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags'])
+	  ;;
+	esac
+      fi
+      if test "$with_gnu_ld" = no; then
+	_LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}+b ${wl}$libdir'
+	_LT_TAGVAR(hardcode_libdir_separator, $1)=:
+
+	case $host_cpu in
+	hppa*64*|ia64*)
+	  _LT_TAGVAR(hardcode_direct, $1)=no
+	  _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
+	  ;;
+	*)
+	  _LT_TAGVAR(hardcode_direct, $1)=yes
+	  _LT_TAGVAR(hardcode_direct_absolute, $1)=yes
+	  _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-E'
+
+	  # hardcode_minus_L: Not really in the search PATH,
+	  # but as the default location of the library.
+	  _LT_TAGVAR(hardcode_minus_L, $1)=yes
+	  ;;
+	esac
+      fi
+      ;;
+
+    irix5* | irix6* | nonstopux*)
+      if test "$GCC" = yes; then
+	_LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib'
+	# Try to use the -exported_symbol ld option, if it does not
+	# work, assume that -exports_file does not work either and
+	# implicitly export all symbols.
+	# This should be the same for all languages, so no per-tag cache variable.
+	AC_CACHE_CHECK([whether the $host_os linker accepts -exported_symbol],
+	  [lt_cv_irix_exported_symbol],
+	  [save_LDFLAGS="$LDFLAGS"
+	   LDFLAGS="$LDFLAGS -shared ${wl}-exported_symbol ${wl}foo ${wl}-update_registry ${wl}/dev/null"
+	   AC_LINK_IFELSE(
+	     [AC_LANG_SOURCE(
+	        [AC_LANG_CASE([C], [[int foo (void) { return 0; }]],
+			      [C++], [[int foo (void) { return 0; }]],
+			      [Fortran 77], [[
+      subroutine foo
+      end]],
+			      [Fortran], [[
+      subroutine foo
+      end]])])],
+	      [lt_cv_irix_exported_symbol=yes],
+	      [lt_cv_irix_exported_symbol=no])
+           LDFLAGS="$save_LDFLAGS"])
+	if test "$lt_cv_irix_exported_symbol" = yes; then
+          _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` ${wl}-update_registry ${wl}${output_objdir}/so_locations ${wl}-exports_file ${wl}$export_symbols -o $lib'
+	fi
+      else
+	_LT_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags -soname $soname `test -n "$verstring" && func_echo_all "-set_version $verstring"` -update_registry ${output_objdir}/so_locations -o $lib'
+	_LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags -soname $soname `test -n "$verstring" && func_echo_all "-set_version $verstring"` -update_registry ${output_objdir}/so_locations -exports_file $export_symbols -o $lib'
+      fi
+      _LT_TAGVAR(archive_cmds_need_lc, $1)='no'
+      _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir'
+      _LT_TAGVAR(hardcode_libdir_separator, $1)=:
+      _LT_TAGVAR(inherit_rpath, $1)=yes
+      _LT_TAGVAR(link_all_deplibs, $1)=yes
+      ;;
+
+    netbsd*)
+      if echo __ELF__ | $CC -E - | $GREP __ELF__ >/dev/null; then
+	_LT_TAGVAR(archive_cmds, $1)='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags'  # a.out
+      else
+	_LT_TAGVAR(archive_cmds, $1)='$LD -shared -o $lib $libobjs $deplibs $linker_flags'      # ELF
+      fi
+      _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir'
+      _LT_TAGVAR(hardcode_direct, $1)=yes
+      _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
+      ;;
+
+    newsos6)
+      _LT_TAGVAR(archive_cmds, $1)='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags'
+      _LT_TAGVAR(hardcode_direct, $1)=yes
+      _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir'
+      _LT_TAGVAR(hardcode_libdir_separator, $1)=:
+      _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
+      ;;
+
+    *nto* | *qnx*)
+      ;;
+
+    openbsd*)
+      if test -f /usr/libexec/ld.so; then
+	_LT_TAGVAR(hardcode_direct, $1)=yes
+	_LT_TAGVAR(hardcode_shlibpath_var, $1)=no
+	_LT_TAGVAR(hardcode_direct_absolute, $1)=yes
+	if test -z "`echo __ELF__ | $CC -E - | $GREP __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then
+	  _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags'
+	  _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags ${wl}-retain-symbols-file,$export_symbols'
+	  _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath,$libdir'
+	  _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-E'
+	else
+	  case $host_os in
+	   openbsd[[01]].* | openbsd2.[[0-7]] | openbsd2.[[0-7]].*)
+	     _LT_TAGVAR(archive_cmds, $1)='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags'
+	     _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir'
+	     ;;
+	   *)
+	     _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags'
+	     _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath,$libdir'
+	     ;;
+	  esac
+	fi
+      else
+	_LT_TAGVAR(ld_shlibs, $1)=no
+      fi
+      ;;
+
+    os2*)
+      _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir'
+      _LT_TAGVAR(hardcode_minus_L, $1)=yes
+      _LT_TAGVAR(allow_undefined_flag, $1)=unsupported
+      _LT_TAGVAR(archive_cmds, $1)='$ECHO "LIBRARY $libname INITINSTANCE" > $output_objdir/$libname.def~$ECHO "DESCRIPTION \"$libname\"" >> $output_objdir/$libname.def~echo DATA >> $output_objdir/$libname.def~echo " SINGLE NONSHARED" >> $output_objdir/$libname.def~echo EXPORTS >> $output_objdir/$libname.def~emxexp $libobjs >> $output_objdir/$libname.def~$CC -Zdll -Zcrtdll -o $lib $libobjs $deplibs $compiler_flags $output_objdir/$libname.def'
+      _LT_TAGVAR(old_archive_from_new_cmds, $1)='emximp -o $output_objdir/$libname.a $output_objdir/$libname.def'
+      ;;
+
+    osf3*)
+      if test "$GCC" = yes; then
+	_LT_TAGVAR(allow_undefined_flag, $1)=' ${wl}-expect_unresolved ${wl}\*'
+	_LT_TAGVAR(archive_cmds, $1)='$CC -shared${allow_undefined_flag} $libobjs $deplibs $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib'
+      else
+	_LT_TAGVAR(allow_undefined_flag, $1)=' -expect_unresolved \*'
+	_LT_TAGVAR(archive_cmds, $1)='$CC -shared${allow_undefined_flag} $libobjs $deplibs $compiler_flags -soname $soname `test -n "$verstring" && func_echo_all "-set_version $verstring"` -update_registry ${output_objdir}/so_locations -o $lib'
+      fi
+      _LT_TAGVAR(archive_cmds_need_lc, $1)='no'
+      _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir'
+      _LT_TAGVAR(hardcode_libdir_separator, $1)=:
+      ;;
+
+    osf4* | osf5*)	# as osf3* with the addition of -msym flag
+      if test "$GCC" = yes; then
+	_LT_TAGVAR(allow_undefined_flag, $1)=' ${wl}-expect_unresolved ${wl}\*'
+	_LT_TAGVAR(archive_cmds, $1)='$CC -shared${allow_undefined_flag} $pic_flag $libobjs $deplibs $compiler_flags ${wl}-msym ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib'
+	_LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir'
+      else
+	_LT_TAGVAR(allow_undefined_flag, $1)=' -expect_unresolved \*'
+	_LT_TAGVAR(archive_cmds, $1)='$CC -shared${allow_undefined_flag} $libobjs $deplibs $compiler_flags -msym -soname $soname `test -n "$verstring" && func_echo_all "-set_version $verstring"` -update_registry ${output_objdir}/so_locations -o $lib'
+	_LT_TAGVAR(archive_expsym_cmds, $1)='for i in `cat $export_symbols`; do printf "%s %s\\n" -exported_symbol "\$i" >> $lib.exp; done; printf "%s\\n" "-hidden">> $lib.exp~
+	$CC -shared${allow_undefined_flag} ${wl}-input ${wl}$lib.exp $compiler_flags $libobjs $deplibs -soname $soname `test -n "$verstring" && $ECHO "-set_version $verstring"` -update_registry ${output_objdir}/so_locations -o $lib~$RM $lib.exp'
+
+	# Both c and cxx compiler support -rpath directly
+	_LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-rpath $libdir'
+      fi
+      _LT_TAGVAR(archive_cmds_need_lc, $1)='no'
+      _LT_TAGVAR(hardcode_libdir_separator, $1)=:
+      ;;
+
+    solaris*)
+      _LT_TAGVAR(no_undefined_flag, $1)=' -z defs'
+      if test "$GCC" = yes; then
+	wlarc='${wl}'
+	_LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag ${wl}-z ${wl}text ${wl}-h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags'
+	_LT_TAGVAR(archive_expsym_cmds, $1)='echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~echo "local: *; };" >> $lib.exp~
+	  $CC -shared $pic_flag ${wl}-z ${wl}text ${wl}-M ${wl}$lib.exp ${wl}-h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags~$RM $lib.exp'
+      else
+	case `$CC -V 2>&1` in
+	*"Compilers 5.0"*)
+	  wlarc=''
+	  _LT_TAGVAR(archive_cmds, $1)='$LD -G${allow_undefined_flag} -h $soname -o $lib $libobjs $deplibs $linker_flags'
+	  _LT_TAGVAR(archive_expsym_cmds, $1)='echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~echo "local: *; };" >> $lib.exp~
+	  $LD -G${allow_undefined_flag} -M $lib.exp -h $soname -o $lib $libobjs $deplibs $linker_flags~$RM $lib.exp'
+	  ;;
+	*)
+	  wlarc='${wl}'
+	  _LT_TAGVAR(archive_cmds, $1)='$CC -G${allow_undefined_flag} -h $soname -o $lib $libobjs $deplibs $compiler_flags'
+	  _LT_TAGVAR(archive_expsym_cmds, $1)='echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~echo "local: *; };" >> $lib.exp~
+	  $CC -G${allow_undefined_flag} -M $lib.exp -h $soname -o $lib $libobjs $deplibs $compiler_flags~$RM $lib.exp'
+	  ;;
+	esac
+      fi
+      _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir'
+      _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
+      case $host_os in
+      solaris2.[[0-5]] | solaris2.[[0-5]].*) ;;
+      *)
+	# The compiler driver will combine and reorder linker options,
+	# but understands `-z linker_flag'.  GCC discards it without `$wl',
+	# but is careful enough not to reorder.
+	# Supported since Solaris 2.6 (maybe 2.5.1?)
+	if test "$GCC" = yes; then
+	  _LT_TAGVAR(whole_archive_flag_spec, $1)='${wl}-z ${wl}allextract$convenience ${wl}-z ${wl}defaultextract'
+	else
+	  _LT_TAGVAR(whole_archive_flag_spec, $1)='-z allextract$convenience -z defaultextract'
+	fi
+	;;
+      esac
+      _LT_TAGVAR(link_all_deplibs, $1)=yes
+      ;;
+
+    sunos4*)
+      if test "x$host_vendor" = xsequent; then
+	# Use $CC to link under sequent, because it throws in some extra .o
+	# files that make .init and .fini sections work.
+	_LT_TAGVAR(archive_cmds, $1)='$CC -G ${wl}-h $soname -o $lib $libobjs $deplibs $compiler_flags'
+      else
+	_LT_TAGVAR(archive_cmds, $1)='$LD -assert pure-text -Bstatic -o $lib $libobjs $deplibs $linker_flags'
+      fi
+      _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir'
+      _LT_TAGVAR(hardcode_direct, $1)=yes
+      _LT_TAGVAR(hardcode_minus_L, $1)=yes
+      _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
+      ;;
+
+    sysv4)
+      case $host_vendor in
+	sni)
+	  _LT_TAGVAR(archive_cmds, $1)='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags'
+	  _LT_TAGVAR(hardcode_direct, $1)=yes # is this really true???
+	;;
+	siemens)
+	  ## LD is ld it makes a PLAMLIB
+	  ## CC just makes a GrossModule.
+	  _LT_TAGVAR(archive_cmds, $1)='$LD -G -o $lib $libobjs $deplibs $linker_flags'
+	  _LT_TAGVAR(reload_cmds, $1)='$CC -r -o $output$reload_objs'
+	  _LT_TAGVAR(hardcode_direct, $1)=no
+        ;;
+	motorola)
+	  _LT_TAGVAR(archive_cmds, $1)='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags'
+	  _LT_TAGVAR(hardcode_direct, $1)=no #Motorola manual says yes, but my tests say they lie
+	;;
+      esac
+      runpath_var='LD_RUN_PATH'
+      _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
+      ;;
+
+    sysv4.3*)
+      _LT_TAGVAR(archive_cmds, $1)='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags'
+      _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
+      _LT_TAGVAR(export_dynamic_flag_spec, $1)='-Bexport'
+      ;;
+
+    sysv4*MP*)
+      if test -d /usr/nec; then
+	_LT_TAGVAR(archive_cmds, $1)='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags'
+	_LT_TAGVAR(hardcode_shlibpath_var, $1)=no
+	runpath_var=LD_RUN_PATH
+	hardcode_runpath_var=yes
+	_LT_TAGVAR(ld_shlibs, $1)=yes
+      fi
+      ;;
+
+    sysv4*uw2* | sysv5OpenUNIX* | sysv5UnixWare7.[[01]].[[10]]* | unixware7* | sco3.2v5.0.[[024]]*)
+      _LT_TAGVAR(no_undefined_flag, $1)='${wl}-z,text'
+      _LT_TAGVAR(archive_cmds_need_lc, $1)=no
+      _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
+      runpath_var='LD_RUN_PATH'
+
+      if test "$GCC" = yes; then
+	_LT_TAGVAR(archive_cmds, $1)='$CC -shared ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+	_LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+      else
+	_LT_TAGVAR(archive_cmds, $1)='$CC -G ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+	_LT_TAGVAR(archive_expsym_cmds, $1)='$CC -G ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+      fi
+      ;;
+
+    sysv5* | sco3.2v5* | sco5v6*)
+      # Note: We can NOT use -z defs as we might desire, because we do not
+      # link with -lc, and that would cause any symbols used from libc to
+      # always be unresolved, which means just about no library would
+      # ever link correctly.  If we're not using GNU ld we use -z text
+      # though, which does catch some bad symbols but isn't as heavy-handed
+      # as -z defs.
+      _LT_TAGVAR(no_undefined_flag, $1)='${wl}-z,text'
+      _LT_TAGVAR(allow_undefined_flag, $1)='${wl}-z,nodefs'
+      _LT_TAGVAR(archive_cmds_need_lc, $1)=no
+      _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
+      _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-R,$libdir'
+      _LT_TAGVAR(hardcode_libdir_separator, $1)=':'
+      _LT_TAGVAR(link_all_deplibs, $1)=yes
+      _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-Bexport'
+      runpath_var='LD_RUN_PATH'
+
+      if test "$GCC" = yes; then
+	_LT_TAGVAR(archive_cmds, $1)='$CC -shared ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+	_LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+      else
+	_LT_TAGVAR(archive_cmds, $1)='$CC -G ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+	_LT_TAGVAR(archive_expsym_cmds, $1)='$CC -G ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+      fi
+      ;;
+
+    uts4*)
+      _LT_TAGVAR(archive_cmds, $1)='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags'
+      _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir'
+      _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
+      ;;
+
+    *)
+      _LT_TAGVAR(ld_shlibs, $1)=no
+      ;;
+    esac
+
+    if test x$host_vendor = xsni; then
+      case $host in
+      sysv4 | sysv4.2uw2* | sysv4.3* | sysv5*)
+	_LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-Blargedynsym'
+	;;
+      esac
+    fi
+  fi
+])
+AC_MSG_RESULT([$_LT_TAGVAR(ld_shlibs, $1)])
+test "$_LT_TAGVAR(ld_shlibs, $1)" = no && can_build_shared=no
+
+_LT_TAGVAR(with_gnu_ld, $1)=$with_gnu_ld
+
+_LT_DECL([], [libext], [0], [Old archive suffix (normally "a")])dnl
+_LT_DECL([], [shrext_cmds], [1], [Shared library suffix (normally ".so")])dnl
+_LT_DECL([], [extract_expsyms_cmds], [2],
+    [The commands to extract the exported symbol list from a shared archive])
+
+#
+# Do we need to explicitly link libc?
+#
+case "x$_LT_TAGVAR(archive_cmds_need_lc, $1)" in
+x|xyes)
+  # Assume -lc should be added
+  _LT_TAGVAR(archive_cmds_need_lc, $1)=yes
+
+  if test "$enable_shared" = yes && test "$GCC" = yes; then
+    case $_LT_TAGVAR(archive_cmds, $1) in
+    *'~'*)
+      # FIXME: we may have to deal with multi-command sequences.
+      ;;
+    '$CC '*)
+      # Test whether the compiler implicitly links with -lc since on some
+      # systems, -lgcc has to come before -lc. If gcc already passes -lc
+      # to ld, don't add -lc before -lgcc.
+      AC_CACHE_CHECK([whether -lc should be explicitly linked in],
+	[lt_cv_]_LT_TAGVAR(archive_cmds_need_lc, $1),
+	[$RM conftest*
+	echo "$lt_simple_compile_test_code" > conftest.$ac_ext
+
+	if AC_TRY_EVAL(ac_compile) 2>conftest.err; then
+	  soname=conftest
+	  lib=conftest
+	  libobjs=conftest.$ac_objext
+	  deplibs=
+	  wl=$_LT_TAGVAR(lt_prog_compiler_wl, $1)
+	  pic_flag=$_LT_TAGVAR(lt_prog_compiler_pic, $1)
+	  compiler_flags=-v
+	  linker_flags=-v
+	  verstring=
+	  output_objdir=.
+	  libname=conftest
+	  lt_save_allow_undefined_flag=$_LT_TAGVAR(allow_undefined_flag, $1)
+	  _LT_TAGVAR(allow_undefined_flag, $1)=
+	  if AC_TRY_EVAL(_LT_TAGVAR(archive_cmds, $1) 2\>\&1 \| $GREP \" -lc \" \>/dev/null 2\>\&1)
+	  then
+	    lt_cv_[]_LT_TAGVAR(archive_cmds_need_lc, $1)=no
+	  else
+	    lt_cv_[]_LT_TAGVAR(archive_cmds_need_lc, $1)=yes
+	  fi
+	  _LT_TAGVAR(allow_undefined_flag, $1)=$lt_save_allow_undefined_flag
+	else
+	  cat conftest.err 1>&5
+	fi
+	$RM conftest*
+	])
+      _LT_TAGVAR(archive_cmds_need_lc, $1)=$lt_cv_[]_LT_TAGVAR(archive_cmds_need_lc, $1)
+      ;;
+    esac
+  fi
+  ;;
+esac
+
+_LT_TAGDECL([build_libtool_need_lc], [archive_cmds_need_lc], [0],
+    [Whether or not to add -lc for building shared libraries])
+_LT_TAGDECL([allow_libtool_libs_with_static_runtimes],
+    [enable_shared_with_static_runtimes], [0],
+    [Whether or not to disallow shared libs when runtime libs are static])
+_LT_TAGDECL([], [export_dynamic_flag_spec], [1],
+    [Compiler flag to allow reflexive dlopens])
+_LT_TAGDECL([], [whole_archive_flag_spec], [1],
+    [Compiler flag to generate shared objects directly from archives])
+_LT_TAGDECL([], [compiler_needs_object], [1],
+    [Whether the compiler copes with passing no objects directly])
+_LT_TAGDECL([], [old_archive_from_new_cmds], [2],
+    [Create an old-style archive from a shared archive])
+_LT_TAGDECL([], [old_archive_from_expsyms_cmds], [2],
+    [Create a temporary old-style archive to link instead of a shared archive])
+_LT_TAGDECL([], [archive_cmds], [2], [Commands used to build a shared archive])
+_LT_TAGDECL([], [archive_expsym_cmds], [2])
+_LT_TAGDECL([], [module_cmds], [2],
+    [Commands used to build a loadable module if different from building
+    a shared archive.])
+_LT_TAGDECL([], [module_expsym_cmds], [2])
+_LT_TAGDECL([], [with_gnu_ld], [1],
+    [Whether we are building with GNU ld or not])
+_LT_TAGDECL([], [allow_undefined_flag], [1],
+    [Flag that allows shared libraries with undefined symbols to be built])
+_LT_TAGDECL([], [no_undefined_flag], [1],
+    [Flag that enforces no undefined symbols])
+_LT_TAGDECL([], [hardcode_libdir_flag_spec], [1],
+    [Flag to hardcode $libdir into a binary during linking.
+    This must work even if $libdir does not exist])
+_LT_TAGDECL([], [hardcode_libdir_separator], [1],
+    [Whether we need a single "-rpath" flag with a separated argument])
+_LT_TAGDECL([], [hardcode_direct], [0],
+    [Set to "yes" if using DIR/libNAME${shared_ext} during linking hardcodes
+    DIR into the resulting binary])
+_LT_TAGDECL([], [hardcode_direct_absolute], [0],
+    [Set to "yes" if using DIR/libNAME${shared_ext} during linking hardcodes
+    DIR into the resulting binary and the resulting library dependency is
+    "absolute", i.e impossible to change by setting ${shlibpath_var} if the
+    library is relocated])
+_LT_TAGDECL([], [hardcode_minus_L], [0],
+    [Set to "yes" if using the -LDIR flag during linking hardcodes DIR
+    into the resulting binary])
+_LT_TAGDECL([], [hardcode_shlibpath_var], [0],
+    [Set to "yes" if using SHLIBPATH_VAR=DIR during linking hardcodes DIR
+    into the resulting binary])
+_LT_TAGDECL([], [hardcode_automatic], [0],
+    [Set to "yes" if building a shared library automatically hardcodes DIR
+    into the library and all subsequent libraries and executables linked
+    against it])
+_LT_TAGDECL([], [inherit_rpath], [0],
+    [Set to yes if linker adds runtime paths of dependent libraries
+    to runtime path list])
+_LT_TAGDECL([], [link_all_deplibs], [0],
+    [Whether libtool must link a program against all its dependency libraries])
+_LT_TAGDECL([], [always_export_symbols], [0],
+    [Set to "yes" if exported symbols are required])
+_LT_TAGDECL([], [export_symbols_cmds], [2],
+    [The commands to list exported symbols])
+_LT_TAGDECL([], [exclude_expsyms], [1],
+    [Symbols that should not be listed in the preloaded symbols])
+_LT_TAGDECL([], [include_expsyms], [1],
+    [Symbols that must always be exported])
+_LT_TAGDECL([], [prelink_cmds], [2],
+    [Commands necessary for linking programs (against libraries) with templates])
+_LT_TAGDECL([], [postlink_cmds], [2],
+    [Commands necessary for finishing linking programs])
+_LT_TAGDECL([], [file_list_spec], [1],
+    [Specify filename containing input files])
+dnl FIXME: Not yet implemented
+dnl _LT_TAGDECL([], [thread_safe_flag_spec], [1],
+dnl    [Compiler flag to generate thread safe objects])
+])# _LT_LINKER_SHLIBS
+
+
+# _LT_LANG_C_CONFIG([TAG])
+# ------------------------
+# Ensure that the configuration variables for a C compiler are suitably
+# defined.  These variables are subsequently used by _LT_CONFIG to write
+# the compiler configuration to `libtool'.
+m4_defun([_LT_LANG_C_CONFIG],
+[m4_require([_LT_DECL_EGREP])dnl
+lt_save_CC="$CC"
+AC_LANG_PUSH(C)
+
+# Source file extension for C test sources.
+ac_ext=c
+
+# Object file extension for compiled C test sources.
+objext=o
+_LT_TAGVAR(objext, $1)=$objext
+
+# Code to be used in simple compile tests
+lt_simple_compile_test_code="int some_variable = 0;"
+
+# Code to be used in simple link tests
+lt_simple_link_test_code='int main(){return(0);}'
+
+_LT_TAG_COMPILER
+# Save the default compiler, since it gets overwritten when the other
+# tags are being tested, and _LT_TAGVAR(compiler, []) is a NOP.
+compiler_DEFAULT=$CC
+
+# save warnings/boilerplate of simple test code
+_LT_COMPILER_BOILERPLATE
+_LT_LINKER_BOILERPLATE
+
+## CAVEAT EMPTOR:
+## There is no encapsulation within the following macros, do not change
+## the running order or otherwise move them around unless you know exactly
+## what you are doing...
+if test -n "$compiler"; then
+  _LT_COMPILER_NO_RTTI($1)
+  _LT_COMPILER_PIC($1)
+  _LT_COMPILER_C_O($1)
+  _LT_COMPILER_FILE_LOCKS($1)
+  _LT_LINKER_SHLIBS($1)
+  _LT_SYS_DYNAMIC_LINKER($1)
+  _LT_LINKER_HARDCODE_LIBPATH($1)
+  LT_SYS_DLOPEN_SELF
+  _LT_CMD_STRIPLIB
+
+  # Report which library types will actually be built
+  AC_MSG_CHECKING([if libtool supports shared libraries])
+  AC_MSG_RESULT([$can_build_shared])
+
+  AC_MSG_CHECKING([whether to build shared libraries])
+  test "$can_build_shared" = "no" && enable_shared=no
+
+  # On AIX, shared libraries and static libraries use the same namespace, and
+  # are all built from PIC.
+  case $host_os in
+  aix3*)
+    test "$enable_shared" = yes && enable_static=no
+    if test -n "$RANLIB"; then
+      archive_cmds="$archive_cmds~\$RANLIB \$lib"
+      postinstall_cmds='$RANLIB $lib'
+    fi
+    ;;
+
+  aix[[4-9]]*)
+    if test "$host_cpu" != ia64 && test "$aix_use_runtimelinking" = no ; then
+      test "$enable_shared" = yes && enable_static=no
+    fi
+    ;;
+  esac
+  AC_MSG_RESULT([$enable_shared])
+
+  AC_MSG_CHECKING([whether to build static libraries])
+  # Make sure either enable_shared or enable_static is yes.
+  test "$enable_shared" = yes || enable_static=yes
+  AC_MSG_RESULT([$enable_static])
+
+  _LT_CONFIG($1)
+fi
+AC_LANG_POP
+CC="$lt_save_CC"
+])# _LT_LANG_C_CONFIG
+
+
+# _LT_LANG_CXX_CONFIG([TAG])
+# --------------------------
+# Ensure that the configuration variables for a C++ compiler are suitably
+# defined.  These variables are subsequently used by _LT_CONFIG to write
+# the compiler configuration to `libtool'.
+m4_defun([_LT_LANG_CXX_CONFIG],
+[m4_require([_LT_FILEUTILS_DEFAULTS])dnl
+m4_require([_LT_DECL_EGREP])dnl
+m4_require([_LT_PATH_MANIFEST_TOOL])dnl
+if test -n "$CXX" && ( test "X$CXX" != "Xno" &&
+    ( (test "X$CXX" = "Xg++" && `g++ -v >/dev/null 2>&1` ) ||
+    (test "X$CXX" != "Xg++"))) ; then
+  AC_PROG_CXXCPP
+else
+  _lt_caught_CXX_error=yes
+fi
+
+AC_LANG_PUSH(C++)
+_LT_TAGVAR(archive_cmds_need_lc, $1)=no
+_LT_TAGVAR(allow_undefined_flag, $1)=
+_LT_TAGVAR(always_export_symbols, $1)=no
+_LT_TAGVAR(archive_expsym_cmds, $1)=
+_LT_TAGVAR(compiler_needs_object, $1)=no
+_LT_TAGVAR(export_dynamic_flag_spec, $1)=
+_LT_TAGVAR(hardcode_direct, $1)=no
+_LT_TAGVAR(hardcode_direct_absolute, $1)=no
+_LT_TAGVAR(hardcode_libdir_flag_spec, $1)=
+_LT_TAGVAR(hardcode_libdir_separator, $1)=
+_LT_TAGVAR(hardcode_minus_L, $1)=no
+_LT_TAGVAR(hardcode_shlibpath_var, $1)=unsupported
+_LT_TAGVAR(hardcode_automatic, $1)=no
+_LT_TAGVAR(inherit_rpath, $1)=no
+_LT_TAGVAR(module_cmds, $1)=
+_LT_TAGVAR(module_expsym_cmds, $1)=
+_LT_TAGVAR(link_all_deplibs, $1)=unknown
+_LT_TAGVAR(old_archive_cmds, $1)=$old_archive_cmds
+_LT_TAGVAR(reload_flag, $1)=$reload_flag
+_LT_TAGVAR(reload_cmds, $1)=$reload_cmds
+_LT_TAGVAR(no_undefined_flag, $1)=
+_LT_TAGVAR(whole_archive_flag_spec, $1)=
+_LT_TAGVAR(enable_shared_with_static_runtimes, $1)=no
+
+# Source file extension for C++ test sources.
+ac_ext=cpp
+
+# Object file extension for compiled C++ test sources.
+objext=o
+_LT_TAGVAR(objext, $1)=$objext
+
+# No sense in running all these tests if we already determined that
+# the CXX compiler isn't working.  Some variables (like enable_shared)
+# are currently assumed to apply to all compilers on this platform,
+# and will be corrupted by setting them based on a non-working compiler.
+if test "$_lt_caught_CXX_error" != yes; then
+  # Code to be used in simple compile tests
+  lt_simple_compile_test_code="int some_variable = 0;"
+
+  # Code to be used in simple link tests
+  lt_simple_link_test_code='int main(int, char *[[]]) { return(0); }'
+
+  # ltmain only uses $CC for tagged configurations so make sure $CC is set.
+  _LT_TAG_COMPILER
+
+  # save warnings/boilerplate of simple test code
+  _LT_COMPILER_BOILERPLATE
+  _LT_LINKER_BOILERPLATE
+
+  # Allow CC to be a program name with arguments.
+  lt_save_CC=$CC
+  lt_save_CFLAGS=$CFLAGS
+  lt_save_LD=$LD
+  lt_save_GCC=$GCC
+  GCC=$GXX
+  lt_save_with_gnu_ld=$with_gnu_ld
+  lt_save_path_LD=$lt_cv_path_LD
+  if test -n "${lt_cv_prog_gnu_ldcxx+set}"; then
+    lt_cv_prog_gnu_ld=$lt_cv_prog_gnu_ldcxx
+  else
+    $as_unset lt_cv_prog_gnu_ld
+  fi
+  if test -n "${lt_cv_path_LDCXX+set}"; then
+    lt_cv_path_LD=$lt_cv_path_LDCXX
+  else
+    $as_unset lt_cv_path_LD
+  fi
+  test -z "${LDCXX+set}" || LD=$LDCXX
+  CC=${CXX-"c++"}
+  CFLAGS=$CXXFLAGS
+  compiler=$CC
+  _LT_TAGVAR(compiler, $1)=$CC
+  _LT_CC_BASENAME([$compiler])
+
+  if test -n "$compiler"; then
+    # We don't want -fno-exception when compiling C++ code, so set the
+    # no_builtin_flag separately
+    if test "$GXX" = yes; then
+      _LT_TAGVAR(lt_prog_compiler_no_builtin_flag, $1)=' -fno-builtin'
+    else
+      _LT_TAGVAR(lt_prog_compiler_no_builtin_flag, $1)=
+    fi
+
+    if test "$GXX" = yes; then
+      # Set up default GNU C++ configuration
+
+      LT_PATH_LD
+
+      # Check if GNU C++ uses GNU ld as the underlying linker, since the
+      # archiving commands below assume that GNU ld is being used.
+      if test "$with_gnu_ld" = yes; then
+        _LT_TAGVAR(archive_cmds, $1)='$CC $pic_flag -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname -o $lib'
+        _LT_TAGVAR(archive_expsym_cmds, $1)='$CC $pic_flag -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib'
+
+        _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir'
+        _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}--export-dynamic'
+
+        # If archive_cmds runs LD, not CC, wlarc should be empty
+        # XXX I think wlarc can be eliminated in ltcf-cxx, but I need to
+        #     investigate it a little bit more. (MM)
+        wlarc='${wl}'
+
+        # ancient GNU ld didn't support --whole-archive et. al.
+        if eval "`$CC -print-prog-name=ld` --help 2>&1" |
+	  $GREP 'no-whole-archive' > /dev/null; then
+          _LT_TAGVAR(whole_archive_flag_spec, $1)="$wlarc"'--whole-archive$convenience '"$wlarc"'--no-whole-archive'
+        else
+          _LT_TAGVAR(whole_archive_flag_spec, $1)=
+        fi
+      else
+        with_gnu_ld=no
+        wlarc=
+
+        # A generic and very simple default shared library creation
+        # command for GNU C++ for the case where it uses the native
+        # linker, instead of GNU ld.  If possible, this setting should
+        # overridden to take advantage of the native linker features on
+        # the platform it is being used on.
+        _LT_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -o $lib'
+      fi
+
+      # Commands to make compiler produce verbose output that lists
+      # what "hidden" libraries, object files and flags are used when
+      # linking a shared library.
+      output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP -v "^Configured with:" | $GREP "\-L"'
+
+    else
+      GXX=no
+      with_gnu_ld=no
+      wlarc=
+    fi
+
+    # PORTME: fill in a description of your system's C++ link characteristics
+    AC_MSG_CHECKING([whether the $compiler linker ($LD) supports shared libraries])
+    _LT_TAGVAR(ld_shlibs, $1)=yes
+    case $host_os in
+      aix3*)
+        # FIXME: insert proper C++ library support
+        _LT_TAGVAR(ld_shlibs, $1)=no
+        ;;
+      aix[[4-9]]*)
+        if test "$host_cpu" = ia64; then
+          # On IA64, the linker does run time linking by default, so we don't
+          # have to do anything special.
+          aix_use_runtimelinking=no
+          exp_sym_flag='-Bexport'
+          no_entry_flag=""
+        else
+          aix_use_runtimelinking=no
+
+          # Test if we are trying to use run time linking or normal
+          # AIX style linking. If -brtl is somewhere in LDFLAGS, we
+          # need to do runtime linking.
+          case $host_os in aix4.[[23]]|aix4.[[23]].*|aix[[5-9]]*)
+	    for ld_flag in $LDFLAGS; do
+	      case $ld_flag in
+	      *-brtl*)
+	        aix_use_runtimelinking=yes
+	        break
+	        ;;
+	      esac
+	    done
+	    ;;
+          esac
+
+          exp_sym_flag='-bexport'
+          no_entry_flag='-bnoentry'
+        fi
+
+        # When large executables or shared objects are built, AIX ld can
+        # have problems creating the table of contents.  If linking a library
+        # or program results in "error TOC overflow" add -mminimal-toc to
+        # CXXFLAGS/CFLAGS for g++/gcc.  In the cases where that is not
+        # enough to fix the problem, add -Wl,-bbigtoc to LDFLAGS.
+
+        _LT_TAGVAR(archive_cmds, $1)=''
+        _LT_TAGVAR(hardcode_direct, $1)=yes
+        _LT_TAGVAR(hardcode_direct_absolute, $1)=yes
+        _LT_TAGVAR(hardcode_libdir_separator, $1)=':'
+        _LT_TAGVAR(link_all_deplibs, $1)=yes
+        _LT_TAGVAR(file_list_spec, $1)='${wl}-f,'
+
+        if test "$GXX" = yes; then
+          case $host_os in aix4.[[012]]|aix4.[[012]].*)
+          # We only want to do this on AIX 4.2 and lower, the check
+          # below for broken collect2 doesn't work under 4.3+
+	  collect2name=`${CC} -print-prog-name=collect2`
+	  if test -f "$collect2name" &&
+	     strings "$collect2name" | $GREP resolve_lib_name >/dev/null
+	  then
+	    # We have reworked collect2
+	    :
+	  else
+	    # We have old collect2
+	    _LT_TAGVAR(hardcode_direct, $1)=unsupported
+	    # It fails to find uninstalled libraries when the uninstalled
+	    # path is not listed in the libpath.  Setting hardcode_minus_L
+	    # to unsupported forces relinking
+	    _LT_TAGVAR(hardcode_minus_L, $1)=yes
+	    _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir'
+	    _LT_TAGVAR(hardcode_libdir_separator, $1)=
+	  fi
+          esac
+          shared_flag='-shared'
+	  if test "$aix_use_runtimelinking" = yes; then
+	    shared_flag="$shared_flag "'${wl}-G'
+	  fi
+        else
+          # not using gcc
+          if test "$host_cpu" = ia64; then
+	  # VisualAge C++, Version 5.5 for AIX 5L for IA-64, Beta 3 Release
+	  # chokes on -Wl,-G. The following line is correct:
+	  shared_flag='-G'
+          else
+	    if test "$aix_use_runtimelinking" = yes; then
+	      shared_flag='${wl}-G'
+	    else
+	      shared_flag='${wl}-bM:SRE'
+	    fi
+          fi
+        fi
+
+        _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-bexpall'
+        # It seems that -bexpall does not export symbols beginning with
+        # underscore (_), so it is better to generate a list of symbols to
+	# export.
+        _LT_TAGVAR(always_export_symbols, $1)=yes
+        if test "$aix_use_runtimelinking" = yes; then
+          # Warning - without using the other runtime loading flags (-brtl),
+          # -berok will link without error, but may produce a broken library.
+          _LT_TAGVAR(allow_undefined_flag, $1)='-berok'
+          # Determine the default libpath from the value encoded in an empty
+          # executable.
+          _LT_SYS_MODULE_PATH_AIX([$1])
+          _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-blibpath:$libdir:'"$aix_libpath"
+
+          _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -o $output_objdir/$soname $libobjs $deplibs '"\${wl}$no_entry_flag"' $compiler_flags `if test "x${allow_undefined_flag}" != "x"; then func_echo_all "${wl}${allow_undefined_flag}"; else :; fi` '"\${wl}$exp_sym_flag:\$export_symbols $shared_flag"
+        else
+          if test "$host_cpu" = ia64; then
+	    _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-R $libdir:/usr/lib:/lib'
+	    _LT_TAGVAR(allow_undefined_flag, $1)="-z nodefs"
+	    _LT_TAGVAR(archive_expsym_cmds, $1)="\$CC $shared_flag"' -o $output_objdir/$soname $libobjs $deplibs '"\${wl}$no_entry_flag"' $compiler_flags ${wl}${allow_undefined_flag} '"\${wl}$exp_sym_flag:\$export_symbols"
+          else
+	    # Determine the default libpath from the value encoded in an
+	    # empty executable.
+	    _LT_SYS_MODULE_PATH_AIX([$1])
+	    _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-blibpath:$libdir:'"$aix_libpath"
+	    # Warning - without using the other run time loading flags,
+	    # -berok will link without error, but may produce a broken library.
+	    _LT_TAGVAR(no_undefined_flag, $1)=' ${wl}-bernotok'
+	    _LT_TAGVAR(allow_undefined_flag, $1)=' ${wl}-berok'
+	    if test "$with_gnu_ld" = yes; then
+	      # We only use this code for GNU lds that support --whole-archive.
+	      _LT_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive$convenience ${wl}--no-whole-archive'
+	    else
+	      # Exported symbols can be pulled into shared objects from archives
+	      _LT_TAGVAR(whole_archive_flag_spec, $1)='$convenience'
+	    fi
+	    _LT_TAGVAR(archive_cmds_need_lc, $1)=yes
+	    # This is similar to how AIX traditionally builds its shared
+	    # libraries.
+	    _LT_TAGVAR(archive_expsym_cmds, $1)="\$CC $shared_flag"' -o $output_objdir/$soname $libobjs $deplibs ${wl}-bnoentry $compiler_flags ${wl}-bE:$export_symbols${allow_undefined_flag}~$AR $AR_FLAGS $output_objdir/$libname$release.a $output_objdir/$soname'
+          fi
+        fi
+        ;;
+
+      beos*)
+	if $LD --help 2>&1 | $GREP ': supported targets:.* elf' > /dev/null; then
+	  _LT_TAGVAR(allow_undefined_flag, $1)=unsupported
+	  # Joseph Beckenbach  says some releases of gcc
+	  # support --undefined.  This deserves some investigation.  FIXME
+	  _LT_TAGVAR(archive_cmds, $1)='$CC -nostart $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
+	else
+	  _LT_TAGVAR(ld_shlibs, $1)=no
+	fi
+	;;
+
+      chorus*)
+        case $cc_basename in
+          *)
+	  # FIXME: insert proper C++ library support
+	  _LT_TAGVAR(ld_shlibs, $1)=no
+	  ;;
+        esac
+        ;;
+
+      cygwin* | mingw* | pw32* | cegcc*)
+	case $GXX,$cc_basename in
+	,cl* | no,cl*)
+	  # Native MSVC
+	  # hardcode_libdir_flag_spec is actually meaningless, as there is
+	  # no search path for DLLs.
+	  _LT_TAGVAR(hardcode_libdir_flag_spec, $1)=' '
+	  _LT_TAGVAR(allow_undefined_flag, $1)=unsupported
+	  _LT_TAGVAR(always_export_symbols, $1)=yes
+	  _LT_TAGVAR(file_list_spec, $1)='@'
+	  # Tell ltmain to make .lib files, not .a files.
+	  libext=lib
+	  # Tell ltmain to make .dll files, not .so files.
+	  shrext_cmds=".dll"
+	  # FIXME: Setting linknames here is a bad hack.
+	  _LT_TAGVAR(archive_cmds, $1)='$CC -o $output_objdir/$soname $libobjs $compiler_flags $deplibs -Wl,-dll~linknames='
+	  _LT_TAGVAR(archive_expsym_cmds, $1)='if test "x`$SED 1q $export_symbols`" = xEXPORTS; then
+	      $SED -n -e 's/\\\\\\\(.*\\\\\\\)/-link\\\ -EXPORT:\\\\\\\1/' -e '1\\\!p' < $export_symbols > $output_objdir/$soname.exp;
+	    else
+	      $SED -e 's/\\\\\\\(.*\\\\\\\)/-link\\\ -EXPORT:\\\\\\\1/' < $export_symbols > $output_objdir/$soname.exp;
+	    fi~
+	    $CC -o $tool_output_objdir$soname $libobjs $compiler_flags $deplibs "@$tool_output_objdir$soname.exp" -Wl,-DLL,-IMPLIB:"$tool_output_objdir$libname.dll.lib"~
+	    linknames='
+	  # The linker will not automatically build a static lib if we build a DLL.
+	  # _LT_TAGVAR(old_archive_from_new_cmds, $1)='true'
+	  _LT_TAGVAR(enable_shared_with_static_runtimes, $1)=yes
+	  # Don't use ranlib
+	  _LT_TAGVAR(old_postinstall_cmds, $1)='chmod 644 $oldlib'
+	  _LT_TAGVAR(postlink_cmds, $1)='lt_outputfile="@OUTPUT@"~
+	    lt_tool_outputfile="@TOOL_OUTPUT@"~
+	    case $lt_outputfile in
+	      *.exe|*.EXE) ;;
+	      *)
+		lt_outputfile="$lt_outputfile.exe"
+		lt_tool_outputfile="$lt_tool_outputfile.exe"
+		;;
+	    esac~
+	    func_to_tool_file "$lt_outputfile"~
+	    if test "$MANIFEST_TOOL" != ":" && test -f "$lt_outputfile.manifest"; then
+	      $MANIFEST_TOOL -manifest "$lt_tool_outputfile.manifest" -outputresource:"$lt_tool_outputfile" || exit 1;
+	      $RM "$lt_outputfile.manifest";
+	    fi'
+	  ;;
+	*)
+	  # g++
+	  # _LT_TAGVAR(hardcode_libdir_flag_spec, $1) is actually meaningless,
+	  # as there is no search path for DLLs.
+	  _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir'
+	  _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}--export-all-symbols'
+	  _LT_TAGVAR(allow_undefined_flag, $1)=unsupported
+	  _LT_TAGVAR(always_export_symbols, $1)=no
+	  _LT_TAGVAR(enable_shared_with_static_runtimes, $1)=yes
+
+	  if $LD --help 2>&1 | $GREP 'auto-import' > /dev/null; then
+	    _LT_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -o $output_objdir/$soname ${wl}--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib'
+	    # If the export-symbols file already is a .def file (1st line
+	    # is EXPORTS), use it as is; otherwise, prepend...
+	    _LT_TAGVAR(archive_expsym_cmds, $1)='if test "x`$SED 1q $export_symbols`" = xEXPORTS; then
+	      cp $export_symbols $output_objdir/$soname.def;
+	    else
+	      echo EXPORTS > $output_objdir/$soname.def;
+	      cat $export_symbols >> $output_objdir/$soname.def;
+	    fi~
+	    $CC -shared -nostdlib $output_objdir/$soname.def $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -o $output_objdir/$soname ${wl}--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib'
+	  else
+	    _LT_TAGVAR(ld_shlibs, $1)=no
+	  fi
+	  ;;
+	esac
+	;;
+      darwin* | rhapsody*)
+        _LT_DARWIN_LINKER_FEATURES($1)
+	;;
+
+      dgux*)
+        case $cc_basename in
+          ec++*)
+	    # FIXME: insert proper C++ library support
+	    _LT_TAGVAR(ld_shlibs, $1)=no
+	    ;;
+          ghcx*)
+	    # Green Hills C++ Compiler
+	    # FIXME: insert proper C++ library support
+	    _LT_TAGVAR(ld_shlibs, $1)=no
+	    ;;
+          *)
+	    # FIXME: insert proper C++ library support
+	    _LT_TAGVAR(ld_shlibs, $1)=no
+	    ;;
+        esac
+        ;;
+
+      freebsd2.*)
+        # C++ shared libraries reported to be fairly broken before
+	# switch to ELF
+        _LT_TAGVAR(ld_shlibs, $1)=no
+        ;;
+
+      freebsd-elf*)
+        _LT_TAGVAR(archive_cmds_need_lc, $1)=no
+        ;;
+
+      freebsd* | dragonfly*)
+        # FreeBSD 3 and later use GNU C++ and GNU ld with standard ELF
+        # conventions
+        _LT_TAGVAR(ld_shlibs, $1)=yes
+        ;;
+
+      gnu*)
+        ;;
+
+      haiku*)
+        _LT_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
+        _LT_TAGVAR(link_all_deplibs, $1)=yes
+        ;;
+
+      hpux9*)
+        _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}+b ${wl}$libdir'
+        _LT_TAGVAR(hardcode_libdir_separator, $1)=:
+        _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-E'
+        _LT_TAGVAR(hardcode_direct, $1)=yes
+        _LT_TAGVAR(hardcode_minus_L, $1)=yes # Not in the search PATH,
+				             # but as the default
+				             # location of the library.
+
+        case $cc_basename in
+          CC*)
+            # FIXME: insert proper C++ library support
+            _LT_TAGVAR(ld_shlibs, $1)=no
+            ;;
+          aCC*)
+            _LT_TAGVAR(archive_cmds, $1)='$RM $output_objdir/$soname~$CC -b ${wl}+b ${wl}$install_libdir -o $output_objdir/$soname $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags~test $output_objdir/$soname = $lib || mv $output_objdir/$soname $lib'
+            # Commands to make compiler produce verbose output that lists
+            # what "hidden" libraries, object files and flags are used when
+            # linking a shared library.
+            #
+            # There doesn't appear to be a way to prevent this compiler from
+            # explicitly linking system object files so we need to strip them
+            # from the output so that they don't get included in the library
+            # dependencies.
+            output_verbose_link_cmd='templist=`($CC -b $CFLAGS -v conftest.$objext 2>&1) | $EGREP "\-L"`; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; func_echo_all "$list"'
+            ;;
+          *)
+            if test "$GXX" = yes; then
+              _LT_TAGVAR(archive_cmds, $1)='$RM $output_objdir/$soname~$CC -shared -nostdlib $pic_flag ${wl}+b ${wl}$install_libdir -o $output_objdir/$soname $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags~test $output_objdir/$soname = $lib || mv $output_objdir/$soname $lib'
+            else
+              # FIXME: insert proper C++ library support
+              _LT_TAGVAR(ld_shlibs, $1)=no
+            fi
+            ;;
+        esac
+        ;;
+
+      hpux10*|hpux11*)
+        if test $with_gnu_ld = no; then
+	  _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}+b ${wl}$libdir'
+	  _LT_TAGVAR(hardcode_libdir_separator, $1)=:
+
+          case $host_cpu in
+            hppa*64*|ia64*)
+              ;;
+            *)
+	      _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-E'
+              ;;
+          esac
+        fi
+        case $host_cpu in
+          hppa*64*|ia64*)
+            _LT_TAGVAR(hardcode_direct, $1)=no
+            _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
+            ;;
+          *)
+            _LT_TAGVAR(hardcode_direct, $1)=yes
+            _LT_TAGVAR(hardcode_direct_absolute, $1)=yes
+            _LT_TAGVAR(hardcode_minus_L, $1)=yes # Not in the search PATH,
+					         # but as the default
+					         # location of the library.
+            ;;
+        esac
+
+        case $cc_basename in
+          CC*)
+	    # FIXME: insert proper C++ library support
+	    _LT_TAGVAR(ld_shlibs, $1)=no
+	    ;;
+          aCC*)
+	    case $host_cpu in
+	      hppa*64*)
+	        _LT_TAGVAR(archive_cmds, $1)='$CC -b ${wl}+h ${wl}$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags'
+	        ;;
+	      ia64*)
+	        _LT_TAGVAR(archive_cmds, $1)='$CC -b ${wl}+h ${wl}$soname ${wl}+nodefaultrpath -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags'
+	        ;;
+	      *)
+	        _LT_TAGVAR(archive_cmds, $1)='$CC -b ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags'
+	        ;;
+	    esac
+	    # Commands to make compiler produce verbose output that lists
+	    # what "hidden" libraries, object files and flags are used when
+	    # linking a shared library.
+	    #
+	    # There doesn't appear to be a way to prevent this compiler from
+	    # explicitly linking system object files so we need to strip them
+	    # from the output so that they don't get included in the library
+	    # dependencies.
+	    output_verbose_link_cmd='templist=`($CC -b $CFLAGS -v conftest.$objext 2>&1) | $GREP "\-L"`; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; func_echo_all "$list"'
+	    ;;
+          *)
+	    if test "$GXX" = yes; then
+	      if test $with_gnu_ld = no; then
+	        case $host_cpu in
+	          hppa*64*)
+	            _LT_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib -fPIC ${wl}+h ${wl}$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags'
+	            ;;
+	          ia64*)
+	            _LT_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib $pic_flag ${wl}+h ${wl}$soname ${wl}+nodefaultrpath -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags'
+	            ;;
+	          *)
+	            _LT_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib $pic_flag ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags'
+	            ;;
+	        esac
+	      fi
+	    else
+	      # FIXME: insert proper C++ library support
+	      _LT_TAGVAR(ld_shlibs, $1)=no
+	    fi
+	    ;;
+        esac
+        ;;
+
+      interix[[3-9]]*)
+	_LT_TAGVAR(hardcode_direct, $1)=no
+	_LT_TAGVAR(hardcode_shlibpath_var, $1)=no
+	_LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath,$libdir'
+	_LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-E'
+	# Hack: On Interix 3.x, we cannot compile PIC because of a broken gcc.
+	# Instead, shared libraries are loaded at an image base (0x10000000 by
+	# default) and relocated if they conflict, which is a slow very memory
+	# consuming and fragmenting process.  To avoid this, we pick a random,
+	# 256 KiB-aligned image base between 0x50000000 and 0x6FFC0000 at link
+	# time.  Moving up from 0x10000000 also allows more sbrk(2) space.
+	_LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-h,$soname ${wl}--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib'
+	_LT_TAGVAR(archive_expsym_cmds, $1)='sed "s,^,_," $export_symbols >$output_objdir/$soname.expsym~$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-h,$soname ${wl}--retain-symbols-file,$output_objdir/$soname.expsym ${wl}--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib'
+	;;
+      irix5* | irix6*)
+        case $cc_basename in
+          CC*)
+	    # SGI C++
+	    _LT_TAGVAR(archive_cmds, $1)='$CC -shared -all -multigot $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -soname $soname `test -n "$verstring" && func_echo_all "-set_version $verstring"` -update_registry ${output_objdir}/so_locations -o $lib'
+
+	    # Archives containing C++ object files must be created using
+	    # "CC -ar", where "CC" is the IRIX C++ compiler.  This is
+	    # necessary to make sure instantiated templates are included
+	    # in the archive.
+	    _LT_TAGVAR(old_archive_cmds, $1)='$CC -ar -WR,-u -o $oldlib $oldobjs'
+	    ;;
+          *)
+	    if test "$GXX" = yes; then
+	      if test "$with_gnu_ld" = no; then
+	        _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib'
+	      else
+	        _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` -o $lib'
+	      fi
+	    fi
+	    _LT_TAGVAR(link_all_deplibs, $1)=yes
+	    ;;
+        esac
+        _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir'
+        _LT_TAGVAR(hardcode_libdir_separator, $1)=:
+        _LT_TAGVAR(inherit_rpath, $1)=yes
+        ;;
+
+      linux* | k*bsd*-gnu | kopensolaris*-gnu)
+        case $cc_basename in
+          KCC*)
+	    # Kuck and Associates, Inc. (KAI) C++ Compiler
+
+	    # KCC will only create a shared library if the output file
+	    # ends with ".so" (or ".sl" for HP-UX), so rename the library
+	    # to its proper name (with version) after linking.
+	    _LT_TAGVAR(archive_cmds, $1)='tempext=`echo $shared_ext | $SED -e '\''s/\([[^()0-9A-Za-z{}]]\)/\\\\\1/g'\''`; templib=`echo $lib | $SED -e "s/\${tempext}\..*/.so/"`; $CC $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags --soname $soname -o \$templib; mv \$templib $lib'
+	    _LT_TAGVAR(archive_expsym_cmds, $1)='tempext=`echo $shared_ext | $SED -e '\''s/\([[^()0-9A-Za-z{}]]\)/\\\\\1/g'\''`; templib=`echo $lib | $SED -e "s/\${tempext}\..*/.so/"`; $CC $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags --soname $soname -o \$templib ${wl}-retain-symbols-file,$export_symbols; mv \$templib $lib'
+	    # Commands to make compiler produce verbose output that lists
+	    # what "hidden" libraries, object files and flags are used when
+	    # linking a shared library.
+	    #
+	    # There doesn't appear to be a way to prevent this compiler from
+	    # explicitly linking system object files so we need to strip them
+	    # from the output so that they don't get included in the library
+	    # dependencies.
+	    output_verbose_link_cmd='templist=`$CC $CFLAGS -v conftest.$objext -o libconftest$shared_ext 2>&1 | $GREP "ld"`; rm -f libconftest$shared_ext; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; func_echo_all "$list"'
+
+	    _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath,$libdir'
+	    _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}--export-dynamic'
+
+	    # Archives containing C++ object files must be created using
+	    # "CC -Bstatic", where "CC" is the KAI C++ compiler.
+	    _LT_TAGVAR(old_archive_cmds, $1)='$CC -Bstatic -o $oldlib $oldobjs'
+	    ;;
+	  icpc* | ecpc* )
+	    # Intel C++
+	    with_gnu_ld=yes
+	    # version 8.0 and above of icpc choke on multiply defined symbols
+	    # if we add $predep_objects and $postdep_objects, however 7.1 and
+	    # earlier do not add the objects themselves.
+	    case `$CC -V 2>&1` in
+	      *"Version 7."*)
+	        _LT_TAGVAR(archive_cmds, $1)='$CC -shared $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname -o $lib'
+		_LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib'
+		;;
+	      *)  # Version 8.0 or newer
+	        tmp_idyn=
+	        case $host_cpu in
+		  ia64*) tmp_idyn=' -i_dynamic';;
+		esac
+	        _LT_TAGVAR(archive_cmds, $1)='$CC -shared'"$tmp_idyn"' $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
+		_LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared'"$tmp_idyn"' $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib'
+		;;
+	    esac
+	    _LT_TAGVAR(archive_cmds_need_lc, $1)=no
+	    _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath,$libdir'
+	    _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}--export-dynamic'
+	    _LT_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive$convenience ${wl}--no-whole-archive'
+	    ;;
+          pgCC* | pgcpp*)
+            # Portland Group C++ compiler
+	    case `$CC -V` in
+	    *pgCC\ [[1-5]].* | *pgcpp\ [[1-5]].*)
+	      _LT_TAGVAR(prelink_cmds, $1)='tpldir=Template.dir~
+		rm -rf $tpldir~
+		$CC --prelink_objects --instantiation_dir $tpldir $objs $libobjs $compile_deplibs~
+		compile_command="$compile_command `find $tpldir -name \*.o | sort | $NL2SP`"'
+	      _LT_TAGVAR(old_archive_cmds, $1)='tpldir=Template.dir~
+		rm -rf $tpldir~
+		$CC --prelink_objects --instantiation_dir $tpldir $oldobjs$old_deplibs~
+		$AR $AR_FLAGS $oldlib$oldobjs$old_deplibs `find $tpldir -name \*.o | sort | $NL2SP`~
+		$RANLIB $oldlib'
+	      _LT_TAGVAR(archive_cmds, $1)='tpldir=Template.dir~
+		rm -rf $tpldir~
+		$CC --prelink_objects --instantiation_dir $tpldir $predep_objects $libobjs $deplibs $convenience $postdep_objects~
+		$CC -shared $pic_flag $predep_objects $libobjs $deplibs `find $tpldir -name \*.o | sort | $NL2SP` $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname -o $lib'
+	      _LT_TAGVAR(archive_expsym_cmds, $1)='tpldir=Template.dir~
+		rm -rf $tpldir~
+		$CC --prelink_objects --instantiation_dir $tpldir $predep_objects $libobjs $deplibs $convenience $postdep_objects~
+		$CC -shared $pic_flag $predep_objects $libobjs $deplibs `find $tpldir -name \*.o | sort | $NL2SP` $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname ${wl}-retain-symbols-file ${wl}$export_symbols -o $lib'
+	      ;;
+	    *) # Version 6 and above use weak symbols
+	      _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname -o $lib'
+	      _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $pic_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname ${wl}-retain-symbols-file ${wl}$export_symbols -o $lib'
+	      ;;
+	    esac
+
+	    _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}--rpath ${wl}$libdir'
+	    _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}--export-dynamic'
+	    _LT_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive`for conv in $convenience\"\"; do test  -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; func_echo_all \"$new_convenience\"` ${wl}--no-whole-archive'
+            ;;
+	  cxx*)
+	    # Compaq C++
+	    _LT_TAGVAR(archive_cmds, $1)='$CC -shared $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname -o $lib'
+	    _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname  -o $lib ${wl}-retain-symbols-file $wl$export_symbols'
+
+	    runpath_var=LD_RUN_PATH
+	    _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-rpath $libdir'
+	    _LT_TAGVAR(hardcode_libdir_separator, $1)=:
+
+	    # Commands to make compiler produce verbose output that lists
+	    # what "hidden" libraries, object files and flags are used when
+	    # linking a shared library.
+	    #
+	    # There doesn't appear to be a way to prevent this compiler from
+	    # explicitly linking system object files so we need to strip them
+	    # from the output so that they don't get included in the library
+	    # dependencies.
+	    output_verbose_link_cmd='templist=`$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP "ld"`; templist=`func_echo_all "$templist" | $SED "s/\(^.*ld.*\)\( .*ld .*$\)/\1/"`; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; func_echo_all "X$list" | $Xsed'
+	    ;;
+	  xl* | mpixl* | bgxl*)
+	    # IBM XL 8.0 on PPC, with GNU ld
+	    _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir'
+	    _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}--export-dynamic'
+	    _LT_TAGVAR(archive_cmds, $1)='$CC -qmkshrobj $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
+	    if test "x$supports_anon_versioning" = xyes; then
+	      _LT_TAGVAR(archive_expsym_cmds, $1)='echo "{ global:" > $output_objdir/$libname.ver~
+		cat $export_symbols | sed -e "s/\(.*\)/\1;/" >> $output_objdir/$libname.ver~
+		echo "local: *; };" >> $output_objdir/$libname.ver~
+		$CC -qmkshrobj $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-version-script ${wl}$output_objdir/$libname.ver -o $lib'
+	    fi
+	    ;;
+	  *)
+	    case `$CC -V 2>&1 | sed 5q` in
+	    *Sun\ C*)
+	      # Sun C++ 5.9
+	      _LT_TAGVAR(no_undefined_flag, $1)=' -zdefs'
+	      _LT_TAGVAR(archive_cmds, $1)='$CC -G${allow_undefined_flag} -h$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags'
+	      _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -G${allow_undefined_flag} -h$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-retain-symbols-file ${wl}$export_symbols'
+	      _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir'
+	      _LT_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive`new_convenience=; for conv in $convenience\"\"; do test -z \"$conv\" || new_convenience=\"$new_convenience,$conv\"; done; func_echo_all \"$new_convenience\"` ${wl}--no-whole-archive'
+	      _LT_TAGVAR(compiler_needs_object, $1)=yes
+
+	      # Not sure whether something based on
+	      # $CC $CFLAGS -v conftest.$objext -o libconftest$shared_ext 2>&1
+	      # would be better.
+	      output_verbose_link_cmd='func_echo_all'
+
+	      # Archives containing C++ object files must be created using
+	      # "CC -xar", where "CC" is the Sun C++ compiler.  This is
+	      # necessary to make sure instantiated templates are included
+	      # in the archive.
+	      _LT_TAGVAR(old_archive_cmds, $1)='$CC -xar -o $oldlib $oldobjs'
+	      ;;
+	    esac
+	    ;;
+	esac
+	;;
+
+      lynxos*)
+        # FIXME: insert proper C++ library support
+	_LT_TAGVAR(ld_shlibs, $1)=no
+	;;
+
+      m88k*)
+        # FIXME: insert proper C++ library support
+        _LT_TAGVAR(ld_shlibs, $1)=no
+	;;
+
+      mvs*)
+        case $cc_basename in
+          cxx*)
+	    # FIXME: insert proper C++ library support
+	    _LT_TAGVAR(ld_shlibs, $1)=no
+	    ;;
+	  *)
+	    # FIXME: insert proper C++ library support
+	    _LT_TAGVAR(ld_shlibs, $1)=no
+	    ;;
+	esac
+	;;
+
+      netbsd*)
+        if echo __ELF__ | $CC -E - | $GREP __ELF__ >/dev/null; then
+	  _LT_TAGVAR(archive_cmds, $1)='$LD -Bshareable  -o $lib $predep_objects $libobjs $deplibs $postdep_objects $linker_flags'
+	  wlarc=
+	  _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir'
+	  _LT_TAGVAR(hardcode_direct, $1)=yes
+	  _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
+	fi
+	# Workaround some broken pre-1.5 toolchains
+	output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP conftest.$objext | $SED -e "s:-lgcc -lc -lgcc::"'
+	;;
+
+      *nto* | *qnx*)
+        _LT_TAGVAR(ld_shlibs, $1)=yes
+	;;
+
+      openbsd2*)
+        # C++ shared libraries are fairly broken
+	_LT_TAGVAR(ld_shlibs, $1)=no
+	;;
+
+      openbsd*)
+	if test -f /usr/libexec/ld.so; then
+	  _LT_TAGVAR(hardcode_direct, $1)=yes
+	  _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
+	  _LT_TAGVAR(hardcode_direct_absolute, $1)=yes
+	  _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -o $lib'
+	  _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath,$libdir'
+	  if test -z "`echo __ELF__ | $CC -E - | grep __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then
+	    _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $pic_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-retain-symbols-file,$export_symbols -o $lib'
+	    _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-E'
+	    _LT_TAGVAR(whole_archive_flag_spec, $1)="$wlarc"'--whole-archive$convenience '"$wlarc"'--no-whole-archive'
+	  fi
+	  output_verbose_link_cmd=func_echo_all
+	else
+	  _LT_TAGVAR(ld_shlibs, $1)=no
+	fi
+	;;
+
+      osf3* | osf4* | osf5*)
+        case $cc_basename in
+          KCC*)
+	    # Kuck and Associates, Inc. (KAI) C++ Compiler
+
+	    # KCC will only create a shared library if the output file
+	    # ends with ".so" (or ".sl" for HP-UX), so rename the library
+	    # to its proper name (with version) after linking.
+	    _LT_TAGVAR(archive_cmds, $1)='tempext=`echo $shared_ext | $SED -e '\''s/\([[^()0-9A-Za-z{}]]\)/\\\\\1/g'\''`; templib=`echo "$lib" | $SED -e "s/\${tempext}\..*/.so/"`; $CC $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags --soname $soname -o \$templib; mv \$templib $lib'
+
+	    _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath,$libdir'
+	    _LT_TAGVAR(hardcode_libdir_separator, $1)=:
+
+	    # Archives containing C++ object files must be created using
+	    # the KAI C++ compiler.
+	    case $host in
+	      osf3*) _LT_TAGVAR(old_archive_cmds, $1)='$CC -Bstatic -o $oldlib $oldobjs' ;;
+	      *) _LT_TAGVAR(old_archive_cmds, $1)='$CC -o $oldlib $oldobjs' ;;
+	    esac
+	    ;;
+          RCC*)
+	    # Rational C++ 2.4.1
+	    # FIXME: insert proper C++ library support
+	    _LT_TAGVAR(ld_shlibs, $1)=no
+	    ;;
+          cxx*)
+	    case $host in
+	      osf3*)
+	        _LT_TAGVAR(allow_undefined_flag, $1)=' ${wl}-expect_unresolved ${wl}\*'
+	        _LT_TAGVAR(archive_cmds, $1)='$CC -shared${allow_undefined_flag} $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $soname `test -n "$verstring" && func_echo_all "${wl}-set_version $verstring"` -update_registry ${output_objdir}/so_locations -o $lib'
+	        _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir'
+		;;
+	      *)
+	        _LT_TAGVAR(allow_undefined_flag, $1)=' -expect_unresolved \*'
+	        _LT_TAGVAR(archive_cmds, $1)='$CC -shared${allow_undefined_flag} $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -msym -soname $soname `test -n "$verstring" && func_echo_all "-set_version $verstring"` -update_registry ${output_objdir}/so_locations -o $lib'
+	        _LT_TAGVAR(archive_expsym_cmds, $1)='for i in `cat $export_symbols`; do printf "%s %s\\n" -exported_symbol "\$i" >> $lib.exp; done~
+	          echo "-hidden">> $lib.exp~
+	          $CC -shared$allow_undefined_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -msym -soname $soname ${wl}-input ${wl}$lib.exp  `test -n "$verstring" && $ECHO "-set_version $verstring"` -update_registry ${output_objdir}/so_locations -o $lib~
+	          $RM $lib.exp'
+	        _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-rpath $libdir'
+		;;
+	    esac
+
+	    _LT_TAGVAR(hardcode_libdir_separator, $1)=:
+
+	    # Commands to make compiler produce verbose output that lists
+	    # what "hidden" libraries, object files and flags are used when
+	    # linking a shared library.
+	    #
+	    # There doesn't appear to be a way to prevent this compiler from
+	    # explicitly linking system object files so we need to strip them
+	    # from the output so that they don't get included in the library
+	    # dependencies.
+	    output_verbose_link_cmd='templist=`$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP "ld" | $GREP -v "ld:"`; templist=`func_echo_all "$templist" | $SED "s/\(^.*ld.*\)\( .*ld.*$\)/\1/"`; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; func_echo_all "$list"'
+	    ;;
+	  *)
+	    if test "$GXX" = yes && test "$with_gnu_ld" = no; then
+	      _LT_TAGVAR(allow_undefined_flag, $1)=' ${wl}-expect_unresolved ${wl}\*'
+	      case $host in
+	        osf3*)
+	          _LT_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib ${allow_undefined_flag} $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib'
+		  ;;
+	        *)
+	          _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag -nostdlib ${allow_undefined_flag} $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-msym ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib'
+		  ;;
+	      esac
+
+	      _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir'
+	      _LT_TAGVAR(hardcode_libdir_separator, $1)=:
+
+	      # Commands to make compiler produce verbose output that lists
+	      # what "hidden" libraries, object files and flags are used when
+	      # linking a shared library.
+	      output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP -v "^Configured with:" | $GREP "\-L"'
+
+	    else
+	      # FIXME: insert proper C++ library support
+	      _LT_TAGVAR(ld_shlibs, $1)=no
+	    fi
+	    ;;
+        esac
+        ;;
+
+      psos*)
+        # FIXME: insert proper C++ library support
+        _LT_TAGVAR(ld_shlibs, $1)=no
+        ;;
+
+      sunos4*)
+        case $cc_basename in
+          CC*)
+	    # Sun C++ 4.x
+	    # FIXME: insert proper C++ library support
+	    _LT_TAGVAR(ld_shlibs, $1)=no
+	    ;;
+          lcc*)
+	    # Lucid
+	    # FIXME: insert proper C++ library support
+	    _LT_TAGVAR(ld_shlibs, $1)=no
+	    ;;
+          *)
+	    # FIXME: insert proper C++ library support
+	    _LT_TAGVAR(ld_shlibs, $1)=no
+	    ;;
+        esac
+        ;;
+
+      solaris*)
+        case $cc_basename in
+          CC* | sunCC*)
+	    # Sun C++ 4.2, 5.x and Centerline C++
+            _LT_TAGVAR(archive_cmds_need_lc,$1)=yes
+	    _LT_TAGVAR(no_undefined_flag, $1)=' -zdefs'
+	    _LT_TAGVAR(archive_cmds, $1)='$CC -G${allow_undefined_flag}  -h$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags'
+	    _LT_TAGVAR(archive_expsym_cmds, $1)='echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~echo "local: *; };" >> $lib.exp~
+	      $CC -G${allow_undefined_flag} ${wl}-M ${wl}$lib.exp -h$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags~$RM $lib.exp'
+
+	    _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir'
+	    _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
+	    case $host_os in
+	      solaris2.[[0-5]] | solaris2.[[0-5]].*) ;;
+	      *)
+		# The compiler driver will combine and reorder linker options,
+		# but understands `-z linker_flag'.
+	        # Supported since Solaris 2.6 (maybe 2.5.1?)
+		_LT_TAGVAR(whole_archive_flag_spec, $1)='-z allextract$convenience -z defaultextract'
+	        ;;
+	    esac
+	    _LT_TAGVAR(link_all_deplibs, $1)=yes
+
+	    output_verbose_link_cmd='func_echo_all'
+
+	    # Archives containing C++ object files must be created using
+	    # "CC -xar", where "CC" is the Sun C++ compiler.  This is
+	    # necessary to make sure instantiated templates are included
+	    # in the archive.
+	    _LT_TAGVAR(old_archive_cmds, $1)='$CC -xar -o $oldlib $oldobjs'
+	    ;;
+          gcx*)
+	    # Green Hills C++ Compiler
+	    _LT_TAGVAR(archive_cmds, $1)='$CC -shared $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-h $wl$soname -o $lib'
+
+	    # The C++ compiler must be used to create the archive.
+	    _LT_TAGVAR(old_archive_cmds, $1)='$CC $LDFLAGS -archive -o $oldlib $oldobjs'
+	    ;;
+          *)
+	    # GNU C++ compiler with Solaris linker
+	    if test "$GXX" = yes && test "$with_gnu_ld" = no; then
+	      _LT_TAGVAR(no_undefined_flag, $1)=' ${wl}-z ${wl}defs'
+	      if $CC --version | $GREP -v '^2\.7' > /dev/null; then
+	        _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag -nostdlib $LDFLAGS $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-h $wl$soname -o $lib'
+	        _LT_TAGVAR(archive_expsym_cmds, $1)='echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~echo "local: *; };" >> $lib.exp~
+		  $CC -shared $pic_flag -nostdlib ${wl}-M $wl$lib.exp -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags~$RM $lib.exp'
+
+	        # Commands to make compiler produce verbose output that lists
+	        # what "hidden" libraries, object files and flags are used when
+	        # linking a shared library.
+	        output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP -v "^Configured with:" | $GREP "\-L"'
+	      else
+	        # g++ 2.7 appears to require `-G' NOT `-shared' on this
+	        # platform.
+	        _LT_TAGVAR(archive_cmds, $1)='$CC -G -nostdlib $LDFLAGS $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-h $wl$soname -o $lib'
+	        _LT_TAGVAR(archive_expsym_cmds, $1)='echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~echo "local: *; };" >> $lib.exp~
+		  $CC -G -nostdlib ${wl}-M $wl$lib.exp -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags~$RM $lib.exp'
+
+	        # Commands to make compiler produce verbose output that lists
+	        # what "hidden" libraries, object files and flags are used when
+	        # linking a shared library.
+	        output_verbose_link_cmd='$CC -G $CFLAGS -v conftest.$objext 2>&1 | $GREP -v "^Configured with:" | $GREP "\-L"'
+	      fi
+
+	      _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-R $wl$libdir'
+	      case $host_os in
+		solaris2.[[0-5]] | solaris2.[[0-5]].*) ;;
+		*)
+		  _LT_TAGVAR(whole_archive_flag_spec, $1)='${wl}-z ${wl}allextract$convenience ${wl}-z ${wl}defaultextract'
+		  ;;
+	      esac
+	    fi
+	    ;;
+        esac
+        ;;
+
+    sysv4*uw2* | sysv5OpenUNIX* | sysv5UnixWare7.[[01]].[[10]]* | unixware7* | sco3.2v5.0.[[024]]*)
+      _LT_TAGVAR(no_undefined_flag, $1)='${wl}-z,text'
+      _LT_TAGVAR(archive_cmds_need_lc, $1)=no
+      _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
+      runpath_var='LD_RUN_PATH'
+
+      case $cc_basename in
+        CC*)
+	  _LT_TAGVAR(archive_cmds, $1)='$CC -G ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+	  _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -G ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+	  ;;
+	*)
+	  _LT_TAGVAR(archive_cmds, $1)='$CC -shared ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+	  _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+	  ;;
+      esac
+      ;;
+
+      sysv5* | sco3.2v5* | sco5v6*)
+	# Note: We can NOT use -z defs as we might desire, because we do not
+	# link with -lc, and that would cause any symbols used from libc to
+	# always be unresolved, which means just about no library would
+	# ever link correctly.  If we're not using GNU ld we use -z text
+	# though, which does catch some bad symbols but isn't as heavy-handed
+	# as -z defs.
+	_LT_TAGVAR(no_undefined_flag, $1)='${wl}-z,text'
+	_LT_TAGVAR(allow_undefined_flag, $1)='${wl}-z,nodefs'
+	_LT_TAGVAR(archive_cmds_need_lc, $1)=no
+	_LT_TAGVAR(hardcode_shlibpath_var, $1)=no
+	_LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-R,$libdir'
+	_LT_TAGVAR(hardcode_libdir_separator, $1)=':'
+	_LT_TAGVAR(link_all_deplibs, $1)=yes
+	_LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-Bexport'
+	runpath_var='LD_RUN_PATH'
+
+	case $cc_basename in
+          CC*)
+	    _LT_TAGVAR(archive_cmds, $1)='$CC -G ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+	    _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -G ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+	    _LT_TAGVAR(old_archive_cmds, $1)='$CC -Tprelink_objects $oldobjs~
+	      '"$_LT_TAGVAR(old_archive_cmds, $1)"
+	    _LT_TAGVAR(reload_cmds, $1)='$CC -Tprelink_objects $reload_objs~
+	      '"$_LT_TAGVAR(reload_cmds, $1)"
+	    ;;
+	  *)
+	    _LT_TAGVAR(archive_cmds, $1)='$CC -shared ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+	    _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+	    ;;
+	esac
+      ;;
+
+      tandem*)
+        case $cc_basename in
+          NCC*)
+	    # NonStop-UX NCC 3.20
+	    # FIXME: insert proper C++ library support
+	    _LT_TAGVAR(ld_shlibs, $1)=no
+	    ;;
+          *)
+	    # FIXME: insert proper C++ library support
+	    _LT_TAGVAR(ld_shlibs, $1)=no
+	    ;;
+        esac
+        ;;
+
+      vxworks*)
+        # FIXME: insert proper C++ library support
+        _LT_TAGVAR(ld_shlibs, $1)=no
+        ;;
+
+      *)
+        # FIXME: insert proper C++ library support
+        _LT_TAGVAR(ld_shlibs, $1)=no
+        ;;
+    esac
+
+    AC_MSG_RESULT([$_LT_TAGVAR(ld_shlibs, $1)])
+    test "$_LT_TAGVAR(ld_shlibs, $1)" = no && can_build_shared=no
+
+    _LT_TAGVAR(GCC, $1)="$GXX"
+    _LT_TAGVAR(LD, $1)="$LD"
+
+    ## CAVEAT EMPTOR:
+    ## There is no encapsulation within the following macros, do not change
+    ## the running order or otherwise move them around unless you know exactly
+    ## what you are doing...
+    _LT_SYS_HIDDEN_LIBDEPS($1)
+    _LT_COMPILER_PIC($1)
+    _LT_COMPILER_C_O($1)
+    _LT_COMPILER_FILE_LOCKS($1)
+    _LT_LINKER_SHLIBS($1)
+    _LT_SYS_DYNAMIC_LINKER($1)
+    _LT_LINKER_HARDCODE_LIBPATH($1)
+
+    _LT_CONFIG($1)
+  fi # test -n "$compiler"
+
+  CC=$lt_save_CC
+  CFLAGS=$lt_save_CFLAGS
+  LDCXX=$LD
+  LD=$lt_save_LD
+  GCC=$lt_save_GCC
+  with_gnu_ld=$lt_save_with_gnu_ld
+  lt_cv_path_LDCXX=$lt_cv_path_LD
+  lt_cv_path_LD=$lt_save_path_LD
+  lt_cv_prog_gnu_ldcxx=$lt_cv_prog_gnu_ld
+  lt_cv_prog_gnu_ld=$lt_save_with_gnu_ld
+fi # test "$_lt_caught_CXX_error" != yes
+
+AC_LANG_POP
+])# _LT_LANG_CXX_CONFIG
+
+
+# _LT_FUNC_STRIPNAME_CNF
+# ----------------------
+# func_stripname_cnf prefix suffix name
+# strip PREFIX and SUFFIX off of NAME.
+# PREFIX and SUFFIX must not contain globbing or regex special
+# characters, hashes, percent signs, but SUFFIX may contain a leading
+# dot (in which case that matches only a dot).
+#
+# This function is identical to the (non-XSI) version of func_stripname,
+# except this one can be used by m4 code that may be executed by configure,
+# rather than the libtool script.
+m4_defun([_LT_FUNC_STRIPNAME_CNF],[dnl
+AC_REQUIRE([_LT_DECL_SED])
+AC_REQUIRE([_LT_PROG_ECHO_BACKSLASH])
+func_stripname_cnf ()
+{
+  case ${2} in
+  .*) func_stripname_result=`$ECHO "${3}" | $SED "s%^${1}%%; s%\\\\${2}\$%%"`;;
+  *)  func_stripname_result=`$ECHO "${3}" | $SED "s%^${1}%%; s%${2}\$%%"`;;
+  esac
+} # func_stripname_cnf
+])# _LT_FUNC_STRIPNAME_CNF
+
+# _LT_SYS_HIDDEN_LIBDEPS([TAGNAME])
+# ---------------------------------
+# Figure out "hidden" library dependencies from verbose
+# compiler output when linking a shared library.
+# Parse the compiler output and extract the necessary
+# objects, libraries and library flags.
+m4_defun([_LT_SYS_HIDDEN_LIBDEPS],
+[m4_require([_LT_FILEUTILS_DEFAULTS])dnl
+AC_REQUIRE([_LT_FUNC_STRIPNAME_CNF])dnl
+# Dependencies to place before and after the object being linked:
+_LT_TAGVAR(predep_objects, $1)=
+_LT_TAGVAR(postdep_objects, $1)=
+_LT_TAGVAR(predeps, $1)=
+_LT_TAGVAR(postdeps, $1)=
+_LT_TAGVAR(compiler_lib_search_path, $1)=
+
+dnl we can't use the lt_simple_compile_test_code here,
+dnl because it contains code intended for an executable,
+dnl not a library.  It's possible we should let each
+dnl tag define a new lt_????_link_test_code variable,
+dnl but it's only used here...
+m4_if([$1], [], [cat > conftest.$ac_ext <<_LT_EOF
+int a;
+void foo (void) { a = 0; }
+_LT_EOF
+], [$1], [CXX], [cat > conftest.$ac_ext <<_LT_EOF
+class Foo
+{
+public:
+  Foo (void) { a = 0; }
+private:
+  int a;
+};
+_LT_EOF
+], [$1], [F77], [cat > conftest.$ac_ext <<_LT_EOF
+      subroutine foo
+      implicit none
+      integer*4 a
+      a=0
+      return
+      end
+_LT_EOF
+], [$1], [FC], [cat > conftest.$ac_ext <<_LT_EOF
+      subroutine foo
+      implicit none
+      integer a
+      a=0
+      return
+      end
+_LT_EOF
+], [$1], [GCJ], [cat > conftest.$ac_ext <<_LT_EOF
+public class foo {
+  private int a;
+  public void bar (void) {
+    a = 0;
+  }
+};
+_LT_EOF
+], [$1], [GO], [cat > conftest.$ac_ext <<_LT_EOF
+package foo
+func foo() {
+}
+_LT_EOF
+])
+
+_lt_libdeps_save_CFLAGS=$CFLAGS
+case "$CC $CFLAGS " in #(
+*\ -flto*\ *) CFLAGS="$CFLAGS -fno-lto" ;;
+*\ -fwhopr*\ *) CFLAGS="$CFLAGS -fno-whopr" ;;
+*\ -fuse-linker-plugin*\ *) CFLAGS="$CFLAGS -fno-use-linker-plugin" ;;
+esac
+
+dnl Parse the compiler output and extract the necessary
+dnl objects, libraries and library flags.
+if AC_TRY_EVAL(ac_compile); then
+  # Parse the compiler output and extract the necessary
+  # objects, libraries and library flags.
+
+  # Sentinel used to keep track of whether or not we are before
+  # the conftest object file.
+  pre_test_object_deps_done=no
+
+  for p in `eval "$output_verbose_link_cmd"`; do
+    case ${prev}${p} in
+
+    -L* | -R* | -l*)
+       # Some compilers place space between "-{L,R}" and the path.
+       # Remove the space.
+       if test $p = "-L" ||
+          test $p = "-R"; then
+	 prev=$p
+	 continue
+       fi
+
+       # Expand the sysroot to ease extracting the directories later.
+       if test -z "$prev"; then
+         case $p in
+         -L*) func_stripname_cnf '-L' '' "$p"; prev=-L; p=$func_stripname_result ;;
+         -R*) func_stripname_cnf '-R' '' "$p"; prev=-R; p=$func_stripname_result ;;
+         -l*) func_stripname_cnf '-l' '' "$p"; prev=-l; p=$func_stripname_result ;;
+         esac
+       fi
+       case $p in
+       =*) func_stripname_cnf '=' '' "$p"; p=$lt_sysroot$func_stripname_result ;;
+       esac
+       if test "$pre_test_object_deps_done" = no; then
+	 case ${prev} in
+	 -L | -R)
+	   # Internal compiler library paths should come after those
+	   # provided the user.  The postdeps already come after the
+	   # user supplied libs so there is no need to process them.
+	   if test -z "$_LT_TAGVAR(compiler_lib_search_path, $1)"; then
+	     _LT_TAGVAR(compiler_lib_search_path, $1)="${prev}${p}"
+	   else
+	     _LT_TAGVAR(compiler_lib_search_path, $1)="${_LT_TAGVAR(compiler_lib_search_path, $1)} ${prev}${p}"
+	   fi
+	   ;;
+	 # The "-l" case would never come before the object being
+	 # linked, so don't bother handling this case.
+	 esac
+       else
+	 if test -z "$_LT_TAGVAR(postdeps, $1)"; then
+	   _LT_TAGVAR(postdeps, $1)="${prev}${p}"
+	 else
+	   _LT_TAGVAR(postdeps, $1)="${_LT_TAGVAR(postdeps, $1)} ${prev}${p}"
+	 fi
+       fi
+       prev=
+       ;;
+
+    *.lto.$objext) ;; # Ignore GCC LTO objects
+    *.$objext)
+       # This assumes that the test object file only shows up
+       # once in the compiler output.
+       if test "$p" = "conftest.$objext"; then
+	 pre_test_object_deps_done=yes
+	 continue
+       fi
+
+       if test "$pre_test_object_deps_done" = no; then
+	 if test -z "$_LT_TAGVAR(predep_objects, $1)"; then
+	   _LT_TAGVAR(predep_objects, $1)="$p"
+	 else
+	   _LT_TAGVAR(predep_objects, $1)="$_LT_TAGVAR(predep_objects, $1) $p"
+	 fi
+       else
+	 if test -z "$_LT_TAGVAR(postdep_objects, $1)"; then
+	   _LT_TAGVAR(postdep_objects, $1)="$p"
+	 else
+	   _LT_TAGVAR(postdep_objects, $1)="$_LT_TAGVAR(postdep_objects, $1) $p"
+	 fi
+       fi
+       ;;
+
+    *) ;; # Ignore the rest.
+
+    esac
+  done
+
+  # Clean up.
+  rm -f a.out a.exe
+else
+  echo "libtool.m4: error: problem compiling $1 test program"
+fi
+
+$RM -f confest.$objext
+CFLAGS=$_lt_libdeps_save_CFLAGS
+
+# PORTME: override above test on systems where it is broken
+m4_if([$1], [CXX],
+[case $host_os in
+interix[[3-9]]*)
+  # Interix 3.5 installs completely hosed .la files for C++, so rather than
+  # hack all around it, let's just trust "g++" to DTRT.
+  _LT_TAGVAR(predep_objects,$1)=
+  _LT_TAGVAR(postdep_objects,$1)=
+  _LT_TAGVAR(postdeps,$1)=
+  ;;
+
+linux*)
+  case `$CC -V 2>&1 | sed 5q` in
+  *Sun\ C*)
+    # Sun C++ 5.9
+
+    # The more standards-conforming stlport4 library is
+    # incompatible with the Cstd library. Avoid specifying
+    # it if it's in CXXFLAGS. Ignore libCrun as
+    # -library=stlport4 depends on it.
+    case " $CXX $CXXFLAGS " in
+    *" -library=stlport4 "*)
+      solaris_use_stlport4=yes
+      ;;
+    esac
+
+    if test "$solaris_use_stlport4" != yes; then
+      _LT_TAGVAR(postdeps,$1)='-library=Cstd -library=Crun'
+    fi
+    ;;
+  esac
+  ;;
+
+solaris*)
+  case $cc_basename in
+  CC* | sunCC*)
+    # The more standards-conforming stlport4 library is
+    # incompatible with the Cstd library. Avoid specifying
+    # it if it's in CXXFLAGS. Ignore libCrun as
+    # -library=stlport4 depends on it.
+    case " $CXX $CXXFLAGS " in
+    *" -library=stlport4 "*)
+      solaris_use_stlport4=yes
+      ;;
+    esac
+
+    # Adding this requires a known-good setup of shared libraries for
+    # Sun compiler versions before 5.6, else PIC objects from an old
+    # archive will be linked into the output, leading to subtle bugs.
+    if test "$solaris_use_stlport4" != yes; then
+      _LT_TAGVAR(postdeps,$1)='-library=Cstd -library=Crun'
+    fi
+    ;;
+  esac
+  ;;
+esac
+])
+
+case " $_LT_TAGVAR(postdeps, $1) " in
+*" -lc "*) _LT_TAGVAR(archive_cmds_need_lc, $1)=no ;;
+esac
+ _LT_TAGVAR(compiler_lib_search_dirs, $1)=
+if test -n "${_LT_TAGVAR(compiler_lib_search_path, $1)}"; then
+ _LT_TAGVAR(compiler_lib_search_dirs, $1)=`echo " ${_LT_TAGVAR(compiler_lib_search_path, $1)}" | ${SED} -e 's! -L! !g' -e 's!^ !!'`
+fi
+_LT_TAGDECL([], [compiler_lib_search_dirs], [1],
+    [The directories searched by this compiler when creating a shared library])
+_LT_TAGDECL([], [predep_objects], [1],
+    [Dependencies to place before and after the objects being linked to
+    create a shared library])
+_LT_TAGDECL([], [postdep_objects], [1])
+_LT_TAGDECL([], [predeps], [1])
+_LT_TAGDECL([], [postdeps], [1])
+_LT_TAGDECL([], [compiler_lib_search_path], [1],
+    [The library search path used internally by the compiler when linking
+    a shared library])
+])# _LT_SYS_HIDDEN_LIBDEPS
+
+
+# _LT_LANG_F77_CONFIG([TAG])
+# --------------------------
+# Ensure that the configuration variables for a Fortran 77 compiler are
+# suitably defined.  These variables are subsequently used by _LT_CONFIG
+# to write the compiler configuration to `libtool'.
+m4_defun([_LT_LANG_F77_CONFIG],
+[AC_LANG_PUSH(Fortran 77)
+if test -z "$F77" || test "X$F77" = "Xno"; then
+  _lt_disable_F77=yes
+fi
+
+_LT_TAGVAR(archive_cmds_need_lc, $1)=no
+_LT_TAGVAR(allow_undefined_flag, $1)=
+_LT_TAGVAR(always_export_symbols, $1)=no
+_LT_TAGVAR(archive_expsym_cmds, $1)=
+_LT_TAGVAR(export_dynamic_flag_spec, $1)=
+_LT_TAGVAR(hardcode_direct, $1)=no
+_LT_TAGVAR(hardcode_direct_absolute, $1)=no
+_LT_TAGVAR(hardcode_libdir_flag_spec, $1)=
+_LT_TAGVAR(hardcode_libdir_separator, $1)=
+_LT_TAGVAR(hardcode_minus_L, $1)=no
+_LT_TAGVAR(hardcode_automatic, $1)=no
+_LT_TAGVAR(inherit_rpath, $1)=no
+_LT_TAGVAR(module_cmds, $1)=
+_LT_TAGVAR(module_expsym_cmds, $1)=
+_LT_TAGVAR(link_all_deplibs, $1)=unknown
+_LT_TAGVAR(old_archive_cmds, $1)=$old_archive_cmds
+_LT_TAGVAR(reload_flag, $1)=$reload_flag
+_LT_TAGVAR(reload_cmds, $1)=$reload_cmds
+_LT_TAGVAR(no_undefined_flag, $1)=
+_LT_TAGVAR(whole_archive_flag_spec, $1)=
+_LT_TAGVAR(enable_shared_with_static_runtimes, $1)=no
+
+# Source file extension for f77 test sources.
+ac_ext=f
+
+# Object file extension for compiled f77 test sources.
+objext=o
+_LT_TAGVAR(objext, $1)=$objext
+
+# No sense in running all these tests if we already determined that
+# the F77 compiler isn't working.  Some variables (like enable_shared)
+# are currently assumed to apply to all compilers on this platform,
+# and will be corrupted by setting them based on a non-working compiler.
+if test "$_lt_disable_F77" != yes; then
+  # Code to be used in simple compile tests
+  lt_simple_compile_test_code="\
+      subroutine t
+      return
+      end
+"
+
+  # Code to be used in simple link tests
+  lt_simple_link_test_code="\
+      program t
+      end
+"
+
+  # ltmain only uses $CC for tagged configurations so make sure $CC is set.
+  _LT_TAG_COMPILER
+
+  # save warnings/boilerplate of simple test code
+  _LT_COMPILER_BOILERPLATE
+  _LT_LINKER_BOILERPLATE
+
+  # Allow CC to be a program name with arguments.
+  lt_save_CC="$CC"
+  lt_save_GCC=$GCC
+  lt_save_CFLAGS=$CFLAGS
+  CC=${F77-"f77"}
+  CFLAGS=$FFLAGS
+  compiler=$CC
+  _LT_TAGVAR(compiler, $1)=$CC
+  _LT_CC_BASENAME([$compiler])
+  GCC=$G77
+  if test -n "$compiler"; then
+    AC_MSG_CHECKING([if libtool supports shared libraries])
+    AC_MSG_RESULT([$can_build_shared])
+
+    AC_MSG_CHECKING([whether to build shared libraries])
+    test "$can_build_shared" = "no" && enable_shared=no
+
+    # On AIX, shared libraries and static libraries use the same namespace, and
+    # are all built from PIC.
+    case $host_os in
+      aix3*)
+        test "$enable_shared" = yes && enable_static=no
+        if test -n "$RANLIB"; then
+          archive_cmds="$archive_cmds~\$RANLIB \$lib"
+          postinstall_cmds='$RANLIB $lib'
+        fi
+        ;;
+      aix[[4-9]]*)
+	if test "$host_cpu" != ia64 && test "$aix_use_runtimelinking" = no ; then
+	  test "$enable_shared" = yes && enable_static=no
+	fi
+        ;;
+    esac
+    AC_MSG_RESULT([$enable_shared])
+
+    AC_MSG_CHECKING([whether to build static libraries])
+    # Make sure either enable_shared or enable_static is yes.
+    test "$enable_shared" = yes || enable_static=yes
+    AC_MSG_RESULT([$enable_static])
+
+    _LT_TAGVAR(GCC, $1)="$G77"
+    _LT_TAGVAR(LD, $1)="$LD"
+
+    ## CAVEAT EMPTOR:
+    ## There is no encapsulation within the following macros, do not change
+    ## the running order or otherwise move them around unless you know exactly
+    ## what you are doing...
+    _LT_COMPILER_PIC($1)
+    _LT_COMPILER_C_O($1)
+    _LT_COMPILER_FILE_LOCKS($1)
+    _LT_LINKER_SHLIBS($1)
+    _LT_SYS_DYNAMIC_LINKER($1)
+    _LT_LINKER_HARDCODE_LIBPATH($1)
+
+    _LT_CONFIG($1)
+  fi # test -n "$compiler"
+
+  GCC=$lt_save_GCC
+  CC="$lt_save_CC"
+  CFLAGS="$lt_save_CFLAGS"
+fi # test "$_lt_disable_F77" != yes
+
+AC_LANG_POP
+])# _LT_LANG_F77_CONFIG
+
+
+# _LT_LANG_FC_CONFIG([TAG])
+# -------------------------
+# Ensure that the configuration variables for a Fortran compiler are
+# suitably defined.  These variables are subsequently used by _LT_CONFIG
+# to write the compiler configuration to `libtool'.
+m4_defun([_LT_LANG_FC_CONFIG],
+[AC_LANG_PUSH(Fortran)
+
+if test -z "$FC" || test "X$FC" = "Xno"; then
+  _lt_disable_FC=yes
+fi
+
+_LT_TAGVAR(archive_cmds_need_lc, $1)=no
+_LT_TAGVAR(allow_undefined_flag, $1)=
+_LT_TAGVAR(always_export_symbols, $1)=no
+_LT_TAGVAR(archive_expsym_cmds, $1)=
+_LT_TAGVAR(export_dynamic_flag_spec, $1)=
+_LT_TAGVAR(hardcode_direct, $1)=no
+_LT_TAGVAR(hardcode_direct_absolute, $1)=no
+_LT_TAGVAR(hardcode_libdir_flag_spec, $1)=
+_LT_TAGVAR(hardcode_libdir_separator, $1)=
+_LT_TAGVAR(hardcode_minus_L, $1)=no
+_LT_TAGVAR(hardcode_automatic, $1)=no
+_LT_TAGVAR(inherit_rpath, $1)=no
+_LT_TAGVAR(module_cmds, $1)=
+_LT_TAGVAR(module_expsym_cmds, $1)=
+_LT_TAGVAR(link_all_deplibs, $1)=unknown
+_LT_TAGVAR(old_archive_cmds, $1)=$old_archive_cmds
+_LT_TAGVAR(reload_flag, $1)=$reload_flag
+_LT_TAGVAR(reload_cmds, $1)=$reload_cmds
+_LT_TAGVAR(no_undefined_flag, $1)=
+_LT_TAGVAR(whole_archive_flag_spec, $1)=
+_LT_TAGVAR(enable_shared_with_static_runtimes, $1)=no
+
+# Source file extension for fc test sources.
+ac_ext=${ac_fc_srcext-f}
+
+# Object file extension for compiled fc test sources.
+objext=o
+_LT_TAGVAR(objext, $1)=$objext
+
+# No sense in running all these tests if we already determined that
+# the FC compiler isn't working.  Some variables (like enable_shared)
+# are currently assumed to apply to all compilers on this platform,
+# and will be corrupted by setting them based on a non-working compiler.
+if test "$_lt_disable_FC" != yes; then
+  # Code to be used in simple compile tests
+  lt_simple_compile_test_code="\
+      subroutine t
+      return
+      end
+"
+
+  # Code to be used in simple link tests
+  lt_simple_link_test_code="\
+      program t
+      end
+"
+
+  # ltmain only uses $CC for tagged configurations so make sure $CC is set.
+  _LT_TAG_COMPILER
+
+  # save warnings/boilerplate of simple test code
+  _LT_COMPILER_BOILERPLATE
+  _LT_LINKER_BOILERPLATE
+
+  # Allow CC to be a program name with arguments.
+  lt_save_CC="$CC"
+  lt_save_GCC=$GCC
+  lt_save_CFLAGS=$CFLAGS
+  CC=${FC-"f95"}
+  CFLAGS=$FCFLAGS
+  compiler=$CC
+  GCC=$ac_cv_fc_compiler_gnu
+
+  _LT_TAGVAR(compiler, $1)=$CC
+  _LT_CC_BASENAME([$compiler])
+
+  if test -n "$compiler"; then
+    AC_MSG_CHECKING([if libtool supports shared libraries])
+    AC_MSG_RESULT([$can_build_shared])
+
+    AC_MSG_CHECKING([whether to build shared libraries])
+    test "$can_build_shared" = "no" && enable_shared=no
+
+    # On AIX, shared libraries and static libraries use the same namespace, and
+    # are all built from PIC.
+    case $host_os in
+      aix3*)
+        test "$enable_shared" = yes && enable_static=no
+        if test -n "$RANLIB"; then
+          archive_cmds="$archive_cmds~\$RANLIB \$lib"
+          postinstall_cmds='$RANLIB $lib'
+        fi
+        ;;
+      aix[[4-9]]*)
+	if test "$host_cpu" != ia64 && test "$aix_use_runtimelinking" = no ; then
+	  test "$enable_shared" = yes && enable_static=no
+	fi
+        ;;
+    esac
+    AC_MSG_RESULT([$enable_shared])
+
+    AC_MSG_CHECKING([whether to build static libraries])
+    # Make sure either enable_shared or enable_static is yes.
+    test "$enable_shared" = yes || enable_static=yes
+    AC_MSG_RESULT([$enable_static])
+
+    _LT_TAGVAR(GCC, $1)="$ac_cv_fc_compiler_gnu"
+    _LT_TAGVAR(LD, $1)="$LD"
+
+    ## CAVEAT EMPTOR:
+    ## There is no encapsulation within the following macros, do not change
+    ## the running order or otherwise move them around unless you know exactly
+    ## what you are doing...
+    _LT_SYS_HIDDEN_LIBDEPS($1)
+    _LT_COMPILER_PIC($1)
+    _LT_COMPILER_C_O($1)
+    _LT_COMPILER_FILE_LOCKS($1)
+    _LT_LINKER_SHLIBS($1)
+    _LT_SYS_DYNAMIC_LINKER($1)
+    _LT_LINKER_HARDCODE_LIBPATH($1)
+
+    _LT_CONFIG($1)
+  fi # test -n "$compiler"
+
+  GCC=$lt_save_GCC
+  CC=$lt_save_CC
+  CFLAGS=$lt_save_CFLAGS
+fi # test "$_lt_disable_FC" != yes
+
+AC_LANG_POP
+])# _LT_LANG_FC_CONFIG
+
+
+# _LT_LANG_GCJ_CONFIG([TAG])
+# --------------------------
+# Ensure that the configuration variables for the GNU Java Compiler compiler
+# are suitably defined.  These variables are subsequently used by _LT_CONFIG
+# to write the compiler configuration to `libtool'.
+m4_defun([_LT_LANG_GCJ_CONFIG],
+[AC_REQUIRE([LT_PROG_GCJ])dnl
+AC_LANG_SAVE
+
+# Source file extension for Java test sources.
+ac_ext=java
+
+# Object file extension for compiled Java test sources.
+objext=o
+_LT_TAGVAR(objext, $1)=$objext
+
+# Code to be used in simple compile tests
+lt_simple_compile_test_code="class foo {}"
+
+# Code to be used in simple link tests
+lt_simple_link_test_code='public class conftest { public static void main(String[[]] argv) {}; }'
+
+# ltmain only uses $CC for tagged configurations so make sure $CC is set.
+_LT_TAG_COMPILER
+
+# save warnings/boilerplate of simple test code
+_LT_COMPILER_BOILERPLATE
+_LT_LINKER_BOILERPLATE
+
+# Allow CC to be a program name with arguments.
+lt_save_CC=$CC
+lt_save_CFLAGS=$CFLAGS
+lt_save_GCC=$GCC
+GCC=yes
+CC=${GCJ-"gcj"}
+CFLAGS=$GCJFLAGS
+compiler=$CC
+_LT_TAGVAR(compiler, $1)=$CC
+_LT_TAGVAR(LD, $1)="$LD"
+_LT_CC_BASENAME([$compiler])
+
+# GCJ did not exist at the time GCC didn't implicitly link libc in.
+_LT_TAGVAR(archive_cmds_need_lc, $1)=no
+
+_LT_TAGVAR(old_archive_cmds, $1)=$old_archive_cmds
+_LT_TAGVAR(reload_flag, $1)=$reload_flag
+_LT_TAGVAR(reload_cmds, $1)=$reload_cmds
+
+## CAVEAT EMPTOR:
+## There is no encapsulation within the following macros, do not change
+## the running order or otherwise move them around unless you know exactly
+## what you are doing...
+if test -n "$compiler"; then
+  _LT_COMPILER_NO_RTTI($1)
+  _LT_COMPILER_PIC($1)
+  _LT_COMPILER_C_O($1)
+  _LT_COMPILER_FILE_LOCKS($1)
+  _LT_LINKER_SHLIBS($1)
+  _LT_LINKER_HARDCODE_LIBPATH($1)
+
+  _LT_CONFIG($1)
+fi
+
+AC_LANG_RESTORE
+
+GCC=$lt_save_GCC
+CC=$lt_save_CC
+CFLAGS=$lt_save_CFLAGS
+])# _LT_LANG_GCJ_CONFIG
+
+
+# _LT_LANG_GO_CONFIG([TAG])
+# --------------------------
+# Ensure that the configuration variables for the GNU Go compiler
+# are suitably defined.  These variables are subsequently used by _LT_CONFIG
+# to write the compiler configuration to `libtool'.
+m4_defun([_LT_LANG_GO_CONFIG],
+[AC_REQUIRE([LT_PROG_GO])dnl
+AC_LANG_SAVE
+
+# Source file extension for Go test sources.
+ac_ext=go
+
+# Object file extension for compiled Go test sources.
+objext=o
+_LT_TAGVAR(objext, $1)=$objext
+
+# Code to be used in simple compile tests
+lt_simple_compile_test_code="package main; func main() { }"
+
+# Code to be used in simple link tests
+lt_simple_link_test_code='package main; func main() { }'
+
+# ltmain only uses $CC for tagged configurations so make sure $CC is set.
+_LT_TAG_COMPILER
+
+# save warnings/boilerplate of simple test code
+_LT_COMPILER_BOILERPLATE
+_LT_LINKER_BOILERPLATE
+
+# Allow CC to be a program name with arguments.
+lt_save_CC=$CC
+lt_save_CFLAGS=$CFLAGS
+lt_save_GCC=$GCC
+GCC=yes
+CC=${GOC-"gccgo"}
+CFLAGS=$GOFLAGS
+compiler=$CC
+_LT_TAGVAR(compiler, $1)=$CC
+_LT_TAGVAR(LD, $1)="$LD"
+_LT_CC_BASENAME([$compiler])
+
+# Go did not exist at the time GCC didn't implicitly link libc in.
+_LT_TAGVAR(archive_cmds_need_lc, $1)=no
+
+_LT_TAGVAR(old_archive_cmds, $1)=$old_archive_cmds
+_LT_TAGVAR(reload_flag, $1)=$reload_flag
+_LT_TAGVAR(reload_cmds, $1)=$reload_cmds
+
+## CAVEAT EMPTOR:
+## There is no encapsulation within the following macros, do not change
+## the running order or otherwise move them around unless you know exactly
+## what you are doing...
+if test -n "$compiler"; then
+  _LT_COMPILER_NO_RTTI($1)
+  _LT_COMPILER_PIC($1)
+  _LT_COMPILER_C_O($1)
+  _LT_COMPILER_FILE_LOCKS($1)
+  _LT_LINKER_SHLIBS($1)
+  _LT_LINKER_HARDCODE_LIBPATH($1)
+
+  _LT_CONFIG($1)
+fi
+
+AC_LANG_RESTORE
+
+GCC=$lt_save_GCC
+CC=$lt_save_CC
+CFLAGS=$lt_save_CFLAGS
+])# _LT_LANG_GO_CONFIG
+
+
+# _LT_LANG_RC_CONFIG([TAG])
+# -------------------------
+# Ensure that the configuration variables for the Windows resource compiler
+# are suitably defined.  These variables are subsequently used by _LT_CONFIG
+# to write the compiler configuration to `libtool'.
+m4_defun([_LT_LANG_RC_CONFIG],
+[AC_REQUIRE([LT_PROG_RC])dnl
+AC_LANG_SAVE
+
+# Source file extension for RC test sources.
+ac_ext=rc
+
+# Object file extension for compiled RC test sources.
+objext=o
+_LT_TAGVAR(objext, $1)=$objext
+
+# Code to be used in simple compile tests
+lt_simple_compile_test_code='sample MENU { MENUITEM "&Soup", 100, CHECKED }'
+
+# Code to be used in simple link tests
+lt_simple_link_test_code="$lt_simple_compile_test_code"
+
+# ltmain only uses $CC for tagged configurations so make sure $CC is set.
+_LT_TAG_COMPILER
+
+# save warnings/boilerplate of simple test code
+_LT_COMPILER_BOILERPLATE
+_LT_LINKER_BOILERPLATE
+
+# Allow CC to be a program name with arguments.
+lt_save_CC="$CC"
+lt_save_CFLAGS=$CFLAGS
+lt_save_GCC=$GCC
+GCC=
+CC=${RC-"windres"}
+CFLAGS=
+compiler=$CC
+_LT_TAGVAR(compiler, $1)=$CC
+_LT_CC_BASENAME([$compiler])
+_LT_TAGVAR(lt_cv_prog_compiler_c_o, $1)=yes
+
+if test -n "$compiler"; then
+  :
+  _LT_CONFIG($1)
+fi
+
+GCC=$lt_save_GCC
+AC_LANG_RESTORE
+CC=$lt_save_CC
+CFLAGS=$lt_save_CFLAGS
+])# _LT_LANG_RC_CONFIG
+
+
+# LT_PROG_GCJ
+# -----------
+AC_DEFUN([LT_PROG_GCJ],
+[m4_ifdef([AC_PROG_GCJ], [AC_PROG_GCJ],
+  [m4_ifdef([A][M_PROG_GCJ], [A][M_PROG_GCJ],
+    [AC_CHECK_TOOL(GCJ, gcj,)
+      test "x${GCJFLAGS+set}" = xset || GCJFLAGS="-g -O2"
+      AC_SUBST(GCJFLAGS)])])[]dnl
+])
+
+# Old name:
+AU_ALIAS([LT_AC_PROG_GCJ], [LT_PROG_GCJ])
+dnl aclocal-1.4 backwards compatibility:
+dnl AC_DEFUN([LT_AC_PROG_GCJ], [])
+
+
+# LT_PROG_GO
+# ----------
+AC_DEFUN([LT_PROG_GO],
+[AC_CHECK_TOOL(GOC, gccgo,)
+])
+
+
+# LT_PROG_RC
+# ----------
+AC_DEFUN([LT_PROG_RC],
+[AC_CHECK_TOOL(RC, windres,)
+])
+
+# Old name:
+AU_ALIAS([LT_AC_PROG_RC], [LT_PROG_RC])
+dnl aclocal-1.4 backwards compatibility:
+dnl AC_DEFUN([LT_AC_PROG_RC], [])
+
+
+# _LT_DECL_EGREP
+# --------------
+# If we don't have a new enough Autoconf to choose the best grep
+# available, choose the one first in the user's PATH.
+m4_defun([_LT_DECL_EGREP],
+[AC_REQUIRE([AC_PROG_EGREP])dnl
+AC_REQUIRE([AC_PROG_FGREP])dnl
+test -z "$GREP" && GREP=grep
+_LT_DECL([], [GREP], [1], [A grep program that handles long lines])
+_LT_DECL([], [EGREP], [1], [An ERE matcher])
+_LT_DECL([], [FGREP], [1], [A literal string matcher])
+dnl Non-bleeding-edge autoconf doesn't subst GREP, so do it here too
+AC_SUBST([GREP])
+])
+
+
+# _LT_DECL_OBJDUMP
+# --------------
+# If we don't have a new enough Autoconf to choose the best objdump
+# available, choose the one first in the user's PATH.
+m4_defun([_LT_DECL_OBJDUMP],
+[AC_CHECK_TOOL(OBJDUMP, objdump, false)
+test -z "$OBJDUMP" && OBJDUMP=objdump
+_LT_DECL([], [OBJDUMP], [1], [An object symbol dumper])
+AC_SUBST([OBJDUMP])
+])
+
+# _LT_DECL_DLLTOOL
+# ----------------
+# Ensure DLLTOOL variable is set.
+m4_defun([_LT_DECL_DLLTOOL],
+[AC_CHECK_TOOL(DLLTOOL, dlltool, false)
+test -z "$DLLTOOL" && DLLTOOL=dlltool
+_LT_DECL([], [DLLTOOL], [1], [DLL creation program])
+AC_SUBST([DLLTOOL])
+])
+
+# _LT_DECL_SED
+# ------------
+# Check for a fully-functional sed program, that truncates
+# as few characters as possible.  Prefer GNU sed if found.
+m4_defun([_LT_DECL_SED],
+[AC_PROG_SED
+test -z "$SED" && SED=sed
+Xsed="$SED -e 1s/^X//"
+_LT_DECL([], [SED], [1], [A sed program that does not truncate output])
+_LT_DECL([], [Xsed], ["\$SED -e 1s/^X//"],
+    [Sed that helps us avoid accidentally triggering echo(1) options like -n])
+])# _LT_DECL_SED
+
+m4_ifndef([AC_PROG_SED], [
+############################################################
+# NOTE: This macro has been submitted for inclusion into   #
+#  GNU Autoconf as AC_PROG_SED.  When it is available in   #
+#  a released version of Autoconf we should remove this    #
+#  macro and use it instead.                               #
+############################################################
+
+m4_defun([AC_PROG_SED],
+[AC_MSG_CHECKING([for a sed that does not truncate output])
+AC_CACHE_VAL(lt_cv_path_SED,
+[# Loop through the user's path and test for sed and gsed.
+# Then use that list of sed's as ones to test for truncation.
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+  for lt_ac_prog in sed gsed; do
+    for ac_exec_ext in '' $ac_executable_extensions; do
+      if $as_executable_p "$as_dir/$lt_ac_prog$ac_exec_ext"; then
+        lt_ac_sed_list="$lt_ac_sed_list $as_dir/$lt_ac_prog$ac_exec_ext"
+      fi
+    done
+  done
+done
+IFS=$as_save_IFS
+lt_ac_max=0
+lt_ac_count=0
+# Add /usr/xpg4/bin/sed as it is typically found on Solaris
+# along with /bin/sed that truncates output.
+for lt_ac_sed in $lt_ac_sed_list /usr/xpg4/bin/sed; do
+  test ! -f $lt_ac_sed && continue
+  cat /dev/null > conftest.in
+  lt_ac_count=0
+  echo $ECHO_N "0123456789$ECHO_C" >conftest.in
+  # Check for GNU sed and select it if it is found.
+  if "$lt_ac_sed" --version 2>&1 < /dev/null | grep 'GNU' > /dev/null; then
+    lt_cv_path_SED=$lt_ac_sed
+    break
+  fi
+  while true; do
+    cat conftest.in conftest.in >conftest.tmp
+    mv conftest.tmp conftest.in
+    cp conftest.in conftest.nl
+    echo >>conftest.nl
+    $lt_ac_sed -e 's/a$//' < conftest.nl >conftest.out || break
+    cmp -s conftest.out conftest.nl || break
+    # 10000 chars as input seems more than enough
+    test $lt_ac_count -gt 10 && break
+    lt_ac_count=`expr $lt_ac_count + 1`
+    if test $lt_ac_count -gt $lt_ac_max; then
+      lt_ac_max=$lt_ac_count
+      lt_cv_path_SED=$lt_ac_sed
+    fi
+  done
+done
+])
+SED=$lt_cv_path_SED
+AC_SUBST([SED])
+AC_MSG_RESULT([$SED])
+])#AC_PROG_SED
+])#m4_ifndef
+
+# Old name:
+AU_ALIAS([LT_AC_PROG_SED], [AC_PROG_SED])
+dnl aclocal-1.4 backwards compatibility:
+dnl AC_DEFUN([LT_AC_PROG_SED], [])
+
+
+# _LT_CHECK_SHELL_FEATURES
+# ------------------------
+# Find out whether the shell is Bourne or XSI compatible,
+# or has some other useful features.
+m4_defun([_LT_CHECK_SHELL_FEATURES],
+[AC_MSG_CHECKING([whether the shell understands some XSI constructs])
+# Try some XSI features
+xsi_shell=no
+( _lt_dummy="a/b/c"
+  test "${_lt_dummy##*/},${_lt_dummy%/*},${_lt_dummy#??}"${_lt_dummy%"$_lt_dummy"}, \
+      = c,a/b,b/c, \
+    && eval 'test $(( 1 + 1 )) -eq 2 \
+    && test "${#_lt_dummy}" -eq 5' ) >/dev/null 2>&1 \
+  && xsi_shell=yes
+AC_MSG_RESULT([$xsi_shell])
+_LT_CONFIG_LIBTOOL_INIT([xsi_shell='$xsi_shell'])
+
+AC_MSG_CHECKING([whether the shell understands "+="])
+lt_shell_append=no
+( foo=bar; set foo baz; eval "$[1]+=\$[2]" && test "$foo" = barbaz ) \
+    >/dev/null 2>&1 \
+  && lt_shell_append=yes
+AC_MSG_RESULT([$lt_shell_append])
+_LT_CONFIG_LIBTOOL_INIT([lt_shell_append='$lt_shell_append'])
+
+if ( (MAIL=60; unset MAIL) || exit) >/dev/null 2>&1; then
+  lt_unset=unset
+else
+  lt_unset=false
+fi
+_LT_DECL([], [lt_unset], [0], [whether the shell understands "unset"])dnl
+
+# test EBCDIC or ASCII
+case `echo X|tr X '\101'` in
+ A) # ASCII based system
+    # \n is not interpreted correctly by Solaris 8 /usr/ucb/tr
+  lt_SP2NL='tr \040 \012'
+  lt_NL2SP='tr \015\012 \040\040'
+  ;;
+ *) # EBCDIC based system
+  lt_SP2NL='tr \100 \n'
+  lt_NL2SP='tr \r\n \100\100'
+  ;;
+esac
+_LT_DECL([SP2NL], [lt_SP2NL], [1], [turn spaces into newlines])dnl
+_LT_DECL([NL2SP], [lt_NL2SP], [1], [turn newlines into spaces])dnl
+])# _LT_CHECK_SHELL_FEATURES
+
+
+# _LT_PROG_FUNCTION_REPLACE (FUNCNAME, REPLACEMENT-BODY)
+# ------------------------------------------------------
+# In `$cfgfile', look for function FUNCNAME delimited by `^FUNCNAME ()$' and
+# '^} FUNCNAME ', and replace its body with REPLACEMENT-BODY.
+m4_defun([_LT_PROG_FUNCTION_REPLACE],
+[dnl {
+sed -e '/^$1 ()$/,/^} # $1 /c\
+$1 ()\
+{\
+m4_bpatsubsts([$2], [$], [\\], [^\([	 ]\)], [\\\1])
+} # Extended-shell $1 implementation' "$cfgfile" > $cfgfile.tmp \
+  && mv -f "$cfgfile.tmp" "$cfgfile" \
+    || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp")
+test 0 -eq $? || _lt_function_replace_fail=:
+])
+
+
+# _LT_PROG_REPLACE_SHELLFNS
+# -------------------------
+# Replace existing portable implementations of several shell functions with
+# equivalent extended shell implementations where those features are available..
+m4_defun([_LT_PROG_REPLACE_SHELLFNS],
+[if test x"$xsi_shell" = xyes; then
+  _LT_PROG_FUNCTION_REPLACE([func_dirname], [dnl
+    case ${1} in
+      */*) func_dirname_result="${1%/*}${2}" ;;
+      *  ) func_dirname_result="${3}" ;;
+    esac])
+
+  _LT_PROG_FUNCTION_REPLACE([func_basename], [dnl
+    func_basename_result="${1##*/}"])
+
+  _LT_PROG_FUNCTION_REPLACE([func_dirname_and_basename], [dnl
+    case ${1} in
+      */*) func_dirname_result="${1%/*}${2}" ;;
+      *  ) func_dirname_result="${3}" ;;
+    esac
+    func_basename_result="${1##*/}"])
+
+  _LT_PROG_FUNCTION_REPLACE([func_stripname], [dnl
+    # pdksh 5.2.14 does not do ${X%$Y} correctly if both X and Y are
+    # positional parameters, so assign one to ordinary parameter first.
+    func_stripname_result=${3}
+    func_stripname_result=${func_stripname_result#"${1}"}
+    func_stripname_result=${func_stripname_result%"${2}"}])
+
+  _LT_PROG_FUNCTION_REPLACE([func_split_long_opt], [dnl
+    func_split_long_opt_name=${1%%=*}
+    func_split_long_opt_arg=${1#*=}])
+
+  _LT_PROG_FUNCTION_REPLACE([func_split_short_opt], [dnl
+    func_split_short_opt_arg=${1#??}
+    func_split_short_opt_name=${1%"$func_split_short_opt_arg"}])
+
+  _LT_PROG_FUNCTION_REPLACE([func_lo2o], [dnl
+    case ${1} in
+      *.lo) func_lo2o_result=${1%.lo}.${objext} ;;
+      *)    func_lo2o_result=${1} ;;
+    esac])
+
+  _LT_PROG_FUNCTION_REPLACE([func_xform], [    func_xform_result=${1%.*}.lo])
+
+  _LT_PROG_FUNCTION_REPLACE([func_arith], [    func_arith_result=$(( $[*] ))])
+
+  _LT_PROG_FUNCTION_REPLACE([func_len], [    func_len_result=${#1}])
+fi
+
+if test x"$lt_shell_append" = xyes; then
+  _LT_PROG_FUNCTION_REPLACE([func_append], [    eval "${1}+=\\${2}"])
+
+  _LT_PROG_FUNCTION_REPLACE([func_append_quoted], [dnl
+    func_quote_for_eval "${2}"
+dnl m4 expansion turns \\\\ into \\, and then the shell eval turns that into \
+    eval "${1}+=\\\\ \\$func_quote_for_eval_result"])
+
+  # Save a `func_append' function call where possible by direct use of '+='
+  sed -e 's%func_append \([[a-zA-Z_]]\{1,\}\) "%\1+="%g' $cfgfile > $cfgfile.tmp \
+    && mv -f "$cfgfile.tmp" "$cfgfile" \
+      || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp")
+  test 0 -eq $? || _lt_function_replace_fail=:
+else
+  # Save a `func_append' function call even when '+=' is not available
+  sed -e 's%func_append \([[a-zA-Z_]]\{1,\}\) "%\1="$\1%g' $cfgfile > $cfgfile.tmp \
+    && mv -f "$cfgfile.tmp" "$cfgfile" \
+      || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp")
+  test 0 -eq $? || _lt_function_replace_fail=:
+fi
+
+if test x"$_lt_function_replace_fail" = x":"; then
+  AC_MSG_WARN([Unable to substitute extended shell functions in $ofile])
+fi
+])
+
+# _LT_PATH_CONVERSION_FUNCTIONS
+# -----------------------------
+# Determine which file name conversion functions should be used by
+# func_to_host_file (and, implicitly, by func_to_host_path).  These are needed
+# for certain cross-compile configurations and native mingw.
+m4_defun([_LT_PATH_CONVERSION_FUNCTIONS],
+[AC_REQUIRE([AC_CANONICAL_HOST])dnl
+AC_REQUIRE([AC_CANONICAL_BUILD])dnl
+AC_MSG_CHECKING([how to convert $build file names to $host format])
+AC_CACHE_VAL(lt_cv_to_host_file_cmd,
+[case $host in
+  *-*-mingw* )
+    case $build in
+      *-*-mingw* ) # actually msys
+        lt_cv_to_host_file_cmd=func_convert_file_msys_to_w32
+        ;;
+      *-*-cygwin* )
+        lt_cv_to_host_file_cmd=func_convert_file_cygwin_to_w32
+        ;;
+      * ) # otherwise, assume *nix
+        lt_cv_to_host_file_cmd=func_convert_file_nix_to_w32
+        ;;
+    esac
+    ;;
+  *-*-cygwin* )
+    case $build in
+      *-*-mingw* ) # actually msys
+        lt_cv_to_host_file_cmd=func_convert_file_msys_to_cygwin
+        ;;
+      *-*-cygwin* )
+        lt_cv_to_host_file_cmd=func_convert_file_noop
+        ;;
+      * ) # otherwise, assume *nix
+        lt_cv_to_host_file_cmd=func_convert_file_nix_to_cygwin
+        ;;
+    esac
+    ;;
+  * ) # unhandled hosts (and "normal" native builds)
+    lt_cv_to_host_file_cmd=func_convert_file_noop
+    ;;
+esac
+])
+to_host_file_cmd=$lt_cv_to_host_file_cmd
+AC_MSG_RESULT([$lt_cv_to_host_file_cmd])
+_LT_DECL([to_host_file_cmd], [lt_cv_to_host_file_cmd],
+         [0], [convert $build file names to $host format])dnl
+
+AC_MSG_CHECKING([how to convert $build file names to toolchain format])
+AC_CACHE_VAL(lt_cv_to_tool_file_cmd,
+[#assume ordinary cross tools, or native build.
+lt_cv_to_tool_file_cmd=func_convert_file_noop
+case $host in
+  *-*-mingw* )
+    case $build in
+      *-*-mingw* ) # actually msys
+        lt_cv_to_tool_file_cmd=func_convert_file_msys_to_w32
+        ;;
+    esac
+    ;;
+esac
+])
+to_tool_file_cmd=$lt_cv_to_tool_file_cmd
+AC_MSG_RESULT([$lt_cv_to_tool_file_cmd])
+_LT_DECL([to_tool_file_cmd], [lt_cv_to_tool_file_cmd],
+         [0], [convert $build files to toolchain format])dnl
+])# _LT_PATH_CONVERSION_FUNCTIONS
diff --git a/3P/wolfssl/m4/ltoptions.m4 b/3P/wolfssl/m4/ltoptions.m4
new file mode 100644
index 00000000..5d9acd8e
--- /dev/null
+++ b/3P/wolfssl/m4/ltoptions.m4
@@ -0,0 +1,384 @@
+# Helper functions for option handling.                    -*- Autoconf -*-
+#
+#   Copyright (C) 2004, 2005, 2007, 2008, 2009 Free Software Foundation,
+#   Inc.
+#   Written by Gary V. Vaughan, 2004
+#
+# This file is free software; the Free Software Foundation gives
+# unlimited permission to copy and/or distribute it, with or without
+# modifications, as long as this notice is preserved.
+
+# serial 7 ltoptions.m4
+
+# This is to help aclocal find these macros, as it can't see m4_define.
+AC_DEFUN([LTOPTIONS_VERSION], [m4_if([1])])
+
+
+# _LT_MANGLE_OPTION(MACRO-NAME, OPTION-NAME)
+# ------------------------------------------
+m4_define([_LT_MANGLE_OPTION],
+[[_LT_OPTION_]m4_bpatsubst($1__$2, [[^a-zA-Z0-9_]], [_])])
+
+
+# _LT_SET_OPTION(MACRO-NAME, OPTION-NAME)
+# ---------------------------------------
+# Set option OPTION-NAME for macro MACRO-NAME, and if there is a
+# matching handler defined, dispatch to it.  Other OPTION-NAMEs are
+# saved as a flag.
+m4_define([_LT_SET_OPTION],
+[m4_define(_LT_MANGLE_OPTION([$1], [$2]))dnl
+m4_ifdef(_LT_MANGLE_DEFUN([$1], [$2]),
+        _LT_MANGLE_DEFUN([$1], [$2]),
+    [m4_warning([Unknown $1 option `$2'])])[]dnl
+])
+
+
+# _LT_IF_OPTION(MACRO-NAME, OPTION-NAME, IF-SET, [IF-NOT-SET])
+# ------------------------------------------------------------
+# Execute IF-SET if OPTION is set, IF-NOT-SET otherwise.
+m4_define([_LT_IF_OPTION],
+[m4_ifdef(_LT_MANGLE_OPTION([$1], [$2]), [$3], [$4])])
+
+
+# _LT_UNLESS_OPTIONS(MACRO-NAME, OPTION-LIST, IF-NOT-SET)
+# -------------------------------------------------------
+# Execute IF-NOT-SET unless all options in OPTION-LIST for MACRO-NAME
+# are set.
+m4_define([_LT_UNLESS_OPTIONS],
+[m4_foreach([_LT_Option], m4_split(m4_normalize([$2])),
+	    [m4_ifdef(_LT_MANGLE_OPTION([$1], _LT_Option),
+		      [m4_define([$0_found])])])[]dnl
+m4_ifdef([$0_found], [m4_undefine([$0_found])], [$3
+])[]dnl
+])
+
+
+# _LT_SET_OPTIONS(MACRO-NAME, OPTION-LIST)
+# ----------------------------------------
+# OPTION-LIST is a space-separated list of Libtool options associated
+# with MACRO-NAME.  If any OPTION has a matching handler declared with
+# LT_OPTION_DEFINE, dispatch to that macro; otherwise complain about
+# the unknown option and exit.
+m4_defun([_LT_SET_OPTIONS],
+[# Set options
+m4_foreach([_LT_Option], m4_split(m4_normalize([$2])),
+    [_LT_SET_OPTION([$1], _LT_Option)])
+
+m4_if([$1],[LT_INIT],[
+  dnl
+  dnl Simply set some default values (i.e off) if boolean options were not
+  dnl specified:
+  _LT_UNLESS_OPTIONS([LT_INIT], [dlopen], [enable_dlopen=no
+  ])
+  _LT_UNLESS_OPTIONS([LT_INIT], [win32-dll], [enable_win32_dll=no
+  ])
+  dnl
+  dnl If no reference was made to various pairs of opposing options, then
+  dnl we run the default mode handler for the pair.  For example, if neither
+  dnl `shared' nor `disable-shared' was passed, we enable building of shared
+  dnl archives by default:
+  _LT_UNLESS_OPTIONS([LT_INIT], [shared disable-shared], [_LT_ENABLE_SHARED])
+  _LT_UNLESS_OPTIONS([LT_INIT], [static disable-static], [_LT_ENABLE_STATIC])
+  _LT_UNLESS_OPTIONS([LT_INIT], [pic-only no-pic], [_LT_WITH_PIC])
+  _LT_UNLESS_OPTIONS([LT_INIT], [fast-install disable-fast-install],
+  		   [_LT_ENABLE_FAST_INSTALL])
+  ])
+])# _LT_SET_OPTIONS
+
+
+## --------------------------------- ##
+## Macros to handle LT_INIT options. ##
+## --------------------------------- ##
+
+# _LT_MANGLE_DEFUN(MACRO-NAME, OPTION-NAME)
+# -----------------------------------------
+m4_define([_LT_MANGLE_DEFUN],
+[[_LT_OPTION_DEFUN_]m4_bpatsubst(m4_toupper([$1__$2]), [[^A-Z0-9_]], [_])])
+
+
+# LT_OPTION_DEFINE(MACRO-NAME, OPTION-NAME, CODE)
+# -----------------------------------------------
+m4_define([LT_OPTION_DEFINE],
+[m4_define(_LT_MANGLE_DEFUN([$1], [$2]), [$3])[]dnl
+])# LT_OPTION_DEFINE
+
+
+# dlopen
+# ------
+LT_OPTION_DEFINE([LT_INIT], [dlopen], [enable_dlopen=yes
+])
+
+AU_DEFUN([AC_LIBTOOL_DLOPEN],
+[_LT_SET_OPTION([LT_INIT], [dlopen])
+AC_DIAGNOSE([obsolete],
+[$0: Remove this warning and the call to _LT_SET_OPTION when you
+put the `dlopen' option into LT_INIT's first parameter.])
+])
+
+dnl aclocal-1.4 backwards compatibility:
+dnl AC_DEFUN([AC_LIBTOOL_DLOPEN], [])
+
+
+# win32-dll
+# ---------
+# Declare package support for building win32 dll's.
+LT_OPTION_DEFINE([LT_INIT], [win32-dll],
+[enable_win32_dll=yes
+
+case $host in
+*-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-cegcc*)
+  AC_CHECK_TOOL(AS, as, false)
+  AC_CHECK_TOOL(DLLTOOL, dlltool, false)
+  AC_CHECK_TOOL(OBJDUMP, objdump, false)
+  ;;
+esac
+
+test -z "$AS" && AS=as
+_LT_DECL([], [AS],      [1], [Assembler program])dnl
+
+test -z "$DLLTOOL" && DLLTOOL=dlltool
+_LT_DECL([], [DLLTOOL], [1], [DLL creation program])dnl
+
+test -z "$OBJDUMP" && OBJDUMP=objdump
+_LT_DECL([], [OBJDUMP], [1], [Object dumper program])dnl
+])# win32-dll
+
+AU_DEFUN([AC_LIBTOOL_WIN32_DLL],
+[AC_REQUIRE([AC_CANONICAL_HOST])dnl
+_LT_SET_OPTION([LT_INIT], [win32-dll])
+AC_DIAGNOSE([obsolete],
+[$0: Remove this warning and the call to _LT_SET_OPTION when you
+put the `win32-dll' option into LT_INIT's first parameter.])
+])
+
+dnl aclocal-1.4 backwards compatibility:
+dnl AC_DEFUN([AC_LIBTOOL_WIN32_DLL], [])
+
+
+# _LT_ENABLE_SHARED([DEFAULT])
+# ----------------------------
+# implement the --enable-shared flag, and supports the `shared' and
+# `disable-shared' LT_INIT options.
+# DEFAULT is either `yes' or `no'.  If omitted, it defaults to `yes'.
+m4_define([_LT_ENABLE_SHARED],
+[m4_define([_LT_ENABLE_SHARED_DEFAULT], [m4_if($1, no, no, yes)])dnl
+AC_ARG_ENABLE([shared],
+    [AS_HELP_STRING([--enable-shared@<:@=PKGS@:>@],
+	[build shared libraries @<:@default=]_LT_ENABLE_SHARED_DEFAULT[@:>@])],
+    [p=${PACKAGE-default}
+    case $enableval in
+    yes) enable_shared=yes ;;
+    no) enable_shared=no ;;
+    *)
+      enable_shared=no
+      # Look at the argument we got.  We use all the common list separators.
+      lt_save_ifs="$IFS"; IFS="${IFS}$PATH_SEPARATOR,"
+      for pkg in $enableval; do
+	IFS="$lt_save_ifs"
+	if test "X$pkg" = "X$p"; then
+	  enable_shared=yes
+	fi
+      done
+      IFS="$lt_save_ifs"
+      ;;
+    esac],
+    [enable_shared=]_LT_ENABLE_SHARED_DEFAULT)
+
+    _LT_DECL([build_libtool_libs], [enable_shared], [0],
+	[Whether or not to build shared libraries])
+])# _LT_ENABLE_SHARED
+
+LT_OPTION_DEFINE([LT_INIT], [shared], [_LT_ENABLE_SHARED([yes])])
+LT_OPTION_DEFINE([LT_INIT], [disable-shared], [_LT_ENABLE_SHARED([no])])
+
+# Old names:
+AC_DEFUN([AC_ENABLE_SHARED],
+[_LT_SET_OPTION([LT_INIT], m4_if([$1], [no], [disable-])[shared])
+])
+
+AC_DEFUN([AC_DISABLE_SHARED],
+[_LT_SET_OPTION([LT_INIT], [disable-shared])
+])
+
+AU_DEFUN([AM_ENABLE_SHARED], [AC_ENABLE_SHARED($@)])
+AU_DEFUN([AM_DISABLE_SHARED], [AC_DISABLE_SHARED($@)])
+
+dnl aclocal-1.4 backwards compatibility:
+dnl AC_DEFUN([AM_ENABLE_SHARED], [])
+dnl AC_DEFUN([AM_DISABLE_SHARED], [])
+
+
+
+# _LT_ENABLE_STATIC([DEFAULT])
+# ----------------------------
+# implement the --enable-static flag, and support the `static' and
+# `disable-static' LT_INIT options.
+# DEFAULT is either `yes' or `no'.  If omitted, it defaults to `yes'.
+m4_define([_LT_ENABLE_STATIC],
+[m4_define([_LT_ENABLE_STATIC_DEFAULT], [m4_if($1, no, no, yes)])dnl
+AC_ARG_ENABLE([static],
+    [AS_HELP_STRING([--enable-static@<:@=PKGS@:>@],
+	[build static libraries @<:@default=]_LT_ENABLE_STATIC_DEFAULT[@:>@])],
+    [p=${PACKAGE-default}
+    case $enableval in
+    yes) enable_static=yes ;;
+    no) enable_static=no ;;
+    *)
+     enable_static=no
+      # Look at the argument we got.  We use all the common list separators.
+      lt_save_ifs="$IFS"; IFS="${IFS}$PATH_SEPARATOR,"
+      for pkg in $enableval; do
+	IFS="$lt_save_ifs"
+	if test "X$pkg" = "X$p"; then
+	  enable_static=yes
+	fi
+      done
+      IFS="$lt_save_ifs"
+      ;;
+    esac],
+    [enable_static=]_LT_ENABLE_STATIC_DEFAULT)
+
+    _LT_DECL([build_old_libs], [enable_static], [0],
+	[Whether or not to build static libraries])
+])# _LT_ENABLE_STATIC
+
+LT_OPTION_DEFINE([LT_INIT], [static], [_LT_ENABLE_STATIC([yes])])
+LT_OPTION_DEFINE([LT_INIT], [disable-static], [_LT_ENABLE_STATIC([no])])
+
+# Old names:
+AC_DEFUN([AC_ENABLE_STATIC],
+[_LT_SET_OPTION([LT_INIT], m4_if([$1], [no], [disable-])[static])
+])
+
+AC_DEFUN([AC_DISABLE_STATIC],
+[_LT_SET_OPTION([LT_INIT], [disable-static])
+])
+
+AU_DEFUN([AM_ENABLE_STATIC], [AC_ENABLE_STATIC($@)])
+AU_DEFUN([AM_DISABLE_STATIC], [AC_DISABLE_STATIC($@)])
+
+dnl aclocal-1.4 backwards compatibility:
+dnl AC_DEFUN([AM_ENABLE_STATIC], [])
+dnl AC_DEFUN([AM_DISABLE_STATIC], [])
+
+
+
+# _LT_ENABLE_FAST_INSTALL([DEFAULT])
+# ----------------------------------
+# implement the --enable-fast-install flag, and support the `fast-install'
+# and `disable-fast-install' LT_INIT options.
+# DEFAULT is either `yes' or `no'.  If omitted, it defaults to `yes'.
+m4_define([_LT_ENABLE_FAST_INSTALL],
+[m4_define([_LT_ENABLE_FAST_INSTALL_DEFAULT], [m4_if($1, no, no, yes)])dnl
+AC_ARG_ENABLE([fast-install],
+    [AS_HELP_STRING([--enable-fast-install@<:@=PKGS@:>@],
+    [optimize for fast installation @<:@default=]_LT_ENABLE_FAST_INSTALL_DEFAULT[@:>@])],
+    [p=${PACKAGE-default}
+    case $enableval in
+    yes) enable_fast_install=yes ;;
+    no) enable_fast_install=no ;;
+    *)
+      enable_fast_install=no
+      # Look at the argument we got.  We use all the common list separators.
+      lt_save_ifs="$IFS"; IFS="${IFS}$PATH_SEPARATOR,"
+      for pkg in $enableval; do
+	IFS="$lt_save_ifs"
+	if test "X$pkg" = "X$p"; then
+	  enable_fast_install=yes
+	fi
+      done
+      IFS="$lt_save_ifs"
+      ;;
+    esac],
+    [enable_fast_install=]_LT_ENABLE_FAST_INSTALL_DEFAULT)
+
+_LT_DECL([fast_install], [enable_fast_install], [0],
+	 [Whether or not to optimize for fast installation])dnl
+])# _LT_ENABLE_FAST_INSTALL
+
+LT_OPTION_DEFINE([LT_INIT], [fast-install], [_LT_ENABLE_FAST_INSTALL([yes])])
+LT_OPTION_DEFINE([LT_INIT], [disable-fast-install], [_LT_ENABLE_FAST_INSTALL([no])])
+
+# Old names:
+AU_DEFUN([AC_ENABLE_FAST_INSTALL],
+[_LT_SET_OPTION([LT_INIT], m4_if([$1], [no], [disable-])[fast-install])
+AC_DIAGNOSE([obsolete],
+[$0: Remove this warning and the call to _LT_SET_OPTION when you put
+the `fast-install' option into LT_INIT's first parameter.])
+])
+
+AU_DEFUN([AC_DISABLE_FAST_INSTALL],
+[_LT_SET_OPTION([LT_INIT], [disable-fast-install])
+AC_DIAGNOSE([obsolete],
+[$0: Remove this warning and the call to _LT_SET_OPTION when you put
+the `disable-fast-install' option into LT_INIT's first parameter.])
+])
+
+dnl aclocal-1.4 backwards compatibility:
+dnl AC_DEFUN([AC_ENABLE_FAST_INSTALL], [])
+dnl AC_DEFUN([AM_DISABLE_FAST_INSTALL], [])
+
+
+# _LT_WITH_PIC([MODE])
+# --------------------
+# implement the --with-pic flag, and support the `pic-only' and `no-pic'
+# LT_INIT options.
+# MODE is either `yes' or `no'.  If omitted, it defaults to `both'.
+m4_define([_LT_WITH_PIC],
+[AC_ARG_WITH([pic],
+    [AS_HELP_STRING([--with-pic@<:@=PKGS@:>@],
+	[try to use only PIC/non-PIC objects @<:@default=use both@:>@])],
+    [lt_p=${PACKAGE-default}
+    case $withval in
+    yes|no) pic_mode=$withval ;;
+    *)
+      pic_mode=default
+      # Look at the argument we got.  We use all the common list separators.
+      lt_save_ifs="$IFS"; IFS="${IFS}$PATH_SEPARATOR,"
+      for lt_pkg in $withval; do
+	IFS="$lt_save_ifs"
+	if test "X$lt_pkg" = "X$lt_p"; then
+	  pic_mode=yes
+	fi
+      done
+      IFS="$lt_save_ifs"
+      ;;
+    esac],
+    [pic_mode=default])
+
+test -z "$pic_mode" && pic_mode=m4_default([$1], [default])
+
+_LT_DECL([], [pic_mode], [0], [What type of objects to build])dnl
+])# _LT_WITH_PIC
+
+LT_OPTION_DEFINE([LT_INIT], [pic-only], [_LT_WITH_PIC([yes])])
+LT_OPTION_DEFINE([LT_INIT], [no-pic], [_LT_WITH_PIC([no])])
+
+# Old name:
+AU_DEFUN([AC_LIBTOOL_PICMODE],
+[_LT_SET_OPTION([LT_INIT], [pic-only])
+AC_DIAGNOSE([obsolete],
+[$0: Remove this warning and the call to _LT_SET_OPTION when you
+put the `pic-only' option into LT_INIT's first parameter.])
+])
+
+dnl aclocal-1.4 backwards compatibility:
+dnl AC_DEFUN([AC_LIBTOOL_PICMODE], [])
+
+## ----------------- ##
+## LTDL_INIT Options ##
+## ----------------- ##
+
+m4_define([_LTDL_MODE], [])
+LT_OPTION_DEFINE([LTDL_INIT], [nonrecursive],
+		 [m4_define([_LTDL_MODE], [nonrecursive])])
+LT_OPTION_DEFINE([LTDL_INIT], [recursive],
+		 [m4_define([_LTDL_MODE], [recursive])])
+LT_OPTION_DEFINE([LTDL_INIT], [subproject],
+		 [m4_define([_LTDL_MODE], [subproject])])
+
+m4_define([_LTDL_TYPE], [])
+LT_OPTION_DEFINE([LTDL_INIT], [installable],
+		 [m4_define([_LTDL_TYPE], [installable])])
+LT_OPTION_DEFINE([LTDL_INIT], [convenience],
+		 [m4_define([_LTDL_TYPE], [convenience])])
diff --git a/3P/wolfssl/m4/ltsugar.m4 b/3P/wolfssl/m4/ltsugar.m4
new file mode 100644
index 00000000..9000a057
--- /dev/null
+++ b/3P/wolfssl/m4/ltsugar.m4
@@ -0,0 +1,123 @@
+# ltsugar.m4 -- libtool m4 base layer.                         -*-Autoconf-*-
+#
+# Copyright (C) 2004, 2005, 2007, 2008 Free Software Foundation, Inc.
+# Written by Gary V. Vaughan, 2004
+#
+# This file is free software; the Free Software Foundation gives
+# unlimited permission to copy and/or distribute it, with or without
+# modifications, as long as this notice is preserved.
+
+# serial 6 ltsugar.m4
+
+# This is to help aclocal find these macros, as it can't see m4_define.
+AC_DEFUN([LTSUGAR_VERSION], [m4_if([0.1])])
+
+
+# lt_join(SEP, ARG1, [ARG2...])
+# -----------------------------
+# Produce ARG1SEPARG2...SEPARGn, omitting [] arguments and their
+# associated separator.
+# Needed until we can rely on m4_join from Autoconf 2.62, since all earlier
+# versions in m4sugar had bugs.
+m4_define([lt_join],
+[m4_if([$#], [1], [],
+       [$#], [2], [[$2]],
+       [m4_if([$2], [], [], [[$2]_])$0([$1], m4_shift(m4_shift($@)))])])
+m4_define([_lt_join],
+[m4_if([$#$2], [2], [],
+       [m4_if([$2], [], [], [[$1$2]])$0([$1], m4_shift(m4_shift($@)))])])
+
+
+# lt_car(LIST)
+# lt_cdr(LIST)
+# ------------
+# Manipulate m4 lists.
+# These macros are necessary as long as will still need to support
+# Autoconf-2.59 which quotes differently.
+m4_define([lt_car], [[$1]])
+m4_define([lt_cdr],
+[m4_if([$#], 0, [m4_fatal([$0: cannot be called without arguments])],
+       [$#], 1, [],
+       [m4_dquote(m4_shift($@))])])
+m4_define([lt_unquote], $1)
+
+
+# lt_append(MACRO-NAME, STRING, [SEPARATOR])
+# ------------------------------------------
+# Redefine MACRO-NAME to hold its former content plus `SEPARATOR'`STRING'.
+# Note that neither SEPARATOR nor STRING are expanded; they are appended
+# to MACRO-NAME as is (leaving the expansion for when MACRO-NAME is invoked).
+# No SEPARATOR is output if MACRO-NAME was previously undefined (different
+# than defined and empty).
+#
+# This macro is needed until we can rely on Autoconf 2.62, since earlier
+# versions of m4sugar mistakenly expanded SEPARATOR but not STRING.
+m4_define([lt_append],
+[m4_define([$1],
+	   m4_ifdef([$1], [m4_defn([$1])[$3]])[$2])])
+
+
+
+# lt_combine(SEP, PREFIX-LIST, INFIX, SUFFIX1, [SUFFIX2...])
+# ----------------------------------------------------------
+# Produce a SEP delimited list of all paired combinations of elements of
+# PREFIX-LIST with SUFFIX1 through SUFFIXn.  Each element of the list
+# has the form PREFIXmINFIXSUFFIXn.
+# Needed until we can rely on m4_combine added in Autoconf 2.62.
+m4_define([lt_combine],
+[m4_if(m4_eval([$# > 3]), [1],
+       [m4_pushdef([_Lt_sep], [m4_define([_Lt_sep], m4_defn([lt_car]))])]]dnl
+[[m4_foreach([_Lt_prefix], [$2],
+	     [m4_foreach([_Lt_suffix],
+		]m4_dquote(m4_dquote(m4_shift(m4_shift(m4_shift($@)))))[,
+	[_Lt_sep([$1])[]m4_defn([_Lt_prefix])[$3]m4_defn([_Lt_suffix])])])])])
+
+
+# lt_if_append_uniq(MACRO-NAME, VARNAME, [SEPARATOR], [UNIQ], [NOT-UNIQ])
+# -----------------------------------------------------------------------
+# Iff MACRO-NAME does not yet contain VARNAME, then append it (delimited
+# by SEPARATOR if supplied) and expand UNIQ, else NOT-UNIQ.
+m4_define([lt_if_append_uniq],
+[m4_ifdef([$1],
+	  [m4_if(m4_index([$3]m4_defn([$1])[$3], [$3$2$3]), [-1],
+		 [lt_append([$1], [$2], [$3])$4],
+		 [$5])],
+	  [lt_append([$1], [$2], [$3])$4])])
+
+
+# lt_dict_add(DICT, KEY, VALUE)
+# -----------------------------
+m4_define([lt_dict_add],
+[m4_define([$1($2)], [$3])])
+
+
+# lt_dict_add_subkey(DICT, KEY, SUBKEY, VALUE)
+# --------------------------------------------
+m4_define([lt_dict_add_subkey],
+[m4_define([$1($2:$3)], [$4])])
+
+
+# lt_dict_fetch(DICT, KEY, [SUBKEY])
+# ----------------------------------
+m4_define([lt_dict_fetch],
+[m4_ifval([$3],
+	m4_ifdef([$1($2:$3)], [m4_defn([$1($2:$3)])]),
+    m4_ifdef([$1($2)], [m4_defn([$1($2)])]))])
+
+
+# lt_if_dict_fetch(DICT, KEY, [SUBKEY], VALUE, IF-TRUE, [IF-FALSE])
+# -----------------------------------------------------------------
+m4_define([lt_if_dict_fetch],
+[m4_if(lt_dict_fetch([$1], [$2], [$3]), [$4],
+	[$5],
+    [$6])])
+
+
+# lt_dict_filter(DICT, [SUBKEY], VALUE, [SEPARATOR], KEY, [...])
+# --------------------------------------------------------------
+m4_define([lt_dict_filter],
+[m4_if([$5], [], [],
+  [lt_join(m4_quote(m4_default([$4], [[, ]])),
+           lt_unquote(m4_split(m4_normalize(m4_foreach(_Lt_key, lt_car([m4_shiftn(4, $@)]),
+		      [lt_if_dict_fetch([$1], _Lt_key, [$2], [$3], [_Lt_key ])])))))])[]dnl
+])
diff --git a/3P/wolfssl/m4/ltversion.m4 b/3P/wolfssl/m4/ltversion.m4
new file mode 100644
index 00000000..07a8602d
--- /dev/null
+++ b/3P/wolfssl/m4/ltversion.m4
@@ -0,0 +1,23 @@
+# ltversion.m4 -- version numbers			-*- Autoconf -*-
+#
+#   Copyright (C) 2004 Free Software Foundation, Inc.
+#   Written by Scott James Remnant, 2004
+#
+# This file is free software; the Free Software Foundation gives
+# unlimited permission to copy and/or distribute it, with or without
+# modifications, as long as this notice is preserved.
+
+# @configure_input@
+
+# serial 3337 ltversion.m4
+# This file is part of GNU Libtool
+
+m4_define([LT_PACKAGE_VERSION], [2.4.2])
+m4_define([LT_PACKAGE_REVISION], [1.3337])
+
+AC_DEFUN([LTVERSION_VERSION],
+[macro_version='2.4.2'
+macro_revision='1.3337'
+_LT_DECL(, macro_version, 0, [Which release of libtool.m4 was used?])
+_LT_DECL(, macro_revision, 0)
+])
diff --git a/3P/wolfssl/m4/lt~obsolete.m4 b/3P/wolfssl/m4/lt~obsolete.m4
new file mode 100644
index 00000000..c573da90
--- /dev/null
+++ b/3P/wolfssl/m4/lt~obsolete.m4
@@ -0,0 +1,98 @@
+# lt~obsolete.m4 -- aclocal satisfying obsolete definitions.    -*-Autoconf-*-
+#
+#   Copyright (C) 2004, 2005, 2007, 2009 Free Software Foundation, Inc.
+#   Written by Scott James Remnant, 2004.
+#
+# This file is free software; the Free Software Foundation gives
+# unlimited permission to copy and/or distribute it, with or without
+# modifications, as long as this notice is preserved.
+
+# serial 5 lt~obsolete.m4
+
+# These exist entirely to fool aclocal when bootstrapping libtool.
+#
+# In the past libtool.m4 has provided macros via AC_DEFUN (or AU_DEFUN)
+# which have later been changed to m4_define as they aren't part of the
+# exported API, or moved to Autoconf or Automake where they belong.
+#
+# The trouble is, aclocal is a bit thick.  It'll see the old AC_DEFUN
+# in /usr/share/aclocal/libtool.m4 and remember it, then when it sees us
+# using a macro with the same name in our local m4/libtool.m4 it'll
+# pull the old libtool.m4 in (it doesn't see our shiny new m4_define
+# and doesn't know about Autoconf macros at all.)
+#
+# So we provide this file, which has a silly filename so it's always
+# included after everything else.  This provides aclocal with the
+# AC_DEFUNs it wants, but when m4 processes it, it doesn't do anything
+# because those macros already exist, or will be overwritten later.
+# We use AC_DEFUN over AU_DEFUN for compatibility with aclocal-1.6. 
+#
+# Anytime we withdraw an AC_DEFUN or AU_DEFUN, remember to add it here.
+# Yes, that means every name once taken will need to remain here until
+# we give up compatibility with versions before 1.7, at which point
+# we need to keep only those names which we still refer to.
+
+# This is to help aclocal find these macros, as it can't see m4_define.
+AC_DEFUN([LTOBSOLETE_VERSION], [m4_if([1])])
+
+m4_ifndef([AC_LIBTOOL_LINKER_OPTION],	[AC_DEFUN([AC_LIBTOOL_LINKER_OPTION])])
+m4_ifndef([AC_PROG_EGREP],		[AC_DEFUN([AC_PROG_EGREP])])
+m4_ifndef([_LT_AC_PROG_ECHO_BACKSLASH],	[AC_DEFUN([_LT_AC_PROG_ECHO_BACKSLASH])])
+m4_ifndef([_LT_AC_SHELL_INIT],		[AC_DEFUN([_LT_AC_SHELL_INIT])])
+m4_ifndef([_LT_AC_SYS_LIBPATH_AIX],	[AC_DEFUN([_LT_AC_SYS_LIBPATH_AIX])])
+m4_ifndef([_LT_PROG_LTMAIN],		[AC_DEFUN([_LT_PROG_LTMAIN])])
+m4_ifndef([_LT_AC_TAGVAR],		[AC_DEFUN([_LT_AC_TAGVAR])])
+m4_ifndef([AC_LTDL_ENABLE_INSTALL],	[AC_DEFUN([AC_LTDL_ENABLE_INSTALL])])
+m4_ifndef([AC_LTDL_PREOPEN],		[AC_DEFUN([AC_LTDL_PREOPEN])])
+m4_ifndef([_LT_AC_SYS_COMPILER],	[AC_DEFUN([_LT_AC_SYS_COMPILER])])
+m4_ifndef([_LT_AC_LOCK],		[AC_DEFUN([_LT_AC_LOCK])])
+m4_ifndef([AC_LIBTOOL_SYS_OLD_ARCHIVE],	[AC_DEFUN([AC_LIBTOOL_SYS_OLD_ARCHIVE])])
+m4_ifndef([_LT_AC_TRY_DLOPEN_SELF],	[AC_DEFUN([_LT_AC_TRY_DLOPEN_SELF])])
+m4_ifndef([AC_LIBTOOL_PROG_CC_C_O],	[AC_DEFUN([AC_LIBTOOL_PROG_CC_C_O])])
+m4_ifndef([AC_LIBTOOL_SYS_HARD_LINK_LOCKS], [AC_DEFUN([AC_LIBTOOL_SYS_HARD_LINK_LOCKS])])
+m4_ifndef([AC_LIBTOOL_OBJDIR],		[AC_DEFUN([AC_LIBTOOL_OBJDIR])])
+m4_ifndef([AC_LTDL_OBJDIR],		[AC_DEFUN([AC_LTDL_OBJDIR])])
+m4_ifndef([AC_LIBTOOL_PROG_LD_HARDCODE_LIBPATH], [AC_DEFUN([AC_LIBTOOL_PROG_LD_HARDCODE_LIBPATH])])
+m4_ifndef([AC_LIBTOOL_SYS_LIB_STRIP],	[AC_DEFUN([AC_LIBTOOL_SYS_LIB_STRIP])])
+m4_ifndef([AC_PATH_MAGIC],		[AC_DEFUN([AC_PATH_MAGIC])])
+m4_ifndef([AC_PROG_LD_GNU],		[AC_DEFUN([AC_PROG_LD_GNU])])
+m4_ifndef([AC_PROG_LD_RELOAD_FLAG],	[AC_DEFUN([AC_PROG_LD_RELOAD_FLAG])])
+m4_ifndef([AC_DEPLIBS_CHECK_METHOD],	[AC_DEFUN([AC_DEPLIBS_CHECK_METHOD])])
+m4_ifndef([AC_LIBTOOL_PROG_COMPILER_NO_RTTI], [AC_DEFUN([AC_LIBTOOL_PROG_COMPILER_NO_RTTI])])
+m4_ifndef([AC_LIBTOOL_SYS_GLOBAL_SYMBOL_PIPE], [AC_DEFUN([AC_LIBTOOL_SYS_GLOBAL_SYMBOL_PIPE])])
+m4_ifndef([AC_LIBTOOL_PROG_COMPILER_PIC], [AC_DEFUN([AC_LIBTOOL_PROG_COMPILER_PIC])])
+m4_ifndef([AC_LIBTOOL_PROG_LD_SHLIBS],	[AC_DEFUN([AC_LIBTOOL_PROG_LD_SHLIBS])])
+m4_ifndef([AC_LIBTOOL_POSTDEP_PREDEP],	[AC_DEFUN([AC_LIBTOOL_POSTDEP_PREDEP])])
+m4_ifndef([LT_AC_PROG_EGREP],		[AC_DEFUN([LT_AC_PROG_EGREP])])
+m4_ifndef([LT_AC_PROG_SED],		[AC_DEFUN([LT_AC_PROG_SED])])
+m4_ifndef([_LT_CC_BASENAME],		[AC_DEFUN([_LT_CC_BASENAME])])
+m4_ifndef([_LT_COMPILER_BOILERPLATE],	[AC_DEFUN([_LT_COMPILER_BOILERPLATE])])
+m4_ifndef([_LT_LINKER_BOILERPLATE],	[AC_DEFUN([_LT_LINKER_BOILERPLATE])])
+m4_ifndef([_AC_PROG_LIBTOOL],		[AC_DEFUN([_AC_PROG_LIBTOOL])])
+m4_ifndef([AC_LIBTOOL_SETUP],		[AC_DEFUN([AC_LIBTOOL_SETUP])])
+m4_ifndef([_LT_AC_CHECK_DLFCN],		[AC_DEFUN([_LT_AC_CHECK_DLFCN])])
+m4_ifndef([AC_LIBTOOL_SYS_DYNAMIC_LINKER],	[AC_DEFUN([AC_LIBTOOL_SYS_DYNAMIC_LINKER])])
+m4_ifndef([_LT_AC_TAGCONFIG],		[AC_DEFUN([_LT_AC_TAGCONFIG])])
+m4_ifndef([AC_DISABLE_FAST_INSTALL],	[AC_DEFUN([AC_DISABLE_FAST_INSTALL])])
+m4_ifndef([_LT_AC_LANG_CXX],		[AC_DEFUN([_LT_AC_LANG_CXX])])
+m4_ifndef([_LT_AC_LANG_F77],		[AC_DEFUN([_LT_AC_LANG_F77])])
+m4_ifndef([_LT_AC_LANG_GCJ],		[AC_DEFUN([_LT_AC_LANG_GCJ])])
+m4_ifndef([AC_LIBTOOL_LANG_C_CONFIG],	[AC_DEFUN([AC_LIBTOOL_LANG_C_CONFIG])])
+m4_ifndef([_LT_AC_LANG_C_CONFIG],	[AC_DEFUN([_LT_AC_LANG_C_CONFIG])])
+m4_ifndef([AC_LIBTOOL_LANG_CXX_CONFIG],	[AC_DEFUN([AC_LIBTOOL_LANG_CXX_CONFIG])])
+m4_ifndef([_LT_AC_LANG_CXX_CONFIG],	[AC_DEFUN([_LT_AC_LANG_CXX_CONFIG])])
+m4_ifndef([AC_LIBTOOL_LANG_F77_CONFIG],	[AC_DEFUN([AC_LIBTOOL_LANG_F77_CONFIG])])
+m4_ifndef([_LT_AC_LANG_F77_CONFIG],	[AC_DEFUN([_LT_AC_LANG_F77_CONFIG])])
+m4_ifndef([AC_LIBTOOL_LANG_GCJ_CONFIG],	[AC_DEFUN([AC_LIBTOOL_LANG_GCJ_CONFIG])])
+m4_ifndef([_LT_AC_LANG_GCJ_CONFIG],	[AC_DEFUN([_LT_AC_LANG_GCJ_CONFIG])])
+m4_ifndef([AC_LIBTOOL_LANG_RC_CONFIG],	[AC_DEFUN([AC_LIBTOOL_LANG_RC_CONFIG])])
+m4_ifndef([_LT_AC_LANG_RC_CONFIG],	[AC_DEFUN([_LT_AC_LANG_RC_CONFIG])])
+m4_ifndef([AC_LIBTOOL_CONFIG],		[AC_DEFUN([AC_LIBTOOL_CONFIG])])
+m4_ifndef([_LT_AC_FILE_LTDLL_C],	[AC_DEFUN([_LT_AC_FILE_LTDLL_C])])
+m4_ifndef([_LT_REQUIRED_DARWIN_CHECKS],	[AC_DEFUN([_LT_REQUIRED_DARWIN_CHECKS])])
+m4_ifndef([_LT_AC_PROG_CXXCPP],		[AC_DEFUN([_LT_AC_PROG_CXXCPP])])
+m4_ifndef([_LT_PREPARE_SED_QUOTE_VARS],	[AC_DEFUN([_LT_PREPARE_SED_QUOTE_VARS])])
+m4_ifndef([_LT_PROG_ECHO_BACKSLASH],	[AC_DEFUN([_LT_PROG_ECHO_BACKSLASH])])
+m4_ifndef([_LT_PROG_F77],		[AC_DEFUN([_LT_PROG_F77])])
+m4_ifndef([_LT_PROG_FC],		[AC_DEFUN([_LT_PROG_FC])])
+m4_ifndef([_LT_PROG_CXX],		[AC_DEFUN([_LT_PROG_CXX])])
diff --git a/3P/wolfssl/m4/visibility.m4 b/3P/wolfssl/m4/visibility.m4
new file mode 100644
index 00000000..75c34b6e
--- /dev/null
+++ b/3P/wolfssl/m4/visibility.m4
@@ -0,0 +1,77 @@
+# visibility.m4 serial 4 (gettext-0.18.2)
+dnl Copyright (C) 2005, 2008, 2010-2011 Free Software Foundation, Inc.
+dnl This file is free software; the Free Software Foundation
+dnl gives unlimited permission to copy and/or distribute it,
+dnl with or without modifications, as long as this notice is preserved.
+
+dnl From Bruno Haible.
+
+dnl Tests whether the compiler supports the command-line option
+dnl -fvisibility=hidden and the function and variable attributes
+dnl __attribute__((__visibility__("hidden"))) and
+dnl __attribute__((__visibility__("default"))).
+dnl Does *not* test for __visibility__("protected") - which has tricky
+dnl semantics (see the 'vismain' test in glibc) and does not exist e.g. on
+dnl MacOS X.
+dnl Does *not* test for __visibility__("internal") - which has processor
+dnl dependent semantics.
+dnl Does *not* test for #pragma GCC visibility push(hidden) - which is
+dnl "really only recommended for legacy code".
+dnl Set the variable CFLAG_VISIBILITY.
+dnl Defines and sets the variable HAVE_VISIBILITY.
+
+AC_DEFUN([gl_VISIBILITY],
+[
+  AC_REQUIRE([AC_PROG_CC])
+  CFLAG_VISIBILITY=
+  HAVE_VISIBILITY=0
+  if test -n "$GCC"; then
+    dnl First, check whether -Werror can be added to the command line, or
+    dnl whether it leads to an error because of some other option that the
+    dnl user has put into $CC $CFLAGS $CPPFLAGS.
+    AC_MSG_CHECKING([whether the -Werror option is usable])
+    AC_CACHE_VAL([gl_cv_cc_vis_werror], [
+      gl_save_CFLAGS="$CFLAGS"
+      CFLAGS="$CFLAGS -Werror"
+      AC_COMPILE_IFELSE(
+        [AC_LANG_PROGRAM([[]], [[]])],
+        [gl_cv_cc_vis_werror=yes],
+        [gl_cv_cc_vis_werror=no])
+      CFLAGS="$gl_save_CFLAGS"])
+    AC_MSG_RESULT([$gl_cv_cc_vis_werror])
+    dnl Now check whether visibility declarations are supported.
+    AC_MSG_CHECKING([for simple visibility declarations])
+    AC_CACHE_VAL([gl_cv_cc_visibility], [
+      gl_save_CFLAGS="$CFLAGS"
+      CFLAGS="$CFLAGS -fvisibility=hidden"
+      dnl We use the option -Werror and a function dummyfunc, because on some
+      dnl platforms (Cygwin 1.7) the use of -fvisibility triggers a warning
+      dnl "visibility attribute not supported in this configuration; ignored"
+      dnl at the first function definition in every compilation unit, and we
+      dnl don't want to use the option in this case.
+      if test $gl_cv_cc_vis_werror = yes; then
+        CFLAGS="$CFLAGS -Werror"
+      fi
+      AC_COMPILE_IFELSE(
+        [AC_LANG_PROGRAM(
+           [[extern __attribute__((__visibility__("hidden"))) int hiddenvar;
+             extern __attribute__((__visibility__("default"))) int exportedvar;
+             extern __attribute__((__visibility__("hidden"))) int hiddenfunc (void);
+             extern __attribute__((__visibility__("default"))) int exportedfunc (void);
+             void dummyfunc (void) {}
+           ]],
+           [[]])],
+        [gl_cv_cc_visibility=yes],
+        [gl_cv_cc_visibility=no])
+      CFLAGS="$gl_save_CFLAGS"])
+    AC_MSG_RESULT([$gl_cv_cc_visibility])
+    if test $gl_cv_cc_visibility = yes; then
+      CFLAG_VISIBILITY="-fvisibility=hidden"
+      HAVE_VISIBILITY=1
+    fi
+  fi
+  AC_SUBST([CFLAG_VISIBILITY])
+  AC_SUBST([HAVE_VISIBILITY])
+  AC_DEFINE_UNQUOTED([HAVE_VISIBILITY], [$HAVE_VISIBILITY],
+    [Define to 1 or 0, depending whether the compiler supports simple visibility declarations.])
+])
diff --git a/3P/wolfssl/m4/wolfssl_darwin_clang.m4 b/3P/wolfssl/m4/wolfssl_darwin_clang.m4
new file mode 100644
index 00000000..fee9b6ae
--- /dev/null
+++ b/3P/wolfssl/m4/wolfssl_darwin_clang.m4
@@ -0,0 +1,37 @@
+# ===========================================================================
+#
+# SYNOPSIS
+#
+#   WOLFSSL_DARWIN_USING_CLANG
+#
+# DESCRIPTION
+#
+#   With the advent of Apple Xcode v5.0, the old tool sets are missing from
+#   the distribution. The provided "gcc" executable wrapper accepts the
+#   "-pthread" flag, and passes it to the underlying "clang" which chokes
+#   on it. This script checks the version of the gcc executable to see if
+#   it reports it is really "clang".
+#
+#   The value is placed in the wolfssl_darwin_clang variable.
+#
+# LICENSE
+#
+#   Copyright (c) 2013 John Safranek 
+#
+#   Copying and distribution of this file, with or without modification, are
+#   permitted in any medium without royalty provided the copyright notice
+#   and this notice are preserved. This file is offered as-is, without any
+#   warranty.
+
+#serial 1
+
+AC_DEFUN([WOLFSSL_DARWIN_USING_CLANG],
+        [
+            if test x"$CC" = xclang; then
+                wolfssl_darwin_clang=yes
+            elif test x"$CC" = x || test x"$CC" = xgcc; then
+                if /usr/bin/gcc -v 2>&1 | grep 'clang' >/dev/null 2>&1; then
+                    wolfssl_darwin_clang=yes
+                fi
+            fi
+        ])
diff --git a/3P/wolfssl/mcapi/PIC32MZ-serial.h b/3P/wolfssl/mcapi/PIC32MZ-serial.h
new file mode 100644
index 00000000..323de525
--- /dev/null
+++ b/3P/wolfssl/mcapi/PIC32MZ-serial.h
@@ -0,0 +1,28 @@
+void _mon_putc(char c);
+
+static void init_serial() {
+    #ifdef MICROCHIP_PIC32
+#if defined (__32MZ2048ECH144__) || (__32MZ2048ECM144__)
+    /* Set up PB2 divisor for UART2 */
+    SYSKEY = 0x00000000;
+    SYSKEY = 0xAA996655;
+    SYSKEY = 0x556699AA;
+    PB2DIV = 0x00008018;
+    SYSKEY = 0x33333333;
+ 
+    /* UART2 Init */
+//    U2BRG = 0x0C;
+    U2BRG = 0x7;
+    ANSELBCLR = 0x4000;
+    ANSELGCLR = 0x0040;
+    RPB14R = 0x02;
+    U2RXR = 0x01;
+    U2MODE = 0x8000;
+    U2STA = 0x400;
+#elif defined __PIC32MX__
+    SYSTEMConfigPerformance(80000000);
+    DBINIT();
+#endif
+ 
+#endif
+}
diff --git a/3P/wolfssl/mcapi/README b/3P/wolfssl/mcapi/README
new file mode 100644
index 00000000..711ec747
--- /dev/null
+++ b/3P/wolfssl/mcapi/README
@@ -0,0 +1,79 @@
+WolfSSL MPLAB X Project Files
+
+This directory contains project files for the Microchip MPLAB X IDE. These
+projects have been set up to use the Microchip PIC32 Ethernet Starter Kit
+and the Microchip XC32 compiler, and have been created specifically to test
+the Microchip-specific WolfCrypt API with compression support. For MPLAB X 
+projects that don't use compression and are generic to the WolfCrypt API, 
+please see the /mplabx directory.
+
+In order to generate the necessary auto-generated MPLAB X files, make sure
+to import the cyassl.X and zlib.X projects into your MPLAB X workspace before 
+trying to build either the WolfCrypt test or benchmark applications. This will
+correctly set up the respective project's Makefiles.
+
+Included Project Files
+-----------------------
+
+1. wolfSSL library (wolfssl.X)
+
+    This project builds a static wolfSSL library. Prior to building this
+    project, uncomment the MICROCHIP_PIC32 define located in:
+
+    /wolfssl/wolfcrypt/settings.h
+
+    After this project has been built, the compiled library will be located
+    at:
+
+    /mplabx/wolfssl.X/dist/default/production/wolfssl.X.a
+
+    Note that this project includes the zlib header location in the project's
+    include paths. This is because this project has been set up to be compiled
+    with zlib support to enable compression and decompression features.
+
+2. wolfCrypt Test App (wolfcrypt_test.X)
+
+    This project tests the wolfCrypt cryptography modules. It is generally
+    a good idea to run this first on an embedded system after compiling
+    wolfSSL in order to verify all underlying crypto is working correctly.
+
+3. wolfCrypt Benchmark App (wolfcrypt_benchmark.X)
+
+    This project builds the wolfCrypt benchmark application. If the wolfSSL
+    project (wolfssl.X) has been compiled with libz support and is being
+    used to build this project, the zlib.X project will need to added to
+    the "Libraries" folder under the wolfcrypt_benchmark.X project before
+    it will compile successfully.
+
+4. wolfCrypt MCAPI Test App (wolfcrypt_mcapi.X)
+
+    This project tests the Microchip crytpo API layer. The Microchip crypto
+    layer is located under the /mcapi directory.
+
+5. zlib library (zlib.X)
+
+    This project builds the zlib library for use in the wolfcrypt_test.X
+    and wolfcrypt_mcapi.X projects. This project expects the zlib sources
+    to be located under the wolfSSL root directory. Currently it is set up
+    to work with zlib 1.2.8, and looks for sources under:
+
+    /zlib-1.2.8
+
+PIC32MX/PIC32MZ
+---------------
+
+The projects are set for PIC32MX by default. For PIC32MZ, change project
+properties->Devices and add "WOLFSSL_MICROCHIP_PIC32M" to 
+XC32-gcc->Preprocessing and messages-> Preprocessor macros.
+
+MIPS16 and MIPS32 Support
+-------------------------
+
+These projects support both MIPS16 and MIPS32 instruction sets. Switching
+between these two instruction sets can be done in each project's properties
+settings by checking the "Generate 16-bit code" checkbox.
+
+Support
+-------
+Please send questions or comments to support@wolfssl.com
+
diff --git a/3P/wolfssl/mcapi/crypto.c b/3P/wolfssl/mcapi/crypto.c
new file mode 100644
index 00000000..ef947567
--- /dev/null
+++ b/3P/wolfssl/mcapi/crypto.c
@@ -0,0 +1,703 @@
+/* crypto.c
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+/* Implements Microchip CRYPTO API layer */
+
+
+
+#include "crypto.h"
+
+#include 
+
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+
+
+/* Initialize MD5 */
+int CRYPT_MD5_Initialize(CRYPT_MD5_CTX* md5)
+{
+    typedef char md5_test[sizeof(CRYPT_MD5_CTX) >= sizeof(Md5) ? 1 : -1];
+    (void)sizeof(md5_test);
+
+    if (md5 == NULL)
+        return BAD_FUNC_ARG;
+
+    wc_InitMd5((Md5*)md5);
+
+    return 0;
+}
+
+
+/* Add data to MD5 */
+int CRYPT_MD5_DataAdd(CRYPT_MD5_CTX* md5, const unsigned char* input,
+                      unsigned int sz)
+{
+    if (md5 == NULL || input == NULL)
+        return BAD_FUNC_ARG;
+
+    wc_Md5Update((Md5*)md5, input, sz);
+
+    return 0;
+}
+
+
+/* Get MD5 Final into digest */
+int CRYPT_MD5_Finalize(CRYPT_MD5_CTX* md5, unsigned char* digest)
+{
+    if (md5 == NULL || digest == NULL)
+        return BAD_FUNC_ARG;
+
+    wc_Md5Final((Md5*)md5, digest);
+
+    return 0;
+}
+
+
+/* Initialize SHA */
+int CRYPT_SHA_Initialize(CRYPT_SHA_CTX* sha)
+{
+    typedef char sha_test[sizeof(CRYPT_SHA_CTX) >= sizeof(Sha) ? 1 : -1];
+    (void)sizeof(sha_test);
+
+    if (sha == NULL)
+        return BAD_FUNC_ARG;
+
+    return wc_InitSha((Sha*)sha);
+}
+
+
+/* Add data to SHA */
+int CRYPT_SHA_DataAdd(CRYPT_SHA_CTX* sha, const unsigned char* input,
+                       unsigned int sz)
+{
+    if (sha == NULL || input == NULL)
+        return BAD_FUNC_ARG;
+
+    return wc_ShaUpdate((Sha*)sha, input, sz);
+}
+
+
+/* Get SHA Final into digest */
+int CRYPT_SHA_Finalize(CRYPT_SHA_CTX* sha, unsigned char* digest)
+{
+    if (sha == NULL || digest == NULL)
+        return BAD_FUNC_ARG;
+
+    return wc_ShaFinal((Sha*)sha, digest);
+}
+
+
+/* Initialize SHA-256 */
+int CRYPT_SHA256_Initialize(CRYPT_SHA256_CTX* sha256)
+{
+    typedef char sha_test[sizeof(CRYPT_SHA256_CTX) >= sizeof(Sha256) ? 1 : -1];
+    (void)sizeof(sha_test);
+
+    if (sha256 == NULL)
+        return BAD_FUNC_ARG;
+
+    return wc_InitSha256((Sha256*)sha256);
+}
+
+
+/* Add data to SHA-256 */
+int CRYPT_SHA256_DataAdd(CRYPT_SHA256_CTX* sha256, const unsigned char* input,
+                         unsigned int sz)
+{
+    if (sha256 == NULL || input == NULL)
+        return BAD_FUNC_ARG;
+
+    return wc_Sha256Update((Sha256*)sha256, input, sz);
+}
+
+
+/* Get SHA-256 Final into digest */
+int CRYPT_SHA256_Finalize(CRYPT_SHA256_CTX* sha256, unsigned char* digest)
+{
+    if (sha256 == NULL || digest == NULL)
+        return BAD_FUNC_ARG;
+
+    return wc_Sha256Final((Sha256*)sha256, digest);
+}
+
+
+/* Initialize SHA-384 */
+int CRYPT_SHA384_Initialize(CRYPT_SHA384_CTX* sha384)
+{
+    typedef char sha_test[sizeof(CRYPT_SHA384_CTX) >= sizeof(Sha384) ? 1 : -1];
+    (void)sizeof(sha_test);
+
+    if (sha384 == NULL)
+        return BAD_FUNC_ARG;
+
+    return wc_InitSha384((Sha384*)sha384);
+}
+
+
+/* Add data to SHA-384 */
+int CRYPT_SHA384_DataAdd(CRYPT_SHA384_CTX* sha384, const unsigned char* input,
+                         unsigned int sz)
+{
+    if (sha384 == NULL || input == NULL)
+        return BAD_FUNC_ARG;
+
+    return wc_Sha384Update((Sha384*)sha384, input, sz);
+}
+
+
+/* Get SHA-384 Final into digest */
+int CRYPT_SHA384_Finalize(CRYPT_SHA384_CTX* sha384, unsigned char* digest)
+{
+    if (sha384 == NULL || digest == NULL)
+        return BAD_FUNC_ARG;
+
+    return wc_Sha384Final((Sha384*)sha384, digest);
+}
+
+
+/* Initialize SHA-512 */
+int CRYPT_SHA512_Initialize(CRYPT_SHA512_CTX* sha512)
+{
+    typedef char sha_test[sizeof(CRYPT_SHA512_CTX) >= sizeof(Sha512) ? 1 : -1];
+    (void)sizeof(sha_test);
+
+    if (sha512 == NULL)
+        return BAD_FUNC_ARG;
+
+    return wc_InitSha512((Sha512*)sha512);
+}
+
+
+/* Add data to SHA-512 */
+int CRYPT_SHA512_DataAdd(CRYPT_SHA512_CTX* sha512, const unsigned char* input,
+                         unsigned int sz)
+{
+    if (sha512 == NULL || input == NULL)
+        return BAD_FUNC_ARG;
+
+    return wc_Sha512Update((Sha512*)sha512, input, sz);
+}
+
+
+/* Get SHA-512 Final into digest */
+int CRYPT_SHA512_Finalize(CRYPT_SHA512_CTX* sha512, unsigned char* digest)
+{
+    if (sha512 == NULL || digest == NULL)
+        return BAD_FUNC_ARG;
+
+    return wc_Sha512Final((Sha512*)sha512, digest);
+}
+
+
+/* Set HMAC key with type */
+int CRYPT_HMAC_SetKey(CRYPT_HMAC_CTX* hmac, int type, const unsigned char* key,
+                      unsigned int sz)
+{
+    typedef char hmac_test[sizeof(CRYPT_HMAC_CTX) >= sizeof(Hmac) ? 1 : -1];
+    (void)sizeof(hmac_test);
+
+    if (hmac == NULL || key == NULL)
+        return BAD_FUNC_ARG;
+
+    if (type != CRYPT_HMAC_SHA && type != CRYPT_HMAC_SHA256 &&
+        type != CRYPT_HMAC_SHA384 && type != CRYPT_HMAC_SHA512) {
+        return BAD_FUNC_ARG;  /* bad hmac type */
+    }
+
+    return wc_HmacSetKey((Hmac*)hmac, type, key, sz);
+}
+
+
+int CRYPT_HMAC_DataAdd(CRYPT_HMAC_CTX* hmac, const unsigned char* input,
+                       unsigned int sz)
+{
+    if (hmac == NULL || input == NULL)
+        return BAD_FUNC_ARG;
+
+    return wc_HmacUpdate((Hmac*)hmac, input, sz);
+}
+
+
+/* Get HMAC Final into digest */
+int CRYPT_HMAC_Finalize(CRYPT_HMAC_CTX* hmac, unsigned char* digest)
+{
+    if (hmac == NULL || digest == NULL)
+        return BAD_FUNC_ARG;
+
+    return wc_HmacFinal((Hmac*)hmac, digest);
+}
+
+
+/* Huffman Compression, set flag to do static, otherwise dynamic */
+/* return compressed size, otherwise < 0 for error */
+int CRYPT_HUFFMAN_Compress(unsigned char* out, unsigned int outSz,
+                           const unsigned char* in, unsigned int inSz,
+                           unsigned int flags)
+{
+    if (out == NULL || in == NULL)
+        return BAD_FUNC_ARG;
+
+    return Compress(out, outSz, in, inSz, flags);
+}
+
+
+/* Huffman DeCompression, self determines type */
+/* return decompressed size, otherwise < 0 for error */
+int CRYPT_HUFFMAN_DeCompress(unsigned char* out, unsigned int outSz,
+                             const unsigned char* in, unsigned int inSz)
+{
+    if (out == NULL || in == NULL)
+        return BAD_FUNC_ARG;
+
+    return DeCompress(out, outSz, in, inSz);
+}
+
+
+/* RNG Initialize, < 0 on error */
+int CRYPT_RNG_Initialize(CRYPT_RNG_CTX* rng)
+{
+    typedef char rng_test[sizeof(CRYPT_RNG_CTX) >= sizeof(RNG) ? 1 : -1];
+    (void)sizeof(rng_test);
+
+    if (rng == NULL)
+        return BAD_FUNC_ARG;
+
+    return InitRng((RNG*)rng);
+}
+
+
+/* RNG Get single bytes, < 0 on error */
+int CRYPT_RNG_Get(CRYPT_RNG_CTX* rng, unsigned char* b)
+{
+    if (rng == NULL || b == NULL)
+        return BAD_FUNC_ARG;
+
+    return RNG_GenerateByte((RNG*)rng, (byte*)b);
+}
+
+
+/* RNG Block Generation of sz bytes, < 0 on error */
+int CRYPT_RNG_BlockGenerate(CRYPT_RNG_CTX* rng, unsigned char* b,
+                            unsigned int sz)
+{
+    if (rng == NULL || b == NULL)
+        return BAD_FUNC_ARG;
+
+    return RNG_GenerateBlock((RNG*)rng, b, sz);
+}
+
+
+/* Triple DES Key Set, may have iv, will have direction */
+int CRYPT_TDES_KeySet(CRYPT_TDES_CTX* tdes, const unsigned char* key,
+                      const unsigned char* iv, int dir)
+{
+    typedef char tdes_test[sizeof(CRYPT_TDES_CTX) >= sizeof(Des3) ? 1 : -1];
+    (void)sizeof(tdes_test);
+
+    if (tdes == NULL || key == NULL)
+        return BAD_FUNC_ARG;
+
+    return Des3_SetKey((Des3*)tdes, key, iv, dir);
+}
+
+
+/* Triple DES Iv Set, sometimes added later */
+int CRYPT_TDES_IvSet(CRYPT_TDES_CTX* tdes, const unsigned char* iv)
+{
+    if (tdes == NULL || iv == NULL)
+        return BAD_FUNC_ARG;
+
+    return wc_Des3_SetIV((Des3*)tdes, iv);
+}
+
+
+/* Triple DES CBC Encrypt */
+int CRYPT_TDES_CBC_Encrypt(CRYPT_TDES_CTX* tdes, unsigned char* out,
+                           const unsigned char* in, unsigned int inSz)
+{
+    if (tdes == NULL || out == NULL || in == NULL)
+        return BAD_FUNC_ARG;
+
+    return wc_Des3_CbcEncrypt((Des3*)tdes, out, in, inSz);
+}
+
+
+/* Triple DES CBC Decrypt */
+int CRYPT_TDES_CBC_Decrypt(CRYPT_TDES_CTX* tdes, unsigned char* out,
+                           const unsigned char* in, unsigned int inSz)
+{
+    if (tdes == NULL || out == NULL || in == NULL)
+        return BAD_FUNC_ARG;
+
+    return Des3_CbcDecrypt((Des3*)tdes, out, in, inSz);
+}
+
+
+/* AES Key Set, may have iv, will have direction */
+int CRYPT_AES_KeySet(CRYPT_AES_CTX* aes, const unsigned char* key,
+                     unsigned int keyLen, const unsigned char* iv, int dir)
+{
+    typedef char aes_test[sizeof(CRYPT_AES_CTX) >= sizeof(Aes) ? 1 : -1];
+    (void)sizeof(aes_test);
+
+    if (aes == NULL || key == NULL)
+        return BAD_FUNC_ARG;
+
+    return wc_AesSetKey((Aes*)aes, key, keyLen, iv, dir);
+}
+
+
+/* AES Iv Set, sometimes added later */
+int CRYPT_AES_IvSet(CRYPT_AES_CTX* aes, const unsigned char* iv)
+{
+    if (aes == NULL || iv == NULL)
+        return BAD_FUNC_ARG;
+
+    return wc_AesSetIV((Aes*)aes, iv);
+}
+
+
+/* AES CBC Encrypt */
+int CRYPT_AES_CBC_Encrypt(CRYPT_AES_CTX* aes, unsigned char* out,
+                          const unsigned char* in, unsigned int inSz)
+{
+    if (aes == NULL || out == NULL || in == NULL)
+        return BAD_FUNC_ARG;
+
+    return wc_AesCbcEncrypt((Aes*)aes, out, in, inSz);
+}
+
+
+/* AES CBC Decrypt */
+int CRYPT_AES_CBC_Decrypt(CRYPT_AES_CTX* aes, unsigned char* out,
+                          const unsigned char* in, unsigned int inSz)
+{
+    if (aes == NULL || out == NULL || in == NULL)
+        return BAD_FUNC_ARG;
+
+    return AesCbcDecrypt((Aes*)aes, out, in, inSz);
+}
+
+
+/* AES CTR Encrypt (used for decrypt too, with ENCRYPT key setup) */
+int CRYPT_AES_CTR_Encrypt(CRYPT_AES_CTX* aes, unsigned char* out,
+                          const unsigned char* in, unsigned int inSz)
+{
+    if (aes == NULL || out == NULL || in == NULL)
+        return BAD_FUNC_ARG;
+
+    wc_AesCtrEncrypt((Aes*)aes, out, in, inSz);
+
+    return 0;
+}
+
+
+/* AES Direct mode encrypt, one block at a time */
+int CRYPT_AES_DIRECT_Encrypt(CRYPT_AES_CTX* aes, unsigned char* out,
+                             const unsigned char* in)
+{
+    if (aes == NULL || out == NULL || in == NULL)
+        return BAD_FUNC_ARG;
+
+    wc_AesEncryptDirect((Aes*)aes, out, in);
+
+    return 0;
+}
+
+
+/* AES Direct mode decrypt, one block at a time */
+int CRYPT_AES_DIRECT_Decrypt(CRYPT_AES_CTX* aes, unsigned char* out,
+                             const unsigned char* in)
+{
+    if (aes == NULL || out == NULL || in == NULL)
+        return BAD_FUNC_ARG;
+
+    wc_AesDecryptDirect((Aes*)aes, out, in);
+
+    return 0;
+}
+
+
+/* RSA Initialize */
+int CRYPT_RSA_Initialize(CRYPT_RSA_CTX* rsa)
+{
+    if (rsa == NULL)
+        return BAD_FUNC_ARG;
+
+    rsa->holder = (RsaKey*)XMALLOC(sizeof(RsaKey), NULL, DYNAMIC_TYPE_RSA);
+    if (rsa->holder == NULL)
+        return -1;
+
+    return InitRsaKey((RsaKey*)rsa->holder, NULL);
+}
+
+
+/* RSA Free resources */
+int CRYPT_RSA_Free(CRYPT_RSA_CTX* rsa)
+{
+    if (rsa == NULL)
+        return BAD_FUNC_ARG;
+
+    FreeRsaKey((RsaKey*)rsa->holder);
+    XFREE(rsa->holder, NULL, DYNAMIC_TYPE_RSA);
+    rsa->holder = NULL;
+
+    return 0;
+}
+
+
+/* RSA Public key decode ASN.1 */
+int CRYPT_RSA_PublicKeyDecode(CRYPT_RSA_CTX* rsa, const unsigned char* in,
+                              unsigned int inSz)
+{
+    unsigned int idx = 0;
+    (void)idx;
+
+    if (rsa == NULL || in == NULL)
+        return BAD_FUNC_ARG;
+
+    return RsaPublicKeyDecode(in, &idx, (RsaKey*)rsa->holder, inSz);
+}
+
+
+/* RSA Private key decode ASN.1 */
+int CRYPT_RSA_PrivateKeyDecode(CRYPT_RSA_CTX* rsa, const unsigned char* in,
+                               unsigned int inSz)
+{
+    unsigned int idx = 0;
+    (void)idx;
+
+    if (rsa == NULL || in == NULL)
+        return BAD_FUNC_ARG;
+
+    return RsaPrivateKeyDecode(in, &idx, (RsaKey*)rsa->holder, inSz);
+}
+
+
+/* RSA Public Encrypt */
+int CRYPT_RSA_PublicEncrypt(CRYPT_RSA_CTX* rsa, unsigned char* out,
+                            unsigned int outSz, const unsigned char* in,
+                            unsigned int inSz, CRYPT_RNG_CTX* rng)
+{
+    if (rsa == NULL || in == NULL || out == NULL || rng == NULL)
+        return BAD_FUNC_ARG;
+
+    return RsaPublicEncrypt(in, inSz, out, outSz, (RsaKey*)rsa->holder,
+                            (RNG*)rng);
+}
+
+
+/* RSA Private Decrypt */
+int CRYPT_RSA_PrivateDecrypt(CRYPT_RSA_CTX* rsa, unsigned char* out,
+                             unsigned int outSz, const unsigned char* in,
+                             unsigned int inSz)
+{
+    if (rsa == NULL || in == NULL || out == NULL)
+        return BAD_FUNC_ARG;
+
+    return RsaPrivateDecrypt(in, inSz, out, outSz, (RsaKey*)rsa->holder);
+}
+
+
+/* RSA Get Encrypt size helper */
+int CRYPT_RSA_EncryptSizeGet(CRYPT_RSA_CTX* rsa) 
+{
+    if (rsa == NULL)
+        return BAD_FUNC_ARG;
+
+    return RsaEncryptSize((RsaKey*)rsa->holder);
+}    
+
+
+/* ECC init */
+int CRYPT_ECC_Initialize(CRYPT_ECC_CTX* ecc)
+{
+    if (ecc == NULL)
+        return BAD_FUNC_ARG;
+
+    ecc->holder = (ecc_key*)XMALLOC(sizeof(ecc_key), NULL, DYNAMIC_TYPE_ECC);
+    if (ecc->holder == NULL)
+        return -1;
+
+    wc_ecc_init((ecc_key*)ecc->holder);
+
+    return 0;
+}
+
+
+/* ECC free resources */
+int CRYPT_ECC_Free(CRYPT_ECC_CTX* ecc)
+{
+    if (ecc == NULL)
+        return BAD_FUNC_ARG;
+
+    wc_ecc_free((ecc_key*)ecc->holder);
+    XFREE(ecc->holder, NULL, DYNAMIC_TYPE_ECC);
+    ecc->holder = NULL;
+
+    return 0;
+}
+
+
+/* ECC Public x963 Export */
+int CRYPT_ECC_PublicExport(CRYPT_ECC_CTX* ecc, unsigned char* out,
+                           unsigned int outSz, unsigned int* usedSz)
+{
+    int          ret;
+    unsigned int inOut = outSz;
+
+    if (ecc == NULL || out == NULL)
+        return BAD_FUNC_ARG;
+
+    ret = wc_ecc_export_x963((ecc_key*)ecc->holder, out, &inOut);
+    *usedSz = inOut;
+
+    return ret;
+}
+
+
+/* ECC Public x963 Import */
+int CRYPT_ECC_PublicImport(CRYPT_ECC_CTX* ecc, const unsigned char* in,
+                           unsigned int inSz)
+{
+    if (ecc == NULL || in == NULL)
+        return BAD_FUNC_ARG;
+
+    return wc_ecc_import_x963(in, inSz, (ecc_key*)ecc->holder);
+}
+
+
+/* ECC Private x963 Import */
+int CRYPT_ECC_PrivateImport(CRYPT_ECC_CTX* ecc, const unsigned char* priv,
+         unsigned int privSz, const unsigned char* pub, unsigned int pubSz)
+{
+    if (ecc == NULL || priv == NULL || pub == NULL)
+        return BAD_FUNC_ARG;
+
+    return wc_ecc_import_private_key(priv, privSz, pub, pubSz,
+                                 (ecc_key*)ecc->holder);
+}
+
+
+/* ECC DHE Make key */
+int CRYPT_ECC_DHE_KeyMake(CRYPT_ECC_CTX* ecc, CRYPT_RNG_CTX* rng, int keySz)
+{
+    if (ecc == NULL || rng == NULL)
+        return BAD_FUNC_ARG;
+
+    return wc_ecc_make_key((RNG*)rng, keySz, (ecc_key*)ecc->holder);
+}
+
+
+/* ECC DHE Make shared secret with our private and peer public */
+int CRYPT_ECC_DHE_SharedSecretMake(CRYPT_ECC_CTX* priv, CRYPT_ECC_CTX* pub,
+                  unsigned char* out, unsigned int outSz, unsigned int* usedSz)
+{
+    int ret;
+    unsigned int inOut = outSz;
+
+    if (priv == NULL || pub == NULL || out == NULL || usedSz == NULL)
+        return BAD_FUNC_ARG;
+
+    ret = wc_ecc_shared_secret((ecc_key*)priv->holder, (ecc_key*)pub->holder,
+                            out, &inOut);
+    *usedSz = inOut;
+
+    return ret;
+}
+
+
+/* ECC DSA Hash Sign */
+int CRYPT_ECC_DSA_HashSign(CRYPT_ECC_CTX* ecc, CRYPT_RNG_CTX* rng,
+                           unsigned char* sig, unsigned int sigSz,
+                           unsigned int* usedSz, const unsigned char* in,
+                           unsigned int inSz)
+{
+    int ret;
+    unsigned int inOut = sigSz;
+
+    if (ecc == NULL || rng == NULL || sig == NULL || usedSz == NULL ||
+                                                                in == NULL)
+        return BAD_FUNC_ARG;
+
+    ret = wc_ecc_sign_hash(in, inSz, sig, &inOut, (RNG*)rng,
+                       (ecc_key*)ecc->holder);
+    *usedSz = inOut;
+
+    return ret;
+}
+
+
+/* ECC DSA Hash Verify */
+int CRYPT_ECC_DSA_HashVerify(CRYPT_ECC_CTX* ecc, const unsigned char* sig,
+                             unsigned int sigSz, unsigned char* hash,
+                             unsigned int hashSz, int* status)
+{
+    if (ecc == NULL || sig == NULL || hash == NULL || status == NULL)
+        return BAD_FUNC_ARG;
+
+    return wc_ecc_verify_hash(sig, sigSz, hash, hashSz, status,
+                          (ecc_key*)ecc->holder);
+}
+
+
+/* ECC get key size helper */
+int CRYPT_ECC_KeySizeGet(CRYPT_ECC_CTX* ecc)
+{
+    if (ecc == NULL)
+        return BAD_FUNC_ARG;
+
+    return wc_ecc_size((ecc_key*)ecc->holder);
+}
+
+
+/* ECC get signature size helper */
+int CRYPT_ECC_SignatureSizeGet(CRYPT_ECC_CTX* ecc)
+{
+    if (ecc == NULL)
+        return BAD_FUNC_ARG;
+
+    return wc_ecc_sig_size((ecc_key*)ecc->holder);
+}
+
+
+/* Save error string from err to str which needs to be >= 80 chars */
+int CRYPT_ERROR_StringGet(int err, char* str)
+{
+    if (str == NULL)
+        return BAD_FUNC_ARG;
+
+    CTaoCryptErrorString(err, str);
+
+    return 0;
+}
+
diff --git a/3P/wolfssl/mcapi/crypto.h b/3P/wolfssl/mcapi/crypto.h
new file mode 100644
index 00000000..7a960d85
--- /dev/null
+++ b/3P/wolfssl/mcapi/crypto.h
@@ -0,0 +1,268 @@
+/* crypto.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+/* Defines Microchip CRYPTO API layer */
+
+
+#ifndef MC_CRYPTO_API_H
+#define MC_CRYPTO_API_H
+
+
+#ifdef __cplusplus
+    extern "C" {
+#endif
+
+/* MD5 */
+typedef struct CRYPT_MD5_CTX {
+    int holder[24];   /* big enough to hold internal, but check on init */
+} CRYPT_MD5_CTX;
+
+int CRYPT_MD5_Initialize(CRYPT_MD5_CTX*);
+int CRYPT_MD5_DataAdd(CRYPT_MD5_CTX*, const unsigned char*, unsigned int);
+int CRYPT_MD5_Finalize(CRYPT_MD5_CTX*, unsigned char*);
+
+enum {
+    CRYPT_MD5_DIGEST_SIZE = 16 
+};
+
+
+/* SHA */
+typedef struct CRYPT_SHA_CTX {
+    int holder[24];   /* big enough to hold internal, but check on init */
+} CRYPT_SHA_CTX;
+
+int CRYPT_SHA_Initialize(CRYPT_SHA_CTX*);
+int CRYPT_SHA_DataAdd(CRYPT_SHA_CTX*, const unsigned char*, unsigned int);
+int CRYPT_SHA_Finalize(CRYPT_SHA_CTX*, unsigned char*);
+
+enum {
+    CRYPT_SHA_DIGEST_SIZE = 20
+};
+
+
+/* SHA-256 */
+typedef struct CRYPT_SHA256_CTX {
+    int holder[28];   /* big enough to hold internal, but check on init */
+} CRYPT_SHA256_CTX;
+
+int CRYPT_SHA256_Initialize(CRYPT_SHA256_CTX*);
+int CRYPT_SHA256_DataAdd(CRYPT_SHA256_CTX*, const unsigned char*, unsigned int);
+int CRYPT_SHA256_Finalize(CRYPT_SHA256_CTX*, unsigned char*);
+
+enum {
+    CRYPT_SHA256_DIGEST_SIZE = 32 
+};
+
+
+/* SHA-384 */
+typedef struct CRYPT_SHA384_CTX {
+    long long holder[32];   /* big enough to hold internal, but check on init */
+} CRYPT_SHA384_CTX;
+
+int CRYPT_SHA384_Initialize(CRYPT_SHA384_CTX*);
+int CRYPT_SHA384_DataAdd(CRYPT_SHA384_CTX*, const unsigned char*, unsigned int);
+int CRYPT_SHA384_Finalize(CRYPT_SHA384_CTX*, unsigned char*);
+
+enum {
+    CRYPT_SHA384_DIGEST_SIZE = 48
+};
+
+
+/* SHA-512 */
+typedef struct CRYPT_SHA512_CTX {
+    long long holder[36];   /* big enough to hold internal, but check on init */
+} CRYPT_SHA512_CTX;
+
+int CRYPT_SHA512_Initialize(CRYPT_SHA512_CTX*);
+int CRYPT_SHA512_DataAdd(CRYPT_SHA512_CTX*, const unsigned char*, unsigned int);
+int CRYPT_SHA512_Finalize(CRYPT_SHA512_CTX*, unsigned char*);
+
+enum {
+    CRYPT_SHA512_DIGEST_SIZE = 64 
+};
+
+
+/* HMAC */
+typedef struct CRYPT_HMAC_CTX {
+    long long holder[67];   /* big enough to hold internal, but check on init */
+} CRYPT_HMAC_CTX;
+
+int CRYPT_HMAC_SetKey(CRYPT_HMAC_CTX*, int, const unsigned char*, unsigned int);
+int CRYPT_HMAC_DataAdd(CRYPT_HMAC_CTX*, const unsigned char*, unsigned int);
+int CRYPT_HMAC_Finalize(CRYPT_HMAC_CTX*, unsigned char*);
+
+/* HMAC types */
+enum {
+    CRYPT_HMAC_SHA    = 1, 
+    CRYPT_HMAC_SHA256 = 2, 
+    CRYPT_HMAC_SHA384 = 5, 
+    CRYPT_HMAC_SHA512 = 4 
+};
+
+
+/* Huffman */
+int CRYPT_HUFFMAN_Compress(unsigned char*, unsigned int, const unsigned char*,
+                           unsigned int, unsigned int);
+int CRYPT_HUFFMAN_DeCompress(unsigned char*, unsigned int, const unsigned char*,
+                             unsigned int);
+
+/* flag to use static huffman */
+enum {
+    CRYPT_HUFFMAN_COMPRESS_STATIC = 1 
+};
+
+
+/* RNG */
+typedef struct CRYPT_RNG_CTX {
+    int holder[66];   /* big enough to hold internal, but check on init */
+} CRYPT_RNG_CTX;
+
+int CRYPT_RNG_Initialize(CRYPT_RNG_CTX*);
+int CRYPT_RNG_Get(CRYPT_RNG_CTX*, unsigned char*);
+int CRYPT_RNG_BlockGenerate(CRYPT_RNG_CTX*, unsigned char*, unsigned int);
+
+
+/* TDES */
+typedef struct CRYPT_TDES_CTX {
+    int holder[100];   /* big enough to hold internal, but check on init */
+} CRYPT_TDES_CTX;
+
+int CRYPT_TDES_KeySet(CRYPT_TDES_CTX*, const unsigned char*,
+                      const unsigned char*, int);
+int CRYPT_TDES_IvSet(CRYPT_TDES_CTX*, const unsigned char*);
+int CRYPT_TDES_CBC_Encrypt(CRYPT_TDES_CTX*, unsigned char*,
+                           const unsigned char*, unsigned int);
+int CRYPT_TDES_CBC_Decrypt(CRYPT_TDES_CTX*, unsigned char*,
+                           const unsigned char*, unsigned int);
+
+/* key direction flags for setup */
+enum {
+    CRYPT_TDES_ENCRYPTION = 0,
+    CRYPT_TDES_DECRYPTION = 1 
+};
+
+
+/* AES */
+typedef struct CRYPT_AES_CTX {
+    int holder[70];   /* big enough to hold internal, but check on init */
+} CRYPT_AES_CTX;
+
+/* key */
+int CRYPT_AES_KeySet(CRYPT_AES_CTX*, const unsigned char*, unsigned int,
+                      const unsigned char*, int);
+int CRYPT_AES_IvSet(CRYPT_AES_CTX*, const unsigned char*);
+
+/* cbc */
+int CRYPT_AES_CBC_Encrypt(CRYPT_AES_CTX*, unsigned char*,
+                           const unsigned char*, unsigned int);
+int CRYPT_AES_CBC_Decrypt(CRYPT_AES_CTX*, unsigned char*,
+                           const unsigned char*, unsigned int);
+
+/* ctr (counter), use Encrypt both ways with ENCRYPT key setup */
+int CRYPT_AES_CTR_Encrypt(CRYPT_AES_CTX*, unsigned char*,
+                          const unsigned char*, unsigned int);
+
+/* direct, one block at a time */
+int CRYPT_AES_DIRECT_Encrypt(CRYPT_AES_CTX*, unsigned char*,
+                           const unsigned char*);
+int CRYPT_AES_DIRECT_Decrypt(CRYPT_AES_CTX*, unsigned char*,
+                           const unsigned char*);
+
+/* key direction flags for setup, ctr always uses ENCRYPT flag */
+enum {
+    CRYPT_AES_ENCRYPTION = 0,
+    CRYPT_AES_DECRYPTION = 1,
+    CRYPT_AES_BLOCK_SIZE = 16
+};
+
+
+
+/* RSA */
+typedef struct CRYPT_RSA_CTX {
+    void* holder;
+} CRYPT_RSA_CTX;
+
+/* init/free */
+int CRYPT_RSA_Initialize(CRYPT_RSA_CTX*);
+int CRYPT_RSA_Free(CRYPT_RSA_CTX*);
+
+/* key decode */
+int CRYPT_RSA_PublicKeyDecode(CRYPT_RSA_CTX*, const unsigned char*,
+                              unsigned int);
+int CRYPT_RSA_PrivateKeyDecode(CRYPT_RSA_CTX*, const unsigned char*,
+                               unsigned int);
+
+/* encrypt/decrypt */
+int CRYPT_RSA_PublicEncrypt(CRYPT_RSA_CTX*, unsigned char*,
+                            unsigned int, const unsigned char*, unsigned int,
+                            CRYPT_RNG_CTX*);
+int CRYPT_RSA_PrivateDecrypt(CRYPT_RSA_CTX*, unsigned char*,
+                             unsigned int, const unsigned char*, unsigned int);
+
+/* helpers */
+int CRYPT_RSA_EncryptSizeGet(CRYPT_RSA_CTX*);                             
+
+
+
+/* ECC */
+typedef struct CRYPT_ECC_CTX {
+    void* holder;
+} CRYPT_ECC_CTX;
+
+/* init/free */
+int CRYPT_ECC_Initialize(CRYPT_ECC_CTX*);
+int CRYPT_ECC_Free(CRYPT_ECC_CTX*);
+
+/* key coders */
+int CRYPT_ECC_PublicExport(CRYPT_ECC_CTX*, unsigned char*, unsigned int,
+                           unsigned int*);
+int CRYPT_ECC_PublicImport(CRYPT_ECC_CTX*, const unsigned char*, unsigned int);
+int CRYPT_ECC_PrivateImport(CRYPT_ECC_CTX*, const unsigned char*, unsigned int,
+                            const unsigned char*, unsigned int);
+
+/* dhe */
+int CRYPT_ECC_DHE_KeyMake(CRYPT_ECC_CTX*, CRYPT_RNG_CTX*, int);
+int CRYPT_ECC_DHE_SharedSecretMake(CRYPT_ECC_CTX*, CRYPT_ECC_CTX*,
+                                   unsigned char*, unsigned int, unsigned int*);
+
+/* dsa */
+int CRYPT_ECC_DSA_HashSign(CRYPT_ECC_CTX*, CRYPT_RNG_CTX*, unsigned char*,
+        unsigned int, unsigned int*, const unsigned char*, unsigned int);
+int CRYPT_ECC_DSA_HashVerify(CRYPT_ECC_CTX*, const unsigned char*,
+                     unsigned int, unsigned char*, unsigned int, int*);
+
+/* helpers */
+int CRYPT_ECC_KeySizeGet(CRYPT_ECC_CTX*);
+int CRYPT_ECC_SignatureSizeGet(CRYPT_ECC_CTX*);
+
+
+/* Error string helper, string needs to be >= 80 chars */
+int CRYPT_ERROR_StringGet(int, char*);
+
+
+#ifdef __cplusplus
+    }  /* extern "C" */ 
+#endif
+
+
+#endif /* MC_CRYPTO_API_H */
+
diff --git a/3P/wolfssl/mcapi/include.am b/3P/wolfssl/mcapi/include.am
new file mode 100644
index 00000000..77170ac2
--- /dev/null
+++ b/3P/wolfssl/mcapi/include.am
@@ -0,0 +1,19 @@
+# vim:ft=automake
+# included from Top Level Makefile.am
+# All paths should be given relative to the root
+
+if BUILD_MCAPI
+check_PROGRAMS += mcapi/test
+noinst_PROGRAMS += mcapi/test 
+mcapi_test_SOURCES = mcapi/crypto.c \
+                     mcapi/mcapi_test.c
+mcapi_test_LDADD        = src/libwolfssl.la 
+mcapi_test_DEPENDENCIES = src/libwolfssl.la
+endif
+
+noinst_HEADERS += mcapi/crypto.h
+
+EXTRA_DIST += \
+         mcapi/README \
+		 mcapi/PIC32MZ-serial.h
+
diff --git a/3P/wolfssl/mcapi/mcapi_test.c b/3P/wolfssl/mcapi/mcapi_test.c
new file mode 100644
index 00000000..e7d9665e
--- /dev/null
+++ b/3P/wolfssl/mcapi/mcapi_test.c
@@ -0,0 +1,1482 @@
+/* test.c
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+/* Tests Microchip CRYPTO API layer */
+
+
+
+/* mc api header */
+#include "crypto.h"
+
+#include 
+
+/* sanity test against our default implementation, wolfssl headers  */
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#define USE_CERT_BUFFERS_1024
+#include 
+
+#if defined(WOLFSSL_MICROCHIP_PIC32MZ)
+    #define MICROCHIP_PIC32
+    #include 
+    #pragma config ICESEL = ICS_PGx2
+            /* ICE/ICD Comm Channel Select (Communicate on PGEC2/PGED2) */
+    #include 
+    #include 
+    #include "PIC32MZ-serial.h"
+    #define  SYSTEMConfigPerformance /* void out SYSTEMConfigPerformance(); */
+#elif defined(MICROCHIP_PIC32)
+    #define PIC32_STARTER_KIT
+    #include 
+    #include 
+    #include 
+    #include 
+    #include 
+    #define init_serial()  /* void out init_serial() */
+#else
+    #include   /* order matters above ? */
+#endif
+#define OUR_DATA_SIZE 1024
+static byte ourData[OUR_DATA_SIZE];
+static byte* key = NULL;
+static byte* iv  = NULL;
+static CRYPT_RNG_CTX mcRng;
+static RNG           defRng;
+
+static int check_md5(void);
+static int check_sha(void);
+static int check_sha256(void);
+static int check_sha384(void);
+static int check_sha512(void);
+static int check_hmac(void);
+static int check_compress(void);
+static int check_rng(void);
+static int check_des3(void);
+static int check_aescbc(void);
+static int check_aesctr(void);
+static int check_aesdirect(void);
+static int check_rsa(void);
+static int check_ecc(void);
+
+
+int main(int argc, char** argv)
+{
+    int ret;
+    int i;
+
+    (void)argc;
+    (void)argv;
+
+#if defined(MICROCHIP_PIC32)
+    init_serial() ;  /* initialize PIC32MZ serial I/O */
+    SYSTEMConfigPerformance(80000000);
+    DBINIT();
+#endif
+
+    /* align key, iv pointers */
+    key = (byte*)XMALLOC(32, NULL, DYNAMIC_TYPE_KEY);
+    if (key == NULL) {
+        printf("mcapi key alloc failed\n");
+        return -1;
+    }
+
+    iv = (byte*)XMALLOC(16, NULL, DYNAMIC_TYPE_KEY);
+    if (iv == NULL) {
+        printf("mcapi iv alloc failed\n");
+        return -1;
+    }
+
+    for (i = 0; i < OUR_DATA_SIZE; i++)
+        ourData[i] = (byte)i;
+
+    ret = check_md5();
+    if (ret != 0) {
+        printf("mcapi check_md5 failed\n");
+        return -1;
+    }
+
+    ret = check_sha();
+    if (ret != 0) {
+        printf("mcapi check_sha failed\n");
+        return -1;
+    }
+
+    ret = check_sha256();
+    if (ret != 0) {
+        printf("mcapi check_sha256 failed\n");
+        return -1;
+    }
+
+    ret = check_sha384();
+    if (ret != 0) {
+        printf("mcapi check_sha384 failed\n");
+        return -1;
+    }
+
+    ret = check_sha512();
+    if (ret != 0) {
+        printf("mcapi check_sha512 failed\n");
+        return -1;
+    }
+
+    ret = check_hmac();
+    if (ret != 0) {
+        printf("mcapi check_hmac failed\n");
+        return -1;
+    }
+
+    ret = check_compress();
+    if (ret != 0) {
+        printf("mcapi check_compress failed\n");
+        return -1;
+    }
+
+    ret = check_rng();
+    if (ret != 0) {
+        printf("mcapi check_rng failed\n");
+        return -1;
+    }
+
+    ret = check_des3();
+    if (ret != 0) {
+        printf("mcapi check_des3 failed\n");
+        return -1;
+    }
+
+    ret = check_aescbc();
+    if (ret != 0) {
+        printf("mcapi check_aes cbc failed\n");
+        return -1;
+    }
+
+    ret = check_aesctr();
+    if (ret != 0) {
+        printf("mcapi check_aes ctr failed\n");
+        return -1;
+    }
+
+    ret = check_aesdirect();
+    if (ret != 0) {
+        printf("mcapi check_aes direct failed\n");
+        return -1;
+    }
+
+    ret = check_rsa();
+    if (ret != 0) {
+        printf("mcapi check_rsa failed\n");
+        return -1;
+    }
+
+    ret = check_ecc();
+    if (ret != 0) {
+        printf("mcapi check_ecc failed\n");
+        return -1;
+    }
+
+    XFREE(iv,  NULL, DYNAMIC_TYPE_KEY);
+    XFREE(key, NULL, DYNAMIC_TYPE_KEY);
+
+    return 0;
+}
+
+
+/* check mcapi md5 against internal */
+static int check_md5(void)
+{
+    CRYPT_MD5_CTX mcMd5;
+    Md5           defMd5;
+    byte          mcDigest[CRYPT_MD5_DIGEST_SIZE];
+    byte          defDigest[MD5_DIGEST_SIZE];
+
+    CRYPT_MD5_Initialize(&mcMd5);
+    wc_InitMd5(&defMd5);
+
+    CRYPT_MD5_DataAdd(&mcMd5, ourData, OUR_DATA_SIZE);
+    wc_Md5Update(&defMd5, ourData, OUR_DATA_SIZE);
+
+    CRYPT_MD5_Finalize(&mcMd5, mcDigest);
+    wc_Md5Final(&defMd5, defDigest);
+
+    if (memcmp(mcDigest, defDigest, CRYPT_MD5_DIGEST_SIZE) != 0) {
+        printf("md5 final memcmp fialed\n");
+        return -1;
+    } 
+    printf("md5         mcapi test passed\n");
+
+    return 0;
+}
+
+
+/* check mcapi sha against internal */
+static int check_sha(void)
+{
+    CRYPT_SHA_CTX mcSha;
+    Sha           defSha;
+    int           ret = 0;
+    byte          mcDigest[CRYPT_SHA_DIGEST_SIZE];
+    byte          defDigest[SHA_DIGEST_SIZE];
+
+    CRYPT_SHA_Initialize(&mcSha);
+    ret = wc_InitSha(&defSha);
+    if (ret != 0) {
+        printf("sha init default failed\n");
+        return -1;
+    }
+
+    CRYPT_SHA_DataAdd(&mcSha, ourData, OUR_DATA_SIZE);
+    wc_ShaUpdate(&defSha, ourData, OUR_DATA_SIZE);
+
+    CRYPT_SHA_Finalize(&mcSha, mcDigest);
+    wc_ShaFinal(&defSha, defDigest);
+
+    if (memcmp(mcDigest, defDigest, CRYPT_SHA_DIGEST_SIZE) != 0) {
+        printf("sha final memcmp failed\n");
+        return -1;
+    } 
+    printf("sha         mcapi test passed\n");
+
+    return 0;
+}
+
+
+/* check mcapi sha256 against internal */
+static int check_sha256(void)
+{
+    CRYPT_SHA256_CTX mcSha256;
+    Sha256           defSha256;
+    int              ret;
+    byte             mcDigest[CRYPT_SHA256_DIGEST_SIZE];
+    byte             defDigest[SHA256_DIGEST_SIZE];
+
+    CRYPT_SHA256_Initialize(&mcSha256);
+    ret = wc_InitSha256(&defSha256);
+    if (ret != 0) {
+        printf("sha256 init default failed\n");
+        return -1;
+    }
+
+    CRYPT_SHA256_DataAdd(&mcSha256, ourData, OUR_DATA_SIZE);
+    ret = wc_Sha256Update(&defSha256, ourData, OUR_DATA_SIZE);
+    if (ret != 0) {
+        printf("sha256 update default failed\n");
+        return -1;
+    }
+
+    CRYPT_SHA256_Finalize(&mcSha256, mcDigest);
+    ret = wc_Sha256Final(&defSha256, defDigest);
+    if (ret != 0) {
+        printf("sha256 final default failed\n");
+        return -1;
+    }
+
+    if (memcmp(mcDigest, defDigest, CRYPT_SHA256_DIGEST_SIZE) != 0) {
+        printf("sha256 final memcmp fialed\n");
+        return -1;
+    } 
+    printf("sha256      mcapi test passed\n");
+
+    return 0;
+}
+
+
+/* check mcapi sha384 against internal */
+static int check_sha384(void)
+{
+    CRYPT_SHA384_CTX mcSha384;
+    Sha384           defSha384;
+    int              ret;
+    byte             mcDigest[CRYPT_SHA384_DIGEST_SIZE];
+    byte             defDigest[SHA384_DIGEST_SIZE];
+
+    CRYPT_SHA384_Initialize(&mcSha384);
+    ret = wc_InitSha384(&defSha384);
+    if (ret != 0) {
+        printf("sha384 init default failed\n");
+        return -1;
+    }
+
+    CRYPT_SHA384_DataAdd(&mcSha384, ourData, OUR_DATA_SIZE);
+    ret = wc_Sha384Update(&defSha384, ourData, OUR_DATA_SIZE);
+    if (ret != 0) {
+        printf("sha384 update default failed\n");
+        return -1;
+    }
+
+    CRYPT_SHA384_Finalize(&mcSha384, mcDigest);
+    ret = wc_Sha384Final(&defSha384, defDigest);
+    if (ret != 0) {
+        printf("sha384 final default failed\n");
+        return -1;
+    }
+
+    if (memcmp(mcDigest, defDigest, CRYPT_SHA384_DIGEST_SIZE) != 0) {
+        printf("sha384 final memcmp fialed\n");
+        return -1;
+    } 
+    printf("sha384      mcapi test passed\n");
+
+    return 0;
+}
+
+
+/* check mcapi sha512 against internal */
+static int check_sha512(void)
+{
+    CRYPT_SHA512_CTX mcSha512;
+    Sha512           defSha512;
+    int              ret;
+    byte             mcDigest[CRYPT_SHA512_DIGEST_SIZE];
+    byte             defDigest[SHA512_DIGEST_SIZE];
+
+    CRYPT_SHA512_Initialize(&mcSha512);
+    ret = wc_InitSha512(&defSha512);
+    if (ret != 0) {
+        printf("sha512 init default failed\n");
+        return -1;
+    }
+
+    CRYPT_SHA512_DataAdd(&mcSha512, ourData, OUR_DATA_SIZE);
+    ret = wc_Sha512Update(&defSha512, ourData, OUR_DATA_SIZE);
+    if (ret != 0) {
+        printf("sha512 update default failed\n");
+        return -1;
+    }
+
+    CRYPT_SHA512_Finalize(&mcSha512, mcDigest);
+    ret = wc_Sha512Final(&defSha512, defDigest);
+    if (ret != 0) {
+        printf("sha512 final default failed\n");
+        return -1;
+    }
+
+    if (memcmp(mcDigest, defDigest, CRYPT_SHA512_DIGEST_SIZE) != 0) {
+        printf("sha512 final memcmp fialed\n");
+        return -1;
+    } 
+    printf("sha512      mcapi test passed\n");
+
+    return 0;
+}
+
+
+/* check mcapi hmac against internal */
+static int check_hmac(void)
+{
+    CRYPT_HMAC_CTX mcHmac;
+    Hmac           defHmac;
+    int            ret;
+    byte           mcDigest[CRYPT_SHA512_DIGEST_SIZE];
+    byte           defDigest[SHA512_DIGEST_SIZE];
+
+    strncpy((char*)key, "Jefe", 4);
+
+    /* SHA1 */
+    CRYPT_HMAC_SetKey(&mcHmac, CRYPT_HMAC_SHA, key, 4);
+    ret = wc_HmacSetKey(&defHmac, SHA, key, 4);
+    if (ret != 0) {
+        printf("hmac sha setkey default failed\n");
+        return -1;
+    }
+
+    CRYPT_HMAC_DataAdd(&mcHmac, ourData, OUR_DATA_SIZE);
+    ret = wc_HmacUpdate(&defHmac, ourData, OUR_DATA_SIZE);
+    if (ret != 0) {
+        printf("hmac sha update default failed\n");
+        return -1;
+    }
+
+    CRYPT_HMAC_Finalize(&mcHmac, mcDigest);
+    ret = wc_HmacFinal(&defHmac, defDigest);
+    if (ret != 0) {
+        printf("hmac sha final default failed\n");
+        return -1;
+    }
+
+    if (memcmp(mcDigest, defDigest, CRYPT_SHA_DIGEST_SIZE) != 0) {
+        printf("hmac sha final memcmp fialed\n");
+        return -1;
+    } 
+    printf("hmac sha    mcapi test passed\n");
+
+    /* SHA-256 */
+    CRYPT_HMAC_SetKey(&mcHmac, CRYPT_HMAC_SHA256, key, 4);
+    ret = wc_HmacSetKey(&defHmac, SHA256, key, 4);
+    if (ret != 0) {
+        printf("hmac sha256 setkey default failed\n");
+        return -1;
+    }
+
+    CRYPT_HMAC_DataAdd(&mcHmac, ourData, OUR_DATA_SIZE);
+    ret = wc_HmacUpdate(&defHmac, ourData, OUR_DATA_SIZE);
+    if (ret != 0) {
+        printf("hmac sha256 update default failed\n");
+        return -1;
+    }
+
+    CRYPT_HMAC_Finalize(&mcHmac, mcDigest);
+    ret = wc_HmacFinal(&defHmac, defDigest);
+    if (ret != 0) {
+        printf("hmac sha256 final default failed\n");
+        return -1;
+    }
+
+    if (memcmp(mcDigest, defDigest, CRYPT_SHA256_DIGEST_SIZE) != 0) {
+        printf("hmac sha256 final memcmp fialed\n");
+        return -1;
+    } 
+    printf("hmac sha256 mcapi test passed\n");
+
+    /* SHA-384 */
+    CRYPT_HMAC_SetKey(&mcHmac, CRYPT_HMAC_SHA384, key, 4);
+    ret = wc_HmacSetKey(&defHmac, SHA384, key, 4);
+    if (ret != 0) {
+        printf("hmac sha384 setkey default failed\n");
+        return -1;
+    }
+
+    CRYPT_HMAC_DataAdd(&mcHmac, ourData, OUR_DATA_SIZE);
+    ret = wc_HmacUpdate(&defHmac, ourData, OUR_DATA_SIZE);
+    if (ret != 0) {
+        printf("hmac sha384 update default failed\n");
+        return -1;
+    }
+
+    CRYPT_HMAC_Finalize(&mcHmac, mcDigest);
+    ret = wc_HmacFinal(&defHmac, defDigest);
+    if (ret != 0) {
+        printf("hmac sha384 final default failed\n");
+        return -1;
+    }
+
+    if (memcmp(mcDigest, defDigest, CRYPT_SHA384_DIGEST_SIZE) != 0) {
+        printf("hmac sha384 final memcmp fialed\n");
+        return -1;
+    } 
+    printf("hmac sha384 mcapi test passed\n");
+
+    /* SHA-512 */
+    CRYPT_HMAC_SetKey(&mcHmac, CRYPT_HMAC_SHA512, key, 4);
+    ret = wc_HmacSetKey(&defHmac, SHA512, key, 4);
+    if (ret != 0) {
+        printf("hmac sha512 setkey default failed\n");
+        return -1;
+    }
+
+    CRYPT_HMAC_DataAdd(&mcHmac, ourData, OUR_DATA_SIZE);
+    ret = wc_HmacUpdate(&defHmac, ourData, OUR_DATA_SIZE);
+    if (ret != 0) {
+        printf("hmac sha512 update default failed\n");
+        return -1;
+    }
+
+    CRYPT_HMAC_Finalize(&mcHmac, mcDigest);
+    ret = wc_HmacFinal(&defHmac, defDigest);
+    if (ret != 0) {
+        printf("hmac sha512 final default failed\n");
+        return -1;
+    }
+
+    if (memcmp(mcDigest, defDigest, CRYPT_SHA512_DIGEST_SIZE) != 0) {
+        printf("hmac sha512 final memcmp fialed\n");
+        return -1;
+    } 
+    printf("hmac sha512 mcapi test passed\n");
+
+    return 0;
+}
+
+
+/* check mcapi compress against internal */
+static int check_compress(void)
+{
+    const unsigned char text[] =
+    "Biodiesel cupidatat marfa, cliche aute put a bird on it incididunt elit\n"
+    "polaroid. Sunt tattooed bespoke reprehenderit. Sint twee organic id\n"
+    "marfa. Commodo veniam ad esse gastropub. 3 wolf moon sartorial vero,\n"
+    "plaid delectus biodiesel squid +1 vice. Post-ironic keffiyeh leggings\n"
+    "selfies cray fap hoodie, forage anim. Carles cupidatat shoreditch, VHS\n"
+    "small batch meggings kogi dolore food truck bespoke gastropub.\n"
+    "\n"
+    "Terry richardson adipisicing actually typewriter tumblr, twee whatever\n"
+    "four loko you probably haven't heard of them high life. Messenger bag\n"
+    "whatever tattooed deep v mlkshk. Brooklyn pinterest assumenda chillwave\n"
+    "et, banksy ullamco messenger bag umami pariatur direct trade forage.\n"
+    "Typewriter culpa try-hard, pariatur sint brooklyn meggings. Gentrify\n"
+    "food truck next level, tousled irony non semiotics PBR ethical anim cred\n"
+    "readymade. Mumblecore brunch lomo odd future, portland organic terry\n"
+    "four loko whatever street art yr farm-to-table.\n";
+
+    unsigned int inSz  = sizeof(text);
+    unsigned int outSz;
+    unsigned char cBuffer[1024];
+    unsigned char dBuffer[1024];
+
+    int ret1, ret2;
+
+    /* dynamic */
+    ret1 = CRYPT_HUFFMAN_Compress(cBuffer, sizeof(cBuffer), text, inSz, 0);
+    ret2 = wc_Compress(dBuffer, sizeof(dBuffer), text, inSz, 0);
+
+    if (ret1 != ret2 || ret1 < 0) {
+        printf("compress dynamic ret failed\n");
+        return -1;
+    }
+
+    if (memcmp(cBuffer, dBuffer, ret1) != 0) {
+        printf("compress dynamic cmp failed\n");
+        return -1;
+    }
+
+    outSz = ret1;
+
+    ret1 = CRYPT_HUFFMAN_DeCompress(dBuffer, sizeof(dBuffer), cBuffer, outSz);
+
+    if (memcmp(dBuffer, text, inSz) != 0) {
+        printf("mcapi decompress dynamic cmp failed\n");
+        return -1;
+    }
+
+    memset(dBuffer, 0, sizeof(dBuffer));
+
+    ret1 = wc_DeCompress(dBuffer, sizeof(dBuffer), cBuffer, outSz);
+
+    if (memcmp(dBuffer, text, inSz) != 0) {
+        printf("decompress dynamic cmp failed\n");
+        return -1;
+    }
+
+    memset(cBuffer, 0, sizeof(cBuffer));
+    memset(dBuffer, 0, sizeof(dBuffer));
+
+    /* static */
+    ret1 = CRYPT_HUFFMAN_Compress(cBuffer, sizeof(cBuffer), text, inSz, 1);
+    ret2 = wc_Compress(dBuffer, sizeof(dBuffer), text, inSz, 1);
+
+    if (ret1 != ret2 || ret1 < 0) {
+        printf("compress static ret failed\n");
+        return -1;
+    }
+
+    if (memcmp(cBuffer, dBuffer, ret1) != 0) {
+        printf("compress static cmp failed\n");
+        return -1;
+    }
+
+    outSz = ret1;
+
+    ret1 = CRYPT_HUFFMAN_DeCompress(dBuffer, sizeof(dBuffer), cBuffer, outSz);
+
+    if (memcmp(dBuffer, text, inSz) != 0) {
+        printf("mcapi decompress static cmp failed\n");
+        return -1;
+    }
+
+    memset(dBuffer, 0, sizeof(dBuffer));
+
+    ret1 = wc_DeCompress(dBuffer, sizeof(dBuffer), cBuffer, outSz);
+
+    if (memcmp(dBuffer, text, inSz) != 0) {
+        printf("decompress static cmp failed\n");
+        return -1;
+    }
+
+    printf("huffman     mcapi test passed\n");
+
+    return 0;
+}
+
+
+#define RANDOM_BYTE_SZ 32
+
+/* check mcapi rng */
+static int check_rng(void)
+{
+    int           ret;
+    int           i; 
+    byte          in[RANDOM_BYTE_SZ];
+    byte          out[RANDOM_BYTE_SZ];
+
+    for (i = 0; i < RANDOM_BYTE_SZ; i++)
+        in[i] = (byte)i;
+
+    for (i = 0; i < RANDOM_BYTE_SZ; i++)
+        out[i] = (byte)i;
+
+    ret = wc_InitRng(&defRng);
+    if (ret != 0) {
+        printf("default rng init failed\n");
+        return -1;
+    }
+
+    ret = CRYPT_RNG_Initialize(&mcRng);
+    if (ret != 0) {
+        printf("mcapi rng init failed\n");
+        return -1;
+    }
+
+    ret = CRYPT_RNG_Get(&mcRng, &out[0]);
+    if (ret != 0) {
+        printf("mcapi rng get failed\n");
+        return -1;
+    }
+
+    ret = CRYPT_RNG_BlockGenerate(&mcRng, out, RANDOM_BYTE_SZ);
+    if (ret != 0) {
+        printf("mcapi rng block gen failed\n");
+        return -1;
+    }
+
+    if (memcmp(in, out, RANDOM_BYTE_SZ) == 0) {
+        printf("mcapi rng block gen output failed\n");
+        return -1;
+    }
+
+    printf("rng         mcapi test passed\n");
+
+    return 0;
+}
+
+
+#define TDES_TEST_SIZE 32
+
+/* check mcapi des3 */
+static int check_des3(void)
+{
+    CRYPT_TDES_CTX mcDes3;
+    Des3           defDes3;
+    int            ret;
+    byte           out1[TDES_TEST_SIZE];
+    byte           out2[TDES_TEST_SIZE];
+
+    strncpy((char*)key, "1234567890abcdefghijklmn", 24);
+    strncpy((char*)iv,  "12345678", 8);
+
+    /* cbc encrypt */
+    ret = CRYPT_TDES_KeySet(&mcDes3, key, iv, CRYPT_TDES_ENCRYPTION);
+    if (ret != 0) {
+        printf("mcapi tdes key set failed\n");
+        return -1;
+    }
+    ret = wc_Des3_SetKey(&defDes3, key, iv, DES_ENCRYPTION);
+    if (ret != 0) {
+        printf("default des3 key set failed\n");
+        return -1;
+    }
+
+    ret = CRYPT_TDES_CBC_Encrypt(&mcDes3, out1, ourData, TDES_TEST_SIZE);
+    if (ret != 0) {
+        printf("mcapi tdes cbc encrypt failed\n");
+        return -1;
+    }
+    ret = wc_Des3_CbcEncrypt(&defDes3, out2, ourData, TDES_TEST_SIZE);
+    if (ret != 0) {
+        printf("mcapi default tdes cbc encrypt failed\n");
+        return -1;
+    }
+
+    if (memcmp(out1, out2, TDES_TEST_SIZE) != 0) {
+        printf("mcapi tdes cbc encrypt cmp failed\n");
+        return -1;
+    }
+
+    /* cbc decrypt */
+    ret = CRYPT_TDES_KeySet(&mcDes3, key, iv, CRYPT_TDES_DECRYPTION);
+    if (ret != 0) {
+        printf("mcapi tdes key set failed\n");
+        return -1;
+    }
+    ret = wc_Des3_SetKey(&defDes3, key, iv, DES_DECRYPTION);
+    if (ret != 0) {
+        printf("default des3 key set failed\n");
+        return -1;
+    }
+
+    ret = CRYPT_TDES_CBC_Decrypt(&mcDes3, out2, out1, TDES_TEST_SIZE);
+    if (ret != 0) {
+        printf("mcapi tdes cbc decrypt failed\n");
+        return -1;
+    }
+    ret = wc_Des3_CbcDecrypt(&defDes3, out1, out1, TDES_TEST_SIZE);
+    if (ret != 0) {
+        printf("mcapi default tdes cbc decrypt failed\n");
+        return -1;
+    }
+
+    if (memcmp(out1, out2, TDES_TEST_SIZE) != 0) {
+        printf("mcapi tdes cbc decrypt cmp failed\n");
+        return -1;
+    }
+
+    if (memcmp(out1, ourData, TDES_TEST_SIZE) != 0) {
+        printf("mcapi tdes cbc decrypt orig cmp failed\n");
+        return -1;
+    }
+
+    printf("tdes        mcapi test passed\n");
+
+    return 0;
+}
+
+
+#define AES_TEST_SIZE 32
+
+/* check mcapi aes cbc */
+static int check_aescbc(void)
+{
+    CRYPT_AES_CTX mcAes;
+    Aes           defAes;
+    int           ret;
+    byte          out1[AES_TEST_SIZE];
+    byte          out2[AES_TEST_SIZE];
+
+    strncpy((char*)key, "1234567890abcdefghijklmnopqrstuv", 32);
+    strncpy((char*)iv,  "1234567890abcdef", 16);
+
+    /* 128 cbc encrypt */
+    ret = CRYPT_AES_KeySet(&mcAes, key, 16, iv, CRYPT_AES_ENCRYPTION);
+    if (ret != 0) {
+        printf("mcapi aes-128 key set failed\n");
+        return -1;
+    }
+    ret = wc_AesSetKey(&defAes, key, 16, iv, AES_ENCRYPTION);
+    if (ret != 0) {
+        printf("default aes-128 key set failed\n");
+        return -1;
+    }
+
+    ret = CRYPT_AES_CBC_Encrypt(&mcAes, out1, ourData, AES_TEST_SIZE);
+    if (ret != 0) {
+        printf("mcapi aes-128 cbc encrypt failed\n");
+        return -1;
+    }
+    wc_AesCbcEncrypt(&defAes, out2, ourData, AES_TEST_SIZE);
+
+    if (memcmp(out1, out2, AES_TEST_SIZE) != 0) {
+        printf("mcapi aes-128 cbc encrypt cmp failed\n");
+        return -1;
+    }
+
+    /* 128 cbc decrypt */
+    ret = CRYPT_AES_KeySet(&mcAes, key, 16, iv, CRYPT_AES_DECRYPTION);
+    if (ret != 0) {
+        printf("mcapi aes-128 key set failed\n");
+        return -1;
+    }
+    ret = wc_AesSetKey(&defAes, key, 16, iv, DES_DECRYPTION);
+    if (ret != 0) {
+        printf("default aes-128 key set failed\n");
+        return -1;
+    }
+
+    ret = CRYPT_AES_CBC_Decrypt(&mcAes, out2, out1, AES_TEST_SIZE);
+    if (ret != 0) {
+        printf("mcapi aes-128 cbc decrypt failed\n");
+        return -1;
+    }
+    wc_AesCbcDecrypt(&defAes, out1, out1, AES_TEST_SIZE);
+
+    if (memcmp(out1, out2, AES_TEST_SIZE) != 0) {
+        printf("mcapi aes-128 cbc decrypt cmp failed\n");
+        return -1;
+    }
+
+    if (memcmp(out1, ourData, AES_TEST_SIZE) != 0) {
+        printf("mcapi aes-128 cbc decrypt orig cmp failed\n");
+        return -1;
+    }
+
+    /* 192 cbc encrypt */
+    ret = CRYPT_AES_KeySet(&mcAes, key, 24, iv, CRYPT_AES_ENCRYPTION);
+    if (ret != 0) {
+        printf("mcapi aes-192 key set failed\n");
+        return -1;
+    }
+    ret = wc_AesSetKey(&defAes, key, 24, iv, AES_ENCRYPTION);
+    if (ret != 0) {
+        printf("default aes-192 key set failed\n");
+        return -1;
+    }
+
+    ret = CRYPT_AES_CBC_Encrypt(&mcAes, out1, ourData, AES_TEST_SIZE);
+    if (ret != 0) {
+        printf("mcapi aes-192 cbc encrypt failed\n");
+        return -1;
+    }
+    wc_AesCbcEncrypt(&defAes, out2, ourData, AES_TEST_SIZE);
+
+    if (memcmp(out1, out2, AES_TEST_SIZE) != 0) {
+        printf("mcapi aes-192 cbc encrypt cmp failed\n");
+        return -1;
+    }
+
+    /* 192 cbc decrypt */
+    ret = CRYPT_AES_KeySet(&mcAes, key, 24, iv, CRYPT_AES_DECRYPTION);
+    if (ret != 0) {
+        printf("mcapi aes-192 key set failed\n");
+        return -1;
+    }
+    ret = wc_AesSetKey(&defAes, key, 24, iv, AES_DECRYPTION);
+    if (ret != 0) {
+        printf("default aes-192 key set failed\n");
+        return -1;
+    }
+
+    ret = CRYPT_AES_CBC_Decrypt(&mcAes, out2, out1, AES_TEST_SIZE);
+    if (ret != 0) {
+        printf("mcapi aes-192 cbc decrypt failed\n");
+        return -1;
+    }
+    wc_AesCbcDecrypt(&defAes, out1, out1, AES_TEST_SIZE);
+
+    if (memcmp(out1, out2, AES_TEST_SIZE) != 0) {
+        printf("mcapi aes-192 cbc decrypt cmp failed\n");
+        return -1;
+    }
+
+    if (memcmp(out1, ourData, AES_TEST_SIZE) != 0) {
+        printf("mcapi aes-192 cbc decrypt orig cmp failed\n");
+        return -1;
+    }
+
+    /* 256 cbc encrypt */
+    ret = CRYPT_AES_KeySet(&mcAes, key, 32, iv, CRYPT_AES_ENCRYPTION);
+    if (ret != 0) {
+        printf("mcapi aes-256 key set failed\n");
+        return -1;
+    }
+    ret = wc_AesSetKey(&defAes, key, 32, iv, AES_ENCRYPTION);
+    if (ret != 0) {
+        printf("default aes-256 key set failed\n");
+        return -1;
+    }
+
+    ret = CRYPT_AES_CBC_Encrypt(&mcAes, out1, ourData, AES_TEST_SIZE);
+    if (ret != 0) {
+        printf("mcapi aes-256 cbc encrypt failed\n");
+        return -1;
+    }
+    wc_AesCbcEncrypt(&defAes, out2, ourData, AES_TEST_SIZE);
+
+    if (memcmp(out1, out2, AES_TEST_SIZE) != 0) {
+        printf("mcapi aes-256 cbc encrypt cmp failed\n");
+        return -1;
+    }
+
+    /* 256 cbc decrypt */
+    ret = CRYPT_AES_KeySet(&mcAes, key, 32, iv, CRYPT_AES_DECRYPTION);
+    if (ret != 0) {
+        printf("mcapi aes-256 key set failed\n");
+        return -1;
+    }
+    ret = wc_AesSetKey(&defAes, key, 32, iv, AES_DECRYPTION);
+    if (ret != 0) {
+        printf("default aes-256 key set failed\n");
+        return -1;
+    }
+
+    ret = CRYPT_AES_CBC_Decrypt(&mcAes, out2, out1, AES_TEST_SIZE);
+    if (ret != 0) {
+        printf("mcapi aes-256 cbc decrypt failed\n");
+        return -1;
+    }
+    wc_AesCbcDecrypt(&defAes, out1, out1, AES_TEST_SIZE);
+
+    if (memcmp(out1, out2, AES_TEST_SIZE) != 0) {
+        printf("mcapi aes-256 cbc decrypt cmp failed\n");
+        return -1;
+    }
+
+    if (memcmp(out1, ourData, AES_TEST_SIZE) != 0) {
+        printf("mcapi aes-256 cbc decrypt orig cmp failed\n");
+        return -1;
+    }
+
+    printf("aes-cbc     mcapi test passed\n");
+
+    return 0;
+}
+
+
+/* check mcapi aes ctr */
+static int check_aesctr(void)
+{
+    CRYPT_AES_CTX mcAes;
+    Aes           defAes;
+    int           ret;
+    byte          out1[AES_TEST_SIZE];
+    byte          out2[AES_TEST_SIZE];
+
+    strncpy((char*)key, "1234567890abcdefghijklmnopqrstuv", 32);
+    strncpy((char*)iv,  "1234567890abcdef", 16);
+
+    /* 128 ctr encrypt */
+    ret = CRYPT_AES_KeySet(&mcAes, key, 16, iv, CRYPT_AES_ENCRYPTION);
+    if (ret != 0) {
+        printf("mcapi aes-128 key set failed\n");
+        return -1;
+    }
+    ret = wc_AesSetKey(&defAes, key, 16, iv, AES_ENCRYPTION);
+    if (ret != 0) {
+        printf("default aes-128 key set failed\n");
+        return -1;
+    }
+
+    ret = CRYPT_AES_CTR_Encrypt(&mcAes, out1, ourData, AES_TEST_SIZE);
+    if (ret != 0) {
+        printf("mcapi aes-128 ctr encrypt failed\n");
+        return -1;
+    }
+    wc_AesCtrEncrypt(&defAes, out2, ourData, AES_TEST_SIZE);
+
+    if (memcmp(out1, out2, AES_TEST_SIZE) != 0) {
+        printf("mcapi aes-128 ctr encrypt cmp failed\n");
+        return -1;
+    }
+
+    /* 128 ctr decrypt */
+    ret = CRYPT_AES_KeySet(&mcAes, key, 16, iv, CRYPT_AES_ENCRYPTION);
+    if (ret != 0) {
+        printf("mcapi aes-128 key set failed\n");
+        return -1;
+    }
+    ret = wc_AesSetKey(&defAes, key, 16, iv, AES_ENCRYPTION);
+    if (ret != 0) {
+        printf("default aes-128 key set failed\n");
+        return -1;
+    }
+
+    ret = CRYPT_AES_CTR_Encrypt(&mcAes, out2, out1, AES_TEST_SIZE);
+    if (ret != 0) {
+        printf("mcapi aes-128 ctr decrypt failed\n");
+        return -1;
+    }
+
+    if (memcmp(out2, ourData, AES_TEST_SIZE) != 0) {
+        printf("mcapi aes-128 ctr decrypt orig cmp failed\n");
+        return -1;
+    }
+
+    /* 192 ctr encrypt */
+    ret = CRYPT_AES_KeySet(&mcAes, key, 24, iv, CRYPT_AES_ENCRYPTION);
+    if (ret != 0) {
+        printf("mcapi aes-192 key set failed\n");
+        return -1;
+    }
+    ret = wc_AesSetKey(&defAes, key, 24, iv, AES_ENCRYPTION);
+    if (ret != 0) {
+        printf("default aes-192 key set failed\n");
+        return -1;
+    }
+
+    ret = CRYPT_AES_CTR_Encrypt(&mcAes, out1, ourData, AES_TEST_SIZE);
+    if (ret != 0) {
+        printf("mcapi aes-192 ctr encrypt failed\n");
+        return -1;
+    }
+    wc_AesCtrEncrypt(&defAes, out2, ourData, AES_TEST_SIZE);
+
+    if (memcmp(out1, out2, AES_TEST_SIZE) != 0) {
+        printf("mcapi aes-192 ctr encrypt cmp failed\n");
+        return -1;
+    }
+
+    /* 192 ctr decrypt */
+    ret = CRYPT_AES_KeySet(&mcAes, key, 24, iv, CRYPT_AES_ENCRYPTION);
+    if (ret != 0) {
+        printf("mcapi aes-192 key set failed\n");
+        return -1;
+    }
+    ret = wc_AesSetKey(&defAes, key, 24, iv, AES_DECRYPTION);
+    if (ret != 0) {
+        printf("default aes-192 key set failed\n");
+        return -1;
+    }
+
+    ret = CRYPT_AES_CTR_Encrypt(&mcAes, out2, out1, AES_TEST_SIZE);
+    if (ret != 0) {
+        printf("mcapi aes-192 ctr decrypt failed\n");
+        return -1;
+    }
+
+    if (memcmp(out2, ourData, AES_TEST_SIZE) != 0) {
+        printf("mcapi aes-192 ctr decrypt orig cmp failed\n");
+        return -1;
+    }
+
+    /* 256 ctr encrypt */
+    ret = CRYPT_AES_KeySet(&mcAes, key, 32, iv, CRYPT_AES_ENCRYPTION);
+    if (ret != 0) {
+        printf("mcapi aes-256 key set failed\n");
+        return -1;
+    }
+    ret = wc_AesSetKey(&defAes, key, 32, iv, AES_ENCRYPTION);
+    if (ret != 0) {
+        printf("default aes-256 key set failed\n");
+        return -1;
+    }
+
+    ret = CRYPT_AES_CTR_Encrypt(&mcAes, out1, ourData, AES_TEST_SIZE);
+    if (ret != 0) {
+        printf("mcapi aes-256 ctr encrypt failed\n");
+        return -1;
+    }
+    wc_AesCtrEncrypt(&defAes, out2, ourData, AES_TEST_SIZE);
+
+    if (memcmp(out1, out2, AES_TEST_SIZE) != 0) {
+        printf("mcapi aes-256 ctr encrypt cmp failed\n");
+        return -1;
+    }
+
+    /* 256 ctr decrypt */
+    ret = CRYPT_AES_KeySet(&mcAes, key, 32, iv, CRYPT_AES_ENCRYPTION);
+    if (ret != 0) {
+        printf("mcapi aes-256 key set failed\n");
+        return -1;
+    }
+    ret = wc_AesSetKey(&defAes, key, 32, iv, AES_ENCRYPTION);
+    if (ret != 0) {
+        printf("default aes-256 key set failed\n");
+        return -1;
+    }
+
+    ret = CRYPT_AES_CTR_Encrypt(&mcAes, out2, out1, AES_TEST_SIZE);
+    if (ret != 0) {
+        printf("mcapi aes-256 ctr decrypt failed\n");
+        return -1;
+    }
+
+    if (memcmp(out2, ourData, AES_TEST_SIZE) != 0) {
+        printf("mcapi aes-256 ctr decrypt orig cmp failed\n");
+        return -1;
+    }
+
+    printf("aes-ctr     mcapi test passed\n");
+
+    return 0;
+}
+
+
+/* check mcapi aes direct */
+static int check_aesdirect(void)
+{
+    CRYPT_AES_CTX mcAes;
+    Aes           defAes;
+    int           ret;
+    byte          out1[CRYPT_AES_BLOCK_SIZE];
+    byte          out2[16];  /* one block at a time */
+
+    strncpy((char*)key, "1234567890abcdefghijklmnopqrstuv", 32);
+    strncpy((char*)iv,  "1234567890abcdef", 16);
+
+    /* 128 direct encrypt */
+    ret = CRYPT_AES_KeySet(&mcAes, key, 16, iv, CRYPT_AES_ENCRYPTION);
+    if (ret != 0) {
+        printf("mcapi aes-128 key set failed\n");
+        return -1;
+    }
+    ret = wc_AesSetKey(&defAes, key, 16, iv, AES_ENCRYPTION);
+    if (ret != 0) {
+        printf("default aes-128 key set failed\n");
+        return -1;
+    }
+
+    ret = CRYPT_AES_DIRECT_Encrypt(&mcAes, out1, ourData);
+    if (ret != 0) {
+        printf("mcapi aes-128 direct encrypt failed\n");
+        return -1;
+    }
+    wc_AesEncryptDirect(&defAes, out2, ourData);
+
+    if (memcmp(out1, out2, CRYPT_AES_BLOCK_SIZE) != 0) {
+        printf("mcapi aes-128 direct encrypt cmp failed\n");
+        return -1;
+    }
+
+    /* 128 direct decrypt */
+    ret = CRYPT_AES_KeySet(&mcAes, key, 16, iv, CRYPT_AES_DECRYPTION);
+    if (ret != 0) {
+        printf("mcapi aes-128 key set failed\n");
+        return -1;
+    }
+    ret = wc_AesSetKey(&defAes, key, 16, iv, DES_DECRYPTION);
+    if (ret != 0) {
+        printf("default aes-128 key set failed\n");
+        return -1;
+    }
+
+    ret = CRYPT_AES_DIRECT_Decrypt(&mcAes, out2, out1);
+    if (ret != 0) {
+        printf("mcapi aes-128 direct decrypt failed\n");
+        return -1;
+    }
+    wc_AesDecryptDirect(&defAes, out1, out1);
+
+    if (memcmp(out1, out2, CRYPT_AES_BLOCK_SIZE) != 0) {
+        printf("mcapi aes-128 direct decrypt cmp failed\n");
+        return -1;
+    }
+
+    if (memcmp(out1, ourData, CRYPT_AES_BLOCK_SIZE) != 0) {
+        printf("mcapi aes-128 direct decrypt orig cmp failed\n");
+        return -1;
+    }
+
+    /* 192 direct encrypt */
+    ret = CRYPT_AES_KeySet(&mcAes, key, 24, iv, CRYPT_AES_ENCRYPTION);
+    if (ret != 0) {
+        printf("mcapi aes-192 key set failed\n");
+        return -1;
+    }
+    ret = wc_AesSetKey(&defAes, key, 24, iv, AES_ENCRYPTION);
+    if (ret != 0) {
+        printf("default aes-192 key set failed\n");
+        return -1;
+    }
+
+    ret = CRYPT_AES_DIRECT_Encrypt(&mcAes, out1, ourData);
+    if (ret != 0) {
+        printf("mcapi aes-192 direct encrypt failed\n");
+        return -1;
+    }
+    wc_AesEncryptDirect(&defAes, out2, ourData);
+
+    if (memcmp(out1, out2, CRYPT_AES_BLOCK_SIZE) != 0) {
+        printf("mcapi aes-192 direct encrypt cmp failed\n");
+        return -1;
+    }
+
+    /* 192 direct decrypt */
+    ret = CRYPT_AES_KeySet(&mcAes, key, 24, iv, CRYPT_AES_DECRYPTION);
+    if (ret != 0) {
+        printf("mcapi aes-192 key set failed\n");
+        return -1;
+    }
+    ret = wc_AesSetKey(&defAes, key, 24, iv, AES_DECRYPTION);
+    if (ret != 0) {
+        printf("default aes-192 key set failed\n");
+        return -1;
+    }
+
+    ret = CRYPT_AES_DIRECT_Decrypt(&mcAes, out2, out1);
+    if (ret != 0) {
+        printf("mcapi aes-192 direct decrypt failed\n");
+        return -1;
+    }
+    wc_AesDecryptDirect(&defAes, out1, out1);
+
+    if (memcmp(out1, out2, CRYPT_AES_BLOCK_SIZE) != 0) {
+        printf("mcapi aes-192 direct decrypt cmp failed\n");
+        return -1;
+    }
+
+    if (memcmp(out1, ourData, CRYPT_AES_BLOCK_SIZE) != 0) {
+        printf("mcapi aes-192 direct decrypt orig cmp failed\n");
+        return -1;
+    }
+
+    /* 256 direct encrypt */
+    ret = CRYPT_AES_KeySet(&mcAes, key, 32, iv, CRYPT_AES_ENCRYPTION);
+    if (ret != 0) {
+        printf("mcapi aes-256 key set failed\n");
+        return -1;
+    }
+    ret = wc_AesSetKey(&defAes, key, 32, iv, AES_ENCRYPTION);
+    if (ret != 0) {
+        printf("default aes-256 key set failed\n");
+        return -1;
+    }
+
+    ret = CRYPT_AES_DIRECT_Encrypt(&mcAes, out1, ourData);
+    if (ret != 0) {
+        printf("mcapi aes-256 direct encrypt failed\n");
+        return -1;
+    }
+    wc_AesEncryptDirect(&defAes, out2, ourData);
+
+    if (memcmp(out1, out2, CRYPT_AES_BLOCK_SIZE) != 0) {
+        printf("mcapi aes-256 direct encrypt cmp failed\n");
+        return -1;
+    }
+
+    /* 256 direct decrypt */
+    ret = CRYPT_AES_KeySet(&mcAes, key, 32, iv, CRYPT_AES_DECRYPTION);
+    if (ret != 0) {
+        printf("mcapi aes-256 key set failed\n");
+        return -1;
+    }
+    ret = wc_AesSetKey(&defAes, key, 32, iv, AES_DECRYPTION);
+    if (ret != 0) {
+        printf("default aes-256 key set failed\n");
+        return -1;
+    }
+
+    ret = CRYPT_AES_DIRECT_Decrypt(&mcAes, out2, out1);
+    if (ret != 0) {
+        printf("mcapi aes-256 direct decrypt failed\n");
+        return -1;
+    }
+    wc_AesDecryptDirect(&defAes, out1, out1);
+
+    if (memcmp(out1, out2, CRYPT_AES_BLOCK_SIZE) != 0) {
+        printf("mcapi aes-256 direct decrypt cmp failed\n");
+        return -1;
+    }
+
+    if (memcmp(out1, ourData, CRYPT_AES_BLOCK_SIZE) != 0) {
+        printf("mcapi aes-256 direct decrypt orig cmp failed\n");
+        return -1;
+    }
+
+    printf("aes-direct  mcapi test passed\n");
+
+    return 0;
+}
+
+
+#define RSA_TEST_SIZE 64
+
+/* check mcapi rsa */
+static int check_rsa(void)
+{
+    CRYPT_RSA_CTX mcRsa;
+    RsaKey        defRsa;
+    int           ret;
+    int           ret2;
+    unsigned int  keySz = (unsigned int)sizeof(client_key_der_1024);
+    unsigned int  idx   = 0;
+    byte          out1[256];
+    byte          out2[256];
+
+    ret = wc_InitRsaKey(&defRsa, NULL);
+    if (ret == 0)
+        ret = CRYPT_RSA_Initialize(&mcRsa);
+    if (ret != 0) {
+        printf("mcapi rsa init failed\n");
+        return -1;
+    }
+
+    ret = CRYPT_RSA_PrivateKeyDecode(&mcRsa, client_key_der_1024, keySz);
+    if (ret != 0) {
+        printf("mcapi rsa private key decode failed\n");
+        return -1;
+    }
+
+    ret = wc_RsaPrivateKeyDecode(client_key_der_1024, &idx, &defRsa, keySz);
+    if (ret != 0) {
+        printf("default rsa private key decode failed\n");
+        return -1;
+    }
+
+    ret = CRYPT_RSA_PublicEncrypt(&mcRsa, out1, sizeof(out1), ourData,
+                                  RSA_TEST_SIZE, &mcRng);
+    if (ret < 0) {
+        printf("mcapi rsa public encrypt failed\n");
+        return -1;
+    }
+
+    ret2 = wc_RsaPublicEncrypt(ourData, RSA_TEST_SIZE, out2, sizeof(out2),
+                            &defRsa, &defRng);
+    if (ret2 < 0) {
+        printf("default rsa public encrypt failed\n");
+        return -1;
+    }
+
+    if (ret != ret2) {
+        printf("default rsa public encrypt sz != mcapi sz\n");
+        return -1;
+    }
+
+    if (ret != CRYPT_RSA_EncryptSizeGet(&mcRsa)) {
+        printf("mcapi encrypt sz get != mcapi sz\n");
+        return -1;
+    }
+
+    ret = CRYPT_RSA_PrivateDecrypt(&mcRsa, out2, sizeof(out2), out1, ret); 
+    if (ret < 0) {
+        printf("mcapi rsa private derypt failed\n");
+        return -1;
+    }
+
+    if (ret != RSA_TEST_SIZE) {
+        printf("mcapi rsa private derypt plain size wrong\n");
+        return -1;
+    }
+
+    if (memcmp(out2, ourData, ret) != 0) {
+        printf("mcapi rsa private derypt plain text bad\n");
+        return -1;
+    }
+
+    wc_FreeRsaKey(&defRsa);
+    ret = CRYPT_RSA_Free(&mcRsa);
+    if (ret != 0) {
+        printf("mcapi rsa free failed\n");
+        return -1;
+    }
+    
+    printf("rsa         mcapi test passed\n");
+
+    return 0;
+}
+
+
+/* check mcapi ecc */
+static int check_ecc(void)
+{
+    CRYPT_ECC_CTX userA; 
+    CRYPT_ECC_CTX userB;
+    int           ret;
+    byte          sharedA[100];
+    byte          sharedB[100];
+    byte          sig[100];
+    unsigned int  aSz   = (unsigned int)sizeof(sharedA);
+    unsigned int  bSz   = (unsigned int)sizeof(sharedB);
+    unsigned int  sigSz = (unsigned int)sizeof(sig);
+    unsigned int  usedA = 0;
+    unsigned int  usedB = 0;
+    int verifyStatus = 0;
+
+    /* init */
+    ret = CRYPT_ECC_Initialize(&userA);
+    if (ret != 0) {
+        printf("mcapi ecc init failed\n");
+        return -1;
+    }
+
+    ret = CRYPT_ECC_Initialize(&userB);
+    if (ret != 0) {
+        printf("mcapi ecc init b failed\n");
+        return -1;
+    }
+
+    /* dhe + helpers */
+    ret = CRYPT_ECC_DHE_KeyMake(&userA, &mcRng, 32);
+    if (ret != 0) {
+        printf("mcapi ecc make key failed\n");
+        return -1;
+    }
+
+    ret = CRYPT_ECC_DHE_KeyMake(&userB, &mcRng, 32);
+    if (ret != 0) {
+        printf("mcapi ecc make key b failed\n");
+        return -1;
+    }
+
+    ret = CRYPT_ECC_KeySizeGet(&userA);
+    if (ret <= 0) {
+        printf("mcapi ecc key size get failed\n");
+        return -1;
+    }
+
+    ret = CRYPT_ECC_SignatureSizeGet(&userA);
+    if (ret <= 0) {
+        printf("mcapi ecc signature size get failed\n");
+        return -1;
+    }
+
+    ret = CRYPT_ECC_DHE_SharedSecretMake(&userA, &userB, sharedA, aSz, &usedA);
+    if (ret != 0) {
+        printf("mcapi ecc make shared secret failed\n");
+        return -1;
+    }
+
+    ret = CRYPT_ECC_DHE_SharedSecretMake(&userB, &userA, sharedB, bSz, &usedB);
+    if (ret != 0) {
+        printf("mcapi ecc make shared secret failed\n");
+        return -1;
+    }
+
+    if (usedA != usedB || usedA <= 0) {
+        printf("mcapi ecc make shared secret output size match failed\n");
+        return -1;
+    }
+
+    if (memcmp(sharedA, sharedB, usedA) != 0) {
+        printf("mcapi ecc make shared secret output match cmp failed\n");
+        return -1;
+    }
+
+    /* dsa */
+    ret = CRYPT_ECC_DSA_HashSign(&userA, &mcRng, sig, sigSz, &usedA, ourData,
+                                 CRYPT_SHA_DIGEST_SIZE);
+    if (ret != 0) {
+        printf("mcapi ecc sign hash failed\n");
+        return -1;
+    }
+
+    sigSz = usedA;
+    if (sigSz <= 0) {
+        printf("mcapi ecc sign hash bad sig size\n");
+        return -1;
+    }
+
+    ret = CRYPT_ECC_DSA_HashVerify(&userA, sig, sigSz, ourData,
+                                   CRYPT_SHA_DIGEST_SIZE, &verifyStatus);
+    if (ret != 0) {
+        printf("mcapi ecc verify hash failed\n");
+        return -1;
+    }
+    if (verifyStatus != 1) {
+        printf("mcapi ecc verify hash status failed\n");
+        return -1;
+    }
+
+    /* import / export */
+    usedA = 0;
+    ret = CRYPT_ECC_PublicExport(&userA, sharedA, aSz, &usedA);
+    if (ret != 0) {
+        printf("mcapi ecc public export failed\n");
+        return -1;
+    }
+  
+    ret = CRYPT_ECC_PublicImport(&userB, sharedA, usedA);
+    if (ret != 0) {
+        printf("mcapi ecc public import failed\n");
+        return -1;
+    }
+
+    ret = CRYPT_ECC_Free(&userA);
+    if (ret != 0) {
+        printf("mcapi ecc free failed\n");
+        return -1;
+    }
+
+    ret = CRYPT_ECC_Free(&userB);
+    if (ret != 0) {
+        printf("mcapi ecc free b failed\n");
+        return -1;
+    }
+
+    printf("ecc         mcapi test passed\n");
+
+    return 0;
+}
+
diff --git a/3P/wolfssl/mcapi/wolfcrypt_mcapi.X/Makefile b/3P/wolfssl/mcapi/wolfcrypt_mcapi.X/Makefile
new file mode 100644
index 00000000..05a3fb1b
--- /dev/null
+++ b/3P/wolfssl/mcapi/wolfcrypt_mcapi.X/Makefile
@@ -0,0 +1,108 @@
+#
+#  There exist several targets which are by default empty and which can be 
+#  used for execution of your targets. These targets are usually executed 
+#  before and after some main targets. They are: 
+#
+#     .build-pre:              called before 'build' target
+#     .build-post:             called after 'build' target
+#     .clean-pre:              called before 'clean' target
+#     .clean-post:             called after 'clean' target
+#     .clobber-pre:            called before 'clobber' target
+#     .clobber-post:           called after 'clobber' target
+#     .all-pre:                called before 'all' target
+#     .all-post:               called after 'all' target
+#     .help-pre:               called before 'help' target
+#     .help-post:              called after 'help' target
+#
+#  Targets beginning with '.' are not intended to be called on their own.
+#
+#  Main targets can be executed directly, and they are:
+#  
+#     build                    build a specific configuration
+#     clean                    remove built files from a configuration
+#     clobber                  remove all built files
+#     all                      build all configurations
+#     help                     print help mesage
+#  
+#  Targets .build-impl, .clean-impl, .clobber-impl, .all-impl, and
+#  .help-impl are implemented in nbproject/makefile-impl.mk.
+#
+#  Available make variables:
+#
+#     CND_BASEDIR                base directory for relative paths
+#     CND_DISTDIR                default top distribution directory (build artifacts)
+#     CND_BUILDDIR               default top build directory (object files, ...)
+#     CONF                       name of current configuration
+#     CND_ARTIFACT_DIR_${CONF}   directory of build artifact (current configuration)
+#     CND_ARTIFACT_NAME_${CONF}  name of build artifact (current configuration)
+#     CND_ARTIFACT_PATH_${CONF}  path to build artifact (current configuration)
+#     CND_PACKAGE_DIR_${CONF}    directory of package (current configuration)
+#     CND_PACKAGE_NAME_${CONF}   name of package (current configuration)
+#     CND_PACKAGE_PATH_${CONF}   path to package (current configuration)
+#
+# NOCDDL
+
+
+# Environment 
+MKDIR=mkdir
+CP=cp
+CCADMIN=CCadmin
+RANLIB=ranlib
+
+
+# build
+build: .build-post
+
+.build-pre:
+# Add your pre 'build' code here...
+
+.build-post: .build-impl
+# Add your post 'build' code here...
+
+
+# clean
+clean: .clean-post
+
+.clean-pre:
+# Add your pre 'clean' code here...
+
+.clean-post: .clean-impl
+# Add your post 'clean' code here...
+
+
+# clobber
+clobber: .clobber-post
+
+.clobber-pre:
+# Add your pre 'clobber' code here...
+
+.clobber-post: .clobber-impl
+# Add your post 'clobber' code here...
+
+
+# all
+all: .all-post
+
+.all-pre:
+# Add your pre 'all' code here...
+
+.all-post: .all-impl
+# Add your post 'all' code here...
+
+
+# help
+help: .help-post
+
+.help-pre:
+# Add your pre 'help' code here...
+
+.help-post: .help-impl
+# Add your post 'help' code here...
+
+
+
+# include project implementation makefile
+include nbproject/Makefile-impl.mk
+
+# include project make variables
+include nbproject/Makefile-variables.mk
diff --git a/3P/wolfssl/mcapi/wolfcrypt_mcapi.X/nbproject/configurations.xml b/3P/wolfssl/mcapi/wolfcrypt_mcapi.X/nbproject/configurations.xml
new file mode 100644
index 00000000..4d3eec5f
--- /dev/null
+++ b/3P/wolfssl/mcapi/wolfcrypt_mcapi.X/nbproject/configurations.xml
@@ -0,0 +1,196 @@
+
+
+  
+    
+    
+    
+    
+    
+      ../mcapi_test.c
+      ../crypto.c
+    
+    
+      Makefile
+    
+  
+  
+    ..
+  
+  Makefile
+  
+    
+      
+        localhost
+        PIC32MX795F512L
+        
+        
+        SKDEPIC32PlatformTool
+        XC32
+        1.34
+        4
+      
+      
+        
+          
+            
+              
+              
+            
+            
+              
+              
+            
+          
+        
+        
+        
+        
+          false
+          false
+          
+        
+      
+      
+        false
+        
+        false
+        
+        false
+        false
+        false
+      
+      
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+      
+      
+        
+      
+      
+      
+      
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+      
+      
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+      
+      
+        
+        
+        
+        
+        
+        
+      
+      
+        
+      
+    
+  
+
diff --git a/3P/wolfssl/mcapi/wolfcrypt_mcapi.X/nbproject/include.am b/3P/wolfssl/mcapi/wolfcrypt_mcapi.X/nbproject/include.am
new file mode 100644
index 00000000..11b2ae9c
--- /dev/null
+++ b/3P/wolfssl/mcapi/wolfcrypt_mcapi.X/nbproject/include.am
@@ -0,0 +1,11 @@
+# vim:ft=automake
+# All paths should be given relative to the root
+#
+
+EXTRA_DIST += \
+         mcapi/wolfcrypt_mcapi.X/Makefile
+
+EXTRA_DIST += \
+         mcapi/wolfcrypt_mcapi.X/nbproject/configurations.xml \
+         mcapi/wolfcrypt_mcapi.X/nbproject/project.xml
+
diff --git a/3P/wolfssl/mcapi/wolfcrypt_mcapi.X/nbproject/project.xml b/3P/wolfssl/mcapi/wolfcrypt_mcapi.X/nbproject/project.xml
new file mode 100644
index 00000000..c133c7c8
--- /dev/null
+++ b/3P/wolfssl/mcapi/wolfcrypt_mcapi.X/nbproject/project.xml
@@ -0,0 +1,20 @@
+
+
+    com.microchip.mplab.nbide.embedded.makeproject
+    
+        
+            wolfcrypt_mcapi
+            2ca6ab9b-e225-4ad3-b48e-9ea7b47a4ca4
+            0
+            c
+            
+            
+            ISO-8859-1
+            
+            
+                ../wolfssl.X
+                ../zlib.X
+            
+        
+    
+
diff --git a/3P/wolfssl/mcapi/wolfcrypt_test.X/Makefile b/3P/wolfssl/mcapi/wolfcrypt_test.X/Makefile
new file mode 100644
index 00000000..05a3fb1b
--- /dev/null
+++ b/3P/wolfssl/mcapi/wolfcrypt_test.X/Makefile
@@ -0,0 +1,108 @@
+#
+#  There exist several targets which are by default empty and which can be 
+#  used for execution of your targets. These targets are usually executed 
+#  before and after some main targets. They are: 
+#
+#     .build-pre:              called before 'build' target
+#     .build-post:             called after 'build' target
+#     .clean-pre:              called before 'clean' target
+#     .clean-post:             called after 'clean' target
+#     .clobber-pre:            called before 'clobber' target
+#     .clobber-post:           called after 'clobber' target
+#     .all-pre:                called before 'all' target
+#     .all-post:               called after 'all' target
+#     .help-pre:               called before 'help' target
+#     .help-post:              called after 'help' target
+#
+#  Targets beginning with '.' are not intended to be called on their own.
+#
+#  Main targets can be executed directly, and they are:
+#  
+#     build                    build a specific configuration
+#     clean                    remove built files from a configuration
+#     clobber                  remove all built files
+#     all                      build all configurations
+#     help                     print help mesage
+#  
+#  Targets .build-impl, .clean-impl, .clobber-impl, .all-impl, and
+#  .help-impl are implemented in nbproject/makefile-impl.mk.
+#
+#  Available make variables:
+#
+#     CND_BASEDIR                base directory for relative paths
+#     CND_DISTDIR                default top distribution directory (build artifacts)
+#     CND_BUILDDIR               default top build directory (object files, ...)
+#     CONF                       name of current configuration
+#     CND_ARTIFACT_DIR_${CONF}   directory of build artifact (current configuration)
+#     CND_ARTIFACT_NAME_${CONF}  name of build artifact (current configuration)
+#     CND_ARTIFACT_PATH_${CONF}  path to build artifact (current configuration)
+#     CND_PACKAGE_DIR_${CONF}    directory of package (current configuration)
+#     CND_PACKAGE_NAME_${CONF}   name of package (current configuration)
+#     CND_PACKAGE_PATH_${CONF}   path to package (current configuration)
+#
+# NOCDDL
+
+
+# Environment 
+MKDIR=mkdir
+CP=cp
+CCADMIN=CCadmin
+RANLIB=ranlib
+
+
+# build
+build: .build-post
+
+.build-pre:
+# Add your pre 'build' code here...
+
+.build-post: .build-impl
+# Add your post 'build' code here...
+
+
+# clean
+clean: .clean-post
+
+.clean-pre:
+# Add your pre 'clean' code here...
+
+.clean-post: .clean-impl
+# Add your post 'clean' code here...
+
+
+# clobber
+clobber: .clobber-post
+
+.clobber-pre:
+# Add your pre 'clobber' code here...
+
+.clobber-post: .clobber-impl
+# Add your post 'clobber' code here...
+
+
+# all
+all: .all-post
+
+.all-pre:
+# Add your pre 'all' code here...
+
+.all-post: .all-impl
+# Add your post 'all' code here...
+
+
+# help
+help: .help-post
+
+.help-pre:
+# Add your pre 'help' code here...
+
+.help-post: .help-impl
+# Add your post 'help' code here...
+
+
+
+# include project implementation makefile
+include nbproject/Makefile-impl.mk
+
+# include project make variables
+include nbproject/Makefile-variables.mk
diff --git a/3P/wolfssl/mcapi/wolfcrypt_test.X/nbproject/configurations.xml b/3P/wolfssl/mcapi/wolfcrypt_test.X/nbproject/configurations.xml
new file mode 100644
index 00000000..5c5065e7
--- /dev/null
+++ b/3P/wolfssl/mcapi/wolfcrypt_test.X/nbproject/configurations.xml
@@ -0,0 +1,212 @@
+
+
+  
+    
+    
+    
+    
+    
+      ../../mplabx/test_main.c
+      ../../wolfcrypt/test/test.c
+    
+    
+      Makefile
+    
+  
+  
+    ../../mplabx
+    ../../wolfcrypt/test
+  
+  Makefile
+  
+    
+      
+        localhost
+        PIC32MX795F512L
+        
+        
+        SKDEPIC32PlatformTool
+        XC32
+        1.34
+        4
+      
+      
+        
+          
+            
+              
+              
+            
+            
+              
+              
+            
+          
+        
+        
+        
+        
+          false
+          false
+          
+        
+      
+      
+        false
+        
+        false
+        
+        false
+        false
+        false
+      
+      
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+      
+      
+        
+      
+      
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+      
+      
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+      
+      
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+      
+      
+        
+        
+        
+        
+        
+        
+      
+      
+        
+      
+    
+  
+
diff --git a/3P/wolfssl/mcapi/wolfcrypt_test.X/nbproject/include.am b/3P/wolfssl/mcapi/wolfcrypt_test.X/nbproject/include.am
new file mode 100644
index 00000000..83cdc61d
--- /dev/null
+++ b/3P/wolfssl/mcapi/wolfcrypt_test.X/nbproject/include.am
@@ -0,0 +1,11 @@
+# vim:ft=automake
+# All paths should be given relative to the root
+#
+
+EXTRA_DIST += \
+         mcapi/wolfcrypt_test.X/Makefile
+
+EXTRA_DIST += \
+         mcapi/wolfcrypt_test.X/nbproject/configurations.xml \
+         mcapi/wolfcrypt_test.X/nbproject/project.xml
+
diff --git a/3P/wolfssl/mcapi/wolfcrypt_test.X/nbproject/project.xml b/3P/wolfssl/mcapi/wolfcrypt_test.X/nbproject/project.xml
new file mode 100644
index 00000000..0fd889d6
--- /dev/null
+++ b/3P/wolfssl/mcapi/wolfcrypt_test.X/nbproject/project.xml
@@ -0,0 +1,20 @@
+
+
+    com.microchip.mplab.nbide.embedded.makeproject
+    
+        
+            wolfcrypt_test
+            b34c4937-7042-4352-88b1-7717bcdf8aeb
+            0
+            c
+            
+            
+            ISO-8859-1
+            
+            
+                ../wolfssl.X
+                ../zlib.X
+            
+        
+    
+
diff --git a/3P/wolfssl/mcapi/wolfssl.X/Makefile b/3P/wolfssl/mcapi/wolfssl.X/Makefile
new file mode 100644
index 00000000..05a3fb1b
--- /dev/null
+++ b/3P/wolfssl/mcapi/wolfssl.X/Makefile
@@ -0,0 +1,108 @@
+#
+#  There exist several targets which are by default empty and which can be 
+#  used for execution of your targets. These targets are usually executed 
+#  before and after some main targets. They are: 
+#
+#     .build-pre:              called before 'build' target
+#     .build-post:             called after 'build' target
+#     .clean-pre:              called before 'clean' target
+#     .clean-post:             called after 'clean' target
+#     .clobber-pre:            called before 'clobber' target
+#     .clobber-post:           called after 'clobber' target
+#     .all-pre:                called before 'all' target
+#     .all-post:               called after 'all' target
+#     .help-pre:               called before 'help' target
+#     .help-post:              called after 'help' target
+#
+#  Targets beginning with '.' are not intended to be called on their own.
+#
+#  Main targets can be executed directly, and they are:
+#  
+#     build                    build a specific configuration
+#     clean                    remove built files from a configuration
+#     clobber                  remove all built files
+#     all                      build all configurations
+#     help                     print help mesage
+#  
+#  Targets .build-impl, .clean-impl, .clobber-impl, .all-impl, and
+#  .help-impl are implemented in nbproject/makefile-impl.mk.
+#
+#  Available make variables:
+#
+#     CND_BASEDIR                base directory for relative paths
+#     CND_DISTDIR                default top distribution directory (build artifacts)
+#     CND_BUILDDIR               default top build directory (object files, ...)
+#     CONF                       name of current configuration
+#     CND_ARTIFACT_DIR_${CONF}   directory of build artifact (current configuration)
+#     CND_ARTIFACT_NAME_${CONF}  name of build artifact (current configuration)
+#     CND_ARTIFACT_PATH_${CONF}  path to build artifact (current configuration)
+#     CND_PACKAGE_DIR_${CONF}    directory of package (current configuration)
+#     CND_PACKAGE_NAME_${CONF}   name of package (current configuration)
+#     CND_PACKAGE_PATH_${CONF}   path to package (current configuration)
+#
+# NOCDDL
+
+
+# Environment 
+MKDIR=mkdir
+CP=cp
+CCADMIN=CCadmin
+RANLIB=ranlib
+
+
+# build
+build: .build-post
+
+.build-pre:
+# Add your pre 'build' code here...
+
+.build-post: .build-impl
+# Add your post 'build' code here...
+
+
+# clean
+clean: .clean-post
+
+.clean-pre:
+# Add your pre 'clean' code here...
+
+.clean-post: .clean-impl
+# Add your post 'clean' code here...
+
+
+# clobber
+clobber: .clobber-post
+
+.clobber-pre:
+# Add your pre 'clobber' code here...
+
+.clobber-post: .clobber-impl
+# Add your post 'clobber' code here...
+
+
+# all
+all: .all-post
+
+.all-pre:
+# Add your pre 'all' code here...
+
+.all-post: .all-impl
+# Add your post 'all' code here...
+
+
+# help
+help: .help-post
+
+.help-pre:
+# Add your pre 'help' code here...
+
+.help-post: .help-impl
+# Add your post 'help' code here...
+
+
+
+# include project implementation makefile
+include nbproject/Makefile-impl.mk
+
+# include project make variables
+include nbproject/Makefile-variables.mk
diff --git a/3P/wolfssl/mcapi/wolfssl.X/nbproject/configurations.xml b/3P/wolfssl/mcapi/wolfssl.X/nbproject/configurations.xml
new file mode 100644
index 00000000..57c9e37f
--- /dev/null
+++ b/3P/wolfssl/mcapi/wolfssl.X/nbproject/configurations.xml
@@ -0,0 +1,229 @@
+
+
+  
+    
+    
+    
+    
+    
+      
+        ../../wolfcrypt/src/aes.c
+        ../../wolfcrypt/src/arc4.c
+        ../../wolfcrypt/src/asm.c
+        ../../wolfcrypt/src/asn.c
+        ../../wolfcrypt/src/blake2b.c
+        ../../wolfcrypt/src/camellia.c
+        ../../wolfcrypt/src/chacha.c
+        ../../wolfcrypt/src/coding.c
+        ../../wolfcrypt/src/compress.c
+        ../../wolfcrypt/src/des3.c
+        ../../wolfcrypt/src/dh.c
+        ../../wolfcrypt/src/dsa.c
+        ../../wolfcrypt/src/ecc.c
+        ../../wolfcrypt/src/ecc_fp.c
+        ../../wolfcrypt/src/error.c
+        ../../wolfcrypt/src/hc128.c
+        ../../wolfcrypt/src/hmac.c
+        ../../wolfcrypt/src/integer.c
+        ../../wolfcrypt/src/logging.c
+        ../../wolfcrypt/src/md2.c
+        ../../wolfcrypt/src/md4.c
+        ../../wolfcrypt/src/md5.c
+        ../../wolfcrypt/src/memory.c
+        ../../wolfcrypt/src/misc.c
+        ../../wolfcrypt/src/pic32mz-hash.c
+        ../../wolfcrypt/src/pkcs7.c
+        ../../wolfcrypt/src/poly1305.c
+        ../../wolfcrypt/src/pw.c
+        ../../wolfcrypt/src/pwdbased.c
+        ../../wolfcrypt/src/rabbit.c
+        ../../wolfcrypt/src/random.c
+        ../../wolfcrypt/src/ripemd.c
+        ../../wolfcrypt/src/rsa.c
+        ../../wolfcrypt/src/sha.c
+        ../../wolfcrypt/src/sha256.c
+        ../../wolfcrypt/src/sha512.c
+        ../../wolfcrypt/src/tfm.c
+        ../../wolfcrypt/src/wc_port.c
+      
+      
+        ../../src/crl.c
+        ../../src/internal.c
+        ../../src/io.c
+        ../../src/keys.c
+        ../../src/ocsp.c
+        ../../src/sniffer.c
+        ../../src/ssl.c
+        ../../src/tls.c
+      
+    
+    
+      Makefile
+    
+  
+  
+    ..
+    ../../ctaocrypt/src
+    ../../src
+    ../../wolfcrypt
+  
+  Makefile
+  
+    
+      
+        localhost
+        PIC32MX795F512L
+        
+        
+        SKDEPIC32PlatformTool
+        XC32
+        1.34
+        4
+      
+      
+        
+          
+          
+        
+        
+        
+        
+          false
+          false
+          
+        
+      
+      
+        false
+        
+        false
+        
+        false
+        false
+        false
+      
+      
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+      
+      
+        
+      
+      
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+      
+      
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+      
+      
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+      
+      
+        
+        
+        
+        
+        
+        
+      
+      
+        
+      
+    
+  
+
diff --git a/3P/wolfssl/mcapi/wolfssl.X/nbproject/include.am b/3P/wolfssl/mcapi/wolfssl.X/nbproject/include.am
new file mode 100644
index 00000000..9ace61b5
--- /dev/null
+++ b/3P/wolfssl/mcapi/wolfssl.X/nbproject/include.am
@@ -0,0 +1,11 @@
+# vim:ft=automake
+# All paths should be given relative to the root
+#
+
+EXTRA_DIST += \
+         mcapi/wolfssl.X/Makefile
+
+EXTRA_DIST += \
+         mcapi/wolfssl.X/nbproject/configurations.xml \
+         mcapi/wolfssl.X/nbproject/project.xml
+
diff --git a/3P/wolfssl/mcapi/wolfssl.X/nbproject/project.xml b/3P/wolfssl/mcapi/wolfssl.X/nbproject/project.xml
new file mode 100644
index 00000000..efab333a
--- /dev/null
+++ b/3P/wolfssl/mcapi/wolfssl.X/nbproject/project.xml
@@ -0,0 +1,17 @@
+
+
+    com.microchip.mplab.nbide.embedded.makeproject
+    
+        
+            wolfssl
+            93bbfc3a-a0fa-4d48-bbc8-6cd47a2bd05b
+            0
+            c
+            
+            
+            ISO-8859-1
+            
+            
+        
+    
+
diff --git a/3P/wolfssl/mcapi/zlib.X/Makefile b/3P/wolfssl/mcapi/zlib.X/Makefile
new file mode 100644
index 00000000..05a3fb1b
--- /dev/null
+++ b/3P/wolfssl/mcapi/zlib.X/Makefile
@@ -0,0 +1,108 @@
+#
+#  There exist several targets which are by default empty and which can be 
+#  used for execution of your targets. These targets are usually executed 
+#  before and after some main targets. They are: 
+#
+#     .build-pre:              called before 'build' target
+#     .build-post:             called after 'build' target
+#     .clean-pre:              called before 'clean' target
+#     .clean-post:             called after 'clean' target
+#     .clobber-pre:            called before 'clobber' target
+#     .clobber-post:           called after 'clobber' target
+#     .all-pre:                called before 'all' target
+#     .all-post:               called after 'all' target
+#     .help-pre:               called before 'help' target
+#     .help-post:              called after 'help' target
+#
+#  Targets beginning with '.' are not intended to be called on their own.
+#
+#  Main targets can be executed directly, and they are:
+#  
+#     build                    build a specific configuration
+#     clean                    remove built files from a configuration
+#     clobber                  remove all built files
+#     all                      build all configurations
+#     help                     print help mesage
+#  
+#  Targets .build-impl, .clean-impl, .clobber-impl, .all-impl, and
+#  .help-impl are implemented in nbproject/makefile-impl.mk.
+#
+#  Available make variables:
+#
+#     CND_BASEDIR                base directory for relative paths
+#     CND_DISTDIR                default top distribution directory (build artifacts)
+#     CND_BUILDDIR               default top build directory (object files, ...)
+#     CONF                       name of current configuration
+#     CND_ARTIFACT_DIR_${CONF}   directory of build artifact (current configuration)
+#     CND_ARTIFACT_NAME_${CONF}  name of build artifact (current configuration)
+#     CND_ARTIFACT_PATH_${CONF}  path to build artifact (current configuration)
+#     CND_PACKAGE_DIR_${CONF}    directory of package (current configuration)
+#     CND_PACKAGE_NAME_${CONF}   name of package (current configuration)
+#     CND_PACKAGE_PATH_${CONF}   path to package (current configuration)
+#
+# NOCDDL
+
+
+# Environment 
+MKDIR=mkdir
+CP=cp
+CCADMIN=CCadmin
+RANLIB=ranlib
+
+
+# build
+build: .build-post
+
+.build-pre:
+# Add your pre 'build' code here...
+
+.build-post: .build-impl
+# Add your post 'build' code here...
+
+
+# clean
+clean: .clean-post
+
+.clean-pre:
+# Add your pre 'clean' code here...
+
+.clean-post: .clean-impl
+# Add your post 'clean' code here...
+
+
+# clobber
+clobber: .clobber-post
+
+.clobber-pre:
+# Add your pre 'clobber' code here...
+
+.clobber-post: .clobber-impl
+# Add your post 'clobber' code here...
+
+
+# all
+all: .all-post
+
+.all-pre:
+# Add your pre 'all' code here...
+
+.all-post: .all-impl
+# Add your post 'all' code here...
+
+
+# help
+help: .help-post
+
+.help-pre:
+# Add your pre 'help' code here...
+
+.help-post: .help-impl
+# Add your post 'help' code here...
+
+
+
+# include project implementation makefile
+include nbproject/Makefile-impl.mk
+
+# include project make variables
+include nbproject/Makefile-variables.mk
diff --git a/3P/wolfssl/mcapi/zlib.X/nbproject/configurations.xml b/3P/wolfssl/mcapi/zlib.X/nbproject/configurations.xml
new file mode 100644
index 00000000..cf780f4e
--- /dev/null
+++ b/3P/wolfssl/mcapi/zlib.X/nbproject/configurations.xml
@@ -0,0 +1,210 @@
+
+
+  
+    
+    
+    
+    
+    
+      ../../zlib-1.2.8/adler32.c
+      ../../zlib-1.2.8/compress.c
+      ../../zlib-1.2.8/crc32.c
+      ../../zlib-1.2.8/deflate.c
+      ../../zlib-1.2.8/gzclose.c
+      ../../zlib-1.2.8/gzlib.c
+      ../../zlib-1.2.8/gzread.c
+      ../../zlib-1.2.8/gzwrite.c
+      ../../zlib-1.2.8/infback.c
+      ../../zlib-1.2.8/inffast.c
+      ../../zlib-1.2.8/inflate.c
+      ../../zlib-1.2.8/inftrees.c
+      ../../zlib-1.2.8/trees.c
+      ../../zlib-1.2.8/uncompr.c
+      ../../zlib-1.2.8/zutil.c
+    
+    
+      Makefile
+    
+  
+  Makefile
+  
+    
+      
+        localhost
+        PIC32MX795F512L
+        
+        
+        PKOBSKDEPlatformTool
+        XC32
+        1.34
+        4
+      
+      
+        
+          
+          
+        
+        
+        
+        
+          false
+          false
+          
+        
+      
+      
+        false
+        
+        false
+        
+        false
+        false
+        false
+      
+      
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+      
+      
+        
+      
+      
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+      
+      
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+      
+      
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+      
+      
+        
+        
+        
+        
+        
+        
+      
+      
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+      
+    
+  
+
diff --git a/3P/wolfssl/mcapi/zlib.X/nbproject/include.am b/3P/wolfssl/mcapi/zlib.X/nbproject/include.am
new file mode 100644
index 00000000..8cb88ca8
--- /dev/null
+++ b/3P/wolfssl/mcapi/zlib.X/nbproject/include.am
@@ -0,0 +1,10 @@
+# vim:ft=automake
+# All paths should be given relative to the root
+#
+
+EXTRA_DIST += \
+         mcapi/zlib.X/Makefile
+
+EXTRA_DIST += \
+         mcapi/zlib.X/nbproject/configurations.xml \
+         mcapi/zlib.X/nbproject/project.xml
diff --git a/3P/wolfssl/mcapi/zlib.X/nbproject/project.xml b/3P/wolfssl/mcapi/zlib.X/nbproject/project.xml
new file mode 100644
index 00000000..d3b07797
--- /dev/null
+++ b/3P/wolfssl/mcapi/zlib.X/nbproject/project.xml
@@ -0,0 +1,17 @@
+
+
+    com.microchip.mplab.nbide.embedded.makeproject
+    
+        
+            zlib
+            8eef651d-e634-46ae-9183-39443c98e390
+            0
+            c
+            
+            
+            ISO-8859-1
+            
+            
+        
+    
+
diff --git a/3P/wolfssl/mplabx/PIC32MZ-serial.h b/3P/wolfssl/mplabx/PIC32MZ-serial.h
new file mode 100644
index 00000000..97bd1e0b
--- /dev/null
+++ b/3P/wolfssl/mplabx/PIC32MZ-serial.h
@@ -0,0 +1,28 @@
+void _mon_putc(char c);
+
+static void init_serial() {
+    #ifdef MICROCHIP_PIC32
+#if defined (__32MZ2048ECH144__) || (__32MZ2048ECM144__)
+    /* Set up PB2 divisor for UART2 */
+    SYSKEY = 0x00000000;
+    SYSKEY = 0xAA996655;
+    SYSKEY = 0x556699AA;
+    PB2DIV = 0x00008808;
+    SYSKEY = 0x33333333;
+ 
+    /* UART2 Init */
+//    U2BRG = 0x0C;
+    U2BRG = 0x047;
+    ANSELBCLR = 0x4000;
+    ANSELGCLR = 0x0040;
+    RPB14R = 0x02;
+    U2RXR = 0x01;
+    U2MODE = 0x8000;
+    U2STA = 0x400;
+#elif defined __PIC32MX__
+    SYSTEMConfigPerformance(80000000);
+    DBINIT();
+#endif
+ 
+#endif
+}
diff --git a/3P/wolfssl/mplabx/README b/3P/wolfssl/mplabx/README
new file mode 100644
index 00000000..fcc6c00c
--- /dev/null
+++ b/3P/wolfssl/mplabx/README
@@ -0,0 +1,57 @@
+wolfSSL MPLAB X Project Files
+
+This directory contains project files for the Microchip MPLAB X IDE. These
+projects have been set up to use the Microchip PIC32 Ethernet Starter Kit
+and the Microchip XC32 compiler.
+
+In order to generate the necessary auto-generated MPLAB X files, make sure
+to import the wolfssl.X project into your MPLAB X workspace before trying to
+build either the wolfCrypt test or benchmark applications. This will
+correctly set up the respective project's Makefiles.
+
+Included Project Files
+-----------------------
+
+1. wolfSSL library (wolfssl.X)
+
+    This project builds a static wolfSSL library. Prior to building this
+    project, uncomment the MICROCHIP_PIC32 define located in:
+
+    /wolfssl/wolfcrypt/settings.h
+
+    After this project has been built, the compiled library will be located
+    at:
+
+    /mplabx/wolfssl.X/dist/default/production/wolfssl.X.a
+
+2. wolfCrypt Test App (wolfcrypt_test.X)
+    
+    This project tests the wolfCrypt cryptography modules. It is generally
+    a good idea to run this first on an embedded system after compiling
+    wolfSSL in order to verify all underlying crypto is working correctly.
+
+3. wolfCrypt Benchmark App (wolfcrypt_benchmark.X)
+    
+    This project builds the wolfCrypt benchmark application.
+    For the benchmark timer, adjust CLOCK value under
+    "#elif defined MICROCHIP_PIC32" in wolfcrypt/benchmark/benchmark.c
+
+PIC32MX/PIC32MZ
+---------------
+
+The projects are set for PIC32MX by default. For PIC32MZ, change project
+properties->Devices and add "CYASSL_MICROCHIP_PIC32M" to 
+XC32-gcc->Preprocessing and messages-> Preprocessor macros.
+
+
+MIPS16 and MIPS32 Support
+-------------------------
+
+These projects support both MIPS16 and MIPS32 instruction sets. Switching
+between these two instruction sets can be done in each project's properties
+settings by checking the "Generate 16-bit code" checkbox.
+
+Support
+-------
+Please send questions or comments to support@wolfssl.com
+
diff --git a/3P/wolfssl/mplabx/benchmark_main.c b/3P/wolfssl/mplabx/benchmark_main.c
new file mode 100644
index 00000000..d25c8bf4
--- /dev/null
+++ b/3P/wolfssl/mplabx/benchmark_main.c
@@ -0,0 +1,137 @@
+/* benchmark_main.c
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+#ifdef HAVE_CONFIG_H
+    #include 
+#endif
+
+#include 
+
+#if defined(WOLFSSL_MICROCHIP_PIC32MZ)
+    #define MICROCHIP_PIC32
+    #include 
+    #pragma config ICESEL = ICS_PGx2
+            /* ICE/ICD Comm Channel Select (Communicate on PGEC2/PGED2) */
+    #include 
+    #include 
+    #include "PIC32MZ-serial.h"
+    #define  SYSTEMConfigPerformance /* void out SYSTEMConfigPerformance(); */
+#else
+    #define PIC32_STARTER_KIT
+    #include 
+    #include 
+    #include 
+    #define init_serial() /* void out init_serial() ; */
+#endif
+
+void bench_des(void);
+void bench_arc4(void);
+void bench_hc128(void);
+void bench_rabbit(void);
+void bench_aes(int);
+void bench_aesgcm(void);
+
+void bench_md5(void);
+void bench_sha(void);
+void bench_sha256(void);
+void bench_sha512(void);
+void bench_ripemd(void);
+
+void bench_rsa(void);
+void bench_rsaKeyGen(void);
+void bench_dh(void);
+#ifdef HAVE_ECC
+void bench_eccKeyGen(void);
+void bench_eccKeyAgree(void);
+#endif
+
+/*
+ * Main driver for wolfCrypt benchmarks.
+ */
+int main(int argc, char** argv) {
+    volatile int i ;
+    int j ;
+
+    PRECONbits.PFMWS = 2;
+    PRECONbits.PREFEN = 0b11;
+
+    init_serial() ;  /* initialize PIC32MZ serial I/O */
+    SYSTEMConfigPerformance(80000000);
+    DBINIT();
+    printf("wolfCrypt Benchmark:\n");
+
+#ifndef NO_AES
+    bench_aes(0);
+    bench_aes(1);
+#endif
+#ifdef HAVE_AESGCM
+    bench_aesgcm();
+#endif
+#ifndef NO_RC4
+    bench_arc4();
+#endif
+#ifdef HAVE_HC128
+    bench_hc128();
+#endif
+#ifndef NO_RABBIT
+    bench_rabbit();
+#endif
+#ifndef NO_DES3
+    bench_des();
+#endif
+
+    printf("\n");
+
+#ifndef NO_MD5
+    bench_md5();
+#endif
+    bench_sha();
+#ifndef NO_SHA256
+    bench_sha256();
+#endif
+#ifdef WOLFSSL_SHA512
+    bench_sha512();
+#endif
+#ifdef CYASSL_RIPEMD
+    bench_ripemd();
+#endif
+
+    printf("\n");
+
+#ifndef NO_RSA
+    bench_rsa();
+#endif
+
+#ifndef NO_DH
+    bench_dh();
+#endif
+
+#if defined(WOLFSSL_KEY_GEN) && !defined(NO_RSA)
+    bench_rsaKeyGen();
+#endif
+
+#ifdef HAVE_ECC
+    bench_eccKeyGen();
+    bench_eccKeyAgree();
+#endif
+    printf("End of wolfCrypt Benchmark:\n");
+    return 0;
+}
+
diff --git a/3P/wolfssl/mplabx/include.am b/3P/wolfssl/mplabx/include.am
new file mode 100644
index 00000000..b63cdeca
--- /dev/null
+++ b/3P/wolfssl/mplabx/include.am
@@ -0,0 +1,10 @@
+# vim:ft=automake
+# All paths should be given relative to the root
+#
+
+EXTRA_DIST += \
+         mplabx/PIC32MZ-serial.h \
+		 mplabx/README \
+		 mplabx/benchmark_main.c \
+		 mplabx/test_main.c
+
diff --git a/3P/wolfssl/mplabx/test_main.c b/3P/wolfssl/mplabx/test_main.c
new file mode 100644
index 00000000..1ed008a3
--- /dev/null
+++ b/3P/wolfssl/mplabx/test_main.c
@@ -0,0 +1,77 @@
+/* main.c
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+#ifdef HAVE_CONFIG_H
+    #include 
+#endif
+
+#include 
+
+#if defined(WOLFSSL_MICROCHIP_PIC32MZ)
+    #define MICROCHIP_PIC32
+    #include 
+    #pragma config ICESEL = ICS_PGx2
+            /* ICE/ICD Comm Channel Select (Communicate on PGEC2/PGED2) */
+    #include 
+    #include 
+    #include "PIC32MZ-serial.h"
+    #define  SYSTEMConfigPerformance /* void out SYSTEMConfigPerformance(); */
+#else
+    #define PIC32_STARTER_KIT
+    #include 
+    #include 
+    #include 
+    #include 
+    #include 
+    #define init_serial()  /* void out init_serial() */
+#endif
+
+/* func_args from test.h, so don't have to pull in other junk */
+typedef struct func_args {
+    int    argc;
+    char** argv;
+    int    return_code;
+} func_args;
+
+/*
+ * Main driver for WolfCrypt tests.
+ */
+int main(int argc, char** argv) {
+    int i ;
+
+    init_serial() ;  /* initialize PIC32MZ serial I/O */
+    SYSTEMConfigPerformance(80000000);
+    DBINIT();
+    printf("WolfCrypt Test:\n");
+    func_args args;
+
+    args.argc = argc;
+    args.argv = argv;
+
+    wolfcrypt_test(&args);
+
+    if (args.return_code == 0) {
+        printf("All tests passed!\n");
+    }
+    
+    return 0;
+}
+
diff --git a/3P/wolfssl/mplabx/wolfcrypt_benchmark.X/Makefile b/3P/wolfssl/mplabx/wolfcrypt_benchmark.X/Makefile
new file mode 100755
index 00000000..447582bc
--- /dev/null
+++ b/3P/wolfssl/mplabx/wolfcrypt_benchmark.X/Makefile
@@ -0,0 +1,108 @@
+#
+#  There exist several targets which are by default empty and which can be 
+#  used for execution of your targets. These targets are usually executed 
+#  before and after some main targets. They are: 
+#
+#     .build-pre:              called before 'build' target
+#     .build-post:             called after 'build' target
+#     .clean-pre:              called before 'clean' target
+#     .clean-post:             called after 'clean' target
+#     .clobber-pre:            called before 'clobber' target
+#     .clobber-post:           called after 'clobber' target
+#     .all-pre:                called before 'all' target
+#     .all-post:               called after 'all' target
+#     .help-pre:               called before 'help' target
+#     .help-post:              called after 'help' target
+#
+#  Targets beginning with '.' are not intended to be called on their own.
+#
+#  Main targets can be executed directly, and they are:
+#  
+#     build                    build a specific configuration
+#     clean                    remove built files from a configuration
+#     clobber                  remove all built files
+#     all                      build all configurations
+#     help                     print help mesage
+#  
+#  Targets .build-impl, .clean-impl, .clobber-impl, .all-impl, and
+#  .help-impl are implemented in nbproject/makefile-impl.mk.
+#
+#  Available make variables:
+#
+#     CND_BASEDIR                base directory for relative paths
+#     CND_DISTDIR                default top distribution directory (build artifacts)
+#     CND_BUILDDIR               default top build directory (object files, ...)
+#     CONF                       name of current configuration
+#     CND_ARTIFACT_DIR_${CONF}   directory of build artifact (current configuration)
+#     CND_ARTIFACT_NAME_${CONF}  name of build artifact (current configuration)
+#     CND_ARTIFACT_PATH_${CONF}  path to build artifact (current configuration)
+#     CND_PACKAGE_DIR_${CONF}    directory of package (current configuration)
+#     CND_PACKAGE_NAME_${CONF}   name of package (current configuration)
+#     CND_PACKAGE_PATH_${CONF}   path to package (current configuration)
+#
+# NOCDDL
+
+
+# Environment 
+MKDIR=mkdir
+CP=cp
+CCADMIN=CCadmin
+RANLIB=ranlib
+
+
+# build
+build: .build-post
+
+.build-pre:
+# Add your pre 'build' code here...
+
+.build-post: .build-impl
+# Add your post 'build' code here...
+
+
+# clean
+clean: .clean-post
+
+.clean-pre:
+# Add your pre 'clean' code here...
+
+.clean-post: .clean-impl
+# Add your post 'clean' code here...
+
+
+# clobber
+clobber: .clobber-post
+
+.clobber-pre:
+# Add your pre 'clobber' code here...
+
+.clobber-post: .clobber-impl
+# Add your post 'clobber' code here...
+
+
+# all
+all: .all-post
+
+.all-pre:
+# Add your pre 'all' code here...
+
+.all-post: .all-impl
+# Add your post 'all' code here...
+
+
+# help
+help: .help-post
+
+.help-pre:
+# Add your pre 'help' code here...
+
+.help-post: .help-impl
+# Add your post 'help' code here...
+
+
+
+# include project implementation makefile
+include nbproject/Makefile-impl.mk
+
+# include project make variables
+include nbproject/Makefile-variables.mk
diff --git a/3P/wolfssl/mplabx/wolfcrypt_benchmark.X/nbproject/configurations.xml b/3P/wolfssl/mplabx/wolfcrypt_benchmark.X/nbproject/configurations.xml
new file mode 100755
index 00000000..cdd096f4
--- /dev/null
+++ b/3P/wolfssl/mplabx/wolfcrypt_benchmark.X/nbproject/configurations.xml
@@ -0,0 +1,218 @@
+
+
+  
+    
+    
+    
+    
+    
+      ../../wolfcrypt/benchmark/benchmark.c
+      ../benchmark_main.c
+    
+    
+      Makefile
+    
+  
+  
+    ..
+    ../../wolfcrypt/benchmark
+  
+  Makefile
+  
+    
+      
+        localhost
+        PIC32MX795F512L
+        
+        
+        PKOBSKDEPlatformTool
+        XC32
+        
+        4
+      
+      
+        
+          
+            
+              
+              
+            
+          
+        
+        
+        
+        
+          false
+          false
+          
+        
+      
+      
+        false
+        
+        false
+        
+        false
+        false
+        false
+      
+      
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+      
+      
+        
+      
+      
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+      
+      
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+      
+      
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+      
+      
+        
+        
+        
+        
+        
+        
+      
+      
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+      
+    
+  
+
diff --git a/3P/wolfssl/mplabx/wolfcrypt_benchmark.X/nbproject/include.am b/3P/wolfssl/mplabx/wolfcrypt_benchmark.X/nbproject/include.am
new file mode 100755
index 00000000..8fccbc72
--- /dev/null
+++ b/3P/wolfssl/mplabx/wolfcrypt_benchmark.X/nbproject/include.am
@@ -0,0 +1,11 @@
+# vim:ft=automake
+# All paths should be given relative to the root
+#
+
+EXTRA_DIST += \
+         mplabx/wolfcrypt_benchmark.X/Makefile
+
+EXTRA_DIST += \
+         mplabx/wolfcrypt_benchmark.X/nbproject/configurations.xml \
+         mplabx/wolfcrypt_benchmark.X/nbproject/project.xml
+
diff --git a/3P/wolfssl/mplabx/wolfcrypt_benchmark.X/nbproject/project.xml b/3P/wolfssl/mplabx/wolfcrypt_benchmark.X/nbproject/project.xml
new file mode 100755
index 00000000..52724d60
--- /dev/null
+++ b/3P/wolfssl/mplabx/wolfcrypt_benchmark.X/nbproject/project.xml
@@ -0,0 +1,19 @@
+
+
+    com.microchip.mplab.nbide.embedded.makeproject
+    
+        
+            wolfcrypt_benchmark
+            22e4138b-5f20-4957-ac0a-c181b94d3342
+            0
+            c
+            
+            
+            ISO-8859-1
+            
+            
+                ../wolfssl.X
+            
+        
+    
+
diff --git a/3P/wolfssl/mplabx/wolfcrypt_test.X/Makefile b/3P/wolfssl/mplabx/wolfcrypt_test.X/Makefile
new file mode 100755
index 00000000..447582bc
--- /dev/null
+++ b/3P/wolfssl/mplabx/wolfcrypt_test.X/Makefile
@@ -0,0 +1,108 @@
+#
+#  There exist several targets which are by default empty and which can be 
+#  used for execution of your targets. These targets are usually executed 
+#  before and after some main targets. They are: 
+#
+#     .build-pre:              called before 'build' target
+#     .build-post:             called after 'build' target
+#     .clean-pre:              called before 'clean' target
+#     .clean-post:             called after 'clean' target
+#     .clobber-pre:            called before 'clobber' target
+#     .clobber-post:           called after 'clobber' target
+#     .all-pre:                called before 'all' target
+#     .all-post:               called after 'all' target
+#     .help-pre:               called before 'help' target
+#     .help-post:              called after 'help' target
+#
+#  Targets beginning with '.' are not intended to be called on their own.
+#
+#  Main targets can be executed directly, and they are:
+#  
+#     build                    build a specific configuration
+#     clean                    remove built files from a configuration
+#     clobber                  remove all built files
+#     all                      build all configurations
+#     help                     print help mesage
+#  
+#  Targets .build-impl, .clean-impl, .clobber-impl, .all-impl, and
+#  .help-impl are implemented in nbproject/makefile-impl.mk.
+#
+#  Available make variables:
+#
+#     CND_BASEDIR                base directory for relative paths
+#     CND_DISTDIR                default top distribution directory (build artifacts)
+#     CND_BUILDDIR               default top build directory (object files, ...)
+#     CONF                       name of current configuration
+#     CND_ARTIFACT_DIR_${CONF}   directory of build artifact (current configuration)
+#     CND_ARTIFACT_NAME_${CONF}  name of build artifact (current configuration)
+#     CND_ARTIFACT_PATH_${CONF}  path to build artifact (current configuration)
+#     CND_PACKAGE_DIR_${CONF}    directory of package (current configuration)
+#     CND_PACKAGE_NAME_${CONF}   name of package (current configuration)
+#     CND_PACKAGE_PATH_${CONF}   path to package (current configuration)
+#
+# NOCDDL
+
+
+# Environment 
+MKDIR=mkdir
+CP=cp
+CCADMIN=CCadmin
+RANLIB=ranlib
+
+
+# build
+build: .build-post
+
+.build-pre:
+# Add your pre 'build' code here...
+
+.build-post: .build-impl
+# Add your post 'build' code here...
+
+
+# clean
+clean: .clean-post
+
+.clean-pre:
+# Add your pre 'clean' code here...
+
+.clean-post: .clean-impl
+# Add your post 'clean' code here...
+
+
+# clobber
+clobber: .clobber-post
+
+.clobber-pre:
+# Add your pre 'clobber' code here...
+
+.clobber-post: .clobber-impl
+# Add your post 'clobber' code here...
+
+
+# all
+all: .all-post
+
+.all-pre:
+# Add your pre 'all' code here...
+
+.all-post: .all-impl
+# Add your post 'all' code here...
+
+
+# help
+help: .help-post
+
+.help-pre:
+# Add your pre 'help' code here...
+
+.help-post: .help-impl
+# Add your post 'help' code here...
+
+
+
+# include project implementation makefile
+include nbproject/Makefile-impl.mk
+
+# include project make variables
+include nbproject/Makefile-variables.mk
diff --git a/3P/wolfssl/mplabx/wolfcrypt_test.X/nbproject/configurations.xml b/3P/wolfssl/mplabx/wolfcrypt_test.X/nbproject/configurations.xml
new file mode 100755
index 00000000..48a1d646
--- /dev/null
+++ b/3P/wolfssl/mplabx/wolfcrypt_test.X/nbproject/configurations.xml
@@ -0,0 +1,218 @@
+
+
+  
+    
+    
+    
+    
+    
+      ../test_main.c
+      ../../wolfcrypt/test/test.c
+    
+    
+      Makefile
+    
+  
+  
+    ..
+    ../../wolfcrypt/test
+  
+  Makefile
+  
+    
+      
+        localhost
+        PIC32MX795F512L
+        
+        
+        PKOBSKDEPlatformTool
+        XC32
+        
+        4
+      
+      
+        
+          
+            
+              
+              
+            
+          
+        
+        
+        
+        
+          false
+          false
+          
+        
+      
+      
+        false
+        
+        false
+        
+        false
+        false
+        false
+      
+      
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+      
+      
+        
+      
+      
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+      
+      
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+      
+      
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+      
+      
+        
+        
+        
+        
+        
+        
+      
+      
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+      
+    
+  
+
diff --git a/3P/wolfssl/mplabx/wolfcrypt_test.X/nbproject/include.am b/3P/wolfssl/mplabx/wolfcrypt_test.X/nbproject/include.am
new file mode 100755
index 00000000..840e8797
--- /dev/null
+++ b/3P/wolfssl/mplabx/wolfcrypt_test.X/nbproject/include.am
@@ -0,0 +1,11 @@
+# vim:ft=automake
+# All paths should be given relative to the root
+#
+
+EXTRA_DIST += \
+         mplabx/wolfcrypt_test.X/Makefile
+
+EXTRA_DIST += \
+         mplabx/wolfcrypt_test.X/nbproject/configurations.xml \
+         mplabx/wolfcrypt_test.X/nbproject/project.xml
+
diff --git a/3P/wolfssl/mplabx/wolfcrypt_test.X/nbproject/project.xml b/3P/wolfssl/mplabx/wolfcrypt_test.X/nbproject/project.xml
new file mode 100755
index 00000000..b9a11fa1
--- /dev/null
+++ b/3P/wolfssl/mplabx/wolfcrypt_test.X/nbproject/project.xml
@@ -0,0 +1,19 @@
+
+
+    com.microchip.mplab.nbide.embedded.makeproject
+    
+        
+            wolfcrypt_test
+            b34c4937-7042-4352-88b1-7717bcdf8aeb
+            0
+            c
+            
+            
+            ISO-8859-1
+            
+            
+                ../wolfssl.X
+            
+        
+    
+
diff --git a/3P/wolfssl/mplabx/wolfssl.X/Makefile b/3P/wolfssl/mplabx/wolfssl.X/Makefile
new file mode 100755
index 00000000..447582bc
--- /dev/null
+++ b/3P/wolfssl/mplabx/wolfssl.X/Makefile
@@ -0,0 +1,108 @@
+#
+#  There exist several targets which are by default empty and which can be 
+#  used for execution of your targets. These targets are usually executed 
+#  before and after some main targets. They are: 
+#
+#     .build-pre:              called before 'build' target
+#     .build-post:             called after 'build' target
+#     .clean-pre:              called before 'clean' target
+#     .clean-post:             called after 'clean' target
+#     .clobber-pre:            called before 'clobber' target
+#     .clobber-post:           called after 'clobber' target
+#     .all-pre:                called before 'all' target
+#     .all-post:               called after 'all' target
+#     .help-pre:               called before 'help' target
+#     .help-post:              called after 'help' target
+#
+#  Targets beginning with '.' are not intended to be called on their own.
+#
+#  Main targets can be executed directly, and they are:
+#  
+#     build                    build a specific configuration
+#     clean                    remove built files from a configuration
+#     clobber                  remove all built files
+#     all                      build all configurations
+#     help                     print help mesage
+#  
+#  Targets .build-impl, .clean-impl, .clobber-impl, .all-impl, and
+#  .help-impl are implemented in nbproject/makefile-impl.mk.
+#
+#  Available make variables:
+#
+#     CND_BASEDIR                base directory for relative paths
+#     CND_DISTDIR                default top distribution directory (build artifacts)
+#     CND_BUILDDIR               default top build directory (object files, ...)
+#     CONF                       name of current configuration
+#     CND_ARTIFACT_DIR_${CONF}   directory of build artifact (current configuration)
+#     CND_ARTIFACT_NAME_${CONF}  name of build artifact (current configuration)
+#     CND_ARTIFACT_PATH_${CONF}  path to build artifact (current configuration)
+#     CND_PACKAGE_DIR_${CONF}    directory of package (current configuration)
+#     CND_PACKAGE_NAME_${CONF}   name of package (current configuration)
+#     CND_PACKAGE_PATH_${CONF}   path to package (current configuration)
+#
+# NOCDDL
+
+
+# Environment 
+MKDIR=mkdir
+CP=cp
+CCADMIN=CCadmin
+RANLIB=ranlib
+
+
+# build
+build: .build-post
+
+.build-pre:
+# Add your pre 'build' code here...
+
+.build-post: .build-impl
+# Add your post 'build' code here...
+
+
+# clean
+clean: .clean-post
+
+.clean-pre:
+# Add your pre 'clean' code here...
+
+.clean-post: .clean-impl
+# Add your post 'clean' code here...
+
+
+# clobber
+clobber: .clobber-post
+
+.clobber-pre:
+# Add your pre 'clobber' code here...
+
+.clobber-post: .clobber-impl
+# Add your post 'clobber' code here...
+
+
+# all
+all: .all-post
+
+.all-pre:
+# Add your pre 'all' code here...
+
+.all-post: .all-impl
+# Add your post 'all' code here...
+
+
+# help
+help: .help-post
+
+.help-pre:
+# Add your pre 'help' code here...
+
+.help-post: .help-impl
+# Add your post 'help' code here...
+
+
+
+# include project implementation makefile
+include nbproject/Makefile-impl.mk
+
+# include project make variables
+include nbproject/Makefile-variables.mk
diff --git a/3P/wolfssl/mplabx/wolfssl.X/nbproject/configurations.xml b/3P/wolfssl/mplabx/wolfssl.X/nbproject/configurations.xml
new file mode 100755
index 00000000..3eab9323
--- /dev/null
+++ b/3P/wolfssl/mplabx/wolfssl.X/nbproject/configurations.xml
@@ -0,0 +1,251 @@
+
+
+  
+    
+    
+    
+    
+    
+      
+        ../../wolfcrypt/src/aes.c
+        ../../wolfcrypt/src/arc4.c
+        ../../wolfcrypt/src/asm.c
+        ../../wolfcrypt/src/asn.c
+        ../../wolfcrypt/src/blake2b.c
+        ../../wolfcrypt/src/camellia.c
+        ../../wolfcrypt/src/chacha.c
+        ../../wolfcrypt/src/coding.c
+        ../../wolfcrypt/src/compress.c
+        ../../wolfcrypt/src/des3.c
+        ../../wolfcrypt/src/dh.c
+        ../../wolfcrypt/src/dsa.c
+        ../../wolfcrypt/src/ecc.c
+        ../../wolfcrypt/src/ecc_fp.c
+        ../../wolfcrypt/src/error.c
+        ../../wolfcrypt/src/hc128.c
+        ../../wolfcrypt/src/hmac.c
+        ../../wolfcrypt/src/integer.c
+        ../../wolfcrypt/src/logging.c
+        ../../wolfcrypt/src/md2.c
+        ../../wolfcrypt/src/md4.c
+        ../../wolfcrypt/src/md5.c
+        ../../wolfcrypt/src/memory.c
+        ../../wolfcrypt/src/misc.c
+        ../../wolfcrypt/src/pkcs7.c
+        ../../wolfcrypt/src/poly1305.c
+        ../../wolfcrypt/src/pwdbased.c
+        ../../wolfcrypt/src/rabbit.c
+        ../../wolfcrypt/src/random.c
+        ../../wolfcrypt/src/ripemd.c
+        ../../wolfcrypt/src/rsa.c
+        ../../wolfcrypt/src/sha.c
+        ../../wolfcrypt/src/sha256.c
+        ../../wolfcrypt/src/sha512.c
+        ../../wolfcrypt/src/tfm.c
+        ../../wolfcrypt/src/wc_port.c
+        ../../wolfcrypt/src/port/pic32/pic32mz-hash.c
+      
+      
+        ../../src/crl.c
+        ../../src/internal.c
+        ../../src/io.c
+        ../../src/keys.c
+        ../../src/ocsp.c
+        ../../src/sniffer.c
+        ../../src/ssl.c
+        ../../src/tls.c
+      
+    
+    
+      Makefile
+    
+  
+  
+    ..
+    ../../cyassl/ctaocrypt
+    ../../ctaocrypt/src
+    ../../src
+    ../../wolfcrypt/src
+  
+  Makefile
+  
+    
+      
+        localhost
+        PIC32MX795F512L
+        
+        
+        PKOBSKDEPlatformTool
+        XC32
+        
+        4
+      
+      
+        
+          
+          
+        
+        
+        
+        
+          false
+          false
+          
+        
+      
+      
+        false
+        
+        false
+        
+        false
+        false
+        false
+      
+      
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+      
+      
+        
+      
+      
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+      
+      
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+      
+      
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+      
+      
+        
+        
+        
+        
+        
+        
+      
+      
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+      
+    
+  
+
diff --git a/3P/wolfssl/mplabx/wolfssl.X/nbproject/include.am b/3P/wolfssl/mplabx/wolfssl.X/nbproject/include.am
new file mode 100755
index 00000000..510c26ae
--- /dev/null
+++ b/3P/wolfssl/mplabx/wolfssl.X/nbproject/include.am
@@ -0,0 +1,10 @@
+# vim:ft=automake
+# All paths should be given relative to the root
+#
+
+EXTRA_DIST += \
+         mplabx/wolfssl.X/Makefile
+
+EXTRA_DIST += \
+         mplabx/wolfssl.X/nbproject/configurations.xml \
+         mplabx/wolfssl.X/nbproject/project.xml
diff --git a/3P/wolfssl/mplabx/wolfssl.X/nbproject/project.xml b/3P/wolfssl/mplabx/wolfssl.X/nbproject/project.xml
new file mode 100755
index 00000000..efab333a
--- /dev/null
+++ b/3P/wolfssl/mplabx/wolfssl.X/nbproject/project.xml
@@ -0,0 +1,17 @@
+
+
+    com.microchip.mplab.nbide.embedded.makeproject
+    
+        
+            wolfssl
+            93bbfc3a-a0fa-4d48-bbc8-6cd47a2bd05b
+            0
+            c
+            
+            
+            ISO-8859-1
+            
+            
+        
+    
+
diff --git a/3P/wolfssl/mqx/README b/3P/wolfssl/mqx/README
new file mode 100644
index 00000000..d9978537
--- /dev/null
+++ b/3P/wolfssl/mqx/README
@@ -0,0 +1,41 @@
+CyaSSL Freescale CodeWarrior Project Files
+
+This directory contains project files for Freescale CodeWarrior 10.6 with
+the Freescale GCC compiler. These project have been created to use MQX, RTCS,
+and MFS on the Freescale Kinetis K70 Tower System (TWRK70F120M).
+
+Included Project Files
+-----------------------
+
+1. CyaSSL library (/cyassl)
+
+    Prior to building this project, uncomment the FREESCALE_MQX define 
+    located in:
+
+    /cyassl/ctaocrypt/settings.h
+
+2. wolfCrypt Test App (/wolfcrypt_test)
+
+3. Example CyaSSL Client (/cyassl_client)
+
+4. Utility library (/util_lib)
+
+    This library is used by the CyaSSL example client project and wolfCrypt
+    test app project for opening/closing the SD card, etc.
+
+Importing into CodeWarrior Workspace
+------------------------------------
+
+These projects can be imported into a CodeWarrior workspace using the standard
+"Import Project" feature. To import a project from CodeWarrior, follow
+these steps:
+
+1. File -> Import
+2. General -> Existing Projects into Workspace
+3. Select Root Directory (browse to this "/mqx" directory)
+4. Select desired projects -> Finish
+
+Keep in mind that the projects above reference CyaSSL source files and header
+files with relative paths to the projects' current location in the
+/mqx directory.
+
diff --git a/3P/wolfssl/mqx/cyassl/.cproject b/3P/wolfssl/mqx/cyassl/.cproject
new file mode 100644
index 00000000..4f616bec
--- /dev/null
+++ b/3P/wolfssl/mqx/cyassl/.cproject
@@ -0,0 +1,1145 @@
+
+
+
+
+	
+		
+			
+				
+				
+					
+					
+					
+					
+					
+					
+					
+				
+			
+			
+				
+					
+						
+							
+					
+					
+					
+					
+					
+						
+					
+				
+			
+			
+		
+		
+			
+				
+				
+					
+					
+					
+					
+					
+					
+					
+				
+			
+			
+				
+					
+						
+							
+					
+					
+					
+					
+					
+						
+					
+				
+			
+			
+		
+		
+			
+				
+				
+					
+					
+					
+					
+					
+					
+					
+				
+			
+			
+				
+					
+						
+							
+					
+					
+					
+					
+					
+						
+					
+				
+			
+			
+		
+		
+			
+				
+				
+					
+					
+					
+					
+					
+					
+					
+				
+			
+			
+				
+					
+						
+							
+					
+					
+					
+					
+					
+						
+					
+				
+			
+			
+		
+	
+	
+	
+		
+	
+	
+	
+		
+			
+		
+		
+			
+		
+		
+		
+			
+		
+	
+	
+	
+		
+		
+			
+				
+				
+			
+			
+				
+				
+			
+		
+		
+			
+				
+				
+			
+			
+				
+				
+			
+		
+		
+			
+				
+				
+			
+			
+				
+				
+			
+		
+		
+			
+				
+				
+			
+			
+				
+				
+			
+		
+		
+			
+			
+				
+					
+					
+				
+				
+					
+					
+				
+			
+			
+				
+					
+					
+				
+				
+					
+					
+				
+			
+			
+				
+					
+					
+				
+				
+					
+					
+				
+			
+			
+				
+					
+					
+				
+				
+					
+					
+				
+			
+		
+		
+			
+			
+				
+					
+					
+				
+				
+					
+					
+				
+			
+			
+				
+					
+					
+				
+				
+					
+					
+				
+			
+			
+				
+					
+					
+				
+				
+					
+					
+				
+			
+			
+				
+					
+					
+				
+				
+					
+					
+				
+			
+		
+		
+			
+			
+				
+					
+					
+				
+				
+					
+					
+				
+			
+			
+				
+					
+					
+				
+				
+					
+					
+				
+			
+			
+				
+					
+					
+				
+				
+					
+					
+				
+			
+			
+				
+					
+					
+				
+				
+					
+					
+				
+			
+			
+				
+					
+					
+				
+				
+					
+					
+				
+			
+		
+		
+			
+			
+				
+					
+					
+				
+				
+					
+					
+				
+			
+			
+				
+					
+					
+				
+				
+					
+					
+				
+			
+			
+				
+					
+					
+				
+				
+					
+					
+				
+			
+			
+				
+					
+					
+				
+				
+					
+					
+				
+			
+		
+		
+			
+			
+				
+					
+					
+				
+				
+					
+					
+				
+			
+			
+				
+					
+					
+				
+				
+					
+					
+				
+			
+			
+				
+					
+					
+				
+				
+					
+					
+				
+			
+			
+				
+					
+					
+				
+				
+					
+					
+				
+			
+		
+		
+			
+			
+				
+					
+					
+				
+				
+					
+					
+				
+			
+			
+				
+					
+					
+				
+				
+					
+					
+				
+			
+			
+				
+					
+					
+				
+				
+					
+					
+				
+			
+			
+				
+					
+					
+				
+				
+					
+					
+				
+			
+		
+		
+			
+			
+				
+					
+					
+				
+				
+					
+					
+				
+			
+			
+				
+					
+					
+				
+				
+					
+					
+				
+			
+			
+				
+					
+					
+				
+				
+					
+					
+				
+			
+			
+				
+					
+					
+				
+				
+					
+					
+				
+			
+		
+		
+			
+			
+				
+					
+					
+				
+				
+					
+					
+				
+			
+			
+				
+					
+					
+				
+				
+					
+					
+				
+			
+			
+				
+					
+					
+				
+				
+					
+					
+				
+			
+			
+				
+					
+					
+				
+				
+					
+					
+				
+			
+		
+		
+			
+			
+				
+					
+					
+				
+				
+					
+					
+				
+			
+			
+				
+					
+					
+				
+				
+					
+					
+				
+			
+			
+				
+					
+					
+				
+				
+					
+					
+				
+			
+			
+				
+					
+					
+				
+				
+					
+					
+				
+			
+		
+		
+			
+			
+				
+					
+					
+				
+				
+					
+					
+				
+			
+			
+				
+					
+					
+				
+				
+					
+					
+				
+			
+			
+				
+					
+					
+				
+				
+					
+					
+				
+			
+			
+				
+					
+					
+				
+				
+					
+					
+				
+			
+		
+		
+			
+			
+				
+					
+					
+				
+				
+					
+					
+				
+			
+			
+				
+					
+					
+				
+				
+					
+					
+				
+			
+			
+				
+					
+					
+				
+				
+					
+					
+				
+			
+			
+				
+					
+					
+				
+				
+					
+					
+				
+			
+		
+		
+			
+			
+				
+					
+					
+				
+				
+					
+					
+				
+			
+			
+				
+					
+					
+				
+				
+					
+					
+				
+			
+			
+				
+					
+					
+				
+				
+					
+					
+				
+			
+			
+				
+					
+					
+				
+				
+					
+					
+				
+			
+		
+		
+			
+			
+				
+					
+					
+				
+				
+					
+					
+				
+			
+			
+				
+					
+					
+				
+				
+					
+					
+				
+			
+			
+				
+					
+					
+				
+				
+					
+					
+				
+			
+			
+				
+					
+					
+				
+				
+					
+					
+				
+			
+		
+	
+
diff --git a/3P/wolfssl/mqx/cyassl/.project b/3P/wolfssl/mqx/cyassl/.project
new file mode 100644
index 00000000..715eadbd
--- /dev/null
+++ b/3P/wolfssl/mqx/cyassl/.project
@@ -0,0 +1,48 @@
+
+
+	cyassl
+	
+	
+	
+	
+		
+			org.eclipse.cdt.managedbuilder.core.genmakebuilder
+			
+			
+		
+		
+			org.eclipse.cdt.managedbuilder.core.ScannerConfigBuilder
+			full,incremental,
+			
+			
+		
+	
+	
+		org.eclipse.cdt.core.cnature
+		org.eclipse.cdt.managedbuilder.core.managedBuildNature
+		org.eclipse.cdt.managedbuilder.core.ScannerConfigNature
+	
+	
+		
+			twrk70f120m_Int_Flash_DDRData_Debug
+			2
+			PARENT-5-PROJECT_LOC/Documents/GitHub/cyassl/mqx/cyassl/twrk70f120m_Int_Flash_DDRData_Debug/build-cyassl-twrk70f120m_Int_Flash_DDRData_Debug
+		
+		
+			Sources/ctaocrypt_src
+			2
+			PARENT-2-PROJECT_LOC/ctaocrypt/src
+		
+		
+			Sources/cyassl_src
+			2
+			PARENT-2-PROJECT_LOC/src
+		
+	
+	
+		
+			MQX_ROOT_DIR
+			file:/C:/Freescale/Freescale_MQX_4_1
+		
+	
+
diff --git a/3P/wolfssl/mqx/cyassl/include.am b/3P/wolfssl/mqx/cyassl/include.am
new file mode 100644
index 00000000..509e078a
--- /dev/null
+++ b/3P/wolfssl/mqx/cyassl/include.am
@@ -0,0 +1,11 @@
+# vim:ft=automake
+# All paths should be given relative to the root
+#
+
+EXTRA_DIST += \
+         mqx/README
+
+EXTRA_DIST += \
+         mqx/cyassl/.cproject \
+         mqx/cyassl/.project
+
diff --git a/3P/wolfssl/mqx/util_lib/.cproject b/3P/wolfssl/mqx/util_lib/.cproject
new file mode 100644
index 00000000..5c4fc14e
--- /dev/null
+++ b/3P/wolfssl/mqx/util_lib/.cproject
@@ -0,0 +1,541 @@
+
+
+
+
+	
+		
+			
+				
+				
+					
+					
+					
+					
+					
+					
+					
+				
+			
+			
+				
+					
+						
+							
+					
+					
+					
+					
+					
+						
+					
+				
+			
+			
+		
+		
+			
+				
+				
+					
+					
+					
+					
+					
+					
+					
+				
+			
+			
+				
+					
+						
+							
+					
+					
+					
+					
+					
+						
+					
+				
+			
+			
+		
+		
+			
+				
+				
+					
+					
+					
+					
+					
+					
+					
+				
+			
+			
+				
+					
+						
+							
+					
+					
+					
+					
+					
+						
+					
+				
+			
+			
+		
+		
+			
+				
+				
+					
+					
+					
+					
+					
+					
+					
+				
+			
+			
+				
+					
+						
+							
+					
+					
+					
+					
+					
+						
+					
+				
+			
+			
+		
+	
+	
+	
+		
+	
+	
+	
+		
+			
+		
+		
+			
+		
+		
+			
+		
+		
+			
+		
+	
+	
+		
+		
+			
+		
+		
+			
+		
+		
+			
+		
+		
+			
+		
+		
+			
+		
+		
+			
+		
+		
+			
+		
+		
+			
+		
+	
+
diff --git a/3P/wolfssl/mqx/util_lib/.project b/3P/wolfssl/mqx/util_lib/.project
new file mode 100644
index 00000000..5f5f5ffa
--- /dev/null
+++ b/3P/wolfssl/mqx/util_lib/.project
@@ -0,0 +1,31 @@
+
+
+	util_lib
+	
+	
+	
+	
+		
+			org.eclipse.cdt.managedbuilder.core.genmakebuilder
+			
+			
+		
+		
+			org.eclipse.cdt.managedbuilder.core.ScannerConfigBuilder
+			full,incremental,
+			
+			
+		
+	
+	
+		org.eclipse.cdt.core.cnature
+		org.eclipse.cdt.managedbuilder.core.managedBuildNature
+		org.eclipse.cdt.managedbuilder.core.ScannerConfigNature
+	
+	
+		
+			MQX_ROOT_DIR
+			file:/C:/Freescale/Freescale_MQX_4_1
+		
+	
+
diff --git a/3P/wolfssl/mqx/util_lib/Sources/include.am b/3P/wolfssl/mqx/util_lib/Sources/include.am
new file mode 100644
index 00000000..4b54a5a6
--- /dev/null
+++ b/3P/wolfssl/mqx/util_lib/Sources/include.am
@@ -0,0 +1,12 @@
+# vim:ft=automake
+# All paths should be given relative to the root
+#
+
+EXTRA_DIST += \
+         mqx/util_lib/.cproject \
+         mqx/util_lib/.project
+
+EXTRA_DIST += \
+         mqx/util_lib/Sources/util.c \
+         mqx/util_lib/Sources/util.h
+
diff --git a/3P/wolfssl/mqx/util_lib/Sources/util.c b/3P/wolfssl/mqx/util_lib/Sources/util.c
new file mode 100644
index 00000000..c7ce08bc
--- /dev/null
+++ b/3P/wolfssl/mqx/util_lib/Sources/util.c
@@ -0,0 +1,180 @@
+/* util.c */
+
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+
+#include "util.h"
+
+#if !BSPCFG_ENABLE_IO_SUBSYSTEM
+    #error This application requires BSPCFG_ENABLE_IO_SUBSYSTEM defined \
+        non-zero in user_config.h. Please recompile BSP with this option.
+#endif
+
+#ifndef BSP_DEFAULT_IO_CHANNEL_DEFINED
+    #error This application requires BSP_DEFAULT_IO_CHANNEL to be not \
+        NULL. Please set corresponding BSPCFG_ENABLE_TTYx to non-zero \
+        in user_config.h and recompile BSP with this option.
+#endif
+
+#if defined BSP_SDCARD_ESDHC_CHANNEL
+    #if ! BSPCFG_ENABLE_ESDHC
+        #error This application requires BSPCFG_ENABLE_ESDHC defined \
+            non-zero in user_config.h. Please recompile libraries with \
+            this option.
+    #endif
+#elif defined BSP_SDCARD_SDHC_CHANNEL
+    #if ! BSPCFG_ENABLE_SDHC
+        #error This application requires BSPCFG_ENABLE_SDHC defined \
+            non-zero in user_config.h. Please recompile libraries with \
+            this option.
+    #endif
+#endif
+
+#if defined (BSP_SDCARD_SPI_CHANNEL)
+    #define SDCARD_COM_CHANNEL BSP_SDCARD_SPI_CHANNEL
+#elif defined (BSP_SDCARD_ESDHC_CHANNEL)
+    #define SDCARD_COM_CHANNEL BSP_SDCARD_ESDHC_CHANNEL
+#elif defined (BSP_SDCARD_SDHC_CHANNEL)
+    #define SDCARD_COM_CHANNEL BSP_SDCARD_SDHC_CHANNEL
+#else
+    #error "SDCARD low level communication device not defined!"
+#endif
+
+int sdcard_open(MQX_FILE_PTR *com_handle, MQX_FILE_PTR *sdcard_handle,
+                MQX_FILE_PTR *partman_handle, MQX_FILE_PTR *filesystem_handle,
+                char *partman_name, char *filesystem_name)
+{
+	_mqx_int	error_code;
+	_mqx_uint	param;
+
+	/* Open low level communication device */
+	*com_handle = fopen(SDCARD_COM_CHANNEL, NULL);
+
+	if (NULL == *com_handle) {
+		printf("Error installing communication handle.\n");
+		return -60;
+	}
+
+	/* Install SD card device */
+	error_code = _io_sdcard_install("sdcard:", (void *)&_bsp_sdcard0_init,
+			*com_handle);
+	if (error_code != MQX_OK) {
+		printf("Error installing SD card device (0x%x)\n", error_code);
+		return -61;
+	}
+
+	_time_delay(200);
+
+	/* Open the device which MFS will be installed on */
+	*sdcard_handle = fopen("sdcard:", 0);
+	if (*sdcard_handle == NULL) {
+		printf("Unable to open SD card device.\n");
+		return -62;
+	}
+
+	/* Install partition manager over SD card driver */
+	error_code = _io_part_mgr_install(*sdcard_handle, partman_name, 0);
+	if (error_code != MFS_NO_ERROR) {
+		printf("Error installing partition manager: %s\n", MFS_Error_text(
+				(uint32_t) error_code));
+		return -63;
+	}
+
+	/* Open partition manager */
+	*partman_handle = fopen(partman_name, NULL);
+	if (*partman_handle == NULL) {
+		error_code = ferror(*partman_handle);
+		printf("Error opening partition manager: %s\n", MFS_Error_text(
+				(uint32_t) error_code));
+		return -64;
+	}
+
+	/* Validate partition 1 */
+	param = 1;
+	error_code = _io_ioctl(*partman_handle, IO_IOCTL_VAL_PART, ¶m);
+	if (error_code == MQX_OK) {
+		/* Install MFS over partition 1 */
+		error_code = _io_mfs_install(*partman_handle, filesystem_name, param);
+		if (error_code != MFS_NO_ERROR) {
+			printf("Error initializing MFS over partition: %s\n",
+					MFS_Error_text((uint32_t) error_code));
+			return -65;
+		}
+
+	} else {
+		/* Install MFS over SD card driver */
+		error_code = _io_mfs_install(*sdcard_handle, filesystem_name,
+                (_file_size) 0);
+		if (error_code != MFS_NO_ERROR) {
+			printf("Error initializing MFS: %s\n", MFS_Error_text(
+					(uint32_t) error_code));
+			return -66;
+		}
+	} /* end Validate partition 1 */
+
+	/* Open file system */
+	*filesystem_handle = fopen(filesystem_name, NULL);
+	error_code = ferror(*filesystem_handle);
+	if ((error_code != MFS_NO_ERROR) && (error_code != MFS_NOT_A_DOS_DISK)) {
+		printf("Error opening filesystem: %s\n", MFS_Error_text(
+				(uint32_t) error_code));
+		return -67;
+	}
+	if (error_code == MFS_NOT_A_DOS_DISK) {
+		printf("NOT A DOS DISK! You must format to continue.\n");
+		return -68;
+	}
+
+	return 0;
+}
+
+int sdcard_close(MQX_FILE_PTR *sdcard_handle, MQX_FILE_PTR *partman_handle,
+		         MQX_FILE_PTR *filesystem_handle,
+		         char *partman_name, char *filesystem_name)
+{
+	_mqx_int	error_code;
+
+	/* Close the filesystem */
+	if (MQX_OK != fclose(*filesystem_handle)) {
+		printf("Error closing filesystem.\n");
+		return -69;
+	}
+	*filesystem_handle = NULL;
+
+	/* Uninstall MFS  */
+	error_code = _io_dev_uninstall(filesystem_name);
+	if (error_code != MFS_NO_ERROR) {
+		printf("Error uninstalling filesystem.\n");
+		return -70;
+	}
+
+	/* Close partition manager */
+	if (MQX_OK != fclose(*partman_handle)) {
+		printf("Unable to close partition manager.\n");
+		return -71;
+	}
+	*partman_handle = NULL;
+
+	/* Uninstall partition manager  */
+	error_code = _io_dev_uninstall(partman_name);
+	if (error_code != MFS_NO_ERROR) {
+		printf("Error uninstalling partition manager.\n");
+		return -72;
+	}
+
+	/* Close the SD card device */
+	if (MQX_OK != fclose(*sdcard_handle)) {
+		printf("Unable to close SD card device.\n");
+		return -73;
+	}
+	*sdcard_handle = NULL;
+
+	return 0;
+}
+
+/* EOF */
diff --git a/3P/wolfssl/mqx/util_lib/Sources/util.h b/3P/wolfssl/mqx/util_lib/Sources/util.h
new file mode 100644
index 00000000..67bdca2f
--- /dev/null
+++ b/3P/wolfssl/mqx/util_lib/Sources/util.h
@@ -0,0 +1,14 @@
+/* util.h */
+
+#ifndef UTIL_H_
+#define UTIL_H_
+
+int sdcard_open(MQX_FILE_PTR *com_handle, MQX_FILE_PTR *sdcard_handle, 
+			 	MQX_FILE_PTR *partman_handle, MQX_FILE_PTR *filesystem_handle,
+		        char *partman_name, char *filesystem_name);
+
+int sdcard_close(MQX_FILE_PTR *sdcard_handle, MQX_FILE_PTR *partman_handle,
+		         MQX_FILE_PTR *filesystem_handle,
+		         char *partman_name, char *filesystem_name);
+
+#endif /* UTIL_H_ */
diff --git a/3P/wolfssl/quit b/3P/wolfssl/quit
new file mode 100644
index 00000000..3db49b3a
--- /dev/null
+++ b/3P/wolfssl/quit
@@ -0,0 +1,2 @@
+quit
+
diff --git a/3P/wolfssl/rpm/include.am b/3P/wolfssl/rpm/include.am
new file mode 100644
index 00000000..e5253dd1
--- /dev/null
+++ b/3P/wolfssl/rpm/include.am
@@ -0,0 +1,37 @@
+# vim:ft=automake
+
+rpm-build: rpm/spec dist
+	@rm -f *.rpm
+	@rm -f ~/rpmbuild/RPMS/x86_64/$(PACKAGE)-$(VERSION)*.rpm
+	@rm -f ~/rpmbuild/SRPMS/$(PACKAGE)-$(VERSION)*.rpm
+	@mkdir -p ~/rpmbuild/BUILD/
+	@mkdir -p ~/rpmbuild/RPMS/i386/
+	@mkdir -p ~/rpmbuild/RPMS/i686/
+	@mkdir -p ~/rpmbuild/RPMS/noarch/
+	@mkdir -p ~/rpmbuild/RPMS/x86_64/
+	@mkdir -p ~/rpmbuild/SOURCES/
+	@mkdir -p ~/rpmbuild/SPECS/
+	@mkdir -p ~/rpmbuild/SRPMS/
+	@cp $(PACKAGE)-$(VERSION).tar.gz ~/rpmbuild/SOURCES/
+	@rpmbuild -ba --clean rpm/spec
+	@cp ~/rpmbuild/RPMS/x86_64/$(PACKAGE)-$(VERSION)*.rpm .
+	@cp ~/rpmbuild/RPMS/x86_64/$(PACKAGE)-devel-$(VERSION)*.rpm .
+	@cp ~/rpmbuild/RPMS/x86_64/$(PACKAGE)-debuginfo-$(VERSION)*.rpm .
+	@cp ~/rpmbuild/SRPMS/$(PACKAGE)-$(VERSION)*.rpm .
+
+rpm-sign: rpm-build
+	@rpm --addsign *.rpm
+	@rpm --checksig *.rpm
+
+clean-rpm:
+	@rm -f *.tar.gz
+	@rm -f *.src.rpm
+	@rm -f *.rpm
+
+rpm: rpm-build
+
+release: rpm-sign
+
+auto-rpmbuild:
+	@auto-br-rpmbuild -ba rpm/spec
+
diff --git a/3P/wolfssl/rpm/spec.in b/3P/wolfssl/rpm/spec.in
new file mode 100644
index 00000000..cda6e79b
--- /dev/null
+++ b/3P/wolfssl/rpm/spec.in
@@ -0,0 +1,257 @@
+Summary: Embedded SSL Library
+Name: @PACKAGE@
+Version: @VERSION@
+Release: 1
+License: GPLv2
+Group: System Environment/Libraries
+BuildRequires: gcc
+BuildRequires: glibc
+BuildRequires: glibc-common
+BuildRequires: glibc-devel
+BuildRequires: glibc-headers
+BuildRequires: make
+BuildRequires: pkgconfig
+BuildRequires: sed
+BuildRequires: tar
+URL: http://www.wolfssl.com/
+
+Packager: Brian Aker 
+
+Source: http://wolfssl.com/%{name}-%{version}.tar.gz
+BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-buildroot
+
+%description
+Misc tools for wolfSSL.
+
+%package devel
+Summary: Header files and development libraries for %{name}
+Group: Development/Libraries
+Requires: %{name} = %{version}-%{release}
+
+%description devel
+This package contains the header files and development libraries
+for %{name}. If you like to develop programs using %{name},
+you will need to install %{name}-devel.
+
+%prep
+%setup -q
+
+%configure
+
+
+%build
+%{__make} %{?_smp_mflags}
+
+%install
+%{__rm} -rf %{buildroot}
+%{__make} install  DESTDIR="%{buildroot}" AM_INSTALL_PROGRAM_FLAGS=""
+mkdir -p $RPM_BUILD_ROOT/
+
+%check
+
+
+%clean
+%{__rm} -rf %{buildroot}
+
+%post -p /sbin/ldconfig
+
+%postun -p /sbin/ldconfig
+
+%files
+%defattr(-,root,root,-)
+%doc AUTHORS ChangeLog COPYING NEWS README
+%{_docdir}/wolfssl/taoCert.txt
+%{_docdir}/wolfssl/example/echoserver.c
+%{_docdir}/wolfssl/example/server.c
+%{_docdir}/wolfssl/example/echoclient.c
+%{_docdir}/wolfssl/example/client.c
+%{_docdir}/wolfssl/README.txt
+%{_libdir}/libwolfssl.la
+%{_libdir}/libwolfssl.so
+%{_libdir}/libwolfssl.so.0
+%{_libdir}/libwolfssl.so.0.0.0
+
+%files devel
+%defattr(-,root,root,-)
+%doc AUTHORS ChangeLog COPYING NEWS README
+%{_bindir}/wolfssl-config
+%{_includedir}/cyassl/callbacks.h
+%{_includedir}/cyassl/certs_test.h
+%{_includedir}/cyassl/crl.h
+%{_includedir}/cyassl/ctaocrypt/aes.h
+%{_includedir}/cyassl/ctaocrypt/arc4.h
+%{_includedir}/cyassl/ctaocrypt/asn.h
+%{_includedir}/cyassl/ctaocrypt/asn_public.h
+%{_includedir}/cyassl/ctaocrypt/blake2-impl.h
+%{_includedir}/cyassl/ctaocrypt/blake2-int.h
+%{_includedir}/cyassl/ctaocrypt/blake2.h
+%{_includedir}/cyassl/ctaocrypt/camellia.h
+%{_includedir}/cyassl/ctaocrypt/chacha.h
+%{_includedir}/cyassl/ctaocrypt/coding.h
+%{_includedir}/cyassl/ctaocrypt/compress.h
+%{_includedir}/cyassl/ctaocrypt/des3.h
+%{_includedir}/cyassl/ctaocrypt/dh.h
+%{_includedir}/cyassl/ctaocrypt/dsa.h
+%{_includedir}/cyassl/ctaocrypt/ecc.h
+%{_includedir}/cyassl/ctaocrypt/error-crypt.h
+%{_includedir}/cyassl/ctaocrypt/fips_test.h
+%{_includedir}/cyassl/ctaocrypt/hc128.h
+%{_includedir}/cyassl/ctaocrypt/hmac.h
+%{_includedir}/cyassl/ctaocrypt/integer.h
+%{_includedir}/cyassl/ctaocrypt/logging.h
+%{_includedir}/cyassl/ctaocrypt/md2.h
+%{_includedir}/cyassl/ctaocrypt/md4.h
+%{_includedir}/cyassl/ctaocrypt/md5.h
+%{_includedir}/cyassl/ctaocrypt/memory.h
+%{_includedir}/cyassl/ctaocrypt/misc.h
+%{_includedir}/cyassl/ctaocrypt/mpi_class.h
+%{_includedir}/cyassl/ctaocrypt/mpi_superclass.h
+%{_includedir}/cyassl/ctaocrypt/pkcs7.h
+%{_includedir}/cyassl/ctaocrypt/poly1305.h
+%{_includedir}/cyassl/ctaocrypt/wc_port.h
+%{_includedir}/cyassl/ctaocrypt/pwdbased.h
+%{_includedir}/cyassl/ctaocrypt/rabbit.h
+%{_includedir}/cyassl/ctaocrypt/random.h
+%{_includedir}/cyassl/ctaocrypt/ripemd.h
+%{_includedir}/cyassl/ctaocrypt/rsa.h
+%{_includedir}/cyassl/ctaocrypt/settings.h
+%{_includedir}/cyassl/ctaocrypt/settings_comp.h
+%{_includedir}/cyassl/ctaocrypt/sha.h
+%{_includedir}/cyassl/ctaocrypt/sha256.h
+%{_includedir}/cyassl/ctaocrypt/sha512.h
+%{_includedir}/cyassl/ctaocrypt/tfm.h
+%{_includedir}/cyassl/ctaocrypt/types.h
+%{_includedir}/cyassl/ctaocrypt/visibility.h
+%{_includedir}/cyassl/error-ssl.h
+%{_includedir}/cyassl/ocsp.h
+%{_includedir}/cyassl/openssl/asn1.h
+%{_includedir}/cyassl/openssl/bio.h
+%{_includedir}/cyassl/openssl/bn.h
+%{_includedir}/cyassl/openssl/conf.h
+%{_includedir}/cyassl/openssl/crypto.h
+%{_includedir}/cyassl/openssl/des.h
+%{_includedir}/cyassl/openssl/dh.h
+%{_includedir}/cyassl/openssl/dsa.h
+%{_includedir}/cyassl/openssl/ec.h
+%{_includedir}/cyassl/openssl/ecdsa.h
+%{_includedir}/cyassl/openssl/engine.h
+%{_includedir}/cyassl/openssl/err.h
+%{_includedir}/cyassl/openssl/evp.h
+%{_includedir}/cyassl/openssl/hmac.h
+%{_includedir}/cyassl/openssl/lhash.h
+%{_includedir}/cyassl/openssl/md4.h
+%{_includedir}/cyassl/openssl/md5.h
+%{_includedir}/cyassl/openssl/ocsp.h
+%{_includedir}/cyassl/openssl/opensslconf.h
+%{_includedir}/cyassl/openssl/opensslv.h
+%{_includedir}/cyassl/openssl/ossl_typ.h
+%{_includedir}/cyassl/openssl/pem.h
+%{_includedir}/cyassl/openssl/pkcs12.h
+%{_includedir}/cyassl/openssl/rand.h
+%{_includedir}/cyassl/openssl/ripemd.h
+%{_includedir}/cyassl/openssl/rsa.h
+%{_includedir}/cyassl/openssl/sha.h
+%{_includedir}/cyassl/openssl/ssl.h
+%{_includedir}/cyassl/openssl/stack.h
+%{_includedir}/cyassl/openssl/ui.h
+%{_includedir}/cyassl/openssl/x509.h
+%{_includedir}/cyassl/openssl/x509v3.h
+%{_includedir}/cyassl/options.h
+%{_includedir}/cyassl/sniffer.h
+%{_includedir}/cyassl/sniffer_error.h
+%{_includedir}/cyassl/ssl.h
+%{_includedir}/cyassl/test.h
+%{_includedir}/cyassl/version.h
+%{_includedir}/wolfssl/callbacks.h
+%{_includedir}/wolfssl/certs_test.h
+%{_includedir}/wolfssl/crl.h
+%{_includedir}/wolfssl/wolfcrypt/aes.h
+%{_includedir}/wolfssl/wolfcrypt/arc4.h
+%{_includedir}/wolfssl/wolfcrypt/asn.h
+%{_includedir}/wolfssl/wolfcrypt/asn_public.h
+%{_includedir}/wolfssl/wolfcrypt/blake2-impl.h
+%{_includedir}/wolfssl/wolfcrypt/blake2-int.h
+%{_includedir}/wolfssl/wolfcrypt/blake2.h
+%{_includedir}/wolfssl/wolfcrypt/camellia.h
+%{_includedir}/wolfssl/wolfcrypt/chacha.h
+%{_includedir}/wolfssl/wolfcrypt/coding.h
+%{_includedir}/wolfssl/wolfcrypt/compress.h
+%{_includedir}/wolfssl/wolfcrypt/des3.h
+%{_includedir}/wolfssl/wolfcrypt/dh.h
+%{_includedir}/wolfssl/wolfcrypt/dsa.h
+%{_includedir}/wolfssl/wolfcrypt/ecc.h
+%{_includedir}/wolfssl/wolfcrypt/error-crypt.h
+%{_includedir}/wolfssl/wolfcrypt/fips_test.h
+%{_includedir}/wolfssl/wolfcrypt/hc128.h
+%{_includedir}/wolfssl/wolfcrypt/hmac.h
+%{_includedir}/wolfssl/wolfcrypt/integer.h
+%{_includedir}/wolfssl/wolfcrypt/logging.h
+%{_includedir}/wolfssl/wolfcrypt/md2.h
+%{_includedir}/wolfssl/wolfcrypt/md4.h
+%{_includedir}/wolfssl/wolfcrypt/md5.h
+%{_includedir}/wolfssl/wolfcrypt/memory.h
+%{_includedir}/wolfssl/wolfcrypt/misc.h
+%{_includedir}/wolfssl/wolfcrypt/mpi_class.h
+%{_includedir}/wolfssl/wolfcrypt/mpi_superclass.h
+%{_includedir}/wolfssl/wolfcrypt/pkcs7.h
+%{_includedir}/wolfssl/wolfcrypt/wc_port.h
+%{_includedir}/wolfssl/wolfcrypt/poly1305.h
+%{_includedir}/wolfssl/wolfcrypt/pwdbased.h
+%{_includedir}/wolfssl/wolfcrypt/rabbit.h
+%{_includedir}/wolfssl/wolfcrypt/random.h
+%{_includedir}/wolfssl/wolfcrypt/ripemd.h
+%{_includedir}/wolfssl/wolfcrypt/rsa.h
+%{_includedir}/wolfssl/wolfcrypt/settings.h
+%{_includedir}/wolfssl/wolfcrypt/sha.h
+%{_includedir}/wolfssl/wolfcrypt/sha256.h
+%{_includedir}/wolfssl/wolfcrypt/sha512.h
+%{_includedir}/wolfssl/wolfcrypt/tfm.h
+%{_includedir}/wolfssl/wolfcrypt/types.h
+%{_includedir}/wolfssl/wolfcrypt/visibility.h
+%{_includedir}/wolfssl/error-ssl.h
+%{_includedir}/wolfssl/ocsp.h
+%{_includedir}/wolfssl/openssl/asn1.h
+%{_includedir}/wolfssl/openssl/bio.h
+%{_includedir}/wolfssl/openssl/bn.h
+%{_includedir}/wolfssl/openssl/conf.h
+%{_includedir}/wolfssl/openssl/crypto.h
+%{_includedir}/wolfssl/openssl/des.h
+%{_includedir}/wolfssl/openssl/dh.h
+%{_includedir}/wolfssl/openssl/dsa.h
+%{_includedir}/wolfssl/openssl/ec.h
+%{_includedir}/wolfssl/openssl/ecdsa.h
+%{_includedir}/wolfssl/openssl/engine.h
+%{_includedir}/wolfssl/openssl/err.h
+%{_includedir}/wolfssl/openssl/evp.h
+%{_includedir}/wolfssl/openssl/hmac.h
+%{_includedir}/wolfssl/openssl/lhash.h
+%{_includedir}/wolfssl/openssl/md4.h
+%{_includedir}/wolfssl/openssl/md5.h
+%{_includedir}/wolfssl/openssl/ocsp.h
+%{_includedir}/wolfssl/openssl/opensslconf.h
+%{_includedir}/wolfssl/openssl/opensslv.h
+%{_includedir}/wolfssl/openssl/ossl_typ.h
+%{_includedir}/wolfssl/openssl/pem.h
+%{_includedir}/wolfssl/openssl/pkcs12.h
+%{_includedir}/wolfssl/openssl/rand.h
+%{_includedir}/wolfssl/openssl/ripemd.h
+%{_includedir}/wolfssl/openssl/rsa.h
+%{_includedir}/wolfssl/openssl/sha.h
+%{_includedir}/wolfssl/openssl/ssl.h
+%{_includedir}/wolfssl/openssl/stack.h
+%{_includedir}/wolfssl/openssl/ui.h
+%{_includedir}/wolfssl/openssl/x509.h
+%{_includedir}/wolfssl/openssl/x509v3.h
+%{_includedir}/wolfssl/options.h
+%{_includedir}/wolfssl/sniffer.h
+%{_includedir}/wolfssl/sniffer_error.h
+%{_includedir}/wolfssl/ssl.h
+%{_includedir}/wolfssl/test.h
+%{_includedir}/wolfssl/version.h
+%{_libdir}/pkgconfig/wolfssl.pc
+
+%changelog
+* Fri Jan 09 2015 John Safranek 
+- Update for cyassl->wolfssl name change
+* Fri Oct 20 2012 Brian Aker 
+- Initial package
diff --git a/3P/wolfssl/src/crl.c b/3P/wolfssl/src/crl.c
new file mode 100644
index 00000000..39bfa128
--- /dev/null
+++ b/3P/wolfssl/src/crl.c
@@ -0,0 +1,790 @@
+/* crl.c
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+  /* Name change compatibility layer no longer needs included here */
+
+#ifdef HAVE_CONFIG_H
+    #include 
+#endif
+
+#include 
+
+#ifdef HAVE_CRL
+
+#include 
+#include 
+
+#include 
+#include 
+#include 
+
+#ifdef HAVE_CRL_MONITOR
+    static int StopMonitor(int mfd);
+#endif
+
+
+/* Initialze CRL members */
+int InitCRL(WOLFSSL_CRL* crl, WOLFSSL_CERT_MANAGER* cm)
+{
+    WOLFSSL_ENTER("InitCRL");
+
+    crl->cm = cm;
+    crl->crlList = NULL;
+    crl->monitors[0].path = NULL;
+    crl->monitors[1].path = NULL;
+#ifdef HAVE_CRL_MONITOR
+    crl->tid =  0;
+    crl->mfd = -1;   /* mfd for bsd is kqueue fd, eventfd for linux */
+#endif
+    if (InitMutex(&crl->crlLock) != 0)
+        return BAD_MUTEX_E; 
+
+    return 0;
+}
+
+
+/* Initialze CRL Entry */
+static int InitCRL_Entry(CRL_Entry* crle, DecodedCRL* dcrl)
+{
+    WOLFSSL_ENTER("InitCRL_Entry");
+
+    XMEMCPY(crle->issuerHash, dcrl->issuerHash, SHA_DIGEST_SIZE);
+    /* XMEMCPY(crle->crlHash, dcrl->crlHash, SHA_DIGEST_SIZE);
+     *   copy the hash here if needed for optimized comparisons */
+    XMEMCPY(crle->lastDate, dcrl->lastDate, MAX_DATE_SIZE);
+    XMEMCPY(crle->nextDate, dcrl->nextDate, MAX_DATE_SIZE);
+    crle->lastDateFormat = dcrl->lastDateFormat;
+    crle->nextDateFormat = dcrl->nextDateFormat;
+
+    crle->certs = dcrl->certs;   /* take ownsership */
+    dcrl->certs = NULL;
+    crle->totalCerts = dcrl->totalCerts;
+
+    return 0;
+}
+
+
+/* Free all CRL Entry resources */
+static void FreeCRL_Entry(CRL_Entry* crle)
+{
+    RevokedCert* tmp = crle->certs; 
+
+    WOLFSSL_ENTER("FreeCRL_Entry");
+
+    while(tmp) {
+        RevokedCert* next = tmp->next;
+        XFREE(tmp, NULL, DYNAMIC_TYPE_REVOKED);
+        tmp = next;
+    }
+}
+
+
+
+/* Free all CRL resources */
+void FreeCRL(WOLFSSL_CRL* crl, int dynamic)
+{
+    CRL_Entry* tmp = crl->crlList;
+
+    WOLFSSL_ENTER("FreeCRL");
+
+    if (crl->monitors[0].path)
+        XFREE(crl->monitors[0].path, NULL, DYNAMIC_TYPE_CRL_MONITOR);
+
+    if (crl->monitors[1].path)
+        XFREE(crl->monitors[1].path, NULL, DYNAMIC_TYPE_CRL_MONITOR);
+
+    while(tmp) {
+        CRL_Entry* next = tmp->next;
+        FreeCRL_Entry(tmp);
+        XFREE(tmp, NULL, DYNAMIC_TYPE_CRL_ENTRY);
+        tmp = next;
+    }	
+
+#ifdef HAVE_CRL_MONITOR
+    if (crl->tid != 0) {
+        WOLFSSL_MSG("stopping monitor thread");
+        if (StopMonitor(crl->mfd) == 0)
+            pthread_join(crl->tid, NULL);
+        else {
+            WOLFSSL_MSG("stop monitor failed, cancel instead");
+            pthread_cancel(crl->tid);
+        }
+    }
+#endif
+    FreeMutex(&crl->crlLock);
+    if (dynamic)   /* free self */
+        XFREE(crl, NULL, DYNAMIC_TYPE_CRL);
+}
+
+
+/* Is the cert ok with CRL, return 0 on success */
+int CheckCertCRL(WOLFSSL_CRL* crl, DecodedCert* cert)
+{
+    CRL_Entry* crle;
+    int        foundEntry = 0;
+    int        ret = 0;
+
+    WOLFSSL_ENTER("CheckCertCRL");
+
+    if (LockMutex(&crl->crlLock) != 0) {
+        WOLFSSL_MSG("LockMutex failed");
+        return BAD_MUTEX_E;
+    }
+
+    crle = crl->crlList;
+
+    while (crle) {
+        if (XMEMCMP(crle->issuerHash, cert->issuerHash, SHA_DIGEST_SIZE) == 0) {
+            WOLFSSL_MSG("Found CRL Entry on list");
+            WOLFSSL_MSG("Checking next date validity");
+
+            if (!ValidateDate(crle->nextDate, crle->nextDateFormat, AFTER)) {
+                WOLFSSL_MSG("CRL next date is no longer valid");
+                ret = ASN_AFTER_DATE_E;
+            }
+            else
+                foundEntry = 1;
+            break;
+        }
+        crle = crle->next;
+    }
+
+    if (foundEntry) {
+        RevokedCert* rc = crle->certs;
+
+        while (rc) {
+            if (XMEMCMP(rc->serialNumber, cert->serial, rc->serialSz) == 0) {
+                WOLFSSL_MSG("Cert revoked");
+                ret = CRL_CERT_REVOKED;
+                break;
+            }
+            rc = rc->next;	
+        }
+    }
+
+    UnLockMutex(&crl->crlLock);
+
+    if (foundEntry == 0) {
+        WOLFSSL_MSG("Couldn't find CRL for status check");
+        ret = CRL_MISSING;
+        if (crl->cm->cbMissingCRL) {
+            char url[256];
+
+            WOLFSSL_MSG("Issuing missing CRL callback");
+            url[0] = '\0';
+            if (cert->extCrlInfoSz < (int)sizeof(url) -1 ) {
+                XMEMCPY(url, cert->extCrlInfo, cert->extCrlInfoSz);
+                url[cert->extCrlInfoSz] = '\0';
+            }
+            else  {
+                WOLFSSL_MSG("CRL url too long");
+            }
+            crl->cm->cbMissingCRL(url);
+        }
+    }
+
+
+    return ret;	
+}
+
+
+/* Add Decoded CRL, 0 on success */
+static int AddCRL(WOLFSSL_CRL* crl, DecodedCRL* dcrl)
+{
+    CRL_Entry* crle;
+
+    WOLFSSL_ENTER("AddCRL");
+
+    crle = (CRL_Entry*)XMALLOC(sizeof(CRL_Entry), NULL, DYNAMIC_TYPE_CRL_ENTRY);
+    if (crle == NULL) {
+        WOLFSSL_MSG("alloc CRL Entry failed");
+        return -1;
+    }
+
+    if (InitCRL_Entry(crle, dcrl) < 0) {
+        WOLFSSL_MSG("Init CRL Entry failed");
+        XFREE(crle, NULL, DYNAMIC_TYPE_CRL_ENTRY);
+        return -1;
+    }
+
+    if (LockMutex(&crl->crlLock) != 0) {
+        WOLFSSL_MSG("LockMutex failed");
+        FreeCRL_Entry(crle);
+        XFREE(crle, NULL, DYNAMIC_TYPE_CRL_ENTRY);
+        return BAD_MUTEX_E;
+    }
+    crle->next = crl->crlList;
+    crl->crlList = crle;
+    UnLockMutex(&crl->crlLock);
+
+    return 0;
+}
+
+
+/* Load CRL File of type, SSL_SUCCESS on ok */
+int BufferLoadCRL(WOLFSSL_CRL* crl, const byte* buff, long sz, int type)
+{
+    int          ret = SSL_SUCCESS;
+    const byte*  myBuffer = buff;    /* if DER ok, otherwise switch */
+    buffer       der;
+#ifdef WOLFSSL_SMALL_STACK
+    DecodedCRL*  dcrl;
+#else
+    DecodedCRL   dcrl[1];
+#endif
+
+    der.buffer = NULL;
+
+    WOLFSSL_ENTER("BufferLoadCRL");
+
+    if (crl == NULL || buff == NULL || sz == 0)
+        return BAD_FUNC_ARG;
+
+    if (type == SSL_FILETYPE_PEM) {
+        int eccKey = 0;   /* not used */
+        EncryptedInfo info;
+        info.ctx = NULL;
+
+        ret = PemToDer(buff, sz, CRL_TYPE, &der, NULL, &info, &eccKey);
+        if (ret == 0) {
+            myBuffer = der.buffer;
+            sz = der.length;
+        }
+        else {
+            WOLFSSL_MSG("Pem to Der failed");
+            return -1;
+        }
+    }
+
+#ifdef WOLFSSL_SMALL_STACK
+    dcrl = (DecodedCRL*)XMALLOC(sizeof(DecodedCRL), NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    if (dcrl == NULL) {
+        if (der.buffer)
+            XFREE(der.buffer, NULL, DYNAMIC_TYPE_CRL);
+
+        return MEMORY_E;
+    }
+#endif
+
+    InitDecodedCRL(dcrl);
+    ret = ParseCRL(dcrl, myBuffer, (word32)sz, crl->cm);
+    if (ret != 0) {
+        WOLFSSL_MSG("ParseCRL error");
+    }
+    else {
+        ret = AddCRL(crl, dcrl);
+        if (ret != 0) {
+            WOLFSSL_MSG("AddCRL error");
+        }
+    }
+
+    FreeDecodedCRL(dcrl);
+
+#ifdef WOLFSSL_SMALL_STACK
+    XFREE(dcrl, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+
+    if (der.buffer)
+        XFREE(der.buffer, NULL, DYNAMIC_TYPE_CRL);
+
+    return ret ? ret : SSL_SUCCESS; /* convert 0 to SSL_SUCCESS */
+}
+
+
+#ifdef HAVE_CRL_MONITOR
+
+
+/* read in new CRL entries and save new list */
+static int SwapLists(WOLFSSL_CRL* crl)
+{
+    int        ret;
+    CRL_Entry* newList;
+#ifdef WOLFSSL_SMALL_STACK
+    WOLFSSL_CRL* tmp;    
+#else
+    WOLFSSL_CRL tmp[1];
+#endif
+    
+#ifdef WOLFSSL_SMALL_STACK
+    tmp = (WOLFSSL_CRL*)XMALLOC(sizeof(WOLFSSL_CRL), NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    if (tmp == NULL)
+        return MEMORY_E;
+#endif   
+
+    if (InitCRL(tmp, crl->cm) < 0) {
+        WOLFSSL_MSG("Init tmp CRL failed");
+#ifdef WOLFSSL_SMALL_STACK
+        XFREE(tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+        return -1;
+    }
+
+    if (crl->monitors[0].path) {
+        ret = LoadCRL(tmp, crl->monitors[0].path, SSL_FILETYPE_PEM, 0);
+        if (ret != SSL_SUCCESS) {
+            WOLFSSL_MSG("PEM LoadCRL on dir change failed");
+            FreeCRL(tmp, 0);
+#ifdef WOLFSSL_SMALL_STACK
+            XFREE(tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+            return -1;
+        }
+    }
+
+    if (crl->monitors[1].path) {
+        ret = LoadCRL(tmp, crl->monitors[1].path, SSL_FILETYPE_ASN1, 0);
+        if (ret != SSL_SUCCESS) {
+            WOLFSSL_MSG("DER LoadCRL on dir change failed");
+            FreeCRL(tmp, 0);
+#ifdef WOLFSSL_SMALL_STACK
+            XFREE(tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+            return -1;
+        }
+    }
+
+    if (LockMutex(&crl->crlLock) != 0) {
+        WOLFSSL_MSG("LockMutex failed");
+        FreeCRL(tmp, 0);
+#ifdef WOLFSSL_SMALL_STACK
+        XFREE(tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+        return -1;
+    }
+
+    newList = tmp->crlList;
+
+    /* swap lists */
+    tmp->crlList  = crl->crlList;
+    crl->crlList = newList;
+
+    UnLockMutex(&crl->crlLock);
+
+    FreeCRL(tmp, 0);
+
+#ifdef WOLFSSL_SMALL_STACK
+    XFREE(tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+
+    return 0;
+}
+
+
+#if (defined(__MACH__) || defined(__FreeBSD__))
+
+#include 
+#include 
+#include 
+#include 
+#include 
+
+#ifdef __MACH__
+    #define XEVENT_MODE O_EVTONLY
+#elif defined(__FreeBSD__)
+    #define XEVENT_MODE EVFILT_VNODE
+#endif
+
+
+/* we need a unique kqueue user filter fd for crl in case user is doing custom
+ * events too */
+#ifndef CRL_CUSTOM_FD
+    #define CRL_CUSTOM_FD 123456
+#endif
+
+
+/* shutdown monitor thread, 0 on success */
+static int StopMonitor(int mfd)
+{
+    struct kevent change;
+
+    /* trigger custom shutdown */
+    EV_SET(&change, CRL_CUSTOM_FD, EVFILT_USER, 0, NOTE_TRIGGER, 0, NULL);
+    if (kevent(mfd, &change, 1, NULL, 0, NULL) < 0) {
+        WOLFSSL_MSG("kevent trigger customer event failed");
+        return -1;
+    }
+
+    return 0;
+}
+
+
+/* OS X  monitoring */
+static void* DoMonitor(void* arg)
+{
+    int fPEM, fDER;
+    struct kevent change;
+
+    WOLFSSL_CRL* crl = (WOLFSSL_CRL*)arg;
+
+    WOLFSSL_ENTER("DoMonitor");
+
+    crl->mfd = kqueue();
+    if (crl->mfd == -1) {
+        WOLFSSL_MSG("kqueue failed");
+        return NULL;
+    }
+
+    /* listen for custom shutdown event */
+    EV_SET(&change, CRL_CUSTOM_FD, EVFILT_USER, EV_ADD, 0, 0, NULL);
+    if (kevent(crl->mfd, &change, 1, NULL, 0, NULL) < 0) {
+        WOLFSSL_MSG("kevent monitor customer event failed");
+        close(crl->mfd);
+        return NULL;
+    }
+
+    fPEM = -1;
+    fDER = -1;
+
+    if (crl->monitors[0].path) {
+        fPEM = open(crl->monitors[0].path, XEVENT_MODE);
+        if (fPEM == -1) {
+            WOLFSSL_MSG("PEM event dir open failed");
+            close(crl->mfd);
+            return NULL;
+        }
+    }
+
+    if (crl->monitors[1].path) {
+        fDER = open(crl->monitors[1].path, XEVENT_MODE);
+        if (fDER == -1) {
+            WOLFSSL_MSG("DER event dir open failed");
+            close(crl->mfd);
+            return NULL;
+        }
+    }
+
+    if (fPEM != -1)
+        EV_SET(&change, fPEM, EVFILT_VNODE, EV_ADD | EV_ENABLE | EV_ONESHOT,
+                NOTE_DELETE | NOTE_EXTEND | NOTE_WRITE | NOTE_ATTRIB, 0, 0);
+
+    if (fDER != -1)
+        EV_SET(&change, fDER, EVFILT_VNODE, EV_ADD | EV_ENABLE | EV_ONESHOT,
+                NOTE_DELETE | NOTE_EXTEND | NOTE_WRITE | NOTE_ATTRIB, 0, 0);
+
+    for (;;) {
+        struct kevent event;
+        int           numEvents = kevent(crl->mfd, &change, 1, &event, 1, NULL);
+       
+        WOLFSSL_MSG("Got kevent");
+
+        if (numEvents == -1) {
+            WOLFSSL_MSG("kevent problem, continue");
+            continue;
+        }
+
+        if (event.filter == EVFILT_USER) {
+            WOLFSSL_MSG("Got user shutdown event, breaking out");
+            break;
+        }
+
+        if (SwapLists(crl) < 0) {
+            WOLFSSL_MSG("SwapLists problem, continue");
+        }
+    }
+
+    if (fPEM != -1)
+        close(fPEM);
+    if (fDER != -1)
+        close(fDER);
+
+    close(crl->mfd);
+
+    return NULL;
+}
+
+
+#elif defined(__linux__)
+
+#include 
+#include 
+#include 
+#include 
+
+
+#ifndef max
+    static INLINE int max(int a, int b)
+    {
+        return a > b ? a : b;
+    }
+#endif /* max */
+
+
+/* shutdown monitor thread, 0 on success */
+static int StopMonitor(int mfd)
+{
+    word64 w64 = 1;
+
+    /* write to our custom event */
+    if (write(mfd, &w64, sizeof(w64)) < 0) {
+        WOLFSSL_MSG("StopMonitor write failed");
+        return -1;
+    }
+
+    return 0;
+}
+
+
+/* linux monitoring */
+static void* DoMonitor(void* arg)
+{
+    int         notifyFd;
+    int         wd  = -1;
+    WOLFSSL_CRL* crl = (WOLFSSL_CRL*)arg;
+#ifdef WOLFSSL_SMALL_STACK
+    char*       buff;
+#else
+    char        buff[8192];
+#endif
+
+    WOLFSSL_ENTER("DoMonitor");
+
+    crl->mfd = eventfd(0, 0);  /* our custom shutdown event */
+    if (crl->mfd < 0) {
+        WOLFSSL_MSG("eventfd failed");
+        return NULL;
+    }
+
+    notifyFd = inotify_init();
+    if (notifyFd < 0) {
+        WOLFSSL_MSG("inotify failed");
+        close(crl->mfd);
+        return NULL;
+    }
+
+    if (crl->monitors[0].path) {
+        wd = inotify_add_watch(notifyFd, crl->monitors[0].path, IN_CLOSE_WRITE |
+                                                                IN_DELETE);
+        if (wd < 0) {
+            WOLFSSL_MSG("PEM notify add watch failed");
+            close(crl->mfd);
+            close(notifyFd);
+            return NULL;
+        }
+    }
+
+    if (crl->monitors[1].path) {
+        wd = inotify_add_watch(notifyFd, crl->monitors[1].path, IN_CLOSE_WRITE |
+                                                                IN_DELETE);
+        if (wd < 0) {
+            WOLFSSL_MSG("DER notify add watch failed");
+            close(crl->mfd);
+            close(notifyFd);
+            return NULL;
+        }
+    }
+
+#ifdef WOLFSSL_SMALL_STACK
+    buff = (char*)XMALLOC(8192, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    if (buff == NULL)
+        return NULL;
+#endif
+
+    for (;;) {
+        fd_set readfds;
+        int    result;
+        int    length;
+
+        FD_ZERO(&readfds);
+        FD_SET(notifyFd, &readfds);
+        FD_SET(crl->mfd, &readfds);
+
+        result = select(max(notifyFd, crl->mfd) + 1, &readfds, NULL, NULL,NULL);
+       
+        WOLFSSL_MSG("Got notify event");
+
+        if (result < 0) {
+            WOLFSSL_MSG("select problem, continue");
+            continue;
+        }
+
+        if (FD_ISSET(crl->mfd, &readfds)) {
+            WOLFSSL_MSG("got custom shutdown event, breaking out");
+            break;
+        }
+
+        length = read(notifyFd, buff, 8192);
+        if (length < 0) {
+            WOLFSSL_MSG("notify read problem, continue");
+            continue;
+        } 
+
+        if (SwapLists(crl) < 0) {
+            WOLFSSL_MSG("SwapLists problem, continue");
+        }
+    }
+
+#ifdef WOLFSSL_SMALL_STACK
+    XFREE(buff, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+
+    if (wd > 0)
+        inotify_rm_watch(notifyFd, wd);
+    close(crl->mfd);
+    close(notifyFd);
+
+    return NULL;
+}
+
+
+#else
+
+#error "CRL monitor only currently supported on linux or mach"
+
+#endif /* MACH or linux */
+
+
+/* Start Monitoring the CRL path(s) in a thread */
+static int StartMonitorCRL(WOLFSSL_CRL* crl)
+{
+    pthread_attr_t attr;
+
+    WOLFSSL_ENTER("StartMonitorCRL");
+
+    if (crl == NULL) 
+        return BAD_FUNC_ARG;
+
+    if (crl->tid != 0) {
+        WOLFSSL_MSG("Monitor thread already running");
+        return MONITOR_RUNNING_E;
+    }
+
+    pthread_attr_init(&attr);
+
+    if (pthread_create(&crl->tid, &attr, DoMonitor, crl) != 0) {
+        WOLFSSL_MSG("Thread creation error");
+        return THREAD_CREATE_E;
+    }
+
+    return SSL_SUCCESS;
+}
+
+
+#else /* HAVE_CRL_MONITOR */
+
+static int StartMonitorCRL(WOLFSSL_CRL* crl)
+{
+    (void)crl;
+
+    WOLFSSL_ENTER("StartMonitorCRL");
+    WOLFSSL_MSG("Not compiled in");
+
+    return NOT_COMPILED_IN;
+}
+
+#endif  /* HAVE_CRL_MONITOR */
+
+
+/* Load CRL path files of type, SSL_SUCCESS on ok */ 
+int LoadCRL(WOLFSSL_CRL* crl, const char* path, int type, int monitor)
+{
+    struct dirent* entry;
+    DIR*           dir;
+    int            ret = SSL_SUCCESS;
+#ifdef WOLFSSL_SMALL_STACK
+    char*          name;
+#else
+    char           name[MAX_FILENAME_SZ];
+#endif
+
+    WOLFSSL_ENTER("LoadCRL");
+    if (crl == NULL)
+        return BAD_FUNC_ARG;
+
+    dir = opendir(path);
+    if (dir == NULL) {
+        WOLFSSL_MSG("opendir path crl load failed");
+        return BAD_PATH_ERROR;
+    }
+
+#ifdef WOLFSSL_SMALL_STACK
+    name = (char*)XMALLOC(MAX_FILENAME_SZ, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    if (name == NULL)
+        return MEMORY_E;
+#endif
+
+    while ( (entry = readdir(dir)) != NULL) {
+        struct stat s;
+
+        XMEMSET(name, 0, MAX_FILENAME_SZ);
+        XSTRNCPY(name, path, MAX_FILENAME_SZ/2 - 2);
+        XSTRNCAT(name, "/", 1);
+        XSTRNCAT(name, entry->d_name, MAX_FILENAME_SZ/2);
+
+        if (stat(name, &s) != 0) {
+            WOLFSSL_MSG("stat on name failed");
+            continue;
+        }
+        if (s.st_mode & S_IFREG) {
+
+            if (type == SSL_FILETYPE_PEM) {
+                if (strstr(entry->d_name, ".pem") == NULL) {
+                    WOLFSSL_MSG("not .pem file, skipping");
+                    continue;
+                }
+            }
+            else {
+                if (strstr(entry->d_name, ".der") == NULL &&
+                    strstr(entry->d_name, ".crl") == NULL) {
+
+                    WOLFSSL_MSG("not .der or .crl file, skipping");
+                    continue;
+                }
+            }
+
+            if (ProcessFile(NULL, name, type, CRL_TYPE, NULL, 0, crl)
+                                                               != SSL_SUCCESS) {
+                WOLFSSL_MSG("CRL file load failed, continuing");
+            }
+        }
+    }
+
+#ifdef WOLFSSL_SMALL_STACK
+    XFREE(name, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+
+    if (monitor & WOLFSSL_CRL_MONITOR) {
+        WOLFSSL_MSG("monitor path requested");
+
+        if (type == SSL_FILETYPE_PEM) {
+            crl->monitors[0].path = strdup(path);
+            crl->monitors[0].type = SSL_FILETYPE_PEM;
+            if (crl->monitors[0].path == NULL)
+                ret = MEMORY_E;
+        } else {
+            crl->monitors[1].path = strdup(path);
+            crl->monitors[1].type = SSL_FILETYPE_ASN1;
+            if (crl->monitors[1].path == NULL)
+                ret = MEMORY_E;
+        }
+      
+        if (monitor & WOLFSSL_CRL_START_MON) {
+            WOLFSSL_MSG("start monitoring requested");
+    
+            ret = StartMonitorCRL(crl);
+       } 
+    }
+    
+    closedir(dir);
+
+    return ret;
+}
+
+#endif /* HAVE_CRL */
diff --git a/3P/wolfssl/src/include.am b/3P/wolfssl/src/include.am
new file mode 100644
index 00000000..5cc1d20a
--- /dev/null
+++ b/3P/wolfssl/src/include.am
@@ -0,0 +1,199 @@
+# vim:ft=automake
+# included from Top Level Makefile.am
+# All paths should be given relative to the root
+
+lib_LTLIBRARIES+= src/libwolfssl.la
+src_libwolfssl_la_SOURCES =
+
+src_libwolfssl_la_LDFLAGS = ${AM_LDFLAGS} -no-undefined -version-info ${WOLFSSL_LIBRARY_VERSION}
+src_libwolfssl_la_LIBADD = $(LIBM)
+src_libwolfssl_la_CFLAGS = -DBUILDING_WOLFSSL $(AM_CFLAGS)
+src_libwolfssl_la_CPPFLAGS = -DBUILDING_WOLFSSL $(AM_CPPFLAGS)
+
+# fips first  file
+if BUILD_FIPS
+src_libwolfssl_la_SOURCES += ctaocrypt/src/wolfcrypt_first.c
+
+src_libwolfssl_la_SOURCES += \
+               ctaocrypt/src/hmac.c \
+               ctaocrypt/src/random.c \
+               ctaocrypt/src/sha256.c
+
+if BUILD_RSA
+src_libwolfssl_la_SOURCES += ctaocrypt/src/rsa.c
+endif
+
+if BUILD_AES
+src_libwolfssl_la_SOURCES += ctaocrypt/src/aes.c
+endif
+
+if BUILD_DES3
+src_libwolfssl_la_SOURCES += ctaocrypt/src/des3.c
+endif
+
+if BUILD_SHA
+src_libwolfssl_la_SOURCES += ctaocrypt/src/sha.c
+endif
+
+if BUILD_SHA512
+src_libwolfssl_la_SOURCES += ctaocrypt/src/sha512.c
+endif
+
+src_libwolfssl_la_SOURCES += ctaocrypt/src/fips.c
+src_libwolfssl_la_SOURCES += ctaocrypt/src/fips_test.c
+
+# fips last file
+src_libwolfssl_la_SOURCES += ctaocrypt/src/wolfcrypt_last.c
+endif
+
+src_libwolfssl_la_SOURCES += \
+               wolfcrypt/src/hmac.c \
+               wolfcrypt/src/random.c \
+               wolfcrypt/src/sha256.c
+
+if BUILD_RSA
+src_libwolfssl_la_SOURCES += wolfcrypt/src/rsa.c
+endif
+
+if BUILD_AES
+src_libwolfssl_la_SOURCES += wolfcrypt/src/aes.c
+endif
+
+if BUILD_DES3
+src_libwolfssl_la_SOURCES += wolfcrypt/src/des3.c
+endif
+
+if BUILD_SHA
+src_libwolfssl_la_SOURCES += wolfcrypt/src/sha.c
+endif
+
+if BUILD_SHA512
+src_libwolfssl_la_SOURCES += wolfcrypt/src/sha512.c
+endif
+
+src_libwolfssl_la_SOURCES += \
+               wolfcrypt/src/logging.c \
+               wolfcrypt/src/wc_port.c \
+               wolfcrypt/src/error.c
+
+if BUILD_MEMORY
+src_libwolfssl_la_SOURCES += wolfcrypt/src/memory.c
+endif
+
+if BUILD_DH
+src_libwolfssl_la_SOURCES += wolfcrypt/src/dh.c
+endif
+
+if BUILD_ASN
+src_libwolfssl_la_SOURCES += wolfcrypt/src/asn.c
+endif
+
+if BUILD_CODING
+src_libwolfssl_la_SOURCES += wolfcrypt/src/coding.c
+endif
+
+if BUILD_POLY1305
+src_libwolfssl_la_SOURCES += wolfcrypt/src/poly1305.c
+endif
+
+if BUILD_RC4
+src_libwolfssl_la_SOURCES += wolfcrypt/src/arc4.c
+endif
+
+if BUILD_MD4
+src_libwolfssl_la_SOURCES += wolfcrypt/src/md4.c
+endif
+
+if BUILD_MD5
+src_libwolfssl_la_SOURCES += wolfcrypt/src/md5.c
+endif
+
+if BUILD_PWDBASED
+src_libwolfssl_la_SOURCES += wolfcrypt/src/pwdbased.c
+endif
+
+if BUILD_DSA
+src_libwolfssl_la_SOURCES += wolfcrypt/src/dsa.c
+endif
+
+if BUILD_AESNI
+src_libwolfssl_la_SOURCES += wolfcrypt/src/aes_asm.s
+endif
+
+if BUILD_CAMELLIA
+src_libwolfssl_la_SOURCES += wolfcrypt/src/camellia.c
+endif
+
+if BUILD_MD2
+src_libwolfssl_la_SOURCES += wolfcrypt/src/md2.c
+endif
+
+if BUILD_RIPEMD
+src_libwolfssl_la_SOURCES += wolfcrypt/src/ripemd.c
+endif
+
+if BUILD_BLAKE2
+src_libwolfssl_la_SOURCES += wolfcrypt/src/blake2b.c
+endif
+
+if BUILD_HC128
+src_libwolfssl_la_SOURCES += wolfcrypt/src/hc128.c
+endif
+
+if BUILD_RABBIT
+src_libwolfssl_la_SOURCES += wolfcrypt/src/rabbit.c
+endif
+
+if BUILD_CHACHA
+src_libwolfssl_la_SOURCES += wolfcrypt/src/chacha.c
+endif
+
+if !BUILD_INLINE
+src_libwolfssl_la_SOURCES += wolfcrypt/src/misc.c
+endif
+
+if BUILD_FASTMATH
+src_libwolfssl_la_SOURCES += wolfcrypt/src/tfm.c
+endif
+
+if BUILD_SLOWMATH
+src_libwolfssl_la_SOURCES += wolfcrypt/src/integer.c
+endif
+
+if BUILD_ECC
+src_libwolfssl_la_SOURCES += wolfcrypt/src/ecc.c
+endif
+
+if BUILD_ECC25519
+src_libwolfssl_la_SOURCES += wolfcrypt/src/ecc25519.c
+src_libwolfssl_la_SOURCES += wolfcrypt/src/ecc25519_fe.c
+endif
+
+if BUILD_LIBZ
+src_libwolfssl_la_SOURCES += wolfcrypt/src/compress.c
+endif
+
+if BUILD_PKCS7
+src_libwolfssl_la_SOURCES += wolfcrypt/src/pkcs7.c
+endif
+
+# ssl files
+src_libwolfssl_la_SOURCES += \
+               src/internal.c \
+               src/io.c \
+               src/keys.c \
+               src/ssl.c \
+               src/tls.c
+
+if BUILD_OCSP
+src_libwolfssl_la_SOURCES += src/ocsp.c
+endif
+
+if BUILD_CRL
+src_libwolfssl_la_SOURCES += src/crl.c
+endif
+
+if BUILD_SNIFFER
+src_libwolfssl_la_SOURCES += src/sniffer.c
+endif
+
diff --git a/3P/wolfssl/src/internal.c b/3P/wolfssl/src/internal.c
new file mode 100644
index 00000000..a1d390a1
--- /dev/null
+++ b/3P/wolfssl/src/internal.c
@@ -0,0 +1,13749 @@
+/* internal.c
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#ifdef HAVE_CONFIG_H
+    #include 
+#endif
+
+#include 
+
+#include 
+#include 
+#include 
+#ifdef NO_INLINE
+    #include 
+#else
+    #include 
+#endif
+
+#ifdef HAVE_LIBZ
+    #include "zlib.h"
+#endif
+
+#ifdef HAVE_NTRU
+    #include "ntru_crypto.h"
+#endif
+
+#if defined(DEBUG_WOLFSSL) || defined(SHOW_SECRETS) || defined(CHACHA_AEAD_TEST)
+    #ifdef FREESCALE_MQX
+        #include 
+    #else
+        #include 
+    #endif
+#endif
+
+#ifdef __sun
+    #include 
+#endif
+
+#ifndef TRUE
+    #define TRUE  1
+#endif
+#ifndef FALSE
+    #define FALSE 0
+#endif
+
+
+#if defined(WOLFSSL_CALLBACKS) && !defined(LARGE_STATIC_BUFFERS)
+    #error \
+WOLFSSL_CALLBACKS needs LARGE_STATIC_BUFFERS, please add LARGE_STATIC_BUFFERS
+#endif
+
+#if defined(HAVE_SECURE_RENEGOTIATION) && defined(HAVE_RENEGOTIATION_INDICATION)
+    #error Cannot use both secure-renegotiation and renegotiation-indication
+#endif
+
+static int BuildMessage(WOLFSSL* ssl, byte* output, int outSz,
+                        const byte* input, int inSz, int type);
+
+#ifndef NO_WOLFSSL_CLIENT
+    static int DoHelloVerifyRequest(WOLFSSL* ssl, const byte* input, word32*,
+                                                                        word32);
+    static int DoServerHello(WOLFSSL* ssl, const byte* input, word32*, word32);
+    static int DoServerKeyExchange(WOLFSSL* ssl, const byte* input, word32*,
+                                                                        word32);
+    #ifndef NO_CERTS
+        static int DoCertificateRequest(WOLFSSL* ssl, const byte* input, word32*,
+                                                                        word32);
+    #endif
+    #ifdef HAVE_SESSION_TICKET
+        static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32*,
+                                                                        word32);
+    #endif
+#endif
+
+
+#ifndef NO_WOLFSSL_SERVER
+    static int DoClientHello(WOLFSSL* ssl, const byte* input, word32*, word32);
+    static int DoClientKeyExchange(WOLFSSL* ssl, byte* input, word32*, word32);
+    #if !defined(NO_RSA) || defined(HAVE_ECC)
+        static int DoCertificateVerify(WOLFSSL* ssl, byte*, word32*, word32);
+    #endif
+#endif
+
+
+#ifdef WOLFSSL_DTLS
+    static INLINE int DtlsCheckWindow(DtlsState* state);
+    static INLINE int DtlsUpdateWindow(DtlsState* state);
+#endif
+
+
+typedef enum {
+    doProcessInit = 0,
+#ifndef NO_WOLFSSL_SERVER
+    runProcessOldClientHello,
+#endif
+    getRecordLayerHeader,
+    getData,
+    runProcessingOneMessage
+} processReply;
+
+#ifndef NO_OLD_TLS
+static int SSL_hmac(WOLFSSL* ssl, byte* digest, const byte* in, word32 sz,
+                    int content, int verify);
+
+#endif
+
+#ifndef NO_CERTS
+static int BuildCertHashes(WOLFSSL* ssl, Hashes* hashes);
+#endif
+
+static void PickHashSigAlgo(WOLFSSL* ssl,
+                                const byte* hashSigAlgo, word32 hashSigAlgoSz);
+
+#ifndef min
+
+    static INLINE word32 min(word32 a, word32 b)
+    {
+        return a > b ? b : a;
+    }
+
+#endif /* min */
+
+
+int IsTLS(const WOLFSSL* ssl)
+{
+    if (ssl->version.major == SSLv3_MAJOR && ssl->version.minor >=TLSv1_MINOR)
+        return 1;
+
+    return 0;
+}
+
+
+int IsAtLeastTLSv1_2(const WOLFSSL* ssl)
+{
+    if (ssl->version.major == SSLv3_MAJOR && ssl->version.minor >=TLSv1_2_MINOR)
+        return 1;
+    if (ssl->version.major == DTLS_MAJOR && ssl->version.minor <= DTLSv1_2_MINOR)
+        return 1;
+
+    return 0;
+}
+
+
+#ifdef HAVE_NTRU
+
+static byte GetEntropy(ENTROPY_CMD cmd, byte* out)
+{
+    /* TODO: add locking? */
+    static RNG rng;
+
+    if (cmd == INIT)
+        return (wc_InitRng(&rng) == 0) ? 1 : 0;
+
+    if (out == NULL)
+        return 0;
+
+    if (cmd == GET_BYTE_OF_ENTROPY)
+        return (wc_RNG_GenerateBlock(&rng, out, 1) == 0) ? 1 : 0;
+
+    if (cmd == GET_NUM_BYTES_PER_BYTE_OF_ENTROPY) {
+        *out = 1;
+        return 1;
+    }
+
+    return 0;
+}
+
+#endif /* HAVE_NTRU */
+
+/* used by ssl.c too */
+void c32to24(word32 in, word24 out)
+{
+    out[0] = (in >> 16) & 0xff;
+    out[1] = (in >>  8) & 0xff;
+    out[2] =  in & 0xff;
+}
+
+
+#ifdef WOLFSSL_DTLS
+
+static INLINE void c32to48(word32 in, byte out[6])
+{
+    out[0] = 0;
+    out[1] = 0;
+    out[2] = (in >> 24) & 0xff;
+    out[3] = (in >> 16) & 0xff;
+    out[4] = (in >>  8) & 0xff;
+    out[5] =  in & 0xff;
+}
+
+#endif /* WOLFSSL_DTLS */
+
+
+/* convert 16 bit integer to opaque */
+static INLINE void c16toa(word16 u16, byte* c)
+{
+    c[0] = (u16 >> 8) & 0xff;
+    c[1] =  u16 & 0xff;
+}
+
+
+#if !defined(NO_OLD_TLS) || defined(HAVE_CHACHA) || defined(HAVE_AESCCM) \
+    || defined(HAVE_AESGCM)
+/* convert 32 bit integer to opaque */
+static INLINE void c32toa(word32 u32, byte* c)
+{
+    c[0] = (u32 >> 24) & 0xff;
+    c[1] = (u32 >> 16) & 0xff;
+    c[2] = (u32 >>  8) & 0xff;
+    c[3] =  u32 & 0xff;
+}
+#endif
+
+
+/* convert a 24 bit integer into a 32 bit one */
+static INLINE void c24to32(const word24 u24, word32* u32)
+{
+    *u32 = (u24[0] << 16) | (u24[1] << 8) | u24[2];
+}
+
+
+/* convert opaque to 16 bit integer */
+static INLINE void ato16(const byte* c, word16* u16)
+{
+    *u16 = (word16) ((c[0] << 8) | (c[1]));
+}
+
+
+#if defined(WOLFSSL_DTLS) || defined(HAVE_SESSION_TICKET)
+
+/* convert opaque to 32 bit integer */
+static INLINE void ato32(const byte* c, word32* u32)
+{
+    *u32 = (c[0] << 24) | (c[1] << 16) | (c[2] << 8) | c[3];
+}
+
+#endif /* WOLFSSL_DTLS */
+
+
+#ifdef HAVE_LIBZ
+
+    /* alloc user allocs to work with zlib */
+    static void* myAlloc(void* opaque, unsigned int item, unsigned int size)
+    {
+        (void)opaque;
+        return XMALLOC(item * size, opaque, DYNAMIC_TYPE_LIBZ);
+    }
+
+
+    static void myFree(void* opaque, void* memory)
+    {
+        (void)opaque;
+        XFREE(memory, opaque, DYNAMIC_TYPE_LIBZ);
+    }
+
+
+    /* init zlib comp/decomp streams, 0 on success */
+    static int InitStreams(WOLFSSL* ssl)
+    {
+        ssl->c_stream.zalloc = (alloc_func)myAlloc;
+        ssl->c_stream.zfree  = (free_func)myFree;
+        ssl->c_stream.opaque = (voidpf)ssl->heap;
+
+        if (deflateInit(&ssl->c_stream, Z_DEFAULT_COMPRESSION) != Z_OK)
+            return ZLIB_INIT_ERROR;
+
+        ssl->didStreamInit = 1;
+
+        ssl->d_stream.zalloc = (alloc_func)myAlloc;
+        ssl->d_stream.zfree  = (free_func)myFree;
+        ssl->d_stream.opaque = (voidpf)ssl->heap;
+
+        if (inflateInit(&ssl->d_stream) != Z_OK) return ZLIB_INIT_ERROR;
+
+        return 0;
+    }
+
+
+    static void FreeStreams(WOLFSSL* ssl)
+    {
+        if (ssl->didStreamInit) {
+            deflateEnd(&ssl->c_stream);
+            inflateEnd(&ssl->d_stream);
+        }
+    }
+
+
+    /* compress in to out, return out size or error */
+    static int myCompress(WOLFSSL* ssl, byte* in, int inSz, byte* out, int outSz)
+    {
+        int    err;
+        int    currTotal = (int)ssl->c_stream.total_out;
+
+        ssl->c_stream.next_in   = in;
+        ssl->c_stream.avail_in  = inSz;
+        ssl->c_stream.next_out  = out;
+        ssl->c_stream.avail_out = outSz;
+
+        err = deflate(&ssl->c_stream, Z_SYNC_FLUSH);
+        if (err != Z_OK && err != Z_STREAM_END) return ZLIB_COMPRESS_ERROR;
+
+        return (int)ssl->c_stream.total_out - currTotal;
+    }
+
+
+    /* decompress in to out, returnn out size or error */
+    static int myDeCompress(WOLFSSL* ssl, byte* in,int inSz, byte* out,int outSz)
+    {
+        int    err;
+        int    currTotal = (int)ssl->d_stream.total_out;
+
+        ssl->d_stream.next_in   = in;
+        ssl->d_stream.avail_in  = inSz;
+        ssl->d_stream.next_out  = out;
+        ssl->d_stream.avail_out = outSz;
+
+        err = inflate(&ssl->d_stream, Z_SYNC_FLUSH);
+        if (err != Z_OK && err != Z_STREAM_END) return ZLIB_DECOMPRESS_ERROR;
+
+        return (int)ssl->d_stream.total_out - currTotal;
+    }
+
+#endif /* HAVE_LIBZ */
+
+
+void InitSSL_Method(WOLFSSL_METHOD* method, ProtocolVersion pv)
+{
+    method->version    = pv;
+    method->side       = WOLFSSL_CLIENT_END;
+    method->downgrade  = 0;
+}
+
+
+/* Initialze SSL context, return 0 on success */
+int InitSSL_Ctx(WOLFSSL_CTX* ctx, WOLFSSL_METHOD* method)
+{
+    ctx->method = method;
+    ctx->refCount = 1;          /* so either CTX_free or SSL_free can release */
+#ifndef NO_CERTS
+    ctx->certificate.buffer = 0;
+    ctx->certChain.buffer   = 0;
+    ctx->privateKey.buffer  = 0;
+    ctx->serverDH_P.buffer  = 0;
+    ctx->serverDH_G.buffer  = 0;
+#endif
+    ctx->haveDH             = 0;
+    ctx->haveNTRU           = 0;    /* start off */
+    ctx->haveECDSAsig       = 0;    /* start off */
+    ctx->haveStaticECC      = 0;    /* start off */
+    ctx->heap               = ctx;  /* defaults to self */
+#ifndef NO_PSK
+    ctx->havePSK            = 0;
+    ctx->server_hint[0]     = 0;
+    ctx->client_psk_cb      = 0;
+    ctx->server_psk_cb      = 0;
+#endif /* NO_PSK */
+#ifdef HAVE_ANON
+    ctx->haveAnon           = 0;
+#endif /* HAVE_ANON */
+#ifdef HAVE_ECC
+    ctx->eccTempKeySz       = ECDHE_SIZE;
+#endif
+
+#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER)
+    ctx->passwd_cb   = 0;
+    ctx->userdata    = 0;
+#endif /* OPENSSL_EXTRA */
+
+    ctx->timeout = WOLFSSL_SESSION_TIMEOUT;
+
+#ifndef WOLFSSL_USER_IO
+    ctx->CBIORecv = EmbedReceive;
+    ctx->CBIOSend = EmbedSend;
+    #ifdef WOLFSSL_DTLS
+        if (method->version.major == DTLS_MAJOR) {
+            ctx->CBIORecv   = EmbedReceiveFrom;
+            ctx->CBIOSend   = EmbedSendTo;
+            ctx->CBIOCookie = EmbedGenerateCookie;
+        }
+    #endif
+#else
+    /* user will set */
+    ctx->CBIORecv   = NULL;
+    ctx->CBIOSend   = NULL;
+    #ifdef WOLFSSL_DTLS
+        ctx->CBIOCookie = NULL;
+    #endif
+#endif /* WOLFSSL_USER_IO */
+#ifdef HAVE_NETX
+    ctx->CBIORecv = NetX_Receive;
+    ctx->CBIOSend = NetX_Send;
+#endif
+    ctx->partialWrite   = 0;
+    ctx->verifyCallback = 0;
+
+#ifndef NO_CERTS
+    ctx->cm = wolfSSL_CertManagerNew();
+#endif
+#ifdef HAVE_NTRU
+    if (method->side == WOLFSSL_CLIENT_END)
+        ctx->haveNTRU = 1;           /* always on cliet side */
+                                     /* server can turn on by loading key */
+#endif
+#ifdef HAVE_ECC
+    if (method->side == WOLFSSL_CLIENT_END) {
+        ctx->haveECDSAsig  = 1;        /* always on cliet side */
+        ctx->haveStaticECC = 1;        /* server can turn on by loading key */
+    }
+#endif
+    ctx->suites.setSuites = 0;  /* user hasn't set yet */
+    /* remove DH later if server didn't set, add psk later */
+    InitSuites(&ctx->suites, method->version, TRUE, FALSE, TRUE, ctx->haveNTRU,
+               ctx->haveECDSAsig, ctx->haveStaticECC, method->side);
+    ctx->verifyPeer = 0;
+    ctx->verifyNone = 0;
+    ctx->failNoCert = 0;
+    ctx->sessionCacheOff      = 0;  /* initially on */
+    ctx->sessionCacheFlushOff = 0;  /* initially on */
+    ctx->sendVerify = 0;
+    ctx->quietShutdown = 0;
+    ctx->groupMessages = 0;
+#ifdef HAVE_CAVIUM
+    ctx->devId = NO_CAVIUM_DEVICE;
+#endif
+#ifdef HAVE_TLS_EXTENSIONS
+    ctx->extensions = NULL;
+#endif
+#ifdef ATOMIC_USER
+    ctx->MacEncryptCb    = NULL;
+    ctx->DecryptVerifyCb = NULL;
+#endif
+#ifdef HAVE_PK_CALLBACKS
+    #ifdef HAVE_ECC
+        ctx->EccSignCb   = NULL;
+        ctx->EccVerifyCb = NULL;
+    #endif /* HAVE_ECC */
+    #ifndef NO_RSA
+        ctx->RsaSignCb   = NULL;
+        ctx->RsaVerifyCb = NULL;
+        ctx->RsaEncCb    = NULL;
+        ctx->RsaDecCb    = NULL;
+    #endif /* NO_RSA */
+#endif /* HAVE_PK_CALLBACKS */
+
+    if (InitMutex(&ctx->countMutex) < 0) {
+        WOLFSSL_MSG("Mutex error on CTX init");
+        return BAD_MUTEX_E;
+    }
+#ifndef NO_CERTS
+    if (ctx->cm == NULL) {
+        WOLFSSL_MSG("Bad Cert Manager New");
+        return BAD_CERT_MANAGER_ERROR;
+    }
+#endif
+    return 0;
+}
+
+
+/* In case contexts are held in array and don't want to free actual ctx */
+void SSL_CtxResourceFree(WOLFSSL_CTX* ctx)
+{
+    XFREE(ctx->method, ctx->heap, DYNAMIC_TYPE_METHOD);
+
+#ifndef NO_CERTS
+    XFREE(ctx->serverDH_G.buffer, ctx->heap, DYNAMIC_TYPE_DH);
+    XFREE(ctx->serverDH_P.buffer, ctx->heap, DYNAMIC_TYPE_DH);
+    XFREE(ctx->privateKey.buffer, ctx->heap, DYNAMIC_TYPE_KEY);
+    XFREE(ctx->certificate.buffer, ctx->heap, DYNAMIC_TYPE_CERT);
+    XFREE(ctx->certChain.buffer, ctx->heap, DYNAMIC_TYPE_CERT);
+    wolfSSL_CertManagerFree(ctx->cm);
+#endif
+#ifdef HAVE_TLS_EXTENSIONS
+    TLSX_FreeAll(ctx->extensions);
+#endif
+}
+
+
+void FreeSSL_Ctx(WOLFSSL_CTX* ctx)
+{
+    int doFree = 0;
+
+    if (LockMutex(&ctx->countMutex) != 0) {
+        WOLFSSL_MSG("Couldn't lock count mutex");
+        return;
+    }
+    ctx->refCount--;
+    if (ctx->refCount == 0)
+        doFree = 1;
+    UnLockMutex(&ctx->countMutex);
+
+    if (doFree) {
+        WOLFSSL_MSG("CTX ref count down to 0, doing full free");
+        SSL_CtxResourceFree(ctx);
+        FreeMutex(&ctx->countMutex);
+        XFREE(ctx, ctx->heap, DYNAMIC_TYPE_CTX);
+    }
+    else {
+        (void)ctx;
+        WOLFSSL_MSG("CTX ref count not 0 yet, no free");
+    }
+}
+
+
+/* Set cipher pointers to null */
+void InitCiphers(WOLFSSL* ssl)
+{
+#ifdef BUILD_ARC4
+    ssl->encrypt.arc4 = NULL;
+    ssl->decrypt.arc4 = NULL;
+#endif
+#ifdef BUILD_DES3
+    ssl->encrypt.des3 = NULL;
+    ssl->decrypt.des3 = NULL;
+#endif
+#ifdef BUILD_AES
+    ssl->encrypt.aes = NULL;
+    ssl->decrypt.aes = NULL;
+#endif
+#ifdef HAVE_CAMELLIA
+    ssl->encrypt.cam = NULL;
+    ssl->decrypt.cam = NULL;
+#endif
+#ifdef HAVE_HC128
+    ssl->encrypt.hc128 = NULL;
+    ssl->decrypt.hc128 = NULL;
+#endif
+#ifdef BUILD_RABBIT
+    ssl->encrypt.rabbit = NULL;
+    ssl->decrypt.rabbit = NULL;
+#endif
+#ifdef HAVE_CHACHA
+    ssl->encrypt.chacha = NULL;
+    ssl->decrypt.chacha = NULL;
+#endif
+#ifdef HAVE_POLY1305
+    ssl->auth.poly1305 = NULL;
+#endif
+    ssl->encrypt.setup = 0;
+    ssl->decrypt.setup = 0;
+#ifdef HAVE_ONE_TIME_AUTH
+    ssl->auth.setup    = 0;
+#endif
+}
+
+
+/* Free ciphers */
+void FreeCiphers(WOLFSSL* ssl)
+{
+    (void)ssl;
+#ifdef BUILD_ARC4
+    #ifdef HAVE_CAVIUM
+    if (ssl->devId != NO_CAVIUM_DEVICE) {
+        wc_Arc4FreeCavium(ssl->encrypt.arc4);
+        wc_Arc4FreeCavium(ssl->decrypt.arc4);
+    }
+    #endif
+    XFREE(ssl->encrypt.arc4, ssl->heap, DYNAMIC_TYPE_CIPHER);
+    XFREE(ssl->decrypt.arc4, ssl->heap, DYNAMIC_TYPE_CIPHER);
+#endif
+#ifdef BUILD_DES3
+    #ifdef HAVE_CAVIUM
+    if (ssl->devId != NO_CAVIUM_DEVICE) {
+        wc_Des3_FreeCavium(ssl->encrypt.des3);
+        wc_Des3_FreeCavium(ssl->decrypt.des3);
+    }
+    #endif
+    XFREE(ssl->encrypt.des3, ssl->heap, DYNAMIC_TYPE_CIPHER);
+    XFREE(ssl->decrypt.des3, ssl->heap, DYNAMIC_TYPE_CIPHER);
+#endif
+#ifdef BUILD_AES
+    #ifdef HAVE_CAVIUM
+    if (ssl->devId != NO_CAVIUM_DEVICE) {
+        wc_AesFreeCavium(ssl->encrypt.aes);
+        wc_AesFreeCavium(ssl->decrypt.aes);
+    }
+    #endif
+    XFREE(ssl->encrypt.aes, ssl->heap, DYNAMIC_TYPE_CIPHER);
+    XFREE(ssl->decrypt.aes, ssl->heap, DYNAMIC_TYPE_CIPHER);
+#endif
+#ifdef HAVE_CAMELLIA
+    XFREE(ssl->encrypt.cam, ssl->heap, DYNAMIC_TYPE_CIPHER);
+    XFREE(ssl->decrypt.cam, ssl->heap, DYNAMIC_TYPE_CIPHER);
+#endif
+#ifdef HAVE_HC128
+    XFREE(ssl->encrypt.hc128, ssl->heap, DYNAMIC_TYPE_CIPHER);
+    XFREE(ssl->decrypt.hc128, ssl->heap, DYNAMIC_TYPE_CIPHER);
+#endif
+#ifdef BUILD_RABBIT
+    XFREE(ssl->encrypt.rabbit, ssl->heap, DYNAMIC_TYPE_CIPHER);
+    XFREE(ssl->decrypt.rabbit, ssl->heap, DYNAMIC_TYPE_CIPHER);
+#endif
+#ifdef HAVE_CHACHA
+    XFREE(ssl->encrypt.chacha, ssl->heap, DYNAMIC_TYPE_CIPHER);
+    XFREE(ssl->decrypt.chacha, ssl->heap, DYNAMIC_TYPE_CIPHER);
+#endif
+#ifdef HAVE_POLY1305
+    XFREE(ssl->auth.poly1305, ssl->heap, DYNAMIC_TYPE_CIPHER);
+#endif
+}
+
+
+void InitCipherSpecs(CipherSpecs* cs)
+{
+    cs->bulk_cipher_algorithm = INVALID_BYTE;
+    cs->cipher_type           = INVALID_BYTE;
+    cs->mac_algorithm         = INVALID_BYTE;
+    cs->kea                   = INVALID_BYTE;
+    cs->sig_algo              = INVALID_BYTE;
+
+    cs->hash_size   = 0;
+    cs->static_ecdh = 0;
+    cs->key_size    = 0;
+    cs->iv_size     = 0;
+    cs->block_size  = 0;
+}
+
+static void InitSuitesHashSigAlgo(Suites* suites, int haveECDSAsig,
+                                                  int haveRSAsig, int haveAnon)
+{
+    int idx = 0;
+
+    if (haveECDSAsig) {
+        #ifdef WOLFSSL_SHA384
+            suites->hashSigAlgo[idx++] = sha384_mac;
+            suites->hashSigAlgo[idx++] = ecc_dsa_sa_algo;
+        #endif
+        #ifndef NO_SHA256
+            suites->hashSigAlgo[idx++] = sha256_mac;
+            suites->hashSigAlgo[idx++] = ecc_dsa_sa_algo;
+        #endif
+        #ifndef NO_SHA
+            suites->hashSigAlgo[idx++] = sha_mac;
+            suites->hashSigAlgo[idx++] = ecc_dsa_sa_algo;
+        #endif
+    }
+
+    if (haveRSAsig) {
+        #ifdef WOLFSSL_SHA384
+            suites->hashSigAlgo[idx++] = sha384_mac;
+            suites->hashSigAlgo[idx++] = rsa_sa_algo;
+        #endif
+        #ifndef NO_SHA256
+            suites->hashSigAlgo[idx++] = sha256_mac;
+            suites->hashSigAlgo[idx++] = rsa_sa_algo;
+        #endif
+        #ifndef NO_SHA
+            suites->hashSigAlgo[idx++] = sha_mac;
+            suites->hashSigAlgo[idx++] = rsa_sa_algo;
+        #endif
+    }
+
+    if (haveAnon) {
+        #ifdef HAVE_ANON
+            suites->hashSigAlgo[idx++] = sha_mac;
+            suites->hashSigAlgo[idx++] = anonymous_sa_algo;
+        #endif
+    }
+
+    suites->hashSigAlgoSz = (word16)idx;
+}
+
+void InitSuites(Suites* suites, ProtocolVersion pv, byte haveRSA, byte havePSK,
+                byte haveDH, byte haveNTRU, byte haveECDSAsig,
+                byte haveStaticECC, int side)
+{
+    word16 idx = 0;
+    int    tls    = pv.major == SSLv3_MAJOR && pv.minor >= TLSv1_MINOR;
+    int    tls1_2 = pv.major == SSLv3_MAJOR && pv.minor >= TLSv1_2_MINOR;
+    int    haveRSAsig = 1;
+
+    (void)tls;  /* shut up compiler */
+    (void)tls1_2;
+    (void)haveDH;
+    (void)havePSK;
+    (void)haveNTRU;
+    (void)haveStaticECC;
+
+    if (suites == NULL) {
+        WOLFSSL_MSG("InitSuites pointer error");
+        return;
+    }
+
+    if (suites->setSuites)
+        return;      /* trust user settings, don't override */
+
+    if (side == WOLFSSL_SERVER_END && haveStaticECC) {
+        haveRSA = 0;   /* can't do RSA with ECDSA key */
+        (void)haveRSA; /* some builds won't read */
+    }
+
+    if (side == WOLFSSL_SERVER_END && haveECDSAsig) {
+        haveRSAsig = 0;     /* can't have RSA sig if signed by ECDSA */
+        (void)haveRSAsig;   /* non ecc builds won't read */
+    }
+
+#ifdef WOLFSSL_DTLS
+    if (pv.major == DTLS_MAJOR) {
+        tls    = 1;
+        tls1_2 = pv.minor <= DTLSv1_2_MINOR;
+    }
+#endif
+
+#ifdef HAVE_RENEGOTIATION_INDICATION
+    if (side == WOLFSSL_CLIENT_END) {
+        suites->suites[idx++] = 0;
+        suites->suites[idx++] = TLS_EMPTY_RENEGOTIATION_INFO_SCSV;
+    }
+#endif
+
+#ifdef BUILD_TLS_NTRU_RSA_WITH_AES_256_CBC_SHA
+    if (tls && haveNTRU && haveRSA) {
+        suites->suites[idx++] = 0;
+        suites->suites[idx++] = TLS_NTRU_RSA_WITH_AES_256_CBC_SHA;
+    }
+#endif
+
+#ifdef BUILD_TLS_NTRU_RSA_WITH_AES_128_CBC_SHA
+    if (tls && haveNTRU && haveRSA) {
+        suites->suites[idx++] = 0;
+        suites->suites[idx++] = TLS_NTRU_RSA_WITH_AES_128_CBC_SHA;
+    }
+#endif
+
+#ifdef BUILD_TLS_NTRU_RSA_WITH_RC4_128_SHA
+    if (tls && haveNTRU && haveRSA) {
+        suites->suites[idx++] = 0;
+        suites->suites[idx++] = TLS_NTRU_RSA_WITH_RC4_128_SHA;
+    }
+#endif
+
+#ifdef BUILD_TLS_NTRU_RSA_WITH_3DES_EDE_CBC_SHA
+    if (tls && haveNTRU && haveRSA) {
+        suites->suites[idx++] = 0;
+        suites->suites[idx++] = TLS_NTRU_RSA_WITH_3DES_EDE_CBC_SHA;
+    }
+#endif
+
+#ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
+    if (tls1_2 && haveRSAsig) {
+        suites->suites[idx++] = ECC_BYTE;
+        suites->suites[idx++] = TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256;
+    }
+#endif
+
+#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
+    if (tls1_2 && haveECDSAsig) {
+        suites->suites[idx++] = ECC_BYTE;
+        suites->suites[idx++] = TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256;
+    }
+#endif
+
+#ifdef BUILD_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
+    if (tls1_2 && haveRSAsig && haveStaticECC) {
+        suites->suites[idx++] = ECC_BYTE;
+        suites->suites[idx++] = TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256;
+    }
+#endif
+
+#ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
+    if (tls1_2 && haveECDSAsig && haveStaticECC) {
+        suites->suites[idx++] = ECC_BYTE;
+        suites->suites[idx++] = TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256;
+    }
+#endif
+
+#ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
+    if (tls1_2 && haveRSAsig) {
+        suites->suites[idx++] = ECC_BYTE;
+        suites->suites[idx++] = TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384;
+    }
+#endif
+
+#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
+    if (tls1_2 && haveECDSAsig) {
+        suites->suites[idx++] = ECC_BYTE;
+        suites->suites[idx++] = TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384;
+    }
+#endif
+
+#ifdef BUILD_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
+    if (tls1_2 && haveRSAsig && haveStaticECC) {
+        suites->suites[idx++] = ECC_BYTE;
+        suites->suites[idx++] = TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384;
+    }
+#endif
+
+#ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
+    if (tls1_2 && haveECDSAsig && haveStaticECC) {
+        suites->suites[idx++] = ECC_BYTE;
+        suites->suites[idx++] = TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384;
+    }
+#endif
+
+#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
+    if (tls1_2 && haveECDSAsig) {
+        suites->suites[idx++] = ECC_BYTE;
+        suites->suites[idx++] = TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384;
+    }
+#endif
+
+#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
+    if (tls && haveECDSAsig) {
+        suites->suites[idx++] = ECC_BYTE;
+        suites->suites[idx++] = TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA;
+    }
+#endif
+
+#ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
+    if (tls1_2 && haveECDSAsig && haveStaticECC) {
+        suites->suites[idx++] = ECC_BYTE;
+        suites->suites[idx++] = TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384;
+    }
+#endif
+
+#ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
+    if (tls && haveECDSAsig && haveStaticECC) {
+        suites->suites[idx++] = ECC_BYTE;
+        suites->suites[idx++] = TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA;
+    }
+#endif
+
+#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
+    if (tls1_2 && haveECDSAsig) {
+        suites->suites[idx++] = ECC_BYTE;
+        suites->suites[idx++] = TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256;
+    }
+#endif
+
+#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
+    if (tls && haveECDSAsig) {
+        suites->suites[idx++] = ECC_BYTE;
+        suites->suites[idx++] = TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA;
+    }
+#endif
+
+#ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256
+    if (tls1_2 && haveECDSAsig && haveStaticECC) {
+        suites->suites[idx++] = ECC_BYTE;
+        suites->suites[idx++] = TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256;
+    }
+#endif
+
+#ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
+    if (tls && haveECDSAsig && haveStaticECC) {
+        suites->suites[idx++] = ECC_BYTE;
+        suites->suites[idx++] = TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA;
+    }
+#endif
+
+#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
+    if (tls && haveECDSAsig) {
+        suites->suites[idx++] = ECC_BYTE;
+        suites->suites[idx++] = TLS_ECDHE_ECDSA_WITH_RC4_128_SHA;
+    }
+#endif
+
+#ifdef BUILD_TLS_ECDH_ECDSA_WITH_RC4_128_SHA
+    if (tls && haveECDSAsig && haveStaticECC) {
+        suites->suites[idx++] = ECC_BYTE;
+        suites->suites[idx++] = TLS_ECDH_ECDSA_WITH_RC4_128_SHA;
+    }
+#endif
+
+#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
+    if (tls && haveECDSAsig) {
+        suites->suites[idx++] = ECC_BYTE;
+        suites->suites[idx++] = TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA;
+    }
+#endif
+
+#ifdef BUILD_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
+    if (tls && haveECDSAsig && haveStaticECC) {
+        suites->suites[idx++] = ECC_BYTE;
+        suites->suites[idx++] = TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA;
+    }
+#endif
+
+#ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
+    if (tls1_2 && haveRSA) {
+        suites->suites[idx++] = ECC_BYTE;
+        suites->suites[idx++] = TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384;
+    }
+#endif
+
+#ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
+    if (tls && haveRSA) {
+        suites->suites[idx++] = ECC_BYTE;
+        suites->suites[idx++] = TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA;
+    }
+#endif
+
+#ifdef BUILD_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
+    if (tls1_2 && haveRSAsig && haveStaticECC) {
+        suites->suites[idx++] = ECC_BYTE;
+        suites->suites[idx++] = TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384;
+    }
+#endif
+
+#ifdef BUILD_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
+    if (tls && haveRSAsig && haveStaticECC) {
+        suites->suites[idx++] = ECC_BYTE;
+        suites->suites[idx++] = TLS_ECDH_RSA_WITH_AES_256_CBC_SHA;
+    }
+#endif
+
+#ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
+    if (tls1_2 && haveRSA) {
+        suites->suites[idx++] = ECC_BYTE;
+        suites->suites[idx++] = TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256;
+    }
+#endif
+
+#ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
+    if (tls && haveRSA) {
+        suites->suites[idx++] = ECC_BYTE;
+        suites->suites[idx++] = TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA;
+    }
+#endif
+
+#ifdef BUILD_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
+    if (tls1_2 && haveRSAsig && haveStaticECC) {
+        suites->suites[idx++] = ECC_BYTE;
+        suites->suites[idx++] = TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256;
+    }
+#endif
+
+#ifdef BUILD_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
+    if (tls && haveRSAsig && haveStaticECC) {
+        suites->suites[idx++] = ECC_BYTE;
+        suites->suites[idx++] = TLS_ECDH_RSA_WITH_AES_128_CBC_SHA;
+    }
+#endif
+
+#ifdef BUILD_TLS_ECDHE_RSA_WITH_RC4_128_SHA
+    if (tls && haveRSA) {
+        suites->suites[idx++] = ECC_BYTE;
+        suites->suites[idx++] = TLS_ECDHE_RSA_WITH_RC4_128_SHA;
+    }
+#endif
+
+#ifdef BUILD_TLS_ECDH_RSA_WITH_RC4_128_SHA
+    if (tls && haveRSAsig && haveStaticECC) {
+        suites->suites[idx++] = ECC_BYTE;
+        suites->suites[idx++] = TLS_ECDH_RSA_WITH_RC4_128_SHA;
+    }
+#endif
+
+#ifdef BUILD_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
+    if (tls && haveRSA) {
+        suites->suites[idx++] = ECC_BYTE;
+        suites->suites[idx++] = TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA;
+    }
+#endif
+
+#ifdef BUILD_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
+    if (tls && haveRSA) {
+        suites->suites[idx++] = CHACHA_BYTE;
+        suites->suites[idx++] = TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256;
+    }
+#endif
+
+#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
+    if (tls1_2 && haveECDSAsig) {
+        suites->suites[idx++] = CHACHA_BYTE;
+        suites->suites[idx++] = TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256;
+    }
+#endif
+
+#ifdef BUILD_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256
+    if (tls && haveRSA) {
+        suites->suites[idx++] = CHACHA_BYTE;
+        suites->suites[idx++] = TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256;
+    }
+#endif
+
+#ifdef BUILD_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
+    if (tls && haveRSAsig && haveStaticECC) {
+        suites->suites[idx++] = ECC_BYTE;
+        suites->suites[idx++] = TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA;
+    }
+#endif
+
+#ifdef BUILD_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
+    if (tls1_2 && haveDH && haveRSA) {
+        suites->suites[idx++] = 0;
+        suites->suites[idx++] = TLS_DHE_RSA_WITH_AES_256_GCM_SHA384;
+    }
+#endif
+
+#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8
+    if (tls1_2 && haveECDSAsig) {
+        suites->suites[idx++] = ECC_BYTE;
+        suites->suites[idx++] = TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8;
+    }
+#endif
+
+#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8
+    if (tls1_2 && haveECDSAsig) {
+        suites->suites[idx++] = ECC_BYTE;
+        suites->suites[idx++] = TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8;
+    }
+#endif
+
+#ifdef BUILD_TLS_RSA_WITH_AES_128_CCM_8
+    if (tls1_2 && haveRSA) {
+        suites->suites[idx++] = ECC_BYTE;
+        suites->suites[idx++] = TLS_RSA_WITH_AES_128_CCM_8;
+    }
+#endif
+
+#ifdef BUILD_TLS_RSA_WITH_AES_256_CCM_8
+    if (tls1_2 && haveRSA) {
+        suites->suites[idx++] = ECC_BYTE;
+        suites->suites[idx++] = TLS_RSA_WITH_AES_256_CCM_8;
+    }
+#endif
+
+#ifdef BUILD_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
+    if (tls1_2 && haveDH && haveRSA) {
+        suites->suites[idx++] = 0;
+        suites->suites[idx++] = TLS_DHE_RSA_WITH_AES_256_CBC_SHA256;
+    }
+#endif
+
+#ifdef BUILD_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
+    if (tls1_2 && haveDH && haveRSA) {
+        suites->suites[idx++] = 0;
+        suites->suites[idx++] = TLS_DHE_RSA_WITH_AES_128_GCM_SHA256;
+    }
+#endif
+
+#ifdef BUILD_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
+    if (tls1_2 && haveDH && haveRSA) {
+        suites->suites[idx++] = 0;
+        suites->suites[idx++] = TLS_DHE_RSA_WITH_AES_128_CBC_SHA256;
+    }
+#endif
+
+#ifdef BUILD_TLS_DHE_RSA_WITH_AES_256_CBC_SHA
+    if (tls && haveDH && haveRSA) {
+        suites->suites[idx++] = 0;
+        suites->suites[idx++] = TLS_DHE_RSA_WITH_AES_256_CBC_SHA;
+    }
+#endif
+
+#ifdef BUILD_TLS_DHE_RSA_WITH_AES_128_CBC_SHA
+    if (tls && haveDH && haveRSA) {
+        suites->suites[idx++] = 0;
+        suites->suites[idx++] = TLS_DHE_RSA_WITH_AES_128_CBC_SHA;
+    }
+#endif
+
+#ifdef BUILD_TLS_RSA_WITH_AES_256_GCM_SHA384
+    if (tls1_2 && haveRSA) {
+        suites->suites[idx++] = 0;
+        suites->suites[idx++] = TLS_RSA_WITH_AES_256_GCM_SHA384;
+    }
+#endif
+
+#ifdef BUILD_TLS_RSA_WITH_AES_256_CBC_SHA256
+    if (tls1_2 && haveRSA) {
+        suites->suites[idx++] = 0;
+        suites->suites[idx++] = TLS_RSA_WITH_AES_256_CBC_SHA256;
+    }
+#endif
+
+#ifdef BUILD_TLS_RSA_WITH_AES_128_GCM_SHA256
+    if (tls1_2 && haveRSA) {
+        suites->suites[idx++] = 0;
+        suites->suites[idx++] = TLS_RSA_WITH_AES_128_GCM_SHA256;
+    }
+#endif
+
+#ifdef BUILD_TLS_RSA_WITH_AES_128_CBC_SHA256
+    if (tls1_2 && haveRSA) {
+        suites->suites[idx++] = 0;
+        suites->suites[idx++] = TLS_RSA_WITH_AES_128_CBC_SHA256;
+    }
+#endif
+
+#ifdef BUILD_TLS_RSA_WITH_AES_256_CBC_SHA
+    if (tls && haveRSA) {
+        suites->suites[idx++] = 0;
+        suites->suites[idx++] = TLS_RSA_WITH_AES_256_CBC_SHA;
+    }
+#endif
+
+#ifdef BUILD_TLS_RSA_WITH_AES_128_CBC_SHA
+    if (tls && haveRSA) {
+        suites->suites[idx++] = 0;
+        suites->suites[idx++] = TLS_RSA_WITH_AES_128_CBC_SHA;
+    }
+#endif
+
+#ifdef BUILD_TLS_RSA_WITH_NULL_SHA
+    if (tls && haveRSA) {
+        suites->suites[idx++] = 0;
+        suites->suites[idx++] = TLS_RSA_WITH_NULL_SHA;
+    }
+#endif
+
+#ifdef BUILD_TLS_RSA_WITH_NULL_SHA256
+    if (tls && haveRSA) {
+        suites->suites[idx++] = 0;
+        suites->suites[idx++] = TLS_RSA_WITH_NULL_SHA256;
+    }
+#endif
+
+#ifdef BUILD_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384
+    if (tls1_2 && haveDH && havePSK) {
+        suites->suites[idx++] = 0;
+        suites->suites[idx++] = TLS_DHE_PSK_WITH_AES_256_GCM_SHA384;
+    }
+#endif
+
+#ifdef BUILD_TLS_PSK_WITH_AES_256_GCM_SHA384
+    if (tls1_2 && havePSK) {
+        suites->suites[idx++] = 0;
+        suites->suites[idx++] = TLS_PSK_WITH_AES_256_GCM_SHA384;
+    }
+#endif
+
+#ifdef BUILD_TLS_PSK_WITH_AES_256_CBC_SHA
+    if (tls && havePSK) {
+        suites->suites[idx++] = 0;
+        suites->suites[idx++] = TLS_PSK_WITH_AES_256_CBC_SHA;
+    }
+#endif
+
+#ifdef BUILD_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384
+    if (tls && haveDH && havePSK) {
+        suites->suites[idx++] = 0;
+        suites->suites[idx++] = TLS_DHE_PSK_WITH_AES_256_CBC_SHA384;
+    }
+#endif
+
+#ifdef BUILD_TLS_PSK_WITH_AES_256_CBC_SHA384
+    if (tls && havePSK) {
+        suites->suites[idx++] = 0;
+        suites->suites[idx++] = TLS_PSK_WITH_AES_256_CBC_SHA384;
+    }
+#endif
+
+#ifdef BUILD_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256
+    if (tls1_2 && haveDH && havePSK) {
+        suites->suites[idx++] = 0;
+        suites->suites[idx++] = TLS_DHE_PSK_WITH_AES_128_GCM_SHA256;
+    }
+#endif
+
+#ifdef BUILD_TLS_PSK_WITH_AES_128_GCM_SHA256
+    if (tls1_2 && havePSK) {
+        suites->suites[idx++] = 0;
+        suites->suites[idx++] = TLS_PSK_WITH_AES_128_GCM_SHA256;
+    }
+#endif
+
+#ifdef BUILD_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256
+    if (tls && haveDH && havePSK) {
+        suites->suites[idx++] = 0;
+        suites->suites[idx++] = TLS_DHE_PSK_WITH_AES_128_CBC_SHA256;
+    }
+#endif
+
+#ifdef BUILD_TLS_PSK_WITH_AES_128_CBC_SHA256
+    if (tls && havePSK) {
+        suites->suites[idx++] = 0;
+        suites->suites[idx++] = TLS_PSK_WITH_AES_128_CBC_SHA256;
+    }
+#endif
+
+#ifdef BUILD_TLS_PSK_WITH_AES_128_CBC_SHA
+    if (tls && havePSK) {
+        suites->suites[idx++] = 0;
+        suites->suites[idx++] = TLS_PSK_WITH_AES_128_CBC_SHA;
+    }
+#endif
+
+#ifdef BUILD_TLS_DHE_PSK_WITH_AES_128_CCM
+    if (tls && haveDH && havePSK) {
+        suites->suites[idx++] = ECC_BYTE;
+        suites->suites[idx++] = TLS_DHE_PSK_WITH_AES_128_CCM;
+    }
+#endif
+
+#ifdef BUILD_TLS_DHE_PSK_WITH_AES_256_CCM
+    if (tls && haveDH && havePSK) {
+        suites->suites[idx++] = ECC_BYTE;
+        suites->suites[idx++] = TLS_DHE_PSK_WITH_AES_256_CCM;
+    }
+#endif
+
+#ifdef BUILD_TLS_PSK_WITH_AES_128_CCM
+    if (tls && havePSK) {
+        suites->suites[idx++] = ECC_BYTE;
+        suites->suites[idx++] = TLS_PSK_WITH_AES_128_CCM;
+    }
+#endif
+
+#ifdef BUILD_TLS_PSK_WITH_AES_256_CCM
+    if (tls && havePSK) {
+        suites->suites[idx++] = ECC_BYTE;
+        suites->suites[idx++] = TLS_PSK_WITH_AES_256_CCM;
+    }
+#endif
+
+#ifdef BUILD_TLS_PSK_WITH_AES_128_CCM_8
+    if (tls && havePSK) {
+        suites->suites[idx++] = ECC_BYTE;
+        suites->suites[idx++] = TLS_PSK_WITH_AES_128_CCM_8;
+    }
+#endif
+
+#ifdef BUILD_TLS_PSK_WITH_AES_256_CCM_8
+    if (tls && havePSK) {
+        suites->suites[idx++] = ECC_BYTE;
+        suites->suites[idx++] = TLS_PSK_WITH_AES_256_CCM_8;
+    }
+#endif
+
+#ifdef BUILD_TLS_DHE_PSK_WITH_NULL_SHA384
+    if (tls && haveDH && havePSK) {
+        suites->suites[idx++] = 0;
+        suites->suites[idx++] = TLS_DHE_PSK_WITH_NULL_SHA384;
+    }
+#endif
+
+#ifdef BUILD_TLS_PSK_WITH_NULL_SHA384
+    if (tls && havePSK) {
+        suites->suites[idx++] = 0;
+        suites->suites[idx++] = TLS_PSK_WITH_NULL_SHA384;
+    }
+#endif
+
+#ifdef BUILD_TLS_DHE_PSK_WITH_NULL_SHA256
+    if (tls && haveDH && havePSK) {
+        suites->suites[idx++] = 0;
+        suites->suites[idx++] = TLS_DHE_PSK_WITH_NULL_SHA256;
+    }
+#endif
+
+#ifdef BUILD_TLS_PSK_WITH_NULL_SHA256
+    if (tls && havePSK) {
+        suites->suites[idx++] = 0;
+        suites->suites[idx++] = TLS_PSK_WITH_NULL_SHA256;
+    }
+#endif
+
+#ifdef BUILD_TLS_PSK_WITH_NULL_SHA
+    if (tls && havePSK) {
+        suites->suites[idx++] = 0;
+        suites->suites[idx++] = TLS_PSK_WITH_NULL_SHA;
+    }
+#endif
+
+#ifdef BUILD_SSL_RSA_WITH_RC4_128_SHA
+    if (haveRSA ) {
+        suites->suites[idx++] = 0;
+        suites->suites[idx++] = SSL_RSA_WITH_RC4_128_SHA;
+    }
+#endif
+
+#ifdef BUILD_SSL_RSA_WITH_RC4_128_MD5
+    if (haveRSA ) {
+        suites->suites[idx++] = 0;
+        suites->suites[idx++] = SSL_RSA_WITH_RC4_128_MD5;
+    }
+#endif
+
+#ifdef BUILD_SSL_RSA_WITH_3DES_EDE_CBC_SHA
+    if (haveRSA ) {
+        suites->suites[idx++] = 0;
+        suites->suites[idx++] = SSL_RSA_WITH_3DES_EDE_CBC_SHA;
+    }
+#endif
+
+#ifdef BUILD_TLS_RSA_WITH_HC_128_MD5
+    if (tls && haveRSA) {
+        suites->suites[idx++] = 0;
+        suites->suites[idx++] = TLS_RSA_WITH_HC_128_MD5;
+    }
+#endif
+
+#ifdef BUILD_TLS_RSA_WITH_HC_128_SHA
+    if (tls && haveRSA) {
+        suites->suites[idx++] = 0;
+        suites->suites[idx++] = TLS_RSA_WITH_HC_128_SHA;
+    }
+#endif
+
+#ifdef BUILD_TLS_RSA_WITH_HC_128_B2B256
+    if (tls && haveRSA) {
+        suites->suites[idx++] = 0;
+        suites->suites[idx++] = TLS_RSA_WITH_HC_128_B2B256;
+    }
+#endif
+
+#ifdef BUILD_TLS_RSA_WITH_AES_128_CBC_B2B256
+    if (tls && haveRSA) {
+        suites->suites[idx++] = 0;
+        suites->suites[idx++] = TLS_RSA_WITH_AES_128_CBC_B2B256;
+    }
+#endif
+
+#ifdef BUILD_TLS_RSA_WITH_AES_256_CBC_B2B256
+    if (tls && haveRSA) {
+        suites->suites[idx++] = 0;
+        suites->suites[idx++] = TLS_RSA_WITH_AES_256_CBC_B2B256;
+    }
+#endif
+
+#ifdef BUILD_TLS_RSA_WITH_RABBIT_SHA
+    if (tls && haveRSA) {
+        suites->suites[idx++] = 0;
+        suites->suites[idx++] = TLS_RSA_WITH_RABBIT_SHA;
+    }
+#endif
+
+#ifdef BUILD_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
+    if (tls && haveRSA) {
+        suites->suites[idx++] = 0;
+        suites->suites[idx++] = TLS_RSA_WITH_CAMELLIA_128_CBC_SHA;
+    }
+#endif
+
+#ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
+    if (tls && haveDH && haveRSA) {
+        suites->suites[idx++] = 0;
+        suites->suites[idx++] = TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA;
+    }
+#endif
+
+#ifdef BUILD_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
+    if (tls && haveRSA) {
+        suites->suites[idx++] = 0;
+        suites->suites[idx++] = TLS_RSA_WITH_CAMELLIA_256_CBC_SHA;
+    }
+#endif
+
+#ifdef BUILD_TLS_DHE_WITH_RSA_CAMELLIA_256_CBC_SHA
+    if (tls && haveDH && haveRSA) {
+        suites->suites[idx++] = 0;
+        suites->suites[idx++] = TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA;
+    }
+#endif
+
+#ifdef BUILD_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256
+    if (tls && haveRSA) {
+        suites->suites[idx++] = 0;
+        suites->suites[idx++] = TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256;
+    }
+#endif
+
+#ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
+    if (tls && haveDH && haveRSA) {
+        suites->suites[idx++] = 0;
+        suites->suites[idx++] = TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256;
+    }
+#endif
+
+#ifdef BUILD_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256
+    if (tls && haveRSA) {
+        suites->suites[idx++] = 0;
+        suites->suites[idx++] = TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256;
+    }
+#endif
+
+#ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256
+    if (tls && haveDH && haveRSA) {
+        suites->suites[idx++] = 0;
+        suites->suites[idx++] = TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256;
+    }
+#endif
+
+    suites->suiteSz = idx;
+
+    InitSuitesHashSigAlgo(suites, haveECDSAsig, haveRSAsig, 0);
+}
+
+
+#ifndef NO_CERTS
+
+
+void InitX509Name(WOLFSSL_X509_NAME* name, int dynamicFlag)
+{
+    (void)dynamicFlag;
+
+    if (name != NULL) {
+        name->name        = name->staticName;
+        name->dynamicName = 0;
+#ifdef OPENSSL_EXTRA
+        XMEMSET(&name->fullName, 0, sizeof(DecodedName));
+#endif /* OPENSSL_EXTRA */
+    }
+}
+
+
+void FreeX509Name(WOLFSSL_X509_NAME* name)
+{
+    if (name != NULL) {
+        if (name->dynamicName)
+            XFREE(name->name, NULL, DYNAMIC_TYPE_SUBJECT_CN);
+#ifdef OPENSSL_EXTRA
+        if (name->fullName.fullName != NULL)
+            XFREE(name->fullName.fullName, NULL, DYNAMIC_TYPE_X509);
+#endif /* OPENSSL_EXTRA */
+    }
+}
+
+
+/* Initialize wolfSSL X509 type */
+void InitX509(WOLFSSL_X509* x509, int dynamicFlag)
+{
+    InitX509Name(&x509->issuer, 0);
+    InitX509Name(&x509->subject, 0);
+    x509->version        = 0;
+    x509->pubKey.buffer  = NULL;
+    x509->sig.buffer     = NULL;
+    x509->derCert.buffer = NULL;
+    x509->altNames       = NULL;
+    x509->altNamesNext   = NULL;
+    x509->dynamicMemory  = (byte)dynamicFlag;
+    x509->isCa           = 0;
+#ifdef HAVE_ECC
+    x509->pkCurveOID = 0;
+#endif /* HAVE_ECC */
+#ifdef OPENSSL_EXTRA
+    x509->pathLength     = 0;
+    x509->basicConstSet  = 0;
+    x509->basicConstCrit = 0;
+    x509->basicConstPlSet = 0;
+    x509->subjAltNameSet = 0;
+    x509->subjAltNameCrit = 0;
+    x509->authKeyIdSet   = 0;
+    x509->authKeyIdCrit  = 0;
+    x509->authKeyId      = NULL;
+    x509->authKeyIdSz    = 0;
+    x509->subjKeyIdSet   = 0;
+    x509->subjKeyIdCrit  = 0;
+    x509->subjKeyId      = NULL;
+    x509->subjKeyIdSz    = 0;
+    x509->keyUsageSet    = 0;
+    x509->keyUsageCrit   = 0;
+    x509->keyUsage       = 0;
+    #ifdef WOLFSSL_SEP
+        x509->certPolicySet  = 0;
+        x509->certPolicyCrit = 0;
+    #endif /* WOLFSSL_SEP */
+#endif /* OPENSSL_EXTRA */
+}
+
+
+/* Free wolfSSL X509 type */
+void FreeX509(WOLFSSL_X509* x509)
+{
+    if (x509 == NULL)
+        return;
+
+    FreeX509Name(&x509->issuer);
+    FreeX509Name(&x509->subject);
+    if (x509->pubKey.buffer)
+        XFREE(x509->pubKey.buffer, NULL, DYNAMIC_TYPE_PUBLIC_KEY);
+    XFREE(x509->derCert.buffer, NULL, DYNAMIC_TYPE_SUBJECT_CN);
+    XFREE(x509->sig.buffer, NULL, DYNAMIC_TYPE_SIGNATURE);
+    #ifdef OPENSSL_EXTRA
+        XFREE(x509->authKeyId, NULL, 0);
+        XFREE(x509->subjKeyId, NULL, 0);
+    #endif /* OPENSSL_EXTRA */
+    if (x509->altNames)
+        FreeAltNames(x509->altNames, NULL);
+    if (x509->dynamicMemory)
+        XFREE(x509, NULL, DYNAMIC_TYPE_X509);
+}
+
+#endif /* NO_CERTS */
+
+
+/* init everything to 0, NULL, default values before calling anything that may
+   fail so that desctructor has a "good" state to cleanup */
+int InitSSL(WOLFSSL* ssl, WOLFSSL_CTX* ctx)
+{
+    int  ret;
+    byte haveRSA = 0;
+    byte havePSK = 0;
+    byte haveAnon = 0;
+
+    (void) haveAnon;
+
+    ssl->ctx     = ctx; /* only for passing to calls, options could change */
+    ssl->version = ctx->method->version;
+    ssl->suites  = NULL;
+
+#ifdef HAVE_LIBZ
+    ssl->didStreamInit = 0;
+#endif
+#ifndef NO_RSA
+    haveRSA = 1;
+#endif
+
+#ifndef NO_CERTS
+    ssl->buffers.certificate.buffer   = 0;
+    ssl->buffers.key.buffer           = 0;
+    ssl->buffers.certChain.buffer     = 0;
+#endif
+    ssl->buffers.inputBuffer.length   = 0;
+    ssl->buffers.inputBuffer.idx      = 0;
+    ssl->buffers.inputBuffer.buffer = ssl->buffers.inputBuffer.staticBuffer;
+    ssl->buffers.inputBuffer.bufferSize  = STATIC_BUFFER_LEN;
+    ssl->buffers.inputBuffer.dynamicFlag = 0;
+    ssl->buffers.inputBuffer.offset   = 0;
+    ssl->buffers.outputBuffer.length  = 0;
+    ssl->buffers.outputBuffer.idx     = 0;
+    ssl->buffers.outputBuffer.buffer = ssl->buffers.outputBuffer.staticBuffer;
+    ssl->buffers.outputBuffer.bufferSize  = STATIC_BUFFER_LEN;
+    ssl->buffers.outputBuffer.dynamicFlag = 0;
+    ssl->buffers.outputBuffer.offset      = 0;
+    ssl->buffers.domainName.buffer    = 0;
+#ifndef NO_CERTS
+    ssl->buffers.serverDH_P.buffer    = 0;
+    ssl->buffers.serverDH_G.buffer    = 0;
+    ssl->buffers.serverDH_Pub.buffer  = 0;
+    ssl->buffers.serverDH_Priv.buffer = 0;
+#endif
+    ssl->buffers.clearOutputBuffer.buffer  = 0;
+    ssl->buffers.clearOutputBuffer.length  = 0;
+    ssl->buffers.prevSent                  = 0;
+    ssl->buffers.plainSz                   = 0;
+#ifdef HAVE_PK_CALLBACKS
+    #ifdef HAVE_ECC
+        ssl->buffers.peerEccDsaKey.buffer = 0;
+        ssl->buffers.peerEccDsaKey.length = 0;
+    #endif /* HAVE_ECC */
+    #ifndef NO_RSA
+        ssl->buffers.peerRsaKey.buffer = 0;
+        ssl->buffers.peerRsaKey.length = 0;
+    #endif /* NO_RSA */
+#endif /* HAVE_PK_CALLBACKS */
+
+#ifdef KEEP_PEER_CERT
+    InitX509(&ssl->peerCert, 0);
+#endif
+
+#ifdef HAVE_ECC
+    ssl->eccTempKeySz = ctx->eccTempKeySz;
+    ssl->pkCurveOID = ctx->pkCurveOID;
+    ssl->peerEccKeyPresent = 0;
+    ssl->peerEccDsaKeyPresent = 0;
+    ssl->eccDsaKeyPresent = 0;
+    ssl->eccTempKeyPresent = 0;
+    ssl->peerEccKey = NULL;
+    ssl->peerEccDsaKey = NULL;
+    ssl->eccDsaKey = NULL;
+    ssl->eccTempKey = NULL;
+#endif
+
+    ssl->timeout = ctx->timeout;
+    ssl->rfd = -1;   /* set to invalid descriptor */
+    ssl->wfd = -1;
+    ssl->rflags = 0;    /* no user flags yet */
+    ssl->wflags = 0;    /* no user flags yet */
+    ssl->biord = 0;
+    ssl->biowr = 0;
+
+    ssl->IOCB_ReadCtx  = &ssl->rfd;  /* prevent invalid pointer access if not */
+    ssl->IOCB_WriteCtx = &ssl->wfd;  /* correctly set */
+#ifdef HAVE_NETX
+    ssl->nxCtx.nxSocket = NULL;
+    ssl->nxCtx.nxPacket = NULL;
+    ssl->nxCtx.nxOffset = 0;
+    ssl->nxCtx.nxWait   = 0;
+    ssl->IOCB_ReadCtx  = &ssl->nxCtx;  /* default NetX IO ctx, same for read */
+    ssl->IOCB_WriteCtx = &ssl->nxCtx;  /* and write */
+#endif
+#ifdef WOLFSSL_DTLS
+    ssl->IOCB_CookieCtx = NULL;      /* we don't use for default cb */
+    ssl->dtls_expected_rx = MAX_MTU;
+    ssl->keys.dtls_state.window = 0;
+    ssl->keys.dtls_state.nextEpoch = 0;
+    ssl->keys.dtls_state.nextSeq = 0;
+#endif
+
+    XMEMSET(&ssl->msgsReceived, 0, sizeof(ssl->msgsReceived));
+
+#ifndef NO_RSA
+    ssl->peerRsaKey = NULL;
+    ssl->peerRsaKeyPresent = 0;
+#endif
+    ssl->verifyCallback    = ctx->verifyCallback;
+    ssl->verifyCbCtx       = NULL;
+    ssl->options.side      = ctx->method->side;
+    ssl->options.downgrade    = ctx->method->downgrade;
+    ssl->options.minDowngrade = TLSv1_MINOR;     /* current default */
+    ssl->error = 0;
+    ssl->options.connReset = 0;
+    ssl->options.isClosed  = 0;
+    ssl->options.closeNotify  = 0;
+    ssl->options.sentNotify   = 0;
+    ssl->options.usingCompression = 0;
+    if (ssl->options.side == WOLFSSL_SERVER_END)
+        ssl->options.haveDH = ctx->haveDH;
+    else
+        ssl->options.haveDH = 0;
+    ssl->options.haveNTRU      = ctx->haveNTRU;
+    ssl->options.haveECDSAsig  = ctx->haveECDSAsig;
+    ssl->options.haveStaticECC = ctx->haveStaticECC;
+    ssl->options.havePeerCert    = 0;
+    ssl->options.havePeerVerify  = 0;
+    ssl->options.usingPSK_cipher = 0;
+    ssl->options.usingAnon_cipher = 0;
+    ssl->options.sendAlertState = 0;
+#ifndef NO_PSK
+    havePSK = ctx->havePSK;
+    ssl->options.havePSK   = ctx->havePSK;
+    ssl->options.client_psk_cb = ctx->client_psk_cb;
+    ssl->options.server_psk_cb = ctx->server_psk_cb;
+#endif /* NO_PSK */
+#ifdef HAVE_ANON
+    haveAnon = ctx->haveAnon;
+    ssl->options.haveAnon = ctx->haveAnon;
+#endif
+
+    ssl->options.serverState = NULL_STATE;
+    ssl->options.clientState = NULL_STATE;
+    ssl->options.connectState = CONNECT_BEGIN;
+    ssl->options.acceptState  = ACCEPT_BEGIN;
+    ssl->options.handShakeState  = NULL_STATE;
+    ssl->options.handShakeDone   = 0;
+    ssl->options.processReply = doProcessInit;
+
+#ifdef WOLFSSL_DTLS
+    ssl->keys.dtls_sequence_number      = 0;
+    ssl->keys.dtls_state.curSeq         = 0;
+    ssl->keys.dtls_state.nextSeq        = 0;
+    ssl->keys.dtls_handshake_number     = 0;
+    ssl->keys.dtls_expected_peer_handshake_number = 0;
+    ssl->keys.dtls_epoch                = 0;
+    ssl->keys.dtls_state.curEpoch       = 0;
+    ssl->keys.dtls_state.nextEpoch      = 0;
+    ssl->dtls_timeout_init              = DTLS_TIMEOUT_INIT;
+    ssl->dtls_timeout_max               = DTLS_TIMEOUT_MAX;
+    ssl->dtls_timeout                   = ssl->dtls_timeout_init;
+    ssl->dtls_pool                      = NULL;
+    ssl->dtls_msg_list                  = NULL;
+#endif
+    ssl->keys.encryptSz    = 0;
+    ssl->keys.padSz        = 0;
+    ssl->keys.encryptionOn = 0;     /* initially off */
+    ssl->keys.decryptedCur = 0;     /* initially off */
+    ssl->options.sessionCacheOff      = ctx->sessionCacheOff;
+    ssl->options.sessionCacheFlushOff = ctx->sessionCacheFlushOff;
+
+    ssl->options.verifyPeer = ctx->verifyPeer;
+    ssl->options.verifyNone = ctx->verifyNone;
+    ssl->options.failNoCert = ctx->failNoCert;
+    ssl->options.sendVerify = ctx->sendVerify;
+
+    ssl->options.resuming = 0;
+    ssl->options.haveSessionId = 0;
+    #ifndef NO_OLD_TLS
+        ssl->hmac = SSL_hmac; /* default to SSLv3 */
+    #else
+        ssl->hmac = TLS_hmac;
+    #endif
+    ssl->heap = ctx->heap;    /* defaults to self */
+    ssl->options.tls    = 0;
+    ssl->options.tls1_1 = 0;
+    ssl->options.dtls = ssl->version.major == DTLS_MAJOR;
+    ssl->options.partialWrite  = ctx->partialWrite;
+    ssl->options.quietShutdown = ctx->quietShutdown;
+    ssl->options.certOnly = 0;
+    ssl->options.groupMessages = ctx->groupMessages;
+    ssl->options.usingNonblock = 0;
+    ssl->options.saveArrays = 0;
+#ifdef HAVE_POLY1305
+    ssl->options.oldPoly = 0;
+#endif
+
+#ifndef NO_CERTS
+    /* ctx still owns certificate, certChain, key, dh, and cm */
+    ssl->buffers.certificate = ctx->certificate;
+    ssl->buffers.certChain = ctx->certChain;
+    ssl->buffers.key = ctx->privateKey;
+    if (ssl->options.side == WOLFSSL_SERVER_END) {
+        ssl->buffers.serverDH_P = ctx->serverDH_P;
+        ssl->buffers.serverDH_G = ctx->serverDH_G;
+    }
+#endif
+    ssl->buffers.weOwnCert      = 0;
+    ssl->buffers.weOwnCertChain = 0;
+    ssl->buffers.weOwnKey       = 0;
+    ssl->buffers.weOwnDH        = 0;
+
+#ifdef WOLFSSL_DTLS
+    ssl->buffers.dtlsCtx.fd = -1;
+    ssl->buffers.dtlsCtx.peer.sa = NULL;
+    ssl->buffers.dtlsCtx.peer.sz = 0;
+#endif
+
+#ifdef KEEP_PEER_CERT
+    ssl->peerCert.issuer.sz    = 0;
+    ssl->peerCert.subject.sz   = 0;
+#endif
+
+#ifdef SESSION_CERTS
+    ssl->session.chain.count = 0;
+#endif
+
+#ifndef NO_CLIENT_CACHE
+    ssl->session.idLen = 0;
+#endif
+
+#ifdef HAVE_SESSION_TICKET
+    ssl->session.ticketLen = 0;
+#endif
+
+    ssl->cipher.ssl = ssl;
+
+#ifdef FORTRESS
+    ssl->ex_data[0] = 0;
+    ssl->ex_data[1] = 0;
+    ssl->ex_data[2] = 0;
+#endif
+
+#ifdef WOLFSSL_CALLBACKS
+    ssl->hsInfoOn = 0;
+    ssl->toInfoOn = 0;
+#endif
+
+#ifdef HAVE_CAVIUM
+    ssl->devId = ctx->devId;
+#endif
+
+#ifdef HAVE_TLS_EXTENSIONS
+    ssl->extensions = NULL;
+#ifdef HAVE_MAX_FRAGMENT
+    ssl->max_fragment = MAX_RECORD_SIZE;
+#endif
+#ifdef HAVE_TRUNCATED_HMAC
+    ssl->truncated_hmac = 0;
+#endif
+#ifdef HAVE_SECURE_RENEGOTIATION
+    ssl->secure_renegotiation = NULL;
+#endif
+#if !defined(NO_WOLFSSL_CLIENT) && defined(HAVE_SESSION_TICKET)
+    ssl->session_ticket_cb = NULL;
+    ssl->session_ticket_ctx = NULL;
+    ssl->expect_session_ticket = 0;
+#endif
+#endif
+
+    ssl->rng    = NULL;
+    ssl->arrays = NULL;
+
+    /* default alert state (none) */
+    ssl->alert_history.last_rx.code  = -1;
+    ssl->alert_history.last_rx.level = -1;
+    ssl->alert_history.last_tx.code  = -1;
+    ssl->alert_history.last_tx.level = -1;
+
+    InitCiphers(ssl);
+    InitCipherSpecs(&ssl->specs);
+#ifdef ATOMIC_USER
+    ssl->MacEncryptCtx    = NULL;
+    ssl->DecryptVerifyCtx = NULL;
+#endif
+#ifdef HAVE_FUZZER
+    ssl->fuzzerCb         = NULL;
+    ssl->fuzzerCtx        = NULL;
+#endif
+#ifdef HAVE_PK_CALLBACKS
+    #ifdef HAVE_ECC
+        ssl->EccSignCtx   = NULL;
+        ssl->EccVerifyCtx = NULL;
+    #endif /* HAVE_ECC */
+    #ifndef NO_RSA
+        ssl->RsaSignCtx   = NULL;
+        ssl->RsaVerifyCtx = NULL;
+        ssl->RsaEncCtx    = NULL;
+        ssl->RsaDecCtx    = NULL;
+    #endif /* NO_RSA */
+#endif /* HAVE_PK_CALLBACKS */
+
+    /* all done with init, now can return errors, call other stuff */
+
+#ifndef NO_OLD_TLS
+#ifndef NO_MD5
+    wc_InitMd5(&ssl->hashMd5);
+#endif
+#ifndef NO_SHA
+    ret = wc_InitSha(&ssl->hashSha);
+    if (ret != 0) {
+        return ret;
+    }
+#endif
+#endif
+#ifndef NO_SHA256
+    ret = wc_InitSha256(&ssl->hashSha256);
+    if (ret != 0) {
+        return ret;
+    }
+#endif
+#ifdef WOLFSSL_SHA384
+    ret = wc_InitSha384(&ssl->hashSha384);
+    if (ret != 0) {
+        return ret;
+    }
+#endif
+
+    /* increment CTX reference count */
+    if (LockMutex(&ctx->countMutex) != 0) {
+        WOLFSSL_MSG("Couldn't lock CTX count mutex");
+        return BAD_MUTEX_E;
+    }
+    ctx->refCount++;
+    UnLockMutex(&ctx->countMutex);
+
+    /* arrays */
+    ssl->arrays = (Arrays*)XMALLOC(sizeof(Arrays), ssl->heap,
+                                                           DYNAMIC_TYPE_ARRAYS);
+    if (ssl->arrays == NULL) {
+        WOLFSSL_MSG("Arrays Memory error");
+        return MEMORY_E;
+    }
+    XMEMSET(ssl->arrays, 0, sizeof(Arrays));
+
+#ifndef NO_PSK
+    ssl->arrays->client_identity[0] = 0;
+    if (ctx->server_hint[0]) {   /* set in CTX */
+        XSTRNCPY(ssl->arrays->server_hint, ctx->server_hint, MAX_PSK_ID_LEN);
+        ssl->arrays->server_hint[MAX_PSK_ID_LEN - 1] = '\0';
+    }
+    else
+        ssl->arrays->server_hint[0] = 0;
+#endif /* NO_PSK */
+
+#ifdef WOLFSSL_DTLS
+    ssl->arrays->cookieSz = 0;
+#endif
+
+    /* RNG */
+    ssl->rng = (RNG*)XMALLOC(sizeof(RNG), ssl->heap, DYNAMIC_TYPE_RNG);
+    if (ssl->rng == NULL) {
+        WOLFSSL_MSG("RNG Memory error");
+        return MEMORY_E;
+    }
+
+    if ( (ret = wc_InitRng(ssl->rng)) != 0) {
+        WOLFSSL_MSG("RNG Init error");
+        return ret;
+    }
+
+    /* suites */
+    ssl->suites = (Suites*)XMALLOC(sizeof(Suites), ssl->heap,
+                                   DYNAMIC_TYPE_SUITES);
+    if (ssl->suites == NULL) {
+        WOLFSSL_MSG("Suites Memory error");
+        return MEMORY_E;
+    }
+    *ssl->suites = ctx->suites;
+
+    /* peer key */
+#ifndef NO_RSA
+    ssl->peerRsaKey = (RsaKey*)XMALLOC(sizeof(RsaKey), ssl->heap,
+                                       DYNAMIC_TYPE_RSA);
+    if (ssl->peerRsaKey == NULL) {
+        WOLFSSL_MSG("PeerRsaKey Memory error");
+        return MEMORY_E;
+    }
+    ret = wc_InitRsaKey(ssl->peerRsaKey, ctx->heap);
+    if (ret != 0) return ret;
+#endif
+#ifndef NO_CERTS
+    /* make sure server has cert and key unless using PSK or Anon */
+    if (ssl->options.side == WOLFSSL_SERVER_END && !havePSK && !haveAnon)
+        if (!ssl->buffers.certificate.buffer || !ssl->buffers.key.buffer) {
+            WOLFSSL_MSG("Server missing certificate and/or private key");
+            return NO_PRIVATE_KEY;
+        }
+#endif
+#ifdef HAVE_ECC
+    ssl->peerEccKey = (ecc_key*)XMALLOC(sizeof(ecc_key),
+                                                   ctx->heap, DYNAMIC_TYPE_ECC);
+    if (ssl->peerEccKey == NULL) {
+        WOLFSSL_MSG("PeerEccKey Memory error");
+        return MEMORY_E;
+    }
+    ssl->peerEccDsaKey = (ecc_key*)XMALLOC(sizeof(ecc_key),
+                                                   ctx->heap, DYNAMIC_TYPE_ECC);
+    if (ssl->peerEccDsaKey == NULL) {
+        WOLFSSL_MSG("PeerEccDsaKey Memory error");
+        return MEMORY_E;
+    }
+    ssl->eccDsaKey = (ecc_key*)XMALLOC(sizeof(ecc_key),
+                                                   ctx->heap, DYNAMIC_TYPE_ECC);
+    if (ssl->eccDsaKey == NULL) {
+        WOLFSSL_MSG("EccDsaKey Memory error");
+        return MEMORY_E;
+    }
+    ssl->eccTempKey = (ecc_key*)XMALLOC(sizeof(ecc_key),
+                                                   ctx->heap, DYNAMIC_TYPE_ECC);
+    if (ssl->eccTempKey == NULL) {
+        WOLFSSL_MSG("EccTempKey Memory error");
+        return MEMORY_E;
+    }
+    wc_ecc_init(ssl->peerEccKey);
+    wc_ecc_init(ssl->peerEccDsaKey);
+    wc_ecc_init(ssl->eccDsaKey);
+    wc_ecc_init(ssl->eccTempKey);
+#endif
+#ifdef HAVE_SECRET_CALLBACK
+    ssl->sessionSecretCb  = NULL;
+    ssl->sessionSecretCtx = NULL;
+#endif
+
+    /* make sure server has DH parms, and add PSK if there, add NTRU too */
+    if (ssl->options.side == WOLFSSL_SERVER_END)
+        InitSuites(ssl->suites, ssl->version, haveRSA, havePSK,
+                   ssl->options.haveDH, ssl->options.haveNTRU,
+                   ssl->options.haveECDSAsig, ssl->options.haveStaticECC,
+                   ssl->options.side);
+    else
+        InitSuites(ssl->suites, ssl->version, haveRSA, havePSK, TRUE,
+                   ssl->options.haveNTRU, ssl->options.haveECDSAsig,
+                   ssl->options.haveStaticECC, ssl->options.side);
+
+    return 0;
+}
+
+
+/* free use of temporary arrays */
+void FreeArrays(WOLFSSL* ssl, int keep)
+{
+    if (ssl->arrays && keep) {
+        /* keeps session id for user retrieval */
+        XMEMCPY(ssl->session.sessionID, ssl->arrays->sessionID, ID_LEN);
+        ssl->session.sessionIDSz = ssl->arrays->sessionIDSz;
+    }
+    XFREE(ssl->arrays, ssl->heap, DYNAMIC_TYPE_ARRAYS);
+    ssl->arrays = NULL;
+}
+
+
+/* In case holding SSL object in array and don't want to free actual ssl */
+void SSL_ResourceFree(WOLFSSL* ssl)
+{
+    /* Note: any resources used during the handshake should be released in the
+     * function FreeHandshakeResources(). Be careful with the special cases
+     * like the RNG which may optionally be kept for the whole session. (For
+     * example with the RNG, it isn't used beyond the handshake except when
+     * using stream ciphers where it is retained. */
+
+    FreeCiphers(ssl);
+    FreeArrays(ssl, 0);
+#if defined(HAVE_HASHDRBG) || defined(NO_RC4)
+    wc_FreeRng(ssl->rng);
+#endif
+    XFREE(ssl->rng, ssl->heap, DYNAMIC_TYPE_RNG);
+    XFREE(ssl->suites, ssl->heap, DYNAMIC_TYPE_SUITES);
+    XFREE(ssl->buffers.domainName.buffer, ssl->heap, DYNAMIC_TYPE_DOMAIN);
+
+#ifndef NO_CERTS
+    XFREE(ssl->buffers.serverDH_Priv.buffer, ssl->heap, DYNAMIC_TYPE_DH);
+    XFREE(ssl->buffers.serverDH_Pub.buffer, ssl->heap, DYNAMIC_TYPE_DH);
+    /* parameters (p,g) may be owned by ctx */
+    if (ssl->buffers.weOwnDH || ssl->options.side == WOLFSSL_CLIENT_END) {
+        XFREE(ssl->buffers.serverDH_G.buffer, ssl->heap, DYNAMIC_TYPE_DH);
+        XFREE(ssl->buffers.serverDH_P.buffer, ssl->heap, DYNAMIC_TYPE_DH);
+    }
+
+    if (ssl->buffers.weOwnCert)
+        XFREE(ssl->buffers.certificate.buffer, ssl->heap, DYNAMIC_TYPE_CERT);
+    if (ssl->buffers.weOwnCertChain)
+        XFREE(ssl->buffers.certChain.buffer, ssl->heap, DYNAMIC_TYPE_CERT);
+    if (ssl->buffers.weOwnKey)
+        XFREE(ssl->buffers.key.buffer, ssl->heap, DYNAMIC_TYPE_KEY);
+#endif
+#ifndef NO_RSA
+    if (ssl->peerRsaKey) {
+        wc_FreeRsaKey(ssl->peerRsaKey);
+        XFREE(ssl->peerRsaKey, ssl->heap, DYNAMIC_TYPE_RSA);
+    }
+#endif
+    if (ssl->buffers.inputBuffer.dynamicFlag)
+        ShrinkInputBuffer(ssl, FORCED_FREE);
+    if (ssl->buffers.outputBuffer.dynamicFlag)
+        ShrinkOutputBuffer(ssl);
+#ifdef WOLFSSL_DTLS
+    if (ssl->dtls_pool != NULL) {
+        DtlsPoolReset(ssl);
+        XFREE(ssl->dtls_pool, ssl->heap, DYNAMIC_TYPE_NONE);
+    }
+    if (ssl->dtls_msg_list != NULL) {
+        DtlsMsgListDelete(ssl->dtls_msg_list, ssl->heap);
+        ssl->dtls_msg_list = NULL;
+    }
+    XFREE(ssl->buffers.dtlsCtx.peer.sa, ssl->heap, DYNAMIC_TYPE_SOCKADDR);
+    ssl->buffers.dtlsCtx.peer.sa = NULL;
+#endif
+#if defined(KEEP_PEER_CERT) || defined(GOAHEAD_WS)
+    FreeX509(&ssl->peerCert);
+#endif
+#if defined(OPENSSL_EXTRA) || defined(GOAHEAD_WS)
+    wolfSSL_BIO_free(ssl->biord);
+    if (ssl->biord != ssl->biowr)        /* in case same as write */
+        wolfSSL_BIO_free(ssl->biowr);
+#endif
+#ifdef HAVE_LIBZ
+    FreeStreams(ssl);
+#endif
+#ifdef HAVE_ECC
+    if (ssl->peerEccKey) {
+        if (ssl->peerEccKeyPresent)
+            wc_ecc_free(ssl->peerEccKey);
+        XFREE(ssl->peerEccKey, ssl->heap, DYNAMIC_TYPE_ECC);
+    }
+    if (ssl->peerEccDsaKey) {
+        if (ssl->peerEccDsaKeyPresent)
+            wc_ecc_free(ssl->peerEccDsaKey);
+        XFREE(ssl->peerEccDsaKey, ssl->heap, DYNAMIC_TYPE_ECC);
+    }
+    if (ssl->eccTempKey) {
+        if (ssl->eccTempKeyPresent)
+            wc_ecc_free(ssl->eccTempKey);
+        XFREE(ssl->eccTempKey, ssl->heap, DYNAMIC_TYPE_ECC);
+    }
+    if (ssl->eccDsaKey) {
+        if (ssl->eccDsaKeyPresent)
+            wc_ecc_free(ssl->eccDsaKey);
+        XFREE(ssl->eccDsaKey, ssl->heap, DYNAMIC_TYPE_ECC);
+    }
+#endif
+#ifdef HAVE_PK_CALLBACKS
+    #ifdef HAVE_ECC
+        XFREE(ssl->buffers.peerEccDsaKey.buffer, ssl->heap, DYNAMIC_TYPE_ECC);
+    #endif /* HAVE_ECC */
+    #ifndef NO_RSA
+        XFREE(ssl->buffers.peerRsaKey.buffer, ssl->heap, DYNAMIC_TYPE_RSA);
+    #endif /* NO_RSA */
+#endif /* HAVE_PK_CALLBACKS */
+#ifdef HAVE_TLS_EXTENSIONS
+    TLSX_FreeAll(ssl->extensions);
+#endif
+#ifdef HAVE_NETX
+    if (ssl->nxCtx.nxPacket)
+        nx_packet_release(ssl->nxCtx.nxPacket);
+#endif
+}
+
+
+/* Free any handshake resources no longer needed */
+void FreeHandshakeResources(WOLFSSL* ssl)
+{
+
+#ifdef HAVE_SECURE_RENEGOTIATION
+    if (ssl->secure_renegotiation && ssl->secure_renegotiation->enabled) {
+        WOLFSSL_MSG("Secure Renegotiation needs to retain handshake resources");
+        return;
+    }
+#endif
+
+    /* input buffer */
+    if (ssl->buffers.inputBuffer.dynamicFlag)
+        ShrinkInputBuffer(ssl, NO_FORCED_FREE);
+
+    /* suites */
+    XFREE(ssl->suites, ssl->heap, DYNAMIC_TYPE_SUITES);
+    ssl->suites = NULL;
+
+    /* RNG */
+    if (ssl->specs.cipher_type == stream || ssl->options.tls1_1 == 0) {
+#if defined(HAVE_HASHDRBG) || defined(NO_RC4)
+        wc_FreeRng(ssl->rng);
+#endif
+        XFREE(ssl->rng, ssl->heap, DYNAMIC_TYPE_RNG);
+        ssl->rng = NULL;
+    }
+
+#ifdef WOLFSSL_DTLS
+    /* DTLS_POOL */
+    if (ssl->options.dtls && ssl->dtls_pool != NULL) {
+        DtlsPoolReset(ssl);
+        XFREE(ssl->dtls_pool, ssl->heap, DYNAMIC_TYPE_DTLS_POOL);
+        ssl->dtls_pool = NULL;
+    }
+#endif
+
+    /* arrays */
+    if (ssl->options.saveArrays)
+        FreeArrays(ssl, 1);
+
+#ifndef NO_RSA
+    /* peerRsaKey */
+    if (ssl->peerRsaKey) {
+        wc_FreeRsaKey(ssl->peerRsaKey);
+        XFREE(ssl->peerRsaKey, ssl->heap, DYNAMIC_TYPE_RSA);
+        ssl->peerRsaKey = NULL;
+    }
+#endif
+
+#ifdef HAVE_ECC
+    if (ssl->peerEccKey)
+    {
+        if (ssl->peerEccKeyPresent) {
+            wc_ecc_free(ssl->peerEccKey);
+            ssl->peerEccKeyPresent = 0;
+        }
+        XFREE(ssl->peerEccKey, ssl->heap, DYNAMIC_TYPE_ECC);
+        ssl->peerEccKey = NULL;
+    }
+    if (ssl->peerEccDsaKey)
+    {
+        if (ssl->peerEccDsaKeyPresent) {
+            wc_ecc_free(ssl->peerEccDsaKey);
+            ssl->peerEccDsaKeyPresent = 0;
+        }
+        XFREE(ssl->peerEccDsaKey, ssl->heap, DYNAMIC_TYPE_ECC);
+        ssl->peerEccDsaKey = NULL;
+    }
+    if (ssl->eccTempKey)
+    {
+        if (ssl->eccTempKeyPresent) {
+            wc_ecc_free(ssl->eccTempKey);
+            ssl->eccTempKeyPresent = 0;
+        }
+        XFREE(ssl->eccTempKey, ssl->heap, DYNAMIC_TYPE_ECC);
+        ssl->eccTempKey = NULL;
+    }
+    if (ssl->eccDsaKey)
+    {
+        if (ssl->eccDsaKeyPresent) {
+            wc_ecc_free(ssl->eccDsaKey);
+            ssl->eccDsaKeyPresent = 0;
+        }
+        XFREE(ssl->eccDsaKey, ssl->heap, DYNAMIC_TYPE_ECC);
+        ssl->eccDsaKey = NULL;
+    }
+#endif
+#ifdef HAVE_PK_CALLBACKS
+    #ifdef HAVE_ECC
+        XFREE(ssl->buffers.peerEccDsaKey.buffer, ssl->heap, DYNAMIC_TYPE_ECC);
+        ssl->buffers.peerEccDsaKey.buffer = NULL;
+    #endif /* HAVE_ECC */
+    #ifndef NO_RSA
+        XFREE(ssl->buffers.peerRsaKey.buffer, ssl->heap, DYNAMIC_TYPE_RSA);
+        ssl->buffers.peerRsaKey.buffer = NULL;
+    #endif /* NO_RSA */
+#endif /* HAVE_PK_CALLBACKS */
+}
+
+
+void FreeSSL(WOLFSSL* ssl)
+{
+    FreeSSL_Ctx(ssl->ctx);  /* will decrement and free underyling CTX if 0 */
+    SSL_ResourceFree(ssl);
+    XFREE(ssl, ssl->heap, DYNAMIC_TYPE_SSL);
+}
+
+
+#ifdef WOLFSSL_DTLS
+
+int DtlsPoolInit(WOLFSSL* ssl)
+{
+    if (ssl->dtls_pool == NULL) {
+        DtlsPool *pool = (DtlsPool*)XMALLOC(sizeof(DtlsPool),
+                                             ssl->heap, DYNAMIC_TYPE_DTLS_POOL);
+        if (pool == NULL) {
+            WOLFSSL_MSG("DTLS Buffer Pool Memory error");
+            return MEMORY_E;
+        }
+        else {
+            int i;
+
+            for (i = 0; i < DTLS_POOL_SZ; i++) {
+                pool->buf[i].length = 0;
+                pool->buf[i].buffer = NULL;
+            }
+            pool->used = 0;
+            ssl->dtls_pool = pool;
+        }
+    }
+    return 0;
+}
+
+
+int DtlsPoolSave(WOLFSSL* ssl, const byte *src, int sz)
+{
+    DtlsPool *pool = ssl->dtls_pool;
+    if (pool != NULL && pool->used < DTLS_POOL_SZ) {
+        buffer *pBuf = &pool->buf[pool->used];
+        pBuf->buffer = (byte*)XMALLOC(sz, ssl->heap, DYNAMIC_TYPE_DTLS_POOL);
+        if (pBuf->buffer == NULL) {
+            WOLFSSL_MSG("DTLS Buffer Memory error");
+            return MEMORY_ERROR;
+        }
+        XMEMCPY(pBuf->buffer, src, sz);
+        pBuf->length = (word32)sz;
+        pool->used++;
+    }
+    return 0;
+}
+
+
+void DtlsPoolReset(WOLFSSL* ssl)
+{
+    DtlsPool *pool = ssl->dtls_pool;
+    if (pool != NULL) {
+        buffer *pBuf;
+        int i, used;
+
+        used = pool->used;
+        for (i = 0, pBuf = &pool->buf[0]; i < used; i++, pBuf++) {
+            XFREE(pBuf->buffer, ssl->heap, DYNAMIC_TYPE_DTLS_POOL);
+            pBuf->buffer = NULL;
+            pBuf->length = 0;
+        }
+        pool->used = 0;
+    }
+    ssl->dtls_timeout = ssl->dtls_timeout_init;
+}
+
+
+int DtlsPoolTimeout(WOLFSSL* ssl)
+{
+    int result = -1;
+    if (ssl->dtls_timeout <  ssl->dtls_timeout_max) {
+        ssl->dtls_timeout *= DTLS_TIMEOUT_MULTIPLIER;
+        result = 0;
+    }
+    return result;
+}
+
+
+int DtlsPoolSend(WOLFSSL* ssl)
+{
+    int ret;
+    DtlsPool *pool = ssl->dtls_pool;
+
+    if (pool != NULL && pool->used > 0) {
+        int i;
+        for (i = 0; i < pool->used; i++) {
+            int sendResult;
+            buffer* buf = &pool->buf[i];
+
+            DtlsRecordLayerHeader* dtls = (DtlsRecordLayerHeader*)buf->buffer;
+
+            word16 message_epoch;
+            ato16(dtls->epoch, &message_epoch);
+            if (message_epoch == ssl->keys.dtls_epoch) {
+                /* Increment record sequence number on retransmitted handshake
+                 * messages */
+                c32to48(ssl->keys.dtls_sequence_number, dtls->sequence_number);
+                ssl->keys.dtls_sequence_number++;
+            }
+            else {
+                /* The Finished message is sent with the next epoch, keep its
+                 * sequence number */
+            }
+
+            if ((ret = CheckAvailableSize(ssl, buf->length)) != 0)
+                return ret;
+
+            XMEMCPY(ssl->buffers.outputBuffer.buffer, buf->buffer, buf->length);
+            ssl->buffers.outputBuffer.idx = 0;
+            ssl->buffers.outputBuffer.length = buf->length;
+
+            sendResult = SendBuffered(ssl);
+            if (sendResult < 0) {
+                return sendResult;
+            }
+        }
+    }
+    return 0;
+}
+
+
+/* functions for managing DTLS datagram reordering */
+
+/* Need to allocate space for the handshake message header. The hashing
+ * routines assume the message pointer is still within the buffer that
+ * has the headers, and will include those headers in the hash. The store
+ * routines need to take that into account as well. New will allocate
+ * extra space for the headers. */
+DtlsMsg* DtlsMsgNew(word32 sz, void* heap)
+{
+    DtlsMsg* msg = NULL;
+
+    msg = (DtlsMsg*)XMALLOC(sizeof(DtlsMsg), heap, DYNAMIC_TYPE_DTLS_MSG);
+
+    if (msg != NULL) {
+        msg->buf = (byte*)XMALLOC(sz + DTLS_HANDSHAKE_HEADER_SZ,
+                                                     heap, DYNAMIC_TYPE_NONE);
+        if (msg->buf != NULL) {
+            msg->next = NULL;
+            msg->seq = 0;
+            msg->sz = sz;
+            msg->fragSz = 0;
+            msg->msg = msg->buf + DTLS_HANDSHAKE_HEADER_SZ;
+        }
+        else {
+            XFREE(msg, heap, DYNAMIC_TYPE_DTLS_MSG);
+            msg = NULL;
+        }
+    }
+
+    return msg;
+}
+
+void DtlsMsgDelete(DtlsMsg* item, void* heap)
+{
+    (void)heap;
+
+    if (item != NULL) {
+        if (item->buf != NULL)
+            XFREE(item->buf, heap, DYNAMIC_TYPE_NONE);
+        XFREE(item, heap, DYNAMIC_TYPE_DTLS_MSG);
+    }
+}
+
+
+void DtlsMsgListDelete(DtlsMsg* head, void* heap)
+{
+    DtlsMsg* next;
+    while (head) {
+        next = head->next;
+        DtlsMsgDelete(head, heap);
+        head = next;
+    }
+}
+
+
+void DtlsMsgSet(DtlsMsg* msg, word32 seq, const byte* data, byte type,
+                                              word32 fragOffset, word32 fragSz)
+{
+    if (msg != NULL && data != NULL && msg->fragSz <= msg->sz &&
+                     fragOffset < msg->sz && (fragOffset + fragSz) <= msg->sz) {
+
+        msg->seq = seq;
+        msg->type = type;
+        msg->fragSz += fragSz;
+        /* If fragOffset is zero, this is either a full message that is out
+         * of order, or the first fragment of a fragmented message. Copy the
+         * handshake message header as well as the message data. */
+        if (fragOffset == 0)
+            XMEMCPY(msg->buf, data - DTLS_HANDSHAKE_HEADER_SZ,
+                                            fragSz + DTLS_HANDSHAKE_HEADER_SZ);
+        else {
+            /* If fragOffet is non-zero, this is an additional fragment that
+             * needs to be copied to its location in the message buffer. Also
+             * copy the total size of the message over the fragment size. The
+             * hash routines look at a defragmented message if it had actually
+             * come across as a single handshake message. */
+            XMEMCPY(msg->msg + fragOffset, data, fragSz);
+            c32to24(msg->sz, msg->msg - DTLS_HANDSHAKE_FRAG_SZ);
+        }
+    }
+}
+
+
+DtlsMsg* DtlsMsgFind(DtlsMsg* head, word32 seq)
+{
+    while (head != NULL && head->seq != seq) {
+        head = head->next;
+    }
+    return head;
+}
+
+
+DtlsMsg* DtlsMsgStore(DtlsMsg* head, word32 seq, const byte* data,
+        word32 dataSz, byte type, word32 fragOffset, word32 fragSz, void* heap)
+{
+
+    /* See if seq exists in the list. If it isn't in the list, make
+     * a new item of size dataSz, copy fragSz bytes from data to msg->msg
+     * starting at offset fragOffset, and add fragSz to msg->fragSz. If
+     * the seq is in the list and it isn't full, copy fragSz bytes from
+     * data to msg->msg starting at offset fragOffset, and add fragSz to
+     * msg->fragSz. The new item should be inserted into the list in its
+     * proper position.
+     *
+     * 1. Find seq in list, or where seq should go in list. If seq not in
+     *    list, create new item and insert into list. Either case, keep
+     *    pointer to item.
+     * 2. If msg->fragSz + fragSz < sz, copy data to msg->msg at offset
+     *    fragOffset. Add fragSz to msg->fragSz.
+     */
+
+    if (head != NULL) {
+        DtlsMsg* cur = DtlsMsgFind(head, seq);
+        if (cur == NULL) {
+            cur = DtlsMsgNew(dataSz, heap);
+            if (cur != NULL) {
+                DtlsMsgSet(cur, seq, data, type, fragOffset, fragSz);
+                head = DtlsMsgInsert(head, cur);
+            }
+        }
+        else {
+            DtlsMsgSet(cur, seq, data, type, fragOffset, fragSz);
+        }
+    }
+    else {
+        head = DtlsMsgNew(dataSz, heap);
+        DtlsMsgSet(head, seq, data, type, fragOffset, fragSz);
+    }
+
+    return head;
+}
+
+
+/* DtlsMsgInsert() is an in-order insert. */
+DtlsMsg* DtlsMsgInsert(DtlsMsg* head, DtlsMsg* item)
+{
+    if (head == NULL || item->seq < head->seq) {
+        item->next = head;
+        head = item;
+    }
+    else if (head->next == NULL) {
+        head->next = item;
+    }
+    else {
+        DtlsMsg* cur = head->next;
+        DtlsMsg* prev = head;
+        while (cur) {
+            if (item->seq < cur->seq) {
+                item->next = cur;
+                prev->next = item;
+                break;
+            }
+            prev = cur;
+            cur = cur->next;
+        }
+        if (cur == NULL) {
+            prev->next = item;
+        }
+    }
+
+    return head;
+}
+
+#endif /* WOLFSSL_DTLS */
+
+#ifndef NO_OLD_TLS
+
+ProtocolVersion MakeSSLv3(void)
+{
+    ProtocolVersion pv;
+    pv.major = SSLv3_MAJOR;
+    pv.minor = SSLv3_MINOR;
+
+    return pv;
+}
+
+#endif /* NO_OLD_TLS */
+
+
+#ifdef WOLFSSL_DTLS
+
+ProtocolVersion MakeDTLSv1(void)
+{
+    ProtocolVersion pv;
+    pv.major = DTLS_MAJOR;
+    pv.minor = DTLS_MINOR;
+
+    return pv;
+}
+
+ProtocolVersion MakeDTLSv1_2(void)
+{
+    ProtocolVersion pv;
+    pv.major = DTLS_MAJOR;
+    pv.minor = DTLSv1_2_MINOR;
+
+    return pv;
+}
+
+#endif /* WOLFSSL_DTLS */
+
+
+
+
+#ifdef USE_WINDOWS_API
+
+    word32 LowResTimer(void)
+    {
+        static int           init = 0;
+        static LARGE_INTEGER freq;
+        LARGE_INTEGER        count;
+
+        if (!init) {
+            QueryPerformanceFrequency(&freq);
+            init = 1;
+        }
+
+        QueryPerformanceCounter(&count);
+
+        return (word32)(count.QuadPart / freq.QuadPart);
+    }
+
+#elif defined(HAVE_RTP_SYS)
+
+    #include "rtptime.h"
+
+    word32 LowResTimer(void)
+    {
+        return (word32)rtp_get_system_sec();
+    }
+
+
+#elif defined(MICRIUM)
+
+    word32 LowResTimer(void)
+    {
+        NET_SECURE_OS_TICK  clk;
+
+        #if (NET_SECURE_MGR_CFG_EN == DEF_ENABLED)
+            clk = NetSecure_OS_TimeGet();
+        #endif
+        return (word32)clk;
+    }
+
+
+#elif defined(MICROCHIP_TCPIP_V5)
+
+    word32 LowResTimer(void)
+    {
+        return (word32) TickGet();
+    }
+
+
+#elif defined(MICROCHIP_TCPIP)
+
+    #if defined(MICROCHIP_MPLAB_HARMONY)
+
+        #include 
+
+        word32 LowResTimer(void)
+        {
+            return (word32) SYS_TMR_TickCountGet();
+        }
+
+    #else
+
+        word32 LowResTimer(void)
+        {
+            return (word32) SYS_TICK_Get();
+        }
+
+    #endif
+
+#elif defined(FREESCALE_MQX)
+
+    word32 LowResTimer(void)
+    {
+        TIME_STRUCT mqxTime;
+
+        _time_get_elapsed(&mqxTime);
+
+        return (word32) mqxTime.SECONDS;
+    }
+
+#elif defined(WOLFSSL_TIRTOS)
+
+    word32 LowResTimer(void)
+    {
+        return (word32) MYTIME_gettime();
+    }
+
+#elif defined(USER_TICKS)
+#if 0
+    word32 LowResTimer(void)
+    {
+        /*
+        write your own clock tick function if don't want time(0)
+        needs second accuracy but doesn't have to correlated to EPOCH
+        */
+    }
+#endif
+#else /* !USE_WINDOWS_API && !HAVE_RTP_SYS && !MICRIUM && !USER_TICKS */
+
+    #include 
+
+    word32 LowResTimer(void)
+    {
+        return (word32)time(0);
+    }
+
+
+#endif /* USE_WINDOWS_API */
+
+
+/* add output to md5 and sha handshake hashes, exclude record header */
+static int HashOutput(WOLFSSL* ssl, const byte* output, int sz, int ivSz)
+{
+    const byte* adj = output + RECORD_HEADER_SZ + ivSz;
+    sz -= RECORD_HEADER_SZ;
+
+#ifdef HAVE_FUZZER
+    if (ssl->fuzzerCb)
+        ssl->fuzzerCb(ssl, output, sz, FUZZ_HASH, ssl->fuzzerCtx);
+#endif
+#ifdef WOLFSSL_DTLS
+    if (ssl->options.dtls) {
+        adj += DTLS_RECORD_EXTRA;
+        sz  -= DTLS_RECORD_EXTRA;
+    }
+#endif
+#ifndef NO_OLD_TLS
+#ifndef NO_SHA
+    wc_ShaUpdate(&ssl->hashSha, adj, sz);
+#endif
+#ifndef NO_MD5
+    wc_Md5Update(&ssl->hashMd5, adj, sz);
+#endif
+#endif
+
+    if (IsAtLeastTLSv1_2(ssl)) {
+        int ret;
+
+#ifndef NO_SHA256
+        ret = wc_Sha256Update(&ssl->hashSha256, adj, sz);
+        if (ret != 0)
+            return ret;
+#endif
+#ifdef WOLFSSL_SHA384
+        ret = wc_Sha384Update(&ssl->hashSha384, adj, sz);
+        if (ret != 0)
+            return ret;
+#endif
+    }
+
+    return 0;
+}
+
+
+/* add input to md5 and sha handshake hashes, include handshake header */
+static int HashInput(WOLFSSL* ssl, const byte* input, int sz)
+{
+    const byte* adj = input - HANDSHAKE_HEADER_SZ;
+    sz += HANDSHAKE_HEADER_SZ;
+
+#ifdef WOLFSSL_DTLS
+    if (ssl->options.dtls) {
+        adj -= DTLS_HANDSHAKE_EXTRA;
+        sz  += DTLS_HANDSHAKE_EXTRA;
+    }
+#endif
+
+#ifndef NO_OLD_TLS
+#ifndef NO_SHA
+    wc_ShaUpdate(&ssl->hashSha, adj, sz);
+#endif
+#ifndef NO_MD5
+    wc_Md5Update(&ssl->hashMd5, adj, sz);
+#endif
+#endif
+
+    if (IsAtLeastTLSv1_2(ssl)) {
+        int ret;
+
+#ifndef NO_SHA256
+        ret = wc_Sha256Update(&ssl->hashSha256, adj, sz);
+        if (ret != 0)
+            return ret;
+#endif
+#ifdef WOLFSSL_SHA384
+        ret = wc_Sha384Update(&ssl->hashSha384, adj, sz);
+        if (ret != 0)
+            return ret;
+#endif
+    }
+
+    return 0;
+}
+
+
+/* add record layer header for message */
+static void AddRecordHeader(byte* output, word32 length, byte type, WOLFSSL* ssl)
+{
+    RecordLayerHeader* rl;
+
+    /* record layer header */
+    rl = (RecordLayerHeader*)output;
+    rl->type    = type;
+    rl->pvMajor = ssl->version.major;       /* type and version same in each */
+    rl->pvMinor = ssl->version.minor;
+
+    if (!ssl->options.dtls)
+        c16toa((word16)length, rl->length);
+    else {
+#ifdef WOLFSSL_DTLS
+        DtlsRecordLayerHeader* dtls;
+
+        /* dtls record layer header extensions */
+        dtls = (DtlsRecordLayerHeader*)output;
+        c16toa(ssl->keys.dtls_epoch, dtls->epoch);
+        c32to48(ssl->keys.dtls_sequence_number++, dtls->sequence_number);
+        c16toa((word16)length, dtls->length);
+#endif
+    }
+}
+
+
+/* add handshake header for message */
+static void AddHandShakeHeader(byte* output, word32 length, byte type,
+                               WOLFSSL* ssl)
+{
+    HandShakeHeader* hs;
+    (void)ssl;
+
+    /* handshake header */
+    hs = (HandShakeHeader*)output;
+    hs->type = type;
+    c32to24(length, hs->length);         /* type and length same for each */
+#ifdef WOLFSSL_DTLS
+    if (ssl->options.dtls) {
+        DtlsHandShakeHeader* dtls;
+
+        /* dtls handshake header extensions */
+        dtls = (DtlsHandShakeHeader*)output;
+        c16toa(ssl->keys.dtls_handshake_number++, dtls->message_seq);
+        c32to24(0, dtls->fragment_offset);
+        c32to24(length, dtls->fragment_length);
+    }
+#endif
+}
+
+
+/* add both headers for handshake message */
+static void AddHeaders(byte* output, word32 length, byte type, WOLFSSL* ssl)
+{
+    if (!ssl->options.dtls) {
+        AddRecordHeader(output, length + HANDSHAKE_HEADER_SZ, handshake, ssl);
+        AddHandShakeHeader(output + RECORD_HEADER_SZ, length, type, ssl);
+    }
+#ifdef WOLFSSL_DTLS
+    else  {
+        AddRecordHeader(output, length+DTLS_HANDSHAKE_HEADER_SZ, handshake,ssl);
+        AddHandShakeHeader(output + DTLS_RECORD_HEADER_SZ, length, type, ssl);
+    }
+#endif
+}
+
+
+/* return bytes received, -1 on error */
+static int Receive(WOLFSSL* ssl, byte* buf, word32 sz)
+{
+    int recvd;
+
+    if (ssl->ctx->CBIORecv == NULL) {
+        WOLFSSL_MSG("Your IO Recv callback is null, please set");
+        return -1;
+    }
+
+retry:
+    recvd = ssl->ctx->CBIORecv(ssl, (char *)buf, (int)sz, ssl->IOCB_ReadCtx);
+    if (recvd < 0)
+        switch (recvd) {
+            case WOLFSSL_CBIO_ERR_GENERAL:        /* general/unknown error */
+                return -1;
+
+            case WOLFSSL_CBIO_ERR_WANT_READ:      /* want read, would block */
+                return WANT_READ;
+
+            case WOLFSSL_CBIO_ERR_CONN_RST:       /* connection reset */
+                #ifdef USE_WINDOWS_API
+                if (ssl->options.dtls) {
+                    goto retry;
+                }
+                #endif
+                ssl->options.connReset = 1;
+                return -1;
+
+            case WOLFSSL_CBIO_ERR_ISR:            /* interrupt */
+                /* see if we got our timeout */
+                #ifdef WOLFSSL_CALLBACKS
+                    if (ssl->toInfoOn) {
+                        struct itimerval timeout;
+                        getitimer(ITIMER_REAL, &timeout);
+                        if (timeout.it_value.tv_sec == 0 &&
+                                                timeout.it_value.tv_usec == 0) {
+                            XSTRNCPY(ssl->timeoutInfo.timeoutName,
+                                    "recv() timeout", MAX_TIMEOUT_NAME_SZ);
+                            WOLFSSL_MSG("Got our timeout");
+                            return WANT_READ;
+                        }
+                    }
+                #endif
+                goto retry;
+
+            case WOLFSSL_CBIO_ERR_CONN_CLOSE:     /* peer closed connection */
+                ssl->options.isClosed = 1;
+                return -1;
+
+            case WOLFSSL_CBIO_ERR_TIMEOUT:
+#ifdef WOLFSSL_DTLS
+                if (DtlsPoolTimeout(ssl) == 0 && DtlsPoolSend(ssl) == 0)
+                    goto retry;
+                else
+#endif
+                    return -1;
+
+            default:
+                return recvd;
+        }
+
+    return recvd;
+}
+
+
+/* Switch dynamic output buffer back to static, buffer is assumed clear */
+void ShrinkOutputBuffer(WOLFSSL* ssl)
+{
+    WOLFSSL_MSG("Shrinking output buffer\n");
+    XFREE(ssl->buffers.outputBuffer.buffer - ssl->buffers.outputBuffer.offset,
+          ssl->heap, DYNAMIC_TYPE_OUT_BUFFER);
+    ssl->buffers.outputBuffer.buffer = ssl->buffers.outputBuffer.staticBuffer;
+    ssl->buffers.outputBuffer.bufferSize  = STATIC_BUFFER_LEN;
+    ssl->buffers.outputBuffer.dynamicFlag = 0;
+    ssl->buffers.outputBuffer.offset      = 0;
+}
+
+
+/* Switch dynamic input buffer back to static, keep any remaining input */
+/* forced free means cleaning up */
+void ShrinkInputBuffer(WOLFSSL* ssl, int forcedFree)
+{
+    int usedLength = ssl->buffers.inputBuffer.length -
+                     ssl->buffers.inputBuffer.idx;
+    if (!forcedFree && usedLength > STATIC_BUFFER_LEN)
+        return;
+
+    WOLFSSL_MSG("Shrinking input buffer\n");
+
+    if (!forcedFree && usedLength)
+        XMEMCPY(ssl->buffers.inputBuffer.staticBuffer,
+               ssl->buffers.inputBuffer.buffer + ssl->buffers.inputBuffer.idx,
+               usedLength);
+
+    XFREE(ssl->buffers.inputBuffer.buffer - ssl->buffers.inputBuffer.offset,
+          ssl->heap, DYNAMIC_TYPE_IN_BUFFER);
+    ssl->buffers.inputBuffer.buffer = ssl->buffers.inputBuffer.staticBuffer;
+    ssl->buffers.inputBuffer.bufferSize  = STATIC_BUFFER_LEN;
+    ssl->buffers.inputBuffer.dynamicFlag = 0;
+    ssl->buffers.inputBuffer.offset      = 0;
+    ssl->buffers.inputBuffer.idx = 0;
+    ssl->buffers.inputBuffer.length = usedLength;
+}
+
+
+int SendBuffered(WOLFSSL* ssl)
+{
+    if (ssl->ctx->CBIOSend == NULL) {
+        WOLFSSL_MSG("Your IO Send callback is null, please set");
+        return SOCKET_ERROR_E;
+    }
+
+    while (ssl->buffers.outputBuffer.length > 0) {
+        int sent = ssl->ctx->CBIOSend(ssl,
+                                      (char*)ssl->buffers.outputBuffer.buffer +
+                                      ssl->buffers.outputBuffer.idx,
+                                      (int)ssl->buffers.outputBuffer.length,
+                                      ssl->IOCB_WriteCtx);
+        if (sent < 0) {
+            switch (sent) {
+
+                case WOLFSSL_CBIO_ERR_WANT_WRITE:        /* would block */
+                    return WANT_WRITE;
+
+                case WOLFSSL_CBIO_ERR_CONN_RST:          /* connection reset */
+                    ssl->options.connReset = 1;
+                    break;
+
+                case WOLFSSL_CBIO_ERR_ISR:               /* interrupt */
+                    /* see if we got our timeout */
+                    #ifdef WOLFSSL_CALLBACKS
+                        if (ssl->toInfoOn) {
+                            struct itimerval timeout;
+                            getitimer(ITIMER_REAL, &timeout);
+                            if (timeout.it_value.tv_sec == 0 &&
+                                                timeout.it_value.tv_usec == 0) {
+                                XSTRNCPY(ssl->timeoutInfo.timeoutName,
+                                        "send() timeout", MAX_TIMEOUT_NAME_SZ);
+                                WOLFSSL_MSG("Got our timeout");
+                                return WANT_WRITE;
+                            }
+                        }
+                    #endif
+                    continue;
+
+                case WOLFSSL_CBIO_ERR_CONN_CLOSE: /* epipe / conn closed */
+                    ssl->options.connReset = 1;  /* treat same as reset */
+                    break;
+
+                default:
+                    return SOCKET_ERROR_E;
+            }
+
+            return SOCKET_ERROR_E;
+        }
+
+        if (sent > (int)ssl->buffers.outputBuffer.length) {
+            WOLFSSL_MSG("SendBuffered() out of bounds read");
+            return SEND_OOB_READ_E;
+        }
+
+        ssl->buffers.outputBuffer.idx += sent;
+        ssl->buffers.outputBuffer.length -= sent;
+    }
+
+    ssl->buffers.outputBuffer.idx = 0;
+
+    if (ssl->buffers.outputBuffer.dynamicFlag)
+        ShrinkOutputBuffer(ssl);
+
+    return 0;
+}
+
+
+/* Grow the output buffer */
+static INLINE int GrowOutputBuffer(WOLFSSL* ssl, int size)
+{
+    byte* tmp;
+    byte  hdrSz = ssl->options.dtls ? DTLS_RECORD_HEADER_SZ :
+                                      RECORD_HEADER_SZ;
+    byte  align = WOLFSSL_GENERAL_ALIGNMENT;
+    /* the encrypted data will be offset from the front of the buffer by
+       the header, if the user wants encrypted alignment they need
+       to define their alignment requirement */
+
+    if (align) {
+       while (align < hdrSz)
+           align *= 2;
+    }
+
+    tmp = (byte*) XMALLOC(size + ssl->buffers.outputBuffer.length + align,
+                          ssl->heap, DYNAMIC_TYPE_OUT_BUFFER);
+    WOLFSSL_MSG("growing output buffer\n");
+
+    if (!tmp) return MEMORY_E;
+    if (align)
+        tmp += align - hdrSz;
+
+    if (ssl->buffers.outputBuffer.length)
+        XMEMCPY(tmp, ssl->buffers.outputBuffer.buffer,
+               ssl->buffers.outputBuffer.length);
+
+    if (ssl->buffers.outputBuffer.dynamicFlag)
+        XFREE(ssl->buffers.outputBuffer.buffer -
+              ssl->buffers.outputBuffer.offset, ssl->heap,
+              DYNAMIC_TYPE_OUT_BUFFER);
+    ssl->buffers.outputBuffer.dynamicFlag = 1;
+    if (align)
+        ssl->buffers.outputBuffer.offset = align - hdrSz;
+    else
+        ssl->buffers.outputBuffer.offset = 0;
+    ssl->buffers.outputBuffer.buffer = tmp;
+    ssl->buffers.outputBuffer.bufferSize = size +
+                                           ssl->buffers.outputBuffer.length;
+    return 0;
+}
+
+
+/* Grow the input buffer, should only be to read cert or big app data */
+int GrowInputBuffer(WOLFSSL* ssl, int size, int usedLength)
+{
+    byte* tmp;
+    byte  hdrSz = DTLS_RECORD_HEADER_SZ;
+    byte  align = ssl->options.dtls ? WOLFSSL_GENERAL_ALIGNMENT : 0;
+    /* the encrypted data will be offset from the front of the buffer by
+       the dtls record header, if the user wants encrypted alignment they need
+       to define their alignment requirement. in tls we read record header
+       to get size of record and put actual data back at front, so don't need */
+
+    if (align) {
+       while (align < hdrSz)
+           align *= 2;
+    }
+    tmp = (byte*) XMALLOC(size + usedLength + align, ssl->heap,
+                          DYNAMIC_TYPE_IN_BUFFER);
+    WOLFSSL_MSG("growing input buffer\n");
+
+    if (!tmp) return MEMORY_E;
+    if (align)
+        tmp += align - hdrSz;
+
+    if (usedLength)
+        XMEMCPY(tmp, ssl->buffers.inputBuffer.buffer +
+                    ssl->buffers.inputBuffer.idx, usedLength);
+
+    if (ssl->buffers.inputBuffer.dynamicFlag)
+        XFREE(ssl->buffers.inputBuffer.buffer - ssl->buffers.inputBuffer.offset,
+              ssl->heap,DYNAMIC_TYPE_IN_BUFFER);
+
+    ssl->buffers.inputBuffer.dynamicFlag = 1;
+    if (align)
+        ssl->buffers.inputBuffer.offset = align - hdrSz;
+    else
+        ssl->buffers.inputBuffer.offset = 0;
+    ssl->buffers.inputBuffer.buffer = tmp;
+    ssl->buffers.inputBuffer.bufferSize = size + usedLength;
+    ssl->buffers.inputBuffer.idx    = 0;
+    ssl->buffers.inputBuffer.length = usedLength;
+
+    return 0;
+}
+
+
+/* check available size into output buffer, make room if needed */
+int CheckAvailableSize(WOLFSSL *ssl, int size)
+{
+
+    if (size < 0) {
+        WOLFSSL_MSG("CheckAvailableSize() called with negative number");
+        return BAD_FUNC_ARG;
+    }
+
+    if (ssl->buffers.outputBuffer.bufferSize - ssl->buffers.outputBuffer.length
+                                             < (word32)size) {
+        if (GrowOutputBuffer(ssl, size) < 0)
+            return MEMORY_E;
+    }
+
+    return 0;
+}
+
+
+/* do all verify and sanity checks on record header */
+static int GetRecordHeader(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
+                           RecordLayerHeader* rh, word16 *size)
+{
+    if (!ssl->options.dtls) {
+#ifdef HAVE_FUZZER
+        if (ssl->fuzzerCb)
+            ssl->fuzzerCb(ssl, input + *inOutIdx, RECORD_HEADER_SZ, FUZZ_HEAD,
+                    ssl->fuzzerCtx);
+#endif
+        XMEMCPY(rh, input + *inOutIdx, RECORD_HEADER_SZ);
+        *inOutIdx += RECORD_HEADER_SZ;
+        ato16(rh->length, size);
+    }
+    else {
+#ifdef WOLFSSL_DTLS
+        /* type and version in same sport */
+        XMEMCPY(rh, input + *inOutIdx, ENUM_LEN + VERSION_SZ);
+        *inOutIdx += ENUM_LEN + VERSION_SZ;
+        ato16(input + *inOutIdx, &ssl->keys.dtls_state.curEpoch);
+        *inOutIdx += 4; /* advance past epoch, skip first 2 seq bytes for now */
+        ato32(input + *inOutIdx, &ssl->keys.dtls_state.curSeq);
+        *inOutIdx += 4;  /* advance past rest of seq */
+        ato16(input + *inOutIdx, size);
+        *inOutIdx += LENGTH_SZ;
+#ifdef HAVE_FUZZER
+        if (ssl->fuzzerCb)
+            ssl->fuzzerCb(ssl, input + *inOutIdx - LENGTH_SZ - 8 - ENUM_LEN -
+                           VERSION_SZ, ENUM_LEN + VERSION_SZ + 8 + LENGTH_SZ,
+                           FUZZ_HEAD, ssl->fuzzerCtx);
+#endif
+#endif
+    }
+
+    /* catch version mismatch */
+    if (rh->pvMajor != ssl->version.major || rh->pvMinor != ssl->version.minor){
+        if (ssl->options.side == WOLFSSL_SERVER_END &&
+            ssl->options.acceptState == ACCEPT_BEGIN)
+            WOLFSSL_MSG("Client attempting to connect with different version");
+        else if (ssl->options.side == WOLFSSL_CLIENT_END &&
+                                 ssl->options.downgrade &&
+                                 ssl->options.connectState < FIRST_REPLY_DONE)
+            WOLFSSL_MSG("Server attempting to accept with different version");
+        else {
+            WOLFSSL_MSG("SSL version error");
+            return VERSION_ERROR;              /* only use requested version */
+        }
+    }
+
+#ifdef WOLFSSL_DTLS
+    if (ssl->options.dtls) {
+        if (DtlsCheckWindow(&ssl->keys.dtls_state) != 1)
+            return SEQUENCE_ERROR;
+    }
+#endif
+
+    /* record layer length check */
+#ifdef HAVE_MAX_FRAGMENT
+    if (*size > (ssl->max_fragment + MAX_COMP_EXTRA + MAX_MSG_EXTRA)) {
+        SendAlert(ssl, alert_fatal, record_overflow);
+        return LENGTH_ERROR;
+    }
+#else
+    if (*size > (MAX_RECORD_SIZE + MAX_COMP_EXTRA + MAX_MSG_EXTRA))
+        return LENGTH_ERROR;
+#endif
+
+    /* verify record type here as well */
+    switch (rh->type) {
+        case handshake:
+        case change_cipher_spec:
+        case application_data:
+        case alert:
+            break;
+        case no_type:
+        default:
+            WOLFSSL_MSG("Unknown Record Type");
+            return UNKNOWN_RECORD_TYPE;
+    }
+
+    /* haven't decrypted this record yet */
+    ssl->keys.decryptedCur = 0;
+
+    return 0;
+}
+
+
+static int GetHandShakeHeader(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
+                              byte *type, word32 *size, word32 totalSz)
+{
+    const byte *ptr = input + *inOutIdx;
+    (void)ssl;
+
+    *inOutIdx += HANDSHAKE_HEADER_SZ;
+    if (*inOutIdx > totalSz)
+        return BUFFER_E;
+
+    *type = ptr[0];
+    c24to32(&ptr[1], size);
+
+    return 0;
+}
+
+
+#ifdef WOLFSSL_DTLS
+static int GetDtlsHandShakeHeader(WOLFSSL* ssl, const byte* input,
+                                  word32* inOutIdx, byte *type, word32 *size,
+                                  word32 *fragOffset, word32 *fragSz,
+                                  word32 totalSz)
+{
+    word32 idx = *inOutIdx;
+
+    *inOutIdx += HANDSHAKE_HEADER_SZ + DTLS_HANDSHAKE_EXTRA;
+    if (*inOutIdx > totalSz)
+        return BUFFER_E;
+
+    *type = input[idx++];
+    c24to32(input + idx, size);
+    idx += BYTE3_LEN;
+
+    ato16(input + idx, &ssl->keys.dtls_peer_handshake_number);
+    idx += DTLS_HANDSHAKE_SEQ_SZ;
+
+    c24to32(input + idx, fragOffset);
+    idx += DTLS_HANDSHAKE_FRAG_SZ;
+    c24to32(input + idx, fragSz);
+
+    return 0;
+}
+#endif
+
+
+#ifndef NO_OLD_TLS
+/* fill with MD5 pad size since biggest required */
+static const byte PAD1[PAD_MD5] =
+                              { 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
+                                0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
+                                0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
+                                0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
+                                0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
+                                0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36
+                              };
+static const byte PAD2[PAD_MD5] =
+                              { 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
+                                0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
+                                0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
+                                0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
+                                0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
+                                0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c
+                              };
+
+/* calculate MD5 hash for finished */
+static void BuildMD5(WOLFSSL* ssl, Hashes* hashes, const byte* sender)
+{
+    byte md5_result[MD5_DIGEST_SIZE];
+
+    /* make md5 inner */
+    wc_Md5Update(&ssl->hashMd5, sender, SIZEOF_SENDER);
+    wc_Md5Update(&ssl->hashMd5, ssl->arrays->masterSecret, SECRET_LEN);
+    wc_Md5Update(&ssl->hashMd5, PAD1, PAD_MD5);
+    wc_Md5Final(&ssl->hashMd5, md5_result);
+
+    /* make md5 outer */
+    wc_Md5Update(&ssl->hashMd5, ssl->arrays->masterSecret, SECRET_LEN);
+    wc_Md5Update(&ssl->hashMd5, PAD2, PAD_MD5);
+    wc_Md5Update(&ssl->hashMd5, md5_result, MD5_DIGEST_SIZE);
+
+    wc_Md5Final(&ssl->hashMd5, hashes->md5);
+}
+
+
+/* calculate SHA hash for finished */
+static void BuildSHA(WOLFSSL* ssl, Hashes* hashes, const byte* sender)
+{
+    byte sha_result[SHA_DIGEST_SIZE];
+
+    /* make sha inner */
+    wc_ShaUpdate(&ssl->hashSha, sender, SIZEOF_SENDER);
+    wc_ShaUpdate(&ssl->hashSha, ssl->arrays->masterSecret, SECRET_LEN);
+    wc_ShaUpdate(&ssl->hashSha, PAD1, PAD_SHA);
+    wc_ShaFinal(&ssl->hashSha, sha_result);
+
+    /* make sha outer */
+    wc_ShaUpdate(&ssl->hashSha, ssl->arrays->masterSecret, SECRET_LEN);
+    wc_ShaUpdate(&ssl->hashSha, PAD2, PAD_SHA);
+    wc_ShaUpdate(&ssl->hashSha, sha_result, SHA_DIGEST_SIZE);
+
+    wc_ShaFinal(&ssl->hashSha, hashes->sha);
+}
+#endif
+
+
+static int BuildFinished(WOLFSSL* ssl, Hashes* hashes, const byte* sender)
+{
+    int ret = 0;
+#ifdef WOLFSSL_SMALL_STACK
+    #ifndef NO_OLD_TLS
+    #ifndef NO_MD5
+        Md5* md5 = (Md5*)XMALLOC(sizeof(Md5), NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    #endif
+    #ifndef NO_SHA
+        Sha* sha = (Sha*)XMALLOC(sizeof(Sha), NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    #endif
+    #endif
+    #ifndef NO_SHA256
+        Sha256* sha256 = (Sha256*)XMALLOC(sizeof(Sha256), NULL,
+                                                       DYNAMIC_TYPE_TMP_BUFFER);
+    #endif
+    #ifdef WOLFSSL_SHA384
+        Sha384* sha384 = (Sha384*)XMALLOC(sizeof(Sha384), NULL,                                                                        DYNAMIC_TYPE_TMP_BUFFER);
+    #endif
+#else
+    #ifndef NO_OLD_TLS
+    #ifndef NO_MD5
+        Md5 md5[1];
+    #endif
+    #ifndef NO_SHA
+        Sha sha[1];
+    #endif
+    #endif
+    #ifndef NO_SHA256
+        Sha256 sha256[1];
+    #endif
+    #ifdef WOLFSSL_SHA384
+        Sha384 sha384[1];
+    #endif
+#endif
+
+#ifdef WOLFSSL_SMALL_STACK
+    if (ssl == NULL
+    #ifndef NO_OLD_TLS
+    #ifndef NO_MD5
+        || md5 == NULL
+    #endif
+    #ifndef NO_SHA
+        || sha == NULL
+    #endif
+    #endif
+    #ifndef NO_SHA256
+        || sha256 == NULL
+    #endif
+    #ifdef WOLFSSL_SHA384
+        || sha384 == NULL
+    #endif
+        ) {
+    #ifndef NO_OLD_TLS
+    #ifndef NO_MD5
+        XFREE(md5, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    #endif
+    #ifndef NO_SHA
+        XFREE(sha, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    #endif
+    #endif
+    #ifndef NO_SHA256
+        XFREE(sha256, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    #endif
+    #ifdef WOLFSSL_SHA384
+        XFREE(sha384, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    #endif
+        return MEMORY_E;
+    }
+#endif
+
+    /* store current states, building requires get_digest which resets state */
+#ifndef NO_OLD_TLS
+#ifndef NO_MD5
+    md5[0] = ssl->hashMd5;
+#endif
+#ifndef NO_SHA
+    sha[0] = ssl->hashSha;
+    #endif
+#endif
+#ifndef NO_SHA256
+    sha256[0] = ssl->hashSha256;
+#endif
+#ifdef WOLFSSL_SHA384
+    sha384[0] = ssl->hashSha384;
+#endif
+
+#ifndef NO_TLS
+    if (ssl->options.tls) {
+        ret = BuildTlsFinished(ssl, hashes, sender);
+    }
+#endif
+#ifndef NO_OLD_TLS
+    if (!ssl->options.tls) {
+        BuildMD5(ssl, hashes, sender);
+        BuildSHA(ssl, hashes, sender);
+    }
+#endif
+
+    /* restore */
+#ifndef NO_OLD_TLS
+    #ifndef NO_MD5
+        ssl->hashMd5 = md5[0];
+    #endif
+    #ifndef NO_SHA
+    ssl->hashSha = sha[0];
+    #endif
+#endif
+    if (IsAtLeastTLSv1_2(ssl)) {
+    #ifndef NO_SHA256
+        ssl->hashSha256 = sha256[0];
+    #endif
+    #ifdef WOLFSSL_SHA384
+        ssl->hashSha384 = sha384[0];
+    #endif
+    }
+
+#ifdef WOLFSSL_SMALL_STACK
+#ifndef NO_OLD_TLS
+#ifndef NO_MD5
+    XFREE(md5, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+#ifndef NO_SHA
+    XFREE(sha, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+#endif
+#ifndef NO_SHA256
+    XFREE(sha256, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+#ifdef WOLFSSL_SHA384
+    XFREE(sha384, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+#endif
+
+    return ret;
+}
+
+
+    /* cipher requirements */
+    enum {
+        REQUIRES_RSA,
+        REQUIRES_DHE,
+        REQUIRES_ECC_DSA,
+        REQUIRES_ECC_STATIC,
+        REQUIRES_PSK,
+        REQUIRES_NTRU,
+        REQUIRES_RSA_SIG
+    };
+
+
+
+    /* Does this cipher suite (first, second) have the requirement
+       an ephemeral key exchange will still require the key for signing
+       the key exchange so ECHDE_RSA requires an rsa key thus rsa_kea */
+    static int CipherRequires(byte first, byte second, int requirement)
+    {
+
+        if (first == CHACHA_BYTE) {
+
+        switch (second) {
+
+        case TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 :
+            if (requirement == REQUIRES_RSA)
+                return 1;
+            break;
+
+        case TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 :
+            if (requirement == REQUIRES_ECC_DSA)
+                return 1;
+            break;
+
+        case TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 :
+            if (requirement == REQUIRES_RSA)
+                return 1;
+            if (requirement == REQUIRES_DHE)
+                return 1;
+            break;
+            }
+        }
+
+        /* ECC extensions */
+        if (first == ECC_BYTE) {
+
+        switch (second) {
+
+#ifndef NO_RSA
+        case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA :
+            if (requirement == REQUIRES_RSA)
+                return 1;
+            break;
+
+        case TLS_ECDH_RSA_WITH_AES_128_CBC_SHA :
+            if (requirement == REQUIRES_ECC_STATIC)
+                return 1;
+            if (requirement == REQUIRES_RSA_SIG)
+                return 1;
+            break;
+
+#ifndef NO_DES3
+        case TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA :
+            if (requirement == REQUIRES_RSA)
+                return 1;
+            break;
+
+        case TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA :
+            if (requirement == REQUIRES_ECC_STATIC)
+                return 1;
+            if (requirement == REQUIRES_RSA_SIG)
+                return 1;
+            break;
+#endif
+
+#ifndef NO_RC4
+        case TLS_ECDHE_RSA_WITH_RC4_128_SHA :
+            if (requirement == REQUIRES_RSA)
+                return 1;
+            break;
+
+        case TLS_ECDH_RSA_WITH_RC4_128_SHA :
+            if (requirement == REQUIRES_ECC_STATIC)
+                return 1;
+            if (requirement == REQUIRES_RSA_SIG)
+                return 1;
+            break;
+#endif
+#endif /* NO_RSA */
+
+#ifndef NO_DES3
+        case TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA :
+            if (requirement == REQUIRES_ECC_DSA)
+                return 1;
+            break;
+
+        case TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA :
+            if (requirement == REQUIRES_ECC_STATIC)
+                return 1;
+            break;
+#endif
+#ifndef NO_RC4
+        case TLS_ECDHE_ECDSA_WITH_RC4_128_SHA :
+            if (requirement == REQUIRES_ECC_DSA)
+                return 1;
+            break;
+
+        case TLS_ECDH_ECDSA_WITH_RC4_128_SHA :
+            if (requirement == REQUIRES_ECC_STATIC)
+                return 1;
+            break;
+#endif
+#ifndef NO_RSA
+        case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA :
+            if (requirement == REQUIRES_RSA)
+                return 1;
+            break;
+
+        case TLS_ECDH_RSA_WITH_AES_256_CBC_SHA :
+            if (requirement == REQUIRES_ECC_STATIC)
+                return 1;
+            if (requirement == REQUIRES_RSA_SIG)
+                return 1;
+            break;
+#endif
+
+        case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA :
+            if (requirement == REQUIRES_ECC_DSA)
+                return 1;
+            break;
+
+        case TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA :
+            if (requirement == REQUIRES_ECC_STATIC)
+                return 1;
+            break;
+
+        case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA :
+            if (requirement == REQUIRES_ECC_DSA)
+                return 1;
+            break;
+
+        case TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA :
+            if (requirement == REQUIRES_ECC_STATIC)
+                return 1;
+            break;
+
+        case TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 :
+            if (requirement == REQUIRES_ECC_DSA)
+                return 1;
+            break;
+
+        case TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 :
+            if (requirement == REQUIRES_ECC_DSA)
+                return 1;
+            break;
+
+        case TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 :
+            if (requirement == REQUIRES_ECC_STATIC)
+                return 1;
+            break;
+
+        case TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 :
+            if (requirement == REQUIRES_ECC_STATIC)
+                return 1;
+            break;
+
+#ifndef NO_RSA
+        case TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 :
+            if (requirement == REQUIRES_RSA)
+                return 1;
+            break;
+
+        case TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 :
+            if (requirement == REQUIRES_RSA)
+                return 1;
+            break;
+
+        case TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 :
+            if (requirement == REQUIRES_ECC_STATIC)
+                return 1;
+            if (requirement == REQUIRES_RSA_SIG)
+                return 1;
+            break;
+
+        case TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 :
+            if (requirement == REQUIRES_ECC_STATIC)
+                return 1;
+            if (requirement == REQUIRES_RSA_SIG)
+                return 1;
+            break;
+
+        case TLS_RSA_WITH_AES_128_CCM_8 :
+        case TLS_RSA_WITH_AES_256_CCM_8 :
+            if (requirement == REQUIRES_RSA)
+                return 1;
+            if (requirement == REQUIRES_RSA_SIG)
+                return 1;
+            break;
+
+        case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 :
+        case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 :
+            if (requirement == REQUIRES_RSA)
+                return 1;
+            if (requirement == REQUIRES_RSA_SIG)
+                return 1;
+            break;
+
+        case TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 :
+        case TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 :
+            if (requirement == REQUIRES_RSA_SIG)
+                return 1;
+            if (requirement == REQUIRES_ECC_STATIC)
+                return 1;
+            break;
+#endif
+
+        case TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 :
+        case TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 :
+            if (requirement == REQUIRES_ECC_DSA)
+                return 1;
+            break;
+
+        case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 :
+        case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 :
+            if (requirement == REQUIRES_ECC_DSA)
+                return 1;
+            break;
+
+        case TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 :
+        case TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 :
+            if (requirement == REQUIRES_ECC_DSA)
+                return 1;
+            if (requirement == REQUIRES_ECC_STATIC)
+                return 1;
+            break;
+
+        case TLS_PSK_WITH_AES_128_CCM:
+        case TLS_PSK_WITH_AES_256_CCM:
+        case TLS_PSK_WITH_AES_128_CCM_8:
+        case TLS_PSK_WITH_AES_256_CCM_8:
+            if (requirement == REQUIRES_PSK)
+                return 1;
+            break;
+
+        case TLS_DHE_PSK_WITH_AES_128_CCM:
+        case TLS_DHE_PSK_WITH_AES_256_CCM:
+            if (requirement == REQUIRES_PSK)
+                return 1;
+            if (requirement == REQUIRES_DHE)
+                return 1;
+            break;
+
+        default:
+            WOLFSSL_MSG("Unsupported cipher suite, CipherRequires ECC");
+            return 0;
+        }   /* switch */
+        }   /* if     */
+        if (first != ECC_BYTE) {   /* normal suites */
+        switch (second) {
+
+#ifndef NO_RSA
+        case SSL_RSA_WITH_RC4_128_SHA :
+            if (requirement == REQUIRES_RSA)
+                return 1;
+            break;
+
+        case TLS_NTRU_RSA_WITH_RC4_128_SHA :
+            if (requirement == REQUIRES_NTRU)
+                return 1;
+            break;
+
+        case SSL_RSA_WITH_RC4_128_MD5 :
+            if (requirement == REQUIRES_RSA)
+                return 1;
+            break;
+
+        case SSL_RSA_WITH_3DES_EDE_CBC_SHA :
+            if (requirement == REQUIRES_RSA)
+                return 1;
+            break;
+
+        case TLS_NTRU_RSA_WITH_3DES_EDE_CBC_SHA :
+            if (requirement == REQUIRES_NTRU)
+                return 1;
+            break;
+
+        case TLS_RSA_WITH_AES_128_CBC_SHA :
+            if (requirement == REQUIRES_RSA)
+                return 1;
+            break;
+
+        case TLS_RSA_WITH_AES_128_CBC_SHA256 :
+            if (requirement == REQUIRES_RSA)
+                return 1;
+            break;
+
+        case TLS_NTRU_RSA_WITH_AES_128_CBC_SHA :
+            if (requirement == REQUIRES_NTRU)
+                return 1;
+            break;
+
+        case TLS_RSA_WITH_AES_256_CBC_SHA :
+            if (requirement == REQUIRES_RSA)
+                return 1;
+            break;
+
+        case TLS_RSA_WITH_AES_256_CBC_SHA256 :
+            if (requirement == REQUIRES_RSA)
+                return 1;
+            break;
+
+        case TLS_RSA_WITH_NULL_SHA :
+        case TLS_RSA_WITH_NULL_SHA256 :
+            if (requirement == REQUIRES_RSA)
+                return 1;
+            break;
+
+        case TLS_NTRU_RSA_WITH_AES_256_CBC_SHA :
+            if (requirement == REQUIRES_NTRU)
+                return 1;
+            break;
+#endif
+
+        case TLS_PSK_WITH_AES_128_GCM_SHA256 :
+        case TLS_PSK_WITH_AES_256_GCM_SHA384 :
+        case TLS_PSK_WITH_AES_128_CBC_SHA256 :
+        case TLS_PSK_WITH_AES_256_CBC_SHA384 :
+        case TLS_PSK_WITH_AES_128_CBC_SHA :
+        case TLS_PSK_WITH_AES_256_CBC_SHA :
+        case TLS_PSK_WITH_NULL_SHA384 :
+        case TLS_PSK_WITH_NULL_SHA256 :
+        case TLS_PSK_WITH_NULL_SHA :
+            if (requirement == REQUIRES_PSK)
+                return 1;
+            break;
+
+        case TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 :
+        case TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 :
+        case TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 :
+        case TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 :
+        case TLS_DHE_PSK_WITH_NULL_SHA384 :
+        case TLS_DHE_PSK_WITH_NULL_SHA256 :
+            if (requirement == REQUIRES_DHE)
+                return 1;
+            if (requirement == REQUIRES_PSK)
+                return 1;
+            break;
+
+#ifndef NO_RSA
+        case TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 :
+            if (requirement == REQUIRES_RSA)
+                return 1;
+            if (requirement == REQUIRES_DHE)
+                return 1;
+            break;
+
+        case TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 :
+            if (requirement == REQUIRES_RSA)
+                return 1;
+            if (requirement == REQUIRES_DHE)
+                return 1;
+            break;
+
+        case TLS_DHE_RSA_WITH_AES_128_CBC_SHA :
+            if (requirement == REQUIRES_RSA)
+                return 1;
+            if (requirement == REQUIRES_DHE)
+                return 1;
+            break;
+
+        case TLS_DHE_RSA_WITH_AES_256_CBC_SHA :
+            if (requirement == REQUIRES_RSA)
+                return 1;
+            if (requirement == REQUIRES_DHE)
+                return 1;
+            break;
+
+        case TLS_RSA_WITH_HC_128_MD5 :
+            if (requirement == REQUIRES_RSA)
+                return 1;
+            break;
+
+        case TLS_RSA_WITH_HC_128_SHA :
+            if (requirement == REQUIRES_RSA)
+                return 1;
+            break;
+
+        case TLS_RSA_WITH_HC_128_B2B256:
+            if (requirement == REQUIRES_RSA)
+                return 1;
+            break;
+
+        case TLS_RSA_WITH_AES_128_CBC_B2B256:
+        case TLS_RSA_WITH_AES_256_CBC_B2B256:
+            if (requirement == REQUIRES_RSA)
+                return 1;
+            break;
+
+        case TLS_RSA_WITH_RABBIT_SHA :
+            if (requirement == REQUIRES_RSA)
+                return 1;
+            break;
+
+        case TLS_RSA_WITH_AES_128_GCM_SHA256 :
+        case TLS_RSA_WITH_AES_256_GCM_SHA384 :
+            if (requirement == REQUIRES_RSA)
+                return 1;
+            break;
+
+        case TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 :
+        case TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 :
+            if (requirement == REQUIRES_RSA)
+                return 1;
+            if (requirement == REQUIRES_DHE)
+                return 1;
+            break;
+
+        case TLS_RSA_WITH_CAMELLIA_128_CBC_SHA :
+        case TLS_RSA_WITH_CAMELLIA_256_CBC_SHA :
+        case TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 :
+        case TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 :
+            if (requirement == REQUIRES_RSA)
+                return 1;
+            break;
+
+        case TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA :
+        case TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA :
+        case TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 :
+        case TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 :
+            if (requirement == REQUIRES_RSA)
+                return 1;
+            if (requirement == REQUIRES_RSA_SIG)
+                return 1;
+            if (requirement == REQUIRES_DHE)
+                return 1;
+            break;
+#endif
+#ifdef HAVE_ANON
+        case TLS_DH_anon_WITH_AES_128_CBC_SHA :
+            if (requirement == REQUIRES_DHE)
+                return 1;
+            break;
+#endif
+
+        default:
+            WOLFSSL_MSG("Unsupported cipher suite, CipherRequires");
+            return 0;
+        }  /* switch */
+        }  /* if ECC / Normal suites else */
+
+        return 0;
+    }
+
+
+#ifndef NO_CERTS
+
+
+/* Match names with wildcards, each wildcard can represent a single name
+   component or fragment but not mulitple names, i.e.,
+   *.z.com matches y.z.com but not x.y.z.com
+
+   return 1 on success */
+static int MatchDomainName(const char* pattern, int len, const char* str)
+{
+    char p, s;
+
+    if (pattern == NULL || str == NULL || len <= 0)
+        return 0;
+
+    while (len > 0) {
+
+        p = (char)XTOLOWER((unsigned char)*pattern++);
+        if (p == 0)
+            break;
+
+        if (p == '*') {
+            while (--len > 0 && 
+                         (p = (char)XTOLOWER((unsigned char)*pattern++)) == '*')
+                ;
+
+            if (len == 0)
+                p = '\0';
+
+            while ( (s = (char)XTOLOWER((unsigned char) *str)) != '\0') {
+                if (s == p)
+                    break;
+                if (s == '.')
+                    return 0;
+                str++;
+            }
+        }
+        else {
+            if (p != (char)XTOLOWER((unsigned char) *str))
+                return 0;
+        }
+
+        if (*str != '\0')
+            str++;
+
+        if (len > 0)
+            len--;
+    }
+
+    return *str == '\0';
+}
+
+
+/* try to find an altName match to domain, return 1 on success */
+static int CheckAltNames(DecodedCert* dCert, char* domain)
+{
+    int        match = 0;
+    DNS_entry* altName = NULL;
+
+    WOLFSSL_MSG("Checking AltNames");
+
+    if (dCert)
+        altName = dCert->altNames;
+
+    while (altName) {
+        WOLFSSL_MSG("    individual AltName check");
+
+        if (MatchDomainName(altName->name,(int)XSTRLEN(altName->name), domain)){
+            match = 1;
+            break;
+        }
+
+        altName = altName->next;
+    }
+
+    return match;
+}
+
+
+#if defined(KEEP_PEER_CERT) || defined(SESSION_CERTS)
+
+/* Copy parts X509 needs from Decoded cert, 0 on success */
+int CopyDecodedToX509(WOLFSSL_X509* x509, DecodedCert* dCert)
+{
+    int ret = 0;
+
+    if (x509 == NULL || dCert == NULL)
+        return BAD_FUNC_ARG;
+
+    x509->version = dCert->version + 1;
+
+    XSTRNCPY(x509->issuer.name, dCert->issuer, ASN_NAME_MAX);
+    x509->issuer.name[ASN_NAME_MAX - 1] = '\0';
+    x509->issuer.sz = (int)XSTRLEN(x509->issuer.name) + 1;
+#ifdef OPENSSL_EXTRA
+    if (dCert->issuerName.fullName != NULL) {
+        XMEMCPY(&x509->issuer.fullName,
+                                       &dCert->issuerName, sizeof(DecodedName));
+        x509->issuer.fullName.fullName = (char*)XMALLOC(
+                        dCert->issuerName.fullNameLen, NULL, DYNAMIC_TYPE_X509);
+        if (x509->issuer.fullName.fullName != NULL)
+            XMEMCPY(x509->issuer.fullName.fullName,
+                     dCert->issuerName.fullName, dCert->issuerName.fullNameLen);
+    }
+#endif /* OPENSSL_EXTRA */
+
+    XSTRNCPY(x509->subject.name, dCert->subject, ASN_NAME_MAX);
+    x509->subject.name[ASN_NAME_MAX - 1] = '\0';
+    x509->subject.sz = (int)XSTRLEN(x509->subject.name) + 1;
+#ifdef OPENSSL_EXTRA
+    if (dCert->subjectName.fullName != NULL) {
+        XMEMCPY(&x509->subject.fullName,
+                                      &dCert->subjectName, sizeof(DecodedName));
+        x509->subject.fullName.fullName = (char*)XMALLOC(
+                       dCert->subjectName.fullNameLen, NULL, DYNAMIC_TYPE_X509);
+        if (x509->subject.fullName.fullName != NULL)
+            XMEMCPY(x509->subject.fullName.fullName,
+                   dCert->subjectName.fullName, dCert->subjectName.fullNameLen);
+    }
+#endif /* OPENSSL_EXTRA */
+
+    XMEMCPY(x509->serial, dCert->serial, EXTERNAL_SERIAL_SIZE);
+    x509->serialSz = dCert->serialSz;
+    if (dCert->subjectCNLen < ASN_NAME_MAX) {
+        XMEMCPY(x509->subjectCN, dCert->subjectCN, dCert->subjectCNLen);
+        x509->subjectCN[dCert->subjectCNLen] = '\0';
+    }
+    else
+        x509->subjectCN[0] = '\0';
+
+#ifdef WOLFSSL_SEP
+    {
+        int minSz = min(dCert->deviceTypeSz, EXTERNAL_SERIAL_SIZE);
+        if (minSz > 0) {
+            x509->deviceTypeSz = minSz;
+            XMEMCPY(x509->deviceType, dCert->deviceType, minSz);
+        }
+        else
+            x509->deviceTypeSz = 0;
+        minSz = min(dCert->hwTypeSz, EXTERNAL_SERIAL_SIZE);
+        if (minSz != 0) {
+            x509->hwTypeSz = minSz;
+            XMEMCPY(x509->hwType, dCert->hwType, minSz);
+        }
+        else
+            x509->hwTypeSz = 0;
+        minSz = min(dCert->hwSerialNumSz, EXTERNAL_SERIAL_SIZE);
+        if (minSz != 0) {
+            x509->hwSerialNumSz = minSz;
+            XMEMCPY(x509->hwSerialNum, dCert->hwSerialNum, minSz);
+        }
+        else
+            x509->hwSerialNumSz = 0;
+    }
+#endif /* WOLFSSL_SEP */
+    {
+        int minSz = min(dCert->beforeDateLen, MAX_DATE_SZ);
+        if (minSz != 0) {
+            x509->notBeforeSz = minSz;
+            XMEMCPY(x509->notBefore, dCert->beforeDate, minSz);
+        }
+        else
+            x509->notBeforeSz = 0;
+        minSz = min(dCert->afterDateLen, MAX_DATE_SZ);
+        if (minSz != 0) {
+            x509->notAfterSz = minSz;
+            XMEMCPY(x509->notAfter, dCert->afterDate, minSz);
+        }
+        else
+            x509->notAfterSz = 0;
+    }
+
+    if (dCert->publicKey != NULL && dCert->pubKeySize != 0) {
+        x509->pubKey.buffer = (byte*)XMALLOC(
+                              dCert->pubKeySize, NULL, DYNAMIC_TYPE_PUBLIC_KEY);
+        if (x509->pubKey.buffer != NULL) {
+            x509->pubKeyOID = dCert->keyOID;
+            x509->pubKey.length = dCert->pubKeySize;
+            XMEMCPY(x509->pubKey.buffer, dCert->publicKey, dCert->pubKeySize);
+        }
+        else
+            ret = MEMORY_E;
+    }
+
+    if (dCert->signature != NULL && dCert->sigLength != 0) {
+        x509->sig.buffer = (byte*)XMALLOC(
+                                dCert->sigLength, NULL, DYNAMIC_TYPE_SIGNATURE);
+        if (x509->sig.buffer == NULL) {
+            ret = MEMORY_E;
+        }
+        else {
+            XMEMCPY(x509->sig.buffer, dCert->signature, dCert->sigLength);
+            x509->sig.length = dCert->sigLength;
+            x509->sigOID = dCert->signatureOID;
+        }
+    }
+
+    /* store cert for potential retrieval */
+    x509->derCert.buffer = (byte*)XMALLOC(dCert->maxIdx, NULL,
+                                          DYNAMIC_TYPE_CERT);
+    if (x509->derCert.buffer == NULL) {
+        ret = MEMORY_E;
+    }
+    else {
+        XMEMCPY(x509->derCert.buffer, dCert->source, dCert->maxIdx);
+        x509->derCert.length = dCert->maxIdx;
+    }
+
+    x509->altNames     = dCert->altNames;
+    dCert->altNames    = NULL;     /* takes ownership */
+    x509->altNamesNext = x509->altNames;  /* index hint */
+
+    x509->isCa = dCert->isCA;
+#ifdef OPENSSL_EXTRA
+    x509->pathLength = dCert->pathLength;
+    x509->keyUsage = dCert->extKeyUsage;
+
+    x509->basicConstSet = dCert->extBasicConstSet;
+    x509->basicConstCrit = dCert->extBasicConstCrit;
+    x509->basicConstPlSet = dCert->extBasicConstPlSet;
+    x509->subjAltNameSet = dCert->extSubjAltNameSet;
+    x509->subjAltNameCrit = dCert->extSubjAltNameCrit;
+    x509->authKeyIdSet = dCert->extAuthKeyIdSet;
+    x509->authKeyIdCrit = dCert->extAuthKeyIdCrit;
+    if (dCert->extAuthKeyIdSrc != NULL && dCert->extAuthKeyIdSz != 0) {
+        x509->authKeyId = (byte*)XMALLOC(dCert->extAuthKeyIdSz, NULL, 0);
+        if (x509->authKeyId != NULL) {
+            XMEMCPY(x509->authKeyId,
+                                 dCert->extAuthKeyIdSrc, dCert->extAuthKeyIdSz);
+            x509->authKeyIdSz = dCert->extAuthKeyIdSz;
+        }
+        else
+            ret = MEMORY_E;
+    }
+    x509->subjKeyIdSet = dCert->extSubjKeyIdSet;
+    x509->subjKeyIdCrit = dCert->extSubjKeyIdCrit;
+    if (dCert->extSubjKeyIdSrc != NULL && dCert->extSubjKeyIdSz != 0) {
+        x509->subjKeyId = (byte*)XMALLOC(dCert->extSubjKeyIdSz, NULL, 0);
+        if (x509->subjKeyId != NULL) {
+            XMEMCPY(x509->subjKeyId,
+                                 dCert->extSubjKeyIdSrc, dCert->extSubjKeyIdSz);
+            x509->subjKeyIdSz = dCert->extSubjKeyIdSz;
+        }
+        else
+            ret = MEMORY_E;
+    }
+    x509->keyUsageSet = dCert->extKeyUsageSet;
+    x509->keyUsageCrit = dCert->extKeyUsageCrit;
+    #ifdef WOLFSSL_SEP
+        x509->certPolicySet = dCert->extCertPolicySet;
+        x509->certPolicyCrit = dCert->extCertPolicyCrit;
+    #endif /* WOLFSSL_SEP */
+#endif /* OPENSSL_EXTRA */
+#ifdef HAVE_ECC
+    x509->pkCurveOID = dCert->pkCurveOID;
+#endif /* HAVE_ECC */
+
+    return ret;
+}
+
+#endif /* KEEP_PEER_CERT || SESSION_CERTS */
+
+
+static int DoCertificate(WOLFSSL* ssl, byte* input, word32* inOutIdx,
+                                                                    word32 size)
+{
+    word32 listSz;
+    word32 begin = *inOutIdx;
+    int    ret = 0;
+    int    anyError = 0;
+    int    totalCerts = 0;    /* number of certs in certs buffer */
+    int    count;
+    buffer certs[MAX_CHAIN_DEPTH];
+
+#ifdef WOLFSSL_SMALL_STACK
+    char*                  domain = NULL;
+    DecodedCert*           dCert  = NULL;
+    WOLFSSL_X509_STORE_CTX* store  = NULL;
+#else
+    char                   domain[ASN_NAME_MAX];
+    DecodedCert            dCert[1];
+    WOLFSSL_X509_STORE_CTX  store[1];
+#endif
+
+    #ifdef WOLFSSL_CALLBACKS
+        if (ssl->hsInfoOn) AddPacketName("Certificate", &ssl->handShakeInfo);
+        if (ssl->toInfoOn) AddLateName("Certificate", &ssl->timeoutInfo);
+    #endif
+
+    if ((*inOutIdx - begin) + OPAQUE24_LEN > size)
+        return BUFFER_ERROR;
+
+    c24to32(input + *inOutIdx, &listSz);
+    *inOutIdx += OPAQUE24_LEN;
+
+#ifdef HAVE_MAX_FRAGMENT
+    if (listSz > ssl->max_fragment) {
+        SendAlert(ssl, alert_fatal, record_overflow);
+        return BUFFER_E;
+    }
+#else
+    if (listSz > MAX_RECORD_SIZE)
+        return BUFFER_E;
+#endif
+
+    if ((*inOutIdx - begin) + listSz != size)
+        return BUFFER_ERROR;
+
+    WOLFSSL_MSG("Loading peer's cert chain");
+    /* first put cert chain into buffer so can verify top down
+       we're sent bottom up */
+    while (listSz) {
+        word32 certSz;
+
+        if (totalCerts >= MAX_CHAIN_DEPTH)
+            return MAX_CHAIN_ERROR;
+
+        if ((*inOutIdx - begin) + OPAQUE24_LEN > size)
+            return BUFFER_ERROR;
+
+        c24to32(input + *inOutIdx, &certSz);
+        *inOutIdx += OPAQUE24_LEN;
+
+        if ((*inOutIdx - begin) + certSz > size)
+            return BUFFER_ERROR;
+
+        certs[totalCerts].length = certSz;
+        certs[totalCerts].buffer = input + *inOutIdx;
+
+#ifdef SESSION_CERTS
+        if (ssl->session.chain.count < MAX_CHAIN_DEPTH &&
+                                       certSz < MAX_X509_SIZE) {
+            ssl->session.chain.certs[ssl->session.chain.count].length = certSz;
+            XMEMCPY(ssl->session.chain.certs[ssl->session.chain.count].buffer,
+                    input + *inOutIdx, certSz);
+            ssl->session.chain.count++;
+        } else {
+            WOLFSSL_MSG("Couldn't store chain cert for session");
+        }
+#endif
+
+        *inOutIdx += certSz;
+        listSz -= certSz + CERT_HEADER_SZ;
+
+        totalCerts++;
+        WOLFSSL_MSG("    Put another cert into chain");
+    }
+
+    count = totalCerts;
+
+#ifdef WOLFSSL_SMALL_STACK
+    dCert = (DecodedCert*)XMALLOC(sizeof(DecodedCert), NULL,
+                                                       DYNAMIC_TYPE_TMP_BUFFER);
+    if (dCert == NULL)
+        return MEMORY_E;
+#endif
+
+    /* verify up to peer's first */
+    while (count > 1) {
+        buffer myCert = certs[count - 1];
+        byte* subjectHash;
+
+        InitDecodedCert(dCert, myCert.buffer, myCert.length, ssl->heap);
+        ret = ParseCertRelative(dCert, CERT_TYPE, !ssl->options.verifyNone,
+                                ssl->ctx->cm);
+        #ifndef NO_SKID
+            subjectHash = dCert->extSubjKeyId;
+        #else
+            subjectHash = dCert->subjectHash;
+        #endif
+
+        if (ret == 0 && dCert->isCA == 0) {
+            WOLFSSL_MSG("Chain cert is not a CA, not adding as one");
+        }
+        else if (ret == 0 && ssl->options.verifyNone) {
+            WOLFSSL_MSG("Chain cert not verified by option, not adding as CA");
+        }
+        else if (ret == 0 && !AlreadySigner(ssl->ctx->cm, subjectHash)) {
+            buffer add;
+            add.length = myCert.length;
+            add.buffer = (byte*)XMALLOC(myCert.length, ssl->heap,
+                                        DYNAMIC_TYPE_CA);
+            WOLFSSL_MSG("Adding CA from chain");
+
+            if (add.buffer == NULL)
+                return MEMORY_E;
+            XMEMCPY(add.buffer, myCert.buffer, myCert.length);
+
+            ret = AddCA(ssl->ctx->cm, add, WOLFSSL_CHAIN_CA,
+                        ssl->ctx->verifyPeer);
+            if (ret == 1) ret = 0;   /* SSL_SUCCESS for external */
+        }
+        else if (ret != 0) {
+            WOLFSSL_MSG("Failed to verify CA from chain");
+        }
+        else {
+            WOLFSSL_MSG("Verified CA from chain and already had it");
+        }
+
+#ifdef HAVE_CRL
+        if (ret == 0 && ssl->ctx->cm->crlEnabled && ssl->ctx->cm->crlCheckAll) {
+            WOLFSSL_MSG("Doing Non Leaf CRL check");
+            ret = CheckCertCRL(ssl->ctx->cm->crl, dCert);
+
+            if (ret != 0) {
+                WOLFSSL_MSG("\tCRL check not ok");
+            }
+        }
+#endif /* HAVE_CRL */
+
+        if (ret != 0 && anyError == 0)
+            anyError = ret;   /* save error from last time */
+
+        FreeDecodedCert(dCert);
+        count--;
+    }
+
+    /* peer's, may not have one if blank client cert sent by TLSv1.2 */
+    if (count) {
+        buffer myCert = certs[0];
+        int    fatal  = 0;
+
+        WOLFSSL_MSG("Verifying Peer's cert");
+
+        InitDecodedCert(dCert, myCert.buffer, myCert.length, ssl->heap);
+        ret = ParseCertRelative(dCert, CERT_TYPE, !ssl->options.verifyNone,
+                                ssl->ctx->cm);
+        if (ret == 0) {
+            WOLFSSL_MSG("Verified Peer's cert");
+            fatal = 0;
+        }
+        else if (ret == ASN_PARSE_E) {
+            WOLFSSL_MSG("Got Peer cert ASN PARSE ERROR, fatal");
+            fatal = 1;
+        }
+        else {
+            WOLFSSL_MSG("Failed to verify Peer's cert");
+            if (ssl->verifyCallback) {
+                WOLFSSL_MSG("\tCallback override available, will continue");
+                fatal = 0;
+            }
+            else {
+                WOLFSSL_MSG("\tNo callback override available, fatal");
+                fatal = 1;
+            }
+        }
+
+#ifdef HAVE_SECURE_RENEGOTIATION
+        if (fatal == 0 && ssl->secure_renegotiation
+                       && ssl->secure_renegotiation->enabled) {
+
+            if (ssl->keys.encryptionOn) {
+                /* compare against previous time */
+                if (XMEMCMP(dCert->subjectHash,
+                            ssl->secure_renegotiation->subject_hash,
+                            SHA_DIGEST_SIZE) != 0) {
+                    WOLFSSL_MSG("Peer sent different cert during scr, fatal");
+                    fatal = 1;
+                    ret   = SCR_DIFFERENT_CERT_E;
+                }
+            }
+
+            /* cache peer's hash */
+            if (fatal == 0) {
+                XMEMCPY(ssl->secure_renegotiation->subject_hash,
+                        dCert->subjectHash, SHA_DIGEST_SIZE);
+            }
+        }
+#endif
+
+#ifdef HAVE_OCSP
+        if (fatal == 0 && ssl->ctx->cm->ocspEnabled) {
+            ret = CheckCertOCSP(ssl->ctx->cm->ocsp, dCert);
+            if (ret != 0) {
+                WOLFSSL_MSG("\tOCSP Lookup not ok");
+                fatal = 0;
+            }
+        }
+#endif
+
+#ifdef HAVE_CRL
+        if (fatal == 0 && ssl->ctx->cm->crlEnabled) {
+            int doCrlLookup = 1;
+
+            #ifdef HAVE_OCSP
+            if (ssl->ctx->cm->ocspEnabled) {
+                doCrlLookup = (ret == OCSP_CERT_UNKNOWN);
+            }
+            #endif /* HAVE_OCSP */
+
+            if (doCrlLookup) {
+                WOLFSSL_MSG("Doing Leaf CRL check");
+                ret = CheckCertCRL(ssl->ctx->cm->crl, dCert);
+
+                if (ret != 0) {
+                    WOLFSSL_MSG("\tCRL check not ok");
+                    fatal = 0;
+                }
+            }
+        }
+
+#endif /* HAVE_CRL */
+
+#ifdef KEEP_PEER_CERT
+        {
+        /* set X509 format for peer cert even if fatal */
+        int copyRet = CopyDecodedToX509(&ssl->peerCert, dCert);
+        if (copyRet == MEMORY_E)
+            fatal = 1;
+        }
+#endif
+
+#ifndef IGNORE_KEY_EXTENSIONS
+        if (dCert->extKeyUsageSet) {
+            if ((ssl->specs.kea == rsa_kea) &&
+                (dCert->extKeyUsage & KEYUSE_KEY_ENCIPHER) == 0) {
+                ret = KEYUSE_ENCIPHER_E;
+            }
+            if ((ssl->specs.sig_algo == rsa_sa_algo ||
+                    (ssl->specs.sig_algo == ecc_dsa_sa_algo &&
+                         !ssl->specs.static_ecdh)) &&
+                (dCert->extKeyUsage & KEYUSE_DIGITAL_SIG) == 0) {
+                WOLFSSL_MSG("KeyUse Digital Sig not set");
+                ret = KEYUSE_SIGNATURE_E;
+            }
+        }
+
+        if (dCert->extExtKeyUsageSet) {
+            if (ssl->options.side == WOLFSSL_CLIENT_END) {
+                if ((dCert->extExtKeyUsage &
+                        (EXTKEYUSE_ANY | EXTKEYUSE_SERVER_AUTH)) == 0) {
+                    WOLFSSL_MSG("ExtKeyUse Server Auth not set");
+                    ret = EXTKEYUSE_AUTH_E;
+                }
+            }
+            else {
+                if ((dCert->extExtKeyUsage &
+                        (EXTKEYUSE_ANY | EXTKEYUSE_CLIENT_AUTH)) == 0) {
+                    WOLFSSL_MSG("ExtKeyUse Client Auth not set");
+                    ret = EXTKEYUSE_AUTH_E;
+                }
+            }
+        }
+#endif /* IGNORE_KEY_EXTENSIONS */
+
+        if (fatal) {
+            FreeDecodedCert(dCert);
+        #ifdef WOLFSSL_SMALL_STACK
+            XFREE(dCert, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        #endif
+            ssl->error = ret;
+            return ret;
+        }
+        ssl->options.havePeerCert = 1;
+
+#ifdef WOLFSSL_SMALL_STACK
+        domain = (char*)XMALLOC(ASN_NAME_MAX, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        if (domain == NULL) {
+            FreeDecodedCert(dCert);
+            XFREE(dCert, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+            return MEMORY_E;
+        }
+#endif
+        /* store for callback use */
+        if (dCert->subjectCNLen < ASN_NAME_MAX) {
+            XMEMCPY(domain, dCert->subjectCN, dCert->subjectCNLen);
+            domain[dCert->subjectCNLen] = '\0';
+        }
+        else
+            domain[0] = '\0';
+
+        if (!ssl->options.verifyNone && ssl->buffers.domainName.buffer) {
+            if (MatchDomainName(dCert->subjectCN, dCert->subjectCNLen,
+                                (char*)ssl->buffers.domainName.buffer) == 0) {
+                WOLFSSL_MSG("DomainName match on common name failed");
+                if (CheckAltNames(dCert,
+                                 (char*)ssl->buffers.domainName.buffer) == 0 ) {
+                    WOLFSSL_MSG("DomainName match on alt names failed too");
+                    ret = DOMAIN_NAME_MISMATCH; /* try to get peer key still */
+                }
+            }
+        }
+
+        /* decode peer key */
+        switch (dCert->keyOID) {
+        #ifndef NO_RSA
+            case RSAk:
+                {
+                    word32 idx = 0;
+                    int    keyRet = 0;
+
+                    if (ssl->peerRsaKeyPresent) {  /* don't leak on reuse */
+                        wc_FreeRsaKey(ssl->peerRsaKey);
+                        ssl->peerRsaKeyPresent = 0;
+                        keyRet = wc_InitRsaKey(ssl->peerRsaKey, ssl->heap);
+                    }
+
+                    if (keyRet != 0 || wc_RsaPublicKeyDecode(dCert->publicKey,
+                               &idx, ssl->peerRsaKey, dCert->pubKeySize) != 0) {
+                        ret = PEER_KEY_ERROR;
+                    }
+                    else {
+                        ssl->peerRsaKeyPresent = 1;
+                        #ifdef HAVE_PK_CALLBACKS
+                            #ifndef NO_RSA
+                                ssl->buffers.peerRsaKey.buffer =
+                                       (byte*)XMALLOC(dCert->pubKeySize,
+                                               ssl->heap, DYNAMIC_TYPE_RSA);
+                                if (ssl->buffers.peerRsaKey.buffer == NULL)
+                                    ret = MEMORY_ERROR;
+                                else {
+                                    XMEMCPY(ssl->buffers.peerRsaKey.buffer,
+                                           dCert->publicKey, dCert->pubKeySize);
+                                    ssl->buffers.peerRsaKey.length =
+                                            dCert->pubKeySize;
+                                }
+                            #endif /* NO_RSA */
+                        #endif /*HAVE_PK_CALLBACKS */
+                    }
+                }
+                break;
+        #endif /* NO_RSA */
+        #ifdef HAVE_NTRU
+            case NTRUk:
+                {
+                    if (dCert->pubKeySize > sizeof(ssl->peerNtruKey)) {
+                        ret = PEER_KEY_ERROR;
+                    }
+                    else {
+                        XMEMCPY(ssl->peerNtruKey, dCert->publicKey,
+                                                             dCert->pubKeySize);
+                        ssl->peerNtruKeyLen = (word16)dCert->pubKeySize;
+                        ssl->peerNtruKeyPresent = 1;
+                    }
+                }
+                break;
+        #endif /* HAVE_NTRU */
+        #ifdef HAVE_ECC
+            case ECDSAk:
+                {
+                    if (ssl->peerEccDsaKeyPresent) {  /* don't leak on reuse */
+                        wc_ecc_free(ssl->peerEccDsaKey);
+                        ssl->peerEccDsaKeyPresent = 0;
+                        wc_ecc_init(ssl->peerEccDsaKey);
+                    }
+                    if (wc_ecc_import_x963(dCert->publicKey, dCert->pubKeySize,
+                                        ssl->peerEccDsaKey) != 0) {
+                        ret = PEER_KEY_ERROR;
+                    }
+                    else {
+                        ssl->peerEccDsaKeyPresent = 1;
+                        #ifdef HAVE_PK_CALLBACKS
+                            #ifdef HAVE_ECC
+                                ssl->buffers.peerEccDsaKey.buffer =
+                                       (byte*)XMALLOC(dCert->pubKeySize,
+                                               ssl->heap, DYNAMIC_TYPE_ECC);
+                                if (ssl->buffers.peerEccDsaKey.buffer == NULL)
+                                    ret = MEMORY_ERROR;
+                                else {
+                                    XMEMCPY(ssl->buffers.peerEccDsaKey.buffer,
+                                           dCert->publicKey, dCert->pubKeySize);
+                                    ssl->buffers.peerEccDsaKey.length =
+                                            dCert->pubKeySize;
+                                }
+                            #endif /* HAVE_ECC */
+                        #endif /*HAVE_PK_CALLBACKS */
+                    }
+                }
+                break;
+        #endif /* HAVE_ECC */
+            default:
+                break;
+        }
+
+        FreeDecodedCert(dCert);
+    }
+
+#ifdef WOLFSSL_SMALL_STACK
+    XFREE(dCert, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+
+    store = (WOLFSSL_X509_STORE_CTX*)XMALLOC(sizeof(WOLFSSL_X509_STORE_CTX),
+                                                 NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    if (store == NULL) {
+        XFREE(domain, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        return MEMORY_E;
+    }
+#endif
+
+    if (anyError != 0 && ret == 0)
+        ret = anyError;
+
+    if (ret != 0) {
+        if (!ssl->options.verifyNone) {
+            int why = bad_certificate;
+
+            if (ret == ASN_AFTER_DATE_E || ret == ASN_BEFORE_DATE_E)
+                why = certificate_expired;
+            if (ssl->verifyCallback) {
+                int ok;
+
+                store->error = ret;
+                store->error_depth = totalCerts;
+                store->discardSessionCerts = 0;
+                store->domain = domain;
+                store->userCtx = ssl->verifyCbCtx;
+#ifdef KEEP_PEER_CERT
+                store->current_cert = &ssl->peerCert;
+#else
+                store->current_cert = NULL;
+#endif
+#ifdef FORTRESS
+                store->ex_data = ssl;
+#endif
+                ok = ssl->verifyCallback(0, store);
+                if (ok) {
+                    WOLFSSL_MSG("Verify callback overriding error!");
+                    ret = 0;
+                }
+                #ifdef SESSION_CERTS
+                if (store->discardSessionCerts) {
+                    WOLFSSL_MSG("Verify callback requested discard sess certs");
+                    ssl->session.chain.count = 0;
+                }
+                #endif
+            }
+            if (ret != 0) {
+                SendAlert(ssl, alert_fatal, why);   /* try to send */
+                ssl->options.isClosed = 1;
+            }
+        }
+        ssl->error = ret;
+    }
+#ifdef WOLFSSL_ALWAYS_VERIFY_CB
+    else {
+        if (ssl->verifyCallback) {
+            int ok;
+
+            store->error = ret;
+            store->error_depth = totalCerts;
+            store->discardSessionCerts = 0;
+            store->domain = domain;
+            store->userCtx = ssl->verifyCbCtx;
+#ifdef KEEP_PEER_CERT
+            store->current_cert = &ssl->peerCert;
+#endif
+            store->ex_data = ssl;
+
+            ok = ssl->verifyCallback(1, store);
+            if (!ok) {
+                WOLFSSL_MSG("Verify callback overriding valid certificate!");
+                ret = -1;
+                SendAlert(ssl, alert_fatal, bad_certificate);
+                ssl->options.isClosed = 1;
+            }
+            #ifdef SESSION_CERTS
+            if (store->discardSessionCerts) {
+                WOLFSSL_MSG("Verify callback requested discard sess certs");
+                ssl->session.chain.count = 0;
+            }
+            #endif
+        }
+    }
+#endif
+
+    if (ssl->options.verifyNone &&
+                              (ret == CRL_MISSING || ret == CRL_CERT_REVOKED)) {
+        WOLFSSL_MSG("Ignoring CRL problem based on verify setting");
+        ret = ssl->error = 0;
+    }
+
+    if (ret == 0 && ssl->options.side == WOLFSSL_CLIENT_END)
+        ssl->options.serverState = SERVER_CERT_COMPLETE;
+
+    if (ssl->keys.encryptionOn) {
+        *inOutIdx += ssl->keys.padSz;
+    }
+
+#ifdef WOLFSSL_SMALL_STACK
+    XFREE(store,  NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    XFREE(domain, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+
+    return ret;
+}
+
+#endif /* !NO_CERTS */
+
+
+static int DoHelloRequest(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
+                                                    word32 size, word32 totalSz)
+{
+    (void)input;
+
+    if (size) /* must be 0 */
+        return BUFFER_ERROR;
+
+    if (ssl->keys.encryptionOn) {
+        /* access beyond input + size should be checked against totalSz */
+        if (*inOutIdx + ssl->keys.padSz > totalSz)
+            return BUFFER_E;
+
+        *inOutIdx += ssl->keys.padSz;
+    }
+
+    if (ssl->options.side == WOLFSSL_SERVER_END) {
+        SendAlert(ssl, alert_fatal, unexpected_message); /* try */
+        return FATAL_ERROR;
+    }
+#ifdef HAVE_SECURE_RENEGOTIATION
+    else if (ssl->secure_renegotiation && ssl->secure_renegotiation->enabled) {
+        ssl->secure_renegotiation->startScr = 1;
+        return 0;
+    }
+#endif
+    else {
+        return SendAlert(ssl, alert_warning, no_renegotiation);
+    }
+}
+
+
+int DoFinished(WOLFSSL* ssl, const byte* input, word32* inOutIdx, word32 size,
+                                                      word32 totalSz, int sniff)
+{
+    word32 finishedSz = (ssl->options.tls ? TLS_FINISHED_SZ : FINISHED_SZ);
+
+    if (finishedSz != size)
+        return BUFFER_ERROR;
+
+    /* check against totalSz */
+    if (*inOutIdx + size + ssl->keys.padSz > totalSz)
+        return BUFFER_E;
+
+    #ifdef WOLFSSL_CALLBACKS
+        if (ssl->hsInfoOn) AddPacketName("Finished", &ssl->handShakeInfo);
+        if (ssl->toInfoOn) AddLateName("Finished", &ssl->timeoutInfo);
+    #endif
+
+    if (sniff == NO_SNIFF) {
+        if (XMEMCMP(input + *inOutIdx, &ssl->verifyHashes, size) != 0) {
+            WOLFSSL_MSG("Verify finished error on hashes");
+            return VERIFY_FINISHED_ERROR;
+        }
+    }
+
+#ifdef HAVE_SECURE_RENEGOTIATION
+    if (ssl->secure_renegotiation) {
+        /* save peer's state */
+        if (ssl->options.side == WOLFSSL_CLIENT_END)
+            XMEMCPY(ssl->secure_renegotiation->server_verify_data,
+                    input + *inOutIdx, TLS_FINISHED_SZ);
+        else
+            XMEMCPY(ssl->secure_renegotiation->client_verify_data,
+                    input + *inOutIdx, TLS_FINISHED_SZ);
+    }
+#endif
+
+    /* force input exhaustion at ProcessReply consuming padSz */
+    *inOutIdx += size + ssl->keys.padSz;
+
+    if (ssl->options.side == WOLFSSL_CLIENT_END) {
+        ssl->options.serverState = SERVER_FINISHED_COMPLETE;
+        if (!ssl->options.resuming) {
+            ssl->options.handShakeState = HANDSHAKE_DONE;
+            ssl->options.handShakeDone  = 1;
+
+#ifdef WOLFSSL_DTLS
+            if (ssl->options.dtls) {
+                /* Other side has received our Finished, go to next epoch */
+                ssl->keys.dtls_epoch++;
+                ssl->keys.dtls_sequence_number = 1;
+            }
+#endif
+        }
+    }
+    else {
+        ssl->options.clientState = CLIENT_FINISHED_COMPLETE;
+        if (ssl->options.resuming) {
+            ssl->options.handShakeState = HANDSHAKE_DONE;
+            ssl->options.handShakeDone  = 1;
+
+#ifdef WOLFSSL_DTLS
+            if (ssl->options.dtls) {
+                /* Other side has received our Finished, go to next epoch */
+                ssl->keys.dtls_epoch++;
+                ssl->keys.dtls_sequence_number = 1;
+            }
+#endif
+        }
+    }
+
+    return 0;
+}
+
+
+/* Make sure no duplicates, no fast forward, or other problems; 0 on success */
+static int SanityCheckMsgReceived(WOLFSSL* ssl, byte type)
+{
+    /* verify not a duplicate, mark received, check state */
+    switch (type) {
+
+#ifndef NO_WOLFSSL_CLIENT
+        case hello_request:
+            if (ssl->msgsReceived.got_hello_request) {
+                WOLFSSL_MSG("Duplicate HelloRequest received");
+                return DUPLICATE_MSG_E;
+            }
+            ssl->msgsReceived.got_hello_request = 1;
+
+            break;
+#endif
+
+#ifndef NO_WOLFSSL_SERVER
+        case client_hello:
+            if (ssl->msgsReceived.got_client_hello) {
+                WOLFSSL_MSG("Duplicate ClientHello received");
+                return DUPLICATE_MSG_E;
+            }
+            ssl->msgsReceived.got_client_hello = 1;
+
+            break;
+#endif
+
+#ifndef NO_WOLFSSL_CLIENT
+        case server_hello:
+            if (ssl->msgsReceived.got_server_hello) {
+                WOLFSSL_MSG("Duplicate ServerHello received");
+                return DUPLICATE_MSG_E;
+            }
+            ssl->msgsReceived.got_server_hello = 1;
+
+            break;
+#endif
+
+#ifndef NO_WOLFSSL_CLIENT
+        case hello_verify_request:
+            if (ssl->msgsReceived.got_hello_verify_request) {
+                WOLFSSL_MSG("Duplicate HelloVerifyRequest received");
+                return DUPLICATE_MSG_E;
+            }
+            ssl->msgsReceived.got_hello_verify_request = 1;
+
+            break;
+#endif
+
+#ifndef NO_WOLFSSL_CLIENT
+        case session_ticket:
+            if (ssl->msgsReceived.got_session_ticket) {
+                WOLFSSL_MSG("Duplicate SessionTicket received");
+                return DUPLICATE_MSG_E;
+            }
+            ssl->msgsReceived.got_session_ticket = 1;
+
+            break;
+#endif
+
+        case certificate:
+            if (ssl->msgsReceived.got_certificate) {
+                WOLFSSL_MSG("Duplicate Certificate received");
+                return DUPLICATE_MSG_E;
+            }
+            ssl->msgsReceived.got_certificate = 1;
+
+#ifndef NO_WOLFSSL_CLIENT
+            if (ssl->options.side == WOLFSSL_CLIENT_END) {
+                if ( ssl->msgsReceived.got_server_hello == 0) {
+                    WOLFSSL_MSG("No ServerHello before Cert");
+                    return OUT_OF_ORDER_E;
+                }
+            }
+#endif
+#ifndef NO_WOLFSSL_SERVER
+            if (ssl->options.side == WOLFSSL_SERVER_END) {
+                if ( ssl->msgsReceived.got_client_hello == 0) {
+                    WOLFSSL_MSG("No ClientHello before Cert");
+                    return OUT_OF_ORDER_E;
+                }
+            }
+#endif
+            break;
+
+#ifndef NO_WOLFSSL_CLIENT
+        case server_key_exchange:
+            if (ssl->msgsReceived.got_server_key_exchange) {
+                WOLFSSL_MSG("Duplicate ServerKeyExchange received");
+                return DUPLICATE_MSG_E;
+            }
+            ssl->msgsReceived.got_server_key_exchange = 1;
+
+            if ( ssl->msgsReceived.got_server_hello == 0) {
+                WOLFSSL_MSG("No ServerHello before Cert");
+                return OUT_OF_ORDER_E;
+            }
+
+            break;
+#endif
+
+#ifndef NO_WOLFSSL_CLIENT
+        case certificate_request:
+            if (ssl->msgsReceived.got_certificate_request) {
+                WOLFSSL_MSG("Duplicate CertificateRequest received");
+                return DUPLICATE_MSG_E;
+            }
+            ssl->msgsReceived.got_certificate_request = 1;
+
+            break;
+#endif
+
+#ifndef NO_WOLFSSL_CLIENT
+        case server_hello_done:
+            if (ssl->msgsReceived.got_server_hello_done) {
+                WOLFSSL_MSG("Duplicate ServerHelloDone received");
+                return DUPLICATE_MSG_E;
+            }
+            ssl->msgsReceived.got_server_hello_done = 1;
+
+            if (ssl->msgsReceived.got_certificate == 0) {
+                if (ssl->specs.kea == psk_kea ||
+                    ssl->specs.kea == dhe_psk_kea ||
+                    ssl->options.usingAnon_cipher) {
+                    WOLFSSL_MSG("No Cert required");
+                } else {
+                    WOLFSSL_MSG("No Certificate before ServerHelloDone");
+                    return OUT_OF_ORDER_E;
+                }
+            }
+            if (ssl->msgsReceived.got_server_key_exchange == 0) {
+                if (ssl->specs.static_ecdh == 1 ||
+                    ssl->specs.kea == rsa_kea ||
+                    ssl->specs.kea == ntru_kea) {
+                    WOLFSSL_MSG("No KeyExchange required");
+                } else {
+                    WOLFSSL_MSG("No ServerKeyExchange before ServerDone");
+                    return OUT_OF_ORDER_E;
+                }
+            }
+            break;
+#endif
+
+#ifndef NO_WOLFSSL_SERVER
+        case certificate_verify:
+            if (ssl->msgsReceived.got_certificate_verify) {
+                WOLFSSL_MSG("Duplicate CertificateVerify received");
+                return DUPLICATE_MSG_E;
+            }
+            ssl->msgsReceived.got_certificate_verify = 1;
+
+            if ( ssl->msgsReceived.got_certificate == 0) {
+                WOLFSSL_MSG("No Cert before CertVerify");
+                return OUT_OF_ORDER_E;
+            }
+            break;
+#endif
+
+#ifndef NO_WOLFSSL_SERVER
+        case client_key_exchange:
+            if (ssl->msgsReceived.got_client_key_exchange) {
+                WOLFSSL_MSG("Duplicate ClientKeyExchange received");
+                return DUPLICATE_MSG_E;
+            }
+            ssl->msgsReceived.got_client_key_exchange = 1;
+
+            if (ssl->msgsReceived.got_client_hello == 0) {
+                WOLFSSL_MSG("No ClientHello before ClientKeyExchange");
+                return OUT_OF_ORDER_E;
+            }
+            break;
+#endif
+
+        case finished:
+            if (ssl->msgsReceived.got_finished) {
+                WOLFSSL_MSG("Duplicate Finished received");
+                return DUPLICATE_MSG_E;
+            }
+            ssl->msgsReceived.got_finished = 1;
+
+            if (ssl->msgsReceived.got_change_cipher == 0) {
+                WOLFSSL_MSG("Finished received before ChangeCipher");
+                return NO_CHANGE_CIPHER_E;
+            }
+
+            break;
+
+        case change_cipher_hs:
+            if (ssl->msgsReceived.got_change_cipher) {
+                WOLFSSL_MSG("Duplicate ChangeCipher received");
+                return DUPLICATE_MSG_E;
+            }
+            ssl->msgsReceived.got_change_cipher = 1;
+
+#ifndef NO_WOLFSSL_CLIENT
+            if (ssl->options.side == WOLFSSL_CLIENT_END) {
+                if (!ssl->options.resuming &&
+                                 ssl->msgsReceived.got_server_hello_done == 0) {
+                    WOLFSSL_MSG("No ServerHelloDone before ChangeCipher");
+                    return OUT_OF_ORDER_E;
+                }
+            }
+#endif
+#ifndef NO_WOLFSSL_SERVER
+            if (ssl->options.side == WOLFSSL_SERVER_END) {
+                if (!ssl->options.resuming &&
+                               ssl->msgsReceived.got_client_key_exchange == 0) {
+                    WOLFSSL_MSG("No ClientKeyExchange before ChangeCipher");
+                    return OUT_OF_ORDER_E;
+                }
+            }
+#endif
+
+            break;
+
+        default:
+            WOLFSSL_MSG("Unknown message type");
+            return SANITY_MSG_E;
+    }
+
+    return 0;
+}
+
+
+static int DoHandShakeMsgType(WOLFSSL* ssl, byte* input, word32* inOutIdx,
+                          byte type, word32 size, word32 totalSz)
+{
+    int ret = 0;
+    (void)totalSz;
+
+    WOLFSSL_ENTER("DoHandShakeMsgType");
+
+    /* make sure can read the message */
+    if (*inOutIdx + size > totalSz)
+        return INCOMPLETE_DATA;
+
+    /* sanity check msg received */
+    if ( (ret = SanityCheckMsgReceived(ssl, type)) != 0) {
+        WOLFSSL_MSG("Sanity Check on handshake message type received failed");
+        return ret;
+    }
+
+    /* hello_request not hashed */
+    if (type != hello_request) {
+        ret = HashInput(ssl, input + *inOutIdx, size);
+        if (ret != 0) return ret;
+    }
+
+#ifdef WOLFSSL_CALLBACKS
+    /* add name later, add on record and handshake header part back on */
+    if (ssl->toInfoOn) {
+        int add = RECORD_HEADER_SZ + HANDSHAKE_HEADER_SZ;
+        AddPacketInfo(0, &ssl->timeoutInfo, input + *inOutIdx - add,
+                      size + add, ssl->heap);
+        AddLateRecordHeader(&ssl->curRL, &ssl->timeoutInfo);
+    }
+#endif
+
+    if (ssl->options.handShakeState == HANDSHAKE_DONE && type != hello_request){
+        WOLFSSL_MSG("HandShake message after handshake complete");
+        SendAlert(ssl, alert_fatal, unexpected_message);
+        return OUT_OF_ORDER_E;
+    }
+
+    if (ssl->options.side == WOLFSSL_CLIENT_END && ssl->options.dtls == 0 &&
+               ssl->options.serverState == NULL_STATE && type != server_hello) {
+        WOLFSSL_MSG("First server message not server hello");
+        SendAlert(ssl, alert_fatal, unexpected_message);
+        return OUT_OF_ORDER_E;
+    }
+
+    if (ssl->options.side == WOLFSSL_CLIENT_END && ssl->options.dtls &&
+            type == server_hello_done &&
+            ssl->options.serverState < SERVER_HELLO_COMPLETE) {
+        WOLFSSL_MSG("Server hello done received before server hello in DTLS");
+        SendAlert(ssl, alert_fatal, unexpected_message);
+        return OUT_OF_ORDER_E;
+    }
+
+    if (ssl->options.side == WOLFSSL_SERVER_END &&
+               ssl->options.clientState == NULL_STATE && type != client_hello) {
+        WOLFSSL_MSG("First client message not client hello");
+        SendAlert(ssl, alert_fatal, unexpected_message);
+        return OUT_OF_ORDER_E;
+    }
+
+
+    switch (type) {
+
+    case hello_request:
+        WOLFSSL_MSG("processing hello request");
+        ret = DoHelloRequest(ssl, input, inOutIdx, size, totalSz);
+        break;
+
+#ifndef NO_WOLFSSL_CLIENT
+    case hello_verify_request:
+        WOLFSSL_MSG("processing hello verify request");
+        ret = DoHelloVerifyRequest(ssl, input,inOutIdx, size);
+        break;
+
+    case server_hello:
+        WOLFSSL_MSG("processing server hello");
+        ret = DoServerHello(ssl, input, inOutIdx, size);
+        break;
+
+#ifndef NO_CERTS
+    case certificate_request:
+        WOLFSSL_MSG("processing certificate request");
+        ret = DoCertificateRequest(ssl, input, inOutIdx, size);
+        break;
+#endif
+
+    case server_key_exchange:
+        WOLFSSL_MSG("processing server key exchange");
+        ret = DoServerKeyExchange(ssl, input, inOutIdx, size);
+        break;
+
+#ifdef HAVE_SESSION_TICKET
+    case session_ticket:
+        WOLFSSL_MSG("processing session ticket");
+        ret = DoSessionTicket(ssl, input, inOutIdx, size);
+        break;
+#endif /* HAVE_SESSION_TICKET */
+#endif
+
+#ifndef NO_CERTS
+    case certificate:
+        WOLFSSL_MSG("processing certificate");
+        ret =  DoCertificate(ssl, input, inOutIdx, size);
+        break;
+#endif
+
+    case server_hello_done:
+        WOLFSSL_MSG("processing server hello done");
+        #ifdef WOLFSSL_CALLBACKS
+            if (ssl->hsInfoOn)
+                AddPacketName("ServerHelloDone", &ssl->handShakeInfo);
+            if (ssl->toInfoOn)
+                AddLateName("ServerHelloDone", &ssl->timeoutInfo);
+        #endif
+        ssl->options.serverState = SERVER_HELLODONE_COMPLETE;
+        if (ssl->keys.encryptionOn) {
+            *inOutIdx += ssl->keys.padSz;
+        }
+        break;
+
+    case finished:
+        WOLFSSL_MSG("processing finished");
+        ret = DoFinished(ssl, input, inOutIdx, size, totalSz, NO_SNIFF);
+        break;
+
+#ifndef NO_WOLFSSL_SERVER
+    case client_hello:
+        WOLFSSL_MSG("processing client hello");
+        ret = DoClientHello(ssl, input, inOutIdx, size);
+        break;
+
+    case client_key_exchange:
+        WOLFSSL_MSG("processing client key exchange");
+        ret = DoClientKeyExchange(ssl, input, inOutIdx, size);
+        break;
+
+#if !defined(NO_RSA) || defined(HAVE_ECC)
+    case certificate_verify:
+        WOLFSSL_MSG("processing certificate verify");
+        ret = DoCertificateVerify(ssl, input, inOutIdx, size);
+        break;
+#endif /* !NO_RSA || HAVE_ECC */
+
+#endif /* !NO_WOLFSSL_SERVER */
+
+    default:
+        WOLFSSL_MSG("Unknown handshake message type");
+        ret = UNKNOWN_HANDSHAKE_TYPE;
+        break;
+    }
+
+    WOLFSSL_LEAVE("DoHandShakeMsgType()", ret);
+    return ret;
+}
+
+
+static int DoHandShakeMsg(WOLFSSL* ssl, byte* input, word32* inOutIdx,
+                          word32 totalSz)
+{
+    byte   type;
+    word32 size;
+    int    ret = 0;
+
+    WOLFSSL_ENTER("DoHandShakeMsg()");
+
+    if (GetHandShakeHeader(ssl, input, inOutIdx, &type, &size, totalSz) != 0)
+        return PARSE_ERROR;
+
+    ret = DoHandShakeMsgType(ssl, input, inOutIdx, type, size, totalSz);
+
+    WOLFSSL_LEAVE("DoHandShakeMsg()", ret);
+    return ret;
+}
+
+
+#ifdef WOLFSSL_DTLS
+
+static INLINE int DtlsCheckWindow(DtlsState* state)
+{
+    word32 cur;
+    word32 next;
+    DtlsSeq window;
+
+    if (state->curEpoch == state->nextEpoch) {
+        next = state->nextSeq;
+        window = state->window;
+    }
+    else if (state->curEpoch < state->nextEpoch) {
+        next = state->prevSeq;
+        window = state->prevWindow;
+    }
+    else {
+        return 0;
+    }
+
+    cur = state->curSeq;
+
+    if ((next > DTLS_SEQ_BITS) && (cur < next - DTLS_SEQ_BITS)) {
+        return 0;
+    }
+    else if ((cur < next) && (window & ((DtlsSeq)1 << (next - cur - 1)))) {
+        return 0;
+    }
+
+    return 1;
+}
+
+
+static INLINE int DtlsUpdateWindow(DtlsState* state)
+{
+    word32 cur;
+    word32* next;
+    DtlsSeq* window;
+
+    if (state->curEpoch == state->nextEpoch) {
+        next = &state->nextSeq;
+        window = &state->window;
+    }
+    else {
+        next = &state->prevSeq;
+        window = &state->prevWindow;
+    }
+
+    cur = state->curSeq;
+
+    if (cur < *next) {
+        *window |= ((DtlsSeq)1 << (*next - cur - 1));
+    }
+    else {
+        *window <<= (1 + cur - *next);
+        *window |= 1;
+        *next = cur + 1;
+    }
+
+    return 1;
+}
+
+
+static int DtlsMsgDrain(WOLFSSL* ssl)
+{
+    DtlsMsg* item = ssl->dtls_msg_list;
+    int ret = 0;
+
+    /* While there is an item in the store list, and it is the expected
+     * message, and it is complete, and there hasn't been an error in the
+     * last messge... */
+    while (item != NULL &&
+            ssl->keys.dtls_expected_peer_handshake_number == item->seq &&
+            item->fragSz == item->sz &&
+            ret == 0) {
+        word32 idx = 0;
+        ssl->keys.dtls_expected_peer_handshake_number++;
+        ret = DoHandShakeMsgType(ssl, item->msg,
+                                 &idx, item->type, item->sz, item->sz);
+        ssl->dtls_msg_list = item->next;
+        DtlsMsgDelete(item, ssl->heap);
+        item = ssl->dtls_msg_list;
+    }
+
+    return ret;
+}
+
+
+static int DoDtlsHandShakeMsg(WOLFSSL* ssl, byte* input, word32* inOutIdx,
+                          word32 totalSz)
+{
+    byte type;
+    word32 size;
+    word32 fragOffset, fragSz;
+    int ret = 0;
+
+    WOLFSSL_ENTER("DoDtlsHandShakeMsg()");
+    if (GetDtlsHandShakeHeader(ssl, input, inOutIdx, &type,
+                               &size, &fragOffset, &fragSz, totalSz) != 0)
+        return PARSE_ERROR;
+
+    if (*inOutIdx + fragSz > totalSz)
+        return INCOMPLETE_DATA;
+
+    /* Check the handshake sequence number first. If out of order,
+     * add the current message to the list. If the message is in order,
+     * but it is a fragment, add the current message to the list, then
+     * check the head of the list to see if it is complete, if so, pop
+     * it out as the current message. If the message is complete and in
+     * order, process it. Check the head of the list to see if it is in
+     * order, if so, process it. (Repeat until list exhausted.) If the
+     * head is out of order, return for more processing.
+     */
+    if (ssl->keys.dtls_peer_handshake_number >
+                                ssl->keys.dtls_expected_peer_handshake_number) {
+        /* Current message is out of order. It will get stored in the list.
+         * Storing also takes care of defragmentation. */
+        ssl->dtls_msg_list = DtlsMsgStore(ssl->dtls_msg_list,
+                        ssl->keys.dtls_peer_handshake_number, input + *inOutIdx,
+                        size, type, fragOffset, fragSz, ssl->heap);
+        *inOutIdx += fragSz;
+        ret = 0;
+    }
+    else if (ssl->keys.dtls_peer_handshake_number <
+                                ssl->keys.dtls_expected_peer_handshake_number) {
+        /* Already saw this message and processed it. It can be ignored. */
+        *inOutIdx += fragSz;
+        ret = 0;
+    }
+    else if (fragSz < size) {
+        /* Since this branch is in order, but fragmented, dtls_msg_list will be
+         * pointing to the message with this fragment in it. Check it to see
+         * if it is completed. */
+        ssl->dtls_msg_list = DtlsMsgStore(ssl->dtls_msg_list,
+                        ssl->keys.dtls_peer_handshake_number, input + *inOutIdx,
+                        size, type, fragOffset, fragSz, ssl->heap);
+        *inOutIdx += fragSz;
+        ret = 0;
+        if (ssl->dtls_msg_list != NULL &&
+            ssl->dtls_msg_list->fragSz >= ssl->dtls_msg_list->sz)
+            ret = DtlsMsgDrain(ssl);
+    }
+    else {
+        /* This branch is in order next, and a complete message. */
+        ssl->keys.dtls_expected_peer_handshake_number++;
+        ret = DoHandShakeMsgType(ssl, input, inOutIdx, type, size, totalSz);
+        if (ret == 0 && ssl->dtls_msg_list != NULL)
+            ret = DtlsMsgDrain(ssl);
+    }
+
+    WOLFSSL_LEAVE("DoDtlsHandShakeMsg()", ret);
+    return ret;
+}
+#endif
+
+
+#if !defined(NO_OLD_TLS) || defined(HAVE_CHACHA) || defined(HAVE_AESCCM) \
+    || defined(HAVE_AESGCM)
+static INLINE word32 GetSEQIncrement(WOLFSSL* ssl, int verify)
+{
+#ifdef WOLFSSL_DTLS
+    if (ssl->options.dtls) {
+        if (verify)
+            return ssl->keys.dtls_state.curSeq; /* explicit from peer */
+        else
+            return ssl->keys.dtls_sequence_number - 1; /* already incremented */
+    }
+#endif
+    if (verify)
+        return ssl->keys.peer_sequence_number++;
+    else
+        return ssl->keys.sequence_number++;
+}
+#endif
+
+
+#ifdef HAVE_AEAD
+static INLINE void AeadIncrementExpIV(WOLFSSL* ssl)
+{
+    int i;
+    for (i = AEAD_EXP_IV_SZ-1; i >= 0; i--) {
+        if (++ssl->keys.aead_exp_IV[i]) return;
+    }
+}
+
+
+#if defined(HAVE_POLY1305) && defined(HAVE_CHACHA)
+/*more recent rfc's concatonate input for poly1305 differently*/
+static int Poly1305Tag(WOLFSSL* ssl, byte* additional, const byte* out,
+                       byte* cipher, word16 sz, byte* tag)
+{
+    int ret       = 0;
+    int paddingSz = 0;
+    int msglen    = (sz - ssl->specs.aead_mac_size);
+    word32 keySz  = 32;
+    int blockSz   = 16;
+    byte padding[16];
+
+    if (msglen < 0)
+        return INPUT_CASE_ERROR;
+
+    XMEMSET(padding, 0, sizeof(padding));
+
+    if ((ret = wc_Poly1305SetKey(ssl->auth.poly1305, cipher, keySz)) != 0)
+        return ret;
+
+	/* additional input to poly1305 */
+    if ((ret = wc_Poly1305Update(ssl->auth.poly1305, additional, blockSz)) != 0)
+        return ret;
+
+    /* cipher input */
+    if ((ret = wc_Poly1305Update(ssl->auth.poly1305, out, msglen)) != 0)
+        return ret;
+
+    /* handle padding for cipher input to make it 16 bytes long */
+    if (msglen % 16 != 0) {
+          paddingSz = (16 - (sz - ssl->specs.aead_mac_size) % 16);
+          if (paddingSz < 0)
+              return INPUT_CASE_ERROR;
+
+          if ((ret = wc_Poly1305Update(ssl->auth.poly1305, padding, paddingSz))
+                 != 0)
+              return ret;
+    }
+
+    /* add size of AD and size of cipher to poly input */
+    XMEMSET(padding, 0, sizeof(padding));
+    padding[0] = blockSz;
+
+    /* 32 bit size of cipher to 64 bit endian */
+    padding[8]  =  msglen       & 0xff;
+    padding[9]  = (msglen >> 8) & 0xff;
+    padding[10] = (msglen >>16) & 0xff;
+    padding[11] = (msglen >>24) & 0xff;
+    if ((ret = wc_Poly1305Update(ssl->auth.poly1305, padding, sizeof(padding)))
+                != 0)
+        return ret;
+
+    /* generate tag */
+    if ((ret = wc_Poly1305Final(ssl->auth.poly1305, tag)) != 0)
+        return ret;
+
+    return ret;
+}
+
+
+/* Used for the older version of creating AEAD tags with Poly1305 */
+static int Poly1305TagOld(WOLFSSL* ssl, byte* additional, const byte* out,
+                       byte* cipher, word16 sz, byte* tag)
+{
+    int ret       = 0;
+    int msglen    = (sz - ssl->specs.aead_mac_size);
+    word32 keySz  = 32;
+    byte padding[8]; /* used to temporarly store lengths */
+
+#ifdef CHACHA_AEAD_TEST
+      printf("Using old version of poly1305 input.\n");
+#endif
+
+    if (msglen < 0)
+        return INPUT_CASE_ERROR;
+
+    if ((ret = wc_Poly1305SetKey(ssl->auth.poly1305, cipher, keySz)) != 0)
+        return ret;
+
+	/* add TLS compressed length and additional input to poly1305 */
+    additional[AEAD_AUTH_DATA_SZ - 2] = (msglen >> 8) & 0xff;
+    additional[AEAD_AUTH_DATA_SZ - 1] =  msglen       & 0xff;
+    if ((ret = wc_Poly1305Update(ssl->auth.poly1305, additional,
+                   AEAD_AUTH_DATA_SZ)) != 0)
+        return ret;
+
+    /* length of additional input plus padding */
+    XMEMSET(padding, 0, sizeof(padding));
+    padding[0] = AEAD_AUTH_DATA_SZ;
+    if ((ret = wc_Poly1305Update(ssl->auth.poly1305, padding,
+                    sizeof(padding))) != 0)
+        return ret;
+
+
+    /* add cipher info and then its length */
+    XMEMSET(padding, 0, sizeof(padding));
+    if ((ret = wc_Poly1305Update(ssl->auth.poly1305, out, msglen)) != 0)
+        return ret;
+
+    /* 32 bit size of cipher to 64 bit endian */
+    padding[0] =  msglen        & 0xff;
+    padding[1] = (msglen >>  8) & 0xff;
+    padding[2] = (msglen >> 16) & 0xff;
+    padding[3] = (msglen >> 24) & 0xff;
+    if ((ret = wc_Poly1305Update(ssl->auth.poly1305, padding, sizeof(padding)))
+        != 0)
+        return ret;
+
+    /* generate tag */
+    if ((ret = wc_Poly1305Final(ssl->auth.poly1305, tag)) != 0)
+        return ret;
+
+    return ret;
+}
+
+
+static int  ChachaAEADEncrypt(WOLFSSL* ssl, byte* out, const byte* input,
+                              word16 sz)
+{
+	const byte* additionalSrc = input - RECORD_HEADER_SZ;
+	int ret = 0;
+	byte tag[POLY1305_AUTH_SZ];
+	byte additional[CHACHA20_BLOCK_SIZE];
+	byte nonce[AEAD_NONCE_SZ];
+	byte cipher[CHACHA20_256_KEY_SIZE]; /* generated key for poly1305 */
+    #ifdef CHACHA_AEAD_TEST
+        int i;
+    #endif
+
+	XMEMSET(tag, 0, sizeof(tag));
+	XMEMSET(nonce, 0, AEAD_NONCE_SZ);
+	XMEMSET(cipher, 0, sizeof(cipher));
+	XMEMSET(additional, 0, CHACHA20_BLOCK_SIZE);
+	
+	/* get nonce */
+	c32toa(ssl->keys.sequence_number, nonce + AEAD_IMP_IV_SZ
+	       + AEAD_SEQ_OFFSET);
+	
+	/* opaque SEQ number stored for AD */
+	c32toa(GetSEQIncrement(ssl, 0), additional + AEAD_SEQ_OFFSET);
+	
+	/* Store the type, version. Unfortunately, they are in
+	 * the input buffer ahead of the plaintext. */
+	#ifdef WOLFSSL_DTLS
+	    if (ssl->options.dtls) {
+	        c16toa(ssl->keys.dtls_epoch, additional);
+	        additionalSrc -= DTLS_HANDSHAKE_EXTRA;
+	    }
+	#endif
+	
+	XMEMCPY(additional + AEAD_TYPE_OFFSET, additionalSrc, 3);
+	
+	#ifdef CHACHA_AEAD_TEST
+		printf("Encrypt Additional : ");
+		for (i = 0; i < CHACHA20_BLOCK_SIZE; i++) {
+		    printf("%02x", additional[i]);
+		}
+		printf("\n\n");
+		printf("input before encryption :\n");
+		for (i = 0; i < sz; i++) {
+		    printf("%02x", input[i]);
+		    if ((i + 1) % 16 == 0)
+		        printf("\n");
+		}
+		printf("\n");
+	#endif
+	
+	/* set the nonce for chacha and get poly1305 key */
+	if ((ret = wc_Chacha_SetIV(ssl->encrypt.chacha, nonce, 0)) != 0)
+	    return ret;
+	
+		if ((ret = wc_Chacha_Process(ssl->encrypt.chacha, cipher,
+	                cipher, sizeof(cipher))) != 0)
+	    return ret;
+	
+	/* encrypt the plain text */
+	if ((ret = wc_Chacha_Process(ssl->encrypt.chacha, out, input,
+	               sz - ssl->specs.aead_mac_size)) != 0)
+	    return ret;
+	
+	/* get the tag : future use of hmac could go here*/
+	if (ssl->options.oldPoly == 1) {
+	    if ((ret = Poly1305TagOld(ssl, additional, (const byte* )out,
+	                cipher, sz, tag)) != 0)
+	        return ret;
+	}
+	else {
+	    if ((ret = Poly1305Tag(ssl, additional, (const byte* )out,
+	                cipher, sz, tag)) != 0)
+	        return ret;
+	}
+	
+	/* append tag to ciphertext */
+	XMEMCPY(out + sz - ssl->specs.aead_mac_size, tag, sizeof(tag));
+	
+	AeadIncrementExpIV(ssl);
+	ForceZero(nonce, AEAD_NONCE_SZ);
+	
+	#ifdef CHACHA_AEAD_TEST
+	   printf("mac tag :\n");
+	    for (i = 0; i < 16; i++) {
+	       printf("%02x", tag[i]);
+	       if ((i + 1) % 16 == 0)
+	           printf("\n");
+	    }
+	   printf("\n\noutput after encrypt :\n");
+	    for (i = 0; i < sz; i++) {
+	       printf("%02x", out[i]);
+	       if ((i + 1) % 16 == 0)
+	           printf("\n");
+	    }
+	    printf("\n");
+	#endif
+	
+	return ret;
+}
+
+
+static int ChachaAEADDecrypt(WOLFSSL* ssl, byte* plain, const byte* input,
+                           word16 sz)
+{
+	byte additional[CHACHA20_BLOCK_SIZE];
+	byte nonce[AEAD_NONCE_SZ];
+	byte tag[POLY1305_AUTH_SZ];
+	byte cipher[CHACHA20_256_KEY_SIZE]; /* generated key for mac */
+    int i;
+	int ret = 0;
+	
+	XMEMSET(tag, 0, sizeof(tag));
+	XMEMSET(cipher, 0, sizeof(cipher));
+	XMEMSET(nonce, 0, AEAD_NONCE_SZ);
+	XMEMSET(additional, 0, CHACHA20_BLOCK_SIZE);
+	
+    #ifdef CHACHA_AEAD_TEST
+	   printf("input before decrypt :\n");
+	    for (i = 0; i < sz; i++) {
+	       printf("%02x", input[i]);
+	       if ((i + 1) % 16 == 0)
+	           printf("\n");
+	    }
+	    printf("\n");
+	#endif
+	
+	/* get nonce */
+	c32toa(ssl->keys.peer_sequence_number, nonce + AEAD_IMP_IV_SZ
+	        + AEAD_SEQ_OFFSET);
+	
+	/* sequence number field is 64-bits, we only use 32-bits */
+	c32toa(GetSEQIncrement(ssl, 1), additional + AEAD_SEQ_OFFSET);
+	
+	/* get AD info */
+	additional[AEAD_TYPE_OFFSET] = ssl->curRL.type;
+	additional[AEAD_VMAJ_OFFSET] = ssl->curRL.pvMajor;
+	additional[AEAD_VMIN_OFFSET] = ssl->curRL.pvMinor;
+	
+	/* Store the type, version. */
+	#ifdef WOLFSSL_DTLS
+	    if (ssl->options.dtls)
+	        c16toa(ssl->keys.dtls_state.curEpoch, additional);
+	#endif
+		
+	#ifdef CHACHA_AEAD_TEST
+		printf("Decrypt Additional : ");
+		for (i = 0; i < CHACHA20_BLOCK_SIZE; i++) {
+		    printf("%02x", additional[i]);
+		}
+		printf("\n\n");
+	#endif
+	
+	/* set nonce and get poly1305 key */
+	if ((ret = wc_Chacha_SetIV(ssl->decrypt.chacha, nonce, 0)) != 0)
+	    return ret;
+	
+	if ((ret = wc_Chacha_Process(ssl->decrypt.chacha, cipher,
+	                cipher, sizeof(cipher))) != 0)
+	    return ret;
+	
+	/* get the tag : future use of hmac could go here*/
+	if (ssl->options.oldPoly == 1) {
+	    if ((ret = Poly1305TagOld(ssl, additional, input, cipher,
+	                    sz, tag)) != 0)
+	        return ret;
+	}
+	else {
+	    if ((ret = Poly1305Tag(ssl, additional, input, cipher,
+	                    sz, tag)) != 0)
+	        return ret;
+	}
+	
+	/* check mac sent along with packet */
+	ret = 0;
+	for (i = 0; i <  ssl->specs.aead_mac_size; i++) {
+	    if ((input + sz - ssl->specs.aead_mac_size)[i] != tag[i])
+	        ret = 1;
+	}
+	
+	if (ret == 1) {
+	    WOLFSSL_MSG("Mac did not match");
+	    SendAlert(ssl, alert_fatal, bad_record_mac);
+	    ForceZero(nonce, AEAD_NONCE_SZ);
+	    return VERIFY_MAC_ERROR;
+	}
+	
+	/* if mac was good decrypt message */
+	if ((ret = wc_Chacha_Process(ssl->decrypt.chacha, plain, input,
+	               sz - ssl->specs.aead_mac_size)) != 0)
+	    return ret;
+		
+	#ifdef CHACHA_AEAD_TEST
+	   printf("plain after decrypt :\n");
+	    for (i = 0; i < sz; i++) {
+	       printf("%02x", plain[i]);
+	       if ((i + 1) % 16 == 0)
+	           printf("\n");
+	    }
+	    printf("\n");
+	#endif
+	
+	return ret;
+}
+#endif /* HAVE_CHACHA && HAVE_POLY1305 */
+#endif /* HAVE_AEAD */
+
+
+static INLINE int Encrypt(WOLFSSL* ssl, byte* out, const byte* input, word16 sz)
+{
+    (void)out;
+    (void)input;
+    (void)sz;
+
+    if (ssl->encrypt.setup == 0) {
+        WOLFSSL_MSG("Encrypt ciphers not setup");
+        return ENCRYPT_ERROR;
+    }
+
+#ifdef HAVE_FUZZER
+    if (ssl->fuzzerCb)
+        ssl->fuzzerCb(ssl, input, sz, FUZZ_ENCRYPT, ssl->fuzzerCtx);
+#endif
+
+    switch (ssl->specs.bulk_cipher_algorithm) {
+        #ifdef BUILD_ARC4
+            case wolfssl_rc4:
+                wc_Arc4Process(ssl->encrypt.arc4, out, input, sz);
+                break;
+        #endif
+
+        #ifdef BUILD_DES3
+            case wolfssl_triple_des:
+                return wc_Des3_CbcEncrypt(ssl->encrypt.des3, out, input, sz);
+        #endif
+
+        #ifdef BUILD_AES
+            case wolfssl_aes:
+                return wc_AesCbcEncrypt(ssl->encrypt.aes, out, input, sz);
+        #endif
+
+        #ifdef BUILD_AESGCM
+            case wolfssl_aes_gcm:
+                {
+                    int  gcmRet;
+                    byte additional[AEAD_AUTH_DATA_SZ];
+                    byte nonce[AEAD_NONCE_SZ];
+                    const byte* additionalSrc = input - 5;
+
+                    XMEMSET(additional, 0, AEAD_AUTH_DATA_SZ);
+
+                    /* sequence number field is 64-bits, we only use 32-bits */
+                    c32toa(GetSEQIncrement(ssl, 0),
+                                            additional + AEAD_SEQ_OFFSET);
+
+                    /* Store the type, version. Unfortunately, they are in
+                     * the input buffer ahead of the plaintext. */
+                    #ifdef WOLFSSL_DTLS
+                        if (ssl->options.dtls) {
+                            c16toa(ssl->keys.dtls_epoch, additional);
+                            additionalSrc -= DTLS_HANDSHAKE_EXTRA;
+                        }
+                    #endif
+                    XMEMCPY(additional + AEAD_TYPE_OFFSET, additionalSrc, 3);
+
+                    /* Store the length of the plain text minus the explicit
+                     * IV length minus the authentication tag size. */
+                    c16toa(sz - AEAD_EXP_IV_SZ - ssl->specs.aead_mac_size,
+                                                additional + AEAD_LEN_OFFSET);
+                    XMEMCPY(nonce,
+                                 ssl->keys.aead_enc_imp_IV, AEAD_IMP_IV_SZ);
+                    XMEMCPY(nonce + AEAD_IMP_IV_SZ,
+                                     ssl->keys.aead_exp_IV, AEAD_EXP_IV_SZ);
+                    gcmRet = wc_AesGcmEncrypt(ssl->encrypt.aes,
+                                 out + AEAD_EXP_IV_SZ, input + AEAD_EXP_IV_SZ,
+                                 sz - AEAD_EXP_IV_SZ - ssl->specs.aead_mac_size,
+                                 nonce, AEAD_NONCE_SZ,
+                                 out + sz - ssl->specs.aead_mac_size,
+                                 ssl->specs.aead_mac_size,
+                                 additional, AEAD_AUTH_DATA_SZ);
+                    if (gcmRet == 0)
+                        AeadIncrementExpIV(ssl);
+                    ForceZero(nonce, AEAD_NONCE_SZ);
+                    return gcmRet;
+                }
+                break;
+        #endif
+
+        #ifdef HAVE_AESCCM
+            case wolfssl_aes_ccm:
+                {
+                    byte additional[AEAD_AUTH_DATA_SZ];
+                    byte nonce[AEAD_NONCE_SZ];
+                    const byte* additionalSrc = input - 5;
+
+                    XMEMSET(additional, 0, AEAD_AUTH_DATA_SZ);
+
+                    /* sequence number field is 64-bits, we only use 32-bits */
+                    c32toa(GetSEQIncrement(ssl, 0),
+                                            additional + AEAD_SEQ_OFFSET);
+
+                    /* Store the type, version. Unfortunately, they are in
+                     * the input buffer ahead of the plaintext. */
+                    #ifdef WOLFSSL_DTLS
+                        if (ssl->options.dtls) {
+                            c16toa(ssl->keys.dtls_epoch, additional);
+                            additionalSrc -= DTLS_HANDSHAKE_EXTRA;
+                        }
+                    #endif
+                    XMEMCPY(additional + AEAD_TYPE_OFFSET, additionalSrc, 3);
+
+                    /* Store the length of the plain text minus the explicit
+                     * IV length minus the authentication tag size. */
+                    c16toa(sz - AEAD_EXP_IV_SZ - ssl->specs.aead_mac_size,
+                                                additional + AEAD_LEN_OFFSET);
+                    XMEMCPY(nonce,
+                                 ssl->keys.aead_enc_imp_IV, AEAD_IMP_IV_SZ);
+                    XMEMCPY(nonce + AEAD_IMP_IV_SZ,
+                                     ssl->keys.aead_exp_IV, AEAD_EXP_IV_SZ);
+                    wc_AesCcmEncrypt(ssl->encrypt.aes,
+                        out + AEAD_EXP_IV_SZ, input + AEAD_EXP_IV_SZ,
+                            sz - AEAD_EXP_IV_SZ - ssl->specs.aead_mac_size,
+                        nonce, AEAD_NONCE_SZ,
+                        out + sz - ssl->specs.aead_mac_size,
+                        ssl->specs.aead_mac_size,
+                        additional, AEAD_AUTH_DATA_SZ);
+                    AeadIncrementExpIV(ssl);
+                    ForceZero(nonce, AEAD_NONCE_SZ);
+                }
+                break;
+        #endif
+
+        #ifdef HAVE_CAMELLIA
+            case wolfssl_camellia:
+                wc_CamelliaCbcEncrypt(ssl->encrypt.cam, out, input, sz);
+                break;
+        #endif
+
+        #ifdef HAVE_HC128
+            case wolfssl_hc128:
+                return wc_Hc128_Process(ssl->encrypt.hc128, out, input, sz);
+        #endif
+
+        #ifdef BUILD_RABBIT
+            case wolfssl_rabbit:
+                return wc_RabbitProcess(ssl->encrypt.rabbit, out, input, sz);
+        #endif
+
+        #if defined(HAVE_CHACHA) && defined(HAVE_POLY1305)
+            case wolfssl_chacha:
+                return ChachaAEADEncrypt(ssl, out, input, sz);
+        #endif
+
+        #ifdef HAVE_NULL_CIPHER
+            case wolfssl_cipher_null:
+                if (input != out) {
+                    XMEMMOVE(out, input, sz);
+                }
+                break;
+        #endif
+
+            default:
+                WOLFSSL_MSG("wolfSSL Encrypt programming error");
+                return ENCRYPT_ERROR;
+    }
+
+    return 0;
+}
+
+
+
+static INLINE int Decrypt(WOLFSSL* ssl, byte* plain, const byte* input,
+                           word16 sz)
+{
+    (void)plain;
+    (void)input;
+    (void)sz;
+
+    if (ssl->decrypt.setup == 0) {
+        WOLFSSL_MSG("Decrypt ciphers not setup");
+        return DECRYPT_ERROR;
+    }
+
+    switch (ssl->specs.bulk_cipher_algorithm) {
+        #ifdef BUILD_ARC4
+            case wolfssl_rc4:
+                wc_Arc4Process(ssl->decrypt.arc4, plain, input, sz);
+                break;
+        #endif
+
+        #ifdef BUILD_DES3
+            case wolfssl_triple_des:
+                return wc_Des3_CbcDecrypt(ssl->decrypt.des3, plain, input, sz);
+        #endif
+
+        #ifdef BUILD_AES
+            case wolfssl_aes:
+                return wc_AesCbcDecrypt(ssl->decrypt.aes, plain, input, sz);
+        #endif
+
+        #ifdef BUILD_AESGCM
+            case wolfssl_aes_gcm:
+            {
+                byte additional[AEAD_AUTH_DATA_SZ];
+                byte nonce[AEAD_NONCE_SZ];
+
+                XMEMSET(additional, 0, AEAD_AUTH_DATA_SZ);
+
+                /* sequence number field is 64-bits, we only use 32-bits */
+                c32toa(GetSEQIncrement(ssl, 1), additional + AEAD_SEQ_OFFSET);
+
+                #ifdef WOLFSSL_DTLS
+                    if (ssl->options.dtls)
+                        c16toa(ssl->keys.dtls_state.curEpoch, additional);
+                #endif
+
+                additional[AEAD_TYPE_OFFSET] = ssl->curRL.type;
+                additional[AEAD_VMAJ_OFFSET] = ssl->curRL.pvMajor;
+                additional[AEAD_VMIN_OFFSET] = ssl->curRL.pvMinor;
+
+                c16toa(sz - AEAD_EXP_IV_SZ - ssl->specs.aead_mac_size,
+                                        additional + AEAD_LEN_OFFSET);
+                XMEMCPY(nonce, ssl->keys.aead_dec_imp_IV, AEAD_IMP_IV_SZ);
+                XMEMCPY(nonce + AEAD_IMP_IV_SZ, input, AEAD_EXP_IV_SZ);
+                if (wc_AesGcmDecrypt(ssl->decrypt.aes,
+                            plain + AEAD_EXP_IV_SZ,
+                            input + AEAD_EXP_IV_SZ,
+                                sz - AEAD_EXP_IV_SZ - ssl->specs.aead_mac_size,
+                            nonce, AEAD_NONCE_SZ,
+                            input + sz - ssl->specs.aead_mac_size,
+                            ssl->specs.aead_mac_size,
+                            additional, AEAD_AUTH_DATA_SZ) < 0) {
+                    SendAlert(ssl, alert_fatal, bad_record_mac);
+                    ForceZero(nonce, AEAD_NONCE_SZ);
+                    return VERIFY_MAC_ERROR;
+                }
+                ForceZero(nonce, AEAD_NONCE_SZ);
+            }
+            break;
+        #endif
+
+        #ifdef HAVE_AESCCM
+            case wolfssl_aes_ccm:
+            {
+                byte additional[AEAD_AUTH_DATA_SZ];
+                byte nonce[AEAD_NONCE_SZ];
+
+                XMEMSET(additional, 0, AEAD_AUTH_DATA_SZ);
+
+                /* sequence number field is 64-bits, we only use 32-bits */
+                c32toa(GetSEQIncrement(ssl, 1), additional + AEAD_SEQ_OFFSET);
+
+                #ifdef WOLFSSL_DTLS
+                    if (ssl->options.dtls)
+                        c16toa(ssl->keys.dtls_state.curEpoch, additional);
+                #endif
+
+                additional[AEAD_TYPE_OFFSET] = ssl->curRL.type;
+                additional[AEAD_VMAJ_OFFSET] = ssl->curRL.pvMajor;
+                additional[AEAD_VMIN_OFFSET] = ssl->curRL.pvMinor;
+
+                c16toa(sz - AEAD_EXP_IV_SZ - ssl->specs.aead_mac_size,
+                                        additional + AEAD_LEN_OFFSET);
+                XMEMCPY(nonce, ssl->keys.aead_dec_imp_IV, AEAD_IMP_IV_SZ);
+                XMEMCPY(nonce + AEAD_IMP_IV_SZ, input, AEAD_EXP_IV_SZ);
+                if (wc_AesCcmDecrypt(ssl->decrypt.aes,
+                            plain + AEAD_EXP_IV_SZ,
+                            input + AEAD_EXP_IV_SZ,
+                                sz - AEAD_EXP_IV_SZ - ssl->specs.aead_mac_size,
+                            nonce, AEAD_NONCE_SZ,
+                            input + sz - ssl->specs.aead_mac_size,
+                            ssl->specs.aead_mac_size,
+                            additional, AEAD_AUTH_DATA_SZ) < 0) {
+                    SendAlert(ssl, alert_fatal, bad_record_mac);
+                    ForceZero(nonce, AEAD_NONCE_SZ);
+                    return VERIFY_MAC_ERROR;
+                }
+                ForceZero(nonce, AEAD_NONCE_SZ);
+            }
+            break;
+        #endif
+
+        #ifdef HAVE_CAMELLIA
+            case wolfssl_camellia:
+                wc_CamelliaCbcDecrypt(ssl->decrypt.cam, plain, input, sz);
+                break;
+        #endif
+
+        #ifdef HAVE_HC128
+            case wolfssl_hc128:
+                return wc_Hc128_Process(ssl->decrypt.hc128, plain, input, sz);
+        #endif
+
+        #ifdef BUILD_RABBIT
+            case wolfssl_rabbit:
+                return wc_RabbitProcess(ssl->decrypt.rabbit, plain, input, sz);
+        #endif
+
+        #if defined(HAVE_CHACHA) && defined(HAVE_POLY1305)
+            case wolfssl_chacha:
+                return ChachaAEADDecrypt(ssl, plain, input, sz);
+        #endif
+
+        #ifdef HAVE_NULL_CIPHER
+            case wolfssl_cipher_null:
+                if (input != plain) {
+                    XMEMMOVE(plain, input, sz);
+                }
+                break;
+        #endif
+
+            default:
+                WOLFSSL_MSG("wolfSSL Decrypt programming error");
+                return DECRYPT_ERROR;
+    }
+    return 0;
+}
+
+
+/* check cipher text size for sanity */
+static int SanityCheckCipherText(WOLFSSL* ssl, word32 encryptSz)
+{
+#ifdef HAVE_TRUNCATED_HMAC
+    word32 minLength = ssl->truncated_hmac ? TRUNCATED_HMAC_SZ
+                                           : ssl->specs.hash_size;
+#else
+    word32 minLength = ssl->specs.hash_size; /* covers stream */
+#endif
+
+    if (ssl->specs.cipher_type == block) {
+        if (encryptSz % ssl->specs.block_size) {
+            WOLFSSL_MSG("Block ciphertext not block size");
+            return SANITY_CIPHER_E;
+        }
+
+        minLength++;  /* pad byte */
+
+        if (ssl->specs.block_size > minLength)
+            minLength = ssl->specs.block_size;
+
+        if (ssl->options.tls1_1)
+            minLength += ssl->specs.block_size;  /* explicit IV */
+    }
+    else if (ssl->specs.cipher_type == aead) {
+        minLength = ssl->specs.aead_mac_size;    /* authTag size */
+        if (ssl->specs.bulk_cipher_algorithm != wolfssl_chacha)
+           minLength += AEAD_EXP_IV_SZ;          /* explicit IV  */
+    }
+
+    if (encryptSz < minLength) {
+        WOLFSSL_MSG("Ciphertext not minimum size");
+        return SANITY_CIPHER_E;
+    }
+
+    return 0;
+}
+
+
+#ifndef NO_OLD_TLS
+
+static INLINE void Md5Rounds(int rounds, const byte* data, int sz)
+{
+    Md5 md5;
+    int i;
+
+    wc_InitMd5(&md5);
+
+    for (i = 0; i < rounds; i++)
+        wc_Md5Update(&md5, data, sz);
+}
+
+
+
+/* do a dummy sha round */
+static INLINE void ShaRounds(int rounds, const byte* data, int sz)
+{
+    Sha sha;
+    int i;
+
+    wc_InitSha(&sha);  /* no error check on purpose, dummy round */
+
+    for (i = 0; i < rounds; i++)
+        wc_ShaUpdate(&sha, data, sz);
+}
+#endif
+
+
+#ifndef NO_SHA256
+
+static INLINE void Sha256Rounds(int rounds, const byte* data, int sz)
+{
+    Sha256 sha256;
+    int i;
+
+    wc_InitSha256(&sha256);  /* no error check on purpose, dummy round */
+
+    for (i = 0; i < rounds; i++) {
+        wc_Sha256Update(&sha256, data, sz);
+        /* no error check on purpose, dummy round */
+    }
+
+}
+
+#endif
+
+
+#ifdef WOLFSSL_SHA384
+
+static INLINE void Sha384Rounds(int rounds, const byte* data, int sz)
+{
+    Sha384 sha384;
+    int i;
+
+    wc_InitSha384(&sha384);  /* no error check on purpose, dummy round */
+
+    for (i = 0; i < rounds; i++) {
+        wc_Sha384Update(&sha384, data, sz);
+        /* no error check on purpose, dummy round */
+    }
+}
+
+#endif
+
+
+#ifdef WOLFSSL_SHA512
+
+static INLINE void Sha512Rounds(int rounds, const byte* data, int sz)
+{
+    Sha512 sha512;
+    int i;
+
+    wc_InitSha512(&sha512);  /* no error check on purpose, dummy round */
+
+    for (i = 0; i < rounds; i++) {
+        wc_Sha512Update(&sha512, data, sz);
+        /* no error check on purpose, dummy round */
+    }
+}
+
+#endif
+
+
+#ifdef WOLFSSL_RIPEMD
+
+static INLINE void RmdRounds(int rounds, const byte* data, int sz)
+{
+    RipeMd ripemd;
+    int i;
+
+    wc_InitRipeMd(&ripemd);
+
+    for (i = 0; i < rounds; i++)
+        wc_RipeMdUpdate(&ripemd, data, sz);
+}
+
+#endif
+
+
+/* Do dummy rounds */
+static INLINE void DoRounds(int type, int rounds, const byte* data, int sz)
+{
+    switch (type) {
+
+        case no_mac :
+            break;
+
+#ifndef NO_OLD_TLS
+#ifndef NO_MD5
+        case md5_mac :
+            Md5Rounds(rounds, data, sz);
+            break;
+#endif
+
+#ifndef NO_SHA
+        case sha_mac :
+            ShaRounds(rounds, data, sz);
+            break;
+#endif
+#endif
+
+#ifndef NO_SHA256
+        case sha256_mac :
+            Sha256Rounds(rounds, data, sz);
+            break;
+#endif
+
+#ifdef WOLFSSL_SHA384
+        case sha384_mac :
+            Sha384Rounds(rounds, data, sz);
+            break;
+#endif
+
+#ifdef WOLFSSL_SHA512
+        case sha512_mac :
+            Sha512Rounds(rounds, data, sz);
+            break;
+#endif
+
+#ifdef WOLFSSL_RIPEMD
+        case rmd_mac :
+            RmdRounds(rounds, data, sz);
+            break;
+#endif
+
+        default:
+            WOLFSSL_MSG("Bad round type");
+            break;
+    }
+}
+
+
+/* do number of compression rounds on dummy data */
+static INLINE void CompressRounds(WOLFSSL* ssl, int rounds, const byte* dummy)
+{
+    if (rounds)
+        DoRounds(ssl->specs.mac_algorithm, rounds, dummy, COMPRESS_LOWER);
+}
+
+
+/* check all length bytes for equality, return 0 on success */
+static int ConstantCompare(const byte* a, const byte* b, int length)
+{
+    int i;
+    int compareSum = 0;
+
+    for (i = 0; i < length; i++) {
+        compareSum |= a[i] ^ b[i];
+    }
+
+    return compareSum;
+}
+
+
+/* check all length bytes for the pad value, return 0 on success */
+static int PadCheck(const byte* input, byte pad, int length)
+{
+    int i;
+    int good = 0;
+    int bad  = 0;
+
+    for (i = 0; i < length; i++) {
+        if (input[i] == pad)
+            good++;
+        else
+            bad++;
+    }
+
+    if (good == length)
+        return 0;
+    else
+        return 0 - bad;  /* pad check failed */
+}
+
+
+/* get compression extra rounds */
+static INLINE int GetRounds(int pLen, int padLen, int t)
+{
+    int  roundL1 = 1;  /* round up flags */
+    int  roundL2 = 1;
+
+    int L1 = COMPRESS_CONSTANT + pLen - t;
+    int L2 = COMPRESS_CONSTANT + pLen - padLen - 1 - t;
+
+    L1 -= COMPRESS_UPPER;
+    L2 -= COMPRESS_UPPER;
+
+    if ( (L1 % COMPRESS_LOWER) == 0)
+        roundL1 = 0;
+    if ( (L2 % COMPRESS_LOWER) == 0)
+        roundL2 = 0;
+
+    L1 /= COMPRESS_LOWER;
+    L2 /= COMPRESS_LOWER;
+
+    L1 += roundL1;
+    L2 += roundL2;
+
+    return L1 - L2;
+}
+
+
+/* timing resistant pad/verify check, return 0 on success */
+static int TimingPadVerify(WOLFSSL* ssl, const byte* input, int padLen, int t,
+                           int pLen, int content)
+{
+    byte verify[MAX_DIGEST_SIZE];
+    byte dummy[MAX_PAD_SIZE];
+    int  ret = 0;
+
+    XMEMSET(dummy, 1, sizeof(dummy));
+
+    if ( (t + padLen + 1) > pLen) {
+        WOLFSSL_MSG("Plain Len not long enough for pad/mac");
+        PadCheck(dummy, (byte)padLen, MAX_PAD_SIZE);
+        ssl->hmac(ssl, verify, input, pLen - t, content, 1); /* still compare */
+        ConstantCompare(verify, input + pLen - t, t);
+
+        return VERIFY_MAC_ERROR;
+    }
+
+    if (PadCheck(input + pLen - (padLen + 1), (byte)padLen, padLen + 1) != 0) {
+        WOLFSSL_MSG("PadCheck failed");
+        PadCheck(dummy, (byte)padLen, MAX_PAD_SIZE - padLen - 1);
+        ssl->hmac(ssl, verify, input, pLen - t, content, 1); /* still compare */
+        ConstantCompare(verify, input + pLen - t, t);
+
+        return VERIFY_MAC_ERROR;
+    }
+
+    PadCheck(dummy, (byte)padLen, MAX_PAD_SIZE - padLen - 1);
+    ret = ssl->hmac(ssl, verify, input, pLen - padLen - 1 - t, content, 1);
+
+    CompressRounds(ssl, GetRounds(pLen, padLen, t), dummy);
+
+    if (ConstantCompare(verify, input + (pLen - padLen - 1 - t), t) != 0) {
+        WOLFSSL_MSG("Verify MAC compare failed");
+        return VERIFY_MAC_ERROR;
+    }
+
+    if (ret != 0)
+        return VERIFY_MAC_ERROR;
+    return 0;
+}
+
+
+int DoApplicationData(WOLFSSL* ssl, byte* input, word32* inOutIdx)
+{
+    word32 msgSz   = ssl->keys.encryptSz;
+    word32 idx     = *inOutIdx;
+    int    dataSz;
+    int    ivExtra = 0;
+    byte*  rawData = input + idx;  /* keep current  for hmac */
+#ifdef HAVE_LIBZ
+    byte   decomp[MAX_RECORD_SIZE + MAX_COMP_EXTRA];
+#endif
+
+    if (ssl->options.handShakeDone == 0) {
+        WOLFSSL_MSG("Received App data before a handshake completed");
+        SendAlert(ssl, alert_fatal, unexpected_message);
+        return OUT_OF_ORDER_E;
+    }
+
+    if (ssl->specs.cipher_type == block) {
+        if (ssl->options.tls1_1)
+            ivExtra = ssl->specs.block_size;
+    }
+    else if (ssl->specs.cipher_type == aead) {
+        if (ssl->specs.bulk_cipher_algorithm != wolfssl_chacha)
+            ivExtra = AEAD_EXP_IV_SZ;
+    }
+
+    dataSz = msgSz - ivExtra - ssl->keys.padSz;
+    if (dataSz < 0) {
+        WOLFSSL_MSG("App data buffer error, malicious input?");
+        return BUFFER_ERROR;
+    }
+
+    /* read data */
+    if (dataSz) {
+        int rawSz = dataSz;       /* keep raw size for idx adjustment */
+
+#ifdef HAVE_LIBZ
+        if (ssl->options.usingCompression) {
+            dataSz = myDeCompress(ssl, rawData, dataSz, decomp, sizeof(decomp));
+            if (dataSz < 0) return dataSz;
+        }
+#endif
+        idx += rawSz;
+
+        ssl->buffers.clearOutputBuffer.buffer = rawData;
+        ssl->buffers.clearOutputBuffer.length = dataSz;
+    }
+
+    idx += ssl->keys.padSz;
+
+#ifdef HAVE_LIBZ
+    /* decompress could be bigger, overwrite after verify */
+    if (ssl->options.usingCompression)
+        XMEMMOVE(rawData, decomp, dataSz);
+#endif
+
+    *inOutIdx = idx;
+    return 0;
+}
+
+
+/* process alert, return level */
+static int DoAlert(WOLFSSL* ssl, byte* input, word32* inOutIdx, int* type,
+                   word32 totalSz)
+{
+    byte level;
+    byte code;
+
+    #ifdef WOLFSSL_CALLBACKS
+        if (ssl->hsInfoOn)
+            AddPacketName("Alert", &ssl->handShakeInfo);
+        if (ssl->toInfoOn)
+            /* add record header back on to info + 2 byte level, data */
+            AddPacketInfo("Alert", &ssl->timeoutInfo, input + *inOutIdx -
+                          RECORD_HEADER_SZ, 2 + RECORD_HEADER_SZ, ssl->heap);
+    #endif
+
+    /* make sure can read the message */
+    if (*inOutIdx + ALERT_SIZE > totalSz)
+        return BUFFER_E;
+
+    level = input[(*inOutIdx)++];
+    code  = input[(*inOutIdx)++];
+    ssl->alert_history.last_rx.code = code;
+    ssl->alert_history.last_rx.level = level;
+    *type = code;
+    if (level == alert_fatal) {
+        ssl->options.isClosed = 1;  /* Don't send close_notify */
+    }
+
+    WOLFSSL_MSG("Got alert");
+    if (*type == close_notify) {
+        WOLFSSL_MSG("    close notify");
+        ssl->options.closeNotify = 1;
+    }
+    WOLFSSL_ERROR(*type);
+    if (ssl->keys.encryptionOn) {
+        if (*inOutIdx + ssl->keys.padSz > totalSz)
+            return BUFFER_E;
+        *inOutIdx += ssl->keys.padSz;
+    }
+
+    return level;
+}
+
+static int GetInputData(WOLFSSL *ssl, word32 size)
+{
+    int in;
+    int inSz;
+    int maxLength;
+    int usedLength;
+    int dtlsExtra = 0;
+
+
+    /* check max input length */
+    usedLength = ssl->buffers.inputBuffer.length - ssl->buffers.inputBuffer.idx;
+    maxLength  = ssl->buffers.inputBuffer.bufferSize - usedLength;
+    inSz       = (int)(size - usedLength);      /* from last partial read */
+
+#ifdef WOLFSSL_DTLS
+    if (ssl->options.dtls) {
+        if (size < ssl->dtls_expected_rx)
+            dtlsExtra = (int)(ssl->dtls_expected_rx - size);
+        inSz = ssl->dtls_expected_rx;
+    }
+#endif
+
+    if (inSz > maxLength) {
+        if (GrowInputBuffer(ssl, size + dtlsExtra, usedLength) < 0)
+            return MEMORY_E;
+    }
+
+    if (inSz <= 0)
+        return BUFFER_ERROR;
+
+    /* Put buffer data at start if not there */
+    if (usedLength > 0 && ssl->buffers.inputBuffer.idx != 0)
+        XMEMMOVE(ssl->buffers.inputBuffer.buffer,
+                ssl->buffers.inputBuffer.buffer + ssl->buffers.inputBuffer.idx,
+                usedLength);
+
+    /* remove processed data */
+    ssl->buffers.inputBuffer.idx    = 0;
+    ssl->buffers.inputBuffer.length = usedLength;
+
+    /* read data from network */
+    do {
+        in = Receive(ssl,
+                     ssl->buffers.inputBuffer.buffer +
+                     ssl->buffers.inputBuffer.length,
+                     inSz);
+        if (in == -1)
+            return SOCKET_ERROR_E;
+
+        if (in == WANT_READ)
+            return WANT_READ;
+
+        if (in > inSz)
+            return RECV_OVERFLOW_E;
+
+        ssl->buffers.inputBuffer.length += in;
+        inSz -= in;
+
+    } while (ssl->buffers.inputBuffer.length < size);
+
+    return 0;
+}
+
+
+static INLINE int VerifyMac(WOLFSSL* ssl, const byte* input, word32 msgSz,
+                            int content, word32* padSz)
+{
+    int    ivExtra = 0;
+    int    ret;
+    word32 pad     = 0;
+    word32 padByte = 0;
+#ifdef HAVE_TRUNCATED_HMAC
+    word32 digestSz = ssl->truncated_hmac ? TRUNCATED_HMAC_SZ
+                                          : ssl->specs.hash_size;
+#else
+    word32 digestSz = ssl->specs.hash_size;
+#endif
+    byte   verify[MAX_DIGEST_SIZE];
+
+    if (ssl->specs.cipher_type == block) {
+        if (ssl->options.tls1_1)
+            ivExtra = ssl->specs.block_size;
+        pad = *(input + msgSz - ivExtra - 1);
+        padByte = 1;
+
+        if (ssl->options.tls) {
+            ret = TimingPadVerify(ssl, input, pad, digestSz, msgSz - ivExtra,
+                                  content);
+            if (ret != 0)
+                return ret;
+        }
+        else {  /* sslv3, some implementations have bad padding, but don't
+                 * allow bad read */
+            int  badPadLen = 0;
+            byte dummy[MAX_PAD_SIZE];
+
+            XMEMSET(dummy, 1, sizeof(dummy));
+
+            if (pad > (msgSz - digestSz - 1)) {
+                WOLFSSL_MSG("Plain Len not long enough for pad/mac");
+                pad       = 0;  /* no bad read */
+                badPadLen = 1;
+            }
+            PadCheck(dummy, (byte)pad, MAX_PAD_SIZE);  /* timing only */
+            ret = ssl->hmac(ssl, verify, input, msgSz - digestSz - pad - 1,
+                            content, 1);
+            if (ConstantCompare(verify, input + msgSz - digestSz - pad - 1,
+                                digestSz) != 0)
+                return VERIFY_MAC_ERROR;
+            if (ret != 0 || badPadLen)
+                return VERIFY_MAC_ERROR;
+        }
+    }
+    else if (ssl->specs.cipher_type == stream) {
+        ret = ssl->hmac(ssl, verify, input, msgSz - digestSz, content, 1);
+        if (ConstantCompare(verify, input + msgSz - digestSz, digestSz) != 0){
+            return VERIFY_MAC_ERROR;
+        }
+        if (ret != 0)
+            return VERIFY_MAC_ERROR;
+    }
+
+    if (ssl->specs.cipher_type == aead) {
+        *padSz = ssl->specs.aead_mac_size;
+    }
+    else {
+        *padSz = digestSz + pad + padByte;
+    }
+
+    return 0;
+}
+
+
+/* process input requests, return 0 is done, 1 is call again to complete, and
+   negative number is error */
+int ProcessReply(WOLFSSL* ssl)
+{
+    int    ret = 0, type, readSz;
+    int    atomicUser = 0;
+    word32 startIdx = 0;
+#ifdef WOLFSSL_DTLS
+    int    used;
+#endif
+
+#ifdef ATOMIC_USER
+    if (ssl->ctx->DecryptVerifyCb)
+        atomicUser = 1;
+#endif
+
+    if (ssl->error != 0 && ssl->error != WANT_READ && ssl->error != WANT_WRITE){
+        WOLFSSL_MSG("ProcessReply retry in error state, not allowed");
+        return ssl->error;
+    }
+
+    for (;;) {
+        switch (ssl->options.processReply) {
+
+        /* in the WOLFSSL_SERVER case, get the first byte for detecting
+         * old client hello */
+        case doProcessInit:
+
+            readSz = RECORD_HEADER_SZ;
+
+            #ifdef WOLFSSL_DTLS
+                if (ssl->options.dtls)
+                    readSz = DTLS_RECORD_HEADER_SZ;
+            #endif
+
+            /* get header or return error */
+            if (!ssl->options.dtls) {
+                if ((ret = GetInputData(ssl, readSz)) < 0)
+                    return ret;
+            } else {
+            #ifdef WOLFSSL_DTLS
+                /* read ahead may already have header */
+                used = ssl->buffers.inputBuffer.length -
+                       ssl->buffers.inputBuffer.idx;
+                if (used < readSz)
+                    if ((ret = GetInputData(ssl, readSz)) < 0)
+                        return ret;
+            #endif
+            }
+
+#ifdef OLD_HELLO_ALLOWED
+
+            /* see if sending SSLv2 client hello */
+            if ( ssl->options.side == WOLFSSL_SERVER_END &&
+                 ssl->options.clientState == NULL_STATE &&
+                 ssl->buffers.inputBuffer.buffer[ssl->buffers.inputBuffer.idx]
+                         != handshake) {
+                byte b0, b1;
+
+                ssl->options.processReply = runProcessOldClientHello;
+
+                /* sanity checks before getting size at front */
+                if (ssl->buffers.inputBuffer.buffer[
+                          ssl->buffers.inputBuffer.idx + 2] != OLD_HELLO_ID) {
+                    WOLFSSL_MSG("Not a valid old client hello");
+                    return PARSE_ERROR;
+                }
+
+                if (ssl->buffers.inputBuffer.buffer[
+                          ssl->buffers.inputBuffer.idx + 3] != SSLv3_MAJOR &&
+                    ssl->buffers.inputBuffer.buffer[
+                          ssl->buffers.inputBuffer.idx + 3] != DTLS_MAJOR) {
+                    WOLFSSL_MSG("Not a valid version in old client hello");
+                    return PARSE_ERROR;
+                }
+
+                /* how many bytes need ProcessOldClientHello */
+                b0 =
+                ssl->buffers.inputBuffer.buffer[ssl->buffers.inputBuffer.idx++];
+                b1 =
+                ssl->buffers.inputBuffer.buffer[ssl->buffers.inputBuffer.idx++];
+                ssl->curSize = (word16)(((b0 & 0x7f) << 8) | b1);
+            }
+            else {
+                ssl->options.processReply = getRecordLayerHeader;
+                continue;
+            }
+
+        /* in the WOLFSSL_SERVER case, run the old client hello */
+        case runProcessOldClientHello:
+
+            /* get sz bytes or return error */
+            if (!ssl->options.dtls) {
+                if ((ret = GetInputData(ssl, ssl->curSize)) < 0)
+                    return ret;
+            } else {
+            #ifdef WOLFSSL_DTLS
+                /* read ahead may already have */
+                used = ssl->buffers.inputBuffer.length -
+                       ssl->buffers.inputBuffer.idx;
+                if (used < ssl->curSize)
+                    if ((ret = GetInputData(ssl, ssl->curSize)) < 0)
+                        return ret;
+            #endif  /* WOLFSSL_DTLS */
+            }
+
+            ret = ProcessOldClientHello(ssl, ssl->buffers.inputBuffer.buffer,
+                                        &ssl->buffers.inputBuffer.idx,
+                                        ssl->buffers.inputBuffer.length -
+                                        ssl->buffers.inputBuffer.idx,
+                                        ssl->curSize);
+            if (ret < 0)
+                return ret;
+
+            else if (ssl->buffers.inputBuffer.idx ==
+                     ssl->buffers.inputBuffer.length) {
+                ssl->options.processReply = doProcessInit;
+                return 0;
+            }
+
+#endif  /* OLD_HELLO_ALLOWED */
+
+        /* get the record layer header */
+        case getRecordLayerHeader:
+
+            ret = GetRecordHeader(ssl, ssl->buffers.inputBuffer.buffer,
+                                       &ssl->buffers.inputBuffer.idx,
+                                       &ssl->curRL, &ssl->curSize);
+#ifdef WOLFSSL_DTLS
+            if (ssl->options.dtls && ret == SEQUENCE_ERROR) {
+                ssl->options.processReply = doProcessInit;
+                ssl->buffers.inputBuffer.length = 0;
+                ssl->buffers.inputBuffer.idx = 0;
+                continue;
+            }
+#endif
+            if (ret != 0)
+                return ret;
+
+            ssl->options.processReply = getData;
+
+        /* retrieve record layer data */
+        case getData:
+
+            /* get sz bytes or return error */
+            if (!ssl->options.dtls) {
+                if ((ret = GetInputData(ssl, ssl->curSize)) < 0)
+                    return ret;
+            } else {
+#ifdef WOLFSSL_DTLS
+                /* read ahead may already have */
+                used = ssl->buffers.inputBuffer.length -
+                       ssl->buffers.inputBuffer.idx;
+                if (used < ssl->curSize)
+                    if ((ret = GetInputData(ssl, ssl->curSize)) < 0)
+                        return ret;
+#endif
+            }
+
+            ssl->options.processReply = runProcessingOneMessage;
+            startIdx = ssl->buffers.inputBuffer.idx;  /* in case > 1 msg per */
+
+        /* the record layer is here */
+        case runProcessingOneMessage:
+
+            #ifdef WOLFSSL_DTLS
+            if (ssl->options.dtls &&
+                ssl->keys.dtls_state.curEpoch < ssl->keys.dtls_state.nextEpoch)
+                ssl->keys.decryptedCur = 1;
+            #endif
+
+            if (ssl->keys.encryptionOn && ssl->keys.decryptedCur == 0)
+            {
+                ret = SanityCheckCipherText(ssl, ssl->curSize);
+                if (ret < 0)
+                    return ret;
+
+                if (atomicUser) {
+                #ifdef ATOMIC_USER
+                    ret = ssl->ctx->DecryptVerifyCb(ssl,
+                                  ssl->buffers.inputBuffer.buffer +
+                                  ssl->buffers.inputBuffer.idx,
+                                  ssl->buffers.inputBuffer.buffer +
+                                  ssl->buffers.inputBuffer.idx,
+                                  ssl->curSize, ssl->curRL.type, 1,
+                                  &ssl->keys.padSz, ssl->DecryptVerifyCtx);
+                    if (ssl->options.tls1_1 && ssl->specs.cipher_type == block)
+                        ssl->buffers.inputBuffer.idx += ssl->specs.block_size;
+                        /* go past TLSv1.1 IV */
+                    if (ssl->specs.cipher_type == aead &&
+                            ssl->specs.bulk_cipher_algorithm != wolfssl_chacha)
+                        ssl->buffers.inputBuffer.idx += AEAD_EXP_IV_SZ;
+                #endif /* ATOMIC_USER */
+                }
+                else {
+                    ret = Decrypt(ssl, ssl->buffers.inputBuffer.buffer +
+                                  ssl->buffers.inputBuffer.idx,
+                                  ssl->buffers.inputBuffer.buffer +
+                                  ssl->buffers.inputBuffer.idx,
+                                  ssl->curSize);
+                    if (ret < 0) {
+                        WOLFSSL_ERROR(ret);
+                        return DECRYPT_ERROR;
+                    }
+                    if (ssl->options.tls1_1 && ssl->specs.cipher_type == block)
+                        ssl->buffers.inputBuffer.idx += ssl->specs.block_size;
+                        /* go past TLSv1.1 IV */
+                    if (ssl->specs.cipher_type == aead &&
+                            ssl->specs.bulk_cipher_algorithm != wolfssl_chacha)
+                        ssl->buffers.inputBuffer.idx += AEAD_EXP_IV_SZ;
+
+                    ret = VerifyMac(ssl, ssl->buffers.inputBuffer.buffer +
+                                    ssl->buffers.inputBuffer.idx,
+                                    ssl->curSize, ssl->curRL.type,
+                                    &ssl->keys.padSz);
+                }
+                if (ret < 0) {
+                    WOLFSSL_ERROR(ret);
+                    return DECRYPT_ERROR;
+                }
+                ssl->keys.encryptSz    = ssl->curSize;
+                ssl->keys.decryptedCur = 1;
+            }
+
+            if (ssl->options.dtls) {
+            #ifdef WOLFSSL_DTLS
+                DtlsUpdateWindow(&ssl->keys.dtls_state);
+            #endif /* WOLFSSL_DTLS */
+            }
+
+            WOLFSSL_MSG("received record layer msg");
+
+            switch (ssl->curRL.type) {
+                case handshake :
+                    /* debugging in DoHandShakeMsg */
+                    if (!ssl->options.dtls) {
+                        ret = DoHandShakeMsg(ssl,
+                                            ssl->buffers.inputBuffer.buffer,
+                                            &ssl->buffers.inputBuffer.idx,
+                                            ssl->buffers.inputBuffer.length);
+                    }
+                    else {
+#ifdef WOLFSSL_DTLS
+                        ret = DoDtlsHandShakeMsg(ssl,
+                                            ssl->buffers.inputBuffer.buffer,
+                                            &ssl->buffers.inputBuffer.idx,
+                                            ssl->buffers.inputBuffer.length);
+#endif
+                    }
+                    if (ret != 0)
+                        return ret;
+                    break;
+
+                case change_cipher_spec:
+                    WOLFSSL_MSG("got CHANGE CIPHER SPEC");
+                    #ifdef WOLFSSL_CALLBACKS
+                        if (ssl->hsInfoOn)
+                            AddPacketName("ChangeCipher", &ssl->handShakeInfo);
+                        /* add record header back on info */
+                        if (ssl->toInfoOn) {
+                            AddPacketInfo("ChangeCipher", &ssl->timeoutInfo,
+                                ssl->buffers.inputBuffer.buffer +
+                                ssl->buffers.inputBuffer.idx - RECORD_HEADER_SZ,
+                                1 + RECORD_HEADER_SZ, ssl->heap);
+                            AddLateRecordHeader(&ssl->curRL, &ssl->timeoutInfo);
+                        }
+                    #endif
+
+                    ret = SanityCheckMsgReceived(ssl, change_cipher_hs);
+                    if (ret != 0)
+                        return ret;
+
+#ifdef HAVE_SESSION_TICKET
+                    if (ssl->options.side == WOLFSSL_CLIENT_END &&
+                                                  ssl->expect_session_ticket) {
+                        WOLFSSL_MSG("Expected session ticket missing");
+                        return SESSION_TICKET_EXPECT_E;
+                    }
+#endif
+
+                    if (ssl->keys.encryptionOn && ssl->options.handShakeDone) {
+                        ssl->buffers.inputBuffer.idx += ssl->keys.padSz;
+                        ssl->curSize -= ssl->buffers.inputBuffer.idx;
+                    }
+
+                    if (ssl->curSize != 1) {
+                        WOLFSSL_MSG("Malicious or corrupted ChangeCipher msg");
+                        return LENGTH_ERROR;
+                    }
+                    #ifndef NO_CERTS
+                        if (ssl->options.side == WOLFSSL_SERVER_END &&
+                                 ssl->options.verifyPeer &&
+                                 ssl->options.havePeerCert)
+                            if (!ssl->options.havePeerVerify) {
+                                WOLFSSL_MSG("client didn't send cert verify");
+                                return NO_PEER_VERIFY;
+                            }
+                    #endif
+
+
+                    ssl->buffers.inputBuffer.idx++;
+                    ssl->keys.encryptionOn = 1;
+
+                    /* setup decrypt keys for following messages */
+                    if ((ret = SetKeysSide(ssl, DECRYPT_SIDE_ONLY)) != 0)
+                        return ret;
+
+                    #ifdef WOLFSSL_DTLS
+                        if (ssl->options.dtls) {
+                            DtlsPoolReset(ssl);
+                            ssl->keys.dtls_state.nextEpoch++;
+                            ssl->keys.dtls_state.nextSeq = 0;
+                        }
+                    #endif
+
+                    #ifdef HAVE_LIBZ
+                        if (ssl->options.usingCompression)
+                            if ( (ret = InitStreams(ssl)) != 0)
+                                return ret;
+                    #endif
+                    if (ssl->options.resuming && ssl->options.side ==
+                                                              WOLFSSL_CLIENT_END)
+                        ret = BuildFinished(ssl, &ssl->verifyHashes, server);
+                    else if (!ssl->options.resuming && ssl->options.side ==
+                                                              WOLFSSL_SERVER_END)
+                        ret = BuildFinished(ssl, &ssl->verifyHashes, client);
+                    if (ret != 0)
+                        return ret;
+                    break;
+
+                case application_data:
+                    WOLFSSL_MSG("got app DATA");
+                    if ((ret = DoApplicationData(ssl,
+                                                ssl->buffers.inputBuffer.buffer,
+                                               &ssl->buffers.inputBuffer.idx))
+                                                                         != 0) {
+                        WOLFSSL_ERROR(ret);
+                        return ret;
+                    }
+                    break;
+
+                case alert:
+                    WOLFSSL_MSG("got ALERT!");
+                    ret = DoAlert(ssl, ssl->buffers.inputBuffer.buffer,
+                                  &ssl->buffers.inputBuffer.idx, &type,
+                                   ssl->buffers.inputBuffer.length);
+                    if (ret == alert_fatal)
+                        return FATAL_ERROR;
+                    else if (ret < 0)
+                        return ret;
+
+                    /* catch warnings that are handled as errors */
+                    if (type == close_notify)
+                        return ssl->error = ZERO_RETURN;
+
+                    if (type == decrypt_error)
+                        return FATAL_ERROR;
+                    break;
+
+                default:
+                    WOLFSSL_ERROR(UNKNOWN_RECORD_TYPE);
+                    return UNKNOWN_RECORD_TYPE;
+            }
+
+            ssl->options.processReply = doProcessInit;
+
+            /* input exhausted? */
+            if (ssl->buffers.inputBuffer.idx == ssl->buffers.inputBuffer.length)
+                return 0;
+            /* more messages per record */
+            else if ((ssl->buffers.inputBuffer.idx - startIdx) < ssl->curSize) {
+                WOLFSSL_MSG("More messages in record");
+                #ifdef WOLFSSL_DTLS
+                    /* read-ahead but dtls doesn't bundle messages per record */
+                    if (ssl->options.dtls) {
+                        ssl->options.processReply = doProcessInit;
+                        continue;
+                    }
+                #endif
+                ssl->options.processReply = runProcessingOneMessage;
+
+                if (ssl->keys.encryptionOn) {
+                    WOLFSSL_MSG("Bundled encrypted messages, remove middle pad");
+                    ssl->buffers.inputBuffer.idx -= ssl->keys.padSz;
+                }
+
+                continue;
+            }
+            /* more records */
+            else {
+                WOLFSSL_MSG("More records in input");
+                ssl->options.processReply = doProcessInit;
+                continue;
+            }
+
+        default:
+            WOLFSSL_MSG("Bad process input state, programming error");
+            return INPUT_CASE_ERROR;
+        }
+    }
+}
+
+
+int SendChangeCipher(WOLFSSL* ssl)
+{
+    byte              *output;
+    int                sendSz = RECORD_HEADER_SZ + ENUM_LEN;
+    int                idx    = RECORD_HEADER_SZ;
+    int                ret;
+
+    #ifdef WOLFSSL_DTLS
+        if (ssl->options.dtls) {
+            sendSz += DTLS_RECORD_EXTRA;
+            idx    += DTLS_RECORD_EXTRA;
+        }
+    #endif
+
+    /* are we in scr */
+    if (ssl->keys.encryptionOn && ssl->options.handShakeDone) {
+        sendSz += MAX_MSG_EXTRA;
+    }
+
+    /* check for avalaible size */
+    if ((ret = CheckAvailableSize(ssl, sendSz)) != 0)
+        return ret;
+
+    /* get ouput buffer */
+    output = ssl->buffers.outputBuffer.buffer +
+             ssl->buffers.outputBuffer.length;
+
+    AddRecordHeader(output, 1, change_cipher_spec, ssl);
+
+    output[idx] = 1;             /* turn it on */
+
+    if (ssl->keys.encryptionOn && ssl->options.handShakeDone) {
+        byte input[ENUM_LEN];
+        int  inputSz = ENUM_LEN;
+
+        input[0] = 1;  /* turn it on */
+        sendSz = BuildMessage(ssl, output, sendSz, input, inputSz,
+                              change_cipher_spec);
+        if (sendSz < 0)
+            return sendSz;
+    }
+
+    #ifdef WOLFSSL_DTLS
+        if (ssl->options.dtls) {
+            if ((ret = DtlsPoolSave(ssl, output, sendSz)) != 0)
+                return ret;
+        }
+    #endif
+    #ifdef WOLFSSL_CALLBACKS
+        if (ssl->hsInfoOn) AddPacketName("ChangeCipher", &ssl->handShakeInfo);
+        if (ssl->toInfoOn)
+            AddPacketInfo("ChangeCipher", &ssl->timeoutInfo, output, sendSz,
+                           ssl->heap);
+    #endif
+    ssl->buffers.outputBuffer.length += sendSz;
+
+    if (ssl->options.groupMessages)
+        return 0;
+    #ifdef WOLFSSL_DTLS
+    else if (ssl->options.dtls) {
+        /* If using DTLS, force the ChangeCipherSpec message to be in the
+         * same datagram as the finished message. */
+        return 0;
+    }
+    #endif
+    else
+        return SendBuffered(ssl);
+}
+
+
+#ifndef NO_OLD_TLS
+static int SSL_hmac(WOLFSSL* ssl, byte* digest, const byte* in, word32 sz,
+                 int content, int verify)
+{
+    byte   result[MAX_DIGEST_SIZE];
+    word32 digestSz = ssl->specs.hash_size;            /* actual sizes */
+    word32 padSz    = ssl->specs.pad_size;
+    int    ret      = 0;
+
+    Md5 md5;
+    Sha sha;
+
+    /* data */
+    byte seq[SEQ_SZ];
+    byte conLen[ENUM_LEN + LENGTH_SZ];     /* content & length */
+    const byte* macSecret = wolfSSL_GetMacSecret(ssl, verify);
+
+#ifdef HAVE_FUZZER
+    if (ssl->fuzzerCb)
+        ssl->fuzzerCb(ssl, in, sz, FUZZ_HMAC, ssl->fuzzerCtx);
+#endif
+
+    XMEMSET(seq, 0, SEQ_SZ);
+    conLen[0] = (byte)content;
+    c16toa((word16)sz, &conLen[ENUM_LEN]);
+    c32toa(GetSEQIncrement(ssl, verify), &seq[sizeof(word32)]);
+
+    if (ssl->specs.mac_algorithm == md5_mac) {
+        wc_InitMd5(&md5);
+        /* inner */
+        wc_Md5Update(&md5, macSecret, digestSz);
+        wc_Md5Update(&md5, PAD1, padSz);
+        wc_Md5Update(&md5, seq, SEQ_SZ);
+        wc_Md5Update(&md5, conLen, sizeof(conLen));
+        /* in buffer */
+        wc_Md5Update(&md5, in, sz);
+        wc_Md5Final(&md5, result);
+        /* outer */
+        wc_Md5Update(&md5, macSecret, digestSz);
+        wc_Md5Update(&md5, PAD2, padSz);
+        wc_Md5Update(&md5, result, digestSz);
+        wc_Md5Final(&md5, digest);
+    }
+    else {
+        ret = wc_InitSha(&sha);
+        if (ret != 0)
+            return ret;
+        /* inner */
+        wc_ShaUpdate(&sha, macSecret, digestSz);
+        wc_ShaUpdate(&sha, PAD1, padSz);
+        wc_ShaUpdate(&sha, seq, SEQ_SZ);
+        wc_ShaUpdate(&sha, conLen, sizeof(conLen));
+        /* in buffer */
+        wc_ShaUpdate(&sha, in, sz);
+        wc_ShaFinal(&sha, result);
+        /* outer */
+        wc_ShaUpdate(&sha, macSecret, digestSz);
+        wc_ShaUpdate(&sha, PAD2, padSz);
+        wc_ShaUpdate(&sha, result, digestSz);
+        wc_ShaFinal(&sha, digest);
+    }
+    return 0;
+}
+
+#ifndef NO_CERTS
+static void BuildMD5_CertVerify(WOLFSSL* ssl, byte* digest)
+{
+    byte md5_result[MD5_DIGEST_SIZE];
+
+    /* make md5 inner */
+    wc_Md5Update(&ssl->hashMd5, ssl->arrays->masterSecret, SECRET_LEN);
+    wc_Md5Update(&ssl->hashMd5, PAD1, PAD_MD5);
+    wc_Md5Final(&ssl->hashMd5, md5_result);
+
+    /* make md5 outer */
+    wc_Md5Update(&ssl->hashMd5, ssl->arrays->masterSecret, SECRET_LEN);
+    wc_Md5Update(&ssl->hashMd5, PAD2, PAD_MD5);
+    wc_Md5Update(&ssl->hashMd5, md5_result, MD5_DIGEST_SIZE);
+
+    wc_Md5Final(&ssl->hashMd5, digest);
+}
+
+
+static void BuildSHA_CertVerify(WOLFSSL* ssl, byte* digest)
+{
+    byte sha_result[SHA_DIGEST_SIZE];
+
+    /* make sha inner */
+    wc_ShaUpdate(&ssl->hashSha, ssl->arrays->masterSecret, SECRET_LEN);
+    wc_ShaUpdate(&ssl->hashSha, PAD1, PAD_SHA);
+    wc_ShaFinal(&ssl->hashSha, sha_result);
+
+    /* make sha outer */
+    wc_ShaUpdate(&ssl->hashSha, ssl->arrays->masterSecret, SECRET_LEN);
+    wc_ShaUpdate(&ssl->hashSha, PAD2, PAD_SHA);
+    wc_ShaUpdate(&ssl->hashSha, sha_result, SHA_DIGEST_SIZE);
+
+    wc_ShaFinal(&ssl->hashSha, digest);
+}
+#endif /* NO_CERTS */
+#endif /* NO_OLD_TLS */
+
+
+#ifndef NO_CERTS
+
+static int BuildCertHashes(WOLFSSL* ssl, Hashes* hashes)
+{
+    /* store current states, building requires get_digest which resets state */
+    #ifndef NO_OLD_TLS
+    Md5 md5 = ssl->hashMd5;
+    Sha sha = ssl->hashSha;
+    #endif
+    #ifndef NO_SHA256
+        Sha256 sha256 = ssl->hashSha256;
+    #endif
+    #ifdef WOLFSSL_SHA384
+        Sha384 sha384 = ssl->hashSha384;
+    #endif
+
+    if (ssl->options.tls) {
+#if ! defined( NO_OLD_TLS )
+        wc_Md5Final(&ssl->hashMd5, hashes->md5);
+        wc_ShaFinal(&ssl->hashSha, hashes->sha);
+#endif
+        if (IsAtLeastTLSv1_2(ssl)) {
+            int ret;
+
+            #ifndef NO_SHA256
+                ret = wc_Sha256Final(&ssl->hashSha256, hashes->sha256);
+                if (ret != 0)
+                    return ret;
+            #endif
+            #ifdef WOLFSSL_SHA384
+                ret = wc_Sha384Final(&ssl->hashSha384, hashes->sha384);
+                if (ret != 0)
+                    return ret;
+            #endif
+        }
+    }
+#if ! defined( NO_OLD_TLS )
+    else {
+        BuildMD5_CertVerify(ssl, hashes->md5);
+        BuildSHA_CertVerify(ssl, hashes->sha);
+    }
+
+    /* restore */
+    ssl->hashMd5 = md5;
+    ssl->hashSha = sha;
+#endif
+    if (IsAtLeastTLSv1_2(ssl)) {
+        #ifndef NO_SHA256
+            ssl->hashSha256 = sha256;
+        #endif
+        #ifdef WOLFSSL_SHA384
+            ssl->hashSha384 = sha384;
+        #endif
+    }
+
+    return 0;
+}
+
+#endif /* WOLFSSL_LEANPSK */
+
+/* Build SSL Message, encrypted */
+static int BuildMessage(WOLFSSL* ssl, byte* output, int outSz,
+                        const byte* input, int inSz, int type)
+{
+#ifdef HAVE_TRUNCATED_HMAC
+    word32 digestSz = min(ssl->specs.hash_size,
+                ssl->truncated_hmac ? TRUNCATED_HMAC_SZ : ssl->specs.hash_size);
+#else
+    word32 digestSz = ssl->specs.hash_size;
+#endif
+    word32 sz = RECORD_HEADER_SZ + inSz + digestSz;
+    word32 pad  = 0, i;
+    word32 idx  = RECORD_HEADER_SZ;
+    word32 ivSz = 0;      /* TLSv1.1  IV */
+    word32 headerSz = RECORD_HEADER_SZ;
+    word16 size;
+    byte               iv[AES_BLOCK_SIZE];                  /* max size */
+    int ret        = 0;
+    int atomicUser = 0;
+
+#ifdef WOLFSSL_DTLS
+    if (ssl->options.dtls) {
+        sz       += DTLS_RECORD_EXTRA;
+        idx      += DTLS_RECORD_EXTRA;
+        headerSz += DTLS_RECORD_EXTRA;
+    }
+#endif
+
+#ifdef ATOMIC_USER
+    if (ssl->ctx->MacEncryptCb)
+        atomicUser = 1;
+#endif
+
+    if (ssl->specs.cipher_type == block) {
+        word32 blockSz = ssl->specs.block_size;
+        if (ssl->options.tls1_1) {
+            ivSz = blockSz;
+            sz  += ivSz;
+
+            if (ivSz > (word32)sizeof(iv))
+                return BUFFER_E;
+
+            ret = wc_RNG_GenerateBlock(ssl->rng, iv, ivSz);
+            if (ret != 0)
+                return ret;
+
+        }
+        sz += 1;       /* pad byte */
+        pad = (sz - headerSz) % blockSz;
+        pad = blockSz - pad;
+        sz += pad;
+    }
+
+#ifdef HAVE_AEAD
+    if (ssl->specs.cipher_type == aead) {
+        if (ssl->specs.bulk_cipher_algorithm != wolfssl_chacha)
+            ivSz = AEAD_EXP_IV_SZ;
+
+        sz += (ivSz + ssl->specs.aead_mac_size - digestSz);
+        XMEMCPY(iv, ssl->keys.aead_exp_IV, AEAD_EXP_IV_SZ);
+    }
+#endif
+    if (sz > (word32)outSz) {
+        WOLFSSL_MSG("Oops, want to write past output buffer size");
+        return BUFFER_E;
+    }
+    size = (word16)(sz - headerSz);    /* include mac and digest */
+    AddRecordHeader(output, size, (byte)type, ssl);
+
+    /* write to output */
+    if (ivSz) {
+        XMEMCPY(output + idx, iv, min(ivSz, sizeof(iv)));
+        idx += ivSz;
+    }
+    XMEMCPY(output + idx, input, inSz);
+    idx += inSz;
+
+    if (type == handshake) {
+        ret = HashOutput(ssl, output, headerSz + inSz, ivSz);
+        if (ret != 0)
+            return ret;
+    }
+
+    if (ssl->specs.cipher_type == block) {
+        word32 tmpIdx = idx + digestSz;
+
+        for (i = 0; i <= pad; i++)
+            output[tmpIdx++] = (byte)pad; /* pad byte gets pad value too */
+    }
+
+    if (atomicUser) {   /* User Record Layer Callback handling */
+#ifdef ATOMIC_USER
+        if ( (ret = ssl->ctx->MacEncryptCb(ssl, output + idx,
+                        output + headerSz + ivSz, inSz, type, 0,
+                        output + headerSz, output + headerSz, size,
+                        ssl->MacEncryptCtx)) != 0)
+            return ret;
+#endif
+    }
+    else {
+        if (ssl->specs.cipher_type != aead) {
+#ifdef HAVE_TRUNCATED_HMAC
+            if (ssl->truncated_hmac && ssl->specs.hash_size > digestSz) {
+            #ifdef WOLFSSL_SMALL_STACK
+                byte* hmac = NULL;
+            #else
+                byte  hmac[MAX_DIGEST_SIZE];
+            #endif
+
+            #ifdef WOLFSSL_SMALL_STACK
+                hmac = (byte*)XMALLOC(MAX_DIGEST_SIZE, NULL,
+                                                       DYNAMIC_TYPE_TMP_BUFFER);
+                if (hmac == NULL)
+                    return MEMORY_E;
+            #endif
+
+                ret = ssl->hmac(ssl, hmac, output + headerSz + ivSz, inSz,
+                                                                       type, 0);
+                XMEMCPY(output + idx, hmac, digestSz);
+
+            #ifdef WOLFSSL_SMALL_STACK
+                XFREE(hmac, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+            #endif
+            } else
+#endif
+                ret = ssl->hmac(ssl, output+idx, output + headerSz + ivSz, inSz,
+                                                                       type, 0);
+        }
+        if (ret != 0)
+            return ret;
+
+        if ( (ret = Encrypt(ssl, output + headerSz, output+headerSz,size)) != 0)
+            return ret;
+    }
+
+    return sz;
+}
+
+
+int SendFinished(WOLFSSL* ssl)
+{
+    int              sendSz,
+                     finishedSz = ssl->options.tls ? TLS_FINISHED_SZ :
+                                                     FINISHED_SZ;
+    byte             input[FINISHED_SZ + DTLS_HANDSHAKE_HEADER_SZ];  /* max */
+    byte            *output;
+    Hashes*          hashes;
+    int              ret;
+    int              headerSz = HANDSHAKE_HEADER_SZ;
+    int              outputSz;
+
+    #ifdef WOLFSSL_DTLS
+        word32 sequence_number = ssl->keys.dtls_sequence_number;
+        word16 epoch           = ssl->keys.dtls_epoch;
+    #endif
+
+    /* setup encrypt keys */
+    if ((ret = SetKeysSide(ssl, ENCRYPT_SIDE_ONLY)) != 0)
+        return ret;
+
+    /* check for available size */
+    outputSz = sizeof(input) + MAX_MSG_EXTRA;
+    if ((ret = CheckAvailableSize(ssl, outputSz)) != 0)
+        return ret;
+
+    #ifdef WOLFSSL_DTLS
+        if (ssl->options.dtls) {
+            /* Send Finished message with the next epoch, but don't commit that
+             * change until the other end confirms its reception. */
+            headerSz += DTLS_HANDSHAKE_EXTRA;
+            ssl->keys.dtls_epoch++;
+            ssl->keys.dtls_sequence_number = 0;  /* reset after epoch change */
+        }
+    #endif
+
+    /* get ouput buffer */
+    output = ssl->buffers.outputBuffer.buffer +
+             ssl->buffers.outputBuffer.length;
+
+    AddHandShakeHeader(input, finishedSz, finished, ssl);
+
+    /* make finished hashes */
+    hashes = (Hashes*)&input[headerSz];
+    ret = BuildFinished(ssl, hashes,
+                      ssl->options.side == WOLFSSL_CLIENT_END ? client : server);
+    if (ret != 0) return ret;
+
+#ifdef HAVE_SECURE_RENEGOTIATION
+    if (ssl->secure_renegotiation) {
+        if (ssl->options.side == WOLFSSL_CLIENT_END)
+            XMEMCPY(ssl->secure_renegotiation->client_verify_data, hashes,
+                    TLS_FINISHED_SZ);
+        else
+            XMEMCPY(ssl->secure_renegotiation->server_verify_data, hashes,
+                    TLS_FINISHED_SZ);
+    }
+#endif
+
+    sendSz = BuildMessage(ssl, output, outputSz, input, headerSz + finishedSz,
+                          handshake);
+    if (sendSz < 0)
+        return BUILD_MSG_ERROR;
+
+    #ifdef WOLFSSL_DTLS
+    if (ssl->options.dtls) {
+        ssl->keys.dtls_epoch = epoch;
+        ssl->keys.dtls_sequence_number = sequence_number;
+    }
+    #endif
+
+    if (!ssl->options.resuming) {
+#ifndef NO_SESSION_CACHE
+        AddSession(ssl);    /* just try */
+#endif
+        if (ssl->options.side == WOLFSSL_CLIENT_END) {
+            ret = BuildFinished(ssl, &ssl->verifyHashes, server);
+            if (ret != 0) return ret;
+        }
+        else {
+            ssl->options.handShakeState = HANDSHAKE_DONE;
+            ssl->options.handShakeDone  = 1;
+            #ifdef WOLFSSL_DTLS
+                if (ssl->options.dtls) {
+                    /* Other side will soon receive our Finished, go to next
+                     * epoch. */
+                    ssl->keys.dtls_epoch++;
+                    ssl->keys.dtls_sequence_number = 1;
+                }
+            #endif
+        }
+    }
+    else {
+        if (ssl->options.side == WOLFSSL_CLIENT_END) {
+            ssl->options.handShakeState = HANDSHAKE_DONE;
+            ssl->options.handShakeDone  = 1;
+            #ifdef WOLFSSL_DTLS
+                if (ssl->options.dtls) {
+                    /* Other side will soon receive our Finished, go to next
+                     * epoch. */
+                    ssl->keys.dtls_epoch++;
+                    ssl->keys.dtls_sequence_number = 1;
+                }
+            #endif
+        }
+        else {
+            ret = BuildFinished(ssl, &ssl->verifyHashes, client);
+            if (ret != 0) return ret;
+        }
+    }
+    #ifdef WOLFSSL_DTLS
+        if (ssl->options.dtls) {
+            if ((ret = DtlsPoolSave(ssl, output, sendSz)) != 0)
+                return ret;
+        }
+    #endif
+
+    #ifdef WOLFSSL_CALLBACKS
+        if (ssl->hsInfoOn) AddPacketName("Finished", &ssl->handShakeInfo);
+        if (ssl->toInfoOn)
+            AddPacketInfo("Finished", &ssl->timeoutInfo, output, sendSz,
+                          ssl->heap);
+    #endif
+
+    ssl->buffers.outputBuffer.length += sendSz;
+
+    return SendBuffered(ssl);
+}
+
+#ifndef NO_CERTS
+int SendCertificate(WOLFSSL* ssl)
+{
+    int    sendSz, length, ret = 0;
+    word32 i = RECORD_HEADER_SZ + HANDSHAKE_HEADER_SZ;
+    word32 certSz, listSz;
+    byte*  output = 0;
+
+    if (ssl->options.usingPSK_cipher || ssl->options.usingAnon_cipher)
+        return 0;  /* not needed */
+
+    if (ssl->options.sendVerify == SEND_BLANK_CERT) {
+        certSz = 0;
+        length = CERT_HEADER_SZ;
+        listSz = 0;
+    }
+    else {
+        certSz = ssl->buffers.certificate.length;
+        /* list + cert size */
+        length = certSz + 2 * CERT_HEADER_SZ;
+        listSz = certSz + CERT_HEADER_SZ;
+
+        /* may need to send rest of chain, already has leading size(s) */
+        if (ssl->buffers.certChain.buffer) {
+            length += ssl->buffers.certChain.length;
+            listSz += ssl->buffers.certChain.length;
+        }
+    }
+    sendSz = length + RECORD_HEADER_SZ + HANDSHAKE_HEADER_SZ;
+
+    #ifdef WOLFSSL_DTLS
+        if (ssl->options.dtls) {
+            sendSz += DTLS_RECORD_EXTRA + DTLS_HANDSHAKE_EXTRA;
+            i      += DTLS_RECORD_EXTRA + DTLS_HANDSHAKE_EXTRA;
+        }
+    #endif
+
+    if (ssl->keys.encryptionOn)
+        sendSz += MAX_MSG_EXTRA;
+
+    /* check for available size */
+    if ((ret = CheckAvailableSize(ssl, sendSz)) != 0)
+        return ret;
+
+    /* get ouput buffer */
+    output = ssl->buffers.outputBuffer.buffer +
+             ssl->buffers.outputBuffer.length;
+
+    AddHeaders(output, length, certificate, ssl);
+
+    /* list total */
+    c32to24(listSz, output + i);
+    i += CERT_HEADER_SZ;
+
+    /* member */
+    if (certSz) {
+        c32to24(certSz, output + i);
+        i += CERT_HEADER_SZ;
+        XMEMCPY(output + i, ssl->buffers.certificate.buffer, certSz);
+        i += certSz;
+
+        /* send rest of chain? */
+        if (ssl->buffers.certChain.buffer) {
+            XMEMCPY(output + i, ssl->buffers.certChain.buffer,
+                                ssl->buffers.certChain.length);
+            i += ssl->buffers.certChain.length;
+        }
+    }
+
+    if (ssl->keys.encryptionOn) {
+        byte* input;
+        int   inputSz = i - RECORD_HEADER_SZ; /* build msg adds rec hdr */
+
+        input = (byte*)XMALLOC(inputSz, ssl->heap, DYNAMIC_TYPE_TMP_BUFFER);
+        if (input == NULL)
+            return MEMORY_E;
+
+        XMEMCPY(input, output + RECORD_HEADER_SZ, inputSz);
+        sendSz = BuildMessage(ssl, output, sendSz, input,inputSz,handshake);
+        XFREE(input, ssl->heap, DYNAMIC_TYPE_TMP_BUFFER);
+
+        if (sendSz < 0)
+            return sendSz;
+    } else {
+        ret = HashOutput(ssl, output, sendSz, 0);
+        if (ret != 0)
+            return ret;
+    }
+
+    #ifdef WOLFSSL_DTLS
+        if (ssl->options.dtls) {
+            if ((ret = DtlsPoolSave(ssl, output, sendSz)) != 0)
+                return ret;
+        }
+    #endif
+
+    #ifdef WOLFSSL_CALLBACKS
+        if (ssl->hsInfoOn) AddPacketName("Certificate", &ssl->handShakeInfo);
+        if (ssl->toInfoOn)
+            AddPacketInfo("Certificate", &ssl->timeoutInfo, output, sendSz,
+                           ssl->heap);
+    #endif
+
+    if (ssl->options.side == WOLFSSL_SERVER_END)
+        ssl->options.serverState = SERVER_CERT_COMPLETE;
+
+    ssl->buffers.outputBuffer.length += sendSz;
+    if (ssl->options.groupMessages)
+        return 0;
+    else
+        return SendBuffered(ssl);
+}
+
+
+int SendCertificateRequest(WOLFSSL* ssl)
+{
+    byte   *output;
+    int    ret;
+    int    sendSz;
+    word32 i = RECORD_HEADER_SZ + HANDSHAKE_HEADER_SZ;
+
+    int  typeTotal = 1;  /* only 1 for now */
+    int  reqSz = ENUM_LEN + typeTotal + REQ_HEADER_SZ;  /* add auth later */
+
+    if (IsAtLeastTLSv1_2(ssl))
+        reqSz += LENGTH_SZ + ssl->suites->hashSigAlgoSz;
+
+    if (ssl->options.usingPSK_cipher || ssl->options.usingAnon_cipher)
+        return 0;  /* not needed */
+
+    sendSz = RECORD_HEADER_SZ + HANDSHAKE_HEADER_SZ + reqSz;
+
+    #ifdef WOLFSSL_DTLS
+        if (ssl->options.dtls) {
+            sendSz += DTLS_RECORD_EXTRA + DTLS_HANDSHAKE_EXTRA;
+            i      += DTLS_RECORD_EXTRA + DTLS_HANDSHAKE_EXTRA;
+        }
+    #endif
+    /* check for available size */
+    if ((ret = CheckAvailableSize(ssl, sendSz)) != 0)
+        return ret;
+
+    /* get ouput buffer */
+    output = ssl->buffers.outputBuffer.buffer +
+             ssl->buffers.outputBuffer.length;
+
+    AddHeaders(output, reqSz, certificate_request, ssl);
+
+    /* write to output */
+    output[i++] = (byte)typeTotal;  /* # of types */
+#ifdef HAVE_ECC
+    if (ssl->options.cipherSuite0 == ECC_BYTE &&
+                     ssl->specs.sig_algo == ecc_dsa_sa_algo) {
+        output[i++] = ecdsa_sign;
+    } else
+#endif /* HAVE_ECC */
+    {
+        output[i++] = rsa_sign;
+    }
+
+    /* supported hash/sig */
+    if (IsAtLeastTLSv1_2(ssl)) {
+        c16toa(ssl->suites->hashSigAlgoSz, &output[i]);
+        i += LENGTH_SZ;
+
+        XMEMCPY(&output[i],
+                         ssl->suites->hashSigAlgo, ssl->suites->hashSigAlgoSz);
+        i += ssl->suites->hashSigAlgoSz;
+    }
+
+    c16toa(0, &output[i]);  /* auth's */
+    /* if add more to output, adjust i
+    i += REQ_HEADER_SZ; */
+
+    #ifdef WOLFSSL_DTLS
+        if (ssl->options.dtls) {
+            if ((ret = DtlsPoolSave(ssl, output, sendSz)) != 0)
+                return ret;
+        }
+    #endif
+
+    ret = HashOutput(ssl, output, sendSz, 0);
+    if (ret != 0)
+        return ret;
+
+    #ifdef WOLFSSL_CALLBACKS
+        if (ssl->hsInfoOn)
+            AddPacketName("CertificateRequest", &ssl->handShakeInfo);
+        if (ssl->toInfoOn)
+            AddPacketInfo("CertificateRequest", &ssl->timeoutInfo, output,
+                          sendSz, ssl->heap);
+    #endif
+    ssl->buffers.outputBuffer.length += sendSz;
+    if (ssl->options.groupMessages)
+        return 0;
+    else
+        return SendBuffered(ssl);
+}
+#endif /* !NO_CERTS */
+
+
+int SendData(WOLFSSL* ssl, const void* data, int sz)
+{
+    int sent = 0,  /* plainText size */
+        sendSz,
+        ret,
+        dtlsExtra = 0;
+
+    if (ssl->error == WANT_WRITE)
+        ssl->error = 0;
+
+    if (ssl->options.handShakeState != HANDSHAKE_DONE) {
+        int err;
+        WOLFSSL_MSG("handshake not complete, trying to finish");
+        if ( (err = wolfSSL_negotiate(ssl)) != SSL_SUCCESS)
+            return  err;
+    }
+
+    /* last time system socket output buffer was full, try again to send */
+    if (ssl->buffers.outputBuffer.length > 0) {
+        WOLFSSL_MSG("output buffer was full, trying to send again");
+        if ( (ssl->error = SendBuffered(ssl)) < 0) {
+            WOLFSSL_ERROR(ssl->error);
+            if (ssl->error == SOCKET_ERROR_E && ssl->options.connReset)
+                return 0;     /* peer reset */
+            return ssl->error;
+        }
+        else {
+            /* advance sent to previous sent + plain size just sent */
+            sent = ssl->buffers.prevSent + ssl->buffers.plainSz;
+            WOLFSSL_MSG("sent write buffered data");
+
+            if (sent > sz) {
+                WOLFSSL_MSG("error: write() after WANT_WRITE with short size");
+                return ssl->error = BAD_FUNC_ARG;
+            }
+        }
+    }
+
+#ifdef WOLFSSL_DTLS
+    if (ssl->options.dtls) {
+        dtlsExtra = DTLS_RECORD_EXTRA;
+    }
+#endif
+
+    for (;;) {
+#ifdef HAVE_MAX_FRAGMENT
+        int   len = min(sz - sent, min(ssl->max_fragment, OUTPUT_RECORD_SIZE));
+#else
+        int   len = min(sz - sent, OUTPUT_RECORD_SIZE);
+#endif
+        byte* out;
+        byte* sendBuffer = (byte*)data + sent;  /* may switch on comp */
+        int   buffSz = len;                     /* may switch on comp */
+        int   outputSz;
+#ifdef HAVE_LIBZ
+        byte  comp[MAX_RECORD_SIZE + MAX_COMP_EXTRA];
+#endif
+
+        if (sent == sz) break;
+
+#ifdef WOLFSSL_DTLS
+        if (ssl->options.dtls) {
+            len    = min(len, MAX_UDP_SIZE);
+            buffSz = len;
+        }
+#endif
+
+        /* check for available size */
+        outputSz = len + COMP_EXTRA + dtlsExtra + MAX_MSG_EXTRA;
+        if ((ret = CheckAvailableSize(ssl, outputSz)) != 0)
+            return ssl->error = ret;
+
+        /* get ouput buffer */
+        out = ssl->buffers.outputBuffer.buffer +
+              ssl->buffers.outputBuffer.length;
+
+#ifdef HAVE_LIBZ
+        if (ssl->options.usingCompression) {
+            buffSz = myCompress(ssl, sendBuffer, buffSz, comp, sizeof(comp));
+            if (buffSz < 0) {
+                return buffSz;
+            }
+            sendBuffer = comp;
+        }
+#endif
+        sendSz = BuildMessage(ssl, out, outputSz, sendBuffer, buffSz,
+                              application_data);
+        if (sendSz < 0)
+            return BUILD_MSG_ERROR;
+
+        ssl->buffers.outputBuffer.length += sendSz;
+
+        if ( (ret = SendBuffered(ssl)) < 0) {
+            WOLFSSL_ERROR(ret);
+            /* store for next call if WANT_WRITE or user embedSend() that
+               doesn't present like WANT_WRITE */
+            ssl->buffers.plainSz  = len;
+            ssl->buffers.prevSent = sent;
+            if (ret == SOCKET_ERROR_E && ssl->options.connReset)
+                return 0;  /* peer reset */
+            return ssl->error = ret;
+        }
+
+        sent += len;
+
+        /* only one message per attempt */
+        if (ssl->options.partialWrite == 1) {
+            WOLFSSL_MSG("Paritial Write on, only sending one record");
+            break;
+        }
+    }
+
+    return sent;
+}
+
+/* process input data */
+int ReceiveData(WOLFSSL* ssl, byte* output, int sz, int peek)
+{
+    int size;
+
+    WOLFSSL_ENTER("ReceiveData()");
+
+    if (ssl->error == WANT_READ)
+        ssl->error = 0;
+
+    if (ssl->error != 0 && ssl->error != WANT_WRITE) {
+        WOLFSSL_MSG("User calling wolfSSL_read in error state, not allowed");
+        return ssl->error;
+    }
+
+    if (ssl->options.handShakeState != HANDSHAKE_DONE) {
+        int err;
+        WOLFSSL_MSG("Handshake not complete, trying to finish");
+        if ( (err = wolfSSL_negotiate(ssl)) != SSL_SUCCESS)
+            return  err;
+    }
+
+#ifdef HAVE_SECURE_RENEGOTIATION
+startScr:
+    if (ssl->secure_renegotiation && ssl->secure_renegotiation->startScr) {
+        int err;
+        ssl->secure_renegotiation->startScr = 0;  /* only start once */
+        WOLFSSL_MSG("Need to start scr, server requested");
+        if ( (err = wolfSSL_Rehandshake(ssl)) != SSL_SUCCESS)
+            return  err;
+    }
+#endif
+
+    while (ssl->buffers.clearOutputBuffer.length == 0) {
+        if ( (ssl->error = ProcessReply(ssl)) < 0) {
+            WOLFSSL_ERROR(ssl->error);
+            if (ssl->error == ZERO_RETURN) {
+                WOLFSSL_MSG("Zero return, no more data coming");
+                return 0;         /* no more data coming */
+            }
+            if (ssl->error == SOCKET_ERROR_E) {
+                if (ssl->options.connReset || ssl->options.isClosed) {
+                    WOLFSSL_MSG("Peer reset or closed, connection done");
+                    return 0;     /* peer reset or closed */
+                }
+            }
+            return ssl->error;
+        }
+        #ifdef HAVE_SECURE_RENEGOTIATION
+            if (ssl->secure_renegotiation &&
+                ssl->secure_renegotiation->startScr) {
+                goto startScr;
+            }
+        #endif
+    }
+
+    if (sz < (int)ssl->buffers.clearOutputBuffer.length)
+        size = sz;
+    else
+        size = ssl->buffers.clearOutputBuffer.length;
+
+    XMEMCPY(output, ssl->buffers.clearOutputBuffer.buffer, size);
+
+    if (peek == 0) {
+        ssl->buffers.clearOutputBuffer.length -= size;
+        ssl->buffers.clearOutputBuffer.buffer += size;
+    }
+
+    if (ssl->buffers.clearOutputBuffer.length == 0 &&
+                                           ssl->buffers.inputBuffer.dynamicFlag)
+       ShrinkInputBuffer(ssl, NO_FORCED_FREE);
+
+    WOLFSSL_LEAVE("ReceiveData()", size);
+    return size;
+}
+
+
+/* send alert message */
+int SendAlert(WOLFSSL* ssl, int severity, int type)
+{
+    byte input[ALERT_SIZE];
+    byte *output;
+    int  sendSz;
+    int  ret;
+    int  outputSz;
+    int  dtlsExtra = 0;
+
+    /* if sendalert is called again for nonbloking */
+    if (ssl->options.sendAlertState != 0) {
+        ret = SendBuffered(ssl);
+        if (ret == 0)
+            ssl->options.sendAlertState = 0;
+        return ret;
+    }
+
+   #ifdef WOLFSSL_DTLS
+        if (ssl->options.dtls)
+           dtlsExtra = DTLS_RECORD_EXTRA;
+   #endif
+
+    /* check for available size */
+    outputSz = ALERT_SIZE + MAX_MSG_EXTRA + dtlsExtra;
+    if ((ret = CheckAvailableSize(ssl, outputSz)) != 0)
+        return ret;
+
+    /* get ouput buffer */
+    output = ssl->buffers.outputBuffer.buffer +
+             ssl->buffers.outputBuffer.length;
+
+    input[0] = (byte)severity;
+    input[1] = (byte)type;
+    ssl->alert_history.last_tx.code = type;
+    ssl->alert_history.last_tx.level = severity;
+    if (severity == alert_fatal) {
+        ssl->options.isClosed = 1;  /* Don't send close_notify */
+    }
+
+    /* only send encrypted alert if handshake actually complete, otherwise
+       other side may not be able to handle it */
+    if (ssl->keys.encryptionOn && ssl->options.handShakeDone)
+        sendSz = BuildMessage(ssl, output, outputSz, input, ALERT_SIZE, alert);
+    else {
+
+        AddRecordHeader(output, ALERT_SIZE, alert, ssl);
+        output += RECORD_HEADER_SZ;
+        #ifdef WOLFSSL_DTLS
+            if (ssl->options.dtls)
+                output += DTLS_RECORD_EXTRA;
+        #endif
+        XMEMCPY(output, input, ALERT_SIZE);
+
+        sendSz = RECORD_HEADER_SZ + ALERT_SIZE;
+        #ifdef WOLFSSL_DTLS
+            if (ssl->options.dtls)
+                sendSz += DTLS_RECORD_EXTRA;
+        #endif
+    }
+    if (sendSz < 0)
+        return BUILD_MSG_ERROR;
+
+    #ifdef WOLFSSL_CALLBACKS
+        if (ssl->hsInfoOn)
+            AddPacketName("Alert", &ssl->handShakeInfo);
+        if (ssl->toInfoOn)
+            AddPacketInfo("Alert", &ssl->timeoutInfo, output, sendSz,ssl->heap);
+    #endif
+
+    ssl->buffers.outputBuffer.length += sendSz;
+    ssl->options.sendAlertState = 1;
+
+    return SendBuffered(ssl);
+}
+
+const char* wolfSSL_ERR_reason_error_string(unsigned long e)
+{
+#ifdef NO_ERROR_STRINGS
+
+    (void)e;
+    return "no support for error strings built in";
+
+#else
+
+    int error = (int)e;
+
+    /* pass to wolfCrypt */
+    if (error < MAX_CODE_E && error > MIN_CODE_E) {
+        return wc_GetErrorString(error);
+    }
+
+    switch (error) {
+
+    case UNSUPPORTED_SUITE :
+        return "unsupported cipher suite";
+
+    case INPUT_CASE_ERROR :
+        return "input state error";
+
+    case PREFIX_ERROR :
+        return "bad index to key rounds";
+
+    case MEMORY_ERROR :
+        return "out of memory";
+
+    case VERIFY_FINISHED_ERROR :
+        return "verify problem on finished";
+
+    case VERIFY_MAC_ERROR :
+        return "verify mac problem";
+
+    case PARSE_ERROR :
+        return "parse error on header";
+
+    case SIDE_ERROR :
+        return "wrong client/server type";
+
+    case NO_PEER_CERT :
+        return "peer didn't send cert";
+
+    case UNKNOWN_HANDSHAKE_TYPE :
+        return "weird handshake type";
+
+    case SOCKET_ERROR_E :
+        return "error state on socket";
+
+    case SOCKET_NODATA :
+        return "expected data, not there";
+
+    case INCOMPLETE_DATA :
+        return "don't have enough data to complete task";
+
+    case UNKNOWN_RECORD_TYPE :
+        return "unknown type in record hdr";
+
+    case DECRYPT_ERROR :
+        return "error during decryption";
+
+    case FATAL_ERROR :
+        return "revcd alert fatal error";
+
+    case ENCRYPT_ERROR :
+        return "error during encryption";
+
+    case FREAD_ERROR :
+        return "fread problem";
+
+    case NO_PEER_KEY :
+        return "need peer's key";
+
+    case NO_PRIVATE_KEY :
+        return "need the private key";
+
+    case NO_DH_PARAMS :
+        return "server missing DH params";
+
+    case RSA_PRIVATE_ERROR :
+        return "error during rsa priv op";
+
+    case MATCH_SUITE_ERROR :
+        return "can't match cipher suite";
+
+    case BUILD_MSG_ERROR :
+        return "build message failure";
+
+    case BAD_HELLO :
+        return "client hello malformed";
+
+    case DOMAIN_NAME_MISMATCH :
+        return "peer subject name mismatch";
+
+    case WANT_READ :
+    case SSL_ERROR_WANT_READ :
+        return "non-blocking socket wants data to be read";
+
+    case NOT_READY_ERROR :
+        return "handshake layer not ready yet, complete first";
+
+    case PMS_VERSION_ERROR :
+        return "premaster secret version mismatch error";
+
+    case VERSION_ERROR :
+        return "record layer version error";
+
+    case WANT_WRITE :
+    case SSL_ERROR_WANT_WRITE :
+        return "non-blocking socket write buffer full";
+
+    case BUFFER_ERROR :
+        return "malformed buffer input error";
+
+    case VERIFY_CERT_ERROR :
+        return "verify problem on certificate";
+
+    case VERIFY_SIGN_ERROR :
+        return "verify problem based on signature";
+
+    case CLIENT_ID_ERROR :
+        return "psk client identity error";
+
+    case SERVER_HINT_ERROR:
+        return "psk server hint error";
+
+    case PSK_KEY_ERROR:
+        return "psk key callback error";
+
+    case NTRU_KEY_ERROR:
+        return "NTRU key error";
+
+    case NTRU_DRBG_ERROR:
+        return "NTRU drbg error";
+
+    case NTRU_ENCRYPT_ERROR:
+        return "NTRU encrypt error";
+
+    case NTRU_DECRYPT_ERROR:
+        return "NTRU decrypt error";
+
+    case ZLIB_INIT_ERROR:
+        return "zlib init error";
+
+    case ZLIB_COMPRESS_ERROR:
+        return "zlib compress error";
+
+    case ZLIB_DECOMPRESS_ERROR:
+        return "zlib decompress error";
+
+    case GETTIME_ERROR:
+        return "gettimeofday() error";
+
+    case GETITIMER_ERROR:
+        return "getitimer() error";
+
+    case SIGACT_ERROR:
+        return "sigaction() error";
+
+    case SETITIMER_ERROR:
+        return "setitimer() error";
+
+    case LENGTH_ERROR:
+        return "record layer length error";
+
+    case PEER_KEY_ERROR:
+        return "cant decode peer key";
+
+    case ZERO_RETURN:
+    case SSL_ERROR_ZERO_RETURN:
+        return "peer sent close notify alert";
+
+    case ECC_CURVETYPE_ERROR:
+        return "Bad ECC Curve Type or unsupported";
+
+    case ECC_CURVE_ERROR:
+        return "Bad ECC Curve or unsupported";
+
+    case ECC_PEERKEY_ERROR:
+        return "Bad ECC Peer Key";
+
+    case ECC_MAKEKEY_ERROR:
+        return "ECC Make Key failure";
+
+    case ECC_EXPORT_ERROR:
+        return "ECC Export Key failure";
+
+    case ECC_SHARED_ERROR:
+        return "ECC DHE shared failure";
+
+    case NOT_CA_ERROR:
+        return "Not a CA by basic constraint error";
+
+    case BAD_PATH_ERROR:
+        return "Bad path for opendir error";
+
+    case BAD_CERT_MANAGER_ERROR:
+        return "Bad Cert Manager error";
+
+    case OCSP_CERT_REVOKED:
+        return "OCSP Cert revoked";
+
+    case CRL_CERT_REVOKED:
+        return "CRL Cert revoked";
+
+    case CRL_MISSING:
+        return "CRL missing, not loaded";
+
+    case MONITOR_RUNNING_E:
+        return "CRL monitor already running";
+
+    case THREAD_CREATE_E:
+        return "Thread creation problem";
+
+    case OCSP_NEED_URL:
+        return "OCSP need URL";
+
+    case OCSP_CERT_UNKNOWN:
+        return "OCSP Cert unknown";
+
+    case OCSP_LOOKUP_FAIL:
+        return "OCSP Responder lookup fail";
+
+    case MAX_CHAIN_ERROR:
+        return "Maximum Chain Depth Exceeded";
+
+    case COOKIE_ERROR:
+        return "DTLS Cookie Error";
+
+    case SEQUENCE_ERROR:
+        return "DTLS Sequence Error";
+
+    case SUITES_ERROR:
+        return "Suites Pointer Error";
+
+    case SSL_NO_PEM_HEADER:
+        return "No PEM Header Error";
+
+    case OUT_OF_ORDER_E:
+        return "Out of order message, fatal";
+
+    case BAD_KEA_TYPE_E:
+        return "Bad KEA type found";
+
+    case SANITY_CIPHER_E:
+        return "Sanity check on ciphertext failed";
+
+    case RECV_OVERFLOW_E:
+        return "Receive callback returned more than requested";
+
+    case GEN_COOKIE_E:
+        return "Generate Cookie Error";
+
+    case NO_PEER_VERIFY:
+        return "Need peer certificate verify Error";
+
+    case FWRITE_ERROR:
+        return "fwrite Error";
+
+    case CACHE_MATCH_ERROR:
+        return "Cache restore header match Error";
+
+    case UNKNOWN_SNI_HOST_NAME_E:
+        return "Unrecognized host name Error";
+
+    case KEYUSE_SIGNATURE_E:
+        return "Key Use digitalSignature not set Error";
+
+    case KEYUSE_ENCIPHER_E:
+        return "Key Use keyEncipherment not set Error";
+
+    case EXTKEYUSE_AUTH_E:
+        return "Ext Key Use server/client auth not set Error";
+
+    case SEND_OOB_READ_E:
+        return "Send Callback Out of Bounds Read Error";
+
+    case SECURE_RENEGOTIATION_E:
+        return "Invalid Renegotiation Error";
+
+    case SESSION_TICKET_LEN_E:
+        return "Session Ticket Too Long Error";
+
+    case SESSION_TICKET_EXPECT_E:
+        return "Session Ticket Error";
+
+    case SCR_DIFFERENT_CERT_E:
+        return "Peer sent different cert during SCR";
+
+    case SESSION_SECRET_CB_E:
+        return "Session Secret Callback Error";
+
+    case NO_CHANGE_CIPHER_E:
+        return "Finished received from peer before Change Cipher Error";
+
+    case SANITY_MSG_E:
+        return "Sanity Check on message order Error";
+
+    case DUPLICATE_MSG_E:
+        return "Duplicate HandShake message Error";
+
+    default :
+        return "unknown error number";
+    }
+
+#endif /* NO_ERROR_STRINGS */
+}
+
+void SetErrorString(int error, char* str)
+{
+    XSTRNCPY(str, wolfSSL_ERR_reason_error_string(error), WOLFSSL_MAX_ERROR_SZ);
+}
+
+
+/* be sure to add to cipher_name_idx too !!!! */
+static const char* const cipher_names[] =
+{
+#ifdef BUILD_SSL_RSA_WITH_RC4_128_SHA
+    "RC4-SHA",
+#endif
+
+#ifdef BUILD_SSL_RSA_WITH_RC4_128_MD5
+    "RC4-MD5",
+#endif
+
+#ifdef BUILD_SSL_RSA_WITH_3DES_EDE_CBC_SHA
+    "DES-CBC3-SHA",
+#endif
+
+#ifdef BUILD_TLS_RSA_WITH_AES_128_CBC_SHA
+    "AES128-SHA",
+#endif
+
+#ifdef BUILD_TLS_RSA_WITH_AES_256_CBC_SHA
+    "AES256-SHA",
+#endif
+
+#ifdef BUILD_TLS_RSA_WITH_NULL_SHA
+    "NULL-SHA",
+#endif
+
+#ifdef BUILD_TLS_RSA_WITH_NULL_SHA256
+    "NULL-SHA256",
+#endif
+
+#ifdef BUILD_TLS_DHE_RSA_WITH_AES_128_CBC_SHA
+    "DHE-RSA-AES128-SHA",
+#endif
+
+#ifdef BUILD_TLS_DHE_RSA_WITH_AES_256_CBC_SHA
+    "DHE-RSA-AES256-SHA",
+#endif
+
+#ifdef BUILD_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384
+    "DHE-PSK-AES256-GCM-SHA384",
+#endif
+
+#ifdef BUILD_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256
+    "DHE-PSK-AES128-GCM-SHA256",
+#endif
+
+#ifdef BUILD_TLS_PSK_WITH_AES_256_GCM_SHA384
+    "PSK-AES256-GCM-SHA384",
+#endif
+
+#ifdef BUILD_TLS_PSK_WITH_AES_128_GCM_SHA256
+    "PSK-AES128-GCM-SHA256",
+#endif
+
+#ifdef BUILD_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384
+    "DHE-PSK-AES256-CBC-SHA384",
+#endif
+
+#ifdef BUILD_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256
+    "DHE-PSK-AES128-CBC-SHA256",
+#endif
+
+#ifdef BUILD_TLS_PSK_WITH_AES_256_CBC_SHA384
+    "PSK-AES256-CBC-SHA384",
+#endif
+
+#ifdef BUILD_TLS_PSK_WITH_AES_128_CBC_SHA256
+    "PSK-AES128-CBC-SHA256",
+#endif
+
+#ifdef BUILD_TLS_PSK_WITH_AES_128_CBC_SHA
+    "PSK-AES128-CBC-SHA",
+#endif
+
+#ifdef BUILD_TLS_PSK_WITH_AES_256_CBC_SHA
+    "PSK-AES256-CBC-SHA",
+#endif
+
+#ifdef BUILD_TLS_DHE_PSK_WITH_AES_128_CCM
+    "DHE-PSK-AES128-CCM",
+#endif
+
+#ifdef BUILD_TLS_DHE_PSK_WITH_AES_256_CCM
+    "DHE-PSK-AES256-CCM",
+#endif
+
+#ifdef BUILD_TLS_PSK_WITH_AES_128_CCM
+    "PSK-AES128-CCM",
+#endif
+
+#ifdef BUILD_TLS_PSK_WITH_AES_256_CCM
+    "PSK-AES256-CCM",
+#endif
+
+#ifdef BUILD_TLS_PSK_WITH_AES_128_CCM_8
+    "PSK-AES128-CCM-8",
+#endif
+
+#ifdef BUILD_TLS_PSK_WITH_AES_256_CCM_8
+    "PSK-AES256-CCM-8",
+#endif
+
+#ifdef BUILD_TLS_DHE_PSK_WITH_NULL_SHA384
+    "DHE-PSK-NULL-SHA384",
+#endif
+
+#ifdef BUILD_TLS_DHE_PSK_WITH_NULL_SHA256
+    "DHE-PSK-NULL-SHA256",
+#endif
+
+#ifdef BUILD_TLS_PSK_WITH_NULL_SHA384
+    "PSK-NULL-SHA384",
+#endif
+
+#ifdef BUILD_TLS_PSK_WITH_NULL_SHA256
+    "PSK-NULL-SHA256",
+#endif
+
+#ifdef BUILD_TLS_PSK_WITH_NULL_SHA
+    "PSK-NULL-SHA",
+#endif
+
+#ifdef BUILD_TLS_RSA_WITH_HC_128_MD5
+    "HC128-MD5",
+#endif
+
+#ifdef BUILD_TLS_RSA_WITH_HC_128_SHA
+    "HC128-SHA",
+#endif
+
+#ifdef BUILD_TLS_RSA_WITH_HC_128_B2B256
+    "HC128-B2B256",
+#endif
+
+#ifdef BUILD_TLS_RSA_WITH_AES_128_CBC_B2B256
+    "AES128-B2B256",
+#endif
+
+#ifdef BUILD_TLS_RSA_WITH_AES_256_CBC_B2B256
+    "AES256-B2B256",
+#endif
+
+#ifdef BUILD_TLS_RSA_WITH_RABBIT_SHA
+    "RABBIT-SHA",
+#endif
+
+#ifdef BUILD_TLS_NTRU_RSA_WITH_RC4_128_SHA
+    "NTRU-RC4-SHA",
+#endif
+
+#ifdef BUILD_TLS_NTRU_RSA_WITH_3DES_EDE_CBC_SHA
+    "NTRU-DES-CBC3-SHA",
+#endif
+
+#ifdef BUILD_TLS_NTRU_RSA_WITH_AES_128_CBC_SHA
+    "NTRU-AES128-SHA",
+#endif
+
+#ifdef BUILD_TLS_NTRU_RSA_WITH_AES_256_CBC_SHA
+    "NTRU-AES256-SHA",
+#endif
+
+#ifdef BUILD_TLS_RSA_WITH_AES_128_CCM_8
+    "AES128-CCM-8",
+#endif
+
+#ifdef BUILD_TLS_RSA_WITH_AES_256_CCM_8
+    "AES256-CCM-8",
+#endif
+
+#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8
+    "ECDHE-ECDSA-AES128-CCM-8",
+#endif
+
+#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8
+    "ECDHE-ECDSA-AES256-CCM-8",
+#endif
+
+#ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
+    "ECDHE-RSA-AES128-SHA",
+#endif
+
+#ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
+    "ECDHE-RSA-AES256-SHA",
+#endif
+
+#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
+    "ECDHE-ECDSA-AES128-SHA",
+#endif
+
+#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
+    "ECDHE-ECDSA-AES256-SHA",
+#endif
+
+#ifdef BUILD_TLS_ECDHE_RSA_WITH_RC4_128_SHA
+    "ECDHE-RSA-RC4-SHA",
+#endif
+
+#ifdef BUILD_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
+    "ECDHE-RSA-DES-CBC3-SHA",
+#endif
+
+#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
+    "ECDHE-ECDSA-RC4-SHA",
+#endif
+
+#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
+    "ECDHE-ECDSA-DES-CBC3-SHA",
+#endif
+
+#ifdef BUILD_TLS_RSA_WITH_AES_128_CBC_SHA256
+    "AES128-SHA256",
+#endif
+
+#ifdef BUILD_TLS_RSA_WITH_AES_256_CBC_SHA256
+    "AES256-SHA256",
+#endif
+
+#ifdef BUILD_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
+    "DHE-RSA-AES128-SHA256",
+#endif
+
+#ifdef BUILD_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
+    "DHE-RSA-AES256-SHA256",
+#endif
+
+#ifdef BUILD_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
+    "ECDH-RSA-AES128-SHA",
+#endif
+
+#ifdef BUILD_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
+    "ECDH-RSA-AES256-SHA",
+#endif
+
+#ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
+    "ECDH-ECDSA-AES128-SHA",
+#endif
+
+#ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
+    "ECDH-ECDSA-AES256-SHA",
+#endif
+
+#ifdef BUILD_TLS_ECDH_RSA_WITH_RC4_128_SHA
+    "ECDH-RSA-RC4-SHA",
+#endif
+
+#ifdef BUILD_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
+    "ECDH-RSA-DES-CBC3-SHA",
+#endif
+
+#ifdef BUILD_TLS_ECDH_ECDSA_WITH_RC4_128_SHA
+    "ECDH-ECDSA-RC4-SHA",
+#endif
+
+#ifdef BUILD_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
+    "ECDH-ECDSA-DES-CBC3-SHA",
+#endif
+
+#ifdef BUILD_TLS_RSA_WITH_AES_128_GCM_SHA256
+    "AES128-GCM-SHA256",
+#endif
+
+#ifdef BUILD_TLS_RSA_WITH_AES_256_GCM_SHA384
+    "AES256-GCM-SHA384",
+#endif
+
+#ifdef BUILD_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
+    "DHE-RSA-AES128-GCM-SHA256",
+#endif
+
+#ifdef BUILD_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
+    "DHE-RSA-AES256-GCM-SHA384",
+#endif
+
+#ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
+    "ECDHE-RSA-AES128-GCM-SHA256",
+#endif
+
+#ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
+    "ECDHE-RSA-AES256-GCM-SHA384",
+#endif
+
+#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
+    "ECDHE-ECDSA-AES128-GCM-SHA256",
+#endif
+
+#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
+    "ECDHE-ECDSA-AES256-GCM-SHA384",
+#endif
+
+#ifdef BUILD_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
+    "ECDH-RSA-AES128-GCM-SHA256",
+#endif
+
+#ifdef BUILD_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
+    "ECDH-RSA-AES256-GCM-SHA384",
+#endif
+
+#ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256
+    "ECDH-ECDSA-AES128-GCM-SHA256",
+#endif
+
+#ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
+    "ECDH-ECDSA-AES256-GCM-SHA384",
+#endif
+
+#ifdef BUILD_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
+    "CAMELLIA128-SHA",
+#endif
+
+#ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
+    "DHE-RSA-CAMELLIA128-SHA",
+#endif
+
+#ifdef BUILD_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
+    "CAMELLIA256-SHA",
+#endif
+
+#ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
+    "DHE-RSA-CAMELLIA256-SHA",
+#endif
+
+#ifdef BUILD_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256
+    "CAMELLIA128-SHA256",
+#endif
+
+#ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
+    "DHE-RSA-CAMELLIA128-SHA256",
+#endif
+
+#ifdef BUILD_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256
+    "CAMELLIA256-SHA256",
+#endif
+
+#ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256
+    "DHE-RSA-CAMELLIA256-SHA256",
+#endif
+
+#ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
+    "ECDHE-RSA-AES128-SHA256",
+#endif
+
+#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
+    "ECDHE-ECDSA-AES128-SHA256",
+#endif
+
+#ifdef BUILD_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
+    "ECDH-RSA-AES128-SHA256",
+#endif
+
+#ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
+    "ECDH-ECDSA-AES128-SHA256",
+#endif
+
+#ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
+    "ECDHE-RSA-AES256-SHA384",
+#endif
+
+#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
+    "ECDHE-ECDSA-AES256-SHA384",
+#endif
+
+#ifdef BUILD_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
+    "ECDH-RSA-AES256-SHA384",
+#endif
+
+#ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
+    "ECDH-ECDSA-AES256-SHA384",
+#endif
+
+#ifdef BUILD_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
+    "ECDHE-RSA-CHACHA20-POLY1305",
+#endif
+
+#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
+    "ECDHE-ECDSA-CHACHA20-POLY1305",
+#endif
+
+#ifdef BUILD_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256
+    "DHE-RSA-CHACHA20-POLY1305",
+#endif
+
+#ifdef BUILD_TLS_DH_anon_WITH_AES_128_CBC_SHA
+    "ADH-AES128-SHA",
+#endif
+
+#ifdef HAVE_RENEGOTIATION_INDICATION
+    "RENEGOTIATION-INFO",
+#endif
+};
+
+
+/* cipher suite number that matches above name table */
+static int cipher_name_idx[] =
+{
+
+#ifdef BUILD_SSL_RSA_WITH_RC4_128_SHA
+    SSL_RSA_WITH_RC4_128_SHA,
+#endif
+
+#ifdef BUILD_SSL_RSA_WITH_RC4_128_MD5
+    SSL_RSA_WITH_RC4_128_MD5,
+#endif
+
+#ifdef BUILD_SSL_RSA_WITH_3DES_EDE_CBC_SHA
+    SSL_RSA_WITH_3DES_EDE_CBC_SHA,
+#endif
+
+#ifdef BUILD_TLS_RSA_WITH_AES_128_CBC_SHA
+    TLS_RSA_WITH_AES_128_CBC_SHA,
+#endif
+
+#ifdef BUILD_TLS_RSA_WITH_AES_256_CBC_SHA
+    TLS_RSA_WITH_AES_256_CBC_SHA,
+#endif
+
+#ifdef BUILD_TLS_RSA_WITH_NULL_SHA
+    TLS_RSA_WITH_NULL_SHA,
+#endif
+
+#ifdef BUILD_TLS_RSA_WITH_NULL_SHA256
+    TLS_RSA_WITH_NULL_SHA256,
+#endif
+
+#ifdef BUILD_TLS_DHE_RSA_WITH_AES_128_CBC_SHA
+    TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
+#endif
+
+#ifdef BUILD_TLS_DHE_RSA_WITH_AES_256_CBC_SHA
+    TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
+#endif
+
+#ifdef BUILD_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384
+    TLS_DHE_PSK_WITH_AES_256_GCM_SHA384,
+#endif
+
+#ifdef BUILD_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256
+    TLS_DHE_PSK_WITH_AES_128_GCM_SHA256,
+#endif
+
+#ifdef BUILD_TLS_PSK_WITH_AES_256_GCM_SHA384
+    TLS_PSK_WITH_AES_256_GCM_SHA384,
+#endif
+
+#ifdef BUILD_TLS_PSK_WITH_AES_128_GCM_SHA256
+    TLS_PSK_WITH_AES_128_GCM_SHA256,
+#endif
+
+#ifdef BUILD_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384
+    TLS_DHE_PSK_WITH_AES_256_CBC_SHA384,
+#endif
+
+#ifdef BUILD_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256
+    TLS_DHE_PSK_WITH_AES_128_CBC_SHA256,
+#endif
+
+#ifdef BUILD_TLS_PSK_WITH_AES_256_CBC_SHA384
+    TLS_PSK_WITH_AES_256_CBC_SHA384,
+#endif
+
+#ifdef BUILD_TLS_PSK_WITH_AES_128_CBC_SHA256
+    TLS_PSK_WITH_AES_128_CBC_SHA256,
+#endif
+
+#ifdef BUILD_TLS_PSK_WITH_AES_128_CBC_SHA
+    TLS_PSK_WITH_AES_128_CBC_SHA,
+#endif
+
+#ifdef BUILD_TLS_PSK_WITH_AES_256_CBC_SHA
+    TLS_PSK_WITH_AES_256_CBC_SHA,
+#endif
+
+#ifdef BUILD_TLS_DHE_PSK_WITH_AES_128_CCM
+    TLS_DHE_PSK_WITH_AES_128_CCM,
+#endif
+
+#ifdef BUILD_TLS_DHE_PSK_WITH_AES_256_CCM
+    TLS_DHE_PSK_WITH_AES_256_CCM,
+#endif
+
+#ifdef BUILD_TLS_PSK_WITH_AES_128_CCM
+    TLS_PSK_WITH_AES_128_CCM,
+#endif
+
+#ifdef BUILD_TLS_PSK_WITH_AES_256_CCM
+    TLS_PSK_WITH_AES_256_CCM,
+#endif
+
+#ifdef BUILD_TLS_PSK_WITH_AES_128_CCM_8
+    TLS_PSK_WITH_AES_128_CCM_8,
+#endif
+
+#ifdef BUILD_TLS_PSK_WITH_AES_256_CCM_8
+    TLS_PSK_WITH_AES_256_CCM_8,
+#endif
+
+#ifdef BUILD_TLS_DHE_PSK_WITH_NULL_SHA384
+    TLS_DHE_PSK_WITH_NULL_SHA384,
+#endif
+
+#ifdef BUILD_TLS_DHE_PSK_WITH_NULL_SHA256
+    TLS_DHE_PSK_WITH_NULL_SHA256,
+#endif
+
+#ifdef BUILD_TLS_PSK_WITH_NULL_SHA384
+    TLS_PSK_WITH_NULL_SHA384,
+#endif
+
+#ifdef BUILD_TLS_PSK_WITH_NULL_SHA256
+    TLS_PSK_WITH_NULL_SHA256,
+#endif
+
+#ifdef BUILD_TLS_PSK_WITH_NULL_SHA
+    TLS_PSK_WITH_NULL_SHA,
+#endif
+
+#ifdef BUILD_TLS_RSA_WITH_HC_128_MD5
+    TLS_RSA_WITH_HC_128_MD5,
+#endif
+
+#ifdef BUILD_TLS_RSA_WITH_HC_128_SHA
+    TLS_RSA_WITH_HC_128_SHA,
+#endif
+
+#ifdef BUILD_TLS_RSA_WITH_HC_128_B2B256
+    TLS_RSA_WITH_HC_128_B2B256,
+#endif
+
+#ifdef BUILD_TLS_RSA_WITH_AES_128_CBC_B2B256
+    TLS_RSA_WITH_AES_128_CBC_B2B256,
+#endif
+
+#ifdef BUILD_TLS_RSA_WITH_AES_256_CBC_B2B256
+    TLS_RSA_WITH_AES_256_CBC_B2B256,
+#endif
+
+#ifdef BUILD_TLS_RSA_WITH_RABBIT_SHA
+    TLS_RSA_WITH_RABBIT_SHA,
+#endif
+
+#ifdef BUILD_TLS_NTRU_RSA_WITH_RC4_128_SHA
+    TLS_NTRU_RSA_WITH_RC4_128_SHA,
+#endif
+
+#ifdef BUILD_TLS_NTRU_RSA_WITH_3DES_EDE_CBC_SHA
+    TLS_NTRU_RSA_WITH_3DES_EDE_CBC_SHA,
+#endif
+
+#ifdef BUILD_TLS_NTRU_RSA_WITH_AES_128_CBC_SHA
+    TLS_NTRU_RSA_WITH_AES_128_CBC_SHA,
+#endif
+
+#ifdef BUILD_TLS_NTRU_RSA_WITH_AES_256_CBC_SHA
+    TLS_NTRU_RSA_WITH_AES_256_CBC_SHA,
+#endif
+
+#ifdef BUILD_TLS_RSA_WITH_AES_128_CCM_8
+    TLS_RSA_WITH_AES_128_CCM_8,
+#endif
+
+#ifdef BUILD_TLS_RSA_WITH_AES_256_CCM_8
+    TLS_RSA_WITH_AES_256_CCM_8,
+#endif
+
+#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8
+    TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8,
+#endif
+
+#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8
+    TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8,
+#endif
+
+#ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
+    TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
+#endif
+
+#ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
+    TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
+#endif
+
+#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
+    TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
+#endif
+
+#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
+    TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
+#endif
+
+#ifdef BUILD_TLS_ECDHE_RSA_WITH_RC4_128_SHA
+    TLS_ECDHE_RSA_WITH_RC4_128_SHA,
+#endif
+
+#ifdef BUILD_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
+    TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
+#endif
+
+#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
+    TLS_ECDHE_ECDSA_WITH_RC4_128_SHA,
+#endif
+
+#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
+    TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,
+#endif
+
+#ifdef BUILD_TLS_RSA_WITH_AES_128_CBC_SHA256
+    TLS_RSA_WITH_AES_128_CBC_SHA256,
+#endif
+
+#ifdef BUILD_TLS_RSA_WITH_AES_256_CBC_SHA256
+    TLS_RSA_WITH_AES_256_CBC_SHA256,
+#endif
+
+#ifdef BUILD_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
+    TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,
+#endif
+
+#ifdef BUILD_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
+    TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,
+#endif
+
+#ifdef BUILD_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
+    TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,
+#endif
+
+#ifdef BUILD_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
+    TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,
+#endif
+
+#ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
+    TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
+#endif
+
+#ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
+    TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
+#endif
+
+#ifdef BUILD_TLS_ECDH_RSA_WITH_RC4_128_SHA
+    TLS_ECDH_RSA_WITH_RC4_128_SHA,
+#endif
+
+#ifdef BUILD_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
+    TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,
+#endif
+
+#ifdef BUILD_TLS_ECDH_ECDSA_WITH_RC4_128_SHA
+    TLS_ECDH_ECDSA_WITH_RC4_128_SHA,
+#endif
+
+#ifdef BUILD_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
+    TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA,
+#endif
+
+#ifdef BUILD_TLS_RSA_WITH_AES_128_GCM_SHA256
+    TLS_RSA_WITH_AES_128_GCM_SHA256,
+#endif
+
+#ifdef BUILD_TLS_RSA_WITH_AES_256_GCM_SHA384
+    TLS_RSA_WITH_AES_256_GCM_SHA384,
+#endif
+
+#ifdef BUILD_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
+    TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,
+#endif
+
+#ifdef BUILD_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
+    TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,
+#endif
+
+#ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
+    TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
+#endif
+
+#ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
+    TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
+#endif
+
+#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
+    TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
+#endif
+
+#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
+    TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
+#endif
+
+#ifdef BUILD_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
+    TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256,
+#endif
+
+#ifdef BUILD_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
+    TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384,
+#endif
+
+#ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256
+    TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
+#endif
+
+#ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
+    TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
+#endif
+
+#ifdef BUILD_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
+    TLS_RSA_WITH_CAMELLIA_128_CBC_SHA,
+#endif
+
+#ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
+    TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
+#endif
+
+#ifdef BUILD_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
+    TLS_RSA_WITH_CAMELLIA_256_CBC_SHA,
+#endif
+
+#ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
+    TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
+#endif
+
+#ifdef BUILD_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256
+    TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256,
+#endif
+
+#ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
+    TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
+#endif
+
+#ifdef BUILD_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256
+    TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256,
+#endif
+
+#ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256
+    TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
+#endif
+
+#ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
+    TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
+#endif
+
+#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
+    TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
+#endif
+
+#ifdef BUILD_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
+    TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256,
+#endif
+
+#ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
+    TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256,
+#endif
+
+#ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
+    TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
+#endif
+
+#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
+    TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,
+#endif
+
+#ifdef BUILD_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
+    TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384,
+#endif
+
+#ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
+    TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384,
+#endif
+
+#ifdef BUILD_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
+    TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
+#endif
+
+#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
+    TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,
+#endif
+
+#ifdef BUILD_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256
+    TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
+#endif
+
+#ifdef BUILD_TLS_DH_anon_WITH_AES_128_CBC_SHA
+    TLS_DH_anon_WITH_AES_128_CBC_SHA,
+#endif
+
+#ifdef HAVE_RENEGOTIATION_INDICATION
+    TLS_EMPTY_RENEGOTIATION_INFO_SCSV,
+#endif
+};
+
+
+/* returns the cipher_names array */
+const char* const* GetCipherNames(void)
+{
+    return cipher_names;
+}
+
+
+/* returns the size of the cipher_names array */
+int GetCipherNamesSize(void)
+{
+    return (int)(sizeof(cipher_names) / sizeof(char*));
+}
+
+
+/**
+Set the enabled cipher suites.
+
+@param [out] suites Suites structure.
+@param [in]  list   List of cipher suites, only supports full name from
+                    cipher_name[] delimited by ':'.
+
+@return true on success, else false.
+*/
+int SetCipherList(Suites* suites, const char* list)
+{
+    int       ret          = 0;
+    int       idx          = 0;
+    int       haveRSAsig   = 0;
+    int       haveECDSAsig = 0;
+    int       haveAnon     = 0;
+    const int suiteSz      = GetCipherNamesSize();
+    char*     next         = (char*)list;
+
+    if (suites == NULL || list == NULL) {
+        WOLFSSL_MSG("SetCipherList parameter error");
+        return 0;
+    }
+
+    if (next[0] == 0 || XSTRNCMP(next, "ALL", 3) == 0)
+        return 1; /* wolfSSL defualt */
+
+    do {
+        char*  current = next;
+        char   name[MAX_SUITE_NAME + 1];
+        int    i;
+        word32 length;
+
+        next   = XSTRSTR(next, ":");
+        length = min(sizeof(name), !next ? (word32)XSTRLEN(current) /* last */
+                                         : (word32)(next - current));
+
+        XSTRNCPY(name, current, length);
+        name[(length == sizeof(name)) ? length - 1 : length] = 0;
+
+        for (i = 0; i < suiteSz; i++) {
+            if (XSTRNCMP(name, cipher_names[i], sizeof(name)) == 0) {
+                suites->suites[idx++] = (XSTRSTR(name, "CHACHA")) ? CHACHA_BYTE
+                                      : (XSTRSTR(name, "EC"))     ? ECC_BYTE
+                                      : (XSTRSTR(name, "CCM"))    ? ECC_BYTE
+                                      : 0x00; /* normal */
+
+                suites->suites[idx++] = (byte)cipher_name_idx[i];
+
+                /* The suites are either ECDSA, RSA, PSK, or Anon. The RSA
+                 * suites don't necessarily have RSA in the name. */
+                if ((haveECDSAsig == 0) && XSTRSTR(name, "ECDSA"))
+                    haveECDSAsig = 1;
+                else if (XSTRSTR(name, "ADH"))
+                    haveAnon = 1;
+                else if ((haveRSAsig == 0) && (XSTRSTR(name, "PSK") == NULL))
+                    haveRSAsig = 1;
+
+                ret = 1; /* found at least one */
+                break;
+            }
+        }
+    }
+    while (next++); /* ++ needed to skip ':' */
+
+    if (ret) {
+        suites->setSuites = 1;
+        suites->suiteSz   = (word16)idx;
+        InitSuitesHashSigAlgo(suites, haveECDSAsig, haveRSAsig, haveAnon);
+    }
+
+    return ret;
+}
+
+
+static void PickHashSigAlgo(WOLFSSL* ssl,
+                             const byte* hashSigAlgo, word32 hashSigAlgoSz)
+{
+    word32 i;
+
+    ssl->suites->sigAlgo = ssl->specs.sig_algo;
+    ssl->suites->hashAlgo = sha_mac;
+
+    /* i+1 since peek a byte ahead for type */
+    for (i = 0; (i+1) < hashSigAlgoSz; i += 2) {
+        if (hashSigAlgo[i+1] == ssl->specs.sig_algo) {
+            if (hashSigAlgo[i] == sha_mac) {
+                break;
+            }
+            #ifndef NO_SHA256
+            else if (hashSigAlgo[i] == sha256_mac) {
+                ssl->suites->hashAlgo = sha256_mac;
+                break;
+            }
+            #endif
+            #ifdef WOLFSSL_SHA384
+            else if (hashSigAlgo[i] == sha384_mac) {
+                ssl->suites->hashAlgo = sha384_mac;
+                break;
+            }
+            #endif
+        }
+    }
+}
+
+
+#ifdef WOLFSSL_CALLBACKS
+
+    /* Initialisze HandShakeInfo */
+    void InitHandShakeInfo(HandShakeInfo* info)
+    {
+        int i;
+
+        info->cipherName[0] = 0;
+        for (i = 0; i < MAX_PACKETS_HANDSHAKE; i++)
+            info->packetNames[i][0] = 0;
+        info->numberPackets = 0;
+        info->negotiationError = 0;
+    }
+
+    /* Set Final HandShakeInfo parameters */
+    void FinishHandShakeInfo(HandShakeInfo* info, const WOLFSSL* ssl)
+    {
+        int i;
+        int sz = sizeof(cipher_name_idx)/sizeof(int);
+
+        for (i = 0; i < sz; i++)
+            if (ssl->options.cipherSuite == (byte)cipher_name_idx[i]) {
+                if (ssl->options.cipherSuite0 == ECC_BYTE)
+                    continue;   /* ECC suites at end */
+                XSTRNCPY(info->cipherName, cipher_names[i], MAX_CIPHERNAME_SZ);
+                break;
+            }
+
+        /* error max and min are negative numbers */
+        if (ssl->error <= MIN_PARAM_ERR && ssl->error >= MAX_PARAM_ERR)
+            info->negotiationError = ssl->error;
+    }
+
+
+    /* Add name to info packet names, increase packet name count */
+    void AddPacketName(const char* name, HandShakeInfo* info)
+    {
+        if (info->numberPackets < MAX_PACKETS_HANDSHAKE) {
+            XSTRNCPY(info->packetNames[info->numberPackets++], name,
+                    MAX_PACKETNAME_SZ);
+        }
+    }
+
+
+    /* Initialisze TimeoutInfo */
+    void InitTimeoutInfo(TimeoutInfo* info)
+    {
+        int i;
+
+        info->timeoutName[0] = 0;
+        info->flags          = 0;
+
+        for (i = 0; i < MAX_PACKETS_HANDSHAKE; i++) {
+            info->packets[i].packetName[0]     = 0;
+            info->packets[i].timestamp.tv_sec  = 0;
+            info->packets[i].timestamp.tv_usec = 0;
+            info->packets[i].bufferValue       = 0;
+            info->packets[i].valueSz           = 0;
+        }
+        info->numberPackets        = 0;
+        info->timeoutValue.tv_sec  = 0;
+        info->timeoutValue.tv_usec = 0;
+    }
+
+
+    /* Free TimeoutInfo */
+    void FreeTimeoutInfo(TimeoutInfo* info, void* heap)
+    {
+        int i;
+        (void)heap;
+        for (i = 0; i < MAX_PACKETS_HANDSHAKE; i++)
+            if (info->packets[i].bufferValue) {
+                XFREE(info->packets[i].bufferValue, heap, DYNAMIC_TYPE_INFO);
+                info->packets[i].bufferValue = 0;
+            }
+
+    }
+
+
+    /* Add PacketInfo to TimeoutInfo */
+    void AddPacketInfo(const char* name, TimeoutInfo* info, const byte* data,
+                       int sz, void* heap)
+    {
+        if (info->numberPackets < (MAX_PACKETS_HANDSHAKE - 1)) {
+            Timeval currTime;
+
+            /* may add name after */
+            if (name)
+                XSTRNCPY(info->packets[info->numberPackets].packetName, name,
+                        MAX_PACKETNAME_SZ);
+
+            /* add data, put in buffer if bigger than static buffer */
+            info->packets[info->numberPackets].valueSz = sz;
+            if (sz < MAX_VALUE_SZ)
+                XMEMCPY(info->packets[info->numberPackets].value, data, sz);
+            else {
+                info->packets[info->numberPackets].bufferValue =
+                           XMALLOC(sz, heap, DYNAMIC_TYPE_INFO);
+                if (!info->packets[info->numberPackets].bufferValue)
+                    /* let next alloc catch, just don't fill, not fatal here  */
+                    info->packets[info->numberPackets].valueSz = 0;
+                else
+                    XMEMCPY(info->packets[info->numberPackets].bufferValue,
+                           data, sz);
+            }
+            gettimeofday(&currTime, 0);
+            info->packets[info->numberPackets].timestamp.tv_sec  =
+                                                             currTime.tv_sec;
+            info->packets[info->numberPackets].timestamp.tv_usec =
+                                                             currTime.tv_usec;
+            info->numberPackets++;
+        }
+    }
+
+
+    /* Add packet name to previsouly added packet info */
+    void AddLateName(const char* name, TimeoutInfo* info)
+    {
+        /* make sure we have a valid previous one */
+        if (info->numberPackets > 0 && info->numberPackets <
+                                                        MAX_PACKETS_HANDSHAKE) {
+            XSTRNCPY(info->packets[info->numberPackets - 1].packetName, name,
+                    MAX_PACKETNAME_SZ);
+        }
+    }
+
+    /* Add record header to previsouly added packet info */
+    void AddLateRecordHeader(const RecordLayerHeader* rl, TimeoutInfo* info)
+    {
+        /* make sure we have a valid previous one */
+        if (info->numberPackets > 0 && info->numberPackets <
+                                                        MAX_PACKETS_HANDSHAKE) {
+            if (info->packets[info->numberPackets - 1].bufferValue)
+                XMEMCPY(info->packets[info->numberPackets - 1].bufferValue, rl,
+                       RECORD_HEADER_SZ);
+            else
+                XMEMCPY(info->packets[info->numberPackets - 1].value, rl,
+                       RECORD_HEADER_SZ);
+        }
+    }
+
+#endif /* WOLFSSL_CALLBACKS */
+
+
+
+/* client only parts */
+#ifndef NO_WOLFSSL_CLIENT
+
+    int SendClientHello(WOLFSSL* ssl)
+    {
+        byte              *output;
+        word32             length, idx = RECORD_HEADER_SZ + HANDSHAKE_HEADER_SZ;
+        int                sendSz;
+        int                idSz = ssl->options.resuming
+                                ? ssl->session.sessionIDSz
+                                : 0;
+        int                ret;
+
+        if (ssl->suites == NULL) {
+            WOLFSSL_MSG("Bad suites pointer in SendClientHello");
+            return SUITES_ERROR;
+        }
+
+#ifdef HAVE_SESSION_TICKET
+        if (ssl->options.resuming && ssl->session.ticketLen > 0) {
+            SessionTicket* ticket;
+
+            ticket = TLSX_SessionTicket_Create(0,
+                                   ssl->session.ticket, ssl->session.ticketLen);
+            if (ticket == NULL) return MEMORY_E;
+
+            ret = TLSX_UseSessionTicket(&ssl->extensions, ticket);
+            if (ret != SSL_SUCCESS) return ret;
+
+            idSz = 0;
+        }
+#endif
+
+        length = VERSION_SZ + RAN_LEN
+               + idSz + ENUM_LEN
+               + ssl->suites->suiteSz + SUITE_LEN
+               + COMP_LEN + ENUM_LEN;
+
+#ifdef HAVE_TLS_EXTENSIONS
+        length += TLSX_GetRequestSize(ssl);
+#else
+        if (IsAtLeastTLSv1_2(ssl) && ssl->suites->hashSigAlgoSz) {
+            length += ssl->suites->hashSigAlgoSz + HELLO_EXT_SZ;
+        }
+#endif
+        sendSz = length + HANDSHAKE_HEADER_SZ + RECORD_HEADER_SZ;
+
+#ifdef WOLFSSL_DTLS
+        if (ssl->options.dtls) {
+            length += ENUM_LEN;   /* cookie */
+            if (ssl->arrays->cookieSz != 0) length += ssl->arrays->cookieSz;
+            sendSz  = length + DTLS_HANDSHAKE_HEADER_SZ + DTLS_RECORD_HEADER_SZ;
+            idx    += DTLS_HANDSHAKE_EXTRA + DTLS_RECORD_EXTRA;
+        }
+#endif
+
+        if (ssl->keys.encryptionOn)
+            sendSz += MAX_MSG_EXTRA;
+
+        /* check for available size */
+        if ((ret = CheckAvailableSize(ssl, sendSz)) != 0)
+            return ret;
+
+        /* get ouput buffer */
+        output = ssl->buffers.outputBuffer.buffer +
+                 ssl->buffers.outputBuffer.length;
+
+        AddHeaders(output, length, client_hello, ssl);
+
+            /* client hello, first version */
+        output[idx++] = ssl->version.major;
+        output[idx++] = ssl->version.minor;
+        ssl->chVersion = ssl->version;  /* store in case changed */
+
+            /* then random */
+        if (ssl->options.connectState == CONNECT_BEGIN) {
+            ret = wc_RNG_GenerateBlock(ssl->rng, output + idx, RAN_LEN);
+            if (ret != 0)
+                return ret;
+
+                /* store random */
+            XMEMCPY(ssl->arrays->clientRandom, output + idx, RAN_LEN);
+        } else {
+#ifdef WOLFSSL_DTLS
+                /* send same random on hello again */
+            XMEMCPY(output + idx, ssl->arrays->clientRandom, RAN_LEN);
+#endif
+        }
+        idx += RAN_LEN;
+
+            /* then session id */
+        output[idx++] = (byte)idSz;
+        if (idSz) {
+            XMEMCPY(output + idx, ssl->session.sessionID,
+                                                      ssl->session.sessionIDSz);
+            idx += ssl->session.sessionIDSz;
+        }
+
+            /* then DTLS cookie */
+#ifdef WOLFSSL_DTLS
+        if (ssl->options.dtls) {
+            byte cookieSz = ssl->arrays->cookieSz;
+
+            output[idx++] = cookieSz;
+            if (cookieSz) {
+                XMEMCPY(&output[idx], ssl->arrays->cookie, cookieSz);
+                idx += cookieSz;
+            }
+        }
+#endif
+            /* then cipher suites */
+        c16toa(ssl->suites->suiteSz, output + idx);
+        idx += 2;
+        XMEMCPY(output + idx, &ssl->suites->suites, ssl->suites->suiteSz);
+        idx += ssl->suites->suiteSz;
+
+            /* last, compression */
+        output[idx++] = COMP_LEN;
+        if (ssl->options.usingCompression)
+            output[idx++] = ZLIB_COMPRESSION;
+        else
+            output[idx++] = NO_COMPRESSION;
+
+#ifdef HAVE_TLS_EXTENSIONS
+        idx += TLSX_WriteRequest(ssl, output + idx);
+
+        (void)idx; /* suppress analyzer warning, keep idx current */
+#else
+        if (IsAtLeastTLSv1_2(ssl) && ssl->suites->hashSigAlgoSz)
+        {
+            int i;
+            /* add in the extensions length */
+            c16toa(HELLO_EXT_LEN + ssl->suites->hashSigAlgoSz, output + idx);
+            idx += 2;
+
+            c16toa(HELLO_EXT_SIG_ALGO, output + idx);
+            idx += 2;
+            c16toa(HELLO_EXT_SIGALGO_SZ+ssl->suites->hashSigAlgoSz, output+idx);
+            idx += 2;
+            c16toa(ssl->suites->hashSigAlgoSz, output + idx);
+            idx += 2;
+            for (i = 0; i < ssl->suites->hashSigAlgoSz; i++, idx++) {
+                output[idx] = ssl->suites->hashSigAlgo[i];
+            }
+        }
+#endif
+
+        if (ssl->keys.encryptionOn) {
+            byte* input;
+            int   inputSz = idx - RECORD_HEADER_SZ; /* build msg adds rec hdr */
+
+            input = (byte*)XMALLOC(inputSz, ssl->heap, DYNAMIC_TYPE_TMP_BUFFER);
+            if (input == NULL)
+                return MEMORY_E;
+
+            XMEMCPY(input, output + RECORD_HEADER_SZ, inputSz);
+            sendSz = BuildMessage(ssl, output, sendSz, input,inputSz,handshake);
+            XFREE(input, ssl->heap, DYNAMIC_TYPE_TMP_BUFFER);
+
+            if (sendSz < 0)
+                return sendSz;
+        } else {
+            ret = HashOutput(ssl, output, sendSz, 0);
+            if (ret != 0)
+                return ret;
+        }
+
+        #ifdef WOLFSSL_DTLS
+            if (ssl->options.dtls) {
+                if ((ret = DtlsPoolSave(ssl, output, sendSz)) != 0)
+                    return ret;
+            }
+        #endif
+
+        ssl->options.clientState = CLIENT_HELLO_COMPLETE;
+
+#ifdef WOLFSSL_CALLBACKS
+        if (ssl->hsInfoOn) AddPacketName("ClientHello", &ssl->handShakeInfo);
+        if (ssl->toInfoOn)
+            AddPacketInfo("ClientHello", &ssl->timeoutInfo, output, sendSz,
+                          ssl->heap);
+#endif
+
+        ssl->buffers.outputBuffer.length += sendSz;
+
+        return SendBuffered(ssl);
+    }
+
+
+    static int DoHelloVerifyRequest(WOLFSSL* ssl, const byte* input,
+                                    word32* inOutIdx, word32 size)
+    {
+        ProtocolVersion pv;
+        byte            cookieSz;
+        word32          begin = *inOutIdx;
+
+#ifdef WOLFSSL_CALLBACKS
+        if (ssl->hsInfoOn) AddPacketName("HelloVerifyRequest",
+                                         &ssl->handShakeInfo);
+        if (ssl->toInfoOn) AddLateName("HelloVerifyRequest", &ssl->timeoutInfo);
+#endif
+
+#ifdef WOLFSSL_DTLS
+        if (ssl->options.dtls) {
+            DtlsPoolReset(ssl);
+        }
+#endif
+
+        if ((*inOutIdx - begin) + OPAQUE16_LEN + OPAQUE8_LEN > size)
+            return BUFFER_ERROR;
+
+        XMEMCPY(&pv, input + *inOutIdx, OPAQUE16_LEN);
+        *inOutIdx += OPAQUE16_LEN;
+
+        cookieSz = input[(*inOutIdx)++];
+
+        if (cookieSz) {
+            if ((*inOutIdx - begin) + cookieSz > size)
+                return BUFFER_ERROR;
+
+#ifdef WOLFSSL_DTLS
+            if (cookieSz <= MAX_COOKIE_LEN) {
+                XMEMCPY(ssl->arrays->cookie, input + *inOutIdx, cookieSz);
+                ssl->arrays->cookieSz = cookieSz;
+            }
+#endif
+            *inOutIdx += cookieSz;
+        }
+
+        ssl->options.serverState = SERVER_HELLOVERIFYREQUEST_COMPLETE;
+        return 0;
+    }
+
+
+    static INLINE int DSH_CheckSessionId(WOLFSSL* ssl)
+    {
+        int ret = 0;
+
+#ifdef HAVE_SECRET_CALLBACK
+        /* If a session secret callback exists, we are using that
+         * key instead of the saved session key. */
+        ret = ret || (ssl->sessionSecretCb != NULL);
+#endif
+
+#ifdef HAVE_SESSION_TICKET
+        ret = ret ||
+              (!ssl->expect_session_ticket && ssl->session.ticketLen > 0);
+#endif
+
+        ret = ret ||
+              (ssl->options.haveSessionId && XMEMCMP(ssl->arrays->sessionID,
+                                          ssl->session.sessionID, ID_LEN) == 0);
+
+        return ret;
+    }
+
+    static int DoServerHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
+                             word32 helloSz)
+    {
+        byte            cs0;   /* cipher suite bytes 0, 1 */
+        byte            cs1;
+        ProtocolVersion pv;
+        byte            compression;
+        word32          i = *inOutIdx;
+        word32          begin = i;
+
+#ifdef WOLFSSL_CALLBACKS
+        if (ssl->hsInfoOn) AddPacketName("ServerHello", &ssl->handShakeInfo);
+        if (ssl->toInfoOn) AddLateName("ServerHello", &ssl->timeoutInfo);
+#endif
+
+        /* protocol version, random and session id length check */
+        if (OPAQUE16_LEN + RAN_LEN + OPAQUE8_LEN > helloSz)
+            return BUFFER_ERROR;
+
+        /* protocol version */
+        XMEMCPY(&pv, input + i, OPAQUE16_LEN);
+        i += OPAQUE16_LEN;
+
+        if (pv.minor > ssl->version.minor) {
+            WOLFSSL_MSG("Server using higher version, fatal error");
+            return VERSION_ERROR;
+        }
+        else if (pv.minor < ssl->version.minor) {
+            WOLFSSL_MSG("server using lower version");
+
+            if (!ssl->options.downgrade) {
+                WOLFSSL_MSG("    no downgrade allowed, fatal error");
+                return VERSION_ERROR;
+            }
+            if (pv.minor < ssl->options.minDowngrade) {
+                WOLFSSL_MSG("    version below minimum allowed, fatal error");
+                return VERSION_ERROR;
+            }
+
+            #ifdef HAVE_SECURE_RENEGOTIATION
+                if (ssl->secure_renegotiation &&
+                                         ssl->secure_renegotiation->enabled &&
+                                         ssl->options.handShakeDone) {
+                    WOLFSSL_MSG("Server changed version during scr");
+                    return VERSION_ERROR;
+                }
+            #endif
+
+            if (pv.minor == SSLv3_MINOR) {
+                /* turn off tls */
+                WOLFSSL_MSG("    downgrading to SSLv3");
+                ssl->options.tls    = 0;
+                ssl->options.tls1_1 = 0;
+                ssl->version.minor  = SSLv3_MINOR;
+            }
+            else if (pv.minor == TLSv1_MINOR) {
+                /* turn off tls 1.1+ */
+                WOLFSSL_MSG("    downgrading to TLSv1");
+                ssl->options.tls1_1 = 0;
+                ssl->version.minor  = TLSv1_MINOR;
+            }
+            else if (pv.minor == TLSv1_1_MINOR) {
+                WOLFSSL_MSG("    downgrading to TLSv1.1");
+                ssl->version.minor  = TLSv1_1_MINOR;
+            }
+        }
+
+        /* random */
+        XMEMCPY(ssl->arrays->serverRandom, input + i, RAN_LEN);
+        i += RAN_LEN;
+
+        /* session id */
+        ssl->arrays->sessionIDSz = input[i++];
+
+        if (ssl->arrays->sessionIDSz > ID_LEN) {
+            WOLFSSL_MSG("Invalid session ID size");
+            ssl->arrays->sessionIDSz = 0;
+            return BUFFER_ERROR;
+        }
+        else if (ssl->arrays->sessionIDSz) {
+            if ((i - begin) + ssl->arrays->sessionIDSz > helloSz)
+                return BUFFER_ERROR;
+
+            XMEMCPY(ssl->arrays->sessionID, input + i,
+                                                      ssl->arrays->sessionIDSz);
+            i += ssl->arrays->sessionIDSz;
+            ssl->options.haveSessionId = 1;
+        }
+
+
+        /* suite and compression */
+        if ((i - begin) + OPAQUE16_LEN + OPAQUE8_LEN > helloSz)
+            return BUFFER_ERROR;
+
+        cs0 = input[i++];
+        cs1 = input[i++];
+
+#ifdef HAVE_SECURE_RENEGOTIATION
+        if (ssl->secure_renegotiation && ssl->secure_renegotiation->enabled &&
+                                         ssl->options.handShakeDone) {
+            if (ssl->options.cipherSuite0 != cs0 ||
+                ssl->options.cipherSuite  != cs1) {
+                WOLFSSL_MSG("Server changed cipher suite during scr");
+                return MATCH_SUITE_ERROR;
+            }
+        }
+#endif
+
+        ssl->options.cipherSuite0 = cs0;
+        ssl->options.cipherSuite  = cs1;
+        compression = input[i++];
+
+        if (compression != ZLIB_COMPRESSION && ssl->options.usingCompression) {
+            WOLFSSL_MSG("Server refused compression, turning off");
+            ssl->options.usingCompression = 0;  /* turn off if server refused */
+        }
+
+        *inOutIdx = i;
+
+        /* tls extensions */
+        if ( (i - begin) < helloSz) {
+#ifdef HAVE_TLS_EXTENSIONS
+            if (TLSX_SupportExtensions(ssl)) {
+                int    ret = 0;
+                word16 totalExtSz;
+
+                if ((i - begin) + OPAQUE16_LEN > helloSz)
+                    return BUFFER_ERROR;
+
+                ato16(&input[i], &totalExtSz);
+                i += OPAQUE16_LEN;
+
+                if ((i - begin) + totalExtSz > helloSz)
+                    return BUFFER_ERROR;
+
+                if ((ret = TLSX_Parse(ssl, (byte *) input + i,
+                                                          totalExtSz, 0, NULL)))
+                    return ret;
+
+                i += totalExtSz;
+                *inOutIdx = i;
+            }
+            else
+#endif
+                *inOutIdx = begin + helloSz; /* skip extensions */
+        }
+
+        ssl->options.serverState = SERVER_HELLO_COMPLETE;
+
+        if (ssl->keys.encryptionOn) {
+            *inOutIdx += ssl->keys.padSz;
+        }
+
+#ifdef HAVE_SECRET_CALLBACK
+        if (ssl->sessionSecretCb != NULL) {
+            int secretSz = SECRET_LEN, ret;
+            ret = ssl->sessionSecretCb(ssl, ssl->session.masterSecret,
+                                              &secretSz, ssl->sessionSecretCtx);
+            if (ret != 0 || secretSz != SECRET_LEN)
+                return SESSION_SECRET_CB_E;
+        }
+#endif /* HAVE_SECRET_CALLBACK */
+
+        if (ssl->options.resuming) {
+            if (DSH_CheckSessionId(ssl)) {
+                if (SetCipherSpecs(ssl) == 0) {
+                    int ret = -1;
+
+                    XMEMCPY(ssl->arrays->masterSecret,
+                            ssl->session.masterSecret, SECRET_LEN);
+                    #ifdef NO_OLD_TLS
+                        ret = DeriveTlsKeys(ssl);
+                    #else
+                        #ifndef NO_TLS
+                            if (ssl->options.tls)
+                                ret = DeriveTlsKeys(ssl);
+                        #endif
+                            if (!ssl->options.tls)
+                                ret = DeriveKeys(ssl);
+                    #endif
+                    ssl->options.serverState = SERVER_HELLODONE_COMPLETE;
+
+                    return ret;
+                }
+                else {
+                    WOLFSSL_MSG("Unsupported cipher suite, DoServerHello");
+                    return UNSUPPORTED_SUITE;
+                }
+            }
+            else {
+                WOLFSSL_MSG("Server denied resumption attempt");
+                ssl->options.resuming = 0; /* server denied resumption try */
+            }
+        }
+        #ifdef WOLFSSL_DTLS
+            if (ssl->options.dtls) {
+                DtlsPoolReset(ssl);
+            }
+        #endif
+
+        return SetCipherSpecs(ssl);
+    }
+
+
+    /* Make sure client setup is valid for this suite, true on success */
+    int VerifyClientSuite(WOLFSSL* ssl)
+    {
+        int  havePSK = 0;
+        byte first   = ssl->options.cipherSuite0;
+        byte second  = ssl->options.cipherSuite;
+
+        WOLFSSL_ENTER("VerifyClientSuite");
+
+        #ifndef NO_PSK
+            havePSK = ssl->options.havePSK;
+        #endif
+
+        if (CipherRequires(first, second, REQUIRES_PSK)) {
+            WOLFSSL_MSG("Requires PSK");
+            if (havePSK == 0) {
+                WOLFSSL_MSG("Don't have PSK");
+                return 0;
+            }
+        }
+
+        return 1;  /* success */
+    }
+
+
+#ifndef NO_CERTS
+    /* just read in and ignore for now TODO: */
+    static int DoCertificateRequest(WOLFSSL* ssl, const byte* input, word32*
+                                    inOutIdx, word32 size)
+    {
+        word16 len;
+        word32 begin = *inOutIdx;
+
+        #ifdef WOLFSSL_CALLBACKS
+            if (ssl->hsInfoOn)
+                AddPacketName("CertificateRequest", &ssl->handShakeInfo);
+            if (ssl->toInfoOn)
+                AddLateName("CertificateRequest", &ssl->timeoutInfo);
+        #endif
+
+        if ((*inOutIdx - begin) + OPAQUE8_LEN > size)
+            return BUFFER_ERROR;
+
+        len = input[(*inOutIdx)++];
+
+        if ((*inOutIdx - begin) + len > size)
+            return BUFFER_ERROR;
+
+        /* types, read in here */
+        *inOutIdx += len;
+
+        /* signature and hash signature algorithm */
+        if (IsAtLeastTLSv1_2(ssl)) {
+            if ((*inOutIdx - begin) + OPAQUE16_LEN > size)
+                return BUFFER_ERROR;
+
+            ato16(input + *inOutIdx, &len);
+            *inOutIdx += OPAQUE16_LEN;
+
+            if ((*inOutIdx - begin) + len > size)
+                return BUFFER_ERROR;
+
+            PickHashSigAlgo(ssl, input + *inOutIdx, len);
+            *inOutIdx += len;
+        }
+
+        /* authorities */
+        if ((*inOutIdx - begin) + OPAQUE16_LEN > size)
+            return BUFFER_ERROR;
+
+        ato16(input + *inOutIdx, &len);
+        *inOutIdx += OPAQUE16_LEN;
+
+        if ((*inOutIdx - begin) + len > size)
+            return BUFFER_ERROR;
+
+        while (len) {
+            word16 dnSz;
+
+            if ((*inOutIdx - begin) + OPAQUE16_LEN > size)
+                return BUFFER_ERROR;
+
+            ato16(input + *inOutIdx, &dnSz);
+            *inOutIdx += OPAQUE16_LEN;
+
+            if ((*inOutIdx - begin) + dnSz > size)
+                return BUFFER_ERROR;
+
+            *inOutIdx += dnSz;
+            len -= OPAQUE16_LEN + dnSz;
+        }
+
+        /* don't send client cert or cert verify if user hasn't provided
+           cert and private key */
+        if (ssl->buffers.certificate.buffer && ssl->buffers.key.buffer)
+            ssl->options.sendVerify = SEND_CERT;
+        else if (IsTLS(ssl))
+            ssl->options.sendVerify = SEND_BLANK_CERT;
+
+        if (ssl->keys.encryptionOn)
+            *inOutIdx += ssl->keys.padSz;
+
+        return 0;
+    }
+#endif /* !NO_CERTS */
+
+
+    static int DoServerKeyExchange(WOLFSSL* ssl, const byte* input,
+                                   word32* inOutIdx, word32 size)
+    {
+        word16 length = 0;
+        word32 begin  = *inOutIdx;
+        int    ret    = 0;
+        #define ERROR_OUT(err, eLabel) do { ret = err; goto eLabel; } while(0)
+
+        (void)length; /* shut up compiler warnings */
+        (void)begin;
+        (void)ssl;
+        (void)input;
+        (void)size;
+        (void)ret;
+
+    #ifdef WOLFSSL_CALLBACKS
+        if (ssl->hsInfoOn)
+            AddPacketName("ServerKeyExchange", &ssl->handShakeInfo);
+        if (ssl->toInfoOn)
+            AddLateName("ServerKeyExchange", &ssl->timeoutInfo);
+    #endif
+
+    #ifndef NO_PSK
+        if (ssl->specs.kea == psk_kea) {
+
+            if ((*inOutIdx - begin) + OPAQUE16_LEN > size)
+                return BUFFER_ERROR;
+
+            ato16(input + *inOutIdx, &length);
+            *inOutIdx += OPAQUE16_LEN;
+
+            if ((*inOutIdx - begin) + length > size)
+                return BUFFER_ERROR;
+
+            XMEMCPY(ssl->arrays->server_hint, input + *inOutIdx,
+                   min(length, MAX_PSK_ID_LEN));
+
+            ssl->arrays->server_hint[min(length, MAX_PSK_ID_LEN - 1)] = 0;
+            *inOutIdx += length;
+
+            return 0;
+        }
+    #endif
+    #ifndef NO_DH
+        if (ssl->specs.kea == diffie_hellman_kea)
+        {
+        /* p */
+        if ((*inOutIdx - begin) + OPAQUE16_LEN > size)
+            return BUFFER_ERROR;
+
+        ato16(input + *inOutIdx, &length);
+        *inOutIdx += OPAQUE16_LEN;
+
+        if ((*inOutIdx - begin) + length > size)
+            return BUFFER_ERROR;
+
+        ssl->buffers.serverDH_P.buffer = (byte*) XMALLOC(length, ssl->heap,
+                                                         DYNAMIC_TYPE_DH);
+
+        if (ssl->buffers.serverDH_P.buffer)
+            ssl->buffers.serverDH_P.length = length;
+        else
+            return MEMORY_ERROR;
+
+        XMEMCPY(ssl->buffers.serverDH_P.buffer, input + *inOutIdx, length);
+        *inOutIdx += length;
+
+        /* g */
+        if ((*inOutIdx - begin) + OPAQUE16_LEN > size)
+            return BUFFER_ERROR;
+
+        ato16(input + *inOutIdx, &length);
+        *inOutIdx += OPAQUE16_LEN;
+
+        if ((*inOutIdx - begin) + length > size)
+            return BUFFER_ERROR;
+
+        ssl->buffers.serverDH_G.buffer = (byte*) XMALLOC(length, ssl->heap,
+                                                         DYNAMIC_TYPE_DH);
+
+        if (ssl->buffers.serverDH_G.buffer)
+            ssl->buffers.serverDH_G.length = length;
+        else
+            return MEMORY_ERROR;
+
+        XMEMCPY(ssl->buffers.serverDH_G.buffer, input + *inOutIdx, length);
+        *inOutIdx += length;
+
+        /* pub */
+        if ((*inOutIdx - begin) + OPAQUE16_LEN > size)
+            return BUFFER_ERROR;
+
+        ato16(input + *inOutIdx, &length);
+        *inOutIdx += OPAQUE16_LEN;
+
+        if ((*inOutIdx - begin) + length > size)
+            return BUFFER_ERROR;
+
+        ssl->buffers.serverDH_Pub.buffer = (byte*) XMALLOC(length, ssl->heap,
+                                                           DYNAMIC_TYPE_DH);
+
+        if (ssl->buffers.serverDH_Pub.buffer)
+            ssl->buffers.serverDH_Pub.length = length;
+        else
+            return MEMORY_ERROR;
+
+        XMEMCPY(ssl->buffers.serverDH_Pub.buffer, input + *inOutIdx, length);
+        *inOutIdx += length;
+        }  /* dh_kea */
+    #endif /* NO_DH */
+
+    #ifdef HAVE_ECC
+        if (ssl->specs.kea == ecc_diffie_hellman_kea)
+        {
+        byte b;
+
+        if ((*inOutIdx - begin) + ENUM_LEN + OPAQUE16_LEN + OPAQUE8_LEN > size)
+            return BUFFER_ERROR;
+
+        b = input[(*inOutIdx)++];
+
+        if (b != named_curve)
+            return ECC_CURVETYPE_ERROR;
+
+        *inOutIdx += 1;   /* curve type, eat leading 0 */
+        b = input[(*inOutIdx)++];
+
+        if (b != secp256r1 && b != secp384r1 && b != secp521r1 && b !=
+                 secp160r1 && b != secp192r1 && b != secp224r1)
+            return ECC_CURVE_ERROR;
+
+        length = input[(*inOutIdx)++];
+
+        if ((*inOutIdx - begin) + length > size)
+            return BUFFER_ERROR;
+
+        if (ssl->peerEccKeyPresent) {  /* don't leak on reuse */
+            wc_ecc_free(ssl->peerEccKey);
+            ssl->peerEccKeyPresent = 0;
+            wc_ecc_init(ssl->peerEccKey);
+        }
+
+        if (wc_ecc_import_x963(input + *inOutIdx, length, ssl->peerEccKey) != 0)
+            return ECC_PEERKEY_ERROR;
+
+        *inOutIdx += length;
+        ssl->peerEccKeyPresent = 1;
+        }
+    #endif /* HAVE_ECC */
+
+    #if !defined(NO_DH) && !defined(NO_PSK)
+    if (ssl->specs.kea == dhe_psk_kea) {
+        if ((*inOutIdx - begin) + OPAQUE16_LEN > size)
+            return BUFFER_ERROR;
+
+        ato16(input + *inOutIdx, &length);
+        *inOutIdx += OPAQUE16_LEN;
+
+        if ((*inOutIdx - begin) + length > size)
+            return BUFFER_ERROR;
+
+        XMEMCPY(ssl->arrays->server_hint, input + *inOutIdx,
+               min(length, MAX_PSK_ID_LEN));
+
+        ssl->arrays->server_hint[min(length, MAX_PSK_ID_LEN - 1)] = 0;
+        *inOutIdx += length;
+
+        /* p */
+        if ((*inOutIdx - begin) + OPAQUE16_LEN > size)
+            return BUFFER_ERROR;
+
+        ato16(input + *inOutIdx, &length);
+        *inOutIdx += OPAQUE16_LEN;
+
+        if ((*inOutIdx - begin) + length > size)
+            return BUFFER_ERROR;
+
+        ssl->buffers.serverDH_P.buffer = (byte*) XMALLOC(length, ssl->heap,
+                                                         DYNAMIC_TYPE_DH);
+
+        if (ssl->buffers.serverDH_P.buffer)
+            ssl->buffers.serverDH_P.length = length;
+        else
+            return MEMORY_ERROR;
+
+        XMEMCPY(ssl->buffers.serverDH_P.buffer, input + *inOutIdx, length);
+        *inOutIdx += length;
+
+        /* g */
+        if ((*inOutIdx - begin) + OPAQUE16_LEN > size)
+            return BUFFER_ERROR;
+
+        ato16(input + *inOutIdx, &length);
+        *inOutIdx += OPAQUE16_LEN;
+
+        if ((*inOutIdx - begin) + length > size)
+            return BUFFER_ERROR;
+
+        ssl->buffers.serverDH_G.buffer = (byte*) XMALLOC(length, ssl->heap,
+                                                         DYNAMIC_TYPE_DH);
+
+        if (ssl->buffers.serverDH_G.buffer)
+            ssl->buffers.serverDH_G.length = length;
+        else
+            return MEMORY_ERROR;
+
+        XMEMCPY(ssl->buffers.serverDH_G.buffer, input + *inOutIdx, length);
+        *inOutIdx += length;
+
+        /* pub */
+        if ((*inOutIdx - begin) + OPAQUE16_LEN > size)
+            return BUFFER_ERROR;
+
+        ato16(input + *inOutIdx, &length);
+        *inOutIdx += OPAQUE16_LEN;
+
+        if ((*inOutIdx - begin) + length > size)
+            return BUFFER_ERROR;
+
+        ssl->buffers.serverDH_Pub.buffer = (byte*) XMALLOC(length, ssl->heap,
+                                                           DYNAMIC_TYPE_DH);
+
+        if (ssl->buffers.serverDH_Pub.buffer)
+            ssl->buffers.serverDH_Pub.length = length;
+        else
+            return MEMORY_ERROR;
+
+        XMEMCPY(ssl->buffers.serverDH_Pub.buffer, input + *inOutIdx, length);
+        *inOutIdx += length;
+    }
+    #endif /* !NO_DH || !NO_PSK */
+
+    #if !defined(NO_DH) || defined(HAVE_ECC)
+    if (!ssl->options.usingAnon_cipher &&
+        (ssl->specs.kea == ecc_diffie_hellman_kea ||
+         ssl->specs.kea == diffie_hellman_kea))
+    {
+#ifndef NO_OLD_TLS
+#ifdef WOLFSSL_SMALL_STACK
+        Md5*    md5 = NULL;
+        Sha*    sha = NULL;
+#else
+        Md5     md5[1];
+        Sha     sha[1];
+#endif
+#endif
+#ifndef NO_SHA256
+#ifdef WOLFSSL_SMALL_STACK
+        Sha256* sha256  = NULL;
+        byte*   hash256 = NULL;
+#else
+        Sha256  sha256[1];
+        byte    hash256[SHA256_DIGEST_SIZE];
+#endif
+#endif
+#ifdef WOLFSSL_SHA384
+#ifdef WOLFSSL_SMALL_STACK
+        Sha384* sha384  = NULL;
+        byte*   hash384 = NULL;
+#else
+        Sha384  sha384[1];
+        byte    hash384[SHA384_DIGEST_SIZE];
+#endif
+#endif
+#ifdef WOLFSSL_SMALL_STACK
+        byte*   hash          = NULL;
+        byte*   messageVerify = NULL;
+#else
+        byte    hash[FINISHED_SZ];
+        byte    messageVerify[MAX_DH_SZ];
+#endif
+        byte    hashAlgo = sha_mac;
+        byte    sigAlgo  = ssl->specs.sig_algo;
+        word16  verifySz = (word16) (*inOutIdx - begin);
+
+        /* save message for hash verify */
+        if (verifySz > MAX_DH_SZ)
+            ERROR_OUT(BUFFER_ERROR, done);
+
+    #ifdef WOLFSSL_SMALL_STACK
+        messageVerify = (byte*)XMALLOC(MAX_DH_SZ, NULL,
+                                                       DYNAMIC_TYPE_TMP_BUFFER);
+        if (messageVerify == NULL)
+            ERROR_OUT(MEMORY_E, done);
+    #endif
+
+        XMEMCPY(messageVerify, input + begin, verifySz);
+
+        if (IsAtLeastTLSv1_2(ssl)) {
+            if ((*inOutIdx - begin) + ENUM_LEN + ENUM_LEN > size)
+                ERROR_OUT(BUFFER_ERROR, done);
+
+            hashAlgo = input[(*inOutIdx)++];
+            sigAlgo  = input[(*inOutIdx)++];
+        }
+
+        /* signature */
+        if ((*inOutIdx - begin) + OPAQUE16_LEN > size)
+            ERROR_OUT(BUFFER_ERROR, done);
+
+        ato16(input + *inOutIdx, &length);
+        *inOutIdx += OPAQUE16_LEN;
+
+        if ((*inOutIdx - begin) + length > size)
+            ERROR_OUT(BUFFER_ERROR, done);
+
+        /* inOutIdx updated at the end of the function */
+
+        /* verify signature */
+    #ifdef WOLFSSL_SMALL_STACK
+        hash = (byte*)XMALLOC(FINISHED_SZ, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        if (hash == NULL)
+            ERROR_OUT(MEMORY_E, done);
+    #endif
+
+#ifndef NO_OLD_TLS
+        /* md5 */
+    #ifdef WOLFSSL_SMALL_STACK
+        md5 = (Md5*)XMALLOC(sizeof(Md5), NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        if (md5 == NULL)
+            ERROR_OUT(MEMORY_E, done);
+    #endif
+        wc_InitMd5(md5);
+        wc_Md5Update(md5, ssl->arrays->clientRandom, RAN_LEN);
+        wc_Md5Update(md5, ssl->arrays->serverRandom, RAN_LEN);
+        wc_Md5Update(md5, messageVerify, verifySz);
+        wc_Md5Final(md5, hash);
+
+        /* sha */
+    #ifdef WOLFSSL_SMALL_STACK
+        sha = (Sha*)XMALLOC(sizeof(Sha), NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        if (sha == NULL)
+            ERROR_OUT(MEMORY_E, done);
+    #endif
+        ret = wc_InitSha(sha);
+        if (ret != 0)
+            goto done;
+        wc_ShaUpdate(sha, ssl->arrays->clientRandom, RAN_LEN);
+        wc_ShaUpdate(sha, ssl->arrays->serverRandom, RAN_LEN);
+        wc_ShaUpdate(sha, messageVerify, verifySz);
+        wc_ShaFinal(sha, hash + MD5_DIGEST_SIZE);
+#endif
+
+#ifndef NO_SHA256
+    #ifdef WOLFSSL_SMALL_STACK
+        sha256 = (Sha256*)XMALLOC(sizeof(Sha256), NULL,
+                                                       DYNAMIC_TYPE_TMP_BUFFER);
+        hash256 = (byte*)XMALLOC(SHA256_DIGEST_SIZE, NULL,
+                                                       DYNAMIC_TYPE_TMP_BUFFER);
+        if (sha256 == NULL || hash256 == NULL)
+            ERROR_OUT(MEMORY_E, done);
+    #endif
+        if (!(ret = wc_InitSha256(sha256))
+        &&  !(ret = wc_Sha256Update(sha256, ssl->arrays->clientRandom, RAN_LEN))
+        &&  !(ret = wc_Sha256Update(sha256, ssl->arrays->serverRandom, RAN_LEN))
+        &&  !(ret = wc_Sha256Update(sha256, messageVerify, verifySz)))
+              ret = wc_Sha256Final(sha256, hash256);
+        if (ret != 0)
+            goto done;
+#endif
+
+#ifdef WOLFSSL_SHA384
+    #ifdef WOLFSSL_SMALL_STACK
+        sha384 = (Sha384*)XMALLOC(sizeof(Sha384), NULL,
+                                                       DYNAMIC_TYPE_TMP_BUFFER);
+        hash384 = (byte*)XMALLOC(SHA384_DIGEST_SIZE, NULL,
+                                                       DYNAMIC_TYPE_TMP_BUFFER);
+        if (sha384 == NULL || hash384 == NULL)
+            ERROR_OUT(MEMORY_E, done);
+    #endif
+        if (!(ret = wc_InitSha384(sha384))
+        &&  !(ret = wc_Sha384Update(sha384, ssl->arrays->clientRandom, RAN_LEN))
+        &&  !(ret = wc_Sha384Update(sha384, ssl->arrays->serverRandom, RAN_LEN))
+        &&  !(ret = wc_Sha384Update(sha384, messageVerify, verifySz)))
+              ret = wc_Sha384Final(sha384, hash384);
+        if (ret != 0)
+            goto done;
+#endif
+
+#ifndef NO_RSA
+        /* rsa */
+        if (sigAlgo == rsa_sa_algo)
+        {
+            byte*  out        = NULL;
+            byte   doUserRsa  = 0;
+            word32 verifiedSz = 0;
+
+            #ifdef HAVE_PK_CALLBACKS
+                if (ssl->ctx->RsaVerifyCb)
+                    doUserRsa = 1;
+            #endif /*HAVE_PK_CALLBACKS */
+
+            if (!ssl->peerRsaKeyPresent)
+                ERROR_OUT(NO_PEER_KEY, done);
+
+            if (doUserRsa) {
+            #ifdef HAVE_PK_CALLBACKS
+                verifiedSz = ssl->ctx->RsaVerifyCb(ssl,
+                                                 (byte *)input + *inOutIdx,
+                                                 length, &out,
+                                                 ssl->buffers.peerRsaKey.buffer,
+                                                 ssl->buffers.peerRsaKey.length,
+                                                 ssl->RsaVerifyCtx);
+            #endif /*HAVE_PK_CALLBACKS */
+            }
+            else
+                verifiedSz = wc_RsaSSL_VerifyInline((byte *)input + *inOutIdx,
+                                                 length, &out, ssl->peerRsaKey);
+
+            if (IsAtLeastTLSv1_2(ssl)) {
+                word32 encSigSz;
+#ifndef NO_OLD_TLS
+                byte*  digest = &hash[MD5_DIGEST_SIZE];
+                int    typeH = SHAh;
+                int    digestSz = SHA_DIGEST_SIZE;
+#else
+                byte*  digest = hash256;
+                int    typeH =  SHA256h;
+                int    digestSz = SHA256_DIGEST_SIZE;
+#endif
+#ifdef WOLFSSL_SMALL_STACK
+                byte*  encodedSig = NULL;
+#else
+                byte   encodedSig[MAX_ENCODED_SIG_SZ];
+#endif
+
+                if (hashAlgo == sha_mac) {
+                    #ifndef NO_SHA
+                        digest   = &hash[MD5_DIGEST_SIZE];
+                        typeH    = SHAh;
+                        digestSz = SHA_DIGEST_SIZE;
+                    #endif
+                }
+                else if (hashAlgo == sha256_mac) {
+                    #ifndef NO_SHA256
+                        digest   = hash256;
+                        typeH    = SHA256h;
+                        digestSz = SHA256_DIGEST_SIZE;
+                    #endif
+                }
+                else if (hashAlgo == sha384_mac) {
+                    #ifdef WOLFSSL_SHA384
+                        digest   = hash384;
+                        typeH    = SHA384h;
+                        digestSz = SHA384_DIGEST_SIZE;
+                    #endif
+                }
+
+            #ifdef WOLFSSL_SMALL_STACK
+                encodedSig = (byte*)XMALLOC(MAX_ENCODED_SIG_SZ, NULL,
+                                                       DYNAMIC_TYPE_TMP_BUFFER);
+                if (encodedSig == NULL)
+                    ERROR_OUT(MEMORY_E, done);
+            #endif
+
+                encSigSz = wc_EncodeSignature(encodedSig, digest, digestSz, typeH);
+
+                if (encSigSz != verifiedSz || !out || XMEMCMP(out, encodedSig,
+                                        min(encSigSz, MAX_ENCODED_SIG_SZ)) != 0)
+                    ret = VERIFY_SIGN_ERROR;
+
+            #ifdef WOLFSSL_SMALL_STACK
+                XFREE(encodedSig, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+            #endif
+                if (ret != 0)
+                    goto done;
+            }
+            else if (verifiedSz != FINISHED_SZ || !out || XMEMCMP(out,
+                                                        hash, FINISHED_SZ) != 0)
+                ERROR_OUT(VERIFY_SIGN_ERROR, done);
+        } else
+#endif
+#ifdef HAVE_ECC
+        /* ecdsa */
+        if (sigAlgo == ecc_dsa_sa_algo) {
+            int verify = 0;
+#ifndef NO_OLD_TLS
+            byte* digest = &hash[MD5_DIGEST_SIZE];
+            word32 digestSz = SHA_DIGEST_SIZE;
+#else
+            byte* digest = hash256;
+            word32 digestSz = SHA256_DIGEST_SIZE;
+#endif
+            byte doUserEcc = 0;
+
+            #ifdef HAVE_PK_CALLBACKS
+                if (ssl->ctx->EccVerifyCb)
+                    doUserEcc = 1;
+            #endif
+
+            if (!ssl->peerEccDsaKeyPresent)
+                ERROR_OUT(NO_PEER_KEY, done);
+
+            if (IsAtLeastTLSv1_2(ssl)) {
+                if (hashAlgo == sha_mac) {
+                    #ifndef NO_SHA
+                        digest   = &hash[MD5_DIGEST_SIZE];
+                        digestSz = SHA_DIGEST_SIZE;
+                    #endif
+                }
+                else if (hashAlgo == sha256_mac) {
+                    #ifndef NO_SHA256
+                        digest   = hash256;
+                        digestSz = SHA256_DIGEST_SIZE;
+                    #endif
+                }
+                else if (hashAlgo == sha384_mac) {
+                    #ifdef WOLFSSL_SHA384
+                        digest   = hash384;
+                        digestSz = SHA384_DIGEST_SIZE;
+                    #endif
+                }
+            }
+            if (doUserEcc) {
+            #ifdef HAVE_PK_CALLBACKS
+                ret = ssl->ctx->EccVerifyCb(ssl, input + *inOutIdx, length,
+                                            digest, digestSz,
+                                            ssl->buffers.peerEccDsaKey.buffer,
+                                            ssl->buffers.peerEccDsaKey.length,
+                                            &verify, ssl->EccVerifyCtx);
+            #endif
+            }
+            else {
+                ret = wc_ecc_verify_hash(input + *inOutIdx, length,
+                                 digest, digestSz, &verify, ssl->peerEccDsaKey);
+            }
+            if (ret != 0 || verify == 0)
+                ERROR_OUT(VERIFY_SIGN_ERROR, done);
+        }
+        else
+#endif /* HAVE_ECC */
+            ERROR_OUT(ALGO_ID_E, done);
+
+        /* signature length */
+        *inOutIdx += length;
+
+        ssl->options.serverState = SERVER_KEYEXCHANGE_COMPLETE;
+
+    done:
+#ifdef WOLFSSL_SMALL_STACK
+    #ifndef NO_OLD_TLS
+        XFREE(md5,           NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        XFREE(sha,           NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    #endif
+    #ifndef NO_SHA256
+        XFREE(sha256,        NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        XFREE(hash256,       NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    #endif
+    #ifdef WOLFSSL_SHA384
+        XFREE(sha384,        NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        XFREE(hash384,       NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    #endif
+        XFREE(hash,          NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        XFREE(messageVerify, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+        if (ret != 0)
+            return ret;
+    }
+
+    if (ssl->keys.encryptionOn) {
+        *inOutIdx += ssl->keys.padSz;
+    }
+
+    return 0;
+#else  /* !NO_DH or HAVE_ECC */
+        return NOT_COMPILED_IN;  /* not supported by build */
+#endif /* !NO_DH or HAVE_ECC */
+
+        #undef ERROR_OUT
+    }
+
+
+    int SendClientKeyExchange(WOLFSSL* ssl)
+    {
+#ifdef WOLFSSL_SMALL_STACK
+        byte*  encSecret = NULL;
+#else
+        byte   encSecret[MAX_ENCRYPT_SZ];
+#endif
+        word32 encSz = 0;
+        word32 idx = 0;
+        int    ret = 0;
+        byte   doUserRsa = 0;
+
+        (void)doUserRsa;
+
+#ifdef HAVE_PK_CALLBACKS
+    #ifndef NO_RSA
+        if (ssl->ctx->RsaEncCb)
+            doUserRsa = 1;
+    #endif /* NO_RSA */
+#endif /*HAVE_PK_CALLBACKS */
+
+    #ifdef WOLFSSL_SMALL_STACK
+        encSecret = (byte*)XMALLOC(MAX_ENCRYPT_SZ, NULL,
+                                                       DYNAMIC_TYPE_TMP_BUFFER);
+        if (encSecret == NULL)
+            return MEMORY_E;
+    #endif
+
+        switch (ssl->specs.kea) {
+        #ifndef NO_RSA
+            case rsa_kea:
+                ret = wc_RNG_GenerateBlock(ssl->rng, ssl->arrays->preMasterSecret,
+                                                                    SECRET_LEN);
+                if (ret != 0) {
+                #ifdef WOLFSSL_SMALL_STACK
+                    XFREE(encSecret, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+                #endif
+                    return ret;
+                }
+
+                ssl->arrays->preMasterSecret[0] = ssl->chVersion.major;
+                ssl->arrays->preMasterSecret[1] = ssl->chVersion.minor;
+                ssl->arrays->preMasterSz = SECRET_LEN;
+
+                if (ssl->peerRsaKeyPresent == 0) {
+                #ifdef WOLFSSL_SMALL_STACK
+                    XFREE(encSecret, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+                #endif
+                    return NO_PEER_KEY;
+                }
+
+                if (doUserRsa) {
+                #ifdef HAVE_PK_CALLBACKS
+                    #ifndef NO_RSA
+                        encSz = MAX_ENCRYPT_SZ;
+                        ret = ssl->ctx->RsaEncCb(ssl,
+                                            ssl->arrays->preMasterSecret,
+                                            SECRET_LEN,
+                                            encSecret, &encSz,
+                                            ssl->buffers.peerRsaKey.buffer,
+                                            ssl->buffers.peerRsaKey.length,
+                                            ssl->RsaEncCtx);
+                    #endif /* NO_RSA */
+                #endif /*HAVE_PK_CALLBACKS */
+                }
+                else {
+                    ret = wc_RsaPublicEncrypt(ssl->arrays->preMasterSecret,
+                                 SECRET_LEN, encSecret, MAX_ENCRYPT_SZ,
+                                 ssl->peerRsaKey, ssl->rng);
+                    if (ret > 0) {
+                        encSz = ret;
+                        ret = 0;   /* set success to 0 */
+                    }
+                }
+                break;
+        #endif
+        #ifndef NO_DH
+            case diffie_hellman_kea:
+                {
+                    buffer  serverP   = ssl->buffers.serverDH_P;
+                    buffer  serverG   = ssl->buffers.serverDH_G;
+                    buffer  serverPub = ssl->buffers.serverDH_Pub;
+                #ifdef WOLFSSL_SMALL_STACK
+                    byte*   priv = NULL;
+                #else
+                    byte    priv[ENCRYPT_LEN];
+                #endif
+                    word32  privSz = 0;
+                    DhKey   key;
+
+                    if (serverP.buffer == 0 || serverG.buffer == 0 ||
+                                               serverPub.buffer == 0) {
+                    #ifdef WOLFSSL_SMALL_STACK
+                        XFREE(encSecret, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+                    #endif
+                        return NO_PEER_KEY;
+                    }
+
+                #ifdef WOLFSSL_SMALL_STACK
+                    priv = (byte*)XMALLOC(ENCRYPT_LEN, NULL,
+                                                       DYNAMIC_TYPE_TMP_BUFFER);
+                    if (priv == NULL) {
+                        XFREE(encSecret, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+                        return MEMORY_E;
+                    }
+                #endif
+
+                    wc_InitDhKey(&key);
+                    ret = wc_DhSetKey(&key, serverP.buffer, serverP.length,
+                                   serverG.buffer, serverG.length);
+                    if (ret == 0)
+                        /* for DH, encSecret is Yc, agree is pre-master */
+                        ret = wc_DhGenerateKeyPair(&key, ssl->rng, priv, &privSz,
+                                                encSecret, &encSz);
+                    if (ret == 0)
+                        ret = wc_DhAgree(&key, ssl->arrays->preMasterSecret,
+                                      &ssl->arrays->preMasterSz, priv, privSz,
+                                      serverPub.buffer, serverPub.length);
+                #ifdef WOLFSSL_SMALL_STACK
+                    XFREE(priv, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+                #endif
+                    wc_FreeDhKey(&key);
+                }
+                break;
+        #endif /* NO_DH */
+        #ifndef NO_PSK
+            case psk_kea:
+                {
+                    byte* pms = ssl->arrays->preMasterSecret;
+
+                    ssl->arrays->psk_keySz = ssl->options.client_psk_cb(ssl,
+                        ssl->arrays->server_hint, ssl->arrays->client_identity,
+                        MAX_PSK_ID_LEN, ssl->arrays->psk_key, MAX_PSK_KEY_LEN);
+                    if (ssl->arrays->psk_keySz == 0 ||
+                        ssl->arrays->psk_keySz > MAX_PSK_KEY_LEN) {
+                    #ifdef WOLFSSL_SMALL_STACK
+                        XFREE(encSecret, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+                    #endif
+                        return PSK_KEY_ERROR;
+                    }
+                    encSz = (word32)XSTRLEN(ssl->arrays->client_identity);
+                    if (encSz > MAX_PSK_ID_LEN) {
+                    #ifdef WOLFSSL_SMALL_STACK
+                        XFREE(encSecret, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+                    #endif
+                        return CLIENT_ID_ERROR;
+                    }
+                    XMEMCPY(encSecret, ssl->arrays->client_identity, encSz);
+
+                    /* make psk pre master secret */
+                    /* length of key + length 0s + length of key + key */
+                    c16toa((word16)ssl->arrays->psk_keySz, pms);
+                    pms += 2;
+                    XMEMSET(pms, 0, ssl->arrays->psk_keySz);
+                    pms += ssl->arrays->psk_keySz;
+                    c16toa((word16)ssl->arrays->psk_keySz, pms);
+                    pms += 2;
+                    XMEMCPY(pms, ssl->arrays->psk_key, ssl->arrays->psk_keySz);
+                    ssl->arrays->preMasterSz = ssl->arrays->psk_keySz * 2 + 4;
+                    ForceZero(ssl->arrays->psk_key, ssl->arrays->psk_keySz);
+                    ssl->arrays->psk_keySz = 0; /* No further need */
+                }
+                break;
+        #endif /* NO_PSK */
+        #if !defined(NO_DH) && !defined(NO_PSK)
+            case dhe_psk_kea:
+                {
+                    byte* pms = ssl->arrays->preMasterSecret;
+                    byte* es  = encSecret;
+                    buffer  serverP   = ssl->buffers.serverDH_P;
+                    buffer  serverG   = ssl->buffers.serverDH_G;
+                    buffer  serverPub = ssl->buffers.serverDH_Pub;
+                #ifdef WOLFSSL_SMALL_STACK
+                    byte*   priv = NULL;
+                #else
+                    byte    priv[ENCRYPT_LEN];
+                #endif
+                    word32  privSz = 0;
+                    word32  pubSz = 0;
+                    word32  esSz = 0;
+                    DhKey   key;
+
+                    if (serverP.buffer == 0 || serverG.buffer == 0 ||
+                                               serverPub.buffer == 0) {
+                    #ifdef WOLFSSL_SMALL_STACK
+                        XFREE(encSecret, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+                    #endif
+                        return NO_PEER_KEY;
+                    }
+
+                    ssl->arrays->psk_keySz = ssl->options.client_psk_cb(ssl,
+                         ssl->arrays->server_hint, ssl->arrays->client_identity,
+                         MAX_PSK_ID_LEN, ssl->arrays->psk_key, MAX_PSK_KEY_LEN);
+                    if (ssl->arrays->psk_keySz == 0 ||
+                                     ssl->arrays->psk_keySz > MAX_PSK_KEY_LEN) {
+                    #ifdef WOLFSSL_SMALL_STACK
+                        XFREE(encSecret, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+                    #endif
+                        return PSK_KEY_ERROR;
+                    }
+                    esSz = (word32)XSTRLEN(ssl->arrays->client_identity);
+
+                    if (esSz > MAX_PSK_ID_LEN) {
+                    #ifdef WOLFSSL_SMALL_STACK
+                        XFREE(encSecret, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+                    #endif
+                        return CLIENT_ID_ERROR;
+                    }
+
+                #ifdef WOLFSSL_SMALL_STACK
+                    priv = (byte*)XMALLOC(ENCRYPT_LEN, NULL,
+                                                       DYNAMIC_TYPE_TMP_BUFFER);
+                    if (priv == NULL) {
+                        XFREE(encSecret, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+                        return MEMORY_E;
+                    }
+                #endif
+                    c16toa((word16)esSz, es);
+                    es += OPAQUE16_LEN;
+                    XMEMCPY(es, ssl->arrays->client_identity, esSz);
+                    es += esSz;
+                    encSz = esSz + OPAQUE16_LEN;
+
+                    wc_InitDhKey(&key);
+                    ret = wc_DhSetKey(&key, serverP.buffer, serverP.length,
+                                   serverG.buffer, serverG.length);
+                    if (ret == 0)
+                        /* for DH, encSecret is Yc, agree is pre-master */
+                        ret = wc_DhGenerateKeyPair(&key, ssl->rng, priv, &privSz,
+                                                es + OPAQUE16_LEN, &pubSz);
+                    if (ret == 0)
+                        ret = wc_DhAgree(&key, pms + OPAQUE16_LEN,
+                                      &ssl->arrays->preMasterSz, priv, privSz,
+                                      serverPub.buffer, serverPub.length);
+                    wc_FreeDhKey(&key);
+                #ifdef WOLFSSL_SMALL_STACK
+                    XFREE(priv, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+                #endif
+                    if (ret != 0) {
+                    #ifdef WOLFSSL_SMALL_STACK
+                        XFREE(encSecret, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+                    #endif
+                        return ret;
+                    }
+
+                    c16toa((word16)pubSz, es);
+                    encSz += pubSz + OPAQUE16_LEN;
+                    c16toa((word16)ssl->arrays->preMasterSz, pms);
+                    ssl->arrays->preMasterSz += OPAQUE16_LEN;
+                    pms += ssl->arrays->preMasterSz;
+
+                    /* make psk pre master secret */
+                    /* length of key + length 0s + length of key + key */
+                    c16toa((word16)ssl->arrays->psk_keySz, pms);
+                    pms += OPAQUE16_LEN;
+                    XMEMCPY(pms, ssl->arrays->psk_key, ssl->arrays->psk_keySz);
+                    ssl->arrays->preMasterSz +=
+                                          ssl->arrays->psk_keySz + OPAQUE16_LEN;
+                    ForceZero(ssl->arrays->psk_key, ssl->arrays->psk_keySz);
+                    ssl->arrays->psk_keySz = 0; /* No further need */
+                }
+                break;
+        #endif /* !NO_DH && !NO_PSK */
+        #ifdef HAVE_NTRU
+            case ntru_kea:
+                {
+                    word32 rc;
+                    word16 cipherLen = MAX_ENCRYPT_SZ;
+                    DRBG_HANDLE drbg;
+                    static uint8_t const wolfsslStr[] = {
+                        'C', 'y', 'a', 'S', 'S', 'L', ' ', 'N', 'T', 'R', 'U'
+                    };
+
+                    ret = wc_RNG_GenerateBlock(ssl->rng,
+                                      ssl->arrays->preMasterSecret, SECRET_LEN);
+                    if (ret != 0) {
+                    #ifdef WOLFSSL_SMALL_STACK
+                        XFREE(encSecret, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+                    #endif
+                        return ret;
+                    }
+
+                    ssl->arrays->preMasterSz = SECRET_LEN;
+
+                    if (ssl->peerNtruKeyPresent == 0) {
+                    #ifdef WOLFSSL_SMALL_STACK
+                        XFREE(encSecret, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+                    #endif
+                        return NO_PEER_KEY;
+                    }
+
+                    rc = ntru_crypto_drbg_instantiate(MAX_NTRU_BITS, wolfsslStr,
+                                                 sizeof(wolfsslStr), GetEntropy,
+                                                 &drbg);
+                    if (rc != DRBG_OK) {
+                    #ifdef WOLFSSL_SMALL_STACK
+                        XFREE(encSecret, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+                    #endif
+                        return NTRU_DRBG_ERROR;
+                    }
+
+                    rc = ntru_crypto_ntru_encrypt(drbg, ssl->peerNtruKeyLen,
+                                                  ssl->peerNtruKey,
+                                                  ssl->arrays->preMasterSz,
+                                                  ssl->arrays->preMasterSecret,
+                                                  &cipherLen, encSecret);
+                    ntru_crypto_drbg_uninstantiate(drbg);
+                    if (rc != NTRU_OK) {
+                    #ifdef WOLFSSL_SMALL_STACK
+                        XFREE(encSecret, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+                    #endif
+                        return NTRU_ENCRYPT_ERROR;
+                    }
+
+                    encSz = cipherLen;
+                    ret = 0;
+                }
+                break;
+        #endif /* HAVE_NTRU */
+        #ifdef HAVE_ECC
+            case ecc_diffie_hellman_kea:
+                {
+                    ecc_key  myKey;
+                    ecc_key* peerKey = NULL;
+                    word32   size = MAX_ENCRYPT_SZ;
+
+                    if (ssl->specs.static_ecdh) {
+                        /* TODO: EccDsa is really fixed Ecc change naming */
+                        if (!ssl->peerEccDsaKeyPresent ||
+                                                      !ssl->peerEccDsaKey->dp) {
+                        #ifdef WOLFSSL_SMALL_STACK
+                            XFREE(encSecret, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+                        #endif
+                            return NO_PEER_KEY;
+                        }
+                        peerKey = ssl->peerEccDsaKey;
+                    }
+                    else {
+                        if (!ssl->peerEccKeyPresent || !ssl->peerEccKey->dp) {
+                        #ifdef WOLFSSL_SMALL_STACK
+                            XFREE(encSecret, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+                        #endif
+                            return NO_PEER_KEY;
+                        }
+                        peerKey = ssl->peerEccKey;
+                    }
+
+                    if (peerKey == NULL) {
+                    #ifdef WOLFSSL_SMALL_STACK
+                        XFREE(encSecret, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+                    #endif
+                        return NO_PEER_KEY;
+                    }
+
+                    wc_ecc_init(&myKey);
+                    ret = wc_ecc_make_key(ssl->rng, peerKey->dp->size, &myKey);
+                    if (ret != 0) {
+                    #ifdef WOLFSSL_SMALL_STACK
+                        XFREE(encSecret, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+                    #endif
+                        return ECC_MAKEKEY_ERROR;
+                    }
+
+                    /* precede export with 1 byte length */
+                    ret = wc_ecc_export_x963(&myKey, encSecret + 1, &size);
+                    encSecret[0] = (byte)size;
+                    encSz = size + 1;
+
+                    if (ret != 0)
+                        ret = ECC_EXPORT_ERROR;
+                    else {
+                        size = sizeof(ssl->arrays->preMasterSecret);
+                        ret  = wc_ecc_shared_secret(&myKey, peerKey,
+                                                 ssl->arrays->preMasterSecret, &size);
+                        if (ret != 0)
+                            ret = ECC_SHARED_ERROR;
+                    }
+
+                    ssl->arrays->preMasterSz = size;
+                    wc_ecc_free(&myKey);
+                }
+                break;
+        #endif /* HAVE_ECC */
+            default:
+            #ifdef WOLFSSL_SMALL_STACK
+                XFREE(encSecret, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+            #endif
+                return ALGO_ID_E; /* unsupported kea */
+        }
+
+        if (ret == 0) {
+            byte              *output;
+            int                sendSz;
+            word32             tlsSz = 0;
+
+            if (ssl->options.tls || ssl->specs.kea == diffie_hellman_kea)
+                tlsSz = 2;
+
+            if (ssl->specs.kea == ecc_diffie_hellman_kea ||
+                ssl->specs.kea == dhe_psk_kea)  /* always off */
+                tlsSz = 0;
+
+            sendSz = encSz + tlsSz + HANDSHAKE_HEADER_SZ + RECORD_HEADER_SZ;
+            idx    = HANDSHAKE_HEADER_SZ + RECORD_HEADER_SZ;
+
+            #ifdef WOLFSSL_DTLS
+                if (ssl->options.dtls) {
+                    sendSz += DTLS_HANDSHAKE_EXTRA + DTLS_RECORD_EXTRA;
+                    idx    += DTLS_HANDSHAKE_EXTRA + DTLS_RECORD_EXTRA;
+                }
+            #endif
+
+            if (ssl->keys.encryptionOn)
+                sendSz += MAX_MSG_EXTRA;
+
+            /* check for available size */
+            if ((ret = CheckAvailableSize(ssl, sendSz)) != 0) {
+            #ifdef WOLFSSL_SMALL_STACK
+                XFREE(encSecret, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+            #endif
+                return ret;
+            }
+
+            /* get ouput buffer */
+            output = ssl->buffers.outputBuffer.buffer +
+                     ssl->buffers.outputBuffer.length;
+
+            AddHeaders(output, encSz + tlsSz, client_key_exchange, ssl);
+
+            if (tlsSz) {
+                c16toa((word16)encSz, &output[idx]);
+                idx += 2;
+            }
+            XMEMCPY(output + idx, encSecret, encSz);
+            idx += encSz;
+
+            if (ssl->keys.encryptionOn) {
+                byte* input;
+                int   inputSz = idx-RECORD_HEADER_SZ; /* buildmsg adds rechdr */
+
+                input = (byte*)XMALLOC(inputSz, ssl->heap,
+                                       DYNAMIC_TYPE_TMP_BUFFER);
+                if (input == NULL) {
+                #ifdef WOLFSSL_SMALL_STACK
+                    XFREE(encSecret, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+                #endif
+                    return MEMORY_E;
+                }
+
+                XMEMCPY(input, output + RECORD_HEADER_SZ, inputSz);
+                sendSz = BuildMessage(ssl, output, sendSz, input, inputSz,
+                                      handshake);
+                XFREE(input, ssl->heap, DYNAMIC_TYPE_TMP_BUFFER);
+                if (sendSz < 0) {
+                #ifdef WOLFSSL_SMALL_STACK
+                    XFREE(encSecret, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+                #endif
+                    return sendSz;
+                }
+            } else {
+                ret = HashOutput(ssl, output, sendSz, 0);
+                if (ret != 0) {
+                #ifdef WOLFSSL_SMALL_STACK
+                    XFREE(encSecret, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+                #endif
+                    return ret;
+                }
+            }
+
+            #ifdef WOLFSSL_DTLS
+                if (ssl->options.dtls) {
+                    if ((ret = DtlsPoolSave(ssl, output, sendSz)) != 0) {
+                    #ifdef WOLFSSL_SMALL_STACK
+                        XFREE(encSecret, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+                    #endif
+                        return ret;
+                    }
+                }
+            #endif
+
+            #ifdef WOLFSSL_CALLBACKS
+                if (ssl->hsInfoOn)
+                    AddPacketName("ClientKeyExchange", &ssl->handShakeInfo);
+                if (ssl->toInfoOn)
+                    AddPacketInfo("ClientKeyExchange", &ssl->timeoutInfo,
+                                  output, sendSz, ssl->heap);
+            #endif
+
+            ssl->buffers.outputBuffer.length += sendSz;
+
+            if (ssl->options.groupMessages)
+                ret = 0;
+            else
+                ret = SendBuffered(ssl);
+        }
+
+    #ifdef WOLFSSL_SMALL_STACK
+        XFREE(encSecret, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    #endif
+
+        if (ret == 0 || ret == WANT_WRITE) {
+            int tmpRet = MakeMasterSecret(ssl);
+            if (tmpRet != 0)
+                ret = tmpRet;   /* save WANT_WRITE unless more serious */
+            ssl->options.clientState = CLIENT_KEYEXCHANGE_COMPLETE;
+        }
+        /* No further need for PMS */
+        ForceZero(ssl->arrays->preMasterSecret, ssl->arrays->preMasterSz);
+        ssl->arrays->preMasterSz = 0;
+
+        return ret;
+    }
+
+#ifndef NO_CERTS
+    int SendCertificateVerify(WOLFSSL* ssl)
+    {
+        byte              *output;
+        int                sendSz = MAX_CERT_VERIFY_SZ, length, ret;
+        word32             idx = 0;
+        word32             sigOutSz = 0;
+#ifndef NO_RSA
+        RsaKey             key;
+        int                initRsaKey = 0;
+#endif
+        int                usingEcc = 0;
+#ifdef HAVE_ECC
+        ecc_key            eccKey;
+#endif
+
+        (void)idx;
+
+        if (ssl->options.sendVerify == SEND_BLANK_CERT)
+            return 0;  /* sent blank cert, can't verify */
+
+        if (ssl->keys.encryptionOn)
+            sendSz += MAX_MSG_EXTRA;
+
+        /* check for available size */
+        if ((ret = CheckAvailableSize(ssl, sendSz)) != 0)
+            return ret;
+
+        /* get ouput buffer */
+        output = ssl->buffers.outputBuffer.buffer +
+                 ssl->buffers.outputBuffer.length;
+
+        ret = BuildCertHashes(ssl, &ssl->certHashes);
+        if (ret != 0)
+            return ret;
+
+#ifdef HAVE_ECC
+        wc_ecc_init(&eccKey);
+#endif
+#ifndef NO_RSA
+        ret = wc_InitRsaKey(&key, ssl->heap);
+        if (ret == 0) initRsaKey = 1;
+        if (ret == 0)
+            ret = wc_RsaPrivateKeyDecode(ssl->buffers.key.buffer, &idx, &key,
+                                      ssl->buffers.key.length);
+        if (ret == 0)
+            sigOutSz = wc_RsaEncryptSize(&key);
+        else
+#endif
+        {
+    #ifdef HAVE_ECC
+            WOLFSSL_MSG("Trying ECC client cert, RSA didn't work");
+
+            idx = 0;
+            ret = wc_EccPrivateKeyDecode(ssl->buffers.key.buffer, &idx, &eccKey,
+                                      ssl->buffers.key.length);
+            if (ret == 0) {
+                WOLFSSL_MSG("Using ECC client cert");
+                usingEcc = 1;
+                sigOutSz = MAX_ENCODED_SIG_SZ;
+            }
+            else {
+                WOLFSSL_MSG("Bad client cert type");
+            }
+    #endif
+        }
+        if (ret == 0) {
+            byte*  verify = (byte*)&output[RECORD_HEADER_SZ +
+                                           HANDSHAKE_HEADER_SZ];
+#ifndef NO_OLD_TLS
+            byte*  signBuffer = ssl->certHashes.md5;
+#else
+            byte*  signBuffer = NULL;
+#endif
+            word32 signSz = FINISHED_SZ;
+            word32 extraSz = 0;  /* tls 1.2 hash/sig */
+#ifdef WOLFSSL_SMALL_STACK
+            byte*  encodedSig = NULL;
+#else
+            byte   encodedSig[MAX_ENCODED_SIG_SZ];
+#endif
+
+#ifdef WOLFSSL_SMALL_STACK
+            encodedSig = (byte*)XMALLOC(MAX_ENCODED_SIG_SZ, NULL,
+                                                       DYNAMIC_TYPE_TMP_BUFFER);
+            if (encodedSig == NULL) {
+            #ifndef NO_RSA
+                if (initRsaKey)
+                    wc_FreeRsaKey(&key);
+            #endif
+            #ifdef HAVE_ECC
+                wc_ecc_free(&eccKey);
+            #endif
+                return MEMORY_E;
+            }
+#endif
+
+            (void)encodedSig;
+            (void)signSz;
+            (void)signBuffer;
+
+            #ifdef WOLFSSL_DTLS
+                if (ssl->options.dtls)
+                    verify += DTLS_RECORD_EXTRA + DTLS_HANDSHAKE_EXTRA;
+            #endif
+            length = sigOutSz;
+            if (IsAtLeastTLSv1_2(ssl)) {
+                verify[0] = ssl->suites->hashAlgo;
+                verify[1] = usingEcc ? ecc_dsa_sa_algo : rsa_sa_algo;
+                extraSz = HASH_SIG_SIZE;
+            }
+
+            if (usingEcc) {
+#ifdef HAVE_ECC
+                word32 localSz = MAX_ENCODED_SIG_SZ;
+                word32 digestSz;
+                byte*  digest;
+                byte   doUserEcc = 0;
+#ifndef NO_OLD_TLS
+                /* old tls default */
+                digestSz = SHA_DIGEST_SIZE;
+                digest   = ssl->certHashes.sha;
+#else
+                /* new tls default */
+                digestSz = SHA256_DIGEST_SIZE;
+                digest   = ssl->certHashes.sha256;
+#endif
+
+                #ifdef HAVE_PK_CALLBACKS
+                    #ifdef HAVE_ECC
+                        if (ssl->ctx->EccSignCb)
+                            doUserEcc = 1;
+                    #endif /* HAVE_ECC */
+                #endif /*HAVE_PK_CALLBACKS */
+
+                if (IsAtLeastTLSv1_2(ssl)) {
+                    if (ssl->suites->hashAlgo == sha_mac) {
+                        #ifndef NO_SHA
+                            digest = ssl->certHashes.sha;
+                            digestSz = SHA_DIGEST_SIZE;
+                        #endif
+                    }
+                    else if (ssl->suites->hashAlgo == sha256_mac) {
+                        #ifndef NO_SHA256
+                            digest = ssl->certHashes.sha256;
+                            digestSz = SHA256_DIGEST_SIZE;
+                        #endif
+                    }
+                    else if (ssl->suites->hashAlgo == sha384_mac) {
+                        #ifdef WOLFSSL_SHA384
+                            digest = ssl->certHashes.sha384;
+                            digestSz = SHA384_DIGEST_SIZE;
+                        #endif
+                    }
+                }
+
+                if (doUserEcc) {
+                #ifdef HAVE_PK_CALLBACKS
+                    #ifdef HAVE_ECC
+                        ret = ssl->ctx->EccSignCb(ssl, digest, digestSz,
+                                        encodedSig, &localSz,
+                                        ssl->buffers.key.buffer,
+                                        ssl->buffers.key.length,
+                                        ssl->EccSignCtx);
+                    #endif /* HAVE_ECC */
+                #endif /*HAVE_PK_CALLBACKS */
+                }
+                else {
+                    ret = wc_ecc_sign_hash(digest, digestSz, encodedSig,
+                                        &localSz, ssl->rng, &eccKey);
+                }
+                if (ret == 0) {
+                    length = localSz;
+                    c16toa((word16)length, verify + extraSz); /* prepend hdr */
+                    XMEMCPY(verify + extraSz + VERIFY_HEADER,encodedSig,length);
+                }
+#endif
+            }
+#ifndef NO_RSA
+            else {
+                byte doUserRsa = 0;
+
+                #ifdef HAVE_PK_CALLBACKS
+                    if (ssl->ctx->RsaSignCb)
+                        doUserRsa = 1;
+                #endif /*HAVE_PK_CALLBACKS */
+
+                if (IsAtLeastTLSv1_2(ssl)) {
+                    byte* digest;
+                    int   digestSz;
+                    int   typeH;
+                    int   didSet = 0;
+
+                    if (ssl->suites->hashAlgo == sha_mac) {
+                        #ifndef NO_SHA
+                            digest   = ssl->certHashes.sha;
+                            typeH    = SHAh;
+                            digestSz = SHA_DIGEST_SIZE;
+                            didSet   = 1;
+                        #endif
+                    }
+                    else if (ssl->suites->hashAlgo == sha256_mac) {
+                        #ifndef NO_SHA256
+                            digest   = ssl->certHashes.sha256;
+                            typeH    = SHA256h;
+                            digestSz = SHA256_DIGEST_SIZE;
+                            didSet   = 1;
+                        #endif
+                    }
+                    else if (ssl->suites->hashAlgo == sha384_mac) {
+                        #ifdef WOLFSSL_SHA384
+                            digest   = ssl->certHashes.sha384;
+                            typeH    = SHA384h;
+                            digestSz = SHA384_DIGEST_SIZE;
+                            didSet   = 1;
+                        #endif
+                    }
+
+                    if (didSet == 0) {
+                        /* defaults */
+                        #ifndef NO_OLD_TLS
+                            digest = ssl->certHashes.sha;
+                            digestSz = SHA_DIGEST_SIZE;
+                            typeH = SHAh;
+                        #else
+                            digest = ssl->certHashes.sha256;
+                            digestSz = SHA256_DIGEST_SIZE;
+                            typeH = SHA256h;
+                        #endif
+                    }
+
+                    signSz = wc_EncodeSignature(encodedSig, digest,digestSz,typeH);
+                    signBuffer = encodedSig;
+                }
+
+                c16toa((word16)length, verify + extraSz); /* prepend hdr */
+                if (doUserRsa) {
+                #ifdef HAVE_PK_CALLBACKS
+                    #ifndef NO_RSA
+                        word32 ioLen = ENCRYPT_LEN;
+                        ret = ssl->ctx->RsaSignCb(ssl, signBuffer, signSz,
+                                            verify + extraSz + VERIFY_HEADER,
+                                            &ioLen,
+                                            ssl->buffers.key.buffer,
+                                            ssl->buffers.key.length,
+                                            ssl->RsaSignCtx);
+                    #endif /* NO_RSA */
+                #endif /*HAVE_PK_CALLBACKS */
+                }
+                else {
+                    ret = wc_RsaSSL_Sign(signBuffer, signSz, verify + extraSz +
+                                  VERIFY_HEADER, ENCRYPT_LEN, &key, ssl->rng);
+                }
+
+                if (ret > 0)
+                    ret = 0;  /* RSA reset */
+            }
+#endif
+#ifdef WOLFSSL_SMALL_STACK
+            XFREE(encodedSig, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+
+            if (ret == 0) {
+                AddHeaders(output, length + extraSz + VERIFY_HEADER,
+                           certificate_verify, ssl);
+
+                sendSz = RECORD_HEADER_SZ + HANDSHAKE_HEADER_SZ + length +
+                         extraSz + VERIFY_HEADER;
+
+                #ifdef WOLFSSL_DTLS
+                    if (ssl->options.dtls) {
+                        sendSz += DTLS_RECORD_EXTRA + DTLS_HANDSHAKE_EXTRA;
+                    }
+                #endif
+
+                if (ssl->keys.encryptionOn) {
+                    byte* input;
+                    int   inputSz = sendSz - RECORD_HEADER_SZ;
+                                    /* build msg adds rec hdr */
+                    input = (byte*)XMALLOC(inputSz, ssl->heap,
+                                           DYNAMIC_TYPE_TMP_BUFFER);
+                    if (input == NULL)
+                        ret = MEMORY_E;
+                    else {
+                        XMEMCPY(input, output + RECORD_HEADER_SZ, inputSz);
+                        sendSz = BuildMessage(ssl, output,
+                                              MAX_CERT_VERIFY_SZ +MAX_MSG_EXTRA,
+                                              input, inputSz, handshake);
+                        XFREE(input, ssl->heap, DYNAMIC_TYPE_TMP_BUFFER);
+
+                        if (sendSz < 0)
+                            ret = sendSz;
+                    }
+                } else {
+                    ret = HashOutput(ssl, output, sendSz, 0);
+                }
+
+                #ifdef WOLFSSL_DTLS
+                    if (ssl->options.dtls) {
+                        if ((ret = DtlsPoolSave(ssl, output, sendSz)) != 0)
+                            return ret;
+                    }
+                #endif
+            }
+        }
+#ifndef NO_RSA
+        if (initRsaKey)
+            wc_FreeRsaKey(&key);
+#endif
+#ifdef HAVE_ECC
+        wc_ecc_free(&eccKey);
+#endif
+
+        if (ret == 0) {
+            #ifdef WOLFSSL_CALLBACKS
+                if (ssl->hsInfoOn)
+                    AddPacketName("CertificateVerify", &ssl->handShakeInfo);
+                if (ssl->toInfoOn)
+                    AddPacketInfo("CertificateVerify", &ssl->timeoutInfo,
+                                  output, sendSz, ssl->heap);
+            #endif
+            ssl->buffers.outputBuffer.length += sendSz;
+            if (ssl->options.groupMessages)
+                return 0;
+            else
+                return SendBuffered(ssl);
+        }
+        else
+            return ret;
+    }
+#endif /* NO_CERTS */
+
+#ifdef HAVE_SESSION_TICKET
+int DoSessionTicket(WOLFSSL* ssl,
+                               const byte* input, word32* inOutIdx, word32 size)
+{
+    word32 begin = *inOutIdx;
+    word32 lifetime;
+    word16 length;
+
+    if (ssl->expect_session_ticket == 0) {
+        WOLFSSL_MSG("Unexpected session ticket");
+        return SESSION_TICKET_EXPECT_E;
+    }
+
+    if ((*inOutIdx - begin) + OPAQUE32_LEN > size)
+        return BUFFER_ERROR;
+
+    ato32(input + *inOutIdx, &lifetime);
+    *inOutIdx += OPAQUE32_LEN;
+
+    if ((*inOutIdx - begin) + OPAQUE16_LEN > size)
+        return BUFFER_ERROR;
+
+    ato16(input + *inOutIdx, &length);
+    *inOutIdx += OPAQUE16_LEN;
+
+    if (length > sizeof(ssl->session.ticket))
+        return SESSION_TICKET_LEN_E;
+
+    if ((*inOutIdx - begin) + length > size)
+        return BUFFER_ERROR;
+
+    /* If the received ticket including its length is greater than
+     * a length value, the save it. Otherwise, don't save it. */
+    if (length > 0) {
+        XMEMCPY(ssl->session.ticket, input + *inOutIdx, length);
+        *inOutIdx += length;
+        ssl->session.ticketLen = length;
+        ssl->timeout = lifetime;
+        if (ssl->session_ticket_cb != NULL) {
+            ssl->session_ticket_cb(ssl,
+                                   ssl->session.ticket, ssl->session.ticketLen,
+                                   ssl->session_ticket_ctx);
+        }
+        /* Create a fake sessionID based on the ticket, this will
+         * supercede the existing session cache info. */
+        ssl->options.haveSessionId = 1;
+        XMEMCPY(ssl->arrays->sessionID,
+                                 ssl->session.ticket + length - ID_LEN, ID_LEN);
+#ifndef NO_SESSION_CACHE
+        AddSession(ssl);
+#endif
+
+    }
+    else {
+        ssl->session.ticketLen = 0;
+    }
+
+    if (ssl->keys.encryptionOn) {
+        *inOutIdx += ssl->keys.padSz;
+    }
+
+    ssl->expect_session_ticket = 0;
+
+    return BuildFinished(ssl, &ssl->verifyHashes, server);
+}
+#endif /* HAVE_SESSION_TICKET */
+
+#endif /* NO_WOLFSSL_CLIENT */
+
+
+#ifndef NO_WOLFSSL_SERVER
+
+    int SendServerHello(WOLFSSL* ssl)
+    {
+        byte              *output;
+        word32             length, idx = RECORD_HEADER_SZ + HANDSHAKE_HEADER_SZ;
+        int                sendSz;
+        int                ret;
+
+        length = VERSION_SZ + RAN_LEN
+               + ID_LEN + ENUM_LEN
+               + SUITE_LEN
+               + ENUM_LEN;
+
+#ifdef HAVE_TLS_EXTENSIONS
+        length += TLSX_GetResponseSize(ssl);
+#endif
+
+        /* check for avalaible size */
+        if ((ret = CheckAvailableSize(ssl, MAX_HELLO_SZ)) != 0)
+            return ret;
+
+        /* get ouput buffer */
+        output = ssl->buffers.outputBuffer.buffer +
+                 ssl->buffers.outputBuffer.length;
+
+        sendSz = length + HANDSHAKE_HEADER_SZ + RECORD_HEADER_SZ;
+        AddHeaders(output, length, server_hello, ssl);
+
+        #ifdef WOLFSSL_DTLS
+            if (ssl->options.dtls) {
+                idx    += DTLS_RECORD_EXTRA + DTLS_HANDSHAKE_EXTRA;
+                sendSz += DTLS_RECORD_EXTRA + DTLS_HANDSHAKE_EXTRA;
+            }
+        #endif
+        /* now write to output */
+            /* first version */
+        output[idx++] = ssl->version.major;
+        output[idx++] = ssl->version.minor;
+
+            /* then random */
+        if (!ssl->options.resuming) {
+            ret = wc_RNG_GenerateBlock(ssl->rng, ssl->arrays->serverRandom,
+                                                                       RAN_LEN);
+            if (ret != 0)
+                return ret;
+        }
+
+        XMEMCPY(output + idx, ssl->arrays->serverRandom, RAN_LEN);
+        idx += RAN_LEN;
+
+#ifdef SHOW_SECRETS
+        {
+            int j;
+            printf("server random: ");
+            for (j = 0; j < RAN_LEN; j++)
+                printf("%02x", ssl->arrays->serverRandom[j]);
+            printf("\n");
+        }
+#endif
+            /* then session id */
+        output[idx++] = ID_LEN;
+
+        if (!ssl->options.resuming) {
+            ret = wc_RNG_GenerateBlock(ssl->rng, ssl->arrays->sessionID, ID_LEN);
+            if (ret != 0)
+                return ret;
+        }
+
+        XMEMCPY(output + idx, ssl->arrays->sessionID, ID_LEN);
+        idx += ID_LEN;
+
+            /* then cipher suite */
+        output[idx++] = ssl->options.cipherSuite0;
+        output[idx++] = ssl->options.cipherSuite;
+
+            /* then compression */
+        if (ssl->options.usingCompression)
+            output[idx++] = ZLIB_COMPRESSION;
+        else
+            output[idx++] = NO_COMPRESSION;
+
+            /* last, extensions */
+#ifdef HAVE_TLS_EXTENSIONS
+        TLSX_WriteResponse(ssl, output + idx);
+#endif
+
+        ssl->buffers.outputBuffer.length += sendSz;
+        #ifdef WOLFSSL_DTLS
+            if (ssl->options.dtls) {
+                if ((ret = DtlsPoolSave(ssl, output, sendSz)) != 0)
+                    return ret;
+            }
+        #endif
+
+        ret = HashOutput(ssl, output, sendSz, 0);
+        if (ret != 0)
+            return ret;
+
+        #ifdef WOLFSSL_CALLBACKS
+            if (ssl->hsInfoOn)
+                AddPacketName("ServerHello", &ssl->handShakeInfo);
+            if (ssl->toInfoOn)
+                AddPacketInfo("ServerHello", &ssl->timeoutInfo, output, sendSz,
+                              ssl->heap);
+        #endif
+
+        ssl->options.serverState = SERVER_HELLO_COMPLETE;
+
+        if (ssl->options.groupMessages)
+            return 0;
+        else
+            return SendBuffered(ssl);
+    }
+
+
+#ifdef HAVE_ECC
+
+    static byte SetCurveId(int size)
+    {
+        switch(size) {
+            case 20:
+                return secp160r1;
+            case 24:
+                return secp192r1;
+            case 28:
+                return secp224r1;
+            case 32:
+                return secp256r1;
+            case 48:
+                return secp384r1;
+            case 66:
+                return secp521r1;
+            default:
+                return 0;
+        }
+    }
+
+#endif /* HAVE_ECC */
+
+
+    int SendServerKeyExchange(WOLFSSL* ssl)
+    {
+        int ret = 0;
+        (void)ssl;
+        #define ERROR_OUT(err, eLabel) do { ret = err; goto eLabel; } while(0)
+
+    #ifndef NO_PSK
+        if (ssl->specs.kea == psk_kea)
+        {
+            byte    *output;
+            word32   length, idx = RECORD_HEADER_SZ + HANDSHAKE_HEADER_SZ;
+            int      sendSz;
+            if (ssl->arrays->server_hint[0] == 0) return 0; /* don't send */
+
+            /* include size part */
+            length = (word32)XSTRLEN(ssl->arrays->server_hint);
+            if (length > MAX_PSK_ID_LEN)
+                return SERVER_HINT_ERROR;
+
+            length += HINT_LEN_SZ;
+            sendSz = length + HANDSHAKE_HEADER_SZ + RECORD_HEADER_SZ;
+
+        #ifdef WOLFSSL_DTLS
+            if (ssl->options.dtls) {
+                sendSz += DTLS_RECORD_EXTRA + DTLS_HANDSHAKE_EXTRA;
+                idx    += DTLS_RECORD_EXTRA + DTLS_HANDSHAKE_EXTRA;
+            }
+        #endif
+            /* check for available size */
+            if ((ret = CheckAvailableSize(ssl, sendSz)) != 0)
+               return ret;
+
+            /* get ouput buffer */
+            output = ssl->buffers.outputBuffer.buffer +
+                     ssl->buffers.outputBuffer.length;
+
+            AddHeaders(output, length, server_key_exchange, ssl);
+
+            /* key data */
+            c16toa((word16)(length - HINT_LEN_SZ), output + idx);
+            idx += HINT_LEN_SZ;
+            XMEMCPY(output + idx, ssl->arrays->server_hint,length -HINT_LEN_SZ);
+
+        #ifdef WOLFSSL_DTLS
+            if (ssl->options.dtls)
+                if ((ret = DtlsPoolSave(ssl, output, sendSz)) != 0)
+                    return ret;
+        #endif
+
+            ret = HashOutput(ssl, output, sendSz, 0);
+            if (ret != 0)
+                return ret;
+
+        #ifdef WOLFSSL_CALLBACKS
+            if (ssl->hsInfoOn)
+                AddPacketName("ServerKeyExchange", &ssl->handShakeInfo);
+            if (ssl->toInfoOn)
+                AddPacketInfo("ServerKeyExchange", &ssl->timeoutInfo, output,
+                                                             sendSz, ssl->heap);
+        #endif
+
+            ssl->buffers.outputBuffer.length += sendSz;
+            if (ssl->options.groupMessages)
+                ret = 0;
+            else
+                ret = SendBuffered(ssl);
+            ssl->options.serverState = SERVER_KEYEXCHANGE_COMPLETE;
+        }
+    #endif /*NO_PSK */
+
+    #if !defined(NO_DH) && !defined(NO_PSK)
+        if (ssl->specs.kea == dhe_psk_kea) {
+            byte    *output;
+            word32   length, idx = RECORD_HEADER_SZ + HANDSHAKE_HEADER_SZ;
+            word32   hintLen;
+            int      sendSz;
+            DhKey    dhKey;
+
+            if (ssl->buffers.serverDH_P.buffer == NULL ||
+                ssl->buffers.serverDH_G.buffer == NULL)
+                return NO_DH_PARAMS;
+
+            if (ssl->buffers.serverDH_Pub.buffer == NULL) {
+                ssl->buffers.serverDH_Pub.buffer = (byte*)XMALLOC(
+                        ssl->buffers.serverDH_P.length + 2, ssl->ctx->heap,
+                        DYNAMIC_TYPE_DH);
+                if (ssl->buffers.serverDH_Pub.buffer == NULL)
+                    return MEMORY_E;
+            }
+
+            if (ssl->buffers.serverDH_Priv.buffer == NULL) {
+                ssl->buffers.serverDH_Priv.buffer = (byte*)XMALLOC(
+                        ssl->buffers.serverDH_P.length + 2, ssl->ctx->heap,
+                        DYNAMIC_TYPE_DH);
+                if (ssl->buffers.serverDH_Priv.buffer == NULL)
+                    return MEMORY_E;
+            }
+
+            wc_InitDhKey(&dhKey);
+            ret = wc_DhSetKey(&dhKey, ssl->buffers.serverDH_P.buffer,
+                                   ssl->buffers.serverDH_P.length,
+                                   ssl->buffers.serverDH_G.buffer,
+                                   ssl->buffers.serverDH_G.length);
+            if (ret == 0)
+                ret = wc_DhGenerateKeyPair(&dhKey, ssl->rng,
+                                         ssl->buffers.serverDH_Priv.buffer,
+                                        &ssl->buffers.serverDH_Priv.length,
+                                         ssl->buffers.serverDH_Pub.buffer,
+                                        &ssl->buffers.serverDH_Pub.length);
+            wc_FreeDhKey(&dhKey);
+            if (ret != 0)
+                return ret;
+
+            length = LENGTH_SZ * 3 + /* p, g, pub */
+                     ssl->buffers.serverDH_P.length +
+                     ssl->buffers.serverDH_G.length +
+                     ssl->buffers.serverDH_Pub.length;
+
+            /* include size part */
+            hintLen = (word32)XSTRLEN(ssl->arrays->server_hint);
+            if (hintLen > MAX_PSK_ID_LEN)
+                return SERVER_HINT_ERROR;
+            length += hintLen + HINT_LEN_SZ;
+            sendSz = length + HANDSHAKE_HEADER_SZ + RECORD_HEADER_SZ;
+
+        #ifdef WOLFSSL_DTLS
+            if (ssl->options.dtls) {
+                sendSz += DTLS_RECORD_EXTRA + DTLS_HANDSHAKE_EXTRA;
+                idx    += DTLS_RECORD_EXTRA + DTLS_HANDSHAKE_EXTRA;
+            }
+        #endif
+
+            /* check for available size */
+            if ((ret = CheckAvailableSize(ssl, sendSz)) != 0)
+               return ret;
+
+            /* get ouput buffer */
+            output = ssl->buffers.outputBuffer.buffer +
+                     ssl->buffers.outputBuffer.length;
+
+            AddHeaders(output, length, server_key_exchange, ssl);
+
+            /* key data */
+            c16toa((word16)hintLen, output + idx);
+            idx += HINT_LEN_SZ;
+            XMEMCPY(output + idx, ssl->arrays->server_hint, hintLen);
+            idx += hintLen;
+
+            /* add p, g, pub */
+            c16toa((word16)ssl->buffers.serverDH_P.length, output + idx);
+            idx += LENGTH_SZ;
+            XMEMCPY(output + idx, ssl->buffers.serverDH_P.buffer,
+                                  ssl->buffers.serverDH_P.length);
+            idx += ssl->buffers.serverDH_P.length;
+
+            /*  g */
+            c16toa((word16)ssl->buffers.serverDH_G.length, output + idx);
+            idx += LENGTH_SZ;
+            XMEMCPY(output + idx, ssl->buffers.serverDH_G.buffer,
+                                  ssl->buffers.serverDH_G.length);
+            idx += ssl->buffers.serverDH_G.length;
+
+            /*  pub */
+            c16toa((word16)ssl->buffers.serverDH_Pub.length, output + idx);
+            idx += LENGTH_SZ;
+            XMEMCPY(output + idx, ssl->buffers.serverDH_Pub.buffer,
+                                  ssl->buffers.serverDH_Pub.length);
+            idx += ssl->buffers.serverDH_Pub.length;
+            (void)idx; /* suppress analyzer warning, and keep idx current */
+
+        #ifdef WOLFSSL_DTLS
+            if (ssl->options.dtls)
+                if ((ret = DtlsPoolSave(ssl, output, sendSz)) != 0)
+                    return ret;
+        #endif
+
+            ret = HashOutput(ssl, output, sendSz, 0);
+
+            if (ret != 0)
+                return ret;
+
+        #ifdef WOLFSSL_CALLBACKS
+            if (ssl->hsInfoOn)
+                AddPacketName("ServerKeyExchange", &ssl->handShakeInfo);
+            if (ssl->toInfoOn)
+                AddPacketInfo("ServerKeyExchange", &ssl->timeoutInfo, output,
+                                                             sendSz, ssl->heap);
+        #endif
+
+            ssl->buffers.outputBuffer.length += sendSz;
+            if (ssl->options.groupMessages)
+                ret = 0;
+            else
+                ret = SendBuffered(ssl);
+            ssl->options.serverState = SERVER_KEYEXCHANGE_COMPLETE;
+        }
+    #endif /* !NO_DH && !NO_PSK */
+
+    #ifdef HAVE_ECC
+        if (ssl->specs.kea == ecc_diffie_hellman_kea)
+        {
+            byte    *output;
+            word32   length, idx = RECORD_HEADER_SZ + HANDSHAKE_HEADER_SZ;
+            int      sendSz;
+            word32   sigSz;
+            word32   preSigSz, preSigIdx;
+        #ifndef NO_RSA
+            RsaKey   rsaKey;
+        #endif
+            ecc_key  dsaKey;
+        #ifdef WOLFSSL_SMALL_STACK
+            byte*    exportBuf = NULL;
+        #else
+            byte     exportBuf[MAX_EXPORT_ECC_SZ];
+        #endif
+            word32   expSz = MAX_EXPORT_ECC_SZ;
+
+            if (ssl->specs.static_ecdh) {
+                WOLFSSL_MSG("Using Static ECDH, not sending ServerKeyExchagne");
+                return 0;
+            }
+
+            /* curve type, named curve, length(1) */
+            length = ENUM_LEN + CURVE_LEN + ENUM_LEN;
+            /* pub key size */
+            WOLFSSL_MSG("Using ephemeral ECDH");
+
+            /* need ephemeral key now, create it if missing */
+            if (ssl->eccTempKeyPresent == 0) {
+                if (wc_ecc_make_key(ssl->rng, ssl->eccTempKeySz,
+                                 ssl->eccTempKey) != 0) {
+                    return ECC_MAKEKEY_ERROR;
+                }
+                ssl->eccTempKeyPresent = 1;
+            }
+
+        #ifdef WOLFSSL_SMALL_STACK
+            exportBuf = (byte*)XMALLOC(MAX_EXPORT_ECC_SZ, NULL,
+                                                       DYNAMIC_TYPE_TMP_BUFFER);
+            if (exportBuf == NULL)
+                return MEMORY_E;
+        #endif
+
+            if (wc_ecc_export_x963(ssl->eccTempKey, exportBuf, &expSz) != 0)
+                ERROR_OUT(ECC_EXPORT_ERROR, done_a);
+            length += expSz;
+
+            preSigSz  = length;
+            preSigIdx = idx;
+
+        #ifndef NO_RSA
+            ret = wc_InitRsaKey(&rsaKey, ssl->heap);
+            if (ret != 0)
+                goto done_a;
+        #endif
+
+            wc_ecc_init(&dsaKey);
+
+            /* sig length */
+            length += LENGTH_SZ;
+
+            if (!ssl->buffers.key.buffer) {
+            #ifndef NO_RSA
+                wc_FreeRsaKey(&rsaKey);
+            #endif
+                wc_ecc_free(&dsaKey);
+                ERROR_OUT(NO_PRIVATE_KEY, done_a);
+            }
+
+        #ifndef NO_RSA
+            if (ssl->specs.sig_algo == rsa_sa_algo) {
+                /* rsa sig size */
+                word32 i = 0;
+                ret = wc_RsaPrivateKeyDecode(ssl->buffers.key.buffer, &i,
+                                          &rsaKey, ssl->buffers.key.length);
+                if (ret != 0)
+                    goto done_a;
+                sigSz = wc_RsaEncryptSize(&rsaKey);
+            } else
+        #endif
+
+            if (ssl->specs.sig_algo == ecc_dsa_sa_algo) {
+                /* ecdsa sig size */
+                word32 i = 0;
+                ret = wc_EccPrivateKeyDecode(ssl->buffers.key.buffer, &i,
+                                          &dsaKey, ssl->buffers.key.length);
+                if (ret != 0)
+                    goto done_a;
+                sigSz = wc_ecc_sig_size(&dsaKey);  /* worst case estimate */
+            }
+            else {
+            #ifndef NO_RSA
+                wc_FreeRsaKey(&rsaKey);
+            #endif
+                wc_ecc_free(&dsaKey);
+                ERROR_OUT(ALGO_ID_E, done_a);  /* unsupported type */
+            }
+            length += sigSz;
+
+            if (IsAtLeastTLSv1_2(ssl))
+                length += HASH_SIG_SIZE;
+
+            sendSz = length + HANDSHAKE_HEADER_SZ + RECORD_HEADER_SZ;
+
+        #ifdef WOLFSSL_DTLS
+            if (ssl->options.dtls) {
+                sendSz += DTLS_RECORD_EXTRA + DTLS_HANDSHAKE_EXTRA;
+                idx    += DTLS_RECORD_EXTRA + DTLS_HANDSHAKE_EXTRA;
+                preSigIdx = idx;
+            }
+        #endif
+            /* check for available size */
+            if ((ret = CheckAvailableSize(ssl, sendSz)) != 0) {
+            #ifndef NO_RSA
+                wc_FreeRsaKey(&rsaKey);
+            #endif
+                wc_ecc_free(&dsaKey);
+                goto done_a;
+            }
+
+            /* get ouput buffer */
+            output = ssl->buffers.outputBuffer.buffer +
+                     ssl->buffers.outputBuffer.length;
+
+            /* record and message headers will be added below, when we're sure
+               of the sig length */
+
+            /* key exchange data */
+            output[idx++] = named_curve;
+            output[idx++] = 0x00;          /* leading zero */
+            output[idx++] = SetCurveId(wc_ecc_size(ssl->eccTempKey));
+            output[idx++] = (byte)expSz;
+            XMEMCPY(output + idx, exportBuf, expSz);
+            idx += expSz;
+            if (IsAtLeastTLSv1_2(ssl)) {
+                output[idx++] = ssl->suites->hashAlgo;
+                output[idx++] = ssl->suites->sigAlgo;
+            }
+
+            /* Signtaure length will be written later, when we're sure what it
+               is */
+
+        #ifdef HAVE_FUZZER
+            if (ssl->fuzzerCb)
+                ssl->fuzzerCb(ssl, output + preSigIdx, preSigSz, FUZZ_SIGNATURE,
+                              ssl->fuzzerCtx);
+        #endif
+
+            /* do signature */
+            {
+        #ifndef NO_OLD_TLS
+            #ifdef WOLFSSL_SMALL_STACK
+                Md5*   md5  = NULL;
+                Sha*   sha  = NULL;
+            #else
+                Md5    md5[1];
+                Sha    sha[1];
+            #endif
+        #endif
+            #ifdef WOLFSSL_SMALL_STACK
+                byte*  hash = NULL;
+            #else
+                byte   hash[FINISHED_SZ];
+            #endif
+        #ifndef NO_SHA256
+            #ifdef WOLFSSL_SMALL_STACK
+                Sha256* sha256  = NULL;
+                byte*   hash256 = NULL;
+            #else
+                Sha256  sha256[1];
+                byte    hash256[SHA256_DIGEST_SIZE];
+            #endif
+        #endif
+        #ifdef WOLFSSL_SHA384
+            #ifdef WOLFSSL_SMALL_STACK
+                Sha384* sha384  = NULL;
+                byte*   hash384 = NULL;
+            #else
+                Sha384  sha384[1];
+                byte    hash384[SHA384_DIGEST_SIZE];
+            #endif
+        #endif
+
+            #ifdef WOLFSSL_SMALL_STACK
+                hash = (byte*)XMALLOC(FINISHED_SZ, NULL,
+                                                       DYNAMIC_TYPE_TMP_BUFFER);
+                if (hash == NULL)
+                    ERROR_OUT(MEMORY_E, done_a);
+            #endif
+
+        #ifndef NO_OLD_TLS
+                /* md5 */
+            #ifdef WOLFSSL_SMALL_STACK
+                md5 = (Md5*)XMALLOC(sizeof(Md5), NULL, DYNAMIC_TYPE_TMP_BUFFER);
+                if (md5 == NULL)
+                    ERROR_OUT(MEMORY_E, done_a2);
+            #endif
+                wc_InitMd5(md5);
+                wc_Md5Update(md5, ssl->arrays->clientRandom, RAN_LEN);
+                wc_Md5Update(md5, ssl->arrays->serverRandom, RAN_LEN);
+                wc_Md5Update(md5, output + preSigIdx, preSigSz);
+                wc_Md5Final(md5, hash);
+
+                /* sha */
+            #ifdef WOLFSSL_SMALL_STACK
+                sha = (Sha*)XMALLOC(sizeof(Sha), NULL, DYNAMIC_TYPE_TMP_BUFFER);
+                if (sha == NULL)
+                    ERROR_OUT(MEMORY_E, done_a2);
+            #endif
+                ret = wc_InitSha(sha);
+                if (ret != 0)
+                    goto done_a2;
+                wc_ShaUpdate(sha, ssl->arrays->clientRandom, RAN_LEN);
+                wc_ShaUpdate(sha, ssl->arrays->serverRandom, RAN_LEN);
+                wc_ShaUpdate(sha, output + preSigIdx, preSigSz);
+                wc_ShaFinal(sha, &hash[MD5_DIGEST_SIZE]);
+        #endif
+
+        #ifndef NO_SHA256
+            #ifdef WOLFSSL_SMALL_STACK
+                sha256 = (Sha256*)XMALLOC(sizeof(Sha256), NULL,
+                                                       DYNAMIC_TYPE_TMP_BUFFER);
+                hash256 = (byte*)XMALLOC(SHA256_DIGEST_SIZE, NULL,
+                                                       DYNAMIC_TYPE_TMP_BUFFER);
+                if (sha256 == NULL || hash256 == NULL)
+                    ERROR_OUT(MEMORY_E, done_a2);
+            #endif
+
+                if (!(ret = wc_InitSha256(sha256))
+                &&  !(ret = wc_Sha256Update(sha256, ssl->arrays->clientRandom,
+                                                                       RAN_LEN))
+                &&  !(ret = wc_Sha256Update(sha256, ssl->arrays->serverRandom,
+                                                                       RAN_LEN))
+                &&  !(ret = wc_Sha256Update(sha256, output + preSigIdx, preSigSz)))
+                    ret = wc_Sha256Final(sha256, hash256);
+
+                if (ret != 0)
+                    goto done_a2;
+        #endif
+
+        #ifdef WOLFSSL_SHA384
+            #ifdef WOLFSSL_SMALL_STACK
+                sha384 = (Sha384*)XMALLOC(sizeof(Sha384), NULL,
+                                                       DYNAMIC_TYPE_TMP_BUFFER);
+                hash384 = (byte*)XMALLOC(SHA384_DIGEST_SIZE, NULL,
+                                                       DYNAMIC_TYPE_TMP_BUFFER);
+                if (sha384 == NULL || hash384 == NULL)
+                    ERROR_OUT(MEMORY_E, done_a2);
+            #endif
+
+                if (!(ret = wc_InitSha384(sha384))
+                &&  !(ret = wc_Sha384Update(sha384, ssl->arrays->clientRandom,
+                                                                       RAN_LEN))
+                &&  !(ret = wc_Sha384Update(sha384, ssl->arrays->serverRandom,
+                                                                       RAN_LEN))
+                &&  !(ret = wc_Sha384Update(sha384, output + preSigIdx, preSigSz)))
+                    ret = wc_Sha384Final(sha384, hash384);
+
+                if (ret != 0)
+                    goto done_a2;
+        #endif
+
+            #ifndef NO_RSA
+                if (ssl->suites->sigAlgo == rsa_sa_algo) {
+                    byte*  signBuffer = hash;
+                    word32 signSz     = FINISHED_SZ;
+                    byte   doUserRsa = 0;
+                #ifdef WOLFSSL_SMALL_STACK
+                    byte*  encodedSig = NULL;
+                #else
+                    byte   encodedSig[MAX_ENCODED_SIG_SZ];
+                #endif
+
+                #ifdef HAVE_PK_CALLBACKS
+                    if (ssl->ctx->RsaSignCb)
+                        doUserRsa = 1;
+                #endif
+
+                #ifdef WOLFSSL_SMALL_STACK
+                    encodedSig = (byte*)XMALLOC(MAX_ENCODED_SIG_SZ, NULL,
+                                                       DYNAMIC_TYPE_TMP_BUFFER);
+                    if (encodedSig == NULL)
+                        ERROR_OUT(MEMORY_E, done_a2);
+                #endif
+
+                    if (IsAtLeastTLSv1_2(ssl)) {
+                        byte* digest   = &hash[MD5_DIGEST_SIZE];
+                        int   typeH    = SHAh;
+                        int   digestSz = SHA_DIGEST_SIZE;
+
+                        if (ssl->suites->hashAlgo == sha256_mac) {
+                        #ifndef NO_SHA256
+                            digest   = hash256;
+                            typeH    = SHA256h;
+                            digestSz = SHA256_DIGEST_SIZE;
+                        #endif
+                        }
+                        else if (ssl->suites->hashAlgo == sha384_mac) {
+                        #ifdef WOLFSSL_SHA384
+                            digest   = hash384;
+                            typeH    = SHA384h;
+                            digestSz = SHA384_DIGEST_SIZE;
+                        #endif
+                        }
+
+                        signSz = wc_EncodeSignature(encodedSig, digest, digestSz,
+                                                 typeH);
+                        signBuffer = encodedSig;
+                    }
+                    /* write sig size here */
+                    c16toa((word16)sigSz, output + idx);
+                    idx += LENGTH_SZ;
+
+                    if (doUserRsa) {
+                    #ifdef HAVE_PK_CALLBACKS
+                        word32 ioLen = sigSz;
+                        ret = ssl->ctx->RsaSignCb(ssl, signBuffer, signSz,
+                                            output + idx, &ioLen,
+                                            ssl->buffers.key.buffer,
+                                            ssl->buffers.key.length,
+                                            ssl->RsaSignCtx);
+                    #endif /*HAVE_PK_CALLBACKS */
+                    }
+                    else
+                        ret = wc_RsaSSL_Sign(signBuffer, signSz, output + idx,
+                                          sigSz, &rsaKey, ssl->rng);
+
+                    wc_FreeRsaKey(&rsaKey);
+                    wc_ecc_free(&dsaKey);
+
+                #ifdef WOLFSSL_SMALL_STACK
+                    XFREE(encodedSig, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+                #endif
+
+                    if (ret < 0)
+                        goto done_a2;
+                } else
+            #endif
+
+                if (ssl->suites->sigAlgo == ecc_dsa_sa_algo) {
+                #ifndef NO_OLD_TLS
+                    byte* digest = &hash[MD5_DIGEST_SIZE];
+                    word32 digestSz = SHA_DIGEST_SIZE;
+                #else
+                    byte* digest = hash256;
+                    word32 digestSz = SHA256_DIGEST_SIZE;
+                #endif
+                    word32 sz = sigSz;
+                    byte   doUserEcc = 0;
+
+                #if defined(HAVE_PK_CALLBACKS) && defined(HAVE_ECC)
+                    if (ssl->ctx->EccSignCb)
+                        doUserEcc = 1;
+                #endif
+
+                    if (IsAtLeastTLSv1_2(ssl)) {
+                        if (ssl->suites->hashAlgo == sha_mac) {
+                        #ifndef NO_SHA
+                            digest   = &hash[MD5_DIGEST_SIZE];
+                            digestSz = SHA_DIGEST_SIZE;
+                        #endif
+                        }
+                        else if (ssl->suites->hashAlgo == sha256_mac) {
+                        #ifndef NO_SHA256
+                            digest   = hash256;
+                            digestSz = SHA256_DIGEST_SIZE;
+                        #endif
+                        }
+                        else if (ssl->suites->hashAlgo == sha384_mac) {
+                        #ifdef WOLFSSL_SHA384
+                            digest   = hash384;
+                            digestSz = SHA384_DIGEST_SIZE;
+                        #endif
+                        }
+                    }
+
+                    if (doUserEcc) {
+                    #if defined(HAVE_PK_CALLBACKS) && defined(HAVE_ECC)
+                        ret = ssl->ctx->EccSignCb(ssl, digest, digestSz,
+                                                  output + LENGTH_SZ + idx, &sz,
+                                                  ssl->buffers.key.buffer,
+                                                  ssl->buffers.key.length,
+                                                  ssl->EccSignCtx);
+                    #endif
+                    }
+                    else {
+                        ret = wc_ecc_sign_hash(digest, digestSz,
+                              output + LENGTH_SZ + idx, &sz, ssl->rng, &dsaKey);
+                    }
+                #ifndef NO_RSA
+                    wc_FreeRsaKey(&rsaKey);
+                #endif
+                    wc_ecc_free(&dsaKey);
+
+                    if (ret < 0)
+                        goto done_a2;
+
+                    /* Now that we know the real sig size, write it. */
+                    c16toa((word16)sz, output + idx);
+
+                    /* And adjust length and sendSz from estimates */
+                    length += sz - sigSz;
+                    sendSz += sz - sigSz;
+                }
+
+            done_a2:
+        #ifdef WOLFSSL_SMALL_STACK
+            #ifndef NO_OLD_TLS
+                XFREE(md5,     NULL, DYNAMIC_TYPE_TMP_BUFFER);
+                XFREE(sha,     NULL, DYNAMIC_TYPE_TMP_BUFFER);
+            #endif
+                XFREE(hash,    NULL, DYNAMIC_TYPE_TMP_BUFFER);
+            #ifndef NO_SHA256
+                XFREE(sha256,  NULL, DYNAMIC_TYPE_TMP_BUFFER);
+                XFREE(hash256, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+            #endif
+            #ifdef WOLFSSL_SHA384
+                XFREE(sha384,  NULL, DYNAMIC_TYPE_TMP_BUFFER);
+                XFREE(hash384, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+            #endif
+        #endif
+
+                if (ret < 0)
+                    goto done_a;
+            }
+
+            AddHeaders(output, length, server_key_exchange, ssl);
+
+        #ifdef WOLFSSL_DTLS
+            if (ssl->options.dtls)
+                if ((ret = DtlsPoolSave(ssl, output, sendSz)) != 0)
+                    goto done_a;
+        #endif
+
+            if ((ret = HashOutput(ssl, output, sendSz, 0)) != 0)
+                goto done_a;
+
+        #ifdef WOLFSSL_CALLBACKS
+            if (ssl->hsInfoOn)
+                AddPacketName("ServerKeyExchange", &ssl->handShakeInfo);
+            if (ssl->toInfoOn)
+                AddPacketInfo("ServerKeyExchange", &ssl->timeoutInfo,
+                              output, sendSz, ssl->heap);
+        #endif
+
+            ssl->buffers.outputBuffer.length += sendSz;
+            if (ssl->options.groupMessages)
+                ret = 0;
+            else
+                ret = SendBuffered(ssl);
+            ssl->options.serverState = SERVER_KEYEXCHANGE_COMPLETE;
+
+        done_a:
+        #ifdef WOLFSSL_SMALL_STACK
+            XFREE(exportBuf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        #endif
+
+            return ret;
+        }
+    #endif /* HAVE_ECC */
+
+    #if !defined(NO_DH) && !defined(NO_RSA)
+        if (ssl->specs.kea == diffie_hellman_kea) {
+            byte    *output;
+            word32   length = 0, idx = RECORD_HEADER_SZ + HANDSHAKE_HEADER_SZ;
+            int      sendSz;
+            word32   sigSz = 0, i = 0;
+            word32   preSigSz = 0, preSigIdx = 0;
+            RsaKey   rsaKey;
+            DhKey    dhKey;
+
+            if (ssl->buffers.serverDH_P.buffer == NULL ||
+                ssl->buffers.serverDH_G.buffer == NULL)
+                return NO_DH_PARAMS;
+
+            if (ssl->buffers.serverDH_Pub.buffer == NULL) {
+                ssl->buffers.serverDH_Pub.buffer = (byte*)XMALLOC(
+                        ssl->buffers.serverDH_P.length + 2, ssl->ctx->heap,
+                        DYNAMIC_TYPE_DH);
+                if (ssl->buffers.serverDH_Pub.buffer == NULL)
+                    return MEMORY_E;
+            }
+
+            if (ssl->buffers.serverDH_Priv.buffer == NULL) {
+                ssl->buffers.serverDH_Priv.buffer = (byte*)XMALLOC(
+                        ssl->buffers.serverDH_P.length + 2, ssl->ctx->heap,
+                        DYNAMIC_TYPE_DH);
+                if (ssl->buffers.serverDH_Priv.buffer == NULL)
+                    return MEMORY_E;
+            }
+
+            wc_InitDhKey(&dhKey);
+            ret = wc_DhSetKey(&dhKey, ssl->buffers.serverDH_P.buffer,
+                                   ssl->buffers.serverDH_P.length,
+                                   ssl->buffers.serverDH_G.buffer,
+                                   ssl->buffers.serverDH_G.length);
+            if (ret == 0)
+                ret = wc_DhGenerateKeyPair(&dhKey, ssl->rng,
+                                         ssl->buffers.serverDH_Priv.buffer,
+                                        &ssl->buffers.serverDH_Priv.length,
+                                         ssl->buffers.serverDH_Pub.buffer,
+                                        &ssl->buffers.serverDH_Pub.length);
+            wc_FreeDhKey(&dhKey);
+
+            if (ret != 0) return ret;
+
+            length = LENGTH_SZ * 3;  /* p, g, pub */
+            length += ssl->buffers.serverDH_P.length +
+                      ssl->buffers.serverDH_G.length +
+                      ssl->buffers.serverDH_Pub.length;
+
+            preSigIdx = idx;
+            preSigSz  = length;
+
+            if (!ssl->options.usingAnon_cipher) {
+                ret = wc_InitRsaKey(&rsaKey, ssl->heap);
+                if (ret != 0) return ret;
+
+                /* sig length */
+                length += LENGTH_SZ;
+
+                if (!ssl->buffers.key.buffer)
+                    return NO_PRIVATE_KEY;
+
+                ret = wc_RsaPrivateKeyDecode(ssl->buffers.key.buffer, &i, &rsaKey,
+                                          ssl->buffers.key.length);
+                if (ret == 0) {
+                    sigSz = wc_RsaEncryptSize(&rsaKey);
+                    length += sigSz;
+                }
+                else {
+                    wc_FreeRsaKey(&rsaKey);
+                    return ret;
+                }
+
+                if (IsAtLeastTLSv1_2(ssl))
+                    length += HASH_SIG_SIZE;
+            }
+
+            sendSz = length + HANDSHAKE_HEADER_SZ + RECORD_HEADER_SZ;
+
+        #ifdef WOLFSSL_DTLS
+            if (ssl->options.dtls) {
+                sendSz += DTLS_RECORD_EXTRA + DTLS_HANDSHAKE_EXTRA;
+                idx    += DTLS_RECORD_EXTRA + DTLS_HANDSHAKE_EXTRA;
+                preSigIdx = idx;
+            }
+        #endif
+
+            /* check for available size */
+            if ((ret = CheckAvailableSize(ssl, sendSz)) != 0) {
+                if (!ssl->options.usingAnon_cipher)
+                    wc_FreeRsaKey(&rsaKey);
+                return ret;
+            }
+
+            /* get ouput buffer */
+            output = ssl->buffers.outputBuffer.buffer +
+                     ssl->buffers.outputBuffer.length;
+
+            AddHeaders(output, length, server_key_exchange, ssl);
+
+            /* add p, g, pub */
+            c16toa((word16)ssl->buffers.serverDH_P.length, output + idx);
+            idx += LENGTH_SZ;
+            XMEMCPY(output + idx, ssl->buffers.serverDH_P.buffer,
+                                  ssl->buffers.serverDH_P.length);
+            idx += ssl->buffers.serverDH_P.length;
+
+            /*  g */
+            c16toa((word16)ssl->buffers.serverDH_G.length, output + idx);
+            idx += LENGTH_SZ;
+            XMEMCPY(output + idx, ssl->buffers.serverDH_G.buffer,
+                                  ssl->buffers.serverDH_G.length);
+            idx += ssl->buffers.serverDH_G.length;
+
+            /*  pub */
+            c16toa((word16)ssl->buffers.serverDH_Pub.length, output + idx);
+            idx += LENGTH_SZ;
+            XMEMCPY(output + idx, ssl->buffers.serverDH_Pub.buffer,
+                                  ssl->buffers.serverDH_Pub.length);
+            idx += ssl->buffers.serverDH_Pub.length;
+
+        #ifdef HAVE_FUZZER
+            if (ssl->fuzzerCb)
+                ssl->fuzzerCb(ssl, output + preSigIdx, preSigSz, FUZZ_SIGNATURE,
+                        ssl->fuzzerCtx);
+        #endif
+
+            /* Add signature */
+            if (!ssl->options.usingAnon_cipher) {
+        #ifndef NO_OLD_TLS
+            #ifdef WOLFSSL_SMALL_STACK
+                Md5*   md5  = NULL;
+                Sha*   sha  = NULL;
+            #else
+                Md5    md5[1];
+                Sha    sha[1];
+            #endif
+        #endif
+            #ifdef WOLFSSL_SMALL_STACK
+                byte*  hash = NULL;
+            #else
+                byte   hash[FINISHED_SZ];
+            #endif
+        #ifndef NO_SHA256
+            #ifdef WOLFSSL_SMALL_STACK
+                Sha256* sha256  = NULL;
+                byte*   hash256 = NULL;
+            #else
+                Sha256  sha256[1];
+                byte    hash256[SHA256_DIGEST_SIZE];
+            #endif
+        #endif
+        #ifdef WOLFSSL_SHA384
+            #ifdef WOLFSSL_SMALL_STACK
+                Sha384* sha384  = NULL;
+                byte*   hash384 = NULL;
+            #else
+                Sha384  sha384[1];
+                byte    hash384[SHA384_DIGEST_SIZE];
+            #endif
+        #endif
+
+            /* Add hash/signature algo ID */
+            if (IsAtLeastTLSv1_2(ssl)) {
+                output[idx++] = ssl->suites->hashAlgo;
+                output[idx++] = ssl->suites->sigAlgo;
+            }
+
+            /* signature size */
+            c16toa((word16)sigSz, output + idx);
+            idx += LENGTH_SZ;
+
+            /* do signature */
+            #ifdef WOLFSSL_SMALL_STACK
+                hash = (byte*)XMALLOC(FINISHED_SZ, NULL,
+                                                       DYNAMIC_TYPE_TMP_BUFFER);
+                if (hash == NULL)
+                    return MEMORY_E; /* No heap commitment before this point,
+                                        from now on, the resources are freed
+                                        at done_b. */
+            #endif
+
+        #ifndef NO_OLD_TLS
+                /* md5 */
+            #ifdef WOLFSSL_SMALL_STACK
+                md5 = (Md5*)XMALLOC(sizeof(Md5), NULL, DYNAMIC_TYPE_TMP_BUFFER);
+                if (md5 == NULL)
+                    ERROR_OUT(MEMORY_E, done_b);
+            #endif
+                wc_InitMd5(md5);
+                wc_Md5Update(md5, ssl->arrays->clientRandom, RAN_LEN);
+                wc_Md5Update(md5, ssl->arrays->serverRandom, RAN_LEN);
+                wc_Md5Update(md5, output + preSigIdx, preSigSz);
+                wc_Md5Final(md5, hash);
+
+                /* sha */
+            #ifdef WOLFSSL_SMALL_STACK
+                sha = (Sha*)XMALLOC(sizeof(Sha), NULL, DYNAMIC_TYPE_TMP_BUFFER);
+                if (sha == NULL)
+                    ERROR_OUT(MEMORY_E, done_b);
+            #endif
+
+                if ((ret = wc_InitSha(sha)) != 0)
+                    goto done_b;
+
+                wc_ShaUpdate(sha, ssl->arrays->clientRandom, RAN_LEN);
+                wc_ShaUpdate(sha, ssl->arrays->serverRandom, RAN_LEN);
+                wc_ShaUpdate(sha, output + preSigIdx, preSigSz);
+                wc_ShaFinal(sha, &hash[MD5_DIGEST_SIZE]);
+        #endif
+
+        #ifndef NO_SHA256
+            #ifdef WOLFSSL_SMALL_STACK
+                sha256 = (Sha256*)XMALLOC(sizeof(Sha256), NULL,
+                                                       DYNAMIC_TYPE_TMP_BUFFER);
+                hash256 = (byte*)XMALLOC(SHA256_DIGEST_SIZE, NULL,
+                                                       DYNAMIC_TYPE_TMP_BUFFER);
+                if (sha256 == NULL || hash256 == NULL)
+                    ERROR_OUT(MEMORY_E, done_b);
+            #endif
+
+                if (!(ret = wc_InitSha256(sha256))
+                &&  !(ret = wc_Sha256Update(sha256, ssl->arrays->clientRandom,
+                                                                       RAN_LEN))
+                &&  !(ret = wc_Sha256Update(sha256, ssl->arrays->serverRandom,
+                                                                       RAN_LEN))
+                &&  !(ret = wc_Sha256Update(sha256, output + preSigIdx, preSigSz)))
+                    ret = wc_Sha256Final(sha256, hash256);
+
+                if (ret != 0)
+                    goto done_b;
+            #endif
+
+        #ifdef WOLFSSL_SHA384
+            #ifdef WOLFSSL_SMALL_STACK
+                sha384 = (Sha384*)XMALLOC(sizeof(Sha384), NULL,
+                                                       DYNAMIC_TYPE_TMP_BUFFER);
+                hash384 = (byte*)XMALLOC(SHA384_DIGEST_SIZE, NULL,
+                                                       DYNAMIC_TYPE_TMP_BUFFER);
+                if (sha384 == NULL || hash384 == NULL)
+                    ERROR_OUT(MEMORY_E, done_b);
+            #endif
+
+                if (!(ret = wc_InitSha384(sha384))
+                &&  !(ret = wc_Sha384Update(sha384, ssl->arrays->clientRandom,
+                                                                       RAN_LEN))
+                &&  !(ret = wc_Sha384Update(sha384, ssl->arrays->serverRandom,
+                                                                       RAN_LEN))
+                &&  !(ret = wc_Sha384Update(sha384, output + preSigIdx, preSigSz)))
+                    ret = wc_Sha384Final(sha384, hash384);
+
+                if (ret != 0)
+                    goto done_b;
+        #endif
+
+            #ifndef NO_RSA
+                if (ssl->suites->sigAlgo == rsa_sa_algo) {
+                    byte*  signBuffer = hash;
+                    word32 signSz     = FINISHED_SZ;
+                #ifdef WOLFSSL_SMALL_STACK
+                    byte*  encodedSig = NULL;
+                #else
+                    byte   encodedSig[MAX_ENCODED_SIG_SZ];
+                #endif
+                    byte   doUserRsa = 0;
+
+                #ifdef HAVE_PK_CALLBACKS
+                    if (ssl->ctx->RsaSignCb)
+                        doUserRsa = 1;
+                #endif
+
+                #ifdef WOLFSSL_SMALL_STACK
+                    encodedSig = (byte*)XMALLOC(MAX_ENCODED_SIG_SZ, NULL,
+                                                       DYNAMIC_TYPE_TMP_BUFFER);
+                    if (encodedSig == NULL)
+                        ERROR_OUT(MEMORY_E, done_b);
+                #endif
+
+                    if (IsAtLeastTLSv1_2(ssl)) {
+                        byte* digest   = &hash[MD5_DIGEST_SIZE];
+                        int   typeH    = SHAh;
+                        int   digestSz = SHA_DIGEST_SIZE;
+
+                        if (ssl->suites->hashAlgo == sha256_mac) {
+                        #ifndef NO_SHA256
+                            digest   = hash256;
+                            typeH    = SHA256h;
+                            digestSz = SHA256_DIGEST_SIZE;
+                        #endif
+                        }
+                        else if (ssl->suites->hashAlgo == sha384_mac) {
+                        #ifdef WOLFSSL_SHA384
+                            digest   = hash384;
+                            typeH    = SHA384h;
+                            digestSz = SHA384_DIGEST_SIZE;
+                        #endif
+                        }
+
+                        signSz = wc_EncodeSignature(encodedSig, digest, digestSz,
+                                                 typeH);
+                        signBuffer = encodedSig;
+                    }
+                    if (doUserRsa) {
+                    #ifdef HAVE_PK_CALLBACKS
+                        word32 ioLen = sigSz;
+                        ret = ssl->ctx->RsaSignCb(ssl, signBuffer, signSz,
+                                                  output + idx, &ioLen,
+                                                  ssl->buffers.key.buffer,
+                                                  ssl->buffers.key.length,
+                                                  ssl->RsaSignCtx);
+                    #endif
+                    }
+                    else
+                        ret = wc_RsaSSL_Sign(signBuffer, signSz, output + idx,
+                                          sigSz, &rsaKey, ssl->rng);
+
+                    wc_FreeRsaKey(&rsaKey);
+
+                #ifdef WOLFSSL_SMALL_STACK
+                    XFREE(encodedSig, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+                #endif
+                }
+            #endif
+
+            done_b:
+        #ifdef WOLFSSL_SMALL_STACK
+            #ifndef NO_OLD_TLS
+                XFREE(md5,     NULL, DYNAMIC_TYPE_TMP_BUFFER);
+                XFREE(sha,     NULL, DYNAMIC_TYPE_TMP_BUFFER);
+            #endif
+                XFREE(hash,    NULL, DYNAMIC_TYPE_TMP_BUFFER);
+            #ifndef NO_SHA256
+                XFREE(sha256,  NULL, DYNAMIC_TYPE_TMP_BUFFER);
+                XFREE(hash256, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+            #endif
+            #ifdef WOLFSSL_SHA384
+                XFREE(sha384,  NULL, DYNAMIC_TYPE_TMP_BUFFER);
+                XFREE(hash384, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+            #endif
+        #endif
+
+                if (ret < 0) return ret;
+            }
+
+        #ifdef WOLFSSL_DTLS
+            if (ssl->options.dtls)
+                if ((ret = DtlsPoolSave(ssl, output, sendSz)) != 0)
+                    return ret;
+        #endif
+
+            if ((ret = HashOutput(ssl, output, sendSz, 0)) != 0)
+                return ret;
+
+        #ifdef WOLFSSL_CALLBACKS
+            if (ssl->hsInfoOn)
+                AddPacketName("ServerKeyExchange", &ssl->handShakeInfo);
+            if (ssl->toInfoOn)
+                AddPacketInfo("ServerKeyExchange", &ssl->timeoutInfo,
+                              output, sendSz, ssl->heap);
+        #endif
+
+            ssl->buffers.outputBuffer.length += sendSz;
+            if (ssl->options.groupMessages)
+                ret = 0;
+            else
+                ret = SendBuffered(ssl);
+            ssl->options.serverState = SERVER_KEYEXCHANGE_COMPLETE;
+        }
+    #endif /* NO_DH */
+
+        return ret;
+        #undef ERROR_OUT
+    }
+
+
+    /* Make sure server cert/key are valid for this suite, true on success */
+    static int VerifyServerSuite(WOLFSSL* ssl, word16 idx)
+    {
+        int  haveRSA = !ssl->options.haveStaticECC;
+        int  havePSK = 0;
+        byte first;
+        byte second;
+
+        WOLFSSL_ENTER("VerifyServerSuite");
+
+        if (ssl->suites == NULL) {
+            WOLFSSL_MSG("Suites pointer error");
+            return 0;
+        }
+
+        first   = ssl->suites->suites[idx];
+        second  = ssl->suites->suites[idx+1];
+
+        #ifndef NO_PSK
+            havePSK = ssl->options.havePSK;
+        #endif
+
+        if (ssl->options.haveNTRU)
+            haveRSA = 0;
+
+        if (CipherRequires(first, second, REQUIRES_RSA)) {
+            WOLFSSL_MSG("Requires RSA");
+            if (haveRSA == 0) {
+                WOLFSSL_MSG("Don't have RSA");
+                return 0;
+            }
+        }
+
+        if (CipherRequires(first, second, REQUIRES_DHE)) {
+            WOLFSSL_MSG("Requires DHE");
+            if (ssl->options.haveDH == 0) {
+                WOLFSSL_MSG("Don't have DHE");
+                return 0;
+            }
+        }
+
+        if (CipherRequires(first, second, REQUIRES_ECC_DSA)) {
+            WOLFSSL_MSG("Requires ECCDSA");
+            if (ssl->options.haveECDSAsig == 0) {
+                WOLFSSL_MSG("Don't have ECCDSA");
+                return 0;
+            }
+        }
+
+        if (CipherRequires(first, second, REQUIRES_ECC_STATIC)) {
+            WOLFSSL_MSG("Requires static ECC");
+            if (ssl->options.haveStaticECC == 0) {
+                WOLFSSL_MSG("Don't have static ECC");
+                return 0;
+            }
+        }
+
+        if (CipherRequires(first, second, REQUIRES_PSK)) {
+            WOLFSSL_MSG("Requires PSK");
+            if (havePSK == 0) {
+                WOLFSSL_MSG("Don't have PSK");
+                return 0;
+            }
+        }
+
+        if (CipherRequires(first, second, REQUIRES_NTRU)) {
+            WOLFSSL_MSG("Requires NTRU");
+            if (ssl->options.haveNTRU == 0) {
+                WOLFSSL_MSG("Don't have NTRU");
+                return 0;
+            }
+        }
+
+        if (CipherRequires(first, second, REQUIRES_RSA_SIG)) {
+            WOLFSSL_MSG("Requires RSA Signature");
+            if (ssl->options.side == WOLFSSL_SERVER_END &&
+                                           ssl->options.haveECDSAsig == 1) {
+                WOLFSSL_MSG("Don't have RSA Signature");
+                return 0;
+            }
+        }
+
+#ifdef HAVE_SUPPORTED_CURVES
+        if (!TLSX_ValidateEllipticCurves(ssl, first, second)) {
+            WOLFSSL_MSG("Don't have matching curves");
+                return 0;
+        }
+#endif
+
+        /* ECCDHE is always supported if ECC on */
+
+        return 1;
+    }
+
+
+    static int MatchSuite(WOLFSSL* ssl, Suites* peerSuites)
+    {
+        word16 i, j;
+
+        WOLFSSL_ENTER("MatchSuite");
+
+        /* & 0x1 equivalent % 2 */
+        if (peerSuites->suiteSz == 0 || peerSuites->suiteSz & 0x1)
+            return MATCH_SUITE_ERROR;
+
+        if (ssl->suites == NULL)
+            return SUITES_ERROR;
+        /* start with best, if a match we are good */
+        for (i = 0; i < ssl->suites->suiteSz; i += 2)
+            for (j = 0; j < peerSuites->suiteSz; j += 2)
+                if (ssl->suites->suites[i]   == peerSuites->suites[j] &&
+                    ssl->suites->suites[i+1] == peerSuites->suites[j+1] ) {
+
+                    if (VerifyServerSuite(ssl, i)) {
+                        int result;
+                        WOLFSSL_MSG("Verified suite validity");
+                        ssl->options.cipherSuite0 = ssl->suites->suites[i];
+                        ssl->options.cipherSuite  = ssl->suites->suites[i+1];
+                        result = SetCipherSpecs(ssl);
+                        if (result == 0)
+                            PickHashSigAlgo(ssl, peerSuites->hashSigAlgo,
+                                                 peerSuites->hashSigAlgoSz);
+                        return result;
+                    }
+                    else {
+                        WOLFSSL_MSG("Could not verify suite validity, continue");
+                    }
+                }
+
+        return MATCH_SUITE_ERROR;
+    }
+
+
+#ifdef OLD_HELLO_ALLOWED
+
+    /* process old style client hello, deprecate? */
+    int ProcessOldClientHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
+                              word32 inSz, word16 sz)
+    {
+        word32          idx = *inOutIdx;
+        word16          sessionSz;
+        word16          randomSz;
+        word16          i, j;
+        ProtocolVersion pv;
+        Suites          clSuites;
+
+        (void)inSz;
+        WOLFSSL_MSG("Got old format client hello");
+#ifdef WOLFSSL_CALLBACKS
+        if (ssl->hsInfoOn)
+            AddPacketName("ClientHello", &ssl->handShakeInfo);
+        if (ssl->toInfoOn)
+            AddLateName("ClientHello", &ssl->timeoutInfo);
+#endif
+
+        /* manually hash input since different format */
+#ifndef NO_OLD_TLS
+#ifndef NO_MD5
+        wc_Md5Update(&ssl->hashMd5, input + idx, sz);
+#endif
+#ifndef NO_SHA
+        wc_ShaUpdate(&ssl->hashSha, input + idx, sz);
+#endif
+#endif
+#ifndef NO_SHA256
+        if (IsAtLeastTLSv1_2(ssl)) {
+            int shaRet = wc_Sha256Update(&ssl->hashSha256, input + idx, sz);
+
+            if (shaRet != 0)
+                return shaRet;
+        }
+#endif
+
+        /* does this value mean client_hello? */
+        idx++;
+
+        /* version */
+        pv.major = input[idx++];
+        pv.minor = input[idx++];
+        ssl->chVersion = pv;  /* store */
+
+        if (ssl->version.minor > pv.minor) {
+            byte haveRSA = 0;
+            byte havePSK = 0;
+            if (!ssl->options.downgrade) {
+                WOLFSSL_MSG("Client trying to connect with lesser version");
+                return VERSION_ERROR;
+            }
+            if (pv.minor < ssl->options.minDowngrade) {
+                WOLFSSL_MSG("    version below minimum allowed, fatal error");
+                return VERSION_ERROR;
+            }
+            if (pv.minor == SSLv3_MINOR) {
+                /* turn off tls */
+                WOLFSSL_MSG("    downgrading to SSLv3");
+                ssl->options.tls    = 0;
+                ssl->options.tls1_1 = 0;
+                ssl->version.minor  = SSLv3_MINOR;
+            }
+            else if (pv.minor == TLSv1_MINOR) {
+                WOLFSSL_MSG("    downgrading to TLSv1");
+                /* turn off tls 1.1+ */
+                ssl->options.tls1_1 = 0;
+                ssl->version.minor  = TLSv1_MINOR;
+            }
+            else if (pv.minor == TLSv1_1_MINOR) {
+                WOLFSSL_MSG("    downgrading to TLSv1.1");
+                ssl->version.minor  = TLSv1_1_MINOR;
+            }
+#ifndef NO_RSA
+            haveRSA = 1;
+#endif
+#ifndef NO_PSK
+            havePSK = ssl->options.havePSK;
+#endif
+
+            InitSuites(ssl->suites, ssl->version, haveRSA, havePSK,
+                       ssl->options.haveDH, ssl->options.haveNTRU,
+                       ssl->options.haveECDSAsig, ssl->options.haveStaticECC,
+                       ssl->options.side);
+        }
+
+        /* suite size */
+        ato16(&input[idx], &clSuites.suiteSz);
+        idx += 2;
+
+        if (clSuites.suiteSz > MAX_SUITE_SZ)
+            return BUFFER_ERROR;
+        clSuites.hashSigAlgoSz = 0;
+
+        /* session size */
+        ato16(&input[idx], &sessionSz);
+        idx += 2;
+
+        if (sessionSz > ID_LEN)
+            return BUFFER_ERROR;
+
+        /* random size */
+        ato16(&input[idx], &randomSz);
+        idx += 2;
+
+        if (randomSz > RAN_LEN)
+            return BUFFER_ERROR;
+
+        /* suites */
+        for (i = 0, j = 0; i < clSuites.suiteSz; i += 3) {
+            byte first = input[idx++];
+            if (!first) { /* implicit: skip sslv2 type */
+                XMEMCPY(&clSuites.suites[j], &input[idx], 2);
+                j += 2;
+            }
+            idx += 2;
+        }
+        clSuites.suiteSz = j;
+
+        /* session id */
+        if (sessionSz) {
+            XMEMCPY(ssl->arrays->sessionID, input + idx, sessionSz);
+            idx += sessionSz;
+            ssl->options.resuming = 1;
+        }
+
+        /* random */
+        if (randomSz < RAN_LEN)
+            XMEMSET(ssl->arrays->clientRandom, 0, RAN_LEN - randomSz);
+        XMEMCPY(&ssl->arrays->clientRandom[RAN_LEN - randomSz], input + idx,
+               randomSz);
+        idx += randomSz;
+
+        if (ssl->options.usingCompression)
+            ssl->options.usingCompression = 0;  /* turn off */
+
+        ssl->options.clientState = CLIENT_HELLO_COMPLETE;
+        *inOutIdx = idx;
+
+        ssl->options.haveSessionId = 1;
+        /* DoClientHello uses same resume code */
+        if (ssl->options.resuming) {  /* let's try */
+            int ret = -1;
+            WOLFSSL_SESSION* session = GetSession(ssl,ssl->arrays->masterSecret);
+            if (!session) {
+                WOLFSSL_MSG("Session lookup for resume failed");
+                ssl->options.resuming = 0;
+            } else {
+                if (MatchSuite(ssl, &clSuites) < 0) {
+                    WOLFSSL_MSG("Unsupported cipher suite, OldClientHello");
+                    return UNSUPPORTED_SUITE;
+                }
+                #ifdef SESSION_CERTS
+                    ssl->session = *session; /* restore session certs. */
+                #endif
+
+                ret = wc_RNG_GenerateBlock(ssl->rng, ssl->arrays->serverRandom,
+                                                                       RAN_LEN);
+                if (ret != 0)
+                    return ret;
+
+                #ifdef NO_OLD_TLS
+                    ret = DeriveTlsKeys(ssl);
+                #else
+                    #ifndef NO_TLS
+                        if (ssl->options.tls)
+                            ret = DeriveTlsKeys(ssl);
+                    #endif
+                        if (!ssl->options.tls)
+                            ret = DeriveKeys(ssl);
+                #endif
+                ssl->options.clientState = CLIENT_KEYEXCHANGE_COMPLETE;
+
+                return ret;
+            }
+        }
+
+        return MatchSuite(ssl, &clSuites);
+    }
+
+#endif /* OLD_HELLO_ALLOWED */
+
+
+    static int DoClientHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
+                             word32 helloSz)
+    {
+        byte            b;
+        ProtocolVersion pv;
+        Suites          clSuites;
+        word32          i = *inOutIdx;
+        word32          begin = i;
+
+#ifdef WOLFSSL_CALLBACKS
+        if (ssl->hsInfoOn) AddPacketName("ClientHello", &ssl->handShakeInfo);
+        if (ssl->toInfoOn) AddLateName("ClientHello", &ssl->timeoutInfo);
+#endif
+
+        /* protocol version, random and session id length check */
+        if ((i - begin) + OPAQUE16_LEN + RAN_LEN + OPAQUE8_LEN > helloSz)
+            return BUFFER_ERROR;
+
+        /* protocol version */
+        XMEMCPY(&pv, input + i, OPAQUE16_LEN);
+        ssl->chVersion = pv;   /* store */
+        i += OPAQUE16_LEN;
+
+        if (ssl->version.minor > pv.minor) {
+            byte haveRSA = 0;
+            byte havePSK = 0;
+
+            if (!ssl->options.downgrade) {
+                WOLFSSL_MSG("Client trying to connect with lesser version");
+                return VERSION_ERROR;
+            }
+            if (pv.minor < ssl->options.minDowngrade) {
+                WOLFSSL_MSG("    version below minimum allowed, fatal error");
+                return VERSION_ERROR;
+            }
+
+            if (pv.minor == SSLv3_MINOR) {
+                /* turn off tls */
+                WOLFSSL_MSG("    downgrading to SSLv3");
+                ssl->options.tls    = 0;
+                ssl->options.tls1_1 = 0;
+                ssl->version.minor  = SSLv3_MINOR;
+            }
+            else if (pv.minor == TLSv1_MINOR) {
+                /* turn off tls 1.1+ */
+                WOLFSSL_MSG("    downgrading to TLSv1");
+                ssl->options.tls1_1 = 0;
+                ssl->version.minor  = TLSv1_MINOR;
+            }
+            else if (pv.minor == TLSv1_1_MINOR) {
+                WOLFSSL_MSG("    downgrading to TLSv1.1");
+                ssl->version.minor  = TLSv1_1_MINOR;
+            }
+#ifndef NO_RSA
+            haveRSA = 1;
+#endif
+#ifndef NO_PSK
+            havePSK = ssl->options.havePSK;
+#endif
+            InitSuites(ssl->suites, ssl->version, haveRSA, havePSK,
+                       ssl->options.haveDH, ssl->options.haveNTRU,
+                       ssl->options.haveECDSAsig, ssl->options.haveStaticECC,
+                       ssl->options.side);
+        }
+
+        /* random */
+        XMEMCPY(ssl->arrays->clientRandom, input + i, RAN_LEN);
+        i += RAN_LEN;
+
+#ifdef SHOW_SECRETS
+        {
+            int j;
+            printf("client random: ");
+            for (j = 0; j < RAN_LEN; j++)
+                printf("%02x", ssl->arrays->clientRandom[j]);
+            printf("\n");
+        }
+#endif
+
+        /* session id */
+        b = input[i++];
+
+        if (b == ID_LEN) {
+            if ((i - begin) + ID_LEN > helloSz)
+                return BUFFER_ERROR;
+
+            XMEMCPY(ssl->arrays->sessionID, input + i, ID_LEN);
+            i += ID_LEN;
+            ssl->options.resuming = 1; /* client wants to resume */
+            WOLFSSL_MSG("Client wants to resume session");
+        }
+        else if (b) {
+            WOLFSSL_MSG("Invalid session ID size");
+            return BUFFER_ERROR; /* session ID nor 0 neither 32 bytes long */
+        }
+
+        #ifdef WOLFSSL_DTLS
+            /* cookie */
+            if (ssl->options.dtls) {
+
+                if ((i - begin) + OPAQUE8_LEN > helloSz)
+                    return BUFFER_ERROR;
+
+                b = input[i++];
+
+                if (b) {
+                    byte cookie[MAX_COOKIE_LEN];
+
+                    if (b > MAX_COOKIE_LEN)
+                        return BUFFER_ERROR;
+
+                    if ((i - begin) + b > helloSz)
+                        return BUFFER_ERROR;
+
+                    if (ssl->ctx->CBIOCookie == NULL) {
+                        WOLFSSL_MSG("Your Cookie callback is null, please set");
+                        return COOKIE_ERROR;
+                    }
+
+                    if ((ssl->ctx->CBIOCookie(ssl, cookie, COOKIE_SZ,
+                                              ssl->IOCB_CookieCtx) != COOKIE_SZ)
+                            || (b != COOKIE_SZ)
+                            || (XMEMCMP(cookie, input + i, b) != 0)) {
+                        return COOKIE_ERROR;
+                    }
+
+                    i += b;
+                }
+            }
+        #endif
+
+        /* suites */
+        if ((i - begin) + OPAQUE16_LEN > helloSz)
+            return BUFFER_ERROR;
+
+        ato16(&input[i], &clSuites.suiteSz);
+        i += OPAQUE16_LEN;
+
+        /* suites and compression length check */
+        if ((i - begin) + clSuites.suiteSz + OPAQUE8_LEN > helloSz)
+            return BUFFER_ERROR;
+
+        if (clSuites.suiteSz > MAX_SUITE_SZ)
+            return BUFFER_ERROR;
+
+        XMEMCPY(clSuites.suites, input + i, clSuites.suiteSz);
+        i += clSuites.suiteSz;
+        clSuites.hashSigAlgoSz = 0;
+
+        /* compression length */
+        b = input[i++];
+
+        if ((i - begin) + b > helloSz)
+            return BUFFER_ERROR;
+
+        if (ssl->options.usingCompression) {
+            int match = 0;
+
+            while (b--) {
+                byte comp = input[i++];
+
+                if (comp == ZLIB_COMPRESSION)
+                    match = 1;
+            }
+
+            if (!match) {
+                WOLFSSL_MSG("Not matching compression, turning off");
+                ssl->options.usingCompression = 0;  /* turn off */
+            }
+        }
+        else
+            i += b; /* ignore, since we're not on */
+
+        *inOutIdx = i;
+
+        /* tls extensions */
+        if ((i - begin) < helloSz) {
+#ifdef HAVE_TLS_EXTENSIONS
+            if (TLSX_SupportExtensions(ssl)) {
+                int ret = 0;
+#else
+            if (IsAtLeastTLSv1_2(ssl)) {
+#endif
+                /* Process the hello extension. Skip unsupported. */
+                word16 totalExtSz;
+
+                if ((i - begin) + OPAQUE16_LEN > helloSz)
+                    return BUFFER_ERROR;
+
+                ato16(&input[i], &totalExtSz);
+                i += OPAQUE16_LEN;
+
+                if ((i - begin) + totalExtSz > helloSz)
+                    return BUFFER_ERROR;
+
+#ifdef HAVE_TLS_EXTENSIONS
+                if ((ret = TLSX_Parse(ssl, (byte *) input + i,
+                                                     totalExtSz, 1, &clSuites)))
+                    return ret;
+
+                i += totalExtSz;
+#else
+                while (totalExtSz) {
+                    word16 extId, extSz;
+
+                    if (OPAQUE16_LEN + OPAQUE16_LEN > totalExtSz)
+                        return BUFFER_ERROR;
+
+                    ato16(&input[i], &extId);
+                    i += OPAQUE16_LEN;
+                    ato16(&input[i], &extSz);
+                    i += OPAQUE16_LEN;
+
+                    if (OPAQUE16_LEN + OPAQUE16_LEN + extSz > totalExtSz)
+                        return BUFFER_ERROR;
+
+                    if (extId == HELLO_EXT_SIG_ALGO) {
+                        ato16(&input[i], &clSuites.hashSigAlgoSz);
+                        i += OPAQUE16_LEN;
+
+                        if (OPAQUE16_LEN + clSuites.hashSigAlgoSz > extSz)
+                            return BUFFER_ERROR;
+
+                        XMEMCPY(clSuites.hashSigAlgo, &input[i],
+                            min(clSuites.hashSigAlgoSz, HELLO_EXT_SIGALGO_MAX));
+                        i += clSuites.hashSigAlgoSz;
+
+                        if (clSuites.hashSigAlgoSz > HELLO_EXT_SIGALGO_MAX)
+                            clSuites.hashSigAlgoSz = HELLO_EXT_SIGALGO_MAX;
+                    }
+                    else
+                        i += extSz;
+
+                    totalExtSz -= OPAQUE16_LEN + OPAQUE16_LEN + extSz;
+                }
+#endif
+                *inOutIdx = i;
+            }
+            else
+                *inOutIdx = begin + helloSz; /* skip extensions */
+        }
+
+        ssl->options.clientState   = CLIENT_HELLO_COMPLETE;
+        ssl->options.haveSessionId = 1;
+
+        /* ProcessOld uses same resume code */
+        if (ssl->options.resuming && (!ssl->options.dtls ||
+               ssl->options.acceptState == HELLO_VERIFY_SENT)) { /* let's try */
+            int ret = -1;
+            WOLFSSL_SESSION* session = GetSession(ssl,ssl->arrays->masterSecret);
+
+            if (!session) {
+                WOLFSSL_MSG("Session lookup for resume failed");
+                ssl->options.resuming = 0;
+            }
+            else {
+                if (MatchSuite(ssl, &clSuites) < 0) {
+                    WOLFSSL_MSG("Unsupported cipher suite, ClientHello");
+                    return UNSUPPORTED_SUITE;
+                }
+                #ifdef SESSION_CERTS
+                    ssl->session = *session; /* restore session certs. */
+                #endif
+
+                ret = wc_RNG_GenerateBlock(ssl->rng, ssl->arrays->serverRandom,
+                                                                       RAN_LEN);
+                if (ret != 0)
+                    return ret;
+
+                #ifdef NO_OLD_TLS
+                    ret = DeriveTlsKeys(ssl);
+                #else
+                    #ifndef NO_TLS
+                        if (ssl->options.tls)
+                            ret = DeriveTlsKeys(ssl);
+                    #endif
+                        if (!ssl->options.tls)
+                            ret = DeriveKeys(ssl);
+                #endif
+                ssl->options.clientState = CLIENT_KEYEXCHANGE_COMPLETE;
+
+                return ret;
+            }
+        }
+        return MatchSuite(ssl, &clSuites);
+    }
+
+#if !defined(NO_RSA) || defined(HAVE_ECC)
+    static int DoCertificateVerify(WOLFSSL* ssl, byte* input, word32* inOutIdx,
+                                   word32 size)
+    {
+        word16      sz = 0;
+        int         ret = VERIFY_CERT_ERROR;   /* start in error state */
+        byte        hashAlgo = sha_mac;
+        byte        sigAlgo = anonymous_sa_algo;
+        word32      begin = *inOutIdx;
+
+        #ifdef WOLFSSL_CALLBACKS
+            if (ssl->hsInfoOn)
+                AddPacketName("CertificateVerify", &ssl->handShakeInfo);
+            if (ssl->toInfoOn)
+                AddLateName("CertificateVerify", &ssl->timeoutInfo);
+        #endif
+
+
+        if (IsAtLeastTLSv1_2(ssl)) {
+            if ((*inOutIdx - begin) + ENUM_LEN + ENUM_LEN > size)
+                return BUFFER_ERROR;
+
+            hashAlgo = input[(*inOutIdx)++];
+            sigAlgo  = input[(*inOutIdx)++];
+        }
+
+        if ((*inOutIdx - begin) + OPAQUE16_LEN > size)
+            return BUFFER_ERROR;
+
+        ato16(input + *inOutIdx, &sz);
+        *inOutIdx += OPAQUE16_LEN;
+
+        if ((*inOutIdx - begin) + sz > size || sz > ENCRYPT_LEN)
+            return BUFFER_ERROR;
+
+        /* RSA */
+#ifndef NO_RSA
+        if (ssl->peerRsaKeyPresent != 0) {
+            byte* out       = NULL;
+            int   outLen    = 0;
+            byte  doUserRsa = 0;
+
+            #ifdef HAVE_PK_CALLBACKS
+                if (ssl->ctx->RsaVerifyCb)
+                    doUserRsa = 1;
+            #endif /*HAVE_PK_CALLBACKS */
+
+            WOLFSSL_MSG("Doing RSA peer cert verify");
+
+            if (doUserRsa) {
+            #ifdef HAVE_PK_CALLBACKS
+                outLen = ssl->ctx->RsaVerifyCb(ssl, input + *inOutIdx, sz,
+                                            &out,
+                                            ssl->buffers.peerRsaKey.buffer,
+                                            ssl->buffers.peerRsaKey.length,
+                                            ssl->RsaVerifyCtx);
+            #endif /*HAVE_PK_CALLBACKS */
+            }
+            else {
+                outLen = wc_RsaSSL_VerifyInline(input + *inOutIdx, sz, &out,
+                                                               ssl->peerRsaKey);
+            }
+
+            if (IsAtLeastTLSv1_2(ssl)) {
+#ifdef WOLFSSL_SMALL_STACK
+                byte*  encodedSig = NULL;
+#else
+                byte   encodedSig[MAX_ENCODED_SIG_SZ];
+#endif
+                word32 sigSz;
+                byte*  digest = ssl->certHashes.sha;
+                int    typeH = SHAh;
+                int    digestSz = SHA_DIGEST_SIZE;
+
+#ifdef WOLFSSL_SMALL_STACK
+                encodedSig = (byte*)XMALLOC(MAX_ENCODED_SIG_SZ, NULL,
+                                                       DYNAMIC_TYPE_TMP_BUFFER);
+                if (encodedSig == NULL)
+                    return MEMORY_E;
+#endif
+
+                if (sigAlgo != rsa_sa_algo) {
+                    WOLFSSL_MSG("Oops, peer sent RSA key but not in verify");
+                }
+
+                if (hashAlgo == sha256_mac) {
+                    #ifndef NO_SHA256
+                        digest = ssl->certHashes.sha256;
+                        typeH    = SHA256h;
+                        digestSz = SHA256_DIGEST_SIZE;
+                    #endif
+                }
+                else if (hashAlgo == sha384_mac) {
+                    #ifdef WOLFSSL_SHA384
+                        digest = ssl->certHashes.sha384;
+                        typeH    = SHA384h;
+                        digestSz = SHA384_DIGEST_SIZE;
+                    #endif
+                }
+
+                sigSz = wc_EncodeSignature(encodedSig, digest, digestSz, typeH);
+
+                if (outLen == (int)sigSz && out && XMEMCMP(out, encodedSig,
+                                           min(sigSz, MAX_ENCODED_SIG_SZ)) == 0)
+                    ret = 0; /* verified */
+
+#ifdef WOLFSSL_SMALL_STACK
+                XFREE(encodedSig, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+            }
+            else {
+                if (outLen == FINISHED_SZ && out && XMEMCMP(out,
+                                            &ssl->certHashes, FINISHED_SZ) == 0)
+                    ret = 0; /* verified */
+            }
+        }
+#endif
+#ifdef HAVE_ECC
+        if (ssl->peerEccDsaKeyPresent) {
+            int verify =  0;
+            int err    = -1;
+            byte* digest = ssl->certHashes.sha;
+            word32 digestSz = SHA_DIGEST_SIZE;
+            byte doUserEcc = 0;
+
+            #ifdef HAVE_PK_CALLBACKS
+                if (ssl->ctx->EccVerifyCb)
+                    doUserEcc = 1;
+            #endif
+
+            WOLFSSL_MSG("Doing ECC peer cert verify");
+
+            if (IsAtLeastTLSv1_2(ssl)) {
+                if (sigAlgo != ecc_dsa_sa_algo) {
+                    WOLFSSL_MSG("Oops, peer sent ECC key but not in verify");
+                }
+
+                if (hashAlgo == sha256_mac) {
+                    #ifndef NO_SHA256
+                        digest = ssl->certHashes.sha256;
+                        digestSz = SHA256_DIGEST_SIZE;
+                    #endif
+                }
+                else if (hashAlgo == sha384_mac) {
+                    #ifdef WOLFSSL_SHA384
+                        digest = ssl->certHashes.sha384;
+                        digestSz = SHA384_DIGEST_SIZE;
+                    #endif
+                }
+            }
+
+            if (doUserEcc) {
+            #ifdef HAVE_PK_CALLBACKS
+                ret = ssl->ctx->EccVerifyCb(ssl, input + *inOutIdx, sz, digest,
+                                            digestSz,
+                                            ssl->buffers.peerEccDsaKey.buffer,
+                                            ssl->buffers.peerEccDsaKey.length,
+                                            &verify, ssl->EccVerifyCtx);
+            #endif
+            }
+            else {
+                err = wc_ecc_verify_hash(input + *inOutIdx, sz, digest, digestSz,
+                                                   &verify, ssl->peerEccDsaKey);
+            }
+
+            if (err == 0 && verify == 1)
+               ret = 0; /* verified */
+        }
+#endif
+        *inOutIdx += sz;
+
+        if (ret == 0)
+            ssl->options.havePeerVerify = 1;
+
+        return ret;
+    }
+#endif /* !NO_RSA || HAVE_ECC */
+
+    int SendServerHelloDone(WOLFSSL* ssl)
+    {
+        byte              *output;
+        int                sendSz = RECORD_HEADER_SZ + HANDSHAKE_HEADER_SZ;
+        int                ret;
+
+        #ifdef WOLFSSL_DTLS
+            if (ssl->options.dtls)
+                sendSz += DTLS_RECORD_EXTRA + DTLS_HANDSHAKE_EXTRA;
+        #endif
+        /* check for available size */
+        if ((ret = CheckAvailableSize(ssl, sendSz)) != 0)
+            return ret;
+
+        /* get ouput buffer */
+        output = ssl->buffers.outputBuffer.buffer +
+                 ssl->buffers.outputBuffer.length;
+
+        AddHeaders(output, 0, server_hello_done, ssl);
+
+        #ifdef WOLFSSL_DTLS
+            if (ssl->options.dtls) {
+                if ((ret = DtlsPoolSave(ssl, output, sendSz)) != 0)
+                    return 0;
+            }
+        #endif
+
+        ret = HashOutput(ssl, output, sendSz, 0);
+            if (ret != 0)
+                return ret;
+
+#ifdef WOLFSSL_CALLBACKS
+        if (ssl->hsInfoOn)
+            AddPacketName("ServerHelloDone", &ssl->handShakeInfo);
+        if (ssl->toInfoOn)
+            AddPacketInfo("ServerHelloDone", &ssl->timeoutInfo, output, sendSz,
+                          ssl->heap);
+#endif
+        ssl->options.serverState = SERVER_HELLODONE_COMPLETE;
+
+        ssl->buffers.outputBuffer.length += sendSz;
+
+        return SendBuffered(ssl);
+    }
+
+#ifdef WOLFSSL_DTLS
+    int SendHelloVerifyRequest(WOLFSSL* ssl)
+    {
+        byte* output;
+        byte  cookieSz = COOKIE_SZ;
+        int   length = VERSION_SZ + ENUM_LEN + cookieSz;
+        int   idx    = DTLS_RECORD_HEADER_SZ + DTLS_HANDSHAKE_HEADER_SZ;
+        int   sendSz = length + idx;
+        int   ret;
+
+        /* check for available size */
+        if ((ret = CheckAvailableSize(ssl, sendSz)) != 0)
+            return ret;
+
+        /* get ouput buffer */
+        output = ssl->buffers.outputBuffer.buffer +
+                 ssl->buffers.outputBuffer.length;
+
+        AddHeaders(output, length, hello_verify_request, ssl);
+
+        output[idx++] =  ssl->chVersion.major;
+        output[idx++] =  ssl->chVersion.minor;
+
+        output[idx++] = cookieSz;
+        if (ssl->ctx->CBIOCookie == NULL) {
+            WOLFSSL_MSG("Your Cookie callback is null, please set");
+            return COOKIE_ERROR;
+        }
+        if ((ret = ssl->ctx->CBIOCookie(ssl, output + idx, cookieSz,
+                                        ssl->IOCB_CookieCtx)) < 0)
+            return ret;
+
+        ret = HashOutput(ssl, output, sendSz, 0);
+        if (ret != 0)
+            return ret;
+
+#ifdef WOLFSSL_CALLBACKS
+        if (ssl->hsInfoOn)
+            AddPacketName("HelloVerifyRequest", &ssl->handShakeInfo);
+        if (ssl->toInfoOn)
+            AddPacketInfo("HelloVerifyRequest", &ssl->timeoutInfo, output,
+                          sendSz, ssl->heap);
+#endif
+        ssl->options.serverState = SERVER_HELLOVERIFYREQUEST_COMPLETE;
+
+        ssl->buffers.outputBuffer.length += sendSz;
+
+        return SendBuffered(ssl);
+    }
+#endif
+
+    static int DoClientKeyExchange(WOLFSSL* ssl, byte* input, word32* inOutIdx,
+                                                                    word32 size)
+    {
+        int    ret = 0;
+        word32 length = 0;
+        byte*  out = NULL;
+        word32 begin = *inOutIdx;
+
+        (void)length; /* shut up compiler warnings */
+        (void)out;
+        (void)input;
+        (void)size;
+        (void)begin;
+
+        if (ssl->options.side != WOLFSSL_SERVER_END) {
+            WOLFSSL_MSG("Client received client keyexchange, attack?");
+            WOLFSSL_ERROR(ssl->error = SIDE_ERROR);
+            return SSL_FATAL_ERROR;
+        }
+
+        if (ssl->options.clientState < CLIENT_HELLO_COMPLETE) {
+            WOLFSSL_MSG("Client sending keyexchange at wrong time");
+            SendAlert(ssl, alert_fatal, unexpected_message);
+            return OUT_OF_ORDER_E;
+        }
+
+        #ifndef NO_CERTS
+            if (ssl->options.verifyPeer && ssl->options.failNoCert)
+                if (!ssl->options.havePeerCert) {
+                    WOLFSSL_MSG("client didn't present peer cert");
+                    return NO_PEER_CERT;
+                }
+        #endif
+
+        #ifdef WOLFSSL_CALLBACKS
+            if (ssl->hsInfoOn)
+                AddPacketName("ClientKeyExchange", &ssl->handShakeInfo);
+            if (ssl->toInfoOn)
+                AddLateName("ClientKeyExchange", &ssl->timeoutInfo);
+        #endif
+
+        switch (ssl->specs.kea) {
+        #ifndef NO_RSA
+            case rsa_kea:
+            {
+                word32 idx = 0;
+                RsaKey key;
+                byte   doUserRsa = 0;
+
+                #ifdef HAVE_PK_CALLBACKS
+                    if (ssl->ctx->RsaDecCb)
+                        doUserRsa = 1;
+                #endif
+
+                ret = wc_InitRsaKey(&key, ssl->heap);
+                if (ret != 0) return ret;
+
+                if (ssl->buffers.key.buffer)
+                    ret = wc_RsaPrivateKeyDecode(ssl->buffers.key.buffer, &idx,
+                                             &key, ssl->buffers.key.length);
+                else
+                    return NO_PRIVATE_KEY;
+
+                if (ret == 0) {
+                    length = wc_RsaEncryptSize(&key);
+                    ssl->arrays->preMasterSz = SECRET_LEN;
+
+                    if (ssl->options.tls) {
+                        word16 check;
+
+                        if ((*inOutIdx - begin) + OPAQUE16_LEN > size)
+                            return BUFFER_ERROR;
+
+                        ato16(input + *inOutIdx, &check);
+                        *inOutIdx += OPAQUE16_LEN;
+
+                        if ((word32) check != length) {
+                            WOLFSSL_MSG("RSA explicit size doesn't match");
+                            wc_FreeRsaKey(&key);
+                            return RSA_PRIVATE_ERROR;
+                        }
+                    }
+
+                    if ((*inOutIdx - begin) + length > size) {
+                        WOLFSSL_MSG("RSA message too big");
+                        wc_FreeRsaKey(&key);
+                        return BUFFER_ERROR;
+                    }
+
+                    if (doUserRsa) {
+                        #ifdef HAVE_PK_CALLBACKS
+                            ret = ssl->ctx->RsaDecCb(ssl,
+                                        input + *inOutIdx, length, &out,
+                                        ssl->buffers.key.buffer,
+                                        ssl->buffers.key.length,
+                                        ssl->RsaDecCtx);
+                        #endif
+                    }
+                    else {
+                        ret = wc_RsaPrivateDecryptInline(input + *inOutIdx, length,
+                                                                    &out, &key);
+                    }
+
+                    *inOutIdx += length;
+
+                    if (ret == SECRET_LEN) {
+                        XMEMCPY(ssl->arrays->preMasterSecret, out, SECRET_LEN);
+                        if (ssl->arrays->preMasterSecret[0] !=
+                                                           ssl->chVersion.major
+                            || ssl->arrays->preMasterSecret[1] !=
+                                                           ssl->chVersion.minor)
+                            ret = PMS_VERSION_ERROR;
+                        else
+                            ret = MakeMasterSecret(ssl);
+                    }
+                    else {
+                        ret = RSA_PRIVATE_ERROR;
+                    }
+                }
+
+                wc_FreeRsaKey(&key);
+            }
+            break;
+        #endif
+        #ifndef NO_PSK
+            case psk_kea:
+            {
+                byte* pms = ssl->arrays->preMasterSecret;
+                word16 ci_sz;
+
+                if ((*inOutIdx - begin) + OPAQUE16_LEN > size)
+                    return BUFFER_ERROR;
+
+                ato16(input + *inOutIdx, &ci_sz);
+                *inOutIdx += OPAQUE16_LEN;
+
+                if (ci_sz > MAX_PSK_ID_LEN)
+                    return CLIENT_ID_ERROR;
+
+                if ((*inOutIdx - begin) + ci_sz > size)
+                    return BUFFER_ERROR;
+
+                XMEMCPY(ssl->arrays->client_identity, input + *inOutIdx, ci_sz);
+                *inOutIdx += ci_sz;
+
+                ssl->arrays->client_identity[min(ci_sz, MAX_PSK_ID_LEN-1)] = 0;
+                ssl->arrays->psk_keySz = ssl->options.server_psk_cb(ssl,
+                    ssl->arrays->client_identity, ssl->arrays->psk_key,
+                    MAX_PSK_KEY_LEN);
+
+                if (ssl->arrays->psk_keySz == 0 ||
+                                       ssl->arrays->psk_keySz > MAX_PSK_KEY_LEN)
+                    return PSK_KEY_ERROR;
+
+                /* make psk pre master secret */
+                /* length of key + length 0s + length of key + key */
+                c16toa((word16) ssl->arrays->psk_keySz, pms);
+                pms += OPAQUE16_LEN;
+
+                XMEMSET(pms, 0, ssl->arrays->psk_keySz);
+                pms += ssl->arrays->psk_keySz;
+
+                c16toa((word16) ssl->arrays->psk_keySz, pms);
+                pms += OPAQUE16_LEN;
+
+                XMEMCPY(pms, ssl->arrays->psk_key, ssl->arrays->psk_keySz);
+                ssl->arrays->preMasterSz = ssl->arrays->psk_keySz * 2 + 4;
+
+                ret = MakeMasterSecret(ssl);
+
+                /* No further need for PSK */
+                ForceZero(ssl->arrays->psk_key, ssl->arrays->psk_keySz);
+                ssl->arrays->psk_keySz = 0;
+            }
+            break;
+        #endif /* NO_PSK */
+        #ifdef HAVE_NTRU
+            case ntru_kea:
+            {
+                word16 cipherLen;
+                word16 plainLen = sizeof(ssl->arrays->preMasterSecret);
+
+                if (!ssl->buffers.key.buffer)
+                    return NO_PRIVATE_KEY;
+
+                if ((*inOutIdx - begin) + OPAQUE16_LEN > size)
+                    return BUFFER_ERROR;
+
+                ato16(input + *inOutIdx, &cipherLen);
+                *inOutIdx += OPAQUE16_LEN;
+
+                if (cipherLen > MAX_NTRU_ENCRYPT_SZ)
+                    return NTRU_KEY_ERROR;
+
+                if ((*inOutIdx - begin) + cipherLen > size)
+                    return BUFFER_ERROR;
+
+                if (NTRU_OK != ntru_crypto_ntru_decrypt(
+                            (word16) ssl->buffers.key.length,
+                            ssl->buffers.key.buffer, cipherLen,
+                            input + *inOutIdx, &plainLen,
+                            ssl->arrays->preMasterSecret))
+                    return NTRU_DECRYPT_ERROR;
+
+                if (plainLen != SECRET_LEN)
+                    return NTRU_DECRYPT_ERROR;
+
+                *inOutIdx += cipherLen;
+
+                ssl->arrays->preMasterSz = plainLen;
+                ret = MakeMasterSecret(ssl);
+            }
+            break;
+        #endif /* HAVE_NTRU */
+        #ifdef HAVE_ECC
+            case ecc_diffie_hellman_kea:
+            {
+                if ((*inOutIdx - begin) + OPAQUE8_LEN > size)
+                    return BUFFER_ERROR;
+
+                length = input[(*inOutIdx)++];
+
+                if ((*inOutIdx - begin) + length > size)
+                    return BUFFER_ERROR;
+
+                if (ssl->peerEccKeyPresent) {  /* don't leak on reuse */
+                    wc_ecc_free(ssl->peerEccKey);
+                    ssl->peerEccKeyPresent = 0;
+                    wc_ecc_init(ssl->peerEccKey);
+                }
+
+                if (wc_ecc_import_x963(input + *inOutIdx, length, ssl->peerEccKey))
+                    return ECC_PEERKEY_ERROR;
+
+                *inOutIdx += length;
+                ssl->peerEccKeyPresent = 1;
+
+                length = sizeof(ssl->arrays->preMasterSecret);
+
+                if (ssl->specs.static_ecdh) {
+                    ecc_key staticKey;
+                    word32 i = 0;
+
+                    wc_ecc_init(&staticKey);
+                    ret = wc_EccPrivateKeyDecode(ssl->buffers.key.buffer, &i,
+                                           &staticKey, ssl->buffers.key.length);
+
+                    if (ret == 0)
+                        ret = wc_ecc_shared_secret(&staticKey, ssl->peerEccKey,
+                                         ssl->arrays->preMasterSecret, &length);
+
+                    wc_ecc_free(&staticKey);
+                }
+                else {
+                    if (ssl->eccTempKeyPresent == 0) {
+                        WOLFSSL_MSG("Ecc ephemeral key not made correctly");
+                        ret = ECC_MAKEKEY_ERROR;
+                    } else {
+                        ret = wc_ecc_shared_secret(ssl->eccTempKey,ssl->peerEccKey,
+                                         ssl->arrays->preMasterSecret, &length);
+                    }
+                }
+
+                if (ret != 0)
+                    return ECC_SHARED_ERROR;
+
+                ssl->arrays->preMasterSz = length;
+                ret = MakeMasterSecret(ssl);
+            }
+            break;
+        #endif /* HAVE_ECC */
+        #ifndef NO_DH
+            case diffie_hellman_kea:
+            {
+                word16 clientPubSz;
+                DhKey  dhKey;
+
+                if ((*inOutIdx - begin) + OPAQUE16_LEN > size)
+                    return BUFFER_ERROR;
+
+                ato16(input + *inOutIdx, &clientPubSz);
+                *inOutIdx += OPAQUE16_LEN;
+
+                if ((*inOutIdx - begin) + clientPubSz > size)
+                    return BUFFER_ERROR;
+
+                wc_InitDhKey(&dhKey);
+                ret = wc_DhSetKey(&dhKey, ssl->buffers.serverDH_P.buffer,
+                                       ssl->buffers.serverDH_P.length,
+                                       ssl->buffers.serverDH_G.buffer,
+                                       ssl->buffers.serverDH_G.length);
+                if (ret == 0)
+                    ret = wc_DhAgree(&dhKey, ssl->arrays->preMasterSecret,
+                                         &ssl->arrays->preMasterSz,
+                                          ssl->buffers.serverDH_Priv.buffer,
+                                          ssl->buffers.serverDH_Priv.length,
+                                          input + *inOutIdx, clientPubSz);
+                wc_FreeDhKey(&dhKey);
+
+                *inOutIdx += clientPubSz;
+
+                if (ret == 0)
+                    ret = MakeMasterSecret(ssl);
+            }
+            break;
+        #endif /* NO_DH */
+        #if !defined(NO_DH) && !defined(NO_PSK)
+            case dhe_psk_kea:
+            {
+                byte* pms = ssl->arrays->preMasterSecret;
+                word16 clientSz;
+                DhKey  dhKey;
+
+                /* Read in the PSK hint */
+                if ((*inOutIdx - begin) + OPAQUE16_LEN > size)
+                    return BUFFER_ERROR;
+
+                ato16(input + *inOutIdx, &clientSz);
+                *inOutIdx += OPAQUE16_LEN;
+                if (clientSz > MAX_PSK_ID_LEN)
+                    return CLIENT_ID_ERROR;
+
+                if ((*inOutIdx - begin) + clientSz > size)
+                    return BUFFER_ERROR;
+
+                XMEMCPY(ssl->arrays->client_identity,
+                                                   input + *inOutIdx, clientSz);
+                *inOutIdx += clientSz;
+                ssl->arrays->client_identity[min(clientSz, MAX_PSK_ID_LEN-1)] =
+                                                                              0;
+
+                /* Read in the DHE business */
+                if ((*inOutIdx - begin) + OPAQUE16_LEN > size)
+                    return BUFFER_ERROR;
+
+                ato16(input + *inOutIdx, &clientSz);
+                *inOutIdx += OPAQUE16_LEN;
+
+                if ((*inOutIdx - begin) + clientSz > size)
+                    return BUFFER_ERROR;
+
+                wc_InitDhKey(&dhKey);
+                ret = wc_DhSetKey(&dhKey, ssl->buffers.serverDH_P.buffer,
+                                       ssl->buffers.serverDH_P.length,
+                                       ssl->buffers.serverDH_G.buffer,
+                                       ssl->buffers.serverDH_G.length);
+                if (ret == 0)
+                    ret = wc_DhAgree(&dhKey, pms + OPAQUE16_LEN,
+                                          &ssl->arrays->preMasterSz,
+                                          ssl->buffers.serverDH_Priv.buffer,
+                                          ssl->buffers.serverDH_Priv.length,
+                                          input + *inOutIdx, clientSz);
+                wc_FreeDhKey(&dhKey);
+
+                *inOutIdx += clientSz;
+                c16toa((word16)ssl->arrays->preMasterSz, pms);
+                ssl->arrays->preMasterSz += OPAQUE16_LEN;
+                pms += ssl->arrays->preMasterSz;
+
+                /* Use the PSK hint to look up the PSK and add it to the
+                 * preMasterSecret here. */
+                ssl->arrays->psk_keySz = ssl->options.server_psk_cb(ssl,
+                    ssl->arrays->client_identity, ssl->arrays->psk_key,
+                    MAX_PSK_KEY_LEN);
+
+                if (ssl->arrays->psk_keySz == 0 ||
+                                       ssl->arrays->psk_keySz > MAX_PSK_KEY_LEN)
+                    return PSK_KEY_ERROR;
+
+                c16toa((word16) ssl->arrays->psk_keySz, pms);
+                pms += OPAQUE16_LEN;
+
+                XMEMCPY(pms, ssl->arrays->psk_key, ssl->arrays->psk_keySz);
+                ssl->arrays->preMasterSz +=
+                                          ssl->arrays->psk_keySz + OPAQUE16_LEN;
+                if (ret == 0)
+                    ret = MakeMasterSecret(ssl);
+
+                /* No further need for PSK */
+                ForceZero(ssl->arrays->psk_key, ssl->arrays->psk_keySz);
+                ssl->arrays->psk_keySz = 0;
+            }
+            break;
+        #endif /* !NO_DH && !NO_PSK */
+            default:
+            {
+                WOLFSSL_MSG("Bad kea type");
+                ret = BAD_KEA_TYPE_E;
+            }
+            break;
+        }
+
+        /* No further need for PMS */
+        ForceZero(ssl->arrays->preMasterSecret, ssl->arrays->preMasterSz);
+        ssl->arrays->preMasterSz = 0;
+
+        if (ret == 0) {
+            ssl->options.clientState = CLIENT_KEYEXCHANGE_COMPLETE;
+            #ifndef NO_CERTS
+                if (ssl->options.verifyPeer)
+                    ret = BuildCertHashes(ssl, &ssl->certHashes);
+            #endif
+        }
+
+        return ret;
+    }
+
+#endif /* NO_WOLFSSL_SERVER */
diff --git a/3P/wolfssl/src/io.c b/3P/wolfssl/src/io.c
new file mode 100644
index 00000000..c5fdcd81
--- /dev/null
+++ b/3P/wolfssl/src/io.c
@@ -0,0 +1,1141 @@
+/* io.c
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#ifdef HAVE_CONFIG_H
+    #include 
+#endif
+
+#include 
+
+#ifdef _WIN32_WCE
+    /* On WinCE winsock2.h must be included before windows.h for socket stuff */
+    #include 
+#endif
+
+#include 
+#include 
+
+
+/* if user writes own I/O callbacks they can define WOLFSSL_USER_IO to remove
+   automatic setting of default I/O functions EmbedSend() and EmbedReceive()
+   but they'll still need SetCallback xxx() at end of file 
+*/
+#ifndef WOLFSSL_USER_IO
+
+#ifdef HAVE_LIBZ
+    #include "zlib.h"
+#endif
+
+#ifndef USE_WINDOWS_API
+    #ifdef WOLFSSL_LWIP
+        /* lwIP needs to be configured to use sockets API in this mode */
+        /* LWIP_SOCKET 1 in lwip/opt.h or in build */
+        #include "lwip/sockets.h"
+        #include 
+        #ifndef LWIP_PROVIDE_ERRNO
+            #define LWIP_PROVIDE_ERRNO 1
+        #endif
+    #elif defined(FREESCALE_MQX)
+        #include 
+        #include 
+    #elif defined(WOLFSSL_MDK_ARM)
+        #if defined(WOLFSSL_MDK5)
+            #include "cmsis_os.h"
+            #include "rl_fs.h" 
+            #include "rl_net.h" 
+        #else
+            #include 
+        #endif
+        #undef RNG
+        #include "WOLFSSL_MDK_ARM.h"
+        #undef RNG
+        #define RNG wolfSSL_RNG 
+        /* for avoiding name conflict in "stm32f2xx.h" */
+        static int errno;
+    #elif defined(WOLFSSL_TIRTOS)
+        #include 
+    #elif defined(WOLFSSL_IAR_ARM)
+        /* nothing */
+    #else
+        #include 
+        #include 
+        #ifndef EBSNET
+            #include 
+        #endif
+        #include 
+        #if !(defined(DEVKITPRO) || defined(HAVE_RTP_SYS) || defined(EBSNET)) \
+            || defined(WOLFSSL_PICOTCP)
+            #include 
+            #include 
+            #include 
+            #include 
+            #ifdef __PPU
+                #include 
+            #else
+                #include 
+            #endif
+        #endif
+        #ifdef HAVE_RTP_SYS
+            #include 
+        #endif
+        #ifdef EBSNET
+            #include "rtipapi.h"  /* errno */
+            #include "socket.h"
+        #endif
+    #endif
+#endif /* USE_WINDOWS_API */
+
+#ifdef __sun
+    #include 
+#endif
+
+#ifdef USE_WINDOWS_API 
+    /* no epipe yet */
+    #ifndef WSAEPIPE
+        #define WSAEPIPE       -12345
+    #endif
+    #define SOCKET_EWOULDBLOCK WSAEWOULDBLOCK
+    #define SOCKET_EAGAIN      WSAETIMEDOUT
+    #define SOCKET_ECONNRESET  WSAECONNRESET
+    #define SOCKET_EINTR       WSAEINTR
+    #define SOCKET_EPIPE       WSAEPIPE
+    #define SOCKET_ECONNREFUSED WSAENOTCONN
+    #define SOCKET_ECONNABORTED WSAECONNABORTED
+    #define close(s) closesocket(s)
+#elif defined(__PPU)
+    #define SOCKET_EWOULDBLOCK SYS_NET_EWOULDBLOCK
+    #define SOCKET_EAGAIN      SYS_NET_EAGAIN
+    #define SOCKET_ECONNRESET  SYS_NET_ECONNRESET
+    #define SOCKET_EINTR       SYS_NET_EINTR
+    #define SOCKET_EPIPE       SYS_NET_EPIPE
+    #define SOCKET_ECONNREFUSED SYS_NET_ECONNREFUSED
+    #define SOCKET_ECONNABORTED SYS_NET_ECONNABORTED
+#elif defined(FREESCALE_MQX)
+    /* RTCS doesn't have an EWOULDBLOCK error */
+    #define SOCKET_EWOULDBLOCK EAGAIN
+    #define SOCKET_EAGAIN      EAGAIN
+    #define SOCKET_ECONNRESET  RTCSERR_TCP_CONN_RESET
+    #define SOCKET_EINTR       EINTR
+    #define SOCKET_EPIPE       EPIPE
+    #define SOCKET_ECONNREFUSED RTCSERR_TCP_CONN_REFUSED
+    #define SOCKET_ECONNABORTED RTCSERR_TCP_CONN_ABORTED
+#elif defined(WOLFSSL_MDK_ARM)
+    #if defined(WOLFSSL_MDK5)
+        #define SOCKET_EWOULDBLOCK BSD_ERROR_WOULDBLOCK
+        #define SOCKET_EAGAIN      BSD_ERROR_LOCKED
+        #define SOCKET_ECONNRESET  BSD_ERROR_CLOSED
+        #define SOCKET_EINTR       BSD_ERROR
+        #define SOCKET_EPIPE       BSD_ERROR
+        #define SOCKET_ECONNREFUSED BSD_ERROR
+        #define SOCKET_ECONNABORTED BSD_ERROR
+    #else
+        #define SOCKET_EWOULDBLOCK SCK_EWOULDBLOCK
+        #define SOCKET_EAGAIN      SCK_ELOCKED
+        #define SOCKET_ECONNRESET  SCK_ECLOSED
+        #define SOCKET_EINTR       SCK_ERROR
+        #define SOCKET_EPIPE       SCK_ERROR
+        #define SOCKET_ECONNREFUSED SCK_ERROR
+        #define SOCKET_ECONNABORTED SCK_ERROR
+    #endif
+#elif defined(WOLFSSL_PICOTCP)
+    #define SOCKET_EWOULDBLOCK  PICO_ERR_EAGAIN
+    #define SOCKET_EAGAIN       PICO_ERR_EAGAIN
+    #define SOCKET_ECONNRESET   PICO_ERR_ECONNRESET
+    #define SOCKET_EINTR        PICO_ERR_EINTR
+    #define SOCKET_EPIPE        PICO_ERR_EIO
+    #define SOCKET_ECONNREFUSED PICO_ERR_ECONNREFUSED
+    #define SOCKET_ECONNABORTED PICO_ERR_ESHUTDOWN
+#else
+    #define SOCKET_EWOULDBLOCK EWOULDBLOCK
+    #define SOCKET_EAGAIN      EAGAIN
+    #define SOCKET_ECONNRESET  ECONNRESET
+    #define SOCKET_EINTR       EINTR
+    #define SOCKET_EPIPE       EPIPE
+    #define SOCKET_ECONNREFUSED ECONNREFUSED
+    #define SOCKET_ECONNABORTED ECONNABORTED
+#endif /* USE_WINDOWS_API */
+
+
+#ifdef DEVKITPRO
+    /* from network.h */
+    int net_send(int, const void*, int, unsigned int);
+    int net_recv(int, void*, int, unsigned int);
+    #define SEND_FUNCTION net_send
+    #define RECV_FUNCTION net_recv
+#elif defined(WOLFSSL_LWIP)
+    #define SEND_FUNCTION lwip_send
+    #define RECV_FUNCTION lwip_recv
+#elif defined(WOLFSSL_PICOTCP)
+    #define SEND_FUNCTION pico_send
+    #define RECV_FUNCTION pico_recv
+#else
+    #define SEND_FUNCTION send
+    #define RECV_FUNCTION recv
+#endif
+
+
+/* Translates return codes returned from 
+ * send() and recv() if need be. 
+ */
+static INLINE int TranslateReturnCode(int old, int sd)
+{
+    (void)sd;
+
+#ifdef FREESCALE_MQX
+    if (old == 0) {
+        errno = SOCKET_EWOULDBLOCK;
+        return -1;  /* convert to BSD style wouldblock as error */
+    }
+
+    if (old < 0) {
+        errno = RTCS_geterror(sd);
+        if (errno == RTCSERR_TCP_CONN_CLOSING)
+            return 0;   /* convert to BSD style closing */
+    }
+#endif
+
+    return old;
+}
+
+static INLINE int LastError(void)
+{
+#ifdef USE_WINDOWS_API 
+    return WSAGetLastError();
+#elif defined(EBSNET)
+    return xn_getlasterror();
+#else
+    return errno;
+#endif
+}
+
+/* The receive embedded callback
+ *  return : nb bytes read, or error
+ */
+int EmbedReceive(WOLFSSL *ssl, char *buf, int sz, void *ctx)
+{
+    int recvd;
+    int err;
+    int sd = *(int*)ctx;
+
+#ifdef WOLFSSL_DTLS
+    {
+        int dtls_timeout = wolfSSL_dtls_get_current_timeout(ssl);
+        if (wolfSSL_dtls(ssl)
+                     && !wolfSSL_get_using_nonblock(ssl)
+                     && dtls_timeout != 0) {
+            #ifdef USE_WINDOWS_API
+                DWORD timeout = dtls_timeout * 1000;
+            #else
+                struct timeval timeout;
+                XMEMSET(&timeout, 0, sizeof(timeout));
+                timeout.tv_sec = dtls_timeout;
+            #endif
+            if (setsockopt(sd, SOL_SOCKET, SO_RCVTIMEO, (char*)&timeout,
+                           sizeof(timeout)) != 0) {
+                WOLFSSL_MSG("setsockopt rcvtimeo failed");
+            }
+        }
+    }
+#endif
+
+    recvd = (int)RECV_FUNCTION(sd, buf, sz, ssl->rflags);
+
+    recvd = TranslateReturnCode(recvd, sd);
+
+    if (recvd < 0) {
+        err = LastError();
+        WOLFSSL_MSG("Embed Receive error");
+
+        if (err == SOCKET_EWOULDBLOCK || err == SOCKET_EAGAIN) {
+            if (!wolfSSL_dtls(ssl) || wolfSSL_get_using_nonblock(ssl)) {
+                WOLFSSL_MSG("    Would block");
+                return WOLFSSL_CBIO_ERR_WANT_READ;
+            }
+            else {
+                WOLFSSL_MSG("    Socket timeout");
+                return WOLFSSL_CBIO_ERR_TIMEOUT;
+            }
+        }
+        else if (err == SOCKET_ECONNRESET) {
+            WOLFSSL_MSG("    Connection reset");
+            return WOLFSSL_CBIO_ERR_CONN_RST;
+        }
+        else if (err == SOCKET_EINTR) {
+            WOLFSSL_MSG("    Socket interrupted");
+            return WOLFSSL_CBIO_ERR_ISR;
+        }
+        else if (err == SOCKET_ECONNREFUSED) {
+            WOLFSSL_MSG("    Connection refused");
+            return WOLFSSL_CBIO_ERR_WANT_READ;
+        }
+        else if (err == SOCKET_ECONNABORTED) {
+            WOLFSSL_MSG("    Connection aborted");
+            return WOLFSSL_CBIO_ERR_CONN_CLOSE;
+        }
+        else {
+            WOLFSSL_MSG("    General error");
+            return WOLFSSL_CBIO_ERR_GENERAL;
+        }
+    }
+    else if (recvd == 0) {
+        WOLFSSL_MSG("Embed receive connection closed");
+        return WOLFSSL_CBIO_ERR_CONN_CLOSE;
+    }
+
+    return recvd;
+}
+
+/* The send embedded callback
+ *  return : nb bytes sent, or error
+ */
+int EmbedSend(WOLFSSL* ssl, char *buf, int sz, void *ctx)
+{
+    int sd = *(int*)ctx;
+    int sent;
+    int len = sz;
+    int err;
+
+    sent = (int)SEND_FUNCTION(sd, &buf[sz - len], len, ssl->wflags);
+
+    if (sent < 0) {
+        err = LastError();
+        WOLFSSL_MSG("Embed Send error");
+
+        if (err == SOCKET_EWOULDBLOCK || err == SOCKET_EAGAIN) {
+            WOLFSSL_MSG("    Would Block");
+            return WOLFSSL_CBIO_ERR_WANT_WRITE;
+        }
+        else if (err == SOCKET_ECONNRESET) {
+            WOLFSSL_MSG("    Connection reset");
+            return WOLFSSL_CBIO_ERR_CONN_RST;
+        }
+        else if (err == SOCKET_EINTR) {
+            WOLFSSL_MSG("    Socket interrupted");
+            return WOLFSSL_CBIO_ERR_ISR;
+        }
+        else if (err == SOCKET_EPIPE) {
+            WOLFSSL_MSG("    Socket EPIPE");
+            return WOLFSSL_CBIO_ERR_CONN_CLOSE;
+        }
+        else {
+            WOLFSSL_MSG("    General error");
+            return WOLFSSL_CBIO_ERR_GENERAL;
+        }
+    }
+ 
+    return sent;
+}
+
+
+#ifdef WOLFSSL_DTLS
+
+#include 
+
+#ifdef USE_WINDOWS_API
+   #define XSOCKLENT int
+#else
+   #define XSOCKLENT socklen_t
+#endif
+
+#define SENDTO_FUNCTION sendto
+#define RECVFROM_FUNCTION recvfrom
+
+
+/* The receive embedded callback
+ *  return : nb bytes read, or error
+ */
+int EmbedReceiveFrom(WOLFSSL *ssl, char *buf, int sz, void *ctx)
+{
+    WOLFSSL_DTLS_CTX* dtlsCtx = (WOLFSSL_DTLS_CTX*)ctx;
+    int recvd;
+    int err;
+    int sd = dtlsCtx->fd;
+    int dtls_timeout = wolfSSL_dtls_get_current_timeout(ssl);
+    struct sockaddr_storage peer;
+    XSOCKLENT peerSz = sizeof(peer);
+
+    WOLFSSL_ENTER("EmbedReceiveFrom()");
+
+    if (!wolfSSL_get_using_nonblock(ssl) && dtls_timeout != 0) {
+        #ifdef USE_WINDOWS_API
+            DWORD timeout = dtls_timeout * 1000;
+        #else
+            struct timeval timeout;
+            XMEMSET(&timeout, 0, sizeof(timeout));
+            timeout.tv_sec = dtls_timeout;
+        #endif
+        if (setsockopt(sd, SOL_SOCKET, SO_RCVTIMEO, (char*)&timeout,
+                       sizeof(timeout)) != 0) {
+                WOLFSSL_MSG("setsockopt rcvtimeo failed");
+        }
+    }
+
+    recvd = (int)RECVFROM_FUNCTION(sd, buf, sz, ssl->rflags,
+                                  (struct sockaddr*)&peer, &peerSz);
+
+    recvd = TranslateReturnCode(recvd, sd);
+
+    if (recvd < 0) {
+        err = LastError();
+        WOLFSSL_MSG("Embed Receive From error");
+
+        if (err == SOCKET_EWOULDBLOCK || err == SOCKET_EAGAIN) {
+            if (wolfSSL_get_using_nonblock(ssl)) {
+                WOLFSSL_MSG("    Would block");
+                return WOLFSSL_CBIO_ERR_WANT_READ;
+            }
+            else {
+                WOLFSSL_MSG("    Socket timeout");
+                return WOLFSSL_CBIO_ERR_TIMEOUT;
+            }
+        }
+        else if (err == SOCKET_ECONNRESET) {
+            WOLFSSL_MSG("    Connection reset");
+            return WOLFSSL_CBIO_ERR_CONN_RST;
+        }
+        else if (err == SOCKET_EINTR) {
+            WOLFSSL_MSG("    Socket interrupted");
+            return WOLFSSL_CBIO_ERR_ISR;
+        }
+        else if (err == SOCKET_ECONNREFUSED) {
+            WOLFSSL_MSG("    Connection refused");
+            return WOLFSSL_CBIO_ERR_WANT_READ;
+        }
+        else {
+            WOLFSSL_MSG("    General error");
+            return WOLFSSL_CBIO_ERR_GENERAL;
+        }
+    }
+    else {
+        if (dtlsCtx->peer.sz > 0
+                && peerSz != (XSOCKLENT)dtlsCtx->peer.sz
+                && memcmp(&peer, dtlsCtx->peer.sa, peerSz) != 0) {
+            WOLFSSL_MSG("    Ignored packet from invalid peer");
+            return WOLFSSL_CBIO_ERR_WANT_READ;
+        }
+    }
+
+    return recvd;
+}
+
+
+/* The send embedded callback
+ *  return : nb bytes sent, or error
+ */
+int EmbedSendTo(WOLFSSL* ssl, char *buf, int sz, void *ctx)
+{
+    WOLFSSL_DTLS_CTX* dtlsCtx = (WOLFSSL_DTLS_CTX*)ctx;
+    int sd = dtlsCtx->fd;
+    int sent;
+    int len = sz;
+    int err;
+
+    WOLFSSL_ENTER("EmbedSendTo()");
+
+    sent = (int)SENDTO_FUNCTION(sd, &buf[sz - len], len, ssl->wflags,
+                                (const struct sockaddr*)dtlsCtx->peer.sa,
+                                dtlsCtx->peer.sz);
+    if (sent < 0) {
+        err = LastError();
+        WOLFSSL_MSG("Embed Send To error");
+
+        if (err == SOCKET_EWOULDBLOCK || err == SOCKET_EAGAIN) {
+            WOLFSSL_MSG("    Would Block");
+            return WOLFSSL_CBIO_ERR_WANT_WRITE;
+        }
+        else if (err == SOCKET_ECONNRESET) {
+            WOLFSSL_MSG("    Connection reset");
+            return WOLFSSL_CBIO_ERR_CONN_RST;
+        }
+        else if (err == SOCKET_EINTR) {
+            WOLFSSL_MSG("    Socket interrupted");
+            return WOLFSSL_CBIO_ERR_ISR;
+        }
+        else if (err == SOCKET_EPIPE) {
+            WOLFSSL_MSG("    Socket EPIPE");
+            return WOLFSSL_CBIO_ERR_CONN_CLOSE;
+        }
+        else {
+            WOLFSSL_MSG("    General error");
+            return WOLFSSL_CBIO_ERR_GENERAL;
+        }
+    }
+ 
+    return sent;
+}
+
+
+/* The DTLS Generate Cookie callback
+ *  return : number of bytes copied into buf, or error
+ */
+int EmbedGenerateCookie(WOLFSSL* ssl, byte *buf, int sz, void *ctx)
+{
+    int sd = ssl->wfd;
+    struct sockaddr_storage peer;
+    XSOCKLENT peerSz = sizeof(peer);
+    byte digest[SHA_DIGEST_SIZE];
+    int  ret = 0;
+
+    (void)ctx;
+
+    XMEMSET(&peer, 0, sizeof(peer));
+    if (getpeername(sd, (struct sockaddr*)&peer, &peerSz) != 0) {
+        WOLFSSL_MSG("getpeername failed in EmbedGenerateCookie");
+        return GEN_COOKIE_E;
+    }
+
+    ret = wc_ShaHash((byte*)&peer, peerSz, digest);
+    if (ret != 0)
+        return ret;
+
+    if (sz > SHA_DIGEST_SIZE)
+        sz = SHA_DIGEST_SIZE;
+    XMEMCPY(buf, digest, sz);
+
+    return sz;
+}
+
+#endif /* WOLFSSL_DTLS */
+
+#ifdef HAVE_OCSP
+
+
+static int Word16ToString(char* d, word16 number)
+{
+    int i = 0;
+
+    if (d != NULL) {
+        word16 order = 10000;
+        word16 digit;
+
+        if (number == 0) {
+            d[i++] = '0';
+        }
+        else {
+            while (order) {
+                digit = number / order;
+                if (i > 0 || digit != 0) {
+                    d[i++] = (char)digit + '0';
+                }
+                if (digit != 0)
+                    number %= digit * order;
+                if (order > 1)
+                    order /= 10;
+                else
+                    order = 0;
+            }
+        }
+        d[i] = 0;
+    }
+
+    return i;
+}
+
+
+static int tcp_connect(SOCKET_T* sockfd, const char* ip, word16 port)
+{
+    struct sockaddr_storage addr;
+    int sockaddr_len = sizeof(struct sockaddr_in);
+    XMEMSET(&addr, 0, sizeof(addr));
+
+    #ifdef HAVE_GETADDRINFO
+    {
+        struct addrinfo hints;
+        struct addrinfo* answer = NULL;
+        char strPort[6];
+
+        XMEMSET(&hints, 0, sizeof(hints));
+        hints.ai_family = AF_UNSPEC;
+        hints.ai_socktype = SOCK_STREAM;
+        hints.ai_protocol = IPPROTO_TCP;
+
+        if (Word16ToString(strPort, port) == 0) {
+            WOLFSSL_MSG("invalid port number for OCSP responder");
+            return -1;
+        }
+
+        if (getaddrinfo(ip, strPort, &hints, &answer) < 0 || answer == NULL) {
+            WOLFSSL_MSG("no addr info for OCSP responder");
+            return -1;
+        }
+
+        sockaddr_len = answer->ai_addrlen;
+        XMEMCPY(&addr, answer->ai_addr, sockaddr_len);
+        freeaddrinfo(answer);
+
+    }
+    #else /* HAVE_GETADDRINFO */
+    {
+        struct hostent* entry = gethostbyname(ip);
+        struct sockaddr_in *sin = (struct sockaddr_in *)&addr;
+
+        if (entry) {
+            sin->sin_family = AF_INET;
+            sin->sin_port = htons(port);
+            XMEMCPY(&sin->sin_addr.s_addr, entry->h_addr_list[0],
+                                                               entry->h_length);
+        }
+        else {
+            WOLFSSL_MSG("no addr info for OCSP responder");
+            return -1;
+        }
+    }
+    #endif /* HAVE_GETADDRINFO */
+
+    *sockfd = socket(addr.ss_family, SOCK_STREAM, 0);
+
+#ifdef USE_WINDOWS_API
+    if (*sockfd == INVALID_SOCKET) {
+        WOLFSSL_MSG("bad socket fd, out of fds?");
+        return -1;
+    }
+#else
+     if (*sockfd < 0) {
+         WOLFSSL_MSG("bad socket fd, out of fds?");
+         return -1;
+     }
+#endif
+
+    if (connect(*sockfd, (struct sockaddr *)&addr, sockaddr_len) != 0) {
+        WOLFSSL_MSG("OCSP responder tcp connect failed");
+        return -1;
+    }
+
+    return 0;
+}
+
+
+static int build_http_request(const char* domainName, const char* path,
+                                    int ocspReqSz, byte* buf, int bufSize)
+{
+    word32 domainNameLen, pathLen, ocspReqSzStrLen, completeLen;
+    char ocspReqSzStr[6];
+
+    domainNameLen = (word32)XSTRLEN(domainName);
+    pathLen = (word32)XSTRLEN(path);
+    ocspReqSzStrLen = Word16ToString(ocspReqSzStr, (word16)ocspReqSz);
+
+    completeLen = domainNameLen + pathLen + ocspReqSzStrLen + 84;
+    if (completeLen > (word32)bufSize)
+        return 0;
+
+    XSTRNCPY((char*)buf, "POST ", 5);
+    buf += 5;
+    XSTRNCPY((char*)buf, path, pathLen);
+    buf += pathLen;
+    XSTRNCPY((char*)buf, " HTTP/1.1\r\nHost: ", 17);
+    buf += 17;
+    XSTRNCPY((char*)buf, domainName, domainNameLen);
+    buf += domainNameLen;
+    XSTRNCPY((char*)buf, "\r\nContent-Length: ", 18);
+    buf += 18;
+    XSTRNCPY((char*)buf, ocspReqSzStr, ocspReqSzStrLen);
+    buf += ocspReqSzStrLen;
+    XSTRNCPY((char*)buf,
+                      "\r\nContent-Type: application/ocsp-request\r\n\r\n", 44);
+
+    return completeLen;
+}
+
+
+static int decode_url(const char* url, int urlSz,
+    char* outName, char* outPath, word16* outPort)
+{
+    int result = -1;
+
+    if (outName != NULL && outPath != NULL && outPort != NULL)
+    {
+        if (url == NULL || urlSz == 0)
+        {
+            *outName = 0;
+            *outPath = 0;
+            *outPort = 0;
+        }
+        else
+        {
+            int i, cur;
+    
+            /* need to break the url down into scheme, address, and port */
+            /*     "http://example.com:8080/" */
+            /*     "http://[::1]:443/"        */
+            if (XSTRNCMP(url, "http://", 7) == 0) {
+                cur = 7;
+            } else cur = 0;
+    
+            i = 0;
+            if (url[cur] == '[') {
+                cur++;
+                /* copy until ']' */
+                while (url[cur] != 0 && url[cur] != ']' && cur < urlSz) {
+                    outName[i++] = url[cur++];
+                }
+                cur++; /* skip ']' */
+            }
+            else {
+                while (url[cur] != 0 && url[cur] != ':' &&
+                                               url[cur] != '/' && cur < urlSz) {
+                    outName[i++] = url[cur++];
+                }
+            }
+            outName[i] = 0;
+            /* Need to pick out the path after the domain name */
+    
+            if (cur < urlSz && url[cur] == ':') {
+                char port[6];
+                int j;
+                word32 bigPort = 0;
+                i = 0;
+                cur++;
+                while (cur < urlSz && url[cur] != 0 && url[cur] != '/' &&
+                        i < 6) {
+                    port[i++] = url[cur++];
+                }
+    
+                for (j = 0; j < i; j++) {
+                    if (port[j] < '0' || port[j] > '9') return -1;
+                    bigPort = (bigPort * 10) + (port[j] - '0');
+                }
+                *outPort = (word16)bigPort;
+            }
+            else
+                *outPort = 80;
+    
+            if (cur < urlSz && url[cur] == '/') {
+                i = 0;
+                while (cur < urlSz && url[cur] != 0 && i < 80) {
+                    outPath[i++] = url[cur++];
+                }
+                outPath[i] = 0;
+            }
+            else {
+                outPath[0] = '/';
+                outPath[1] = 0;
+            }
+            result = 0;
+        }
+    }
+
+    return result;
+}
+
+
+/* return: >0 OCSP Response Size
+ *         -1 error */
+static int process_http_response(int sfd, byte** respBuf,
+                                                  byte* httpBuf, int httpBufSz)
+{
+    int result;
+    int len = 0;
+    char *start, *end;
+    byte *recvBuf = NULL;
+    int recvBufSz = 0;
+    enum phr_state { phr_init, phr_http_start, phr_have_length,
+                     phr_have_type, phr_wait_end, phr_http_end
+    } state = phr_init;
+
+    start = end = NULL;
+    do {
+        if (end == NULL) {
+            result = (int)recv(sfd, (char*)httpBuf+len, httpBufSz-len-1, 0);
+            if (result > 0) {
+                len += result;
+                start = (char*)httpBuf;
+                start[len] = 0;
+            }
+            else {
+                WOLFSSL_MSG("process_http_response recv http from peer failed");
+                return -1;
+            }
+        }
+        end = XSTRSTR(start, "\r\n");
+
+        if (end == NULL) {
+            if (len != 0)
+                XMEMMOVE(httpBuf, start, len);
+            start = end = NULL;
+        }
+        else if (end == start) {
+            if (state == phr_wait_end) {
+                state = phr_http_end;
+                len -= 2;
+                start += 2;
+             }
+             else {
+                WOLFSSL_MSG("process_http_response header ended early");
+                return -1;
+             }
+        }
+        else {
+            *end = 0;
+            len -= (int)(end - start) + 2;
+                /* adjust len to remove the first line including the /r/n */
+
+            if (XSTRNCASECMP(start, "HTTP/1", 6) == 0) {
+                start += 9;
+                if (XSTRNCASECMP(start, "200 OK", 6) != 0 ||
+                                                           state != phr_init) {
+                    WOLFSSL_MSG("process_http_response not OK");
+                    return -1;
+                }
+                state = phr_http_start;
+            }
+            else if (XSTRNCASECMP(start, "Content-Type:", 13) == 0) {
+                start += 13;
+                while (*start == ' ' && *start != '\0') start++;
+                if (XSTRNCASECMP(start, "application/ocsp-response", 25) != 0) {
+                    WOLFSSL_MSG("process_http_response not ocsp-response");
+                    return -1;
+                }
+                
+                if (state == phr_http_start) state = phr_have_type;
+                else if (state == phr_have_length) state = phr_wait_end;
+                else {
+                    WOLFSSL_MSG("process_http_response type invalid state");
+                    return -1;
+                }
+            }
+            else if (XSTRNCASECMP(start, "Content-Length:", 15) == 0) {
+                start += 15;
+                while (*start == ' ' && *start != '\0') start++;
+                recvBufSz = atoi(start);
+
+                if (state == phr_http_start) state = phr_have_length;
+                else if (state == phr_have_type) state = phr_wait_end;
+                else {
+                    WOLFSSL_MSG("process_http_response length invalid state");
+                    return -1;
+                }
+            }
+            
+            start = end + 2;
+        }
+    } while (state != phr_http_end);
+
+    recvBuf = (byte*)XMALLOC(recvBufSz, NULL, DYNAMIC_TYPE_IN_BUFFER);
+    if (recvBuf == NULL) {
+        WOLFSSL_MSG("process_http_response couldn't create response buffer");
+        return -1;
+    }
+
+    /* copy the remainder of the httpBuf into the respBuf */
+    if (len != 0)
+        XMEMCPY(recvBuf, start, len);
+
+    /* receive the OCSP response data */
+    do {
+        result = (int)recv(sfd, (char*)recvBuf+len, recvBufSz-len, 0);
+        if (result > 0)
+            len += result;
+        else {
+            WOLFSSL_MSG("process_http_response recv ocsp from peer failed");
+            return -1;
+        }
+    } while (len != recvBufSz);
+
+    *respBuf = recvBuf;
+    return recvBufSz;
+}
+
+
+#define SCRATCH_BUFFER_SIZE 512
+
+int EmbedOcspLookup(void* ctx, const char* url, int urlSz,
+                        byte* ocspReqBuf, int ocspReqSz, byte** ocspRespBuf)
+{
+    SOCKET_T sfd = 0;
+    word16   port;
+    int      ret = -1;
+#ifdef WOLFSSL_SMALL_STACK
+    char*    path;
+    char*    domainName;
+#else
+    char     path[80];
+    char     domainName[80];
+#endif
+
+#ifdef WOLFSSL_SMALL_STACK
+    path = (char*)XMALLOC(80, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    if (path == NULL)
+        return -1;
+    
+    domainName = (char*)XMALLOC(80, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    if (domainName == NULL) {
+        XFREE(path, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        return -1;
+    }
+#endif
+
+    (void)ctx;
+
+    if (ocspReqBuf == NULL || ocspReqSz == 0) {
+        WOLFSSL_MSG("OCSP request is required for lookup");
+    }
+    else if (ocspRespBuf == NULL) {
+        WOLFSSL_MSG("Cannot save OCSP response");
+    }
+    else if (decode_url(url, urlSz, domainName, path, &port) < 0) {
+        WOLFSSL_MSG("Unable to decode OCSP URL");
+    }
+    else {
+        /* Note, the library uses the EmbedOcspRespFree() callback to
+         * free this buffer. */
+        int   httpBufSz = SCRATCH_BUFFER_SIZE;
+        byte* httpBuf   = (byte*)XMALLOC(httpBufSz, NULL, 
+                                                        DYNAMIC_TYPE_IN_BUFFER);
+
+        if (httpBuf == NULL) {
+            WOLFSSL_MSG("Unable to create OCSP response buffer");
+        }
+        else {
+            httpBufSz = build_http_request(domainName, path, ocspReqSz,
+                                                            httpBuf, httpBufSz);
+
+            if ((tcp_connect(&sfd, domainName, port) != 0) || (sfd <= 0)) {
+                WOLFSSL_MSG("OCSP Responder connection failed");
+            }
+            else if ((int)send(sfd, (char*)httpBuf, httpBufSz, 0) !=
+                                                                    httpBufSz) {
+                WOLFSSL_MSG("OCSP http request failed");
+            }
+            else if ((int)send(sfd, (char*)ocspReqBuf, ocspReqSz, 0) !=
+                                                                    ocspReqSz) {
+                WOLFSSL_MSG("OCSP ocsp request failed");
+            }
+            else {
+                ret = process_http_response(sfd, ocspRespBuf, httpBuf,
+                                                           SCRATCH_BUFFER_SIZE);
+            }
+
+            close(sfd);
+            XFREE(httpBuf, NULL, DYNAMIC_TYPE_IN_BUFFER);
+        }
+    }
+
+#ifdef WOLFSSL_SMALL_STACK
+    XFREE(path,       NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    XFREE(domainName, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+
+    return ret;
+}
+
+
+void EmbedOcspRespFree(void* ctx, byte *resp)
+{
+    (void)ctx;
+
+    if (resp)
+        XFREE(resp, NULL, DYNAMIC_TYPE_IN_BUFFER);
+}
+
+
+#endif
+
+#endif /* WOLFSSL_USER_IO */
+
+WOLFSSL_API void wolfSSL_SetIORecv(WOLFSSL_CTX *ctx, CallbackIORecv CBIORecv)
+{
+    ctx->CBIORecv = CBIORecv;
+}
+
+
+WOLFSSL_API void wolfSSL_SetIOSend(WOLFSSL_CTX *ctx, CallbackIOSend CBIOSend)
+{
+    ctx->CBIOSend = CBIOSend;
+}
+
+
+WOLFSSL_API void wolfSSL_SetIOReadCtx(WOLFSSL* ssl, void *rctx)
+{
+	ssl->IOCB_ReadCtx = rctx;
+}
+
+
+WOLFSSL_API void wolfSSL_SetIOWriteCtx(WOLFSSL* ssl, void *wctx)
+{
+	ssl->IOCB_WriteCtx = wctx;
+}
+
+
+WOLFSSL_API void* wolfSSL_GetIOReadCtx(WOLFSSL* ssl)
+{
+    if (ssl)
+        return ssl->IOCB_ReadCtx;
+
+    return NULL;
+}
+
+
+WOLFSSL_API void* wolfSSL_GetIOWriteCtx(WOLFSSL* ssl)
+{
+    if (ssl)
+        return ssl->IOCB_WriteCtx;
+
+    return NULL;
+}
+
+
+WOLFSSL_API void wolfSSL_SetIOReadFlags(WOLFSSL* ssl, int flags)
+{
+    ssl->rflags = flags; 
+}
+
+
+WOLFSSL_API void wolfSSL_SetIOWriteFlags(WOLFSSL* ssl, int flags)
+{
+    ssl->wflags = flags;
+}
+
+
+#ifdef WOLFSSL_DTLS
+
+WOLFSSL_API void wolfSSL_CTX_SetGenCookie(WOLFSSL_CTX* ctx, CallbackGenCookie cb)
+{
+    ctx->CBIOCookie = cb;
+}
+
+
+WOLFSSL_API void wolfSSL_SetCookieCtx(WOLFSSL* ssl, void *ctx)
+{
+	ssl->IOCB_CookieCtx = ctx;
+}
+
+
+WOLFSSL_API void* wolfSSL_GetCookieCtx(WOLFSSL* ssl)
+{
+    if (ssl)
+	    return ssl->IOCB_CookieCtx;
+
+    return NULL;
+}
+
+#endif /* WOLFSSL_DTLS */
+
+
+#ifdef HAVE_NETX
+
+/* The NetX receive callback
+ *  return :  bytes read, or error
+ */
+int NetX_Receive(WOLFSSL *ssl, char *buf, int sz, void *ctx)
+{
+    NetX_Ctx* nxCtx = (NetX_Ctx*)ctx;
+    ULONG left;
+    ULONG total;
+    ULONG copied = 0;
+    UINT  status;
+
+    if (nxCtx == NULL || nxCtx->nxSocket == NULL) {
+        WOLFSSL_MSG("NetX Recv NULL parameters");
+        return WOLFSSL_CBIO_ERR_GENERAL;
+    }
+
+    if (nxCtx->nxPacket == NULL) {
+        status = nx_tcp_socket_receive(nxCtx->nxSocket, &nxCtx->nxPacket,
+                                       nxCtx->nxWait);
+        if (status != NX_SUCCESS) {
+            WOLFSSL_MSG("NetX Recv receive error");
+            return WOLFSSL_CBIO_ERR_GENERAL;
+        }
+    }
+
+    if (nxCtx->nxPacket) {
+        status = nx_packet_length_get(nxCtx->nxPacket, &total);
+        if (status != NX_SUCCESS) {
+            WOLFSSL_MSG("NetX Recv length get error");
+            return WOLFSSL_CBIO_ERR_GENERAL;
+        }
+
+        left = total - nxCtx->nxOffset;
+        status = nx_packet_data_extract_offset(nxCtx->nxPacket, nxCtx->nxOffset,
+                                               buf, sz, &copied);
+        if (status != NX_SUCCESS) {
+            WOLFSSL_MSG("NetX Recv data extract offset error");
+            return WOLFSSL_CBIO_ERR_GENERAL;
+        }
+
+        nxCtx->nxOffset += copied;
+
+        if (copied == left) {
+            WOLFSSL_MSG("NetX Recv Drained packet");
+            nx_packet_release(nxCtx->nxPacket);
+            nxCtx->nxPacket = NULL;
+            nxCtx->nxOffset = 0;
+        }
+    }
+
+    return copied;
+}
+
+
+/* The NetX send callback
+ *  return : bytes sent, or error
+ */
+int NetX_Send(WOLFSSL* ssl, char *buf, int sz, void *ctx)
+{
+    NetX_Ctx*       nxCtx = (NetX_Ctx*)ctx;
+    NX_PACKET*      packet;
+    NX_PACKET_POOL* pool;   /* shorthand */
+    UINT            status;
+
+    if (nxCtx == NULL || nxCtx->nxSocket == NULL) {
+        WOLFSSL_MSG("NetX Send NULL parameters");
+        return WOLFSSL_CBIO_ERR_GENERAL;
+    }
+
+    pool = nxCtx->nxSocket->nx_tcp_socket_ip_ptr->nx_ip_default_packet_pool;
+    status = nx_packet_allocate(pool, &packet, NX_TCP_PACKET,
+                                nxCtx->nxWait);
+    if (status != NX_SUCCESS) {
+        WOLFSSL_MSG("NetX Send packet alloc error");
+        return WOLFSSL_CBIO_ERR_GENERAL;
+    }
+
+    status = nx_packet_data_append(packet, buf, sz, pool, nxCtx->nxWait);
+    if (status != NX_SUCCESS) {
+        nx_packet_release(packet);
+        WOLFSSL_MSG("NetX Send data append error");
+        return WOLFSSL_CBIO_ERR_GENERAL;
+    }
+
+    status = nx_tcp_socket_send(nxCtx->nxSocket, packet, nxCtx->nxWait);
+    if (status != NX_SUCCESS) {
+        nx_packet_release(packet);
+        WOLFSSL_MSG("NetX Send socket send error");
+        return WOLFSSL_CBIO_ERR_GENERAL;
+    }
+
+    return sz;
+}
+
+
+/* like set_fd, but for default NetX context */
+void wolfSSL_SetIO_NetX(WOLFSSL* ssl, NX_TCP_SOCKET* nxSocket, ULONG waitOption)
+{
+    if (ssl) {
+        ssl->nxCtx.nxSocket = nxSocket;
+        ssl->nxCtx.nxWait   = waitOption;
+    }
+}
+
+#endif /* HAVE_NETX */
+
diff --git a/3P/wolfssl/src/keys.c b/3P/wolfssl/src/keys.c
new file mode 100644
index 00000000..3de9b89c
--- /dev/null
+++ b/3P/wolfssl/src/keys.c
@@ -0,0 +1,2713 @@
+/* keys.c
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+/* Name change compatibility layer no longer needs to be included here */
+
+#ifdef HAVE_CONFIG_H
+    #include 
+#endif
+
+#include 
+
+#include 
+#include 
+#if defined(SHOW_SECRETS) || defined(CHACHA_AEAD_TEST)
+    #ifdef FREESCALE_MQX
+        #include 
+    #else
+        #include 
+    #endif
+#endif
+
+
+int SetCipherSpecs(WOLFSSL* ssl)
+{
+#ifndef NO_WOLFSSL_CLIENT
+    if (ssl->options.side == WOLFSSL_CLIENT_END) {
+        /* server side verified before SetCipherSpecs call */
+        if (VerifyClientSuite(ssl) != 1) {
+            WOLFSSL_MSG("SetCipherSpecs() client has an unusuable suite");
+            return UNSUPPORTED_SUITE;
+        }
+    }
+#endif /* NO_WOLFSSL_CLIENT */
+
+    /* Chacha extensions, 0xcc */
+    if (ssl->options.cipherSuite0 == CHACHA_BYTE) {
+    
+    switch (ssl->options.cipherSuite) {
+#ifdef BUILD_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
+    case TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256:
+        ssl->specs.bulk_cipher_algorithm = wolfssl_chacha;
+        ssl->specs.cipher_type           = aead;
+        ssl->specs.mac_algorithm         = sha256_mac;
+        ssl->specs.kea                   = ecc_diffie_hellman_kea;
+        ssl->specs.sig_algo              = rsa_sa_algo;
+        ssl->specs.hash_size             = SHA256_DIGEST_SIZE;
+        ssl->specs.pad_size              = PAD_SHA;
+        ssl->specs.static_ecdh           = 0;
+        ssl->specs.key_size              = CHACHA20_256_KEY_SIZE;
+        ssl->specs.block_size            = CHACHA20_BLOCK_SIZE;
+        ssl->specs.iv_size               = CHACHA20_IV_SIZE;
+        ssl->specs.aead_mac_size         = POLY1305_AUTH_SZ;
+
+        break;
+#endif
+
+#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
+    case TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256:
+        ssl->specs.bulk_cipher_algorithm = wolfssl_chacha;
+        ssl->specs.cipher_type           = aead;
+        ssl->specs.mac_algorithm         = sha256_mac;
+        ssl->specs.kea                   = ecc_diffie_hellman_kea;
+        ssl->specs.sig_algo              = ecc_dsa_sa_algo;
+        ssl->specs.hash_size             = SHA256_DIGEST_SIZE;
+        ssl->specs.pad_size              = PAD_SHA;
+        ssl->specs.static_ecdh           = 0;
+        ssl->specs.key_size              = CHACHA20_256_KEY_SIZE;
+        ssl->specs.block_size            = CHACHA20_BLOCK_SIZE;
+        ssl->specs.iv_size               = CHACHA20_IV_SIZE;
+        ssl->specs.aead_mac_size         = POLY1305_AUTH_SZ;
+
+        break;
+#endif
+
+#ifdef BUILD_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256
+    case TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256:
+        ssl->specs.bulk_cipher_algorithm = wolfssl_chacha;
+        ssl->specs.cipher_type           = aead;
+        ssl->specs.mac_algorithm         = sha256_mac;
+        ssl->specs.kea                   = diffie_hellman_kea;
+        ssl->specs.sig_algo              = rsa_sa_algo;
+        ssl->specs.hash_size             = SHA256_DIGEST_SIZE;
+        ssl->specs.pad_size              = PAD_SHA;
+        ssl->specs.static_ecdh           = 0;
+        ssl->specs.key_size              = CHACHA20_256_KEY_SIZE;
+        ssl->specs.block_size            = CHACHA20_BLOCK_SIZE;
+        ssl->specs.iv_size               = CHACHA20_IV_SIZE;
+        ssl->specs.aead_mac_size         = POLY1305_AUTH_SZ;
+
+        break;
+#endif
+    default:
+        WOLFSSL_MSG("Unsupported cipher suite, SetCipherSpecs ChaCha");
+        return UNSUPPORTED_SUITE;
+    }
+    }
+
+    /* ECC extensions, or AES-CCM */
+    if (ssl->options.cipherSuite0 == ECC_BYTE) {
+    
+    switch (ssl->options.cipherSuite) {
+
+#ifdef HAVE_ECC
+
+#ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
+    case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 :
+        ssl->specs.bulk_cipher_algorithm = wolfssl_aes;
+        ssl->specs.cipher_type           = block;
+        ssl->specs.mac_algorithm         = sha256_mac;
+        ssl->specs.kea                   = ecc_diffie_hellman_kea;
+        ssl->specs.sig_algo              = rsa_sa_algo;
+        ssl->specs.hash_size             = SHA256_DIGEST_SIZE;
+        ssl->specs.pad_size              = PAD_SHA;
+        ssl->specs.static_ecdh           = 0;
+        ssl->specs.key_size              = AES_128_KEY_SIZE;
+        ssl->specs.iv_size               = AES_IV_SIZE;
+        ssl->specs.block_size            = AES_BLOCK_SIZE;
+    break;
+#endif
+
+#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
+    case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 :
+        ssl->specs.bulk_cipher_algorithm = wolfssl_aes;
+        ssl->specs.cipher_type           = block;
+        ssl->specs.mac_algorithm         = sha256_mac;
+        ssl->specs.kea                   = ecc_diffie_hellman_kea;
+        ssl->specs.sig_algo              = ecc_dsa_sa_algo;
+        ssl->specs.hash_size             = SHA256_DIGEST_SIZE;
+        ssl->specs.pad_size              = PAD_SHA;
+        ssl->specs.static_ecdh           = 0;
+        ssl->specs.key_size              = AES_128_KEY_SIZE;
+        ssl->specs.iv_size               = AES_IV_SIZE;
+        ssl->specs.block_size            = AES_BLOCK_SIZE;
+    break;
+#endif
+
+#ifdef BUILD_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
+    case TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 :
+        ssl->specs.bulk_cipher_algorithm = wolfssl_aes;
+        ssl->specs.cipher_type           = block;
+        ssl->specs.mac_algorithm         = sha256_mac;
+        ssl->specs.kea                   = ecc_diffie_hellman_kea;
+        ssl->specs.sig_algo              = rsa_sa_algo;
+        ssl->specs.hash_size             = SHA256_DIGEST_SIZE;
+        ssl->specs.pad_size              = PAD_SHA;
+        ssl->specs.static_ecdh           = 1;
+        ssl->specs.key_size              = AES_128_KEY_SIZE;
+        ssl->specs.iv_size               = AES_IV_SIZE;
+        ssl->specs.block_size            = AES_BLOCK_SIZE;
+    break;
+#endif
+
+#ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
+    case TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 :
+        ssl->specs.bulk_cipher_algorithm = wolfssl_aes;
+        ssl->specs.cipher_type           = block;
+        ssl->specs.mac_algorithm         = sha256_mac;
+        ssl->specs.kea                   = ecc_diffie_hellman_kea;
+        ssl->specs.sig_algo              = ecc_dsa_sa_algo;
+        ssl->specs.hash_size             = SHA256_DIGEST_SIZE;
+        ssl->specs.pad_size              = PAD_SHA;
+        ssl->specs.static_ecdh           = 1;
+        ssl->specs.key_size              = AES_128_KEY_SIZE;
+        ssl->specs.iv_size               = AES_IV_SIZE;
+        ssl->specs.block_size            = AES_BLOCK_SIZE;
+    break;
+#endif
+
+#ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
+    case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 :
+        ssl->specs.bulk_cipher_algorithm = wolfssl_aes;
+        ssl->specs.cipher_type           = block;
+        ssl->specs.mac_algorithm         = sha384_mac;
+        ssl->specs.kea                   = ecc_diffie_hellman_kea;
+        ssl->specs.sig_algo              = rsa_sa_algo;
+        ssl->specs.hash_size             = SHA384_DIGEST_SIZE;
+        ssl->specs.pad_size              = PAD_SHA;
+        ssl->specs.static_ecdh           = 0;
+        ssl->specs.key_size              = AES_256_KEY_SIZE;
+        ssl->specs.iv_size               = AES_IV_SIZE;
+        ssl->specs.block_size            = AES_BLOCK_SIZE;
+    break;
+#endif
+
+#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
+    case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 :
+        ssl->specs.bulk_cipher_algorithm = wolfssl_aes;
+        ssl->specs.cipher_type           = block;
+        ssl->specs.mac_algorithm         = sha384_mac;
+        ssl->specs.kea                   = ecc_diffie_hellman_kea;
+        ssl->specs.sig_algo              = ecc_dsa_sa_algo;
+        ssl->specs.hash_size             = SHA384_DIGEST_SIZE;
+        ssl->specs.pad_size              = PAD_SHA;
+        ssl->specs.static_ecdh           = 0;
+        ssl->specs.key_size              = AES_256_KEY_SIZE;
+        ssl->specs.iv_size               = AES_IV_SIZE;
+        ssl->specs.block_size            = AES_BLOCK_SIZE;
+    break;
+#endif
+
+#ifdef BUILD_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
+    case TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 :
+        ssl->specs.bulk_cipher_algorithm = wolfssl_aes;
+        ssl->specs.cipher_type           = block;
+        ssl->specs.mac_algorithm         = sha384_mac;
+        ssl->specs.kea                   = ecc_diffie_hellman_kea;
+        ssl->specs.sig_algo              = rsa_sa_algo;
+        ssl->specs.hash_size             = SHA384_DIGEST_SIZE;
+        ssl->specs.pad_size              = PAD_SHA;
+        ssl->specs.static_ecdh           = 1;
+        ssl->specs.key_size              = AES_256_KEY_SIZE;
+        ssl->specs.iv_size               = AES_IV_SIZE;
+        ssl->specs.block_size            = AES_BLOCK_SIZE;
+    break;
+#endif
+
+#ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
+    case TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 :
+        ssl->specs.bulk_cipher_algorithm = wolfssl_aes;
+        ssl->specs.cipher_type           = block;
+        ssl->specs.mac_algorithm         = sha384_mac;
+        ssl->specs.kea                   = ecc_diffie_hellman_kea;
+        ssl->specs.sig_algo              = ecc_dsa_sa_algo;
+        ssl->specs.hash_size             = SHA384_DIGEST_SIZE;
+        ssl->specs.pad_size              = PAD_SHA;
+        ssl->specs.static_ecdh           = 1;
+        ssl->specs.key_size              = AES_256_KEY_SIZE;
+        ssl->specs.iv_size               = AES_IV_SIZE;
+        ssl->specs.block_size            = AES_BLOCK_SIZE;
+    break;
+#endif
+
+#ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
+    case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA :
+        ssl->specs.bulk_cipher_algorithm = wolfssl_aes;
+        ssl->specs.cipher_type           = block;
+        ssl->specs.mac_algorithm         = sha_mac;
+        ssl->specs.kea                   = ecc_diffie_hellman_kea;
+        ssl->specs.sig_algo              = rsa_sa_algo;
+        ssl->specs.hash_size             = SHA_DIGEST_SIZE;
+        ssl->specs.pad_size              = PAD_SHA;
+        ssl->specs.static_ecdh           = 0;
+        ssl->specs.key_size              = AES_128_KEY_SIZE;
+        ssl->specs.block_size            = AES_BLOCK_SIZE;
+        ssl->specs.iv_size               = AES_IV_SIZE;
+
+        break;
+#endif
+
+#ifdef BUILD_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
+    case TLS_ECDH_RSA_WITH_AES_128_CBC_SHA :
+        ssl->specs.bulk_cipher_algorithm = wolfssl_aes;
+        ssl->specs.cipher_type           = block;
+        ssl->specs.mac_algorithm         = sha_mac;
+        ssl->specs.kea                   = ecc_diffie_hellman_kea;
+        ssl->specs.sig_algo              = rsa_sa_algo;
+        ssl->specs.hash_size             = SHA_DIGEST_SIZE;
+        ssl->specs.pad_size              = PAD_SHA;
+        ssl->specs.static_ecdh           = 1;
+        ssl->specs.key_size              = AES_128_KEY_SIZE;
+        ssl->specs.block_size            = AES_BLOCK_SIZE;
+        ssl->specs.iv_size               = AES_IV_SIZE;
+
+        break;
+#endif
+
+#ifdef BUILD_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
+    case TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA :
+        ssl->specs.bulk_cipher_algorithm = wolfssl_triple_des;
+        ssl->specs.cipher_type           = block;
+        ssl->specs.mac_algorithm         = sha_mac;
+        ssl->specs.kea                   = ecc_diffie_hellman_kea;
+        ssl->specs.sig_algo              = rsa_sa_algo;
+        ssl->specs.hash_size             = SHA_DIGEST_SIZE;
+        ssl->specs.pad_size              = PAD_SHA;
+        ssl->specs.static_ecdh           = 0;
+        ssl->specs.key_size              = DES3_KEY_SIZE;
+        ssl->specs.block_size            = DES_BLOCK_SIZE;
+        ssl->specs.iv_size               = DES_IV_SIZE;
+
+        break;
+#endif
+
+#ifdef BUILD_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
+    case TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA :
+        ssl->specs.bulk_cipher_algorithm = wolfssl_triple_des;
+        ssl->specs.cipher_type           = block;
+        ssl->specs.mac_algorithm         = sha_mac;
+        ssl->specs.kea                   = ecc_diffie_hellman_kea;
+        ssl->specs.sig_algo              = rsa_sa_algo;
+        ssl->specs.hash_size             = SHA_DIGEST_SIZE;
+        ssl->specs.pad_size              = PAD_SHA;
+        ssl->specs.static_ecdh           = 1;
+        ssl->specs.key_size              = DES3_KEY_SIZE;
+        ssl->specs.block_size            = DES_BLOCK_SIZE;
+        ssl->specs.iv_size               = DES_IV_SIZE;
+
+        break;
+#endif
+
+#ifdef BUILD_TLS_ECDHE_RSA_WITH_RC4_128_SHA
+    case TLS_ECDHE_RSA_WITH_RC4_128_SHA :
+        ssl->specs.bulk_cipher_algorithm = wolfssl_rc4;
+        ssl->specs.cipher_type           = stream;
+        ssl->specs.mac_algorithm         = sha_mac;
+        ssl->specs.kea                   = ecc_diffie_hellman_kea;
+        ssl->specs.sig_algo              = rsa_sa_algo;
+        ssl->specs.hash_size             = SHA_DIGEST_SIZE;
+        ssl->specs.pad_size              = PAD_SHA;
+        ssl->specs.static_ecdh           = 0;
+        ssl->specs.key_size              = RC4_KEY_SIZE;
+        ssl->specs.iv_size               = 0;
+        ssl->specs.block_size            = 0;
+
+        break;
+#endif
+
+#ifdef BUILD_TLS_ECDH_RSA_WITH_RC4_128_SHA
+    case TLS_ECDH_RSA_WITH_RC4_128_SHA :
+        ssl->specs.bulk_cipher_algorithm = wolfssl_rc4;
+        ssl->specs.cipher_type           = stream;
+        ssl->specs.mac_algorithm         = sha_mac;
+        ssl->specs.kea                   = ecc_diffie_hellman_kea;
+        ssl->specs.sig_algo              = rsa_sa_algo;
+        ssl->specs.hash_size             = SHA_DIGEST_SIZE;
+        ssl->specs.pad_size              = PAD_SHA;
+        ssl->specs.static_ecdh           = 1;
+        ssl->specs.key_size              = RC4_KEY_SIZE;
+        ssl->specs.iv_size               = 0;
+        ssl->specs.block_size            = 0;
+
+        break;
+#endif
+
+#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
+    case TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA :
+        ssl->specs.bulk_cipher_algorithm = wolfssl_triple_des;
+        ssl->specs.cipher_type           = block;
+        ssl->specs.mac_algorithm         = sha_mac;
+        ssl->specs.kea                   = ecc_diffie_hellman_kea;
+        ssl->specs.sig_algo              = ecc_dsa_sa_algo;
+        ssl->specs.hash_size             = SHA_DIGEST_SIZE;
+        ssl->specs.pad_size              = PAD_SHA;
+        ssl->specs.static_ecdh           = 0;
+        ssl->specs.key_size              = DES3_KEY_SIZE;
+        ssl->specs.block_size            = DES_BLOCK_SIZE;
+        ssl->specs.iv_size               = DES_IV_SIZE;
+
+        break;
+#endif
+
+#ifdef BUILD_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
+    case TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA :
+        ssl->specs.bulk_cipher_algorithm = wolfssl_triple_des;
+        ssl->specs.cipher_type           = block;
+        ssl->specs.mac_algorithm         = sha_mac;
+        ssl->specs.kea                   = ecc_diffie_hellman_kea;
+        ssl->specs.sig_algo              = ecc_dsa_sa_algo;
+        ssl->specs.hash_size             = SHA_DIGEST_SIZE;
+        ssl->specs.pad_size              = PAD_SHA;
+        ssl->specs.static_ecdh           = 1;
+        ssl->specs.key_size              = DES3_KEY_SIZE;
+        ssl->specs.block_size            = DES_BLOCK_SIZE;
+        ssl->specs.iv_size               = DES_IV_SIZE;
+
+        break;
+#endif
+
+#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
+    case TLS_ECDHE_ECDSA_WITH_RC4_128_SHA :
+        ssl->specs.bulk_cipher_algorithm = wolfssl_rc4;
+        ssl->specs.cipher_type           = stream;
+        ssl->specs.mac_algorithm         = sha_mac;
+        ssl->specs.kea                   = ecc_diffie_hellman_kea;
+        ssl->specs.sig_algo              = ecc_dsa_sa_algo;
+        ssl->specs.hash_size             = SHA_DIGEST_SIZE;
+        ssl->specs.pad_size              = PAD_SHA;
+        ssl->specs.static_ecdh           = 0;
+        ssl->specs.key_size              = RC4_KEY_SIZE;
+        ssl->specs.iv_size               = 0;
+        ssl->specs.block_size            = 0;
+
+        break;
+#endif
+
+#ifdef BUILD_TLS_ECDH_ECDSA_WITH_RC4_128_SHA
+    case TLS_ECDH_ECDSA_WITH_RC4_128_SHA :
+        ssl->specs.bulk_cipher_algorithm = wolfssl_rc4;
+        ssl->specs.cipher_type           = stream;
+        ssl->specs.mac_algorithm         = sha_mac;
+        ssl->specs.kea                   = ecc_diffie_hellman_kea;
+        ssl->specs.sig_algo              = ecc_dsa_sa_algo;
+        ssl->specs.hash_size             = SHA_DIGEST_SIZE;
+        ssl->specs.pad_size              = PAD_SHA;
+        ssl->specs.static_ecdh           = 1;
+        ssl->specs.key_size              = RC4_KEY_SIZE;
+        ssl->specs.iv_size               = 0;
+        ssl->specs.block_size            = 0;
+
+        break;
+#endif
+
+#ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
+    case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA :
+        ssl->specs.bulk_cipher_algorithm = wolfssl_aes;
+        ssl->specs.cipher_type           = block;
+        ssl->specs.mac_algorithm         = sha_mac;
+        ssl->specs.kea                   = ecc_diffie_hellman_kea;
+        ssl->specs.sig_algo              = rsa_sa_algo;
+        ssl->specs.hash_size             = SHA_DIGEST_SIZE;
+        ssl->specs.pad_size              = PAD_SHA;
+        ssl->specs.static_ecdh           = 0;
+        ssl->specs.key_size              = AES_256_KEY_SIZE;
+        ssl->specs.block_size            = AES_BLOCK_SIZE;
+        ssl->specs.iv_size               = AES_IV_SIZE;
+
+        break;
+#endif
+
+#ifdef BUILD_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
+    case TLS_ECDH_RSA_WITH_AES_256_CBC_SHA :
+        ssl->specs.bulk_cipher_algorithm = wolfssl_aes;
+        ssl->specs.cipher_type           = block;
+        ssl->specs.mac_algorithm         = sha_mac;
+        ssl->specs.kea                   = ecc_diffie_hellman_kea;
+        ssl->specs.sig_algo              = rsa_sa_algo;
+        ssl->specs.hash_size             = SHA_DIGEST_SIZE;
+        ssl->specs.pad_size              = PAD_SHA;
+        ssl->specs.static_ecdh           = 1;
+        ssl->specs.key_size              = AES_256_KEY_SIZE;
+        ssl->specs.block_size            = AES_BLOCK_SIZE;
+        ssl->specs.iv_size               = AES_IV_SIZE;
+
+        break;
+#endif
+
+#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
+    case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA :
+        ssl->specs.bulk_cipher_algorithm = wolfssl_aes;
+        ssl->specs.cipher_type           = block;
+        ssl->specs.mac_algorithm         = sha_mac;
+        ssl->specs.kea                   = ecc_diffie_hellman_kea;
+        ssl->specs.sig_algo              = ecc_dsa_sa_algo;
+        ssl->specs.hash_size             = SHA_DIGEST_SIZE;
+        ssl->specs.pad_size              = PAD_SHA;
+        ssl->specs.static_ecdh           = 0;
+        ssl->specs.key_size              = AES_128_KEY_SIZE;
+        ssl->specs.block_size            = AES_BLOCK_SIZE;
+        ssl->specs.iv_size               = AES_IV_SIZE;
+
+        break;
+#endif
+
+#ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
+    case TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA :
+        ssl->specs.bulk_cipher_algorithm = wolfssl_aes;
+        ssl->specs.cipher_type           = block;
+        ssl->specs.mac_algorithm         = sha_mac;
+        ssl->specs.kea                   = ecc_diffie_hellman_kea;
+        ssl->specs.sig_algo              = ecc_dsa_sa_algo;
+        ssl->specs.hash_size             = SHA_DIGEST_SIZE;
+        ssl->specs.pad_size              = PAD_SHA;
+        ssl->specs.static_ecdh           = 1;
+        ssl->specs.key_size              = AES_128_KEY_SIZE;
+        ssl->specs.block_size            = AES_BLOCK_SIZE;
+        ssl->specs.iv_size               = AES_IV_SIZE;
+
+        break;
+#endif
+
+#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
+    case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA :
+        ssl->specs.bulk_cipher_algorithm = wolfssl_aes;
+        ssl->specs.cipher_type           = block;
+        ssl->specs.mac_algorithm         = sha_mac;
+        ssl->specs.kea                   = ecc_diffie_hellman_kea;
+        ssl->specs.sig_algo              = ecc_dsa_sa_algo;
+        ssl->specs.hash_size             = SHA_DIGEST_SIZE;
+        ssl->specs.pad_size              = PAD_SHA;
+        ssl->specs.static_ecdh           = 0;
+        ssl->specs.key_size              = AES_256_KEY_SIZE;
+        ssl->specs.block_size            = AES_BLOCK_SIZE;
+        ssl->specs.iv_size               = AES_IV_SIZE;
+
+        break;
+#endif
+
+#ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
+    case TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA :
+        ssl->specs.bulk_cipher_algorithm = wolfssl_aes;
+        ssl->specs.cipher_type           = block;
+        ssl->specs.mac_algorithm         = sha_mac;
+        ssl->specs.kea                   = ecc_diffie_hellman_kea;
+        ssl->specs.sig_algo              = ecc_dsa_sa_algo;
+        ssl->specs.hash_size             = SHA_DIGEST_SIZE;
+        ssl->specs.pad_size              = PAD_SHA;
+        ssl->specs.static_ecdh           = 1;
+        ssl->specs.key_size              = AES_256_KEY_SIZE;
+        ssl->specs.block_size            = AES_BLOCK_SIZE;
+        ssl->specs.iv_size               = AES_IV_SIZE;
+
+        break;
+#endif
+
+#ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
+    case TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 :
+        ssl->specs.bulk_cipher_algorithm = wolfssl_aes_gcm;
+        ssl->specs.cipher_type           = aead;
+        ssl->specs.mac_algorithm         = sha256_mac;
+        ssl->specs.kea                   = ecc_diffie_hellman_kea;
+        ssl->specs.sig_algo              = rsa_sa_algo;
+        ssl->specs.hash_size             = SHA256_DIGEST_SIZE;
+        ssl->specs.pad_size              = PAD_SHA;
+        ssl->specs.static_ecdh           = 0;
+        ssl->specs.key_size              = AES_128_KEY_SIZE;
+        ssl->specs.block_size            = AES_BLOCK_SIZE;
+        ssl->specs.iv_size               = AEAD_IMP_IV_SZ;
+        ssl->specs.aead_mac_size         = AES_GCM_AUTH_SZ;
+
+        break;
+#endif
+
+#ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
+    case TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 :
+        ssl->specs.bulk_cipher_algorithm = wolfssl_aes_gcm;
+        ssl->specs.cipher_type           = aead;
+        ssl->specs.mac_algorithm         = sha384_mac;
+        ssl->specs.kea                   = ecc_diffie_hellman_kea;
+        ssl->specs.sig_algo              = rsa_sa_algo;
+        ssl->specs.hash_size             = SHA384_DIGEST_SIZE;
+        ssl->specs.pad_size              = PAD_SHA;
+        ssl->specs.static_ecdh           = 0;
+        ssl->specs.key_size              = AES_256_KEY_SIZE;
+        ssl->specs.block_size            = AES_BLOCK_SIZE;
+        ssl->specs.iv_size               = AEAD_IMP_IV_SZ;
+        ssl->specs.aead_mac_size         = AES_GCM_AUTH_SZ;
+
+        break;
+#endif
+
+#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
+    case TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 :
+        ssl->specs.bulk_cipher_algorithm = wolfssl_aes_gcm;
+        ssl->specs.cipher_type           = aead;
+        ssl->specs.mac_algorithm         = sha256_mac;
+        ssl->specs.kea                   = ecc_diffie_hellman_kea;
+        ssl->specs.sig_algo              = ecc_dsa_sa_algo;
+        ssl->specs.hash_size             = SHA256_DIGEST_SIZE;
+        ssl->specs.pad_size              = PAD_SHA;
+        ssl->specs.static_ecdh           = 0;
+        ssl->specs.key_size              = AES_128_KEY_SIZE;
+        ssl->specs.block_size            = AES_BLOCK_SIZE;
+        ssl->specs.iv_size               = AEAD_IMP_IV_SZ;
+        ssl->specs.aead_mac_size         = AES_GCM_AUTH_SZ;
+
+        break;
+#endif
+
+#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
+    case TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 :
+        ssl->specs.bulk_cipher_algorithm = wolfssl_aes_gcm;
+        ssl->specs.cipher_type           = aead;
+        ssl->specs.mac_algorithm         = sha384_mac;
+        ssl->specs.kea                   = ecc_diffie_hellman_kea;
+        ssl->specs.sig_algo              = ecc_dsa_sa_algo;
+        ssl->specs.hash_size             = SHA384_DIGEST_SIZE;
+        ssl->specs.pad_size              = PAD_SHA;
+        ssl->specs.static_ecdh           = 0;
+        ssl->specs.key_size              = AES_256_KEY_SIZE;
+        ssl->specs.block_size            = AES_BLOCK_SIZE;
+        ssl->specs.iv_size               = AEAD_IMP_IV_SZ;
+        ssl->specs.aead_mac_size         = AES_GCM_AUTH_SZ;
+
+        break;
+#endif
+
+#ifdef BUILD_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
+    case TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 :
+        ssl->specs.bulk_cipher_algorithm = wolfssl_aes_gcm;
+        ssl->specs.cipher_type           = aead;
+        ssl->specs.mac_algorithm         = sha256_mac;
+        ssl->specs.kea                   = ecc_diffie_hellman_kea;
+        ssl->specs.sig_algo              = rsa_sa_algo;
+        ssl->specs.hash_size             = SHA256_DIGEST_SIZE;
+        ssl->specs.pad_size              = PAD_SHA;
+        ssl->specs.static_ecdh           = 1;
+        ssl->specs.key_size              = AES_128_KEY_SIZE;
+        ssl->specs.block_size            = AES_BLOCK_SIZE;
+        ssl->specs.iv_size               = AEAD_IMP_IV_SZ;
+        ssl->specs.aead_mac_size         = AES_GCM_AUTH_SZ;
+
+        break;
+#endif
+
+#ifdef BUILD_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
+    case TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 :
+        ssl->specs.bulk_cipher_algorithm = wolfssl_aes_gcm;
+        ssl->specs.cipher_type           = aead;
+        ssl->specs.mac_algorithm         = sha384_mac;
+        ssl->specs.kea                   = ecc_diffie_hellman_kea;
+        ssl->specs.sig_algo              = rsa_sa_algo;
+        ssl->specs.hash_size             = SHA384_DIGEST_SIZE;
+        ssl->specs.pad_size              = PAD_SHA;
+        ssl->specs.static_ecdh           = 1;
+        ssl->specs.key_size              = AES_256_KEY_SIZE;
+        ssl->specs.block_size            = AES_BLOCK_SIZE;
+        ssl->specs.iv_size               = AEAD_IMP_IV_SZ;
+        ssl->specs.aead_mac_size         = AES_GCM_AUTH_SZ;
+
+        break;
+#endif
+
+#ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256
+    case TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 :
+        ssl->specs.bulk_cipher_algorithm = wolfssl_aes_gcm;
+        ssl->specs.cipher_type           = aead;
+        ssl->specs.mac_algorithm         = sha256_mac;
+        ssl->specs.kea                   = ecc_diffie_hellman_kea;
+        ssl->specs.sig_algo              = ecc_dsa_sa_algo;
+        ssl->specs.hash_size             = SHA256_DIGEST_SIZE;
+        ssl->specs.pad_size              = PAD_SHA;
+        ssl->specs.static_ecdh           = 1;
+        ssl->specs.key_size              = AES_128_KEY_SIZE;
+        ssl->specs.block_size            = AES_BLOCK_SIZE;
+        ssl->specs.iv_size               = AEAD_IMP_IV_SZ;
+        ssl->specs.aead_mac_size         = AES_GCM_AUTH_SZ;
+
+        break;
+#endif
+
+#ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
+    case TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 :
+        ssl->specs.bulk_cipher_algorithm = wolfssl_aes_gcm;
+        ssl->specs.cipher_type           = aead;
+        ssl->specs.mac_algorithm         = sha384_mac;
+        ssl->specs.kea                   = ecc_diffie_hellman_kea;
+        ssl->specs.sig_algo              = ecc_dsa_sa_algo;
+        ssl->specs.hash_size             = SHA384_DIGEST_SIZE;
+        ssl->specs.pad_size              = PAD_SHA;
+        ssl->specs.static_ecdh           = 1;
+        ssl->specs.key_size              = AES_256_KEY_SIZE;
+        ssl->specs.block_size            = AES_BLOCK_SIZE;
+        ssl->specs.iv_size               = AEAD_IMP_IV_SZ;
+        ssl->specs.aead_mac_size         = AES_GCM_AUTH_SZ;
+
+        break;
+#endif
+
+#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8
+    case TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 :
+        ssl->specs.bulk_cipher_algorithm = wolfssl_aes_ccm;
+        ssl->specs.cipher_type           = aead;
+        ssl->specs.mac_algorithm         = sha256_mac;
+        ssl->specs.kea                   = ecc_diffie_hellman_kea;
+        ssl->specs.sig_algo              = ecc_dsa_sa_algo;
+        ssl->specs.hash_size             = SHA256_DIGEST_SIZE;
+        ssl->specs.pad_size              = PAD_SHA;
+        ssl->specs.static_ecdh           = 0;
+        ssl->specs.key_size              = AES_128_KEY_SIZE;
+        ssl->specs.block_size            = AES_BLOCK_SIZE;
+        ssl->specs.iv_size               = AEAD_IMP_IV_SZ;
+        ssl->specs.aead_mac_size         = AES_CCM_8_AUTH_SZ;
+
+        break;
+#endif
+
+#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8
+    case TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 :
+        ssl->specs.bulk_cipher_algorithm = wolfssl_aes_ccm;
+        ssl->specs.cipher_type           = aead;
+        ssl->specs.mac_algorithm         = sha256_mac;
+        ssl->specs.kea                   = ecc_diffie_hellman_kea;
+        ssl->specs.sig_algo              = ecc_dsa_sa_algo;
+        ssl->specs.hash_size             = SHA256_DIGEST_SIZE;
+        ssl->specs.pad_size              = PAD_SHA;
+        ssl->specs.static_ecdh           = 0;
+        ssl->specs.key_size              = AES_256_KEY_SIZE;
+        ssl->specs.block_size            = AES_BLOCK_SIZE;
+        ssl->specs.iv_size               = AEAD_IMP_IV_SZ;
+        ssl->specs.aead_mac_size         = AES_CCM_8_AUTH_SZ;
+
+        break;
+#endif
+#endif /* HAVE_ECC */
+
+#ifdef BUILD_TLS_RSA_WITH_AES_128_CCM_8
+    case TLS_RSA_WITH_AES_128_CCM_8 :
+        ssl->specs.bulk_cipher_algorithm = wolfssl_aes_ccm;
+        ssl->specs.cipher_type           = aead;
+        ssl->specs.mac_algorithm         = sha256_mac;
+        ssl->specs.kea                   = rsa_kea;
+        ssl->specs.sig_algo              = rsa_sa_algo;
+        ssl->specs.hash_size             = SHA256_DIGEST_SIZE;
+        ssl->specs.pad_size              = PAD_SHA;
+        ssl->specs.static_ecdh           = 0;
+        ssl->specs.key_size              = AES_128_KEY_SIZE;
+        ssl->specs.block_size            = AES_BLOCK_SIZE;
+        ssl->specs.iv_size               = AEAD_IMP_IV_SZ;
+        ssl->specs.aead_mac_size         = AES_CCM_8_AUTH_SZ;
+
+        break;
+#endif
+
+#ifdef BUILD_TLS_RSA_WITH_AES_256_CCM_8
+    case TLS_RSA_WITH_AES_256_CCM_8 :
+        ssl->specs.bulk_cipher_algorithm = wolfssl_aes_ccm;
+        ssl->specs.cipher_type           = aead;
+        ssl->specs.mac_algorithm         = sha256_mac;
+        ssl->specs.kea                   = rsa_kea;
+        ssl->specs.sig_algo              = rsa_sa_algo;
+        ssl->specs.hash_size             = SHA256_DIGEST_SIZE;
+        ssl->specs.pad_size              = PAD_SHA;
+        ssl->specs.static_ecdh           = 0;
+        ssl->specs.key_size              = AES_256_KEY_SIZE;
+        ssl->specs.block_size            = AES_BLOCK_SIZE;
+        ssl->specs.iv_size               = AEAD_IMP_IV_SZ;
+        ssl->specs.aead_mac_size         = AES_CCM_8_AUTH_SZ;
+
+        break;
+#endif
+
+#ifdef BUILD_TLS_PSK_WITH_AES_128_CCM_8
+    case TLS_PSK_WITH_AES_128_CCM_8 :
+        ssl->specs.bulk_cipher_algorithm = wolfssl_aes_ccm;
+        ssl->specs.cipher_type           = aead;
+        ssl->specs.mac_algorithm         = sha256_mac;
+        ssl->specs.kea                   = psk_kea;
+        ssl->specs.sig_algo              = anonymous_sa_algo;
+        ssl->specs.hash_size             = SHA256_DIGEST_SIZE;
+        ssl->specs.pad_size              = PAD_SHA;
+        ssl->specs.static_ecdh           = 0;
+        ssl->specs.key_size              = AES_128_KEY_SIZE;
+        ssl->specs.block_size            = AES_BLOCK_SIZE;
+        ssl->specs.iv_size               = AEAD_IMP_IV_SZ;
+        ssl->specs.aead_mac_size         = AES_CCM_8_AUTH_SZ;
+
+        ssl->options.usingPSK_cipher     = 1;
+        break;
+#endif
+
+#ifdef BUILD_TLS_PSK_WITH_AES_256_CCM_8
+    case TLS_PSK_WITH_AES_256_CCM_8 :
+        ssl->specs.bulk_cipher_algorithm = wolfssl_aes_ccm;
+        ssl->specs.cipher_type           = aead;
+        ssl->specs.mac_algorithm         = sha256_mac;
+        ssl->specs.kea                   = psk_kea;
+        ssl->specs.sig_algo              = anonymous_sa_algo;
+        ssl->specs.hash_size             = SHA256_DIGEST_SIZE;
+        ssl->specs.pad_size              = PAD_SHA;
+        ssl->specs.static_ecdh           = 0;
+        ssl->specs.key_size              = AES_256_KEY_SIZE;
+        ssl->specs.block_size            = AES_BLOCK_SIZE;
+        ssl->specs.iv_size               = AEAD_IMP_IV_SZ;
+        ssl->specs.aead_mac_size         = AES_CCM_8_AUTH_SZ;
+
+        ssl->options.usingPSK_cipher     = 1;
+        break;
+#endif
+
+#ifdef BUILD_TLS_PSK_WITH_AES_128_CCM
+    case TLS_PSK_WITH_AES_128_CCM :
+        ssl->specs.bulk_cipher_algorithm = wolfssl_aes_ccm;
+        ssl->specs.cipher_type           = aead;
+        ssl->specs.mac_algorithm         = sha256_mac;
+        ssl->specs.kea                   = psk_kea;
+        ssl->specs.sig_algo              = anonymous_sa_algo;
+        ssl->specs.hash_size             = SHA256_DIGEST_SIZE;
+        ssl->specs.pad_size              = PAD_SHA;
+        ssl->specs.static_ecdh           = 0;
+        ssl->specs.key_size              = AES_128_KEY_SIZE;
+        ssl->specs.block_size            = AES_BLOCK_SIZE;
+        ssl->specs.iv_size               = AEAD_IMP_IV_SZ;
+        ssl->specs.aead_mac_size         = AES_CCM_16_AUTH_SZ;
+
+        ssl->options.usingPSK_cipher     = 1;
+        break;
+#endif
+
+#ifdef BUILD_TLS_PSK_WITH_AES_256_CCM
+    case TLS_PSK_WITH_AES_256_CCM :
+        ssl->specs.bulk_cipher_algorithm = wolfssl_aes_ccm;
+        ssl->specs.cipher_type           = aead;
+        ssl->specs.mac_algorithm         = sha256_mac;
+        ssl->specs.kea                   = psk_kea;
+        ssl->specs.sig_algo              = anonymous_sa_algo;
+        ssl->specs.hash_size             = SHA256_DIGEST_SIZE;
+        ssl->specs.pad_size              = PAD_SHA;
+        ssl->specs.static_ecdh           = 0;
+        ssl->specs.key_size              = AES_256_KEY_SIZE;
+        ssl->specs.block_size            = AES_BLOCK_SIZE;
+        ssl->specs.iv_size               = AEAD_IMP_IV_SZ;
+        ssl->specs.aead_mac_size         = AES_CCM_16_AUTH_SZ;
+
+        ssl->options.usingPSK_cipher     = 1;
+        break;
+#endif
+
+#ifdef BUILD_TLS_DHE_PSK_WITH_AES_128_CCM
+    case TLS_DHE_PSK_WITH_AES_128_CCM :
+        ssl->specs.bulk_cipher_algorithm = wolfssl_aes_ccm;
+        ssl->specs.cipher_type           = aead;
+        ssl->specs.mac_algorithm         = sha256_mac;
+        ssl->specs.kea                   = dhe_psk_kea;
+        ssl->specs.sig_algo              = anonymous_sa_algo;
+        ssl->specs.hash_size             = SHA256_DIGEST_SIZE;
+        ssl->specs.pad_size              = PAD_SHA;
+        ssl->specs.static_ecdh           = 0;
+        ssl->specs.key_size              = AES_128_KEY_SIZE;
+        ssl->specs.block_size            = AES_BLOCK_SIZE;
+        ssl->specs.iv_size               = AEAD_IMP_IV_SZ;
+        ssl->specs.aead_mac_size         = AES_CCM_16_AUTH_SZ;
+
+        ssl->options.usingPSK_cipher     = 1;
+        break;
+#endif
+
+#ifdef BUILD_TLS_DHE_PSK_WITH_AES_256_CCM
+    case TLS_DHE_PSK_WITH_AES_256_CCM :
+        ssl->specs.bulk_cipher_algorithm = wolfssl_aes_ccm;
+        ssl->specs.cipher_type           = aead;
+        ssl->specs.mac_algorithm         = sha256_mac;
+        ssl->specs.kea                   = dhe_psk_kea;
+        ssl->specs.sig_algo              = anonymous_sa_algo;
+        ssl->specs.hash_size             = SHA256_DIGEST_SIZE;
+        ssl->specs.pad_size              = PAD_SHA;
+        ssl->specs.static_ecdh           = 0;
+        ssl->specs.key_size              = AES_256_KEY_SIZE;
+        ssl->specs.block_size            = AES_BLOCK_SIZE;
+        ssl->specs.iv_size               = AEAD_IMP_IV_SZ;
+        ssl->specs.aead_mac_size         = AES_CCM_16_AUTH_SZ;
+
+        ssl->options.usingPSK_cipher     = 1;
+        break;
+#endif
+
+    default:
+        WOLFSSL_MSG("Unsupported cipher suite, SetCipherSpecs ECC");
+        return UNSUPPORTED_SUITE;
+    }   /* switch */
+    }   /* if     */
+    if (ssl->options.cipherSuite0 != ECC_BYTE && 
+            ssl->options.cipherSuite0 != CHACHA_BYTE) {   /* normal suites */
+    switch (ssl->options.cipherSuite) {
+
+#ifdef BUILD_SSL_RSA_WITH_RC4_128_SHA
+    case SSL_RSA_WITH_RC4_128_SHA :
+        ssl->specs.bulk_cipher_algorithm = wolfssl_rc4;
+        ssl->specs.cipher_type           = stream;
+        ssl->specs.mac_algorithm         = sha_mac;
+        ssl->specs.kea                   = rsa_kea;
+        ssl->specs.sig_algo              = rsa_sa_algo;
+        ssl->specs.hash_size             = SHA_DIGEST_SIZE;
+        ssl->specs.pad_size              = PAD_SHA;
+        ssl->specs.static_ecdh           = 0;
+        ssl->specs.key_size              = RC4_KEY_SIZE;
+        ssl->specs.iv_size               = 0;
+        ssl->specs.block_size            = 0;
+
+        break;
+#endif
+
+#ifdef BUILD_TLS_NTRU_RSA_WITH_RC4_128_SHA
+    case TLS_NTRU_RSA_WITH_RC4_128_SHA :
+        ssl->specs.bulk_cipher_algorithm = wolfssl_rc4;
+        ssl->specs.cipher_type           = stream;
+        ssl->specs.mac_algorithm         = sha_mac;
+        ssl->specs.kea                   = ntru_kea;
+        ssl->specs.sig_algo              = rsa_sa_algo;
+        ssl->specs.hash_size             = SHA_DIGEST_SIZE;
+        ssl->specs.pad_size              = PAD_SHA;
+        ssl->specs.static_ecdh           = 0;
+        ssl->specs.key_size              = RC4_KEY_SIZE;
+        ssl->specs.iv_size               = 0;
+        ssl->specs.block_size            = 0;
+
+        break;
+#endif
+
+#ifdef BUILD_SSL_RSA_WITH_RC4_128_MD5
+    case SSL_RSA_WITH_RC4_128_MD5 :
+        ssl->specs.bulk_cipher_algorithm = wolfssl_rc4;
+        ssl->specs.cipher_type           = stream;
+        ssl->specs.mac_algorithm         = md5_mac;
+        ssl->specs.kea                   = rsa_kea;
+        ssl->specs.sig_algo              = rsa_sa_algo;
+        ssl->specs.hash_size             = MD5_DIGEST_SIZE;
+        ssl->specs.pad_size              = PAD_MD5;
+        ssl->specs.static_ecdh           = 0;
+        ssl->specs.key_size              = RC4_KEY_SIZE;
+        ssl->specs.iv_size               = 0;
+        ssl->specs.block_size            = 0;
+
+        break;
+#endif
+
+#ifdef BUILD_SSL_RSA_WITH_3DES_EDE_CBC_SHA
+    case SSL_RSA_WITH_3DES_EDE_CBC_SHA :
+        ssl->specs.bulk_cipher_algorithm = wolfssl_triple_des;
+        ssl->specs.cipher_type           = block;
+        ssl->specs.mac_algorithm         = sha_mac;
+        ssl->specs.kea                   = rsa_kea;
+        ssl->specs.sig_algo              = rsa_sa_algo;
+        ssl->specs.hash_size             = SHA_DIGEST_SIZE;
+        ssl->specs.pad_size              = PAD_SHA;
+        ssl->specs.static_ecdh           = 0;
+        ssl->specs.key_size              = DES3_KEY_SIZE;
+        ssl->specs.block_size            = DES_BLOCK_SIZE;
+        ssl->specs.iv_size               = DES_IV_SIZE;
+
+        break;
+#endif
+
+#ifdef BUILD_TLS_NTRU_RSA_WITH_3DES_EDE_CBC_SHA
+    case TLS_NTRU_RSA_WITH_3DES_EDE_CBC_SHA :
+        ssl->specs.bulk_cipher_algorithm = wolfssl_triple_des;
+        ssl->specs.cipher_type           = block;
+        ssl->specs.mac_algorithm         = sha_mac;
+        ssl->specs.kea                   = ntru_kea;
+        ssl->specs.sig_algo              = rsa_sa_algo;
+        ssl->specs.hash_size             = SHA_DIGEST_SIZE;
+        ssl->specs.pad_size              = PAD_SHA;
+        ssl->specs.static_ecdh           = 0;
+        ssl->specs.key_size              = DES3_KEY_SIZE;
+        ssl->specs.block_size            = DES_BLOCK_SIZE;
+        ssl->specs.iv_size               = DES_IV_SIZE;
+
+        break;
+#endif
+
+#ifdef BUILD_TLS_RSA_WITH_AES_128_CBC_SHA
+    case TLS_RSA_WITH_AES_128_CBC_SHA :
+        ssl->specs.bulk_cipher_algorithm = wolfssl_aes;
+        ssl->specs.cipher_type           = block;
+        ssl->specs.mac_algorithm         = sha_mac;
+        ssl->specs.kea                   = rsa_kea;
+        ssl->specs.sig_algo              = rsa_sa_algo;
+        ssl->specs.hash_size             = SHA_DIGEST_SIZE;
+        ssl->specs.pad_size              = PAD_SHA;
+        ssl->specs.static_ecdh           = 0;
+        ssl->specs.key_size              = AES_128_KEY_SIZE;
+        ssl->specs.block_size            = AES_BLOCK_SIZE;
+        ssl->specs.iv_size               = AES_IV_SIZE;
+
+        break;
+#endif
+
+#ifdef BUILD_TLS_RSA_WITH_AES_128_CBC_SHA256
+    case TLS_RSA_WITH_AES_128_CBC_SHA256 :
+        ssl->specs.bulk_cipher_algorithm = wolfssl_aes;
+        ssl->specs.cipher_type           = block;
+        ssl->specs.mac_algorithm         = sha256_mac;
+        ssl->specs.kea                   = rsa_kea;
+        ssl->specs.sig_algo              = rsa_sa_algo;
+        ssl->specs.hash_size             = SHA256_DIGEST_SIZE;
+        ssl->specs.pad_size              = PAD_SHA;
+        ssl->specs.static_ecdh           = 0;
+        ssl->specs.key_size              = AES_128_KEY_SIZE;
+        ssl->specs.block_size            = AES_BLOCK_SIZE;
+        ssl->specs.iv_size               = AES_IV_SIZE;
+
+        break;
+#endif
+
+#ifdef BUILD_TLS_RSA_WITH_NULL_SHA
+    case TLS_RSA_WITH_NULL_SHA :
+        ssl->specs.bulk_cipher_algorithm = wolfssl_cipher_null;
+        ssl->specs.cipher_type           = stream;
+        ssl->specs.mac_algorithm         = sha_mac;
+        ssl->specs.kea                   = rsa_kea;
+        ssl->specs.sig_algo              = rsa_sa_algo;
+        ssl->specs.hash_size             = SHA_DIGEST_SIZE;
+        ssl->specs.pad_size              = PAD_SHA;
+        ssl->specs.static_ecdh           = 0;
+        ssl->specs.key_size              = 0;
+        ssl->specs.block_size            = 0;
+        ssl->specs.iv_size               = 0;
+
+        break;
+#endif
+
+#ifdef BUILD_TLS_RSA_WITH_NULL_SHA256
+    case TLS_RSA_WITH_NULL_SHA256 :
+        ssl->specs.bulk_cipher_algorithm = wolfssl_cipher_null;
+        ssl->specs.cipher_type           = stream;
+        ssl->specs.mac_algorithm         = sha256_mac;
+        ssl->specs.kea                   = rsa_kea;
+        ssl->specs.sig_algo              = rsa_sa_algo;
+        ssl->specs.hash_size             = SHA256_DIGEST_SIZE;
+        ssl->specs.pad_size              = PAD_SHA;
+        ssl->specs.static_ecdh           = 0;
+        ssl->specs.key_size              = 0;
+        ssl->specs.block_size            = 0;
+        ssl->specs.iv_size               = 0;
+
+        break;
+#endif
+
+#ifdef BUILD_TLS_NTRU_RSA_WITH_AES_128_CBC_SHA
+    case TLS_NTRU_RSA_WITH_AES_128_CBC_SHA :
+        ssl->specs.bulk_cipher_algorithm = wolfssl_aes;
+        ssl->specs.cipher_type           = block;
+        ssl->specs.mac_algorithm         = sha_mac;
+        ssl->specs.kea                   = ntru_kea;
+        ssl->specs.sig_algo              = rsa_sa_algo;
+        ssl->specs.hash_size             = SHA_DIGEST_SIZE;
+        ssl->specs.pad_size              = PAD_SHA;
+        ssl->specs.static_ecdh           = 0;
+        ssl->specs.key_size              = AES_128_KEY_SIZE;
+        ssl->specs.block_size            = AES_BLOCK_SIZE;
+        ssl->specs.iv_size               = AES_IV_SIZE;
+
+        break;
+#endif
+
+#ifdef BUILD_TLS_RSA_WITH_AES_256_CBC_SHA
+    case TLS_RSA_WITH_AES_256_CBC_SHA :
+        ssl->specs.bulk_cipher_algorithm = wolfssl_aes;
+        ssl->specs.cipher_type           = block;
+        ssl->specs.mac_algorithm         = sha_mac;
+        ssl->specs.kea                   = rsa_kea;
+        ssl->specs.sig_algo              = rsa_sa_algo;
+        ssl->specs.hash_size             = SHA_DIGEST_SIZE;
+        ssl->specs.pad_size              = PAD_SHA;
+        ssl->specs.static_ecdh           = 0;
+        ssl->specs.key_size              = AES_256_KEY_SIZE;
+        ssl->specs.block_size            = AES_BLOCK_SIZE;
+        ssl->specs.iv_size               = AES_IV_SIZE;
+
+        break;
+#endif
+
+#ifdef BUILD_TLS_RSA_WITH_AES_256_CBC_SHA256
+    case TLS_RSA_WITH_AES_256_CBC_SHA256 :
+        ssl->specs.bulk_cipher_algorithm = wolfssl_aes;
+        ssl->specs.cipher_type           = block;
+        ssl->specs.mac_algorithm         = sha256_mac;
+        ssl->specs.kea                   = rsa_kea;
+        ssl->specs.sig_algo              = rsa_sa_algo;
+        ssl->specs.hash_size             = SHA256_DIGEST_SIZE;
+        ssl->specs.pad_size              = PAD_SHA;
+        ssl->specs.static_ecdh           = 0;
+        ssl->specs.key_size              = AES_256_KEY_SIZE;
+        ssl->specs.block_size            = AES_BLOCK_SIZE;
+        ssl->specs.iv_size               = AES_IV_SIZE;
+
+        break;
+#endif
+
+#ifdef BUILD_TLS_NTRU_RSA_WITH_AES_256_CBC_SHA
+    case TLS_NTRU_RSA_WITH_AES_256_CBC_SHA :
+        ssl->specs.bulk_cipher_algorithm = wolfssl_aes;
+        ssl->specs.cipher_type           = block;
+        ssl->specs.mac_algorithm         = sha_mac;
+        ssl->specs.kea                   = ntru_kea;
+        ssl->specs.sig_algo              = rsa_sa_algo;
+        ssl->specs.hash_size             = SHA_DIGEST_SIZE;
+        ssl->specs.pad_size              = PAD_SHA;
+        ssl->specs.static_ecdh           = 0;
+        ssl->specs.key_size              = AES_256_KEY_SIZE;
+        ssl->specs.block_size            = AES_BLOCK_SIZE;
+        ssl->specs.iv_size               = AES_IV_SIZE;
+
+        break;
+#endif
+
+#ifdef BUILD_TLS_PSK_WITH_AES_128_GCM_SHA256
+    case TLS_PSK_WITH_AES_128_GCM_SHA256 :
+        ssl->specs.bulk_cipher_algorithm = wolfssl_aes_gcm;
+        ssl->specs.cipher_type           = aead;
+        ssl->specs.mac_algorithm         = sha256_mac;
+        ssl->specs.kea                   = psk_kea;
+        ssl->specs.sig_algo              = anonymous_sa_algo;
+        ssl->specs.hash_size             = SHA256_DIGEST_SIZE;
+        ssl->specs.pad_size              = PAD_SHA;
+        ssl->specs.static_ecdh           = 0;
+        ssl->specs.key_size              = AES_128_KEY_SIZE;
+        ssl->specs.block_size            = AES_BLOCK_SIZE;
+        ssl->specs.iv_size               = AEAD_IMP_IV_SZ;
+        ssl->specs.aead_mac_size         = AES_GCM_AUTH_SZ;
+
+        ssl->options.usingPSK_cipher     = 1;
+        break;
+#endif
+
+#ifdef BUILD_TLS_PSK_WITH_AES_256_GCM_SHA384
+    case TLS_PSK_WITH_AES_256_GCM_SHA384 :
+        ssl->specs.bulk_cipher_algorithm = wolfssl_aes_gcm;
+        ssl->specs.cipher_type           = aead;
+        ssl->specs.mac_algorithm         = sha384_mac;
+        ssl->specs.kea                   = psk_kea;
+        ssl->specs.sig_algo              = anonymous_sa_algo;
+        ssl->specs.hash_size             = SHA384_DIGEST_SIZE;
+        ssl->specs.pad_size              = PAD_SHA;
+        ssl->specs.static_ecdh           = 0;
+        ssl->specs.key_size              = AES_256_KEY_SIZE;
+        ssl->specs.block_size            = AES_BLOCK_SIZE;
+        ssl->specs.iv_size               = AEAD_IMP_IV_SZ;
+        ssl->specs.aead_mac_size         = AES_GCM_AUTH_SZ;
+
+        ssl->options.usingPSK_cipher     = 1;
+        break;
+#endif
+
+#ifdef BUILD_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256
+    case TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 :
+        ssl->specs.bulk_cipher_algorithm = wolfssl_aes_gcm;
+        ssl->specs.cipher_type           = aead;
+        ssl->specs.mac_algorithm         = sha256_mac;
+        ssl->specs.kea                   = dhe_psk_kea;
+        ssl->specs.sig_algo              = anonymous_sa_algo;
+        ssl->specs.hash_size             = SHA256_DIGEST_SIZE;
+        ssl->specs.pad_size              = PAD_SHA;
+        ssl->specs.static_ecdh           = 0;
+        ssl->specs.key_size              = AES_128_KEY_SIZE;
+        ssl->specs.block_size            = AES_BLOCK_SIZE;
+        ssl->specs.iv_size               = AEAD_IMP_IV_SZ;
+        ssl->specs.aead_mac_size         = AES_GCM_AUTH_SZ;
+
+        ssl->options.usingPSK_cipher     = 1;
+        break;
+#endif
+
+#ifdef BUILD_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384
+    case TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 :
+        ssl->specs.bulk_cipher_algorithm = wolfssl_aes_gcm;
+        ssl->specs.cipher_type           = aead;
+        ssl->specs.mac_algorithm         = sha384_mac;
+        ssl->specs.kea                   = dhe_psk_kea;
+        ssl->specs.sig_algo              = anonymous_sa_algo;
+        ssl->specs.hash_size             = SHA384_DIGEST_SIZE;
+        ssl->specs.pad_size              = PAD_SHA;
+        ssl->specs.static_ecdh           = 0;
+        ssl->specs.key_size              = AES_256_KEY_SIZE;
+        ssl->specs.block_size            = AES_BLOCK_SIZE;
+        ssl->specs.iv_size               = AEAD_IMP_IV_SZ;
+        ssl->specs.aead_mac_size         = AES_GCM_AUTH_SZ;
+
+        ssl->options.usingPSK_cipher     = 1;
+        break;
+#endif
+
+#ifdef BUILD_TLS_PSK_WITH_AES_128_CBC_SHA256
+    case TLS_PSK_WITH_AES_128_CBC_SHA256 :
+        ssl->specs.bulk_cipher_algorithm = wolfssl_aes;
+        ssl->specs.cipher_type           = block;
+        ssl->specs.mac_algorithm         = sha256_mac;
+        ssl->specs.kea                   = psk_kea;
+        ssl->specs.sig_algo              = anonymous_sa_algo;
+        ssl->specs.hash_size             = SHA256_DIGEST_SIZE;
+        ssl->specs.pad_size              = PAD_SHA;
+        ssl->specs.static_ecdh           = 0;
+        ssl->specs.key_size              = AES_128_KEY_SIZE;
+        ssl->specs.block_size            = AES_BLOCK_SIZE;
+        ssl->specs.iv_size               = AES_IV_SIZE;
+
+        ssl->options.usingPSK_cipher     = 1;
+        break;
+#endif
+
+#ifdef BUILD_TLS_PSK_WITH_AES_256_CBC_SHA384
+    case TLS_PSK_WITH_AES_256_CBC_SHA384 :
+        ssl->specs.bulk_cipher_algorithm = wolfssl_aes;
+        ssl->specs.cipher_type           = block;
+        ssl->specs.mac_algorithm         = sha384_mac;
+        ssl->specs.kea                   = psk_kea;
+        ssl->specs.sig_algo              = anonymous_sa_algo;
+        ssl->specs.hash_size             = SHA384_DIGEST_SIZE;
+        ssl->specs.pad_size              = PAD_SHA;
+        ssl->specs.static_ecdh           = 0;
+        ssl->specs.key_size              = AES_256_KEY_SIZE;
+        ssl->specs.block_size            = AES_BLOCK_SIZE;
+        ssl->specs.iv_size               = AES_IV_SIZE;
+
+        ssl->options.usingPSK_cipher     = 1;
+        break;
+#endif
+
+#ifdef BUILD_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256
+    case TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 :
+        ssl->specs.bulk_cipher_algorithm = wolfssl_aes;
+        ssl->specs.cipher_type           = block;
+        ssl->specs.mac_algorithm         = sha256_mac;
+        ssl->specs.kea                   = dhe_psk_kea;
+        ssl->specs.sig_algo              = anonymous_sa_algo;
+        ssl->specs.hash_size             = SHA256_DIGEST_SIZE;
+        ssl->specs.pad_size              = PAD_SHA;
+        ssl->specs.static_ecdh           = 0;
+        ssl->specs.key_size              = AES_128_KEY_SIZE;
+        ssl->specs.block_size            = AES_BLOCK_SIZE;
+        ssl->specs.iv_size               = AES_IV_SIZE;
+
+        ssl->options.usingPSK_cipher     = 1;
+        break;
+#endif
+
+#ifdef BUILD_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384
+    case TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 :
+        ssl->specs.bulk_cipher_algorithm = wolfssl_aes;
+        ssl->specs.cipher_type           = block;
+        ssl->specs.mac_algorithm         = sha384_mac;
+        ssl->specs.kea                   = dhe_psk_kea;
+        ssl->specs.sig_algo              = anonymous_sa_algo;
+        ssl->specs.hash_size             = SHA384_DIGEST_SIZE;
+        ssl->specs.pad_size              = PAD_SHA;
+        ssl->specs.static_ecdh           = 0;
+        ssl->specs.key_size              = AES_256_KEY_SIZE;
+        ssl->specs.block_size            = AES_BLOCK_SIZE;
+        ssl->specs.iv_size               = AES_IV_SIZE;
+
+        ssl->options.usingPSK_cipher     = 1;
+        break;
+#endif
+
+#ifdef BUILD_TLS_PSK_WITH_AES_128_CBC_SHA
+    case TLS_PSK_WITH_AES_128_CBC_SHA :
+        ssl->specs.bulk_cipher_algorithm = wolfssl_aes;
+        ssl->specs.cipher_type           = block;
+        ssl->specs.mac_algorithm         = sha_mac;
+        ssl->specs.kea                   = psk_kea;
+        ssl->specs.sig_algo              = anonymous_sa_algo;
+        ssl->specs.hash_size             = SHA_DIGEST_SIZE;
+        ssl->specs.pad_size              = PAD_SHA;
+        ssl->specs.static_ecdh           = 0;
+        ssl->specs.key_size              = AES_128_KEY_SIZE;
+        ssl->specs.block_size            = AES_BLOCK_SIZE;
+        ssl->specs.iv_size               = AES_IV_SIZE;
+
+        ssl->options.usingPSK_cipher     = 1;
+        break;
+#endif
+
+#ifdef BUILD_TLS_PSK_WITH_AES_256_CBC_SHA
+    case TLS_PSK_WITH_AES_256_CBC_SHA :
+        ssl->specs.bulk_cipher_algorithm = wolfssl_aes;
+        ssl->specs.cipher_type           = block;
+        ssl->specs.mac_algorithm         = sha_mac;
+        ssl->specs.kea                   = psk_kea;
+        ssl->specs.sig_algo              = anonymous_sa_algo;
+        ssl->specs.hash_size             = SHA_DIGEST_SIZE;
+        ssl->specs.pad_size              = PAD_SHA;
+        ssl->specs.static_ecdh           = 0;
+        ssl->specs.key_size              = AES_256_KEY_SIZE;
+        ssl->specs.block_size            = AES_BLOCK_SIZE;
+        ssl->specs.iv_size               = AES_IV_SIZE;
+
+        ssl->options.usingPSK_cipher     = 1;
+        break;
+#endif
+
+#ifdef BUILD_TLS_PSK_WITH_NULL_SHA256
+    case TLS_PSK_WITH_NULL_SHA256 :
+        ssl->specs.bulk_cipher_algorithm = wolfssl_cipher_null;
+        ssl->specs.cipher_type           = stream;
+        ssl->specs.mac_algorithm         = sha256_mac;
+        ssl->specs.kea                   = psk_kea;
+        ssl->specs.sig_algo              = anonymous_sa_algo;
+        ssl->specs.hash_size             = SHA256_DIGEST_SIZE;
+        ssl->specs.pad_size              = PAD_SHA;
+        ssl->specs.static_ecdh           = 0;
+        ssl->specs.key_size              = 0;
+        ssl->specs.block_size            = 0;
+        ssl->specs.iv_size               = 0;
+
+        ssl->options.usingPSK_cipher     = 1;
+        break;
+#endif
+
+#ifdef BUILD_TLS_PSK_WITH_NULL_SHA384
+    case TLS_PSK_WITH_NULL_SHA384 :
+        ssl->specs.bulk_cipher_algorithm = wolfssl_cipher_null;
+        ssl->specs.cipher_type           = stream;
+        ssl->specs.mac_algorithm         = sha384_mac;
+        ssl->specs.kea                   = psk_kea;
+        ssl->specs.sig_algo              = anonymous_sa_algo;
+        ssl->specs.hash_size             = SHA384_DIGEST_SIZE;
+        ssl->specs.pad_size              = PAD_SHA;
+        ssl->specs.static_ecdh           = 0;
+        ssl->specs.key_size              = 0;
+        ssl->specs.block_size            = 0;
+        ssl->specs.iv_size               = 0;
+
+        ssl->options.usingPSK_cipher     = 1;
+        break;
+#endif
+
+#ifdef BUILD_TLS_PSK_WITH_NULL_SHA
+    case TLS_PSK_WITH_NULL_SHA :
+        ssl->specs.bulk_cipher_algorithm = wolfssl_cipher_null;
+        ssl->specs.cipher_type           = stream;
+        ssl->specs.mac_algorithm         = sha_mac;
+        ssl->specs.kea                   = psk_kea;
+        ssl->specs.sig_algo              = anonymous_sa_algo;
+        ssl->specs.hash_size             = SHA_DIGEST_SIZE;
+        ssl->specs.pad_size              = PAD_SHA;
+        ssl->specs.static_ecdh           = 0;
+        ssl->specs.key_size              = 0;
+        ssl->specs.block_size            = 0;
+        ssl->specs.iv_size               = 0;
+
+        ssl->options.usingPSK_cipher     = 1;
+        break;
+#endif
+
+#ifdef BUILD_TLS_DHE_PSK_WITH_NULL_SHA256
+    case TLS_DHE_PSK_WITH_NULL_SHA256 :
+        ssl->specs.bulk_cipher_algorithm = wolfssl_cipher_null;
+        ssl->specs.cipher_type           = stream;
+        ssl->specs.mac_algorithm         = sha256_mac;
+        ssl->specs.kea                   = dhe_psk_kea;
+        ssl->specs.sig_algo              = anonymous_sa_algo;
+        ssl->specs.hash_size             = SHA256_DIGEST_SIZE;
+        ssl->specs.pad_size              = PAD_SHA;
+        ssl->specs.static_ecdh           = 0;
+        ssl->specs.key_size              = 0;
+        ssl->specs.block_size            = 0;
+        ssl->specs.iv_size               = 0;
+
+        ssl->options.usingPSK_cipher     = 1;
+        break;
+#endif
+
+#ifdef BUILD_TLS_DHE_PSK_WITH_NULL_SHA384
+    case TLS_DHE_PSK_WITH_NULL_SHA384 :
+        ssl->specs.bulk_cipher_algorithm = wolfssl_cipher_null;
+        ssl->specs.cipher_type           = stream;
+        ssl->specs.mac_algorithm         = sha384_mac;
+        ssl->specs.kea                   = dhe_psk_kea;
+        ssl->specs.sig_algo              = anonymous_sa_algo;
+        ssl->specs.hash_size             = SHA384_DIGEST_SIZE;
+        ssl->specs.pad_size              = PAD_SHA;
+        ssl->specs.static_ecdh           = 0;
+        ssl->specs.key_size              = 0;
+        ssl->specs.block_size            = 0;
+        ssl->specs.iv_size               = 0;
+
+        ssl->options.usingPSK_cipher     = 1;
+        break;
+#endif
+
+#ifdef BUILD_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
+    case TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 :
+        ssl->specs.bulk_cipher_algorithm = wolfssl_aes;
+        ssl->specs.cipher_type           = block;
+        ssl->specs.mac_algorithm         = sha256_mac;
+        ssl->specs.kea                   = diffie_hellman_kea;
+        ssl->specs.sig_algo              = rsa_sa_algo;
+        ssl->specs.hash_size             = SHA256_DIGEST_SIZE;
+        ssl->specs.pad_size              = PAD_SHA;
+        ssl->specs.static_ecdh           = 0;
+        ssl->specs.key_size              = AES_128_KEY_SIZE;
+        ssl->specs.block_size            = AES_BLOCK_SIZE;
+        ssl->specs.iv_size               = AES_IV_SIZE;
+
+        break;
+#endif
+
+#ifdef BUILD_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
+    case TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 :
+        ssl->specs.bulk_cipher_algorithm = wolfssl_aes;
+        ssl->specs.cipher_type           = block;
+        ssl->specs.mac_algorithm         = sha256_mac;
+        ssl->specs.kea                   = diffie_hellman_kea;
+        ssl->specs.sig_algo              = rsa_sa_algo;
+        ssl->specs.hash_size             = SHA256_DIGEST_SIZE;
+        ssl->specs.pad_size              = PAD_SHA;
+        ssl->specs.static_ecdh           = 0;
+        ssl->specs.key_size              = AES_256_KEY_SIZE;
+        ssl->specs.block_size            = AES_BLOCK_SIZE;
+        ssl->specs.iv_size               = AES_IV_SIZE;
+
+        break;
+#endif
+
+#ifdef BUILD_TLS_DHE_RSA_WITH_AES_128_CBC_SHA
+    case TLS_DHE_RSA_WITH_AES_128_CBC_SHA :
+        ssl->specs.bulk_cipher_algorithm = wolfssl_aes;
+        ssl->specs.cipher_type           = block;
+        ssl->specs.mac_algorithm         = sha_mac;
+        ssl->specs.kea                   = diffie_hellman_kea;
+        ssl->specs.sig_algo              = rsa_sa_algo;
+        ssl->specs.hash_size             = SHA_DIGEST_SIZE;
+        ssl->specs.pad_size              = PAD_SHA;
+        ssl->specs.static_ecdh           = 0;
+        ssl->specs.key_size              = AES_128_KEY_SIZE;
+        ssl->specs.block_size            = AES_BLOCK_SIZE;
+        ssl->specs.iv_size               = AES_IV_SIZE;
+
+        break;
+#endif
+
+#ifdef BUILD_TLS_DHE_RSA_WITH_AES_256_CBC_SHA
+    case TLS_DHE_RSA_WITH_AES_256_CBC_SHA :
+        ssl->specs.bulk_cipher_algorithm = wolfssl_aes;
+        ssl->specs.cipher_type           = block;
+        ssl->specs.mac_algorithm         = sha_mac;
+        ssl->specs.kea                   = diffie_hellman_kea;
+        ssl->specs.sig_algo              = rsa_sa_algo;
+        ssl->specs.hash_size             = SHA_DIGEST_SIZE;
+        ssl->specs.pad_size              = PAD_SHA;
+        ssl->specs.static_ecdh           = 0;
+        ssl->specs.key_size              = AES_256_KEY_SIZE;
+        ssl->specs.block_size            = AES_BLOCK_SIZE;
+        ssl->specs.iv_size               = AES_IV_SIZE;
+
+        break;
+#endif
+
+#ifdef BUILD_TLS_RSA_WITH_HC_128_MD5
+    case TLS_RSA_WITH_HC_128_MD5 :
+        ssl->specs.bulk_cipher_algorithm = wolfssl_hc128;
+        ssl->specs.cipher_type           = stream;
+        ssl->specs.mac_algorithm         = md5_mac;
+        ssl->specs.kea                   = rsa_kea;
+        ssl->specs.sig_algo              = rsa_sa_algo;
+        ssl->specs.hash_size             = MD5_DIGEST_SIZE;
+        ssl->specs.pad_size              = PAD_MD5;
+        ssl->specs.static_ecdh           = 0;
+        ssl->specs.key_size              = HC_128_KEY_SIZE;
+        ssl->specs.block_size            = 0;
+        ssl->specs.iv_size               = HC_128_IV_SIZE;
+
+        break;
+#endif
+            
+#ifdef BUILD_TLS_RSA_WITH_HC_128_SHA
+        case TLS_RSA_WITH_HC_128_SHA :
+            ssl->specs.bulk_cipher_algorithm = wolfssl_hc128;
+            ssl->specs.cipher_type           = stream;
+            ssl->specs.mac_algorithm         = sha_mac;
+            ssl->specs.kea                   = rsa_kea;
+            ssl->specs.sig_algo              = rsa_sa_algo;
+            ssl->specs.hash_size             = SHA_DIGEST_SIZE;
+            ssl->specs.pad_size              = PAD_SHA;
+            ssl->specs.static_ecdh           = 0;
+            ssl->specs.key_size              = HC_128_KEY_SIZE;
+            ssl->specs.block_size            = 0;
+            ssl->specs.iv_size               = HC_128_IV_SIZE;
+            
+            break;
+#endif
+
+#ifdef BUILD_TLS_RSA_WITH_HC_128_B2B256
+        case TLS_RSA_WITH_HC_128_B2B256:
+            ssl->specs.bulk_cipher_algorithm = wolfssl_hc128;
+            ssl->specs.cipher_type           = stream;
+            ssl->specs.mac_algorithm         = blake2b_mac;
+            ssl->specs.kea                   = rsa_kea;
+            ssl->specs.sig_algo              = rsa_sa_algo;
+            ssl->specs.hash_size             = BLAKE2B_256;
+            ssl->specs.pad_size              = PAD_SHA;
+            ssl->specs.static_ecdh           = 0;
+            ssl->specs.key_size              = HC_128_KEY_SIZE;
+            ssl->specs.block_size            = 0;
+            ssl->specs.iv_size               = HC_128_IV_SIZE;
+            
+            break;
+#endif
+
+#ifdef BUILD_TLS_RSA_WITH_AES_128_CBC_B2B256
+        case TLS_RSA_WITH_AES_128_CBC_B2B256:
+            ssl->specs.bulk_cipher_algorithm = wolfssl_aes;
+            ssl->specs.cipher_type           = block;
+            ssl->specs.mac_algorithm         = blake2b_mac;
+            ssl->specs.kea                   = rsa_kea;
+            ssl->specs.sig_algo              = rsa_sa_algo;
+            ssl->specs.hash_size             = BLAKE2B_256;
+            ssl->specs.pad_size              = PAD_SHA;
+            ssl->specs.static_ecdh           = 0;
+            ssl->specs.key_size              = AES_128_KEY_SIZE;
+            ssl->specs.iv_size               = AES_IV_SIZE;
+            ssl->specs.block_size            = AES_BLOCK_SIZE;
+            
+            break;
+#endif
+
+#ifdef BUILD_TLS_RSA_WITH_AES_256_CBC_B2B256
+        case TLS_RSA_WITH_AES_256_CBC_B2B256:
+            ssl->specs.bulk_cipher_algorithm = wolfssl_aes;
+            ssl->specs.cipher_type           = block;
+            ssl->specs.mac_algorithm         = blake2b_mac;
+            ssl->specs.kea                   = rsa_kea;
+            ssl->specs.sig_algo              = rsa_sa_algo;
+            ssl->specs.hash_size             = BLAKE2B_256;
+            ssl->specs.pad_size              = PAD_SHA;
+            ssl->specs.static_ecdh           = 0;
+            ssl->specs.key_size              = AES_256_KEY_SIZE;
+            ssl->specs.iv_size               = AES_IV_SIZE;
+            ssl->specs.block_size            = AES_BLOCK_SIZE;
+            
+            break;
+#endif
+
+#ifdef BUILD_TLS_RSA_WITH_RABBIT_SHA
+    case TLS_RSA_WITH_RABBIT_SHA :
+        ssl->specs.bulk_cipher_algorithm = wolfssl_rabbit;
+        ssl->specs.cipher_type           = stream;
+        ssl->specs.mac_algorithm         = sha_mac;
+        ssl->specs.kea                   = rsa_kea;
+        ssl->specs.sig_algo              = rsa_sa_algo;
+        ssl->specs.hash_size             = SHA_DIGEST_SIZE;
+        ssl->specs.pad_size              = PAD_SHA;
+        ssl->specs.static_ecdh           = 0;
+        ssl->specs.key_size              = RABBIT_KEY_SIZE;
+        ssl->specs.block_size            = 0;
+        ssl->specs.iv_size               = RABBIT_IV_SIZE;
+
+        break;
+#endif
+
+#ifdef BUILD_TLS_RSA_WITH_AES_128_GCM_SHA256
+    case TLS_RSA_WITH_AES_128_GCM_SHA256 :
+        ssl->specs.bulk_cipher_algorithm = wolfssl_aes_gcm;
+        ssl->specs.cipher_type           = aead;
+        ssl->specs.mac_algorithm         = sha256_mac;
+        ssl->specs.kea                   = rsa_kea;
+        ssl->specs.sig_algo              = rsa_sa_algo;
+        ssl->specs.hash_size             = SHA256_DIGEST_SIZE;
+        ssl->specs.pad_size              = PAD_SHA;
+        ssl->specs.static_ecdh           = 0;
+        ssl->specs.key_size              = AES_128_KEY_SIZE;
+        ssl->specs.block_size            = AES_BLOCK_SIZE;
+        ssl->specs.iv_size               = AEAD_IMP_IV_SZ;
+        ssl->specs.aead_mac_size         = AES_GCM_AUTH_SZ;
+
+        break;
+#endif
+
+#ifdef BUILD_TLS_RSA_WITH_AES_256_GCM_SHA384
+    case TLS_RSA_WITH_AES_256_GCM_SHA384 :
+        ssl->specs.bulk_cipher_algorithm = wolfssl_aes_gcm;
+        ssl->specs.cipher_type           = aead;
+        ssl->specs.mac_algorithm         = sha384_mac;
+        ssl->specs.kea                   = rsa_kea;
+        ssl->specs.sig_algo              = rsa_sa_algo;
+        ssl->specs.hash_size             = SHA384_DIGEST_SIZE;
+        ssl->specs.pad_size              = PAD_SHA;
+        ssl->specs.static_ecdh           = 0;
+        ssl->specs.key_size              = AES_256_KEY_SIZE;
+        ssl->specs.block_size            = AES_BLOCK_SIZE;
+        ssl->specs.iv_size               = AEAD_IMP_IV_SZ;
+        ssl->specs.aead_mac_size         = AES_GCM_AUTH_SZ;
+
+        break;
+#endif
+
+#ifdef BUILD_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
+    case TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 :
+        ssl->specs.bulk_cipher_algorithm = wolfssl_aes_gcm;
+        ssl->specs.cipher_type           = aead;
+        ssl->specs.mac_algorithm         = sha256_mac;
+        ssl->specs.kea                   = diffie_hellman_kea;
+        ssl->specs.sig_algo              = rsa_sa_algo;
+        ssl->specs.hash_size             = SHA256_DIGEST_SIZE;
+        ssl->specs.pad_size              = PAD_SHA;
+        ssl->specs.static_ecdh           = 0;
+        ssl->specs.key_size              = AES_128_KEY_SIZE;
+        ssl->specs.block_size            = AES_BLOCK_SIZE;
+        ssl->specs.iv_size               = AEAD_IMP_IV_SZ;
+        ssl->specs.aead_mac_size         = AES_GCM_AUTH_SZ;
+
+        break;
+#endif
+
+#ifdef BUILD_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
+    case TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 :
+        ssl->specs.bulk_cipher_algorithm = wolfssl_aes_gcm;
+        ssl->specs.cipher_type           = aead;
+        ssl->specs.mac_algorithm         = sha384_mac;
+        ssl->specs.kea                   = diffie_hellman_kea;
+        ssl->specs.sig_algo              = rsa_sa_algo;
+        ssl->specs.hash_size             = SHA384_DIGEST_SIZE;
+        ssl->specs.pad_size              = PAD_SHA;
+        ssl->specs.static_ecdh           = 0;
+        ssl->specs.key_size              = AES_256_KEY_SIZE;
+        ssl->specs.block_size            = AES_BLOCK_SIZE;
+        ssl->specs.iv_size               = AEAD_IMP_IV_SZ;
+        ssl->specs.aead_mac_size         = AES_GCM_AUTH_SZ;
+
+        break;
+#endif
+
+#ifdef BUILD_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
+    case TLS_RSA_WITH_CAMELLIA_128_CBC_SHA :
+        ssl->specs.bulk_cipher_algorithm = wolfssl_camellia;
+        ssl->specs.cipher_type           = block;
+        ssl->specs.mac_algorithm         = sha_mac;
+        ssl->specs.kea                   = rsa_kea;
+        ssl->specs.sig_algo              = rsa_sa_algo;
+        ssl->specs.hash_size             = SHA_DIGEST_SIZE;
+        ssl->specs.pad_size              = PAD_SHA;
+        ssl->specs.static_ecdh           = 0;
+        ssl->specs.key_size              = CAMELLIA_128_KEY_SIZE;
+        ssl->specs.block_size            = CAMELLIA_BLOCK_SIZE;
+        ssl->specs.iv_size               = CAMELLIA_IV_SIZE;
+
+        break;
+#endif
+    
+#ifdef BUILD_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
+    case TLS_RSA_WITH_CAMELLIA_256_CBC_SHA :
+        ssl->specs.bulk_cipher_algorithm = wolfssl_camellia;
+        ssl->specs.cipher_type           = block;
+        ssl->specs.mac_algorithm         = sha_mac;
+        ssl->specs.kea                   = rsa_kea;
+        ssl->specs.sig_algo              = rsa_sa_algo;
+        ssl->specs.hash_size             = SHA_DIGEST_SIZE;
+        ssl->specs.pad_size              = PAD_SHA;
+        ssl->specs.static_ecdh           = 0;
+        ssl->specs.key_size              = CAMELLIA_256_KEY_SIZE;
+        ssl->specs.block_size            = CAMELLIA_BLOCK_SIZE;
+        ssl->specs.iv_size               = CAMELLIA_IV_SIZE;
+
+        break;
+#endif
+
+#ifdef BUILD_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256
+    case TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 :
+        ssl->specs.bulk_cipher_algorithm = wolfssl_camellia;
+        ssl->specs.cipher_type           = block;
+        ssl->specs.mac_algorithm         = sha256_mac;
+        ssl->specs.kea                   = rsa_kea;
+        ssl->specs.sig_algo              = rsa_sa_algo;
+        ssl->specs.hash_size             = SHA256_DIGEST_SIZE;
+        ssl->specs.pad_size              = PAD_SHA;
+        ssl->specs.static_ecdh           = 0;
+        ssl->specs.key_size              = CAMELLIA_128_KEY_SIZE;
+        ssl->specs.block_size            = CAMELLIA_BLOCK_SIZE;
+        ssl->specs.iv_size               = CAMELLIA_IV_SIZE;
+
+        break;
+#endif
+
+#ifdef BUILD_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256
+    case TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 :
+        ssl->specs.bulk_cipher_algorithm = wolfssl_camellia;
+        ssl->specs.cipher_type           = block;
+        ssl->specs.mac_algorithm         = sha256_mac;
+        ssl->specs.kea                   = rsa_kea;
+        ssl->specs.sig_algo              = rsa_sa_algo;
+        ssl->specs.hash_size             = SHA256_DIGEST_SIZE;
+        ssl->specs.pad_size              = PAD_SHA;
+        ssl->specs.static_ecdh           = 0;
+        ssl->specs.key_size              = CAMELLIA_256_KEY_SIZE;
+        ssl->specs.block_size            = CAMELLIA_BLOCK_SIZE;
+        ssl->specs.iv_size               = CAMELLIA_IV_SIZE;
+
+        break;
+#endif
+
+#ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
+    case TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA :
+        ssl->specs.bulk_cipher_algorithm = wolfssl_camellia;
+        ssl->specs.cipher_type           = block;
+        ssl->specs.mac_algorithm         = sha_mac;
+        ssl->specs.kea                   = diffie_hellman_kea;
+        ssl->specs.sig_algo              = rsa_sa_algo;
+        ssl->specs.hash_size             = SHA_DIGEST_SIZE;
+        ssl->specs.pad_size              = PAD_SHA;
+        ssl->specs.static_ecdh           = 0;
+        ssl->specs.key_size              = CAMELLIA_128_KEY_SIZE;
+        ssl->specs.block_size            = CAMELLIA_BLOCK_SIZE;
+        ssl->specs.iv_size               = CAMELLIA_IV_SIZE;
+
+        break;
+#endif
+
+#ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
+    case TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA :
+        ssl->specs.bulk_cipher_algorithm = wolfssl_camellia;
+        ssl->specs.cipher_type           = block;
+        ssl->specs.mac_algorithm         = sha_mac;
+        ssl->specs.kea                   = diffie_hellman_kea;
+        ssl->specs.sig_algo              = rsa_sa_algo;
+        ssl->specs.hash_size             = SHA_DIGEST_SIZE;
+        ssl->specs.pad_size              = PAD_SHA;
+        ssl->specs.static_ecdh           = 0;
+        ssl->specs.key_size              = CAMELLIA_256_KEY_SIZE;
+        ssl->specs.block_size            = CAMELLIA_BLOCK_SIZE;
+        ssl->specs.iv_size               = CAMELLIA_IV_SIZE;
+
+        break;
+#endif
+
+#ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
+    case TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 :
+        ssl->specs.bulk_cipher_algorithm = wolfssl_camellia;
+        ssl->specs.cipher_type           = block;
+        ssl->specs.mac_algorithm         = sha256_mac;
+        ssl->specs.kea                   = diffie_hellman_kea;
+        ssl->specs.sig_algo              = rsa_sa_algo;
+        ssl->specs.hash_size             = SHA256_DIGEST_SIZE;
+        ssl->specs.pad_size              = PAD_SHA;
+        ssl->specs.static_ecdh           = 0;
+        ssl->specs.key_size              = CAMELLIA_128_KEY_SIZE;
+        ssl->specs.block_size            = CAMELLIA_BLOCK_SIZE;
+        ssl->specs.iv_size               = CAMELLIA_IV_SIZE;
+
+        break;
+#endif
+
+#ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256
+    case TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 :
+        ssl->specs.bulk_cipher_algorithm = wolfssl_camellia;
+        ssl->specs.cipher_type           = block;
+        ssl->specs.mac_algorithm         = sha256_mac;
+        ssl->specs.kea                   = diffie_hellman_kea;
+        ssl->specs.sig_algo              = rsa_sa_algo;
+        ssl->specs.hash_size             = SHA256_DIGEST_SIZE;
+        ssl->specs.pad_size              = PAD_SHA;
+        ssl->specs.static_ecdh           = 0;
+        ssl->specs.key_size              = CAMELLIA_256_KEY_SIZE;
+        ssl->specs.block_size            = CAMELLIA_BLOCK_SIZE;
+        ssl->specs.iv_size               = CAMELLIA_IV_SIZE;
+
+        break;
+#endif
+
+#ifdef BUILD_TLS_DH_anon_WITH_AES_128_CBC_SHA
+    case TLS_DH_anon_WITH_AES_128_CBC_SHA :
+        ssl->specs.bulk_cipher_algorithm = wolfssl_aes;
+        ssl->specs.cipher_type           = block;
+        ssl->specs.mac_algorithm         = sha_mac;
+        ssl->specs.kea                   = diffie_hellman_kea;
+        ssl->specs.sig_algo              = anonymous_sa_algo;
+        ssl->specs.hash_size             = SHA_DIGEST_SIZE;
+        ssl->specs.pad_size              = PAD_SHA;
+        ssl->specs.static_ecdh           = 0;
+        ssl->specs.key_size              = AES_128_KEY_SIZE;
+        ssl->specs.block_size            = AES_BLOCK_SIZE;
+        ssl->specs.iv_size               = AES_IV_SIZE;
+
+        ssl->options.usingAnon_cipher    = 1;
+        break;
+#endif
+
+    default:
+        WOLFSSL_MSG("Unsupported cipher suite, SetCipherSpecs");
+        return UNSUPPORTED_SUITE;
+    }  /* switch */
+    }  /* if ECC / Normal suites else */
+
+    /* set TLS if it hasn't been turned off */
+    if (ssl->version.major == 3 && ssl->version.minor >= 1) {
+#ifndef NO_TLS
+        ssl->options.tls = 1;
+        ssl->hmac = TLS_hmac;
+        if (ssl->version.minor >= 2)
+            ssl->options.tls1_1 = 1;
+#endif
+    }
+
+#ifdef WOLFSSL_DTLS
+    if (ssl->options.dtls)
+        ssl->hmac = TLS_hmac;
+#endif
+
+    return 0;
+}
+
+
+enum KeyStuff {
+    MASTER_ROUNDS = 3,
+    PREFIX        = 3,     /* up to three letters for master prefix */
+    KEY_PREFIX    = 7      /* up to 7 prefix letters for key rounds */
+
+
+};
+
+#ifndef NO_OLD_TLS
+/* true or false, zero for error */
+static int SetPrefix(byte* sha_input, int idx)
+{
+    switch (idx) {
+    case 0:
+        XMEMCPY(sha_input, "A", 1);
+        break;
+    case 1:
+        XMEMCPY(sha_input, "BB", 2);
+        break;
+    case 2:
+        XMEMCPY(sha_input, "CCC", 3);
+        break;
+    case 3:
+        XMEMCPY(sha_input, "DDDD", 4);
+        break;
+    case 4:
+        XMEMCPY(sha_input, "EEEEE", 5);
+        break;
+    case 5:
+        XMEMCPY(sha_input, "FFFFFF", 6);
+        break;
+    case 6:
+        XMEMCPY(sha_input, "GGGGGGG", 7);
+        break;
+    default:
+        WOLFSSL_MSG("Set Prefix error, bad input");
+        return 0; 
+    }
+    return 1;
+}
+#endif
+
+
+static int SetKeys(Ciphers* enc, Ciphers* dec, Keys* keys, CipherSpecs* specs,
+                   byte side, void* heap, int devId)
+{
+#ifdef BUILD_ARC4
+    word32 sz = specs->key_size;
+    if (specs->bulk_cipher_algorithm == wolfssl_rc4) {
+        if (enc && enc->arc4 == NULL)
+            enc->arc4 = (Arc4*)XMALLOC(sizeof(Arc4), heap, DYNAMIC_TYPE_CIPHER);
+        if (enc && enc->arc4 == NULL)
+            return MEMORY_E;
+        if (dec && dec->arc4 == NULL)
+            dec->arc4 = (Arc4*)XMALLOC(sizeof(Arc4), heap, DYNAMIC_TYPE_CIPHER);
+        if (dec && dec->arc4 == NULL)
+            return MEMORY_E;
+#ifdef HAVE_CAVIUM
+        if (devId != NO_CAVIUM_DEVICE) {
+            if (enc) {
+                if (Arc4InitCavium(enc->arc4, devId) != 0) {
+                    WOLFSSL_MSG("Arc4InitCavium failed in SetKeys");
+                    return CAVIUM_INIT_E;
+                }
+            }
+            if (dec) {
+                if (Arc4InitCavium(dec->arc4, devId) != 0) {
+                    WOLFSSL_MSG("Arc4InitCavium failed in SetKeys");
+                    return CAVIUM_INIT_E;
+                }
+            }
+        }
+#endif
+        if (side == WOLFSSL_CLIENT_END) {
+            if (enc)
+                wc_Arc4SetKey(enc->arc4, keys->client_write_key, sz);
+            if (dec)
+                wc_Arc4SetKey(dec->arc4, keys->server_write_key, sz);
+        }
+        else {
+            if (enc)
+                wc_Arc4SetKey(enc->arc4, keys->server_write_key, sz);
+            if (dec)
+                wc_Arc4SetKey(dec->arc4, keys->client_write_key, sz);
+        }
+        if (enc)
+            enc->setup = 1;
+        if (dec)
+            dec->setup = 1;
+    }
+#endif
+
+    
+#if defined(HAVE_CHACHA) && defined(HAVE_POLY1305)
+    if (specs->bulk_cipher_algorithm == wolfssl_chacha) {
+        int chachaRet;
+        if (enc && enc->chacha == NULL)
+            enc->chacha =
+                    (ChaCha*)XMALLOC(sizeof(ChaCha), heap, DYNAMIC_TYPE_CIPHER);
+        if (enc && enc->chacha == NULL)
+            return MEMORY_E;
+        if (dec && dec->chacha == NULL)
+            dec->chacha =
+                    (ChaCha*)XMALLOC(sizeof(ChaCha), heap, DYNAMIC_TYPE_CIPHER);
+        if (dec && dec->chacha == NULL)
+            return MEMORY_E;
+        if (side == WOLFSSL_CLIENT_END) {
+            if (enc) {
+                chachaRet = wc_Chacha_SetKey(enc->chacha, keys->client_write_key,
+                                          specs->key_size);
+                XMEMCPY(keys->aead_enc_imp_IV, keys->client_write_IV,
+                        AEAD_IMP_IV_SZ);
+                if (chachaRet != 0) return chachaRet;
+            }
+            if (dec) {
+                chachaRet = wc_Chacha_SetKey(dec->chacha, keys->server_write_key,
+                                          specs->key_size);
+                XMEMCPY(keys->aead_dec_imp_IV, keys->server_write_IV,
+                        AEAD_IMP_IV_SZ);
+                if (chachaRet != 0) return chachaRet;
+            }
+        }
+        else {
+            if (enc) {
+                chachaRet = wc_Chacha_SetKey(enc->chacha, keys->server_write_key,
+                                          specs->key_size);
+                XMEMCPY(keys->aead_enc_imp_IV, keys->server_write_IV,
+                        AEAD_IMP_IV_SZ);
+                if (chachaRet != 0) return chachaRet;
+            }
+            if (dec) {
+                chachaRet = wc_Chacha_SetKey(dec->chacha, keys->client_write_key,
+                                          specs->key_size);
+                XMEMCPY(keys->aead_dec_imp_IV, keys->client_write_IV,
+                        AEAD_IMP_IV_SZ);
+                if (chachaRet != 0) return chachaRet;
+            }
+        }
+
+        if (enc)
+            enc->setup = 1;
+        if (dec)
+            dec->setup = 1;
+    }
+#endif
+
+#ifdef HAVE_HC128
+    if (specs->bulk_cipher_algorithm == wolfssl_hc128) {
+        int hcRet;
+        if (enc && enc->hc128 == NULL)
+            enc->hc128 =
+                      (HC128*)XMALLOC(sizeof(HC128), heap, DYNAMIC_TYPE_CIPHER);
+        if (enc && enc->hc128 == NULL)
+            return MEMORY_E;
+        if (dec && dec->hc128 == NULL)
+            dec->hc128 =
+                      (HC128*)XMALLOC(sizeof(HC128), heap, DYNAMIC_TYPE_CIPHER);
+        if (dec && dec->hc128 == NULL)
+            return MEMORY_E;
+        if (side == WOLFSSL_CLIENT_END) {
+            if (enc) {
+                hcRet = wc_Hc128_SetKey(enc->hc128, keys->client_write_key,
+                                     keys->client_write_IV);
+                if (hcRet != 0) return hcRet;
+            }
+            if (dec) {
+                hcRet = wc_Hc128_SetKey(dec->hc128, keys->server_write_key,
+                                     keys->server_write_IV);
+                if (hcRet != 0) return hcRet;
+            }
+        }
+        else {
+            if (enc) {
+                hcRet = wc_Hc128_SetKey(enc->hc128, keys->server_write_key,
+                                     keys->server_write_IV);
+                if (hcRet != 0) return hcRet;
+            }
+            if (dec) {
+                hcRet = wc_Hc128_SetKey(dec->hc128, keys->client_write_key,
+                                     keys->client_write_IV);
+                if (hcRet != 0) return hcRet;
+            }
+        }
+        if (enc)
+            enc->setup = 1;
+        if (dec)
+            dec->setup = 1;
+    }
+#endif
+    
+#ifdef BUILD_RABBIT
+    if (specs->bulk_cipher_algorithm == wolfssl_rabbit) {
+        int rabRet;
+        if (enc && enc->rabbit == NULL)
+            enc->rabbit =
+                    (Rabbit*)XMALLOC(sizeof(Rabbit), heap, DYNAMIC_TYPE_CIPHER);
+        if (enc && enc->rabbit == NULL)
+            return MEMORY_E;
+        if (dec && dec->rabbit == NULL)
+            dec->rabbit =
+                    (Rabbit*)XMALLOC(sizeof(Rabbit), heap, DYNAMIC_TYPE_CIPHER);
+        if (dec && dec->rabbit == NULL)
+            return MEMORY_E;
+        if (side == WOLFSSL_CLIENT_END) {
+            if (enc) {
+                rabRet = wc_RabbitSetKey(enc->rabbit, keys->client_write_key,
+                                      keys->client_write_IV);
+                if (rabRet != 0) return rabRet;
+            }
+            if (dec) {
+                rabRet = wc_RabbitSetKey(dec->rabbit, keys->server_write_key,
+                                      keys->server_write_IV);
+                if (rabRet != 0) return rabRet;
+            }
+        }
+        else {
+            if (enc) {
+                rabRet = wc_RabbitSetKey(enc->rabbit, keys->server_write_key,
+                                      keys->server_write_IV);
+                if (rabRet != 0) return rabRet;
+            }
+            if (dec) {
+                rabRet = wc_RabbitSetKey(dec->rabbit, keys->client_write_key,
+                                      keys->client_write_IV);
+                if (rabRet != 0) return rabRet;
+            }
+        }
+        if (enc)
+            enc->setup = 1;
+        if (dec)
+            dec->setup = 1;
+    }
+#endif
+    
+#ifdef BUILD_DES3
+    if (specs->bulk_cipher_algorithm == wolfssl_triple_des) {
+        int desRet = 0;
+
+        if (enc && enc->des3 == NULL)
+            enc->des3 = (Des3*)XMALLOC(sizeof(Des3), heap, DYNAMIC_TYPE_CIPHER);
+        if (enc && enc->des3 == NULL)
+            return MEMORY_E;
+        if (dec && dec->des3 == NULL)
+            dec->des3 = (Des3*)XMALLOC(sizeof(Des3), heap, DYNAMIC_TYPE_CIPHER);
+        if (dec && dec->des3 == NULL)
+            return MEMORY_E;
+#ifdef HAVE_CAVIUM
+        if (devId != NO_CAVIUM_DEVICE) {
+            if (enc) {
+                if (Des3_InitCavium(enc->des3, devId) != 0) {
+                    WOLFSSL_MSG("Des3_InitCavium failed in SetKeys");
+                    return CAVIUM_INIT_E;
+                }
+            }
+            if (dec) {
+                if (Des3_InitCavium(dec->des3, devId) != 0) {
+                    WOLFSSL_MSG("Des3_InitCavium failed in SetKeys");
+                    return CAVIUM_INIT_E;
+                }
+            }
+        }
+#endif
+        if (side == WOLFSSL_CLIENT_END) {
+            if (enc) {
+                desRet = wc_Des3_SetKey(enc->des3, keys->client_write_key,
+                                     keys->client_write_IV, DES_ENCRYPTION);
+                if (desRet != 0) return desRet;
+            }
+            if (dec) {
+                desRet = wc_Des3_SetKey(dec->des3, keys->server_write_key,
+                                     keys->server_write_IV, DES_DECRYPTION);
+                if (desRet != 0) return desRet;
+            }
+        }
+        else {
+            if (enc) {
+                desRet = wc_Des3_SetKey(enc->des3, keys->server_write_key,
+                                     keys->server_write_IV, DES_ENCRYPTION);
+                if (desRet != 0) return desRet;
+            }
+            if (dec) {
+                desRet = wc_Des3_SetKey(dec->des3, keys->client_write_key,
+                                     keys->client_write_IV, DES_DECRYPTION);
+                if (desRet != 0) return desRet;
+            }
+        }
+        if (enc)
+            enc->setup = 1;
+        if (dec)
+            dec->setup = 1;
+    }
+#endif
+
+#ifdef BUILD_AES
+    if (specs->bulk_cipher_algorithm == wolfssl_aes) {
+        int aesRet = 0;
+
+        if (enc && enc->aes == NULL)
+            enc->aes = (Aes*)XMALLOC(sizeof(Aes), heap, DYNAMIC_TYPE_CIPHER);
+        if (enc && enc->aes == NULL)
+            return MEMORY_E;
+        if (dec && dec->aes == NULL)
+            dec->aes = (Aes*)XMALLOC(sizeof(Aes), heap, DYNAMIC_TYPE_CIPHER);
+        if (dec && dec->aes == NULL)
+            return MEMORY_E;
+#ifdef HAVE_CAVIUM
+        if (devId != NO_CAVIUM_DEVICE) {
+            if (enc) {
+                if (wc_AesInitCavium(enc->aes, devId) != 0) {
+                    WOLFSSL_MSG("AesInitCavium failed in SetKeys");
+                    return CAVIUM_INIT_E;
+                }
+            }
+            if (dec) {
+                if (wc_AesInitCavium(dec->aes, devId) != 0) {
+                    WOLFSSL_MSG("AesInitCavium failed in SetKeys");
+                    return CAVIUM_INIT_E;
+                }
+            }
+        }
+#endif
+        if (side == WOLFSSL_CLIENT_END) {
+            if (enc) {
+                aesRet = wc_AesSetKey(enc->aes, keys->client_write_key,
+                                   specs->key_size, keys->client_write_IV,
+                                   AES_ENCRYPTION);
+                if (aesRet != 0) return aesRet;
+            }
+            if (dec) {
+                aesRet = wc_AesSetKey(dec->aes, keys->server_write_key,
+                                   specs->key_size, keys->server_write_IV,
+                                   AES_DECRYPTION);
+                if (aesRet != 0) return aesRet;
+            }
+        }
+        else {
+            if (enc) {
+                aesRet = wc_AesSetKey(enc->aes, keys->server_write_key,
+                                   specs->key_size, keys->server_write_IV,
+                                   AES_ENCRYPTION);
+                if (aesRet != 0) return aesRet;
+            }
+            if (dec) {
+                aesRet = wc_AesSetKey(dec->aes, keys->client_write_key,
+                                   specs->key_size, keys->client_write_IV,
+                                   AES_DECRYPTION);
+                if (aesRet != 0) return aesRet;
+            }
+        }
+        if (enc)
+            enc->setup = 1;
+        if (dec)
+            dec->setup = 1;
+    }
+#endif
+
+#ifdef BUILD_AESGCM
+    if (specs->bulk_cipher_algorithm == wolfssl_aes_gcm) {
+        int gcmRet;
+
+        if (enc && enc->aes == NULL)
+            enc->aes = (Aes*)XMALLOC(sizeof(Aes), heap, DYNAMIC_TYPE_CIPHER);
+        if (enc && enc->aes == NULL)
+            return MEMORY_E;
+        if (dec && dec->aes == NULL)
+            dec->aes = (Aes*)XMALLOC(sizeof(Aes), heap, DYNAMIC_TYPE_CIPHER);
+        if (dec && dec->aes == NULL)
+            return MEMORY_E;
+
+        if (side == WOLFSSL_CLIENT_END) {
+            if (enc) {
+                gcmRet = wc_AesGcmSetKey(enc->aes, keys->client_write_key,
+                                      specs->key_size);
+                if (gcmRet != 0) return gcmRet;
+                XMEMCPY(keys->aead_enc_imp_IV, keys->client_write_IV,
+                        AEAD_IMP_IV_SZ);
+            }
+            if (dec) {
+                gcmRet = wc_AesGcmSetKey(dec->aes, keys->server_write_key,
+                                      specs->key_size);
+                if (gcmRet != 0) return gcmRet;
+                XMEMCPY(keys->aead_dec_imp_IV, keys->server_write_IV,
+                        AEAD_IMP_IV_SZ);
+            }
+        }
+        else {
+            if (enc) {
+                gcmRet = wc_AesGcmSetKey(enc->aes, keys->server_write_key,
+                                      specs->key_size);
+                if (gcmRet != 0) return gcmRet;
+                XMEMCPY(keys->aead_enc_imp_IV, keys->server_write_IV,
+                        AEAD_IMP_IV_SZ);
+            }
+            if (dec) {
+                gcmRet = wc_AesGcmSetKey(dec->aes, keys->client_write_key,
+                                      specs->key_size);
+                if (gcmRet != 0) return gcmRet;
+                XMEMCPY(keys->aead_dec_imp_IV, keys->client_write_IV,
+                        AEAD_IMP_IV_SZ);
+            }
+        }
+        if (enc)
+            enc->setup = 1;
+        if (dec)
+            dec->setup = 1;
+    }
+#endif
+
+#ifdef HAVE_AESCCM
+    if (specs->bulk_cipher_algorithm == wolfssl_aes_ccm) {
+        if (enc && enc->aes == NULL)
+            enc->aes = (Aes*)XMALLOC(sizeof(Aes), heap, DYNAMIC_TYPE_CIPHER);
+        if (enc && enc->aes == NULL)
+            return MEMORY_E;
+        if (dec && dec->aes == NULL)
+            dec->aes = (Aes*)XMALLOC(sizeof(Aes), heap, DYNAMIC_TYPE_CIPHER);
+        if (dec && dec->aes == NULL)
+            return MEMORY_E;
+
+        if (side == WOLFSSL_CLIENT_END) {
+            if (enc) {
+                wc_AesCcmSetKey(enc->aes, keys->client_write_key, specs->key_size);
+                XMEMCPY(keys->aead_enc_imp_IV, keys->client_write_IV,
+                        AEAD_IMP_IV_SZ);
+            }
+            if (dec) {
+                wc_AesCcmSetKey(dec->aes, keys->server_write_key, specs->key_size);
+                XMEMCPY(keys->aead_dec_imp_IV, keys->server_write_IV,
+                        AEAD_IMP_IV_SZ);
+            }
+        }
+        else {
+            if (enc) {
+                wc_AesCcmSetKey(enc->aes, keys->server_write_key, specs->key_size);
+                XMEMCPY(keys->aead_enc_imp_IV, keys->server_write_IV,
+                        AEAD_IMP_IV_SZ);
+            }
+            if (dec) {
+                wc_AesCcmSetKey(dec->aes, keys->client_write_key, specs->key_size);
+                XMEMCPY(keys->aead_dec_imp_IV, keys->client_write_IV,
+                        AEAD_IMP_IV_SZ);
+            }
+        }
+        if (enc)
+            enc->setup = 1;
+        if (dec)
+            dec->setup = 1;
+    }
+#endif
+
+#ifdef HAVE_CAMELLIA
+    if (specs->bulk_cipher_algorithm == wolfssl_camellia) {
+        int camRet;
+
+        if (enc && enc->cam == NULL)
+            enc->cam =
+                (Camellia*)XMALLOC(sizeof(Camellia), heap, DYNAMIC_TYPE_CIPHER);
+        if (enc && enc->cam == NULL)
+            return MEMORY_E;
+
+        if (dec && dec->cam == NULL)
+            dec->cam =
+                (Camellia*)XMALLOC(sizeof(Camellia), heap, DYNAMIC_TYPE_CIPHER);
+        if (dec && dec->cam == NULL)
+            return MEMORY_E;
+
+        if (side == WOLFSSL_CLIENT_END) {
+            if (enc) {
+                camRet = wc_CamelliaSetKey(enc->cam, keys->client_write_key,
+                                        specs->key_size, keys->client_write_IV);
+                if (camRet != 0) return camRet;
+            }
+            if (dec) {
+                camRet = wc_CamelliaSetKey(dec->cam, keys->server_write_key,
+                                        specs->key_size, keys->server_write_IV);
+                if (camRet != 0) return camRet;
+            }
+        }
+        else {
+            if (enc) {
+                camRet = wc_CamelliaSetKey(enc->cam, keys->server_write_key,
+                                        specs->key_size, keys->server_write_IV);
+                if (camRet != 0) return camRet;
+            }
+            if (dec) {
+                camRet = wc_CamelliaSetKey(dec->cam, keys->client_write_key,
+                                        specs->key_size, keys->client_write_IV);
+                if (camRet != 0) return camRet;
+            }
+        }
+        if (enc)
+            enc->setup = 1;
+        if (dec)
+            dec->setup = 1;
+    }
+#endif
+
+#ifdef HAVE_NULL_CIPHER
+    if (specs->bulk_cipher_algorithm == wolfssl_cipher_null) {
+        if (enc)
+            enc->setup = 1;
+        if (dec)
+            dec->setup = 1;
+    }
+#endif
+
+    if (enc)
+        keys->sequence_number      = 0;
+    if (dec)
+        keys->peer_sequence_number = 0;
+    (void)side;
+    (void)heap;
+    (void)enc;
+    (void)dec;
+    (void)specs;
+    (void)devId;
+
+    return 0;
+}
+
+
+#ifdef HAVE_ONE_TIME_AUTH
+/* set one time authentication keys */
+static int SetAuthKeys(OneTimeAuth* authentication, Keys* keys,
+                       CipherSpecs* specs, void* heap, int devId)
+{
+
+#ifdef HAVE_POLY1305
+        /* set up memory space for poly1305 */
+        if (authentication && authentication->poly1305 == NULL)
+            authentication->poly1305 =
+                (Poly1305*)XMALLOC(sizeof(Poly1305), heap, DYNAMIC_TYPE_CIPHER);
+        if (authentication && authentication->poly1305 == NULL)
+            return MEMORY_E;
+        if (authentication)
+            authentication->setup = 1;
+#endif
+        (void)heap;
+        (void)keys;
+        (void)specs;
+        (void)devId;
+
+        return 0;
+}
+#endif /* HAVE_ONE_TIME_AUTH */
+
+
+/* Set wc_encrypt/wc_decrypt or both sides of key setup
+ * note: use wc_encrypt to avoid shadowing global encrypt
+ * declared in unistd.h
+ */
+int SetKeysSide(WOLFSSL* ssl, enum encrypt_side side)
+{
+    int devId = NO_CAVIUM_DEVICE, ret, copy = 0;
+    Ciphers* wc_encrypt = NULL;
+    Ciphers* wc_decrypt = NULL;
+    Keys*    keys    = &ssl->keys;
+
+    (void)copy;
+
+#ifdef HAVE_CAVIUM
+    devId = ssl->devId;
+#endif
+
+#ifdef HAVE_SECURE_RENEGOTIATION
+    if (ssl->secure_renegotiation && ssl->secure_renegotiation->cache_status) {
+        keys = &ssl->secure_renegotiation->tmp_keys;
+        copy = 1;
+    }
+#endif /* HAVE_SECURE_RENEGOTIATION */
+
+    switch (side) {
+        case ENCRYPT_SIDE_ONLY:
+            wc_encrypt = &ssl->encrypt;
+            break;
+
+        case DECRYPT_SIDE_ONLY:
+            wc_decrypt = &ssl->decrypt;
+            break;
+
+        case ENCRYPT_AND_DECRYPT_SIDE:
+            wc_encrypt = &ssl->encrypt;
+            wc_decrypt = &ssl->decrypt;
+            break;
+
+        default:
+            return BAD_FUNC_ARG;
+    }
+
+#ifdef HAVE_ONE_TIME_AUTH
+    if (!ssl->auth.setup) {
+        ret = SetAuthKeys(&ssl->auth, keys, &ssl->specs, ssl->heap, devId);
+        if (ret != 0)
+           return ret;
+    }
+#endif
+
+    ret = SetKeys(wc_encrypt, wc_decrypt, keys, &ssl->specs, ssl->options.side,
+                  ssl->heap, devId);
+
+#ifdef HAVE_SECURE_RENEGOTIATION
+    if (copy) {
+        int clientCopy = 0;
+
+        if (ssl->options.side == WOLFSSL_CLIENT_END && wc_encrypt)
+            clientCopy = 1;
+        else if (ssl->options.side == WOLFSSL_SERVER_END && wc_decrypt)
+            clientCopy = 1;
+
+        if (clientCopy) {
+            XMEMCPY(ssl->keys.client_write_MAC_secret,
+                    keys->client_write_MAC_secret, MAX_DIGEST_SIZE);
+            XMEMCPY(ssl->keys.client_write_key,
+                    keys->client_write_key, AES_256_KEY_SIZE);
+            XMEMCPY(ssl->keys.client_write_IV,
+                    keys->client_write_IV, AES_IV_SIZE);
+        } else {
+            XMEMCPY(ssl->keys.server_write_MAC_secret,
+                    keys->server_write_MAC_secret, MAX_DIGEST_SIZE);
+            XMEMCPY(ssl->keys.server_write_key,
+                    keys->server_write_key, AES_256_KEY_SIZE);
+            XMEMCPY(ssl->keys.server_write_IV,
+                    keys->server_write_IV, AES_IV_SIZE);
+        }
+        if (wc_encrypt) {
+            ssl->keys.sequence_number = keys->sequence_number;
+            #ifdef HAVE_AEAD
+                if (ssl->specs.cipher_type == aead) {
+                    /* Initialize the AES-GCM/CCM explicit IV to a zero. */
+                    XMEMCPY(ssl->keys.aead_exp_IV, keys->aead_exp_IV,
+                            AEAD_EXP_IV_SZ);
+                }
+            #endif
+        }
+        if (wc_decrypt)
+            ssl->keys.peer_sequence_number = keys->peer_sequence_number;
+        ssl->secure_renegotiation->cache_status++;
+    }
+#endif /* HAVE_SECURE_RENEGOTIATION */
+
+    return ret;
+}
+
+
+/* TLS can call too */
+int StoreKeys(WOLFSSL* ssl, const byte* keyData)
+{
+    int sz, i = 0;
+    Keys* keys = &ssl->keys;
+
+#ifdef HAVE_SECURE_RENEGOTIATION
+    if (ssl->secure_renegotiation && ssl->secure_renegotiation->cache_status ==
+                                                            SCR_CACHE_NEEDED) {
+        keys = &ssl->secure_renegotiation->tmp_keys;
+        ssl->secure_renegotiation->cache_status++;
+    }
+#endif /* HAVE_SECURE_RENEGOTIATION */
+
+    if (ssl->specs.cipher_type != aead) {
+        sz = ssl->specs.hash_size;
+        XMEMCPY(keys->client_write_MAC_secret,&keyData[i], sz);
+        i += sz;
+        XMEMCPY(keys->server_write_MAC_secret,&keyData[i], sz);
+        i += sz;
+    }
+    sz = ssl->specs.key_size;
+    XMEMCPY(keys->client_write_key, &keyData[i], sz);
+    i += sz;
+    XMEMCPY(keys->server_write_key, &keyData[i], sz);
+    i += sz;
+
+    sz = ssl->specs.iv_size;
+    XMEMCPY(keys->client_write_IV, &keyData[i], sz);
+    i += sz;
+    XMEMCPY(keys->server_write_IV, &keyData[i], sz);
+
+#ifdef HAVE_AEAD
+    if (ssl->specs.cipher_type == aead) {
+        /* Initialize the AES-GCM/CCM explicit IV to a zero. */
+        XMEMSET(keys->aead_exp_IV, 0, AEAD_EXP_IV_SZ);
+    }
+#endif
+
+    return 0;
+}
+
+#ifndef NO_OLD_TLS
+int DeriveKeys(WOLFSSL* ssl)
+{
+    int    length = 2 * ssl->specs.hash_size + 
+                    2 * ssl->specs.key_size  +
+                    2 * ssl->specs.iv_size;
+    int    rounds = (length + MD5_DIGEST_SIZE - 1 ) / MD5_DIGEST_SIZE, i;
+    int    ret = 0;
+    
+#ifdef WOLFSSL_SMALL_STACK
+    byte*  shaOutput;
+    byte*  md5Input;
+    byte*  shaInput;
+    byte*  keyData;
+    Md5*   md5;
+    Sha*   sha;
+#else
+    byte   shaOutput[SHA_DIGEST_SIZE];
+    byte   md5Input[SECRET_LEN + SHA_DIGEST_SIZE];
+    byte   shaInput[KEY_PREFIX + SECRET_LEN + 2 * RAN_LEN];
+    byte   keyData[KEY_PREFIX * MD5_DIGEST_SIZE];
+    Md5    md5[1];
+    Sha    sha[1];
+#endif
+    
+#ifdef WOLFSSL_SMALL_STACK
+    shaOutput = (byte*)XMALLOC(SHA_DIGEST_SIZE, 
+                                            NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    md5Input  = (byte*)XMALLOC(SECRET_LEN + SHA_DIGEST_SIZE,
+                                            NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    shaInput  = (byte*)XMALLOC(KEY_PREFIX + SECRET_LEN + 2 * RAN_LEN,
+                                            NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    keyData   = (byte*)XMALLOC(KEY_PREFIX * MD5_DIGEST_SIZE,
+                                            NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    md5       =  (Md5*)XMALLOC(sizeof(Md5), NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    sha       =  (Sha*)XMALLOC(sizeof(Sha), NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    
+    if (shaOutput == NULL || md5Input == NULL || shaInput == NULL ||
+        keyData   == NULL || md5      == NULL || sha      == NULL) {
+        if (shaOutput) XFREE(shaOutput, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        if (md5Input)  XFREE(md5Input,  NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        if (shaInput)  XFREE(shaInput,  NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        if (keyData)   XFREE(keyData,   NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        if (md5)       XFREE(md5,       NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        if (sha)       XFREE(sha,       NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        
+        return MEMORY_E;
+    }
+#endif
+
+    wc_InitMd5(md5);
+
+    ret = wc_InitSha(sha);
+
+    if (ret == 0) {
+        XMEMCPY(md5Input, ssl->arrays->masterSecret, SECRET_LEN);
+
+        for (i = 0; i < rounds; ++i) {
+            int j   = i + 1;
+            int idx = j;
+
+            if (!SetPrefix(shaInput, i)) {
+                ret = PREFIX_ERROR;
+                break;
+            }
+
+            XMEMCPY(shaInput + idx, ssl->arrays->masterSecret, SECRET_LEN);
+            idx += SECRET_LEN;
+            XMEMCPY(shaInput + idx, ssl->arrays->serverRandom, RAN_LEN);
+            idx += RAN_LEN;
+            XMEMCPY(shaInput + idx, ssl->arrays->clientRandom, RAN_LEN);
+
+            wc_ShaUpdate(sha, shaInput, (KEY_PREFIX + SECRET_LEN + 2 * RAN_LEN)
+                                                              - KEY_PREFIX + j);
+            wc_ShaFinal(sha, shaOutput);
+
+            XMEMCPY(md5Input + SECRET_LEN, shaOutput, SHA_DIGEST_SIZE);
+            wc_Md5Update(md5, md5Input, SECRET_LEN + SHA_DIGEST_SIZE);
+            wc_Md5Final(md5, keyData + i * MD5_DIGEST_SIZE);
+        }
+
+        if (ret == 0)
+            ret = StoreKeys(ssl, keyData);
+    }
+
+#ifdef WOLFSSL_SMALL_STACK
+    XFREE(shaOutput, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    XFREE(md5Input,  NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    XFREE(shaInput,  NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    XFREE(keyData,   NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    XFREE(md5,       NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    XFREE(sha,       NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+
+    return ret;
+}
+
+
+static int CleanPreMaster(WOLFSSL* ssl)
+{
+    int i, ret, sz = ssl->arrays->preMasterSz;
+
+    for (i = 0; i < sz; i++)
+        ssl->arrays->preMasterSecret[i] = 0;
+
+    ret = wc_RNG_GenerateBlock(ssl->rng, ssl->arrays->preMasterSecret, sz);
+    if (ret != 0)
+        return ret;
+
+    for (i = 0; i < sz; i++)
+        ssl->arrays->preMasterSecret[i] = 0;
+
+    return 0;
+}
+
+
+/* Create and store the master secret see page 32, 6.1 */
+static int MakeSslMasterSecret(WOLFSSL* ssl)
+{
+    int    i, ret;
+    word32 idx;
+    word32 pmsSz = ssl->arrays->preMasterSz;
+
+#ifdef WOLFSSL_SMALL_STACK
+    byte*  shaOutput;
+    byte*  md5Input;
+    byte*  shaInput;
+    Md5*   md5;
+    Sha*   sha;
+#else
+    byte   shaOutput[SHA_DIGEST_SIZE];
+    byte   md5Input[ENCRYPT_LEN + SHA_DIGEST_SIZE];
+    byte   shaInput[PREFIX + ENCRYPT_LEN + 2 * RAN_LEN];
+    Md5    md5[1];
+    Sha    sha[1];
+#endif
+
+#ifdef SHOW_SECRETS
+    {
+        word32 j;
+        printf("pre master secret: ");
+        for (j = 0; j < pmsSz; j++)
+            printf("%02x", ssl->arrays->preMasterSecret[j]);
+        printf("\n");
+    }
+#endif
+    
+#ifdef WOLFSSL_SMALL_STACK
+    shaOutput = (byte*)XMALLOC(SHA_DIGEST_SIZE, 
+                                            NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    md5Input  = (byte*)XMALLOC(ENCRYPT_LEN + SHA_DIGEST_SIZE,
+                                            NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    shaInput  = (byte*)XMALLOC(PREFIX + ENCRYPT_LEN + 2 * RAN_LEN,
+                                            NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    md5       =  (Md5*)XMALLOC(sizeof(Md5), NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    sha       =  (Sha*)XMALLOC(sizeof(Sha), NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    
+    if (shaOutput == NULL || md5Input == NULL || shaInput == NULL ||
+                             md5      == NULL || sha      == NULL) {
+        if (shaOutput) XFREE(shaOutput, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        if (md5Input)  XFREE(md5Input,  NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        if (shaInput)  XFREE(shaInput,  NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        if (md5)       XFREE(md5,       NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        if (sha)       XFREE(sha,       NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        
+        return MEMORY_E;
+    }
+#endif
+
+    wc_InitMd5(md5);
+    
+    ret = wc_InitSha(sha);
+    
+    if (ret == 0) {
+        XMEMCPY(md5Input, ssl->arrays->preMasterSecret, pmsSz);
+
+        for (i = 0; i < MASTER_ROUNDS; ++i) {
+            byte prefix[KEY_PREFIX];      /* only need PREFIX bytes but static */
+            if (!SetPrefix(prefix, i)) {  /* analysis thinks will overrun      */
+                ret = PREFIX_ERROR;
+                break;
+            }
+
+            idx = 0;
+            XMEMCPY(shaInput, prefix, i + 1);
+            idx += i + 1;
+
+            XMEMCPY(shaInput + idx, ssl->arrays->preMasterSecret, pmsSz);
+            idx += pmsSz;
+            XMEMCPY(shaInput + idx, ssl->arrays->clientRandom, RAN_LEN);
+            idx += RAN_LEN;
+            XMEMCPY(shaInput + idx, ssl->arrays->serverRandom, RAN_LEN);
+            idx += RAN_LEN;
+            wc_ShaUpdate(sha, shaInput, idx);
+            wc_ShaFinal(sha, shaOutput);
+
+            idx = pmsSz;  /* preSz */
+            XMEMCPY(md5Input + idx, shaOutput, SHA_DIGEST_SIZE);
+            idx += SHA_DIGEST_SIZE;
+            wc_Md5Update(md5, md5Input, idx);
+            wc_Md5Final(md5, &ssl->arrays->masterSecret[i * MD5_DIGEST_SIZE]);
+        }
+
+#ifdef SHOW_SECRETS
+        {
+            word32 j;
+            printf("master secret: ");
+            for (j = 0; j < SECRET_LEN; j++)
+                printf("%02x", ssl->arrays->masterSecret[j]);
+            printf("\n");
+        }
+#endif
+
+        if (ret == 0)
+            ret = DeriveKeys(ssl);
+    }
+
+#ifdef WOLFSSL_SMALL_STACK
+    XFREE(shaOutput, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    XFREE(md5Input,  NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    XFREE(shaInput,  NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    XFREE(md5,       NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    XFREE(sha,       NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+    
+    if (ret == 0)
+        ret = CleanPreMaster(ssl);
+    else
+        CleanPreMaster(ssl);
+
+    return ret;
+}
+#endif
+
+
+/* Master wrapper, doesn't use SSL stack space in TLS mode */
+int MakeMasterSecret(WOLFSSL* ssl)
+{
+#ifdef NO_OLD_TLS
+    return MakeTlsMasterSecret(ssl);
+#elif !defined(NO_TLS)
+    if (ssl->options.tls) return MakeTlsMasterSecret(ssl);
+#endif
+
+#ifndef NO_OLD_TLS
+    return MakeSslMasterSecret(ssl);
+#endif
+}
+
diff --git a/3P/wolfssl/src/ocsp.c b/3P/wolfssl/src/ocsp.c
new file mode 100644
index 00000000..1794d631
--- /dev/null
+++ b/3P/wolfssl/src/ocsp.c
@@ -0,0 +1,303 @@
+/* ocsp.c
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+  /* Name change compatibility layer no longer needs to be included here */
+
+#ifdef HAVE_CONFIG_H
+    #include 
+#endif
+
+#include 
+
+#ifdef HAVE_OCSP
+
+#include 
+#include 
+#include 
+
+
+int InitOCSP(WOLFSSL_OCSP* ocsp, WOLFSSL_CERT_MANAGER* cm)
+{
+    WOLFSSL_ENTER("InitOCSP");
+    XMEMSET(ocsp, 0, sizeof(*ocsp));
+    ocsp->cm = cm;
+    if (InitMutex(&ocsp->ocspLock) != 0)
+        return BAD_MUTEX_E;
+
+    return 0;
+}
+
+
+static int InitOCSP_Entry(OCSP_Entry* ocspe, DecodedCert* cert)
+{
+    WOLFSSL_ENTER("InitOCSP_Entry");
+
+    XMEMSET(ocspe, 0, sizeof(*ocspe));
+    XMEMCPY(ocspe->issuerHash, cert->issuerHash, SHA_DIGEST_SIZE);
+    XMEMCPY(ocspe->issuerKeyHash, cert->issuerKeyHash, SHA_DIGEST_SIZE);
+
+    return 0;
+}
+
+
+static void FreeOCSP_Entry(OCSP_Entry* ocspe)
+{
+    CertStatus* tmp = ocspe->status;
+
+    WOLFSSL_ENTER("FreeOCSP_Entry");
+
+    while (tmp) {
+        CertStatus* next = tmp->next;
+        XFREE(tmp, NULL, DYNAMIC_TYPE_OCSP_STATUS);
+        tmp = next;
+    }
+}
+
+
+void FreeOCSP(WOLFSSL_OCSP* ocsp, int dynamic)
+{
+    OCSP_Entry* tmp = ocsp->ocspList;
+
+    WOLFSSL_ENTER("FreeOCSP");
+
+    while (tmp) {
+        OCSP_Entry* next = tmp->next;
+        FreeOCSP_Entry(tmp);
+        XFREE(tmp, NULL, DYNAMIC_TYPE_OCSP_ENTRY);
+        tmp = next;
+    }
+
+    FreeMutex(&ocsp->ocspLock);
+    if (dynamic)
+        XFREE(ocsp, NULL, DYNAMIC_TYPE_OCSP);
+}
+
+
+static int xstat2err(int stat)
+{
+    switch (stat) {
+        case CERT_GOOD:
+            return 0;
+        case CERT_REVOKED:
+            return OCSP_CERT_REVOKED;
+        default:
+            return OCSP_CERT_UNKNOWN;
+    }
+}
+
+
+int CheckCertOCSP(WOLFSSL_OCSP* ocsp, DecodedCert* cert)
+{
+    byte* ocspReqBuf = NULL;
+    int ocspReqSz = 2048;
+    byte* ocspRespBuf = NULL;
+    int result = -1;
+    OCSP_Entry* ocspe;
+    CertStatus* certStatus = NULL;
+    const char *url;
+    int urlSz;
+#ifdef WOLFSSL_SMALL_STACK
+    CertStatus* newStatus;
+    OcspRequest* ocspRequest;
+    OcspResponse* ocspResponse;
+#else
+    CertStatus newStatus[1];
+    OcspRequest ocspRequest[1];
+    OcspResponse ocspResponse[1];
+#endif
+
+    WOLFSSL_ENTER("CheckCertOCSP");
+
+    if (LockMutex(&ocsp->ocspLock) != 0) {
+        WOLFSSL_LEAVE("CheckCertOCSP", BAD_MUTEX_E);
+        return BAD_MUTEX_E;
+    }
+
+    ocspe = ocsp->ocspList;
+    while (ocspe) {
+        if (XMEMCMP(ocspe->issuerHash, cert->issuerHash, SHA_DIGEST_SIZE) == 0
+            && XMEMCMP(ocspe->issuerKeyHash, cert->issuerKeyHash,
+                                                        SHA_DIGEST_SIZE) == 0)
+            break;
+        else
+            ocspe = ocspe->next;
+    }
+
+    if (ocspe == NULL) {
+        ocspe = (OCSP_Entry*)XMALLOC(sizeof(OCSP_Entry),
+                                                NULL, DYNAMIC_TYPE_OCSP_ENTRY);
+        if (ocspe != NULL) {
+            InitOCSP_Entry(ocspe, cert);
+            ocspe->next = ocsp->ocspList;
+            ocsp->ocspList = ocspe;
+        }
+        else {
+            UnLockMutex(&ocsp->ocspLock);
+            WOLFSSL_LEAVE("CheckCertOCSP", MEMORY_ERROR);
+            return MEMORY_ERROR;
+        }
+    }
+    else {
+        certStatus = ocspe->status;
+        while (certStatus) {
+            if (certStatus->serialSz == cert->serialSz &&
+                 XMEMCMP(certStatus->serial, cert->serial, cert->serialSz) == 0)
+                break;
+            else
+                certStatus = certStatus->next;
+        }
+    }
+
+    if (certStatus != NULL) {
+        if (!ValidateDate(certStatus->thisDate,
+                                        certStatus->thisDateFormat, BEFORE) ||
+            (certStatus->nextDate[0] == 0) ||
+            !ValidateDate(certStatus->nextDate,
+                                        certStatus->nextDateFormat, AFTER)) {
+            WOLFSSL_MSG("\tinvalid status date, looking up cert");
+        }
+        else {
+            result = xstat2err(certStatus->status);
+            UnLockMutex(&ocsp->ocspLock);
+            WOLFSSL_LEAVE("CheckCertOCSP", result);
+            return result;
+        }
+    }
+
+    UnLockMutex(&ocsp->ocspLock);
+
+    if (ocsp->cm->ocspUseOverrideURL) {
+        url = ocsp->cm->ocspOverrideURL;
+        if (url != NULL && url[0] != '\0')
+            urlSz = (int)XSTRLEN(url);
+        else
+            return OCSP_NEED_URL;
+    }
+    else if (cert->extAuthInfoSz != 0 && cert->extAuthInfo != NULL) {
+        url = (const char *)cert->extAuthInfo;
+        urlSz = cert->extAuthInfoSz;
+    }
+    else {
+        /* cert doesn't have extAuthInfo, assuming CERT_GOOD */
+        return 0;
+    }
+
+    ocspReqBuf = (byte*)XMALLOC(ocspReqSz, NULL, DYNAMIC_TYPE_IN_BUFFER);
+    if (ocspReqBuf == NULL) {
+        WOLFSSL_LEAVE("CheckCertOCSP", MEMORY_ERROR);
+        return MEMORY_ERROR;
+    }
+
+#ifdef WOLFSSL_SMALL_STACK
+    newStatus = (CertStatus*)XMALLOC(sizeof(CertStatus), NULL,
+                                                       DYNAMIC_TYPE_TMP_BUFFER);
+    ocspRequest = (OcspRequest*)XMALLOC(sizeof(OcspRequest), NULL,
+                                                       DYNAMIC_TYPE_TMP_BUFFER);
+    ocspResponse = (OcspResponse*)XMALLOC(sizeof(OcspResponse), NULL,
+                                                       DYNAMIC_TYPE_TMP_BUFFER);
+
+    if (newStatus == NULL || ocspRequest == NULL || ocspResponse == NULL) {
+        if (newStatus)    XFREE(newStatus,    NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        if (ocspRequest)  XFREE(ocspRequest,  NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        if (ocspResponse) XFREE(ocspResponse, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+
+        XFREE(ocspReqBuf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+
+        WOLFSSL_LEAVE("CheckCertOCSP", MEMORY_ERROR);
+        return MEMORY_E;
+    }
+#endif
+
+    InitOcspRequest(ocspRequest, cert, ocsp->cm->ocspSendNonce,
+                                                         ocspReqBuf, ocspReqSz);
+    ocspReqSz = EncodeOcspRequest(ocspRequest);
+    
+    if (ocsp->cm->ocspIOCb)
+        result = ocsp->cm->ocspIOCb(ocsp->cm->ocspIOCtx, url, urlSz,
+                                           ocspReqBuf, ocspReqSz, &ocspRespBuf);
+
+    if (result >= 0 && ocspRespBuf) {
+        XMEMSET(newStatus, 0, sizeof(CertStatus));
+
+        InitOcspResponse(ocspResponse, newStatus, ocspRespBuf, result);
+        OcspResponseDecode(ocspResponse);
+    
+        if (ocspResponse->responseStatus != OCSP_SUCCESSFUL)
+            result = OCSP_LOOKUP_FAIL;
+        else {
+            if (CompareOcspReqResp(ocspRequest, ocspResponse) == 0) {
+                result = xstat2err(ocspResponse->status->status);
+
+                if (LockMutex(&ocsp->ocspLock) != 0)
+                    result = BAD_MUTEX_E;
+                else {
+                    if (certStatus != NULL)
+                        /* Replace existing certificate entry with updated */
+                        XMEMCPY(certStatus, newStatus, sizeof(CertStatus));
+                    else {
+                        /* Save new certificate entry */
+                        certStatus = (CertStatus*)XMALLOC(sizeof(CertStatus),
+                                          NULL, DYNAMIC_TYPE_OCSP_STATUS);
+                        if (certStatus != NULL) {
+                            XMEMCPY(certStatus, newStatus, sizeof(CertStatus));
+                            certStatus->next = ocspe->status;
+                            ocspe->status = certStatus;
+                            ocspe->totalStatus++;
+                        }
+                    }
+
+                    UnLockMutex(&ocsp->ocspLock);
+                }
+            }
+            else
+                result = OCSP_LOOKUP_FAIL;
+        }
+    }
+    else
+        result = OCSP_LOOKUP_FAIL;
+
+    XFREE(ocspReqBuf, NULL, DYNAMIC_TYPE_IN_BUFFER);
+
+#ifdef WOLFSSL_SMALL_STACK
+    XFREE(newStatus,    NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    XFREE(ocspRequest,  NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    XFREE(ocspResponse, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+
+    if (ocspRespBuf != NULL && ocsp->cm->ocspRespFreeCb)
+        ocsp->cm->ocspRespFreeCb(ocsp->cm->ocspIOCtx, ocspRespBuf);
+
+    WOLFSSL_LEAVE("CheckCertOCSP", result);
+    return result;
+}
+
+
+#else /* HAVE_OCSP */
+
+
+#ifdef _MSC_VER
+    /* 4206 warning for blank file */
+    #pragma warning(disable: 4206)
+#endif
+
+
+#endif /* HAVE_OCSP */
+
diff --git a/3P/wolfssl/src/sniffer.c b/3P/wolfssl/src/sniffer.c
new file mode 100644
index 00000000..f813f557
--- /dev/null
+++ b/3P/wolfssl/src/sniffer.c
@@ -0,0 +1,2925 @@
+/* sniffer.c
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+#ifdef HAVE_CONFIG_H
+    #include 
+#endif
+
+#include 
+
+#ifdef WOLFSSL_SNIFFER
+
+#include 
+#include 
+
+#ifndef _WIN32
+  #include 
+#endif
+
+#ifdef _WIN32
+    #define SNPRINTF _snprintf
+#else
+    #define SNPRINTF snprintf
+#endif
+
+#include 
+#include 
+#include 
+#include 
+#include 
+#ifdef NO_INLINE
+    #include 
+#else
+    #include 
+#endif
+
+
+#ifndef min
+
+static INLINE word32 min(word32 a, word32 b)
+{
+    return a > b ? b : a;
+}
+
+#endif
+
+#ifndef WOLFSSL_SNIFFER_TIMEOUT
+    #define WOLFSSL_SNIFFER_TIMEOUT 900
+    /* Cache unclosed Sessions for 15 minutes since last used */
+#endif
+
+/* Misc constants */
+enum {
+    MAX_SERVER_ADDRESS = 128, /* maximum server address length */
+    MAX_SERVER_NAME    = 128, /* maximum server name length */
+    MAX_ERROR_LEN      = 80,  /* maximum error length */
+    ETHER_IF_ADDR_LEN  = 6,   /* ethernet interface address length */
+    LOCAL_IF_ADDR_LEN  = 4,   /* localhost interface address length, !windows */
+    TCP_PROTO          = 6,   /* TCP_PROTOCOL */
+    IP_HDR_SZ          = 20,  /* IP header legnth, min */
+    TCP_HDR_SZ         = 20,  /* TCP header legnth, min */
+    IPV4               = 4,   /* IP version 4 */
+    TCP_PROTOCOL       = 6,   /* TCP Protocol id */
+    TRACE_MSG_SZ       = 80,  /* Trace Message buffer size */
+    HASH_SIZE          = 499, /* Session Hash Table Rows */
+    PSEUDO_HDR_SZ      = 12,  /* TCP Pseudo Header size in bytes */
+    FATAL_ERROR_STATE  =  1,  /* SnifferSession fatal error state */
+    TICKET_HINT_LEN    = 4,   /* Session Ticket Hint length */
+    EXT_TYPE_SZ        = 2,   /* Extension length */
+    MAX_INPUT_SZ       = MAX_RECORD_SIZE + COMP_EXTRA + MAX_MSG_EXTRA +
+                         MTU_EXTRA,  /* Max input sz of reassembly */
+    TICKET_EXT_ID      = 0x23 /* Session Ticket Extension ID */
+};
+
+
+#ifdef _WIN32
+
+static HMODULE dllModule;  /* for error string resources */
+
+BOOL APIENTRY DllMain( HMODULE hModule,
+                       DWORD  ul_reason_for_call,
+                       LPVOID lpReserved
+                     )
+{
+	static int didInit = 0;
+
+    switch (ul_reason_for_call)
+    {
+    case DLL_PROCESS_ATTACH:
+		if (didInit == 0) {
+            dllModule = hModule;
+			ssl_InitSniffer();
+			didInit = 1;
+		}
+        break;
+    case DLL_THREAD_ATTACH:
+        break;
+    case DLL_THREAD_DETACH:
+        break;
+    case DLL_PROCESS_DETACH:
+		if (didInit) {
+			ssl_FreeSniffer();
+			didInit = 0;
+		}
+        break;
+    }
+    return TRUE;
+}
+
+#endif /* _WIN32 */
+
+
+static int TraceOn = 0;         /* Trace is off by default */
+static FILE* TraceFile = 0;
+
+
+/* windows uses .rc table for this */
+#ifndef _WIN32
+
+static const char* const msgTable[] =
+{
+    /* 1 */
+    "Out of Memory",
+    "New SSL Sniffer Server Registered",
+    "Checking IP Header",
+    "SSL Sniffer Server Not Registered",
+    "Checking TCP Header",
+
+    /* 6 */
+    "SSL Sniffer Server Port Not Registered",
+    "RSA Private Decrypt Error",
+    "RSA Private Decode Error",
+    "Set Cipher Spec Error",
+    "Server Hello Input Malformed",
+
+    /* 11 */
+    "Couldn't Resume Session Error",
+    "Server Did Resumption",
+    "Client Hello Input Malformed",
+    "Client Trying to Resume",
+    "Handshake Input Malformed",
+
+    /* 16 */
+    "Got Hello Verify msg",
+    "Got Server Hello msg",
+    "Got Cert Request msg",
+    "Got Server Key Exchange msg",
+    "Got Cert msg",
+
+    /* 21 */
+    "Got Server Hello Done msg",
+    "Got Finished msg",
+    "Got Client Hello msg",
+    "Got Client Key Exchange msg",
+    "Got Cert Verify msg",
+
+    /* 26 */
+    "Got Unknown Handshake msg",
+    "New SSL Sniffer Session created",
+    "Couldn't create new SSL",
+    "Got a Packet to decode",
+    "No data present",
+
+    /* 31 */
+    "Session Not Found",
+    "Got an Old Client Hello msg",
+    "Old Client Hello Input Malformed",
+    "Old Client Hello OK",
+    "Bad Old Client Hello",
+
+    /* 36 */
+    "Bad Record Header",
+    "Record Header Input Malformed",
+    "Got a HandShake msg",
+    "Bad HandShake msg",
+    "Got a Change Cipher Spec msg",
+
+    /* 41 */
+    "Got Application Data msg",
+    "Bad Application Data",
+    "Got an Alert msg",
+    "Another msg to Process",
+    "Removing Session From Table",
+    
+    /* 46 */
+    "Bad Key File",
+    "Wrong IP Version",
+    "Wrong Protocol type",
+    "Packet Short for header processing",
+    "Got Unknown Record Type",
+    
+    /* 51 */
+    "Can't Open Trace File",
+    "Session in Fatal Error State",
+    "Partial SSL record received",
+    "Buffer Error, malformed input",
+    "Added to Partial Input",
+    
+    /* 56 */
+    "Received a Duplicate Packet",
+    "Received an Out of Order Packet",
+    "Received an Overlap Duplicate Packet",
+    "Received an Overlap Reassembly Begin Duplicate Packet",
+    "Received an Overlap Reassembly End Duplicate Packet",
+
+    /* 61 */
+    "Missed the Client Hello Entirely",
+    "Got Hello Request msg",
+    "Got Session Ticket msg",
+    "Bad Input",
+    "Bad Decrypt Type",
+
+    /* 66 */
+    "Bad Finished Message Processing",
+    "Bad Compression Type",
+    "Bad DeriveKeys Error",
+    "Saw ACK for Missing Packet Error",
+    "Bad Decrypt Operation",
+
+    /* 71 */
+    "Decrypt Keys Not Set Up",
+    "Late Key Load Error"
+};
+
+
+/* *nix version uses table above */
+static void GetError(int idx, char* str)
+{
+    XSTRNCPY(str, msgTable[idx - 1], MAX_ERROR_LEN);
+}
+
+
+#else /* _WIN32 */
+
+
+/* Windows version uses .rc table */
+static void GetError(int idx, char* buffer)
+{
+    if (!LoadStringA(dllModule, idx, buffer, MAX_ERROR_LEN))
+        buffer[0] = 0;
+}
+
+
+#endif /* _WIN32 */
+
+
+/* Packet Buffer for reassembly list and ready list */
+typedef struct PacketBuffer {
+    word32  begin;      /* relative sequence begin */
+    word32  end;        /* relative sequence end   */
+    byte*   data;       /* actual data             */
+    struct PacketBuffer* next; /* next on reassembly list or ready list */
+} PacketBuffer;
+
+
+#ifdef HAVE_SNI
+
+/* NamedKey maps a SNI name to a specific private key */
+typedef struct NamedKey {
+    char             name[MAX_SERVER_NAME];      /* server DNS name */
+    word32           nameSz;                     /* size of server DNS name */
+    byte*            key;                        /* DER private key */
+    word32           keySz;                      /* size of DER private key */
+    struct NamedKey* next;                       /* for list */
+} NamedKey;
+
+#endif
+
+
+/* Sniffer Server holds info for each server/port monitored */
+typedef struct SnifferServer {
+    SSL_CTX*       ctx;                          /* SSL context */
+    char           address[MAX_SERVER_ADDRESS];  /* passed in server address */
+    word32         server;                       /* netowrk order address */
+    int            port;                         /* server port */
+#ifdef HAVE_SNI
+    NamedKey*      namedKeys;                    /* mapping of names and keys */
+    wolfSSL_Mutex   namedKeysMutex;               /* mutex for namedKey list */
+#endif
+    struct SnifferServer* next;                  /* for list */
+} SnifferServer;
+
+
+/* Session Flags */
+typedef struct Flags {
+    byte           side;            /* which end is current packet headed */
+    byte           serverCipherOn;  /* indicates whether cipher is active */
+    byte           clientCipherOn;  /* indicates whether cipher is active */
+    byte           resuming;        /* did this session come from resumption */
+    byte           cached;          /* have we cached this session yet */
+    byte           clientHello;     /* processed client hello yet, for SSLv2 */
+    byte           finCount;        /* get both FINs before removing */
+    byte           fatalError;      /* fatal error state */
+} Flags;
+
+
+/* Out of Order FIN caputre */
+typedef struct FinCaputre {
+    word32 cliFinSeq;               /* client relative sequence FIN  0 is no */
+    word32 srvFinSeq;               /* server relative sequence FIN, 0 is no */
+    byte   cliCounted;              /* did we count yet, detects duplicates */
+    byte   srvCounted;              /* did we count yet, detects duplicates */
+} FinCaputre;
+
+
+/* Sniffer Session holds info for each client/server SSL/TLS session */
+typedef struct SnifferSession {
+    SnifferServer* context;         /* server context */
+    SSL*           sslServer;       /* SSL server side decode */
+    SSL*           sslClient;       /* SSL client side decode */
+    word32         server;          /* server address in network byte order */
+    word32         client;          /* client address in network byte order */
+    word16         srvPort;         /* server port */
+    word16         cliPort;         /* client port */
+    word32         cliSeqStart;     /* client start sequence */
+    word32         srvSeqStart;     /* server start sequence */
+    word32         cliExpected;     /* client expected sequence (relative) */
+    word32         srvExpected;     /* server expected sequence (relative) */
+    FinCaputre     finCaputre;      /* retain out of order FIN s */
+    Flags          flags;           /* session flags */
+    time_t         lastUsed;          /* last used ticks */
+    PacketBuffer*  cliReassemblyList; /* client out of order packets */
+    PacketBuffer*  srvReassemblyList; /* server out of order packets */
+    struct SnifferSession* next;      /* for hash table list */
+    byte*          ticketID;          /* mac ID of session ticket */
+} SnifferSession;
+
+
+/* Sniffer Server List and mutex */
+static SnifferServer* ServerList = 0;
+static wolfSSL_Mutex ServerListMutex;
+
+
+/* Session Hash Table, mutex, and count */
+static SnifferSession* SessionTable[HASH_SIZE];
+static wolfSSL_Mutex SessionMutex;
+static int SessionCount = 0;
+
+
+/* Initialize overall Sniffer */
+void ssl_InitSniffer(void)
+{
+    wolfSSL_Init();
+    InitMutex(&ServerListMutex);
+    InitMutex(&SessionMutex);
+}
+
+
+#ifdef HAVE_SNI
+
+/* Free Named Key and the zero out the private key it holds */
+static void FreeNamedKey(NamedKey* in)
+{
+    if (in) {
+        if (in->key) {
+            ForceZero(in->key, in->keySz);
+            free(in->key);
+        }
+        free(in);
+    }
+}
+
+
+static void FreeNamedKeyList(NamedKey* in)
+{
+    NamedKey* next;
+
+    while (in) {
+        next = in->next;
+        FreeNamedKey(in);
+        in = next;
+    }
+}
+
+#endif
+
+
+/* Free Sniffer Server's resources/self */
+static void FreeSnifferServer(SnifferServer* srv)
+{
+    if (srv) {
+#ifdef HAVE_SNI
+        LockMutex(&srv->namedKeysMutex);
+        FreeNamedKeyList(srv->namedKeys);
+        UnLockMutex(&srv->namedKeysMutex);
+        FreeMutex(&srv->namedKeysMutex);
+#endif
+        SSL_CTX_free(srv->ctx);
+    }
+    free(srv);
+}
+
+
+/* free PacketBuffer's resources/self */
+static void FreePacketBuffer(PacketBuffer* del)
+{
+    if (del) {
+        free(del->data);
+        free(del);
+    }
+}
+
+
+/* remove PacketBuffer List */
+static void FreePacketList(PacketBuffer* in)
+{
+    if (in) {
+        PacketBuffer* del;
+        PacketBuffer* packet = in;
+        
+        while (packet) {
+            del = packet;
+            packet = packet->next;
+            FreePacketBuffer(del);
+        }
+    }
+}
+
+
+/* Free Sniffer Session's resources/self */
+static void FreeSnifferSession(SnifferSession* session)
+{
+    if (session) {
+        SSL_free(session->sslClient);
+        SSL_free(session->sslServer);
+        
+        FreePacketList(session->cliReassemblyList);
+        FreePacketList(session->srvReassemblyList);
+
+        free(session->ticketID);
+    }
+    free(session);
+}
+
+
+/* Free overall Sniffer */
+void ssl_FreeSniffer(void)
+{
+    SnifferServer*  srv;
+    SnifferServer*  removeServer;
+    SnifferSession* session;
+    SnifferSession* removeSession;
+    int i;
+
+    LockMutex(&ServerListMutex);
+    LockMutex(&SessionMutex);
+    
+    srv = ServerList;
+    while (srv) {
+        removeServer = srv;
+        srv = srv->next;
+        FreeSnifferServer(removeServer);
+    }
+
+    for (i = 0; i < HASH_SIZE; i++) {
+        session = SessionTable[i];
+        while (session) {
+            removeSession = session;
+            session = session->next;
+            FreeSnifferSession(removeSession);
+        }
+    }
+
+    UnLockMutex(&SessionMutex);
+    UnLockMutex(&ServerListMutex);
+
+    FreeMutex(&SessionMutex);
+    FreeMutex(&ServerListMutex);
+
+    if (TraceFile) {
+        TraceOn = 0;
+        fclose(TraceFile);
+        TraceFile = NULL;
+    }
+
+    wolfSSL_Cleanup();
+}
+
+
+/* Initialize a SnifferServer */
+static void InitSnifferServer(SnifferServer* sniffer)
+{
+    sniffer->ctx = 0;
+    XMEMSET(sniffer->address, 0, MAX_SERVER_ADDRESS);
+    sniffer->server   = 0;
+    sniffer->port     = 0;
+#ifdef HAVE_SNI
+    sniffer->namedKeys = 0;
+    InitMutex(&sniffer->namedKeysMutex);
+#endif
+    sniffer->next     = 0;
+}
+
+
+/* Initialize session flags */
+static void InitFlags(Flags* flags)
+{
+    flags->side           = 0;
+    flags->serverCipherOn = 0;
+    flags->clientCipherOn = 0;
+    flags->resuming       = 0;
+    flags->cached         = 0;
+    flags->clientHello    = 0;
+    flags->finCount       = 0;
+    flags->fatalError     = 0;
+}
+
+
+/* Initialize FIN Capture */
+static void InitFinCapture(FinCaputre* cap)
+{
+    cap->cliFinSeq  = 0;
+    cap->srvFinSeq  = 0;
+    cap->cliCounted = 0;
+    cap->srvCounted = 0;
+}
+
+
+/* Initialize a Sniffer Session */
+static void InitSession(SnifferSession* session)
+{
+    session->context        = 0;
+    session->sslServer      = 0;
+    session->sslClient      = 0;
+    session->server         = 0;
+    session->client         = 0;
+    session->srvPort        = 0;
+    session->cliPort        = 0;
+    session->cliSeqStart    = 0;
+    session->srvSeqStart    = 0;
+    session->cliExpected    = 0;
+    session->srvExpected    = 0;
+    session->lastUsed       = 0;
+    session->cliReassemblyList = 0;
+    session->srvReassemblyList = 0;
+    session->next           = 0;
+    session->ticketID       = 0;
+    
+    InitFlags(&session->flags);
+    InitFinCapture(&session->finCaputre);
+}
+
+
+/* IP Info from IP Header */
+typedef struct IpInfo {
+    int    length;        /* length of this header */
+    int    total;         /* total length of fragment */
+    word32 src;           /* network order source address */
+    word32 dst;           /* network order destination address */
+} IpInfo;
+
+
+/* TCP Info from TCP Header */
+typedef struct TcpInfo {
+    int    srcPort;       /* source port */
+    int    dstPort;       /* source port */
+    int    length;        /* length of this header */
+    word32 sequence;      /* sequence number */
+    word32 ackNumber;     /* ack number */
+    byte   fin;           /* FIN set */
+    byte   rst;           /* RST set */
+    byte   syn;           /* SYN set */
+    byte   ack;           /* ACK set */
+} TcpInfo;
+
+
+/* Tcp Pseudo Header for Checksum calculation */
+typedef struct TcpPseudoHdr {
+    word32  src;        /* source address */
+    word32  dst;        /* destination address */
+    byte    rsv;        /* reserved, always 0 */
+    byte    protocol;   /* IP protocol */
+    word16  legnth;     /* tcp header length + data length (doesn't include */
+                        /* pseudo header length) network order */
+} TcpPseudoHdr;
+
+
+/* Password Setting Callback */
+static int SetPassword(char* passwd, int sz, int rw, void* userdata)
+{
+    (void)rw;
+    XSTRNCPY(passwd, (const char*)userdata, sz);
+    return (int)XSTRLEN((const char*)userdata);
+}
+
+
+/* Ethernet Header */
+typedef struct EthernetHdr {
+    byte   dst[ETHER_IF_ADDR_LEN];    /* destination host address */ 
+    byte   src[ETHER_IF_ADDR_LEN];    /* source  host address */ 
+    word16 type;                      /* IP, ARP, etc */ 
+} EthernetHdr;
+
+
+/* IP Header */
+typedef struct IpHdr {
+    byte    ver_hl;              /* version/header length */
+    byte    tos;                 /* type of service */
+    word16  length;              /* total length */
+    word16  id;                  /* identification */
+    word16  offset;              /* fragment offset field */
+    byte    ttl;                 /* time to live */
+    byte    protocol;            /* protocol */
+    word16  sum;                 /* checksum */
+    word32  src;                 /* source address */
+    word32  dst;                 /* destination address */
+} IpHdr;
+
+
+#define IP_HL(ip)      ( (((ip)->ver_hl) & 0x0f) * 4)
+#define IP_V(ip)       ( ((ip)->ver_hl) >> 4)
+
+/* TCP Header */
+typedef struct TcpHdr {
+    word16  srcPort;            /* source port */
+    word16  dstPort;            /* destination port */
+    word32  sequence;           /* sequence number */ 
+    word32  ack;                /* acknoledgment number */ 
+    byte    offset;             /* data offset, reserved */
+    byte    flags;              /* option flags */
+    word16  window;             /* window */
+    word16  sum;                /* checksum */
+    word16  urgent;             /* urgent pointer */
+} TcpHdr;
+
+#define TCP_LEN(tcp)  ( (((tcp)->offset & 0xf0) >> 4) * 4)
+#define TCP_FIN 0x01
+#define TCP_SYN 0x02
+#define TCP_RST 0x04
+#define TCP_ACK 0x10
+
+
+
+
+
+/* Use platform specific GetError to write to tracfile if tracing */ 
+static void Trace(int idx) 
+{
+    if (TraceOn) {
+        char myBuffer[MAX_ERROR_LEN];
+        GetError(idx, myBuffer);
+        fprintf(TraceFile, "\t%s\n", myBuffer);
+#ifdef DEBUG_SNIFFER
+        fprintf(stderr,    "\t%s\n", myBuffer);
+#endif
+    }
+}
+
+
+/* Show TimeStamp for beginning of packet Trace */
+static void TraceHeader(void)
+{
+    if (TraceOn) {
+        time_t ticks = time(NULL);
+        fprintf(TraceFile, "\n%s", ctime(&ticks));
+    }
+}
+
+
+/* Show Set Server info for Trace */
+static void TraceSetServer(const char* srv, int port, const char* keyFile)
+{
+    if (TraceOn) {
+        fprintf(TraceFile, "\tTrying to install a new Sniffer Server with\n");
+        fprintf(TraceFile, "\tserver: %s, port: %d, keyFile: %s\n", srv, port,
+                                                                    keyFile);
+    }
+}
+
+
+#ifdef HAVE_SNI
+
+/* Show Set Named Server info for Trace */
+static void TraceSetNamedServer(const char* name,
+                                 const char* srv, int port, const char* keyFile)
+{
+    if (TraceOn) {
+        fprintf(TraceFile, "\tTrying to install a new Sniffer Server with\n");
+        fprintf(TraceFile, "\tname: %s, server: %s, port: %d, keyFile: %s\n",
+                                                      name, srv, port, keyFile);
+    }
+}
+
+#endif
+
+
+/* Trace got packet number */
+static void TracePacket(void)
+{
+    if (TraceOn) {
+        static word32 packetNumber = 0;
+        fprintf(TraceFile, "\tGot a Packet to decode, packet %u\n",
+                ++packetNumber);
+    }
+}
+
+
+/* Convert network byte order address into human readable */
+static char* IpToS(word32 addr, char* str)
+{
+    byte* p = (byte*)&addr;
+    
+    SNPRINTF(str, TRACE_MSG_SZ, "%d.%d.%d.%d", p[0], p[1], p[2], p[3]);
+    
+    return str;
+}
+
+
+/* Show destination and source address from Ip Hdr for packet Trace */
+static void TraceIP(IpHdr* iphdr)
+{
+    if (TraceOn) {
+        char src[TRACE_MSG_SZ];
+        char dst[TRACE_MSG_SZ];
+        fprintf(TraceFile, "\tdst:%s src:%s\n", IpToS(iphdr->dst, dst),
+                IpToS(iphdr->src, src));
+    }
+}
+
+
+/* Show destination and source port from Tcp Hdr for packet Trace */
+static void TraceTcp(TcpHdr* tcphdr)
+{
+    if (TraceOn) {
+        fprintf(TraceFile, "\tdstPort:%u srcPort:%u\n", ntohs(tcphdr->dstPort),
+                ntohs(tcphdr->srcPort));
+    }
+}
+
+
+/* Show sequence and payload length for Trace */
+static void TraceSequence(word32 seq, int len)
+{
+    if (TraceOn) {
+        fprintf(TraceFile, "\tSequence:%u, payload length:%d\n", seq, len);
+    }
+}
+
+
+/* Show sequence and payload length for Trace */
+static void TraceAck(word32 ack, word32 expected)
+{
+    if (TraceOn) {
+        fprintf(TraceFile, "\tAck:%u Expected:%u\n", ack, expected);
+    }
+}
+
+
+/* Show relative expected and relative received sequences */
+static void TraceRelativeSequence(word32 expected, word32 got)
+{
+    if (TraceOn) {
+        fprintf(TraceFile, "\tExpected sequence:%u, received sequence:%u\n",
+                expected, got);
+    }
+}
+
+
+/* Show server sequence startup from SYN */
+static void TraceServerSyn(word32 seq)
+{
+    if (TraceOn) {
+        fprintf(TraceFile, "\tServer SYN, Sequence Start:%u\n", seq);
+    }
+}
+
+
+/* Show client sequence startup from SYN */
+static void TraceClientSyn(word32 seq)
+{
+    if (TraceOn) {
+        fprintf(TraceFile, "\tClient SYN, Sequence Start:%u\n", seq);
+    }
+}
+
+
+/* Show client FIN capture */
+static void TraceClientFin(word32 finSeq, word32 relSeq)
+{
+    if (TraceOn) {
+        fprintf(TraceFile, "\tClient FIN capture:%u, current SEQ:%u\n",
+                finSeq, relSeq);
+    }
+}
+
+
+/* Show server FIN capture */
+static void TraceServerFin(word32 finSeq, word32 relSeq)
+{
+    if (TraceOn) {
+        fprintf(TraceFile, "\tServer FIN capture:%u, current SEQ:%u\n",
+                finSeq, relSeq);
+    }
+}
+
+
+/* Show number of SSL data bytes decoded, could be 0 (ok) */
+static void TraceGotData(int bytes)
+{
+    if (TraceOn) {
+        fprintf(TraceFile, "\t%d bytes of SSL App data processed\n", bytes);
+    }
+}
+
+
+/* Show bytes added to old SSL App data */
+static void TraceAddedData(int newBytes, int existingBytes)
+{
+    if (TraceOn) {
+        fprintf(TraceFile,
+                "\t%d bytes added to %d exisiting bytes in User Buffer\n",
+                newBytes, existingBytes);
+    }
+}
+
+
+/* Show Stale Session */
+static void TraceStaleSession(void)
+{
+    if (TraceOn) {
+        fprintf(TraceFile, "\tFound a stale session\n");
+    }
+}
+
+
+/* Show Finding Stale Sessions */
+static void TraceFindingStale(void)
+{
+    if (TraceOn) {
+        fprintf(TraceFile, "\tTrying to find Stale Sessions\n");
+    }
+}
+
+
+/* Show Removed Session */
+static void TraceRemovedSession(void)
+{
+    if (TraceOn) {
+        fprintf(TraceFile, "\tRemoved it\n");
+    }
+}
+
+
+/* Set user error string */
+static void SetError(int idx, char* error, SnifferSession* session, int fatal)
+{
+    GetError(idx, error);
+    Trace(idx);
+    if (session && fatal == FATAL_ERROR_STATE)
+        session->flags.fatalError = 1;
+}
+
+
+/* See if this IPV4 network order address has been registered */
+/* return 1 is true, 0 is false */
+static int IsServerRegistered(word32 addr)
+{
+    int ret = 0;     /* false */
+    SnifferServer* sniffer;
+
+    LockMutex(&ServerListMutex);
+    
+    sniffer = ServerList;
+    while (sniffer) {
+        if (sniffer->server == addr) {
+            ret = 1;
+            break;
+        }
+        sniffer = sniffer->next;
+    }
+    
+    UnLockMutex(&ServerListMutex);
+
+    return ret;
+}
+
+
+/* See if this port has been registered to watch */
+/* return 1 is true, 0 is false */
+static int IsPortRegistered(word32 port)
+{
+    int ret = 0;    /* false */
+    SnifferServer* sniffer;
+    
+    LockMutex(&ServerListMutex);
+    
+    sniffer = ServerList;
+    while (sniffer) {
+        if (sniffer->port == (int)port) {
+            ret = 1; 
+            break;
+        }
+        sniffer = sniffer->next;
+    }
+    
+    UnLockMutex(&ServerListMutex);
+
+    return ret;
+}
+
+
+/* Get SnifferServer from IP and Port */
+static SnifferServer* GetSnifferServer(IpInfo* ipInfo, TcpInfo* tcpInfo)
+{
+    SnifferServer* sniffer;
+    
+    LockMutex(&ServerListMutex);
+    
+    sniffer = ServerList;
+    while (sniffer) {
+        if (sniffer->port == tcpInfo->srcPort && sniffer->server == ipInfo->src)
+            break;
+        if (sniffer->port == tcpInfo->dstPort && sniffer->server == ipInfo->dst)
+            break;
+        sniffer = sniffer->next;
+    }
+    
+    UnLockMutex(&ServerListMutex);
+    
+    return sniffer;
+}
+
+
+/* Hash the Session Info, return hash row */
+static word32 SessionHash(IpInfo* ipInfo, TcpInfo* tcpInfo)
+{
+    word32 hash = ipInfo->src * ipInfo->dst;
+    hash *= tcpInfo->srcPort * tcpInfo->dstPort;
+    
+    return hash % HASH_SIZE;
+}
+
+
+/* Get Exisiting SnifferSession from IP and Port */
+static SnifferSession* GetSnifferSession(IpInfo* ipInfo, TcpInfo* tcpInfo)
+{
+    SnifferSession* session;
+    time_t          currTime = time(NULL); 
+    word32          row = SessionHash(ipInfo, tcpInfo);
+
+    assert(row <= HASH_SIZE);
+    
+    LockMutex(&SessionMutex);
+    
+    session = SessionTable[row];
+    while (session) {
+        if (session->server == ipInfo->src && session->client == ipInfo->dst &&
+                    session->srvPort == tcpInfo->srcPort &&
+                    session->cliPort == tcpInfo->dstPort)
+            break;
+        if (session->client == ipInfo->src && session->server == ipInfo->dst &&
+                    session->cliPort == tcpInfo->srcPort &&
+                    session->srvPort == tcpInfo->dstPort)
+            break;
+        
+        session = session->next;
+    }
+
+    if (session)
+        session->lastUsed= currTime; /* keep session alive, remove stale will */
+                                     /* leave alone */   
+    UnLockMutex(&SessionMutex);
+    
+    /* determine side */
+    if (session) {
+        if (ipInfo->dst == session->context->server &&
+            tcpInfo->dstPort == session->context->port)
+            session->flags.side = WOLFSSL_SERVER_END;
+        else
+            session->flags.side = WOLFSSL_CLIENT_END;
+    }    
+    
+    return session;
+}
+
+
+#ifdef HAVE_SNI
+
+static int LoadKeyFile(byte** keyBuf, word32* keyBufSz,
+                const char* keyFile, int typeKey,
+                const char* password)
+{
+    byte* loadBuf;
+    byte* saveBuf;
+    long fileSz = 0;
+    int saveBufSz;
+    XFILE file;
+    int ret;
+
+    if (keyBuf == NULL || keyBufSz == NULL || keyFile == NULL) {
+        return -1;
+    }
+
+    file = XFOPEN(keyFile, "rb");
+    if (file == XBADFILE) return -1;
+    XFSEEK(file, 0, XSEEK_END);
+    fileSz = XFTELL(file);
+    XREWIND(file);
+
+    loadBuf = (byte*)malloc(fileSz);
+    if (loadBuf == NULL) {
+        XFCLOSE(file);
+        return -1;
+    }
+
+    ret = (int)XFREAD(loadBuf, fileSz, 1, file);
+    XFCLOSE(file);
+
+    if (typeKey == SSL_FILETYPE_PEM) {
+        saveBuf = (byte*)malloc(fileSz);
+
+        saveBufSz = wolfSSL_KeyPemToDer(loadBuf, (int)fileSz,
+                                                saveBuf, (int)fileSz, password);
+        free(loadBuf);
+
+        *keyBuf = saveBuf;
+        *keyBufSz = (word32)saveBufSz;
+    }
+    else {
+        *keyBuf = loadBuf;
+        *keyBufSz = (word32)fileSz;
+    }
+
+
+    if (ret < 0) {
+        return -1;
+    }
+
+    return ret;
+}
+
+#endif
+
+
+static int SetNamedPrivateKey(const char* name, const char* address, int port,
+            const char* keyFile, int typeKey, const char* password, char* error)
+{
+    SnifferServer* sniffer;
+    int            ret;
+    int            type = (typeKey == FILETYPE_PEM) ? SSL_FILETYPE_PEM :
+                                                      SSL_FILETYPE_ASN1;
+    int            isNew = 0;
+    word32         serverIp;
+
+#ifdef HAVE_SNI
+    NamedKey* namedKey = NULL;
+#endif
+
+    (void)name;
+#ifdef HAVE_SNI
+    if (name != NULL) {
+        namedKey = (NamedKey*)malloc(sizeof(NamedKey));
+        if (namedKey == NULL) {
+            SetError(MEMORY_STR, error, NULL, 0);
+            return -1;
+        }
+        XMEMSET(namedKey, 0, sizeof(NamedKey));
+
+        namedKey->nameSz = (word32)strnlen(name, sizeof(namedKey->name));
+        strncpy(namedKey->name, name, sizeof(namedKey->name));
+
+        ret = LoadKeyFile(&namedKey->key, &namedKey->keySz,
+                          keyFile, type, password);
+        if (ret < 0) {
+            SetError(KEY_FILE_STR, error, NULL, 0);
+            FreeNamedKey(namedKey);
+            return -1;
+        }
+    }
+#endif
+
+    serverIp = inet_addr(address);
+    sniffer = ServerList;
+    while (sniffer != NULL &&
+           (sniffer->server != serverIp || sniffer->port != port)) {
+        sniffer = sniffer->next;
+    }
+
+    if (sniffer == NULL) {
+        isNew = 1;
+        sniffer = (SnifferServer*)malloc(sizeof(SnifferServer));
+        if (sniffer == NULL) {
+            SetError(MEMORY_STR, error, NULL, 0);
+#ifdef HAVE_SNI
+            FreeNamedKey(namedKey);
+#endif
+            return -1;
+        }
+        InitSnifferServer(sniffer);
+
+        XSTRNCPY(sniffer->address, address, MAX_SERVER_ADDRESS-1);
+        sniffer->address[MAX_SERVER_ADDRESS-1] = '\0';
+        sniffer->server = serverIp;
+        sniffer->port = port;
+
+        sniffer->ctx = SSL_CTX_new(SSLv3_client_method());
+        if (!sniffer->ctx) {
+            SetError(MEMORY_STR, error, NULL, 0);
+#ifdef HAVE_SNI
+            FreeNamedKey(namedKey);
+#endif
+            FreeSnifferServer(sniffer);
+            return -1;
+        }
+    }
+
+    if (name == NULL) {
+        if (password) {
+            SSL_CTX_set_default_passwd_cb(sniffer->ctx, SetPassword);
+            SSL_CTX_set_default_passwd_cb_userdata(
+                                                 sniffer->ctx, (void*)password);
+        }
+        ret = SSL_CTX_use_PrivateKey_file(sniffer->ctx, keyFile, type);
+        if (ret != SSL_SUCCESS) {
+            SetError(KEY_FILE_STR, error, NULL, 0);
+            if (isNew)
+                FreeSnifferServer(sniffer);
+            return -1;
+        }
+    }
+#ifdef HAVE_SNI
+    else {
+        LockMutex(&sniffer->namedKeysMutex);
+        namedKey->next = sniffer->namedKeys;
+        sniffer->namedKeys = namedKey;
+        UnLockMutex(&sniffer->namedKeysMutex);
+    }
+#endif
+
+    if (isNew) {
+        sniffer->next = ServerList;
+        ServerList = sniffer;
+    }
+
+    return 0;
+}
+
+
+#ifdef HAVE_SNI
+
+/* Sets the private key for a specific name, server and port  */
+/* returns 0 on success, -1 on error */
+int ssl_SetNamedPrivateKey(const char* name,
+                           const char* address, int port,
+                           const char* keyFile, int typeKey,
+                           const char* password, char* error)
+{
+    int ret;
+
+    TraceHeader();
+    TraceSetNamedServer(name, address, port, keyFile);
+
+    LockMutex(&ServerListMutex);
+    ret = SetNamedPrivateKey(name, address, port, keyFile,
+                             typeKey, password, error);
+    UnLockMutex(&ServerListMutex);
+
+    if (ret == 0)
+        Trace(NEW_SERVER_STR);
+
+    return ret;
+}
+
+#endif
+
+
+/* Sets the private key for a specific server and port  */
+/* returns 0 on success, -1 on error */
+int ssl_SetPrivateKey(const char* address, int port, const char* keyFile,
+                      int typeKey, const char* password, char* error)
+{
+    int ret;
+
+    TraceHeader();
+    TraceSetServer(address, port, keyFile);
+
+    LockMutex(&ServerListMutex);
+    ret = SetNamedPrivateKey(NULL, address, port, keyFile,
+                             typeKey, password, error);
+    UnLockMutex(&ServerListMutex);
+
+    if (ret == 0)
+        Trace(NEW_SERVER_STR);
+
+    return ret;
+}
+
+
+/* Check IP Header for IPV4, TCP, and a registered server address */
+/* returns 0 on success, -1 on error */
+static int CheckIpHdr(IpHdr* iphdr, IpInfo* info, int length, char* error)
+{
+    int    version = IP_V(iphdr);
+
+    TraceIP(iphdr);
+    Trace(IP_CHECK_STR);
+
+    if (version != IPV4) {
+        SetError(BAD_IPVER_STR, error, NULL, 0); 
+        return -1;
+    }
+
+    if (iphdr->protocol != TCP_PROTOCOL) { 
+        SetError(BAD_PROTO_STR, error, NULL, 0);
+        return -1;
+    }
+
+    if (!IsServerRegistered(iphdr->src) && !IsServerRegistered(iphdr->dst)) {
+        SetError(SERVER_NOT_REG_STR, error, NULL, 0);
+        return -1;
+    }
+
+    info->length  = IP_HL(iphdr);
+    info->total   = ntohs(iphdr->length);
+    info->src     = iphdr->src;
+    info->dst     = iphdr->dst;
+
+    if (info->total == 0)
+        info->total = length;  /* reassembled may be off */
+
+    return 0;
+}
+
+
+/* Check TCP Header for a registered port */
+/* returns 0 on success, -1 on error */
+static int CheckTcpHdr(TcpHdr* tcphdr, TcpInfo* info, char* error)
+{
+    TraceTcp(tcphdr);
+    Trace(TCP_CHECK_STR);
+    info->srcPort   = ntohs(tcphdr->srcPort);
+    info->dstPort   = ntohs(tcphdr->dstPort);
+    info->length    = TCP_LEN(tcphdr);
+    info->sequence  = ntohl(tcphdr->sequence);
+    info->fin       = tcphdr->flags & TCP_FIN;
+    info->rst       = tcphdr->flags & TCP_RST;
+    info->syn       = tcphdr->flags & TCP_SYN;
+    info->ack       = tcphdr->flags & TCP_ACK;
+    if (info->ack)
+        info->ackNumber = ntohl(tcphdr->ack); 
+
+    if (!IsPortRegistered(info->srcPort) && !IsPortRegistered(info->dstPort)) {
+        SetError(SERVER_PORT_NOT_REG_STR, error, NULL, 0);
+        return -1;
+    }
+
+    return 0;
+}
+
+
+/* Decode Record Layer Header */
+static int GetRecordHeader(const byte* input, RecordLayerHeader* rh, int* size)
+{
+    XMEMCPY(rh, input, RECORD_HEADER_SZ);
+    *size = (rh->length[0] << 8) | rh->length[1];
+
+    if (*size > (MAX_RECORD_SIZE + COMP_EXTRA + MAX_MSG_EXTRA))
+        return LENGTH_ERROR;
+
+    return 0;
+}
+
+
+/* Process Client Key Exchange, RSA only */
+static int ProcessClientKeyExchange(const byte* input, int* sslBytes,
+                                    SnifferSession* session, char* error)
+{
+    word32 idx = 0;
+    RsaKey key;
+    int    ret;
+
+    ret = wc_InitRsaKey(&key, 0);
+    if (ret == 0)
+        ret = wc_RsaPrivateKeyDecode(session->sslServer->buffers.key.buffer,
+                          &idx, &key, session->sslServer->buffers.key.length);
+    if (ret == 0) {
+        int length = wc_RsaEncryptSize(&key);
+
+        if (IsTLS(session->sslServer))
+            input += 2;     /* tls pre length */
+
+        if (length > *sslBytes) {
+            SetError(PARTIAL_INPUT_STR, error, session, FATAL_ERROR_STATE);
+            wc_FreeRsaKey(&key);
+            return -1;
+        }
+        ret = wc_RsaPrivateDecrypt(input, length,
+                  session->sslServer->arrays->preMasterSecret,SECRET_LEN, &key);
+
+        if (ret != SECRET_LEN) {
+            SetError(RSA_DECRYPT_STR, error, session, FATAL_ERROR_STATE);
+            wc_FreeRsaKey(&key);
+            return -1;
+        }
+        ret = 0;  /* not in error state */
+        session->sslServer->arrays->preMasterSz = SECRET_LEN;
+
+        /* store for client side as well */
+        XMEMCPY(session->sslClient->arrays->preMasterSecret,
+               session->sslServer->arrays->preMasterSecret, SECRET_LEN);
+        session->sslClient->arrays->preMasterSz = SECRET_LEN;
+
+        #ifdef SHOW_SECRETS
+        {
+            int i;
+            printf("pre master secret: ");
+            for (i = 0; i < SECRET_LEN; i++)
+                printf("%02x", session->sslServer->arrays->preMasterSecret[i]);
+            printf("\n");
+        }
+        #endif
+    }
+    else {
+        SetError(RSA_DECODE_STR, error, session, FATAL_ERROR_STATE);
+        wc_FreeRsaKey(&key);
+        return -1;
+    }
+
+    if (SetCipherSpecs(session->sslServer) != 0) {
+        SetError(BAD_CIPHER_SPEC_STR, error, session, FATAL_ERROR_STATE);
+        wc_FreeRsaKey(&key);
+        return -1;
+    }
+
+    if (SetCipherSpecs(session->sslClient) != 0) {
+        SetError(BAD_CIPHER_SPEC_STR, error, session, FATAL_ERROR_STATE);
+        wc_FreeRsaKey(&key);
+        return -1;
+    }
+
+    ret  = MakeMasterSecret(session->sslServer);
+    ret += MakeMasterSecret(session->sslClient);
+    ret += SetKeysSide(session->sslServer, ENCRYPT_AND_DECRYPT_SIDE);
+    ret += SetKeysSide(session->sslClient, ENCRYPT_AND_DECRYPT_SIDE);
+
+    if (ret != 0) {
+        SetError(BAD_DERIVE_STR, error, session, FATAL_ERROR_STATE);
+        return -1;
+    }
+
+#ifdef SHOW_SECRETS
+    {
+        int i;
+        printf("server master secret: ");
+        for (i = 0; i < SECRET_LEN; i++)
+            printf("%02x", session->sslServer->arrays->masterSecret[i]);
+        printf("\n");
+
+        printf("client master secret: ");
+        for (i = 0; i < SECRET_LEN; i++)
+            printf("%02x", session->sslClient->arrays->masterSecret[i]);
+        printf("\n");
+
+        printf("server suite = %d\n", session->sslServer->options.cipherSuite);
+        printf("client suite = %d\n", session->sslClient->options.cipherSuite);
+    }
+#endif
+
+    wc_FreeRsaKey(&key);
+    return ret;
+}
+
+
+/* Process Session Ticket */
+static int ProcessSessionTicket(const byte* input, int* sslBytes,
+                                SnifferSession* session, char* error)
+{
+    word16 len;
+
+    /* make sure can read through hint and len */
+    if (TICKET_HINT_LEN + LENGTH_SZ > *sslBytes) {
+        SetError(BAD_INPUT_STR, error, session, FATAL_ERROR_STATE);
+        return -1;
+    }
+
+    input     += TICKET_HINT_LEN;  /* skip over hint */
+    *sslBytes -= TICKET_HINT_LEN;
+
+    len = (word16)((input[0] << 8) | input[1]);
+    input     += LENGTH_SZ;
+    *sslBytes -= LENGTH_SZ;
+
+    /* make sure can read through ticket */
+    if (len > *sslBytes || len < ID_LEN) {
+        SetError(BAD_INPUT_STR, error, session, FATAL_ERROR_STATE);
+        return -1;
+    }
+
+    /* store session with macID as sessionID */
+    session->sslServer->options.haveSessionId = 1;
+    XMEMCPY(session->sslServer->arrays->sessionID, input + len - ID_LEN,ID_LEN);
+
+    return 0;
+}
+
+
+/* Process Server Hello */
+static int ProcessServerHello(const byte* input, int* sslBytes,
+                              SnifferSession* session, char* error)
+{
+    ProtocolVersion pv;
+    byte            b;
+    int             toRead = VERSION_SZ + RAN_LEN + ENUM_LEN;
+    int             doResume     = 0;
+
+    /* make sure we didn't miss ClientHello */
+    if (session->flags.clientHello == 0) {
+        SetError(MISSED_CLIENT_HELLO_STR, error, session, FATAL_ERROR_STATE);
+        return -1;
+    }
+
+    /* make sure can read through session len */
+    if (toRead > *sslBytes) {
+        SetError(SERVER_HELLO_INPUT_STR, error, session, FATAL_ERROR_STATE);
+        return -1;
+    }
+
+    XMEMCPY(&pv, input, VERSION_SZ);
+    input     += VERSION_SZ;
+    *sslBytes -= VERSION_SZ;
+
+    session->sslServer->version = pv;
+    session->sslClient->version = pv;
+
+    XMEMCPY(session->sslServer->arrays->serverRandom, input, RAN_LEN);
+    XMEMCPY(session->sslClient->arrays->serverRandom, input, RAN_LEN);
+    input    += RAN_LEN;
+    *sslBytes -= RAN_LEN;
+
+    b = *input++;
+    *sslBytes -= 1;
+
+    /* make sure can read through compression */
+    if ( (b + SUITE_LEN + ENUM_LEN) > *sslBytes) {
+        SetError(SERVER_HELLO_INPUT_STR, error, session, FATAL_ERROR_STATE);
+        return -1;
+    }
+    if (b) {
+        XMEMCPY(session->sslServer->arrays->sessionID, input, ID_LEN);
+        session->sslServer->options.haveSessionId = 1;
+    }
+    input     += b;
+    *sslBytes -= b;
+
+    /* cipher suite */
+    b = *input++;  /* first byte, ECC or not */
+    session->sslServer->options.cipherSuite0 = b;
+    session->sslClient->options.cipherSuite0 = b;
+    b = *input++;
+    session->sslServer->options.cipherSuite = b;
+    session->sslClient->options.cipherSuite = b;
+    *sslBytes -= SUITE_LEN;
+
+    /* compression */
+    b = *input++;
+    *sslBytes -= ENUM_LEN;
+
+    if (b) {
+        SetError(BAD_COMPRESSION_STR, error, session, FATAL_ERROR_STATE);
+        return -1;
+    }
+
+    if (session->sslServer->options.haveSessionId &&
+            XMEMCMP(session->sslServer->arrays->sessionID,
+                    session->sslClient->arrays->sessionID, ID_LEN) == 0)
+        doResume = 1;
+    else if (session->sslClient->options.haveSessionId == 0 &&
+             session->sslServer->options.haveSessionId == 0 &&
+             session->ticketID)
+        doResume = 1;
+
+    if (session->ticketID && doResume) {
+        /* use ticketID to retrieve from session, prefer over sessionID */
+        XMEMCPY(session->sslServer->arrays->sessionID,session->ticketID,ID_LEN);
+        session->sslServer->options.haveSessionId = 1;  /* may not have
+                                                           actual sessionID */
+    }
+
+    if (doResume ) {
+        int ret = 0;
+        SSL_SESSION* resume = GetSession(session->sslServer,
+                                      session->sslServer->arrays->masterSecret);
+        if (resume == NULL) {
+            SetError(BAD_SESSION_RESUME_STR, error, session, FATAL_ERROR_STATE);
+            return -1;
+        }
+        /* make sure client has master secret too */
+        XMEMCPY(session->sslClient->arrays->masterSecret,
+               session->sslServer->arrays->masterSecret, SECRET_LEN);
+        session->flags.resuming = 1;
+
+        Trace(SERVER_DID_RESUMPTION_STR);
+        if (SetCipherSpecs(session->sslServer) != 0) {
+            SetError(BAD_CIPHER_SPEC_STR, error, session, FATAL_ERROR_STATE);
+            return -1;
+        }
+
+        if (SetCipherSpecs(session->sslClient) != 0) {
+            SetError(BAD_CIPHER_SPEC_STR, error, session, FATAL_ERROR_STATE);
+            return -1;
+        }
+
+        if (session->sslServer->options.tls) {
+            ret =  DeriveTlsKeys(session->sslServer);
+            ret += DeriveTlsKeys(session->sslClient);
+        }
+        else {
+            ret =  DeriveKeys(session->sslServer);
+            ret += DeriveKeys(session->sslClient);
+        }
+        ret += SetKeysSide(session->sslServer, ENCRYPT_AND_DECRYPT_SIDE);
+        ret += SetKeysSide(session->sslClient, ENCRYPT_AND_DECRYPT_SIDE);
+
+        if (ret != 0) {
+            SetError(BAD_DERIVE_STR, error, session, FATAL_ERROR_STATE);
+            return -1;
+        }
+    }
+#ifdef SHOW_SECRETS
+    {
+        int i;
+        printf("cipher suite = 0x%02x\n",
+               session->sslServer->options.cipherSuite);
+        printf("server random: ");
+        for (i = 0; i < RAN_LEN; i++)
+            printf("%02x", session->sslServer->arrays->serverRandom[i]);
+        printf("\n");
+    }
+#endif
+    return 0;
+}
+
+
+/* Process normal Client Hello */
+static int ProcessClientHello(const byte* input, int* sslBytes,
+                              SnifferSession* session, char* error)
+{
+    byte   bLen;
+    word16 len;
+    int    toRead = VERSION_SZ + RAN_LEN + ENUM_LEN;
+
+#ifdef HAVE_SNI
+    {
+        byte name[MAX_SERVER_NAME];
+        word32 nameSz = sizeof(name);
+        int ret;
+
+        ret = wolfSSL_SNI_GetFromBuffer(
+                             input - HANDSHAKE_HEADER_SZ - RECORD_HEADER_SZ,
+                             *sslBytes + HANDSHAKE_HEADER_SZ + RECORD_HEADER_SZ,
+                             WOLFSSL_SNI_HOST_NAME, name, &nameSz);
+
+        if (ret == SSL_SUCCESS) {
+            NamedKey* namedKey;
+
+            name[nameSz] = 0;
+            LockMutex(&session->context->namedKeysMutex);
+            namedKey = session->context->namedKeys;
+            while (namedKey != NULL) {
+                if (nameSz == namedKey->nameSz &&
+                           XSTRNCMP((char*)name, namedKey->name, nameSz) == 0) {
+                    if (wolfSSL_use_PrivateKey_buffer(session->sslServer,
+                                            namedKey->key, namedKey->keySz,
+                                            SSL_FILETYPE_ASN1) != SSL_SUCCESS) {
+                        UnLockMutex(&session->context->namedKeysMutex);
+                        SetError(CLIENT_HELLO_LATE_KEY_STR, error, session,
+                                                             FATAL_ERROR_STATE);
+                        return -1;
+                    }
+                    break;
+                }
+                else
+                    namedKey = namedKey->next;
+            }
+            UnLockMutex(&session->context->namedKeysMutex);
+        }
+    }
+#endif
+
+    session->flags.clientHello = 1;  /* don't process again */
+
+    /* make sure can read up to session len */
+    if (toRead > *sslBytes) {
+        SetError(CLIENT_HELLO_INPUT_STR, error, session, FATAL_ERROR_STATE);
+        return -1;
+    }
+
+    /* skip, get negotiated one from server hello */
+    input     += VERSION_SZ;
+    *sslBytes -= VERSION_SZ;
+
+    XMEMCPY(session->sslServer->arrays->clientRandom, input, RAN_LEN);
+    XMEMCPY(session->sslClient->arrays->clientRandom, input, RAN_LEN);
+
+    input     += RAN_LEN;
+    *sslBytes -= RAN_LEN;
+
+    /* store session in case trying to resume */
+    bLen = *input++;
+    *sslBytes -= ENUM_LEN;
+    if (bLen) {
+        if (ID_LEN > *sslBytes) {
+            SetError(CLIENT_HELLO_INPUT_STR, error, session, FATAL_ERROR_STATE);
+            return -1;
+        }
+        Trace(CLIENT_RESUME_TRY_STR);
+        XMEMCPY(session->sslClient->arrays->sessionID, input, ID_LEN);
+        session->sslClient->options.haveSessionId = 1;
+    }
+#ifdef SHOW_SECRETS
+    {
+        int i;
+        printf("client random: ");
+        for (i = 0; i < RAN_LEN; i++)
+            printf("%02x", session->sslServer->arrays->clientRandom[i]);
+        printf("\n");
+    }
+#endif
+
+    input     += bLen;
+    *sslBytes -= bLen;
+
+    /* skip cipher suites */
+    /* make sure can read len */
+    if (SUITE_LEN > *sslBytes) {
+        SetError(CLIENT_HELLO_INPUT_STR, error, session, FATAL_ERROR_STATE);
+        return -1;
+    }
+    len = (word16)((input[0] << 8) | input[1]);
+    input     += SUITE_LEN;
+    *sslBytes -= SUITE_LEN;
+    /* make sure can read suites + comp len */
+    if (len + ENUM_LEN > *sslBytes) {
+        SetError(CLIENT_HELLO_INPUT_STR, error, session, FATAL_ERROR_STATE);
+        return -1;
+    }
+    input     += len;
+    *sslBytes -= len;
+
+    /* skip compression */
+    bLen       = *input++;
+    *sslBytes -= ENUM_LEN;
+    /* make sure can read len */
+    if (bLen > *sslBytes) {
+        SetError(CLIENT_HELLO_INPUT_STR, error, session, FATAL_ERROR_STATE);
+        return -1;
+    }
+    input     += bLen;
+    *sslBytes -= bLen;
+  
+    if (*sslBytes == 0) {
+        /* no extensions */
+        return 0;
+    }
+    
+    /* skip extensions until session ticket */
+    /* make sure can read len */
+    if (SUITE_LEN > *sslBytes) {
+        SetError(CLIENT_HELLO_INPUT_STR, error, session, FATAL_ERROR_STATE);
+        return -1;
+    }
+    len = (word16)((input[0] << 8) | input[1]);
+    input     += SUITE_LEN;
+    *sslBytes -= SUITE_LEN;
+    /* make sure can read through all extensions */
+    if (len > *sslBytes) {
+        SetError(CLIENT_HELLO_INPUT_STR, error, session, FATAL_ERROR_STATE);
+        return -1;
+    }
+
+    while (len > EXT_TYPE_SZ + LENGTH_SZ) {
+        byte   extType[EXT_TYPE_SZ];
+        word16 extLen;
+
+        extType[0] = input[0];
+        extType[1] = input[1];
+        input     += EXT_TYPE_SZ;
+        *sslBytes -= EXT_TYPE_SZ;
+
+        extLen = (word16)((input[0] << 8) | input[1]);
+        input     += LENGTH_SZ;
+        *sslBytes -= LENGTH_SZ;
+
+        /* make sure can read through individual extension */
+        if (extLen > *sslBytes) {
+            SetError(CLIENT_HELLO_INPUT_STR, error, session, FATAL_ERROR_STATE);
+            return -1;
+        }
+
+        if (extType[0] == 0x00 && extType[1] == TICKET_EXT_ID) {
+
+            /* make sure can read through ticket if there is a non blank one */
+            if (extLen && extLen < ID_LEN) {
+                SetError(CLIENT_HELLO_INPUT_STR, error, session,
+                         FATAL_ERROR_STATE);
+                return -1;
+            }
+
+            if (extLen) {
+                if (session->ticketID == 0) {
+                    session->ticketID = (byte*)malloc(ID_LEN);
+                    if (session->ticketID == 0) {
+                        SetError(MEMORY_STR, error, session,
+                                 FATAL_ERROR_STATE);
+                        return -1;
+                    }
+                }
+                XMEMCPY(session->ticketID, input + extLen - ID_LEN, ID_LEN);
+            }
+        }
+
+        input     += extLen;
+        *sslBytes -= extLen;
+        len       -= extLen + EXT_TYPE_SZ + LENGTH_SZ;
+    }
+
+    return 0;
+}
+
+
+/* Process Finished */
+static int ProcessFinished(const byte* input, int size, int* sslBytes,
+                           SnifferSession* session, char* error)
+{
+    SSL*   ssl;
+    word32 inOutIdx = 0;
+    int    ret;
+                
+    if (session->flags.side == WOLFSSL_SERVER_END)
+        ssl = session->sslServer;
+    else
+        ssl = session->sslClient;
+
+    ret = DoFinished(ssl, input, &inOutIdx, (word32) size, (word32) *sslBytes,
+                                                                         SNIFF);
+    *sslBytes -= (int)inOutIdx;
+
+    if (ret < 0) {
+        SetError(BAD_FINISHED_MSG, error, session, FATAL_ERROR_STATE);
+        return ret;
+    }
+                
+    if (ret == 0 && session->flags.cached == 0) {
+        if (session->sslServer->options.haveSessionId) {
+            WOLFSSL_SESSION* sess = GetSession(session->sslServer, NULL);
+            if (sess == NULL)
+                AddSession(session->sslServer);  /* don't re add */
+            session->flags.cached = 1;
+         }
+    }
+
+    FreeHandshakeResources(ssl);
+
+    return ret;
+}
+
+
+/* Process HandShake input */
+static int DoHandShake(const byte* input, int* sslBytes,
+                       SnifferSession* session, char* error)
+{
+    byte type;
+    int  size;
+    int  ret = 0;
+    int  startBytes;
+
+    if (*sslBytes < HANDSHAKE_HEADER_SZ) {
+        SetError(HANDSHAKE_INPUT_STR, error, session, FATAL_ERROR_STATE);
+        return -1;
+    }
+    type = input[0];
+    size = (input[1] << 16) | (input[2] << 8) | input[3];
+    
+    input     += HANDSHAKE_HEADER_SZ;
+    *sslBytes -= HANDSHAKE_HEADER_SZ;
+    startBytes = *sslBytes;
+
+    if (*sslBytes < size) {
+        SetError(HANDSHAKE_INPUT_STR, error, session, FATAL_ERROR_STATE);
+        return -1;
+    }
+    
+    switch (type) {
+        case hello_verify_request:
+            Trace(GOT_HELLO_VERIFY_STR);
+            break;
+        case hello_request:
+            Trace(GOT_HELLO_REQUEST_STR);
+            break;
+        case session_ticket:
+            Trace(GOT_SESSION_TICKET_STR);
+            ret = ProcessSessionTicket(input, sslBytes, session, error);
+            break;
+        case server_hello:
+            Trace(GOT_SERVER_HELLO_STR);
+            ret = ProcessServerHello(input, sslBytes, session, error);
+            break;
+        case certificate_request:
+            Trace(GOT_CERT_REQ_STR);
+            break;
+        case server_key_exchange:
+            Trace(GOT_SERVER_KEY_EX_STR);
+            /* can't know temp key passively */
+            SetError(BAD_CIPHER_SPEC_STR, error, session, FATAL_ERROR_STATE);
+            ret = -1;
+            break;
+        case certificate:
+            Trace(GOT_CERT_STR);
+            break;
+        case server_hello_done:
+            Trace(GOT_SERVER_HELLO_DONE_STR);
+            break;
+        case finished:
+            Trace(GOT_FINISHED_STR);
+            ret = ProcessFinished(input, size, sslBytes, session, error);
+            break;
+        case client_hello:
+            Trace(GOT_CLIENT_HELLO_STR);
+            ret = ProcessClientHello(input, sslBytes, session, error);
+            break;
+        case client_key_exchange:
+            Trace(GOT_CLIENT_KEY_EX_STR);
+            ret = ProcessClientKeyExchange(input, sslBytes, session, error);
+            break;
+        case certificate_verify:
+            Trace(GOT_CERT_VER_STR);
+            break;
+        default:
+            SetError(GOT_UNKNOWN_HANDSHAKE_STR, error, session, 0);
+            return -1;
+    }
+
+    *sslBytes = startBytes - size;  /* actual bytes of full process */
+
+    return ret;
+}
+
+
+/* Decrypt input into plain output, 0 on success */
+static int Decrypt(SSL* ssl, byte* output, const byte* input, word32 sz)
+{
+    int ret = 0;
+
+    switch (ssl->specs.bulk_cipher_algorithm) {
+        #ifdef BUILD_ARC4
+        case wolfssl_rc4:
+            wc_Arc4Process(ssl->decrypt.arc4, output, input, sz);
+            break;
+        #endif
+            
+        #ifdef BUILD_DES3
+        case wolfssl_triple_des:
+            ret = wc_Des3_CbcDecrypt(ssl->decrypt.des3, output, input, sz);
+            break;
+        #endif
+            
+        #ifdef BUILD_AES
+        case wolfssl_aes:
+            ret = wc_AesCbcDecrypt(ssl->decrypt.aes, output, input, sz);
+            break;
+        #endif
+            
+        #ifdef HAVE_HC128
+        case wolfssl_hc128:
+            wc_Hc128_Process(ssl->decrypt.hc128, output, input, sz);
+            break;
+        #endif
+            
+        #ifdef BUILD_RABBIT
+        case wolfssl_rabbit:
+            wc_RabbitProcess(ssl->decrypt.rabbit, output, input, sz);
+            break;
+        #endif
+
+        #ifdef HAVE_CAMELLIA 
+        case wolfssl_camellia:
+            wc_CamelliaCbcDecrypt(ssl->decrypt.cam, output, input, sz);
+            break;
+        #endif
+
+        default:
+            Trace(BAD_DECRYPT_TYPE);
+            ret = -1;
+            break;
+    }
+
+    return ret;
+}
+
+
+/* Decrypt input message into output, adjust output steam if needed */
+static const byte* DecryptMessage(SSL* ssl, const byte* input, word32 sz,
+                                  byte* output, int* error, int* advance)
+{
+    int ivExtra = 0;
+
+    int ret = Decrypt(ssl, output, input, sz);
+    if (ret != 0) {
+        *error = ret;
+        return NULL;
+    }
+    ssl->keys.encryptSz = sz;
+    if (ssl->options.tls1_1 && ssl->specs.cipher_type == block) {
+        output += ssl->specs.block_size;     /* go past TLSv1.1 IV */
+        ivExtra = ssl->specs.block_size;
+        *advance = ssl->specs.block_size;
+    }
+
+    ssl->keys.padSz = ssl->specs.hash_size;
+
+    if (ssl->specs.cipher_type == block)
+        ssl->keys.padSz += *(output + sz - ivExtra - 1) + 1;
+    
+    return output;
+}
+
+
+/* remove session from table, use rowHint if no info (means we have a lock) */
+static void RemoveSession(SnifferSession* session, IpInfo* ipInfo,
+                        TcpInfo* tcpInfo, word32 rowHint)
+{
+    SnifferSession* previous = 0;
+    SnifferSession* current;
+    word32          row = rowHint;
+    int             haveLock = 0;
+   
+    if (ipInfo && tcpInfo)
+        row = SessionHash(ipInfo, tcpInfo);
+    else
+        haveLock = 1;
+    
+    assert(row <= HASH_SIZE);
+    Trace(REMOVE_SESSION_STR);
+    
+    if (!haveLock)
+        LockMutex(&SessionMutex);
+    
+    current = SessionTable[row];
+    
+    while (current) {
+        if (current == session) {
+            if (previous)
+                previous->next = current->next;
+            else
+                SessionTable[row] = current->next;
+            FreeSnifferSession(session);
+            TraceRemovedSession();
+            break;
+        }
+        previous = current;
+        current  = current->next;
+    }
+    
+    if (!haveLock)
+        UnLockMutex(&SessionMutex);
+}
+
+
+/* Remove stale sessions from the Session Table, have a lock */
+static void RemoveStaleSessions(void)
+{
+    word32 i;
+    SnifferSession* session;
+    
+    for (i = 0; i < HASH_SIZE; i++) {
+        session = SessionTable[i];
+        while (session) {
+            SnifferSession* next = session->next; 
+            if (time(NULL) >= session->lastUsed + WOLFSSL_SNIFFER_TIMEOUT) {
+                TraceStaleSession();
+                RemoveSession(session, NULL, NULL, i);
+            }
+            session = next;
+        }
+    }
+}
+
+
+/* Create a new Sniffer Session */
+static SnifferSession* CreateSession(IpInfo* ipInfo, TcpInfo* tcpInfo,
+                                     char* error)
+{
+    SnifferSession* session = 0;
+    int row;
+        
+    Trace(NEW_SESSION_STR);
+    /* create a new one */
+    session = (SnifferSession*)malloc(sizeof(SnifferSession));
+    if (session == NULL) {
+        SetError(MEMORY_STR, error, NULL, 0);
+        return 0;
+    }
+    InitSession(session);
+    session->server  = ipInfo->dst;
+    session->client  = ipInfo->src;
+    session->srvPort = (word16)tcpInfo->dstPort;
+    session->cliPort = (word16)tcpInfo->srcPort;
+    session->cliSeqStart = tcpInfo->sequence;
+    session->cliExpected = 1;  /* relative */
+    session->lastUsed= time(NULL);
+                
+    session->context = GetSnifferServer(ipInfo, tcpInfo);
+    if (session->context == NULL) {
+        SetError(SERVER_NOT_REG_STR, error, NULL, 0);
+        free(session);
+        return 0;
+    }
+        
+    session->sslServer = SSL_new(session->context->ctx);
+    if (session->sslServer == NULL) {
+        SetError(BAD_NEW_SSL_STR, error, session, FATAL_ERROR_STATE);
+        free(session);
+        return 0;
+    }
+    session->sslClient = SSL_new(session->context->ctx);
+    if (session->sslClient == NULL) {
+        SSL_free(session->sslServer);
+        session->sslServer = 0;
+
+        SetError(BAD_NEW_SSL_STR, error, session, FATAL_ERROR_STATE);
+        free(session);
+        return 0;
+    }
+    /* put server back into server mode */
+    session->sslServer->options.side = WOLFSSL_SERVER_END;
+        
+    row = SessionHash(ipInfo, tcpInfo);
+    
+    /* add it to the session table */
+    LockMutex(&SessionMutex);
+        
+    session->next = SessionTable[row];
+    SessionTable[row] = session;
+    
+    SessionCount++;
+    
+    if ( (SessionCount % HASH_SIZE) == 0) {
+        TraceFindingStale();
+        RemoveStaleSessions();
+    }
+        
+    UnLockMutex(&SessionMutex);
+        
+    /* determine headed side */
+    if (ipInfo->dst == session->context->server &&
+        tcpInfo->dstPort == session->context->port)
+        session->flags.side = WOLFSSL_SERVER_END;
+    else
+        session->flags.side = WOLFSSL_CLIENT_END;        
+    
+    return session;
+}
+
+
+#ifdef OLD_HELLO_ALLOWED
+
+/* Process Old Client Hello Input */
+static int DoOldHello(SnifferSession* session, const byte* sslFrame,
+                      int* rhSize, int* sslBytes, char* error)
+{
+    const byte* input = sslFrame;
+    byte        b0, b1;
+    word32      idx = 0;
+    int         ret;
+
+    Trace(GOT_OLD_CLIENT_HELLO_STR);
+    session->flags.clientHello = 1;    /* don't process again */
+    b0 = *input++;
+    b1 = *input++;
+    *sslBytes -= 2;
+    *rhSize = ((b0 & 0x7f) << 8) | b1;
+
+    if (*rhSize > *sslBytes) {
+        SetError(OLD_CLIENT_INPUT_STR, error, session, FATAL_ERROR_STATE);
+        return -1;
+    }
+
+    ret = ProcessOldClientHello(session->sslServer, input, &idx, *sslBytes,
+                                (word16)*rhSize);    
+    if (ret < 0 && ret != MATCH_SUITE_ERROR) {
+        SetError(BAD_OLD_CLIENT_STR, error, session, FATAL_ERROR_STATE);
+        return -1;
+    }
+    
+    Trace(OLD_CLIENT_OK_STR);
+    XMEMCPY(session->sslClient->arrays->clientRandom,
+           session->sslServer->arrays->clientRandom, RAN_LEN);
+    
+    *sslBytes -= *rhSize;
+    return 0;
+}
+
+#endif /* OLD_HELLO_ALLOWED */
+
+
+#if 0
+/* Calculate the TCP checksum, see RFC 1071 */
+/* return 0 for success, -1 on error */
+/* can be called from decode() with
+   TcpChecksum(&ipInfo, &tcpInfo, sslBytes, packet + ipInfo.length);
+   could also add a 64bit version if type available and using this
+*/
+int TcpChecksum(IpInfo* ipInfo, TcpInfo* tcpInfo, int dataLen,
+                const byte* packet)
+{
+    TcpPseudoHdr  pseudo;
+    int           count = PSEUDO_HDR_SZ;
+    const word16* data = (word16*)&pseudo;
+    word32        sum = 0;
+    word16        checksum;
+    
+    pseudo.src = ipInfo->src;
+    pseudo.dst = ipInfo->dst;
+    pseudo.rsv = 0;
+    pseudo.protocol = TCP_PROTO;
+    pseudo.legnth = htons(tcpInfo->length + dataLen);
+    
+    /* pseudo header sum */
+    while (count >= 2) {
+        sum   += *data++;
+        count -= 2;
+    }
+    
+    count = tcpInfo->length + dataLen;
+    data = (word16*)packet;
+    
+    /* main sum */
+    while (count > 1) {
+        sum   += *data++;
+        count -=2;
+    }
+    
+    /* get left-over, if any */
+    packet = (byte*)data;
+    if (count > 0) {
+        sum += *packet;
+    }
+    
+    /* fold 32bit sum into 16 bits */
+    while (sum >> 16)
+        sum = (sum & 0xffff) + (sum >> 16);
+    
+    checksum = (word16)~sum;
+    /* checksum should now equal 0, since included already calcd checksum */
+    /* field, but tcp checksum offloading could negate calculation */
+    if (checksum == 0)
+        return 0;
+    return -1;
+}
+#endif
+
+
+/* Check IP and TCP headers, set payload */
+/* returns 0 on success, -1 on error */
+static int CheckHeaders(IpInfo* ipInfo, TcpInfo* tcpInfo, const byte* packet,
+                  int length, const byte** sslFrame, int* sslBytes, char* error)
+{
+    TraceHeader();
+    TracePacket();
+
+    /* ip header */
+    if (length < IP_HDR_SZ) {
+        SetError(PACKET_HDR_SHORT_STR, error, NULL, 0);
+        return -1;
+    }
+    if (CheckIpHdr((IpHdr*)packet, ipInfo, length, error) != 0)
+        return -1;
+   
+    /* tcp header */ 
+    if (length < (ipInfo->length + TCP_HDR_SZ)) {
+        SetError(PACKET_HDR_SHORT_STR, error, NULL, 0);
+        return -1;
+    }
+    if (CheckTcpHdr((TcpHdr*)(packet + ipInfo->length), tcpInfo, error) != 0)
+        return -1;
+   
+    /* setup */ 
+    *sslFrame = packet + ipInfo->length + tcpInfo->length;
+    if (*sslFrame > packet + length) {
+        SetError(PACKET_HDR_SHORT_STR, error, NULL, 0);
+        return -1;
+    }
+    *sslBytes = (int)(packet + length - *sslFrame);
+    
+    return 0;
+}
+
+
+/* Create or Find existing session */
+/* returns 0 on success (continue), -1 on error, 1 on success (end) */
+static int CheckSession(IpInfo* ipInfo, TcpInfo* tcpInfo, int sslBytes,
+                        SnifferSession** session, char* error)
+{
+    /* create a new SnifferSession on client SYN */
+    if (tcpInfo->syn && !tcpInfo->ack) {
+        TraceClientSyn(tcpInfo->sequence);
+        *session = CreateSession(ipInfo, tcpInfo, error);
+        if (*session == NULL) {
+            *session = GetSnifferSession(ipInfo, tcpInfo);
+            /* already had exisiting, so OK */
+            if (*session)
+                return 1;
+            
+            SetError(MEMORY_STR, error, NULL, 0);
+            return -1;
+        }
+        return 1;
+    }
+    /* get existing sniffer session */
+    else {
+        *session = GetSnifferSession(ipInfo, tcpInfo);
+        if (*session == NULL) {
+            /* don't worry about extraneous RST or duplicate FINs */
+            if (tcpInfo->fin || tcpInfo->rst)
+                return 1;
+            /* don't worry about duplicate ACKs either */
+            if (sslBytes == 0 && tcpInfo->ack)
+                return 1;
+            
+            SetError(BAD_SESSION_STR, error, NULL, 0);
+            return -1;
+        }        
+    }
+    return 0;
+}
+
+
+/* Create a Packet Buffer from *begin - end, adjust new *begin and bytesLeft */
+static PacketBuffer* CreateBuffer(word32* begin, word32 end, const byte* data,
+                                  int* bytesLeft)
+{
+    PacketBuffer* pb;
+    
+    int added = end - *begin + 1;
+    assert(*begin <= end);
+    
+    pb = (PacketBuffer*)malloc(sizeof(PacketBuffer));
+    if (pb == NULL) return NULL;
+    
+    pb->next  = 0;
+    pb->begin = *begin;
+    pb->end   = end;
+    pb->data = (byte*)malloc(added);
+    
+    if (pb->data == NULL) {
+        free(pb);
+        return NULL;
+    }
+    XMEMCPY(pb->data, data, added);
+    
+    *bytesLeft -= added;
+    *begin      = pb->end + 1;
+    
+    return pb;
+}
+
+
+/* Add sslFrame to Reassembly List */
+/* returns 1 (end) on success, -1, on error */
+static int AddToReassembly(byte from, word32 seq, const byte* sslFrame,
+                           int sslBytes, SnifferSession* session, char* error)
+{
+    PacketBuffer*  add;
+    PacketBuffer** front = (from == WOLFSSL_SERVER_END) ?
+                       &session->cliReassemblyList: &session->srvReassemblyList;
+    PacketBuffer*  curr = *front;
+    PacketBuffer*  prev = curr;
+    
+    word32  startSeq = seq;
+    word32  added;
+    int     bytesLeft = sslBytes;  /* could be overlapping fragment */
+
+    /* if list is empty add full frame to front */
+    if (!curr) {
+        add = CreateBuffer(&seq, seq + sslBytes - 1, sslFrame, &bytesLeft);
+        if (add == NULL) {
+            SetError(MEMORY_STR, error, session, FATAL_ERROR_STATE);
+            return -1;
+        }
+        *front = add;
+        return 1;
+    }
+    
+    /* add to front if before current front, up to next->begin */
+    if (seq < curr->begin) {
+        word32 end = seq + sslBytes - 1;
+        
+        if (end >= curr->begin)
+            end = curr->begin - 1;
+        
+        add = CreateBuffer(&seq, end, sslFrame, &bytesLeft);
+        if (add == NULL) {
+            SetError(MEMORY_STR, error, session, FATAL_ERROR_STATE);
+            return -1;
+        }
+        add->next = curr;
+        *front = add;
+    }
+    
+    /* while we have bytes left, try to find a gap to fill */
+    while (bytesLeft > 0) {
+        /* get previous packet in list */
+        while (curr && (seq >= curr->begin)) {
+            prev = curr;
+            curr = curr->next;
+        }
+        
+        /* don't add  duplicate data */
+        if (prev->end >= seq) {
+            if ( (seq + bytesLeft - 1) <= prev->end)
+                return 1;
+            seq = prev->end + 1;
+            bytesLeft = startSeq + sslBytes - seq;
+        }
+        
+        if (!curr)
+            /* we're at the end */
+            added = bytesLeft;
+        else 
+            /* we're in between two frames */
+            added = min((word32)bytesLeft, curr->begin - seq);
+        
+        /* data already there */
+        if (added == 0)
+            continue;
+        
+        add = CreateBuffer(&seq, seq + added - 1, &sslFrame[seq - startSeq],
+                           &bytesLeft);
+        if (add == NULL) {
+            SetError(MEMORY_STR, error, session, FATAL_ERROR_STATE);
+            return -1;
+        }
+        add->next  = prev->next;
+        prev->next = add;
+    }
+    return 1;
+}
+
+
+/* Add out of order FIN capture */
+/* returns 1 for success (end) */
+static int AddFinCapture(SnifferSession* session, word32 sequence)
+{
+    if (session->flags.side == WOLFSSL_SERVER_END) {
+        if (session->finCaputre.cliCounted == 0)
+            session->finCaputre.cliFinSeq = sequence;
+    }
+    else {
+        if (session->finCaputre.srvCounted == 0)
+            session->finCaputre.srvFinSeq = sequence;
+    }
+    return 1;
+}
+
+
+/* Adjust incoming sequence based on side */
+/* returns 0 on success (continue), -1 on error, 1 on success (end) */
+static int AdjustSequence(TcpInfo* tcpInfo, SnifferSession* session,
+                          int* sslBytes, const byte** sslFrame, char* error)
+{
+    word32  seqStart = (session->flags.side == WOLFSSL_SERVER_END) ? 
+                                     session->cliSeqStart :session->srvSeqStart;
+    word32  real     = tcpInfo->sequence - seqStart;
+    word32* expected = (session->flags.side == WOLFSSL_SERVER_END) ?
+                                  &session->cliExpected : &session->srvExpected;
+    PacketBuffer* reassemblyList = (session->flags.side == WOLFSSL_SERVER_END) ?
+                        session->cliReassemblyList : session->srvReassemblyList;
+    
+    /* handle rollover of sequence */
+    if (tcpInfo->sequence < seqStart)
+        real = 0xffffffffU - seqStart + tcpInfo->sequence;
+        
+    TraceRelativeSequence(*expected, real);
+    
+    if (real < *expected) {
+        Trace(DUPLICATE_STR);
+        if (real + *sslBytes > *expected) {
+            int overlap = *expected - real;
+            Trace(OVERLAP_DUPLICATE_STR);
+                
+            /* adjust to expected, remove duplicate */
+            *sslFrame += overlap;
+            *sslBytes -= overlap;
+                
+            if (reassemblyList) {
+                word32 newEnd = *expected + *sslBytes;
+                    
+                if (newEnd > reassemblyList->begin) {
+                    Trace(OVERLAP_REASSEMBLY_BEGIN_STR);
+                    
+                    /* remove bytes already on reassembly list */
+                    *sslBytes -= newEnd - reassemblyList->begin;
+                }
+                if (newEnd > reassemblyList->end) {
+                    Trace(OVERLAP_REASSEMBLY_END_STR);
+                    
+                    /* may be past reassembly list end (could have more on list)
+                       so try to add what's past the front->end */
+                    AddToReassembly(session->flags.side, reassemblyList->end +1,
+                                *sslFrame + reassemblyList->end - *expected + 1,
+                                 newEnd - reassemblyList->end, session, error);
+                }
+            }
+        }
+        else
+            return 1;
+    }
+    else if (real > *expected) {
+        Trace(OUT_OF_ORDER_STR);
+        if (*sslBytes > 0)
+            return AddToReassembly(session->flags.side, real, *sslFrame,
+                                   *sslBytes, session, error);
+        else if (tcpInfo->fin)
+            return AddFinCapture(session, real);
+    }
+    /* got expected sequence */
+    *expected += *sslBytes;
+    if (tcpInfo->fin)
+        *expected += 1;
+    
+    return 0;
+}
+
+
+/* Check latest ack number for missing packets
+   return 0 ok, <0 on error */
+static int CheckAck(TcpInfo* tcpInfo, SnifferSession* session)
+{
+    if (tcpInfo->ack) {
+        word32  seqStart = (session->flags.side == WOLFSSL_SERVER_END) ? 
+                                     session->srvSeqStart :session->cliSeqStart;
+        word32  real     = tcpInfo->ackNumber - seqStart;
+        word32  expected = (session->flags.side == WOLFSSL_SERVER_END) ?
+                                  session->srvExpected : session->cliExpected;
+    
+        /* handle rollover of sequence */
+        if (tcpInfo->ackNumber < seqStart)
+            real = 0xffffffffU - seqStart + tcpInfo->ackNumber;
+        
+        TraceAck(real, expected);
+
+        if (real > expected)
+            return -1;  /* we missed a packet, ACKing data we never saw */
+    }
+    return 0;
+}
+
+
+/* Check TCP Sequence status */
+/* returns 0 on success (continue), -1 on error, 1 on success (end) */
+static int CheckSequence(IpInfo* ipInfo, TcpInfo* tcpInfo,
+                         SnifferSession* session, int* sslBytes,
+                         const byte** sslFrame, char* error)
+{
+    int actualLen;
+    
+    /* init SEQ from server to client */
+    if (tcpInfo->syn && tcpInfo->ack) {
+        session->srvSeqStart = tcpInfo->sequence;
+        session->srvExpected = 1;
+        TraceServerSyn(tcpInfo->sequence);
+        return 1;
+    }
+    
+    /* adjust potential ethernet trailer */
+    actualLen = ipInfo->total - ipInfo->length - tcpInfo->length;
+    if (*sslBytes > actualLen) {
+        *sslBytes = actualLen;
+    }
+    
+    TraceSequence(tcpInfo->sequence, *sslBytes);
+    if (CheckAck(tcpInfo, session) < 0) {
+        SetError(ACK_MISSED_STR, error, session, FATAL_ERROR_STATE);
+        return -1;
+    }
+    
+    return AdjustSequence(tcpInfo, session, sslBytes, sslFrame, error);    
+}
+
+
+/* Check Status before record processing */
+/* returns 0 on success (continue), -1 on error, 1 on success (end) */
+static int CheckPreRecord(IpInfo* ipInfo, TcpInfo* tcpInfo,
+                          const byte** sslFrame, SnifferSession** session,
+                          int* sslBytes, const byte** end, char* error)
+{
+    word32 length;
+    SSL*  ssl = ((*session)->flags.side == WOLFSSL_SERVER_END) ?
+                                  (*session)->sslServer : (*session)->sslClient;
+    /* remove SnifferSession on 2nd FIN or RST */
+    if (tcpInfo->fin || tcpInfo->rst) {
+        /* flag FIN and RST */
+        if (tcpInfo->fin)
+            (*session)->flags.finCount += 1;
+        else if (tcpInfo->rst)
+            (*session)->flags.finCount += 2;
+        
+        if ((*session)->flags.finCount >= 2) {
+            RemoveSession(*session, ipInfo, tcpInfo, 0);
+            *session = NULL;
+            return 1;
+        }
+    }
+    
+    if ((*session)->flags.fatalError == FATAL_ERROR_STATE) {
+        SetError(FATAL_ERROR_STR, error, NULL, 0);
+        return -1;
+    }
+    
+    if (*sslBytes == 0) {
+        Trace(NO_DATA_STR);
+        return 1;
+    }
+    
+    /* if current partial data, add to end of partial */
+    if ( (length = ssl->buffers.inputBuffer.length) ) {
+        Trace(PARTIAL_ADD_STR);
+        
+        if ( (*sslBytes + length) > ssl->buffers.inputBuffer.bufferSize) {
+            if (GrowInputBuffer(ssl, *sslBytes, length) < 0) {
+                SetError(MEMORY_STR, error, *session, FATAL_ERROR_STATE);
+                return -1;
+            }
+        }
+        XMEMCPY(&ssl->buffers.inputBuffer.buffer[length], *sslFrame, *sslBytes);
+        *sslBytes += length;
+        ssl->buffers.inputBuffer.length = *sslBytes;
+        *sslFrame = ssl->buffers.inputBuffer.buffer;
+        *end = *sslFrame + *sslBytes;
+    }
+
+    if ((*session)->flags.clientHello == 0 && **sslFrame != handshake) {
+        /* Sanity check the packet for an old style client hello. */
+        int rhSize = (((*sslFrame)[0] & 0x7f) << 8) | ((*sslFrame)[1]);
+
+        if ((rhSize <= (*sslBytes - 2)) &&
+            (*sslFrame)[2] == OLD_HELLO_ID && (*sslFrame)[3] == SSLv3_MAJOR) {
+#ifdef OLD_HELLO_ALLOWED
+        int ret = DoOldHello(*session, *sslFrame, &rhSize, sslBytes, error);
+        if (ret < 0)
+            return -1;  /* error already set */
+        if (*sslBytes <= 0)
+            return 1;
+#endif
+        }
+        else {
+#ifdef STARTTLS_ALLOWED
+            return 1;
+#endif
+        }
+    }
+
+    return 0;
+}
+
+
+/* See if input on the reassembly list is ready for consuming */
+/* returns 1 for TRUE, 0 for FALSE */
+static int HaveMoreInput(SnifferSession* session, const byte** sslFrame,
+                         int* sslBytes, const byte** end, char* error)
+{
+    /* sequence and reassembly based on from, not to */
+    int            moreInput = 0;
+    PacketBuffer** front = (session->flags.side == WOLFSSL_SERVER_END) ?
+                      &session->cliReassemblyList : &session->srvReassemblyList;
+    word32*        expected = (session->flags.side == WOLFSSL_SERVER_END) ?
+                                  &session->cliExpected : &session->srvExpected;
+    /* buffer is on receiving end */
+    word32*        length = (session->flags.side == WOLFSSL_SERVER_END) ?
+                               &session->sslServer->buffers.inputBuffer.length :
+                               &session->sslClient->buffers.inputBuffer.length;
+    byte*          myBuffer = (session->flags.side == WOLFSSL_SERVER_END) ?
+                                session->sslServer->buffers.inputBuffer.buffer :
+                                session->sslClient->buffers.inputBuffer.buffer;
+    word32       bufferSize = (session->flags.side == WOLFSSL_SERVER_END) ?
+                            session->sslServer->buffers.inputBuffer.bufferSize :
+                            session->sslClient->buffers.inputBuffer.bufferSize;
+    SSL*               ssl  = (session->flags.side == WOLFSSL_SERVER_END) ?
+                            session->sslServer : session->sslClient;
+    
+    while (*front && ((*front)->begin == *expected) ) {
+        word32 room = bufferSize - *length;
+        word32 packetLen = (*front)->end - (*front)->begin + 1;
+
+        if (packetLen > room && bufferSize < MAX_INPUT_SZ) {
+            if (GrowInputBuffer(ssl, packetLen, *length) < 0) {
+                SetError(MEMORY_STR, error, session, FATAL_ERROR_STATE);
+                return 0;
+            }
+        }
+        
+        if (packetLen <= room) {
+            PacketBuffer* del = *front;
+            
+            XMEMCPY(&myBuffer[*length], (*front)->data, packetLen);
+            *length   += packetLen;
+            *expected += packetLen;
+            
+            /* remove used packet */
+            *front = (*front)->next;
+            FreePacketBuffer(del);
+            
+            moreInput = 1;
+        }
+        else
+            break;
+    }
+    if (moreInput) {
+        *sslFrame = myBuffer;
+        *sslBytes = *length;
+        *end      = myBuffer + *length;
+    }
+    return moreInput;
+}
+                         
+
+
+/* Process Message(s) from sslFrame */
+/* return Number of bytes on success, 0 for no data yet, and -1 on error */
+static int ProcessMessage(const byte* sslFrame, SnifferSession* session,
+                          int sslBytes, byte* data, const byte* end,char* error)
+{
+    const byte*       sslBegin = sslFrame;
+    const byte*       recordEnd;   /* end of record indicator */
+    const byte*       inRecordEnd; /* indictor from input stream not decrypt */
+    RecordLayerHeader rh;
+    int               rhSize = 0;
+    int               ret;
+    int               errCode = 0;
+    int               decoded = 0;      /* bytes stored for user in data */
+    int               notEnough;        /* notEnough bytes yet flag */
+    int               decrypted = 0;    /* was current msg decrypted */
+    SSL*              ssl = (session->flags.side == WOLFSSL_SERVER_END) ?
+                                        session->sslServer : session->sslClient;
+doMessage:
+    notEnough = 0;
+    if (sslBytes < 0) {
+        SetError(PACKET_HDR_SHORT_STR, error, session, FATAL_ERROR_STATE);
+        return -1;
+    }
+    if (sslBytes >= RECORD_HEADER_SZ) {
+        if (GetRecordHeader(sslFrame, &rh, &rhSize) != 0) {
+            SetError(BAD_RECORD_HDR_STR, error, session, FATAL_ERROR_STATE);
+            return -1;
+        }
+    }
+    else
+        notEnough = 1;
+
+    if (notEnough || rhSize > (sslBytes - RECORD_HEADER_SZ)) {
+        /* don't have enough input yet to process full SSL record */
+        Trace(PARTIAL_INPUT_STR);
+        
+        /* store partial if not there already or we advanced */
+        if (ssl->buffers.inputBuffer.length == 0 || sslBegin != sslFrame) {
+            if (sslBytes > (int)ssl->buffers.inputBuffer.bufferSize) {
+                if (GrowInputBuffer(ssl, sslBytes, 0) < 0) { 
+                    SetError(MEMORY_STR, error, session, FATAL_ERROR_STATE);
+                    return -1;
+                }
+            }
+            XMEMMOVE(ssl->buffers.inputBuffer.buffer, sslFrame, sslBytes);
+            ssl->buffers.inputBuffer.length = sslBytes;
+        }
+        if (HaveMoreInput(session, &sslFrame, &sslBytes, &end, error))
+            goto doMessage;
+        return decoded;
+    }
+    sslFrame += RECORD_HEADER_SZ;
+    sslBytes -= RECORD_HEADER_SZ;
+    recordEnd = sslFrame + rhSize;   /* may have more than one record */
+    inRecordEnd = recordEnd;
+    
+    /* decrypt if needed */
+    if ((session->flags.side == WOLFSSL_SERVER_END &&
+                                               session->flags.serverCipherOn)
+     || (session->flags.side == WOLFSSL_CLIENT_END &&
+                                               session->flags.clientCipherOn)) {
+        int ivAdvance = 0;  /* TLSv1.1 advance amount */
+        if (ssl->decrypt.setup != 1) {
+            SetError(DECRYPT_KEYS_NOT_SETUP, error, session, FATAL_ERROR_STATE);
+            return -1;
+        }
+        if (CheckAvailableSize(ssl, rhSize) < 0) {
+            SetError(MEMORY_STR, error, session, FATAL_ERROR_STATE);
+            return -1;
+        }
+        sslFrame = DecryptMessage(ssl, sslFrame, rhSize,
+                                  ssl->buffers.outputBuffer.buffer, &errCode,
+                                  &ivAdvance);
+        recordEnd = sslFrame - ivAdvance + rhSize;  /* sslFrame moved so
+                                                       should recordEnd */
+        decrypted = 1;
+        if (errCode != 0) {
+            SetError(BAD_DECRYPT, error, session, FATAL_ERROR_STATE);
+            return -1;
+        }
+    }
+
+doPart:
+            
+    switch ((enum ContentType)rh.type) {
+        case handshake:
+            {
+                int startIdx = sslBytes;
+                int used;
+
+                Trace(GOT_HANDSHAKE_STR);
+                ret = DoHandShake(sslFrame, &sslBytes, session, error);
+                if (ret != 0) {
+                    if (session->flags.fatalError == 0)
+                        SetError(BAD_HANDSHAKE_STR, error, session,
+                                 FATAL_ERROR_STATE);
+                    return -1;
+                }
+
+                /* DoHandShake now fully decrements sslBytes to remaining */
+                used = startIdx - sslBytes;
+                sslFrame += used;
+                if (decrypted)
+                    sslFrame += ssl->keys.padSz;
+            }
+            break;
+        case change_cipher_spec:
+            if (session->flags.side == WOLFSSL_SERVER_END)
+                session->flags.serverCipherOn = 1;
+            else
+                session->flags.clientCipherOn = 1;
+            Trace(GOT_CHANGE_CIPHER_STR);
+            ssl->options.handShakeState = HANDSHAKE_DONE;
+            ssl->options.handShakeDone  = 1;
+
+            sslFrame += 1;
+            sslBytes -= 1;
+
+            break;
+        case application_data:
+            Trace(GOT_APP_DATA_STR);
+            {
+                word32 inOutIdx = 0;
+                    
+                ret = DoApplicationData(ssl, (byte*)sslFrame, &inOutIdx);
+                if (ret == 0) {
+                    ret = ssl->buffers.clearOutputBuffer.length;
+                    TraceGotData(ret);
+                    if (ret) {  /* may be blank message */
+                        XMEMCPY(&data[decoded],
+                               ssl->buffers.clearOutputBuffer.buffer, ret);
+                        TraceAddedData(ret, decoded);
+                        decoded += ret;
+                        ssl->buffers.clearOutputBuffer.length = 0;
+                    }
+                }
+                else {
+                    SetError(BAD_APP_DATA_STR, error,session,FATAL_ERROR_STATE);
+                    return -1;
+                }
+                if (ssl->buffers.outputBuffer.dynamicFlag)
+                    ShrinkOutputBuffer(ssl);
+
+                sslFrame += inOutIdx;
+                sslBytes -= inOutIdx;
+            }
+            break;
+        case alert:
+            Trace(GOT_ALERT_STR);
+            sslFrame += rhSize;
+            sslBytes -= rhSize;
+            break;
+        case no_type:
+        default:
+            SetError(GOT_UNKNOWN_RECORD_STR, error, session, FATAL_ERROR_STATE);
+            return -1;
+    }
+
+    /* do we have another msg in record ? */
+    if (sslFrame < recordEnd) {
+        Trace(ANOTHER_MSG_STR);
+        goto doPart;
+    }
+
+    /* back to input stream instead of potential decrypt buffer */
+    recordEnd = inRecordEnd;
+
+    /* do we have more records ? */
+    if (recordEnd < end) {
+        Trace(ANOTHER_MSG_STR);
+        sslFrame = recordEnd;
+        sslBytes = (int)(end - recordEnd);
+        goto doMessage;
+    }
+    
+    /* clear used input */
+    ssl->buffers.inputBuffer.length = 0;
+    
+    /* could have more input ready now */
+    if (HaveMoreInput(session, &sslFrame, &sslBytes, &end, error))
+        goto doMessage;
+
+    if (ssl->buffers.inputBuffer.dynamicFlag)
+        ShrinkInputBuffer(ssl, NO_FORCED_FREE);
+    
+    return decoded;
+}
+
+
+/* See if we need to process any pending FIN captures */
+static void CheckFinCapture(IpInfo* ipInfo, TcpInfo* tcpInfo, 
+                            SnifferSession* session)
+{
+    if (session->finCaputre.cliFinSeq && session->finCaputre.cliFinSeq <= 
+                                         session->cliExpected) {
+        if (session->finCaputre.cliCounted == 0) {
+            session->flags.finCount += 1;
+            session->finCaputre.cliCounted = 1;
+            TraceClientFin(session->finCaputre.cliFinSeq, session->cliExpected);
+        }
+    }
+        
+    if (session->finCaputre.srvFinSeq && session->finCaputre.srvFinSeq <= 
+                                         session->srvExpected) {
+        if (session->finCaputre.srvCounted == 0) {
+            session->flags.finCount += 1;
+            session->finCaputre.srvCounted = 1;
+            TraceServerFin(session->finCaputre.srvFinSeq, session->srvExpected);
+        }
+    }
+                
+    if (session->flags.finCount >= 2) 
+        RemoveSession(session, ipInfo, tcpInfo, 0);
+}
+
+
+/* If session is in fatal error state free resources now 
+   return true if removed, 0 otherwise */
+static int RemoveFatalSession(IpInfo* ipInfo, TcpInfo* tcpInfo,
+                              SnifferSession* session, char* error)
+{
+    if (session && session->flags.fatalError == FATAL_ERROR_STATE) {
+        RemoveSession(session, ipInfo, tcpInfo, 0);
+        SetError(FATAL_ERROR_STR, error, NULL, 0);
+        return 1;
+    }
+    return 0;
+}
+
+
+/* Passes in an IP/TCP packet for decoding (ethernet/localhost frame) removed */
+/* returns Number of bytes on success, 0 for no data yet, and -1 on error */
+int ssl_DecodePacket(const byte* packet, int length, byte* data, char* error)
+{
+    TcpInfo           tcpInfo;
+    IpInfo            ipInfo;
+    const byte*       sslFrame;
+    const byte*       end = packet + length;
+    int               sslBytes;                /* ssl bytes unconsumed */
+    int               ret;
+    SnifferSession*   session = 0;
+
+    if (CheckHeaders(&ipInfo, &tcpInfo, packet, length, &sslFrame, &sslBytes,
+                     error) != 0)
+        return -1;
+    
+    ret = CheckSession(&ipInfo, &tcpInfo, sslBytes, &session, error);
+    if (RemoveFatalSession(&ipInfo, &tcpInfo, session, error)) return -1;
+    else if (ret == -1) return -1;
+    else if (ret ==  1) return  0;   /* done for now */
+    
+    ret = CheckSequence(&ipInfo, &tcpInfo, session, &sslBytes, &sslFrame,error);
+    if (RemoveFatalSession(&ipInfo, &tcpInfo, session, error)) return -1;
+    else if (ret == -1) return -1;
+    else if (ret ==  1) return  0;   /* done for now */
+    
+    ret = CheckPreRecord(&ipInfo, &tcpInfo, &sslFrame, &session, &sslBytes,
+                         &end, error);
+    if (RemoveFatalSession(&ipInfo, &tcpInfo, session, error)) return -1;
+    else if (ret == -1) return -1;
+    else if (ret ==  1) return  0;   /* done for now */
+
+    ret = ProcessMessage(sslFrame, session, sslBytes, data, end, error);
+    if (RemoveFatalSession(&ipInfo, &tcpInfo, session, error)) return -1;
+    CheckFinCapture(&ipInfo, &tcpInfo, session);
+    return ret;
+}
+
+
+/* Enables (if traceFile)/ Disables debug tracing */
+/* returns 0 on success, -1 on error */
+int ssl_Trace(const char* traceFile, char* error)
+{
+    if (traceFile) {
+        TraceFile = fopen(traceFile, "a");
+        if (!TraceFile) {
+            SetError(BAD_TRACE_FILE_STR, error, NULL, 0);
+            return -1;
+        }
+        TraceOn = 1;
+    }
+    else 
+        TraceOn = 0;
+
+    return 0;
+}
+
+
+
+
+#endif /* WOLFSSL_SNIFFER */
diff --git a/3P/wolfssl/src/ssl.c b/3P/wolfssl/src/ssl.c
new file mode 100644
index 00000000..5ef43fc8
--- /dev/null
+++ b/3P/wolfssl/src/ssl.c
@@ -0,0 +1,12419 @@
+/* ssl.c
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+#ifdef HAVE_CONFIG_H
+    #include 
+#endif
+
+#include 
+
+#ifdef HAVE_ERRNO_H
+    #include 
+#endif
+
+#include 
+#include 
+#include 
+
+#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER)
+    #include 
+#endif
+
+#ifdef OPENSSL_EXTRA
+    /* openssl headers begin */
+    #include 
+    #include 
+    #include 
+    #include 
+    #include 
+    #include 
+    #include 
+    /* openssl headers end, wolfssl internal headers next */
+    #include 
+    #include 
+    #include 
+    #include 
+    #include 
+    #include 
+    #ifdef WOLFSSL_SHA512
+        #include 
+    #endif
+#endif
+
+#ifndef NO_FILESYSTEM
+    #if !defined(USE_WINDOWS_API) && !defined(NO_WOLFSSL_DIR) \
+            && !defined(EBSNET)
+        #include 
+        #include 
+    #endif
+    #ifdef EBSNET
+        #include "vfapi.h"
+        #include "vfile.h"
+    #endif
+#endif /* NO_FILESYSTEM */
+
+#ifndef TRUE
+    #define TRUE  1
+#endif
+#ifndef FALSE
+    #define FALSE 0
+#endif
+
+#ifndef min
+
+    static INLINE word32 min(word32 a, word32 b)
+    {
+        return a > b ? b : a;
+    }
+
+#endif /* min */
+
+#ifndef max
+#ifdef WOLFSSL_DTLS
+    static INLINE word32 max(word32 a, word32 b)
+    {
+        return a > b ? a : b;
+    }
+#endif
+#endif /* min */
+
+
+#ifndef WOLFSSL_LEANPSK
+char* mystrnstr(const char* s1, const char* s2, unsigned int n)
+{
+    unsigned int s2_len = (unsigned int)XSTRLEN(s2);
+
+    if (s2_len == 0)
+        return (char*)s1;
+
+    while (n >= s2_len && s1[0]) {
+        if (s1[0] == s2[0])
+            if (XMEMCMP(s1, s2, s2_len) == 0)
+                return (char*)s1;
+        s1++;
+        n--;
+    }
+
+    return NULL;
+}
+#endif
+
+
+/* prevent multiple mutex initializations */
+static volatile int initRefCount = 0;
+static wolfSSL_Mutex count_mutex;   /* init ref count mutex */
+
+
+WOLFSSL_CTX* wolfSSL_CTX_new(WOLFSSL_METHOD* method)
+{
+    WOLFSSL_CTX* ctx = NULL;
+
+    WOLFSSL_ENTER("WOLFSSL_CTX_new");
+
+    if (initRefCount == 0)
+        wolfSSL_Init(); /* user no longer forced to call Init themselves */
+
+    if (method == NULL)
+        return ctx;
+
+    ctx = (WOLFSSL_CTX*) XMALLOC(sizeof(WOLFSSL_CTX), 0, DYNAMIC_TYPE_CTX);
+    if (ctx) {
+        if (InitSSL_Ctx(ctx, method) < 0) {
+            WOLFSSL_MSG("Init CTX failed");
+            wolfSSL_CTX_free(ctx);
+            ctx = NULL;
+        }
+    }
+    else {
+        WOLFSSL_MSG("Alloc CTX failed, method freed");
+        XFREE(method, NULL, DYNAMIC_TYPE_METHOD);
+    }
+
+    WOLFSSL_LEAVE("WOLFSSL_CTX_new", 0);
+    return ctx;
+}
+
+
+void wolfSSL_CTX_free(WOLFSSL_CTX* ctx)
+{
+    WOLFSSL_ENTER("SSL_CTX_free");
+    if (ctx)
+        FreeSSL_Ctx(ctx);
+    WOLFSSL_LEAVE("SSL_CTX_free", 0);
+}
+
+
+WOLFSSL* wolfSSL_new(WOLFSSL_CTX* ctx)
+{
+    WOLFSSL* ssl = NULL;
+    int ret = 0;
+
+    (void)ret;
+    WOLFSSL_ENTER("SSL_new");
+
+    if (ctx == NULL)
+        return ssl;
+
+    ssl = (WOLFSSL*) XMALLOC(sizeof(WOLFSSL), ctx->heap,DYNAMIC_TYPE_SSL);
+    if (ssl)
+        if ( (ret = InitSSL(ssl, ctx)) < 0) {
+            FreeSSL(ssl);
+            ssl = 0;
+        }
+
+    WOLFSSL_LEAVE("SSL_new", ret);
+    return ssl;
+}
+
+
+void wolfSSL_free(WOLFSSL* ssl)
+{
+    WOLFSSL_ENTER("SSL_free");
+    if (ssl)
+        FreeSSL(ssl);
+    WOLFSSL_LEAVE("SSL_free", 0);
+}
+
+#ifdef HAVE_POLY1305
+/* set if to use old poly 1 for yes 0 to use new poly */
+int wolfSSL_use_old_poly(WOLFSSL* ssl, int value)
+{
+    WOLFSSL_ENTER("SSL_use_old_poly");
+    ssl->options.oldPoly = value;
+    WOLFSSL_LEAVE("SSL_use_old_poly", 0);
+    return 0;
+}
+#endif
+
+int wolfSSL_set_fd(WOLFSSL* ssl, int fd)
+{
+    WOLFSSL_ENTER("SSL_set_fd");
+    ssl->rfd = fd;      /* not used directly to allow IO callbacks */
+    ssl->wfd = fd;
+
+    ssl->IOCB_ReadCtx  = &ssl->rfd;
+    ssl->IOCB_WriteCtx = &ssl->wfd;
+
+    #ifdef WOLFSSL_DTLS
+        if (ssl->options.dtls) {
+            ssl->IOCB_ReadCtx = &ssl->buffers.dtlsCtx;
+            ssl->IOCB_WriteCtx = &ssl->buffers.dtlsCtx;
+            ssl->buffers.dtlsCtx.fd = fd;
+        }
+    #endif
+
+    WOLFSSL_LEAVE("SSL_set_fd", SSL_SUCCESS);
+    return SSL_SUCCESS;
+}
+
+
+int wolfSSL_get_ciphers(char* buf, int len)
+{
+    const char* const* ciphers = GetCipherNames();
+    int  totalInc = 0;
+    int  step     = 0;
+    char delim    = ':';
+    int  size     = GetCipherNamesSize();
+    int  i;
+
+    if (buf == NULL || len <= 0)
+        return BAD_FUNC_ARG;
+
+    /* Add each member to the buffer delimitted by a : */
+    for (i = 0; i < size; i++) {
+        step = (int)(XSTRLEN(ciphers[i]) + 1);  /* delimiter */
+        totalInc += step;
+
+        /* Check to make sure buf is large enough and will not overflow */
+        if (totalInc < len) {
+            XSTRNCPY(buf, ciphers[i], XSTRLEN(ciphers[i]));
+            buf += XSTRLEN(ciphers[i]);
+
+            if (i < size - 1)
+                *buf++ = delim;
+        }
+        else
+            return BUFFER_E;
+    }
+    return SSL_SUCCESS;
+}
+
+
+int wolfSSL_get_fd(const WOLFSSL* ssl)
+{
+    WOLFSSL_ENTER("SSL_get_fd");
+    WOLFSSL_LEAVE("SSL_get_fd", ssl->rfd);
+    return ssl->rfd;
+}
+
+
+int wolfSSL_get_using_nonblock(WOLFSSL* ssl)
+{
+    WOLFSSL_ENTER("wolfSSL_get_using_nonblock");
+    WOLFSSL_LEAVE("wolfSSL_get_using_nonblock", ssl->options.usingNonblock);
+    return ssl->options.usingNonblock;
+}
+
+
+int wolfSSL_dtls(WOLFSSL* ssl)
+{
+    return ssl->options.dtls;
+}
+
+
+#ifndef WOLFSSL_LEANPSK
+void wolfSSL_set_using_nonblock(WOLFSSL* ssl, int nonblock)
+{
+    WOLFSSL_ENTER("wolfSSL_set_using_nonblock");
+    ssl->options.usingNonblock = (nonblock != 0);
+}
+
+
+int wolfSSL_dtls_set_peer(WOLFSSL* ssl, void* peer, unsigned int peerSz)
+{
+#ifdef WOLFSSL_DTLS
+    void* sa = (void*)XMALLOC(peerSz, ssl->heap, DYNAMIC_TYPE_SOCKADDR);
+    if (sa != NULL) {
+        if (ssl->buffers.dtlsCtx.peer.sa != NULL)
+            XFREE(ssl->buffers.dtlsCtx.peer.sa,ssl->heap,DYNAMIC_TYPE_SOCKADDR);
+        XMEMCPY(sa, peer, peerSz);
+        ssl->buffers.dtlsCtx.peer.sa = sa;
+        ssl->buffers.dtlsCtx.peer.sz = peerSz;
+        return SSL_SUCCESS;
+    }
+    return SSL_FAILURE;
+#else
+    (void)ssl;
+    (void)peer;
+    (void)peerSz;
+    return SSL_NOT_IMPLEMENTED;
+#endif
+}
+
+int wolfSSL_dtls_get_peer(WOLFSSL* ssl, void* peer, unsigned int* peerSz)
+{
+#ifdef WOLFSSL_DTLS
+    if (peer != NULL && peerSz != NULL
+            && *peerSz >= ssl->buffers.dtlsCtx.peer.sz) {
+        *peerSz = ssl->buffers.dtlsCtx.peer.sz;
+        XMEMCPY(peer, ssl->buffers.dtlsCtx.peer.sa, *peerSz);
+        return SSL_SUCCESS;
+    }
+    return SSL_FAILURE;
+#else
+    (void)ssl;
+    (void)peer;
+    (void)peerSz;
+    return SSL_NOT_IMPLEMENTED;
+#endif
+}
+#endif /* WOLFSSL_LEANPSK */
+
+
+/* return underlyig connect or accept, SSL_SUCCESS on ok */
+int wolfSSL_negotiate(WOLFSSL* ssl)
+{
+    int err = SSL_FATAL_ERROR;
+
+    WOLFSSL_ENTER("wolfSSL_negotiate");
+#ifndef NO_WOLFSSL_SERVER
+    if (ssl->options.side == WOLFSSL_SERVER_END)
+        err = wolfSSL_accept(ssl);
+#endif
+
+#ifndef NO_WOLFSSL_CLIENT
+    if (ssl->options.side == WOLFSSL_CLIENT_END)
+        err = wolfSSL_connect(ssl);
+#endif
+
+    WOLFSSL_LEAVE("wolfSSL_negotiate", err);
+
+    return err;
+}
+
+
+#ifndef WOLFSSL_LEANPSK
+/* object size based on build */
+int wolfSSL_GetObjectSize(void)
+{
+#ifdef SHOW_SIZES
+    printf("sizeof suites           = %lu\n", sizeof(Suites));
+    printf("sizeof ciphers(2)       = %lu\n", sizeof(Ciphers));
+#ifndef NO_RC4
+    printf("    sizeof arc4         = %lu\n", sizeof(Arc4));
+#endif
+    printf("    sizeof aes          = %lu\n", sizeof(Aes));
+#ifndef NO_DES3
+    printf("    sizeof des3         = %lu\n", sizeof(Des3));
+#endif
+#ifndef NO_RABBIT
+    printf("    sizeof rabbit       = %lu\n", sizeof(Rabbit));
+#endif
+#ifdef HAVE_CHACHA
+    printf("    sizeof chacha       = %lu\n", sizeof(Chacha));
+#endif
+    printf("sizeof cipher specs     = %lu\n", sizeof(CipherSpecs));
+    printf("sizeof keys             = %lu\n", sizeof(Keys));
+    printf("sizeof Hashes(2)        = %lu\n", sizeof(Hashes));
+#ifndef NO_MD5
+    printf("    sizeof MD5          = %lu\n", sizeof(Md5));
+#endif
+#ifndef NO_SHA
+    printf("    sizeof SHA          = %lu\n", sizeof(Sha));
+#endif
+#ifndef NO_SHA256
+    printf("    sizeof SHA256       = %lu\n", sizeof(Sha256));
+#endif
+#ifdef WOLFSSL_SHA384
+    printf("    sizeof SHA384       = %lu\n", sizeof(Sha384));
+#endif
+#ifdef WOLFSSL_SHA384
+    printf("    sizeof SHA512       = %lu\n", sizeof(Sha512));
+#endif
+    printf("sizeof Buffers          = %lu\n", sizeof(Buffers));
+    printf("sizeof Options          = %lu\n", sizeof(Options));
+    printf("sizeof Arrays           = %lu\n", sizeof(Arrays));
+#ifndef NO_RSA
+    printf("sizeof RsaKey           = %lu\n", sizeof(RsaKey));
+#endif
+#ifdef HAVE_ECC
+    printf("sizeof ecc_key          = %lu\n", sizeof(ecc_key));
+#endif
+    printf("sizeof WOLFSSL_CIPHER    = %lu\n", sizeof(WOLFSSL_CIPHER));
+    printf("sizeof WOLFSSL_SESSION   = %lu\n", sizeof(WOLFSSL_SESSION));
+    printf("sizeof WOLFSSL           = %lu\n", sizeof(WOLFSSL));
+    printf("sizeof WOLFSSL_CTX       = %lu\n", sizeof(WOLFSSL_CTX));
+#endif
+
+    return sizeof(WOLFSSL);
+}
+#endif
+
+
+#ifndef NO_DH
+/* server Diffie-Hellman parameters, SSL_SUCCESS on ok */
+int wolfSSL_SetTmpDH(WOLFSSL* ssl, const unsigned char* p, int pSz,
+                    const unsigned char* g, int gSz)
+{
+    byte havePSK = 0;
+    byte haveRSA = 1;
+
+    WOLFSSL_ENTER("wolfSSL_SetTmpDH");
+    if (ssl == NULL || p == NULL || g == NULL) return BAD_FUNC_ARG;
+
+    if (ssl->options.side != WOLFSSL_SERVER_END)
+        return SIDE_ERROR;
+
+    if (ssl->buffers.serverDH_P.buffer && ssl->buffers.weOwnDH)
+        XFREE(ssl->buffers.serverDH_P.buffer, ssl->ctx->heap, DYNAMIC_TYPE_DH);
+    if (ssl->buffers.serverDH_G.buffer && ssl->buffers.weOwnDH)
+        XFREE(ssl->buffers.serverDH_G.buffer, ssl->ctx->heap, DYNAMIC_TYPE_DH);
+
+    ssl->buffers.weOwnDH = 1;  /* SSL owns now */
+    ssl->buffers.serverDH_P.buffer = (byte*)XMALLOC(pSz, ssl->ctx->heap,
+                                                    DYNAMIC_TYPE_DH);
+    if (ssl->buffers.serverDH_P.buffer == NULL)
+        return MEMORY_E;
+
+    ssl->buffers.serverDH_G.buffer = (byte*)XMALLOC(gSz, ssl->ctx->heap,
+                                                    DYNAMIC_TYPE_DH);
+    if (ssl->buffers.serverDH_G.buffer == NULL) {
+        XFREE(ssl->buffers.serverDH_P.buffer, ssl->ctx->heap, DYNAMIC_TYPE_DH);
+        return MEMORY_E;
+    }
+
+    ssl->buffers.serverDH_P.length = pSz;
+    ssl->buffers.serverDH_G.length = gSz;
+
+    XMEMCPY(ssl->buffers.serverDH_P.buffer, p, pSz);
+    XMEMCPY(ssl->buffers.serverDH_G.buffer, g, gSz);
+
+    ssl->options.haveDH = 1;
+    #ifndef NO_PSK
+        havePSK = ssl->options.havePSK;
+    #endif
+    #ifdef NO_RSA
+        haveRSA = 0;
+    #endif
+    InitSuites(ssl->suites, ssl->version, haveRSA, havePSK, ssl->options.haveDH,
+               ssl->options.haveNTRU, ssl->options.haveECDSAsig,
+               ssl->options.haveStaticECC, ssl->options.side);
+
+    WOLFSSL_LEAVE("wolfSSL_SetTmpDH", 0);
+    return SSL_SUCCESS;
+}
+#endif /* !NO_DH */
+
+
+int wolfSSL_write(WOLFSSL* ssl, const void* data, int sz)
+{
+    int ret;
+
+    WOLFSSL_ENTER("SSL_write()");
+
+    if (ssl == NULL || data == NULL || sz < 0)
+        return BAD_FUNC_ARG;
+
+#ifdef HAVE_ERRNO_H
+    errno = 0;
+#endif
+
+    ret = SendData(ssl, data, sz);
+
+    WOLFSSL_LEAVE("SSL_write()", ret);
+
+    if (ret < 0)
+        return SSL_FATAL_ERROR;
+    else
+        return ret;
+}
+
+
+static int wolfSSL_read_internal(WOLFSSL* ssl, void* data, int sz, int peek)
+{
+    int ret;
+
+    WOLFSSL_ENTER("wolfSSL_read_internal()");
+
+    if (ssl == NULL || data == NULL || sz < 0)
+        return BAD_FUNC_ARG;
+
+#ifdef HAVE_ERRNO_H
+        errno = 0;
+#endif
+#ifdef WOLFSSL_DTLS
+    if (ssl->options.dtls)
+        ssl->dtls_expected_rx = max(sz + 100, MAX_MTU);
+#endif
+
+#ifdef HAVE_MAX_FRAGMENT
+    ret = ReceiveData(ssl, (byte*)data,
+                     min(sz, min(ssl->max_fragment, OUTPUT_RECORD_SIZE)), peek);
+#else
+    ret = ReceiveData(ssl, (byte*)data, min(sz, OUTPUT_RECORD_SIZE), peek);
+#endif
+
+    WOLFSSL_LEAVE("wolfSSL_read_internal()", ret);
+
+    if (ret < 0)
+        return SSL_FATAL_ERROR;
+    else
+        return ret;
+}
+
+
+int wolfSSL_peek(WOLFSSL* ssl, void* data, int sz)
+{
+    WOLFSSL_ENTER("wolfSSL_peek()");
+
+    return wolfSSL_read_internal(ssl, data, sz, TRUE);
+}
+
+
+int wolfSSL_read(WOLFSSL* ssl, void* data, int sz)
+{
+    WOLFSSL_ENTER("wolfSSL_read()");
+
+    return wolfSSL_read_internal(ssl, data, sz, FALSE);
+}
+
+
+#ifdef HAVE_CAVIUM
+
+/* let's use cavium, SSL_SUCCESS on ok */
+int wolfSSL_UseCavium(WOLFSSL* ssl, int devId)
+{
+    if (ssl == NULL)
+        return BAD_FUNC_ARG;
+
+    ssl->devId = devId;
+
+    return SSL_SUCCESS;
+}
+
+
+/* let's use cavium, SSL_SUCCESS on ok */
+int wolfSSL_CTX_UseCavium(WOLFSSL_CTX* ctx, int devId)
+{
+    if (ctx == NULL)
+        return BAD_FUNC_ARG;
+
+    ctx->devId = devId;
+
+    return SSL_SUCCESS;
+}
+
+
+#endif /* HAVE_CAVIUM */
+
+#ifdef HAVE_SNI
+
+int wolfSSL_UseSNI(WOLFSSL* ssl, byte type, const void* data, word16 size)
+{
+    if (ssl == NULL)
+        return BAD_FUNC_ARG;
+
+    return TLSX_UseSNI(&ssl->extensions, type, data, size);
+}
+
+int wolfSSL_CTX_UseSNI(WOLFSSL_CTX* ctx, byte type, const void* data, word16 size)
+{
+    if (ctx == NULL)
+        return BAD_FUNC_ARG;
+
+    return TLSX_UseSNI(&ctx->extensions, type, data, size);
+}
+
+#ifndef NO_WOLFSSL_SERVER
+
+void wolfSSL_SNI_SetOptions(WOLFSSL* ssl, byte type, byte options)
+{
+    if (ssl && ssl->extensions)
+        TLSX_SNI_SetOptions(ssl->extensions, type, options);
+}
+
+void wolfSSL_CTX_SNI_SetOptions(WOLFSSL_CTX* ctx, byte type, byte options)
+{
+    if (ctx && ctx->extensions)
+        TLSX_SNI_SetOptions(ctx->extensions, type, options);
+}
+
+byte wolfSSL_SNI_Status(WOLFSSL* ssl, byte type)
+{
+    return TLSX_SNI_Status(ssl ? ssl->extensions : NULL, type);
+}
+
+word16 wolfSSL_SNI_GetRequest(WOLFSSL* ssl, byte type, void** data)
+{
+    if (data)
+        *data = NULL;
+
+    if (ssl && ssl->extensions)
+        return TLSX_SNI_GetRequest(ssl->extensions, type, data);
+
+    return 0;
+}
+
+int wolfSSL_SNI_GetFromBuffer(const byte* clientHello, word32 helloSz, byte type,
+                                                     byte* sni, word32* inOutSz)
+{
+    if (clientHello && helloSz > 0 && sni && inOutSz && *inOutSz > 0)
+        return TLSX_SNI_GetFromBuffer(clientHello, helloSz, type, sni, inOutSz);
+
+    return BAD_FUNC_ARG;
+}
+
+#endif /* NO_WOLFSSL_SERVER */
+
+#endif /* HAVE_SNI */
+
+
+#ifdef HAVE_MAX_FRAGMENT
+#ifndef NO_WOLFSSL_CLIENT
+int wolfSSL_UseMaxFragment(WOLFSSL* ssl, byte mfl)
+{
+    if (ssl == NULL)
+        return BAD_FUNC_ARG;
+
+    return TLSX_UseMaxFragment(&ssl->extensions, mfl);
+}
+
+int wolfSSL_CTX_UseMaxFragment(WOLFSSL_CTX* ctx, byte mfl)
+{
+    if (ctx == NULL)
+        return BAD_FUNC_ARG;
+
+    return TLSX_UseMaxFragment(&ctx->extensions, mfl);
+}
+#endif /* NO_WOLFSSL_CLIENT */
+#endif /* HAVE_MAX_FRAGMENT */
+
+#ifdef HAVE_TRUNCATED_HMAC
+#ifndef NO_WOLFSSL_CLIENT
+int wolfSSL_UseTruncatedHMAC(WOLFSSL* ssl)
+{
+    if (ssl == NULL)
+        return BAD_FUNC_ARG;
+
+    return TLSX_UseTruncatedHMAC(&ssl->extensions);
+}
+
+int wolfSSL_CTX_UseTruncatedHMAC(WOLFSSL_CTX* ctx)
+{
+    if (ctx == NULL)
+        return BAD_FUNC_ARG;
+
+    return TLSX_UseTruncatedHMAC(&ctx->extensions);
+}
+#endif /* NO_WOLFSSL_CLIENT */
+#endif /* HAVE_TRUNCATED_HMAC */
+
+/* Elliptic Curves */
+#ifdef HAVE_SUPPORTED_CURVES
+#ifndef NO_WOLFSSL_CLIENT
+
+int wolfSSL_UseSupportedCurve(WOLFSSL* ssl, word16 name)
+{
+    if (ssl == NULL)
+        return BAD_FUNC_ARG;
+
+    switch (name) {
+        case WOLFSSL_ECC_SECP160R1:
+        case WOLFSSL_ECC_SECP192R1:
+        case WOLFSSL_ECC_SECP224R1:
+        case WOLFSSL_ECC_SECP256R1:
+        case WOLFSSL_ECC_SECP384R1:
+        case WOLFSSL_ECC_SECP521R1:
+            break;
+
+        default:
+            return BAD_FUNC_ARG;
+    }
+
+    return TLSX_UseSupportedCurve(&ssl->extensions, name);
+}
+
+int wolfSSL_CTX_UseSupportedCurve(WOLFSSL_CTX* ctx, word16 name)
+{
+    if (ctx == NULL)
+        return BAD_FUNC_ARG;
+
+    switch (name) {
+        case WOLFSSL_ECC_SECP160R1:
+        case WOLFSSL_ECC_SECP192R1:
+        case WOLFSSL_ECC_SECP224R1:
+        case WOLFSSL_ECC_SECP256R1:
+        case WOLFSSL_ECC_SECP384R1:
+        case WOLFSSL_ECC_SECP521R1:
+            break;
+
+        default:
+            return BAD_FUNC_ARG;
+    }
+
+    return TLSX_UseSupportedCurve(&ctx->extensions, name);
+}
+
+#endif /* NO_WOLFSSL_CLIENT */
+#endif /* HAVE_SUPPORTED_CURVES */
+
+/* Secure Renegotiation */
+#ifdef HAVE_SECURE_RENEGOTIATION
+
+/* user is forcing ability to use secure renegotiation, we discourage it */
+int wolfSSL_UseSecureRenegotiation(WOLFSSL* ssl)
+{
+    int ret = BAD_FUNC_ARG;
+
+    if (ssl)
+        ret = TLSX_UseSecureRenegotiation(&ssl->extensions);
+
+    if (ret == SSL_SUCCESS) {
+        TLSX* extension = TLSX_Find(ssl->extensions, SECURE_RENEGOTIATION);
+        
+        if (extension)
+            ssl->secure_renegotiation = (SecureRenegotiation*)extension->data;
+    }
+
+    return ret;
+}
+
+
+/* do a secure renegotiation handshake, user forced, we discourage */
+int wolfSSL_Rehandshake(WOLFSSL* ssl)
+{
+    int ret;
+
+    if (ssl == NULL)
+        return BAD_FUNC_ARG;
+
+    if (ssl->secure_renegotiation == NULL) {
+        WOLFSSL_MSG("Secure Renegotiation not forced on by user");
+        return SECURE_RENEGOTIATION_E;
+    }
+
+    if (ssl->secure_renegotiation->enabled == 0) {
+        WOLFSSL_MSG("Secure Renegotiation not enabled at extension level");
+        return SECURE_RENEGOTIATION_E;
+    }
+
+    if (ssl->options.handShakeState != HANDSHAKE_DONE) {
+        WOLFSSL_MSG("Can't renegotiate until previous handshake complete");
+        return SECURE_RENEGOTIATION_E;
+    }
+
+#ifndef NO_FORCE_SCR_SAME_SUITE
+    /* force same suite */
+    if (ssl->suites) {
+        ssl->suites->suiteSz = SUITE_LEN;
+        ssl->suites->suites[0] = ssl->options.cipherSuite0;
+        ssl->suites->suites[1] = ssl->options.cipherSuite;
+    }
+#endif
+
+    /* reset handshake states */
+    ssl->options.serverState = NULL_STATE;
+    ssl->options.clientState = NULL_STATE;
+    ssl->options.connectState  = CONNECT_BEGIN;
+    ssl->options.acceptState   = ACCEPT_BEGIN;
+    ssl->options.handShakeState = NULL_STATE;
+    ssl->options.processReply  = 0;  /* TODO, move states in internal.h */
+
+    XMEMSET(&ssl->msgsReceived, 0, sizeof(ssl->msgsReceived));
+
+    ssl->secure_renegotiation->cache_status = SCR_CACHE_NEEDED;
+
+#ifndef NO_OLD_TLS
+#ifndef NO_MD5
+    wc_InitMd5(&ssl->hashMd5);
+#endif
+#ifndef NO_SHA
+    ret = wc_InitSha(&ssl->hashSha);
+    if (ret !=0)
+        return ret;
+#endif
+#endif /* NO_OLD_TLS */
+#ifndef NO_SHA256
+    ret = wc_InitSha256(&ssl->hashSha256);
+    if (ret !=0)
+        return ret;
+#endif
+#ifdef WOLFSSL_SHA384
+    ret = wc_InitSha384(&ssl->hashSha384);
+    if (ret !=0)
+        return ret;
+#endif
+
+    ret = wolfSSL_negotiate(ssl);
+    return ret;
+}
+
+#endif /* HAVE_SECURE_RENEGOTIATION */
+
+/* Session Ticket */
+#if !defined(NO_WOLFSSL_CLIENT) && defined(HAVE_SESSION_TICKET)
+int wolfSSL_UseSessionTicket(WOLFSSL* ssl)
+{
+    if (ssl == NULL)
+        return BAD_FUNC_ARG;
+
+    return TLSX_UseSessionTicket(&ssl->extensions, NULL);
+}
+
+int wolfSSL_CTX_UseSessionTicket(WOLFSSL_CTX* ctx)
+{
+    if (ctx == NULL)
+        return BAD_FUNC_ARG;
+
+    return TLSX_UseSessionTicket(&ctx->extensions, NULL);
+}
+
+WOLFSSL_API int wolfSSL_get_SessionTicket(WOLFSSL* ssl, byte* buf, word32* bufSz)
+{
+    if (ssl == NULL || buf == NULL || bufSz == NULL || *bufSz == 0)
+        return BAD_FUNC_ARG;
+
+    if (ssl->session.ticketLen <= *bufSz) {
+        XMEMCPY(buf, ssl->session.ticket, ssl->session.ticketLen);
+        *bufSz = ssl->session.ticketLen;
+    }
+    else
+        *bufSz = 0;
+
+    return SSL_SUCCESS;
+}
+
+WOLFSSL_API int wolfSSL_set_SessionTicket(WOLFSSL* ssl, byte* buf, word32 bufSz)
+{
+    if (ssl == NULL || (buf == NULL && bufSz > 0))
+        return BAD_FUNC_ARG;
+
+    if (bufSz > 0)
+        XMEMCPY(ssl->session.ticket, buf, bufSz);
+    ssl->session.ticketLen = bufSz;
+
+    return SSL_SUCCESS;
+}
+
+
+WOLFSSL_API int wolfSSL_set_SessionTicket_cb(WOLFSSL* ssl,
+                                            CallbackSessionTicket cb, void* ctx)
+{
+    if (ssl == NULL)
+        return BAD_FUNC_ARG;
+
+    ssl->session_ticket_cb = cb;
+    ssl->session_ticket_ctx = ctx;
+
+    return SSL_SUCCESS;
+}
+#endif
+
+#ifndef WOLFSSL_LEANPSK
+
+int wolfSSL_send(WOLFSSL* ssl, const void* data, int sz, int flags)
+{
+    int ret;
+    int oldFlags;
+
+    WOLFSSL_ENTER("wolfSSL_send()");
+
+    if (ssl == NULL || data == NULL || sz < 0)
+        return BAD_FUNC_ARG;
+
+    oldFlags = ssl->wflags;
+
+    ssl->wflags = flags;
+    ret = wolfSSL_write(ssl, data, sz);
+    ssl->wflags = oldFlags;
+
+    WOLFSSL_LEAVE("wolfSSL_send()", ret);
+
+    return ret;
+}
+
+
+int wolfSSL_recv(WOLFSSL* ssl, void* data, int sz, int flags)
+{
+    int ret;
+    int oldFlags;
+
+    WOLFSSL_ENTER("wolfSSL_recv()");
+
+    if (ssl == NULL || data == NULL || sz < 0)
+        return BAD_FUNC_ARG;
+
+    oldFlags = ssl->rflags;
+
+    ssl->rflags = flags;
+    ret = wolfSSL_read(ssl, data, sz);
+    ssl->rflags = oldFlags;
+
+    WOLFSSL_LEAVE("wolfSSL_recv()", ret);
+
+    return ret;
+}
+#endif
+
+
+/* SSL_SUCCESS on ok */
+int wolfSSL_shutdown(WOLFSSL* ssl)
+{
+    int  ret = SSL_FATAL_ERROR;
+    byte tmp;
+    WOLFSSL_ENTER("SSL_shutdown()");
+
+    if (ssl == NULL)
+        return SSL_FATAL_ERROR;
+
+    if (ssl->options.quietShutdown) {
+        WOLFSSL_MSG("quiet shutdown, no close notify sent");
+        return SSL_SUCCESS;
+    }
+
+    /* try to send close notify, not an error if can't */
+    if (!ssl->options.isClosed && !ssl->options.connReset &&
+                                  !ssl->options.sentNotify) {
+        ssl->error = SendAlert(ssl, alert_warning, close_notify);
+        if (ssl->error < 0) {
+            WOLFSSL_ERROR(ssl->error);
+            return SSL_FATAL_ERROR;
+        }
+        ssl->options.sentNotify = 1;  /* don't send close_notify twice */
+        if (ssl->options.closeNotify)
+            ret = SSL_SUCCESS;
+        else
+            ret = SSL_SHUTDOWN_NOT_DONE;
+
+        WOLFSSL_LEAVE("SSL_shutdown()", ret);
+        return ret;
+    }
+
+    /* call wolfSSL_shutdown again for bidirectional shudown */
+    if (ssl->options.sentNotify && !ssl->options.closeNotify) {
+        ret = wolfSSL_read(ssl, &tmp, 0);
+        if (ret < 0) {
+            WOLFSSL_ERROR(ssl->error);
+            ret = SSL_FATAL_ERROR;
+        } else if (ssl->options.closeNotify) {
+            ssl->error = SSL_ERROR_SYSCALL;   /* simulate OpenSSL behavior */
+            ret = SSL_SUCCESS;
+        }
+    }
+
+    WOLFSSL_LEAVE("SSL_shutdown()", ret);
+
+    return ret;
+}
+
+
+int wolfSSL_get_error(WOLFSSL* ssl, int ret)
+{
+    WOLFSSL_ENTER("SSL_get_error");
+
+    if (ret > 0)
+        return SSL_ERROR_NONE;
+    if (ssl == NULL)
+        return BAD_FUNC_ARG;
+
+    WOLFSSL_LEAVE("SSL_get_error", ssl->error);
+
+    /* make sure converted types are handled in SetErrorString() too */
+    if (ssl->error == WANT_READ)
+        return SSL_ERROR_WANT_READ;         /* convert to OpenSSL type */
+    else if (ssl->error == WANT_WRITE)
+        return SSL_ERROR_WANT_WRITE;        /* convert to OpenSSL type */
+    else if (ssl->error == ZERO_RETURN)
+        return SSL_ERROR_ZERO_RETURN;       /* convert to OpenSSL type */
+    return ssl->error;
+}
+
+
+/* retrive alert history, SSL_SUCCESS on ok */
+int wolfSSL_get_alert_history(WOLFSSL* ssl, WOLFSSL_ALERT_HISTORY *h)
+{
+    if (ssl && h) {
+        *h = ssl->alert_history;
+    }
+    return SSL_SUCCESS;
+}
+
+
+/* return TRUE if current error is want read */
+int wolfSSL_want_read(WOLFSSL* ssl)
+{
+    WOLFSSL_ENTER("SSL_want_read");
+    if (ssl->error == WANT_READ)
+        return 1;
+
+    return 0;
+}
+
+
+/* return TRUE if current error is want write */
+int wolfSSL_want_write(WOLFSSL* ssl)
+{
+    WOLFSSL_ENTER("SSL_want_write");
+    if (ssl->error == WANT_WRITE)
+        return 1;
+
+    return 0;
+}
+
+
+char* wolfSSL_ERR_error_string(unsigned long errNumber, char* data)
+{
+    static const char* msg = "Please supply a buffer for error string";
+
+    WOLFSSL_ENTER("ERR_error_string");
+    if (data) {
+        SetErrorString((int)errNumber, data);
+        return data;
+    }
+
+    return (char*)msg;
+}
+
+
+void wolfSSL_ERR_error_string_n(unsigned long e, char* buf, unsigned long len)
+{
+    WOLFSSL_ENTER("wolfSSL_ERR_error_string_n");
+    if (len >= WOLFSSL_MAX_ERROR_SZ)
+        wolfSSL_ERR_error_string(e, buf);
+    else {
+        char tmp[WOLFSSL_MAX_ERROR_SZ];
+
+        WOLFSSL_MSG("Error buffer too short, truncating");
+        if (len) {
+            wolfSSL_ERR_error_string(e, tmp);
+            XMEMCPY(buf, tmp, len-1);
+            buf[len-1] = '\0';
+        }
+    }
+}
+
+
+/* don't free temporary arrays at end of handshake */
+void wolfSSL_KeepArrays(WOLFSSL* ssl)
+{
+    if (ssl)
+        ssl->options.saveArrays = 1;
+}
+
+
+/* user doesn't need temporary arrays anymore, Free */
+void wolfSSL_FreeArrays(WOLFSSL* ssl)
+{
+    if (ssl && ssl->options.handShakeState == HANDSHAKE_DONE) {
+        ssl->options.saveArrays = 0;
+        FreeArrays(ssl, 1);
+    }
+}
+
+
+const byte* wolfSSL_GetMacSecret(WOLFSSL* ssl, int verify)
+{
+    if (ssl == NULL)
+        return NULL;
+
+    if ( (ssl->options.side == WOLFSSL_CLIENT_END && !verify) ||
+         (ssl->options.side == WOLFSSL_SERVER_END &&  verify) )
+        return ssl->keys.client_write_MAC_secret;
+    else
+        return ssl->keys.server_write_MAC_secret;
+}
+
+
+#ifdef ATOMIC_USER
+
+void  wolfSSL_CTX_SetMacEncryptCb(WOLFSSL_CTX* ctx, CallbackMacEncrypt cb)
+{
+    if (ctx)
+        ctx->MacEncryptCb = cb;
+}
+
+
+void  wolfSSL_SetMacEncryptCtx(WOLFSSL* ssl, void *ctx)
+{
+    if (ssl)
+        ssl->MacEncryptCtx = ctx;
+}
+
+
+void* wolfSSL_GetMacEncryptCtx(WOLFSSL* ssl)
+{
+    if (ssl)
+        return ssl->MacEncryptCtx;
+
+    return NULL;
+}
+
+
+void  wolfSSL_CTX_SetDecryptVerifyCb(WOLFSSL_CTX* ctx, CallbackDecryptVerify cb)
+{
+    if (ctx)
+        ctx->DecryptVerifyCb = cb;
+}
+
+
+void  wolfSSL_SetDecryptVerifyCtx(WOLFSSL* ssl, void *ctx)
+{
+    if (ssl)
+        ssl->DecryptVerifyCtx = ctx;
+}
+
+
+void* wolfSSL_GetDecryptVerifyCtx(WOLFSSL* ssl)
+{
+    if (ssl)
+        return ssl->DecryptVerifyCtx;
+
+    return NULL;
+}
+
+
+const byte* wolfSSL_GetClientWriteKey(WOLFSSL* ssl)
+{
+    if (ssl)
+        return ssl->keys.client_write_key;
+
+    return NULL;
+}
+
+
+const byte* wolfSSL_GetClientWriteIV(WOLFSSL* ssl)
+{
+    if (ssl)
+        return ssl->keys.client_write_IV;
+
+    return NULL;
+}
+
+
+const byte* wolfSSL_GetServerWriteKey(WOLFSSL* ssl)
+{
+    if (ssl)
+        return ssl->keys.server_write_key;
+
+    return NULL;
+}
+
+
+const byte* wolfSSL_GetServerWriteIV(WOLFSSL* ssl)
+{
+    if (ssl)
+        return ssl->keys.server_write_IV;
+
+    return NULL;
+}
+
+
+int wolfSSL_GetKeySize(WOLFSSL* ssl)
+{
+    if (ssl)
+        return ssl->specs.key_size;
+
+    return BAD_FUNC_ARG;
+}
+
+
+int wolfSSL_GetIVSize(WOLFSSL* ssl)
+{
+    if (ssl)
+        return ssl->specs.iv_size;
+
+    return BAD_FUNC_ARG;
+}
+
+
+int wolfSSL_GetBulkCipher(WOLFSSL* ssl)
+{
+    if (ssl)
+        return ssl->specs.bulk_cipher_algorithm;
+
+    return BAD_FUNC_ARG;
+}
+
+
+int wolfSSL_GetCipherType(WOLFSSL* ssl)
+{
+    if (ssl == NULL)
+        return BAD_FUNC_ARG;
+
+    if (ssl->specs.cipher_type == block)
+        return WOLFSSL_BLOCK_TYPE;
+    if (ssl->specs.cipher_type == stream)
+        return WOLFSSL_STREAM_TYPE;
+    if (ssl->specs.cipher_type == aead)
+        return WOLFSSL_AEAD_TYPE;
+
+    return -1;
+}
+
+
+int wolfSSL_GetCipherBlockSize(WOLFSSL* ssl)
+{
+    if (ssl == NULL)
+        return BAD_FUNC_ARG;
+
+    return ssl->specs.block_size;
+}
+
+
+int wolfSSL_GetAeadMacSize(WOLFSSL* ssl)
+{
+    if (ssl == NULL)
+        return BAD_FUNC_ARG;
+
+    return ssl->specs.aead_mac_size;
+}
+
+
+int wolfSSL_IsTLSv1_1(WOLFSSL* ssl)
+{
+    if (ssl == NULL)
+        return BAD_FUNC_ARG;
+
+    if (ssl->options.tls1_1)
+        return 1;
+
+    return 0;
+}
+
+
+int wolfSSL_GetSide(WOLFSSL* ssl)
+{
+    if (ssl)
+        return ssl->options.side;
+
+    return BAD_FUNC_ARG;
+}
+
+
+int wolfSSL_GetHmacSize(WOLFSSL* ssl)
+{
+    /* AEAD ciphers don't have HMAC keys */
+    if (ssl)
+        return (ssl->specs.cipher_type != aead) ? ssl->specs.hash_size : 0;
+
+    return BAD_FUNC_ARG;
+}
+
+#endif /* ATOMIC_USER */
+
+#ifndef NO_CERTS
+
+WOLFSSL_CERT_MANAGER* wolfSSL_CertManagerNew(void)
+{
+    WOLFSSL_CERT_MANAGER* cm = NULL;
+
+    WOLFSSL_ENTER("wolfSSL_CertManagerNew");
+
+    cm = (WOLFSSL_CERT_MANAGER*) XMALLOC(sizeof(WOLFSSL_CERT_MANAGER), 0,
+                                        DYNAMIC_TYPE_CERT_MANAGER);
+    if (cm) {
+        XMEMSET(cm, 0, sizeof(WOLFSSL_CERT_MANAGER));
+
+        if (InitMutex(&cm->caLock) != 0) {
+            WOLFSSL_MSG("Bad mutex init");
+            wolfSSL_CertManagerFree(cm);
+            return NULL;
+        }
+    }
+
+    return cm;
+}
+
+
+void wolfSSL_CertManagerFree(WOLFSSL_CERT_MANAGER* cm)
+{
+    WOLFSSL_ENTER("wolfSSL_CertManagerFree");
+
+    if (cm) {
+        #ifdef HAVE_CRL
+            if (cm->crl)
+                FreeCRL(cm->crl, 1);
+        #endif
+        #ifdef HAVE_OCSP
+            if (cm->ocsp)
+                FreeOCSP(cm->ocsp, 1);
+        #endif
+        FreeSignerTable(cm->caTable, CA_TABLE_SIZE, NULL);
+        FreeMutex(&cm->caLock);
+        XFREE(cm, NULL, DYNAMIC_TYPE_CERT_MANAGER);
+    }
+
+}
+
+
+/* Unload the CA signer list */
+int wolfSSL_CertManagerUnloadCAs(WOLFSSL_CERT_MANAGER* cm)
+{
+    WOLFSSL_ENTER("wolfSSL_CertManagerUnloadCAs");
+
+    if (cm == NULL)
+        return BAD_FUNC_ARG;
+
+    if (LockMutex(&cm->caLock) != 0)
+        return BAD_MUTEX_E;
+
+    FreeSignerTable(cm->caTable, CA_TABLE_SIZE, NULL);
+
+    UnLockMutex(&cm->caLock);
+
+
+    return SSL_SUCCESS;
+}
+
+
+/* Return bytes written to buff or < 0 for error */
+int wolfSSL_CertPemToDer(const unsigned char* pem, int pemSz,
+                        unsigned char* buff, int buffSz,
+                        int type)
+{
+    int            eccKey = 0;
+    int            ret;
+    buffer         der;
+#ifdef WOLFSSL_SMALL_STACK
+    EncryptedInfo* info = NULL;
+#else
+    EncryptedInfo  info[1];
+#endif
+
+    WOLFSSL_ENTER("wolfSSL_CertPemToDer");
+
+    if (pem == NULL || buff == NULL || buffSz <= 0) {
+        WOLFSSL_MSG("Bad pem der args");
+        return BAD_FUNC_ARG;
+    }
+
+    if (type != CERT_TYPE && type != CA_TYPE && type != CERTREQ_TYPE) {
+        WOLFSSL_MSG("Bad cert type");
+        return BAD_FUNC_ARG;
+    }
+
+#ifdef WOLFSSL_SMALL_STACK
+    info = (EncryptedInfo*)XMALLOC(sizeof(EncryptedInfo), NULL,
+                                                       DYNAMIC_TYPE_TMP_BUFFER);
+    if (info == NULL)
+        return MEMORY_E;
+#endif
+
+    info->set      = 0;
+    info->ctx      = NULL;
+    info->consumed = 0;
+    der.buffer     = NULL;
+
+    ret = PemToDer(pem, pemSz, type, &der, NULL, info, &eccKey);
+
+#ifdef WOLFSSL_SMALL_STACK
+    XFREE(info, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+
+    if (ret < 0) {
+        WOLFSSL_MSG("Bad Pem To Der");
+    }
+    else {
+        if (der.length <= (word32)buffSz) {
+            XMEMCPY(buff, der.buffer, der.length);
+            ret = der.length;
+        }
+        else {
+            WOLFSSL_MSG("Bad der length");
+            ret = BAD_FUNC_ARG;
+        }
+    }
+
+    XFREE(der.buffer, NULL, DYNAMIC_TYPE_KEY);
+
+    return ret;
+}
+
+
+#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER)
+
+/* our KeyPemToDer password callback, password in userData */
+static INLINE int OurPasswordCb(char* passwd, int sz, int rw, void* userdata)
+{
+    (void)rw;
+
+    if (userdata == NULL)
+        return 0;
+
+    XSTRNCPY(passwd, (char*)userdata, sz);
+    return min((word32)sz, (word32)XSTRLEN((char*)userdata));
+}
+
+#endif /* OPENSSL_EXTRA || HAVE_WEBSERVER */
+
+
+/* Return bytes written to buff or < 0 for error */
+int wolfSSL_KeyPemToDer(const unsigned char* pem, int pemSz, unsigned char* buff,
+                       int buffSz, const char* pass)
+{
+    int            eccKey = 0;
+    int            ret;
+    buffer         der;
+#ifdef WOLFSSL_SMALL_STACK
+    EncryptedInfo* info = NULL;
+#else
+    EncryptedInfo  info[1];
+#endif
+
+    (void)pass;
+
+    WOLFSSL_ENTER("wolfSSL_KeyPemToDer");
+
+    if (pem == NULL || buff == NULL || buffSz <= 0) {
+        WOLFSSL_MSG("Bad pem der args");
+        return BAD_FUNC_ARG;
+    }
+
+#ifdef WOLFSSL_SMALL_STACK
+    info = (EncryptedInfo*)XMALLOC(sizeof(EncryptedInfo), NULL,
+                                                       DYNAMIC_TYPE_TMP_BUFFER);
+    if (info == NULL)
+        return MEMORY_E;
+#endif
+
+    info->set      = 0;
+    info->ctx      = NULL;
+    info->consumed = 0;
+    der.buffer     = NULL;
+
+#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER)
+    if (pass) {
+        info->ctx = wolfSSL_CTX_new(wolfSSLv23_client_method());
+        if (info->ctx == NULL) {
+        #ifdef WOLFSSL_SMALL_STACK
+            XFREE(info, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        #endif
+            return MEMORY_E;
+        }
+
+        wolfSSL_CTX_set_default_passwd_cb(info->ctx, OurPasswordCb);
+        wolfSSL_CTX_set_default_passwd_cb_userdata(info->ctx, (void*)pass);
+    }
+#endif
+
+    ret = PemToDer(pem, pemSz, PRIVATEKEY_TYPE, &der, NULL, info, &eccKey);
+
+    if (info->ctx)
+        wolfSSL_CTX_free(info->ctx);
+
+#ifdef WOLFSSL_SMALL_STACK
+    XFREE(info, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+
+    if (ret < 0) {
+        WOLFSSL_MSG("Bad Pem To Der");
+    }
+    else {
+        if (der.length <= (word32)buffSz) {
+            XMEMCPY(buff, der.buffer, der.length);
+            ret = der.length;
+        }
+        else {
+            WOLFSSL_MSG("Bad der length");
+            ret = BAD_FUNC_ARG;
+        }
+    }
+
+    XFREE(der.buffer, NULL, DYNAMIC_TYPE_KEY);
+
+    return ret;
+}
+
+
+#endif /* !NO_CERTS */
+
+
+
+#if !defined(NO_FILESYSTEM) && !defined(NO_STDIO_FILESYSTEM)
+
+void wolfSSL_ERR_print_errors_fp(FILE* fp, int err)
+{
+    char data[WOLFSSL_MAX_ERROR_SZ + 1];
+
+    WOLFSSL_ENTER("wolfSSL_ERR_print_errors_fp");
+    SetErrorString(err, data);
+    fprintf(fp, "%s", data);
+}
+
+#endif
+
+
+int wolfSSL_pending(WOLFSSL* ssl)
+{
+    WOLFSSL_ENTER("SSL_pending");
+    return ssl->buffers.clearOutputBuffer.length;
+}
+
+
+#ifndef WOLFSSL_LEANPSK
+/* trun on handshake group messages for context */
+int wolfSSL_CTX_set_group_messages(WOLFSSL_CTX* ctx)
+{
+    if (ctx == NULL)
+       return BAD_FUNC_ARG;
+
+    ctx->groupMessages = 1;
+
+    return SSL_SUCCESS;
+}
+#endif
+
+
+#ifndef NO_WOLFSSL_CLIENT
+/* connect enough to get peer cert chain */
+int wolfSSL_connect_cert(WOLFSSL* ssl)
+{
+    int  ret;
+
+    if (ssl == NULL)
+        return SSL_FAILURE;
+
+    ssl->options.certOnly = 1;
+    ret = wolfSSL_connect(ssl);
+    ssl->options.certOnly   = 0;
+
+    return ret;
+}
+#endif
+
+
+#ifndef WOLFSSL_LEANPSK
+/* trun on handshake group messages for ssl object */
+int wolfSSL_set_group_messages(WOLFSSL* ssl)
+{
+    if (ssl == NULL)
+       return BAD_FUNC_ARG;
+
+    ssl->options.groupMessages = 1;
+
+    return SSL_SUCCESS;
+}
+
+
+/* Set minimum downgrade version allowed, SSL_SUCCESS on ok */
+int wolfSSL_SetMinVersion(WOLFSSL* ssl, int version)
+{
+    WOLFSSL_ENTER("wolfSSL_SetMinVersion");
+
+    if (ssl == NULL) {
+        WOLFSSL_MSG("Bad function argument");
+        return BAD_FUNC_ARG;
+    }
+
+    switch (version) {
+#ifndef NO_OLD_TLS
+        case WOLFSSL_SSLV3:
+            ssl->options.minDowngrade = SSLv3_MINOR;
+            break;
+#endif
+
+#ifndef NO_TLS
+    #ifndef NO_OLD_TLS
+        case WOLFSSL_TLSV1:
+            ssl->options.minDowngrade = TLSv1_MINOR;
+            break;
+
+        case WOLFSSL_TLSV1_1:
+            ssl->options.minDowngrade = TLSv1_1_MINOR;
+            break;
+    #endif
+        case WOLFSSL_TLSV1_2:
+            ssl->options.minDowngrade = TLSv1_2_MINOR;
+            break;
+#endif
+
+        default:
+            WOLFSSL_MSG("Bad function argument");
+            return BAD_FUNC_ARG;
+    }
+
+
+    return SSL_SUCCESS;
+}
+
+
+int wolfSSL_SetVersion(WOLFSSL* ssl, int version)
+{
+    byte haveRSA = 1;
+    byte havePSK = 0;
+
+    WOLFSSL_ENTER("wolfSSL_SetVersion");
+
+    if (ssl == NULL) {
+        WOLFSSL_MSG("Bad function argument");
+        return BAD_FUNC_ARG;
+    }
+
+    switch (version) {
+#ifndef NO_OLD_TLS
+        case WOLFSSL_SSLV3:
+            ssl->version = MakeSSLv3();
+            break;
+#endif
+
+#ifndef NO_TLS
+    #ifndef NO_OLD_TLS
+        case WOLFSSL_TLSV1:
+            ssl->version = MakeTLSv1();
+            break;
+
+        case WOLFSSL_TLSV1_1:
+            ssl->version = MakeTLSv1_1();
+            break;
+    #endif
+        case WOLFSSL_TLSV1_2:
+            ssl->version = MakeTLSv1_2();
+            break;
+#endif
+
+        default:
+            WOLFSSL_MSG("Bad function argument");
+            return BAD_FUNC_ARG;
+    }
+
+    #ifdef NO_RSA
+        haveRSA = 0;
+    #endif
+    #ifndef NO_PSK
+        havePSK = ssl->options.havePSK;
+    #endif
+
+    InitSuites(ssl->suites, ssl->version, haveRSA, havePSK, ssl->options.haveDH,
+                ssl->options.haveNTRU, ssl->options.haveECDSAsig,
+                ssl->options.haveStaticECC, ssl->options.side);
+
+    return SSL_SUCCESS;
+}
+#endif /* !leanpsk */
+
+
+#if !defined(NO_CERTS) || !defined(NO_SESSION_CACHE)
+
+/* Make a work from the front of random hash */
+static INLINE word32 MakeWordFromHash(const byte* hashID)
+{
+    return (hashID[0] << 24) | (hashID[1] << 16) | (hashID[2] <<  8) |
+            hashID[3];
+}
+
+#endif /* !NO_CERTS || !NO_SESSION_CACHE */
+
+
+#ifndef NO_CERTS
+
+/* hash is the SHA digest of name, just use first 32 bits as hash */
+static INLINE word32 HashSigner(const byte* hash)
+{
+    return MakeWordFromHash(hash) % CA_TABLE_SIZE;
+}
+
+
+/* does CA already exist on signer list */
+int AlreadySigner(WOLFSSL_CERT_MANAGER* cm, byte* hash)
+{
+    Signer* signers;
+    int     ret = 0;
+    word32  row = HashSigner(hash);
+
+    if (LockMutex(&cm->caLock) != 0)
+        return  ret;
+    signers = cm->caTable[row];
+    while (signers) {
+        byte* subjectHash;
+        #ifndef NO_SKID
+            subjectHash = signers->subjectKeyIdHash;
+        #else
+            subjectHash = signers->subjectNameHash;
+        #endif
+        if (XMEMCMP(hash, subjectHash, SHA_DIGEST_SIZE) == 0) {
+            ret = 1;
+            break;
+        }
+        signers = signers->next;
+    }
+    UnLockMutex(&cm->caLock);
+
+    return ret;
+}
+
+
+/* return CA if found, otherwise NULL */
+Signer* GetCA(void* vp, byte* hash)
+{
+    WOLFSSL_CERT_MANAGER* cm = (WOLFSSL_CERT_MANAGER*)vp;
+    Signer* ret = NULL;
+    Signer* signers;
+    word32  row = HashSigner(hash);
+
+    if (cm == NULL)
+        return NULL;
+
+    if (LockMutex(&cm->caLock) != 0)
+        return ret;
+
+    signers = cm->caTable[row];
+    while (signers) {
+        byte* subjectHash;
+        #ifndef NO_SKID
+            subjectHash = signers->subjectKeyIdHash;
+        #else
+            subjectHash = signers->subjectNameHash;
+        #endif
+        if (XMEMCMP(hash, subjectHash, SHA_DIGEST_SIZE) == 0) {
+            ret = signers;
+            break;
+        }
+        signers = signers->next;
+    }
+    UnLockMutex(&cm->caLock);
+
+    return ret;
+}
+
+
+#ifndef NO_SKID
+/* return CA if found, otherwise NULL. Walk through hash table. */
+Signer* GetCAByName(void* vp, byte* hash)
+{
+    WOLFSSL_CERT_MANAGER* cm = (WOLFSSL_CERT_MANAGER*)vp;
+    Signer* ret = NULL;
+    Signer* signers;
+    word32  row;
+
+    if (cm == NULL)
+        return NULL;
+
+    if (LockMutex(&cm->caLock) != 0)
+        return ret;
+
+    for (row = 0; row < CA_TABLE_SIZE && ret == NULL; row++) {
+        signers = cm->caTable[row];
+        while (signers && ret == NULL) {
+            if (XMEMCMP(hash, signers->subjectNameHash, SHA_DIGEST_SIZE) == 0) {
+                ret = signers;
+            }
+            signers = signers->next;
+        }
+    }
+    UnLockMutex(&cm->caLock);
+
+    return ret;
+}
+#endif
+
+
+/* owns der, internal now uses too */
+/* type flag ids from user or from chain received during verify
+   don't allow chain ones to be added w/o isCA extension */
+int AddCA(WOLFSSL_CERT_MANAGER* cm, buffer der, int type, int verify)
+{
+    int         ret;
+    Signer*     signer = 0;
+    word32      row;
+    byte*       subjectHash;
+#ifdef WOLFSSL_SMALL_STACK
+    DecodedCert* cert = NULL;
+#else
+    DecodedCert  cert[1];
+#endif
+
+    WOLFSSL_MSG("Adding a CA");
+
+#ifdef WOLFSSL_SMALL_STACK
+    cert = (DecodedCert*)XMALLOC(sizeof(DecodedCert), NULL,
+                                                       DYNAMIC_TYPE_TMP_BUFFER);
+    if (cert == NULL)
+        return MEMORY_E;
+#endif
+
+    InitDecodedCert(cert, der.buffer, der.length, cm->heap);
+    ret = ParseCert(cert, CA_TYPE, verify, cm);
+    WOLFSSL_MSG("    Parsed new CA");
+
+#ifndef NO_SKID
+    subjectHash = cert->extSubjKeyId;
+#else
+    subjectHash = cert->subjectHash;
+#endif
+
+    if (ret == 0 && cert->isCA == 0 && type != WOLFSSL_USER_CA) {
+        WOLFSSL_MSG("    Can't add as CA if not actually one");
+        ret = NOT_CA_ERROR;
+    }
+#ifndef ALLOW_INVALID_CERTSIGN
+    else if (ret == 0 && cert->isCA == 1 && type != WOLFSSL_USER_CA &&
+                              (cert->extKeyUsage & KEYUSE_KEY_CERT_SIGN) == 0) {
+        /* Intermediate CA certs are required to have the keyCertSign
+        * extension set. User loaded root certs are not. */
+        WOLFSSL_MSG("    Doesn't have key usage certificate signing");
+        ret = NOT_CA_ERROR;
+    }
+#endif
+    else if (ret == 0 && AlreadySigner(cm, subjectHash)) {
+        WOLFSSL_MSG("    Already have this CA, not adding again");
+        (void)ret;
+    }
+    else if (ret == 0) {
+        /* take over signer parts */
+        signer = MakeSigner(cm->heap);
+        if (!signer)
+            ret = MEMORY_ERROR;
+        else {
+            signer->keyOID         = cert->keyOID;
+            signer->publicKey      = cert->publicKey;
+            signer->pubKeySize     = cert->pubKeySize;
+            signer->nameLen        = cert->subjectCNLen;
+            signer->name           = cert->subjectCN;
+        #ifndef IGNORE_NAME_CONSTRAINTS
+            signer->permittedNames = cert->permittedNames;
+            signer->excludedNames  = cert->excludedNames;
+        #endif
+        #ifndef NO_SKID
+            XMEMCPY(signer->subjectKeyIdHash, cert->extSubjKeyId,
+                                                               SHA_DIGEST_SIZE);
+        #endif
+            XMEMCPY(signer->subjectNameHash, cert->subjectHash,
+                                                               SHA_DIGEST_SIZE);
+            signer->keyUsage = cert->extKeyUsageSet ? cert->extKeyUsage
+                                                    : 0xFFFF;
+            signer->next    = NULL; /* If Key Usage not set, all uses valid. */
+            cert->publicKey = 0;    /* in case lock fails don't free here.   */
+            cert->subjectCN = 0;
+        #ifndef IGNORE_NAME_CONSTRAINTS
+            cert->permittedNames = NULL;
+            cert->excludedNames = NULL;
+        #endif
+
+        #ifndef NO_SKID
+            row = HashSigner(signer->subjectKeyIdHash);
+        #else
+            row = HashSigner(signer->subjectNameHash);
+        #endif
+
+            if (LockMutex(&cm->caLock) == 0) {
+                signer->next = cm->caTable[row];
+                cm->caTable[row] = signer;   /* takes ownership */
+                UnLockMutex(&cm->caLock);
+                if (cm->caCacheCallback)
+                    cm->caCacheCallback(der.buffer, (int)der.length, type);
+            }
+            else {
+                WOLFSSL_MSG("    CA Mutex Lock failed");
+                ret = BAD_MUTEX_E;
+                FreeSigner(signer, cm->heap);
+            }
+        }
+    }
+
+    WOLFSSL_MSG("    Freeing Parsed CA");
+    FreeDecodedCert(cert);
+#ifdef WOLFSSL_SMALL_STACK
+    XFREE(cert, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+    WOLFSSL_MSG("    Freeing der CA");
+    XFREE(der.buffer, cm->heap, DYNAMIC_TYPE_CA);
+    WOLFSSL_MSG("        OK Freeing der CA");
+
+    WOLFSSL_LEAVE("AddCA", ret);
+
+    return ret == 0 ? SSL_SUCCESS : ret;
+}
+
+#endif /* !NO_CERTS */
+
+
+#ifndef NO_SESSION_CACHE
+
+    /* basic config gives a cache with 33 sessions, adequate for clients and
+       embedded servers
+
+       MEDIUM_SESSION_CACHE allows 1055 sessions, adequate for servers that
+       aren't under heavy load, basically allows 200 new sessions per minute
+
+       BIG_SESSION_CACHE yields 20,027 sessions
+
+       HUGE_SESSION_CACHE yields 65,791 sessions, for servers under heavy load,
+       allows over 13,000 new sessions per minute or over 200 new sessions per
+       second
+
+       SMALL_SESSION_CACHE only stores 6 sessions, good for embedded clients
+       or systems where the default of nearly 3kB is too much RAM, this define
+       uses less than 500 bytes RAM
+
+       default SESSION_CACHE stores 33 sessions (no XXX_SESSION_CACHE defined)
+    */
+    #ifdef HUGE_SESSION_CACHE
+        #define SESSIONS_PER_ROW 11
+        #define SESSION_ROWS 5981
+    #elif defined(BIG_SESSION_CACHE)
+        #define SESSIONS_PER_ROW 7
+        #define SESSION_ROWS 2861
+    #elif defined(MEDIUM_SESSION_CACHE)
+        #define SESSIONS_PER_ROW 5
+        #define SESSION_ROWS 211
+    #elif defined(SMALL_SESSION_CACHE)
+        #define SESSIONS_PER_ROW 2
+        #define SESSION_ROWS 3
+    #else
+        #define SESSIONS_PER_ROW 3
+        #define SESSION_ROWS 11
+    #endif
+
+    typedef struct SessionRow {
+        int nextIdx;                           /* where to place next one   */
+        int totalCount;                        /* sessions ever on this row */
+        WOLFSSL_SESSION Sessions[SESSIONS_PER_ROW];
+    } SessionRow;
+
+    static SessionRow SessionCache[SESSION_ROWS];
+
+    static wolfSSL_Mutex session_mutex;   /* SessionCache mutex */
+
+    #ifndef NO_CLIENT_CACHE
+
+        typedef struct ClientSession {
+            word16 serverRow;            /* SessionCache Row id */
+            word16 serverIdx;            /* SessionCache Idx (column) */
+        } ClientSession;
+
+        typedef struct ClientRow {
+            int nextIdx;                /* where to place next one   */
+            int totalCount;             /* sessions ever on this row */
+            ClientSession Clients[SESSIONS_PER_ROW];
+        } ClientRow;
+
+        static ClientRow ClientCache[SESSION_ROWS];  /* Client Cache */
+                                                     /* uses session mutex */
+    #endif  /* NO_CLIENT_CACHE */
+
+#endif /* NO_SESSION_CACHE */
+
+
+int wolfSSL_Init(void)
+{
+    int ret = SSL_SUCCESS;
+
+    WOLFSSL_ENTER("wolfSSL_Init");
+
+    if (initRefCount == 0) {
+#ifndef NO_SESSION_CACHE
+        if (InitMutex(&session_mutex) != 0)
+            ret = BAD_MUTEX_E;
+#endif
+        if (InitMutex(&count_mutex) != 0)
+            ret = BAD_MUTEX_E;
+    }
+    if (ret == SSL_SUCCESS) {
+        if (LockMutex(&count_mutex) != 0) {
+            WOLFSSL_MSG("Bad Lock Mutex count");
+            return BAD_MUTEX_E;
+        }
+        initRefCount++;
+        UnLockMutex(&count_mutex);
+    }
+
+    return ret;
+}
+
+
+#ifndef NO_CERTS
+
+static const char* BEGIN_CERT         = "-----BEGIN CERTIFICATE-----";
+static const char* END_CERT           = "-----END CERTIFICATE-----";
+static const char* BEGIN_CERT_REQ     = "-----BEGIN CERTIFICATE REQUEST-----";
+static const char* END_CERT_REQ       = "-----END CERTIFICATE REQUEST-----";
+static const char* BEGIN_DH_PARAM     = "-----BEGIN DH PARAMETERS-----";
+static const char* END_DH_PARAM       = "-----END DH PARAMETERS-----";
+static const char* BEGIN_X509_CRL     = "-----BEGIN X509 CRL-----";
+static const char* END_X509_CRL       = "-----END X509 CRL-----";
+static const char* BEGIN_RSA_PRIV     = "-----BEGIN RSA PRIVATE KEY-----";
+static const char* END_RSA_PRIV       = "-----END RSA PRIVATE KEY-----";
+static const char* BEGIN_PRIV_KEY     = "-----BEGIN PRIVATE KEY-----";
+static const char* END_PRIV_KEY       = "-----END PRIVATE KEY-----";
+static const char* BEGIN_ENC_PRIV_KEY = "-----BEGIN ENCRYPTED PRIVATE KEY-----";
+static const char* END_ENC_PRIV_KEY   = "-----END ENCRYPTED PRIVATE KEY-----";
+static const char* BEGIN_EC_PRIV      = "-----BEGIN EC PRIVATE KEY-----";
+static const char* END_EC_PRIV        = "-----END EC PRIVATE KEY-----";
+static const char* BEGIN_DSA_PRIV     = "-----BEGIN DSA PRIVATE KEY-----";
+static const char* END_DSA_PRIV       = "-----END DSA PRIVATE KEY-----";
+
+/* Remove PEM header/footer, convert to ASN1, store any encrypted data
+   info->consumed tracks of PEM bytes consumed in case multiple parts */
+int PemToDer(const unsigned char* buff, long longSz, int type,
+                  buffer* der, void* heap, EncryptedInfo* info, int* eccKey)
+{
+    const char* header      = NULL;
+    const char* footer      = NULL;
+    char*       headerEnd;
+    char*       footerEnd;
+    char*       consumedEnd;
+    char*       bufferEnd   = (char*)(buff + longSz);
+    long        neededSz;
+    int         ret         = 0;
+    int         dynamicType = 0;
+    int         sz          = (int)longSz;
+
+    switch (type) {
+        case CA_TYPE:       /* same as below */
+        case CERT_TYPE:     header= BEGIN_CERT;     footer= END_CERT;     break;
+        case CRL_TYPE:      header= BEGIN_X509_CRL; footer= END_X509_CRL; break;
+        case DH_PARAM_TYPE: header= BEGIN_DH_PARAM; footer= END_DH_PARAM; break;
+        case CERTREQ_TYPE:  header= BEGIN_CERT_REQ; footer= END_CERT_REQ; break;
+        default:            header= BEGIN_RSA_PRIV; footer= END_RSA_PRIV; break;
+    }
+    
+    switch (type) {
+        case CA_TYPE:   dynamicType = DYNAMIC_TYPE_CA;   break;
+        case CERT_TYPE: dynamicType = DYNAMIC_TYPE_CERT; break;
+        case CRL_TYPE:  dynamicType = DYNAMIC_TYPE_CRL;  break;
+        default:        dynamicType = DYNAMIC_TYPE_KEY;  break;
+    }
+
+    /* find header */
+    for (;;) {
+        headerEnd = XSTRNSTR((char*)buff, header, sz);
+        
+        if (headerEnd || type != PRIVATEKEY_TYPE) {
+            break;
+        } else if (header == BEGIN_RSA_PRIV) {
+                   header =  BEGIN_PRIV_KEY;       footer = END_PRIV_KEY;
+        } else if (header == BEGIN_PRIV_KEY) {
+                   header =  BEGIN_ENC_PRIV_KEY;   footer = END_ENC_PRIV_KEY;
+        } else if (header == BEGIN_ENC_PRIV_KEY) {
+                   header =  BEGIN_EC_PRIV;        footer = END_EC_PRIV;
+        } else if (header == BEGIN_EC_PRIV) {
+                   header =  BEGIN_DSA_PRIV;       footer = END_DSA_PRIV;
+        } else
+            break;
+    }
+
+    if (!headerEnd) {
+        WOLFSSL_MSG("Couldn't find PEM header");
+        return SSL_NO_PEM_HEADER;
+    }
+
+    headerEnd += XSTRLEN(header);
+
+    /* eat end of line */
+    if (headerEnd[0] == '\n')
+        headerEnd++;
+    else if (headerEnd[1] == '\n')
+        headerEnd += 2;
+    else
+        return SSL_BAD_FILE;
+
+    if (type == PRIVATEKEY_TYPE) {
+        if (eccKey)
+            *eccKey = header == BEGIN_EC_PRIV;      
+    }
+
+#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER)
+    {
+        /* remove encrypted header if there */
+        char encHeader[] = "Proc-Type";
+        char* line = XSTRNSTR(headerEnd, encHeader, PEM_LINE_LEN);
+        if (line) {
+            char* newline;
+            char* finish;
+            char* start  = XSTRNSTR(line, "DES", PEM_LINE_LEN);
+
+            if (!start)
+                start = XSTRNSTR(line, "AES", PEM_LINE_LEN);
+
+            if (!start) return SSL_BAD_FILE;
+            if (!info)  return SSL_BAD_FILE;
+
+            finish = XSTRNSTR(start, ",", PEM_LINE_LEN);
+
+            if (start && finish && (start < finish)) {
+                newline = XSTRNSTR(finish, "\r", PEM_LINE_LEN);
+
+                XMEMCPY(info->name, start, finish - start);
+                info->name[finish - start] = 0;
+                XMEMCPY(info->iv, finish + 1, sizeof(info->iv));
+
+                if (!newline) newline = XSTRNSTR(finish, "\n", PEM_LINE_LEN);
+                if (newline && (newline > finish)) {
+                    info->ivSz = (word32)(newline - (finish + 1));
+                    info->set = 1;
+                }
+                else
+                    return SSL_BAD_FILE;
+            }
+            else
+                return SSL_BAD_FILE;
+
+            /* eat blank line */
+            while (*newline == '\r' || *newline == '\n')
+                newline++;
+            headerEnd = newline;
+        }
+    }
+#endif /* OPENSSL_EXTRA || HAVE_WEBSERVER */
+
+    /* find footer */
+    footerEnd = XSTRNSTR((char*)buff, footer, sz);
+    if (!footerEnd)
+        return SSL_BAD_FILE;
+
+    consumedEnd = footerEnd + XSTRLEN(footer);
+
+    if (consumedEnd < bufferEnd) {  /* handle no end of line on last line */
+        /* eat end of line */
+        if (consumedEnd[0] == '\n')
+            consumedEnd++;
+        else if (consumedEnd[1] == '\n')
+            consumedEnd += 2;
+        else
+            return SSL_BAD_FILE;
+    }
+
+    if (info)
+        info->consumed = (long)(consumedEnd - (char*)buff);
+
+    /* set up der buffer */
+    neededSz = (long)(footerEnd - headerEnd);
+    if (neededSz > sz || neededSz < 0)
+        return SSL_BAD_FILE;
+
+    der->buffer = (byte*)XMALLOC(neededSz, heap, dynamicType);
+    if (!der->buffer)
+        return MEMORY_ERROR;
+
+    der->length = (word32)neededSz;
+
+    if (Base64_Decode((byte*)headerEnd, (word32)neededSz, der->buffer,
+                                                              &der->length) < 0)
+        return SSL_BAD_FILE;
+
+    if (header == BEGIN_PRIV_KEY) {
+        /* pkcs8 key, convert and adjust length */
+        if ((ret = ToTraditional(der->buffer, der->length)) < 0)
+            return ret;
+
+        der->length = ret;
+        return 0;
+    }
+
+#if (defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER)) && !defined(NO_PWDBASED)
+    if (header == BEGIN_ENC_PRIV_KEY) {
+        int   passwordSz;
+    #ifdef WOLFSSL_SMALL_STACK
+        char* password = NULL;
+    #else
+        char  password[80];
+    #endif
+
+        if (!info || !info->ctx || !info->ctx->passwd_cb)
+            return SSL_BAD_FILE;  /* no callback error */
+
+    #ifdef WOLFSSL_SMALL_STACK
+        password = (char*)XMALLOC(80, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        if (password == NULL)
+            return MEMORY_E;
+    #endif
+        passwordSz = info->ctx->passwd_cb(password, sizeof(password), 0,
+                                                           info->ctx->userdata);
+        /* convert and adjust length */
+        ret = ToTraditionalEnc(der->buffer, der->length, password, passwordSz);
+
+    #ifdef WOLFSSL_SMALL_STACK
+        XFREE(password, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    #endif
+
+        if (ret < 0)
+            return ret;
+
+        der->length = ret;
+        return 0;
+    }
+#endif
+
+    return 0;
+}
+
+
+/* process the buffer buff, legnth sz, into ctx of format and type
+   used tracks bytes consumed, userChain specifies a user cert chain
+   to pass during the handshake */
+static int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff,
+                         long sz, int format, int type, WOLFSSL* ssl,
+                         long* used, int userChain)
+{
+    buffer        der;        /* holds DER or RAW (for NTRU) */
+    int           ret;
+    int           dynamicType = 0;
+    int           eccKey = 0;
+    int           rsaKey = 0;
+    void*         heap = ctx ? ctx->heap : NULL;
+#ifdef WOLFSSL_SMALL_STACK
+    EncryptedInfo* info = NULL;
+#else
+    EncryptedInfo  info[1];
+#endif
+
+    (void)dynamicType;
+    (void)rsaKey;
+
+    if (used)
+        *used = sz;     /* used bytes default to sz, PEM chain may shorten*/
+
+    if (format != SSL_FILETYPE_ASN1 && format != SSL_FILETYPE_PEM
+                                    && format != SSL_FILETYPE_RAW)
+        return SSL_BAD_FILETYPE;
+
+    if (ctx == NULL && ssl == NULL)
+        return BAD_FUNC_ARG;
+
+    if (type == CA_TYPE)
+        dynamicType = DYNAMIC_TYPE_CA;
+    else if (type == CERT_TYPE)
+        dynamicType = DYNAMIC_TYPE_CERT;
+    else
+        dynamicType = DYNAMIC_TYPE_KEY;
+
+#ifdef WOLFSSL_SMALL_STACK
+    info = (EncryptedInfo*)XMALLOC(sizeof(EncryptedInfo), NULL,
+                                                       DYNAMIC_TYPE_TMP_BUFFER);
+    if (info == NULL)
+        return MEMORY_E;
+#endif
+
+    info->set      = 0;
+    info->ctx      = ctx;
+    info->consumed = 0;
+    der.buffer     = 0;
+
+    if (format == SSL_FILETYPE_PEM) {
+        ret = PemToDer(buff, sz, type, &der, heap, info, &eccKey);
+        if (ret < 0) {
+        #ifdef WOLFSSL_SMALL_STACK
+            XFREE(info, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        #endif
+            XFREE(der.buffer, heap, dynamicType);
+            return ret;
+        }
+
+        if (used)
+            *used = info->consumed;
+
+        /* we may have a user cert chain, try to consume */
+        if (userChain && type == CERT_TYPE && info->consumed < sz) {
+        #ifdef WOLFSSL_SMALL_STACK
+            byte   staticBuffer[1];                 /* force heap usage */
+        #else
+            byte   staticBuffer[FILE_BUFFER_SIZE];  /* tmp chain buffer */
+        #endif
+            byte*  chainBuffer = staticBuffer;
+            byte*  shrinked    = NULL;   /* shrinked to size chainBuffer
+                                          * or staticBuffer */
+            int    dynamicBuffer = 0;
+            word32 bufferSz = sizeof(staticBuffer);
+            long   consumed = info->consumed;
+            word32 idx = 0;
+            int    gotOne = 0;
+
+            if ( (sz - consumed) > (int)bufferSz) {
+                WOLFSSL_MSG("Growing Tmp Chain Buffer");
+                bufferSz = (word32)(sz - consumed);
+                           /* will shrink to actual size */
+                chainBuffer = (byte*)XMALLOC(bufferSz, heap, DYNAMIC_TYPE_FILE);
+                if (chainBuffer == NULL) {
+                #ifdef WOLFSSL_SMALL_STACK
+                    XFREE(info, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+                #endif
+                    XFREE(der.buffer, heap, dynamicType);
+                    return MEMORY_E;
+                }
+                dynamicBuffer = 1;
+            }
+
+            WOLFSSL_MSG("Processing Cert Chain");
+            while (consumed < sz) {
+                buffer part;
+                info->consumed = 0;
+                part.buffer = 0;
+
+                ret = PemToDer(buff + consumed, sz - consumed, type, &part,
+                                                           heap, info, &eccKey);
+                if (ret == 0) {
+                    gotOne = 1;
+                    if ( (idx + part.length) > bufferSz) {
+                        WOLFSSL_MSG("   Cert Chain bigger than buffer");
+                        ret = BUFFER_E;
+                    }
+                    else {
+                        c32to24(part.length, &chainBuffer[idx]);
+                        idx += CERT_HEADER_SZ;
+                        XMEMCPY(&chainBuffer[idx], part.buffer,part.length);
+                        idx += part.length;
+                        consumed  += info->consumed;
+                        if (used)
+                            *used += info->consumed;
+                    }
+                }
+
+                XFREE(part.buffer, heap, dynamicType);
+
+                if (ret == SSL_NO_PEM_HEADER && gotOne) {
+                    WOLFSSL_MSG("We got one good PEM so stuff at end ok");
+                    break;
+                }
+
+                if (ret < 0) {
+                    WOLFSSL_MSG("   Error in Cert in Chain");
+                    if (dynamicBuffer)
+                        XFREE(chainBuffer, heap, DYNAMIC_TYPE_FILE);
+                #ifdef WOLFSSL_SMALL_STACK
+                    XFREE(info, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+                #endif
+                    XFREE(der.buffer, heap, dynamicType);
+                    return ret;
+                }
+                WOLFSSL_MSG("   Consumed another Cert in Chain");
+            }
+            WOLFSSL_MSG("Finished Processing Cert Chain");
+
+            /* only retain actual size used */
+            shrinked = (byte*)XMALLOC(idx, heap, dynamicType);
+            if (shrinked) {
+                if (ssl) {
+                    if (ssl->buffers.certChain.buffer &&
+                                                  ssl->buffers.weOwnCertChain) {
+                        XFREE(ssl->buffers.certChain.buffer, heap,
+                              dynamicType);
+                    }
+                    ssl->buffers.certChain.buffer = shrinked;
+                    ssl->buffers.certChain.length = idx;
+                    XMEMCPY(ssl->buffers.certChain.buffer, chainBuffer,idx);
+                    ssl->buffers.weOwnCertChain = 1;
+                } else if (ctx) {
+                    if (ctx->certChain.buffer)
+                        XFREE(ctx->certChain.buffer, heap, dynamicType);
+                    ctx->certChain.buffer = shrinked;
+                    ctx->certChain.length = idx;
+                    XMEMCPY(ctx->certChain.buffer, chainBuffer, idx);
+                }
+            }
+
+            if (dynamicBuffer)
+                XFREE(chainBuffer, heap, DYNAMIC_TYPE_FILE);
+
+            if (shrinked == NULL) {
+            #ifdef WOLFSSL_SMALL_STACK
+                XFREE(info, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+            #endif
+                XFREE(der.buffer, heap, dynamicType);
+                return MEMORY_E;
+            }
+        }
+    }
+    else {  /* ASN1 (DER) or RAW (NTRU) */
+        der.buffer = (byte*) XMALLOC(sz, heap, dynamicType);
+        if (!der.buffer) {
+        #ifdef WOLFSSL_SMALL_STACK
+            XFREE(info, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        #endif
+            return MEMORY_ERROR;
+        }
+
+        XMEMCPY(der.buffer, buff, sz);
+        der.length = (word32)sz;
+    }
+
+#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER)
+    if (info->set) {
+        /* decrypt */
+        int   passwordSz;
+#ifdef WOLFSSL_SMALL_STACK
+        char* password = NULL;
+        byte* key      = NULL;
+        byte* iv       = NULL;
+#else
+        char  password[80];
+        byte  key[AES_256_KEY_SIZE];
+        byte  iv[AES_IV_SIZE];
+#endif
+
+    #ifdef WOLFSSL_SMALL_STACK
+        password = (char*)XMALLOC(80, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        key      = (byte*)XMALLOC(AES_256_KEY_SIZE, NULL,
+                                                   DYNAMIC_TYPE_TMP_BUFFER);
+        iv       = (byte*)XMALLOC(AES_IV_SIZE, NULL, 
+                                                   DYNAMIC_TYPE_TMP_BUFFER);
+
+        if (password == NULL || key == NULL || iv == NULL) {
+            XFREE(password, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+            XFREE(key,      NULL, DYNAMIC_TYPE_TMP_BUFFER);
+            XFREE(iv,       NULL, DYNAMIC_TYPE_TMP_BUFFER);
+            ret = MEMORY_E;
+        }
+        else
+    #endif
+        if (!ctx || !ctx->passwd_cb) {
+            ret = NO_PASSWORD;
+        }
+        else {
+            passwordSz = ctx->passwd_cb(password, sizeof(password), 0,
+                                                             ctx->userdata);
+
+            /* use file's salt for key derivation, hex decode first */
+            if (Base16_Decode(info->iv, info->ivSz, info->iv, &info->ivSz)
+                                                                         != 0) {
+                ret = ASN_INPUT_E;
+            }
+            else if ((ret = EVP_BytesToKey(info->name, "MD5", info->iv,
+                           (byte*)password, passwordSz, 1, key, iv)) <= 0) {
+                /* empty */
+            }
+            else if (XSTRNCMP(info->name, "DES-CBC", 7) == 0) {
+                ret = wc_Des_CbcDecryptWithKey(der.buffer, der.buffer, der.length,
+                                                                 key, info->iv);
+            }
+            else if (XSTRNCMP(info->name, "DES-EDE3-CBC", 13) == 0) {
+                ret = wc_Des3_CbcDecryptWithKey(der.buffer, der.buffer, der.length,
+                                                                 key, info->iv);
+            }
+            else if (XSTRNCMP(info->name, "AES-128-CBC", 13) == 0) {
+                ret = wc_AesCbcDecryptWithKey(der.buffer, der.buffer, der.length,
+                                               key, AES_128_KEY_SIZE, info->iv);
+            }
+            else if (XSTRNCMP(info->name, "AES-192-CBC", 13) == 0) {
+                ret = wc_AesCbcDecryptWithKey(der.buffer, der.buffer, der.length,
+                                               key, AES_192_KEY_SIZE, info->iv);
+            }
+            else if (XSTRNCMP(info->name, "AES-256-CBC", 13) == 0) {
+                ret = wc_AesCbcDecryptWithKey(der.buffer, der.buffer, der.length,
+                                               key, AES_256_KEY_SIZE, info->iv);
+            }
+            else {
+                ret = SSL_BAD_FILE;
+            }
+        }
+
+    #ifdef WOLFSSL_SMALL_STACK
+        XFREE(password, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        XFREE(key,      NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        XFREE(iv,       NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    #endif
+
+        if (ret != 0) {
+        #ifdef WOLFSSL_SMALL_STACK
+            XFREE(info, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        #endif
+            XFREE(der.buffer, heap, dynamicType);
+            return ret;
+        }
+    }
+#endif /* OPENSSL_EXTRA || HAVE_WEBSERVER */
+
+#ifdef WOLFSSL_SMALL_STACK
+    XFREE(info, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+
+    if (type == CA_TYPE) {
+        if (ctx == NULL) {
+            WOLFSSL_MSG("Need context for CA load");
+            XFREE(der.buffer, heap, dynamicType);
+            return BAD_FUNC_ARG;
+        }
+        return AddCA(ctx->cm, der, WOLFSSL_USER_CA, ctx->verifyPeer);
+                                                      /* takes der over */
+    }
+    else if (type == CERT_TYPE) {
+        if (ssl) {
+            if (ssl->buffers.weOwnCert && ssl->buffers.certificate.buffer)
+                XFREE(ssl->buffers.certificate.buffer, heap, dynamicType);
+            ssl->buffers.certificate = der;
+            ssl->buffers.weOwnCert = 1;
+        }
+        else if (ctx) {
+            if (ctx->certificate.buffer)
+                XFREE(ctx->certificate.buffer, heap, dynamicType);
+            ctx->certificate = der;     /* takes der over */
+        }
+    }
+    else if (type == PRIVATEKEY_TYPE) {
+        if (ssl) {
+            if (ssl->buffers.weOwnKey && ssl->buffers.key.buffer)
+                XFREE(ssl->buffers.key.buffer, heap, dynamicType);
+            ssl->buffers.key = der;
+            ssl->buffers.weOwnKey = 1;
+        }
+        else if (ctx) {
+            if (ctx->privateKey.buffer)
+                XFREE(ctx->privateKey.buffer, heap, dynamicType);
+            ctx->privateKey = der;      /* takes der over */
+        }
+    }
+    else {
+        XFREE(der.buffer, heap, dynamicType);
+        return SSL_BAD_CERTTYPE;
+    }
+
+    if (type == PRIVATEKEY_TYPE && format != SSL_FILETYPE_RAW) {
+    #ifndef NO_RSA
+        if (!eccKey) {
+            /* make sure RSA key can be used */
+            word32 idx = 0;
+        #ifdef WOLFSSL_SMALL_STACK
+            RsaKey* key = NULL;
+        #else
+            RsaKey  key[1];
+        #endif
+
+        #ifdef WOLFSSL_SMALL_STACK
+            key = (RsaKey*)XMALLOC(sizeof(RsaKey), NULL,
+                                                       DYNAMIC_TYPE_TMP_BUFFER);
+            if (key == NULL)
+                return MEMORY_E;
+        #endif
+
+            ret = wc_InitRsaKey(key, 0);
+            if (ret == 0) {
+                if (wc_RsaPrivateKeyDecode(der.buffer, &idx, key, der.length) !=
+                                                                            0) {
+                #ifdef HAVE_ECC
+                    /* could have DER ECC (or pkcs8 ecc), no easy way to tell */
+                    eccKey = 1;  /* so try it out */
+                #endif
+                    if (!eccKey)
+                        ret = SSL_BAD_FILE;
+                } else {
+                    rsaKey = 1;
+                    (void)rsaKey;  /* for no ecc builds */
+                }
+            }
+
+            wc_FreeRsaKey(key);
+
+        #ifdef WOLFSSL_SMALL_STACK
+            XFREE(key, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        #endif
+
+            if (ret != 0)
+                return ret;
+        }
+    #endif
+    #ifdef HAVE_ECC
+        if (!rsaKey) {
+            /* make sure ECC key can be used */
+            word32  idx = 0;
+            ecc_key key;
+
+            wc_ecc_init(&key);
+            if (wc_EccPrivateKeyDecode(der.buffer,&idx,&key,der.length) != 0) {
+                wc_ecc_free(&key);
+                return SSL_BAD_FILE;
+            }
+            wc_ecc_free(&key);
+            eccKey = 1;
+            if (ctx)
+                ctx->haveStaticECC = 1;
+            if (ssl)
+                ssl->options.haveStaticECC = 1;
+        }
+    #endif /* HAVE_ECC */
+    }
+    else if (type == CERT_TYPE) {
+    #ifdef WOLFSSL_SMALL_STACK
+        DecodedCert* cert = NULL;
+    #else
+        DecodedCert  cert[1];
+    #endif
+
+    #ifdef WOLFSSL_SMALL_STACK
+        cert = (DecodedCert*)XMALLOC(sizeof(DecodedCert), NULL,
+                                                       DYNAMIC_TYPE_TMP_BUFFER);
+        if (cert == NULL)
+            return MEMORY_E;
+    #endif
+
+        WOLFSSL_MSG("Checking cert signature type");
+        InitDecodedCert(cert, der.buffer, der.length, heap);
+
+        if (DecodeToKey(cert, 0) < 0) {
+            WOLFSSL_MSG("Decode to key failed");
+        #ifdef WOLFSSL_SMALL_STACK
+            XFREE(cert, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        #endif
+            return SSL_BAD_FILE;
+        }
+        switch (cert->signatureOID) {
+            case CTC_SHAwECDSA:
+            case CTC_SHA256wECDSA:
+            case CTC_SHA384wECDSA:
+            case CTC_SHA512wECDSA:
+                WOLFSSL_MSG("ECDSA cert signature");
+                if (ctx)
+                    ctx->haveECDSAsig = 1;
+                if (ssl)
+                    ssl->options.haveECDSAsig = 1;
+                break;
+            default:
+                WOLFSSL_MSG("Not ECDSA cert signature");
+                break;
+        }
+
+    #ifdef HAVE_ECC
+        if (ctx)
+            ctx->pkCurveOID = cert->pkCurveOID;
+        if (ssl)
+            ssl->pkCurveOID = cert->pkCurveOID;
+    #endif
+
+        FreeDecodedCert(cert);
+    #ifdef WOLFSSL_SMALL_STACK
+        XFREE(cert, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    #endif
+    }
+
+    return SSL_SUCCESS;
+}
+
+
+/* CA PEM file for verification, may have multiple/chain certs to process */
+static int ProcessChainBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff,
+                            long sz, int format, int type, WOLFSSL* ssl)
+{
+    long used   = 0;
+    int  ret    = 0;
+    int  gotOne = 0;
+
+    WOLFSSL_MSG("Processing CA PEM file");
+    while (used < sz) {
+        long consumed = 0;
+
+        ret = ProcessBuffer(ctx, buff + used, sz - used, format, type, ssl,
+                            &consumed, 0);
+
+        if (ret == SSL_NO_PEM_HEADER && gotOne) {
+            WOLFSSL_MSG("We got one good PEM file so stuff at end ok");
+            ret = SSL_SUCCESS;
+            break;
+        }
+
+        if (ret < 0)
+            break;
+
+        WOLFSSL_MSG("   Processed a CA");
+        gotOne = 1;
+        used += consumed;
+    }
+
+    return ret;
+}
+
+
+/* Verify the ceritficate, SSL_SUCCESS for ok, < 0 for error */
+int wolfSSL_CertManagerVerifyBuffer(WOLFSSL_CERT_MANAGER* cm, const byte* buff,
+                                   long sz, int format)
+{
+    int ret = 0;
+    buffer der;
+#ifdef WOLFSSL_SMALL_STACK
+    DecodedCert* cert = NULL;
+#else
+    DecodedCert  cert[1];
+#endif
+
+    WOLFSSL_ENTER("wolfSSL_CertManagerVerifyBuffer");
+
+#ifdef WOLFSSL_SMALL_STACK
+    cert = (DecodedCert*)XMALLOC(sizeof(DecodedCert), NULL,
+                                                       DYNAMIC_TYPE_TMP_BUFFER);
+    if (cert == NULL)
+        return MEMORY_E;
+#endif
+
+    der.buffer = NULL;
+    der.length = 0;
+
+    if (format == SSL_FILETYPE_PEM) {
+        int eccKey = 0; /* not used */
+    #ifdef WOLFSSL_SMALL_STACK
+        EncryptedInfo* info = NULL;
+    #else
+        EncryptedInfo  info[1];
+    #endif
+
+    #ifdef WOLFSSL_SMALL_STACK
+        info = (EncryptedInfo*)XMALLOC(sizeof(EncryptedInfo), NULL,
+                                                       DYNAMIC_TYPE_TMP_BUFFER);
+        if (info == NULL) {
+            XFREE(cert, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+            return MEMORY_E;
+        }
+    #endif
+
+        info->set      = 0;
+        info->ctx      = NULL;
+        info->consumed = 0;
+
+        ret = PemToDer(buff, sz, CERT_TYPE, &der, cm->heap, info, &eccKey);
+
+        if (ret == 0)
+            InitDecodedCert(cert, der.buffer, der.length, cm->heap);
+
+    #ifdef WOLFSSL_SMALL_STACK
+        XFREE(info, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    #endif
+    }
+    else
+        InitDecodedCert(cert, (byte*)buff, (word32)sz, cm->heap);
+
+    if (ret == 0)
+        ret = ParseCertRelative(cert, CERT_TYPE, 1, cm);
+
+#ifdef HAVE_CRL
+    if (ret == 0 && cm->crlEnabled)
+        ret = CheckCertCRL(cm->crl, cert);
+#endif
+
+    FreeDecodedCert(cert);
+
+    XFREE(der.buffer, cm->heap, DYNAMIC_TYPE_CERT);
+#ifdef WOLFSSL_SMALL_STACK
+    XFREE(cert, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+
+    return ret == 0 ? SSL_SUCCESS : ret;
+}
+
+
+/* turn on OCSP if off and compiled in, set options */
+int wolfSSL_CertManagerEnableOCSP(WOLFSSL_CERT_MANAGER* cm, int options)
+{
+    int ret = SSL_SUCCESS;
+
+    (void)options;
+
+    WOLFSSL_ENTER("wolfSSL_CertManagerEnableOCSP");
+    if (cm == NULL)
+        return BAD_FUNC_ARG;
+
+    #ifdef HAVE_OCSP
+        if (cm->ocsp == NULL) {
+            cm->ocsp = (WOLFSSL_OCSP*)XMALLOC(sizeof(WOLFSSL_OCSP), cm->heap,
+                                                             DYNAMIC_TYPE_OCSP);
+            if (cm->ocsp == NULL)
+                return MEMORY_E;
+
+            if (InitOCSP(cm->ocsp, cm) != 0) {
+                WOLFSSL_MSG("Init OCSP failed");
+                FreeOCSP(cm->ocsp, 1);
+                cm->ocsp = NULL;
+                return SSL_FAILURE;
+            }
+        }
+        cm->ocspEnabled = 1;
+        if (options & WOLFSSL_OCSP_URL_OVERRIDE)
+            cm->ocspUseOverrideURL = 1;
+        if (options & WOLFSSL_OCSP_NO_NONCE)
+            cm->ocspSendNonce = 0;
+        else
+            cm->ocspSendNonce = 1;
+        #ifndef WOLFSSL_USER_IO
+            cm->ocspIOCb = EmbedOcspLookup;
+            cm->ocspRespFreeCb = EmbedOcspRespFree;
+        #endif /* WOLFSSL_USER_IO */
+    #else
+        ret = NOT_COMPILED_IN;
+    #endif
+
+    return ret;
+}
+
+
+int wolfSSL_CertManagerDisableOCSP(WOLFSSL_CERT_MANAGER* cm)
+{
+    WOLFSSL_ENTER("wolfSSL_CertManagerDisableOCSP");
+    if (cm == NULL)
+        return BAD_FUNC_ARG;
+
+    cm->ocspEnabled = 0;
+
+    return SSL_SUCCESS;
+}
+
+
+#ifdef HAVE_OCSP
+
+
+/* check CRL if enabled, SSL_SUCCESS  */
+int wolfSSL_CertManagerCheckOCSP(WOLFSSL_CERT_MANAGER* cm, byte* der, int sz)
+{
+    int ret;
+#ifdef WOLFSSL_SMALL_STACK
+    DecodedCert* cert = NULL;
+#else
+    DecodedCert  cert[1];
+#endif
+
+    WOLFSSL_ENTER("wolfSSL_CertManagerCheckOCSP");
+
+    if (cm == NULL)
+        return BAD_FUNC_ARG;
+
+    if (cm->ocspEnabled == 0)
+        return SSL_SUCCESS;
+
+#ifdef WOLFSSL_SMALL_STACK
+    cert = (DecodedCert*)XMALLOC(sizeof(DecodedCert), NULL,
+                                                       DYNAMIC_TYPE_TMP_BUFFER);
+    if (cert == NULL)
+        return MEMORY_E;
+#endif
+
+    InitDecodedCert(cert, der, sz, NULL);
+
+    if ((ret = ParseCertRelative(cert, CERT_TYPE, NO_VERIFY, cm)) != 0) {
+        WOLFSSL_MSG("ParseCert failed");
+    }
+    else if ((ret = CheckCertOCSP(cm->ocsp, cert)) != 0) {
+        WOLFSSL_MSG("CheckCertOCSP failed");
+    }
+
+    FreeDecodedCert(cert);
+#ifdef WOLFSSL_SMALL_STACK
+    XFREE(cert, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+
+    return ret == 0 ? SSL_SUCCESS : ret;
+}
+
+
+int wolfSSL_CertManagerSetOCSPOverrideURL(WOLFSSL_CERT_MANAGER* cm,
+                                                                const char* url)
+{
+    WOLFSSL_ENTER("wolfSSL_CertManagerSetOCSPOverrideURL");
+    if (cm == NULL)
+        return BAD_FUNC_ARG;
+
+    XFREE(cm->ocspOverrideURL, cm->heap, 0);
+    if (url != NULL) {
+        int urlSz = (int)XSTRLEN(url) + 1;
+        cm->ocspOverrideURL = (char*)XMALLOC(urlSz, cm->heap, 0);
+        if (cm->ocspOverrideURL != NULL) {
+            XMEMCPY(cm->ocspOverrideURL, url, urlSz);
+        }
+        else
+            return MEMORY_E;
+    }
+    else
+        cm->ocspOverrideURL = NULL;
+
+    return SSL_SUCCESS;
+}
+
+
+int wolfSSL_CertManagerSetOCSP_Cb(WOLFSSL_CERT_MANAGER* cm,
+                        CbOCSPIO ioCb, CbOCSPRespFree respFreeCb, void* ioCbCtx)
+{
+    WOLFSSL_ENTER("wolfSSL_CertManagerSetOCSP_Cb");
+    if (cm == NULL)
+        return BAD_FUNC_ARG;
+
+    cm->ocspIOCb = ioCb;
+    cm->ocspRespFreeCb = respFreeCb;
+    cm->ocspIOCtx = ioCbCtx;
+
+    return SSL_SUCCESS;
+}
+
+
+int wolfSSL_EnableOCSP(WOLFSSL* ssl, int options)
+{
+    WOLFSSL_ENTER("wolfSSL_EnableOCSP");
+    if (ssl)
+        return wolfSSL_CertManagerEnableOCSP(ssl->ctx->cm, options);
+    else
+        return BAD_FUNC_ARG;
+}
+
+
+int wolfSSL_DisableOCSP(WOLFSSL* ssl)
+{
+    WOLFSSL_ENTER("wolfSSL_DisableOCSP");
+    if (ssl)
+        return wolfSSL_CertManagerDisableOCSP(ssl->ctx->cm);
+    else
+        return BAD_FUNC_ARG;
+}
+
+
+int wolfSSL_SetOCSP_OverrideURL(WOLFSSL* ssl, const char* url)
+{
+    WOLFSSL_ENTER("wolfSSL_SetOCSP_OverrideURL");
+    if (ssl)
+        return wolfSSL_CertManagerSetOCSPOverrideURL(ssl->ctx->cm, url);
+    else
+        return BAD_FUNC_ARG;
+}
+
+
+int wolfSSL_SetOCSP_Cb(WOLFSSL* ssl,
+                        CbOCSPIO ioCb, CbOCSPRespFree respFreeCb, void* ioCbCtx)
+{
+    WOLFSSL_ENTER("wolfSSL_SetOCSP_Cb");
+    if (ssl)
+        return wolfSSL_CertManagerSetOCSP_Cb(ssl->ctx->cm,
+                                                     ioCb, respFreeCb, ioCbCtx);
+    else
+        return BAD_FUNC_ARG;
+}
+
+
+int wolfSSL_CTX_EnableOCSP(WOLFSSL_CTX* ctx, int options)
+{
+    WOLFSSL_ENTER("wolfSSL_CTX_EnableOCSP");
+    if (ctx)
+        return wolfSSL_CertManagerEnableOCSP(ctx->cm, options);
+    else
+        return BAD_FUNC_ARG;
+}
+
+
+int wolfSSL_CTX_DisableOCSP(WOLFSSL_CTX* ctx)
+{
+    WOLFSSL_ENTER("wolfSSL_CTX_DisableOCSP");
+    if (ctx)
+        return wolfSSL_CertManagerDisableOCSP(ctx->cm);
+    else
+        return BAD_FUNC_ARG;
+}
+
+
+int wolfSSL_CTX_SetOCSP_OverrideURL(WOLFSSL_CTX* ctx, const char* url)
+{
+    WOLFSSL_ENTER("wolfSSL_SetOCSP_OverrideURL");
+    if (ctx)
+        return wolfSSL_CertManagerSetOCSPOverrideURL(ctx->cm, url);
+    else
+        return BAD_FUNC_ARG;
+}
+
+
+int wolfSSL_CTX_SetOCSP_Cb(WOLFSSL_CTX* ctx,
+                        CbOCSPIO ioCb, CbOCSPRespFree respFreeCb, void* ioCbCtx)
+{
+    WOLFSSL_ENTER("wolfSSL_CTX_SetOCSP_Cb");
+    if (ctx)
+        return wolfSSL_CertManagerSetOCSP_Cb(ctx->cm, ioCb, respFreeCb, ioCbCtx);
+    else
+        return BAD_FUNC_ARG;
+}
+
+
+#endif /* HAVE_OCSP */
+
+
+#ifndef NO_FILESYSTEM
+
+    #if defined(WOLFSSL_MDK_ARM)
+        extern FILE * wolfSSL_fopen(const char *name, const char *mode) ;
+        #define XFOPEN     wolfSSL_fopen
+    #else
+        #define XFOPEN     fopen
+    #endif
+
+/* process a file with name fname into ctx of format and type
+   userChain specifies a user certificate chain to pass during handshake */
+int ProcessFile(WOLFSSL_CTX* ctx, const char* fname, int format, int type,
+                WOLFSSL* ssl, int userChain, WOLFSSL_CRL* crl)
+{
+#ifdef WOLFSSL_SMALL_STACK
+    byte   staticBuffer[1]; /* force heap usage */
+#else
+    byte   staticBuffer[FILE_BUFFER_SIZE];
+#endif
+    byte*  myBuffer = staticBuffer;
+    int    dynamic = 0;
+    int    ret;
+    long   sz = 0;
+    XFILE  file;
+    void*  heapHint = ctx ? ctx->heap : NULL;
+
+    (void)crl;
+    (void)heapHint;
+
+    if (fname == NULL) return SSL_BAD_FILE;
+
+    file = XFOPEN(fname, "rb");
+    if (file == XBADFILE) return SSL_BAD_FILE;
+    XFSEEK(file, 0, XSEEK_END);
+    sz = XFTELL(file);
+    XREWIND(file);
+
+    if (sz > (long)sizeof(staticBuffer)) {
+        WOLFSSL_MSG("Getting dynamic buffer");
+        myBuffer = (byte*)XMALLOC(sz, heapHint, DYNAMIC_TYPE_FILE);
+        if (myBuffer == NULL) {
+            XFCLOSE(file);
+            return SSL_BAD_FILE;
+        }
+        dynamic = 1;
+    }
+    else if (sz < 0) {
+        XFCLOSE(file);
+        return SSL_BAD_FILE;
+    }
+
+    if ( (ret = (int)XFREAD(myBuffer, sz, 1, file)) < 0)
+        ret = SSL_BAD_FILE;
+    else {
+        if (type == CA_TYPE && format == SSL_FILETYPE_PEM)
+            ret = ProcessChainBuffer(ctx, myBuffer, sz, format, type, ssl);
+#ifdef HAVE_CRL
+        else if (type == CRL_TYPE)
+            ret = BufferLoadCRL(crl, myBuffer, sz, format);
+#endif
+        else
+            ret = ProcessBuffer(ctx, myBuffer, sz, format, type, ssl, NULL,
+                                userChain);
+    }
+
+    XFCLOSE(file);
+    if (dynamic)
+        XFREE(myBuffer, heapHint, DYNAMIC_TYPE_FILE);
+
+    return ret;
+}
+
+
+/* loads file then loads each file in path, no c_rehash */
+int wolfSSL_CTX_load_verify_locations(WOLFSSL_CTX* ctx, const char* file,
+                                     const char* path)
+{
+    int ret = SSL_SUCCESS;
+
+    WOLFSSL_ENTER("wolfSSL_CTX_load_verify_locations");
+    (void)path;
+
+    if (ctx == NULL || (file == NULL && path == NULL) )
+        return SSL_FAILURE;
+
+    if (file)
+        ret = ProcessFile(ctx, file, SSL_FILETYPE_PEM, CA_TYPE, NULL, 0, NULL);
+
+    if (ret == SSL_SUCCESS && path) {
+        /* try to load each regular file in path */
+    #ifdef USE_WINDOWS_API
+        WIN32_FIND_DATAA FindFileData;
+        HANDLE hFind;
+    #ifdef WOLFSSL_SMALL_STACK
+        char*  name = NULL;
+    #else
+        char   name[MAX_FILENAME_SZ];
+    #endif
+
+    #ifdef WOLFSSL_SMALL_STACK
+        name = (char*)XMALLOC(MAX_FILENAME_SZ, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        if (name == NULL)
+            return MEMORY_E;
+    #endif
+
+        XMEMSET(name, 0, MAX_FILENAME_SZ);
+        XSTRNCPY(name, path, MAX_FILENAME_SZ - 4);
+        XSTRNCAT(name, "\\*", 3);
+
+        hFind = FindFirstFileA(name, &FindFileData);
+        if (hFind == INVALID_HANDLE_VALUE) {
+            WOLFSSL_MSG("FindFirstFile for path verify locations failed");
+        #ifdef WOLFSSL_SMALL_STACK
+            XFREE(name, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        #endif
+            return BAD_PATH_ERROR;
+        }
+
+        do {
+            if (FindFileData.dwFileAttributes != FILE_ATTRIBUTE_DIRECTORY) {
+                XSTRNCPY(name, path, MAX_FILENAME_SZ/2 - 3);
+                XSTRNCAT(name, "\\", 2);
+                XSTRNCAT(name, FindFileData.cFileName, MAX_FILENAME_SZ/2);
+
+                ret = ProcessFile(ctx, name, SSL_FILETYPE_PEM, CA_TYPE, NULL,0,
+                                                                          NULL);
+            }
+        } while (ret == SSL_SUCCESS && FindNextFileA(hFind, &FindFileData));
+
+    #ifdef WOLFSSL_SMALL_STACK
+        XFREE(name, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    #endif
+
+        FindClose(hFind);
+    #elif !defined(NO_WOLFSSL_DIR)
+        struct dirent* entry;
+        DIR*   dir = opendir(path);
+    #ifdef WOLFSSL_SMALL_STACK
+        char*  name = NULL;
+    #else
+        char   name[MAX_FILENAME_SZ];
+    #endif
+
+        if (dir == NULL) {
+            WOLFSSL_MSG("opendir path verify locations failed");
+            return BAD_PATH_ERROR;
+        }
+
+    #ifdef WOLFSSL_SMALL_STACK
+        name = (char*)XMALLOC(MAX_FILENAME_SZ, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        if (name == NULL)
+            return MEMORY_E;
+    #endif
+
+        while ( ret == SSL_SUCCESS && (entry = readdir(dir)) != NULL) {
+            struct stat s;
+
+            XMEMSET(name, 0, MAX_FILENAME_SZ);
+            XSTRNCPY(name, path, MAX_FILENAME_SZ/2 - 2);
+            XSTRNCAT(name, "/", 1);
+            XSTRNCAT(name, entry->d_name, MAX_FILENAME_SZ/2);
+
+            if (stat(name, &s) != 0) {
+                WOLFSSL_MSG("stat on name failed");
+                ret = BAD_PATH_ERROR;
+            } else if (s.st_mode & S_IFREG)
+                ret = ProcessFile(ctx, name, SSL_FILETYPE_PEM, CA_TYPE, NULL,0,
+                                                                          NULL);
+        }
+
+    #ifdef WOLFSSL_SMALL_STACK
+        XFREE(name, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    #endif
+
+        closedir(dir);
+    #endif
+    }
+
+    return ret;
+}
+
+
+/* Verify the ceritficate, SSL_SUCCESS for ok, < 0 for error */
+int wolfSSL_CertManagerVerify(WOLFSSL_CERT_MANAGER* cm, const char* fname,
+                             int format)
+{
+    int    ret = SSL_FATAL_ERROR;
+#ifdef WOLFSSL_SMALL_STACK
+    byte   staticBuffer[1]; /* force heap usage */
+#else
+    byte   staticBuffer[FILE_BUFFER_SIZE];
+#endif
+    byte*  myBuffer = staticBuffer;
+    int    dynamic = 0;
+    long   sz = 0;
+    XFILE  file = XFOPEN(fname, "rb");
+
+    WOLFSSL_ENTER("wolfSSL_CertManagerVerify");
+
+    if (file == XBADFILE) return SSL_BAD_FILE;
+    XFSEEK(file, 0, XSEEK_END);
+    sz = XFTELL(file);
+    XREWIND(file);
+
+    if (sz > MAX_WOLFSSL_FILE_SIZE || sz < 0) {
+        WOLFSSL_MSG("CertManagerVerify file bad size");
+        XFCLOSE(file);
+        return SSL_BAD_FILE;
+    }
+
+    if (sz > (long)sizeof(staticBuffer)) {
+        WOLFSSL_MSG("Getting dynamic buffer");
+        myBuffer = (byte*) XMALLOC(sz, cm->heap, DYNAMIC_TYPE_FILE);
+        if (myBuffer == NULL) {
+            XFCLOSE(file);
+            return SSL_BAD_FILE;
+        }
+        dynamic = 1;
+    }
+
+    if ( (ret = (int)XFREAD(myBuffer, sz, 1, file)) < 0)
+        ret = SSL_BAD_FILE;
+    else
+        ret = wolfSSL_CertManagerVerifyBuffer(cm, myBuffer, sz, format);
+
+    XFCLOSE(file);
+    if (dynamic)
+        XFREE(myBuffer, cm->heap, DYNAMIC_TYPE_FILE);
+
+    return ret;
+}
+
+
+static INLINE WOLFSSL_METHOD* cm_pick_method(void)
+{
+    #ifndef NO_WOLFSSL_CLIENT
+        #ifdef NO_OLD_TLS
+            return wolfTLSv1_2_client_method();
+        #else
+            return wolfSSLv3_client_method();
+        #endif      
+    #elif !defined(NO_WOLFSSL_SERVER)
+        #ifdef NO_OLD_TLS
+            return wolfTLSv1_2_server_method();
+        #else
+            return wolfSSLv3_server_method();
+        #endif
+    #else
+        return NULL;
+    #endif
+}
+
+
+/* like load verify locations, 1 for success, < 0 for error */
+int wolfSSL_CertManagerLoadCA(WOLFSSL_CERT_MANAGER* cm, const char* file,
+                             const char* path)
+{
+    int ret = SSL_FATAL_ERROR;
+    WOLFSSL_CTX* tmp;
+
+    WOLFSSL_ENTER("wolfSSL_CertManagerLoadCA");
+
+    if (cm == NULL) {
+        WOLFSSL_MSG("No CertManager error");
+        return ret;
+    }
+    tmp = wolfSSL_CTX_new(cm_pick_method());
+
+    if (tmp == NULL) {
+        WOLFSSL_MSG("CTX new failed");
+        return ret;
+    }
+
+    /* for tmp use */
+    wolfSSL_CertManagerFree(tmp->cm);
+    tmp->cm = cm;
+
+    ret = wolfSSL_CTX_load_verify_locations(tmp, file, path);
+
+    /* don't loose our good one */
+    tmp->cm = NULL;
+    wolfSSL_CTX_free(tmp);
+
+    return ret;
+}
+
+
+
+/* turn on CRL if off and compiled in, set options */
+int wolfSSL_CertManagerEnableCRL(WOLFSSL_CERT_MANAGER* cm, int options)
+{
+    int ret = SSL_SUCCESS;
+
+    (void)options;
+
+    WOLFSSL_ENTER("wolfSSL_CertManagerEnableCRL");
+    if (cm == NULL)
+        return BAD_FUNC_ARG;
+
+    #ifdef HAVE_CRL
+        if (cm->crl == NULL) {
+            cm->crl = (WOLFSSL_CRL*)XMALLOC(sizeof(WOLFSSL_CRL), cm->heap,
+                                           DYNAMIC_TYPE_CRL);
+            if (cm->crl == NULL)
+                return MEMORY_E;
+
+            if (InitCRL(cm->crl, cm) != 0) {
+                WOLFSSL_MSG("Init CRL failed");
+                FreeCRL(cm->crl, 1);
+                cm->crl = NULL;
+                return SSL_FAILURE;
+            }
+        }
+        cm->crlEnabled = 1;
+        if (options & WOLFSSL_CRL_CHECKALL)
+            cm->crlCheckAll = 1;
+    #else
+        ret = NOT_COMPILED_IN;
+    #endif
+
+    return ret;
+}
+
+
+int wolfSSL_CertManagerDisableCRL(WOLFSSL_CERT_MANAGER* cm)
+{
+    WOLFSSL_ENTER("wolfSSL_CertManagerDisableCRL");
+    if (cm == NULL)
+        return BAD_FUNC_ARG;
+
+    cm->crlEnabled = 0;
+
+    return SSL_SUCCESS;
+}
+
+
+int wolfSSL_CTX_check_private_key(WOLFSSL_CTX* ctx)
+{
+    /* TODO: check private against public for RSA match */
+    (void)ctx;
+    WOLFSSL_ENTER("SSL_CTX_check_private_key");
+    return SSL_SUCCESS;
+}
+
+
+#ifdef HAVE_CRL
+
+
+/* check CRL if enabled, SSL_SUCCESS  */
+int wolfSSL_CertManagerCheckCRL(WOLFSSL_CERT_MANAGER* cm, byte* der, int sz)
+{
+    int ret = 0;
+#ifdef WOLFSSL_SMALL_STACK
+    DecodedCert* cert = NULL;
+#else
+    DecodedCert  cert[1];
+#endif
+
+    WOLFSSL_ENTER("wolfSSL_CertManagerCheckCRL");
+
+    if (cm == NULL)
+        return BAD_FUNC_ARG;
+
+    if (cm->crlEnabled == 0)
+        return SSL_SUCCESS;
+
+#ifdef WOLFSSL_SMALL_STACK
+    cert = (DecodedCert*)XMALLOC(sizeof(DecodedCert), NULL,
+                                                       DYNAMIC_TYPE_TMP_BUFFER);
+    if (cert == NULL)
+        return MEMORY_E;
+#endif
+
+    InitDecodedCert(cert, der, sz, NULL);
+
+    if ((ret = ParseCertRelative(cert, CERT_TYPE, NO_VERIFY, cm)) != 0) {
+        WOLFSSL_MSG("ParseCert failed");
+    }
+    else if ((ret = CheckCertCRL(cm->crl, cert)) != 0) {
+        WOLFSSL_MSG("CheckCertCRL failed");
+    }
+
+    FreeDecodedCert(cert);
+#ifdef WOLFSSL_SMALL_STACK
+    XFREE(cert, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+
+    return ret == 0 ? SSL_SUCCESS : ret;
+}
+
+
+int wolfSSL_CertManagerSetCRL_Cb(WOLFSSL_CERT_MANAGER* cm, CbMissingCRL cb)
+{
+    WOLFSSL_ENTER("wolfSSL_CertManagerSetCRL_Cb");
+    if (cm == NULL)
+        return BAD_FUNC_ARG;
+
+    cm->cbMissingCRL = cb;
+
+    return SSL_SUCCESS;
+}
+
+
+int wolfSSL_CertManagerLoadCRL(WOLFSSL_CERT_MANAGER* cm, const char* path,
+                              int type, int monitor)
+{
+    WOLFSSL_ENTER("wolfSSL_CertManagerLoadCRL");
+    if (cm == NULL)
+        return BAD_FUNC_ARG;
+
+    if (cm->crl == NULL) {
+        if (wolfSSL_CertManagerEnableCRL(cm, 0) != SSL_SUCCESS) {
+            WOLFSSL_MSG("Enable CRL failed");
+            return SSL_FATAL_ERROR;
+        }
+    }
+
+    return LoadCRL(cm->crl, path, type, monitor);
+}
+
+
+int wolfSSL_EnableCRL(WOLFSSL* ssl, int options)
+{
+    WOLFSSL_ENTER("wolfSSL_EnableCRL");
+    if (ssl)
+        return wolfSSL_CertManagerEnableCRL(ssl->ctx->cm, options);
+    else
+        return BAD_FUNC_ARG;
+}
+
+
+int wolfSSL_DisableCRL(WOLFSSL* ssl)
+{
+    WOLFSSL_ENTER("wolfSSL_DisableCRL");
+    if (ssl)
+        return wolfSSL_CertManagerDisableCRL(ssl->ctx->cm);
+    else
+        return BAD_FUNC_ARG;
+}
+
+
+int wolfSSL_LoadCRL(WOLFSSL* ssl, const char* path, int type, int monitor)
+{
+    WOLFSSL_ENTER("wolfSSL_LoadCRL");
+    if (ssl)
+        return wolfSSL_CertManagerLoadCRL(ssl->ctx->cm, path, type, monitor);
+    else
+        return BAD_FUNC_ARG;
+}
+
+
+int wolfSSL_SetCRL_Cb(WOLFSSL* ssl, CbMissingCRL cb)
+{
+    WOLFSSL_ENTER("wolfSSL_SetCRL_Cb");
+    if (ssl)
+        return wolfSSL_CertManagerSetCRL_Cb(ssl->ctx->cm, cb);
+    else
+        return BAD_FUNC_ARG;
+}
+
+
+int wolfSSL_CTX_EnableCRL(WOLFSSL_CTX* ctx, int options)
+{
+    WOLFSSL_ENTER("wolfSSL_CTX_EnableCRL");
+    if (ctx)
+        return wolfSSL_CertManagerEnableCRL(ctx->cm, options);
+    else
+        return BAD_FUNC_ARG;
+}
+
+
+int wolfSSL_CTX_DisableCRL(WOLFSSL_CTX* ctx)
+{
+    WOLFSSL_ENTER("wolfSSL_CTX_DisableCRL");
+    if (ctx)
+        return wolfSSL_CertManagerDisableCRL(ctx->cm);
+    else
+        return BAD_FUNC_ARG;
+}
+
+
+int wolfSSL_CTX_LoadCRL(WOLFSSL_CTX* ctx, const char* path, int type, int monitor)
+{
+    WOLFSSL_ENTER("wolfSSL_CTX_LoadCRL");
+    if (ctx)
+        return wolfSSL_CertManagerLoadCRL(ctx->cm, path, type, monitor);
+    else
+        return BAD_FUNC_ARG;
+}
+
+
+int wolfSSL_CTX_SetCRL_Cb(WOLFSSL_CTX* ctx, CbMissingCRL cb)
+{
+    WOLFSSL_ENTER("wolfSSL_CTX_SetCRL_Cb");
+    if (ctx)
+        return wolfSSL_CertManagerSetCRL_Cb(ctx->cm, cb);
+    else
+        return BAD_FUNC_ARG;
+}
+
+
+#endif /* HAVE_CRL */
+
+
+#ifdef WOLFSSL_DER_LOAD
+
+/* Add format parameter to allow DER load of CA files */
+int wolfSSL_CTX_der_load_verify_locations(WOLFSSL_CTX* ctx, const char* file,
+                                         int format)
+{
+    WOLFSSL_ENTER("wolfSSL_CTX_der_load_verify_locations");
+    if (ctx == NULL || file == NULL)
+        return SSL_FAILURE;
+
+    if (ProcessFile(ctx, file, format, CA_TYPE, NULL, 0, NULL) == SSL_SUCCESS)
+        return SSL_SUCCESS;
+
+    return SSL_FAILURE;
+}
+
+#endif /* WOLFSSL_DER_LOAD */
+
+
+#ifdef WOLFSSL_CERT_GEN
+
+/* load pem cert from file into der buffer, return der size or error */
+int wolfSSL_PemCertToDer(const char* fileName, unsigned char* derBuf, int derSz)
+{
+#ifdef WOLFSSL_SMALL_STACK
+    EncryptedInfo* info = NULL;
+    byte   staticBuffer[1]; /* force XMALLOC */
+#else
+    EncryptedInfo info[1];
+    byte   staticBuffer[FILE_BUFFER_SIZE];
+#endif
+    byte*  fileBuf = staticBuffer;
+    int    dynamic = 0;
+    int    ret     = 0;
+    int    ecc     = 0;
+    long   sz      = 0;
+    XFILE  file    = XFOPEN(fileName, "rb");
+    buffer converted;
+
+    WOLFSSL_ENTER("wolfSSL_PemCertToDer");
+
+    if (file == XBADFILE)
+        ret = SSL_BAD_FILE;
+    else {
+        XFSEEK(file, 0, XSEEK_END);
+        sz = XFTELL(file);
+        XREWIND(file);
+
+        if (sz < 0) {
+            ret = SSL_BAD_FILE;
+        }
+        else if (sz > (long)sizeof(staticBuffer)) {
+            fileBuf = (byte*)XMALLOC(sz, 0, DYNAMIC_TYPE_FILE);
+            if (fileBuf == NULL)
+                ret = MEMORY_E;
+            else
+                dynamic = 1;
+        }
+
+        converted.buffer = 0;
+
+        if (ret == 0) {
+            if ( (ret = (int)XFREAD(fileBuf, sz, 1, file)) < 0)
+                ret = SSL_BAD_FILE;
+            else {
+            #ifdef WOLFSSL_SMALL_STACK
+                info = (EncryptedInfo*)XMALLOC(sizeof(EncryptedInfo), NULL,
+                                                       DYNAMIC_TYPE_TMP_BUFFER);
+                if (info == NULL)
+                    ret = MEMORY_E;
+                else
+            #endif
+                {
+                    ret = PemToDer(fileBuf, sz, CA_TYPE, &converted, 0, info,
+                                                                          &ecc);
+                #ifdef WOLFSSL_SMALL_STACK
+                    XFREE(info, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+                #endif
+                }
+            }
+
+            if (ret == 0) {
+                if (converted.length < (word32)derSz) {
+                    XMEMCPY(derBuf, converted.buffer, converted.length);
+                    ret = converted.length;
+                }
+                else
+                    ret = BUFFER_E;
+            }
+
+            XFREE(converted.buffer, 0, DYNAMIC_TYPE_CA);
+        }
+
+        XFCLOSE(file);
+        if (dynamic)
+            XFREE(fileBuf, 0, DYNAMIC_TYPE_FILE);
+    }
+
+    return ret;
+}
+
+#endif /* WOLFSSL_CERT_GEN */
+
+
+int wolfSSL_CTX_use_certificate_file(WOLFSSL_CTX* ctx, const char* file,
+                                    int format)
+{
+    WOLFSSL_ENTER("wolfSSL_CTX_use_certificate_file");
+    if (ProcessFile(ctx, file, format, CERT_TYPE, NULL, 0, NULL) == SSL_SUCCESS)
+        return SSL_SUCCESS;
+
+    return SSL_FAILURE;
+}
+
+
+int wolfSSL_CTX_use_PrivateKey_file(WOLFSSL_CTX* ctx, const char* file,int format)
+{
+    WOLFSSL_ENTER("wolfSSL_CTX_use_PrivateKey_file");
+    if (ProcessFile(ctx, file, format, PRIVATEKEY_TYPE, NULL, 0, NULL)
+                    == SSL_SUCCESS)
+        return SSL_SUCCESS;
+
+    return SSL_FAILURE;
+}
+
+
+int wolfSSL_CTX_use_certificate_chain_file(WOLFSSL_CTX* ctx, const char* file)
+{
+   /* procces up to MAX_CHAIN_DEPTH plus subject cert */
+   WOLFSSL_ENTER("wolfSSL_CTX_use_certificate_chain_file");
+   if (ProcessFile(ctx, file, SSL_FILETYPE_PEM,CERT_TYPE,NULL,1, NULL)
+                   == SSL_SUCCESS)
+       return SSL_SUCCESS;
+
+   return SSL_FAILURE;
+}
+
+
+#ifndef NO_DH
+
+/* server wrapper for ctx or ssl Diffie-Hellman parameters */
+static int wolfSSL_SetTmpDH_buffer_wrapper(WOLFSSL_CTX* ctx, WOLFSSL* ssl,
+                                  const unsigned char* buf, long sz, int format)
+{
+    buffer der;
+    int    ret      = 0;
+    int    weOwnDer = 0;
+    word32 pSz = MAX_DH_SIZE;
+    word32 gSz = MAX_DH_SIZE;
+#ifdef WOLFSSL_SMALL_STACK
+    byte*  p = NULL;
+    byte*  g = NULL;
+#else
+    byte   p[MAX_DH_SIZE];
+    byte   g[MAX_DH_SIZE];
+#endif
+
+    der.buffer = (byte*)buf;
+    der.length = (word32)sz;
+
+#ifdef WOLFSSL_SMALL_STACK
+    p = (byte*)XMALLOC(pSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    g = (byte*)XMALLOC(gSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+
+    if (p == NULL || g == NULL) {
+        XFREE(p, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        XFREE(g, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        return MEMORY_E;
+    }
+#endif
+
+    if (format != SSL_FILETYPE_ASN1 && format != SSL_FILETYPE_PEM)
+        ret = SSL_BAD_FILETYPE;
+    else {
+        if (format == SSL_FILETYPE_PEM) {
+            der.buffer = NULL;
+            ret = PemToDer(buf, sz, DH_PARAM_TYPE, &der, ctx->heap, NULL,NULL);
+            weOwnDer = 1;
+        }
+        
+        if (ret == 0) {
+            if (wc_DhParamsLoad(der.buffer, der.length, p, &pSz, g, &gSz) < 0)
+                ret = SSL_BAD_FILETYPE;
+            else if (ssl)
+                ret = wolfSSL_SetTmpDH(ssl, p, pSz, g, gSz);
+            else
+                ret = wolfSSL_CTX_SetTmpDH(ctx, p, pSz, g, gSz);
+        }
+    }
+
+    if (weOwnDer)
+        XFREE(der.buffer, ctx->heap, DYNAMIC_TYPE_KEY);
+
+#ifdef WOLFSSL_SMALL_STACK
+    XFREE(p, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    XFREE(g, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+
+    return ret;
+}
+
+
+/* server Diffie-Hellman parameters, SSL_SUCCESS on ok */
+int wolfSSL_SetTmpDH_buffer(WOLFSSL* ssl, const unsigned char* buf, long sz,
+                           int format)
+{
+    return wolfSSL_SetTmpDH_buffer_wrapper(ssl->ctx, ssl, buf, sz, format);
+}
+
+
+/* server ctx Diffie-Hellman parameters, SSL_SUCCESS on ok */
+int wolfSSL_CTX_SetTmpDH_buffer(WOLFSSL_CTX* ctx, const unsigned char* buf,
+                               long sz, int format)
+{
+    return wolfSSL_SetTmpDH_buffer_wrapper(ctx, NULL, buf, sz, format);
+}
+
+
+/* server Diffie-Hellman parameters */
+static int wolfSSL_SetTmpDH_file_wrapper(WOLFSSL_CTX* ctx, WOLFSSL* ssl,
+                                        const char* fname, int format)
+{
+#ifdef WOLFSSL_SMALL_STACK
+    byte   staticBuffer[1]; /* force heap usage */
+#else
+    byte   staticBuffer[FILE_BUFFER_SIZE];
+#endif
+    byte*  myBuffer = staticBuffer;
+    int    dynamic = 0;
+    int    ret;
+    long   sz = 0;
+    XFILE  file = XFOPEN(fname, "rb");
+
+    if (file == XBADFILE) return SSL_BAD_FILE;
+    XFSEEK(file, 0, XSEEK_END);
+    sz = XFTELL(file);
+    XREWIND(file);
+
+    if (sz > (long)sizeof(staticBuffer)) {
+        WOLFSSL_MSG("Getting dynamic buffer");
+        myBuffer = (byte*) XMALLOC(sz, ctx->heap, DYNAMIC_TYPE_FILE);
+        if (myBuffer == NULL) {
+            XFCLOSE(file);
+            return SSL_BAD_FILE;
+        }
+        dynamic = 1;
+    }
+    else if (sz < 0) {
+        XFCLOSE(file);
+        return SSL_BAD_FILE;
+    }
+
+    if ( (ret = (int)XFREAD(myBuffer, sz, 1, file)) < 0)
+        ret = SSL_BAD_FILE;
+    else {
+        if (ssl)
+            ret = wolfSSL_SetTmpDH_buffer(ssl, myBuffer, sz, format);
+        else
+            ret = wolfSSL_CTX_SetTmpDH_buffer(ctx, myBuffer, sz, format);
+    }
+
+    XFCLOSE(file);
+    if (dynamic)
+        XFREE(myBuffer, ctx->heap, DYNAMIC_TYPE_FILE);
+
+    return ret;
+}
+
+/* server Diffie-Hellman parameters */
+int wolfSSL_SetTmpDH_file(WOLFSSL* ssl, const char* fname, int format)
+{
+    return wolfSSL_SetTmpDH_file_wrapper(ssl->ctx, ssl, fname, format);
+}
+
+
+/* server Diffie-Hellman parameters */
+int wolfSSL_CTX_SetTmpDH_file(WOLFSSL_CTX* ctx, const char* fname, int format)
+{
+    return wolfSSL_SetTmpDH_file_wrapper(ctx, NULL, fname, format);
+}
+
+
+    /* server ctx Diffie-Hellman parameters, SSL_SUCCESS on ok */
+    int wolfSSL_CTX_SetTmpDH(WOLFSSL_CTX* ctx, const unsigned char* p, int pSz,
+                            const unsigned char* g, int gSz)
+    {
+        WOLFSSL_ENTER("wolfSSL_CTX_SetTmpDH");
+        if (ctx == NULL || p == NULL || g == NULL) return BAD_FUNC_ARG;
+
+        XFREE(ctx->serverDH_P.buffer, ctx->heap, DYNAMIC_TYPE_DH);
+        XFREE(ctx->serverDH_G.buffer, ctx->heap, DYNAMIC_TYPE_DH);
+
+        ctx->serverDH_P.buffer = (byte*)XMALLOC(pSz, ctx->heap,DYNAMIC_TYPE_DH);
+        if (ctx->serverDH_P.buffer == NULL)
+            return MEMORY_E;
+
+        ctx->serverDH_G.buffer = (byte*)XMALLOC(gSz, ctx->heap,DYNAMIC_TYPE_DH);
+        if (ctx->serverDH_G.buffer == NULL) {
+            XFREE(ctx->serverDH_P.buffer, ctx->heap, DYNAMIC_TYPE_DH);
+            return MEMORY_E;
+        }
+
+        ctx->serverDH_P.length = pSz;
+        ctx->serverDH_G.length = gSz;
+
+        XMEMCPY(ctx->serverDH_P.buffer, p, pSz);
+        XMEMCPY(ctx->serverDH_G.buffer, g, gSz);
+
+        ctx->haveDH = 1;
+
+        WOLFSSL_LEAVE("wolfSSL_CTX_SetTmpDH", 0);
+        return SSL_SUCCESS;
+    }
+#endif /* NO_DH */
+
+
+#ifdef OPENSSL_EXTRA
+/* put SSL type in extra for now, not very common */
+
+int wolfSSL_use_certificate_file(WOLFSSL* ssl, const char* file, int format)
+{
+    WOLFSSL_ENTER("wolfSSL_use_certificate_file");
+    if (ProcessFile(ssl->ctx, file, format, CERT_TYPE, ssl, 0, NULL)
+                    == SSL_SUCCESS)
+        return SSL_SUCCESS;
+
+    return SSL_FAILURE;
+}
+
+
+int wolfSSL_use_PrivateKey_file(WOLFSSL* ssl, const char* file, int format)
+{
+    WOLFSSL_ENTER("wolfSSL_use_PrivateKey_file");
+    if (ProcessFile(ssl->ctx, file, format, PRIVATEKEY_TYPE, ssl, 0, NULL)
+                                                                 == SSL_SUCCESS)
+        return SSL_SUCCESS;
+
+    return SSL_FAILURE;
+}
+
+
+int wolfSSL_use_certificate_chain_file(WOLFSSL* ssl, const char* file)
+{
+   /* procces up to MAX_CHAIN_DEPTH plus subject cert */
+   WOLFSSL_ENTER("wolfSSL_use_certificate_chain_file");
+   if (ProcessFile(ssl->ctx, file, SSL_FILETYPE_PEM, CERT_TYPE, ssl, 1, NULL)
+                                                                 == SSL_SUCCESS)
+       return SSL_SUCCESS;
+
+   return SSL_FAILURE;
+}
+
+
+
+#ifdef HAVE_ECC
+
+/* Set Temp CTX EC-DHE size in octets, should be 20 - 66 for 160 - 521 bit */
+int wolfSSL_CTX_SetTmpEC_DHE_Sz(WOLFSSL_CTX* ctx, word16 sz)
+{
+    if (ctx == NULL || sz < ECC_MINSIZE || sz > ECC_MAXSIZE)
+        return BAD_FUNC_ARG;
+
+    ctx->eccTempKeySz = sz;
+
+    return SSL_SUCCESS;
+}
+
+
+/* Set Temp SSL EC-DHE size in octets, should be 20 - 66 for 160 - 521 bit */
+int wolfSSL_SetTmpEC_DHE_Sz(WOLFSSL* ssl, word16 sz)
+{
+    if (ssl == NULL || sz < ECC_MINSIZE || sz > ECC_MAXSIZE)
+        return BAD_FUNC_ARG;
+
+    ssl->eccTempKeySz = sz;
+
+    return SSL_SUCCESS;
+}
+
+#endif /* HAVE_ECC */
+
+
+
+
+int wolfSSL_CTX_use_RSAPrivateKey_file(WOLFSSL_CTX* ctx,const char* file,
+                                   int format)
+{
+    WOLFSSL_ENTER("SSL_CTX_use_RSAPrivateKey_file");
+
+    return wolfSSL_CTX_use_PrivateKey_file(ctx, file, format);
+}
+
+
+int wolfSSL_use_RSAPrivateKey_file(WOLFSSL* ssl, const char* file, int format)
+{
+    WOLFSSL_ENTER("wolfSSL_use_RSAPrivateKey_file");
+
+    return wolfSSL_use_PrivateKey_file(ssl, file, format);
+}
+
+#endif /* OPENSSL_EXTRA */
+
+#ifdef HAVE_NTRU
+
+int wolfSSL_CTX_use_NTRUPrivateKey_file(WOLFSSL_CTX* ctx, const char* file)
+{
+    WOLFSSL_ENTER("wolfSSL_CTX_use_NTRUPrivateKey_file");
+    if (ctx == NULL)
+        return SSL_FAILURE;
+
+    if (ProcessFile(ctx, file, SSL_FILETYPE_RAW, PRIVATEKEY_TYPE, NULL, 0, NULL)
+                         == SSL_SUCCESS) {
+        ctx->haveNTRU = 1;
+        return SSL_SUCCESS;
+    }
+
+    return SSL_FAILURE;
+}
+
+#endif /* HAVE_NTRU */
+
+
+#endif /* NO_FILESYSTEM */
+
+
+void wolfSSL_CTX_set_verify(WOLFSSL_CTX* ctx, int mode, VerifyCallback vc)
+{
+    WOLFSSL_ENTER("wolfSSL_CTX_set_verify");
+    if (mode & SSL_VERIFY_PEER) {
+        ctx->verifyPeer = 1;
+        ctx->verifyNone = 0;  /* in case perviously set */
+    }
+
+    if (mode == SSL_VERIFY_NONE) {
+        ctx->verifyNone = 1;
+        ctx->verifyPeer = 0;  /* in case previously set */
+    }
+
+    if (mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT)
+        ctx->failNoCert = 1;
+
+    ctx->verifyCallback = vc;
+}
+
+
+void wolfSSL_set_verify(WOLFSSL* ssl, int mode, VerifyCallback vc)
+{
+    WOLFSSL_ENTER("wolfSSL_set_verify");
+    if (mode & SSL_VERIFY_PEER) {
+        ssl->options.verifyPeer = 1;
+        ssl->options.verifyNone = 0;  /* in case perviously set */
+    }
+
+    if (mode == SSL_VERIFY_NONE) {
+        ssl->options.verifyNone = 1;
+        ssl->options.verifyPeer = 0;  /* in case previously set */
+    }
+
+    if (mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT)
+        ssl->options.failNoCert = 1;
+
+    ssl->verifyCallback = vc;
+}
+
+
+/* store user ctx for verify callback */
+void wolfSSL_SetCertCbCtx(WOLFSSL* ssl, void* ctx)
+{
+    WOLFSSL_ENTER("wolfSSL_SetCertCbCtx");
+    if (ssl)
+        ssl->verifyCbCtx = ctx;
+}
+
+
+/* store context CA Cache addition callback */
+void wolfSSL_CTX_SetCACb(WOLFSSL_CTX* ctx, CallbackCACache cb)
+{
+    if (ctx && ctx->cm)
+        ctx->cm->caCacheCallback = cb;
+}
+
+
+#if defined(PERSIST_CERT_CACHE)
+
+#if !defined(NO_FILESYSTEM)
+
+/* Persist cert cache to file */
+int wolfSSL_CTX_save_cert_cache(WOLFSSL_CTX* ctx, const char* fname)
+{
+    WOLFSSL_ENTER("wolfSSL_CTX_save_cert_cache");
+
+    if (ctx == NULL || fname == NULL)
+        return BAD_FUNC_ARG;
+
+    return CM_SaveCertCache(ctx->cm, fname);
+}
+
+
+/* Persist cert cache from file */
+int wolfSSL_CTX_restore_cert_cache(WOLFSSL_CTX* ctx, const char* fname)
+{
+    WOLFSSL_ENTER("wolfSSL_CTX_restore_cert_cache");
+
+    if (ctx == NULL || fname == NULL)
+        return BAD_FUNC_ARG;
+
+    return CM_RestoreCertCache(ctx->cm, fname);
+}
+
+#endif /* NO_FILESYSTEM */
+
+/* Persist cert cache to memory */
+int wolfSSL_CTX_memsave_cert_cache(WOLFSSL_CTX* ctx, void* mem, int sz, int* used)
+{
+    WOLFSSL_ENTER("wolfSSL_CTX_memsave_cert_cache");
+
+    if (ctx == NULL || mem == NULL || used == NULL || sz <= 0)
+        return BAD_FUNC_ARG;
+
+    return CM_MemSaveCertCache(ctx->cm, mem, sz, used);
+}
+
+
+/* Restore cert cache from memory */
+int wolfSSL_CTX_memrestore_cert_cache(WOLFSSL_CTX* ctx, const void* mem, int sz)
+{
+    WOLFSSL_ENTER("wolfSSL_CTX_memrestore_cert_cache");
+
+    if (ctx == NULL || mem == NULL || sz <= 0)
+        return BAD_FUNC_ARG;
+
+    return CM_MemRestoreCertCache(ctx->cm, mem, sz);
+}
+
+
+/* get how big the the cert cache save buffer needs to be */
+int wolfSSL_CTX_get_cert_cache_memsize(WOLFSSL_CTX* ctx)
+{
+    WOLFSSL_ENTER("wolfSSL_CTX_get_cert_cache_memsize");
+
+    if (ctx == NULL)
+        return BAD_FUNC_ARG;
+
+    return CM_GetCertCacheMemSize(ctx->cm);
+}
+
+#endif /* PERSISTE_CERT_CACHE */
+#endif /* !NO_CERTS */
+
+
+#ifndef NO_SESSION_CACHE
+
+WOLFSSL_SESSION* wolfSSL_get_session(WOLFSSL* ssl)
+{
+    WOLFSSL_ENTER("SSL_get_session");
+    if (ssl)
+        return GetSession(ssl, 0);
+
+    return NULL;
+}
+
+
+int wolfSSL_set_session(WOLFSSL* ssl, WOLFSSL_SESSION* session)
+{
+    WOLFSSL_ENTER("SSL_set_session");
+    if (session)
+        return SetSession(ssl, session);
+
+    return SSL_FAILURE;
+}
+
+
+#ifndef NO_CLIENT_CACHE
+
+/* Associate client session with serverID, find existing or store for saving
+   if newSession flag on, don't reuse existing session
+   SSL_SUCCESS on ok */
+int wolfSSL_SetServerID(WOLFSSL* ssl, const byte* id, int len, int newSession)
+{
+    WOLFSSL_SESSION* session = NULL;
+
+    WOLFSSL_ENTER("wolfSSL_SetServerID");
+
+    if (ssl == NULL || id == NULL || len <= 0)
+        return BAD_FUNC_ARG;
+
+    if (newSession == 0) {
+        session = GetSessionClient(ssl, id, len);
+        if (session) {
+            if (SetSession(ssl, session) != SSL_SUCCESS) {
+                WOLFSSL_MSG("SetSession failed");
+                session = NULL;
+            }
+        }
+    }
+
+    if (session == NULL) {
+        WOLFSSL_MSG("Valid ServerID not cached already");
+
+        ssl->session.idLen = (word16)min(SERVER_ID_LEN, (word32)len);
+        XMEMCPY(ssl->session.serverID, id, ssl->session.idLen);
+    }
+
+    return SSL_SUCCESS;
+}
+
+#endif /* NO_CLIENT_CACHE */
+
+#if defined(PERSIST_SESSION_CACHE)
+
+/* for persistance, if changes to layout need to increment and modify
+   save_session_cache() and restore_session_cache and memory versions too */
+#define WOLFSSL_CACHE_VERSION 2
+
+/* Session Cache Header information */
+typedef struct {
+    int version;     /* cache layout version id */
+    int rows;        /* session rows */
+    int columns;     /* session columns */
+    int sessionSz;   /* sizeof WOLFSSL_SESSION */
+} cache_header_t;
+
+/* current persistence layout is:
+
+   1) cache_header_t
+   2) SessionCache
+   3) ClientCache
+
+   update WOLFSSL_CACHE_VERSION if change layout for the following
+   PERSISTENT_SESSION_CACHE functions
+*/
+
+
+/* get how big the the session cache save buffer needs to be */
+int wolfSSL_get_session_cache_memsize(void)
+{
+    int sz  = (int)(sizeof(SessionCache) + sizeof(cache_header_t));
+
+    #ifndef NO_CLIENT_CACHE
+        sz += (int)(sizeof(ClientCache));
+    #endif
+
+    return sz;
+}
+
+
+/* Persist session cache to memory */
+int wolfSSL_memsave_session_cache(void* mem, int sz)
+{
+    int i;
+    cache_header_t cache_header;
+    SessionRow*    row  = (SessionRow*)((byte*)mem + sizeof(cache_header));
+#ifndef NO_CLIENT_CACHE
+    ClientRow*     clRow;
+#endif
+
+    WOLFSSL_ENTER("wolfSSL_memsave_session_cache");
+
+    if (sz < wolfSSL_get_session_cache_memsize()) {
+        WOLFSSL_MSG("Memory buffer too small");
+        return BUFFER_E;
+    }
+
+    cache_header.version   = WOLFSSL_CACHE_VERSION;
+    cache_header.rows      = SESSION_ROWS;
+    cache_header.columns   = SESSIONS_PER_ROW;
+    cache_header.sessionSz = (int)sizeof(WOLFSSL_SESSION);
+    XMEMCPY(mem, &cache_header, sizeof(cache_header));
+
+    if (LockMutex(&session_mutex) != 0) {
+        WOLFSSL_MSG("Session cache mutex lock failed");
+        return BAD_MUTEX_E;
+    }
+
+    for (i = 0; i < cache_header.rows; ++i)
+        XMEMCPY(row++, SessionCache + i, sizeof(SessionRow));
+
+#ifndef NO_CLIENT_CACHE
+    clRow = (ClientRow*)row;
+    for (i = 0; i < cache_header.rows; ++i)
+        XMEMCPY(clRow++, ClientCache + i, sizeof(ClientRow));
+#endif
+
+    UnLockMutex(&session_mutex);
+
+    WOLFSSL_LEAVE("wolfSSL_memsave_session_cache", SSL_SUCCESS);
+
+    return SSL_SUCCESS;
+}
+
+
+/* Restore the persistant session cache from memory */
+int wolfSSL_memrestore_session_cache(const void* mem, int sz)
+{
+    int    i;
+    cache_header_t cache_header;
+    SessionRow*    row  = (SessionRow*)((byte*)mem + sizeof(cache_header));
+#ifndef NO_CLIENT_CACHE
+    ClientRow*     clRow;
+#endif
+
+    WOLFSSL_ENTER("wolfSSL_memrestore_session_cache");
+
+    if (sz < wolfSSL_get_session_cache_memsize()) {
+        WOLFSSL_MSG("Memory buffer too small");
+        return BUFFER_E;
+    }
+
+    XMEMCPY(&cache_header, mem, sizeof(cache_header));
+    if (cache_header.version   != WOLFSSL_CACHE_VERSION ||
+        cache_header.rows      != SESSION_ROWS ||
+        cache_header.columns   != SESSIONS_PER_ROW ||
+        cache_header.sessionSz != (int)sizeof(WOLFSSL_SESSION)) {
+
+        WOLFSSL_MSG("Session cache header match failed");
+        return CACHE_MATCH_ERROR;
+    }
+
+    if (LockMutex(&session_mutex) != 0) {
+        WOLFSSL_MSG("Session cache mutex lock failed");
+        return BAD_MUTEX_E;
+    }
+
+    for (i = 0; i < cache_header.rows; ++i)
+        XMEMCPY(SessionCache + i, row++, sizeof(SessionRow));
+
+#ifndef NO_CLIENT_CACHE
+    clRow = (ClientRow*)row;
+    for (i = 0; i < cache_header.rows; ++i)
+        XMEMCPY(ClientCache + i, clRow++, sizeof(ClientRow));
+#endif
+
+    UnLockMutex(&session_mutex);
+
+    WOLFSSL_LEAVE("wolfSSL_memrestore_session_cache", SSL_SUCCESS);
+
+    return SSL_SUCCESS;
+}
+
+#if !defined(NO_FILESYSTEM)
+
+/* Persist session cache to file */
+/* doesn't use memsave because of additional memory use */
+int wolfSSL_save_session_cache(const char *fname)
+{
+    XFILE  file;
+    int    ret;
+    int    rc = SSL_SUCCESS;
+    int    i;
+    cache_header_t cache_header;
+
+    WOLFSSL_ENTER("wolfSSL_save_session_cache");
+
+    file = XFOPEN(fname, "w+b");
+    if (file == XBADFILE) {
+        WOLFSSL_MSG("Couldn't open session cache save file");
+        return SSL_BAD_FILE;
+    }
+    cache_header.version   = WOLFSSL_CACHE_VERSION;
+    cache_header.rows      = SESSION_ROWS;
+    cache_header.columns   = SESSIONS_PER_ROW;
+    cache_header.sessionSz = (int)sizeof(WOLFSSL_SESSION);
+
+    /* cache header */
+    ret = (int)XFWRITE(&cache_header, sizeof cache_header, 1, file);
+    if (ret != 1) {
+        WOLFSSL_MSG("Session cache header file write failed");
+        XFCLOSE(file);
+        return FWRITE_ERROR;
+    }
+
+    if (LockMutex(&session_mutex) != 0) {
+        WOLFSSL_MSG("Session cache mutex lock failed");
+        XFCLOSE(file);
+        return BAD_MUTEX_E;
+    }
+
+    /* session cache */
+    for (i = 0; i < cache_header.rows; ++i) {
+        ret = (int)XFWRITE(SessionCache + i, sizeof(SessionRow), 1, file);
+        if (ret != 1) {
+            WOLFSSL_MSG("Session cache member file write failed");
+            rc = FWRITE_ERROR;
+            break;
+        }
+    }
+
+#ifndef NO_CLIENT_CACHE
+    /* client cache */
+    for (i = 0; i < cache_header.rows; ++i) {
+        ret = (int)XFWRITE(ClientCache + i, sizeof(ClientRow), 1, file);
+        if (ret != 1) {
+            WOLFSSL_MSG("Client cache member file write failed");
+            rc = FWRITE_ERROR;
+            break;
+        }
+    }
+#endif /* NO_CLIENT_CACHE */
+
+    UnLockMutex(&session_mutex);
+
+    XFCLOSE(file);
+    WOLFSSL_LEAVE("wolfSSL_save_session_cache", rc);
+
+    return rc;
+}
+
+
+/* Restore the persistant session cache from file */
+/* doesn't use memstore because of additional memory use */
+int wolfSSL_restore_session_cache(const char *fname)
+{
+    XFILE  file;
+    int    rc = SSL_SUCCESS;
+    int    ret;
+    int    i;
+    cache_header_t cache_header;
+
+    WOLFSSL_ENTER("wolfSSL_restore_session_cache");
+
+    file = XFOPEN(fname, "rb");
+    if (file == XBADFILE) {
+        WOLFSSL_MSG("Couldn't open session cache save file");
+        return SSL_BAD_FILE;
+    }
+    /* cache header */
+    ret = (int)XFREAD(&cache_header, sizeof cache_header, 1, file);
+    if (ret != 1) {
+        WOLFSSL_MSG("Session cache header file read failed");
+        XFCLOSE(file);
+        return FREAD_ERROR;
+    }
+    if (cache_header.version   != WOLFSSL_CACHE_VERSION ||
+        cache_header.rows      != SESSION_ROWS ||
+        cache_header.columns   != SESSIONS_PER_ROW ||
+        cache_header.sessionSz != (int)sizeof(WOLFSSL_SESSION)) {
+
+        WOLFSSL_MSG("Session cache header match failed");
+        XFCLOSE(file);
+        return CACHE_MATCH_ERROR;
+    }
+
+    if (LockMutex(&session_mutex) != 0) {
+        WOLFSSL_MSG("Session cache mutex lock failed");
+        XFCLOSE(file);
+        return BAD_MUTEX_E;
+    }
+
+    /* session cache */
+    for (i = 0; i < cache_header.rows; ++i) {
+        ret = (int)XFREAD(SessionCache + i, sizeof(SessionRow), 1, file);
+        if (ret != 1) {
+            WOLFSSL_MSG("Session cache member file read failed");
+            XMEMSET(SessionCache, 0, sizeof SessionCache);
+            rc = FREAD_ERROR;
+            break;
+        }
+    }
+
+#ifndef NO_CLIENT_CACHE
+    /* client cache */
+    for (i = 0; i < cache_header.rows; ++i) {
+        ret = (int)XFREAD(ClientCache + i, sizeof(ClientRow), 1, file);
+        if (ret != 1) {
+            WOLFSSL_MSG("Client cache member file read failed");
+            XMEMSET(ClientCache, 0, sizeof ClientCache);
+            rc = FREAD_ERROR;
+            break;
+        }
+    }
+
+#endif /* NO_CLIENT_CACHE */
+
+    UnLockMutex(&session_mutex);
+
+    XFCLOSE(file);
+    WOLFSSL_LEAVE("wolfSSL_restore_session_cache", rc);
+
+    return rc;
+}
+
+#endif /* !NO_FILESYSTEM */
+#endif /* PERSIST_SESSION_CACHE */
+#endif /* NO_SESSION_CACHE */
+
+
+void wolfSSL_load_error_strings(void)   /* compatibility only */
+{}
+
+
+int wolfSSL_library_init(void)
+{
+    WOLFSSL_ENTER("SSL_library_init");
+    if (wolfSSL_Init() == SSL_SUCCESS)
+        return SSL_SUCCESS;
+    else
+        return SSL_FATAL_ERROR;
+}
+
+
+#ifdef HAVE_SECRET_CALLBACK
+
+int wolfSSL_set_session_secret_cb(WOLFSSL* ssl, SessionSecretCb cb, void* ctx)
+{
+    WOLFSSL_ENTER("wolfSSL_set_session_secret_cb");
+    if (ssl == NULL)
+        return SSL_FATAL_ERROR;
+
+    ssl->sessionSecretCb = cb;
+    ssl->sessionSecretCtx = ctx;
+    /* If using a pre-set key, assume session resumption. */
+    ssl->session.sessionIDSz = 0;
+    ssl->options.resuming = 1;
+
+    return SSL_SUCCESS;
+}
+
+#endif
+
+
+#ifndef NO_SESSION_CACHE
+
+/* on by default if built in but allow user to turn off */
+long wolfSSL_CTX_set_session_cache_mode(WOLFSSL_CTX* ctx, long mode)
+{
+    WOLFSSL_ENTER("SSL_CTX_set_session_cache_mode");
+    if (mode == SSL_SESS_CACHE_OFF)
+        ctx->sessionCacheOff = 1;
+
+    if (mode == SSL_SESS_CACHE_NO_AUTO_CLEAR)
+        ctx->sessionCacheFlushOff = 1;
+
+    return SSL_SUCCESS;
+}
+
+#endif /* NO_SESSION_CACHE */
+
+
+#if !defined(NO_CERTS)
+#if defined(PERSIST_CERT_CACHE)
+
+
+#define WOLFSSL_CACHE_CERT_VERSION 1
+
+typedef struct {
+    int version;                 /* cache cert layout version id */
+    int rows;                    /* hash table rows, CA_TABLE_SIZE */
+    int columns[CA_TABLE_SIZE];  /* columns per row on list */
+    int signerSz;                /* sizeof Signer object */
+} CertCacheHeader;
+
+/* current cert persistance layout is:
+
+   1) CertCacheHeader
+   2) caTable
+
+   update WOLFSSL_CERT_CACHE_VERSION if change layout for the following
+   PERSIST_CERT_CACHE functions
+*/
+
+
+/* Return memory needed to persist this signer, have lock */
+static INLINE int GetSignerMemory(Signer* signer)
+{
+    int sz = sizeof(signer->pubKeySize) + sizeof(signer->keyOID)
+           + sizeof(signer->nameLen)    + sizeof(signer->subjectNameHash);
+
+#if !defined(NO_SKID)
+        sz += (int)sizeof(signer->subjectKeyIdHash);
+#endif
+
+    /* add dynamic bytes needed */
+    sz += signer->pubKeySize;
+    sz += signer->nameLen;
+
+    return sz;
+}
+
+
+/* Return memory needed to persist this row, have lock */
+static INLINE int GetCertCacheRowMemory(Signer* row)
+{
+    int sz = 0;
+
+    while (row) {
+        sz += GetSignerMemory(row);
+        row = row->next;
+    }
+
+    return sz;
+}
+
+
+/* get the size of persist cert cache, have lock */
+static INLINE int GetCertCacheMemSize(WOLFSSL_CERT_MANAGER* cm)
+{
+    int sz;
+    int i;
+
+    sz = sizeof(CertCacheHeader);
+
+    for (i = 0; i < CA_TABLE_SIZE; i++)
+        sz += GetCertCacheRowMemory(cm->caTable[i]);
+
+    return sz;
+}
+
+
+/* Store cert cache header columns with number of items per list, have lock */
+static INLINE void SetCertHeaderColumns(WOLFSSL_CERT_MANAGER* cm, int* columns)
+{
+    int     i;
+    Signer* row;
+
+    for (i = 0; i < CA_TABLE_SIZE; i++) {
+        int count = 0;
+        row = cm->caTable[i];
+
+        while (row) {
+            ++count;
+            row = row->next;
+        }
+        columns[i] = count;
+    }
+}
+
+
+/* Restore whole cert row from memory, have lock, return bytes consumed,
+   < 0 on error, have lock */
+static INLINE int RestoreCertRow(WOLFSSL_CERT_MANAGER* cm, byte* current,
+                                 int row, int listSz, const byte* end)
+{
+    int idx = 0;
+
+    if (listSz < 0) {
+        WOLFSSL_MSG("Row header corrupted, negative value");
+        return PARSE_ERROR;
+    }
+
+    while (listSz) {
+        Signer* signer;
+        byte*   start = current + idx;  /* for end checks on this signer */
+        int     minSz = sizeof(signer->pubKeySize) + sizeof(signer->keyOID) +
+                      sizeof(signer->nameLen) + sizeof(signer->subjectNameHash);
+        #ifndef NO_SKID
+                minSz += (int)sizeof(signer->subjectKeyIdHash);
+        #endif
+
+        if (start + minSz > end) {
+            WOLFSSL_MSG("Would overread restore buffer");
+            return BUFFER_E;
+        }
+        signer = MakeSigner(cm->heap);
+        if (signer == NULL)
+            return MEMORY_E;
+
+        /* pubKeySize */
+        XMEMCPY(&signer->pubKeySize, current + idx, sizeof(signer->pubKeySize));
+        idx += (int)sizeof(signer->pubKeySize);
+
+        /* keyOID */
+        XMEMCPY(&signer->keyOID, current + idx, sizeof(signer->keyOID));
+        idx += (int)sizeof(signer->keyOID);
+
+        /* pulicKey */
+        if (start + minSz + signer->pubKeySize > end) {
+            WOLFSSL_MSG("Would overread restore buffer");
+            FreeSigner(signer, cm->heap);
+            return BUFFER_E;
+        }
+        signer->publicKey = (byte*)XMALLOC(signer->pubKeySize, cm->heap,
+                                           DYNAMIC_TYPE_KEY);
+        if (signer->publicKey == NULL) {
+            FreeSigner(signer, cm->heap);
+            return MEMORY_E;
+        }
+
+        XMEMCPY(signer->publicKey, current + idx, signer->pubKeySize);
+        idx += signer->pubKeySize;
+
+        /* nameLen */
+        XMEMCPY(&signer->nameLen, current + idx, sizeof(signer->nameLen));
+        idx += (int)sizeof(signer->nameLen);
+
+        /* name */
+        if (start + minSz + signer->pubKeySize + signer->nameLen > end) {
+            WOLFSSL_MSG("Would overread restore buffer");
+            FreeSigner(signer, cm->heap);
+            return BUFFER_E;
+        }
+        signer->name = (char*)XMALLOC(signer->nameLen, cm->heap,
+                                      DYNAMIC_TYPE_SUBJECT_CN);
+        if (signer->name == NULL) {
+            FreeSigner(signer, cm->heap);
+            return MEMORY_E;
+        }
+
+        XMEMCPY(signer->name, current + idx, signer->nameLen);
+        idx += signer->nameLen;
+
+        /* subjectNameHash */
+        XMEMCPY(signer->subjectNameHash, current + idx, SIGNER_DIGEST_SIZE);
+        idx += SIGNER_DIGEST_SIZE;
+
+        #ifndef NO_SKID
+            /* subjectKeyIdHash */
+            XMEMCPY(signer->subjectKeyIdHash, current + idx,SIGNER_DIGEST_SIZE);
+            idx += SIGNER_DIGEST_SIZE;
+        #endif
+
+        signer->next = cm->caTable[row];
+        cm->caTable[row] = signer;
+
+        --listSz;
+    }
+
+    return idx;
+}
+
+
+/* Store whole cert row into memory, have lock, return bytes added */
+static INLINE int StoreCertRow(WOLFSSL_CERT_MANAGER* cm, byte* current, int row)
+{
+    int     added  = 0;
+    Signer* list   = cm->caTable[row];
+
+    while (list) {
+        XMEMCPY(current + added, &list->pubKeySize, sizeof(list->pubKeySize));
+        added += (int)sizeof(list->pubKeySize);
+
+        XMEMCPY(current + added, &list->keyOID,     sizeof(list->keyOID));
+        added += (int)sizeof(list->keyOID);
+
+        XMEMCPY(current + added, list->publicKey, list->pubKeySize);
+        added += list->pubKeySize;
+
+        XMEMCPY(current + added, &list->nameLen, sizeof(list->nameLen));
+        added += (int)sizeof(list->nameLen);
+
+        XMEMCPY(current + added, list->name, list->nameLen);
+        added += list->nameLen;
+
+        XMEMCPY(current + added, list->subjectNameHash, SIGNER_DIGEST_SIZE);
+        added += SIGNER_DIGEST_SIZE;
+
+        #ifndef NO_SKID
+            XMEMCPY(current + added, list->subjectKeyIdHash,SIGNER_DIGEST_SIZE);
+            added += SIGNER_DIGEST_SIZE;
+        #endif
+
+        list = list->next;
+    }
+
+    return added;
+}
+
+
+/* Persist cert cache to memory, have lock */
+static INLINE int DoMemSaveCertCache(WOLFSSL_CERT_MANAGER* cm, void* mem, int sz)
+{
+    int realSz;
+    int ret = SSL_SUCCESS;
+    int i;
+
+    WOLFSSL_ENTER("DoMemSaveCertCache");
+
+    realSz = GetCertCacheMemSize(cm);
+    if (realSz > sz) {
+        WOLFSSL_MSG("Mem output buffer too small");
+        ret = BUFFER_E;
+    }
+    else {
+        byte*           current;
+        CertCacheHeader hdr;
+
+        hdr.version  = WOLFSSL_CACHE_CERT_VERSION;
+        hdr.rows     = CA_TABLE_SIZE;
+        SetCertHeaderColumns(cm, hdr.columns);
+        hdr.signerSz = (int)sizeof(Signer);
+
+        XMEMCPY(mem, &hdr, sizeof(CertCacheHeader));
+        current = (byte*)mem + sizeof(CertCacheHeader);
+
+        for (i = 0; i < CA_TABLE_SIZE; ++i)
+            current += StoreCertRow(cm, current, i);
+    }
+
+    return ret;
+}
+
+
+#if !defined(NO_FILESYSTEM)
+
+/* Persist cert cache to file */
+int CM_SaveCertCache(WOLFSSL_CERT_MANAGER* cm, const char* fname)
+{
+    XFILE file;
+    int   rc = SSL_SUCCESS;
+    int   memSz;
+    byte* mem;
+
+    WOLFSSL_ENTER("CM_SaveCertCache");
+
+    file = XFOPEN(fname, "w+b");
+    if (file == XBADFILE) {
+       WOLFSSL_MSG("Couldn't open cert cache save file");
+       return SSL_BAD_FILE;
+    }
+
+    if (LockMutex(&cm->caLock) != 0) {
+        WOLFSSL_MSG("LockMutex on caLock failed");
+        XFCLOSE(file);
+        return BAD_MUTEX_E;
+    }
+
+    memSz = GetCertCacheMemSize(cm);
+    mem   = (byte*)XMALLOC(memSz, cm->heap, DYNAMIC_TYPE_TMP_BUFFER);
+    if (mem == NULL) {
+        WOLFSSL_MSG("Alloc for tmp buffer failed");
+        rc = MEMORY_E;
+    } else {
+        rc = DoMemSaveCertCache(cm, mem, memSz);
+        if (rc == SSL_SUCCESS) {
+            int ret = (int)XFWRITE(mem, memSz, 1, file);
+            if (ret != 1) {
+                WOLFSSL_MSG("Cert cache file write failed");
+                rc = FWRITE_ERROR;
+            }
+        }
+        XFREE(mem, cm->heap, DYNAMIC_TYPE_TMP_BUFFER);
+    }
+
+    UnLockMutex(&cm->caLock);
+    XFCLOSE(file);
+
+    return rc;
+}
+
+
+/* Restore cert cache from file */
+int CM_RestoreCertCache(WOLFSSL_CERT_MANAGER* cm, const char* fname)
+{
+    XFILE file;
+    int   rc = SSL_SUCCESS;
+    int   ret;
+    int   memSz;
+    byte* mem;
+
+    WOLFSSL_ENTER("CM_RestoreCertCache");
+
+    file = XFOPEN(fname, "rb");
+    if (file == XBADFILE) {
+       WOLFSSL_MSG("Couldn't open cert cache save file");
+       return SSL_BAD_FILE;
+    }
+
+    XFSEEK(file, 0, XSEEK_END);
+    memSz = (int)XFTELL(file);
+    XREWIND(file);
+
+    if (memSz <= 0) {
+        WOLFSSL_MSG("Bad file size");
+        XFCLOSE(file);
+        return SSL_BAD_FILE;
+    }
+
+    mem = (byte*)XMALLOC(memSz, cm->heap, DYNAMIC_TYPE_TMP_BUFFER);
+    if (mem == NULL) {
+        WOLFSSL_MSG("Alloc for tmp buffer failed");
+        XFCLOSE(file);
+        return MEMORY_E;
+    }
+
+    ret = (int)XFREAD(mem, memSz, 1, file);
+    if (ret != 1) {
+        WOLFSSL_MSG("Cert file read error");
+        rc = FREAD_ERROR;
+    } else {
+        rc = CM_MemRestoreCertCache(cm, mem, memSz);
+        if (rc != SSL_SUCCESS) {
+            WOLFSSL_MSG("Mem restore cert cache failed");
+        }
+    }
+
+    XFREE(mem, cm->heap, DYNAMIC_TYPE_TMP_BUFFER);
+    XFCLOSE(file);
+
+    return rc;
+}
+
+#endif /* NO_FILESYSTEM */
+
+
+/* Persist cert cache to memory */
+int CM_MemSaveCertCache(WOLFSSL_CERT_MANAGER* cm, void* mem, int sz, int* used)
+{
+    int ret = SSL_SUCCESS;
+
+    WOLFSSL_ENTER("CM_MemSaveCertCache");
+
+    if (LockMutex(&cm->caLock) != 0) {
+        WOLFSSL_MSG("LockMutex on caLock failed");
+        return BAD_MUTEX_E;
+    }
+
+    ret = DoMemSaveCertCache(cm, mem, sz);
+    if (ret == SSL_SUCCESS)
+        *used  = GetCertCacheMemSize(cm);
+
+    UnLockMutex(&cm->caLock);
+
+    return ret;
+}
+
+
+/* Restore cert cache from memory */
+int CM_MemRestoreCertCache(WOLFSSL_CERT_MANAGER* cm, const void* mem, int sz)
+{
+    int ret = SSL_SUCCESS;
+    int i;
+    CertCacheHeader* hdr = (CertCacheHeader*)mem;
+    byte*            current = (byte*)mem + sizeof(CertCacheHeader);
+    byte*            end     = (byte*)mem + sz;  /* don't go over */
+
+    WOLFSSL_ENTER("CM_MemRestoreCertCache");
+
+    if (current > end) {
+        WOLFSSL_MSG("Cert Cache Memory buffer too small");
+        return BUFFER_E;
+    }
+
+    if (hdr->version  != WOLFSSL_CACHE_CERT_VERSION ||
+        hdr->rows     != CA_TABLE_SIZE ||
+        hdr->signerSz != (int)sizeof(Signer)) {
+
+        WOLFSSL_MSG("Cert Cache Memory header mismatch");
+        return CACHE_MATCH_ERROR;
+    }
+
+    if (LockMutex(&cm->caLock) != 0) {
+        WOLFSSL_MSG("LockMutex on caLock failed");
+        return BAD_MUTEX_E;
+    }
+
+    FreeSignerTable(cm->caTable, CA_TABLE_SIZE, cm->heap);
+
+    for (i = 0; i < CA_TABLE_SIZE; ++i) {
+        int added = RestoreCertRow(cm, current, i, hdr->columns[i], end);
+        if (added < 0) {
+            WOLFSSL_MSG("RestoreCertRow error");
+            ret = added;
+            break;
+        }
+        current += added;
+    }
+
+    UnLockMutex(&cm->caLock);
+
+    return ret;
+}
+
+
+/* get how big the the cert cache save buffer needs to be */
+int CM_GetCertCacheMemSize(WOLFSSL_CERT_MANAGER* cm)
+{
+    int sz;
+
+    WOLFSSL_ENTER("CM_GetCertCacheMemSize");
+
+    if (LockMutex(&cm->caLock) != 0) {
+        WOLFSSL_MSG("LockMutex on caLock failed");
+        return BAD_MUTEX_E;
+    }
+
+    sz = GetCertCacheMemSize(cm);
+
+    UnLockMutex(&cm->caLock);
+
+    return sz;
+}
+
+#endif /* PERSIST_CERT_CACHE */
+#endif /* NO_CERTS */
+
+
+int wolfSSL_CTX_set_cipher_list(WOLFSSL_CTX* ctx, const char* list)
+{
+    WOLFSSL_ENTER("wolfSSL_CTX_set_cipher_list");
+    return (SetCipherList(&ctx->suites, list)) ? SSL_SUCCESS : SSL_FAILURE;
+}
+
+
+int wolfSSL_set_cipher_list(WOLFSSL* ssl, const char* list)
+{
+    WOLFSSL_ENTER("wolfSSL_set_cipher_list");
+    return (SetCipherList(ssl->suites, list)) ? SSL_SUCCESS : SSL_FAILURE;
+}
+
+
+#ifndef WOLFSSL_LEANPSK
+#ifdef WOLFSSL_DTLS
+
+int wolfSSL_dtls_get_current_timeout(WOLFSSL* ssl)
+{
+    (void)ssl;
+
+    return ssl->dtls_timeout;
+}
+
+
+/* user may need to alter init dtls recv timeout, SSL_SUCCESS on ok */
+int wolfSSL_dtls_set_timeout_init(WOLFSSL* ssl, int timeout)
+{
+    if (ssl == NULL || timeout < 0)
+        return BAD_FUNC_ARG;
+
+    if (timeout > ssl->dtls_timeout_max) {
+        WOLFSSL_MSG("Can't set dtls timeout init greater than dtls timeout max");
+        return BAD_FUNC_ARG;
+    }
+
+    ssl->dtls_timeout_init = timeout;
+    ssl->dtls_timeout = timeout;
+
+    return SSL_SUCCESS;
+}
+
+
+/* user may need to alter max dtls recv timeout, SSL_SUCCESS on ok */
+int wolfSSL_dtls_set_timeout_max(WOLFSSL* ssl, int timeout)
+{
+    if (ssl == NULL || timeout < 0)
+        return BAD_FUNC_ARG;
+
+    if (timeout < ssl->dtls_timeout_init) {
+        WOLFSSL_MSG("Can't set dtls timeout max less than dtls timeout init");
+        return BAD_FUNC_ARG;
+    }
+
+    ssl->dtls_timeout_max = timeout;
+
+    return SSL_SUCCESS;
+}
+
+
+int wolfSSL_dtls_got_timeout(WOLFSSL* ssl)
+{
+    int result = SSL_SUCCESS;
+
+    DtlsMsgListDelete(ssl->dtls_msg_list, ssl->heap);
+    ssl->dtls_msg_list = NULL;
+    if (DtlsPoolTimeout(ssl) < 0 || DtlsPoolSend(ssl) < 0) {
+        result = SSL_FATAL_ERROR;
+    }
+    return result;
+}
+
+#endif /* DTLS */
+#endif /* LEANPSK */
+
+
+/* client only parts */
+#ifndef NO_WOLFSSL_CLIENT
+
+    #ifndef NO_OLD_TLS
+    WOLFSSL_METHOD* wolfSSLv3_client_method(void)
+    {
+        WOLFSSL_METHOD* method =
+                              (WOLFSSL_METHOD*) XMALLOC(sizeof(WOLFSSL_METHOD), 0,
+                                                       DYNAMIC_TYPE_METHOD);
+        WOLFSSL_ENTER("SSLv3_client_method");
+        if (method)
+            InitSSL_Method(method, MakeSSLv3());
+        return method;
+    }
+    #endif
+
+    #ifdef WOLFSSL_DTLS
+        WOLFSSL_METHOD* wolfDTLSv1_client_method(void)
+        {
+            WOLFSSL_METHOD* method =
+                              (WOLFSSL_METHOD*) XMALLOC(sizeof(WOLFSSL_METHOD), 0,
+                                                       DYNAMIC_TYPE_METHOD);
+            WOLFSSL_ENTER("DTLSv1_client_method");
+            if (method)
+                InitSSL_Method(method, MakeDTLSv1());
+            return method;
+        }
+
+        WOLFSSL_METHOD* wolfDTLSv1_2_client_method(void)
+        {
+            WOLFSSL_METHOD* method =
+                              (WOLFSSL_METHOD*) XMALLOC(sizeof(WOLFSSL_METHOD), 0,
+                                                       DYNAMIC_TYPE_METHOD);
+            WOLFSSL_ENTER("DTLSv1_2_client_method");
+            if (method)
+                InitSSL_Method(method, MakeDTLSv1_2());
+            return method;
+        }
+    #endif
+
+
+    /* please see note at top of README if you get an error from connect */
+    int wolfSSL_connect(WOLFSSL* ssl)
+    {
+        int neededState;
+
+        WOLFSSL_ENTER("SSL_connect()");
+
+        #ifdef HAVE_ERRNO_H
+            errno = 0;
+        #endif
+
+        if (ssl->options.side != WOLFSSL_CLIENT_END) {
+            WOLFSSL_ERROR(ssl->error = SIDE_ERROR);
+            return SSL_FATAL_ERROR;
+        }
+
+        #ifdef WOLFSSL_DTLS
+            if (ssl->version.major == DTLS_MAJOR) {
+                ssl->options.dtls   = 1;
+                ssl->options.tls    = 1;
+                ssl->options.tls1_1 = 1;
+
+                if (DtlsPoolInit(ssl) != 0) {
+                    ssl->error = MEMORY_ERROR;
+                    WOLFSSL_ERROR(ssl->error);
+                    return SSL_FATAL_ERROR;
+                }
+            }
+        #endif
+
+        if (ssl->buffers.outputBuffer.length > 0) {
+            if ( (ssl->error = SendBuffered(ssl)) == 0) {
+                ssl->options.connectState++;
+                WOLFSSL_MSG("connect state: Advanced from buffered send");
+            }
+            else {
+                WOLFSSL_ERROR(ssl->error);
+                return SSL_FATAL_ERROR;
+            }
+        }
+
+        switch (ssl->options.connectState) {
+
+        case CONNECT_BEGIN :
+            /* always send client hello first */
+            if ( (ssl->error = SendClientHello(ssl)) != 0) {
+                WOLFSSL_ERROR(ssl->error);
+                return SSL_FATAL_ERROR;
+            }
+            ssl->options.connectState = CLIENT_HELLO_SENT;
+            WOLFSSL_MSG("connect state: CLIENT_HELLO_SENT");
+
+        case CLIENT_HELLO_SENT :
+            neededState = ssl->options.resuming ? SERVER_FINISHED_COMPLETE :
+                                          SERVER_HELLODONE_COMPLETE;
+            #ifdef WOLFSSL_DTLS
+                /* In DTLS, when resuming, we can go straight to FINISHED,
+                 * or do a cookie exchange and then skip to FINISHED, assume
+                 * we need the cookie exchange first. */
+                if (ssl->options.dtls)
+                    neededState = SERVER_HELLOVERIFYREQUEST_COMPLETE;
+            #endif
+            /* get response */
+            while (ssl->options.serverState < neededState) {
+                if ( (ssl->error = ProcessReply(ssl)) < 0) {
+                    WOLFSSL_ERROR(ssl->error);
+                    return SSL_FATAL_ERROR;
+                }
+                /* if resumption failed, reset needed state */
+                else if (neededState == SERVER_FINISHED_COMPLETE)
+                    if (!ssl->options.resuming) {
+                        if (!ssl->options.dtls)
+                            neededState = SERVER_HELLODONE_COMPLETE;
+                        else
+                            neededState = SERVER_HELLOVERIFYREQUEST_COMPLETE;
+                    }
+            }
+
+            ssl->options.connectState = HELLO_AGAIN;
+            WOLFSSL_MSG("connect state: HELLO_AGAIN");
+
+        case HELLO_AGAIN :
+            if (ssl->options.certOnly)
+                return SSL_SUCCESS;
+
+            #ifdef WOLFSSL_DTLS
+                if (ssl->options.dtls) {
+                    /* re-init hashes, exclude first hello and verify request */
+#ifndef NO_OLD_TLS
+                    wc_InitMd5(&ssl->hashMd5);
+                    if ( (ssl->error = wc_InitSha(&ssl->hashSha)) != 0) {
+                        WOLFSSL_ERROR(ssl->error);
+                        return SSL_FATAL_ERROR;
+                    }
+#endif
+                    if (IsAtLeastTLSv1_2(ssl)) {
+                        #ifndef NO_SHA256
+                            if ( (ssl->error =
+                                           wc_InitSha256(&ssl->hashSha256)) != 0) {
+                                WOLFSSL_ERROR(ssl->error);
+                                return SSL_FATAL_ERROR;
+                            }
+                        #endif
+                        #ifdef WOLFSSL_SHA384
+                            if ( (ssl->error =
+                                           wc_InitSha384(&ssl->hashSha384)) != 0) {
+                                WOLFSSL_ERROR(ssl->error);
+                                return SSL_FATAL_ERROR;
+                            }
+                        #endif
+                    }
+                    if ( (ssl->error = SendClientHello(ssl)) != 0) {
+                        WOLFSSL_ERROR(ssl->error);
+                        return SSL_FATAL_ERROR;
+                    }
+                }
+            #endif
+
+            ssl->options.connectState = HELLO_AGAIN_REPLY;
+            WOLFSSL_MSG("connect state: HELLO_AGAIN_REPLY");
+
+        case HELLO_AGAIN_REPLY :
+            #ifdef WOLFSSL_DTLS
+                if (ssl->options.dtls) {
+                    neededState = ssl->options.resuming ?
+                           SERVER_FINISHED_COMPLETE : SERVER_HELLODONE_COMPLETE;
+
+                    /* get response */
+                    while (ssl->options.serverState < neededState) {
+                        if ( (ssl->error = ProcessReply(ssl)) < 0) {
+                                WOLFSSL_ERROR(ssl->error);
+                                return SSL_FATAL_ERROR;
+                        }
+                        /* if resumption failed, reset needed state */
+                        else if (neededState == SERVER_FINISHED_COMPLETE)
+                            if (!ssl->options.resuming)
+                                neededState = SERVER_HELLODONE_COMPLETE;
+                    }
+                }
+            #endif
+
+            ssl->options.connectState = FIRST_REPLY_DONE;
+            WOLFSSL_MSG("connect state: FIRST_REPLY_DONE");
+
+        case FIRST_REPLY_DONE :
+            #ifndef NO_CERTS
+                if (ssl->options.sendVerify) {
+                    if ( (ssl->error = SendCertificate(ssl)) != 0) {
+                        WOLFSSL_ERROR(ssl->error);
+                        return SSL_FATAL_ERROR;
+                    }
+                    WOLFSSL_MSG("sent: certificate");
+                }
+
+            #endif
+            ssl->options.connectState = FIRST_REPLY_FIRST;
+            WOLFSSL_MSG("connect state: FIRST_REPLY_FIRST");
+
+        case FIRST_REPLY_FIRST :
+            if (!ssl->options.resuming) {
+                if ( (ssl->error = SendClientKeyExchange(ssl)) != 0) {
+                    WOLFSSL_ERROR(ssl->error);
+                    return SSL_FATAL_ERROR;
+                }
+                WOLFSSL_MSG("sent: client key exchange");
+            }
+
+            ssl->options.connectState = FIRST_REPLY_SECOND;
+            WOLFSSL_MSG("connect state: FIRST_REPLY_SECOND");
+
+        case FIRST_REPLY_SECOND :
+            #ifndef NO_CERTS
+                if (ssl->options.sendVerify) {
+                    if ( (ssl->error = SendCertificateVerify(ssl)) != 0) {
+                        WOLFSSL_ERROR(ssl->error);
+                        return SSL_FATAL_ERROR;
+                    }
+                    WOLFSSL_MSG("sent: certificate verify");
+                }
+            #endif
+            ssl->options.connectState = FIRST_REPLY_THIRD;
+            WOLFSSL_MSG("connect state: FIRST_REPLY_THIRD");
+
+        case FIRST_REPLY_THIRD :
+            if ( (ssl->error = SendChangeCipher(ssl)) != 0) {
+                WOLFSSL_ERROR(ssl->error);
+                return SSL_FATAL_ERROR;
+            }
+            WOLFSSL_MSG("sent: change cipher spec");
+            ssl->options.connectState = FIRST_REPLY_FOURTH;
+            WOLFSSL_MSG("connect state: FIRST_REPLY_FOURTH");
+
+        case FIRST_REPLY_FOURTH :
+            if ( (ssl->error = SendFinished(ssl)) != 0) {
+                WOLFSSL_ERROR(ssl->error);
+                return SSL_FATAL_ERROR;
+            }
+            WOLFSSL_MSG("sent: finished");
+            ssl->options.connectState = FINISHED_DONE;
+            WOLFSSL_MSG("connect state: FINISHED_DONE");
+
+        case FINISHED_DONE :
+            /* get response */
+            while (ssl->options.serverState < SERVER_FINISHED_COMPLETE)
+                if ( (ssl->error = ProcessReply(ssl)) < 0) {
+                    WOLFSSL_ERROR(ssl->error);
+                    return SSL_FATAL_ERROR;
+                }
+
+            ssl->options.connectState = SECOND_REPLY_DONE;
+            WOLFSSL_MSG("connect state: SECOND_REPLY_DONE");
+
+        case SECOND_REPLY_DONE:
+            FreeHandshakeResources(ssl);
+            WOLFSSL_LEAVE("SSL_connect()", SSL_SUCCESS);
+            return SSL_SUCCESS;
+
+        default:
+            WOLFSSL_MSG("Unknown connect state ERROR");
+            return SSL_FATAL_ERROR; /* unknown connect state */
+        }
+    }
+
+#endif /* NO_WOLFSSL_CLIENT */
+
+
+/* server only parts */
+#ifndef NO_WOLFSSL_SERVER
+
+    #ifndef NO_OLD_TLS
+    WOLFSSL_METHOD* wolfSSLv3_server_method(void)
+    {
+        WOLFSSL_METHOD* method =
+                              (WOLFSSL_METHOD*) XMALLOC(sizeof(WOLFSSL_METHOD), 0,
+                                                       DYNAMIC_TYPE_METHOD);
+        WOLFSSL_ENTER("SSLv3_server_method");
+        if (method) {
+            InitSSL_Method(method, MakeSSLv3());
+            method->side = WOLFSSL_SERVER_END;
+        }
+        return method;
+    }
+    #endif
+
+
+    #ifdef WOLFSSL_DTLS
+        WOLFSSL_METHOD* wolfDTLSv1_server_method(void)
+        {
+            WOLFSSL_METHOD* method =
+                              (WOLFSSL_METHOD*) XMALLOC(sizeof(WOLFSSL_METHOD), 0,
+                                                       DYNAMIC_TYPE_METHOD);
+            WOLFSSL_ENTER("DTLSv1_server_method");
+            if (method) {
+                InitSSL_Method(method, MakeDTLSv1());
+                method->side = WOLFSSL_SERVER_END;
+            }
+            return method;
+        }
+
+        WOLFSSL_METHOD* wolfDTLSv1_2_server_method(void)
+        {
+            WOLFSSL_METHOD* method =
+                              (WOLFSSL_METHOD*) XMALLOC(sizeof(WOLFSSL_METHOD), 0,
+                                                       DYNAMIC_TYPE_METHOD);
+            WOLFSSL_ENTER("DTLSv1_2_server_method");
+            if (method) {
+                InitSSL_Method(method, MakeDTLSv1_2());
+                method->side = WOLFSSL_SERVER_END;
+            }
+            return method;
+        }
+    #endif
+
+
+    int wolfSSL_accept(WOLFSSL* ssl)
+    {
+        byte havePSK = 0;
+        byte haveAnon = 0;
+        WOLFSSL_ENTER("SSL_accept()");
+
+        #ifdef HAVE_ERRNO_H
+            errno = 0;
+        #endif
+
+        #ifndef NO_PSK
+            havePSK = ssl->options.havePSK;
+        #endif
+        (void)havePSK;
+
+        #ifdef HAVE_ANON
+            haveAnon = ssl->options.haveAnon;
+        #endif
+        (void)haveAnon;
+
+        if (ssl->options.side != WOLFSSL_SERVER_END) {
+            WOLFSSL_ERROR(ssl->error = SIDE_ERROR);
+            return SSL_FATAL_ERROR;
+        }
+
+        #ifndef NO_CERTS
+            /* in case used set_accept_state after init */
+            if (!havePSK && !haveAnon &&
+                            (ssl->buffers.certificate.buffer == NULL ||
+                             ssl->buffers.key.buffer == NULL)) {
+                WOLFSSL_MSG("accept error: don't have server cert and key");
+                ssl->error = NO_PRIVATE_KEY;
+                WOLFSSL_ERROR(ssl->error);
+                return SSL_FATAL_ERROR;
+            }
+        #endif
+
+        #ifdef WOLFSSL_DTLS
+            if (ssl->version.major == DTLS_MAJOR) {
+                ssl->options.dtls   = 1;
+                ssl->options.tls    = 1;
+                ssl->options.tls1_1 = 1;
+
+                if (DtlsPoolInit(ssl) != 0) {
+                    ssl->error = MEMORY_ERROR;
+                    WOLFSSL_ERROR(ssl->error);
+                    return SSL_FATAL_ERROR;
+                }
+            }
+        #endif
+
+        if (ssl->buffers.outputBuffer.length > 0) {
+            if ( (ssl->error = SendBuffered(ssl)) == 0) {
+                ssl->options.acceptState++;
+                WOLFSSL_MSG("accept state: Advanced from buffered send");
+            }
+            else {
+                WOLFSSL_ERROR(ssl->error);
+                return SSL_FATAL_ERROR;
+            }
+        }
+
+        switch (ssl->options.acceptState) {
+
+        case ACCEPT_BEGIN :
+            /* get response */
+            while (ssl->options.clientState < CLIENT_HELLO_COMPLETE)
+                if ( (ssl->error = ProcessReply(ssl)) < 0) {
+                    WOLFSSL_ERROR(ssl->error);
+                    return SSL_FATAL_ERROR;
+                }
+            ssl->options.acceptState = ACCEPT_CLIENT_HELLO_DONE;
+            WOLFSSL_MSG("accept state ACCEPT_CLIENT_HELLO_DONE");
+
+        case ACCEPT_CLIENT_HELLO_DONE :
+            #ifdef WOLFSSL_DTLS
+                if (ssl->options.dtls)
+                    if ( (ssl->error = SendHelloVerifyRequest(ssl)) != 0) {
+                        WOLFSSL_ERROR(ssl->error);
+                        return SSL_FATAL_ERROR;
+                    }
+            #endif
+            ssl->options.acceptState = HELLO_VERIFY_SENT;
+            WOLFSSL_MSG("accept state HELLO_VERIFY_SENT");
+
+        case HELLO_VERIFY_SENT:
+            #ifdef WOLFSSL_DTLS
+                if (ssl->options.dtls) {
+                    ssl->options.clientState = NULL_STATE;  /* get again */
+                    /* reset messages received */
+                    XMEMSET(&ssl->msgsReceived, 0, sizeof(ssl->msgsReceived));
+                    /* re-init hashes, exclude first hello and verify request */
+#ifndef NO_OLD_TLS
+                    wc_InitMd5(&ssl->hashMd5);
+                    if ( (ssl->error = wc_InitSha(&ssl->hashSha)) != 0) {
+                        WOLFSSL_ERROR(ssl->error);
+                        return SSL_FATAL_ERROR;
+                    }
+#endif
+                    if (IsAtLeastTLSv1_2(ssl)) {
+                        #ifndef NO_SHA256
+                            if ( (ssl->error =
+                                           wc_InitSha256(&ssl->hashSha256)) != 0) {
+                               WOLFSSL_ERROR(ssl->error);
+                               return SSL_FATAL_ERROR;
+                            }
+                        #endif
+                        #ifdef WOLFSSL_SHA384
+                            if ( (ssl->error =
+                                           wc_InitSha384(&ssl->hashSha384)) != 0) {
+                               WOLFSSL_ERROR(ssl->error);
+                               return SSL_FATAL_ERROR;
+                            }
+                        #endif
+                    }
+
+                    while (ssl->options.clientState < CLIENT_HELLO_COMPLETE)
+                        if ( (ssl->error = ProcessReply(ssl)) < 0) {
+                            WOLFSSL_ERROR(ssl->error);
+                            return SSL_FATAL_ERROR;
+                        }
+                }
+            #endif
+            ssl->options.acceptState = ACCEPT_FIRST_REPLY_DONE;
+            WOLFSSL_MSG("accept state ACCEPT_FIRST_REPLY_DONE");
+
+        case ACCEPT_FIRST_REPLY_DONE :
+            if ( (ssl->error = SendServerHello(ssl)) != 0) {
+                WOLFSSL_ERROR(ssl->error);
+                return SSL_FATAL_ERROR;
+            }
+            ssl->options.acceptState = SERVER_HELLO_SENT;
+            WOLFSSL_MSG("accept state SERVER_HELLO_SENT");
+
+        case SERVER_HELLO_SENT :
+            #ifndef NO_CERTS
+                if (!ssl->options.resuming)
+                    if ( (ssl->error = SendCertificate(ssl)) != 0) {
+                        WOLFSSL_ERROR(ssl->error);
+                        return SSL_FATAL_ERROR;
+                    }
+            #endif
+            ssl->options.acceptState = CERT_SENT;
+            WOLFSSL_MSG("accept state CERT_SENT");
+
+        case CERT_SENT :
+            if (!ssl->options.resuming)
+                if ( (ssl->error = SendServerKeyExchange(ssl)) != 0) {
+                    WOLFSSL_ERROR(ssl->error);
+                    return SSL_FATAL_ERROR;
+                }
+            ssl->options.acceptState = KEY_EXCHANGE_SENT;
+            WOLFSSL_MSG("accept state KEY_EXCHANGE_SENT");
+
+        case KEY_EXCHANGE_SENT :
+            #ifndef NO_CERTS
+                if (!ssl->options.resuming)
+                    if (ssl->options.verifyPeer)
+                        if ( (ssl->error = SendCertificateRequest(ssl)) != 0) {
+                            WOLFSSL_ERROR(ssl->error);
+                            return SSL_FATAL_ERROR;
+                        }
+            #endif
+            ssl->options.acceptState = CERT_REQ_SENT;
+            WOLFSSL_MSG("accept state CERT_REQ_SENT");
+
+        case CERT_REQ_SENT :
+            if (!ssl->options.resuming)
+                if ( (ssl->error = SendServerHelloDone(ssl)) != 0) {
+                    WOLFSSL_ERROR(ssl->error);
+                    return SSL_FATAL_ERROR;
+                }
+            ssl->options.acceptState = SERVER_HELLO_DONE;
+            WOLFSSL_MSG("accept state SERVER_HELLO_DONE");
+
+        case SERVER_HELLO_DONE :
+            if (!ssl->options.resuming) {
+                while (ssl->options.clientState < CLIENT_FINISHED_COMPLETE)
+                    if ( (ssl->error = ProcessReply(ssl)) < 0) {
+                        WOLFSSL_ERROR(ssl->error);
+                        return SSL_FATAL_ERROR;
+                    }
+            }
+            ssl->options.acceptState = ACCEPT_SECOND_REPLY_DONE;
+            WOLFSSL_MSG("accept state  ACCEPT_SECOND_REPLY_DONE");
+
+        case ACCEPT_SECOND_REPLY_DONE :
+            if ( (ssl->error = SendChangeCipher(ssl)) != 0) {
+                WOLFSSL_ERROR(ssl->error);
+                return SSL_FATAL_ERROR;
+            }
+            ssl->options.acceptState = CHANGE_CIPHER_SENT;
+            WOLFSSL_MSG("accept state  CHANGE_CIPHER_SENT");
+
+        case CHANGE_CIPHER_SENT :
+            if ( (ssl->error = SendFinished(ssl)) != 0) {
+                WOLFSSL_ERROR(ssl->error);
+                return SSL_FATAL_ERROR;
+            }
+
+            ssl->options.acceptState = ACCEPT_FINISHED_DONE;
+            WOLFSSL_MSG("accept state ACCEPT_FINISHED_DONE");
+
+        case ACCEPT_FINISHED_DONE :
+            if (ssl->options.resuming)
+                while (ssl->options.clientState < CLIENT_FINISHED_COMPLETE)
+                    if ( (ssl->error = ProcessReply(ssl)) < 0) {
+                        WOLFSSL_ERROR(ssl->error);
+                        return SSL_FATAL_ERROR;
+                    }
+
+            ssl->options.acceptState = ACCEPT_THIRD_REPLY_DONE;
+            WOLFSSL_MSG("accept state ACCEPT_THIRD_REPLY_DONE");
+
+        case ACCEPT_THIRD_REPLY_DONE :
+            FreeHandshakeResources(ssl);
+            WOLFSSL_LEAVE("SSL_accept()", SSL_SUCCESS);
+            return SSL_SUCCESS;
+
+        default :
+            WOLFSSL_MSG("Unknown accept state ERROR");
+            return SSL_FATAL_ERROR;
+        }
+    }
+
+#endif /* NO_WOLFSSL_SERVER */
+
+
+int wolfSSL_Cleanup(void)
+{
+    int ret = SSL_SUCCESS;
+    int release = 0;
+
+    WOLFSSL_ENTER("wolfSSL_Cleanup");
+
+    if (initRefCount == 0)
+        return ret;  /* possibly no init yet, but not failure either way */
+
+    if (LockMutex(&count_mutex) != 0) {
+        WOLFSSL_MSG("Bad Lock Mutex count");
+        return BAD_MUTEX_E;
+    }
+
+    release = initRefCount-- == 1;
+    if (initRefCount < 0)
+        initRefCount = 0;
+
+    UnLockMutex(&count_mutex);
+
+    if (!release)
+        return ret;
+
+#ifndef NO_SESSION_CACHE
+    if (FreeMutex(&session_mutex) != 0)
+        ret = BAD_MUTEX_E;
+#endif
+    if (FreeMutex(&count_mutex) != 0)
+        ret = BAD_MUTEX_E;
+
+#if defined(HAVE_ECC) && defined(FP_ECC)
+    wc_ecc_fp_free();
+#endif
+
+    return ret;
+}
+
+
+#ifndef NO_SESSION_CACHE
+
+
+/* some session IDs aren't random afterall, let's make them random */
+static INLINE word32 HashSession(const byte* sessionID, word32 len, int* error)
+{
+    byte digest[MD5_DIGEST_SIZE];
+
+#ifndef NO_MD5
+    *error =    wc_Md5Hash(sessionID, len, digest);
+#elif !defined(NO_SHA)
+    *error =    wc_ShaHash(sessionID, len, digest);
+#elif !defined(NO_SHA256)
+    *error = Sha256Hash(sessionID, len, digest);
+#else
+    #error "We need a digest to hash the session IDs"
+#endif
+
+    return *error == 0 ? MakeWordFromHash(digest) : 0; /* 0 on failure */
+}
+
+
+void wolfSSL_flush_sessions(WOLFSSL_CTX* ctx, long tm)
+{
+    /* static table now, no flusing needed */
+    (void)ctx;
+    (void)tm;
+}
+
+
+/* set ssl session timeout in seconds */
+int wolfSSL_set_timeout(WOLFSSL* ssl, unsigned int to)
+{
+    if (ssl == NULL)
+        return BAD_FUNC_ARG;
+
+    ssl->timeout = to;
+
+    return SSL_SUCCESS;
+}
+
+
+/* set ctx session timeout in seconds */
+int wolfSSL_CTX_set_timeout(WOLFSSL_CTX* ctx, unsigned int to)
+{
+    if (ctx == NULL)
+        return BAD_FUNC_ARG;
+
+    ctx->timeout = to;
+
+    return SSL_SUCCESS;
+}
+
+
+#ifndef NO_CLIENT_CACHE
+
+/* Get Session from Client cache based on id/len, return NULL on failure */
+WOLFSSL_SESSION* GetSessionClient(WOLFSSL* ssl, const byte* id, int len)
+{
+    WOLFSSL_SESSION* ret = NULL;
+    word32          row;
+    int             idx;
+    int             count;
+    int             error = 0;
+
+    WOLFSSL_ENTER("GetSessionClient");
+
+    if (ssl->options.side == WOLFSSL_SERVER_END)
+        return NULL;
+
+    len = min(SERVER_ID_LEN, (word32)len);
+    row = HashSession(id, len, &error) % SESSION_ROWS;
+    if (error != 0) {
+        WOLFSSL_MSG("Hash session failed");
+        return NULL;
+    }
+
+    if (LockMutex(&session_mutex) != 0) {
+        WOLFSSL_MSG("Lock session mutex failed");
+        return NULL;
+    }
+
+    /* start from most recently used */
+    count = min((word32)ClientCache[row].totalCount, SESSIONS_PER_ROW);
+    idx = ClientCache[row].nextIdx - 1;
+    if (idx < 0)
+        idx = SESSIONS_PER_ROW - 1; /* if back to front, the previous was end */
+
+    for (; count > 0; --count, idx = idx ? idx - 1 : SESSIONS_PER_ROW - 1) {
+        WOLFSSL_SESSION* current;
+        ClientSession   clSess;
+
+        if (idx >= SESSIONS_PER_ROW || idx < 0) { /* sanity check */
+            WOLFSSL_MSG("Bad idx");
+            break;
+        }
+
+        clSess = ClientCache[row].Clients[idx];
+
+        current = &SessionCache[clSess.serverRow].Sessions[clSess.serverIdx];
+        if (XMEMCMP(current->serverID, id, len) == 0) {
+            WOLFSSL_MSG("Found a serverid match for client");
+            if (LowResTimer() < (current->bornOn + current->timeout)) {
+                WOLFSSL_MSG("Session valid");
+                ret = current;
+                break;
+            } else {
+                WOLFSSL_MSG("Session timed out");  /* could have more for id */
+            }
+        } else {
+            WOLFSSL_MSG("ServerID not a match from client table");
+        }
+    }
+
+    UnLockMutex(&session_mutex);
+
+    return ret;
+}
+
+#endif /* NO_CLIENT_CACHE */
+
+
+WOLFSSL_SESSION* GetSession(WOLFSSL* ssl, byte* masterSecret)
+{
+    WOLFSSL_SESSION* ret = 0;
+    const byte*  id = NULL;
+    word32       row;
+    int          idx;
+    int          count;
+    int          error = 0;
+
+    if (ssl->options.sessionCacheOff)
+        return NULL;
+
+    if (ssl->options.haveSessionId == 0)
+        return NULL;
+
+    if (ssl->arrays)
+        id = ssl->arrays->sessionID;
+    else
+        id = ssl->session.sessionID;
+
+    row = HashSession(id, ID_LEN, &error) % SESSION_ROWS;
+    if (error != 0) {
+        WOLFSSL_MSG("Hash session failed");
+        return NULL;
+    }
+
+    if (LockMutex(&session_mutex) != 0)
+        return 0;
+
+    /* start from most recently used */
+    count = min((word32)SessionCache[row].totalCount, SESSIONS_PER_ROW);
+    idx = SessionCache[row].nextIdx - 1;
+    if (idx < 0)
+        idx = SESSIONS_PER_ROW - 1; /* if back to front, the previous was end */
+
+    for (; count > 0; --count, idx = idx ? idx - 1 : SESSIONS_PER_ROW - 1) {
+        WOLFSSL_SESSION* current;
+
+        if (idx >= SESSIONS_PER_ROW || idx < 0) { /* sanity check */
+            WOLFSSL_MSG("Bad idx");
+            break;
+        }
+
+        current = &SessionCache[row].Sessions[idx];
+        if (XMEMCMP(current->sessionID, id, ID_LEN) == 0) {
+            WOLFSSL_MSG("Found a session match");
+            if (LowResTimer() < (current->bornOn + current->timeout)) {
+                WOLFSSL_MSG("Session valid");
+                ret = current;
+                if (masterSecret)
+                    XMEMCPY(masterSecret, current->masterSecret, SECRET_LEN);
+            } else {
+                WOLFSSL_MSG("Session timed out");
+            }
+            break;  /* no more sessionIDs whether valid or not that match */
+        } else {
+            WOLFSSL_MSG("SessionID not a match at this idx");
+        }
+    }
+
+    UnLockMutex(&session_mutex);
+
+    return ret;
+}
+
+
+int SetSession(WOLFSSL* ssl, WOLFSSL_SESSION* session)
+{
+    if (ssl->options.sessionCacheOff)
+        return SSL_FAILURE;
+
+    if (LowResTimer() < (session->bornOn + session->timeout)) {
+        ssl->session  = *session;
+        ssl->options.resuming = 1;
+
+#ifdef SESSION_CERTS
+        ssl->version              = session->version;
+        ssl->options.cipherSuite0 = session->cipherSuite0;
+        ssl->options.cipherSuite  = session->cipherSuite;
+#endif
+
+        return SSL_SUCCESS;
+    }
+    return SSL_FAILURE;  /* session timed out */
+}
+
+
+int AddSession(WOLFSSL* ssl)
+{
+    word32 row, idx;
+    int    error = 0;
+
+    if (ssl->options.sessionCacheOff)
+        return 0;
+
+    if (ssl->options.haveSessionId == 0)
+        return 0;
+
+    row = HashSession(ssl->arrays->sessionID, ID_LEN, &error) % SESSION_ROWS;
+    if (error != 0) {
+        WOLFSSL_MSG("Hash session failed");
+        return error;
+    }
+
+    if (LockMutex(&session_mutex) != 0)
+        return BAD_MUTEX_E;
+
+    idx = SessionCache[row].nextIdx++;
+#ifdef SESSION_INDEX
+    ssl->sessionIndex = (row << SESSIDX_ROW_SHIFT) | idx;
+#endif
+
+    XMEMCPY(SessionCache[row].Sessions[idx].masterSecret,
+           ssl->arrays->masterSecret, SECRET_LEN);
+    XMEMCPY(SessionCache[row].Sessions[idx].sessionID, ssl->arrays->sessionID,
+           ID_LEN);
+    SessionCache[row].Sessions[idx].sessionIDSz = ssl->arrays->sessionIDSz;
+
+    SessionCache[row].Sessions[idx].timeout = ssl->timeout;
+    SessionCache[row].Sessions[idx].bornOn  = LowResTimer();
+
+#ifdef HAVE_SESSION_TICKET
+    SessionCache[row].Sessions[idx].ticketLen     = ssl->session.ticketLen;
+    XMEMCPY(SessionCache[row].Sessions[idx].ticket,
+                                   ssl->session.ticket, ssl->session.ticketLen);
+#endif
+
+#ifdef SESSION_CERTS
+    SessionCache[row].Sessions[idx].chain.count = ssl->session.chain.count;
+    XMEMCPY(SessionCache[row].Sessions[idx].chain.certs,
+           ssl->session.chain.certs, sizeof(x509_buffer) * MAX_CHAIN_DEPTH);
+
+    SessionCache[row].Sessions[idx].version      = ssl->version;
+    SessionCache[row].Sessions[idx].cipherSuite0 = ssl->options.cipherSuite0;
+    SessionCache[row].Sessions[idx].cipherSuite  = ssl->options.cipherSuite;
+#endif /* SESSION_CERTS */
+
+    SessionCache[row].totalCount++;
+    if (SessionCache[row].nextIdx == SESSIONS_PER_ROW)
+        SessionCache[row].nextIdx = 0;
+
+#ifndef NO_CLIENT_CACHE
+    if (ssl->options.side == WOLFSSL_CLIENT_END && ssl->session.idLen) {
+        word32 clientRow, clientIdx;
+
+        WOLFSSL_MSG("Adding client cache entry");
+
+        SessionCache[row].Sessions[idx].idLen = ssl->session.idLen;
+        XMEMCPY(SessionCache[row].Sessions[idx].serverID, ssl->session.serverID,
+                ssl->session.idLen);
+
+        clientRow = HashSession(ssl->session.serverID, ssl->session.idLen,
+                                &error) % SESSION_ROWS;
+        if (error != 0) {
+            WOLFSSL_MSG("Hash session failed");
+        } else {
+            clientIdx = ClientCache[clientRow].nextIdx++;
+
+            ClientCache[clientRow].Clients[clientIdx].serverRow = (word16)row;
+            ClientCache[clientRow].Clients[clientIdx].serverIdx = (word16)idx;
+
+            ClientCache[clientRow].totalCount++;
+            if (ClientCache[clientRow].nextIdx == SESSIONS_PER_ROW)
+                ClientCache[clientRow].nextIdx = 0;
+        }
+    }
+    else
+        SessionCache[row].Sessions[idx].idLen = 0;
+#endif /* NO_CLIENT_CACHE */
+
+    if (UnLockMutex(&session_mutex) != 0)
+        return BAD_MUTEX_E;
+
+    return error;
+}
+
+
+#ifdef SESSION_INDEX
+
+int wolfSSL_GetSessionIndex(WOLFSSL* ssl)
+{
+    WOLFSSL_ENTER("wolfSSL_GetSessionIndex");
+    WOLFSSL_LEAVE("wolfSSL_GetSessionIndex", ssl->sessionIndex);
+    return ssl->sessionIndex;
+}
+
+
+int wolfSSL_GetSessionAtIndex(int idx, WOLFSSL_SESSION* session)
+{
+    int row, col, result = SSL_FAILURE;
+
+    WOLFSSL_ENTER("wolfSSL_GetSessionAtIndex");
+
+    row = idx >> SESSIDX_ROW_SHIFT;
+    col = idx & SESSIDX_IDX_MASK;
+
+    if (LockMutex(&session_mutex) != 0) {
+        return BAD_MUTEX_E;
+    }
+
+    if (row < SESSION_ROWS &&
+        col < (int)min(SessionCache[row].totalCount, SESSIONS_PER_ROW)) {
+        XMEMCPY(session,
+                 &SessionCache[row].Sessions[col], sizeof(WOLFSSL_SESSION));
+        result = SSL_SUCCESS;
+    }
+
+    if (UnLockMutex(&session_mutex) != 0)
+        result = BAD_MUTEX_E;
+
+    WOLFSSL_LEAVE("wolfSSL_GetSessionAtIndex", result);
+    return result;
+}
+
+#endif /* SESSION_INDEX */
+
+#if defined(SESSION_INDEX) && defined(SESSION_CERTS)
+
+WOLFSSL_X509_CHAIN* wolfSSL_SESSION_get_peer_chain(WOLFSSL_SESSION* session)
+{
+    WOLFSSL_X509_CHAIN* chain = NULL;
+
+    WOLFSSL_ENTER("wolfSSL_SESSION_get_peer_chain");
+    if (session)
+        chain = &session->chain;
+
+    WOLFSSL_LEAVE("wolfSSL_SESSION_get_peer_chain", chain ? 1 : 0);
+    return chain;
+}
+
+#endif /* SESSION_INDEX && SESSION_CERTS */
+
+
+    #ifdef SESSION_STATS
+
+    WOLFSSL_API
+    void PrintSessionStats(void)
+    {
+        word32 totalSessionsSeen = 0;
+        word32 totalSessionsNow = 0;
+        word32 rowNow;
+        int    i;
+        double E;               /* expected freq */
+        double chiSquare = 0;
+
+        for (i = 0; i < SESSION_ROWS; i++) {
+            totalSessionsSeen += SessionCache[i].totalCount;
+
+            if (SessionCache[i].totalCount >= SESSIONS_PER_ROW)
+                rowNow = SESSIONS_PER_ROW;
+            else if (SessionCache[i].nextIdx == 0)
+                rowNow = 0;
+            else
+                rowNow = SessionCache[i].nextIdx;
+
+            totalSessionsNow += rowNow;
+        }
+
+        printf("Total Sessions Seen = %d\n", totalSessionsSeen);
+        printf("Total Sessions Now  = %d\n", totalSessionsNow);
+
+        E = (double)totalSessionsSeen / SESSION_ROWS;
+
+        for (i = 0; i < SESSION_ROWS; i++) {
+            double diff = SessionCache[i].totalCount - E;
+            diff *= diff;                /* square    */
+            diff /= E;                   /* normalize */
+
+            chiSquare += diff;
+        }
+        printf("  chi-square = %5.1f, d.f. = %d\n", chiSquare,
+                                                     SESSION_ROWS - 1);
+        if (SESSION_ROWS == 11)
+            printf(" .05 p value =  18.3, chi-square should be less\n");
+        else if (SESSION_ROWS == 211)
+            printf(".05 p value  = 244.8, chi-square should be less\n");
+        else if (SESSION_ROWS == 5981)
+            printf(".05 p value  = 6161.0, chi-square should be less\n");
+        else if (SESSION_ROWS == 3)
+            printf(".05 p value  =   6.0, chi-square should be less\n");
+        else if (SESSION_ROWS == 2861)
+            printf(".05 p value  = 2985.5, chi-square should be less\n");
+        printf("\n");
+    }
+
+    #endif /* SESSION_STATS */
+
+#else  /* NO_SESSION_CACHE */
+
+/* No session cache version */
+WOLFSSL_SESSION* GetSession(WOLFSSL* ssl, byte* masterSecret)
+{
+    (void)ssl;
+    (void)masterSecret;
+
+    return NULL;
+}
+
+#endif /* NO_SESSION_CACHE */
+
+
+/* call before SSL_connect, if verifying will add name check to
+   date check and signature check */
+int wolfSSL_check_domain_name(WOLFSSL* ssl, const char* dn)
+{
+    WOLFSSL_ENTER("wolfSSL_check_domain_name");
+    if (ssl->buffers.domainName.buffer)
+        XFREE(ssl->buffers.domainName.buffer, ssl->heap, DYNAMIC_TYPE_DOMAIN);
+
+    ssl->buffers.domainName.length = (word32)XSTRLEN(dn) + 1;
+    ssl->buffers.domainName.buffer = (byte*) XMALLOC(
+                ssl->buffers.domainName.length, ssl->heap, DYNAMIC_TYPE_DOMAIN);
+
+    if (ssl->buffers.domainName.buffer) {
+        XSTRNCPY((char*)ssl->buffers.domainName.buffer, dn,
+                ssl->buffers.domainName.length);
+        return SSL_SUCCESS;
+    }
+    else {
+        ssl->error = MEMORY_ERROR;
+        return SSL_FAILURE;
+    }
+}
+
+
+/* turn on wolfSSL zlib compression
+   returns SSL_SUCCESS for success, else error (not built in)
+*/
+int wolfSSL_set_compression(WOLFSSL* ssl)
+{
+    WOLFSSL_ENTER("wolfSSL_set_compression");
+    (void)ssl;
+#ifdef HAVE_LIBZ
+    ssl->options.usingCompression = 1;
+    return SSL_SUCCESS;
+#else
+    return NOT_COMPILED_IN;
+#endif
+}
+
+
+#ifndef USE_WINDOWS_API
+    #ifndef NO_WRITEV
+
+        /* simulate writev semantics, doesn't actually do block at a time though
+           because of SSL_write behavior and because front adds may be small */
+        int wolfSSL_writev(WOLFSSL* ssl, const struct iovec* iov, int iovcnt)
+        {
+        #ifdef WOLFSSL_SMALL_STACK
+            byte   staticBuffer[1]; /* force heap usage */
+        #else
+            byte   staticBuffer[FILE_BUFFER_SIZE];
+        #endif
+            byte* myBuffer  = staticBuffer;
+            int   dynamic   = 0;
+            int   sending   = 0;
+            int   idx       = 0;
+            int   i;
+            int   ret;
+
+            WOLFSSL_ENTER("wolfSSL_writev");
+
+            for (i = 0; i < iovcnt; i++)
+                sending += (int)iov[i].iov_len;
+
+            if (sending > (int)sizeof(staticBuffer)) {
+                myBuffer = (byte*)XMALLOC(sending, ssl->heap,
+                                                           DYNAMIC_TYPE_WRITEV);
+                if (!myBuffer)
+                    return MEMORY_ERROR;
+
+                dynamic = 1;
+            }
+
+            for (i = 0; i < iovcnt; i++) {
+                XMEMCPY(&myBuffer[idx], iov[i].iov_base, iov[i].iov_len);
+                idx += (int)iov[i].iov_len;
+            }
+
+            ret = wolfSSL_write(ssl, myBuffer, sending);
+
+            if (dynamic)
+                XFREE(myBuffer, ssl->heap, DYNAMIC_TYPE_WRITEV);
+
+            return ret;
+        }
+    #endif
+#endif
+
+
+#ifdef WOLFSSL_CALLBACKS
+
+    typedef struct itimerval Itimerval;
+
+    /* don't keep calling simple functions while setting up timer and singals
+       if no inlining these are the next best */
+
+    #define AddTimes(a, b, c)                       \
+        do {                                        \
+            c.tv_sec  = a.tv_sec  + b.tv_sec;       \
+            c.tv_usec = a.tv_usec + b.tv_usec;      \
+            if (c.tv_usec >=  1000000) {            \
+                c.tv_sec++;                         \
+                c.tv_usec -= 1000000;               \
+            }                                       \
+        } while (0)
+
+
+    #define SubtractTimes(a, b, c)                  \
+        do {                                        \
+            c.tv_sec  = a.tv_sec  - b.tv_sec;       \
+            c.tv_usec = a.tv_usec - b.tv_usec;      \
+            if (c.tv_usec < 0) {                    \
+                c.tv_sec--;                         \
+                c.tv_usec += 1000000;               \
+            }                                       \
+        } while (0)
+
+    #define CmpTimes(a, b, cmp)                     \
+        ((a.tv_sec  ==  b.tv_sec) ?                 \
+            (a.tv_usec cmp b.tv_usec) :             \
+            (a.tv_sec  cmp b.tv_sec))               \
+
+
+    /* do nothing handler */
+    static void myHandler(int signo)
+    {
+        (void)signo;
+        return;
+    }
+
+
+    static int wolfSSL_ex_wrapper(WOLFSSL* ssl, HandShakeCallBack hsCb,
+                                 TimeoutCallBack toCb, Timeval timeout)
+    {
+        int       ret        = SSL_FATAL_ERROR;
+        int       oldTimerOn = 0;   /* was timer already on */
+        Timeval   startTime;
+        Timeval   endTime;
+        Timeval   totalTime;
+        Itimerval myTimeout;
+        Itimerval oldTimeout; /* if old timer adjust from total time to reset */
+        struct sigaction act, oact;
+
+        #define ERR_OUT(x) { ssl->hsInfoOn = 0; ssl->toInfoOn = 0; return x; }
+
+        if (hsCb) {
+            ssl->hsInfoOn = 1;
+            InitHandShakeInfo(&ssl->handShakeInfo);
+        }
+        if (toCb) {
+            ssl->toInfoOn = 1;
+            InitTimeoutInfo(&ssl->timeoutInfo);
+
+            if (gettimeofday(&startTime, 0) < 0)
+                ERR_OUT(GETTIME_ERROR);
+
+            /* use setitimer to simulate getitimer, init 0 myTimeout */
+            myTimeout.it_interval.tv_sec  = 0;
+            myTimeout.it_interval.tv_usec = 0;
+            myTimeout.it_value.tv_sec     = 0;
+            myTimeout.it_value.tv_usec    = 0;
+            if (setitimer(ITIMER_REAL, &myTimeout, &oldTimeout) < 0)
+                ERR_OUT(SETITIMER_ERROR);
+
+            if (oldTimeout.it_value.tv_sec || oldTimeout.it_value.tv_usec) {
+                oldTimerOn = 1;
+
+                /* is old timer going to expire before ours */
+                if (CmpTimes(oldTimeout.it_value, timeout, <)) {
+                    timeout.tv_sec  = oldTimeout.it_value.tv_sec;
+                    timeout.tv_usec = oldTimeout.it_value.tv_usec;
+                }
+            }
+            myTimeout.it_value.tv_sec  = timeout.tv_sec;
+            myTimeout.it_value.tv_usec = timeout.tv_usec;
+
+            /* set up signal handler, don't restart socket send/recv */
+            act.sa_handler = myHandler;
+            sigemptyset(&act.sa_mask);
+            act.sa_flags = 0;
+#ifdef SA_INTERRUPT
+            act.sa_flags |= SA_INTERRUPT;
+#endif
+            if (sigaction(SIGALRM, &act, &oact) < 0)
+                ERR_OUT(SIGACT_ERROR);
+
+            if (setitimer(ITIMER_REAL, &myTimeout, 0) < 0)
+                ERR_OUT(SETITIMER_ERROR);
+        }
+
+        /* do main work */
+#ifndef NO_WOLFSSL_CLIENT
+        if (ssl->options.side == WOLFSSL_CLIENT_END)
+            ret = wolfSSL_connect(ssl);
+#endif
+#ifndef NO_WOLFSSL_SERVER
+        if (ssl->options.side == WOLFSSL_SERVER_END)
+            ret = wolfSSL_accept(ssl);
+#endif
+
+        /* do callbacks */
+        if (toCb) {
+            if (oldTimerOn) {
+                gettimeofday(&endTime, 0);
+                SubtractTimes(endTime, startTime, totalTime);
+                /* adjust old timer for elapsed time */
+                if (CmpTimes(totalTime, oldTimeout.it_value, <))
+                    SubtractTimes(oldTimeout.it_value, totalTime,
+                                  oldTimeout.it_value);
+                else {
+                    /* reset value to interval, may be off */
+                    oldTimeout.it_value.tv_sec = oldTimeout.it_interval.tv_sec;
+                    oldTimeout.it_value.tv_usec =oldTimeout.it_interval.tv_usec;
+                }
+                /* keep iter the same whether there or not */
+            }
+            /* restore old handler */
+            if (sigaction(SIGALRM, &oact, 0) < 0)
+                ret = SIGACT_ERROR;    /* more pressing error, stomp */
+            else
+                /* use old settings which may turn off (expired or not there) */
+                if (setitimer(ITIMER_REAL, &oldTimeout, 0) < 0)
+                    ret = SETITIMER_ERROR;
+
+            /* if we had a timeout call callback */
+            if (ssl->timeoutInfo.timeoutName[0]) {
+                ssl->timeoutInfo.timeoutValue.tv_sec  = timeout.tv_sec;
+                ssl->timeoutInfo.timeoutValue.tv_usec = timeout.tv_usec;
+                (toCb)(&ssl->timeoutInfo);
+            }
+            /* clean up */
+            FreeTimeoutInfo(&ssl->timeoutInfo, ssl->heap);
+            ssl->toInfoOn = 0;
+        }
+        if (hsCb) {
+            FinishHandShakeInfo(&ssl->handShakeInfo, ssl);
+            (hsCb)(&ssl->handShakeInfo);
+            ssl->hsInfoOn = 0;
+        }
+        return ret;
+    }
+
+
+#ifndef NO_WOLFSSL_CLIENT
+
+    int wolfSSL_connect_ex(WOLFSSL* ssl, HandShakeCallBack hsCb,
+                          TimeoutCallBack toCb, Timeval timeout)
+    {
+        WOLFSSL_ENTER("wolfSSL_connect_ex");
+        return wolfSSL_ex_wrapper(ssl, hsCb, toCb, timeout);
+    }
+
+#endif
+
+
+#ifndef NO_WOLFSSL_SERVER
+
+    int wolfSSL_accept_ex(WOLFSSL* ssl, HandShakeCallBack hsCb,
+                         TimeoutCallBack toCb,Timeval timeout)
+    {
+        WOLFSSL_ENTER("wolfSSL_accept_ex");
+        return wolfSSL_ex_wrapper(ssl, hsCb, toCb, timeout);
+    }
+
+#endif
+
+#endif /* WOLFSSL_CALLBACKS */
+
+
+#ifndef NO_PSK
+
+    void wolfSSL_CTX_set_psk_client_callback(WOLFSSL_CTX* ctx,
+                                         psk_client_callback cb)
+    {
+        WOLFSSL_ENTER("SSL_CTX_set_psk_client_callback");
+        ctx->havePSK = 1;
+        ctx->client_psk_cb = cb;
+    }
+
+
+    void wolfSSL_set_psk_client_callback(WOLFSSL* ssl, psk_client_callback cb)
+    {
+        byte haveRSA = 1;
+
+        WOLFSSL_ENTER("SSL_set_psk_client_callback");
+        ssl->options.havePSK = 1;
+        ssl->options.client_psk_cb = cb;
+
+        #ifdef NO_RSA
+            haveRSA = 0;
+        #endif
+        InitSuites(ssl->suites, ssl->version, haveRSA, TRUE,
+                   ssl->options.haveDH, ssl->options.haveNTRU,
+                   ssl->options.haveECDSAsig, ssl->options.haveStaticECC,
+                   ssl->options.side);
+    }
+
+
+    void wolfSSL_CTX_set_psk_server_callback(WOLFSSL_CTX* ctx,
+                                         psk_server_callback cb)
+    {
+        WOLFSSL_ENTER("SSL_CTX_set_psk_server_callback");
+        ctx->havePSK = 1;
+        ctx->server_psk_cb = cb;
+    }
+
+
+    void wolfSSL_set_psk_server_callback(WOLFSSL* ssl, psk_server_callback cb)
+    {
+        byte haveRSA = 1;
+
+        WOLFSSL_ENTER("SSL_set_psk_server_callback");
+        ssl->options.havePSK = 1;
+        ssl->options.server_psk_cb = cb;
+
+        #ifdef NO_RSA
+            haveRSA = 0;
+        #endif
+        InitSuites(ssl->suites, ssl->version, haveRSA, TRUE,
+                   ssl->options.haveDH, ssl->options.haveNTRU,
+                   ssl->options.haveECDSAsig, ssl->options.haveStaticECC,
+                   ssl->options.side);
+    }
+
+
+    const char* wolfSSL_get_psk_identity_hint(const WOLFSSL* ssl)
+    {
+        WOLFSSL_ENTER("SSL_get_psk_identity_hint");
+
+        if (ssl == NULL || ssl->arrays == NULL)
+            return NULL;
+
+        return ssl->arrays->server_hint;
+    }
+
+
+    const char* wolfSSL_get_psk_identity(const WOLFSSL* ssl)
+    {
+        WOLFSSL_ENTER("SSL_get_psk_identity");
+
+        if (ssl == NULL || ssl->arrays == NULL)
+            return NULL;
+
+        return ssl->arrays->client_identity;
+    }
+
+
+    int wolfSSL_CTX_use_psk_identity_hint(WOLFSSL_CTX* ctx, const char* hint)
+    {
+        WOLFSSL_ENTER("SSL_CTX_use_psk_identity_hint");
+        if (hint == 0)
+            ctx->server_hint[0] = 0;
+        else {
+            XSTRNCPY(ctx->server_hint, hint, MAX_PSK_ID_LEN);
+            ctx->server_hint[MAX_PSK_ID_LEN - 1] = '\0';
+        }
+        return SSL_SUCCESS;
+    }
+
+
+    int wolfSSL_use_psk_identity_hint(WOLFSSL* ssl, const char* hint)
+    {
+        WOLFSSL_ENTER("SSL_use_psk_identity_hint");
+
+        if (ssl == NULL || ssl->arrays == NULL)
+            return SSL_FAILURE;
+
+        if (hint == 0)
+            ssl->arrays->server_hint[0] = 0;
+        else {
+            XSTRNCPY(ssl->arrays->server_hint, hint, MAX_PSK_ID_LEN);
+            ssl->arrays->server_hint[MAX_PSK_ID_LEN - 1] = '\0';
+        }
+        return SSL_SUCCESS;
+    }
+
+#endif /* NO_PSK */
+
+
+#ifdef HAVE_ANON
+
+    int wolfSSL_CTX_allow_anon_cipher(WOLFSSL_CTX* ctx)
+    {
+        WOLFSSL_ENTER("wolfSSL_CTX_allow_anon_cipher");
+
+        if (ctx == NULL)
+            return SSL_FAILURE;
+
+        ctx->haveAnon = 1;
+
+        return SSL_SUCCESS;
+    }
+
+#endif /* HAVE_ANON */
+
+
+#ifndef NO_CERTS
+/* used to be defined on NO_FILESYSTEM only, but are generally useful */
+
+    /* wolfSSL extension allows DER files to be loaded from buffers as well */
+    int wolfSSL_CTX_load_verify_buffer(WOLFSSL_CTX* ctx, const unsigned char* in,
+                                      long sz, int format)
+    {
+        WOLFSSL_ENTER("wolfSSL_CTX_load_verify_buffer");
+        if (format == SSL_FILETYPE_PEM)
+            return ProcessChainBuffer(ctx, in, sz, format, CA_TYPE, NULL);
+        else
+            return ProcessBuffer(ctx, in, sz, format, CA_TYPE, NULL,NULL,0);
+    }
+
+
+    int wolfSSL_CTX_use_certificate_buffer(WOLFSSL_CTX* ctx,
+                                 const unsigned char* in, long sz, int format)
+    {
+        WOLFSSL_ENTER("wolfSSL_CTX_use_certificate_buffer");
+        return ProcessBuffer(ctx, in, sz, format, CERT_TYPE, NULL, NULL, 0);
+    }
+
+
+    int wolfSSL_CTX_use_PrivateKey_buffer(WOLFSSL_CTX* ctx,
+                                 const unsigned char* in, long sz, int format)
+    {
+        WOLFSSL_ENTER("wolfSSL_CTX_use_PrivateKey_buffer");
+        return ProcessBuffer(ctx, in, sz, format, PRIVATEKEY_TYPE, NULL,NULL,0);
+    }
+
+
+    int wolfSSL_CTX_use_certificate_chain_buffer(WOLFSSL_CTX* ctx,
+                                 const unsigned char* in, long sz)
+    {
+        WOLFSSL_ENTER("wolfSSL_CTX_use_certificate_chain_buffer");
+        return ProcessBuffer(ctx, in, sz, SSL_FILETYPE_PEM, CERT_TYPE, NULL,
+                             NULL, 1);
+    }
+
+    int wolfSSL_use_certificate_buffer(WOLFSSL* ssl,
+                                 const unsigned char* in, long sz, int format)
+    {
+        WOLFSSL_ENTER("wolfSSL_use_certificate_buffer");
+        return ProcessBuffer(ssl->ctx, in, sz, format,CERT_TYPE,ssl,NULL,0);
+    }
+
+
+    int wolfSSL_use_PrivateKey_buffer(WOLFSSL* ssl,
+                                 const unsigned char* in, long sz, int format)
+    {
+        WOLFSSL_ENTER("wolfSSL_use_PrivateKey_buffer");
+        return ProcessBuffer(ssl->ctx, in, sz, format, PRIVATEKEY_TYPE,
+                             ssl, NULL, 0);
+    }
+
+
+    int wolfSSL_use_certificate_chain_buffer(WOLFSSL* ssl,
+                                 const unsigned char* in, long sz)
+    {
+        WOLFSSL_ENTER("wolfSSL_use_certificate_chain_buffer");
+        return ProcessBuffer(ssl->ctx, in, sz, SSL_FILETYPE_PEM, CERT_TYPE,
+                             ssl, NULL, 1);
+    }
+
+
+    /* unload any certs or keys that SSL owns, leave CTX as is
+       SSL_SUCCESS on ok */
+    int wolfSSL_UnloadCertsKeys(WOLFSSL* ssl)
+    {
+        if (ssl == NULL) {
+            WOLFSSL_MSG("Null function arg");
+            return BAD_FUNC_ARG;
+        }
+
+        if (ssl->buffers.weOwnCert) {
+            WOLFSSL_MSG("Unloading cert");
+            XFREE(ssl->buffers.certificate.buffer, ssl->heap,DYNAMIC_TYPE_CERT);
+            ssl->buffers.weOwnCert = 0;
+            ssl->buffers.certificate.length = 0;
+            ssl->buffers.certificate.buffer = NULL;
+        }
+
+        if (ssl->buffers.weOwnCertChain) {
+            WOLFSSL_MSG("Unloading cert chain");
+            XFREE(ssl->buffers.certChain.buffer, ssl->heap,DYNAMIC_TYPE_CERT);
+            ssl->buffers.weOwnCertChain = 0;
+            ssl->buffers.certChain.length = 0;
+            ssl->buffers.certChain.buffer = NULL;
+        }
+
+        if (ssl->buffers.weOwnKey) {
+            WOLFSSL_MSG("Unloading key");
+            XFREE(ssl->buffers.key.buffer, ssl->heap, DYNAMIC_TYPE_KEY);
+            ssl->buffers.weOwnKey = 0;
+            ssl->buffers.key.length = 0;
+            ssl->buffers.key.buffer = NULL;
+        }
+
+        return SSL_SUCCESS;
+    }
+
+
+    int wolfSSL_CTX_UnloadCAs(WOLFSSL_CTX* ctx)
+    {
+        WOLFSSL_ENTER("wolfSSL_CTX_UnloadCAs");
+
+        if (ctx == NULL)
+            return BAD_FUNC_ARG;
+
+        return wolfSSL_CertManagerUnloadCAs(ctx->cm);
+    }
+
+/* old NO_FILESYSTEM end */
+#endif /* !NO_CERTS */
+
+
+#if defined(OPENSSL_EXTRA) || defined(GOAHEAD_WS)
+
+
+    int wolfSSL_add_all_algorithms(void)
+    {
+        WOLFSSL_ENTER("wolfSSL_add_all_algorithms");
+        wolfSSL_Init();
+        return SSL_SUCCESS;
+    }
+
+
+    long wolfSSL_CTX_sess_set_cache_size(WOLFSSL_CTX* ctx, long sz)
+    {
+        /* cache size fixed at compile time in wolfSSL */
+        (void)ctx;
+        (void)sz;
+        return 0;
+    }
+
+
+    void wolfSSL_CTX_set_quiet_shutdown(WOLFSSL_CTX* ctx, int mode)
+    {
+        WOLFSSL_ENTER("wolfSSL_CTX_set_quiet_shutdown");
+        if (mode)
+            ctx->quietShutdown = 1;
+    }
+
+
+    void wolfSSL_set_quiet_shutdown(WOLFSSL* ssl, int mode)
+    {
+        WOLFSSL_ENTER("wolfSSL_CTX_set_quiet_shutdown");
+        if (mode)
+            ssl->options.quietShutdown = 1;
+    }
+
+
+    void wolfSSL_set_bio(WOLFSSL* ssl, WOLFSSL_BIO* rd, WOLFSSL_BIO* wr)
+    {
+        WOLFSSL_ENTER("SSL_set_bio");
+        wolfSSL_set_rfd(ssl, rd->fd);
+        wolfSSL_set_wfd(ssl, wr->fd);
+
+        ssl->biord = rd;
+        ssl->biowr = wr;
+    }
+
+
+    void wolfSSL_CTX_set_client_CA_list(WOLFSSL_CTX* ctx,
+                                       STACK_OF(WOLFSSL_X509_NAME)* names)
+    {
+        (void)ctx;
+        (void)names;
+    }
+
+
+    STACK_OF(WOLFSSL_X509_NAME)* wolfSSL_load_client_CA_file(const char* fname)
+    {
+        (void)fname;
+        return 0;
+    }
+
+
+    int wolfSSL_CTX_set_default_verify_paths(WOLFSSL_CTX* ctx)
+    {
+        /* TODO:, not needed in goahead */
+        (void)ctx;
+        return SSL_NOT_IMPLEMENTED;
+    }
+
+
+    /* keyblock size in bytes or -1 */
+    int wolfSSL_get_keyblock_size(WOLFSSL* ssl)
+    {
+        if (ssl == NULL)
+            return SSL_FATAL_ERROR;
+
+        return 2 * (ssl->specs.key_size + ssl->specs.iv_size +
+                    ssl->specs.hash_size);
+    }
+
+
+    /* store keys returns SSL_SUCCESS or -1 on error */
+    int wolfSSL_get_keys(WOLFSSL* ssl, unsigned char** ms, unsigned int* msLen,
+                                     unsigned char** sr, unsigned int* srLen,
+                                     unsigned char** cr, unsigned int* crLen)
+    {
+        if (ssl == NULL || ssl->arrays == NULL)
+            return SSL_FATAL_ERROR;
+
+        *ms = ssl->arrays->masterSecret;
+        *sr = ssl->arrays->serverRandom;
+        *cr = ssl->arrays->clientRandom;
+
+        *msLen = SECRET_LEN;
+        *srLen = RAN_LEN;
+        *crLen = RAN_LEN;
+
+        return SSL_SUCCESS;
+    }
+
+
+    void wolfSSL_set_accept_state(WOLFSSL* ssl)
+    {
+        byte haveRSA = 1;
+        byte havePSK = 0;
+
+        WOLFSSL_ENTER("SSL_set_accept_state");
+        ssl->options.side = WOLFSSL_SERVER_END;
+        /* reset suites in case user switched */
+
+        #ifdef NO_RSA
+            haveRSA = 0;
+        #endif
+        #ifndef NO_PSK
+            havePSK = ssl->options.havePSK;
+        #endif
+        InitSuites(ssl->suites, ssl->version, haveRSA, havePSK,
+                   ssl->options.haveDH, ssl->options.haveNTRU,
+                   ssl->options.haveECDSAsig, ssl->options.haveStaticECC,
+                   ssl->options.side);
+    }
+#endif
+
+    /* return true if connection established */
+    int wolfSSL_is_init_finished(WOLFSSL* ssl)
+    {
+        if (ssl == NULL)
+            return 0;
+
+        if (ssl->options.handShakeState == HANDSHAKE_DONE)
+            return 1;
+
+        return 0;
+    }
+
+#if defined(OPENSSL_EXTRA) || defined(GOAHEAD_WS)
+    void wolfSSL_CTX_set_tmp_rsa_callback(WOLFSSL_CTX* ctx,
+                                      WOLFSSL_RSA*(*f)(WOLFSSL*, int, int))
+    {
+        /* wolfSSL verifies all these internally */
+        (void)ctx;
+        (void)f;
+    }
+
+
+    void wolfSSL_set_shutdown(WOLFSSL* ssl, int opt)
+    {
+        (void)ssl;
+        (void)opt;
+    }
+
+
+    long wolfSSL_CTX_set_options(WOLFSSL_CTX* ctx, long opt)
+    {
+        /* goahead calls with 0, do nothing */
+        WOLFSSL_ENTER("SSL_CTX_set_options");
+        (void)ctx;
+        return opt;
+    }
+
+
+    int wolfSSL_set_rfd(WOLFSSL* ssl, int rfd)
+    {
+        WOLFSSL_ENTER("SSL_set_rfd");
+        ssl->rfd = rfd;      /* not used directly to allow IO callbacks */
+
+        ssl->IOCB_ReadCtx  = &ssl->rfd;
+
+        return SSL_SUCCESS;
+    }
+
+
+    int wolfSSL_set_wfd(WOLFSSL* ssl, int wfd)
+    {
+        WOLFSSL_ENTER("SSL_set_wfd");
+        ssl->wfd = wfd;      /* not used directly to allow IO callbacks */
+
+        ssl->IOCB_WriteCtx  = &ssl->wfd;
+
+        return SSL_SUCCESS;
+    }
+
+
+    WOLFSSL_RSA* wolfSSL_RSA_generate_key(int len, unsigned long bits,
+                                          void(*f)(int, int, void*), void* data)
+    {
+        /* no tmp key needed, actual generation not supported */
+        WOLFSSL_ENTER("RSA_generate_key");
+        (void)len;
+        (void)bits;
+        (void)f;
+        (void)data;
+        return NULL;
+    }
+
+
+
+    WOLFSSL_X509* wolfSSL_X509_STORE_CTX_get_current_cert(
+                                                     WOLFSSL_X509_STORE_CTX* ctx)
+    {
+        (void)ctx;
+        return 0;
+    }
+
+
+    int wolfSSL_X509_STORE_CTX_get_error(WOLFSSL_X509_STORE_CTX* ctx)
+    {
+        if (ctx != NULL)
+            return ctx->error;
+        return 0;
+    }
+
+
+    int wolfSSL_X509_STORE_CTX_get_error_depth(WOLFSSL_X509_STORE_CTX* ctx)
+    {
+        (void)ctx;
+        return 0;
+    }
+
+
+    WOLFSSL_BIO_METHOD* wolfSSL_BIO_f_buffer(void)
+    {
+        static WOLFSSL_BIO_METHOD meth;
+
+        WOLFSSL_ENTER("BIO_f_buffer");
+        meth.type = BIO_BUFFER;
+
+        return &meth;
+    }
+
+
+    long wolfSSL_BIO_set_write_buffer_size(WOLFSSL_BIO* bio, long size)
+    {
+        /* wolfSSL has internal buffer, compatibility only */
+        WOLFSSL_ENTER("BIO_set_write_buffer_size");
+        (void)bio;
+        return size;
+    }
+
+
+    WOLFSSL_BIO_METHOD* wolfSSL_BIO_f_ssl(void)
+    {
+        static WOLFSSL_BIO_METHOD meth;
+
+        WOLFSSL_ENTER("BIO_f_ssl");
+        meth.type = BIO_SSL;
+
+        return &meth;
+    }
+
+
+    WOLFSSL_BIO* wolfSSL_BIO_new_socket(int sfd, int closeF)
+    {
+        WOLFSSL_BIO* bio = (WOLFSSL_BIO*) XMALLOC(sizeof(WOLFSSL_BIO), 0,
+                                                DYNAMIC_TYPE_OPENSSL);
+
+        WOLFSSL_ENTER("BIO_new_socket");
+        if (bio) {
+            bio->type  = BIO_SOCKET;
+            bio->close = (byte)closeF;
+            bio->eof   = 0;
+            bio->ssl   = 0;
+            bio->fd    = sfd;
+            bio->prev  = 0;
+            bio->next  = 0;
+            bio->mem   = NULL;
+            bio->memLen = 0;
+        }
+        return bio;
+    }
+
+
+    int wolfSSL_BIO_eof(WOLFSSL_BIO* b)
+    {
+        WOLFSSL_ENTER("BIO_eof");
+        if (b->eof)
+            return 1;
+
+        return 0;
+    }
+
+
+    long wolfSSL_BIO_set_ssl(WOLFSSL_BIO* b, WOLFSSL* ssl, int closeF)
+    {
+        WOLFSSL_ENTER("BIO_set_ssl");
+        b->ssl   = ssl;
+        b->close = (byte)closeF;
+    /* add to ssl for bio free if SSL_free called before/instead of free_all? */
+
+        return 0;
+    }
+
+
+    WOLFSSL_BIO* wolfSSL_BIO_new(WOLFSSL_BIO_METHOD* method)
+    {
+        WOLFSSL_BIO* bio = (WOLFSSL_BIO*) XMALLOC(sizeof(WOLFSSL_BIO), 0,
+                                                DYNAMIC_TYPE_OPENSSL);
+        WOLFSSL_ENTER("BIO_new");
+        if (bio) {
+            bio->type   = method->type;
+            bio->close  = 0;
+            bio->eof    = 0;
+            bio->ssl    = NULL;
+            bio->mem    = NULL;
+            bio->memLen = 0;
+            bio->fd     = 0;
+            bio->prev   = NULL;
+            bio->next   = NULL;
+        }
+        return bio;
+    }
+
+
+    int wolfSSL_BIO_get_mem_data(WOLFSSL_BIO* bio, const byte** p)
+    {
+        if (bio == NULL || p == NULL)
+            return SSL_FATAL_ERROR;
+
+        *p = bio->mem;
+
+        return bio->memLen;
+    }
+
+
+    WOLFSSL_BIO* wolfSSL_BIO_new_mem_buf(void* buf, int len)
+    {
+        WOLFSSL_BIO* bio = NULL;
+        if (buf == NULL)
+            return bio;
+
+        bio = wolfSSL_BIO_new(wolfSSL_BIO_s_mem());
+        if (bio == NULL)
+            return bio;
+
+        bio->memLen = len;
+        bio->mem    = (byte*)XMALLOC(len, 0, DYNAMIC_TYPE_OPENSSL);
+        if (bio->mem == NULL) {
+            XFREE(bio, 0, DYNAMIC_TYPE_OPENSSL);
+            return NULL;
+        }
+
+        XMEMCPY(bio->mem, buf, len);
+
+        return bio;
+    }
+
+
+#ifdef USE_WINDOWS_API
+    #define CloseSocket(s) closesocket(s)
+#elif defined(WOLFSSL_MDK_ARM)
+    #define CloseSocket(s) closesocket(s)
+    extern int closesocket(int) ;
+#else
+    #define CloseSocket(s) close(s)
+#endif
+
+    int wolfSSL_BIO_free(WOLFSSL_BIO* bio)
+    {
+        /* unchain?, doesn't matter in goahead since from free all */
+        WOLFSSL_ENTER("BIO_free");
+        if (bio) {
+            if (bio->close) {
+                if (bio->ssl)
+                    wolfSSL_free(bio->ssl);
+                if (bio->fd)
+                    CloseSocket(bio->fd);
+            }
+            if (bio->mem)
+                XFREE(bio->mem, 0, DYNAMIC_TYPE_OPENSSL);
+            XFREE(bio, 0, DYNAMIC_TYPE_OPENSSL);
+        }
+        return 0;
+    }
+
+
+    int wolfSSL_BIO_free_all(WOLFSSL_BIO* bio)
+    {
+        WOLFSSL_ENTER("BIO_free_all");
+        while (bio) {
+            WOLFSSL_BIO* next = bio->next;
+            wolfSSL_BIO_free(bio);
+            bio = next;
+        }
+        return 0;
+    }
+
+
+    int wolfSSL_BIO_read(WOLFSSL_BIO* bio, void* buf, int len)
+    {
+        int  ret;
+        WOLFSSL* ssl = 0;
+        WOLFSSL_BIO* front = bio;
+
+        WOLFSSL_ENTER("BIO_read");
+        /* already got eof, again is error */
+        if (front->eof)
+            return SSL_FATAL_ERROR;
+
+        while(bio && ((ssl = bio->ssl) == 0) )
+            bio = bio->next;
+
+        if (ssl == 0) return BAD_FUNC_ARG;
+
+        ret = wolfSSL_read(ssl, buf, len);
+        if (ret == 0)
+            front->eof = 1;
+        else if (ret < 0) {
+            int err = wolfSSL_get_error(ssl, 0);
+            if ( !(err == SSL_ERROR_WANT_READ || err == SSL_ERROR_WANT_WRITE) )
+                front->eof = 1;
+        }
+        return ret;
+    }
+
+
+    int wolfSSL_BIO_write(WOLFSSL_BIO* bio, const void* data, int len)
+    {
+        int  ret;
+        WOLFSSL* ssl = 0;
+        WOLFSSL_BIO* front = bio;
+
+        WOLFSSL_ENTER("BIO_write");
+        /* already got eof, again is error */
+        if (front->eof)
+            return SSL_FATAL_ERROR;
+
+        while(bio && ((ssl = bio->ssl) == 0) )
+            bio = bio->next;
+
+        if (ssl == 0) return BAD_FUNC_ARG;
+
+        ret = wolfSSL_write(ssl, data, len);
+        if (ret == 0)
+            front->eof = 1;
+        else if (ret < 0) {
+            int err = wolfSSL_get_error(ssl, 0);
+            if ( !(err == SSL_ERROR_WANT_READ || err == SSL_ERROR_WANT_WRITE) )
+                front->eof = 1;
+        }
+
+        return ret;
+    }
+
+
+    WOLFSSL_BIO* wolfSSL_BIO_push(WOLFSSL_BIO* top, WOLFSSL_BIO* append)
+    {
+        WOLFSSL_ENTER("BIO_push");
+        top->next    = append;
+        append->prev = top;
+
+        return top;
+    }
+
+
+    int wolfSSL_BIO_flush(WOLFSSL_BIO* bio)
+    {
+        /* for wolfSSL no flushing needed */
+        WOLFSSL_ENTER("BIO_flush");
+        (void)bio;
+        return 1;
+    }
+
+
+#endif /* OPENSSL_EXTRA || GOAHEAD_WS */
+
+
+#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER)
+
+    void wolfSSL_CTX_set_default_passwd_cb_userdata(WOLFSSL_CTX* ctx,
+                                                   void* userdata)
+    {
+        WOLFSSL_ENTER("SSL_CTX_set_default_passwd_cb_userdata");
+        ctx->userdata = userdata;
+    }
+
+
+    void wolfSSL_CTX_set_default_passwd_cb(WOLFSSL_CTX* ctx, pem_password_cb cb)
+    {
+        WOLFSSL_ENTER("SSL_CTX_set_default_passwd_cb");
+        ctx->passwd_cb = cb;
+    }
+
+    int wolfSSL_num_locks(void)
+    {
+        return 0;
+    }
+
+    void wolfSSL_set_locking_callback(void (*f)(int, int, const char*, int))
+    {
+        (void)f;
+    }
+
+    void wolfSSL_set_id_callback(unsigned long (*f)(void))
+    {
+        (void)f;
+    }
+
+    unsigned long wolfSSL_ERR_get_error(void)
+    {
+        /* TODO: */
+        return 0;
+    }
+
+    int wolfSSL_EVP_BytesToKey(const WOLFSSL_EVP_CIPHER* type,
+                       const WOLFSSL_EVP_MD* md, const byte* salt,
+                       const byte* data, int sz, int count, byte* key, byte* iv)
+    {
+        int  keyLen = 0;
+        int  ivLen  = 0;
+        int  j;
+        int  keyLeft;
+        int  ivLeft;
+        int  keyOutput = 0;
+        byte digest[MD5_DIGEST_SIZE];
+    #ifdef WOLFSSL_SMALL_STACK
+        Md5* md5 = NULL;
+    #else
+        Md5  md5[1];
+    #endif
+
+    #ifdef WOLFSSL_SMALL_STACK
+        md5 = (Md5*)XMALLOC(sizeof(Md5), NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        if (md5 == NULL)
+            return 0;
+    #endif
+
+        WOLFSSL_ENTER("EVP_BytesToKey");
+        wc_InitMd5(md5);
+
+        /* only support MD5 for now */
+        if (XSTRNCMP(md, "MD5", 3) != 0) return 0;
+
+        /* only support CBC DES and AES for now */
+        if (XSTRNCMP(type, "DES-CBC", 7) == 0) {
+            keyLen = DES_KEY_SIZE;
+            ivLen  = DES_IV_SIZE;
+        }
+        else if (XSTRNCMP(type, "DES-EDE3-CBC", 12) == 0) {
+            keyLen = DES3_KEY_SIZE;
+            ivLen  = DES_IV_SIZE;
+        }
+        else if (XSTRNCMP(type, "AES-128-CBC", 11) == 0) {
+            keyLen = AES_128_KEY_SIZE;
+            ivLen  = AES_IV_SIZE;
+        }
+        else if (XSTRNCMP(type, "AES-192-CBC", 11) == 0) {
+            keyLen = AES_192_KEY_SIZE;
+            ivLen  = AES_IV_SIZE;
+        }
+        else if (XSTRNCMP(type, "AES-256-CBC", 11) == 0) {
+            keyLen = AES_256_KEY_SIZE;
+            ivLen  = AES_IV_SIZE;
+        }
+        else {
+        #ifdef WOLFSSL_SMALL_STACK
+            XFREE(md5, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        #endif
+            return 0;
+        }
+
+        keyLeft   = keyLen;
+        ivLeft    = ivLen;
+
+        while (keyOutput < (keyLen + ivLen)) {
+            int digestLeft = MD5_DIGEST_SIZE;
+            /* D_(i - 1) */
+            if (keyOutput)                      /* first time D_0 is empty */
+                wc_Md5Update(md5, digest, MD5_DIGEST_SIZE);
+            /* data */
+            wc_Md5Update(md5, data, sz);
+            /* salt */
+            if (salt)
+                wc_Md5Update(md5, salt, EVP_SALT_SIZE);
+            wc_Md5Final(md5, digest);
+            /* count */
+            for (j = 1; j < count; j++) {
+                wc_Md5Update(md5, digest, MD5_DIGEST_SIZE);
+                wc_Md5Final(md5, digest);
+            }
+
+            if (keyLeft) {
+                int store = min(keyLeft, MD5_DIGEST_SIZE);
+                XMEMCPY(&key[keyLen - keyLeft], digest, store);
+
+                keyOutput  += store;
+                keyLeft    -= store;
+                digestLeft -= store;
+            }
+
+            if (ivLeft && digestLeft) {
+                int store = min(ivLeft, digestLeft);
+                XMEMCPY(&iv[ivLen - ivLeft], &digest[MD5_DIGEST_SIZE -
+                                                    digestLeft], store);
+                keyOutput += store;
+                ivLeft    -= store;
+            }
+        }
+
+    #ifdef WOLFSSL_SMALL_STACK
+        XFREE(md5, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    #endif
+
+        return keyOutput == (keyLen + ivLen) ? keyOutput : 0;
+    }
+
+#endif /* OPENSSL_EXTRA || HAVE_WEBSERVER */
+
+
+#ifdef OPENSSL_EXTRA
+
+    unsigned long wolfSSLeay(void)
+    {
+        return SSLEAY_VERSION_NUMBER;
+    }
+
+
+    const char* wolfSSLeay_version(int type)
+    {
+        static const char* version = "SSLeay wolfSSL compatibility";
+        (void)type;
+        return version;
+    }
+
+
+    void wolfSSL_MD5_Init(WOLFSSL_MD5_CTX* md5)
+    {
+        typedef char md5_test[sizeof(MD5_CTX) >= sizeof(Md5) ? 1 : -1];
+        (void)sizeof(md5_test);
+
+        WOLFSSL_ENTER("MD5_Init");
+        wc_InitMd5((Md5*)md5);
+    }
+
+
+    void wolfSSL_MD5_Update(WOLFSSL_MD5_CTX* md5, const void* input,
+                           unsigned long sz)
+    {
+        WOLFSSL_ENTER("wolfSSL_MD5_Update");
+        wc_Md5Update((Md5*)md5, (const byte*)input, (word32)sz);
+    }
+
+
+    void wolfSSL_MD5_Final(byte* input, WOLFSSL_MD5_CTX* md5)
+    {
+        WOLFSSL_ENTER("MD5_Final");
+        wc_Md5Final((Md5*)md5, input);
+    }
+
+
+    void wolfSSL_SHA_Init(WOLFSSL_SHA_CTX* sha)
+    {
+        typedef char sha_test[sizeof(SHA_CTX) >= sizeof(Sha) ? 1 : -1];
+        (void)sizeof(sha_test);
+
+        WOLFSSL_ENTER("SHA_Init");
+        wc_InitSha((Sha*)sha);  /* OpenSSL compat, no ret */
+    }
+
+
+    void wolfSSL_SHA_Update(WOLFSSL_SHA_CTX* sha, const void* input,
+                           unsigned long sz)
+    {
+        WOLFSSL_ENTER("SHA_Update");
+        wc_ShaUpdate((Sha*)sha, (const byte*)input, (word32)sz);
+    }
+
+
+    void wolfSSL_SHA_Final(byte* input, WOLFSSL_SHA_CTX* sha)
+    {
+        WOLFSSL_ENTER("SHA_Final");
+        wc_ShaFinal((Sha*)sha, input);
+    }
+
+
+    void wolfSSL_SHA1_Init(WOLFSSL_SHA_CTX* sha)
+    {
+        WOLFSSL_ENTER("SHA1_Init");
+        SHA_Init(sha);
+    }
+
+
+    void wolfSSL_SHA1_Update(WOLFSSL_SHA_CTX* sha, const void* input,
+                            unsigned long sz)
+    {
+        WOLFSSL_ENTER("SHA1_Update");
+        SHA_Update(sha, input, sz);
+    }
+
+
+    void wolfSSL_SHA1_Final(byte* input, WOLFSSL_SHA_CTX* sha)
+    {
+        WOLFSSL_ENTER("SHA1_Final");
+        SHA_Final(input, sha);
+    }
+
+
+    void wolfSSL_SHA256_Init(WOLFSSL_SHA256_CTX* sha256)
+    {
+        typedef char sha_test[sizeof(SHA256_CTX) >= sizeof(Sha256) ? 1 : -1];
+        (void)sizeof(sha_test);
+
+        WOLFSSL_ENTER("SHA256_Init");
+        wc_InitSha256((Sha256*)sha256);  /* OpenSSL compat, no error */
+    }
+
+
+    void wolfSSL_SHA256_Update(WOLFSSL_SHA256_CTX* sha, const void* input,
+                              unsigned long sz)
+    {
+        WOLFSSL_ENTER("SHA256_Update");
+        wc_Sha256Update((Sha256*)sha, (const byte*)input, (word32)sz);
+        /* OpenSSL compat, no error */
+    }
+
+
+    void wolfSSL_SHA256_Final(byte* input, WOLFSSL_SHA256_CTX* sha)
+    {
+        WOLFSSL_ENTER("SHA256_Final");
+        wc_Sha256Final((Sha256*)sha, input);
+        /* OpenSSL compat, no error */
+    }
+
+
+    #ifdef WOLFSSL_SHA384
+
+    void wolfSSL_SHA384_Init(WOLFSSL_SHA384_CTX* sha)
+    {
+        typedef char sha_test[sizeof(SHA384_CTX) >= sizeof(Sha384) ? 1 : -1];
+        (void)sizeof(sha_test);
+
+        WOLFSSL_ENTER("SHA384_Init");
+        wc_InitSha384((Sha384*)sha);   /* OpenSSL compat, no error */
+    }
+
+
+    void wolfSSL_SHA384_Update(WOLFSSL_SHA384_CTX* sha, const void* input,
+                           unsigned long sz)
+    {
+        WOLFSSL_ENTER("SHA384_Update");
+        wc_Sha384Update((Sha384*)sha, (const byte*)input, (word32)sz);
+        /* OpenSSL compat, no error */
+    }
+
+
+    void wolfSSL_SHA384_Final(byte* input, WOLFSSL_SHA384_CTX* sha)
+    {
+        WOLFSSL_ENTER("SHA384_Final");
+        wc_Sha384Final((Sha384*)sha, input);
+        /* OpenSSL compat, no error */
+    }
+
+    #endif /* WOLFSSL_SHA384 */
+
+
+   #ifdef WOLFSSL_SHA512
+
+    void wolfSSL_SHA512_Init(WOLFSSL_SHA512_CTX* sha)
+    {
+        typedef char sha_test[sizeof(SHA512_CTX) >= sizeof(Sha512) ? 1 : -1];
+        (void)sizeof(sha_test);
+
+        WOLFSSL_ENTER("SHA512_Init");
+        wc_InitSha512((Sha512*)sha);  /* OpenSSL compat, no error */
+    }
+
+
+    void wolfSSL_SHA512_Update(WOLFSSL_SHA512_CTX* sha, const void* input,
+                           unsigned long sz)
+    {
+        WOLFSSL_ENTER("SHA512_Update");
+        wc_Sha512Update((Sha512*)sha, (const byte*)input, (word32)sz);
+        /* OpenSSL compat, no error */
+    }
+
+
+    void wolfSSL_SHA512_Final(byte* input, WOLFSSL_SHA512_CTX* sha)
+    {
+        WOLFSSL_ENTER("SHA512_Final");
+        wc_Sha512Final((Sha512*)sha, input);
+        /* OpenSSL compat, no error */
+    }
+
+    #endif /* WOLFSSL_SHA512 */
+
+
+    const WOLFSSL_EVP_MD* wolfSSL_EVP_md5(void)
+    {
+        static const char* type = "MD5";
+        WOLFSSL_ENTER("EVP_md5");
+        return type;
+    }
+
+
+    const WOLFSSL_EVP_MD* wolfSSL_EVP_sha1(void)
+    {
+        static const char* type = "SHA";
+        WOLFSSL_ENTER("EVP_sha1");
+        return type;
+    }
+
+
+    const WOLFSSL_EVP_MD* wolfSSL_EVP_sha256(void)
+    {
+        static const char* type = "SHA256";
+        WOLFSSL_ENTER("EVP_sha256");
+        return type;
+    }
+
+    #ifdef WOLFSSL_SHA384
+
+    const WOLFSSL_EVP_MD* wolfSSL_EVP_sha384(void)
+    {
+        static const char* type = "SHA384";
+        WOLFSSL_ENTER("EVP_sha384");
+        return type;
+    }
+
+    #endif /* WOLFSSL_SHA384 */
+
+    #ifdef WOLFSSL_SHA512
+
+    const WOLFSSL_EVP_MD* wolfSSL_EVP_sha512(void)
+    {
+        static const char* type = "SHA512";
+        WOLFSSL_ENTER("EVP_sha512");
+        return type;
+    }
+
+    #endif /* WOLFSSL_SHA512 */
+
+
+    void wolfSSL_EVP_MD_CTX_init(WOLFSSL_EVP_MD_CTX* ctx)
+    {
+        WOLFSSL_ENTER("EVP_CIPHER_MD_CTX_init");
+        (void)ctx;
+        /* do nothing */
+    }
+
+
+    const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_128_cbc(void)
+    {
+        static const char* type = "AES128-CBC";
+        WOLFSSL_ENTER("wolfSSL_EVP_aes_128_cbc");
+        return type;
+    }
+
+
+    const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_192_cbc(void)
+    {
+        static const char* type = "AES192-CBC";
+        WOLFSSL_ENTER("wolfSSL_EVP_aes_192_cbc");
+        return type;
+    }
+
+
+    const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_256_cbc(void)
+    {
+        static const char* type = "AES256-CBC";
+        WOLFSSL_ENTER("wolfSSL_EVP_aes_256_cbc");
+        return type;
+    }
+
+
+    const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_128_ctr(void)
+    {
+        static const char* type = "AES128-CTR";
+        WOLFSSL_ENTER("wolfSSL_EVP_aes_128_ctr");
+        return type;
+    }
+
+
+    const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_192_ctr(void)
+    {
+        static const char* type = "AES192-CTR";
+        WOLFSSL_ENTER("wolfSSL_EVP_aes_192_ctr");
+        return type;
+    }
+
+
+    const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_256_ctr(void)
+    {
+        static const char* type = "AES256-CTR";
+        WOLFSSL_ENTER("wolfSSL_EVP_aes_256_ctr");
+        return type;
+    }
+
+
+    const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_des_cbc(void)
+    {
+        static const char* type = "DES-CBC";
+        WOLFSSL_ENTER("wolfSSL_EVP_des_cbc");
+        return type;
+    }
+
+
+    const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_des_ede3_cbc(void)
+    {
+        static const char* type = "DES-EDE3-CBC";
+        WOLFSSL_ENTER("wolfSSL_EVP_des_ede3_cbc");
+        return type;
+    }
+
+
+    const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_rc4(void)
+    {
+        static const char* type = "ARC4";
+        WOLFSSL_ENTER("wolfSSL_EVP_rc4");
+        return type;
+    }
+
+
+    const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_enc_null(void)
+    {
+        static const char* type = "NULL";
+        WOLFSSL_ENTER("wolfSSL_EVP_enc_null");
+        return type;
+    }
+
+
+    int wolfSSL_EVP_MD_CTX_cleanup(WOLFSSL_EVP_MD_CTX* ctx)
+    {
+        WOLFSSL_ENTER("EVP_MD_CTX_cleanup");
+        (void)ctx;
+        return 0;
+    }
+
+
+
+    void wolfSSL_EVP_CIPHER_CTX_init(WOLFSSL_EVP_CIPHER_CTX* ctx)
+    {
+        WOLFSSL_ENTER("EVP_CIPHER_CTX_init");
+        if (ctx) {
+            ctx->cipherType = 0xff;   /* no init */
+            ctx->keyLen     = 0;
+            ctx->enc        = 1;      /* start in encrypt mode */
+        }
+    }
+
+
+    /* SSL_SUCCESS on ok */
+    int wolfSSL_EVP_CIPHER_CTX_cleanup(WOLFSSL_EVP_CIPHER_CTX* ctx)
+    {
+        WOLFSSL_ENTER("EVP_CIPHER_CTX_cleanup");
+        if (ctx) {
+            ctx->cipherType = 0xff;  /* no more init */
+            ctx->keyLen     = 0;
+        }
+
+        return SSL_SUCCESS;
+    }
+
+
+    /* SSL_SUCCESS on ok */
+    int  wolfSSL_EVP_CipherInit(WOLFSSL_EVP_CIPHER_CTX* ctx,
+                               const WOLFSSL_EVP_CIPHER* type, byte* key,
+                               byte* iv, int enc)
+    {
+        int ret = 0;
+
+        WOLFSSL_ENTER("wolfSSL_EVP_CipherInit");
+        if (ctx == NULL) {
+            WOLFSSL_MSG("no ctx");
+            return 0;   /* failure */
+        }
+
+        if (type == NULL && ctx->cipherType == 0xff) {
+            WOLFSSL_MSG("no type set");
+            return 0;   /* failure */
+        }
+
+        if (ctx->cipherType == AES_128_CBC_TYPE || (type &&
+                                       XSTRNCMP(type, "AES128-CBC", 10) == 0)) {
+            WOLFSSL_MSG("AES-128-CBC");
+            ctx->cipherType = AES_128_CBC_TYPE;
+            ctx->keyLen     = 16;
+            if (enc == 0 || enc == 1)
+                ctx->enc = enc ? 1 : 0;
+            if (key) {
+                ret = wc_AesSetKey(&ctx->cipher.aes, key, ctx->keyLen, iv,
+                                ctx->enc ? AES_ENCRYPTION : AES_DECRYPTION);
+                if (ret != 0)
+                    return ret;
+            }
+            if (iv && key == NULL) {
+                ret = wc_AesSetIV(&ctx->cipher.aes, iv);
+                if (ret != 0)
+                    return ret;
+            }
+        }
+        else if (ctx->cipherType == AES_192_CBC_TYPE || (type &&
+                                       XSTRNCMP(type, "AES192-CBC", 10) == 0)) {
+            WOLFSSL_MSG("AES-192-CBC");
+            ctx->cipherType = AES_192_CBC_TYPE;
+            ctx->keyLen     = 24;
+            if (enc == 0 || enc == 1)
+                ctx->enc = enc ? 1 : 0;
+            if (key) {
+                ret = wc_AesSetKey(&ctx->cipher.aes, key, ctx->keyLen, iv,
+                                ctx->enc ? AES_ENCRYPTION : AES_DECRYPTION);
+                if (ret != 0)
+                    return ret;
+            }
+            if (iv && key == NULL) {
+                ret = wc_AesSetIV(&ctx->cipher.aes, iv);
+                if (ret != 0)
+                    return ret;
+            }
+        }
+        else if (ctx->cipherType == AES_256_CBC_TYPE || (type &&
+                                       XSTRNCMP(type, "AES256-CBC", 10) == 0)) {
+            WOLFSSL_MSG("AES-256-CBC");
+            ctx->cipherType = AES_256_CBC_TYPE;
+            ctx->keyLen     = 32;
+            if (enc == 0 || enc == 1)
+                ctx->enc = enc ? 1 : 0;
+            if (key) {
+                ret = wc_AesSetKey(&ctx->cipher.aes, key, ctx->keyLen, iv,
+                                ctx->enc ? AES_ENCRYPTION : AES_DECRYPTION);
+                if (ret != 0)
+                    return ret;
+            }
+            if (iv && key == NULL) {
+                ret = wc_AesSetIV(&ctx->cipher.aes, iv);
+                if (ret != 0)
+                    return ret;
+            }
+        }
+#ifdef WOLFSSL_AES_COUNTER
+        else if (ctx->cipherType == AES_128_CTR_TYPE || (type &&
+                                       XSTRNCMP(type, "AES128-CTR", 10) == 0)) {
+            WOLFSSL_MSG("AES-128-CTR");
+            ctx->cipherType = AES_128_CTR_TYPE;
+            ctx->keyLen     = 16;
+            if (enc == 0 || enc == 1)
+                ctx->enc = enc ? 1 : 0;
+            if (key) {
+                ret = wc_AesSetKey(&ctx->cipher.aes, key, ctx->keyLen, iv,
+                                AES_ENCRYPTION);
+                if (ret != 0)
+                    return ret;
+            }
+            if (iv && key == NULL) {
+                ret = wc_AesSetIV(&ctx->cipher.aes, iv);
+                if (ret != 0)
+                    return ret;
+            }
+        }
+        else if (ctx->cipherType == AES_192_CTR_TYPE || (type &&
+                                       XSTRNCMP(type, "AES192-CTR", 10) == 0)) {
+            WOLFSSL_MSG("AES-192-CTR");
+            ctx->cipherType = AES_192_CTR_TYPE;
+            ctx->keyLen     = 24;
+            if (enc == 0 || enc == 1)
+                ctx->enc = enc ? 1 : 0;
+            if (key) {
+                ret = wc_AesSetKey(&ctx->cipher.aes, key, ctx->keyLen, iv,
+                                AES_ENCRYPTION);
+                if (ret != 0)
+                    return ret;
+            }
+            if (iv && key == NULL) {
+                ret = wc_AesSetIV(&ctx->cipher.aes, iv);
+                if (ret != 0)
+                    return ret;
+            }
+        }
+        else if (ctx->cipherType == AES_256_CTR_TYPE || (type &&
+                                       XSTRNCMP(type, "AES256-CTR", 10) == 0)) {
+            WOLFSSL_MSG("AES-256-CTR");
+            ctx->cipherType = AES_256_CTR_TYPE;
+            ctx->keyLen     = 32;
+            if (enc == 0 || enc == 1)
+                ctx->enc = enc ? 1 : 0;
+            if (key) {
+                ret = wc_AesSetKey(&ctx->cipher.aes, key, ctx->keyLen, iv,
+                                AES_ENCRYPTION);
+                if (ret != 0)
+                    return ret;
+            }
+            if (iv && key == NULL) {
+                ret = wc_AesSetIV(&ctx->cipher.aes, iv);
+                if (ret != 0)
+                    return ret;
+            }
+        }
+#endif /* WOLFSSL_AES_CTR */
+        else if (ctx->cipherType == DES_CBC_TYPE || (type &&
+                                       XSTRNCMP(type, "DES-CBC", 7) == 0)) {
+            WOLFSSL_MSG("DES-CBC");
+            ctx->cipherType = DES_CBC_TYPE;
+            ctx->keyLen     = 8;
+            if (enc == 0 || enc == 1)
+                ctx->enc = enc ? 1 : 0;
+            if (key) {
+                ret = wc_Des_SetKey(&ctx->cipher.des, key, iv,
+                          ctx->enc ? DES_ENCRYPTION : DES_DECRYPTION);
+                if (ret != 0)
+                    return ret;
+            }
+
+            if (iv && key == NULL)
+                wc_Des_SetIV(&ctx->cipher.des, iv);
+        }
+        else if (ctx->cipherType == DES_EDE3_CBC_TYPE || (type &&
+                                     XSTRNCMP(type, "DES-EDE3-CBC", 11) == 0)) {
+            WOLFSSL_MSG("DES-EDE3-CBC");
+            ctx->cipherType = DES_EDE3_CBC_TYPE;
+            ctx->keyLen     = 24;
+            if (enc == 0 || enc == 1)
+                ctx->enc = enc ? 1 : 0;
+            if (key) {
+                ret = wc_Des3_SetKey(&ctx->cipher.des3, key, iv,
+                          ctx->enc ? DES_ENCRYPTION : DES_DECRYPTION);
+                if (ret != 0)
+                    return ret;
+            }
+
+            if (iv && key == NULL) {
+                ret = wc_Des3_SetIV(&ctx->cipher.des3, iv);
+                if (ret != 0)
+                    return ret;
+            }
+        }
+        else if (ctx->cipherType == ARC4_TYPE || (type &&
+                                     XSTRNCMP(type, "ARC4", 4) == 0)) {
+            WOLFSSL_MSG("ARC4");
+            ctx->cipherType = ARC4_TYPE;
+            if (ctx->keyLen == 0)  /* user may have already set */
+                ctx->keyLen = 16;  /* default to 128 */
+            if (key)
+                wc_Arc4SetKey(&ctx->cipher.arc4, key, ctx->keyLen);
+        }
+        else if (ctx->cipherType == NULL_CIPHER_TYPE || (type &&
+                                     XSTRNCMP(type, "NULL", 4) == 0)) {
+            WOLFSSL_MSG("NULL cipher");
+            ctx->cipherType = NULL_CIPHER_TYPE;
+            ctx->keyLen = 0;
+        }
+        else
+            return 0;   /* failure */
+
+
+        return SSL_SUCCESS;
+    }
+
+
+    /* SSL_SUCCESS on ok */
+    int wolfSSL_EVP_CIPHER_CTX_key_length(WOLFSSL_EVP_CIPHER_CTX* ctx)
+    {
+        WOLFSSL_ENTER("wolfSSL_EVP_CIPHER_CTX_key_length");
+        if (ctx)
+            return ctx->keyLen;
+
+        return 0;   /* failure */
+    }
+
+
+    /* SSL_SUCCESS on ok */
+    int wolfSSL_EVP_CIPHER_CTX_set_key_length(WOLFSSL_EVP_CIPHER_CTX* ctx,
+                                             int keylen)
+    {
+        WOLFSSL_ENTER("wolfSSL_EVP_CIPHER_CTX_set_key_length");
+        if (ctx)
+            ctx->keyLen = keylen;
+        else
+            return 0;  /* failure */
+
+        return SSL_SUCCESS;
+    }
+
+
+    /* SSL_SUCCESS on ok */
+    int wolfSSL_EVP_Cipher(WOLFSSL_EVP_CIPHER_CTX* ctx, byte* dst, byte* src,
+                          word32 len)
+    {
+        int ret = 0;
+        WOLFSSL_ENTER("wolfSSL_EVP_Cipher");
+
+        if (ctx == NULL || dst == NULL || src == NULL) {
+            WOLFSSL_MSG("Bad function argument");
+            return 0;  /* failure */
+        }
+
+        if (ctx->cipherType == 0xff) {
+            WOLFSSL_MSG("no init");
+            return 0;  /* failure */
+        }
+
+        switch (ctx->cipherType) {
+
+            case AES_128_CBC_TYPE :
+            case AES_192_CBC_TYPE :
+            case AES_256_CBC_TYPE :
+                WOLFSSL_MSG("AES CBC");
+                if (ctx->enc)
+                    ret = wc_AesCbcEncrypt(&ctx->cipher.aes, dst, src, len);
+                else
+                    ret = wc_AesCbcDecrypt(&ctx->cipher.aes, dst, src, len);
+                break;
+
+#ifdef WOLFSSL_AES_COUNTER
+            case AES_128_CTR_TYPE :
+            case AES_192_CTR_TYPE :
+            case AES_256_CTR_TYPE :
+                    WOLFSSL_MSG("AES CTR");
+                    wc_AesCtrEncrypt(&ctx->cipher.aes, dst, src, len);
+                break;
+#endif
+
+            case DES_CBC_TYPE :
+                if (ctx->enc)
+                    wc_Des_CbcEncrypt(&ctx->cipher.des, dst, src, len);
+                else
+                    wc_Des_CbcDecrypt(&ctx->cipher.des, dst, src, len);
+                break;
+
+            case DES_EDE3_CBC_TYPE :
+                if (ctx->enc)
+                    ret = wc_Des3_CbcEncrypt(&ctx->cipher.des3, dst, src, len);
+                else
+                    ret = wc_Des3_CbcDecrypt(&ctx->cipher.des3, dst, src, len);
+                break;
+
+            case ARC4_TYPE :
+                wc_Arc4Process(&ctx->cipher.arc4, dst, src, len);
+                break;
+
+            case NULL_CIPHER_TYPE :
+                XMEMCPY(dst, src, len);
+                break;
+
+            default: {
+                WOLFSSL_MSG("bad type");
+                return 0;  /* failure */
+            }
+        }
+
+        if (ret != 0) {
+            WOLFSSL_MSG("wolfSSL_EVP_Cipher failure");
+            return 0;  /* failuer */
+        }
+
+        WOLFSSL_MSG("wolfSSL_EVP_Cipher success");
+        return SSL_SUCCESS;  /* success */
+    }
+
+
+    /* store for external read of iv, SSL_SUCCESS on success */
+    int  wolfSSL_StoreExternalIV(WOLFSSL_EVP_CIPHER_CTX* ctx)
+    {
+        WOLFSSL_ENTER("wolfSSL_StoreExternalIV");
+
+        if (ctx == NULL) {
+            WOLFSSL_MSG("Bad function argument");
+            return SSL_FATAL_ERROR;
+        }
+
+        switch (ctx->cipherType) {
+
+            case AES_128_CBC_TYPE :
+            case AES_192_CBC_TYPE :
+            case AES_256_CBC_TYPE :
+                WOLFSSL_MSG("AES CBC");
+                memcpy(ctx->iv, &ctx->cipher.aes.reg, AES_BLOCK_SIZE);
+                break;
+
+#ifdef WOLFSSL_AES_COUNTER
+            case AES_128_CTR_TYPE :
+            case AES_192_CTR_TYPE :
+            case AES_256_CTR_TYPE :
+                WOLFSSL_MSG("AES CTR");
+                memcpy(ctx->iv, &ctx->cipher.aes.reg, AES_BLOCK_SIZE);
+                break;
+#endif
+
+            case DES_CBC_TYPE :
+                WOLFSSL_MSG("DES CBC");
+                memcpy(ctx->iv, &ctx->cipher.des.reg, DES_BLOCK_SIZE);
+                break;
+
+            case DES_EDE3_CBC_TYPE :
+                WOLFSSL_MSG("DES EDE3 CBC");
+                memcpy(ctx->iv, &ctx->cipher.des.reg, DES_BLOCK_SIZE);
+                break;
+
+            case ARC4_TYPE :
+                WOLFSSL_MSG("ARC4");
+                break;
+
+            case NULL_CIPHER_TYPE :
+                WOLFSSL_MSG("NULL");
+                break;
+
+            default: {
+                WOLFSSL_MSG("bad type");
+                return SSL_FATAL_ERROR;
+            }
+        }
+        return SSL_SUCCESS;
+    }
+
+
+    /* set internal IV from external, SSL_SUCCESS on success */
+    int  wolfSSL_SetInternalIV(WOLFSSL_EVP_CIPHER_CTX* ctx)
+    {
+
+        WOLFSSL_ENTER("wolfSSL_SetInternalIV");
+
+        if (ctx == NULL) {
+            WOLFSSL_MSG("Bad function argument");
+            return SSL_FATAL_ERROR;
+        }
+
+        switch (ctx->cipherType) {
+
+            case AES_128_CBC_TYPE :
+            case AES_192_CBC_TYPE :
+            case AES_256_CBC_TYPE :
+                WOLFSSL_MSG("AES CBC");
+                memcpy(&ctx->cipher.aes.reg, ctx->iv, AES_BLOCK_SIZE);
+                break;
+
+#ifdef WOLFSSL_AES_COUNTER
+            case AES_128_CTR_TYPE :
+            case AES_192_CTR_TYPE :
+            case AES_256_CTR_TYPE :
+                WOLFSSL_MSG("AES CTR");
+                memcpy(&ctx->cipher.aes.reg, ctx->iv, AES_BLOCK_SIZE);
+                break;
+#endif
+
+            case DES_CBC_TYPE :
+                WOLFSSL_MSG("DES CBC");
+                memcpy(&ctx->cipher.des.reg, ctx->iv, DES_BLOCK_SIZE);
+                break;
+
+            case DES_EDE3_CBC_TYPE :
+                WOLFSSL_MSG("DES EDE3 CBC");
+                memcpy(&ctx->cipher.des.reg, ctx->iv, DES_BLOCK_SIZE);
+                break;
+
+            case ARC4_TYPE :
+                WOLFSSL_MSG("ARC4");
+                break;
+
+            case NULL_CIPHER_TYPE :
+                WOLFSSL_MSG("NULL");
+                break;
+
+            default: {
+                WOLFSSL_MSG("bad type");
+                return SSL_FATAL_ERROR;
+            }
+        }
+        return SSL_SUCCESS;
+    }
+
+
+    /* SSL_SUCCESS on ok */
+    int wolfSSL_EVP_DigestInit(WOLFSSL_EVP_MD_CTX* ctx, const WOLFSSL_EVP_MD* type)
+    {
+        WOLFSSL_ENTER("EVP_DigestInit");
+        if (XSTRNCMP(type, "MD5", 3) == 0) {
+             ctx->macType = MD5;
+             wolfSSL_MD5_Init((MD5_CTX*)&ctx->hash);
+        }
+        else if (XSTRNCMP(type, "SHA256", 6) == 0) {
+             ctx->macType = SHA256;
+             wolfSSL_SHA256_Init((SHA256_CTX*)&ctx->hash);
+        }
+    #ifdef WOLFSSL_SHA384
+        else if (XSTRNCMP(type, "SHA384", 6) == 0) {
+             ctx->macType = SHA384;
+             wolfSSL_SHA384_Init((SHA384_CTX*)&ctx->hash);
+        }
+    #endif
+    #ifdef WOLFSSL_SHA512
+        else if (XSTRNCMP(type, "SHA512", 6) == 0) {
+             ctx->macType = SHA512;
+             wolfSSL_SHA512_Init((SHA512_CTX*)&ctx->hash);
+        }
+    #endif
+        /* has to be last since would pick or 256, 384, or 512 too */
+        else if (XSTRNCMP(type, "SHA", 3) == 0) {
+             ctx->macType = SHA;
+             wolfSSL_SHA_Init((SHA_CTX*)&ctx->hash);
+        }
+        else
+             return BAD_FUNC_ARG;
+
+        return SSL_SUCCESS;
+    }
+
+
+    /* SSL_SUCCESS on ok */
+    int wolfSSL_EVP_DigestUpdate(WOLFSSL_EVP_MD_CTX* ctx, const void* data,
+                                unsigned long sz)
+    {
+        WOLFSSL_ENTER("EVP_DigestUpdate");
+        if (ctx->macType == MD5)
+            wolfSSL_MD5_Update((MD5_CTX*)&ctx->hash, data, (unsigned long)sz);
+        else if (ctx->macType == SHA)
+            wolfSSL_SHA_Update((SHA_CTX*)&ctx->hash, data, (unsigned long)sz);
+        else if (ctx->macType == SHA256)
+            wolfSSL_SHA256_Update((SHA256_CTX*)&ctx->hash, data,
+                                 (unsigned long)sz);
+    #ifdef WOLFSSL_SHA384
+        else if (ctx->macType == SHA384)
+            wolfSSL_SHA384_Update((SHA384_CTX*)&ctx->hash, data,
+                                 (unsigned long)sz);
+    #endif
+    #ifdef WOLFSSL_SHA512
+        else if (ctx->macType == SHA512)
+            wolfSSL_SHA512_Update((SHA512_CTX*)&ctx->hash, data,
+                                 (unsigned long)sz);
+    #endif
+        else
+            return BAD_FUNC_ARG;
+
+        return SSL_SUCCESS;
+    }
+
+
+    /* SSL_SUCCESS on ok */
+    int wolfSSL_EVP_DigestFinal(WOLFSSL_EVP_MD_CTX* ctx, unsigned char* md,
+                               unsigned int* s)
+    {
+        WOLFSSL_ENTER("EVP_DigestFinal");
+        if (ctx->macType == MD5) {
+            wolfSSL_MD5_Final(md, (MD5_CTX*)&ctx->hash);
+            if (s) *s = MD5_DIGEST_SIZE;
+        }
+        else if (ctx->macType == SHA) {
+            wolfSSL_SHA_Final(md, (SHA_CTX*)&ctx->hash);
+            if (s) *s = SHA_DIGEST_SIZE;
+        }
+        else if (ctx->macType == SHA256) {
+            wolfSSL_SHA256_Final(md, (SHA256_CTX*)&ctx->hash);
+            if (s) *s = SHA256_DIGEST_SIZE;
+        }
+    #ifdef WOLFSSL_SHA384
+        else if (ctx->macType == SHA384) {
+            wolfSSL_SHA384_Final(md, (SHA384_CTX*)&ctx->hash);
+            if (s) *s = SHA384_DIGEST_SIZE;
+        }
+    #endif
+    #ifdef WOLFSSL_SHA512
+        else if (ctx->macType == SHA512) {
+            wolfSSL_SHA512_Final(md, (SHA512_CTX*)&ctx->hash);
+            if (s) *s = SHA512_DIGEST_SIZE;
+        }
+    #endif
+        else
+            return BAD_FUNC_ARG;
+
+        return SSL_SUCCESS;
+    }
+
+
+    /* SSL_SUCCESS on ok */
+    int wolfSSL_EVP_DigestFinal_ex(WOLFSSL_EVP_MD_CTX* ctx, unsigned char* md,
+                                  unsigned int* s)
+    {
+        WOLFSSL_ENTER("EVP_DigestFinal_ex");
+        return EVP_DigestFinal(ctx, md, s);
+    }
+
+
+    unsigned char* wolfSSL_HMAC(const WOLFSSL_EVP_MD* evp_md, const void* key,
+                               int key_len, const unsigned char* d, int n,
+                               unsigned char* md, unsigned int* md_len)
+    {
+        int type;
+        unsigned char* ret = NULL;
+#ifdef WOLFSSL_SMALL_STACK
+        Hmac* hmac = NULL;
+#else
+        Hmac  hmac[1];
+#endif
+
+        WOLFSSL_ENTER("HMAC");
+        if (!md)
+            return NULL;  /* no static buffer support */
+
+        if (XSTRNCMP(evp_md, "MD5", 3) == 0)
+            type = MD5;
+        else if (XSTRNCMP(evp_md, "SHA", 3) == 0)
+            type = SHA;
+        else
+            return NULL;
+
+    #ifdef WOLFSSL_SMALL_STACK
+        hmac = (Hmac*)XMALLOC(sizeof(Hmac), NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        if (hmac == NULL)
+            return NULL;
+    #endif
+
+        if (wc_HmacSetKey(hmac, type, (const byte*)key, key_len) == 0)
+            if (wc_HmacUpdate(hmac, d, n) == 0)
+                if (wc_HmacFinal(hmac, md) == 0) {
+                    if (md_len)
+                        *md_len = (type == MD5) ? (int)MD5_DIGEST_SIZE
+                                                : (int)SHA_DIGEST_SIZE;
+                    ret = md;
+                }
+
+    #ifdef WOLFSSL_SMALL_STACK
+        XFREE(hmac, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    #endif
+
+        return ret;
+    }
+
+    void wolfSSL_ERR_clear_error(void)
+    {
+        /* TODO: */
+    }
+
+
+    int wolfSSL_RAND_status(void)
+    {
+        return SSL_SUCCESS;  /* wolfCrypt provides enough seed internally */
+    }
+
+
+
+    void wolfSSL_RAND_add(const void* add, int len, double entropy)
+    {
+        (void)add;
+        (void)len;
+        (void)entropy;
+
+        /* wolfSSL seeds/adds internally, use explicit RNG if you want
+           to take control */
+    }
+
+
+    /* SSL_SUCCESS on ok */
+    int wolfSSL_DES_key_sched(WOLFSSL_const_DES_cblock* key,
+                             WOLFSSL_DES_key_schedule* schedule)
+    {
+        WOLFSSL_ENTER("DES_key_sched");
+        XMEMCPY(schedule, key, sizeof(const_DES_cblock));
+        return SSL_SUCCESS;
+    }
+
+
+    void wolfSSL_DES_cbc_encrypt(const unsigned char* input,
+                     unsigned char* output, long length,
+                     WOLFSSL_DES_key_schedule* schedule, WOLFSSL_DES_cblock* ivec,
+                     int enc)
+    {
+        Des myDes;
+
+        WOLFSSL_ENTER("DES_cbc_encrypt");
+
+        /* OpenSSL compat, no ret */
+        wc_Des_SetKey(&myDes, (const byte*)schedule, (const byte*)ivec, !enc);
+
+        if (enc)
+            wc_Des_CbcEncrypt(&myDes, output, input, (word32)length);
+        else
+            wc_Des_CbcDecrypt(&myDes, output, input, (word32)length);
+    }
+
+
+    /* correctly sets ivec for next call */
+    void wolfSSL_DES_ncbc_encrypt(const unsigned char* input,
+                     unsigned char* output, long length,
+                     WOLFSSL_DES_key_schedule* schedule, WOLFSSL_DES_cblock* ivec,
+                     int enc)
+    {
+        Des myDes;
+
+        WOLFSSL_ENTER("DES_ncbc_encrypt");
+
+        /* OpenSSL compat, no ret */
+        wc_Des_SetKey(&myDes, (const byte*)schedule, (const byte*)ivec, !enc);
+
+        if (enc)
+            wc_Des_CbcEncrypt(&myDes, output, input, (word32)length);
+        else
+            wc_Des_CbcDecrypt(&myDes, output, input, (word32)length);
+
+        XMEMCPY(ivec, output + length - sizeof(DES_cblock), sizeof(DES_cblock));
+    }
+
+
+    void wolfSSL_ERR_free_strings(void)
+    {
+        /* handled internally */
+    }
+
+
+    void wolfSSL_ERR_remove_state(unsigned long state)
+    {
+        /* TODO: GetErrors().Remove(); */
+        (void)state;
+    }
+
+
+    void wolfSSL_EVP_cleanup(void)
+    {
+        /* nothing to do here */
+    }
+
+
+    void wolfSSL_cleanup_all_ex_data(void)
+    {
+        /* nothing to do here */
+    }
+
+
+    long wolfSSL_CTX_set_mode(WOLFSSL_CTX* ctx, long mode)
+    {
+        /* SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER is wolfSSL default mode */
+
+        WOLFSSL_ENTER("SSL_CTX_set_mode");
+        if (mode == SSL_MODE_ENABLE_PARTIAL_WRITE)
+            ctx->partialWrite = 1;
+
+        return mode;
+    }
+
+
+    long wolfSSL_CTX_get_mode(WOLFSSL_CTX* ctx)
+    {
+        /* TODO: */
+        (void)ctx;
+        return 0;
+    }
+
+
+    void wolfSSL_CTX_set_default_read_ahead(WOLFSSL_CTX* ctx, int m)
+    {
+        /* TODO: maybe? */
+        (void)ctx;
+        (void)m;
+    }
+
+
+    int wolfSSL_CTX_set_session_id_context(WOLFSSL_CTX* ctx,
+                                       const unsigned char* sid_ctx,
+                                       unsigned int sid_ctx_len)
+    {
+        /* No application specific context needed for wolfSSL */
+        (void)ctx;
+        (void)sid_ctx;
+        (void)sid_ctx_len;
+        return SSL_SUCCESS;
+    }
+
+
+    long wolfSSL_CTX_sess_get_cache_size(WOLFSSL_CTX* ctx)
+    {
+        /* TODO: maybe? */
+        (void)ctx;
+        return (~0);
+    }
+
+    unsigned long wolfSSL_ERR_get_error_line_data(const char** file, int* line,
+                                          const char** data, int *flags)
+    {
+        /* Not implemented */
+        (void)file;
+        (void)line;
+        (void)data;
+        (void)flags;
+        return 0;
+    }
+
+#endif /* OPENSSL_EXTRA */
+
+
+#if defined(KEEP_PEER_CERT)
+
+    WOLFSSL_X509* wolfSSL_get_peer_certificate(WOLFSSL* ssl)
+    {
+        WOLFSSL_ENTER("SSL_get_peer_certificate");
+        if (ssl->peerCert.issuer.sz)
+            return &ssl->peerCert;
+        else
+            return 0;
+    }
+
+#endif /* KEEP_PEER_CERT */
+
+
+#if defined(KEEP_PEER_CERT) || defined(SESSION_CERTS)
+
+    void wolfSSL_FreeX509(WOLFSSL_X509* x509)
+    {
+        WOLFSSL_ENTER("wolfSSL_FreeX509");
+        FreeX509(x509);
+    }
+
+
+    /* return the next, if any, altname from the peer cert */
+    char* wolfSSL_X509_get_next_altname(WOLFSSL_X509* cert)
+    {
+        char* ret = NULL;
+        WOLFSSL_ENTER("wolfSSL_X509_get_next_altname");
+
+        /* don't have any to work with */
+        if (cert == NULL || cert->altNames == NULL)
+            return NULL;
+
+        /* already went through them */
+        if (cert->altNamesNext == NULL)
+            return NULL;
+
+        ret = cert->altNamesNext->name;
+        cert->altNamesNext = cert->altNamesNext->next;
+
+        return ret;
+    }
+
+
+    WOLFSSL_X509_NAME* wolfSSL_X509_get_issuer_name(WOLFSSL_X509* cert)
+    {
+        WOLFSSL_ENTER("X509_get_issuer_name");
+        return &cert->issuer;
+    }
+
+
+    WOLFSSL_X509_NAME* wolfSSL_X509_get_subject_name(WOLFSSL_X509* cert)
+    {
+        WOLFSSL_ENTER("X509_get_subject_name");
+        return &cert->subject;
+    }
+
+
+    int wolfSSL_X509_get_isCA(WOLFSSL_X509* x509)
+    {
+        int isCA = 0;
+
+        WOLFSSL_ENTER("wolfSSL_X509_get_isCA");
+
+        if (x509 != NULL)
+            isCA = x509->isCa;
+
+        WOLFSSL_LEAVE("wolfSSL_X509_get_isCA", isCA);
+
+        return isCA;
+    }
+
+
+#ifdef OPENSSL_EXTRA
+    int wolfSSL_X509_ext_isSet_by_NID(WOLFSSL_X509* x509, int nid)
+    {
+        int isSet = 0;
+
+        WOLFSSL_ENTER("wolfSSL_X509_ext_isSet_by_NID");
+
+        if (x509 != NULL) {
+            switch (nid) {
+                case BASIC_CA_OID: isSet = x509->basicConstSet; break;
+                case ALT_NAMES_OID: isSet = x509->subjAltNameSet; break;
+                case AUTH_KEY_OID: isSet = x509->authKeyIdSet; break;
+                case SUBJ_KEY_OID: isSet = x509->subjKeyIdSet; break;
+                case KEY_USAGE_OID: isSet = x509->keyUsageSet; break;
+                #ifdef WOLFSSL_SEP
+                    case CERT_POLICY_OID: isSet = x509->certPolicySet; break;
+                #endif /* WOLFSSL_SEP */
+            }
+        }
+
+        WOLFSSL_LEAVE("wolfSSL_X509_ext_isSet_by_NID", isSet);
+
+        return isSet;
+    }
+
+
+    int wolfSSL_X509_ext_get_critical_by_NID(WOLFSSL_X509* x509, int nid)
+    {
+        int crit = 0;
+
+        WOLFSSL_ENTER("wolfSSL_X509_ext_get_critical_by_NID");
+
+        if (x509 != NULL) {
+            switch (nid) {
+                case BASIC_CA_OID: crit = x509->basicConstCrit; break;
+                case ALT_NAMES_OID: crit = x509->subjAltNameCrit; break;
+                case AUTH_KEY_OID: crit = x509->authKeyIdCrit; break;
+                case SUBJ_KEY_OID: crit = x509->subjKeyIdCrit; break;
+                case KEY_USAGE_OID: crit = x509->keyUsageCrit; break;
+                #ifdef WOLFSSL_SEP
+                    case CERT_POLICY_OID: crit = x509->certPolicyCrit; break;
+                #endif /* WOLFSSL_SEP */
+            }
+        }
+
+        WOLFSSL_LEAVE("wolfSSL_X509_ext_get_critical_by_NID", crit);
+
+        return crit;
+    }
+
+
+    int wolfSSL_X509_get_isSet_pathLength(WOLFSSL_X509* x509)
+    {
+        int isSet = 0;
+
+        WOLFSSL_ENTER("wolfSSL_X509_get_isSet_pathLength");
+
+        if (x509 != NULL)
+            isSet = x509->basicConstPlSet;
+
+        WOLFSSL_LEAVE("wolfSSL_X509_get_isSet_pathLength", isSet);
+
+        return isSet;
+    }
+
+
+    word32 wolfSSL_X509_get_pathLength(WOLFSSL_X509* x509)
+    {
+        word32 pathLength = 0;
+
+        WOLFSSL_ENTER("wolfSSL_X509_get_pathLength");
+
+        if (x509 != NULL)
+            pathLength = x509->pathLength;
+
+        WOLFSSL_LEAVE("wolfSSL_X509_get_pathLength", pathLength);
+
+        return pathLength;
+    }
+
+
+    unsigned int wolfSSL_X509_get_keyUsage(WOLFSSL_X509* x509)
+    {
+        word16 usage = 0;
+
+        WOLFSSL_ENTER("wolfSSL_X509_get_keyUsage");
+
+        if (x509 != NULL)
+            usage = x509->keyUsage;
+
+        WOLFSSL_LEAVE("wolfSSL_X509_get_keyUsage", usage);
+
+        return usage;
+    }
+
+
+    byte* wolfSSL_X509_get_authorityKeyID(
+                                      WOLFSSL_X509* x509, byte* dst, int* dstLen)
+    {
+        byte *id = NULL;
+        int copySz = 0;
+
+        WOLFSSL_ENTER("wolfSSL_X509_get_authorityKeyID");
+
+        if (x509 != NULL) {
+            if (x509->authKeyIdSet) {
+                copySz = min(dstLen != NULL ? *dstLen : 0,
+                                                        (int)x509->authKeyIdSz);
+                id = x509->authKeyId;
+            }
+
+            if (dst != NULL && dstLen != NULL && id != NULL && copySz > 0) {
+                XMEMCPY(dst, id, copySz);
+                id = dst;
+                *dstLen = copySz;
+            }
+        }
+
+        WOLFSSL_LEAVE("wolfSSL_X509_get_authorityKeyID", copySz);
+
+        return id;
+    }
+
+
+    byte* wolfSSL_X509_get_subjectKeyID(
+                                      WOLFSSL_X509* x509, byte* dst, int* dstLen)
+    {
+        byte *id = NULL;
+        int copySz = 0;
+
+        WOLFSSL_ENTER("wolfSSL_X509_get_subjectKeyID");
+
+        if (x509 != NULL) {
+            if (x509->subjKeyIdSet) {
+                copySz = min(dstLen != NULL ? *dstLen : 0,
+                                                        (int)x509->subjKeyIdSz);
+                id = x509->subjKeyId;
+            }
+
+            if (dst != NULL && dstLen != NULL && id != NULL && copySz > 0) {
+                XMEMCPY(dst, id, copySz);
+                id = dst;
+                *dstLen = copySz;
+            }
+        }
+
+        WOLFSSL_LEAVE("wolfSSL_X509_get_subjectKeyID", copySz);
+
+        return id;
+    }
+
+
+    int wolfSSL_X509_NAME_entry_count(WOLFSSL_X509_NAME* name)
+    {
+        int count = 0;
+
+        WOLFSSL_ENTER("wolfSSL_X509_NAME_entry_count");
+
+        if (name != NULL)
+            count = name->fullName.entryCount;
+
+        WOLFSSL_LEAVE("wolfSSL_X509_NAME_entry_count", count);
+        return count;
+    }
+
+
+    int wolfSSL_X509_NAME_get_text_by_NID(WOLFSSL_X509_NAME* name,
+                                                    int nid, char* buf, int len)
+    {
+        char *text = NULL;
+        int textSz = 0;
+
+        WOLFSSL_ENTER("wolfSSL_X509_NAME_get_text_by_NID");
+
+        switch (nid) {
+            case ASN_COMMON_NAME:
+                text = name->fullName.fullName + name->fullName.cnIdx;
+                textSz = name->fullName.cnLen;
+                break;
+            case ASN_SUR_NAME:
+                text = name->fullName.fullName + name->fullName.snIdx;
+                textSz = name->fullName.snLen;
+                break;
+            case ASN_SERIAL_NUMBER:
+                text = name->fullName.fullName + name->fullName.serialIdx;
+                textSz = name->fullName.serialLen;
+                break;
+            case ASN_COUNTRY_NAME:
+                text = name->fullName.fullName + name->fullName.cIdx;
+                textSz = name->fullName.cLen;
+                break;
+            case ASN_LOCALITY_NAME:
+                text = name->fullName.fullName + name->fullName.lIdx;
+                textSz = name->fullName.lLen;
+                break;
+            case ASN_STATE_NAME:
+                text = name->fullName.fullName + name->fullName.stIdx;
+                textSz = name->fullName.stLen;
+                break;
+            case ASN_ORG_NAME:
+                text = name->fullName.fullName + name->fullName.oIdx;
+                textSz = name->fullName.oLen;
+                break;
+            case ASN_ORGUNIT_NAME:
+                text = name->fullName.fullName + name->fullName.ouIdx;
+                textSz = name->fullName.ouLen;
+                break;
+            default:
+                break;
+        }
+
+        if (buf != NULL && text != NULL) {
+            textSz = min(textSz, len);
+            XMEMCPY(buf, text, textSz);
+            buf[textSz] = '\0';
+        }
+
+        WOLFSSL_LEAVE("wolfSSL_X509_NAME_get_text_by_NID", textSz);
+        return textSz;
+    }
+#endif
+
+
+    /* copy name into in buffer, at most sz bytes, if buffer is null will
+       malloc buffer, call responsible for freeing                     */
+    char* wolfSSL_X509_NAME_oneline(WOLFSSL_X509_NAME* name, char* in, int sz)
+    {
+        int copySz = min(sz, name->sz);
+
+        WOLFSSL_ENTER("wolfSSL_X509_NAME_oneline");
+        if (!name->sz) return in;
+
+        if (!in) {
+            in = (char*)XMALLOC(name->sz, 0, DYNAMIC_TYPE_OPENSSL);
+            if (!in ) return in;
+            copySz = name->sz;
+        }
+
+        if (copySz == 0)
+            return in;
+
+        XMEMCPY(in, name->name, copySz - 1);
+        in[copySz - 1] = 0;
+
+        return in;
+    }
+
+
+    int wolfSSL_X509_get_signature_type(WOLFSSL_X509* x509)
+    {
+        int type = 0;
+
+        WOLFSSL_ENTER("wolfSSL_X509_get_signature_type");
+
+        if (x509 != NULL)
+            type = x509->sigOID;
+
+        return type;
+    }
+
+
+    int wolfSSL_X509_get_signature(WOLFSSL_X509* x509,
+                                                 unsigned char* buf, int* bufSz)
+    {
+        WOLFSSL_ENTER("wolfSSL_X509_get_signature");
+        if (x509 == NULL || bufSz == NULL || *bufSz < (int)x509->sig.length)
+            return SSL_FATAL_ERROR;
+
+        if (buf != NULL)
+            XMEMCPY(buf, x509->sig.buffer, x509->sig.length);
+        *bufSz = x509->sig.length;
+
+        return SSL_SUCCESS;
+    }
+
+
+    /* write X509 serial number in unsigned binary to buffer
+       buffer needs to be at least EXTERNAL_SERIAL_SIZE (32) for all cases
+       return SSL_SUCCESS on success */
+    int wolfSSL_X509_get_serial_number(WOLFSSL_X509* x509, byte* in, int* inOutSz)
+    {
+        WOLFSSL_ENTER("wolfSSL_X509_get_serial_number");
+        if (x509 == NULL || in == NULL ||
+                                   inOutSz == NULL || *inOutSz < x509->serialSz)
+            return BAD_FUNC_ARG;
+
+        XMEMCPY(in, x509->serial, x509->serialSz);
+        *inOutSz = x509->serialSz;
+
+        return SSL_SUCCESS;
+    }
+
+
+    const byte* wolfSSL_X509_get_der(WOLFSSL_X509* x509, int* outSz)
+    {
+        WOLFSSL_ENTER("wolfSSL_X509_get_der");
+
+        if (x509 == NULL || outSz == NULL)
+            return NULL;
+
+        *outSz = (int)x509->derCert.length;
+        return x509->derCert.buffer;
+    }
+
+
+    int wolfSSL_X509_version(WOLFSSL_X509* x509)
+    {
+        WOLFSSL_ENTER("wolfSSL_X509_version");
+
+        if (x509 == NULL)
+            return 0;
+
+        return x509->version;
+    }
+
+
+    const byte* wolfSSL_X509_notBefore(WOLFSSL_X509* x509)
+    {
+        WOLFSSL_ENTER("wolfSSL_X509_notBefore");
+
+        if (x509 == NULL)
+            return NULL;
+
+        return x509->notBefore;
+    }
+
+
+    const byte* wolfSSL_X509_notAfter(WOLFSSL_X509* x509)
+    {
+        WOLFSSL_ENTER("wolfSSL_X509_notAfter");
+
+        if (x509 == NULL)
+            return NULL;
+
+        return x509->notAfter;
+    }
+
+
+#ifdef WOLFSSL_SEP
+
+/* copy oid into in buffer, at most *inOutSz bytes, if buffer is null will
+   malloc buffer, call responsible for freeing. Actual size returned in
+   *inOutSz. Requires inOutSz be non-null */
+byte* wolfSSL_X509_get_device_type(WOLFSSL_X509* x509, byte* in, int *inOutSz)
+{
+    int copySz;
+
+    WOLFSSL_ENTER("wolfSSL_X509_get_dev_type");
+    if (inOutSz == NULL) return NULL;
+    if (!x509->deviceTypeSz) return in;
+
+    copySz = min(*inOutSz, x509->deviceTypeSz);
+
+    if (!in) {
+        in = (byte*)XMALLOC(x509->deviceTypeSz, 0, DYNAMIC_TYPE_OPENSSL);
+        if (!in) return in;
+        copySz = x509->deviceTypeSz;
+    }
+
+    XMEMCPY(in, x509->deviceType, copySz);
+    *inOutSz = copySz;
+
+    return in;
+}
+
+
+byte* wolfSSL_X509_get_hw_type(WOLFSSL_X509* x509, byte* in, int* inOutSz)
+{
+    int copySz;
+
+    WOLFSSL_ENTER("wolfSSL_X509_get_hw_type");
+    if (inOutSz == NULL) return NULL;
+    if (!x509->hwTypeSz) return in;
+
+    copySz = min(*inOutSz, x509->hwTypeSz);
+
+    if (!in) {
+        in = (byte*)XMALLOC(x509->hwTypeSz, 0, DYNAMIC_TYPE_OPENSSL);
+        if (!in) return in;
+        copySz = x509->hwTypeSz;
+    }
+
+    XMEMCPY(in, x509->hwType, copySz);
+    *inOutSz = copySz;
+
+    return in;
+}
+
+
+byte* wolfSSL_X509_get_hw_serial_number(WOLFSSL_X509* x509,byte* in,int* inOutSz)
+{
+    int copySz;
+
+    WOLFSSL_ENTER("wolfSSL_X509_get_hw_serial_number");
+    if (inOutSz == NULL) return NULL;
+    if (!x509->hwTypeSz) return in;
+
+    copySz = min(*inOutSz, x509->hwSerialNumSz);
+
+    if (!in) {
+        in = (byte*)XMALLOC(x509->hwSerialNumSz, 0, DYNAMIC_TYPE_OPENSSL);
+        if (!in) return in;
+        copySz = x509->hwSerialNumSz;
+    }
+
+    XMEMCPY(in, x509->hwSerialNum, copySz);
+    *inOutSz = copySz;
+
+    return in;
+}
+
+#endif /* WOLFSSL_SEP */
+
+
+WOLFSSL_X509* wolfSSL_X509_d2i(WOLFSSL_X509** x509, const byte* in, int len)
+{
+    WOLFSSL_X509 *newX509 = NULL;
+
+    WOLFSSL_ENTER("wolfSSL_X509_d2i");
+
+    if (in != NULL && len != 0) {
+    #ifdef WOLFSSL_SMALL_STACK
+        DecodedCert* cert = NULL;
+    #else
+        DecodedCert  cert[1];
+    #endif
+
+    #ifdef WOLFSSL_SMALL_STACK
+        cert = (DecodedCert*)XMALLOC(sizeof(DecodedCert), NULL,
+                                                       DYNAMIC_TYPE_TMP_BUFFER);
+        if (cert == NULL)
+            return NULL;
+    #endif
+
+        InitDecodedCert(cert, (byte*)in, len, NULL);
+        if (ParseCertRelative(cert, CERT_TYPE, 0, NULL) == 0) {
+            newX509 = (WOLFSSL_X509*)XMALLOC(sizeof(WOLFSSL_X509),
+                                                       NULL, DYNAMIC_TYPE_X509);
+            if (newX509 != NULL) {
+                InitX509(newX509, 1);
+                if (CopyDecodedToX509(newX509, cert) != 0) {
+                    XFREE(newX509, NULL, DYNAMIC_TYPE_X509);
+                    newX509 = NULL;
+                }
+            }
+        }
+        FreeDecodedCert(cert);
+    #ifdef WOLFSSL_SMALL_STACK
+        XFREE(cert, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    #endif
+    }
+
+    if (x509 != NULL)
+        *x509 = newX509;
+
+    return newX509;
+}
+
+
+#ifndef NO_FILESYSTEM
+
+#ifndef NO_STDIO_FILESYSTEM
+
+WOLFSSL_X509* wolfSSL_X509_d2i_fp(WOLFSSL_X509** x509, XFILE file)
+{
+    WOLFSSL_X509* newX509 = NULL;
+
+    WOLFSSL_ENTER("wolfSSL_X509_d2i_fp");
+
+    if (file != XBADFILE) {
+        byte* fileBuffer = NULL;
+        long sz = 0;
+
+        XFSEEK(file, 0, XSEEK_END);
+        sz = XFTELL(file);
+        XREWIND(file);
+
+        if (sz < 0) {
+            WOLFSSL_MSG("Bad tell on FILE");
+            return NULL;
+        }
+
+        fileBuffer = (byte*)XMALLOC(sz, NULL, DYNAMIC_TYPE_FILE);
+        if (fileBuffer != NULL) {
+            int ret = (int)XFREAD(fileBuffer, sz, 1, file);
+            if (ret > 0) {
+                newX509 = wolfSSL_X509_d2i(NULL, fileBuffer, (int)sz);
+            }
+            XFREE(fileBuffer, NULL, DYNAMIC_TYPE_FILE);
+        }
+    }
+
+    if (x509 != NULL)
+        *x509 = newX509;
+
+    return newX509;
+}
+
+#endif /* NO_STDIO_FILESYSTEM */
+
+WOLFSSL_X509* wolfSSL_X509_load_certificate_file(const char* fname, int format)
+{
+#ifdef WOLFSSL_SMALL_STACK
+    byte  staticBuffer[1]; /* force heap usage */
+#else
+    byte  staticBuffer[FILE_BUFFER_SIZE];
+#endif
+    byte* fileBuffer = staticBuffer;
+    int   dynamic = 0;
+    int   ret;
+    long  sz = 0;
+    XFILE file;
+
+    WOLFSSL_X509* x509 = NULL;
+    buffer der;
+
+    WOLFSSL_ENTER("wolfSSL_X509_load_certificate");
+
+    /* Check the inputs */
+    if ((fname == NULL) ||
+        (format != SSL_FILETYPE_ASN1 && format != SSL_FILETYPE_PEM))
+        return NULL;
+
+    file = XFOPEN(fname, "rb");
+    if (file == XBADFILE)
+        return NULL;
+
+    XFSEEK(file, 0, XSEEK_END);
+    sz = XFTELL(file);
+    XREWIND(file);
+
+    if (sz > (long)sizeof(staticBuffer)) {
+        fileBuffer = (byte*)XMALLOC(sz, NULL, DYNAMIC_TYPE_FILE);
+        if (fileBuffer == NULL) {
+            XFCLOSE(file);
+            return NULL;
+        }
+        dynamic = 1;
+    }
+    else if (sz < 0) {
+        XFCLOSE(file);
+        return NULL;
+    }
+
+    ret = (int)XFREAD(fileBuffer, sz, 1, file);
+    if (ret < 0) {
+        XFCLOSE(file);
+        if (dynamic)
+            XFREE(fileBuffer, NULL, DYNAMIC_TYPE_FILE);
+        return NULL;
+    }
+
+    XFCLOSE(file);
+
+    der.buffer = NULL;
+    der.length = 0;
+
+    if (format == SSL_FILETYPE_PEM) {
+        int ecc = 0;
+    #ifdef WOLFSSL_SMALL_STACK
+        EncryptedInfo* info = NULL;
+    #else
+        EncryptedInfo  info[1];
+    #endif
+
+    #ifdef WOLFSSL_SMALL_STACK
+        info = (EncryptedInfo*)XMALLOC(sizeof(EncryptedInfo), NULL,
+                                                       DYNAMIC_TYPE_TMP_BUFFER);
+        if (info == NULL) {
+            if (dynamic)
+                XFREE(fileBuffer, NULL, DYNAMIC_TYPE_FILE);
+
+            return NULL;
+        }
+    #endif
+
+        info->set = 0;
+        info->ctx = NULL;
+        info->consumed = 0;
+
+        if (PemToDer(fileBuffer, sz, CERT_TYPE, &der, NULL, info, &ecc) != 0)
+        {
+            /* Only time this should fail, and leave `der` with a buffer
+               is when the Base64 Decode fails. Release `der.buffer` in
+               that case. */
+            if (der.buffer != NULL) {
+                XFREE(der.buffer, NULL, DYNAMIC_TYPE_CERT);
+                der.buffer = NULL;
+            }
+        }
+
+    #ifdef WOLFSSL_SMALL_STACK
+        XFREE(info, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    #endif
+    }
+    else {
+        der.buffer = (byte*)XMALLOC(sz, NULL, DYNAMIC_TYPE_CERT);
+        if (der.buffer != NULL) {
+            XMEMCPY(der.buffer, fileBuffer, sz);
+            der.length = (word32)sz;
+        }
+    }
+
+    if (dynamic)
+        XFREE(fileBuffer, NULL, DYNAMIC_TYPE_FILE);
+
+    /* At this point we want `der` to have the certificate in DER format */
+    /* ready to be decoded. */
+    if (der.buffer != NULL) {
+    #ifdef WOLFSSL_SMALL_STACK
+        DecodedCert* cert = NULL;
+    #else
+        DecodedCert  cert[1];
+    #endif
+
+    #ifdef WOLFSSL_SMALL_STACK
+        cert = (DecodedCert*)XMALLOC(sizeof(DecodedCert), NULL,
+                                                       DYNAMIC_TYPE_TMP_BUFFER);
+        if (cert != NULL)
+    #endif
+        {
+            InitDecodedCert(cert, der.buffer, der.length, NULL);
+            if (ParseCertRelative(cert, CERT_TYPE, 0, NULL) == 0) {
+                x509 = (WOLFSSL_X509*)XMALLOC(sizeof(WOLFSSL_X509), NULL,
+                                                             DYNAMIC_TYPE_X509);
+                if (x509 != NULL) {
+                    InitX509(x509, 1);
+                    if (CopyDecodedToX509(x509, cert) != 0) {
+                        XFREE(x509, NULL, DYNAMIC_TYPE_X509);
+                        x509 = NULL;
+                    }
+                }
+            }
+
+            FreeDecodedCert(cert);
+        #ifdef WOLFSSL_SMALL_STACK
+            XFREE(cert, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        #endif
+        }
+
+        XFREE(der.buffer, NULL, DYNAMIC_TYPE_CERT);
+    }
+
+    return x509;
+}
+
+#endif /* NO_FILESYSTEM */
+
+#endif /* KEEP_PEER_CERT || SESSION_CERTS */
+
+
+#ifdef OPENSSL_EXTRA
+int wolfSSL_set_ex_data(WOLFSSL* ssl, int idx, void* data)
+{
+#ifdef FORTRESS
+    if (ssl != NULL && idx < MAX_EX_DATA)
+    {
+        ssl->ex_data[idx] = data;
+        return SSL_SUCCESS;
+    }
+#else
+    (void)ssl;
+    (void)idx;
+    (void)data;
+#endif
+    return SSL_FAILURE;
+}
+
+
+int wolfSSL_set_session_id_context(WOLFSSL* ssl, const unsigned char* id,
+                               unsigned int len)
+{
+    (void)ssl;
+    (void)id;
+    (void)len;
+    return 0;
+}
+
+
+void wolfSSL_set_connect_state(WOLFSSL* ssl)
+{
+    (void)ssl;
+    /* client by default */
+}
+#endif
+
+int wolfSSL_get_shutdown(const WOLFSSL* ssl)
+{
+    return (ssl->options.isClosed  ||
+            ssl->options.connReset ||
+            ssl->options.sentNotify);
+}
+
+
+int wolfSSL_session_reused(WOLFSSL* ssl)
+{
+    return ssl->options.resuming;
+}
+
+#ifdef OPENSSL_EXTRA
+void wolfSSL_SESSION_free(WOLFSSL_SESSION* session)
+{
+    (void)session;
+}
+#endif
+
+const char* wolfSSL_get_version(WOLFSSL* ssl)
+{
+    WOLFSSL_ENTER("SSL_get_version");
+    if (ssl->version.major == SSLv3_MAJOR) {
+        switch (ssl->version.minor) {
+            case SSLv3_MINOR :
+                return "SSLv3";
+            case TLSv1_MINOR :
+                return "TLSv1";
+            case TLSv1_1_MINOR :
+                return "TLSv1.1";
+            case TLSv1_2_MINOR :
+                return "TLSv1.2";
+            default:
+                return "unknown";
+        }
+    }
+    else if (ssl->version.major == DTLS_MAJOR) {
+        switch (ssl->version.minor) {
+            case DTLS_MINOR :
+                return "DTLS";
+            case DTLSv1_2_MINOR :
+                return "DTLSv1.2";
+            default:
+                return "unknown";
+        }
+    }
+    return "unknown";
+}
+
+int wolfSSL_get_current_cipher_suite(WOLFSSL* ssl)
+{
+    WOLFSSL_ENTER("SSL_get_current_cipher_suite");
+    if (ssl)
+        return (ssl->options.cipherSuite0 << 8) | ssl->options.cipherSuite;
+    return 0;
+}
+
+WOLFSSL_CIPHER* wolfSSL_get_current_cipher(WOLFSSL* ssl)
+{
+    WOLFSSL_ENTER("SSL_get_current_cipher");
+    if (ssl)
+        return &ssl->cipher;
+    else
+        return NULL;
+}
+
+
+const char* wolfSSL_CIPHER_get_name(const WOLFSSL_CIPHER* cipher)
+{
+    (void)cipher;
+
+    WOLFSSL_ENTER("SSL_CIPHER_get_name");
+#ifndef NO_ERROR_STRINGS
+    if (cipher) {
+#if defined(HAVE_CHACHA)
+        if (cipher->ssl->options.cipherSuite0 == CHACHA_BYTE) {
+        /* ChaCha suites */
+        switch (cipher->ssl->options.cipherSuite) {
+#ifdef HAVE_CHACHA
+#ifndef NO_RSA
+            case TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 :
+                return "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256";
+
+            case TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 :
+                return "TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256";
+#endif
+            case TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 :
+                return "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256";
+#endif
+            }
+        }
+#endif
+
+#if defined(HAVE_ECC) || defined(HAVE_AESCCM)
+        /* Awkwardly, the ECC cipher suites use the ECC_BYTE as expected,
+         * but the AES-CCM cipher suites also use it, even the ones that
+         * aren't ECC. */
+        if (cipher->ssl->options.cipherSuite0 == ECC_BYTE) {
+        /* ECC suites */
+        switch (cipher->ssl->options.cipherSuite) {
+#ifdef HAVE_ECC
+#ifndef NO_RSA
+            case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 :
+                return "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256";
+#endif
+            case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 :
+                return "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256";
+#ifndef NO_RSA
+            case TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 :
+                return "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256";
+#endif
+            case TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 :
+                return "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256";
+#ifndef NO_RSA
+            case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 :
+                return "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384";
+#endif
+            case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 :
+                return "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384";
+#ifndef NO_RSA
+            case TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 :
+                return "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384";
+#endif
+            case TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 :
+                return "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384";
+#ifndef NO_SHA
+#ifndef NO_RSA
+            case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA :
+                return "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA";
+            case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA :
+                return "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA";
+#endif
+            case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA :
+                return "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA";
+            case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA :
+                return "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA";
+#ifndef NO_RC4
+    #ifndef NO_RSA
+            case TLS_ECDHE_RSA_WITH_RC4_128_SHA :
+                return "TLS_ECDHE_RSA_WITH_RC4_128_SHA";
+    #endif
+            case TLS_ECDHE_ECDSA_WITH_RC4_128_SHA :
+                return "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA";
+#endif
+#ifndef NO_DES3
+    #ifndef NO_RSA
+            case TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA :
+                return "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA";
+    #endif
+            case TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA :
+                return "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA";
+#endif
+
+#ifndef NO_RSA
+            case TLS_ECDH_RSA_WITH_AES_128_CBC_SHA :
+                return "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA";
+            case TLS_ECDH_RSA_WITH_AES_256_CBC_SHA :
+                return "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA";
+#endif
+            case TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA :
+                return "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA";
+            case TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA :
+                return "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA";
+#ifndef NO_RC4
+    #ifndef NO_RSA
+            case TLS_ECDH_RSA_WITH_RC4_128_SHA :
+                return "TLS_ECDH_RSA_WITH_RC4_128_SHA";
+    #endif
+            case TLS_ECDH_ECDSA_WITH_RC4_128_SHA :
+                return "TLS_ECDH_ECDSA_WITH_RC4_128_SHA";
+#endif
+#ifndef NO_DES3
+    #ifndef NO_RSA
+            case TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA :
+                return "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA";
+    #endif
+            case TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA :
+                return "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA";
+#endif
+#endif /* NO_SHA */
+
+#ifdef HAVE_AESGCM
+#ifndef NO_RSA
+            case TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 :
+                return "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256";
+            case TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 :
+                return "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384";
+#endif
+            case TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 :
+                return "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256";
+            case TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 :
+                return "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384";
+#ifndef NO_RSA
+            case TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 :
+                return "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256";
+            case TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 :
+                return "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384";
+#endif
+            case TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 :
+                return "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256";
+            case TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 :
+                return "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384";
+#endif
+#endif /* HAVE_ECC */
+
+#ifdef HAVE_AESCCM
+#ifndef NO_RSA
+            case TLS_RSA_WITH_AES_128_CCM_8 :
+                return "TLS_RSA_WITH_AES_128_CCM_8";
+            case TLS_RSA_WITH_AES_256_CCM_8 :
+                return "TLS_RSA_WITH_AES_256_CCM_8";
+#endif
+#ifndef NO_PSK
+            case TLS_PSK_WITH_AES_128_CCM_8 :
+                return "TLS_PSK_WITH_AES_128_CCM_8";
+            case TLS_PSK_WITH_AES_256_CCM_8 :
+                return "TLS_PSK_WITH_AES_256_CCM_8";
+            case TLS_PSK_WITH_AES_128_CCM :
+                return "TLS_PSK_WITH_AES_128_CCM";
+            case TLS_PSK_WITH_AES_256_CCM :
+                return "TLS_PSK_WITH_AES_256_CCM";
+            case TLS_DHE_PSK_WITH_AES_128_CCM :
+                return "TLS_DHE_PSK_WITH_AES_128_CCM";
+            case TLS_DHE_PSK_WITH_AES_256_CCM :
+                return "TLS_DHE_PSK_WITH_AES_256_CCM";
+#endif
+#ifdef HAVE_ECC
+            case TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8:
+                return "TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8";
+            case TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 :
+                return "TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8";
+#endif
+#endif
+
+            default:
+                return "NONE";
+        }
+        }
+#endif  /* ECC */
+        if (cipher->ssl->options.cipherSuite0 != ECC_BYTE &&
+            cipher->ssl->options.cipherSuite0 != CHACHA_BYTE) {
+
+            /* normal suites */
+        switch (cipher->ssl->options.cipherSuite) {
+#ifndef NO_RSA
+#ifndef NO_RC4
+    #ifndef NO_SHA
+            case SSL_RSA_WITH_RC4_128_SHA :
+                return "SSL_RSA_WITH_RC4_128_SHA";
+    #endif
+    #ifndef NO_MD5
+            case SSL_RSA_WITH_RC4_128_MD5 :
+                return "SSL_RSA_WITH_RC4_128_MD5";
+    #endif
+#endif
+#ifndef NO_SHA
+    #ifndef NO_DES3
+            case SSL_RSA_WITH_3DES_EDE_CBC_SHA :
+                return "SSL_RSA_WITH_3DES_EDE_CBC_SHA";
+    #endif
+            case TLS_RSA_WITH_AES_128_CBC_SHA :
+                return "TLS_RSA_WITH_AES_128_CBC_SHA";
+            case TLS_RSA_WITH_AES_256_CBC_SHA :
+                return "TLS_RSA_WITH_AES_256_CBC_SHA";
+#endif
+            case TLS_RSA_WITH_AES_128_CBC_SHA256 :
+                return "TLS_RSA_WITH_AES_128_CBC_SHA256";
+            case TLS_RSA_WITH_AES_256_CBC_SHA256 :
+                return "TLS_RSA_WITH_AES_256_CBC_SHA256";
+    #ifdef HAVE_BLAKE2
+            case TLS_RSA_WITH_AES_128_CBC_B2B256:
+                return "TLS_RSA_WITH_AES_128_CBC_B2B256";
+            case TLS_RSA_WITH_AES_256_CBC_B2B256:
+                return "TLS_RSA_WITH_AES_256_CBC_B2B256";
+    #endif
+#ifndef NO_SHA
+            case TLS_RSA_WITH_NULL_SHA :
+                return "TLS_RSA_WITH_NULL_SHA";
+#endif
+            case TLS_RSA_WITH_NULL_SHA256 :
+                return "TLS_RSA_WITH_NULL_SHA256";
+#endif /* NO_RSA */
+#ifndef NO_PSK
+#ifndef NO_SHA
+            case TLS_PSK_WITH_AES_128_CBC_SHA :
+                return "TLS_PSK_WITH_AES_128_CBC_SHA";
+            case TLS_PSK_WITH_AES_256_CBC_SHA :
+                return "TLS_PSK_WITH_AES_256_CBC_SHA";
+#endif
+#ifndef NO_SHA256
+            case TLS_PSK_WITH_AES_128_CBC_SHA256 :
+                return "TLS_PSK_WITH_AES_128_CBC_SHA256";
+            case TLS_PSK_WITH_NULL_SHA256 :
+                return "TLS_PSK_WITH_NULL_SHA256";
+            case TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 :
+                return "TLS_DHE_PSK_WITH_AES_128_CBC_SHA256";
+            case TLS_DHE_PSK_WITH_NULL_SHA256 :
+                return "TLS_DHE_PSK_WITH_NULL_SHA256";
+    #ifdef HAVE_AESGCM
+            case TLS_PSK_WITH_AES_128_GCM_SHA256 :
+                return "TLS_PSK_WITH_AES_128_GCM_SHA256";
+            case TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 :
+                return "TLS_DHE_PSK_WITH_AES_128_GCM_SHA256";
+    #endif
+#endif
+#ifdef WOLFSSL_SHA384
+            case TLS_PSK_WITH_AES_256_CBC_SHA384 :
+                return "TLS_PSK_WITH_AES_256_CBC_SHA384";
+            case TLS_PSK_WITH_NULL_SHA384 :
+                return "TLS_PSK_WITH_NULL_SHA384";
+            case TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 :
+                return "TLS_DHE_PSK_WITH_AES_256_CBC_SHA384";
+            case TLS_DHE_PSK_WITH_NULL_SHA384 :
+                return "TLS_DHE_PSK_WITH_NULL_SHA384";
+    #ifdef HAVE_AESGCM
+            case TLS_PSK_WITH_AES_256_GCM_SHA384 :
+                return "TLS_PSK_WITH_AES_256_GCM_SHA384";
+            case TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 :
+                return "TLS_DHE_PSK_WITH_AES_256_GCM_SHA384";
+    #endif
+#endif
+#ifndef NO_SHA
+            case TLS_PSK_WITH_NULL_SHA :
+                return "TLS_PSK_WITH_NULL_SHA";
+#endif
+#endif /* NO_PSK */
+#ifndef NO_RSA
+            case TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 :
+                return "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256";
+            case TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 :
+                return "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256";
+#ifndef NO_SHA
+            case TLS_DHE_RSA_WITH_AES_128_CBC_SHA :
+                return "TLS_DHE_RSA_WITH_AES_128_CBC_SHA";
+            case TLS_DHE_RSA_WITH_AES_256_CBC_SHA :
+                return "TLS_DHE_RSA_WITH_AES_256_CBC_SHA";
+#endif
+#ifndef NO_HC128
+    #ifndef NO_MD5
+            case TLS_RSA_WITH_HC_128_MD5 :
+                return "TLS_RSA_WITH_HC_128_MD5";
+    #endif
+    #ifndef NO_SHA
+            case TLS_RSA_WITH_HC_128_SHA :
+                return "TLS_RSA_WITH_HC_128_SHA";
+    #endif
+    #ifdef HAVE_BLAKE2
+            case TLS_RSA_WITH_HC_128_B2B256:
+                return "TLS_RSA_WITH_HC_128_B2B256";
+    #endif
+#endif /* NO_HC128 */
+#ifndef NO_SHA
+    #ifndef NO_RABBIT
+            case TLS_RSA_WITH_RABBIT_SHA :
+                return "TLS_RSA_WITH_RABBIT_SHA";
+    #endif
+    #ifdef HAVE_NTRU
+        #ifndef NO_RC4
+            case TLS_NTRU_RSA_WITH_RC4_128_SHA :
+                return "TLS_NTRU_RSA_WITH_RC4_128_SHA";
+        #endif
+        #ifndef NO_DES3
+            case TLS_NTRU_RSA_WITH_3DES_EDE_CBC_SHA :
+                return "TLS_NTRU_RSA_WITH_3DES_EDE_CBC_SHA";
+        #endif
+            case TLS_NTRU_RSA_WITH_AES_128_CBC_SHA :
+                return "TLS_NTRU_RSA_WITH_AES_128_CBC_SHA";
+            case TLS_NTRU_RSA_WITH_AES_256_CBC_SHA :
+                return "TLS_NTRU_RSA_WITH_AES_256_CBC_SHA";
+    #endif /* HAVE_NTRU */
+#endif /* NO_SHA */
+            case TLS_RSA_WITH_AES_128_GCM_SHA256 :
+                return "TLS_RSA_WITH_AES_128_GCM_SHA256";
+            case TLS_RSA_WITH_AES_256_GCM_SHA384 :
+                return "TLS_RSA_WITH_AES_256_GCM_SHA384";
+            case TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 :
+                return "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256";
+            case TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 :
+                return "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384";
+#ifndef NO_SHA
+            case TLS_RSA_WITH_CAMELLIA_128_CBC_SHA :
+                return "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA";
+            case TLS_RSA_WITH_CAMELLIA_256_CBC_SHA :
+                return "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA";
+#endif
+            case TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 :
+                return "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256";
+            case TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 :
+                return "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256";
+#ifndef NO_SHA
+            case TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA :
+                return "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA";
+            case TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA :
+                return "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA";
+#endif
+            case TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 :
+                return "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256";
+            case TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 :
+                return "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256";
+#endif /* NO_RSA */
+#ifdef BUILD_TLS_DH_anon_WITH_AES_128_CBC_SHA
+            case TLS_DH_anon_WITH_AES_128_CBC_SHA :
+                return "TLS_DH_anon_WITH_AES_128_CBC_SHA";
+#endif
+            default:
+                return "NONE";
+        }  /* switch */
+        }  /* normal / ECC */
+    }
+#endif /* NO_ERROR_STRINGS */
+    return "NONE";
+}
+
+
+const char* wolfSSL_get_cipher(WOLFSSL* ssl)
+{
+    WOLFSSL_ENTER("wolfSSL_get_cipher");
+    return wolfSSL_CIPHER_get_name(wolfSSL_get_current_cipher(ssl));
+}
+
+#ifdef OPENSSL_EXTRA
+
+
+
+char* wolfSSL_CIPHER_description(WOLFSSL_CIPHER* cipher, char* in, int len)
+{
+    (void)cipher;
+    (void)in;
+    (void)len;
+    return 0;
+}
+
+
+WOLFSSL_SESSION* wolfSSL_get1_session(WOLFSSL* ssl)  /* what's ref count */
+{
+    (void)ssl;
+    return 0;
+}
+
+
+void wolfSSL_X509_free(WOLFSSL_X509* buf)
+{
+    (void)buf;
+}
+
+
+/* was do nothing */
+/*
+void OPENSSL_free(void* buf)
+{
+    (void)buf;
+}
+*/
+
+
+int wolfSSL_OCSP_parse_url(char* url, char** host, char** port, char** path,
+                   int* ssl)
+{
+    (void)url;
+    (void)host;
+    (void)port;
+    (void)path;
+    (void)ssl;
+    return 0;
+}
+
+
+WOLFSSL_METHOD* wolfSSLv2_client_method(void)
+{
+    return 0;
+}
+
+
+WOLFSSL_METHOD* wolfSSLv2_server_method(void)
+{
+    return 0;
+}
+
+
+#ifndef NO_MD4
+
+void wolfSSL_MD4_Init(WOLFSSL_MD4_CTX* md4)
+{
+    /* make sure we have a big enough buffer */
+    typedef char ok[sizeof(md4->buffer) >= sizeof(Md4) ? 1 : -1];
+    (void) sizeof(ok);
+
+    WOLFSSL_ENTER("MD4_Init");
+    wc_InitMd4((Md4*)md4);
+}
+
+
+void wolfSSL_MD4_Update(WOLFSSL_MD4_CTX* md4, const void* data,
+                       unsigned long len)
+{
+    WOLFSSL_ENTER("MD4_Update");
+    wc_Md4Update((Md4*)md4, (const byte*)data, (word32)len);
+}
+
+
+void wolfSSL_MD4_Final(unsigned char* digest, WOLFSSL_MD4_CTX* md4)
+{
+    WOLFSSL_ENTER("MD4_Final");
+    wc_Md4Final((Md4*)md4, digest);
+}
+
+#endif /* NO_MD4 */
+
+
+WOLFSSL_BIO* wolfSSL_BIO_pop(WOLFSSL_BIO* top)
+{
+    (void)top;
+    return 0;
+}
+
+
+int wolfSSL_BIO_pending(WOLFSSL_BIO* bio)
+{
+    (void)bio;
+    return 0;
+}
+
+
+
+WOLFSSL_BIO_METHOD* wolfSSL_BIO_s_mem(void)
+{
+    static WOLFSSL_BIO_METHOD meth;
+
+    WOLFSSL_ENTER("BIO_s_mem");
+    meth.type = BIO_MEMORY;
+
+    return &meth;
+}
+
+
+WOLFSSL_BIO_METHOD* wolfSSL_BIO_f_base64(void)
+{
+    return 0;
+}
+
+
+void wolfSSL_BIO_set_flags(WOLFSSL_BIO* bio, int flags)
+{
+    (void)bio;
+    (void)flags;
+}
+
+
+
+void wolfSSL_RAND_screen(void)
+{
+
+}
+
+
+const char* wolfSSL_RAND_file_name(char* fname, unsigned long len)
+{
+    (void)fname;
+    (void)len;
+    return 0;
+}
+
+
+int wolfSSL_RAND_write_file(const char* fname)
+{
+    (void)fname;
+    return 0;
+}
+
+
+int wolfSSL_RAND_load_file(const char* fname, long len)
+{
+    (void)fname;
+    /* wolfCrypt provides enough entropy internally or will report error */
+    if (len == -1)
+        return 1024;
+    else
+        return (int)len;
+}
+
+
+int wolfSSL_RAND_egd(const char* path)
+{
+    (void)path;
+    return 0;
+}
+
+
+
+WOLFSSL_COMP_METHOD* wolfSSL_COMP_zlib(void)
+{
+    return 0;
+}
+
+
+WOLFSSL_COMP_METHOD* wolfSSL_COMP_rle(void)
+{
+    return 0;
+}
+
+
+int wolfSSL_COMP_add_compression_method(int method, void* data)
+{
+    (void)method;
+    (void)data;
+    return 0;
+}
+
+
+
+int wolfSSL_get_ex_new_index(long idx, void* data, void* cb1, void* cb2,
+                         void* cb3)
+{
+    (void)idx;
+    (void)data;
+    (void)cb1;
+    (void)cb2;
+    (void)cb3;
+    return 0;
+}
+
+
+void wolfSSL_set_dynlock_create_callback(WOLFSSL_dynlock_value* (*f)(
+                                                          const char*, int))
+{
+    (void)f;
+}
+
+
+void wolfSSL_set_dynlock_lock_callback(
+             void (*f)(int, WOLFSSL_dynlock_value*, const char*, int))
+{
+    (void)f;
+}
+
+
+void wolfSSL_set_dynlock_destroy_callback(
+                  void (*f)(WOLFSSL_dynlock_value*, const char*, int))
+{
+    (void)f;
+}
+
+
+
+const char* wolfSSL_X509_verify_cert_error_string(long err)
+{
+    (void)err;
+    return 0;
+}
+
+
+
+int wolfSSL_X509_LOOKUP_add_dir(WOLFSSL_X509_LOOKUP* lookup, const char* dir,
+                               long len)
+{
+    (void)lookup;
+    (void)dir;
+    (void)len;
+    return 0;
+}
+
+
+int wolfSSL_X509_LOOKUP_load_file(WOLFSSL_X509_LOOKUP* lookup,
+                                 const char* file, long len)
+{
+    (void)lookup;
+    (void)file;
+    (void)len;
+    return 0;
+}
+
+
+WOLFSSL_X509_LOOKUP_METHOD* wolfSSL_X509_LOOKUP_hash_dir(void)
+{
+    return 0;
+}
+
+
+WOLFSSL_X509_LOOKUP_METHOD* wolfSSL_X509_LOOKUP_file(void)
+{
+    return 0;
+}
+
+
+
+WOLFSSL_X509_LOOKUP* wolfSSL_X509_STORE_add_lookup(WOLFSSL_X509_STORE* store,
+                                               WOLFSSL_X509_LOOKUP_METHOD* m)
+{
+    (void)store;
+    (void)m;
+    return 0;
+}
+
+
+int wolfSSL_X509_STORE_add_cert(WOLFSSL_X509_STORE* store, WOLFSSL_X509* x509)
+{
+    int result = SSL_FATAL_ERROR;
+
+    WOLFSSL_ENTER("wolfSSL_X509_STORE_add_cert");
+    if (store != NULL && store->cm != NULL && x509 != NULL) {
+        buffer derCert;
+        derCert.buffer = (byte*)XMALLOC(x509->derCert.length,
+                                                   NULL, DYNAMIC_TYPE_CERT);
+        if (derCert.buffer != NULL) {
+            derCert.length = x509->derCert.length;
+                /* AddCA() frees the buffer. */
+            XMEMCPY(derCert.buffer,
+                                x509->derCert.buffer, x509->derCert.length);
+            result = AddCA(store->cm, derCert, WOLFSSL_USER_CA, 1);
+            if (result != SSL_SUCCESS) result = SSL_FATAL_ERROR;
+        }
+    }
+
+    WOLFSSL_LEAVE("wolfSSL_X509_STORE_add_cert", result);
+    return result;
+}
+
+
+WOLFSSL_X509_STORE* wolfSSL_X509_STORE_new(void)
+{
+    WOLFSSL_X509_STORE* store = NULL;
+
+    store = (WOLFSSL_X509_STORE*)XMALLOC(sizeof(WOLFSSL_X509_STORE), NULL, 0);
+    if (store != NULL) {
+        store->cm = wolfSSL_CertManagerNew();
+        if (store->cm == NULL) {
+            XFREE(store, NULL, 0);
+            store = NULL;
+        }
+    }
+
+    return store;
+}
+
+
+void wolfSSL_X509_STORE_free(WOLFSSL_X509_STORE* store)
+{
+    if (store != NULL) {
+        if (store->cm != NULL)
+        wolfSSL_CertManagerFree(store->cm);
+        XFREE(store, NULL, 0);
+    }
+}
+
+
+int wolfSSL_X509_STORE_set_default_paths(WOLFSSL_X509_STORE* store)
+{
+    (void)store;
+    return SSL_SUCCESS;
+}
+
+
+int wolfSSL_X509_STORE_get_by_subject(WOLFSSL_X509_STORE_CTX* ctx, int idx,
+                            WOLFSSL_X509_NAME* name, WOLFSSL_X509_OBJECT* obj)
+{
+    (void)ctx;
+    (void)idx;
+    (void)name;
+    (void)obj;
+    return 0;
+}
+
+
+WOLFSSL_X509_STORE_CTX* wolfSSL_X509_STORE_CTX_new(void)
+{
+    WOLFSSL_X509_STORE_CTX* ctx = (WOLFSSL_X509_STORE_CTX*)XMALLOC(
+                                    sizeof(WOLFSSL_X509_STORE_CTX), NULL, 0);
+
+    if (ctx != NULL)
+        wolfSSL_X509_STORE_CTX_init(ctx, NULL, NULL, NULL);
+
+    return ctx;
+}
+
+
+int wolfSSL_X509_STORE_CTX_init(WOLFSSL_X509_STORE_CTX* ctx,
+     WOLFSSL_X509_STORE* store, WOLFSSL_X509* x509, STACK_OF(WOLFSSL_X509)* sk)
+{
+    (void)sk;
+    if (ctx != NULL) {
+        ctx->store = store;
+        ctx->current_cert = x509;
+        ctx->domain = NULL;
+        ctx->ex_data = NULL;
+        ctx->userCtx = NULL;
+        ctx->error = 0;
+        ctx->error_depth = 0;
+        ctx->discardSessionCerts = 0;
+        return SSL_SUCCESS;
+    }
+    return SSL_FATAL_ERROR;
+}
+
+
+void wolfSSL_X509_STORE_CTX_free(WOLFSSL_X509_STORE_CTX* ctx)
+{
+    if (ctx != NULL) {
+        if (ctx->store != NULL)
+            wolfSSL_X509_STORE_free(ctx->store);
+        if (ctx->current_cert != NULL)
+            wolfSSL_FreeX509(ctx->current_cert);
+        XFREE(ctx, NULL, 0);
+    }
+}
+
+
+void wolfSSL_X509_STORE_CTX_cleanup(WOLFSSL_X509_STORE_CTX* ctx)
+{
+    (void)ctx;
+}
+
+
+int wolfSSL_X509_verify_cert(WOLFSSL_X509_STORE_CTX* ctx)
+{
+    if (ctx != NULL && ctx->store != NULL && ctx->store->cm != NULL
+                                             && ctx->current_cert != NULL) {
+        return wolfSSL_CertManagerVerifyBuffer(ctx->store->cm,
+                    ctx->current_cert->derCert.buffer,
+                    ctx->current_cert->derCert.length,
+                    SSL_FILETYPE_ASN1);
+    }
+    return SSL_FATAL_ERROR;
+}
+
+
+WOLFSSL_ASN1_TIME* wolfSSL_X509_CRL_get_lastUpdate(WOLFSSL_X509_CRL* crl)
+{
+    (void)crl;
+    return 0;
+}
+
+
+WOLFSSL_ASN1_TIME* wolfSSL_X509_CRL_get_nextUpdate(WOLFSSL_X509_CRL* crl)
+{
+    (void)crl;
+    return 0;
+}
+
+
+
+WOLFSSL_EVP_PKEY* wolfSSL_X509_get_pubkey(WOLFSSL_X509* x509)
+{
+    WOLFSSL_EVP_PKEY* key = NULL;
+    if (x509 != NULL) {
+        key = (WOLFSSL_EVP_PKEY*)XMALLOC(
+                    sizeof(WOLFSSL_EVP_PKEY), NULL, DYNAMIC_TYPE_PUBLIC_KEY);
+        if (key != NULL) {
+            key->type = x509->pubKeyOID;
+            key->save_type = 0;
+            key->pkey.ptr = (char*)XMALLOC(
+                        x509->pubKey.length, NULL, DYNAMIC_TYPE_PUBLIC_KEY);
+            if (key->pkey.ptr == NULL) {
+                XFREE(key, NULL, DYNAMIC_TYPE_PUBLIC_KEY);
+                return NULL;
+            }
+            XMEMCPY(key->pkey.ptr,
+                                  x509->pubKey.buffer, x509->pubKey.length);
+            key->pkey_sz = x509->pubKey.length;
+            #ifdef HAVE_ECC
+                key->pkey_curve = (int)x509->pkCurveOID;
+            #endif /* HAVE_ECC */
+        }
+    }
+    return key;
+}
+
+
+int wolfSSL_X509_CRL_verify(WOLFSSL_X509_CRL* crl, WOLFSSL_EVP_PKEY* key)
+{
+    (void)crl;
+    (void)key;
+    return 0;
+}
+
+
+void wolfSSL_X509_STORE_CTX_set_error(WOLFSSL_X509_STORE_CTX* ctx, int err)
+{
+    (void)ctx;
+    (void)err;
+}
+
+
+void wolfSSL_X509_OBJECT_free_contents(WOLFSSL_X509_OBJECT* obj)
+{
+    (void)obj;
+}
+
+
+void wolfSSL_EVP_PKEY_free(WOLFSSL_EVP_PKEY* key)
+{
+    if (key != NULL) {
+        if (key->pkey.ptr != NULL)
+            XFREE(key->pkey.ptr, NULL, 0);
+        XFREE(key, NULL, 0);
+    }
+}
+
+
+int wolfSSL_X509_cmp_current_time(const WOLFSSL_ASN1_TIME* asnTime)
+{
+    (void)asnTime;
+    return 0;
+}
+
+
+int wolfSSL_sk_X509_REVOKED_num(WOLFSSL_X509_REVOKED* revoked)
+{
+    (void)revoked;
+    return 0;
+}
+
+
+
+WOLFSSL_X509_REVOKED* wolfSSL_X509_CRL_get_REVOKED(WOLFSSL_X509_CRL* crl)
+{
+    (void)crl;
+    return 0;
+}
+
+
+WOLFSSL_X509_REVOKED* wolfSSL_sk_X509_REVOKED_value(
+                                    WOLFSSL_X509_REVOKED* revoked, int value)
+{
+    (void)revoked;
+    (void)value;
+    return 0;
+}
+
+
+
+WOLFSSL_ASN1_INTEGER* wolfSSL_X509_get_serialNumber(WOLFSSL_X509* x509)
+{
+    (void)x509;
+    return 0;
+}
+
+
+int wolfSSL_ASN1_TIME_print(WOLFSSL_BIO* bio, const WOLFSSL_ASN1_TIME* asnTime)
+{
+    (void)bio;
+    (void)asnTime;
+    return 0;
+}
+
+
+
+int wolfSSL_ASN1_INTEGER_cmp(const WOLFSSL_ASN1_INTEGER* a,
+                            const WOLFSSL_ASN1_INTEGER* b)
+{
+    (void)a;
+    (void)b;
+    return 0;
+}
+
+
+long wolfSSL_ASN1_INTEGER_get(const WOLFSSL_ASN1_INTEGER* i)
+{
+    (void)i;
+    return 0;
+}
+
+
+
+void* wolfSSL_X509_STORE_CTX_get_ex_data(WOLFSSL_X509_STORE_CTX* ctx, int idx)
+{
+#ifdef FORTRESS
+    if (ctx != NULL && idx == 0)
+        return ctx->ex_data;
+#else
+    (void)ctx;
+    (void)idx;
+#endif
+    return 0;
+}
+
+
+int wolfSSL_get_ex_data_X509_STORE_CTX_idx(void)
+{
+    return 0;
+}
+
+
+void* wolfSSL_get_ex_data(const WOLFSSL* ssl, int idx)
+{
+#ifdef FORTRESS
+    if (ssl != NULL && idx < MAX_EX_DATA)
+        return ssl->ex_data[idx];
+#else
+    (void)ssl;
+    (void)idx;
+#endif
+    return 0;
+}
+
+
+void wolfSSL_CTX_set_info_callback(WOLFSSL_CTX* ctx, void (*f)(void))
+{
+    (void)ctx;
+    (void)f;
+}
+
+
+unsigned long wolfSSL_ERR_peek_error(void)
+{
+    return 0;
+}
+
+
+int wolfSSL_ERR_GET_REASON(int err)
+{
+    (void)err;
+    return 0;
+}
+
+
+char* wolfSSL_alert_type_string_long(int alertID)
+{
+    (void)alertID;
+    return 0;
+}
+
+
+char* wolfSSL_alert_desc_string_long(int alertID)
+{
+    (void)alertID;
+    return 0;
+}
+
+
+char* wolfSSL_state_string_long(WOLFSSL* ssl)
+{
+    (void)ssl;
+    return 0;
+}
+
+
+int wolfSSL_PEM_def_callback(char* name, int num, int w, void* key)
+{
+    (void)name;
+    (void)num;
+    (void)w;
+    (void)key;
+    return 0;
+}
+
+
+long wolfSSL_CTX_sess_accept(WOLFSSL_CTX* ctx)
+{
+    (void)ctx;
+    return 0;
+}
+
+
+long wolfSSL_CTX_sess_connect(WOLFSSL_CTX* ctx)
+{
+    (void)ctx;
+    return 0;
+}
+
+
+long wolfSSL_CTX_sess_accept_good(WOLFSSL_CTX* ctx)
+{
+    (void)ctx;
+    return 0;
+}
+
+
+long wolfSSL_CTX_sess_connect_good(WOLFSSL_CTX* ctx)
+{
+    (void)ctx;
+    return 0;
+}
+
+
+long wolfSSL_CTX_sess_accept_renegotiate(WOLFSSL_CTX* ctx)
+{
+    (void)ctx;
+    return 0;
+}
+
+
+long wolfSSL_CTX_sess_connect_renegotiate(WOLFSSL_CTX* ctx)
+{
+    (void)ctx;
+    return 0;
+}
+
+
+long wolfSSL_CTX_sess_hits(WOLFSSL_CTX* ctx)
+{
+    (void)ctx;
+    return 0;
+}
+
+
+long wolfSSL_CTX_sess_cb_hits(WOLFSSL_CTX* ctx)
+{
+    (void)ctx;
+    return 0;
+}
+
+
+long wolfSSL_CTX_sess_cache_full(WOLFSSL_CTX* ctx)
+{
+    (void)ctx;
+    return 0;
+}
+
+
+long wolfSSL_CTX_sess_misses(WOLFSSL_CTX* ctx)
+{
+    (void)ctx;
+    return 0;
+}
+
+
+long wolfSSL_CTX_sess_timeouts(WOLFSSL_CTX* ctx)
+{
+    (void)ctx;
+    return 0;
+}
+
+
+long wolfSSL_CTX_sess_number(WOLFSSL_CTX* ctx)
+{
+    (void)ctx;
+    return 0;
+}
+
+
+void wolfSSL_DES_set_key_unchecked(WOLFSSL_const_DES_cblock* myDes,
+                                               WOLFSSL_DES_key_schedule* key)
+{
+    (void)myDes;
+    (void)key;
+}
+
+
+void wolfSSL_DES_set_odd_parity(WOLFSSL_DES_cblock* myDes)
+{
+    (void)myDes;
+}
+
+
+void wolfSSL_DES_ecb_encrypt(WOLFSSL_DES_cblock* desa,
+             WOLFSSL_DES_cblock* desb, WOLFSSL_DES_key_schedule* key, int len)
+{
+    (void)desa;
+    (void)desb;
+    (void)key;
+    (void)len;
+}
+
+int wolfSSL_BIO_printf(WOLFSSL_BIO* bio, const char* format, ...)
+{
+    (void)bio;
+    (void)format;
+    return 0;
+}
+
+
+int wolfSSL_ASN1_UTCTIME_print(WOLFSSL_BIO* bio, const WOLFSSL_ASN1_UTCTIME* a)
+{
+    (void)bio;
+    (void)a;
+    return 0;
+}
+
+
+int  wolfSSL_sk_num(WOLFSSL_X509_REVOKED* rev)
+{
+    (void)rev;
+    return 0;
+}
+
+
+void* wolfSSL_sk_value(WOLFSSL_X509_REVOKED* rev, int i)
+{
+    (void)rev;
+    (void)i;
+    return 0;
+}
+
+
+/* stunnel 4.28 needs */
+void* wolfSSL_CTX_get_ex_data(const WOLFSSL_CTX* ctx, int d)
+{
+    (void)ctx;
+    (void)d;
+    return 0;
+}
+
+
+int wolfSSL_CTX_set_ex_data(WOLFSSL_CTX* ctx, int d, void* p)
+{
+    (void)ctx;
+    (void)d;
+    (void)p;
+    return SSL_SUCCESS;
+}
+
+
+void wolfSSL_CTX_sess_set_get_cb(WOLFSSL_CTX* ctx,
+                    WOLFSSL_SESSION*(*f)(WOLFSSL*, unsigned char*, int, int*))
+{
+    (void)ctx;
+    (void)f;
+}
+
+
+void wolfSSL_CTX_sess_set_new_cb(WOLFSSL_CTX* ctx,
+                             int (*f)(WOLFSSL*, WOLFSSL_SESSION*))
+{
+    (void)ctx;
+    (void)f;
+}
+
+
+void wolfSSL_CTX_sess_set_remove_cb(WOLFSSL_CTX* ctx, void (*f)(WOLFSSL_CTX*,
+                                                        WOLFSSL_SESSION*))
+{
+    (void)ctx;
+    (void)f;
+}
+
+
+int wolfSSL_i2d_SSL_SESSION(WOLFSSL_SESSION* sess, unsigned char** p)
+{
+    (void)sess;
+    (void)p;
+    return sizeof(WOLFSSL_SESSION);
+}
+
+
+WOLFSSL_SESSION* wolfSSL_d2i_SSL_SESSION(WOLFSSL_SESSION** sess,
+                                const unsigned char** p, long i)
+{
+    (void)p;
+    (void)i;
+    if (sess)
+        return *sess;
+    return NULL;
+}
+
+
+long wolfSSL_SESSION_get_timeout(const WOLFSSL_SESSION* sess)
+{
+    WOLFSSL_ENTER("wolfSSL_SESSION_get_timeout");
+    return sess->timeout;
+}
+
+
+long wolfSSL_SESSION_get_time(const WOLFSSL_SESSION* sess)
+{
+    WOLFSSL_ENTER("wolfSSL_SESSION_get_time");
+    return sess->bornOn;
+}
+
+
+int wolfSSL_CTX_get_ex_new_index(long idx, void* arg, void* a, void* b,
+                                void* c)
+{
+    (void)idx;
+    (void)arg;
+    (void)a;
+    (void)b;
+    (void)c;
+    return 0;
+}
+
+#endif /* OPENSSL_EXTRA */
+
+
+#ifdef KEEP_PEER_CERT
+char*  wolfSSL_X509_get_subjectCN(WOLFSSL_X509* x509)
+{
+    if (x509 == NULL)
+        return NULL;
+
+    return x509->subjectCN;
+}
+#endif /* KEEP_PEER_CERT */
+
+#ifdef OPENSSL_EXTRA
+
+#ifdef FORTRESS
+int wolfSSL_cmp_peer_cert_to_file(WOLFSSL* ssl, const char *fname)
+{
+    int ret = SSL_FATAL_ERROR;
+
+    WOLFSSL_ENTER("wolfSSL_cmp_peer_cert_to_file");
+    if (ssl != NULL && fname != NULL)
+    {
+    #ifdef WOLFSSL_SMALL_STACK
+        EncryptedInfo* info = NULL;
+        byte           staticBuffer[1]; /* force heap usage */
+    #else
+        EncryptedInfo  info[1];
+        byte           staticBuffer[FILE_BUFFER_SIZE];
+    #endif
+        byte*          myBuffer  = staticBuffer;
+        int            dynamic   = 0;
+        XFILE          file      = XBADFILE;
+        long           sz        = 0;
+        int            eccKey    = 0;
+        WOLFSSL_CTX*    ctx       = ssl->ctx;
+        WOLFSSL_X509*   peer_cert = &ssl->peerCert;
+        buffer         fileDer;
+
+        file = XFOPEN(fname, "rb");
+        if (file == XBADFILE)
+            return SSL_BAD_FILE;
+
+        XFSEEK(file, 0, XSEEK_END);
+        sz = XFTELL(file);
+        XREWIND(file);
+
+        if (sz > (long)sizeof(staticBuffer)) {
+            WOLFSSL_MSG("Getting dynamic buffer");
+            myBuffer = (byte*)XMALLOC(sz, ctx->heap, DYNAMIC_TYPE_FILE);
+            dynamic = 1;
+        }
+
+    #ifdef WOLFSSL_SMALL_STACK
+        info = (EncryptedInfo*)XMALLOC(sizeof(EncryptedInfo), NULL,
+                                                   DYNAMIC_TYPE_TMP_BUFFER);
+        if (info == NULL)
+            ret = MEMORY_E;
+        else
+    #endif
+        {
+            info->set = 0;
+            info->ctx = ctx;
+            info->consumed = 0;
+            fileDer.buffer = 0;
+
+            if ((myBuffer != NULL) &&
+                (sz > 0) &&
+                (XFREAD(myBuffer, sz, 1, file) > 0) &&
+                (PemToDer(myBuffer, sz, CERT_TYPE,
+                          &fileDer, ctx->heap, info, &eccKey) == 0) &&
+                (fileDer.length != 0) &&
+                (fileDer.length == peer_cert->derCert.length) &&
+                (XMEMCMP(peer_cert->derCert.buffer, fileDer.buffer,
+                                                    fileDer.length) == 0))
+            {
+                ret = 0;
+            }
+
+        #ifdef WOLFSSL_SMALL_STACK
+            XFREE(info, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        #endif
+        }
+
+        XFREE(fileDer.buffer, ctx->heap, DYNAMIC_TYPE_CERT);
+        if (dynamic)
+            XFREE(myBuffer, ctx->heap, DYNAMIC_TYPE_FILE);
+
+        XFCLOSE(file);
+    }
+
+    return ret;
+}
+#endif
+
+
+static RNG globalRNG;
+static int initGlobalRNG = 0;
+
+/* SSL_SUCCESS on ok */
+int wolfSSL_RAND_seed(const void* seed, int len)
+{
+
+    WOLFSSL_MSG("wolfSSL_RAND_seed");
+
+    (void)seed;
+    (void)len;
+
+    if (initGlobalRNG == 0) {
+        if (wc_InitRng(&globalRNG) < 0) {
+            WOLFSSL_MSG("wolfSSL Init Global RNG failed");
+            return 0;
+        }
+        initGlobalRNG = 1;
+    }
+
+    return SSL_SUCCESS;
+}
+
+
+/* SSL_SUCCESS on ok */
+int wolfSSL_RAND_bytes(unsigned char* buf, int num)
+{
+    int    ret = 0;
+    int    initTmpRng = 0;
+    RNG*   rng = NULL;
+#ifdef WOLFSSL_SMALL_STACK
+    RNG*   tmpRNG = NULL;
+#else
+    RNG    tmpRNG[1];
+#endif
+
+    WOLFSSL_ENTER("RAND_bytes");
+
+#ifdef WOLFSSL_SMALL_STACK
+    tmpRNG = (RNG*)XMALLOC(sizeof(RNG), NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    if (tmpRNG == NULL)
+        return ret;
+#endif
+
+    if (wc_InitRng(tmpRNG) == 0) {
+        rng = tmpRNG;
+        initTmpRng = 1;
+    }
+    else if (initGlobalRNG)
+        rng = &globalRNG;
+
+    if (rng) {
+        if (wc_RNG_GenerateBlock(rng, buf, num) != 0)
+            WOLFSSL_MSG("Bad wc_RNG_GenerateBlock");
+        else
+            ret = SSL_SUCCESS;
+    }
+
+    if (initTmpRng) {
+        #if defined(HAVE_HASHDRBG) || defined(NO_RC4)
+            wc_FreeRng(tmpRNG);
+        #endif
+    }
+
+#ifdef WOLFSSL_SMALL_STACK
+    XFREE(tmpRNG, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+
+    return ret;
+}
+
+WOLFSSL_BN_CTX* wolfSSL_BN_CTX_new(void)
+{
+    static int ctx;  /* wolfcrypt doesn't now need ctx */
+
+    WOLFSSL_MSG("wolfSSL_BN_CTX_new");
+
+    return (WOLFSSL_BN_CTX*)&ctx;
+}
+
+void wolfSSL_BN_CTX_init(WOLFSSL_BN_CTX* ctx)
+{
+    (void)ctx;
+    WOLFSSL_MSG("wolfSSL_BN_CTX_init");
+}
+
+
+void wolfSSL_BN_CTX_free(WOLFSSL_BN_CTX* ctx)
+{
+    (void)ctx;
+    WOLFSSL_MSG("wolfSSL_BN_CTX_free");
+
+    /* do free since static ctx that does nothing */
+}
+
+
+static void InitwolfSSL_BigNum(WOLFSSL_BIGNUM* bn)
+{
+    WOLFSSL_MSG("InitwolfSSL_BigNum");
+    if (bn) {
+        bn->neg      = 0;
+        bn->internal = NULL;
+    }
+}
+
+
+WOLFSSL_BIGNUM* wolfSSL_BN_new(void)
+{
+    WOLFSSL_BIGNUM* external;
+    mp_int*        mpi;
+
+    WOLFSSL_MSG("wolfSSL_BN_new");
+
+    mpi = (mp_int*) XMALLOC(sizeof(mp_int), NULL, DYNAMIC_TYPE_BIGINT);
+    if (mpi == NULL) {
+        WOLFSSL_MSG("wolfSSL_BN_new malloc mpi failure");
+        return NULL;
+    }
+
+    external = (WOLFSSL_BIGNUM*) XMALLOC(sizeof(WOLFSSL_BIGNUM), NULL,
+                                        DYNAMIC_TYPE_BIGINT);
+    if (external == NULL) {
+        WOLFSSL_MSG("wolfSSL_BN_new malloc WOLFSSL_BIGNUM failure");
+        XFREE(mpi, NULL, DYNAMIC_TYPE_BIGINT);
+        return NULL;
+    }
+
+    InitwolfSSL_BigNum(external);
+    external->internal = mpi;
+    if (mp_init(mpi) != MP_OKAY) {
+        wolfSSL_BN_free(external);
+        return NULL;
+    }
+
+    return external;
+}
+
+
+void wolfSSL_BN_free(WOLFSSL_BIGNUM* bn)
+{
+    WOLFSSL_MSG("wolfSSL_BN_free");
+    if (bn) {
+        if (bn->internal) {
+            mp_clear((mp_int*)bn->internal);
+            XFREE(bn->internal, NULL, DYNAMIC_TYPE_BIGINT);
+            bn->internal = NULL;
+        }
+        XFREE(bn, NULL, DYNAMIC_TYPE_BIGINT);
+    }
+}
+
+
+void wolfSSL_BN_clear_free(WOLFSSL_BIGNUM* bn)
+{
+    WOLFSSL_MSG("wolfSSL_BN_clear_free");
+
+    wolfSSL_BN_free(bn);
+}
+
+
+/* SSL_SUCCESS on ok */
+int wolfSSL_BN_sub(WOLFSSL_BIGNUM* r, const WOLFSSL_BIGNUM* a,
+                  const WOLFSSL_BIGNUM* b)
+{
+    WOLFSSL_MSG("wolfSSL_BN_sub");
+
+    if (r == NULL || a == NULL || b == NULL)
+        return 0;
+
+    if (mp_sub((mp_int*)a->internal,(mp_int*)b->internal,
+               (mp_int*)r->internal) == MP_OKAY)
+        return SSL_SUCCESS;
+
+    WOLFSSL_MSG("wolfSSL_BN_sub mp_sub failed");
+    return 0;
+}
+
+
+/* SSL_SUCCESS on ok */
+int wolfSSL_BN_mod(WOLFSSL_BIGNUM* r, const WOLFSSL_BIGNUM* a,
+                  const WOLFSSL_BIGNUM* b, const WOLFSSL_BN_CTX* c)
+{
+    (void)c;
+    WOLFSSL_MSG("wolfSSL_BN_mod");
+
+    if (r == NULL || a == NULL || b == NULL)
+        return 0;
+
+    if (mp_mod((mp_int*)a->internal,(mp_int*)b->internal,
+               (mp_int*)r->internal) == MP_OKAY)
+        return SSL_SUCCESS;
+
+    WOLFSSL_MSG("wolfSSL_BN_mod mp_mod failed");
+    return 0;
+}
+
+
+const WOLFSSL_BIGNUM* wolfSSL_BN_value_one(void)
+{
+    static WOLFSSL_BIGNUM* bn_one = NULL;
+
+    WOLFSSL_MSG("wolfSSL_BN_value_one");
+
+    if (bn_one == NULL) {
+        bn_one = wolfSSL_BN_new();
+        if (bn_one)
+            mp_set_int((mp_int*)bn_one->internal, 1);
+    }
+
+    return bn_one;
+}
+
+
+int wolfSSL_BN_num_bytes(const WOLFSSL_BIGNUM* bn)
+{
+    WOLFSSL_MSG("wolfSSL_BN_num_bytes");
+
+    if (bn == NULL || bn->internal == NULL)
+        return 0;
+
+    return mp_unsigned_bin_size((mp_int*)bn->internal);
+}
+
+
+int wolfSSL_BN_num_bits(const WOLFSSL_BIGNUM* bn)
+{
+    WOLFSSL_MSG("wolfSSL_BN_num_bits");
+
+    if (bn == NULL || bn->internal == NULL)
+        return 0;
+
+    return mp_count_bits((mp_int*)bn->internal);
+}
+
+
+int wolfSSL_BN_is_zero(const WOLFSSL_BIGNUM* bn)
+{
+    WOLFSSL_MSG("wolfSSL_BN_is_zero");
+
+    if (bn == NULL || bn->internal == NULL)
+        return 0;
+
+    return mp_iszero((mp_int*)bn->internal);
+}
+
+
+int wolfSSL_BN_is_one(const WOLFSSL_BIGNUM* bn)
+{
+    WOLFSSL_MSG("wolfSSL_BN_is_one");
+
+    if (bn == NULL || bn->internal == NULL)
+        return 0;
+
+    if (mp_cmp_d((mp_int*)bn->internal, 1) == 0)
+        return 1;
+
+    return 0;
+}
+
+
+int wolfSSL_BN_is_odd(const WOLFSSL_BIGNUM* bn)
+{
+    WOLFSSL_MSG("wolfSSL_BN_is_odd");
+
+    if (bn == NULL || bn->internal == NULL)
+        return 0;
+
+    return mp_isodd((mp_int*)bn->internal);
+}
+
+
+int wolfSSL_BN_cmp(const WOLFSSL_BIGNUM* a, const WOLFSSL_BIGNUM* b)
+{
+    WOLFSSL_MSG("wolfSSL_BN_cmp");
+
+    if (a == NULL || a->internal == NULL || b == NULL || b->internal ==NULL)
+        return 0;
+
+    return mp_cmp((mp_int*)a->internal, (mp_int*)b->internal);
+}
+
+
+int wolfSSL_BN_bn2bin(const WOLFSSL_BIGNUM* bn, unsigned char* r)
+{
+    WOLFSSL_MSG("wolfSSL_BN_bn2bin");
+
+    if (bn == NULL || bn->internal == NULL) {
+        WOLFSSL_MSG("NULL bn error");
+        return SSL_FATAL_ERROR;
+    }
+
+    if (r == NULL)
+        return mp_unsigned_bin_size((mp_int*)bn->internal);
+
+    if (mp_to_unsigned_bin((mp_int*)bn->internal, r) != MP_OKAY) {
+        WOLFSSL_MSG("mp_to_unsigned_bin error");
+        return SSL_FATAL_ERROR;
+    }
+
+    return mp_unsigned_bin_size((mp_int*)bn->internal);
+}
+
+
+WOLFSSL_BIGNUM* wolfSSL_BN_bin2bn(const unsigned char* str, int len,
+                            WOLFSSL_BIGNUM* ret)
+{
+    WOLFSSL_MSG("wolfSSL_BN_bin2bn");
+
+    if (ret && ret->internal) {
+        if (mp_read_unsigned_bin((mp_int*)ret->internal, str, len) != 0) {
+            WOLFSSL_MSG("mp_read_unsigned_bin failure");
+            return NULL;
+        }
+    }
+    else {
+        WOLFSSL_MSG("wolfSSL_BN_bin2bn wants return bignum");
+    }
+
+    return ret;
+}
+
+
+int wolfSSL_mask_bits(WOLFSSL_BIGNUM* bn, int n)
+{
+    (void)bn;
+    (void)n;
+    WOLFSSL_MSG("wolfSSL_BN_mask_bits");
+
+    return SSL_FATAL_ERROR;
+}
+
+
+/* SSL_SUCCESS on ok */
+int wolfSSL_BN_rand(WOLFSSL_BIGNUM* bn, int bits, int top, int bottom)
+{
+    int           ret    = 0;
+    int           len    = bits / 8;
+    RNG*          rng    = NULL;
+#ifdef WOLFSSL_SMALL_STACK
+    RNG*          tmpRNG = NULL;
+    byte*         buff   = NULL;
+#else
+    RNG           tmpRNG[1];
+    byte          buff[1024];
+#endif
+
+    (void)top;
+    (void)bottom;
+    WOLFSSL_MSG("wolfSSL_BN_rand");
+
+    if (bits % 8)
+        len++;
+
+#ifdef WOLFSSL_SMALL_STACK
+    buff   = (byte*)XMALLOC(1024,        NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    tmpRNG = (RNG*) XMALLOC(sizeof(RNG), NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    if (buff == NULL || tmpRNG == NULL) {
+        XFREE(buff,   NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        XFREE(tmpRNG, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        return ret;
+    }
+#endif
+
+    if (bn == NULL || bn->internal == NULL)
+        WOLFSSL_MSG("Bad function arguments");
+    else if (wc_InitRng(tmpRNG) == 0)
+        rng = tmpRNG;
+    else if (initGlobalRNG)
+        rng = &globalRNG;
+
+    if (rng) {
+        if (wc_RNG_GenerateBlock(rng, buff, len) != 0)
+            WOLFSSL_MSG("Bad wc_RNG_GenerateBlock");
+        else {
+            buff[0]     |= 0x80 | 0x40;
+            buff[len-1] |= 0x01;
+
+            if (mp_read_unsigned_bin((mp_int*)bn->internal,buff,len) != MP_OKAY)
+                WOLFSSL_MSG("mp read bin failed");
+            else
+                ret = SSL_SUCCESS;
+        }
+    }
+
+#ifdef WOLFSSL_SMALL_STACK
+    XFREE(buff,   NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    XFREE(tmpRNG, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+
+    return ret;
+}
+
+
+int wolfSSL_BN_is_bit_set(const WOLFSSL_BIGNUM* bn, int n)
+{
+    (void)bn;
+    (void)n;
+
+    WOLFSSL_MSG("wolfSSL_BN_is_bit_set");
+
+    return 0;
+}
+
+
+/* SSL_SUCCESS on ok */
+int wolfSSL_BN_hex2bn(WOLFSSL_BIGNUM** bn, const char* str)
+{
+    int     ret     = 0;
+    word32  decSz   = 1024;
+#ifdef WOLFSSL_SMALL_STACK
+    byte*   decoded = NULL;
+#else
+    byte    decoded[1024];
+#endif
+
+    WOLFSSL_MSG("wolfSSL_BN_hex2bn");
+
+#ifdef WOLFSSL_SMALL_STACK
+    decoded = (byte*)XMALLOC(decSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    if (decoded == NULL)
+        return ret;
+#endif
+
+    if (str == NULL)
+        WOLFSSL_MSG("Bad function argument");
+    else if (Base16_Decode((byte*)str, (int)XSTRLEN(str), decoded, &decSz) < 0)
+        WOLFSSL_MSG("Bad Base16_Decode error");
+    else if (bn == NULL)
+        ret = decSz;
+    else {
+        if (*bn == NULL)
+            *bn = wolfSSL_BN_new();
+
+        if (*bn == NULL)
+            WOLFSSL_MSG("BN new failed");
+        else if (wolfSSL_BN_bin2bn(decoded, decSz, *bn) == NULL)
+            WOLFSSL_MSG("Bad bin2bn error");
+        else
+            ret = SSL_SUCCESS;
+    }
+
+#ifdef WOLFSSL_SMALL_STACK
+    XFREE(decoded, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+
+    return ret;
+}
+
+
+WOLFSSL_BIGNUM* wolfSSL_BN_dup(const WOLFSSL_BIGNUM* bn)
+{
+    WOLFSSL_BIGNUM* ret;
+
+    WOLFSSL_MSG("wolfSSL_BN_dup");
+
+    if (bn == NULL || bn->internal == NULL) {
+        WOLFSSL_MSG("bn NULL error");
+        return NULL;
+    }
+
+    ret = wolfSSL_BN_new();
+    if (ret == NULL) {
+        WOLFSSL_MSG("bn new error");
+        return NULL;
+    }
+
+    if (mp_copy((mp_int*)bn->internal, (mp_int*)ret->internal) != MP_OKAY) {
+        WOLFSSL_MSG("mp_copy error");
+        wolfSSL_BN_free(ret);
+        return NULL;
+    }
+
+    return ret;
+}
+
+
+WOLFSSL_BIGNUM* wolfSSL_BN_copy(WOLFSSL_BIGNUM* r, const WOLFSSL_BIGNUM* bn)
+{
+    (void)r;
+    (void)bn;
+
+    WOLFSSL_MSG("wolfSSL_BN_copy");
+
+    return NULL;
+}
+
+
+int wolfSSL_BN_set_word(WOLFSSL_BIGNUM* bn, unsigned long w)
+{
+    (void)bn;
+    (void)w;
+
+    WOLFSSL_MSG("wolfSSL_BN_set_word");
+
+    return SSL_FATAL_ERROR;
+}
+
+
+int wolfSSL_BN_dec2bn(WOLFSSL_BIGNUM** bn, const char* str)
+{
+    (void)bn;
+    (void)str;
+
+    WOLFSSL_MSG("wolfSSL_BN_dec2bn");
+
+    return SSL_FATAL_ERROR;
+}
+
+
+char* wolfSSL_BN_bn2dec(const WOLFSSL_BIGNUM* bn)
+{
+    (void)bn;
+
+    WOLFSSL_MSG("wolfSSL_BN_bn2dec");
+
+    return NULL;
+}
+
+
+#ifndef NO_DH
+
+static void InitwolfSSL_DH(WOLFSSL_DH* dh)
+{
+    if (dh) {
+        dh->p        = NULL;
+        dh->g        = NULL;
+        dh->pub_key  = NULL;
+        dh->priv_key = NULL;
+        dh->internal = NULL;
+        dh->inSet    = 0;
+        dh->exSet    = 0;
+    }
+}
+
+
+WOLFSSL_DH* wolfSSL_DH_new(void)
+{
+    WOLFSSL_DH* external;
+    DhKey*     key;
+
+    WOLFSSL_MSG("wolfSSL_DH_new");
+
+    key = (DhKey*) XMALLOC(sizeof(DhKey), NULL, DYNAMIC_TYPE_DH);
+    if (key == NULL) {
+        WOLFSSL_MSG("wolfSSL_DH_new malloc DhKey failure");
+        return NULL;
+    }
+
+    external = (WOLFSSL_DH*) XMALLOC(sizeof(WOLFSSL_DH), NULL,
+                                    DYNAMIC_TYPE_DH);
+    if (external == NULL) {
+        WOLFSSL_MSG("wolfSSL_DH_new malloc WOLFSSL_DH failure");
+        XFREE(key, NULL, DYNAMIC_TYPE_DH);
+        return NULL;
+    }
+
+    InitwolfSSL_DH(external);
+    wc_InitDhKey(key);
+    external->internal = key;
+
+    return external;
+}
+
+
+void wolfSSL_DH_free(WOLFSSL_DH* dh)
+{
+    WOLFSSL_MSG("wolfSSL_DH_free");
+
+    if (dh) {
+        if (dh->internal) {
+            wc_FreeDhKey((DhKey*)dh->internal);
+            XFREE(dh->internal, NULL, DYNAMIC_TYPE_DH);
+            dh->internal = NULL;
+        }
+        wolfSSL_BN_free(dh->priv_key);
+        wolfSSL_BN_free(dh->pub_key);
+        wolfSSL_BN_free(dh->g);
+        wolfSSL_BN_free(dh->p);
+        InitwolfSSL_DH(dh);  /* set back to NULLs for safety */
+
+        XFREE(dh, NULL, DYNAMIC_TYPE_DH);
+    }
+}
+
+
+static int SetDhInternal(WOLFSSL_DH* dh)
+{
+    int            ret = SSL_FATAL_ERROR;
+    int            pSz = 1024;
+    int            gSz = 1024;
+#ifdef WOLFSSL_SMALL_STACK
+    unsigned char* p   = NULL;
+    unsigned char* g   = NULL;
+#else
+    unsigned char  p[1024];
+    unsigned char  g[1024];
+#endif
+
+    WOLFSSL_ENTER("SetDhInternal");
+
+    if (dh == NULL || dh->p == NULL || dh->g == NULL)
+        WOLFSSL_MSG("Bad function arguments");
+    else if (wolfSSL_BN_bn2bin(dh->p, NULL) > pSz)
+        WOLFSSL_MSG("Bad p internal size");
+    else if (wolfSSL_BN_bn2bin(dh->g, NULL) > gSz)
+        WOLFSSL_MSG("Bad g internal size");
+    else {
+    #ifdef WOLFSSL_SMALL_STACK
+        p = (unsigned char*)XMALLOC(pSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        g = (unsigned char*)XMALLOC(gSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+
+        if (p == NULL || g == NULL) {
+            XFREE(p, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+            XFREE(g, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+            return ret;
+        }
+    #endif
+
+        pSz = wolfSSL_BN_bn2bin(dh->p, p);
+        gSz = wolfSSL_BN_bn2bin(dh->g, g);
+
+        if (pSz <= 0 || gSz <= 0)
+            WOLFSSL_MSG("Bad BN2bin set");
+        else if (wc_DhSetKey((DhKey*)dh->internal, p, pSz, g, gSz) < 0)
+            WOLFSSL_MSG("Bad DH SetKey");
+        else {
+            dh->inSet = 1;
+            ret = 0;
+        }
+
+    #ifdef WOLFSSL_SMALL_STACK
+        XFREE(p, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        XFREE(g, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    #endif
+    }
+
+
+    return ret;
+}
+
+
+int wolfSSL_DH_size(WOLFSSL_DH* dh)
+{
+    WOLFSSL_MSG("wolfSSL_DH_size");
+
+    if (dh == NULL)
+        return 0;
+
+    return wolfSSL_BN_num_bytes(dh->p);
+}
+
+
+/* return SSL_SUCCESS on ok, else 0 */
+int wolfSSL_DH_generate_key(WOLFSSL_DH* dh)
+{
+    int            ret    = 0;
+    word32         pubSz  = 768;
+    word32         privSz = 768;
+    RNG*           rng    = NULL;
+#ifdef WOLFSSL_SMALL_STACK
+    unsigned char* pub    = NULL;
+    unsigned char* priv   = NULL;
+    RNG*           tmpRNG = NULL;
+#else
+    unsigned char  pub [768];
+    unsigned char  priv[768];
+    RNG            tmpRNG[1];
+#endif
+
+    WOLFSSL_MSG("wolfSSL_DH_generate_key");
+
+#ifdef WOLFSSL_SMALL_STACK
+    tmpRNG = (RNG*)XMALLOC(sizeof(RNG),      NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    pub    = (unsigned char*)XMALLOC(pubSz,  NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    priv   = (unsigned char*)XMALLOC(privSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+
+    if (tmpRNG == NULL || pub == NULL || priv == NULL) {
+        XFREE(tmpRNG, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        XFREE(pub,    NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        XFREE(priv,   NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        return ret;
+    }
+#endif
+
+    if (dh == NULL || dh->p == NULL || dh->g == NULL)
+        WOLFSSL_MSG("Bad function arguments");
+    else if (dh->inSet == 0 && SetDhInternal(dh) < 0)
+            WOLFSSL_MSG("Bad DH set internal");
+    else if (wc_InitRng(tmpRNG) == 0)
+        rng = tmpRNG;
+    else {
+        WOLFSSL_MSG("Bad RNG Init, trying global");
+        if (initGlobalRNG == 0)
+            WOLFSSL_MSG("Global RNG no Init");
+        else
+            rng = &globalRNG;
+    }
+
+    if (rng) {
+       if (wc_DhGenerateKeyPair((DhKey*)dh->internal, rng, priv, &privSz,
+                                                               pub, &pubSz) < 0)
+            WOLFSSL_MSG("Bad wc_DhGenerateKeyPair");
+       else {
+            if (dh->pub_key)
+                wolfSSL_BN_free(dh->pub_key);
+   
+            dh->pub_key = wolfSSL_BN_new();
+            if (dh->pub_key == NULL) {
+                WOLFSSL_MSG("Bad DH new pub");
+            }
+            if (dh->priv_key)
+                wolfSSL_BN_free(dh->priv_key);
+
+            dh->priv_key = wolfSSL_BN_new();
+
+            if (dh->priv_key == NULL) {
+                WOLFSSL_MSG("Bad DH new priv");
+            }
+
+            if (dh->pub_key && dh->priv_key) {
+               if (wolfSSL_BN_bin2bn(pub, pubSz, dh->pub_key) == NULL)
+                   WOLFSSL_MSG("Bad DH bn2bin error pub");
+               else if (wolfSSL_BN_bin2bn(priv, privSz, dh->priv_key) == NULL)
+                   WOLFSSL_MSG("Bad DH bn2bin error priv");
+               else
+                   ret = SSL_SUCCESS;
+            }
+        }
+    }
+
+#ifdef WOLFSSL_SMALL_STACK
+    XFREE(tmpRNG, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    XFREE(pub,    NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    XFREE(priv,   NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+
+    return ret;
+}
+
+
+/* return key size on ok, 0 otherwise */
+int wolfSSL_DH_compute_key(unsigned char* key, WOLFSSL_BIGNUM* otherPub,
+                          WOLFSSL_DH* dh)
+{
+    int            ret    = 0;
+    word32         keySz  = 0;
+    word32         pubSz  = 1024;
+    word32         privSz = 1024;
+#ifdef WOLFSSL_SMALL_STACK
+    unsigned char* pub    = NULL;
+    unsigned char* priv   = NULL;
+#else
+    unsigned char  pub [1024];
+    unsigned char  priv[1024];
+#endif
+
+    WOLFSSL_MSG("wolfSSL_DH_compute_key");
+
+#ifdef WOLFSSL_SMALL_STACK
+    pub = (unsigned char*)XMALLOC(pubSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    if (pub == NULL)
+        return ret;
+
+    priv = (unsigned char*)XMALLOC(privSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    if (priv == NULL) {
+        XFREE(pub, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        return 0;
+    }
+#endif
+
+    if (dh == NULL || dh->priv_key == NULL || otherPub == NULL)
+        WOLFSSL_MSG("Bad function arguments");
+    else if ((keySz = (word32)DH_size(dh)) == 0)
+        WOLFSSL_MSG("Bad DH_size");
+    else if (wolfSSL_BN_bn2bin(dh->priv_key, NULL) > (int)privSz)
+        WOLFSSL_MSG("Bad priv internal size");
+    else if (wolfSSL_BN_bn2bin(otherPub, NULL) > (int)pubSz)
+        WOLFSSL_MSG("Bad otherPub size");
+    else {
+        privSz = wolfSSL_BN_bn2bin(dh->priv_key, priv);
+        pubSz  = wolfSSL_BN_bn2bin(otherPub, pub);
+
+        if (privSz <= 0 || pubSz <= 0)
+            WOLFSSL_MSG("Bad BN2bin set");
+        else if (wc_DhAgree((DhKey*)dh->internal, key, &keySz, priv, privSz, pub,
+                                                                     pubSz) < 0)
+            WOLFSSL_MSG("wc_DhAgree failed");
+        else
+            ret = (int)keySz;
+    }
+
+#ifdef WOLFSSL_SMALL_STACK
+    XFREE(pub,  NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    XFREE(priv, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+
+    return ret;
+}
+#endif /* NO_DH */
+
+
+#ifndef NO_DSA
+static void InitwolfSSL_DSA(WOLFSSL_DSA* dsa)
+{
+    if (dsa) {
+        dsa->p        = NULL;
+        dsa->q        = NULL;
+        dsa->g        = NULL;
+        dsa->pub_key  = NULL;
+        dsa->priv_key = NULL;
+        dsa->internal = NULL;
+        dsa->inSet    = 0;
+        dsa->exSet    = 0;
+    }
+}
+
+
+WOLFSSL_DSA* wolfSSL_DSA_new(void)
+{
+    WOLFSSL_DSA* external;
+    DsaKey*     key;
+
+    WOLFSSL_MSG("wolfSSL_DSA_new");
+
+    key = (DsaKey*) XMALLOC(sizeof(DsaKey), NULL, DYNAMIC_TYPE_DSA);
+    if (key == NULL) {
+        WOLFSSL_MSG("wolfSSL_DSA_new malloc DsaKey failure");
+        return NULL;
+    }
+
+    external = (WOLFSSL_DSA*) XMALLOC(sizeof(WOLFSSL_DSA), NULL,
+                                    DYNAMIC_TYPE_DSA);
+    if (external == NULL) {
+        WOLFSSL_MSG("wolfSSL_DSA_new malloc WOLFSSL_DSA failure");
+        XFREE(key, NULL, DYNAMIC_TYPE_DSA);
+        return NULL;
+    }
+
+    InitwolfSSL_DSA(external);
+    InitDsaKey(key);
+    external->internal = key;
+
+    return external;
+}
+
+
+void wolfSSL_DSA_free(WOLFSSL_DSA* dsa)
+{
+    WOLFSSL_MSG("wolfSSL_DSA_free");
+
+    if (dsa) {
+        if (dsa->internal) {
+            FreeDsaKey((DsaKey*)dsa->internal);
+            XFREE(dsa->internal, NULL, DYNAMIC_TYPE_DSA);
+            dsa->internal = NULL;
+        }
+        wolfSSL_BN_free(dsa->priv_key);
+        wolfSSL_BN_free(dsa->pub_key);
+        wolfSSL_BN_free(dsa->g);
+        wolfSSL_BN_free(dsa->q);
+        wolfSSL_BN_free(dsa->p);
+        InitwolfSSL_DSA(dsa);  /* set back to NULLs for safety */
+
+        XFREE(dsa, NULL, DYNAMIC_TYPE_DSA);
+    }
+}
+
+
+int wolfSSL_DSA_generate_key(WOLFSSL_DSA* dsa)
+{
+    (void)dsa;
+
+    WOLFSSL_MSG("wolfSSL_DSA_generate_key");
+
+    return 0;  /* key gen not needed by server */
+}
+
+
+int wolfSSL_DSA_generate_parameters_ex(WOLFSSL_DSA* dsa, int bits,
+               unsigned char* seed, int seedLen, int* counterRet,
+               unsigned long* hRet, void* cb)
+{
+    (void)dsa;
+    (void)bits;
+    (void)seed;
+    (void)seedLen;
+    (void)counterRet;
+    (void)hRet;
+    (void)cb;
+
+    WOLFSSL_MSG("wolfSSL_DSA_generate_parameters_ex");
+
+    return 0;  /* key gen not needed by server */
+}
+#endif /* NO_DSA */
+
+#ifndef NO_RSA
+static void InitwolfSSL_Rsa(WOLFSSL_RSA* rsa)
+{
+    if (rsa) {
+        rsa->n        = NULL;
+        rsa->e        = NULL;
+        rsa->d        = NULL;
+        rsa->p        = NULL;
+        rsa->q        = NULL;
+        rsa->dmp1     = NULL;
+        rsa->dmq1     = NULL;
+        rsa->iqmp     = NULL;
+        rsa->internal = NULL;
+        rsa->inSet    = 0;
+        rsa->exSet    = 0;
+    }
+}
+
+
+WOLFSSL_RSA* wolfSSL_RSA_new(void)
+{
+    WOLFSSL_RSA* external;
+    RsaKey*     key;
+
+    WOLFSSL_MSG("wolfSSL_RSA_new");
+
+    key = (RsaKey*) XMALLOC(sizeof(RsaKey), NULL, DYNAMIC_TYPE_RSA);
+    if (key == NULL) {
+        WOLFSSL_MSG("wolfSSL_RSA_new malloc RsaKey failure");
+        return NULL;
+    }
+
+    external = (WOLFSSL_RSA*) XMALLOC(sizeof(WOLFSSL_RSA), NULL,
+                                     DYNAMIC_TYPE_RSA);
+    if (external == NULL) {
+        WOLFSSL_MSG("wolfSSL_RSA_new malloc WOLFSSL_RSA failure");
+        XFREE(key, NULL, DYNAMIC_TYPE_RSA);
+        return NULL;
+    }
+
+    InitwolfSSL_Rsa(external);
+    if (wc_InitRsaKey(key, NULL) != 0) {
+        WOLFSSL_MSG("InitRsaKey WOLFSSL_RSA failure");
+        XFREE(external, NULL, DYNAMIC_TYPE_RSA);
+        XFREE(key, NULL, DYNAMIC_TYPE_RSA);
+        return NULL;
+    }
+    external->internal = key;
+
+    return external;
+}
+
+
+void wolfSSL_RSA_free(WOLFSSL_RSA* rsa)
+{
+    WOLFSSL_MSG("wolfSSL_RSA_free");
+
+    if (rsa) {
+        if (rsa->internal) {
+            wc_FreeRsaKey((RsaKey*)rsa->internal);
+            XFREE(rsa->internal, NULL, DYNAMIC_TYPE_RSA);
+            rsa->internal = NULL;
+        }
+        wolfSSL_BN_free(rsa->iqmp);
+        wolfSSL_BN_free(rsa->dmq1);
+        wolfSSL_BN_free(rsa->dmp1);
+        wolfSSL_BN_free(rsa->q);
+        wolfSSL_BN_free(rsa->p);
+        wolfSSL_BN_free(rsa->d);
+        wolfSSL_BN_free(rsa->e);
+        wolfSSL_BN_free(rsa->n);
+        InitwolfSSL_Rsa(rsa);  /* set back to NULLs for safety */
+
+        XFREE(rsa, NULL, DYNAMIC_TYPE_RSA);
+    }
+}
+#endif /* NO_RSA */
+
+
+#if !defined(NO_RSA) || !defined(NO_DSA)
+static int SetIndividualExternal(WOLFSSL_BIGNUM** bn, mp_int* mpi)
+{
+    WOLFSSL_MSG("Entering SetIndividualExternal");
+
+    if (mpi == NULL) {
+        WOLFSSL_MSG("mpi NULL error");
+        return SSL_FATAL_ERROR;
+    }
+
+    if (*bn == NULL) {
+        *bn = wolfSSL_BN_new();
+        if (*bn == NULL) {
+            WOLFSSL_MSG("SetIndividualExternal alloc failed");
+            return SSL_FATAL_ERROR;
+        }
+    }
+
+    if (mp_copy(mpi, (mp_int*)((*bn)->internal)) != MP_OKAY) {
+        WOLFSSL_MSG("mp_copy error");
+        return SSL_FATAL_ERROR;
+    }
+
+    return 0;
+}
+#endif /* !NO_RSA && !NO_DSA */
+
+
+#ifndef NO_DSA
+static int SetDsaExternal(WOLFSSL_DSA* dsa)
+{
+    DsaKey* key;
+    WOLFSSL_MSG("Entering SetDsaExternal");
+
+    if (dsa == NULL || dsa->internal == NULL) {
+        WOLFSSL_MSG("dsa key NULL error");
+        return SSL_FATAL_ERROR;
+    }
+
+    key = (DsaKey*)dsa->internal;
+
+    if (SetIndividualExternal(&dsa->p, &key->p) < 0) {
+        WOLFSSL_MSG("dsa p key error");
+        return SSL_FATAL_ERROR;
+    }
+
+    if (SetIndividualExternal(&dsa->q, &key->q) < 0) {
+        WOLFSSL_MSG("dsa q key error");
+        return SSL_FATAL_ERROR;
+    }
+
+    if (SetIndividualExternal(&dsa->g, &key->g) < 0) {
+        WOLFSSL_MSG("dsa g key error");
+        return SSL_FATAL_ERROR;
+    }
+
+    if (SetIndividualExternal(&dsa->pub_key, &key->y) < 0) {
+        WOLFSSL_MSG("dsa y key error");
+        return SSL_FATAL_ERROR;
+    }
+
+    if (SetIndividualExternal(&dsa->priv_key, &key->x) < 0) {
+        WOLFSSL_MSG("dsa x key error");
+        return SSL_FATAL_ERROR;
+    }
+
+    dsa->exSet = 1;
+
+    return 0;
+}
+#endif /* NO_DSA */
+
+
+#ifndef NO_RSA
+static int SetRsaExternal(WOLFSSL_RSA* rsa)
+{
+    RsaKey* key;
+    WOLFSSL_MSG("Entering SetRsaExternal");
+
+    if (rsa == NULL || rsa->internal == NULL) {
+        WOLFSSL_MSG("rsa key NULL error");
+        return SSL_FATAL_ERROR;
+    }
+
+    key = (RsaKey*)rsa->internal;
+
+    if (SetIndividualExternal(&rsa->n, &key->n) < 0) {
+        WOLFSSL_MSG("rsa n key error");
+        return SSL_FATAL_ERROR;
+    }
+
+    if (SetIndividualExternal(&rsa->e, &key->e) < 0) {
+        WOLFSSL_MSG("rsa e key error");
+        return SSL_FATAL_ERROR;
+    }
+
+    if (SetIndividualExternal(&rsa->d, &key->d) < 0) {
+        WOLFSSL_MSG("rsa d key error");
+        return SSL_FATAL_ERROR;
+    }
+
+    if (SetIndividualExternal(&rsa->p, &key->p) < 0) {
+        WOLFSSL_MSG("rsa p key error");
+        return SSL_FATAL_ERROR;
+    }
+
+    if (SetIndividualExternal(&rsa->q, &key->q) < 0) {
+        WOLFSSL_MSG("rsa q key error");
+        return SSL_FATAL_ERROR;
+    }
+
+    if (SetIndividualExternal(&rsa->dmp1, &key->dP) < 0) {
+        WOLFSSL_MSG("rsa dP key error");
+        return SSL_FATAL_ERROR;
+    }
+
+    if (SetIndividualExternal(&rsa->dmq1, &key->dQ) < 0) {
+        WOLFSSL_MSG("rsa dQ key error");
+        return SSL_FATAL_ERROR;
+    }
+
+    if (SetIndividualExternal(&rsa->iqmp, &key->u) < 0) {
+        WOLFSSL_MSG("rsa u key error");
+        return SSL_FATAL_ERROR;
+    }
+
+    rsa->exSet = 1;
+
+    return 0;
+}
+
+
+/* SSL_SUCCESS on ok */
+int wolfSSL_RSA_generate_key_ex(WOLFSSL_RSA* rsa, int bits, WOLFSSL_BIGNUM* bn,
+                               void* cb)
+{
+    int ret = SSL_FATAL_ERROR;
+
+    WOLFSSL_MSG("wolfSSL_RSA_generate_key_ex");
+
+    (void)rsa;
+    (void)bits;
+    (void)cb;
+    (void)bn;
+
+#ifdef WOLFSSL_KEY_GEN
+    {
+    #ifdef WOLFSSL_SMALL_STACK
+        RNG* rng = NULL;
+    #else
+        RNG  rng[1];
+    #endif
+
+    #ifdef WOLFSSL_SMALL_STACK
+        rng = (RNG*)XMALLOC(sizeof(RNG), NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        if (rng == NULL)
+            return SSL_FATAL_ERROR;
+    #endif
+
+        if (wc_InitRng(rng) < 0)
+            WOLFSSL_MSG("RNG init failed");
+        else if (wc_MakeRsaKey((RsaKey*)rsa->internal, bits, 65537, rng) < 0)
+            WOLFSSL_MSG("wc_MakeRsaKey failed");
+        else if (SetRsaExternal(rsa) < 0)
+            WOLFSSL_MSG("SetRsaExternal failed");
+        else {
+            rsa->inSet = 1;
+            ret = SSL_SUCCESS;
+        }
+
+    #ifdef WOLFSSL_SMALL_STACK
+        XFREE(rng, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    #endif
+    }
+#else
+    WOLFSSL_MSG("No Key Gen built in");
+#endif
+    return ret;
+}
+
+
+/* SSL_SUCCESS on ok */
+int wolfSSL_RSA_blinding_on(WOLFSSL_RSA* rsa, WOLFSSL_BN_CTX* bn)
+{
+    (void)rsa;
+    (void)bn;
+
+    WOLFSSL_MSG("wolfSSL_RSA_blinding_on");
+
+    return SSL_SUCCESS;  /* on by default */
+}
+
+
+int wolfSSL_RSA_public_encrypt(int len, unsigned char* fr,
+                            unsigned char* to, WOLFSSL_RSA* rsa, int padding)
+{
+    (void)len;
+    (void)fr;
+    (void)to;
+    (void)rsa;
+    (void)padding;
+
+    WOLFSSL_MSG("wolfSSL_RSA_public_encrypt");
+
+    return SSL_FATAL_ERROR;
+}
+
+
+int wolfSSL_RSA_private_decrypt(int len, unsigned char* fr,
+                            unsigned char* to, WOLFSSL_RSA* rsa, int padding)
+{
+    (void)len;
+    (void)fr;
+    (void)to;
+    (void)rsa;
+    (void)padding;
+
+    WOLFSSL_MSG("wolfSSL_RSA_private_decrypt");
+
+    return SSL_FATAL_ERROR;
+}
+
+
+int wolfSSL_RSA_size(const WOLFSSL_RSA* rsa)
+{
+    WOLFSSL_MSG("wolfSSL_RSA_size");
+
+    if (rsa == NULL)
+        return 0;
+
+    return wolfSSL_BN_num_bytes(rsa->n);
+}
+#endif /* NO_RSA */
+
+
+#ifndef NO_DSA
+/* return SSL_SUCCESS on success, < 0 otherwise */
+int wolfSSL_DSA_do_sign(const unsigned char* d, unsigned char* sigRet,
+                       WOLFSSL_DSA* dsa)
+{
+    int    ret = SSL_FATAL_ERROR;
+    RNG*   rng = NULL;
+#ifdef WOLFSSL_SMALL_STACK
+    RNG*   tmpRNG = NULL;
+#else
+    RNG    tmpRNG[1];
+#endif
+
+    WOLFSSL_MSG("wolfSSL_DSA_do_sign");
+
+    if (d == NULL || sigRet == NULL || dsa == NULL)
+        WOLFSSL_MSG("Bad function arguments");
+    else if (dsa->inSet == 0)
+        WOLFSSL_MSG("No DSA internal set");
+    else {
+    #ifdef WOLFSSL_SMALL_STACK
+        tmpRNG = (RNG*)XMALLOC(sizeof(RNG), NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        if (tmpRNG == NULL)
+            return SSL_FATAL_ERROR;
+    #endif
+
+        if (wc_InitRng(tmpRNG) == 0)
+            rng = tmpRNG;
+        else {
+            WOLFSSL_MSG("Bad RNG Init, trying global");
+            if (initGlobalRNG == 0)
+                WOLFSSL_MSG("Global RNG no Init");
+            else
+                rng = &globalRNG;
+        }
+
+        if (rng) {
+            if (DsaSign(d, sigRet, (DsaKey*)dsa->internal, rng) < 0)
+                WOLFSSL_MSG("DsaSign failed");
+            else
+                ret = SSL_SUCCESS;
+        }
+
+    #ifdef WOLFSSL_SMALL_STACK
+        XFREE(RNG, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    #endif
+    }
+
+    return ret;
+}
+#endif /* NO_DSA */
+
+
+#ifndef NO_RSA
+/* return SSL_SUCCES on ok, 0 otherwise */
+int wolfSSL_RSA_sign(int type, const unsigned char* m,
+                           unsigned int mLen, unsigned char* sigRet,
+                           unsigned int* sigLen, WOLFSSL_RSA* rsa)
+{
+    word32 outLen;    
+    word32 signSz;
+    RNG*   rng        = NULL;
+    int    ret        = 0;
+#ifdef WOLFSSL_SMALL_STACK
+    RNG*   tmpRNG     = NULL;
+    byte*  encodedSig = NULL;
+#else
+    RNG    tmpRNG[1];
+    byte   encodedSig[MAX_ENCODED_SIG_SZ];
+#endif
+
+    WOLFSSL_MSG("wolfSSL_RSA_sign");
+
+    if (m == NULL || sigRet == NULL || sigLen == NULL || rsa == NULL)
+        WOLFSSL_MSG("Bad function arguments");
+    else if (rsa->inSet == 0)
+        WOLFSSL_MSG("No RSA internal set");
+    else if (type != NID_md5 && type != NID_sha1)
+        WOLFSSL_MSG("Bad md type");
+    else {
+        outLen = (word32)wolfSSL_BN_num_bytes(rsa->n);
+
+    #ifdef WOLFSSL_SMALL_STACK
+        tmpRNG = (RNG*)XMALLOC(sizeof(RNG), NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        if (tmpRNG == NULL)
+            return 0;
+
+        encodedSig = (byte*)XMALLOC(MAX_ENCODED_SIG_SZ, NULL,
+                                                       DYNAMIC_TYPE_TMP_BUFFER);
+        if (encodedSig == NULL) {
+            XFREE(tmpRNG, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+            return 0;
+        }
+    #endif
+
+        if (outLen == 0)
+            WOLFSSL_MSG("Bad RSA size");
+        else if (wc_InitRng(tmpRNG) == 0)
+            rng = tmpRNG;
+        else {
+            WOLFSSL_MSG("Bad RNG Init, trying global");
+
+            if (initGlobalRNG == 0)
+                WOLFSSL_MSG("Global RNG no Init");
+            else
+                rng = &globalRNG;
+        }
+    }
+
+    if (rng) {
+        type = (type == NID_md5) ? MD5h : SHAh;
+
+        signSz = wc_EncodeSignature(encodedSig, m, mLen, type);
+        if (signSz == 0) {
+            WOLFSSL_MSG("Bad Encode Signature");
+        }
+        else {
+            *sigLen = wc_RsaSSL_Sign(encodedSig, signSz, sigRet, outLen,
+                                  (RsaKey*)rsa->internal, rng);
+            if (*sigLen <= 0)
+                WOLFSSL_MSG("Bad Rsa Sign");
+            else
+                ret = SSL_SUCCESS;
+        }
+
+    }
+
+#ifdef WOLFSSL_SMALL_STACK
+    XFREE(tmpRNG,     NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    XFREE(encodedSig, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+
+    WOLFSSL_MSG("wolfSSL_RSA_sign success");
+    return ret;
+}
+
+
+int wolfSSL_RSA_public_decrypt(int flen, unsigned char* from,
+                          unsigned char* to, WOLFSSL_RSA* rsa, int padding)
+{
+    (void)flen;
+    (void)from;
+    (void)to;
+    (void)rsa;
+    (void)padding;
+
+    WOLFSSL_MSG("wolfSSL_RSA_public_decrypt");
+
+    return SSL_FATAL_ERROR;
+}
+
+
+/* generate p-1 and q-1, SSL_SUCCESS on ok */
+int wolfSSL_RSA_GenAdd(WOLFSSL_RSA* rsa)
+{
+    int    err;
+    mp_int tmp;
+
+    WOLFSSL_MSG("wolfSSL_RsaGenAdd");
+
+    if (rsa == NULL || rsa->p == NULL || rsa->q == NULL || rsa->d == NULL ||
+                       rsa->dmp1 == NULL || rsa->dmq1 == NULL) {
+        WOLFSSL_MSG("rsa no init error");
+        return SSL_FATAL_ERROR;
+    }
+
+    if (mp_init(&tmp) != MP_OKAY) {
+        WOLFSSL_MSG("mp_init error");
+        return SSL_FATAL_ERROR;
+    }
+
+    err = mp_sub_d((mp_int*)rsa->p->internal, 1, &tmp);
+    if (err != MP_OKAY) {
+        WOLFSSL_MSG("mp_sub_d error");
+    }
+    else
+        err = mp_mod((mp_int*)rsa->d->internal, &tmp,
+                     (mp_int*)rsa->dmp1->internal);
+
+    if (err != MP_OKAY) {
+        WOLFSSL_MSG("mp_mod error");
+    }
+    else
+        err = mp_sub_d((mp_int*)rsa->q->internal, 1, &tmp);
+    if (err != MP_OKAY) {
+        WOLFSSL_MSG("mp_sub_d error");
+    }
+    else
+        err = mp_mod((mp_int*)rsa->d->internal, &tmp,
+                     (mp_int*)rsa->dmq1->internal);
+
+    mp_clear(&tmp);
+
+    if (err == MP_OKAY)
+        return SSL_SUCCESS;
+    else
+        return SSL_FATAL_ERROR;
+}
+#endif /* NO_RSA */
+
+
+void wolfSSL_HMAC_Init(WOLFSSL_HMAC_CTX* ctx, const void* key, int keylen,
+                  const EVP_MD* type)
+{
+    WOLFSSL_MSG("wolfSSL_HMAC_Init");
+
+    if (ctx == NULL) {
+        WOLFSSL_MSG("no ctx on init");
+        return;
+    }
+
+    if (type) {
+        WOLFSSL_MSG("init has type");
+
+        if (XSTRNCMP(type, "MD5", 3) == 0) {
+            WOLFSSL_MSG("md5 hmac");
+            ctx->type = MD5;
+        }
+        else if (XSTRNCMP(type, "SHA256", 6) == 0) {
+            WOLFSSL_MSG("sha256 hmac");
+            ctx->type = SHA256;
+        }
+
+        /* has to be last since would pick or 256, 384, or 512 too */
+        else if (XSTRNCMP(type, "SHA", 3) == 0) {
+            WOLFSSL_MSG("sha hmac");
+            ctx->type = SHA;
+        }
+        else {
+            WOLFSSL_MSG("bad init type");
+        }
+    }
+
+    if (key && keylen) {
+        WOLFSSL_MSG("keying hmac");
+        wc_HmacSetKey(&ctx->hmac, ctx->type, (const byte*)key, (word32)keylen);
+        /* OpenSSL compat, no error */
+    }
+}
+
+
+void wolfSSL_HMAC_Update(WOLFSSL_HMAC_CTX* ctx, const unsigned char* data,
+                    int len)
+{
+    WOLFSSL_MSG("wolfSSL_HMAC_Update");
+
+    if (ctx && data) {
+        WOLFSSL_MSG("updating hmac");
+        wc_HmacUpdate(&ctx->hmac, data, (word32)len);
+        /* OpenSSL compat, no error */
+    }
+}
+
+
+void wolfSSL_HMAC_Final(WOLFSSL_HMAC_CTX* ctx, unsigned char* hash,
+                   unsigned int* len)
+{
+    WOLFSSL_MSG("wolfSSL_HMAC_Final");
+
+    if (ctx && hash) {
+        WOLFSSL_MSG("final hmac");
+        wc_HmacFinal(&ctx->hmac, hash);
+        /* OpenSSL compat, no error */
+
+        if (len) {
+            WOLFSSL_MSG("setting output len");
+            switch (ctx->type) {
+                case MD5:
+                    *len = MD5_DIGEST_SIZE;
+                    break;
+
+                case SHA:
+                    *len = SHA_DIGEST_SIZE;
+                    break;
+
+                case SHA256:
+                    *len = SHA256_DIGEST_SIZE;
+                    break;
+
+                default:
+                    WOLFSSL_MSG("bad hmac type");
+            }
+        }
+    }
+}
+
+
+void wolfSSL_HMAC_cleanup(WOLFSSL_HMAC_CTX* ctx)
+{
+    (void)ctx;
+
+    WOLFSSL_MSG("wolfSSL_HMAC_cleanup");
+}
+
+
+const WOLFSSL_EVP_MD* wolfSSL_EVP_get_digestbynid(int id)
+{
+    WOLFSSL_MSG("wolfSSL_get_digestbynid");
+
+    switch(id) {
+        case NID_md5:
+            return wolfSSL_EVP_md5();
+
+        case NID_sha1:
+            return wolfSSL_EVP_sha1();
+
+        default:
+            WOLFSSL_MSG("Bad digest id value");
+    }
+
+    return NULL;
+}
+
+
+WOLFSSL_RSA* wolfSSL_EVP_PKEY_get1_RSA(WOLFSSL_EVP_PKEY* key)
+{
+    (void)key;
+    WOLFSSL_MSG("wolfSSL_EVP_PKEY_get1_RSA");
+
+    return NULL;
+}
+
+
+WOLFSSL_DSA* wolfSSL_EVP_PKEY_get1_DSA(WOLFSSL_EVP_PKEY* key)
+{
+    (void)key;
+    WOLFSSL_MSG("wolfSSL_EVP_PKEY_get1_DSA");
+
+    return NULL;
+}
+
+
+void* wolfSSL_EVP_X_STATE(const WOLFSSL_EVP_CIPHER_CTX* ctx)
+{
+    WOLFSSL_MSG("wolfSSL_EVP_X_STATE");
+
+    if (ctx) {
+        switch (ctx->cipherType) {
+            case ARC4_TYPE:
+                WOLFSSL_MSG("returning arc4 state");
+                return (void*)&ctx->cipher.arc4.x;
+
+            default:
+                WOLFSSL_MSG("bad x state type");
+                return 0;
+        }
+    }
+
+    return NULL;
+}
+
+
+int wolfSSL_EVP_X_STATE_LEN(const WOLFSSL_EVP_CIPHER_CTX* ctx)
+{
+    WOLFSSL_MSG("wolfSSL_EVP_X_STATE_LEN");
+
+    if (ctx) {
+        switch (ctx->cipherType) {
+            case ARC4_TYPE:
+                WOLFSSL_MSG("returning arc4 state size");
+                return sizeof(Arc4);
+
+            default:
+                WOLFSSL_MSG("bad x state type");
+                return 0;
+        }
+    }
+
+    return 0;
+}
+
+
+void wolfSSL_3des_iv(WOLFSSL_EVP_CIPHER_CTX* ctx, int doset,
+                            unsigned char* iv, int len)
+{
+    (void)len;
+
+    WOLFSSL_MSG("wolfSSL_3des_iv");
+
+    if (ctx == NULL || iv == NULL) {
+        WOLFSSL_MSG("Bad function argument");
+        return;
+    }
+
+    if (doset)
+        wc_Des3_SetIV(&ctx->cipher.des3, iv);  /* OpenSSL compat, no ret */
+    else
+        memcpy(iv, &ctx->cipher.des3.reg, DES_BLOCK_SIZE);
+}
+
+
+void wolfSSL_aes_ctr_iv(WOLFSSL_EVP_CIPHER_CTX* ctx, int doset,
+                      unsigned char* iv, int len)
+{
+    (void)len;
+
+    WOLFSSL_MSG("wolfSSL_aes_ctr_iv");
+
+    if (ctx == NULL || iv == NULL) {
+        WOLFSSL_MSG("Bad function argument");
+        return;
+    }
+
+    if (doset)
+        wc_AesSetIV(&ctx->cipher.aes, iv);  /* OpenSSL compat, no ret */
+    else
+        memcpy(iv, &ctx->cipher.aes.reg, AES_BLOCK_SIZE);
+}
+
+
+const WOLFSSL_EVP_MD* wolfSSL_EVP_ripemd160(void)
+{
+    WOLFSSL_MSG("wolfSSL_ripemd160");
+
+    return NULL;
+}
+
+
+int wolfSSL_EVP_MD_size(const WOLFSSL_EVP_MD* type)
+{
+    WOLFSSL_MSG("wolfSSL_EVP_MD_size");
+
+    if (type == NULL) {
+        WOLFSSL_MSG("No md type arg");
+        return BAD_FUNC_ARG;
+    }
+
+    if (XSTRNCMP(type, "MD5", 3) == 0) {
+        return MD5_DIGEST_SIZE;
+    }
+    else if (XSTRNCMP(type, "SHA256", 6) == 0) {
+        return SHA256_DIGEST_SIZE;
+    }
+#ifdef WOLFSSL_SHA384
+    else if (XSTRNCMP(type, "SHA384", 6) == 0) {
+        return SHA384_DIGEST_SIZE;
+    }
+#endif
+#ifdef WOLFSSL_SHA512
+    else if (XSTRNCMP(type, "SHA512", 6) == 0) {
+        return SHA512_DIGEST_SIZE;
+    }
+#endif
+    /* has to be last since would pick or 256, 384, or 512 too */
+    else if (XSTRNCMP(type, "SHA", 3) == 0) {
+        return SHA_DIGEST_SIZE;
+    }
+
+    return BAD_FUNC_ARG;
+}
+
+
+int wolfSSL_EVP_CIPHER_CTX_iv_length(const WOLFSSL_EVP_CIPHER_CTX* ctx)
+{
+    WOLFSSL_MSG("wolfSSL_EVP_CIPHER_CTX_iv_length");
+
+    switch (ctx->cipherType) {
+
+        case AES_128_CBC_TYPE :
+        case AES_192_CBC_TYPE :
+        case AES_256_CBC_TYPE :
+            WOLFSSL_MSG("AES CBC");
+            return AES_BLOCK_SIZE;
+
+#ifdef WOLFSSL_AES_COUNTER
+        case AES_128_CTR_TYPE :
+        case AES_192_CTR_TYPE :
+        case AES_256_CTR_TYPE :
+            WOLFSSL_MSG("AES CTR");
+            return AES_BLOCK_SIZE;
+#endif
+
+        case DES_CBC_TYPE :
+            WOLFSSL_MSG("DES CBC");
+            return DES_BLOCK_SIZE;
+
+        case DES_EDE3_CBC_TYPE :
+            WOLFSSL_MSG("DES EDE3 CBC");
+            return DES_BLOCK_SIZE;
+
+        case ARC4_TYPE :
+            WOLFSSL_MSG("ARC4");
+            return 0;
+
+        case NULL_CIPHER_TYPE :
+            WOLFSSL_MSG("NULL");
+            return 0;
+
+        default: {
+            WOLFSSL_MSG("bad type");
+        }
+    }
+    return 0;
+}
+
+
+void wolfSSL_OPENSSL_free(void* p)
+{
+    WOLFSSL_MSG("wolfSSL_OPENSSL_free");
+
+    XFREE(p, NULL, 0);
+}
+
+
+int wolfSSL_PEM_write_bio_RSAPrivateKey(WOLFSSL_BIO* bio, RSA* rsa,
+                                  const EVP_CIPHER* cipher,
+                                  unsigned char* passwd, int len,
+                                  pem_password_cb cb, void* arg)
+{
+    (void)bio;
+    (void)rsa;
+    (void)cipher;
+    (void)passwd;
+    (void)len;
+    (void)cb;
+    (void)arg;
+
+    WOLFSSL_MSG("wolfSSL_PEM_write_bio_RSAPrivateKey");
+
+    return SSL_FATAL_ERROR;
+}
+
+
+
+int wolfSSL_PEM_write_bio_DSAPrivateKey(WOLFSSL_BIO* bio, DSA* rsa,
+                                  const EVP_CIPHER* cipher,
+                                  unsigned char* passwd, int len,
+                                  pem_password_cb cb, void* arg)
+{
+    (void)bio;
+    (void)rsa;
+    (void)cipher;
+    (void)passwd;
+    (void)len;
+    (void)cb;
+    (void)arg;
+
+    WOLFSSL_MSG("wolfSSL_PEM_write_bio_DSAPrivateKey");
+
+    return SSL_FATAL_ERROR;
+}
+
+
+
+WOLFSSL_EVP_PKEY* wolfSSL_PEM_read_bio_PrivateKey(WOLFSSL_BIO* bio,
+                    WOLFSSL_EVP_PKEY** key, pem_password_cb cb, void* arg)
+{
+    (void)bio;
+    (void)key;
+    (void)cb;
+    (void)arg;
+
+    WOLFSSL_MSG("wolfSSL_PEM_read_bio_PrivateKey");
+
+    return NULL;
+}
+
+
+
+#ifndef NO_RSA
+/* Load RSA from Der, SSL_SUCCESS on success < 0 on error */
+int wolfSSL_RSA_LoadDer(WOLFSSL_RSA* rsa, const unsigned char* der,  int derSz)
+{
+    word32 idx = 0;
+    int    ret;
+
+    WOLFSSL_ENTER("wolfSSL_RSA_LoadDer");
+
+    if (rsa == NULL || rsa->internal == NULL || der == NULL || derSz <= 0) {
+        WOLFSSL_MSG("Bad function arguments");
+        return BAD_FUNC_ARG;
+    }
+
+    ret = wc_RsaPrivateKeyDecode(der, &idx, (RsaKey*)rsa->internal, derSz);
+    if (ret < 0) {
+        WOLFSSL_MSG("RsaPrivateKeyDecode failed");
+        return ret;
+    }
+
+    if (SetRsaExternal(rsa) < 0) {
+        WOLFSSL_MSG("SetRsaExternal failed");
+        return SSL_FATAL_ERROR;
+    }
+
+    rsa->inSet = 1;
+
+    return SSL_SUCCESS;
+}
+#endif /* NO_RSA */
+
+
+#ifndef NO_DSA
+/* Load DSA from Der, SSL_SUCCESS on success < 0 on error */
+int wolfSSL_DSA_LoadDer(WOLFSSL_DSA* dsa, const unsigned char* der,  int derSz)
+{
+    word32 idx = 0;
+    int    ret;
+
+    WOLFSSL_ENTER("wolfSSL_DSA_LoadDer");
+
+    if (dsa == NULL || dsa->internal == NULL || der == NULL || derSz <= 0) {
+        WOLFSSL_MSG("Bad function arguments");
+        return BAD_FUNC_ARG;
+    }
+
+    ret = DsaPrivateKeyDecode(der, &idx, (DsaKey*)dsa->internal, derSz);
+    if (ret < 0) {
+        WOLFSSL_MSG("DsaPrivateKeyDecode failed");
+        return ret;
+    }
+
+    if (SetDsaExternal(dsa) < 0) {
+        WOLFSSL_MSG("SetDsaExternal failed");
+        return SSL_FATAL_ERROR;
+    }
+
+    dsa->inSet = 1;
+
+    return SSL_SUCCESS;
+}
+#endif /* NO_DSA */
+
+
+
+
+#endif /* OPENSSL_EXTRA */
+
+
+#ifdef SESSION_CERTS
+
+
+/* Get peer's certificate chain */
+WOLFSSL_X509_CHAIN* wolfSSL_get_peer_chain(WOLFSSL* ssl)
+{
+    WOLFSSL_ENTER("wolfSSL_get_peer_chain");
+    if (ssl)
+        return &ssl->session.chain;
+
+    return 0;
+}
+
+
+/* Get peer's certificate chain total count */
+int wolfSSL_get_chain_count(WOLFSSL_X509_CHAIN* chain)
+{
+    WOLFSSL_ENTER("wolfSSL_get_chain_count");
+    if (chain)
+        return chain->count;
+
+    return 0;
+}
+
+
+/* Get peer's ASN.1 DER ceritifcate at index (idx) length in bytes */
+int wolfSSL_get_chain_length(WOLFSSL_X509_CHAIN* chain, int idx)
+{
+    WOLFSSL_ENTER("wolfSSL_get_chain_length");
+    if (chain)
+        return chain->certs[idx].length;
+
+    return 0;
+}
+
+
+/* Get peer's ASN.1 DER ceritifcate at index (idx) */
+byte* wolfSSL_get_chain_cert(WOLFSSL_X509_CHAIN* chain, int idx)
+{
+    WOLFSSL_ENTER("wolfSSL_get_chain_cert");
+    if (chain)
+        return chain->certs[idx].buffer;
+
+    return 0;
+}
+
+
+/* Get peer's wolfSSL X509 ceritifcate at index (idx) */
+WOLFSSL_X509* wolfSSL_get_chain_X509(WOLFSSL_X509_CHAIN* chain, int idx)
+{
+    int          ret;
+    WOLFSSL_X509* x509 = NULL;
+#ifdef WOLFSSL_SMALL_STACK
+    DecodedCert* cert = NULL;
+#else
+    DecodedCert  cert[1];
+#endif
+
+    WOLFSSL_ENTER("wolfSSL_get_chain_X509");
+    if (chain != NULL) {
+    #ifdef WOLFSSL_SMALL_STACK
+        cert = (DecodedCert*)XMALLOC(sizeof(DecodedCert), NULL,
+                                                       DYNAMIC_TYPE_TMP_BUFFER);
+        if (cert != NULL)
+    #endif
+        {
+            InitDecodedCert(cert, chain->certs[idx].buffer,
+                                  chain->certs[idx].length, NULL);
+
+            if ((ret = ParseCertRelative(cert, CERT_TYPE, 0, NULL)) != 0)
+                WOLFSSL_MSG("Failed to parse cert");
+            else {
+                x509 = (WOLFSSL_X509*)XMALLOC(sizeof(WOLFSSL_X509), NULL,
+                                                             DYNAMIC_TYPE_X509);
+                if (x509 == NULL) {
+                    WOLFSSL_MSG("Failed alloc X509");
+                }
+                else {
+                    InitX509(x509, 1);
+
+                    if ((ret = CopyDecodedToX509(x509, cert)) != 0) {
+                        WOLFSSL_MSG("Failed to copy decoded");
+                        XFREE(x509, NULL, DYNAMIC_TYPE_X509);
+                        x509 = NULL;
+                    }
+                }
+            }
+
+            FreeDecodedCert(cert);
+        #ifdef WOLFSSL_SMALL_STACK
+            XFREE(cert, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        #endif
+        }
+    }
+
+    return x509;
+}
+
+
+/* Get peer's PEM ceritifcate at index (idx), output to buffer if inLen big
+   enough else return error (-1), output length is in *outLen
+   SSL_SUCCESS on ok */
+int  wolfSSL_get_chain_cert_pem(WOLFSSL_X509_CHAIN* chain, int idx,
+                               unsigned char* buf, int inLen, int* outLen)
+{
+    const char header[] = "-----BEGIN CERTIFICATE-----\n";
+    const char footer[] = "-----END CERTIFICATE-----\n";
+
+    int headerLen = sizeof(header) - 1;
+    int footerLen = sizeof(footer) - 1;
+    int i;
+    int err;
+
+    WOLFSSL_ENTER("wolfSSL_get_chain_cert_pem");
+    if (!chain || !outLen || !buf)
+        return BAD_FUNC_ARG;
+
+    /* don't even try if inLen too short */
+    if (inLen < headerLen + footerLen + chain->certs[idx].length)
+        return BAD_FUNC_ARG;
+
+    /* header */
+    XMEMCPY(buf, header, headerLen);
+    i = headerLen;
+
+    /* body */
+    *outLen = inLen;  /* input to Base64_Encode */
+    if ( (err = Base64_Encode(chain->certs[idx].buffer,
+                       chain->certs[idx].length, buf + i, (word32*)outLen)) < 0)
+        return err;
+    i += *outLen;
+
+    /* footer */
+    if ( (i + footerLen) > inLen)
+        return BAD_FUNC_ARG;
+    XMEMCPY(buf + i, footer, footerLen);
+    *outLen += headerLen + footerLen;
+
+    return SSL_SUCCESS;
+}
+
+
+/* get session ID */
+const byte* wolfSSL_get_sessionID(const WOLFSSL_SESSION* session)
+{
+    WOLFSSL_ENTER("wolfSSL_get_sessionID");
+    if (session)
+        return session->sessionID;
+
+    return NULL;
+}
+
+
+#endif /* SESSION_CERTS */
+
+#ifdef HAVE_FUZZER
+void wolfSSL_SetFuzzerCb(WOLFSSL* ssl, CallbackFuzzer cbf, void* fCtx)
+{
+    if (ssl) {
+        ssl->fuzzerCb  = cbf;
+        ssl->fuzzerCtx = fCtx;
+    }
+}
+#endif
+
+#ifndef NO_CERTS
+#ifdef  HAVE_PK_CALLBACKS
+
+#ifdef HAVE_ECC
+
+void  wolfSSL_CTX_SetEccSignCb(WOLFSSL_CTX* ctx, CallbackEccSign cb)
+{
+    if (ctx)
+        ctx->EccSignCb = cb;
+}
+
+
+void  wolfSSL_SetEccSignCtx(WOLFSSL* ssl, void *ctx)
+{
+    if (ssl)
+        ssl->EccSignCtx = ctx;
+}
+
+
+void* wolfSSL_GetEccSignCtx(WOLFSSL* ssl)
+{
+    if (ssl)
+        return ssl->EccSignCtx;
+
+    return NULL;
+}
+
+
+void  wolfSSL_CTX_SetEccVerifyCb(WOLFSSL_CTX* ctx, CallbackEccVerify cb)
+{
+    if (ctx)
+        ctx->EccVerifyCb = cb;
+}
+
+
+void  wolfSSL_SetEccVerifyCtx(WOLFSSL* ssl, void *ctx)
+{
+    if (ssl)
+        ssl->EccVerifyCtx = ctx;
+}
+
+
+void* wolfSSL_GetEccVerifyCtx(WOLFSSL* ssl)
+{
+    if (ssl)
+        return ssl->EccVerifyCtx;
+
+    return NULL;
+}
+
+#endif /* HAVE_ECC */
+
+#ifndef NO_RSA
+
+void  wolfSSL_CTX_SetRsaSignCb(WOLFSSL_CTX* ctx, CallbackRsaSign cb)
+{
+    if (ctx)
+        ctx->RsaSignCb = cb;
+}
+
+
+void  wolfSSL_SetRsaSignCtx(WOLFSSL* ssl, void *ctx)
+{
+    if (ssl)
+        ssl->RsaSignCtx = ctx;
+}
+
+
+void* wolfSSL_GetRsaSignCtx(WOLFSSL* ssl)
+{
+    if (ssl)
+        return ssl->RsaSignCtx;
+
+    return NULL;
+}
+
+
+void  wolfSSL_CTX_SetRsaVerifyCb(WOLFSSL_CTX* ctx, CallbackRsaVerify cb)
+{
+    if (ctx)
+        ctx->RsaVerifyCb = cb;
+}
+
+
+void  wolfSSL_SetRsaVerifyCtx(WOLFSSL* ssl, void *ctx)
+{
+    if (ssl)
+        ssl->RsaVerifyCtx = ctx;
+}
+
+
+void* wolfSSL_GetRsaVerifyCtx(WOLFSSL* ssl)
+{
+    if (ssl)
+        return ssl->RsaVerifyCtx;
+
+    return NULL;
+}
+
+void  wolfSSL_CTX_SetRsaEncCb(WOLFSSL_CTX* ctx, CallbackRsaEnc cb)
+{
+    if (ctx)
+        ctx->RsaEncCb = cb;
+}
+
+
+void  wolfSSL_SetRsaEncCtx(WOLFSSL* ssl, void *ctx)
+{
+    if (ssl)
+        ssl->RsaEncCtx = ctx;
+}
+
+
+void* wolfSSL_GetRsaEncCtx(WOLFSSL* ssl)
+{
+    if (ssl)
+        return ssl->RsaEncCtx;
+
+    return NULL;
+}
+
+void  wolfSSL_CTX_SetRsaDecCb(WOLFSSL_CTX* ctx, CallbackRsaDec cb)
+{
+    if (ctx)
+        ctx->RsaDecCb = cb;
+}
+
+
+void  wolfSSL_SetRsaDecCtx(WOLFSSL* ssl, void *ctx)
+{
+    if (ssl)
+        ssl->RsaDecCtx = ctx;
+}
+
+
+void* wolfSSL_GetRsaDecCtx(WOLFSSL* ssl)
+{
+    if (ssl)
+        return ssl->RsaDecCtx;
+
+    return NULL;
+}
+
+
+#endif /* NO_RSA */
+
+#endif /* HAVE_PK_CALLBACKS */
+#endif /* NO_CERTS */
+
+
+#ifdef WOLFSSL_HAVE_WOLFSCEP
+    /* Used by autoconf to see if wolfSCEP is available */
+    void wolfSSL_wolfSCEP(void) {}
+#endif
+
+
+#ifdef WOLFSSL_HAVE_CERT_SERVICE
+    /* Used by autoconf to see if cert service is available */
+    void wolfSSL_cert_service(void) {}
+#endif
+
diff --git a/3P/wolfssl/src/tls.c b/3P/wolfssl/src/tls.c
new file mode 100644
index 00000000..6b2ee04e
--- /dev/null
+++ b/3P/wolfssl/src/tls.c
@@ -0,0 +1,2389 @@
+/* tls.c
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#ifdef HAVE_CONFIG_H
+    #include 
+#endif
+
+#include 
+
+#include 
+#include 
+#include 
+#include 
+#ifdef NO_INLINE
+    #include 
+#else
+    #include 
+#endif
+
+
+
+#ifndef NO_TLS
+
+
+#ifndef min
+
+    static INLINE word32 min(word32 a, word32 b)
+    {
+        return a > b ? b : a;
+    }
+
+#endif /* min */
+
+
+#ifdef WOLFSSL_SHA384
+    #define P_HASH_MAX_SIZE SHA384_DIGEST_SIZE
+#else
+    #define P_HASH_MAX_SIZE SHA256_DIGEST_SIZE
+#endif
+
+/* compute p_hash for MD5, SHA-1, SHA-256, or SHA-384 for TLSv1 PRF */
+static int p_hash(byte* result, word32 resLen, const byte* secret,
+                   word32 secLen, const byte* seed, word32 seedLen, int hash)
+{
+    word32 len = P_HASH_MAX_SIZE;
+    word32 times;
+    word32 lastLen;
+    word32 lastTime;
+    word32 i;
+    word32 idx = 0;
+    int    ret = 0;
+#ifdef WOLFSSL_SMALL_STACK
+    byte*  previous;
+    byte*  current;
+    Hmac*  hmac;    
+#else
+    byte   previous[P_HASH_MAX_SIZE];  /* max size */
+    byte   current[P_HASH_MAX_SIZE];   /* max size */
+    Hmac   hmac[1];
+#endif
+
+#ifdef WOLFSSL_SMALL_STACK
+    previous = (byte*)XMALLOC(P_HASH_MAX_SIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    current  = (byte*)XMALLOC(P_HASH_MAX_SIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    hmac     = (Hmac*)XMALLOC(sizeof(Hmac),    NULL, DYNAMIC_TYPE_TMP_BUFFER);
+
+    if (previous == NULL || current == NULL || hmac == NULL) {
+        if (previous) XFREE(previous, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        if (current)  XFREE(current,  NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        if (hmac)     XFREE(hmac,     NULL, DYNAMIC_TYPE_TMP_BUFFER);
+
+        return MEMORY_E;
+    }
+#endif
+
+    switch (hash) {
+        #ifndef NO_MD5
+            case md5_mac:
+                hash = MD5;
+                len  = MD5_DIGEST_SIZE;
+            break;
+        #endif
+
+        #ifndef NO_SHA256
+            case sha256_mac:
+                hash = SHA256;
+                len  = SHA256_DIGEST_SIZE;
+            break;
+        #endif
+
+        #ifdef WOLFSSL_SHA384
+            case sha384_mac:
+                hash = SHA384;
+                len  = SHA384_DIGEST_SIZE;
+            break;
+        #endif
+
+        #ifndef NO_SHA
+            case sha_mac:
+            default:
+                hash = SHA;
+                len  = SHA_DIGEST_SIZE;
+            break;
+        #endif
+    }
+
+    times   = resLen / len;
+    lastLen = resLen % len;
+
+    if (lastLen)
+        times += 1;
+
+    lastTime = times - 1;
+
+    if ((ret = wc_HmacSetKey(hmac, hash, secret, secLen)) == 0) {
+        if ((ret = wc_HmacUpdate(hmac, seed, seedLen)) == 0) { /* A0 = seed */
+            if ((ret = wc_HmacFinal(hmac, previous)) == 0) {   /* A1 */
+                for (i = 0; i < times; i++) {
+                    ret = wc_HmacUpdate(hmac, previous, len);
+                    if (ret != 0)
+                        break;
+                    ret = wc_HmacUpdate(hmac, seed, seedLen);
+                    if (ret != 0)
+                        break;
+                    ret = wc_HmacFinal(hmac, current);
+                    if (ret != 0)
+                        break;
+
+                    if ((i == lastTime) && lastLen)
+                        XMEMCPY(&result[idx], current, 
+                                                 min(lastLen, P_HASH_MAX_SIZE));
+                    else {
+                        XMEMCPY(&result[idx], current, len);
+                        idx += len;
+                        ret = wc_HmacUpdate(hmac, previous, len);
+                        if (ret != 0)
+                            break;
+                        ret = wc_HmacFinal(hmac, previous);
+                        if (ret != 0)
+                            break;
+                    }
+                }
+            }
+        }
+    }
+
+    ForceZero(previous,  P_HASH_MAX_SIZE);
+    ForceZero(current,   P_HASH_MAX_SIZE);
+    ForceZero(hmac,      sizeof(Hmac));
+
+#ifdef WOLFSSL_SMALL_STACK
+    XFREE(previous, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    XFREE(current,  NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    XFREE(hmac,     NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+
+    return ret;
+}
+
+#undef P_HASH_MAX_SIZE
+
+
+#ifndef NO_OLD_TLS
+
+/* calculate XOR for TLSv1 PRF */
+static INLINE void get_xor(byte *digest, word32 digLen, byte* md5, byte* sha)
+{
+    word32 i;
+
+    for (i = 0; i < digLen; i++) 
+        digest[i] = md5[i] ^ sha[i];
+}
+
+
+/* compute TLSv1 PRF (pseudo random function using HMAC) */
+static int doPRF(byte* digest, word32 digLen, const byte* secret,word32 secLen,
+                 const byte* label, word32 labLen, const byte* seed,
+                 word32 seedLen)
+{
+    int    ret  = 0;
+    word32 half = (secLen + 1) / 2;
+
+#ifdef WOLFSSL_SMALL_STACK
+    byte* md5_half;
+    byte* sha_half;
+    byte* labelSeed;
+    byte* md5_result;
+    byte* sha_result;
+#else
+    byte  md5_half[MAX_PRF_HALF];     /* half is real size */
+    byte  sha_half[MAX_PRF_HALF];     /* half is real size */
+    byte  labelSeed[MAX_PRF_LABSEED]; /* labLen + seedLen is real size */
+    byte  md5_result[MAX_PRF_DIG];    /* digLen is real size */
+    byte  sha_result[MAX_PRF_DIG];    /* digLen is real size */
+#endif
+
+    if (half > MAX_PRF_HALF)
+        return BUFFER_E;
+    if (labLen + seedLen > MAX_PRF_LABSEED)
+        return BUFFER_E;
+    if (digLen > MAX_PRF_DIG)
+        return BUFFER_E;
+
+#ifdef WOLFSSL_SMALL_STACK
+    md5_half   = (byte*)XMALLOC(MAX_PRF_HALF,    NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    sha_half   = (byte*)XMALLOC(MAX_PRF_HALF,    NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    labelSeed  = (byte*)XMALLOC(MAX_PRF_LABSEED, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    md5_result = (byte*)XMALLOC(MAX_PRF_DIG,     NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    sha_result = (byte*)XMALLOC(MAX_PRF_DIG,     NULL, DYNAMIC_TYPE_TMP_BUFFER);
+
+    if (md5_half == NULL || sha_half == NULL || labelSeed == NULL ||
+                                     md5_result == NULL || sha_result == NULL) {
+        if (md5_half)   XFREE(md5_half,   NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        if (sha_half)   XFREE(sha_half,   NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        if (labelSeed)  XFREE(labelSeed,  NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        if (md5_result) XFREE(md5_result, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        if (sha_result) XFREE(sha_result, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+
+        return MEMORY_E;
+    }
+#endif
+
+    XMEMSET(md5_result, 0, digLen);
+    XMEMSET(sha_result, 0, digLen);
+
+    XMEMCPY(md5_half, secret, half);
+    XMEMCPY(sha_half, secret + half - secLen % 2, half);
+
+    XMEMCPY(labelSeed, label, labLen);
+    XMEMCPY(labelSeed + labLen, seed, seedLen);
+
+    if ((ret = p_hash(md5_result, digLen, md5_half, half, labelSeed,
+                                             labLen + seedLen, md5_mac)) == 0) {
+        if ((ret = p_hash(sha_result, digLen, sha_half, half, labelSeed,
+                                             labLen + seedLen, sha_mac)) == 0) {
+            get_xor(digest, digLen, md5_result, sha_result);
+        }
+    }
+
+#ifdef WOLFSSL_SMALL_STACK
+    XFREE(md5_half,   NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    XFREE(sha_half,   NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    XFREE(labelSeed,  NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    XFREE(md5_result, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    XFREE(sha_result, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+
+    return ret;
+}
+
+#endif
+
+
+/* Wrapper to call straight thru to p_hash in TSL 1.2 cases to remove stack
+   use */
+static int PRF(byte* digest, word32 digLen, const byte* secret, word32 secLen,
+            const byte* label, word32 labLen, const byte* seed, word32 seedLen,
+            int useAtLeastSha256, int hash_type)
+{
+    int ret = 0;
+
+    if (useAtLeastSha256) {
+#ifdef WOLFSSL_SMALL_STACK
+        byte* labelSeed;
+#else
+        byte labelSeed[MAX_PRF_LABSEED]; /* labLen + seedLen is real size */
+#endif
+
+        if (labLen + seedLen > MAX_PRF_LABSEED)
+            return BUFFER_E;
+        
+#ifdef WOLFSSL_SMALL_STACK
+        labelSeed = (byte*)XMALLOC(MAX_PRF_LABSEED, NULL,
+                                                       DYNAMIC_TYPE_TMP_BUFFER);
+        if (labelSeed == NULL)
+           return MEMORY_E;
+#endif
+
+        XMEMCPY(labelSeed, label, labLen);
+        XMEMCPY(labelSeed + labLen, seed, seedLen);
+
+        /* If a cipher suite wants an algorithm better than sha256, it
+         * should use better. */
+        if (hash_type < sha256_mac)
+            hash_type = sha256_mac;
+        ret = p_hash(digest, digLen, secret, secLen, labelSeed,
+                     labLen + seedLen, hash_type);
+
+#ifdef WOLFSSL_SMALL_STACK
+        XFREE(labelSeed, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+    }
+#ifndef NO_OLD_TLS
+    else {
+        ret = doPRF(digest, digLen, secret, secLen, label, labLen, seed,
+                    seedLen);
+    }
+#endif
+
+    return ret;
+}
+
+
+#ifdef WOLFSSL_SHA384
+    #define HSHASH_SZ SHA384_DIGEST_SIZE
+#else
+    #define HSHASH_SZ FINISHED_SZ
+#endif
+
+
+int BuildTlsFinished(WOLFSSL* ssl, Hashes* hashes, const byte* sender)
+{
+    const byte* side;
+    byte        handshake_hash[HSHASH_SZ];
+    word32      hashSz = FINISHED_SZ;
+
+#ifndef NO_OLD_TLS
+    wc_Md5Final(&ssl->hashMd5, handshake_hash);
+    wc_ShaFinal(&ssl->hashSha, &handshake_hash[MD5_DIGEST_SIZE]);
+#endif
+    
+    if (IsAtLeastTLSv1_2(ssl)) {
+#ifndef NO_SHA256
+        if (ssl->specs.mac_algorithm <= sha256_mac) {
+            int ret = wc_Sha256Final(&ssl->hashSha256, handshake_hash);
+
+            if (ret != 0)
+                return ret;
+
+            hashSz = SHA256_DIGEST_SIZE;
+        }
+#endif
+#ifdef WOLFSSL_SHA384
+        if (ssl->specs.mac_algorithm == sha384_mac) {
+            int ret = wc_Sha384Final(&ssl->hashSha384, handshake_hash);
+
+            if (ret != 0)
+                return ret;
+
+            hashSz = SHA384_DIGEST_SIZE;
+        }
+#endif
+    }
+   
+    if ( XSTRNCMP((const char*)sender, (const char*)client, SIZEOF_SENDER) == 0)
+        side = tls_client;
+    else
+        side = tls_server;
+
+    return PRF((byte*)hashes, TLS_FINISHED_SZ, ssl->arrays->masterSecret,
+               SECRET_LEN, side, FINISHED_LABEL_SZ, handshake_hash, hashSz,
+               IsAtLeastTLSv1_2(ssl), ssl->specs.mac_algorithm);
+}
+
+
+#ifndef NO_OLD_TLS
+
+ProtocolVersion MakeTLSv1(void)
+{
+    ProtocolVersion pv;
+    pv.major = SSLv3_MAJOR;
+    pv.minor = TLSv1_MINOR;
+
+    return pv;
+}
+
+
+ProtocolVersion MakeTLSv1_1(void)
+{
+    ProtocolVersion pv;
+    pv.major = SSLv3_MAJOR;
+    pv.minor = TLSv1_1_MINOR;
+
+    return pv;
+}
+
+#endif
+
+
+ProtocolVersion MakeTLSv1_2(void)
+{
+    ProtocolVersion pv;
+    pv.major = SSLv3_MAJOR;
+    pv.minor = TLSv1_2_MINOR;
+
+    return pv;
+}
+
+
+static const byte master_label[MASTER_LABEL_SZ + 1] = "master secret";
+static const byte key_label   [KEY_LABEL_SZ + 1]    = "key expansion";
+
+
+/* External facing wrapper so user can call as well, 0 on success */
+int wolfSSL_DeriveTlsKeys(byte* key_data, word32 keyLen,
+                         const byte* ms, word32 msLen,
+                         const byte* sr, const byte* cr,
+                         int tls1_2, int hash_type)
+{
+    byte  seed[SEED_LEN];
+
+    XMEMCPY(seed,           sr, RAN_LEN);
+    XMEMCPY(seed + RAN_LEN, cr, RAN_LEN);
+
+    return PRF(key_data, keyLen, ms, msLen, key_label, KEY_LABEL_SZ,
+               seed, SEED_LEN, tls1_2, hash_type);
+}
+
+
+int DeriveTlsKeys(WOLFSSL* ssl)
+{
+    int   ret;
+    int   length = 2 * ssl->specs.hash_size + 
+                   2 * ssl->specs.key_size  +
+                   2 * ssl->specs.iv_size;
+#ifdef WOLFSSL_SMALL_STACK
+    byte* key_data;
+#else
+    byte  key_data[MAX_PRF_DIG];
+#endif
+
+#ifdef WOLFSSL_SMALL_STACK
+    key_data = (byte*)XMALLOC(MAX_PRF_DIG, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    if (key_data == NULL) {
+        return MEMORY_E;
+    }
+#endif
+
+    ret = wolfSSL_DeriveTlsKeys(key_data, length,
+                           ssl->arrays->masterSecret, SECRET_LEN,
+                           ssl->arrays->serverRandom, ssl->arrays->clientRandom,
+                           IsAtLeastTLSv1_2(ssl), ssl->specs.mac_algorithm);
+    if (ret == 0)
+        ret = StoreKeys(ssl, key_data);
+
+#ifdef WOLFSSL_SMALL_STACK
+    XFREE(key_data, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+
+    return ret;
+}
+
+
+/* External facing wrapper so user can call as well, 0 on success */
+int wolfSSL_MakeTlsMasterSecret(byte* ms, word32 msLen,
+                               const byte* pms, word32 pmsLen,
+                               const byte* cr, const byte* sr,
+                               int tls1_2, int hash_type)
+{
+    byte  seed[SEED_LEN];
+
+    XMEMCPY(seed,           cr, RAN_LEN);
+    XMEMCPY(seed + RAN_LEN, sr, RAN_LEN);
+
+    return PRF(ms, msLen, pms, pmsLen, master_label, MASTER_LABEL_SZ,
+               seed, SEED_LEN, tls1_2, hash_type);
+}
+
+
+int MakeTlsMasterSecret(WOLFSSL* ssl)
+{
+    int   ret;
+
+    ret = wolfSSL_MakeTlsMasterSecret(ssl->arrays->masterSecret, SECRET_LEN,
+              ssl->arrays->preMasterSecret, ssl->arrays->preMasterSz,
+              ssl->arrays->clientRandom, ssl->arrays->serverRandom,
+              IsAtLeastTLSv1_2(ssl), ssl->specs.mac_algorithm);
+
+    if (ret == 0) {
+    #ifdef SHOW_SECRETS
+        int i;
+
+        printf("master secret: ");
+        for (i = 0; i < SECRET_LEN; i++)
+            printf("%02x", ssl->arrays->masterSecret[i]);
+        printf("\n");
+    #endif
+
+        ret = DeriveTlsKeys(ssl);
+    }
+
+    return ret;
+}
+
+
+/* Used by EAP-TLS and EAP-TTLS to derive keying material from
+ * the master_secret. */
+int wolfSSL_make_eap_keys(WOLFSSL* ssl, void* msk, unsigned int len,
+                                                              const char* label)
+{
+    int   ret;
+#ifdef WOLFSSL_SMALL_STACK
+    byte* seed;
+#else
+    byte  seed[SEED_LEN];
+#endif
+
+#ifdef WOLFSSL_SMALL_STACK
+    seed = (byte*)XMALLOC(SEED_LEN, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    if (seed == NULL)
+        return MEMORY_E;
+#endif
+
+    /*
+     * As per RFC-5281, the order of the client and server randoms is reversed
+     * from that used by the TLS protocol to derive keys.
+     */
+    XMEMCPY(seed,           ssl->arrays->clientRandom, RAN_LEN);
+    XMEMCPY(seed + RAN_LEN, ssl->arrays->serverRandom, RAN_LEN);
+
+    ret = PRF((byte*)msk, len, ssl->arrays->masterSecret, SECRET_LEN,
+              (const byte *)label, (word32)strlen(label), seed, SEED_LEN,
+              IsAtLeastTLSv1_2(ssl), ssl->specs.mac_algorithm);
+
+#ifdef WOLFSSL_SMALL_STACK
+    XFREE(seed, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+
+    return ret;
+}
+
+
+/*** next for static INLINE s copied internal.c ***/
+
+/* convert 16 bit integer to opaque */
+static INLINE void c16toa(word16 u16, byte* c)
+{
+    c[0] = (u16 >> 8) & 0xff;
+    c[1] =  u16 & 0xff;
+}
+
+#ifdef HAVE_TLS_EXTENSIONS
+/* convert opaque to 16 bit integer */
+static INLINE void ato16(const byte* c, word16* u16)
+{
+    *u16 = (c[0] << 8) | (c[1]);
+}
+
+#ifdef HAVE_SNI
+/* convert a 24 bit integer into a 32 bit one */
+static INLINE void c24to32(const word24 u24, word32* u32)
+{
+    *u32 = (u24[0] << 16) | (u24[1] << 8) | u24[2];
+}
+#endif
+#endif
+
+/* convert 32 bit integer to opaque */
+static INLINE void c32toa(word32 u32, byte* c)
+{
+    c[0] = (u32 >> 24) & 0xff;
+    c[1] = (u32 >> 16) & 0xff;
+    c[2] = (u32 >>  8) & 0xff;
+    c[3] =  u32 & 0xff;
+}
+
+
+static INLINE word32 GetSEQIncrement(WOLFSSL* ssl, int verify)
+{
+#ifdef WOLFSSL_DTLS
+    if (ssl->options.dtls) {
+        if (verify)
+            return ssl->keys.dtls_state.curSeq; /* explicit from peer */
+        else
+            return ssl->keys.dtls_sequence_number - 1; /* already incremented */
+    }
+#endif
+    if (verify)
+        return ssl->keys.peer_sequence_number++; 
+    else
+        return ssl->keys.sequence_number++; 
+}
+
+
+#ifdef WOLFSSL_DTLS
+
+static INLINE word32 GetEpoch(WOLFSSL* ssl, int verify)
+{
+    if (verify)
+        return ssl->keys.dtls_state.curEpoch;
+    else
+        return ssl->keys.dtls_epoch;
+}
+
+#endif /* WOLFSSL_DTLS */
+
+
+/*** end copy ***/
+
+
+/* return HMAC digest type in wolfSSL format */
+int wolfSSL_GetHmacType(WOLFSSL* ssl)
+{
+    if (ssl == NULL)
+        return BAD_FUNC_ARG;
+
+    switch (ssl->specs.mac_algorithm) {
+        #ifndef NO_MD5
+        case md5_mac:
+        {
+            return MD5;
+        }
+        #endif
+        #ifndef NO_SHA256
+        case sha256_mac:
+        {
+            return SHA256;
+        }
+        #endif
+        #ifdef WOLFSSL_SHA384
+        case sha384_mac:
+        {
+            return SHA384;
+        }
+
+        #endif
+        #ifndef NO_SHA
+        case sha_mac:
+        {
+            return SHA;
+        }
+        #endif
+        #ifdef HAVE_BLAKE2 
+        case blake2b_mac:
+        {
+            return BLAKE2B_ID; 
+        }
+        #endif
+        default:
+        {
+            return SSL_FATAL_ERROR;
+        }
+    }
+}
+
+
+int wolfSSL_SetTlsHmacInner(WOLFSSL* ssl, byte* inner, word32 sz, int content,
+                           int verify)
+{
+    if (ssl == NULL || inner == NULL)
+        return BAD_FUNC_ARG;
+
+    XMEMSET(inner, 0, WOLFSSL_TLS_HMAC_INNER_SZ);
+
+#ifdef WOLFSSL_DTLS
+    if (ssl->options.dtls)
+        c16toa((word16)GetEpoch(ssl, verify), inner);
+#endif
+    c32toa(GetSEQIncrement(ssl, verify), &inner[sizeof(word32)]);
+    inner[SEQ_SZ] = (byte)content;                          
+    inner[SEQ_SZ + ENUM_LEN]            = ssl->version.major;
+    inner[SEQ_SZ + ENUM_LEN + ENUM_LEN] = ssl->version.minor;
+    c16toa((word16)sz, inner + SEQ_SZ + ENUM_LEN + VERSION_SZ);
+
+    return 0;
+}
+
+
+/* TLS type HMAC */
+int TLS_hmac(WOLFSSL* ssl, byte* digest, const byte* in, word32 sz,
+              int content, int verify)
+{
+    Hmac hmac;
+    int  ret;
+    byte myInner[WOLFSSL_TLS_HMAC_INNER_SZ];
+
+    if (ssl == NULL)
+        return BAD_FUNC_ARG;
+    
+#ifdef HAVE_FUZZER
+    if (ssl->fuzzerCb)
+        ssl->fuzzerCb(ssl, in, sz, FUZZ_HMAC, ssl->fuzzerCtx);
+#endif
+
+    wolfSSL_SetTlsHmacInner(ssl, myInner, sz, content, verify);
+
+    ret = wc_HmacSetKey(&hmac, wolfSSL_GetHmacType(ssl),
+                     wolfSSL_GetMacSecret(ssl, verify), ssl->specs.hash_size);
+    if (ret != 0)
+        return ret;
+    ret = wc_HmacUpdate(&hmac, myInner, sizeof(myInner));
+    if (ret != 0)
+        return ret;
+    ret = wc_HmacUpdate(&hmac, in, sz);                                /* content */
+    if (ret != 0)
+        return ret;
+    ret = wc_HmacFinal(&hmac, digest);
+    if (ret != 0)
+        return ret;
+
+    return 0;
+}
+
+#ifdef HAVE_TLS_EXTENSIONS
+
+
+/** Supports up to 64 flags. Update as needed. */
+#define SEMAPHORE_SIZE 8
+
+
+static INLINE word16 TLSX_ToSemaphore(word16 type)
+{
+    switch (type) {
+        case SECURE_RENEGOTIATION:
+            return 63;
+
+        default:
+            if (type > 62) {
+                /* This message SHOULD only happens during the adding of
+                   new TLS extensions in which its IANA number overflows
+                   the current semaphore's range, or if its number already
+                   is assigned to be used by another extension.
+                   Use this check value for the new extension and decrement
+                   the check value by one. */
+                WOLFSSL_MSG("### TLSX semaphore colision or overflow detected!");
+            }
+    }
+    
+    return type;
+}
+
+
+#define IS_OFF(semaphore, light) \
+    ((semaphore)[(light) / 8] ^  (byte) (0x01 << ((light) % 8)))
+
+
+#define TURN_ON(semaphore, light) \
+    ((semaphore)[(light) / 8] |= (byte) (0x01 << ((light) % 8)))
+
+
+static int TLSX_Push(TLSX** list, TLSX_Type type, void* data)
+{
+    TLSX* extension;
+
+    extension = (TLSX*)XMALLOC(sizeof(TLSX), 0, DYNAMIC_TYPE_TLSX);
+    if (extension == NULL)
+        return MEMORY_E;
+
+    extension->type = type;
+    extension->data = data;
+    extension->resp = 0;
+    extension->next = *list;
+    *list = extension;
+
+    /* remove duplicated extensions, there should be only one of each type. */
+    do {
+        if (extension->next && extension->next->type == type) {
+            TLSX *next = extension->next;
+
+            extension->next = next->next;
+            next->next = NULL;
+
+            TLSX_FreeAll(next);
+
+            /* there is no way to occur more than */
+            /* two extensions of the same type.   */
+            break;
+        }
+    } while ((extension = extension->next));
+
+    return 0;
+}
+
+
+#ifndef NO_WOLFSSL_SERVER
+
+void TLSX_SetResponse(WOLFSSL* ssl, TLSX_Type type);
+
+void TLSX_SetResponse(WOLFSSL* ssl, TLSX_Type type)
+{
+    TLSX *ext = TLSX_Find(ssl->extensions, type);
+
+    if (ext)
+        ext->resp = 1;
+}
+
+#endif
+
+/* SNI - Server Name Indication */
+
+#ifdef HAVE_SNI
+
+static void TLSX_SNI_Free(SNI* sni)
+{
+    if (sni) {
+        switch (sni->type) {
+            case WOLFSSL_SNI_HOST_NAME:
+                XFREE(sni->data.host_name, 0, DYNAMIC_TYPE_TLSX);
+            break;
+        }
+
+        XFREE(sni, 0, DYNAMIC_TYPE_TLSX);
+    }
+}
+
+static void TLSX_SNI_FreeAll(SNI* list)
+{
+    SNI* sni;
+
+    while ((sni = list)) {
+        list = sni->next;
+        TLSX_SNI_Free(sni);
+    }
+}
+
+static int TLSX_SNI_Append(SNI** list, byte type, const void* data, word16 size)
+{
+    SNI* sni;
+
+    if (list == NULL)
+        return BAD_FUNC_ARG;
+
+    if ((sni = XMALLOC(sizeof(SNI), 0, DYNAMIC_TYPE_TLSX)) == NULL)
+        return MEMORY_E;
+
+    switch (type) {
+        case WOLFSSL_SNI_HOST_NAME: {
+            sni->data.host_name = XMALLOC(size + 1, 0, DYNAMIC_TYPE_TLSX);
+
+            if (sni->data.host_name) {
+                XSTRNCPY(sni->data.host_name, (const char*)data, size);
+                sni->data.host_name[size] = 0;
+            } else {
+                XFREE(sni, 0, DYNAMIC_TYPE_TLSX);
+                return MEMORY_E;
+            }
+        }
+        break;
+
+        default: /* invalid type */
+            XFREE(sni, 0, DYNAMIC_TYPE_TLSX);
+            return BAD_FUNC_ARG;
+    }
+
+    sni->type = type;
+    sni->next = *list;
+
+#ifndef NO_WOLFSSL_SERVER
+    sni->options = 0;
+    sni->status  = WOLFSSL_SNI_NO_MATCH;
+#endif
+
+    *list = sni;
+
+    return 0;
+}
+
+static word16 TLSX_SNI_GetSize(SNI* list)
+{
+    SNI* sni;
+    word16 length = OPAQUE16_LEN; /* list length */
+
+    while ((sni = list)) {
+        list = sni->next;
+
+        length += ENUM_LEN + OPAQUE16_LEN; /* sni type + sni length */
+
+        switch (sni->type) {
+            case WOLFSSL_SNI_HOST_NAME:
+                length += XSTRLEN((char*)sni->data.host_name);
+            break;
+        }
+    }
+
+    return length;
+}
+
+static word16 TLSX_SNI_Write(SNI* list, byte* output)
+{
+    SNI* sni;
+    word16 length = 0;
+    word16 offset = OPAQUE16_LEN; /* list length offset */
+
+    while ((sni = list)) {
+        list = sni->next;
+
+        output[offset++] = sni->type; /* sni type */
+
+        switch (sni->type) {
+            case WOLFSSL_SNI_HOST_NAME:
+                length = XSTRLEN((char*)sni->data.host_name);
+
+                c16toa(length, output + offset); /* sni length */
+                offset += OPAQUE16_LEN;
+
+                XMEMCPY(output + offset, sni->data.host_name, length);
+
+                offset += length;
+            break;
+        }
+    }
+
+    c16toa(offset - OPAQUE16_LEN, output); /* writing list length */
+
+    return offset;
+}
+
+static SNI* TLSX_SNI_Find(SNI *list, byte type)
+{
+    SNI *sni = list;
+
+    while (sni && sni->type != type)
+        sni = sni->next;
+
+    return sni;
+}
+
+#ifndef NO_WOLFSSL_SERVER
+static void TLSX_SNI_SetStatus(TLSX* extensions, byte type, byte status)
+{
+    TLSX* extension = TLSX_Find(extensions, SERVER_NAME_INDICATION);
+    SNI* sni = TLSX_SNI_Find(extension ? extension->data : NULL, type);
+
+    if (sni) {
+        sni->status = status;
+        WOLFSSL_MSG("SNI did match!");
+    }
+}
+
+byte TLSX_SNI_Status(TLSX* extensions, byte type)
+{
+    TLSX* extension = TLSX_Find(extensions, SERVER_NAME_INDICATION);
+    SNI* sni = TLSX_SNI_Find(extension ? extension->data : NULL, type);
+
+    if (sni)
+        return sni->status;
+
+    return 0;
+}
+#endif
+
+static int TLSX_SNI_Parse(WOLFSSL* ssl, byte* input, word16 length,
+                                                                 byte isRequest)
+{
+#ifndef NO_WOLFSSL_SERVER
+    word16 size = 0;
+    word16 offset = 0;
+#endif
+
+    TLSX *extension = TLSX_Find(ssl->extensions, SERVER_NAME_INDICATION);
+
+    if (!extension)
+        extension = TLSX_Find(ssl->ctx->extensions, SERVER_NAME_INDICATION);
+
+    if (!extension || !extension->data)
+        return isRequest ? 0 : BUFFER_ERROR; /* not using SNI OR unexpected
+                                                SNI response from server. */
+
+    if (!isRequest)
+        return length ? BUFFER_ERROR : 0; /* SNI response must be empty!
+                                             Nothing else to do. */
+
+#ifndef NO_WOLFSSL_SERVER
+
+    if (OPAQUE16_LEN > length)
+        return BUFFER_ERROR;
+
+    ato16(input, &size);
+    offset += OPAQUE16_LEN;
+
+    /* validating sni list length */
+    if (length != OPAQUE16_LEN + size)
+        return BUFFER_ERROR;
+
+    for (size = 0; offset < length; offset += size) {
+        SNI *sni;
+        byte type = input[offset++];
+
+        if (offset + OPAQUE16_LEN > length)
+            return BUFFER_ERROR;
+
+        ato16(input + offset, &size);
+        offset += OPAQUE16_LEN;
+
+        if (offset + size > length)
+            return BUFFER_ERROR;
+
+        if (!(sni = TLSX_SNI_Find((SNI*)extension->data, type))) {
+            continue; /* not using this SNI type */
+        }
+
+        switch(type) {
+            case WOLFSSL_SNI_HOST_NAME: {
+                byte matched = (XSTRLEN(sni->data.host_name) == size)
+                            && (XSTRNCMP(sni->data.host_name,
+                                       (const char*)input + offset, size) == 0);
+
+                if (matched || sni->options & WOLFSSL_SNI_ANSWER_ON_MISMATCH) {
+                    int r = TLSX_UseSNI(&ssl->extensions,
+                                                    type, input + offset, size);
+
+                    if (r != SSL_SUCCESS) return r; /* throw error */
+
+                    TLSX_SNI_SetStatus(ssl->extensions, type,
+                      matched ? WOLFSSL_SNI_REAL_MATCH : WOLFSSL_SNI_FAKE_MATCH);
+
+                } else if (!(sni->options & WOLFSSL_SNI_CONTINUE_ON_MISMATCH)) {
+                    SendAlert(ssl, alert_fatal, unrecognized_name);
+
+                    return UNKNOWN_SNI_HOST_NAME_E;
+                }
+                break;
+            }
+        }
+
+        TLSX_SetResponse(ssl, SERVER_NAME_INDICATION);
+    }
+
+#endif
+
+    return 0;
+}
+
+int TLSX_UseSNI(TLSX** extensions, byte type, const void* data, word16 size)
+{
+    TLSX* extension = TLSX_Find(*extensions, SERVER_NAME_INDICATION);
+    SNI*  sni       = NULL;
+    int   ret       = 0;
+
+    if (extensions == NULL || data == NULL)
+        return BAD_FUNC_ARG;
+
+    if ((ret = TLSX_SNI_Append(&sni, type, data, size)) != 0)
+        return ret;
+
+    if (!extension) {
+        if ((ret = TLSX_Push(extensions, SERVER_NAME_INDICATION, (void*)sni)) 
+                                                                         != 0) {
+            TLSX_SNI_Free(sni);
+            return ret;
+        }
+    }
+    else {
+        /* push new SNI object to extension data. */
+        sni->next = (SNI*)extension->data;
+        extension->data = (void*)sni;        
+
+        /* look for another server name of the same type to remove */
+        do {
+            if (sni->next && sni->next->type == type) {
+                SNI *next = sni->next;
+
+                sni->next = next->next;
+                TLSX_SNI_Free(next);
+
+                break;
+            }
+        } while ((sni = sni->next));
+    }
+
+    return SSL_SUCCESS;
+}
+
+#ifndef NO_WOLFSSL_SERVER
+word16 TLSX_SNI_GetRequest(TLSX* extensions, byte type, void** data)
+{
+    TLSX* extension = TLSX_Find(extensions, SERVER_NAME_INDICATION);
+    SNI* sni = TLSX_SNI_Find(extension ? extension->data : NULL, type);
+
+    if (sni && sni->status != WOLFSSL_SNI_NO_MATCH) {
+        switch (sni->type) {
+            case WOLFSSL_SNI_HOST_NAME:
+                *data = sni->data.host_name;
+                return XSTRLEN(*data);
+        }
+    }
+
+    return 0;
+}
+
+void TLSX_SNI_SetOptions(TLSX* extensions, byte type, byte options)
+{
+    TLSX* extension = TLSX_Find(extensions, SERVER_NAME_INDICATION);
+    SNI* sni = TLSX_SNI_Find(extension ? extension->data : NULL, type);
+
+    if (sni)
+        sni->options = options;
+}
+
+int TLSX_SNI_GetFromBuffer(const byte* clientHello, word32 helloSz,
+                           byte type, byte* sni, word32* inOutSz)
+{
+    word32 offset = 0;
+    word32 len32  = 0;
+    word16 len16  = 0;
+
+    if (helloSz < RECORD_HEADER_SZ + HANDSHAKE_HEADER_SZ + CLIENT_HELLO_FIRST)
+        return INCOMPLETE_DATA;
+
+    /* TLS record header */
+    if ((enum ContentType) clientHello[offset++] != handshake)
+        return BUFFER_ERROR;
+
+    if (clientHello[offset++] != SSLv3_MAJOR)
+        return BUFFER_ERROR;
+
+    if (clientHello[offset++] < TLSv1_MINOR)
+        return SNI_UNSUPPORTED;
+
+    ato16(clientHello + offset, &len16);
+    offset += OPAQUE16_LEN;
+
+    if (offset + len16 > helloSz)
+        return INCOMPLETE_DATA;
+
+    /* Handshake header */
+    if ((enum HandShakeType) clientHello[offset] != client_hello)
+        return BUFFER_ERROR;
+
+    c24to32(clientHello + offset + 1, &len32);
+    offset += HANDSHAKE_HEADER_SZ;
+
+    if (offset + len32 > helloSz)
+        return BUFFER_ERROR;
+
+    /* client hello */
+    offset += VERSION_SZ + RAN_LEN; /* version, random */
+
+    if (helloSz < offset + clientHello[offset])
+        return BUFFER_ERROR;
+
+    offset += ENUM_LEN + clientHello[offset]; /* skip session id */
+
+    /* cypher suites */
+    if (helloSz < offset + OPAQUE16_LEN)
+        return BUFFER_ERROR;
+
+    ato16(clientHello + offset, &len16);
+    offset += OPAQUE16_LEN;
+
+    if (helloSz < offset + len16)
+        return BUFFER_ERROR;
+
+    offset += len16; /* skip cypher suites */
+
+    /* compression methods */
+    if (helloSz < offset + 1)
+        return BUFFER_ERROR;
+
+    if (helloSz < offset + clientHello[offset])
+        return BUFFER_ERROR;
+
+    offset += ENUM_LEN + clientHello[offset]; /* skip compression methods */
+
+    /* extensions */
+    if (helloSz < offset + OPAQUE16_LEN)
+        return 0; /* no extensions in client hello. */
+
+    ato16(clientHello + offset, &len16);
+    offset += OPAQUE16_LEN;
+
+    if (helloSz < offset + len16)
+        return BUFFER_ERROR;
+
+    while (len16 >= OPAQUE16_LEN + OPAQUE16_LEN) {
+        word16 extType;
+        word16 extLen;
+
+        ato16(clientHello + offset, &extType);
+        offset += OPAQUE16_LEN;
+
+        ato16(clientHello + offset, &extLen);
+        offset += OPAQUE16_LEN;
+
+        if (helloSz < offset + extLen)
+            return BUFFER_ERROR;
+
+        if (extType != SERVER_NAME_INDICATION) {
+            offset += extLen; /* skip extension */
+        } else {
+            word16 listLen;
+
+            ato16(clientHello + offset, &listLen);
+            offset += OPAQUE16_LEN;
+
+            if (helloSz < offset + listLen)
+                return BUFFER_ERROR;
+
+            while (listLen > ENUM_LEN + OPAQUE16_LEN) {
+                byte   sniType = clientHello[offset++];
+                word16 sniLen;
+
+                ato16(clientHello + offset, &sniLen);
+                offset += OPAQUE16_LEN;
+
+                if (helloSz < offset + sniLen)
+                    return BUFFER_ERROR;
+
+                if (sniType != type) {
+                    offset  += sniLen;
+                    listLen -= min(ENUM_LEN + OPAQUE16_LEN + sniLen, listLen);
+                    continue;
+                }
+
+                *inOutSz = min(sniLen, *inOutSz);
+                XMEMCPY(sni, clientHello + offset, *inOutSz);
+
+                return SSL_SUCCESS;
+            }
+        }
+
+        len16 -= min(2 * OPAQUE16_LEN + extLen, len16);
+    }
+
+    return len16 ? BUFFER_ERROR : 0;
+}
+
+#endif
+
+#define SNI_FREE_ALL TLSX_SNI_FreeAll
+#define SNI_GET_SIZE TLSX_SNI_GetSize
+#define SNI_WRITE    TLSX_SNI_Write
+#define SNI_PARSE    TLSX_SNI_Parse
+
+#else
+
+#define SNI_FREE_ALL(list)
+#define SNI_GET_SIZE(list)    0
+#define SNI_WRITE(a, b)       0
+#define SNI_PARSE(a, b, c, d) 0
+
+#endif /* HAVE_SNI */
+
+#ifdef HAVE_MAX_FRAGMENT
+
+static word16 TLSX_MFL_Write(byte* data, byte* output)
+{
+    output[0] = data[0];
+
+    return ENUM_LEN;
+}
+
+static int TLSX_MFL_Parse(WOLFSSL* ssl, byte* input, word16 length,
+                                                                 byte isRequest)
+{
+    if (length != ENUM_LEN)
+        return BUFFER_ERROR;
+
+    switch (*input) {
+        case WOLFSSL_MFL_2_9 : ssl->max_fragment =  512; break;
+        case WOLFSSL_MFL_2_10: ssl->max_fragment = 1024; break;
+        case WOLFSSL_MFL_2_11: ssl->max_fragment = 2048; break;
+        case WOLFSSL_MFL_2_12: ssl->max_fragment = 4096; break;
+        case WOLFSSL_MFL_2_13: ssl->max_fragment = 8192; break;
+
+        default:
+            SendAlert(ssl, alert_fatal, illegal_parameter);
+
+            return UNKNOWN_MAX_FRAG_LEN_E;
+    }
+
+#ifndef NO_WOLFSSL_SERVER
+    if (isRequest) {
+        int r = TLSX_UseMaxFragment(&ssl->extensions, *input);
+
+        if (r != SSL_SUCCESS) return r; /* throw error */
+
+        TLSX_SetResponse(ssl, MAX_FRAGMENT_LENGTH);
+    }
+#endif
+
+    return 0;
+}
+
+int TLSX_UseMaxFragment(TLSX** extensions, byte mfl)
+{
+    byte* data = NULL;
+    int   ret  = 0;
+
+    if (extensions == NULL)
+        return BAD_FUNC_ARG;
+
+    if (mfl < WOLFSSL_MFL_2_9 || WOLFSSL_MFL_2_13 < mfl)
+        return BAD_FUNC_ARG;
+
+    if ((data = XMALLOC(ENUM_LEN, 0, DYNAMIC_TYPE_TLSX)) == NULL)
+        return MEMORY_E;
+
+    data[0] = mfl;
+
+    /* push new MFL extension. */
+    if ((ret = TLSX_Push(extensions, MAX_FRAGMENT_LENGTH, data)) != 0) {
+        XFREE(data, 0, DYNAMIC_TYPE_TLSX);
+        return ret;
+    }
+
+    return SSL_SUCCESS;
+}
+
+
+#define MFL_FREE_ALL(data) XFREE(data, 0, DYNAMIC_TYPE_TLSX)
+#define MFL_GET_SIZE(data) ENUM_LEN
+#define MFL_WRITE          TLSX_MFL_Write
+#define MFL_PARSE          TLSX_MFL_Parse
+
+#else
+
+#define MFL_FREE_ALL(a)
+#define MFL_GET_SIZE(a)       0
+#define MFL_WRITE(a, b)       0
+#define MFL_PARSE(a, b, c, d) 0
+
+#endif /* HAVE_MAX_FRAGMENT */
+
+#ifdef HAVE_TRUNCATED_HMAC
+
+static int TLSX_THM_Parse(WOLFSSL* ssl, byte* input, word16 length,
+                                                                 byte isRequest)
+{
+    if (length != 0 || input == NULL)
+        return BUFFER_ERROR;
+
+#ifndef NO_WOLFSSL_SERVER
+    if (isRequest) {
+        int r = TLSX_UseTruncatedHMAC(&ssl->extensions);
+
+        if (r != SSL_SUCCESS) return r; /* throw error */
+
+        TLSX_SetResponse(ssl, TRUNCATED_HMAC);
+    }
+#endif
+
+    ssl->truncated_hmac = 1;
+
+    return 0;
+}
+
+int TLSX_UseTruncatedHMAC(TLSX** extensions)
+{
+    int ret = 0;
+
+    if (extensions == NULL)
+        return BAD_FUNC_ARG;
+
+    if ((ret = TLSX_Push(extensions, TRUNCATED_HMAC, NULL)) != 0)
+        return ret;
+
+    return SSL_SUCCESS;
+}
+
+#define THM_PARSE TLSX_THM_Parse
+
+#else
+
+#define THM_PARSE(a, b, c, d) 0
+
+#endif /* HAVE_TRUNCATED_HMAC */
+
+#ifdef HAVE_SUPPORTED_CURVES
+
+#ifndef HAVE_ECC
+#error Elliptic Curves Extension requires Elliptic Curve Cryptography. \
+       Use --enable-ecc in the configure script or define HAVE_ECC.
+#endif
+
+static void TLSX_EllipticCurve_FreeAll(EllipticCurve* list)
+{
+    EllipticCurve* curve;
+
+    while ((curve = list)) {
+        list = curve->next;
+        XFREE(curve, 0, DYNAMIC_TYPE_TLSX);
+    }
+}
+
+static int TLSX_EllipticCurve_Append(EllipticCurve** list, word16 name)
+{
+    EllipticCurve* curve;
+
+    if (list == NULL)
+        return BAD_FUNC_ARG;
+
+    if ((curve = XMALLOC(sizeof(EllipticCurve), 0, DYNAMIC_TYPE_TLSX)) == NULL)
+        return MEMORY_E;
+
+    curve->name = name;
+    curve->next = *list;
+
+    *list = curve;
+
+    return 0;
+}
+
+#ifndef NO_WOLFSSL_CLIENT
+
+static void TLSX_EllipticCurve_ValidateRequest(WOLFSSL* ssl, byte* semaphore)
+{
+    int i;
+
+    for (i = 0; i < ssl->suites->suiteSz; i+= 2)
+        if (ssl->suites->suites[i] == ECC_BYTE)
+            return;
+
+    /* No elliptic curve suite found */
+    TURN_ON(semaphore, TLSX_ToSemaphore(ELLIPTIC_CURVES));
+}
+
+static word16 TLSX_EllipticCurve_GetSize(EllipticCurve* list)
+{
+    EllipticCurve* curve;
+    word16 length = OPAQUE16_LEN; /* list length */
+
+    while ((curve = list)) {
+        list = curve->next;
+        length += OPAQUE16_LEN; /* curve length */
+    }
+
+    return length;
+}
+
+static word16 TLSX_EllipticCurve_WriteR(EllipticCurve* curve, byte* output);
+static word16 TLSX_EllipticCurve_WriteR(EllipticCurve* curve, byte* output)
+{
+    word16 offset = 0;
+
+    if (!curve)
+        return offset;
+
+    offset = TLSX_EllipticCurve_WriteR(curve->next, output);
+    c16toa(curve->name, output + offset);
+
+    return OPAQUE16_LEN + offset;
+}
+
+static word16 TLSX_EllipticCurve_Write(EllipticCurve* list, byte* output)
+{
+    word16 length = TLSX_EllipticCurve_WriteR(list, output + OPAQUE16_LEN);
+
+    c16toa(length, output); /* writing list length */
+
+    return OPAQUE16_LEN + length;
+}
+
+#endif /* NO_WOLFSSL_CLIENT */
+#ifndef NO_WOLFSSL_SERVER
+
+static int TLSX_EllipticCurve_Parse(WOLFSSL* ssl, byte* input, word16 length,
+                                                                 byte isRequest)
+{
+    word16 offset;
+    word16 name;
+    int r;
+
+    (void) isRequest; /* shut up compiler! */
+
+    if (OPAQUE16_LEN > length || length % OPAQUE16_LEN)
+        return BUFFER_ERROR;
+
+    ato16(input, &offset);
+
+    /* validating curve list length */
+    if (length != OPAQUE16_LEN + offset)
+        return BUFFER_ERROR;
+
+    while (offset) {
+        ato16(input + offset, &name);
+        offset -= OPAQUE16_LEN;
+
+        r = TLSX_UseSupportedCurve(&ssl->extensions, name);
+
+        if (r != SSL_SUCCESS) return r; /* throw error */
+    }
+
+    return 0;
+}
+
+int TLSX_ValidateEllipticCurves(WOLFSSL* ssl, byte first, byte second) {
+    TLSX*          extension = (first == ECC_BYTE)
+                             ? TLSX_Find(ssl->extensions, ELLIPTIC_CURVES)
+                             : NULL;
+    EllipticCurve* curve     = NULL;
+    word32         oid       = 0;
+    word16         octets    = 0; /* acording to 'ecc_set_type ecc_sets[];' */
+    int            sig       = 0; /* valitade signature */
+    int            key       = 0; /* validate key       */
+
+    (void)oid;
+    (void)octets;
+
+    if (!extension)
+        return 1; /* no suite restriction */
+
+    for (curve = extension->data; curve && !(sig && key); curve = curve->next) {
+
+        switch (curve->name) {
+            case WOLFSSL_ECC_SECP160R1: oid = ECC_160R1; octets = 20; break;
+            case WOLFSSL_ECC_SECP192R1: oid = ECC_192R1; octets = 24; break;
+            case WOLFSSL_ECC_SECP224R1: oid = ECC_224R1; octets = 28; break;
+            case WOLFSSL_ECC_SECP256R1: oid = ECC_256R1; octets = 32; break;
+            case WOLFSSL_ECC_SECP384R1: oid = ECC_384R1; octets = 48; break;
+            case WOLFSSL_ECC_SECP521R1: oid = ECC_521R1; octets = 66; break;
+            default: continue; /* unsupported curve */
+        }
+
+        switch (second) {
+#ifndef NO_DSA
+            /* ECDHE_ECDSA */
+            case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA:
+            case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA:
+            case TLS_ECDHE_ECDSA_WITH_RC4_128_SHA:
+            case TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA:
+            case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256:
+            case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384:
+            case TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:
+            case TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384:
+            case TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8:
+            case TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8:
+                sig |= ssl->pkCurveOID == oid;
+                key |= ssl->eccTempKeySz == octets;
+            break;
+
+            /* ECDH_ECDSA */
+            case TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA:
+            case TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA:
+            case TLS_ECDH_ECDSA_WITH_RC4_128_SHA:
+            case TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA:
+            case TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256:
+            case TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384:
+            case TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256:
+            case TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384:
+                sig |= ssl->pkCurveOID == oid;
+                key |= ssl->pkCurveOID == oid;
+            break;
+#endif
+#ifndef NO_RSA
+            /* ECDHE_RSA */
+            case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA:
+            case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA:
+            case TLS_ECDHE_RSA_WITH_RC4_128_SHA:
+            case TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA:
+            case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256:
+            case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384:
+            case TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256:
+            case TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384:
+                sig = 1;
+                key |= ssl->eccTempKeySz == octets;
+            break;
+
+            /* ECDH_RSA */
+            case TLS_ECDH_RSA_WITH_AES_256_CBC_SHA:
+            case TLS_ECDH_RSA_WITH_AES_128_CBC_SHA:
+            case TLS_ECDH_RSA_WITH_RC4_128_SHA:
+            case TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA:
+            case TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256:
+            case TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384:
+            case TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256:
+            case TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384:
+                sig = 1;
+                key |= ssl->pkCurveOID == oid;
+            break;
+#endif
+            default:
+                sig = 1;
+                key = 1;
+            break;
+        }
+    }
+
+    return sig && key;
+}
+
+#endif /* NO_WOLFSSL_SERVER */
+
+int TLSX_UseSupportedCurve(TLSX** extensions, word16 name)
+{
+    TLSX*          extension = TLSX_Find(*extensions, ELLIPTIC_CURVES);
+    EllipticCurve* curve     = NULL;
+    int            ret       = 0;
+
+    if (extensions == NULL)
+        return BAD_FUNC_ARG;
+
+    if ((ret = TLSX_EllipticCurve_Append(&curve, name)) != 0)
+        return ret;
+
+    if (!extension) {
+        if ((ret = TLSX_Push(extensions, ELLIPTIC_CURVES, curve)) != 0) {
+            XFREE(curve, 0, DYNAMIC_TYPE_TLSX);
+            return ret;
+        }
+    }
+    else {
+        /* push new EllipticCurve object to extension data. */
+        curve->next = (EllipticCurve*)extension->data;
+        extension->data = (void*)curve;
+
+        /* look for another curve of the same name to remove (replacement) */
+        do {
+            if (curve->next && curve->next->name == name) {
+                EllipticCurve *next = curve->next;
+
+                curve->next = next->next;
+                XFREE(next, 0, DYNAMIC_TYPE_TLSX);
+
+                break;
+            }
+        } while ((curve = curve->next));        
+    }
+
+    return SSL_SUCCESS;
+}
+
+#define EC_FREE_ALL         TLSX_EllipticCurve_FreeAll
+#define EC_VALIDATE_REQUEST TLSX_EllipticCurve_ValidateRequest
+
+#ifndef NO_WOLFSSL_CLIENT
+#define EC_GET_SIZE TLSX_EllipticCurve_GetSize
+#define EC_WRITE    TLSX_EllipticCurve_Write
+#else
+#define EC_GET_SIZE(list)         0
+#define EC_WRITE(a, b)            0
+#endif
+
+#ifndef NO_WOLFSSL_SERVER
+#define EC_PARSE TLSX_EllipticCurve_Parse
+#else
+#define EC_PARSE(a, b, c, d)      0
+#endif
+
+#else
+
+#define EC_FREE_ALL(list)
+#define EC_GET_SIZE(list)         0
+#define EC_WRITE(a, b)            0
+#define EC_PARSE(a, b, c, d)      0
+#define EC_VALIDATE_REQUEST(a, b)
+
+#endif /* HAVE_SUPPORTED_CURVES */
+
+#ifdef HAVE_SECURE_RENEGOTIATION
+
+static byte TLSX_SecureRenegotiation_GetSize(SecureRenegotiation* data,
+                                                                  int isRequest)
+{
+    byte length = OPAQUE8_LEN; /* empty info length */
+
+    if (data->enabled) {
+        /* client sends client_verify_data only */
+        length += TLS_FINISHED_SZ;
+
+        /* server also sends server_verify_data */
+        if (!isRequest)
+            length += TLS_FINISHED_SZ;
+    }
+
+    return length;
+}
+
+static word16 TLSX_SecureRenegotiation_Write(SecureRenegotiation* data,
+                                                    byte* output, int isRequest)
+{   
+    word16 offset = OPAQUE8_LEN; /* RenegotiationInfo length */
+
+    if (data->enabled) {
+        /* client sends client_verify_data only */
+        XMEMCPY(output + offset, data->client_verify_data, TLS_FINISHED_SZ);
+        offset += TLS_FINISHED_SZ;
+
+        /* server also sends server_verify_data */
+        if (!isRequest) {
+            XMEMCPY(output + offset, data->server_verify_data, TLS_FINISHED_SZ);
+            offset += TLS_FINISHED_SZ;
+        }
+    }
+
+    output[0] = offset - 1;  /* info length - self */
+    
+    return offset;
+}   
+    
+static int TLSX_SecureRenegotiation_Parse(WOLFSSL* ssl, byte* input, 
+                                                  word16 length, byte isRequest)
+{
+    int ret = SECURE_RENEGOTIATION_E;
+
+    if (length >= OPAQUE8_LEN) {
+        if (ssl->secure_renegotiation == NULL) {
+        #ifndef NO_WOLFSSL_SERVER
+            if (isRequest && *input == 0) {
+                ret = 0;  /* don't reply, user didn't enable */
+            }
+        #endif
+        }
+        else if (isRequest) {
+        #ifndef NO_WOLFSSL_SERVER
+            if (*input == TLS_FINISHED_SZ) {
+                /* TODO compare client_verify_data */
+                ret = 0;
+            }
+        #endif
+        }
+        else {
+        #ifndef NO_WOLFSSL_CLIENT
+            if (!ssl->secure_renegotiation->enabled) {
+                if (*input == 0) {
+                    ssl->secure_renegotiation->enabled = 1;
+                    ret = 0;                    
+                }
+            }
+            else if (*input == 2 * TLS_FINISHED_SZ) {
+                /* TODO compare client_verify_data and server_verify_data */
+                ret = 0;
+            }
+        #endif
+        }
+    }
+
+    if (ret != 0) {
+        /* TODO: turn on fatal error at ssl level too */
+        SendAlert(ssl, alert_fatal, handshake_failure);
+    }
+
+    return ret;
+}
+
+int TLSX_UseSecureRenegotiation(TLSX** extensions)
+{
+    int ret = 0;
+    SecureRenegotiation* data = NULL;
+    
+    data = (SecureRenegotiation*)XMALLOC(sizeof(SecureRenegotiation), NULL,
+                                                             DYNAMIC_TYPE_TLSX);
+    if (data == NULL)
+        return MEMORY_E;
+
+    XMEMSET(data, 0, sizeof(SecureRenegotiation));
+
+    ret = TLSX_Push(extensions, SECURE_RENEGOTIATION, data);
+    if (ret != 0) {
+        XFREE(data, 0, DYNAMIC_TYPE_TLSX);
+        return ret;
+    }
+
+    return SSL_SUCCESS;
+}
+
+
+#define SCR_FREE_ALL(data) XFREE(data, NULL, DYNAMIC_TYPE_TLSX)
+#define SCR_GET_SIZE       TLSX_SecureRenegotiation_GetSize
+#define SCR_WRITE          TLSX_SecureRenegotiation_Write
+#define SCR_PARSE          TLSX_SecureRenegotiation_Parse
+
+#else
+
+#define SCR_FREE_ALL(a)
+#define SCR_GET_SIZE(a, b)    0
+#define SCR_WRITE(a, b, c)    0
+#define SCR_PARSE(a, b, c, d) 0
+
+#endif /* HAVE_SECURE_RENEGOTIATION */
+
+#ifdef HAVE_SESSION_TICKET
+
+static void TLSX_SessionTicket_ValidateRequest(WOLFSSL* ssl)
+{
+    TLSX*          extension = TLSX_Find(ssl->extensions, SESSION_TICKET);
+    SessionTicket* ticket    = extension ? extension->data : NULL;
+
+    if (ticket) {
+        /* TODO validate ticket timeout here! */
+        if (ticket->lifetime == 0xfffffff) {
+            /* send empty ticket on timeout */
+            TLSX_UseSessionTicket(&ssl->extensions, NULL);
+        }
+    }
+}
+
+
+static word16 TLSX_SessionTicket_GetSize(SessionTicket* ticket, int isRequest)
+{
+    return isRequest && ticket ? ticket->size : 0;
+}
+
+static word16 TLSX_SessionTicket_Write(SessionTicket* ticket, byte* output,
+                                                                  int isRequest)
+{
+    int offset = 0; /* empty ticket */
+    
+    if (isRequest && ticket) {
+        XMEMCPY(output + offset, ticket->data, ticket->size);
+        offset += ticket->size;
+    }
+
+    return offset;
+}
+
+
+static int TLSX_SessionTicket_Parse(WOLFSSL* ssl, byte* input, word16 length,
+                                                                 byte isRequest)
+{
+    if (!isRequest) {
+        if (length != 0)
+            return BUFFER_ERROR;
+        
+        ssl->expect_session_ticket = 1;
+    }
+    else {
+        /* TODO server side */
+        (void)input;        
+    }
+
+    return 0;
+}
+
+WOLFSSL_LOCAL SessionTicket* TLSX_SessionTicket_Create(word32 lifetime,
+                                                       byte* data, word16 size)
+{
+    SessionTicket* ticket = (SessionTicket*)XMALLOC(sizeof(SessionTicket),
+                                                       NULL, DYNAMIC_TYPE_TLSX);
+    if (ticket) {
+        ticket->data = (byte*)XMALLOC(size, NULL, DYNAMIC_TYPE_TLSX);
+        if (ticket->data == NULL) {
+            XFREE(ticket, NULL, DYNAMIC_TYPE_TLSX);
+            return NULL;
+        }
+
+        XMEMCPY(ticket->data, data, size);
+        ticket->size     = size;
+        ticket->lifetime = lifetime;
+    }
+
+    return ticket;
+}
+WOLFSSL_LOCAL void TLSX_SessionTicket_Free(SessionTicket* ticket)
+{
+    if (ticket) {
+        XFREE(ticket->data, NULL, DYNAMIC_TYPE_TLSX);
+        XFREE(ticket,       NULL, DYNAMIC_TYPE_TLSX);
+    }
+}
+
+int TLSX_UseSessionTicket(TLSX** extensions, SessionTicket* ticket)
+{
+    int ret = 0;
+
+    if (extensions == NULL)
+        return BAD_FUNC_ARG;
+
+    /* If the ticket is NULL, the client will request a new ticket from the
+       server. Otherwise, the client will use it in the next client hello. */
+    if ((ret = TLSX_Push(extensions, SESSION_TICKET, (void*)ticket)) != 0)
+        return ret;
+
+    return SSL_SUCCESS;
+}
+
+#define STK_VALIDATE_REQUEST TLSX_SessionTicket_ValidateRequest
+#define STK_GET_SIZE         TLSX_SessionTicket_GetSize
+#define STK_WRITE            TLSX_SessionTicket_Write
+#define STK_PARSE            TLSX_SessionTicket_Parse
+
+#else
+
+#define STK_VALIDATE_REQUEST(a)
+#define STK_GET_SIZE(a, b)      0
+#define STK_WRITE(a, b, c)      0
+#define STK_PARSE(a, b, c, d)   0
+
+#endif /* HAVE_SESSION_TICKET */
+
+
+TLSX* TLSX_Find(TLSX* list, TLSX_Type type)
+{
+    TLSX* extension = list;
+
+    while (extension && extension->type != type)
+        extension = extension->next;
+
+    return extension;
+}
+
+void TLSX_FreeAll(TLSX* list)
+{
+    TLSX* extension;
+
+    while ((extension = list)) {
+        list = extension->next;
+
+        switch (extension->type) {
+            case SERVER_NAME_INDICATION:
+                SNI_FREE_ALL((SNI*)extension->data);
+                break;
+
+            case MAX_FRAGMENT_LENGTH:
+                MFL_FREE_ALL(extension->data);
+                break;
+
+            case TRUNCATED_HMAC:
+                /* Nothing to do. */
+                break;
+
+            case ELLIPTIC_CURVES:
+                EC_FREE_ALL(extension->data);
+                break;
+
+            case SECURE_RENEGOTIATION:
+                SCR_FREE_ALL(extension->data);
+                break;
+
+            case SESSION_TICKET:
+                /* Nothing to do. */
+                break;
+        }
+
+        XFREE(extension, 0, DYNAMIC_TYPE_TLSX);
+    }
+}
+
+int TLSX_SupportExtensions(WOLFSSL* ssl) {
+    return ssl && (IsTLS(ssl) || ssl->version.major == DTLS_MAJOR);
+}
+
+static word16 TLSX_GetSize(TLSX* list, byte* semaphore, byte isRequest)
+{
+    TLSX* extension;
+    word16 length = 0;
+
+    while ((extension = list)) {
+        list = extension->next;
+
+        if (!isRequest && !extension->resp)
+            continue; /* skip! */
+
+        if (!IS_OFF(semaphore, TLSX_ToSemaphore(extension->type)))
+            continue; /* skip! */
+
+        /* type + data length */
+        length += HELLO_EXT_TYPE_SZ + OPAQUE16_LEN;
+
+        switch (extension->type) {
+            case SERVER_NAME_INDICATION:
+                if (isRequest)
+                    length += SNI_GET_SIZE(extension->data);
+                break;
+            case MAX_FRAGMENT_LENGTH:
+                length += MFL_GET_SIZE(extension->data);
+                break;
+
+            case TRUNCATED_HMAC:
+                /* empty extension. */
+                break;
+
+            case ELLIPTIC_CURVES:
+                length += EC_GET_SIZE(extension->data);
+                break;
+
+            case SECURE_RENEGOTIATION:
+                length += SCR_GET_SIZE(extension->data, isRequest);
+                break;
+
+            case SESSION_TICKET:
+                length += STK_GET_SIZE(extension->data, isRequest);
+                break;
+        }
+
+        TURN_ON(semaphore, TLSX_ToSemaphore(extension->type));
+    }
+
+    return length;
+}
+
+static word16 TLSX_Write(TLSX* list, byte* output, byte* semaphore,
+                                                                 byte isRequest)
+{
+    TLSX* extension;
+    word16 offset = 0;
+    word16 length_offset = 0;
+
+    while ((extension = list)) {
+        list = extension->next;
+
+        if (!isRequest && !extension->resp)
+            continue; /* skip! */
+
+        if (!IS_OFF(semaphore, TLSX_ToSemaphore(extension->type)))
+            continue; /* skip! */
+
+        /* extension type */
+        c16toa(extension->type, output + offset);
+        offset += HELLO_EXT_TYPE_SZ + OPAQUE16_LEN;
+        length_offset = offset;
+
+        /* extension data should be written internally */
+        switch (extension->type) {
+            case SERVER_NAME_INDICATION:
+                if (isRequest)
+                    offset += SNI_WRITE(extension->data, output + offset);
+                break;
+
+            case MAX_FRAGMENT_LENGTH:
+                offset += MFL_WRITE(extension->data, output + offset);
+                break;
+
+            case TRUNCATED_HMAC:
+                /* empty extension. */
+                break;
+
+            case ELLIPTIC_CURVES:
+                offset += EC_WRITE(extension->data, output + offset);
+                break;
+
+            case SECURE_RENEGOTIATION:
+                offset += SCR_WRITE(extension->data, output + offset,
+                                                                     isRequest);
+                break;
+
+            case SESSION_TICKET:
+                offset += STK_WRITE(extension->data, output + offset,
+                                                                     isRequest);
+                break;
+        }
+
+        /* writing extension data length */
+        c16toa(offset - length_offset, output + length_offset - OPAQUE16_LEN);
+
+        TURN_ON(semaphore, TLSX_ToSemaphore(extension->type));
+    }
+
+    return offset;
+}
+
+#ifndef NO_WOLFSSL_CLIENT
+
+word16 TLSX_GetRequestSize(WOLFSSL* ssl)
+{
+    word16 length = 0;
+
+    if (TLSX_SupportExtensions(ssl)) {
+        byte semaphore[SEMAPHORE_SIZE] = {0};
+
+        EC_VALIDATE_REQUEST(ssl, semaphore);
+        STK_VALIDATE_REQUEST(ssl);
+
+        if (ssl->extensions)
+            length += TLSX_GetSize(ssl->extensions, semaphore, 1);
+
+        if (ssl->ctx && ssl->ctx->extensions)
+            length += TLSX_GetSize(ssl->ctx->extensions, semaphore, 1);
+
+        if (IsAtLeastTLSv1_2(ssl) && ssl->suites->hashSigAlgoSz)
+            length += ssl->suites->hashSigAlgoSz + HELLO_EXT_LEN;
+    }
+
+    if (length)
+        length += OPAQUE16_LEN; /* for total length storage */
+
+    return length;
+}
+
+word16 TLSX_WriteRequest(WOLFSSL* ssl, byte* output)
+{
+    word16 offset = 0;
+
+    if (TLSX_SupportExtensions(ssl) && output) {
+        byte semaphore[SEMAPHORE_SIZE] = {0};
+
+        offset += OPAQUE16_LEN; /* extensions length */
+
+        EC_VALIDATE_REQUEST(ssl, semaphore);
+
+        if (ssl->extensions)
+            offset += TLSX_Write(ssl->extensions, output + offset,
+                                                                  semaphore, 1);
+
+        if (ssl->ctx && ssl->ctx->extensions)
+            offset += TLSX_Write(ssl->ctx->extensions, output + offset,
+                                                                  semaphore, 1);
+
+        if (IsAtLeastTLSv1_2(ssl) && ssl->suites->hashSigAlgoSz)
+        {
+            int i;
+            /* extension type */
+            c16toa(HELLO_EXT_SIG_ALGO, output + offset);
+            offset += HELLO_EXT_TYPE_SZ;
+
+            /* extension data length */
+            c16toa(OPAQUE16_LEN + ssl->suites->hashSigAlgoSz, output + offset);
+            offset += OPAQUE16_LEN;
+
+            /* sig algos length */
+            c16toa(ssl->suites->hashSigAlgoSz, output + offset);
+            offset += OPAQUE16_LEN;
+
+            /* sig algos */
+            for (i = 0; i < ssl->suites->hashSigAlgoSz; i++, offset++)
+                output[offset] = ssl->suites->hashSigAlgo[i];
+        }
+
+        if (offset > OPAQUE16_LEN)
+            c16toa(offset - OPAQUE16_LEN, output); /* extensions length */
+    }
+
+    return offset;
+}
+
+#endif /* NO_WOLFSSL_CLIENT */
+
+#ifndef NO_WOLFSSL_SERVER
+
+word16 TLSX_GetResponseSize(WOLFSSL* ssl)
+{
+    word16 length = 0;
+    byte semaphore[SEMAPHORE_SIZE] = {0};
+
+    if (TLSX_SupportExtensions(ssl))
+        length += TLSX_GetSize(ssl->extensions, semaphore, 0);
+
+    /* All the response data is set at the ssl object only, so no ctx here. */
+
+    if (length)
+        length += OPAQUE16_LEN; /* for total length storage */
+
+    return length;
+}
+
+word16 TLSX_WriteResponse(WOLFSSL *ssl, byte* output)
+{
+    word16 offset = 0;
+
+    if (TLSX_SupportExtensions(ssl) && output) {
+        byte semaphore[SEMAPHORE_SIZE] = {0};
+
+        offset += OPAQUE16_LEN; /* extensions length */
+
+        offset += TLSX_Write(ssl->extensions, output + offset, semaphore, 0);
+
+        if (offset > OPAQUE16_LEN)
+            c16toa(offset - OPAQUE16_LEN, output); /* extensions length */
+    }
+
+    return offset;
+}
+
+#endif /* NO_WOLFSSL_SERVER */
+
+int TLSX_Parse(WOLFSSL* ssl, byte* input, word16 length, byte isRequest,
+                                                                 Suites *suites)
+{
+    int ret = 0;
+    word16 offset = 0;
+
+    if (!ssl || !input || (isRequest && !suites))
+        return BAD_FUNC_ARG;
+
+    while (ret == 0 && offset < length) {
+        word16 type;
+        word16 size;
+
+        if (length - offset < HELLO_EXT_TYPE_SZ + OPAQUE16_LEN)
+            return BUFFER_ERROR;
+
+        ato16(input + offset, &type);
+        offset += HELLO_EXT_TYPE_SZ;
+
+        ato16(input + offset, &size);
+        offset += OPAQUE16_LEN;
+
+        if (offset + size > length)
+            return BUFFER_ERROR;
+
+        switch (type) {
+            case SERVER_NAME_INDICATION:
+                WOLFSSL_MSG("SNI extension received");
+
+                ret = SNI_PARSE(ssl, input + offset, size, isRequest);
+                break;
+
+            case MAX_FRAGMENT_LENGTH:
+                WOLFSSL_MSG("Max Fragment Length extension received");
+
+                ret = MFL_PARSE(ssl, input + offset, size, isRequest);
+                break;
+
+            case TRUNCATED_HMAC:
+                WOLFSSL_MSG("Truncated HMAC extension received");
+
+                ret = THM_PARSE(ssl, input + offset, size, isRequest);
+                break;
+
+            case ELLIPTIC_CURVES:
+                WOLFSSL_MSG("Elliptic Curves extension received");
+
+                ret = EC_PARSE(ssl, input + offset, size, isRequest);
+                break;
+
+            case SECURE_RENEGOTIATION:
+                WOLFSSL_MSG("Secure Renegotiation extension received");
+
+                ret = SCR_PARSE(ssl, input + offset, size, isRequest);
+                break;
+
+            case SESSION_TICKET:
+                WOLFSSL_MSG("Session Ticket extension received");
+
+                ret = STK_PARSE(ssl, input + offset, size, isRequest);
+                break;
+
+            case HELLO_EXT_SIG_ALGO:
+                if (isRequest) {
+                    /* do not mess with offset inside the switch! */
+                    if (IsAtLeastTLSv1_2(ssl)) {
+                        ato16(input + offset, &suites->hashSigAlgoSz);
+
+                        if (suites->hashSigAlgoSz > size - OPAQUE16_LEN)
+                            return BUFFER_ERROR;
+
+                        XMEMCPY(suites->hashSigAlgo,
+                                input + offset + OPAQUE16_LEN,
+                                min(suites->hashSigAlgoSz,
+                                                        HELLO_EXT_SIGALGO_MAX));
+                    }
+                } else {
+                    WOLFSSL_MSG("Servers MUST NOT send SIG ALGO extension.");
+                }
+
+                break;
+        }
+
+        /* offset should be updated here! */
+        offset += size;
+    }
+
+    return ret;
+}
+
+/* undefining semaphore macros */
+#undef IS_OFF
+#undef TURN_ON
+#undef SEMAPHORE_SIZE
+
+#endif
+
+
+#ifndef NO_WOLFSSL_CLIENT
+
+#ifndef NO_OLD_TLS
+
+    WOLFSSL_METHOD* wolfTLSv1_client_method(void)
+    {
+        WOLFSSL_METHOD* method =
+                             (WOLFSSL_METHOD*) XMALLOC(sizeof(WOLFSSL_METHOD), 0,
+                                                      DYNAMIC_TYPE_METHOD);
+        if (method)
+            InitSSL_Method(method, MakeTLSv1());
+        return method;
+    }
+
+
+    WOLFSSL_METHOD* wolfTLSv1_1_client_method(void)
+    {
+        WOLFSSL_METHOD* method =
+                              (WOLFSSL_METHOD*) XMALLOC(sizeof(WOLFSSL_METHOD), 0,
+                                                       DYNAMIC_TYPE_METHOD);
+        if (method)
+            InitSSL_Method(method, MakeTLSv1_1());
+        return method;
+    }
+
+#endif /* !NO_OLD_TLS */
+
+#ifndef NO_SHA256   /* can't use without SHA256 */
+
+    WOLFSSL_METHOD* wolfTLSv1_2_client_method(void)
+    {
+        WOLFSSL_METHOD* method =
+                              (WOLFSSL_METHOD*) XMALLOC(sizeof(WOLFSSL_METHOD), 0,
+                                                       DYNAMIC_TYPE_METHOD);
+        if (method)
+            InitSSL_Method(method, MakeTLSv1_2());
+        return method;
+    }
+
+#endif
+
+
+    WOLFSSL_METHOD* wolfSSLv23_client_method(void)
+    {
+        WOLFSSL_METHOD* method =
+                              (WOLFSSL_METHOD*) XMALLOC(sizeof(WOLFSSL_METHOD), 0,
+                                                       DYNAMIC_TYPE_METHOD);
+        if (method) {
+#ifndef NO_SHA256         /* 1.2 requires SHA256 */
+            InitSSL_Method(method, MakeTLSv1_2());
+#else
+            InitSSL_Method(method, MakeTLSv1_1());
+#endif
+#ifndef NO_OLD_TLS
+            method->downgrade = 1;
+#endif 
+        }
+        return method;
+    }
+
+
+#endif /* NO_WOLFSSL_CLIENT */
+
+
+
+#ifndef NO_WOLFSSL_SERVER
+
+#ifndef NO_OLD_TLS
+
+    WOLFSSL_METHOD* wolfTLSv1_server_method(void)
+    {
+        WOLFSSL_METHOD* method =
+                              (WOLFSSL_METHOD*) XMALLOC(sizeof(WOLFSSL_METHOD), 0,
+                                                       DYNAMIC_TYPE_METHOD);
+        if (method) {
+            InitSSL_Method(method, MakeTLSv1());
+            method->side = WOLFSSL_SERVER_END;
+        }
+        return method;
+    }
+
+
+    WOLFSSL_METHOD* wolfTLSv1_1_server_method(void)
+    {
+        WOLFSSL_METHOD* method =
+                              (WOLFSSL_METHOD*) XMALLOC(sizeof(WOLFSSL_METHOD), 0,
+                                                       DYNAMIC_TYPE_METHOD);
+        if (method) {
+            InitSSL_Method(method, MakeTLSv1_1());
+            method->side = WOLFSSL_SERVER_END;
+        }
+        return method;
+    }
+
+#endif /* !NO_OLD_TLS */
+
+#ifndef NO_SHA256   /* can't use without SHA256 */
+
+    WOLFSSL_METHOD* wolfTLSv1_2_server_method(void)
+    {
+        WOLFSSL_METHOD* method =
+                              (WOLFSSL_METHOD*) XMALLOC(sizeof(WOLFSSL_METHOD), 0,
+                                                       DYNAMIC_TYPE_METHOD);
+        if (method) {
+            InitSSL_Method(method, MakeTLSv1_2());
+            method->side = WOLFSSL_SERVER_END;
+        }
+        return method;
+    }
+
+#endif
+
+
+    WOLFSSL_METHOD* wolfSSLv23_server_method(void)
+    {
+        WOLFSSL_METHOD* method =
+                              (WOLFSSL_METHOD*) XMALLOC(sizeof(WOLFSSL_METHOD), 0,
+                                                       DYNAMIC_TYPE_METHOD);
+        if (method) {
+#ifndef NO_SHA256         /* 1.2 requires SHA256 */
+            InitSSL_Method(method, MakeTLSv1_2());
+#else
+            InitSSL_Method(method, MakeTLSv1_1());
+#endif
+            method->side      = WOLFSSL_SERVER_END;
+#ifndef NO_OLD_TLS
+            method->downgrade = 1;
+#endif /* !NO_OLD_TLS */
+        }
+        return method;
+    }
+
+
+
+#endif /* NO_WOLFSSL_SERVER */
+#endif /* NO_TLS */
+
diff --git a/3P/wolfssl/sslSniffer/sslSniffer.vcproj b/3P/wolfssl/sslSniffer/sslSniffer.vcproj
new file mode 100755
index 00000000..f485e87a
--- /dev/null
+++ b/3P/wolfssl/sslSniffer/sslSniffer.vcproj
@@ -0,0 +1,206 @@
+
+
+	
+		
+	
+	
+	
+	
+		
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+		
+		
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+		
+	
+	
+	
+	
+		
+			
+			
+		
+		
+			
+			
+		
+		
+			
+			
+		
+	
+	
+	
+
diff --git a/3P/wolfssl/sslSniffer/sslSniffer.vcxproj b/3P/wolfssl/sslSniffer/sslSniffer.vcxproj
new file mode 100644
index 00000000..231ed6dc
--- /dev/null
+++ b/3P/wolfssl/sslSniffer/sslSniffer.vcxproj
@@ -0,0 +1,181 @@
+
+
+  
+    
+      Debug
+      Win32
+    
+    
+      Debug
+      x64
+    
+    
+      Release
+      Win32
+    
+    
+      Release
+      x64
+    
+  
+  
+    {34FAE5A6-2B0F-4B55-86FE-0C43E4810F4D}
+    sslSniffer
+    Win32Proj
+  
+  
+  
+    DynamicLibrary
+    v110
+    Unicode
+    true
+  
+  
+    DynamicLibrary
+    v110
+    Unicode
+    true
+  
+  
+    DynamicLibrary
+    v110
+    Unicode
+  
+  
+    DynamicLibrary
+    v110
+    Unicode
+  
+  
+  
+  
+  
+    
+  
+  
+    
+  
+  
+    
+  
+  
+    
+  
+  
+  
+    <_ProjectFileVersion>11.0.61030.0
+  
+  
+    $(SolutionDir)$(Configuration)\
+    $(Configuration)\
+    true
+  
+  
+    true
+  
+  
+    $(SolutionDir)$(Configuration)\
+    $(Configuration)\
+    false
+  
+  
+    false
+  
+  
+    
+      Disabled
+      ../;%(AdditionalIncludeDirectories)
+      OPENSSL_EXTRA;WOLFSSL_RIPEMD;WOLFSSL_SHA512;NO_PSK;WOLFSSL_SNIFFER;SSL_SNIFFER_EXPORTS;%(PreprocessorDefinitions)
+      true
+      EnableFastChecks
+      MultiThreadedDebugDLL
+      
+      Level3
+      EditAndContinue
+    
+    
+      Ws2_32.lib;%(AdditionalDependencies)
+      true
+      Windows
+      MachineX86
+    
+  
+  
+    
+      Disabled
+      ../;%(AdditionalIncludeDirectories)
+      OPENSSL_EXTRA;WOLFSSL_RIPEMD;WOLFSSL_SHA512;NO_PSK;WOLFSSL_SNIFFER;SSL_SNIFFER_EXPORTS;%(PreprocessorDefinitions)
+      EnableFastChecks
+      MultiThreadedDebugDLL
+      
+      
+      Level3
+      ProgramDatabase
+    
+    
+      Ws2_32.lib;%(AdditionalDependencies)
+      true
+      Windows
+    
+  
+  
+    
+      MaxSpeed
+      true
+      ../;%(AdditionalIncludeDirectories)
+      OPENSSL_EXTRA;WOLFSSL_RIPEMD;WOLFSSL_SHA512;NO_PSK;WOLFSSL_SNIFFER;SSL_SNIFFER_EXPORTS;%(PreprocessorDefinitions)
+      MultiThreadedDLL
+      true
+      
+      Level3
+      ProgramDatabase
+    
+    
+      Ws2_32.lib;%(AdditionalDependencies)
+      true
+      Windows
+      true
+      true
+      MachineX86
+    
+  
+  
+    
+      MaxSpeed
+      true
+      ../;%(AdditionalIncludeDirectories)
+      OPENSSL_EXTRA;WOLFSSL_RIPEMD;WOLFSSL_SHA512;NO_PSK;WOLFSSL_SNIFFER;SSL_SNIFFER_EXPORTS;%(PreprocessorDefinitions)
+      MultiThreadedDLL
+      true
+      
+      
+      Level3
+      ProgramDatabase
+    
+    
+      Ws2_32.lib;%(AdditionalDependencies)
+      true
+      Windows
+      true
+      true
+    
+  
+  
+    
+  
+  
+    
+  
+  
+    
+  
+  
+    
+      {73973223-5ee8-41ca-8e88-1d60e89a237b}
+      false
+    
+  
+  
+  
+  
+
diff --git a/3P/wolfssl/sslSniffer/sslSnifferTest/include.am b/3P/wolfssl/sslSniffer/sslSnifferTest/include.am
new file mode 100644
index 00000000..222777c7
--- /dev/null
+++ b/3P/wolfssl/sslSniffer/sslSnifferTest/include.am
@@ -0,0 +1,14 @@
+# vim:ft=automake
+# included from Top Level Makefile.am
+# All paths should be given relative to the root
+
+if BUILD_SNIFFTEST
+noinst_PROGRAMS += sslSniffer/sslSnifferTest/snifftest
+sslSniffer_sslSnifferTest_snifftest_SOURCES = sslSniffer/sslSnifferTest/snifftest.c
+sslSniffer_sslSnifferTest_snifftest_LDADD        = src/libwolfssl.la -lpcap
+sslSniffer_sslSnifferTest_snifftest_DEPENDENCIES = src/libwolfssl.la
+endif
+EXTRA_DIST += sslSniffer/sslSniffer.vcproj
+EXTRA_DIST += sslSniffer/sslSniffer.vcxproj
+EXTRA_DIST += sslSniffer/sslSnifferTest/sslSniffTest.vcproj
+DISTCLEANFILES+= sslSniffer/sslSnifferTest/.libs/snifftest
diff --git a/3P/wolfssl/sslSniffer/sslSnifferTest/snifftest.c b/3P/wolfssl/sslSniffer/sslSnifferTest/snifftest.c
new file mode 100755
index 00000000..21433b93
--- /dev/null
+++ b/3P/wolfssl/sslSniffer/sslSnifferTest/snifftest.c
@@ -0,0 +1,320 @@
+/* snifftest.c
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+#ifdef HAVE_CONFIG_H
+    #include 
+#endif
+
+#include 
+
+#ifdef _WIN32
+    #define WOLFSSL_SNIFFER
+#endif
+
+#ifndef WOLFSSL_SNIFFER
+
+/* blank build */
+#include 
+#include 
+int main(void)
+{
+    printf("do ./configure --enable-sniffer to enable build support\n");
+    return EXIT_SUCCESS;
+}
+
+#else
+/* do a full build */
+
+#ifdef _MSC_VER
+	/* builds on *nix too, for scanf device and port */
+	#define _CRT_SECURE_NO_WARNINGS
+#endif
+
+#include      /* pcap stuff */
+#include          /* printf */
+#include         /* EXIT_SUCCESS */
+#include         /* strcmp */
+#include         /* signal */
+
+#include 
+
+
+#ifndef _WIN32
+    #include 
+#endif
+
+typedef unsigned char byte;
+
+enum {
+    ETHER_IF_FRAME_LEN = 14,   /* ethernet interface frame length */
+    NULL_IF_FRAME_LEN =   4,   /* no link interface frame length  */
+};
+
+
+pcap_t* pcap = NULL;
+pcap_if_t* alldevs = NULL;
+
+
+static void FreeAll(void)
+{
+    if (pcap)
+        pcap_close(pcap);
+    if (alldevs)
+        pcap_freealldevs(alldevs);
+#ifndef _WIN32
+    ssl_FreeSniffer();
+#endif
+}
+
+static void sig_handler(const int sig) 
+{
+    printf("SIGINT handled = %d.\n", sig);
+    FreeAll();
+    if (sig)
+        exit(EXIT_SUCCESS);
+}
+
+
+static void err_sys(const char* msg)
+{
+	fprintf(stderr, "%s\n", msg);
+    if (msg)
+	    exit(EXIT_FAILURE);
+}
+
+
+#ifdef _WIN32
+	#define SNPRINTF _snprintf
+#else
+	#define SNPRINTF snprintf
+#endif
+
+
+static char* iptos(unsigned int addr)
+{
+	static char    output[32];
+	byte *p = (byte*)&addr;
+
+	SNPRINTF(output, sizeof(output), "%d.%d.%d.%d", p[0], p[1], p[2], p[3]);
+
+	return output;
+}
+
+
+int main(int argc, char** argv)
+{
+    int          ret = 0;
+	int		     inum;
+	int		     port;
+    int          saveFile = 0;
+	int		     i = 0;
+    int          frame = ETHER_IF_FRAME_LEN; 
+    char         err[PCAP_ERRBUF_SIZE];
+	char         filter[32];
+	const char  *server = NULL;
+	struct       bpf_program fp;
+	pcap_if_t   *d;
+	pcap_addr_t *a;
+
+    signal(SIGINT, sig_handler);
+
+#ifndef _WIN32
+    ssl_InitSniffer();   /* dll load on Windows */
+#endif
+    ssl_Trace("./tracefile.txt", err);
+
+    if (argc == 1) {
+        /* normal case, user chooses device and port */
+
+	    if (pcap_findalldevs(&alldevs, err) == -1)
+		    err_sys("Error in pcap_findalldevs");
+
+	    for (d = alldevs; d; d=d->next) {
+		    printf("%d. %s", ++i, d->name);
+		    if (d->description)
+			    printf(" (%s)\n", d->description);
+		    else
+			    printf(" (No description available)\n");
+	    }
+
+	    if (i == 0)
+		    err_sys("No interfaces found! Make sure pcap or WinPcap is"
+                    " installed correctly and you have sufficient permissions");
+
+	    printf("Enter the interface number (1-%d): ", i);
+	    ret = scanf("%d", &inum);
+        if (ret != 1)
+            printf("scanf port failed\n");
+
+	    if (inum < 1 || inum > i)
+		    err_sys("Interface number out of range");
+
+	    /* Jump to the selected adapter */
+	    for (d = alldevs, i = 0; i < inum - 1; d = d->next, i++);
+
+	    pcap = pcap_create(d->name, err);
+
+        if (pcap == NULL) printf("pcap_create failed %s\n", err);
+
+	    /* get an IPv4 address */
+	    for (a = d->addresses; a; a = a->next) {
+		    switch(a->addr->sa_family)
+		    {
+			    case AF_INET:
+				    server = 
+                        iptos(((struct sockaddr_in *)a->addr)->sin_addr.s_addr);
+				    printf("server = %s\n", server);
+				    break;
+
+                default:
+                    break;
+		    }
+	    }
+	    if (server == NULL)
+		    err_sys("Unable to get device IPv4 address");
+
+        ret = pcap_set_snaplen(pcap, 65536);
+        if (ret != 0) printf("pcap_set_snaplen failed %s\n", pcap_geterr(pcap));
+
+        ret = pcap_set_timeout(pcap, 1000); 
+        if (ret != 0) printf("pcap_set_timeout failed %s\n", pcap_geterr(pcap));
+
+        ret = pcap_set_buffer_size(pcap, 1000000); 
+        if (ret != 0)
+		    printf("pcap_set_buffer_size failed %s\n", pcap_geterr(pcap));
+
+        ret = pcap_set_promisc(pcap, 1); 
+        if (ret != 0) printf("pcap_set_promisc failed %s\n", pcap_geterr(pcap));
+
+
+        ret = pcap_activate(pcap);
+        if (ret != 0) printf("pcap_activate failed %s\n", pcap_geterr(pcap));
+
+	    printf("Enter the port to scan: ");
+	    ret = scanf("%d", &port);
+        if (ret != 1)
+            printf("scanf port failed\n");
+
+	    SNPRINTF(filter, sizeof(filter), "tcp and port %d", port);
+
+	    ret = pcap_compile(pcap, &fp, filter, 0, 0);
+        if (ret != 0) printf("pcap_compile failed %s\n", pcap_geterr(pcap));
+
+        ret = pcap_setfilter(pcap, &fp);
+        if (ret != 0) printf("pcap_setfilter failed %s\n", pcap_geterr(pcap));
+
+        ret = ssl_SetPrivateKey(server, port, "../../certs/server-key.pem",
+                               FILETYPE_PEM, NULL, err);
+        if (ret != 0) {
+            printf("Please run directly from sslSniffer/sslSnifferTest dir\n");
+        }
+
+#ifdef HAVE_SNI
+        {
+            char altName[128];
+
+            printf("Enter alternate SNI: ");
+            ret = scanf("%s", altName);
+
+            if (strnlen(altName, 128) > 0) {
+                ret = ssl_SetNamedPrivateKey(altName,
+                                   server, port, "../../certs/server-key.pem",
+                                   FILETYPE_PEM, NULL, err);
+                if (ret != 0) {
+                    printf("Please run directly from "
+                           "sslSniffer/sslSnifferTest dir\n");
+                }
+            }
+        }
+#endif
+    }
+    else if (argc >= 3) {
+        saveFile = 1;
+        pcap = pcap_open_offline(argv[1], err);
+        if (pcap == NULL) {
+            printf("pcap_open_offline failed %s\n", err);
+            ret = -1;
+        }
+        else {
+            const char* passwd = NULL;
+            /* defaults for server and port */
+            port = 443;
+            server = "127.0.0.1";
+
+            if (argc >= 4)
+                server = argv[3];
+
+            if (argc >= 5)
+                port = atoi(argv[4]);
+
+            if (argc >= 6)
+                passwd = argv[5];
+
+            ret = ssl_SetPrivateKey(server, port, argv[2],
+                                    FILETYPE_PEM, passwd, err);
+        }
+    }
+    else {
+        /* usage error */
+        printf( "usage: ./snifftest or ./snifftest dump pemKey"
+                " [server] [port] [password]\n");
+        exit(EXIT_FAILURE);
+    }
+
+    if (ret != 0)
+        err_sys(err);
+
+    if (pcap_datalink(pcap) == DLT_NULL) 
+        frame = NULL_IF_FRAME_LEN;
+
+    while (1) {
+        static int packetNumber = 0;
+        struct pcap_pkthdr header;
+        const unsigned char* packet = pcap_next(pcap, &header);
+        packetNumber++;
+        if (packet) {
+
+            byte data[65535+16384];  /* may have a partial 16k record cached */
+
+            if (header.caplen > 40)  { /* min ip(20) + min tcp(20) */
+				packet        += frame;
+				header.caplen -= frame;					
+            }
+            else
+                continue;
+
+            ret = ssl_DecodePacket(packet, header.caplen, data, err);
+            if (ret < 0)
+                printf("ssl_Decode ret = %d, %s\n", ret, err);
+            if (ret > 0) {
+                data[ret] = 0;
+				printf("SSL App Data(%d:%d):%s\n", packetNumber, ret, data);
+            }
+        }
+        else if (saveFile)
+            break;      /* we're done reading file */
+    }
+    FreeAll();
+
+    return EXIT_SUCCESS;
+}
+
+#endif /* full build */
diff --git a/3P/wolfssl/sslSniffer/sslSnifferTest/sslSniffTest.vcproj b/3P/wolfssl/sslSniffer/sslSnifferTest/sslSniffTest.vcproj
new file mode 100755
index 00000000..ff9977fa
--- /dev/null
+++ b/3P/wolfssl/sslSniffer/sslSnifferTest/sslSniffTest.vcproj
@@ -0,0 +1,199 @@
+
+
+	
+		
+	
+	
+	
+	
+		
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+		
+		
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+		
+	
+	
+	
+	
+		
+			
+			
+		
+		
+		
+		
+		
+	
+	
+	
+
diff --git a/3P/wolfssl/stamp-h.in b/3P/wolfssl/stamp-h.in
new file mode 100644
index 00000000..e69de29b
diff --git a/3P/wolfssl/support/include.am b/3P/wolfssl/support/include.am
new file mode 100644
index 00000000..db3ed738
--- /dev/null
+++ b/3P/wolfssl/support/include.am
@@ -0,0 +1,10 @@
+# vim:ft=automake
+# All paths should be given relative to the root
+#
+
+EXTRA_DIST += support/wolfssl.pc
+
+pkgconfigdir = $(libdir)/pkgconfig
+pkgconfig_DATA = support/wolfssl.pc
+	     
+
diff --git a/3P/wolfssl/support/wolfssl.pc b/3P/wolfssl/support/wolfssl.pc
new file mode 100644
index 00000000..e840d176
--- /dev/null
+++ b/3P/wolfssl/support/wolfssl.pc
@@ -0,0 +1,10 @@
+prefix=/usr/local
+exec_prefix=${prefix}
+libdir=${exec_prefix}/lib
+includedir=${prefix}/include
+
+Name: wolfssl
+Description: wolfssl C library.
+Version: 3.4.0
+Libs: -L${libdir} -lwolfssl
+Cflags: -I${includedir}
diff --git a/3P/wolfssl/support/wolfssl.pc.in b/3P/wolfssl/support/wolfssl.pc.in
new file mode 100644
index 00000000..e8cb694f
--- /dev/null
+++ b/3P/wolfssl/support/wolfssl.pc.in
@@ -0,0 +1,10 @@
+prefix=@prefix@
+exec_prefix=@exec_prefix@
+libdir=@libdir@
+includedir=@includedir@
+
+Name: wolfssl
+Description: wolfssl C library.
+Version: @VERSION@
+Libs: -L${libdir} -lwolfssl
+Cflags: -I${includedir}
diff --git a/3P/wolfssl/swig/PythonBuild.sh b/3P/wolfssl/swig/PythonBuild.sh
new file mode 100755
index 00000000..ae4ac45f
--- /dev/null
+++ b/3P/wolfssl/swig/PythonBuild.sh
@@ -0,0 +1,9 @@
+#!/bin/bash
+echo
+swig -python wolfssl.i
+pythonIncludes=`python-config --includes`
+pythonLibs=`python-config --libs`
+gcc -c -fpic wolfssl_wrap.c -I$pythonIncludes
+gcc -c -fpic wolfssl_adds.c 
+gcc -shared -flat_namespace  wolfssl_adds.o  wolfssl_wrap.o -lwolfssl $pythonLibs -o _wolfssl.so
+python runme.py
diff --git a/3P/wolfssl/swig/README b/3P/wolfssl/swig/README
new file mode 100644
index 00000000..bd4f7f7c
--- /dev/null
+++ b/3P/wolfssl/swig/README
@@ -0,0 +1,44 @@
+
+
+Initial swig interface file
+
+Please send questions to support@wolfssl.com
+
+
+
+**Python Support**
+
+    For Linux, OS X, or *nix
+
+1) build wolfSSL with fpic on Linux, not needed on OS X
+    ./configure --disable-shared CFLAGS=-fpic
+    make
+    sudo make install
+
+
+2) start the example echoserver from the root directory
+    ./examples/echoserver/echoserver
+
+3) run ./PythonBuild.sh from this directory it will
+    a) build the swig wrapper file
+    b) compile the swig wrapper and wolfssl wrapper files
+    c) place them into a wolfssl shared library for python
+    d) run runme.py which will connect to the wolfSSL echo server, write a
+       string, then read the result and output it
+
+
+    Windows only
+
+1) Make sure the install path to wolfssl doesn't have any spaces anywhere in the
+   directory path because swig doesn't like that
+2) Have python for Windows installed, note install directory
+3) Have swigwin installed, note install directory
+4) Make sure swigwin install direcotry is added to PATH env. variable
+5) Make sure env. variables PYTHON_INCLUDE and PYTHON_LIB are set correctly e.g.
+    PYTHON_INCLUE="c:\Python26\include"
+    PYTHON_LIB="c:\Python26\libs\python26.lib"
+6) Build python_wolfssl in Release mode only, Debug build fails to find a debug
+    python library that isn't included by default
+7) The outputs _wolfssl.pyd and wolfssl.py are the wolfssl import library
+8) Can now run python runme.py from the swig directory
+
diff --git a/3P/wolfssl/swig/include.am b/3P/wolfssl/swig/include.am
new file mode 100644
index 00000000..3bd4c092
--- /dev/null
+++ b/3P/wolfssl/swig/include.am
@@ -0,0 +1,12 @@
+# vim:ft=automake
+# All paths should be given relative to the root
+
+EXTRA_DIST+= \
+	     swig/PythonBuild.sh \
+	     swig/README \
+	     swig/wolfssl.i \
+	     swig/wolfssl_adds.c \
+	     swig/python_wolfssl.vcproj \
+	     swig/rsasign.py \
+	     swig/runme.py
+
diff --git a/3P/wolfssl/swig/python_wolfssl.vcproj b/3P/wolfssl/swig/python_wolfssl.vcproj
new file mode 100755
index 00000000..6af2d367
--- /dev/null
+++ b/3P/wolfssl/swig/python_wolfssl.vcproj
@@ -0,0 +1,225 @@
+
+
+	
+		
+	
+	
+	
+	
+		
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+		
+		
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+		
+	
+	
+	
+	
+		
+			
+			
+			
+			
+		
+		
+		
+		
+		
+		
+			
+				
+			
+			
+				
+			
+		
+	
+	
+	
+
diff --git a/3P/wolfssl/swig/rsasign.py b/3P/wolfssl/swig/rsasign.py
new file mode 100644
index 00000000..c1c69d09
--- /dev/null
+++ b/3P/wolfssl/swig/rsasign.py
@@ -0,0 +1,35 @@
+# file: rsasign.py
+
+import wolfssl
+
+
+# start Random Number Generator
+rng = wolfssl.GetRng()
+if rng == None:
+    print "Couldn't get an RNG"
+    exit(-1)
+
+# load RSA private key in DER format
+key = wolfssl.GetRsaPrivateKey("../certs/client-key.der")
+if key == None:
+    print "Couldn't load DER private key file"
+    exit(-1)
+
+# Make byte Arrays and fill input
+signOutput = wolfssl.byteArray(128)   # 128 allows 1024 bit private key
+signStr    = wolfssl.byteArray(25)    # input can't be larger then key size
+                                     # 64 for 512 bit 128 for 1024 bit
+wolfssl.FillSignStr(signStr, "Everybody gets Friday off", 25)
+
+# Do RSA Sign
+signedSize = wolfssl.RsaSSL_Sign(signStr, 25, signOutput, 128, key, rng)
+
+# Show output
+print "Signed Size = ", signedSize, " signed array = ", wolfssl.cdata(signOutput, signedSize)
+
+# let's verify this worked
+signVerify = wolfssl.byteArray(signedSize)
+verifySize = wolfssl.RsaSSL_Verify(signOutput, signedSize, signVerify, signedSize, key)
+
+print "Verify Size = ", verifySize, " verify array = ", wolfssl.cdata(signVerify, verifySize)
+
diff --git a/3P/wolfssl/swig/runme.py b/3P/wolfssl/swig/runme.py
new file mode 100644
index 00000000..cb2ddf11
--- /dev/null
+++ b/3P/wolfssl/swig/runme.py
@@ -0,0 +1,40 @@
+# file: runme.py
+
+import wolfssl
+
+print ""
+print "Trying to connect to the echo server..."
+
+wolfssl.wolfSSL_Init()
+#wolfssl.wolfSSL_Debugging_ON()
+ctx = wolfssl.wolfSSL_CTX_new(wolfssl.wolfTLSv1_client_method())
+if ctx == None:
+    print "Couldn't get SSL CTX for TLSv1"
+    exit(-1)
+
+ret = wolfssl.wolfSSL_CTX_load_verify_locations(ctx, "../certs/ca-cert.pem", None)
+if ret != wolfssl.SSL_SUCCESS:
+    print "Couldn't do SSL_CTX_load_verify_locations "
+    print "error string = ", ret
+    exit(-1)
+
+ssl = wolfssl.wolfSSL_new(ctx)
+ret = wolfssl.wolfSSL_swig_connect(ssl, "localhost", 11111)
+
+if ret != wolfssl.SSL_SUCCESS:
+    print "Couldn't do SSL connect"
+    err    = wolfssl.wolfSSL_get_error(ssl, 0)
+    print "error string = ", wolfssl.wolfSSL_error_string(err)
+    exit(-1)
+
+print "...Connected"
+written = wolfssl.wolfSSL_write(ssl, "hello from python\r\n", 19)
+
+if written > 0:
+    print "Wrote ", written, " bytes"
+
+byteArray = wolfssl.byteArray(100)
+readBytes = wolfssl.wolfSSL_read(ssl, byteArray, 100)
+
+print "server reply: ", wolfssl.cdata(byteArray, readBytes)
+
diff --git a/3P/wolfssl/swig/wolfssl.i b/3P/wolfssl/swig/wolfssl.i
new file mode 100644
index 00000000..45dc693d
--- /dev/null
+++ b/3P/wolfssl/swig/wolfssl.i
@@ -0,0 +1,63 @@
+/* wolfssl.i
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+%module wolfssl
+%{
+    #include 
+    #include 
+
+    /* defn adds */
+    char* wolfSSL_error_string(int err);
+    int   wolfSSL_swig_connect(WOLFSSL*, const char* server, int port);
+    RNG*  GetRng(void);
+    RsaKey* GetRsaPrivateKey(const char* file);
+    void    FillSignStr(unsigned char*, const char*, int);
+%}
+
+
+WOLFSSL_METHOD* wolfTLSv1_client_method(void);
+WOLFSSL_CTX*    wolfSSL_CTX_new(WOLFSSL_METHOD*);
+int             wolfSSL_CTX_load_verify_locations(WOLFSSL_CTX*, const char*, const char*);
+WOLFSSL*        wolfSSL_new(WOLFSSL_CTX*);
+int             wolfSSL_get_error(WOLFSSL*, int);
+int             wolfSSL_write(WOLFSSL*, const char*, int);
+int             wolfSSL_Debugging_ON(void);
+int             wolfSSL_Init(void);
+char*           wolfSSL_error_string(int);
+int             wolfSSL_swig_connect(WOLFSSL*, const char* server, int port);
+
+int         wc_RsaSSL_Sign(const unsigned char* in, int inLen, unsigned char* out, int outLen, RsaKey* key, RNG* rng);
+
+int         wc_RsaSSL_Verify(const unsigned char* in, int inLen, unsigned char* out, int outLen, RsaKey* key);
+
+RNG* GetRng(void);
+RsaKey* GetRsaPrivateKey(const char* file);
+void    FillSignStr(unsigned char*, const char*, int);
+
+%include carrays.i
+%include cdata.i
+%array_class(unsigned char, byteArray);
+int         wolfSSL_read(WOLFSSL*, unsigned char*, int);
+
+
+#define    SSL_FAILURE      0
+#define    SSL_SUCCESS      1
+
diff --git a/3P/wolfssl/swig/wolfssl_adds.c b/3P/wolfssl/swig/wolfssl_adds.c
new file mode 100644
index 00000000..e12ccac7
--- /dev/null
+++ b/3P/wolfssl/swig/wolfssl_adds.c
@@ -0,0 +1,234 @@
+/* wolfssl_adds.c
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+#ifdef HAVE_CONFIG_H
+    #include 
+#endif
+
+#include 
+
+#ifndef _WIN32
+    #define HAVE_CONFIG_H
+#endif
+
+#include 
+#include 
+#include 
+
+#include 
+#include 
+#include 
+#include 
+
+#ifdef _WIN32
+    #include 
+    #include 
+    #ifdef TEST_IPV6            /* don't require newer SDK for IPV4 */
+	    #include 
+        #include 
+    #endif
+    #define SOCKET_T int
+#else
+    #include 
+    #include 
+    #include 
+    #include 
+    #include 
+    #include 
+    #include 
+    #include 
+    #include 
+    #include 
+    #ifdef NON_BLOCKING
+        #include 
+    #endif
+    #ifdef TEST_IPV6
+        #include 
+    #endif
+    #define SOCKET_T unsigned int
+#endif /* _WIN32 */
+
+#ifdef _MSC_VER
+    /* disable conversion warning */
+    /* 4996 warning to use MS extensions e.g., strcpy_s instead of strncpy */
+    #pragma warning(disable:4244 4996)
+#endif
+
+#if defined(__MACH__) || defined(_WIN32)
+    #ifndef _SOCKLEN_T
+        typedef int socklen_t;
+    #endif
+#endif
+
+
+/* HPUX doesn't use socklent_t for third parameter to accept */
+#if !defined(__hpux__)
+    typedef socklen_t* ACCEPT_THIRD_T;
+#else
+    typedef int*       ACCEPT_THIRD_T;
+#endif
+
+
+#ifdef _WIN32
+    #define CloseSocket(s) closesocket(s)
+    #define StartTCP() { WSADATA wsd; WSAStartup(0x0002, &wsd); }
+#else
+    #define CloseSocket(s) close(s)
+    #define StartTCP()
+#endif
+
+
+#ifdef TEST_IPV6
+    typedef struct sockaddr_in6 SOCKADDR_IN_T;
+    #define AF_INET_V    AF_INET6
+#else
+    typedef struct sockaddr_in  SOCKADDR_IN_T;
+    #define AF_INET_V    AF_INET
+#endif
+
+
+enum {
+    SSL_BLOCKING    = 2,
+    SSL_NONBLOCKING = 4
+};
+
+
+static int tcp_socket(SOCKET_T* sockfd, SOCKADDR_IN_T* addr, const char* peer,
+                       short port)
+{
+    const char* host = peer;
+
+    /* peer could be in human readable form */
+    if (isalpha(peer[0])) {
+        struct hostent* entry = gethostbyname(peer);
+
+        if (entry) {
+            struct sockaddr_in tmp;
+            memset(&tmp, 0, sizeof(struct sockaddr_in));
+            memcpy(&tmp.sin_addr.s_addr, entry->h_addr_list[0],entry->h_length);
+            host = inet_ntoa(tmp.sin_addr);
+        }
+        else
+            return -1;   /* no entry for host */
+    }
+
+    *sockfd = socket(AF_INET, SOCK_STREAM, 0);
+    memset(addr, 0, sizeof(SOCKADDR_IN_T));
+
+    addr->sin_family = AF_INET;
+    addr->sin_port = htons(port);
+    addr->sin_addr.s_addr = inet_addr(host);
+
+#ifdef SO_NOSIGPIPE
+    {
+        int on = 1;
+        socklen_t len = sizeof(on);
+        setsockopt(*sockfd, SOL_SOCKET, SO_NOSIGPIPE, &on, len);
+    }
+#endif
+
+    return 0;
+}
+
+
+static int tcp_connect(SOCKET_T* sockfd, const char* ip, short port)
+{
+    SOCKADDR_IN_T addr;
+    int ret = tcp_socket(sockfd, &addr, ip, port);
+    if (ret != 0) return ret;
+
+    if (connect(*sockfd, (const struct sockaddr*)&addr, sizeof(addr)) != 0)
+        return -2; /* can't connect */
+
+    return 0;
+}
+
+
+int wolfSSL_swig_connect(WOLFSSL* ssl, const char* server, int port)
+{
+    SOCKET_T sockfd;
+    int ret = tcp_connect(&sockfd, server, port);
+    if (ret != 0) return ret;
+
+    wolfSSL_set_fd(ssl, sockfd);
+
+    return wolfSSL_connect(ssl);
+}
+
+
+char* wolfSSL_error_string(int err)
+{
+    static char buffer[WOLFSSL_MAX_ERROR_SZ];
+
+    return wolfSSL_ERR_error_string(err, buffer);
+}
+
+
+RNG* GetRng(void)
+{
+    RNG* rng = (RNG*)malloc(sizeof(RNG));
+
+    if (rng)
+        if (wc_InitRng(rng) != 0) {
+            free(rng);
+            rng = 0;
+        }
+
+    return rng;
+}
+
+
+RsaKey* GetRsaPrivateKey(const char* keyFile)
+{
+    RsaKey* key = (RsaKey*)malloc(sizeof(RsaKey));
+
+    if (key) {
+        byte   tmp[1024];
+        size_t bytes;
+        int    ret;
+        word32 idx = 0;
+        FILE*  file = fopen(keyFile, "rb");
+
+        if (!file) {
+            free(key);
+            return 0;
+        }
+
+        bytes = fread(tmp, 1, sizeof(tmp), file);
+        fclose(file);
+        wc_InitRsaKey(key, 0);
+
+        ret = wc_RsaPrivateKeyDecode(tmp, &idx, key, (word32)bytes);
+        if (ret != 0) {
+            wc_FreeRsaKey(key);
+            free(key);
+            return 0;
+        }
+    }
+    return key;
+}
+
+
+void FillSignStr(unsigned char* dst, const char* src, int size)
+{
+    memcpy(dst, src, size);
+}
+
diff --git a/3P/wolfssl/tests/api.c b/3P/wolfssl/tests/api.c
new file mode 100644
index 00000000..cc308a50
--- /dev/null
+++ b/3P/wolfssl/tests/api.c
@@ -0,0 +1,1174 @@
+/* api.c API unit tests
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+/*----------------------------------------------------------------------------*
+ | Includes
+ *----------------------------------------------------------------------------*/
+
+#ifdef HAVE_CONFIG_H
+    #include 
+#endif
+
+#include 
+#ifdef HAVE_ECC
+    #include    /* wc_ecc_fp_free */
+#endif
+#include 
+
+#include 
+#include   /* compatibility layer */
+#include 
+#include 
+
+/*----------------------------------------------------------------------------*
+ | Constants
+ *----------------------------------------------------------------------------*/
+
+#define TEST_SUCCESS    (1)
+#define TEST_FAIL       (0)
+
+#define testingFmt "   %s:"
+#define resultFmt  " %s\n"
+static const char* passed = "passed";
+static const char* failed = "failed";
+
+#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS)
+static const char* bogusFile  = "/dev/null";
+#endif
+
+/*----------------------------------------------------------------------------*
+ | Setup
+ *----------------------------------------------------------------------------*/
+
+static int test_wolfSSL_Init(void)
+{
+    int result;
+
+    printf(testingFmt, "wolfSSL_Init()");
+    result = wolfSSL_Init();
+    printf(resultFmt, result == SSL_SUCCESS ? passed : failed);
+
+    return result;
+}
+
+
+static int test_wolfSSL_Cleanup(void)
+{
+    int result;
+
+    printf(testingFmt, "wolfSSL_Cleanup()");
+    result = wolfSSL_Cleanup();
+    printf(resultFmt, result == SSL_SUCCESS ? passed : failed);
+
+    return result;
+}
+
+/*----------------------------------------------------------------------------*
+ | Method Allocators
+ *----------------------------------------------------------------------------*/
+
+static void test_wolfSSL_Method_Allocators(void)
+{
+    #define TEST_METHOD_ALLOCATOR(allocator, condition) \
+        do {                                            \
+            WOLFSSL_METHOD *method;                      \
+            condition(method = allocator());            \
+            XFREE(method, 0, DYNAMIC_TYPE_METHOD);      \
+        } while(0)
+
+    #define TEST_VALID_METHOD_ALLOCATOR(a) \
+            TEST_METHOD_ALLOCATOR(a, AssertNotNull)
+
+    #define TEST_INVALID_METHOD_ALLOCATOR(a) \
+            TEST_METHOD_ALLOCATOR(a, AssertNull)
+
+#ifndef NO_OLD_TLS
+    TEST_VALID_METHOD_ALLOCATOR(wolfSSLv3_server_method);
+    TEST_VALID_METHOD_ALLOCATOR(wolfSSLv3_client_method);
+    TEST_VALID_METHOD_ALLOCATOR(wolfTLSv1_server_method);
+    TEST_VALID_METHOD_ALLOCATOR(wolfTLSv1_client_method);
+    TEST_VALID_METHOD_ALLOCATOR(wolfTLSv1_1_server_method);
+    TEST_VALID_METHOD_ALLOCATOR(wolfTLSv1_1_client_method);
+#endif
+    TEST_VALID_METHOD_ALLOCATOR(wolfTLSv1_2_server_method);
+    TEST_VALID_METHOD_ALLOCATOR(wolfTLSv1_2_client_method);
+    TEST_VALID_METHOD_ALLOCATOR(wolfSSLv23_client_method);
+
+#ifdef WOLFSSL_DTLS
+    TEST_VALID_METHOD_ALLOCATOR(wolfDTLSv1_server_method);
+    TEST_VALID_METHOD_ALLOCATOR(wolfDTLSv1_client_method);
+    TEST_VALID_METHOD_ALLOCATOR(wolfDTLSv1_2_server_method);
+    TEST_VALID_METHOD_ALLOCATOR(wolfDTLSv1_2_client_method);
+#endif
+
+#ifdef OPENSSL_EXTRA
+    TEST_INVALID_METHOD_ALLOCATOR(wolfSSLv2_server_method);
+    TEST_INVALID_METHOD_ALLOCATOR(wolfSSLv2_client_method);
+#endif
+}
+
+/*----------------------------------------------------------------------------*
+ | Context
+ *----------------------------------------------------------------------------*/
+
+static void test_wolfSSL_CTX_new(WOLFSSL_METHOD *method)
+{
+    WOLFSSL_CTX *ctx;
+    
+    AssertNull(ctx = wolfSSL_CTX_new(NULL));
+    
+    AssertNotNull(method);
+    AssertNotNull(ctx = wolfSSL_CTX_new(method));
+
+    wolfSSL_CTX_free(ctx);
+}
+
+
+static void test_wolfSSL_CTX_use_certificate_file(void)
+{
+#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS)
+    WOLFSSL_CTX *ctx;
+
+    AssertNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()));
+
+    /* invalid context */
+    AssertFalse(wolfSSL_CTX_use_certificate_file(NULL, svrCert, 
+                                                             SSL_FILETYPE_PEM));
+    /* invalid cert file */
+    AssertFalse(wolfSSL_CTX_use_certificate_file(ctx, bogusFile, 
+                                                             SSL_FILETYPE_PEM));
+    /* invalid cert type */
+    AssertFalse(wolfSSL_CTX_use_certificate_file(ctx, svrCert, 9999));
+
+#ifdef NO_RSA
+    /* rsa needed */
+    AssertFalse(wolfSSL_CTX_use_certificate_file(ctx, svrCert,SSL_FILETYPE_PEM));
+#else
+    /* success */
+    AssertTrue(wolfSSL_CTX_use_certificate_file(ctx, svrCert, SSL_FILETYPE_PEM));
+#endif
+
+    wolfSSL_CTX_free(ctx);
+#endif
+}
+
+
+static void test_wolfSSL_CTX_use_PrivateKey_file(void)
+{
+#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS)
+    WOLFSSL_CTX *ctx;
+
+    AssertNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()));
+
+    /* invalid context */
+    AssertFalse(wolfSSL_CTX_use_PrivateKey_file(NULL, svrKey, 
+                                                             SSL_FILETYPE_PEM));
+    /* invalid key file */
+    AssertFalse(wolfSSL_CTX_use_PrivateKey_file(ctx, bogusFile, 
+                                                             SSL_FILETYPE_PEM));
+    /* invalid key type */
+    AssertFalse(wolfSSL_CTX_use_PrivateKey_file(ctx, svrKey, 9999));
+
+    /* success */
+#ifdef NO_RSA
+    /* rsa needed */
+    AssertFalse(wolfSSL_CTX_use_PrivateKey_file(ctx, svrKey, SSL_FILETYPE_PEM));
+#else
+    /* success */
+    AssertTrue(wolfSSL_CTX_use_PrivateKey_file(ctx, svrKey, SSL_FILETYPE_PEM));
+#endif
+
+    wolfSSL_CTX_free(ctx);
+#endif
+}
+
+
+static void test_wolfSSL_CTX_load_verify_locations(void)
+{
+#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS)
+    WOLFSSL_CTX *ctx;
+
+    AssertNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
+    
+    /* invalid context */
+    AssertFalse(wolfSSL_CTX_load_verify_locations(NULL, caCert, 0));
+
+    /* invalid ca file */
+    AssertFalse(wolfSSL_CTX_load_verify_locations(ctx, NULL,      0));
+    AssertFalse(wolfSSL_CTX_load_verify_locations(ctx, bogusFile, 0));
+
+#ifndef WOLFSSL_TIRTOS
+    /* invalid path */
+    /* not working... investigate! */
+    /* AssertFalse(wolfSSL_CTX_load_verify_locations(ctx, caCert, bogusFile)); */
+#endif
+
+    /* success */
+    AssertTrue(wolfSSL_CTX_load_verify_locations(ctx, caCert, 0));
+
+    wolfSSL_CTX_free(ctx);
+#endif
+}
+
+/*----------------------------------------------------------------------------*
+ | SSL
+ *----------------------------------------------------------------------------*/
+
+static void test_server_wolfSSL_new(void)
+{
+#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_RSA)
+    WOLFSSL_CTX *ctx;
+    WOLFSSL_CTX *ctx_nocert;
+    WOLFSSL *ssl;
+
+    AssertNotNull(ctx_nocert = wolfSSL_CTX_new(wolfSSLv23_server_method()));
+    AssertNotNull(ctx        = wolfSSL_CTX_new(wolfSSLv23_server_method()));
+
+    AssertTrue(wolfSSL_CTX_use_certificate_file(ctx, svrCert, SSL_FILETYPE_PEM));
+    AssertTrue(wolfSSL_CTX_use_PrivateKey_file(ctx, svrKey, SSL_FILETYPE_PEM));
+
+    /* invalid context */
+    AssertNull(ssl = wolfSSL_new(NULL));
+    AssertNull(ssl = wolfSSL_new(ctx_nocert));
+
+    /* success */
+    AssertNotNull(ssl = wolfSSL_new(ctx));
+
+    wolfSSL_free(ssl);
+    wolfSSL_CTX_free(ctx);
+    wolfSSL_CTX_free(ctx_nocert);
+#endif
+}
+
+
+static void test_client_wolfSSL_new(void)
+{
+#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_RSA)
+    WOLFSSL_CTX *ctx;
+    WOLFSSL_CTX *ctx_nocert;
+    WOLFSSL *ssl;
+
+    AssertNotNull(ctx_nocert = wolfSSL_CTX_new(wolfSSLv23_client_method()));
+    AssertNotNull(ctx        = wolfSSL_CTX_new(wolfSSLv23_client_method()));
+
+    AssertTrue(wolfSSL_CTX_load_verify_locations(ctx, caCert, 0));
+    
+    /* invalid context */
+    AssertNull(ssl = wolfSSL_new(NULL));
+
+    /* success */
+    AssertNotNull(ssl = wolfSSL_new(ctx_nocert));
+    wolfSSL_free(ssl);
+    
+    /* success */
+    AssertNotNull(ssl = wolfSSL_new(ctx));
+    wolfSSL_free(ssl);
+    
+    wolfSSL_CTX_free(ctx);
+    wolfSSL_CTX_free(ctx_nocert);
+#endif
+}
+
+/*----------------------------------------------------------------------------*
+ | IO
+ *----------------------------------------------------------------------------*/
+#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && \
+    !defined(NO_RSA)        && !defined(SINGLE_THREADED)
+#define HAVE_IO_TESTS_DEPENDENCIES
+#endif
+
+/* helper functions */
+#ifdef HAVE_IO_TESTS_DEPENDENCIES
+static THREAD_RETURN WOLFSSL_THREAD test_server_nofail(void* args)
+{
+    SOCKET_T sockfd = 0;
+    SOCKET_T clientfd = 0;
+    word16 port = yasslPort;
+
+    WOLFSSL_METHOD* method = 0;
+    WOLFSSL_CTX* ctx = 0;
+    WOLFSSL* ssl = 0;
+
+    char msg[] = "I hear you fa shizzle!";
+    char input[1024];
+    int idx;
+
+#ifdef WOLFSSL_TIRTOS
+    fdOpenSession(Task_self());
+#endif
+
+    ((func_args*)args)->return_code = TEST_FAIL;
+    method = wolfSSLv23_server_method();
+    ctx = wolfSSL_CTX_new(method);
+
+#if defined(NO_MAIN_DRIVER) && !defined(USE_WINDOWS_API) && \
+   !defined(WOLFSSL_SNIFFER) && !defined(WOLFSSL_MDK_SHELL) && \
+   !defined(WOLFSSL_TIRTOS)
+    port = 0;
+#endif
+
+    wolfSSL_CTX_set_verify(ctx,
+                          SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT, 0);
+
+#ifdef OPENSSL_EXTRA
+    wolfSSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack);
+#endif
+
+    if (wolfSSL_CTX_load_verify_locations(ctx, cliCert, 0) != SSL_SUCCESS)
+    {
+        /*err_sys("can't load ca file, Please run from wolfSSL home dir");*/
+        goto done;
+    }
+    if (wolfSSL_CTX_use_certificate_file(ctx, svrCert, SSL_FILETYPE_PEM)
+            != SSL_SUCCESS)
+    {
+        /*err_sys("can't load server cert chain file, "
+                "Please run from wolfSSL home dir");*/
+        goto done;
+    }
+    if (wolfSSL_CTX_use_PrivateKey_file(ctx, svrKey, SSL_FILETYPE_PEM)
+            != SSL_SUCCESS)
+    {
+        /*err_sys("can't load server key file, "
+                "Please run from wolfSSL home dir");*/
+        goto done;
+    }
+    
+    ssl = wolfSSL_new(ctx);
+    tcp_accept(&sockfd, &clientfd, (func_args*)args, port, 0, 0, 0);
+    CloseSocket(sockfd);
+
+    wolfSSL_set_fd(ssl, clientfd);
+
+#ifdef NO_PSK
+    #if !defined(NO_FILESYSTEM) && !defined(NO_DH)
+        wolfSSL_SetTmpDH_file(ssl, dhParam, SSL_FILETYPE_PEM);
+    #elif !defined(NO_DH)
+        SetDH(ssl);  /* will repick suites with DHE, higher priority than PSK */
+    #endif
+#endif
+
+    if (wolfSSL_accept(ssl) != SSL_SUCCESS)
+    {
+        int err = wolfSSL_get_error(ssl, 0);
+        char buffer[WOLFSSL_MAX_ERROR_SZ];
+        printf("error = %d, %s\n", err, wolfSSL_ERR_error_string(err, buffer));
+        /*err_sys("SSL_accept failed");*/
+        goto done;
+    }
+
+    idx = wolfSSL_read(ssl, input, sizeof(input)-1);
+    if (idx > 0) {
+        input[idx] = 0;
+        printf("Client message: %s\n", input);
+    }
+    
+    if (wolfSSL_write(ssl, msg, sizeof(msg)) != sizeof(msg))
+    {
+        /*err_sys("SSL_write failed");*/
+#ifdef WOLFSSL_TIRTOS
+        return;
+#else
+        return 0;
+#endif
+    }
+
+#ifdef WOLFSSL_TIRTOS
+    Task_yield();
+#endif
+
+done:
+    wolfSSL_shutdown(ssl);
+    wolfSSL_free(ssl);
+    wolfSSL_CTX_free(ctx);
+    
+    CloseSocket(clientfd);
+    ((func_args*)args)->return_code = TEST_SUCCESS;
+
+#ifdef WOLFSSL_TIRTOS
+    fdCloseSession(Task_self());
+#endif
+
+#if defined(NO_MAIN_DRIVER) && defined(HAVE_ECC) && defined(FP_ECC) \
+                            && defined(HAVE_THREAD_LS)
+    wc_ecc_fp_free();  /* free per thread cache */
+#endif
+
+#ifndef WOLFSSL_TIRTOS
+    return 0;
+#endif
+}
+
+
+static void test_client_nofail(void* args)
+{
+    SOCKET_T sockfd = 0;
+
+    WOLFSSL_METHOD*  method  = 0;
+    WOLFSSL_CTX*     ctx     = 0;
+    WOLFSSL*         ssl     = 0;
+
+    char msg[64] = "hello wolfssl!";
+    char reply[1024];
+    int  input;
+    int  msgSz = (int)strlen(msg);
+
+#ifdef WOLFSSL_TIRTOS
+    fdOpenSession(Task_self());
+#endif
+
+    ((func_args*)args)->return_code = TEST_FAIL;
+    method = wolfSSLv23_client_method();
+    ctx = wolfSSL_CTX_new(method);
+
+#ifdef OPENSSL_EXTRA
+    wolfSSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack);
+#endif
+
+    if (wolfSSL_CTX_load_verify_locations(ctx, caCert, 0) != SSL_SUCCESS)
+    {
+        /* err_sys("can't load ca file, Please run from wolfSSL home dir");*/
+        goto done2;
+    }
+    if (wolfSSL_CTX_use_certificate_file(ctx, cliCert, SSL_FILETYPE_PEM)
+            != SSL_SUCCESS)
+    {
+        /*err_sys("can't load client cert file, "
+                "Please run from wolfSSL home dir");*/
+        goto done2;
+    }
+    if (wolfSSL_CTX_use_PrivateKey_file(ctx, cliKey, SSL_FILETYPE_PEM)
+            != SSL_SUCCESS)
+    {
+        /*err_sys("can't load client key file, "
+                "Please run from wolfSSL home dir");*/
+        goto done2;
+    }
+
+    tcp_connect(&sockfd, yasslIP, ((func_args*)args)->signal->port, 0);
+
+    ssl = wolfSSL_new(ctx);
+    wolfSSL_set_fd(ssl, sockfd);
+    if (wolfSSL_connect(ssl) != SSL_SUCCESS)
+    {
+        int  err = wolfSSL_get_error(ssl, 0);
+        char buffer[WOLFSSL_MAX_ERROR_SZ];
+        printf("err = %d, %s\n", err, wolfSSL_ERR_error_string(err, buffer));
+        /*printf("SSL_connect failed");*/
+        goto done2;
+    }
+
+    if (wolfSSL_write(ssl, msg, msgSz) != msgSz)
+    {
+        /*err_sys("SSL_write failed");*/
+        goto done2;
+    }
+
+    input = wolfSSL_read(ssl, reply, sizeof(reply)-1);
+    if (input > 0)
+    {
+        reply[input] = 0;
+        printf("Server response: %s\n", reply);
+    }
+
+done2:
+    wolfSSL_free(ssl);
+    wolfSSL_CTX_free(ctx);
+    
+    CloseSocket(sockfd);
+    ((func_args*)args)->return_code = TEST_SUCCESS;
+
+#ifdef WOLFSSL_TIRTOS
+    fdCloseSession(Task_self());
+#endif
+
+    return;
+}
+
+/* SNI helper functions */
+#ifdef HAVE_SNI
+
+static THREAD_RETURN WOLFSSL_THREAD run_wolfssl_server(void* args)
+{
+    callback_functions* callbacks = ((func_args*)args)->callbacks;
+
+    WOLFSSL_CTX* ctx = wolfSSL_CTX_new(callbacks->method());
+    WOLFSSL*     ssl = NULL;
+    SOCKET_T    sfd = 0;
+    SOCKET_T    cfd = 0;
+    word16      port = yasslPort;
+
+    char msg[] = "I hear you fa shizzle!";
+    int  len   = (int) XSTRLEN(msg);
+    char input[1024];
+    int  idx;
+
+#ifdef WOLFSSL_TIRTOS
+    fdOpenSession(Task_self());
+#endif
+    ((func_args*)args)->return_code = TEST_FAIL;
+
+#if defined(NO_MAIN_DRIVER) && !defined(USE_WINDOWS_API) && \
+   !defined(WOLFSSL_SNIFFER) && !defined(WOLFSSL_MDK_SHELL) && \
+   !defined(WOLFSSL_TIRTOS)
+    port = 0;
+#endif
+
+    wolfSSL_CTX_set_verify(ctx,
+                          SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT, 0);
+
+#ifdef OPENSSL_EXTRA
+    wolfSSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack);
+#endif
+
+
+    AssertIntEQ(SSL_SUCCESS, wolfSSL_CTX_load_verify_locations(ctx, cliCert, 0));
+
+    AssertIntEQ(SSL_SUCCESS,
+               wolfSSL_CTX_use_certificate_file(ctx, svrCert, SSL_FILETYPE_PEM));
+
+    AssertIntEQ(SSL_SUCCESS,
+                 wolfSSL_CTX_use_PrivateKey_file(ctx, svrKey, SSL_FILETYPE_PEM));
+
+    if (callbacks->ctx_ready)
+        callbacks->ctx_ready(ctx);
+
+    ssl = wolfSSL_new(ctx);
+
+    tcp_accept(&sfd, &cfd, (func_args*)args, port, 0, 0, 0);
+    CloseSocket(sfd);
+
+    wolfSSL_set_fd(ssl, cfd);
+
+#ifdef NO_PSK
+    #if !defined(NO_FILESYSTEM) && !defined(NO_DH)
+        wolfSSL_SetTmpDH_file(ssl, dhParam, SSL_FILETYPE_PEM);
+    #elif !defined(NO_DH)
+        SetDH(ssl);  /* will repick suites with DHE, higher priority than PSK */
+    #endif
+#endif
+
+    if (callbacks->ssl_ready)
+        callbacks->ssl_ready(ssl);
+
+    /* AssertIntEQ(SSL_SUCCESS, wolfSSL_accept(ssl)); */
+    if (wolfSSL_accept(ssl) != SSL_SUCCESS) {
+        int err = wolfSSL_get_error(ssl, 0);
+        char buffer[WOLFSSL_MAX_ERROR_SZ];
+        printf("error = %d, %s\n", err, wolfSSL_ERR_error_string(err, buffer));
+
+    } else {
+        if (0 < (idx = wolfSSL_read(ssl, input, sizeof(input)-1))) {
+            input[idx] = 0;
+            printf("Client message: %s\n", input);
+        }
+
+        AssertIntEQ(len, wolfSSL_write(ssl, msg, len));
+#ifdef WOLFSSL_TIRTOS
+        Task_yield();
+#endif
+        wolfSSL_shutdown(ssl);
+    }
+
+    if (callbacks->on_result)
+        callbacks->on_result(ssl);
+
+    wolfSSL_free(ssl);
+    wolfSSL_CTX_free(ctx);
+    CloseSocket(cfd);
+
+    ((func_args*)args)->return_code = TEST_SUCCESS;
+
+#ifdef WOLFSSL_TIRTOS
+    fdCloseSession(Task_self());
+#endif
+
+#if defined(NO_MAIN_DRIVER) && defined(HAVE_ECC) && defined(FP_ECC) \
+                            && defined(HAVE_THREAD_LS)
+    wc_ecc_fp_free();  /* free per thread cache */
+#endif
+
+#ifndef WOLFSSL_TIRTOS
+    return 0;
+#endif
+}
+
+
+static void run_wolfssl_client(void* args)
+{
+    callback_functions* callbacks = ((func_args*)args)->callbacks;
+
+    WOLFSSL_CTX* ctx = wolfSSL_CTX_new(callbacks->method());
+    WOLFSSL*     ssl = NULL;
+    SOCKET_T    sfd = 0;
+
+    char msg[] = "hello wolfssl server!";
+    int  len   = (int) XSTRLEN(msg);
+    char input[1024];
+    int  idx;
+
+#ifdef WOLFSSL_TIRTOS
+    fdOpenSession(Task_self());
+#endif
+
+    ((func_args*)args)->return_code = TEST_FAIL;
+
+#ifdef OPENSSL_EXTRA
+    wolfSSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack);
+#endif
+
+    AssertIntEQ(SSL_SUCCESS, wolfSSL_CTX_load_verify_locations(ctx, caCert, 0));
+
+    AssertIntEQ(SSL_SUCCESS,
+               wolfSSL_CTX_use_certificate_file(ctx, cliCert, SSL_FILETYPE_PEM));
+
+    AssertIntEQ(SSL_SUCCESS,
+                 wolfSSL_CTX_use_PrivateKey_file(ctx, cliKey, SSL_FILETYPE_PEM));
+
+    if (callbacks->ctx_ready)
+        callbacks->ctx_ready(ctx);
+
+    tcp_connect(&sfd, yasslIP, ((func_args*)args)->signal->port, 0);
+
+    ssl = wolfSSL_new(ctx);
+    wolfSSL_set_fd(ssl, sfd);
+
+    if (callbacks->ssl_ready)
+        callbacks->ssl_ready(ssl);
+
+    if (wolfSSL_connect(ssl) != SSL_SUCCESS) {
+        int err = wolfSSL_get_error(ssl, 0);
+        char buffer[WOLFSSL_MAX_ERROR_SZ];
+        printf("error = %d, %s\n", err, wolfSSL_ERR_error_string(err, buffer));
+
+    } else {
+        AssertIntEQ(len, wolfSSL_write(ssl, msg, len));
+
+        if (0 < (idx = wolfSSL_read(ssl, input, sizeof(input)-1))) {
+            input[idx] = 0;
+            printf("Server response: %s\n", input);
+        }
+    }
+
+    if (callbacks->on_result)
+        callbacks->on_result(ssl);
+
+    wolfSSL_free(ssl);
+    wolfSSL_CTX_free(ctx);
+    CloseSocket(sfd);
+    ((func_args*)args)->return_code = TEST_SUCCESS;
+
+#ifdef WOLFSSL_TIRTOS
+    fdCloseSession(Task_self());
+#endif
+}
+
+#endif /* HAVE_SNI */
+#endif /* io tests dependencies */
+
+
+static void test_wolfSSL_read_write(void)
+{
+#ifdef HAVE_IO_TESTS_DEPENDENCIES
+    /* The unit testing for read and write shall happen simutaneously, since
+     * one can't do anything with one without the other. (Except for a failure
+     * test case.) This function will call all the others that will set up,
+     * execute, and report their test findings.
+     *
+     * Set up the success case first. This function will become the template
+     * for the other tests. This should eventually be renamed
+     *
+     * The success case isn't interesting, how can this fail?
+     * - Do not give the client context a CA certificate. The connect should
+     *   fail. Do not need server for this?
+     * - Using NULL for the ssl object on server. Do not need client for this.
+     * - Using NULL for the ssl object on client. Do not need server for this.
+     * - Good ssl objects for client and server. Client write() without server
+     *   read().
+     * - Good ssl objects for client and server. Server write() without client
+     *   read().
+     * - Forgetting the password callback?
+    */
+    tcp_ready ready;
+    func_args client_args;
+    func_args server_args;
+    THREAD_TYPE serverThread;
+
+#ifdef WOLFSSL_TIRTOS
+    fdOpenSession(Task_self());
+#endif
+
+    StartTCP();
+    InitTcpReady(&ready);
+    
+    server_args.signal = &ready;
+    client_args.signal = &ready;
+    
+    start_thread(test_server_nofail, &server_args, &serverThread);
+    wait_tcp_ready(&server_args);
+    test_client_nofail(&client_args);
+    join_thread(serverThread);
+
+    AssertTrue(client_args.return_code);
+    AssertTrue(server_args.return_code);
+
+    FreeTcpReady(&ready);
+
+#ifdef WOLFSSL_TIRTOS
+    fdOpenSession(Task_self());
+#endif
+
+#endif
+}
+
+/*----------------------------------------------------------------------------*
+ | TLS extensions tests
+ *----------------------------------------------------------------------------*/
+
+#ifdef HAVE_SNI
+static void use_SNI_at_ctx(WOLFSSL_CTX* ctx)
+{
+    byte type = WOLFSSL_SNI_HOST_NAME;
+    char name[] = "www.yassl.com";
+
+    AssertIntEQ(SSL_SUCCESS,
+                    wolfSSL_CTX_UseSNI(ctx, type, (void *) name, XSTRLEN(name)));
+}
+
+static void use_SNI_at_ssl(WOLFSSL* ssl)
+{
+    byte type = WOLFSSL_SNI_HOST_NAME;
+    char name[] = "www.yassl.com";
+
+    AssertIntEQ(SSL_SUCCESS,
+                        wolfSSL_UseSNI(ssl, type, (void *) name, XSTRLEN(name)));
+}
+
+static void different_SNI_at_ssl(WOLFSSL* ssl)
+{
+    byte type = WOLFSSL_SNI_HOST_NAME;
+    char name[] = "ww2.yassl.com";
+
+    AssertIntEQ(SSL_SUCCESS,
+                        wolfSSL_UseSNI(ssl, type, (void *) name, XSTRLEN(name)));
+}
+
+static void use_SNI_WITH_CONTINUE_at_ssl(WOLFSSL* ssl)
+{
+    byte type = WOLFSSL_SNI_HOST_NAME;
+
+    use_SNI_at_ssl(ssl);
+
+    wolfSSL_SNI_SetOptions(ssl, type, WOLFSSL_SNI_CONTINUE_ON_MISMATCH);
+}
+
+static void use_SNI_WITH_FAKE_ANSWER_at_ssl(WOLFSSL* ssl)
+{
+    byte type = WOLFSSL_SNI_HOST_NAME;
+
+    use_SNI_at_ssl(ssl);
+
+    wolfSSL_SNI_SetOptions(ssl, type, WOLFSSL_SNI_ANSWER_ON_MISMATCH);
+}
+
+static void verify_SNI_abort_on_client(WOLFSSL* ssl)
+{
+    AssertIntEQ(FATAL_ERROR, wolfSSL_get_error(ssl, 0));
+}
+
+static void verify_SNI_abort_on_server(WOLFSSL* ssl)
+{
+    AssertIntEQ(UNKNOWN_SNI_HOST_NAME_E, wolfSSL_get_error(ssl, 0));
+}
+
+static void verify_SNI_no_matching(WOLFSSL* ssl)
+{
+    byte  type    = WOLFSSL_SNI_HOST_NAME;
+    char* request = (char*) &type; /* to be overwriten */
+
+    AssertIntEQ(WOLFSSL_SNI_NO_MATCH, wolfSSL_SNI_Status(ssl, type));
+
+    AssertNotNull(request);
+    AssertIntEQ(0, wolfSSL_SNI_GetRequest(ssl, type, (void**) &request));
+    AssertNull(request);
+}
+
+static void verify_SNI_real_matching(WOLFSSL* ssl)
+{
+    byte   type    = WOLFSSL_SNI_HOST_NAME;
+    char*  request = NULL;
+    char   name[]  = "www.yassl.com";
+    word16 length  = XSTRLEN(name);
+
+    AssertIntEQ(WOLFSSL_SNI_REAL_MATCH, wolfSSL_SNI_Status(ssl, type));
+
+    AssertIntEQ(length, wolfSSL_SNI_GetRequest(ssl, type, (void**) &request));
+    AssertNotNull(request);
+    AssertStrEQ(name, request);
+}
+
+static void verify_SNI_fake_matching(WOLFSSL* ssl)
+{
+    byte   type    = WOLFSSL_SNI_HOST_NAME;
+    char*  request = NULL;
+    char   name[]  = "ww2.yassl.com";
+    word16 length  = XSTRLEN(name);
+
+    AssertIntEQ(WOLFSSL_SNI_FAKE_MATCH, wolfSSL_SNI_Status(ssl, type));
+
+    AssertIntEQ(length, wolfSSL_SNI_GetRequest(ssl, type, (void**) &request));
+    AssertNotNull(request);
+    AssertStrEQ(name, request);
+}
+
+static void test_wolfSSL_SNI_GetFromBuffer(void)
+{
+    byte buffer[] = { /* www.paypal.com */
+        0x00, 0x00, 0x00, 0x00, 0xff, 0x01, 0x00, 0x00, 0x60, 0x03, 0x03, 0x5c,
+        0xc4, 0xb3, 0x8c, 0x87, 0xef, 0xa4, 0x09, 0xe0, 0x02, 0xab, 0x86, 0xca,
+        0x76, 0xf0, 0x9e, 0x01, 0x65, 0xf6, 0xa6, 0x06, 0x13, 0x1d, 0x0f, 0xa5,
+        0x79, 0xb0, 0xd4, 0x77, 0x22, 0xeb, 0x1a, 0x00, 0x00, 0x16, 0x00, 0x6b,
+        0x00, 0x67, 0x00, 0x39, 0x00, 0x33, 0x00, 0x3d, 0x00, 0x3c, 0x00, 0x35,
+        0x00, 0x2f, 0x00, 0x05, 0x00, 0x04, 0x00, 0x0a, 0x01, 0x00, 0x00, 0x21,
+        0x00, 0x00, 0x00, 0x13, 0x00, 0x11, 0x00, 0x00, 0x0e, 0x77, 0x77, 0x77,
+        0x2e, 0x70, 0x61, 0x79, 0x70, 0x61, 0x6c, 0x2e, 0x63, 0x6f, 0x6d, 0x00,
+        0x0d, 0x00, 0x06, 0x00, 0x04, 0x04, 0x01, 0x02, 0x01
+    };
+
+    byte buffer2[] = { /* api.textmate.org */
+        0x16, 0x03, 0x01, 0x00, 0xc6, 0x01, 0x00, 0x00, 0xc2, 0x03, 0x03, 0x52,
+        0x8b, 0x7b, 0xca, 0x69, 0xec, 0x97, 0xd5, 0x08, 0x03, 0x50, 0xfe, 0x3b,
+        0x99, 0xc3, 0x20, 0xce, 0xa5, 0xf6, 0x99, 0xa5, 0x71, 0xf9, 0x57, 0x7f,
+        0x04, 0x38, 0xf6, 0x11, 0x0b, 0xb8, 0xd3, 0x00, 0x00, 0x5e, 0x00, 0xff,
+        0xc0, 0x24, 0xc0, 0x23, 0xc0, 0x0a, 0xc0, 0x09, 0xc0, 0x07, 0xc0, 0x08,
+        0xc0, 0x28, 0xc0, 0x27, 0xc0, 0x14, 0xc0, 0x13, 0xc0, 0x11, 0xc0, 0x12,
+        0xc0, 0x26, 0xc0, 0x25, 0xc0, 0x2a, 0xc0, 0x29, 0xc0, 0x05, 0xc0, 0x04,
+        0xc0, 0x02, 0xc0, 0x03, 0xc0, 0x0f, 0xc0, 0x0e, 0xc0, 0x0c, 0xc0, 0x0d,
+        0x00, 0x3d, 0x00, 0x3c, 0x00, 0x2f, 0x00, 0x05, 0x00, 0x04, 0x00, 0x35,
+        0x00, 0x0a, 0x00, 0x67, 0x00, 0x6b, 0x00, 0x33, 0x00, 0x39, 0x00, 0x16,
+        0x00, 0xaf, 0x00, 0xae, 0x00, 0x8d, 0x00, 0x8c, 0x00, 0x8a, 0x00, 0x8b,
+        0x00, 0xb1, 0x00, 0xb0, 0x00, 0x2c, 0x00, 0x3b, 0x01, 0x00, 0x00, 0x3b,
+        0x00, 0x00, 0x00, 0x15, 0x00, 0x13, 0x00, 0x00, 0x10, 0x61, 0x70, 0x69,
+        0x2e, 0x74, 0x65, 0x78, 0x74, 0x6d, 0x61, 0x74, 0x65, 0x2e, 0x6f, 0x72,
+        0x67, 0x00, 0x0a, 0x00, 0x08, 0x00, 0x06, 0x00, 0x17, 0x00, 0x18, 0x00,
+        0x19, 0x00, 0x0b, 0x00, 0x02, 0x01, 0x00, 0x00, 0x0d, 0x00, 0x0c, 0x00,
+        0x0a, 0x05, 0x01, 0x04, 0x01, 0x02, 0x01, 0x04, 0x03, 0x02, 0x03
+    };
+
+    byte buffer3[] = { /* no sni extension */
+        0x16, 0x03, 0x03, 0x00, 0x4d, 0x01, 0x00, 0x00, 0x49, 0x03, 0x03, 0xea,
+        0xa1, 0x9f, 0x60, 0xdd, 0x52, 0x12, 0x13, 0xbd, 0x84, 0x34, 0xd5, 0x1c,
+        0x38, 0x25, 0xa8, 0x97, 0xd2, 0xd5, 0xc6, 0x45, 0xaf, 0x1b, 0x08, 0xe4,
+        0x1e, 0xbb, 0xdf, 0x9d, 0x39, 0xf0, 0x65, 0x00, 0x00, 0x16, 0x00, 0x6b,
+        0x00, 0x67, 0x00, 0x39, 0x00, 0x33, 0x00, 0x3d, 0x00, 0x3c, 0x00, 0x35,
+        0x00, 0x2f, 0x00, 0x05, 0x00, 0x04, 0x00, 0x0a, 0x01, 0x00, 0x00, 0x0a,
+        0x00, 0x0d, 0x00, 0x06, 0x00, 0x04, 0x04, 0x01, 0x02, 0x01
+    };
+
+    byte buffer4[] = { /* last extension has zero size */
+        0x16, 0x03, 0x01, 0x00, 0xba, 0x01, 0x00, 0x00,
+        0xb6, 0x03, 0x03, 0x83, 0xa3, 0xe6, 0xdc, 0x16, 0xa1, 0x43, 0xe9, 0x45,
+        0x15, 0xbd, 0x64, 0xa9, 0xb6, 0x07, 0xb4, 0x50, 0xc6, 0xdd, 0xff, 0xc2,
+        0xd3, 0x0d, 0x4f, 0x36, 0xb4, 0x41, 0x51, 0x61, 0xc1, 0xa5, 0x9e, 0x00,
+        0x00, 0x28, 0xcc, 0x14, 0xcc, 0x13, 0xc0, 0x2b, 0xc0, 0x2f, 0x00, 0x9e,
+        0xc0, 0x0a, 0xc0, 0x09, 0xc0, 0x13, 0xc0, 0x14, 0xc0, 0x07, 0xc0, 0x11,
+        0x00, 0x33, 0x00, 0x32, 0x00, 0x39, 0x00, 0x9c, 0x00, 0x2f, 0x00, 0x35,
+        0x00, 0x0a, 0x00, 0x05, 0x00, 0x04, 0x01, 0x00, 0x00, 0x65, 0xff, 0x01,
+        0x00, 0x01, 0x00, 0x00, 0x0a, 0x00, 0x08, 0x00, 0x06, 0x00, 0x17, 0x00,
+        0x18, 0x00, 0x19, 0x00, 0x0b, 0x00, 0x02, 0x01, 0x00, 0x00, 0x23, 0x00,
+        0x00, 0x33, 0x74, 0x00, 0x00, 0x00, 0x10, 0x00, 0x1b, 0x00, 0x19, 0x06,
+        0x73, 0x70, 0x64, 0x79, 0x2f, 0x33, 0x08, 0x73, 0x70, 0x64, 0x79, 0x2f,
+        0x33, 0x2e, 0x31, 0x08, 0x68, 0x74, 0x74, 0x70, 0x2f, 0x31, 0x2e, 0x31,
+        0x75, 0x50, 0x00, 0x00, 0x00, 0x05, 0x00, 0x05, 0x01, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x0d, 0x00, 0x12, 0x00, 0x10, 0x04, 0x01, 0x05, 0x01, 0x02,
+        0x01, 0x04, 0x03, 0x05, 0x03, 0x02, 0x03, 0x04, 0x02, 0x02, 0x02, 0x00,
+        0x12, 0x00, 0x00
+    };
+
+    byte result[32] = {0};
+    word32 length   = 32;
+
+    AssertIntEQ(0, wolfSSL_SNI_GetFromBuffer(buffer4, sizeof(buffer4),
+                                                           0, result, &length));
+
+    AssertIntEQ(0, wolfSSL_SNI_GetFromBuffer(buffer3, sizeof(buffer3),
+                                                           0, result, &length));
+
+    AssertIntEQ(0, wolfSSL_SNI_GetFromBuffer(buffer2, sizeof(buffer2),
+                                                           1, result, &length));
+
+    AssertIntEQ(BUFFER_ERROR, wolfSSL_SNI_GetFromBuffer(buffer, sizeof(buffer),
+                                                           0, result, &length));
+    buffer[0] = 0x16;
+
+    AssertIntEQ(BUFFER_ERROR, wolfSSL_SNI_GetFromBuffer(buffer, sizeof(buffer),
+                                                           0, result, &length));
+    buffer[1] = 0x03;
+
+    AssertIntEQ(SNI_UNSUPPORTED, wolfSSL_SNI_GetFromBuffer(buffer, 
+                                           sizeof(buffer), 0, result, &length));
+    buffer[2] = 0x03;
+
+    AssertIntEQ(INCOMPLETE_DATA, wolfSSL_SNI_GetFromBuffer(buffer,
+                                           sizeof(buffer), 0, result, &length));
+    buffer[4] = 0x64;
+
+    AssertIntEQ(SSL_SUCCESS, wolfSSL_SNI_GetFromBuffer(buffer, sizeof(buffer),
+                                                           0, result, &length));
+    result[length] = 0;
+    AssertStrEQ("www.paypal.com", (const char*) result);
+
+    length = 32;
+
+    AssertIntEQ(SSL_SUCCESS, wolfSSL_SNI_GetFromBuffer(buffer2, sizeof(buffer2),
+                                                           0, result, &length));
+    result[length] = 0;
+    AssertStrEQ("api.textmate.org", (const char*) result);
+}
+
+static void test_wolfSSL_client_server(callback_functions* client_callbacks,
+                                      callback_functions* server_callbacks)
+{
+#ifdef HAVE_IO_TESTS_DEPENDENCIES
+    tcp_ready ready;
+    func_args client_args;
+    func_args server_args;
+    THREAD_TYPE serverThread;
+
+    StartTCP();
+
+    client_args.callbacks = client_callbacks;
+    server_args.callbacks = server_callbacks;
+
+#ifdef WOLFSSL_TIRTOS
+    fdOpenSession(Task_self());
+#endif
+
+    /* RUN Server side */
+    InitTcpReady(&ready);
+    server_args.signal = &ready;
+    client_args.signal = &ready;
+    start_thread(run_wolfssl_server, &server_args, &serverThread);
+    wait_tcp_ready(&server_args);
+
+    /* RUN Client side */
+    run_wolfssl_client(&client_args);
+    join_thread(serverThread);
+
+    FreeTcpReady(&ready);
+#ifdef WOLFSSL_TIRTOS
+    fdCloseSession(Task_self());
+#endif
+    
+#else
+    (void)client_callbacks;
+    (void)server_callbacks;
+#endif
+}
+
+#endif /* HAVE_SNI */
+
+static void test_wolfSSL_UseSNI(void)
+{
+#ifdef HAVE_SNI
+    callback_functions client_callbacks = {wolfSSLv23_client_method, 0, 0, 0};
+    callback_functions server_callbacks = {wolfSSLv23_server_method, 0, 0, 0};
+
+    WOLFSSL_CTX *ctx = wolfSSL_CTX_new(wolfSSLv23_client_method());
+    WOLFSSL     *ssl = wolfSSL_new(ctx);
+
+    AssertNotNull(ctx);
+    AssertNotNull(ssl);
+
+    /* error cases */
+    AssertIntNE(SSL_SUCCESS,
+                    wolfSSL_CTX_UseSNI(NULL, 0, (void *) "ctx", XSTRLEN("ctx")));
+    AssertIntNE(SSL_SUCCESS,
+                    wolfSSL_UseSNI(    NULL, 0, (void *) "ssl", XSTRLEN("ssl")));
+    AssertIntNE(SSL_SUCCESS,
+                    wolfSSL_CTX_UseSNI(ctx, -1, (void *) "ctx", XSTRLEN("ctx")));
+    AssertIntNE(SSL_SUCCESS,
+                    wolfSSL_UseSNI(    ssl, -1, (void *) "ssl", XSTRLEN("ssl")));
+    AssertIntNE(SSL_SUCCESS,
+                    wolfSSL_CTX_UseSNI(ctx,  0, (void *) NULL,  XSTRLEN("ctx")));
+    AssertIntNE(SSL_SUCCESS,
+                    wolfSSL_UseSNI(    ssl,  0, (void *) NULL,  XSTRLEN("ssl")));
+
+    /* success case */
+    AssertIntEQ(SSL_SUCCESS,
+                    wolfSSL_CTX_UseSNI(ctx,  0, (void *) "ctx", XSTRLEN("ctx")));
+    AssertIntEQ(SSL_SUCCESS,
+                    wolfSSL_UseSNI(    ssl,  0, (void *) "ssl", XSTRLEN("ssl")));
+
+    wolfSSL_free(ssl);
+    wolfSSL_CTX_free(ctx);
+
+    /* Testing success case at ctx */
+    client_callbacks.ctx_ready = server_callbacks.ctx_ready = use_SNI_at_ctx;
+    server_callbacks.on_result = verify_SNI_real_matching;
+
+    test_wolfSSL_client_server(&client_callbacks, &server_callbacks);
+
+    /* Testing success case at ssl */
+    client_callbacks.ctx_ready = server_callbacks.ctx_ready = NULL;
+    client_callbacks.ssl_ready = server_callbacks.ssl_ready = use_SNI_at_ssl;
+
+    test_wolfSSL_client_server(&client_callbacks, &server_callbacks);
+
+    /* Testing default mismatch behaviour */
+    client_callbacks.ssl_ready = different_SNI_at_ssl;
+    client_callbacks.on_result = verify_SNI_abort_on_client;
+    server_callbacks.on_result = verify_SNI_abort_on_server;
+
+    test_wolfSSL_client_server(&client_callbacks, &server_callbacks);
+    client_callbacks.on_result = NULL;
+
+    /* Testing continue on mismatch */
+    client_callbacks.ssl_ready = different_SNI_at_ssl;
+    server_callbacks.ssl_ready = use_SNI_WITH_CONTINUE_at_ssl;
+    server_callbacks.on_result = verify_SNI_no_matching;
+
+    test_wolfSSL_client_server(&client_callbacks, &server_callbacks);
+
+    /* Testing fake answer on mismatch */
+    server_callbacks.ssl_ready = use_SNI_WITH_FAKE_ANSWER_at_ssl;
+    server_callbacks.on_result = verify_SNI_fake_matching;
+
+    test_wolfSSL_client_server(&client_callbacks, &server_callbacks);
+
+    test_wolfSSL_SNI_GetFromBuffer();
+#endif
+}
+
+static void test_wolfSSL_UseMaxFragment(void)
+{
+#ifdef HAVE_MAX_FRAGMENT
+    WOLFSSL_CTX *ctx = wolfSSL_CTX_new(wolfSSLv23_client_method());
+    WOLFSSL     *ssl = wolfSSL_new(ctx);
+
+    AssertNotNull(ctx);
+    AssertNotNull(ssl);
+
+    /* error cases */
+    AssertIntNE(SSL_SUCCESS, wolfSSL_CTX_UseMaxFragment(NULL, WOLFSSL_MFL_2_9));
+    AssertIntNE(SSL_SUCCESS, wolfSSL_UseMaxFragment(    NULL, WOLFSSL_MFL_2_9));
+    AssertIntNE(SSL_SUCCESS, wolfSSL_CTX_UseMaxFragment(ctx, 0));
+    AssertIntNE(SSL_SUCCESS, wolfSSL_CTX_UseMaxFragment(ctx, 6));
+    AssertIntNE(SSL_SUCCESS, wolfSSL_UseMaxFragment(ssl, 0));
+    AssertIntNE(SSL_SUCCESS, wolfSSL_UseMaxFragment(ssl, 6));
+
+    /* success case */
+    AssertIntEQ(SSL_SUCCESS, wolfSSL_CTX_UseMaxFragment(ctx,  WOLFSSL_MFL_2_9));
+    AssertIntEQ(SSL_SUCCESS, wolfSSL_CTX_UseMaxFragment(ctx,  WOLFSSL_MFL_2_10));
+    AssertIntEQ(SSL_SUCCESS, wolfSSL_CTX_UseMaxFragment(ctx,  WOLFSSL_MFL_2_11));
+    AssertIntEQ(SSL_SUCCESS, wolfSSL_CTX_UseMaxFragment(ctx,  WOLFSSL_MFL_2_12));
+    AssertIntEQ(SSL_SUCCESS, wolfSSL_CTX_UseMaxFragment(ctx,  WOLFSSL_MFL_2_13));
+    AssertIntEQ(SSL_SUCCESS, wolfSSL_UseMaxFragment(    ssl,  WOLFSSL_MFL_2_9));
+    AssertIntEQ(SSL_SUCCESS, wolfSSL_UseMaxFragment(    ssl,  WOLFSSL_MFL_2_10));
+    AssertIntEQ(SSL_SUCCESS, wolfSSL_UseMaxFragment(    ssl,  WOLFSSL_MFL_2_11));
+    AssertIntEQ(SSL_SUCCESS, wolfSSL_UseMaxFragment(    ssl,  WOLFSSL_MFL_2_12));
+    AssertIntEQ(SSL_SUCCESS, wolfSSL_UseMaxFragment(    ssl,  WOLFSSL_MFL_2_13));
+
+    wolfSSL_free(ssl);
+    wolfSSL_CTX_free(ctx);
+#endif
+}
+
+static void test_wolfSSL_UseTruncatedHMAC(void)
+{
+#ifdef HAVE_TRUNCATED_HMAC
+    WOLFSSL_CTX *ctx = wolfSSL_CTX_new(wolfSSLv23_client_method());
+    WOLFSSL     *ssl = wolfSSL_new(ctx);
+
+    AssertNotNull(ctx);
+    AssertNotNull(ssl);
+
+    /* error cases */
+    AssertIntNE(SSL_SUCCESS, wolfSSL_CTX_UseTruncatedHMAC(NULL));
+    AssertIntNE(SSL_SUCCESS, wolfSSL_UseTruncatedHMAC(NULL));
+
+    /* success case */
+    AssertIntEQ(SSL_SUCCESS, wolfSSL_CTX_UseTruncatedHMAC(ctx));
+    AssertIntEQ(SSL_SUCCESS, wolfSSL_UseTruncatedHMAC(ssl));
+
+    wolfSSL_free(ssl);
+    wolfSSL_CTX_free(ctx);
+#endif
+}
+
+static void test_wolfSSL_UseSupportedCurve(void)
+{
+#ifdef HAVE_SUPPORTED_CURVES
+    WOLFSSL_CTX *ctx = wolfSSL_CTX_new(wolfSSLv23_client_method());
+    WOLFSSL     *ssl = wolfSSL_new(ctx);
+
+    AssertNotNull(ctx);
+    AssertNotNull(ssl);
+
+#ifndef NO_WOLFSSL_CLIENT
+    /* error cases */
+    AssertIntNE(SSL_SUCCESS,
+                      wolfSSL_CTX_UseSupportedCurve(NULL, WOLFSSL_ECC_SECP160R1));
+    AssertIntNE(SSL_SUCCESS, wolfSSL_CTX_UseSupportedCurve(ctx,  0));
+
+    AssertIntNE(SSL_SUCCESS,
+                          wolfSSL_UseSupportedCurve(NULL, WOLFSSL_ECC_SECP160R1));
+    AssertIntNE(SSL_SUCCESS, wolfSSL_UseSupportedCurve(ssl,  0));
+
+    /* success case */
+    AssertIntEQ(SSL_SUCCESS,
+                       wolfSSL_CTX_UseSupportedCurve(ctx, WOLFSSL_ECC_SECP160R1));
+    AssertIntEQ(SSL_SUCCESS,
+                           wolfSSL_UseSupportedCurve(ssl, WOLFSSL_ECC_SECP160R1));
+#endif
+
+    wolfSSL_free(ssl);
+    wolfSSL_CTX_free(ctx);
+#endif
+}
+
+/*----------------------------------------------------------------------------*
+ | Main
+ *----------------------------------------------------------------------------*/
+
+void ApiTest(void)
+{
+    printf(" Begin API Tests\n");
+    test_wolfSSL_Init();
+
+    test_wolfSSL_Method_Allocators();
+    test_wolfSSL_CTX_new(wolfSSLv23_server_method());
+    test_wolfSSL_CTX_use_certificate_file();
+    test_wolfSSL_CTX_use_PrivateKey_file();
+    test_wolfSSL_CTX_load_verify_locations();
+    test_server_wolfSSL_new();
+    test_client_wolfSSL_new();
+    test_wolfSSL_read_write();
+
+    /* TLS extensions tests */
+    test_wolfSSL_UseSNI();
+    test_wolfSSL_UseMaxFragment();
+    test_wolfSSL_UseTruncatedHMAC();
+    test_wolfSSL_UseSupportedCurve();
+
+    test_wolfSSL_Cleanup();
+    printf(" End API Tests\n");
+}
diff --git a/3P/wolfssl/tests/hash.c b/3P/wolfssl/tests/hash.c
new file mode 100644
index 00000000..eae8feb8
--- /dev/null
+++ b/3P/wolfssl/tests/hash.c
@@ -0,0 +1,853 @@
+/* hash.c has unit tests
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+#ifdef HAVE_CONFIG_H
+    #include 
+#endif
+
+#include 
+
+#include 
+
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+
+#include 
+
+typedef struct testVector {
+    const char*  input;
+    const char*  output; 
+    size_t inLen;
+    size_t outLen;
+} testVector;
+
+int  md4_test(void);
+int  md5_test(void);
+int  sha_test(void);
+int  sha256_test(void);
+int  sha512_test(void);
+int  sha384_test(void);
+int  ripemd_test(void);
+int  hmac_md5_test(void);
+int  hmac_sha_test(void);
+int  hmac_sha256_test(void);
+int  hmac_sha384_test(void);
+
+int HashTest(void)
+{
+    int ret = 0;
+
+    printf(" Begin HASH Tests\n");
+
+#ifndef NO_MD4
+    if ( (ret = md4_test()) ) {
+        printf( "   MD4      test failed!\n");
+        return ret; 
+    } else
+        printf( "   MD4      test passed!\n");
+#endif
+
+#ifndef NO_MD5
+    if ( (ret = md5_test()) ) {
+        printf( "   MD5      test failed!\n");
+        return ret; 
+    } else
+        printf( "   MD5      test passed!\n");
+#endif
+    
+#ifndef NO_SHA
+    if ( (ret = sha_test()) ) {
+        printf( "   SHA      test failed!\n");
+        return ret; 
+    } else
+        printf( "   SHA      test passed!\n");
+#endif
+    
+#ifndef NO_SHA256
+    if ( (ret = sha256_test()) ) {
+        printf( "   SHA-256  test failed!\n");
+        return ret; 
+    } else
+        printf( "   SHA-256  test passed!\n");
+#endif
+
+#ifdef WOLFSSL_SHA512
+    if ( (ret = sha512_test()) ) {
+        printf( "   SHA-512  test failed!\n");
+        return ret; 
+    } else
+        printf( "   SHA-512  test passed!\n");
+#endif
+
+#ifdef WOLFSSL_SHA384
+    if ( (ret = sha384_test()) ) {
+        printf( "   SHA-384  test failed!\n");
+        return ret; 
+    } else
+        printf( "   SHA-384  test passed!\n");
+#endif
+
+#ifdef WOLFSSL_RIPEMD
+    if ( (ret = ripemd_test()) ) {
+        printf( "   RIPEMD   test failed!\n");
+        return ret; 
+    } else
+        printf( "   RIPEMD   test passed!\n");
+#endif
+
+#ifndef NO_HMAC
+    #ifndef NO_MD5
+        if ( (ret = hmac_md5_test()) ) {
+            printf( "   HMAC-MD5 test failed!\n");
+            return ret; 
+        } else
+            printf( "   HMAC-MD5 test passed!\n");
+    #endif
+
+    if ( (ret = hmac_sha_test()) ) 
+        printf( "   HMAC-SHA test failed!\n");
+    else
+        printf( "   HMAC-SHA test passed!\n");
+
+    #ifndef NO_SHA256
+        if ( (ret = hmac_sha256_test()) ) 
+            printf( "   HMAC-SHA256 test failed!\n");
+        else
+            printf( "   HMAC-SHA256 test passed!\n");
+    #endif
+
+    #ifdef WOLFSSL_SHA384
+        if ( (ret = hmac_sha384_test()) ) 
+            printf( "   HMAC-SHA384 test failed!\n");
+        else
+            printf( "   HMAC-SHA384 test passed!\n");
+    #endif
+#endif
+
+    printf(" End HASH Tests\n");
+    
+    return 0;
+}
+
+#ifndef NO_MD4
+
+int md4_test(void)
+{
+    Md4  md4;
+    byte hash[MD4_DIGEST_SIZE];
+
+    testVector a, b, c, d, e, f, g;
+    testVector test_md4[7];
+    int times = sizeof(test_md4) / sizeof(testVector), i;
+
+    a.input  = "";
+    a.output = "\x31\xd6\xcf\xe0\xd1\x6a\xe9\x31\xb7\x3c\x59\xd7\xe0\xc0\x89" 
+               "\xc0";
+    a.inLen  = strlen(a.input);
+    a.outLen = strlen(a.output);
+
+    b.input  = "a";
+    b.output = "\xbd\xe5\x2c\xb3\x1d\xe3\x3e\x46\x24\x5e\x05\xfb\xdb\xd6\xfb" 
+               "\x24";
+    b.inLen  = strlen(b.input);
+    b.outLen = strlen(b.output);
+
+    c.input  = "abc";
+    c.output = "\xa4\x48\x01\x7a\xaf\x21\xd8\x52\x5f\xc1\x0a\xe8\x7a\xa6\x72" 
+               "\x9d";
+    c.inLen  = strlen(c.input);
+    c.outLen = strlen(c.output);
+
+    d.input  = "message digest";
+    d.output = "\xd9\x13\x0a\x81\x64\x54\x9f\xe8\x18\x87\x48\x06\xe1\xc7\x01" 
+               "\x4b";
+    d.inLen  = strlen(d.input);
+    d.outLen = strlen(d.output);
+
+    e.input  = "abcdefghijklmnopqrstuvwxyz";
+    e.output = "\xd7\x9e\x1c\x30\x8a\xa5\xbb\xcd\xee\xa8\xed\x63\xdf\x41\x2d" 
+               "\xa9";
+    e.inLen  = strlen(e.input);
+    e.outLen = strlen(e.output);
+
+    f.input  = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz012345"
+               "6789";
+    f.output = "\x04\x3f\x85\x82\xf2\x41\xdb\x35\x1c\xe6\x27\xe1\x53\xe7\xf0" 
+               "\xe4";
+    f.inLen  = strlen(f.input);
+    f.outLen = strlen(f.output);
+
+    g.input  = "1234567890123456789012345678901234567890123456789012345678"
+               "9012345678901234567890";
+    g.output = "\xe3\x3b\x4d\xdc\x9c\x38\xf2\x19\x9c\x3e\x7b\x16\x4f\xcc\x05" 
+               "\x36";
+    g.inLen  = strlen(g.input);
+    g.outLen = strlen(g.output);
+
+    test_md4[0] = a;
+    test_md4[1] = b;
+    test_md4[2] = c;
+    test_md4[3] = d;
+    test_md4[4] = e;
+    test_md4[5] = f;
+    test_md4[6] = g;
+
+    wc_InitMd4(&md4);
+
+    for (i = 0; i < times; ++i) {
+        wc_Md4Update(&md4, (byte*)test_md4[i].input, (word32)test_md4[i].inLen);
+        wc_Md4Final(&md4, hash);
+
+        if (memcmp(hash, test_md4[i].output, MD4_DIGEST_SIZE) != 0)
+            return -205 - i;
+    }
+
+    return 0;
+}
+
+#endif /* NO_MD4 */
+
+#ifndef NO_MD5
+
+int md5_test(void)
+{
+    Md5  md5;
+    byte hash[MD5_DIGEST_SIZE];
+
+    testVector a, b, c, d, e;
+    testVector test_md5[5];
+    int times = sizeof(test_md5) / sizeof(testVector), i;
+
+    a.input  = "abc";
+    a.output = "\x90\x01\x50\x98\x3c\xd2\x4f\xb0\xd6\x96\x3f\x7d\x28\xe1\x7f"
+               "\x72";
+    a.inLen  = strlen(a.input);
+    a.outLen = strlen(a.output);
+
+    b.input  = "message digest";
+    b.output = "\xf9\x6b\x69\x7d\x7c\xb7\x93\x8d\x52\x5a\x2f\x31\xaa\xf1\x61"
+               "\xd0";
+    b.inLen  = strlen(b.input);
+    b.outLen = strlen(b.output);
+
+    c.input  = "abcdefghijklmnopqrstuvwxyz";
+    c.output = "\xc3\xfc\xd3\xd7\x61\x92\xe4\x00\x7d\xfb\x49\x6c\xca\x67\xe1"
+               "\x3b";
+    c.inLen  = strlen(c.input);
+    c.outLen = strlen(c.output);
+
+    d.input  = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz012345"
+               "6789";
+    d.output = "\xd1\x74\xab\x98\xd2\x77\xd9\xf5\xa5\x61\x1c\x2c\x9f\x41\x9d"
+               "\x9f";
+    d.inLen  = strlen(d.input);
+    d.outLen = strlen(d.output);
+
+    e.input  = "1234567890123456789012345678901234567890123456789012345678"
+               "9012345678901234567890";
+    e.output = "\x57\xed\xf4\xa2\x2b\xe3\xc9\x55\xac\x49\xda\x2e\x21\x07\xb6"
+               "\x7a";
+    e.inLen  = strlen(e.input);
+    e.outLen = strlen(e.output);
+
+    test_md5[0] = a;
+    test_md5[1] = b;
+    test_md5[2] = c;
+    test_md5[3] = d;
+    test_md5[4] = e;
+
+    wc_InitMd5(&md5);
+
+    for (i = 0; i < times; ++i) {
+        wc_Md5Update(&md5, (byte*)test_md5[i].input, (word32)test_md5[i].inLen);
+        wc_Md5Final(&md5, hash);
+
+        if (memcmp(hash, test_md5[i].output, MD5_DIGEST_SIZE) != 0)
+            return -5 - i;
+    }
+
+    return 0;
+}
+
+#endif /* NO_MD5 */
+
+#ifndef NO_SHA
+int sha_test(void)
+{
+    Sha  sha;
+    byte hash[SHA_DIGEST_SIZE];
+
+    testVector a, b, c, d;
+    testVector test_sha[4];
+    int ret   = 0;
+    int times = sizeof(test_sha) / sizeof(struct testVector), i;
+
+    a.input  = "abc";
+    a.output = "\xA9\x99\x3E\x36\x47\x06\x81\x6A\xBA\x3E\x25\x71\x78\x50\xC2"
+               "\x6C\x9C\xD0\xD8\x9D";
+    a.inLen  = strlen(a.input);
+    a.outLen = strlen(a.output);
+
+    b.input  = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq";
+    b.output = "\x84\x98\x3E\x44\x1C\x3B\xD2\x6E\xBA\xAE\x4A\xA1\xF9\x51\x29"
+               "\xE5\xE5\x46\x70\xF1";
+    b.inLen  = strlen(b.input);
+    b.outLen = strlen(b.output);
+
+    c.input  = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
+               "aaaaaa";
+    c.output = "\x00\x98\xBA\x82\x4B\x5C\x16\x42\x7B\xD7\xA1\x12\x2A\x5A\x44"
+               "\x2A\x25\xEC\x64\x4D";
+    c.inLen  = strlen(c.input);
+    c.outLen = strlen(c.output);
+
+    d.input  = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
+               "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
+               "aaaaaaaaaa";
+    d.output = "\xAD\x5B\x3F\xDB\xCB\x52\x67\x78\xC2\x83\x9D\x2F\x15\x1E\xA7"
+               "\x53\x99\x5E\x26\xA0";
+    d.inLen  = strlen(d.input);
+    d.outLen = strlen(d.output);
+
+    test_sha[0] = a;
+    test_sha[1] = b;
+    test_sha[2] = c;
+    test_sha[3] = d;
+
+    ret = wc_InitSha(&sha);
+    if (ret != 0)
+        return ret;
+
+    for (i = 0; i < times; ++i) {
+        wc_ShaUpdate(&sha, (byte*)test_sha[i].input, (word32)test_sha[i].inLen);
+        wc_ShaFinal(&sha, hash);
+
+        if (memcmp(hash, test_sha[i].output, SHA_DIGEST_SIZE) != 0)
+            return -10 - i;
+    }
+
+    return 0;
+}
+#endif /* NO_SHA */
+
+#ifndef NO_SHA256
+int sha256_test(void)
+{
+    Sha256 sha;
+    byte   hash[SHA256_DIGEST_SIZE];
+
+    testVector a, b;
+    testVector test_sha[2];
+    int ret;
+    int times = sizeof(test_sha) / sizeof(struct testVector), i;
+
+    a.input  = "abc";
+    a.output = "\xBA\x78\x16\xBF\x8F\x01\xCF\xEA\x41\x41\x40\xDE\x5D\xAE\x22"
+               "\x23\xB0\x03\x61\xA3\x96\x17\x7A\x9C\xB4\x10\xFF\x61\xF2\x00"
+               "\x15\xAD";
+    a.inLen  = strlen(a.input);
+    a.outLen = strlen(a.output);
+
+    b.input  = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq";
+    b.output = "\x24\x8D\x6A\x61\xD2\x06\x38\xB8\xE5\xC0\x26\x93\x0C\x3E\x60"
+               "\x39\xA3\x3C\xE4\x59\x64\xFF\x21\x67\xF6\xEC\xED\xD4\x19\xDB"
+               "\x06\xC1";
+    b.inLen  = strlen(b.input);
+    b.outLen = strlen(b.output);
+
+    test_sha[0] = a;
+    test_sha[1] = b;
+
+    ret = wc_InitSha256(&sha);
+    if (ret != 0)
+        return ret;
+
+    for (i = 0; i < times; ++i) {
+        ret = wc_Sha256Update(&sha, (byte*)test_sha[i].input,(word32)test_sha[i].inLen);
+        if (ret != 0)
+            return ret;
+
+        ret = wc_Sha256Final(&sha, hash);
+        if (ret != 0)
+            return ret;
+
+        if (memcmp(hash, test_sha[i].output, SHA256_DIGEST_SIZE) != 0)
+            return -10 - i;
+    }
+
+    return 0;
+}
+#endif
+
+#ifdef WOLFSSL_SHA512
+int sha512_test(void)
+{
+    Sha512 sha;
+    byte   hash[SHA512_DIGEST_SIZE];
+
+    testVector a, b;
+    testVector test_sha[2];
+    int times = sizeof(test_sha) / sizeof(struct testVector), i;
+    int ret;
+
+    a.input  = "abc";
+    a.output = "\xdd\xaf\x35\xa1\x93\x61\x7a\xba\xcc\x41\x73\x49\xae\x20\x41"
+               "\x31\x12\xe6\xfa\x4e\x89\xa9\x7e\xa2\x0a\x9e\xee\xe6\x4b\x55"
+               "\xd3\x9a\x21\x92\x99\x2a\x27\x4f\xc1\xa8\x36\xba\x3c\x23\xa3"
+               "\xfe\xeb\xbd\x45\x4d\x44\x23\x64\x3c\xe8\x0e\x2a\x9a\xc9\x4f"
+               "\xa5\x4c\xa4\x9f";
+    a.inLen  = strlen(a.input);
+    a.outLen = strlen(a.output);
+
+    b.input  = "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhi"
+               "jklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu";
+    b.output = "\x8e\x95\x9b\x75\xda\xe3\x13\xda\x8c\xf4\xf7\x28\x14\xfc\x14"
+               "\x3f\x8f\x77\x79\xc6\xeb\x9f\x7f\xa1\x72\x99\xae\xad\xb6\x88"
+               "\x90\x18\x50\x1d\x28\x9e\x49\x00\xf7\xe4\x33\x1b\x99\xde\xc4"
+               "\xb5\x43\x3a\xc7\xd3\x29\xee\xb6\xdd\x26\x54\x5e\x96\xe5\x5b"
+               "\x87\x4b\xe9\x09"; 
+    b.inLen  = strlen(b.input);
+    b.outLen = strlen(b.output);
+
+    test_sha[0] = a;
+    test_sha[1] = b;
+
+    ret = wc_InitSha512(&sha);
+    if (ret != 0)
+        return ret;
+
+    for (i = 0; i < times; ++i) {
+        ret = wc_Sha512Update(&sha, (byte*)test_sha[i].input,(word32)test_sha[i].inLen);
+        if (ret != 0)
+            return ret;
+
+        ret = wc_Sha512Final(&sha, hash);
+        if (ret != 0)
+            return ret;
+
+        if (memcmp(hash, test_sha[i].output, SHA512_DIGEST_SIZE) != 0)
+            return -10 - i;
+    }
+
+    return 0;
+}
+#endif
+
+#ifdef WOLFSSL_SHA384
+int sha384_test()
+{
+    Sha384 sha;
+    byte   hash[SHA384_DIGEST_SIZE];
+
+    testVector a, b;
+    testVector test_sha[2];
+    int times = sizeof(test_sha) / sizeof(struct testVector), i;
+    int ret;
+
+    a.input  = "abc";
+    a.output = "\xcb\x00\x75\x3f\x45\xa3\x5e\x8b\xb5\xa0\x3d\x69\x9a\xc6\x50"
+               "\x07\x27\x2c\x32\xab\x0e\xde\xd1\x63\x1a\x8b\x60\x5a\x43\xff"
+               "\x5b\xed\x80\x86\x07\x2b\xa1\xe7\xcc\x23\x58\xba\xec\xa1\x34"
+               "\xc8\x25\xa7";
+    a.inLen  = strlen(a.input);
+    a.outLen = strlen(a.output);
+
+    b.input  = "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhi"
+               "jklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu";
+    b.output = "\x09\x33\x0c\x33\xf7\x11\x47\xe8\x3d\x19\x2f\xc7\x82\xcd\x1b"
+               "\x47\x53\x11\x1b\x17\x3b\x3b\x05\xd2\x2f\xa0\x80\x86\xe3\xb0"
+               "\xf7\x12\xfc\xc7\xc7\x1a\x55\x7e\x2d\xb9\x66\xc3\xe9\xfa\x91"
+               "\x74\x60\x39";
+    b.inLen  = strlen(b.input);
+    b.outLen = strlen(b.output);
+
+    test_sha[0] = a;
+    test_sha[1] = b;
+
+    ret = wc_InitSha384(&sha);
+    if (ret != 0)
+        return ret;
+
+    for (i = 0; i < times; ++i) {
+        ret = wc_Sha384Update(&sha, (byte*)test_sha[i].input,(word32)test_sha[i].inLen);
+        if (ret != 0)
+            return ret;
+
+        ret = wc_Sha384Final(&sha, hash);
+        if (ret != 0)
+            return ret;
+
+        if (memcmp(hash, test_sha[i].output, SHA384_DIGEST_SIZE) != 0)
+            return -10 - i;
+    }
+
+    return 0;
+}
+#endif
+
+#ifdef WOLFSSL_RIPEMD
+int ripemd_test(void)
+{
+    RipeMd  ripemd;
+    byte hash[RIPEMD_DIGEST_SIZE];
+
+    testVector a, b, c, d;
+    testVector test_ripemd[4];
+    int times = sizeof(test_ripemd) / sizeof(struct testVector), i;
+
+    a.input  = "abc";
+    a.output = "\x8e\xb2\x08\xf7\xe0\x5d\x98\x7a\x9b\x04\x4a\x8e\x98\xc6"
+               "\xb0\x87\xf1\x5a\x0b\xfc";
+    a.inLen  = strlen(a.input);
+    a.outLen = strlen(a.output);
+
+    b.input  = "message digest";
+    b.output = "\x5d\x06\x89\xef\x49\xd2\xfa\xe5\x72\xb8\x81\xb1\x23\xa8"
+               "\x5f\xfa\x21\x59\x5f\x36";
+    b.inLen  = strlen(b.input);
+    b.outLen = strlen(b.output);
+
+    c.input  = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"; 
+    c.output = "\x12\xa0\x53\x38\x4a\x9c\x0c\x88\xe4\x05\xa0\x6c\x27\xdc"
+               "\xf4\x9a\xda\x62\xeb\x2b";
+    c.inLen  = strlen(c.input);
+    c.outLen = strlen(c.output);
+
+    d.input  = "12345678901234567890123456789012345678901234567890123456"
+               "789012345678901234567890";
+    d.output = "\x9b\x75\x2e\x45\x57\x3d\x4b\x39\xf4\xdb\xd3\x32\x3c\xab"
+               "\x82\xbf\x63\x32\x6b\xfb"; 
+    d.inLen  = strlen(d.input);
+    d.outLen = strlen(d.output);
+
+    test_ripemd[0] = a;
+    test_ripemd[1] = b;
+    test_ripemd[2] = c;
+    test_ripemd[3] = d;
+
+    wc_InitRipeMd(&ripemd);
+
+    for (i = 0; i < times; ++i) {
+        wc_RipeMdUpdate(&ripemd, (byte*)test_ripemd[i].input,
+                     (word32)test_ripemd[i].inLen);
+        wc_RipeMdFinal(&ripemd, hash);
+
+        if (memcmp(hash, test_ripemd[i].output, RIPEMD_DIGEST_SIZE) != 0)
+            return -10 - i;
+    }
+
+    return 0;
+}
+#endif /* WOLFSSL_RIPEMD */
+
+#if !defined(NO_HMAC) && !defined(NO_MD5)
+int hmac_md5_test(void)
+{
+    Hmac hmac;
+    byte hash[MD5_DIGEST_SIZE];
+
+    const char* keys[]=
+    {
+        "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b",
+        "Jefe",
+        "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
+    };
+
+    testVector a, b, c;
+    testVector test_hmac[3];
+
+    int ret;
+    int times = sizeof(test_hmac) / sizeof(testVector), i;
+
+    a.input  = "Hi There";
+    a.output = "\x92\x94\x72\x7a\x36\x38\xbb\x1c\x13\xf4\x8e\xf8\x15\x8b\xfc"
+               "\x9d";
+    a.inLen  = strlen(a.input);
+    a.outLen = strlen(a.output);
+
+    b.input  = "what do ya want for nothing?";
+    b.output = "\x75\x0c\x78\x3e\x6a\xb0\xb5\x03\xea\xa8\x6e\x31\x0a\x5d\xb7"
+               "\x38";
+    b.inLen  = strlen(b.input);
+    b.outLen = strlen(b.output);
+
+    c.input  = "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
+               "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
+               "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
+               "\xDD\xDD\xDD\xDD\xDD\xDD";
+    c.output = "\x56\xbe\x34\x52\x1d\x14\x4c\x88\xdb\xb8\xc7\x33\xf0\xe8\xb3"
+               "\xf6";
+    c.inLen  = strlen(c.input);
+    c.outLen = strlen(c.output);
+
+    test_hmac[0] = a;
+    test_hmac[1] = b;
+    test_hmac[2] = c;
+
+    for (i = 0; i < times; ++i) {
+#if defined(HAVE_FIPS)
+        if (i == 1)
+            continue; /* fips not allowed */
+#endif
+        ret = wc_HmacSetKey(&hmac, MD5, (byte*)keys[i], (word32)strlen(keys[i]));
+        if (ret != 0)
+            return -4014;
+        ret = wc_HmacUpdate(&hmac, (byte*)test_hmac[i].input,
+                   (word32)test_hmac[i].inLen);
+        if (ret != 0)
+            return -4015;
+        ret = wc_HmacFinal(&hmac, hash);
+        if (ret != 0)
+            return -4016;
+
+        if (memcmp(hash, test_hmac[i].output, MD5_DIGEST_SIZE) != 0)
+            return -20 - i;
+    }
+
+    return 0;
+}
+#endif
+
+#ifndef NO_HMAC
+int hmac_sha_test(void)
+{
+    Hmac hmac;
+    byte hash[SHA_DIGEST_SIZE];
+
+    const char* keys[]=
+    {
+        "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b"
+                                                                "\x0b\x0b\x0b",
+        "Jefe",
+        "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
+                                                                "\xAA\xAA\xAA"
+    };
+
+    testVector a, b, c;
+    testVector test_hmac[3];
+
+    int ret;
+    int times = sizeof(test_hmac) / sizeof(testVector), i;
+
+    a.input  = "Hi There";
+    a.output = "\xb6\x17\x31\x86\x55\x05\x72\x64\xe2\x8b\xc0\xb6\xfb\x37\x8c"
+               "\x8e\xf1\x46\xbe\x00";
+    a.inLen  = strlen(a.input);
+    a.outLen = strlen(a.output);
+
+    b.input  = "what do ya want for nothing?";
+    b.output = "\xef\xfc\xdf\x6a\xe5\xeb\x2f\xa2\xd2\x74\x16\xd5\xf1\x84\xdf"
+               "\x9c\x25\x9a\x7c\x79";
+    b.inLen  = strlen(b.input);
+    b.outLen = strlen(b.output);
+
+    c.input  = "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
+               "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
+               "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
+               "\xDD\xDD\xDD\xDD\xDD\xDD";
+    c.output = "\x12\x5d\x73\x42\xb9\xac\x11\xcd\x91\xa3\x9a\xf4\x8a\xa1\x7b"
+               "\x4f\x63\xf1\x75\xd3";
+    c.inLen  = strlen(c.input);
+    c.outLen = strlen(c.output);
+
+    test_hmac[0] = a;
+    test_hmac[1] = b;
+    test_hmac[2] = c;
+
+    for (i = 0; i < times; ++i) {
+#if defined(HAVE_FIPS)
+        if (i == 1)
+            continue; /* fips not allowed */
+#endif
+        ret = wc_HmacSetKey(&hmac, SHA, (byte*)keys[i], (word32)strlen(keys[i]));
+        if (ret != 0)
+            return -4017;
+        ret = wc_HmacUpdate(&hmac, (byte*)test_hmac[i].input,
+                   (word32)test_hmac[i].inLen);
+        if (ret != 0)
+            return -4018;
+        ret = wc_HmacFinal(&hmac, hash);
+        if (ret != 0)
+            return -4019;
+
+        if (memcmp(hash, test_hmac[i].output, SHA_DIGEST_SIZE) != 0)
+            return -20 - i;
+    }
+
+    return 0;
+}
+#endif
+
+#if !defined(NO_HMAC) && !defined(NO_SHA256)
+int hmac_sha256_test(void)
+{
+    Hmac hmac;
+    byte hash[SHA256_DIGEST_SIZE];
+
+    const char* keys[]=
+    {
+        "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b"
+                                                                "\x0b\x0b\x0b",
+        "Jefe",
+        "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
+                                                                "\xAA\xAA\xAA"
+    };
+
+    testVector a, b, c;
+    testVector test_hmac[3];
+
+    int ret;
+    int times = sizeof(test_hmac) / sizeof(testVector), i;
+
+    a.input  = "Hi There";
+    a.output = "\xb0\x34\x4c\x61\xd8\xdb\x38\x53\x5c\xa8\xaf\xce\xaf\x0b\xf1"
+               "\x2b\x88\x1d\xc2\x00\xc9\x83\x3d\xa7\x26\xe9\x37\x6c\x2e\x32"
+               "\xcf\xf7";
+    a.inLen  = strlen(a.input);
+    a.outLen = strlen(a.output);
+
+    b.input  = "what do ya want for nothing?";
+    b.output = "\x5b\xdc\xc1\x46\xbf\x60\x75\x4e\x6a\x04\x24\x26\x08\x95\x75"
+               "\xc7\x5a\x00\x3f\x08\x9d\x27\x39\x83\x9d\xec\x58\xb9\x64\xec"
+               "\x38\x43";
+    b.inLen  = strlen(b.input);
+    b.outLen = strlen(b.output);
+
+    c.input  = "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
+               "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
+               "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
+               "\xDD\xDD\xDD\xDD\xDD\xDD";
+    c.output = "\x77\x3e\xa9\x1e\x36\x80\x0e\x46\x85\x4d\xb8\xeb\xd0\x91\x81"
+               "\xa7\x29\x59\x09\x8b\x3e\xf8\xc1\x22\xd9\x63\x55\x14\xce\xd5"
+               "\x65\xfe";
+    c.inLen  = strlen(c.input);
+    c.outLen = strlen(c.output);
+
+    test_hmac[0] = a;
+    test_hmac[1] = b;
+    test_hmac[2] = c;
+
+    for (i = 0; i < times; ++i) {
+#if defined(HAVE_FIPS)
+        if (i == 1)
+            continue; /* fips not allowed */
+#endif
+        ret = wc_HmacSetKey(&hmac,SHA256, (byte*)keys[i], (word32)strlen(keys[i]));
+        if (ret != 0)
+            return -4020;
+        ret = wc_HmacUpdate(&hmac, (byte*)test_hmac[i].input,
+                   (word32)test_hmac[i].inLen);
+        if (ret != 0)
+            return -4021;
+        ret = wc_HmacFinal(&hmac, hash);
+        if (ret != 0)
+            return -4022;
+
+        if (memcmp(hash, test_hmac[i].output, SHA256_DIGEST_SIZE) != 0)
+            return -20 - i;
+    }
+
+    return 0;
+}
+#endif
+
+
+#if !defined(NO_HMAC) && defined(WOLFSSL_SHA384)
+int hmac_sha384_test(void)
+{
+    Hmac hmac;
+    byte hash[SHA384_DIGEST_SIZE];
+
+    const char* keys[]=
+    {
+        "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b"
+                                                                "\x0b\x0b\x0b",
+        "Jefe",
+        "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
+                                                                "\xAA\xAA\xAA"
+    };
+
+    testVector a, b, c;
+    testVector test_hmac[3];
+
+    int ret;
+    int times = sizeof(test_hmac) / sizeof(testVector), i;
+
+    a.input  = "Hi There";
+    a.output = "\xaf\xd0\x39\x44\xd8\x48\x95\x62\x6b\x08\x25\xf4\xab\x46\x90"
+               "\x7f\x15\xf9\xda\xdb\xe4\x10\x1e\xc6\x82\xaa\x03\x4c\x7c\xeb"
+               "\xc5\x9c\xfa\xea\x9e\xa9\x07\x6e\xde\x7f\x4a\xf1\x52\xe8\xb2"
+               "\xfa\x9c\xb6";
+    a.inLen  = strlen(a.input);
+    a.outLen = strlen(a.output);
+
+    b.input  = "what do ya want for nothing?";
+    b.output = "\xaf\x45\xd2\xe3\x76\x48\x40\x31\x61\x7f\x78\xd2\xb5\x8a\x6b"
+               "\x1b\x9c\x7e\xf4\x64\xf5\xa0\x1b\x47\xe4\x2e\xc3\x73\x63\x22"
+               "\x44\x5e\x8e\x22\x40\xca\x5e\x69\xe2\xc7\x8b\x32\x39\xec\xfa"
+               "\xb2\x16\x49";
+    b.inLen  = strlen(b.input);
+    b.outLen = strlen(b.output);
+
+    c.input  = "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
+               "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
+               "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
+               "\xDD\xDD\xDD\xDD\xDD\xDD";
+    c.output = "\x88\x06\x26\x08\xd3\xe6\xad\x8a\x0a\xa2\xac\xe0\x14\xc8\xa8"
+               "\x6f\x0a\xa6\x35\xd9\x47\xac\x9f\xeb\xe8\x3e\xf4\xe5\x59\x66"
+               "\x14\x4b\x2a\x5a\xb3\x9d\xc1\x38\x14\xb9\x4e\x3a\xb6\xe1\x01"
+               "\xa3\x4f\x27";
+    c.inLen  = strlen(c.input);
+    c.outLen = strlen(c.output);
+
+    test_hmac[0] = a;
+    test_hmac[1] = b;
+    test_hmac[2] = c;
+
+    for (i = 0; i < times; ++i) {
+#if defined(HAVE_FIPS)
+        if (i == 1)
+            continue; /* fips not allowed */
+#endif
+        ret = wc_HmacSetKey(&hmac,SHA384, (byte*)keys[i], (word32)strlen(keys[i]));
+        if (ret != 0)
+            return -4023;
+        ret = wc_HmacUpdate(&hmac, (byte*)test_hmac[i].input,
+                   (word32)test_hmac[i].inLen);
+        if (ret != 0)
+            return -4024;
+        ret = wc_HmacFinal(&hmac, hash);
+        if (ret != 0)
+            return -4025;
+
+        if (memcmp(hash, test_hmac[i].output, SHA384_DIGEST_SIZE) != 0)
+            return -20 - i;
+    }
+
+    return 0;
+}
+#endif
+
diff --git a/3P/wolfssl/tests/include.am b/3P/wolfssl/tests/include.am
new file mode 100644
index 00000000..00645852
--- /dev/null
+++ b/3P/wolfssl/tests/include.am
@@ -0,0 +1,23 @@
+# vim:ft=automake
+# included from Top Level Makefile.am
+# All paths should be given relative to the root
+
+
+if BUILD_EXAMPLES
+check_PROGRAMS += tests/unit.test
+noinst_PROGRAMS += tests/unit.test
+tests_unit_test_SOURCES = \
+                  tests/unit.c \
+                  tests/api.c \
+                  tests/suites.c \
+                  tests/hash.c \
+                  examples/client/client.c \
+                  examples/server/server.c
+tests_unit_test_CFLAGS       = -DNO_MAIN_DRIVER $(AM_CFLAGS)
+tests_unit_test_LDADD        = src/libwolfssl.la
+tests_unit_test_DEPENDENCIES = src/libwolfssl.la
+endif
+EXTRA_DIST += tests/unit.h
+EXTRA_DIST += tests/test.conf \
+              tests/test-dtls.conf
+DISTCLEANFILES+= tests/.libs/unit.test
diff --git a/3P/wolfssl/tests/suites.c b/3P/wolfssl/tests/suites.c
new file mode 100644
index 00000000..3caea041
--- /dev/null
+++ b/3P/wolfssl/tests/suites.c
@@ -0,0 +1,468 @@
+/* suites.c
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+#ifdef HAVE_CONFIG_H
+    #include 
+#endif
+
+#include 
+
+#include 
+#include 
+#include 
+#include 
+#include 
+
+
+#define MAX_ARGS 40
+#define MAX_COMMAND_SZ 240
+#define MAX_SUITE_SZ 80 
+#define NOT_BUILT_IN -123
+#ifdef NO_OLD_TLS
+    #define VERSION_TOO_OLD -124
+#endif
+
+#include "examples/client/client.h"
+#include "examples/server/server.h"
+
+
+static WOLFSSL_CTX* cipherSuiteCtx = NULL;
+static char nonblockFlag[] = "-N";
+static char noVerifyFlag[] = "-d";
+static char portFlag[] = "-p";
+static char flagSep[] = " ";
+static char svrPort[] = "0";
+
+
+#ifdef NO_OLD_TLS
+/* if the protocol version is less than tls 1.2 return 1, else 0 */
+static int IsOldTlsVersion(const char* line)
+{
+    const char* find = "-v ";
+    char* begin = strstr(line, find);
+
+    if (begin) {
+        int version = -1;
+
+        begin += 3;
+
+        version = atoi(begin);
+
+        if (version < 3)
+            return 1;
+    }
+
+    return 0;
+} 
+#endif /* NO_OLD_TLS */
+
+
+/* if the cipher suite on line is valid store in suite and return 1, else 0 */
+static int IsValidCipherSuite(const char* line, char* suite)
+{
+    int  found = 0;
+    int  valid = 0;
+
+    const char* find = "-l ";
+    const char* begin = strstr(line, find);
+    const char* end;
+
+    suite[0] = '\0';
+
+    if (begin) {
+        begin += 3;
+
+        end = strstr(begin, " ");
+
+        if (end) {
+            long len = end - begin;
+            if (len > MAX_SUITE_SZ) {
+                printf("suite too long!\n");
+                return 0;
+            }
+            memcpy(suite, begin, len);
+            suite[len] = '\0';
+        }
+        else
+            strncpy(suite, begin, MAX_SUITE_SZ);
+
+        suite[MAX_SUITE_SZ] = '\0';
+        found = 1;
+    }
+
+    if (found) {
+        if (CyaSSL_CTX_set_cipher_list(cipherSuiteCtx, suite) == SSL_SUCCESS)
+            valid = 1;
+    }
+
+    return valid;
+}
+
+
+static int execute_test_case(int svr_argc, char** svr_argv,
+                              int cli_argc, char** cli_argv,
+                              int addNoVerify, int addNonBlocking)
+{
+#ifdef WOLFSSL_TIRTOS
+    func_args cliArgs = {0};
+    func_args svrArgs = {0};
+    cliArgs.argc = cli_argc;
+    cliArgs.argv = cli_argv;
+    svrArgs.argc = svr_argc;
+    svrArgs.argv = svr_argv;
+#else
+    func_args cliArgs = {cli_argc, cli_argv, 0, NULL, NULL};
+    func_args svrArgs = {svr_argc, svr_argv, 0, NULL, NULL};
+#endif
+
+    tcp_ready   ready;
+    THREAD_TYPE serverThread;
+    char        commandLine[MAX_COMMAND_SZ];
+    char        cipherSuite[MAX_SUITE_SZ+1];
+    int         i;
+    size_t      added = 0;
+    static      int tests = 1;
+
+    commandLine[0] = '\0';
+    for (i = 0; i < svr_argc; i++) {
+        added += strlen(svr_argv[i]) + 2;
+        if (added >= MAX_COMMAND_SZ) {
+            printf("server command line too long\n"); 
+            break;
+        }
+        strcat(commandLine, svr_argv[i]);
+        strcat(commandLine, flagSep);
+    }
+
+    if (IsValidCipherSuite(commandLine, cipherSuite) == 0) {
+        #ifdef DEBUG_SUITE_TESTS
+            printf("cipher suite %s not supported in build\n", cipherSuite);
+        #endif
+        return NOT_BUILT_IN;
+    }
+
+#ifdef NO_OLD_TLS
+    if (IsOldTlsVersion(commandLine) == 1) {
+        #ifdef DEBUG_SUITE_TESTS
+            printf("protocol version on line %s is too old\n", commandLine);
+        #endif
+        return VERSION_TOO_OLD;
+    }
+#endif
+
+    if (addNoVerify) {
+        printf("repeating test with client cert request off\n"); 
+        added += 4;   /* -d plus space plus terminator */
+        if (added >= MAX_COMMAND_SZ || svr_argc >= MAX_ARGS)
+            printf("server command line too long\n");
+        else {
+            svr_argv[svr_argc++] = noVerifyFlag;
+            svrArgs.argc = svr_argc;
+            strcat(commandLine, noVerifyFlag);
+            strcat(commandLine, flagSep);
+        }
+    }
+    if (addNonBlocking) {
+        printf("repeating test with non blocking on\n"); 
+        added += 4;   /* -N plus terminator */
+        if (added >= MAX_COMMAND_SZ || svr_argc >= MAX_ARGS)
+            printf("server command line too long\n");
+        else {
+            svr_argv[svr_argc++] = nonblockFlag;
+            svrArgs.argc = svr_argc;
+            strcat(commandLine, nonblockFlag);
+            strcat(commandLine, flagSep);
+        }
+    }
+    #if !defined(USE_WINDOWS_API) && !defined(WOLFSSL_TIRTOS)
+        /* add port 0 */
+        if (svr_argc + 2 > MAX_ARGS)
+            printf("cannot add the magic port number flag to server\n");
+        else
+        {
+            svr_argv[svr_argc++] = portFlag;
+            svr_argv[svr_argc++] = svrPort;
+            svrArgs.argc = svr_argc;
+        }
+    #endif
+    printf("trying server command line[%d]: %s\n", tests, commandLine);
+
+    commandLine[0] = '\0';
+    added = 0;
+    for (i = 0; i < cli_argc; i++) {
+        added += strlen(cli_argv[i]) + 2;
+        if (added >= MAX_COMMAND_SZ) {
+            printf("client command line too long\n"); 
+            break;
+        }
+        strcat(commandLine, cli_argv[i]);
+        strcat(commandLine, flagSep);
+    }
+    if (addNonBlocking) {
+        added += 4;   /* -N plus space plus terminator  */
+        if (added >= MAX_COMMAND_SZ)
+            printf("client command line too long\n");
+        else  {
+            cli_argv[cli_argc++] = nonblockFlag;
+            strcat(commandLine, nonblockFlag);
+            strcat(commandLine, flagSep);
+            cliArgs.argc = cli_argc;
+        }
+    }
+    printf("trying client command line[%d]: %s\n", tests++, commandLine);
+
+    InitTcpReady(&ready);
+
+#ifdef WOLFSSL_TIRTOS
+    fdOpenSession(Task_self());
+#endif
+
+    /* start server */
+    svrArgs.signal = &ready;
+    start_thread(server_test, &svrArgs, &serverThread);
+    wait_tcp_ready(&svrArgs);
+    #if !defined(USE_WINDOWS_API) && !defined(WOLFSSL_TIRTOS)
+        if (ready.port != 0)
+        {
+            if (cli_argc + 2 > MAX_ARGS)
+                printf("cannot add the magic port number flag to client\n");
+            else {
+                char portNumber[8];
+                snprintf(portNumber, sizeof(portNumber), "%d", ready.port);
+                cli_argv[cli_argc++] = portFlag;
+                cli_argv[cli_argc++] = portNumber;
+                cliArgs.argc = cli_argc;
+            }
+        }
+    #endif
+    /* start client */
+    client_test(&cliArgs);
+
+    /* verify results */ 
+    if (cliArgs.return_code != 0) {
+        printf("client_test failed\n");
+        exit(EXIT_FAILURE);
+    }
+
+    join_thread(serverThread);
+    if (svrArgs.return_code != 0) { 
+        printf("server_test failed\n");
+        exit(EXIT_FAILURE);
+    }
+
+#ifdef WOLFSSL_TIRTOS
+    fdCloseSession(Task_self());
+#endif
+    FreeTcpReady(&ready);
+    
+    return 0;
+}
+
+static void test_harness(void* vargs)
+{
+    func_args* args = (func_args*)vargs;
+    char* script;
+    long  sz, len;
+    int   cliMode = 0;   /* server or client command flag, server first */
+    int   ret;
+    FILE* file;
+    char* svrArgs[MAX_ARGS];
+    int   svrArgsSz;
+    char* cliArgs[MAX_ARGS];
+    int   cliArgsSz;
+    char* cursor;
+    char* comment;
+    const char* fname = "tests/test.conf";
+
+    if (args->argc == 1) {
+        printf("notice: using default file %s\n", fname);
+    }
+    else if(args->argc != 2) {
+        printf("usage: harness [FILE]\n");
+        args->return_code = 1;
+        return;
+    }
+    else {
+        fname = args->argv[1];
+    }
+
+    file = fopen(fname, "r");
+    if (file == NULL) {
+        fprintf(stderr, "unable to open %s\n", fname);
+        args->return_code = 1;
+        return;
+    }
+    fseek(file, 0, SEEK_END);
+    sz = ftell(file);
+    rewind(file);
+    if (sz <= 0) {
+        fprintf(stderr, "%s is empty\n", fname);
+        fclose(file);
+        args->return_code = 1;
+        return;
+    }
+
+    script = (char*)malloc(sz+1);
+    if (script == 0) {
+        fprintf(stderr, "unable to allocte script buffer\n");
+        fclose(file);
+        args->return_code = 1;
+        return;
+    }
+
+    len = fread(script, 1, sz, file);
+    if (len != sz) {
+        fprintf(stderr, "read error\n");
+        fclose(file);
+        free(script);
+        args->return_code = 1;
+        return;
+    }
+    
+    fclose(file);
+    script[sz] = 0;
+
+    cursor = script;
+    svrArgsSz = 1;
+    svrArgs[0] = args->argv[0];
+    cliArgsSz = 1;
+    cliArgs[0] = args->argv[0];
+
+    while (*cursor != 0) {
+        int do_it = 0;
+
+        switch (*cursor) {
+            case '\n':
+                /* A blank line triggers test case execution or switches
+                   to client mode if we don't have the client command yet */
+                if (cliMode == 0)
+                    cliMode = 1;  /* switch to client mode processing */
+                else
+                    do_it = 1;    /* Do It, we have server and client */
+                cursor++;
+                break;
+            case '#':
+                /* Ignore lines that start with a #. */
+                comment = strsep(&cursor, "\n");
+#ifdef DEBUG_SUITE_TESTS
+                printf("%s\n", comment);
+#else
+                (void)comment;
+#endif
+                break;
+            case '-':
+                /* Parameters start with a -. They end in either a newline
+                 * or a space. Capture until either, save in Args list. */
+                if (cliMode)
+                    cliArgs[cliArgsSz++] = strsep(&cursor, " \n");
+                else
+                    svrArgs[svrArgsSz++] = strsep(&cursor, " \n");
+                break;
+            default:
+                /* Anything from cursor until end of line that isn't the above
+                 * is data for a paramter. Just up until the next newline in
+                 * the Args list. */
+                if (cliMode)
+                    cliArgs[cliArgsSz++] = strsep(&cursor, "\n");
+                else
+                    svrArgs[svrArgsSz++] = strsep(&cursor, "\n");
+                if (*cursor == 0)  /* eof */
+                    do_it = 1; 
+        }
+
+        if (svrArgsSz == MAX_ARGS || cliArgsSz == MAX_ARGS) {
+            fprintf(stderr, "too many arguments, forcing test run\n");
+            do_it = 1;
+        }
+
+        if (do_it) {
+            ret = execute_test_case(svrArgsSz, svrArgs, cliArgsSz, cliArgs,0,0);
+            /* don't repeat if not supported in build */
+            if (ret == 0) {
+                execute_test_case(svrArgsSz, svrArgs, cliArgsSz, cliArgs, 0, 1);
+                execute_test_case(svrArgsSz, svrArgs, cliArgsSz, cliArgs, 1, 0);
+                execute_test_case(svrArgsSz, svrArgs, cliArgsSz, cliArgs, 1, 1);
+            }
+            svrArgsSz = 1;
+            cliArgsSz = 1;
+            cliMode   = 0;
+        }
+    }
+
+    free(script);
+    args->return_code = 0;
+}
+
+
+int SuiteTest(void)
+{
+    func_args args;
+    char argv0[2][80];
+    char* myArgv[2];
+
+    printf(" Begin Cipher Suite Tests\n");
+
+    /* setup */
+    myArgv[0] = argv0[0];
+    myArgv[1] = argv0[1];
+    args.argv = myArgv;
+    strcpy(argv0[0], "SuiteTest");
+
+    (void)test_harness;
+
+    cipherSuiteCtx = CyaSSL_CTX_new(CyaTLSv1_2_client_method());
+    if (cipherSuiteCtx == NULL) {
+        printf("can't get cipher suite ctx\n");
+        exit(EXIT_FAILURE);  
+    }
+
+    /* default case */
+    args.argc = 1;
+    printf("starting default cipher suite tests\n");
+    test_harness(&args);
+    if (args.return_code != 0) {
+        printf("error from script %d\n", args.return_code);
+        exit(EXIT_FAILURE);  
+    }
+
+    /* any extra cases will need another argument */
+    args.argc = 2;
+
+#ifdef WOLFSSL_DTLS 
+    /* add dtls extra suites */
+    strcpy(argv0[1], "tests/test-dtls.conf");
+    printf("starting dtls extra cipher suite tests\n");
+    test_harness(&args);
+    if (args.return_code != 0) {
+        printf("error from script %d\n", args.return_code);
+        exit(EXIT_FAILURE);  
+    }
+#endif
+
+    printf(" End Cipher Suite Tests\n");
+
+    CyaSSL_CTX_free(cipherSuiteCtx);
+    CyaSSL_Cleanup();
+
+    return args.return_code;
+}
+
+
diff --git a/3P/wolfssl/tests/test-dtls.conf b/3P/wolfssl/tests/test-dtls.conf
new file mode 100644
index 00000000..7a9c041e
--- /dev/null
+++ b/3P/wolfssl/tests/test-dtls.conf
@@ -0,0 +1,908 @@
+# server DTLSv1 DHE-RSA-CHACHA20-POLY1305
+-u
+-v 2
+-l DHE-RSA-CHACHA20-POLY1305
+
+# client DTLSv1 DHE-RSA-CHACHA20-POLY1305
+-u
+-v 2
+-l DHE-RSA-CHACHA20-POLY1305
+
+# server DTLSv1 ECDHE-RSA-CHACHA20-POLY1305
+-u
+-v 2 
+-l ECDHE-RSA-CHACHA20-POLY1305
+
+# client DTLSv1 ECDHE-RSA-CHACHA20-POLY1305
+-u
+-v 2
+-l ECDHE-RSA-CHACHA20-POLY1305
+
+# server DTLSv1 ECDHE-EDCSA-CHACHA20-POLY1305
+-u
+-v 2
+-l ECDHE-ECDSA-CHACHA20-POLY1305
+-c ./certs/server-ecc.pem
+-k ./certs/ecc-key.pem
+
+# client DTLSv1 ECDHE-ECDSA-CHACHA20-POLY1305
+-u
+-v 2
+-l ECDHE-ECDSA-CHACHA20-POLY1305
+-A ./certs/server-ecc.pem
+
+# server DTLSv1.2 DHE-RSA-CHACHA20-POLY1305
+-u
+-v 3
+-l DHE-RSA-CHACHA20-POLY1305
+
+# client DTLSv1.2 DHE-RSA-CHACHA20-POLY1305
+-u
+-v 3
+-l DHE-RSA-CHACHA20-POLY1305
+
+# server DTLSv1.2 ECDHE-RSA-CHACHA20-POLY1305
+-u
+-v 3 
+-l ECDHE-RSA-CHACHA20-POLY1305
+
+# client DTLSv1.2 ECDHE-RSA-CHACHA20-POLY1305
+-u
+-v 3
+-l ECDHE-RSA-CHACHA20-POLY1305
+
+# server DTLSv1.2 ECDHE-EDCSA-CHACHA20-POLY1305
+-u
+-v 3
+-l ECDHE-ECDSA-CHACHA20-POLY1305
+-c ./certs/server-ecc.pem
+-k ./certs/ecc-key.pem
+
+# client DTLSv1.2 ECDHE-ECDSA-CHACHA20-POLY1305
+-u
+-v 3
+-l ECDHE-ECDSA-CHACHA20-POLY1305
+-A ./certs/server-ecc.pem
+
+# server DTLSv1 RC4-SHA
+-u
+-v 2
+-l RC4-SHA
+
+# client DTLSv1 RC4-SHA
+-u
+-v 2
+-l RC4-SHA
+
+# server DTLSv1.2 RC4-SHA
+-u
+-v 3
+-l RC4-SHA
+
+# client DTLSv1.2 RC4-SHA
+-u
+-v 3
+-l RC4-SHA
+
+# server DTLSv1 DES-CBC3-SHA
+-u
+-v 2
+-l DES-CBC3-SHA
+
+# client DTLSv1 DES-CBC3-SHA
+-u
+-v 2
+-l DES-CBC3-SHA
+
+# server DTLSv1.2 DES-CBC3-SHA
+-u
+-v 3
+-l DES-CBC3-SHA
+
+# client DTLSv1.2 DES-CBC3-SHA
+-u
+-v 3
+-l DES-CBC3-SHA
+
+# server DTLSv1 AES128-SHA
+-u
+-v 2
+-l AES128-SHA
+
+# client DTLSv1 AES128-SHA
+-u
+-v 2
+-l AES128-SHA
+
+# server DTLSv1.2 AES128-SHA
+-u
+-v 3
+-l AES128-SHA
+
+# client DTLSv1.2 AES128-SHA
+-u
+-v 3
+-l AES128-SHA
+
+# server DTLSv1 AES256-SHA
+-u
+-v 2
+-l AES256-SHA
+
+# client DTLSv1 AES256-SHA
+-u
+-v 2
+-l AES256-SHA
+
+# server DTLSv1.2 AES256-SHA
+-u
+-v 3
+-l AES256-SHA
+
+# client DTLSv1.2 AES256-SHA
+-u
+-v 3
+-l AES256-SHA
+
+# server DTLSv1 AES128-SHA256
+-u
+-v 2
+-l AES128-SHA256
+
+# client DTLSv1 AES128-SHA256
+-u
+-v 2
+-l AES128-SHA256
+
+# server DTLSv1.2 AES128-SHA256
+-u
+-v 3
+-l AES128-SHA256
+
+# client DTLSv1.2 AES128-SHA256
+-u
+-v 3
+-l AES128-SHA256
+
+# server DTLSv1 AES256-SHA256
+-u
+-v 2
+-l AES256-SHA256
+
+# client DTLSv1 AES256-SHA256
+-u
+-v 2
+-l AES256-SHA256
+
+# server DTLSv1.2 AES256-SHA256
+-u
+-v 3
+-l AES256-SHA256
+
+# client DTLSv1.2 AES256-SHA256
+-u
+-v 3
+-l AES256-SHA256
+
+# server DTLSv1 ECDHE-RSA-RC4
+-u
+-v 2
+-l ECDHE-RSA-RC4-SHA
+
+# client DTLSv1 ECDHE-RSA-RC4
+-u
+-v 2
+-l ECDHE-RSA-RC4-SHA
+
+# server DTLSv1.1 ECDHE-RSA-DES3
+-u
+-v 2
+-l ECDHE-RSA-DES-CBC3-SHA
+
+# client DTLSv1.1 ECDHE-RSA-DES3
+-u
+-v 2
+-l ECDHE-RSA-DES-CBC3-SHA
+
+# server DTLSv1.1 ECDHE-RSA-AES128 
+-u
+-v 2
+-l ECDHE-RSA-AES128-SHA
+
+# client DTLSv1.1 ECDHE-RSA-AES128 
+-u
+-v 2
+-l ECDHE-RSA-AES128-SHA
+
+# server DTLSv1.1 ECDHE-RSA-AES256
+-u
+-v 2
+-l ECDHE-RSA-AES256-SHA
+
+# client DTLSv1.1 ECDHE-RSA-AES256
+-u
+-v 2
+-l ECDHE-RSA-AES256-SHA
+
+# server DTLSv1.2 ECDHE-RSA-RC4
+-u
+-v 3
+-l ECDHE-RSA-RC4-SHA
+
+# client DTLSv1.2 ECDHE-RSA-RC4
+-u
+-v 3
+-l ECDHE-RSA-RC4-SHA
+
+# server DTLSv1.2 ECDHE-RSA-DES3
+-u
+-v 3
+-l ECDHE-RSA-DES-CBC3-SHA
+
+# client DTLSv1.2 ECDHE-RSA-DES3
+-u
+-v 3
+-l ECDHE-RSA-DES-CBC3-SHA
+
+# server DTLSv1.2 ECDHE-RSA-AES128 
+-u
+-v 3
+-l ECDHE-RSA-AES128-SHA
+
+# client DTLSv1.2 ECDHE-RSA-AES128 
+-u
+-v 3
+-l ECDHE-RSA-AES128-SHA
+
+# server DTLSv1.2 ECDHE-RSA-AES128-SHA256
+-u
+-v 3
+-l ECDHE-RSA-AES128-SHA256
+
+# client DTLSv1.2 ECDHE-RSA-AES128-SHA256 
+-u
+-v 3
+-l ECDHE-RSA-AES128-SHA256
+
+# server DTLSv1.2 ECDHE-RSA-AES256
+-u
+-v 3
+-l ECDHE-RSA-AES256-SHA
+
+# client DTLSv1.2 ECDHE-RSA-AES256
+-u
+-v 3
+-l ECDHE-RSA-AES256-SHA
+
+# server DTLSv1.1 ECDHE-EDCSA-RC4
+-u
+-v 2
+-l ECDHE-ECDSA-RC4-SHA
+-c ./certs/server-ecc.pem
+-k ./certs/ecc-key.pem
+
+# client DTLSv1.1 ECDHE-ECDSA-RC4
+-u
+-v 2
+-l ECDHE-ECDSA-RC4-SHA
+-A ./certs/server-ecc.pem
+
+# server DTLSv1.1 ECDHE-ECDSA-DES3
+-u
+-v 2
+-l ECDHE-ECDSA-DES-CBC3-SHA
+-c ./certs/server-ecc.pem
+-k ./certs/ecc-key.pem
+
+# client DTLSv1.1 ECDHE-ECDSA-DES3
+-u
+-v 2
+-l ECDHE-ECDSA-DES-CBC3-SHA
+-A ./certs/server-ecc.pem
+
+# server DTLSv1.1 ECDHE-ECDSA-AES128 
+-u
+-v 2
+-l ECDHE-ECDSA-AES128-SHA
+-c ./certs/server-ecc.pem
+-k ./certs/ecc-key.pem
+
+# client DTLSv1.1 ECDHE-ECDSA-AES128 
+-u
+-v 2
+-l ECDHE-ECDSA-AES128-SHA
+-A ./certs/server-ecc.pem
+
+# server DTLSv1.1 ECDHE-ECDSA-AES256
+-u
+-v 2
+-l ECDHE-ECDSA-AES256-SHA
+-c ./certs/server-ecc.pem
+-k ./certs/ecc-key.pem
+
+# client DTLSv1.1 ECDHE-ECDSA-AES256
+-u
+-v 2
+-l ECDHE-ECDSA-AES256-SHA
+-A ./certs/server-ecc.pem
+
+# server DTLSv1.2 ECDHE-ECDSA-RC4
+-u
+-v 3
+-l ECDHE-ECDSA-RC4-SHA
+-c ./certs/server-ecc.pem
+-k ./certs/ecc-key.pem
+
+# client DTLSv1.2 ECDHE-ECDSA-RC4
+-u
+-v 3
+-l ECDHE-ECDSA-RC4-SHA
+-A ./certs/server-ecc.pem
+
+# server DTLSv1.2 ECDHE-ECDSA-DES3
+-u
+-v 3
+-l ECDHE-ECDSA-DES-CBC3-SHA
+-c ./certs/server-ecc.pem
+-k ./certs/ecc-key.pem
+
+# client DTLSv1.2 ECDHE-ECDSA-DES3
+-u
+-v 3
+-l ECDHE-ECDSA-DES-CBC3-SHA
+-A ./certs/server-ecc.pem
+
+# server DTLSv1.2 ECDHE-ECDSA-AES128 
+-u
+-v 3
+-l ECDHE-ECDSA-AES128-SHA
+-c ./certs/server-ecc.pem
+-k ./certs/ecc-key.pem
+
+# client DTLSv1.2 ECDHE-ECDSA-AES128 
+-u
+-v 3
+-l ECDHE-ECDSA-AES128-SHA
+-A ./certs/server-ecc.pem
+
+# server DTLSv1.2 ECDHE-ECDSA-AES128-SHA256
+-u
+-v 3
+-l ECDHE-ECDSA-AES128-SHA256
+-c ./certs/server-ecc.pem
+-k ./certs/ecc-key.pem
+
+# client DTLSv1.2 ECDHE-ECDSA-AES128-SHA256
+-u
+-v 3
+-l ECDHE-ECDSA-AES128-SHA256
+-A ./certs/server-ecc.pem
+
+# server DTLSv1.2 ECDHE-ECDSA-AES256
+-u
+-v 3
+-l ECDHE-ECDSA-AES256-SHA
+-c ./certs/server-ecc.pem
+-k ./certs/ecc-key.pem
+
+# client DTLSv1.2 ECDHE-ECDSA-AES256
+-u
+-v 3
+-l ECDHE-ECDSA-AES256-SHA
+-A ./certs/server-ecc.pem
+
+# server DTLSv1.1 ECDH-RSA-RC4
+-u
+-v 2
+-l ECDH-RSA-RC4-SHA
+-c ./certs/server-ecc-rsa.pem
+-k ./certs/ecc-key.pem
+
+# client DTLSv1.1 ECDH-RSA-RC4
+-u
+-v 2
+-l ECDH-RSA-RC4-SHA
+
+# server DTLSv1.1 ECDH-RSA-DES3
+-u
+-v 2
+-l ECDH-RSA-DES-CBC3-SHA
+-c ./certs/server-ecc-rsa.pem
+-k ./certs/ecc-key.pem
+
+# client DTLSv1.1 ECDH-RSA-DES3
+-u
+-v 2
+-l ECDH-RSA-DES-CBC3-SHA
+
+# server DTLSv1.1 ECDH-RSA-AES128 
+-u
+-v 2
+-l ECDH-RSA-AES128-SHA
+-c ./certs/server-ecc-rsa.pem
+-k ./certs/ecc-key.pem
+
+# client DTLSv1.1 ECDH-RSA-AES128 
+-u
+-v 2
+-l ECDH-RSA-AES128-SHA
+
+# server DTLSv1.1 ECDH-RSA-AES256
+-u
+-v 2
+-l ECDH-RSA-AES256-SHA
+-c ./certs/server-ecc-rsa.pem
+-k ./certs/ecc-key.pem
+
+# client DTLSv1.1 ECDH-RSA-AES256
+-u
+-v 2
+-l ECDH-RSA-AES256-SHA
+
+# server DTLSv1.2 ECDH-RSA-RC4
+-u
+-v 3
+-l ECDH-RSA-RC4-SHA
+-c ./certs/server-ecc-rsa.pem
+-k ./certs/ecc-key.pem
+
+# client DTLSv1.2 ECDH-RSA-RC4
+-u
+-v 3
+-l ECDH-RSA-RC4-SHA
+
+# server DTLSv1.2 ECDH-RSA-DES3
+-u
+-v 3
+-l ECDH-RSA-DES-CBC3-SHA
+-c ./certs/server-ecc-rsa.pem
+-k ./certs/ecc-key.pem
+
+# client DTLSv1.2 ECDH-RSA-DES3
+-u
+-v 3
+-l ECDH-RSA-DES-CBC3-SHA
+
+# server DTLSv1.2 ECDH-RSA-AES128 
+-u
+-v 3
+-l ECDH-RSA-AES128-SHA
+-c ./certs/server-ecc-rsa.pem
+-k ./certs/ecc-key.pem
+
+# client DTLSv1.2 ECDH-RSA-AES128 
+-u
+-v 3
+-l ECDH-RSA-AES128-SHA
+
+# server DTLSv1.2 ECDH-RSA-AES128-SHA256 
+-u
+-v 3
+-l ECDH-RSA-AES128-SHA256
+-c ./certs/server-ecc-rsa.pem
+-k ./certs/ecc-key.pem
+
+# client DTLSv1.2 ECDH-RSA-AES128-SHA256 
+-u
+-v 3
+-l ECDH-RSA-AES128-SHA256
+
+# server DTLSv1.2 ECDH-RSA-AES256
+-u
+-v 3
+-l ECDH-RSA-AES256-SHA
+-c ./certs/server-ecc-rsa.pem
+-k ./certs/ecc-key.pem
+
+# client DTLSv1.2 ECDH-RSA-AES256
+-u
+-v 3
+-l ECDH-RSA-AES256-SHA
+
+# server DTLSv1.1 ECDH-EDCSA-RC4
+-u
+-v 2
+-l ECDH-ECDSA-RC4-SHA
+-c ./certs/server-ecc.pem
+-k ./certs/ecc-key.pem
+
+# client DTLSv1.1 ECDH-ECDSA-RC4
+-u
+-v 2
+-l ECDH-ECDSA-RC4-SHA
+-A ./certs/server-ecc.pem
+
+# server DTLSv1.1 ECDH-ECDSA-DES3
+-u
+-v 2
+-l ECDH-ECDSA-DES-CBC3-SHA
+-c ./certs/server-ecc.pem
+-k ./certs/ecc-key.pem
+
+# client DTLSv1.1 ECDH-ECDSA-DES3
+-u
+-v 2
+-l ECDH-ECDSA-DES-CBC3-SHA
+-A ./certs/server-ecc.pem
+
+# server DTLSv1.1 ECDH-ECDSA-AES128 
+-u
+-v 2
+-l ECDH-ECDSA-AES128-SHA
+-c ./certs/server-ecc.pem
+-k ./certs/ecc-key.pem
+
+# client DTLSv1.1 ECDH-ECDSA-AES128 
+-u
+-v 2
+-l ECDH-ECDSA-AES128-SHA
+-A ./certs/server-ecc.pem
+
+# server DTLSv1.1 ECDH-ECDSA-AES256
+-u
+-v 2
+-l ECDH-ECDSA-AES256-SHA
+-c ./certs/server-ecc.pem
+-k ./certs/ecc-key.pem
+
+# client DTLSv1.1 ECDH-ECDSA-AES256
+-u
+-v 2
+-l ECDH-ECDSA-AES256-SHA
+-A ./certs/server-ecc.pem
+
+# server DTLSv1.2 ECDHE-ECDSA-RC4
+-u
+-v 3
+-l ECDH-ECDSA-RC4-SHA
+-c ./certs/server-ecc.pem
+-k ./certs/ecc-key.pem
+
+# client DTLSv1.2 ECDH-ECDSA-RC4
+-u
+-v 3
+-l ECDH-ECDSA-RC4-SHA
+-A ./certs/server-ecc.pem
+
+# server DTLSv1.2 ECDH-ECDSA-DES3
+-u
+-v 3
+-l ECDH-ECDSA-DES-CBC3-SHA
+-c ./certs/server-ecc.pem
+-k ./certs/ecc-key.pem
+
+# client DTLSv1.2 ECDH-ECDSA-DES3
+-u
+-v 3
+-l ECDH-ECDSA-DES-CBC3-SHA
+-A ./certs/server-ecc.pem
+
+# server DTLSv1.2 ECDH-ECDSA-AES128 
+-u
+-v 3
+-l ECDH-ECDSA-AES128-SHA
+-c ./certs/server-ecc.pem
+-k ./certs/ecc-key.pem
+
+# client DTLSv1.2 ECDH-ECDSA-AES128 
+-u
+-v 3
+-l ECDH-ECDSA-AES128-SHA
+-A ./certs/server-ecc.pem
+
+# server DTLSv1.2 ECDH-ECDSA-AES128-SHA256
+-u
+-v 3
+-l ECDH-ECDSA-AES128-SHA256
+-c ./certs/server-ecc.pem
+-k ./certs/ecc-key.pem
+
+# client DTLSv1.2 ECDH-ECDSA-AES128-SHA256 
+-u
+-v 3
+-l ECDH-ECDSA-AES128-SHA256
+-A ./certs/server-ecc.pem
+
+# server DTLSv1.2 ECDH-ECDSA-AES256
+-u
+-v 3
+-l ECDH-ECDSA-AES256-SHA
+-c ./certs/server-ecc.pem
+-k ./certs/ecc-key.pem
+
+# client DTLSv1.2 ECDH-ECDSA-AES256
+-u
+-v 3
+-l ECDH-ECDSA-AES256-SHA
+-A ./certs/server-ecc.pem
+
+# server DTLSv1.2 ECDHE-RSA-AES256-SHA384 
+-u
+-v 3
+-l ECDHE-RSA-AES256-SHA384
+
+# client DTLSv1.2 ECDHE-RSA-AES256-SHA384 
+-u
+-v 3
+-l ECDHE-RSA-AES256-SHA384
+
+# server DTLSv1.2 ECDHE-ECDSA-AES256-SHA384
+-u
+-v 3
+-l ECDHE-ECDSA-AES256-SHA384
+-c ./certs/server-ecc.pem
+-k ./certs/ecc-key.pem
+
+# client DTLSv1.2 ECDHE-ECDSA-AES256-SHA384
+-u
+-v 3
+-l ECDHE-ECDSA-AES256-SHA384
+-A ./certs/server-ecc.pem
+
+# server DTLSv1.2 ECDH-RSA-AES256-SHA384 
+-u
+-v 3
+-l ECDH-RSA-AES256-SHA384
+-c ./certs/server-ecc-rsa.pem
+-k ./certs/ecc-key.pem
+
+# client DTLSv1.2 ECDH-RSA-AES256-SHA384 
+-u
+-v 3
+-l ECDH-RSA-AES256-SHA384
+
+# server DTLSv1.2 ECDH-ECDSA-AES256-SHA384
+-u
+-v 3
+-l ECDH-ECDSA-AES256-SHA384
+-c ./certs/server-ecc.pem
+-k ./certs/ecc-key.pem
+
+# client DTLSv1.2 ECDH-ECDSA-AES256-SHA384 
+-u
+-v 3
+-l ECDH-ECDSA-AES256-SHA384
+-A ./certs/server-ecc.pem
+
+# server DTLSv1 PSK-AES128
+-s
+-u
+-v 2
+-l PSK-AES128-CBC-SHA
+
+# client DTLSv1 PSK-AES128
+-s
+-u
+-v 2
+-l PSK-AES128-CBC-SHA
+
+# server DTLSv1 PSK-AES256
+-s
+-u
+-v 2
+-l PSK-AES256-CBC-SHA
+
+# client DTLSv1 PSK-AES256
+-s
+-u
+-v 2
+-l PSK-AES256-CBC-SHA
+
+# server DTLSv1.2 PSK-AES128
+-s
+-u
+-v 3
+-l PSK-AES128-CBC-SHA
+
+# client DTLSv1.2 PSK-AES128
+-s
+-u
+-v 3
+-l PSK-AES128-CBC-SHA
+
+# server DTLSv1.2 PSK-AES256
+-s
+-u
+-v 3
+-l PSK-AES256-CBC-SHA
+
+# client DTLSv1.2 PSK-AES256
+-s
+-u
+-v 3
+-l PSK-AES256-CBC-SHA
+
+# server DTLSv1.2 PSK-AES128-SHA256
+-s
+-u
+-v 3
+-l PSK-AES128-CBC-SHA256
+
+# client DTLSv1.2 PSK-AES128-SHA256
+-s
+-u
+-v 3
+-l PSK-AES128-CBC-SHA256
+
+# server DTLSv1.2 PSK-AES256-SHA384
+-s
+-u
+-v 3
+-l PSK-AES256-CBC-SHA384
+
+# client DTLSv1.2 PSK-AES256-SHA384
+-s
+-u
+-v 3
+-l PSK-AES256-CBC-SHA384
+
+# server DTLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256 
+-u
+-v 3
+-l ECDHE-ECDSA-AES128-GCM-SHA256
+-c ./certs/server-ecc.pem
+-k ./certs/ecc-key.pem
+
+# client DTLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256 
+-u
+-v 3
+-l ECDHE-ECDSA-AES128-GCM-SHA256
+-A ./certs/server-ecc.pem
+
+# server DTLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384
+-u
+-v 3
+-l ECDHE-ECDSA-AES256-GCM-SHA384
+-c ./certs/server-ecc.pem
+-k ./certs/ecc-key.pem
+
+# client DTLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384
+-u
+-v 3
+-l ECDHE-ECDSA-AES256-GCM-SHA384
+-A ./certs/server-ecc.pem
+
+# server DTLSv1.2 ECDH-ECDSA-AES128-GCM-SHA256 
+-u
+-v 3
+-l ECDH-ECDSA-AES128-GCM-SHA256
+-c ./certs/server-ecc.pem
+-k ./certs/ecc-key.pem
+
+# client DTLSv1.2 ECDH-ECDSA-AES128-GCM-SHA256 
+-u
+-v 3
+-l ECDH-ECDSA-AES128-GCM-SHA256
+-A ./certs/server-ecc.pem
+
+# server DTLSv1.2 ECDH-ECDSA-AES256-GCM-SHA384
+-u
+-v 3
+-l ECDH-ECDSA-AES256-GCM-SHA384
+-c ./certs/server-ecc.pem
+-k ./certs/ecc-key.pem
+
+# client DTLSv1.2 ECDH-ECDSA-AES256-GCM-SHA384
+-u
+-v 3
+-l ECDH-ECDSA-AES256-GCM-SHA384
+-A ./certs/server-ecc.pem
+
+# server DTLSv1.2 ECDHE-RSA-AES128-GCM-SHA256 
+-u
+-v 3
+-l ECDHE-RSA-AES128-GCM-SHA256
+
+# client DTLSv1.2 ECDHE-RSA-AES128-GCM-SHA256 
+-u
+-v 3
+-l ECDHE-RSA-AES128-GCM-SHA256
+
+# server DTLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
+-u
+-v 3
+-l ECDHE-RSA-AES256-GCM-SHA384
+
+# client DTLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
+-u
+-v 3
+-l ECDHE-RSA-AES256-GCM-SHA384
+
+# server DTLSv1.2 ECDH-RSA-AES128-GCM-SHA256 
+-u
+-v 3
+-l ECDH-RSA-AES128-GCM-SHA256
+-c ./certs/server-ecc-rsa.pem
+-k ./certs/ecc-key.pem
+
+# client DTLSv1.2 ECDH-RSA-AES128-GCM-SHA256 
+-u
+-v 3
+-l ECDH-RSA-AES128-GCM-SHA256
+
+# server DTLSv1.2 ECDH-RSA-AES256-GCM-SHA384
+-u
+-v 3
+-l ECDH-RSA-AES256-GCM-SHA384
+-c ./certs/server-ecc-rsa.pem
+-k ./certs/ecc-key.pem
+
+# client DTLSv1.2 ECDH-RSA-AES256-GCM-SHA384
+-u
+-v 3
+-l ECDH-RSA-AES256-GCM-SHA384
+
+# server DTLSv1.2 PSK-AES128-GCM-SHA256
+-u
+-s
+-v 3
+-l PSK-AES128-GCM-SHA256
+
+# client DTLSv1.2 PSK-AES128-GCM-SHA256
+-u
+-s
+-v 3
+-l PSK-AES128-GCM-SHA256
+
+# server DTLSv1.2 PSK-AES256-GCM-SHA384
+-u
+-s
+-v 3
+-l PSK-AES256-GCM-SHA384
+
+# client DTLSv1.2 PSK-AES256-GCM-SHA384
+-u
+-s
+-v 3
+-l PSK-AES256-GCM-SHA384
+
+# server DTLSv1.2 ECDHE-ECDSA-AES128-CCM-8
+-u
+-v 3
+-l ECDHE-ECDSA-AES128-CCM-8
+-c ./certs/server-ecc.pem
+-k ./certs/ecc-key.pem
+
+# client DTLSv1.2 ECDHE-ECDSA-AES128-CCM-8
+-u
+-v 3
+-l ECDHE-ECDSA-AES128-CCM-8
+-A ./certs/server-ecc.pem
+
+# server DTLSv1.2 ECDHE-ECDSA-AES256-CCM-8
+-u
+-v 3
+-l ECDHE-ECDSA-AES256-CCM-8
+-c ./certs/server-ecc.pem
+-k ./certs/ecc-key.pem
+
+# client DTLSv1.2 ECDHE-ECDSA-AES256-CCM-8
+-u
+-v 3
+-l ECDHE-ECDSA-AES256-CCM-8
+-A ./certs/server-ecc.pem
+
+# server DTLSv1.2 ADH-AES128-SHA
+-u
+-a
+-v 3
+-l ADH-AES128-SHA
+
+# client DTLSv1.2 ADH-AES128-SHA
+-u
+-a
+-v 3
+-l ADH-AES128-SHA
+
+# server DTLSv1.0 ADH-AES128-SHA
+-u
+-a
+-v 2
+-l ADH-AES128-SHA
+
+# client DTLSv1.0 ADH-AES128-SHA
+-u
+-a
+-v 2
+-l ADH-AES128-SHA
+
diff --git a/3P/wolfssl/tests/test.conf b/3P/wolfssl/tests/test.conf
new file mode 100644
index 00000000..c949c202
--- /dev/null
+++ b/3P/wolfssl/tests/test.conf
@@ -0,0 +1,2035 @@
+# server TLSv1 DHE-RSA-CHACHA20-POLY1305
+-v 1
+-l DHE-RSA-CHACHA20-POLY1305
+
+# client TLSv1 DHE-RSA-CHACHA20-POLY1305
+-v 1
+-l DHE-RSA-CHACHA20-POLY1305
+
+# server TLSv1 ECDHE-EDCSA-CHACHA20-POLY1305
+-v 1
+-l ECDHE-ECDSA-CHACHA20-POLY1305
+-c ./certs/server-ecc.pem
+-k ./certs/ecc-key.pem
+
+# client TLSv1 ECDHE-ECDSA-CHACHA20-POLY1305
+-v 1
+-l ECDHE-ECDSA-CHACHA20-POLY1305
+-A ./certs/server-ecc.pem
+
+# server TLSv1 ECDHE-RSA-CHACHA20-POLY1305
+-v 1 
+-l ECDHE-RSA-CHACHA20-POLY1305
+
+# client TLSv1 ECDHE-RSA-CHACHA20-POLY1305
+-v 1
+-l ECDHE-RSA-CHACHA20-POLY1305
+
+# server TLSv1.1 DHE-RSA-CHACHA20-POLY1305
+-v 2
+-l DHE-RSA-CHACHA20-POLY1305
+
+# client TLSv1.1 DHE-RSA-CHACHA20-POLY1305
+-v 2
+-l DHE-RSA-CHACHA20-POLY1305
+
+# server TLSv1.1 ECDHE-RSA-CHACHA20-POLY1305
+-v 2 
+-l ECDHE-RSA-CHACHA20-POLY1305
+
+# client TLSv1.1 ECDHE-RSA-CHACHA20-POLY1305
+-v 2
+-l ECDHE-RSA-CHACHA20-POLY1305
+
+# server TLSv1.1 ECDHE-EDCSA-CHACHA20-POLY1305
+-v 2
+-l ECDHE-ECDSA-CHACHA20-POLY1305
+-c ./certs/server-ecc.pem
+-k ./certs/ecc-key.pem
+
+# client TLSv1.1 ECDHE-ECDSA-CHACHA20-POLY1305
+-v 2
+-l ECDHE-ECDSA-CHACHA20-POLY1305
+-A ./certs/server-ecc.pem
+
+# server TLSv1.2 DHE-RSA-CHACHA20-POLY1305
+-v 3
+-l DHE-RSA-CHACHA20-POLY1305
+
+# client TLSv1.2 DHE-RSA-CHACHA20-POLY1305
+-v 3
+-l DHE-RSA-CHACHA20-POLY1305
+
+# server TLSv1.2 ECDHE-RSA-CHACHA20-POLY1305
+-v 3 
+-l ECDHE-RSA-CHACHA20-POLY1305
+
+# client TLSv1.2 ECDHE-RSA-CHACHA20-POLY1305
+-v 3
+-l ECDHE-RSA-CHACHA20-POLY1305
+
+# server TLSv1.2 ECDHE-EDCSA-CHACHA20-POLY1305
+-v 3
+-l ECDHE-ECDSA-CHACHA20-POLY1305
+-c ./certs/server-ecc.pem
+-k ./certs/ecc-key.pem
+
+# client TLSv1.2 ECDHE-ECDSA-CHACHA20-POLY1305
+-v 3
+-l ECDHE-ECDSA-CHACHA20-POLY1305
+-A ./certs/server-ecc.pem
+
+# server SSLv3 RC4-SHA
+-v 0
+-l RC4-SHA
+
+# client SSLv3 RC4-SHA
+-v 0
+-l RC4-SHA
+
+# server SSLv3 RC4-MD5
+-v 0
+-l RC4-MD5
+
+# client SSLv3 RC4-MD5
+-v 0
+-l RC4-MD5
+
+# server SSLv3 DES-CBC3-SHA
+-v 0
+-l DES-CBC3-SHA
+
+# client SSLv3 DES-CBC3-SHA
+-v 0
+-l DES-CBC3-SHA
+
+# server TLSv1 RC4-SHA
+-v 1
+-l RC4-SHA
+
+# client TLSv1 RC4-SHA
+-v 1
+-l RC4-SHA
+
+# server TLSv1 RC4-MD5
+-v 1
+-l RC4-MD5
+
+# client TLSv1 RC4-MD5
+-v 1
+-l RC4-MD5
+
+# server TLSv1 DES-CBC3-SHA
+-v 1
+-l DES-CBC3-SHA
+
+# client TLSv1 DES-CBC3-SHA
+-v 1
+-l DES-CBC3-SHA
+
+# server TLSv1 AES128-SHA
+-v 1
+-l AES128-SHA
+
+# client TLSv1 AES128-SHA
+-v 1
+-l AES128-SHA
+
+# server TLSv1 AES256-SHA
+-v 1
+-l AES256-SHA
+
+# client TLSv1 AES256-SHA
+-v 1
+-l AES256-SHA
+
+# server TLSv1 AES128-SHA256
+-v 1
+-l AES128-SHA256
+
+# client TLSv1 AES128-SHA256
+-v 1
+-l AES128-SHA256
+
+# server TLSv1 AES256-SHA256
+-v 1
+-l AES256-SHA256
+
+# client TLSv1 AES256-SHA256
+-v 1
+-l AES256-SHA256
+
+# server TLSv1.1 RC4-SHA
+-v 2
+-l RC4-SHA
+
+# client TLSv1.1 RC4-SHA
+-v 2
+-l RC4-SHA
+
+# server TLSv1.1 RC4-MD5
+-v 2
+-l RC4-MD5
+
+# client TLSv1.1 RC4-MD5
+-v 2
+-l RC4-MD5
+
+# server TLSv1.1 DES-CBC3-SHA
+-v 2
+-l DES-CBC3-SHA
+
+# client TLSv1.1 DES-CBC3-SHA
+-v 2
+-l DES-CBC3-SHA
+
+# server TLSv1.1 AES128-SHA
+-v 2
+-l AES128-SHA
+
+# client TLSv1.1 AES128-SHA
+-v 2
+-l AES128-SHA
+
+# server TLSv1.1 AES256-SHA
+-v 2
+-l AES256-SHA
+
+# client TLSv1.1 AES256-SHA
+-v 2
+-l AES256-SHA
+
+# server TLSv1.1 AES128-SHA256
+-v 2
+-l AES128-SHA256
+
+# client TLSv1.1 AES128-SHA256
+-v 2
+-l AES128-SHA256
+
+# server TLSv1.1 AES256-SHA256
+-v 2
+-l AES256-SHA256
+
+# client TLSv1.1 AES256-SHA256
+-v 2
+-l AES256-SHA256
+
+# server TLSv1.2 RC4-SHA
+-v 3
+-l RC4-SHA
+
+# client TLSv1.2 RC4-SHA
+-v 3
+-l RC4-SHA
+
+# server TLSv1.2 RC4-MD5
+-v 3
+-l RC4-MD5
+
+# client TLSv1.2 RC4-MD5
+-v 3
+-l RC4-MD5
+
+# server TLSv1.2 DES-CBC3-SHA
+-v 3
+-l DES-CBC3-SHA
+
+# client TLSv1.2 DES-CBC3-SHA
+-v 3
+-l DES-CBC3-SHA
+
+# server TLSv1.2 AES128-SHA
+-v 3
+-l AES128-SHA
+
+# client TLSv1.2 AES128-SHA
+-v 3
+-l AES128-SHA
+
+# server TLSv1.2 AES256-SHA
+-v 3
+-l AES256-SHA
+
+# client TLSv1.2 AES256-SHA
+-v 3
+-l AES256-SHA
+
+# server TLSv1.2 AES128-SHA256
+-v 3
+-l AES128-SHA256
+
+# client TLSv1.2 AES128-SHA256
+-v 3
+-l AES128-SHA256
+
+# server TLSv1.2 AES256-SHA256
+-v 3
+-l AES256-SHA256
+
+# client TLSv1.2 AES256-SHA256
+-v 3
+-l AES256-SHA256
+
+# server TLSv1 ECDHE-RSA-RC4
+-v 1
+-l ECDHE-RSA-RC4-SHA
+
+# client TLSv1 ECDHE-RSA-RC4
+-v 1
+-l ECDHE-RSA-RC4-SHA
+
+# server TLSv1 ECDHE-RSA-DES3
+-v 1
+-l ECDHE-RSA-DES-CBC3-SHA
+
+# client TLSv1 ECDHE-RSA-DES3
+-v 1
+-l ECDHE-RSA-DES-CBC3-SHA
+
+# server TLSv1 ECDHE-RSA-AES128 
+-v 1
+-l ECDHE-RSA-AES128-SHA
+
+# client TLSv1 ECDHE-RSA-AES128 
+-v 1
+-l ECDHE-RSA-AES128-SHA
+
+# server TLSv1 ECDHE-RSA-AES256
+-v 1
+-l ECDHE-RSA-AES256-SHA
+
+# client TLSv1 ECDHE-RSA-AES256
+-v 1
+-l ECDHE-RSA-AES256-SHA
+
+# server TLSv1.1 ECDHE-RSA-RC4
+-v 2
+-l ECDHE-RSA-RC4-SHA
+
+# client TLSv1.1 ECDHE-RSA-RC4
+-v 2
+-l ECDHE-RSA-RC4-SHA
+
+# server TLSv1.1 ECDHE-RSA-DES3
+-v 2
+-l ECDHE-RSA-DES-CBC3-SHA
+
+# client TLSv1.1 ECDHE-RSA-DES3
+-v 2
+-l ECDHE-RSA-DES-CBC3-SHA
+
+# server TLSv1.1 ECDHE-RSA-AES128 
+-v 2
+-l ECDHE-RSA-AES128-SHA
+
+# client TLSv1.1 ECDHE-RSA-AES128 
+-v 2
+-l ECDHE-RSA-AES128-SHA
+
+# server TLSv1.1 ECDHE-RSA-AES256
+-v 2
+-l ECDHE-RSA-AES256-SHA
+
+# client TLSv1.1 ECDHE-RSA-AES256
+-v 2
+-l ECDHE-RSA-AES256-SHA
+
+# server TLSv1.2 ECDHE-RSA-RC4
+-v 3
+-l ECDHE-RSA-RC4-SHA
+
+# client TLSv1.2 ECDHE-RSA-RC4
+-v 3
+-l ECDHE-RSA-RC4-SHA
+
+# server TLSv1.2 ECDHE-RSA-DES3
+-v 3
+-l ECDHE-RSA-DES-CBC3-SHA
+
+# client TLSv1.2 ECDHE-RSA-DES3
+-v 3
+-l ECDHE-RSA-DES-CBC3-SHA
+
+# server TLSv1.2 ECDHE-RSA-AES128 
+-v 3
+-l ECDHE-RSA-AES128-SHA
+
+# client TLSv1.2 ECDHE-RSA-AES128 
+-v 3
+-l ECDHE-RSA-AES128-SHA
+
+# server TLSv1.2 ECDHE-RSA-AES128-SHA256
+-v 3
+-l ECDHE-RSA-AES128-SHA256
+
+# client TLSv1.2 ECDHE-RSA-AES128-SHA256 
+-v 3
+-l ECDHE-RSA-AES128-SHA256
+
+# server TLSv1.2 ECDHE-RSA-AES256
+-v 3
+-l ECDHE-RSA-AES256-SHA
+
+# client TLSv1.2 ECDHE-RSA-AES256
+-v 3
+-l ECDHE-RSA-AES256-SHA
+
+# server TLSv1 ECDHE-ECDSA-RC4
+-v 1
+-l ECDHE-ECDSA-RC4-SHA
+-c ./certs/server-ecc.pem
+-k ./certs/ecc-key.pem
+
+# client TLSv1 ECDHE-ECDSA-RC4
+-v 1
+-l ECDHE-ECDSA-RC4-SHA
+-A ./certs/server-ecc.pem
+
+# server TLSv1 ECDHE-ECDSA-DES3
+-v 1
+-l ECDHE-ECDSA-DES-CBC3-SHA
+-c ./certs/server-ecc.pem
+-k ./certs/ecc-key.pem
+
+# client TLSv1 ECDHE-ECDSA-DES3
+-v 1
+-l ECDHE-ECDSA-DES-CBC3-SHA
+-A ./certs/server-ecc.pem
+
+# server TLSv1 ECDHE-ECDSA-AES128 
+-v 1
+-l ECDHE-ECDSA-AES128-SHA
+-c ./certs/server-ecc.pem
+-k ./certs/ecc-key.pem
+
+# client TLSv1 ECDHE-ECDSA-AES128 
+-v 1
+-l ECDHE-ECDSA-AES128-SHA
+-A ./certs/server-ecc.pem
+
+# server TLSv1 ECDHE-ECDSA-AES256
+-v 1
+-l ECDHE-ECDSA-AES256-SHA
+-c ./certs/server-ecc.pem
+-k ./certs/ecc-key.pem
+
+# client TLSv1 ECDHE-ECDSA-AES256
+-v 1
+-l ECDHE-ECDSA-AES256-SHA
+-A ./certs/server-ecc.pem
+
+# server TLSv1.1 ECDHE-EDCSA-RC4
+-v 2
+-l ECDHE-ECDSA-RC4-SHA
+-c ./certs/server-ecc.pem
+-k ./certs/ecc-key.pem
+
+# client TLSv1.1 ECDHE-ECDSA-RC4
+-v 2
+-l ECDHE-ECDSA-RC4-SHA
+-A ./certs/server-ecc.pem
+
+# server TLSv1.1 ECDHE-ECDSA-DES3
+-v 2
+-l ECDHE-ECDSA-DES-CBC3-SHA
+-c ./certs/server-ecc.pem
+-k ./certs/ecc-key.pem
+
+# client TLSv1.1 ECDHE-ECDSA-DES3
+-v 2
+-l ECDHE-ECDSA-DES-CBC3-SHA
+-A ./certs/server-ecc.pem
+
+# server TLSv1.1 ECDHE-ECDSA-AES128 
+-v 2
+-l ECDHE-ECDSA-AES128-SHA
+-c ./certs/server-ecc.pem
+-k ./certs/ecc-key.pem
+
+# client TLSv1.1 ECDHE-ECDSA-AES128 
+-v 2
+-l ECDHE-ECDSA-AES128-SHA
+-A ./certs/server-ecc.pem
+
+# server TLSv1.1 ECDHE-ECDSA-AES256
+-v 2
+-l ECDHE-ECDSA-AES256-SHA
+-c ./certs/server-ecc.pem
+-k ./certs/ecc-key.pem
+
+# client TLSv1.1 ECDHE-ECDSA-AES256
+-v 2
+-l ECDHE-ECDSA-AES256-SHA
+-A ./certs/server-ecc.pem
+
+# server TLSv1.2 ECDHE-ECDSA-RC4
+-v 3
+-l ECDHE-ECDSA-RC4-SHA
+-c ./certs/server-ecc.pem
+-k ./certs/ecc-key.pem
+
+# client TLSv1.2 ECDHE-ECDSA-RC4
+-v 3
+-l ECDHE-ECDSA-RC4-SHA
+-A ./certs/server-ecc.pem
+
+# server TLSv1.2 ECDHE-ECDSA-DES3
+-v 3
+-l ECDHE-ECDSA-DES-CBC3-SHA
+-c ./certs/server-ecc.pem
+-k ./certs/ecc-key.pem
+
+# client TLSv1.2 ECDHE-ECDSA-DES3
+-v 3
+-l ECDHE-ECDSA-DES-CBC3-SHA
+-A ./certs/server-ecc.pem
+
+# server TLSv1.2 ECDHE-ECDSA-AES128 
+-v 3
+-l ECDHE-ECDSA-AES128-SHA
+-c ./certs/server-ecc.pem
+-k ./certs/ecc-key.pem
+
+# client TLSv1.2 ECDHE-ECDSA-AES128 
+-v 3
+-l ECDHE-ECDSA-AES128-SHA
+-A ./certs/server-ecc.pem
+
+# server TLSv1.2 ECDHE-ECDSA-AES128-SHA256
+-v 3
+-l ECDHE-ECDSA-AES128-SHA256
+-c ./certs/server-ecc.pem
+-k ./certs/ecc-key.pem
+
+# client TLSv1.2 ECDHE-ECDSA-AES128-SHA256
+-v 3
+-l ECDHE-ECDSA-AES128-SHA256
+-A ./certs/server-ecc.pem
+
+# server TLSv1.2 ECDHE-ECDSA-AES256
+-v 3
+-l ECDHE-ECDSA-AES256-SHA
+-c ./certs/server-ecc.pem
+-k ./certs/ecc-key.pem
+
+# client TLSv1.2 ECDHE-ECDSA-AES256
+-v 3
+-l ECDHE-ECDSA-AES256-SHA
+-A ./certs/server-ecc.pem
+
+# server TLSv1 ECDH-RSA-RC4
+-v 1
+-l ECDH-RSA-RC4-SHA
+-c ./certs/server-ecc-rsa.pem
+-k ./certs/ecc-key.pem
+
+# client TLSv1 ECDH-RSA-RC4
+-v 1
+-l ECDH-RSA-RC4-SHA
+
+# server TLSv1 ECDH-RSA-DES3
+-v 1
+-l ECDH-RSA-DES-CBC3-SHA
+-c ./certs/server-ecc-rsa.pem
+-k ./certs/ecc-key.pem
+
+# client TLSv1 ECDH-RSA-DES3
+-v 1
+-l ECDH-RSA-DES-CBC3-SHA
+
+# server TLSv1 ECDH-RSA-AES128 
+-v 1
+-l ECDH-RSA-AES128-SHA
+-c ./certs/server-ecc-rsa.pem
+-k ./certs/ecc-key.pem
+
+# client TLSv1 ECDH-RSA-AES128 
+-v 1
+-l ECDH-RSA-AES128-SHA
+
+# server TLSv1 ECDH-RSA-AES256
+-v 1
+-l ECDH-RSA-AES256-SHA
+-c ./certs/server-ecc-rsa.pem
+-k ./certs/ecc-key.pem
+
+# client TLSv1 ECDH-RSA-AES256
+-v 1
+-l ECDH-RSA-AES256-SHA
+
+# server TLSv1.1 ECDH-RSA-RC4
+-v 2
+-l ECDH-RSA-RC4-SHA
+-c ./certs/server-ecc-rsa.pem
+-k ./certs/ecc-key.pem
+
+# client TLSv1.1 ECDH-RSA-RC4
+-v 2
+-l ECDH-RSA-RC4-SHA
+
+# server TLSv1.1 ECDH-RSA-DES3
+-v 2
+-l ECDH-RSA-DES-CBC3-SHA
+-c ./certs/server-ecc-rsa.pem
+-k ./certs/ecc-key.pem
+
+# client TLSv1.1 ECDH-RSA-DES3
+-v 2
+-l ECDH-RSA-DES-CBC3-SHA
+
+# server TLSv1.1 ECDH-RSA-AES128 
+-v 2
+-l ECDH-RSA-AES128-SHA
+-c ./certs/server-ecc-rsa.pem
+-k ./certs/ecc-key.pem
+
+# client TLSv1.1 ECDH-RSA-AES128 
+-v 2
+-l ECDH-RSA-AES128-SHA
+
+# server TLSv1.1 ECDH-RSA-AES256
+-v 2
+-l ECDH-RSA-AES256-SHA
+-c ./certs/server-ecc-rsa.pem
+-k ./certs/ecc-key.pem
+
+# client TLSv1.1 ECDH-RSA-AES256
+-v 2
+-l ECDH-RSA-AES256-SHA
+
+# server TLSv1.2 ECDH-RSA-RC4
+-v 3
+-l ECDH-RSA-RC4-SHA
+-c ./certs/server-ecc-rsa.pem
+-k ./certs/ecc-key.pem
+
+# client TLSv1.2 ECDH-RSA-RC4
+-v 3
+-l ECDH-RSA-RC4-SHA
+
+# server TLSv1.2 ECDH-RSA-DES3
+-v 3
+-l ECDH-RSA-DES-CBC3-SHA
+-c ./certs/server-ecc-rsa.pem
+-k ./certs/ecc-key.pem
+
+# client TLSv1.2 ECDH-RSA-DES3
+-v 3
+-l ECDH-RSA-DES-CBC3-SHA
+
+# server TLSv1.2 ECDH-RSA-AES128 
+-v 3
+-l ECDH-RSA-AES128-SHA
+-c ./certs/server-ecc-rsa.pem
+-k ./certs/ecc-key.pem
+
+# client TLSv1.2 ECDH-RSA-AES128 
+-v 3
+-l ECDH-RSA-AES128-SHA
+
+# server TLSv1.2 ECDH-RSA-AES128-SHA256 
+-v 3
+-l ECDH-RSA-AES128-SHA256
+-c ./certs/server-ecc-rsa.pem
+-k ./certs/ecc-key.pem
+
+# client TLSv1.2 ECDH-RSA-AES128-SHA256 
+-v 3
+-l ECDH-RSA-AES128-SHA256
+
+# server TLSv1.2 ECDH-RSA-AES256
+-v 3
+-l ECDH-RSA-AES256-SHA
+-c ./certs/server-ecc-rsa.pem
+-k ./certs/ecc-key.pem
+
+# client TLSv1.2 ECDH-RSA-AES256
+-v 3
+-l ECDH-RSA-AES256-SHA
+
+# server TLSv1 ECDH-ECDSA-RC4
+-v 1
+-l ECDH-ECDSA-RC4-SHA
+-c ./certs/server-ecc.pem
+-k ./certs/ecc-key.pem
+
+# client TLSv1 ECDH-ECDSA-RC4
+-v 1
+-l ECDH-ECDSA-RC4-SHA
+-A ./certs/server-ecc.pem
+
+# server TLSv1 ECDH-ECDSA-DES3
+-v 1
+-l ECDH-ECDSA-DES-CBC3-SHA
+-c ./certs/server-ecc.pem
+-k ./certs/ecc-key.pem
+
+# client TLSv1 ECDH-ECDSA-DES3
+-v 1
+-l ECDH-ECDSA-DES-CBC3-SHA
+-A ./certs/server-ecc.pem
+
+# server TLSv1 ECDH-ECDSA-AES128 
+-v 1
+-l ECDH-ECDSA-AES128-SHA
+-c ./certs/server-ecc.pem
+-k ./certs/ecc-key.pem
+
+# client TLSv1 ECDH-ECDSA-AES128 
+-v 1
+-l ECDH-ECDSA-AES128-SHA
+-A ./certs/server-ecc.pem
+
+# server TLSv1 ECDH-ECDSA-AES256
+-v 1
+-l ECDH-ECDSA-AES256-SHA
+-c ./certs/server-ecc.pem
+-k ./certs/ecc-key.pem
+
+# client TLSv1 ECDH-ECDSA-AES256
+-v 1
+-l ECDH-ECDSA-AES256-SHA
+-A ./certs/server-ecc.pem
+
+# server TLSv1.1 ECDH-EDCSA-RC4
+-v 2
+-l ECDH-ECDSA-RC4-SHA
+-c ./certs/server-ecc.pem
+-k ./certs/ecc-key.pem
+
+# client TLSv1.1 ECDH-ECDSA-RC4
+-v 2
+-l ECDH-ECDSA-RC4-SHA
+-A ./certs/server-ecc.pem
+
+# server TLSv1.1 ECDH-ECDSA-DES3
+-v 2
+-l ECDH-ECDSA-DES-CBC3-SHA
+-c ./certs/server-ecc.pem
+-k ./certs/ecc-key.pem
+
+# client TLSv1.1 ECDH-ECDSA-DES3
+-v 2
+-l ECDH-ECDSA-DES-CBC3-SHA
+-A ./certs/server-ecc.pem
+
+# server TLSv1.1 ECDH-ECDSA-AES128 
+-v 2
+-l ECDH-ECDSA-AES128-SHA
+-c ./certs/server-ecc.pem
+-k ./certs/ecc-key.pem
+
+# client TLSv1.1 ECDH-ECDSA-AES128 
+-v 2
+-l ECDH-ECDSA-AES128-SHA
+-A ./certs/server-ecc.pem
+
+# server TLSv1.1 ECDH-ECDSA-AES256
+-v 2
+-l ECDH-ECDSA-AES256-SHA
+-c ./certs/server-ecc.pem
+-k ./certs/ecc-key.pem
+
+# client TLSv1.1 ECDH-ECDSA-AES256
+-v 2
+-l ECDH-ECDSA-AES256-SHA
+-A ./certs/server-ecc.pem
+
+# server TLSv1.2 ECDHE-ECDSA-RC4
+-v 3
+-l ECDH-ECDSA-RC4-SHA
+-c ./certs/server-ecc.pem
+-k ./certs/ecc-key.pem
+
+# client TLSv1.2 ECDH-ECDSA-RC4
+-v 3
+-l ECDH-ECDSA-RC4-SHA
+-A ./certs/server-ecc.pem
+
+# server TLSv1.2 ECDH-ECDSA-DES3
+-v 3
+-l ECDH-ECDSA-DES-CBC3-SHA
+-c ./certs/server-ecc.pem
+-k ./certs/ecc-key.pem
+
+# client TLSv1.2 ECDH-ECDSA-DES3
+-v 3
+-l ECDH-ECDSA-DES-CBC3-SHA
+-A ./certs/server-ecc.pem
+
+# server TLSv1.2 ECDH-ECDSA-AES128 
+-v 3
+-l ECDH-ECDSA-AES128-SHA
+-c ./certs/server-ecc.pem
+-k ./certs/ecc-key.pem
+
+# client TLSv1.2 ECDH-ECDSA-AES128 
+-v 3
+-l ECDH-ECDSA-AES128-SHA
+-A ./certs/server-ecc.pem
+
+# server TLSv1.2 ECDH-ECDSA-AES128-SHA256
+-v 3
+-l ECDH-ECDSA-AES128-SHA256
+-c ./certs/server-ecc.pem
+-k ./certs/ecc-key.pem
+
+# client TLSv1.2 ECDH-ECDSA-AES128-SHA256 
+-v 3
+-l ECDH-ECDSA-AES128-SHA256
+-A ./certs/server-ecc.pem
+
+# server TLSv1.2 ECDH-ECDSA-AES256
+-v 3
+-l ECDH-ECDSA-AES256-SHA
+-c ./certs/server-ecc.pem
+-k ./certs/ecc-key.pem
+
+# client TLSv1.2 ECDH-ECDSA-AES256
+-v 3
+-l ECDH-ECDSA-AES256-SHA
+-A ./certs/server-ecc.pem
+
+# server TLSv1.2 ECDHE-RSA-AES256-SHA384
+-v 3
+-l ECDHE-RSA-AES256-SHA384
+
+# client TLSv1.2 ECDHE-RSA-AES256-SHA384 
+-v 3
+-l ECDHE-RSA-AES256-SHA384
+
+# server TLSv1.2 ECDHE-ECDSA-AES256-SHA384
+-v 3
+-l ECDHE-ECDSA-AES256-SHA384
+-c ./certs/server-ecc.pem
+-k ./certs/ecc-key.pem
+
+# client TLSv1.2 ECDHE-ECDSA-AES256-SHA384
+-v 3
+-l ECDHE-ECDSA-AES256-SHA384
+-A ./certs/server-ecc.pem
+
+# server TLSv1.2 ECDH-RSA-AES256-SHA384 
+-v 3
+-l ECDH-RSA-AES256-SHA384
+-c ./certs/server-ecc-rsa.pem
+-k ./certs/ecc-key.pem
+
+# client TLSv1.2 ECDH-RSA-AES256-SHA384 
+-v 3
+-l ECDH-RSA-AES256-SHA384
+
+# server TLSv1.2 ECDH-ECDSA-AES256-SHA384
+-v 3
+-l ECDH-ECDSA-AES256-SHA384
+-c ./certs/server-ecc.pem
+-k ./certs/ecc-key.pem
+
+# client TLSv1.2 ECDH-ECDSA-AES256-SHA384 
+-v 3
+-l ECDH-ECDSA-AES256-SHA384
+-A ./certs/server-ecc.pem
+
+# server TLSv1 HC128-SHA
+-v 1
+-l HC128-SHA
+
+# client TLSv1 HC128-SHA
+-v 1
+-l HC128-SHA
+
+# server TLSv1 HC128-MD5
+-v 1
+-l HC128-MD5
+
+# client TLSv1 HC128-MD5
+-v 1
+-l HC128-MD5
+
+# server TLSv1 HC128-B2B256
+-v 1
+-l HC128-B2B256
+
+# client TLSv1 HC128-B2B256
+-v 1
+-l HC128-B2B256
+
+# server TLSv1 AES128-B2B256
+-v 1
+-l AES128-B2B256
+
+# client TLSv1 AES128-B2B256
+-v 1
+-l AES128-B2B256
+
+# server TLSv1 AES256-B2B256
+-v 1
+-l AES256-B2B256
+
+# client TLSv1 AES256-B2B256
+-v 1
+-l AES256-B2B256
+
+# server TLSv1.1 HC128-SHA
+-v 2
+-l HC128-SHA
+
+# client TLSv1.1 HC128-SHA
+-v 2
+-l HC128-SHA
+
+# server TLSv1.1 HC128-MD5
+-v 2
+-l HC128-MD5
+
+# client TLSv1.1 HC128-MD5
+-v 2
+-l HC128-MD5
+
+# server TLSv1.1 HC128-B2B256
+-v 2
+-l HC128-B2B256
+
+# client TLSv1.1 HC128-B2B256
+-v 2
+-l HC128-B2B256
+
+# server TLSv1.1 AES128-B2B256
+-v 2
+-l AES128-B2B256
+
+# client TLSv1.1 AES128-B2B256
+-v 2
+-l AES128-B2B256
+
+# server TLSv1.1 AES256-B2B256
+-v 2
+-l AES256-B2B256
+
+# client TLSv1.1 AES256-B2B256
+-v 2
+-l AES256-B2B256
+
+# server TLSv1.2 HC128-SHA
+-v 3
+-l HC128-SHA
+
+# client TLSv1.2 HC128-SHA
+-v 3
+-l HC128-SHA
+
+# server TLSv1.2 HC128-MD5
+-v 3
+-l HC128-MD5
+
+# client TLSv1.2 HC128-MD5
+-v 3
+-l HC128-MD5
+
+# server TLSv1.2 HC128-B2B256
+-v 3
+-l HC128-B2B256
+
+# client TLSv1.2 HC128-B2B256
+-v 3
+-l HC128-B2B256
+
+# server TLSv1.2 AES128-B2B256
+-v 3
+-l AES128-B2B256
+
+# client TLSv1.2 AES128-B2B256
+-v 3
+-l AES128-B2B256
+
+# server TLSv1.2 AES256-B2B256
+-v 3
+-l AES256-B2B256
+
+# client TLSv1.2 AES256-B2B256
+-v 3
+-l AES256-B2B256
+
+# server TLSv1 RABBIT-SHA
+-v 1
+-l RABBIT-SHA
+
+# client TLSv1 RABBIT-SHA
+-v 1
+-l RABBIT-SHA
+
+# server TLSv1.1 RABBIT-SHA
+-v 2
+-l RABBIT-SHA
+
+# client TLSv1.1 RABBIT-SHA
+-v 2
+-l RABBIT-SHA
+
+# server TLSv1.2 RABBIT-SHA
+-v 3
+-l RABBIT-SHA
+
+# client TLSv1.2 RABBIT-SHA
+-v 3
+-l RABBIT-SHA
+
+# server TLSv1 NTRU_RC4
+-v 1
+-l NTRU-RC4-SHA
+-n
+-c ./certs/ntru-cert.pem
+-k ./certs/ntru-key.raw
+
+# client TLSv1 NTRU_RC4
+-v 1
+-l NTRU-RC4-SHA
+
+# server TLSv1 NTRU_DES3
+-v 1
+-l NTRU-DES-CBC3-SHA
+-n
+-c ./certs/ntru-cert.pem
+-k ./certs/ntru-key.raw
+
+# client TLSv1 NTRU_DES3
+-v 1
+-l NTRU-DES-CBC3-SHA
+
+# server TLSv1 NTRU_AES128
+-v 1
+-l NTRU-AES128-SHA
+-n
+-c ./certs/ntru-cert.pem
+-k ./certs/ntru-key.raw
+
+# client TLSv1 NTRU_AES128
+-v 1
+-l NTRU-AES128-SHA
+
+# server TLSv1 NTRU_AES256
+-v 1
+-l NTRU-AES256-SHA
+-n
+-c ./certs/ntru-cert.pem
+-k ./certs/ntru-key.raw
+
+# client TLSv1 NTRU_AES256
+-v 1
+-l NTRU-AES256-SHA
+
+# server TLSv1.1 NTRU_RC4
+-v 2
+-l NTRU-RC4-SHA
+-n
+-c ./certs/ntru-cert.pem
+-k ./certs/ntru-key.raw
+
+# client TLSv1.1 NTRU_RC4
+-v 2
+-l NTRU-RC4-SHA
+
+# server TLSv1.1 NTRU_DES3
+-v 2
+-l NTRU-DES-CBC3-SHA
+-n
+-c ./certs/ntru-cert.pem
+-k ./certs/ntru-key.raw
+
+# client TLSv1.1 NTRU_DES3
+-v 2
+-l NTRU-DES-CBC3-SHA
+
+# server TLSv1.1 NTRU_AES128
+-v 2
+-l NTRU-AES128-SHA
+-n
+-c ./certs/ntru-cert.pem
+-k ./certs/ntru-key.raw
+
+# client TLSv1.1 NTRU_AES128
+-v 2
+-l NTRU-AES128-SHA
+
+# server TLSv1.1 NTRU_AES256
+-v 2
+-l NTRU-AES256-SHA
+-n
+-c ./certs/ntru-cert.pem
+-k ./certs/ntru-key.raw
+
+# client TLSv1.1 NTRU_AES256
+-v 2
+-l NTRU-AES256-SHA
+
+# server TLSv1.2 NTRU_RC4
+-v 3
+-l NTRU-RC4-SHA
+-n
+-c ./certs/ntru-cert.pem
+-k ./certs/ntru-key.raw
+
+# client TLSv1.2 NTRU_RC4
+-v 3
+-l NTRU-RC4-SHA
+
+# server TLSv1.2 NTRU_DES3
+-v 3
+-l NTRU-DES-CBC3-SHA
+-n
+-c ./certs/ntru-cert.pem
+-k ./certs/ntru-key.raw
+
+# client TLSv1.2 NTRU_DES3
+-v 3
+-l NTRU-DES-CBC3-SHA
+
+# server TLSv1.2 NTRU_AES128
+-v 3
+-l NTRU-AES128-SHA
+-n
+-c ./certs/ntru-cert.pem
+-k ./certs/ntru-key.raw
+
+# client TLSv1.2 NTRU_AES128
+-v 3
+-l NTRU-AES128-SHA
+
+# server TLSv1.2 NTRU_AES256
+-v 3
+-l NTRU-AES256-SHA
+-n
+-c ./certs/ntru-cert.pem
+-k ./certs/ntru-key.raw
+
+# client TLSv1.2 NTRU_AES256
+-v 3
+-l NTRU-AES256-SHA
+
+# server TLSv1 DHE AES128
+-v 1
+-l DHE-RSA-AES128-SHA
+
+# client TLSv1 DHE AES128
+-v 1
+-l DHE-RSA-AES128-SHA
+
+# server TLSv1 DHE AES256
+-v 1
+-l DHE-RSA-AES256-SHA
+
+# client TLSv1 DHE AES256
+-v 1
+-l DHE-RSA-AES256-SHA
+
+# server TLSv1 DHE AES128-SHA256
+-v 1
+-l DHE-RSA-AES128-SHA256
+
+# client TLSv1 DHE AES128-SHA256
+-v 1
+-l DHE-RSA-AES128-SHA256
+
+# server TLSv1 DHE AES256-SHA256
+-v 1
+-l DHE-RSA-AES256-SHA256
+
+# client TLSv1 DHE AES256-SHA256
+-v 1
+-l DHE-RSA-AES256-SHA256
+
+# server TLSv1.1 DHE AES128
+-v 2
+-l DHE-RSA-AES128-SHA
+
+# client TLSv1.1 DHE AES128
+-v 2
+-l DHE-RSA-AES128-SHA
+
+# server TLSv1.1 DHE AES256
+-v 2
+-l DHE-RSA-AES256-SHA
+
+# client TLSv1.1 DHE AES256
+-v 2
+-l DHE-RSA-AES256-SHA
+
+# server TLSv1.1 DHE AES128-SHA256
+-v 2
+-l DHE-RSA-AES128-SHA256
+
+# client TLSv1.1 DHE AES128-SHA256
+-v 2
+-l DHE-RSA-AES128-SHA256
+
+# server TLSv1.1 DHE AES256-SHA256
+-v 2
+-l DHE-RSA-AES256-SHA256
+
+# client TLSv1.1 DHE AES256-SHA256
+-v 2
+-l DHE-RSA-AES256-SHA256
+
+# server TLSv1.2 DHE AES128
+-v 3
+-l DHE-RSA-AES128-SHA
+
+# client TLSv1.2 DHE AES128
+-v 3
+-l DHE-RSA-AES128-SHA
+
+# server TLSv1.2 DHE AES256
+-v 3
+-l DHE-RSA-AES256-SHA
+
+# client TLSv1.2 DHE AES256
+-v 3
+-l DHE-RSA-AES256-SHA
+
+# server TLSv1.2 DHE AES128-SHA256
+-v 3
+-l DHE-RSA-AES128-SHA256
+
+# client TLSv1.2 DHE AES128-SHA256
+-v 3
+-l DHE-RSA-AES128-SHA256
+
+# server TLSv1.2 DHE AES256-SHA256
+-v 3
+-l DHE-RSA-AES256-SHA256
+
+# client TLSv1.2 DHE AES256-SHA256
+-v 3
+-l DHE-RSA-AES256-SHA256
+
+# server TLSv1 PSK-AES128
+-s
+-v 1
+-l PSK-AES128-CBC-SHA
+
+# client TLSv1 PSK-AES128
+-s
+-v 1
+-l PSK-AES128-CBC-SHA
+
+# server TLSv1 PSK-AES256
+-s
+-v 1
+-l PSK-AES256-CBC-SHA
+
+# client TLSv1 PSK-AES256
+-s
+-v 1
+-l PSK-AES256-CBC-SHA
+
+# server TLSv1.1 PSK-AES128
+-s
+-v 2
+-l PSK-AES128-CBC-SHA
+
+# client TLSv1.1 PSK-AES128
+-s
+-v 2
+-l PSK-AES128-CBC-SHA
+
+# server TLSv1.1 PSK-AES256
+-s
+-v 2
+-l PSK-AES256-CBC-SHA
+
+# client TLSv1.1 PSK-AES256
+-s
+-v 2
+-l PSK-AES256-CBC-SHA
+
+# server TLSv1.2 PSK-AES128
+-s
+-v 3
+-l PSK-AES128-CBC-SHA
+
+# client TLSv1.2 PSK-AES128
+-s
+-v 3
+-l PSK-AES128-CBC-SHA
+
+# server TLSv1.2 PSK-AES256
+-s
+-v 3
+-l PSK-AES256-CBC-SHA
+
+# client TLSv1.2 PSK-AES256
+-s
+-v 3
+-l PSK-AES256-CBC-SHA
+
+# server TLSv1.0 PSK-AES128-SHA256
+-s
+-v 1
+-l PSK-AES128-CBC-SHA256
+
+# client TLSv1.0 PSK-AES128-SHA256
+-s
+-v 1
+-l PSK-AES128-CBC-SHA256
+
+# server TLSv1.1 PSK-AES128-SHA256
+-s
+-v 2
+-l PSK-AES128-CBC-SHA256
+
+# client TLSv1.1 PSK-AES128-SHA256
+-s
+-v 2
+-l PSK-AES128-CBC-SHA256
+
+# server TLSv1.2 PSK-AES128-SHA256
+-s
+-v 3
+-l PSK-AES128-CBC-SHA256
+
+# client TLSv1.2 PSK-AES128-SHA256
+-s
+-v 3
+-l PSK-AES128-CBC-SHA256
+
+# server TLSv1.0 PSK-AES256-SHA384
+-s
+-v 1
+-l PSK-AES256-CBC-SHA384
+
+# client TLSv1.0 PSK-AES256-SHA384
+-s
+-v 1
+-l PSK-AES256-CBC-SHA384
+
+# server TLSv1.1 PSK-AES256-SHA384
+-s
+-v 2
+-l PSK-AES256-CBC-SHA384
+
+# client TLSv1.1 PSK-AES256-SHA384
+-s
+-v 2
+-l PSK-AES256-CBC-SHA384
+
+# server TLSv1.2 PSK-AES256-SHA384
+-s
+-v 3
+-l PSK-AES256-CBC-SHA384
+
+# client TLSv1.2 PSK-AES256-SHA384
+-s
+-v 3
+-l PSK-AES256-CBC-SHA384
+
+# server TLSv1.0 PSK-NULL
+-s
+-v 1
+-l PSK-NULL-SHA
+
+# client TLSv1.0 PSK-NULL
+-s
+-v 1
+-l PSK-NULL-SHA
+
+# server TLSv1.1 PSK-NULL
+-s
+-v 2
+-l PSK-NULL-SHA
+
+# client TLSv1.1 PSK-NULL
+-s
+-v 2
+-l PSK-NULL-SHA
+
+# server TLSv1.2 PSK-NULL
+-s
+-v 3
+-l PSK-NULL-SHA
+
+# client TLSv1.2 PSK-NULL
+-s
+-v 3
+-l PSK-NULL-SHA
+
+# server TLSv1.2 PSK-NULL-SHA256
+-s
+-v 3
+-l PSK-NULL-SHA256
+
+# client TLSv1.2 PSK-NULL-SHA256
+-s
+-v 3
+-l PSK-NULL-SHA256
+
+# server TLSv1.2 PSK-NULL-SHA384
+-s
+-v 3
+-l PSK-NULL-SHA384
+
+# client TLSv1.2 PSK-NULL-SHA384
+-s
+-v 3
+-l PSK-NULL-SHA384
+
+# server TLSv1.2 PSK-NULL
+-s
+-v 3
+-l PSK-NULL-SHA
+
+# client TLSv1.2 PSK-NULL
+-s
+-v 3
+-l PSK-NULL-SHA
+
+# server TLSv1.2 PSK-NULL-SHA256
+-s
+-v 3
+-l PSK-NULL-SHA256
+
+# client TLSv1.2 PSK-NULL-SHA256
+-s
+-v 3
+-l PSK-NULL-SHA256
+
+# server TLSv1.0 RSA-NULL-SHA
+-v 1
+-l NULL-SHA
+
+# client TLSv1.0 RSA-NULL-SHA
+-v 1
+-l NULL-SHA
+
+# server TLSv1.1 RSA-NULL-SHA
+-v 2
+-l NULL-SHA
+
+# client TLSv1.1 RSA-NULL-SHA
+-v 2
+-l NULL-SHA
+
+# server TLSv1.2 RSA-NULL-SHA
+-v 3
+-l NULL-SHA
+
+# client TLSv1.2 RSA-NULL-SHA
+-v 3
+-l NULL-SHA
+
+# server TLSv1.0 RSA-NULL-SHA256
+-v 1
+-l NULL-SHA256
+
+# client TLSv1.0 RSA-NULL-SHA256
+-v 1
+-l NULL-SHA256
+
+# server TLSv1.1 RSA-NULL-SHA256
+-v 2
+-l NULL-SHA256
+
+# client TLSv1.1 RSA-NULL-SHA256
+-v 2
+-l NULL-SHA256
+
+# server TLSv1.2 RSA-NULL-SHA256
+-v 3
+-l NULL-SHA256
+
+# client TLSv1.2 RSA-NULL-SHA256
+-v 3
+-l NULL-SHA256
+
+# server TLSv1 CAMELLIA128-SHA
+-v 1
+-l CAMELLIA128-SHA
+
+# client TLSv1 CAMELLIA128-SHA
+-v 1
+-l CAMELLIA128-SHA
+
+# server TLSv1 CAMELLIA256-SHA
+-v 1
+-l CAMELLIA256-SHA
+
+# client TLSv1 CAMELLIA256-SHA
+-v 1
+-l CAMELLIA256-SHA
+
+# server TLSv1 CAMELLIA128-SHA256
+-v 1
+-l CAMELLIA128-SHA256
+
+# client TLSv1 CAMELLIA128-SHA256
+-v 1
+-l CAMELLIA128-SHA256
+
+# server TLSv1 CAMELLIA256-SHA256
+-v 1
+-l CAMELLIA256-SHA256
+
+# client TLSv1 CAMELLIA256-SHA256
+-v 1
+-l CAMELLIA256-SHA256
+
+# server TLSv1.1 CAMELLIA128-SHA
+-v 2
+-l CAMELLIA128-SHA
+
+# client TLSv1.1 CAMELLIA128-SHA
+-v 2
+-l CAMELLIA128-SHA
+
+# server TLSv1.1 CAMELLIA256-SHA
+-v 2
+-l CAMELLIA256-SHA
+
+# client TLSv1.1 CAMELLIA256-SHA
+-v 2
+-l CAMELLIA256-SHA
+
+# server TLSv1.1 CAMELLIA128-SHA256
+-v 2
+-l CAMELLIA128-SHA256
+
+# client TLSv1.1 CAMELLIA128-SHA256
+-v 2
+-l CAMELLIA128-SHA256
+
+# server TLSv1.1 CAMELLIA256-SHA256
+-v 2
+-l CAMELLIA256-SHA256
+
+# client TLSv1.1 CAMELLIA256-SHA256
+-v 2
+-l CAMELLIA256-SHA256
+
+# server TLSv1.2 CAMELLIA128-SHA
+-v 3
+-l CAMELLIA128-SHA
+
+# client TLSv1.2 CAMELLIA128-SHA
+-v 3
+-l CAMELLIA128-SHA
+
+# server TLSv1.2 CAMELLIA256-SHA
+-v 3
+-l CAMELLIA256-SHA
+
+# client TLSv1.2 CAMELLIA256-SHA
+-v 3
+-l CAMELLIA256-SHA
+
+# server TLSv1.2 CAMELLIA128-SHA256
+-v 3
+-l CAMELLIA128-SHA256
+
+# client TLSv1.2 CAMELLIA128-SHA256
+-v 3
+-l CAMELLIA128-SHA256
+
+# server TLSv1.2 CAMELLIA256-SHA256
+-v 3
+-l CAMELLIA256-SHA256
+
+# client TLSv1.2 CAMELLIA256-SHA256
+-v 3
+-l CAMELLIA256-SHA256
+
+# server TLSv1 DHE-RSA-CAMELLIA128-SHA
+-v 1
+-l DHE-RSA-CAMELLIA128-SHA
+
+# client TLSv1 DHE-RSA-CAMELLIA128-SHA
+-v 1
+-l DHE-RSA-CAMELLIA128-SHA
+
+# server TLSv1 DHE-RSA-CAMELLIA256-SHA
+-v 1
+-l DHE-RSA-CAMELLIA256-SHA
+
+# client TLSv1 DHE-RSA-CAMELLIA256-SHA
+-v 1
+-l DHE-RSA-CAMELLIA256-SHA
+
+# server TLSv1 DHE-RSA-CAMELLIA128-SHA256
+-v 1
+-l DHE-RSA-CAMELLIA128-SHA256
+
+# client TLSv1 DHE-RSA-CAMELLIA128-SHA256
+-v 1
+-l DHE-RSA-CAMELLIA128-SHA256
+
+# server TLSv1 DHE-RSA-CAMELLIA256-SHA256
+-v 1
+-l DHE-RSA-CAMELLIA256-SHA256
+
+# client TLSv1 DHE-RSA-CAMELLIA256-SHA256
+-v 1
+-l DHE-RSA-CAMELLIA256-SHA256
+
+# server TLSv1.1 DHE-RSA-CAMELLIA128-SHA
+-v 2
+-l DHE-RSA-CAMELLIA128-SHA
+
+# client TLSv1.1 DHE-RSA-CAMELLIA128-SHA
+-v 2
+-l DHE-RSA-CAMELLIA128-SHA
+
+# server TLSv1.1 DHE-RSA-CAMELLIA256-SHA
+-v 2
+-l DHE-RSA-CAMELLIA256-SHA
+
+# client TLSv1.1 DHE-RSA-CAMELLIA256-SHA
+-v 2
+-l DHE-RSA-CAMELLIA256-SHA
+
+# server TLSv1.1 DHE-RSA-CAMELLIA128-SHA256
+-v 2
+-l DHE-RSA-CAMELLIA128-SHA256
+
+# client TLSv1.1 DHE-RSA-CAMELLIA128-SHA256
+-v 2
+-l DHE-RSA-CAMELLIA128-SHA256
+
+# server TLSv1.1 DHE-RSA-CAMELLIA256-SHA256
+-v 2
+-l DHE-RSA-CAMELLIA256-SHA256
+
+# client TLSv1.1 DHE-RSA-CAMELLIA256-SHA256
+-v 2
+-l DHE-RSA-CAMELLIA256-SHA256
+
+# server TLSv1.2 DHE-RSA-CAMELLIA128-SHA
+-v 3
+-l DHE-RSA-CAMELLIA128-SHA
+
+# client TLSv1.2 DHE-RSA-CAMELLIA128-SHA
+-v 3
+-l DHE-RSA-CAMELLIA128-SHA
+
+# server TLSv1.2 DHE-RSA-CAMELLIA256-SHA
+-v 3
+-l DHE-RSA-CAMELLIA256-SHA
+
+# client TLSv1.2 DHE-RSA-CAMELLIA256-SHA
+-v 3
+-l DHE-RSA-CAMELLIA256-SHA
+
+# server TLSv1.2 DHE-RSA-CAMELLIA128-SHA256
+-v 3
+-l DHE-RSA-CAMELLIA128-SHA256
+
+# client TLSv1.2 DHE-RSA-CAMELLIA128-SHA256
+-v 3
+-l DHE-RSA-CAMELLIA128-SHA256
+
+# server TLSv1.2 DHE-RSA-CAMELLIA256-SHA256
+-v 3
+-l DHE-RSA-CAMELLIA256-SHA256
+
+# client TLSv1.2 DHE-RSA-CAMELLIA256-SHA256
+-v 3
+-l DHE-RSA-CAMELLIA256-SHA256
+
+# server TLSv1.2 RSA-AES128-GCM-SHA256 
+-v 3
+-l AES128-GCM-SHA256
+
+# client TLSv1.2 RSA-AES128-GCM-SHA256 
+-v 3
+-l AES128-GCM-SHA256
+
+# server TLSv1.2 RSA-AES256-GCM-SHA384
+-v 3
+-l AES256-GCM-SHA384
+
+# client TLSv1.2 RSA-AES256-GCM-SHA384
+-v 3
+-l AES256-GCM-SHA384
+
+# server TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256 
+-v 3
+-l ECDHE-ECDSA-AES128-GCM-SHA256
+-c ./certs/server-ecc.pem
+-k ./certs/ecc-key.pem
+
+# client TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256 
+-v 3
+-l ECDHE-ECDSA-AES128-GCM-SHA256
+-A ./certs/server-ecc.pem
+
+# server TLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384
+-v 3
+-l ECDHE-ECDSA-AES256-GCM-SHA384
+-c ./certs/server-ecc.pem
+-k ./certs/ecc-key.pem
+
+# client TLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384
+-v 3
+-l ECDHE-ECDSA-AES256-GCM-SHA384
+-A ./certs/server-ecc.pem
+
+# server TLSv1.2 ECDH-ECDSA-AES128-GCM-SHA256 
+-v 3
+-l ECDH-ECDSA-AES128-GCM-SHA256
+-c ./certs/server-ecc.pem
+-k ./certs/ecc-key.pem
+
+# client TLSv1.2 ECDH-ECDSA-AES128-GCM-SHA256 
+-v 3
+-l ECDH-ECDSA-AES128-GCM-SHA256
+-A ./certs/server-ecc.pem
+
+# server TLSv1.2 ECDH-ECDSA-AES256-GCM-SHA384
+-v 3
+-l ECDH-ECDSA-AES256-GCM-SHA384
+-c ./certs/server-ecc.pem
+-k ./certs/ecc-key.pem
+
+# client TLSv1.2 ECDH-ECDSA-AES256-GCM-SHA384
+-v 3
+-l ECDH-ECDSA-AES256-GCM-SHA384
+-A ./certs/server-ecc.pem
+
+# server TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256 
+-v 3
+-l ECDHE-RSA-AES128-GCM-SHA256
+
+# client TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256 
+-v 3
+-l ECDHE-RSA-AES128-GCM-SHA256
+
+# server TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
+-v 3
+-l ECDHE-RSA-AES256-GCM-SHA384
+
+# client TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
+-v 3
+-l ECDHE-RSA-AES256-GCM-SHA384
+
+# server TLSv1.2 ECDH-RSA-AES128-GCM-SHA256 
+-v 3
+-l ECDH-RSA-AES128-GCM-SHA256
+-c ./certs/server-ecc-rsa.pem
+-k ./certs/ecc-key.pem
+
+# client TLSv1.2 ECDH-RSA-AES128-GCM-SHA256 
+-v 3
+-l ECDH-RSA-AES128-GCM-SHA256
+
+# server TLSv1.2 ECDH-RSA-AES256-GCM-SHA384
+-v 3
+-l ECDH-RSA-AES256-GCM-SHA384
+-c ./certs/server-ecc-rsa.pem
+-k ./certs/ecc-key.pem
+
+# client TLSv1.2 ECDH-RSA-AES256-GCM-SHA384
+-v 3
+-l ECDH-RSA-AES256-GCM-SHA384
+
+# server TLSv1.2 DHE-RSA-AES128-GCM-SHA256 
+-v 3
+-l DHE-RSA-AES128-GCM-SHA256
+
+# client TLSv1.2 DHE-RSA-AES128-GCM-SHA256 
+-v 3
+-l DHE-RSA-AES128-GCM-SHA256
+
+# server TLSv1.2 DHE-RSA-AES256-GCM-SHA384
+-v 3
+-l DHE-RSA-AES256-GCM-SHA384
+
+# client TLSv1.2 DHE-RSA-AES256-GCM-SHA384
+-v 3
+-l DHE-RSA-AES256-GCM-SHA384
+
+# server TLSv1.2 PSK-AES128-GCM-SHA256
+-s
+-v 3
+-l PSK-AES128-GCM-SHA256
+
+# client TLSv1.2 PSK-AES128-GCM-SHA256
+-s
+-v 3
+-l PSK-AES128-GCM-SHA256
+
+# server TLSv1.2 PSK-AES256-GCM-SHA384
+-s
+-v 3
+-l PSK-AES256-GCM-SHA384
+
+# client TLSv1.2 PSK-AES256-GCM-SHA384
+-s
+-v 3
+-l PSK-AES256-GCM-SHA384
+
+# server TLSv1.2 AES128-CCM-8
+-v 3
+-l AES128-CCM-8
+
+# client TLSv1.2 AES128-CCM-8
+-v 3
+-l AES128-CCM-8
+
+# server TLSv1.2 AES256-CCM-8
+-v 3
+-l AES256-CCM-8
+
+# client TLSv1.2 AES256-CCM-8
+-v 3
+-l AES256-CCM-8
+
+# server TLSv1.2 ECDHE-ECDSA-AES128-CCM-8
+-v 3
+-l ECDHE-ECDSA-AES128-CCM-8
+-c ./certs/server-ecc.pem
+-k ./certs/ecc-key.pem
+
+# client TLSv1.2 ECDHE-ECDSA-AES128-CCM-8
+-v 3
+-l ECDHE-ECDSA-AES128-CCM-8
+-A ./certs/server-ecc.pem
+
+# server TLSv1.2 ECDHE-ECDSA-AES256-CCM-8
+-v 3
+-l ECDHE-ECDSA-AES256-CCM-8
+-c ./certs/server-ecc.pem
+-k ./certs/ecc-key.pem
+
+# client TLSv1.2 ECDHE-ECDSA-AES256-CCM-8
+-v 3
+-l ECDHE-ECDSA-AES256-CCM-8
+-A ./certs/server-ecc.pem
+
+# server TLSv1.2 PSK-AES128-CCM
+-s
+-v 3
+-l PSK-AES128-CCM
+
+# client TLSv1.2 PSK-AES128-CCM
+-s
+-v 3
+-l PSK-AES128-CCM
+
+# server TLSv1.2 PSK-AES256-CCM
+-s
+-v 3
+-l PSK-AES256-CCM
+
+# client TLSv1.2 PSK-AES256-CCM
+-s
+-v 3
+-l PSK-AES256-CCM
+
+# server TLSv1.2 PSK-AES128-CCM-8
+-s
+-v 3
+-l PSK-AES128-CCM-8
+
+# client TLSv1.2 PSK-AES128-CCM-8
+-s
+-v 3
+-l PSK-AES128-CCM-8
+
+# server TLSv1.2 PSK-AES256-CCM-8
+-s
+-v 3
+-l PSK-AES256-CCM-8
+
+# client TLSv1.2 PSK-AES256-CCM-8
+-s
+-v 3
+-l PSK-AES256-CCM-8
+
+# server TLSv1.0 DHE-PSK-AES128-CBC-SHA256
+-s
+-v 1
+-l DHE-PSK-AES128-CBC-SHA256
+
+# client TLSv1.0 DHE-PSK-AES128-CBC-SHA256
+-s
+-v 1
+-l DHE-PSK-AES128-CBC-SHA256
+
+# server TLSv1.1 DHE-PSK-AES128-CBC-SHA256
+-s
+-v 2
+-l DHE-PSK-AES128-CBC-SHA256
+
+# client TLSv1.1 DHE-PSK-AES128-CBC-SHA256
+-s
+-v 2
+-l DHE-PSK-AES128-CBC-SHA256
+
+# server TLSv1.2 DHE-PSK-AES128-CBC-SHA256
+-s
+-v 3
+-l DHE-PSK-AES128-CBC-SHA256
+
+# client TLSv1.2 DHE-PSK-AES128-CBC-SHA256
+-s
+-v 3
+-l DHE-PSK-AES128-CBC-SHA256
+
+# server TLSv1.0 DHE-PSK-AES256-CBC-SHA384
+-s
+-v 1
+-l DHE-PSK-AES256-CBC-SHA384
+
+# client TLSv1.0 DHE-PSK-AES256-CBC-SHA384
+-s
+-v 1
+-l DHE-PSK-AES256-CBC-SHA384
+
+# server TLSv1.1 DHE-PSK-AES256-CBC-SHA384
+-s
+-v 2
+-l DHE-PSK-AES256-CBC-SHA384
+
+# client TLSv1.1 DHE-PSK-AES256-CBC-SHA384
+-s
+-v 2
+-l DHE-PSK-AES256-CBC-SHA384
+
+# server TLSv1.2 DHE-PSK-AES256-CBC-SHA384
+-s
+-v 3
+-l DHE-PSK-AES256-CBC-SHA384
+
+# client TLSv1.2 DHE-PSK-AES256-CBC-SHA384
+-s
+-v 3
+-l DHE-PSK-AES256-CBC-SHA384
+
+# server TLSv1.0 DHE-PSK-NULL-SHA256
+-s
+-v 1
+-l DHE-PSK-NULL-SHA256
+
+# client TLSv1.0 DHE-PSK-NULL-SHA256
+-s
+-v 1
+-l DHE-PSK-NULL-SHA256
+
+# server TLSv1.1 DHE-PSK-NULL-SHA256
+-s
+-v 2
+-l DHE-PSK-NULL-SHA256
+
+# client TLSv1.1 DHE-PSK-NULL-SHA256
+-s
+-v 2
+-l DHE-PSK-NULL-SHA256
+
+# server TLSv1.2 DHE-PSK-NULL-SHA256
+-s
+-v 3
+-l DHE-PSK-NULL-SHA256
+
+# client TLSv1.2 DHE-PSK-NULL-SHA256
+-s
+-v 3
+-l DHE-PSK-NULL-SHA256
+
+# server TLSv1.0 DHE-PSK-NULL-SHA384
+-s
+-v 1
+-l DHE-PSK-NULL-SHA384
+
+# client TLSv1.0 DHE-PSK-NULL-SHA384
+-s
+-v 1
+-l DHE-PSK-NULL-SHA384
+
+# server TLSv1.1 DHE-PSK-NULL-SHA384
+-s
+-v 2
+-l DHE-PSK-NULL-SHA384
+
+# client TLSv1.1 DHE-PSK-NULL-SHA384
+-s
+-v 2
+-l DHE-PSK-NULL-SHA384
+
+# server TLSv1.2 DHE-PSK-NULL-SHA384
+-s
+-v 3
+-l DHE-PSK-NULL-SHA384
+
+# client TLSv1.2 DHE-PSK-NULL-SHA384
+-s
+-v 3
+-l DHE-PSK-NULL-SHA384
+
+# server TLSv1.2 DHE-PSK-AES128-GCM-SHA256
+-s
+-v 3
+-l DHE-PSK-AES128-GCM-SHA256
+
+# client TLSv1.2 DHE-PSK-AES128-GCM-SHA256
+-s
+-v 3
+-l DHE-PSK-AES128-GCM-SHA256
+
+# server TLSv1.2 DHE-PSK-AES256-GCM-SHA384
+-s
+-v 3
+-l DHE-PSK-AES256-GCM-SHA384
+
+# client TLSv1.2 DHE-PSK-AES256-GCM-SHA384
+-s
+-v 3
+-l DHE-PSK-AES256-GCM-SHA384
+
+# server TLSv1.2 DHE-PSK-AES128-CCM
+-s
+-v 3
+-l DHE-PSK-AES128-CCM
+
+# client TLSv1.2 DHE-PSK-AES128-CCM
+-s
+-v 3
+-l DHE-PSK-AES128-CCM
+
+# server TLSv1.2 DHE-PSK-AES256-CCM
+-s
+-v 3
+-l DHE-PSK-AES256-CCM
+
+# client TLSv1.2 DHE-PSK-AES256-CCM
+-s
+-v 3
+-l DHE-PSK-AES256-CCM
+
+# server TLSv1.2 ADH-AES128-SHA
+-a
+-v 3
+-l ADH-AES128-SHA
+
+# client TLSv1.2 ADH-AES128-SHA
+-a
+-v 3
+-l ADH-AES128-SHA
+
+# server TLSv1.1 ADH-AES128-SHA
+-a
+-v 2
+-l ADH-AES128-SHA
+
+# client TLSv1.1 ADH-AES128-SHA
+-a
+-v 2
+-l ADH-AES128-SHA
+
+# server TLSv1.0 ADH-AES128-SHA
+-a
+-v 1
+-l ADH-AES128-SHA
+
+# client TLSv1.0 ADH-AES128-SHA
+-a
+-v 1
+-l ADH-AES128-SHA
+
diff --git a/3P/wolfssl/tests/unit.c b/3P/wolfssl/tests/unit.c
new file mode 100644
index 00000000..75d1fc92
--- /dev/null
+++ b/3P/wolfssl/tests/unit.c
@@ -0,0 +1,160 @@
+/* unit.c unit tests driver */
+
+/* Name change compatibility layer no longer need to be included here */
+
+#ifdef HAVE_CONFIG_H
+    #include 
+#endif
+
+#include 
+
+#include 
+#include 
+
+
+int myoptind = 0;
+char* myoptarg = NULL;
+int unit_test(int argc, char** argv);
+
+#ifndef NO_TESTSUITE_MAIN_DRIVER
+int main(int argc, char** argv)
+{
+    return unit_test(argc, argv);
+}
+#endif
+
+int unit_test(int argc, char** argv)
+{
+    int ret;
+
+    (void)argc;
+    (void)argv;
+    printf("starting unit tests...\n");
+
+#ifdef HAVE_CAVIUM
+    ret = OpenNitroxDevice(CAVIUM_DIRECT, CAVIUM_DEV_ID);
+    if (ret != 0)
+        err_sys("Cavium OpenNitroxDevice failed");
+#endif /* HAVE_CAVIUM */
+
+#ifndef WOLFSSL_TIRTOS
+    if (CurrentDir("tests") || CurrentDir("_build"))
+        ChangeDirBack(1);
+    else if (CurrentDir("Debug") || CurrentDir("Release"))
+        ChangeDirBack(3);
+#endif
+
+    ApiTest();
+
+    if ( (ret = HashTest()) != 0){
+        printf("hash test failed with %d\n", ret);
+        return ret;
+    }
+
+#ifndef SINGLE_THREADED
+    if ( (ret = SuiteTest()) != 0){
+        printf("suite test failed with %d\n", ret);
+        return ret;
+    }
+#endif
+
+#ifdef HAVE_CAVIUM
+        CspShutdown(CAVIUM_DEV_ID);
+#endif
+
+    return 0;
+}
+
+
+
+void wait_tcp_ready(func_args* args)
+{
+#ifdef SINGLE_THREADED
+    (void)args;
+#elif defined(_POSIX_THREADS) && !defined(__MINGW32__)
+    pthread_mutex_lock(&args->signal->mutex);
+    
+    if (!args->signal->ready)
+        pthread_cond_wait(&args->signal->cond, &args->signal->mutex);
+    args->signal->ready = 0; /* reset */
+
+    pthread_mutex_unlock(&args->signal->mutex);
+#else
+    (void)args;
+#endif
+}
+
+
+void start_thread(THREAD_FUNC fun, func_args* args, THREAD_TYPE* thread)
+{
+#ifdef SINGLE_THREADED
+    (void)fun;
+    (void)args;
+    (void)thread;
+#elif defined(_POSIX_THREADS) && !defined(__MINGW32__)
+    pthread_create(thread, 0, fun, args);
+    return;
+#elif defined (WOLFSSL_TIRTOS)
+    /* Initialize the defaults and set the parameters. */
+    Task_Params taskParams;
+    Task_Params_init(&taskParams);
+    taskParams.arg0 = (UArg)args;
+    taskParams.stackSize = 65535;
+    *thread = Task_create((Task_FuncPtr)fun, &taskParams, NULL);
+    if (*thread == NULL) {
+        printf("Failed to create new Task\n");
+    }
+    Task_yield();
+#else
+    *thread = (THREAD_TYPE)_beginthreadex(0, 0, fun, args, 0, 0);
+#endif
+}
+
+
+void join_thread(THREAD_TYPE thread)
+{
+#ifdef SINGLE_THREADED
+    (void)thread;
+#elif defined(_POSIX_THREADS) && !defined(__MINGW32__)
+    pthread_join(thread, 0);
+#elif defined (WOLFSSL_TIRTOS)
+    while(1) {
+        if (Task_getMode(thread) == Task_Mode_TERMINATED) {
+            Task_sleep(5);
+            break;
+        }
+        Task_yield();
+    }
+#else
+    int res = WaitForSingleObject((HANDLE)thread, INFINITE);
+    assert(res == WAIT_OBJECT_0);
+    res = CloseHandle((HANDLE)thread);
+    assert(res);
+#endif
+}
+
+
+void InitTcpReady(tcp_ready* ready)
+{
+    ready->ready = 0;
+    ready->port = 0;
+#ifdef SINGLE_THREADED
+#elif defined(_POSIX_THREADS) && !defined(__MINGW32__)
+      pthread_mutex_init(&ready->mutex, 0);
+      pthread_cond_init(&ready->cond, 0);
+#endif
+}
+
+
+void FreeTcpReady(tcp_ready* ready)
+{
+#ifdef SINGLE_THREADED
+    (void)ready;
+#elif defined(_POSIX_THREADS) && !defined(__MINGW32__)
+    pthread_mutex_destroy(&ready->mutex);
+    pthread_cond_destroy(&ready->cond);
+#else
+    (void)ready;
+#endif
+}
+
diff --git a/3P/wolfssl/tests/unit.h b/3P/wolfssl/tests/unit.h
new file mode 100644
index 00000000..0ec91a0f
--- /dev/null
+++ b/3P/wolfssl/tests/unit.h
@@ -0,0 +1,64 @@
+/* unit.h unit tests driver */
+
+#ifndef CyaSSL_UNIT_H
+#define CyaSSL_UNIT_H
+
+#include     /* thread and tcp stuff */
+
+#define Fail(description, result) do {                                         \
+    printf("\nERROR - %s line %d failed with:", __FILE__, __LINE__);           \
+    printf("\n\n    test:   "); printf description;                            \
+    printf("\n\n    result: "); printf result;                                 \
+    abort();                                                                   \
+} while(0)
+
+#define Assert(test, description, result) if (!(test)) Fail(description, result)
+
+#define AssertTrue(x)    Assert( (x), ("%s is true",     #x), (#x " => FALSE"))
+#define AssertFalse(x)   Assert(!(x), ("%s is false",    #x), (#x " => TRUE"))
+#define AssertNotNull(x) Assert( (x), ("%s is not null", #x), (#x " => NULL"))
+
+#define AssertNull(x) do {                                                     \
+    void* _x = (void *) (x);                                                   \
+                                                                               \
+    Assert(!_x, ("%s is null", #x), (#x " => %p", _x));                        \
+} while(0)
+
+#define AssertInt(x, y, op, er) do {                                           \
+    int _x = x;                                                                \
+    int _y = y;                                                                \
+                                                                               \
+    Assert(_x op _y, ("%s " #op " %s", #x, #y), ("%d " #er " %d", _x, _y));    \
+} while(0)
+
+#define AssertIntEQ(x, y) AssertInt(x, y, ==, !=)
+#define AssertIntNE(x, y) AssertInt(x, y, !=, ==)
+#define AssertIntGT(x, y) AssertInt(x, y,  >, <=)
+#define AssertIntLT(x, y) AssertInt(x, y,  <, >=)
+#define AssertIntGE(x, y) AssertInt(x, y, >=,  <)
+#define AssertIntLE(x, y) AssertInt(x, y, <=,  >)
+
+#define AssertStr(x, y, op, er) do {                                           \
+    const char* _x = x;                                                        \
+    const char* _y = y;                                                        \
+    int   _z = strcmp(_x, _y);                                                 \
+                                                                               \
+    Assert(_z op 0, ("%s " #op " %s", #x, #y),                                 \
+                                            ("\"%s\" " #er " \"%s\"", _x, _y));\
+} while(0)
+
+#define AssertStrEQ(x, y) AssertStr(x, y, ==, !=)
+#define AssertStrNE(x, y) AssertStr(x, y, !=, ==)
+#define AssertStrGT(x, y) AssertStr(x, y,  >, <=)
+#define AssertStrLT(x, y) AssertStr(x, y,  <, >=)
+#define AssertStrGE(x, y) AssertStr(x, y, >=,  <)
+#define AssertStrLE(x, y) AssertStr(x, y, <=,  >)
+
+
+void ApiTest(void);
+int SuiteTest(void);
+int HashTest(void);
+
+
+#endif /* CyaSSL_UNIT_H */
+
diff --git a/3P/wolfssl/testsuite/include.am b/3P/wolfssl/testsuite/include.am
new file mode 100644
index 00000000..62edb4a3
--- /dev/null
+++ b/3P/wolfssl/testsuite/include.am
@@ -0,0 +1,26 @@
+# vim:ft=automake
+# included from Top Level Makefile.am
+# All paths should be given relative to the root
+
+
+if BUILD_EXAMPLES
+check_PROGRAMS += testsuite/testsuite.test
+noinst_PROGRAMS += testsuite/testsuite.test
+testsuite_testsuite_test_SOURCES = \
+			      wolfcrypt/test/test.c \
+			      examples/client/client.c \
+			      examples/echoclient/echoclient.c \
+			      examples/echoserver/echoserver.c \
+			      examples/server/server.c \
+			      testsuite/testsuite.c
+testsuite_testsuite_test_CFLAGS       = -DNO_MAIN_DRIVER $(AM_CFLAGS)
+testsuite_testsuite_test_LDADD        = src/libwolfssl.la
+testsuite_testsuite_test_DEPENDENCIES = src/libwolfssl.la
+endif
+EXTRA_DIST += testsuite/testsuite.sln
+EXTRA_DIST += testsuite/testsuite-ntru.vcproj
+EXTRA_DIST += testsuite/testsuite.vcproj
+EXTRA_DIST += testsuite/testsuite.vcxproj
+EXTRA_DIST += input
+EXTRA_DIST += quit
+DISTCLEANFILES+= testsuite/.libs/testsuite.test
diff --git a/3P/wolfssl/testsuite/testsuite-ntru.vcproj b/3P/wolfssl/testsuite/testsuite-ntru.vcproj
new file mode 100755
index 00000000..0bca0c23
--- /dev/null
+++ b/3P/wolfssl/testsuite/testsuite-ntru.vcproj
@@ -0,0 +1,219 @@
+
+
+	
+		
+	
+	
+	
+	
+		
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+		
+		
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+		
+	
+	
+	
+	
+		
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+		
+		
+		
+		
+		
+	
+	
+	
+
diff --git a/3P/wolfssl/testsuite/testsuite.c b/3P/wolfssl/testsuite/testsuite.c
new file mode 100644
index 00000000..2f1767cf
--- /dev/null
+++ b/3P/wolfssl/testsuite/testsuite.c
@@ -0,0 +1,444 @@
+/* testsuite.c
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+#ifdef HAVE_CONFIG_H
+    #include 
+#endif
+
+#include 
+
+#include 
+#include "wolfcrypt/test/test.h"
+
+#ifndef SINGLE_THREADED
+
+#include 
+#include 
+
+#include "examples/echoclient/echoclient.h"
+#include "examples/echoserver/echoserver.h"
+#include "examples/server/server.h"
+#include "examples/client/client.h"
+
+
+void file_test(const char* file, byte* hash);
+
+void simple_test(func_args*);
+
+enum {
+    NUMARGS = 3
+};
+
+static const char *outputName;
+
+int myoptind = 0;
+char* myoptarg = NULL;
+
+
+#ifndef NO_TESTSUITE_MAIN_DRIVER
+
+    static int testsuite_test(int argc, char** argv);
+
+    int main(int argc, char** argv)
+    {
+        return testsuite_test(argc, argv);
+    }
+
+#endif /* NO_TESTSUITE_MAIN_DRIVER */
+
+
+int testsuite_test(int argc, char** argv)
+{
+    func_args server_args;
+
+    tcp_ready ready;
+    THREAD_TYPE serverThread;
+
+#ifndef USE_WINDOWS_API
+    char tempName[] = "/tmp/output-XXXXXX";
+    int len = 18;
+    int num = 6;
+#else
+    char tempName[] = "fnXXXXXX";
+    int len = 8;
+    int num = 6;
+#endif
+
+#ifdef HAVE_CAVIUM
+        int ret = OpenNitroxDevice(CAVIUM_DIRECT, CAVIUM_DEV_ID);
+        if (ret != 0)
+            err_sys("Cavium OpenNitroxDevice failed");
+#endif /* HAVE_CAVIUM */
+
+    StartTCP();
+
+    server_args.argc = argc;
+    server_args.argv = argv;
+
+    wolfSSL_Init();
+#if defined(DEBUG_WOLFSSL) && !defined(HAVE_VALGRIND)
+    wolfSSL_Debugging_ON();
+#endif
+
+#if !defined(WOLFSSL_TIRTOS)
+    if (CurrentDir("testsuite") || CurrentDir("_build"))
+        ChangeDirBack(1);
+    else if (CurrentDir("Debug") || CurrentDir("Release"))
+        ChangeDirBack(3);          /* Xcode->Preferences->Locations->Locations*/
+                                   /* Derived Data Advanced -> Custom  */
+                                   /* Relative to Workspace, Build/Products */
+                                   /* Debug or Release */
+#endif
+
+#ifdef WOLFSSL_TIRTOS
+    fdOpenSession(Task_self());
+#endif
+
+    server_args.signal = &ready;
+    InitTcpReady(&ready);
+
+    /* wc_ test */
+    wolfcrypt_test(&server_args);
+    if (server_args.return_code != 0) return server_args.return_code;
+ 
+    /* Simple wolfSSL client server test */
+    simple_test(&server_args);
+    if (server_args.return_code != 0) return server_args.return_code;
+
+    /* Echo input wolfSSL client server test */
+    start_thread(echoserver_test, &server_args, &serverThread);
+    wait_tcp_ready(&server_args);
+    {
+        func_args echo_args;
+        char* myArgv[NUMARGS];
+
+        char argc0[32];
+        char argc1[32];
+        char argc2[32];
+
+        myArgv[0] = argc0;
+        myArgv[1] = argc1;
+        myArgv[2] = argc2;
+
+        echo_args.argc = 3;
+        echo_args.argv = myArgv;
+
+        /* Create unique file name */
+        outputName = mymktemp(tempName, len, num);
+        if (outputName == NULL) {
+            printf("Could not create unique file name");
+            return EXIT_FAILURE;
+        }
+
+        strcpy(echo_args.argv[0], "echoclient");
+        strcpy(echo_args.argv[1], "input");
+        strcpy(echo_args.argv[2], outputName);
+        remove(outputName);
+
+        /* Share the signal, it has the new port number in it. */
+        echo_args.signal = server_args.signal;
+
+        /* make sure OK */
+        echoclient_test(&echo_args);
+        if (echo_args.return_code != 0) return echo_args.return_code;
+
+#ifdef WOLFSSL_DTLS
+        wait_tcp_ready(&server_args);
+#endif
+        /* send quit to echoserver */
+        echo_args.argc = 2;
+        strcpy(echo_args.argv[1], "quit");
+
+        echoclient_test(&echo_args);
+        if (echo_args.return_code != 0) return echo_args.return_code;
+        join_thread(serverThread);
+        if (server_args.return_code != 0) return server_args.return_code;
+    }
+
+    /* show ciphers */
+    {
+        char ciphers[1024];
+        XMEMSET(ciphers, 0, sizeof(ciphers));
+        wolfSSL_get_ciphers(ciphers, sizeof(ciphers)-1);
+        printf("ciphers = %s\n", ciphers);
+    }
+
+    /* validate output equals input */
+    {
+        byte input[SHA256_DIGEST_SIZE];
+        byte output[SHA256_DIGEST_SIZE];
+
+        file_test("input",  input);
+        file_test(outputName, output);
+        if (memcmp(input, output, sizeof(input)) != 0)
+            return EXIT_FAILURE;
+    }
+
+    wolfSSL_Cleanup();
+    FreeTcpReady(&ready);
+
+#ifdef WOLFSSL_TIRTOS
+    fdCloseSession(Task_self());
+#endif
+
+#ifdef HAVE_CAVIUM
+        CspShutdown(CAVIUM_DEV_ID);
+#endif
+    printf("\nAll tests passed!\n");
+    return EXIT_SUCCESS;
+}
+
+void simple_test(func_args* args)
+{
+    THREAD_TYPE serverThread;
+
+    func_args svrArgs;
+    char *svrArgv[9];
+    char argc0s[32];
+    char argc1s[32];
+    char argc2s[32];
+    char argc3s[32];
+    char argc4s[32];
+    char argc5s[32];
+    char argc6s[32];
+    char argc7s[32];
+    char argc8s[32];
+
+    func_args cliArgs;
+    char *cliArgv[NUMARGS];
+    char argc0c[32];
+    char argc1c[32];
+    char argc2c[32];
+
+    svrArgv[0] = argc0s;
+    svrArgv[1] = argc1s;
+    svrArgv[2] = argc2s;
+    svrArgv[3] = argc3s;
+    svrArgv[4] = argc4s;
+    svrArgv[5] = argc5s;
+    svrArgv[6] = argc6s;
+    svrArgv[7] = argc7s;
+    svrArgv[8] = argc8s;
+    cliArgv[0] = argc0c;
+    cliArgv[1] = argc1c;
+    cliArgv[2] = argc2c;
+
+    svrArgs.argc = 1;
+    svrArgs.argv = svrArgv;
+    svrArgs.return_code = 0;
+    cliArgs.argc = 1;
+    cliArgs.argv = cliArgv;
+    cliArgs.return_code = 0;
+
+    strcpy(svrArgs.argv[0], "SimpleServer");
+    #if !defined(USE_WINDOWS_API) && !defined(WOLFSSL_SNIFFER)  && \
+                                     !defined(WOLFSSL_TIRTOS)
+        strcpy(svrArgs.argv[svrArgs.argc++], "-p");
+        strcpy(svrArgs.argv[svrArgs.argc++], "0");
+    #endif
+    #ifdef HAVE_NTRU
+        strcpy(svrArgs.argv[svrArgs.argc++], "-d");
+        strcpy(svrArgs.argv[svrArgs.argc++], "-n");
+        strcpy(svrArgs.argv[svrArgs.argc++], "-c");
+        strcpy(svrArgs.argv[svrArgs.argc++], "./certs/ntru-cert.pem");
+        strcpy(svrArgs.argv[svrArgs.argc++], "-k");
+        strcpy(svrArgs.argv[svrArgs.argc++], "./certs/ntru-key.raw");
+    #endif
+    /* Set the last arg later, when it is known. */
+
+    args->return_code = 0;
+    svrArgs.signal = args->signal;
+    start_thread(server_test, &svrArgs, &serverThread);
+    wait_tcp_ready(&svrArgs);
+
+    /* Setting the actual port number. */
+    strcpy(cliArgs.argv[0], "SimpleClient");
+    #ifndef USE_WINDOWS_API
+        cliArgs.argc = NUMARGS;
+        strcpy(cliArgs.argv[1], "-p");
+        snprintf(cliArgs.argv[2], sizeof(argc2c), "%d", svrArgs.signal->port);
+    #endif
+
+    client_test(&cliArgs);
+    if (cliArgs.return_code != 0) {
+        args->return_code = cliArgs.return_code;
+        return;
+    }
+    join_thread(serverThread);
+    if (svrArgs.return_code != 0) args->return_code = svrArgs.return_code;
+}
+
+
+void wait_tcp_ready(func_args* args)
+{
+#if defined(_POSIX_THREADS) && !defined(__MINGW32__)
+    pthread_mutex_lock(&args->signal->mutex);
+
+    if (!args->signal->ready)
+        pthread_cond_wait(&args->signal->cond, &args->signal->mutex);
+    args->signal->ready = 0; /* reset */
+
+    pthread_mutex_unlock(&args->signal->mutex);
+#else
+    (void)args;
+#endif
+}
+
+
+void start_thread(THREAD_FUNC fun, func_args* args, THREAD_TYPE* thread)
+{
+#if defined(_POSIX_THREADS) && !defined(__MINGW32__)
+    pthread_create(thread, 0, fun, args);
+    return;
+#elif defined(WOLFSSL_TIRTOS)
+    /* Initialize the defaults and set the parameters. */
+    Task_Params taskParams;
+    Task_Params_init(&taskParams);
+    taskParams.arg0 = (UArg)args;
+    taskParams.stackSize = 65535;
+    *thread = Task_create((Task_FuncPtr)fun, &taskParams, NULL);
+    if (*thread == NULL) {
+        printf("Failed to create new Task\n");
+    }
+    Task_yield();
+#else
+    *thread = (THREAD_TYPE)_beginthreadex(0, 0, fun, args, 0, 0);
+#endif
+}
+
+
+void join_thread(THREAD_TYPE thread)
+{
+#if defined(_POSIX_THREADS) && !defined(__MINGW32__)
+    pthread_join(thread, 0);
+#elif defined(WOLFSSL_TIRTOS)
+    while(1) {
+        if (Task_getMode(thread) == Task_Mode_TERMINATED) {
+		    Task_sleep(5);
+            break;
+        }
+        Task_yield();
+    }
+#else
+    int res = WaitForSingleObject((HANDLE)thread, INFINITE);
+    assert(res == WAIT_OBJECT_0);
+    res = CloseHandle((HANDLE)thread);
+    assert(res);
+#endif
+}
+
+
+void InitTcpReady(tcp_ready* ready)
+{
+    ready->ready = 0;
+    ready->port = 0;
+#if defined(_POSIX_THREADS) && !defined(__MINGW32__)
+      pthread_mutex_init(&ready->mutex, 0);
+      pthread_cond_init(&ready->cond, 0);
+#endif
+}
+
+
+void FreeTcpReady(tcp_ready* ready)
+{
+#if defined(_POSIX_THREADS) && !defined(__MINGW32__)
+    pthread_mutex_destroy(&ready->mutex);
+    pthread_cond_destroy(&ready->cond);
+#else
+    (void)ready;
+#endif
+}
+
+
+void file_test(const char* file, byte* check)
+{
+    FILE* f;
+    int   i = 0, j, ret;
+    Sha256   sha256;
+    byte  buf[1024];
+    byte  shasum[SHA256_DIGEST_SIZE];
+
+    ret = wc_InitSha256(&sha256);
+    if (ret != 0) {
+        printf("Can't wc_InitSha256 %d\n", ret);
+        return;
+    }
+    if( !( f = fopen( file, "rb" ) )) {
+        printf("Can't open %s\n", file);
+        return;
+    }
+    while( ( i = (int)fread(buf, 1, sizeof(buf), f )) > 0 ) {
+        ret = wc_Sha256Update(&sha256, buf, i);
+        if (ret != 0) {
+            printf("Can't wc_Sha256Update %d\n", ret);
+            return;
+        }
+    }
+
+    ret = wc_Sha256Final(&sha256, shasum);
+    if (ret != 0) {
+        printf("Can't wc_Sha256Final %d\n", ret);
+        return;
+    }
+
+    memcpy(check, shasum, sizeof(shasum));
+
+    for(j = 0; j < SHA256_DIGEST_SIZE; ++j )
+        printf( "%02x", shasum[j] );
+
+    printf("  %s\n", file);
+
+    fclose(f);
+}
+
+
+#else /* SINGLE_THREADED */
+
+
+int myoptind = 0;
+char* myoptarg = NULL;
+
+
+int main(int argc, char** argv)
+{
+    func_args server_args;
+
+    server_args.argc = argc;
+    server_args.argv = argv;
+
+    if (CurrentDir("testsuite") || CurrentDir("_build"))
+        ChangeDirBack(1);
+    else if (CurrentDir("Debug") || CurrentDir("Release"))
+        ChangeDirBack(3);          /* Xcode->Preferences->Locations->Locations*/
+                                   /* Derived Data Advanced -> Custom  */
+                                   /* Relative to Workspace, Build/Products */
+                                   /* Debug or Release */
+
+    wolfcrypt_test(&server_args);
+    if (server_args.return_code != 0) return server_args.return_code;
+
+    printf("\nAll tests passed!\n");
+    return EXIT_SUCCESS;
+}
+
+
+#endif /* SINGLE_THREADED */
+
diff --git a/3P/wolfssl/testsuite/testsuite.sln b/3P/wolfssl/testsuite/testsuite.sln
new file mode 100755
index 00000000..b89dcc1f
--- /dev/null
+++ b/3P/wolfssl/testsuite/testsuite.sln
@@ -0,0 +1,20 @@
+
+Microsoft Visual Studio Solution File, Format Version 9.00
+# Visual C++ Express 2005
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "testsuite", "testsuite.vcproj", "{9D4D8446-CE91-4F7A-AFF2-90D0B5DCD717}"
+EndProject
+Global
+	GlobalSection(SolutionConfigurationPlatforms) = preSolution
+		Debug|Win32 = Debug|Win32
+		Release|Win32 = Release|Win32
+	EndGlobalSection
+	GlobalSection(ProjectConfigurationPlatforms) = postSolution
+		{9D4D8446-CE91-4F7A-AFF2-90D0B5DCD717}.Debug|Win32.ActiveCfg = Debug|Win32
+		{9D4D8446-CE91-4F7A-AFF2-90D0B5DCD717}.Debug|Win32.Build.0 = Debug|Win32
+		{9D4D8446-CE91-4F7A-AFF2-90D0B5DCD717}.Release|Win32.ActiveCfg = Release|Win32
+		{9D4D8446-CE91-4F7A-AFF2-90D0B5DCD717}.Release|Win32.Build.0 = Release|Win32
+	EndGlobalSection
+	GlobalSection(SolutionProperties) = preSolution
+		HideSolutionNode = FALSE
+	EndGlobalSection
+EndGlobal
diff --git a/3P/wolfssl/testsuite/testsuite.vcproj b/3P/wolfssl/testsuite/testsuite.vcproj
new file mode 100755
index 00000000..ce71e147
--- /dev/null
+++ b/3P/wolfssl/testsuite/testsuite.vcproj
@@ -0,0 +1,217 @@
+
+
+	
+		
+	
+	
+	
+	
+		
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+		
+		
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+		
+	
+	
+	
+	
+		
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+		
+		
+		
+		
+		
+	
+	
+	
+
diff --git a/3P/wolfssl/testsuite/testsuite.vcxproj b/3P/wolfssl/testsuite/testsuite.vcxproj
new file mode 100644
index 00000000..511f6c43
--- /dev/null
+++ b/3P/wolfssl/testsuite/testsuite.vcxproj
@@ -0,0 +1,180 @@
+
+
+  
+    
+      Debug
+      Win32
+    
+    
+      Debug
+      x64
+    
+    
+      Release
+      Win32
+    
+    
+      Release
+      x64
+    
+  
+  
+    {611E8971-46E0-4D0A-B5A1-632C3B00CB80}
+    testsuite
+    Win32Proj
+  
+  
+  
+    Application
+    v110
+    Unicode
+    true
+  
+  
+    Application
+    v110
+    Unicode
+    true
+  
+  
+    Application
+    v110
+    Unicode
+  
+  
+    Application
+    v110
+    Unicode
+  
+  
+  
+  
+  
+    
+  
+  
+    
+  
+  
+    
+  
+  
+    
+  
+  
+  
+    <_ProjectFileVersion>11.0.61030.0
+  
+  
+    $(SolutionDir)$(Configuration)\
+    $(Configuration)\
+    true
+  
+  
+    true
+  
+  
+    $(SolutionDir)$(Configuration)\
+    $(Configuration)\
+    false
+  
+  
+    false
+  
+  
+    
+      Disabled
+      ../;%(AdditionalIncludeDirectories)
+      NO_MAIN_DRIVER;WOLFSSL_RIPEMD;WOLFSSL_SHA512;OPENSSL_EXTRA;NO_PSK;%(PreprocessorDefinitions)
+      true
+      EnableFastChecks
+      MultiThreadedDebugDLL
+      
+      Level3
+      EditAndContinue
+    
+    
+      Ws2_32.lib;%(AdditionalDependencies)
+      true
+      Console
+      MachineX86
+    
+  
+  
+    
+      Disabled
+      ../;%(AdditionalIncludeDirectories)
+      NO_MAIN_DRIVER;WOLFSSL_RIPEMD;WOLFSSL_SHA512;OPENSSL_EXTRA;NO_PSK;%(PreprocessorDefinitions)
+      EnableFastChecks
+      MultiThreadedDebugDLL
+      
+      
+      Level3
+      ProgramDatabase
+    
+    
+      Ws2_32.lib;%(AdditionalDependencies)
+      true
+      Console
+    
+  
+  
+    
+      MaxSpeed
+      true
+      ../;%(AdditionalIncludeDirectories)
+      NO_MAIN_DRIVER;WOLFSSL_RIPEMD;WOLFSSL_SHA512;OPENSSL_EXTRA;NO_PSK;%(PreprocessorDefinitions)
+      MultiThreadedDLL
+      true
+      
+      Level3
+      ProgramDatabase
+    
+    
+      Ws2_32.lib;%(AdditionalDependencies)
+      true
+      Console
+      true
+      true
+      MachineX86
+    
+  
+  
+    
+      MaxSpeed
+      true
+      ../;%(AdditionalIncludeDirectories)
+      NO_MAIN_DRIVER;WOLFSSL_RIPEMD;WOLFSSL_SHA512;OPENSSL_EXTRA;NO_PSK;%(PreprocessorDefinitions)
+      MultiThreadedDLL
+      true
+      
+      
+      Level3
+      ProgramDatabase
+    
+    
+      Ws2_32.lib;%(AdditionalDependencies)
+      true
+      Console
+      true
+      true
+    
+  
+  
+    
+    
+    
+    
+    
+    
+  
+  
+    
+      {73973223-5ee8-41ca-8e88-1d60e89a237b}
+      false
+    
+  
+  
+  
+  
+
\ No newline at end of file
diff --git a/3P/wolfssl/tirtos/README b/3P/wolfssl/tirtos/README
new file mode 100644
index 00000000..c933e662
--- /dev/null
+++ b/3P/wolfssl/tirtos/README
@@ -0,0 +1,36 @@
+wolfSSL library for TI-RTOS
+
+This directory contains the files that build wolfSSL library for TI-RTOS. 
+Please follow the instructions in TI-RTOS user guide (www.ti.com/tool/ti-rtos) 
+to build the wolfSSL library and the example applications.
+
+Included Files
+---------------
+
+1. wolfSSL library build files (packages/ti/net/wolfssl)
+
+    Build instructions provided in TI-RTOS user guide (www.ti.com/tool/ti-rtos)
+
+2. wc_ test application (packages/ti/net/wolfssl/tests/wolfcrypt/test)
+
+    This application is the standard wc_ test application provided with
+    wolfSSL.
+   
+    It will be built along with the wolfSSL library. Load the built executable
+    on the target and make sure the wolfSSL library works as expected.
+
+3. wc_ benchmark application 
+   (packages/ti/net/wolfssl/tests/wolfcrypt/benchmark)
+
+    This application is the standard wc_ benchmark application provided
+    with wolfSSL.
+
+    It will be built along with the wolfSSL library. Load the built executable
+    on the target and run to get the benchmark results for the configured 
+    wolfSSL library.
+
+Examples Application
+--------------------
+
+A simple 'TCP echo server with TLS' example application is provided with TI-RTOS
+product. Look in the TI-RTOS user guide for instructions to build examples.
diff --git a/3P/wolfssl/tirtos/include.am b/3P/wolfssl/tirtos/include.am
new file mode 100644
index 00000000..46bdd432
--- /dev/null
+++ b/3P/wolfssl/tirtos/include.am
@@ -0,0 +1,22 @@
+# vim:ft=automake
+# included from Top Level Makefile.am
+# All paths should be given relative to the root
+
+EXTRA_DIST += \
+         tirtos/README \
+         tirtos/wolfssl.bld \
+         tirtos/wolfssl.mak \
+         tirtos/packages/ti/net/wolfssl/package.bld \
+         tirtos/packages/ti/net/wolfssl/package.xdc \
+         tirtos/packages/ti/net/wolfssl/package.xs \
+         tirtos/packages/ti/net/wolfssl/tests/wolfcrypt/test/package.bld \
+         tirtos/packages/ti/net/wolfssl/tests/wolfcrypt/test/package.xdc \
+         tirtos/packages/ti/net/wolfssl/tests/wolfcrypt/test/test.cfg \
+         tirtos/packages/ti/net/wolfssl/tests/wolfcrypt/test/TM4C1294NC.icf \
+         tirtos/packages/ti/net/wolfssl/tests/wolfcrypt/test/main.c \
+         tirtos/packages/ti/net/wolfssl/tests/wolfcrypt/benchmark/package.bld \
+         tirtos/packages/ti/net/wolfssl/tests/wolfcrypt/benchmark/package.xdc \
+         tirtos/packages/ti/net/wolfssl/tests/wolfcrypt/benchmark/benchmark.cfg \
+        tirtos/packages/ti/net/wolfssl/tests/wolfcrypt/benchmark/TM4C1294NC.icf \
+         tirtos/packages/ti/net/wolfssl/tests/wolfcrypt/benchmark/main.c
+
diff --git a/3P/wolfssl/tirtos/packages/ti/net/wolfssl/package.bld b/3P/wolfssl/tirtos/packages/ti/net/wolfssl/package.bld
new file mode 100644
index 00000000..95d0811a
--- /dev/null
+++ b/3P/wolfssl/tirtos/packages/ti/net/wolfssl/package.bld
@@ -0,0 +1,56 @@
+/*
+ *  ======== package.bld ========
+ *  Build script for wolfSSL library
+ */
+var Build = xdc.useModule('xdc.bld.BuildEnvironment');
+var Pkg = xdc.useModule('xdc.bld.PackageContents');
+
+/* make command to search for the srcs */ 
+Pkg.makePrologue = "vpath %.c $(subst ;,  ,$(XPKGPATH))";
+
+/* WOLFSSL sources */
+var wolfSSLObjList = [
+    "wolfcrypt/src/aes.c",
+    "wolfcrypt/src/arc4.c",
+    "wolfcrypt/src/asm.c",
+    "wolfcrypt/src/asn.c",
+    "wolfcrypt/src/blake2b.c",
+    "wolfcrypt/src/camellia.c",
+    "wolfcrypt/src/chacha.c",
+    "wolfcrypt/src/coding.c", 
+    "wolfcrypt/src/des3.c",
+    "wolfcrypt/src/dh.c",
+    "wolfcrypt/src/dsa.c",
+    "wolfcrypt/src/ecc.c",
+    "wolfcrypt/src/error.c",
+    "wolfcrypt/src/hc128.c",
+    "wolfcrypt/src/hmac.c",
+    "wolfcrypt/src/integer.c",
+    "wolfcrypt/src/logging.c",
+    "wolfcrypt/src/md4.c",
+    "wolfcrypt/src/md5.c",
+    "wolfcrypt/src/memory.c",
+    "wolfcrypt/src/poly1305.c",
+    "wolfcrypt/src/pwdbased.c",
+    "wolfcrypt/src/rabbit.c",
+    "wolfcrypt/src/random.c",
+    "wolfcrypt/src/rsa.c",
+    "wolfcrypt/src/sha.c",
+    "wolfcrypt/src/sha256.c",
+    "wolfcrypt/src/sha512.c",
+    "wolfcrypt/src/tfm.c",
+    "wolfcrypt/src/wc_port.c",
+
+    "src/internal.c",
+    "src/io.c",
+    "src/keys.c",
+    "src/ssl.c",
+    "src/tls.c",
+    ];
+
+for each (var targ in Build.targets) {
+    var libOptions = {incs: wolfsslPathInclude};
+    var lib = Pkg.addLibrary("lib/" + Pkg.name, targ, libOptions);
+    lib.addObjects(wolfSSLObjList);
+}
+
diff --git a/3P/wolfssl/tirtos/packages/ti/net/wolfssl/package.xdc b/3P/wolfssl/tirtos/packages/ti/net/wolfssl/package.xdc
new file mode 100644
index 00000000..f0c4b9f8
--- /dev/null
+++ b/3P/wolfssl/tirtos/packages/ti/net/wolfssl/package.xdc
@@ -0,0 +1,7 @@
+/*!
+ *  ======== ti.net.wolfssl ========
+ *  wolfSSL library for TI-RTOS
+ *
+ */
+package ti.net.wolfssl {
+}
diff --git a/3P/wolfssl/tirtos/packages/ti/net/wolfssl/package.xs b/3P/wolfssl/tirtos/packages/ti/net/wolfssl/package.xs
new file mode 100644
index 00000000..9ecf38e5
--- /dev/null
+++ b/3P/wolfssl/tirtos/packages/ti/net/wolfssl/package.xs
@@ -0,0 +1,12 @@
+/*
+ *  ======== package.xs ========
+ */
+
+/*
+ *  ======== getLibs ========
+ *  Contribute wolfSSL library.
+ */
+function getLibs(prog) 
+{
+    return ("lib/" + this.$name + ".a" + prog.build.target.suffix);
+}
diff --git a/3P/wolfssl/tirtos/packages/ti/net/wolfssl/tests/wolfcrypt/benchmark/TM4C1294NC.icf b/3P/wolfssl/tirtos/packages/ti/net/wolfssl/tests/wolfcrypt/benchmark/TM4C1294NC.icf
new file mode 100644
index 00000000..f45398a3
--- /dev/null
+++ b/3P/wolfssl/tirtos/packages/ti/net/wolfssl/tests/wolfcrypt/benchmark/TM4C1294NC.icf
@@ -0,0 +1,29 @@
+/*###ICF### Section handled by ICF editor, don't touch! ****/
+/*-Editor annotation file-*/
+/* IcfEditorFile="$TOOLKIT_DIR$\config\ide\IcfEditor\cortex_v1_0.xml" */
+/*-Specials-*/
+define symbol __ICFEDIT_intvec_start__ = 0x00000000;
+/*-Memory Regions-*/
+define symbol __ICFEDIT_region_ROM_start__   = 0x00000000;
+define symbol __ICFEDIT_region_ROM_end__     = 0x000FFFFF;
+define symbol __ICFEDIT_region_RAM_start__   = 0x20000000;
+define symbol __ICFEDIT_region_RAM_end__     = 0x2003FFFF;
+/*-Sizes-*/
+define symbol __ICFEDIT_size_cstack__   = 0x8000;
+define symbol __ICFEDIT_size_heap__     = 0x10000;
+/**** End of ICF editor section. ###ICF###*/
+
+define memory mem with size = 4G;
+define region ROM_region   = mem:[from __ICFEDIT_region_ROM_start__   to __ICFEDIT_region_ROM_end__];
+define region RAM_region   = mem:[from __ICFEDIT_region_RAM_start__   to __ICFEDIT_region_RAM_end__];
+
+define block CSTACK    with alignment = 8, size = __ICFEDIT_size_cstack__   { };
+define block HEAP      with alignment = 8, size = __ICFEDIT_size_heap__     { };
+
+initialize by copy { readwrite };
+do not initialize  { section .noinit };
+
+place at address mem:__ICFEDIT_intvec_start__ { readonly section .intvec };
+place in ROM_region   { readonly };
+place in RAM_region   { readwrite,
+                        block CSTACK, block HEAP };
\ No newline at end of file
diff --git a/3P/wolfssl/tirtos/packages/ti/net/wolfssl/tests/wolfcrypt/benchmark/benchmark.cfg b/3P/wolfssl/tirtos/packages/ti/net/wolfssl/tests/wolfcrypt/benchmark/benchmark.cfg
new file mode 100644
index 00000000..e259718d
--- /dev/null
+++ b/3P/wolfssl/tirtos/packages/ti/net/wolfssl/tests/wolfcrypt/benchmark/benchmark.cfg
@@ -0,0 +1,81 @@
+/*
+ *  ======== benchmark.cfg ========
+ */
+
+/* ================ General configuration ================ */
+var Defaults = xdc.useModule('xdc.runtime.Defaults');
+var Diags = xdc.useModule('xdc.runtime.Diags');
+var Error = xdc.useModule('xdc.runtime.Error');
+var Log = xdc.useModule('xdc.runtime.Log');
+var Main = xdc.useModule('xdc.runtime.Main');
+var Memory = xdc.useModule('xdc.runtime.Memory');
+var System = xdc.useModule('xdc.runtime.System');
+var Text = xdc.useModule('xdc.runtime.Text');
+var Timestamp = xdc.useModule('xdc.runtime.Timestamp');
+
+var BIOS = xdc.useModule('ti.sysbios.BIOS');
+var Clock = xdc.useModule('ti.sysbios.knl.Clock');
+var Task = xdc.useModule('ti.sysbios.knl.Task');
+var Semaphore = xdc.useModule('ti.sysbios.knl.Semaphore');
+var Hwi = xdc.useModule('ti.sysbios.hal.Hwi');
+var HeapMem = xdc.useModule('ti.sysbios.heaps.HeapMem');
+var Timer = xdc.useModule('ti.sysbios.hal.Timer');
+
+BIOS.heapSize = 86016;
+Task.idleTaskStackSize = 768;
+
+/*
+ *  Program.stack is ignored with IAR. Use the project options in
+ *  IAR Embedded Workbench to alter the system stack size.
+ */
+if (!Program.build.target.$name.match(/iar/)) {
+    /*
+     *  Reducing the system stack size (used by ISRs and Swis) to reduce
+     *  RAM usage.
+     */
+    Program.stack = 2048;
+}
+
+/* ================ System configuration ================ */
+var SysMin = xdc.useModule('xdc.runtime.SysMin');
+SysMin.bufSize = 128;
+System.SupportProxy = SysMin;
+
+/* Enable Semihosting for GNU targets to print to CCS console */
+if (Program.build.target.$name.match(/gnu/)) {
+    var SemiHost = xdc.useModule('ti.sysbios.rts.gnu.SemiHostSupport');
+}
+
+/* ================ NDK configuration ================ */
+var Ndk       = xdc.loadPackage('ti.ndk.config');
+var Global    = xdc.useModule('ti.ndk.config.Global');
+var Tcp       = xdc.useModule('ti.ndk.config.Tcp');
+
+Global.IPv6 = false;
+Global.stackLibType = Global.MIN;
+
+Global.pktNumFrameBufs = 10;
+Global.memRawPageCount = 6;
+Global.ndkThreadStackSize = 1536;
+Global.lowTaskStackSize = 1024;
+Global.normTaskStackSize = 1024;
+Global.highTaskStackSize = 1024;
+Tcp.transmitBufSize = 1024;
+Tcp.receiveBufSize = 1024;
+
+
+/* ================ Driver configuration ================ */
+var TIRTOS = xdc.useModule('ti.tirtos.TIRTOS');
+TIRTOS.useEMAC = true;
+TIRTOS.useGPIO = true;
+
+/* ================ wolfSSL configuration ================ */
+try {
+    var wolfSSL = xdc.loadPackage('ti.net.wolfssl');
+}
+catch (e) {
+    print("Error: Could not find wolfSSL library! Make sure the wolfSSL library"
+          + " is built and package path is updated for the build tool"
+          + " to find the library. More detailed wolfSSL build instructions"
+          + " can be found in the TI-RTOS user guide.");
+}
diff --git a/3P/wolfssl/tirtos/packages/ti/net/wolfssl/tests/wolfcrypt/benchmark/main.c b/3P/wolfssl/tirtos/packages/ti/net/wolfssl/tests/wolfcrypt/benchmark/main.c
new file mode 100644
index 00000000..15ee1fb9
--- /dev/null
+++ b/3P/wolfssl/tirtos/packages/ti/net/wolfssl/tests/wolfcrypt/benchmark/main.c
@@ -0,0 +1,106 @@
+/*
+ *  ======== main.c ========
+ *  Entry point for Benchmark application 
+ */
+/* BIOS Header files */
+#include 
+#include 
+#include 
+#include 
+#include 
+
+static int initialized = 0;
+static double msTicks = 0;
+static Timer_Handle hdl = NULL;
+
+double current_time(int reset);
+static void tick(unsigned int arg0);
+void msTimer_init(void);
+void runBenchmarks(UArg arg0, UArg arg1);
+extern int benchmark_test(void* args);
+
+/*
+ *  ======== runBenchmarks ========
+ *  Run the wolfSSL benchmark application
+ */
+void runBenchmarks(UArg arg0, UArg arg1)
+{
+    void *args = NULL;
+    msTimer_init();
+    
+    System_printf("Running benchmarks...\n");
+    System_flush();
+    benchmark_test(args);
+    System_printf("Benchmarks completed.\n");
+
+    BIOS_exit(0);
+}
+
+/*
+ *  ======== ticks ========
+ *  Keeps track of time in millisec
+ */
+static void tick(unsigned int arg0)
+{
+    Swi_disable();
+    msTicks++;
+    Swi_enable();
+}
+
+/*
+ *  ======== current_time ========
+ *  Returns the time in sec (double precision)
+ */
+double current_time(int reset)
+{
+    if (reset) {
+        msTicks = 0;
+    }
+
+    return (msTicks/1000);
+}
+
+/*
+ *  ======== msTimer_init ========
+ *  Sets up a BIOS timer with millisec period
+ */
+void msTimer_init(void)
+{
+    Timer_Params params;
+
+    if (initialized) {
+        return;
+    }
+
+    Timer_Params_init(¶ms);
+    params.period = 1000;
+    params.periodType = Timer_PeriodType_MICROSECS;
+    params.runMode = Timer_RunMode_CONTINUOUS;
+    params.startMode = Timer_StartMode_AUTO;
+    hdl = Timer_create(-1, (ti_sysbios_hal_Timer_FuncPtr)tick,
+             ¶ms, NULL);
+    if (!hdl) {
+        System_abort("msTimer_init: Timer creation failed.\n");
+    }
+
+    /* Set flag indicating that initialization has completed */
+    initialized = 1;
+}
+
+/*
+ *  ======== main ========
+ */
+int main(int argc, char** argv)
+{
+    /* Initialize the defaults and set the parameters. */
+    Task_Handle handle;
+    Task_Params taskParams;
+    Task_Params_init(&taskParams);
+    taskParams.stackSize = 65535;
+    handle = Task_create(runBenchmarks, &taskParams, NULL);
+    if (handle == NULL) {
+        System_printf("main: Failed to create new Task.\n");
+    }
+
+    BIOS_start();
+}
diff --git a/3P/wolfssl/tirtos/packages/ti/net/wolfssl/tests/wolfcrypt/benchmark/package.bld b/3P/wolfssl/tirtos/packages/ti/net/wolfssl/tests/wolfcrypt/benchmark/package.bld
new file mode 100644
index 00000000..cff39685
--- /dev/null
+++ b/3P/wolfssl/tirtos/packages/ti/net/wolfssl/tests/wolfcrypt/benchmark/package.bld
@@ -0,0 +1,53 @@
+/*
+ *  ======== package.bld ========
+ *  Build script for benchmark application
+ */
+
+if ((typeof(TivaWareDir) == undefined) || (TivaWareDir == "")) {
+    throw("ERROR: NO VALID TIVAWARE PATH DEFINED!!!");
+}
+
+var Build = xdc.useModule('xdc.bld.BuildEnvironment');
+var Pkg = xdc.useModule('xdc.bld.PackageContents');
+
+/* make command to search for the srcs */ 
+Pkg.makePrologue = "vpath %.c $(subst ;,  ,$(XPKGPATH))";
+
+var srcs = [
+    "main.c",
+    "wolfcrypt/benchmark/benchmark.c",
+    "examples/boards/EK_TM4C1294XL/EK_TM4C1294XL.c",
+];
+
+for each (var targ in Build.targets) {
+
+    var lnkOpts = "";
+    var platform = "ti.platforms.tiva:TM4C1294NCPDT:1";
+    if (targ.$name.match(/^ti/)) {
+        lnkOpts = " -l" + TivaWareDir + "/driverlib/ccs/Debug/driverlib.lib";
+        lnkOpts += " -x ";
+    }
+    else if (targ.$name.match(/^iar/)) {
+        lnkOpts = TivaWareDir + "/driverlib/ewarm/Exe/driverlib.a"
+                + " --config TM4C1294NC.icf";
+        platform = "ti.platforms.tiva:TM4C1294NCPDT";
+
+        /* Floating point print support */
+        var suffix = targ.$orig.lnkOpts.suffix;
+        targ.$orig.lnkOpts.suffix = suffix.replace(/PrintfSmall/, "PrintfFull");
+    }
+    else if (targ.$name.match(/^gnu/)) {
+        targ.$orig.lnkOpts.suffix += " -L" + TivaWareDir + "/driverlib/gcc " 
+                + " -Wl,--start-group -ldriver -Wl,--end-group ";
+        targ.$orig.bspLib = "rdimon";
+    }
+ 
+    var exeOptions = { incs: wolfsslPathInclude 
+            + " -DNO_MAIN_DRIVER -D_INCLUDE_NIMU_CODE -DBENCH_EMBEDDED "
+            + " -DTIVAWARE -DPART_TM4C1294NCPDT",
+            lopts: lnkOpts
+    };   
+
+    var exe = Pkg.addExecutable("benchmark", targ, platform, exeOptions);
+    exe.addObjects(srcs);
+}
diff --git a/3P/wolfssl/tirtos/packages/ti/net/wolfssl/tests/wolfcrypt/benchmark/package.xdc b/3P/wolfssl/tirtos/packages/ti/net/wolfssl/tests/wolfcrypt/benchmark/package.xdc
new file mode 100644
index 00000000..c027f320
--- /dev/null
+++ b/3P/wolfssl/tirtos/packages/ti/net/wolfssl/tests/wolfcrypt/benchmark/package.xdc
@@ -0,0 +1,6 @@
+/*
+ *  ======== ti.net.wolfssl.tests.wolfcrypt.benchmark ========
+ *  wc_ Benchmark Application
+ */
+package ti.net.wolfssl.tests.wolfcrypt.benchmark {
+}
diff --git a/3P/wolfssl/tirtos/packages/ti/net/wolfssl/tests/wolfcrypt/test/TM4C1294NC.icf b/3P/wolfssl/tirtos/packages/ti/net/wolfssl/tests/wolfcrypt/test/TM4C1294NC.icf
new file mode 100644
index 00000000..f45398a3
--- /dev/null
+++ b/3P/wolfssl/tirtos/packages/ti/net/wolfssl/tests/wolfcrypt/test/TM4C1294NC.icf
@@ -0,0 +1,29 @@
+/*###ICF### Section handled by ICF editor, don't touch! ****/
+/*-Editor annotation file-*/
+/* IcfEditorFile="$TOOLKIT_DIR$\config\ide\IcfEditor\cortex_v1_0.xml" */
+/*-Specials-*/
+define symbol __ICFEDIT_intvec_start__ = 0x00000000;
+/*-Memory Regions-*/
+define symbol __ICFEDIT_region_ROM_start__   = 0x00000000;
+define symbol __ICFEDIT_region_ROM_end__     = 0x000FFFFF;
+define symbol __ICFEDIT_region_RAM_start__   = 0x20000000;
+define symbol __ICFEDIT_region_RAM_end__     = 0x2003FFFF;
+/*-Sizes-*/
+define symbol __ICFEDIT_size_cstack__   = 0x8000;
+define symbol __ICFEDIT_size_heap__     = 0x10000;
+/**** End of ICF editor section. ###ICF###*/
+
+define memory mem with size = 4G;
+define region ROM_region   = mem:[from __ICFEDIT_region_ROM_start__   to __ICFEDIT_region_ROM_end__];
+define region RAM_region   = mem:[from __ICFEDIT_region_RAM_start__   to __ICFEDIT_region_RAM_end__];
+
+define block CSTACK    with alignment = 8, size = __ICFEDIT_size_cstack__   { };
+define block HEAP      with alignment = 8, size = __ICFEDIT_size_heap__     { };
+
+initialize by copy { readwrite };
+do not initialize  { section .noinit };
+
+place at address mem:__ICFEDIT_intvec_start__ { readonly section .intvec };
+place in ROM_region   { readonly };
+place in RAM_region   { readwrite,
+                        block CSTACK, block HEAP };
\ No newline at end of file
diff --git a/3P/wolfssl/tirtos/packages/ti/net/wolfssl/tests/wolfcrypt/test/main.c b/3P/wolfssl/tirtos/packages/ti/net/wolfssl/tests/wolfcrypt/test/main.c
new file mode 100644
index 00000000..41378767
--- /dev/null
+++ b/3P/wolfssl/tirtos/packages/ti/net/wolfssl/tests/wolfcrypt/test/main.c
@@ -0,0 +1,56 @@
+/*
+ *  ======== main.c ========
+ *  Entry point to wolfcrypt Test Application   
+ */
+
+/* XDCtools Header files */
+#include 
+#include 
+#include 
+
+/* func_args from test.h, so don't have to pull in other junk */
+typedef struct func_args {
+    int    argc;
+    char** argv;
+    int    return_code;
+} func_args;
+
+extern int wolfcrypt_test(void* args);
+
+/*
+ *  ======== testwolfcrypt ========
+ *  Run the wolfcrypt test
+ */
+void testwolfcrypt(UArg arg0, UArg arg1)
+{
+    System_printf("Running wolfcrypt tests...\n");
+    System_flush();
+    wolfcrypt_test((void *)arg0);
+    System_printf("Tests completed.\n");
+
+    BIOS_exit(0);
+}
+
+/*
+ *  ======== main ========
+ */
+int main(int argc, char** argv)
+{
+    func_args args;
+    args.argc = argc;
+    args.argv = argv;
+    /* Initialize the defaults and set the parameters. */
+    Task_Handle handle;
+    Task_Params taskParams;
+    Task_Params_init(&taskParams);
+    taskParams.arg0 = (UArg)&args;
+    taskParams.stackSize = 65535;
+    handle =Task_create(testwolfcrypt, &taskParams, NULL);
+    if (handle == NULL) {
+        System_printf("main: Failed to create new Task.\n");
+        return (-1);
+    }
+
+    BIOS_start();
+}
+
diff --git a/3P/wolfssl/tirtos/packages/ti/net/wolfssl/tests/wolfcrypt/test/package.bld b/3P/wolfssl/tirtos/packages/ti/net/wolfssl/tests/wolfcrypt/test/package.bld
new file mode 100644
index 00000000..a76add17
--- /dev/null
+++ b/3P/wolfssl/tirtos/packages/ti/net/wolfssl/tests/wolfcrypt/test/package.bld
@@ -0,0 +1,49 @@
+/*
+ *  ======== package.bld ========
+ *  Build script for wolfcrypt Test
+ */
+
+if ((typeof(TivaWareDir) == undefined) || (TivaWareDir == "")) {
+    throw("ERROR: NO VALID TIVAWARE PATH DEFINED!!!");
+}
+
+var Build = xdc.useModule('xdc.bld.BuildEnvironment');
+var Pkg = xdc.useModule('xdc.bld.PackageContents');
+
+/* make command to search for the srcs */ 
+Pkg.makePrologue = "vpath %.c $(subst ;,  ,$(XPKGPATH))";
+
+var srcs = [
+    "main.c",
+    "wolfcrypt/test/test.c",
+    "examples/boards/EK_TM4C1294XL/EK_TM4C1294XL.c",
+];
+
+for each (var targ in Build.targets) {
+
+    var lnkOpts = "";
+    var platform = "ti.platforms.tiva:TM4C1294NCPDT:1";
+    if (targ.$name.match(/^ti/)) {
+        lnkOpts = " -l" + TivaWareDir + "/driverlib/ccs/Debug/driverlib.lib";
+        lnkOpts += " -x ";
+    }
+    else if (targ.$name.match(/^iar/)) {
+        lnkOpts = TivaWareDir + "/driverlib/ewarm/Exe/driverlib.a"
+                + " --config TM4C1294NC.icf";
+        platform = "ti.platforms.tiva:TM4C1294NCPDT";
+    }
+    else if (targ.$name.match(/^gnu/)) {
+        targ.$orig.lnkOpts.suffix += " -L" + TivaWareDir + "/driverlib/gcc " 
+                + " -Wl,--start-group -ldriver -Wl,--end-group ";
+        targ.$orig.bspLib = "rdimon";
+    }
+ 
+    var exeOptions = { incs: wolfsslPathInclude 
+            + " -DNO_MAIN_DRIVER -D_INCLUDE_NIMU_CODE -DBENCH_EMBEDDED "
+            + " -DTIVAWARE -DPART_TM4C1294NCPDT",
+            lopts: lnkOpts,
+    };   
+
+    var exe = Pkg.addExecutable("test", targ, platform, exeOptions);
+    exe.addObjects(srcs);
+}
diff --git a/3P/wolfssl/tirtos/packages/ti/net/wolfssl/tests/wolfcrypt/test/package.xdc b/3P/wolfssl/tirtos/packages/ti/net/wolfssl/tests/wolfcrypt/test/package.xdc
new file mode 100644
index 00000000..8b5cc1db
--- /dev/null
+++ b/3P/wolfssl/tirtos/packages/ti/net/wolfssl/tests/wolfcrypt/test/package.xdc
@@ -0,0 +1,6 @@
+/*
+ *  ======== ti.net.wolfssl.tests.wolfcrypt.test ========
+ *  wolfcrypt Test Application
+ */
+package ti.net.wolfssl.tests.wolfcrypt.test {
+}
diff --git a/3P/wolfssl/tirtos/packages/ti/net/wolfssl/tests/wolfcrypt/test/test.cfg b/3P/wolfssl/tirtos/packages/ti/net/wolfssl/tests/wolfcrypt/test/test.cfg
new file mode 100644
index 00000000..dd8efc80
--- /dev/null
+++ b/3P/wolfssl/tirtos/packages/ti/net/wolfssl/tests/wolfcrypt/test/test.cfg
@@ -0,0 +1,80 @@
+/*
+ *  ======== test.cfg ========
+ */
+
+/* ================ General configuration ================ */
+var Defaults = xdc.useModule('xdc.runtime.Defaults');
+var Diags = xdc.useModule('xdc.runtime.Diags');
+var Error = xdc.useModule('xdc.runtime.Error');
+var Log = xdc.useModule('xdc.runtime.Log');
+var Main = xdc.useModule('xdc.runtime.Main');
+var Memory = xdc.useModule('xdc.runtime.Memory');
+var System = xdc.useModule('xdc.runtime.System');
+var Text = xdc.useModule('xdc.runtime.Text');
+var Timestamp = xdc.useModule('xdc.runtime.Timestamp');
+
+var BIOS = xdc.useModule('ti.sysbios.BIOS');
+var Clock = xdc.useModule('ti.sysbios.knl.Clock');
+var Task = xdc.useModule('ti.sysbios.knl.Task');
+var Semaphore = xdc.useModule('ti.sysbios.knl.Semaphore');
+var Hwi = xdc.useModule('ti.sysbios.hal.Hwi');
+var HeapMem = xdc.useModule('ti.sysbios.heaps.HeapMem');
+
+BIOS.heapSize = 86016;
+Task.idleTaskStackSize = 768;
+
+/*
+ *  Program.stack is ignored with IAR. Use the project options in
+ *  IAR Embedded Workbench to alter the system stack size.
+ */
+if (!Program.build.target.$name.match(/iar/)) {
+    /*
+     *  Reducing the system stack size (used by ISRs and Swis) to reduce
+     *  RAM usage.
+     */
+    Program.stack = 2048;
+}
+
+/* ================ System configuration ================ */
+var SysMin = xdc.useModule('xdc.runtime.SysMin');
+SysMin.bufSize = 128;
+System.SupportProxy = SysMin;
+
+/* Enable Semihosting for GNU targets to print to CCS console */
+if (Program.build.target.$name.match(/gnu/)) {
+    var SemiHost = xdc.useModule('ti.sysbios.rts.gnu.SemiHostSupport');
+}
+
+/* ================ NDK configuration ================ */
+var Ndk       = xdc.loadPackage('ti.ndk.config');
+var Global    = xdc.useModule('ti.ndk.config.Global');
+var Tcp       = xdc.useModule('ti.ndk.config.Tcp');
+
+Global.IPv6 = false;
+Global.stackLibType = Global.MIN;
+
+Global.pktNumFrameBufs = 10;
+Global.memRawPageCount = 6;
+Global.ndkThreadStackSize = 1536;
+Global.lowTaskStackSize = 1024;
+Global.normTaskStackSize = 1024;
+Global.highTaskStackSize = 1024;
+Tcp.transmitBufSize = 1024;
+Tcp.receiveBufSize = 1024;
+
+
+/* ================ Driver configuration ================ */
+var TIRTOS = xdc.useModule('ti.tirtos.TIRTOS');
+TIRTOS.useEMAC = true;
+TIRTOS.useGPIO = true;
+
+/* ================ wolfSSL configuration ================ */
+try {
+    var wolfSSL = xdc.loadPackage('ti.net.wolfssl');
+}
+catch (e) {
+    print("Error: Could not find wolfSSL library! Make sure the wolfSSL library"
+          + " is built and package path is updated for the build tool"
+          + " to find the library. More detailed wolfSSL build instructions"
+          + " can be found in the TI-RTOS user guide.");
+}
diff --git a/3P/wolfssl/tirtos/wolfssl.bld b/3P/wolfssl/tirtos/wolfssl.bld
new file mode 100644
index 00000000..5702b834
--- /dev/null
+++ b/3P/wolfssl/tirtos/wolfssl.bld
@@ -0,0 +1,85 @@
+/*
+ * Generally there is no need to edit this file!
+ *
+ * This file controls which libraries are built, as well as compiler options
+ * to use.
+ *
+ * The contents of this file usually don't change, but having it in your
+ * ownership allows you to tweak your compiler options.  If you do change
+ * this file, however, on the next upgrade of the product we recommend
+ * that you take "wolfssl.bld" file as supplied by the upgrade and then merge
+ * your changes with it.
+ */
+
+/*
+ *  ======== wolfssl.bld ========
+ *  This script is run prior to all build scripts. It sets host-system-
+ *  independent values for targets and platforms, then it attempts to
+ *  find the host-system-specific user.bld script that sets rootDirs.
+ *
+ *  These settings may be a function of the following global variables:
+ *
+ *	environment a hash table of environment strings
+ *
+ *	arguments   an array of string arguments to the _config.bld script
+ *		    initialized as follows:
+ *		        arguments[0] - the file name of the _config.bld script
+ *		        arguments[1] - the first argument specified in XDCARGS
+ *		            :
+ *		        arguments[n] - the n'th argument in XDCARGS
+ *
+ *	Build	    an alias for xdc.om.xdc.bld.BuildEnvironment
+ */
+
+var armOpts = " -ms ";
+var gnuOpts = "";
+var iarOpts = "";
+
+/* Uncomment the following lines to build libraries for debug mode: */
+// Pkg.attrs.profile = "debug";
+// armOpts += " -g -o0 ";
+// gnuOpts += " -g ";
+// iarOpts += " --debug ";
+
+var ccOpts = {
+    "ti.targets.arm.elf.M4F"        : armOpts,
+
+    "gnu.targets.arm.M4F"           : gnuOpts,
+
+    "iar.targets.arm.M4F"           : iarOpts,
+};
+
+/* initialize local vars with those set in xdcpaths.mak (via XDCARGS) */
+for (arg = 0; arg < arguments.length; arg++) {
+    /*
+     * Get the compiler's installation directory.
+     * For "ti.targets.arm.elf.M4F=/vendors/arm/6.1.0", 
+     * we get "/vendors/arm/6.1.0"
+     */
+    var targetName = arguments[arg].split("=")[0];
+    var rootDir = arguments[arg].split("=")[1];
+
+    /* only build for the specified compilers */
+    if (rootDir == "" || rootDir == undefined) {
+        continue;
+    }
+
+    if (targetName.match(/^TivaWareDir/) ) {
+        TivaWareDir = rootDir;
+        continue;
+    }
+
+    var target = xdc.useModule(targetName);
+    target.rootDir = rootDir;
+    target.ccOpts.suffix += ccOpts[targetName];
+
+    Build.targets.$add(target);
+}
+
+/* Include Path (needed to find NDK headers) */
+var ndkPath = "$(NDK_INSTALL_DIR)/packages/ti/ndk/";
+var wolfsslPathInclude = " -I" + ndkPath + "/inc/bsd -DWOLFSSL_TIRTOS ";
+
+/* lib/ is a generated directory that 'xdc clean' should remove */
+var Pkg = xdc.useModule('xdc.bld.PackageContents'); 
+Pkg.generatedFiles.$add("lib/");
diff --git a/3P/wolfssl/tirtos/wolfssl.mak b/3P/wolfssl/tirtos/wolfssl.mak
new file mode 100644
index 00000000..450e10aa
--- /dev/null
+++ b/3P/wolfssl/tirtos/wolfssl.mak
@@ -0,0 +1,74 @@
+#
+#  ======== wolfssl.mak ========
+#
+
+# USER OPTIONAL STEP: These variables are set when building wolfssl
+# through the tirtos.mak
+# Set up dependencies
+XDC_INSTALL_DIR ?= C:/ti/xdctools_3_24_02_30
+SYSBIOS_INSTALL_DIR ?= C:/ti/bios_6_34_01_14
+NDK_INSTALL_DIR ?= C:/ti/ndk_2_24_00_02
+TIRTOS_INSTALLATION_DIR ?= C:/ti/tirtos_tivac_2_00_00_22
+TivaWareDir ?= C:/ti/tivaware
+WOLFSSL_INSTALL_DIR ?= C:/wolfssl/wolfssl-2.9.4
+
+#
+# Set location of various cgtools
+# These variables can be set here or on the command line. These
+# variables are set when building wolfssl through tirtos.mak
+# USER OPTIONAL STEP: user can define below paths to compilers
+ti.targets.arm.elf.M4F ?=
+
+gnu.targets.arm.M4F ?=
+
+iar.targets.arm.M4F ?=
+
+#
+# Set XDCARGS to some of the variables above.  XDCARGS are passed
+# to the XDC build engine... which will load wolfssl.bld... which will
+# extract these variables and use them to determine what to build and which
+# toolchains to use.
+#
+# Note that not all of these variables need to be set to something valid.
+# Unfortunately, since these vars are unconditionally assigned, your build line
+# will be longer and more noisy than necessary.
+#
+# Some background is here:
+#     http://rtsc.eclipse.org/docs-tip/Command_-_xdc#Environment_Variables
+#
+XDCARGS= \
+    ti.targets.arm.elf.M4F=\"$(ti.targets.arm.elf.M4F)\" \
+    gnu.targets.arm.M4F=\"$(gnu.targets.arm.M4F)\" \
+    iar.targets.arm.M4F=\"$(iar.targets.arm.M4F)\" \
+    TivaWareDir=\"$(TivaWareDir)\" 
+
+#
+# Set XDCPATH to contain necessary repositories.
+#
+XDCPATH = $(SYSBIOS_INSTALL_DIR)/packages;$(NDK_INSTALL_DIR)/packages;$(WOLFSSL_INSTALL_DIR);$(TIRTOS_INSTALLATION_DIR)/packages;$(TivaWareDir);
+export XDCPATH
+
+#
+# Set XDCOPTIONS.  Use -v for a verbose build.
+#
+#XDCOPTIONS=v
+export XDCOPTIONS
+
+#
+# Set XDC executable command
+# Note that XDCBUILDCFG points to the wolfssl.bld file which uses
+# the arguments specified by XDCARGS
+#
+XDC = $(XDC_INSTALL_DIR)/xdc XDCARGS="$(XDCARGS)" XDCBUILDCFG=./wolfssl.bld
+
+######################################################
+## Shouldnt have to modify anything below this line ##
+######################################################
+
+all:
+	@ echo building wolfssl packages ...
+	@ $(XDC) -Pr ./packages
+
+clean:
+	@ echo cleaning wolfssl packages ...
+	@ $(XDC) clean -Pr ./packages
diff --git a/3P/wolfssl/valgrind-error.sh b/3P/wolfssl/valgrind-error.sh
new file mode 100755
index 00000000..7f7441c3
--- /dev/null
+++ b/3P/wolfssl/valgrind-error.sh
@@ -0,0 +1,22 @@
+#!/bin/sh
+#
+#
+# Our valgrind "error" wrapper.
+
+valgrind --leak-check=full -q "$@" 2> valgrind.tmp
+
+result="$?"
+
+# verify no errors
+
+output="`cat valgrind.tmp`"
+
+if [ "$output" != "" ]; then
+    cat valgrind.tmp >&2
+    result=1
+fi
+
+rm valgrind.tmp
+
+exit $result
+
diff --git a/3P/wolfssl/wolfcrypt/benchmark/benchmark.c b/3P/wolfssl/wolfcrypt/benchmark/benchmark.c
new file mode 100644
index 00000000..86a2179e
--- /dev/null
+++ b/3P/wolfssl/wolfcrypt/benchmark/benchmark.c
@@ -0,0 +1,1778 @@
+/* benchmark.c
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+/* wolfCrypt benchmark */
+
+
+#ifdef HAVE_CONFIG_H
+    #include 
+#endif
+
+#include 
+
+#include 
+
+#ifdef FREESCALE_MQX
+    #include 
+    #include 
+#else
+    #include 
+#endif
+
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#ifdef HAVE_ECC
+    #include 
+#endif
+#ifdef HAVE_ECC25519
+    #include 
+#endif
+
+#include 
+#ifdef HAVE_CAVIUM
+    #include "cavium_sysdep.h"
+    #include "cavium_common.h"
+    #include "cavium_ioctl.h"
+#endif
+#ifdef HAVE_NTRU
+    #include "ntru_crypto.h"
+#endif
+
+#if defined(WOLFSSL_MDK_ARM)
+    extern FILE * wolfSSL_fopen(const char *fname, const char *mode) ;
+    #define fopen wolfSSL_fopen
+#endif
+
+#if defined(__GNUC__) && defined(__x86_64__) && !defined(NO_ASM)
+    #define HAVE_GET_CYCLES
+    static INLINE word64 get_intel_cycles(void);
+    static word64 total_cycles;
+    #define BEGIN_INTEL_CYCLES total_cycles = get_intel_cycles();
+    #define END_INTEL_CYCLES   total_cycles = get_intel_cycles() - total_cycles;
+    #define SHOW_INTEL_CYCLES  printf(" Cycles per byte = %5.2f", \
+                               (float)total_cycles / (numBlocks*sizeof(plain)));
+#else
+    #define BEGIN_INTEL_CYCLES
+    #define END_INTEL_CYCLES
+    #define SHOW_INTEL_CYCLES
+#endif
+
+#if defined(USE_CERT_BUFFERS_1024) || defined(USE_CERT_BUFFERS_2048)
+    /* include test cert and key buffers for use with NO_FILESYSTEM */
+    #if defined(WOLFSSL_MDK_ARM)
+        #include "cert_data.h" /* use certs_test.c for initial data, 
+                                      so other commands can share the data. */
+    #else
+        #include 
+    #endif
+#endif
+
+
+#ifdef HAVE_BLAKE2
+    #include 
+    void bench_blake2(void);
+#endif
+
+#ifdef _MSC_VER
+    /* 4996 warning to use MS extensions e.g., strcpy_s instead of strncpy */
+    #pragma warning(disable: 4996)
+#endif
+
+
+void bench_des(void);
+void bench_arc4(void);
+void bench_hc128(void);
+void bench_rabbit(void);
+void bench_chacha(void);
+void bench_aes(int);
+void bench_aesgcm(void);
+void bench_aesccm(void);
+void bench_aesctr(void);
+void bench_poly1305(void);
+void bench_camellia(void);
+
+void bench_md5(void);
+void bench_sha(void);
+void bench_sha256(void);
+void bench_sha384(void);
+void bench_sha512(void);
+void bench_ripemd(void);
+
+void bench_rsa(void);
+void bench_rsaKeyGen(void);
+void bench_dh(void);
+#ifdef HAVE_ECC
+void bench_eccKeyGen(void);
+void bench_eccKeyAgree(void);
+#endif
+#ifdef HAVE_ECC25519
+void bench_ecc25519KeyGen(void);
+void bench_ecc25519KeyAgree(void);
+#endif
+#ifdef HAVE_NTRU
+void bench_ntru(void);
+void bench_ntruKeyGen(void);
+#endif
+
+double current_time(int);
+
+
+#ifdef HAVE_CAVIUM
+
+static int OpenNitroxDevice(int dma_mode,int dev_id)
+{
+   Csp1CoreAssignment core_assign;
+   Uint32             device;
+
+   if (CspInitialize(CAVIUM_DIRECT,CAVIUM_DEV_ID))
+      return -1;
+   if (Csp1GetDevType(&device))
+      return -1;
+   if (device != NPX_DEVICE) {
+      if (ioctl(gpkpdev_hdlr[CAVIUM_DEV_ID], IOCTL_CSP1_GET_CORE_ASSIGNMENT,
+                (Uint32 *)&core_assign)!= 0)
+         return -1;
+   }
+   CspShutdown(CAVIUM_DEV_ID);
+
+   return CspInitialize(dma_mode, dev_id);
+}
+
+#endif
+
+#if defined(DEBUG_WOLFSSL) && !defined(HAVE_VALGRIND)
+    WOLFSSL_API int wolfSSL_Debugging_ON();
+#endif
+
+#if !defined(NO_RSA) || !defined(NO_DH) \
+                                || defined(WOLFSSL_KEYGEN) || defined(HAVE_ECC)
+    #define HAVE_LOCAL_RNG
+    static RNG rng;
+#endif
+
+/* use kB instead of mB for embedded benchmarking */
+#ifdef BENCH_EMBEDDED
+    static byte plain [1024];
+#else
+    static byte plain [1024*1024];
+#endif
+
+
+/* use kB instead of mB for embedded benchmarking */
+#ifdef BENCH_EMBEDDED
+    static byte cipher[1024];
+#else
+    static byte cipher[1024*1024];
+#endif
+
+
+static const byte key[] =
+{
+    0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef,
+    0xfe,0xde,0xba,0x98,0x76,0x54,0x32,0x10,
+    0x89,0xab,0xcd,0xef,0x01,0x23,0x45,0x67
+};
+
+static const byte iv[] =
+{
+    0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef,
+    0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
+    0x11,0x21,0x31,0x41,0x51,0x61,0x71,0x81
+};
+
+
+/* so embedded projects can pull in tests on their own */
+#if !defined(NO_MAIN_DRIVER)
+
+int main(int argc, char** argv)
+
+{
+  (void)argc;
+  (void)argv;
+#else
+int benchmark_test(void *args) 
+{
+#endif
+
+    #if defined(DEBUG_WOLFSSL) && !defined(HAVE_VALGRIND)
+        wolfSSL_Debugging_ON();
+    #endif
+
+    (void)plain;
+    (void)cipher;
+    (void)key;
+    (void)iv;
+
+	#ifdef HAVE_CAVIUM
+    int ret = OpenNitroxDevice(CAVIUM_DIRECT, CAVIUM_DEV_ID);
+    if (ret != 0) {
+        printf("Cavium OpenNitroxDevice failed\n");
+        exit(-1);
+    }
+#endif /* HAVE_CAVIUM */
+
+#if defined(HAVE_LOCAL_RNG)
+    {
+        int rngRet = wc_InitRng(&rng);
+        if (rngRet < 0) {
+            printf("InitRNG failed\n");
+            return rngRet;
+        }
+    }
+#endif
+
+#ifndef NO_AES
+    bench_aes(0);
+    bench_aes(1);
+#endif
+#ifdef HAVE_AESGCM
+    bench_aesgcm();
+#endif
+
+#ifdef WOLFSSL_AES_COUNTER
+    bench_aesctr();
+#endif
+
+#ifdef HAVE_AESCCM
+    bench_aesccm();
+#endif
+#ifdef HAVE_CAMELLIA
+    bench_camellia();
+#endif
+#ifndef NO_RC4
+    bench_arc4();
+#endif
+#ifdef HAVE_HC128
+    bench_hc128();
+#endif
+#ifndef NO_RABBIT
+    bench_rabbit();
+#endif
+#ifdef HAVE_CHACHA
+    bench_chacha();
+#endif
+#ifndef NO_DES3
+    bench_des();
+#endif
+    
+    printf("\n");
+
+#ifndef NO_MD5
+    bench_md5();
+#endif
+#ifdef HAVE_POLY1305
+    bench_poly1305();
+#endif
+#ifndef NO_SHA
+    bench_sha();
+#endif
+#ifndef NO_SHA256
+    bench_sha256();
+#endif
+#ifdef WOLFSSL_SHA384
+    bench_sha384();
+#endif
+#ifdef WOLFSSL_SHA512
+    bench_sha512();
+#endif
+#ifdef WOLFSSL_RIPEMD
+    bench_ripemd();
+#endif
+#ifdef HAVE_BLAKE2
+    bench_blake2();
+#endif
+
+    printf("\n");
+
+#ifndef NO_RSA
+    bench_rsa();
+#endif
+
+#ifdef HAVE_NTRU
+    bench_ntru();
+#endif
+
+#ifndef NO_DH
+    bench_dh();
+#endif
+
+#if defined(WOLFSSL_KEY_GEN) && !defined(NO_RSA)
+    bench_rsaKeyGen();
+#endif
+
+#ifdef HAVE_NTRU
+    bench_ntruKeyGen();
+#endif
+
+#ifdef HAVE_ECC
+    bench_eccKeyGen();
+    bench_eccKeyAgree();
+    #if defined(FP_ECC)
+        wc_ecc_fp_free();
+    #endif
+#endif
+
+#ifdef HAVE_ECC25519
+    bench_ecc25519KeyGen();
+    bench_ecc25519KeyAgree();
+#endif
+
+#if defined(HAVE_LOCAL_RNG) && (defined(HAVE_HASHDRBG) || defined(NO_RC4))
+    wc_FreeRng(&rng);
+#endif
+
+    return 0;
+}
+
+
+#ifdef BENCH_EMBEDDED
+enum BenchmarkBounds {
+    numBlocks  = 25, /* how many kB to test (en/de)cryption */
+    ntimes     = 1,
+    genTimes   = 5,  /* public key iterations */
+    agreeTimes = 5
+};
+static const char blockType[] = "kB";   /* used in printf output */
+#else
+enum BenchmarkBounds {
+    numBlocks  = 50,  /* how many megs to test (en/de)cryption */
+    ntimes     = 100,
+    genTimes   = 100,
+    agreeTimes = 100
+};
+static const char blockType[] = "megs"; /* used in printf output */
+#endif
+
+
+#ifndef NO_AES
+
+void bench_aes(int show)
+{
+    Aes    enc;
+    double start, total, persec;
+    int    i;
+    int    ret;
+
+#ifdef HAVE_CAVIUM
+    if (wc_AesInitCavium(&enc, CAVIUM_DEV_ID) != 0) {
+        printf("aes init cavium failed\n");
+        return;
+    }
+#endif
+
+    ret = wc_AesSetKey(&enc, key, 16, iv, AES_ENCRYPTION);
+    if (ret != 0) {
+        printf("AesSetKey failed, ret = %d\n", ret);
+        return;
+    }
+    start = current_time(1);
+    BEGIN_INTEL_CYCLES
+
+    for(i = 0; i < numBlocks; i++)
+        wc_AesCbcEncrypt(&enc, plain, cipher, sizeof(plain));
+
+    END_INTEL_CYCLES
+    total = current_time(0) - start;
+
+    persec = 1 / total * numBlocks;
+#ifdef BENCH_EMBEDDED
+    /* since using kB, convert to MB/s */
+    persec = persec / 1024;
+#endif
+
+    if (show) {
+        printf("AES      %d %s took %5.3f seconds, %7.3f MB/s", numBlocks,
+                                                  blockType, total, persec);
+        SHOW_INTEL_CYCLES
+        printf("\n");
+    }
+#ifdef HAVE_CAVIUM
+    wc_AesFreeCavium(&enc);
+#endif
+}
+#endif
+
+
+#if defined(HAVE_AESGCM) || defined(HAVE_AESCCM)
+    static byte additional[13];
+    static byte tag[16];
+#endif
+
+
+#ifdef HAVE_AESGCM
+void bench_aesgcm(void)
+{
+    Aes    enc;
+    double start, total, persec;
+    int    i;
+
+    wc_AesGcmSetKey(&enc, key, 16);
+    start = current_time(1);
+    BEGIN_INTEL_CYCLES
+
+    for(i = 0; i < numBlocks; i++)
+        wc_AesGcmEncrypt(&enc, cipher, plain, sizeof(plain), iv, 12,
+                        tag, 16, additional, 13);
+
+    END_INTEL_CYCLES
+    total = current_time(0) - start;
+
+    persec = 1 / total * numBlocks;
+#ifdef BENCH_EMBEDDED
+    /* since using kB, convert to MB/s */
+    persec = persec / 1024;
+#endif
+
+    printf("AES-GCM  %d %s took %5.3f seconds, %7.3f MB/s", numBlocks,
+                                              blockType, total, persec);
+    SHOW_INTEL_CYCLES
+    printf("\n");
+}
+#endif
+
+#ifdef WOLFSSL_AES_COUNTER
+void bench_aesctr(void)
+{
+    Aes    enc;
+    double start, total, persec;
+    int    i;
+
+    wc_AesSetKeyDirect(&enc, key, AES_BLOCK_SIZE, iv, AES_ENCRYPTION);
+    start = current_time(1);
+    BEGIN_INTEL_CYCLES
+
+    for(i = 0; i < numBlocks; i++)
+        wc_AesCtrEncrypt(&enc, plain, cipher, sizeof(plain));
+
+    END_INTEL_CYCLES
+    total = current_time(0) - start;
+
+    persec = 1 / total * numBlocks;
+#ifdef BENCH_EMBEDDED
+    /* since using kB, convert to MB/s */
+    persec = persec / 1024;
+#endif
+
+    printf("AES-CTR  %d %s took %5.3f seconds, %7.3f MB/s", numBlocks,
+                                              blockType, total, persec);
+    SHOW_INTEL_CYCLES
+    printf("\n");
+}
+#endif
+
+
+
+#ifdef HAVE_AESCCM
+void bench_aesccm(void)
+{
+    Aes    enc;
+    double start, total, persec;
+    int    i;
+
+    wc_AesCcmSetKey(&enc, key, 16);
+    start = current_time(1);
+    BEGIN_INTEL_CYCLES
+
+    for(i = 0; i < numBlocks; i++)
+        wc_AesCcmEncrypt(&enc, cipher, plain, sizeof(plain), iv, 12,
+                        tag, 16, additional, 13);
+
+    END_INTEL_CYCLES
+    total = current_time(0) - start;
+
+    persec = 1 / total * numBlocks;
+#ifdef BENCH_EMBEDDED
+    /* since using kB, convert to MB/s */
+    persec = persec / 1024;
+#endif
+
+    printf("AES-CCM  %d %s took %5.3f seconds, %7.3f MB/s", numBlocks,
+                                              blockType, total, persec);
+    SHOW_INTEL_CYCLES
+    printf("\n");
+}
+#endif
+
+
+#ifdef HAVE_POLY1305
+void bench_poly1305()
+{
+    Poly1305    enc;
+    byte   mac[16];
+    double start, total, persec;
+    int    i;
+    int    ret;
+
+
+    ret = wc_Poly1305SetKey(&enc, key, 32);
+    if (ret != 0) {
+        printf("Poly1305SetKey failed, ret = %d\n", ret);
+        return;
+    }
+    start = current_time(1);
+    BEGIN_INTEL_CYCLES
+
+    for(i = 0; i < numBlocks; i++)
+        wc_Poly1305Update(&enc, plain, sizeof(plain));
+
+    wc_Poly1305Final(&enc, mac);
+    END_INTEL_CYCLES
+    total = current_time(0) - start;
+
+    persec = 1 / total * numBlocks;
+#ifdef BENCH_EMBEDDED
+    /* since using kB, convert to MB/s */
+    persec = persec / 1024;
+#endif
+
+    printf("POLY1305 %d %s took %5.3f seconds, %7.3f MB/s", numBlocks,
+                                                  blockType, total, persec);
+    SHOW_INTEL_CYCLES
+    printf("\n");
+}
+#endif /* HAVE_POLY1305 */
+
+
+#ifdef HAVE_CAMELLIA
+void bench_camellia(void)
+{
+    Camellia cam;
+    double start, total, persec;
+    int    i, ret;
+
+    ret = wc_CamelliaSetKey(&cam, key, 16, iv);
+    if (ret != 0) {
+        printf("CamelliaSetKey failed, ret = %d\n", ret);
+        return;
+    }
+    start = current_time(1);
+    BEGIN_INTEL_CYCLES
+
+    for(i = 0; i < numBlocks; i++)
+        wc_CamelliaCbcEncrypt(&cam, plain, cipher, sizeof(plain));
+
+    END_INTEL_CYCLES
+    total = current_time(0) - start;
+
+    persec = 1 / total * numBlocks;
+#ifdef BENCH_EMBEDDED
+    /* since using kB, convert to MB/s */
+    persec = persec / 1024;
+#endif
+
+    printf("Camellia %d %s took %5.3f seconds, %7.3f MB/s", numBlocks,
+                                              blockType, total, persec);
+    SHOW_INTEL_CYCLES
+    printf("\n");
+}
+#endif
+
+
+#ifndef NO_DES3
+void bench_des(void)
+{
+    Des3   enc;
+    double start, total, persec;
+    int    i, ret;
+
+#ifdef HAVE_CAVIUM
+    if (wc_Des3_InitCavium(&enc, CAVIUM_DEV_ID) != 0)
+        printf("des3 init cavium failed\n");
+#endif
+    ret = wc_Des3_SetKey(&enc, key, iv, DES_ENCRYPTION);
+    if (ret != 0) {
+        printf("Des3_SetKey failed, ret = %d\n", ret);
+        return;
+    }
+    start = current_time(1);
+    BEGIN_INTEL_CYCLES
+
+    for(i = 0; i < numBlocks; i++)
+        wc_Des3_CbcEncrypt(&enc, plain, cipher, sizeof(plain));
+
+    END_INTEL_CYCLES
+    total = current_time(0) - start;
+
+    persec = 1 / total * numBlocks;
+#ifdef BENCH_EMBEDDED
+    /* since using kB, convert to MB/s */
+    persec = persec / 1024;
+#endif
+
+    printf("3DES     %d %s took %5.3f seconds, %7.3f MB/s", numBlocks,
+                                              blockType, total, persec);
+    SHOW_INTEL_CYCLES
+    printf("\n");
+#ifdef HAVE_CAVIUM
+    wc_Des3_FreeCavium(&enc);
+#endif
+}
+#endif
+
+
+#ifndef NO_RC4
+void bench_arc4(void)
+{
+    Arc4   enc;
+    double start, total, persec;
+    int    i;
+    
+#ifdef HAVE_CAVIUM
+    if (wc_Arc4InitCavium(&enc, CAVIUM_DEV_ID) != 0)
+        printf("arc4 init cavium failed\n");
+#endif
+
+    wc_Arc4SetKey(&enc, key, 16);
+    start = current_time(1);
+    BEGIN_INTEL_CYCLES
+
+    for(i = 0; i < numBlocks; i++)
+        wc_Arc4Process(&enc, cipher, plain, sizeof(plain));
+
+    END_INTEL_CYCLES
+    total = current_time(0) - start;
+    persec = 1 / total * numBlocks;
+#ifdef BENCH_EMBEDDED
+    /* since using kB, convert to MB/s */
+    persec = persec / 1024;
+#endif
+
+    printf("ARC4     %d %s took %5.3f seconds, %7.3f MB/s", numBlocks,
+                                              blockType, total, persec);
+    SHOW_INTEL_CYCLES
+    printf("\n");
+#ifdef HAVE_CAVIUM
+    wc_Arc4FreeCavium(&enc);
+#endif
+}
+#endif
+
+
+#ifdef HAVE_HC128
+void bench_hc128(void)
+{
+    HC128  enc;
+    double start, total, persec;
+    int    i;
+    
+    wc_Hc128_SetKey(&enc, key, iv);
+    start = current_time(1);
+    BEGIN_INTEL_CYCLES
+
+    for(i = 0; i < numBlocks; i++)
+        wc_Hc128_Process(&enc, cipher, plain, sizeof(plain));
+
+    END_INTEL_CYCLES
+    total = current_time(0) - start;
+    persec = 1 / total * numBlocks;
+#ifdef BENCH_EMBEDDED
+    /* since using kB, convert to MB/s */
+    persec = persec / 1024;
+#endif
+
+    printf("HC128    %d %s took %5.3f seconds, %7.3f MB/s", numBlocks,
+                                              blockType, total, persec);
+    SHOW_INTEL_CYCLES
+    printf("\n");
+}
+#endif /* HAVE_HC128 */
+
+
+#ifndef NO_RABBIT
+void bench_rabbit(void)
+{
+    Rabbit  enc;
+    double start, total, persec;
+    int    i;
+    
+    wc_RabbitSetKey(&enc, key, iv);
+    start = current_time(1);
+    BEGIN_INTEL_CYCLES
+
+    for(i = 0; i < numBlocks; i++)
+        wc_RabbitProcess(&enc, cipher, plain, sizeof(plain));
+
+    END_INTEL_CYCLES
+    total = current_time(0) - start;
+    persec = 1 / total * numBlocks;
+#ifdef BENCH_EMBEDDED
+    /* since using kB, convert to MB/s */
+    persec = persec / 1024;
+#endif
+
+    printf("RABBIT   %d %s took %5.3f seconds, %7.3f MB/s", numBlocks,
+                                              blockType, total, persec);
+    SHOW_INTEL_CYCLES
+    printf("\n");
+}
+#endif /* NO_RABBIT */
+
+
+#ifdef HAVE_CHACHA
+void bench_chacha(void)
+{
+    ChaCha enc;
+    double start, total, persec;
+    int    i;
+
+    wc_Chacha_SetKey(&enc, key, 16);
+    start = current_time(1);
+    BEGIN_INTEL_CYCLES
+
+    for (i = 0; i < numBlocks; i++) {
+        wc_Chacha_SetIV(&enc, iv, 0);
+        wc_Chacha_Process(&enc, cipher, plain, sizeof(plain));
+    }
+
+    END_INTEL_CYCLES
+    total = current_time(0) - start;
+    persec = 1 / total * numBlocks;
+#ifdef BENCH_EMBEDDED
+    /* since using kB, convert to MB/s */
+    persec = persec / 1024;
+#endif
+
+    printf("CHACHA   %d %s took %5.3f seconds, %7.3f MB/s", numBlocks, blockType, total, persec);
+    SHOW_INTEL_CYCLES
+    printf("\n");
+
+}
+#endif /* HAVE_CHACHA*/
+
+
+#ifndef NO_MD5
+void bench_md5(void)
+{
+    Md5    hash;
+    byte   digest[MD5_DIGEST_SIZE];
+    double start, total, persec;
+    int    i;
+
+    wc_InitMd5(&hash);
+    start = current_time(1);
+    BEGIN_INTEL_CYCLES
+
+    for(i = 0; i < numBlocks; i++)
+        wc_Md5Update(&hash, plain, sizeof(plain));
+   
+    wc_Md5Final(&hash, digest);
+
+    END_INTEL_CYCLES
+    total = current_time(0) - start;
+    persec = 1 / total * numBlocks;
+#ifdef BENCH_EMBEDDED
+    /* since using kB, convert to MB/s */
+    persec = persec / 1024;
+#endif
+
+    printf("MD5      %d %s took %5.3f seconds, %7.3f MB/s", numBlocks,
+                                              blockType, total, persec);
+    SHOW_INTEL_CYCLES
+    printf("\n");
+}
+#endif /* NO_MD5 */
+
+
+#ifndef NO_SHA
+void bench_sha(void)
+{
+    Sha    hash;
+    byte   digest[SHA_DIGEST_SIZE];
+    double start, total, persec;
+    int    i, ret;
+        
+    ret = wc_InitSha(&hash);
+    if (ret != 0) {
+        printf("InitSha failed, ret = %d\n", ret);
+        return;
+    }
+    start = current_time(1);
+    BEGIN_INTEL_CYCLES
+    
+    for(i = 0; i < numBlocks; i++)
+        wc_ShaUpdate(&hash, plain, sizeof(plain));
+   
+    wc_ShaFinal(&hash, digest);
+
+    END_INTEL_CYCLES
+    total = current_time(0) - start;
+    persec = 1 / total * numBlocks;
+#ifdef BENCH_EMBEDDED
+    /* since using kB, convert to MB/s */
+    persec = persec / 1024;
+#endif
+
+    printf("SHA      %d %s took %5.3f seconds, %7.3f MB/s", numBlocks,
+                                              blockType, total, persec);
+    SHOW_INTEL_CYCLES
+    printf("\n");
+}
+#endif /* NO_SHA */
+
+
+#ifndef NO_SHA256
+void bench_sha256(void)
+{
+    Sha256 hash;
+    byte   digest[SHA256_DIGEST_SIZE];
+    double start, total, persec;
+    int    i, ret;
+
+    ret = wc_InitSha256(&hash);
+    if (ret != 0) {
+        printf("InitSha256 failed, ret = %d\n", ret);
+        return;
+    }
+    start = current_time(1);
+    BEGIN_INTEL_CYCLES
+
+    for(i = 0; i < numBlocks; i++) {
+        ret = wc_Sha256Update(&hash, plain, sizeof(plain));
+        if (ret != 0) {
+            printf("Sha256Update failed, ret = %d\n", ret);
+            return;
+        }
+    }
+
+    ret = wc_Sha256Final(&hash, digest);
+    if (ret != 0) {
+        printf("Sha256Final failed, ret = %d\n", ret);
+        return;
+    }
+
+    END_INTEL_CYCLES
+    total = current_time(0) - start;
+    persec = 1 / total * numBlocks;
+#ifdef BENCH_EMBEDDED
+    /* since using kB, convert to MB/s */
+    persec = persec / 1024;
+#endif
+
+    printf("SHA-256  %d %s took %5.3f seconds, %7.3f MB/s", numBlocks,
+                                              blockType, total, persec);
+    SHOW_INTEL_CYCLES
+    printf("\n");
+}
+#endif
+
+#ifdef WOLFSSL_SHA384
+void bench_sha384(void)
+{
+    Sha384 hash;
+    byte   digest[SHA384_DIGEST_SIZE];
+    double start, total, persec;
+    int    i, ret;
+
+    ret = wc_InitSha384(&hash);
+    if (ret != 0) {
+        printf("InitSha384 failed, ret = %d\n", ret);
+        return;
+    }
+    start = current_time(1);
+    BEGIN_INTEL_CYCLES
+
+    for(i = 0; i < numBlocks; i++) {
+        ret = wc_Sha384Update(&hash, plain, sizeof(plain));
+        if (ret != 0) {
+            printf("Sha384Update failed, ret = %d\n", ret);
+            return;
+        }
+    }
+
+    ret = wc_Sha384Final(&hash, digest);
+    if (ret != 0) {
+        printf("Sha384Final failed, ret = %d\n", ret);
+        return;
+    }
+
+    END_INTEL_CYCLES
+    total = current_time(0) - start;
+    persec = 1 / total * numBlocks;
+#ifdef BENCH_EMBEDDED
+    /* since using kB, convert to MB/s */
+    persec = persec / 1024;
+#endif
+
+    printf("SHA-384  %d %s took %5.3f seconds, %7.3f MB/s", numBlocks,
+                                              blockType, total, persec);
+    SHOW_INTEL_CYCLES
+    printf("\n");
+}
+#endif
+
+#ifdef WOLFSSL_SHA512
+void bench_sha512(void)
+{
+    Sha512 hash;
+    byte   digest[SHA512_DIGEST_SIZE];
+    double start, total, persec;
+    int    i, ret;
+        
+    ret = wc_InitSha512(&hash);
+    if (ret != 0) {
+        printf("InitSha512 failed, ret = %d\n", ret);
+        return;
+    }
+    start = current_time(1);
+    BEGIN_INTEL_CYCLES
+    
+    for(i = 0; i < numBlocks; i++) {
+        ret = wc_Sha512Update(&hash, plain, sizeof(plain));
+        if (ret != 0) {
+            printf("Sha512Update failed, ret = %d\n", ret);
+            return;
+        }
+    }
+
+    ret = wc_Sha512Final(&hash, digest);
+    if (ret != 0) {
+        printf("Sha512Final failed, ret = %d\n", ret);
+        return;
+    }
+
+    END_INTEL_CYCLES
+    total = current_time(0) - start;
+    persec = 1 / total * numBlocks;
+#ifdef BENCH_EMBEDDED
+    /* since using kB, convert to MB/s */
+    persec = persec / 1024;
+#endif
+
+    printf("SHA-512  %d %s took %5.3f seconds, %7.3f MB/s", numBlocks,
+                                              blockType, total, persec);
+    SHOW_INTEL_CYCLES
+    printf("\n");
+}
+#endif
+
+#ifdef WOLFSSL_RIPEMD
+void bench_ripemd(void)
+{
+    RipeMd hash;
+    byte   digest[RIPEMD_DIGEST_SIZE];
+    double start, total, persec;
+    int    i;
+        
+    wc_InitRipeMd(&hash);
+    start = current_time(1);
+    BEGIN_INTEL_CYCLES
+    
+    for(i = 0; i < numBlocks; i++)
+        wc_RipeMdUpdate(&hash, plain, sizeof(plain));
+   
+    wc_RipeMdFinal(&hash, digest);
+
+    END_INTEL_CYCLES
+    total = current_time(0) - start;
+    persec = 1 / total * numBlocks;
+#ifdef BENCH_EMBEDDED
+    /* since using kB, convert to MB/s */
+    persec = persec / 1024;
+#endif
+
+    printf("RIPEMD   %d %s took %5.3f seconds, %7.3f MB/s", numBlocks,
+                                              blockType, total, persec);
+    SHOW_INTEL_CYCLES
+    printf("\n");
+}
+#endif
+
+
+#ifdef HAVE_BLAKE2
+void bench_blake2(void)
+{
+    Blake2b b2b;
+    byte    digest[64];
+    double  start, total, persec;
+    int     i, ret;
+       
+    ret = wc_InitBlake2b(&b2b, 64);
+    if (ret != 0) {
+        printf("InitBlake2b failed, ret = %d\n", ret);
+        return;
+    }
+    start = current_time(1);
+    BEGIN_INTEL_CYCLES
+    
+    for(i = 0; i < numBlocks; i++) {
+        ret = wc_Blake2bUpdate(&b2b, plain, sizeof(plain));
+        if (ret != 0) {
+            printf("Blake2bUpdate failed, ret = %d\n", ret);
+            return;
+        }
+    }
+   
+    ret = wc_Blake2bFinal(&b2b, digest, 64);
+    if (ret != 0) {
+        printf("Blake2bFinal failed, ret = %d\n", ret);
+        return;
+    }
+
+    END_INTEL_CYCLES
+    total = current_time(0) - start;
+    persec = 1 / total * numBlocks;
+#ifdef BENCH_EMBEDDED
+    /* since using kB, convert to MB/s */
+    persec = persec / 1024;
+#endif
+
+    printf("BLAKE2b  %d %s took %5.3f seconds, %7.3f MB/s", numBlocks,
+                                              blockType, total, persec);
+    SHOW_INTEL_CYCLES
+    printf("\n");
+}
+#endif
+
+
+#ifndef NO_RSA
+
+
+#if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048)
+    #if defined(WOLFSSL_MDK_SHELL)
+        static char *certRSAname = "certs/rsa2048.der";
+        /* set by shell command */
+        static void set_Bench_RSA_File(char * cert) { certRSAname = cert ; }
+    #elif defined(FREESCALE_MQX)
+        static char *certRSAname = "a:\\certs\\rsa2048.der";
+    #else
+        static const char *certRSAname = "certs/rsa2048.der";
+    #endif
+#endif
+
+void bench_rsa(void)
+{
+    int    i;
+    int    ret;
+    byte   tmp[3072];
+    size_t bytes;
+    word32 idx = 0;
+
+    byte      message[] = "Everyone gets Friday off.";
+    byte      enc[512];  /* for up to 4096 bit */
+    const int len = (int)strlen((char*)message);
+    double    start, total, each, milliEach;
+    
+    RsaKey rsaKey;
+    int    rsaKeySz = 2048; /* used in printf */
+
+#ifdef USE_CERT_BUFFERS_1024
+    XMEMCPY(tmp, rsa_key_der_1024, sizeof_rsa_key_der_1024);
+    bytes = sizeof_rsa_key_der_1024;
+    rsaKeySz = 1024;
+#elif defined(USE_CERT_BUFFERS_2048)
+    XMEMCPY(tmp, rsa_key_der_2048, sizeof_rsa_key_der_2048);
+    bytes = sizeof_rsa_key_der_2048;
+#else
+    FILE*  file = fopen(certRSAname, "rb");
+
+    if (!file) {
+        printf("can't find %s, Please run from wolfSSL home dir\n", certRSAname);
+        return;
+    }
+    
+    bytes = fread(tmp, 1, sizeof(tmp), file);
+    fclose(file);
+#endif /* USE_CERT_BUFFERS */
+
+		
+#ifdef HAVE_CAVIUM
+    if (wc_RsaInitCavium(&rsaKey, CAVIUM_DEV_ID) != 0)
+        printf("RSA init cavium failed\n");
+#endif
+    ret = wc_InitRsaKey(&rsaKey, 0);
+    if (ret < 0) {
+        printf("InitRsaKey failed\n");
+        return;
+    }
+    ret = wc_RsaPrivateKeyDecode(tmp, &idx, &rsaKey, (word32)bytes);
+    
+    start = current_time(1);
+
+    for (i = 0; i < ntimes; i++)
+        ret = wc_RsaPublicEncrypt(message,len,enc,sizeof(enc), &rsaKey, &rng);
+
+    total = current_time(0) - start;
+    each  = total / ntimes;   /* per second   */
+    milliEach = each * 1000; /* milliseconds */
+
+    printf("RSA %d encryption took %6.3f milliseconds, avg over %d"
+           " iterations\n", rsaKeySz, milliEach, ntimes);
+
+    if (ret < 0) {
+        printf("Rsa Public Encrypt failed\n");
+        return;
+    }
+
+    start = current_time(1);
+
+    for (i = 0; i < ntimes; i++) {
+         byte  out[512];  /* for up to 4096 bit */
+         wc_RsaPrivateDecrypt(enc, (word32)ret, out, sizeof(out), &rsaKey);
+    }
+
+    total = current_time(0) - start;
+    each  = total / ntimes;   /* per second   */
+    milliEach = each * 1000; /* milliseconds */
+
+    printf("RSA %d decryption took %6.3f milliseconds, avg over %d"
+           " iterations\n", rsaKeySz, milliEach, ntimes);
+
+    wc_FreeRsaKey(&rsaKey);
+#ifdef HAVE_CAVIUM
+    wc_RsaFreeCavium(&rsaKey);
+#endif
+}
+#endif
+
+
+#ifndef NO_DH
+
+
+#if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048)
+    #if defined(WOLFSSL_MDK_SHELL)
+        static char *certDHname = "certs/dh2048.der";
+        /* set by shell command */
+        void set_Bench_DH_File(char * cert) { certDHname = cert ; }
+    #elif defined(FREESCALE_MQX)
+        static char *certDHname = "a:\\certs\\dh2048.der";
+    #else
+        static const char *certDHname = "certs/dh2048.der";
+    #endif
+#endif
+
+void bench_dh(void)
+{
+    int    i ;
+    byte   tmp[1024];
+    size_t bytes;
+    word32 idx = 0, pubSz, privSz = 0, pubSz2, privSz2, agreeSz;
+
+    byte   pub[256];    /* for 2048 bit */
+    byte   priv[256];   /* for 2048 bit */
+    byte   pub2[256];   /* for 2048 bit */
+    byte   priv2[256];  /* for 2048 bit */
+    byte   agree[256];  /* for 2048 bit */
+    
+    double start, total, each, milliEach;
+    DhKey  dhKey;
+    int    dhKeySz = 2048; /* used in printf */
+
+	
+#ifdef USE_CERT_BUFFERS_1024
+    XMEMCPY(tmp, dh_key_der_1024, sizeof_dh_key_der_1024);
+    bytes = sizeof_dh_key_der_1024;
+    dhKeySz = 1024;
+#elif defined(USE_CERT_BUFFERS_2048)
+    XMEMCPY(tmp, dh_key_der_2048, sizeof_dh_key_der_2048);
+    bytes = sizeof_dh_key_der_2048;
+#else
+    FILE*  file = fopen(certDHname, "rb");
+
+    if (!file) {
+        printf("can't find %s,  Please run from wolfSSL home dir\n", certDHname);
+        return;
+    }
+
+    bytes = fread(tmp, 1, sizeof(tmp), file);
+#endif /* USE_CERT_BUFFERS */
+
+		
+    wc_InitDhKey(&dhKey);
+    bytes = wc_DhKeyDecode(tmp, &idx, &dhKey, (word32)bytes);
+    if (bytes != 0) {
+        printf("dhekydecode failed, can't benchmark\n");
+        #if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048)
+            fclose(file);
+        #endif
+        return;
+    }
+
+    start = current_time(1);
+
+    for (i = 0; i < ntimes; i++)
+        wc_DhGenerateKeyPair(&dhKey, &rng, priv, &privSz, pub, &pubSz);
+
+    total = current_time(0) - start;
+    each  = total / ntimes;   /* per second   */
+    milliEach = each * 1000; /* milliseconds */
+
+    printf("DH  %d key generation  %6.3f milliseconds, avg over %d"
+           " iterations\n", dhKeySz, milliEach, ntimes);
+
+    wc_DhGenerateKeyPair(&dhKey, &rng, priv2, &privSz2, pub2, &pubSz2);
+    start = current_time(1);
+
+    for (i = 0; i < ntimes; i++)
+        wc_DhAgree(&dhKey, agree, &agreeSz, priv, privSz, pub2, pubSz2);
+
+    total = current_time(0) - start;
+    each  = total / ntimes;   /* per second   */
+    milliEach = each * 1000; /* milliseconds */
+
+    printf("DH  %d key agreement   %6.3f milliseconds, avg over %d"
+           " iterations\n", dhKeySz, milliEach, ntimes);
+
+#if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048)
+    fclose(file);
+#endif
+    wc_FreeDhKey(&dhKey);
+}
+#endif
+
+#if defined(WOLFSSL_KEY_GEN) && !defined(NO_RSA)
+void bench_rsaKeyGen(void)
+{
+    RsaKey genKey;
+    double start, total, each, milliEach;
+    int    i;
+  
+    /* 1024 bit */ 
+    start = current_time(1);
+
+    for(i = 0; i < genTimes; i++) {
+        wc_InitRsaKey(&genKey, 0); 
+        wc_MakeRsaKey(&genKey, 1024, 65537, &rng);
+        wc_FreeRsaKey(&genKey);
+    }
+
+    total = current_time(0) - start;
+    each  = total / genTimes;  /* per second  */
+    milliEach = each * 1000;   /* millisconds */
+    printf("\n");
+    printf("RSA 1024 key generation  %6.3f milliseconds, avg over %d"
+           " iterations\n", milliEach, genTimes);
+
+    /* 2048 bit */
+    start = current_time(1);
+
+    for(i = 0; i < genTimes; i++) {
+        wc_InitRsaKey(&genKey, 0); 
+        wc_MakeRsaKey(&genKey, 2048, 65537, &rng);
+        wc_FreeRsaKey(&genKey);
+    }
+
+    total = current_time(0) - start;
+    each  = total / genTimes;  /* per second  */
+    milliEach = each * 1000;   /* millisconds */
+    printf("RSA 2048 key generation  %6.3f milliseconds, avg over %d"
+           " iterations\n", milliEach, genTimes);
+}
+#endif /* WOLFSSL_KEY_GEN */
+#ifdef HAVE_NTRU
+byte GetEntropy(ENTROPY_CMD cmd, byte* out);
+
+byte GetEntropy(ENTROPY_CMD cmd, byte* out)
+{
+    if (cmd == INIT)
+        return (wc_InitRng(&rng) == 0) ? 1 : 0;
+
+    if (out == NULL)
+        return 0;
+
+    if (cmd == GET_BYTE_OF_ENTROPY)
+        return (wc_RNG_GenerateBlock(&rng, out, 1) == 0) ? 1 : 0;
+
+    if (cmd == GET_NUM_BYTES_PER_BYTE_OF_ENTROPY) {
+        *out = 1;
+        return 1;
+    }
+
+    return 0;
+}
+
+void bench_ntru(void)
+{
+    int    i;
+    double start, total, each, milliEach;
+
+    byte   public_key[557];
+    word16 public_key_len = sizeof(public_key);
+    byte   private_key[607];
+    word16 private_key_len = sizeof(private_key);
+
+    byte ciphertext[552];
+    word16 ciphertext_len;
+    byte plaintext[16];
+    word16 plaintext_len;
+
+    DRBG_HANDLE drbg;
+    static byte const aes_key[] = {
+        0xf3, 0xe9, 0x87, 0xbb, 0x18, 0x08, 0x3c, 0xaa,
+        0x7b, 0x12, 0x49, 0x88, 0xaf, 0xb3, 0x22, 0xd8
+    };
+
+    static byte const cyasslStr[] = {
+        'C', 'y', 'a', 'S', 'S', 'L', ' ', 'N', 'T', 'R', 'U'
+    };
+
+    word32 rc = ntru_crypto_drbg_instantiate(112, cyasslStr, sizeof(cyasslStr),
+                                            (ENTROPY_FN) GetEntropy, &drbg);
+    if(rc != DRBG_OK) {
+        printf("NTRU drbg instantiate failed\n");
+        return;
+    }
+
+    rc = ntru_crypto_ntru_encrypt_keygen(drbg, NTRU_EES401EP2, 
+        &public_key_len, NULL, &private_key_len, NULL);
+    if (rc != NTRU_OK) {
+        ntru_crypto_drbg_uninstantiate(drbg);
+        printf("NTRU failed to get key lengths\n");
+        return;
+    }
+
+    rc = ntru_crypto_ntru_encrypt_keygen(drbg, NTRU_EES401EP2, &public_key_len,
+                                     public_key, &private_key_len, 
+                                     private_key);
+
+    ntru_crypto_drbg_uninstantiate(drbg);
+
+    if (rc != NTRU_OK) {
+        ntru_crypto_drbg_uninstantiate(drbg);
+        printf("NTRU keygen failed\n");
+        return;
+    }
+
+    rc = ntru_crypto_drbg_instantiate(112, NULL, 0, (ENTROPY_FN)GetEntropy,
+                                      &drbg);
+    if (rc != DRBG_OK) {
+        printf("NTRU error occurred during DRBG instantiation\n");
+        return;
+    }
+
+    rc = ntru_crypto_ntru_encrypt(drbg, public_key_len, public_key, sizeof(
+        aes_key), aes_key, &ciphertext_len, NULL);
+
+    if (rc != NTRU_OK) {
+        printf("NTRU error occurred requesting the buffer size needed\n");
+        return;
+    }
+    start = current_time(1);
+
+    for (i = 0; i < ntimes; i++) {
+
+        rc = ntru_crypto_ntru_encrypt(drbg, public_key_len, public_key, sizeof(
+            aes_key), aes_key, &ciphertext_len, ciphertext);
+
+        if (rc != NTRU_OK) {
+            printf("NTRU encrypt error\n");
+            return;
+        }
+
+    }
+    rc = ntru_crypto_drbg_uninstantiate(drbg);
+
+    if (rc != DRBG_OK) {
+        printf("NTRU error occurred uninstantiating the DRBG\n");
+        return;
+    }
+
+    total = current_time(0) - start;
+    each  = total / ntimes;   /* per second   */
+    milliEach = each * 1000; /* milliseconds */
+
+    printf("NTRU 112 encryption took %6.3f milliseconds, avg over %d"
+           " iterations\n", milliEach, ntimes);
+
+
+    rc = ntru_crypto_ntru_decrypt(private_key_len, private_key, ciphertext_len,
+                                  ciphertext, &plaintext_len, NULL);
+
+    if (rc != NTRU_OK) {
+        printf("NTRU decrypt error occurred getting the buffer size needed\n");
+        return;
+    }
+
+    plaintext_len = sizeof(plaintext);
+    start = current_time(1);
+
+    for (i = 0; i < ntimes; i++) {
+        rc = ntru_crypto_ntru_decrypt(private_key_len, private_key,
+                                      ciphertext_len, ciphertext,
+                                      &plaintext_len, plaintext);
+
+        if (rc != NTRU_OK) {
+            printf("NTRU error occurred decrypting the key\n");
+            return;
+        }
+    }
+
+    total = current_time(0) - start;
+    each  = total / ntimes;   /* per second   */
+    milliEach = each * 1000; /* milliseconds */
+
+    printf("NTRU 112 decryption took %6.3f milliseconds, avg over %d"
+           " iterations\n", milliEach, ntimes);
+}
+
+void bench_ntruKeyGen(void)
+{
+    double start, total, each, milliEach;
+    int    i;
+
+    byte   public_key[557]; /* 2048 key equivalent to rsa */
+    word16 public_key_len = sizeof(public_key);
+    byte   private_key[607];
+    word16 private_key_len = sizeof(private_key);
+
+    DRBG_HANDLE drbg;
+    static uint8_t const pers_str[] = {
+                'C', 'y', 'a', 'S', 'S', 'L', ' ', 't', 'e', 's', 't'
+    };
+
+    word32 rc = ntru_crypto_drbg_instantiate(112, pers_str, sizeof(pers_str),
+                                             GetEntropy, &drbg);
+    if(rc != DRBG_OK) {
+        printf("NTRU drbg instantiate failed\n");
+        return;
+    }
+
+    start = current_time(1);
+
+    for(i = 0; i < genTimes; i++) {
+        ntru_crypto_ntru_encrypt_keygen(drbg, NTRU_EES401EP2, &public_key_len,
+                                     public_key, &private_key_len, 
+                                     private_key);
+    }
+
+    total = current_time(0) - start;
+
+    rc = ntru_crypto_drbg_uninstantiate(drbg);
+
+    if (rc != NTRU_OK) {
+        printf("NTRU drbg uninstantiate failed\n");
+        return;
+    }
+
+    each = total / genTimes;
+    milliEach = each * 1000;
+
+    printf("\n");
+    printf("NTRU 112 key generation  %6.3f milliseconds, avg over %d"
+        " iterations\n", milliEach, genTimes);
+
+}
+#endif
+
+#ifdef HAVE_ECC 
+void bench_eccKeyGen(void)
+{
+    ecc_key genKey;
+    double start, total, each, milliEach;
+    int    i;
+  
+    /* 256 bit */ 
+    start = current_time(1);
+
+    for(i = 0; i < genTimes; i++) {
+        wc_ecc_init(&genKey);
+        wc_ecc_make_key(&rng, 32, &genKey);
+        wc_ecc_free(&genKey);
+    }
+
+    total = current_time(0) - start;
+    each  = total / genTimes;  /* per second  */
+    milliEach = each * 1000;   /* millisconds */
+    printf("\n");
+    printf("ECC  256 key generation  %6.3f milliseconds, avg over %d"
+           " iterations\n", milliEach, genTimes);
+}
+
+
+void bench_eccKeyAgree(void)
+{
+    ecc_key genKey, genKey2;
+    double start, total, each, milliEach;
+    int    i, ret;
+    byte   shared[1024];
+    byte   sig[1024];
+    byte   digest[32];
+    word32 x = 0;
+ 
+    wc_ecc_init(&genKey);
+    wc_ecc_init(&genKey2);
+
+    ret = wc_ecc_make_key(&rng, 32, &genKey);
+    if (ret != 0) {
+        printf("ecc_make_key failed\n");
+        return;
+    }
+    ret = wc_ecc_make_key(&rng, 32, &genKey2);
+    if (ret != 0) {
+        printf("ecc_make_key failed\n");
+        return;
+    }
+
+    /* 256 bit */ 
+    start = current_time(1);
+
+    for(i = 0; i < agreeTimes; i++) {
+        x = sizeof(shared);
+        ret = wc_ecc_shared_secret(&genKey, &genKey2, shared, &x);
+        if (ret != 0) {
+            printf("ecc_shared_secret failed\n");
+            return; 
+        }
+    }
+
+    total = current_time(0) - start;
+    each  = total / agreeTimes;  /* per second  */
+    milliEach = each * 1000;   /* millisconds */
+    printf("EC-DHE   key agreement   %6.3f milliseconds, avg over %d"
+           " iterations\n", milliEach, agreeTimes);
+
+    /* make dummy digest */
+    for (i = 0; i < (int)sizeof(digest); i++)
+        digest[i] = (byte)i;
+
+
+    start = current_time(1);
+
+    for(i = 0; i < agreeTimes; i++) {
+        x = sizeof(sig);
+        ret = wc_ecc_sign_hash(digest, sizeof(digest), sig, &x, &rng, &genKey);
+        if (ret != 0) {
+            printf("ecc_sign_hash failed\n");
+            return; 
+        }
+    }
+
+    total = current_time(0) - start;
+    each  = total / agreeTimes;  /* per second  */
+    milliEach = each * 1000;   /* millisconds */
+    printf("EC-DSA   sign   time     %6.3f milliseconds, avg over %d"
+           " iterations\n", milliEach, agreeTimes);
+
+    start = current_time(1);
+
+    for(i = 0; i < agreeTimes; i++) {
+        int verify = 0;
+        ret = wc_ecc_verify_hash(sig, x, digest, sizeof(digest), &verify, &genKey);
+        if (ret != 0) {
+            printf("ecc_verify_hash failed\n");
+            return; 
+        }
+    }
+
+    total = current_time(0) - start;
+    each  = total / agreeTimes;  /* per second  */
+    milliEach = each * 1000;     /* millisconds */
+    printf("EC-DSA   verify time     %6.3f milliseconds, avg over %d"
+           " iterations\n", milliEach, agreeTimes);
+
+    wc_ecc_free(&genKey2);
+    wc_ecc_free(&genKey);
+}
+#endif /* HAVE_ECC */
+
+#ifdef HAVE_ECC25519
+void bench_ecc25519KeyGen(void)
+{
+    ecc25519_key genKey;
+    double start, total, each, milliEach;
+    int    i;
+
+    /* 256 bit */
+    start = current_time(1);
+
+    for(i = 0; i < genTimes; i++) {
+        wc_ecc25519_make_key(&rng, 32, &genKey);
+        wc_ecc25519_free(&genKey);
+    }
+
+    total = current_time(0) - start;
+    each  = total / genTimes;  /* per second  */
+    milliEach = each * 1000;   /* millisconds */
+    printf("\n");
+    printf("ECC25519 256 key generation %6.3f milliseconds, avg over %d"
+           " iterations\n", milliEach, genTimes);
+}
+
+
+void bench_ecc25519KeyAgree(void)
+{
+    ecc25519_key genKey, genKey2;
+    double start, total, each, milliEach;
+    int    i, ret;
+    byte   shared[1024];
+    word32 x = 0;
+
+    wc_ecc25519_init(&genKey);
+    wc_ecc25519_init(&genKey2);
+
+    ret = wc_ecc25519_make_key(&rng, 32, &genKey);
+    if (ret != 0) {
+        printf("ecc25519_make_key failed\n");
+        return;
+    }
+    ret = wc_ecc25519_make_key(&rng, 32, &genKey2);
+    if (ret != 0) {
+        printf("ecc25519_make_key failed\n");
+        return;
+    }
+
+    /* 256 bit */
+    start = current_time(1);
+
+    for(i = 0; i < agreeTimes; i++) {
+        x = sizeof(shared);
+        ret = wc_ecc25519_shared_secret(&genKey, &genKey2, shared, &x);
+        if (ret != 0) {
+            printf("ecc25519_shared_secret failed\n");
+            return;
+        }
+    }
+
+    total = current_time(0) - start;
+    each  = total / agreeTimes;  /* per second  */
+    milliEach = each * 1000;   /* millisconds */
+    printf("ECC25519 key agreement      %6.3f milliseconds, avg over %d"
+           " iterations\n", milliEach, agreeTimes);
+
+    wc_ecc25519_free(&genKey2);
+    wc_ecc25519_free(&genKey);
+}
+#endif /* HAVE_ECC25519 */
+
+
+#ifdef _WIN32
+
+    #define WIN32_LEAN_AND_MEAN
+    #include 
+
+    double current_time(int reset)
+    {
+        static int init = 0;
+        static LARGE_INTEGER freq;
+    
+        LARGE_INTEGER count;
+
+        (void)reset;
+
+        if (!init) {
+            QueryPerformanceFrequency(&freq);
+            init = 1;
+        }
+
+        QueryPerformanceCounter(&count);
+
+        return (double)count.QuadPart / freq.QuadPart;
+    }
+
+#elif defined MICROCHIP_PIC32
+    #if defined(WOLFSSL_MICROCHIP_PIC32MZ)
+        #define CLOCK 80000000.0
+    #else
+        #include 
+        #define CLOCK 40000000.0
+    #endif
+
+    double current_time(int reset)
+    {
+        unsigned int ns;
+
+        if (reset) {
+            WriteCoreTimer(0);
+        }
+
+        /* get timer in ns */
+        ns = ReadCoreTimer();
+
+        /* return seconds as a double */
+        return ( ns / CLOCK * 2.0);
+    }
+
+#elif defined(WOLFSSL_IAR_ARM) || defined (WOLFSSL_MDK_ARM)
+    #warning "Write your current_time()"
+    double current_time(int reset) { return 0.0 ; }
+    
+#elif defined FREERTOS
+
+    double current_time(int reset)
+    {
+        (void) reset;
+
+        portTickType tickCount;
+
+        /* tick count == ms, if configTICK_RATE_HZ is set to 1000 */
+        tickCount = xTaskGetTickCount();
+        return (double)tickCount / 1000;
+    }
+
+#elif defined (WOLFSSL_TIRTOS)
+
+    extern double current_time(int reset);
+
+#elif defined(FREESCALE_MQX)
+
+    double current_time(int reset)
+    {
+        TIME_STRUCT tv;
+        _time_get(&tv);
+
+        return (double)tv.SECONDS + (double)tv.MILLISECONDS / 1000;
+    }
+
+#else
+
+    #include 
+
+    double current_time(int reset)
+    {
+        struct timeval tv;
+
+        (void)reset;
+
+        gettimeofday(&tv, 0);
+
+        return (double)tv.tv_sec + (double)tv.tv_usec / 1000000;
+    }
+
+#endif /* _WIN32 */
+
+#ifdef HAVE_GET_CYCLES
+
+static INLINE word64 get_intel_cycles(void)
+{
+    unsigned int lo_c, hi_c;
+    __asm__ __volatile__ (
+        "cpuid\n\t"
+        "rdtsc"
+            : "=a"(lo_c), "=d"(hi_c)   /* out */
+            : "a"(0)                   /* in */
+            : "%ebx", "%ecx");         /* clobber */
+    return ((word64)lo_c) | (((word64)hi_c) << 32);
+}
+
+#endif /* HAVE_GET_CYCLES */
diff --git a/3P/wolfssl/wolfcrypt/benchmark/benchmark.sln b/3P/wolfssl/wolfcrypt/benchmark/benchmark.sln
new file mode 100755
index 00000000..e3e9483b
--- /dev/null
+++ b/3P/wolfssl/wolfcrypt/benchmark/benchmark.sln
@@ -0,0 +1,20 @@
+
+Microsoft Visual Studio Solution File, Format Version 9.00
+# Visual C++ Express 2005
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "benchmark", "benchmark.vcproj", "{615AEC46-5595-4DEA-9490-DBD5DE0F8772}"
+EndProject
+Global
+	GlobalSection(SolutionConfigurationPlatforms) = preSolution
+		Debug|Win32 = Debug|Win32
+		Release|Win32 = Release|Win32
+	EndGlobalSection
+	GlobalSection(ProjectConfigurationPlatforms) = postSolution
+		{615AEC46-5595-4DEA-9490-DBD5DE0F8772}.Debug|Win32.ActiveCfg = Debug|Win32
+		{615AEC46-5595-4DEA-9490-DBD5DE0F8772}.Debug|Win32.Build.0 = Debug|Win32
+		{615AEC46-5595-4DEA-9490-DBD5DE0F8772}.Release|Win32.ActiveCfg = Release|Win32
+		{615AEC46-5595-4DEA-9490-DBD5DE0F8772}.Release|Win32.Build.0 = Release|Win32
+	EndGlobalSection
+	GlobalSection(SolutionProperties) = preSolution
+		HideSolutionNode = FALSE
+	EndGlobalSection
+EndGlobal
diff --git a/3P/wolfssl/wolfcrypt/benchmark/benchmark.vcproj b/3P/wolfssl/wolfcrypt/benchmark/benchmark.vcproj
new file mode 100755
index 00000000..5db23c37
--- /dev/null
+++ b/3P/wolfssl/wolfcrypt/benchmark/benchmark.vcproj
@@ -0,0 +1,195 @@
+
+
+	
+		
+	
+	
+	
+	
+		
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+		
+		
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+		
+	
+	
+	
+	
+		
+		
+		
+		
+		
+			
+			
+		
+	
+	
+	
+
diff --git a/3P/wolfssl/wolfcrypt/benchmark/include.am b/3P/wolfssl/wolfcrypt/benchmark/include.am
new file mode 100644
index 00000000..db70ba79
--- /dev/null
+++ b/3P/wolfssl/wolfcrypt/benchmark/include.am
@@ -0,0 +1,10 @@
+# vim:ft=automake
+# All paths should be given relative to the root
+
+noinst_PROGRAMS += wolfcrypt/benchmark/benchmark
+wolfcrypt_benchmark_benchmark_SOURCES      = wolfcrypt/benchmark/benchmark.c
+wolfcrypt_benchmark_benchmark_LDADD        = src/libwolfssl.la
+wolfcrypt_benchmark_benchmark_DEPENDENCIES = src/libwolfssl.la
+EXTRA_DIST += wolfcrypt/benchmark/benchmark.sln 
+EXTRA_DIST += wolfcrypt/benchmark/benchmark.vcproj
+DISTCLEANFILES+= wolfcrypt/benchmark/.libs/benchmark
diff --git a/3P/wolfssl/wolfcrypt/src/aes.c b/3P/wolfssl/wolfcrypt/src/aes.c
new file mode 100644
index 00000000..4a04488f
--- /dev/null
+++ b/3P/wolfssl/wolfcrypt/src/aes.c
@@ -0,0 +1,3890 @@
+/* aes.c
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+#ifdef HAVE_CONFIG_H
+    #include 
+#endif
+
+#include 
+
+#ifndef NO_AES
+
+#include 
+
+#ifdef HAVE_FIPS
+int wc_AesSetKey(Aes* aes, const byte* key, word32 len, const byte* iv,
+                          int dir)
+{
+    return AesSetKey_fips(aes, key, len, iv, dir);
+}
+
+
+int wc_AesSetIV(Aes* aes, const byte* iv)
+{
+    return AesSetIV_fips(aes, iv);
+}
+
+
+int wc_AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
+{
+    return AesCbcEncrypt_fips(aes, out, in, sz);
+}
+
+
+int wc_AesCbcDecrypt(Aes* aes, byte* out, const byte* in, word32 sz)
+{
+    return AesCbcDecrypt_fips(aes, out, in, sz);
+}
+
+
+int wc_AesCbcDecryptWithKey(byte* out, const byte* in, word32 inSz,
+                                 const byte* key, word32 keySz, const byte* iv)
+{
+    return AesCbcDecryptWithKey(out, in, inSz, key, keySz, iv);
+}
+
+
+/* AES-CTR */
+#ifdef WOLFSSL_AES_COUNTER
+void wc_AesCtrEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
+{
+    AesCtrEncrypt(aes, out, in, sz);
+}
+#endif
+
+/* AES-DIRECT */
+#if defined(WOLFSSL_AES_DIRECT)
+void wc_AesEncryptDirect(Aes* aes, byte* out, const byte* in)
+{
+    AesEncryptDirect(aes, out, in);
+}
+
+
+void wc_AesDecryptDirect(Aes* aes, byte* out, const byte* in)
+{
+    AesDecryptDirect(aes, out, in);
+}
+
+
+int wc_AesSetKeyDirect(Aes* aes, const byte* key, word32 len,
+                                const byte* iv, int dir)
+{
+    return AesSetKeyDirect(aes, key, len, iv, dir);
+}
+#endif
+
+
+#ifdef HAVE_AESGCM
+int wc_AesGcmSetKey(Aes* aes, const byte* key, word32 len)
+{
+    return AesGcmSetKey_fips(aes, key, len);
+}
+
+
+int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
+                              const byte* iv, word32 ivSz,
+                              byte* authTag, word32 authTagSz,
+                              const byte* authIn, word32 authInSz)
+{
+    return AesGcmEncrypt_fips(aes, out, in, sz, iv, ivSz, authTag, authTagSz,
+                              authIn, authInSz);
+}
+
+
+int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
+                              const byte* iv, word32 ivSz,
+                              const byte* authTag, word32 authTagSz,
+                              const byte* authIn, word32 authInSz)
+{
+    return AesGcmDecrypt_fips(aes, out, in, sz, iv, ivSz, authTag, authTagSz,
+                              authIn, authInSz);
+}
+
+
+int wc_GmacSetKey(Gmac* gmac, const byte* key, word32 len)
+{
+    return GmacSetKey(gmac, key, len);
+}
+
+
+int wc_GmacUpdate(Gmac* gmac, const byte* iv, word32 ivSz,
+                              const byte* authIn, word32 authInSz,
+                              byte* authTag, word32 authTagSz)
+{
+    return GmacUpdate(gmac, iv, ivSz, authIn, authInSz,
+                      authTag, authTagSz);
+}
+
+#endif /* HAVE_AESGCM */
+#ifdef HAVE_AESCCM
+void wc_AesCcmSetKey(Aes* aes, const byte* key, word32 keySz)
+{
+    AesCcmSetKey(aes, key, keySz);
+}
+
+
+void wc_AesCcmEncrypt(Aes* aes, byte* out, const byte* in, word32 inSz,
+                              const byte* nonce, word32 nonceSz,
+                              byte* authTag, word32 authTagSz,
+                              const byte* authIn, word32 authInSz)
+{
+    AesCcmEncrypt(aes, out, in, inSz, nonce, nonceSz, authTag, authTagSz,
+                  authIn, authInSz);
+}
+
+
+int  wc_AesCcmDecrypt(Aes* aes, byte* out, const byte* in, word32 inSz,
+                              const byte* nonce, word32 nonceSz,
+                              const byte* authTag, word32 authTagSz,
+                              const byte* authIn, word32 authInSz)
+{
+    return AesCcmDecrypt(aes, out, in, inSz, nonce, nonceSz, authTag, authTagSz,
+                         authIn, authInSz);
+}
+#endif /* HAVE_AESCCM */
+
+#ifdef HAVE_CAVIUM
+int  wc_AesInitCavium(Aes* aes, int i)
+{
+    return AesInitCavium(aes, i);
+}
+
+
+void wc_AesFreeCavium(Aes* aes)
+{
+    AesFreeCavium(aes);
+}
+#endif
+#else /* HAVE_FIPS */
+#include 
+#include 
+#ifdef NO_INLINE
+    #include 
+#else
+    #include 
+#endif
+#ifdef DEBUG_AESNI
+    #include 
+#endif
+
+
+#ifdef _MSC_VER
+    /* 4127 warning constant while(1)  */
+    #pragma warning(disable: 4127)
+#endif
+
+
+#if defined(STM32F2_CRYPTO)
+     /* STM32F2 hardware AES support for CBC, CTR modes through the STM32F2
+      * Standard Peripheral Library. Documentation located in STM32F2xx
+      * Standard Peripheral Library document (See note in README).
+      * NOTE: no support for AES-GCM/CCM/Direct */
+    #include "stm32f2xx.h"
+    #include "stm32f2xx_cryp.h"
+#elif defined(HAVE_COLDFIRE_SEC)
+    /* Freescale Coldfire SEC support for CBC mode.
+     * NOTE: no support for AES-CTR/GCM/CCM/Direct */
+    #include 
+    #include "sec.h"
+    #include "mcf5475_sec.h"
+    #include "mcf5475_siu.h"
+#elif defined(FREESCALE_MMCAU)
+    /* Freescale mmCAU hardware AES support for Direct, CBC, CCM, GCM modes
+     * through the CAU/mmCAU library. Documentation located in
+     * ColdFire/ColdFire+ CAU and Kinetis mmCAU Software Library User
+     * Guide (See note in README).
+     * NOTE: no support for AES-CTR */
+    #include "cau_api.h"
+#elif defined(WOLFSSL_PIC32MZ_CRYPT)
+    /* NOTE: no support for AES-CCM/Direct */
+    #define DEBUG_WOLFSSL
+    #include "wolfssl/wolfcrypt/port/pic32/pic32mz-crypt.h"
+#elif defined(HAVE_CAVIUM)
+    #include 
+    #include "cavium_common.h"
+
+    /* still leave SW crypto available */
+    #define NEED_AES_TABLES
+
+    static int  wc_AesCaviumSetKey(Aes* aes, const byte* key, word32 length,
+                                const byte* iv);
+    static int  wc_AesCaviumCbcEncrypt(Aes* aes, byte* out, const byte* in,
+                                    word32 length);
+    static int  wc_AesCaviumCbcDecrypt(Aes* aes, byte* out, const byte* in,
+                                    word32 length);
+#else
+    /* using CTaoCrypt software AES implementation */
+    #define NEED_AES_TABLES
+#endif /* STM32F2_CRYPTO */
+
+
+#ifdef NEED_AES_TABLES
+
+static const word32 rcon[] = {
+    0x01000000, 0x02000000, 0x04000000, 0x08000000,
+    0x10000000, 0x20000000, 0x40000000, 0x80000000,
+    0x1B000000, 0x36000000,
+    /* for 128-bit blocks, Rijndael never uses more than 10 rcon values */
+};
+
+static const word32 Te[5][256] = {
+{
+    0xc66363a5U, 0xf87c7c84U, 0xee777799U, 0xf67b7b8dU,
+    0xfff2f20dU, 0xd66b6bbdU, 0xde6f6fb1U, 0x91c5c554U,
+    0x60303050U, 0x02010103U, 0xce6767a9U, 0x562b2b7dU,
+    0xe7fefe19U, 0xb5d7d762U, 0x4dababe6U, 0xec76769aU,
+    0x8fcaca45U, 0x1f82829dU, 0x89c9c940U, 0xfa7d7d87U,
+    0xeffafa15U, 0xb25959ebU, 0x8e4747c9U, 0xfbf0f00bU,
+    0x41adadecU, 0xb3d4d467U, 0x5fa2a2fdU, 0x45afafeaU,
+    0x239c9cbfU, 0x53a4a4f7U, 0xe4727296U, 0x9bc0c05bU,
+    0x75b7b7c2U, 0xe1fdfd1cU, 0x3d9393aeU, 0x4c26266aU,
+    0x6c36365aU, 0x7e3f3f41U, 0xf5f7f702U, 0x83cccc4fU,
+    0x6834345cU, 0x51a5a5f4U, 0xd1e5e534U, 0xf9f1f108U,
+    0xe2717193U, 0xabd8d873U, 0x62313153U, 0x2a15153fU,
+    0x0804040cU, 0x95c7c752U, 0x46232365U, 0x9dc3c35eU,
+    0x30181828U, 0x379696a1U, 0x0a05050fU, 0x2f9a9ab5U,
+    0x0e070709U, 0x24121236U, 0x1b80809bU, 0xdfe2e23dU,
+    0xcdebeb26U, 0x4e272769U, 0x7fb2b2cdU, 0xea75759fU,
+    0x1209091bU, 0x1d83839eU, 0x582c2c74U, 0x341a1a2eU,
+    0x361b1b2dU, 0xdc6e6eb2U, 0xb45a5aeeU, 0x5ba0a0fbU,
+    0xa45252f6U, 0x763b3b4dU, 0xb7d6d661U, 0x7db3b3ceU,
+    0x5229297bU, 0xdde3e33eU, 0x5e2f2f71U, 0x13848497U,
+    0xa65353f5U, 0xb9d1d168U, 0x00000000U, 0xc1eded2cU,
+    0x40202060U, 0xe3fcfc1fU, 0x79b1b1c8U, 0xb65b5bedU,
+    0xd46a6abeU, 0x8dcbcb46U, 0x67bebed9U, 0x7239394bU,
+    0x944a4adeU, 0x984c4cd4U, 0xb05858e8U, 0x85cfcf4aU,
+    0xbbd0d06bU, 0xc5efef2aU, 0x4faaaae5U, 0xedfbfb16U,
+    0x864343c5U, 0x9a4d4dd7U, 0x66333355U, 0x11858594U,
+    0x8a4545cfU, 0xe9f9f910U, 0x04020206U, 0xfe7f7f81U,
+    0xa05050f0U, 0x783c3c44U, 0x259f9fbaU, 0x4ba8a8e3U,
+    0xa25151f3U, 0x5da3a3feU, 0x804040c0U, 0x058f8f8aU,
+    0x3f9292adU, 0x219d9dbcU, 0x70383848U, 0xf1f5f504U,
+    0x63bcbcdfU, 0x77b6b6c1U, 0xafdada75U, 0x42212163U,
+    0x20101030U, 0xe5ffff1aU, 0xfdf3f30eU, 0xbfd2d26dU,
+    0x81cdcd4cU, 0x180c0c14U, 0x26131335U, 0xc3ecec2fU,
+    0xbe5f5fe1U, 0x359797a2U, 0x884444ccU, 0x2e171739U,
+    0x93c4c457U, 0x55a7a7f2U, 0xfc7e7e82U, 0x7a3d3d47U,
+    0xc86464acU, 0xba5d5de7U, 0x3219192bU, 0xe6737395U,
+    0xc06060a0U, 0x19818198U, 0x9e4f4fd1U, 0xa3dcdc7fU,
+    0x44222266U, 0x542a2a7eU, 0x3b9090abU, 0x0b888883U,
+    0x8c4646caU, 0xc7eeee29U, 0x6bb8b8d3U, 0x2814143cU,
+    0xa7dede79U, 0xbc5e5ee2U, 0x160b0b1dU, 0xaddbdb76U,
+    0xdbe0e03bU, 0x64323256U, 0x743a3a4eU, 0x140a0a1eU,
+    0x924949dbU, 0x0c06060aU, 0x4824246cU, 0xb85c5ce4U,
+    0x9fc2c25dU, 0xbdd3d36eU, 0x43acacefU, 0xc46262a6U,
+    0x399191a8U, 0x319595a4U, 0xd3e4e437U, 0xf279798bU,
+    0xd5e7e732U, 0x8bc8c843U, 0x6e373759U, 0xda6d6db7U,
+    0x018d8d8cU, 0xb1d5d564U, 0x9c4e4ed2U, 0x49a9a9e0U,
+    0xd86c6cb4U, 0xac5656faU, 0xf3f4f407U, 0xcfeaea25U,
+    0xca6565afU, 0xf47a7a8eU, 0x47aeaee9U, 0x10080818U,
+    0x6fbabad5U, 0xf0787888U, 0x4a25256fU, 0x5c2e2e72U,
+    0x381c1c24U, 0x57a6a6f1U, 0x73b4b4c7U, 0x97c6c651U,
+    0xcbe8e823U, 0xa1dddd7cU, 0xe874749cU, 0x3e1f1f21U,
+    0x964b4bddU, 0x61bdbddcU, 0x0d8b8b86U, 0x0f8a8a85U,
+    0xe0707090U, 0x7c3e3e42U, 0x71b5b5c4U, 0xcc6666aaU,
+    0x904848d8U, 0x06030305U, 0xf7f6f601U, 0x1c0e0e12U,
+    0xc26161a3U, 0x6a35355fU, 0xae5757f9U, 0x69b9b9d0U,
+    0x17868691U, 0x99c1c158U, 0x3a1d1d27U, 0x279e9eb9U,
+    0xd9e1e138U, 0xebf8f813U, 0x2b9898b3U, 0x22111133U,
+    0xd26969bbU, 0xa9d9d970U, 0x078e8e89U, 0x339494a7U,
+    0x2d9b9bb6U, 0x3c1e1e22U, 0x15878792U, 0xc9e9e920U,
+    0x87cece49U, 0xaa5555ffU, 0x50282878U, 0xa5dfdf7aU,
+    0x038c8c8fU, 0x59a1a1f8U, 0x09898980U, 0x1a0d0d17U,
+    0x65bfbfdaU, 0xd7e6e631U, 0x844242c6U, 0xd06868b8U,
+    0x824141c3U, 0x299999b0U, 0x5a2d2d77U, 0x1e0f0f11U,
+    0x7bb0b0cbU, 0xa85454fcU, 0x6dbbbbd6U, 0x2c16163aU,
+},
+{
+    0xa5c66363U, 0x84f87c7cU, 0x99ee7777U, 0x8df67b7bU,
+    0x0dfff2f2U, 0xbdd66b6bU, 0xb1de6f6fU, 0x5491c5c5U,
+    0x50603030U, 0x03020101U, 0xa9ce6767U, 0x7d562b2bU,
+    0x19e7fefeU, 0x62b5d7d7U, 0xe64dababU, 0x9aec7676U,
+    0x458fcacaU, 0x9d1f8282U, 0x4089c9c9U, 0x87fa7d7dU,
+    0x15effafaU, 0xebb25959U, 0xc98e4747U, 0x0bfbf0f0U,
+    0xec41adadU, 0x67b3d4d4U, 0xfd5fa2a2U, 0xea45afafU,
+    0xbf239c9cU, 0xf753a4a4U, 0x96e47272U, 0x5b9bc0c0U,
+    0xc275b7b7U, 0x1ce1fdfdU, 0xae3d9393U, 0x6a4c2626U,
+    0x5a6c3636U, 0x417e3f3fU, 0x02f5f7f7U, 0x4f83ccccU,
+    0x5c683434U, 0xf451a5a5U, 0x34d1e5e5U, 0x08f9f1f1U,
+    0x93e27171U, 0x73abd8d8U, 0x53623131U, 0x3f2a1515U,
+    0x0c080404U, 0x5295c7c7U, 0x65462323U, 0x5e9dc3c3U,
+    0x28301818U, 0xa1379696U, 0x0f0a0505U, 0xb52f9a9aU,
+    0x090e0707U, 0x36241212U, 0x9b1b8080U, 0x3ddfe2e2U,
+    0x26cdebebU, 0x694e2727U, 0xcd7fb2b2U, 0x9fea7575U,
+    0x1b120909U, 0x9e1d8383U, 0x74582c2cU, 0x2e341a1aU,
+    0x2d361b1bU, 0xb2dc6e6eU, 0xeeb45a5aU, 0xfb5ba0a0U,
+    0xf6a45252U, 0x4d763b3bU, 0x61b7d6d6U, 0xce7db3b3U,
+    0x7b522929U, 0x3edde3e3U, 0x715e2f2fU, 0x97138484U,
+    0xf5a65353U, 0x68b9d1d1U, 0x00000000U, 0x2cc1ededU,
+    0x60402020U, 0x1fe3fcfcU, 0xc879b1b1U, 0xedb65b5bU,
+    0xbed46a6aU, 0x468dcbcbU, 0xd967bebeU, 0x4b723939U,
+    0xde944a4aU, 0xd4984c4cU, 0xe8b05858U, 0x4a85cfcfU,
+    0x6bbbd0d0U, 0x2ac5efefU, 0xe54faaaaU, 0x16edfbfbU,
+    0xc5864343U, 0xd79a4d4dU, 0x55663333U, 0x94118585U,
+    0xcf8a4545U, 0x10e9f9f9U, 0x06040202U, 0x81fe7f7fU,
+    0xf0a05050U, 0x44783c3cU, 0xba259f9fU, 0xe34ba8a8U,
+    0xf3a25151U, 0xfe5da3a3U, 0xc0804040U, 0x8a058f8fU,
+    0xad3f9292U, 0xbc219d9dU, 0x48703838U, 0x04f1f5f5U,
+    0xdf63bcbcU, 0xc177b6b6U, 0x75afdadaU, 0x63422121U,
+    0x30201010U, 0x1ae5ffffU, 0x0efdf3f3U, 0x6dbfd2d2U,
+    0x4c81cdcdU, 0x14180c0cU, 0x35261313U, 0x2fc3ececU,
+    0xe1be5f5fU, 0xa2359797U, 0xcc884444U, 0x392e1717U,
+    0x5793c4c4U, 0xf255a7a7U, 0x82fc7e7eU, 0x477a3d3dU,
+    0xacc86464U, 0xe7ba5d5dU, 0x2b321919U, 0x95e67373U,
+    0xa0c06060U, 0x98198181U, 0xd19e4f4fU, 0x7fa3dcdcU,
+    0x66442222U, 0x7e542a2aU, 0xab3b9090U, 0x830b8888U,
+    0xca8c4646U, 0x29c7eeeeU, 0xd36bb8b8U, 0x3c281414U,
+    0x79a7dedeU, 0xe2bc5e5eU, 0x1d160b0bU, 0x76addbdbU,
+    0x3bdbe0e0U, 0x56643232U, 0x4e743a3aU, 0x1e140a0aU,
+    0xdb924949U, 0x0a0c0606U, 0x6c482424U, 0xe4b85c5cU,
+    0x5d9fc2c2U, 0x6ebdd3d3U, 0xef43acacU, 0xa6c46262U,
+    0xa8399191U, 0xa4319595U, 0x37d3e4e4U, 0x8bf27979U,
+    0x32d5e7e7U, 0x438bc8c8U, 0x596e3737U, 0xb7da6d6dU,
+    0x8c018d8dU, 0x64b1d5d5U, 0xd29c4e4eU, 0xe049a9a9U,
+    0xb4d86c6cU, 0xfaac5656U, 0x07f3f4f4U, 0x25cfeaeaU,
+    0xafca6565U, 0x8ef47a7aU, 0xe947aeaeU, 0x18100808U,
+    0xd56fbabaU, 0x88f07878U, 0x6f4a2525U, 0x725c2e2eU,
+    0x24381c1cU, 0xf157a6a6U, 0xc773b4b4U, 0x5197c6c6U,
+    0x23cbe8e8U, 0x7ca1ddddU, 0x9ce87474U, 0x213e1f1fU,
+    0xdd964b4bU, 0xdc61bdbdU, 0x860d8b8bU, 0x850f8a8aU,
+    0x90e07070U, 0x427c3e3eU, 0xc471b5b5U, 0xaacc6666U,
+    0xd8904848U, 0x05060303U, 0x01f7f6f6U, 0x121c0e0eU,
+    0xa3c26161U, 0x5f6a3535U, 0xf9ae5757U, 0xd069b9b9U,
+    0x91178686U, 0x5899c1c1U, 0x273a1d1dU, 0xb9279e9eU,
+    0x38d9e1e1U, 0x13ebf8f8U, 0xb32b9898U, 0x33221111U,
+    0xbbd26969U, 0x70a9d9d9U, 0x89078e8eU, 0xa7339494U,
+    0xb62d9b9bU, 0x223c1e1eU, 0x92158787U, 0x20c9e9e9U,
+    0x4987ceceU, 0xffaa5555U, 0x78502828U, 0x7aa5dfdfU,
+    0x8f038c8cU, 0xf859a1a1U, 0x80098989U, 0x171a0d0dU,
+    0xda65bfbfU, 0x31d7e6e6U, 0xc6844242U, 0xb8d06868U,
+    0xc3824141U, 0xb0299999U, 0x775a2d2dU, 0x111e0f0fU,
+    0xcb7bb0b0U, 0xfca85454U, 0xd66dbbbbU, 0x3a2c1616U,
+},
+{
+    0x63a5c663U, 0x7c84f87cU, 0x7799ee77U, 0x7b8df67bU,
+    0xf20dfff2U, 0x6bbdd66bU, 0x6fb1de6fU, 0xc55491c5U,
+    0x30506030U, 0x01030201U, 0x67a9ce67U, 0x2b7d562bU,
+    0xfe19e7feU, 0xd762b5d7U, 0xabe64dabU, 0x769aec76U,
+    0xca458fcaU, 0x829d1f82U, 0xc94089c9U, 0x7d87fa7dU,
+    0xfa15effaU, 0x59ebb259U, 0x47c98e47U, 0xf00bfbf0U,
+    0xadec41adU, 0xd467b3d4U, 0xa2fd5fa2U, 0xafea45afU,
+    0x9cbf239cU, 0xa4f753a4U, 0x7296e472U, 0xc05b9bc0U,
+    0xb7c275b7U, 0xfd1ce1fdU, 0x93ae3d93U, 0x266a4c26U,
+    0x365a6c36U, 0x3f417e3fU, 0xf702f5f7U, 0xcc4f83ccU,
+    0x345c6834U, 0xa5f451a5U, 0xe534d1e5U, 0xf108f9f1U,
+    0x7193e271U, 0xd873abd8U, 0x31536231U, 0x153f2a15U,
+    0x040c0804U, 0xc75295c7U, 0x23654623U, 0xc35e9dc3U,
+    0x18283018U, 0x96a13796U, 0x050f0a05U, 0x9ab52f9aU,
+    0x07090e07U, 0x12362412U, 0x809b1b80U, 0xe23ddfe2U,
+    0xeb26cdebU, 0x27694e27U, 0xb2cd7fb2U, 0x759fea75U,
+    0x091b1209U, 0x839e1d83U, 0x2c74582cU, 0x1a2e341aU,
+    0x1b2d361bU, 0x6eb2dc6eU, 0x5aeeb45aU, 0xa0fb5ba0U,
+    0x52f6a452U, 0x3b4d763bU, 0xd661b7d6U, 0xb3ce7db3U,
+    0x297b5229U, 0xe33edde3U, 0x2f715e2fU, 0x84971384U,
+    0x53f5a653U, 0xd168b9d1U, 0x00000000U, 0xed2cc1edU,
+    0x20604020U, 0xfc1fe3fcU, 0xb1c879b1U, 0x5bedb65bU,
+    0x6abed46aU, 0xcb468dcbU, 0xbed967beU, 0x394b7239U,
+    0x4ade944aU, 0x4cd4984cU, 0x58e8b058U, 0xcf4a85cfU,
+    0xd06bbbd0U, 0xef2ac5efU, 0xaae54faaU, 0xfb16edfbU,
+    0x43c58643U, 0x4dd79a4dU, 0x33556633U, 0x85941185U,
+    0x45cf8a45U, 0xf910e9f9U, 0x02060402U, 0x7f81fe7fU,
+    0x50f0a050U, 0x3c44783cU, 0x9fba259fU, 0xa8e34ba8U,
+    0x51f3a251U, 0xa3fe5da3U, 0x40c08040U, 0x8f8a058fU,
+    0x92ad3f92U, 0x9dbc219dU, 0x38487038U, 0xf504f1f5U,
+    0xbcdf63bcU, 0xb6c177b6U, 0xda75afdaU, 0x21634221U,
+    0x10302010U, 0xff1ae5ffU, 0xf30efdf3U, 0xd26dbfd2U,
+    0xcd4c81cdU, 0x0c14180cU, 0x13352613U, 0xec2fc3ecU,
+    0x5fe1be5fU, 0x97a23597U, 0x44cc8844U, 0x17392e17U,
+    0xc45793c4U, 0xa7f255a7U, 0x7e82fc7eU, 0x3d477a3dU,
+    0x64acc864U, 0x5de7ba5dU, 0x192b3219U, 0x7395e673U,
+    0x60a0c060U, 0x81981981U, 0x4fd19e4fU, 0xdc7fa3dcU,
+    0x22664422U, 0x2a7e542aU, 0x90ab3b90U, 0x88830b88U,
+    0x46ca8c46U, 0xee29c7eeU, 0xb8d36bb8U, 0x143c2814U,
+    0xde79a7deU, 0x5ee2bc5eU, 0x0b1d160bU, 0xdb76addbU,
+    0xe03bdbe0U, 0x32566432U, 0x3a4e743aU, 0x0a1e140aU,
+    0x49db9249U, 0x060a0c06U, 0x246c4824U, 0x5ce4b85cU,
+    0xc25d9fc2U, 0xd36ebdd3U, 0xacef43acU, 0x62a6c462U,
+    0x91a83991U, 0x95a43195U, 0xe437d3e4U, 0x798bf279U,
+    0xe732d5e7U, 0xc8438bc8U, 0x37596e37U, 0x6db7da6dU,
+    0x8d8c018dU, 0xd564b1d5U, 0x4ed29c4eU, 0xa9e049a9U,
+    0x6cb4d86cU, 0x56faac56U, 0xf407f3f4U, 0xea25cfeaU,
+    0x65afca65U, 0x7a8ef47aU, 0xaee947aeU, 0x08181008U,
+    0xbad56fbaU, 0x7888f078U, 0x256f4a25U, 0x2e725c2eU,
+    0x1c24381cU, 0xa6f157a6U, 0xb4c773b4U, 0xc65197c6U,
+    0xe823cbe8U, 0xdd7ca1ddU, 0x749ce874U, 0x1f213e1fU,
+    0x4bdd964bU, 0xbddc61bdU, 0x8b860d8bU, 0x8a850f8aU,
+    0x7090e070U, 0x3e427c3eU, 0xb5c471b5U, 0x66aacc66U,
+    0x48d89048U, 0x03050603U, 0xf601f7f6U, 0x0e121c0eU,
+    0x61a3c261U, 0x355f6a35U, 0x57f9ae57U, 0xb9d069b9U,
+    0x86911786U, 0xc15899c1U, 0x1d273a1dU, 0x9eb9279eU,
+    0xe138d9e1U, 0xf813ebf8U, 0x98b32b98U, 0x11332211U,
+    0x69bbd269U, 0xd970a9d9U, 0x8e89078eU, 0x94a73394U,
+    0x9bb62d9bU, 0x1e223c1eU, 0x87921587U, 0xe920c9e9U,
+    0xce4987ceU, 0x55ffaa55U, 0x28785028U, 0xdf7aa5dfU,
+    0x8c8f038cU, 0xa1f859a1U, 0x89800989U, 0x0d171a0dU,
+    0xbfda65bfU, 0xe631d7e6U, 0x42c68442U, 0x68b8d068U,
+    0x41c38241U, 0x99b02999U, 0x2d775a2dU, 0x0f111e0fU,
+    0xb0cb7bb0U, 0x54fca854U, 0xbbd66dbbU, 0x163a2c16U,
+},
+{
+    0x6363a5c6U, 0x7c7c84f8U, 0x777799eeU, 0x7b7b8df6U,
+    0xf2f20dffU, 0x6b6bbdd6U, 0x6f6fb1deU, 0xc5c55491U,
+    0x30305060U, 0x01010302U, 0x6767a9ceU, 0x2b2b7d56U,
+    0xfefe19e7U, 0xd7d762b5U, 0xababe64dU, 0x76769aecU,
+    0xcaca458fU, 0x82829d1fU, 0xc9c94089U, 0x7d7d87faU,
+    0xfafa15efU, 0x5959ebb2U, 0x4747c98eU, 0xf0f00bfbU,
+    0xadadec41U, 0xd4d467b3U, 0xa2a2fd5fU, 0xafafea45U,
+    0x9c9cbf23U, 0xa4a4f753U, 0x727296e4U, 0xc0c05b9bU,
+    0xb7b7c275U, 0xfdfd1ce1U, 0x9393ae3dU, 0x26266a4cU,
+    0x36365a6cU, 0x3f3f417eU, 0xf7f702f5U, 0xcccc4f83U,
+    0x34345c68U, 0xa5a5f451U, 0xe5e534d1U, 0xf1f108f9U,
+    0x717193e2U, 0xd8d873abU, 0x31315362U, 0x15153f2aU,
+    0x04040c08U, 0xc7c75295U, 0x23236546U, 0xc3c35e9dU,
+    0x18182830U, 0x9696a137U, 0x05050f0aU, 0x9a9ab52fU,
+    0x0707090eU, 0x12123624U, 0x80809b1bU, 0xe2e23ddfU,
+    0xebeb26cdU, 0x2727694eU, 0xb2b2cd7fU, 0x75759feaU,
+    0x09091b12U, 0x83839e1dU, 0x2c2c7458U, 0x1a1a2e34U,
+    0x1b1b2d36U, 0x6e6eb2dcU, 0x5a5aeeb4U, 0xa0a0fb5bU,
+    0x5252f6a4U, 0x3b3b4d76U, 0xd6d661b7U, 0xb3b3ce7dU,
+    0x29297b52U, 0xe3e33eddU, 0x2f2f715eU, 0x84849713U,
+    0x5353f5a6U, 0xd1d168b9U, 0x00000000U, 0xeded2cc1U,
+    0x20206040U, 0xfcfc1fe3U, 0xb1b1c879U, 0x5b5bedb6U,
+    0x6a6abed4U, 0xcbcb468dU, 0xbebed967U, 0x39394b72U,
+    0x4a4ade94U, 0x4c4cd498U, 0x5858e8b0U, 0xcfcf4a85U,
+    0xd0d06bbbU, 0xefef2ac5U, 0xaaaae54fU, 0xfbfb16edU,
+    0x4343c586U, 0x4d4dd79aU, 0x33335566U, 0x85859411U,
+    0x4545cf8aU, 0xf9f910e9U, 0x02020604U, 0x7f7f81feU,
+    0x5050f0a0U, 0x3c3c4478U, 0x9f9fba25U, 0xa8a8e34bU,
+    0x5151f3a2U, 0xa3a3fe5dU, 0x4040c080U, 0x8f8f8a05U,
+    0x9292ad3fU, 0x9d9dbc21U, 0x38384870U, 0xf5f504f1U,
+    0xbcbcdf63U, 0xb6b6c177U, 0xdada75afU, 0x21216342U,
+    0x10103020U, 0xffff1ae5U, 0xf3f30efdU, 0xd2d26dbfU,
+    0xcdcd4c81U, 0x0c0c1418U, 0x13133526U, 0xecec2fc3U,
+    0x5f5fe1beU, 0x9797a235U, 0x4444cc88U, 0x1717392eU,
+    0xc4c45793U, 0xa7a7f255U, 0x7e7e82fcU, 0x3d3d477aU,
+    0x6464acc8U, 0x5d5de7baU, 0x19192b32U, 0x737395e6U,
+    0x6060a0c0U, 0x81819819U, 0x4f4fd19eU, 0xdcdc7fa3U,
+    0x22226644U, 0x2a2a7e54U, 0x9090ab3bU, 0x8888830bU,
+    0x4646ca8cU, 0xeeee29c7U, 0xb8b8d36bU, 0x14143c28U,
+    0xdede79a7U, 0x5e5ee2bcU, 0x0b0b1d16U, 0xdbdb76adU,
+    0xe0e03bdbU, 0x32325664U, 0x3a3a4e74U, 0x0a0a1e14U,
+    0x4949db92U, 0x06060a0cU, 0x24246c48U, 0x5c5ce4b8U,
+    0xc2c25d9fU, 0xd3d36ebdU, 0xacacef43U, 0x6262a6c4U,
+    0x9191a839U, 0x9595a431U, 0xe4e437d3U, 0x79798bf2U,
+    0xe7e732d5U, 0xc8c8438bU, 0x3737596eU, 0x6d6db7daU,
+    0x8d8d8c01U, 0xd5d564b1U, 0x4e4ed29cU, 0xa9a9e049U,
+    0x6c6cb4d8U, 0x5656faacU, 0xf4f407f3U, 0xeaea25cfU,
+    0x6565afcaU, 0x7a7a8ef4U, 0xaeaee947U, 0x08081810U,
+    0xbabad56fU, 0x787888f0U, 0x25256f4aU, 0x2e2e725cU,
+    0x1c1c2438U, 0xa6a6f157U, 0xb4b4c773U, 0xc6c65197U,
+    0xe8e823cbU, 0xdddd7ca1U, 0x74749ce8U, 0x1f1f213eU,
+    0x4b4bdd96U, 0xbdbddc61U, 0x8b8b860dU, 0x8a8a850fU,
+    0x707090e0U, 0x3e3e427cU, 0xb5b5c471U, 0x6666aaccU,
+    0x4848d890U, 0x03030506U, 0xf6f601f7U, 0x0e0e121cU,
+    0x6161a3c2U, 0x35355f6aU, 0x5757f9aeU, 0xb9b9d069U,
+    0x86869117U, 0xc1c15899U, 0x1d1d273aU, 0x9e9eb927U,
+    0xe1e138d9U, 0xf8f813ebU, 0x9898b32bU, 0x11113322U,
+    0x6969bbd2U, 0xd9d970a9U, 0x8e8e8907U, 0x9494a733U,
+    0x9b9bb62dU, 0x1e1e223cU, 0x87879215U, 0xe9e920c9U,
+    0xcece4987U, 0x5555ffaaU, 0x28287850U, 0xdfdf7aa5U,
+    0x8c8c8f03U, 0xa1a1f859U, 0x89898009U, 0x0d0d171aU,
+    0xbfbfda65U, 0xe6e631d7U, 0x4242c684U, 0x6868b8d0U,
+    0x4141c382U, 0x9999b029U, 0x2d2d775aU, 0x0f0f111eU,
+    0xb0b0cb7bU, 0x5454fca8U, 0xbbbbd66dU, 0x16163a2cU,
+},
+{
+    0x63636363U, 0x7c7c7c7cU, 0x77777777U, 0x7b7b7b7bU,
+    0xf2f2f2f2U, 0x6b6b6b6bU, 0x6f6f6f6fU, 0xc5c5c5c5U,
+    0x30303030U, 0x01010101U, 0x67676767U, 0x2b2b2b2bU,
+    0xfefefefeU, 0xd7d7d7d7U, 0xababababU, 0x76767676U,
+    0xcacacacaU, 0x82828282U, 0xc9c9c9c9U, 0x7d7d7d7dU,
+    0xfafafafaU, 0x59595959U, 0x47474747U, 0xf0f0f0f0U,
+    0xadadadadU, 0xd4d4d4d4U, 0xa2a2a2a2U, 0xafafafafU,
+    0x9c9c9c9cU, 0xa4a4a4a4U, 0x72727272U, 0xc0c0c0c0U,
+    0xb7b7b7b7U, 0xfdfdfdfdU, 0x93939393U, 0x26262626U,
+    0x36363636U, 0x3f3f3f3fU, 0xf7f7f7f7U, 0xccccccccU,
+    0x34343434U, 0xa5a5a5a5U, 0xe5e5e5e5U, 0xf1f1f1f1U,
+    0x71717171U, 0xd8d8d8d8U, 0x31313131U, 0x15151515U,
+    0x04040404U, 0xc7c7c7c7U, 0x23232323U, 0xc3c3c3c3U,
+    0x18181818U, 0x96969696U, 0x05050505U, 0x9a9a9a9aU,
+    0x07070707U, 0x12121212U, 0x80808080U, 0xe2e2e2e2U,
+    0xebebebebU, 0x27272727U, 0xb2b2b2b2U, 0x75757575U,
+    0x09090909U, 0x83838383U, 0x2c2c2c2cU, 0x1a1a1a1aU,
+    0x1b1b1b1bU, 0x6e6e6e6eU, 0x5a5a5a5aU, 0xa0a0a0a0U,
+    0x52525252U, 0x3b3b3b3bU, 0xd6d6d6d6U, 0xb3b3b3b3U,
+    0x29292929U, 0xe3e3e3e3U, 0x2f2f2f2fU, 0x84848484U,
+    0x53535353U, 0xd1d1d1d1U, 0x00000000U, 0xededededU,
+    0x20202020U, 0xfcfcfcfcU, 0xb1b1b1b1U, 0x5b5b5b5bU,
+    0x6a6a6a6aU, 0xcbcbcbcbU, 0xbebebebeU, 0x39393939U,
+    0x4a4a4a4aU, 0x4c4c4c4cU, 0x58585858U, 0xcfcfcfcfU,
+    0xd0d0d0d0U, 0xefefefefU, 0xaaaaaaaaU, 0xfbfbfbfbU,
+    0x43434343U, 0x4d4d4d4dU, 0x33333333U, 0x85858585U,
+    0x45454545U, 0xf9f9f9f9U, 0x02020202U, 0x7f7f7f7fU,
+    0x50505050U, 0x3c3c3c3cU, 0x9f9f9f9fU, 0xa8a8a8a8U,
+    0x51515151U, 0xa3a3a3a3U, 0x40404040U, 0x8f8f8f8fU,
+    0x92929292U, 0x9d9d9d9dU, 0x38383838U, 0xf5f5f5f5U,
+    0xbcbcbcbcU, 0xb6b6b6b6U, 0xdadadadaU, 0x21212121U,
+    0x10101010U, 0xffffffffU, 0xf3f3f3f3U, 0xd2d2d2d2U,
+    0xcdcdcdcdU, 0x0c0c0c0cU, 0x13131313U, 0xececececU,
+    0x5f5f5f5fU, 0x97979797U, 0x44444444U, 0x17171717U,
+    0xc4c4c4c4U, 0xa7a7a7a7U, 0x7e7e7e7eU, 0x3d3d3d3dU,
+    0x64646464U, 0x5d5d5d5dU, 0x19191919U, 0x73737373U,
+    0x60606060U, 0x81818181U, 0x4f4f4f4fU, 0xdcdcdcdcU,
+    0x22222222U, 0x2a2a2a2aU, 0x90909090U, 0x88888888U,
+    0x46464646U, 0xeeeeeeeeU, 0xb8b8b8b8U, 0x14141414U,
+    0xdedededeU, 0x5e5e5e5eU, 0x0b0b0b0bU, 0xdbdbdbdbU,
+    0xe0e0e0e0U, 0x32323232U, 0x3a3a3a3aU, 0x0a0a0a0aU,
+    0x49494949U, 0x06060606U, 0x24242424U, 0x5c5c5c5cU,
+    0xc2c2c2c2U, 0xd3d3d3d3U, 0xacacacacU, 0x62626262U,
+    0x91919191U, 0x95959595U, 0xe4e4e4e4U, 0x79797979U,
+    0xe7e7e7e7U, 0xc8c8c8c8U, 0x37373737U, 0x6d6d6d6dU,
+    0x8d8d8d8dU, 0xd5d5d5d5U, 0x4e4e4e4eU, 0xa9a9a9a9U,
+    0x6c6c6c6cU, 0x56565656U, 0xf4f4f4f4U, 0xeaeaeaeaU,
+    0x65656565U, 0x7a7a7a7aU, 0xaeaeaeaeU, 0x08080808U,
+    0xbabababaU, 0x78787878U, 0x25252525U, 0x2e2e2e2eU,
+    0x1c1c1c1cU, 0xa6a6a6a6U, 0xb4b4b4b4U, 0xc6c6c6c6U,
+    0xe8e8e8e8U, 0xddddddddU, 0x74747474U, 0x1f1f1f1fU,
+    0x4b4b4b4bU, 0xbdbdbdbdU, 0x8b8b8b8bU, 0x8a8a8a8aU,
+    0x70707070U, 0x3e3e3e3eU, 0xb5b5b5b5U, 0x66666666U,
+    0x48484848U, 0x03030303U, 0xf6f6f6f6U, 0x0e0e0e0eU,
+    0x61616161U, 0x35353535U, 0x57575757U, 0xb9b9b9b9U,
+    0x86868686U, 0xc1c1c1c1U, 0x1d1d1d1dU, 0x9e9e9e9eU,
+    0xe1e1e1e1U, 0xf8f8f8f8U, 0x98989898U, 0x11111111U,
+    0x69696969U, 0xd9d9d9d9U, 0x8e8e8e8eU, 0x94949494U,
+    0x9b9b9b9bU, 0x1e1e1e1eU, 0x87878787U, 0xe9e9e9e9U,
+    0xcecececeU, 0x55555555U, 0x28282828U, 0xdfdfdfdfU,
+    0x8c8c8c8cU, 0xa1a1a1a1U, 0x89898989U, 0x0d0d0d0dU,
+    0xbfbfbfbfU, 0xe6e6e6e6U, 0x42424242U, 0x68686868U,
+    0x41414141U, 0x99999999U, 0x2d2d2d2dU, 0x0f0f0f0fU,
+    0xb0b0b0b0U, 0x54545454U, 0xbbbbbbbbU, 0x16161616U,
+}
+};
+
+static const word32 Td[5][256] = {
+{
+    0x51f4a750U, 0x7e416553U, 0x1a17a4c3U, 0x3a275e96U,
+    0x3bab6bcbU, 0x1f9d45f1U, 0xacfa58abU, 0x4be30393U,
+    0x2030fa55U, 0xad766df6U, 0x88cc7691U, 0xf5024c25U,
+    0x4fe5d7fcU, 0xc52acbd7U, 0x26354480U, 0xb562a38fU,
+    0xdeb15a49U, 0x25ba1b67U, 0x45ea0e98U, 0x5dfec0e1U,
+    0xc32f7502U, 0x814cf012U, 0x8d4697a3U, 0x6bd3f9c6U,
+    0x038f5fe7U, 0x15929c95U, 0xbf6d7aebU, 0x955259daU,
+    0xd4be832dU, 0x587421d3U, 0x49e06929U, 0x8ec9c844U,
+    0x75c2896aU, 0xf48e7978U, 0x99583e6bU, 0x27b971ddU,
+    0xbee14fb6U, 0xf088ad17U, 0xc920ac66U, 0x7dce3ab4U,
+    0x63df4a18U, 0xe51a3182U, 0x97513360U, 0x62537f45U,
+    0xb16477e0U, 0xbb6bae84U, 0xfe81a01cU, 0xf9082b94U,
+    0x70486858U, 0x8f45fd19U, 0x94de6c87U, 0x527bf8b7U,
+    0xab73d323U, 0x724b02e2U, 0xe31f8f57U, 0x6655ab2aU,
+    0xb2eb2807U, 0x2fb5c203U, 0x86c57b9aU, 0xd33708a5U,
+    0x302887f2U, 0x23bfa5b2U, 0x02036abaU, 0xed16825cU,
+    0x8acf1c2bU, 0xa779b492U, 0xf307f2f0U, 0x4e69e2a1U,
+    0x65daf4cdU, 0x0605bed5U, 0xd134621fU, 0xc4a6fe8aU,
+    0x342e539dU, 0xa2f355a0U, 0x058ae132U, 0xa4f6eb75U,
+    0x0b83ec39U, 0x4060efaaU, 0x5e719f06U, 0xbd6e1051U,
+    0x3e218af9U, 0x96dd063dU, 0xdd3e05aeU, 0x4de6bd46U,
+    0x91548db5U, 0x71c45d05U, 0x0406d46fU, 0x605015ffU,
+    0x1998fb24U, 0xd6bde997U, 0x894043ccU, 0x67d99e77U,
+    0xb0e842bdU, 0x07898b88U, 0xe7195b38U, 0x79c8eedbU,
+    0xa17c0a47U, 0x7c420fe9U, 0xf8841ec9U, 0x00000000U,
+    0x09808683U, 0x322bed48U, 0x1e1170acU, 0x6c5a724eU,
+    0xfd0efffbU, 0x0f853856U, 0x3daed51eU, 0x362d3927U,
+    0x0a0fd964U, 0x685ca621U, 0x9b5b54d1U, 0x24362e3aU,
+    0x0c0a67b1U, 0x9357e70fU, 0xb4ee96d2U, 0x1b9b919eU,
+    0x80c0c54fU, 0x61dc20a2U, 0x5a774b69U, 0x1c121a16U,
+    0xe293ba0aU, 0xc0a02ae5U, 0x3c22e043U, 0x121b171dU,
+    0x0e090d0bU, 0xf28bc7adU, 0x2db6a8b9U, 0x141ea9c8U,
+    0x57f11985U, 0xaf75074cU, 0xee99ddbbU, 0xa37f60fdU,
+    0xf701269fU, 0x5c72f5bcU, 0x44663bc5U, 0x5bfb7e34U,
+    0x8b432976U, 0xcb23c6dcU, 0xb6edfc68U, 0xb8e4f163U,
+    0xd731dccaU, 0x42638510U, 0x13972240U, 0x84c61120U,
+    0x854a247dU, 0xd2bb3df8U, 0xaef93211U, 0xc729a16dU,
+    0x1d9e2f4bU, 0xdcb230f3U, 0x0d8652ecU, 0x77c1e3d0U,
+    0x2bb3166cU, 0xa970b999U, 0x119448faU, 0x47e96422U,
+    0xa8fc8cc4U, 0xa0f03f1aU, 0x567d2cd8U, 0x223390efU,
+    0x87494ec7U, 0xd938d1c1U, 0x8ccaa2feU, 0x98d40b36U,
+    0xa6f581cfU, 0xa57ade28U, 0xdab78e26U, 0x3fadbfa4U,
+    0x2c3a9de4U, 0x5078920dU, 0x6a5fcc9bU, 0x547e4662U,
+    0xf68d13c2U, 0x90d8b8e8U, 0x2e39f75eU, 0x82c3aff5U,
+    0x9f5d80beU, 0x69d0937cU, 0x6fd52da9U, 0xcf2512b3U,
+    0xc8ac993bU, 0x10187da7U, 0xe89c636eU, 0xdb3bbb7bU,
+    0xcd267809U, 0x6e5918f4U, 0xec9ab701U, 0x834f9aa8U,
+    0xe6956e65U, 0xaaffe67eU, 0x21bccf08U, 0xef15e8e6U,
+    0xbae79bd9U, 0x4a6f36ceU, 0xea9f09d4U, 0x29b07cd6U,
+    0x31a4b2afU, 0x2a3f2331U, 0xc6a59430U, 0x35a266c0U,
+    0x744ebc37U, 0xfc82caa6U, 0xe090d0b0U, 0x33a7d815U,
+    0xf104984aU, 0x41ecdaf7U, 0x7fcd500eU, 0x1791f62fU,
+    0x764dd68dU, 0x43efb04dU, 0xccaa4d54U, 0xe49604dfU,
+    0x9ed1b5e3U, 0x4c6a881bU, 0xc12c1fb8U, 0x4665517fU,
+    0x9d5eea04U, 0x018c355dU, 0xfa877473U, 0xfb0b412eU,
+    0xb3671d5aU, 0x92dbd252U, 0xe9105633U, 0x6dd64713U,
+    0x9ad7618cU, 0x37a10c7aU, 0x59f8148eU, 0xeb133c89U,
+    0xcea927eeU, 0xb761c935U, 0xe11ce5edU, 0x7a47b13cU,
+    0x9cd2df59U, 0x55f2733fU, 0x1814ce79U, 0x73c737bfU,
+    0x53f7cdeaU, 0x5ffdaa5bU, 0xdf3d6f14U, 0x7844db86U,
+    0xcaaff381U, 0xb968c43eU, 0x3824342cU, 0xc2a3405fU,
+    0x161dc372U, 0xbce2250cU, 0x283c498bU, 0xff0d9541U,
+    0x39a80171U, 0x080cb3deU, 0xd8b4e49cU, 0x6456c190U,
+    0x7bcb8461U, 0xd532b670U, 0x486c5c74U, 0xd0b85742U,
+},
+{
+    0x5051f4a7U, 0x537e4165U, 0xc31a17a4U, 0x963a275eU,
+    0xcb3bab6bU, 0xf11f9d45U, 0xabacfa58U, 0x934be303U,
+    0x552030faU, 0xf6ad766dU, 0x9188cc76U, 0x25f5024cU,
+    0xfc4fe5d7U, 0xd7c52acbU, 0x80263544U, 0x8fb562a3U,
+    0x49deb15aU, 0x6725ba1bU, 0x9845ea0eU, 0xe15dfec0U,
+    0x02c32f75U, 0x12814cf0U, 0xa38d4697U, 0xc66bd3f9U,
+    0xe7038f5fU, 0x9515929cU, 0xebbf6d7aU, 0xda955259U,
+    0x2dd4be83U, 0xd3587421U, 0x2949e069U, 0x448ec9c8U,
+    0x6a75c289U, 0x78f48e79U, 0x6b99583eU, 0xdd27b971U,
+    0xb6bee14fU, 0x17f088adU, 0x66c920acU, 0xb47dce3aU,
+    0x1863df4aU, 0x82e51a31U, 0x60975133U, 0x4562537fU,
+    0xe0b16477U, 0x84bb6baeU, 0x1cfe81a0U, 0x94f9082bU,
+    0x58704868U, 0x198f45fdU, 0x8794de6cU, 0xb7527bf8U,
+    0x23ab73d3U, 0xe2724b02U, 0x57e31f8fU, 0x2a6655abU,
+    0x07b2eb28U, 0x032fb5c2U, 0x9a86c57bU, 0xa5d33708U,
+    0xf2302887U, 0xb223bfa5U, 0xba02036aU, 0x5ced1682U,
+    0x2b8acf1cU, 0x92a779b4U, 0xf0f307f2U, 0xa14e69e2U,
+    0xcd65daf4U, 0xd50605beU, 0x1fd13462U, 0x8ac4a6feU,
+    0x9d342e53U, 0xa0a2f355U, 0x32058ae1U, 0x75a4f6ebU,
+    0x390b83ecU, 0xaa4060efU, 0x065e719fU, 0x51bd6e10U,
+    0xf93e218aU, 0x3d96dd06U, 0xaedd3e05U, 0x464de6bdU,
+    0xb591548dU, 0x0571c45dU, 0x6f0406d4U, 0xff605015U,
+    0x241998fbU, 0x97d6bde9U, 0xcc894043U, 0x7767d99eU,
+    0xbdb0e842U, 0x8807898bU, 0x38e7195bU, 0xdb79c8eeU,
+    0x47a17c0aU, 0xe97c420fU, 0xc9f8841eU, 0x00000000U,
+    0x83098086U, 0x48322bedU, 0xac1e1170U, 0x4e6c5a72U,
+    0xfbfd0effU, 0x560f8538U, 0x1e3daed5U, 0x27362d39U,
+    0x640a0fd9U, 0x21685ca6U, 0xd19b5b54U, 0x3a24362eU,
+    0xb10c0a67U, 0x0f9357e7U, 0xd2b4ee96U, 0x9e1b9b91U,
+    0x4f80c0c5U, 0xa261dc20U, 0x695a774bU, 0x161c121aU,
+    0x0ae293baU, 0xe5c0a02aU, 0x433c22e0U, 0x1d121b17U,
+    0x0b0e090dU, 0xadf28bc7U, 0xb92db6a8U, 0xc8141ea9U,
+    0x8557f119U, 0x4caf7507U, 0xbbee99ddU, 0xfda37f60U,
+    0x9ff70126U, 0xbc5c72f5U, 0xc544663bU, 0x345bfb7eU,
+    0x768b4329U, 0xdccb23c6U, 0x68b6edfcU, 0x63b8e4f1U,
+    0xcad731dcU, 0x10426385U, 0x40139722U, 0x2084c611U,
+    0x7d854a24U, 0xf8d2bb3dU, 0x11aef932U, 0x6dc729a1U,
+    0x4b1d9e2fU, 0xf3dcb230U, 0xec0d8652U, 0xd077c1e3U,
+    0x6c2bb316U, 0x99a970b9U, 0xfa119448U, 0x2247e964U,
+    0xc4a8fc8cU, 0x1aa0f03fU, 0xd8567d2cU, 0xef223390U,
+    0xc787494eU, 0xc1d938d1U, 0xfe8ccaa2U, 0x3698d40bU,
+    0xcfa6f581U, 0x28a57adeU, 0x26dab78eU, 0xa43fadbfU,
+    0xe42c3a9dU, 0x0d507892U, 0x9b6a5fccU, 0x62547e46U,
+    0xc2f68d13U, 0xe890d8b8U, 0x5e2e39f7U, 0xf582c3afU,
+    0xbe9f5d80U, 0x7c69d093U, 0xa96fd52dU, 0xb3cf2512U,
+    0x3bc8ac99U, 0xa710187dU, 0x6ee89c63U, 0x7bdb3bbbU,
+    0x09cd2678U, 0xf46e5918U, 0x01ec9ab7U, 0xa8834f9aU,
+    0x65e6956eU, 0x7eaaffe6U, 0x0821bccfU, 0xe6ef15e8U,
+    0xd9bae79bU, 0xce4a6f36U, 0xd4ea9f09U, 0xd629b07cU,
+    0xaf31a4b2U, 0x312a3f23U, 0x30c6a594U, 0xc035a266U,
+    0x37744ebcU, 0xa6fc82caU, 0xb0e090d0U, 0x1533a7d8U,
+    0x4af10498U, 0xf741ecdaU, 0x0e7fcd50U, 0x2f1791f6U,
+    0x8d764dd6U, 0x4d43efb0U, 0x54ccaa4dU, 0xdfe49604U,
+    0xe39ed1b5U, 0x1b4c6a88U, 0xb8c12c1fU, 0x7f466551U,
+    0x049d5eeaU, 0x5d018c35U, 0x73fa8774U, 0x2efb0b41U,
+    0x5ab3671dU, 0x5292dbd2U, 0x33e91056U, 0x136dd647U,
+    0x8c9ad761U, 0x7a37a10cU, 0x8e59f814U, 0x89eb133cU,
+    0xeecea927U, 0x35b761c9U, 0xede11ce5U, 0x3c7a47b1U,
+    0x599cd2dfU, 0x3f55f273U, 0x791814ceU, 0xbf73c737U,
+    0xea53f7cdU, 0x5b5ffdaaU, 0x14df3d6fU, 0x867844dbU,
+    0x81caaff3U, 0x3eb968c4U, 0x2c382434U, 0x5fc2a340U,
+    0x72161dc3U, 0x0cbce225U, 0x8b283c49U, 0x41ff0d95U,
+    0x7139a801U, 0xde080cb3U, 0x9cd8b4e4U, 0x906456c1U,
+    0x617bcb84U, 0x70d532b6U, 0x74486c5cU, 0x42d0b857U,
+},
+{
+    0xa75051f4U, 0x65537e41U, 0xa4c31a17U, 0x5e963a27U,
+    0x6bcb3babU, 0x45f11f9dU, 0x58abacfaU, 0x03934be3U,
+    0xfa552030U, 0x6df6ad76U, 0x769188ccU, 0x4c25f502U,
+    0xd7fc4fe5U, 0xcbd7c52aU, 0x44802635U, 0xa38fb562U,
+    0x5a49deb1U, 0x1b6725baU, 0x0e9845eaU, 0xc0e15dfeU,
+    0x7502c32fU, 0xf012814cU, 0x97a38d46U, 0xf9c66bd3U,
+    0x5fe7038fU, 0x9c951592U, 0x7aebbf6dU, 0x59da9552U,
+    0x832dd4beU, 0x21d35874U, 0x692949e0U, 0xc8448ec9U,
+    0x896a75c2U, 0x7978f48eU, 0x3e6b9958U, 0x71dd27b9U,
+    0x4fb6bee1U, 0xad17f088U, 0xac66c920U, 0x3ab47dceU,
+    0x4a1863dfU, 0x3182e51aU, 0x33609751U, 0x7f456253U,
+    0x77e0b164U, 0xae84bb6bU, 0xa01cfe81U, 0x2b94f908U,
+    0x68587048U, 0xfd198f45U, 0x6c8794deU, 0xf8b7527bU,
+    0xd323ab73U, 0x02e2724bU, 0x8f57e31fU, 0xab2a6655U,
+    0x2807b2ebU, 0xc2032fb5U, 0x7b9a86c5U, 0x08a5d337U,
+    0x87f23028U, 0xa5b223bfU, 0x6aba0203U, 0x825ced16U,
+    0x1c2b8acfU, 0xb492a779U, 0xf2f0f307U, 0xe2a14e69U,
+    0xf4cd65daU, 0xbed50605U, 0x621fd134U, 0xfe8ac4a6U,
+    0x539d342eU, 0x55a0a2f3U, 0xe132058aU, 0xeb75a4f6U,
+    0xec390b83U, 0xefaa4060U, 0x9f065e71U, 0x1051bd6eU,
+
+    0x8af93e21U, 0x063d96ddU, 0x05aedd3eU, 0xbd464de6U,
+    0x8db59154U, 0x5d0571c4U, 0xd46f0406U, 0x15ff6050U,
+    0xfb241998U, 0xe997d6bdU, 0x43cc8940U, 0x9e7767d9U,
+    0x42bdb0e8U, 0x8b880789U, 0x5b38e719U, 0xeedb79c8U,
+    0x0a47a17cU, 0x0fe97c42U, 0x1ec9f884U, 0x00000000U,
+    0x86830980U, 0xed48322bU, 0x70ac1e11U, 0x724e6c5aU,
+    0xfffbfd0eU, 0x38560f85U, 0xd51e3daeU, 0x3927362dU,
+    0xd9640a0fU, 0xa621685cU, 0x54d19b5bU, 0x2e3a2436U,
+    0x67b10c0aU, 0xe70f9357U, 0x96d2b4eeU, 0x919e1b9bU,
+    0xc54f80c0U, 0x20a261dcU, 0x4b695a77U, 0x1a161c12U,
+    0xba0ae293U, 0x2ae5c0a0U, 0xe0433c22U, 0x171d121bU,
+    0x0d0b0e09U, 0xc7adf28bU, 0xa8b92db6U, 0xa9c8141eU,
+    0x198557f1U, 0x074caf75U, 0xddbbee99U, 0x60fda37fU,
+    0x269ff701U, 0xf5bc5c72U, 0x3bc54466U, 0x7e345bfbU,
+    0x29768b43U, 0xc6dccb23U, 0xfc68b6edU, 0xf163b8e4U,
+    0xdccad731U, 0x85104263U, 0x22401397U, 0x112084c6U,
+    0x247d854aU, 0x3df8d2bbU, 0x3211aef9U, 0xa16dc729U,
+    0x2f4b1d9eU, 0x30f3dcb2U, 0x52ec0d86U, 0xe3d077c1U,
+    0x166c2bb3U, 0xb999a970U, 0x48fa1194U, 0x642247e9U,
+    0x8cc4a8fcU, 0x3f1aa0f0U, 0x2cd8567dU, 0x90ef2233U,
+    0x4ec78749U, 0xd1c1d938U, 0xa2fe8ccaU, 0x0b3698d4U,
+    0x81cfa6f5U, 0xde28a57aU, 0x8e26dab7U, 0xbfa43fadU,
+    0x9de42c3aU, 0x920d5078U, 0xcc9b6a5fU, 0x4662547eU,
+    0x13c2f68dU, 0xb8e890d8U, 0xf75e2e39U, 0xaff582c3U,
+    0x80be9f5dU, 0x937c69d0U, 0x2da96fd5U, 0x12b3cf25U,
+    0x993bc8acU, 0x7da71018U, 0x636ee89cU, 0xbb7bdb3bU,
+    0x7809cd26U, 0x18f46e59U, 0xb701ec9aU, 0x9aa8834fU,
+    0x6e65e695U, 0xe67eaaffU, 0xcf0821bcU, 0xe8e6ef15U,
+    0x9bd9bae7U, 0x36ce4a6fU, 0x09d4ea9fU, 0x7cd629b0U,
+    0xb2af31a4U, 0x23312a3fU, 0x9430c6a5U, 0x66c035a2U,
+    0xbc37744eU, 0xcaa6fc82U, 0xd0b0e090U, 0xd81533a7U,
+    0x984af104U, 0xdaf741ecU, 0x500e7fcdU, 0xf62f1791U,
+    0xd68d764dU, 0xb04d43efU, 0x4d54ccaaU, 0x04dfe496U,
+    0xb5e39ed1U, 0x881b4c6aU, 0x1fb8c12cU, 0x517f4665U,
+    0xea049d5eU, 0x355d018cU, 0x7473fa87U, 0x412efb0bU,
+    0x1d5ab367U, 0xd25292dbU, 0x5633e910U, 0x47136dd6U,
+    0x618c9ad7U, 0x0c7a37a1U, 0x148e59f8U, 0x3c89eb13U,
+    0x27eecea9U, 0xc935b761U, 0xe5ede11cU, 0xb13c7a47U,
+    0xdf599cd2U, 0x733f55f2U, 0xce791814U, 0x37bf73c7U,
+    0xcdea53f7U, 0xaa5b5ffdU, 0x6f14df3dU, 0xdb867844U,
+    0xf381caafU, 0xc43eb968U, 0x342c3824U, 0x405fc2a3U,
+    0xc372161dU, 0x250cbce2U, 0x498b283cU, 0x9541ff0dU,
+    0x017139a8U, 0xb3de080cU, 0xe49cd8b4U, 0xc1906456U,
+    0x84617bcbU, 0xb670d532U, 0x5c74486cU, 0x5742d0b8U,
+},
+{
+    0xf4a75051U, 0x4165537eU, 0x17a4c31aU, 0x275e963aU,
+    0xab6bcb3bU, 0x9d45f11fU, 0xfa58abacU, 0xe303934bU,
+    0x30fa5520U, 0x766df6adU, 0xcc769188U, 0x024c25f5U,
+    0xe5d7fc4fU, 0x2acbd7c5U, 0x35448026U, 0x62a38fb5U,
+    0xb15a49deU, 0xba1b6725U, 0xea0e9845U, 0xfec0e15dU,
+    0x2f7502c3U, 0x4cf01281U, 0x4697a38dU, 0xd3f9c66bU,
+    0x8f5fe703U, 0x929c9515U, 0x6d7aebbfU, 0x5259da95U,
+    0xbe832dd4U, 0x7421d358U, 0xe0692949U, 0xc9c8448eU,
+    0xc2896a75U, 0x8e7978f4U, 0x583e6b99U, 0xb971dd27U,
+    0xe14fb6beU, 0x88ad17f0U, 0x20ac66c9U, 0xce3ab47dU,
+    0xdf4a1863U, 0x1a3182e5U, 0x51336097U, 0x537f4562U,
+    0x6477e0b1U, 0x6bae84bbU, 0x81a01cfeU, 0x082b94f9U,
+    0x48685870U, 0x45fd198fU, 0xde6c8794U, 0x7bf8b752U,
+    0x73d323abU, 0x4b02e272U, 0x1f8f57e3U, 0x55ab2a66U,
+    0xeb2807b2U, 0xb5c2032fU, 0xc57b9a86U, 0x3708a5d3U,
+    0x2887f230U, 0xbfa5b223U, 0x036aba02U, 0x16825cedU,
+    0xcf1c2b8aU, 0x79b492a7U, 0x07f2f0f3U, 0x69e2a14eU,
+    0xdaf4cd65U, 0x05bed506U, 0x34621fd1U, 0xa6fe8ac4U,
+    0x2e539d34U, 0xf355a0a2U, 0x8ae13205U, 0xf6eb75a4U,
+    0x83ec390bU, 0x60efaa40U, 0x719f065eU, 0x6e1051bdU,
+    0x218af93eU, 0xdd063d96U, 0x3e05aeddU, 0xe6bd464dU,
+    0x548db591U, 0xc45d0571U, 0x06d46f04U, 0x5015ff60U,
+    0x98fb2419U, 0xbde997d6U, 0x4043cc89U, 0xd99e7767U,
+    0xe842bdb0U, 0x898b8807U, 0x195b38e7U, 0xc8eedb79U,
+    0x7c0a47a1U, 0x420fe97cU, 0x841ec9f8U, 0x00000000U,
+    0x80868309U, 0x2bed4832U, 0x1170ac1eU, 0x5a724e6cU,
+    0x0efffbfdU, 0x8538560fU, 0xaed51e3dU, 0x2d392736U,
+    0x0fd9640aU, 0x5ca62168U, 0x5b54d19bU, 0x362e3a24U,
+    0x0a67b10cU, 0x57e70f93U, 0xee96d2b4U, 0x9b919e1bU,
+    0xc0c54f80U, 0xdc20a261U, 0x774b695aU, 0x121a161cU,
+    0x93ba0ae2U, 0xa02ae5c0U, 0x22e0433cU, 0x1b171d12U,
+    0x090d0b0eU, 0x8bc7adf2U, 0xb6a8b92dU, 0x1ea9c814U,
+    0xf1198557U, 0x75074cafU, 0x99ddbbeeU, 0x7f60fda3U,
+    0x01269ff7U, 0x72f5bc5cU, 0x663bc544U, 0xfb7e345bU,
+    0x4329768bU, 0x23c6dccbU, 0xedfc68b6U, 0xe4f163b8U,
+    0x31dccad7U, 0x63851042U, 0x97224013U, 0xc6112084U,
+    0x4a247d85U, 0xbb3df8d2U, 0xf93211aeU, 0x29a16dc7U,
+    0x9e2f4b1dU, 0xb230f3dcU, 0x8652ec0dU, 0xc1e3d077U,
+    0xb3166c2bU, 0x70b999a9U, 0x9448fa11U, 0xe9642247U,
+    0xfc8cc4a8U, 0xf03f1aa0U, 0x7d2cd856U, 0x3390ef22U,
+    0x494ec787U, 0x38d1c1d9U, 0xcaa2fe8cU, 0xd40b3698U,
+    0xf581cfa6U, 0x7ade28a5U, 0xb78e26daU, 0xadbfa43fU,
+    0x3a9de42cU, 0x78920d50U, 0x5fcc9b6aU, 0x7e466254U,
+    0x8d13c2f6U, 0xd8b8e890U, 0x39f75e2eU, 0xc3aff582U,
+    0x5d80be9fU, 0xd0937c69U, 0xd52da96fU, 0x2512b3cfU,
+    0xac993bc8U, 0x187da710U, 0x9c636ee8U, 0x3bbb7bdbU,
+    0x267809cdU, 0x5918f46eU, 0x9ab701ecU, 0x4f9aa883U,
+    0x956e65e6U, 0xffe67eaaU, 0xbccf0821U, 0x15e8e6efU,
+    0xe79bd9baU, 0x6f36ce4aU, 0x9f09d4eaU, 0xb07cd629U,
+    0xa4b2af31U, 0x3f23312aU, 0xa59430c6U, 0xa266c035U,
+    0x4ebc3774U, 0x82caa6fcU, 0x90d0b0e0U, 0xa7d81533U,
+    0x04984af1U, 0xecdaf741U, 0xcd500e7fU, 0x91f62f17U,
+    0x4dd68d76U, 0xefb04d43U, 0xaa4d54ccU, 0x9604dfe4U,
+    0xd1b5e39eU, 0x6a881b4cU, 0x2c1fb8c1U, 0x65517f46U,
+    0x5eea049dU, 0x8c355d01U, 0x877473faU, 0x0b412efbU,
+    0x671d5ab3U, 0xdbd25292U, 0x105633e9U, 0xd647136dU,
+    0xd7618c9aU, 0xa10c7a37U, 0xf8148e59U, 0x133c89ebU,
+    0xa927eeceU, 0x61c935b7U, 0x1ce5ede1U, 0x47b13c7aU,
+    0xd2df599cU, 0xf2733f55U, 0x14ce7918U, 0xc737bf73U,
+    0xf7cdea53U, 0xfdaa5b5fU, 0x3d6f14dfU, 0x44db8678U,
+    0xaff381caU, 0x68c43eb9U, 0x24342c38U, 0xa3405fc2U,
+    0x1dc37216U, 0xe2250cbcU, 0x3c498b28U, 0x0d9541ffU,
+    0xa8017139U, 0x0cb3de08U, 0xb4e49cd8U, 0x56c19064U,
+    0xcb84617bU, 0x32b670d5U, 0x6c5c7448U, 0xb85742d0U,
+},
+{
+    0x52525252U, 0x09090909U, 0x6a6a6a6aU, 0xd5d5d5d5U,
+    0x30303030U, 0x36363636U, 0xa5a5a5a5U, 0x38383838U,
+    0xbfbfbfbfU, 0x40404040U, 0xa3a3a3a3U, 0x9e9e9e9eU,
+    0x81818181U, 0xf3f3f3f3U, 0xd7d7d7d7U, 0xfbfbfbfbU,
+    0x7c7c7c7cU, 0xe3e3e3e3U, 0x39393939U, 0x82828282U,
+    0x9b9b9b9bU, 0x2f2f2f2fU, 0xffffffffU, 0x87878787U,
+    0x34343434U, 0x8e8e8e8eU, 0x43434343U, 0x44444444U,
+    0xc4c4c4c4U, 0xdedededeU, 0xe9e9e9e9U, 0xcbcbcbcbU,
+    0x54545454U, 0x7b7b7b7bU, 0x94949494U, 0x32323232U,
+    0xa6a6a6a6U, 0xc2c2c2c2U, 0x23232323U, 0x3d3d3d3dU,
+    0xeeeeeeeeU, 0x4c4c4c4cU, 0x95959595U, 0x0b0b0b0bU,
+    0x42424242U, 0xfafafafaU, 0xc3c3c3c3U, 0x4e4e4e4eU,
+    0x08080808U, 0x2e2e2e2eU, 0xa1a1a1a1U, 0x66666666U,
+    0x28282828U, 0xd9d9d9d9U, 0x24242424U, 0xb2b2b2b2U,
+    0x76767676U, 0x5b5b5b5bU, 0xa2a2a2a2U, 0x49494949U,
+    0x6d6d6d6dU, 0x8b8b8b8bU, 0xd1d1d1d1U, 0x25252525U,
+    0x72727272U, 0xf8f8f8f8U, 0xf6f6f6f6U, 0x64646464U,
+    0x86868686U, 0x68686868U, 0x98989898U, 0x16161616U,
+    0xd4d4d4d4U, 0xa4a4a4a4U, 0x5c5c5c5cU, 0xccccccccU,
+    0x5d5d5d5dU, 0x65656565U, 0xb6b6b6b6U, 0x92929292U,
+    0x6c6c6c6cU, 0x70707070U, 0x48484848U, 0x50505050U,
+    0xfdfdfdfdU, 0xededededU, 0xb9b9b9b9U, 0xdadadadaU,
+    0x5e5e5e5eU, 0x15151515U, 0x46464646U, 0x57575757U,
+    0xa7a7a7a7U, 0x8d8d8d8dU, 0x9d9d9d9dU, 0x84848484U,
+    0x90909090U, 0xd8d8d8d8U, 0xababababU, 0x00000000U,
+    0x8c8c8c8cU, 0xbcbcbcbcU, 0xd3d3d3d3U, 0x0a0a0a0aU,
+    0xf7f7f7f7U, 0xe4e4e4e4U, 0x58585858U, 0x05050505U,
+    0xb8b8b8b8U, 0xb3b3b3b3U, 0x45454545U, 0x06060606U,
+    0xd0d0d0d0U, 0x2c2c2c2cU, 0x1e1e1e1eU, 0x8f8f8f8fU,
+    0xcacacacaU, 0x3f3f3f3fU, 0x0f0f0f0fU, 0x02020202U,
+    0xc1c1c1c1U, 0xafafafafU, 0xbdbdbdbdU, 0x03030303U,
+    0x01010101U, 0x13131313U, 0x8a8a8a8aU, 0x6b6b6b6bU,
+    0x3a3a3a3aU, 0x91919191U, 0x11111111U, 0x41414141U,
+    0x4f4f4f4fU, 0x67676767U, 0xdcdcdcdcU, 0xeaeaeaeaU,
+    0x97979797U, 0xf2f2f2f2U, 0xcfcfcfcfU, 0xcecececeU,
+    0xf0f0f0f0U, 0xb4b4b4b4U, 0xe6e6e6e6U, 0x73737373U,
+    0x96969696U, 0xacacacacU, 0x74747474U, 0x22222222U,
+    0xe7e7e7e7U, 0xadadadadU, 0x35353535U, 0x85858585U,
+    0xe2e2e2e2U, 0xf9f9f9f9U, 0x37373737U, 0xe8e8e8e8U,
+    0x1c1c1c1cU, 0x75757575U, 0xdfdfdfdfU, 0x6e6e6e6eU,
+    0x47474747U, 0xf1f1f1f1U, 0x1a1a1a1aU, 0x71717171U,
+    0x1d1d1d1dU, 0x29292929U, 0xc5c5c5c5U, 0x89898989U,
+    0x6f6f6f6fU, 0xb7b7b7b7U, 0x62626262U, 0x0e0e0e0eU,
+    0xaaaaaaaaU, 0x18181818U, 0xbebebebeU, 0x1b1b1b1bU,
+    0xfcfcfcfcU, 0x56565656U, 0x3e3e3e3eU, 0x4b4b4b4bU,
+    0xc6c6c6c6U, 0xd2d2d2d2U, 0x79797979U, 0x20202020U,
+    0x9a9a9a9aU, 0xdbdbdbdbU, 0xc0c0c0c0U, 0xfefefefeU,
+    0x78787878U, 0xcdcdcdcdU, 0x5a5a5a5aU, 0xf4f4f4f4U,
+    0x1f1f1f1fU, 0xddddddddU, 0xa8a8a8a8U, 0x33333333U,
+    0x88888888U, 0x07070707U, 0xc7c7c7c7U, 0x31313131U,
+    0xb1b1b1b1U, 0x12121212U, 0x10101010U, 0x59595959U,
+    0x27272727U, 0x80808080U, 0xececececU, 0x5f5f5f5fU,
+    0x60606060U, 0x51515151U, 0x7f7f7f7fU, 0xa9a9a9a9U,
+    0x19191919U, 0xb5b5b5b5U, 0x4a4a4a4aU, 0x0d0d0d0dU,
+    0x2d2d2d2dU, 0xe5e5e5e5U, 0x7a7a7a7aU, 0x9f9f9f9fU,
+    0x93939393U, 0xc9c9c9c9U, 0x9c9c9c9cU, 0xefefefefU,
+    0xa0a0a0a0U, 0xe0e0e0e0U, 0x3b3b3b3bU, 0x4d4d4d4dU,
+    0xaeaeaeaeU, 0x2a2a2a2aU, 0xf5f5f5f5U, 0xb0b0b0b0U,
+    0xc8c8c8c8U, 0xebebebebU, 0xbbbbbbbbU, 0x3c3c3c3cU,
+    0x83838383U, 0x53535353U, 0x99999999U, 0x61616161U,
+    0x17171717U, 0x2b2b2b2bU, 0x04040404U, 0x7e7e7e7eU,
+    0xbabababaU, 0x77777777U, 0xd6d6d6d6U, 0x26262626U,
+    0xe1e1e1e1U, 0x69696969U, 0x14141414U, 0x63636363U,
+    0x55555555U, 0x21212121U, 0x0c0c0c0cU, 0x7d7d7d7dU,
+}
+};
+
+#define GETBYTE(x, y) (word32)((byte)((x) >> (8 * (y))))
+
+#ifdef WOLFSSL_AESNI
+
+/* Each platform needs to query info type 1 from cpuid to see if aesni is
+ * supported. Also, let's setup a macro for proper linkage w/o ABI conflicts
+ */
+
+#ifndef _MSC_VER
+
+    #define cpuid(reg, func)\
+        __asm__ __volatile__ ("cpuid":\
+             "=a" (reg[0]), "=b" (reg[1]), "=c" (reg[2]), "=d" (reg[3]) :\
+             "a" (func));
+
+    #define XASM_LINK(f) asm(f)
+#else
+
+    #include 
+    #define cpuid(a,b) __cpuid((int*)a,b)
+
+    #define XASM_LINK(f)
+
+#endif /* _MSC_VER */
+
+
+static int Check_CPU_support_AES(void)
+{
+    unsigned int reg[4];  /* put a,b,c,d into 0,1,2,3 */
+    cpuid(reg, 1);        /* query info 1 */
+
+    if (reg[2] & 0x2000000)
+        return 1;
+
+    return 0;
+}
+
+static int checkAESNI = 0;
+static int haveAESNI  = 0;
+
+
+/* tell C compiler these are asm functions in case any mix up of ABI underscore
+   prefix between clang/gcc/llvm etc */
+void AES_CBC_encrypt(const unsigned char* in, unsigned char* out,
+                     unsigned char* ivec, unsigned long length,
+                     const unsigned char* KS, int nr)
+                     XASM_LINK("AES_CBC_encrypt");
+
+
+void AES_CBC_decrypt(const unsigned char* in, unsigned char* out,
+                     unsigned char* ivec, unsigned long length,
+                     const unsigned char* KS, int nr)
+                     XASM_LINK("AES_CBC_decrypt");
+
+void AES_ECB_encrypt(const unsigned char* in, unsigned char* out,
+                     unsigned long length, const unsigned char* KS, int nr)
+                     XASM_LINK("AES_ECB_encrypt");
+
+
+void AES_ECB_decrypt(const unsigned char* in, unsigned char* out,
+                     unsigned long length, const unsigned char* KS, int nr)
+                     XASM_LINK("AES_ECB_decrypt");
+
+void AES_128_Key_Expansion(const unsigned char* userkey,
+                           unsigned char* key_schedule)
+                           XASM_LINK("AES_128_Key_Expansion");
+
+void AES_192_Key_Expansion(const unsigned char* userkey,
+                           unsigned char* key_schedule)
+                           XASM_LINK("AES_192_Key_Expansion");
+
+void AES_256_Key_Expansion(const unsigned char* userkey,
+                           unsigned char* key_schedule)
+                           XASM_LINK("AES_256_Key_Expansion");
+
+
+static int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
+                               Aes* aes)
+{
+    if (!userKey || !aes)
+        return BAD_FUNC_ARG;
+
+    if (bits == 128) {
+       AES_128_Key_Expansion (userKey,(byte*)aes->key); aes->rounds = 10;
+       return 0;
+    }
+    else if (bits == 192) {
+       AES_192_Key_Expansion (userKey,(byte*)aes->key); aes->rounds = 12;
+       return 0;
+    }
+    else if (bits == 256) {
+       AES_256_Key_Expansion (userKey,(byte*)aes->key); aes->rounds = 14;
+       return 0;
+    }
+    return BAD_FUNC_ARG;
+}
+
+
+static int AES_set_decrypt_key(const unsigned char* userKey, const int bits,
+                               Aes* aes)
+{
+    int nr;
+    Aes temp_key;
+    __m128i *Key_Schedule = (__m128i*)aes->key;
+    __m128i *Temp_Key_Schedule = (__m128i*)temp_key.key;
+
+    if (!userKey || !aes)
+        return BAD_FUNC_ARG;
+
+    if (AES_set_encrypt_key(userKey,bits,&temp_key) == BAD_FUNC_ARG)
+        return BAD_FUNC_ARG;
+
+    nr = temp_key.rounds;
+    aes->rounds = nr;
+
+    Key_Schedule[nr] = Temp_Key_Schedule[0];
+    Key_Schedule[nr-1] = _mm_aesimc_si128(Temp_Key_Schedule[1]);
+    Key_Schedule[nr-2] = _mm_aesimc_si128(Temp_Key_Schedule[2]);
+    Key_Schedule[nr-3] = _mm_aesimc_si128(Temp_Key_Schedule[3]);
+    Key_Schedule[nr-4] = _mm_aesimc_si128(Temp_Key_Schedule[4]);
+    Key_Schedule[nr-5] = _mm_aesimc_si128(Temp_Key_Schedule[5]);
+    Key_Schedule[nr-6] = _mm_aesimc_si128(Temp_Key_Schedule[6]);
+    Key_Schedule[nr-7] = _mm_aesimc_si128(Temp_Key_Schedule[7]);
+    Key_Schedule[nr-8] = _mm_aesimc_si128(Temp_Key_Schedule[8]);
+    Key_Schedule[nr-9] = _mm_aesimc_si128(Temp_Key_Schedule[9]);
+
+    if(nr>10) {
+        Key_Schedule[nr-10] = _mm_aesimc_si128(Temp_Key_Schedule[10]);
+        Key_Schedule[nr-11] = _mm_aesimc_si128(Temp_Key_Schedule[11]);
+    }
+
+    if(nr>12) {
+        Key_Schedule[nr-12] = _mm_aesimc_si128(Temp_Key_Schedule[12]);
+        Key_Schedule[nr-13] = _mm_aesimc_si128(Temp_Key_Schedule[13]);
+    }
+
+    Key_Schedule[0] = Temp_Key_Schedule[nr];
+
+    return 0;
+}
+
+
+
+#endif /* WOLFSSL_AESNI */
+
+
+static void wc_AesEncrypt(Aes* aes, const byte* inBlock, byte* outBlock)
+{
+    word32 s0, s1, s2, s3;
+    word32 t0, t1, t2, t3;
+    word32 r = aes->rounds >> 1;
+
+    const word32* rk = aes->key;
+    if (r > 7 || r == 0) {
+        WOLFSSL_MSG("AesEncrypt encountered improper key, set it up");
+        return;  /* stop instead of segfaulting, set up your keys! */
+    }
+#ifdef WOLFSSL_AESNI
+    if (haveAESNI && aes->use_aesni) {
+        #ifdef DEBUG_AESNI
+            printf("about to aes encrypt\n");
+            printf("in  = %p\n", inBlock);
+            printf("out = %p\n", outBlock);
+            printf("aes->key = %p\n", aes->key);
+            printf("aes->rounds = %d\n", aes->rounds);
+            printf("sz = %d\n", AES_BLOCK_SIZE);
+        #endif
+
+        /* check alignment, decrypt doesn't need alignment */
+        if ((wolfssl_word)inBlock % 16) {
+        #ifndef NO_WOLFSSL_ALLOC_ALIGN
+            byte* tmp = (byte*)XMALLOC(AES_BLOCK_SIZE, NULL,
+                                                      DYNAMIC_TYPE_TMP_BUFFER);
+            if (tmp == NULL) return;
+
+            XMEMCPY(tmp, inBlock, AES_BLOCK_SIZE);
+            AES_ECB_encrypt(tmp, tmp, AES_BLOCK_SIZE, (byte*)aes->key,
+                            aes->rounds);
+            XMEMCPY(outBlock, tmp, AES_BLOCK_SIZE);
+            XFREE(tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+            return;
+        #else
+            WOLFSSL_MSG("AES-ECB encrypt with bad alignment");
+            return;
+        #endif
+        }
+
+        AES_ECB_encrypt(inBlock, outBlock, AES_BLOCK_SIZE, (byte*)aes->key,
+                        aes->rounds);
+
+        return;
+    }
+    else {
+        #ifdef DEBUG_AESNI
+            printf("Skipping AES-NI\n");
+        #endif
+    }
+#endif
+
+    /*
+     * map byte array block to cipher state
+     * and add initial round key:
+     */
+    XMEMCPY(&s0, inBlock,                  sizeof(s0));
+    XMEMCPY(&s1, inBlock + sizeof(s0),     sizeof(s1));
+    XMEMCPY(&s2, inBlock + 2 * sizeof(s0), sizeof(s2));
+    XMEMCPY(&s3, inBlock + 3 * sizeof(s0), sizeof(s3));
+
+    #ifdef LITTLE_ENDIAN_ORDER
+        s0 = ByteReverseWord32(s0);
+        s1 = ByteReverseWord32(s1);
+        s2 = ByteReverseWord32(s2);
+        s3 = ByteReverseWord32(s3);
+    #endif
+
+    s0 ^= rk[0];
+    s1 ^= rk[1];
+    s2 ^= rk[2];
+    s3 ^= rk[3];
+
+    /*
+     * Nr - 1 full rounds:
+     */
+
+    for (;;) {
+        t0 =
+            Te[0][GETBYTE(s0, 3)]  ^
+            Te[1][GETBYTE(s1, 2)]  ^
+            Te[2][GETBYTE(s2, 1)]  ^
+            Te[3][GETBYTE(s3, 0)]  ^
+            rk[4];
+        t1 =
+            Te[0][GETBYTE(s1, 3)]  ^
+            Te[1][GETBYTE(s2, 2)]  ^
+            Te[2][GETBYTE(s3, 1)]  ^
+            Te[3][GETBYTE(s0, 0)]  ^
+            rk[5];
+        t2 =
+            Te[0][GETBYTE(s2, 3)] ^
+            Te[1][GETBYTE(s3, 2)]  ^
+            Te[2][GETBYTE(s0, 1)]  ^
+            Te[3][GETBYTE(s1, 0)]  ^
+            rk[6];
+        t3 =
+            Te[0][GETBYTE(s3, 3)] ^
+            Te[1][GETBYTE(s0, 2)]  ^
+            Te[2][GETBYTE(s1, 1)]  ^
+            Te[3][GETBYTE(s2, 0)]  ^
+            rk[7];
+
+        rk += 8;
+        if (--r == 0) {
+            break;
+        }
+
+        s0 =
+            Te[0][GETBYTE(t0, 3)] ^
+            Te[1][GETBYTE(t1, 2)] ^
+            Te[2][GETBYTE(t2, 1)] ^
+            Te[3][GETBYTE(t3, 0)] ^
+            rk[0];
+        s1 =
+            Te[0][GETBYTE(t1, 3)] ^
+            Te[1][GETBYTE(t2, 2)] ^
+            Te[2][GETBYTE(t3, 1)] ^
+            Te[3][GETBYTE(t0, 0)] ^
+            rk[1];
+        s2 =
+            Te[0][GETBYTE(t2, 3)] ^
+            Te[1][GETBYTE(t3, 2)] ^
+            Te[2][GETBYTE(t0, 1)] ^
+            Te[3][GETBYTE(t1, 0)] ^
+            rk[2];
+        s3 =
+            Te[0][GETBYTE(t3, 3)] ^
+            Te[1][GETBYTE(t0, 2)] ^
+            Te[2][GETBYTE(t1, 1)] ^
+            Te[3][GETBYTE(t2, 0)] ^
+            rk[3];
+    }
+
+    /*
+     * apply last round and
+     * map cipher state to byte array block:
+     */
+
+    s0 =
+        (Te[4][GETBYTE(t0, 3)] & 0xff000000) ^
+        (Te[4][GETBYTE(t1, 2)] & 0x00ff0000) ^
+        (Te[4][GETBYTE(t2, 1)] & 0x0000ff00) ^
+        (Te[4][GETBYTE(t3, 0)] & 0x000000ff) ^
+        rk[0];
+    s1 =
+        (Te[4][GETBYTE(t1, 3)] & 0xff000000) ^
+        (Te[4][GETBYTE(t2, 2)] & 0x00ff0000) ^
+        (Te[4][GETBYTE(t3, 1)] & 0x0000ff00) ^
+        (Te[4][GETBYTE(t0, 0)] & 0x000000ff) ^
+        rk[1];
+    s2 =
+        (Te[4][GETBYTE(t2, 3)] & 0xff000000) ^
+        (Te[4][GETBYTE(t3, 2)] & 0x00ff0000) ^
+        (Te[4][GETBYTE(t0, 1)] & 0x0000ff00) ^
+        (Te[4][GETBYTE(t1, 0)] & 0x000000ff) ^
+        rk[2];
+    s3 =
+        (Te[4][GETBYTE(t3, 3)] & 0xff000000) ^
+        (Te[4][GETBYTE(t0, 2)] & 0x00ff0000) ^
+        (Te[4][GETBYTE(t1, 1)] & 0x0000ff00) ^
+        (Te[4][GETBYTE(t2, 0)] & 0x000000ff) ^
+        rk[3];
+
+    /* write out */
+    #ifdef LITTLE_ENDIAN_ORDER
+        s0 = ByteReverseWord32(s0);
+        s1 = ByteReverseWord32(s1);
+        s2 = ByteReverseWord32(s2);
+        s3 = ByteReverseWord32(s3);
+    #endif
+
+    XMEMCPY(outBlock,                  &s0, sizeof(s0));
+    XMEMCPY(outBlock + sizeof(s0),     &s1, sizeof(s1));
+    XMEMCPY(outBlock + 2 * sizeof(s0), &s2, sizeof(s2));
+    XMEMCPY(outBlock + 3 * sizeof(s0), &s3, sizeof(s3));
+}
+
+static void wc_AesDecrypt(Aes* aes, const byte* inBlock, byte* outBlock)
+{
+    word32 s0, s1, s2, s3;
+    word32 t0, t1, t2, t3;
+    word32 r = aes->rounds >> 1;
+
+    const word32* rk = aes->key;
+    if (r > 7 || r == 0) {
+        WOLFSSL_MSG("AesDecrypt encountered improper key, set it up");
+        return;  /* stop instead of segfaulting, set up your keys! */
+    }
+#ifdef WOLFSSL_AESNI
+    if (haveAESNI && aes->use_aesni) {
+        #ifdef DEBUG_AESNI
+            printf("about to aes decrypt\n");
+            printf("in  = %p\n", inBlock);
+            printf("out = %p\n", outBlock);
+            printf("aes->key = %p\n", aes->key);
+            printf("aes->rounds = %d\n", aes->rounds);
+            printf("sz = %d\n", AES_BLOCK_SIZE);
+        #endif
+
+        /* if input and output same will overwrite input iv */
+        XMEMCPY(aes->tmp, inBlock, AES_BLOCK_SIZE);
+        AES_ECB_decrypt(inBlock, outBlock, AES_BLOCK_SIZE, (byte*)aes->key,
+                        aes->rounds);
+        return;
+    }
+    else {
+        #ifdef DEBUG_AESNI
+            printf("Skipping AES-NI\n");
+        #endif
+    }
+#endif
+
+    /*
+     * map byte array block to cipher state
+     * and add initial round key:
+     */
+    XMEMCPY(&s0, inBlock,                  sizeof(s0));
+    XMEMCPY(&s1, inBlock + sizeof(s0),     sizeof(s1));
+    XMEMCPY(&s2, inBlock + 2 * sizeof(s0), sizeof(s2));
+    XMEMCPY(&s3, inBlock + 3 * sizeof(s0), sizeof(s3));
+
+    #ifdef LITTLE_ENDIAN_ORDER
+        s0 = ByteReverseWord32(s0);
+        s1 = ByteReverseWord32(s1);
+        s2 = ByteReverseWord32(s2);
+        s3 = ByteReverseWord32(s3);
+    #endif
+
+    s0 ^= rk[0];
+    s1 ^= rk[1];
+    s2 ^= rk[2];
+    s3 ^= rk[3];
+
+    /*
+     * Nr - 1 full rounds:
+     */
+
+    for (;;) {
+        t0 =
+            Td[0][GETBYTE(s0, 3)] ^
+            Td[1][GETBYTE(s3, 2)] ^
+            Td[2][GETBYTE(s2, 1)] ^
+            Td[3][GETBYTE(s1, 0)] ^
+            rk[4];
+        t1 =
+            Td[0][GETBYTE(s1, 3)] ^
+            Td[1][GETBYTE(s0, 2)] ^
+            Td[2][GETBYTE(s3, 1)] ^
+            Td[3][GETBYTE(s2, 0)] ^
+            rk[5];
+        t2 =
+            Td[0][GETBYTE(s2, 3)] ^
+            Td[1][GETBYTE(s1, 2)] ^
+            Td[2][GETBYTE(s0, 1)] ^
+            Td[3][GETBYTE(s3, 0)] ^
+            rk[6];
+        t3 =
+            Td[0][GETBYTE(s3, 3)] ^
+            Td[1][GETBYTE(s2, 2)] ^
+            Td[2][GETBYTE(s1, 1)] ^
+            Td[3][GETBYTE(s0, 0)] ^
+            rk[7];
+
+        rk += 8;
+        if (--r == 0) {
+            break;
+        }
+
+        s0 =
+            Td[0][GETBYTE(t0, 3)] ^
+            Td[1][GETBYTE(t3, 2)] ^
+            Td[2][GETBYTE(t2, 1)] ^
+            Td[3][GETBYTE(t1, 0)] ^
+            rk[0];
+        s1 =
+            Td[0][GETBYTE(t1, 3)] ^
+            Td[1][GETBYTE(t0, 2)] ^
+            Td[2][GETBYTE(t3, 1)] ^
+            Td[3][GETBYTE(t2, 0)] ^
+            rk[1];
+        s2 =
+            Td[0][GETBYTE(t2, 3)] ^
+            Td[1][GETBYTE(t1, 2)] ^
+            Td[2][GETBYTE(t0, 1)] ^
+            Td[3][GETBYTE(t3, 0)] ^
+            rk[2];
+        s3 =
+            Td[0][GETBYTE(t3, 3)] ^
+            Td[1][GETBYTE(t2, 2)] ^
+            Td[2][GETBYTE(t1, 1)] ^
+            Td[3][GETBYTE(t0, 0)] ^
+            rk[3];
+    }
+    /*
+     * apply last round and
+     * map cipher state to byte array block:
+     */
+    s0 =
+        (Td[4][GETBYTE(t0, 3)] & 0xff000000) ^
+        (Td[4][GETBYTE(t3, 2)] & 0x00ff0000) ^
+        (Td[4][GETBYTE(t2, 1)] & 0x0000ff00) ^
+        (Td[4][GETBYTE(t1, 0)] & 0x000000ff) ^
+        rk[0];
+    s1 =
+        (Td[4][GETBYTE(t1, 3)] & 0xff000000) ^
+        (Td[4][GETBYTE(t0, 2)] & 0x00ff0000) ^
+        (Td[4][GETBYTE(t3, 1)] & 0x0000ff00) ^
+        (Td[4][GETBYTE(t2, 0)] & 0x000000ff) ^
+        rk[1];
+    s2 =
+        (Td[4][GETBYTE(t2, 3)] & 0xff000000) ^
+        (Td[4][GETBYTE(t1, 2)] & 0x00ff0000) ^
+        (Td[4][GETBYTE(t0, 1)] & 0x0000ff00) ^
+        (Td[4][GETBYTE(t3, 0)] & 0x000000ff) ^
+        rk[2];
+    s3 =
+        (Td[4][GETBYTE(t3, 3)] & 0xff000000) ^
+        (Td[4][GETBYTE(t2, 2)] & 0x00ff0000) ^
+        (Td[4][GETBYTE(t1, 1)] & 0x0000ff00) ^
+        (Td[4][GETBYTE(t0, 0)] & 0x000000ff) ^
+        rk[3];
+
+    /* write out */
+    #ifdef LITTLE_ENDIAN_ORDER
+        s0 = ByteReverseWord32(s0);
+        s1 = ByteReverseWord32(s1);
+        s2 = ByteReverseWord32(s2);
+        s3 = ByteReverseWord32(s3);
+    #endif
+
+    XMEMCPY(outBlock,                  &s0, sizeof(s0));
+    XMEMCPY(outBlock + sizeof(s0),     &s1, sizeof(s1));
+    XMEMCPY(outBlock + 2 * sizeof(s0), &s2, sizeof(s2));
+    XMEMCPY(outBlock + 3 * sizeof(s0), &s3, sizeof(s3));
+}
+
+#endif /* NEED_AES_TABLES */
+
+
+/* wc_AesSetKey */
+#ifdef STM32F2_CRYPTO
+    int wc_AesSetKey(Aes* aes, const byte* userKey, word32 keylen, const byte* iv,
+                  int dir)
+    {
+        word32 *rk = aes->key;
+
+        if (!((keylen == 16) || (keylen == 24) || (keylen == 32)))
+            return BAD_FUNC_ARG;
+
+        aes->rounds = keylen/4 + 6;
+        XMEMCPY(rk, userKey, keylen);
+        ByteReverseWords(rk, rk, keylen);
+
+        return wc_AesSetIV(aes, iv);
+    }
+
+    int wc_AesSetKeyDirect(Aes* aes, const byte* userKey, word32 keylen,
+                        const byte* iv, int dir)
+    {
+        return wc_AesSetKey(aes, userKey, keylen, iv, dir);
+    }
+
+#elif defined(HAVE_COLDFIRE_SEC)
+    #if defined (HAVE_THREADX)
+        #include "memory_pools.h"
+        extern TX_BYTE_POOL mp_ncached;  /* Non Cached memory pool */
+    #endif
+
+    #define AES_BUFFER_SIZE (AES_BLOCK_SIZE * 64)
+    static unsigned char *AESBuffIn = NULL;
+    static unsigned char *AESBuffOut = NULL;
+    static byte *secReg;
+    static byte *secKey;
+    static volatile SECdescriptorType *secDesc;
+
+    static CyaSSL_Mutex Mutex_AesSEC;
+
+    #define SEC_DESC_AES_CBC_ENCRYPT 0x60300010
+    #define SEC_DESC_AES_CBC_DECRYPT 0x60200010
+
+    extern volatile unsigned char __MBAR[];
+
+    int wc_AesSetKey(Aes* aes, const byte* userKey, word32 keylen, const byte* iv,
+                  int dir)
+    {
+        if (AESBuffIn == NULL) {
+            #if defined (HAVE_THREADX)
+			    int s1, s2, s3, s4, s5 ;
+                s5 = tx_byte_allocate(&mp_ncached,(void *)&secDesc,
+                                      sizeof(SECdescriptorType), TX_NO_WAIT);
+                s1 = tx_byte_allocate(&mp_ncached, (void *)&AESBuffIn,
+                                      AES_BUFFER_SIZE, TX_NO_WAIT);
+                s2 = tx_byte_allocate(&mp_ncached, (void *)&AESBuffOut,
+                                      AES_BUFFER_SIZE, TX_NO_WAIT);
+                s3 = tx_byte_allocate(&mp_ncached, (void *)&secKey,
+                                      AES_BLOCK_SIZE*2, TX_NO_WAIT);
+                s4 = tx_byte_allocate(&mp_ncached, (void *)&secReg,
+                                      AES_BLOCK_SIZE, TX_NO_WAIT);
+
+                if(s1 || s2 || s3 || s4 || s5)
+                    return BAD_FUNC_ARG;
+            #else
+                #warning "Allocate non-Cache buffers"
+            #endif
+
+            InitMutex(&Mutex_AesSEC);
+        }
+
+        if (!((keylen == 16) || (keylen == 24) || (keylen == 32)))
+            return BAD_FUNC_ARG;
+
+        if (aes == NULL)
+            return BAD_FUNC_ARG;
+
+        aes->rounds = keylen/4 + 6;
+        XMEMCPY(aes->key, userKey, keylen);
+
+        if (iv)
+            XMEMCPY(aes->reg, iv, AES_BLOCK_SIZE);
+
+        return 0;
+    }
+#elif defined(FREESCALE_MMCAU)
+    int wc_AesSetKey(Aes* aes, const byte* userKey, word32 keylen, const byte* iv,
+                  int dir)
+    {
+        byte *rk = (byte*)aes->key;
+
+        if (!((keylen == 16) || (keylen == 24) || (keylen == 32)))
+            return BAD_FUNC_ARG;
+
+        if (rk == NULL)
+            return BAD_FUNC_ARG;
+
+        aes->rounds = keylen/4 + 6;
+        cau_aes_set_key(userKey, keylen*8, rk);
+
+        return wc_AesSetIV(aes, iv);
+    }
+
+    int wc_AesSetKeyDirect(Aes* aes, const byte* userKey, word32 keylen,
+                        const byte* iv, int dir)
+    {
+        return wc_AesSetKey(aes, userKey, keylen, iv, dir);
+    }
+#else
+    static int wc_AesSetKeyLocal(Aes* aes, const byte* userKey, word32 keylen,
+                const byte* iv, int dir)
+    {
+        word32 temp, *rk = aes->key;
+        unsigned int i = 0;
+
+        #ifdef WOLFSSL_AESNI
+            aes->use_aesni = 0;
+        #endif /* WOLFSSL_AESNI */
+        #ifdef WOLFSSL_AES_COUNTER
+            aes->left = 0;
+        #endif /* WOLFSSL_AES_COUNTER */
+
+        aes->rounds = keylen/4 + 6;
+
+        XMEMCPY(rk, userKey, keylen);
+        #ifdef LITTLE_ENDIAN_ORDER
+            ByteReverseWords(rk, rk, keylen);
+        #endif
+
+        #ifdef WOLFSSL_PIC32MZ_CRYPT
+        {
+            word32 *akey1 = aes->key_ce;
+            word32 *areg = aes->iv_ce ;
+            aes->keylen = keylen ;
+            XMEMCPY(akey1, userKey, keylen);
+            if (iv)
+                XMEMCPY(areg, iv, AES_BLOCK_SIZE);
+            else
+                XMEMSET(areg,  0, AES_BLOCK_SIZE);
+        }
+        #endif
+
+        switch(keylen)
+        {
+        case 16:
+            while (1)
+            {
+                temp  = rk[3];
+                rk[4] = rk[0] ^
+                    (Te[4][GETBYTE(temp, 2)] & 0xff000000) ^
+                    (Te[4][GETBYTE(temp, 1)] & 0x00ff0000) ^
+                    (Te[4][GETBYTE(temp, 0)] & 0x0000ff00) ^
+                    (Te[4][GETBYTE(temp, 3)] & 0x000000ff) ^
+                    rcon[i];
+                rk[5] = rk[1] ^ rk[4];
+                rk[6] = rk[2] ^ rk[5];
+                rk[7] = rk[3] ^ rk[6];
+                if (++i == 10)
+                    break;
+                rk += 4;
+            }
+            break;
+
+        case 24:
+            /* for (;;) here triggers a bug in VC60 SP4 w/ Pro Pack */
+            while (1)
+            {
+                temp = rk[ 5];
+                rk[ 6] = rk[ 0] ^
+                    (Te[4][GETBYTE(temp, 2)] & 0xff000000) ^
+                    (Te[4][GETBYTE(temp, 1)] & 0x00ff0000) ^
+                    (Te[4][GETBYTE(temp, 0)] & 0x0000ff00) ^
+                    (Te[4][GETBYTE(temp, 3)] & 0x000000ff) ^
+                    rcon[i];
+                rk[ 7] = rk[ 1] ^ rk[ 6];
+                rk[ 8] = rk[ 2] ^ rk[ 7];
+                rk[ 9] = rk[ 3] ^ rk[ 8];
+                if (++i == 8)
+                    break;
+                rk[10] = rk[ 4] ^ rk[ 9];
+                rk[11] = rk[ 5] ^ rk[10];
+                rk += 6;
+            }
+            break;
+
+        case 32:
+            while (1)
+            {
+                temp = rk[ 7];
+                rk[ 8] = rk[ 0] ^
+                    (Te[4][GETBYTE(temp, 2)] & 0xff000000) ^
+                    (Te[4][GETBYTE(temp, 1)] & 0x00ff0000) ^
+                    (Te[4][GETBYTE(temp, 0)] & 0x0000ff00) ^
+                    (Te[4][GETBYTE(temp, 3)] & 0x000000ff) ^
+                    rcon[i];
+                rk[ 9] = rk[ 1] ^ rk[ 8];
+                rk[10] = rk[ 2] ^ rk[ 9];
+                rk[11] = rk[ 3] ^ rk[10];
+                if (++i == 7)
+                    break;
+                temp = rk[11];
+                rk[12] = rk[ 4] ^
+                    (Te[4][GETBYTE(temp, 3)] & 0xff000000) ^
+                    (Te[4][GETBYTE(temp, 2)] & 0x00ff0000) ^
+                    (Te[4][GETBYTE(temp, 1)] & 0x0000ff00) ^
+                    (Te[4][GETBYTE(temp, 0)] & 0x000000ff);
+                rk[13] = rk[ 5] ^ rk[12];
+                rk[14] = rk[ 6] ^ rk[13];
+                rk[15] = rk[ 7] ^ rk[14];
+
+                rk += 8;
+            }
+            break;
+
+        default:
+            return BAD_FUNC_ARG;
+        }
+
+        if (dir == AES_DECRYPTION)
+        {
+            unsigned int j;
+            rk = aes->key;
+
+            /* invert the order of the round keys: */
+            for (i = 0, j = 4* aes->rounds; i < j; i += 4, j -= 4) {
+                temp = rk[i    ]; rk[i    ] = rk[j    ]; rk[j    ] = temp;
+                temp = rk[i + 1]; rk[i + 1] = rk[j + 1]; rk[j + 1] = temp;
+                temp = rk[i + 2]; rk[i + 2] = rk[j + 2]; rk[j + 2] = temp;
+                temp = rk[i + 3]; rk[i + 3] = rk[j + 3]; rk[j + 3] = temp;
+            }
+            /* apply the inverse MixColumn transform to all round keys but the
+               first and the last: */
+            for (i = 1; i < aes->rounds; i++) {
+                rk += 4;
+                rk[0] =
+                    Td[0][Te[4][GETBYTE(rk[0], 3)] & 0xff] ^
+                    Td[1][Te[4][GETBYTE(rk[0], 2)] & 0xff] ^
+                    Td[2][Te[4][GETBYTE(rk[0], 1)] & 0xff] ^
+                    Td[3][Te[4][GETBYTE(rk[0], 0)] & 0xff];
+                rk[1] =
+                    Td[0][Te[4][GETBYTE(rk[1], 3)] & 0xff] ^
+                    Td[1][Te[4][GETBYTE(rk[1], 2)] & 0xff] ^
+                    Td[2][Te[4][GETBYTE(rk[1], 1)] & 0xff] ^
+                    Td[3][Te[4][GETBYTE(rk[1], 0)] & 0xff];
+                rk[2] =
+                    Td[0][Te[4][GETBYTE(rk[2], 3)] & 0xff] ^
+                    Td[1][Te[4][GETBYTE(rk[2], 2)] & 0xff] ^
+                    Td[2][Te[4][GETBYTE(rk[2], 1)] & 0xff] ^
+                    Td[3][Te[4][GETBYTE(rk[2], 0)] & 0xff];
+                rk[3] =
+                    Td[0][Te[4][GETBYTE(rk[3], 3)] & 0xff] ^
+                    Td[1][Te[4][GETBYTE(rk[3], 2)] & 0xff] ^
+                    Td[2][Te[4][GETBYTE(rk[3], 1)] & 0xff] ^
+                    Td[3][Te[4][GETBYTE(rk[3], 0)] & 0xff];
+            }
+        }
+
+        return wc_AesSetIV(aes, iv);
+    }
+
+    int wc_AesSetKey(Aes* aes, const byte* userKey, word32 keylen, const byte* iv,
+                  int dir)
+    {
+
+        if (!((keylen == 16) || (keylen == 24) || (keylen == 32)))
+            return BAD_FUNC_ARG;
+
+        #ifdef HAVE_CAVIUM
+        if (aes->magic == WOLFSSL_AES_CAVIUM_MAGIC)
+            return wc_AesCaviumSetKey(aes, userKey, keylen, iv);
+        #endif
+
+        #ifdef WOLFSSL_AESNI
+        if (checkAESNI == 0) {
+            haveAESNI  = Check_CPU_support_AES();
+            checkAESNI = 1;
+        }
+        if (haveAESNI) {
+            aes->use_aesni = 1;
+            if (iv)
+                XMEMCPY(aes->reg, iv, AES_BLOCK_SIZE);
+            if (dir == AES_ENCRYPTION)
+                return AES_set_encrypt_key(userKey, keylen * 8, aes);
+            else
+                return AES_set_decrypt_key(userKey, keylen * 8, aes);
+        }
+        #endif /* WOLFSSL_AESNI */
+
+        return wc_AesSetKeyLocal(aes, userKey, keylen, iv, dir);
+    }
+
+    #if defined(WOLFSSL_AES_DIRECT) || defined(WOLFSSL_AES_COUNTER)
+
+    /* AES-CTR and AES-DIRECT need to use this for key setup, no aesni yet */
+    int wc_AesSetKeyDirect(Aes* aes, const byte* userKey, word32 keylen,
+                        const byte* iv, int dir)
+    {
+        return wc_AesSetKeyLocal(aes, userKey, keylen, iv, dir);
+    }
+
+    #endif /* WOLFSSL_AES_DIRECT || WOLFSSL_AES_COUNTER */
+#endif /* STM32F2_CRYPTO, wc_AesSetKey block */
+
+
+/* wc_AesSetIV is shared between software and hardware */
+int wc_AesSetIV(Aes* aes, const byte* iv)
+{
+    if (aes == NULL)
+        return BAD_FUNC_ARG;
+
+    if (iv)
+        XMEMCPY(aes->reg, iv, AES_BLOCK_SIZE);
+    else
+        XMEMSET(aes->reg,  0, AES_BLOCK_SIZE);
+
+    return 0;
+}
+
+
+int wc_AesCbcDecryptWithKey(byte* out, const byte* in, word32 inSz,
+                                  const byte* key, word32 keySz, const byte* iv)
+{
+    int  ret = 0;
+#ifdef WOLFSSL_SMALL_STACK
+    Aes* aes = NULL;
+#else
+    Aes  aes[1];
+#endif
+
+#ifdef WOLFSSL_SMALL_STACK
+    aes = (Aes*)XMALLOC(sizeof(Aes), NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    if (aes == NULL)
+        return MEMORY_E;
+#endif
+
+    ret = wc_AesSetKey(aes, key, keySz, iv, AES_DECRYPTION);
+    if (ret == 0)
+        ret = wc_AesCbcDecrypt(aes, out, in, inSz); 
+
+#ifdef WOLFSSL_SMALL_STACK
+    XFREE(aes, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+
+    return ret;
+}
+
+
+/* AES-DIRECT */
+#if defined(WOLFSSL_AES_DIRECT)
+    #if defined(FREESCALE_MMCAU)
+
+        /* Allow direct access to one block encrypt */
+        void wc_AesEncryptDirect(Aes* aes, byte* out, const byte* in)
+        {
+            byte* key;
+            key = (byte*)aes->key;
+
+            return cau_aes_encrypt(in, key, aes->rounds, out);
+        }
+
+        /* Allow direct access to one block decrypt */
+        void wc_AesDecryptDirect(Aes* aes, byte* out, const byte* in)
+        {
+            byte* key;
+            key = (byte*)aes->key;
+
+            return cau_aes_decrypt(in, key, aes->rounds, out);
+        }
+
+    #elif defined(STM32F2_CRYPTO)
+        #error "STM32F2 crypto doesn't yet support AES direct"
+
+    #elif defined(HAVE_COLDFIRE_SEC)
+        #error "Coldfire SEC doesn't yet support AES direct"
+
+    #elif defined(WOLFSSL_PIC32MZ_CRYPT)
+        #error "PIC32MZ doesn't yet support AES direct"
+
+    #else
+        /* Allow direct access to one block encrypt */
+        void wc_AesEncryptDirect(Aes* aes, byte* out, const byte* in)
+        {
+            return wc_AesEncrypt(aes, in, out);
+        }
+
+        /* Allow direct access to one block decrypt */
+        void wc_AesDecryptDirect(Aes* aes, byte* out, const byte* in)
+        {
+            return wc_AesDecrypt(aes, in, out);
+        }
+
+    #endif /* FREESCALE_MMCAU, AES direct block */
+#endif /* WOLFSSL_AES_DIRECT */
+
+
+/* AES-CBC */
+#ifdef STM32F2_CRYPTO
+    int wc_AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
+    {
+        word32 *enc_key, *iv;
+        CRYP_InitTypeDef AES_CRYP_InitStructure;
+        CRYP_KeyInitTypeDef AES_CRYP_KeyInitStructure;
+        CRYP_IVInitTypeDef AES_CRYP_IVInitStructure;
+
+        enc_key = aes->key;
+        iv = aes->reg;
+
+        /* crypto structure initialization */
+        CRYP_KeyStructInit(&AES_CRYP_KeyInitStructure);
+        CRYP_StructInit(&AES_CRYP_InitStructure);
+        CRYP_IVStructInit(&AES_CRYP_IVInitStructure);
+
+        /* reset registers to their default values */
+        CRYP_DeInit();
+
+        /* load key into correct registers */
+        switch(aes->rounds)
+        {
+            case 10: /* 128-bit key */
+                AES_CRYP_InitStructure.CRYP_KeySize = CRYP_KeySize_128b;
+                AES_CRYP_KeyInitStructure.CRYP_Key2Left  = enc_key[0];
+                AES_CRYP_KeyInitStructure.CRYP_Key2Right = enc_key[1];
+                AES_CRYP_KeyInitStructure.CRYP_Key3Left  = enc_key[2];
+                AES_CRYP_KeyInitStructure.CRYP_Key3Right = enc_key[3];
+                break;
+
+            case 12: /* 192-bit key */
+                AES_CRYP_InitStructure.CRYP_KeySize = CRYP_KeySize_192b;
+                AES_CRYP_KeyInitStructure.CRYP_Key1Left  = enc_key[0];
+                AES_CRYP_KeyInitStructure.CRYP_Key1Right = enc_key[1];
+                AES_CRYP_KeyInitStructure.CRYP_Key2Left  = enc_key[2];
+                AES_CRYP_KeyInitStructure.CRYP_Key2Right = enc_key[3];
+                AES_CRYP_KeyInitStructure.CRYP_Key3Left  = enc_key[4];
+                AES_CRYP_KeyInitStructure.CRYP_Key3Right = enc_key[5];
+                break;
+
+            case 14: /* 256-bit key */
+                AES_CRYP_InitStructure.CRYP_KeySize = CRYP_KeySize_256b;
+                AES_CRYP_KeyInitStructure.CRYP_Key0Left  = enc_key[0];
+                AES_CRYP_KeyInitStructure.CRYP_Key0Right = enc_key[1];
+                AES_CRYP_KeyInitStructure.CRYP_Key1Left  = enc_key[2];
+                AES_CRYP_KeyInitStructure.CRYP_Key1Right = enc_key[3];
+                AES_CRYP_KeyInitStructure.CRYP_Key2Left  = enc_key[4];
+                AES_CRYP_KeyInitStructure.CRYP_Key2Right = enc_key[5];
+                AES_CRYP_KeyInitStructure.CRYP_Key3Left  = enc_key[6];
+                AES_CRYP_KeyInitStructure.CRYP_Key3Right = enc_key[7];
+                break;
+
+            default:
+                break;
+        }
+        CRYP_KeyInit(&AES_CRYP_KeyInitStructure);
+
+        /* set iv */
+        ByteReverseWords(iv, iv, AES_BLOCK_SIZE);
+        AES_CRYP_IVInitStructure.CRYP_IV0Left  = iv[0];
+        AES_CRYP_IVInitStructure.CRYP_IV0Right = iv[1];
+        AES_CRYP_IVInitStructure.CRYP_IV1Left  = iv[2];
+        AES_CRYP_IVInitStructure.CRYP_IV1Right = iv[3];
+        CRYP_IVInit(&AES_CRYP_IVInitStructure);
+
+        /* set direction, mode, and datatype */
+        AES_CRYP_InitStructure.CRYP_AlgoDir  = CRYP_AlgoDir_Encrypt;
+        AES_CRYP_InitStructure.CRYP_AlgoMode = CRYP_AlgoMode_AES_CBC;
+        AES_CRYP_InitStructure.CRYP_DataType = CRYP_DataType_8b;
+        CRYP_Init(&AES_CRYP_InitStructure);
+
+        /* enable crypto processor */
+        CRYP_Cmd(ENABLE);
+
+        while (sz > 0)
+        {
+            /* flush IN/OUT FIFOs */
+            CRYP_FIFOFlush();
+
+            CRYP_DataIn(*(uint32_t*)&in[0]);
+            CRYP_DataIn(*(uint32_t*)&in[4]);
+            CRYP_DataIn(*(uint32_t*)&in[8]);
+            CRYP_DataIn(*(uint32_t*)&in[12]);
+
+            /* wait until the complete message has been processed */
+            while(CRYP_GetFlagStatus(CRYP_FLAG_BUSY) != RESET) {}
+
+            *(uint32_t*)&out[0]  = CRYP_DataOut();
+            *(uint32_t*)&out[4]  = CRYP_DataOut();
+            *(uint32_t*)&out[8]  = CRYP_DataOut();
+            *(uint32_t*)&out[12] = CRYP_DataOut();
+
+            /* store iv for next call */
+            XMEMCPY(aes->reg, out + sz - AES_BLOCK_SIZE, AES_BLOCK_SIZE);
+
+            sz  -= 16;
+            in  += 16;
+            out += 16;
+        }
+
+        /* disable crypto processor */
+        CRYP_Cmd(DISABLE);
+
+        return 0;
+    }
+
+    int wc_AesCbcDecrypt(Aes* aes, byte* out, const byte* in, word32 sz)
+    {
+        word32 *dec_key, *iv;
+        CRYP_InitTypeDef AES_CRYP_InitStructure;
+        CRYP_KeyInitTypeDef AES_CRYP_KeyInitStructure;
+        CRYP_IVInitTypeDef AES_CRYP_IVInitStructure;
+
+        dec_key = aes->key;
+        iv = aes->reg;
+
+        /* crypto structure initialization */
+        CRYP_KeyStructInit(&AES_CRYP_KeyInitStructure);
+        CRYP_StructInit(&AES_CRYP_InitStructure);
+        CRYP_IVStructInit(&AES_CRYP_IVInitStructure);
+
+        /* if input and output same will overwrite input iv */
+        XMEMCPY(aes->tmp, in + sz - AES_BLOCK_SIZE, AES_BLOCK_SIZE);
+
+        /* reset registers to their default values */
+        CRYP_DeInit();
+
+        /* load key into correct registers */
+        switch(aes->rounds)
+        {
+            case 10: /* 128-bit key */
+                AES_CRYP_InitStructure.CRYP_KeySize = CRYP_KeySize_128b;
+                AES_CRYP_KeyInitStructure.CRYP_Key2Left  = dec_key[0];
+                AES_CRYP_KeyInitStructure.CRYP_Key2Right = dec_key[1];
+                AES_CRYP_KeyInitStructure.CRYP_Key3Left  = dec_key[2];
+                AES_CRYP_KeyInitStructure.CRYP_Key3Right = dec_key[3];
+                break;
+
+            case 12: /* 192-bit key */
+                AES_CRYP_InitStructure.CRYP_KeySize = CRYP_KeySize_192b;
+                AES_CRYP_KeyInitStructure.CRYP_Key1Left  = dec_key[0];
+                AES_CRYP_KeyInitStructure.CRYP_Key1Right = dec_key[1];
+                AES_CRYP_KeyInitStructure.CRYP_Key2Left  = dec_key[2];
+                AES_CRYP_KeyInitStructure.CRYP_Key2Right = dec_key[3];
+                AES_CRYP_KeyInitStructure.CRYP_Key3Left  = dec_key[4];
+                AES_CRYP_KeyInitStructure.CRYP_Key3Right = dec_key[5];
+                break;
+
+            case 14: /* 256-bit key */
+                AES_CRYP_InitStructure.CRYP_KeySize = CRYP_KeySize_256b;
+                AES_CRYP_KeyInitStructure.CRYP_Key0Left  = dec_key[0];
+                AES_CRYP_KeyInitStructure.CRYP_Key0Right = dec_key[1];
+                AES_CRYP_KeyInitStructure.CRYP_Key1Left  = dec_key[2];
+                AES_CRYP_KeyInitStructure.CRYP_Key1Right = dec_key[3];
+                AES_CRYP_KeyInitStructure.CRYP_Key2Left  = dec_key[4];
+                AES_CRYP_KeyInitStructure.CRYP_Key2Right = dec_key[5];
+                AES_CRYP_KeyInitStructure.CRYP_Key3Left  = dec_key[6];
+                AES_CRYP_KeyInitStructure.CRYP_Key3Right = dec_key[7];
+                break;
+
+            default:
+                break;
+        }
+
+        /* set direction, mode, and datatype for key preparation */
+        AES_CRYP_InitStructure.CRYP_AlgoDir  = CRYP_AlgoDir_Decrypt;
+        AES_CRYP_InitStructure.CRYP_AlgoMode = CRYP_AlgoMode_AES_Key;
+        AES_CRYP_InitStructure.CRYP_DataType = CRYP_DataType_32b;
+        CRYP_Init(&AES_CRYP_InitStructure);
+        CRYP_KeyInit(&AES_CRYP_KeyInitStructure);
+
+        /* enable crypto processor */
+        CRYP_Cmd(ENABLE);
+
+        /* wait until key has been prepared */
+        while(CRYP_GetFlagStatus(CRYP_FLAG_BUSY) != RESET) {}
+
+        /* set direction, mode, and datatype for decryption */
+        AES_CRYP_InitStructure.CRYP_AlgoDir  = CRYP_AlgoDir_Decrypt;
+        AES_CRYP_InitStructure.CRYP_AlgoMode = CRYP_AlgoMode_AES_CBC;
+        AES_CRYP_InitStructure.CRYP_DataType = CRYP_DataType_8b;
+        CRYP_Init(&AES_CRYP_InitStructure);
+
+        /* set iv */
+        ByteReverseWords(iv, iv, AES_BLOCK_SIZE);
+
+        AES_CRYP_IVInitStructure.CRYP_IV0Left  = iv[0];
+        AES_CRYP_IVInitStructure.CRYP_IV0Right = iv[1];
+        AES_CRYP_IVInitStructure.CRYP_IV1Left  = iv[2];
+        AES_CRYP_IVInitStructure.CRYP_IV1Right = iv[3];
+        CRYP_IVInit(&AES_CRYP_IVInitStructure);
+
+        /* enable crypto processor */
+        CRYP_Cmd(ENABLE);
+
+        while (sz > 0)
+        {
+            /* flush IN/OUT FIFOs */
+            CRYP_FIFOFlush();
+
+            CRYP_DataIn(*(uint32_t*)&in[0]);
+            CRYP_DataIn(*(uint32_t*)&in[4]);
+            CRYP_DataIn(*(uint32_t*)&in[8]);
+            CRYP_DataIn(*(uint32_t*)&in[12]);
+
+            /* wait until the complete message has been processed */
+            while(CRYP_GetFlagStatus(CRYP_FLAG_BUSY) != RESET) {}
+
+            *(uint32_t*)&out[0]  = CRYP_DataOut();
+            *(uint32_t*)&out[4]  = CRYP_DataOut();
+            *(uint32_t*)&out[8]  = CRYP_DataOut();
+            *(uint32_t*)&out[12] = CRYP_DataOut();
+
+            /* store iv for next call */
+            XMEMCPY(aes->reg, aes->tmp, AES_BLOCK_SIZE);
+
+            sz -= 16;
+            in += 16;
+            out += 16;
+        }
+
+        /* disable crypto processor */
+        CRYP_Cmd(DISABLE);
+
+        return 0;
+    }
+
+#elif defined(HAVE_COLDFIRE_SEC)
+    static int wc_AesCbcCrypt(Aes* aes, byte* po, const byte* pi, word32 sz,
+                           word32 descHeader)
+    {
+        #ifdef DEBUG_WOLFSSL
+            int i; int stat1, stat2; int ret;
+	    #endif
+
+        int size;
+        volatile int v;
+
+        if ((pi == NULL) || (po == NULL))
+            return BAD_FUNC_ARG;    /*wrong pointer*/
+
+        LockMutex(&Mutex_AesSEC);
+
+        /* Set descriptor for SEC */
+        secDesc->length1 = 0x0;
+        secDesc->pointer1 = NULL;
+
+        secDesc->length2 = AES_BLOCK_SIZE;
+        secDesc->pointer2 = (byte *)secReg; /* Initial Vector */
+
+        switch(aes->rounds) {
+            case 10: secDesc->length3 = 16 ; break ;
+            case 12: secDesc->length3 = 24 ; break ;
+            case 14: secDesc->length3 = 32 ; break ;
+        }
+        XMEMCPY(secKey, aes->key, secDesc->length3);
+
+        secDesc->pointer3 = (byte *)secKey;
+        secDesc->pointer4 = AESBuffIn;
+        secDesc->pointer5 = AESBuffOut;
+        secDesc->length6 = 0x0;
+        secDesc->pointer6 = NULL;
+        secDesc->length7 = 0x0;
+        secDesc->pointer7 = NULL;
+        secDesc->nextDescriptorPtr = NULL;
+
+        while (sz) {
+            secDesc->header = descHeader;
+            XMEMCPY(secReg, aes->reg, AES_BLOCK_SIZE);
+            if ((sz % AES_BUFFER_SIZE) == sz) {
+                size = sz;
+                sz = 0;
+            } else {
+                size = AES_BUFFER_SIZE;
+                sz -= AES_BUFFER_SIZE;
+            }
+            secDesc->length4 = size;
+            secDesc->length5 = size;
+
+            XMEMCPY(AESBuffIn, pi, size);
+            if(descHeader == SEC_DESC_AES_CBC_DECRYPT) {
+                XMEMCPY((void*)aes->tmp, (void*)&(pi[size-AES_BLOCK_SIZE]),
+                        AES_BLOCK_SIZE);
+            }
+
+            /* Point SEC to the location of the descriptor */
+            MCF_SEC_FR0 = (uint32)secDesc;
+            /* Initialize SEC and wait for encryption to complete */
+            MCF_SEC_CCCR0 = 0x0000001a;
+            /* poll SISR to determine when channel is complete */
+            v=0;
+
+            while ((secDesc->header>> 24) != 0xff) v++;
+
+            #ifdef DEBUG_WOLFSSL
+                ret = MCF_SEC_SISRH;
+                stat1 = MCF_SEC_AESSR;
+                stat2 = MCF_SEC_AESISR;
+                if (ret & 0xe0000000) {
+                    db_printf("Aes_Cbc(i=%d):ISRH=%08x, AESSR=%08x, "
+                              "AESISR=%08x\n", i, ret, stat1, stat2);
+                }
+            #endif
+
+            XMEMCPY(po, AESBuffOut, size);
+
+            if (descHeader == SEC_DESC_AES_CBC_ENCRYPT) {
+                XMEMCPY((void*)aes->reg, (void*)&(po[size-AES_BLOCK_SIZE]),
+                        AES_BLOCK_SIZE);
+            } else {
+                XMEMCPY((void*)aes->reg, (void*)aes->tmp, AES_BLOCK_SIZE);
+            }
+
+            pi += size;
+            po += size;
+        }
+
+        UnLockMutex(&Mutex_AesSEC);
+        return 0;
+    }
+
+    int wc_AesCbcEncrypt(Aes* aes, byte* po, const byte* pi, word32 sz)
+    {
+        return (wc_AesCbcCrypt(aes, po, pi, sz, SEC_DESC_AES_CBC_ENCRYPT));
+    }
+
+    int wc_AesCbcDecrypt(Aes* aes, byte* po, const byte* pi, word32 sz)
+    {
+        return (wc_AesCbcCrypt(aes, po, pi, sz, SEC_DESC_AES_CBC_DECRYPT));
+    }
+
+#elif defined(FREESCALE_MMCAU)
+    int wc_AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
+    {
+        int i;
+        int offset = 0;
+        int len = sz;
+
+        byte *iv, *enc_key;
+        byte temp_block[AES_BLOCK_SIZE];
+
+        iv      = (byte*)aes->reg;
+        enc_key = (byte*)aes->key;
+
+        if ((wolfssl_word)out % WOLFSSL_MMCAU_ALIGNMENT) {
+            WOLFSSL_MSG("Bad cau_aes_encrypt alignment");
+            return BAD_ALIGN_E;
+        }
+
+        while (len > 0)
+        {
+            XMEMCPY(temp_block, in + offset, AES_BLOCK_SIZE);
+
+            /* XOR block with IV for CBC */
+            for (i = 0; i < AES_BLOCK_SIZE; i++)
+                temp_block[i] ^= iv[i];
+
+            cau_aes_encrypt(temp_block, enc_key, aes->rounds, out + offset);
+
+            len    -= AES_BLOCK_SIZE;
+            offset += AES_BLOCK_SIZE;
+
+            /* store IV for next block */
+            XMEMCPY(iv, out + offset - AES_BLOCK_SIZE, AES_BLOCK_SIZE);
+        }
+
+        return 0;
+    }
+
+    int wc_AesCbcDecrypt(Aes* aes, byte* out, const byte* in, word32 sz)
+    {
+        int i;
+        int offset = 0;
+        int len = sz;
+
+        byte* iv, *dec_key;
+        byte temp_block[AES_BLOCK_SIZE];
+
+        iv      = (byte*)aes->reg;
+        dec_key = (byte*)aes->key;
+
+        if ((wolfssl_word)out % WOLFSSL_MMCAU_ALIGNMENT) {
+            WOLFSSL_MSG("Bad cau_aes_decrypt alignment");
+            return BAD_ALIGN_E;
+        }
+
+        while (len > 0)
+        {
+            XMEMCPY(temp_block, in + offset, AES_BLOCK_SIZE);
+
+            cau_aes_decrypt(in + offset, dec_key, aes->rounds, out + offset);
+
+            /* XOR block with IV for CBC */
+            for (i = 0; i < AES_BLOCK_SIZE; i++)
+                (out + offset)[i] ^= iv[i];
+
+            /* store IV for next block */
+            XMEMCPY(iv, temp_block, AES_BLOCK_SIZE);
+
+            len    -= AES_BLOCK_SIZE;
+            offset += AES_BLOCK_SIZE;
+        }
+
+        return 0;
+    }
+
+#elif defined(WOLFSSL_PIC32MZ_CRYPT)
+    /* core hardware crypt engine driver */
+    static void wc_AesCrypt(Aes *aes, byte* out, const byte* in, word32 sz,
+                                            int dir, int algo, int cryptoalgo)
+    {
+        securityAssociation *sa_p ;
+        bufferDescriptor *bd_p ;
+
+        volatile securityAssociation sa __attribute__((aligned (8)));
+        volatile bufferDescriptor bd __attribute__((aligned (8)));
+        volatile int k ;
+
+        /* get uncached address */
+        sa_p = KVA0_TO_KVA1(&sa) ;
+        bd_p = KVA0_TO_KVA1(&bd) ;
+
+        /* Sync cache and physical memory */
+        if(PIC32MZ_IF_RAM(in)) {
+            XMEMCPY((void *)KVA0_TO_KVA1(in), (void *)in, sz);
+        }
+        XMEMSET((void *)KVA0_TO_KVA1(out), 0, sz);
+        /* Set up the Security Association */
+        XMEMSET((byte *)KVA0_TO_KVA1(&sa), 0, sizeof(sa));
+        sa_p->SA_CTRL.ALGO = algo ; /* AES */
+        sa_p->SA_CTRL.LNC = 1;
+        sa_p->SA_CTRL.LOADIV = 1;
+        sa_p->SA_CTRL.FB = 1;
+        sa_p->SA_CTRL.ENCTYPE = dir ; /* Encryption/Decryption */
+        sa_p->SA_CTRL.CRYPTOALGO = cryptoalgo;
+
+        if(cryptoalgo == PIC32_CRYPTOALGO_AES_GCM){
+            switch(aes->keylen) {
+            case 32:
+                sa_p->SA_CTRL.KEYSIZE = PIC32_AES_KEYSIZE_256 ;
+                break ;
+            case 24:
+                sa_p->SA_CTRL.KEYSIZE = PIC32_AES_KEYSIZE_192 ;
+                break ;
+            case 16:
+                sa_p->SA_CTRL.KEYSIZE = PIC32_AES_KEYSIZE_128 ;
+                break ;
+            }
+        } else
+            sa_p->SA_CTRL.KEYSIZE = PIC32_AES_KEYSIZE_128 ;
+
+        ByteReverseWords(
+        (word32 *)KVA0_TO_KVA1(sa.SA_ENCKEY + 8 - aes->keylen/sizeof(word32)),
+                         (word32 *)aes->key_ce, aes->keylen);
+        ByteReverseWords(
+        (word32*)KVA0_TO_KVA1(sa.SA_ENCIV), (word32 *)aes->iv_ce, 16);
+
+        XMEMSET((byte *)KVA0_TO_KVA1(&bd), 0, sizeof(bd));
+        /* Set up the Buffer Descriptor */
+        bd_p->BD_CTRL.BUFLEN = sz;
+        if(cryptoalgo == PIC32_CRYPTOALGO_AES_GCM) {
+            if(sz % 0x10)
+                bd_p->BD_CTRL.BUFLEN = (sz/0x10 + 1) * 0x10 ;
+        }
+        bd_p->BD_CTRL.LIFM = 1;
+        bd_p->BD_CTRL.SA_FETCH_EN = 1;
+        bd_p->BD_CTRL.LAST_BD = 1;
+        bd_p->BD_CTRL.DESC_EN = 1;
+
+        bd_p->SA_ADDR = (unsigned int)KVA_TO_PA(&sa) ;
+        bd_p->SRCADDR = (unsigned int)KVA_TO_PA(in) ;
+        bd_p->DSTADDR = (unsigned int)KVA_TO_PA(out);
+        bd_p->MSGLEN = sz ;
+
+        CECON = 1 << 6;
+        while (CECON);
+
+        /* Run the engine */
+        CEBDPADDR = (unsigned int)KVA_TO_PA(&bd) ;
+        CEINTEN = 0x07;
+        CECON = 0x27;
+
+        WAIT_ENGINE ;
+
+        if((cryptoalgo == PIC32_CRYPTOALGO_CBC) ||
+           (cryptoalgo == PIC32_CRYPTOALGO_TCBC)||
+           (cryptoalgo == PIC32_CRYPTOALGO_RCBC)) {
+            /* set iv for the next call */
+            if(dir == PIC32_ENCRYPTION) {
+                XMEMCPY((void *)aes->iv_ce,
+                        (void*)KVA0_TO_KVA1(out + sz - AES_BLOCK_SIZE),
+                        AES_BLOCK_SIZE) ;
+            } else {
+                ByteReverseWords((word32*)aes->iv_ce,
+                        (word32 *)KVA0_TO_KVA1(in + sz - AES_BLOCK_SIZE),
+                        AES_BLOCK_SIZE);
+            }
+        }
+        XMEMCPY((byte *)out, (byte *)KVA0_TO_KVA1(out), sz) ;
+        ByteReverseWords((word32*)out, (word32 *)out, sz);
+    }
+
+    int wc_AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
+    {
+        wc_AesCrypt(aes, out, in, sz, PIC32_ENCRYPTION, PIC32_ALGO_AES,
+                                                      PIC32_CRYPTOALGO_RCBC );
+        return 0 ;
+    }
+
+    int wc_AesCbcDecrypt(Aes* aes, byte* out, const byte* in, word32 sz)
+    {
+        wc_AesCrypt(aes, out, in, sz, PIC32_DECRYPTION, PIC32_ALGO_AES,
+                                                      PIC32_CRYPTOALGO_RCBC);
+        return 0 ;
+    }
+
+#else
+    int wc_AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
+    {
+        word32 blocks = sz / AES_BLOCK_SIZE;
+
+    #ifdef HAVE_CAVIUM
+        if (aes->magic == WOLFSSL_AES_CAVIUM_MAGIC)
+            return wc_AesCaviumCbcEncrypt(aes, out, in, sz);
+    #endif
+
+    #ifdef WOLFSSL_AESNI
+        if (haveAESNI) {
+            #ifdef DEBUG_AESNI
+                printf("about to aes cbc encrypt\n");
+                printf("in  = %p\n", in);
+                printf("out = %p\n", out);
+                printf("aes->key = %p\n", aes->key);
+                printf("aes->reg = %p\n", aes->reg);
+                printf("aes->rounds = %d\n", aes->rounds);
+                printf("sz = %d\n", sz);
+            #endif
+
+            /* check alignment, decrypt doesn't need alignment */
+            if ((wolfssl_word)in % 16) {
+            #ifndef NO_WOLFSSL_ALLOC_ALIGN
+                byte* tmp = (byte*)XMALLOC(sz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+                WOLFSSL_MSG("AES-CBC encrypt with bad alignment");
+                if (tmp == NULL) return MEMORY_E;
+
+                XMEMCPY(tmp, in, sz);
+                AES_CBC_encrypt(tmp, tmp, (byte*)aes->reg, sz, (byte*)aes->key,
+                            aes->rounds);
+                /* store iv for next call */
+                XMEMCPY(aes->reg, tmp + sz - AES_BLOCK_SIZE, AES_BLOCK_SIZE);
+
+                XMEMCPY(out, tmp, sz);
+                XFREE(tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+                return 0;
+            #else
+                return BAD_ALIGN_E;
+            #endif
+            }
+
+            AES_CBC_encrypt(in, out, (byte*)aes->reg, sz, (byte*)aes->key,
+                            aes->rounds);
+            /* store iv for next call */
+            XMEMCPY(aes->reg, out + sz - AES_BLOCK_SIZE, AES_BLOCK_SIZE);
+
+            return 0;
+        }
+    #endif
+
+        while (blocks--) {
+            xorbuf((byte*)aes->reg, in, AES_BLOCK_SIZE);
+            wc_AesEncrypt(aes, (byte*)aes->reg, (byte*)aes->reg);
+            XMEMCPY(out, aes->reg, AES_BLOCK_SIZE);
+
+            out += AES_BLOCK_SIZE;
+            in  += AES_BLOCK_SIZE;
+        }
+
+        return 0;
+    }
+
+    int wc_AesCbcDecrypt(Aes* aes, byte* out, const byte* in, word32 sz)
+    {
+        word32 blocks = sz / AES_BLOCK_SIZE;
+
+    #ifdef HAVE_CAVIUM
+        if (aes->magic == WOLFSSL_AES_CAVIUM_MAGIC)
+            return wc_AesCaviumCbcDecrypt(aes, out, in, sz);
+    #endif
+
+    #ifdef WOLFSSL_AESNI
+        if (haveAESNI) {
+            #ifdef DEBUG_AESNI
+                printf("about to aes cbc decrypt\n");
+                printf("in  = %p\n", in);
+                printf("out = %p\n", out);
+                printf("aes->key = %p\n", aes->key);
+                printf("aes->reg = %p\n", aes->reg);
+                printf("aes->rounds = %d\n", aes->rounds);
+                printf("sz = %d\n", sz);
+            #endif
+
+            /* if input and output same will overwrite input iv */
+            XMEMCPY(aes->tmp, in + sz - AES_BLOCK_SIZE, AES_BLOCK_SIZE);
+            AES_CBC_decrypt(in, out, (byte*)aes->reg, sz, (byte*)aes->key,
+                            aes->rounds);
+            /* store iv for next call */
+            XMEMCPY(aes->reg, aes->tmp, AES_BLOCK_SIZE);
+            return 0;
+        }
+    #endif
+
+        while (blocks--) {
+            XMEMCPY(aes->tmp, in, AES_BLOCK_SIZE);
+            wc_AesDecrypt(aes, (byte*)aes->tmp, out);
+            xorbuf(out, (byte*)aes->reg, AES_BLOCK_SIZE);
+            XMEMCPY(aes->reg, aes->tmp, AES_BLOCK_SIZE);
+
+            out += AES_BLOCK_SIZE;
+            in  += AES_BLOCK_SIZE;
+        }
+
+        return 0;
+    }
+
+#endif /* STM32F2_CRYPTO, AES-CBC block */
+
+/* AES-CTR */
+#ifdef WOLFSSL_AES_COUNTER
+
+    #ifdef STM32F2_CRYPTO
+        void wc_AesCtrEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
+        {
+            word32 *enc_key, *iv;
+            CRYP_InitTypeDef AES_CRYP_InitStructure;
+            CRYP_KeyInitTypeDef AES_CRYP_KeyInitStructure;
+            CRYP_IVInitTypeDef AES_CRYP_IVInitStructure;
+
+            enc_key = aes->key;
+            iv = aes->reg;
+
+            /* crypto structure initialization */
+            CRYP_KeyStructInit(&AES_CRYP_KeyInitStructure);
+            CRYP_StructInit(&AES_CRYP_InitStructure);
+            CRYP_IVStructInit(&AES_CRYP_IVInitStructure);
+
+            /* reset registers to their default values */
+            CRYP_DeInit();
+
+            /* load key into correct registers */
+            switch(aes->rounds)
+            {
+                case 10: /* 128-bit key */
+                    AES_CRYP_InitStructure.CRYP_KeySize = CRYP_KeySize_128b;
+                    AES_CRYP_KeyInitStructure.CRYP_Key2Left  = enc_key[0];
+                    AES_CRYP_KeyInitStructure.CRYP_Key2Right = enc_key[1];
+                    AES_CRYP_KeyInitStructure.CRYP_Key3Left  = enc_key[2];
+                    AES_CRYP_KeyInitStructure.CRYP_Key3Right = enc_key[3];
+                    break;
+
+                case 12: /* 192-bit key */
+                    AES_CRYP_InitStructure.CRYP_KeySize = CRYP_KeySize_192b;
+                    AES_CRYP_KeyInitStructure.CRYP_Key1Left  = enc_key[0];
+                    AES_CRYP_KeyInitStructure.CRYP_Key1Right = enc_key[1];
+                    AES_CRYP_KeyInitStructure.CRYP_Key2Left  = enc_key[2];
+                    AES_CRYP_KeyInitStructure.CRYP_Key2Right = enc_key[3];
+                    AES_CRYP_KeyInitStructure.CRYP_Key3Left  = enc_key[4];
+                    AES_CRYP_KeyInitStructure.CRYP_Key3Right = enc_key[5];
+                    break;
+
+                case 14: /* 256-bit key */
+                    AES_CRYP_InitStructure.CRYP_KeySize = CRYP_KeySize_256b;
+                    AES_CRYP_KeyInitStructure.CRYP_Key0Left  = enc_key[0];
+                    AES_CRYP_KeyInitStructure.CRYP_Key0Right = enc_key[1];
+                    AES_CRYP_KeyInitStructure.CRYP_Key1Left  = enc_key[2];
+                    AES_CRYP_KeyInitStructure.CRYP_Key1Right = enc_key[3];
+                    AES_CRYP_KeyInitStructure.CRYP_Key2Left  = enc_key[4];
+                    AES_CRYP_KeyInitStructure.CRYP_Key2Right = enc_key[5];
+                    AES_CRYP_KeyInitStructure.CRYP_Key3Left  = enc_key[6];
+                    AES_CRYP_KeyInitStructure.CRYP_Key3Right = enc_key[7];
+                    break;
+
+                default:
+                    break;
+            }
+            CRYP_KeyInit(&AES_CRYP_KeyInitStructure);
+
+            /* set iv */
+            ByteReverseWords(iv, iv, AES_BLOCK_SIZE);
+            AES_CRYP_IVInitStructure.CRYP_IV0Left  = iv[0];
+            AES_CRYP_IVInitStructure.CRYP_IV0Right = iv[1];
+            AES_CRYP_IVInitStructure.CRYP_IV1Left  = iv[2];
+            AES_CRYP_IVInitStructure.CRYP_IV1Right = iv[3];
+            CRYP_IVInit(&AES_CRYP_IVInitStructure);
+
+            /* set direction, mode, and datatype */
+            AES_CRYP_InitStructure.CRYP_AlgoDir  = CRYP_AlgoDir_Encrypt;
+            AES_CRYP_InitStructure.CRYP_AlgoMode = CRYP_AlgoMode_AES_CTR;
+            AES_CRYP_InitStructure.CRYP_DataType = CRYP_DataType_8b;
+            CRYP_Init(&AES_CRYP_InitStructure);
+
+            /* enable crypto processor */
+            CRYP_Cmd(ENABLE);
+
+            while (sz > 0)
+            {
+                /* flush IN/OUT FIFOs */
+                CRYP_FIFOFlush();
+
+                CRYP_DataIn(*(uint32_t*)&in[0]);
+                CRYP_DataIn(*(uint32_t*)&in[4]);
+                CRYP_DataIn(*(uint32_t*)&in[8]);
+                CRYP_DataIn(*(uint32_t*)&in[12]);
+
+                /* wait until the complete message has been processed */
+                while(CRYP_GetFlagStatus(CRYP_FLAG_BUSY) != RESET) {}
+
+                *(uint32_t*)&out[0]  = CRYP_DataOut();
+                *(uint32_t*)&out[4]  = CRYP_DataOut();
+                *(uint32_t*)&out[8]  = CRYP_DataOut();
+                *(uint32_t*)&out[12] = CRYP_DataOut();
+
+                /* store iv for next call */
+                XMEMCPY(aes->reg, out + sz - AES_BLOCK_SIZE, AES_BLOCK_SIZE);
+
+                sz  -= 16;
+                in  += 16;
+                out += 16;
+            }
+
+            /* disable crypto processor */
+            CRYP_Cmd(DISABLE);
+        }
+
+    #elif defined(WOLFSSL_PIC32MZ_CRYPT)
+        void wc_AesCtrEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
+        {
+            int i ;
+            char out_block[AES_BLOCK_SIZE] ;
+            int odd ;
+            int even ;
+            char *tmp ; /* (char *)aes->tmp, for short */
+
+            tmp = (char *)aes->tmp ;
+            if(aes->left) {
+                if((aes->left + sz) >= AES_BLOCK_SIZE){
+                    odd = AES_BLOCK_SIZE - aes->left ;
+                } else {
+                    odd = sz ;
+                }
+                XMEMCPY(tmp+aes->left, in, odd) ;
+                if((odd+aes->left) == AES_BLOCK_SIZE){
+                    wc_AesCrypt(aes, out_block, tmp, AES_BLOCK_SIZE,
+                        PIC32_ENCRYPTION, PIC32_ALGO_AES, PIC32_CRYPTOALGO_RCTR);
+                    XMEMCPY(out, out_block+aes->left, odd) ;
+                    aes->left = 0 ;
+                    XMEMSET(tmp, 0x0, AES_BLOCK_SIZE) ;
+                    /* Increment IV */
+                    for (i = AES_BLOCK_SIZE - 1; i >= 0; i--) {
+                        if (++((byte *)aes->iv_ce)[i])
+                            break ;
+                    }
+                }
+                in += odd ;
+                out+= odd ;
+                sz -= odd ;
+            }
+            odd = sz % AES_BLOCK_SIZE ;  /* if there is tail flagment */
+            if(sz / AES_BLOCK_SIZE) {
+                even = (sz/AES_BLOCK_SIZE)*AES_BLOCK_SIZE ;
+                wc_AesCrypt(aes, out, in, even, PIC32_ENCRYPTION, PIC32_ALGO_AES,
+                                                        PIC32_CRYPTOALGO_RCTR);
+                out += even ;
+                in  += even ;
+                do {  /* Increment IV */
+                    for (i = AES_BLOCK_SIZE - 1; i >= 0; i--) {
+                        if (++((byte *)aes->iv_ce)[i])
+                            break ;
+                    }
+                    even -= AES_BLOCK_SIZE ;
+                } while((int)even > 0) ;
+            }
+            if(odd) {
+                XMEMSET(tmp+aes->left, 0x0, AES_BLOCK_SIZE - aes->left) ;
+                XMEMCPY(tmp+aes->left, in, odd) ;
+                wc_AesCrypt(aes, out_block, tmp, AES_BLOCK_SIZE,
+                        PIC32_ENCRYPTION, PIC32_ALGO_AES, PIC32_CRYPTOALGO_RCTR);
+                XMEMCPY(out, out_block+aes->left,odd) ;
+                aes->left += odd ;
+            }
+        }
+
+    #elif defined(HAVE_COLDFIRE_SEC)
+        #error "Coldfire SEC doesn't currently support AES-CTR mode"
+
+    #elif defined(FREESCALE_MMCAU)
+        #error "Freescale mmCAU doesn't currently support AES-CTR mode"
+
+    #else
+        /* Increment AES counter */
+        static INLINE void IncrementAesCounter(byte* inOutCtr)
+        {
+            int i;
+
+            /* in network byte order so start at end and work back */
+            for (i = AES_BLOCK_SIZE - 1; i >= 0; i--) {
+                if (++inOutCtr[i])  /* we're done unless we overflow */
+                    return;
+            }
+        }
+
+        void wc_AesCtrEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
+        {
+            byte* tmp = (byte*)aes->tmp + AES_BLOCK_SIZE - aes->left;
+
+            /* consume any unused bytes left in aes->tmp */
+            while (aes->left && sz) {
+               *(out++) = *(in++) ^ *(tmp++);
+               aes->left--;
+               sz--;
+            }
+
+            /* do as many block size ops as possible */
+            while (sz >= AES_BLOCK_SIZE) {
+                wc_AesEncrypt(aes, (byte*)aes->reg, out);
+                IncrementAesCounter((byte*)aes->reg);
+                xorbuf(out, in, AES_BLOCK_SIZE);
+
+                out += AES_BLOCK_SIZE;
+                in  += AES_BLOCK_SIZE;
+                sz  -= AES_BLOCK_SIZE;
+                aes->left = 0;
+            }
+
+            /* handle non block size remaining and sotre unused byte count in left */
+            if (sz) {
+                wc_AesEncrypt(aes, (byte*)aes->reg, (byte*)aes->tmp);
+                IncrementAesCounter((byte*)aes->reg);
+
+                aes->left = AES_BLOCK_SIZE;
+                tmp = (byte*)aes->tmp;
+
+                while (sz--) {
+                    *(out++) = *(in++) ^ *(tmp++);
+                    aes->left--;
+                }
+            }
+        }
+
+    #endif /* STM32F2_CRYPTO, AES-CTR block */
+
+#endif /* WOLFSSL_AES_COUNTER */
+
+#ifdef HAVE_AESGCM
+
+/*
+ * The IV for AES GCM, stored in struct Aes's member reg, is comprised of
+ * three parts in order:
+ *   1. The implicit IV. This is generated from the PRF using the shared
+ *      secrets between endpoints. It is 4 bytes long.
+ *   2. The explicit IV. This is set by the user of the AES. It needs to be
+ *      unique for each call to encrypt. The explicit IV is shared with the
+ *      other end of the transaction in the clear.
+ *   3. The counter. Each block of data is encrypted with its own sequence
+ *      number counter.
+ */
+
+#ifdef STM32F2_CRYPTO
+    #error "STM32F2 crypto doesn't currently support AES-GCM mode"
+
+#elif defined(HAVE_COLDFIRE_SEC)
+    #error "Coldfire SEC doesn't currently support AES-GCM mode"
+
+#endif
+
+enum {
+    CTR_SZ = 4
+};
+
+
+static INLINE void InitGcmCounter(byte* inOutCtr)
+{
+    inOutCtr[AES_BLOCK_SIZE - 4] = 0;
+    inOutCtr[AES_BLOCK_SIZE - 3] = 0;
+    inOutCtr[AES_BLOCK_SIZE - 2] = 0;
+    inOutCtr[AES_BLOCK_SIZE - 1] = 1;
+}
+
+
+static INLINE void IncrementGcmCounter(byte* inOutCtr)
+{
+    int i;
+
+    /* in network byte order so start at end and work back */
+    for (i = AES_BLOCK_SIZE - 1; i >= AES_BLOCK_SIZE - CTR_SZ; i--) {
+        if (++inOutCtr[i])  /* we're done unless we overflow */
+            return;
+    }
+}
+
+
+#if defined(GCM_SMALL) || defined(GCM_TABLE)
+
+static INLINE void FlattenSzInBits(byte* buf, word32 sz)
+{
+    /* Multiply the sz by 8 */
+    word32 szHi = (sz >> (8*sizeof(sz) - 3));
+    sz <<= 3;
+
+    /* copy over the words of the sz into the destination buffer */
+    buf[0] = (szHi >> 24) & 0xff;
+    buf[1] = (szHi >> 16) & 0xff;
+    buf[2] = (szHi >>  8) & 0xff;
+    buf[3] = szHi & 0xff;
+    buf[4] = (sz >> 24) & 0xff;
+    buf[5] = (sz >> 16) & 0xff;
+    buf[6] = (sz >>  8) & 0xff;
+    buf[7] = sz & 0xff;
+}
+
+
+static INLINE void RIGHTSHIFTX(byte* x)
+{
+    int i;
+    int carryOut = 0;
+    int carryIn = 0;
+    int borrow = x[15] & 0x01;
+
+    for (i = 0; i < AES_BLOCK_SIZE; i++) {
+        carryOut = x[i] & 0x01;
+        x[i] = (x[i] >> 1) | (carryIn ? 0x80 : 0);
+        carryIn = carryOut;
+    }
+    if (borrow) x[0] ^= 0xE1;
+}
+
+#endif /* defined(GCM_SMALL) || defined(GCM_TABLE) */
+
+
+#ifdef GCM_TABLE
+
+static void GenerateM0(Aes* aes)
+{
+    int i, j;
+    byte (*m)[AES_BLOCK_SIZE] = aes->M0;
+
+    XMEMCPY(m[128], aes->H, AES_BLOCK_SIZE);
+
+    for (i = 64; i > 0; i /= 2) {
+        XMEMCPY(m[i], m[i*2], AES_BLOCK_SIZE);
+        RIGHTSHIFTX(m[i]);
+    }
+
+    for (i = 2; i < 256; i *= 2) {
+        for (j = 1; j < i; j++) {
+            XMEMCPY(m[i+j], m[i], AES_BLOCK_SIZE);
+            xorbuf(m[i+j], m[j], AES_BLOCK_SIZE);
+        }
+    }
+
+    XMEMSET(m[0], 0, AES_BLOCK_SIZE);
+}
+
+#endif /* GCM_TABLE */
+
+
+int wc_AesGcmSetKey(Aes* aes, const byte* key, word32 len)
+{
+    int  ret;
+    byte iv[AES_BLOCK_SIZE];
+
+    #ifdef FREESCALE_MMCAU
+        byte* rk = (byte*)aes->key;
+    #endif
+
+    if (!((len == 16) || (len == 24) || (len == 32)))
+        return BAD_FUNC_ARG;
+
+    XMEMSET(iv, 0, AES_BLOCK_SIZE);
+    ret = wc_AesSetKey(aes, key, len, iv, AES_ENCRYPTION);
+
+    if (ret == 0) {
+    #ifdef FREESCALE_MMCAU
+        cau_aes_encrypt(iv, rk, aes->rounds, aes->H);
+    #else
+        wc_AesEncrypt(aes, iv, aes->H);
+    #endif
+    #ifdef GCM_TABLE
+        GenerateM0(aes);
+    #endif /* GCM_TABLE */
+    }
+
+    return ret;
+}
+
+
+#if defined(GCM_SMALL)
+
+static void GMULT(byte* X, byte* Y)
+{
+    byte Z[AES_BLOCK_SIZE];
+    byte V[AES_BLOCK_SIZE];
+    int i, j;
+
+    XMEMSET(Z, 0, AES_BLOCK_SIZE);
+    XMEMCPY(V, X, AES_BLOCK_SIZE);
+    for (i = 0; i < AES_BLOCK_SIZE; i++)
+    {
+        byte y = Y[i];
+        for (j = 0; j < 8; j++)
+        {
+            if (y & 0x80) {
+                xorbuf(Z, V, AES_BLOCK_SIZE);
+            }
+
+            RIGHTSHIFTX(V);
+            y = y << 1;
+        }
+    }
+    XMEMCPY(X, Z, AES_BLOCK_SIZE);
+}
+
+
+static void GHASH(Aes* aes, const byte* a, word32 aSz,
+                                const byte* c, word32 cSz, byte* s, word32 sSz)
+{
+    byte x[AES_BLOCK_SIZE];
+    byte scratch[AES_BLOCK_SIZE];
+    word32 blocks, partial;
+    byte* h = aes->H;
+
+    XMEMSET(x, 0, AES_BLOCK_SIZE);
+
+    /* Hash in A, the Additional Authentication Data */
+    if (aSz != 0 && a != NULL) {
+        blocks = aSz / AES_BLOCK_SIZE;
+        partial = aSz % AES_BLOCK_SIZE;
+        while (blocks--) {
+            xorbuf(x, a, AES_BLOCK_SIZE);
+            GMULT(x, h);
+            a += AES_BLOCK_SIZE;
+        }
+        if (partial != 0) {
+            XMEMSET(scratch, 0, AES_BLOCK_SIZE);
+            XMEMCPY(scratch, a, partial);
+            xorbuf(x, scratch, AES_BLOCK_SIZE);
+            GMULT(x, h);
+        }
+    }
+
+    /* Hash in C, the Ciphertext */
+    if (cSz != 0 && c != NULL) {
+        blocks = cSz / AES_BLOCK_SIZE;
+        partial = cSz % AES_BLOCK_SIZE;
+        while (blocks--) {
+            xorbuf(x, c, AES_BLOCK_SIZE);
+            GMULT(x, h);
+            c += AES_BLOCK_SIZE;
+        }
+        if (partial != 0) {
+            XMEMSET(scratch, 0, AES_BLOCK_SIZE);
+            XMEMCPY(scratch, c, partial);
+            xorbuf(x, scratch, AES_BLOCK_SIZE);
+            GMULT(x, h);
+        }
+    }
+
+    /* Hash in the lengths of A and C in bits */
+    FlattenSzInBits(&scratch[0], aSz);
+    FlattenSzInBits(&scratch[8], cSz);
+    xorbuf(x, scratch, AES_BLOCK_SIZE);
+    GMULT(x, h);
+
+    /* Copy the result into s. */
+    XMEMCPY(s, x, sSz);
+}
+
+/* end GCM_SMALL */
+#elif defined(GCM_TABLE)
+
+static const byte R[256][2] = {
+    {0x00, 0x00}, {0x01, 0xc2}, {0x03, 0x84}, {0x02, 0x46},
+    {0x07, 0x08}, {0x06, 0xca}, {0x04, 0x8c}, {0x05, 0x4e},
+    {0x0e, 0x10}, {0x0f, 0xd2}, {0x0d, 0x94}, {0x0c, 0x56},
+    {0x09, 0x18}, {0x08, 0xda}, {0x0a, 0x9c}, {0x0b, 0x5e},
+    {0x1c, 0x20}, {0x1d, 0xe2}, {0x1f, 0xa4}, {0x1e, 0x66},
+    {0x1b, 0x28}, {0x1a, 0xea}, {0x18, 0xac}, {0x19, 0x6e},
+    {0x12, 0x30}, {0x13, 0xf2}, {0x11, 0xb4}, {0x10, 0x76},
+    {0x15, 0x38}, {0x14, 0xfa}, {0x16, 0xbc}, {0x17, 0x7e},
+    {0x38, 0x40}, {0x39, 0x82}, {0x3b, 0xc4}, {0x3a, 0x06},
+    {0x3f, 0x48}, {0x3e, 0x8a}, {0x3c, 0xcc}, {0x3d, 0x0e},
+    {0x36, 0x50}, {0x37, 0x92}, {0x35, 0xd4}, {0x34, 0x16},
+    {0x31, 0x58}, {0x30, 0x9a}, {0x32, 0xdc}, {0x33, 0x1e},
+    {0x24, 0x60}, {0x25, 0xa2}, {0x27, 0xe4}, {0x26, 0x26},
+    {0x23, 0x68}, {0x22, 0xaa}, {0x20, 0xec}, {0x21, 0x2e},
+    {0x2a, 0x70}, {0x2b, 0xb2}, {0x29, 0xf4}, {0x28, 0x36},
+    {0x2d, 0x78}, {0x2c, 0xba}, {0x2e, 0xfc}, {0x2f, 0x3e},
+    {0x70, 0x80}, {0x71, 0x42}, {0x73, 0x04}, {0x72, 0xc6},
+    {0x77, 0x88}, {0x76, 0x4a}, {0x74, 0x0c}, {0x75, 0xce},
+    {0x7e, 0x90}, {0x7f, 0x52}, {0x7d, 0x14}, {0x7c, 0xd6},
+    {0x79, 0x98}, {0x78, 0x5a}, {0x7a, 0x1c}, {0x7b, 0xde},
+    {0x6c, 0xa0}, {0x6d, 0x62}, {0x6f, 0x24}, {0x6e, 0xe6},
+    {0x6b, 0xa8}, {0x6a, 0x6a}, {0x68, 0x2c}, {0x69, 0xee},
+    {0x62, 0xb0}, {0x63, 0x72}, {0x61, 0x34}, {0x60, 0xf6},
+    {0x65, 0xb8}, {0x64, 0x7a}, {0x66, 0x3c}, {0x67, 0xfe},
+    {0x48, 0xc0}, {0x49, 0x02}, {0x4b, 0x44}, {0x4a, 0x86},
+    {0x4f, 0xc8}, {0x4e, 0x0a}, {0x4c, 0x4c}, {0x4d, 0x8e},
+    {0x46, 0xd0}, {0x47, 0x12}, {0x45, 0x54}, {0x44, 0x96},
+    {0x41, 0xd8}, {0x40, 0x1a}, {0x42, 0x5c}, {0x43, 0x9e},
+    {0x54, 0xe0}, {0x55, 0x22}, {0x57, 0x64}, {0x56, 0xa6},
+    {0x53, 0xe8}, {0x52, 0x2a}, {0x50, 0x6c}, {0x51, 0xae},
+    {0x5a, 0xf0}, {0x5b, 0x32}, {0x59, 0x74}, {0x58, 0xb6},
+    {0x5d, 0xf8}, {0x5c, 0x3a}, {0x5e, 0x7c}, {0x5f, 0xbe},
+    {0xe1, 0x00}, {0xe0, 0xc2}, {0xe2, 0x84}, {0xe3, 0x46},
+    {0xe6, 0x08}, {0xe7, 0xca}, {0xe5, 0x8c}, {0xe4, 0x4e},
+    {0xef, 0x10}, {0xee, 0xd2}, {0xec, 0x94}, {0xed, 0x56},
+    {0xe8, 0x18}, {0xe9, 0xda}, {0xeb, 0x9c}, {0xea, 0x5e},
+    {0xfd, 0x20}, {0xfc, 0xe2}, {0xfe, 0xa4}, {0xff, 0x66},
+    {0xfa, 0x28}, {0xfb, 0xea}, {0xf9, 0xac}, {0xf8, 0x6e},
+    {0xf3, 0x30}, {0xf2, 0xf2}, {0xf0, 0xb4}, {0xf1, 0x76},
+    {0xf4, 0x38}, {0xf5, 0xfa}, {0xf7, 0xbc}, {0xf6, 0x7e},
+    {0xd9, 0x40}, {0xd8, 0x82}, {0xda, 0xc4}, {0xdb, 0x06},
+    {0xde, 0x48}, {0xdf, 0x8a}, {0xdd, 0xcc}, {0xdc, 0x0e},
+    {0xd7, 0x50}, {0xd6, 0x92}, {0xd4, 0xd4}, {0xd5, 0x16},
+    {0xd0, 0x58}, {0xd1, 0x9a}, {0xd3, 0xdc}, {0xd2, 0x1e},
+    {0xc5, 0x60}, {0xc4, 0xa2}, {0xc6, 0xe4}, {0xc7, 0x26},
+    {0xc2, 0x68}, {0xc3, 0xaa}, {0xc1, 0xec}, {0xc0, 0x2e},
+    {0xcb, 0x70}, {0xca, 0xb2}, {0xc8, 0xf4}, {0xc9, 0x36},
+    {0xcc, 0x78}, {0xcd, 0xba}, {0xcf, 0xfc}, {0xce, 0x3e},
+    {0x91, 0x80}, {0x90, 0x42}, {0x92, 0x04}, {0x93, 0xc6},
+    {0x96, 0x88}, {0x97, 0x4a}, {0x95, 0x0c}, {0x94, 0xce},
+    {0x9f, 0x90}, {0x9e, 0x52}, {0x9c, 0x14}, {0x9d, 0xd6},
+    {0x98, 0x98}, {0x99, 0x5a}, {0x9b, 0x1c}, {0x9a, 0xde},
+    {0x8d, 0xa0}, {0x8c, 0x62}, {0x8e, 0x24}, {0x8f, 0xe6},
+    {0x8a, 0xa8}, {0x8b, 0x6a}, {0x89, 0x2c}, {0x88, 0xee},
+    {0x83, 0xb0}, {0x82, 0x72}, {0x80, 0x34}, {0x81, 0xf6},
+    {0x84, 0xb8}, {0x85, 0x7a}, {0x87, 0x3c}, {0x86, 0xfe},
+    {0xa9, 0xc0}, {0xa8, 0x02}, {0xaa, 0x44}, {0xab, 0x86},
+    {0xae, 0xc8}, {0xaf, 0x0a}, {0xad, 0x4c}, {0xac, 0x8e},
+    {0xa7, 0xd0}, {0xa6, 0x12}, {0xa4, 0x54}, {0xa5, 0x96},
+    {0xa0, 0xd8}, {0xa1, 0x1a}, {0xa3, 0x5c}, {0xa2, 0x9e},
+    {0xb5, 0xe0}, {0xb4, 0x22}, {0xb6, 0x64}, {0xb7, 0xa6},
+    {0xb2, 0xe8}, {0xb3, 0x2a}, {0xb1, 0x6c}, {0xb0, 0xae},
+    {0xbb, 0xf0}, {0xba, 0x32}, {0xb8, 0x74}, {0xb9, 0xb6},
+    {0xbc, 0xf8}, {0xbd, 0x3a}, {0xbf, 0x7c}, {0xbe, 0xbe} };
+
+
+static void GMULT(byte *x, byte m[256][AES_BLOCK_SIZE])
+{
+    int i, j;
+    byte Z[AES_BLOCK_SIZE];
+    byte a;
+
+    XMEMSET(Z, 0, sizeof(Z));
+
+    for (i = 15; i > 0; i--) {
+        xorbuf(Z, m[x[i]], AES_BLOCK_SIZE);
+        a = Z[15];
+
+        for (j = 15; j > 0; j--) {
+            Z[j] = Z[j-1];
+        }
+
+        Z[0] = R[a][0];
+        Z[1] ^= R[a][1];
+    }
+    xorbuf(Z, m[x[0]], AES_BLOCK_SIZE);
+
+    XMEMCPY(x, Z, AES_BLOCK_SIZE);
+}
+
+
+static void GHASH(Aes* aes, const byte* a, word32 aSz,
+                                const byte* c, word32 cSz, byte* s, word32 sSz)
+{
+    byte x[AES_BLOCK_SIZE];
+    byte scratch[AES_BLOCK_SIZE];
+    word32 blocks, partial;
+
+    XMEMSET(x, 0, AES_BLOCK_SIZE);
+
+    /* Hash in A, the Additional Authentication Data */
+    if (aSz != 0 && a != NULL) {
+        blocks = aSz / AES_BLOCK_SIZE;
+        partial = aSz % AES_BLOCK_SIZE;
+        while (blocks--) {
+            xorbuf(x, a, AES_BLOCK_SIZE);
+            GMULT(x, aes->M0);
+            a += AES_BLOCK_SIZE;
+        }
+        if (partial != 0) {
+            XMEMSET(scratch, 0, AES_BLOCK_SIZE);
+            XMEMCPY(scratch, a, partial);
+            xorbuf(x, scratch, AES_BLOCK_SIZE);
+            GMULT(x, aes->M0);
+        }
+    }
+
+    /* Hash in C, the Ciphertext */
+    if (cSz != 0 && c != NULL) {
+        blocks = cSz / AES_BLOCK_SIZE;
+        partial = cSz % AES_BLOCK_SIZE;
+        while (blocks--) {
+            xorbuf(x, c, AES_BLOCK_SIZE);
+            GMULT(x, aes->M0);
+            c += AES_BLOCK_SIZE;
+        }
+        if (partial != 0) {
+            XMEMSET(scratch, 0, AES_BLOCK_SIZE);
+            XMEMCPY(scratch, c, partial);
+            xorbuf(x, scratch, AES_BLOCK_SIZE);
+            GMULT(x, aes->M0);
+        }
+    }
+
+    /* Hash in the lengths of A and C in bits */
+    FlattenSzInBits(&scratch[0], aSz);
+    FlattenSzInBits(&scratch[8], cSz);
+    xorbuf(x, scratch, AES_BLOCK_SIZE);
+    GMULT(x, aes->M0);
+
+    /* Copy the result into s. */
+    XMEMCPY(s, x, sSz);
+}
+
+/* end GCM_TABLE */
+#elif defined(WORD64_AVAILABLE) && !defined(GCM_WORD32)
+
+static void GMULT(word64* X, word64* Y)
+{
+    word64 Z[2] = {0,0};
+    word64 V[2] ; 
+    int i, j;
+    V[0] = X[0] ;  V[1] = X[1] ;
+
+    for (i = 0; i < 2; i++)
+    {
+        word64 y = Y[i];
+        for (j = 0; j < 64; j++)
+        {
+            if (y & 0x8000000000000000ULL) {
+                Z[0] ^= V[0];
+                Z[1] ^= V[1];
+            }
+
+            if (V[1] & 0x0000000000000001) {
+                V[1] >>= 1;
+                V[1] |= ((V[0] & 0x0000000000000001) ? 0x8000000000000000ULL : 0);
+                V[0] >>= 1;
+                V[0] ^= 0xE100000000000000ULL;
+            }
+            else {
+                V[1] >>= 1;
+                V[1] |= ((V[0] & 0x0000000000000001) ? 0x8000000000000000ULL : 0);
+                V[0] >>= 1;
+            }
+            y <<= 1;
+        }
+    }
+    X[0] = Z[0];
+    X[1] = Z[1];
+}
+
+
+static void GHASH(Aes* aes, const byte* a, word32 aSz,
+                                const byte* c, word32 cSz, byte* s, word32 sSz)
+{
+    word64 x[2] = {0,0};
+    word32 blocks, partial;
+    word64 bigH[2];
+
+    XMEMCPY(bigH, aes->H, AES_BLOCK_SIZE);
+    #ifdef LITTLE_ENDIAN_ORDER
+        ByteReverseWords64(bigH, bigH, AES_BLOCK_SIZE); 
+    #endif
+
+    /* Hash in A, the Additional Authentication Data */
+    if (aSz != 0 && a != NULL) {
+        word64 bigA[2];
+        blocks = aSz / AES_BLOCK_SIZE;
+        partial = aSz % AES_BLOCK_SIZE;
+        while (blocks--) {
+            XMEMCPY(bigA, a, AES_BLOCK_SIZE);
+            #ifdef LITTLE_ENDIAN_ORDER
+                ByteReverseWords64(bigA, bigA, AES_BLOCK_SIZE);
+            #endif
+            x[0] ^= bigA[0];
+            x[1] ^= bigA[1];
+            GMULT(x, bigH);
+            a += AES_BLOCK_SIZE;
+        }
+        if (partial != 0) {
+            XMEMSET(bigA, 0, AES_BLOCK_SIZE);
+            XMEMCPY(bigA, a, partial);
+            #ifdef LITTLE_ENDIAN_ORDER
+                ByteReverseWords64(bigA, bigA, AES_BLOCK_SIZE);
+            #endif
+            x[0] ^= bigA[0];
+            x[1] ^= bigA[1];
+            GMULT(x, bigH);
+        }
+    }
+
+    /* Hash in C, the Ciphertext */
+    if (cSz != 0 && c != NULL) {
+        word64 bigC[2];
+        blocks = cSz / AES_BLOCK_SIZE;
+        partial = cSz % AES_BLOCK_SIZE;
+        while (blocks--) {
+            XMEMCPY(bigC, c, AES_BLOCK_SIZE);
+            #ifdef LITTLE_ENDIAN_ORDER
+                ByteReverseWords64(bigC, bigC, AES_BLOCK_SIZE);
+            #endif
+            x[0] ^= bigC[0];
+            x[1] ^= bigC[1];
+            GMULT(x, bigH);
+            c += AES_BLOCK_SIZE;
+        }
+        if (partial != 0) {
+            XMEMSET(bigC, 0, AES_BLOCK_SIZE);
+            XMEMCPY(bigC, c, partial);
+            #ifdef LITTLE_ENDIAN_ORDER
+                ByteReverseWords64(bigC, bigC, AES_BLOCK_SIZE);
+            #endif
+            x[0] ^= bigC[0];
+            x[1] ^= bigC[1];
+            GMULT(x, bigH);
+        }
+    }
+
+    /* Hash in the lengths in bits of A and C */
+    {
+        word64 len[2] ; 
+        len[0] = aSz ; len[1] = cSz;
+
+        /* Lengths are in bytes. Convert to bits. */
+        len[0] *= 8;
+        len[1] *= 8;
+
+        x[0] ^= len[0];
+        x[1] ^= len[1];
+        GMULT(x, bigH);
+    }
+    #ifdef LITTLE_ENDIAN_ORDER
+        ByteReverseWords64(x, x, AES_BLOCK_SIZE);
+    #endif
+    XMEMCPY(s, x, sSz);
+}
+
+/* end defined(WORD64_AVAILABLE) && !defined(GCM_WORD32) */
+#else /* GCM_WORD32 */
+
+static void GMULT(word32* X, word32* Y)
+{
+    word32 Z[4] = {0,0,0,0};
+    word32 V[4] ;
+    int i, j;
+
+    V[0] = X[0];  V[1] = X[1]; V[2] =  X[2]; V[3] =  X[3];
+
+    for (i = 0; i < 4; i++)
+    {
+        word32 y = Y[i];
+        for (j = 0; j < 32; j++)
+        {
+            if (y & 0x80000000) {
+                Z[0] ^= V[0];
+                Z[1] ^= V[1];
+                Z[2] ^= V[2];
+                Z[3] ^= V[3];
+            }
+
+            if (V[3] & 0x00000001) {
+                V[3] >>= 1;
+                V[3] |= ((V[2] & 0x00000001) ? 0x80000000 : 0);
+                V[2] >>= 1;
+                V[2] |= ((V[1] & 0x00000001) ? 0x80000000 : 0);
+                V[1] >>= 1;
+                V[1] |= ((V[0] & 0x00000001) ? 0x80000000 : 0);
+                V[0] >>= 1;
+                V[0] ^= 0xE1000000;
+            } else {
+                V[3] >>= 1;
+                V[3] |= ((V[2] & 0x00000001) ? 0x80000000 : 0);
+                V[2] >>= 1;
+                V[2] |= ((V[1] & 0x00000001) ? 0x80000000 : 0);
+                V[1] >>= 1;
+                V[1] |= ((V[0] & 0x00000001) ? 0x80000000 : 0);
+                V[0] >>= 1;
+            }
+            y <<= 1;
+        }
+    }
+    X[0] = Z[0];
+    X[1] = Z[1];
+    X[2] = Z[2];
+    X[3] = Z[3];
+}
+
+
+static void GHASH(Aes* aes, const byte* a, word32 aSz,
+                                const byte* c, word32 cSz, byte* s, word32 sSz)
+{
+    word32 x[4] = {0,0,0,0};
+    word32 blocks, partial;
+    word32 bigH[4];
+
+    XMEMCPY(bigH, aes->H, AES_BLOCK_SIZE);
+    #ifdef LITTLE_ENDIAN_ORDER
+        ByteReverseWords(bigH, bigH, AES_BLOCK_SIZE);
+    #endif
+
+    /* Hash in A, the Additional Authentication Data */
+    if (aSz != 0 && a != NULL) {
+        word32 bigA[4];
+        blocks = aSz / AES_BLOCK_SIZE;
+        partial = aSz % AES_BLOCK_SIZE;
+        while (blocks--) {
+            XMEMCPY(bigA, a, AES_BLOCK_SIZE);
+            #ifdef LITTLE_ENDIAN_ORDER
+                ByteReverseWords(bigA, bigA, AES_BLOCK_SIZE);
+            #endif
+            x[0] ^= bigA[0];
+            x[1] ^= bigA[1];
+            x[2] ^= bigA[2];
+            x[3] ^= bigA[3];
+            GMULT(x, bigH);
+            a += AES_BLOCK_SIZE;
+        }
+        if (partial != 0) {
+            XMEMSET(bigA, 0, AES_BLOCK_SIZE);
+            XMEMCPY(bigA, a, partial);
+            #ifdef LITTLE_ENDIAN_ORDER
+                ByteReverseWords(bigA, bigA, AES_BLOCK_SIZE);
+            #endif
+            x[0] ^= bigA[0];
+            x[1] ^= bigA[1];
+            x[2] ^= bigA[2];
+            x[3] ^= bigA[3];
+            GMULT(x, bigH);
+        }
+    }
+
+    /* Hash in C, the Ciphertext */
+    if (cSz != 0 && c != NULL) {
+        word32 bigC[4];
+        blocks = cSz / AES_BLOCK_SIZE;
+        partial = cSz % AES_BLOCK_SIZE;
+        while (blocks--) {
+            XMEMCPY(bigC, c, AES_BLOCK_SIZE);
+            #ifdef LITTLE_ENDIAN_ORDER
+                ByteReverseWords(bigC, bigC, AES_BLOCK_SIZE);
+            #endif
+            x[0] ^= bigC[0];
+            x[1] ^= bigC[1];
+            x[2] ^= bigC[2];
+            x[3] ^= bigC[3];
+            GMULT(x, bigH);
+            c += AES_BLOCK_SIZE;
+        }
+        if (partial != 0) {
+            XMEMSET(bigC, 0, AES_BLOCK_SIZE);
+            XMEMCPY(bigC, c, partial);
+            #ifdef LITTLE_ENDIAN_ORDER
+                ByteReverseWords(bigC, bigC, AES_BLOCK_SIZE);
+            #endif
+            x[0] ^= bigC[0];
+            x[1] ^= bigC[1];
+            x[2] ^= bigC[2];
+            x[3] ^= bigC[3];
+            GMULT(x, bigH);
+        }
+    }
+
+    /* Hash in the lengths in bits of A and C */
+    {
+        word32 len[4];
+
+        /* Lengths are in bytes. Convert to bits. */
+        len[0] = (aSz >> (8*sizeof(aSz) - 3));
+        len[1] = aSz << 3;
+        len[2] = (cSz >> (8*sizeof(cSz) - 3));
+        len[3] = cSz << 3;
+
+        x[0] ^= len[0];
+        x[1] ^= len[1];
+        x[2] ^= len[2];
+        x[3] ^= len[3];
+        GMULT(x, bigH);
+    }
+    #ifdef LITTLE_ENDIAN_ORDER
+        ByteReverseWords(x, x, AES_BLOCK_SIZE);
+    #endif
+    XMEMCPY(s, x, sSz);
+}
+
+#endif /* end GCM_WORD32 */
+
+
+int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
+                   const byte* iv, word32 ivSz,
+                   byte* authTag, word32 authTagSz,
+                   const byte* authIn, word32 authInSz)
+{
+    word32 blocks = sz / AES_BLOCK_SIZE;
+    word32 partial = sz % AES_BLOCK_SIZE;
+    const byte* p = in;
+    byte* c = out;
+    byte counter[AES_BLOCK_SIZE];
+    byte *ctr ;
+    byte scratch[AES_BLOCK_SIZE];
+
+#ifdef FREESCALE_MMCAU
+    byte* key = (byte*)aes->key;
+#endif
+
+    WOLFSSL_ENTER("AesGcmEncrypt");
+
+#ifdef WOLFSSL_PIC32MZ_CRYPT
+    ctr = (char *)aes->iv_ce ;
+#else
+    ctr = counter ;
+#endif
+
+    XMEMSET(ctr, 0, AES_BLOCK_SIZE);
+    XMEMCPY(ctr, iv, ivSz);
+    InitGcmCounter(ctr);
+
+#ifdef WOLFSSL_PIC32MZ_CRYPT
+    if(blocks)
+        wc_AesCrypt(aes, out, in, blocks*AES_BLOCK_SIZE,
+             PIC32_ENCRYPTION, PIC32_ALGO_AES, PIC32_CRYPTOALGO_AES_GCM );
+#endif
+    while (blocks--) {
+        IncrementGcmCounter(ctr);
+        #ifndef WOLFSSL_PIC32MZ_CRYPT
+            #ifdef FREESCALE_MMCAU
+                cau_aes_encrypt(ctr, key, aes->rounds, scratch);
+            #else
+                wc_AesEncrypt(aes, ctr, scratch);
+            #endif
+        xorbuf(scratch, p, AES_BLOCK_SIZE);
+        XMEMCPY(c, scratch, AES_BLOCK_SIZE);
+        #endif
+        p += AES_BLOCK_SIZE;
+        c += AES_BLOCK_SIZE;
+    }
+
+    if (partial != 0) {
+        IncrementGcmCounter(ctr);
+        #ifdef FREESCALE_MMCAU
+            cau_aes_encrypt(ctr, key, aes->rounds, scratch);
+        #else
+            wc_AesEncrypt(aes, ctr, scratch);
+        #endif
+        xorbuf(scratch, p, partial);
+        XMEMCPY(c, scratch, partial);
+
+    }
+
+    GHASH(aes, authIn, authInSz, out, sz, authTag, authTagSz);
+    InitGcmCounter(ctr);
+    #ifdef FREESCALE_MMCAU
+        cau_aes_encrypt(ctr, key, aes->rounds, scratch);
+    #else
+        wc_AesEncrypt(aes, ctr, scratch);
+    #endif
+    xorbuf(authTag, scratch, authTagSz);
+
+    return 0;
+}
+
+
+int  wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
+                   const byte* iv, word32 ivSz,
+                   const byte* authTag, word32 authTagSz,
+                   const byte* authIn, word32 authInSz)
+{
+    word32 blocks = sz / AES_BLOCK_SIZE;
+    word32 partial = sz % AES_BLOCK_SIZE;
+    const byte* c = in;
+    byte* p = out;
+    byte counter[AES_BLOCK_SIZE];
+    byte *ctr ;
+    byte scratch[AES_BLOCK_SIZE];
+
+#ifdef FREESCALE_MMCAU
+    byte* key = (byte*)aes->key;
+#endif
+
+    WOLFSSL_ENTER("AesGcmDecrypt");
+
+#ifdef WOLFSSL_PIC32MZ_CRYPT
+    ctr = (char *)aes->iv_ce ;
+#else
+    ctr = counter ;
+#endif
+
+    XMEMSET(ctr, 0, AES_BLOCK_SIZE);
+    XMEMCPY(ctr, iv, ivSz);
+    InitGcmCounter(ctr);
+
+    /* Calculate the authTag again using the received auth data and the
+     * cipher text. */
+    {
+        byte Tprime[AES_BLOCK_SIZE];
+        byte EKY0[AES_BLOCK_SIZE];
+
+        GHASH(aes, authIn, authInSz, in, sz, Tprime, sizeof(Tprime));
+        #ifdef FREESCALE_MMCAU
+            cau_aes_encrypt(ctr, key, aes->rounds, EKY0);
+        #else
+            wc_AesEncrypt(aes, ctr, EKY0);
+        #endif
+        xorbuf(Tprime, EKY0, sizeof(Tprime));
+
+        if (XMEMCMP(authTag, Tprime, authTagSz) != 0) {
+            return AES_GCM_AUTH_E;
+        }
+    }
+
+#ifdef WOLFSSL_PIC32MZ_CRYPT
+    if(blocks)
+        wc_AesCrypt(aes, out, in, blocks*AES_BLOCK_SIZE,
+             PIC32_DECRYPTION, PIC32_ALGO_AES, PIC32_CRYPTOALGO_AES_GCM );
+#endif
+
+    while (blocks--) {
+        IncrementGcmCounter(ctr);
+        #ifndef WOLFSSL_PIC32MZ_CRYPT
+            #ifdef FREESCALE_MMCAU
+                cau_aes_encrypt(ctr, key, aes->rounds, scratch);
+            #else
+                wc_AesEncrypt(aes, ctr, scratch);
+            #endif
+        xorbuf(scratch, c, AES_BLOCK_SIZE);
+        XMEMCPY(p, scratch, AES_BLOCK_SIZE);
+        #endif
+        p += AES_BLOCK_SIZE;
+        c += AES_BLOCK_SIZE;
+    }
+    if (partial != 0) {
+        IncrementGcmCounter(ctr);
+        #ifdef FREESCALE_MMCAU
+            cau_aes_encrypt(ctr, key, aes->rounds, scratch);
+        #else
+            wc_AesEncrypt(aes, ctr, scratch);
+        #endif
+        xorbuf(scratch, c, partial);
+        XMEMCPY(p, scratch, partial);
+    }
+    return 0;
+}
+
+
+
+WOLFSSL_API int wc_GmacSetKey(Gmac* gmac, const byte* key, word32 len)
+{
+    return wc_AesGcmSetKey(&gmac->aes, key, len);
+}
+
+
+WOLFSSL_API int wc_GmacUpdate(Gmac* gmac, const byte* iv, word32 ivSz,
+                              const byte* authIn, word32 authInSz,
+                              byte* authTag, word32 authTagSz)
+{
+    return wc_AesGcmEncrypt(&gmac->aes, NULL, NULL, 0, iv, ivSz,
+                                         authTag, authTagSz, authIn, authInSz);
+}
+
+#endif /* HAVE_AESGCM */
+
+
+#ifdef HAVE_AESCCM
+
+#ifdef STM32F2_CRYPTO
+    #error "STM32F2 crypto doesn't currently support AES-CCM mode"
+
+#elif defined(HAVE_COLDFIRE_SEC)
+    #error "Coldfire SEC doesn't currently support AES-CCM mode"
+
+#elif defined(WOLFSSL_PIC32MZ_CRYPT)
+    #error "PIC32MZ doesn't currently support AES-CCM mode"
+
+#endif
+
+void wc_AesCcmSetKey(Aes* aes, const byte* key, word32 keySz)
+{
+    byte nonce[AES_BLOCK_SIZE];
+
+    if (!((keySz == 16) || (keySz == 24) || (keySz == 32)))
+        return;
+
+    XMEMSET(nonce, 0, sizeof(nonce));
+    wc_AesSetKey(aes, key, keySz, nonce, AES_ENCRYPTION);
+}
+
+
+static void roll_x(Aes* aes, const byte* in, word32 inSz, byte* out)
+{
+    #ifdef FREESCALE_MMCAU
+        byte* key = (byte*)aes->key;
+    #endif
+
+    /* process the bulk of the data */
+    while (inSz >= AES_BLOCK_SIZE) {
+        xorbuf(out, in, AES_BLOCK_SIZE);
+        in += AES_BLOCK_SIZE;
+        inSz -= AES_BLOCK_SIZE;
+
+        #ifdef FREESCALE_MMCAU
+            cau_aes_encrypt(out, key, aes->rounds, out);
+        #else
+            wc_AesEncrypt(aes, out, out);
+        #endif
+    }
+
+    /* process remainder of the data */
+    if (inSz > 0) {
+        xorbuf(out, in, inSz);
+        #ifdef FREESCALE_MMCAU
+            cau_aes_encrypt(out, key, aes->rounds, out);
+        #else
+            wc_AesEncrypt(aes, out, out);
+        #endif
+    }
+}
+
+
+static void roll_auth(Aes* aes, const byte* in, word32 inSz, byte* out)
+{
+    word32 authLenSz;
+    word32 remainder;
+
+    #ifdef FREESCALE_MMCAU
+        byte* key = (byte*)aes->key;
+    #endif
+
+    /* encode the length in */
+    if (inSz <= 0xFEFF) {
+        authLenSz = 2;
+        out[0] ^= ((inSz & 0xFF00) >> 8);
+        out[1] ^=  (inSz & 0x00FF);
+    }
+    else if (inSz <= 0xFFFFFFFF) {
+        authLenSz = 6;
+        out[0] ^= 0xFF; out[1] ^= 0xFE;
+        out[2] ^= ((inSz & 0xFF000000) >> 24);
+        out[3] ^= ((inSz & 0x00FF0000) >> 16);
+        out[4] ^= ((inSz & 0x0000FF00) >>  8);
+        out[5] ^=  (inSz & 0x000000FF);
+    }
+    /* Note, the protocol handles auth data up to 2^64, but we are
+     * using 32-bit sizes right now, so the bigger data isn't handled
+     * else if (inSz <= 0xFFFFFFFFFFFFFFFF) {} */
+    else
+        return;
+
+    /* start fill out the rest of the first block */
+    remainder = AES_BLOCK_SIZE - authLenSz;
+    if (inSz >= remainder) {
+        /* plenty of bulk data to fill the remainder of this block */
+        xorbuf(out + authLenSz, in, remainder);
+        inSz -= remainder;
+        in += remainder;
+    }
+    else {
+        /* not enough bulk data, copy what is available, and pad zero */
+        xorbuf(out + authLenSz, in, inSz);
+        inSz = 0;
+    }
+    #ifdef FREESCALE_MMCAU
+        cau_aes_encrypt(out, key, aes->rounds, out);
+    #else
+        wc_AesEncrypt(aes, out, out);
+    #endif
+
+    if (inSz > 0)
+        roll_x(aes, in, inSz, out);
+}
+
+
+static INLINE void AesCcmCtrInc(byte* B, word32 lenSz)
+{
+    word32 i;
+
+    for (i = 0; i < lenSz; i++) {
+        if (++B[AES_BLOCK_SIZE - 1 - i] != 0) return;
+    }
+}
+
+
+void wc_AesCcmEncrypt(Aes* aes, byte* out, const byte* in, word32 inSz,
+                   const byte* nonce, word32 nonceSz,
+                   byte* authTag, word32 authTagSz,
+                   const byte* authIn, word32 authInSz)
+{
+    byte A[AES_BLOCK_SIZE];
+    byte B[AES_BLOCK_SIZE];
+    byte lenSz;
+    word32 i;
+
+    #ifdef FREESCALE_MMCAU
+        byte* key = (byte*)aes->key;
+    #endif
+
+    XMEMCPY(B+1, nonce, nonceSz);
+    lenSz = AES_BLOCK_SIZE - 1 - (byte)nonceSz;
+    B[0] = (authInSz > 0 ? 64 : 0)
+         + (8 * (((byte)authTagSz - 2) / 2))
+         + (lenSz - 1);
+    for (i = 0; i < lenSz; i++)
+        B[AES_BLOCK_SIZE - 1 - i] = (inSz >> (8 * i)) & 0xFF;
+
+    #ifdef FREESCALE_MMCAU
+        cau_aes_encrypt(B, key, aes->rounds, A);
+    #else
+        wc_AesEncrypt(aes, B, A);
+    #endif
+    if (authInSz > 0)
+        roll_auth(aes, authIn, authInSz, A);
+    if (inSz > 0)
+        roll_x(aes, in, inSz, A);
+    XMEMCPY(authTag, A, authTagSz);
+
+    B[0] = lenSz - 1;
+    for (i = 0; i < lenSz; i++)
+        B[AES_BLOCK_SIZE - 1 - i] = 0;
+    #ifdef FREESCALE_MMCAU
+        cau_aes_encrypt(B, key, aes->rounds, A);
+    #else
+        wc_AesEncrypt(aes, B, A);
+    #endif
+    xorbuf(authTag, A, authTagSz);
+
+    B[15] = 1;
+    while (inSz >= AES_BLOCK_SIZE) {
+        #ifdef FREESCALE_MMCAU
+            cau_aes_encrypt(B, key, aes->rounds, A);
+        #else
+            wc_AesEncrypt(aes, B, A);
+        #endif
+        xorbuf(A, in, AES_BLOCK_SIZE);
+        XMEMCPY(out, A, AES_BLOCK_SIZE);
+
+        AesCcmCtrInc(B, lenSz);
+        inSz -= AES_BLOCK_SIZE;
+        in += AES_BLOCK_SIZE;
+        out += AES_BLOCK_SIZE;
+    }
+    if (inSz > 0) {
+        #ifdef FREESCALE_MMCAU
+            cau_aes_encrypt(B, key, aes->rounds, A);
+        #else
+            wc_AesEncrypt(aes, B, A);
+        #endif
+        xorbuf(A, in, inSz);
+        XMEMCPY(out, A, inSz);
+    }
+
+    ForceZero(A, AES_BLOCK_SIZE);
+    ForceZero(B, AES_BLOCK_SIZE);
+}
+
+
+int  wc_AesCcmDecrypt(Aes* aes, byte* out, const byte* in, word32 inSz,
+                   const byte* nonce, word32 nonceSz,
+                   const byte* authTag, word32 authTagSz,
+                   const byte* authIn, word32 authInSz)
+{
+    byte A[AES_BLOCK_SIZE];
+    byte B[AES_BLOCK_SIZE];
+    byte* o;
+    byte lenSz;
+    word32 i, oSz;
+    int result = 0;
+
+    #ifdef FREESCALE_MMCAU
+        byte* key = (byte*)aes->key;
+    #endif
+
+    o = out;
+    oSz = inSz;
+    XMEMCPY(B+1, nonce, nonceSz);
+    lenSz = AES_BLOCK_SIZE - 1 - (byte)nonceSz;
+
+    B[0] = lenSz - 1;
+    for (i = 0; i < lenSz; i++)
+        B[AES_BLOCK_SIZE - 1 - i] = 0;
+    B[15] = 1;
+
+    while (oSz >= AES_BLOCK_SIZE) {
+        #ifdef FREESCALE_MMCAU
+            cau_aes_encrypt(B, key, aes->rounds, A);
+        #else
+            wc_AesEncrypt(aes, B, A);
+        #endif
+        xorbuf(A, in, AES_BLOCK_SIZE);
+        XMEMCPY(o, A, AES_BLOCK_SIZE);
+
+        AesCcmCtrInc(B, lenSz);
+        oSz -= AES_BLOCK_SIZE;
+        in += AES_BLOCK_SIZE;
+        o += AES_BLOCK_SIZE;
+    }
+    if (inSz > 0) {
+        #ifdef FREESCALE_MMCAU
+            cau_aes_encrypt(B, key, aes->rounds, A);
+        #else
+            wc_AesEncrypt(aes, B, A);
+        #endif
+        xorbuf(A, in, oSz);
+        XMEMCPY(o, A, oSz);
+    }
+
+    for (i = 0; i < lenSz; i++)
+        B[AES_BLOCK_SIZE - 1 - i] = 0;
+    #ifdef FREESCALE_MMCAU
+        cau_aes_encrypt(B, key, aes->rounds, A);
+    #else
+        wc_AesEncrypt(aes, B, A);
+    #endif
+
+    o = out;
+    oSz = inSz;
+
+    B[0] = (authInSz > 0 ? 64 : 0)
+         + (8 * (((byte)authTagSz - 2) / 2))
+         + (lenSz - 1);
+    for (i = 0; i < lenSz; i++)
+        B[AES_BLOCK_SIZE - 1 - i] = (inSz >> (8 * i)) & 0xFF;
+
+    #ifdef FREESCALE_MMCAU
+        cau_aes_encrypt(B, key, aes->rounds, A);
+    #else
+        wc_AesEncrypt(aes, B, A);
+    #endif
+    if (authInSz > 0)
+        roll_auth(aes, authIn, authInSz, A);
+    if (inSz > 0)
+        roll_x(aes, o, oSz, A);
+
+    B[0] = lenSz - 1;
+    for (i = 0; i < lenSz; i++)
+        B[AES_BLOCK_SIZE - 1 - i] = 0;
+    #ifdef FREESCALE_MMCAU
+        cau_aes_encrypt(B, key, aes->rounds, B);
+    #else
+        wc_AesEncrypt(aes, B, B);
+    #endif
+    xorbuf(A, B, authTagSz);
+
+    if (XMEMCMP(A, authTag, authTagSz) != 0) {
+        /* If the authTag check fails, don't keep the decrypted data.
+         * Unfortunately, you need the decrypted data to calculate the
+         * check value. */
+        XMEMSET(out, 0, inSz);
+        result = AES_CCM_AUTH_E;
+    }
+
+    ForceZero(A, AES_BLOCK_SIZE);
+    ForceZero(B, AES_BLOCK_SIZE);
+    o = NULL;
+
+    return result;
+}
+
+#endif /* HAVE_AESCCM */
+
+
+#ifdef HAVE_CAVIUM
+
+#include 
+#include "cavium_common.h"
+
+/* Initiliaze Aes for use with Nitrox device */
+int wc_AesInitCavium(Aes* aes, int devId)
+{
+    if (aes == NULL)
+        return -1;
+
+    if (CspAllocContext(CONTEXT_SSL, &aes->contextHandle, devId) != 0)
+        return -1;
+
+    aes->devId = devId;
+    aes->magic = WOLFSSL_AES_CAVIUM_MAGIC;
+
+    return 0;
+}
+
+
+/* Free Aes from use with Nitrox device */
+void wc_AesFreeCavium(Aes* aes)
+{
+    if (aes == NULL)
+        return;
+
+    if (aes->magic != WOLFSSL_AES_CAVIUM_MAGIC)
+        return;
+
+    CspFreeContext(CONTEXT_SSL, aes->contextHandle, aes->devId);
+    aes->magic = 0;
+}
+
+
+static int wc_AesCaviumSetKey(Aes* aes, const byte* key, word32 length,
+                           const byte* iv)
+{
+    if (aes == NULL)
+        return -1;
+
+    XMEMCPY(aes->key, key, length);   /* key still holds key, iv still in reg */
+    if (length == 16)
+        aes->type = AES_128;
+    else if (length == 24)
+        aes->type = AES_192;
+    else if (length == 32)
+        aes->type = AES_256;
+
+    return wc_AesSetIV(aes, iv);
+}
+
+
+static int AesCaviumCbcEncrypt(Aes* aes, byte* out, const byte* in,
+                               word32 length)
+{
+    wolfssl_word offset = 0;
+    word32 requestId;
+
+    while (length > WOLFSSL_MAX_16BIT) {
+        word16 slen = (word16)WOLFSSL_MAX_16BIT;
+        if (CspEncryptAes(CAVIUM_BLOCKING, aes->contextHandle, CAVIUM_NO_UPDATE,
+                          aes->type, slen, (byte*)in + offset, out + offset,
+                          (byte*)aes->reg, (byte*)aes->key, &requestId,
+                          aes->devId) != 0) {
+            WOLFSSL_MSG("Bad Cavium Aes Encrypt");
+            return -1;
+        }
+        length -= WOLFSSL_MAX_16BIT;
+        offset += WOLFSSL_MAX_16BIT;
+        XMEMCPY(aes->reg, out + offset - AES_BLOCK_SIZE, AES_BLOCK_SIZE);
+    }
+    if (length) {
+        word16 slen = (word16)length;
+        if (CspEncryptAes(CAVIUM_BLOCKING, aes->contextHandle, CAVIUM_NO_UPDATE,
+                          aes->type, slen, (byte*)in + offset, out + offset,
+                          (byte*)aes->reg, (byte*)aes->key, &requestId,
+                          aes->devId) != 0) {
+            WOLFSSL_MSG("Bad Cavium Aes Encrypt");
+            return -1;
+        }
+        XMEMCPY(aes->reg, out + offset+length - AES_BLOCK_SIZE, AES_BLOCK_SIZE);
+    }
+    return 0;
+}
+
+static int AesCaviumCbcDecrypt(Aes* aes, byte* out, const byte* in,
+                               word32 length)
+{
+    word32 requestId;
+    wolfssl_word offset = 0;
+
+    while (length > WOLFSSL_MAX_16BIT) {
+        word16 slen = (word16)WOLFSSL_MAX_16BIT;
+        XMEMCPY(aes->tmp, in + offset + slen - AES_BLOCK_SIZE, AES_BLOCK_SIZE);
+        if (CspDecryptAes(CAVIUM_BLOCKING, aes->contextHandle, CAVIUM_NO_UPDATE,
+                          aes->type, slen, (byte*)in + offset, out + offset,
+                          (byte*)aes->reg, (byte*)aes->key, &requestId,
+                          aes->devId) != 0) {
+            WOLFSSL_MSG("Bad Cavium Aes Decrypt");
+            return -1;
+        }
+        length -= WOLFSSL_MAX_16BIT;
+        offset += WOLFSSL_MAX_16BIT;
+        XMEMCPY(aes->reg, aes->tmp, AES_BLOCK_SIZE);
+    }
+    if (length) {
+        word16 slen = (word16)length;
+        XMEMCPY(aes->tmp, in + offset + slen - AES_BLOCK_SIZE, AES_BLOCK_SIZE);
+        if (CspDecryptAes(CAVIUM_BLOCKING, aes->contextHandle, CAVIUM_NO_UPDATE,
+                          aes->type, slen, (byte*)in + offset, out + offset,
+                          (byte*)aes->reg, (byte*)aes->key, &requestId,
+                          aes->devId) != 0) {
+            WOLFSSL_MSG("Bad Cavium Aes Decrypt");
+            return -1;
+        }
+        XMEMCPY(aes->reg, aes->tmp, AES_BLOCK_SIZE);
+    }
+    return 0;
+}
+
+#endif /* HAVE_CAVIUM */
+
+#endif /* HAVE_FIPS */
+
+#endif /* NO_AES */
diff --git a/3P/wolfssl/wolfcrypt/src/aes_asm.asm b/3P/wolfssl/wolfcrypt/src/aes_asm.asm
new file mode 100755
index 00000000..1e3d2d99
--- /dev/null
+++ b/3P/wolfssl/wolfcrypt/src/aes_asm.asm
@@ -0,0 +1,972 @@
+;	/*aes_asm . asm
+;	*
+;	*Copyright[C]2006	-2014	wolfSSL	Inc	.
+;	*
+;	*This	file	is	part	of	wolfssl. (formerly known as CyaSSL)
+;	*
+;	*wolfSSL	is	free	software/ you can redistribute it and/or modify
+;	*it	under	the	terms	of	the	GNU	General	Public	License	as	published	by
+;	*the	Free	Software	Foundation/ either version 2 of the License, or
+;	*[at	your	option]any	later	version	.
+;	*
+;	*wolfSSL	,is	distributed	in	the	hope	that	it	will	be	useful
+;	*but	WITHOUT	ANY	WARRANTY/ without even the implied warranty of
+;	*MERCHANTABILITY	or	FITNESS	FOR	A	PARTICULAR	PURPOSE	.	See	the
+;	*GNU	General	Public	License	for	more	details	.
+;	*
+;	*You	should	have	received	a	copy	of	the	GNU	General	Public	License
+;	*along	with	this	program/ if not, write to the Free Software
+;	*Foundation,Inc	.,51	Franklin	Street,Fifth	Floor,Boston,MA	02110-1301,USA
+;	*/
+;
+;
+;	/*See	IntelA	dvanced	Encryption	Standard[AES]Instructions	Set	White	Paper
+;	*by	Israel,Intel	Mobility	Group	Development	Center,Israel	Shay	Gueron
+;	*/
+;
+;   /* This file is in intel asm syntax, see .s for at&t syntax */
+;
+;	/*
+;	AES_CBC_encrypt[const	,unsigned	char*in
+;	unsigned	,char*out
+;	unsigned	,char	ivec+16
+;	unsigned	,long	length
+;	const	,unsigned	char*KS
+;	int	nr]
+;	*/
+_text SEGMENT
+AES_CBC_encrypt PROC
+;#	parameter	1:	rdi
+;#	parameter	2:	rsi
+;#	parameter	3:	rdx
+;#	parameter	4:	rcx
+;#	parameter	5:	r8
+;#	parameter	6:	r9d
+
+; save rdi and rsi to rax and r11, restore before ret
+	mov rax,rdi
+	mov r11,rsi
+
+; convert to what we had for att&t convention
+	mov rdi,rcx
+	mov rsi,rdx
+	mov rdx,r8
+	mov rcx,r9
+	mov r8,[rsp+40]
+	mov r9d,[rsp+48]
+
+	mov	r10,rcx
+	shr	rcx,4
+	shl	r10,60
+	je	NO_PARTS
+	add	rcx,1
+NO_PARTS:
+	sub	rsi,16
+	movdqa	xmm1,[rdx]
+LOOP_1:
+	pxor	xmm1,[rdi]
+	pxor	xmm1,[r8]
+	add	rsi,16
+	add	rdi,16
+	cmp	r9d,12
+	aesenc	xmm1,16[r8]
+	aesenc	xmm1,32[r8]
+	aesenc	xmm1,48[r8]
+	aesenc	xmm1,64[r8]
+	aesenc	xmm1,80[r8]
+	aesenc	xmm1,96[r8]
+	aesenc	xmm1,112[r8]
+	aesenc	xmm1,128[r8]
+	aesenc	xmm1,144[r8]
+	movdqa	xmm2,160[r8]
+	jb	LAST
+	cmp	r9d,14
+
+	aesenc	xmm1,160[r8]
+	aesenc	xmm1,176[r8]
+	movdqa	xmm2,192[r8]
+	jb	LAST
+	aesenc	xmm1,192[r8]
+	aesenc	xmm1,208[r8]
+	movdqa	xmm2,224[r8]
+LAST:
+	dec	rcx
+	aesenclast	xmm1,xmm2
+	movdqu	[rsi],xmm1
+	jne	LOOP_1
+	; restore non volatile rdi,rsi
+	mov rdi,rax
+	mov rsi,r11
+	ret
+AES_CBC_encrypt ENDP
+
+
+
+;	/*
+;	AES_CBC_decrypt[const	,unsigned	char*in
+;	unsigned	,char*out
+;	unsigned	,char	ivec+16
+;	unsigned	,long	length
+;	const	,unsigned	char*KS
+;	int	nr]
+;	*/
+;	.	globl	AES_CBC_decrypt
+AES_CBC_decrypt PROC
+;#	parameter	1:	rdi
+;#	parameter	2:	rsi
+;#	parameter	3:	rdx
+;#	parameter	4:	rcx
+;#	parameter	5:	r8
+;#	parameter	6:	r9d
+
+; save rdi and rsi to rax and r11, restore before ret
+	mov rax,rdi
+	mov r11,rsi
+
+; convert to what we had for att&t convention
+	mov rdi,rcx
+	mov rsi,rdx
+	mov rdx,r8
+	mov rcx,r9
+	mov r8,[rsp+40]
+	mov r9d,[rsp+48]
+
+; on microsoft xmm6-xmm15 are non volaitle, let's save on stack and restore at end
+	sub rsp,8+8*16  ; 8 = align stack , 8 xmm6-12,15 16 bytes each
+	movdqa [rsp+0], xmm6
+	movdqa [rsp+16], xmm7
+	movdqa [rsp+32], xmm8
+	movdqa [rsp+48], xmm9
+	movdqa [rsp+64], xmm10
+	movdqa [rsp+80], xmm11
+	movdqa [rsp+96], xmm12
+	movdqa [rsp+112], xmm15
+
+	mov	r10,rcx
+	shr	rcx,4
+	shl	r10,60
+	je	DNO_PARTS_4
+	add	rcx,1
+DNO_PARTS_4:
+	mov	r10,rcx
+	shl	r10,62
+	shr	r10,62
+	shr	rcx,2
+	movdqu xmm5,[rdx]
+	je	DREMAINDER_4
+	sub	rsi,64
+DLOOP_4:
+	movdqu  xmm1,[rdi]
+	movdqu	xmm2,16[rdi]
+	movdqu	xmm3,32[rdi]
+	movdqu	xmm4,48[rdi]
+	movdqa	xmm6,xmm1
+	movdqa	xmm7,xmm2
+	movdqa	xmm8,xmm3
+	movdqa	xmm15,xmm4
+	movdqa  xmm9,[r8]
+	movdqa	xmm10,16[r8]
+	movdqa	xmm11,32[r8]
+	movdqa	xmm12,48[r8]
+	pxor	xmm1,xmm9
+	pxor	xmm2,xmm9
+	pxor	xmm3,xmm9
+
+	pxor	xmm4,xmm9
+	aesdec	xmm1,xmm10
+	aesdec	xmm2,xmm10
+	aesdec	xmm3,xmm10
+	aesdec	xmm4,xmm10
+	aesdec	xmm1,xmm11
+	aesdec	xmm2,xmm11
+	aesdec	xmm3,xmm11
+	aesdec	xmm4,xmm11
+	aesdec	xmm1,xmm12
+	aesdec	xmm2,xmm12
+	aesdec	xmm3,xmm12
+	aesdec	xmm4,xmm12
+	movdqa	xmm9,64[r8]
+	movdqa	xmm10,80[r8]
+	movdqa	xmm11,96[r8]
+	movdqa	xmm12,112[r8]
+	aesdec	xmm1,xmm9
+	aesdec	xmm2,xmm9
+	aesdec	xmm3,xmm9
+	aesdec	xmm4,xmm9
+	aesdec	xmm1,xmm10
+	aesdec	xmm2,xmm10
+	aesdec	xmm3,xmm10
+	aesdec	xmm4,xmm10
+	aesdec	xmm1,xmm11
+	aesdec	xmm2,xmm11
+	aesdec	xmm3,xmm11
+	aesdec	xmm4,xmm11
+	aesdec	xmm1,xmm12
+	aesdec	xmm2,xmm12
+	aesdec	xmm3,xmm12
+	aesdec	xmm4,xmm12
+	movdqa	xmm9,128[r8]
+	movdqa	xmm10,144[r8]
+	movdqa	xmm11,160[r8]
+	cmp	r9d,12
+	aesdec	xmm1,xmm9
+	aesdec	xmm2,xmm9
+	aesdec	xmm3,xmm9
+	aesdec	xmm4,xmm9
+	aesdec	xmm1,xmm10
+	aesdec	xmm2,xmm10
+	aesdec	xmm3,xmm10
+	aesdec	xmm4,xmm10
+	jb	DLAST_4
+	movdqa	xmm9,160[r8]
+	movdqa	xmm10,176[r8]
+	movdqa	xmm11,192[r8]
+	cmp	r9d,14
+	aesdec	xmm1,xmm9
+	aesdec	xmm2,xmm9
+	aesdec	xmm3,xmm9
+	aesdec	xmm4,xmm9
+	aesdec	xmm1,xmm10
+	aesdec	xmm2,xmm10
+	aesdec	xmm3,xmm10
+	aesdec	xmm4,xmm10
+	jb	DLAST_4
+
+	movdqa	xmm9,192[r8]
+	movdqa	xmm10,208[r8]
+	movdqa	xmm11,224[r8]
+	aesdec	xmm1,xmm9
+	aesdec	xmm2,xmm9
+	aesdec	xmm3,xmm9
+	aesdec	xmm4,xmm9
+	aesdec	xmm1,xmm10
+	aesdec	xmm2,xmm10
+	aesdec	xmm3,xmm10
+	aesdec	xmm4,xmm10
+DLAST_4:
+	add	rdi,64
+	add	rsi,64
+	dec	rcx
+	aesdeclast	xmm1,xmm11
+	aesdeclast	xmm2,xmm11
+	aesdeclast	xmm3,xmm11
+	aesdeclast	xmm4,xmm11
+	pxor	xmm1,xmm5
+	pxor	xmm2,xmm6
+	pxor	xmm3,xmm7
+	pxor	xmm4,xmm8
+	movdqu	[rsi],xmm1
+	movdqu	16[rsi],xmm2
+	movdqu	32[rsi],xmm3
+	movdqu	48[rsi],xmm4
+	movdqa	xmm5,xmm15
+	jne	DLOOP_4
+	add	rsi,64
+DREMAINDER_4:
+	cmp	r10,0
+	je	DEND_4
+DLOOP_4_2:
+	movdqu  xmm1,[rdi]
+	movdqa	xmm15,xmm1
+	add	rdi,16
+	pxor	xmm1,[r8]
+	movdqu	xmm2,160[r8]
+	cmp	r9d,12
+	aesdec	xmm1,16[r8]
+	aesdec	xmm1,32[r8]
+	aesdec	xmm1,48[r8]
+	aesdec	xmm1,64[r8]
+	aesdec	xmm1,80[r8]
+	aesdec	xmm1,96[r8]
+	aesdec	xmm1,112[r8]
+	aesdec	xmm1,128[r8]
+	aesdec	xmm1,144[r8]
+	jb	DLAST_4_2
+	movdqu	xmm2,192[r8]
+	cmp	r9d,14
+	aesdec	xmm1,160[r8]
+	aesdec	xmm1,176[r8]
+	jb	DLAST_4_2
+	movdqu	xmm2,224[r8]
+	aesdec	xmm1,192[r8]
+	aesdec	xmm1,208[r8]
+DLAST_4_2:
+	aesdeclast	xmm1,xmm2
+	pxor	xmm1,xmm5
+	movdqa	xmm5,xmm15
+	movdqu	[rsi],xmm1
+
+	add	rsi,16
+	dec	r10
+	jne	DLOOP_4_2
+DEND_4:
+	; restore non volatile rdi,rsi
+	mov rdi,rax
+	mov rsi,r11
+	; restore non volatile xmms from stack
+	movdqa xmm6, [rsp+0]
+	movdqa xmm7, [rsp+16]
+	movdqa xmm8, [rsp+32]
+	movdqa xmm9, [rsp+48]
+	movdqa xmm10, [rsp+64]
+	movdqa xmm11, [rsp+80]
+	movdqa xmm12, [rsp+96]
+	movdqa xmm15, [rsp+112]
+	add rsp,8+8*16 ; 8 = align stack , 8 xmm6-12,15 16 bytes each
+	ret
+AES_CBC_decrypt ENDP
+
+;	/*
+;	AES_ECB_encrypt[const	,unsigned	char*in
+;	unsigned	,char*out
+;	unsigned	,long	length
+;	const	,unsigned	char*KS
+;	int	nr]
+;	*/
+;	.	globl	AES_ECB_encrypt
+AES_ECB_encrypt PROC
+;#	parameter	1:	rdi
+;#	parameter	2:	rsi
+;#	parameter	3:	rdx
+;#	parameter	4:	rcx
+;#	parameter	5:	r8d
+
+; save rdi and rsi to rax and r11, restore before ret
+	mov rax,rdi
+	mov r11,rsi
+
+; convert to what we had for att&t convention
+    mov rdi,rcx
+	mov rsi,rdx
+	mov rdx,r8
+	mov rcx,r9
+	mov r8d,[rsp+40]
+
+; on microsoft xmm6-xmm15 are non volaitle, let's save on stack and restore at end
+	sub rsp,8+4*16  ; 8 = align stack , 4 xmm9-12, 16 bytes each
+	movdqa [rsp+0], xmm9
+	movdqa [rsp+16], xmm10
+	movdqa [rsp+32], xmm11
+	movdqa [rsp+48], xmm12
+
+
+	mov	r10,rdx
+	shr	rdx,4
+	shl	r10,60
+	je	EECB_NO_PARTS_4
+	add	rdx,1
+EECB_NO_PARTS_4:
+	mov	r10,rdx
+	shl	r10,62
+	shr	r10,62
+	shr	rdx,2
+	je	EECB_REMAINDER_4
+	sub	rsi,64
+EECB_LOOP_4:
+	movdqu  xmm1,[rdi]
+	movdqu	xmm2,16[rdi]
+	movdqu	xmm3,32[rdi]
+	movdqu	xmm4,48[rdi]
+	movdqa  xmm9,[rcx]
+	movdqa	xmm10,16[rcx]
+	movdqa	xmm11,32[rcx]
+	movdqa	xmm12,48[rcx]
+	pxor	xmm1,xmm9
+	pxor	xmm2,xmm9
+	pxor	xmm3,xmm9
+	pxor	xmm4,xmm9
+	aesenc	xmm1,xmm10
+	aesenc	xmm2,xmm10
+	aesenc	xmm3,xmm10
+	aesenc	xmm4,xmm10
+	aesenc	xmm1,xmm11
+	aesenc	xmm2,xmm11
+	aesenc	xmm3,xmm11
+	aesenc	xmm4,xmm11
+	aesenc	xmm1,xmm12
+	aesenc	xmm2,xmm12
+	aesenc	xmm3,xmm12
+	aesenc	xmm4,xmm12
+	movdqa	xmm9,64[rcx]
+	movdqa	xmm10,80[rcx]
+	movdqa	xmm11,96[rcx]
+	movdqa	xmm12,112[rcx]
+	aesenc	xmm1,xmm9
+	aesenc	xmm2,xmm9
+	aesenc	xmm3,xmm9
+	aesenc	xmm4,xmm9
+	aesenc	xmm1,xmm10
+	aesenc	xmm2,xmm10
+	aesenc	xmm3,xmm10
+	aesenc	xmm4,xmm10
+	aesenc	xmm1,xmm11
+	aesenc	xmm2,xmm11
+	aesenc	xmm3,xmm11
+	aesenc	xmm4,xmm11
+	aesenc	xmm1,xmm12
+	aesenc	xmm2,xmm12
+	aesenc	xmm3,xmm12
+	aesenc	xmm4,xmm12
+	movdqa	xmm9,128[rcx]
+	movdqa	xmm10,144[rcx]
+	movdqa	xmm11,160[rcx]
+	cmp	r8d,12
+	aesenc	xmm1,xmm9
+	aesenc	xmm2,xmm9
+	aesenc	xmm3,xmm9
+	aesenc	xmm4,xmm9
+	aesenc	xmm1,xmm10
+	aesenc	xmm2,xmm10
+	aesenc	xmm3,xmm10
+	aesenc	xmm4,xmm10
+	jb	EECB_LAST_4
+	movdqa	xmm9,160[rcx]
+	movdqa	xmm10,176[rcx]
+	movdqa	xmm11,192[rcx]
+	cmp	r8d,14
+	aesenc	xmm1,xmm9
+	aesenc	xmm2,xmm9
+	aesenc	xmm3,xmm9
+	aesenc	xmm4,xmm9
+	aesenc	xmm1,xmm10
+	aesenc	xmm2,xmm10
+	aesenc	xmm3,xmm10
+	aesenc	xmm4,xmm10
+	jb	EECB_LAST_4
+	movdqa	xmm9,192[rcx]
+	movdqa	xmm10,208[rcx]
+	movdqa	xmm11,224[rcx]
+	aesenc	xmm1,xmm9
+	aesenc	xmm2,xmm9
+	aesenc	xmm3,xmm9
+	aesenc	xmm4,xmm9
+	aesenc	xmm1,xmm10
+	aesenc	xmm2,xmm10
+	aesenc	xmm3,xmm10
+	aesenc	xmm4,xmm10
+EECB_LAST_4:
+	add	rdi,64
+	add	rsi,64
+	dec	rdx
+	aesenclast	xmm1,xmm11
+	aesenclast	xmm2,xmm11
+	aesenclast	xmm3,xmm11
+	aesenclast	xmm4,xmm11
+	movdqu	[rsi],xmm1
+	movdqu	16[rsi],xmm2
+	movdqu	32[rsi],xmm3
+	movdqu	48[rsi],xmm4
+	jne	EECB_LOOP_4
+	add	rsi,64
+EECB_REMAINDER_4:
+	cmp	r10,0
+	je	EECB_END_4
+EECB_LOOP_4_2:
+	movdqu  xmm1,[rdi]
+	add	rdi,16
+	pxor	xmm1,[rcx]
+	movdqu	xmm2,160[rcx]
+	aesenc	xmm1,16[rcx]
+	aesenc	xmm1,32[rcx]
+	aesenc	xmm1,48[rcx]
+	aesenc	xmm1,64[rcx]
+	aesenc	xmm1,80[rcx]
+	aesenc	xmm1,96[rcx]
+	aesenc	xmm1,112[rcx]
+	aesenc	xmm1,128[rcx]
+	aesenc	xmm1,144[rcx]
+	cmp	r8d,12
+	jb	EECB_LAST_4_2
+	movdqu	xmm2,192[rcx]
+	aesenc	xmm1,160[rcx]
+	aesenc	xmm1,176[rcx]
+	cmp	r8d,14
+	jb	EECB_LAST_4_2
+	movdqu	xmm2,224[rcx]
+	aesenc	xmm1,192[rcx]
+	aesenc	xmm1,208[rcx]
+EECB_LAST_4_2:
+	aesenclast	xmm1,xmm2
+	movdqu	[rsi],xmm1
+	add	rsi,16
+	dec	r10
+	jne	EECB_LOOP_4_2
+EECB_END_4:
+	; restore non volatile rdi,rsi
+	mov rdi,rax
+	mov rsi,r11
+	; restore non volatile xmms from stack
+	movdqa xmm9, [rsp+0]
+	movdqa xmm10, [rsp+16]
+	movdqa xmm11, [rsp+32]
+	movdqa xmm12, [rsp+48]
+	add rsp,8+4*16 ; 8 = align stack , 4 xmm9-12 16 bytes each
+	ret
+AES_ECB_encrypt ENDP
+
+;	/*
+;	AES_ECB_decrypt[const	,unsigned	char*in
+;	unsigned	,char*out
+;	unsigned	,long	length
+;	const	,unsigned	char*KS
+;	int	nr]
+;	*/
+;	.	globl	AES_ECB_decrypt
+AES_ECB_decrypt PROC
+;#	parameter	1:	rdi
+;#	parameter	2:	rsi
+;#	parameter	3:	rdx
+;#	parameter	4:	rcx
+;#	parameter	5:	r8d
+
+; save rdi and rsi to rax and r11, restore before ret
+	mov rax,rdi
+	mov r11,rsi
+
+; convert to what we had for att&t convention
+	mov rdi,rcx
+	mov rsi,rdx
+	mov rdx,r8
+	mov rcx,r9
+	mov r8d,[rsp+40]
+
+; on microsoft xmm6-xmm15 are non volaitle, let's save on stack and restore at end
+	sub rsp,8+4*16  ; 8 = align stack , 4 xmm9-12, 16 bytes each
+	movdqa [rsp+0], xmm9
+	movdqa [rsp+16], xmm10
+	movdqa [rsp+32], xmm11
+	movdqa [rsp+48], xmm12
+
+	mov	r10,rdx
+	shr	rdx,4
+	shl	r10,60
+	je	DECB_NO_PARTS_4
+	add	rdx,1
+DECB_NO_PARTS_4:
+	mov	r10,rdx
+	shl	r10,62
+	shr	r10,62
+	shr	rdx,2
+	je	DECB_REMAINDER_4
+	sub	rsi,64
+DECB_LOOP_4:
+	movdqu  xmm1,[rdi]
+	movdqu	xmm2,16[rdi]
+	movdqu	xmm3,32[rdi]
+	movdqu	xmm4,48[rdi]
+	movdqa  xmm9,[rcx]
+	movdqa	xmm10,16[rcx]
+	movdqa	xmm11,32[rcx]
+	movdqa	xmm12,48[rcx]
+	pxor	xmm1,xmm9
+	pxor	xmm2,xmm9
+	pxor	xmm3,xmm9
+	pxor	xmm4,xmm9
+	aesdec	xmm1,xmm10
+	aesdec	xmm2,xmm10
+	aesdec	xmm3,xmm10
+	aesdec	xmm4,xmm10
+	aesdec	xmm1,xmm11
+	aesdec	xmm2,xmm11
+	aesdec	xmm3,xmm11
+	aesdec	xmm4,xmm11
+	aesdec	xmm1,xmm12
+	aesdec	xmm2,xmm12
+	aesdec	xmm3,xmm12
+	aesdec	xmm4,xmm12
+	movdqa	xmm9,64[rcx]
+	movdqa	xmm10,80[rcx]
+	movdqa	xmm11,96[rcx]
+	movdqa	xmm12,112[rcx]
+	aesdec	xmm1,xmm9
+	aesdec	xmm2,xmm9
+	aesdec	xmm3,xmm9
+	aesdec	xmm4,xmm9
+	aesdec	xmm1,xmm10
+	aesdec	xmm2,xmm10
+	aesdec	xmm3,xmm10
+	aesdec	xmm4,xmm10
+	aesdec	xmm1,xmm11
+	aesdec	xmm2,xmm11
+	aesdec	xmm3,xmm11
+	aesdec	xmm4,xmm11
+	aesdec	xmm1,xmm12
+	aesdec	xmm2,xmm12
+	aesdec	xmm3,xmm12
+	aesdec	xmm4,xmm12
+	movdqa	xmm9,128[rcx]
+	movdqa	xmm10,144[rcx]
+	movdqa	xmm11,160[rcx]
+	cmp	r8d,12
+	aesdec	xmm1,xmm9
+	aesdec	xmm2,xmm9
+	aesdec	xmm3,xmm9
+	aesdec	xmm4,xmm9
+	aesdec	xmm1,xmm10
+	aesdec	xmm2,xmm10
+	aesdec	xmm3,xmm10
+	aesdec	xmm4,xmm10
+	jb	DECB_LAST_4
+	movdqa	xmm9,160[rcx]
+	movdqa	xmm10,176[rcx]
+	movdqa	xmm11,192[rcx]
+	cmp	r8d,14
+	aesdec	xmm1,xmm9
+	aesdec	xmm2,xmm9
+	aesdec	xmm3,xmm9
+	aesdec	xmm4,xmm9
+	aesdec	xmm1,xmm10
+	aesdec	xmm2,xmm10
+	aesdec	xmm3,xmm10
+	aesdec	xmm4,xmm10
+	jb	DECB_LAST_4
+	movdqa	xmm9,192[rcx]
+	movdqa	xmm10,208[rcx]
+	movdqa	xmm11,224[rcx]
+	aesdec	xmm1,xmm9
+	aesdec	xmm2,xmm9
+	aesdec	xmm3,xmm9
+	aesdec	xmm4,xmm9
+	aesdec	xmm1,xmm10
+	aesdec	xmm2,xmm10
+	aesdec	xmm3,xmm10
+	aesdec	xmm4,xmm10
+DECB_LAST_4:
+	add	rdi,64
+	add	rsi,64
+	dec	rdx
+	aesdeclast	xmm1,xmm11
+	aesdeclast	xmm2,xmm11
+	aesdeclast	xmm3,xmm11
+	aesdeclast	xmm4,xmm11
+	movdqu	[rsi],xmm1
+	movdqu	16[rsi],xmm2
+	movdqu	32[rsi],xmm3
+	movdqu	48[rsi],xmm4
+	jne	DECB_LOOP_4
+	add	rsi,64
+DECB_REMAINDER_4:
+	cmp	r10,0
+	je	DECB_END_4
+DECB_LOOP_4_2:
+	movdqu  xmm1,[rdi]
+	add	rdi,16
+	pxor	xmm1,[rcx]
+	movdqu	xmm2,160[rcx]
+	cmp	r8d,12
+	aesdec	xmm1,16[rcx]
+	aesdec	xmm1,32[rcx]
+	aesdec	xmm1,48[rcx]
+	aesdec	xmm1,64[rcx]
+	aesdec	xmm1,80[rcx]
+	aesdec	xmm1,96[rcx]
+	aesdec	xmm1,112[rcx]
+	aesdec	xmm1,128[rcx]
+	aesdec	xmm1,144[rcx]
+	jb	DECB_LAST_4_2
+	cmp	r8d,14
+	movdqu	xmm2,192[rcx]
+	aesdec	xmm1,160[rcx]
+	aesdec	xmm1,176[rcx]
+	jb	DECB_LAST_4_2
+	movdqu	xmm2,224[rcx]
+	aesdec	xmm1,192[rcx]
+	aesdec	xmm1,208[rcx]
+DECB_LAST_4_2:
+	aesdeclast	xmm1,xmm2
+	movdqu	[rsi],xmm1
+	add	rsi,16
+	dec	r10
+	jne	DECB_LOOP_4_2
+DECB_END_4:
+	; restore non volatile rdi,rsi
+	mov rdi,rax
+	mov rsi,r11
+	; restore non volatile xmms from stack
+	movdqa xmm9, [rsp+0]
+	movdqa xmm10, [rsp+16]
+	movdqa xmm11, [rsp+32]
+	movdqa xmm12, [rsp+48]
+	add rsp,8+4*16 ; 8 = align stack , 4 xmm9-12 16 bytes each
+	ret
+AES_ECB_decrypt ENDP
+
+
+
+;	/*
+;	void	,AES_128_Key_Expansion[const	unsigned	char*userkey
+;	unsigned	char*key_schedule]/
+;	*/
+;	.	align	16,0x90
+;	.	globl	AES_128_Key_Expansion
+AES_128_Key_Expansion PROC
+;#	parameter	1:	rdi
+;#	parameter	2:	rsi
+
+; save rdi and rsi to rax and r11, restore before ret
+	mov rax,rdi
+	mov r11,rsi
+
+; convert to what we had for att&t convention
+	mov rdi,rcx
+	mov rsi,rdx
+
+	mov	dword ptr 240[rsi],10
+
+	movdqu	xmm1,[rdi]
+	movdqa	[rsi],xmm1
+
+
+ASSISTS:
+	aeskeygenassist	xmm2,xmm1,1
+	call	PREPARE_ROUNDKEY_128
+	movdqa	16[rsi],xmm1
+
+	aeskeygenassist	xmm2,xmm1,2
+	call	PREPARE_ROUNDKEY_128
+	movdqa	32[rsi],xmm1
+
+	aeskeygenassist	xmm2,xmm1,4
+	call	PREPARE_ROUNDKEY_128
+	movdqa	48[rsi],xmm1
+
+	aeskeygenassist	xmm2,xmm1,8
+	call	PREPARE_ROUNDKEY_128
+	movdqa	64[rsi],xmm1
+
+	aeskeygenassist	xmm2,xmm1,16
+	call	PREPARE_ROUNDKEY_128
+	movdqa	80[rsi],xmm1
+
+	aeskeygenassist	xmm2,xmm1,32
+	call	PREPARE_ROUNDKEY_128
+	movdqa	96[rsi],xmm1
+
+	aeskeygenassist	xmm2,xmm1,64
+	call	PREPARE_ROUNDKEY_128
+	movdqa	112[rsi],xmm1
+	aeskeygenassist	xmm2,xmm1,80h
+	call	PREPARE_ROUNDKEY_128
+	movdqa	128[rsi],xmm1
+	aeskeygenassist	xmm2,xmm1,1bh
+	call	PREPARE_ROUNDKEY_128
+	movdqa	144[rsi],xmm1
+	aeskeygenassist	xmm2,xmm1,36h
+	call	PREPARE_ROUNDKEY_128
+	movdqa	160[rsi],xmm1
+	; restore non volatile rdi,rsi
+	mov rdi,rax
+	mov rsi,r11
+	ret
+
+PREPARE_ROUNDKEY_128:
+	pshufd	xmm2,xmm2,255
+	movdqa	xmm3,xmm1
+	pslldq	xmm3,4
+	pxor	xmm1,xmm3
+	pslldq	xmm3,4
+	pxor	xmm1,xmm3
+	pslldq	xmm3,4
+	pxor	xmm1,xmm3
+	pxor	xmm1,xmm2
+	ret
+AES_128_Key_Expansion ENDP
+
+;	/*
+;	void	,AES_192_Key_Expansion[const	unsigned	char*userkey
+;	unsigned	char*key]
+;	*/
+;	.	globl	AES_192_Key_Expansion
+AES_192_Key_Expansion PROC
+;#	parameter	1:	rdi
+;#	parameter	2:	rsi
+
+; save rdi and rsi to rax and r11, restore before ret
+	mov rax,rdi
+	mov r11,rsi
+
+; convert to what we had for att&t convention
+    mov rdi,rcx
+	mov rsi,rdx
+
+; on microsoft xmm6-xmm15 are non volaitle, let's save on stack and restore at end
+	sub rsp,8+1*16  ; 8 = align stack , 1 xmm6, 16 bytes each
+	movdqa [rsp+0], xmm6
+
+	movdqu  xmm1,[rdi]
+	movdqu	xmm3,16[rdi]
+	movdqa	[rsi],xmm1
+	movdqa	xmm5,xmm3
+
+	aeskeygenassist	xmm2,xmm3,1h
+	call	PREPARE_ROUNDKEY_192
+	shufpd	xmm5,xmm1,0
+	movdqa	16[rsi],xmm5
+	movdqa	xmm6,xmm1
+	shufpd	xmm6,xmm3,1
+	movdqa	32[rsi],xmm6
+
+	aeskeygenassist	xmm2,xmm3,2h
+	call	PREPARE_ROUNDKEY_192
+	movdqa	48[rsi],xmm1
+	movdqa	xmm5,xmm3
+
+	aeskeygenassist	xmm2,xmm3,4h
+	call	PREPARE_ROUNDKEY_192
+	shufpd	xmm5,xmm1,0
+	movdqa	64[rsi],xmm5
+	movdqa	xmm6,xmm1
+	shufpd	xmm6,xmm3,1
+	movdqa	80[rsi],xmm6
+
+	aeskeygenassist	xmm2,xmm3,8h
+	call	PREPARE_ROUNDKEY_192
+	movdqa	96[rsi],xmm1
+	movdqa	xmm5,xmm3
+
+	aeskeygenassist	xmm2,xmm3,10h
+	call	PREPARE_ROUNDKEY_192
+	shufpd	xmm5,xmm1,0
+	movdqa	112[rsi],xmm5
+	movdqa	xmm6,xmm1
+	shufpd	xmm6,xmm3,1
+	movdqa	128[rsi],xmm6
+
+	aeskeygenassist	xmm2,xmm3,20h
+	call	PREPARE_ROUNDKEY_192
+	movdqa	144[rsi],xmm1
+	movdqa	xmm5,xmm3
+
+	aeskeygenassist	xmm2,xmm3,40h
+	call	PREPARE_ROUNDKEY_192
+	shufpd	xmm5,xmm1,0
+	movdqa	160[rsi],xmm5
+	movdqa	xmm6,xmm1
+	shufpd	xmm6,xmm3,1
+	movdqa	176[rsi],xmm6
+
+	aeskeygenassist	xmm2,xmm3,80h
+	call	PREPARE_ROUNDKEY_192
+	movdqa	192[rsi],xmm1
+	movdqa	208[rsi],xmm3
+	; restore non volatile rdi,rsi
+	mov rdi,rax
+	mov rsi,r11
+; restore non volatile xmms from stack
+	movdqa xmm6, [rsp+0]
+	add rsp,8+1*16 ; 8 = align stack , 1 xmm6 16 bytes each
+	ret
+
+PREPARE_ROUNDKEY_192:
+	pshufd	xmm2,xmm2,55h
+	movdqu	xmm4,xmm1
+	pslldq	xmm4,4
+	pxor	xmm1,xmm4
+
+	pslldq	xmm4,4
+	pxor	xmm1,xmm4
+	pslldq	xmm4,4
+	pxor	xmm1,xmm4
+	pxor	xmm1,xmm2
+	pshufd	xmm2,xmm1,0ffh
+	movdqu	xmm4,xmm3
+	pslldq	xmm4,4
+	pxor	xmm3,xmm4
+	pxor	xmm3,xmm2
+	ret
+AES_192_Key_Expansion ENDP
+
+;	/*
+;	void	,AES_256_Key_Expansion[const	unsigned	char*userkey
+;	unsigned	char*key]
+;	*/
+;	.	globl	AES_256_Key_Expansion
+AES_256_Key_Expansion PROC
+;#	parameter	1:	rdi
+;#	parameter	2:	rsi
+
+; save rdi and rsi to rax and r11, restore before ret
+	mov rax,rdi
+	mov r11,rsi
+
+; convert to what we had for att&t convention
+    mov rdi,rcx
+	mov rsi,rdx
+
+	movdqu  xmm1,[rdi]
+	movdqu	xmm3,16[rdi]
+	movdqa	[rsi],xmm1
+	movdqa	16[rsi],xmm3
+
+	aeskeygenassist	xmm2,xmm3,1h
+	call	MAKE_RK256_a
+	movdqa	32[rsi],xmm1
+	aeskeygenassist	xmm2,xmm1,0h
+	call	MAKE_RK256_b
+	movdqa	48[rsi],xmm3
+	aeskeygenassist	xmm2,xmm3,2h
+	call	MAKE_RK256_a
+	movdqa	64[rsi],xmm1
+	aeskeygenassist	xmm2,xmm1,0h
+	call	MAKE_RK256_b
+	movdqa	80[rsi],xmm3
+	aeskeygenassist	xmm2,xmm3,4h
+	call	MAKE_RK256_a
+	movdqa	96[rsi],xmm1
+	aeskeygenassist	xmm2,xmm1,0h
+	call	MAKE_RK256_b
+	movdqa	112[rsi],xmm3
+	aeskeygenassist	xmm2,xmm3,8h
+	call	MAKE_RK256_a
+	movdqa	128[rsi],xmm1
+	aeskeygenassist	xmm2,xmm1,0h
+	call	MAKE_RK256_b
+	movdqa	144[rsi],xmm3
+	aeskeygenassist	xmm2,xmm3,10h
+	call	MAKE_RK256_a
+	movdqa	160[rsi],xmm1
+	aeskeygenassist	xmm2,xmm1,0h
+	call	MAKE_RK256_b
+	movdqa	176[rsi],xmm3
+	aeskeygenassist	xmm2,xmm3,20h
+	call	MAKE_RK256_a
+	movdqa	192[rsi],xmm1
+
+	aeskeygenassist	xmm2,xmm1,0h
+	call	MAKE_RK256_b
+	movdqa	208[rsi],xmm3
+	aeskeygenassist	xmm2,xmm3,40h
+	call	MAKE_RK256_a
+	movdqa	224[rsi],xmm1
+
+	; restore non volatile rdi,rsi
+	mov rdi,rax
+	mov rsi,r11
+	ret
+AES_256_Key_Expansion ENDP
+
+MAKE_RK256_a:
+	pshufd	xmm2,xmm2,0ffh
+	movdqa	xmm4,xmm1
+	pslldq	xmm4,4
+	pxor	xmm1,xmm4
+	pslldq	xmm4,4
+	pxor	xmm1,xmm4
+	pslldq	xmm4,4
+	pxor	xmm1,xmm4
+	pxor	xmm1,xmm2
+	ret
+
+MAKE_RK256_b:
+	pshufd	xmm2,xmm2,0aah
+	movdqa	xmm4,xmm3
+	pslldq	xmm4,4
+	pxor	xmm3,xmm4
+	pslldq	xmm4,4
+	pxor	xmm3,xmm4
+	pslldq	xmm4,4
+	pxor	xmm3,xmm4
+	pxor	xmm3,xmm2
+	ret
+
+END
diff --git a/3P/wolfssl/wolfcrypt/src/aes_asm.s b/3P/wolfssl/wolfcrypt/src/aes_asm.s
new file mode 100755
index 00000000..b50c7ff9
--- /dev/null
+++ b/3P/wolfssl/wolfcrypt/src/aes_asm.s
@@ -0,0 +1,816 @@
+/* aes_asm.s
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+/* See Intel® Advanced Encryption Standard (AES) Instructions Set White Paper
+ * by Intel Mobility Group, Israel Development Center, Israel Shay Gueron
+ */
+
+/* This file is in at&t asm syntax, see .asm for intel syntax */
+
+
+/*
+AES_CBC_encrypt (const unsigned char *in,
+	unsigned char *out,
+	unsigned char ivec[16],
+	unsigned long length,
+	const unsigned char *KS,
+	int nr)
+*/
+.globl AES_CBC_encrypt
+AES_CBC_encrypt:
+# parameter 1: %rdi
+# parameter 2: %rsi
+# parameter 3: %rdx
+# parameter 4: %rcx
+# parameter 5: %r8
+# parameter 6: %r9d
+movq	%rcx, %r10
+shrq	$4, %rcx
+shlq	$60, %r10
+je	NO_PARTS
+addq	$1, %rcx
+NO_PARTS:
+subq	$16, %rsi
+movdqa	(%rdx), %xmm1
+LOOP:
+pxor	(%rdi), %xmm1
+pxor	(%r8), %xmm1
+addq	$16,%rsi
+addq	$16,%rdi
+cmpl	$12, %r9d
+aesenc	16(%r8),%xmm1
+aesenc	32(%r8),%xmm1
+aesenc	48(%r8),%xmm1
+aesenc	64(%r8),%xmm1
+aesenc	80(%r8),%xmm1
+aesenc	96(%r8),%xmm1
+aesenc	112(%r8),%xmm1
+aesenc	128(%r8),%xmm1
+aesenc	144(%r8),%xmm1
+movdqa	160(%r8),%xmm2
+jb	LAST
+cmpl	$14, %r9d
+
+aesenc	160(%r8),%xmm1
+aesenc	176(%r8),%xmm1
+movdqa	192(%r8),%xmm2
+jb	LAST
+aesenc	192(%r8),%xmm1
+aesenc	208(%r8),%xmm1
+movdqa	224(%r8),%xmm2
+LAST:
+decq	%rcx
+aesenclast %xmm2,%xmm1
+movdqu	%xmm1,(%rsi)
+jne	LOOP
+ret
+
+
+
+
+/*
+AES_CBC_decrypt (const unsigned char *in,
+  unsigned char *out,
+  unsigned char ivec[16],
+  unsigned long length,
+  const unsigned char *KS,
+  int nr)
+*/
+.globl AES_CBC_decrypt
+AES_CBC_decrypt:
+# parameter 1: %rdi
+# parameter 2: %rsi
+# parameter 3: %rdx
+# parameter 4: %rcx
+# parameter 5: %r8
+# parameter 6: %r9d
+
+movq    %rcx, %r10
+shrq $4, %rcx
+shlq   $60, %r10
+je    DNO_PARTS_4
+addq    $1, %rcx
+DNO_PARTS_4:
+movq   %rcx, %r10
+shlq    $62, %r10
+shrq  $62, %r10
+shrq  $2, %rcx
+movdqu (%rdx),%xmm5
+je DREMAINDER_4
+subq   $64, %rsi
+DLOOP_4:
+movdqu (%rdi), %xmm1
+movdqu  16(%rdi), %xmm2
+movdqu  32(%rdi), %xmm3
+movdqu  48(%rdi), %xmm4
+movdqa  %xmm1, %xmm6
+movdqa %xmm2, %xmm7
+movdqa %xmm3, %xmm8
+movdqa %xmm4, %xmm15
+movdqa    (%r8), %xmm9
+movdqa 16(%r8), %xmm10
+movdqa  32(%r8), %xmm11
+movdqa  48(%r8), %xmm12
+pxor    %xmm9, %xmm1
+pxor   %xmm9, %xmm2
+pxor   %xmm9, %xmm3
+
+pxor    %xmm9, %xmm4
+aesdec %xmm10, %xmm1
+aesdec    %xmm10, %xmm2
+aesdec    %xmm10, %xmm3
+aesdec    %xmm10, %xmm4
+aesdec    %xmm11, %xmm1
+aesdec    %xmm11, %xmm2
+aesdec    %xmm11, %xmm3
+aesdec    %xmm11, %xmm4
+aesdec    %xmm12, %xmm1
+aesdec    %xmm12, %xmm2
+aesdec    %xmm12, %xmm3
+aesdec    %xmm12, %xmm4
+movdqa    64(%r8), %xmm9
+movdqa   80(%r8), %xmm10
+movdqa  96(%r8), %xmm11
+movdqa  112(%r8), %xmm12
+aesdec %xmm9, %xmm1
+aesdec %xmm9, %xmm2
+aesdec %xmm9, %xmm3
+aesdec %xmm9, %xmm4
+aesdec %xmm10, %xmm1
+aesdec    %xmm10, %xmm2
+aesdec    %xmm10, %xmm3
+aesdec    %xmm10, %xmm4
+aesdec    %xmm11, %xmm1
+aesdec    %xmm11, %xmm2
+aesdec    %xmm11, %xmm3
+aesdec    %xmm11, %xmm4
+aesdec    %xmm12, %xmm1
+aesdec    %xmm12, %xmm2
+aesdec    %xmm12, %xmm3
+aesdec    %xmm12, %xmm4
+movdqa    128(%r8), %xmm9
+movdqa  144(%r8), %xmm10
+movdqa 160(%r8), %xmm11
+cmpl   $12, %r9d
+aesdec  %xmm9, %xmm1
+aesdec %xmm9, %xmm2
+aesdec %xmm9, %xmm3
+aesdec %xmm9, %xmm4
+aesdec %xmm10, %xmm1
+aesdec    %xmm10, %xmm2
+aesdec    %xmm10, %xmm3
+aesdec    %xmm10, %xmm4
+jb    DLAST_4
+movdqa  160(%r8), %xmm9
+movdqa  176(%r8), %xmm10
+movdqa 192(%r8), %xmm11
+cmpl   $14, %r9d
+aesdec  %xmm9, %xmm1
+aesdec %xmm9, %xmm2
+aesdec %xmm9, %xmm3
+aesdec %xmm9, %xmm4
+aesdec %xmm10, %xmm1
+aesdec    %xmm10, %xmm2
+aesdec    %xmm10, %xmm3
+aesdec    %xmm10, %xmm4
+jb    DLAST_4
+
+movdqa  192(%r8), %xmm9
+movdqa  208(%r8), %xmm10
+movdqa 224(%r8), %xmm11
+aesdec %xmm9, %xmm1
+aesdec %xmm9, %xmm2
+aesdec %xmm9, %xmm3
+aesdec %xmm9, %xmm4
+aesdec %xmm10, %xmm1
+aesdec    %xmm10, %xmm2
+aesdec    %xmm10, %xmm3
+aesdec    %xmm10, %xmm4
+DLAST_4:
+addq   $64, %rdi
+addq    $64, %rsi
+decq  %rcx
+aesdeclast %xmm11, %xmm1
+aesdeclast %xmm11, %xmm2
+aesdeclast %xmm11, %xmm3
+aesdeclast %xmm11, %xmm4
+pxor   %xmm5 ,%xmm1
+pxor    %xmm6 ,%xmm2
+pxor   %xmm7 ,%xmm3
+pxor   %xmm8 ,%xmm4
+movdqu %xmm1, (%rsi)
+movdqu    %xmm2, 16(%rsi)
+movdqu  %xmm3, 32(%rsi)
+movdqu  %xmm4, 48(%rsi)
+movdqa  %xmm15,%xmm5
+jne    DLOOP_4
+addq    $64, %rsi
+DREMAINDER_4:
+cmpq    $0, %r10
+je  DEND_4
+DLOOP_4_2:
+movdqu  (%rdi), %xmm1
+movdqa    %xmm1 ,%xmm15
+addq  $16, %rdi
+pxor  (%r8), %xmm1
+movdqu 160(%r8), %xmm2
+cmpl    $12, %r9d
+aesdec    16(%r8), %xmm1
+aesdec   32(%r8), %xmm1
+aesdec   48(%r8), %xmm1
+aesdec   64(%r8), %xmm1
+aesdec   80(%r8), %xmm1
+aesdec   96(%r8), %xmm1
+aesdec   112(%r8), %xmm1
+aesdec  128(%r8), %xmm1
+aesdec  144(%r8), %xmm1
+jb  DLAST_4_2
+movdqu    192(%r8), %xmm2
+cmpl    $14, %r9d
+aesdec    160(%r8), %xmm1
+aesdec  176(%r8), %xmm1
+jb  DLAST_4_2
+movdqu    224(%r8), %xmm2
+aesdec  192(%r8), %xmm1
+aesdec  208(%r8), %xmm1
+DLAST_4_2:
+aesdeclast %xmm2, %xmm1
+pxor    %xmm5, %xmm1
+movdqa %xmm15, %xmm5
+movdqu    %xmm1, (%rsi)
+
+addq    $16, %rsi
+decq    %r10
+jne DLOOP_4_2
+DEND_4:
+ret
+
+
+/*
+AES_ECB_encrypt (const unsigned char *in,
+	unsigned char *out,
+	unsigned long length,
+	const unsigned char *KS,
+	int nr)
+*/
+.globl AES_ECB_encrypt
+AES_ECB_encrypt:
+# parameter 1: %rdi
+# parameter 2: %rsi
+# parameter 3: %rdx
+# parameter 4: %rcx
+# parameter 5: %r8d
+        movq    %rdx, %r10
+        shrq    $4, %rdx
+        shlq    $60, %r10
+        je      EECB_NO_PARTS_4
+        addq    $1, %rdx
+EECB_NO_PARTS_4:
+        movq    %rdx, %r10
+        shlq    $62, %r10
+        shrq    $62, %r10
+        shrq    $2, %rdx
+        je      EECB_REMAINDER_4
+        subq    $64, %rsi
+EECB_LOOP_4:
+        movdqu  (%rdi), %xmm1
+        movdqu  16(%rdi), %xmm2
+        movdqu  32(%rdi), %xmm3
+        movdqu  48(%rdi), %xmm4
+        movdqa  (%rcx), %xmm9
+        movdqa  16(%rcx), %xmm10
+        movdqa  32(%rcx), %xmm11
+        movdqa  48(%rcx), %xmm12
+        pxor    %xmm9, %xmm1
+        pxor    %xmm9, %xmm2
+        pxor    %xmm9, %xmm3
+        pxor    %xmm9, %xmm4
+        aesenc  %xmm10, %xmm1
+        aesenc  %xmm10, %xmm2
+        aesenc  %xmm10, %xmm3
+        aesenc  %xmm10, %xmm4
+        aesenc  %xmm11, %xmm1
+        aesenc  %xmm11, %xmm2
+        aesenc  %xmm11, %xmm3
+        aesenc  %xmm11, %xmm4
+        aesenc  %xmm12, %xmm1
+        aesenc  %xmm12, %xmm2
+        aesenc  %xmm12, %xmm3
+        aesenc  %xmm12, %xmm4
+        movdqa  64(%rcx), %xmm9
+        movdqa  80(%rcx), %xmm10
+        movdqa  96(%rcx), %xmm11
+        movdqa  112(%rcx), %xmm12
+        aesenc  %xmm9, %xmm1
+        aesenc  %xmm9, %xmm2
+        aesenc  %xmm9, %xmm3
+        aesenc  %xmm9, %xmm4
+        aesenc  %xmm10, %xmm1
+        aesenc  %xmm10, %xmm2
+        aesenc  %xmm10, %xmm3
+        aesenc  %xmm10, %xmm4
+        aesenc  %xmm11, %xmm1
+        aesenc  %xmm11, %xmm2
+        aesenc  %xmm11, %xmm3
+        aesenc  %xmm11, %xmm4
+        aesenc  %xmm12, %xmm1
+        aesenc  %xmm12, %xmm2
+        aesenc  %xmm12, %xmm3
+        aesenc  %xmm12, %xmm4
+        movdqa  128(%rcx), %xmm9
+        movdqa  144(%rcx), %xmm10
+        movdqa  160(%rcx), %xmm11
+        cmpl    $12, %r8d
+        aesenc  %xmm9, %xmm1
+        aesenc  %xmm9, %xmm2
+        aesenc  %xmm9, %xmm3
+        aesenc  %xmm9, %xmm4
+        aesenc  %xmm10, %xmm1
+        aesenc  %xmm10, %xmm2
+        aesenc  %xmm10, %xmm3
+        aesenc  %xmm10, %xmm4
+        jb      EECB_LAST_4
+        movdqa  160(%rcx), %xmm9
+        movdqa  176(%rcx), %xmm10
+        movdqa  192(%rcx), %xmm11
+        cmpl    $14, %r8d
+        aesenc  %xmm9, %xmm1
+        aesenc  %xmm9, %xmm2
+        aesenc  %xmm9, %xmm3
+        aesenc  %xmm9, %xmm4
+        aesenc  %xmm10, %xmm1
+        aesenc  %xmm10, %xmm2
+        aesenc  %xmm10, %xmm3
+        aesenc  %xmm10, %xmm4
+        jb      EECB_LAST_4
+        movdqa  192(%rcx), %xmm9
+        movdqa  208(%rcx), %xmm10
+        movdqa  224(%rcx), %xmm11
+        aesenc  %xmm9, %xmm1
+        aesenc  %xmm9, %xmm2
+        aesenc  %xmm9, %xmm3
+        aesenc  %xmm9, %xmm4
+        aesenc  %xmm10, %xmm1
+        aesenc  %xmm10, %xmm2
+        aesenc  %xmm10, %xmm3
+        aesenc  %xmm10, %xmm4
+EECB_LAST_4:
+        addq    $64, %rdi
+        addq    $64, %rsi
+        decq    %rdx
+        aesenclast %xmm11, %xmm1
+        aesenclast %xmm11, %xmm2
+        aesenclast %xmm11, %xmm3
+        aesenclast %xmm11, %xmm4
+        movdqu  %xmm1, (%rsi)
+        movdqu  %xmm2, 16(%rsi)
+        movdqu  %xmm3, 32(%rsi)
+        movdqu  %xmm4, 48(%rsi)
+        jne     EECB_LOOP_4
+        addq    $64, %rsi
+EECB_REMAINDER_4:
+        cmpq    $0, %r10
+        je      EECB_END_4
+EECB_LOOP_4_2:
+        movdqu  (%rdi), %xmm1
+        addq    $16, %rdi
+        pxor    (%rcx), %xmm1
+        movdqu  160(%rcx), %xmm2
+        aesenc  16(%rcx), %xmm1
+        aesenc  32(%rcx), %xmm1
+        aesenc  48(%rcx), %xmm1
+        aesenc  64(%rcx), %xmm1
+        aesenc  80(%rcx), %xmm1
+        aesenc  96(%rcx), %xmm1
+        aesenc  112(%rcx), %xmm1
+        aesenc  128(%rcx), %xmm1
+        aesenc  144(%rcx), %xmm1
+        cmpl    $12, %r8d
+        jb      EECB_LAST_4_2
+        movdqu  192(%rcx), %xmm2
+        aesenc  160(%rcx), %xmm1
+        aesenc  176(%rcx), %xmm1
+        cmpl    $14, %r8d
+        jb      EECB_LAST_4_2
+        movdqu  224(%rcx), %xmm2
+        aesenc  192(%rcx), %xmm1
+        aesenc  208(%rcx), %xmm1
+EECB_LAST_4_2:
+        aesenclast %xmm2, %xmm1
+        movdqu  %xmm1, (%rsi)
+        addq    $16, %rsi
+        decq    %r10
+        jne     EECB_LOOP_4_2
+EECB_END_4:
+        ret
+
+
+/*
+AES_ECB_decrypt (const unsigned char *in,
+  unsigned char *out,
+  unsigned long length,
+  const unsigned char *KS,
+  int nr)
+*/
+.globl AES_ECB_decrypt
+AES_ECB_decrypt:
+# parameter 1: %rdi
+# parameter 2: %rsi
+# parameter 3: %rdx
+# parameter 4: %rcx
+# parameter 5: %r8d
+
+        movq    %rdx, %r10
+        shrq    $4, %rdx
+        shlq    $60, %r10
+        je      DECB_NO_PARTS_4
+        addq    $1, %rdx
+DECB_NO_PARTS_4:
+        movq    %rdx, %r10
+        shlq    $62, %r10
+        shrq    $62, %r10
+        shrq    $2, %rdx
+        je      DECB_REMAINDER_4
+        subq    $64, %rsi
+DECB_LOOP_4:
+        movdqu  (%rdi), %xmm1
+        movdqu  16(%rdi), %xmm2
+        movdqu  32(%rdi), %xmm3
+        movdqu  48(%rdi), %xmm4
+        movdqa  (%rcx), %xmm9
+        movdqa  16(%rcx), %xmm10
+        movdqa  32(%rcx), %xmm11
+        movdqa  48(%rcx), %xmm12
+        pxor    %xmm9, %xmm1
+        pxor    %xmm9, %xmm2
+        pxor    %xmm9, %xmm3
+        pxor    %xmm9, %xmm4
+        aesdec  %xmm10, %xmm1
+        aesdec  %xmm10, %xmm2
+        aesdec  %xmm10, %xmm3
+        aesdec  %xmm10, %xmm4
+        aesdec  %xmm11, %xmm1
+        aesdec  %xmm11, %xmm2
+        aesdec  %xmm11, %xmm3
+        aesdec  %xmm11, %xmm4
+        aesdec  %xmm12, %xmm1
+        aesdec  %xmm12, %xmm2
+        aesdec  %xmm12, %xmm3
+        aesdec  %xmm12, %xmm4
+        movdqa  64(%rcx), %xmm9
+        movdqa  80(%rcx), %xmm10
+        movdqa  96(%rcx), %xmm11
+        movdqa  112(%rcx), %xmm12
+        aesdec  %xmm9, %xmm1
+        aesdec  %xmm9, %xmm2
+        aesdec  %xmm9, %xmm3
+        aesdec  %xmm9, %xmm4
+        aesdec  %xmm10, %xmm1
+        aesdec  %xmm10, %xmm2
+        aesdec  %xmm10, %xmm3
+        aesdec  %xmm10, %xmm4
+        aesdec  %xmm11, %xmm1
+        aesdec  %xmm11, %xmm2
+        aesdec  %xmm11, %xmm3
+        aesdec  %xmm11, %xmm4
+        aesdec  %xmm12, %xmm1
+        aesdec  %xmm12, %xmm2
+        aesdec  %xmm12, %xmm3
+        aesdec  %xmm12, %xmm4
+        movdqa  128(%rcx), %xmm9
+        movdqa  144(%rcx), %xmm10
+        movdqa  160(%rcx), %xmm11
+        cmpl    $12, %r8d
+        aesdec  %xmm9, %xmm1
+        aesdec  %xmm9, %xmm2
+        aesdec  %xmm9, %xmm3
+        aesdec  %xmm9, %xmm4
+        aesdec  %xmm10, %xmm1
+        aesdec  %xmm10, %xmm2
+        aesdec  %xmm10, %xmm3
+        aesdec  %xmm10, %xmm4
+        jb      DECB_LAST_4
+        movdqa  160(%rcx), %xmm9
+        movdqa  176(%rcx), %xmm10
+        movdqa  192(%rcx), %xmm11
+        cmpl    $14, %r8d
+        aesdec  %xmm9, %xmm1
+        aesdec  %xmm9, %xmm2
+        aesdec  %xmm9, %xmm3
+        aesdec  %xmm9, %xmm4
+        aesdec  %xmm10, %xmm1
+        aesdec  %xmm10, %xmm2
+        aesdec  %xmm10, %xmm3
+        aesdec  %xmm10, %xmm4
+        jb      DECB_LAST_4
+        movdqa  192(%rcx), %xmm9
+        movdqa  208(%rcx), %xmm10
+        movdqa  224(%rcx), %xmm11
+        aesdec  %xmm9, %xmm1
+        aesdec  %xmm9, %xmm2
+        aesdec  %xmm9, %xmm3
+        aesdec  %xmm9, %xmm4
+        aesdec  %xmm10, %xmm1
+        aesdec  %xmm10, %xmm2
+        aesdec  %xmm10, %xmm3
+        aesdec  %xmm10, %xmm4
+DECB_LAST_4:
+        addq    $64, %rdi
+        addq    $64, %rsi
+        decq    %rdx
+        aesdeclast %xmm11, %xmm1
+        aesdeclast %xmm11, %xmm2
+        aesdeclast %xmm11, %xmm3
+        aesdeclast %xmm11, %xmm4
+        movdqu  %xmm1, (%rsi)
+        movdqu  %xmm2, 16(%rsi)
+        movdqu  %xmm3, 32(%rsi)
+        movdqu  %xmm4, 48(%rsi)
+        jne     DECB_LOOP_4
+        addq    $64, %rsi
+DECB_REMAINDER_4:
+        cmpq    $0, %r10
+        je      DECB_END_4
+DECB_LOOP_4_2:
+        movdqu  (%rdi), %xmm1
+        addq    $16, %rdi
+        pxor    (%rcx), %xmm1
+        movdqu  160(%rcx), %xmm2
+        cmpl    $12, %r8d
+        aesdec  16(%rcx), %xmm1
+        aesdec  32(%rcx), %xmm1
+        aesdec  48(%rcx), %xmm1
+        aesdec  64(%rcx), %xmm1
+        aesdec  80(%rcx), %xmm1
+        aesdec  96(%rcx), %xmm1
+        aesdec  112(%rcx), %xmm1
+        aesdec  128(%rcx), %xmm1
+        aesdec  144(%rcx), %xmm1
+        jb      DECB_LAST_4_2
+        cmpl    $14, %r8d
+        movdqu  192(%rcx), %xmm2
+        aesdec  160(%rcx), %xmm1
+        aesdec  176(%rcx), %xmm1
+        jb      DECB_LAST_4_2
+        movdqu  224(%rcx), %xmm2
+        aesdec  192(%rcx), %xmm1
+        aesdec  208(%rcx), %xmm1
+DECB_LAST_4_2:
+        aesdeclast %xmm2, %xmm1
+        movdqu  %xmm1, (%rsi)
+        addq    $16, %rsi
+        decq    %r10
+        jne     DECB_LOOP_4_2
+DECB_END_4:
+        ret
+
+
+
+
+/*
+void AES_128_Key_Expansion(const unsigned char* userkey,
+   unsigned char* key_schedule);
+*/
+.align  16,0x90
+.globl AES_128_Key_Expansion
+AES_128_Key_Expansion:
+# parameter 1: %rdi
+# parameter 2: %rsi
+movl    $10, 240(%rsi)
+
+movdqu  (%rdi), %xmm1
+movdqa    %xmm1, (%rsi)
+
+
+ASSISTS:
+aeskeygenassist $1, %xmm1, %xmm2
+call PREPARE_ROUNDKEY_128
+movdqa %xmm1, 16(%rsi)
+aeskeygenassist $2, %xmm1, %xmm2
+call PREPARE_ROUNDKEY_128
+movdqa %xmm1, 32(%rsi)
+aeskeygenassist $4, %xmm1, %xmm2
+call PREPARE_ROUNDKEY_128
+movdqa %xmm1, 48(%rsi)
+aeskeygenassist $8, %xmm1, %xmm2
+call PREPARE_ROUNDKEY_128
+movdqa %xmm1, 64(%rsi)
+aeskeygenassist $16, %xmm1, %xmm2
+call PREPARE_ROUNDKEY_128
+movdqa %xmm1, 80(%rsi)
+aeskeygenassist $32, %xmm1, %xmm2
+call PREPARE_ROUNDKEY_128
+movdqa %xmm1, 96(%rsi)
+aeskeygenassist $64, %xmm1, %xmm2
+call PREPARE_ROUNDKEY_128
+movdqa %xmm1, 112(%rsi)
+aeskeygenassist $0x80, %xmm1, %xmm2
+call PREPARE_ROUNDKEY_128
+movdqa %xmm1, 128(%rsi)
+aeskeygenassist $0x1b, %xmm1, %xmm2
+call PREPARE_ROUNDKEY_128
+movdqa %xmm1, 144(%rsi)
+aeskeygenassist $0x36, %xmm1, %xmm2
+call PREPARE_ROUNDKEY_128
+movdqa %xmm1, 160(%rsi)
+ret
+
+PREPARE_ROUNDKEY_128:
+pshufd $255, %xmm2, %xmm2
+movdqa %xmm1, %xmm3
+pslldq $4, %xmm3
+pxor %xmm3, %xmm1
+pslldq $4, %xmm3
+pxor %xmm3, %xmm1
+pslldq $4, %xmm3
+pxor %xmm3, %xmm1
+pxor %xmm2, %xmm1
+ret
+
+
+/*
+void AES_192_Key_Expansion (const unsigned char *userkey,
+  unsigned char *key)
+*/
+.globl AES_192_Key_Expansion
+AES_192_Key_Expansion:
+# parameter 1: %rdi
+# parameter 2: %rsi
+
+movdqu (%rdi), %xmm1
+movdqu 16(%rdi), %xmm3
+movdqa %xmm1, (%rsi)
+movdqa %xmm3, %xmm5
+
+aeskeygenassist $0x1, %xmm3, %xmm2
+call PREPARE_ROUNDKEY_192
+shufpd $0, %xmm1, %xmm5
+movdqa %xmm5, 16(%rsi)
+movdqa %xmm1, %xmm6
+shufpd $1, %xmm3, %xmm6
+movdqa %xmm6, 32(%rsi)
+
+aeskeygenassist $0x2, %xmm3, %xmm2
+call PREPARE_ROUNDKEY_192
+movdqa %xmm1, 48(%rsi)
+movdqa %xmm3, %xmm5
+
+aeskeygenassist $0x4, %xmm3, %xmm2
+call PREPARE_ROUNDKEY_192
+shufpd $0, %xmm1, %xmm5
+movdqa %xmm5, 64(%rsi)
+movdqa %xmm1, %xmm6
+shufpd $1, %xmm3, %xmm6
+movdqa %xmm6, 80(%rsi)
+
+aeskeygenassist $0x8, %xmm3, %xmm2
+call PREPARE_ROUNDKEY_192
+movdqa %xmm1, 96(%rsi)
+movdqa %xmm3, %xmm5
+
+aeskeygenassist $0x10, %xmm3, %xmm2
+call PREPARE_ROUNDKEY_192
+shufpd $0, %xmm1, %xmm5
+movdqa %xmm5, 112(%rsi)
+movdqa %xmm1, %xmm6
+shufpd $1, %xmm3, %xmm6
+movdqa %xmm6, 128(%rsi)
+
+aeskeygenassist $0x20, %xmm3, %xmm2
+call PREPARE_ROUNDKEY_192
+movdqa %xmm1, 144(%rsi)
+movdqa %xmm3, %xmm5
+
+aeskeygenassist $0x40, %xmm3, %xmm2
+call PREPARE_ROUNDKEY_192
+shufpd $0, %xmm1, %xmm5
+movdqa %xmm5, 160(%rsi)
+movdqa %xmm1, %xmm6
+shufpd $1, %xmm3, %xmm6
+movdqa %xmm6, 176(%rsi)
+
+aeskeygenassist $0x80, %xmm3, %xmm2
+call PREPARE_ROUNDKEY_192
+movdqa %xmm1, 192(%rsi)
+movdqa %xmm3, 208(%rsi)
+ret
+
+PREPARE_ROUNDKEY_192:
+pshufd $0x55, %xmm2, %xmm2
+movdqu %xmm1, %xmm4
+pslldq $4, %xmm4
+pxor   %xmm4, %xmm1
+
+pslldq $4, %xmm4
+pxor   %xmm4, %xmm1
+pslldq $4, %xmm4
+pxor  %xmm4, %xmm1
+pxor   %xmm2, %xmm1
+pshufd $0xff, %xmm1, %xmm2
+movdqu %xmm3, %xmm4
+pslldq $4, %xmm4
+pxor   %xmm4, %xmm3
+pxor   %xmm2, %xmm3
+ret
+ 
+
+/*
+void AES_256_Key_Expansion (const unsigned char *userkey,
+  unsigned char *key)
+*/
+.globl AES_256_Key_Expansion
+AES_256_Key_Expansion:
+# parameter 1: %rdi
+# parameter 2: %rsi
+
+movdqu (%rdi), %xmm1
+movdqu 16(%rdi), %xmm3
+movdqa %xmm1, (%rsi)
+movdqa %xmm3, 16(%rsi)
+
+aeskeygenassist $0x1, %xmm3, %xmm2
+call MAKE_RK256_a
+movdqa %xmm1, 32(%rsi)
+aeskeygenassist $0x0, %xmm1, %xmm2
+call MAKE_RK256_b
+movdqa %xmm3, 48(%rsi)
+aeskeygenassist $0x2, %xmm3, %xmm2
+call MAKE_RK256_a
+movdqa %xmm1, 64(%rsi)
+aeskeygenassist $0x0, %xmm1, %xmm2
+call MAKE_RK256_b
+movdqa %xmm3, 80(%rsi)
+aeskeygenassist $0x4, %xmm3, %xmm2
+call MAKE_RK256_a
+movdqa %xmm1, 96(%rsi)
+aeskeygenassist $0x0, %xmm1, %xmm2
+call MAKE_RK256_b
+movdqa %xmm3, 112(%rsi)
+aeskeygenassist $0x8, %xmm3, %xmm2
+call MAKE_RK256_a
+movdqa %xmm1, 128(%rsi)
+aeskeygenassist $0x0, %xmm1, %xmm2
+call MAKE_RK256_b
+movdqa %xmm3, 144(%rsi)
+aeskeygenassist $0x10, %xmm3, %xmm2
+call MAKE_RK256_a
+movdqa %xmm1, 160(%rsi)
+aeskeygenassist $0x0, %xmm1, %xmm2
+call MAKE_RK256_b
+movdqa %xmm3, 176(%rsi)
+aeskeygenassist $0x20, %xmm3, %xmm2
+call MAKE_RK256_a
+movdqa %xmm1, 192(%rsi)
+
+aeskeygenassist $0x0, %xmm1, %xmm2
+call MAKE_RK256_b
+movdqa %xmm3, 208(%rsi)
+aeskeygenassist $0x40, %xmm3, %xmm2
+call MAKE_RK256_a
+movdqa %xmm1, 224(%rsi)
+
+ret
+
+MAKE_RK256_a:
+pshufd $0xff, %xmm2, %xmm2
+movdqa %xmm1, %xmm4
+pslldq $4, %xmm4
+pxor   %xmm4, %xmm1
+pslldq $4, %xmm4
+pxor  %xmm4, %xmm1
+pslldq $4, %xmm4
+pxor  %xmm4, %xmm1
+pxor   %xmm2, %xmm1
+ret
+
+MAKE_RK256_b:
+pshufd $0xaa, %xmm2, %xmm2
+movdqa %xmm3, %xmm4
+pslldq $4, %xmm4
+pxor   %xmm4, %xmm3
+pslldq $4, %xmm4
+pxor  %xmm4, %xmm3
+pslldq $4, %xmm4
+pxor  %xmm4, %xmm3
+pxor   %xmm2, %xmm3
+ret
+
diff --git a/3P/wolfssl/wolfcrypt/src/arc4.c b/3P/wolfssl/wolfcrypt/src/arc4.c
new file mode 100644
index 00000000..0c22edbb
--- /dev/null
+++ b/3P/wolfssl/wolfcrypt/src/arc4.c
@@ -0,0 +1,178 @@
+/* arc4.c
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+#ifdef HAVE_CONFIG_H
+    #include 
+#endif
+
+#include 
+
+#ifndef NO_RC4
+
+#include 
+
+#ifdef HAVE_CAVIUM
+    static void wc_Arc4CaviumSetKey(Arc4* arc4, const byte* key, word32 length);
+    static void wc_Arc4CaviumProcess(Arc4* arc4, byte* out, const byte* in,
+                                  word32 length);
+#endif
+
+
+void wc_Arc4SetKey(Arc4* arc4, const byte* key, word32 length)
+{
+    word32 i;
+    word32 keyIndex = 0, stateIndex = 0;
+
+#ifdef HAVE_CAVIUM
+    if (arc4->magic == WOLFSSL_ARC4_CAVIUM_MAGIC)
+        return wc_Arc4CaviumSetKey(arc4, key, length);
+#endif
+
+    arc4->x = 1;
+    arc4->y = 0;
+
+    for (i = 0; i < ARC4_STATE_SIZE; i++)
+        arc4->state[i] = (byte)i;
+
+    for (i = 0; i < ARC4_STATE_SIZE; i++) {
+        word32 a = arc4->state[i];
+        stateIndex += key[keyIndex] + a;
+        stateIndex &= 0xFF;
+        arc4->state[i] = arc4->state[stateIndex];
+        arc4->state[stateIndex] = (byte)a;
+
+        if (++keyIndex >= length)
+            keyIndex = 0;
+    }
+}
+
+
+static INLINE byte MakeByte(word32* x, word32* y, byte* s)
+{
+    word32 a = s[*x], b;
+    *y = (*y+a) & 0xff;
+
+    b = s[*y];
+    s[*x] = (byte)b;
+    s[*y] = (byte)a;
+    *x = (*x+1) & 0xff;
+
+    return s[(a+b) & 0xff];
+}
+
+
+void wc_Arc4Process(Arc4* arc4, byte* out, const byte* in, word32 length)
+{
+    word32 x;
+    word32 y;
+
+#ifdef HAVE_CAVIUM
+    if (arc4->magic == WOLFSSL_ARC4_CAVIUM_MAGIC)
+        return wc_Arc4CaviumProcess(arc4, out, in, length);
+#endif
+
+    x = arc4->x;
+    y = arc4->y;
+
+    while(length--)
+        *out++ = *in++ ^ MakeByte(&x, &y, arc4->state);
+
+    arc4->x = (byte)x;
+    arc4->y = (byte)y;
+}
+
+
+#ifdef HAVE_CAVIUM
+
+#include 
+#include "cavium_common.h"
+
+/* Initiliaze Arc4 for use with Nitrox device */
+int wc_Arc4InitCavium(Arc4* arc4, int devId)
+{
+    if (arc4 == NULL)
+        return -1;
+
+    if (CspAllocContext(CONTEXT_SSL, &arc4->contextHandle, devId) != 0)
+        return -1;
+
+    arc4->devId = devId;
+    arc4->magic = WOLFSSL_ARC4_CAVIUM_MAGIC;
+
+    return 0;
+}
+
+
+/* Free Arc4 from use with Nitrox device */
+void wc_Arc4FreeCavium(Arc4* arc4)
+{
+    if (arc4 == NULL)
+        return;
+
+    if (arc4->magic != WOLFSSL_ARC4_CAVIUM_MAGIC)
+        return;
+
+    CspFreeContext(CONTEXT_SSL, arc4->contextHandle, arc4->devId);
+    arc4->magic = 0;
+}
+
+
+static void wc_Arc4CaviumSetKey(Arc4* arc4, const byte* key, word32 length)
+{
+    word32 requestId;
+
+    if (CspInitializeRc4(CAVIUM_BLOCKING, arc4->contextHandle, length,
+                         (byte*)key, &requestId, arc4->devId) != 0) {
+        WOLFSSL_MSG("Bad Cavium Arc4 Init");
+    }
+}
+
+
+static void wc_Arc4CaviumProcess(Arc4* arc4, byte* out, const byte* in,
+                              word32 length)
+{
+    wolfssl_word offset = 0;
+    word32 requestId;
+
+    while (length > WOLFSSL_MAX_16BIT) {
+        word16 slen = (word16)WOLFSSL_MAX_16BIT;
+        if (CspEncryptRc4(CAVIUM_BLOCKING, arc4->contextHandle,CAVIUM_UPDATE,
+                          slen, (byte*)in + offset, out + offset, &requestId,
+                          arc4->devId) != 0) {
+            WOLFSSL_MSG("Bad Cavium Arc4 Encrypt");
+        }
+        length -= WOLFSSL_MAX_16BIT;
+        offset += WOLFSSL_MAX_16BIT;
+    }
+    if (length) {
+        word16 slen = (word16)length;
+        if (CspEncryptRc4(CAVIUM_BLOCKING, arc4->contextHandle,CAVIUM_UPDATE,
+                          slen, (byte*)in + offset, out + offset, &requestId,
+                          arc4->devId) != 0) {
+            WOLFSSL_MSG("Bad Cavium Arc4 Encrypt");
+        }
+    }
+}
+
+#endif /* HAVE_CAVIUM */
+
+#endif /* NO_ARC4 */
+
diff --git a/3P/wolfssl/wolfcrypt/src/asm.c b/3P/wolfssl/wolfcrypt/src/asm.c
new file mode 100644
index 00000000..bdaa51b4
--- /dev/null
+++ b/3P/wolfssl/wolfcrypt/src/asm.c
@@ -0,0 +1,1406 @@
+/* asm.c
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+#ifdef HAVE_CONFIG_H
+    #include 
+#endif
+
+#include 
+
+/*
+ * Based on public domain TomsFastMath 0.10 by Tom St Denis, tomstdenis@iahu.ca,
+ * http://math.libtomcrypt.com
+ */
+
+
+/******************************************************************/
+/* fp_montgomery_reduce.c asm or generic */
+#if defined(TFM_X86) && !defined(TFM_SSE2) 
+/* x86-32 code */
+
+#define MONT_START 
+#define MONT_FINI
+#define LOOP_END
+#define LOOP_START \
+   mu = c[x] * mp
+
+#define INNERMUL                                          \
+__asm__(                                                      \
+   "movl %5,%%eax \n\t"                                   \
+   "mull %4       \n\t"                                   \
+   "addl %1,%%eax \n\t"                                   \
+   "adcl $0,%%edx \n\t"                                   \
+   "addl %%eax,%0 \n\t"                                   \
+   "adcl $0,%%edx \n\t"                                   \
+   "movl %%edx,%1 \n\t"                                   \
+:"=g"(_c[LO]), "=r"(cy)                                   \
+:"0"(_c[LO]), "1"(cy), "g"(mu), "g"(*tmpm++)              \
+: "%eax", "%edx", "cc")
+
+#define PROPCARRY                           \
+__asm__(                                        \
+   "addl   %1,%0    \n\t"                   \
+   "setb   %%al     \n\t"                   \
+   "movzbl %%al,%1 \n\t"                    \
+:"=g"(_c[LO]), "=r"(cy)                     \
+:"0"(_c[LO]), "1"(cy)                       \
+: "%eax", "cc")
+
+/******************************************************************/
+#elif defined(TFM_X86_64)
+/* x86-64 code */
+
+#define MONT_START 
+#define MONT_FINI
+#define LOOP_END
+#define LOOP_START \
+   mu = c[x] * mp
+
+#define INNERMUL                                          \
+__asm__(                                                      \
+   "movq %5,%%rax \n\t"                                   \
+   "mulq %4       \n\t"                                   \
+   "addq %1,%%rax \n\t"                                   \
+   "adcq $0,%%rdx \n\t"                                   \
+   "addq %%rax,%0 \n\t"                                   \
+   "adcq $0,%%rdx \n\t"                                   \
+   "movq %%rdx,%1 \n\t"                                   \
+:"=g"(_c[LO]), "=r"(cy)                                   \
+:"0"(_c[LO]), "1"(cy), "r"(mu), "r"(*tmpm++)              \
+: "%rax", "%rdx", "cc")
+
+#define INNERMUL8 \
+ __asm__(                  \
+ "movq 0(%5),%%rax    \n\t"  \
+ "movq 0(%2),%%r10    \n\t"  \
+ "movq 0x8(%5),%%r11  \n\t"  \
+ "mulq %4             \n\t"  \
+ "addq %%r10,%%rax    \n\t"  \
+ "adcq $0,%%rdx       \n\t"  \
+ "movq 0x8(%2),%%r10  \n\t"  \
+ "addq %3,%%rax       \n\t"  \
+ "adcq $0,%%rdx       \n\t"  \
+ "movq %%rax,0(%0)    \n\t"  \
+ "movq %%rdx,%1       \n\t"  \
+ \
+ "movq %%r11,%%rax    \n\t"  \
+ "movq 0x10(%5),%%r11 \n\t"  \
+ "mulq %4             \n\t"  \
+ "addq %%r10,%%rax    \n\t"  \
+ "adcq $0,%%rdx       \n\t"  \
+ "movq 0x10(%2),%%r10 \n\t"  \
+ "addq %3,%%rax       \n\t"  \
+ "adcq $0,%%rdx       \n\t"  \
+ "movq %%rax,0x8(%0)  \n\t"  \
+ "movq %%rdx,%1       \n\t"  \
+ \
+ "movq %%r11,%%rax    \n\t"  \
+ "movq 0x18(%5),%%r11 \n\t"  \
+ "mulq %4             \n\t"  \
+ "addq %%r10,%%rax    \n\t"  \
+ "adcq $0,%%rdx       \n\t"  \
+ "movq 0x18(%2),%%r10 \n\t"  \
+ "addq %3,%%rax       \n\t"  \
+ "adcq $0,%%rdx       \n\t"  \
+ "movq %%rax,0x10(%0) \n\t"  \
+ "movq %%rdx,%1       \n\t"  \
+ \
+ "movq %%r11,%%rax    \n\t"  \
+ "movq 0x20(%5),%%r11 \n\t"  \
+ "mulq %4             \n\t"  \
+ "addq %%r10,%%rax    \n\t"  \
+ "adcq $0,%%rdx       \n\t"  \
+ "movq 0x20(%2),%%r10 \n\t"  \
+ "addq %3,%%rax       \n\t"  \
+ "adcq $0,%%rdx       \n\t"  \
+ "movq %%rax,0x18(%0) \n\t"  \
+ "movq %%rdx,%1       \n\t"  \
+ \
+ "movq %%r11,%%rax    \n\t"  \
+ "movq 0x28(%5),%%r11 \n\t"  \
+ "mulq %4             \n\t"  \
+ "addq %%r10,%%rax    \n\t"  \
+ "adcq $0,%%rdx       \n\t"  \
+ "movq 0x28(%2),%%r10 \n\t"  \
+ "addq %3,%%rax       \n\t"  \
+ "adcq $0,%%rdx       \n\t"  \
+ "movq %%rax,0x20(%0) \n\t"  \
+ "movq %%rdx,%1       \n\t"  \
+ \
+ "movq %%r11,%%rax    \n\t"  \
+ "movq 0x30(%5),%%r11 \n\t"  \
+ "mulq %4             \n\t"  \
+ "addq %%r10,%%rax    \n\t"  \
+ "adcq $0,%%rdx       \n\t"  \
+ "movq 0x30(%2),%%r10 \n\t"  \
+ "addq %3,%%rax       \n\t"  \
+ "adcq $0,%%rdx       \n\t"  \
+ "movq %%rax,0x28(%0) \n\t"  \
+ "movq %%rdx,%1       \n\t"  \
+ \
+ "movq %%r11,%%rax    \n\t"  \
+ "movq 0x38(%5),%%r11 \n\t"  \
+ "mulq %4             \n\t"  \
+ "addq %%r10,%%rax    \n\t"  \
+ "adcq $0,%%rdx       \n\t"  \
+ "movq 0x38(%2),%%r10 \n\t"  \
+ "addq %3,%%rax       \n\t"  \
+ "adcq $0,%%rdx       \n\t"  \
+ "movq %%rax,0x30(%0) \n\t"  \
+ "movq %%rdx,%1       \n\t"  \
+ \
+ "movq %%r11,%%rax    \n\t"  \
+ "mulq %4             \n\t"  \
+ "addq %%r10,%%rax    \n\t"  \
+ "adcq $0,%%rdx       \n\t"  \
+ "addq %3,%%rax       \n\t"  \
+ "adcq $0,%%rdx       \n\t"  \
+ "movq %%rax,0x38(%0) \n\t"  \
+ "movq %%rdx,%1       \n\t"  \
+ \
+:"=r"(_c), "=r"(cy)                    \
+: "0"(_c),  "1"(cy), "g"(mu), "r"(tmpm)\
+: "%rax", "%rdx", "%r10", "%r11", "cc")
+
+
+#define PROPCARRY                           \
+__asm__(                                        \
+   "addq   %1,%0    \n\t"                   \
+   "setb   %%al     \n\t"                   \
+   "movzbq %%al,%1 \n\t"                    \
+:"=g"(_c[LO]), "=r"(cy)                     \
+:"0"(_c[LO]), "1"(cy)                       \
+: "%rax", "cc")
+
+/******************************************************************/
+#elif defined(TFM_SSE2)  
+/* SSE2 code (assumes 32-bit fp_digits) */
+/* XMM register assignments:
+ * xmm0  *tmpm++, then Mu * (*tmpm++)
+ * xmm1  c[x], then Mu
+ * xmm2  mp
+ * xmm3  cy
+ * xmm4  _c[LO]
+ */
+
+#define MONT_START \
+   __asm__("movd %0,%%mm2"::"g"(mp))
+
+#define MONT_FINI \
+   __asm__("emms")
+
+#define LOOP_START          \
+__asm__(                        \
+"movd %0,%%mm1        \n\t" \
+"pxor %%mm3,%%mm3     \n\t" \
+"pmuludq %%mm2,%%mm1  \n\t" \
+:: "g"(c[x]))
+
+/* pmuludq on mmx registers does a 32x32->64 multiply. */
+#define INNERMUL               \
+__asm__(                           \
+   "movd %1,%%mm4        \n\t" \
+   "movd %2,%%mm0        \n\t" \
+   "paddq %%mm4,%%mm3    \n\t" \
+   "pmuludq %%mm1,%%mm0  \n\t" \
+   "paddq %%mm0,%%mm3    \n\t" \
+   "movd %%mm3,%0        \n\t" \
+   "psrlq $32, %%mm3     \n\t" \
+:"=g"(_c[LO]) : "0"(_c[LO]), "g"(*tmpm++) );
+
+#define INNERMUL8 \
+__asm__(                           \
+   "movd 0(%1),%%mm4     \n\t" \
+   "movd 0(%2),%%mm0     \n\t" \
+   "paddq %%mm4,%%mm3    \n\t" \
+   "pmuludq %%mm1,%%mm0  \n\t" \
+   "movd 4(%2),%%mm5     \n\t" \
+   "paddq %%mm0,%%mm3    \n\t" \
+   "movd 4(%1),%%mm6     \n\t" \
+   "movd %%mm3,0(%0)     \n\t" \
+   "psrlq $32, %%mm3     \n\t" \
+\
+   "paddq %%mm6,%%mm3    \n\t" \
+   "pmuludq %%mm1,%%mm5  \n\t" \
+   "movd 8(%2),%%mm6     \n\t" \
+   "paddq %%mm5,%%mm3    \n\t" \
+   "movd 8(%1),%%mm7     \n\t" \
+   "movd %%mm3,4(%0)     \n\t" \
+   "psrlq $32, %%mm3     \n\t" \
+\
+   "paddq %%mm7,%%mm3    \n\t" \
+   "pmuludq %%mm1,%%mm6  \n\t" \
+   "movd 12(%2),%%mm7    \n\t" \
+   "paddq %%mm6,%%mm3    \n\t" \
+   "movd 12(%1),%%mm5     \n\t" \
+   "movd %%mm3,8(%0)     \n\t" \
+   "psrlq $32, %%mm3     \n\t" \
+\
+   "paddq %%mm5,%%mm3    \n\t" \
+   "pmuludq %%mm1,%%mm7  \n\t" \
+   "movd 16(%2),%%mm5    \n\t" \
+   "paddq %%mm7,%%mm3    \n\t" \
+   "movd 16(%1),%%mm6    \n\t" \
+   "movd %%mm3,12(%0)    \n\t" \
+   "psrlq $32, %%mm3     \n\t" \
+\
+   "paddq %%mm6,%%mm3    \n\t" \
+   "pmuludq %%mm1,%%mm5  \n\t" \
+   "movd 20(%2),%%mm6    \n\t" \
+   "paddq %%mm5,%%mm3    \n\t" \
+   "movd 20(%1),%%mm7    \n\t" \
+   "movd %%mm3,16(%0)    \n\t" \
+   "psrlq $32, %%mm3     \n\t" \
+\
+   "paddq %%mm7,%%mm3    \n\t" \
+   "pmuludq %%mm1,%%mm6  \n\t" \
+   "movd 24(%2),%%mm7    \n\t" \
+   "paddq %%mm6,%%mm3    \n\t" \
+   "movd 24(%1),%%mm5     \n\t" \
+   "movd %%mm3,20(%0)    \n\t" \
+   "psrlq $32, %%mm3     \n\t" \
+\
+   "paddq %%mm5,%%mm3    \n\t" \
+   "pmuludq %%mm1,%%mm7  \n\t" \
+   "movd 28(%2),%%mm5    \n\t" \
+   "paddq %%mm7,%%mm3    \n\t" \
+   "movd 28(%1),%%mm6    \n\t" \
+   "movd %%mm3,24(%0)    \n\t" \
+   "psrlq $32, %%mm3     \n\t" \
+\
+   "paddq %%mm6,%%mm3    \n\t" \
+   "pmuludq %%mm1,%%mm5  \n\t" \
+   "paddq %%mm5,%%mm3    \n\t" \
+   "movd %%mm3,28(%0)    \n\t" \
+   "psrlq $32, %%mm3     \n\t" \
+:"=r"(_c) : "0"(_c), "r"(tmpm) );
+
+/* TAO switched tmpm from "g" to "r" after gcc tried to index the indexed stack
+   pointer */
+
+#define LOOP_END \
+__asm__( "movd %%mm3,%0  \n" :"=r"(cy))
+
+#define PROPCARRY                           \
+__asm__(                                        \
+   "addl   %1,%0    \n\t"                   \
+   "setb   %%al     \n\t"                   \
+   "movzbl %%al,%1 \n\t"                    \
+:"=g"(_c[LO]), "=r"(cy)                     \
+:"0"(_c[LO]), "1"(cy)                       \
+: "%eax", "cc")
+
+/******************************************************************/
+#elif defined(TFM_ARM)
+   /* ARMv4 code */
+
+#define MONT_START 
+#define MONT_FINI
+#define LOOP_END
+#define LOOP_START \
+   mu = c[x] * mp
+
+
+#ifdef __thumb__
+
+#define INNERMUL                    \
+__asm__(                                \
+    " LDR    r0,%1            \n\t" \
+    " ADDS   r0,r0,%0         \n\t" \
+    " ITE    CS               \n\t" \
+    " MOVCS  %0,#1            \n\t" \
+    " MOVCC  %0,#0            \n\t" \
+    " UMLAL  r0,%0,%3,%4      \n\t" \
+    " STR    r0,%1            \n\t" \
+:"=r"(cy),"=m"(_c[0]):"0"(cy),"r"(mu),"r"(*tmpm++),"m"(_c[0]):"r0","cc");
+
+#define PROPCARRY                  \
+__asm__(                               \
+    " LDR   r0,%1            \n\t" \
+    " ADDS  r0,r0,%0         \n\t" \
+    " STR   r0,%1            \n\t" \
+    " ITE   CS               \n\t" \
+    " MOVCS %0,#1            \n\t" \
+    " MOVCC %0,#0            \n\t" \
+:"=r"(cy),"=m"(_c[0]):"0"(cy),"m"(_c[0]):"r0","cc");
+
+
+/* TAO thumb mode uses ite (if then else) to detect carry directly
+ * fixed unmatched constraint warning by changing 1 to m  */
+
+#else  /* __thumb__ */
+
+#define INNERMUL                    \
+__asm__(                                \
+    " LDR    r0,%1            \n\t" \
+    " ADDS   r0,r0,%0         \n\t" \
+    " MOVCS  %0,#1            \n\t" \
+    " MOVCC  %0,#0            \n\t" \
+    " UMLAL  r0,%0,%3,%4      \n\t" \
+    " STR    r0,%1            \n\t" \
+:"=r"(cy),"=m"(_c[0]):"0"(cy),"r"(mu),"r"(*tmpm++),"1"(_c[0]):"r0","cc");
+
+#define PROPCARRY                  \
+__asm__(                               \
+    " LDR   r0,%1            \n\t" \
+    " ADDS  r0,r0,%0         \n\t" \
+    " STR   r0,%1            \n\t" \
+    " MOVCS %0,#1            \n\t" \
+    " MOVCC %0,#0            \n\t" \
+:"=r"(cy),"=m"(_c[0]):"0"(cy),"1"(_c[0]):"r0","cc");
+
+#endif /* __thumb__ */
+
+#elif defined(TFM_PPC32)
+
+/* PPC32 */
+#define MONT_START 
+#define MONT_FINI
+#define LOOP_END
+#define LOOP_START \
+   mu = c[x] * mp
+
+#define INNERMUL                     \
+__asm__(                                 \
+   " mullw    16,%3,%4       \n\t"   \
+   " mulhwu   17,%3,%4       \n\t"   \
+   " addc     16,16,%0       \n\t"   \
+   " addze    17,17          \n\t"   \
+   " lwz      18,%1          \n\t"   \
+   " addc     16,16,18       \n\t"   \
+   " addze    %0,17          \n\t"   \
+   " stw      16,%1          \n\t"   \
+:"=r"(cy),"=m"(_c[0]):"0"(cy),"r"(mu),"r"(tmpm[0]),"1"(_c[0]):"16", "17", "18","cc"); ++tmpm;
+
+#define PROPCARRY                    \
+__asm__(                                 \
+   " lwz      16,%1         \n\t"    \
+   " addc     16,16,%0      \n\t"    \
+   " stw      16,%1         \n\t"    \
+   " xor      %0,%0,%0      \n\t"    \
+   " addze    %0,%0         \n\t"    \
+:"=r"(cy),"=m"(_c[0]):"0"(cy),"1"(_c[0]):"16","cc");
+
+#elif defined(TFM_PPC64)
+
+/* PPC64 */
+#define MONT_START 
+#define MONT_FINI
+#define LOOP_END
+#define LOOP_START \
+   mu = c[x] * mp
+
+#define INNERMUL                     \
+__asm__(                                 \
+   " mulld    16,%3,%4       \n\t"   \
+   " mulhdu   17,%3,%4       \n\t"   \
+   " addc     16,16,%0       \n\t"   \
+   " addze    17,17          \n\t"   \
+   " ldx      18,0,%1        \n\t"   \
+   " addc     16,16,18       \n\t"   \
+   " addze    %0,17          \n\t"   \
+   " sdx      16,0,%1        \n\t"   \
+:"=r"(cy),"=m"(_c[0]):"0"(cy),"r"(mu),"r"(tmpm[0]),"1"(_c[0]):"16", "17", "18","cc"); ++tmpm;
+
+#define PROPCARRY                    \
+__asm__(                                 \
+   " ldx      16,0,%1       \n\t"    \
+   " addc     16,16,%0      \n\t"    \
+   " sdx      16,0,%1       \n\t"    \
+   " xor      %0,%0,%0      \n\t"    \
+   " addze    %0,%0         \n\t"    \
+:"=r"(cy),"=m"(_c[0]):"0"(cy),"1"(_c[0]):"16","cc");
+
+/******************************************************************/
+
+#elif defined(TFM_AVR32)
+
+/* AVR32 */
+#define MONT_START 
+#define MONT_FINI
+#define LOOP_END
+#define LOOP_START \
+   mu = c[x] * mp
+
+#define INNERMUL                    \
+__asm__(                                \
+    " ld.w   r2,%1            \n\t" \
+    " add    r2,%0            \n\t" \
+    " eor    r3,r3            \n\t" \
+    " acr    r3               \n\t" \
+    " macu.d r2,%3,%4         \n\t" \
+    " st.w   %1,r2            \n\t" \
+    " mov    %0,r3            \n\t" \
+:"=r"(cy),"=r"(_c):"0"(cy),"r"(mu),"r"(*tmpm++),"1"(_c):"r2","r3");
+
+#define PROPCARRY                    \
+__asm__(                                 \
+   " ld.w     r2,%1         \n\t"    \
+   " add      r2,%0         \n\t"    \
+   " st.w     %1,r2         \n\t"    \
+   " eor      %0,%0         \n\t"    \
+   " acr      %0            \n\t"    \
+:"=r"(cy),"=r"(&_c[0]):"0"(cy),"1"(&_c[0]):"r2","cc");
+
+#else
+
+/* ISO C code */
+#define MONT_START 
+#define MONT_FINI
+#define LOOP_END
+#define LOOP_START \
+   mu = c[x] * mp
+
+#define INNERMUL                                      \
+   do { fp_word t;                                    \
+   t  = ((fp_word)_c[0] + (fp_word)cy) +              \
+                (((fp_word)mu) * ((fp_word)*tmpm++)); \
+   _c[0] = (fp_digit)t;                               \
+   cy = (fp_digit)(t >> DIGIT_BIT);                   \
+   } while (0)
+
+#define PROPCARRY \
+   do { fp_digit t = _c[0] += cy; cy = (t < cy); } while (0)
+
+#endif
+/******************************************************************/
+
+
+#define LO  0
+/* end fp_montogomery_reduce.c asm */
+
+
+/* start fp_sqr_comba.c asm */
+#if defined(TFM_X86)
+
+/* x86-32 optimized */
+
+#define COMBA_START
+
+#define CLEAR_CARRY \
+   c0 = c1 = c2 = 0;
+
+#define COMBA_STORE(x) \
+   x = c0;
+
+#define COMBA_STORE2(x) \
+   x = c1;
+
+#define CARRY_FORWARD \
+   do { c0 = c1; c1 = c2; c2 = 0; } while (0);
+
+#define COMBA_FINI
+
+#define SQRADD(i, j)                                      \
+__asm__(                                            \
+     "movl  %6,%%eax     \n\t"                            \
+     "mull  %%eax        \n\t"                            \
+     "addl  %%eax,%0     \n\t"                            \
+     "adcl  %%edx,%1     \n\t"                            \
+     "adcl  $0,%2        \n\t"                            \
+     :"=r"(c0), "=r"(c1), "=r"(c2): "0"(c0), "1"(c1), "2"(c2), "m"(i) :"%eax","%edx","cc");
+
+#define SQRADD2(i, j)                                     \
+__asm__(                                            \
+     "movl  %6,%%eax     \n\t"                            \
+     "mull  %7           \n\t"                            \
+     "addl  %%eax,%0     \n\t"                            \
+     "adcl  %%edx,%1     \n\t"                            \
+     "adcl  $0,%2        \n\t"                            \
+     "addl  %%eax,%0     \n\t"                            \
+     "adcl  %%edx,%1     \n\t"                            \
+     "adcl  $0,%2        \n\t"                            \
+     :"=r"(c0), "=r"(c1), "=r"(c2): "0"(c0), "1"(c1), "2"(c2), "m"(i), "m"(j)  :"%eax","%edx", "cc");
+
+#define SQRADDSC(i, j)                                    \
+__asm__(                                                     \
+     "movl  %3,%%eax     \n\t"                            \
+     "mull  %4           \n\t"                            \
+     "movl  %%eax,%0     \n\t"                            \
+     "movl  %%edx,%1     \n\t"                            \
+     "xorl  %2,%2        \n\t"                            \
+     :"=r"(sc0), "=r"(sc1), "=r"(sc2): "g"(i), "g"(j) :"%eax","%edx","cc");
+
+/* TAO removed sc0,1,2 as input to remove warning so %6,%7 become %3,%4 */
+
+#define SQRADDAC(i, j)                                    \
+__asm__(                                                     \
+     "movl  %6,%%eax     \n\t"                            \
+     "mull  %7           \n\t"                            \
+     "addl  %%eax,%0     \n\t"                            \
+     "adcl  %%edx,%1     \n\t"                            \
+     "adcl  $0,%2        \n\t"                            \
+     :"=r"(sc0), "=r"(sc1), "=r"(sc2): "0"(sc0), "1"(sc1), "2"(sc2), "g"(i), "g"(j) :"%eax","%edx","cc");
+
+#define SQRADDDB                                          \
+__asm__(                                                     \
+     "addl %6,%0         \n\t"                            \
+     "adcl %7,%1         \n\t"                            \
+     "adcl %8,%2         \n\t"                            \
+     "addl %6,%0         \n\t"                            \
+     "adcl %7,%1         \n\t"                            \
+     "adcl %8,%2         \n\t"                            \
+     :"=r"(c0), "=r"(c1), "=r"(c2) : "0"(c0), "1"(c1), "2"(c2), "r"(sc0), "r"(sc1), "r"(sc2) : "cc");
+
+#elif defined(TFM_X86_64)
+/* x86-64 optimized */
+
+#define COMBA_START
+
+#define CLEAR_CARRY \
+   c0 = c1 = c2 = 0;
+
+#define COMBA_STORE(x) \
+   x = c0;
+
+#define COMBA_STORE2(x) \
+   x = c1;
+
+#define CARRY_FORWARD \
+   do { c0 = c1; c1 = c2; c2 = 0; } while (0);
+
+#define COMBA_FINI
+
+#define SQRADD(i, j)                                      \
+__asm__(                                                     \
+     "movq  %6,%%rax     \n\t"                            \
+     "mulq  %%rax        \n\t"                            \
+     "addq  %%rax,%0     \n\t"                            \
+     "adcq  %%rdx,%1     \n\t"                            \
+     "adcq  $0,%2        \n\t"                            \
+     :"=r"(c0), "=r"(c1), "=r"(c2): "0"(c0), "1"(c1), "2"(c2), "g"(i) :"%rax","%rdx","cc");
+
+#define SQRADD2(i, j)                                     \
+__asm__(                                                     \
+     "movq  %6,%%rax     \n\t"                            \
+     "mulq  %7           \n\t"                            \
+     "addq  %%rax,%0     \n\t"                            \
+     "adcq  %%rdx,%1     \n\t"                            \
+     "adcq  $0,%2        \n\t"                            \
+     "addq  %%rax,%0     \n\t"                            \
+     "adcq  %%rdx,%1     \n\t"                            \
+     "adcq  $0,%2        \n\t"                            \
+     :"=r"(c0), "=r"(c1), "=r"(c2): "0"(c0), "1"(c1), "2"(c2), "g"(i), "g"(j)  :"%rax","%rdx","cc");
+
+#define SQRADDSC(i, j)                                    \
+__asm__(                                                     \
+     "movq  %3,%%rax     \n\t"                            \
+     "mulq  %4           \n\t"                            \
+     "movq  %%rax,%0     \n\t"                            \
+     "movq  %%rdx,%1     \n\t"                            \
+     "xorq  %2,%2        \n\t"                            \
+     :"=r"(sc0), "=r"(sc1), "=r"(sc2): "g"(i), "g"(j) :"%rax","%rdx","cc");
+
+/* TAO removed sc0,1,2 as input to remove warning so %6,%7 become %3,%4 */
+
+#define SQRADDAC(i, j)                                                         \
+__asm__(                                                     \
+     "movq  %6,%%rax     \n\t"                            \
+     "mulq  %7           \n\t"                            \
+     "addq  %%rax,%0     \n\t"                            \
+     "adcq  %%rdx,%1     \n\t"                            \
+     "adcq  $0,%2        \n\t"                            \
+     :"=r"(sc0), "=r"(sc1), "=r"(sc2): "0"(sc0), "1"(sc1), "2"(sc2), "g"(i), "g"(j) :"%rax","%rdx","cc");
+
+#define SQRADDDB                                          \
+__asm__(                                                     \
+     "addq %6,%0         \n\t"                            \
+     "adcq %7,%1         \n\t"                            \
+     "adcq %8,%2         \n\t"                            \
+     "addq %6,%0         \n\t"                            \
+     "adcq %7,%1         \n\t"                            \
+     "adcq %8,%2         \n\t"                            \
+     :"=r"(c0), "=r"(c1), "=r"(c2) : "0"(c0), "1"(c1), "2"(c2), "r"(sc0), "r"(sc1), "r"(sc2) : "cc");
+
+#elif defined(TFM_SSE2)
+
+/* SSE2 Optimized */
+#define COMBA_START
+
+#define CLEAR_CARRY \
+   c0 = c1 = c2 = 0;
+
+#define COMBA_STORE(x) \
+   x = c0;
+
+#define COMBA_STORE2(x) \
+   x = c1;
+
+#define CARRY_FORWARD \
+   do { c0 = c1; c1 = c2; c2 = 0; } while (0);
+
+#define COMBA_FINI \
+   __asm__("emms");
+
+#define SQRADD(i, j)                                      \
+__asm__(                                            \
+     "movd  %6,%%mm0     \n\t"                            \
+     "pmuludq %%mm0,%%mm0\n\t"                            \
+     "movd  %%mm0,%%eax  \n\t"                            \
+     "psrlq $32,%%mm0    \n\t"                            \
+     "addl  %%eax,%0     \n\t"                            \
+     "movd  %%mm0,%%eax  \n\t"                            \
+     "adcl  %%eax,%1     \n\t"                            \
+     "adcl  $0,%2        \n\t"                            \
+     :"=r"(c0), "=r"(c1), "=r"(c2): "0"(c0), "1"(c1), "2"(c2), "m"(i) :"%eax","cc");
+
+#define SQRADD2(i, j)                                     \
+__asm__(                                            \
+     "movd  %6,%%mm0     \n\t"                            \
+     "movd  %7,%%mm1     \n\t"                            \
+     "pmuludq %%mm1,%%mm0\n\t"                            \
+     "movd  %%mm0,%%eax  \n\t"                            \
+     "psrlq $32,%%mm0    \n\t"                            \
+     "movd  %%mm0,%%edx  \n\t"                            \
+     "addl  %%eax,%0     \n\t"                            \
+     "adcl  %%edx,%1     \n\t"                            \
+     "adcl  $0,%2        \n\t"                            \
+     "addl  %%eax,%0     \n\t"                            \
+     "adcl  %%edx,%1     \n\t"                            \
+     "adcl  $0,%2        \n\t"                            \
+     :"=r"(c0), "=r"(c1), "=r"(c2): "0"(c0), "1"(c1), "2"(c2), "m"(i), "m"(j)  :"%eax","%edx","cc");
+
+#define SQRADDSC(i, j)                                                         \
+__asm__(                                            \
+     "movd  %3,%%mm0     \n\t"                            \
+     "movd  %4,%%mm1     \n\t"                            \
+     "pmuludq %%mm1,%%mm0\n\t"                            \
+     "movd  %%mm0,%0     \n\t"                            \
+     "psrlq $32,%%mm0    \n\t"                            \
+     "movd  %%mm0,%1     \n\t"                            \
+     "xorl  %2,%2        \n\t"                            \
+     :"=r"(sc0), "=r"(sc1), "=r"(sc2): "m"(i), "m"(j));
+
+/* TAO removed sc0,1,2 as input to remove warning so %6,%7 become %3,%4 */
+
+#define SQRADDAC(i, j)                                                         \
+__asm__(                                            \
+     "movd  %6,%%mm0     \n\t"                            \
+     "movd  %7,%%mm1     \n\t"                            \
+     "pmuludq %%mm1,%%mm0\n\t"                            \
+     "movd  %%mm0,%%eax  \n\t"                            \
+     "psrlq $32,%%mm0    \n\t"                            \
+     "movd  %%mm0,%%edx  \n\t"                            \
+     "addl  %%eax,%0     \n\t"                            \
+     "adcl  %%edx,%1     \n\t"                            \
+     "adcl  $0,%2        \n\t"                            \
+     :"=r"(sc0), "=r"(sc1), "=r"(sc2): "0"(sc0), "1"(sc1), "2"(sc2), "m"(i), "m"(j)  :"%eax","%edx","cc");
+
+#define SQRADDDB                                          \
+__asm__(                                                     \
+     "addl %6,%0         \n\t"                            \
+     "adcl %7,%1         \n\t"                            \
+     "adcl %8,%2         \n\t"                            \
+     "addl %6,%0         \n\t"                            \
+     "adcl %7,%1         \n\t"                            \
+     "adcl %8,%2         \n\t"                            \
+     :"=r"(c0), "=r"(c1), "=r"(c2) : "0"(c0), "1"(c1), "2"(c2), "r"(sc0), "r"(sc1), "r"(sc2) : "cc");
+
+#elif defined(TFM_ARM)
+
+/* ARM code */
+
+#define COMBA_START
+
+#define CLEAR_CARRY \
+   c0 = c1 = c2 = 0;
+
+#define COMBA_STORE(x) \
+   x = c0;
+
+#define COMBA_STORE2(x) \
+   x = c1;
+
+#define CARRY_FORWARD \
+   do { c0 = c1; c1 = c2; c2 = 0; } while (0);
+
+#define COMBA_FINI
+
+/* multiplies point i and j, updates carry "c1" and digit c2 */
+#define SQRADD(i, j)                                             \
+__asm__(                                                             \
+"  UMULL  r0,r1,%6,%6              \n\t"                         \
+"  ADDS   %0,%0,r0                 \n\t"                         \
+"  ADCS   %1,%1,r1                 \n\t"                         \
+"  ADC    %2,%2,#0                 \n\t"                         \
+:"=r"(c0), "=r"(c1), "=r"(c2) : "0"(c0), "1"(c1), "2"(c2), "r"(i) : "r0", "r1", "cc");
+	
+/* for squaring some of the terms are doubled... */
+#define SQRADD2(i, j)                                            \
+__asm__(                                                             \
+"  UMULL  r0,r1,%6,%7              \n\t"                         \
+"  ADDS   %0,%0,r0                 \n\t"                         \
+"  ADCS   %1,%1,r1                 \n\t"                         \
+"  ADC    %2,%2,#0                 \n\t"                         \
+"  ADDS   %0,%0,r0                 \n\t"                         \
+"  ADCS   %1,%1,r1                 \n\t"                         \
+"  ADC    %2,%2,#0                 \n\t"                         \
+:"=r"(c0), "=r"(c1), "=r"(c2) : "0"(c0), "1"(c1), "2"(c2), "r"(i), "r"(j) : "r0", "r1", "cc");
+
+#define SQRADDSC(i, j)                                           \
+__asm__(                                                             \
+"  UMULL  %0,%1,%3,%4              \n\t"                         \
+"  SUB    %2,%2,%2                 \n\t"                         \
+:"=r"(sc0), "=r"(sc1), "=r"(sc2) : "r"(i), "r"(j) : "cc");
+
+/* TAO removed sc0,1,2 as input to remove warning so %6,%7 become %3,%4 */
+
+#define SQRADDAC(i, j)                                           \
+__asm__(                                                             \
+"  UMULL  r0,r1,%6,%7              \n\t"                         \
+"  ADDS   %0,%0,r0                 \n\t"                         \
+"  ADCS   %1,%1,r1                 \n\t"                         \
+"  ADC    %2,%2,#0                 \n\t"                         \
+:"=r"(sc0), "=r"(sc1), "=r"(sc2) : "0"(sc0), "1"(sc1), "2"(sc2), "r"(i), "r"(j) : "r0", "r1", "cc");
+
+#define SQRADDDB                                                 \
+__asm__(                                                             \
+"  ADDS  %0,%0,%3                     \n\t"                      \
+"  ADCS  %1,%1,%4                     \n\t"                      \
+"  ADC   %2,%2,%5                     \n\t"                      \
+"  ADDS  %0,%0,%3                     \n\t"                      \
+"  ADCS  %1,%1,%4                     \n\t"                      \
+"  ADC   %2,%2,%5                     \n\t"                      \
+:"=r"(c0), "=r"(c1), "=r"(c2) : "r"(sc0), "r"(sc1), "r"(sc2), "0"(c0), "1"(c1), "2"(c2) : "cc");
+
+#elif defined(TFM_PPC32)
+
+/* PPC32 */
+
+#define COMBA_START
+
+#define CLEAR_CARRY \
+   c0 = c1 = c2 = 0;
+
+#define COMBA_STORE(x) \
+   x = c0;
+
+#define COMBA_STORE2(x) \
+   x = c1;
+
+#define CARRY_FORWARD \
+   do { c0 = c1; c1 = c2; c2 = 0; } while (0);
+
+#define COMBA_FINI
+
+/* multiplies point i and j, updates carry "c1" and digit c2 */
+#define SQRADD(i, j)             \
+__asm__(                             \
+   " mullw  16,%6,%6       \n\t" \
+   " addc   %0,%0,16       \n\t" \
+   " mulhwu 16,%6,%6       \n\t" \
+   " adde   %1,%1,16       \n\t" \
+   " addze  %2,%2          \n\t" \
+:"=r"(c0), "=r"(c1), "=r"(c2):"0"(c0), "1"(c1), "2"(c2), "r"(i):"16","cc");
+
+/* for squaring some of the terms are doubled... */
+#define SQRADD2(i, j)            \
+__asm__(                             \
+   " mullw  16,%6,%7       \n\t" \
+   " mulhwu 17,%6,%7       \n\t" \
+   " addc   %0,%0,16       \n\t" \
+   " adde   %1,%1,17       \n\t" \
+   " addze  %2,%2          \n\t" \
+   " addc   %0,%0,16       \n\t" \
+   " adde   %1,%1,17       \n\t" \
+   " addze  %2,%2          \n\t" \
+:"=r"(c0), "=r"(c1), "=r"(c2):"0"(c0), "1"(c1), "2"(c2), "r"(i), "r"(j):"16", "17","cc");
+
+#define SQRADDSC(i, j)            \
+__asm__(                              \
+   " mullw  %0,%6,%7        \n\t" \
+   " mulhwu %1,%6,%7        \n\t" \
+   " xor    %2,%2,%2        \n\t" \
+:"=r"(sc0), "=r"(sc1), "=r"(sc2):"0"(sc0), "1"(sc1), "2"(sc2), "r"(i),"r"(j) : "cc");
+
+#define SQRADDAC(i, j)           \
+__asm__(                             \
+   " mullw  16,%6,%7       \n\t" \
+   " addc   %0,%0,16       \n\t" \
+   " mulhwu 16,%6,%7       \n\t" \
+   " adde   %1,%1,16       \n\t" \
+   " addze  %2,%2          \n\t" \
+:"=r"(sc0), "=r"(sc1), "=r"(sc2):"0"(sc0), "1"(sc1), "2"(sc2), "r"(i), "r"(j):"16", "cc");
+
+#define SQRADDDB                  \
+__asm__(                              \
+   " addc   %0,%0,%3        \n\t" \
+   " adde   %1,%1,%4        \n\t" \
+   " adde   %2,%2,%5        \n\t" \
+   " addc   %0,%0,%3        \n\t" \
+   " adde   %1,%1,%4        \n\t" \
+   " adde   %2,%2,%5        \n\t" \
+:"=r"(c0), "=r"(c1), "=r"(c2) : "r"(sc0), "r"(sc1), "r"(sc2), "0"(c0), "1"(c1), "2"(c2) : "cc");
+
+#elif defined(TFM_PPC64)
+/* PPC64 */
+
+#define COMBA_START
+
+#define CLEAR_CARRY \
+   c0 = c1 = c2 = 0;
+
+#define COMBA_STORE(x) \
+   x = c0;
+
+#define COMBA_STORE2(x) \
+   x = c1;
+
+#define CARRY_FORWARD \
+   do { c0 = c1; c1 = c2; c2 = 0; } while (0);
+
+#define COMBA_FINI
+
+/* multiplies point i and j, updates carry "c1" and digit c2 */
+#define SQRADD(i, j)             \
+__asm__(                             \
+   " mulld  16,%6,%6       \n\t" \
+   " addc   %0,%0,16       \n\t" \
+   " mulhdu 16,%6,%6       \n\t" \
+   " adde   %1,%1,16       \n\t" \
+   " addze  %2,%2          \n\t" \
+:"=r"(c0), "=r"(c1), "=r"(c2):"0"(c0), "1"(c1), "2"(c2), "r"(i):"16","cc");
+
+/* for squaring some of the terms are doubled... */
+#define SQRADD2(i, j)            \
+__asm__(                             \
+   " mulld  16,%6,%7       \n\t" \
+   " mulhdu 17,%6,%7       \n\t" \
+   " addc   %0,%0,16       \n\t" \
+   " adde   %1,%1,17       \n\t" \
+   " addze  %2,%2          \n\t" \
+   " addc   %0,%0,16       \n\t" \
+   " adde   %1,%1,17       \n\t" \
+   " addze  %2,%2          \n\t" \
+:"=r"(c0), "=r"(c1), "=r"(c2):"0"(c0), "1"(c1), "2"(c2), "r"(i), "r"(j):"16", "17","cc");
+
+#define SQRADDSC(i, j)            \
+__asm__(                              \
+   " mulld  %0,%6,%7        \n\t" \
+   " mulhdu %1,%6,%7        \n\t" \
+   " xor    %2,%2,%2        \n\t" \
+:"=r"(sc0), "=r"(sc1), "=r"(sc2):"0"(sc0), "1"(sc1), "2"(sc2), "r"(i),"r"(j) : "cc");
+
+#define SQRADDAC(i, j)           \
+__asm__(                             \
+   " mulld  16,%6,%7       \n\t" \
+   " addc   %0,%0,16       \n\t" \
+   " mulhdu 16,%6,%7       \n\t" \
+   " adde   %1,%1,16       \n\t" \
+   " addze  %2,%2          \n\t" \
+:"=r"(sc0), "=r"(sc1), "=r"(sc2):"0"(sc0), "1"(sc1), "2"(sc2), "r"(i), "r"(j):"16", "cc");
+
+#define SQRADDDB                  \
+__asm__(                              \
+   " addc   %0,%0,%3        \n\t" \
+   " adde   %1,%1,%4        \n\t" \
+   " adde   %2,%2,%5        \n\t" \
+   " addc   %0,%0,%3        \n\t" \
+   " adde   %1,%1,%4        \n\t" \
+   " adde   %2,%2,%5        \n\t" \
+:"=r"(c0), "=r"(c1), "=r"(c2) : "r"(sc0), "r"(sc1), "r"(sc2), "0"(c0), "1"(c1), "2"(c2) : "cc");
+
+
+#elif defined(TFM_AVR32)
+
+/* AVR32 */
+
+#define COMBA_START
+
+#define CLEAR_CARRY \
+   c0 = c1 = c2 = 0;
+
+#define COMBA_STORE(x) \
+   x = c0;
+
+#define COMBA_STORE2(x) \
+   x = c1;
+
+#define CARRY_FORWARD \
+   do { c0 = c1; c1 = c2; c2 = 0; } while (0);
+
+#define COMBA_FINI
+
+/* multiplies point i and j, updates carry "c1" and digit c2 */
+#define SQRADD(i, j)             \
+__asm__(                             \
+   " mulu.d r2,%6,%6       \n\t" \
+   " add    %0,%0,r2       \n\t" \
+   " adc    %1,%1,r3       \n\t" \
+   " acr    %2             \n\t" \
+:"=r"(c0), "=r"(c1), "=r"(c2):"0"(c0), "1"(c1), "2"(c2), "r"(i):"r2","r3");
+
+/* for squaring some of the terms are doubled... */
+#define SQRADD2(i, j)            \
+__asm__(                             \
+   " mulu.d r2,%6,%7       \n\t" \
+   " add    %0,%0,r2       \n\t" \
+   " adc    %1,%1,r3       \n\t" \
+   " acr    %2,            \n\t" \
+   " add    %0,%0,r2       \n\t" \
+   " adc    %1,%1,r3       \n\t" \
+   " acr    %2,            \n\t" \
+:"=r"(c0), "=r"(c1), "=r"(c2):"0"(c0), "1"(c1), "2"(c2), "r"(i), "r"(j):"r2", "r3");
+
+#define SQRADDSC(i, j)            \
+__asm__(                              \
+   " mulu.d r2,%6,%7        \n\t" \
+   " mov    %0,r2           \n\t" \
+   " mov    %1,r3           \n\t" \
+   " eor    %2,%2           \n\t" \
+:"=r"(sc0), "=r"(sc1), "=r"(sc2):"0"(sc0), "1"(sc1), "2"(sc2), "r"(i),"r"(j) : "r2", "r3");
+
+#define SQRADDAC(i, j)           \
+__asm__(                             \
+   " mulu.d r2,%6,%7       \n\t" \
+   " add    %0,%0,r2       \n\t" \
+   " adc    %1,%1,r3       \n\t" \
+   " acr    %2             \n\t" \
+:"=r"(sc0), "=r"(sc1), "=r"(sc2):"0"(sc0), "1"(sc1), "2"(sc2), "r"(i), "r"(j):"r2", "r3");
+
+#define SQRADDDB                  \
+__asm__(                              \
+   " add    %0,%0,%3        \n\t" \
+   " adc    %1,%1,%4        \n\t" \
+   " adc    %2,%2,%5        \n\t" \
+   " add    %0,%0,%3        \n\t" \
+   " adc    %1,%1,%4        \n\t" \
+   " adc    %2,%2,%5        \n\t" \
+:"=r"(c0), "=r"(c1), "=r"(c2) : "r"(sc0), "r"(sc1), "r"(sc2), "0"(c0), "1"(c1), "2"(c2) : "cc");
+
+
+#else
+
+#define TFM_ISO
+
+/* ISO C portable code */
+
+#define COMBA_START
+
+#define CLEAR_CARRY \
+   c0 = c1 = c2 = 0;
+
+#define COMBA_STORE(x) \
+   x = c0;
+
+#define COMBA_STORE2(x) \
+   x = c1;
+
+#define CARRY_FORWARD \
+   do { c0 = c1; c1 = c2; c2 = 0; } while (0);
+
+#define COMBA_FINI
+
+/* multiplies point i and j, updates carry "c1" and digit c2 */
+#define SQRADD(i, j)                                 \
+   do { fp_word t;                                   \
+   t = c0 + ((fp_word)i) * ((fp_word)j);  c0 = (fp_digit)t;    \
+   t = c1 + (t >> DIGIT_BIT);             c1 = (fp_digit)t;    \
+                                          c2 +=(fp_digit) (t >> DIGIT_BIT); \
+   } while (0);
+  
+
+/* for squaring some of the terms are doubled... */
+#define SQRADD2(i, j)                                                 \
+   do { fp_word t;                                                    \
+   t  = ((fp_word)i) * ((fp_word)j);                                  \
+   tt = (fp_word)c0 + t;                 c0 = (fp_digit)tt;           \
+   tt = (fp_word)c1 + (tt >> DIGIT_BIT); c1 = (fp_digit)tt;           \
+                                         c2 +=(fp_digit)( tt >> DIGIT_BIT);    \
+   tt = (fp_word)c0 + t;                 c0 = (fp_digit)tt;                    \
+   tt = (fp_word)c1 + (tt >> DIGIT_BIT); c1 = (fp_digit)tt;            \
+                                         c2 +=(fp_digit) (tt >> DIGIT_BIT);    \
+   } while (0);
+
+#define SQRADDSC(i, j)                                                         \
+   do { fp_word t;                                                             \
+      t =  ((fp_word)i) * ((fp_word)j);                                        \
+      sc0 = (fp_digit)t; sc1 = (t >> DIGIT_BIT); sc2 = 0;                      \
+   } while (0);
+
+#define SQRADDAC(i, j)                                                         \
+   do { fp_word t;                                                             \
+   t = sc0 + ((fp_word)i) * ((fp_word)j);  sc0 =  (fp_digit)t;                 \
+   t = sc1 + (t >> DIGIT_BIT);             sc1 =  (fp_digit)t;                 \
+                                           sc2 += (fp_digit)(t >> DIGIT_BIT);  \
+   } while (0);
+
+#define SQRADDDB                                                               \
+   do { fp_word t;                                                             \
+   t = ((fp_word)sc0) + ((fp_word)sc0) + c0; c0 = (fp_digit)t;                 \
+   t = ((fp_word)sc1) + ((fp_word)sc1) + c1 + (t >> DIGIT_BIT);                \
+                                             c1 = (fp_digit)t;                 \
+   c2 = c2 + (fp_digit)(((fp_word)sc2) + ((fp_word)sc2) + (t >> DIGIT_BIT));   \
+   } while (0);
+
+#endif
+
+#ifdef TFM_SMALL_SET
+    #include "fp_sqr_comba_small_set.i"
+#endif
+
+#if defined(TFM_SQR3)
+    #include "fp_sqr_comba_3.i"
+#endif
+#if defined(TFM_SQR4)
+    #include "fp_sqr_comba_4.i"
+#endif
+#if defined(TFM_SQR6)
+    #include "fp_sqr_comba_6.i"
+#endif
+#if defined(TFM_SQR7)
+    #include "fp_sqr_comba_7.i"
+#endif
+#if defined(TFM_SQR8)
+    #include "fp_sqr_comba_8.i"
+#endif
+#if defined(TFM_SQR9)
+    #include "fp_sqr_comba_9.i"
+#endif
+#if defined(TFM_SQR12)
+    #include "fp_sqr_comba_12.i"
+#endif
+#if defined(TFM_SQR17)
+    #include "fp_sqr_comba_17.i"
+#endif
+#if defined(TFM_SQR20)
+    #include "fp_sqr_comba_20.i"
+#endif
+#if defined(TFM_SQR24)
+    #include "fp_sqr_comba_24.i"
+#endif
+#if defined(TFM_SQR28)
+    #include "fp_sqr_comba_28.i"
+#endif
+#if defined(TFM_SQR32)
+    #include "fp_sqr_comba_32.i"
+#endif
+#if defined(TFM_SQR48)
+    #include "fp_sqr_comba_48.i"
+#endif
+#if defined(TFM_SQR64)
+    #include "fp_sqr_comba_64.i"
+#endif
+/* end fp_sqr_comba.c asm */
+
+/* start fp_mul_comba.c asm */
+/* these are the combas.  Worship them. */
+#if defined(TFM_X86)
+/* Generic x86 optimized code */
+
+/* anything you need at the start */
+#define COMBA_START
+
+/* clear the chaining variables */
+#define COMBA_CLEAR \
+   c0 = c1 = c2 = 0;
+
+/* forward the carry to the next digit */
+#define COMBA_FORWARD \
+   do { c0 = c1; c1 = c2; c2 = 0; } while (0);
+
+/* store the first sum */
+#define COMBA_STORE(x) \
+   x = c0;
+
+/* store the second sum [carry] */
+#define COMBA_STORE2(x) \
+   x = c1;
+
+/* anything you need at the end */
+#define COMBA_FINI
+
+/* this should multiply i and j  */
+#define MULADD(i, j)                                      \
+__asm__(                                                      \
+     "movl  %6,%%eax     \n\t"                            \
+     "mull  %7           \n\t"                            \
+     "addl  %%eax,%0     \n\t"                            \
+     "adcl  %%edx,%1     \n\t"                            \
+     "adcl  $0,%2        \n\t"                            \
+     :"=r"(c0), "=r"(c1), "=r"(c2): "0"(c0), "1"(c1), "2"(c2), "m"(i), "m"(j)  :"%eax","%edx","cc");
+
+#elif defined(TFM_X86_64)
+/* x86-64 optimized */
+
+/* anything you need at the start */
+#define COMBA_START
+
+/* clear the chaining variables */
+#define COMBA_CLEAR \
+   c0 = c1 = c2 = 0;
+
+/* forward the carry to the next digit */
+#define COMBA_FORWARD \
+   do { c0 = c1; c1 = c2; c2 = 0; } while (0);
+
+/* store the first sum */
+#define COMBA_STORE(x) \
+   x = c0;
+
+/* store the second sum [carry] */
+#define COMBA_STORE2(x) \
+   x = c1;
+
+/* anything you need at the end */
+#define COMBA_FINI
+
+/* this should multiply i and j  */
+#define MULADD(i, j)                                      \
+__asm__  (                                                    \
+     "movq  %6,%%rax     \n\t"                            \
+     "mulq  %7           \n\t"                            \
+     "addq  %%rax,%0     \n\t"                            \
+     "adcq  %%rdx,%1     \n\t"                            \
+     "adcq  $0,%2        \n\t"                            \
+     :"=r"(c0), "=r"(c1), "=r"(c2): "0"(c0), "1"(c1), "2"(c2), "g"(i), "g"(j)  :"%rax","%rdx","cc");
+
+#elif defined(TFM_SSE2)
+/* use SSE2 optimizations */
+
+/* anything you need at the start */
+#define COMBA_START
+
+/* clear the chaining variables */
+#define COMBA_CLEAR \
+   c0 = c1 = c2 = 0;
+
+/* forward the carry to the next digit */
+#define COMBA_FORWARD \
+   do { c0 = c1; c1 = c2; c2 = 0; } while (0);
+
+/* store the first sum */
+#define COMBA_STORE(x) \
+   x = c0;
+
+/* store the second sum [carry] */
+#define COMBA_STORE2(x) \
+   x = c1;
+
+/* anything you need at the end */
+#define COMBA_FINI \
+   __asm__("emms");
+
+/* this should multiply i and j  */
+#define MULADD(i, j)                                     \
+__asm__(                                                     \
+    "movd  %6,%%mm0     \n\t"                            \
+    "movd  %7,%%mm1     \n\t"                            \
+    "pmuludq %%mm1,%%mm0\n\t"                            \
+    "movd  %%mm0,%%eax  \n\t"                            \
+    "psrlq $32,%%mm0    \n\t"                            \
+    "addl  %%eax,%0     \n\t"                            \
+    "movd  %%mm0,%%eax  \n\t"                            \
+    "adcl  %%eax,%1     \n\t"                            \
+    "adcl  $0,%2        \n\t"                            \
+    :"=r"(c0), "=r"(c1), "=r"(c2): "0"(c0), "1"(c1), "2"(c2), "m"(i), "m"(j)  :"%eax","cc");
+
+#elif defined(TFM_ARM)
+/* ARM code */
+
+#define COMBA_START 
+
+#define COMBA_CLEAR \
+   c0 = c1 = c2 = 0;
+
+#define COMBA_FORWARD \
+   do { c0 = c1; c1 = c2; c2 = 0; } while (0);
+
+#define COMBA_STORE(x) \
+   x = c0;
+
+#define COMBA_STORE2(x) \
+   x = c1;
+
+#define COMBA_FINI
+
+#define MULADD(i, j)                                          \
+__asm__(                                                          \
+"  UMULL  r0,r1,%6,%7           \n\t"                         \
+"  ADDS   %0,%0,r0              \n\t"                         \
+"  ADCS   %1,%1,r1              \n\t"                         \
+"  ADC    %2,%2,#0              \n\t"                         \
+:"=r"(c0), "=r"(c1), "=r"(c2) : "0"(c0), "1"(c1), "2"(c2), "r"(i), "r"(j) : "r0", "r1", "cc");
+
+#elif defined(TFM_PPC32)
+/* For 32-bit PPC */
+
+#define COMBA_START
+
+#define COMBA_CLEAR \
+   c0 = c1 = c2 = 0;
+
+#define COMBA_FORWARD \
+   do { c0 = c1; c1 = c2; c2 = 0; } while (0);
+
+#define COMBA_STORE(x) \
+   x = c0;
+
+#define COMBA_STORE2(x) \
+   x = c1;
+
+#define COMBA_FINI 
+   
+/* untested: will mulhwu change the flags?  Docs say no */
+#define MULADD(i, j)              \
+__asm__(                              \
+   " mullw  16,%6,%7       \n\t" \
+   " addc   %0,%0,16       \n\t" \
+   " mulhwu 16,%6,%7       \n\t" \
+   " adde   %1,%1,16       \n\t" \
+   " addze  %2,%2          \n\t" \
+:"=r"(c0), "=r"(c1), "=r"(c2):"0"(c0), "1"(c1), "2"(c2), "r"(i), "r"(j):"16");
+
+#elif defined(TFM_PPC64)
+/* For 64-bit PPC */
+
+#define COMBA_START
+
+#define COMBA_CLEAR \
+   c0 = c1 = c2 = 0;
+
+#define COMBA_FORWARD \
+   do { c0 = c1; c1 = c2; c2 = 0; } while (0);
+
+#define COMBA_STORE(x) \
+   x = c0;
+
+#define COMBA_STORE2(x) \
+   x = c1;
+
+#define COMBA_FINI 
+   
+/* untested: will mulhwu change the flags?  Docs say no */
+#define MULADD(i, j)              \
+____asm__(                              \
+   " mulld  16,%6,%7       \n\t" \
+   " addc   %0,%0,16       \n\t" \
+   " mulhdu 16,%6,%7       \n\t" \
+   " adde   %1,%1,16       \n\t" \
+   " addze  %2,%2          \n\t" \
+:"=r"(c0), "=r"(c1), "=r"(c2):"0"(c0), "1"(c1), "2"(c2), "r"(i), "r"(j):"16");
+
+#elif defined(TFM_AVR32)
+
+/* ISO C code */
+
+#define COMBA_START
+
+#define COMBA_CLEAR \
+   c0 = c1 = c2 = 0;
+
+#define COMBA_FORWARD \
+   do { c0 = c1; c1 = c2; c2 = 0; } while (0);
+
+#define COMBA_STORE(x) \
+   x = c0;
+
+#define COMBA_STORE2(x) \
+   x = c1;
+
+#define COMBA_FINI 
+   
+#define MULADD(i, j)             \
+____asm__(                             \
+   " mulu.d r2,%6,%7        \n\t"\
+   " add    %0,r2           \n\t"\
+   " adc    %1,%1,r3        \n\t"\
+   " acr    %2              \n\t"\
+:"=r"(c0), "=r"(c1), "=r"(c2):"0"(c0), "1"(c1), "2"(c2), "r"(i), "r"(j):"r2","r3");
+
+#else
+/* ISO C code */
+
+#define COMBA_START
+
+#define COMBA_CLEAR \
+   c0 = c1 = c2 = 0;
+
+#define COMBA_FORWARD \
+   do { c0 = c1; c1 = c2; c2 = 0; } while (0);
+
+#define COMBA_STORE(x) \
+   x = c0;
+
+#define COMBA_STORE2(x) \
+   x = c1;
+
+#define COMBA_FINI 
+   
+#define MULADD(i, j)                                                                                                                                  \
+   do { fp_word t;                                                    \
+   t = (fp_word)c0 + ((fp_word)i) * ((fp_word)j); c0 = (fp_digit)t;   \
+   t = (fp_word)c1 + (t >> DIGIT_BIT);                                \
+   c1 = (fp_digit)t; c2 += (fp_digit)(t >> DIGIT_BIT);                \
+   } while (0);
+
+#endif
+
+
+#ifdef TFM_SMALL_SET
+    #include "fp_mul_comba_small_set.i"
+#endif
+
+#if defined(TFM_MUL3)
+    #include "fp_mul_comba_3.i"
+#endif
+#if defined(TFM_MUL4)
+    #include "fp_mul_comba_4.i"
+#endif
+#if defined(TFM_MUL6)
+    #include "fp_mul_comba_6.i"
+#endif
+#if defined(TFM_MUL7)
+    #include "fp_mul_comba_7.i"
+#endif
+#if defined(TFM_MUL8)
+    #include "fp_mul_comba_8.i"
+#endif
+#if defined(TFM_MUL9)
+    #include "fp_mul_comba_9.i"
+#endif
+#if defined(TFM_MUL12)
+    #include "fp_mul_comba_12.i"
+#endif
+#if defined(TFM_MUL17)
+    #include "fp_mul_comba_17.i"
+#endif
+#if defined(TFM_MUL20)
+    #include "fp_mul_comba_20.i"
+#endif
+#if defined(TFM_MUL24)
+    #include "fp_mul_comba_24.i"
+#endif
+#if defined(TFM_MUL28)
+    #include "fp_mul_comba_28.i"
+#endif
+#if defined(TFM_MUL32)
+    #include "fp_mul_comba_32.i"
+#endif
+#if defined(TFM_MUL48)
+    #include "fp_mul_comba_48.i"
+#endif
+#if defined(TFM_MUL64)
+    #include "fp_mul_comba_64.i"
+#endif
+
+/* end fp_mul_comba.c asm */
+
diff --git a/3P/wolfssl/wolfcrypt/src/asn.c b/3P/wolfssl/wolfcrypt/src/asn.c
new file mode 100644
index 00000000..13cfb6c2
--- /dev/null
+++ b/3P/wolfssl/wolfcrypt/src/asn.c
@@ -0,0 +1,7702 @@
+/* asn.c
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+#ifdef HAVE_CONFIG_H
+    #include 
+#endif
+
+#include 
+
+#ifndef NO_ASN
+
+#ifdef HAVE_RTP_SYS
+    #include "os.h"           /* dc_rtc_api needs    */
+    #include "dc_rtc_api.h"   /* to get current time */
+#endif
+
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+
+#include 
+
+
+#ifndef NO_RC4
+    #include 
+#endif
+
+#ifdef HAVE_NTRU
+    #include "ntru_crypto.h"
+#endif
+
+#if defined(WOLFSSL_SHA512) || defined(WOLFSSL_SHA384)
+    #include 
+#endif
+
+#ifndef NO_SHA256
+    #include 
+#endif
+
+#ifdef HAVE_ECC
+    #include 
+#endif
+
+#ifdef WOLFSSL_DEBUG_ENCODING
+    #ifdef FREESCALE_MQX
+        #include 
+    #else
+        #include 
+    #endif
+#endif
+
+#ifdef _MSC_VER
+    /* 4996 warning to use MS extensions e.g., strcpy_s instead of XSTRNCPY */
+    #pragma warning(disable: 4996)
+#endif
+
+
+#ifndef TRUE
+    #define TRUE  1
+#endif
+#ifndef FALSE
+    #define FALSE 0
+#endif
+
+
+#ifdef HAVE_RTP_SYS
+    /* uses parital  structures */
+    #define XTIME(tl)  (0)
+    #define XGMTIME(c) my_gmtime((c))
+    #define XVALIDATE_DATE(d, f, t) ValidateDate((d), (f), (t))
+#elif defined(MICRIUM)
+    #if (NET_SECURE_MGR_CFG_EN == DEF_ENABLED)
+        #define XVALIDATE_DATE(d,f,t) NetSecure_ValidateDateHandler((d),(f),(t))
+    #else
+        #define XVALIDATE_DATE(d, f, t) (0)
+    #endif
+    #define NO_TIME_H
+    /* since Micrium not defining XTIME or XGMTIME, CERT_GEN not available */
+#elif defined(MICROCHIP_TCPIP_V5) || defined(MICROCHIP_TCPIP)
+    #include 
+    #define XTIME(t1) pic32_time((t1))
+    #define XGMTIME(c) gmtime((c))
+    #define XVALIDATE_DATE(d, f, t) ValidateDate((d), (f), (t))
+#elif defined(FREESCALE_MQX)
+    #define XTIME(t1)  mqx_time((t1))
+    #define XGMTIME(c) mqx_gmtime((c))
+    #define XVALIDATE_DATE(d, f, t) ValidateDate((d), (f), (t))
+#elif defined(WOLFSSL_MDK_ARM)
+    #if defined(WOLFSSL_MDK5)
+        #include "cmsis_os.h"
+    #else
+        #include 
+    #endif
+    #undef RNG
+    #include "wolfssl_MDK_ARM.h"
+    #undef RNG
+    #define RNG wolfSSL_RNG /*for avoiding name conflict in "stm32f2xx.h" */
+    #define XTIME(tl)  (0)
+    #define XGMTIME(c) wolfssl_MDK_gmtime((c))
+    #define XVALIDATE_DATE(d, f, t)  ValidateDate((d), (f), (t))
+#elif defined(USER_TIME)
+    /* user time, and gmtime compatible functions, there is a gmtime 
+       implementation here that WINCE uses, so really just need some ticks
+       since the EPOCH 
+    */
+
+    struct tm {
+    int tm_sec;     /* seconds after the minute [0-60] */
+    int tm_min;     /* minutes after the hour [0-59] */
+    int tm_hour;    /* hours since midnight [0-23] */
+    int tm_mday;    /* day of the month [1-31] */
+    int tm_mon;     /* months since January [0-11] */
+    int tm_year;    /* years since 1900 */
+    int tm_wday;    /* days since Sunday [0-6] */
+    int tm_yday;    /* days since January 1 [0-365] */
+    int tm_isdst;   /* Daylight Savings Time flag */
+    long    tm_gmtoff;  /* offset from CUT in seconds */
+    char    *tm_zone;   /* timezone abbreviation */
+    };
+    typedef long time_t;
+
+    /* forward declaration */
+    struct tm* gmtime(const time_t* timer);
+    extern time_t XTIME(time_t * timer);
+
+    #define XGMTIME(c) gmtime((c))
+    #define XVALIDATE_DATE(d, f, t) ValidateDate((d), (f), (t))
+
+    #ifdef STACK_TRAP
+        /* for stack trap tracking, don't call os gmtime on OS X/linux,
+           uses a lot of stack spce */
+        extern time_t time(time_t * timer);
+        #define XTIME(tl)  time((tl))
+    #endif /* STACK_TRAP */
+
+#else
+    /* default */
+    /* uses complete  facility */
+    #include 
+    #define XTIME(tl)  time((tl))
+    #define XGMTIME(c) gmtime((c))
+    #define XVALIDATE_DATE(d, f, t) ValidateDate((d), (f), (t))
+#endif
+
+
+#ifdef _WIN32_WCE
+/* no time() or gmtime() even though in time.h header?? */
+
+#include 
+
+
+time_t time(time_t* timer)
+{
+    SYSTEMTIME     sysTime;
+    FILETIME       fTime;
+    ULARGE_INTEGER intTime;
+    time_t         localTime;
+
+    if (timer == NULL)
+        timer = &localTime;
+
+    GetSystemTime(&sysTime);
+    SystemTimeToFileTime(&sysTime, &fTime);
+
+    XMEMCPY(&intTime, &fTime, sizeof(FILETIME));
+    /* subtract EPOCH */
+    intTime.QuadPart -= 0x19db1ded53e8000;
+    /* to secs */
+    intTime.QuadPart /= 10000000;
+    *timer = (time_t)intTime.QuadPart;
+
+    return *timer;
+}
+
+#endif /*  _WIN32_WCE */
+#if defined( _WIN32_WCE ) || defined( USER_TIME )
+
+struct tm* gmtime(const time_t* timer)
+{
+    #define YEAR0          1900
+    #define EPOCH_YEAR     1970
+    #define SECS_DAY       (24L * 60L * 60L)
+    #define LEAPYEAR(year) (!((year) % 4) && (((year) % 100) || !((year) %400)))
+    #define YEARSIZE(year) (LEAPYEAR(year) ? 366 : 365)
+
+    static const int _ytab[2][12] =
+    {
+        {31, 28, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31},
+        {31, 29, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31}
+    };
+
+    static struct tm st_time;
+    struct tm* ret = &st_time;
+    time_t secs = *timer;
+    unsigned long dayclock, dayno;
+    int year = EPOCH_YEAR;
+
+    dayclock = (unsigned long)secs % SECS_DAY;
+    dayno    = (unsigned long)secs / SECS_DAY;
+
+    ret->tm_sec  = (int) dayclock % 60;
+    ret->tm_min  = (int)(dayclock % 3600) / 60;
+    ret->tm_hour = (int) dayclock / 3600;
+    ret->tm_wday = (int) (dayno + 4) % 7;        /* day 0 a Thursday */
+
+    while(dayno >= (unsigned long)YEARSIZE(year)) {
+        dayno -= YEARSIZE(year);
+        year++;
+    }
+
+    ret->tm_year = year - YEAR0;
+    ret->tm_yday = (int)dayno;
+    ret->tm_mon  = 0;
+
+    while(dayno >= (unsigned long)_ytab[LEAPYEAR(year)][ret->tm_mon]) {
+        dayno -= _ytab[LEAPYEAR(year)][ret->tm_mon];
+        ret->tm_mon++;
+    }
+
+    ret->tm_mday  = (int)++dayno;
+    ret->tm_isdst = 0;
+
+    return ret;
+}
+
+#endif /* _WIN32_WCE  || USER_TIME */
+
+
+#ifdef HAVE_RTP_SYS
+
+#define YEAR0          1900
+
+struct tm* my_gmtime(const time_t* timer)       /* has a gmtime() but hangs */
+{
+    static struct tm st_time;
+    struct tm* ret = &st_time;
+
+    DC_RTC_CALENDAR cal;
+    dc_rtc_time_get(&cal, TRUE);
+
+    ret->tm_year  = cal.year - YEAR0;       /* gm starts at 1900 */
+    ret->tm_mon   = cal.month - 1;          /* gm starts at 0 */
+    ret->tm_mday  = cal.day;
+    ret->tm_hour  = cal.hour;
+    ret->tm_min   = cal.minute;
+    ret->tm_sec   = cal.second;
+
+    return ret;
+}
+
+#endif /* HAVE_RTP_SYS */
+
+
+#if defined(MICROCHIP_TCPIP_V5) || defined(MICROCHIP_TCPIP)
+
+/*
+ * time() is just a stub in Microchip libraries. We need our own
+ * implementation. Use SNTP client to get seconds since epoch.
+ */
+time_t pic32_time(time_t* timer)
+{
+#ifdef MICROCHIP_TCPIP_V5
+    DWORD sec = 0;
+#else
+    uint32_t sec = 0;
+#endif
+    time_t localTime;
+
+    if (timer == NULL)
+        timer = &localTime;
+
+#ifdef MICROCHIP_MPLAB_HARMONY
+    sec = TCPIP_SNTP_UTCSecondsGet();
+#else
+    sec = SNTPGetUTCSeconds();
+#endif
+    *timer = (time_t) sec;
+
+    return *timer;
+}
+
+#endif /* MICROCHIP_TCPIP */
+
+
+#ifdef FREESCALE_MQX
+
+time_t mqx_time(time_t* timer)
+{
+    time_t localTime;
+    TIME_STRUCT time_s;
+
+    if (timer == NULL)
+        timer = &localTime;
+
+    _time_get(&time_s);
+    *timer = (time_t) time_s.SECONDS;
+
+    return *timer;
+}
+
+/* CodeWarrior GCC toolchain only has gmtime_r(), no gmtime() */
+struct tm* mqx_gmtime(const time_t* clock)
+{
+    struct tm tmpTime;
+
+    return gmtime_r(clock, &tmpTime);
+}
+
+#endif /* FREESCALE_MQX */
+
+#ifdef WOLFSSL_TIRTOS
+
+time_t XTIME(time_t * timer)
+{
+    time_t sec = 0;
+
+    sec = (time_t) MYTIME_gettime();
+
+    if (timer != NULL)
+        *timer = sec;
+
+    return sec;
+}
+
+#endif /* WOLFSSL_TIRTOS */
+
+static INLINE word32 btoi(byte b)
+{
+    return b - 0x30;
+}
+
+
+/* two byte date/time, add to value */
+static INLINE void GetTime(int* value, const byte* date, int* idx)
+{
+    int i = *idx;
+
+    *value += btoi(date[i++]) * 10;
+    *value += btoi(date[i++]);
+
+    *idx = i;
+}
+
+
+#if defined(MICRIUM)
+
+CPU_INT32S NetSecure_ValidateDateHandler(CPU_INT08U *date, CPU_INT08U format,
+                                         CPU_INT08U dateType)
+{
+    CPU_BOOLEAN  rtn_code;
+    CPU_INT32S   i;
+    CPU_INT32S   val;    
+    CPU_INT16U   year;
+    CPU_INT08U   month;
+    CPU_INT16U   day;
+    CPU_INT08U   hour;
+    CPU_INT08U   min;
+    CPU_INT08U   sec;
+
+    i    = 0;
+    year = 0u;
+
+    if (format == ASN_UTC_TIME) {
+        if (btoi(date[0]) >= 5)
+            year = 1900;
+        else
+            year = 2000;
+    }
+    else  { /* format == GENERALIZED_TIME */
+        year += btoi(date[i++]) * 1000;
+        year += btoi(date[i++]) * 100;
+    }    
+
+    val = year;
+    GetTime(&val, date, &i);
+    year = (CPU_INT16U)val;
+
+    val = 0;
+    GetTime(&val, date, &i);   
+    month = (CPU_INT08U)val;   
+
+    val = 0;
+    GetTime(&val, date, &i);  
+    day = (CPU_INT16U)val;
+
+    val = 0;
+    GetTime(&val, date, &i);  
+    hour = (CPU_INT08U)val;
+
+    val = 0;
+    GetTime(&val, date, &i);  
+    min = (CPU_INT08U)val;
+
+    val = 0;
+    GetTime(&val, date, &i);  
+    sec = (CPU_INT08U)val;
+
+    return NetSecure_ValidateDate(year, month, day, hour, min, sec, dateType); 
+}
+
+#endif /* MICRIUM */
+
+
+WOLFSSL_LOCAL int GetLength(const byte* input, word32* inOutIdx, int* len,
+                           word32 maxIdx)
+{
+    int     length = 0;
+    word32  i = *inOutIdx;
+    byte    b;
+
+    *len = 0;    /* default length */
+
+    if ( (i+1) > maxIdx) {   /* for first read */
+        WOLFSSL_MSG("GetLength bad index on input");
+        return BUFFER_E;
+    }
+
+    b = input[i++];
+    if (b >= ASN_LONG_LENGTH) {        
+        word32 bytes = b & 0x7F;
+
+        if ( (i+bytes) > maxIdx) {   /* for reading bytes */
+            WOLFSSL_MSG("GetLength bad long length");
+            return BUFFER_E;
+        }
+
+        while (bytes--) {
+            b = input[i++];
+            length = (length << 8) | b;
+        }
+    }
+    else
+        length = b;
+    
+    if ( (i+length) > maxIdx) {   /* for user of length */
+        WOLFSSL_MSG("GetLength value exceeds buffer length");
+        return BUFFER_E;
+    }
+
+    *inOutIdx = i;
+    if (length > 0)
+        *len = length;
+
+    return length;
+}
+
+
+WOLFSSL_LOCAL int GetSequence(const byte* input, word32* inOutIdx, int* len,
+                           word32 maxIdx)
+{
+    int    length = -1;
+    word32 idx    = *inOutIdx;
+
+    if (input[idx++] != (ASN_SEQUENCE | ASN_CONSTRUCTED) ||
+            GetLength(input, &idx, &length, maxIdx) < 0)
+        return ASN_PARSE_E;
+
+    *len      = length;
+    *inOutIdx = idx;
+
+    return length;
+}
+
+
+WOLFSSL_LOCAL int GetSet(const byte* input, word32* inOutIdx, int* len,
+                        word32 maxIdx)
+{
+    int    length = -1;
+    word32 idx    = *inOutIdx;
+
+    if (input[idx++] != (ASN_SET | ASN_CONSTRUCTED) ||
+            GetLength(input, &idx, &length, maxIdx) < 0)
+        return ASN_PARSE_E;
+
+    *len      = length;
+    *inOutIdx = idx;
+
+    return length;
+}
+
+
+/* winodws header clash for WinCE using GetVersion */
+WOLFSSL_LOCAL int GetMyVersion(const byte* input, word32* inOutIdx, int* version)
+{
+    word32 idx = *inOutIdx;
+
+    WOLFSSL_ENTER("GetMyVersion");
+
+    if (input[idx++] != ASN_INTEGER)
+        return ASN_PARSE_E;
+
+    if (input[idx++] != 0x01)
+        return ASN_VERSION_E;
+
+    *version  = input[idx++];
+    *inOutIdx = idx;
+
+    return *version;
+}
+
+
+#ifndef NO_PWDBASED
+/* Get small count integer, 32 bits or less */
+static int GetShortInt(const byte* input, word32* inOutIdx, int* number)
+{
+    word32 idx = *inOutIdx;
+    word32 len;
+
+    *number = 0;
+
+    if (input[idx++] != ASN_INTEGER)
+        return ASN_PARSE_E;
+
+    len = input[idx++];
+    if (len > 4)
+        return ASN_PARSE_E;
+
+    while (len--) {
+        *number  = *number << 8 | input[idx++];
+    }
+
+    *inOutIdx = idx;
+
+    return *number;
+}
+#endif /* !NO_PWDBASED */
+
+
+/* May not have one, not an error */
+static int GetExplicitVersion(const byte* input, word32* inOutIdx, int* version)
+{
+    word32 idx = *inOutIdx;
+
+    WOLFSSL_ENTER("GetExplicitVersion");
+    if (input[idx++] == (ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED)) {
+        *inOutIdx = ++idx;  /* eat header */
+        return GetMyVersion(input, inOutIdx, version);
+    }
+
+    /* go back as is */
+    *version = 0;
+
+    return 0;
+}
+
+
+WOLFSSL_LOCAL int GetInt(mp_int* mpi, const byte* input, word32* inOutIdx,
+                  word32 maxIdx)
+{
+    word32 i = *inOutIdx;
+    byte   b = input[i++];
+    int    length;
+
+    if (b != ASN_INTEGER)
+        return ASN_PARSE_E;
+
+    if (GetLength(input, &i, &length, maxIdx) < 0)
+        return ASN_PARSE_E;
+
+    if ( (b = input[i++]) == 0x00)
+        length--;
+    else
+        i--;
+
+    if (mp_init(mpi) != MP_OKAY)
+        return MP_INIT_E;
+
+    if (mp_read_unsigned_bin(mpi, (byte*)input + i, length) != 0) {
+        mp_clear(mpi);
+        return ASN_GETINT_E;
+    }
+
+    *inOutIdx = i + length;
+    return 0;
+}
+
+
+static int GetObjectId(const byte* input, word32* inOutIdx, word32* oid,
+                     word32 maxIdx)
+{
+    int    length;
+    word32 i = *inOutIdx;
+    byte   b;
+    *oid = 0;
+    
+    b = input[i++];
+    if (b != ASN_OBJECT_ID) 
+        return ASN_OBJECT_ID_E;
+    
+    if (GetLength(input, &i, &length, maxIdx) < 0)
+        return ASN_PARSE_E;
+    
+    while(length--)
+        *oid += input[i++];
+    /* just sum it up for now */
+    
+    *inOutIdx = i;
+    
+    return 0;
+}
+
+
+WOLFSSL_LOCAL int GetAlgoId(const byte* input, word32* inOutIdx, word32* oid,
+                     word32 maxIdx)
+{
+    int    length;
+    word32 i = *inOutIdx;
+    byte   b;
+    *oid = 0;
+   
+    WOLFSSL_ENTER("GetAlgoId");
+
+    if (GetSequence(input, &i, &length, maxIdx) < 0)
+        return ASN_PARSE_E;
+    
+    b = input[i++];
+    if (b != ASN_OBJECT_ID) 
+        return ASN_OBJECT_ID_E;
+    
+    if (GetLength(input, &i, &length, maxIdx) < 0)
+        return ASN_PARSE_E;
+    
+    while(length--) {
+        /* odd HC08 compiler behavior here when input[i++] */
+        *oid += input[i];
+        i++;
+    }
+    /* just sum it up for now */
+    
+    /* could have NULL tag and 0 terminator, but may not */
+    b = input[i++];
+    
+    if (b == ASN_TAG_NULL) {
+        b = input[i++];
+        if (b != 0)
+            return ASN_EXPECT_0_E;
+    }
+    else
+    /* go back, didn't have it */
+        i--;
+    
+    *inOutIdx = i;
+    
+    return 0;
+}
+
+#ifndef NO_RSA
+
+
+#ifdef HAVE_CAVIUM
+
+static int GetCaviumInt(byte** buff, word16* buffSz, const byte* input,
+                        word32* inOutIdx, word32 maxIdx, void* heap)
+{
+    word32 i = *inOutIdx;
+    byte   b = input[i++];
+    int    length;
+
+    if (b != ASN_INTEGER)
+        return ASN_PARSE_E;
+
+    if (GetLength(input, &i, &length, maxIdx) < 0)
+        return ASN_PARSE_E;
+
+    if ( (b = input[i++]) == 0x00)
+        length--;
+    else
+        i--;
+
+    *buffSz = (word16)length;
+    *buff   = XMALLOC(*buffSz, heap, DYNAMIC_TYPE_CAVIUM_RSA);
+    if (*buff == NULL)
+        return MEMORY_E;
+
+    XMEMCPY(*buff, input + i, *buffSz);
+
+    *inOutIdx = i + length;
+    return 0;
+}
+
+static int CaviumRsaPrivateKeyDecode(const byte* input, word32* inOutIdx,
+                                     RsaKey* key, word32 inSz)
+{
+    int   version, length;
+    void* h = key->heap;
+
+    if (GetSequence(input, inOutIdx, &length, inSz) < 0)
+        return ASN_PARSE_E;
+
+    if (GetMyVersion(input, inOutIdx, &version) < 0)
+        return ASN_PARSE_E;
+
+    key->type = RSA_PRIVATE;
+
+    if (GetCaviumInt(&key->c_n,  &key->c_nSz,   input, inOutIdx, inSz, h) < 0 ||
+        GetCaviumInt(&key->c_e,  &key->c_eSz,   input, inOutIdx, inSz, h) < 0 ||
+        GetCaviumInt(&key->c_d,  &key->c_dSz,   input, inOutIdx, inSz, h) < 0 ||
+        GetCaviumInt(&key->c_p,  &key->c_pSz,   input, inOutIdx, inSz, h) < 0 ||
+        GetCaviumInt(&key->c_q,  &key->c_qSz,   input, inOutIdx, inSz, h) < 0 ||
+        GetCaviumInt(&key->c_dP, &key->c_dP_Sz, input, inOutIdx, inSz, h) < 0 ||
+        GetCaviumInt(&key->c_dQ, &key->c_dQ_Sz, input, inOutIdx, inSz, h) < 0 ||
+        GetCaviumInt(&key->c_u,  &key->c_uSz,   input, inOutIdx, inSz, h) < 0 )
+            return ASN_RSA_KEY_E;
+
+    return 0;
+}
+
+
+#endif /* HAVE_CAVIUM */
+
+int wc_RsaPrivateKeyDecode(const byte* input, word32* inOutIdx, RsaKey* key,
+                        word32 inSz)
+{
+    int    version, length;
+
+#ifdef HAVE_CAVIUM
+    if (key->magic == WOLFSSL_RSA_CAVIUM_MAGIC)
+        return CaviumRsaPrivateKeyDecode(input, inOutIdx, key, inSz);
+#endif
+
+    if (GetSequence(input, inOutIdx, &length, inSz) < 0)
+        return ASN_PARSE_E;
+
+    if (GetMyVersion(input, inOutIdx, &version) < 0)
+        return ASN_PARSE_E;
+
+    key->type = RSA_PRIVATE;
+
+    if (GetInt(&key->n,  input, inOutIdx, inSz) < 0 ||
+        GetInt(&key->e,  input, inOutIdx, inSz) < 0 ||
+        GetInt(&key->d,  input, inOutIdx, inSz) < 0 ||
+        GetInt(&key->p,  input, inOutIdx, inSz) < 0 ||
+        GetInt(&key->q,  input, inOutIdx, inSz) < 0 ||
+        GetInt(&key->dP, input, inOutIdx, inSz) < 0 ||
+        GetInt(&key->dQ, input, inOutIdx, inSz) < 0 ||
+        GetInt(&key->u,  input, inOutIdx, inSz) < 0 )  return ASN_RSA_KEY_E;
+
+    return 0;
+}
+
+#endif /* NO_RSA */
+
+/* Remove PKCS8 header, move beginning of traditional to beginning of input */
+int ToTraditional(byte* input, word32 sz)
+{
+    word32 inOutIdx = 0, oid;
+    int    version, length;
+
+    if (GetSequence(input, &inOutIdx, &length, sz) < 0)
+        return ASN_PARSE_E;
+
+    if (GetMyVersion(input, &inOutIdx, &version) < 0)
+        return ASN_PARSE_E;
+
+    if (GetAlgoId(input, &inOutIdx, &oid, sz) < 0)
+        return ASN_PARSE_E;
+
+    if (input[inOutIdx] == ASN_OBJECT_ID) {
+        /* pkcs8 ecc uses slightly different format */
+        inOutIdx++;  /* past id */
+        if (GetLength(input, &inOutIdx, &length, sz) < 0)
+            return ASN_PARSE_E;
+        inOutIdx += length;  /* over sub id, key input will verify */
+    }
+
+    if (input[inOutIdx++] != ASN_OCTET_STRING)
+        return ASN_PARSE_E;
+
+    if (GetLength(input, &inOutIdx, &length, sz) < 0)
+        return ASN_PARSE_E;
+
+    XMEMMOVE(input, input + inOutIdx, length);
+
+    return length;
+}
+
+
+#ifndef NO_PWDBASED
+
+/* Check To see if PKCS version algo is supported, set id if it is return 0
+   < 0 on error */
+static int CheckAlgo(int first, int second, int* id, int* version)
+{
+    *id      = ALGO_ID_E;
+    *version = PKCS5;   /* default */
+
+    if (first == 1) {
+        switch (second) {
+        case 1:
+            *id = PBE_SHA1_RC4_128;
+            *version = PKCS12;
+            return 0;
+        case 3:
+            *id = PBE_SHA1_DES3;
+            *version = PKCS12;
+            return 0;
+        default:
+            return ALGO_ID_E;
+        }
+    }
+
+    if (first != PKCS5)
+        return ASN_INPUT_E;  /* VERSION ERROR */
+
+    if (second == PBES2) {
+        *version = PKCS5v2;
+        return 0;
+    }
+
+    switch (second) {
+    case 3:                   /* see RFC 2898 for ids */
+        *id = PBE_MD5_DES;
+        return 0;
+    case 10:
+        *id = PBE_SHA1_DES;
+        return 0;
+    default:
+        return ALGO_ID_E;
+
+    }
+}
+
+
+/* Check To see if PKCS v2 algo is supported, set id if it is return 0
+   < 0 on error */
+static int CheckAlgoV2(int oid, int* id)
+{
+    switch (oid) {
+    case 69:
+        *id = PBE_SHA1_DES;
+        return 0;
+    case 652:
+        *id = PBE_SHA1_DES3;
+        return 0;
+    default:
+        return ALGO_ID_E;
+
+    }
+}
+
+
+/* Decrypt intput in place from parameters based on id */
+static int DecryptKey(const char* password, int passwordSz, byte* salt,
+                      int saltSz, int iterations, int id, byte* input,
+                      int length, int version, byte* cbcIv)
+{
+    int typeH;
+    int derivedLen;
+    int decryptionType;
+    int ret = 0;
+#ifdef WOLFSSL_SMALL_STACK
+    byte* key;
+#else
+    byte key[MAX_KEY_SIZE];
+#endif
+
+    switch (id) {
+        case PBE_MD5_DES:
+            typeH = MD5;
+            derivedLen = 16;           /* may need iv for v1.5 */
+            decryptionType = DES_TYPE;
+            break;
+
+        case PBE_SHA1_DES:
+            typeH = SHA;
+            derivedLen = 16;           /* may need iv for v1.5 */
+            decryptionType = DES_TYPE;
+            break;
+
+        case PBE_SHA1_DES3:
+            typeH = SHA;
+            derivedLen = 32;           /* may need iv for v1.5 */
+            decryptionType = DES3_TYPE;
+            break;
+
+        case PBE_SHA1_RC4_128:
+            typeH = SHA;
+            derivedLen = 16;
+            decryptionType = RC4_TYPE;
+            break;
+
+        default:
+            return ALGO_ID_E;
+    }
+
+#ifdef WOLFSSL_SMALL_STACK
+    key = (byte*)XMALLOC(MAX_KEY_SIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    if (key == NULL)
+        return MEMORY_E;
+#endif
+
+    if (version == PKCS5v2)
+        ret = wc_PBKDF2(key, (byte*)password, passwordSz, salt, saltSz, iterations,
+               derivedLen, typeH);
+    else if (version == PKCS5)
+        ret = wc_PBKDF1(key, (byte*)password, passwordSz, salt, saltSz, iterations,
+               derivedLen, typeH);
+    else if (version == PKCS12) {
+        int  i, idx = 0;
+        byte unicodePasswd[MAX_UNICODE_SZ];
+
+        if ( (passwordSz * 2 + 2) > (int)sizeof(unicodePasswd)) {
+#ifdef WOLFSSL_SMALL_STACK
+            XFREE(key, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+            return UNICODE_SIZE_E; 
+        }
+
+        for (i = 0; i < passwordSz; i++) {
+            unicodePasswd[idx++] = 0x00;
+            unicodePasswd[idx++] = (byte)password[i];
+        }
+        /* add trailing NULL */
+        unicodePasswd[idx++] = 0x00;
+        unicodePasswd[idx++] = 0x00;
+
+        ret =  wc_PKCS12_PBKDF(key, unicodePasswd, idx, salt, saltSz,
+                            iterations, derivedLen, typeH, 1);
+        if (decryptionType != RC4_TYPE)
+            ret += wc_PKCS12_PBKDF(cbcIv, unicodePasswd, idx, salt, saltSz,
+                                iterations, 8, typeH, 2);
+    }
+    else {
+#ifdef WOLFSSL_SMALL_STACK
+        XFREE(key, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+        return ALGO_ID_E;
+    }
+
+    if (ret != 0) {
+#ifdef WOLFSSL_SMALL_STACK
+        XFREE(key, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+        return ret;
+    }
+
+    switch (decryptionType) {
+#ifndef NO_DES3
+        case DES_TYPE:
+        {
+            Des    dec;
+            byte*  desIv = key + 8;
+
+            if (version == PKCS5v2 || version == PKCS12)
+                desIv = cbcIv;
+
+            ret = wc_Des_SetKey(&dec, key, desIv, DES_DECRYPTION);
+            if (ret != 0) {
+#ifdef WOLFSSL_SMALL_STACK
+                XFREE(key, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+                return ret;
+            }
+
+            wc_Des_CbcDecrypt(&dec, input, input, length);
+            break;
+        }
+
+        case DES3_TYPE:
+        {
+            Des3   dec;
+            byte*  desIv = key + 24;
+
+            if (version == PKCS5v2 || version == PKCS12)
+                desIv = cbcIv;
+            ret = wc_Des3_SetKey(&dec, key, desIv, DES_DECRYPTION);
+            if (ret != 0) {
+#ifdef WOLFSSL_SMALL_STACK
+                XFREE(key, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+                return ret;
+            }
+            ret = wc_Des3_CbcDecrypt(&dec, input, input, length);
+            if (ret != 0) {
+#ifdef WOLFSSL_SMALL_STACK
+                XFREE(key, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+                return ret;
+            }
+            break;
+        }
+#endif
+#ifndef NO_RC4
+        case RC4_TYPE:
+        {
+            Arc4    dec;
+
+            wc_Arc4SetKey(&dec, key, derivedLen);
+            wc_Arc4Process(&dec, input, input, length);
+            break;
+        }
+#endif
+
+        default:
+#ifdef WOLFSSL_SMALL_STACK
+            XFREE(key, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+            return ALGO_ID_E; 
+    }
+
+#ifdef WOLFSSL_SMALL_STACK
+    XFREE(key, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+
+    return 0;
+}
+
+
+/* Remove Encrypted PKCS8 header, move beginning of traditional to beginning
+   of input */
+int ToTraditionalEnc(byte* input, word32 sz,const char* password,int passwordSz)
+{
+    word32 inOutIdx = 0, oid;
+    int    first, second, length, version, saltSz, id;
+    int    iterations = 0;
+#ifdef WOLFSSL_SMALL_STACK
+    byte*  salt = NULL;
+    byte*  cbcIv = NULL;
+#else
+    byte   salt[MAX_SALT_SIZE];
+    byte   cbcIv[MAX_IV_SIZE];
+#endif
+    
+    if (GetSequence(input, &inOutIdx, &length, sz) < 0)
+        return ASN_PARSE_E;
+
+    if (GetAlgoId(input, &inOutIdx, &oid, sz) < 0)
+        return ASN_PARSE_E;
+    
+    first  = input[inOutIdx - 2];   /* PKCS version alwyas 2nd to last byte */
+    second = input[inOutIdx - 1];   /* version.algo, algo id last byte */
+
+    if (CheckAlgo(first, second, &id, &version) < 0)
+        return ASN_INPUT_E;  /* Algo ID error */
+
+    if (version == PKCS5v2) {
+
+        if (GetSequence(input, &inOutIdx, &length, sz) < 0)
+            return ASN_PARSE_E;
+
+        if (GetAlgoId(input, &inOutIdx, &oid, sz) < 0)
+            return ASN_PARSE_E;
+
+        if (oid != PBKDF2_OID)
+            return ASN_PARSE_E;
+    }
+
+    if (GetSequence(input, &inOutIdx, &length, sz) < 0)
+        return ASN_PARSE_E;
+
+    if (input[inOutIdx++] != ASN_OCTET_STRING)
+        return ASN_PARSE_E;
+    
+    if (GetLength(input, &inOutIdx, &saltSz, sz) < 0)
+        return ASN_PARSE_E;
+
+    if (saltSz > MAX_SALT_SIZE)
+        return ASN_PARSE_E;
+     
+#ifdef WOLFSSL_SMALL_STACK
+    salt = (byte*)XMALLOC(MAX_SALT_SIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    if (salt == NULL)
+        return MEMORY_E;
+#endif
+
+    XMEMCPY(salt, &input[inOutIdx], saltSz);
+    inOutIdx += saltSz;
+
+    if (GetShortInt(input, &inOutIdx, &iterations) < 0) {
+#ifdef WOLFSSL_SMALL_STACK
+        XFREE(salt,  NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+        return ASN_PARSE_E;
+    }
+
+#ifdef WOLFSSL_SMALL_STACK
+    cbcIv = (byte*)XMALLOC(MAX_IV_SIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    if (cbcIv == NULL) {
+        XFREE(salt,  NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        return MEMORY_E;
+    }
+#endif
+
+    if (version == PKCS5v2) {
+        /* get encryption algo */
+        if (GetAlgoId(input, &inOutIdx, &oid, sz) < 0) {
+#ifdef WOLFSSL_SMALL_STACK
+            XFREE(salt,  NULL, DYNAMIC_TYPE_TMP_BUFFER);
+            XFREE(cbcIv, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+            return ASN_PARSE_E;
+        }
+
+        if (CheckAlgoV2(oid, &id) < 0) {
+#ifdef WOLFSSL_SMALL_STACK
+            XFREE(salt,  NULL, DYNAMIC_TYPE_TMP_BUFFER);
+            XFREE(cbcIv, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+            return ASN_PARSE_E;  /* PKCS v2 algo id error */
+        }
+
+        if (input[inOutIdx++] != ASN_OCTET_STRING) {
+#ifdef WOLFSSL_SMALL_STACK
+            XFREE(salt,  NULL, DYNAMIC_TYPE_TMP_BUFFER);
+            XFREE(cbcIv, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+            return ASN_PARSE_E;
+        }
+    
+        if (GetLength(input, &inOutIdx, &length, sz) < 0) {
+#ifdef WOLFSSL_SMALL_STACK
+            XFREE(salt,  NULL, DYNAMIC_TYPE_TMP_BUFFER);
+            XFREE(cbcIv, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+            return ASN_PARSE_E;
+        }
+
+        XMEMCPY(cbcIv, &input[inOutIdx], length);
+        inOutIdx += length;
+    }
+
+    if (input[inOutIdx++] != ASN_OCTET_STRING) {
+#ifdef WOLFSSL_SMALL_STACK
+        XFREE(salt,  NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        XFREE(cbcIv, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+        return ASN_PARSE_E;
+    }
+
+    if (GetLength(input, &inOutIdx, &length, sz) < 0) {
+#ifdef WOLFSSL_SMALL_STACK
+        XFREE(salt,  NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        XFREE(cbcIv, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+        return ASN_PARSE_E;
+    }
+
+    if (DecryptKey(password, passwordSz, salt, saltSz, iterations, id,
+                   input + inOutIdx, length, version, cbcIv) < 0) {
+#ifdef WOLFSSL_SMALL_STACK
+        XFREE(salt,  NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        XFREE(cbcIv, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+        return ASN_INPUT_E;  /* decrypt failure */
+    }
+
+#ifdef WOLFSSL_SMALL_STACK
+    XFREE(salt,  NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    XFREE(cbcIv, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+
+    XMEMMOVE(input, input + inOutIdx, length);
+    return ToTraditional(input, length);
+}
+
+#endif /* NO_PWDBASED */
+
+#ifndef NO_RSA
+
+int wc_RsaPublicKeyDecode(const byte* input, word32* inOutIdx, RsaKey* key,
+                       word32 inSz)
+{
+    int    length;
+
+    if (GetSequence(input, inOutIdx, &length, inSz) < 0)
+        return ASN_PARSE_E;
+
+    key->type = RSA_PUBLIC;
+
+#if defined(OPENSSL_EXTRA) || defined(RSA_DECODE_EXTRA)
+    {
+    byte b = input[*inOutIdx];
+    if (b != ASN_INTEGER) {
+        /* not from decoded cert, will have algo id, skip past */
+        if (GetSequence(input, inOutIdx, &length, inSz) < 0)
+            return ASN_PARSE_E;
+        
+        b = input[(*inOutIdx)++];
+        if (b != ASN_OBJECT_ID) 
+            return ASN_OBJECT_ID_E;
+        
+        if (GetLength(input, inOutIdx, &length, inSz) < 0)
+            return ASN_PARSE_E;
+        
+        *inOutIdx += length;   /* skip past */
+        
+        /* could have NULL tag and 0 terminator, but may not */
+        b = input[(*inOutIdx)++];
+        
+        if (b == ASN_TAG_NULL) {
+            b = input[(*inOutIdx)++];
+            if (b != 0) 
+                return ASN_EXPECT_0_E;
+        }
+        else
+        /* go back, didn't have it */
+            (*inOutIdx)--;
+        
+        /* should have bit tag length and seq next */
+        b = input[(*inOutIdx)++];
+        if (b != ASN_BIT_STRING)
+            return ASN_BITSTR_E;
+        
+        if (GetLength(input, inOutIdx, &length, inSz) < 0)
+            return ASN_PARSE_E;
+        
+        /* could have 0 */
+        b = input[(*inOutIdx)++];
+        if (b != 0)
+            (*inOutIdx)--;
+        
+        if (GetSequence(input, inOutIdx, &length, inSz) < 0)
+            return ASN_PARSE_E;
+    }  /* end if */
+    }  /* openssl var block */
+#endif /* OPENSSL_EXTRA */
+
+    if (GetInt(&key->n,  input, inOutIdx, inSz) < 0 ||
+        GetInt(&key->e,  input, inOutIdx, inSz) < 0 )  return ASN_RSA_KEY_E;
+
+    return 0;
+}
+
+int wc_RsaPublicKeyDecodeRaw(const byte* n, word32 nSz, const byte* e, word32 eSz,
+                          RsaKey* key)
+{
+    if (n == NULL || e == NULL || key == NULL)
+        return BAD_FUNC_ARG;
+
+    key->type = RSA_PUBLIC;
+
+    if (mp_init(&key->n) != MP_OKAY)
+        return MP_INIT_E;
+
+    if (mp_read_unsigned_bin(&key->n, n, nSz) != 0) {
+        mp_clear(&key->n);
+        return ASN_GETINT_E;
+    }
+
+    if (mp_init(&key->e) != MP_OKAY) {
+        mp_clear(&key->n);
+        return MP_INIT_E;
+    }
+
+    if (mp_read_unsigned_bin(&key->e, e, eSz) != 0) {
+        mp_clear(&key->n);
+        mp_clear(&key->e);
+        return ASN_GETINT_E;
+    }
+
+    return 0;
+}
+
+#endif
+
+#ifndef NO_DH
+
+int wc_DhKeyDecode(const byte* input, word32* inOutIdx, DhKey* key, word32 inSz)
+{
+    int    length;
+
+    if (GetSequence(input, inOutIdx, &length, inSz) < 0)
+        return ASN_PARSE_E;
+
+    if (GetInt(&key->p,  input, inOutIdx, inSz) < 0 ||
+        GetInt(&key->g,  input, inOutIdx, inSz) < 0 )  return ASN_DH_KEY_E;
+
+    return 0;
+}
+
+int wc_DhSetKey(DhKey* key, const byte* p, word32 pSz, const byte* g, word32 gSz)
+{
+    if (key == NULL || p == NULL || g == NULL || pSz == 0 || gSz == 0)
+        return BAD_FUNC_ARG;
+
+    /* may have leading 0 */
+    if (p[0] == 0) {
+        pSz--; p++;
+    }
+
+    if (g[0] == 0) {
+        gSz--; g++;
+    }
+
+    if (mp_init(&key->p) != MP_OKAY)
+        return MP_INIT_E;
+    if (mp_read_unsigned_bin(&key->p, p, pSz) != 0) {
+        mp_clear(&key->p);
+        return ASN_DH_KEY_E;
+    }
+
+    if (mp_init(&key->g) != MP_OKAY) {
+        mp_clear(&key->p);
+        return MP_INIT_E;
+    }
+    if (mp_read_unsigned_bin(&key->g, g, gSz) != 0) {
+        mp_clear(&key->g);
+        mp_clear(&key->p);
+        return ASN_DH_KEY_E;
+    }
+
+    return 0;
+}
+
+
+int wc_DhParamsLoad(const byte* input, word32 inSz, byte* p, word32* pInOutSz,
+                 byte* g, word32* gInOutSz)
+{
+    word32 i = 0;
+    byte   b;
+    int    length;
+
+    if (GetSequence(input, &i, &length, inSz) < 0)
+        return ASN_PARSE_E;
+
+    b = input[i++];
+    if (b != ASN_INTEGER)
+        return ASN_PARSE_E;
+
+    if (GetLength(input, &i, &length, inSz) < 0)
+        return ASN_PARSE_E;
+
+    if ( (b = input[i++]) == 0x00)
+        length--;
+    else
+        i--;
+
+    if (length <= (int)*pInOutSz) {
+        XMEMCPY(p, &input[i], length);
+        *pInOutSz = length;
+    }
+    else
+        return BUFFER_E;
+
+    i += length;
+
+    b = input[i++];
+    if (b != ASN_INTEGER)
+        return ASN_PARSE_E;
+
+    if (GetLength(input, &i, &length, inSz) < 0)
+        return ASN_PARSE_E;
+
+    if (length <= (int)*gInOutSz) {
+        XMEMCPY(g, &input[i], length);
+        *gInOutSz = length;
+    }
+    else
+        return BUFFER_E;
+
+    return 0;
+}
+
+#endif /* NO_DH */
+
+
+#ifndef NO_DSA
+
+int DsaPublicKeyDecode(const byte* input, word32* inOutIdx, DsaKey* key,
+                        word32 inSz)
+{
+    int    length;
+
+    if (GetSequence(input, inOutIdx, &length, inSz) < 0)
+        return ASN_PARSE_E;
+
+    if (GetInt(&key->p,  input, inOutIdx, inSz) < 0 ||
+        GetInt(&key->q,  input, inOutIdx, inSz) < 0 ||
+        GetInt(&key->g,  input, inOutIdx, inSz) < 0 ||
+        GetInt(&key->y,  input, inOutIdx, inSz) < 0 )  return ASN_DH_KEY_E;
+
+    key->type = DSA_PUBLIC;
+    return 0;
+}
+
+
+int DsaPrivateKeyDecode(const byte* input, word32* inOutIdx, DsaKey* key,
+                        word32 inSz)
+{
+    int    length, version;
+
+    if (GetSequence(input, inOutIdx, &length, inSz) < 0)
+        return ASN_PARSE_E;
+
+    if (GetMyVersion(input, inOutIdx, &version) < 0)
+        return ASN_PARSE_E;
+
+    if (GetInt(&key->p,  input, inOutIdx, inSz) < 0 ||
+        GetInt(&key->q,  input, inOutIdx, inSz) < 0 ||
+        GetInt(&key->g,  input, inOutIdx, inSz) < 0 ||
+        GetInt(&key->y,  input, inOutIdx, inSz) < 0 ||
+        GetInt(&key->x,  input, inOutIdx, inSz) < 0 )  return ASN_DH_KEY_E;
+
+    key->type = DSA_PRIVATE;
+    return 0;
+}
+
+#endif /* NO_DSA */
+
+
+void InitDecodedCert(DecodedCert* cert, byte* source, word32 inSz, void* heap)
+{
+    cert->publicKey       = 0;
+    cert->pubKeySize      = 0;
+    cert->pubKeyStored    = 0;
+    cert->version         = 0;
+    cert->signature       = 0;
+    cert->subjectCN       = 0;
+    cert->subjectCNLen    = 0;
+    cert->subjectCNEnc    = CTC_UTF8;
+    cert->subjectCNStored = 0;
+    cert->altNames        = NULL;
+#ifndef IGNORE_NAME_CONSTRAINTS
+    cert->altEmailNames   = NULL;
+    cert->permittedNames  = NULL;
+    cert->excludedNames   = NULL;
+#endif /* IGNORE_NAME_CONSTRAINTS */
+    cert->issuer[0]       = '\0';
+    cert->subject[0]      = '\0';
+    cert->source          = source;  /* don't own */
+    cert->srcIdx          = 0;
+    cert->maxIdx          = inSz;    /* can't go over this index */
+    cert->heap            = heap;
+    XMEMSET(cert->serial, 0, EXTERNAL_SERIAL_SIZE);
+    cert->serialSz        = 0;
+    cert->extensions      = 0;
+    cert->extensionsSz    = 0;
+    cert->extensionsIdx   = 0;
+    cert->extAuthInfo     = NULL;
+    cert->extAuthInfoSz   = 0;
+    cert->extCrlInfo      = NULL;
+    cert->extCrlInfoSz    = 0;
+    XMEMSET(cert->extSubjKeyId, 0, SHA_SIZE);
+    cert->extSubjKeyIdSet = 0;
+    XMEMSET(cert->extAuthKeyId, 0, SHA_SIZE);
+    cert->extAuthKeyIdSet = 0;
+    cert->extKeyUsageSet  = 0;
+    cert->extKeyUsage     = 0;
+    cert->extExtKeyUsageSet = 0;
+    cert->extExtKeyUsage    = 0;
+    cert->isCA            = 0;
+#ifdef HAVE_PKCS7
+    cert->issuerRaw       = NULL;
+    cert->issuerRawLen    = 0;
+#endif
+#ifdef WOLFSSL_CERT_GEN
+    cert->subjectSN       = 0;
+    cert->subjectSNLen    = 0;
+    cert->subjectSNEnc    = CTC_UTF8;
+    cert->subjectC        = 0;
+    cert->subjectCLen     = 0;
+    cert->subjectCEnc     = CTC_PRINTABLE;
+    cert->subjectL        = 0;
+    cert->subjectLLen     = 0;
+    cert->subjectLEnc     = CTC_UTF8;
+    cert->subjectST       = 0;
+    cert->subjectSTLen    = 0;
+    cert->subjectSTEnc    = CTC_UTF8;
+    cert->subjectO        = 0;
+    cert->subjectOLen     = 0;
+    cert->subjectOEnc     = CTC_UTF8;
+    cert->subjectOU       = 0;
+    cert->subjectOULen    = 0;
+    cert->subjectOUEnc    = CTC_UTF8;
+    cert->subjectEmail    = 0;
+    cert->subjectEmailLen = 0;
+#endif /* WOLFSSL_CERT_GEN */
+    cert->beforeDate      = NULL;
+    cert->beforeDateLen   = 0;
+    cert->afterDate       = NULL;
+    cert->afterDateLen    = 0;
+#ifdef OPENSSL_EXTRA
+    XMEMSET(&cert->issuerName, 0, sizeof(DecodedName));
+    XMEMSET(&cert->subjectName, 0, sizeof(DecodedName));
+    cert->extBasicConstSet = 0;
+    cert->extBasicConstCrit = 0;
+    cert->extBasicConstPlSet = 0;
+    cert->pathLength = 0;
+    cert->extSubjAltNameSet = 0;
+    cert->extSubjAltNameCrit = 0;
+    cert->extAuthKeyIdCrit = 0;
+    cert->extSubjKeyIdCrit = 0;
+    cert->extKeyUsageCrit = 0;
+    cert->extExtKeyUsageCrit = 0;
+    cert->extExtKeyUsageSrc = NULL;
+    cert->extExtKeyUsageSz = 0;
+    cert->extExtKeyUsageCount = 0;
+    cert->extAuthKeyIdSrc = NULL;
+    cert->extAuthKeyIdSz = 0;
+    cert->extSubjKeyIdSrc = NULL;
+    cert->extSubjKeyIdSz = 0;
+#endif /* OPENSSL_EXTRA */
+#if defined(OPENSSL_EXTRA) || !defined(IGNORE_NAME_CONSTRAINTS)
+    cert->extNameConstraintSet = 0;
+#endif /* OPENSSL_EXTRA || !IGNORE_NAME_CONSTRAINTS */
+#ifdef HAVE_ECC
+    cert->pkCurveOID = 0;
+#endif /* HAVE_ECC */
+#ifdef WOLFSSL_SEP
+    cert->deviceTypeSz = 0;
+    cert->deviceType = NULL;
+    cert->hwTypeSz = 0;
+    cert->hwType = NULL;
+    cert->hwSerialNumSz = 0;
+    cert->hwSerialNum = NULL;
+    #ifdef OPENSSL_EXTRA
+        cert->extCertPolicySet = 0;
+        cert->extCertPolicyCrit = 0;
+    #endif /* OPENSSL_EXTRA */
+#endif /* WOLFSSL_SEP */
+}
+
+
+void FreeAltNames(DNS_entry* altNames, void* heap)
+{
+    (void)heap;
+
+    while (altNames) {
+        DNS_entry* tmp = altNames->next;
+
+        XFREE(altNames->name, heap, DYNAMIC_TYPE_ALTNAME);
+        XFREE(altNames,       heap, DYNAMIC_TYPE_ALTNAME);
+        altNames = tmp;
+    }
+}
+
+#ifndef IGNORE_NAME_CONSTRAINTS
+
+void FreeNameSubtrees(Base_entry* names, void* heap)
+{
+    (void)heap;
+
+    while (names) {
+        Base_entry* tmp = names->next;
+
+        XFREE(names->name, heap, DYNAMIC_TYPE_ALTNAME);
+        XFREE(names,       heap, DYNAMIC_TYPE_ALTNAME);
+        names = tmp;
+    }
+}
+
+#endif /* IGNORE_NAME_CONSTRAINTS */
+
+void FreeDecodedCert(DecodedCert* cert)
+{
+    if (cert->subjectCNStored == 1)
+        XFREE(cert->subjectCN, cert->heap, DYNAMIC_TYPE_SUBJECT_CN);
+    if (cert->pubKeyStored == 1)
+        XFREE(cert->publicKey, cert->heap, DYNAMIC_TYPE_PUBLIC_KEY);
+    if (cert->altNames)
+        FreeAltNames(cert->altNames, cert->heap);
+#ifndef IGNORE_NAME_CONSTRAINTS
+    if (cert->altEmailNames)
+        FreeAltNames(cert->altEmailNames, cert->heap);
+    if (cert->permittedNames)
+        FreeNameSubtrees(cert->permittedNames, cert->heap);
+    if (cert->excludedNames)
+        FreeNameSubtrees(cert->excludedNames, cert->heap);
+#endif /* IGNORE_NAME_CONSTRAINTS */
+#ifdef WOLFSSL_SEP
+    XFREE(cert->deviceType, cert->heap, 0);
+    XFREE(cert->hwType, cert->heap, 0);
+    XFREE(cert->hwSerialNum, cert->heap, 0);
+#endif /* WOLFSSL_SEP */
+#ifdef OPENSSL_EXTRA
+    if (cert->issuerName.fullName != NULL)
+        XFREE(cert->issuerName.fullName, NULL, DYNAMIC_TYPE_X509);
+    if (cert->subjectName.fullName != NULL)
+        XFREE(cert->subjectName.fullName, NULL, DYNAMIC_TYPE_X509);
+#endif /* OPENSSL_EXTRA */
+}
+
+
+static int GetCertHeader(DecodedCert* cert)
+{
+    int ret = 0, len;
+    byte serialTmp[EXTERNAL_SERIAL_SIZE];
+#if defined(WOLFSSL_SMALL_STACK) && defined(USE_FAST_MATH)
+    mp_int* mpi = NULL;
+#else
+    mp_int stack_mpi;
+    mp_int* mpi = &stack_mpi;
+#endif
+
+    if (GetSequence(cert->source, &cert->srcIdx, &len, cert->maxIdx) < 0)
+        return ASN_PARSE_E;
+
+    cert->certBegin = cert->srcIdx;
+
+    if (GetSequence(cert->source, &cert->srcIdx, &len, cert->maxIdx) < 0)
+        return ASN_PARSE_E;
+    cert->sigIndex = len + cert->srcIdx;
+
+    if (GetExplicitVersion(cert->source, &cert->srcIdx, &cert->version) < 0)
+        return ASN_PARSE_E;
+
+#if defined(WOLFSSL_SMALL_STACK) && defined(USE_FAST_MATH)
+    mpi = (mp_int*)XMALLOC(sizeof(mp_int), NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    if (mpi == NULL)
+        return MEMORY_E;
+#endif
+
+    if (GetInt(mpi, cert->source, &cert->srcIdx, cert->maxIdx) < 0) {
+#if defined(WOLFSSL_SMALL_STACK) && defined(USE_FAST_MATH)
+        XFREE(mpi, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+        return ASN_PARSE_E;
+    }
+
+    len = mp_unsigned_bin_size(mpi);
+    if (len < (int)sizeof(serialTmp)) {
+        if ( (ret = mp_to_unsigned_bin(mpi, serialTmp)) == MP_OKAY) {
+            XMEMCPY(cert->serial, serialTmp, len);
+            cert->serialSz = len;
+        }
+    }
+    mp_clear(mpi);
+
+#if defined(WOLFSSL_SMALL_STACK) && defined(USE_FAST_MATH)
+    XFREE(mpi, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+
+    return ret;
+}
+
+#if !defined(NO_RSA)
+/* Store Rsa Key, may save later, Dsa could use in future */
+static int StoreRsaKey(DecodedCert* cert)
+{
+    int    length;
+    word32 recvd = cert->srcIdx;
+
+    if (GetSequence(cert->source, &cert->srcIdx, &length, cert->maxIdx) < 0)
+        return ASN_PARSE_E;
+   
+    recvd = cert->srcIdx - recvd;
+    length += recvd;
+
+    while (recvd--)
+       cert->srcIdx--;
+
+    cert->pubKeySize = length;
+    cert->publicKey = cert->source + cert->srcIdx;
+    cert->srcIdx += length;
+
+    return 0;
+}
+#endif
+
+
+#ifdef HAVE_ECC
+
+    /* return 0 on sucess if the ECC curve oid sum is supported */
+    static int CheckCurve(word32 oid)
+    {
+        if (oid != ECC_256R1 && oid != ECC_384R1 && oid != ECC_521R1 && oid !=
+                   ECC_160R1 && oid != ECC_192R1 && oid != ECC_224R1)
+            return ALGO_ID_E; 
+
+        return 0;
+    }
+
+#endif /* HAVE_ECC */
+
+
+static int GetKey(DecodedCert* cert)
+{
+    int length;
+#ifdef HAVE_NTRU
+    int tmpIdx = cert->srcIdx;
+#endif
+
+    if (GetSequence(cert->source, &cert->srcIdx, &length, cert->maxIdx) < 0)
+        return ASN_PARSE_E;
+   
+    if (GetAlgoId(cert->source, &cert->srcIdx, &cert->keyOID, cert->maxIdx) < 0)
+        return ASN_PARSE_E;
+
+    switch (cert->keyOID) {
+   #ifndef NO_RSA
+        case RSAk:
+        {
+            byte b = cert->source[cert->srcIdx++];
+            if (b != ASN_BIT_STRING)
+                return ASN_BITSTR_E;
+
+            if (GetLength(cert->source,&cert->srcIdx,&length,cert->maxIdx) < 0)
+                return ASN_PARSE_E;
+            b = cert->source[cert->srcIdx++];
+            if (b != 0x00)
+                return ASN_EXPECT_0_E;
+    
+            return StoreRsaKey(cert);
+        }
+
+    #endif /* NO_RSA */
+    #ifdef HAVE_NTRU
+        case NTRUk:
+        {
+            const byte* key = &cert->source[tmpIdx];
+            byte*       next = (byte*)key;
+            word16      keyLen;
+            word32      rc;
+            word32      remaining = cert->maxIdx - cert->srcIdx;
+#ifdef WOLFSSL_SMALL_STACK
+            byte*       keyBlob = NULL;
+#else
+            byte        keyBlob[MAX_NTRU_KEY_SZ];
+#endif
+            rc = ntru_crypto_ntru_encrypt_subjectPublicKeyInfo2PublicKey(key,
+                                &keyLen, NULL, &next, &remaining);
+            if (rc != NTRU_OK)
+                return ASN_NTRU_KEY_E;
+            if (keyLen > MAX_NTRU_KEY_SZ)
+                return ASN_NTRU_KEY_E;
+
+#ifdef WOLFSSL_SMALL_STACK
+            keyBlob = (byte*)XMALLOC(MAX_NTRU_KEY_SZ, NULL,
+                                                       DYNAMIC_TYPE_TMP_BUFFER);
+            if (keyBlob == NULL)
+                return MEMORY_E;
+#endif
+
+            rc = ntru_crypto_ntru_encrypt_subjectPublicKeyInfo2PublicKey(key,
+                                &keyLen, keyBlob, &next, &remaining);
+            if (rc != NTRU_OK) {
+#ifdef WOLFSSL_SMALL_STACK
+                XFREE(keyBlob, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+                return ASN_NTRU_KEY_E;
+            }
+
+            if ( (next - key) < 0) {
+#ifdef WOLFSSL_SMALL_STACK
+                XFREE(keyBlob, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+                return ASN_NTRU_KEY_E;
+            }
+
+            cert->srcIdx = tmpIdx + (int)(next - key);
+
+            cert->publicKey = (byte*) XMALLOC(keyLen, cert->heap,
+                                              DYNAMIC_TYPE_PUBLIC_KEY);
+            if (cert->publicKey == NULL) {
+#ifdef WOLFSSL_SMALL_STACK
+                XFREE(keyBlob, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+                return MEMORY_E;
+            }
+            XMEMCPY(cert->publicKey, keyBlob, keyLen);
+            cert->pubKeyStored = 1;
+            cert->pubKeySize   = keyLen;
+
+#ifdef WOLFSSL_SMALL_STACK
+            XFREE(keyBlob, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+
+            return 0;
+        }
+    #endif /* HAVE_NTRU */
+    #ifdef HAVE_ECC
+        case ECDSAk:
+        {
+            int    oidSz = 0;
+            byte   b = cert->source[cert->srcIdx++];
+        
+            if (b != ASN_OBJECT_ID) 
+                return ASN_OBJECT_ID_E;
+
+            if (GetLength(cert->source,&cert->srcIdx,&oidSz,cert->maxIdx) < 0)
+                return ASN_PARSE_E;
+
+            while(oidSz--)
+                cert->pkCurveOID += cert->source[cert->srcIdx++];
+
+            if (CheckCurve(cert->pkCurveOID) < 0)
+                return ECC_CURVE_OID_E;
+
+            /* key header */
+            b = cert->source[cert->srcIdx++];
+            if (b != ASN_BIT_STRING)
+                return ASN_BITSTR_E;
+
+            if (GetLength(cert->source,&cert->srcIdx,&length,cert->maxIdx) < 0)
+                return ASN_PARSE_E;
+            b = cert->source[cert->srcIdx++];
+            if (b != 0x00)
+                return ASN_EXPECT_0_E;
+
+            /* actual key, use length - 1 since ate preceding 0 */
+            length -= 1;
+
+            cert->publicKey = (byte*) XMALLOC(length, cert->heap,
+                                              DYNAMIC_TYPE_PUBLIC_KEY);
+            if (cert->publicKey == NULL)
+                return MEMORY_E;
+            XMEMCPY(cert->publicKey, &cert->source[cert->srcIdx], length);
+            cert->pubKeyStored = 1;
+            cert->pubKeySize   = length;
+
+            cert->srcIdx += length;
+
+            return 0;
+        }
+    #endif /* HAVE_ECC */
+        default:
+            return ASN_UNKNOWN_OID_E;
+    }
+}
+
+
+/* process NAME, either issuer or subject */
+static int GetName(DecodedCert* cert, int nameType)
+{
+    Sha    sha;     /* MUST have SHA-1 hash for cert names */
+    int    length;  /* length of all distinguished names */
+    int    dummy;
+    int    ret;
+    char* full = (nameType == ISSUER) ? cert->issuer : cert->subject;
+    word32 idx;
+    #ifdef OPENSSL_EXTRA
+        DecodedName* dName =
+                  (nameType == ISSUER) ? &cert->issuerName : &cert->subjectName;
+    #endif /* OPENSSL_EXTRA */
+
+    WOLFSSL_MSG("Getting Cert Name");
+
+    if (cert->source[cert->srcIdx] == ASN_OBJECT_ID) {
+        WOLFSSL_MSG("Trying optional prefix...");
+
+        if (GetLength(cert->source, &cert->srcIdx, &length, cert->maxIdx) < 0)
+            return ASN_PARSE_E;
+
+        cert->srcIdx += length;
+        WOLFSSL_MSG("Got optional prefix");
+    }
+
+    /* For OCSP, RFC2560 section 4.1.1 states the issuer hash should be
+     * calculated over the entire DER encoding of the Name field, including
+     * the tag and length. */
+    idx = cert->srcIdx;
+    if (GetSequence(cert->source, &cert->srcIdx, &length, cert->maxIdx) < 0)
+        return ASN_PARSE_E;
+
+    ret = wc_InitSha(&sha);
+    if (ret != 0)
+        return ret;
+    wc_ShaUpdate(&sha, &cert->source[idx], length + cert->srcIdx - idx);
+    if (nameType == ISSUER)
+        wc_ShaFinal(&sha, cert->issuerHash);
+    else
+        wc_ShaFinal(&sha, cert->subjectHash);
+
+    length += cert->srcIdx;
+    idx = 0;
+
+#ifdef HAVE_PKCS7
+    /* store pointer to raw issuer */
+    if (nameType == ISSUER) {
+        cert->issuerRaw = &cert->source[cert->srcIdx];
+        cert->issuerRawLen = length - cert->srcIdx;
+    }
+#endif
+#ifndef IGNORE_NAME_CONSTRAINTS
+    if (nameType == SUBJECT) {
+        cert->subjectRaw = &cert->source[cert->srcIdx];
+        cert->subjectRawLen = length - cert->srcIdx;
+    }
+#endif
+
+    while (cert->srcIdx < (word32)length) {
+        byte   b;
+        byte   joint[2];
+        byte   tooBig = FALSE;
+        int    oidSz;
+
+        if (GetSet(cert->source, &cert->srcIdx, &dummy, cert->maxIdx) < 0) {
+            WOLFSSL_MSG("Cert name lacks set header, trying sequence");
+        }
+
+        if (GetSequence(cert->source, &cert->srcIdx, &dummy, cert->maxIdx) < 0)
+            return ASN_PARSE_E;
+
+        b = cert->source[cert->srcIdx++];
+        if (b != ASN_OBJECT_ID) 
+            return ASN_OBJECT_ID_E;
+
+        if (GetLength(cert->source, &cert->srcIdx, &oidSz, cert->maxIdx) < 0)
+            return ASN_PARSE_E;
+
+        XMEMCPY(joint, &cert->source[cert->srcIdx], sizeof(joint));
+
+        /* v1 name types */
+        if (joint[0] == 0x55 && joint[1] == 0x04) {
+            byte   id;
+            byte   copy = FALSE;
+            int    strLen;
+
+            cert->srcIdx += 2;
+            id = cert->source[cert->srcIdx++]; 
+            b  = cert->source[cert->srcIdx++]; /* encoding */
+
+            if (GetLength(cert->source, &cert->srcIdx, &strLen,
+                          cert->maxIdx) < 0)
+                return ASN_PARSE_E;
+
+            if ( (strLen + 14) > (int)(ASN_NAME_MAX - idx)) {
+                /* include biggest pre fix header too 4 = "/serialNumber=" */
+                WOLFSSL_MSG("ASN Name too big, skipping");
+                tooBig = TRUE;
+            }
+
+            if (id == ASN_COMMON_NAME) {
+                if (nameType == SUBJECT) {
+                    cert->subjectCN = (char *)&cert->source[cert->srcIdx];
+                    cert->subjectCNLen = strLen;
+                    cert->subjectCNEnc = b;
+                }
+
+                if (!tooBig) {
+                    XMEMCPY(&full[idx], "/CN=", 4);
+                    idx += 4;
+                    copy = TRUE;
+                }
+                #ifdef OPENSSL_EXTRA
+                    dName->cnIdx = cert->srcIdx;
+                    dName->cnLen = strLen;
+                #endif /* OPENSSL_EXTRA */
+            }
+            else if (id == ASN_SUR_NAME) {
+                if (!tooBig) {
+                    XMEMCPY(&full[idx], "/SN=", 4);
+                    idx += 4;
+                    copy = TRUE;
+                }
+                #ifdef WOLFSSL_CERT_GEN
+                    if (nameType == SUBJECT) {
+                        cert->subjectSN = (char*)&cert->source[cert->srcIdx];
+                        cert->subjectSNLen = strLen;
+                        cert->subjectSNEnc = b;
+                    }
+                #endif /* WOLFSSL_CERT_GEN */
+                #ifdef OPENSSL_EXTRA
+                    dName->snIdx = cert->srcIdx;
+                    dName->snLen = strLen;
+                #endif /* OPENSSL_EXTRA */
+            }
+            else if (id == ASN_COUNTRY_NAME) {
+                if (!tooBig) {
+                    XMEMCPY(&full[idx], "/C=", 3);
+                    idx += 3;
+                    copy = TRUE;
+                }
+                #ifdef WOLFSSL_CERT_GEN
+                    if (nameType == SUBJECT) {
+                        cert->subjectC = (char*)&cert->source[cert->srcIdx];
+                        cert->subjectCLen = strLen;
+                        cert->subjectCEnc = b;
+                    }
+                #endif /* WOLFSSL_CERT_GEN */
+                #ifdef OPENSSL_EXTRA
+                    dName->cIdx = cert->srcIdx;
+                    dName->cLen = strLen;
+                #endif /* OPENSSL_EXTRA */
+            }
+            else if (id == ASN_LOCALITY_NAME) {
+                if (!tooBig) {
+                    XMEMCPY(&full[idx], "/L=", 3);
+                    idx += 3;
+                    copy = TRUE;
+                }
+                #ifdef WOLFSSL_CERT_GEN
+                    if (nameType == SUBJECT) {
+                        cert->subjectL = (char*)&cert->source[cert->srcIdx];
+                        cert->subjectLLen = strLen;
+                        cert->subjectLEnc = b;
+                    }
+                #endif /* WOLFSSL_CERT_GEN */
+                #ifdef OPENSSL_EXTRA
+                    dName->lIdx = cert->srcIdx;
+                    dName->lLen = strLen;
+                #endif /* OPENSSL_EXTRA */
+            }
+            else if (id == ASN_STATE_NAME) {
+                if (!tooBig) {
+                    XMEMCPY(&full[idx], "/ST=", 4);
+                    idx += 4;
+                    copy = TRUE;
+                }
+                #ifdef WOLFSSL_CERT_GEN
+                    if (nameType == SUBJECT) {
+                        cert->subjectST = (char*)&cert->source[cert->srcIdx];
+                        cert->subjectSTLen = strLen;
+                        cert->subjectSTEnc = b;
+                    }
+                #endif /* WOLFSSL_CERT_GEN */
+                #ifdef OPENSSL_EXTRA
+                    dName->stIdx = cert->srcIdx;
+                    dName->stLen = strLen;
+                #endif /* OPENSSL_EXTRA */
+            }
+            else if (id == ASN_ORG_NAME) {
+                if (!tooBig) {
+                    XMEMCPY(&full[idx], "/O=", 3);
+                    idx += 3;
+                    copy = TRUE;
+                }
+                #ifdef WOLFSSL_CERT_GEN
+                    if (nameType == SUBJECT) {
+                        cert->subjectO = (char*)&cert->source[cert->srcIdx];
+                        cert->subjectOLen = strLen;
+                        cert->subjectOEnc = b;
+                    }
+                #endif /* WOLFSSL_CERT_GEN */
+                #ifdef OPENSSL_EXTRA
+                    dName->oIdx = cert->srcIdx;
+                    dName->oLen = strLen;
+                #endif /* OPENSSL_EXTRA */
+            }
+            else if (id == ASN_ORGUNIT_NAME) {
+                if (!tooBig) {
+                    XMEMCPY(&full[idx], "/OU=", 4);
+                    idx += 4;
+                    copy = TRUE;
+                }
+                #ifdef WOLFSSL_CERT_GEN
+                    if (nameType == SUBJECT) {
+                        cert->subjectOU = (char*)&cert->source[cert->srcIdx];
+                        cert->subjectOULen = strLen;
+                        cert->subjectOUEnc = b;
+                    }
+                #endif /* WOLFSSL_CERT_GEN */
+                #ifdef OPENSSL_EXTRA
+                    dName->ouIdx = cert->srcIdx;
+                    dName->ouLen = strLen;
+                #endif /* OPENSSL_EXTRA */
+            }
+            else if (id == ASN_SERIAL_NUMBER) {
+                if (!tooBig) {
+                   XMEMCPY(&full[idx], "/serialNumber=", 14);
+                   idx += 14;
+                   copy = TRUE;
+                }
+                #ifdef OPENSSL_EXTRA
+                    dName->snIdx = cert->srcIdx;
+                    dName->snLen = strLen;
+                #endif /* OPENSSL_EXTRA */
+            }
+
+            if (copy && !tooBig) {
+                XMEMCPY(&full[idx], &cert->source[cert->srcIdx], strLen);
+                idx += strLen;
+            }
+
+            cert->srcIdx += strLen;
+        }
+        else {
+            /* skip */
+            byte email = FALSE;
+            byte uid   = FALSE;
+            int  adv;
+
+            if (joint[0] == 0x2a && joint[1] == 0x86)  /* email id hdr */
+                email = TRUE;
+
+            if (joint[0] == 0x9  && joint[1] == 0x92)  /* uid id hdr */
+                uid = TRUE;
+
+            cert->srcIdx += oidSz + 1;
+
+            if (GetLength(cert->source, &cert->srcIdx, &adv, cert->maxIdx) < 0)
+                return ASN_PARSE_E;
+
+            if (adv > (int)(ASN_NAME_MAX - idx)) {
+                WOLFSSL_MSG("ASN name too big, skipping");
+                tooBig = TRUE;
+            }
+
+            if (email) {
+                if ( (14 + adv) > (int)(ASN_NAME_MAX - idx)) {
+                    WOLFSSL_MSG("ASN name too big, skipping");
+                    tooBig = TRUE;
+                }
+                if (!tooBig) {
+                    XMEMCPY(&full[idx], "/emailAddress=", 14);
+                    idx += 14;
+                }
+
+                #ifdef WOLFSSL_CERT_GEN
+                    if (nameType == SUBJECT) {
+                        cert->subjectEmail = (char*)&cert->source[cert->srcIdx];
+                        cert->subjectEmailLen = adv;
+                    }
+                #endif /* WOLFSSL_CERT_GEN */
+                #ifdef OPENSSL_EXTRA
+                    dName->emailIdx = cert->srcIdx;
+                    dName->emailLen = adv;
+                #endif /* OPENSSL_EXTRA */
+                #ifndef IGNORE_NAME_CONSTRAINTS
+                    {
+                        DNS_entry* emailName = NULL;
+
+                        emailName = (DNS_entry*)XMALLOC(sizeof(DNS_entry),
+                                              cert->heap, DYNAMIC_TYPE_ALTNAME);
+                        if (emailName == NULL) {
+                            WOLFSSL_MSG("\tOut of Memory");
+                            return MEMORY_E;
+                        }
+                        emailName->name = (char*)XMALLOC(adv + 1,
+                                              cert->heap, DYNAMIC_TYPE_ALTNAME);
+                        if (emailName->name == NULL) {
+                            WOLFSSL_MSG("\tOut of Memory");
+                            return MEMORY_E;
+                        }
+                        XMEMCPY(emailName->name,
+                                              &cert->source[cert->srcIdx], adv);
+                        emailName->name[adv] = 0;
+
+                        emailName->next = cert->altEmailNames;
+                        cert->altEmailNames = emailName;
+                    }
+                #endif /* IGNORE_NAME_CONSTRAINTS */
+                if (!tooBig) {
+                    XMEMCPY(&full[idx], &cert->source[cert->srcIdx], adv);
+                    idx += adv;
+                }
+            }
+
+            if (uid) {
+                if ( (5 + adv) > (int)(ASN_NAME_MAX - idx)) {
+                    WOLFSSL_MSG("ASN name too big, skipping");
+                    tooBig = TRUE;
+                }
+                if (!tooBig) {
+                    XMEMCPY(&full[idx], "/UID=", 5);
+                    idx += 5;
+
+                    XMEMCPY(&full[idx], &cert->source[cert->srcIdx], adv);
+                    idx += adv;
+                }
+                #ifdef OPENSSL_EXTRA
+                    dName->uidIdx = cert->srcIdx;
+                    dName->uidLen = adv;
+                #endif /* OPENSSL_EXTRA */
+            }
+
+            cert->srcIdx += adv;
+        }
+    }
+    full[idx++] = 0;
+
+    #ifdef OPENSSL_EXTRA
+    {
+        int totalLen = 0;
+
+        if (dName->cnLen != 0)
+            totalLen += dName->cnLen + 4;
+        if (dName->snLen != 0)
+            totalLen += dName->snLen + 4;
+        if (dName->cLen != 0)
+            totalLen += dName->cLen + 3;
+        if (dName->lLen != 0)
+            totalLen += dName->lLen + 3;
+        if (dName->stLen != 0)
+            totalLen += dName->stLen + 4;
+        if (dName->oLen != 0)
+            totalLen += dName->oLen + 3;
+        if (dName->ouLen != 0)
+            totalLen += dName->ouLen + 4;
+        if (dName->emailLen != 0)
+            totalLen += dName->emailLen + 14;
+        if (dName->uidLen != 0)
+            totalLen += dName->uidLen + 5;
+        if (dName->serialLen != 0)
+            totalLen += dName->serialLen + 14;
+
+        dName->fullName = (char*)XMALLOC(totalLen + 1, NULL, DYNAMIC_TYPE_X509);
+        if (dName->fullName != NULL) {
+            idx = 0;
+
+            if (dName->cnLen != 0) {
+                dName->entryCount++;
+                XMEMCPY(&dName->fullName[idx], "/CN=", 4);
+                idx += 4;
+                XMEMCPY(&dName->fullName[idx],
+                                     &cert->source[dName->cnIdx], dName->cnLen);
+                dName->cnIdx = idx;
+                idx += dName->cnLen;
+            }
+            if (dName->snLen != 0) {
+                dName->entryCount++;
+                XMEMCPY(&dName->fullName[idx], "/SN=", 4);
+                idx += 4;
+                XMEMCPY(&dName->fullName[idx],
+                                     &cert->source[dName->snIdx], dName->snLen);
+                dName->snIdx = idx;
+                idx += dName->snLen;
+            }
+            if (dName->cLen != 0) {
+                dName->entryCount++;
+                XMEMCPY(&dName->fullName[idx], "/C=", 3);
+                idx += 3;
+                XMEMCPY(&dName->fullName[idx],
+                                       &cert->source[dName->cIdx], dName->cLen);
+                dName->cIdx = idx;
+                idx += dName->cLen;
+            }
+            if (dName->lLen != 0) {
+                dName->entryCount++;
+                XMEMCPY(&dName->fullName[idx], "/L=", 3);
+                idx += 3;
+                XMEMCPY(&dName->fullName[idx],
+                                       &cert->source[dName->lIdx], dName->lLen);
+                dName->lIdx = idx;
+                idx += dName->lLen;
+            }
+            if (dName->stLen != 0) {
+                dName->entryCount++;
+                XMEMCPY(&dName->fullName[idx], "/ST=", 4);
+                idx += 4;
+                XMEMCPY(&dName->fullName[idx],
+                                     &cert->source[dName->stIdx], dName->stLen);
+                dName->stIdx = idx;
+                idx += dName->stLen;
+            }
+            if (dName->oLen != 0) {
+                dName->entryCount++;
+                XMEMCPY(&dName->fullName[idx], "/O=", 3);
+                idx += 3;
+                XMEMCPY(&dName->fullName[idx],
+                                       &cert->source[dName->oIdx], dName->oLen);
+                dName->oIdx = idx;
+                idx += dName->oLen;
+            }
+            if (dName->ouLen != 0) {
+                dName->entryCount++;
+                XMEMCPY(&dName->fullName[idx], "/OU=", 4);
+                idx += 4;
+                XMEMCPY(&dName->fullName[idx],
+                                     &cert->source[dName->ouIdx], dName->ouLen);
+                dName->ouIdx = idx;
+                idx += dName->ouLen;
+            }
+            if (dName->emailLen != 0) {
+                dName->entryCount++;
+                XMEMCPY(&dName->fullName[idx], "/emailAddress=", 14);
+                idx += 14;
+                XMEMCPY(&dName->fullName[idx],
+                               &cert->source[dName->emailIdx], dName->emailLen);
+                dName->emailIdx = idx;
+                idx += dName->emailLen;
+            }
+            if (dName->uidLen != 0) {
+                dName->entryCount++;
+                XMEMCPY(&dName->fullName[idx], "/UID=", 5);
+                idx += 5;
+                XMEMCPY(&dName->fullName[idx],
+                                   &cert->source[dName->uidIdx], dName->uidLen);
+                dName->uidIdx = idx;
+                idx += dName->uidLen;
+            }
+            if (dName->serialLen != 0) {
+                dName->entryCount++;
+                XMEMCPY(&dName->fullName[idx], "/serialNumber=", 14);
+                idx += 14;
+                XMEMCPY(&dName->fullName[idx],
+                             &cert->source[dName->serialIdx], dName->serialLen);
+                dName->serialIdx = idx;
+                idx += dName->serialLen;
+            }
+            dName->fullName[idx] = '\0';
+            dName->fullNameLen = totalLen;
+        }
+    }
+    #endif /* OPENSSL_EXTRA */
+
+    return 0;
+}
+
+
+#ifndef NO_TIME_H
+
+/* to the second */
+static int DateGreaterThan(const struct tm* a, const struct tm* b)
+{
+    if (a->tm_year > b->tm_year)
+        return 1;
+
+    if (a->tm_year == b->tm_year && a->tm_mon > b->tm_mon)
+        return 1;
+    
+    if (a->tm_year == b->tm_year && a->tm_mon == b->tm_mon &&
+           a->tm_mday > b->tm_mday)
+        return 1;
+
+    if (a->tm_year == b->tm_year && a->tm_mon == b->tm_mon &&
+        a->tm_mday == b->tm_mday && a->tm_hour > b->tm_hour)
+        return 1;
+
+    if (a->tm_year == b->tm_year && a->tm_mon == b->tm_mon &&
+        a->tm_mday == b->tm_mday && a->tm_hour == b->tm_hour &&
+        a->tm_min > b->tm_min)
+        return 1;
+
+    if (a->tm_year == b->tm_year && a->tm_mon == b->tm_mon &&
+        a->tm_mday == b->tm_mday && a->tm_hour == b->tm_hour &&
+        a->tm_min  == b->tm_min  && a->tm_sec > b->tm_sec)
+        return 1;
+
+    return 0; /* false */
+}
+
+
+static INLINE int DateLessThan(const struct tm* a, const struct tm* b)
+{
+    return DateGreaterThan(b,a);
+}
+
+
+/* like atoi but only use first byte */
+/* Make sure before and after dates are valid */
+int ValidateDate(const byte* date, byte format, int dateType)
+{
+    time_t ltime;
+    struct tm  certTime;
+    struct tm* localTime;
+    int    i = 0;
+
+    ltime = XTIME(0);
+    XMEMSET(&certTime, 0, sizeof(certTime));
+
+    if (format == ASN_UTC_TIME) {
+        if (btoi(date[0]) >= 5)
+            certTime.tm_year = 1900;
+        else
+            certTime.tm_year = 2000;
+    }
+    else  { /* format == GENERALIZED_TIME */
+        certTime.tm_year += btoi(date[i++]) * 1000;
+        certTime.tm_year += btoi(date[i++]) * 100;
+    }
+
+    /* adjust tm_year, tm_mon */
+    GetTime((int*)&certTime.tm_year, date, &i); certTime.tm_year -= 1900;
+    GetTime((int*)&certTime.tm_mon,  date, &i); certTime.tm_mon  -= 1;
+    GetTime((int*)&certTime.tm_mday, date, &i);
+    GetTime((int*)&certTime.tm_hour, date, &i);
+    GetTime((int*)&certTime.tm_min,  date, &i);
+    GetTime((int*)&certTime.tm_sec,  date, &i);
+        
+        if (date[i] != 'Z') {     /* only Zulu supported for this profile */
+        WOLFSSL_MSG("Only Zulu time supported for this profile"); 
+        return 0;
+    }
+
+    localTime = XGMTIME(<ime);
+
+    if (dateType == BEFORE) {
+        if (DateLessThan(localTime, &certTime))
+            return 0;
+    }
+    else
+        if (DateGreaterThan(localTime, &certTime))
+            return 0;
+
+    return 1;
+}
+
+#endif /* NO_TIME_H */
+
+
+static int GetDate(DecodedCert* cert, int dateType)
+{
+    int    length;
+    byte   date[MAX_DATE_SIZE];
+    byte   b;
+    word32 startIdx = 0;
+
+    if (dateType == BEFORE)
+        cert->beforeDate = &cert->source[cert->srcIdx];
+    else
+        cert->afterDate = &cert->source[cert->srcIdx];
+    startIdx = cert->srcIdx;
+
+    b = cert->source[cert->srcIdx++];
+    if (b != ASN_UTC_TIME && b != ASN_GENERALIZED_TIME)
+        return ASN_TIME_E;
+
+    if (GetLength(cert->source, &cert->srcIdx, &length, cert->maxIdx) < 0)
+        return ASN_PARSE_E;
+
+    if (length > MAX_DATE_SIZE || length < MIN_DATE_SIZE)
+        return ASN_DATE_SZ_E;
+
+    XMEMCPY(date, &cert->source[cert->srcIdx], length);
+    cert->srcIdx += length;
+
+    if (dateType == BEFORE)
+        cert->beforeDateLen = cert->srcIdx - startIdx;
+    else
+        cert->afterDateLen  = cert->srcIdx - startIdx;
+
+    if (!XVALIDATE_DATE(date, b, dateType)) {
+        if (dateType == BEFORE)
+            return ASN_BEFORE_DATE_E;
+        else
+            return ASN_AFTER_DATE_E;
+    }
+
+    return 0;
+}
+
+
+static int GetValidity(DecodedCert* cert, int verify)
+{
+    int length;
+    int badDate = 0;
+
+    if (GetSequence(cert->source, &cert->srcIdx, &length, cert->maxIdx) < 0)
+        return ASN_PARSE_E;
+
+    if (GetDate(cert, BEFORE) < 0 && verify)
+        badDate = ASN_BEFORE_DATE_E;           /* continue parsing */
+    
+    if (GetDate(cert, AFTER) < 0 && verify)
+        return ASN_AFTER_DATE_E;
+   
+    if (badDate != 0)
+        return badDate;
+
+    return 0;
+}
+
+
+int DecodeToKey(DecodedCert* cert, int verify)
+{
+    int badDate = 0;
+    int ret;
+
+    if ( (ret = GetCertHeader(cert)) < 0)
+        return ret;
+
+    WOLFSSL_MSG("Got Cert Header");
+
+    if ( (ret = GetAlgoId(cert->source, &cert->srcIdx, &cert->signatureOID,
+                          cert->maxIdx)) < 0)
+        return ret;
+
+    WOLFSSL_MSG("Got Algo ID");
+
+    if ( (ret = GetName(cert, ISSUER)) < 0)
+        return ret;
+
+    if ( (ret = GetValidity(cert, verify)) < 0)
+        badDate = ret;
+
+    if ( (ret = GetName(cert, SUBJECT)) < 0)
+        return ret;
+
+    WOLFSSL_MSG("Got Subject Name");
+
+    if ( (ret = GetKey(cert)) < 0)
+        return ret;
+
+    WOLFSSL_MSG("Got Key");
+
+    if (badDate != 0)
+        return badDate;
+
+    return ret;
+}
+
+
+static int GetSignature(DecodedCert* cert)
+{
+    int    length;
+    byte   b = cert->source[cert->srcIdx++];
+
+    if (b != ASN_BIT_STRING)
+        return ASN_BITSTR_E;
+
+    if (GetLength(cert->source, &cert->srcIdx, &length, cert->maxIdx) < 0)
+        return ASN_PARSE_E;
+
+    cert->sigLength = length;
+
+    b = cert->source[cert->srcIdx++];
+    if (b != 0x00)
+        return ASN_EXPECT_0_E;
+
+    cert->sigLength--;
+    cert->signature = &cert->source[cert->srcIdx];
+    cert->srcIdx += cert->sigLength;
+
+    return 0;
+}
+
+
+static word32 SetDigest(const byte* digest, word32 digSz, byte* output)
+{
+    output[0] = ASN_OCTET_STRING;
+    output[1] = (byte)digSz;
+    XMEMCPY(&output[2], digest, digSz);
+
+    return digSz + 2;
+} 
+
+
+static word32 BytePrecision(word32 value)
+{
+    word32 i;
+    for (i = sizeof(value); i; --i)
+        if (value >> ((i - 1) * WOLFSSL_BIT_SIZE))
+            break;
+
+    return i;
+}
+
+
+WOLFSSL_LOCAL word32 SetLength(word32 length, byte* output)
+{
+    word32 i = 0, j;
+
+    if (length < ASN_LONG_LENGTH)
+        output[i++] = (byte)length;
+    else {
+        output[i++] = (byte)(BytePrecision(length) | ASN_LONG_LENGTH);
+      
+        for (j = BytePrecision(length); j; --j) {
+            output[i] = (byte)(length >> ((j - 1) * WOLFSSL_BIT_SIZE));
+            i++;
+        }
+    }
+
+    return i;
+}
+
+
+WOLFSSL_LOCAL word32 SetSequence(word32 len, byte* output)
+{
+    output[0] = ASN_SEQUENCE | ASN_CONSTRUCTED;
+    return SetLength(len, output + 1) + 1;
+}
+
+WOLFSSL_LOCAL word32 SetOctetString(word32 len, byte* output)
+{
+    output[0] = ASN_OCTET_STRING;
+    return SetLength(len, output + 1) + 1;
+}
+
+/* Write a set header to output */
+WOLFSSL_LOCAL word32 SetSet(word32 len, byte* output)
+{
+    output[0] = ASN_SET | ASN_CONSTRUCTED;
+    return SetLength(len, output + 1) + 1;
+}
+
+WOLFSSL_LOCAL word32 SetImplicit(byte tag, byte number, word32 len, byte* output)
+{
+
+    output[0] = ((tag == ASN_SEQUENCE || tag == ASN_SET) ? ASN_CONSTRUCTED : 0)
+                    | ASN_CONTEXT_SPECIFIC | number;
+    return SetLength(len, output + 1) + 1;
+}
+
+WOLFSSL_LOCAL word32 SetExplicit(byte number, word32 len, byte* output)
+{
+    output[0] = ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | number;
+    return SetLength(len, output + 1) + 1;
+}
+
+
+#if defined(HAVE_ECC) && (defined(WOLFSSL_CERT_GEN) || defined(WOLFSSL_KEY_GEN))
+
+static word32 SetCurve(ecc_key* key, byte* output)
+{
+
+    /* curve types */
+    static const byte ECC_192v1_AlgoID[] = { 0x2a, 0x86, 0x48, 0xCE, 0x3d,
+                                             0x03, 0x01, 0x01};
+    static const byte ECC_256v1_AlgoID[] = { 0x2a, 0x86, 0x48, 0xCE, 0x3d,
+                                            0x03, 0x01, 0x07};
+    static const byte ECC_160r1_AlgoID[] = { 0x2b, 0x81, 0x04, 0x00,
+                                             0x02};
+    static const byte ECC_224r1_AlgoID[] = { 0x2b, 0x81, 0x04, 0x00,
+                                             0x21};
+    static const byte ECC_384r1_AlgoID[] = { 0x2b, 0x81, 0x04, 0x00,
+                                             0x22};
+    static const byte ECC_521r1_AlgoID[] = { 0x2b, 0x81, 0x04, 0x00,
+                                             0x23};
+
+    int    oidSz = 0;
+    int    idx = 0;
+    int    lenSz = 0;
+    const  byte* oid = 0;
+
+    output[0] = ASN_OBJECT_ID;
+    idx++;
+
+    switch (key->dp->size) {
+        case 20:
+            oidSz = sizeof(ECC_160r1_AlgoID);
+            oid   =        ECC_160r1_AlgoID;
+            break;
+
+        case 24:
+            oidSz = sizeof(ECC_192v1_AlgoID);
+            oid   =        ECC_192v1_AlgoID;
+            break;
+
+        case 28:
+            oidSz = sizeof(ECC_224r1_AlgoID);
+            oid   =        ECC_224r1_AlgoID;
+            break;
+
+        case 32:
+            oidSz = sizeof(ECC_256v1_AlgoID);
+            oid   =        ECC_256v1_AlgoID;
+            break;
+
+        case 48:
+            oidSz = sizeof(ECC_384r1_AlgoID);
+            oid   =        ECC_384r1_AlgoID;
+            break;
+
+        case 66:
+            oidSz = sizeof(ECC_521r1_AlgoID);
+            oid   =        ECC_521r1_AlgoID;
+            break;
+
+        default:
+            return ASN_UNKNOWN_OID_E;
+    }
+    lenSz = SetLength(oidSz, output+idx);
+    idx += lenSz;
+
+    XMEMCPY(output+idx, oid, oidSz);
+    idx += oidSz;
+
+    return idx;
+}
+
+#endif /* HAVE_ECC && WOLFSSL_CERT_GEN */
+
+
+WOLFSSL_LOCAL word32 SetAlgoID(int algoOID, byte* output, int type, int curveSz)
+{
+    /* adding TAG_NULL and 0 to end */
+    
+    /* hashTypes */
+    static const byte shaAlgoID[]    = { 0x2b, 0x0e, 0x03, 0x02, 0x1a,
+                                         0x05, 0x00 };
+    static const byte sha256AlgoID[] = { 0x60, 0x86, 0x48, 0x01, 0x65, 0x03,
+                                         0x04, 0x02, 0x01, 0x05, 0x00 };
+    static const byte sha384AlgoID[] = { 0x60, 0x86, 0x48, 0x01, 0x65, 0x03,
+                                         0x04, 0x02, 0x02, 0x05, 0x00 };
+    static const byte sha512AlgoID[] = { 0x60, 0x86, 0x48, 0x01, 0x65, 0x03,
+                                         0x04, 0x02, 0x03, 0x05, 0x00 };
+    static const byte md5AlgoID[]    = { 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d,
+                                         0x02, 0x05, 0x05, 0x00  };
+    static const byte md2AlgoID[]    = { 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d,
+                                         0x02, 0x02, 0x05, 0x00};
+
+    /* blkTypes, no NULL tags because IV is there instead */
+    static const byte desCbcAlgoID[]  = { 0x2B, 0x0E, 0x03, 0x02, 0x07 };
+    static const byte des3CbcAlgoID[] = { 0x2A, 0x86, 0x48, 0x86, 0xF7,
+                                          0x0D, 0x03, 0x07 };
+
+    /* RSA sigTypes */
+    #ifndef NO_RSA
+        static const byte md5wRSA_AlgoID[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7,
+                                            0x0d, 0x01, 0x01, 0x04, 0x05, 0x00};
+        static const byte shawRSA_AlgoID[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7,
+                                            0x0d, 0x01, 0x01, 0x05, 0x05, 0x00};
+        static const byte sha256wRSA_AlgoID[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7,
+                                            0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00};
+        static const byte sha384wRSA_AlgoID[] = {0x2a, 0x86, 0x48, 0x86, 0xf7,
+                                            0x0d, 0x01, 0x01, 0x0c, 0x05, 0x00};
+        static const byte sha512wRSA_AlgoID[] = {0x2a, 0x86, 0x48, 0x86, 0xf7,
+                                            0x0d, 0x01, 0x01, 0x0d, 0x05, 0x00};
+    #endif /* NO_RSA */
+ 
+    /* ECDSA sigTypes */
+    #ifdef HAVE_ECC 
+        static const byte shawECDSA_AlgoID[] = { 0x2a, 0x86, 0x48, 0xCE, 0x3d,
+                                                 0x04, 0x01, 0x05, 0x00};
+        static const byte sha256wECDSA_AlgoID[] = { 0x2a, 0x86, 0x48, 0xCE,0x3d,
+                                                 0x04, 0x03, 0x02, 0x05, 0x00};
+        static const byte sha384wECDSA_AlgoID[] = { 0x2a, 0x86, 0x48, 0xCE,0x3d,
+                                                 0x04, 0x03, 0x03, 0x05, 0x00};
+        static const byte sha512wECDSA_AlgoID[] = { 0x2a, 0x86, 0x48, 0xCE,0x3d,
+                                                 0x04, 0x03, 0x04, 0x05, 0x00};
+    #endif /* HAVE_ECC */
+ 
+    /* RSA keyType */
+    #ifndef NO_RSA
+        static const byte RSA_AlgoID[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d,
+                                            0x01, 0x01, 0x01, 0x05, 0x00};
+    #endif /* NO_RSA */
+
+    #ifdef HAVE_ECC 
+        /* ECC keyType */
+        /* no tags, so set tagSz smaller later */
+        static const byte ECC_AlgoID[] = { 0x2a, 0x86, 0x48, 0xCE, 0x3d,
+                                           0x02, 0x01};
+    #endif /* HAVE_ECC */
+
+    int    algoSz = 0;
+    int    tagSz  = 2;   /* tag null and terminator */
+    word32 idSz, seqSz;
+    const  byte* algoName = 0;
+    byte ID_Length[MAX_LENGTH_SZ];
+    byte seqArray[MAX_SEQ_SZ + 1];  /* add object_id to end */
+
+    if (type == hashType) {
+        switch (algoOID) {
+        case SHAh:
+            algoSz = sizeof(shaAlgoID);
+            algoName = shaAlgoID;
+            break;
+
+        case SHA256h:
+            algoSz = sizeof(sha256AlgoID);
+            algoName = sha256AlgoID;
+            break;
+
+        case SHA384h:
+            algoSz = sizeof(sha384AlgoID);
+            algoName = sha384AlgoID;
+            break;
+
+        case SHA512h:
+            algoSz = sizeof(sha512AlgoID);
+            algoName = sha512AlgoID;
+            break;
+
+        case MD2h:
+            algoSz = sizeof(md2AlgoID);
+            algoName = md2AlgoID;
+            break;
+
+        case MD5h:
+            algoSz = sizeof(md5AlgoID);
+            algoName = md5AlgoID;
+            break;
+
+        default:
+            WOLFSSL_MSG("Unknown Hash Algo");
+            return 0;  /* UNKOWN_HASH_E; */
+        }
+    }
+    else if (type == blkType) {
+        switch (algoOID) {
+        case DESb:
+            algoSz = sizeof(desCbcAlgoID);
+            algoName = desCbcAlgoID;
+            tagSz = 0;
+            break;
+        case DES3b:
+            algoSz = sizeof(des3CbcAlgoID);
+            algoName = des3CbcAlgoID;
+            tagSz = 0;
+            break;
+        default:
+            WOLFSSL_MSG("Unknown Block Algo");
+            return 0;
+        }
+    }
+    else if (type == sigType) {    /* sigType */
+        switch (algoOID) {
+        #ifndef NO_RSA
+            case CTC_MD5wRSA:
+                algoSz = sizeof(md5wRSA_AlgoID);
+                algoName = md5wRSA_AlgoID;
+                break;
+
+            case CTC_SHAwRSA:
+                algoSz = sizeof(shawRSA_AlgoID);
+                algoName = shawRSA_AlgoID;
+                break;
+
+            case CTC_SHA256wRSA:
+                algoSz = sizeof(sha256wRSA_AlgoID);
+                algoName = sha256wRSA_AlgoID;
+                break;
+
+            case CTC_SHA384wRSA:
+                algoSz = sizeof(sha384wRSA_AlgoID);
+                algoName = sha384wRSA_AlgoID;
+                break;
+
+            case CTC_SHA512wRSA:
+                algoSz = sizeof(sha512wRSA_AlgoID);
+                algoName = sha512wRSA_AlgoID;
+                break;
+        #endif /* NO_RSA */
+        #ifdef HAVE_ECC 
+            case CTC_SHAwECDSA:
+                algoSz = sizeof(shawECDSA_AlgoID);
+                algoName = shawECDSA_AlgoID;
+                break;
+
+            case CTC_SHA256wECDSA:
+                algoSz = sizeof(sha256wECDSA_AlgoID);
+                algoName = sha256wECDSA_AlgoID;
+                break;
+
+            case CTC_SHA384wECDSA:
+                algoSz = sizeof(sha384wECDSA_AlgoID);
+                algoName = sha384wECDSA_AlgoID;
+                break;
+
+            case CTC_SHA512wECDSA:
+                algoSz = sizeof(sha512wECDSA_AlgoID);
+                algoName = sha512wECDSA_AlgoID;
+                break;
+        #endif /* HAVE_ECC */
+        default:
+            WOLFSSL_MSG("Unknown Signature Algo");
+            return 0;
+        }
+    }
+    else if (type == keyType) {    /* keyType */
+        switch (algoOID) {
+        #ifndef NO_RSA
+            case RSAk:
+                algoSz = sizeof(RSA_AlgoID);
+                algoName = RSA_AlgoID;
+                break;
+        #endif /* NO_RSA */
+        #ifdef HAVE_ECC 
+            case ECDSAk:
+                algoSz = sizeof(ECC_AlgoID);
+                algoName = ECC_AlgoID;
+                tagSz = 0;
+                break;
+        #endif /* HAVE_ECC */
+        default:
+            WOLFSSL_MSG("Unknown Key Algo");
+            return 0;
+        }
+    }
+    else {
+        WOLFSSL_MSG("Unknown Algo type");
+        return 0;
+    }
+
+    idSz  = SetLength(algoSz - tagSz, ID_Length); /* don't include tags */
+    seqSz = SetSequence(idSz + algoSz + 1 + curveSz, seqArray); 
+                 /* +1 for object id, curveID of curveSz follows for ecc */
+    seqArray[seqSz++] = ASN_OBJECT_ID;
+
+    XMEMCPY(output, seqArray, seqSz);
+    XMEMCPY(output + seqSz, ID_Length, idSz);
+    XMEMCPY(output + seqSz + idSz, algoName, algoSz);
+
+    return seqSz + idSz + algoSz;
+
+}
+
+
+word32 wc_EncodeSignature(byte* out, const byte* digest, word32 digSz, int hashOID)
+{
+    byte digArray[MAX_ENCODED_DIG_SZ];
+    byte algoArray[MAX_ALGO_SZ];
+    byte seqArray[MAX_SEQ_SZ];
+    word32 encDigSz, algoSz, seqSz; 
+
+    encDigSz = SetDigest(digest, digSz, digArray);
+    algoSz   = SetAlgoID(hashOID, algoArray, hashType, 0);
+    seqSz    = SetSequence(encDigSz + algoSz, seqArray);
+
+    XMEMCPY(out, seqArray, seqSz);
+    XMEMCPY(out + seqSz, algoArray, algoSz);
+    XMEMCPY(out + seqSz + algoSz, digArray, encDigSz);
+
+    return encDigSz + algoSz + seqSz;
+}
+
+
+int wc_GetCTC_HashOID(int type)
+{
+    switch (type) {
+#ifdef WOLFSSL_MD2
+        case MD2:
+            return MD2h;
+#endif
+#ifndef NO_MD5
+        case MD5:
+            return MD5h;
+#endif
+#ifndef NO_SHA
+        case SHA:
+            return SHAh;
+#endif
+#ifndef NO_SHA256
+        case SHA256:
+            return SHA256h;
+#endif
+#ifdef WOLFSSL_SHA384
+        case SHA384:
+            return SHA384h;
+#endif
+#ifdef WOLFSSL_SHA512
+        case SHA512:
+            return SHA512h;
+#endif
+        default:
+            return 0;
+    };
+}
+
+
+/* return true (1) or false (0) for Confirmation */
+static int ConfirmSignature(const byte* buf, word32 bufSz,
+    const byte* key, word32 keySz, word32 keyOID,
+    const byte* sig, word32 sigSz, word32 sigOID,
+    void* heap)
+{
+    int  typeH = 0, digestSz = 0, ret = 0;
+#ifdef WOLFSSL_SMALL_STACK
+    byte* digest;
+#else
+    byte digest[MAX_DIGEST_SIZE];
+#endif
+
+#ifdef WOLFSSL_SMALL_STACK
+    digest = (byte*)XMALLOC(MAX_DIGEST_SIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    if (digest == NULL)
+        return 0; /* not confirmed */
+#endif
+
+    (void)key;
+    (void)keySz;
+    (void)sig;
+    (void)sigSz;
+    (void)heap;
+
+    switch (sigOID) {
+    #ifndef NO_MD5
+        case CTC_MD5wRSA:
+        if (wc_Md5Hash(buf, bufSz, digest) == 0) {
+            typeH    = MD5h;
+            digestSz = MD5_DIGEST_SIZE;
+        }
+        break;
+    #endif
+    #if defined(WOLFSSL_MD2)
+        case CTC_MD2wRSA:
+        if (wc_Md2Hash(buf, bufSz, digest) == 0) {
+            typeH    = MD2h;
+            digestSz = MD2_DIGEST_SIZE;
+        }
+        break;
+    #endif
+    #ifndef NO_SHA
+        case CTC_SHAwRSA:
+        case CTC_SHAwDSA:
+        case CTC_SHAwECDSA:
+        if (wc_ShaHash(buf, bufSz, digest) == 0) {    
+            typeH    = SHAh;
+            digestSz = SHA_DIGEST_SIZE;                
+        }
+        break;
+    #endif
+    #ifndef NO_SHA256
+        case CTC_SHA256wRSA:
+        case CTC_SHA256wECDSA:
+        if (wc_Sha256Hash(buf, bufSz, digest) == 0) {    
+            typeH    = SHA256h;
+            digestSz = SHA256_DIGEST_SIZE;
+        }
+        break;
+    #endif
+    #ifdef WOLFSSL_SHA512
+        case CTC_SHA512wRSA:
+        case CTC_SHA512wECDSA:
+        if (wc_Sha512Hash(buf, bufSz, digest) == 0) {    
+            typeH    = SHA512h;
+            digestSz = SHA512_DIGEST_SIZE;
+        }
+        break;
+    #endif
+    #ifdef WOLFSSL_SHA384
+        case CTC_SHA384wRSA:
+        case CTC_SHA384wECDSA:
+        if (wc_Sha384Hash(buf, bufSz, digest) == 0) {    
+            typeH    = SHA384h;
+            digestSz = SHA384_DIGEST_SIZE;
+        }            
+        break;
+    #endif
+        default:
+            WOLFSSL_MSG("Verify Signautre has unsupported type");
+    }
+    
+    if (typeH == 0) {
+#ifdef WOLFSSL_SMALL_STACK
+        XFREE(digest, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+        return 0; /* not confirmed */
+    }
+
+    switch (keyOID) {
+    #ifndef NO_RSA
+        case RSAk:
+        {
+            word32 idx = 0;
+            int    encodedSigSz, verifySz;
+            byte*  out;
+#ifdef WOLFSSL_SMALL_STACK
+            RsaKey* pubKey;
+            byte* plain;
+            byte* encodedSig;
+#else
+            RsaKey pubKey[1];
+            byte plain[MAX_ENCODED_SIG_SZ];
+            byte encodedSig[MAX_ENCODED_SIG_SZ];
+#endif
+
+#ifdef WOLFSSL_SMALL_STACK
+            pubKey = (RsaKey*)XMALLOC(sizeof(RsaKey), NULL,
+                                                       DYNAMIC_TYPE_TMP_BUFFER);
+            plain = (byte*)XMALLOC(MAX_ENCODED_SIG_SZ, NULL,
+                                                       DYNAMIC_TYPE_TMP_BUFFER);
+            encodedSig = (byte*)XMALLOC(MAX_ENCODED_SIG_SZ, NULL,
+                                                       DYNAMIC_TYPE_TMP_BUFFER);
+            
+            if (pubKey == NULL || plain == NULL || encodedSig == NULL) {
+                WOLFSSL_MSG("Failed to allocate memory at ConfirmSignature");
+                
+                if (pubKey)
+                    XFREE(pubKey, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+                if (plain)
+                    XFREE(plain, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+                if (encodedSig)
+                    XFREE(encodedSig, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+                
+                break; /* not confirmed */
+            }
+#endif
+
+            if (sigSz > MAX_ENCODED_SIG_SZ) {
+                WOLFSSL_MSG("Verify Signautre is too big");
+            }
+            else if (wc_InitRsaKey(pubKey, heap) != 0) {
+                WOLFSSL_MSG("InitRsaKey failed");
+            }
+            else if (wc_RsaPublicKeyDecode(key, &idx, pubKey, keySz) < 0) {
+                WOLFSSL_MSG("ASN Key decode error RSA");
+            }
+            else {
+                XMEMCPY(plain, sig, sigSz);
+
+                if ((verifySz = wc_RsaSSL_VerifyInline(plain, sigSz, &out,
+                                                                 pubKey)) < 0) {
+                    WOLFSSL_MSG("Rsa SSL verify error");
+                }
+                else {
+                    /* make sure we're right justified */
+                    encodedSigSz =
+                        wc_EncodeSignature(encodedSig, digest, digestSz, typeH);
+                    if (encodedSigSz != verifySz ||
+                                XMEMCMP(out, encodedSig, encodedSigSz) != 0) {
+                        WOLFSSL_MSG("Rsa SSL verify match encode error");
+                    }
+                    else
+                        ret = 1; /* match */
+
+                    #ifdef WOLFSSL_DEBUG_ENCODING
+                    {
+                        int x;
+
+                        printf("wolfssl encodedSig:\n");
+
+                        for (x = 0; x < encodedSigSz; x++) {
+                            printf("%02x ", encodedSig[x]);
+                            if ( (x % 16) == 15)
+                                printf("\n");
+                        }
+
+                        printf("\n");
+                        printf("actual digest:\n");
+
+                        for (x = 0; x < verifySz; x++) {
+                            printf("%02x ", out[x]);
+                            if ( (x % 16) == 15)
+                                printf("\n");
+                        }
+
+                        printf("\n");
+                    }
+                    #endif /* WOLFSSL_DEBUG_ENCODING */
+
+                }
+
+            }
+
+            wc_FreeRsaKey(pubKey);
+
+#ifdef WOLFSSL_SMALL_STACK
+            XFREE(pubKey,     NULL, DYNAMIC_TYPE_TMP_BUFFER);
+            XFREE(plain,      NULL, DYNAMIC_TYPE_TMP_BUFFER);
+            XFREE(encodedSig, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+            break;
+        }
+
+    #endif /* NO_RSA */
+    #ifdef HAVE_ECC
+        case ECDSAk:
+        {
+            int verify = 0;
+#ifdef WOLFSSL_SMALL_STACK
+            ecc_key* pubKey;
+#else
+            ecc_key pubKey[1];
+#endif
+
+#ifdef WOLFSSL_SMALL_STACK
+            pubKey = (ecc_key*)XMALLOC(sizeof(ecc_key), NULL,
+                                                       DYNAMIC_TYPE_TMP_BUFFER);
+            if (pubKey == NULL) {
+                WOLFSSL_MSG("Failed to allocate pubKey");
+                break; /* not confirmed */
+            }
+#endif
+
+            if (wc_ecc_init(pubKey) < 0) {
+                WOLFSSL_MSG("Failed to initialize key");
+                break; /* not confirmed */
+            }
+            if (wc_ecc_import_x963(key, keySz, pubKey) < 0) {
+                WOLFSSL_MSG("ASN Key import error ECC");
+            }
+            else {   
+                if (wc_ecc_verify_hash(sig, sigSz, digest, digestSz, &verify,
+                                                                pubKey) != 0) {
+                    WOLFSSL_MSG("ECC verify hash error");
+                }
+                else if (1 != verify) {
+                    WOLFSSL_MSG("ECC Verify didn't match");
+                } else
+                    ret = 1; /* match */
+
+            }
+            wc_ecc_free(pubKey);
+
+#ifdef WOLFSSL_SMALL_STACK
+            XFREE(pubKey, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+            break;
+        }
+    #endif /* HAVE_ECC */
+        default:
+            WOLFSSL_MSG("Verify Key type unknown");
+    }
+    
+#ifdef WOLFSSL_SMALL_STACK
+    XFREE(digest, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+
+    return ret;
+}
+
+
+#ifndef IGNORE_NAME_CONSTRAINTS
+
+static int MatchBaseName(int type, const char* name, int nameSz,
+                                                   const char* base, int baseSz)
+{
+    if (base == NULL || baseSz <= 0 || name == NULL || nameSz <= 0 ||
+            name[0] == '.' || nameSz < baseSz ||
+            (type != ASN_RFC822_TYPE && type != ASN_DNS_TYPE))
+        return 0;
+
+    /* If an email type, handle special cases where the base is only
+     * a domain, or is an email address itself. */
+    if (type == ASN_RFC822_TYPE) {
+        const char* p = NULL;
+        int count = 0;
+
+        if (base[0] != '.') {
+            p = base;
+            count = 0;
+
+            /* find the '@' in the base */
+            while (*p != '@' && count < baseSz) {
+                count++;
+                p++;
+            }
+
+            /* No '@' in base, reset p to NULL */
+            if (count >= baseSz)
+                p = NULL;
+        }
+
+        if (p == NULL) {
+            /* Base isn't an email address, it is a domain name,
+             * wind the name forward one character past its '@'. */
+            p = name;
+            count = 0;
+            while (*p != '@' && count < baseSz) {
+                count++;
+                p++;
+            }
+
+            if (count < baseSz && *p == '@') {
+                name = p + 1;
+                nameSz -= count + 1;
+            }
+        }
+    }
+
+    if ((type == ASN_DNS_TYPE || type == ASN_RFC822_TYPE) && base[0] == '.') {
+        int szAdjust = nameSz - baseSz;
+        name += szAdjust;
+        nameSz -= szAdjust;
+    }
+
+    while (nameSz > 0) {
+        if (XTOLOWER((unsigned char)*name++) != 
+                                               XTOLOWER((unsigned char)*base++))
+            return 0;
+        nameSz--;
+    }
+
+    return 1;
+}
+
+
+static int ConfirmNameConstraints(Signer* signer, DecodedCert* cert)
+{
+    if (signer == NULL || cert == NULL)
+        return 0;
+
+    /* Check against the excluded list */
+    if (signer->excludedNames) {
+        Base_entry* base = signer->excludedNames;
+
+        while (base != NULL) {
+            if (base->type == ASN_DNS_TYPE) {
+                DNS_entry* name = cert->altNames;
+                while (name != NULL) {
+                    if (MatchBaseName(ASN_DNS_TYPE,
+                                          name->name, (int)XSTRLEN(name->name),
+                                          base->name, base->nameSz))
+                        return 0;
+                    name = name->next;
+                }
+            }
+            else if (base->type == ASN_RFC822_TYPE) {
+                DNS_entry* name = cert->altEmailNames;
+                while (name != NULL) {
+                    if (MatchBaseName(ASN_RFC822_TYPE,
+                                          name->name, (int)XSTRLEN(name->name),
+                                          base->name, base->nameSz))
+                        return 0;
+
+                    name = name->next;
+                }
+            }
+            else if (base->type == ASN_DIR_TYPE) {
+                if (cert->subjectRawLen == base->nameSz &&
+                    XMEMCMP(cert->subjectRaw, base->name, base->nameSz) == 0) {
+
+                    return 0;
+                }
+            }
+            base = base->next;
+        }
+    }
+
+    /* Check against the permitted list */
+    if (signer->permittedNames != NULL) {
+        int needDns = 0;
+        int matchDns = 0;
+        int needEmail = 0;
+        int matchEmail = 0;
+        int needDir = 0;
+        int matchDir = 0;
+        Base_entry* base = signer->permittedNames;
+
+        while (base != NULL) {
+            if (base->type == ASN_DNS_TYPE) {
+                DNS_entry* name = cert->altNames;
+
+                if (name != NULL)
+                    needDns = 1;
+
+                while (name != NULL) {
+                    matchDns = MatchBaseName(ASN_DNS_TYPE,
+                                          name->name, (int)XSTRLEN(name->name),
+                                          base->name, base->nameSz);
+                    name = name->next;
+                }
+            }
+            else if (base->type == ASN_RFC822_TYPE) {
+                DNS_entry* name = cert->altEmailNames;
+
+                if (name != NULL)
+                    needEmail = 1;
+
+                while (name != NULL) {
+                    matchEmail = MatchBaseName(ASN_DNS_TYPE,
+                                          name->name, (int)XSTRLEN(name->name),
+                                          base->name, base->nameSz);
+                    name = name->next;
+                }
+            }
+            else if (base->type == ASN_DIR_TYPE) {
+                needDir = 1;
+                if (cert->subjectRaw != NULL &&
+                    cert->subjectRawLen == base->nameSz &&
+                    XMEMCMP(cert->subjectRaw, base->name, base->nameSz) == 0) {
+
+                    matchDir = 1;
+                }
+            }
+            base = base->next;
+        }
+
+        if ((needDns && !matchDns) || (needEmail && !matchEmail) ||
+            (needDir && !matchDir)) {
+
+            return 0;
+        }
+    }
+
+    return 1;
+}
+
+#endif /* IGNORE_NAME_CONSTRAINTS */
+
+
+static int DecodeAltNames(byte* input, int sz, DecodedCert* cert)
+{
+    word32 idx = 0;
+    int length = 0;
+
+    WOLFSSL_ENTER("DecodeAltNames");
+
+    if (GetSequence(input, &idx, &length, sz) < 0) {
+        WOLFSSL_MSG("\tBad Sequence");
+        return ASN_PARSE_E;
+    }
+
+    while (length > 0) {
+        byte       b = input[idx++];
+
+        length--;
+
+        /* Save DNS Type names in the altNames list. */
+        /* Save Other Type names in the cert's OidMap */
+        if (b == (ASN_CONTEXT_SPECIFIC | ASN_DNS_TYPE)) {
+            DNS_entry* dnsEntry;
+            int strLen;
+            word32 lenStartIdx = idx;
+
+            if (GetLength(input, &idx, &strLen, sz) < 0) {
+                WOLFSSL_MSG("\tfail: str length");
+                return ASN_PARSE_E;
+            }
+            length -= (idx - lenStartIdx);
+
+            dnsEntry = (DNS_entry*)XMALLOC(sizeof(DNS_entry), cert->heap,
+                                        DYNAMIC_TYPE_ALTNAME);
+            if (dnsEntry == NULL) {
+                WOLFSSL_MSG("\tOut of Memory");
+                return ASN_PARSE_E;
+            }
+
+            dnsEntry->name = (char*)XMALLOC(strLen + 1, cert->heap,
+                                         DYNAMIC_TYPE_ALTNAME);
+            if (dnsEntry->name == NULL) {
+                WOLFSSL_MSG("\tOut of Memory");
+                XFREE(dnsEntry, cert->heap, DYNAMIC_TYPE_ALTNAME);
+                return ASN_PARSE_E;
+            }
+
+            XMEMCPY(dnsEntry->name, &input[idx], strLen);
+            dnsEntry->name[strLen] = '\0';
+
+            dnsEntry->next = cert->altNames;
+            cert->altNames = dnsEntry;
+
+            length -= strLen;
+            idx    += strLen;
+        }
+#ifndef IGNORE_NAME_CONSTRAINTS
+        else if (b == (ASN_CONTEXT_SPECIFIC | ASN_RFC822_TYPE)) {
+            DNS_entry* emailEntry;
+            int strLen;
+            word32 lenStartIdx = idx;
+
+            if (GetLength(input, &idx, &strLen, sz) < 0) {
+                WOLFSSL_MSG("\tfail: str length");
+                return ASN_PARSE_E;
+            }
+            length -= (idx - lenStartIdx);
+
+            emailEntry = (DNS_entry*)XMALLOC(sizeof(DNS_entry), cert->heap,
+                                        DYNAMIC_TYPE_ALTNAME);
+            if (emailEntry == NULL) {
+                WOLFSSL_MSG("\tOut of Memory");
+                return ASN_PARSE_E;
+            }
+
+            emailEntry->name = (char*)XMALLOC(strLen + 1, cert->heap,
+                                         DYNAMIC_TYPE_ALTNAME);
+            if (emailEntry->name == NULL) {
+                WOLFSSL_MSG("\tOut of Memory");
+                XFREE(emailEntry, cert->heap, DYNAMIC_TYPE_ALTNAME);
+                return ASN_PARSE_E;
+            }
+
+            XMEMCPY(emailEntry->name, &input[idx], strLen);
+            emailEntry->name[strLen] = '\0';
+
+            emailEntry->next = cert->altEmailNames;
+            cert->altEmailNames = emailEntry;
+
+            length -= strLen;
+            idx    += strLen;
+        }
+#endif /* IGNORE_NAME_CONSTRAINTS */
+#ifdef WOLFSSL_SEP
+        else if (b == (ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED | ASN_OTHER_TYPE))
+        {
+            int strLen;
+            word32 lenStartIdx = idx;
+            word32 oid = 0;
+
+            if (GetLength(input, &idx, &strLen, sz) < 0) {
+                WOLFSSL_MSG("\tfail: other name length");
+                return ASN_PARSE_E;
+            }
+            /* Consume the rest of this sequence. */
+            length -= (strLen + idx - lenStartIdx);
+
+            if (GetObjectId(input, &idx, &oid, sz) < 0) {
+                WOLFSSL_MSG("\tbad OID");
+                return ASN_PARSE_E;
+            }
+
+            if (oid != HW_NAME_OID) {
+                WOLFSSL_MSG("\tincorrect OID");
+                return ASN_PARSE_E;
+            }
+
+            if (input[idx++] != (ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED)) {
+                WOLFSSL_MSG("\twrong type");
+                return ASN_PARSE_E;
+            }
+
+            if (GetLength(input, &idx, &strLen, sz) < 0) {
+                WOLFSSL_MSG("\tfail: str len");
+                return ASN_PARSE_E;
+            }
+
+            if (GetSequence(input, &idx, &strLen, sz) < 0) {
+                WOLFSSL_MSG("\tBad Sequence");
+                return ASN_PARSE_E;
+            }
+
+            if (input[idx++] != ASN_OBJECT_ID) {
+                WOLFSSL_MSG("\texpected OID");
+                return ASN_PARSE_E;
+            }
+
+            if (GetLength(input, &idx, &strLen, sz) < 0) {
+                WOLFSSL_MSG("\tfailed: str len");
+                return ASN_PARSE_E;
+            }
+
+            cert->hwType = (byte*)XMALLOC(strLen, cert->heap, 0);
+            if (cert->hwType == NULL) {
+                WOLFSSL_MSG("\tOut of Memory");
+                return MEMORY_E;
+            }
+
+            XMEMCPY(cert->hwType, &input[idx], strLen);
+            cert->hwTypeSz = strLen;
+            idx += strLen;
+
+            if (input[idx++] != ASN_OCTET_STRING) {
+                WOLFSSL_MSG("\texpected Octet String");
+                return ASN_PARSE_E;
+            }
+
+            if (GetLength(input, &idx, &strLen, sz) < 0) {
+                WOLFSSL_MSG("\tfailed: str len");
+                return ASN_PARSE_E;
+            }
+
+            cert->hwSerialNum = (byte*)XMALLOC(strLen + 1, cert->heap, 0);
+            if (cert->hwSerialNum == NULL) {
+                WOLFSSL_MSG("\tOut of Memory");
+                return MEMORY_E;
+            }
+
+            XMEMCPY(cert->hwSerialNum, &input[idx], strLen);
+            cert->hwSerialNum[strLen] = '\0';
+            cert->hwSerialNumSz = strLen;
+            idx += strLen;
+        }
+#endif /* WOLFSSL_SEP */
+        else {
+            int strLen;
+            word32 lenStartIdx = idx;
+
+            WOLFSSL_MSG("\tUnsupported name type, skipping");
+
+            if (GetLength(input, &idx, &strLen, sz) < 0) {
+                WOLFSSL_MSG("\tfail: unsupported name length");
+                return ASN_PARSE_E;
+            }
+            length -= (strLen + idx - lenStartIdx);
+            idx += strLen;
+        }
+    }
+    return 0;
+}
+
+
+static int DecodeBasicCaConstraint(byte* input, int sz, DecodedCert* cert)
+{
+    word32 idx = 0;
+    int length = 0;
+
+    WOLFSSL_ENTER("DecodeBasicCaConstraint");
+    if (GetSequence(input, &idx, &length, sz) < 0) {
+        WOLFSSL_MSG("\tfail: bad SEQUENCE");
+        return ASN_PARSE_E;
+    }
+
+    if (length == 0)
+        return 0;
+
+    /* If the basic ca constraint is false, this extension may be named, but
+     * left empty. So, if the length is 0, just return. */
+
+    if (input[idx++] != ASN_BOOLEAN)
+    {
+        WOLFSSL_MSG("\tfail: constraint not BOOLEAN");
+        return ASN_PARSE_E;
+    }
+
+    if (GetLength(input, &idx, &length, sz) < 0)
+    {
+        WOLFSSL_MSG("\tfail: length");
+        return ASN_PARSE_E;
+    }
+
+    if (input[idx++])
+        cert->isCA = 1;
+
+    #ifdef OPENSSL_EXTRA
+        /* If there isn't any more data, return. */
+        if (idx >= (word32)sz)
+            return 0;
+
+        /* Anything left should be the optional pathlength */
+        if (input[idx++] != ASN_INTEGER) {
+            WOLFSSL_MSG("\tfail: pathlen not INTEGER");
+            return ASN_PARSE_E;
+        }
+
+        if (input[idx++] != 1) {
+            WOLFSSL_MSG("\tfail: pathlen too long");
+            return ASN_PARSE_E;
+        }
+
+        cert->pathLength = input[idx];
+        cert->extBasicConstPlSet = 1;
+    #endif /* OPENSSL_EXTRA */
+
+    return 0;
+}
+
+
+#define CRLDP_FULL_NAME 0
+    /* From RFC3280 SS4.2.1.14, Distribution Point Name*/
+#define GENERALNAME_URI 6
+    /* From RFC3280 SS4.2.1.7, GeneralName */
+
+static int DecodeCrlDist(byte* input, int sz, DecodedCert* cert)
+{
+    word32 idx = 0;
+    int length = 0;
+
+    WOLFSSL_ENTER("DecodeCrlDist");
+
+    /* Unwrap the list of Distribution Points*/
+    if (GetSequence(input, &idx, &length, sz) < 0)
+        return ASN_PARSE_E;
+
+    /* Unwrap a single Distribution Point */
+    if (GetSequence(input, &idx, &length, sz) < 0)
+        return ASN_PARSE_E;
+
+    /* The Distribution Point has three explicit optional members
+     *  First check for a DistributionPointName
+     */
+    if (input[idx] == (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 0))
+    {
+        idx++;
+        if (GetLength(input, &idx, &length, sz) < 0)
+            return ASN_PARSE_E;
+
+        if (input[idx] == 
+                    (ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED | CRLDP_FULL_NAME))
+        {
+            idx++;
+            if (GetLength(input, &idx, &length, sz) < 0)
+                return ASN_PARSE_E;
+
+            if (input[idx] == (ASN_CONTEXT_SPECIFIC | GENERALNAME_URI))
+            {
+                idx++;
+                if (GetLength(input, &idx, &length, sz) < 0)
+                    return ASN_PARSE_E;
+
+                cert->extCrlInfoSz = length;
+                cert->extCrlInfo = input + idx;
+                idx += length;
+            }
+            else
+                /* This isn't a URI, skip it. */
+                idx += length;
+        }
+        else
+            /* This isn't a FULLNAME, skip it. */
+            idx += length;
+    }
+
+    /* Check for reasonFlags */
+    if (idx < (word32)sz &&
+        input[idx] == (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 1))
+    {
+        idx++;
+        if (GetLength(input, &idx, &length, sz) < 0)
+            return ASN_PARSE_E;
+        idx += length;
+    }
+
+    /* Check for cRLIssuer */
+    if (idx < (word32)sz &&
+        input[idx] == (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 2))
+    {
+        idx++;
+        if (GetLength(input, &idx, &length, sz) < 0)
+            return ASN_PARSE_E;
+        idx += length;
+    }
+
+    if (idx < (word32)sz)
+    {
+        WOLFSSL_MSG("\tThere are more CRL Distribution Point records, "
+                   "but we only use the first one.");
+    }
+
+    return 0;
+}
+
+
+static int DecodeAuthInfo(byte* input, int sz, DecodedCert* cert)
+/*
+ *  Read the first of the Authority Information Access records. If there are
+ *  any issues, return without saving the record.
+ */
+{
+    word32 idx = 0;
+    int length = 0;
+    byte b;
+    word32 oid;
+
+    WOLFSSL_ENTER("DecodeAuthInfo");
+
+    /* Unwrap the list of AIAs */
+    if (GetSequence(input, &idx, &length, sz) < 0)
+        return ASN_PARSE_E;
+
+    while (idx < (word32)sz) {
+        /* Unwrap a single AIA */
+        if (GetSequence(input, &idx, &length, sz) < 0)
+            return ASN_PARSE_E;
+
+        oid = 0;
+        if (GetObjectId(input, &idx, &oid, sz) < 0)
+            return ASN_PARSE_E;
+
+        /* Only supporting URIs right now. */
+        b = input[idx++];
+        if (GetLength(input, &idx, &length, sz) < 0)
+            return ASN_PARSE_E;
+
+        if (b == (ASN_CONTEXT_SPECIFIC | GENERALNAME_URI) &&
+            oid == AIA_OCSP_OID)
+        {
+            cert->extAuthInfoSz = length;
+            cert->extAuthInfo = input + idx;
+            break;
+        }
+        idx += length;
+    }
+
+    return 0;
+}
+
+
+static int DecodeAuthKeyId(byte* input, int sz, DecodedCert* cert)
+{
+    word32 idx = 0;
+    int length = 0, ret = 0;
+
+    WOLFSSL_ENTER("DecodeAuthKeyId");
+
+    if (GetSequence(input, &idx, &length, sz) < 0) {
+        WOLFSSL_MSG("\tfail: should be a SEQUENCE\n");
+        return ASN_PARSE_E;
+    }
+
+    if (input[idx++] != (ASN_CONTEXT_SPECIFIC | 0)) {
+        WOLFSSL_MSG("\tinfo: OPTIONAL item 0, not available\n");
+        return 0;
+    }
+
+    if (GetLength(input, &idx, &length, sz) < 0) {
+        WOLFSSL_MSG("\tfail: extension data length");
+        return ASN_PARSE_E;
+    }
+
+    #ifdef OPENSSL_EXTRA
+        cert->extAuthKeyIdSrc = &input[idx];
+        cert->extAuthKeyIdSz = length;
+    #endif /* OPENSSL_EXTRA */
+
+    if (length == SHA_SIZE) {
+        XMEMCPY(cert->extAuthKeyId, input + idx, length);
+    }
+    else {
+        Sha sha;
+        ret = wc_InitSha(&sha);
+        if (ret != 0)
+            return ret;
+        wc_ShaUpdate(&sha, input + idx, length);
+        wc_ShaFinal(&sha, cert->extAuthKeyId);
+    }
+
+    return 0;
+}
+
+
+static int DecodeSubjKeyId(byte* input, int sz, DecodedCert* cert)
+{
+    word32 idx = 0;
+    int length = 0, ret = 0;
+
+    WOLFSSL_ENTER("DecodeSubjKeyId");
+
+    if (input[idx++] != ASN_OCTET_STRING) {
+        WOLFSSL_MSG("\tfail: should be an OCTET STRING");
+        return ASN_PARSE_E;
+    }
+
+    if (GetLength(input, &idx, &length, sz) < 0) {
+        WOLFSSL_MSG("\tfail: extension data length");
+        return ASN_PARSE_E;
+    }
+
+    #ifdef OPENSSL_EXTRA
+        cert->extSubjKeyIdSrc = &input[idx];
+        cert->extSubjKeyIdSz = length;
+    #endif /* OPENSSL_EXTRA */
+
+    if (length == SIGNER_DIGEST_SIZE) {
+        XMEMCPY(cert->extSubjKeyId, input + idx, length);
+    }
+    else {
+        Sha sha;
+        ret = wc_InitSha(&sha);
+        if (ret != 0)
+            return ret;
+        wc_ShaUpdate(&sha, input + idx, length);
+        wc_ShaFinal(&sha, cert->extSubjKeyId);
+    }
+
+    return ret;
+}
+
+
+static int DecodeKeyUsage(byte* input, int sz, DecodedCert* cert)
+{
+    word32 idx = 0;
+    int length;
+    byte unusedBits;
+    WOLFSSL_ENTER("DecodeKeyUsage");
+
+    if (input[idx++] != ASN_BIT_STRING) {
+        WOLFSSL_MSG("\tfail: key usage expected bit string");
+        return ASN_PARSE_E;
+    }
+
+    if (GetLength(input, &idx, &length, sz) < 0) {
+        WOLFSSL_MSG("\tfail: key usage bad length");
+        return ASN_PARSE_E;
+    }
+
+    unusedBits = input[idx++];
+    length--;
+
+    if (length == 2) {
+        cert->extKeyUsage = (word16)((input[idx] << 8) | input[idx+1]);
+        cert->extKeyUsage >>= unusedBits;
+    }
+    else if (length == 1)
+        cert->extKeyUsage = (word16)(input[idx] << 1);
+
+    return 0;
+}
+
+
+static int DecodeExtKeyUsage(byte* input, int sz, DecodedCert* cert)
+{
+    word32 idx = 0, oid;
+    int length;
+
+    WOLFSSL_ENTER("DecodeExtKeyUsage");
+
+    if (GetSequence(input, &idx, &length, sz) < 0) {
+        WOLFSSL_MSG("\tfail: should be a SEQUENCE");
+        return ASN_PARSE_E;
+    }
+
+    #ifdef OPENSSL_EXTRA
+        cert->extExtKeyUsageSrc = input + idx;
+        cert->extExtKeyUsageSz = length;
+    #endif
+
+    while (idx < (word32)sz) {
+        if (GetObjectId(input, &idx, &oid, sz) < 0)
+            return ASN_PARSE_E;
+
+        switch (oid) {
+            case EKU_ANY_OID:
+                cert->extExtKeyUsage |= EXTKEYUSE_ANY;
+                break;
+            case EKU_SERVER_AUTH_OID:
+                cert->extExtKeyUsage |= EXTKEYUSE_SERVER_AUTH;
+                break;
+            case EKU_CLIENT_AUTH_OID:
+                cert->extExtKeyUsage |= EXTKEYUSE_CLIENT_AUTH;
+                break;
+            case EKU_OCSP_SIGN_OID:
+                cert->extExtKeyUsage |= EXTKEYUSE_OCSP_SIGN;
+                break;
+        }
+
+        #ifdef OPENSSL_EXTRA
+            cert->extExtKeyUsageCount++;
+        #endif
+    }
+
+    return 0;
+}
+
+
+#ifndef IGNORE_NAME_CONSTRAINTS
+static int DecodeSubtree(byte* input, int sz, Base_entry** head, void* heap)
+{
+    word32 idx = 0;
+
+    (void)heap;
+
+    while (idx < (word32)sz) {
+        int seqLength, strLength;
+        word32 nameIdx;
+        byte b;
+
+        if (GetSequence(input, &idx, &seqLength, sz) < 0) {
+            WOLFSSL_MSG("\tfail: should be a SEQUENCE");
+            return ASN_PARSE_E;
+        }
+
+        nameIdx = idx;
+        b = input[nameIdx++];
+        if (GetLength(input, &nameIdx, &strLength, sz) <= 0) {
+            WOLFSSL_MSG("\tinvalid length");
+            return ASN_PARSE_E;
+        }
+
+        if (b == (ASN_CONTEXT_SPECIFIC | ASN_DNS_TYPE) ||
+            b == (ASN_CONTEXT_SPECIFIC | ASN_RFC822_TYPE) ||
+            b == (ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED | ASN_DIR_TYPE)) {
+
+            Base_entry* entry = (Base_entry*)XMALLOC(sizeof(Base_entry),
+                                                    heap, DYNAMIC_TYPE_ALTNAME);
+
+            if (entry == NULL) {
+                WOLFSSL_MSG("allocate error");
+                return MEMORY_E;
+            }
+
+            entry->name = (char*)XMALLOC(strLength, heap, DYNAMIC_TYPE_ALTNAME);
+            if (entry->name == NULL) {
+                WOLFSSL_MSG("allocate error");
+                return MEMORY_E;
+            }
+
+            XMEMCPY(entry->name, &input[nameIdx], strLength);
+            entry->nameSz = strLength;
+            entry->type = b & 0x0F;
+
+            entry->next = *head;
+            *head = entry;
+        }
+
+        idx += seqLength;
+    }
+
+    return 0;
+}
+
+
+static int DecodeNameConstraints(byte* input, int sz, DecodedCert* cert)
+{
+    word32 idx = 0;
+    int length = 0;
+
+    WOLFSSL_ENTER("DecodeNameConstraints");
+
+    if (GetSequence(input, &idx, &length, sz) < 0) {
+        WOLFSSL_MSG("\tfail: should be a SEQUENCE");
+        return ASN_PARSE_E;
+    }
+
+    while (idx < (word32)sz) {
+        byte b = input[idx++];
+        Base_entry** subtree = NULL;
+
+        if (GetLength(input, &idx, &length, sz) <= 0) {
+            WOLFSSL_MSG("\tinvalid length");
+            return ASN_PARSE_E;
+        }
+
+        if (b == (ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED | 0))
+            subtree = &cert->permittedNames;
+        else if (b == (ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED | 1))
+            subtree = &cert->excludedNames;
+        else {
+            WOLFSSL_MSG("\tinvalid subtree");
+            return ASN_PARSE_E;
+        }
+
+        DecodeSubtree(input + idx, length, subtree, cert->heap);
+
+        idx += length;
+    }
+
+    return 0;
+}
+#endif /* IGNORE_NAME_CONSTRAINTS */
+
+
+#ifdef WOLFSSL_SEP
+    static int DecodeCertPolicy(byte* input, int sz, DecodedCert* cert)
+    {
+        word32 idx = 0;
+        int length = 0;
+
+        WOLFSSL_ENTER("DecodeCertPolicy");
+
+        /* Unwrap certificatePolicies */
+        if (GetSequence(input, &idx, &length, sz) < 0) {
+            WOLFSSL_MSG("\tdeviceType isn't OID");
+            return ASN_PARSE_E;
+        }
+
+        if (GetSequence(input, &idx, &length, sz) < 0) {
+            WOLFSSL_MSG("\tdeviceType isn't OID");
+            return ASN_PARSE_E;
+        }
+
+        if (input[idx++] != ASN_OBJECT_ID) {
+            WOLFSSL_MSG("\tdeviceType isn't OID");
+            return ASN_PARSE_E;
+        }
+
+        if (GetLength(input, &idx, &length, sz) < 0) {
+            WOLFSSL_MSG("\tCouldn't read length of deviceType");
+            return ASN_PARSE_E;
+        }
+
+        if (length > 0) {
+            cert->deviceType = (byte*)XMALLOC(length, cert->heap, 0);
+            if (cert->deviceType == NULL) {
+                WOLFSSL_MSG("\tCouldn't alloc memory for deviceType");
+                return MEMORY_E;
+            }
+            cert->deviceTypeSz = length;
+            XMEMCPY(cert->deviceType, input + idx, length);
+        }
+
+        WOLFSSL_LEAVE("DecodeCertPolicy", 0);
+        return 0;
+    }
+#endif /* WOLFSSL_SEP */
+
+
+static int DecodeCertExtensions(DecodedCert* cert)
+/*
+ *  Processing the Certificate Extensions. This does not modify the current
+ *  index. It is works starting with the recorded extensions pointer.
+ */
+{
+    word32 idx = 0;
+    int sz = cert->extensionsSz;
+    byte* input = cert->extensions;
+    int length;
+    word32 oid;
+    byte critical = 0;
+    byte criticalFail = 0;
+
+    WOLFSSL_ENTER("DecodeCertExtensions");
+
+    if (input == NULL || sz == 0)
+        return BAD_FUNC_ARG;
+
+    if (input[idx++] != ASN_EXTENSIONS)
+        return ASN_PARSE_E;
+
+    if (GetLength(input, &idx, &length, sz) < 0)
+        return ASN_PARSE_E;
+
+    if (GetSequence(input, &idx, &length, sz) < 0)
+        return ASN_PARSE_E;
+    
+    while (idx < (word32)sz) {
+        if (GetSequence(input, &idx, &length, sz) < 0) {
+            WOLFSSL_MSG("\tfail: should be a SEQUENCE");
+            return ASN_PARSE_E;
+        }
+
+        oid = 0;
+        if (GetObjectId(input, &idx, &oid, sz) < 0) {
+            WOLFSSL_MSG("\tfail: OBJECT ID");
+            return ASN_PARSE_E;
+        }
+
+        /* check for critical flag */
+        critical = 0;
+        if (input[idx] == ASN_BOOLEAN) {
+            int boolLength = 0;
+            idx++;
+            if (GetLength(input, &idx, &boolLength, sz) < 0) {
+                WOLFSSL_MSG("\tfail: critical boolean length");
+                return ASN_PARSE_E;
+            }
+            if (input[idx++])
+                critical = 1;
+        }
+
+        /* process the extension based on the OID */
+        if (input[idx++] != ASN_OCTET_STRING) {
+            WOLFSSL_MSG("\tfail: should be an OCTET STRING");
+            return ASN_PARSE_E;
+        }
+
+        if (GetLength(input, &idx, &length, sz) < 0) {
+            WOLFSSL_MSG("\tfail: extension data length");
+            return ASN_PARSE_E;
+        }
+
+        switch (oid) {
+            case BASIC_CA_OID:
+                #ifdef OPENSSL_EXTRA
+                    cert->extBasicConstSet = 1;
+                    cert->extBasicConstCrit = critical;
+                #endif
+                if (DecodeBasicCaConstraint(&input[idx], length, cert) < 0)
+                    return ASN_PARSE_E;
+                break;
+
+            case CRL_DIST_OID:
+                if (DecodeCrlDist(&input[idx], length, cert) < 0)
+                    return ASN_PARSE_E;
+                break;
+
+            case AUTH_INFO_OID:
+                if (DecodeAuthInfo(&input[idx], length, cert) < 0)
+                    return ASN_PARSE_E;
+                break;
+
+            case ALT_NAMES_OID:
+                #ifdef OPENSSL_EXTRA
+                    cert->extSubjAltNameSet = 1;
+                    cert->extSubjAltNameCrit = critical;
+                #endif
+                if (DecodeAltNames(&input[idx], length, cert) < 0)
+                    return ASN_PARSE_E;
+                break;
+
+            case AUTH_KEY_OID:
+                cert->extAuthKeyIdSet = 1;
+                #ifdef OPENSSL_EXTRA
+                    cert->extAuthKeyIdCrit = critical;
+                #endif
+                if (DecodeAuthKeyId(&input[idx], length, cert) < 0)
+                    return ASN_PARSE_E;
+                break;
+
+            case SUBJ_KEY_OID:
+                cert->extSubjKeyIdSet = 1;
+                #ifdef OPENSSL_EXTRA
+                    cert->extSubjKeyIdCrit = critical;
+                #endif
+                if (DecodeSubjKeyId(&input[idx], length, cert) < 0)
+                    return ASN_PARSE_E;
+                break;
+
+            case CERT_POLICY_OID:
+                WOLFSSL_MSG("Certificate Policy extension not supported yet.");
+                #ifdef WOLFSSL_SEP
+                    #ifdef OPENSSL_EXTRA
+                        cert->extCertPolicySet = 1;
+                        cert->extCertPolicyCrit = critical;
+                    #endif
+                    if (DecodeCertPolicy(&input[idx], length, cert) < 0)
+                        return ASN_PARSE_E;
+                #endif
+                break;
+
+            case KEY_USAGE_OID:
+                cert->extKeyUsageSet = 1;
+                #ifdef OPENSSL_EXTRA
+                    cert->extKeyUsageCrit = critical;
+                #endif
+                if (DecodeKeyUsage(&input[idx], length, cert) < 0)
+                    return ASN_PARSE_E;
+                break;
+
+            case EXT_KEY_USAGE_OID:
+                cert->extExtKeyUsageSet = 1;
+                #ifdef OPENSSL_EXTRA
+                    cert->extExtKeyUsageCrit = critical;
+                #endif
+                if (DecodeExtKeyUsage(&input[idx], length, cert) < 0)
+                    return ASN_PARSE_E;
+                break;
+
+            #ifndef IGNORE_NAME_CONSTRAINTS
+            case NAME_CONS_OID:
+                cert->extNameConstraintSet = 1;
+                #ifdef OPENSSL_EXTRA
+                    cert->extNameConstraintCrit = critical;
+                #endif
+                if (DecodeNameConstraints(&input[idx], length, cert) < 0)
+                    return ASN_PARSE_E;
+                break;
+            #endif /* IGNORE_NAME_CONSTRAINTS */
+
+            case INHIBIT_ANY_OID:
+                WOLFSSL_MSG("Inhibit anyPolicy extension not supported yet.");
+                break;
+
+            default:
+                /* While it is a failure to not support critical extensions,
+                 * still parse the certificate ignoring the unsupported
+                 * extention to allow caller to accept it with the verify
+                 * callback. */
+                if (critical)
+                    criticalFail = 1;
+                break;
+        }
+        idx += length;
+    }
+
+    return criticalFail ? ASN_CRIT_EXT_E : 0;
+}
+
+
+int ParseCert(DecodedCert* cert, int type, int verify, void* cm)
+{
+    int   ret;
+    char* ptr;
+
+    ret = ParseCertRelative(cert, type, verify, cm);
+    if (ret < 0)
+        return ret;
+
+    if (cert->subjectCNLen > 0) {
+        ptr = (char*) XMALLOC(cert->subjectCNLen + 1, cert->heap,
+                              DYNAMIC_TYPE_SUBJECT_CN);
+        if (ptr == NULL)
+            return MEMORY_E;
+        XMEMCPY(ptr, cert->subjectCN, cert->subjectCNLen);
+        ptr[cert->subjectCNLen] = '\0';
+        cert->subjectCN = ptr;
+        cert->subjectCNStored = 1;
+    }
+
+    if (cert->keyOID == RSAk &&
+                          cert->publicKey != NULL  && cert->pubKeySize > 0) {
+        ptr = (char*) XMALLOC(cert->pubKeySize, cert->heap,
+                              DYNAMIC_TYPE_PUBLIC_KEY);
+        if (ptr == NULL)
+            return MEMORY_E;
+        XMEMCPY(ptr, cert->publicKey, cert->pubKeySize);
+        cert->publicKey = (byte *)ptr;
+        cert->pubKeyStored = 1;
+    }
+
+    return ret;
+}
+
+
+/* from SSL proper, for locking can't do find here anymore */
+#ifdef __cplusplus
+    extern "C" {
+#endif
+    WOLFSSL_LOCAL Signer* GetCA(void* signers, byte* hash);
+    #ifndef NO_SKID
+        WOLFSSL_LOCAL Signer* GetCAByName(void* signers, byte* hash);
+    #endif
+#ifdef __cplusplus
+    } 
+#endif
+
+
+int ParseCertRelative(DecodedCert* cert, int type, int verify, void* cm)
+{
+    word32 confirmOID;
+    int    ret;
+    int    badDate     = 0;
+    int    criticalExt = 0;
+
+    if ((ret = DecodeToKey(cert, verify)) < 0) {
+        if (ret == ASN_BEFORE_DATE_E || ret == ASN_AFTER_DATE_E)
+            badDate = ret;
+        else
+            return ret;
+    }
+
+    WOLFSSL_MSG("Parsed Past Key");
+
+    if (cert->srcIdx < cert->sigIndex) {
+        #ifndef ALLOW_V1_EXTENSIONS
+            if (cert->version < 2) {
+                WOLFSSL_MSG("    v1 and v2 certs not allowed extensions");
+                return ASN_VERSION_E;
+            }
+        #endif
+        /* save extensions */
+        cert->extensions    = &cert->source[cert->srcIdx];
+        cert->extensionsSz  =  cert->sigIndex - cert->srcIdx;
+        cert->extensionsIdx = cert->srcIdx;   /* for potential later use */
+
+        if ((ret = DecodeCertExtensions(cert)) < 0) {
+            if (ret == ASN_CRIT_EXT_E)
+                criticalExt = ret;
+            else
+                return ret;
+        }
+
+        /* advance past extensions */
+        cert->srcIdx =  cert->sigIndex;
+    }
+
+    if ((ret = GetAlgoId(cert->source, &cert->srcIdx, &confirmOID,
+                         cert->maxIdx)) < 0)
+        return ret;
+
+    if ((ret = GetSignature(cert)) < 0)
+        return ret;
+
+    if (confirmOID != cert->signatureOID)
+        return ASN_SIG_OID_E;
+
+    #ifndef NO_SKID
+        if (cert->extSubjKeyIdSet == 0
+                          && cert->publicKey != NULL && cert->pubKeySize > 0) {
+            Sha sha;
+            ret = wc_InitSha(&sha);
+            if (ret != 0)
+                return ret;
+            wc_ShaUpdate(&sha, cert->publicKey, cert->pubKeySize);
+            wc_ShaFinal(&sha, cert->extSubjKeyId);
+        }
+    #endif
+
+    if (verify && type != CA_TYPE) {
+        Signer* ca = NULL;
+        #ifndef NO_SKID
+            if (cert->extAuthKeyIdSet)
+                ca = GetCA(cm, cert->extAuthKeyId);
+            if (ca == NULL)
+                ca = GetCAByName(cm, cert->issuerHash);
+        #else /* NO_SKID */
+            ca = GetCA(cm, cert->issuerHash);
+        #endif /* NO SKID */
+        WOLFSSL_MSG("About to verify certificate signature");
+ 
+        if (ca) {
+#ifdef HAVE_OCSP
+            /* Need the ca's public key hash for OCSP */
+            {
+                Sha sha;
+                ret = wc_InitSha(&sha);
+                if (ret != 0)
+                    return ret;
+                wc_ShaUpdate(&sha, ca->publicKey, ca->pubKeySize);
+                wc_ShaFinal(&sha, cert->issuerKeyHash);
+            }
+#endif /* HAVE_OCSP */
+            /* try to confirm/verify signature */
+            if (!ConfirmSignature(cert->source + cert->certBegin,
+                        cert->sigIndex - cert->certBegin,
+                    ca->publicKey, ca->pubKeySize, ca->keyOID,
+                    cert->signature, cert->sigLength, cert->signatureOID,
+                    cert->heap)) {
+                WOLFSSL_MSG("Confirm signature failed");
+                return ASN_SIG_CONFIRM_E;
+            }
+#ifndef IGNORE_NAME_CONSTRAINTS
+            /* check that this cert's name is permitted by the signer's
+             * name constraints */
+            if (!ConfirmNameConstraints(ca, cert)) {
+                WOLFSSL_MSG("Confirm name constraint failed");
+                return ASN_NAME_INVALID_E;
+            }
+#endif /* IGNORE_NAME_CONSTRAINTS */
+        }
+        else {
+            /* no signer */
+            WOLFSSL_MSG("No CA signer to verify with");
+            return ASN_NO_SIGNER_E;
+        }
+    }
+
+    if (badDate != 0)
+        return badDate;
+
+    if (criticalExt != 0)
+        return criticalExt;
+
+    return 0;
+}
+
+
+/* Create and init an new signer */
+Signer* MakeSigner(void* heap)
+{
+    Signer* signer = (Signer*) XMALLOC(sizeof(Signer), heap,
+                                       DYNAMIC_TYPE_SIGNER);
+    if (signer) {
+        signer->pubKeySize = 0;
+        signer->keyOID     = 0;
+        signer->publicKey  = NULL;
+        signer->nameLen    = 0;
+        signer->name       = NULL;
+        #ifndef IGNORE_NAME_CONSTRAINTS
+            signer->permittedNames = NULL;
+            signer->excludedNames = NULL;
+        #endif /* IGNORE_NAME_CONSTRAINTS */
+        signer->next       = NULL;
+    }
+    (void)heap;
+
+    return signer;
+}
+
+
+/* Free an individual signer */
+void FreeSigner(Signer* signer, void* heap)
+{
+    XFREE(signer->name, heap, DYNAMIC_TYPE_SUBJECT_CN);
+    XFREE(signer->publicKey, heap, DYNAMIC_TYPE_PUBLIC_KEY);
+    #ifndef IGNORE_NAME_CONSTRAINTS
+        if (signer->permittedNames)
+            FreeNameSubtrees(signer->permittedNames, heap);
+        if (signer->excludedNames)
+            FreeNameSubtrees(signer->excludedNames, heap);
+    #endif
+    XFREE(signer, heap, DYNAMIC_TYPE_SIGNER);
+
+    (void)heap;
+}
+
+
+/* Free the whole singer table with number of rows */
+void FreeSignerTable(Signer** table, int rows, void* heap)
+{
+    int i;
+
+    for (i = 0; i < rows; i++) {
+        Signer* signer = table[i];
+        while (signer) {
+            Signer* next = signer->next;
+            FreeSigner(signer, heap);
+            signer = next;
+        }
+        table[i] = NULL;
+    }
+}
+
+
+WOLFSSL_LOCAL int SetMyVersion(word32 version, byte* output, int header)
+{
+    int i = 0;
+
+    if (header) {
+        output[i++] = ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED;
+        output[i++] = ASN_BIT_STRING;
+    }
+    output[i++] = ASN_INTEGER;
+    output[i++] = 0x01;
+    output[i++] = (byte)version;
+
+    return i;
+}
+
+
+WOLFSSL_LOCAL int SetSerialNumber(const byte* sn, word32 snSz, byte* output)
+{
+    int result = 0;
+
+    WOLFSSL_ENTER("SetSerialNumber");
+
+    if (snSz <= EXTERNAL_SERIAL_SIZE) {
+        output[0] = ASN_INTEGER;
+        /* The serial number is always positive. When encoding the
+         * INTEGER, if the MSB is 1, add a padding zero to keep the
+         * number positive. */
+        if (sn[0] & 0x80) {
+            output[1] = (byte)snSz + 1;
+            output[2] = 0;
+            XMEMCPY(&output[3], sn, snSz);
+            result = snSz + 3;
+        }
+        else {
+            output[1] = (byte)snSz;
+            XMEMCPY(&output[2], sn, snSz);
+            result = snSz + 2;
+        }
+    }
+    return result;
+}
+
+
+
+
+#if defined(WOLFSSL_KEY_GEN) || defined(WOLFSSL_CERT_GEN)
+
+/* convert der buffer to pem into output, can't do inplace, der and output
+   need to be different */
+int wc_DerToPem(const byte* der, word32 derSz, byte* output, word32 outSz,
+             int type)
+{
+#ifdef WOLFSSL_SMALL_STACK
+    char* header = NULL;
+    char* footer = NULL;
+#else
+    char header[80];
+    char footer[80];
+#endif
+
+    int headerLen = 80;
+    int footerLen = 80;
+    int i;
+    int err;
+    int outLen;   /* return length or error */
+
+    if (der == output)      /* no in place conversion */
+        return BAD_FUNC_ARG;
+
+#ifdef WOLFSSL_SMALL_STACK
+    header = (char*)XMALLOC(headerLen, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    if (header == NULL)
+        return MEMORY_E;
+    
+    footer = (char*)XMALLOC(footerLen, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    if (footer == NULL) {
+        XFREE(header, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        return MEMORY_E;
+    }
+#endif
+
+    if (type == CERT_TYPE) {
+        XSTRNCPY(header, "-----BEGIN CERTIFICATE-----\n", headerLen);
+        XSTRNCPY(footer, "-----END CERTIFICATE-----\n",   footerLen);
+    }
+    else if (type == PRIVATEKEY_TYPE) {
+        XSTRNCPY(header, "-----BEGIN RSA PRIVATE KEY-----\n", headerLen);
+        XSTRNCPY(footer, "-----END RSA PRIVATE KEY-----\n",   footerLen);
+    }
+    #ifdef HAVE_ECC
+    else if (type == ECC_PRIVATEKEY_TYPE) {
+        XSTRNCPY(header, "-----BEGIN EC PRIVATE KEY-----\n", headerLen);
+        XSTRNCPY(footer, "-----END EC PRIVATE KEY-----\n",   footerLen);
+    }
+    #endif
+    #ifdef WOLFSSL_CERT_REQ
+    else if (type == CERTREQ_TYPE)
+    {
+        XSTRNCPY(header,
+                       "-----BEGIN CERTIFICATE REQUEST-----\n", headerLen);
+        XSTRNCPY(footer, "-----END CERTIFICATE REQUEST-----\n", footerLen);
+    }
+    #endif
+    else {
+#ifdef WOLFSSL_SMALL_STACK
+        XFREE(header, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        XFREE(footer, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+        return BAD_FUNC_ARG;
+    }
+
+    headerLen = (int)XSTRLEN(header);
+    footerLen = (int)XSTRLEN(footer);
+
+    if (!der || !output) {
+#ifdef WOLFSSL_SMALL_STACK
+        XFREE(header, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        XFREE(footer, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+        return BAD_FUNC_ARG;
+    }
+
+    /* don't even try if outSz too short */
+    if (outSz < headerLen + footerLen + derSz) {
+#ifdef WOLFSSL_SMALL_STACK
+        XFREE(header, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        XFREE(footer, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+        return BAD_FUNC_ARG;
+    }
+
+    /* header */
+    XMEMCPY(output, header, headerLen);
+    i = headerLen;
+
+#ifdef WOLFSSL_SMALL_STACK
+    XFREE(header, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+
+    /* body */
+    outLen = outSz - (headerLen + footerLen);  /* input to Base64_Encode */
+    if ( (err = Base64_Encode(der, derSz, output + i, (word32*)&outLen)) < 0) {
+#ifdef WOLFSSL_SMALL_STACK
+        XFREE(footer, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+        return err;
+    }
+    i += outLen;
+
+    /* footer */
+    if ( (i + footerLen) > (int)outSz) {
+#ifdef WOLFSSL_SMALL_STACK
+        XFREE(footer, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+        return BAD_FUNC_ARG;
+    }
+    XMEMCPY(output + i, footer, footerLen);
+
+#ifdef WOLFSSL_SMALL_STACK
+    XFREE(footer, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+
+    return outLen + headerLen + footerLen;
+}
+
+
+#endif /* WOLFSSL_KEY_GEN || WOLFSSL_CERT_GEN */
+
+
+#if defined(WOLFSSL_KEY_GEN) && !defined(NO_RSA)
+
+
+static mp_int* GetRsaInt(RsaKey* key, int idx)
+{
+    if (idx == 0)
+        return &key->n;
+    if (idx == 1)
+        return &key->e;
+    if (idx == 2)
+        return &key->d;
+    if (idx == 3)
+        return &key->p;
+    if (idx == 4)
+        return &key->q;
+    if (idx == 5)
+        return &key->dP;
+    if (idx == 6)
+        return &key->dQ;
+    if (idx == 7)
+        return &key->u;
+
+    return NULL;
+}
+
+
+/* Release Tmp RSA resources */
+static INLINE void FreeTmpRsas(byte** tmps, void* heap)
+{
+    int i;
+
+    (void)heap;
+
+    for (i = 0; i < RSA_INTS; i++) 
+        XFREE(tmps[i], heap, DYNAMIC_TYPE_RSA);
+}
+
+
+/* Convert RsaKey key to DER format, write to output (inLen), return bytes
+   written */
+int wc_RsaKeyToDer(RsaKey* key, byte* output, word32 inLen)
+{
+    word32 seqSz, verSz, rawLen, intTotalLen = 0;
+    word32 sizes[RSA_INTS];
+    int    i, j, outLen, ret = 0;
+
+    byte  seq[MAX_SEQ_SZ];
+    byte  ver[MAX_VERSION_SZ];
+    byte* tmps[RSA_INTS];
+
+    if (!key || !output)
+        return BAD_FUNC_ARG;
+
+    if (key->type != RSA_PRIVATE)
+        return BAD_FUNC_ARG;
+
+    for (i = 0; i < RSA_INTS; i++)
+        tmps[i] = NULL;
+
+    /* write all big ints from key to DER tmps */
+    for (i = 0; i < RSA_INTS; i++) {
+        mp_int* keyInt = GetRsaInt(key, i);
+        rawLen = mp_unsigned_bin_size(keyInt);
+        tmps[i] = (byte*)XMALLOC(rawLen + MAX_SEQ_SZ, key->heap,
+                                 DYNAMIC_TYPE_RSA);
+        if (tmps[i] == NULL) {
+            ret = MEMORY_E;
+            break;
+        }
+
+        tmps[i][0] = ASN_INTEGER;
+        sizes[i] = SetLength(rawLen, tmps[i] + 1) + 1;  /* int tag */
+
+        if (sizes[i] <= MAX_SEQ_SZ) {
+            int err = mp_to_unsigned_bin(keyInt, tmps[i] + sizes[i]);
+            if (err == MP_OKAY) {
+                sizes[i] += rawLen;
+                intTotalLen += sizes[i];
+            }
+            else {
+                ret = err;
+                break;
+            }
+        }
+        else {
+            ret = ASN_INPUT_E;
+            break;
+        }
+    }
+
+    if (ret != 0) {
+        FreeTmpRsas(tmps, key->heap);
+        return ret;
+    }
+
+    /* make headers */
+    verSz = SetMyVersion(0, ver, FALSE);
+    seqSz = SetSequence(verSz + intTotalLen, seq);
+
+    outLen = seqSz + verSz + intTotalLen;
+    if (outLen > (int)inLen)
+        return BAD_FUNC_ARG;
+
+    /* write to output */
+    XMEMCPY(output, seq, seqSz);
+    j = seqSz;
+    XMEMCPY(output + j, ver, verSz);
+    j += verSz;
+
+    for (i = 0; i < RSA_INTS; i++) {
+        XMEMCPY(output + j, tmps[i], sizes[i]);
+        j += sizes[i];
+    }
+    FreeTmpRsas(tmps, key->heap);
+
+    return outLen;
+}
+
+#endif /* WOLFSSL_KEY_GEN && !NO_RSA */
+
+
+#if defined(WOLFSSL_CERT_GEN) && !defined(NO_RSA)
+
+
+#ifndef min
+
+    static INLINE word32 min(word32 a, word32 b)
+    {
+        return a > b ? b : a;
+    }
+
+#endif /* min */
+
+
+/* Initialize and Set Certficate defaults:
+   version    = 3 (0x2)
+   serial     = 0
+   sigType    = SHA_WITH_RSA
+   issuer     = blank
+   daysValid  = 500
+   selfSigned = 1 (true) use subject as issuer
+   subject    = blank
+*/
+void wc_InitCert(Cert* cert)
+{
+    cert->version    = 2;   /* version 3 is hex 2 */
+    cert->sigType    = CTC_SHAwRSA;
+    cert->daysValid  = 500;
+    cert->selfSigned = 1;
+    cert->isCA       = 0;
+    cert->bodySz     = 0;
+#ifdef WOLFSSL_ALT_NAMES
+    cert->altNamesSz   = 0;
+    cert->beforeDateSz = 0;
+    cert->afterDateSz  = 0;
+#endif
+    cert->keyType    = RSA_KEY;
+    XMEMSET(cert->serial, 0, CTC_SERIAL_SIZE);
+
+    cert->issuer.country[0] = '\0';
+    cert->issuer.countryEnc = CTC_PRINTABLE;
+    cert->issuer.state[0] = '\0';
+    cert->issuer.stateEnc = CTC_UTF8;
+    cert->issuer.locality[0] = '\0';
+    cert->issuer.localityEnc = CTC_UTF8;
+    cert->issuer.sur[0] = '\0';
+    cert->issuer.surEnc = CTC_UTF8;
+    cert->issuer.org[0] = '\0';
+    cert->issuer.orgEnc = CTC_UTF8;
+    cert->issuer.unit[0] = '\0';
+    cert->issuer.unitEnc = CTC_UTF8;
+    cert->issuer.commonName[0] = '\0';
+    cert->issuer.commonNameEnc = CTC_UTF8;
+    cert->issuer.email[0] = '\0';
+
+    cert->subject.country[0] = '\0';
+    cert->subject.countryEnc = CTC_PRINTABLE;
+    cert->subject.state[0] = '\0';
+    cert->subject.stateEnc = CTC_UTF8;
+    cert->subject.locality[0] = '\0';
+    cert->subject.localityEnc = CTC_UTF8;
+    cert->subject.sur[0] = '\0';
+    cert->subject.surEnc = CTC_UTF8;
+    cert->subject.org[0] = '\0';
+    cert->subject.orgEnc = CTC_UTF8;
+    cert->subject.unit[0] = '\0';
+    cert->subject.unitEnc = CTC_UTF8;
+    cert->subject.commonName[0] = '\0';
+    cert->subject.commonNameEnc = CTC_UTF8;
+    cert->subject.email[0] = '\0';
+
+#ifdef WOLFSSL_CERT_REQ
+    cert->challengePw[0] ='\0';
+#endif
+}
+
+
+/* DER encoded x509 Certificate */
+typedef struct DerCert {
+    byte size[MAX_LENGTH_SZ];          /* length encoded */
+    byte version[MAX_VERSION_SZ];      /* version encoded */
+    byte serial[CTC_SERIAL_SIZE + MAX_LENGTH_SZ]; /* serial number encoded */
+    byte sigAlgo[MAX_ALGO_SZ];         /* signature algo encoded */
+    byte issuer[ASN_NAME_MAX];         /* issuer  encoded */
+    byte subject[ASN_NAME_MAX];        /* subject encoded */
+    byte validity[MAX_DATE_SIZE*2 + MAX_SEQ_SZ*2];  /* before and after dates */
+    byte publicKey[MAX_PUBLIC_KEY_SZ]; /* rsa / ntru public key encoded */
+    byte ca[MAX_CA_SZ];                /* basic constraint CA true size */
+    byte extensions[MAX_EXTENSIONS_SZ];  /* all extensions */
+#ifdef WOLFSSL_CERT_REQ
+    byte attrib[MAX_ATTRIB_SZ];        /* Cert req attributes encoded */
+#endif
+    int  sizeSz;                       /* encoded size length */
+    int  versionSz;                    /* encoded version length */
+    int  serialSz;                     /* encoded serial length */
+    int  sigAlgoSz;                    /* enocded sig alog length */
+    int  issuerSz;                     /* encoded issuer length */
+    int  subjectSz;                    /* encoded subject length */
+    int  validitySz;                   /* encoded validity length */
+    int  publicKeySz;                  /* encoded public key length */
+    int  caSz;                         /* encoded CA extension length */
+    int  extensionsSz;                 /* encoded extensions total length */
+    int  total;                        /* total encoded lengths */
+#ifdef WOLFSSL_CERT_REQ
+    int  attribSz;
+#endif
+} DerCert;
+
+
+#ifdef WOLFSSL_CERT_REQ
+
+/* Write a set header to output */
+static word32 SetUTF8String(word32 len, byte* output)
+{
+    output[0] = ASN_UTF8STRING;
+    return SetLength(len, output + 1) + 1;
+}
+
+#endif /* WOLFSSL_CERT_REQ */
+
+
+/* Write a serial number to output */
+static int SetSerial(const byte* serial, byte* output)
+{
+    int length = 0;
+
+    output[length++] = ASN_INTEGER;
+    length += SetLength(CTC_SERIAL_SIZE, &output[length]);
+    XMEMCPY(&output[length], serial, CTC_SERIAL_SIZE);
+
+    return length + CTC_SERIAL_SIZE;
+}
+
+
+#ifdef HAVE_ECC 
+
+
+/* Write a public ECC key to output */
+static int SetEccPublicKey(byte* output, ecc_key* key)
+{
+    byte len[MAX_LENGTH_SZ + 1];  /* trailing 0 */
+    int  algoSz;
+    int  curveSz;
+    int  lenSz;
+    int  idx;
+    word32 pubSz = ECC_BUFSIZE;
+#ifdef WOLFSSL_SMALL_STACK
+    byte* algo = NULL;
+    byte* curve = NULL;
+    byte* pub = NULL;
+#else
+    byte algo[MAX_ALGO_SZ];
+    byte curve[MAX_ALGO_SZ];
+    byte pub[ECC_BUFSIZE];
+#endif
+
+#ifdef WOLFSSL_SMALL_STACK
+    pub = (byte*)XMALLOC(ECC_BUFSIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    if (pub == NULL)
+        return MEMORY_E;
+#endif
+
+    int ret = wc_ecc_export_x963(key, pub, &pubSz);
+    if (ret != 0) {
+#ifdef WOLFSSL_SMALL_STACK
+        XFREE(pub, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+        return ret;
+    }
+
+#ifdef WOLFSSL_SMALL_STACK
+    curve = (byte*)XMALLOC(MAX_ALGO_SZ, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    if (curve == NULL) {
+        XFREE(pub, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        return MEMORY_E;
+    }
+#endif
+
+    /* headers */
+    curveSz = SetCurve(key, curve);
+    if (curveSz <= 0) {
+#ifdef WOLFSSL_SMALL_STACK
+        XFREE(curve, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        XFREE(pub,   NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+        return curveSz;
+    }
+
+#ifdef WOLFSSL_SMALL_STACK
+    algo = (byte*)XMALLOC(MAX_ALGO_SZ, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    if (algo == NULL) {
+        XFREE(curve, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        XFREE(pub,   NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        return MEMORY_E;
+    }
+#endif
+
+    algoSz  = SetAlgoID(ECDSAk, algo, keyType, curveSz);
+    lenSz   = SetLength(pubSz + 1, len);
+    len[lenSz++] = 0;   /* trailing 0 */
+
+    /* write */
+    idx = SetSequence(pubSz + curveSz + lenSz + 1 + algoSz, output);
+        /* 1 is for ASN_BIT_STRING */
+    /* algo */
+    XMEMCPY(output + idx, algo, algoSz);
+    idx += algoSz;
+    /* curve */
+    XMEMCPY(output + idx, curve, curveSz);
+    idx += curveSz;
+    /* bit string */
+    output[idx++] = ASN_BIT_STRING;
+    /* length */
+    XMEMCPY(output + idx, len, lenSz);
+    idx += lenSz;
+    /* pub */
+    XMEMCPY(output + idx, pub, pubSz);
+    idx += pubSz;
+
+#ifdef WOLFSSL_SMALL_STACK
+    XFREE(algo,  NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    XFREE(curve, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    XFREE(pub,   NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+
+    return idx;
+}
+
+
+#endif /* HAVE_ECC */
+
+
+/* Write a public RSA key to output */
+static int SetRsaPublicKey(byte* output, RsaKey* key)
+{
+#ifdef WOLFSSL_SMALL_STACK
+    byte* n = NULL;
+    byte* e = NULL;
+    byte* algo = NULL;
+#else
+    byte n[MAX_RSA_INT_SZ];
+    byte e[MAX_RSA_E_SZ];
+    byte algo[MAX_ALGO_SZ];
+#endif
+    byte seq[MAX_SEQ_SZ];
+    byte len[MAX_LENGTH_SZ + 1];  /* trailing 0 */
+    int  nSz;
+    int  eSz;
+    int  algoSz;
+    int  seqSz;
+    int  lenSz;
+    int  idx;
+    int  rawLen;
+    int  leadingBit;
+    int  err;
+
+    /* n */
+#ifdef WOLFSSL_SMALL_STACK
+    n = (byte*)XMALLOC(MAX_RSA_INT_SZ, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    if (n == NULL)
+        return MEMORY_E;
+#endif
+
+    leadingBit = mp_leading_bit(&key->n);
+    rawLen = mp_unsigned_bin_size(&key->n) + leadingBit;
+    n[0] = ASN_INTEGER;
+    nSz  = SetLength(rawLen, n + 1) + 1;  /* int tag */
+
+    if ( (nSz + rawLen) < MAX_RSA_INT_SZ) {
+        if (leadingBit)
+            n[nSz] = 0;
+        err = mp_to_unsigned_bin(&key->n, n + nSz + leadingBit);
+        if (err == MP_OKAY)
+            nSz += rawLen;
+        else {
+#ifdef WOLFSSL_SMALL_STACK
+            XFREE(n, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+            return MP_TO_E;
+        }
+    }
+    else {
+#ifdef WOLFSSL_SMALL_STACK
+        XFREE(n, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+        return BUFFER_E;
+    }
+
+    /* e */
+#ifdef WOLFSSL_SMALL_STACK
+    e = (byte*)XMALLOC(MAX_RSA_E_SZ, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    if (e == NULL) {
+#ifdef WOLFSSL_SMALL_STACK
+        XFREE(n, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+        return MEMORY_E;
+    }
+#endif
+
+    leadingBit = mp_leading_bit(&key->e);
+    rawLen = mp_unsigned_bin_size(&key->e) + leadingBit;
+    e[0] = ASN_INTEGER;
+    eSz  = SetLength(rawLen, e + 1) + 1;  /* int tag */
+
+    if ( (eSz + rawLen) < MAX_RSA_E_SZ) {
+        if (leadingBit)
+            e[eSz] = 0;
+        err = mp_to_unsigned_bin(&key->e, e + eSz + leadingBit);
+        if (err == MP_OKAY)
+            eSz += rawLen;
+        else {
+#ifdef WOLFSSL_SMALL_STACK
+            XFREE(n, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+            XFREE(e, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+            return MP_TO_E;
+        }
+    }
+    else {
+#ifdef WOLFSSL_SMALL_STACK
+        XFREE(n, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        XFREE(e, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+        return BUFFER_E;
+    }
+
+#ifdef WOLFSSL_SMALL_STACK
+    algo = (byte*)XMALLOC(MAX_ALGO_SZ, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    if (algo == NULL) {
+        XFREE(n, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        XFREE(e, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        return MEMORY_E;
+    }
+#endif
+
+    /* headers */
+    algoSz = SetAlgoID(RSAk, algo, keyType, 0);
+    seqSz  = SetSequence(nSz + eSz, seq);
+    lenSz  = SetLength(seqSz + nSz + eSz + 1, len);
+    len[lenSz++] = 0;   /* trailing 0 */
+
+    /* write */
+    idx = SetSequence(nSz + eSz + seqSz + lenSz + 1 + algoSz, output);
+        /* 1 is for ASN_BIT_STRING */
+    /* algo */
+    XMEMCPY(output + idx, algo, algoSz);
+    idx += algoSz;
+    /* bit string */
+    output[idx++] = ASN_BIT_STRING;
+    /* length */
+    XMEMCPY(output + idx, len, lenSz);
+    idx += lenSz;
+    /* seq */
+    XMEMCPY(output + idx, seq, seqSz);
+    idx += seqSz;
+    /* n */
+    XMEMCPY(output + idx, n, nSz);
+    idx += nSz;
+    /* e */
+    XMEMCPY(output + idx, e, eSz);
+    idx += eSz;
+
+#ifdef WOLFSSL_SMALL_STACK
+    XFREE(n,    NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    XFREE(e,    NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    XFREE(algo, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+
+    return idx;
+}
+
+
+static INLINE byte itob(int number)
+{
+    return (byte)number + 0x30;
+}
+
+
+/* write time to output, format */
+static void SetTime(struct tm* date, byte* output)
+{
+    int i = 0;
+
+    output[i++] = itob((date->tm_year % 10000) / 1000);
+    output[i++] = itob((date->tm_year % 1000)  /  100);
+    output[i++] = itob((date->tm_year % 100)   /   10);
+    output[i++] = itob( date->tm_year % 10);
+
+    output[i++] = itob(date->tm_mon / 10);
+    output[i++] = itob(date->tm_mon % 10);
+
+    output[i++] = itob(date->tm_mday / 10);
+    output[i++] = itob(date->tm_mday % 10);
+
+    output[i++] = itob(date->tm_hour / 10);
+    output[i++] = itob(date->tm_hour % 10);
+
+    output[i++] = itob(date->tm_min / 10);
+    output[i++] = itob(date->tm_min % 10);
+
+    output[i++] = itob(date->tm_sec / 10);
+    output[i++] = itob(date->tm_sec % 10);
+    
+    output[i] = 'Z';  /* Zulu profile */
+}
+
+
+#ifdef WOLFSSL_ALT_NAMES
+
+/* Copy Dates from cert, return bytes written */
+static int CopyValidity(byte* output, Cert* cert)
+{
+    int seqSz;
+
+    WOLFSSL_ENTER("CopyValidity");
+
+    /* headers and output */
+    seqSz = SetSequence(cert->beforeDateSz + cert->afterDateSz, output);
+    XMEMCPY(output + seqSz, cert->beforeDate, cert->beforeDateSz);
+    XMEMCPY(output + seqSz + cert->beforeDateSz, cert->afterDate,
+                                                 cert->afterDateSz);
+    return seqSz + cert->beforeDateSz + cert->afterDateSz;
+}
+
+#endif
+
+
+/* Set Date validity from now until now + daysValid */
+static int SetValidity(byte* output, int daysValid)
+{
+    byte before[MAX_DATE_SIZE];
+    byte  after[MAX_DATE_SIZE];
+
+    int beforeSz;
+    int afterSz;
+    int seqSz;
+
+    time_t     ticks;
+    struct tm* now;
+    struct tm  local;
+
+    ticks = XTIME(0);
+    now   = XGMTIME(&ticks);
+
+    /* before now */
+    local = *now;
+    before[0] = ASN_GENERALIZED_TIME;
+    beforeSz  = SetLength(ASN_GEN_TIME_SZ, before + 1) + 1;  /* gen tag */
+
+    /* subtract 1 day for more compliance */
+    local.tm_mday -= 1;
+    mktime(&local);
+
+    /* adjust */
+    local.tm_year += 1900;
+    local.tm_mon  +=    1;
+
+    SetTime(&local, before + beforeSz);
+    beforeSz += ASN_GEN_TIME_SZ;
+    
+    /* after now + daysValid */
+    local = *now;
+    after[0] = ASN_GENERALIZED_TIME;
+    afterSz  = SetLength(ASN_GEN_TIME_SZ, after + 1) + 1;  /* gen tag */
+
+    /* add daysValid */
+    local.tm_mday += daysValid;
+    mktime(&local);
+
+    /* adjust */
+    local.tm_year += 1900;
+    local.tm_mon  +=    1;
+
+    SetTime(&local, after + afterSz);
+    afterSz += ASN_GEN_TIME_SZ;
+
+    /* headers and output */
+    seqSz = SetSequence(beforeSz + afterSz, output);
+    XMEMCPY(output + seqSz, before, beforeSz);
+    XMEMCPY(output + seqSz + beforeSz, after, afterSz);
+
+    return seqSz + beforeSz + afterSz;
+}
+
+
+/* ASN Encoded Name field */
+typedef struct EncodedName {
+    int  nameLen;                /* actual string value length */
+    int  totalLen;               /* total encoded length */
+    int  type;                   /* type of name */
+    int  used;                   /* are we actually using this one */
+    byte encoded[CTC_NAME_SIZE * 2]; /* encoding */
+} EncodedName;
+
+
+/* Get Which Name from index */
+static const char* GetOneName(CertName* name, int idx)
+{
+    switch (idx) {
+    case 0:
+       return name->country;
+
+    case 1:
+       return name->state;
+
+    case 2:
+       return name->locality;
+
+    case 3:
+       return name->sur;
+
+    case 4:
+       return name->org;
+
+    case 5:
+       return name->unit;
+
+    case 6:
+       return name->commonName;
+
+    case 7:
+       return name->email;
+
+    default:
+       return 0;
+    }
+}
+
+
+/* Get Which Name Encoding from index */
+static char GetNameType(CertName* name, int idx)
+{
+    switch (idx) {
+    case 0:
+       return name->countryEnc;
+
+    case 1:
+       return name->stateEnc;
+
+    case 2:
+       return name->localityEnc;
+
+    case 3:
+       return name->surEnc;
+
+    case 4:
+       return name->orgEnc;
+
+    case 5:
+       return name->unitEnc;
+
+    case 6:
+       return name->commonNameEnc;
+
+    default:
+       return 0;
+    }
+}
+
+
+/* Get ASN Name from index */
+static byte GetNameId(int idx)
+{
+    switch (idx) {
+    case 0:
+       return ASN_COUNTRY_NAME;
+
+    case 1:
+       return ASN_STATE_NAME;
+
+    case 2:
+       return ASN_LOCALITY_NAME;
+
+    case 3:
+       return ASN_SUR_NAME;
+
+    case 4:
+       return ASN_ORG_NAME;
+
+    case 5:
+       return ASN_ORGUNIT_NAME;
+
+    case 6:
+       return ASN_COMMON_NAME;
+
+    case 7:
+       /* email uses different id type */
+       return 0;
+
+    default:
+       return 0;
+    }
+}
+
+
+/* encode all extensions, return total bytes written */
+static int SetExtensions(byte* output, const byte* ext, int extSz, int header)
+{
+    byte sequence[MAX_SEQ_SZ];
+    byte len[MAX_LENGTH_SZ];
+
+    int sz = 0;
+    int seqSz = SetSequence(extSz, sequence);
+
+    if (header) {
+        int lenSz = SetLength(seqSz + extSz, len);
+        output[0] = ASN_EXTENSIONS; /* extensions id */
+        sz++;
+        XMEMCPY(&output[sz], len, lenSz);  /* length */
+        sz += lenSz;
+    }
+    XMEMCPY(&output[sz], sequence, seqSz);  /* sequence */
+    sz += seqSz;
+    XMEMCPY(&output[sz], ext, extSz);  /* extensions */
+    sz += extSz;
+
+    return sz;
+}
+
+
+/* encode CA basic constraint true, return total bytes written */
+static int SetCa(byte* output)
+{
+    static const byte ca[] = { 0x30, 0x0c, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04,
+                               0x05, 0x30, 0x03, 0x01, 0x01, 0xff };
+    
+    XMEMCPY(output, ca, sizeof(ca));
+
+    return (int)sizeof(ca);
+}
+
+
+/* encode CertName into output, return total bytes written */
+static int SetName(byte* output, CertName* name)
+{
+    int          totalBytes = 0, i, idx;
+#ifdef WOLFSSL_SMALL_STACK
+    EncodedName* names = NULL;
+#else
+    EncodedName  names[NAME_ENTRIES];
+#endif
+
+#ifdef WOLFSSL_SMALL_STACK
+    names = (EncodedName*)XMALLOC(sizeof(EncodedName) * NAME_ENTRIES, NULL,
+                                                       DYNAMIC_TYPE_TMP_BUFFER);
+    if (names == NULL)
+        return MEMORY_E;
+#endif
+
+    for (i = 0; i < NAME_ENTRIES; i++) {
+        const char* nameStr = GetOneName(name, i);
+        if (nameStr) {
+            /* bottom up */
+            byte firstLen[MAX_LENGTH_SZ];
+            byte secondLen[MAX_LENGTH_SZ];
+            byte sequence[MAX_SEQ_SZ];
+            byte set[MAX_SET_SZ];
+
+            int email = i == (NAME_ENTRIES - 1) ? 1 : 0;
+            int strLen  = (int)XSTRLEN(nameStr);
+            int thisLen = strLen;
+            int firstSz, secondSz, seqSz, setSz;
+
+            if (strLen == 0) { /* no user data for this item */
+                names[i].used = 0;
+                continue;
+            }
+
+            secondSz = SetLength(strLen, secondLen);
+            thisLen += secondSz;
+            if (email) {
+                thisLen += EMAIL_JOINT_LEN;
+                thisLen ++;                               /* id type */
+                firstSz  = SetLength(EMAIL_JOINT_LEN, firstLen);
+            }
+            else {
+                thisLen++;                                 /* str type */
+                thisLen++;                                 /* id  type */
+                thisLen += JOINT_LEN;    
+                firstSz = SetLength(JOINT_LEN + 1, firstLen);
+            }
+            thisLen += firstSz;
+            thisLen++;                                /* object id */
+
+            seqSz = SetSequence(thisLen, sequence);
+            thisLen += seqSz;
+            setSz = SetSet(thisLen, set);
+            thisLen += setSz;
+
+            if (thisLen > (int)sizeof(names[i].encoded)) {
+#ifdef WOLFSSL_SMALL_STACK
+                XFREE(names, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+                return BUFFER_E;
+            }
+
+            /* store it */
+            idx = 0;
+            /* set */
+            XMEMCPY(names[i].encoded, set, setSz);
+            idx += setSz;
+            /* seq */
+            XMEMCPY(names[i].encoded + idx, sequence, seqSz);
+            idx += seqSz;
+            /* asn object id */
+            names[i].encoded[idx++] = ASN_OBJECT_ID;
+            /* first length */
+            XMEMCPY(names[i].encoded + idx, firstLen, firstSz);
+            idx += firstSz;
+            if (email) {
+                const byte EMAIL_OID[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d,
+                                           0x01, 0x09, 0x01, 0x16 };
+                /* email joint id */
+                XMEMCPY(names[i].encoded + idx, EMAIL_OID, sizeof(EMAIL_OID));
+                idx += (int)sizeof(EMAIL_OID);
+            }
+            else {
+                /* joint id */
+                byte bType = GetNameId(i);
+                names[i].encoded[idx++] = 0x55;
+                names[i].encoded[idx++] = 0x04;
+                /* id type */
+                names[i].encoded[idx++] = bType; 
+                /* str type */
+                names[i].encoded[idx++] = GetNameType(name, i);
+            }
+            /* second length */
+            XMEMCPY(names[i].encoded + idx, secondLen, secondSz);
+            idx += secondSz;
+            /* str value */
+            XMEMCPY(names[i].encoded + idx, nameStr, strLen);
+            idx += strLen;
+
+            totalBytes += idx;
+            names[i].totalLen = idx;
+            names[i].used = 1;
+        }
+        else
+            names[i].used = 0;
+    }
+
+    /* header */
+    idx = SetSequence(totalBytes, output);
+    totalBytes += idx;
+    if (totalBytes > ASN_NAME_MAX) {
+#ifdef WOLFSSL_SMALL_STACK
+        XFREE(names, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+        return BUFFER_E;
+    }
+
+    for (i = 0; i < NAME_ENTRIES; i++) {
+        if (names[i].used) {
+            XMEMCPY(output + idx, names[i].encoded, names[i].totalLen);
+            idx += names[i].totalLen;
+        }
+    }
+
+#ifdef WOLFSSL_SMALL_STACK
+    XFREE(names, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+
+    return totalBytes;
+}
+
+/* encode info from cert into DER encoded format */
+static int EncodeCert(Cert* cert, DerCert* der, RsaKey* rsaKey, ecc_key* eccKey,
+                      RNG* rng, const byte* ntruKey, word16 ntruSz)
+{
+    int ret;
+
+    (void)eccKey;
+    (void)ntruKey;
+    (void)ntruSz;
+
+    /* init */
+    XMEMSET(der, 0, sizeof(DerCert));
+
+    /* version */
+    der->versionSz = SetMyVersion(cert->version, der->version, TRUE);
+
+    /* serial number */
+    ret = wc_RNG_GenerateBlock(rng, cert->serial, CTC_SERIAL_SIZE);
+    if (ret != 0)
+        return ret;
+
+    cert->serial[0] = 0x01;   /* ensure positive */
+    der->serialSz  = SetSerial(cert->serial, der->serial);
+
+    /* signature algo */
+    der->sigAlgoSz = SetAlgoID(cert->sigType, der->sigAlgo, sigType, 0);
+    if (der->sigAlgoSz == 0)
+        return ALGO_ID_E;
+
+    /* public key */
+    if (cert->keyType == RSA_KEY) {
+        if (rsaKey == NULL)
+            return PUBLIC_KEY_E;
+        der->publicKeySz = SetRsaPublicKey(der->publicKey, rsaKey);
+        if (der->publicKeySz <= 0)
+            return PUBLIC_KEY_E;
+    }
+
+#ifdef HAVE_ECC
+    if (cert->keyType == ECC_KEY) {
+        if (eccKey == NULL)
+            return PUBLIC_KEY_E;
+        der->publicKeySz = SetEccPublicKey(der->publicKey, eccKey);
+        if (der->publicKeySz <= 0)
+            return PUBLIC_KEY_E;
+    }
+#endif /* HAVE_ECC */
+
+#ifdef HAVE_NTRU
+    if (cert->keyType == NTRU_KEY) {
+        word32 rc;
+        word16 encodedSz;
+
+        rc  = ntru_crypto_ntru_encrypt_publicKey2SubjectPublicKeyInfo( ntruSz,
+                                                   ntruKey, &encodedSz, NULL);
+        if (rc != NTRU_OK)
+            return PUBLIC_KEY_E;
+        if (encodedSz > MAX_PUBLIC_KEY_SZ)
+            return PUBLIC_KEY_E;
+
+        rc  = ntru_crypto_ntru_encrypt_publicKey2SubjectPublicKeyInfo( ntruSz,
+                                         ntruKey, &encodedSz, der->publicKey);
+        if (rc != NTRU_OK)
+            return PUBLIC_KEY_E;
+
+        der->publicKeySz = encodedSz;
+    }
+#endif /* HAVE_NTRU */
+
+    der->validitySz = 0;
+#ifdef WOLFSSL_ALT_NAMES
+    /* date validity copy ? */
+    if (cert->beforeDateSz && cert->afterDateSz) {
+        der->validitySz = CopyValidity(der->validity, cert);
+        if (der->validitySz == 0)
+            return DATE_E;
+    }
+#endif
+
+    /* date validity */
+    if (der->validitySz == 0) {
+        der->validitySz = SetValidity(der->validity, cert->daysValid);
+        if (der->validitySz == 0)
+            return DATE_E;
+    }
+
+    /* subject name */
+    der->subjectSz = SetName(der->subject, &cert->subject);
+    if (der->subjectSz == 0)
+        return SUBJECT_E;
+
+    /* issuer name */
+    der->issuerSz = SetName(der->issuer, cert->selfSigned ?
+             &cert->subject : &cert->issuer);
+    if (der->issuerSz == 0)
+        return ISSUER_E;
+
+    /* CA */
+    if (cert->isCA) {
+        der->caSz = SetCa(der->ca);
+        if (der->caSz == 0)
+            return CA_TRUE_E;
+    }
+    else
+        der->caSz = 0;
+
+    /* extensions, just CA now */
+    if (cert->isCA) {
+        der->extensionsSz = SetExtensions(der->extensions,
+                                          der->ca, der->caSz, TRUE);
+        if (der->extensionsSz == 0)
+            return EXTENSIONS_E;
+    }
+    else
+        der->extensionsSz = 0;
+
+#ifdef WOLFSSL_ALT_NAMES
+    if (der->extensionsSz == 0 && cert->altNamesSz) {
+        der->extensionsSz = SetExtensions(der->extensions, cert->altNames,
+                                          cert->altNamesSz, TRUE);
+        if (der->extensionsSz == 0)
+            return EXTENSIONS_E;
+    }
+#endif
+
+    der->total = der->versionSz + der->serialSz + der->sigAlgoSz +
+        der->publicKeySz + der->validitySz + der->subjectSz + der->issuerSz +
+        der->extensionsSz;
+
+    return 0;
+}
+
+
+/* write DER encoded cert to buffer, size already checked */
+static int WriteCertBody(DerCert* der, byte* buffer)
+{
+    int idx;
+
+    /* signed part header */
+    idx = SetSequence(der->total, buffer);
+    /* version */
+    XMEMCPY(buffer + idx, der->version, der->versionSz);
+    idx += der->versionSz;
+    /* serial */
+    XMEMCPY(buffer + idx, der->serial, der->serialSz);
+    idx += der->serialSz;
+    /* sig algo */
+    XMEMCPY(buffer + idx, der->sigAlgo, der->sigAlgoSz);
+    idx += der->sigAlgoSz;
+    /* issuer */
+    XMEMCPY(buffer + idx, der->issuer, der->issuerSz);
+    idx += der->issuerSz;
+    /* validity */
+    XMEMCPY(buffer + idx, der->validity, der->validitySz);
+    idx += der->validitySz;
+    /* subject */
+    XMEMCPY(buffer + idx, der->subject, der->subjectSz);
+    idx += der->subjectSz;
+    /* public key */
+    XMEMCPY(buffer + idx, der->publicKey, der->publicKeySz);
+    idx += der->publicKeySz;
+    if (der->extensionsSz) {
+        /* extensions */
+        XMEMCPY(buffer + idx, der->extensions, min(der->extensionsSz,
+                                                   sizeof(der->extensions)));
+        idx += der->extensionsSz;
+    }
+
+    return idx;
+}
+
+
+/* Make RSA signature from buffer (sz), write to sig (sigSz) */
+static int MakeSignature(const byte* buffer, int sz, byte* sig, int sigSz,
+                         RsaKey* rsaKey, ecc_key* eccKey, RNG* rng,
+                         int sigAlgoType)
+{
+    int encSigSz, digestSz, typeH = 0, ret = 0;
+    byte digest[SHA256_DIGEST_SIZE]; /* max size */
+#ifdef WOLFSSL_SMALL_STACK
+    byte* encSig;
+#else
+    byte encSig[MAX_ENCODED_DIG_SZ + MAX_ALGO_SZ + MAX_SEQ_SZ];
+#endif
+
+    (void)digest;
+    (void)digestSz;
+    (void)encSig;
+    (void)encSigSz;
+    (void)typeH;
+
+    (void)buffer;
+    (void)sz;
+    (void)sig;
+    (void)sigSz;
+    (void)rsaKey;
+    (void)eccKey;
+    (void)rng;
+
+    switch (sigAlgoType) {
+    #ifndef NO_MD5
+        case CTC_MD5wRSA:
+        if ((ret = wc_Md5Hash(buffer, sz, digest)) == 0) {
+            typeH    = MD5h;
+            digestSz = MD5_DIGEST_SIZE;
+        }
+        break;
+    #endif
+    #ifndef NO_SHA
+        case CTC_SHAwRSA:
+        case CTC_SHAwECDSA:
+        if ((ret = wc_ShaHash(buffer, sz, digest)) == 0) {
+            typeH    = SHAh;
+            digestSz = SHA_DIGEST_SIZE;          
+        }
+        break;
+    #endif
+    #ifndef NO_SHA256
+        case CTC_SHA256wRSA:
+        case CTC_SHA256wECDSA:
+        if ((ret = wc_Sha256Hash(buffer, sz, digest)) == 0) {
+            typeH    = SHA256h;
+            digestSz = SHA256_DIGEST_SIZE;
+        }
+        break;
+    #endif
+        default:
+            WOLFSSL_MSG("MakeSignautre called with unsupported type");
+            ret = ALGO_ID_E;
+    }
+    
+    if (ret != 0)
+        return ret;
+    
+#ifdef WOLFSSL_SMALL_STACK
+    encSig = (byte*)XMALLOC(MAX_ENCODED_DIG_SZ + MAX_ALGO_SZ + MAX_SEQ_SZ,
+                                                 NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    if (encSig == NULL)
+        return MEMORY_E;
+#endif
+    
+    ret = ALGO_ID_E;
+    
+#ifndef NO_RSA
+    if (rsaKey) {
+        /* signature */
+        encSigSz = wc_EncodeSignature(encSig, digest, digestSz, typeH);
+        ret = wc_RsaSSL_Sign(encSig, encSigSz, sig, sigSz, rsaKey, rng);
+    }
+#endif
+    
+#ifdef HAVE_ECC
+    if (!rsaKey && eccKey) {
+        word32 outSz = sigSz;
+        ret = wc_ecc_sign_hash(digest, digestSz, sig, &outSz, rng, eccKey);
+
+        if (ret == 0)
+            ret = outSz;
+    }
+#endif
+
+#ifdef WOLFSSL_SMALL_STACK
+    XFREE(encSig, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+
+    return ret;
+}
+
+
+/* add signature to end of buffer, size of buffer assumed checked, return
+   new length */
+static int AddSignature(byte* buffer, int bodySz, const byte* sig, int sigSz,
+                        int sigAlgoType)
+{
+    byte seq[MAX_SEQ_SZ];
+    int  idx = bodySz, seqSz;
+
+    /* algo */
+    idx += SetAlgoID(sigAlgoType, buffer + idx, sigType, 0);
+    /* bit string */
+    buffer[idx++] = ASN_BIT_STRING;
+    /* length */
+    idx += SetLength(sigSz + 1, buffer + idx);
+    buffer[idx++] = 0;   /* trailing 0 */
+    /* signature */
+    XMEMCPY(buffer + idx, sig, sigSz);
+    idx += sigSz;
+
+    /* make room for overall header */
+    seqSz = SetSequence(idx, seq);
+    XMEMMOVE(buffer + seqSz, buffer, idx);
+    XMEMCPY(buffer, seq, seqSz);
+
+    return idx + seqSz;
+}
+
+
+/* Make an x509 Certificate v3 any key type from cert input, write to buffer */
+static int MakeAnyCert(Cert* cert, byte* derBuffer, word32 derSz,
+                       RsaKey* rsaKey, ecc_key* eccKey, RNG* rng,
+                       const byte* ntruKey, word16 ntruSz)
+{
+    int ret;
+#ifdef WOLFSSL_SMALL_STACK
+    DerCert* der;
+#else
+    DerCert der[1];
+#endif
+
+    cert->keyType = eccKey ? ECC_KEY : (rsaKey ? RSA_KEY : NTRU_KEY);
+
+#ifdef WOLFSSL_SMALL_STACK
+    der = (DerCert*)XMALLOC(sizeof(DerCert), NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    if (der == NULL)
+        return MEMORY_E;
+#endif
+
+    ret = EncodeCert(cert, der, rsaKey, eccKey, rng, ntruKey, ntruSz);
+
+    if (ret == 0) {
+        if (der->total + MAX_SEQ_SZ * 2 > (int)derSz)
+            ret = BUFFER_E;
+        else
+            ret = cert->bodySz = WriteCertBody(der, derBuffer);
+    }
+
+#ifdef WOLFSSL_SMALL_STACK
+    XFREE(der, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+
+    return ret;
+}
+
+
+/* Make an x509 Certificate v3 RSA or ECC from cert input, write to buffer */
+int wc_MakeCert(Cert* cert, byte* derBuffer, word32 derSz, RsaKey* rsaKey,
+             ecc_key* eccKey, RNG* rng)
+{
+    return MakeAnyCert(cert, derBuffer, derSz, rsaKey, eccKey, rng, NULL, 0);
+}
+
+
+#ifdef HAVE_NTRU
+
+int wc_MakeNtruCert(Cert* cert, byte* derBuffer, word32 derSz,
+                  const byte* ntruKey, word16 keySz, RNG* rng)
+{
+    return MakeAnyCert(cert, derBuffer, derSz, NULL, NULL, rng, ntruKey, keySz);
+}
+
+#endif /* HAVE_NTRU */
+
+
+#ifdef WOLFSSL_CERT_REQ
+
+static int SetReqAttrib(byte* output, char* pw, int extSz)
+{
+    static const byte cpOid[] =
+        { ASN_OBJECT_ID, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01,
+                         0x09, 0x07 };
+    static const byte erOid[] =
+        { ASN_OBJECT_ID, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01,
+                         0x09, 0x0e };
+
+    int sz      = 0; /* overall size */
+    int cpSz    = 0; /* Challenge Password section size */
+    int cpSeqSz = 0;
+    int cpSetSz = 0;
+    int cpStrSz = 0;
+    int pwSz    = 0;
+    int erSz    = 0; /* Extension Request section size */
+    int erSeqSz = 0;
+    int erSetSz = 0;
+    byte cpSeq[MAX_SEQ_SZ];
+    byte cpSet[MAX_SET_SZ];
+    byte cpStr[MAX_PRSTR_SZ];
+    byte erSeq[MAX_SEQ_SZ];
+    byte erSet[MAX_SET_SZ];
+
+    output[0] = 0xa0;
+    sz++;
+
+    if (pw && pw[0]) {
+        pwSz = (int)XSTRLEN(pw);
+        cpStrSz = SetUTF8String(pwSz, cpStr);
+        cpSetSz = SetSet(cpStrSz + pwSz, cpSet);
+        cpSeqSz = SetSequence(sizeof(cpOid) + cpSetSz + cpStrSz + pwSz, cpSeq);
+        cpSz = cpSeqSz + sizeof(cpOid) + cpSetSz + cpStrSz + pwSz;
+    }
+
+    if (extSz) {
+        erSetSz = SetSet(extSz, erSet);
+        erSeqSz = SetSequence(erSetSz + sizeof(erOid) + extSz, erSeq);
+        erSz = extSz + erSetSz + erSeqSz + sizeof(erOid);
+    }
+
+    /* Put the pieces together. */
+    sz += SetLength(cpSz + erSz, &output[sz]);
+
+    if (cpSz) {
+        XMEMCPY(&output[sz], cpSeq, cpSeqSz);
+        sz += cpSeqSz;
+        XMEMCPY(&output[sz], cpOid, sizeof(cpOid));
+        sz += sizeof(cpOid);
+        XMEMCPY(&output[sz], cpSet, cpSetSz);
+        sz += cpSetSz;
+        XMEMCPY(&output[sz], cpStr, cpStrSz);
+        sz += cpStrSz;
+        XMEMCPY(&output[sz], pw, pwSz);
+        sz += pwSz;
+    }
+
+    if (erSz) {
+        XMEMCPY(&output[sz], erSeq, erSeqSz);
+        sz += erSeqSz;
+        XMEMCPY(&output[sz], erOid, sizeof(erOid));
+        sz += sizeof(erOid);
+        XMEMCPY(&output[sz], erSet, erSetSz);
+        sz += erSetSz;
+        /* The actual extension data will be tacked onto the output later. */
+    }
+
+    return sz;
+}
+
+
+/* encode info from cert into DER encoded format */
+static int EncodeCertReq(Cert* cert, DerCert* der,
+                         RsaKey* rsaKey, ecc_key* eccKey)
+{
+    (void)eccKey;
+
+    /* init */
+    XMEMSET(der, 0, sizeof(DerCert));
+
+    /* version */
+    der->versionSz = SetMyVersion(cert->version, der->version, FALSE);
+
+    /* subject name */
+    der->subjectSz = SetName(der->subject, &cert->subject);
+    if (der->subjectSz == 0)
+        return SUBJECT_E;
+
+    /* public key */
+    if (cert->keyType == RSA_KEY) {
+        if (rsaKey == NULL)
+            return PUBLIC_KEY_E;
+        der->publicKeySz = SetRsaPublicKey(der->publicKey, rsaKey);
+        if (der->publicKeySz <= 0)
+            return PUBLIC_KEY_E;
+    }
+
+#ifdef HAVE_ECC
+    if (cert->keyType == ECC_KEY) {
+        if (eccKey == NULL)
+            return PUBLIC_KEY_E;
+        der->publicKeySz = SetEccPublicKey(der->publicKey, eccKey);
+        if (der->publicKeySz <= 0)
+            return PUBLIC_KEY_E;
+    }
+#endif /* HAVE_ECC */
+
+    /* CA */
+    if (cert->isCA) {
+        der->caSz = SetCa(der->ca);
+        if (der->caSz == 0)
+            return CA_TRUE_E;
+    }
+    else
+        der->caSz = 0;
+
+    /* extensions, just CA now */
+    if (cert->isCA) {
+        der->extensionsSz = SetExtensions(der->extensions,
+                                          der->ca, der->caSz, FALSE);
+        if (der->extensionsSz == 0)
+            return EXTENSIONS_E;
+    }
+    else
+        der->extensionsSz = 0;
+
+    der->attribSz = SetReqAttrib(der->attrib,
+                                 cert->challengePw, der->extensionsSz);
+    if (der->attribSz == 0)
+        return REQ_ATTRIBUTE_E;
+
+    der->total = der->versionSz + der->subjectSz + der->publicKeySz +
+        der->extensionsSz + der->attribSz;
+
+    return 0;
+}
+
+
+/* write DER encoded cert req to buffer, size already checked */
+static int WriteCertReqBody(DerCert* der, byte* buffer)
+{
+    int idx;
+
+    /* signed part header */
+    idx = SetSequence(der->total, buffer);
+    /* version */
+    XMEMCPY(buffer + idx, der->version, der->versionSz);
+    idx += der->versionSz;
+    /* subject */
+    XMEMCPY(buffer + idx, der->subject, der->subjectSz);
+    idx += der->subjectSz;
+    /* public key */
+    XMEMCPY(buffer + idx, der->publicKey, der->publicKeySz);
+    idx += der->publicKeySz;
+    /* attributes */
+    XMEMCPY(buffer + idx, der->attrib, der->attribSz);
+    idx += der->attribSz;
+    /* extensions */
+    if (der->extensionsSz) {
+        XMEMCPY(buffer + idx, der->extensions, min(der->extensionsSz,
+                                                   sizeof(der->extensions)));
+        idx += der->extensionsSz;
+    }
+
+    return idx;
+}
+
+
+int wc_MakeCertReq(Cert* cert, byte* derBuffer, word32 derSz,
+                RsaKey* rsaKey, ecc_key* eccKey)
+{
+    int ret;
+#ifdef WOLFSSL_SMALL_STACK
+    DerCert* der;
+#else
+    DerCert der[1];
+#endif
+
+    cert->keyType = eccKey ? ECC_KEY : RSA_KEY;
+
+#ifdef WOLFSSL_SMALL_STACK
+    der = (DerCert*)XMALLOC(sizeof(DerCert), NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    if (der == NULL)
+        return MEMORY_E;
+#endif
+
+    ret = EncodeCertReq(cert, der, rsaKey, eccKey);
+
+    if (ret == 0) {
+        if (der->total + MAX_SEQ_SZ * 2 > (int)derSz)
+            ret = BUFFER_E;
+        else
+            ret = cert->bodySz = WriteCertReqBody(der, derBuffer);
+    }
+
+#ifdef WOLFSSL_SMALL_STACK
+    XFREE(der, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+
+    return ret;
+}
+
+#endif /* WOLFSSL_CERT_REQ */
+
+
+int wc_SignCert(int requestSz, int sType, byte* buffer, word32 buffSz,
+             RsaKey* rsaKey, ecc_key* eccKey, RNG* rng)
+{
+    int sigSz;
+#ifdef WOLFSSL_SMALL_STACK
+    byte* sig;
+#else
+    byte sig[MAX_ENCODED_SIG_SZ];
+#endif
+
+    if (requestSz < 0)
+        return requestSz;
+
+#ifdef WOLFSSL_SMALL_STACK
+    sig = (byte*)XMALLOC(MAX_ENCODED_SIG_SZ, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    if (sig == NULL)
+        return MEMORY_E;
+#endif
+
+    sigSz = MakeSignature(buffer, requestSz, sig, MAX_ENCODED_SIG_SZ, rsaKey,
+                          eccKey, rng, sType);
+
+    if (sigSz >= 0) {
+        if (requestSz + MAX_SEQ_SZ * 2 + sigSz > (int)buffSz)
+            sigSz = BUFFER_E;
+        else
+            sigSz = AddSignature(buffer, requestSz, sig, sigSz, sType);
+    }
+    
+#ifdef WOLFSSL_SMALL_STACK
+    XFREE(sig, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+
+    return sigSz;
+}
+
+
+int wc_MakeSelfCert(Cert* cert, byte* buffer, word32 buffSz, RsaKey* key, RNG* rng)
+{
+    int ret = wc_MakeCert(cert, buffer, buffSz, key, NULL, rng);
+
+    if (ret < 0)
+        return ret;
+
+    return wc_SignCert(cert->bodySz, cert->sigType, buffer, buffSz, key, NULL,rng);
+}
+
+
+#ifdef WOLFSSL_ALT_NAMES 
+
+/* Set Alt Names from der cert, return 0 on success */
+static int SetAltNamesFromCert(Cert* cert, const byte* der, int derSz)
+{
+    int ret;
+#ifdef WOLFSSL_SMALL_STACK
+    DecodedCert* decoded;
+#else
+    DecodedCert decoded[1];
+#endif
+
+    if (derSz < 0)
+        return derSz;
+
+#ifdef WOLFSSL_SMALL_STACK
+    decoded = (DecodedCert*)XMALLOC(sizeof(DecodedCert), NULL,
+                                                       DYNAMIC_TYPE_TMP_BUFFER);
+    if (decoded == NULL)
+        return MEMORY_E;
+#endif
+    
+    InitDecodedCert(decoded, (byte*)der, derSz, 0);
+    ret = ParseCertRelative(decoded, CA_TYPE, NO_VERIFY, 0);
+
+    if (ret < 0) {
+        WOLFSSL_MSG("ParseCertRelative error");
+    }
+    else if (decoded->extensions) {
+        byte   b;
+        int    length;
+        word32 maxExtensionsIdx;
+
+        decoded->srcIdx = decoded->extensionsIdx;
+        b = decoded->source[decoded->srcIdx++];
+        
+        if (b != ASN_EXTENSIONS) {
+            ret = ASN_PARSE_E;
+        }
+        else if (GetLength(decoded->source, &decoded->srcIdx, &length,
+                                                         decoded->maxIdx) < 0) {
+            ret = ASN_PARSE_E;
+        }
+        else if (GetSequence(decoded->source, &decoded->srcIdx, &length,
+                                                         decoded->maxIdx) < 0) {
+            ret = ASN_PARSE_E;
+        }
+        else {
+            maxExtensionsIdx = decoded->srcIdx + length;
+
+            while (decoded->srcIdx < maxExtensionsIdx) {
+                word32 oid;
+                word32 startIdx = decoded->srcIdx;
+                word32 tmpIdx;
+
+                if (GetSequence(decoded->source, &decoded->srcIdx, &length,
+                            decoded->maxIdx) < 0) {
+                    ret = ASN_PARSE_E;
+                    break;
+                }
+
+                tmpIdx = decoded->srcIdx;
+                decoded->srcIdx = startIdx;
+
+                if (GetAlgoId(decoded->source, &decoded->srcIdx, &oid,
+                              decoded->maxIdx) < 0) {
+                    ret = ASN_PARSE_E;
+                    break;
+                }
+
+                if (oid == ALT_NAMES_OID) {
+                    cert->altNamesSz = length + (tmpIdx - startIdx);
+
+                    if (cert->altNamesSz < (int)sizeof(cert->altNames))
+                        XMEMCPY(cert->altNames, &decoded->source[startIdx],
+                                cert->altNamesSz);
+                    else {
+                        cert->altNamesSz = 0;
+                        WOLFSSL_MSG("AltNames extensions too big");
+                        ret = ALT_NAME_E;
+                        break;
+                    }
+                }
+                decoded->srcIdx = tmpIdx + length;
+            }
+        }
+    }
+
+    FreeDecodedCert(decoded);
+#ifdef WOLFSSL_SMALL_STACK
+    XFREE(decoded, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+
+    return ret < 0 ? ret : 0;
+}
+
+
+/* Set Dates from der cert, return 0 on success */
+static int SetDatesFromCert(Cert* cert, const byte* der, int derSz)
+{
+    int ret;
+#ifdef WOLFSSL_SMALL_STACK
+    DecodedCert* decoded;
+#else
+    DecodedCert decoded[1];
+#endif
+
+    WOLFSSL_ENTER("SetDatesFromCert");
+    if (derSz < 0)
+        return derSz;
+    
+#ifdef WOLFSSL_SMALL_STACK
+    decoded = (DecodedCert*)XMALLOC(sizeof(DecodedCert), NULL,
+                                                       DYNAMIC_TYPE_TMP_BUFFER);
+    if (decoded == NULL)
+        return MEMORY_E;
+#endif
+
+    InitDecodedCert(decoded, (byte*)der, derSz, 0);
+    ret = ParseCertRelative(decoded, CA_TYPE, NO_VERIFY, 0);
+
+    if (ret < 0) {
+        WOLFSSL_MSG("ParseCertRelative error");
+    }
+    else if (decoded->beforeDate == NULL || decoded->afterDate == NULL) {
+        WOLFSSL_MSG("Couldn't extract dates");
+        ret = -1;
+    }
+    else if (decoded->beforeDateLen > MAX_DATE_SIZE || 
+                                        decoded->afterDateLen > MAX_DATE_SIZE) {
+        WOLFSSL_MSG("Bad date size");
+        ret = -1;
+    }
+    else {
+        XMEMCPY(cert->beforeDate, decoded->beforeDate, decoded->beforeDateLen);
+        XMEMCPY(cert->afterDate,  decoded->afterDate,  decoded->afterDateLen);
+
+        cert->beforeDateSz = decoded->beforeDateLen;
+        cert->afterDateSz  = decoded->afterDateLen;
+    }
+
+    FreeDecodedCert(decoded);
+
+#ifdef WOLFSSL_SMALL_STACK
+    XFREE(decoded, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+
+    return ret < 0 ? ret : 0;
+}
+
+
+#endif /* WOLFSSL_ALT_NAMES && !NO_RSA */
+
+
+/* Set cn name from der buffer, return 0 on success */
+static int SetNameFromCert(CertName* cn, const byte* der, int derSz)
+{
+    int ret, sz;
+#ifdef WOLFSSL_SMALL_STACK
+    DecodedCert* decoded;
+#else
+    DecodedCert decoded[1];
+#endif
+
+    if (derSz < 0)
+        return derSz;
+
+#ifdef WOLFSSL_SMALL_STACK
+    decoded = (DecodedCert*)XMALLOC(sizeof(DecodedCert), NULL,
+                                                       DYNAMIC_TYPE_TMP_BUFFER);
+    if (decoded == NULL)
+        return MEMORY_E;
+#endif
+
+    InitDecodedCert(decoded, (byte*)der, derSz, 0);
+    ret = ParseCertRelative(decoded, CA_TYPE, NO_VERIFY, 0);
+
+    if (ret < 0) {
+        WOLFSSL_MSG("ParseCertRelative error");
+    }
+    else {
+        if (decoded->subjectCN) {
+            sz = (decoded->subjectCNLen < CTC_NAME_SIZE) ? decoded->subjectCNLen
+                                                         : CTC_NAME_SIZE - 1;
+            strncpy(cn->commonName, decoded->subjectCN, CTC_NAME_SIZE);
+            cn->commonName[sz] = 0;
+            cn->commonNameEnc = decoded->subjectCNEnc;
+        }
+        if (decoded->subjectC) {
+            sz = (decoded->subjectCLen < CTC_NAME_SIZE) ? decoded->subjectCLen
+                                                        : CTC_NAME_SIZE - 1;
+            strncpy(cn->country, decoded->subjectC, CTC_NAME_SIZE);
+            cn->country[sz] = 0;
+            cn->countryEnc = decoded->subjectCEnc;
+        }
+        if (decoded->subjectST) {
+            sz = (decoded->subjectSTLen < CTC_NAME_SIZE) ? decoded->subjectSTLen
+                                                         : CTC_NAME_SIZE - 1;
+            strncpy(cn->state, decoded->subjectST, CTC_NAME_SIZE);
+            cn->state[sz] = 0;
+            cn->stateEnc = decoded->subjectSTEnc;
+        }
+        if (decoded->subjectL) {
+            sz = (decoded->subjectLLen < CTC_NAME_SIZE) ? decoded->subjectLLen
+                                                        : CTC_NAME_SIZE - 1;
+            strncpy(cn->locality, decoded->subjectL, CTC_NAME_SIZE);
+            cn->locality[sz] = 0;
+            cn->localityEnc = decoded->subjectLEnc;
+        }
+        if (decoded->subjectO) {
+            sz = (decoded->subjectOLen < CTC_NAME_SIZE) ? decoded->subjectOLen
+                                                        : CTC_NAME_SIZE - 1;
+            strncpy(cn->org, decoded->subjectO, CTC_NAME_SIZE);
+            cn->org[sz] = 0;
+            cn->orgEnc = decoded->subjectOEnc;
+        }
+        if (decoded->subjectOU) {
+            sz = (decoded->subjectOULen < CTC_NAME_SIZE) ? decoded->subjectOULen
+                                                         : CTC_NAME_SIZE - 1;
+            strncpy(cn->unit, decoded->subjectOU, CTC_NAME_SIZE);
+            cn->unit[sz] = 0;
+            cn->unitEnc = decoded->subjectOUEnc;
+        }
+        if (decoded->subjectSN) {
+            sz = (decoded->subjectSNLen < CTC_NAME_SIZE) ? decoded->subjectSNLen
+                                                         : CTC_NAME_SIZE - 1;
+            strncpy(cn->sur, decoded->subjectSN, CTC_NAME_SIZE);
+            cn->sur[sz] = 0;
+            cn->surEnc = decoded->subjectSNEnc;
+        }
+        if (decoded->subjectEmail) {
+            sz = (decoded->subjectEmailLen < CTC_NAME_SIZE)
+               ?  decoded->subjectEmailLen : CTC_NAME_SIZE - 1;
+            strncpy(cn->email, decoded->subjectEmail, CTC_NAME_SIZE);
+            cn->email[sz] = 0;
+        }
+    }
+
+    FreeDecodedCert(decoded);
+
+#ifdef WOLFSSL_SMALL_STACK
+    XFREE(decoded, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+
+    return ret < 0 ? ret : 0;
+}
+
+
+#ifndef NO_FILESYSTEM
+
+/* Set cert issuer from issuerFile in PEM */
+int wc_SetIssuer(Cert* cert, const char* issuerFile)
+{
+    int         ret;
+    int         derSz;
+    byte*       der = (byte*)XMALLOC(EIGHTK_BUF, NULL, DYNAMIC_TYPE_CERT);
+
+    if (der == NULL) {
+        WOLFSSL_MSG("wc_SetIssuer OOF Problem");
+        return MEMORY_E;
+    }
+    derSz = wolfSSL_PemCertToDer(issuerFile, der, EIGHTK_BUF);
+    cert->selfSigned = 0;
+    ret = SetNameFromCert(&cert->issuer, der, derSz);
+    XFREE(der, NULL, DYNAMIC_TYPE_CERT);
+
+    return ret;
+}
+
+
+/* Set cert subject from subjectFile in PEM */
+int wc_SetSubject(Cert* cert, const char* subjectFile)
+{
+    int         ret;
+    int         derSz;
+    byte*       der = (byte*)XMALLOC(EIGHTK_BUF, NULL, DYNAMIC_TYPE_CERT);
+
+    if (der == NULL) {
+        WOLFSSL_MSG("wc_SetSubject OOF Problem");
+        return MEMORY_E;
+    }
+    derSz = wolfSSL_PemCertToDer(subjectFile, der, EIGHTK_BUF);
+    ret = SetNameFromCert(&cert->subject, der, derSz);
+    XFREE(der, NULL, DYNAMIC_TYPE_CERT);
+
+    return ret;
+}
+
+
+#ifdef WOLFSSL_ALT_NAMES
+
+/* Set atl names from file in PEM */
+int wc_SetAltNames(Cert* cert, const char* file)
+{
+    int         ret;
+    int         derSz;
+    byte*       der = (byte*)XMALLOC(EIGHTK_BUF, NULL, DYNAMIC_TYPE_CERT);
+
+    if (der == NULL) {
+        WOLFSSL_MSG("wc_SetAltNames OOF Problem");
+        return MEMORY_E;
+    }
+    derSz = wolfSSL_PemCertToDer(file, der, EIGHTK_BUF);
+    ret = SetAltNamesFromCert(cert, der, derSz);
+    XFREE(der, NULL, DYNAMIC_TYPE_CERT);
+
+    return ret;
+}
+
+#endif /* WOLFSSL_ALT_NAMES */
+
+#endif /* NO_FILESYSTEM */
+
+/* Set cert issuer from DER buffer */
+int wc_SetIssuerBuffer(Cert* cert, const byte* der, int derSz)
+{
+    cert->selfSigned = 0;
+    return SetNameFromCert(&cert->issuer, der, derSz);
+}
+
+
+/* Set cert subject from DER buffer */
+int wc_SetSubjectBuffer(Cert* cert, const byte* der, int derSz)
+{
+    return SetNameFromCert(&cert->subject, der, derSz);
+}
+
+
+#ifdef WOLFSSL_ALT_NAMES
+
+/* Set cert alt names from DER buffer */
+int wc_SetAltNamesBuffer(Cert* cert, const byte* der, int derSz)
+{
+    return SetAltNamesFromCert(cert, der, derSz);
+}
+
+/* Set cert dates from DER buffer */
+int wc_SetDatesBuffer(Cert* cert, const byte* der, int derSz)
+{
+    return SetDatesFromCert(cert, der, derSz);
+}
+
+#endif /* WOLFSSL_ALT_NAMES */
+
+#endif /* WOLFSSL_CERT_GEN */
+
+
+#ifdef HAVE_ECC
+
+/* Der Encode r & s ints into out, outLen is (in/out) size */
+int StoreECC_DSA_Sig(byte* out, word32* outLen, mp_int* r, mp_int* s)
+{
+    word32 idx = 0;
+    word32 rSz;                           /* encoding size */
+    word32 sSz;
+    word32 headerSz = 4;   /* 2*ASN_TAG + 2*LEN(ENUM) */
+
+    /* If the leading bit on the INTEGER is a 1, add a leading zero */
+    int rLeadingZero = mp_leading_bit(r);
+    int sLeadingZero = mp_leading_bit(s);
+    int rLen = mp_unsigned_bin_size(r);   /* big int size */
+    int sLen = mp_unsigned_bin_size(s);
+    int err;
+
+    if (*outLen < (rLen + rLeadingZero + sLen + sLeadingZero +
+                   headerSz + 2))  /* SEQ_TAG + LEN(ENUM) */
+        return BAD_FUNC_ARG;
+
+    idx = SetSequence(rLen+rLeadingZero+sLen+sLeadingZero+headerSz, out);
+
+    /* store r */
+    out[idx++] = ASN_INTEGER;
+    rSz = SetLength(rLen + rLeadingZero, &out[idx]);
+    idx += rSz;
+    if (rLeadingZero)
+        out[idx++] = 0;
+    err = mp_to_unsigned_bin(r, &out[idx]);
+    if (err != MP_OKAY) return err;
+    idx += rLen;
+
+    /* store s */
+    out[idx++] = ASN_INTEGER;
+    sSz = SetLength(sLen + sLeadingZero, &out[idx]);
+    idx += sSz;
+    if (sLeadingZero)
+        out[idx++] = 0;
+    err = mp_to_unsigned_bin(s, &out[idx]);
+    if (err != MP_OKAY) return err;
+    idx += sLen;
+
+    *outLen = idx;
+
+    return 0;
+}
+
+
+/* Der Decode ECC-DSA Signautre, r & s stored as big ints */
+int DecodeECC_DSA_Sig(const byte* sig, word32 sigLen, mp_int* r, mp_int* s)
+{
+    word32 idx = 0;
+    int    len = 0;
+
+    if (GetSequence(sig, &idx, &len, sigLen) < 0)
+        return ASN_ECC_KEY_E;
+
+    if ((word32)len > (sigLen - idx))
+        return ASN_ECC_KEY_E;
+
+    if (GetInt(r, sig, &idx, sigLen) < 0)
+        return ASN_ECC_KEY_E;
+
+    if (GetInt(s, sig, &idx, sigLen) < 0)
+        return ASN_ECC_KEY_E;
+
+    return 0;
+}
+
+
+int wc_EccPrivateKeyDecode(const byte* input, word32* inOutIdx, ecc_key* key,
+                        word32 inSz)
+{
+    word32 oid = 0;
+    int    version, length;
+    int    privSz, pubSz;
+    byte   b;
+    int    ret = 0;
+#ifdef WOLFSSL_SMALL_STACK
+    byte* priv;
+    byte* pub;
+#else
+    byte priv[ECC_MAXSIZE];
+    byte pub[ECC_MAXSIZE * 2 + 1]; /* public key has two parts plus header */
+#endif
+
+    if (input == NULL || inOutIdx == NULL || key == NULL || inSz == 0)
+        return BAD_FUNC_ARG;
+
+    if (GetSequence(input, inOutIdx, &length, inSz) < 0)
+        return ASN_PARSE_E;
+
+    if (GetMyVersion(input, inOutIdx, &version) < 0)
+        return ASN_PARSE_E;
+
+    b = input[*inOutIdx];
+    *inOutIdx += 1;
+
+    /* priv type */
+    if (b != 4 && b != 6 && b != 7) 
+        return ASN_PARSE_E;
+
+    if (GetLength(input, inOutIdx, &length, inSz) < 0)
+        return ASN_PARSE_E;
+
+    if (length > ECC_MAXSIZE)
+        return BUFFER_E;
+
+#ifdef WOLFSSL_SMALL_STACK
+    priv = (byte*)XMALLOC(ECC_MAXSIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    if (priv == NULL)
+        return MEMORY_E;
+    
+    pub = (byte*)XMALLOC(ECC_MAXSIZE * 2 + 1, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    if (pub == NULL) {
+        XFREE(priv, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        return MEMORY_E;
+    }
+#endif
+
+    /* priv key */
+    privSz = length;
+    XMEMCPY(priv, &input[*inOutIdx], privSz);
+    *inOutIdx += length;
+
+    /* prefix 0, may have */
+    b = input[*inOutIdx];
+    if (b == ECC_PREFIX_0) {
+        *inOutIdx += 1;
+
+        if (GetLength(input, inOutIdx, &length, inSz) < 0)
+            ret = ASN_PARSE_E;
+        else {
+            /* object id */
+            b = input[*inOutIdx];
+            *inOutIdx += 1;
+
+            if (b != ASN_OBJECT_ID) {
+                ret = ASN_OBJECT_ID_E;
+            }
+            else if (GetLength(input, inOutIdx, &length, inSz) < 0) {
+                ret = ASN_PARSE_E;
+            }
+            else {
+                while(length--) {
+                    oid += input[*inOutIdx];
+                    *inOutIdx += 1;
+                }
+                if (CheckCurve(oid) < 0)
+                    ret = ECC_CURVE_OID_E;
+            }
+        }
+    }
+
+    if (ret == 0) {
+        /* prefix 1 */
+        b = input[*inOutIdx];
+        *inOutIdx += 1;
+
+        if (b != ECC_PREFIX_1) {
+            ret = ASN_ECC_KEY_E;
+        }
+        else if (GetLength(input, inOutIdx, &length, inSz) < 0) {
+            ret = ASN_PARSE_E;
+        }
+        else {
+            /* key header */
+            b = input[*inOutIdx];
+            *inOutIdx += 1;
+            
+            if (b != ASN_BIT_STRING) {
+                ret = ASN_BITSTR_E;
+            }
+            else if (GetLength(input, inOutIdx, &length, inSz) < 0) {
+                ret = ASN_PARSE_E;
+            }
+            else {
+                b = input[*inOutIdx];
+                *inOutIdx += 1;
+
+                if (b != 0x00) {
+                    ret = ASN_EXPECT_0_E;
+                }
+                else {
+                    /* pub key */
+                    pubSz = length - 1;  /* null prefix */
+                    if (pubSz < (ECC_MAXSIZE*2 + 1)) {
+                        XMEMCPY(pub, &input[*inOutIdx], pubSz);
+                        *inOutIdx += length;
+                        ret = wc_ecc_import_private_key(priv, privSz, pub, pubSz,
+                                                     key);
+                    } else
+                        ret = BUFFER_E;
+                }
+            }
+        }
+    }
+
+#ifdef WOLFSSL_SMALL_STACK
+    XFREE(priv, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    XFREE(pub,  NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+
+    return ret;
+}
+
+
+#ifdef WOLFSSL_KEY_GEN
+
+/* Write a Private ecc key to DER format, length on success else < 0 */
+int wc_EccKeyToDer(ecc_key* key, byte* output, word32 inLen)
+{
+    byte   curve[MAX_ALGO_SZ];
+    byte   ver[MAX_VERSION_SZ];
+    byte   seq[MAX_SEQ_SZ];
+    int    ret;
+    int    curveSz;
+    int    verSz;
+    int    privHdrSz  = ASN_ECC_HEADER_SZ;
+    int    pubHdrSz   = ASN_ECC_CONTEXT_SZ + ASN_ECC_HEADER_SZ;
+    int    curveHdrSz = ASN_ECC_CONTEXT_SZ;
+    word32 seqSz;
+    word32 idx = 0;
+    word32 pubSz = ECC_BUFSIZE;
+    word32 privSz;
+    word32 totalSz;
+
+    if (key == NULL || output == NULL || inLen == 0)
+        return BAD_FUNC_ARG;
+
+    ret = wc_ecc_export_x963(key, NULL, &pubSz);
+    if (ret != LENGTH_ONLY_E) {
+        return ret;
+    }
+    curveSz = SetCurve(key, curve);
+    if (curveSz < 0) {
+        return curveSz;
+    }
+
+    privSz = key->dp->size;
+
+    verSz = SetMyVersion(1, ver, FALSE);
+    if (verSz < 0) {
+        return verSz;
+    }
+
+    totalSz = verSz + privSz + privHdrSz + curveSz + curveHdrSz +
+              pubSz + pubHdrSz + 1;  /* plus null byte b4 public */
+    seqSz = SetSequence(totalSz, seq);
+    totalSz += seqSz;
+
+    if (totalSz > inLen) {
+        return BUFFER_E;
+    }
+
+    /* write it out */
+    /* seq */
+    XMEMCPY(output + idx, seq, seqSz);
+    idx += seqSz;
+
+   /* ver */
+    XMEMCPY(output + idx, ver, verSz);
+    idx += verSz;
+
+    /* private */
+    output[idx++] = ASN_OCTET_STRING;
+    output[idx++] = (byte)privSz;
+    ret = wc_ecc_export_private_only(key, output + idx, &privSz);
+    if (ret < 0) {
+        return ret;
+    }
+    idx += privSz;
+
+    /* curve */
+    output[idx++] = ECC_PREFIX_0;
+    output[idx++] = (byte)curveSz;
+    XMEMCPY(output + idx, curve, curveSz);
+    idx += curveSz;
+
+    /* public */
+    output[idx++] = ECC_PREFIX_1;
+    output[idx++] = (byte)pubSz + ASN_ECC_CONTEXT_SZ + 1;  /* plus null byte */
+    output[idx++] = ASN_BIT_STRING;
+    output[idx++] = (byte)pubSz + 1;  /* plus null byte */
+    output[idx++] = (byte)0;          /* null byte */
+    ret = wc_ecc_export_x963(key, output + idx, &pubSz);
+    if (ret != 0) {
+        return ret;
+    }
+    /* idx += pubSz if do more later */
+
+    return totalSz;
+}
+
+#endif /* WOLFSSL_KEY_GEN */
+
+#endif  /* HAVE_ECC */
+
+
+#if defined(HAVE_OCSP) || defined(HAVE_CRL)
+
+/* Get raw Date only, no processing, 0 on success */
+static int GetBasicDate(const byte* source, word32* idx, byte* date,
+                        byte* format, int maxIdx)
+{
+    int    length;
+
+    WOLFSSL_ENTER("GetBasicDate");
+
+    *format = source[*idx];
+    *idx += 1;
+    if (*format != ASN_UTC_TIME && *format != ASN_GENERALIZED_TIME)
+        return ASN_TIME_E;
+
+    if (GetLength(source, idx, &length, maxIdx) < 0)
+        return ASN_PARSE_E;
+
+    if (length > MAX_DATE_SIZE || length < MIN_DATE_SIZE)
+        return ASN_DATE_SZ_E;
+
+    XMEMCPY(date, &source[*idx], length);
+    *idx += length;
+
+    return 0;
+}
+
+#endif
+
+
+#ifdef HAVE_OCSP
+
+static int GetEnumerated(const byte* input, word32* inOutIdx, int *value)
+{
+    word32 idx = *inOutIdx;
+    word32 len;
+
+    WOLFSSL_ENTER("GetEnumerated");
+
+    *value = 0;
+
+    if (input[idx++] != ASN_ENUMERATED)
+        return ASN_PARSE_E;
+
+    len = input[idx++];
+    if (len > 4)
+        return ASN_PARSE_E;
+
+    while (len--) {
+        *value  = *value << 8 | input[idx++];
+    }
+
+    *inOutIdx = idx;
+
+    return *value;
+}
+
+
+static int DecodeSingleResponse(byte* source,
+                            word32* ioIndex, OcspResponse* resp, word32 size)
+{
+    word32 idx = *ioIndex, prevIndex, oid;
+    int length, wrapperSz;
+    CertStatus* cs = resp->status;
+
+    WOLFSSL_ENTER("DecodeSingleResponse");
+
+    /* Outer wrapper of the SEQUENCE OF Single Responses. */
+    if (GetSequence(source, &idx, &wrapperSz, size) < 0)
+        return ASN_PARSE_E;
+
+    prevIndex = idx;
+
+    /* When making a request, we only request one status on one certificate
+     * at a time. There should only be one SingleResponse */
+
+    /* Wrapper around the Single Response */
+    if (GetSequence(source, &idx, &length, size) < 0)
+        return ASN_PARSE_E;
+
+    /* Wrapper around the CertID */
+    if (GetSequence(source, &idx, &length, size) < 0)
+        return ASN_PARSE_E;
+    /* Skip the hash algorithm */
+    if (GetAlgoId(source, &idx, &oid, size) < 0)
+        return ASN_PARSE_E;
+    /* Save reference to the hash of CN */
+    if (source[idx++] != ASN_OCTET_STRING)
+        return ASN_PARSE_E;
+    if (GetLength(source, &idx, &length, size) < 0)
+        return ASN_PARSE_E;
+    resp->issuerHash = source + idx;
+    idx += length;
+    /* Save reference to the hash of the issuer public key */
+    if (source[idx++] != ASN_OCTET_STRING)
+        return ASN_PARSE_E;
+    if (GetLength(source, &idx, &length, size) < 0)
+        return ASN_PARSE_E;
+    resp->issuerKeyHash = source + idx;
+    idx += length;
+
+    /* Read the serial number, it is handled as a string, not as a 
+     * proper number. Just XMEMCPY the data over, rather than load it
+     * as an mp_int. */
+    if (source[idx++] != ASN_INTEGER)
+        return ASN_PARSE_E;
+    if (GetLength(source, &idx, &length, size) < 0)
+        return ASN_PARSE_E;
+    if (length <= EXTERNAL_SERIAL_SIZE)
+    {
+        if (source[idx] == 0)
+        {
+            idx++;
+            length--;
+        }
+        XMEMCPY(cs->serial, source + idx, length);
+        cs->serialSz = length;
+    }
+    else
+    {
+        return ASN_GETINT_E;
+    }
+    idx += length;
+
+    /* CertStatus */
+    switch (source[idx++])
+    {
+        case (ASN_CONTEXT_SPECIFIC | CERT_GOOD):
+            cs->status = CERT_GOOD;
+            idx++;
+            break;
+        case (ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED | CERT_REVOKED):
+            cs->status = CERT_REVOKED;
+            if (GetLength(source, &idx, &length, size) < 0)
+                return ASN_PARSE_E;
+            idx += length;
+            break;
+        case (ASN_CONTEXT_SPECIFIC | CERT_UNKNOWN):
+            cs->status = CERT_UNKNOWN;
+            idx++;
+            break;
+        default:
+            return ASN_PARSE_E;
+    }
+
+    if (GetBasicDate(source, &idx, cs->thisDate,
+                                                &cs->thisDateFormat, size) < 0)
+        return ASN_PARSE_E;
+    if (!XVALIDATE_DATE(cs->thisDate, cs->thisDateFormat, BEFORE))
+        return ASN_BEFORE_DATE_E;
+    
+    /* The following items are optional. Only check for them if there is more
+     * unprocessed data in the singleResponse wrapper. */
+    
+    if (((int)(idx - prevIndex) < wrapperSz) &&
+        (source[idx] == (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 0)))
+    {
+        idx++;
+        if (GetLength(source, &idx, &length, size) < 0)
+            return ASN_PARSE_E;
+        if (GetBasicDate(source, &idx, cs->nextDate,
+                                                &cs->nextDateFormat, size) < 0)
+            return ASN_PARSE_E;
+    }
+    if (((int)(idx - prevIndex) < wrapperSz) &&
+        (source[idx] == (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 1)))
+    {
+        idx++;
+        if (GetLength(source, &idx, &length, size) < 0)
+            return ASN_PARSE_E;
+        idx += length;
+    }
+
+    *ioIndex = idx;
+
+    return 0;
+}
+
+static int DecodeOcspRespExtensions(byte* source,
+                            word32* ioIndex, OcspResponse* resp, word32 sz)
+{
+    word32 idx = *ioIndex;
+    int length;
+    int ext_bound; /* boundary index for the sequence of extensions */
+    word32 oid;
+
+    WOLFSSL_ENTER("DecodeOcspRespExtensions");
+
+    if (source[idx++] != (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 1))
+        return ASN_PARSE_E;
+
+    if (GetLength(source, &idx, &length, sz) < 0) return ASN_PARSE_E;
+
+    if (GetSequence(source, &idx, &length, sz) < 0) return ASN_PARSE_E;
+   
+    ext_bound = idx + length;
+
+    while (idx < (word32)ext_bound) {
+        if (GetSequence(source, &idx, &length, sz) < 0) {
+            WOLFSSL_MSG("\tfail: should be a SEQUENCE");
+            return ASN_PARSE_E;
+        }
+
+        oid = 0;
+        if (GetObjectId(source, &idx, &oid, sz) < 0) {
+            WOLFSSL_MSG("\tfail: OBJECT ID");
+            return ASN_PARSE_E;
+        }
+
+        /* check for critical flag */
+        if (source[idx] == ASN_BOOLEAN) {
+            WOLFSSL_MSG("\tfound optional critical flag, moving past");
+            idx += (ASN_BOOL_SIZE + 1);
+        }
+
+        /* process the extension based on the OID */
+        if (source[idx++] != ASN_OCTET_STRING) {
+            WOLFSSL_MSG("\tfail: should be an OCTET STRING");
+            return ASN_PARSE_E;
+        }
+
+        if (GetLength(source, &idx, &length, sz) < 0) {
+            WOLFSSL_MSG("\tfail: extension data length");
+            return ASN_PARSE_E;
+        }
+
+        if (oid == OCSP_NONCE_OID) {
+            resp->nonce = source + idx;
+            resp->nonceSz = length;
+        }
+
+        idx += length;
+    }
+
+    *ioIndex = idx;
+    return 0;
+}
+
+
+static int DecodeResponseData(byte* source,
+                            word32* ioIndex, OcspResponse* resp, word32 size)
+{
+    word32 idx = *ioIndex, prev_idx;
+    int length;
+    int version;
+    word32 responderId = 0;
+
+    WOLFSSL_ENTER("DecodeResponseData");
+
+    resp->response = source + idx;
+    prev_idx = idx;
+    if (GetSequence(source, &idx, &length, size) < 0)
+        return ASN_PARSE_E;
+    resp->responseSz = length + idx - prev_idx;
+
+    /* Get version. It is an EXPLICIT[0] DEFAULT(0) value. If this
+     * item isn't an EXPLICIT[0], then set version to zero and move
+     * onto the next item.
+     */
+    if (source[idx] == (ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED))
+    {    
+        idx += 2; /* Eat the value and length */
+        if (GetMyVersion(source, &idx, &version) < 0)
+            return ASN_PARSE_E;
+    } else
+        version = 0;
+
+    responderId = source[idx++];
+    if ((responderId == (ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED | 1)) ||
+        (responderId == (ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED | 2)))
+    {
+        if (GetLength(source, &idx, &length, size) < 0)
+            return ASN_PARSE_E;
+        idx += length;
+    }
+    else
+        return ASN_PARSE_E;
+    
+    /* save pointer to the producedAt time */
+    if (GetBasicDate(source, &idx, resp->producedDate,
+                                        &resp->producedDateFormat, size) < 0)
+        return ASN_PARSE_E;
+
+    if (DecodeSingleResponse(source, &idx, resp, size) < 0)
+        return ASN_PARSE_E;
+
+    if (DecodeOcspRespExtensions(source, &idx, resp, size) < 0)
+        return ASN_PARSE_E;
+
+    *ioIndex = idx;
+    return 0;
+}
+
+
+static int DecodeCerts(byte* source,
+                            word32* ioIndex, OcspResponse* resp, word32 size)
+{
+    word32 idx = *ioIndex;
+
+    WOLFSSL_ENTER("DecodeCerts");
+
+    if (source[idx++] == (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC))
+    {
+        int length;
+
+        if (GetLength(source, &idx, &length, size) < 0)
+            return ASN_PARSE_E;
+
+        if (GetSequence(source, &idx, &length, size) < 0)
+            return ASN_PARSE_E;
+
+        resp->cert = source + idx;
+        resp->certSz = length;
+
+        idx += length;
+    }
+    *ioIndex = idx;
+    return 0;
+}
+
+static int DecodeBasicOcspResponse(byte* source,
+                            word32* ioIndex, OcspResponse* resp, word32 size)
+{
+    int length;
+    word32 idx = *ioIndex;
+    word32 end_index;
+
+    WOLFSSL_ENTER("DecodeBasicOcspResponse");
+
+    if (GetSequence(source, &idx, &length, size) < 0)
+        return ASN_PARSE_E;
+
+    if (idx + length > size)
+        return ASN_INPUT_E;
+    end_index = idx + length;
+
+    if (DecodeResponseData(source, &idx, resp, size) < 0)
+        return ASN_PARSE_E;
+    
+    /* Get the signature algorithm */
+    if (GetAlgoId(source, &idx, &resp->sigOID, size) < 0)
+        return ASN_PARSE_E;
+
+    /* Obtain pointer to the start of the signature, and save the size */
+    if (source[idx++] == ASN_BIT_STRING)
+    {
+        int sigLength = 0;
+        if (GetLength(source, &idx, &sigLength, size) < 0)
+            return ASN_PARSE_E;
+        resp->sigSz = sigLength;
+        resp->sig = source + idx;
+        idx += sigLength;
+    }
+
+    /*
+     * Check the length of the BasicOcspResponse against the current index to
+     * see if there are certificates, they are optional.
+     */
+    if (idx < end_index)
+    {
+        DecodedCert cert;
+        int ret;
+
+        if (DecodeCerts(source, &idx, resp, size) < 0)
+            return ASN_PARSE_E;
+
+        InitDecodedCert(&cert, resp->cert, resp->certSz, 0);
+        ret = ParseCertRelative(&cert, CA_TYPE, NO_VERIFY, 0);
+        if (ret < 0)
+            return ret;
+
+        ret = ConfirmSignature(resp->response, resp->responseSz,
+                            cert.publicKey, cert.pubKeySize, cert.keyOID,
+                            resp->sig, resp->sigSz, resp->sigOID, NULL);
+        FreeDecodedCert(&cert);
+
+        if (ret == 0)
+        {
+            WOLFSSL_MSG("\tOCSP Confirm signature failed");
+            return ASN_OCSP_CONFIRM_E;
+        }
+    }
+
+    *ioIndex = idx;
+    return 0;
+}
+
+
+void InitOcspResponse(OcspResponse* resp, CertStatus* status,
+                                                    byte* source, word32 inSz)
+{
+    WOLFSSL_ENTER("InitOcspResponse");
+
+    resp->responseStatus = -1;
+    resp->response = NULL;
+    resp->responseSz = 0;
+    resp->producedDateFormat = 0;
+    resp->issuerHash = NULL;
+    resp->issuerKeyHash = NULL;
+    resp->sig = NULL;
+    resp->sigSz = 0;
+    resp->sigOID = 0;
+    resp->status = status;
+    resp->nonce = NULL;
+    resp->nonceSz = 0;
+    resp->source = source;
+    resp->maxIdx = inSz;
+}
+
+
+int OcspResponseDecode(OcspResponse* resp)
+{
+    int length = 0;
+    word32 idx = 0;
+    byte* source = resp->source;
+    word32 size = resp->maxIdx;
+    word32 oid;
+
+    WOLFSSL_ENTER("OcspResponseDecode");
+
+    /* peel the outer SEQUENCE wrapper */
+    if (GetSequence(source, &idx, &length, size) < 0)
+        return ASN_PARSE_E;
+    
+    /* First get the responseStatus, an ENUMERATED */
+    if (GetEnumerated(source, &idx, &resp->responseStatus) < 0)
+        return ASN_PARSE_E;
+
+    if (resp->responseStatus != OCSP_SUCCESSFUL)
+        return 0;
+
+    /* Next is an EXPLICIT record called ResponseBytes, OPTIONAL */
+    if (idx >= size)
+        return ASN_INPUT_E;
+    if (source[idx++] != (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC))
+        return ASN_PARSE_E;
+    if (GetLength(source, &idx, &length, size) < 0)
+        return ASN_PARSE_E;
+
+    /* Get the responseBytes SEQUENCE */
+    if (GetSequence(source, &idx, &length, size) < 0)
+        return ASN_PARSE_E;
+
+    /* Check ObjectID for the resposeBytes */
+    if (GetObjectId(source, &idx, &oid, size) < 0)
+        return ASN_PARSE_E;
+    if (oid != OCSP_BASIC_OID)
+        return ASN_PARSE_E;
+    if (source[idx++] != ASN_OCTET_STRING)
+        return ASN_PARSE_E;
+
+    if (GetLength(source, &idx, &length, size) < 0)
+        return ASN_PARSE_E;
+
+    if (DecodeBasicOcspResponse(source, &idx, resp, size) < 0)
+        return ASN_PARSE_E;
+    
+    return 0;
+}
+
+
+static word32 SetOcspReqExtensions(word32 extSz, byte* output,
+                                            const byte* nonce, word32 nonceSz)
+{
+    static const byte NonceObjId[] = { 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07,
+                                       0x30, 0x01, 0x02 };
+    byte seqArray[5][MAX_SEQ_SZ];
+    word32 seqSz[5], totalSz;
+
+    WOLFSSL_ENTER("SetOcspReqExtensions");
+
+    if (nonce == NULL || nonceSz == 0) return 0;
+    
+    seqArray[0][0] = ASN_OCTET_STRING;
+    seqSz[0] = 1 + SetLength(nonceSz, &seqArray[0][1]);
+
+    seqArray[1][0] = ASN_OBJECT_ID;
+    seqSz[1] = 1 + SetLength(sizeof(NonceObjId), &seqArray[1][1]);
+
+    totalSz = seqSz[0] + seqSz[1] + nonceSz + (word32)sizeof(NonceObjId);
+
+    seqSz[2] = SetSequence(totalSz, seqArray[2]);
+    totalSz += seqSz[2];
+
+    seqSz[3] = SetSequence(totalSz, seqArray[3]);
+    totalSz += seqSz[3];
+
+    seqArray[4][0] = (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 2);
+    seqSz[4] = 1 + SetLength(totalSz, &seqArray[4][1]);
+    totalSz += seqSz[4];
+
+    if (totalSz < extSz)
+    {
+        totalSz = 0;
+        XMEMCPY(output + totalSz, seqArray[4], seqSz[4]);
+        totalSz += seqSz[4];
+        XMEMCPY(output + totalSz, seqArray[3], seqSz[3]);
+        totalSz += seqSz[3];
+        XMEMCPY(output + totalSz, seqArray[2], seqSz[2]);
+        totalSz += seqSz[2];
+        XMEMCPY(output + totalSz, seqArray[1], seqSz[1]);
+        totalSz += seqSz[1];
+        XMEMCPY(output + totalSz, NonceObjId, sizeof(NonceObjId));
+        totalSz += (word32)sizeof(NonceObjId);
+        XMEMCPY(output + totalSz, seqArray[0], seqSz[0]);
+        totalSz += seqSz[0];
+        XMEMCPY(output + totalSz, nonce, nonceSz);
+        totalSz += nonceSz;
+    }
+
+    return totalSz;
+}
+
+
+int EncodeOcspRequest(OcspRequest* req)
+{
+    byte seqArray[5][MAX_SEQ_SZ];
+    /* The ASN.1 of the OCSP Request is an onion of sequences */
+    byte algoArray[MAX_ALGO_SZ];
+    byte issuerArray[MAX_ENCODED_DIG_SZ];
+    byte issuerKeyArray[MAX_ENCODED_DIG_SZ];
+    byte snArray[MAX_SN_SZ];
+    byte extArray[MAX_OCSP_EXT_SZ];
+    byte* output = req->dest;
+    word32 seqSz[5], algoSz, issuerSz, issuerKeySz, snSz, extSz, totalSz;
+    int i;
+
+    WOLFSSL_ENTER("EncodeOcspRequest");
+
+    algoSz = SetAlgoID(SHAh, algoArray, hashType, 0);
+
+    req->issuerHash = req->cert->issuerHash;
+    issuerSz = SetDigest(req->cert->issuerHash, SHA_SIZE, issuerArray);
+    
+    req->issuerKeyHash = req->cert->issuerKeyHash;
+    issuerKeySz = SetDigest(req->cert->issuerKeyHash, SHA_SIZE, issuerKeyArray);
+
+    req->serial = req->cert->serial;
+    req->serialSz = req->cert->serialSz;
+    snSz = SetSerialNumber(req->cert->serial, req->cert->serialSz, snArray);
+
+    extSz = 0;
+    if (req->useNonce) {
+        RNG rng;
+        if (wc_InitRng(&rng) != 0) {
+            WOLFSSL_MSG("\tCannot initialize RNG. Skipping the OSCP Nonce.");
+        } else {
+            if (wc_RNG_GenerateBlock(&rng, req->nonce, MAX_OCSP_NONCE_SZ) != 0)
+                WOLFSSL_MSG("\tCannot run RNG. Skipping the OSCP Nonce.");
+            else {
+                req->nonceSz = MAX_OCSP_NONCE_SZ;
+                extSz = SetOcspReqExtensions(MAX_OCSP_EXT_SZ, extArray,
+                                                      req->nonce, req->nonceSz);
+            }
+        }
+    }
+
+    totalSz = algoSz + issuerSz + issuerKeySz + snSz;
+
+    for (i = 4; i >= 0; i--) {
+        seqSz[i] = SetSequence(totalSz, seqArray[i]);
+        totalSz += seqSz[i];
+        if (i == 2) totalSz += extSz;
+    }
+    totalSz = 0;
+    for (i = 0; i < 5; i++) {
+        XMEMCPY(output + totalSz, seqArray[i], seqSz[i]);
+        totalSz += seqSz[i];
+    }
+    XMEMCPY(output + totalSz, algoArray, algoSz);
+    totalSz += algoSz;
+    XMEMCPY(output + totalSz, issuerArray, issuerSz);
+    totalSz += issuerSz;
+    XMEMCPY(output + totalSz, issuerKeyArray, issuerKeySz);
+    totalSz += issuerKeySz;
+    XMEMCPY(output + totalSz, snArray, snSz);
+    totalSz += snSz;
+    if (extSz != 0) {
+        XMEMCPY(output + totalSz, extArray, extSz);
+        totalSz += extSz;
+    }
+
+    return totalSz;
+}
+
+
+void InitOcspRequest(OcspRequest* req, DecodedCert* cert, byte useNonce,
+                                                    byte* dest, word32 destSz)
+{
+    WOLFSSL_ENTER("InitOcspRequest");
+
+    req->cert = cert;
+    req->useNonce = useNonce;
+    req->nonceSz = 0;
+    req->issuerHash = NULL;
+    req->issuerKeyHash = NULL;
+    req->serial = NULL;
+    req->dest = dest;
+    req->destSz = destSz;
+}
+
+
+int CompareOcspReqResp(OcspRequest* req, OcspResponse* resp)
+{
+    int cmp;
+
+    WOLFSSL_ENTER("CompareOcspReqResp");
+
+    if (req == NULL)
+    {
+        WOLFSSL_MSG("\tReq missing");
+        return -1;
+    }
+
+    if (resp == NULL)
+    {
+        WOLFSSL_MSG("\tResp missing");
+        return 1;
+    }
+
+    /* Nonces are not critical. The responder may not necessarily add
+     * the nonce to the response. */
+    if (req->useNonce && resp->nonceSz != 0) {
+        cmp = req->nonceSz - resp->nonceSz;
+        if (cmp != 0)
+        {
+            WOLFSSL_MSG("\tnonceSz mismatch");
+            return cmp;
+        }
+    
+        cmp = XMEMCMP(req->nonce, resp->nonce, req->nonceSz);
+        if (cmp != 0)
+        {
+            WOLFSSL_MSG("\tnonce mismatch");
+            return cmp;
+        }
+    }
+
+    cmp = XMEMCMP(req->issuerHash, resp->issuerHash, SHA_DIGEST_SIZE);
+    if (cmp != 0)
+    {
+        WOLFSSL_MSG("\tissuerHash mismatch");
+        return cmp;
+    }
+
+    cmp = XMEMCMP(req->issuerKeyHash, resp->issuerKeyHash, SHA_DIGEST_SIZE);
+    if (cmp != 0)
+    {
+        WOLFSSL_MSG("\tissuerKeyHash mismatch");
+        return cmp;
+    }
+
+    cmp = req->serialSz - resp->status->serialSz;
+    if (cmp != 0)
+    {
+        WOLFSSL_MSG("\tserialSz mismatch");
+        return cmp;
+    }
+
+    cmp = XMEMCMP(req->serial, resp->status->serial, req->serialSz);
+    if (cmp != 0)
+    {
+        WOLFSSL_MSG("\tserial mismatch");
+        return cmp;
+    }
+
+    return 0;
+}
+
+#endif
+
+
+/* store SHA1 hash of NAME */
+WOLFSSL_LOCAL int GetNameHash(const byte* source, word32* idx, byte* hash,
+                             int maxIdx)
+{
+    Sha    sha;
+    int    length;  /* length of all distinguished names */
+    int    ret = 0;
+    word32 dummy;
+
+    WOLFSSL_ENTER("GetNameHash");
+
+    if (source[*idx] == ASN_OBJECT_ID) {
+        WOLFSSL_MSG("Trying optional prefix...");
+
+        if (GetLength(source, idx, &length, maxIdx) < 0)
+            return ASN_PARSE_E;
+
+        *idx += length;
+        WOLFSSL_MSG("Got optional prefix");
+    }
+
+    /* For OCSP, RFC2560 section 4.1.1 states the issuer hash should be
+     * calculated over the entire DER encoding of the Name field, including
+     * the tag and length. */
+    dummy = *idx;
+    if (GetSequence(source, idx, &length, maxIdx) < 0)
+        return ASN_PARSE_E;
+
+    ret = wc_InitSha(&sha);
+    if (ret != 0)
+        return ret;
+    wc_ShaUpdate(&sha, source + dummy, length + *idx - dummy);
+    wc_ShaFinal(&sha, hash);
+
+    *idx += length;
+
+    return 0;
+}
+
+
+#ifdef HAVE_CRL
+
+/* initialize decoded CRL */
+void InitDecodedCRL(DecodedCRL* dcrl)
+{
+    WOLFSSL_MSG("InitDecodedCRL");
+
+    dcrl->certBegin    = 0;
+    dcrl->sigIndex     = 0;
+    dcrl->sigLength    = 0;
+    dcrl->signatureOID = 0;
+    dcrl->certs        = NULL;
+    dcrl->totalCerts   = 0;
+}
+
+
+/* free decoded CRL resources */
+void FreeDecodedCRL(DecodedCRL* dcrl)
+{
+    RevokedCert* tmp = dcrl->certs;
+
+    WOLFSSL_MSG("FreeDecodedCRL");
+
+    while(tmp) {
+        RevokedCert* next = tmp->next;
+        XFREE(tmp, NULL, DYNAMIC_TYPE_REVOKED);
+        tmp = next;
+    }
+}
+
+
+/* Get Revoked Cert list, 0 on success */
+static int GetRevoked(const byte* buff, word32* idx, DecodedCRL* dcrl,
+                      int maxIdx)
+{
+    int    len;
+    word32 end;
+    byte   b;
+    RevokedCert* rc;
+
+    WOLFSSL_ENTER("GetRevoked");
+
+    if (GetSequence(buff, idx, &len, maxIdx) < 0)
+        return ASN_PARSE_E;
+
+    end = *idx + len;
+
+    /* get serial number */
+    b = buff[*idx];
+    *idx += 1;
+
+    if (b != ASN_INTEGER) {
+        WOLFSSL_MSG("Expecting Integer");
+        return ASN_PARSE_E;
+    }
+
+    if (GetLength(buff, idx, &len, maxIdx) < 0)
+        return ASN_PARSE_E;
+
+    if (len > EXTERNAL_SERIAL_SIZE) {
+        WOLFSSL_MSG("Serial Size too big");
+        return ASN_PARSE_E;
+    }
+
+    rc = (RevokedCert*)XMALLOC(sizeof(RevokedCert), NULL, DYNAMIC_TYPE_CRL);
+    if (rc == NULL) {
+        WOLFSSL_MSG("Alloc Revoked Cert failed");
+        return MEMORY_E;
+    }
+
+    XMEMCPY(rc->serialNumber, &buff[*idx], len);
+    rc->serialSz = len;
+
+    /* add to list */
+    rc->next = dcrl->certs;
+    dcrl->certs = rc;
+    dcrl->totalCerts++;
+
+    *idx += len;
+
+    /* get date */
+    b = buff[*idx];
+    *idx += 1;
+
+    if (b != ASN_UTC_TIME && b != ASN_GENERALIZED_TIME) {
+        WOLFSSL_MSG("Expecting Date");
+        return ASN_PARSE_E;
+    }
+
+    if (GetLength(buff, idx, &len, maxIdx) < 0)
+        return ASN_PARSE_E;
+
+    /* skip for now */
+    *idx += len;
+
+    if (*idx != end)  /* skip extensions */
+        *idx = end;
+
+    return 0;
+}
+
+
+/* Get CRL Signature, 0 on success */
+static int GetCRL_Signature(const byte* source, word32* idx, DecodedCRL* dcrl,
+                            int maxIdx)
+{
+    int    length;
+    byte   b;
+
+    WOLFSSL_ENTER("GetCRL_Signature");
+
+    b = source[*idx];
+    *idx += 1;
+    if (b != ASN_BIT_STRING)
+        return ASN_BITSTR_E;
+
+    if (GetLength(source, idx, &length, maxIdx) < 0)
+        return ASN_PARSE_E;
+
+    dcrl->sigLength = length;
+
+    b = source[*idx];
+    *idx += 1;
+    if (b != 0x00)
+        return ASN_EXPECT_0_E;
+
+    dcrl->sigLength--;
+    dcrl->signature = (byte*)&source[*idx];
+
+    *idx += dcrl->sigLength;
+
+    return 0;
+}
+
+
+/* prase crl buffer into decoded state, 0 on success */
+int ParseCRL(DecodedCRL* dcrl, const byte* buff, word32 sz, void* cm)
+{
+    int     version, len;
+    word32  oid, idx = 0;
+    Signer* ca = NULL;
+
+    WOLFSSL_MSG("ParseCRL");
+
+    /* raw crl hash */
+    /* hash here if needed for optimized comparisons
+     * Sha     sha;
+     * wc_InitSha(&sha);
+     * wc_ShaUpdate(&sha, buff, sz);
+     * wc_ShaFinal(&sha, dcrl->crlHash); */
+
+    if (GetSequence(buff, &idx, &len, sz) < 0)
+        return ASN_PARSE_E;
+
+    dcrl->certBegin = idx;
+
+    if (GetSequence(buff, &idx, &len, sz) < 0)
+        return ASN_PARSE_E;
+    dcrl->sigIndex = len + idx;
+
+    /* may have version */
+    if (buff[idx] == ASN_INTEGER) {
+        if (GetMyVersion(buff, &idx, &version) < 0)
+            return ASN_PARSE_E;
+    }
+
+    if (GetAlgoId(buff, &idx, &oid, sz) < 0)
+        return ASN_PARSE_E;
+
+    if (GetNameHash(buff, &idx, dcrl->issuerHash, sz) < 0)
+        return ASN_PARSE_E;
+
+    if (GetBasicDate(buff, &idx, dcrl->lastDate, &dcrl->lastDateFormat, sz) < 0)
+        return ASN_PARSE_E;
+
+    if (GetBasicDate(buff, &idx, dcrl->nextDate, &dcrl->nextDateFormat, sz) < 0)
+        return ASN_PARSE_E;
+
+    if (!XVALIDATE_DATE(dcrl->nextDate, dcrl->nextDateFormat, AFTER)) {
+        WOLFSSL_MSG("CRL after date is no longer valid");
+        return ASN_AFTER_DATE_E;
+    }
+
+    if (idx != dcrl->sigIndex && buff[idx] != CRL_EXTENSIONS) {
+        if (GetSequence(buff, &idx, &len, sz) < 0)
+            return ASN_PARSE_E;
+
+        len += idx;
+
+        while (idx < (word32)len) {
+            if (GetRevoked(buff, &idx, dcrl, sz) < 0)
+                return ASN_PARSE_E;
+        }
+    }
+
+    if (idx != dcrl->sigIndex)
+        idx = dcrl->sigIndex;   /* skip extensions */
+
+    if (GetAlgoId(buff, &idx, &dcrl->signatureOID, sz) < 0)
+        return ASN_PARSE_E;
+
+    if (GetCRL_Signature(buff, &idx, dcrl, sz) < 0)
+        return ASN_PARSE_E;
+
+    /* openssl doesn't add skid by default for CRLs cause firefox chokes
+       we're not assuming it's available yet */
+    #if !defined(NO_SKID) && defined(CRL_SKID_READY)
+        if (dcrl->extAuthKeyIdSet)
+            ca = GetCA(cm, dcrl->extAuthKeyId);
+        if (ca == NULL)
+            ca = GetCAByName(cm, dcrl->issuerHash);
+    #else /* NO_SKID */
+        ca = GetCA(cm, dcrl->issuerHash);
+    #endif /* NO_SKID */
+    WOLFSSL_MSG("About to verify CRL signature");
+
+    if (ca) {
+        WOLFSSL_MSG("Found CRL issuer CA");
+        /* try to confirm/verify signature */
+        #ifndef IGNORE_KEY_EXTENSIONS
+            if ((ca->keyUsage & KEYUSE_CRL_SIGN) == 0) {
+                WOLFSSL_MSG("CA cannot sign CRLs");
+                return ASN_CRL_NO_SIGNER_E;
+            }
+        #endif /* IGNORE_KEY_EXTENSIONS */
+        if (!ConfirmSignature(buff + dcrl->certBegin,
+                dcrl->sigIndex - dcrl->certBegin,
+                ca->publicKey, ca->pubKeySize, ca->keyOID,
+                dcrl->signature, dcrl->sigLength, dcrl->signatureOID, NULL)) {
+            WOLFSSL_MSG("CRL Confirm signature failed");
+            return ASN_CRL_CONFIRM_E;
+        }
+    }
+    else {
+        WOLFSSL_MSG("Did NOT find CRL issuer CA");
+        return ASN_CRL_NO_SIGNER_E;
+    }
+
+    return 0;
+}
+
+#endif /* HAVE_CRL */
+#endif
+
+#ifdef WOLFSSL_SEP
+
+
+
+#endif /* WOLFSSL_SEP */
+
diff --git a/3P/wolfssl/wolfcrypt/src/blake2b.c b/3P/wolfssl/wolfcrypt/src/blake2b.c
new file mode 100644
index 00000000..6ae5afd2
--- /dev/null
+++ b/3P/wolfssl/wolfcrypt/src/blake2b.c
@@ -0,0 +1,433 @@
+/*
+   BLAKE2 reference source code package - reference C implementations
+
+   Written in 2012 by Samuel Neves 
+
+   To the extent possible under law, the author(s) have dedicated all copyright
+   and related and neighboring rights to this software to the public domain
+   worldwide. This software is distributed without any warranty.
+
+   You should have received a copy of the CC0 Public Domain Dedication along with
+   this software. If not, see .
+*/
+/* blake2b.c
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#ifdef HAVE_CONFIG_H
+    #include 
+#endif
+
+#include 
+
+#ifdef HAVE_BLAKE2
+
+#include 
+#include 
+
+
+static const word64 blake2b_IV[8] =
+{
+  0x6a09e667f3bcc908ULL, 0xbb67ae8584caa73bULL,
+  0x3c6ef372fe94f82bULL, 0xa54ff53a5f1d36f1ULL,
+  0x510e527fade682d1ULL, 0x9b05688c2b3e6c1fULL,
+  0x1f83d9abfb41bd6bULL, 0x5be0cd19137e2179ULL
+};
+
+static const byte blake2b_sigma[12][16] =
+{
+  {  0,  1,  2,  3,  4,  5,  6,  7,  8,  9, 10, 11, 12, 13, 14, 15 } ,
+  { 14, 10,  4,  8,  9, 15, 13,  6,  1, 12,  0,  2, 11,  7,  5,  3 } ,
+  { 11,  8, 12,  0,  5,  2, 15, 13, 10, 14,  3,  6,  7,  1,  9,  4 } ,
+  {  7,  9,  3,  1, 13, 12, 11, 14,  2,  6,  5, 10,  4,  0, 15,  8 } ,
+  {  9,  0,  5,  7,  2,  4, 10, 15, 14,  1, 11, 12,  6,  8,  3, 13 } ,
+  {  2, 12,  6, 10,  0, 11,  8,  3,  4, 13,  7,  5, 15, 14,  1,  9 } ,
+  { 12,  5,  1, 15, 14, 13,  4, 10,  0,  7,  6,  3,  9,  2,  8, 11 } ,
+  { 13, 11,  7, 14, 12,  1,  3,  9,  5,  0, 15,  4,  8,  6,  2, 10 } ,
+  {  6, 15, 14,  9, 11,  3,  0,  8, 12,  2, 13,  7,  1,  4, 10,  5 } ,
+  { 10,  2,  8,  4,  7,  6,  1,  5, 15, 11,  9, 14,  3, 12, 13 , 0 } ,
+  {  0,  1,  2,  3,  4,  5,  6,  7,  8,  9, 10, 11, 12, 13, 14, 15 } ,
+  { 14, 10,  4,  8,  9, 15, 13,  6,  1, 12,  0,  2, 11,  7,  5,  3 }
+};
+
+
+static INLINE int blake2b_set_lastnode( blake2b_state *S )
+{
+  S->f[1] = ~0ULL;
+  return 0;
+}
+
+/* Some helper functions, not necessarily useful */
+static INLINE int blake2b_set_lastblock( blake2b_state *S )
+{
+  if( S->last_node ) blake2b_set_lastnode( S );
+
+  S->f[0] = ~0ULL;
+  return 0;
+}
+
+static INLINE int blake2b_increment_counter( blake2b_state *S, const word64
+                                             inc )
+{
+  S->t[0] += inc;
+  S->t[1] += ( S->t[0] < inc );
+  return 0;
+}
+
+static INLINE int blake2b_init0( blake2b_state *S )
+{
+  int i;
+  XMEMSET( S, 0, sizeof( blake2b_state ) );
+
+  for( i = 0; i < 8; ++i ) S->h[i] = blake2b_IV[i];
+
+  return 0;
+}
+
+/* init xors IV with input parameter block */
+int blake2b_init_param( blake2b_state *S, const blake2b_param *P )
+{
+  word32 i;
+  blake2b_init0( S );
+  byte *p = ( byte * )( P );
+
+  /* IV XOR ParamBlock */
+  for( i = 0; i < 8; ++i )
+    S->h[i] ^= load64( p + sizeof( S->h[i] ) * i );
+
+  return 0;
+}
+
+
+
+int blake2b_init( blake2b_state *S, const byte outlen )
+{
+  blake2b_param P[1];
+
+  if ( ( !outlen ) || ( outlen > BLAKE2B_OUTBYTES ) ) return -1;
+
+  P->digest_length = outlen;
+  P->key_length    = 0;
+  P->fanout        = 1;
+  P->depth         = 1;
+  store32( &P->leaf_length, 0 );
+  store64( &P->node_offset, 0 );
+  P->node_depth    = 0;
+  P->inner_length  = 0;
+  XMEMSET( P->reserved, 0, sizeof( P->reserved ) );
+  XMEMSET( P->salt,     0, sizeof( P->salt ) );
+  XMEMSET( P->personal, 0, sizeof( P->personal ) );
+  return blake2b_init_param( S, P );
+}
+
+
+int blake2b_init_key( blake2b_state *S, const byte outlen, const void *key,
+                      const byte keylen )
+{
+  blake2b_param P[1];
+
+  if ( ( !outlen ) || ( outlen > BLAKE2B_OUTBYTES ) ) return -1;
+
+  if ( !key || !keylen || keylen > BLAKE2B_KEYBYTES ) return -1;
+
+  P->digest_length = outlen;
+  P->key_length    = keylen;
+  P->fanout        = 1;
+  P->depth         = 1;
+  store32( &P->leaf_length, 0 );
+  store64( &P->node_offset, 0 );
+  P->node_depth    = 0;
+  P->inner_length  = 0;
+  XMEMSET( P->reserved, 0, sizeof( P->reserved ) );
+  XMEMSET( P->salt,     0, sizeof( P->salt ) );
+  XMEMSET( P->personal, 0, sizeof( P->personal ) );
+
+  if( blake2b_init_param( S, P ) < 0 ) return -1;
+
+  {
+#ifdef WOLFSSL_SMALL_STACK
+    byte* block;
+
+    block = (byte*)XMALLOC(BLAKE2B_BLOCKBYTES, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+
+    if ( block == NULL ) return -1;
+#else
+    byte block[BLAKE2B_BLOCKBYTES];
+#endif
+
+    XMEMSET( block, 0, BLAKE2B_BLOCKBYTES );
+    XMEMCPY( block, key, keylen );
+    blake2b_update( S, block, BLAKE2B_BLOCKBYTES );
+    secure_zero_memory( block, BLAKE2B_BLOCKBYTES ); /* Burn the key from */
+                                                     /* memory */
+
+#ifdef WOLFSSL_SMALL_STACK
+    XFREE(block, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+  }
+  return 0;
+}
+
+static int blake2b_compress( blake2b_state *S,
+                             const byte block[BLAKE2B_BLOCKBYTES] )
+{
+  int i;
+
+#ifdef WOLFSSL_SMALL_STACK
+  word64* m;
+  word64* v;
+
+  m = (word64*)XMALLOC(sizeof(word64) * 16, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+
+  if ( m == NULL ) return -1;
+
+  v = (word64*)XMALLOC(sizeof(word64) * 16, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+
+  if ( v == NULL )
+  {
+    XFREE(m, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    return -1;
+  }
+#else
+  word64 m[16];
+  word64 v[16];
+#endif
+
+  for( i = 0; i < 16; ++i )
+    m[i] = load64( block + i * sizeof( m[i] ) );
+
+  for( i = 0; i < 8; ++i )
+    v[i] = S->h[i];
+
+  v[ 8] = blake2b_IV[0];
+  v[ 9] = blake2b_IV[1];
+  v[10] = blake2b_IV[2];
+  v[11] = blake2b_IV[3];
+  v[12] = S->t[0] ^ blake2b_IV[4];
+  v[13] = S->t[1] ^ blake2b_IV[5];
+  v[14] = S->f[0] ^ blake2b_IV[6];
+  v[15] = S->f[1] ^ blake2b_IV[7];
+#define G(r,i,a,b,c,d) \
+  do { \
+    a = a + b + m[blake2b_sigma[r][2*i+0]]; \
+    d = rotr64(d ^ a, 32); \
+    c = c + d; \
+    b = rotr64(b ^ c, 24); \
+    a = a + b + m[blake2b_sigma[r][2*i+1]]; \
+    d = rotr64(d ^ a, 16); \
+    c = c + d; \
+    b = rotr64(b ^ c, 63); \
+  } while(0)
+#define ROUND(r)  \
+  do { \
+    G(r,0,v[ 0],v[ 4],v[ 8],v[12]); \
+    G(r,1,v[ 1],v[ 5],v[ 9],v[13]); \
+    G(r,2,v[ 2],v[ 6],v[10],v[14]); \
+    G(r,3,v[ 3],v[ 7],v[11],v[15]); \
+    G(r,4,v[ 0],v[ 5],v[10],v[15]); \
+    G(r,5,v[ 1],v[ 6],v[11],v[12]); \
+    G(r,6,v[ 2],v[ 7],v[ 8],v[13]); \
+    G(r,7,v[ 3],v[ 4],v[ 9],v[14]); \
+  } while(0)
+  ROUND( 0 );
+  ROUND( 1 );
+  ROUND( 2 );
+  ROUND( 3 );
+  ROUND( 4 );
+  ROUND( 5 );
+  ROUND( 6 );
+  ROUND( 7 );
+  ROUND( 8 );
+  ROUND( 9 );
+  ROUND( 10 );
+  ROUND( 11 );
+
+  for( i = 0; i < 8; ++i )
+    S->h[i] = S->h[i] ^ v[i] ^ v[i + 8];
+
+#undef G
+#undef ROUND
+
+#ifdef WOLFSSL_SMALL_STACK
+  XFREE(m, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+  XFREE(v, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+
+  return 0;
+}
+
+/* inlen now in bytes */
+int blake2b_update( blake2b_state *S, const byte *in, word64 inlen )
+{
+  while( inlen > 0 )
+  {
+    word64 left = S->buflen;
+    word64 fill = 2 * BLAKE2B_BLOCKBYTES - left;
+
+    if( inlen > fill )
+    {
+      XMEMCPY( S->buf + left, in, (wolfssl_word)fill ); /* Fill buffer */
+      S->buflen += fill;
+      blake2b_increment_counter( S, BLAKE2B_BLOCKBYTES );
+
+      if ( blake2b_compress( S, S->buf ) < 0 ) return -1; /* Compress */
+
+      XMEMCPY( S->buf, S->buf + BLAKE2B_BLOCKBYTES, BLAKE2B_BLOCKBYTES );
+              /* Shift buffer left */
+      S->buflen -= BLAKE2B_BLOCKBYTES;
+      in += fill;
+      inlen -= fill;
+    }
+    else /* inlen <= fill */
+    {
+      XMEMCPY( S->buf + left, in, (wolfssl_word)inlen );
+      S->buflen += inlen; /* Be lazy, do not compress */
+      in += inlen;
+      inlen -= inlen;
+    }
+  }
+
+  return 0;
+}
+
+/* Is this correct? */
+int blake2b_final( blake2b_state *S, byte *out, byte outlen )
+{
+  byte buffer[BLAKE2B_OUTBYTES];
+  int     i;
+
+  if( S->buflen > BLAKE2B_BLOCKBYTES )
+  {
+    blake2b_increment_counter( S, BLAKE2B_BLOCKBYTES );
+
+    if ( blake2b_compress( S, S->buf ) < 0 ) return -1;
+
+    S->buflen -= BLAKE2B_BLOCKBYTES;
+    XMEMCPY( S->buf, S->buf + BLAKE2B_BLOCKBYTES, (wolfssl_word)S->buflen );
+  }
+
+  blake2b_increment_counter( S, S->buflen );
+  blake2b_set_lastblock( S );
+  XMEMSET( S->buf + S->buflen, 0, (wolfssl_word)(2 * BLAKE2B_BLOCKBYTES - S->buflen) );
+         /* Padding */
+  if ( blake2b_compress( S, S->buf ) < 0 ) return -1;
+
+  for( i = 0; i < 8; ++i ) /* Output full hash to temp buffer */
+    store64( buffer + sizeof( S->h[i] ) * i, S->h[i] );
+
+  XMEMCPY( out, buffer, outlen );
+  return 0;
+}
+
+/* inlen, at least, should be word64. Others can be size_t. */
+int blake2b( byte *out, const void *in, const void *key, const byte outlen,
+             const word64 inlen, byte keylen )
+{
+  blake2b_state S[1];
+
+  /* Verify parameters */
+  if ( NULL == in ) return -1;
+
+  if ( NULL == out ) return -1;
+
+  if( NULL == key ) keylen = 0;
+
+  if( keylen > 0 )
+  {
+    if( blake2b_init_key( S, outlen, key, keylen ) < 0 ) return -1;
+  }
+  else
+  {
+    if( blake2b_init( S, outlen ) < 0 ) return -1;
+  }
+
+  if ( blake2b_update( S, ( byte * )in, inlen ) < 0) return -1;
+
+  return blake2b_final( S, out, outlen );
+}
+
+#if defined(BLAKE2B_SELFTEST)
+#include 
+#include "blake2-kat.h"
+int main( int argc, char **argv )
+{
+  byte key[BLAKE2B_KEYBYTES];
+  byte buf[KAT_LENGTH];
+
+  for( word32 i = 0; i < BLAKE2B_KEYBYTES; ++i )
+    key[i] = ( byte )i;
+
+  for( word32 i = 0; i < KAT_LENGTH; ++i )
+    buf[i] = ( byte )i;
+
+  for( word32 i = 0; i < KAT_LENGTH; ++i )
+  {
+    byte hash[BLAKE2B_OUTBYTES];
+    if ( blake2b( hash, buf, key, BLAKE2B_OUTBYTES, i, BLAKE2B_KEYBYTES ) < 0 )
+    {
+      puts( "error" );
+      return -1;
+    }
+
+    if( 0 != memcmp( hash, blake2b_keyed_kat[i], BLAKE2B_OUTBYTES ) )
+    {
+      puts( "error" );
+      return -1;
+    }
+  }
+
+  puts( "ok" );
+  return 0;
+}
+#endif
+
+
+/* wolfCrypt API */
+
+/* Init Blake2b digest, track size incase final doesn't want to "remember" */
+int wc_InitBlake2b(Blake2b* b2b, word32 digestSz)
+{
+    b2b->digestSz = digestSz;
+
+    return blake2b_init(b2b->S, (byte)digestSz);
+}
+
+
+/* Blake2b Update */
+int wc_Blake2bUpdate(Blake2b* b2b, const byte* data, word32 sz)
+{
+    return blake2b_update(b2b->S, data, sz);
+}
+
+
+/* Blake2b Final, if pass in zero size we use init digestSz */
+int wc_Blake2bFinal(Blake2b* b2b, byte* final, word32 requestSz)
+{
+    word32 sz = requestSz ? requestSz : b2b->digestSz;
+
+    return blake2b_final(b2b->S, final, (byte)sz);
+}
+
+
+/* end CTaoCrypt API */
+
+#endif  /* HAVE_BLAKE2 */
+
diff --git a/3P/wolfssl/wolfcrypt/src/camellia.c b/3P/wolfssl/wolfcrypt/src/camellia.c
new file mode 100644
index 00000000..071019c6
--- /dev/null
+++ b/3P/wolfssl/wolfcrypt/src/camellia.c
@@ -0,0 +1,1620 @@
+/* camellia.c ver 1.2.0
+ *
+ * Copyright (c) 2006,2007
+ * NTT (Nippon Telegraph and Telephone Corporation) . All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *   notice, this list of conditions and the following disclaimer as
+ *   the first lines of this file unmodified.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *   notice, this list of conditions and the following disclaimer in the
+ *   documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY NTT ``AS IS'' AND ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+ * IN NO EVENT SHALL NTT BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/* camellia.c
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+/*
+ * Algorithm Specification 
+ *  http://info.isl.ntt.co.jp/crypt/eng/camellia/specifications.html
+ */
+
+
+#ifdef HAVE_CONFIG_H
+    #include 
+#endif
+
+#include 
+
+#ifdef HAVE_CAMELLIA
+
+#include 
+#include 
+#include 
+#ifdef NO_INLINE
+    #include 
+#else
+    #include 
+#endif
+
+/* u32 must be 32bit word */
+typedef unsigned int u32;
+typedef unsigned char u8;
+
+/* key constants */
+
+#define CAMELLIA_SIGMA1L ((u32)0xA09E667FL)
+#define CAMELLIA_SIGMA1R ((u32)0x3BCC908BL)
+#define CAMELLIA_SIGMA2L ((u32)0xB67AE858L)
+#define CAMELLIA_SIGMA2R ((u32)0x4CAA73B2L)
+#define CAMELLIA_SIGMA3L ((u32)0xC6EF372FL)
+#define CAMELLIA_SIGMA3R ((u32)0xE94F82BEL)
+#define CAMELLIA_SIGMA4L ((u32)0x54FF53A5L)
+#define CAMELLIA_SIGMA4R ((u32)0xF1D36F1CL)
+#define CAMELLIA_SIGMA5L ((u32)0x10E527FAL)
+#define CAMELLIA_SIGMA5R ((u32)0xDE682D1DL)
+#define CAMELLIA_SIGMA6L ((u32)0xB05688C2L)
+#define CAMELLIA_SIGMA6R ((u32)0xB3E6C1FDL)
+
+/*
+ *  macros
+ */
+
+
+#if defined(_MSC_VER)
+
+# define SWAP(x) (_lrotl(x, 8) & 0x00ff00ff | _lrotr(x, 8) & 0xff00ff00)
+# define GETU32(p) SWAP(*((u32 *)(p)))
+# define PUTU32(ct, st) {*((u32 *)(ct)) = SWAP((st));}
+
+#else /* not MS-VC */
+
+# define GETU32(pt)				\
+    (((u32)(pt)[0] << 24)			\
+     ^ ((u32)(pt)[1] << 16)			\
+     ^ ((u32)(pt)[2] <<  8)			\
+     ^ ((u32)(pt)[3]))
+
+# define PUTU32(ct, st)  {			\
+	(ct)[0] = (u8)((st) >> 24);		\
+	(ct)[1] = (u8)((st) >> 16);		\
+	(ct)[2] = (u8)((st) >>  8);		\
+	(ct)[3] = (u8)(st); }
+
+#endif
+
+#define CamelliaSubkeyL(INDEX) (subkey[(INDEX)*2])
+#define CamelliaSubkeyR(INDEX) (subkey[(INDEX)*2 + 1])
+
+/* rotation right shift 1byte */
+#define CAMELLIA_RR8(x) (((x) >> 8) + ((x) << 24))
+/* rotation left shift 1bit */
+#define CAMELLIA_RL1(x) (((x) << 1) + ((x) >> 31))
+/* rotation left shift 1byte */
+#define CAMELLIA_RL8(x) (((x) << 8) + ((x) >> 24))
+
+#define CAMELLIA_ROLDQ(ll, lr, rl, rr, w0, w1, bits)	\
+    do {						\
+	w0 = ll;					\
+	ll = (ll << bits) + (lr >> (32 - bits));	\
+	lr = (lr << bits) + (rl >> (32 - bits));	\
+	rl = (rl << bits) + (rr >> (32 - bits));	\
+	rr = (rr << bits) + (w0 >> (32 - bits));	\
+    } while(0)
+
+#define CAMELLIA_ROLDQo32(ll, lr, rl, rr, w0, w1, bits)	\
+    do {						\
+	w0 = ll;					\
+	w1 = lr;					\
+	ll = (lr << (bits - 32)) + (rl >> (64 - bits));	\
+	lr = (rl << (bits - 32)) + (rr >> (64 - bits));	\
+	rl = (rr << (bits - 32)) + (w0 >> (64 - bits));	\
+	rr = (w0 << (bits - 32)) + (w1 >> (64 - bits));	\
+    } while(0)
+
+#define CAMELLIA_SP1110(INDEX) (camellia_sp1110[(INDEX)])
+#define CAMELLIA_SP0222(INDEX) (camellia_sp0222[(INDEX)])
+#define CAMELLIA_SP3033(INDEX) (camellia_sp3033[(INDEX)])
+#define CAMELLIA_SP4404(INDEX) (camellia_sp4404[(INDEX)])
+
+#define CAMELLIA_F(xl, xr, kl, kr, yl, yr, il, ir, t0, t1)	\
+    do {							\
+	il = xl ^ kl;						\
+	ir = xr ^ kr;						\
+	t0 = il >> 16;						\
+	t1 = ir >> 16;						\
+	yl = CAMELLIA_SP1110(ir & 0xff)				\
+	    ^ CAMELLIA_SP0222((t1 >> 8) & 0xff)			\
+	    ^ CAMELLIA_SP3033(t1 & 0xff)			\
+	    ^ CAMELLIA_SP4404((ir >> 8) & 0xff);		\
+	yr = CAMELLIA_SP1110((t0 >> 8) & 0xff)			\
+	    ^ CAMELLIA_SP0222(t0 & 0xff)			\
+	    ^ CAMELLIA_SP3033((il >> 8) & 0xff)			\
+	    ^ CAMELLIA_SP4404(il & 0xff);			\
+	yl ^= yr;						\
+	yr = CAMELLIA_RR8(yr);					\
+	yr ^= yl;						\
+    } while(0)
+
+
+/*
+ * for speed up
+ *
+ */
+#define CAMELLIA_FLS(ll, lr, rl, rr, kll, klr, krl, krr, t0, t1, t2, t3) \
+    do {								\
+	t0 = kll;							\
+	t0 &= ll;							\
+	lr ^= CAMELLIA_RL1(t0);						\
+	t1 = klr;							\
+	t1 |= lr;							\
+	ll ^= t1;							\
+									\
+	t2 = krr;							\
+	t2 |= rr;							\
+	rl ^= t2;							\
+	t3 = krl;							\
+	t3 &= rl;							\
+	rr ^= CAMELLIA_RL1(t3);						\
+    } while(0)
+
+#define CAMELLIA_ROUNDSM(xl, xr, kl, kr, yl, yr, il, ir, t0, t1)	\
+    do {								\
+	ir = CAMELLIA_SP1110(xr & 0xff)					\
+	    ^ CAMELLIA_SP0222((xr >> 24) & 0xff)			\
+	    ^ CAMELLIA_SP3033((xr >> 16) & 0xff)			\
+	    ^ CAMELLIA_SP4404((xr >> 8) & 0xff);			\
+	il = CAMELLIA_SP1110((xl >> 24) & 0xff)				\
+	    ^ CAMELLIA_SP0222((xl >> 16) & 0xff)			\
+	    ^ CAMELLIA_SP3033((xl >> 8) & 0xff)				\
+	    ^ CAMELLIA_SP4404(xl & 0xff);				\
+	il ^= kl;							\
+	ir ^= kr;							\
+	ir ^= il;							\
+	il = CAMELLIA_RR8(il);						\
+	il ^= ir;							\
+	yl ^= ir;							\
+	yr ^= il;							\
+    } while(0)
+
+
+static const u32 camellia_sp1110[256] = {
+    0x70707000,0x82828200,0x2c2c2c00,0xececec00,
+    0xb3b3b300,0x27272700,0xc0c0c000,0xe5e5e500,
+    0xe4e4e400,0x85858500,0x57575700,0x35353500,
+    0xeaeaea00,0x0c0c0c00,0xaeaeae00,0x41414100,
+    0x23232300,0xefefef00,0x6b6b6b00,0x93939300,
+    0x45454500,0x19191900,0xa5a5a500,0x21212100,
+    0xededed00,0x0e0e0e00,0x4f4f4f00,0x4e4e4e00,
+    0x1d1d1d00,0x65656500,0x92929200,0xbdbdbd00,
+    0x86868600,0xb8b8b800,0xafafaf00,0x8f8f8f00,
+    0x7c7c7c00,0xebebeb00,0x1f1f1f00,0xcecece00,
+    0x3e3e3e00,0x30303000,0xdcdcdc00,0x5f5f5f00,
+    0x5e5e5e00,0xc5c5c500,0x0b0b0b00,0x1a1a1a00,
+    0xa6a6a600,0xe1e1e100,0x39393900,0xcacaca00,
+    0xd5d5d500,0x47474700,0x5d5d5d00,0x3d3d3d00,
+    0xd9d9d900,0x01010100,0x5a5a5a00,0xd6d6d600,
+    0x51515100,0x56565600,0x6c6c6c00,0x4d4d4d00,
+    0x8b8b8b00,0x0d0d0d00,0x9a9a9a00,0x66666600,
+    0xfbfbfb00,0xcccccc00,0xb0b0b000,0x2d2d2d00,
+    0x74747400,0x12121200,0x2b2b2b00,0x20202000,
+    0xf0f0f000,0xb1b1b100,0x84848400,0x99999900,
+    0xdfdfdf00,0x4c4c4c00,0xcbcbcb00,0xc2c2c200,
+    0x34343400,0x7e7e7e00,0x76767600,0x05050500,
+    0x6d6d6d00,0xb7b7b700,0xa9a9a900,0x31313100,
+    0xd1d1d100,0x17171700,0x04040400,0xd7d7d700,
+    0x14141400,0x58585800,0x3a3a3a00,0x61616100,
+    0xdedede00,0x1b1b1b00,0x11111100,0x1c1c1c00,
+    0x32323200,0x0f0f0f00,0x9c9c9c00,0x16161600,
+    0x53535300,0x18181800,0xf2f2f200,0x22222200,
+    0xfefefe00,0x44444400,0xcfcfcf00,0xb2b2b200,
+    0xc3c3c300,0xb5b5b500,0x7a7a7a00,0x91919100,
+    0x24242400,0x08080800,0xe8e8e800,0xa8a8a800,
+    0x60606000,0xfcfcfc00,0x69696900,0x50505000,
+    0xaaaaaa00,0xd0d0d000,0xa0a0a000,0x7d7d7d00,
+    0xa1a1a100,0x89898900,0x62626200,0x97979700,
+    0x54545400,0x5b5b5b00,0x1e1e1e00,0x95959500,
+    0xe0e0e000,0xffffff00,0x64646400,0xd2d2d200,
+    0x10101000,0xc4c4c400,0x00000000,0x48484800,
+    0xa3a3a300,0xf7f7f700,0x75757500,0xdbdbdb00,
+    0x8a8a8a00,0x03030300,0xe6e6e600,0xdadada00,
+    0x09090900,0x3f3f3f00,0xdddddd00,0x94949400,
+    0x87878700,0x5c5c5c00,0x83838300,0x02020200,
+    0xcdcdcd00,0x4a4a4a00,0x90909000,0x33333300,
+    0x73737300,0x67676700,0xf6f6f600,0xf3f3f300,
+    0x9d9d9d00,0x7f7f7f00,0xbfbfbf00,0xe2e2e200,
+    0x52525200,0x9b9b9b00,0xd8d8d800,0x26262600,
+    0xc8c8c800,0x37373700,0xc6c6c600,0x3b3b3b00,
+    0x81818100,0x96969600,0x6f6f6f00,0x4b4b4b00,
+    0x13131300,0xbebebe00,0x63636300,0x2e2e2e00,
+    0xe9e9e900,0x79797900,0xa7a7a700,0x8c8c8c00,
+    0x9f9f9f00,0x6e6e6e00,0xbcbcbc00,0x8e8e8e00,
+    0x29292900,0xf5f5f500,0xf9f9f900,0xb6b6b600,
+    0x2f2f2f00,0xfdfdfd00,0xb4b4b400,0x59595900,
+    0x78787800,0x98989800,0x06060600,0x6a6a6a00,
+    0xe7e7e700,0x46464600,0x71717100,0xbababa00,
+    0xd4d4d400,0x25252500,0xababab00,0x42424200,
+    0x88888800,0xa2a2a200,0x8d8d8d00,0xfafafa00,
+    0x72727200,0x07070700,0xb9b9b900,0x55555500,
+    0xf8f8f800,0xeeeeee00,0xacacac00,0x0a0a0a00,
+    0x36363600,0x49494900,0x2a2a2a00,0x68686800,
+    0x3c3c3c00,0x38383800,0xf1f1f100,0xa4a4a400,
+    0x40404000,0x28282800,0xd3d3d300,0x7b7b7b00,
+    0xbbbbbb00,0xc9c9c900,0x43434300,0xc1c1c100,
+    0x15151500,0xe3e3e300,0xadadad00,0xf4f4f400,
+    0x77777700,0xc7c7c700,0x80808000,0x9e9e9e00,
+};
+
+static const u32 camellia_sp0222[256] = {
+    0x00e0e0e0,0x00050505,0x00585858,0x00d9d9d9,
+    0x00676767,0x004e4e4e,0x00818181,0x00cbcbcb,
+    0x00c9c9c9,0x000b0b0b,0x00aeaeae,0x006a6a6a,
+    0x00d5d5d5,0x00181818,0x005d5d5d,0x00828282,
+    0x00464646,0x00dfdfdf,0x00d6d6d6,0x00272727,
+    0x008a8a8a,0x00323232,0x004b4b4b,0x00424242,
+    0x00dbdbdb,0x001c1c1c,0x009e9e9e,0x009c9c9c,
+    0x003a3a3a,0x00cacaca,0x00252525,0x007b7b7b,
+    0x000d0d0d,0x00717171,0x005f5f5f,0x001f1f1f,
+    0x00f8f8f8,0x00d7d7d7,0x003e3e3e,0x009d9d9d,
+    0x007c7c7c,0x00606060,0x00b9b9b9,0x00bebebe,
+    0x00bcbcbc,0x008b8b8b,0x00161616,0x00343434,
+    0x004d4d4d,0x00c3c3c3,0x00727272,0x00959595,
+    0x00ababab,0x008e8e8e,0x00bababa,0x007a7a7a,
+    0x00b3b3b3,0x00020202,0x00b4b4b4,0x00adadad,
+    0x00a2a2a2,0x00acacac,0x00d8d8d8,0x009a9a9a,
+    0x00171717,0x001a1a1a,0x00353535,0x00cccccc,
+    0x00f7f7f7,0x00999999,0x00616161,0x005a5a5a,
+    0x00e8e8e8,0x00242424,0x00565656,0x00404040,
+    0x00e1e1e1,0x00636363,0x00090909,0x00333333,
+    0x00bfbfbf,0x00989898,0x00979797,0x00858585,
+    0x00686868,0x00fcfcfc,0x00ececec,0x000a0a0a,
+    0x00dadada,0x006f6f6f,0x00535353,0x00626262,
+    0x00a3a3a3,0x002e2e2e,0x00080808,0x00afafaf,
+    0x00282828,0x00b0b0b0,0x00747474,0x00c2c2c2,
+    0x00bdbdbd,0x00363636,0x00222222,0x00383838,
+    0x00646464,0x001e1e1e,0x00393939,0x002c2c2c,
+    0x00a6a6a6,0x00303030,0x00e5e5e5,0x00444444,
+    0x00fdfdfd,0x00888888,0x009f9f9f,0x00656565,
+    0x00878787,0x006b6b6b,0x00f4f4f4,0x00232323,
+    0x00484848,0x00101010,0x00d1d1d1,0x00515151,
+    0x00c0c0c0,0x00f9f9f9,0x00d2d2d2,0x00a0a0a0,
+    0x00555555,0x00a1a1a1,0x00414141,0x00fafafa,
+    0x00434343,0x00131313,0x00c4c4c4,0x002f2f2f,
+    0x00a8a8a8,0x00b6b6b6,0x003c3c3c,0x002b2b2b,
+    0x00c1c1c1,0x00ffffff,0x00c8c8c8,0x00a5a5a5,
+    0x00202020,0x00898989,0x00000000,0x00909090,
+    0x00474747,0x00efefef,0x00eaeaea,0x00b7b7b7,
+    0x00151515,0x00060606,0x00cdcdcd,0x00b5b5b5,
+    0x00121212,0x007e7e7e,0x00bbbbbb,0x00292929,
+    0x000f0f0f,0x00b8b8b8,0x00070707,0x00040404,
+    0x009b9b9b,0x00949494,0x00212121,0x00666666,
+    0x00e6e6e6,0x00cecece,0x00ededed,0x00e7e7e7,
+    0x003b3b3b,0x00fefefe,0x007f7f7f,0x00c5c5c5,
+    0x00a4a4a4,0x00373737,0x00b1b1b1,0x004c4c4c,
+    0x00919191,0x006e6e6e,0x008d8d8d,0x00767676,
+    0x00030303,0x002d2d2d,0x00dedede,0x00969696,
+    0x00262626,0x007d7d7d,0x00c6c6c6,0x005c5c5c,
+    0x00d3d3d3,0x00f2f2f2,0x004f4f4f,0x00191919,
+    0x003f3f3f,0x00dcdcdc,0x00797979,0x001d1d1d,
+    0x00525252,0x00ebebeb,0x00f3f3f3,0x006d6d6d,
+    0x005e5e5e,0x00fbfbfb,0x00696969,0x00b2b2b2,
+    0x00f0f0f0,0x00313131,0x000c0c0c,0x00d4d4d4,
+    0x00cfcfcf,0x008c8c8c,0x00e2e2e2,0x00757575,
+    0x00a9a9a9,0x004a4a4a,0x00575757,0x00848484,
+    0x00111111,0x00454545,0x001b1b1b,0x00f5f5f5,
+    0x00e4e4e4,0x000e0e0e,0x00737373,0x00aaaaaa,
+    0x00f1f1f1,0x00dddddd,0x00595959,0x00141414,
+    0x006c6c6c,0x00929292,0x00545454,0x00d0d0d0,
+    0x00787878,0x00707070,0x00e3e3e3,0x00494949,
+    0x00808080,0x00505050,0x00a7a7a7,0x00f6f6f6,
+    0x00777777,0x00939393,0x00868686,0x00838383,
+    0x002a2a2a,0x00c7c7c7,0x005b5b5b,0x00e9e9e9,
+    0x00eeeeee,0x008f8f8f,0x00010101,0x003d3d3d,
+};
+
+static const u32 camellia_sp3033[256] = {
+    0x38003838,0x41004141,0x16001616,0x76007676,
+    0xd900d9d9,0x93009393,0x60006060,0xf200f2f2,
+    0x72007272,0xc200c2c2,0xab00abab,0x9a009a9a,
+    0x75007575,0x06000606,0x57005757,0xa000a0a0,
+    0x91009191,0xf700f7f7,0xb500b5b5,0xc900c9c9,
+    0xa200a2a2,0x8c008c8c,0xd200d2d2,0x90009090,
+    0xf600f6f6,0x07000707,0xa700a7a7,0x27002727,
+    0x8e008e8e,0xb200b2b2,0x49004949,0xde00dede,
+    0x43004343,0x5c005c5c,0xd700d7d7,0xc700c7c7,
+    0x3e003e3e,0xf500f5f5,0x8f008f8f,0x67006767,
+    0x1f001f1f,0x18001818,0x6e006e6e,0xaf00afaf,
+    0x2f002f2f,0xe200e2e2,0x85008585,0x0d000d0d,
+    0x53005353,0xf000f0f0,0x9c009c9c,0x65006565,
+    0xea00eaea,0xa300a3a3,0xae00aeae,0x9e009e9e,
+    0xec00ecec,0x80008080,0x2d002d2d,0x6b006b6b,
+    0xa800a8a8,0x2b002b2b,0x36003636,0xa600a6a6,
+    0xc500c5c5,0x86008686,0x4d004d4d,0x33003333,
+    0xfd00fdfd,0x66006666,0x58005858,0x96009696,
+    0x3a003a3a,0x09000909,0x95009595,0x10001010,
+    0x78007878,0xd800d8d8,0x42004242,0xcc00cccc,
+    0xef00efef,0x26002626,0xe500e5e5,0x61006161,
+    0x1a001a1a,0x3f003f3f,0x3b003b3b,0x82008282,
+    0xb600b6b6,0xdb00dbdb,0xd400d4d4,0x98009898,
+    0xe800e8e8,0x8b008b8b,0x02000202,0xeb00ebeb,
+    0x0a000a0a,0x2c002c2c,0x1d001d1d,0xb000b0b0,
+    0x6f006f6f,0x8d008d8d,0x88008888,0x0e000e0e,
+    0x19001919,0x87008787,0x4e004e4e,0x0b000b0b,
+    0xa900a9a9,0x0c000c0c,0x79007979,0x11001111,
+    0x7f007f7f,0x22002222,0xe700e7e7,0x59005959,
+    0xe100e1e1,0xda00dada,0x3d003d3d,0xc800c8c8,
+    0x12001212,0x04000404,0x74007474,0x54005454,
+    0x30003030,0x7e007e7e,0xb400b4b4,0x28002828,
+    0x55005555,0x68006868,0x50005050,0xbe00bebe,
+    0xd000d0d0,0xc400c4c4,0x31003131,0xcb00cbcb,
+    0x2a002a2a,0xad00adad,0x0f000f0f,0xca00caca,
+    0x70007070,0xff00ffff,0x32003232,0x69006969,
+    0x08000808,0x62006262,0x00000000,0x24002424,
+    0xd100d1d1,0xfb00fbfb,0xba00baba,0xed00eded,
+    0x45004545,0x81008181,0x73007373,0x6d006d6d,
+    0x84008484,0x9f009f9f,0xee00eeee,0x4a004a4a,
+    0xc300c3c3,0x2e002e2e,0xc100c1c1,0x01000101,
+    0xe600e6e6,0x25002525,0x48004848,0x99009999,
+    0xb900b9b9,0xb300b3b3,0x7b007b7b,0xf900f9f9,
+    0xce00cece,0xbf00bfbf,0xdf00dfdf,0x71007171,
+    0x29002929,0xcd00cdcd,0x6c006c6c,0x13001313,
+    0x64006464,0x9b009b9b,0x63006363,0x9d009d9d,
+    0xc000c0c0,0x4b004b4b,0xb700b7b7,0xa500a5a5,
+    0x89008989,0x5f005f5f,0xb100b1b1,0x17001717,
+    0xf400f4f4,0xbc00bcbc,0xd300d3d3,0x46004646,
+    0xcf00cfcf,0x37003737,0x5e005e5e,0x47004747,
+    0x94009494,0xfa00fafa,0xfc00fcfc,0x5b005b5b,
+    0x97009797,0xfe00fefe,0x5a005a5a,0xac00acac,
+    0x3c003c3c,0x4c004c4c,0x03000303,0x35003535,
+    0xf300f3f3,0x23002323,0xb800b8b8,0x5d005d5d,
+    0x6a006a6a,0x92009292,0xd500d5d5,0x21002121,
+    0x44004444,0x51005151,0xc600c6c6,0x7d007d7d,
+    0x39003939,0x83008383,0xdc00dcdc,0xaa00aaaa,
+    0x7c007c7c,0x77007777,0x56005656,0x05000505,
+    0x1b001b1b,0xa400a4a4,0x15001515,0x34003434,
+    0x1e001e1e,0x1c001c1c,0xf800f8f8,0x52005252,
+    0x20002020,0x14001414,0xe900e9e9,0xbd00bdbd,
+    0xdd00dddd,0xe400e4e4,0xa100a1a1,0xe000e0e0,
+    0x8a008a8a,0xf100f1f1,0xd600d6d6,0x7a007a7a,
+    0xbb00bbbb,0xe300e3e3,0x40004040,0x4f004f4f,
+};
+
+static const u32 camellia_sp4404[256] = {
+    0x70700070,0x2c2c002c,0xb3b300b3,0xc0c000c0,
+    0xe4e400e4,0x57570057,0xeaea00ea,0xaeae00ae,
+    0x23230023,0x6b6b006b,0x45450045,0xa5a500a5,
+    0xeded00ed,0x4f4f004f,0x1d1d001d,0x92920092,
+    0x86860086,0xafaf00af,0x7c7c007c,0x1f1f001f,
+    0x3e3e003e,0xdcdc00dc,0x5e5e005e,0x0b0b000b,
+    0xa6a600a6,0x39390039,0xd5d500d5,0x5d5d005d,
+    0xd9d900d9,0x5a5a005a,0x51510051,0x6c6c006c,
+    0x8b8b008b,0x9a9a009a,0xfbfb00fb,0xb0b000b0,
+    0x74740074,0x2b2b002b,0xf0f000f0,0x84840084,
+    0xdfdf00df,0xcbcb00cb,0x34340034,0x76760076,
+    0x6d6d006d,0xa9a900a9,0xd1d100d1,0x04040004,
+    0x14140014,0x3a3a003a,0xdede00de,0x11110011,
+    0x32320032,0x9c9c009c,0x53530053,0xf2f200f2,
+    0xfefe00fe,0xcfcf00cf,0xc3c300c3,0x7a7a007a,
+    0x24240024,0xe8e800e8,0x60600060,0x69690069,
+    0xaaaa00aa,0xa0a000a0,0xa1a100a1,0x62620062,
+    0x54540054,0x1e1e001e,0xe0e000e0,0x64640064,
+    0x10100010,0x00000000,0xa3a300a3,0x75750075,
+    0x8a8a008a,0xe6e600e6,0x09090009,0xdddd00dd,
+    0x87870087,0x83830083,0xcdcd00cd,0x90900090,
+    0x73730073,0xf6f600f6,0x9d9d009d,0xbfbf00bf,
+    0x52520052,0xd8d800d8,0xc8c800c8,0xc6c600c6,
+    0x81810081,0x6f6f006f,0x13130013,0x63630063,
+    0xe9e900e9,0xa7a700a7,0x9f9f009f,0xbcbc00bc,
+    0x29290029,0xf9f900f9,0x2f2f002f,0xb4b400b4,
+    0x78780078,0x06060006,0xe7e700e7,0x71710071,
+    0xd4d400d4,0xabab00ab,0x88880088,0x8d8d008d,
+    0x72720072,0xb9b900b9,0xf8f800f8,0xacac00ac,
+    0x36360036,0x2a2a002a,0x3c3c003c,0xf1f100f1,
+    0x40400040,0xd3d300d3,0xbbbb00bb,0x43430043,
+    0x15150015,0xadad00ad,0x77770077,0x80800080,
+    0x82820082,0xecec00ec,0x27270027,0xe5e500e5,
+    0x85850085,0x35350035,0x0c0c000c,0x41410041,
+    0xefef00ef,0x93930093,0x19190019,0x21210021,
+    0x0e0e000e,0x4e4e004e,0x65650065,0xbdbd00bd,
+    0xb8b800b8,0x8f8f008f,0xebeb00eb,0xcece00ce,
+    0x30300030,0x5f5f005f,0xc5c500c5,0x1a1a001a,
+    0xe1e100e1,0xcaca00ca,0x47470047,0x3d3d003d,
+    0x01010001,0xd6d600d6,0x56560056,0x4d4d004d,
+    0x0d0d000d,0x66660066,0xcccc00cc,0x2d2d002d,
+    0x12120012,0x20200020,0xb1b100b1,0x99990099,
+    0x4c4c004c,0xc2c200c2,0x7e7e007e,0x05050005,
+    0xb7b700b7,0x31310031,0x17170017,0xd7d700d7,
+    0x58580058,0x61610061,0x1b1b001b,0x1c1c001c,
+    0x0f0f000f,0x16160016,0x18180018,0x22220022,
+    0x44440044,0xb2b200b2,0xb5b500b5,0x91910091,
+    0x08080008,0xa8a800a8,0xfcfc00fc,0x50500050,
+    0xd0d000d0,0x7d7d007d,0x89890089,0x97970097,
+    0x5b5b005b,0x95950095,0xffff00ff,0xd2d200d2,
+    0xc4c400c4,0x48480048,0xf7f700f7,0xdbdb00db,
+    0x03030003,0xdada00da,0x3f3f003f,0x94940094,
+    0x5c5c005c,0x02020002,0x4a4a004a,0x33330033,
+    0x67670067,0xf3f300f3,0x7f7f007f,0xe2e200e2,
+    0x9b9b009b,0x26260026,0x37370037,0x3b3b003b,
+    0x96960096,0x4b4b004b,0xbebe00be,0x2e2e002e,
+    0x79790079,0x8c8c008c,0x6e6e006e,0x8e8e008e,
+    0xf5f500f5,0xb6b600b6,0xfdfd00fd,0x59590059,
+    0x98980098,0x6a6a006a,0x46460046,0xbaba00ba,
+    0x25250025,0x42420042,0xa2a200a2,0xfafa00fa,
+    0x07070007,0x55550055,0xeeee00ee,0x0a0a000a,
+    0x49490049,0x68680068,0x38380038,0xa4a400a4,
+    0x28280028,0x7b7b007b,0xc9c900c9,0xc1c100c1,
+    0xe3e300e3,0xf4f400f4,0xc7c700c7,0x9e9e009e,
+};
+
+
+/**
+ * Stuff related to the Camellia key schedule
+ */
+#define subl(x) subL[(x)]
+#define subr(x) subR[(x)]
+
+static int camellia_setup128(const unsigned char *key, u32 *subkey)
+{
+    u32 kll, klr, krl, krr;
+    u32 il, ir, t0, t1, w0, w1;
+    u32 kw4l, kw4r, dw, tl, tr;
+
+#ifdef WOLFSSL_SMALL_STACK
+    u32* subL;
+    u32* subR;
+
+    subL = (u32*) XMALLOC(sizeof(u32) * 26, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    if (subL == NULL)
+        return MEMORY_E;
+
+    subR = (u32*) XMALLOC(sizeof(u32) * 26, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    if (subR == NULL) {
+        XFREE(subL, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        return MEMORY_E;
+    }
+#else
+    u32 subL[26];
+    u32 subR[26];
+#endif
+
+    /**
+     *  k == kll || klr || krl || krr (|| is concatination)
+     */
+    kll = GETU32(key     );
+    klr = GETU32(key +  4);
+    krl = GETU32(key +  8);
+    krr = GETU32(key + 12);
+    /**
+     * generate KL dependent subkeys
+     */
+    subl(0) = kll; subr(0) = klr;
+    subl(1) = krl; subr(1) = krr;
+    CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15);
+    subl(4) = kll; subr(4) = klr;
+    subl(5) = krl; subr(5) = krr;
+    CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 30);
+    subl(10) = kll; subr(10) = klr;
+    subl(11) = krl; subr(11) = krr;
+    CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15);
+    subl(13) = krl; subr(13) = krr;
+    CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 17);
+    subl(16) = kll; subr(16) = klr;
+    subl(17) = krl; subr(17) = krr;
+    CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 17);
+    subl(18) = kll; subr(18) = klr;
+    subl(19) = krl; subr(19) = krr;
+    CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 17);
+    subl(22) = kll; subr(22) = klr;
+    subl(23) = krl; subr(23) = krr;
+
+    /* generate KA */
+    kll = subl(0); klr = subr(0);
+    krl = subl(1); krr = subr(1);
+    CAMELLIA_F(kll, klr,
+	       CAMELLIA_SIGMA1L, CAMELLIA_SIGMA1R,
+	       w0, w1, il, ir, t0, t1);
+    krl ^= w0; krr ^= w1;
+    CAMELLIA_F(krl, krr,
+	       CAMELLIA_SIGMA2L, CAMELLIA_SIGMA2R,
+	       kll, klr, il, ir, t0, t1);
+    CAMELLIA_F(kll, klr,
+	       CAMELLIA_SIGMA3L, CAMELLIA_SIGMA3R,
+	       krl, krr, il, ir, t0, t1);
+    krl ^= w0; krr ^= w1;
+    CAMELLIA_F(krl, krr,
+	       CAMELLIA_SIGMA4L, CAMELLIA_SIGMA4R,
+	       w0, w1, il, ir, t0, t1);
+    kll ^= w0; klr ^= w1;
+
+    /* generate KA dependent subkeys */
+    subl(2) = kll; subr(2) = klr;
+    subl(3) = krl; subr(3) = krr;
+    CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15);
+    subl(6) = kll; subr(6) = klr;
+    subl(7) = krl; subr(7) = krr;
+    CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15);
+    subl(8) = kll; subr(8) = klr;
+    subl(9) = krl; subr(9) = krr;
+    CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15);
+    subl(12) = kll; subr(12) = klr;
+    CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15);
+    subl(14) = kll; subr(14) = klr;
+    subl(15) = krl; subr(15) = krr;
+    CAMELLIA_ROLDQo32(kll, klr, krl, krr, w0, w1, 34);
+    subl(20) = kll; subr(20) = klr;
+    subl(21) = krl; subr(21) = krr;
+    CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 17);
+    subl(24) = kll; subr(24) = klr;
+    subl(25) = krl; subr(25) = krr;
+
+
+    /* absorb kw2 to other subkeys */
+    subl(3) ^= subl(1); subr(3) ^= subr(1);
+    subl(5) ^= subl(1); subr(5) ^= subr(1);
+    subl(7) ^= subl(1); subr(7) ^= subr(1);
+    subl(1) ^= subr(1) & ~subr(9);
+    dw = subl(1) & subl(9), subr(1) ^= CAMELLIA_RL1(dw);
+    subl(11) ^= subl(1); subr(11) ^= subr(1);
+    subl(13) ^= subl(1); subr(13) ^= subr(1);
+    subl(15) ^= subl(1); subr(15) ^= subr(1);
+    subl(1) ^= subr(1) & ~subr(17);
+    dw = subl(1) & subl(17), subr(1) ^= CAMELLIA_RL1(dw);
+    subl(19) ^= subl(1); subr(19) ^= subr(1);
+    subl(21) ^= subl(1); subr(21) ^= subr(1);
+    subl(23) ^= subl(1); subr(23) ^= subr(1);
+    subl(24) ^= subl(1); subr(24) ^= subr(1);
+
+    /* absorb kw4 to other subkeys */
+    kw4l = subl(25); kw4r = subr(25);
+    subl(22) ^= kw4l; subr(22) ^= kw4r;
+    subl(20) ^= kw4l; subr(20) ^= kw4r;
+    subl(18) ^= kw4l; subr(18) ^= kw4r;
+    kw4l ^= kw4r & ~subr(16);
+    dw = kw4l & subl(16), kw4r ^= CAMELLIA_RL1(dw);
+    subl(14) ^= kw4l; subr(14) ^= kw4r;
+    subl(12) ^= kw4l; subr(12) ^= kw4r;
+    subl(10) ^= kw4l; subr(10) ^= kw4r;
+    kw4l ^= kw4r & ~subr(8);
+    dw = kw4l & subl(8), kw4r ^= CAMELLIA_RL1(dw);
+    subl(6) ^= kw4l; subr(6) ^= kw4r;
+    subl(4) ^= kw4l; subr(4) ^= kw4r;
+    subl(2) ^= kw4l; subr(2) ^= kw4r;
+    subl(0) ^= kw4l; subr(0) ^= kw4r;
+
+    /* key XOR is end of F-function */
+    CamelliaSubkeyL(0) = subl(0) ^ subl(2);
+    CamelliaSubkeyR(0) = subr(0) ^ subr(2);
+    CamelliaSubkeyL(2) = subl(3);
+    CamelliaSubkeyR(2) = subr(3);
+    CamelliaSubkeyL(3) = subl(2) ^ subl(4);
+    CamelliaSubkeyR(3) = subr(2) ^ subr(4);
+    CamelliaSubkeyL(4) = subl(3) ^ subl(5);
+    CamelliaSubkeyR(4) = subr(3) ^ subr(5);
+    CamelliaSubkeyL(5) = subl(4) ^ subl(6);
+    CamelliaSubkeyR(5) = subr(4) ^ subr(6);
+    CamelliaSubkeyL(6) = subl(5) ^ subl(7);
+    CamelliaSubkeyR(6) = subr(5) ^ subr(7);
+    tl = subl(10) ^ (subr(10) & ~subr(8));
+    dw = tl & subl(8), tr = subr(10) ^ CAMELLIA_RL1(dw);
+    CamelliaSubkeyL(7) = subl(6) ^ tl;
+    CamelliaSubkeyR(7) = subr(6) ^ tr;
+    CamelliaSubkeyL(8) = subl(8);
+    CamelliaSubkeyR(8) = subr(8);
+    CamelliaSubkeyL(9) = subl(9);
+    CamelliaSubkeyR(9) = subr(9);
+    tl = subl(7) ^ (subr(7) & ~subr(9));
+    dw = tl & subl(9), tr = subr(7) ^ CAMELLIA_RL1(dw);
+    CamelliaSubkeyL(10) = tl ^ subl(11);
+    CamelliaSubkeyR(10) = tr ^ subr(11);
+    CamelliaSubkeyL(11) = subl(10) ^ subl(12);
+    CamelliaSubkeyR(11) = subr(10) ^ subr(12);
+    CamelliaSubkeyL(12) = subl(11) ^ subl(13);
+    CamelliaSubkeyR(12) = subr(11) ^ subr(13);
+    CamelliaSubkeyL(13) = subl(12) ^ subl(14);
+    CamelliaSubkeyR(13) = subr(12) ^ subr(14);
+    CamelliaSubkeyL(14) = subl(13) ^ subl(15);
+    CamelliaSubkeyR(14) = subr(13) ^ subr(15);
+    tl = subl(18) ^ (subr(18) & ~subr(16));
+    dw = tl & subl(16),	tr = subr(18) ^ CAMELLIA_RL1(dw);
+    CamelliaSubkeyL(15) = subl(14) ^ tl;
+    CamelliaSubkeyR(15) = subr(14) ^ tr;
+    CamelliaSubkeyL(16) = subl(16);
+    CamelliaSubkeyR(16) = subr(16);
+    CamelliaSubkeyL(17) = subl(17);
+    CamelliaSubkeyR(17) = subr(17);
+    tl = subl(15) ^ (subr(15) & ~subr(17));
+    dw = tl & subl(17),	tr = subr(15) ^ CAMELLIA_RL1(dw);
+    CamelliaSubkeyL(18) = tl ^ subl(19);
+    CamelliaSubkeyR(18) = tr ^ subr(19);
+    CamelliaSubkeyL(19) = subl(18) ^ subl(20);
+    CamelliaSubkeyR(19) = subr(18) ^ subr(20);
+    CamelliaSubkeyL(20) = subl(19) ^ subl(21);
+    CamelliaSubkeyR(20) = subr(19) ^ subr(21);
+    CamelliaSubkeyL(21) = subl(20) ^ subl(22);
+    CamelliaSubkeyR(21) = subr(20) ^ subr(22);
+    CamelliaSubkeyL(22) = subl(21) ^ subl(23);
+    CamelliaSubkeyR(22) = subr(21) ^ subr(23);
+    CamelliaSubkeyL(23) = subl(22);
+    CamelliaSubkeyR(23) = subr(22);
+    CamelliaSubkeyL(24) = subl(24) ^ subl(23);
+    CamelliaSubkeyR(24) = subr(24) ^ subr(23);
+
+    /* apply the inverse of the last half of P-function */
+    dw = CamelliaSubkeyL(2) ^ CamelliaSubkeyR(2), dw = CAMELLIA_RL8(dw);
+    CamelliaSubkeyR(2) = CamelliaSubkeyL(2) ^ dw, CamelliaSubkeyL(2) = dw;
+    dw = CamelliaSubkeyL(3) ^ CamelliaSubkeyR(3), dw = CAMELLIA_RL8(dw);
+    CamelliaSubkeyR(3) = CamelliaSubkeyL(3) ^ dw, CamelliaSubkeyL(3) = dw;
+    dw = CamelliaSubkeyL(4) ^ CamelliaSubkeyR(4), dw = CAMELLIA_RL8(dw);
+    CamelliaSubkeyR(4) = CamelliaSubkeyL(4) ^ dw, CamelliaSubkeyL(4) = dw;
+    dw = CamelliaSubkeyL(5) ^ CamelliaSubkeyR(5), dw = CAMELLIA_RL8(dw);
+    CamelliaSubkeyR(5) = CamelliaSubkeyL(5) ^ dw, CamelliaSubkeyL(5) = dw;
+    dw = CamelliaSubkeyL(6) ^ CamelliaSubkeyR(6), dw = CAMELLIA_RL8(dw);
+    CamelliaSubkeyR(6) = CamelliaSubkeyL(6) ^ dw, CamelliaSubkeyL(6) = dw;
+    dw = CamelliaSubkeyL(7) ^ CamelliaSubkeyR(7), dw = CAMELLIA_RL8(dw);
+    CamelliaSubkeyR(7) = CamelliaSubkeyL(7) ^ dw, CamelliaSubkeyL(7) = dw;
+    dw = CamelliaSubkeyL(10) ^ CamelliaSubkeyR(10), dw = CAMELLIA_RL8(dw);
+    CamelliaSubkeyR(10) = CamelliaSubkeyL(10) ^ dw, CamelliaSubkeyL(10) = dw;
+    dw = CamelliaSubkeyL(11) ^ CamelliaSubkeyR(11), dw = CAMELLIA_RL8(dw);
+    CamelliaSubkeyR(11) = CamelliaSubkeyL(11) ^ dw, CamelliaSubkeyL(11) = dw;
+    dw = CamelliaSubkeyL(12) ^ CamelliaSubkeyR(12), dw = CAMELLIA_RL8(dw);
+    CamelliaSubkeyR(12) = CamelliaSubkeyL(12) ^ dw, CamelliaSubkeyL(12) = dw;
+    dw = CamelliaSubkeyL(13) ^ CamelliaSubkeyR(13), dw = CAMELLIA_RL8(dw);
+    CamelliaSubkeyR(13) = CamelliaSubkeyL(13) ^ dw, CamelliaSubkeyL(13) = dw;
+    dw = CamelliaSubkeyL(14) ^ CamelliaSubkeyR(14), dw = CAMELLIA_RL8(dw);
+    CamelliaSubkeyR(14) = CamelliaSubkeyL(14) ^ dw, CamelliaSubkeyL(14) = dw;
+    dw = CamelliaSubkeyL(15) ^ CamelliaSubkeyR(15), dw = CAMELLIA_RL8(dw);
+    CamelliaSubkeyR(15) = CamelliaSubkeyL(15) ^ dw, CamelliaSubkeyL(15) = dw;
+    dw = CamelliaSubkeyL(18) ^ CamelliaSubkeyR(18), dw = CAMELLIA_RL8(dw);
+    CamelliaSubkeyR(18) = CamelliaSubkeyL(18) ^ dw, CamelliaSubkeyL(18) = dw;
+    dw = CamelliaSubkeyL(19) ^ CamelliaSubkeyR(19), dw = CAMELLIA_RL8(dw);
+    CamelliaSubkeyR(19) = CamelliaSubkeyL(19) ^ dw, CamelliaSubkeyL(19) = dw;
+    dw = CamelliaSubkeyL(20) ^ CamelliaSubkeyR(20), dw = CAMELLIA_RL8(dw);
+    CamelliaSubkeyR(20) = CamelliaSubkeyL(20) ^ dw, CamelliaSubkeyL(20) = dw;
+    dw = CamelliaSubkeyL(21) ^ CamelliaSubkeyR(21), dw = CAMELLIA_RL8(dw);
+    CamelliaSubkeyR(21) = CamelliaSubkeyL(21) ^ dw, CamelliaSubkeyL(21) = dw;
+    dw = CamelliaSubkeyL(22) ^ CamelliaSubkeyR(22), dw = CAMELLIA_RL8(dw);
+    CamelliaSubkeyR(22) = CamelliaSubkeyL(22) ^ dw, CamelliaSubkeyL(22) = dw;
+    dw = CamelliaSubkeyL(23) ^ CamelliaSubkeyR(23), dw = CAMELLIA_RL8(dw);
+    CamelliaSubkeyR(23) = CamelliaSubkeyL(23) ^ dw, CamelliaSubkeyL(23) = dw;
+
+#ifdef WOLFSSL_SMALL_STACK
+    XFREE(subL, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    XFREE(subR, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+
+    return 0;
+}
+
+static int camellia_setup256(const unsigned char *key, u32 *subkey)
+{
+    u32 kll,klr,krl,krr;           /* left half of key */
+    u32 krll,krlr,krrl,krrr;       /* right half of key */
+    u32 il, ir, t0, t1, w0, w1;    /* temporary variables */
+    u32 kw4l, kw4r, dw, tl, tr;
+
+#ifdef WOLFSSL_SMALL_STACK
+    u32* subL;
+    u32* subR;
+
+    subL = (u32*) XMALLOC(sizeof(u32) * 34, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    if (subL == NULL)
+        return MEMORY_E;
+
+    subR = (u32*) XMALLOC(sizeof(u32) * 34, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    if (subR == NULL) {
+        XFREE(subL, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        return MEMORY_E;
+    }
+#else
+    u32 subL[34];
+    u32 subR[34];
+#endif
+
+    /**
+     *  key = (kll || klr || krl || krr || krll || krlr || krrl || krrr)
+     *  (|| is concatination)
+     */
+
+    kll  = GETU32(key     );
+    klr  = GETU32(key +  4);
+    krl  = GETU32(key +  8);
+    krr  = GETU32(key + 12);
+    krll = GETU32(key + 16);
+    krlr = GETU32(key + 20);
+    krrl = GETU32(key + 24);
+    krrr = GETU32(key + 28);
+
+    /* generate KL dependent subkeys */
+    subl(0) = kll; subr(0) = klr;
+    subl(1) = krl; subr(1) = krr;
+    CAMELLIA_ROLDQo32(kll, klr, krl, krr, w0, w1, 45);
+    subl(12) = kll; subr(12) = klr;
+    subl(13) = krl; subr(13) = krr;
+    CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15);
+    subl(16) = kll; subr(16) = klr;
+    subl(17) = krl; subr(17) = krr;
+    CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 17);
+    subl(22) = kll; subr(22) = klr;
+    subl(23) = krl; subr(23) = krr;
+    CAMELLIA_ROLDQo32(kll, klr, krl, krr, w0, w1, 34);
+    subl(30) = kll; subr(30) = klr;
+    subl(31) = krl; subr(31) = krr;
+
+    /* generate KR dependent subkeys */
+    CAMELLIA_ROLDQ(krll, krlr, krrl, krrr, w0, w1, 15);
+    subl(4) = krll; subr(4) = krlr;
+    subl(5) = krrl; subr(5) = krrr;
+    CAMELLIA_ROLDQ(krll, krlr, krrl, krrr, w0, w1, 15);
+    subl(8) = krll; subr(8) = krlr;
+    subl(9) = krrl; subr(9) = krrr;
+    CAMELLIA_ROLDQ(krll, krlr, krrl, krrr, w0, w1, 30);
+    subl(18) = krll; subr(18) = krlr;
+    subl(19) = krrl; subr(19) = krrr;
+    CAMELLIA_ROLDQo32(krll, krlr, krrl, krrr, w0, w1, 34);
+    subl(26) = krll; subr(26) = krlr;
+    subl(27) = krrl; subr(27) = krrr;
+    CAMELLIA_ROLDQo32(krll, krlr, krrl, krrr, w0, w1, 34);
+
+    /* generate KA */
+    kll = subl(0) ^ krll; klr = subr(0) ^ krlr;
+    krl = subl(1) ^ krrl; krr = subr(1) ^ krrr;
+    CAMELLIA_F(kll, klr,
+	       CAMELLIA_SIGMA1L, CAMELLIA_SIGMA1R,
+	       w0, w1, il, ir, t0, t1);
+    krl ^= w0; krr ^= w1;
+    CAMELLIA_F(krl, krr,
+	       CAMELLIA_SIGMA2L, CAMELLIA_SIGMA2R,
+	       kll, klr, il, ir, t0, t1);
+    kll ^= krll; klr ^= krlr;
+    CAMELLIA_F(kll, klr,
+	       CAMELLIA_SIGMA3L, CAMELLIA_SIGMA3R,
+	       krl, krr, il, ir, t0, t1);
+    krl ^= w0 ^ krrl; krr ^= w1 ^ krrr;
+    CAMELLIA_F(krl, krr,
+	       CAMELLIA_SIGMA4L, CAMELLIA_SIGMA4R,
+	       w0, w1, il, ir, t0, t1);
+    kll ^= w0; klr ^= w1;
+
+    /* generate KB */
+    krll ^= kll; krlr ^= klr;
+    krrl ^= krl; krrr ^= krr;
+    CAMELLIA_F(krll, krlr,
+	       CAMELLIA_SIGMA5L, CAMELLIA_SIGMA5R,
+	       w0, w1, il, ir, t0, t1);
+    krrl ^= w0; krrr ^= w1;
+    CAMELLIA_F(krrl, krrr,
+	       CAMELLIA_SIGMA6L, CAMELLIA_SIGMA6R,
+	       w0, w1, il, ir, t0, t1);
+    krll ^= w0; krlr ^= w1;
+
+    /* generate KA dependent subkeys */
+    CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15);
+    subl(6) = kll; subr(6) = klr;
+    subl(7) = krl; subr(7) = krr;
+    CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 30);
+    subl(14) = kll; subr(14) = klr;
+    subl(15) = krl; subr(15) = krr;
+    subl(24) = klr; subr(24) = krl;
+    subl(25) = krr; subr(25) = kll;
+    CAMELLIA_ROLDQo32(kll, klr, krl, krr, w0, w1, 49);
+    subl(28) = kll; subr(28) = klr;
+    subl(29) = krl; subr(29) = krr;
+
+    /* generate KB dependent subkeys */
+    subl(2) = krll; subr(2) = krlr;
+    subl(3) = krrl; subr(3) = krrr;
+    CAMELLIA_ROLDQ(krll, krlr, krrl, krrr, w0, w1, 30);
+    subl(10) = krll; subr(10) = krlr;
+    subl(11) = krrl; subr(11) = krrr;
+    CAMELLIA_ROLDQ(krll, krlr, krrl, krrr, w0, w1, 30);
+    subl(20) = krll; subr(20) = krlr;
+    subl(21) = krrl; subr(21) = krrr;
+    CAMELLIA_ROLDQo32(krll, krlr, krrl, krrr, w0, w1, 51);
+    subl(32) = krll; subr(32) = krlr;
+    subl(33) = krrl; subr(33) = krrr;
+
+    /* absorb kw2 to other subkeys */
+    subl(3) ^= subl(1); subr(3) ^= subr(1);
+    subl(5) ^= subl(1); subr(5) ^= subr(1);
+    subl(7) ^= subl(1); subr(7) ^= subr(1);
+    subl(1) ^= subr(1) & ~subr(9);
+    dw = subl(1) & subl(9), subr(1) ^= CAMELLIA_RL1(dw);
+    subl(11) ^= subl(1); subr(11) ^= subr(1);
+    subl(13) ^= subl(1); subr(13) ^= subr(1);
+    subl(15) ^= subl(1); subr(15) ^= subr(1);
+    subl(1) ^= subr(1) & ~subr(17);
+    dw = subl(1) & subl(17), subr(1) ^= CAMELLIA_RL1(dw);
+    subl(19) ^= subl(1); subr(19) ^= subr(1);
+    subl(21) ^= subl(1); subr(21) ^= subr(1);
+    subl(23) ^= subl(1); subr(23) ^= subr(1);
+    subl(1) ^= subr(1) & ~subr(25);
+    dw = subl(1) & subl(25), subr(1) ^= CAMELLIA_RL1(dw);
+    subl(27) ^= subl(1); subr(27) ^= subr(1);
+    subl(29) ^= subl(1); subr(29) ^= subr(1);
+    subl(31) ^= subl(1); subr(31) ^= subr(1);
+    subl(32) ^= subl(1); subr(32) ^= subr(1);
+
+    /* absorb kw4 to other subkeys */
+    kw4l = subl(33); kw4r = subr(33);
+    subl(30) ^= kw4l; subr(30) ^= kw4r;
+    subl(28) ^= kw4l; subr(28) ^= kw4r;
+    subl(26) ^= kw4l; subr(26) ^= kw4r;
+    kw4l ^= kw4r & ~subr(24);
+    dw = kw4l & subl(24), kw4r ^= CAMELLIA_RL1(dw);
+    subl(22) ^= kw4l; subr(22) ^= kw4r;
+    subl(20) ^= kw4l; subr(20) ^= kw4r;
+    subl(18) ^= kw4l; subr(18) ^= kw4r;
+    kw4l ^= kw4r & ~subr(16);
+    dw = kw4l & subl(16), kw4r ^= CAMELLIA_RL1(dw);
+    subl(14) ^= kw4l; subr(14) ^= kw4r;
+    subl(12) ^= kw4l; subr(12) ^= kw4r;
+    subl(10) ^= kw4l; subr(10) ^= kw4r;
+    kw4l ^= kw4r & ~subr(8);
+    dw = kw4l & subl(8), kw4r ^= CAMELLIA_RL1(dw);
+    subl(6) ^= kw4l; subr(6) ^= kw4r;
+    subl(4) ^= kw4l; subr(4) ^= kw4r;
+    subl(2) ^= kw4l; subr(2) ^= kw4r;
+    subl(0) ^= kw4l; subr(0) ^= kw4r;
+
+    /* key XOR is end of F-function */
+    CamelliaSubkeyL(0) = subl(0) ^ subl(2);
+    CamelliaSubkeyR(0) = subr(0) ^ subr(2);
+    CamelliaSubkeyL(2) = subl(3);
+    CamelliaSubkeyR(2) = subr(3);
+    CamelliaSubkeyL(3) = subl(2) ^ subl(4);
+    CamelliaSubkeyR(3) = subr(2) ^ subr(4);
+    CamelliaSubkeyL(4) = subl(3) ^ subl(5);
+    CamelliaSubkeyR(4) = subr(3) ^ subr(5);
+    CamelliaSubkeyL(5) = subl(4) ^ subl(6);
+    CamelliaSubkeyR(5) = subr(4) ^ subr(6);
+    CamelliaSubkeyL(6) = subl(5) ^ subl(7);
+    CamelliaSubkeyR(6) = subr(5) ^ subr(7);
+    tl = subl(10) ^ (subr(10) & ~subr(8));
+    dw = tl & subl(8), tr = subr(10) ^ CAMELLIA_RL1(dw);
+    CamelliaSubkeyL(7) = subl(6) ^ tl;
+    CamelliaSubkeyR(7) = subr(6) ^ tr;
+    CamelliaSubkeyL(8) = subl(8);
+    CamelliaSubkeyR(8) = subr(8);
+    CamelliaSubkeyL(9) = subl(9);
+    CamelliaSubkeyR(9) = subr(9);
+    tl = subl(7) ^ (subr(7) & ~subr(9));
+    dw = tl & subl(9), tr = subr(7) ^ CAMELLIA_RL1(dw);
+    CamelliaSubkeyL(10) = tl ^ subl(11);
+    CamelliaSubkeyR(10) = tr ^ subr(11);
+    CamelliaSubkeyL(11) = subl(10) ^ subl(12);
+    CamelliaSubkeyR(11) = subr(10) ^ subr(12);
+    CamelliaSubkeyL(12) = subl(11) ^ subl(13);
+    CamelliaSubkeyR(12) = subr(11) ^ subr(13);
+    CamelliaSubkeyL(13) = subl(12) ^ subl(14);
+    CamelliaSubkeyR(13) = subr(12) ^ subr(14);
+    CamelliaSubkeyL(14) = subl(13) ^ subl(15);
+    CamelliaSubkeyR(14) = subr(13) ^ subr(15);
+    tl = subl(18) ^ (subr(18) & ~subr(16));
+    dw = tl & subl(16), tr = subr(18) ^ CAMELLIA_RL1(dw);
+    CamelliaSubkeyL(15) = subl(14) ^ tl;
+    CamelliaSubkeyR(15) = subr(14) ^ tr;
+    CamelliaSubkeyL(16) = subl(16);
+    CamelliaSubkeyR(16) = subr(16);
+    CamelliaSubkeyL(17) = subl(17);
+    CamelliaSubkeyR(17) = subr(17);
+    tl = subl(15) ^ (subr(15) & ~subr(17));
+    dw = tl & subl(17), tr = subr(15) ^ CAMELLIA_RL1(dw);
+    CamelliaSubkeyL(18) = tl ^ subl(19);
+    CamelliaSubkeyR(18) = tr ^ subr(19);
+    CamelliaSubkeyL(19) = subl(18) ^ subl(20);
+    CamelliaSubkeyR(19) = subr(18) ^ subr(20);
+    CamelliaSubkeyL(20) = subl(19) ^ subl(21);
+    CamelliaSubkeyR(20) = subr(19) ^ subr(21);
+    CamelliaSubkeyL(21) = subl(20) ^ subl(22);
+    CamelliaSubkeyR(21) = subr(20) ^ subr(22);
+    CamelliaSubkeyL(22) = subl(21) ^ subl(23);
+    CamelliaSubkeyR(22) = subr(21) ^ subr(23);
+    tl = subl(26) ^ (subr(26) & ~subr(24));
+    dw = tl & subl(24), tr = subr(26) ^ CAMELLIA_RL1(dw);
+    CamelliaSubkeyL(23) = subl(22) ^ tl;
+    CamelliaSubkeyR(23) = subr(22) ^ tr;
+    CamelliaSubkeyL(24) = subl(24);
+    CamelliaSubkeyR(24) = subr(24);
+    CamelliaSubkeyL(25) = subl(25);
+    CamelliaSubkeyR(25) = subr(25);
+    tl = subl(23) ^ (subr(23) &  ~subr(25));
+    dw = tl & subl(25), tr = subr(23) ^ CAMELLIA_RL1(dw);
+    CamelliaSubkeyL(26) = tl ^ subl(27);
+    CamelliaSubkeyR(26) = tr ^ subr(27);
+    CamelliaSubkeyL(27) = subl(26) ^ subl(28);
+    CamelliaSubkeyR(27) = subr(26) ^ subr(28);
+    CamelliaSubkeyL(28) = subl(27) ^ subl(29);
+    CamelliaSubkeyR(28) = subr(27) ^ subr(29);
+    CamelliaSubkeyL(29) = subl(28) ^ subl(30);
+    CamelliaSubkeyR(29) = subr(28) ^ subr(30);
+    CamelliaSubkeyL(30) = subl(29) ^ subl(31);
+    CamelliaSubkeyR(30) = subr(29) ^ subr(31);
+    CamelliaSubkeyL(31) = subl(30);
+    CamelliaSubkeyR(31) = subr(30);
+    CamelliaSubkeyL(32) = subl(32) ^ subl(31);
+    CamelliaSubkeyR(32) = subr(32) ^ subr(31);
+
+    /* apply the inverse of the last half of P-function */
+    dw = CamelliaSubkeyL(2) ^ CamelliaSubkeyR(2), dw = CAMELLIA_RL8(dw);
+    CamelliaSubkeyR(2) = CamelliaSubkeyL(2) ^ dw, CamelliaSubkeyL(2) = dw;
+    dw = CamelliaSubkeyL(3) ^ CamelliaSubkeyR(3), dw = CAMELLIA_RL8(dw);
+    CamelliaSubkeyR(3) = CamelliaSubkeyL(3) ^ dw, CamelliaSubkeyL(3) = dw;
+    dw = CamelliaSubkeyL(4) ^ CamelliaSubkeyR(4), dw = CAMELLIA_RL8(dw);
+    CamelliaSubkeyR(4) = CamelliaSubkeyL(4) ^ dw, CamelliaSubkeyL(4) = dw;
+    dw = CamelliaSubkeyL(5) ^ CamelliaSubkeyR(5), dw = CAMELLIA_RL8(dw);
+    CamelliaSubkeyR(5) = CamelliaSubkeyL(5) ^ dw, CamelliaSubkeyL(5) = dw;
+    dw = CamelliaSubkeyL(6) ^ CamelliaSubkeyR(6), dw = CAMELLIA_RL8(dw);
+    CamelliaSubkeyR(6) = CamelliaSubkeyL(6) ^ dw, CamelliaSubkeyL(6) = dw;
+    dw = CamelliaSubkeyL(7) ^ CamelliaSubkeyR(7), dw = CAMELLIA_RL8(dw);
+    CamelliaSubkeyR(7) = CamelliaSubkeyL(7) ^ dw, CamelliaSubkeyL(7) = dw;
+    dw = CamelliaSubkeyL(10) ^ CamelliaSubkeyR(10), dw = CAMELLIA_RL8(dw);
+    CamelliaSubkeyR(10) = CamelliaSubkeyL(10) ^ dw, CamelliaSubkeyL(10) = dw;
+    dw = CamelliaSubkeyL(11) ^ CamelliaSubkeyR(11), dw = CAMELLIA_RL8(dw);
+    CamelliaSubkeyR(11) = CamelliaSubkeyL(11) ^ dw, CamelliaSubkeyL(11) = dw;
+    dw = CamelliaSubkeyL(12) ^ CamelliaSubkeyR(12), dw = CAMELLIA_RL8(dw);
+    CamelliaSubkeyR(12) = CamelliaSubkeyL(12) ^ dw, CamelliaSubkeyL(12) = dw;
+    dw = CamelliaSubkeyL(13) ^ CamelliaSubkeyR(13), dw = CAMELLIA_RL8(dw);
+    CamelliaSubkeyR(13) = CamelliaSubkeyL(13) ^ dw, CamelliaSubkeyL(13) = dw;
+    dw = CamelliaSubkeyL(14) ^ CamelliaSubkeyR(14), dw = CAMELLIA_RL8(dw);
+    CamelliaSubkeyR(14) = CamelliaSubkeyL(14) ^ dw, CamelliaSubkeyL(14) = dw;
+    dw = CamelliaSubkeyL(15) ^ CamelliaSubkeyR(15), dw = CAMELLIA_RL8(dw);
+    CamelliaSubkeyR(15) = CamelliaSubkeyL(15) ^ dw, CamelliaSubkeyL(15) = dw;
+    dw = CamelliaSubkeyL(18) ^ CamelliaSubkeyR(18), dw = CAMELLIA_RL8(dw);
+    CamelliaSubkeyR(18) = CamelliaSubkeyL(18) ^ dw, CamelliaSubkeyL(18) = dw;
+    dw = CamelliaSubkeyL(19) ^ CamelliaSubkeyR(19), dw = CAMELLIA_RL8(dw);
+    CamelliaSubkeyR(19) = CamelliaSubkeyL(19) ^ dw, CamelliaSubkeyL(19) = dw;
+    dw = CamelliaSubkeyL(20) ^ CamelliaSubkeyR(20), dw = CAMELLIA_RL8(dw);
+    CamelliaSubkeyR(20) = CamelliaSubkeyL(20) ^ dw, CamelliaSubkeyL(20) = dw;
+    dw = CamelliaSubkeyL(21) ^ CamelliaSubkeyR(21), dw = CAMELLIA_RL8(dw);
+    CamelliaSubkeyR(21) = CamelliaSubkeyL(21) ^ dw, CamelliaSubkeyL(21) = dw;
+    dw = CamelliaSubkeyL(22) ^ CamelliaSubkeyR(22), dw = CAMELLIA_RL8(dw);
+    CamelliaSubkeyR(22) = CamelliaSubkeyL(22) ^ dw, CamelliaSubkeyL(22) = dw;
+    dw = CamelliaSubkeyL(23) ^ CamelliaSubkeyR(23), dw = CAMELLIA_RL8(dw);
+    CamelliaSubkeyR(23) = CamelliaSubkeyL(23) ^ dw, CamelliaSubkeyL(23) = dw;
+    dw = CamelliaSubkeyL(26) ^ CamelliaSubkeyR(26), dw = CAMELLIA_RL8(dw);
+    CamelliaSubkeyR(26) = CamelliaSubkeyL(26) ^ dw, CamelliaSubkeyL(26) = dw;
+    dw = CamelliaSubkeyL(27) ^ CamelliaSubkeyR(27), dw = CAMELLIA_RL8(dw);
+    CamelliaSubkeyR(27) = CamelliaSubkeyL(27) ^ dw, CamelliaSubkeyL(27) = dw;
+    dw = CamelliaSubkeyL(28) ^ CamelliaSubkeyR(28), dw = CAMELLIA_RL8(dw);
+    CamelliaSubkeyR(28) = CamelliaSubkeyL(28) ^ dw, CamelliaSubkeyL(28) = dw;
+    dw = CamelliaSubkeyL(29) ^ CamelliaSubkeyR(29), dw = CAMELLIA_RL8(dw);
+    CamelliaSubkeyR(29) = CamelliaSubkeyL(29) ^ dw, CamelliaSubkeyL(29) = dw;
+    dw = CamelliaSubkeyL(30) ^ CamelliaSubkeyR(30), dw = CAMELLIA_RL8(dw);
+    CamelliaSubkeyR(30) = CamelliaSubkeyL(30) ^ dw, CamelliaSubkeyL(30) = dw;
+    dw = CamelliaSubkeyL(31) ^ CamelliaSubkeyR(31), dw = CAMELLIA_RL8(dw);
+    CamelliaSubkeyR(31) = CamelliaSubkeyL(31) ^ dw,CamelliaSubkeyL(31) = dw;
+    
+#ifdef WOLFSSL_SMALL_STACK
+    XFREE(subL, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    XFREE(subR, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+
+    return 0;
+}
+
+static int camellia_setup192(const unsigned char *key, u32 *subkey)
+{
+    unsigned char kk[32];
+    u32 krll, krlr, krrl,krrr;
+
+    memcpy(kk, key, 24);
+    memcpy((unsigned char *)&krll, key+16,4);
+    memcpy((unsigned char *)&krlr, key+20,4);
+    krrl = ~krll;
+    krrr = ~krlr;
+    memcpy(kk+24, (unsigned char *)&krrl, 4);
+    memcpy(kk+28, (unsigned char *)&krrr, 4);
+
+    return camellia_setup256(kk, subkey);
+}
+
+
+/**
+ * Stuff related to camellia encryption/decryption
+ *
+ * "io" must be 4byte aligned and big-endian data.
+ */
+static void camellia_encrypt128(const u32 *subkey, u32 *io)
+{
+    u32 il, ir, t0, t1;
+
+    /* pre whitening but absorb kw2*/
+    io[0] ^= CamelliaSubkeyL(0);
+    io[1] ^= CamelliaSubkeyR(0);
+    /* main iteration */
+
+    CAMELLIA_ROUNDSM(io[0],io[1],
+		     CamelliaSubkeyL(2),CamelliaSubkeyR(2),
+		     io[2],io[3],il,ir,t0,t1);
+    CAMELLIA_ROUNDSM(io[2],io[3],
+		     CamelliaSubkeyL(3),CamelliaSubkeyR(3),
+		     io[0],io[1],il,ir,t0,t1);
+    CAMELLIA_ROUNDSM(io[0],io[1],
+		     CamelliaSubkeyL(4),CamelliaSubkeyR(4),
+		     io[2],io[3],il,ir,t0,t1);
+    CAMELLIA_ROUNDSM(io[2],io[3],
+		     CamelliaSubkeyL(5),CamelliaSubkeyR(5),
+		     io[0],io[1],il,ir,t0,t1);
+    CAMELLIA_ROUNDSM(io[0],io[1],
+		     CamelliaSubkeyL(6),CamelliaSubkeyR(6),
+		     io[2],io[3],il,ir,t0,t1);
+    CAMELLIA_ROUNDSM(io[2],io[3],
+		     CamelliaSubkeyL(7),CamelliaSubkeyR(7),
+		     io[0],io[1],il,ir,t0,t1);
+
+    CAMELLIA_FLS(io[0],io[1],io[2],io[3],
+		 CamelliaSubkeyL(8),CamelliaSubkeyR(8),
+		 CamelliaSubkeyL(9),CamelliaSubkeyR(9),
+		 t0,t1,il,ir);
+
+    CAMELLIA_ROUNDSM(io[0],io[1],
+		     CamelliaSubkeyL(10),CamelliaSubkeyR(10),
+		     io[2],io[3],il,ir,t0,t1);
+    CAMELLIA_ROUNDSM(io[2],io[3],
+		     CamelliaSubkeyL(11),CamelliaSubkeyR(11),
+		     io[0],io[1],il,ir,t0,t1);
+    CAMELLIA_ROUNDSM(io[0],io[1],
+		     CamelliaSubkeyL(12),CamelliaSubkeyR(12),
+		     io[2],io[3],il,ir,t0,t1);
+    CAMELLIA_ROUNDSM(io[2],io[3],
+		     CamelliaSubkeyL(13),CamelliaSubkeyR(13),
+		     io[0],io[1],il,ir,t0,t1);
+    CAMELLIA_ROUNDSM(io[0],io[1],
+		     CamelliaSubkeyL(14),CamelliaSubkeyR(14),
+		     io[2],io[3],il,ir,t0,t1);
+    CAMELLIA_ROUNDSM(io[2],io[3],
+		     CamelliaSubkeyL(15),CamelliaSubkeyR(15),
+		     io[0],io[1],il,ir,t0,t1);
+
+    CAMELLIA_FLS(io[0],io[1],io[2],io[3],
+		 CamelliaSubkeyL(16),CamelliaSubkeyR(16),
+		 CamelliaSubkeyL(17),CamelliaSubkeyR(17),
+		 t0,t1,il,ir);
+
+    CAMELLIA_ROUNDSM(io[0],io[1],
+		     CamelliaSubkeyL(18),CamelliaSubkeyR(18),
+		     io[2],io[3],il,ir,t0,t1);
+    CAMELLIA_ROUNDSM(io[2],io[3],
+		     CamelliaSubkeyL(19),CamelliaSubkeyR(19),
+		     io[0],io[1],il,ir,t0,t1);
+    CAMELLIA_ROUNDSM(io[0],io[1],
+		     CamelliaSubkeyL(20),CamelliaSubkeyR(20),
+		     io[2],io[3],il,ir,t0,t1);
+    CAMELLIA_ROUNDSM(io[2],io[3],
+		     CamelliaSubkeyL(21),CamelliaSubkeyR(21),
+		     io[0],io[1],il,ir,t0,t1);
+    CAMELLIA_ROUNDSM(io[0],io[1],
+		     CamelliaSubkeyL(22),CamelliaSubkeyR(22),
+		     io[2],io[3],il,ir,t0,t1);
+    CAMELLIA_ROUNDSM(io[2],io[3],
+		     CamelliaSubkeyL(23),CamelliaSubkeyR(23),
+		     io[0],io[1],il,ir,t0,t1);
+
+    /* post whitening but kw4 */
+    io[2] ^= CamelliaSubkeyL(24);
+    io[3] ^= CamelliaSubkeyR(24);
+
+    t0 = io[0];
+    t1 = io[1];
+    io[0] = io[2];
+    io[1] = io[3];
+    io[2] = t0;
+    io[3] = t1;
+	
+    return;
+}
+
+static void camellia_decrypt128(const u32 *subkey, u32 *io)
+{
+    u32 il,ir,t0,t1;               /* temporary valiables */
+    
+    /* pre whitening but absorb kw2*/
+    io[0] ^= CamelliaSubkeyL(24);
+    io[1] ^= CamelliaSubkeyR(24);
+
+    /* main iteration */
+    CAMELLIA_ROUNDSM(io[0],io[1],
+		     CamelliaSubkeyL(23),CamelliaSubkeyR(23),
+		     io[2],io[3],il,ir,t0,t1);
+    CAMELLIA_ROUNDSM(io[2],io[3],
+		     CamelliaSubkeyL(22),CamelliaSubkeyR(22),
+		     io[0],io[1],il,ir,t0,t1);
+    CAMELLIA_ROUNDSM(io[0],io[1],
+		     CamelliaSubkeyL(21),CamelliaSubkeyR(21),
+		     io[2],io[3],il,ir,t0,t1);
+    CAMELLIA_ROUNDSM(io[2],io[3],
+		     CamelliaSubkeyL(20),CamelliaSubkeyR(20),
+		     io[0],io[1],il,ir,t0,t1);
+    CAMELLIA_ROUNDSM(io[0],io[1],
+		     CamelliaSubkeyL(19),CamelliaSubkeyR(19),
+		     io[2],io[3],il,ir,t0,t1);
+    CAMELLIA_ROUNDSM(io[2],io[3],
+		     CamelliaSubkeyL(18),CamelliaSubkeyR(18),
+		     io[0],io[1],il,ir,t0,t1);
+
+    CAMELLIA_FLS(io[0],io[1],io[2],io[3],
+		 CamelliaSubkeyL(17),CamelliaSubkeyR(17),
+		 CamelliaSubkeyL(16),CamelliaSubkeyR(16),
+		 t0,t1,il,ir);
+
+    CAMELLIA_ROUNDSM(io[0],io[1],
+		     CamelliaSubkeyL(15),CamelliaSubkeyR(15),
+		     io[2],io[3],il,ir,t0,t1);
+    CAMELLIA_ROUNDSM(io[2],io[3],
+		     CamelliaSubkeyL(14),CamelliaSubkeyR(14),
+		     io[0],io[1],il,ir,t0,t1);
+    CAMELLIA_ROUNDSM(io[0],io[1],
+		     CamelliaSubkeyL(13),CamelliaSubkeyR(13),
+		     io[2],io[3],il,ir,t0,t1);
+    CAMELLIA_ROUNDSM(io[2],io[3],
+		     CamelliaSubkeyL(12),CamelliaSubkeyR(12),
+		     io[0],io[1],il,ir,t0,t1);
+    CAMELLIA_ROUNDSM(io[0],io[1],
+		     CamelliaSubkeyL(11),CamelliaSubkeyR(11),
+		     io[2],io[3],il,ir,t0,t1);
+    CAMELLIA_ROUNDSM(io[2],io[3],
+		     CamelliaSubkeyL(10),CamelliaSubkeyR(10),
+		     io[0],io[1],il,ir,t0,t1);
+
+    CAMELLIA_FLS(io[0],io[1],io[2],io[3],
+		 CamelliaSubkeyL(9),CamelliaSubkeyR(9),
+		 CamelliaSubkeyL(8),CamelliaSubkeyR(8),
+		 t0,t1,il,ir);
+
+    CAMELLIA_ROUNDSM(io[0],io[1],
+		     CamelliaSubkeyL(7),CamelliaSubkeyR(7),
+		     io[2],io[3],il,ir,t0,t1);
+    CAMELLIA_ROUNDSM(io[2],io[3],
+		     CamelliaSubkeyL(6),CamelliaSubkeyR(6),
+		     io[0],io[1],il,ir,t0,t1);
+    CAMELLIA_ROUNDSM(io[0],io[1],
+		     CamelliaSubkeyL(5),CamelliaSubkeyR(5),
+		     io[2],io[3],il,ir,t0,t1);
+    CAMELLIA_ROUNDSM(io[2],io[3],
+		     CamelliaSubkeyL(4),CamelliaSubkeyR(4),
+		     io[0],io[1],il,ir,t0,t1);
+    CAMELLIA_ROUNDSM(io[0],io[1],
+		     CamelliaSubkeyL(3),CamelliaSubkeyR(3),
+		     io[2],io[3],il,ir,t0,t1);
+    CAMELLIA_ROUNDSM(io[2],io[3],
+		     CamelliaSubkeyL(2),CamelliaSubkeyR(2),
+		     io[0],io[1],il,ir,t0,t1);
+
+    /* post whitening but kw4 */
+    io[2] ^= CamelliaSubkeyL(0);
+    io[3] ^= CamelliaSubkeyR(0);
+
+    t0 = io[0];
+    t1 = io[1];
+    io[0] = io[2];
+    io[1] = io[3];
+    io[2] = t0;
+    io[3] = t1;
+
+    return;
+}
+
+/**
+ * stuff for 192 and 256bit encryption/decryption
+ */
+static void camellia_encrypt256(const u32 *subkey, u32 *io)
+{
+    u32 il,ir,t0,t1;           /* temporary valiables */
+
+    /* pre whitening but absorb kw2*/
+    io[0] ^= CamelliaSubkeyL(0);
+    io[1] ^= CamelliaSubkeyR(0);
+
+    /* main iteration */
+    CAMELLIA_ROUNDSM(io[0],io[1],
+		     CamelliaSubkeyL(2),CamelliaSubkeyR(2),
+		     io[2],io[3],il,ir,t0,t1);
+    CAMELLIA_ROUNDSM(io[2],io[3],
+		     CamelliaSubkeyL(3),CamelliaSubkeyR(3),
+		     io[0],io[1],il,ir,t0,t1);
+    CAMELLIA_ROUNDSM(io[0],io[1],
+		     CamelliaSubkeyL(4),CamelliaSubkeyR(4),
+		     io[2],io[3],il,ir,t0,t1);
+    CAMELLIA_ROUNDSM(io[2],io[3],
+		     CamelliaSubkeyL(5),CamelliaSubkeyR(5),
+		     io[0],io[1],il,ir,t0,t1);
+    CAMELLIA_ROUNDSM(io[0],io[1],
+		     CamelliaSubkeyL(6),CamelliaSubkeyR(6),
+		     io[2],io[3],il,ir,t0,t1);
+    CAMELLIA_ROUNDSM(io[2],io[3],
+		     CamelliaSubkeyL(7),CamelliaSubkeyR(7),
+		     io[0],io[1],il,ir,t0,t1);
+
+    CAMELLIA_FLS(io[0],io[1],io[2],io[3],
+		 CamelliaSubkeyL(8),CamelliaSubkeyR(8),
+		 CamelliaSubkeyL(9),CamelliaSubkeyR(9),
+		 t0,t1,il,ir);
+
+    CAMELLIA_ROUNDSM(io[0],io[1],
+		     CamelliaSubkeyL(10),CamelliaSubkeyR(10),
+		     io[2],io[3],il,ir,t0,t1);
+    CAMELLIA_ROUNDSM(io[2],io[3],
+		     CamelliaSubkeyL(11),CamelliaSubkeyR(11),
+		     io[0],io[1],il,ir,t0,t1);
+    CAMELLIA_ROUNDSM(io[0],io[1],
+		     CamelliaSubkeyL(12),CamelliaSubkeyR(12),
+		     io[2],io[3],il,ir,t0,t1);
+    CAMELLIA_ROUNDSM(io[2],io[3],
+		     CamelliaSubkeyL(13),CamelliaSubkeyR(13),
+		     io[0],io[1],il,ir,t0,t1);
+    CAMELLIA_ROUNDSM(io[0],io[1],
+		     CamelliaSubkeyL(14),CamelliaSubkeyR(14),
+		     io[2],io[3],il,ir,t0,t1);
+    CAMELLIA_ROUNDSM(io[2],io[3],
+		     CamelliaSubkeyL(15),CamelliaSubkeyR(15),
+		     io[0],io[1],il,ir,t0,t1);
+
+    CAMELLIA_FLS(io[0],io[1],io[2],io[3],
+		 CamelliaSubkeyL(16),CamelliaSubkeyR(16),
+		 CamelliaSubkeyL(17),CamelliaSubkeyR(17),
+		 t0,t1,il,ir);
+
+    CAMELLIA_ROUNDSM(io[0],io[1],
+		     CamelliaSubkeyL(18),CamelliaSubkeyR(18),
+		     io[2],io[3],il,ir,t0,t1);
+    CAMELLIA_ROUNDSM(io[2],io[3],
+		     CamelliaSubkeyL(19),CamelliaSubkeyR(19),
+		     io[0],io[1],il,ir,t0,t1);
+    CAMELLIA_ROUNDSM(io[0],io[1],
+		     CamelliaSubkeyL(20),CamelliaSubkeyR(20),
+		     io[2],io[3],il,ir,t0,t1);
+    CAMELLIA_ROUNDSM(io[2],io[3],
+		     CamelliaSubkeyL(21),CamelliaSubkeyR(21),
+		     io[0],io[1],il,ir,t0,t1);
+    CAMELLIA_ROUNDSM(io[0],io[1],
+		     CamelliaSubkeyL(22),CamelliaSubkeyR(22),
+		     io[2],io[3],il,ir,t0,t1);
+    CAMELLIA_ROUNDSM(io[2],io[3],
+		     CamelliaSubkeyL(23),CamelliaSubkeyR(23),
+		     io[0],io[1],il,ir,t0,t1);
+
+    CAMELLIA_FLS(io[0],io[1],io[2],io[3],
+		 CamelliaSubkeyL(24),CamelliaSubkeyR(24),
+		 CamelliaSubkeyL(25),CamelliaSubkeyR(25),
+		 t0,t1,il,ir);
+
+    CAMELLIA_ROUNDSM(io[0],io[1],
+		     CamelliaSubkeyL(26),CamelliaSubkeyR(26),
+		     io[2],io[3],il,ir,t0,t1);
+    CAMELLIA_ROUNDSM(io[2],io[3],
+		     CamelliaSubkeyL(27),CamelliaSubkeyR(27),
+		     io[0],io[1],il,ir,t0,t1);
+    CAMELLIA_ROUNDSM(io[0],io[1],
+		     CamelliaSubkeyL(28),CamelliaSubkeyR(28),
+		     io[2],io[3],il,ir,t0,t1);
+    CAMELLIA_ROUNDSM(io[2],io[3],
+		     CamelliaSubkeyL(29),CamelliaSubkeyR(29),
+		     io[0],io[1],il,ir,t0,t1);
+    CAMELLIA_ROUNDSM(io[0],io[1],
+		     CamelliaSubkeyL(30),CamelliaSubkeyR(30),
+		     io[2],io[3],il,ir,t0,t1);
+    CAMELLIA_ROUNDSM(io[2],io[3],
+		     CamelliaSubkeyL(31),CamelliaSubkeyR(31),
+		     io[0],io[1],il,ir,t0,t1);
+
+    /* post whitening but kw4 */
+    io[2] ^= CamelliaSubkeyL(32);
+    io[3] ^= CamelliaSubkeyR(32);
+
+    t0 = io[0];
+    t1 = io[1];
+    io[0] = io[2];
+    io[1] = io[3];
+    io[2] = t0;
+    io[3] = t1;
+
+    return;
+}
+
+static void camellia_decrypt256(const u32 *subkey, u32 *io)
+{
+    u32 il,ir,t0,t1;           /* temporary valiables */
+
+    /* pre whitening but absorb kw2*/
+    io[0] ^= CamelliaSubkeyL(32);
+    io[1] ^= CamelliaSubkeyR(32);
+	
+    /* main iteration */
+    CAMELLIA_ROUNDSM(io[0],io[1],
+		     CamelliaSubkeyL(31),CamelliaSubkeyR(31),
+		     io[2],io[3],il,ir,t0,t1);
+    CAMELLIA_ROUNDSM(io[2],io[3],
+		     CamelliaSubkeyL(30),CamelliaSubkeyR(30),
+		     io[0],io[1],il,ir,t0,t1);
+    CAMELLIA_ROUNDSM(io[0],io[1],
+		     CamelliaSubkeyL(29),CamelliaSubkeyR(29),
+		     io[2],io[3],il,ir,t0,t1);
+    CAMELLIA_ROUNDSM(io[2],io[3],
+		     CamelliaSubkeyL(28),CamelliaSubkeyR(28),
+		     io[0],io[1],il,ir,t0,t1);
+    CAMELLIA_ROUNDSM(io[0],io[1],
+		     CamelliaSubkeyL(27),CamelliaSubkeyR(27),
+		     io[2],io[3],il,ir,t0,t1);
+    CAMELLIA_ROUNDSM(io[2],io[3],
+		     CamelliaSubkeyL(26),CamelliaSubkeyR(26),
+		     io[0],io[1],il,ir,t0,t1);
+
+    CAMELLIA_FLS(io[0],io[1],io[2],io[3],
+		 CamelliaSubkeyL(25),CamelliaSubkeyR(25),
+		 CamelliaSubkeyL(24),CamelliaSubkeyR(24),
+		 t0,t1,il,ir);
+
+    CAMELLIA_ROUNDSM(io[0],io[1],
+		     CamelliaSubkeyL(23),CamelliaSubkeyR(23),
+		     io[2],io[3],il,ir,t0,t1);
+    CAMELLIA_ROUNDSM(io[2],io[3],
+		     CamelliaSubkeyL(22),CamelliaSubkeyR(22),
+		     io[0],io[1],il,ir,t0,t1);
+    CAMELLIA_ROUNDSM(io[0],io[1],
+		     CamelliaSubkeyL(21),CamelliaSubkeyR(21),
+		     io[2],io[3],il,ir,t0,t1);
+    CAMELLIA_ROUNDSM(io[2],io[3],
+		     CamelliaSubkeyL(20),CamelliaSubkeyR(20),
+		     io[0],io[1],il,ir,t0,t1);
+    CAMELLIA_ROUNDSM(io[0],io[1],
+		     CamelliaSubkeyL(19),CamelliaSubkeyR(19),
+		     io[2],io[3],il,ir,t0,t1);
+    CAMELLIA_ROUNDSM(io[2],io[3],
+		     CamelliaSubkeyL(18),CamelliaSubkeyR(18),
+		     io[0],io[1],il,ir,t0,t1);
+
+    CAMELLIA_FLS(io[0],io[1],io[2],io[3],
+		 CamelliaSubkeyL(17),CamelliaSubkeyR(17),
+		 CamelliaSubkeyL(16),CamelliaSubkeyR(16),
+		 t0,t1,il,ir);
+
+    CAMELLIA_ROUNDSM(io[0],io[1],
+		     CamelliaSubkeyL(15),CamelliaSubkeyR(15),
+		     io[2],io[3],il,ir,t0,t1);
+    CAMELLIA_ROUNDSM(io[2],io[3],
+		     CamelliaSubkeyL(14),CamelliaSubkeyR(14),
+		     io[0],io[1],il,ir,t0,t1);
+    CAMELLIA_ROUNDSM(io[0],io[1],
+		     CamelliaSubkeyL(13),CamelliaSubkeyR(13),
+		     io[2],io[3],il,ir,t0,t1);
+    CAMELLIA_ROUNDSM(io[2],io[3],
+		     CamelliaSubkeyL(12),CamelliaSubkeyR(12),
+		     io[0],io[1],il,ir,t0,t1);
+    CAMELLIA_ROUNDSM(io[0],io[1],
+		     CamelliaSubkeyL(11),CamelliaSubkeyR(11),
+		     io[2],io[3],il,ir,t0,t1);
+    CAMELLIA_ROUNDSM(io[2],io[3],
+		     CamelliaSubkeyL(10),CamelliaSubkeyR(10),
+		     io[0],io[1],il,ir,t0,t1);
+
+    CAMELLIA_FLS(io[0],io[1],io[2],io[3],
+		 CamelliaSubkeyL(9),CamelliaSubkeyR(9),
+		 CamelliaSubkeyL(8),CamelliaSubkeyR(8),
+		 t0,t1,il,ir);
+
+    CAMELLIA_ROUNDSM(io[0],io[1],
+		     CamelliaSubkeyL(7),CamelliaSubkeyR(7),
+		     io[2],io[3],il,ir,t0,t1);
+    CAMELLIA_ROUNDSM(io[2],io[3],
+		     CamelliaSubkeyL(6),CamelliaSubkeyR(6),
+		     io[0],io[1],il,ir,t0,t1);
+    CAMELLIA_ROUNDSM(io[0],io[1],
+		     CamelliaSubkeyL(5),CamelliaSubkeyR(5),
+		     io[2],io[3],il,ir,t0,t1);
+    CAMELLIA_ROUNDSM(io[2],io[3],
+		     CamelliaSubkeyL(4),CamelliaSubkeyR(4),
+		     io[0],io[1],il,ir,t0,t1);
+    CAMELLIA_ROUNDSM(io[0],io[1],
+		     CamelliaSubkeyL(3),CamelliaSubkeyR(3),
+		     io[2],io[3],il,ir,t0,t1);
+    CAMELLIA_ROUNDSM(io[2],io[3],
+		     CamelliaSubkeyL(2),CamelliaSubkeyR(2),
+		     io[0],io[1],il,ir,t0,t1);
+
+    /* post whitening but kw4 */
+    io[2] ^= CamelliaSubkeyL(0);
+    io[3] ^= CamelliaSubkeyR(0);
+
+    t0 = io[0];
+    t1 = io[1];
+    io[0] = io[2];
+    io[1] = io[3];
+    io[2] = t0;
+    io[3] = t1;
+
+    return;
+}
+
+/***
+ *
+ * API for compatibility
+ */
+
+static void Camellia_EncryptBlock(const int keyBitLength, 
+			   const unsigned char *plaintext, 
+			   const KEY_TABLE_TYPE keyTable, 
+			   unsigned char *ciphertext)
+{
+    u32 tmp[4];
+
+    tmp[0] = GETU32(plaintext);
+    tmp[1] = GETU32(plaintext + 4);
+    tmp[2] = GETU32(plaintext + 8);
+    tmp[3] = GETU32(plaintext + 12);
+
+    switch (keyBitLength) {
+    case 128:
+	camellia_encrypt128(keyTable, tmp);
+	break;
+    case 192:
+	/* fall through */
+    case 256:
+	camellia_encrypt256(keyTable, tmp);
+	break;
+    default:
+	break;
+    }
+
+    PUTU32(ciphertext, tmp[0]);
+    PUTU32(ciphertext + 4, tmp[1]);
+    PUTU32(ciphertext + 8, tmp[2]);
+    PUTU32(ciphertext + 12, tmp[3]);
+}
+
+static void Camellia_DecryptBlock(const int keyBitLength, 
+			   const unsigned char *ciphertext, 
+			   const KEY_TABLE_TYPE keyTable, 
+			   unsigned char *plaintext)
+{
+    u32 tmp[4];
+
+    tmp[0] = GETU32(ciphertext);
+    tmp[1] = GETU32(ciphertext + 4);
+    tmp[2] = GETU32(ciphertext + 8);
+    tmp[3] = GETU32(ciphertext + 12);
+
+    switch (keyBitLength) {
+    case 128:
+	camellia_decrypt128(keyTable, tmp);
+	break;
+    case 192:
+	/* fall through */
+    case 256:
+	camellia_decrypt256(keyTable, tmp);
+	break;
+    default:
+	break;
+    }
+    PUTU32(plaintext, tmp[0]);
+    PUTU32(plaintext + 4, tmp[1]);
+    PUTU32(plaintext + 8, tmp[2]);
+    PUTU32(plaintext + 12, tmp[3]);
+}
+
+
+
+/* wolfCrypt wrappers to the Camellia code */
+
+int wc_CamelliaSetKey(Camellia* cam, const byte* key, word32 len, const byte* iv)
+{
+    int ret = 0;
+
+    if (cam == NULL) return BAD_FUNC_ARG;
+
+    XMEMSET(cam->key, 0, sizeof(KEY_TABLE_TYPE));
+
+    switch (len) {
+        case 16:
+        	ret = camellia_setup128(key, cam->key);
+            break;
+        case 24:
+        	ret = camellia_setup192(key, cam->key);
+            break;
+        case 32:
+            ret = camellia_setup256(key, cam->key);
+            break;
+        default:
+            return BAD_FUNC_ARG;
+    }
+
+    if (ret != 0)
+        return ret;
+
+    cam->keySz = len * 8;
+
+    return wc_CamelliaSetIV(cam, iv);
+}
+
+
+int wc_CamelliaSetIV(Camellia* cam, const byte* iv)
+{
+    if (cam == NULL)
+        return BAD_FUNC_ARG;
+
+    if (iv)
+        XMEMCPY(cam->reg, iv, CAMELLIA_BLOCK_SIZE);
+    else
+        XMEMSET(cam->reg,  0, CAMELLIA_BLOCK_SIZE);
+
+    return 0;
+}
+
+
+void wc_CamelliaEncryptDirect(Camellia* cam, byte* out, const byte* in)
+{
+    Camellia_EncryptBlock(cam->keySz, in, cam->key, out);
+}
+
+
+void wc_CamelliaDecryptDirect(Camellia* cam, byte* out, const byte* in)
+{
+    Camellia_DecryptBlock(cam->keySz, in, cam->key, out);
+}
+
+
+void wc_CamelliaCbcEncrypt(Camellia* cam, byte* out, const byte* in, word32 sz)
+{
+    word32 blocks = sz / CAMELLIA_BLOCK_SIZE;
+
+    while (blocks--) {
+        xorbuf((byte*)cam->reg, in, CAMELLIA_BLOCK_SIZE);
+        Camellia_EncryptBlock(cam->keySz, (byte*)cam->reg,
+                                                     cam->key, (byte*)cam->reg);
+        XMEMCPY(out, cam->reg, CAMELLIA_BLOCK_SIZE);
+
+        out += CAMELLIA_BLOCK_SIZE;
+        in  += CAMELLIA_BLOCK_SIZE;
+    }
+}
+
+
+void wc_CamelliaCbcDecrypt(Camellia* cam, byte* out, const byte* in, word32 sz)
+{
+    word32 blocks = sz / CAMELLIA_BLOCK_SIZE;
+
+    while (blocks--) {
+        XMEMCPY(cam->tmp, in, CAMELLIA_BLOCK_SIZE);
+        Camellia_DecryptBlock(cam->keySz, (byte*)cam->tmp, cam->key, out);
+        xorbuf(out, (byte*)cam->reg, CAMELLIA_BLOCK_SIZE);
+        XMEMCPY(cam->reg, cam->tmp, CAMELLIA_BLOCK_SIZE);
+
+        out += CAMELLIA_BLOCK_SIZE;
+        in  += CAMELLIA_BLOCK_SIZE;
+    }
+}
+
+
+#endif /* HAVE_CAMELLIA */
+
diff --git a/3P/wolfssl/wolfcrypt/src/chacha.c b/3P/wolfssl/wolfcrypt/src/chacha.c
new file mode 100644
index 00000000..25e42a1d
--- /dev/null
+++ b/3P/wolfssl/wolfcrypt/src/chacha.c
@@ -0,0 +1,250 @@
+/* chacha.c
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ *
+ *  based from
+ *  chacha-ref.c version 20080118
+ *  D. J. Bernstein
+ *  Public domain.
+ */
+
+
+#ifdef HAVE_CONFIG_H
+    #include 
+#endif
+
+#include 
+
+#ifdef HAVE_CHACHA
+
+#include 
+#include 
+#include 
+#ifdef NO_INLINE
+    #include 
+#else
+    #include 
+#endif
+
+#ifdef CHACHA_AEAD_TEST
+    #include 
+#endif
+
+#ifdef BIG_ENDIAN_ORDER
+    #define LITTLE32(x) ByteReverseWord32(x)
+#else
+    #define LITTLE32(x) (x)
+#endif
+
+/* Number of rounds */
+#define ROUNDS  20
+
+#define U32C(v) (v##U)
+#define U32V(v) ((word32)(v) & U32C(0xFFFFFFFF))
+#define U8TO32_LITTLE(p) LITTLE32(((word32*)(p))[0])
+
+#define ROTATE(v,c) rotlFixed(v, c)
+#define XOR(v,w)    ((v) ^ (w))
+#define PLUS(v,w)   (U32V((v) + (w)))
+#define PLUSONE(v)  (PLUS((v),1))
+
+#define QUARTERROUND(a,b,c,d) \
+  x[a] = PLUS(x[a],x[b]); x[d] = ROTATE(XOR(x[d],x[a]),16); \
+  x[c] = PLUS(x[c],x[d]); x[b] = ROTATE(XOR(x[b],x[c]),12); \
+  x[a] = PLUS(x[a],x[b]); x[d] = ROTATE(XOR(x[d],x[a]), 8); \
+  x[c] = PLUS(x[c],x[d]); x[b] = ROTATE(XOR(x[b],x[c]), 7);
+
+
+/**
+  * Set up iv(nonce). Earlier versions used 64 bits instead of 96, this version
+  * uses the typical AEAD 96 bit nonce and can do record sizes of 256 GB.
+  */
+int wc_Chacha_SetIV(ChaCha* ctx, const byte* inIv, word32 counter)
+{
+    word32 temp[3];       /* used for alignment of memory */
+    XMEMSET(temp, 0, 12);
+
+    if (ctx == NULL)
+        return BAD_FUNC_ARG;
+
+#ifdef CHACHA_AEAD_TEST
+    word32 i;
+    printf("NONCE : ");
+    for (i = 0; i < 12; i++) {
+        printf("%02x", inIv[i]);
+    }
+    printf("\n\n");
+#endif
+
+    XMEMCPY(temp, inIv, 12);
+
+    ctx->X[12] = counter; /* block counter */
+    ctx->X[13] = temp[0]; /* fixed variable from nonce */
+    ctx->X[14] = temp[1]; /* counter from nonce */
+    ctx->X[15] = temp[2]; /* counter from nonce */
+
+    return 0;
+}
+
+/* "expand 32-byte k" as unsigned 32 byte */
+static const word32 sigma[4] = {0x61707865, 0x3320646e, 0x79622d32, 0x6b206574};
+/* "expand 16-byte k" as unsigned 16 byte */
+static const word32 tau[4] = {0x61707865, 0x3120646e, 0x79622d36, 0x6b206574};
+
+/**
+  * Key setup. 8 word iv (nonce)
+  */
+int wc_Chacha_SetKey(ChaCha* ctx, const byte* key, word32 keySz)
+{
+    const word32* constants;
+    const byte*   k;
+
+    if (ctx == NULL)
+        return BAD_FUNC_ARG;
+
+#ifdef XSTREAM_ALIGN
+    word32 alignKey[keySz / 4];
+    if ((wolfssl_word)key % 4) {
+        WOLFSSL_MSG("wc_ChachaSetKey unaligned key");
+        XMEMCPY(alignKey, key, sizeof(alignKey));
+        k = (byte*)alignKey;
+    }
+    else {
+        k = key;
+    }
+#else
+    k = key;
+#endif /* XSTREAM_ALIGN */
+
+#ifdef CHACHA_AEAD_TEST
+    word32 i;
+    printf("ChaCha key used :\n");
+    for (i = 0; i < keySz; i++) {
+        printf("%02x", key[i]);
+        if ((i + 1) % 8 == 0)
+           printf("\n");
+    }
+    printf("\n\n");
+#endif
+
+    ctx->X[4] = U8TO32_LITTLE(k +  0);
+    ctx->X[5] = U8TO32_LITTLE(k +  4);
+    ctx->X[6] = U8TO32_LITTLE(k +  8);
+    ctx->X[7] = U8TO32_LITTLE(k + 12);
+    if (keySz == 32) {
+        k += 16;
+        constants = sigma;
+    }
+    else {
+        /* key size of 128 */
+        if (keySz != 16)
+            return BAD_FUNC_ARG;
+
+        constants = tau;
+    }
+    ctx->X[ 8] = U8TO32_LITTLE(k +  0);
+    ctx->X[ 9] = U8TO32_LITTLE(k +  4);
+    ctx->X[10] = U8TO32_LITTLE(k +  8);
+    ctx->X[11] = U8TO32_LITTLE(k + 12);
+    ctx->X[ 0] = U8TO32_LITTLE(constants + 0);
+    ctx->X[ 1] = U8TO32_LITTLE(constants + 1);
+    ctx->X[ 2] = U8TO32_LITTLE(constants + 2);
+    ctx->X[ 3] = U8TO32_LITTLE(constants + 3);
+
+    return 0;
+}
+
+/**
+  * Converts word into bytes with rotations having been done.
+  */
+static INLINE void wc_Chacha_wordtobyte(word32 output[16], const word32 input[16])
+{
+    word32 x[16];
+    word32 i;
+
+    for (i = 0; i < 16; i++) {
+        x[i] = input[i];
+    }
+
+    for (i = (ROUNDS); i > 0; i -= 2) {
+        QUARTERROUND(0, 4,  8, 12)
+        QUARTERROUND(1, 5,  9, 13)
+        QUARTERROUND(2, 6, 10, 14)
+        QUARTERROUND(3, 7, 11, 15)
+        QUARTERROUND(0, 5, 10, 15)
+        QUARTERROUND(1, 6, 11, 12)
+        QUARTERROUND(2, 7,  8, 13)
+        QUARTERROUND(3, 4,  9, 14)
+    }
+
+    for (i = 0; i < 16; i++) {
+        x[i] = PLUS(x[i], input[i]);
+    }
+
+    for (i = 0; i < 16; i++) {
+        output[i] = LITTLE32(x[i]);
+    }
+}
+
+/**
+  * Encrypt a stream of bytes
+  */
+static void wc_Chacha_encrypt_bytes(ChaCha* ctx, const byte* m, byte* c,
+                                 word32 bytes)
+{
+    byte*  output;
+    word32 temp[16]; /* used to make sure aligned */
+    word32 i;
+
+    output = (byte*)temp;
+
+    if (!bytes) return;
+    for (;;) {
+        wc_Chacha_wordtobyte(temp, ctx->X);
+        ctx->X[12] = PLUSONE(ctx->X[12]);
+        if (bytes <= 64) {
+            for (i = 0; i < bytes; ++i) {
+                c[i] = m[i] ^ output[i];
+            }
+            return;
+        }
+        for (i = 0; i < 64; ++i) {
+            c[i] = m[i] ^ output[i];
+        }
+        bytes -= 64;
+        c += 64;
+        m += 64;
+    }
+}
+
+/**
+  * API to encrypt/decrypt a message of any size.
+  */
+int wc_Chacha_Process(ChaCha* ctx, byte* output, const byte* input, word32 msglen)
+{
+    if (ctx == NULL)
+        return BAD_FUNC_ARG;
+
+    wc_Chacha_encrypt_bytes(ctx, input, output, msglen);
+
+    return 0;
+}
+
+#endif /* HAVE_CHACHA*/
+
diff --git a/3P/wolfssl/wolfcrypt/src/coding.c b/3P/wolfssl/wolfcrypt/src/coding.c
new file mode 100644
index 00000000..1834c2da
--- /dev/null
+++ b/3P/wolfssl/wolfcrypt/src/coding.c
@@ -0,0 +1,399 @@
+/* coding.c
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+#ifdef HAVE_CONFIG_H
+    #include 
+#endif
+
+#include 
+
+#ifndef NO_CODING
+
+#include 
+#include 
+#include 
+
+
+enum {
+    BAD         = 0xFF,  /* invalid encoding */
+    PAD         = '=',
+    PEM_LINE_SZ = 64
+};
+
+
+static
+const byte base64Decode[] = { 62, BAD, BAD, BAD, 63,   /* + starts at 0x2B */
+                              52, 53, 54, 55, 56, 57, 58, 59, 60, 61,
+                              BAD, BAD, BAD, BAD, BAD, BAD, BAD,
+                              0, 1, 2, 3, 4, 5, 6, 7, 8, 9,
+                              10, 11, 12, 13, 14, 15, 16, 17, 18, 19,
+                              20, 21, 22, 23, 24, 25,
+                              BAD, BAD, BAD, BAD, BAD, BAD,
+                              26, 27, 28, 29, 30, 31, 32, 33, 34, 35,
+                              36, 37, 38, 39, 40, 41, 42, 43, 44, 45,
+                              46, 47, 48, 49, 50, 51
+                            };
+
+
+int Base64_Decode(const byte* in, word32 inLen, byte* out, word32* outLen)
+{
+    word32 i = 0;
+    word32 j = 0;
+    word32 plainSz = inLen - ((inLen + (PEM_LINE_SZ - 1)) / PEM_LINE_SZ );
+    const byte maxIdx = (byte)sizeof(base64Decode) + 0x2B - 1;
+
+    plainSz = (plainSz * 3 + 3) / 4;
+    if (plainSz > *outLen) return BAD_FUNC_ARG;
+
+    while (inLen > 3) {
+        byte b1, b2, b3;
+        byte e1 = in[j++];
+        byte e2 = in[j++];
+        byte e3 = in[j++];
+        byte e4 = in[j++];
+
+        int pad3 = 0;
+        int pad4 = 0;
+
+        if (e1 == 0)            /* end file 0's */
+            break;
+        if (e3 == PAD)
+            pad3 = 1;
+        if (e4 == PAD)
+            pad4 = 1;
+
+        if (e1 < 0x2B || e2 < 0x2B || e3 < 0x2B || e4 < 0x2B) {
+            WOLFSSL_MSG("Bad Base64 Decode data, too small");
+            return ASN_INPUT_E;
+        }
+
+        if (e1 > maxIdx || e2 > maxIdx || e3 > maxIdx || e4 > maxIdx) {
+            WOLFSSL_MSG("Bad Base64 Decode data, too big");
+            return ASN_INPUT_E;
+        }
+
+        e1 = base64Decode[e1 - 0x2B];
+        e2 = base64Decode[e2 - 0x2B];
+        e3 = (e3 == PAD) ? 0 : base64Decode[e3 - 0x2B];
+        e4 = (e4 == PAD) ? 0 : base64Decode[e4 - 0x2B];
+
+        b1 = (byte)((e1 << 2) | (e2 >> 4));
+        b2 = (byte)(((e2 & 0xF) << 4) | (e3 >> 2));
+        b3 = (byte)(((e3 & 0x3) << 6) | e4);
+
+        out[i++] = b1;
+        if (!pad3)
+            out[i++] = b2;
+        if (!pad4)
+            out[i++] = b3;
+        else
+            break;
+
+        inLen -= 4;
+        if (inLen && (in[j] == ' ' || in[j] == '\r' || in[j] == '\n')) {
+            byte endLine = in[j++];
+            inLen--;
+            while (inLen && endLine == ' ') {   /* allow trailing whitespace */
+                endLine = in[j++];
+                inLen--;
+            }
+            if (endLine == '\r') {
+                if (inLen) {
+                    endLine = in[j++];
+                    inLen--;
+                }
+            }
+            if (endLine != '\n') {
+                WOLFSSL_MSG("Bad end of line in Base64 Decode");
+                return ASN_INPUT_E;
+            }
+        }
+    }
+    *outLen = i;
+
+    return 0;
+}
+
+
+#if defined(OPENSSL_EXTRA) || defined (SESSION_CERTS) || defined(WOLFSSL_KEY_GEN) || defined(WOLFSSL_CERT_GEN) || defined(HAVE_WEBSERVER)
+
+static
+const byte base64Encode[] = { 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J',
+                              'K', 'L', 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T',
+                              'U', 'V', 'W', 'X', 'Y', 'Z',
+                              'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j',
+                              'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's', 't',
+                              'u', 'v', 'w', 'x', 'y', 'z',
+                              '0', '1', '2', '3', '4', '5', '6', '7', '8', '9',
+                              '+', '/'
+                            };
+
+
+/* make sure *i (idx) won't exceed max, store and possibly escape to out,
+ * raw means use e w/o decode,  0 on success */
+static int CEscape(int escaped, byte e, byte* out, word32* i, word32 max,
+                  int raw)
+{
+    int    doEscape = 0;
+    word32 needed = 1;
+    word32 idx = *i;
+
+    byte basic;
+    byte plus    = 0;
+    byte equals  = 0;
+    byte newline = 0;
+
+    if (raw)
+        basic = e;
+    else
+        basic = base64Encode[e];
+
+    /* check whether to escape */
+    if (escaped) {
+        switch ((char)basic) {
+            case '+' :
+                plus     = 1;
+                doEscape = 1;
+                needed  += 2;
+                break;
+            case '=' :
+                equals   = 1;
+                doEscape = 1;
+                needed  += 2;
+                break;
+            case '\n' :
+                newline  = 1;
+                doEscape = 1;
+                needed  += 2;
+                break;
+            default:
+                /* do nothing */
+                break;
+        }
+    }
+
+    /* check size */
+    if ( (idx+needed) > max) {
+        WOLFSSL_MSG("Escape buffer max too small");
+        return BUFFER_E;
+    }
+
+    /* store it */
+    if (doEscape == 0) {
+        out[idx++] = basic;
+    }
+    else {
+        out[idx++] = '%';  /* start escape */
+
+        if (plus) {
+            out[idx++] = '2';
+            out[idx++] = 'B';
+        }
+        else if (equals) {
+            out[idx++] = '3';
+            out[idx++] = 'D';
+        }
+        else if (newline) {
+            out[idx++] = '0';
+            out[idx++] = 'A';
+        }
+
+    }
+    *i = idx;
+
+    return 0;
+}
+
+
+/* internal worker, handles both escaped and normal line endings */
+static int DoBase64_Encode(const byte* in, word32 inLen, byte* out,
+                           word32* outLen, int escaped)
+{
+    int    ret = 0;
+    word32 i = 0,
+           j = 0,
+           n = 0;   /* new line counter */
+
+    word32 outSz = (inLen + 3 - 1) / 3 * 4;
+    word32 addSz = (outSz + PEM_LINE_SZ - 1) / PEM_LINE_SZ;  /* new lines */
+
+    if (escaped)
+        addSz *= 3;   /* instead of just \n, we're doing %0A triplet */
+
+    outSz += addSz;
+
+    /* if escaped we can't predetermine size for one pass encoding, but
+     * make sure we have enough if no escapes are in input */
+    if (outSz > *outLen) return BAD_FUNC_ARG;
+    
+    while (inLen > 2) {
+        byte b1 = in[j++];
+        byte b2 = in[j++];
+        byte b3 = in[j++];
+
+        /* encoded idx */
+        byte e1 = b1 >> 2;
+        byte e2 = (byte)(((b1 & 0x3) << 4) | (b2 >> 4));
+        byte e3 = (byte)(((b2 & 0xF) << 2) | (b3 >> 6));
+        byte e4 = b3 & 0x3F;
+
+        /* store */
+        ret = CEscape(escaped, e1, out, &i, *outLen, 0);
+        if (ret != 0) break;
+        ret = CEscape(escaped, e2, out, &i, *outLen, 0);
+        if (ret != 0) break;
+        ret = CEscape(escaped, e3, out, &i, *outLen, 0);
+        if (ret != 0) break;
+        ret = CEscape(escaped, e4, out, &i, *outLen, 0);
+        if (ret != 0) break;
+
+        inLen -= 3;
+
+        if ((++n % (PEM_LINE_SZ / 4)) == 0 && inLen) {
+            ret = CEscape(escaped, '\n', out, &i, *outLen, 1);
+            if (ret != 0) break;
+        }
+    }
+
+    /* last integral */
+    if (inLen && ret == 0) {
+        int twoBytes = (inLen == 2);
+
+        byte b1 = in[j++];
+        byte b2 = (twoBytes) ? in[j++] : 0;
+
+        byte e1 = b1 >> 2;
+        byte e2 = (byte)(((b1 & 0x3) << 4) | (b2 >> 4));
+        byte e3 = (byte)((b2 & 0xF) << 2);
+
+        ret = CEscape(escaped, e1, out, &i, *outLen, 0);
+        if (ret == 0) 
+            ret = CEscape(escaped, e2, out, &i, *outLen, 0);
+        if (ret == 0) {
+            /* third */
+            if (twoBytes)
+                ret = CEscape(escaped, e3, out, &i, *outLen, 0);
+            else 
+                ret = CEscape(escaped, '=', out, &i, *outLen, 1);
+        }
+        /* fourth always pad */
+        if (ret == 0)
+            ret = CEscape(escaped, '=', out, &i, *outLen, 1);
+    } 
+
+    if (ret == 0) 
+        ret = CEscape(escaped, '\n', out, &i, *outLen, 1);
+
+    if (i != outSz && escaped == 0 && ret == 0)
+        return ASN_INPUT_E; 
+
+    *outLen = i;
+    return ret; 
+}
+
+
+/* Base64 Encode, PEM style, with \n line endings */
+int Base64_Encode(const byte* in, word32 inLen, byte* out, word32* outLen)
+{
+    return DoBase64_Encode(in, inLen, out, outLen, 0);
+}
+
+
+/* Base64 Encode, with %0A esacped line endings instead of \n */
+int Base64_EncodeEsc(const byte* in, word32 inLen, byte* out, word32* outLen)
+{
+    return DoBase64_Encode(in, inLen, out, outLen, 1);
+}
+
+
+#endif  /* defined(OPENSSL_EXTRA) || defined (SESSION_CERTS) || defined(WOLFSSL_KEY_GEN) || defined(WOLFSSL_CERT_GEN) || defined(HAVE_WEBSERVER) */
+
+
+#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) || defined(HAVE_FIPS)
+
+static
+const byte hexDecode[] = { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9,
+                           BAD, BAD, BAD, BAD, BAD, BAD, BAD,
+                           10, 11, 12, 13, 14, 15,  /* upper case A-F */
+                           BAD, BAD, BAD, BAD, BAD, BAD, BAD, BAD,
+                           BAD, BAD, BAD, BAD, BAD, BAD, BAD, BAD,
+                           BAD, BAD, BAD, BAD, BAD, BAD, BAD, BAD,
+                           BAD, BAD,  /* G - ` */
+                           10, 11, 12, 13, 14, 15   /* lower case a-f */
+                         };  /* A starts at 0x41 not 0x3A */
+
+int Base16_Decode(const byte* in, word32 inLen, byte* out, word32* outLen)
+{
+    word32 inIdx  = 0;
+    word32 outIdx = 0;
+
+    if (inLen == 1 && *outLen && in) {
+        byte b = in[inIdx++] - 0x30;  /* 0 starts at 0x30 */
+
+        /* sanity check */
+        if (b >=  sizeof(hexDecode)/sizeof(hexDecode[0]))
+            return ASN_INPUT_E;
+
+        b  = hexDecode[b];
+
+        if (b == BAD)
+            return ASN_INPUT_E;
+        
+        out[outIdx++] = b;
+
+        *outLen = outIdx;
+        return 0;
+    }
+
+    if (inLen % 2)
+        return BAD_FUNC_ARG;
+
+    if (*outLen < (inLen / 2))
+        return BAD_FUNC_ARG;
+
+    while (inLen) {
+        byte b  = in[inIdx++] - 0x30;  /* 0 starts at 0x30 */
+        byte b2 = in[inIdx++] - 0x30;
+
+        /* sanity checks */
+        if (b >=  sizeof(hexDecode)/sizeof(hexDecode[0]))
+            return ASN_INPUT_E;
+        if (b2 >= sizeof(hexDecode)/sizeof(hexDecode[0]))
+            return ASN_INPUT_E;
+
+        b  = hexDecode[b];
+        b2 = hexDecode[b2];
+
+        if (b == BAD || b2 == BAD)
+            return ASN_INPUT_E;
+        
+        out[outIdx++] = (byte)((b << 4) | b2);
+        inLen -= 2;
+    }
+
+    *outLen = outIdx;
+    return 0;
+}
+
+
+#endif /* (OPENSSL_EXTRA) || (HAVE_WEBSERVER) || (HAVE_FIPS) */
+
+#endif /* NO_CODING */
diff --git a/3P/wolfssl/wolfcrypt/src/compress.c b/3P/wolfssl/wolfcrypt/src/compress.c
new file mode 100644
index 00000000..a01c071d
--- /dev/null
+++ b/3P/wolfssl/wolfcrypt/src/compress.c
@@ -0,0 +1,169 @@
+/* compress.c
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ wc_*
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#ifdef HAVE_CONFIG_H
+    #include 
+#endif
+
+#include 
+
+#ifdef HAVE_LIBZ
+
+
+#include 
+#include 
+#include 
+#ifdef NO_INLINE
+    #include 
+#else
+    #include 
+#endif
+
+#include 
+
+
+/* alloc user allocs to work with zlib */
+static void* myAlloc(void* opaque, unsigned int item, unsigned int size)
+{
+    (void)opaque;
+    return XMALLOC(item * size, opaque, DYNAMIC_TYPE_LIBZ);
+}
+
+
+static void myFree(void* opaque, void* memory)
+{
+    (void)opaque;
+    XFREE(memory, opaque, DYNAMIC_TYPE_LIBZ);
+}
+
+
+#ifdef HAVE_MCAPI
+    #define DEFLATE_DEFAULT_WINDOWBITS  11
+    #define DEFLATE_DEFAULT_MEMLEVEL     1
+#else
+    #define DEFLATE_DEFAULT_WINDOWBITS 15
+    #define DEFLATE_DEFAULT_MEMLEVEL    8
+#endif
+
+
+int wc_Compress(byte* out, word32 outSz, const byte* in, word32 inSz, word32 flags)
+/*
+ * out - pointer to destination buffer
+ * outSz - size of destination buffer
+ * in - pointer to source buffer to compress
+ * inSz - size of source to compress
+ * flags - flags to control how compress operates 
+ *
+ * return:
+ *    negative - error code
+ *    positive - bytes stored in out buffer
+ * 
+ * Note, the output buffer still needs to be larger than the input buffer.
+ * The right chunk of data won't compress at all, and the lookup table will
+ * add to the size of the output. The libz code says the compressed
+ * buffer should be srcSz + 0.1% + 12.
+ */
+{
+    z_stream stream;
+    int result = 0;
+
+    stream.next_in = (Bytef*)in;
+    stream.avail_in = (uInt)inSz;
+#ifdef MAXSEG_64K
+    /* Check for source > 64K on 16-bit machine: */
+    if ((uLong)stream.avail_in != inSz) return COMPRESS_INIT_E;
+#endif
+    stream.next_out = out;
+    stream.avail_out = (uInt)outSz;
+    if ((uLong)stream.avail_out != outSz) return COMPRESS_INIT_E;
+
+    stream.zalloc = (alloc_func)myAlloc;
+    stream.zfree = (free_func)myFree;
+    stream.opaque = (voidpf)0;
+
+    if (deflateInit2(&stream, Z_DEFAULT_COMPRESSION, Z_DEFLATED,
+                     DEFLATE_DEFAULT_WINDOWBITS, DEFLATE_DEFAULT_MEMLEVEL,
+                     flags ? Z_FIXED : Z_DEFAULT_STRATEGY) != Z_OK)
+        return COMPRESS_INIT_E;
+
+    if (deflate(&stream, Z_FINISH) != Z_STREAM_END) {
+        deflateEnd(&stream);
+        return COMPRESS_E;
+    }
+
+    result = (int)stream.total_out;
+
+    if (deflateEnd(&stream) != Z_OK)
+        result = COMPRESS_E;
+
+    return result;
+}
+
+
+int wc_DeCompress(byte* out, word32 outSz, const byte* in, word32 inSz)
+/*
+ * out - pointer to destination buffer
+ * outSz - size of destination buffer
+ * in - pointer to source buffer to compress
+ * inSz - size of source to compress
+ * flags - flags to control how compress operates 
+ *
+ * return:
+ *    negative - error code
+ *    positive - bytes stored in out buffer
+ */ 
+{
+    z_stream stream;
+    int result = 0;
+
+    stream.next_in = (Bytef*)in;
+    stream.avail_in = (uInt)inSz;
+    /* Check for source > 64K on 16-bit machine: */
+    if ((uLong)stream.avail_in != inSz) return DECOMPRESS_INIT_E;
+
+    stream.next_out = out;
+    stream.avail_out = (uInt)outSz;
+    if ((uLong)stream.avail_out != outSz) return DECOMPRESS_INIT_E;
+
+    stream.zalloc = (alloc_func)myAlloc;
+    stream.zfree = (free_func)myFree;
+    stream.opaque = (voidpf)0;
+
+    if (inflateInit2(&stream, DEFLATE_DEFAULT_WINDOWBITS) != Z_OK)
+        return DECOMPRESS_INIT_E;
+
+    if (inflate(&stream, Z_FINISH) != Z_STREAM_END) {
+        inflateEnd(&stream);
+        return DECOMPRESS_E;
+    }
+    
+    result = (int)stream.total_out;
+
+    if (inflateEnd(&stream) != Z_OK)
+        result = DECOMPRESS_E;
+
+    return result;
+}
+
+
+#endif /* HAVE_LIBZ */
+
diff --git a/3P/wolfssl/wolfcrypt/src/des3.c b/3P/wolfssl/wolfcrypt/src/des3.c
new file mode 100644
index 00000000..5edb7f79
--- /dev/null
+++ b/3P/wolfssl/wolfcrypt/src/des3.c
@@ -0,0 +1,1672 @@
+/* des3.c
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+#ifdef HAVE_CONFIG_H
+    #include 
+#endif
+
+#include 
+
+#ifndef NO_DES3
+
+#include 
+
+#ifdef HAVE_FIPS
+#ifdef HAVE_CAVIUM
+    static int wc_Des3_CaviumSetKey(Des3* des3, const byte* key, const byte* iv);
+    static int wc_Des3_CaviumCbcEncrypt(Des3* des3, byte* out, const byte* in,
+                                      word32 length);
+    static int wc_Des3_CaviumCbcDecrypt(Des3* des3, byte* out, const byte* in,
+                                      word32 length);
+#endif
+
+int wc_Des_SetKey(Des* des, const byte* key, const byte* iv, int dir)
+{
+    return Des_SetKey(des, key, iv, dir);
+}
+
+
+int wc_Des3_SetKey(Des3* des, const byte* key, const byte* iv, int dir)
+{
+    return Des3_SetKey_fips(des, key, iv, dir);
+}
+
+
+int wc_Des_CbcEncrypt(Des* des, byte* out, const byte* in, word32 sz)
+{
+    return Des_CbcEncrypt(des, out, in, sz);
+}
+
+
+int wc_Des_CbcDecrypt(Des* des, byte* out, const byte* in, word32 sz)
+{
+    return Des_CbcDecrypt(des, out, in, sz);
+}
+
+
+int wc_Des3_CbcEncrypt(Des3* des, byte* out, const byte* in, word32 sz)
+{
+    return Des3_CbcEncrypt_fips(des, out, in, sz);
+}
+
+
+int wc_Des3_CbcDecrypt(Des3* des, byte* out, const byte* in, word32 sz)
+{
+    return Des3_CbcDecrypt_fips(des, out, in, sz);
+}
+
+
+#ifdef WOLFSSL_DES_ECB
+
+/* One block, compatibility only */
+int wc_Des_EcbEncrypt(Des* des, byte* out, const byte* in, word32 sz)
+{
+    return Des_EcbEncrypt(des, out, in, sz);
+}
+
+#endif /* WOLFSSL_DES_ECB */
+
+
+void wc_Des_SetIV(Des* des, const byte* iv)
+{
+    Des_SetIV(des, iv);
+}
+
+
+int wc_Des_CbcDecryptWithKey(byte* out, const byte* in, word32 sz,
+                                                const byte* key, const byte* iv)
+{
+    return Des_CbcDecryptWithKey(out, in, sz, key, iv);
+}
+
+
+int wc_Des3_SetIV(Des3* des, const byte* iv)
+{
+    return Des3_SetIV_fips(des, iv);
+}
+
+
+int wc_Des3_CbcDecryptWithKey(byte* out, const byte* in, word32 sz,
+                                                const byte* key, const byte* iv)
+{
+    return Des3_CbcDecryptWithKey(out, in, sz, key, iv);
+}
+
+
+#ifdef HAVE_CAVIUM
+
+/* Initiliaze Des3 for use with Nitrox device */
+int wc_Des3_InitCavium(Des3* des3, int devId)
+{
+    return Des3_InitCavium(des3, devId);
+}
+
+
+/* Free Des3 from use with Nitrox device */
+void wc_Des3_FreeCavium(Des3* des3)
+{
+    Des3_FreeCavium(des3);
+}
+
+
+#endif /* HAVE_CAVIUM */
+#else /* build without fips */
+#include 
+#include 
+
+#ifdef NO_INLINE
+    #include 
+#else
+    #include 
+#endif
+
+
+#ifdef HAVE_CAVIUM
+    static int wc_Des3_CaviumSetKey(Des3* des3, const byte* key, const byte* iv);
+    static int wc_Des3_CaviumCbcEncrypt(Des3* des3, byte* out, const byte* in,
+                                      word32 length);
+    static int wc_Des3_CaviumCbcDecrypt(Des3* des3, byte* out, const byte* in,
+                                      word32 length);
+#endif
+
+
+
+
+#ifdef STM32F2_CRYPTO
+    /*
+     * STM32F2 hardware DES/3DES support through the STM32F2 standard
+     * peripheral library. Documentation located in STM32F2xx Standard
+     * Peripheral Library document (See note in README).
+     */
+    #include "stm32f2xx.h"
+		#include "stm32f2xx_cryp.h"
+
+    int wc_Des_SetKey(Des* des, const byte* key, const byte* iv, int dir)
+    {
+        word32 *dkey = des->key;
+
+        XMEMCPY(dkey, key, 8);
+        ByteReverseWords(dkey, dkey, 8);
+
+        wc_Des_SetIV(des, iv);
+
+        return 0;
+    }
+
+    int wc_Des3_SetKey(Des3* des, const byte* key, const byte* iv, int dir)
+    {
+        word32 *dkey1 = des->key[0];
+        word32 *dkey2 = des->key[1];
+        word32 *dkey3 = des->key[2];
+
+        XMEMCPY(dkey1, key, 8);         /* set key 1 */
+        XMEMCPY(dkey2, key + 8, 8);     /* set key 2 */
+        XMEMCPY(dkey3, key + 16, 8);    /* set key 3 */
+
+        ByteReverseWords(dkey1, dkey1, 8);
+        ByteReverseWords(dkey2, dkey2, 8);
+        ByteReverseWords(dkey3, dkey3, 8);
+
+        return wc_Des3_SetIV(des, iv);
+    }
+
+    void DesCrypt(Des* des, byte* out, const byte* in, word32 sz,
+                  int dir, int mode)
+    {
+        word32 *dkey, *iv;
+        CRYP_InitTypeDef DES_CRYP_InitStructure;
+        CRYP_KeyInitTypeDef DES_CRYP_KeyInitStructure;
+        CRYP_IVInitTypeDef DES_CRYP_IVInitStructure;
+
+        dkey = des->key;
+        iv = des->reg;
+
+        /* crypto structure initialization */
+        CRYP_KeyStructInit(&DES_CRYP_KeyInitStructure);
+        CRYP_StructInit(&DES_CRYP_InitStructure);
+        CRYP_IVStructInit(&DES_CRYP_IVInitStructure);
+
+        /* reset registers to their default values */
+        CRYP_DeInit();
+
+        /* set direction, mode, and datatype */
+        if (dir == DES_ENCRYPTION) {
+            DES_CRYP_InitStructure.CRYP_AlgoDir  = CRYP_AlgoDir_Encrypt;
+        } else { /* DES_DECRYPTION */
+            DES_CRYP_InitStructure.CRYP_AlgoDir  = CRYP_AlgoDir_Decrypt;
+        }
+
+        if (mode == DES_CBC) {
+            DES_CRYP_InitStructure.CRYP_AlgoMode = CRYP_AlgoMode_DES_CBC;
+        } else { /* DES_ECB */
+            DES_CRYP_InitStructure.CRYP_AlgoMode = CRYP_AlgoMode_DES_ECB;
+        }
+
+        DES_CRYP_InitStructure.CRYP_DataType = CRYP_DataType_8b;
+        CRYP_Init(&DES_CRYP_InitStructure);
+
+        /* load key into correct registers */
+        DES_CRYP_KeyInitStructure.CRYP_Key1Left  = dkey[0];
+        DES_CRYP_KeyInitStructure.CRYP_Key1Right = dkey[1];
+        CRYP_KeyInit(&DES_CRYP_KeyInitStructure);
+
+        /* set iv */
+        ByteReverseWords(iv, iv, DES_BLOCK_SIZE);
+        DES_CRYP_IVInitStructure.CRYP_IV0Left  = iv[0];
+        DES_CRYP_IVInitStructure.CRYP_IV0Right = iv[1];
+        CRYP_IVInit(&DES_CRYP_IVInitStructure);
+
+        /* enable crypto processor */
+        CRYP_Cmd(ENABLE);
+
+        while (sz > 0)
+        {
+            /* flush IN/OUT FIFOs */
+            CRYP_FIFOFlush();
+
+            /* if input and output same will overwrite input iv */
+            XMEMCPY(des->tmp, in + sz - DES_BLOCK_SIZE, DES_BLOCK_SIZE);
+
+            CRYP_DataIn(*(uint32_t*)&in[0]);
+            CRYP_DataIn(*(uint32_t*)&in[4]);
+
+            /* wait until the complete message has been processed */
+            while(CRYP_GetFlagStatus(CRYP_FLAG_BUSY) != RESET) {}
+
+            *(uint32_t*)&out[0]  = CRYP_DataOut();
+            *(uint32_t*)&out[4]  = CRYP_DataOut();
+
+            /* store iv for next call */
+            XMEMCPY(des->reg, des->tmp, DES_BLOCK_SIZE);
+
+            sz  -= DES_BLOCK_SIZE;
+            in  += DES_BLOCK_SIZE;
+            out += DES_BLOCK_SIZE;
+        }
+
+        /* disable crypto processor */
+        CRYP_Cmd(DISABLE);
+    }
+
+    int wc_Des_CbcEncrypt(Des* des, byte* out, const byte* in, word32 sz)
+    {
+        DesCrypt(des, out, in, sz, DES_ENCRYPTION, DES_CBC);
+        return 0;
+    }
+
+    int wc_Des_CbcDecrypt(Des* des, byte* out, const byte* in, word32 sz)
+    {
+        DesCrypt(des, out, in, sz, DES_DECRYPTION, DES_CBC);
+        return 0;
+    }
+
+    int wc_Des_EcbEncrypt(Des* des, byte* out, const byte* in, word32 sz)
+    {
+        DesCrypt(des, out, in, sz, DES_ENCRYPTION, DES_ECB);
+        return 0;
+    }
+
+    void Des3Crypt(Des3* des, byte* out, const byte* in, word32 sz,
+                   int dir)
+    {
+        word32 *dkey1, *dkey2, *dkey3, *iv;
+        CRYP_InitTypeDef DES3_CRYP_InitStructure;
+        CRYP_KeyInitTypeDef DES3_CRYP_KeyInitStructure;
+        CRYP_IVInitTypeDef DES3_CRYP_IVInitStructure;
+
+        dkey1 = des->key[0];
+        dkey2 = des->key[1];
+        dkey3 = des->key[2];
+        iv = des->reg;
+
+        /* crypto structure initialization */
+        CRYP_KeyStructInit(&DES3_CRYP_KeyInitStructure);
+        CRYP_StructInit(&DES3_CRYP_InitStructure);
+        CRYP_IVStructInit(&DES3_CRYP_IVInitStructure);
+
+        /* reset registers to their default values */
+        CRYP_DeInit();
+
+        /* set direction, mode, and datatype */
+        if (dir == DES_ENCRYPTION) {
+            DES3_CRYP_InitStructure.CRYP_AlgoDir  = CRYP_AlgoDir_Encrypt;
+        } else {
+            DES3_CRYP_InitStructure.CRYP_AlgoDir  = CRYP_AlgoDir_Decrypt;
+        }
+
+        DES3_CRYP_InitStructure.CRYP_AlgoMode = CRYP_AlgoMode_TDES_CBC;
+        DES3_CRYP_InitStructure.CRYP_DataType = CRYP_DataType_8b;
+        CRYP_Init(&DES3_CRYP_InitStructure);
+
+        /* load key into correct registers */
+        DES3_CRYP_KeyInitStructure.CRYP_Key1Left  = dkey1[0];
+        DES3_CRYP_KeyInitStructure.CRYP_Key1Right = dkey1[1];
+        DES3_CRYP_KeyInitStructure.CRYP_Key2Left  = dkey2[0];
+        DES3_CRYP_KeyInitStructure.CRYP_Key2Right = dkey2[1];
+        DES3_CRYP_KeyInitStructure.CRYP_Key3Left  = dkey3[0];
+        DES3_CRYP_KeyInitStructure.CRYP_Key3Right = dkey3[1];
+        CRYP_KeyInit(&DES3_CRYP_KeyInitStructure);
+
+        /* set iv */
+        ByteReverseWords(iv, iv, DES_BLOCK_SIZE);
+        DES3_CRYP_IVInitStructure.CRYP_IV0Left  = iv[0];
+        DES3_CRYP_IVInitStructure.CRYP_IV0Right = iv[1];
+        CRYP_IVInit(&DES3_CRYP_IVInitStructure);
+
+        /* enable crypto processor */
+        CRYP_Cmd(ENABLE);
+
+        while (sz > 0)
+        {
+            /* flush IN/OUT FIFOs */
+            CRYP_FIFOFlush();
+
+            CRYP_DataIn(*(uint32_t*)&in[0]);
+            CRYP_DataIn(*(uint32_t*)&in[4]);
+
+            /* wait until the complete message has been processed */
+            while(CRYP_GetFlagStatus(CRYP_FLAG_BUSY) != RESET) {}
+
+            *(uint32_t*)&out[0]  = CRYP_DataOut();
+            *(uint32_t*)&out[4]  = CRYP_DataOut();
+
+            /* store iv for next call */
+            XMEMCPY(des->reg, out + sz - DES_BLOCK_SIZE, DES_BLOCK_SIZE);
+
+            sz  -= DES_BLOCK_SIZE;
+            in  += DES_BLOCK_SIZE;
+            out += DES_BLOCK_SIZE;
+        }
+
+        /* disable crypto processor */
+        CRYP_Cmd(DISABLE);
+
+    }
+
+    int wc_Des3_CbcEncrypt(Des3* des, byte* out, const byte* in, word32 sz)
+    {
+        Des3Crypt(des, out, in, sz, DES_ENCRYPTION);
+        return 0;
+    }
+
+    int wc_Des3_CbcDecrypt(Des3* des, byte* out, const byte* in, word32 sz)
+    {
+        Des3Crypt(des, out, in, sz, DES_DECRYPTION);
+        return 0;
+    }
+
+#elif defined(HAVE_COLDFIRE_SEC)
+
+#include 
+
+#include "sec.h"
+#include "mcf5475_sec.h"
+#include "mcf5475_siu.h"
+
+#if defined (HAVE_THREADX)
+#include "memory_pools.h"
+extern TX_BYTE_POOL mp_ncached;  /* Non Cached memory pool */
+#endif
+
+#define DES_BUFFER_SIZE (DES_BLOCK_SIZE * 64)
+static unsigned char *desBuffIn = NULL ;
+static unsigned char *desBuffOut = NULL ;
+static byte *secIV ; 
+static byte *secKey ; 
+static volatile SECdescriptorType *secDesc ;
+
+static wolfSSL_Mutex Mutex_DesSEC ;
+
+#define SEC_DESC_DES_CBC_ENCRYPT  0x20500010
+#define SEC_DESC_DES_CBC_DECRYPT  0x20400010
+#define SEC_DESC_DES3_CBC_ENCRYPT 0x20700010
+#define SEC_DESC_DES3_CBC_DECRYPT 0x20600010
+
+#define DES_IVLEN 8
+#define DES_KEYLEN 8
+#define DES3_IVLEN 8
+#define DES3_KEYLEN 24
+
+extern volatile unsigned char __MBAR[];
+
+static void wc_Des_Cbc(byte* out, const byte* in, word32 sz, 
+                    byte *key, byte *iv, word32 desc)
+{
+    #ifdef DEBUG_WOLFSSL
+    int ret ;  int stat1,stat2 ; 
+	  #endif
+    int size ;
+    volatile int v ;
+ 
+    LockMutex(&Mutex_DesSEC) ;
+    
+    secDesc->length1 = 0x0;
+    secDesc->pointer1 = NULL;
+    if((desc==SEC_DESC_DES_CBC_ENCRYPT)||(desc==SEC_DESC_DES_CBC_DECRYPT)){
+        secDesc->length2 = DES_IVLEN ;  
+        secDesc->length3 = DES_KEYLEN ;
+    } else {
+        secDesc->length2 = DES3_IVLEN ; 
+        secDesc->length3 = DES3_KEYLEN ;
+    }
+    secDesc->pointer2 = secIV ;
+    secDesc->pointer3 = secKey;
+    secDesc->pointer4 = desBuffIn ;
+    secDesc->pointer5 = desBuffOut ;
+    secDesc->length6 = 0; 
+    secDesc->pointer6 = NULL; 
+    secDesc->length7 = 0x0;
+    secDesc->pointer7 = NULL;
+    secDesc->nextDescriptorPtr = NULL ; 
+    
+    while(sz) {
+        XMEMCPY(secIV, iv, secDesc->length2) ;
+        if((sz%DES_BUFFER_SIZE) == sz) {
+            size = sz ;
+            sz = 0 ;
+        } else {
+            size = DES_BUFFER_SIZE ;
+            sz -= DES_BUFFER_SIZE ;
+        }
+        
+        XMEMCPY(desBuffIn, in, size) ;
+        XMEMCPY(secKey, key, secDesc->length3) ;
+        
+        secDesc->header = desc ;
+        secDesc->length4 = size;
+        secDesc->length5 = size;
+        /* Point SEC to the location of the descriptor */
+        MCF_SEC_FR0 = (uint32)secDesc;
+        /* Initialize SEC and wait for encryption to complete */
+        MCF_SEC_CCCR0 = 0x0000001a;
+        /* poll SISR to determine when channel is complete */
+        v=0 ;
+        while((secDesc->header>> 24) != 0xff) {
+            if(v++ > 1000)break ;
+        }
+				
+#ifdef DEBUG_WOLFSSL
+        ret = MCF_SEC_SISRH;
+        stat1 = MCF_SEC_DSR ; 
+        stat2 = MCF_SEC_DISR ; 
+        if(ret & 0xe0000000) {
+            /* db_printf("Des_Cbc(%x):ISRH=%08x, DSR=%08x, DISR=%08x\n", desc, ret, stat1, stat2) ; */
+        }
+#endif
+				
+        XMEMCPY(out, desBuffOut, size) ;
+
+        if((desc==SEC_DESC_DES3_CBC_ENCRYPT)||(desc==SEC_DESC_DES_CBC_ENCRYPT)) {
+            XMEMCPY((void*)iv, (void*)&(out[size-secDesc->length2]), secDesc->length2) ;
+        } else {
+            XMEMCPY((void*)iv, (void*)&(in[size-secDesc->length2]), secDesc->length2) ;
+        }
+        
+        in  += size ;   
+        out += size ;
+                
+    }
+    UnLockMutex(&Mutex_DesSEC) ;
+    
+}
+
+
+int wc_Des_CbcEncrypt(Des* des, byte* out, const byte* in, word32 sz)
+{
+    wc_Des_Cbc(out, in, sz,  (byte *)des->key,  (byte *)des->reg, SEC_DESC_DES_CBC_ENCRYPT) ;
+    return 0;
+}
+
+int wc_Des_CbcDecrypt(Des* des, byte* out, const byte* in, word32 sz)
+{
+    wc_Des_Cbc(out, in, sz,   (byte *)des->key,  (byte *)des->reg, SEC_DESC_DES_CBC_DECRYPT) ;
+    return 0;
+}
+
+int wc_Des3_CbcEncrypt(Des3* des3, byte* out, const byte* in, word32 sz)
+{
+    wc_Des_Cbc(out, in, sz,  (byte *)des3->key,  (byte *)des3->reg, SEC_DESC_DES3_CBC_ENCRYPT) ;
+	  return 0;
+}
+
+
+int wc_Des3_CbcDecrypt(Des3* des3, byte* out, const byte* in, word32 sz)
+{
+    wc_Des_Cbc(out, in, sz,   (byte *)des3->key,  (byte *)des3->reg, SEC_DESC_DES3_CBC_DECRYPT) ;
+	  return 0;
+}
+
+static void setParity(byte *buf, int len) 
+{
+    int i, j ;
+    byte v ;
+    int bits ;
+
+    for(i=0; i> 1 ;
+        buf[i] = v << 1 ;
+        bits = 0 ;
+        for(j=0; j<7; j++)
+        {
+            bits += (v&0x1) ;
+            v = v >> 1 ;
+        }
+        buf[i] |= (1 - (bits&0x1)) ;
+    }
+    
+}
+
+
+int wc_Des_SetKey(Des* des, const byte* key, const byte* iv, int dir)
+{
+    if(desBuffIn == NULL) {
+        #if defined (HAVE_THREADX)
+			  int s1, s2, s3, s4, s5 ;
+        s5 = tx_byte_allocate(&mp_ncached,(void *)&secDesc, 
+                                                     sizeof(SECdescriptorType), TX_NO_WAIT);
+        s1 = tx_byte_allocate(&mp_ncached,(void *)&desBuffIn,  DES_BUFFER_SIZE, TX_NO_WAIT);
+        s2 = tx_byte_allocate(&mp_ncached,(void *)&desBuffOut, DES_BUFFER_SIZE, TX_NO_WAIT);
+        /* Don't know des or des3 to be used. Allocate larger buffers */
+        s3 = tx_byte_allocate(&mp_ncached,(void *)&secKey,     DES3_KEYLEN,TX_NO_WAIT);
+        s4 = tx_byte_allocate(&mp_ncached,(void *)&secIV,      DES3_IVLEN,  TX_NO_WAIT);              
+        #else
+        #warning "Allocate non-Cache buffers"
+        #endif
+        
+        InitMutex(&Mutex_DesSEC) ;
+    }
+     
+    XMEMCPY(des->key, key, DES_KEYLEN);  
+    setParity((byte *)des->key, DES_KEYLEN) ;  
+		
+    if (iv) {
+        XMEMCPY(des->reg, iv, DES_IVLEN);
+    }   else {
+        XMEMSET(des->reg, 0x0, DES_IVLEN) ;
+    }
+		return 0;
+}
+
+int wc_Des3_SetKey(Des3* des3, const byte* key, const byte* iv, int dir)
+{
+    
+    if(desBuffIn == NULL) {
+        #if defined (HAVE_THREADX)
+			  int s1, s2, s3, s4, s5 ;
+        s5 = tx_byte_allocate(&mp_ncached,(void *)&secDesc, 
+                                                     sizeof(SECdescriptorType), TX_NO_WAIT);
+        s1 = tx_byte_allocate(&mp_ncached,(void *)&desBuffIn,  DES_BUFFER_SIZE, TX_NO_WAIT);
+        s2 = tx_byte_allocate(&mp_ncached,(void *)&desBuffOut, DES_BUFFER_SIZE, TX_NO_WAIT);
+        s3 = tx_byte_allocate(&mp_ncached,(void *)&secKey,     DES3_KEYLEN,TX_NO_WAIT);
+        s4 = tx_byte_allocate(&mp_ncached,(void *)&secIV,      DES3_IVLEN,  TX_NO_WAIT);              
+        #else
+        #warning "Allocate non-Cache buffers"
+        #endif
+        
+        InitMutex(&Mutex_DesSEC) ;
+    }
+    
+    XMEMCPY(des3->key[0], key, DES3_KEYLEN); 
+    setParity((byte *)des3->key[0], DES3_KEYLEN) ;  
+		
+    if (iv) {
+        XMEMCPY(des3->reg, iv, DES3_IVLEN);
+    }   else {
+        XMEMSET(des3->reg, 0x0, DES3_IVLEN) ;
+    }
+    return 0;
+
+}
+
+#elif defined FREESCALE_MMCAU
+    /*
+     * Freescale mmCAU hardware DES/3DES support through the CAU/mmCAU library.
+     * Documentation located in ColdFire/ColdFire+ CAU and Kinetis mmCAU
+     * Software Library User Guide (See note in README).
+     */
+    #include "cau_api.h"
+
+    const unsigned char parityLookup[128] =
+    {
+        1,0,0,1,0,1,1,0,0,1,1,0,1,0,0,1,0,1,1,0,1,0,0,1,1,0,0,1,0,1,1,0,
+        0,1,1,0,1,0,0,1,1,0,0,1,0,1,1,0,1,0,0,1,0,1,1,0,0,1,1,0,1,0,0,1,
+        0,1,1,0,1,0,0,1,1,0,0,1,0,1,1,0,1,0,0,1,0,1,1,0,0,1,1,0,1,0,0,1,
+        1,0,0,1,0,1,1,0,0,1,1,0,1,0,0,1,0,1,1,0,1,0,0,1,1,0,0,1,0,1,1,0
+     };
+
+    int wc_Des_SetKey(Des* des, const byte* key, const byte* iv, int dir)
+    {
+        int i = 0;
+        byte* dkey = (byte*)des->key;
+
+        XMEMCPY(dkey, key, 8);
+
+        wc_Des_SetIV(des, iv);
+
+        /* fix key parity, if needed */
+        for (i = 0; i < 8; i++) {
+            dkey[i] = ((dkey[i] & 0xFE) | parityLookup[dkey[i] >> 1]);
+        }
+
+        return 0;
+    }
+
+    int wc_Des3_SetKey(Des3* des, const byte* key, const byte* iv, int dir)
+    {
+        int i = 0, ret = 0;
+        byte* dkey1 = (byte*)des->key[0];
+        byte* dkey2 = (byte*)des->key[1];
+        byte* dkey3 = (byte*)des->key[2];
+
+        XMEMCPY(dkey1, key, 8);         /* set key 1 */
+        XMEMCPY(dkey2, key + 8, 8);     /* set key 2 */
+        XMEMCPY(dkey3, key + 16, 8);    /* set key 3 */
+
+        ret = wc_Des3_SetIV(des, iv);
+        if (ret != 0)
+            return ret;
+
+        /* fix key parity if needed */
+        for (i = 0; i < 8; i++)
+           dkey1[i] = ((dkey1[i] & 0xFE) | parityLookup[dkey1[i] >> 1]);
+
+        for (i = 0; i < 8; i++)
+           dkey2[i] = ((dkey2[i] & 0xFE) | parityLookup[dkey2[i] >> 1]);
+
+        for (i = 0; i < 8; i++)
+           dkey3[i] = ((dkey3[i] & 0xFE) | parityLookup[dkey3[i] >> 1]);
+
+        return ret;
+    }
+
+    int wc_Des_CbcEncrypt(Des* des, byte* out, const byte* in, word32 sz)
+    {
+        int i;
+        int offset = 0;
+        int len = sz;
+        byte *iv;
+        byte temp_block[DES_BLOCK_SIZE];
+
+        iv = (byte*)des->reg;
+
+        if ((wolfssl_word)out % WOLFSSL_MMCAU_ALIGNMENT) {
+            WOLFSSL_MSG("Bad cau_des_encrypt alignment"); 
+            return BAD_ALIGN_E;
+        }
+
+        while (len > 0)
+        {
+            XMEMCPY(temp_block, in + offset, DES_BLOCK_SIZE);
+
+            /* XOR block with IV for CBC */
+            for (i = 0; i < DES_BLOCK_SIZE; i++)
+                temp_block[i] ^= iv[i];
+
+            cau_des_encrypt(temp_block, (byte*)des->key, out + offset);
+
+            len    -= DES_BLOCK_SIZE;
+            offset += DES_BLOCK_SIZE;
+
+            /* store IV for next block */
+            XMEMCPY(iv, out + offset - DES_BLOCK_SIZE, DES_BLOCK_SIZE);
+        }
+
+        return 0;
+    }
+
+    int wc_Des_CbcDecrypt(Des* des, byte* out, const byte* in, word32 sz)
+    {
+        int i;
+        int offset = 0;
+        int len = sz;
+        byte* iv;
+        byte temp_block[DES_BLOCK_SIZE];
+
+        iv = (byte*)des->reg;
+
+        if ((wolfssl_word)out % WOLFSSL_MMCAU_ALIGNMENT) {
+            WOLFSSL_MSG("Bad cau_des_decrypt alignment"); 
+            return BAD_ALIGN_E;
+        }
+
+        while (len > 0)
+        {
+            XMEMCPY(temp_block, in + offset, DES_BLOCK_SIZE);
+
+            cau_des_decrypt(in + offset, (byte*)des->key, out + offset);
+
+            /* XOR block with IV for CBC */
+            for (i = 0; i < DES_BLOCK_SIZE; i++)
+                (out + offset)[i] ^= iv[i];
+
+            /* store IV for next block */
+            XMEMCPY(iv, temp_block, DES_BLOCK_SIZE);
+
+            len     -= DES_BLOCK_SIZE;
+            offset += DES_BLOCK_SIZE;
+        }
+
+        return 0;
+    }
+
+    int wc_Des3_CbcEncrypt(Des3* des, byte* out, const byte* in, word32 sz)
+    {
+        int i;
+        int offset = 0;
+        int len = sz;
+
+        byte *iv;
+        byte temp_block[DES_BLOCK_SIZE];
+
+        iv = (byte*)des->reg;
+
+        if ((wolfssl_word)out % WOLFSSL_MMCAU_ALIGNMENT) {
+            WOLFSSL_MSG("Bad 3ede cau_des_encrypt alignment"); 
+            return BAD_ALIGN_E;
+        }
+
+        while (len > 0)
+        {
+            XMEMCPY(temp_block, in + offset, DES_BLOCK_SIZE);
+
+            /* XOR block with IV for CBC */
+            for (i = 0; i < DES_BLOCK_SIZE; i++)
+                temp_block[i] ^= iv[i];
+
+            cau_des_encrypt(temp_block  , (byte*)des->key[0], out + offset);
+            cau_des_decrypt(out + offset, (byte*)des->key[1], out + offset);
+            cau_des_encrypt(out + offset, (byte*)des->key[2], out + offset);
+
+            len    -= DES_BLOCK_SIZE;
+            offset += DES_BLOCK_SIZE;
+
+            /* store IV for next block */
+            XMEMCPY(iv, out + offset - DES_BLOCK_SIZE, DES_BLOCK_SIZE);
+        }
+
+        return 0;
+    }
+
+    int wc_Des3_CbcDecrypt(Des3* des, byte* out, const byte* in, word32 sz)
+    {
+        int i;
+        int offset = 0;
+        int len = sz;
+
+        byte* iv;
+        byte temp_block[DES_BLOCK_SIZE];
+
+        iv = (byte*)des->reg;
+
+        if ((wolfssl_word)out % WOLFSSL_MMCAU_ALIGNMENT) {
+            WOLFSSL_MSG("Bad 3ede cau_des_decrypt alignment"); 
+            return BAD_ALIGN_E;
+        }
+
+        while (len > 0)
+        {
+            XMEMCPY(temp_block, in + offset, DES_BLOCK_SIZE);
+
+            cau_des_decrypt(in + offset , (byte*)des->key[2], out + offset);
+            cau_des_encrypt(out + offset, (byte*)des->key[1], out + offset);
+            cau_des_decrypt(out + offset, (byte*)des->key[0], out + offset);
+
+            /* XOR block with IV for CBC */
+            for (i = 0; i < DES_BLOCK_SIZE; i++)
+                (out + offset)[i] ^= iv[i];
+
+            /* store IV for next block */
+            XMEMCPY(iv, temp_block, DES_BLOCK_SIZE);
+
+            len    -= DES_BLOCK_SIZE;
+            offset += DES_BLOCK_SIZE;
+        }
+
+        return 0;
+    }
+
+
+#elif defined(WOLFSSL_PIC32MZ_CRYPT)
+
+    #include "wolfssl/wolfcrypt/port/pic32/pic32mz-crypt.h"
+
+void wc_Des_SetIV(Des* des, const byte* iv);
+int  wc_Des3_SetIV(Des3* des, const byte* iv);
+
+    int wc_Des_SetKey(Des* des, const byte* key, const byte* iv, int dir)
+    {
+        word32 *dkey = des->key ;
+        word32 *dreg = des->reg ;
+
+        XMEMCPY((byte *)dkey, (byte *)key, 8);
+        ByteReverseWords(dkey, dkey, 8);
+        XMEMCPY((byte *)dreg, (byte *)iv, 8);
+        ByteReverseWords(dreg, dreg, 8);
+
+        return 0;
+    }
+
+    int wc_Des3_SetKey(Des3* des, const byte* key, const byte* iv, int dir)
+    {
+        word32 *dkey1 = des->key[0];
+        word32 *dreg = des->reg ;
+
+        XMEMCPY(dkey1, key, 24);
+        ByteReverseWords(dkey1, dkey1, 24);
+        XMEMCPY(dreg, iv, 8);
+        ByteReverseWords(dreg, dreg, 8) ;
+
+        return 0;
+    }
+
+    void DesCrypt(word32 *key, word32 *iv, byte* out, const byte* in, word32 sz,
+                  int dir, int algo, int cryptoalgo)
+    {
+        securityAssociation *sa_p ;
+        bufferDescriptor *bd_p ;
+        const byte *in_p, *in_l ;
+        byte *out_p, *out_l ;
+        volatile securityAssociation sa __attribute__((aligned (8)));
+        volatile bufferDescriptor bd __attribute__((aligned (8)));
+        volatile int k ;
+        
+        /* get uncached address */
+
+        in_l = in;
+        out_l = out ;
+        sa_p = KVA0_TO_KVA1(&sa) ; 
+        bd_p = KVA0_TO_KVA1(&bd) ;
+        in_p = KVA0_TO_KVA1(in_l) ;
+        out_p= KVA0_TO_KVA1(out_l);
+        
+        if(PIC32MZ_IF_RAM(in_p))
+            XMEMCPY((void *)in_p, (void *)in, sz);
+        XMEMSET((void *)out_p, 0, sz);
+
+        /* Set up the Security Association */
+        XMEMSET((byte *)KVA0_TO_KVA1(&sa), 0, sizeof(sa));
+        sa_p->SA_CTRL.ALGO = algo ; 
+        sa_p->SA_CTRL.LNC = 1;
+        sa_p->SA_CTRL.LOADIV = 1;
+        sa_p->SA_CTRL.FB = 1;
+        sa_p->SA_CTRL.ENCTYPE = dir ; /* Encryption/Decryption */
+        sa_p->SA_CTRL.CRYPTOALGO = cryptoalgo;
+        sa_p->SA_CTRL.KEYSIZE = 1 ; /* KEY is 192 bits */
+        XMEMCPY((byte *)KVA0_TO_KVA1(&sa.SA_ENCKEY[algo==PIC32_ALGO_TDES ? 2 : 6]),
+                (byte *)key, algo==PIC32_ALGO_TDES ? 24 : 8);
+        XMEMCPY((byte *)KVA0_TO_KVA1(&sa.SA_ENCIV[2]), (byte *)iv, 8);
+
+        XMEMSET((byte *)KVA0_TO_KVA1(&bd), 0, sizeof(bd));
+        /* Set up the Buffer Descriptor */
+        bd_p->BD_CTRL.BUFLEN = sz;
+        bd_p->BD_CTRL.LIFM = 1;
+        bd_p->BD_CTRL.SA_FETCH_EN = 1;
+        bd_p->BD_CTRL.LAST_BD = 1;
+        bd_p->BD_CTRL.DESC_EN = 1;
+    
+        bd_p->SA_ADDR = (unsigned int)KVA_TO_PA(&sa) ; /* (unsigned int)sa_p; */
+        bd_p->SRCADDR = (unsigned int)KVA_TO_PA(in) ; /* (unsigned int)in_p; */
+        bd_p->DSTADDR = (unsigned int)KVA_TO_PA(out); /* (unsigned int)out_p; */
+        bd_p->NXTPTR = (unsigned int)KVA_TO_PA(&bd);
+        bd_p->MSGLEN = sz ;
+        
+        /* Fire in the hole! */
+        CECON = 1 << 6;
+        while (CECON);
+        
+        /* Run the engine */
+        CEBDPADDR = (unsigned int)KVA_TO_PA(&bd) ; /* (unsigned int)bd_p ; */
+        CEINTEN = 0x07;
+        CECON = 0x27;
+
+        WAIT_ENGINE ;
+
+        if((cryptoalgo == PIC32_CRYPTOALGO_CBC) ||
+           (cryptoalgo == PIC32_CRYPTOALGO_TCBC)||
+           (cryptoalgo == PIC32_CRYPTOALGO_RCBC)) {
+            /* set iv for the next call */
+            if(dir == PIC32_ENCRYPTION) {
+	        XMEMCPY((void *)iv, (void*)&(out_p[sz-DES_IVLEN]), DES_IVLEN) ;
+	        } else {
+                ByteReverseWords((word32*)iv, (word32 *)&(in_p[sz-DES_IVLEN]),
+                                 DES_IVLEN);
+	        }
+
+        }
+
+        ByteReverseWords((word32*)out, (word32 *)KVA0_TO_KVA1(out), sz);
+    }
+
+    int wc_Des_CbcEncrypt(Des* des, byte* out, const byte* in, word32 sz)
+    {
+        DesCrypt(des->key, des->reg, out, in, sz, 
+                PIC32_ENCRYPTION, PIC32_ALGO_DES, PIC32_CRYPTOALGO_CBC );
+        return 0;
+    }
+
+    int wc_Des_CbcDecrypt(Des* des, byte* out, const byte* in, word32 sz)
+    {
+        DesCrypt(des->key, des->reg, out, in, sz, 
+                PIC32_DECRYPTION, PIC32_ALGO_DES, PIC32_CRYPTOALGO_CBC);
+        return 0;
+    }
+
+    int wc_Des3_CbcEncrypt(Des3* des, byte* out, const byte* in, word32 sz)
+    {
+        DesCrypt(des->key[0], des->reg, out, in, sz, 
+                PIC32_ENCRYPTION, PIC32_ALGO_TDES, PIC32_CRYPTOALGO_TCBC);
+        return 0;
+    }
+
+    int wc_Des3_CbcDecrypt(Des3* des, byte* out, const byte* in, word32 sz)
+    {
+        DesCrypt(des->key[0], des->reg, out, in, sz, 
+                PIC32_DECRYPTION, PIC32_ALGO_TDES, PIC32_CRYPTOALGO_TCBC);
+        return 0;
+    }
+
+#else /* CTaoCrypt software implementation */
+
+/* permuted choice table (key) */
+static const byte pc1[] = {
+       57, 49, 41, 33, 25, 17,  9,
+        1, 58, 50, 42, 34, 26, 18,
+       10,  2, 59, 51, 43, 35, 27,
+       19, 11,  3, 60, 52, 44, 36,
+
+       63, 55, 47, 39, 31, 23, 15,
+        7, 62, 54, 46, 38, 30, 22,
+       14,  6, 61, 53, 45, 37, 29,
+       21, 13,  5, 28, 20, 12,  4
+};
+
+/* number left rotations of pc1 */
+static const byte totrot[] = {
+       1,2,4,6,8,10,12,14,15,17,19,21,23,25,27,28
+};
+
+/* permuted choice key (table) */
+static const byte pc2[] = {
+       14, 17, 11, 24,  1,  5,
+        3, 28, 15,  6, 21, 10,
+       23, 19, 12,  4, 26,  8,
+       16,  7, 27, 20, 13,  2,
+       41, 52, 31, 37, 47, 55,
+       30, 40, 51, 45, 33, 48,
+       44, 49, 39, 56, 34, 53,
+       46, 42, 50, 36, 29, 32
+};
+
+/* End of DES-defined tables */
+
+/* bit 0 is left-most in byte */
+static const int bytebit[] = {
+       0200,0100,040,020,010,04,02,01
+};
+
+static const word32 Spbox[8][64] = {
+{
+0x01010400,0x00000000,0x00010000,0x01010404,
+0x01010004,0x00010404,0x00000004,0x00010000,
+0x00000400,0x01010400,0x01010404,0x00000400,
+0x01000404,0x01010004,0x01000000,0x00000004,
+0x00000404,0x01000400,0x01000400,0x00010400,
+0x00010400,0x01010000,0x01010000,0x01000404,
+0x00010004,0x01000004,0x01000004,0x00010004,
+0x00000000,0x00000404,0x00010404,0x01000000,
+0x00010000,0x01010404,0x00000004,0x01010000,
+0x01010400,0x01000000,0x01000000,0x00000400,
+0x01010004,0x00010000,0x00010400,0x01000004,
+0x00000400,0x00000004,0x01000404,0x00010404,
+0x01010404,0x00010004,0x01010000,0x01000404,
+0x01000004,0x00000404,0x00010404,0x01010400,
+0x00000404,0x01000400,0x01000400,0x00000000,
+0x00010004,0x00010400,0x00000000,0x01010004},
+{
+0x80108020,0x80008000,0x00008000,0x00108020,
+0x00100000,0x00000020,0x80100020,0x80008020,
+0x80000020,0x80108020,0x80108000,0x80000000,
+0x80008000,0x00100000,0x00000020,0x80100020,
+0x00108000,0x00100020,0x80008020,0x00000000,
+0x80000000,0x00008000,0x00108020,0x80100000,
+0x00100020,0x80000020,0x00000000,0x00108000,
+0x00008020,0x80108000,0x80100000,0x00008020,
+0x00000000,0x00108020,0x80100020,0x00100000,
+0x80008020,0x80100000,0x80108000,0x00008000,
+0x80100000,0x80008000,0x00000020,0x80108020,
+0x00108020,0x00000020,0x00008000,0x80000000,
+0x00008020,0x80108000,0x00100000,0x80000020,
+0x00100020,0x80008020,0x80000020,0x00100020,
+0x00108000,0x00000000,0x80008000,0x00008020,
+0x80000000,0x80100020,0x80108020,0x00108000},
+{
+0x00000208,0x08020200,0x00000000,0x08020008,
+0x08000200,0x00000000,0x00020208,0x08000200,
+0x00020008,0x08000008,0x08000008,0x00020000,
+0x08020208,0x00020008,0x08020000,0x00000208,
+0x08000000,0x00000008,0x08020200,0x00000200,
+0x00020200,0x08020000,0x08020008,0x00020208,
+0x08000208,0x00020200,0x00020000,0x08000208,
+0x00000008,0x08020208,0x00000200,0x08000000,
+0x08020200,0x08000000,0x00020008,0x00000208,
+0x00020000,0x08020200,0x08000200,0x00000000,
+0x00000200,0x00020008,0x08020208,0x08000200,
+0x08000008,0x00000200,0x00000000,0x08020008,
+0x08000208,0x00020000,0x08000000,0x08020208,
+0x00000008,0x00020208,0x00020200,0x08000008,
+0x08020000,0x08000208,0x00000208,0x08020000,
+0x00020208,0x00000008,0x08020008,0x00020200},
+{
+0x00802001,0x00002081,0x00002081,0x00000080,
+0x00802080,0x00800081,0x00800001,0x00002001,
+0x00000000,0x00802000,0x00802000,0x00802081,
+0x00000081,0x00000000,0x00800080,0x00800001,
+0x00000001,0x00002000,0x00800000,0x00802001,
+0x00000080,0x00800000,0x00002001,0x00002080,
+0x00800081,0x00000001,0x00002080,0x00800080,
+0x00002000,0x00802080,0x00802081,0x00000081,
+0x00800080,0x00800001,0x00802000,0x00802081,
+0x00000081,0x00000000,0x00000000,0x00802000,
+0x00002080,0x00800080,0x00800081,0x00000001,
+0x00802001,0x00002081,0x00002081,0x00000080,
+0x00802081,0x00000081,0x00000001,0x00002000,
+0x00800001,0x00002001,0x00802080,0x00800081,
+0x00002001,0x00002080,0x00800000,0x00802001,
+0x00000080,0x00800000,0x00002000,0x00802080},
+{
+0x00000100,0x02080100,0x02080000,0x42000100,
+0x00080000,0x00000100,0x40000000,0x02080000,
+0x40080100,0x00080000,0x02000100,0x40080100,
+0x42000100,0x42080000,0x00080100,0x40000000,
+0x02000000,0x40080000,0x40080000,0x00000000,
+0x40000100,0x42080100,0x42080100,0x02000100,
+0x42080000,0x40000100,0x00000000,0x42000000,
+0x02080100,0x02000000,0x42000000,0x00080100,
+0x00080000,0x42000100,0x00000100,0x02000000,
+0x40000000,0x02080000,0x42000100,0x40080100,
+0x02000100,0x40000000,0x42080000,0x02080100,
+0x40080100,0x00000100,0x02000000,0x42080000,
+0x42080100,0x00080100,0x42000000,0x42080100,
+0x02080000,0x00000000,0x40080000,0x42000000,
+0x00080100,0x02000100,0x40000100,0x00080000,
+0x00000000,0x40080000,0x02080100,0x40000100},
+{
+0x20000010,0x20400000,0x00004000,0x20404010,
+0x20400000,0x00000010,0x20404010,0x00400000,
+0x20004000,0x00404010,0x00400000,0x20000010,
+0x00400010,0x20004000,0x20000000,0x00004010,
+0x00000000,0x00400010,0x20004010,0x00004000,
+0x00404000,0x20004010,0x00000010,0x20400010,
+0x20400010,0x00000000,0x00404010,0x20404000,
+0x00004010,0x00404000,0x20404000,0x20000000,
+0x20004000,0x00000010,0x20400010,0x00404000,
+0x20404010,0x00400000,0x00004010,0x20000010,
+0x00400000,0x20004000,0x20000000,0x00004010,
+0x20000010,0x20404010,0x00404000,0x20400000,
+0x00404010,0x20404000,0x00000000,0x20400010,
+0x00000010,0x00004000,0x20400000,0x00404010,
+0x00004000,0x00400010,0x20004010,0x00000000,
+0x20404000,0x20000000,0x00400010,0x20004010},
+{
+0x00200000,0x04200002,0x04000802,0x00000000,
+0x00000800,0x04000802,0x00200802,0x04200800,
+0x04200802,0x00200000,0x00000000,0x04000002,
+0x00000002,0x04000000,0x04200002,0x00000802,
+0x04000800,0x00200802,0x00200002,0x04000800,
+0x04000002,0x04200000,0x04200800,0x00200002,
+0x04200000,0x00000800,0x00000802,0x04200802,
+0x00200800,0x00000002,0x04000000,0x00200800,
+0x04000000,0x00200800,0x00200000,0x04000802,
+0x04000802,0x04200002,0x04200002,0x00000002,
+0x00200002,0x04000000,0x04000800,0x00200000,
+0x04200800,0x00000802,0x00200802,0x04200800,
+0x00000802,0x04000002,0x04200802,0x04200000,
+0x00200800,0x00000000,0x00000002,0x04200802,
+0x00000000,0x00200802,0x04200000,0x00000800,
+0x04000002,0x04000800,0x00000800,0x00200002},
+{
+0x10001040,0x00001000,0x00040000,0x10041040,
+0x10000000,0x10001040,0x00000040,0x10000000,
+0x00040040,0x10040000,0x10041040,0x00041000,
+0x10041000,0x00041040,0x00001000,0x00000040,
+0x10040000,0x10000040,0x10001000,0x00001040,
+0x00041000,0x00040040,0x10040040,0x10041000,
+0x00001040,0x00000000,0x00000000,0x10040040,
+0x10000040,0x10001000,0x00041040,0x00040000,
+0x00041040,0x00040000,0x10041000,0x00001000,
+0x00000040,0x10040040,0x00001000,0x00041040,
+0x10001000,0x00000040,0x10000040,0x10040000,
+0x10040040,0x10000000,0x00040000,0x10001040,
+0x00000000,0x10041040,0x00040040,0x10000040,
+0x10040000,0x10001000,0x10001040,0x00000000,
+0x10041040,0x00041000,0x00041000,0x00001040,
+0x00001040,0x00040040,0x10000000,0x10041000}
+};
+
+
+static INLINE void IPERM(word32* left, word32* right)
+{
+    word32 work;
+
+    *right = rotlFixed(*right, 4U);
+    work = (*left ^ *right) & 0xf0f0f0f0;
+    *left ^= work;
+
+    *right = rotrFixed(*right^work, 20U);
+    work = (*left ^ *right) & 0xffff0000;
+    *left ^= work;
+
+    *right = rotrFixed(*right^work, 18U);
+    work = (*left ^ *right) & 0x33333333;
+    *left ^= work;
+
+    *right = rotrFixed(*right^work, 6U);
+    work = (*left ^ *right) & 0x00ff00ff;
+    *left ^= work;
+
+    *right = rotlFixed(*right^work, 9U);
+    work = (*left ^ *right) & 0xaaaaaaaa;
+    *left = rotlFixed(*left^work, 1U);
+    *right ^= work;
+}
+
+
+static INLINE void FPERM(word32* left, word32* right)
+{
+    word32 work;
+
+    *right = rotrFixed(*right, 1U);
+    work = (*left ^ *right) & 0xaaaaaaaa;
+    *right ^= work;
+
+    *left = rotrFixed(*left^work, 9U);
+    work = (*left ^ *right) & 0x00ff00ff;
+    *right ^= work;
+
+    *left = rotlFixed(*left^work, 6U);
+    work = (*left ^ *right) & 0x33333333;
+    *right ^= work;
+
+    *left = rotlFixed(*left^work, 18U);
+    work = (*left ^ *right) & 0xffff0000;
+    *right ^= work;
+
+    *left = rotlFixed(*left^work, 20U);
+    work = (*left ^ *right) & 0xf0f0f0f0;
+    *right ^= work;
+
+    *left = rotrFixed(*left^work, 4U);
+}
+
+
+static int DesSetKey(const byte* key, int dir, word32* out)
+{
+#ifdef WOLFSSL_SMALL_STACK
+    byte* buffer = (byte*)XMALLOC(56+56+8, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+
+    if (buffer == NULL)
+        return MEMORY_E;
+#else
+    byte buffer[56+56+8];
+#endif
+
+    {
+        byte* const  pc1m = buffer;               /* place to modify pc1 into */
+        byte* const  pcr  = pc1m + 56;            /* place to rotate pc1 into */
+        byte* const  ks   = pcr  + 56;
+        register int i, j, l;
+        int          m;
+
+        for (j = 0; j < 56; j++) {             /* convert pc1 to bits of key  */
+            l = pc1[j] - 1;                    /* integer bit location        */
+            m = l & 07;                        /* find bit                    */
+            pc1m[j] = (key[l >> 3] &           /* find which key byte l is in */
+                bytebit[m])                    /* and which bit of that byte  */
+                ? 1 : 0;                       /* and store 1-bit result      */
+        }
+
+        for (i = 0; i < 16; i++) {            /* key chunk for each iteration */
+            XMEMSET(ks, 0, 8);                /* Clear key schedule */
+
+            for (j = 0; j < 56; j++)          /* rotate pc1 the right amount  */
+                pcr[j] =
+                      pc1m[(l = j + totrot[i]) < (j < 28 ? 28 : 56) ? l : l-28];
+
+            /* rotate left and right halves independently */
+            for (j = 0; j < 48; j++) {        /* select bits individually     */
+                if (pcr[pc2[j] - 1]) {        /* check bit that goes to ks[j] */
+                    l= j % 6;                 /* mask it in if it's there     */
+                    ks[j/6] |= bytebit[l] >> 2;
+                }
+            }
+
+            /* Now convert to odd/even interleaved form for use in F */
+            out[2*i] = ((word32) ks[0] << 24)
+                     | ((word32) ks[2] << 16)
+                     | ((word32) ks[4] << 8)
+                     | ((word32) ks[6]);
+
+            out[2*i + 1] = ((word32) ks[1] << 24)
+                         | ((word32) ks[3] << 16)
+                         | ((word32) ks[5] << 8)
+                         | ((word32) ks[7]);
+        }
+
+        /* reverse key schedule order */
+        if (dir == DES_DECRYPTION) {
+            for (i = 0; i < 16; i += 2) {
+                word32 swap = out[i];
+                out[i] = out[DES_KS_SIZE - 2 - i];
+                out[DES_KS_SIZE - 2 - i] = swap;
+    
+                swap = out[i + 1];
+                out[i + 1] = out[DES_KS_SIZE - 1 - i];
+                out[DES_KS_SIZE - 1 - i] = swap;
+            }
+        }
+
+#ifdef WOLFSSL_SMALL_STACK
+        XFREE(buffer, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+    }
+
+    return 0;
+}
+
+
+static INLINE int Reverse(int dir)
+{
+    return !dir;
+}
+
+
+int wc_Des_SetKey(Des* des, const byte* key, const byte* iv, int dir)
+{
+    wc_Des_SetIV(des, iv);
+
+    return DesSetKey(key, dir, des->key);
+}
+
+
+int wc_Des3_SetKey(Des3* des, const byte* key, const byte* iv, int dir)
+{
+    int ret;
+
+#ifdef HAVE_CAVIUM
+    if (des->magic == WOLFSSL_3DES_CAVIUM_MAGIC)
+        return wc_Des3_CaviumSetKey(des, key, iv);
+#endif
+
+    ret = DesSetKey(key + (dir == DES_ENCRYPTION ? 0:16), dir, des->key[0]);
+    if (ret != 0)
+        return ret;
+
+    ret = DesSetKey(key + 8, Reverse(dir), des->key[1]);
+    if (ret != 0)
+        return ret;
+
+    ret = DesSetKey(key + (dir == DES_DECRYPTION ? 0:16), dir, des->key[2]);
+    if (ret != 0)
+        return ret;
+
+    return wc_Des3_SetIV(des, iv);
+}
+
+
+static void DesRawProcessBlock(word32* lIn, word32* rIn, const word32* kptr)
+{
+    word32 l = *lIn, r = *rIn, i;
+
+    for (i=0; i<8; i++)
+    {
+        word32 work = rotrFixed(r, 4U) ^ kptr[4*i+0];
+        l ^= Spbox[6][(work) & 0x3f]
+          ^  Spbox[4][(work >> 8) & 0x3f]
+          ^  Spbox[2][(work >> 16) & 0x3f]
+          ^  Spbox[0][(work >> 24) & 0x3f];
+        work = r ^ kptr[4*i+1];
+        l ^= Spbox[7][(work) & 0x3f]
+          ^  Spbox[5][(work >> 8) & 0x3f]
+          ^  Spbox[3][(work >> 16) & 0x3f]
+          ^  Spbox[1][(work >> 24) & 0x3f];
+
+        work = rotrFixed(l, 4U) ^ kptr[4*i+2];
+        r ^= Spbox[6][(work) & 0x3f]
+          ^  Spbox[4][(work >> 8) & 0x3f]
+          ^  Spbox[2][(work >> 16) & 0x3f]
+          ^  Spbox[0][(work >> 24) & 0x3f];
+        work = l ^ kptr[4*i+3];
+        r ^= Spbox[7][(work) & 0x3f]
+          ^  Spbox[5][(work >> 8) & 0x3f]
+          ^  Spbox[3][(work >> 16) & 0x3f]
+          ^  Spbox[1][(work >> 24) & 0x3f];
+    }
+
+    *lIn = l; *rIn = r;
+}
+
+
+static void DesProcessBlock(Des* des, const byte* in, byte* out)
+{
+    word32 l, r;
+
+    XMEMCPY(&l, in, sizeof(l));
+    XMEMCPY(&r, in + sizeof(l), sizeof(r));
+    #ifdef LITTLE_ENDIAN_ORDER
+        l = ByteReverseWord32(l);
+        r = ByteReverseWord32(r);
+    #endif
+    IPERM(&l,&r);
+    
+    DesRawProcessBlock(&l, &r, des->key);   
+
+    FPERM(&l,&r);
+    #ifdef LITTLE_ENDIAN_ORDER
+        l = ByteReverseWord32(l);
+        r = ByteReverseWord32(r);
+    #endif
+    XMEMCPY(out, &r, sizeof(r));
+    XMEMCPY(out + sizeof(r), &l, sizeof(l));
+}
+
+
+static void Des3ProcessBlock(Des3* des, const byte* in, byte* out)
+{
+    word32 l, r;
+
+    XMEMCPY(&l, in, sizeof(l));
+    XMEMCPY(&r, in + sizeof(l), sizeof(r));
+    #ifdef LITTLE_ENDIAN_ORDER
+        l = ByteReverseWord32(l);
+        r = ByteReverseWord32(r);
+    #endif
+    IPERM(&l,&r);
+    
+    DesRawProcessBlock(&l, &r, des->key[0]);   
+    DesRawProcessBlock(&r, &l, des->key[1]);   
+    DesRawProcessBlock(&l, &r, des->key[2]);   
+
+    FPERM(&l,&r);
+    #ifdef LITTLE_ENDIAN_ORDER
+        l = ByteReverseWord32(l);
+        r = ByteReverseWord32(r);
+    #endif
+    XMEMCPY(out, &r, sizeof(r));
+    XMEMCPY(out + sizeof(r), &l, sizeof(l));
+}
+
+
+int wc_Des_CbcEncrypt(Des* des, byte* out, const byte* in, word32 sz)
+{
+    word32 blocks = sz / DES_BLOCK_SIZE;
+
+    while (blocks--) {
+        xorbuf((byte*)des->reg, in, DES_BLOCK_SIZE);
+        DesProcessBlock(des, (byte*)des->reg, (byte*)des->reg);
+        XMEMCPY(out, des->reg, DES_BLOCK_SIZE);
+
+        out += DES_BLOCK_SIZE;
+        in  += DES_BLOCK_SIZE; 
+    }
+    return 0;
+}
+
+
+int wc_Des_CbcDecrypt(Des* des, byte* out, const byte* in, word32 sz)
+{
+    word32 blocks = sz / DES_BLOCK_SIZE;
+    byte   hold[DES_BLOCK_SIZE];
+
+    while (blocks--) {
+        XMEMCPY(des->tmp, in, DES_BLOCK_SIZE);
+        DesProcessBlock(des, (byte*)des->tmp, out);
+        xorbuf(out, (byte*)des->reg, DES_BLOCK_SIZE);
+
+        XMEMCPY(hold, des->reg, DES_BLOCK_SIZE);
+        XMEMCPY(des->reg, des->tmp, DES_BLOCK_SIZE);
+        XMEMCPY(des->tmp, hold, DES_BLOCK_SIZE);
+
+        out += DES_BLOCK_SIZE;
+        in  += DES_BLOCK_SIZE; 
+    }
+    return 0;
+}
+
+
+int wc_Des3_CbcEncrypt(Des3* des, byte* out, const byte* in, word32 sz)
+{
+    word32 blocks;
+
+#ifdef HAVE_CAVIUM
+    if (des->magic == WOLFSSL_3DES_CAVIUM_MAGIC)
+        return wc_Des3_CaviumCbcEncrypt(des, out, in, sz);
+#endif
+
+    blocks = sz / DES_BLOCK_SIZE;
+    while (blocks--) {
+        xorbuf((byte*)des->reg, in, DES_BLOCK_SIZE);
+        Des3ProcessBlock(des, (byte*)des->reg, (byte*)des->reg);
+        XMEMCPY(out, des->reg, DES_BLOCK_SIZE);
+
+        out += DES_BLOCK_SIZE;
+        in  += DES_BLOCK_SIZE; 
+    }
+    return 0;
+}
+
+
+int wc_Des3_CbcDecrypt(Des3* des, byte* out, const byte* in, word32 sz)
+{
+    word32 blocks;
+
+#ifdef HAVE_CAVIUM
+    if (des->magic == WOLFSSL_3DES_CAVIUM_MAGIC)
+        return wc_Des3_CaviumCbcDecrypt(des, out, in, sz);
+#endif
+
+    blocks = sz / DES_BLOCK_SIZE;
+    while (blocks--) {
+        XMEMCPY(des->tmp, in, DES_BLOCK_SIZE);
+        Des3ProcessBlock(des, (byte*)des->tmp, out);
+        xorbuf(out, (byte*)des->reg, DES_BLOCK_SIZE);
+        XMEMCPY(des->reg, des->tmp, DES_BLOCK_SIZE);
+
+        out += DES_BLOCK_SIZE;
+        in  += DES_BLOCK_SIZE; 
+    }
+    return 0;
+}
+
+#ifdef WOLFSSL_DES_ECB
+
+/* One block, compatibility only */
+int wc_Des_EcbEncrypt(Des* des, byte* out, const byte* in, word32 sz)
+{
+    word32 blocks = sz / DES_BLOCK_SIZE;
+
+    while (blocks--) {
+        DesProcessBlock(des, in, out);
+
+        out += DES_BLOCK_SIZE;
+        in  += DES_BLOCK_SIZE; 
+    }
+    return 0;
+}
+
+#endif /* WOLFSSL_DES_ECB */
+
+#endif /* STM32F2_CRYPTO */
+
+void wc_Des_SetIV(Des* des, const byte* iv)
+{
+    if (des && iv)
+        XMEMCPY(des->reg, iv, DES_BLOCK_SIZE);
+    else if (des)
+        XMEMSET(des->reg,  0, DES_BLOCK_SIZE);
+}
+
+
+int wc_Des_CbcDecryptWithKey(byte* out, const byte* in, word32 sz,
+                                                const byte* key, const byte* iv)
+{
+    int ret  = 0;
+#ifdef WOLFSSL_SMALL_STACK
+    Des* des = NULL;
+#else
+    Des  des[1];
+#endif
+
+#ifdef WOLFSSL_SMALL_STACK
+    des = (Des*)XMALLOC(sizeof(Des), NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    if (des == NULL)
+        return MEMORY_E;
+#endif
+
+    ret = wc_Des_SetKey(des, key, iv, DES_DECRYPTION);
+    if (ret == 0)
+        ret = wc_Des_CbcDecrypt(des, out, in, sz); 
+
+#ifdef WOLFSSL_SMALL_STACK
+    XFREE(des, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+
+    return ret;
+}
+
+
+int wc_Des3_SetIV(Des3* des, const byte* iv)
+{
+    if (des && iv)
+        XMEMCPY(des->reg, iv, DES_BLOCK_SIZE);
+    else if (des)
+        XMEMSET(des->reg,  0, DES_BLOCK_SIZE);
+
+    return 0;
+}
+
+
+int wc_Des3_CbcDecryptWithKey(byte* out, const byte* in, word32 sz,
+                                                const byte* key, const byte* iv)
+{
+    int ret    = 0;
+#ifdef WOLFSSL_SMALL_STACK
+    Des3* des3 = NULL;
+#else
+    Des3  des3[1];
+#endif
+
+#ifdef WOLFSSL_SMALL_STACK
+    des3 = (Des3*)XMALLOC(sizeof(Des3), NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    if (des3 == NULL)
+        return MEMORY_E;
+#endif
+
+    ret = wc_Des3_SetKey(des3, key, iv, DES_DECRYPTION);
+    if (ret == 0)
+        ret = wc_Des3_CbcDecrypt(des3, out, in, sz); 
+
+#ifdef WOLFSSL_SMALL_STACK
+    XFREE(des3, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+
+    return ret;
+}
+
+
+#ifdef HAVE_CAVIUM
+
+#include "cavium_common.h"
+
+/* Initiliaze Des3 for use with Nitrox device */
+int wc_Des3_InitCavium(Des3* des3, int devId)
+{
+    if (des3 == NULL)
+        return -1;
+
+    if (CspAllocContext(CONTEXT_SSL, &des3->contextHandle, devId) != 0)
+        return -1;
+
+    des3->devId = devId;
+    des3->magic = WOLFSSL_3DES_CAVIUM_MAGIC;
+   
+    return 0;
+}
+
+
+/* Free Des3 from use with Nitrox device */
+void wc_Des3_FreeCavium(Des3* des3)
+{
+    if (des3 == NULL)
+        return;
+
+    if (des3->magic != WOLFSSL_3DES_CAVIUM_MAGIC)
+        return;
+
+    CspFreeContext(CONTEXT_SSL, des3->contextHandle, des3->devId);
+    des3->magic = 0;
+}
+
+
+static int wc_Des3_CaviumSetKey(Des3* des3, const byte* key, const byte* iv)
+{
+    if (des3 == NULL)
+        return -1;
+
+    /* key[0] holds key, iv in reg */
+    XMEMCPY(des3->key[0], key, DES_BLOCK_SIZE*3);
+
+    return wc_Des3_SetIV(des3, iv);
+}
+
+
+static int wc_Des3_CaviumCbcEncrypt(Des3* des3, byte* out, const byte* in,
+                                  word32 length)
+{
+    wolfssl_word offset = 0;
+    word32 requestId;
+   
+    while (length > WOLFSSL_MAX_16BIT) {
+        word16 slen = (word16)WOLFSSL_MAX_16BIT;
+        if (CspEncrypt3Des(CAVIUM_BLOCKING, des3->contextHandle,
+                           CAVIUM_NO_UPDATE, slen, (byte*)in + offset,
+                           out + offset, (byte*)des3->reg, (byte*)des3->key[0],
+                           &requestId, des3->devId) != 0) {
+            WOLFSSL_MSG("Bad Cavium 3DES Cbc Encrypt");
+            return -1;
+        }
+        length -= WOLFSSL_MAX_16BIT;
+        offset += WOLFSSL_MAX_16BIT;
+        XMEMCPY(des3->reg, out + offset - DES_BLOCK_SIZE, DES_BLOCK_SIZE);
+    }
+    if (length) {
+        word16 slen = (word16)length;
+
+        if (CspEncrypt3Des(CAVIUM_BLOCKING, des3->contextHandle,
+                           CAVIUM_NO_UPDATE, slen, (byte*)in + offset,
+                           out + offset, (byte*)des3->reg, (byte*)des3->key[0],
+                           &requestId, des3->devId) != 0) {
+            WOLFSSL_MSG("Bad Cavium 3DES Cbc Encrypt");
+            return -1;
+        }
+        XMEMCPY(des3->reg, out+offset+length - DES_BLOCK_SIZE, DES_BLOCK_SIZE);
+    }
+    return 0;
+}
+
+static int wc_Des3_CaviumCbcDecrypt(Des3* des3, byte* out, const byte* in,
+                                 word32 length)
+{
+    word32 requestId;
+    wolfssl_word offset = 0;
+
+    while (length > WOLFSSL_MAX_16BIT) {
+        word16 slen = (word16)WOLFSSL_MAX_16BIT;
+        XMEMCPY(des3->tmp, in + offset + slen - DES_BLOCK_SIZE, DES_BLOCK_SIZE);
+        if (CspDecrypt3Des(CAVIUM_BLOCKING, des3->contextHandle,
+                           CAVIUM_NO_UPDATE, slen, (byte*)in+offset, out+offset,
+                           (byte*)des3->reg, (byte*)des3->key[0], &requestId,
+                           des3->devId) != 0) {
+            WOLFSSL_MSG("Bad Cavium 3Des Decrypt");
+            return -1;
+        }
+        length -= WOLFSSL_MAX_16BIT;
+        offset += WOLFSSL_MAX_16BIT;
+        XMEMCPY(des3->reg, des3->tmp, DES_BLOCK_SIZE);
+    }
+    if (length) {
+        word16 slen = (word16)length;
+        XMEMCPY(des3->tmp, in + offset + slen - DES_BLOCK_SIZE,DES_BLOCK_SIZE);
+        if (CspDecrypt3Des(CAVIUM_BLOCKING, des3->contextHandle,
+                           CAVIUM_NO_UPDATE, slen, (byte*)in+offset, out+offset,
+                           (byte*)des3->reg, (byte*)des3->key[0], &requestId,
+                           des3->devId) != 0) {
+            WOLFSSL_MSG("Bad Cavium 3Des Decrypt");
+            return -1;
+        }
+        XMEMCPY(des3->reg, des3->tmp, DES_BLOCK_SIZE);
+    }
+    return 0;
+}
+
+#endif /* HAVE_CAVIUM */
+#endif /* HAVE_FIPS */
+#endif /* NO_DES3 */
diff --git a/3P/wolfssl/wolfcrypt/src/dh.c b/3P/wolfssl/wolfcrypt/src/dh.c
new file mode 100644
index 00000000..c8d4137f
--- /dev/null
+++ b/3P/wolfssl/wolfcrypt/src/dh.c
@@ -0,0 +1,178 @@
+/* dh.c
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+#ifdef HAVE_CONFIG_H
+    #include 
+#endif
+
+#include 
+
+#ifndef NO_DH
+
+#include 
+#include 
+
+#ifndef USER_MATH_LIB
+    #include 
+    #define XPOW(x,y) pow((x),(y))
+    #define XLOG(x)   log((x))
+#else
+    /* user's own math lib */
+#endif
+
+
+#ifndef min
+
+    static INLINE word32 min(word32 a, word32 b)
+    {
+        return a > b ? b : a;
+    }
+
+#endif /* min */
+
+
+void wc_InitDhKey(DhKey* key)
+{
+    (void)key;
+/* TomsFastMath doesn't use memory allocation */
+#ifndef USE_FAST_MATH
+    key->p.dp = 0;
+    key->g.dp = 0;
+#endif
+}
+
+
+void wc_FreeDhKey(DhKey* key)
+{
+    (void)key;
+/* TomsFastMath doesn't use memory allocation */
+#ifndef USE_FAST_MATH
+    mp_clear(&key->p);
+    mp_clear(&key->g);
+#endif
+}
+
+
+static word32 DiscreteLogWorkFactor(word32 n)
+{
+    /* assuming discrete log takes about the same time as factoring */
+    if (n<5)
+        return 0;
+    else
+        return (word32)(2.4 * XPOW((double)n, 1.0/3.0) *
+                XPOW(XLOG((double)n), 2.0/3.0) - 5);
+}
+
+
+static int GeneratePrivate(DhKey* key, RNG* rng, byte* priv, word32* privSz)
+{
+    int ret;
+    word32 sz = mp_unsigned_bin_size(&key->p);
+    sz = min(sz, 2 * DiscreteLogWorkFactor(sz * WOLFSSL_BIT_SIZE) /
+                                           WOLFSSL_BIT_SIZE + 1);
+
+    ret = wc_RNG_GenerateBlock(rng, priv, sz);
+    if (ret != 0)
+        return ret;
+
+    priv[0] |= 0x0C;
+
+    *privSz = sz;
+
+    return 0;
+}
+
+
+static int GeneratePublic(DhKey* key, const byte* priv, word32 privSz,
+                          byte* pub, word32* pubSz)
+{
+    int ret = 0;
+
+    mp_int x; 
+    mp_int y;
+
+    if (mp_init_multi(&x, &y, 0, 0, 0, 0) != MP_OKAY)
+        return MP_INIT_E;
+
+    if (mp_read_unsigned_bin(&x, priv, privSz) != MP_OKAY)
+        ret = MP_READ_E;
+
+    if (ret == 0 && mp_exptmod(&key->g, &x, &key->p, &y) != MP_OKAY)
+        ret = MP_EXPTMOD_E;
+
+    if (ret == 0 && mp_to_unsigned_bin(&y, pub) != MP_OKAY)
+        ret = MP_TO_E;
+
+    if (ret == 0)
+        *pubSz = mp_unsigned_bin_size(&y);
+
+    mp_clear(&y);
+    mp_clear(&x);
+
+    return ret;
+}
+
+
+int wc_DhGenerateKeyPair(DhKey* key, RNG* rng, byte* priv, word32* privSz,
+                      byte* pub, word32* pubSz)
+{
+    int ret = GeneratePrivate(key, rng, priv, privSz);
+
+    return (ret != 0) ? ret : GeneratePublic(key, priv, *privSz, pub, pubSz);
+}
+
+int wc_DhAgree(DhKey* key, byte* agree, word32* agreeSz, const byte* priv,
+            word32 privSz, const byte* otherPub, word32 pubSz)
+{
+    int ret = 0;
+
+    mp_int x; 
+    mp_int y;
+    mp_int z;
+
+    if (mp_init_multi(&x, &y, &z, 0, 0, 0) != MP_OKAY)
+        return MP_INIT_E;
+
+    if (mp_read_unsigned_bin(&x, priv, privSz) != MP_OKAY)
+        ret = MP_READ_E;
+
+    if (ret == 0 && mp_read_unsigned_bin(&y, otherPub, pubSz) != MP_OKAY)
+        ret = MP_READ_E;
+
+    if (ret == 0 && mp_exptmod(&y, &x, &key->p, &z) != MP_OKAY)
+        ret = MP_EXPTMOD_E;
+
+    if (ret == 0 && mp_to_unsigned_bin(&z, agree) != MP_OKAY)
+        ret = MP_TO_E;
+
+    if (ret == 0)
+        *agreeSz = mp_unsigned_bin_size(&z);
+
+    mp_clear(&z);
+    mp_clear(&y);
+    mp_clear(&x);
+
+    return ret;
+}
+
+
+#endif /* NO_DH */
+
diff --git a/3P/wolfssl/wolfcrypt/src/dsa.c b/3P/wolfssl/wolfcrypt/src/dsa.c
new file mode 100644
index 00000000..ac0d3b75
--- /dev/null
+++ b/3P/wolfssl/wolfcrypt/src/dsa.c
@@ -0,0 +1,226 @@
+/* dsa.c
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+#ifdef HAVE_CONFIG_H
+    #include 
+#endif
+
+#include 
+
+#ifndef NO_DSA
+
+#include 
+#include 
+#include 
+#include 
+
+
+enum {
+    DSA_HALF_SIZE = 20,   /* r and s size  */
+    DSA_SIG_SIZE  = 40    /* signature size */
+};
+
+
+#ifndef min
+
+    static INLINE word32 min(word32 a, word32 b)
+    {
+        return a > b ? b : a;
+    }
+
+#endif /* min */
+
+
+void wc_InitDsaKey(DsaKey* key)
+{
+    key->type = -1;  /* haven't decided yet */
+
+/* TomsFastMath doesn't use memory allocation */
+#ifndef USE_FAST_MATH
+    key->p.dp = 0;   /* public  alloc parts */
+    key->q.dp = 0;    
+    key->g.dp = 0;    
+    key->y.dp = 0;    
+
+    key->x.dp = 0;   /* private alloc parts */
+#endif
+}
+
+
+void wc_FreeDsaKey(DsaKey* key)
+{
+    (void)key;
+/* TomsFastMath doesn't use memory allocation */
+#ifndef USE_FAST_MATH
+    if (key->type == DSA_PRIVATE)
+        mp_clear(&key->x);
+    mp_clear(&key->y);
+    mp_clear(&key->g);
+    mp_clear(&key->q);
+    mp_clear(&key->p);
+#endif
+}
+
+
+int wc_DsaSign(const byte* digest, byte* out, DsaKey* key, RNG* rng)
+{
+    mp_int k, kInv, r, s, H;
+    int    ret, sz;
+    byte   buffer[DSA_HALF_SIZE];
+
+    sz = min(sizeof(buffer), mp_unsigned_bin_size(&key->q));
+
+    /* generate k */
+    ret = wc_RNG_GenerateBlock(rng, buffer, sz);
+    if (ret != 0)
+        return ret;
+
+    buffer[0] |= 0x0C;
+
+    if (mp_init_multi(&k, &kInv, &r, &s, &H, 0) != MP_OKAY)
+        return MP_INIT_E;
+
+    if (mp_read_unsigned_bin(&k, buffer, sz) != MP_OKAY)
+        ret = MP_READ_E;
+
+    if (ret == 0 && mp_cmp_d(&k, 1) != MP_GT)
+        ret = MP_CMP_E;
+
+    /* inverse k mod q */
+    if (ret == 0 && mp_invmod(&k, &key->q, &kInv) != MP_OKAY)
+        ret = MP_INVMOD_E;
+
+    /* generate r, r = (g exp k mod p) mod q */
+    if (ret == 0 && mp_exptmod(&key->g, &k, &key->p, &r) != MP_OKAY)
+        ret = MP_EXPTMOD_E;
+
+    if (ret == 0 && mp_mod(&r, &key->q, &r) != MP_OKAY)
+        ret = MP_MOD_E;
+
+    /* generate H from sha digest */
+    if (ret == 0 && mp_read_unsigned_bin(&H, digest,SHA_DIGEST_SIZE) != MP_OKAY)
+        ret = MP_READ_E;
+
+    /* generate s, s = (kInv * (H + x*r)) % q */
+    if (ret == 0 && mp_mul(&key->x, &r, &s) != MP_OKAY)
+        ret = MP_MUL_E;
+
+    if (ret == 0 && mp_add(&s, &H, &s) != MP_OKAY)
+        ret = MP_ADD_E;
+
+    if (ret == 0 && mp_mulmod(&s, &kInv, &key->q, &s) != MP_OKAY)
+        ret = MP_MULMOD_E;
+
+    /* write out */
+    if (ret == 0)  {
+        int rSz = mp_unsigned_bin_size(&r);
+        int sSz = mp_unsigned_bin_size(&s);
+
+        if (rSz == DSA_HALF_SIZE - 1) {
+            out[0] = 0;
+            out++;
+        }
+
+        if (mp_to_unsigned_bin(&r, out) != MP_OKAY)
+            ret = MP_TO_E;
+        else {
+            if (sSz == DSA_HALF_SIZE - 1) {
+                out[rSz] = 0;
+                out++;
+            }    
+            ret = mp_to_unsigned_bin(&s, out + rSz);
+        }
+    }
+
+    mp_clear(&H);
+    mp_clear(&s);
+    mp_clear(&r);
+    mp_clear(&kInv);
+    mp_clear(&k);
+
+    return ret;
+}
+
+
+int wc_DsaVerify(const byte* digest, const byte* sig, DsaKey* key, int* answer)
+{
+    mp_int w, u1, u2, v, r, s;
+    int    ret = 0;
+
+    if (mp_init_multi(&w, &u1, &u2, &v, &r, &s) != MP_OKAY)
+        return MP_INIT_E;
+
+    /* set r and s from signature */
+    if (mp_read_unsigned_bin(&r, sig, DSA_HALF_SIZE) != MP_OKAY ||
+        mp_read_unsigned_bin(&s, sig + DSA_HALF_SIZE, DSA_HALF_SIZE) != MP_OKAY)
+        ret = MP_READ_E;
+
+    /* sanity checks */
+
+
+    /* put H into u1 from sha digest */
+    if (ret == 0 && mp_read_unsigned_bin(&u1,digest,SHA_DIGEST_SIZE) != MP_OKAY)
+        ret = MP_READ_E;
+
+    /* w = s invmod q */
+    if (ret == 0 && mp_invmod(&s, &key->q, &w) != MP_OKAY)
+        ret = MP_INVMOD_E;
+
+    /* u1 = (H * w) % q */
+    if (ret == 0 && mp_mulmod(&u1, &w, &key->q, &u1) != MP_OKAY)
+        ret = MP_MULMOD_E;
+
+    /* u2 = (r * w) % q */
+    if (ret == 0 && mp_mulmod(&r, &w, &key->q, &u2) != MP_OKAY)
+        ret = MP_MULMOD_E;
+
+    /* verify v = ((g^u1 * y^u2) mod p) mod q */
+    if (ret == 0 && mp_exptmod(&key->g, &u1, &key->p, &u1) != MP_OKAY)
+        ret = MP_EXPTMOD_E;
+
+    if (ret == 0 && mp_exptmod(&key->y, &u2, &key->p, &u2) != MP_OKAY)
+        ret = MP_EXPTMOD_E;
+
+    if (ret == 0 && mp_mulmod(&u1, &u2, &key->p, &v) != MP_OKAY)
+        ret = MP_MULMOD_E;
+
+    if (ret == 0 && mp_mod(&v, &key->q, &v) != MP_OKAY)
+        ret = MP_MULMOD_E;
+
+    /* do they match */
+    if (ret == 0 && mp_cmp(&r, &v) == MP_EQ)
+        *answer = 1;
+    else
+        *answer = 0;
+
+    mp_clear(&s);
+    mp_clear(&r);
+    mp_clear(&u1);
+    mp_clear(&u2);
+    mp_clear(&w);
+    mp_clear(&v);
+
+    return ret;
+}
+
+
+#endif /* NO_DSA */
+
diff --git a/3P/wolfssl/wolfcrypt/src/ecc.c b/3P/wolfssl/wolfcrypt/src/ecc.c
new file mode 100644
index 00000000..dcb730d0
--- /dev/null
+++ b/3P/wolfssl/wolfcrypt/src/ecc.c
@@ -0,0 +1,4907 @@
+/* ecc.c
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#ifdef HAVE_CONFIG_H
+    #include 
+#endif
+
+/* in case user set HAVE_ECC there */
+#include 
+
+#ifdef HAVE_ECC
+
+#include 
+#include 
+#include 
+
+#ifdef HAVE_ECC_ENCRYPT
+    #include 
+    #include 
+#endif
+
+#ifdef NO_INLINE
+    #include 
+#else
+    #include 
+#endif
+
+/* map
+
+   ptmul -> mulmod
+
+*/
+
+#define ECC112
+#define ECC128
+#define ECC160
+#define ECC192
+#define ECC224
+#define ECC256
+#define ECC384
+#define ECC521
+
+
+
+/* This holds the key settings.  ***MUST*** be organized by size from
+   smallest to largest. */
+
+const ecc_set_type ecc_sets[] = {
+#ifdef ECC112
+{
+        14,
+        "SECP112R1",
+        "DB7C2ABF62E35E668076BEAD208B",
+        "DB7C2ABF62E35E668076BEAD2088",
+        "659EF8BA043916EEDE8911702B22",
+        "DB7C2ABF62E35E7628DFAC6561C5",
+        "09487239995A5EE76B55F9C2F098",
+        "A89CE5AF8724C0A23E0E0FF77500"
+},
+#endif
+#ifdef ECC128
+{
+        16,
+        "SECP128R1",
+        "FFFFFFFDFFFFFFFFFFFFFFFFFFFFFFFF",
+        "FFFFFFFDFFFFFFFFFFFFFFFFFFFFFFFC",
+        "E87579C11079F43DD824993C2CEE5ED3",
+        "FFFFFFFE0000000075A30D1B9038A115",
+        "161FF7528B899B2D0C28607CA52C5B86",
+        "CF5AC8395BAFEB13C02DA292DDED7A83",
+},
+#endif
+#ifdef ECC160
+{
+        20,
+        "SECP160R1",
+        "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7FFFFFFF",
+        "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7FFFFFFC",
+        "1C97BEFC54BD7A8B65ACF89F81D4D4ADC565FA45",
+        "0100000000000000000001F4C8F927AED3CA752257",
+        "4A96B5688EF573284664698968C38BB913CBFC82",
+        "23A628553168947D59DCC912042351377AC5FB32",
+},
+#endif
+#ifdef ECC192
+{
+        24,
+        "ECC-192",
+        "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFF",
+        "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFC",
+        "64210519E59C80E70FA7E9AB72243049FEB8DEECC146B9B1",
+        "FFFFFFFFFFFFFFFFFFFFFFFF99DEF836146BC9B1B4D22831",
+        "188DA80EB03090F67CBF20EB43A18800F4FF0AFD82FF1012",
+        "7192B95FFC8DA78631011ED6B24CDD573F977A11E794811",
+},
+#endif
+#ifdef ECC224
+{
+        28,
+        "ECC-224",
+        "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF000000000000000000000001",
+        "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFE",
+        "B4050A850C04B3ABF54132565044B0B7D7BFD8BA270B39432355FFB4",
+        "FFFFFFFFFFFFFFFFFFFFFFFFFFFF16A2E0B8F03E13DD29455C5C2A3D",
+        "B70E0CBD6BB4BF7F321390B94A03C1D356C21122343280D6115C1D21",
+        "BD376388B5F723FB4C22DFE6CD4375A05A07476444D5819985007E34",
+},
+#endif
+#ifdef ECC256
+{
+        32,
+        "ECC-256",
+        "FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF",
+        "FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC",
+        "5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B",
+        "FFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551",
+        "6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296",
+        "4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5",
+},
+#endif
+#ifdef ECC384
+{
+        48,
+        "ECC-384",
+        "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFF",
+        "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFC",
+        "B3312FA7E23EE7E4988E056BE3F82D19181D9C6EFE8141120314088F5013875AC656398D8A2ED19D2A85C8EDD3EC2AEF",
+        "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC7634D81F4372DDF581A0DB248B0A77AECEC196ACCC52973",
+        "AA87CA22BE8B05378EB1C71EF320AD746E1D3B628BA79B9859F741E082542A385502F25DBF55296C3A545E3872760AB7",
+        "3617DE4A96262C6F5D9E98BF9292DC29F8F41DBD289A147CE9DA3113B5F0B8C00A60B1CE1D7E819D7A431D7C90EA0E5F",
+},
+#endif
+#ifdef ECC521
+{
+        66,
+        "ECC-521",
+        "1FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF",
+        "1FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC",
+        "51953EB9618E1C9A1F929A21A0B68540EEA2DA725B99B315F3B8B489918EF109E156193951EC7E937B1652C0BD3BB1BF073573DF883D2C34F1EF451FD46B503F00",
+        "1FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFA51868783BF2F966B7FCC0148F709A5D03BB5C9B8899C47AEBB6FB71E91386409",
+        "C6858E06B70404E9CD9E3ECB662395B4429C648139053FB521F828AF606B4D3DBAA14B5E77EFE75928FE1DC127A2FFA8DE3348B3C1856A429BF97E7E31C2E5BD66",
+        "11839296A789A3BC0045C8A5FB42C7D1BD998F54449579B446817AFBD17273E662C97EE72995EF42640C550B9013FAD0761353C7086A272C24088BE94769FD16650",
+},
+#endif
+{
+   0,
+   NULL, NULL, NULL, NULL, NULL, NULL, NULL
+}
+};
+
+
+ecc_point* ecc_new_point(void);
+void ecc_del_point(ecc_point* p);
+int  ecc_map(ecc_point*, mp_int*, mp_digit*);
+int  ecc_projective_add_point(ecc_point* P, ecc_point* Q, ecc_point* R,
+                              mp_int* modulus, mp_digit* mp);
+int  ecc_projective_dbl_point(ecc_point* P, ecc_point* R, mp_int* modulus,
+                              mp_digit* mp);
+static int ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R, mp_int* modulus,
+                      int map);
+#ifdef ECC_SHAMIR
+static int ecc_mul2add(ecc_point* A, mp_int* kA, ecc_point* B, mp_int* kB,
+                       ecc_point* C, mp_int* modulus);
+#endif
+
+int mp_jacobi(mp_int* a, mp_int* p, int* c);
+int mp_sqrtmod_prime(mp_int* n, mp_int* prime, mp_int* ret);
+int mp_submod(mp_int* a, mp_int* b, mp_int* c, mp_int* d);
+
+#ifdef HAVE_COMP_KEY
+static int wc_ecc_export_x963_compressed(ecc_key*, byte* out, word32* outLen);
+#endif
+
+/* helper for either lib */
+static int get_digit_count(mp_int* a)
+{
+    if (a == NULL)
+        return 0;
+
+    return a->used;
+}
+
+/* helper for either lib */
+static mp_digit get_digit(mp_int* a, int n)
+{
+    if (a == NULL)
+        return 0;
+
+    return (n >= a->used || n < 0) ? 0 : a->dp[n];
+}
+
+
+#if defined(USE_FAST_MATH)
+
+/* fast math accelerated version, but not for fp ecc yet */
+
+/**
+   Add two ECC points
+   P        The point to add
+   Q        The point to add
+   R        [out] The destination of the double
+   modulus  The modulus of the field the ECC curve is in
+   mp       The "b" value from montgomery_setup()
+   return   MP_OKAY on success
+*/
+int ecc_projective_add_point(ecc_point *P, ecc_point *Q, ecc_point *R,
+                             mp_int* modulus, mp_digit* mp)
+{
+   fp_int t1, t2, x, y, z;
+   int    err;
+
+   if (P == NULL || Q == NULL || R == NULL || modulus == NULL || mp == NULL)
+       return ECC_BAD_ARG_E;
+
+   if ((err = mp_init_multi(&t1, &t2, &x, &y, &z, NULL)) != MP_OKAY) {
+      return err;
+   }
+
+   /* should we dbl instead? */
+   fp_sub(modulus, Q->y, &t1);
+   if ( (fp_cmp(P->x, Q->x) == FP_EQ) && 
+        (get_digit_count(Q->z) && fp_cmp(P->z, Q->z) == FP_EQ) &&
+        (fp_cmp(P->y, Q->y) == FP_EQ || fp_cmp(P->y, &t1) == FP_EQ)) {
+        return ecc_projective_dbl_point(P, R, modulus, mp);
+   }
+
+   fp_copy(P->x, &x);
+   fp_copy(P->y, &y);
+   fp_copy(P->z, &z);
+
+   /* if Z is one then these are no-operations */
+   if (get_digit_count(Q->z)) {
+      /* T1 = Z' * Z' */
+      fp_sqr(Q->z, &t1);
+      fp_montgomery_reduce(&t1, modulus, *mp);
+      /* X = X * T1 */
+      fp_mul(&t1, &x, &x);
+      fp_montgomery_reduce(&x, modulus, *mp);
+      /* T1 = Z' * T1 */
+      fp_mul(Q->z, &t1, &t1);
+      fp_montgomery_reduce(&t1, modulus, *mp);
+      /* Y = Y * T1 */
+      fp_mul(&t1, &y, &y);
+      fp_montgomery_reduce(&y, modulus, *mp);
+   }
+
+   /* T1 = Z*Z */
+   fp_sqr(&z, &t1);
+   fp_montgomery_reduce(&t1, modulus, *mp);
+   /* T2 = X' * T1 */
+   fp_mul(Q->x, &t1, &t2);
+   fp_montgomery_reduce(&t2, modulus, *mp);
+   /* T1 = Z * T1 */
+   fp_mul(&z, &t1, &t1);
+   fp_montgomery_reduce(&t1, modulus, *mp);
+   /* T1 = Y' * T1 */
+   fp_mul(Q->y, &t1, &t1);
+   fp_montgomery_reduce(&t1, modulus, *mp);
+
+   /* Y = Y - T1 */
+   fp_sub(&y, &t1, &y);
+   if (fp_cmp_d(&y, 0) == FP_LT) {
+      fp_add(&y, modulus, &y);
+   }
+   /* T1 = 2T1 */
+   fp_add(&t1, &t1, &t1);
+   if (fp_cmp(&t1, modulus) != FP_LT) {
+      fp_sub(&t1, modulus, &t1);
+   }
+   /* T1 = Y + T1 */
+   fp_add(&t1, &y, &t1);
+   if (fp_cmp(&t1, modulus) != FP_LT) {
+      fp_sub(&t1, modulus, &t1);
+   }
+   /* X = X - T2 */
+   fp_sub(&x, &t2, &x);
+   if (fp_cmp_d(&x, 0) == FP_LT) {
+      fp_add(&x, modulus, &x);
+   }
+   /* T2 = 2T2 */
+   fp_add(&t2, &t2, &t2);
+   if (fp_cmp(&t2, modulus) != FP_LT) {
+      fp_sub(&t2, modulus, &t2);
+   }
+   /* T2 = X + T2 */
+   fp_add(&t2, &x, &t2);
+   if (fp_cmp(&t2, modulus) != FP_LT) {
+      fp_sub(&t2, modulus, &t2);
+   }
+
+   /* if Z' != 1 */
+   if (get_digit_count(Q->z)) {
+      /* Z = Z * Z' */
+      fp_mul(&z, Q->z, &z);
+      fp_montgomery_reduce(&z, modulus, *mp);
+   }
+
+   /* Z = Z * X */
+   fp_mul(&z, &x, &z);
+   fp_montgomery_reduce(&z, modulus, *mp);
+
+   /* T1 = T1 * X  */
+   fp_mul(&t1, &x, &t1);
+   fp_montgomery_reduce(&t1, modulus, *mp);
+   /* X = X * X */
+   fp_sqr(&x, &x);
+   fp_montgomery_reduce(&x, modulus, *mp);
+   /* T2 = T2 * x */
+   fp_mul(&t2, &x, &t2);
+   fp_montgomery_reduce(&t2, modulus, *mp);
+   /* T1 = T1 * X  */
+   fp_mul(&t1, &x, &t1);
+   fp_montgomery_reduce(&t1, modulus, *mp);
+ 
+   /* X = Y*Y */
+   fp_sqr(&y, &x);
+   fp_montgomery_reduce(&x, modulus, *mp);
+   /* X = X - T2 */
+   fp_sub(&x, &t2, &x);
+   if (fp_cmp_d(&x, 0) == FP_LT) {
+      fp_add(&x, modulus, &x);
+   }
+
+   /* T2 = T2 - X */
+   fp_sub(&t2, &x, &t2);
+   if (fp_cmp_d(&t2, 0) == FP_LT) {
+      fp_add(&t2, modulus, &t2);
+   } 
+   /* T2 = T2 - X */
+   fp_sub(&t2, &x, &t2);
+   if (fp_cmp_d(&t2, 0) == FP_LT) {
+      fp_add(&t2, modulus, &t2);
+   }
+   /* T2 = T2 * Y */
+   fp_mul(&t2, &y, &t2);
+   fp_montgomery_reduce(&t2, modulus, *mp);
+   /* Y = T2 - T1 */
+   fp_sub(&t2, &t1, &y);
+   if (fp_cmp_d(&y, 0) == FP_LT) {
+      fp_add(&y, modulus, &y);
+   }
+   /* Y = Y/2 */
+   if (fp_isodd(&y)) {
+      fp_add(&y, modulus, &y);
+   }
+   fp_div_2(&y, &y);
+
+   fp_copy(&x, R->x);
+   fp_copy(&y, R->y);
+   fp_copy(&z, R->z);
+   
+   return MP_OKAY;
+}
+
+
+/**
+   Double an ECC point
+   P   The point to double
+   R   [out] The destination of the double
+   modulus  The modulus of the field the ECC curve is in
+   mp       The "b" value from montgomery_setup()
+   return   MP_OKAY on success
+*/
+int ecc_projective_dbl_point(ecc_point *P, ecc_point *R, mp_int* modulus,
+                             mp_digit* mp)
+{
+   fp_int   t1, t2;
+   int      err;
+
+   if (P == NULL || R == NULL || modulus == NULL || mp == NULL)
+       return ECC_BAD_ARG_E;
+
+   if (P != R) {
+      fp_copy(P->x, R->x);
+      fp_copy(P->y, R->y);
+      fp_copy(P->z, R->z);
+   }
+
+   if ((err = mp_init_multi(&t1, &t2, NULL, NULL, NULL, NULL)) != MP_OKAY) {
+      return err;
+   }
+
+   /* t1 = Z * Z */
+   fp_sqr(R->z, &t1);
+   fp_montgomery_reduce(&t1, modulus, *mp);
+   /* Z = Y * Z */
+   fp_mul(R->z, R->y, R->z);
+   fp_montgomery_reduce(R->z, modulus, *mp);
+   /* Z = 2Z */
+   fp_add(R->z, R->z, R->z);
+   if (fp_cmp(R->z, modulus) != FP_LT) {
+      fp_sub(R->z, modulus, R->z);
+   }
+   
+   /* &t2 = X - T1 */
+   fp_sub(R->x, &t1, &t2);
+   if (fp_cmp_d(&t2, 0) == FP_LT) {
+      fp_add(&t2, modulus, &t2);
+   }
+   /* T1 = X + T1 */
+   fp_add(&t1, R->x, &t1);
+   if (fp_cmp(&t1, modulus) != FP_LT) {
+      fp_sub(&t1, modulus, &t1);
+   }
+   /* T2 = T1 * T2 */
+   fp_mul(&t1, &t2, &t2);
+   fp_montgomery_reduce(&t2, modulus, *mp);
+   /* T1 = 2T2 */
+   fp_add(&t2, &t2, &t1);
+   if (fp_cmp(&t1, modulus) != FP_LT) {
+      fp_sub(&t1, modulus, &t1);
+   }
+   /* T1 = T1 + T2 */
+   fp_add(&t1, &t2, &t1);
+   if (fp_cmp(&t1, modulus) != FP_LT) {
+      fp_sub(&t1, modulus, &t1);
+   }
+
+   /* Y = 2Y */
+   fp_add(R->y, R->y, R->y);
+   if (fp_cmp(R->y, modulus) != FP_LT) {
+      fp_sub(R->y, modulus, R->y);
+   }
+   /* Y = Y * Y */
+   fp_sqr(R->y, R->y);
+   fp_montgomery_reduce(R->y, modulus, *mp);
+   /* T2 = Y * Y */
+   fp_sqr(R->y, &t2);
+   fp_montgomery_reduce(&t2, modulus, *mp);
+   /* T2 = T2/2 */
+   if (fp_isodd(&t2)) {
+      fp_add(&t2, modulus, &t2);
+   }
+   fp_div_2(&t2, &t2);
+   /* Y = Y * X */
+   fp_mul(R->y, R->x, R->y);
+   fp_montgomery_reduce(R->y, modulus, *mp);
+
+   /* X  = T1 * T1 */
+   fp_sqr(&t1, R->x);
+   fp_montgomery_reduce(R->x, modulus, *mp);
+   /* X = X - Y */
+   fp_sub(R->x, R->y, R->x);
+   if (fp_cmp_d(R->x, 0) == FP_LT) {
+      fp_add(R->x, modulus, R->x);
+   }
+   /* X = X - Y */
+   fp_sub(R->x, R->y, R->x);
+   if (fp_cmp_d(R->x, 0) == FP_LT) {
+      fp_add(R->x, modulus, R->x);
+   }
+
+   /* Y = Y - X */     
+   fp_sub(R->y, R->x, R->y);
+   if (fp_cmp_d(R->y, 0) == FP_LT) {
+      fp_add(R->y, modulus, R->y);
+   }
+   /* Y = Y * T1 */
+   fp_mul(R->y, &t1, R->y);
+   fp_montgomery_reduce(R->y, modulus, *mp);
+   /* Y = Y - T2 */
+   fp_sub(R->y, &t2, R->y);
+   if (fp_cmp_d(R->y, 0) == FP_LT) {
+      fp_add(R->y, modulus, R->y);
+   }
+ 
+   return MP_OKAY;
+}
+
+#else /* USE_FAST_MATH */
+
+/**
+   Add two ECC points
+   P        The point to add
+   Q        The point to add
+   R        [out] The destination of the double
+   modulus  The modulus of the field the ECC curve is in
+   mp       The "b" value from montgomery_setup()
+   return   MP_OKAY on success
+*/
+int ecc_projective_add_point(ecc_point* P, ecc_point* Q, ecc_point* R,
+                             mp_int* modulus, mp_digit* mp)
+{
+   mp_int t1;
+   mp_int t2;
+   mp_int x;
+   mp_int y;
+   mp_int z;
+   int    err;
+
+   if (P == NULL || Q == NULL || R == NULL || modulus == NULL || mp == NULL)
+       return ECC_BAD_ARG_E;
+
+   if ((err = mp_init_multi(&t1, &t2, &x, &y, &z, NULL)) != MP_OKAY) {
+      return err;
+   }
+   
+   /* should we dbl instead? */
+   err = mp_sub(modulus, Q->y, &t1);
+
+   if (err == MP_OKAY) {
+       if ( (mp_cmp(P->x, Q->x) == MP_EQ) && 
+            (get_digit_count(Q->z) && mp_cmp(P->z, Q->z) == MP_EQ) &&
+            (mp_cmp(P->y, Q->y) == MP_EQ || mp_cmp(P->y, &t1) == MP_EQ)) {
+                mp_clear(&t1);
+                mp_clear(&t2);
+                mp_clear(&x);
+                mp_clear(&y);
+                mp_clear(&z);
+
+                return ecc_projective_dbl_point(P, R, modulus, mp);
+       }
+   }
+
+   if (err == MP_OKAY)
+       err = mp_copy(P->x, &x);
+   if (err == MP_OKAY)
+       err = mp_copy(P->y, &y);
+   if (err == MP_OKAY)
+       err = mp_copy(P->z, &z);
+
+   /* if Z is one then these are no-operations */
+   if (err == MP_OKAY) {
+       if (get_digit_count(Q->z)) {
+           /* T1 = Z' * Z' */
+           err = mp_sqr(Q->z, &t1);
+           if (err == MP_OKAY)
+               err = mp_montgomery_reduce(&t1, modulus, *mp);
+
+           /* X = X * T1 */
+           if (err == MP_OKAY)
+               err = mp_mul(&t1, &x, &x);
+           if (err == MP_OKAY)
+               err = mp_montgomery_reduce(&x, modulus, *mp);
+
+           /* T1 = Z' * T1 */
+           if (err == MP_OKAY)
+               err = mp_mul(Q->z, &t1, &t1);
+           if (err == MP_OKAY)
+               err = mp_montgomery_reduce(&t1, modulus, *mp);
+
+           /* Y = Y * T1 */
+           if (err == MP_OKAY)
+               err = mp_mul(&t1, &y, &y);
+           if (err == MP_OKAY)
+               err = mp_montgomery_reduce(&y, modulus, *mp);
+       }
+   }
+
+   /* T1 = Z*Z */
+   if (err == MP_OKAY)
+       err = mp_sqr(&z, &t1);
+   if (err == MP_OKAY)
+       err = mp_montgomery_reduce(&t1, modulus, *mp);
+
+   /* T2 = X' * T1 */
+   if (err == MP_OKAY)
+       err = mp_mul(Q->x, &t1, &t2);
+   if (err == MP_OKAY)
+       err = mp_montgomery_reduce(&t2, modulus, *mp);
+
+   /* T1 = Z * T1 */
+   if (err == MP_OKAY)
+       err = mp_mul(&z, &t1, &t1);
+   if (err == MP_OKAY)
+       err = mp_montgomery_reduce(&t1, modulus, *mp);
+
+   /* T1 = Y' * T1 */
+   if (err == MP_OKAY)
+       err = mp_mul(Q->y, &t1, &t1);
+   if (err == MP_OKAY)
+       err = mp_montgomery_reduce(&t1, modulus, *mp);
+
+   /* Y = Y - T1 */
+   if (err == MP_OKAY)
+       err = mp_sub(&y, &t1, &y);
+   if (err == MP_OKAY) {
+       if (mp_cmp_d(&y, 0) == MP_LT)
+           err = mp_add(&y, modulus, &y);
+   }
+   /* T1 = 2T1 */
+   if (err == MP_OKAY)
+       err = mp_add(&t1, &t1, &t1);
+   if (err == MP_OKAY) {
+       if (mp_cmp(&t1, modulus) != MP_LT)
+           err = mp_sub(&t1, modulus, &t1);
+   }
+   /* T1 = Y + T1 */
+   if (err == MP_OKAY)
+       err = mp_add(&t1, &y, &t1);
+   if (err == MP_OKAY) {
+       if (mp_cmp(&t1, modulus) != MP_LT)
+           err = mp_sub(&t1, modulus, &t1);
+   }
+   /* X = X - T2 */
+   if (err == MP_OKAY)
+       err = mp_sub(&x, &t2, &x);
+   if (err == MP_OKAY) {
+       if (mp_cmp_d(&x, 0) == MP_LT)
+           err = mp_add(&x, modulus, &x);
+   }
+   /* T2 = 2T2 */
+   if (err == MP_OKAY)
+       err = mp_add(&t2, &t2, &t2);
+   if (err == MP_OKAY) {
+       if (mp_cmp(&t2, modulus) != MP_LT)
+           err = mp_sub(&t2, modulus, &t2);
+   }
+   /* T2 = X + T2 */
+   if (err == MP_OKAY)
+       err = mp_add(&t2, &x, &t2);
+   if (err == MP_OKAY) {
+       if (mp_cmp(&t2, modulus) != MP_LT)
+           err = mp_sub(&t2, modulus, &t2);
+   }
+
+   if (err == MP_OKAY) {
+       if (get_digit_count(Q->z)) {
+           /* Z = Z * Z' */
+           err = mp_mul(&z, Q->z, &z);
+           if (err == MP_OKAY)
+               err = mp_montgomery_reduce(&z, modulus, *mp);
+       }
+   }
+
+   /* Z = Z * X */
+   if (err == MP_OKAY)
+       err = mp_mul(&z, &x, &z);
+   if (err == MP_OKAY)
+       err = mp_montgomery_reduce(&z, modulus, *mp);
+
+   /* T1 = T1 * X  */
+   if (err == MP_OKAY)
+       err = mp_mul(&t1, &x, &t1);
+   if (err == MP_OKAY)
+       err = mp_montgomery_reduce(&t1, modulus, *mp);
+
+   /* X = X * X */
+   if (err == MP_OKAY)
+       err = mp_sqr(&x, &x);
+   if (err == MP_OKAY)
+       err = mp_montgomery_reduce(&x, modulus, *mp);
+   
+   /* T2 = T2 * x */
+   if (err == MP_OKAY)
+       err = mp_mul(&t2, &x, &t2);
+   if (err == MP_OKAY)
+       err = mp_montgomery_reduce(&t2, modulus, *mp);
+
+   /* T1 = T1 * X  */
+   if (err == MP_OKAY)
+       err = mp_mul(&t1, &x, &t1);
+   if (err == MP_OKAY)
+       err = mp_montgomery_reduce(&t1, modulus, *mp);
+ 
+   /* X = Y*Y */
+   if (err == MP_OKAY)
+       err = mp_sqr(&y, &x);
+   if (err == MP_OKAY)
+       err = mp_montgomery_reduce(&x, modulus, *mp);
+
+   /* X = X - T2 */
+   if (err == MP_OKAY)
+       err = mp_sub(&x, &t2, &x);
+   if (err == MP_OKAY) {
+       if (mp_cmp_d(&x, 0) == MP_LT)
+           err = mp_add(&x, modulus, &x);
+   }
+   /* T2 = T2 - X */
+   if (err == MP_OKAY)
+       err = mp_sub(&t2, &x, &t2);
+   if (err == MP_OKAY) {
+       if (mp_cmp_d(&t2, 0) == MP_LT)
+           err = mp_add(&t2, modulus, &t2);
+   } 
+   /* T2 = T2 - X */
+   if (err == MP_OKAY)
+       err = mp_sub(&t2, &x, &t2);
+   if (err == MP_OKAY) {
+       if (mp_cmp_d(&t2, 0) == MP_LT)
+           err = mp_add(&t2, modulus, &t2);
+   }
+   /* T2 = T2 * Y */
+   if (err == MP_OKAY)
+       err = mp_mul(&t2, &y, &t2);
+   if (err == MP_OKAY)
+       err = mp_montgomery_reduce(&t2, modulus, *mp);
+
+   /* Y = T2 - T1 */
+   if (err == MP_OKAY)
+       err = mp_sub(&t2, &t1, &y);
+   if (err == MP_OKAY) {
+       if (mp_cmp_d(&y, 0) == MP_LT)
+           err = mp_add(&y, modulus, &y);
+   }
+   /* Y = Y/2 */
+   if (err == MP_OKAY) {
+       if (mp_isodd(&y))
+           err = mp_add(&y, modulus, &y);
+   }
+   if (err == MP_OKAY)
+       err = mp_div_2(&y, &y);
+
+   if (err == MP_OKAY)
+       err = mp_copy(&x, R->x);
+   if (err == MP_OKAY)
+       err = mp_copy(&y, R->y);
+   if (err == MP_OKAY)
+       err = mp_copy(&z, R->z);
+
+   /* clean up */
+   mp_clear(&t1);
+   mp_clear(&t2);
+   mp_clear(&x);
+   mp_clear(&y);
+   mp_clear(&z);
+
+   return err;
+}
+
+
+/**
+   Double an ECC point
+   P   The point to double
+   R   [out] The destination of the double
+   modulus  The modulus of the field the ECC curve is in
+   mp       The "b" value from montgomery_setup()
+   return   MP_OKAY on success
+*/
+int ecc_projective_dbl_point(ecc_point *P, ecc_point *R, mp_int* modulus,
+                             mp_digit* mp)
+{
+   mp_int t1;
+   mp_int t2;
+   int    err;
+
+   if (P == NULL || R == NULL || modulus == NULL || mp == NULL)
+       return ECC_BAD_ARG_E;
+
+   if ((err = mp_init_multi(&t1, &t2, NULL, NULL, NULL, NULL)) != MP_OKAY) {
+      return err;
+   }
+
+   if (P != R) {
+      err = mp_copy(P->x, R->x);
+      if (err == MP_OKAY)
+          err = mp_copy(P->y, R->y);
+      if (err == MP_OKAY)
+          err = mp_copy(P->z, R->z);
+   }
+
+   /* t1 = Z * Z */
+   if (err == MP_OKAY)
+       err = mp_sqr(R->z, &t1);
+   if (err == MP_OKAY)
+       err = mp_montgomery_reduce(&t1, modulus, *mp);
+
+   /* Z = Y * Z */
+   if (err == MP_OKAY)
+       err = mp_mul(R->z, R->y, R->z);
+   if (err == MP_OKAY)
+       err = mp_montgomery_reduce(R->z, modulus, *mp);
+
+   /* Z = 2Z */
+   if (err == MP_OKAY)
+       err = mp_add(R->z, R->z, R->z);
+   if (err == MP_OKAY) {
+       if (mp_cmp(R->z, modulus) != MP_LT)
+           err = mp_sub(R->z, modulus, R->z);
+   }
+
+   /* T2 = X - T1 */
+   if (err == MP_OKAY)
+       err = mp_sub(R->x, &t1, &t2);
+   if (err == MP_OKAY) {
+       if (mp_cmp_d(&t2, 0) == MP_LT)
+           err = mp_add(&t2, modulus, &t2);
+   }
+   /* T1 = X + T1 */
+   if (err == MP_OKAY)
+       err = mp_add(&t1, R->x, &t1);
+   if (err == MP_OKAY) {
+       if (mp_cmp(&t1, modulus) != MP_LT)
+           err = mp_sub(&t1, modulus, &t1);
+   }
+   /* T2 = T1 * T2 */
+   if (err == MP_OKAY)
+       err = mp_mul(&t1, &t2, &t2);
+   if (err == MP_OKAY)
+       err = mp_montgomery_reduce(&t2, modulus, *mp);
+
+   /* T1 = 2T2 */
+   if (err == MP_OKAY)
+       err = mp_add(&t2, &t2, &t1);
+   if (err == MP_OKAY) {
+       if (mp_cmp(&t1, modulus) != MP_LT)
+           err = mp_sub(&t1, modulus, &t1);
+   }
+   /* T1 = T1 + T2 */
+   if (err == MP_OKAY)
+       err = mp_add(&t1, &t2, &t1);
+   if (err == MP_OKAY) {
+       if (mp_cmp(&t1, modulus) != MP_LT)
+           err = mp_sub(&t1, modulus, &t1);
+   }
+   /* Y = 2Y */
+   if (err == MP_OKAY)
+       err = mp_add(R->y, R->y, R->y);
+   if (err == MP_OKAY) {
+       if (mp_cmp(R->y, modulus) != MP_LT)
+           err = mp_sub(R->y, modulus, R->y);
+   }
+   /* Y = Y * Y */
+   if (err == MP_OKAY)
+       err = mp_sqr(R->y, R->y);
+   if (err == MP_OKAY)
+       err = mp_montgomery_reduce(R->y, modulus, *mp);
+   
+   /* T2 = Y * Y */
+   if (err == MP_OKAY)
+       err = mp_sqr(R->y, &t2);
+   if (err == MP_OKAY)
+       err = mp_montgomery_reduce(&t2, modulus, *mp);
+
+   /* T2 = T2/2 */
+   if (err == MP_OKAY) {
+       if (mp_isodd(&t2))
+           err = mp_add(&t2, modulus, &t2);
+   }
+   if (err == MP_OKAY)
+       err = mp_div_2(&t2, &t2);
+   
+   /* Y = Y * X */
+   if (err == MP_OKAY)
+       err = mp_mul(R->y, R->x, R->y);
+   if (err == MP_OKAY)
+       err = mp_montgomery_reduce(R->y, modulus, *mp);
+
+   /* X  = T1 * T1 */
+   if (err == MP_OKAY)
+       err = mp_sqr(&t1, R->x);
+   if (err == MP_OKAY)
+       err = mp_montgomery_reduce(R->x, modulus, *mp);
+
+   /* X = X - Y */
+   if (err == MP_OKAY)
+       err = mp_sub(R->x, R->y, R->x);
+   if (err == MP_OKAY) {
+       if (mp_cmp_d(R->x, 0) == MP_LT)
+           err = mp_add(R->x, modulus, R->x);
+   }
+   /* X = X - Y */
+   if (err == MP_OKAY)
+       err = mp_sub(R->x, R->y, R->x);
+   if (err == MP_OKAY) {
+       if (mp_cmp_d(R->x, 0) == MP_LT)
+           err = mp_add(R->x, modulus, R->x);
+   }
+   /* Y = Y - X */     
+   if (err == MP_OKAY)
+       err = mp_sub(R->y, R->x, R->y);
+   if (err == MP_OKAY) {
+       if (mp_cmp_d(R->y, 0) == MP_LT)
+           err = mp_add(R->y, modulus, R->y);
+   }
+   /* Y = Y * T1 */
+   if (err == MP_OKAY)
+       err = mp_mul(R->y, &t1, R->y);
+   if (err == MP_OKAY)
+       err = mp_montgomery_reduce(R->y, modulus, *mp);
+
+   /* Y = Y - T2 */
+   if (err == MP_OKAY)
+       err = mp_sub(R->y, &t2, R->y);
+   if (err == MP_OKAY) {
+       if (mp_cmp_d(R->y, 0) == MP_LT)
+           err = mp_add(R->y, modulus, R->y);
+   }
+
+   /* clean up */ 
+   mp_clear(&t1);
+   mp_clear(&t2);
+
+   return err;
+}
+
+#endif /* USE_FAST_MATH */
+
+/**
+  Map a projective jacbobian point back to affine space
+  P        [in/out] The point to map
+  modulus  The modulus of the field the ECC curve is in
+  mp       The "b" value from montgomery_setup()
+  return   MP_OKAY on success
+*/
+int ecc_map(ecc_point* P, mp_int* modulus, mp_digit* mp)
+{
+   mp_int t1;
+   mp_int t2;
+   int    err;
+
+   if (P == NULL || mp == NULL || modulus == NULL)
+       return ECC_BAD_ARG_E;
+
+   if ((err = mp_init_multi(&t1, &t2, NULL, NULL, NULL, NULL)) != MP_OKAY) {
+      return MEMORY_E;
+   }
+
+   /* first map z back to normal */
+   err = mp_montgomery_reduce(P->z, modulus, *mp);
+
+   /* get 1/z */
+   if (err == MP_OKAY)
+       err = mp_invmod(P->z, modulus, &t1);
+ 
+   /* get 1/z^2 and 1/z^3 */
+   if (err == MP_OKAY)
+       err = mp_sqr(&t1, &t2);
+   if (err == MP_OKAY)
+       err = mp_mod(&t2, modulus, &t2);
+   if (err == MP_OKAY)
+       err = mp_mul(&t1, &t2, &t1);
+   if (err == MP_OKAY)
+       err = mp_mod(&t1, modulus, &t1);
+
+   /* multiply against x/y */
+   if (err == MP_OKAY)
+       err = mp_mul(P->x, &t2, P->x);
+   if (err == MP_OKAY)
+       err = mp_montgomery_reduce(P->x, modulus, *mp);
+   if (err == MP_OKAY)
+       err = mp_mul(P->y, &t1, P->y);
+   if (err == MP_OKAY)
+       err = mp_montgomery_reduce(P->y, modulus, *mp);
+   
+   if (err == MP_OKAY)
+       mp_set(P->z, 1);
+
+   /* clean up */
+   mp_clear(&t1);
+   mp_clear(&t2);
+
+   return err;
+}
+
+
+#ifndef ECC_TIMING_RESISTANT
+
+/* size of sliding window, don't change this! */
+#define WINSIZE 4
+
+/**
+   Perform a point multiplication 
+   k    The scalar to multiply by
+   G    The base point
+   R    [out] Destination for kG
+   modulus  The modulus of the field the ECC curve is in
+   map      Boolean whether to map back to affine or not
+                (1==map, 0 == leave in projective)
+   return MP_OKAY on success
+*/
+#ifdef FP_ECC
+static int normal_ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R,
+                             mp_int* modulus, int map)
+#else
+static int ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R, mp_int* modulus,
+                      int map)
+#endif
+{
+   ecc_point *tG, *M[8];
+   int           i, j, err;
+   mp_int        mu;
+   mp_digit      mp;
+   mp_digit      buf;
+   int           first = 1, bitbuf = 0, bitcpy = 0, bitcnt = 0, mode = 0,
+                 digidx = 0;
+
+   if (k == NULL || G == NULL || R == NULL || modulus == NULL)
+       return ECC_BAD_ARG_E;
+
+   /* init montgomery reduction */
+   if ((err = mp_montgomery_setup(modulus, &mp)) != MP_OKAY) {
+      return err;
+   }
+   if ((err = mp_init(&mu)) != MP_OKAY) {
+      return err;
+   }
+   if ((err = mp_montgomery_calc_normalization(&mu, modulus)) != MP_OKAY) {
+      mp_clear(&mu);
+      return err;
+   }
+  
+  /* alloc ram for window temps */
+  for (i = 0; i < 8; i++) {
+      M[i] = ecc_new_point();
+      if (M[i] == NULL) {
+         for (j = 0; j < i; j++) {
+             ecc_del_point(M[j]);
+         }
+         mp_clear(&mu);
+         return MEMORY_E;
+      }
+  }
+
+   /* make a copy of G incase R==G */
+   tG = ecc_new_point();
+   if (tG == NULL)
+       err = MEMORY_E;
+
+   /* tG = G  and convert to montgomery */
+   if (err == MP_OKAY) {
+       if (mp_cmp_d(&mu, 1) == MP_EQ) {
+           err = mp_copy(G->x, tG->x);
+           if (err == MP_OKAY)
+               err = mp_copy(G->y, tG->y);
+           if (err == MP_OKAY)
+               err = mp_copy(G->z, tG->z);
+       } else {
+           err = mp_mulmod(G->x, &mu, modulus, tG->x);
+           if (err == MP_OKAY)
+               err = mp_mulmod(G->y, &mu, modulus, tG->y);
+           if (err == MP_OKAY)
+               err = mp_mulmod(G->z, &mu, modulus, tG->z);
+       }
+   }
+   mp_clear(&mu);
+   
+   /* calc the M tab, which holds kG for k==8..15 */
+   /* M[0] == 8G */
+   if (err == MP_OKAY)
+       err = ecc_projective_dbl_point(tG, M[0], modulus, &mp);
+   if (err == MP_OKAY)
+       err = ecc_projective_dbl_point(M[0], M[0], modulus, &mp);
+   if (err == MP_OKAY)
+       err = ecc_projective_dbl_point(M[0], M[0], modulus, &mp);
+
+   /* now find (8+k)G for k=1..7 */
+   if (err == MP_OKAY)
+       for (j = 9; j < 16; j++) {
+           err = ecc_projective_add_point(M[j-9], tG, M[j-8], modulus, &mp);
+           if (err != MP_OKAY) break;
+       }
+
+   /* setup sliding window */
+   if (err == MP_OKAY) {
+       mode   = 0;
+       bitcnt = 1;
+       buf    = 0;
+       digidx = get_digit_count(k) - 1;
+       bitcpy = bitbuf = 0;
+       first  = 1;
+
+       /* perform ops */
+       for (;;) {
+           /* grab next digit as required */
+           if (--bitcnt == 0) {
+               if (digidx == -1) {
+                   break;
+               }
+               buf    = get_digit(k, digidx);
+               bitcnt = (int) DIGIT_BIT; 
+               --digidx;
+           }
+
+           /* grab the next msb from the ltiplicand */
+           i = (int)(buf >> (DIGIT_BIT - 1)) & 1;
+           buf <<= 1;
+
+           /* skip leading zero bits */
+           if (mode == 0 && i == 0)
+               continue;
+
+           /* if the bit is zero and mode == 1 then we double */
+           if (mode == 1 && i == 0) {
+               err = ecc_projective_dbl_point(R, R, modulus, &mp);
+               if (err != MP_OKAY) break;
+               continue;
+           }
+
+           /* else we add it to the window */
+           bitbuf |= (i << (WINSIZE - ++bitcpy));
+           mode = 2;
+
+           if (bitcpy == WINSIZE) {
+               /* if this is the first window we do a simple copy */
+               if (first == 1) {
+                   /* R = kG [k = first window] */
+                   err = mp_copy(M[bitbuf-8]->x, R->x);
+                   if (err != MP_OKAY) break;
+
+                   err = mp_copy(M[bitbuf-8]->y, R->y);
+                   if (err != MP_OKAY) break;
+
+                   err = mp_copy(M[bitbuf-8]->z, R->z);
+                   first = 0;
+               } else {
+                   /* normal window */
+                   /* ok window is filled so double as required and add  */
+                   /* double first */
+                   for (j = 0; j < WINSIZE; j++) {
+                       err = ecc_projective_dbl_point(R, R, modulus, &mp);
+                       if (err != MP_OKAY) break;
+                   }
+                   if (err != MP_OKAY) break;  /* out of first for(;;) */
+
+                   /* then add, bitbuf will be 8..15 [8..2^WINSIZE] guaranted */
+                   err = ecc_projective_add_point(R,M[bitbuf-8],R,modulus,&mp);
+               }
+               if (err != MP_OKAY) break;
+               /* empty window and reset */
+               bitcpy = bitbuf = 0;
+               mode = 1;
+           }
+       }
+   }
+
+   /* if bits remain then double/add */
+   if (err == MP_OKAY) {
+       if (mode == 2 && bitcpy > 0) {
+           /* double then add */
+           for (j = 0; j < bitcpy; j++) {
+               /* only double if we have had at least one add first */
+               if (first == 0) {
+                   err = ecc_projective_dbl_point(R, R, modulus, &mp);
+                   if (err != MP_OKAY) break;
+               }
+
+               bitbuf <<= 1;
+               if ((bitbuf & (1 << WINSIZE)) != 0) {
+                   if (first == 1) {
+                       /* first add, so copy */
+                       err = mp_copy(tG->x, R->x);
+                       if (err != MP_OKAY) break;
+
+                       err = mp_copy(tG->y, R->y);
+                       if (err != MP_OKAY) break;
+
+                       err = mp_copy(tG->z, R->z);
+                       if (err != MP_OKAY) break;
+                       first = 0;
+                   } else {
+                       /* then add */
+                       err = ecc_projective_add_point(R, tG, R, modulus, &mp);
+                       if (err != MP_OKAY) break;
+                   }
+               }
+           }
+       }
+   }
+
+   /* map R back from projective space */
+   if (err == MP_OKAY && map)
+       err = ecc_map(R, modulus, &mp);
+
+   mp_clear(&mu);
+   ecc_del_point(tG);
+   for (i = 0; i < 8; i++) {
+       ecc_del_point(M[i]);
+   }
+   return err;
+}
+
+#undef WINSIZE
+
+#else /* ECC_TIMING_RESISTANT */
+
+/**
+   Perform a point multiplication  (timing resistant)
+   k    The scalar to multiply by
+   G    The base point
+   R    [out] Destination for kG
+   modulus  The modulus of the field the ECC curve is in
+   map      Boolean whether to map back to affine or not
+            (1==map, 0 == leave in projective)
+   return MP_OKAY on success
+*/
+#ifdef FP_ECC
+static int normal_ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R,
+                             mp_int* modulus, int map)
+#else
+static int ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R, mp_int* modulus,
+                      int map)
+#endif
+{
+   ecc_point    *tG, *M[3];
+   int           i, j, err;
+   mp_int        mu;
+   mp_digit      mp;
+   mp_digit      buf;
+   int           bitcnt = 0, mode = 0, digidx = 0;
+
+   if (k == NULL || G == NULL || R == NULL || modulus == NULL)
+       return ECC_BAD_ARG_E;
+
+   /* init montgomery reduction */
+   if ((err = mp_montgomery_setup(modulus, &mp)) != MP_OKAY) {
+      return err;
+   }
+   if ((err = mp_init(&mu)) != MP_OKAY) {
+      return err;
+   }
+   if ((err = mp_montgomery_calc_normalization(&mu, modulus)) != MP_OKAY) {
+      mp_clear(&mu);
+      return err;
+   }
+
+  /* alloc ram for window temps */
+  for (i = 0; i < 3; i++) {
+      M[i] = ecc_new_point();
+      if (M[i] == NULL) {
+         for (j = 0; j < i; j++) {
+             ecc_del_point(M[j]);
+         }
+         mp_clear(&mu);
+         return MEMORY_E;
+      }
+  }
+
+   /* make a copy of G incase R==G */
+   tG = ecc_new_point();
+   if (tG == NULL)
+       err = MEMORY_E;
+
+   /* tG = G  and convert to montgomery */
+   if (err == MP_OKAY) {
+       err = mp_mulmod(G->x, &mu, modulus, tG->x);
+       if (err == MP_OKAY)
+           err = mp_mulmod(G->y, &mu, modulus, tG->y);
+       if (err == MP_OKAY)
+           err = mp_mulmod(G->z, &mu, modulus, tG->z);
+   }
+   mp_clear(&mu);
+
+   /* calc the M tab */
+   /* M[0] == G */
+   if (err == MP_OKAY)
+       err = mp_copy(tG->x, M[0]->x);
+   if (err == MP_OKAY)
+       err = mp_copy(tG->y, M[0]->y);
+   if (err == MP_OKAY)
+       err = mp_copy(tG->z, M[0]->z);
+
+   /* M[1] == 2G */
+   if (err == MP_OKAY)
+       err = ecc_projective_dbl_point(tG, M[1], modulus, &mp);
+
+   /* setup sliding window */
+   mode   = 0;
+   bitcnt = 1;
+   buf    = 0;
+   digidx = get_digit_count(k) - 1;
+
+   /* perform ops */
+   if (err == MP_OKAY) {
+       for (;;) {
+           /* grab next digit as required */
+           if (--bitcnt == 0) {
+               if (digidx == -1) {
+                   break;
+               }
+               buf = get_digit(k, digidx);
+               bitcnt = (int) DIGIT_BIT;
+               --digidx;
+           }
+
+           /* grab the next msb from the ltiplicand */
+           i = (buf >> (DIGIT_BIT - 1)) & 1;
+           buf <<= 1;
+
+           if (mode == 0 && i == 0) {
+               /* dummy operations */
+               if (err == MP_OKAY)
+                   err = ecc_projective_add_point(M[0], M[1], M[2], modulus,
+                                                  &mp);
+               if (err == MP_OKAY)
+                   err = ecc_projective_dbl_point(M[1], M[2], modulus, &mp);
+               if (err == MP_OKAY)
+                   continue;
+           }
+
+           if (mode == 0 && i == 1) {
+               mode = 1;
+               /* dummy operations */
+               if (err == MP_OKAY)
+                   err = ecc_projective_add_point(M[0], M[1], M[2], modulus,
+                                                  &mp);
+               if (err == MP_OKAY)
+                   err = ecc_projective_dbl_point(M[1], M[2], modulus, &mp);
+               if (err == MP_OKAY)
+                   continue;
+           }
+
+           if (err == MP_OKAY)
+               err = ecc_projective_add_point(M[0], M[1], M[i^1], modulus, &mp);
+           if (err == MP_OKAY)
+               err = ecc_projective_dbl_point(M[i], M[i], modulus, &mp);
+           if (err != MP_OKAY)
+               break;
+       } /* end for */
+   }
+
+   /* copy result out */
+   if (err == MP_OKAY)
+       err = mp_copy(M[0]->x, R->x);
+   if (err == MP_OKAY)
+       err = mp_copy(M[0]->y, R->y);
+   if (err == MP_OKAY)
+       err = mp_copy(M[0]->z, R->z);
+
+   /* map R back from projective space */
+   if (err == MP_OKAY && map)
+      err = ecc_map(R, modulus, &mp);
+
+   /* done */
+   mp_clear(&mu);
+   ecc_del_point(tG);
+   for (i = 0; i < 3; i++) {
+       ecc_del_point(M[i]);
+   }
+   return err;
+}
+
+#endif /* ECC_TIMING_RESISTANT */
+
+
+#ifdef ALT_ECC_SIZE
+
+static void alt_fp_init(fp_int* a)
+{
+    a->size = FP_SIZE_ECC;
+    fp_zero(a);
+}
+
+#endif /* ALT_ECC_SIZE */
+
+
+/**
+   Allocate a new ECC point
+   return A newly allocated point or NULL on error 
+*/
+ecc_point* ecc_new_point(void)
+{
+   ecc_point* p;
+
+   p = (ecc_point*)XMALLOC(sizeof(ecc_point), 0, DYNAMIC_TYPE_BIGINT);
+   if (p == NULL) {
+      return NULL;
+   }
+   XMEMSET(p, 0, sizeof(ecc_point));
+
+#ifndef USE_FAST_MATH
+   p->x->dp = NULL;
+   p->y->dp = NULL;
+   p->z->dp = NULL;
+#endif
+
+#ifndef ALT_ECC_SIZE
+   if (mp_init_multi(p->x, p->y, p->z, NULL, NULL, NULL) != MP_OKAY) {
+      XFREE(p, 0, DYNAMIC_TYPE_BIGINT);
+      return NULL;
+   }
+#else
+   p->x = (mp_int*)&p->xyz[0];
+   p->y = (mp_int*)&p->xyz[1];
+   p->z = (mp_int*)&p->xyz[2];
+   alt_fp_init(p->x);
+   alt_fp_init(p->y);
+   alt_fp_init(p->z);
+#endif
+
+   return p;
+}
+
+/** Free an ECC point from memory
+  p   The point to free
+*/
+void ecc_del_point(ecc_point* p)
+{
+   /* prevents free'ing null arguments */
+   if (p != NULL) {
+      mp_clear(p->x);
+      mp_clear(p->y);
+      mp_clear(p->z);
+      XFREE(p, 0, DYNAMIC_TYPE_BIGINT);
+   }
+}
+
+
+/** Returns whether an ECC idx is valid or not
+  n      The idx number to check
+  return 1 if valid, 0 if not
+*/  
+static int ecc_is_valid_idx(int n)
+{
+   int x;
+
+   for (x = 0; ecc_sets[x].size != 0; x++)
+       ;
+   /* -1 is a valid index --- indicating that the domain params
+      were supplied by the user */
+   if ((n >= -1) && (n < x)) {
+      return 1;
+   }
+   return 0;
+}
+
+
+/**
+  Create an ECC shared secret between two keys
+  private_key      The private ECC key
+  public_key       The public key
+  out              [out] Destination of the shared secret
+                   Conforms to EC-DH from ANSI X9.63
+  outlen           [in/out] The max size and resulting size of the shared secret
+  return           MP_OKAY if successful
+*/
+int wc_ecc_shared_secret(ecc_key* private_key, ecc_key* public_key, byte* out,
+                      word32* outlen)
+{
+   word32         x = 0;
+   ecc_point*     result;
+   mp_int         prime;
+   int            err;
+
+   if (private_key == NULL || public_key == NULL || out == NULL ||
+                                                    outlen == NULL)
+       return BAD_FUNC_ARG;
+
+   /* type valid? */
+   if (private_key->type != ECC_PRIVATEKEY) {
+      return ECC_BAD_ARG_E;
+   }
+
+   if (ecc_is_valid_idx(private_key->idx) == 0 ||
+       ecc_is_valid_idx(public_key->idx)  == 0)
+      return ECC_BAD_ARG_E;
+
+   if (XSTRNCMP(private_key->dp->name, public_key->dp->name, ECC_MAXNAME) != 0)
+      return ECC_BAD_ARG_E;
+
+   /* make new point */
+   result = ecc_new_point();
+   if (result == NULL) {
+      return MEMORY_E;
+   }
+
+   if ((err = mp_init(&prime)) != MP_OKAY) {
+      ecc_del_point(result);
+      return err;
+   }
+
+   err = mp_read_radix(&prime, (char *)private_key->dp->prime, 16);
+
+   if (err == MP_OKAY)
+       err = ecc_mulmod(&private_key->k, &public_key->pubkey, result, &prime,1);
+
+   if (err == MP_OKAY) {
+       x = mp_unsigned_bin_size(&prime);
+       if (*outlen < x)
+          err = BUFFER_E;
+   }
+
+   if (err == MP_OKAY) {
+       XMEMSET(out, 0, x);
+       err = mp_to_unsigned_bin(result->x,out + (x -
+                                              mp_unsigned_bin_size(result->x)));
+       *outlen = x;
+   }
+
+   mp_clear(&prime);
+   ecc_del_point(result);
+
+   return err;
+}
+
+
+int wc_ecc_make_key_ex(RNG* rng, ecc_key* key, const ecc_set_type* dp);
+
+/**
+  Make a new ECC key 
+  rng          An active RNG state
+  keysize      The keysize for the new key (in octets from 20 to 65 bytes)
+  key          [out] Destination of the newly created key
+  return       MP_OKAY if successful,
+                       upon error all allocated memory will be freed
+*/
+int wc_ecc_make_key(RNG* rng, int keysize, ecc_key* key)
+{
+   int x, err;
+
+   if (key == NULL || rng == NULL)
+       return ECC_BAD_ARG_E;
+
+   /* find key size */
+   for (x = 0; (keysize > ecc_sets[x].size) && (ecc_sets[x].size != 0); x++)
+       ;
+   keysize = ecc_sets[x].size;
+
+   if (keysize > ECC_MAXSIZE || ecc_sets[x].size == 0) {
+      return BAD_FUNC_ARG;
+   }
+   err = wc_ecc_make_key_ex(rng, key, &ecc_sets[x]);
+   key->idx = x;
+
+   return err;
+}
+
+int wc_ecc_make_key_ex(RNG* rng, ecc_key* key, const ecc_set_type* dp)
+{
+   int            err;
+   ecc_point*     base;
+   mp_int         prime;
+   mp_int         order;
+#ifdef WOLFSSL_SMALL_STACK
+   byte*          buf;
+#else
+   byte           buf[ECC_MAXSIZE];
+#endif
+   int            keysize;
+
+   if (key == NULL || rng == NULL || dp == NULL)
+       return ECC_BAD_ARG_E;
+
+#ifdef WOLFSSL_SMALL_STACK
+   buf = (byte*)XMALLOC(ECC_MAXSIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+   if (buf == NULL)
+       return MEMORY_E;
+#endif
+
+   key->idx = -1;
+   key->dp  = dp;
+   keysize  = dp->size;
+
+   /* allocate ram */
+   base = NULL;
+
+   /* make up random string */
+   err = wc_RNG_GenerateBlock(rng, buf, keysize);
+   if (err == 0)
+       buf[0] |= 0x0c;
+
+   /* setup the key variables */
+   if (err == 0) {
+#ifndef ALT_ECC_SIZE
+       err = mp_init_multi(key->pubkey.x, key->pubkey.y, key->pubkey.z,
+                            &key->k, &prime, &order);
+#else
+       key->pubkey.x = (mp_int*)&key->pubkey.xyz[0];
+       key->pubkey.y = (mp_int*)&key->pubkey.xyz[1];
+       key->pubkey.z = (mp_int*)&key->pubkey.xyz[2];
+       alt_fp_init(key->pubkey.x);
+       alt_fp_init(key->pubkey.y);
+       alt_fp_init(key->pubkey.z);
+       err = mp_init_multi(&key->k, &prime, &order, NULL, NULL, NULL);
+#endif
+       if (err != MP_OKAY)
+           err = MEMORY_E;
+   }
+
+   if (err == MP_OKAY) {
+       base = ecc_new_point();
+       if (base == NULL)
+           err = MEMORY_E;
+   }
+
+   /* read in the specs for this key */
+   if (err == MP_OKAY) 
+       err = mp_read_radix(&prime,   (char *)key->dp->prime, 16);
+   if (err == MP_OKAY) 
+       err = mp_read_radix(&order,   (char *)key->dp->order, 16);
+   if (err == MP_OKAY) 
+       err = mp_read_radix(base->x, (char *)key->dp->Gx, 16);
+   if (err == MP_OKAY) 
+       err = mp_read_radix(base->y, (char *)key->dp->Gy, 16);
+   
+   if (err == MP_OKAY) 
+       mp_set(base->z, 1);
+   if (err == MP_OKAY) 
+       err = mp_read_unsigned_bin(&key->k, (byte*)buf, keysize);
+
+   /* the key should be smaller than the order of base point */
+   if (err == MP_OKAY) { 
+       if (mp_cmp(&key->k, &order) != MP_LT)
+           err = mp_mod(&key->k, &order, &key->k);
+   }
+   /* make the public key */
+   if (err == MP_OKAY)
+       err = ecc_mulmod(&key->k, base, &key->pubkey, &prime, 1);
+   if (err == MP_OKAY)
+       key->type = ECC_PRIVATEKEY;
+
+   if (err != MP_OKAY) {
+       /* clean up */
+       mp_clear(key->pubkey.x);
+       mp_clear(key->pubkey.y);
+       mp_clear(key->pubkey.z);
+       mp_clear(&key->k);
+   }
+   ecc_del_point(base);
+   mp_clear(&prime);
+   mp_clear(&order);
+
+   ForceZero(buf, ECC_MAXSIZE);
+#ifdef WOLFSSL_SMALL_STACK
+   XFREE(buf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+
+   return err;
+}
+
+
+/* Setup dynamic pointers is using normal math for proper freeing */
+int wc_ecc_init(ecc_key* key)
+{
+    (void)key;
+
+#ifndef USE_FAST_MATH
+    key->pubkey.x->dp = NULL;
+    key->pubkey.y->dp = NULL;
+    key->pubkey.z->dp = NULL;
+
+    key->k.dp = NULL;
+#endif
+
+#ifdef ALT_ECC_SIZE
+    if (mp_init(&key->k) != MP_OKAY)
+        return MEMORY_E;
+
+    key->pubkey.x = (mp_int*)&key->pubkey.xyz[0];
+    key->pubkey.y = (mp_int*)&key->pubkey.xyz[1];
+    key->pubkey.z = (mp_int*)&key->pubkey.xyz[2];
+    alt_fp_init(key->pubkey.x);
+    alt_fp_init(key->pubkey.y);
+    alt_fp_init(key->pubkey.z);
+#endif
+
+    return 0;
+}
+
+
+/**
+  Sign a message digest
+  in        The message digest to sign
+  inlen     The length of the digest
+  out       [out] The destination for the signature
+  outlen    [in/out] The max size and resulting size of the signature
+  key       A private ECC key
+  return    MP_OKAY if successful
+*/
+int wc_ecc_sign_hash(const byte* in, word32 inlen, byte* out, word32 *outlen, 
+                  RNG* rng, ecc_key* key)
+{
+   mp_int        r;
+   mp_int        s;
+   mp_int        e;
+   mp_int        p;
+   int           err;
+
+   if (in == NULL || out == NULL || outlen == NULL || key == NULL || rng ==NULL)
+       return ECC_BAD_ARG_E;
+
+   /* is this a private key? */
+   if (key->type != ECC_PRIVATEKEY) {
+      return ECC_BAD_ARG_E;
+   }
+   
+   /* is the IDX valid ?  */
+   if (ecc_is_valid_idx(key->idx) != 1) {
+      return ECC_BAD_ARG_E;
+   }
+
+   /* get the hash and load it as a bignum into 'e' */
+   /* init the bignums */
+   if ((err = mp_init_multi(&r, &s, &p, &e, NULL, NULL)) != MP_OKAY) { 
+      return err;
+   }
+   err = mp_read_radix(&p, (char *)key->dp->order, 16);
+
+   if (err == MP_OKAY) {
+       /* we may need to truncate if hash is longer than key size */
+       word32 orderBits = mp_count_bits(&p);
+
+       /* truncate down to byte size, may be all that's needed */
+       if ( (WOLFSSL_BIT_SIZE * inlen) > orderBits)
+           inlen = (orderBits + WOLFSSL_BIT_SIZE - 1)/WOLFSSL_BIT_SIZE;
+       err = mp_read_unsigned_bin(&e, (byte*)in, inlen);
+
+       /* may still need bit truncation too */
+       if (err == MP_OKAY && (WOLFSSL_BIT_SIZE * inlen) > orderBits)
+           mp_rshb(&e, WOLFSSL_BIT_SIZE - (orderBits & 0x7));
+   }
+
+   /* make up a key and export the public copy */
+   if (err == MP_OKAY) {
+       ecc_key pubkey;
+       wc_ecc_init(&pubkey);
+       for (;;) {
+           err = wc_ecc_make_key_ex(rng, &pubkey, key->dp);
+           if (err != MP_OKAY) break;
+
+           /* find r = x1 mod n */
+           err = mp_mod(pubkey.pubkey.x, &p, &r);
+           if (err != MP_OKAY) break;
+
+           if (mp_iszero(&r) == MP_YES) {
+               mp_clear(pubkey.pubkey.x);
+               mp_clear(pubkey.pubkey.y);
+               mp_clear(pubkey.pubkey.z);
+               mp_clear(&pubkey.k);
+           }
+           else { 
+               /* find s = (e + xr)/k */
+               err = mp_invmod(&pubkey.k, &p, &pubkey.k);
+               if (err != MP_OKAY) break;
+
+               err = mp_mulmod(&key->k, &r, &p, &s);   /* s = xr */
+               if (err != MP_OKAY) break;
+           
+               err = mp_add(&e, &s, &s);               /* s = e +  xr */
+               if (err != MP_OKAY) break;
+
+               err = mp_mod(&s, &p, &s);               /* s = e +  xr */
+               if (err != MP_OKAY) break;
+
+               err = mp_mulmod(&s, &pubkey.k, &p, &s); /* s = (e + xr)/k */
+               if (err != MP_OKAY) break;
+
+               if (mp_iszero(&s) == MP_NO)
+                   break;
+            }
+       }
+       wc_ecc_free(&pubkey);
+   }
+
+   /* store as SEQUENCE { r, s -- integer } */
+   if (err == MP_OKAY)
+       err = StoreECC_DSA_Sig(out, outlen, &r, &s);
+
+   mp_clear(&r);
+   mp_clear(&s);
+   mp_clear(&p);
+   mp_clear(&e);
+
+   return err;
+}
+
+
+/**
+  Free an ECC key from memory
+  key   The key you wish to free
+*/
+void wc_ecc_free(ecc_key* key)
+{
+   if (key == NULL)
+       return;
+
+   mp_clear(key->pubkey.x);
+   mp_clear(key->pubkey.y);
+   mp_clear(key->pubkey.z);
+   mp_clear(&key->k);
+}
+
+
+#ifdef USE_FAST_MATH
+    #define GEN_MEM_ERR FP_MEM
+#else
+    #define GEN_MEM_ERR MP_MEM
+#endif
+
+#ifdef ECC_SHAMIR
+
+/** Computes kA*A + kB*B = C using Shamir's Trick
+  A        First point to multiply
+  kA       What to multiple A by
+  B        Second point to multiply
+  kB       What to multiple B by
+  C        [out] Destination point (can overlap with A or B)
+  modulus  Modulus for curve 
+  return MP_OKAY on success
+*/
+#ifdef FP_ECC
+static int normal_ecc_mul2add(ecc_point* A, mp_int* kA,
+                             ecc_point* B, mp_int* kB,
+                             ecc_point* C, mp_int* modulus)
+#else
+static int ecc_mul2add(ecc_point* A, mp_int* kA,
+                    ecc_point* B, mp_int* kB,
+                    ecc_point* C, mp_int* modulus)
+#endif
+{
+  ecc_point*     precomp[16];
+  unsigned       bitbufA, bitbufB, lenA, lenB, len, x, y, nA, nB, nibble;
+  unsigned char* tA;
+  unsigned char* tB;
+  int            err = MP_OKAY, first;
+  int            muInit    = 0;
+  int            tableInit = 0;
+  mp_digit mp;
+  mp_int   mu;
+ 
+  /* argchks */
+  if (A == NULL || kA == NULL || B == NULL || kB == NULL || C == NULL || 
+                   modulus == NULL)
+    return ECC_BAD_ARG_E;
+
+
+  /* allocate memory */
+  tA = (unsigned char*)XMALLOC(ECC_BUFSIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+  if (tA == NULL) {
+     return GEN_MEM_ERR;
+  }
+  tB = (unsigned char*)XMALLOC(ECC_BUFSIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+  if (tB == NULL) {
+     XFREE(tA, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+     return GEN_MEM_ERR;
+  }
+  XMEMSET(tA, 0, ECC_BUFSIZE);
+  XMEMSET(tB, 0, ECC_BUFSIZE);
+
+  /* get sizes */
+  lenA = mp_unsigned_bin_size(kA);
+  lenB = mp_unsigned_bin_size(kB);
+  len  = MAX(lenA, lenB);
+
+  /* sanity check */
+  if ((lenA > ECC_BUFSIZE) || (lenB > ECC_BUFSIZE)) {
+     err = BAD_FUNC_ARG;
+  }
+
+  if (err == MP_OKAY) {
+    /* extract and justify kA */
+    err = mp_to_unsigned_bin(kA, (len - lenA) + tA);
+
+    /* extract and justify kB */
+    if (err == MP_OKAY)
+        err = mp_to_unsigned_bin(kB, (len - lenB) + tB);
+
+    /* allocate the table */
+    if (err == MP_OKAY) {
+        for (x = 0; x < 16; x++) {
+            precomp[x] = ecc_new_point();
+            if (precomp[x] == NULL) {
+                for (y = 0; y < x; ++y) {
+                    ecc_del_point(precomp[y]);
+                }
+                err = GEN_MEM_ERR;
+                break;
+            }
+        }
+    }
+  }
+
+  if (err == MP_OKAY)
+    tableInit = 1;
+
+  if (err == MP_OKAY)
+   /* init montgomery reduction */
+   err = mp_montgomery_setup(modulus, &mp);
+
+  if (err == MP_OKAY)
+    err = mp_init(&mu);
+  if (err == MP_OKAY)
+    muInit = 1;
+
+  if (err == MP_OKAY)
+    err = mp_montgomery_calc_normalization(&mu, modulus);
+
+  if (err == MP_OKAY)
+    /* copy ones ... */
+    err = mp_mulmod(A->x, &mu, modulus, precomp[1]->x);
+
+  if (err == MP_OKAY)
+    err = mp_mulmod(A->y, &mu, modulus, precomp[1]->y);
+  if (err == MP_OKAY)
+    err = mp_mulmod(A->z, &mu, modulus, precomp[1]->z);
+
+  if (err == MP_OKAY)
+    err = mp_mulmod(B->x, &mu, modulus, precomp[1<<2]->x);
+  if (err == MP_OKAY)
+    err = mp_mulmod(B->y, &mu, modulus, precomp[1<<2]->y);
+  if (err == MP_OKAY)
+    err = mp_mulmod(B->z, &mu, modulus, precomp[1<<2]->z);
+
+  if (err == MP_OKAY)
+    /* precomp [i,0](A + B) table */
+    err = ecc_projective_dbl_point(precomp[1], precomp[2], modulus, &mp);
+
+  if (err == MP_OKAY)
+    err = ecc_projective_add_point(precomp[1], precomp[2], precomp[3],
+                                   modulus, &mp);
+  if (err == MP_OKAY)
+    /* precomp [0,i](A + B) table */
+    err = ecc_projective_dbl_point(precomp[1<<2], precomp[2<<2], modulus, &mp);
+
+  if (err == MP_OKAY)
+    err = ecc_projective_add_point(precomp[1<<2], precomp[2<<2], precomp[3<<2],
+                                   modulus, &mp);
+
+  if (err == MP_OKAY) {
+    /* precomp [i,j](A + B) table (i != 0, j != 0) */
+    for (x = 1; x < 4; x++) {
+        for (y = 1; y < 4; y++) {
+            if (err == MP_OKAY)
+                err = ecc_projective_add_point(precomp[x], precomp[(y<<2)],
+                                               precomp[x+(y<<2)], modulus, &mp);
+        }
+    } 
+  }  
+
+  if (err == MP_OKAY) {
+    nibble  = 3;
+    first   = 1;
+    bitbufA = tA[0];
+    bitbufB = tB[0];
+
+    /* for every byte of the multiplicands */
+    for (x = -1;; ) {
+        /* grab a nibble */
+        if (++nibble == 4) {
+            ++x; if (x == len) break;
+            bitbufA = tA[x];
+            bitbufB = tB[x];
+            nibble  = 0;
+        }
+
+        /* extract two bits from both, shift/update */
+        nA = (bitbufA >> 6) & 0x03;
+        nB = (bitbufB >> 6) & 0x03;
+        bitbufA = (bitbufA << 2) & 0xFF;   
+        bitbufB = (bitbufB << 2) & 0xFF;   
+
+        /* if both zero, if first, continue */
+        if ((nA == 0) && (nB == 0) && (first == 1)) {
+            continue;
+        }
+
+        /* double twice, only if this isn't the first */
+        if (first == 0) {
+            /* double twice */
+            if (err == MP_OKAY)
+                err = ecc_projective_dbl_point(C, C, modulus, &mp);
+            if (err == MP_OKAY)
+                err = ecc_projective_dbl_point(C, C, modulus, &mp);
+            else
+                break;
+        }
+
+        /* if not both zero */
+        if ((nA != 0) || (nB != 0)) {
+            if (first == 1) {
+                /* if first, copy from table */
+                first = 0;
+                if (err == MP_OKAY)
+                    err = mp_copy(precomp[nA + (nB<<2)]->x, C->x);
+
+                if (err == MP_OKAY)
+                    err = mp_copy(precomp[nA + (nB<<2)]->y, C->y);
+
+                if (err == MP_OKAY)
+                    err = mp_copy(precomp[nA + (nB<<2)]->z, C->z);
+                else
+                    break;
+            } else {
+                /* if not first, add from table */
+                if (err == MP_OKAY)
+                    err = ecc_projective_add_point(C, precomp[nA + (nB<<2)], C,
+                                                   modulus, &mp);
+                else
+                    break;
+            }
+        }
+    }
+  }
+
+  if (err == MP_OKAY)
+    /* reduce to affine */
+    err = ecc_map(C, modulus, &mp);
+
+  /* clean up */
+  if (muInit)
+    mp_clear(&mu);
+
+  if (tableInit) {
+    for (x = 0; x < 16; x++) {
+       ecc_del_point(precomp[x]);
+    }
+  }
+   ForceZero(tA, ECC_BUFSIZE);
+   ForceZero(tB, ECC_BUFSIZE);
+   XFREE(tA, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+   XFREE(tB, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+
+   return err;
+}
+
+
+#endif /* ECC_SHAMIR */
+
+
+
+/* verify 
+ *
+ * w  = s^-1 mod n
+ * u1 = xw 
+ * u2 = rw
+ * X = u1*G + u2*Q
+ * v = X_x1 mod n
+ * accept if v == r
+ */
+
+/**
+   Verify an ECC signature
+   sig         The signature to verify
+   siglen      The length of the signature (octets)
+   hash        The hash (message digest) that was signed
+   hashlen     The length of the hash (octets)
+   stat        Result of signature, 1==valid, 0==invalid
+   key         The corresponding public ECC key
+   return      MP_OKAY if successful (even if the signature is not valid)
+*/
+int wc_ecc_verify_hash(const byte* sig, word32 siglen, const byte* hash,
+                    word32 hashlen, int* stat, ecc_key* key)
+{
+   ecc_point    *mG, *mQ;
+   mp_int        r;
+   mp_int        s;
+   mp_int        v;
+   mp_int        w;
+   mp_int        u1;
+   mp_int        u2;
+   mp_int        e;
+   mp_int        p;
+   mp_int        m;
+   int           err;
+
+   if (sig == NULL || hash == NULL || stat == NULL || key == NULL)
+       return ECC_BAD_ARG_E; 
+
+   /* default to invalid signature */
+   *stat = 0;
+
+   /* is the IDX valid ?  */
+   if (ecc_is_valid_idx(key->idx) != 1) {
+      return ECC_BAD_ARG_E;
+   }
+
+   /* allocate ints */
+   if ((err = mp_init_multi(&v, &w, &u1, &u2, &p, &e)) != MP_OKAY) {
+      return MEMORY_E;
+   }
+
+   if ((err = mp_init(&m)) != MP_OKAY) {
+      mp_clear(&v);
+      mp_clear(&w);
+      mp_clear(&u1);
+      mp_clear(&u2);
+      mp_clear(&p);
+      mp_clear(&e);
+      return MEMORY_E;
+   }
+
+   /* allocate points */
+   mG = ecc_new_point();
+   mQ = ecc_new_point();
+   if (mQ  == NULL || mG == NULL)
+      err = MEMORY_E;
+
+   /* Note, DecodeECC_DSA_Sig() calls mp_init() on r and s.
+    * If either of those don't allocate correctly, none of
+    * the rest of this function will execute, and everything
+    * gets cleaned up at the end. */
+   if (err == MP_OKAY) 
+       err = DecodeECC_DSA_Sig(sig, siglen, &r, &s);
+
+   /* get the order */
+   if (err == MP_OKAY)
+       err = mp_read_radix(&p, (char *)key->dp->order, 16);
+
+   /* get the modulus */
+   if (err == MP_OKAY)
+       err = mp_read_radix(&m, (char *)key->dp->prime, 16);
+
+   /* check for zero */
+   if (err == MP_OKAY) {
+       if (mp_iszero(&r) || mp_iszero(&s) || mp_cmp(&r, &p) != MP_LT ||
+                                             mp_cmp(&s, &p) != MP_LT)
+           err = MP_ZERO_E; 
+   }
+   /* read hash */
+   if (err == MP_OKAY) {
+       /* we may need to truncate if hash is longer than key size */
+       unsigned int orderBits = mp_count_bits(&p);
+
+       /* truncate down to byte size, may be all that's needed */
+       if ( (WOLFSSL_BIT_SIZE * hashlen) > orderBits)
+           hashlen = (orderBits + WOLFSSL_BIT_SIZE - 1)/WOLFSSL_BIT_SIZE;
+       err = mp_read_unsigned_bin(&e, hash, hashlen);
+
+       /* may still need bit truncation too */
+       if (err == MP_OKAY && (WOLFSSL_BIT_SIZE * hashlen) > orderBits)
+           mp_rshb(&e, WOLFSSL_BIT_SIZE - (orderBits & 0x7));
+   }
+
+   /*  w  = s^-1 mod n */
+   if (err == MP_OKAY)
+       err = mp_invmod(&s, &p, &w);
+
+   /* u1 = ew */
+   if (err == MP_OKAY)
+       err = mp_mulmod(&e, &w, &p, &u1);
+
+   /* u2 = rw */
+   if (err == MP_OKAY)
+       err = mp_mulmod(&r, &w, &p, &u2);
+
+   /* find mG and mQ */
+   if (err == MP_OKAY)
+       err = mp_read_radix(mG->x, (char *)key->dp->Gx, 16);
+
+   if (err == MP_OKAY)
+       err = mp_read_radix(mG->y, (char *)key->dp->Gy, 16);
+   if (err == MP_OKAY)
+       mp_set(mG->z, 1);
+
+   if (err == MP_OKAY)
+       err = mp_copy(key->pubkey.x, mQ->x);
+   if (err == MP_OKAY)
+       err = mp_copy(key->pubkey.y, mQ->y);
+   if (err == MP_OKAY)
+       err = mp_copy(key->pubkey.z, mQ->z);
+
+#ifndef ECC_SHAMIR
+    {
+       mp_digit      mp;
+
+       /* compute u1*mG + u2*mQ = mG */
+       if (err == MP_OKAY)
+           err = ecc_mulmod(&u1, mG, mG, &m, 0);
+       if (err == MP_OKAY)
+           err = ecc_mulmod(&u2, mQ, mQ, &m, 0);
+  
+       /* find the montgomery mp */
+       if (err == MP_OKAY)
+           err = mp_montgomery_setup(&m, &mp);
+
+       /* add them */
+       if (err == MP_OKAY)
+           err = ecc_projective_add_point(mQ, mG, mG, &m, &mp);
+   
+       /* reduce */
+       if (err == MP_OKAY)
+           err = ecc_map(mG, &m, &mp);
+    }
+#else
+       /* use Shamir's trick to compute u1*mG + u2*mQ using half the doubles */
+       if (err == MP_OKAY)
+           err = ecc_mul2add(mG, &u1, mQ, &u2, mG, &m);
+#endif /* ECC_SHAMIR */ 
+
+   /* v = X_x1 mod n */
+   if (err == MP_OKAY)
+       err = mp_mod(mG->x, &p, &v);
+
+   /* does v == r */
+   if (err == MP_OKAY) {
+       if (mp_cmp(&v, &r) == MP_EQ)
+           *stat = 1;
+   }
+
+   ecc_del_point(mG);
+   ecc_del_point(mQ);
+
+   mp_clear(&r);
+   mp_clear(&s);
+   mp_clear(&v);
+   mp_clear(&w);
+   mp_clear(&u1);
+   mp_clear(&u2);
+   mp_clear(&p);
+   mp_clear(&e);
+   mp_clear(&m);
+
+   return err;
+}
+
+
+/* export public ECC key in ANSI X9.63 format */
+int wc_ecc_export_x963(ecc_key* key, byte* out, word32* outLen)
+{
+#ifdef WOLFSSL_SMALL_STACK
+   byte*  buf;
+#else
+   byte   buf[ECC_BUFSIZE];
+#endif
+   word32 numlen;
+   int    ret = MP_OKAY;
+
+   /* return length needed only */
+   if (key != NULL && out == NULL && outLen != NULL) {
+      numlen = key->dp->size;
+      *outLen = 1 + 2*numlen;
+      return LENGTH_ONLY_E;
+   }
+
+   if (key == NULL || out == NULL || outLen == NULL)
+      return ECC_BAD_ARG_E;
+
+   if (ecc_is_valid_idx(key->idx) == 0) {
+      return ECC_BAD_ARG_E;
+   }
+   numlen = key->dp->size;
+
+   if (*outLen < (1 + 2*numlen)) {
+      *outLen = 1 + 2*numlen;
+      return BUFFER_E;
+   }
+
+   /* store byte 0x04 */
+   out[0] = 0x04;
+
+#ifdef WOLFSSL_SMALL_STACK
+   buf = (byte*)XMALLOC(ECC_BUFSIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+   if (buf == NULL)
+      return MEMORY_E;
+#endif
+
+   do {
+      /* pad and store x */
+      XMEMSET(buf, 0, ECC_BUFSIZE);
+      ret = mp_to_unsigned_bin(key->pubkey.x,
+                         buf + (numlen - mp_unsigned_bin_size(key->pubkey.x)));
+      if (ret != MP_OKAY)
+         break;
+      XMEMCPY(out+1, buf, numlen);
+
+      /* pad and store y */
+      XMEMSET(buf, 0, ECC_BUFSIZE);
+      ret = mp_to_unsigned_bin(key->pubkey.y,
+                         buf + (numlen - mp_unsigned_bin_size(key->pubkey.y)));
+      if (ret != MP_OKAY)
+         break;
+      XMEMCPY(out+1+numlen, buf, numlen);
+
+      *outLen = 1 + 2*numlen;
+   } while (0);
+
+#ifdef WOLFSSL_SMALL_STACK
+   XFREE(buf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+
+   return ret;
+}
+
+
+/* export public ECC key in ANSI X9.63 format, extended with
+ * compression option */
+int wc_ecc_export_x963_ex(ecc_key* key, byte* out, word32* outLen, int compressed)
+{
+    if (compressed == 0)
+        return wc_ecc_export_x963(key, out, outLen);
+#ifdef HAVE_COMP_KEY
+    else
+        return wc_ecc_export_x963_compressed(key, out, outLen);
+#endif
+
+    return NOT_COMPILED_IN;
+}
+
+
+/* import public ECC key in ANSI X9.63 format */
+int wc_ecc_import_x963(const byte* in, word32 inLen, ecc_key* key)
+{
+   int x, err;
+   int compressed = 0;
+   
+   if (in == NULL || key == NULL)
+       return ECC_BAD_ARG_E;
+
+   /* must be odd */
+   if ((inLen & 1) == 0) {
+      return ECC_BAD_ARG_E;
+   }
+
+   /* init key */
+#ifdef ALT_ECC_SIZE
+   key->pubkey.x = (mp_int*)&key->pubkey.xyz[0];
+   key->pubkey.y = (mp_int*)&key->pubkey.xyz[1];
+   key->pubkey.z = (mp_int*)&key->pubkey.xyz[2];
+   alt_fp_init(key->pubkey.x);
+   alt_fp_init(key->pubkey.y);
+   alt_fp_init(key->pubkey.z);
+   err = mp_init(&key->k);
+#else
+   err = mp_init_multi(key->pubkey.x, key->pubkey.y, key->pubkey.z, &key->k,
+                     NULL, NULL);
+#endif
+   if (err != MP_OKAY)
+      return MEMORY_E;
+
+   /* check for 4, 2, or 3 */
+   if (in[0] != 0x04 && in[0] != 0x02 && in[0] != 0x03) {
+      err = ASN_PARSE_E;
+   }
+
+   if (in[0] == 0x02 || in[0] == 0x03) {
+#ifdef HAVE_COMP_KEY
+       compressed = 1;
+#else
+       err = NOT_COMPILED_IN;
+#endif
+   }
+
+   if (err == MP_OKAY) {
+      /* determine the idx */
+
+      if (compressed)
+          inLen = (inLen-1)*2 + 1;  /* used uncompressed len */
+
+      for (x = 0; ecc_sets[x].size != 0; x++) {
+         if ((unsigned)ecc_sets[x].size >= ((inLen-1)>>1)) {
+            break;
+         }
+      }
+      if (ecc_sets[x].size == 0) {
+         err = ASN_PARSE_E;
+      } else {
+          /* set the idx */
+          key->idx  = x;
+          key->dp = &ecc_sets[x];
+          key->type = ECC_PUBLICKEY;
+      }
+   }
+
+   /* read data */
+   if (err == MP_OKAY)
+       err = mp_read_unsigned_bin(key->pubkey.x, (byte*)in+1, (inLen-1)>>1);
+
+#ifdef HAVE_COMP_KEY
+   if (err == MP_OKAY && compressed == 1) {   /* build y */
+        mp_int t1, t2, prime, a, b;
+
+        if (mp_init_multi(&t1, &t2, &prime, &a, &b, NULL) != MP_OKAY)
+            err = MEMORY_E;
+
+        /* load prime */
+        if (err == MP_OKAY)
+            err = mp_read_radix(&prime, (char *)key->dp->prime, 16);
+
+        /* load a */
+        if (err == MP_OKAY)
+            err = mp_read_radix(&a, (char *)key->dp->Af, 16);
+
+        /* load b */
+        if (err == MP_OKAY)
+            err = mp_read_radix(&b, (char *)key->dp->Bf, 16);
+
+        /* compute x^3 */
+        if (err == MP_OKAY)
+            err = mp_sqr(key->pubkey.x, &t1);
+
+        if (err == MP_OKAY)
+            err = mp_mulmod(&t1, key->pubkey.x, &prime, &t1);
+
+        /* compute x^3 + a*x */
+        if (err == MP_OKAY)
+            err = mp_mulmod(&a, key->pubkey.x, &prime, &t2);
+
+        if (err == MP_OKAY)
+            err = mp_add(&t1, &t2, &t1);
+
+        /* compute x^3 + a*x + b */
+        if (err == MP_OKAY)
+            err = mp_add(&t1, &b, &t1);
+
+        /* compute sqrt(x^3 + a*x + b) */
+        if (err == MP_OKAY)
+            err = mp_sqrtmod_prime(&t1, &prime, &t2);
+
+        /* adjust y */
+        if (err == MP_OKAY) {
+            if ((mp_isodd(&t2) && in[0] == 0x03) ||
+               (!mp_isodd(&t2) && in[0] == 0x02)) {
+                err = mp_mod(&t2, &prime, key->pubkey.y);
+            }
+            else {
+                err = mp_submod(&prime, &t2, &prime, key->pubkey.y);
+            }
+        }
+
+        mp_clear(&a);
+        mp_clear(&b);
+        mp_clear(&prime);
+        mp_clear(&t2);
+        mp_clear(&t1);
+   }
+#endif
+
+   if (err == MP_OKAY && compressed == 0)
+       err = mp_read_unsigned_bin(key->pubkey.y, (byte*)in+1+((inLen-1)>>1),
+                                  (inLen-1)>>1);
+   if (err == MP_OKAY)
+       mp_set(key->pubkey.z, 1);
+
+   if (err != MP_OKAY) {
+       mp_clear(key->pubkey.x);
+       mp_clear(key->pubkey.y);
+       mp_clear(key->pubkey.z);
+       mp_clear(&key->k);
+   }
+
+   return err;
+}
+
+
+/* export ecc private key only raw, outLen is in/out size 
+   return MP_OKAY on success */
+int wc_ecc_export_private_only(ecc_key* key, byte* out, word32* outLen)
+{
+   word32 numlen;
+
+   if (key == NULL || out == NULL || outLen == NULL)
+       return ECC_BAD_ARG_E;
+
+   if (ecc_is_valid_idx(key->idx) == 0) {
+      return ECC_BAD_ARG_E;
+   }
+   numlen = key->dp->size;
+
+   if (*outLen < numlen) {
+      *outLen = numlen;
+      return BUFFER_E;
+   }
+   *outLen = numlen; 
+   XMEMSET(out, 0, *outLen);
+   return mp_to_unsigned_bin(&key->k, out + (numlen -
+                                             mp_unsigned_bin_size(&key->k)));
+}
+
+
+/* ecc private key import, public key in ANSI X9.63 format, private raw */
+int wc_ecc_import_private_key(const byte* priv, word32 privSz, const byte* pub,
+                           word32 pubSz, ecc_key* key)
+{
+    int ret = wc_ecc_import_x963(pub, pubSz, key);
+    if (ret != 0)
+        return ret;
+
+    key->type = ECC_PRIVATEKEY;
+
+    return mp_read_unsigned_bin(&key->k, priv, privSz);
+}
+
+/**
+   Convert ECC R,S to signature
+   r       R component of signature
+   s       S component of signature
+   out     DER-encoded ECDSA signature
+   outlen  [in/out] output buffer size, output signature size
+   return  MP_OKAY on success
+*/
+int wc_ecc_rs_to_sig(const char* r, const char* s, byte* out, word32* outlen)
+{
+    int err;
+    mp_int rtmp;
+    mp_int stmp;
+
+    if (r == NULL || s == NULL || out == NULL || outlen == NULL)
+        return ECC_BAD_ARG_E;
+
+    err = mp_init_multi(&rtmp, &stmp, NULL, NULL, NULL, NULL);
+    if (err != MP_OKAY)
+        return err;
+
+    err = mp_read_radix(&rtmp, r, 16);
+    if (err == MP_OKAY)
+        err = mp_read_radix(&stmp, s, 16);
+
+    /* convert mp_ints to ECDSA sig, initializes rtmp and stmp internally */
+    if (err == MP_OKAY)
+        err = StoreECC_DSA_Sig(out, outlen, &rtmp, &stmp);
+
+    if (err == MP_OKAY) {
+        if (mp_iszero(&rtmp) || mp_iszero(&stmp))
+            err = MP_ZERO_E;
+    }
+
+    mp_clear(&rtmp);
+    mp_clear(&stmp);
+
+    return err;
+}
+
+/**
+   Import raw ECC key
+   key       The destination ecc_key structure
+   qx        x component of base point, as ASCII hex string
+   qy        y component of base point, as ASCII hex string
+   d         private key, as ASCII hex string
+   curveName ECC curve name, from ecc_sets[]
+   return    MP_OKAY on success
+*/
+int wc_ecc_import_raw(ecc_key* key, const char* qx, const char* qy,
+                   const char* d, const char* curveName)
+{
+    int err, x;
+
+    if (key == NULL || qx == NULL || qy == NULL || d == NULL ||
+        curveName == NULL)
+        return ECC_BAD_ARG_E;
+
+    /* init key */
+#ifdef ALT_ECC_SIZE
+    key->pubkey.x = (mp_int*)&key->pubkey.xyz[0];
+    key->pubkey.y = (mp_int*)&key->pubkey.xyz[1];
+    key->pubkey.z = (mp_int*)&key->pubkey.xyz[2];
+    alt_fp_init(key->pubkey.x);
+    alt_fp_init(key->pubkey.y);
+    alt_fp_init(key->pubkey.z);
+    err = mp_init(&key->k);
+#else
+    err = mp_init_multi(key->pubkey.x, key->pubkey.y, key->pubkey.z, &key->k,
+                      NULL, NULL);
+#endif
+    if (err != MP_OKAY)
+        return MEMORY_E;
+
+    /* read Qx */
+    if (err == MP_OKAY)
+        err = mp_read_radix(key->pubkey.x, qx, 16);
+
+    /* read Qy */
+    if (err == MP_OKAY)
+        err = mp_read_radix(key->pubkey.y, qy, 16);
+
+    if (err == MP_OKAY)
+        mp_set(key->pubkey.z, 1);
+
+    /* read and set the curve */
+    if (err == MP_OKAY) {
+        for (x = 0; ecc_sets[x].size != 0; x++) {
+            if (XSTRNCMP(ecc_sets[x].name, curveName,
+                         XSTRLEN(curveName)) == 0) {
+                break;
+            }
+        }
+        if (ecc_sets[x].size == 0) {
+            err = ASN_PARSE_E;
+        } else {
+            /* set the curve */
+            key->idx = x;
+            key->dp = &ecc_sets[x];
+            key->type = ECC_PUBLICKEY;
+        }
+    }
+
+    /* import private key */
+    if (err == MP_OKAY) {
+        key->type = ECC_PRIVATEKEY;
+        err = mp_read_radix(&key->k, d, 16);
+    }
+
+    if (err != MP_OKAY) {
+        mp_clear(key->pubkey.x);
+        mp_clear(key->pubkey.y);
+        mp_clear(key->pubkey.z);
+        mp_clear(&key->k);
+    }
+
+    return err;
+}
+
+
+/* key size in octets */
+int wc_ecc_size(ecc_key* key)
+{
+    if (key == NULL) return 0;
+
+    return key->dp->size;
+}
+
+
+/* worst case estimate, check actual return from wc_ecc_sign_hash for actual value
+   of signature size in octets */
+int wc_ecc_sig_size(ecc_key* key)
+{
+    int sz = wc_ecc_size(key);
+    if (sz < 0)
+        return sz;
+
+    return sz * 2 + SIG_HEADER_SZ + 4;  /* (4) worst case estimate */
+}
+
+
+#ifdef FP_ECC
+
+/* fixed point ECC cache */
+/* number of entries in the cache */
+#ifndef FP_ENTRIES
+    #define FP_ENTRIES 16
+#endif
+
+/* number of bits in LUT */
+#ifndef FP_LUT
+    #define FP_LUT     8U
+#endif
+
+#ifdef ECC_SHAMIR
+    /* Sharmir requires a bigger LUT, TAO */
+    #if (FP_LUT > 12) || (FP_LUT < 4)
+        #error FP_LUT must be between 4 and 12 inclusively
+    #endif
+#else
+    #if (FP_LUT > 12) || (FP_LUT < 2)
+        #error FP_LUT must be between 2 and 12 inclusively
+    #endif
+#endif
+
+
+/** Our FP cache */
+typedef struct {
+   ecc_point* g;               /* cached COPY of base point */
+   ecc_point* LUT[1U< 6
+   { 1, 0, 0 }, { 2, 1, 64 }, { 2, 2, 64 }, { 3, 3, 64 }, { 2, 4, 64 }, { 3, 5, 64 }, { 3, 6, 64 }, { 4, 7, 64 }, 
+   { 2, 8, 64 }, { 3, 9, 64 }, { 3, 10, 64 }, { 4, 11, 64 }, { 3, 12, 64 }, { 4, 13, 64 }, { 4, 14, 64 }, { 5, 15, 64 }, 
+   { 2, 16, 64 }, { 3, 17, 64 }, { 3, 18, 64 }, { 4, 19, 64 }, { 3, 20, 64 }, { 4, 21, 64 }, { 4, 22, 64 }, { 5, 23, 64 }, 
+   { 3, 24, 64 }, { 4, 25, 64 }, { 4, 26, 64 }, { 5, 27, 64 }, { 4, 28, 64 }, { 5, 29, 64 }, { 5, 30, 64 }, { 6, 31, 64 }, 
+   { 2, 32, 64 }, { 3, 33, 64 }, { 3, 34, 64 }, { 4, 35, 64 }, { 3, 36, 64 }, { 4, 37, 64 }, { 4, 38, 64 }, { 5, 39, 64 }, 
+   { 3, 40, 64 }, { 4, 41, 64 }, { 4, 42, 64 }, { 5, 43, 64 }, { 4, 44, 64 }, { 5, 45, 64 }, { 5, 46, 64 }, { 6, 47, 64 }, 
+   { 3, 48, 64 }, { 4, 49, 64 }, { 4, 50, 64 }, { 5, 51, 64 }, { 4, 52, 64 }, { 5, 53, 64 }, { 5, 54, 64 }, { 6, 55, 64 }, 
+   { 4, 56, 64 }, { 5, 57, 64 }, { 5, 58, 64 }, { 6, 59, 64 }, { 5, 60, 64 }, { 6, 61, 64 }, { 6, 62, 64 }, { 7, 63, 64 }, 
+#if FP_LUT > 7
+   { 1, 0, 0 }, { 2, 1, 128 }, { 2, 2, 128 }, { 3, 3, 128 }, { 2, 4, 128 }, { 3, 5, 128 }, { 3, 6, 128 }, { 4, 7, 128 }, 
+   { 2, 8, 128 }, { 3, 9, 128 }, { 3, 10, 128 }, { 4, 11, 128 }, { 3, 12, 128 }, { 4, 13, 128 }, { 4, 14, 128 }, { 5, 15, 128 }, 
+   { 2, 16, 128 }, { 3, 17, 128 }, { 3, 18, 128 }, { 4, 19, 128 }, { 3, 20, 128 }, { 4, 21, 128 }, { 4, 22, 128 }, { 5, 23, 128 }, 
+   { 3, 24, 128 }, { 4, 25, 128 }, { 4, 26, 128 }, { 5, 27, 128 }, { 4, 28, 128 }, { 5, 29, 128 }, { 5, 30, 128 }, { 6, 31, 128 }, 
+   { 2, 32, 128 }, { 3, 33, 128 }, { 3, 34, 128 }, { 4, 35, 128 }, { 3, 36, 128 }, { 4, 37, 128 }, { 4, 38, 128 }, { 5, 39, 128 }, 
+   { 3, 40, 128 }, { 4, 41, 128 }, { 4, 42, 128 }, { 5, 43, 128 }, { 4, 44, 128 }, { 5, 45, 128 }, { 5, 46, 128 }, { 6, 47, 128 }, 
+   { 3, 48, 128 }, { 4, 49, 128 }, { 4, 50, 128 }, { 5, 51, 128 }, { 4, 52, 128 }, { 5, 53, 128 }, { 5, 54, 128 }, { 6, 55, 128 }, 
+   { 4, 56, 128 }, { 5, 57, 128 }, { 5, 58, 128 }, { 6, 59, 128 }, { 5, 60, 128 }, { 6, 61, 128 }, { 6, 62, 128 }, { 7, 63, 128 }, 
+   { 2, 64, 128 }, { 3, 65, 128 }, { 3, 66, 128 }, { 4, 67, 128 }, { 3, 68, 128 }, { 4, 69, 128 }, { 4, 70, 128 }, { 5, 71, 128 }, 
+   { 3, 72, 128 }, { 4, 73, 128 }, { 4, 74, 128 }, { 5, 75, 128 }, { 4, 76, 128 }, { 5, 77, 128 }, { 5, 78, 128 }, { 6, 79, 128 }, 
+   { 3, 80, 128 }, { 4, 81, 128 }, { 4, 82, 128 }, { 5, 83, 128 }, { 4, 84, 128 }, { 5, 85, 128 }, { 5, 86, 128 }, { 6, 87, 128 }, 
+   { 4, 88, 128 }, { 5, 89, 128 }, { 5, 90, 128 }, { 6, 91, 128 }, { 5, 92, 128 }, { 6, 93, 128 }, { 6, 94, 128 }, { 7, 95, 128 }, 
+   { 3, 96, 128 }, { 4, 97, 128 }, { 4, 98, 128 }, { 5, 99, 128 }, { 4, 100, 128 }, { 5, 101, 128 }, { 5, 102, 128 }, { 6, 103, 128 }, 
+   { 4, 104, 128 }, { 5, 105, 128 }, { 5, 106, 128 }, { 6, 107, 128 }, { 5, 108, 128 }, { 6, 109, 128 }, { 6, 110, 128 }, { 7, 111, 128 }, 
+   { 4, 112, 128 }, { 5, 113, 128 }, { 5, 114, 128 }, { 6, 115, 128 }, { 5, 116, 128 }, { 6, 117, 128 }, { 6, 118, 128 }, { 7, 119, 128 }, 
+   { 5, 120, 128 }, { 6, 121, 128 }, { 6, 122, 128 }, { 7, 123, 128 }, { 6, 124, 128 }, { 7, 125, 128 }, { 7, 126, 128 }, { 8, 127, 128 }, 
+#if FP_LUT > 8
+   { 1, 0, 0 }, { 2, 1, 256 }, { 2, 2, 256 }, { 3, 3, 256 }, { 2, 4, 256 }, { 3, 5, 256 }, { 3, 6, 256 }, { 4, 7, 256 }, 
+   { 2, 8, 256 }, { 3, 9, 256 }, { 3, 10, 256 }, { 4, 11, 256 }, { 3, 12, 256 }, { 4, 13, 256 }, { 4, 14, 256 }, { 5, 15, 256 }, 
+   { 2, 16, 256 }, { 3, 17, 256 }, { 3, 18, 256 }, { 4, 19, 256 }, { 3, 20, 256 }, { 4, 21, 256 }, { 4, 22, 256 }, { 5, 23, 256 }, 
+   { 3, 24, 256 }, { 4, 25, 256 }, { 4, 26, 256 }, { 5, 27, 256 }, { 4, 28, 256 }, { 5, 29, 256 }, { 5, 30, 256 }, { 6, 31, 256 }, 
+   { 2, 32, 256 }, { 3, 33, 256 }, { 3, 34, 256 }, { 4, 35, 256 }, { 3, 36, 256 }, { 4, 37, 256 }, { 4, 38, 256 }, { 5, 39, 256 }, 
+   { 3, 40, 256 }, { 4, 41, 256 }, { 4, 42, 256 }, { 5, 43, 256 }, { 4, 44, 256 }, { 5, 45, 256 }, { 5, 46, 256 }, { 6, 47, 256 }, 
+   { 3, 48, 256 }, { 4, 49, 256 }, { 4, 50, 256 }, { 5, 51, 256 }, { 4, 52, 256 }, { 5, 53, 256 }, { 5, 54, 256 }, { 6, 55, 256 }, 
+   { 4, 56, 256 }, { 5, 57, 256 }, { 5, 58, 256 }, { 6, 59, 256 }, { 5, 60, 256 }, { 6, 61, 256 }, { 6, 62, 256 }, { 7, 63, 256 }, 
+   { 2, 64, 256 }, { 3, 65, 256 }, { 3, 66, 256 }, { 4, 67, 256 }, { 3, 68, 256 }, { 4, 69, 256 }, { 4, 70, 256 }, { 5, 71, 256 }, 
+   { 3, 72, 256 }, { 4, 73, 256 }, { 4, 74, 256 }, { 5, 75, 256 }, { 4, 76, 256 }, { 5, 77, 256 }, { 5, 78, 256 }, { 6, 79, 256 }, 
+   { 3, 80, 256 }, { 4, 81, 256 }, { 4, 82, 256 }, { 5, 83, 256 }, { 4, 84, 256 }, { 5, 85, 256 }, { 5, 86, 256 }, { 6, 87, 256 }, 
+   { 4, 88, 256 }, { 5, 89, 256 }, { 5, 90, 256 }, { 6, 91, 256 }, { 5, 92, 256 }, { 6, 93, 256 }, { 6, 94, 256 }, { 7, 95, 256 }, 
+   { 3, 96, 256 }, { 4, 97, 256 }, { 4, 98, 256 }, { 5, 99, 256 }, { 4, 100, 256 }, { 5, 101, 256 }, { 5, 102, 256 }, { 6, 103, 256 }, 
+   { 4, 104, 256 }, { 5, 105, 256 }, { 5, 106, 256 }, { 6, 107, 256 }, { 5, 108, 256 }, { 6, 109, 256 }, { 6, 110, 256 }, { 7, 111, 256 }, 
+   { 4, 112, 256 }, { 5, 113, 256 }, { 5, 114, 256 }, { 6, 115, 256 }, { 5, 116, 256 }, { 6, 117, 256 }, { 6, 118, 256 }, { 7, 119, 256 }, 
+   { 5, 120, 256 }, { 6, 121, 256 }, { 6, 122, 256 }, { 7, 123, 256 }, { 6, 124, 256 }, { 7, 125, 256 }, { 7, 126, 256 }, { 8, 127, 256 }, 
+   { 2, 128, 256 }, { 3, 129, 256 }, { 3, 130, 256 }, { 4, 131, 256 }, { 3, 132, 256 }, { 4, 133, 256 }, { 4, 134, 256 }, { 5, 135, 256 }, 
+   { 3, 136, 256 }, { 4, 137, 256 }, { 4, 138, 256 }, { 5, 139, 256 }, { 4, 140, 256 }, { 5, 141, 256 }, { 5, 142, 256 }, { 6, 143, 256 }, 
+   { 3, 144, 256 }, { 4, 145, 256 }, { 4, 146, 256 }, { 5, 147, 256 }, { 4, 148, 256 }, { 5, 149, 256 }, { 5, 150, 256 }, { 6, 151, 256 }, 
+   { 4, 152, 256 }, { 5, 153, 256 }, { 5, 154, 256 }, { 6, 155, 256 }, { 5, 156, 256 }, { 6, 157, 256 }, { 6, 158, 256 }, { 7, 159, 256 }, 
+   { 3, 160, 256 }, { 4, 161, 256 }, { 4, 162, 256 }, { 5, 163, 256 }, { 4, 164, 256 }, { 5, 165, 256 }, { 5, 166, 256 }, { 6, 167, 256 }, 
+   { 4, 168, 256 }, { 5, 169, 256 }, { 5, 170, 256 }, { 6, 171, 256 }, { 5, 172, 256 }, { 6, 173, 256 }, { 6, 174, 256 }, { 7, 175, 256 }, 
+   { 4, 176, 256 }, { 5, 177, 256 }, { 5, 178, 256 }, { 6, 179, 256 }, { 5, 180, 256 }, { 6, 181, 256 }, { 6, 182, 256 }, { 7, 183, 256 }, 
+   { 5, 184, 256 }, { 6, 185, 256 }, { 6, 186, 256 }, { 7, 187, 256 }, { 6, 188, 256 }, { 7, 189, 256 }, { 7, 190, 256 }, { 8, 191, 256 }, 
+   { 3, 192, 256 }, { 4, 193, 256 }, { 4, 194, 256 }, { 5, 195, 256 }, { 4, 196, 256 }, { 5, 197, 256 }, { 5, 198, 256 }, { 6, 199, 256 }, 
+   { 4, 200, 256 }, { 5, 201, 256 }, { 5, 202, 256 }, { 6, 203, 256 }, { 5, 204, 256 }, { 6, 205, 256 }, { 6, 206, 256 }, { 7, 207, 256 }, 
+   { 4, 208, 256 }, { 5, 209, 256 }, { 5, 210, 256 }, { 6, 211, 256 }, { 5, 212, 256 }, { 6, 213, 256 }, { 6, 214, 256 }, { 7, 215, 256 }, 
+   { 5, 216, 256 }, { 6, 217, 256 }, { 6, 218, 256 }, { 7, 219, 256 }, { 6, 220, 256 }, { 7, 221, 256 }, { 7, 222, 256 }, { 8, 223, 256 }, 
+   { 4, 224, 256 }, { 5, 225, 256 }, { 5, 226, 256 }, { 6, 227, 256 }, { 5, 228, 256 }, { 6, 229, 256 }, { 6, 230, 256 }, { 7, 231, 256 }, 
+   { 5, 232, 256 }, { 6, 233, 256 }, { 6, 234, 256 }, { 7, 235, 256 }, { 6, 236, 256 }, { 7, 237, 256 }, { 7, 238, 256 }, { 8, 239, 256 }, 
+   { 5, 240, 256 }, { 6, 241, 256 }, { 6, 242, 256 }, { 7, 243, 256 }, { 6, 244, 256 }, { 7, 245, 256 }, { 7, 246, 256 }, { 8, 247, 256 }, 
+   { 6, 248, 256 }, { 7, 249, 256 }, { 7, 250, 256 }, { 8, 251, 256 }, { 7, 252, 256 }, { 8, 253, 256 }, { 8, 254, 256 }, { 9, 255, 256 }, 
+#if FP_LUT > 9
+   { 1, 0, 0 }, { 2, 1, 512 }, { 2, 2, 512 }, { 3, 3, 512 }, { 2, 4, 512 }, { 3, 5, 512 }, { 3, 6, 512 }, { 4, 7, 512 }, 
+   { 2, 8, 512 }, { 3, 9, 512 }, { 3, 10, 512 }, { 4, 11, 512 }, { 3, 12, 512 }, { 4, 13, 512 }, { 4, 14, 512 }, { 5, 15, 512 }, 
+   { 2, 16, 512 }, { 3, 17, 512 }, { 3, 18, 512 }, { 4, 19, 512 }, { 3, 20, 512 }, { 4, 21, 512 }, { 4, 22, 512 }, { 5, 23, 512 }, 
+   { 3, 24, 512 }, { 4, 25, 512 }, { 4, 26, 512 }, { 5, 27, 512 }, { 4, 28, 512 }, { 5, 29, 512 }, { 5, 30, 512 }, { 6, 31, 512 }, 
+   { 2, 32, 512 }, { 3, 33, 512 }, { 3, 34, 512 }, { 4, 35, 512 }, { 3, 36, 512 }, { 4, 37, 512 }, { 4, 38, 512 }, { 5, 39, 512 }, 
+   { 3, 40, 512 }, { 4, 41, 512 }, { 4, 42, 512 }, { 5, 43, 512 }, { 4, 44, 512 }, { 5, 45, 512 }, { 5, 46, 512 }, { 6, 47, 512 }, 
+   { 3, 48, 512 }, { 4, 49, 512 }, { 4, 50, 512 }, { 5, 51, 512 }, { 4, 52, 512 }, { 5, 53, 512 }, { 5, 54, 512 }, { 6, 55, 512 }, 
+   { 4, 56, 512 }, { 5, 57, 512 }, { 5, 58, 512 }, { 6, 59, 512 }, { 5, 60, 512 }, { 6, 61, 512 }, { 6, 62, 512 }, { 7, 63, 512 }, 
+   { 2, 64, 512 }, { 3, 65, 512 }, { 3, 66, 512 }, { 4, 67, 512 }, { 3, 68, 512 }, { 4, 69, 512 }, { 4, 70, 512 }, { 5, 71, 512 }, 
+   { 3, 72, 512 }, { 4, 73, 512 }, { 4, 74, 512 }, { 5, 75, 512 }, { 4, 76, 512 }, { 5, 77, 512 }, { 5, 78, 512 }, { 6, 79, 512 }, 
+   { 3, 80, 512 }, { 4, 81, 512 }, { 4, 82, 512 }, { 5, 83, 512 }, { 4, 84, 512 }, { 5, 85, 512 }, { 5, 86, 512 }, { 6, 87, 512 }, 
+   { 4, 88, 512 }, { 5, 89, 512 }, { 5, 90, 512 }, { 6, 91, 512 }, { 5, 92, 512 }, { 6, 93, 512 }, { 6, 94, 512 }, { 7, 95, 512 }, 
+   { 3, 96, 512 }, { 4, 97, 512 }, { 4, 98, 512 }, { 5, 99, 512 }, { 4, 100, 512 }, { 5, 101, 512 }, { 5, 102, 512 }, { 6, 103, 512 }, 
+   { 4, 104, 512 }, { 5, 105, 512 }, { 5, 106, 512 }, { 6, 107, 512 }, { 5, 108, 512 }, { 6, 109, 512 }, { 6, 110, 512 }, { 7, 111, 512 }, 
+   { 4, 112, 512 }, { 5, 113, 512 }, { 5, 114, 512 }, { 6, 115, 512 }, { 5, 116, 512 }, { 6, 117, 512 }, { 6, 118, 512 }, { 7, 119, 512 }, 
+   { 5, 120, 512 }, { 6, 121, 512 }, { 6, 122, 512 }, { 7, 123, 512 }, { 6, 124, 512 }, { 7, 125, 512 }, { 7, 126, 512 }, { 8, 127, 512 }, 
+   { 2, 128, 512 }, { 3, 129, 512 }, { 3, 130, 512 }, { 4, 131, 512 }, { 3, 132, 512 }, { 4, 133, 512 }, { 4, 134, 512 }, { 5, 135, 512 }, 
+   { 3, 136, 512 }, { 4, 137, 512 }, { 4, 138, 512 }, { 5, 139, 512 }, { 4, 140, 512 }, { 5, 141, 512 }, { 5, 142, 512 }, { 6, 143, 512 }, 
+   { 3, 144, 512 }, { 4, 145, 512 }, { 4, 146, 512 }, { 5, 147, 512 }, { 4, 148, 512 }, { 5, 149, 512 }, { 5, 150, 512 }, { 6, 151, 512 }, 
+   { 4, 152, 512 }, { 5, 153, 512 }, { 5, 154, 512 }, { 6, 155, 512 }, { 5, 156, 512 }, { 6, 157, 512 }, { 6, 158, 512 }, { 7, 159, 512 }, 
+   { 3, 160, 512 }, { 4, 161, 512 }, { 4, 162, 512 }, { 5, 163, 512 }, { 4, 164, 512 }, { 5, 165, 512 }, { 5, 166, 512 }, { 6, 167, 512 }, 
+   { 4, 168, 512 }, { 5, 169, 512 }, { 5, 170, 512 }, { 6, 171, 512 }, { 5, 172, 512 }, { 6, 173, 512 }, { 6, 174, 512 }, { 7, 175, 512 }, 
+   { 4, 176, 512 }, { 5, 177, 512 }, { 5, 178, 512 }, { 6, 179, 512 }, { 5, 180, 512 }, { 6, 181, 512 }, { 6, 182, 512 }, { 7, 183, 512 }, 
+   { 5, 184, 512 }, { 6, 185, 512 }, { 6, 186, 512 }, { 7, 187, 512 }, { 6, 188, 512 }, { 7, 189, 512 }, { 7, 190, 512 }, { 8, 191, 512 }, 
+   { 3, 192, 512 }, { 4, 193, 512 }, { 4, 194, 512 }, { 5, 195, 512 }, { 4, 196, 512 }, { 5, 197, 512 }, { 5, 198, 512 }, { 6, 199, 512 }, 
+   { 4, 200, 512 }, { 5, 201, 512 }, { 5, 202, 512 }, { 6, 203, 512 }, { 5, 204, 512 }, { 6, 205, 512 }, { 6, 206, 512 }, { 7, 207, 512 }, 
+   { 4, 208, 512 }, { 5, 209, 512 }, { 5, 210, 512 }, { 6, 211, 512 }, { 5, 212, 512 }, { 6, 213, 512 }, { 6, 214, 512 }, { 7, 215, 512 }, 
+   { 5, 216, 512 }, { 6, 217, 512 }, { 6, 218, 512 }, { 7, 219, 512 }, { 6, 220, 512 }, { 7, 221, 512 }, { 7, 222, 512 }, { 8, 223, 512 }, 
+   { 4, 224, 512 }, { 5, 225, 512 }, { 5, 226, 512 }, { 6, 227, 512 }, { 5, 228, 512 }, { 6, 229, 512 }, { 6, 230, 512 }, { 7, 231, 512 }, 
+   { 5, 232, 512 }, { 6, 233, 512 }, { 6, 234, 512 }, { 7, 235, 512 }, { 6, 236, 512 }, { 7, 237, 512 }, { 7, 238, 512 }, { 8, 239, 512 }, 
+   { 5, 240, 512 }, { 6, 241, 512 }, { 6, 242, 512 }, { 7, 243, 512 }, { 6, 244, 512 }, { 7, 245, 512 }, { 7, 246, 512 }, { 8, 247, 512 }, 
+   { 6, 248, 512 }, { 7, 249, 512 }, { 7, 250, 512 }, { 8, 251, 512 }, { 7, 252, 512 }, { 8, 253, 512 }, { 8, 254, 512 }, { 9, 255, 512 }, 
+   { 2, 256, 512 }, { 3, 257, 512 }, { 3, 258, 512 }, { 4, 259, 512 }, { 3, 260, 512 }, { 4, 261, 512 }, { 4, 262, 512 }, { 5, 263, 512 }, 
+   { 3, 264, 512 }, { 4, 265, 512 }, { 4, 266, 512 }, { 5, 267, 512 }, { 4, 268, 512 }, { 5, 269, 512 }, { 5, 270, 512 }, { 6, 271, 512 }, 
+   { 3, 272, 512 }, { 4, 273, 512 }, { 4, 274, 512 }, { 5, 275, 512 }, { 4, 276, 512 }, { 5, 277, 512 }, { 5, 278, 512 }, { 6, 279, 512 }, 
+   { 4, 280, 512 }, { 5, 281, 512 }, { 5, 282, 512 }, { 6, 283, 512 }, { 5, 284, 512 }, { 6, 285, 512 }, { 6, 286, 512 }, { 7, 287, 512 }, 
+   { 3, 288, 512 }, { 4, 289, 512 }, { 4, 290, 512 }, { 5, 291, 512 }, { 4, 292, 512 }, { 5, 293, 512 }, { 5, 294, 512 }, { 6, 295, 512 }, 
+   { 4, 296, 512 }, { 5, 297, 512 }, { 5, 298, 512 }, { 6, 299, 512 }, { 5, 300, 512 }, { 6, 301, 512 }, { 6, 302, 512 }, { 7, 303, 512 }, 
+   { 4, 304, 512 }, { 5, 305, 512 }, { 5, 306, 512 }, { 6, 307, 512 }, { 5, 308, 512 }, { 6, 309, 512 }, { 6, 310, 512 }, { 7, 311, 512 }, 
+   { 5, 312, 512 }, { 6, 313, 512 }, { 6, 314, 512 }, { 7, 315, 512 }, { 6, 316, 512 }, { 7, 317, 512 }, { 7, 318, 512 }, { 8, 319, 512 }, 
+   { 3, 320, 512 }, { 4, 321, 512 }, { 4, 322, 512 }, { 5, 323, 512 }, { 4, 324, 512 }, { 5, 325, 512 }, { 5, 326, 512 }, { 6, 327, 512 }, 
+   { 4, 328, 512 }, { 5, 329, 512 }, { 5, 330, 512 }, { 6, 331, 512 }, { 5, 332, 512 }, { 6, 333, 512 }, { 6, 334, 512 }, { 7, 335, 512 }, 
+   { 4, 336, 512 }, { 5, 337, 512 }, { 5, 338, 512 }, { 6, 339, 512 }, { 5, 340, 512 }, { 6, 341, 512 }, { 6, 342, 512 }, { 7, 343, 512 }, 
+   { 5, 344, 512 }, { 6, 345, 512 }, { 6, 346, 512 }, { 7, 347, 512 }, { 6, 348, 512 }, { 7, 349, 512 }, { 7, 350, 512 }, { 8, 351, 512 }, 
+   { 4, 352, 512 }, { 5, 353, 512 }, { 5, 354, 512 }, { 6, 355, 512 }, { 5, 356, 512 }, { 6, 357, 512 }, { 6, 358, 512 }, { 7, 359, 512 }, 
+   { 5, 360, 512 }, { 6, 361, 512 }, { 6, 362, 512 }, { 7, 363, 512 }, { 6, 364, 512 }, { 7, 365, 512 }, { 7, 366, 512 }, { 8, 367, 512 }, 
+   { 5, 368, 512 }, { 6, 369, 512 }, { 6, 370, 512 }, { 7, 371, 512 }, { 6, 372, 512 }, { 7, 373, 512 }, { 7, 374, 512 }, { 8, 375, 512 }, 
+   { 6, 376, 512 }, { 7, 377, 512 }, { 7, 378, 512 }, { 8, 379, 512 }, { 7, 380, 512 }, { 8, 381, 512 }, { 8, 382, 512 }, { 9, 383, 512 }, 
+   { 3, 384, 512 }, { 4, 385, 512 }, { 4, 386, 512 }, { 5, 387, 512 }, { 4, 388, 512 }, { 5, 389, 512 }, { 5, 390, 512 }, { 6, 391, 512 }, 
+   { 4, 392, 512 }, { 5, 393, 512 }, { 5, 394, 512 }, { 6, 395, 512 }, { 5, 396, 512 }, { 6, 397, 512 }, { 6, 398, 512 }, { 7, 399, 512 }, 
+   { 4, 400, 512 }, { 5, 401, 512 }, { 5, 402, 512 }, { 6, 403, 512 }, { 5, 404, 512 }, { 6, 405, 512 }, { 6, 406, 512 }, { 7, 407, 512 }, 
+   { 5, 408, 512 }, { 6, 409, 512 }, { 6, 410, 512 }, { 7, 411, 512 }, { 6, 412, 512 }, { 7, 413, 512 }, { 7, 414, 512 }, { 8, 415, 512 }, 
+   { 4, 416, 512 }, { 5, 417, 512 }, { 5, 418, 512 }, { 6, 419, 512 }, { 5, 420, 512 }, { 6, 421, 512 }, { 6, 422, 512 }, { 7, 423, 512 }, 
+   { 5, 424, 512 }, { 6, 425, 512 }, { 6, 426, 512 }, { 7, 427, 512 }, { 6, 428, 512 }, { 7, 429, 512 }, { 7, 430, 512 }, { 8, 431, 512 }, 
+   { 5, 432, 512 }, { 6, 433, 512 }, { 6, 434, 512 }, { 7, 435, 512 }, { 6, 436, 512 }, { 7, 437, 512 }, { 7, 438, 512 }, { 8, 439, 512 }, 
+   { 6, 440, 512 }, { 7, 441, 512 }, { 7, 442, 512 }, { 8, 443, 512 }, { 7, 444, 512 }, { 8, 445, 512 }, { 8, 446, 512 }, { 9, 447, 512 }, 
+   { 4, 448, 512 }, { 5, 449, 512 }, { 5, 450, 512 }, { 6, 451, 512 }, { 5, 452, 512 }, { 6, 453, 512 }, { 6, 454, 512 }, { 7, 455, 512 }, 
+   { 5, 456, 512 }, { 6, 457, 512 }, { 6, 458, 512 }, { 7, 459, 512 }, { 6, 460, 512 }, { 7, 461, 512 }, { 7, 462, 512 }, { 8, 463, 512 }, 
+   { 5, 464, 512 }, { 6, 465, 512 }, { 6, 466, 512 }, { 7, 467, 512 }, { 6, 468, 512 }, { 7, 469, 512 }, { 7, 470, 512 }, { 8, 471, 512 }, 
+   { 6, 472, 512 }, { 7, 473, 512 }, { 7, 474, 512 }, { 8, 475, 512 }, { 7, 476, 512 }, { 8, 477, 512 }, { 8, 478, 512 }, { 9, 479, 512 }, 
+   { 5, 480, 512 }, { 6, 481, 512 }, { 6, 482, 512 }, { 7, 483, 512 }, { 6, 484, 512 }, { 7, 485, 512 }, { 7, 486, 512 }, { 8, 487, 512 }, 
+   { 6, 488, 512 }, { 7, 489, 512 }, { 7, 490, 512 }, { 8, 491, 512 }, { 7, 492, 512 }, { 8, 493, 512 }, { 8, 494, 512 }, { 9, 495, 512 }, 
+   { 6, 496, 512 }, { 7, 497, 512 }, { 7, 498, 512 }, { 8, 499, 512 }, { 7, 500, 512 }, { 8, 501, 512 }, { 8, 502, 512 }, { 9, 503, 512 }, 
+   { 7, 504, 512 }, { 8, 505, 512 }, { 8, 506, 512 }, { 9, 507, 512 }, { 8, 508, 512 }, { 9, 509, 512 }, { 9, 510, 512 }, { 10, 511, 512 }, 
+#if FP_LUT > 10
+   { 1, 0, 0 }, { 2, 1, 1024 }, { 2, 2, 1024 }, { 3, 3, 1024 }, { 2, 4, 1024 }, { 3, 5, 1024 }, { 3, 6, 1024 }, { 4, 7, 1024 }, 
+   { 2, 8, 1024 }, { 3, 9, 1024 }, { 3, 10, 1024 }, { 4, 11, 1024 }, { 3, 12, 1024 }, { 4, 13, 1024 }, { 4, 14, 1024 }, { 5, 15, 1024 }, 
+   { 2, 16, 1024 }, { 3, 17, 1024 }, { 3, 18, 1024 }, { 4, 19, 1024 }, { 3, 20, 1024 }, { 4, 21, 1024 }, { 4, 22, 1024 }, { 5, 23, 1024 }, 
+   { 3, 24, 1024 }, { 4, 25, 1024 }, { 4, 26, 1024 }, { 5, 27, 1024 }, { 4, 28, 1024 }, { 5, 29, 1024 }, { 5, 30, 1024 }, { 6, 31, 1024 }, 
+   { 2, 32, 1024 }, { 3, 33, 1024 }, { 3, 34, 1024 }, { 4, 35, 1024 }, { 3, 36, 1024 }, { 4, 37, 1024 }, { 4, 38, 1024 }, { 5, 39, 1024 }, 
+   { 3, 40, 1024 }, { 4, 41, 1024 }, { 4, 42, 1024 }, { 5, 43, 1024 }, { 4, 44, 1024 }, { 5, 45, 1024 }, { 5, 46, 1024 }, { 6, 47, 1024 }, 
+   { 3, 48, 1024 }, { 4, 49, 1024 }, { 4, 50, 1024 }, { 5, 51, 1024 }, { 4, 52, 1024 }, { 5, 53, 1024 }, { 5, 54, 1024 }, { 6, 55, 1024 }, 
+   { 4, 56, 1024 }, { 5, 57, 1024 }, { 5, 58, 1024 }, { 6, 59, 1024 }, { 5, 60, 1024 }, { 6, 61, 1024 }, { 6, 62, 1024 }, { 7, 63, 1024 }, 
+   { 2, 64, 1024 }, { 3, 65, 1024 }, { 3, 66, 1024 }, { 4, 67, 1024 }, { 3, 68, 1024 }, { 4, 69, 1024 }, { 4, 70, 1024 }, { 5, 71, 1024 }, 
+   { 3, 72, 1024 }, { 4, 73, 1024 }, { 4, 74, 1024 }, { 5, 75, 1024 }, { 4, 76, 1024 }, { 5, 77, 1024 }, { 5, 78, 1024 }, { 6, 79, 1024 }, 
+   { 3, 80, 1024 }, { 4, 81, 1024 }, { 4, 82, 1024 }, { 5, 83, 1024 }, { 4, 84, 1024 }, { 5, 85, 1024 }, { 5, 86, 1024 }, { 6, 87, 1024 }, 
+   { 4, 88, 1024 }, { 5, 89, 1024 }, { 5, 90, 1024 }, { 6, 91, 1024 }, { 5, 92, 1024 }, { 6, 93, 1024 }, { 6, 94, 1024 }, { 7, 95, 1024 }, 
+   { 3, 96, 1024 }, { 4, 97, 1024 }, { 4, 98, 1024 }, { 5, 99, 1024 }, { 4, 100, 1024 }, { 5, 101, 1024 }, { 5, 102, 1024 }, { 6, 103, 1024 }, 
+   { 4, 104, 1024 }, { 5, 105, 1024 }, { 5, 106, 1024 }, { 6, 107, 1024 }, { 5, 108, 1024 }, { 6, 109, 1024 }, { 6, 110, 1024 }, { 7, 111, 1024 }, 
+   { 4, 112, 1024 }, { 5, 113, 1024 }, { 5, 114, 1024 }, { 6, 115, 1024 }, { 5, 116, 1024 }, { 6, 117, 1024 }, { 6, 118, 1024 }, { 7, 119, 1024 }, 
+   { 5, 120, 1024 }, { 6, 121, 1024 }, { 6, 122, 1024 }, { 7, 123, 1024 }, { 6, 124, 1024 }, { 7, 125, 1024 }, { 7, 126, 1024 }, { 8, 127, 1024 }, 
+   { 2, 128, 1024 }, { 3, 129, 1024 }, { 3, 130, 1024 }, { 4, 131, 1024 }, { 3, 132, 1024 }, { 4, 133, 1024 }, { 4, 134, 1024 }, { 5, 135, 1024 }, 
+   { 3, 136, 1024 }, { 4, 137, 1024 }, { 4, 138, 1024 }, { 5, 139, 1024 }, { 4, 140, 1024 }, { 5, 141, 1024 }, { 5, 142, 1024 }, { 6, 143, 1024 }, 
+   { 3, 144, 1024 }, { 4, 145, 1024 }, { 4, 146, 1024 }, { 5, 147, 1024 }, { 4, 148, 1024 }, { 5, 149, 1024 }, { 5, 150, 1024 }, { 6, 151, 1024 }, 
+   { 4, 152, 1024 }, { 5, 153, 1024 }, { 5, 154, 1024 }, { 6, 155, 1024 }, { 5, 156, 1024 }, { 6, 157, 1024 }, { 6, 158, 1024 }, { 7, 159, 1024 }, 
+   { 3, 160, 1024 }, { 4, 161, 1024 }, { 4, 162, 1024 }, { 5, 163, 1024 }, { 4, 164, 1024 }, { 5, 165, 1024 }, { 5, 166, 1024 }, { 6, 167, 1024 }, 
+   { 4, 168, 1024 }, { 5, 169, 1024 }, { 5, 170, 1024 }, { 6, 171, 1024 }, { 5, 172, 1024 }, { 6, 173, 1024 }, { 6, 174, 1024 }, { 7, 175, 1024 }, 
+   { 4, 176, 1024 }, { 5, 177, 1024 }, { 5, 178, 1024 }, { 6, 179, 1024 }, { 5, 180, 1024 }, { 6, 181, 1024 }, { 6, 182, 1024 }, { 7, 183, 1024 }, 
+   { 5, 184, 1024 }, { 6, 185, 1024 }, { 6, 186, 1024 }, { 7, 187, 1024 }, { 6, 188, 1024 }, { 7, 189, 1024 }, { 7, 190, 1024 }, { 8, 191, 1024 }, 
+   { 3, 192, 1024 }, { 4, 193, 1024 }, { 4, 194, 1024 }, { 5, 195, 1024 }, { 4, 196, 1024 }, { 5, 197, 1024 }, { 5, 198, 1024 }, { 6, 199, 1024 }, 
+   { 4, 200, 1024 }, { 5, 201, 1024 }, { 5, 202, 1024 }, { 6, 203, 1024 }, { 5, 204, 1024 }, { 6, 205, 1024 }, { 6, 206, 1024 }, { 7, 207, 1024 }, 
+   { 4, 208, 1024 }, { 5, 209, 1024 }, { 5, 210, 1024 }, { 6, 211, 1024 }, { 5, 212, 1024 }, { 6, 213, 1024 }, { 6, 214, 1024 }, { 7, 215, 1024 }, 
+   { 5, 216, 1024 }, { 6, 217, 1024 }, { 6, 218, 1024 }, { 7, 219, 1024 }, { 6, 220, 1024 }, { 7, 221, 1024 }, { 7, 222, 1024 }, { 8, 223, 1024 }, 
+   { 4, 224, 1024 }, { 5, 225, 1024 }, { 5, 226, 1024 }, { 6, 227, 1024 }, { 5, 228, 1024 }, { 6, 229, 1024 }, { 6, 230, 1024 }, { 7, 231, 1024 }, 
+   { 5, 232, 1024 }, { 6, 233, 1024 }, { 6, 234, 1024 }, { 7, 235, 1024 }, { 6, 236, 1024 }, { 7, 237, 1024 }, { 7, 238, 1024 }, { 8, 239, 1024 }, 
+   { 5, 240, 1024 }, { 6, 241, 1024 }, { 6, 242, 1024 }, { 7, 243, 1024 }, { 6, 244, 1024 }, { 7, 245, 1024 }, { 7, 246, 1024 }, { 8, 247, 1024 }, 
+   { 6, 248, 1024 }, { 7, 249, 1024 }, { 7, 250, 1024 }, { 8, 251, 1024 }, { 7, 252, 1024 }, { 8, 253, 1024 }, { 8, 254, 1024 }, { 9, 255, 1024 }, 
+   { 2, 256, 1024 }, { 3, 257, 1024 }, { 3, 258, 1024 }, { 4, 259, 1024 }, { 3, 260, 1024 }, { 4, 261, 1024 }, { 4, 262, 1024 }, { 5, 263, 1024 }, 
+   { 3, 264, 1024 }, { 4, 265, 1024 }, { 4, 266, 1024 }, { 5, 267, 1024 }, { 4, 268, 1024 }, { 5, 269, 1024 }, { 5, 270, 1024 }, { 6, 271, 1024 }, 
+   { 3, 272, 1024 }, { 4, 273, 1024 }, { 4, 274, 1024 }, { 5, 275, 1024 }, { 4, 276, 1024 }, { 5, 277, 1024 }, { 5, 278, 1024 }, { 6, 279, 1024 }, 
+   { 4, 280, 1024 }, { 5, 281, 1024 }, { 5, 282, 1024 }, { 6, 283, 1024 }, { 5, 284, 1024 }, { 6, 285, 1024 }, { 6, 286, 1024 }, { 7, 287, 1024 }, 
+   { 3, 288, 1024 }, { 4, 289, 1024 }, { 4, 290, 1024 }, { 5, 291, 1024 }, { 4, 292, 1024 }, { 5, 293, 1024 }, { 5, 294, 1024 }, { 6, 295, 1024 }, 
+   { 4, 296, 1024 }, { 5, 297, 1024 }, { 5, 298, 1024 }, { 6, 299, 1024 }, { 5, 300, 1024 }, { 6, 301, 1024 }, { 6, 302, 1024 }, { 7, 303, 1024 }, 
+   { 4, 304, 1024 }, { 5, 305, 1024 }, { 5, 306, 1024 }, { 6, 307, 1024 }, { 5, 308, 1024 }, { 6, 309, 1024 }, { 6, 310, 1024 }, { 7, 311, 1024 }, 
+   { 5, 312, 1024 }, { 6, 313, 1024 }, { 6, 314, 1024 }, { 7, 315, 1024 }, { 6, 316, 1024 }, { 7, 317, 1024 }, { 7, 318, 1024 }, { 8, 319, 1024 }, 
+   { 3, 320, 1024 }, { 4, 321, 1024 }, { 4, 322, 1024 }, { 5, 323, 1024 }, { 4, 324, 1024 }, { 5, 325, 1024 }, { 5, 326, 1024 }, { 6, 327, 1024 }, 
+   { 4, 328, 1024 }, { 5, 329, 1024 }, { 5, 330, 1024 }, { 6, 331, 1024 }, { 5, 332, 1024 }, { 6, 333, 1024 }, { 6, 334, 1024 }, { 7, 335, 1024 }, 
+   { 4, 336, 1024 }, { 5, 337, 1024 }, { 5, 338, 1024 }, { 6, 339, 1024 }, { 5, 340, 1024 }, { 6, 341, 1024 }, { 6, 342, 1024 }, { 7, 343, 1024 }, 
+   { 5, 344, 1024 }, { 6, 345, 1024 }, { 6, 346, 1024 }, { 7, 347, 1024 }, { 6, 348, 1024 }, { 7, 349, 1024 }, { 7, 350, 1024 }, { 8, 351, 1024 }, 
+   { 4, 352, 1024 }, { 5, 353, 1024 }, { 5, 354, 1024 }, { 6, 355, 1024 }, { 5, 356, 1024 }, { 6, 357, 1024 }, { 6, 358, 1024 }, { 7, 359, 1024 }, 
+   { 5, 360, 1024 }, { 6, 361, 1024 }, { 6, 362, 1024 }, { 7, 363, 1024 }, { 6, 364, 1024 }, { 7, 365, 1024 }, { 7, 366, 1024 }, { 8, 367, 1024 }, 
+   { 5, 368, 1024 }, { 6, 369, 1024 }, { 6, 370, 1024 }, { 7, 371, 1024 }, { 6, 372, 1024 }, { 7, 373, 1024 }, { 7, 374, 1024 }, { 8, 375, 1024 }, 
+   { 6, 376, 1024 }, { 7, 377, 1024 }, { 7, 378, 1024 }, { 8, 379, 1024 }, { 7, 380, 1024 }, { 8, 381, 1024 }, { 8, 382, 1024 }, { 9, 383, 1024 }, 
+   { 3, 384, 1024 }, { 4, 385, 1024 }, { 4, 386, 1024 }, { 5, 387, 1024 }, { 4, 388, 1024 }, { 5, 389, 1024 }, { 5, 390, 1024 }, { 6, 391, 1024 }, 
+   { 4, 392, 1024 }, { 5, 393, 1024 }, { 5, 394, 1024 }, { 6, 395, 1024 }, { 5, 396, 1024 }, { 6, 397, 1024 }, { 6, 398, 1024 }, { 7, 399, 1024 }, 
+   { 4, 400, 1024 }, { 5, 401, 1024 }, { 5, 402, 1024 }, { 6, 403, 1024 }, { 5, 404, 1024 }, { 6, 405, 1024 }, { 6, 406, 1024 }, { 7, 407, 1024 }, 
+   { 5, 408, 1024 }, { 6, 409, 1024 }, { 6, 410, 1024 }, { 7, 411, 1024 }, { 6, 412, 1024 }, { 7, 413, 1024 }, { 7, 414, 1024 }, { 8, 415, 1024 }, 
+   { 4, 416, 1024 }, { 5, 417, 1024 }, { 5, 418, 1024 }, { 6, 419, 1024 }, { 5, 420, 1024 }, { 6, 421, 1024 }, { 6, 422, 1024 }, { 7, 423, 1024 }, 
+   { 5, 424, 1024 }, { 6, 425, 1024 }, { 6, 426, 1024 }, { 7, 427, 1024 }, { 6, 428, 1024 }, { 7, 429, 1024 }, { 7, 430, 1024 }, { 8, 431, 1024 }, 
+   { 5, 432, 1024 }, { 6, 433, 1024 }, { 6, 434, 1024 }, { 7, 435, 1024 }, { 6, 436, 1024 }, { 7, 437, 1024 }, { 7, 438, 1024 }, { 8, 439, 1024 }, 
+   { 6, 440, 1024 }, { 7, 441, 1024 }, { 7, 442, 1024 }, { 8, 443, 1024 }, { 7, 444, 1024 }, { 8, 445, 1024 }, { 8, 446, 1024 }, { 9, 447, 1024 }, 
+   { 4, 448, 1024 }, { 5, 449, 1024 }, { 5, 450, 1024 }, { 6, 451, 1024 }, { 5, 452, 1024 }, { 6, 453, 1024 }, { 6, 454, 1024 }, { 7, 455, 1024 }, 
+   { 5, 456, 1024 }, { 6, 457, 1024 }, { 6, 458, 1024 }, { 7, 459, 1024 }, { 6, 460, 1024 }, { 7, 461, 1024 }, { 7, 462, 1024 }, { 8, 463, 1024 }, 
+   { 5, 464, 1024 }, { 6, 465, 1024 }, { 6, 466, 1024 }, { 7, 467, 1024 }, { 6, 468, 1024 }, { 7, 469, 1024 }, { 7, 470, 1024 }, { 8, 471, 1024 }, 
+   { 6, 472, 1024 }, { 7, 473, 1024 }, { 7, 474, 1024 }, { 8, 475, 1024 }, { 7, 476, 1024 }, { 8, 477, 1024 }, { 8, 478, 1024 }, { 9, 479, 1024 }, 
+   { 5, 480, 1024 }, { 6, 481, 1024 }, { 6, 482, 1024 }, { 7, 483, 1024 }, { 6, 484, 1024 }, { 7, 485, 1024 }, { 7, 486, 1024 }, { 8, 487, 1024 }, 
+   { 6, 488, 1024 }, { 7, 489, 1024 }, { 7, 490, 1024 }, { 8, 491, 1024 }, { 7, 492, 1024 }, { 8, 493, 1024 }, { 8, 494, 1024 }, { 9, 495, 1024 }, 
+   { 6, 496, 1024 }, { 7, 497, 1024 }, { 7, 498, 1024 }, { 8, 499, 1024 }, { 7, 500, 1024 }, { 8, 501, 1024 }, { 8, 502, 1024 }, { 9, 503, 1024 }, 
+   { 7, 504, 1024 }, { 8, 505, 1024 }, { 8, 506, 1024 }, { 9, 507, 1024 }, { 8, 508, 1024 }, { 9, 509, 1024 }, { 9, 510, 1024 }, { 10, 511, 1024 }, 
+   { 2, 512, 1024 }, { 3, 513, 1024 }, { 3, 514, 1024 }, { 4, 515, 1024 }, { 3, 516, 1024 }, { 4, 517, 1024 }, { 4, 518, 1024 }, { 5, 519, 1024 }, 
+   { 3, 520, 1024 }, { 4, 521, 1024 }, { 4, 522, 1024 }, { 5, 523, 1024 }, { 4, 524, 1024 }, { 5, 525, 1024 }, { 5, 526, 1024 }, { 6, 527, 1024 }, 
+   { 3, 528, 1024 }, { 4, 529, 1024 }, { 4, 530, 1024 }, { 5, 531, 1024 }, { 4, 532, 1024 }, { 5, 533, 1024 }, { 5, 534, 1024 }, { 6, 535, 1024 }, 
+   { 4, 536, 1024 }, { 5, 537, 1024 }, { 5, 538, 1024 }, { 6, 539, 1024 }, { 5, 540, 1024 }, { 6, 541, 1024 }, { 6, 542, 1024 }, { 7, 543, 1024 }, 
+   { 3, 544, 1024 }, { 4, 545, 1024 }, { 4, 546, 1024 }, { 5, 547, 1024 }, { 4, 548, 1024 }, { 5, 549, 1024 }, { 5, 550, 1024 }, { 6, 551, 1024 }, 
+   { 4, 552, 1024 }, { 5, 553, 1024 }, { 5, 554, 1024 }, { 6, 555, 1024 }, { 5, 556, 1024 }, { 6, 557, 1024 }, { 6, 558, 1024 }, { 7, 559, 1024 }, 
+   { 4, 560, 1024 }, { 5, 561, 1024 }, { 5, 562, 1024 }, { 6, 563, 1024 }, { 5, 564, 1024 }, { 6, 565, 1024 }, { 6, 566, 1024 }, { 7, 567, 1024 }, 
+   { 5, 568, 1024 }, { 6, 569, 1024 }, { 6, 570, 1024 }, { 7, 571, 1024 }, { 6, 572, 1024 }, { 7, 573, 1024 }, { 7, 574, 1024 }, { 8, 575, 1024 }, 
+   { 3, 576, 1024 }, { 4, 577, 1024 }, { 4, 578, 1024 }, { 5, 579, 1024 }, { 4, 580, 1024 }, { 5, 581, 1024 }, { 5, 582, 1024 }, { 6, 583, 1024 }, 
+   { 4, 584, 1024 }, { 5, 585, 1024 }, { 5, 586, 1024 }, { 6, 587, 1024 }, { 5, 588, 1024 }, { 6, 589, 1024 }, { 6, 590, 1024 }, { 7, 591, 1024 }, 
+   { 4, 592, 1024 }, { 5, 593, 1024 }, { 5, 594, 1024 }, { 6, 595, 1024 }, { 5, 596, 1024 }, { 6, 597, 1024 }, { 6, 598, 1024 }, { 7, 599, 1024 }, 
+   { 5, 600, 1024 }, { 6, 601, 1024 }, { 6, 602, 1024 }, { 7, 603, 1024 }, { 6, 604, 1024 }, { 7, 605, 1024 }, { 7, 606, 1024 }, { 8, 607, 1024 }, 
+   { 4, 608, 1024 }, { 5, 609, 1024 }, { 5, 610, 1024 }, { 6, 611, 1024 }, { 5, 612, 1024 }, { 6, 613, 1024 }, { 6, 614, 1024 }, { 7, 615, 1024 }, 
+   { 5, 616, 1024 }, { 6, 617, 1024 }, { 6, 618, 1024 }, { 7, 619, 1024 }, { 6, 620, 1024 }, { 7, 621, 1024 }, { 7, 622, 1024 }, { 8, 623, 1024 }, 
+   { 5, 624, 1024 }, { 6, 625, 1024 }, { 6, 626, 1024 }, { 7, 627, 1024 }, { 6, 628, 1024 }, { 7, 629, 1024 }, { 7, 630, 1024 }, { 8, 631, 1024 }, 
+   { 6, 632, 1024 }, { 7, 633, 1024 }, { 7, 634, 1024 }, { 8, 635, 1024 }, { 7, 636, 1024 }, { 8, 637, 1024 }, { 8, 638, 1024 }, { 9, 639, 1024 }, 
+   { 3, 640, 1024 }, { 4, 641, 1024 }, { 4, 642, 1024 }, { 5, 643, 1024 }, { 4, 644, 1024 }, { 5, 645, 1024 }, { 5, 646, 1024 }, { 6, 647, 1024 }, 
+   { 4, 648, 1024 }, { 5, 649, 1024 }, { 5, 650, 1024 }, { 6, 651, 1024 }, { 5, 652, 1024 }, { 6, 653, 1024 }, { 6, 654, 1024 }, { 7, 655, 1024 }, 
+   { 4, 656, 1024 }, { 5, 657, 1024 }, { 5, 658, 1024 }, { 6, 659, 1024 }, { 5, 660, 1024 }, { 6, 661, 1024 }, { 6, 662, 1024 }, { 7, 663, 1024 }, 
+   { 5, 664, 1024 }, { 6, 665, 1024 }, { 6, 666, 1024 }, { 7, 667, 1024 }, { 6, 668, 1024 }, { 7, 669, 1024 }, { 7, 670, 1024 }, { 8, 671, 1024 }, 
+   { 4, 672, 1024 }, { 5, 673, 1024 }, { 5, 674, 1024 }, { 6, 675, 1024 }, { 5, 676, 1024 }, { 6, 677, 1024 }, { 6, 678, 1024 }, { 7, 679, 1024 }, 
+   { 5, 680, 1024 }, { 6, 681, 1024 }, { 6, 682, 1024 }, { 7, 683, 1024 }, { 6, 684, 1024 }, { 7, 685, 1024 }, { 7, 686, 1024 }, { 8, 687, 1024 }, 
+   { 5, 688, 1024 }, { 6, 689, 1024 }, { 6, 690, 1024 }, { 7, 691, 1024 }, { 6, 692, 1024 }, { 7, 693, 1024 }, { 7, 694, 1024 }, { 8, 695, 1024 }, 
+   { 6, 696, 1024 }, { 7, 697, 1024 }, { 7, 698, 1024 }, { 8, 699, 1024 }, { 7, 700, 1024 }, { 8, 701, 1024 }, { 8, 702, 1024 }, { 9, 703, 1024 }, 
+   { 4, 704, 1024 }, { 5, 705, 1024 }, { 5, 706, 1024 }, { 6, 707, 1024 }, { 5, 708, 1024 }, { 6, 709, 1024 }, { 6, 710, 1024 }, { 7, 711, 1024 }, 
+   { 5, 712, 1024 }, { 6, 713, 1024 }, { 6, 714, 1024 }, { 7, 715, 1024 }, { 6, 716, 1024 }, { 7, 717, 1024 }, { 7, 718, 1024 }, { 8, 719, 1024 }, 
+   { 5, 720, 1024 }, { 6, 721, 1024 }, { 6, 722, 1024 }, { 7, 723, 1024 }, { 6, 724, 1024 }, { 7, 725, 1024 }, { 7, 726, 1024 }, { 8, 727, 1024 }, 
+   { 6, 728, 1024 }, { 7, 729, 1024 }, { 7, 730, 1024 }, { 8, 731, 1024 }, { 7, 732, 1024 }, { 8, 733, 1024 }, { 8, 734, 1024 }, { 9, 735, 1024 }, 
+   { 5, 736, 1024 }, { 6, 737, 1024 }, { 6, 738, 1024 }, { 7, 739, 1024 }, { 6, 740, 1024 }, { 7, 741, 1024 }, { 7, 742, 1024 }, { 8, 743, 1024 }, 
+   { 6, 744, 1024 }, { 7, 745, 1024 }, { 7, 746, 1024 }, { 8, 747, 1024 }, { 7, 748, 1024 }, { 8, 749, 1024 }, { 8, 750, 1024 }, { 9, 751, 1024 }, 
+   { 6, 752, 1024 }, { 7, 753, 1024 }, { 7, 754, 1024 }, { 8, 755, 1024 }, { 7, 756, 1024 }, { 8, 757, 1024 }, { 8, 758, 1024 }, { 9, 759, 1024 }, 
+   { 7, 760, 1024 }, { 8, 761, 1024 }, { 8, 762, 1024 }, { 9, 763, 1024 }, { 8, 764, 1024 }, { 9, 765, 1024 }, { 9, 766, 1024 }, { 10, 767, 1024 }, 
+   { 3, 768, 1024 }, { 4, 769, 1024 }, { 4, 770, 1024 }, { 5, 771, 1024 }, { 4, 772, 1024 }, { 5, 773, 1024 }, { 5, 774, 1024 }, { 6, 775, 1024 }, 
+   { 4, 776, 1024 }, { 5, 777, 1024 }, { 5, 778, 1024 }, { 6, 779, 1024 }, { 5, 780, 1024 }, { 6, 781, 1024 }, { 6, 782, 1024 }, { 7, 783, 1024 }, 
+   { 4, 784, 1024 }, { 5, 785, 1024 }, { 5, 786, 1024 }, { 6, 787, 1024 }, { 5, 788, 1024 }, { 6, 789, 1024 }, { 6, 790, 1024 }, { 7, 791, 1024 }, 
+   { 5, 792, 1024 }, { 6, 793, 1024 }, { 6, 794, 1024 }, { 7, 795, 1024 }, { 6, 796, 1024 }, { 7, 797, 1024 }, { 7, 798, 1024 }, { 8, 799, 1024 }, 
+   { 4, 800, 1024 }, { 5, 801, 1024 }, { 5, 802, 1024 }, { 6, 803, 1024 }, { 5, 804, 1024 }, { 6, 805, 1024 }, { 6, 806, 1024 }, { 7, 807, 1024 }, 
+   { 5, 808, 1024 }, { 6, 809, 1024 }, { 6, 810, 1024 }, { 7, 811, 1024 }, { 6, 812, 1024 }, { 7, 813, 1024 }, { 7, 814, 1024 }, { 8, 815, 1024 }, 
+   { 5, 816, 1024 }, { 6, 817, 1024 }, { 6, 818, 1024 }, { 7, 819, 1024 }, { 6, 820, 1024 }, { 7, 821, 1024 }, { 7, 822, 1024 }, { 8, 823, 1024 }, 
+   { 6, 824, 1024 }, { 7, 825, 1024 }, { 7, 826, 1024 }, { 8, 827, 1024 }, { 7, 828, 1024 }, { 8, 829, 1024 }, { 8, 830, 1024 }, { 9, 831, 1024 }, 
+   { 4, 832, 1024 }, { 5, 833, 1024 }, { 5, 834, 1024 }, { 6, 835, 1024 }, { 5, 836, 1024 }, { 6, 837, 1024 }, { 6, 838, 1024 }, { 7, 839, 1024 }, 
+   { 5, 840, 1024 }, { 6, 841, 1024 }, { 6, 842, 1024 }, { 7, 843, 1024 }, { 6, 844, 1024 }, { 7, 845, 1024 }, { 7, 846, 1024 }, { 8, 847, 1024 }, 
+   { 5, 848, 1024 }, { 6, 849, 1024 }, { 6, 850, 1024 }, { 7, 851, 1024 }, { 6, 852, 1024 }, { 7, 853, 1024 }, { 7, 854, 1024 }, { 8, 855, 1024 }, 
+   { 6, 856, 1024 }, { 7, 857, 1024 }, { 7, 858, 1024 }, { 8, 859, 1024 }, { 7, 860, 1024 }, { 8, 861, 1024 }, { 8, 862, 1024 }, { 9, 863, 1024 }, 
+   { 5, 864, 1024 }, { 6, 865, 1024 }, { 6, 866, 1024 }, { 7, 867, 1024 }, { 6, 868, 1024 }, { 7, 869, 1024 }, { 7, 870, 1024 }, { 8, 871, 1024 }, 
+   { 6, 872, 1024 }, { 7, 873, 1024 }, { 7, 874, 1024 }, { 8, 875, 1024 }, { 7, 876, 1024 }, { 8, 877, 1024 }, { 8, 878, 1024 }, { 9, 879, 1024 }, 
+   { 6, 880, 1024 }, { 7, 881, 1024 }, { 7, 882, 1024 }, { 8, 883, 1024 }, { 7, 884, 1024 }, { 8, 885, 1024 }, { 8, 886, 1024 }, { 9, 887, 1024 }, 
+   { 7, 888, 1024 }, { 8, 889, 1024 }, { 8, 890, 1024 }, { 9, 891, 1024 }, { 8, 892, 1024 }, { 9, 893, 1024 }, { 9, 894, 1024 }, { 10, 895, 1024 }, 
+   { 4, 896, 1024 }, { 5, 897, 1024 }, { 5, 898, 1024 }, { 6, 899, 1024 }, { 5, 900, 1024 }, { 6, 901, 1024 }, { 6, 902, 1024 }, { 7, 903, 1024 }, 
+   { 5, 904, 1024 }, { 6, 905, 1024 }, { 6, 906, 1024 }, { 7, 907, 1024 }, { 6, 908, 1024 }, { 7, 909, 1024 }, { 7, 910, 1024 }, { 8, 911, 1024 }, 
+   { 5, 912, 1024 }, { 6, 913, 1024 }, { 6, 914, 1024 }, { 7, 915, 1024 }, { 6, 916, 1024 }, { 7, 917, 1024 }, { 7, 918, 1024 }, { 8, 919, 1024 }, 
+   { 6, 920, 1024 }, { 7, 921, 1024 }, { 7, 922, 1024 }, { 8, 923, 1024 }, { 7, 924, 1024 }, { 8, 925, 1024 }, { 8, 926, 1024 }, { 9, 927, 1024 }, 
+   { 5, 928, 1024 }, { 6, 929, 1024 }, { 6, 930, 1024 }, { 7, 931, 1024 }, { 6, 932, 1024 }, { 7, 933, 1024 }, { 7, 934, 1024 }, { 8, 935, 1024 }, 
+   { 6, 936, 1024 }, { 7, 937, 1024 }, { 7, 938, 1024 }, { 8, 939, 1024 }, { 7, 940, 1024 }, { 8, 941, 1024 }, { 8, 942, 1024 }, { 9, 943, 1024 }, 
+   { 6, 944, 1024 }, { 7, 945, 1024 }, { 7, 946, 1024 }, { 8, 947, 1024 }, { 7, 948, 1024 }, { 8, 949, 1024 }, { 8, 950, 1024 }, { 9, 951, 1024 }, 
+   { 7, 952, 1024 }, { 8, 953, 1024 }, { 8, 954, 1024 }, { 9, 955, 1024 }, { 8, 956, 1024 }, { 9, 957, 1024 }, { 9, 958, 1024 }, { 10, 959, 1024 }, 
+   { 5, 960, 1024 }, { 6, 961, 1024 }, { 6, 962, 1024 }, { 7, 963, 1024 }, { 6, 964, 1024 }, { 7, 965, 1024 }, { 7, 966, 1024 }, { 8, 967, 1024 }, 
+   { 6, 968, 1024 }, { 7, 969, 1024 }, { 7, 970, 1024 }, { 8, 971, 1024 }, { 7, 972, 1024 }, { 8, 973, 1024 }, { 8, 974, 1024 }, { 9, 975, 1024 }, 
+   { 6, 976, 1024 }, { 7, 977, 1024 }, { 7, 978, 1024 }, { 8, 979, 1024 }, { 7, 980, 1024 }, { 8, 981, 1024 }, { 8, 982, 1024 }, { 9, 983, 1024 }, 
+   { 7, 984, 1024 }, { 8, 985, 1024 }, { 8, 986, 1024 }, { 9, 987, 1024 }, { 8, 988, 1024 }, { 9, 989, 1024 }, { 9, 990, 1024 }, { 10, 991, 1024 }, 
+   { 6, 992, 1024 }, { 7, 993, 1024 }, { 7, 994, 1024 }, { 8, 995, 1024 }, { 7, 996, 1024 }, { 8, 997, 1024 }, { 8, 998, 1024 }, { 9, 999, 1024 }, 
+   { 7, 1000, 1024 }, { 8, 1001, 1024 }, { 8, 1002, 1024 }, { 9, 1003, 1024 }, { 8, 1004, 1024 }, { 9, 1005, 1024 }, { 9, 1006, 1024 }, { 10, 1007, 1024 }, 
+   { 7, 1008, 1024 }, { 8, 1009, 1024 }, { 8, 1010, 1024 }, { 9, 1011, 1024 }, { 8, 1012, 1024 }, { 9, 1013, 1024 }, { 9, 1014, 1024 }, { 10, 1015, 1024 }, 
+   { 8, 1016, 1024 }, { 9, 1017, 1024 }, { 9, 1018, 1024 }, { 10, 1019, 1024 }, { 9, 1020, 1024 }, { 10, 1021, 1024 }, { 10, 1022, 1024 }, { 11, 1023, 1024 }, 
+#if FP_LUT > 11
+   { 1, 0, 0 }, { 2, 1, 2048 }, { 2, 2, 2048 }, { 3, 3, 2048 }, { 2, 4, 2048 }, { 3, 5, 2048 }, { 3, 6, 2048 }, { 4, 7, 2048 }, 
+   { 2, 8, 2048 }, { 3, 9, 2048 }, { 3, 10, 2048 }, { 4, 11, 2048 }, { 3, 12, 2048 }, { 4, 13, 2048 }, { 4, 14, 2048 }, { 5, 15, 2048 }, 
+   { 2, 16, 2048 }, { 3, 17, 2048 }, { 3, 18, 2048 }, { 4, 19, 2048 }, { 3, 20, 2048 }, { 4, 21, 2048 }, { 4, 22, 2048 }, { 5, 23, 2048 }, 
+   { 3, 24, 2048 }, { 4, 25, 2048 }, { 4, 26, 2048 }, { 5, 27, 2048 }, { 4, 28, 2048 }, { 5, 29, 2048 }, { 5, 30, 2048 }, { 6, 31, 2048 }, 
+   { 2, 32, 2048 }, { 3, 33, 2048 }, { 3, 34, 2048 }, { 4, 35, 2048 }, { 3, 36, 2048 }, { 4, 37, 2048 }, { 4, 38, 2048 }, { 5, 39, 2048 }, 
+   { 3, 40, 2048 }, { 4, 41, 2048 }, { 4, 42, 2048 }, { 5, 43, 2048 }, { 4, 44, 2048 }, { 5, 45, 2048 }, { 5, 46, 2048 }, { 6, 47, 2048 }, 
+   { 3, 48, 2048 }, { 4, 49, 2048 }, { 4, 50, 2048 }, { 5, 51, 2048 }, { 4, 52, 2048 }, { 5, 53, 2048 }, { 5, 54, 2048 }, { 6, 55, 2048 }, 
+   { 4, 56, 2048 }, { 5, 57, 2048 }, { 5, 58, 2048 }, { 6, 59, 2048 }, { 5, 60, 2048 }, { 6, 61, 2048 }, { 6, 62, 2048 }, { 7, 63, 2048 }, 
+   { 2, 64, 2048 }, { 3, 65, 2048 }, { 3, 66, 2048 }, { 4, 67, 2048 }, { 3, 68, 2048 }, { 4, 69, 2048 }, { 4, 70, 2048 }, { 5, 71, 2048 }, 
+   { 3, 72, 2048 }, { 4, 73, 2048 }, { 4, 74, 2048 }, { 5, 75, 2048 }, { 4, 76, 2048 }, { 5, 77, 2048 }, { 5, 78, 2048 }, { 6, 79, 2048 }, 
+   { 3, 80, 2048 }, { 4, 81, 2048 }, { 4, 82, 2048 }, { 5, 83, 2048 }, { 4, 84, 2048 }, { 5, 85, 2048 }, { 5, 86, 2048 }, { 6, 87, 2048 }, 
+   { 4, 88, 2048 }, { 5, 89, 2048 }, { 5, 90, 2048 }, { 6, 91, 2048 }, { 5, 92, 2048 }, { 6, 93, 2048 }, { 6, 94, 2048 }, { 7, 95, 2048 }, 
+   { 3, 96, 2048 }, { 4, 97, 2048 }, { 4, 98, 2048 }, { 5, 99, 2048 }, { 4, 100, 2048 }, { 5, 101, 2048 }, { 5, 102, 2048 }, { 6, 103, 2048 }, 
+   { 4, 104, 2048 }, { 5, 105, 2048 }, { 5, 106, 2048 }, { 6, 107, 2048 }, { 5, 108, 2048 }, { 6, 109, 2048 }, { 6, 110, 2048 }, { 7, 111, 2048 }, 
+   { 4, 112, 2048 }, { 5, 113, 2048 }, { 5, 114, 2048 }, { 6, 115, 2048 }, { 5, 116, 2048 }, { 6, 117, 2048 }, { 6, 118, 2048 }, { 7, 119, 2048 }, 
+   { 5, 120, 2048 }, { 6, 121, 2048 }, { 6, 122, 2048 }, { 7, 123, 2048 }, { 6, 124, 2048 }, { 7, 125, 2048 }, { 7, 126, 2048 }, { 8, 127, 2048 }, 
+   { 2, 128, 2048 }, { 3, 129, 2048 }, { 3, 130, 2048 }, { 4, 131, 2048 }, { 3, 132, 2048 }, { 4, 133, 2048 }, { 4, 134, 2048 }, { 5, 135, 2048 }, 
+   { 3, 136, 2048 }, { 4, 137, 2048 }, { 4, 138, 2048 }, { 5, 139, 2048 }, { 4, 140, 2048 }, { 5, 141, 2048 }, { 5, 142, 2048 }, { 6, 143, 2048 }, 
+   { 3, 144, 2048 }, { 4, 145, 2048 }, { 4, 146, 2048 }, { 5, 147, 2048 }, { 4, 148, 2048 }, { 5, 149, 2048 }, { 5, 150, 2048 }, { 6, 151, 2048 }, 
+   { 4, 152, 2048 }, { 5, 153, 2048 }, { 5, 154, 2048 }, { 6, 155, 2048 }, { 5, 156, 2048 }, { 6, 157, 2048 }, { 6, 158, 2048 }, { 7, 159, 2048 }, 
+   { 3, 160, 2048 }, { 4, 161, 2048 }, { 4, 162, 2048 }, { 5, 163, 2048 }, { 4, 164, 2048 }, { 5, 165, 2048 }, { 5, 166, 2048 }, { 6, 167, 2048 }, 
+   { 4, 168, 2048 }, { 5, 169, 2048 }, { 5, 170, 2048 }, { 6, 171, 2048 }, { 5, 172, 2048 }, { 6, 173, 2048 }, { 6, 174, 2048 }, { 7, 175, 2048 }, 
+   { 4, 176, 2048 }, { 5, 177, 2048 }, { 5, 178, 2048 }, { 6, 179, 2048 }, { 5, 180, 2048 }, { 6, 181, 2048 }, { 6, 182, 2048 }, { 7, 183, 2048 }, 
+   { 5, 184, 2048 }, { 6, 185, 2048 }, { 6, 186, 2048 }, { 7, 187, 2048 }, { 6, 188, 2048 }, { 7, 189, 2048 }, { 7, 190, 2048 }, { 8, 191, 2048 }, 
+   { 3, 192, 2048 }, { 4, 193, 2048 }, { 4, 194, 2048 }, { 5, 195, 2048 }, { 4, 196, 2048 }, { 5, 197, 2048 }, { 5, 198, 2048 }, { 6, 199, 2048 }, 
+   { 4, 200, 2048 }, { 5, 201, 2048 }, { 5, 202, 2048 }, { 6, 203, 2048 }, { 5, 204, 2048 }, { 6, 205, 2048 }, { 6, 206, 2048 }, { 7, 207, 2048 }, 
+   { 4, 208, 2048 }, { 5, 209, 2048 }, { 5, 210, 2048 }, { 6, 211, 2048 }, { 5, 212, 2048 }, { 6, 213, 2048 }, { 6, 214, 2048 }, { 7, 215, 2048 }, 
+   { 5, 216, 2048 }, { 6, 217, 2048 }, { 6, 218, 2048 }, { 7, 219, 2048 }, { 6, 220, 2048 }, { 7, 221, 2048 }, { 7, 222, 2048 }, { 8, 223, 2048 }, 
+   { 4, 224, 2048 }, { 5, 225, 2048 }, { 5, 226, 2048 }, { 6, 227, 2048 }, { 5, 228, 2048 }, { 6, 229, 2048 }, { 6, 230, 2048 }, { 7, 231, 2048 }, 
+   { 5, 232, 2048 }, { 6, 233, 2048 }, { 6, 234, 2048 }, { 7, 235, 2048 }, { 6, 236, 2048 }, { 7, 237, 2048 }, { 7, 238, 2048 }, { 8, 239, 2048 }, 
+   { 5, 240, 2048 }, { 6, 241, 2048 }, { 6, 242, 2048 }, { 7, 243, 2048 }, { 6, 244, 2048 }, { 7, 245, 2048 }, { 7, 246, 2048 }, { 8, 247, 2048 }, 
+   { 6, 248, 2048 }, { 7, 249, 2048 }, { 7, 250, 2048 }, { 8, 251, 2048 }, { 7, 252, 2048 }, { 8, 253, 2048 }, { 8, 254, 2048 }, { 9, 255, 2048 }, 
+   { 2, 256, 2048 }, { 3, 257, 2048 }, { 3, 258, 2048 }, { 4, 259, 2048 }, { 3, 260, 2048 }, { 4, 261, 2048 }, { 4, 262, 2048 }, { 5, 263, 2048 }, 
+   { 3, 264, 2048 }, { 4, 265, 2048 }, { 4, 266, 2048 }, { 5, 267, 2048 }, { 4, 268, 2048 }, { 5, 269, 2048 }, { 5, 270, 2048 }, { 6, 271, 2048 }, 
+   { 3, 272, 2048 }, { 4, 273, 2048 }, { 4, 274, 2048 }, { 5, 275, 2048 }, { 4, 276, 2048 }, { 5, 277, 2048 }, { 5, 278, 2048 }, { 6, 279, 2048 }, 
+   { 4, 280, 2048 }, { 5, 281, 2048 }, { 5, 282, 2048 }, { 6, 283, 2048 }, { 5, 284, 2048 }, { 6, 285, 2048 }, { 6, 286, 2048 }, { 7, 287, 2048 }, 
+   { 3, 288, 2048 }, { 4, 289, 2048 }, { 4, 290, 2048 }, { 5, 291, 2048 }, { 4, 292, 2048 }, { 5, 293, 2048 }, { 5, 294, 2048 }, { 6, 295, 2048 }, 
+   { 4, 296, 2048 }, { 5, 297, 2048 }, { 5, 298, 2048 }, { 6, 299, 2048 }, { 5, 300, 2048 }, { 6, 301, 2048 }, { 6, 302, 2048 }, { 7, 303, 2048 }, 
+   { 4, 304, 2048 }, { 5, 305, 2048 }, { 5, 306, 2048 }, { 6, 307, 2048 }, { 5, 308, 2048 }, { 6, 309, 2048 }, { 6, 310, 2048 }, { 7, 311, 2048 }, 
+   { 5, 312, 2048 }, { 6, 313, 2048 }, { 6, 314, 2048 }, { 7, 315, 2048 }, { 6, 316, 2048 }, { 7, 317, 2048 }, { 7, 318, 2048 }, { 8, 319, 2048 }, 
+   { 3, 320, 2048 }, { 4, 321, 2048 }, { 4, 322, 2048 }, { 5, 323, 2048 }, { 4, 324, 2048 }, { 5, 325, 2048 }, { 5, 326, 2048 }, { 6, 327, 2048 }, 
+   { 4, 328, 2048 }, { 5, 329, 2048 }, { 5, 330, 2048 }, { 6, 331, 2048 }, { 5, 332, 2048 }, { 6, 333, 2048 }, { 6, 334, 2048 }, { 7, 335, 2048 }, 
+   { 4, 336, 2048 }, { 5, 337, 2048 }, { 5, 338, 2048 }, { 6, 339, 2048 }, { 5, 340, 2048 }, { 6, 341, 2048 }, { 6, 342, 2048 }, { 7, 343, 2048 }, 
+   { 5, 344, 2048 }, { 6, 345, 2048 }, { 6, 346, 2048 }, { 7, 347, 2048 }, { 6, 348, 2048 }, { 7, 349, 2048 }, { 7, 350, 2048 }, { 8, 351, 2048 }, 
+   { 4, 352, 2048 }, { 5, 353, 2048 }, { 5, 354, 2048 }, { 6, 355, 2048 }, { 5, 356, 2048 }, { 6, 357, 2048 }, { 6, 358, 2048 }, { 7, 359, 2048 }, 
+   { 5, 360, 2048 }, { 6, 361, 2048 }, { 6, 362, 2048 }, { 7, 363, 2048 }, { 6, 364, 2048 }, { 7, 365, 2048 }, { 7, 366, 2048 }, { 8, 367, 2048 }, 
+   { 5, 368, 2048 }, { 6, 369, 2048 }, { 6, 370, 2048 }, { 7, 371, 2048 }, { 6, 372, 2048 }, { 7, 373, 2048 }, { 7, 374, 2048 }, { 8, 375, 2048 }, 
+   { 6, 376, 2048 }, { 7, 377, 2048 }, { 7, 378, 2048 }, { 8, 379, 2048 }, { 7, 380, 2048 }, { 8, 381, 2048 }, { 8, 382, 2048 }, { 9, 383, 2048 }, 
+   { 3, 384, 2048 }, { 4, 385, 2048 }, { 4, 386, 2048 }, { 5, 387, 2048 }, { 4, 388, 2048 }, { 5, 389, 2048 }, { 5, 390, 2048 }, { 6, 391, 2048 }, 
+   { 4, 392, 2048 }, { 5, 393, 2048 }, { 5, 394, 2048 }, { 6, 395, 2048 }, { 5, 396, 2048 }, { 6, 397, 2048 }, { 6, 398, 2048 }, { 7, 399, 2048 }, 
+   { 4, 400, 2048 }, { 5, 401, 2048 }, { 5, 402, 2048 }, { 6, 403, 2048 }, { 5, 404, 2048 }, { 6, 405, 2048 }, { 6, 406, 2048 }, { 7, 407, 2048 }, 
+   { 5, 408, 2048 }, { 6, 409, 2048 }, { 6, 410, 2048 }, { 7, 411, 2048 }, { 6, 412, 2048 }, { 7, 413, 2048 }, { 7, 414, 2048 }, { 8, 415, 2048 }, 
+   { 4, 416, 2048 }, { 5, 417, 2048 }, { 5, 418, 2048 }, { 6, 419, 2048 }, { 5, 420, 2048 }, { 6, 421, 2048 }, { 6, 422, 2048 }, { 7, 423, 2048 }, 
+   { 5, 424, 2048 }, { 6, 425, 2048 }, { 6, 426, 2048 }, { 7, 427, 2048 }, { 6, 428, 2048 }, { 7, 429, 2048 }, { 7, 430, 2048 }, { 8, 431, 2048 }, 
+   { 5, 432, 2048 }, { 6, 433, 2048 }, { 6, 434, 2048 }, { 7, 435, 2048 }, { 6, 436, 2048 }, { 7, 437, 2048 }, { 7, 438, 2048 }, { 8, 439, 2048 }, 
+   { 6, 440, 2048 }, { 7, 441, 2048 }, { 7, 442, 2048 }, { 8, 443, 2048 }, { 7, 444, 2048 }, { 8, 445, 2048 }, { 8, 446, 2048 }, { 9, 447, 2048 }, 
+   { 4, 448, 2048 }, { 5, 449, 2048 }, { 5, 450, 2048 }, { 6, 451, 2048 }, { 5, 452, 2048 }, { 6, 453, 2048 }, { 6, 454, 2048 }, { 7, 455, 2048 }, 
+   { 5, 456, 2048 }, { 6, 457, 2048 }, { 6, 458, 2048 }, { 7, 459, 2048 }, { 6, 460, 2048 }, { 7, 461, 2048 }, { 7, 462, 2048 }, { 8, 463, 2048 }, 
+   { 5, 464, 2048 }, { 6, 465, 2048 }, { 6, 466, 2048 }, { 7, 467, 2048 }, { 6, 468, 2048 }, { 7, 469, 2048 }, { 7, 470, 2048 }, { 8, 471, 2048 }, 
+   { 6, 472, 2048 }, { 7, 473, 2048 }, { 7, 474, 2048 }, { 8, 475, 2048 }, { 7, 476, 2048 }, { 8, 477, 2048 }, { 8, 478, 2048 }, { 9, 479, 2048 }, 
+   { 5, 480, 2048 }, { 6, 481, 2048 }, { 6, 482, 2048 }, { 7, 483, 2048 }, { 6, 484, 2048 }, { 7, 485, 2048 }, { 7, 486, 2048 }, { 8, 487, 2048 }, 
+   { 6, 488, 2048 }, { 7, 489, 2048 }, { 7, 490, 2048 }, { 8, 491, 2048 }, { 7, 492, 2048 }, { 8, 493, 2048 }, { 8, 494, 2048 }, { 9, 495, 2048 }, 
+   { 6, 496, 2048 }, { 7, 497, 2048 }, { 7, 498, 2048 }, { 8, 499, 2048 }, { 7, 500, 2048 }, { 8, 501, 2048 }, { 8, 502, 2048 }, { 9, 503, 2048 }, 
+   { 7, 504, 2048 }, { 8, 505, 2048 }, { 8, 506, 2048 }, { 9, 507, 2048 }, { 8, 508, 2048 }, { 9, 509, 2048 }, { 9, 510, 2048 }, { 10, 511, 2048 }, 
+   { 2, 512, 2048 }, { 3, 513, 2048 }, { 3, 514, 2048 }, { 4, 515, 2048 }, { 3, 516, 2048 }, { 4, 517, 2048 }, { 4, 518, 2048 }, { 5, 519, 2048 }, 
+   { 3, 520, 2048 }, { 4, 521, 2048 }, { 4, 522, 2048 }, { 5, 523, 2048 }, { 4, 524, 2048 }, { 5, 525, 2048 }, { 5, 526, 2048 }, { 6, 527, 2048 }, 
+   { 3, 528, 2048 }, { 4, 529, 2048 }, { 4, 530, 2048 }, { 5, 531, 2048 }, { 4, 532, 2048 }, { 5, 533, 2048 }, { 5, 534, 2048 }, { 6, 535, 2048 }, 
+   { 4, 536, 2048 }, { 5, 537, 2048 }, { 5, 538, 2048 }, { 6, 539, 2048 }, { 5, 540, 2048 }, { 6, 541, 2048 }, { 6, 542, 2048 }, { 7, 543, 2048 }, 
+   { 3, 544, 2048 }, { 4, 545, 2048 }, { 4, 546, 2048 }, { 5, 547, 2048 }, { 4, 548, 2048 }, { 5, 549, 2048 }, { 5, 550, 2048 }, { 6, 551, 2048 }, 
+   { 4, 552, 2048 }, { 5, 553, 2048 }, { 5, 554, 2048 }, { 6, 555, 2048 }, { 5, 556, 2048 }, { 6, 557, 2048 }, { 6, 558, 2048 }, { 7, 559, 2048 }, 
+   { 4, 560, 2048 }, { 5, 561, 2048 }, { 5, 562, 2048 }, { 6, 563, 2048 }, { 5, 564, 2048 }, { 6, 565, 2048 }, { 6, 566, 2048 }, { 7, 567, 2048 }, 
+   { 5, 568, 2048 }, { 6, 569, 2048 }, { 6, 570, 2048 }, { 7, 571, 2048 }, { 6, 572, 2048 }, { 7, 573, 2048 }, { 7, 574, 2048 }, { 8, 575, 2048 }, 
+   { 3, 576, 2048 }, { 4, 577, 2048 }, { 4, 578, 2048 }, { 5, 579, 2048 }, { 4, 580, 2048 }, { 5, 581, 2048 }, { 5, 582, 2048 }, { 6, 583, 2048 }, 
+   { 4, 584, 2048 }, { 5, 585, 2048 }, { 5, 586, 2048 }, { 6, 587, 2048 }, { 5, 588, 2048 }, { 6, 589, 2048 }, { 6, 590, 2048 }, { 7, 591, 2048 }, 
+   { 4, 592, 2048 }, { 5, 593, 2048 }, { 5, 594, 2048 }, { 6, 595, 2048 }, { 5, 596, 2048 }, { 6, 597, 2048 }, { 6, 598, 2048 }, { 7, 599, 2048 }, 
+   { 5, 600, 2048 }, { 6, 601, 2048 }, { 6, 602, 2048 }, { 7, 603, 2048 }, { 6, 604, 2048 }, { 7, 605, 2048 }, { 7, 606, 2048 }, { 8, 607, 2048 }, 
+   { 4, 608, 2048 }, { 5, 609, 2048 }, { 5, 610, 2048 }, { 6, 611, 2048 }, { 5, 612, 2048 }, { 6, 613, 2048 }, { 6, 614, 2048 }, { 7, 615, 2048 }, 
+   { 5, 616, 2048 }, { 6, 617, 2048 }, { 6, 618, 2048 }, { 7, 619, 2048 }, { 6, 620, 2048 }, { 7, 621, 2048 }, { 7, 622, 2048 }, { 8, 623, 2048 }, 
+   { 5, 624, 2048 }, { 6, 625, 2048 }, { 6, 626, 2048 }, { 7, 627, 2048 }, { 6, 628, 2048 }, { 7, 629, 2048 }, { 7, 630, 2048 }, { 8, 631, 2048 }, 
+   { 6, 632, 2048 }, { 7, 633, 2048 }, { 7, 634, 2048 }, { 8, 635, 2048 }, { 7, 636, 2048 }, { 8, 637, 2048 }, { 8, 638, 2048 }, { 9, 639, 2048 }, 
+   { 3, 640, 2048 }, { 4, 641, 2048 }, { 4, 642, 2048 }, { 5, 643, 2048 }, { 4, 644, 2048 }, { 5, 645, 2048 }, { 5, 646, 2048 }, { 6, 647, 2048 }, 
+   { 4, 648, 2048 }, { 5, 649, 2048 }, { 5, 650, 2048 }, { 6, 651, 2048 }, { 5, 652, 2048 }, { 6, 653, 2048 }, { 6, 654, 2048 }, { 7, 655, 2048 }, 
+   { 4, 656, 2048 }, { 5, 657, 2048 }, { 5, 658, 2048 }, { 6, 659, 2048 }, { 5, 660, 2048 }, { 6, 661, 2048 }, { 6, 662, 2048 }, { 7, 663, 2048 }, 
+   { 5, 664, 2048 }, { 6, 665, 2048 }, { 6, 666, 2048 }, { 7, 667, 2048 }, { 6, 668, 2048 }, { 7, 669, 2048 }, { 7, 670, 2048 }, { 8, 671, 2048 }, 
+   { 4, 672, 2048 }, { 5, 673, 2048 }, { 5, 674, 2048 }, { 6, 675, 2048 }, { 5, 676, 2048 }, { 6, 677, 2048 }, { 6, 678, 2048 }, { 7, 679, 2048 }, 
+   { 5, 680, 2048 }, { 6, 681, 2048 }, { 6, 682, 2048 }, { 7, 683, 2048 }, { 6, 684, 2048 }, { 7, 685, 2048 }, { 7, 686, 2048 }, { 8, 687, 2048 }, 
+   { 5, 688, 2048 }, { 6, 689, 2048 }, { 6, 690, 2048 }, { 7, 691, 2048 }, { 6, 692, 2048 }, { 7, 693, 2048 }, { 7, 694, 2048 }, { 8, 695, 2048 }, 
+   { 6, 696, 2048 }, { 7, 697, 2048 }, { 7, 698, 2048 }, { 8, 699, 2048 }, { 7, 700, 2048 }, { 8, 701, 2048 }, { 8, 702, 2048 }, { 9, 703, 2048 }, 
+   { 4, 704, 2048 }, { 5, 705, 2048 }, { 5, 706, 2048 }, { 6, 707, 2048 }, { 5, 708, 2048 }, { 6, 709, 2048 }, { 6, 710, 2048 }, { 7, 711, 2048 }, 
+   { 5, 712, 2048 }, { 6, 713, 2048 }, { 6, 714, 2048 }, { 7, 715, 2048 }, { 6, 716, 2048 }, { 7, 717, 2048 }, { 7, 718, 2048 }, { 8, 719, 2048 }, 
+   { 5, 720, 2048 }, { 6, 721, 2048 }, { 6, 722, 2048 }, { 7, 723, 2048 }, { 6, 724, 2048 }, { 7, 725, 2048 }, { 7, 726, 2048 }, { 8, 727, 2048 }, 
+   { 6, 728, 2048 }, { 7, 729, 2048 }, { 7, 730, 2048 }, { 8, 731, 2048 }, { 7, 732, 2048 }, { 8, 733, 2048 }, { 8, 734, 2048 }, { 9, 735, 2048 }, 
+   { 5, 736, 2048 }, { 6, 737, 2048 }, { 6, 738, 2048 }, { 7, 739, 2048 }, { 6, 740, 2048 }, { 7, 741, 2048 }, { 7, 742, 2048 }, { 8, 743, 2048 }, 
+   { 6, 744, 2048 }, { 7, 745, 2048 }, { 7, 746, 2048 }, { 8, 747, 2048 }, { 7, 748, 2048 }, { 8, 749, 2048 }, { 8, 750, 2048 }, { 9, 751, 2048 }, 
+   { 6, 752, 2048 }, { 7, 753, 2048 }, { 7, 754, 2048 }, { 8, 755, 2048 }, { 7, 756, 2048 }, { 8, 757, 2048 }, { 8, 758, 2048 }, { 9, 759, 2048 }, 
+   { 7, 760, 2048 }, { 8, 761, 2048 }, { 8, 762, 2048 }, { 9, 763, 2048 }, { 8, 764, 2048 }, { 9, 765, 2048 }, { 9, 766, 2048 }, { 10, 767, 2048 }, 
+   { 3, 768, 2048 }, { 4, 769, 2048 }, { 4, 770, 2048 }, { 5, 771, 2048 }, { 4, 772, 2048 }, { 5, 773, 2048 }, { 5, 774, 2048 }, { 6, 775, 2048 }, 
+   { 4, 776, 2048 }, { 5, 777, 2048 }, { 5, 778, 2048 }, { 6, 779, 2048 }, { 5, 780, 2048 }, { 6, 781, 2048 }, { 6, 782, 2048 }, { 7, 783, 2048 }, 
+   { 4, 784, 2048 }, { 5, 785, 2048 }, { 5, 786, 2048 }, { 6, 787, 2048 }, { 5, 788, 2048 }, { 6, 789, 2048 }, { 6, 790, 2048 }, { 7, 791, 2048 }, 
+   { 5, 792, 2048 }, { 6, 793, 2048 }, { 6, 794, 2048 }, { 7, 795, 2048 }, { 6, 796, 2048 }, { 7, 797, 2048 }, { 7, 798, 2048 }, { 8, 799, 2048 }, 
+   { 4, 800, 2048 }, { 5, 801, 2048 }, { 5, 802, 2048 }, { 6, 803, 2048 }, { 5, 804, 2048 }, { 6, 805, 2048 }, { 6, 806, 2048 }, { 7, 807, 2048 }, 
+   { 5, 808, 2048 }, { 6, 809, 2048 }, { 6, 810, 2048 }, { 7, 811, 2048 }, { 6, 812, 2048 }, { 7, 813, 2048 }, { 7, 814, 2048 }, { 8, 815, 2048 }, 
+   { 5, 816, 2048 }, { 6, 817, 2048 }, { 6, 818, 2048 }, { 7, 819, 2048 }, { 6, 820, 2048 }, { 7, 821, 2048 }, { 7, 822, 2048 }, { 8, 823, 2048 }, 
+   { 6, 824, 2048 }, { 7, 825, 2048 }, { 7, 826, 2048 }, { 8, 827, 2048 }, { 7, 828, 2048 }, { 8, 829, 2048 }, { 8, 830, 2048 }, { 9, 831, 2048 }, 
+   { 4, 832, 2048 }, { 5, 833, 2048 }, { 5, 834, 2048 }, { 6, 835, 2048 }, { 5, 836, 2048 }, { 6, 837, 2048 }, { 6, 838, 2048 }, { 7, 839, 2048 }, 
+   { 5, 840, 2048 }, { 6, 841, 2048 }, { 6, 842, 2048 }, { 7, 843, 2048 }, { 6, 844, 2048 }, { 7, 845, 2048 }, { 7, 846, 2048 }, { 8, 847, 2048 }, 
+   { 5, 848, 2048 }, { 6, 849, 2048 }, { 6, 850, 2048 }, { 7, 851, 2048 }, { 6, 852, 2048 }, { 7, 853, 2048 }, { 7, 854, 2048 }, { 8, 855, 2048 }, 
+   { 6, 856, 2048 }, { 7, 857, 2048 }, { 7, 858, 2048 }, { 8, 859, 2048 }, { 7, 860, 2048 }, { 8, 861, 2048 }, { 8, 862, 2048 }, { 9, 863, 2048 }, 
+   { 5, 864, 2048 }, { 6, 865, 2048 }, { 6, 866, 2048 }, { 7, 867, 2048 }, { 6, 868, 2048 }, { 7, 869, 2048 }, { 7, 870, 2048 }, { 8, 871, 2048 }, 
+   { 6, 872, 2048 }, { 7, 873, 2048 }, { 7, 874, 2048 }, { 8, 875, 2048 }, { 7, 876, 2048 }, { 8, 877, 2048 }, { 8, 878, 2048 }, { 9, 879, 2048 }, 
+   { 6, 880, 2048 }, { 7, 881, 2048 }, { 7, 882, 2048 }, { 8, 883, 2048 }, { 7, 884, 2048 }, { 8, 885, 2048 }, { 8, 886, 2048 }, { 9, 887, 2048 }, 
+   { 7, 888, 2048 }, { 8, 889, 2048 }, { 8, 890, 2048 }, { 9, 891, 2048 }, { 8, 892, 2048 }, { 9, 893, 2048 }, { 9, 894, 2048 }, { 10, 895, 2048 }, 
+   { 4, 896, 2048 }, { 5, 897, 2048 }, { 5, 898, 2048 }, { 6, 899, 2048 }, { 5, 900, 2048 }, { 6, 901, 2048 }, { 6, 902, 2048 }, { 7, 903, 2048 }, 
+   { 5, 904, 2048 }, { 6, 905, 2048 }, { 6, 906, 2048 }, { 7, 907, 2048 }, { 6, 908, 2048 }, { 7, 909, 2048 }, { 7, 910, 2048 }, { 8, 911, 2048 }, 
+   { 5, 912, 2048 }, { 6, 913, 2048 }, { 6, 914, 2048 }, { 7, 915, 2048 }, { 6, 916, 2048 }, { 7, 917, 2048 }, { 7, 918, 2048 }, { 8, 919, 2048 }, 
+   { 6, 920, 2048 }, { 7, 921, 2048 }, { 7, 922, 2048 }, { 8, 923, 2048 }, { 7, 924, 2048 }, { 8, 925, 2048 }, { 8, 926, 2048 }, { 9, 927, 2048 }, 
+   { 5, 928, 2048 }, { 6, 929, 2048 }, { 6, 930, 2048 }, { 7, 931, 2048 }, { 6, 932, 2048 }, { 7, 933, 2048 }, { 7, 934, 2048 }, { 8, 935, 2048 }, 
+   { 6, 936, 2048 }, { 7, 937, 2048 }, { 7, 938, 2048 }, { 8, 939, 2048 }, { 7, 940, 2048 }, { 8, 941, 2048 }, { 8, 942, 2048 }, { 9, 943, 2048 }, 
+   { 6, 944, 2048 }, { 7, 945, 2048 }, { 7, 946, 2048 }, { 8, 947, 2048 }, { 7, 948, 2048 }, { 8, 949, 2048 }, { 8, 950, 2048 }, { 9, 951, 2048 }, 
+   { 7, 952, 2048 }, { 8, 953, 2048 }, { 8, 954, 2048 }, { 9, 955, 2048 }, { 8, 956, 2048 }, { 9, 957, 2048 }, { 9, 958, 2048 }, { 10, 959, 2048 }, 
+   { 5, 960, 2048 }, { 6, 961, 2048 }, { 6, 962, 2048 }, { 7, 963, 2048 }, { 6, 964, 2048 }, { 7, 965, 2048 }, { 7, 966, 2048 }, { 8, 967, 2048 }, 
+   { 6, 968, 2048 }, { 7, 969, 2048 }, { 7, 970, 2048 }, { 8, 971, 2048 }, { 7, 972, 2048 }, { 8, 973, 2048 }, { 8, 974, 2048 }, { 9, 975, 2048 }, 
+   { 6, 976, 2048 }, { 7, 977, 2048 }, { 7, 978, 2048 }, { 8, 979, 2048 }, { 7, 980, 2048 }, { 8, 981, 2048 }, { 8, 982, 2048 }, { 9, 983, 2048 }, 
+   { 7, 984, 2048 }, { 8, 985, 2048 }, { 8, 986, 2048 }, { 9, 987, 2048 }, { 8, 988, 2048 }, { 9, 989, 2048 }, { 9, 990, 2048 }, { 10, 991, 2048 }, 
+   { 6, 992, 2048 }, { 7, 993, 2048 }, { 7, 994, 2048 }, { 8, 995, 2048 }, { 7, 996, 2048 }, { 8, 997, 2048 }, { 8, 998, 2048 }, { 9, 999, 2048 }, 
+   { 7, 1000, 2048 }, { 8, 1001, 2048 }, { 8, 1002, 2048 }, { 9, 1003, 2048 }, { 8, 1004, 2048 }, { 9, 1005, 2048 }, { 9, 1006, 2048 }, { 10, 1007, 2048 }, 
+   { 7, 1008, 2048 }, { 8, 1009, 2048 }, { 8, 1010, 2048 }, { 9, 1011, 2048 }, { 8, 1012, 2048 }, { 9, 1013, 2048 }, { 9, 1014, 2048 }, { 10, 1015, 2048 }, 
+   { 8, 1016, 2048 }, { 9, 1017, 2048 }, { 9, 1018, 2048 }, { 10, 1019, 2048 }, { 9, 1020, 2048 }, { 10, 1021, 2048 }, { 10, 1022, 2048 }, { 11, 1023, 2048 }, 
+   { 2, 1024, 2048 }, { 3, 1025, 2048 }, { 3, 1026, 2048 }, { 4, 1027, 2048 }, { 3, 1028, 2048 }, { 4, 1029, 2048 }, { 4, 1030, 2048 }, { 5, 1031, 2048 }, 
+   { 3, 1032, 2048 }, { 4, 1033, 2048 }, { 4, 1034, 2048 }, { 5, 1035, 2048 }, { 4, 1036, 2048 }, { 5, 1037, 2048 }, { 5, 1038, 2048 }, { 6, 1039, 2048 }, 
+   { 3, 1040, 2048 }, { 4, 1041, 2048 }, { 4, 1042, 2048 }, { 5, 1043, 2048 }, { 4, 1044, 2048 }, { 5, 1045, 2048 }, { 5, 1046, 2048 }, { 6, 1047, 2048 }, 
+   { 4, 1048, 2048 }, { 5, 1049, 2048 }, { 5, 1050, 2048 }, { 6, 1051, 2048 }, { 5, 1052, 2048 }, { 6, 1053, 2048 }, { 6, 1054, 2048 }, { 7, 1055, 2048 }, 
+   { 3, 1056, 2048 }, { 4, 1057, 2048 }, { 4, 1058, 2048 }, { 5, 1059, 2048 }, { 4, 1060, 2048 }, { 5, 1061, 2048 }, { 5, 1062, 2048 }, { 6, 1063, 2048 }, 
+   { 4, 1064, 2048 }, { 5, 1065, 2048 }, { 5, 1066, 2048 }, { 6, 1067, 2048 }, { 5, 1068, 2048 }, { 6, 1069, 2048 }, { 6, 1070, 2048 }, { 7, 1071, 2048 }, 
+   { 4, 1072, 2048 }, { 5, 1073, 2048 }, { 5, 1074, 2048 }, { 6, 1075, 2048 }, { 5, 1076, 2048 }, { 6, 1077, 2048 }, { 6, 1078, 2048 }, { 7, 1079, 2048 }, 
+   { 5, 1080, 2048 }, { 6, 1081, 2048 }, { 6, 1082, 2048 }, { 7, 1083, 2048 }, { 6, 1084, 2048 }, { 7, 1085, 2048 }, { 7, 1086, 2048 }, { 8, 1087, 2048 }, 
+   { 3, 1088, 2048 }, { 4, 1089, 2048 }, { 4, 1090, 2048 }, { 5, 1091, 2048 }, { 4, 1092, 2048 }, { 5, 1093, 2048 }, { 5, 1094, 2048 }, { 6, 1095, 2048 }, 
+   { 4, 1096, 2048 }, { 5, 1097, 2048 }, { 5, 1098, 2048 }, { 6, 1099, 2048 }, { 5, 1100, 2048 }, { 6, 1101, 2048 }, { 6, 1102, 2048 }, { 7, 1103, 2048 }, 
+   { 4, 1104, 2048 }, { 5, 1105, 2048 }, { 5, 1106, 2048 }, { 6, 1107, 2048 }, { 5, 1108, 2048 }, { 6, 1109, 2048 }, { 6, 1110, 2048 }, { 7, 1111, 2048 }, 
+   { 5, 1112, 2048 }, { 6, 1113, 2048 }, { 6, 1114, 2048 }, { 7, 1115, 2048 }, { 6, 1116, 2048 }, { 7, 1117, 2048 }, { 7, 1118, 2048 }, { 8, 1119, 2048 }, 
+   { 4, 1120, 2048 }, { 5, 1121, 2048 }, { 5, 1122, 2048 }, { 6, 1123, 2048 }, { 5, 1124, 2048 }, { 6, 1125, 2048 }, { 6, 1126, 2048 }, { 7, 1127, 2048 }, 
+   { 5, 1128, 2048 }, { 6, 1129, 2048 }, { 6, 1130, 2048 }, { 7, 1131, 2048 }, { 6, 1132, 2048 }, { 7, 1133, 2048 }, { 7, 1134, 2048 }, { 8, 1135, 2048 }, 
+   { 5, 1136, 2048 }, { 6, 1137, 2048 }, { 6, 1138, 2048 }, { 7, 1139, 2048 }, { 6, 1140, 2048 }, { 7, 1141, 2048 }, { 7, 1142, 2048 }, { 8, 1143, 2048 }, 
+   { 6, 1144, 2048 }, { 7, 1145, 2048 }, { 7, 1146, 2048 }, { 8, 1147, 2048 }, { 7, 1148, 2048 }, { 8, 1149, 2048 }, { 8, 1150, 2048 }, { 9, 1151, 2048 }, 
+   { 3, 1152, 2048 }, { 4, 1153, 2048 }, { 4, 1154, 2048 }, { 5, 1155, 2048 }, { 4, 1156, 2048 }, { 5, 1157, 2048 }, { 5, 1158, 2048 }, { 6, 1159, 2048 }, 
+   { 4, 1160, 2048 }, { 5, 1161, 2048 }, { 5, 1162, 2048 }, { 6, 1163, 2048 }, { 5, 1164, 2048 }, { 6, 1165, 2048 }, { 6, 1166, 2048 }, { 7, 1167, 2048 }, 
+   { 4, 1168, 2048 }, { 5, 1169, 2048 }, { 5, 1170, 2048 }, { 6, 1171, 2048 }, { 5, 1172, 2048 }, { 6, 1173, 2048 }, { 6, 1174, 2048 }, { 7, 1175, 2048 }, 
+   { 5, 1176, 2048 }, { 6, 1177, 2048 }, { 6, 1178, 2048 }, { 7, 1179, 2048 }, { 6, 1180, 2048 }, { 7, 1181, 2048 }, { 7, 1182, 2048 }, { 8, 1183, 2048 }, 
+   { 4, 1184, 2048 }, { 5, 1185, 2048 }, { 5, 1186, 2048 }, { 6, 1187, 2048 }, { 5, 1188, 2048 }, { 6, 1189, 2048 }, { 6, 1190, 2048 }, { 7, 1191, 2048 }, 
+   { 5, 1192, 2048 }, { 6, 1193, 2048 }, { 6, 1194, 2048 }, { 7, 1195, 2048 }, { 6, 1196, 2048 }, { 7, 1197, 2048 }, { 7, 1198, 2048 }, { 8, 1199, 2048 }, 
+   { 5, 1200, 2048 }, { 6, 1201, 2048 }, { 6, 1202, 2048 }, { 7, 1203, 2048 }, { 6, 1204, 2048 }, { 7, 1205, 2048 }, { 7, 1206, 2048 }, { 8, 1207, 2048 }, 
+   { 6, 1208, 2048 }, { 7, 1209, 2048 }, { 7, 1210, 2048 }, { 8, 1211, 2048 }, { 7, 1212, 2048 }, { 8, 1213, 2048 }, { 8, 1214, 2048 }, { 9, 1215, 2048 }, 
+   { 4, 1216, 2048 }, { 5, 1217, 2048 }, { 5, 1218, 2048 }, { 6, 1219, 2048 }, { 5, 1220, 2048 }, { 6, 1221, 2048 }, { 6, 1222, 2048 }, { 7, 1223, 2048 }, 
+   { 5, 1224, 2048 }, { 6, 1225, 2048 }, { 6, 1226, 2048 }, { 7, 1227, 2048 }, { 6, 1228, 2048 }, { 7, 1229, 2048 }, { 7, 1230, 2048 }, { 8, 1231, 2048 }, 
+   { 5, 1232, 2048 }, { 6, 1233, 2048 }, { 6, 1234, 2048 }, { 7, 1235, 2048 }, { 6, 1236, 2048 }, { 7, 1237, 2048 }, { 7, 1238, 2048 }, { 8, 1239, 2048 }, 
+   { 6, 1240, 2048 }, { 7, 1241, 2048 }, { 7, 1242, 2048 }, { 8, 1243, 2048 }, { 7, 1244, 2048 }, { 8, 1245, 2048 }, { 8, 1246, 2048 }, { 9, 1247, 2048 }, 
+   { 5, 1248, 2048 }, { 6, 1249, 2048 }, { 6, 1250, 2048 }, { 7, 1251, 2048 }, { 6, 1252, 2048 }, { 7, 1253, 2048 }, { 7, 1254, 2048 }, { 8, 1255, 2048 }, 
+   { 6, 1256, 2048 }, { 7, 1257, 2048 }, { 7, 1258, 2048 }, { 8, 1259, 2048 }, { 7, 1260, 2048 }, { 8, 1261, 2048 }, { 8, 1262, 2048 }, { 9, 1263, 2048 }, 
+   { 6, 1264, 2048 }, { 7, 1265, 2048 }, { 7, 1266, 2048 }, { 8, 1267, 2048 }, { 7, 1268, 2048 }, { 8, 1269, 2048 }, { 8, 1270, 2048 }, { 9, 1271, 2048 }, 
+   { 7, 1272, 2048 }, { 8, 1273, 2048 }, { 8, 1274, 2048 }, { 9, 1275, 2048 }, { 8, 1276, 2048 }, { 9, 1277, 2048 }, { 9, 1278, 2048 }, { 10, 1279, 2048 }, 
+   { 3, 1280, 2048 }, { 4, 1281, 2048 }, { 4, 1282, 2048 }, { 5, 1283, 2048 }, { 4, 1284, 2048 }, { 5, 1285, 2048 }, { 5, 1286, 2048 }, { 6, 1287, 2048 }, 
+   { 4, 1288, 2048 }, { 5, 1289, 2048 }, { 5, 1290, 2048 }, { 6, 1291, 2048 }, { 5, 1292, 2048 }, { 6, 1293, 2048 }, { 6, 1294, 2048 }, { 7, 1295, 2048 }, 
+   { 4, 1296, 2048 }, { 5, 1297, 2048 }, { 5, 1298, 2048 }, { 6, 1299, 2048 }, { 5, 1300, 2048 }, { 6, 1301, 2048 }, { 6, 1302, 2048 }, { 7, 1303, 2048 }, 
+   { 5, 1304, 2048 }, { 6, 1305, 2048 }, { 6, 1306, 2048 }, { 7, 1307, 2048 }, { 6, 1308, 2048 }, { 7, 1309, 2048 }, { 7, 1310, 2048 }, { 8, 1311, 2048 }, 
+   { 4, 1312, 2048 }, { 5, 1313, 2048 }, { 5, 1314, 2048 }, { 6, 1315, 2048 }, { 5, 1316, 2048 }, { 6, 1317, 2048 }, { 6, 1318, 2048 }, { 7, 1319, 2048 }, 
+   { 5, 1320, 2048 }, { 6, 1321, 2048 }, { 6, 1322, 2048 }, { 7, 1323, 2048 }, { 6, 1324, 2048 }, { 7, 1325, 2048 }, { 7, 1326, 2048 }, { 8, 1327, 2048 }, 
+   { 5, 1328, 2048 }, { 6, 1329, 2048 }, { 6, 1330, 2048 }, { 7, 1331, 2048 }, { 6, 1332, 2048 }, { 7, 1333, 2048 }, { 7, 1334, 2048 }, { 8, 1335, 2048 }, 
+   { 6, 1336, 2048 }, { 7, 1337, 2048 }, { 7, 1338, 2048 }, { 8, 1339, 2048 }, { 7, 1340, 2048 }, { 8, 1341, 2048 }, { 8, 1342, 2048 }, { 9, 1343, 2048 }, 
+   { 4, 1344, 2048 }, { 5, 1345, 2048 }, { 5, 1346, 2048 }, { 6, 1347, 2048 }, { 5, 1348, 2048 }, { 6, 1349, 2048 }, { 6, 1350, 2048 }, { 7, 1351, 2048 }, 
+   { 5, 1352, 2048 }, { 6, 1353, 2048 }, { 6, 1354, 2048 }, { 7, 1355, 2048 }, { 6, 1356, 2048 }, { 7, 1357, 2048 }, { 7, 1358, 2048 }, { 8, 1359, 2048 }, 
+   { 5, 1360, 2048 }, { 6, 1361, 2048 }, { 6, 1362, 2048 }, { 7, 1363, 2048 }, { 6, 1364, 2048 }, { 7, 1365, 2048 }, { 7, 1366, 2048 }, { 8, 1367, 2048 }, 
+   { 6, 1368, 2048 }, { 7, 1369, 2048 }, { 7, 1370, 2048 }, { 8, 1371, 2048 }, { 7, 1372, 2048 }, { 8, 1373, 2048 }, { 8, 1374, 2048 }, { 9, 1375, 2048 }, 
+   { 5, 1376, 2048 }, { 6, 1377, 2048 }, { 6, 1378, 2048 }, { 7, 1379, 2048 }, { 6, 1380, 2048 }, { 7, 1381, 2048 }, { 7, 1382, 2048 }, { 8, 1383, 2048 }, 
+   { 6, 1384, 2048 }, { 7, 1385, 2048 }, { 7, 1386, 2048 }, { 8, 1387, 2048 }, { 7, 1388, 2048 }, { 8, 1389, 2048 }, { 8, 1390, 2048 }, { 9, 1391, 2048 }, 
+   { 6, 1392, 2048 }, { 7, 1393, 2048 }, { 7, 1394, 2048 }, { 8, 1395, 2048 }, { 7, 1396, 2048 }, { 8, 1397, 2048 }, { 8, 1398, 2048 }, { 9, 1399, 2048 }, 
+   { 7, 1400, 2048 }, { 8, 1401, 2048 }, { 8, 1402, 2048 }, { 9, 1403, 2048 }, { 8, 1404, 2048 }, { 9, 1405, 2048 }, { 9, 1406, 2048 }, { 10, 1407, 2048 }, 
+   { 4, 1408, 2048 }, { 5, 1409, 2048 }, { 5, 1410, 2048 }, { 6, 1411, 2048 }, { 5, 1412, 2048 }, { 6, 1413, 2048 }, { 6, 1414, 2048 }, { 7, 1415, 2048 }, 
+   { 5, 1416, 2048 }, { 6, 1417, 2048 }, { 6, 1418, 2048 }, { 7, 1419, 2048 }, { 6, 1420, 2048 }, { 7, 1421, 2048 }, { 7, 1422, 2048 }, { 8, 1423, 2048 }, 
+   { 5, 1424, 2048 }, { 6, 1425, 2048 }, { 6, 1426, 2048 }, { 7, 1427, 2048 }, { 6, 1428, 2048 }, { 7, 1429, 2048 }, { 7, 1430, 2048 }, { 8, 1431, 2048 }, 
+   { 6, 1432, 2048 }, { 7, 1433, 2048 }, { 7, 1434, 2048 }, { 8, 1435, 2048 }, { 7, 1436, 2048 }, { 8, 1437, 2048 }, { 8, 1438, 2048 }, { 9, 1439, 2048 }, 
+   { 5, 1440, 2048 }, { 6, 1441, 2048 }, { 6, 1442, 2048 }, { 7, 1443, 2048 }, { 6, 1444, 2048 }, { 7, 1445, 2048 }, { 7, 1446, 2048 }, { 8, 1447, 2048 }, 
+   { 6, 1448, 2048 }, { 7, 1449, 2048 }, { 7, 1450, 2048 }, { 8, 1451, 2048 }, { 7, 1452, 2048 }, { 8, 1453, 2048 }, { 8, 1454, 2048 }, { 9, 1455, 2048 }, 
+   { 6, 1456, 2048 }, { 7, 1457, 2048 }, { 7, 1458, 2048 }, { 8, 1459, 2048 }, { 7, 1460, 2048 }, { 8, 1461, 2048 }, { 8, 1462, 2048 }, { 9, 1463, 2048 }, 
+   { 7, 1464, 2048 }, { 8, 1465, 2048 }, { 8, 1466, 2048 }, { 9, 1467, 2048 }, { 8, 1468, 2048 }, { 9, 1469, 2048 }, { 9, 1470, 2048 }, { 10, 1471, 2048 }, 
+   { 5, 1472, 2048 }, { 6, 1473, 2048 }, { 6, 1474, 2048 }, { 7, 1475, 2048 }, { 6, 1476, 2048 }, { 7, 1477, 2048 }, { 7, 1478, 2048 }, { 8, 1479, 2048 }, 
+   { 6, 1480, 2048 }, { 7, 1481, 2048 }, { 7, 1482, 2048 }, { 8, 1483, 2048 }, { 7, 1484, 2048 }, { 8, 1485, 2048 }, { 8, 1486, 2048 }, { 9, 1487, 2048 }, 
+   { 6, 1488, 2048 }, { 7, 1489, 2048 }, { 7, 1490, 2048 }, { 8, 1491, 2048 }, { 7, 1492, 2048 }, { 8, 1493, 2048 }, { 8, 1494, 2048 }, { 9, 1495, 2048 }, 
+   { 7, 1496, 2048 }, { 8, 1497, 2048 }, { 8, 1498, 2048 }, { 9, 1499, 2048 }, { 8, 1500, 2048 }, { 9, 1501, 2048 }, { 9, 1502, 2048 }, { 10, 1503, 2048 }, 
+   { 6, 1504, 2048 }, { 7, 1505, 2048 }, { 7, 1506, 2048 }, { 8, 1507, 2048 }, { 7, 1508, 2048 }, { 8, 1509, 2048 }, { 8, 1510, 2048 }, { 9, 1511, 2048 }, 
+   { 7, 1512, 2048 }, { 8, 1513, 2048 }, { 8, 1514, 2048 }, { 9, 1515, 2048 }, { 8, 1516, 2048 }, { 9, 1517, 2048 }, { 9, 1518, 2048 }, { 10, 1519, 2048 }, 
+   { 7, 1520, 2048 }, { 8, 1521, 2048 }, { 8, 1522, 2048 }, { 9, 1523, 2048 }, { 8, 1524, 2048 }, { 9, 1525, 2048 }, { 9, 1526, 2048 }, { 10, 1527, 2048 }, 
+   { 8, 1528, 2048 }, { 9, 1529, 2048 }, { 9, 1530, 2048 }, { 10, 1531, 2048 }, { 9, 1532, 2048 }, { 10, 1533, 2048 }, { 10, 1534, 2048 }, { 11, 1535, 2048 }, 
+   { 3, 1536, 2048 }, { 4, 1537, 2048 }, { 4, 1538, 2048 }, { 5, 1539, 2048 }, { 4, 1540, 2048 }, { 5, 1541, 2048 }, { 5, 1542, 2048 }, { 6, 1543, 2048 }, 
+   { 4, 1544, 2048 }, { 5, 1545, 2048 }, { 5, 1546, 2048 }, { 6, 1547, 2048 }, { 5, 1548, 2048 }, { 6, 1549, 2048 }, { 6, 1550, 2048 }, { 7, 1551, 2048 }, 
+   { 4, 1552, 2048 }, { 5, 1553, 2048 }, { 5, 1554, 2048 }, { 6, 1555, 2048 }, { 5, 1556, 2048 }, { 6, 1557, 2048 }, { 6, 1558, 2048 }, { 7, 1559, 2048 }, 
+   { 5, 1560, 2048 }, { 6, 1561, 2048 }, { 6, 1562, 2048 }, { 7, 1563, 2048 }, { 6, 1564, 2048 }, { 7, 1565, 2048 }, { 7, 1566, 2048 }, { 8, 1567, 2048 }, 
+   { 4, 1568, 2048 }, { 5, 1569, 2048 }, { 5, 1570, 2048 }, { 6, 1571, 2048 }, { 5, 1572, 2048 }, { 6, 1573, 2048 }, { 6, 1574, 2048 }, { 7, 1575, 2048 }, 
+   { 5, 1576, 2048 }, { 6, 1577, 2048 }, { 6, 1578, 2048 }, { 7, 1579, 2048 }, { 6, 1580, 2048 }, { 7, 1581, 2048 }, { 7, 1582, 2048 }, { 8, 1583, 2048 }, 
+   { 5, 1584, 2048 }, { 6, 1585, 2048 }, { 6, 1586, 2048 }, { 7, 1587, 2048 }, { 6, 1588, 2048 }, { 7, 1589, 2048 }, { 7, 1590, 2048 }, { 8, 1591, 2048 }, 
+   { 6, 1592, 2048 }, { 7, 1593, 2048 }, { 7, 1594, 2048 }, { 8, 1595, 2048 }, { 7, 1596, 2048 }, { 8, 1597, 2048 }, { 8, 1598, 2048 }, { 9, 1599, 2048 }, 
+   { 4, 1600, 2048 }, { 5, 1601, 2048 }, { 5, 1602, 2048 }, { 6, 1603, 2048 }, { 5, 1604, 2048 }, { 6, 1605, 2048 }, { 6, 1606, 2048 }, { 7, 1607, 2048 }, 
+   { 5, 1608, 2048 }, { 6, 1609, 2048 }, { 6, 1610, 2048 }, { 7, 1611, 2048 }, { 6, 1612, 2048 }, { 7, 1613, 2048 }, { 7, 1614, 2048 }, { 8, 1615, 2048 }, 
+   { 5, 1616, 2048 }, { 6, 1617, 2048 }, { 6, 1618, 2048 }, { 7, 1619, 2048 }, { 6, 1620, 2048 }, { 7, 1621, 2048 }, { 7, 1622, 2048 }, { 8, 1623, 2048 }, 
+   { 6, 1624, 2048 }, { 7, 1625, 2048 }, { 7, 1626, 2048 }, { 8, 1627, 2048 }, { 7, 1628, 2048 }, { 8, 1629, 2048 }, { 8, 1630, 2048 }, { 9, 1631, 2048 }, 
+   { 5, 1632, 2048 }, { 6, 1633, 2048 }, { 6, 1634, 2048 }, { 7, 1635, 2048 }, { 6, 1636, 2048 }, { 7, 1637, 2048 }, { 7, 1638, 2048 }, { 8, 1639, 2048 }, 
+   { 6, 1640, 2048 }, { 7, 1641, 2048 }, { 7, 1642, 2048 }, { 8, 1643, 2048 }, { 7, 1644, 2048 }, { 8, 1645, 2048 }, { 8, 1646, 2048 }, { 9, 1647, 2048 }, 
+   { 6, 1648, 2048 }, { 7, 1649, 2048 }, { 7, 1650, 2048 }, { 8, 1651, 2048 }, { 7, 1652, 2048 }, { 8, 1653, 2048 }, { 8, 1654, 2048 }, { 9, 1655, 2048 }, 
+   { 7, 1656, 2048 }, { 8, 1657, 2048 }, { 8, 1658, 2048 }, { 9, 1659, 2048 }, { 8, 1660, 2048 }, { 9, 1661, 2048 }, { 9, 1662, 2048 }, { 10, 1663, 2048 }, 
+   { 4, 1664, 2048 }, { 5, 1665, 2048 }, { 5, 1666, 2048 }, { 6, 1667, 2048 }, { 5, 1668, 2048 }, { 6, 1669, 2048 }, { 6, 1670, 2048 }, { 7, 1671, 2048 }, 
+   { 5, 1672, 2048 }, { 6, 1673, 2048 }, { 6, 1674, 2048 }, { 7, 1675, 2048 }, { 6, 1676, 2048 }, { 7, 1677, 2048 }, { 7, 1678, 2048 }, { 8, 1679, 2048 }, 
+   { 5, 1680, 2048 }, { 6, 1681, 2048 }, { 6, 1682, 2048 }, { 7, 1683, 2048 }, { 6, 1684, 2048 }, { 7, 1685, 2048 }, { 7, 1686, 2048 }, { 8, 1687, 2048 }, 
+   { 6, 1688, 2048 }, { 7, 1689, 2048 }, { 7, 1690, 2048 }, { 8, 1691, 2048 }, { 7, 1692, 2048 }, { 8, 1693, 2048 }, { 8, 1694, 2048 }, { 9, 1695, 2048 }, 
+   { 5, 1696, 2048 }, { 6, 1697, 2048 }, { 6, 1698, 2048 }, { 7, 1699, 2048 }, { 6, 1700, 2048 }, { 7, 1701, 2048 }, { 7, 1702, 2048 }, { 8, 1703, 2048 }, 
+   { 6, 1704, 2048 }, { 7, 1705, 2048 }, { 7, 1706, 2048 }, { 8, 1707, 2048 }, { 7, 1708, 2048 }, { 8, 1709, 2048 }, { 8, 1710, 2048 }, { 9, 1711, 2048 }, 
+   { 6, 1712, 2048 }, { 7, 1713, 2048 }, { 7, 1714, 2048 }, { 8, 1715, 2048 }, { 7, 1716, 2048 }, { 8, 1717, 2048 }, { 8, 1718, 2048 }, { 9, 1719, 2048 }, 
+   { 7, 1720, 2048 }, { 8, 1721, 2048 }, { 8, 1722, 2048 }, { 9, 1723, 2048 }, { 8, 1724, 2048 }, { 9, 1725, 2048 }, { 9, 1726, 2048 }, { 10, 1727, 2048 }, 
+   { 5, 1728, 2048 }, { 6, 1729, 2048 }, { 6, 1730, 2048 }, { 7, 1731, 2048 }, { 6, 1732, 2048 }, { 7, 1733, 2048 }, { 7, 1734, 2048 }, { 8, 1735, 2048 }, 
+   { 6, 1736, 2048 }, { 7, 1737, 2048 }, { 7, 1738, 2048 }, { 8, 1739, 2048 }, { 7, 1740, 2048 }, { 8, 1741, 2048 }, { 8, 1742, 2048 }, { 9, 1743, 2048 }, 
+   { 6, 1744, 2048 }, { 7, 1745, 2048 }, { 7, 1746, 2048 }, { 8, 1747, 2048 }, { 7, 1748, 2048 }, { 8, 1749, 2048 }, { 8, 1750, 2048 }, { 9, 1751, 2048 }, 
+   { 7, 1752, 2048 }, { 8, 1753, 2048 }, { 8, 1754, 2048 }, { 9, 1755, 2048 }, { 8, 1756, 2048 }, { 9, 1757, 2048 }, { 9, 1758, 2048 }, { 10, 1759, 2048 }, 
+   { 6, 1760, 2048 }, { 7, 1761, 2048 }, { 7, 1762, 2048 }, { 8, 1763, 2048 }, { 7, 1764, 2048 }, { 8, 1765, 2048 }, { 8, 1766, 2048 }, { 9, 1767, 2048 }, 
+   { 7, 1768, 2048 }, { 8, 1769, 2048 }, { 8, 1770, 2048 }, { 9, 1771, 2048 }, { 8, 1772, 2048 }, { 9, 1773, 2048 }, { 9, 1774, 2048 }, { 10, 1775, 2048 }, 
+   { 7, 1776, 2048 }, { 8, 1777, 2048 }, { 8, 1778, 2048 }, { 9, 1779, 2048 }, { 8, 1780, 2048 }, { 9, 1781, 2048 }, { 9, 1782, 2048 }, { 10, 1783, 2048 }, 
+   { 8, 1784, 2048 }, { 9, 1785, 2048 }, { 9, 1786, 2048 }, { 10, 1787, 2048 }, { 9, 1788, 2048 }, { 10, 1789, 2048 }, { 10, 1790, 2048 }, { 11, 1791, 2048 }, 
+   { 4, 1792, 2048 }, { 5, 1793, 2048 }, { 5, 1794, 2048 }, { 6, 1795, 2048 }, { 5, 1796, 2048 }, { 6, 1797, 2048 }, { 6, 1798, 2048 }, { 7, 1799, 2048 }, 
+   { 5, 1800, 2048 }, { 6, 1801, 2048 }, { 6, 1802, 2048 }, { 7, 1803, 2048 }, { 6, 1804, 2048 }, { 7, 1805, 2048 }, { 7, 1806, 2048 }, { 8, 1807, 2048 }, 
+   { 5, 1808, 2048 }, { 6, 1809, 2048 }, { 6, 1810, 2048 }, { 7, 1811, 2048 }, { 6, 1812, 2048 }, { 7, 1813, 2048 }, { 7, 1814, 2048 }, { 8, 1815, 2048 }, 
+   { 6, 1816, 2048 }, { 7, 1817, 2048 }, { 7, 1818, 2048 }, { 8, 1819, 2048 }, { 7, 1820, 2048 }, { 8, 1821, 2048 }, { 8, 1822, 2048 }, { 9, 1823, 2048 }, 
+   { 5, 1824, 2048 }, { 6, 1825, 2048 }, { 6, 1826, 2048 }, { 7, 1827, 2048 }, { 6, 1828, 2048 }, { 7, 1829, 2048 }, { 7, 1830, 2048 }, { 8, 1831, 2048 }, 
+   { 6, 1832, 2048 }, { 7, 1833, 2048 }, { 7, 1834, 2048 }, { 8, 1835, 2048 }, { 7, 1836, 2048 }, { 8, 1837, 2048 }, { 8, 1838, 2048 }, { 9, 1839, 2048 }, 
+   { 6, 1840, 2048 }, { 7, 1841, 2048 }, { 7, 1842, 2048 }, { 8, 1843, 2048 }, { 7, 1844, 2048 }, { 8, 1845, 2048 }, { 8, 1846, 2048 }, { 9, 1847, 2048 }, 
+   { 7, 1848, 2048 }, { 8, 1849, 2048 }, { 8, 1850, 2048 }, { 9, 1851, 2048 }, { 8, 1852, 2048 }, { 9, 1853, 2048 }, { 9, 1854, 2048 }, { 10, 1855, 2048 }, 
+   { 5, 1856, 2048 }, { 6, 1857, 2048 }, { 6, 1858, 2048 }, { 7, 1859, 2048 }, { 6, 1860, 2048 }, { 7, 1861, 2048 }, { 7, 1862, 2048 }, { 8, 1863, 2048 }, 
+   { 6, 1864, 2048 }, { 7, 1865, 2048 }, { 7, 1866, 2048 }, { 8, 1867, 2048 }, { 7, 1868, 2048 }, { 8, 1869, 2048 }, { 8, 1870, 2048 }, { 9, 1871, 2048 }, 
+   { 6, 1872, 2048 }, { 7, 1873, 2048 }, { 7, 1874, 2048 }, { 8, 1875, 2048 }, { 7, 1876, 2048 }, { 8, 1877, 2048 }, { 8, 1878, 2048 }, { 9, 1879, 2048 }, 
+   { 7, 1880, 2048 }, { 8, 1881, 2048 }, { 8, 1882, 2048 }, { 9, 1883, 2048 }, { 8, 1884, 2048 }, { 9, 1885, 2048 }, { 9, 1886, 2048 }, { 10, 1887, 2048 }, 
+   { 6, 1888, 2048 }, { 7, 1889, 2048 }, { 7, 1890, 2048 }, { 8, 1891, 2048 }, { 7, 1892, 2048 }, { 8, 1893, 2048 }, { 8, 1894, 2048 }, { 9, 1895, 2048 }, 
+   { 7, 1896, 2048 }, { 8, 1897, 2048 }, { 8, 1898, 2048 }, { 9, 1899, 2048 }, { 8, 1900, 2048 }, { 9, 1901, 2048 }, { 9, 1902, 2048 }, { 10, 1903, 2048 }, 
+   { 7, 1904, 2048 }, { 8, 1905, 2048 }, { 8, 1906, 2048 }, { 9, 1907, 2048 }, { 8, 1908, 2048 }, { 9, 1909, 2048 }, { 9, 1910, 2048 }, { 10, 1911, 2048 }, 
+   { 8, 1912, 2048 }, { 9, 1913, 2048 }, { 9, 1914, 2048 }, { 10, 1915, 2048 }, { 9, 1916, 2048 }, { 10, 1917, 2048 }, { 10, 1918, 2048 }, { 11, 1919, 2048 }, 
+   { 5, 1920, 2048 }, { 6, 1921, 2048 }, { 6, 1922, 2048 }, { 7, 1923, 2048 }, { 6, 1924, 2048 }, { 7, 1925, 2048 }, { 7, 1926, 2048 }, { 8, 1927, 2048 }, 
+   { 6, 1928, 2048 }, { 7, 1929, 2048 }, { 7, 1930, 2048 }, { 8, 1931, 2048 }, { 7, 1932, 2048 }, { 8, 1933, 2048 }, { 8, 1934, 2048 }, { 9, 1935, 2048 }, 
+   { 6, 1936, 2048 }, { 7, 1937, 2048 }, { 7, 1938, 2048 }, { 8, 1939, 2048 }, { 7, 1940, 2048 }, { 8, 1941, 2048 }, { 8, 1942, 2048 }, { 9, 1943, 2048 }, 
+   { 7, 1944, 2048 }, { 8, 1945, 2048 }, { 8, 1946, 2048 }, { 9, 1947, 2048 }, { 8, 1948, 2048 }, { 9, 1949, 2048 }, { 9, 1950, 2048 }, { 10, 1951, 2048 }, 
+   { 6, 1952, 2048 }, { 7, 1953, 2048 }, { 7, 1954, 2048 }, { 8, 1955, 2048 }, { 7, 1956, 2048 }, { 8, 1957, 2048 }, { 8, 1958, 2048 }, { 9, 1959, 2048 }, 
+   { 7, 1960, 2048 }, { 8, 1961, 2048 }, { 8, 1962, 2048 }, { 9, 1963, 2048 }, { 8, 1964, 2048 }, { 9, 1965, 2048 }, { 9, 1966, 2048 }, { 10, 1967, 2048 }, 
+   { 7, 1968, 2048 }, { 8, 1969, 2048 }, { 8, 1970, 2048 }, { 9, 1971, 2048 }, { 8, 1972, 2048 }, { 9, 1973, 2048 }, { 9, 1974, 2048 }, { 10, 1975, 2048 }, 
+   { 8, 1976, 2048 }, { 9, 1977, 2048 }, { 9, 1978, 2048 }, { 10, 1979, 2048 }, { 9, 1980, 2048 }, { 10, 1981, 2048 }, { 10, 1982, 2048 }, { 11, 1983, 2048 }, 
+   { 6, 1984, 2048 }, { 7, 1985, 2048 }, { 7, 1986, 2048 }, { 8, 1987, 2048 }, { 7, 1988, 2048 }, { 8, 1989, 2048 }, { 8, 1990, 2048 }, { 9, 1991, 2048 }, 
+   { 7, 1992, 2048 }, { 8, 1993, 2048 }, { 8, 1994, 2048 }, { 9, 1995, 2048 }, { 8, 1996, 2048 }, { 9, 1997, 2048 }, { 9, 1998, 2048 }, { 10, 1999, 2048 }, 
+   { 7, 2000, 2048 }, { 8, 2001, 2048 }, { 8, 2002, 2048 }, { 9, 2003, 2048 }, { 8, 2004, 2048 }, { 9, 2005, 2048 }, { 9, 2006, 2048 }, { 10, 2007, 2048 }, 
+   { 8, 2008, 2048 }, { 9, 2009, 2048 }, { 9, 2010, 2048 }, { 10, 2011, 2048 }, { 9, 2012, 2048 }, { 10, 2013, 2048 }, { 10, 2014, 2048 }, { 11, 2015, 2048 }, 
+   { 7, 2016, 2048 }, { 8, 2017, 2048 }, { 8, 2018, 2048 }, { 9, 2019, 2048 }, { 8, 2020, 2048 }, { 9, 2021, 2048 }, { 9, 2022, 2048 }, { 10, 2023, 2048 }, 
+   { 8, 2024, 2048 }, { 9, 2025, 2048 }, { 9, 2026, 2048 }, { 10, 2027, 2048 }, { 9, 2028, 2048 }, { 10, 2029, 2048 }, { 10, 2030, 2048 }, { 11, 2031, 2048 }, 
+   { 8, 2032, 2048 }, { 9, 2033, 2048 }, { 9, 2034, 2048 }, { 10, 2035, 2048 }, { 9, 2036, 2048 }, { 10, 2037, 2048 }, { 10, 2038, 2048 }, { 11, 2039, 2048 }, 
+   { 9, 2040, 2048 }, { 10, 2041, 2048 }, { 10, 2042, 2048 }, { 11, 2043, 2048 }, { 10, 2044, 2048 }, { 11, 2045, 2048 }, { 11, 2046, 2048 }, { 12, 2047, 2048 }, 
+#endif
+#endif
+#endif
+#endif
+#endif
+#endif
+};
+
+/* find a hole and free as required, return -1 if no hole found */
+static int find_hole(void)
+{
+   unsigned x;
+   int      y, z;
+   for (z = -1, y = INT_MAX, x = 0; x < FP_ENTRIES; x++) {
+       if (fp_cache[x].lru_count < y && fp_cache[x].lock == 0) {
+          z = x;
+          y = fp_cache[x].lru_count;
+       }
+   }
+
+   /* decrease all */
+   for (x = 0; x < FP_ENTRIES; x++) {
+      if (fp_cache[x].lru_count > 3) {
+         --(fp_cache[x].lru_count);
+      }
+   }
+
+   /* free entry z */
+   if (z >= 0 && fp_cache[z].g) {
+      mp_clear(&fp_cache[z].mu);
+      ecc_del_point(fp_cache[z].g);
+      fp_cache[z].g  = NULL;
+      for (x = 0; x < (1U<x, g->x) == MP_EQ && 
+          mp_cmp(fp_cache[x].g->y, g->y) == MP_EQ && 
+          mp_cmp(fp_cache[x].g->z, g->z) == MP_EQ) {
+         break;
+      }
+   }
+   if (x == FP_ENTRIES) {
+      x = -1;
+   }
+   return x;
+}
+
+/* add a new base to the cache */
+static int add_entry(int idx, ecc_point *g)
+{
+   unsigned x, y;
+
+   /* allocate base and LUT */
+   fp_cache[idx].g = ecc_new_point();
+   if (fp_cache[idx].g == NULL) {
+      return GEN_MEM_ERR;
+   }
+
+   /* copy x and y */
+   if ((mp_copy(g->x, fp_cache[idx].g->x) != MP_OKAY) ||
+       (mp_copy(g->y, fp_cache[idx].g->y) != MP_OKAY) ||
+       (mp_copy(g->z, fp_cache[idx].g->z) != MP_OKAY)) {
+      ecc_del_point(fp_cache[idx].g);
+      fp_cache[idx].g = NULL;
+      return GEN_MEM_ERR;
+   }              
+
+   for (x = 0; x < (1U<x, mu, modulus,
+                  fp_cache[idx].LUT[1]->x) != MP_OKAY) || 
+         (mp_mulmod(fp_cache[idx].g->y, mu, modulus,
+                  fp_cache[idx].LUT[1]->y) != MP_OKAY) || 
+         (mp_mulmod(fp_cache[idx].g->z, mu, modulus,
+                  fp_cache[idx].LUT[1]->z) != MP_OKAY)) {
+       err = MP_MULMOD_E; 
+     }
+   }
+       
+   /* make all single bit entries */
+   for (x = 1; x < FP_LUT; x++) {
+      if (err != MP_OKAY)
+          break;
+      if ((mp_copy(fp_cache[idx].LUT[1<<(x-1)]->x,
+                   fp_cache[idx].LUT[1<x) != MP_OKAY) || 
+          (mp_copy(fp_cache[idx].LUT[1<<(x-1)]->y,
+                   fp_cache[idx].LUT[1<y) != MP_OKAY) || 
+          (mp_copy(fp_cache[idx].LUT[1<<(x-1)]->z,
+                   fp_cache[idx].LUT[1<z) != MP_OKAY)){
+          err = MP_INIT_E;
+          break;
+      } else {
+          
+         /* now double it bitlen/FP_LUT times */
+         for (y = 0; y < lut_gap; y++) {
+             if ((err = ecc_projective_dbl_point(fp_cache[idx].LUT[1<z, modulus, *mp);
+ 
+       /* invert it */
+       if (err == MP_OKAY)
+         err = mp_invmod(fp_cache[idx].LUT[x]->z, modulus,
+                         fp_cache[idx].LUT[x]->z);
+
+       if (err == MP_OKAY)
+         /* now square it */
+         err = mp_sqrmod(fp_cache[idx].LUT[x]->z, modulus, &tmp);
+       
+       if (err == MP_OKAY)
+         /* fix x */
+         err = mp_mulmod(fp_cache[idx].LUT[x]->x, &tmp, modulus,
+                         fp_cache[idx].LUT[x]->x);
+
+       if (err == MP_OKAY)
+         /* get 1/z^3 */
+         err = mp_mulmod(&tmp, fp_cache[idx].LUT[x]->z, modulus, &tmp);
+
+       if (err == MP_OKAY)
+         /* fix y */
+         err = mp_mulmod(fp_cache[idx].LUT[x]->y, &tmp, modulus,
+                         fp_cache[idx].LUT[x]->y);
+
+       if (err == MP_OKAY)
+         /* free z */
+         mp_clear(fp_cache[idx].LUT[x]->z);
+   }
+   mp_clear(&tmp);
+
+   if (err == MP_OKAY)
+     return MP_OKAY;
+
+   /* err cleanup */
+   for (y = 0; y < (1U< mp_unsigned_bin_size(modulus)) {
+      mp_int order;
+      if (mp_init(&order) != MP_OKAY) {
+        mp_clear(&tk);
+        return MP_INIT_E;
+      }
+
+      /* find order */
+      y = mp_unsigned_bin_size(modulus);
+      for (x = 0; ecc_sets[x].size; x++) {
+         if (y <= (unsigned)ecc_sets[x].size) break;
+      }
+   
+      /* back off if we are on the 521 bit curve */
+      if (y == 66) --x;
+      
+      if ((err = mp_read_radix(&order, ecc_sets[x].order, 16)) != MP_OKAY) {
+         mp_clear(&order);
+         mp_clear(&tk);
+         return err;
+      }
+
+      /* k must be less than modulus */
+      if (mp_cmp(k, &order) != MP_LT) {
+         if ((err = mp_mod(k, &order, &tk)) != MP_OKAY) {
+            mp_clear(&tk);
+            mp_clear(&order);
+            return err;
+         }
+      } else {
+         mp_copy(k, &tk);
+      }
+      mp_clear(&order);
+   } else {
+      mp_copy(k, &tk);
+   }       
+   
+   /* get bitlen and round up to next multiple of FP_LUT */
+   bitlen  = mp_unsigned_bin_size(modulus) << 3;
+   x       = bitlen % FP_LUT;
+   if (x) {
+      bitlen += FP_LUT - x;
+   }  
+   lut_gap = bitlen / FP_LUT;
+        
+   /* get the k value */
+   if (mp_unsigned_bin_size(&tk) > (int)(KB_SIZE - 2)) {
+      mp_clear(&tk);
+      return BUFFER_E;
+   }
+   
+   /* store k */
+#ifdef WOLFSSL_SMALL_STACK
+   kb = (unsigned char*)XMALLOC(KB_SIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+   if (kb == NULL)
+      return MEMORY_E;
+#endif
+
+   XMEMSET(kb, 0, KB_SIZE);
+   if ((err = mp_to_unsigned_bin(&tk, kb)) != MP_OKAY) {
+      mp_clear(&tk);
+   }
+   else {
+      /* let's reverse kb so it's little endian */
+      x = 0;
+      y = mp_unsigned_bin_size(&tk) - 1;
+      mp_clear(&tk);
+
+      while ((unsigned)x < y) {
+         z = kb[x]; kb[x] = kb[y]; kb[y] = z;
+         ++x; --y;
+      }
+
+      /* at this point we can start, yipee */
+      first = 1;
+      for (x = lut_gap-1; x >= 0; x--) {
+          /* extract FP_LUT bits from kb spread out by lut_gap bits and offset
+             by x bits from the start */
+          bitpos = x;
+          for (y = z = 0; y < FP_LUT; y++) {
+             z |= ((kb[bitpos>>3] >> (bitpos&7)) & 1) << y;
+             bitpos += lut_gap;  /* it's y*lut_gap + x, but here we can avoid
+                                    the mult in each loop */
+          }
+
+          /* double if not first */
+          if (!first) {
+             if ((err = ecc_projective_dbl_point(R, R, modulus,
+                                                              mp)) != MP_OKAY) {
+                break;
+             }
+          }
+
+          /* add if not first, otherwise copy */
+          if (!first && z) {
+             if ((err = ecc_projective_add_point(R, fp_cache[idx].LUT[z], R,
+                                                     modulus, mp)) != MP_OKAY) {
+                break;
+             }
+          } else if (z) {
+             if ((mp_copy(fp_cache[idx].LUT[z]->x, R->x) != MP_OKAY) ||
+                 (mp_copy(fp_cache[idx].LUT[z]->y, R->y) != MP_OKAY) ||
+                 (mp_copy(&fp_cache[idx].mu,       R->z) != MP_OKAY)) {
+                 err = GEN_MEM_ERR;
+                 break;
+             }
+                 first = 0;
+          }
+      }
+   }
+
+   if (err == MP_OKAY) {
+      z = 0;
+      XMEMSET(kb, 0, KB_SIZE);
+      /* map R back from projective space */
+      if (map) {
+         err = ecc_map(R, modulus, mp);
+      } else {
+         err = MP_OKAY;
+      }
+   }
+
+#ifdef WOLFSSL_SMALL_STACK
+   XFREE(kb, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+
+#undef KB_SIZE
+
+   return err;
+}
+
+#ifdef ECC_SHAMIR
+/* perform a fixed point ECC mulmod */
+static int accel_fp_mul2add(int idx1, int idx2, 
+                            mp_int* kA, mp_int* kB,
+                            ecc_point *R, mp_int* modulus, mp_digit* mp)
+{
+#define KB_SIZE 128
+
+#ifdef WOLFSSL_SMALL_STACK
+   unsigned char* kb[2];
+#else
+   unsigned char kb[2][128];
+#endif
+   int      x;
+   unsigned y, z, err, bitlen, bitpos, lut_gap, first, zA, zB;
+   mp_int tka;
+   mp_int tkb;
+   mp_int order;
+
+   if (mp_init_multi(&tka, &tkb, 0, 0, 0, 0) != MP_OKAY)
+       return MP_INIT_E;
+
+   /* if it's smaller than modulus we fine */
+   if (mp_unsigned_bin_size(kA) > mp_unsigned_bin_size(modulus)) {
+      /* find order */
+      y = mp_unsigned_bin_size(modulus);
+      for (x = 0; ecc_sets[x].size; x++) {
+         if (y <= (unsigned)ecc_sets[x].size) break;
+      }
+   
+      /* back off if we are on the 521 bit curve */
+      if (y == 66) --x;
+      
+      if ((err = mp_init(&order)) != MP_OKAY) {
+         mp_clear(&tkb);
+         mp_clear(&tka);
+         return err;
+      }      
+      if ((err = mp_read_radix(&order, ecc_sets[x].order, 16)) != MP_OKAY) {
+         mp_clear(&tkb);
+         mp_clear(&tka);
+         mp_clear(&order);
+         return err;
+      }
+
+      /* kA must be less than modulus */
+      if (mp_cmp(kA, &order) != MP_LT) {
+         if ((err = mp_mod(kA, &order, &tka)) != MP_OKAY) {
+            mp_clear(&tkb);
+            mp_clear(&tka);
+            mp_clear(&order);
+            return err;
+         }
+      } else {
+         mp_copy(kA, &tka);
+      }
+      mp_clear(&order);
+   } else {
+      mp_copy(kA, &tka);
+   }       
+
+   /* if it's smaller than modulus we fine */
+   if (mp_unsigned_bin_size(kB) > mp_unsigned_bin_size(modulus)) {
+      /* find order */
+      y = mp_unsigned_bin_size(modulus);
+      for (x = 0; ecc_sets[x].size; x++) {
+         if (y <= (unsigned)ecc_sets[x].size) break;
+      }
+   
+      /* back off if we are on the 521 bit curve */
+      if (y == 66) --x;
+      
+      if ((err = mp_init(&order)) != MP_OKAY) {
+         mp_clear(&tkb);
+         mp_clear(&tka);
+         return err;
+      }      
+      if ((err = mp_read_radix(&order, ecc_sets[x].order, 16)) != MP_OKAY) {
+         mp_clear(&tkb);
+         mp_clear(&tka);
+         mp_clear(&order);
+         return err;
+      }
+
+      /* kB must be less than modulus */
+      if (mp_cmp(kB, &order) != MP_LT) {
+         if ((err = mp_mod(kB, &order, &tkb)) != MP_OKAY) {
+            mp_clear(&tkb);
+            mp_clear(&tka);
+            mp_clear(&order);
+            return err;
+         }
+      } else {
+         mp_copy(kB, &tkb);
+      }
+      mp_clear(&order);
+   } else {
+      mp_copy(kB, &tkb);
+   }     
+
+   /* get bitlen and round up to next multiple of FP_LUT */
+   bitlen  = mp_unsigned_bin_size(modulus) << 3;
+   x       = bitlen % FP_LUT;
+   if (x) {
+      bitlen += FP_LUT - x;
+   }  
+   lut_gap = bitlen / FP_LUT;
+        
+   /* get the k value */
+   if ((mp_unsigned_bin_size(&tka) > (int)(KB_SIZE - 2)) ||
+       (mp_unsigned_bin_size(&tkb) > (int)(KB_SIZE - 2))  ) {
+      mp_clear(&tka);
+      mp_clear(&tkb);
+      return BUFFER_E;
+   }
+   
+   /* store k */
+#ifdef WOLFSSL_SMALL_STACK
+   kb[0] = (unsigned char*)XMALLOC(KB_SIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+   if (kb[0] == NULL)
+      return MEMORY_E;
+#endif
+
+   XMEMSET(kb[0], 0, KB_SIZE);
+   if ((err = mp_to_unsigned_bin(&tka, kb[0])) != MP_OKAY) {
+      mp_clear(&tka);
+      mp_clear(&tkb);
+      XFREE(kb[0], NULL, DYNAMIC_TYPE_TMP_BUFFER);
+      return err;
+   }
+   
+   /* let's reverse kb so it's little endian */
+   x = 0;
+   y = mp_unsigned_bin_size(&tka) - 1;
+   mp_clear(&tka);
+   while ((unsigned)x < y) {
+      z = kb[0][x]; kb[0][x] = kb[0][y]; kb[0][y] = z;
+      ++x; --y;
+   }      
+   
+   /* store b */
+#ifdef WOLFSSL_SMALL_STACK
+   kb[1] = (unsigned char*)XMALLOC(KB_SIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+   if (kb[1] == NULL) {
+      XFREE(kb[0], NULL, DYNAMIC_TYPE_TMP_BUFFER);
+      return MEMORY_E;
+   }
+#endif
+
+   XMEMSET(kb[1], 0, KB_SIZE);
+   if ((err = mp_to_unsigned_bin(&tkb, kb[1])) != MP_OKAY) {
+      mp_clear(&tkb);
+   }
+   else {
+      x = 0;
+      y = mp_unsigned_bin_size(&tkb) - 1;
+      mp_clear(&tkb);
+      while ((unsigned)x < y) {
+         z = kb[1][x]; kb[1][x] = kb[1][y]; kb[1][y] = z;
+         ++x; --y;
+      }
+
+      /* at this point we can start, yipee */
+      first = 1;
+      for (x = lut_gap-1; x >= 0; x--) {
+          /* extract FP_LUT bits from kb spread out by lut_gap bits and
+             offset by x bits from the start */
+          bitpos = x;
+          for (y = zA = zB = 0; y < FP_LUT; y++) {
+             zA |= ((kb[0][bitpos>>3] >> (bitpos&7)) & 1) << y;
+             zB |= ((kb[1][bitpos>>3] >> (bitpos&7)) & 1) << y;
+             bitpos += lut_gap;    /* it's y*lut_gap + x, but here we can avoid
+                                      the mult in each loop */
+          }
+
+          /* double if not first */
+          if (!first) {
+             if ((err = ecc_projective_dbl_point(R, R, modulus,
+                                                              mp)) != MP_OKAY) {
+                break;
+             }
+          }
+
+          /* add if not first, otherwise copy */
+          if (!first) {
+             if (zA) {
+                if ((err = ecc_projective_add_point(R, fp_cache[idx1].LUT[zA],
+                                                  R, modulus, mp)) != MP_OKAY) {
+                   break;
+                }
+             }
+             if (zB) {
+                if ((err = ecc_projective_add_point(R, fp_cache[idx2].LUT[zB],
+                                                  R, modulus, mp)) != MP_OKAY) {
+                   break;
+                }
+             }
+          } else {
+             if (zA) {
+                 if ((mp_copy(fp_cache[idx1].LUT[zA]->x, R->x) != MP_OKAY) ||
+                    (mp_copy(fp_cache[idx1].LUT[zA]->y,  R->y) != MP_OKAY) ||
+                    (mp_copy(&fp_cache[idx1].mu,         R->z) != MP_OKAY)) {
+                     err = GEN_MEM_ERR;
+                     break;
+                 }
+                    first = 0;
+             }
+             if (zB && first == 0) {
+                if (zB) {
+                   if ((err = ecc_projective_add_point(R,
+                           fp_cache[idx2].LUT[zB], R, modulus, mp)) != MP_OKAY){
+                      break;
+                   }
+                }
+             } else if (zB && first == 1) {
+                 if ((mp_copy(fp_cache[idx2].LUT[zB]->x, R->x) != MP_OKAY) ||
+                    (mp_copy(fp_cache[idx2].LUT[zB]->y, R->y) != MP_OKAY) ||
+                    (mp_copy(&fp_cache[idx2].mu,        R->z) != MP_OKAY)) {
+                     err = GEN_MEM_ERR;
+                     break;
+                 }
+                    first = 0;
+             }
+          }
+      }
+   }
+
+   XMEMSET(kb[0], 0, KB_SIZE);
+   XMEMSET(kb[1], 0, KB_SIZE);
+
+#ifdef WOLFSSL_SMALL_STACK
+   XFREE(kb[0], NULL, DYNAMIC_TYPE_TMP_BUFFER);
+   XFREE(kb[1], NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+
+#undef KB_SIZE
+
+   return ecc_map(R, modulus, mp);
+}
+
+/** ECC Fixed Point mulmod global
+  Computes kA*A + kB*B = C using Shamir's Trick
+  A        First point to multiply
+  kA       What to multiple A by
+  B        Second point to multiply
+  kB       What to multiple B by
+  C        [out] Destination point (can overlap with A or B)
+  modulus  Modulus for curve 
+  return MP_OKAY on success
+*/ 
+int ecc_mul2add(ecc_point* A, mp_int* kA,
+                ecc_point* B, mp_int* kB,
+                ecc_point* C, mp_int* modulus)
+{
+   int  idx1 = -1, idx2 = -1, err = MP_OKAY, mpInit = 0;
+   mp_digit mp;
+   mp_int   mu;
+  
+   err = mp_init(&mu);
+   if (err != MP_OKAY)
+       return err;
+
+#ifndef HAVE_THREAD_LS
+   if (initMutex == 0) {
+        InitMutex(&ecc_fp_lock);
+        initMutex = 1;
+   }
+   if (LockMutex(&ecc_fp_lock) != 0)
+      return BAD_MUTEX_E;
+#endif /* HAVE_THREAD_LS */
+
+      /* find point */
+      idx1 = find_base(A);
+
+      /* no entry? */
+      if (idx1 == -1) {
+         /* find hole and add it */
+         if ((idx1 = find_hole()) >= 0) {
+            err = add_entry(idx1, A);
+         }
+      }
+      if (err == MP_OKAY && idx1 != -1) {
+         /* increment LRU */
+         ++(fp_cache[idx1].lru_count);
+      }
+
+      if (err == MP_OKAY)
+        /* find point */
+        idx2 = find_base(B);
+
+      if (err == MP_OKAY) {
+        /* no entry? */
+        if (idx2 == -1) {
+           /* find hole and add it */
+           if ((idx2 = find_hole()) >= 0)
+              err = add_entry(idx2, B);
+         }
+      }
+
+      if (err == MP_OKAY && idx2 != -1) {
+         /* increment LRU */
+         ++(fp_cache[idx2].lru_count);
+      }
+
+      if (err == MP_OKAY) {
+        /* if it's 2 build the LUT, if it's higher just use the LUT */
+        if (idx1 >= 0 && fp_cache[idx1].lru_count == 2) {
+           /* compute mp */
+           err = mp_montgomery_setup(modulus, &mp);
+
+           if (err == MP_OKAY) {
+             mpInit = 1;
+             err = mp_montgomery_calc_normalization(&mu, modulus);
+           }
+                 
+           if (err == MP_OKAY)
+             /* build the LUT */
+               err = build_lut(idx1, modulus, &mp, &mu);
+        }
+      }
+
+      if (err == MP_OKAY) {
+        /* if it's 2 build the LUT, if it's higher just use the LUT */
+        if (idx2 >= 0 && fp_cache[idx2].lru_count == 2) {
+           if (mpInit == 0) {
+                /* compute mp */
+                err = mp_montgomery_setup(modulus, &mp);
+                if (err == MP_OKAY) {
+                    mpInit = 1;
+                    err = mp_montgomery_calc_normalization(&mu, modulus);
+                }
+            }
+                 
+            if (err == MP_OKAY) 
+            /* build the LUT */
+              err = build_lut(idx2, modulus, &mp, &mu);
+        }
+      }
+
+
+      if (err == MP_OKAY) {
+        if (idx1 >=0 && idx2 >= 0 && fp_cache[idx1].lru_count >= 2 &&
+                                     fp_cache[idx2].lru_count >= 2) {
+           if (mpInit == 0) {
+              /* compute mp */
+              err = mp_montgomery_setup(modulus, &mp);
+           }
+           if (err == MP_OKAY)
+             err = accel_fp_mul2add(idx1, idx2, kA, kB, C, modulus, &mp);
+        } else {
+           err = normal_ecc_mul2add(A, kA, B, kB, C, modulus);
+        }
+    }
+
+#ifndef HAVE_THREAD_LS
+    UnLockMutex(&ecc_fp_lock);
+#endif /* HAVE_THREAD_LS */
+    mp_clear(&mu);
+
+    return err;
+}
+#endif
+
+/** ECC Fixed Point mulmod global
+    k        The multiplicand
+    G        Base point to multiply
+    R        [out] Destination of product
+    modulus  The modulus for the curve
+    map      [boolean] If non-zero maps the point back to affine co-ordinates,
+             otherwise it's left in jacobian-montgomery form
+    return MP_OKAY if successful
+*/   
+int ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R, mp_int* modulus,
+               int map)
+{
+   int   idx, err = MP_OKAY;
+   mp_digit mp;
+   mp_int   mu;
+   int      mpSetup = 0;
+
+   if (mp_init(&mu) != MP_OKAY)
+       return MP_INIT_E;
+   
+#ifndef HAVE_THREAD_LS
+   if (initMutex == 0) {
+        InitMutex(&ecc_fp_lock);
+        initMutex = 1;
+   }
+   
+   if (LockMutex(&ecc_fp_lock) != 0)
+      return BAD_MUTEX_E;
+#endif /* HAVE_THREAD_LS */
+
+      /* find point */
+      idx = find_base(G);
+
+      /* no entry? */
+      if (idx == -1) {
+         /* find hole and add it */
+         idx = find_hole();
+
+         if (idx >= 0)
+            err = add_entry(idx, G);
+      }
+      if (err == MP_OKAY && idx >= 0) {
+         /* increment LRU */
+         ++(fp_cache[idx].lru_count);
+      }
+
+
+      if (err == MP_OKAY) { 
+        /* if it's 2 build the LUT, if it's higher just use the LUT */
+        if (idx >= 0 && fp_cache[idx].lru_count == 2) {
+           /* compute mp */
+           err = mp_montgomery_setup(modulus, &mp);
+
+           if (err == MP_OKAY) {
+             /* compute mu */
+             mpSetup = 1;
+             err = mp_montgomery_calc_normalization(&mu, modulus);
+           }
+                 
+           if (err == MP_OKAY) 
+             /* build the LUT */
+             err = build_lut(idx, modulus, &mp, &mu);
+        }
+      }
+
+      if (err == MP_OKAY) { 
+        if (idx >= 0 && fp_cache[idx].lru_count >= 2) {
+           if (mpSetup == 0) {
+              /* compute mp */
+              err = mp_montgomery_setup(modulus, &mp);
+           }
+           if (err == MP_OKAY)
+             err = accel_fp_mul(idx, k, R, modulus, &mp, map);
+        } else {
+           err = normal_ecc_mulmod(k, G, R, modulus, map);
+        }
+     }
+
+#ifndef HAVE_THREAD_LS
+    UnLockMutex(&ecc_fp_lock);
+#endif /* HAVE_THREAD_LS */
+    mp_clear(&mu);
+
+    return err;
+}
+
+/* helper function for freeing the cache ...
+   must be called with the cache mutex locked */
+static void wc_ecc_fp_free_cache(void)
+{
+   unsigned x, y;
+   for (x = 0; x < FP_ENTRIES; x++) {
+      if (fp_cache[x].g != NULL) {
+         for (y = 0; y < (1U<protocol == 0)
+        return NULL;
+
+    if (ctx->protocol == REQ_RESP_CLIENT) {
+        if (ctx->cliSt == ecCLI_INIT) {
+            ctx->cliSt =  ecCLI_SALT_GET;
+            return ctx->clientSalt;
+        }
+        else {
+            ctx->cliSt = ecCLI_BAD_STATE;
+            return NULL;
+        }
+    }
+    else if (ctx->protocol == REQ_RESP_SERVER) {
+        if (ctx->srvSt == ecSRV_INIT) {
+            ctx->srvSt =  ecSRV_SALT_GET;
+            return ctx->serverSalt;
+        }
+        else {
+            ctx->srvSt = ecSRV_BAD_STATE;
+            return NULL;
+        }
+    }
+
+    return NULL;
+}
+
+
+/* optional set info, can be called before or after set_peer_salt */
+int wc_ecc_ctx_set_info(ecEncCtx* ctx, const byte* info, int sz)
+{
+    if (ctx == NULL || info == 0 || sz < 0)
+        return BAD_FUNC_ARG;
+
+    ctx->kdfInfo   = info;
+    ctx->kdfInfoSz = sz;
+
+    return 0;
+}
+
+
+static const char* exchange_info = "Secure Message Exchange";
+
+int wc_ecc_ctx_set_peer_salt(ecEncCtx* ctx, const byte* salt)
+{
+    byte tmp[EXCHANGE_SALT_SZ/2];
+    int  halfSz = EXCHANGE_SALT_SZ/2;
+
+    if (ctx == NULL || ctx->protocol == 0 || salt == NULL)
+        return BAD_FUNC_ARG;
+
+    if (ctx->protocol == REQ_RESP_CLIENT) {
+        XMEMCPY(ctx->serverSalt, salt, EXCHANGE_SALT_SZ);
+        if (ctx->cliSt == ecCLI_SALT_GET)
+            ctx->cliSt =  ecCLI_SALT_SET;
+        else {
+            ctx->cliSt =  ecCLI_BAD_STATE;
+            return BAD_ENC_STATE_E;
+        }
+    }
+    else {
+        XMEMCPY(ctx->clientSalt, salt, EXCHANGE_SALT_SZ);
+        if (ctx->srvSt == ecSRV_SALT_GET)
+            ctx->srvSt =  ecSRV_SALT_SET;
+        else {
+            ctx->srvSt =  ecSRV_BAD_STATE;
+            return BAD_ENC_STATE_E;
+        }
+    }
+
+    /* mix half and half */
+    /* tmp stores 2nd half of client before overwrite */
+    XMEMCPY(tmp, ctx->clientSalt + halfSz, halfSz);
+    XMEMCPY(ctx->clientSalt + halfSz, ctx->serverSalt, halfSz);
+    XMEMCPY(ctx->serverSalt, tmp, halfSz);
+
+    ctx->kdfSalt   = ctx->clientSalt;
+    ctx->kdfSaltSz = EXCHANGE_SALT_SZ;
+
+    ctx->macSalt   = ctx->serverSalt;
+    ctx->macSaltSz = EXCHANGE_SALT_SZ;
+
+    if (ctx->kdfInfo == NULL) {
+        /* default info */
+        ctx->kdfInfo   = (const byte*)exchange_info;
+        ctx->kdfInfoSz = EXCHANGE_INFO_SZ;
+    }
+
+    return 0;
+}
+
+
+static int ecc_ctx_set_salt(ecEncCtx* ctx, int flags, RNG* rng)
+{
+    byte* saltBuffer = NULL;
+
+    if (ctx == NULL || rng == NULL || flags == 0) 
+        return BAD_FUNC_ARG;
+
+    saltBuffer = (flags == REQ_RESP_CLIENT) ? ctx->clientSalt : ctx->serverSalt;
+
+    return wc_RNG_GenerateBlock(rng, saltBuffer, EXCHANGE_SALT_SZ);
+}
+
+
+static void ecc_ctx_init(ecEncCtx* ctx, int flags)
+{
+    if (ctx) {
+        XMEMSET(ctx, 0, sizeof(ecEncCtx));
+
+        ctx->encAlgo  = ecAES_128_CBC;
+        ctx->kdfAlgo  = ecHKDF_SHA256;
+        ctx->macAlgo  = ecHMAC_SHA256;
+        ctx->protocol = (byte)flags;
+
+        if (flags == REQ_RESP_CLIENT)
+            ctx->cliSt = ecCLI_INIT;
+        if (flags == REQ_RESP_SERVER)
+            ctx->srvSt = ecSRV_INIT;
+    }
+}
+
+
+/* allow ecc context reset so user doesn't have to init/free for resue */
+int wc_ecc_ctx_reset(ecEncCtx* ctx, RNG* rng)
+{
+    if (ctx == NULL || rng == NULL)
+        return BAD_FUNC_ARG;
+
+    ecc_ctx_init(ctx, ctx->protocol);
+    return ecc_ctx_set_salt(ctx, ctx->protocol, rng);
+}
+
+
+/* alloc/init and set defaults, return new Context  */
+ecEncCtx* wc_ecc_ctx_new(int flags, RNG* rng)
+{
+    int       ret = 0;
+    ecEncCtx* ctx = (ecEncCtx*)XMALLOC(sizeof(ecEncCtx), 0, DYNAMIC_TYPE_ECC);
+
+    if (ctx)
+        ctx->protocol = (byte)flags;
+
+    ret = wc_ecc_ctx_reset(ctx, rng);
+    if (ret != 0) {
+        wc_ecc_ctx_free(ctx);
+        ctx = NULL;
+    }
+
+    return ctx;
+}
+
+
+/* free any resources, clear any keys */
+void wc_ecc_ctx_free(ecEncCtx* ctx)
+{
+    if (ctx) {
+        XMEMSET(ctx, 0, sizeof(ecEncCtx));
+        XFREE(ctx, 0, DYNAMIC_TYPE_ECC);
+    }
+}
+
+
+static int ecc_get_key_sizes(ecEncCtx* ctx, int* encKeySz, int* ivSz,
+                             int* keysLen, word32* digestSz, word32* blockSz)
+{
+    if (ctx) {
+        switch (ctx->encAlgo) {
+            case ecAES_128_CBC:
+                *encKeySz = KEY_SIZE_128;
+                *ivSz     = IV_SIZE_64;
+                *blockSz  = AES_BLOCK_SIZE;
+                break;
+            default:
+                return BAD_FUNC_ARG;
+        }
+
+        switch (ctx->macAlgo) {
+            case ecHMAC_SHA256:
+                *digestSz = SHA256_DIGEST_SIZE;
+                break;
+            default:
+                return BAD_FUNC_ARG;
+        }
+    } else
+        return BAD_FUNC_ARG;
+
+    *keysLen  = *encKeySz + *ivSz + *digestSz;
+
+    return 0;
+}
+
+
+/* ecc encrypt with shared secret run through kdf
+   ctx holds non default algos and inputs
+   msgSz should be the right size for encAlgo, i.e., already padded 
+   return 0 on success */
+int wc_ecc_encrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
+                word32 msgSz, byte* out, word32* outSz, ecEncCtx* ctx)
+{
+    int          ret;
+    word32       blockSz;
+    word32       digestSz;
+    ecEncCtx     localCtx;
+#ifdef WOLFSSL_SMALL_STACK
+    byte*        sharedSecret;
+    byte*        keys;
+#else
+    byte         sharedSecret[ECC_MAXSIZE];  /* 521 max size */
+    byte         keys[ECC_BUFSIZE];         /* max size */
+#endif
+    word32       sharedSz = ECC_MAXSIZE;
+    int          keysLen;
+    int          encKeySz;
+    int          ivSz;
+    int          offset = 0;         /* keys offset if doing msg exchange */
+    byte*        encKey;
+    byte*        encIv;
+    byte*        macKey;
+
+    if (privKey == NULL || pubKey == NULL || msg == NULL || out == NULL ||
+                           outSz  == NULL)
+        return BAD_FUNC_ARG;
+
+    if (ctx == NULL) {  /* use defaults */
+        ecc_ctx_init(&localCtx, 0);
+        ctx = &localCtx;  
+    }
+        
+    ret = ecc_get_key_sizes(ctx, &encKeySz, &ivSz, &keysLen, &digestSz,
+                            &blockSz);
+    if (ret != 0)
+        return ret;
+
+    if (ctx->protocol == REQ_RESP_SERVER) {
+        offset = keysLen;
+        keysLen *= 2;
+
+        if (ctx->srvSt != ecSRV_RECV_REQ)
+            return BAD_ENC_STATE_E;
+
+        ctx->srvSt = ecSRV_BAD_STATE; /* we're done no more ops allowed */
+    }
+    else if (ctx->protocol == REQ_RESP_CLIENT) {
+        if (ctx->cliSt != ecCLI_SALT_SET)
+            return BAD_ENC_STATE_E;
+
+        ctx->cliSt = ecCLI_SENT_REQ; /* only do this once */
+    }
+        
+    if (keysLen > ECC_BUFSIZE) /* keys size */
+        return BUFFER_E;
+        
+    if ( (msgSz%blockSz) != 0)
+        return BAD_PADDING_E;
+
+    if (*outSz < (msgSz + digestSz))
+        return BUFFER_E;
+
+#ifdef WOLFSSL_SMALL_STACK
+    sharedSecret = (byte*)XMALLOC(ECC_MAXSIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    if (sharedSecret == NULL)
+        return MEMORY_E;
+
+    keys = (byte*)XMALLOC(ECC_BUFSIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    if (keys == NULL) {
+        XFREE(sharedSecret, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        return MEMORY_E;
+    }
+#endif
+
+    ret = wc_ecc_shared_secret(privKey, pubKey, sharedSecret, &sharedSz);
+
+    if (ret == 0) {
+       switch (ctx->kdfAlgo) {
+           case ecHKDF_SHA256 :
+               ret = wc_HKDF(SHA256, sharedSecret, sharedSz, ctx->kdfSalt,
+                          ctx->kdfSaltSz, ctx->kdfInfo, ctx->kdfInfoSz,
+                          keys, keysLen);
+               break;
+
+           default:
+               ret = BAD_FUNC_ARG;
+               break;
+       }
+    }
+
+    if (ret == 0) {
+       encKey = keys + offset;
+       encIv  = encKey + encKeySz;
+       macKey = encKey + encKeySz + ivSz;
+
+       switch (ctx->encAlgo) {
+           case ecAES_128_CBC:
+               {
+                   Aes aes;
+                   ret = wc_AesSetKey(&aes, encKey, KEY_SIZE_128, encIv,
+                                                                AES_ENCRYPTION);
+                   if (ret != 0)
+                       break;
+                   ret = wc_AesCbcEncrypt(&aes, out, msg, msgSz);
+               }
+               break;
+
+           default:
+               ret = BAD_FUNC_ARG;
+               break;
+       }
+    }
+
+    if (ret == 0) {
+       switch (ctx->macAlgo) {
+           case ecHMAC_SHA256:
+               {
+                   Hmac hmac;
+                   ret = wc_HmacSetKey(&hmac, SHA256, macKey, SHA256_DIGEST_SIZE);
+                   if (ret != 0)
+                       break;
+                   ret = wc_HmacUpdate(&hmac, out, msgSz);
+                   if (ret != 0)
+                       break;
+                   ret = wc_HmacUpdate(&hmac, ctx->macSalt, ctx->macSaltSz);
+                   if (ret != 0)
+                       break;
+                   ret = wc_HmacFinal(&hmac, out+msgSz);
+               }
+               break;
+
+           default:
+               ret = BAD_FUNC_ARG;
+               break;
+       }
+    }
+
+    if (ret == 0)
+       *outSz = msgSz + digestSz;
+
+#ifdef WOLFSSL_SMALL_STACK
+    XFREE(sharedSecret, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    XFREE(keys, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+
+    return ret;
+}
+
+
+/* ecc decrypt with shared secret run through kdf
+   ctx holds non default algos and inputs
+   return 0 on success */
+int wc_ecc_decrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
+                word32 msgSz, byte* out, word32* outSz, ecEncCtx* ctx)
+{
+    int          ret;
+    word32       blockSz;
+    word32       digestSz;
+    ecEncCtx     localCtx;
+#ifdef WOLFSSL_SMALL_STACK
+    byte*        sharedSecret;
+    byte*        keys;
+#else
+    byte         sharedSecret[ECC_MAXSIZE];  /* 521 max size */
+    byte         keys[ECC_BUFSIZE];         /* max size */
+#endif
+    word32       sharedSz = ECC_MAXSIZE;
+    int          keysLen;
+    int          encKeySz;
+    int          ivSz;
+    int          offset = 0;       /* in case using msg exchange */
+    byte*        encKey;
+    byte*        encIv;
+    byte*        macKey;
+
+    if (privKey == NULL || pubKey == NULL || msg == NULL || out == NULL ||
+                           outSz  == NULL)
+        return BAD_FUNC_ARG;
+
+    if (ctx == NULL) {  /* use defaults */
+        ecc_ctx_init(&localCtx, 0);
+        ctx = &localCtx;  
+    }
+        
+    ret = ecc_get_key_sizes(ctx, &encKeySz, &ivSz, &keysLen, &digestSz,
+                            &blockSz);
+    if (ret != 0)
+        return ret;
+        
+    if (ctx->protocol == REQ_RESP_CLIENT) {
+        offset = keysLen;
+        keysLen *= 2;
+
+        if (ctx->cliSt != ecCLI_SENT_REQ)
+            return BAD_ENC_STATE_E;
+
+        ctx->cliSt = ecSRV_BAD_STATE; /* we're done no more ops allowed */
+    }
+    else if (ctx->protocol == REQ_RESP_SERVER) {
+        if (ctx->srvSt != ecSRV_SALT_SET)
+            return BAD_ENC_STATE_E;
+
+        ctx->srvSt = ecSRV_RECV_REQ; /* only do this once */
+    }
+        
+    if (keysLen > ECC_BUFSIZE) /* keys size */
+        return BUFFER_E;
+        
+    if ( ((msgSz-digestSz) % blockSz) != 0)
+        return BAD_PADDING_E;
+
+    if (*outSz < (msgSz - digestSz))
+        return BUFFER_E;
+
+#ifdef WOLFSSL_SMALL_STACK
+    sharedSecret = (byte*)XMALLOC(ECC_MAXSIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    if (sharedSecret == NULL)
+        return MEMORY_E;
+
+    keys = (byte*)XMALLOC(ECC_BUFSIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    if (keys == NULL) {
+        XFREE(sharedSecret, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        return MEMORY_E;
+    }
+#endif
+
+    ret = wc_ecc_shared_secret(privKey, pubKey, sharedSecret, &sharedSz);
+
+    if (ret == 0) {
+       switch (ctx->kdfAlgo) {
+           case ecHKDF_SHA256 :
+               ret = wc_HKDF(SHA256, sharedSecret, sharedSz, ctx->kdfSalt,
+                          ctx->kdfSaltSz, ctx->kdfInfo, ctx->kdfInfoSz,
+                          keys, keysLen);
+               break;
+
+           default:
+               ret = BAD_FUNC_ARG;
+               break;
+       }
+    }
+
+    if (ret == 0) {
+       encKey = keys + offset;
+       encIv  = encKey + encKeySz;
+       macKey = encKey + encKeySz + ivSz;
+
+       switch (ctx->macAlgo) {
+           case ecHMAC_SHA256:
+               {
+                   byte verify[SHA256_DIGEST_SIZE];
+                   Hmac hmac;
+                   ret = wc_HmacSetKey(&hmac, SHA256, macKey, SHA256_DIGEST_SIZE);
+                   if (ret != 0)
+                       break;
+                   ret = wc_HmacUpdate(&hmac, msg, msgSz-digestSz);
+                   if (ret != 0)
+                       break;
+                   ret = wc_HmacUpdate(&hmac, ctx->macSalt, ctx->macSaltSz);
+                   if (ret != 0)
+                       break;
+                   ret = wc_HmacFinal(&hmac, verify);
+                   if (ret != 0)
+                       break;
+                   if (memcmp(verify, msg + msgSz - digestSz, digestSz) != 0)
+                       ret = -1;
+               }
+               break;
+
+           default:
+               ret = BAD_FUNC_ARG;
+               break;
+       }
+    }
+
+    if (ret == 0) {
+       switch (ctx->encAlgo) {
+           case ecAES_128_CBC:
+               {
+                   Aes aes;
+                   ret = wc_AesSetKey(&aes, encKey, KEY_SIZE_128, encIv,
+                                                                AES_DECRYPTION);
+                   if (ret != 0)
+                       break;
+                   ret = wc_AesCbcDecrypt(&aes, out, msg, msgSz-digestSz);
+               }
+               break;
+
+           default:
+               ret = BAD_FUNC_ARG;
+               break;
+       }
+    }
+
+    if (ret == 0)
+       *outSz = msgSz - digestSz;
+
+#ifdef WOLFSSL_SMALL_STACK
+    XFREE(sharedSecret, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    XFREE(keys, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+
+    return ret;
+}
+
+
+#endif /* HAVE_ECC_ENCRYPT */
+
+
+#ifdef HAVE_COMP_KEY
+
+/* computes the jacobi c = (a | n) (or Legendre if n is prime)
+ * HAC pp. 73 Algorithm 2.149
+ */
+int mp_jacobi(mp_int* a, mp_int* p, int* c)
+{
+  mp_int   a1, p1;
+  int      k, s, r, res;
+  mp_digit residue;
+
+  /* if p <= 0 return MP_VAL */
+  if (mp_cmp_d(p, 0) != MP_GT) {
+     return MP_VAL;
+  }
+
+  /* step 1.  if a == 0, return 0 */
+  if (mp_iszero (a) == 1) {
+    *c = 0;
+    return MP_OKAY;
+  }
+
+  /* step 2.  if a == 1, return 1 */
+  if (mp_cmp_d (a, 1) == MP_EQ) {
+    *c = 1;
+    return MP_OKAY;
+  }
+
+  /* default */
+  s = 0;
+
+  /* step 3.  write a = a1 * 2**k  */
+  if ((res = mp_init_copy (&a1, a)) != MP_OKAY) {
+    return res;
+  }
+
+  if ((res = mp_init (&p1)) != MP_OKAY) {
+    mp_clear(&a1);
+    return res;
+  }
+
+  /* divide out larger power of two */
+  k = mp_cnt_lsb(&a1);
+  res = mp_div_2d(&a1, k, &a1, NULL);
+
+  if (res == MP_OKAY) {
+    /* step 4.  if e is even set s=1 */
+    if ((k & 1) == 0) {
+      s = 1;
+    } else {
+      /* else set s=1 if p = 1/7 (mod 8) or s=-1 if p = 3/5 (mod 8) */
+      residue = p->dp[0] & 7;
+
+      if (residue == 1 || residue == 7) {
+        s = 1;
+      } else if (residue == 3 || residue == 5) {
+        s = -1;
+      }
+    }
+
+    /* step 5.  if p == 3 (mod 4) *and* a1 == 3 (mod 4) then s = -s */
+    if ( ((p->dp[0] & 3) == 3) && ((a1.dp[0] & 3) == 3)) {
+      s = -s;
+    }
+  }
+
+  if (res == MP_OKAY) {
+    /* if a1 == 1 we're done */
+    if (mp_cmp_d (&a1, 1) == MP_EQ) {
+      *c = s;
+    } else {
+      /* n1 = n mod a1 */
+      res = mp_mod (p, &a1, &p1);
+      if (res == MP_OKAY)
+        res = mp_jacobi (&p1, &a1, &r);
+
+      if (res == MP_OKAY)
+      *c = s * r;
+    }
+  }
+
+  /* done */
+  mp_clear (&p1);
+  mp_clear (&a1);
+
+  return res;
+}
+
+
+int mp_sqrtmod_prime(mp_int* n, mp_int* prime, mp_int* ret)
+{
+  int res, legendre, done = 0;
+  mp_int t1, C, Q, S, Z, M, T, R, two;
+  mp_digit i;
+
+  /* first handle the simple cases */
+  if (mp_cmp_d(n, 0) == MP_EQ) {
+    mp_zero(ret);
+    return MP_OKAY;
+  }
+  if (mp_cmp_d(prime, 2) == MP_EQ)       return MP_VAL; /* prime must be odd */
+  /* TAO removed
+  if ((res = mp_jacobi(n, prime, &legendre)) != MP_OKAY)      return res;
+  if (legendre == -1)  return MP_VAL; */ /* quadratic non-residue mod prime */
+
+  if ((res = mp_init_multi(&t1, &C, &Q, &S, &Z, &M)) != MP_OKAY)
+    return res;
+
+  if ((res = mp_init_multi(&T, &R, &two, NULL, NULL, NULL))
+                          != MP_OKAY) {
+    mp_clear(&t1); mp_clear(&C); mp_clear(&Q); mp_clear(&S); mp_clear(&Z);
+    mp_clear(&M);
+    return res;
+  }
+
+  /* SPECIAL CASE: if prime mod 4 == 3
+   * compute directly: res = n^(prime+1)/4 mod prime
+   * Handbook of Applied Cryptography algorithm 3.36
+   */
+  res = mp_mod_d(prime, 4, &i);
+  if (res == MP_OKAY && i == 3) {
+    res = mp_add_d(prime, 1, &t1);
+
+    if (res == MP_OKAY)
+      res = mp_div_2(&t1, &t1);
+    if (res == MP_OKAY)
+      res = mp_div_2(&t1, &t1);
+    if (res == MP_OKAY)
+      res = mp_exptmod(n, &t1, prime, ret);
+
+    done = 1;
+  }
+
+  /* NOW: TonelliShanks algorithm */
+
+ if (res == MP_OKAY && done == 0) {
+
+   /* factor out powers of 2 from prime-1, defining Q and S
+    *                                      as: prime-1 = Q*2^S */
+    res = mp_copy(prime, &Q);
+    if (res == MP_OKAY)
+      res = mp_sub_d(&Q, 1, &Q);
+    /* Q = prime - 1 */
+    if (res == MP_OKAY)
+      mp_zero(&S);
+    /* S = 0 */
+    while (res == MP_OKAY && mp_iseven(&Q)) {
+      res = mp_div_2(&Q, &Q);
+      /* Q = Q / 2 */
+      if (res == MP_OKAY)
+        res = mp_add_d(&S, 1, &S);
+        /* S = S + 1 */
+    }
+
+    /* find a Z such that the Legendre symbol (Z|prime) == -1 */
+    if (res == MP_OKAY)
+      res = mp_set_int(&Z, 2);
+    /* Z = 2 */
+    while (res == MP_OKAY) {
+      res = mp_jacobi(&Z, prime, &legendre);
+      if (res == MP_OKAY && legendre == -1)
+        break;
+      if (res == MP_OKAY)
+        res = mp_add_d(&Z, 1, &Z);
+        /* Z = Z + 1 */
+    }
+
+    if (res == MP_OKAY)
+      res = mp_exptmod(&Z, &Q, prime, &C);
+      /* C = Z ^ Q mod prime */
+    if (res == MP_OKAY)
+      res = mp_add_d(&Q, 1, &t1);
+    if (res == MP_OKAY)
+      res = mp_div_2(&t1, &t1);
+      /* t1 = (Q + 1) / 2 */
+    if (res == MP_OKAY)
+      res = mp_exptmod(n, &t1, prime, &R);
+    /* R = n ^ ((Q + 1) / 2) mod prime */
+    if (res == MP_OKAY)
+      res = mp_exptmod(n, &Q, prime, &T);
+    /* T = n ^ Q mod prime */
+    if (res == MP_OKAY)
+      res = mp_copy(&S, &M);
+    /* M = S */
+    if (res == MP_OKAY)
+      res = mp_set_int(&two, 2);
+
+    while (res == MP_OKAY && done == 0) {
+      res = mp_copy(&T, &t1);
+      i = 0;
+      while (res == MP_OKAY) {
+        if (mp_cmp_d(&t1, 1) == MP_EQ)
+            break;
+        res = mp_exptmod(&t1, &two, prime, &t1);
+        if (res == MP_OKAY)
+          i++;
+      }
+      if (res == MP_OKAY && i == 0) {
+        mp_copy(&R, ret);
+        res = MP_OKAY;
+        done = 1;
+      }
+
+      if (done == 0) {
+        if (res == MP_OKAY)
+          res = mp_sub_d(&M, i, &t1);
+        if (res == MP_OKAY)
+          res = mp_sub_d(&t1, 1, &t1);
+        if (res == MP_OKAY)
+          res = mp_exptmod(&two, &t1, prime, &t1);
+        /* t1 = 2 ^ (M - i - 1) */
+        if (res == MP_OKAY)
+          res = mp_exptmod(&C, &t1, prime, &t1);
+        /* t1 = C ^ (2 ^ (M - i - 1)) mod prime */
+        if (res == MP_OKAY)
+          res = mp_sqrmod(&t1, prime, &C);
+        /* C = (t1 * t1) mod prime */
+        if (res == MP_OKAY)
+          res = mp_mulmod(&R, &t1, prime, &R);
+        /* R = (R * t1) mod prime */
+        if (res == MP_OKAY)
+          res = mp_mulmod(&T, &C, prime, &T);
+        /* T = (T * C) mod prime */
+        if (res == MP_OKAY)
+          mp_set(&M, i);
+        /* M = i */
+      }
+    }
+  }
+
+  /* done */
+  mp_clear(&t1);
+  mp_clear(&C);
+  mp_clear(&Q);
+  mp_clear(&S);
+  mp_clear(&Z);
+  mp_clear(&M);
+  mp_clear(&T);
+  mp_clear(&R);
+  mp_clear(&two);
+
+  return res;
+}
+
+
+/* export public ECC key in ANSI X9.63 format compressed */
+int wc_ecc_export_x963_compressed(ecc_key* key, byte* out, word32* outLen)
+{
+   word32 numlen;
+   int    ret = MP_OKAY;
+
+   if (key == NULL || out == NULL || outLen == NULL)
+       return ECC_BAD_ARG_E;
+
+   if (ecc_is_valid_idx(key->idx) == 0) {
+      return ECC_BAD_ARG_E;
+   }
+   numlen = key->dp->size;
+
+   if (*outLen < (1 + numlen)) {
+      *outLen = 1 + numlen;
+      return BUFFER_E;
+   }
+
+   /* store first byte */
+   out[0] = mp_isodd(key->pubkey.y) ? 0x03 : 0x02;
+
+   /* pad and store x */
+   XMEMSET(out+1, 0, numlen);
+   ret = mp_to_unsigned_bin(key->pubkey.x,
+                       out+1 + (numlen - mp_unsigned_bin_size(key->pubkey.x)));
+   *outLen = 1 + numlen;
+   return ret;
+}
+
+
+/* d = a - b (mod c) */
+int mp_submod(mp_int* a, mp_int* b, mp_int* c, mp_int* d)
+{
+  int     res;
+  mp_int  t;
+
+  if ((res = mp_init (&t)) != MP_OKAY) {
+    return res;
+  }
+
+  if ((res = mp_sub (a, b, &t)) != MP_OKAY) {
+    mp_clear (&t);
+    return res;
+  }
+  res = mp_mod (&t, c, d);
+  mp_clear (&t);
+
+  return res;
+}
+
+
+#endif /* HAVE_COMP_KEY */
+
+#endif /* HAVE_ECC */
diff --git a/3P/wolfssl/wolfcrypt/src/ecc25519.c b/3P/wolfssl/wolfcrypt/src/ecc25519.c
new file mode 100644
index 00000000..14326c63
--- /dev/null
+++ b/3P/wolfssl/wolfcrypt/src/ecc25519.c
@@ -0,0 +1,323 @@
+/* ecc25519.c
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+ /* Based On Daniel J Bernstein's curve25519 Public Domain ref10 work. */
+
+
+#ifdef HAVE_CONFIG_H
+    #include 
+#endif
+
+#include 
+
+#ifdef HAVE_ECC25519
+
+#include 
+#include 
+#ifdef NO_INLINE
+    #include 
+#else
+    #include 
+#endif
+
+#define MONTGOMERY_X_LE 65
+
+const ecc25519_set_type ecc25519_sets[] = {
+{
+        32,
+        "CURVE25519",
+}
+};
+
+
+/* internal function */
+static int curve25519(unsigned char* q, unsigned char* n, unsigned char* p)
+{
+  unsigned char e[32];
+  unsigned int i;
+  fe x1;
+  fe x2;
+  fe z2;
+  fe x3;
+  fe z3;
+  fe tmp0;
+  fe tmp1;
+  int pos;
+  unsigned int swap;
+  unsigned int b;
+
+  for (i = 0;i < 32;++i) e[i] = n[i];
+  e[0] &= 248;
+  e[31] &= 127;
+  e[31] |= 64;
+
+  fe_frombytes(x1,p);
+  fe_1(x2);
+  fe_0(z2);
+  fe_copy(x3,x1);
+  fe_1(z3);
+
+  swap = 0;
+  for (pos = 254;pos >= 0;--pos) {
+    b = e[pos / 8] >> (pos & 7);
+    b &= 1;
+    swap ^= b;
+    fe_cswap(x2,x3,swap);
+    fe_cswap(z2,z3,swap);
+    swap = b;
+#include 
+  }
+  fe_cswap(x2,x3,swap);
+  fe_cswap(z2,z3,swap);
+
+  fe_invert(z2,z2);
+  fe_mul(x2,x2,z2);
+  fe_tobytes(q,x2);
+
+  return 0;
+}
+
+
+int wc_ecc25519_make_key(RNG* rng, int keysize, ecc25519_key* key)
+{
+  unsigned char basepoint[ECC25519_KEYSIZE] = {9};
+  unsigned char n[ECC25519_KEYSIZE];
+  unsigned char p[ECC25519_KEYSIZE];
+  int  i;
+  int err;
+
+  if (key == NULL || rng == NULL)
+      return ECC_BAD_ARG_E;
+
+  /* currently only a key size of 32 bytes is used */
+  if (keysize != ECC25519_KEYSIZE)
+      return ECC_BAD_ARG_E;
+
+  /* get random number from RNG */
+  err = wc_RNG_GenerateBlock(rng, n, keysize);
+  if (err != 0)
+      return err;
+
+  for (i = 0; i < keysize; ++i) key->k.point[i] = n[i];
+  key->k.point[ 0] &= 248;
+  key->k.point[31] &= 127;
+  key->k.point[31] |= 64;
+
+  /*compute public key*/
+  err = curve25519(p, key->k.point, basepoint);
+
+  /* store keys in big endian format */
+  for (i = 0; i < keysize; ++i) n[i] = key->k.point[i];
+  for (i = 0; i < keysize; ++i) {
+      key->p.point[keysize - i - 1] = p[i];
+      key->k.point[keysize - i - 1] = n[i];
+  }
+
+  ForceZero(n, keysize);
+
+  return err;
+}
+
+
+int wc_ecc25519_shared_secret(ecc25519_key* private_key, ecc25519_key* public_key,
+        byte* out, word32* outlen)
+{
+    unsigned char k[ECC25519_KEYSIZE];
+    unsigned char p[ECC25519_KEYSIZE];
+    int err = 0;
+    int i;
+
+    /* sanity check */
+    if (private_key == NULL || public_key == NULL || out == NULL ||
+            outlen == NULL)
+        return BAD_FUNC_ARG;
+
+    if (private_key->k.point == NULL || public_key->p.point == NULL)
+        return BAD_FUNC_ARG;
+
+    /* avoid implementation fingerprinting */
+    if (public_key->p.point[0] > 0x7F)
+        return ECC_BAD_ARG_E;
+
+    if (*outlen < ECC25519_KEYSIZE)
+        return BUFFER_E;
+
+    XMEMSET(p,   0, sizeof(p));
+    XMEMSET(k,   0, sizeof(k));
+    XMEMSET(out, 0, ECC25519_KEYSIZE);
+
+    for (i = 0; i < ECC25519_KEYSIZE; ++i) {
+        p[i] = public_key->p.point [ECC25519_KEYSIZE - i - 1];
+        k[i] = private_key->k.point[ECC25519_KEYSIZE - i - 1];
+    }
+
+    err     = curve25519(out , k, p);
+    *outlen = ECC25519_KEYSIZE;
+
+    ForceZero(p, sizeof(p));
+    ForceZero(k, sizeof(k));
+
+    return err;
+}
+
+
+
+/* curve25519 uses a serialized string for key representation */
+int wc_ecc25519_export_public(ecc25519_key* key, byte* out, word32* outLen)
+{
+    word32 keySz;
+    byte   offset;
+
+    if (key == NULL || out == NULL)
+        return BAD_FUNC_ARG;
+
+    /* check size of outgoing key */
+    keySz  = wc_ecc25519_size(key);
+    offset = 2;
+
+    /* copy in public key and leave room for length and type byte */
+    XMEMCPY(out + offset, key->p.point, keySz);
+    *outLen = keySz + offset;
+
+    /* length and type */
+    out[0] = *outLen;
+    out[1] = key->f;
+
+    return 0;
+}
+
+/* import curve25519 public key
+   return 0 on success */
+int wc_ecc25519_import_public(const byte* in, word32 inLen, ecc25519_key* key)
+{
+    word32 keySz;
+    byte   offset;
+
+    /* sanity check */
+    if (key == NULL || in == NULL)
+        return ECC_BAD_ARG_E;
+
+    /* check size of incoming keys */
+    keySz  = wc_ecc25519_size(key);
+    offset = 2;
+
+    /* check that it is correct size plus length and type */
+    if ((inLen != keySz + offset) || (in[1] != MONTGOMERY_X_LE))
+        return ECC_BAD_ARG_E;
+
+    XMEMCPY(key->p.point, in + offset, inLen);
+
+    key->dp = &ecc25519_sets[0];
+
+    return 0;
+}
+
+
+/* export curve25519 private key only raw, outLen is in/out size
+   return 0 on success */
+int wc_ecc25519_export_private_raw(ecc25519_key* key, byte* out, word32* outLen)
+{
+    word32 keySz;
+
+    /* sanity check */
+    if (key == NULL || out == NULL || outLen == NULL)
+        return ECC_BAD_ARG_E;
+
+    keySz = wc_ecc25519_size(key);
+
+    if (*outLen < keySz) {
+        *outLen = keySz;
+        return BUFFER_E;
+    }
+    *outLen = keySz;
+    XMEMSET(out, 0, *outLen);
+    XMEMCPY(out, key->k.point, *outLen);
+
+    return 0;
+}
+
+
+/* curve25519 private key import,public key in serialized format, private raw */
+int wc_ecc25519_import_private_raw(const byte* priv, word32 privSz,
+                               const byte* pub, word32 pubSz, ecc25519_key* key)
+{
+    int ret = 0;
+    word32 keySz;
+
+    /* sanity check */
+    if (key == NULL || priv == NULL || pub ==NULL)
+        return ECC_BAD_ARG_E;
+
+    /* check size of incoming keys */
+    keySz = wc_ecc25519_size(key);
+    if (privSz != keySz || pubSz != keySz)
+       return ECC_BAD_ARG_E;
+
+    XMEMCPY(key->k.point, priv, privSz);
+    XMEMCPY(key->p.point, pub, pubSz);
+
+    return ret;
+}
+
+
+int wc_ecc25519_init(ecc25519_key* key)
+{
+    word32 keySz;
+
+    if (key == NULL)
+       return ECC_BAD_ARG_E;
+
+    /* currently the format for curve25519 */
+    key->f  = MONTGOMERY_X_LE;
+    key->dp = &ecc25519_sets[0];
+    keySz   = key->dp->size;
+
+    XMEMSET(key->k.point, 0, keySz);
+    XMEMSET(key->p.point, 0, keySz);
+
+    return 0;
+}
+
+
+/**
+  Clean the memory of a key
+*/
+void wc_ecc25519_free(ecc25519_key* key)
+{
+   if (key == NULL)
+       return;
+
+   key->dp = NULL;
+   ForceZero(key->p.point, sizeof(key->p.point));
+   ForceZero(key->k.point, sizeof(key->k.point));
+}
+
+
+/* key size */
+int wc_ecc25519_size(ecc25519_key* key)
+{
+    if (key == NULL) return 0;
+
+    return key->dp->size;
+}
+
+#endif /*HAVE_ECC25519*/
+
diff --git a/3P/wolfssl/wolfcrypt/src/ecc25519_fe.c b/3P/wolfssl/wolfcrypt/src/ecc25519_fe.c
new file mode 100644
index 00000000..c0479d77
--- /dev/null
+++ b/3P/wolfssl/wolfcrypt/src/ecc25519_fe.c
@@ -0,0 +1,961 @@
+/* ecc25519_fe.c
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+ /* Based On Daniel J Bernstein's curve25519 Public Domain ref10 work. */
+
+
+#ifdef HAVE_ECC25519
+
+#include 
+#include 
+
+/*
+h = 0
+*/
+
+void fe_0(fe h)
+{
+  h[0] = 0;
+  h[1] = 0;
+  h[2] = 0;
+  h[3] = 0;
+  h[4] = 0;
+  h[5] = 0;
+  h[6] = 0;
+  h[7] = 0;
+  h[8] = 0;
+  h[9] = 0;
+}
+
+
+
+/*
+h = 1
+*/
+
+void fe_1(fe h)
+{
+  h[0] = 1;
+  h[1] = 0;
+  h[2] = 0;
+  h[3] = 0;
+  h[4] = 0;
+  h[5] = 0;
+  h[6] = 0;
+  h[7] = 0;
+  h[8] = 0;
+  h[9] = 0;
+}
+
+
+/*
+h = f + g
+Can overlap h with f or g.
+
+Preconditions:
+   |f| bounded by 1.1*2^25,1.1*2^24,1.1*2^25,1.1*2^24,etc.
+   |g| bounded by 1.1*2^25,1.1*2^24,1.1*2^25,1.1*2^24,etc.
+
+Postconditions:
+   |h| bounded by 1.1*2^26,1.1*2^25,1.1*2^26,1.1*2^25,etc.
+*/
+
+void fe_add(fe h,fe f,fe g)
+{
+  int32_t f0 = f[0];
+  int32_t f1 = f[1];
+  int32_t f2 = f[2];
+  int32_t f3 = f[3];
+  int32_t f4 = f[4];
+  int32_t f5 = f[5];
+  int32_t f6 = f[6];
+  int32_t f7 = f[7];
+  int32_t f8 = f[8];
+  int32_t f9 = f[9];
+  int32_t g0 = g[0];
+  int32_t g1 = g[1];
+  int32_t g2 = g[2];
+  int32_t g3 = g[3];
+  int32_t g4 = g[4];
+  int32_t g5 = g[5];
+  int32_t g6 = g[6];
+  int32_t g7 = g[7];
+  int32_t g8 = g[8];
+  int32_t g9 = g[9];
+  int32_t h0 = f0 + g0;
+  int32_t h1 = f1 + g1;
+  int32_t h2 = f2 + g2;
+  int32_t h3 = f3 + g3;
+  int32_t h4 = f4 + g4;
+  int32_t h5 = f5 + g5;
+  int32_t h6 = f6 + g6;
+  int32_t h7 = f7 + g7;
+  int32_t h8 = f8 + g8;
+  int32_t h9 = f9 + g9;
+  h[0] = h0;
+  h[1] = h1;
+  h[2] = h2;
+  h[3] = h3;
+  h[4] = h4;
+  h[5] = h5;
+  h[6] = h6;
+  h[7] = h7;
+  h[8] = h8;
+  h[9] = h9;
+}
+
+
+
+/*
+h = f
+*/
+
+void fe_copy(fe h,fe f)
+{
+  int32_t f0 = f[0];
+  int32_t f1 = f[1];
+  int32_t f2 = f[2];
+  int32_t f3 = f[3];
+  int32_t f4 = f[4];
+  int32_t f5 = f[5];
+  int32_t f6 = f[6];
+  int32_t f7 = f[7];
+  int32_t f8 = f[8];
+  int32_t f9 = f[9];
+  h[0] = f0;
+  h[1] = f1;
+  h[2] = f2;
+  h[3] = f3;
+  h[4] = f4;
+  h[5] = f5;
+  h[6] = f6;
+  h[7] = f7;
+  h[8] = f8;
+  h[9] = f9;
+}
+
+
+/*
+Replace (f,g) with (g,f) if b == 1;
+replace (f,g) with (f,g) if b == 0.
+
+Preconditions: b in {0,1}.
+*/
+
+void fe_cswap(fe f,fe g,unsigned int b)
+{
+  int32_t f0 = f[0];
+  int32_t f1 = f[1];
+  int32_t f2 = f[2];
+  int32_t f3 = f[3];
+  int32_t f4 = f[4];
+  int32_t f5 = f[5];
+  int32_t f6 = f[6];
+  int32_t f7 = f[7];
+  int32_t f8 = f[8];
+  int32_t f9 = f[9];
+  int32_t g0 = g[0];
+  int32_t g1 = g[1];
+  int32_t g2 = g[2];
+  int32_t g3 = g[3];
+  int32_t g4 = g[4];
+  int32_t g5 = g[5];
+  int32_t g6 = g[6];
+  int32_t g7 = g[7];
+  int32_t g8 = g[8];
+  int32_t g9 = g[9];
+  int32_t x0 = f0 ^ g0;
+  int32_t x1 = f1 ^ g1;
+  int32_t x2 = f2 ^ g2;
+  int32_t x3 = f3 ^ g3;
+  int32_t x4 = f4 ^ g4;
+  int32_t x5 = f5 ^ g5;
+  int32_t x6 = f6 ^ g6;
+  int32_t x7 = f7 ^ g7;
+  int32_t x8 = f8 ^ g8;
+  int32_t x9 = f9 ^ g9;
+  b = -b;
+  x0 &= b;
+  x1 &= b;
+  x2 &= b;
+  x3 &= b;
+  x4 &= b;
+  x5 &= b;
+  x6 &= b;
+  x7 &= b;
+  x8 &= b;
+  x9 &= b;
+  f[0] = f0 ^ x0;
+  f[1] = f1 ^ x1;
+  f[2] = f2 ^ x2;
+  f[3] = f3 ^ x3;
+  f[4] = f4 ^ x4;
+  f[5] = f5 ^ x5;
+  f[6] = f6 ^ x6;
+  f[7] = f7 ^ x7;
+  f[8] = f8 ^ x8;
+  f[9] = f9 ^ x9;
+  g[0] = g0 ^ x0;
+  g[1] = g1 ^ x1;
+  g[2] = g2 ^ x2;
+  g[3] = g3 ^ x3;
+  g[4] = g4 ^ x4;
+  g[5] = g5 ^ x5;
+  g[6] = g6 ^ x6;
+  g[7] = g7 ^ x7;
+  g[8] = g8 ^ x8;
+  g[9] = g9 ^ x9;
+}
+
+
+
+static uint64_t load_3(const unsigned char *in)
+{
+  uint64_t result;
+  result = (uint64_t) in[0];
+  result |= ((uint64_t) in[1]) << 8;
+  result |= ((uint64_t) in[2]) << 16;
+  return result;
+}
+
+static uint64_t load_4(const unsigned char *in)
+{
+  uint64_t result;
+  result = (uint64_t) in[0];
+  result |= ((uint64_t) in[1]) << 8;
+  result |= ((uint64_t) in[2]) << 16;
+  result |= ((uint64_t) in[3]) << 24;
+  return result;
+}
+
+void fe_frombytes(fe h,const unsigned char *s)
+{
+  int64_t h0 = load_4(s);
+  int64_t h1 = load_3(s + 4) << 6;
+  int64_t h2 = load_3(s + 7) << 5;
+  int64_t h3 = load_3(s + 10) << 3;
+  int64_t h4 = load_3(s + 13) << 2;
+  int64_t h5 = load_4(s + 16);
+  int64_t h6 = load_3(s + 20) << 7;
+  int64_t h7 = load_3(s + 23) << 5;
+  int64_t h8 = load_3(s + 26) << 4;
+  int64_t h9 = (load_3(s + 29) & 8388607) << 2;
+  int64_t carry0;
+  int64_t carry1;
+  int64_t carry2;
+  int64_t carry3;
+  int64_t carry4;
+  int64_t carry5;
+  int64_t carry6;
+  int64_t carry7;
+  int64_t carry8;
+  int64_t carry9;
+
+  carry9 = (h9 + (int64_t) (1<<24)) >> 25; h0 += carry9 * 19; h9 -= carry9 << 25;
+  carry1 = (h1 + (int64_t) (1<<24)) >> 25; h2 += carry1; h1 -= carry1 << 25;
+  carry3 = (h3 + (int64_t) (1<<24)) >> 25; h4 += carry3; h3 -= carry3 << 25;
+  carry5 = (h5 + (int64_t) (1<<24)) >> 25; h6 += carry5; h5 -= carry5 << 25;
+  carry7 = (h7 + (int64_t) (1<<24)) >> 25; h8 += carry7; h7 -= carry7 << 25;
+
+  carry0 = (h0 + (int64_t) (1<<25)) >> 26; h1 += carry0; h0 -= carry0 << 26;
+  carry2 = (h2 + (int64_t) (1<<25)) >> 26; h3 += carry2; h2 -= carry2 << 26;
+  carry4 = (h4 + (int64_t) (1<<25)) >> 26; h5 += carry4; h4 -= carry4 << 26;
+  carry6 = (h6 + (int64_t) (1<<25)) >> 26; h7 += carry6; h6 -= carry6 << 26;
+  carry8 = (h8 + (int64_t) (1<<25)) >> 26; h9 += carry8; h8 -= carry8 << 26;
+
+  h[0] = (int32_t)h0;
+  h[1] = (int32_t)h1;
+  h[2] = (int32_t)h2;
+  h[3] = (int32_t)h3;
+  h[4] = (int32_t)h4;
+  h[5] = (int32_t)h5;
+  h[6] = (int32_t)h6;
+  h[7] = (int32_t)h7;
+  h[8] = (int32_t)h8;
+  h[9] = (int32_t)h9;
+}
+
+
+
+void fe_invert(fe out,fe z)
+{
+  fe t0;
+  fe t1;
+  fe t2;
+  fe t3;
+  int i;
+
+#include 
+
+  return;
+}
+
+
+/*
+h = f * 121666
+Can overlap h with f.
+
+Preconditions:
+   |f| bounded by 1.1*2^26,1.1*2^25,1.1*2^26,1.1*2^25,etc.
+
+Postconditions:
+   |h| bounded by 1.1*2^25,1.1*2^24,1.1*2^25,1.1*2^24,etc.
+*/
+
+void fe_mul121666(fe h,fe f)
+{
+  int32_t f0 = f[0];
+  int32_t f1 = f[1];
+  int32_t f2 = f[2];
+  int32_t f3 = f[3];
+  int32_t f4 = f[4];
+  int32_t f5 = f[5];
+  int32_t f6 = f[6];
+  int32_t f7 = f[7];
+  int32_t f8 = f[8];
+  int32_t f9 = f[9];
+  int64_t h0 = f0 * (int64_t) 121666;
+  int64_t h1 = f1 * (int64_t) 121666;
+  int64_t h2 = f2 * (int64_t) 121666;
+  int64_t h3 = f3 * (int64_t) 121666;
+  int64_t h4 = f4 * (int64_t) 121666;
+  int64_t h5 = f5 * (int64_t) 121666;
+  int64_t h6 = f6 * (int64_t) 121666;
+  int64_t h7 = f7 * (int64_t) 121666;
+  int64_t h8 = f8 * (int64_t) 121666;
+  int64_t h9 = f9 * (int64_t) 121666;
+  int64_t carry0;
+  int64_t carry1;
+  int64_t carry2;
+  int64_t carry3;
+  int64_t carry4;
+  int64_t carry5;
+  int64_t carry6;
+  int64_t carry7;
+  int64_t carry8;
+  int64_t carry9;
+
+  carry9 = (h9 + (int64_t) (1<<24)) >> 25; h0 += carry9 * 19; h9 -= carry9 << 25;
+  carry1 = (h1 + (int64_t) (1<<24)) >> 25; h2 += carry1; h1 -= carry1 << 25;
+  carry3 = (h3 + (int64_t) (1<<24)) >> 25; h4 += carry3; h3 -= carry3 << 25;
+  carry5 = (h5 + (int64_t) (1<<24)) >> 25; h6 += carry5; h5 -= carry5 << 25;
+  carry7 = (h7 + (int64_t) (1<<24)) >> 25; h8 += carry7; h7 -= carry7 << 25;
+
+  carry0 = (h0 + (int64_t) (1<<25)) >> 26; h1 += carry0; h0 -= carry0 << 26;
+  carry2 = (h2 + (int64_t) (1<<25)) >> 26; h3 += carry2; h2 -= carry2 << 26;
+  carry4 = (h4 + (int64_t) (1<<25)) >> 26; h5 += carry4; h4 -= carry4 << 26;
+  carry6 = (h6 + (int64_t) (1<<25)) >> 26; h7 += carry6; h6 -= carry6 << 26;
+  carry8 = (h8 + (int64_t) (1<<25)) >> 26; h9 += carry8; h8 -= carry8 << 26;
+
+  h[0] = (int32_t)h0;
+  h[1] = (int32_t)h1;
+  h[2] = (int32_t)h2;
+  h[3] = (int32_t)h3;
+  h[4] = (int32_t)h4;
+  h[5] = (int32_t)h5;
+  h[6] = (int32_t)h6;
+  h[7] = (int32_t)h7;
+  h[8] = (int32_t)h8;
+  h[9] = (int32_t)h9;
+}
+
+
+
+/*
+h = f * g
+Can overlap h with f or g.
+
+Preconditions:
+   |f| bounded by 1.1*2^26,1.1*2^25,1.1*2^26,1.1*2^25,etc.
+   |g| bounded by 1.1*2^26,1.1*2^25,1.1*2^26,1.1*2^25,etc.
+
+Postconditions:
+   |h| bounded by 1.1*2^25,1.1*2^24,1.1*2^25,1.1*2^24,etc.
+*/
+
+/*
+Notes on implementation strategy:
+
+Using schoolbook multiplication.
+Karatsuba would save a little in some cost models.
+
+Most multiplications by 2 and 19 are 32-bit precomputations;
+cheaper than 64-bit postcomputations.
+
+There is one remaining multiplication by 19 in the carry chain;
+one *19 precomputation can be merged into this,
+but the resulting data flow is considerably less clean.
+
+There are 12 carries below.
+10 of them are 2-way parallelizable and vectorizable.
+Can get away with 11 carries, but then data flow is much deeper.
+
+With tighter constraints on inputs can squeeze carries into int32.
+*/
+
+void fe_mul(fe h,fe f,fe g)
+{
+  int32_t f0 = f[0];
+  int32_t f1 = f[1];
+  int32_t f2 = f[2];
+  int32_t f3 = f[3];
+  int32_t f4 = f[4];
+  int32_t f5 = f[5];
+  int32_t f6 = f[6];
+  int32_t f7 = f[7];
+  int32_t f8 = f[8];
+  int32_t f9 = f[9];
+  int32_t g0 = g[0];
+  int32_t g1 = g[1];
+  int32_t g2 = g[2];
+  int32_t g3 = g[3];
+  int32_t g4 = g[4];
+  int32_t g5 = g[5];
+  int32_t g6 = g[6];
+  int32_t g7 = g[7];
+  int32_t g8 = g[8];
+  int32_t g9 = g[9];
+  int32_t g1_19 = 19 * g1; /* 1.4*2^29 */
+  int32_t g2_19 = 19 * g2; /* 1.4*2^30; still ok */
+  int32_t g3_19 = 19 * g3;
+  int32_t g4_19 = 19 * g4;
+  int32_t g5_19 = 19 * g5;
+  int32_t g6_19 = 19 * g6;
+  int32_t g7_19 = 19 * g7;
+  int32_t g8_19 = 19 * g8;
+  int32_t g9_19 = 19 * g9;
+  int32_t f1_2 = 2 * f1;
+  int32_t f3_2 = 2 * f3;
+  int32_t f5_2 = 2 * f5;
+  int32_t f7_2 = 2 * f7;
+  int32_t f9_2 = 2 * f9;
+  int64_t f0g0    = f0   * (int64_t) g0;
+  int64_t f0g1    = f0   * (int64_t) g1;
+  int64_t f0g2    = f0   * (int64_t) g2;
+  int64_t f0g3    = f0   * (int64_t) g3;
+  int64_t f0g4    = f0   * (int64_t) g4;
+  int64_t f0g5    = f0   * (int64_t) g5;
+  int64_t f0g6    = f0   * (int64_t) g6;
+  int64_t f0g7    = f0   * (int64_t) g7;
+  int64_t f0g8    = f0   * (int64_t) g8;
+  int64_t f0g9    = f0   * (int64_t) g9;
+  int64_t f1g0    = f1   * (int64_t) g0;
+  int64_t f1g1_2  = f1_2 * (int64_t) g1;
+  int64_t f1g2    = f1   * (int64_t) g2;
+  int64_t f1g3_2  = f1_2 * (int64_t) g3;
+  int64_t f1g4    = f1   * (int64_t) g4;
+  int64_t f1g5_2  = f1_2 * (int64_t) g5;
+  int64_t f1g6    = f1   * (int64_t) g6;
+  int64_t f1g7_2  = f1_2 * (int64_t) g7;
+  int64_t f1g8    = f1   * (int64_t) g8;
+  int64_t f1g9_38 = f1_2 * (int64_t) g9_19;
+  int64_t f2g0    = f2   * (int64_t) g0;
+  int64_t f2g1    = f2   * (int64_t) g1;
+  int64_t f2g2    = f2   * (int64_t) g2;
+  int64_t f2g3    = f2   * (int64_t) g3;
+  int64_t f2g4    = f2   * (int64_t) g4;
+  int64_t f2g5    = f2   * (int64_t) g5;
+  int64_t f2g6    = f2   * (int64_t) g6;
+  int64_t f2g7    = f2   * (int64_t) g7;
+  int64_t f2g8_19 = f2   * (int64_t) g8_19;
+  int64_t f2g9_19 = f2   * (int64_t) g9_19;
+  int64_t f3g0    = f3   * (int64_t) g0;
+  int64_t f3g1_2  = f3_2 * (int64_t) g1;
+  int64_t f3g2    = f3   * (int64_t) g2;
+  int64_t f3g3_2  = f3_2 * (int64_t) g3;
+  int64_t f3g4    = f3   * (int64_t) g4;
+  int64_t f3g5_2  = f3_2 * (int64_t) g5;
+  int64_t f3g6    = f3   * (int64_t) g6;
+  int64_t f3g7_38 = f3_2 * (int64_t) g7_19;
+  int64_t f3g8_19 = f3   * (int64_t) g8_19;
+  int64_t f3g9_38 = f3_2 * (int64_t) g9_19;
+  int64_t f4g0    = f4   * (int64_t) g0;
+  int64_t f4g1    = f4   * (int64_t) g1;
+  int64_t f4g2    = f4   * (int64_t) g2;
+  int64_t f4g3    = f4   * (int64_t) g3;
+  int64_t f4g4    = f4   * (int64_t) g4;
+  int64_t f4g5    = f4   * (int64_t) g5;
+  int64_t f4g6_19 = f4   * (int64_t) g6_19;
+  int64_t f4g7_19 = f4   * (int64_t) g7_19;
+  int64_t f4g8_19 = f4   * (int64_t) g8_19;
+  int64_t f4g9_19 = f4   * (int64_t) g9_19;
+  int64_t f5g0    = f5   * (int64_t) g0;
+  int64_t f5g1_2  = f5_2 * (int64_t) g1;
+  int64_t f5g2    = f5   * (int64_t) g2;
+  int64_t f5g3_2  = f5_2 * (int64_t) g3;
+  int64_t f5g4    = f5   * (int64_t) g4;
+  int64_t f5g5_38 = f5_2 * (int64_t) g5_19;
+  int64_t f5g6_19 = f5   * (int64_t) g6_19;
+  int64_t f5g7_38 = f5_2 * (int64_t) g7_19;
+  int64_t f5g8_19 = f5   * (int64_t) g8_19;
+  int64_t f5g9_38 = f5_2 * (int64_t) g9_19;
+  int64_t f6g0    = f6   * (int64_t) g0;
+  int64_t f6g1    = f6   * (int64_t) g1;
+  int64_t f6g2    = f6   * (int64_t) g2;
+  int64_t f6g3    = f6   * (int64_t) g3;
+  int64_t f6g4_19 = f6   * (int64_t) g4_19;
+  int64_t f6g5_19 = f6   * (int64_t) g5_19;
+  int64_t f6g6_19 = f6   * (int64_t) g6_19;
+  int64_t f6g7_19 = f6   * (int64_t) g7_19;
+  int64_t f6g8_19 = f6   * (int64_t) g8_19;
+  int64_t f6g9_19 = f6   * (int64_t) g9_19;
+  int64_t f7g0    = f7   * (int64_t) g0;
+  int64_t f7g1_2  = f7_2 * (int64_t) g1;
+  int64_t f7g2    = f7   * (int64_t) g2;
+  int64_t f7g3_38 = f7_2 * (int64_t) g3_19;
+  int64_t f7g4_19 = f7   * (int64_t) g4_19;
+  int64_t f7g5_38 = f7_2 * (int64_t) g5_19;
+  int64_t f7g6_19 = f7   * (int64_t) g6_19;
+  int64_t f7g7_38 = f7_2 * (int64_t) g7_19;
+  int64_t f7g8_19 = f7   * (int64_t) g8_19;
+  int64_t f7g9_38 = f7_2 * (int64_t) g9_19;
+  int64_t f8g0    = f8   * (int64_t) g0;
+  int64_t f8g1    = f8   * (int64_t) g1;
+  int64_t f8g2_19 = f8   * (int64_t) g2_19;
+  int64_t f8g3_19 = f8   * (int64_t) g3_19;
+  int64_t f8g4_19 = f8   * (int64_t) g4_19;
+  int64_t f8g5_19 = f8   * (int64_t) g5_19;
+  int64_t f8g6_19 = f8   * (int64_t) g6_19;
+  int64_t f8g7_19 = f8   * (int64_t) g7_19;
+  int64_t f8g8_19 = f8   * (int64_t) g8_19;
+  int64_t f8g9_19 = f8   * (int64_t) g9_19;
+  int64_t f9g0    = f9   * (int64_t) g0;
+  int64_t f9g1_38 = f9_2 * (int64_t) g1_19;
+  int64_t f9g2_19 = f9   * (int64_t) g2_19;
+  int64_t f9g3_38 = f9_2 * (int64_t) g3_19;
+  int64_t f9g4_19 = f9   * (int64_t) g4_19;
+  int64_t f9g5_38 = f9_2 * (int64_t) g5_19;
+  int64_t f9g6_19 = f9   * (int64_t) g6_19;
+  int64_t f9g7_38 = f9_2 * (int64_t) g7_19;
+  int64_t f9g8_19 = f9   * (int64_t) g8_19;
+  int64_t f9g9_38 = f9_2 * (int64_t) g9_19;
+  int64_t h0 = f0g0+f1g9_38+f2g8_19+f3g7_38+f4g6_19+f5g5_38+f6g4_19+f7g3_38+f8g2_19+f9g1_38;
+  int64_t h1 = f0g1+f1g0   +f2g9_19+f3g8_19+f4g7_19+f5g6_19+f6g5_19+f7g4_19+f8g3_19+f9g2_19;
+  int64_t h2 = f0g2+f1g1_2 +f2g0   +f3g9_38+f4g8_19+f5g7_38+f6g6_19+f7g5_38+f8g4_19+f9g3_38;
+  int64_t h3 = f0g3+f1g2   +f2g1   +f3g0   +f4g9_19+f5g8_19+f6g7_19+f7g6_19+f8g5_19+f9g4_19;
+  int64_t h4 = f0g4+f1g3_2 +f2g2   +f3g1_2 +f4g0   +f5g9_38+f6g8_19+f7g7_38+f8g6_19+f9g5_38;
+  int64_t h5 = f0g5+f1g4   +f2g3   +f3g2   +f4g1   +f5g0   +f6g9_19+f7g8_19+f8g7_19+f9g6_19;
+  int64_t h6 = f0g6+f1g5_2 +f2g4   +f3g3_2 +f4g2   +f5g1_2 +f6g0   +f7g9_38+f8g8_19+f9g7_38;
+  int64_t h7 = f0g7+f1g6   +f2g5   +f3g4   +f4g3   +f5g2   +f6g1   +f7g0   +f8g9_19+f9g8_19;
+  int64_t h8 = f0g8+f1g7_2 +f2g6   +f3g5_2 +f4g4   +f5g3_2 +f6g2   +f7g1_2 +f8g0   +f9g9_38;
+  int64_t h9 = f0g9+f1g8   +f2g7   +f3g6   +f4g5   +f5g4   +f6g3   +f7g2   +f8g1   +f9g0   ;
+  int64_t carry0;
+  int64_t carry1;
+  int64_t carry2;
+  int64_t carry3;
+  int64_t carry4;
+  int64_t carry5;
+  int64_t carry6;
+  int64_t carry7;
+  int64_t carry8;
+  int64_t carry9;
+
+  /*
+  |h0| <= (1.1*1.1*2^52*(1+19+19+19+19)+1.1*1.1*2^50*(38+38+38+38+38))
+    i.e. |h0| <= 1.2*2^59; narrower ranges for h2, h4, h6, h8
+  |h1| <= (1.1*1.1*2^51*(1+1+19+19+19+19+19+19+19+19))
+    i.e. |h1| <= 1.5*2^58; narrower ranges for h3, h5, h7, h9
+  */
+
+  carry0 = (h0 + (int64_t) (1<<25)) >> 26; h1 += carry0; h0 -= carry0 << 26;
+  carry4 = (h4 + (int64_t) (1<<25)) >> 26; h5 += carry4; h4 -= carry4 << 26;
+  /* |h0| <= 2^25 */
+  /* |h4| <= 2^25 */
+  /* |h1| <= 1.51*2^58 */
+  /* |h5| <= 1.51*2^58 */
+
+  carry1 = (h1 + (int64_t) (1<<24)) >> 25; h2 += carry1; h1 -= carry1 << 25;
+  carry5 = (h5 + (int64_t) (1<<24)) >> 25; h6 += carry5; h5 -= carry5 << 25;
+  /* |h1| <= 2^24; from now on fits into int32 */
+  /* |h5| <= 2^24; from now on fits into int32 */
+  /* |h2| <= 1.21*2^59 */
+  /* |h6| <= 1.21*2^59 */
+
+  carry2 = (h2 + (int64_t) (1<<25)) >> 26; h3 += carry2; h2 -= carry2 << 26;
+  carry6 = (h6 + (int64_t) (1<<25)) >> 26; h7 += carry6; h6 -= carry6 << 26;
+  /* |h2| <= 2^25; from now on fits into int32 unchanged */
+  /* |h6| <= 2^25; from now on fits into int32 unchanged */
+  /* |h3| <= 1.51*2^58 */
+  /* |h7| <= 1.51*2^58 */
+
+  carry3 = (h3 + (int64_t) (1<<24)) >> 25; h4 += carry3; h3 -= carry3 << 25;
+  carry7 = (h7 + (int64_t) (1<<24)) >> 25; h8 += carry7; h7 -= carry7 << 25;
+  /* |h3| <= 2^24; from now on fits into int32 unchanged */
+  /* |h7| <= 2^24; from now on fits into int32 unchanged */
+  /* |h4| <= 1.52*2^33 */
+  /* |h8| <= 1.52*2^33 */
+
+  carry4 = (h4 + (int64_t) (1<<25)) >> 26; h5 += carry4; h4 -= carry4 << 26;
+  carry8 = (h8 + (int64_t) (1<<25)) >> 26; h9 += carry8; h8 -= carry8 << 26;
+  /* |h4| <= 2^25; from now on fits into int32 unchanged */
+  /* |h8| <= 2^25; from now on fits into int32 unchanged */
+  /* |h5| <= 1.01*2^24 */
+  /* |h9| <= 1.51*2^58 */
+
+  carry9 = (h9 + (int64_t) (1<<24)) >> 25; h0 += carry9 * 19; h9 -= carry9 << 25;
+  /* |h9| <= 2^24; from now on fits into int32 unchanged */
+  /* |h0| <= 1.8*2^37 */
+
+  carry0 = (h0 + (int64_t) (1<<25)) >> 26; h1 += carry0; h0 -= carry0 << 26;
+  /* |h0| <= 2^25; from now on fits into int32 unchanged */
+  /* |h1| <= 1.01*2^24 */
+
+  h[0] = (int32_t)h0;
+  h[1] = (int32_t)h1;
+  h[2] = (int32_t)h2;
+  h[3] = (int32_t)h3;
+  h[4] = (int32_t)h4;
+  h[5] = (int32_t)h5;
+  h[6] = (int32_t)h6;
+  h[7] = (int32_t)h7;
+  h[8] = (int32_t)h8;
+  h[9] = (int32_t)h9;
+}
+
+
+
+/*
+h = f * f
+Can overlap h with f.
+
+Preconditions:
+   |f| bounded by 1.1*2^26,1.1*2^25,1.1*2^26,1.1*2^25,etc.
+
+Postconditions:
+   |h| bounded by 1.1*2^25,1.1*2^24,1.1*2^25,1.1*2^24,etc.
+*/
+
+/*
+See fe_mul.c for discussion of implementation strategy.
+*/
+
+void fe_sq(fe h,fe f)
+{
+  int32_t f0 = f[0];
+  int32_t f1 = f[1];
+  int32_t f2 = f[2];
+  int32_t f3 = f[3];
+  int32_t f4 = f[4];
+  int32_t f5 = f[5];
+  int32_t f6 = f[6];
+  int32_t f7 = f[7];
+  int32_t f8 = f[8];
+  int32_t f9 = f[9];
+  int32_t f0_2 = 2 * f0;
+  int32_t f1_2 = 2 * f1;
+  int32_t f2_2 = 2 * f2;
+  int32_t f3_2 = 2 * f3;
+  int32_t f4_2 = 2 * f4;
+  int32_t f5_2 = 2 * f5;
+  int32_t f6_2 = 2 * f6;
+  int32_t f7_2 = 2 * f7;
+  int32_t f5_38 = 38 * f5; /* 1.31*2^30 */
+  int32_t f6_19 = 19 * f6; /* 1.31*2^30 */
+  int32_t f7_38 = 38 * f7; /* 1.31*2^30 */
+  int32_t f8_19 = 19 * f8; /* 1.31*2^30 */
+  int32_t f9_38 = 38 * f9; /* 1.31*2^30 */
+  int64_t f0f0    = f0   * (int64_t) f0;
+  int64_t f0f1_2  = f0_2 * (int64_t) f1;
+  int64_t f0f2_2  = f0_2 * (int64_t) f2;
+  int64_t f0f3_2  = f0_2 * (int64_t) f3;
+  int64_t f0f4_2  = f0_2 * (int64_t) f4;
+  int64_t f0f5_2  = f0_2 * (int64_t) f5;
+  int64_t f0f6_2  = f0_2 * (int64_t) f6;
+  int64_t f0f7_2  = f0_2 * (int64_t) f7;
+  int64_t f0f8_2  = f0_2 * (int64_t) f8;
+  int64_t f0f9_2  = f0_2 * (int64_t) f9;
+  int64_t f1f1_2  = f1_2 * (int64_t) f1;
+  int64_t f1f2_2  = f1_2 * (int64_t) f2;
+  int64_t f1f3_4  = f1_2 * (int64_t) f3_2;
+  int64_t f1f4_2  = f1_2 * (int64_t) f4;
+  int64_t f1f5_4  = f1_2 * (int64_t) f5_2;
+  int64_t f1f6_2  = f1_2 * (int64_t) f6;
+  int64_t f1f7_4  = f1_2 * (int64_t) f7_2;
+  int64_t f1f8_2  = f1_2 * (int64_t) f8;
+  int64_t f1f9_76 = f1_2 * (int64_t) f9_38;
+  int64_t f2f2    = f2   * (int64_t) f2;
+  int64_t f2f3_2  = f2_2 * (int64_t) f3;
+  int64_t f2f4_2  = f2_2 * (int64_t) f4;
+  int64_t f2f5_2  = f2_2 * (int64_t) f5;
+  int64_t f2f6_2  = f2_2 * (int64_t) f6;
+  int64_t f2f7_2  = f2_2 * (int64_t) f7;
+  int64_t f2f8_38 = f2_2 * (int64_t) f8_19;
+  int64_t f2f9_38 = f2   * (int64_t) f9_38;
+  int64_t f3f3_2  = f3_2 * (int64_t) f3;
+  int64_t f3f4_2  = f3_2 * (int64_t) f4;
+  int64_t f3f5_4  = f3_2 * (int64_t) f5_2;
+  int64_t f3f6_2  = f3_2 * (int64_t) f6;
+  int64_t f3f7_76 = f3_2 * (int64_t) f7_38;
+  int64_t f3f8_38 = f3_2 * (int64_t) f8_19;
+  int64_t f3f9_76 = f3_2 * (int64_t) f9_38;
+  int64_t f4f4    = f4   * (int64_t) f4;
+  int64_t f4f5_2  = f4_2 * (int64_t) f5;
+  int64_t f4f6_38 = f4_2 * (int64_t) f6_19;
+  int64_t f4f7_38 = f4   * (int64_t) f7_38;
+  int64_t f4f8_38 = f4_2 * (int64_t) f8_19;
+  int64_t f4f9_38 = f4   * (int64_t) f9_38;
+  int64_t f5f5_38 = f5   * (int64_t) f5_38;
+  int64_t f5f6_38 = f5_2 * (int64_t) f6_19;
+  int64_t f5f7_76 = f5_2 * (int64_t) f7_38;
+  int64_t f5f8_38 = f5_2 * (int64_t) f8_19;
+  int64_t f5f9_76 = f5_2 * (int64_t) f9_38;
+  int64_t f6f6_19 = f6   * (int64_t) f6_19;
+  int64_t f6f7_38 = f6   * (int64_t) f7_38;
+  int64_t f6f8_38 = f6_2 * (int64_t) f8_19;
+  int64_t f6f9_38 = f6   * (int64_t) f9_38;
+  int64_t f7f7_38 = f7   * (int64_t) f7_38;
+  int64_t f7f8_38 = f7_2 * (int64_t) f8_19;
+  int64_t f7f9_76 = f7_2 * (int64_t) f9_38;
+  int64_t f8f8_19 = f8   * (int64_t) f8_19;
+  int64_t f8f9_38 = f8   * (int64_t) f9_38;
+  int64_t f9f9_38 = f9   * (int64_t) f9_38;
+  int64_t h0 = f0f0  +f1f9_76+f2f8_38+f3f7_76+f4f6_38+f5f5_38;
+  int64_t h1 = f0f1_2+f2f9_38+f3f8_38+f4f7_38+f5f6_38;
+  int64_t h2 = f0f2_2+f1f1_2 +f3f9_76+f4f8_38+f5f7_76+f6f6_19;
+  int64_t h3 = f0f3_2+f1f2_2 +f4f9_38+f5f8_38+f6f7_38;
+  int64_t h4 = f0f4_2+f1f3_4 +f2f2   +f5f9_76+f6f8_38+f7f7_38;
+  int64_t h5 = f0f5_2+f1f4_2 +f2f3_2 +f6f9_38+f7f8_38;
+  int64_t h6 = f0f6_2+f1f5_4 +f2f4_2 +f3f3_2 +f7f9_76+f8f8_19;
+  int64_t h7 = f0f7_2+f1f6_2 +f2f5_2 +f3f4_2 +f8f9_38;
+  int64_t h8 = f0f8_2+f1f7_4 +f2f6_2 +f3f5_4 +f4f4   +f9f9_38;
+  int64_t h9 = f0f9_2+f1f8_2 +f2f7_2 +f3f6_2 +f4f5_2;
+  int64_t carry0;
+  int64_t carry1;
+  int64_t carry2;
+  int64_t carry3;
+  int64_t carry4;
+  int64_t carry5;
+  int64_t carry6;
+  int64_t carry7;
+  int64_t carry8;
+  int64_t carry9;
+
+  carry0 = (h0 + (int64_t) (1<<25)) >> 26; h1 += carry0; h0 -= carry0 << 26;
+  carry4 = (h4 + (int64_t) (1<<25)) >> 26; h5 += carry4; h4 -= carry4 << 26;
+
+  carry1 = (h1 + (int64_t) (1<<24)) >> 25; h2 += carry1; h1 -= carry1 << 25;
+  carry5 = (h5 + (int64_t) (1<<24)) >> 25; h6 += carry5; h5 -= carry5 << 25;
+
+  carry2 = (h2 + (int64_t) (1<<25)) >> 26; h3 += carry2; h2 -= carry2 << 26;
+  carry6 = (h6 + (int64_t) (1<<25)) >> 26; h7 += carry6; h6 -= carry6 << 26;
+
+  carry3 = (h3 + (int64_t) (1<<24)) >> 25; h4 += carry3; h3 -= carry3 << 25;
+  carry7 = (h7 + (int64_t) (1<<24)) >> 25; h8 += carry7; h7 -= carry7 << 25;
+
+  carry4 = (h4 + (int64_t) (1<<25)) >> 26; h5 += carry4; h4 -= carry4 << 26;
+  carry8 = (h8 + (int64_t) (1<<25)) >> 26; h9 += carry8; h8 -= carry8 << 26;
+
+  carry9 = (h9 + (int64_t) (1<<24)) >> 25; h0 += carry9 * 19; h9 -= carry9 << 25;
+
+  carry0 = (h0 + (int64_t) (1<<25)) >> 26; h1 += carry0; h0 -= carry0 << 26;
+
+  h[0] = (int32_t)h0;
+  h[1] = (int32_t)h1;
+  h[2] = (int32_t)h2;
+  h[3] = (int32_t)h3;
+  h[4] = (int32_t)h4;
+  h[5] = (int32_t)h5;
+  h[6] = (int32_t)h6;
+  h[7] = (int32_t)h7;
+  h[8] = (int32_t)h8;
+  h[9] = (int32_t)h9;
+}
+
+
+
+/*
+h = f - g
+Can overlap h with f or g.
+
+Preconditions:
+   |f| bounded by 1.1*2^25,1.1*2^24,1.1*2^25,1.1*2^24,etc.
+   |g| bounded by 1.1*2^25,1.1*2^24,1.1*2^25,1.1*2^24,etc.
+
+Postconditions:
+   |h| bounded by 1.1*2^26,1.1*2^25,1.1*2^26,1.1*2^25,etc.
+*/
+
+void fe_sub(fe h,fe f,fe g)
+{
+  int32_t f0 = f[0];
+  int32_t f1 = f[1];
+  int32_t f2 = f[2];
+  int32_t f3 = f[3];
+  int32_t f4 = f[4];
+  int32_t f5 = f[5];
+  int32_t f6 = f[6];
+  int32_t f7 = f[7];
+  int32_t f8 = f[8];
+  int32_t f9 = f[9];
+  int32_t g0 = g[0];
+  int32_t g1 = g[1];
+  int32_t g2 = g[2];
+  int32_t g3 = g[3];
+  int32_t g4 = g[4];
+  int32_t g5 = g[5];
+  int32_t g6 = g[6];
+  int32_t g7 = g[7];
+  int32_t g8 = g[8];
+  int32_t g9 = g[9];
+  int32_t h0 = f0 - g0;
+  int32_t h1 = f1 - g1;
+  int32_t h2 = f2 - g2;
+  int32_t h3 = f3 - g3;
+  int32_t h4 = f4 - g4;
+  int32_t h5 = f5 - g5;
+  int32_t h6 = f6 - g6;
+  int32_t h7 = f7 - g7;
+  int32_t h8 = f8 - g8;
+  int32_t h9 = f9 - g9;
+  h[0] = h0;
+  h[1] = h1;
+  h[2] = h2;
+  h[3] = h3;
+  h[4] = h4;
+  h[5] = h5;
+  h[6] = h6;
+  h[7] = h7;
+  h[8] = h8;
+  h[9] = h9;
+}
+
+
+
+/*
+Preconditions:
+  |h| bounded by 1.1*2^25,1.1*2^24,1.1*2^25,1.1*2^24,etc.
+
+Write p=2^255-19; q=floor(h/p).
+Basic claim: q = floor(2^(-255)(h + 19 2^(-25)h9 + 2^(-1))).
+
+Proof:
+  Have |h|<=p so |q|<=1 so |19^2 2^(-255) q|<1/4.
+  Also have |h-2^230 h9|<2^230 so |19 2^(-255)(h-2^230 h9)|<1/4.
+
+  Write y=2^(-1)-19^2 2^(-255)q-19 2^(-255)(h-2^230 h9).
+  Then 0> 25;
+  q = (h0 + q) >> 26;
+  q = (h1 + q) >> 25;
+  q = (h2 + q) >> 26;
+  q = (h3 + q) >> 25;
+  q = (h4 + q) >> 26;
+  q = (h5 + q) >> 25;
+  q = (h6 + q) >> 26;
+  q = (h7 + q) >> 25;
+  q = (h8 + q) >> 26;
+  q = (h9 + q) >> 25;
+
+  /* Goal: Output h-(2^255-19)q, which is between 0 and 2^255-20. */
+  h0 += 19 * q;
+  /* Goal: Output h-2^255 q, which is between 0 and 2^255-20. */
+
+  carry0 = h0 >> 26; h1 += carry0; h0 -= carry0 << 26;
+  carry1 = h1 >> 25; h2 += carry1; h1 -= carry1 << 25;
+  carry2 = h2 >> 26; h3 += carry2; h2 -= carry2 << 26;
+  carry3 = h3 >> 25; h4 += carry3; h3 -= carry3 << 25;
+  carry4 = h4 >> 26; h5 += carry4; h4 -= carry4 << 26;
+  carry5 = h5 >> 25; h6 += carry5; h5 -= carry5 << 25;
+  carry6 = h6 >> 26; h7 += carry6; h6 -= carry6 << 26;
+  carry7 = h7 >> 25; h8 += carry7; h7 -= carry7 << 25;
+  carry8 = h8 >> 26; h9 += carry8; h8 -= carry8 << 26;
+  carry9 = h9 >> 25;               h9 -= carry9 << 25;
+                  /* h10 = carry9 */
+
+  /*
+  Goal: Output h0+...+2^255 h10-2^255 q, which is between 0 and 2^255-20.
+  Have h0+...+2^230 h9 between 0 and 2^255-1;
+  evidently 2^255 h10-2^255 q = 0.
+  Goal: Output h0+...+2^230 h9.
+  */
+
+  s[0] = h0 >> 0;
+  s[1] = h0 >> 8;
+  s[2] = h0 >> 16;
+  s[3] = (h0 >> 24) | (h1 << 2);
+  s[4] = h1 >> 6;
+  s[5] = h1 >> 14;
+  s[6] = (h1 >> 22) | (h2 << 3);
+  s[7] = h2 >> 5;
+  s[8] = h2 >> 13;
+  s[9] = (h2 >> 21) | (h3 << 5);
+  s[10] = h3 >> 3;
+  s[11] = h3 >> 11;
+  s[12] = (h3 >> 19) | (h4 << 6);
+  s[13] = h4 >> 2;
+  s[14] = h4 >> 10;
+  s[15] = h4 >> 18;
+  s[16] = h5 >> 0;
+  s[17] = h5 >> 8;
+  s[18] = h5 >> 16;
+  s[19] = (h5 >> 24) | (h6 << 1);
+  s[20] = h6 >> 7;
+  s[21] = h6 >> 15;
+  s[22] = (h6 >> 23) | (h7 << 3);
+  s[23] = h7 >> 5;
+  s[24] = h7 >> 13;
+  s[25] = (h7 >> 21) | (h8 << 4);
+  s[26] = h8 >> 4;
+  s[27] = h8 >> 12;
+  s[28] = (h8 >> 20) | (h9 << 6);
+  s[29] = h9 >> 2;
+  s[30] = h9 >> 10;
+  s[31] = h9 >> 18;
+}
+
+#endif /*HAVE_ECC25519*/
+
diff --git a/3P/wolfssl/wolfcrypt/src/ecc_fp.c b/3P/wolfssl/wolfcrypt/src/ecc_fp.c
new file mode 100644
index 00000000..c8acf938
--- /dev/null
+++ b/3P/wolfssl/wolfcrypt/src/ecc_fp.c
@@ -0,0 +1 @@
+/* dummy ecc_fp.c for dist */
diff --git a/3P/wolfssl/wolfcrypt/src/error.c b/3P/wolfssl/wolfcrypt/src/error.c
new file mode 100644
index 00000000..8c843a16
--- /dev/null
+++ b/3P/wolfssl/wolfcrypt/src/error.c
@@ -0,0 +1,331 @@
+/* error.c
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+#ifdef HAVE_CONFIG_H
+    #include 
+#endif
+
+#include 
+
+#include 
+
+#ifdef _MSC_VER
+    /* 4996 warning to use MS extensions e.g., strcpy_s instead of XSTRNCPY */
+    #pragma warning(disable: 4996)
+#endif
+
+const char* wc_GetErrorString(int error)
+{
+#ifdef NO_ERROR_STRINGS
+
+    (void)error;
+    return "no support for error strings built in";
+
+#else
+
+    switch (error) {
+
+    case OPEN_RAN_E :
+        return "opening random device error";
+
+    case READ_RAN_E :
+        return "reading random device error";
+
+    case WINCRYPT_E :
+        return "windows crypt init error";
+
+    case CRYPTGEN_E :
+        return "windows crypt generation error";
+
+    case RAN_BLOCK_E :
+        return "random device read would block error";
+
+    case BAD_MUTEX_E :
+        return "Bad mutex, operation failed";
+
+    case MP_INIT_E :
+        return "mp_init error state";
+
+    case MP_READ_E :
+        return "mp_read error state";
+
+    case MP_EXPTMOD_E :
+        return "mp_exptmod error state";
+
+    case MP_TO_E :
+        return "mp_to_xxx error state, can't convert";
+
+    case MP_SUB_E :
+        return "mp_sub error state, can't subtract";
+
+    case MP_ADD_E :
+        return "mp_add error state, can't add";
+
+    case MP_MUL_E :
+        return "mp_mul error state, can't multiply";
+
+    case MP_MULMOD_E :
+        return "mp_mulmod error state, can't multiply mod";
+
+    case MP_MOD_E :
+        return "mp_mod error state, can't mod";
+
+    case MP_INVMOD_E :
+        return "mp_invmod error state, can't inv mod";
+
+    case MP_CMP_E :
+        return "mp_cmp error state";
+
+    case MP_ZERO_E :
+        return "mp zero result, not expected";
+
+    case MEMORY_E :
+        return "out of memory error";
+
+    case RSA_WRONG_TYPE_E :
+        return "RSA wrong block type for RSA function";
+
+    case RSA_BUFFER_E :
+        return "RSA buffer error, output too small or input too big";
+
+    case BUFFER_E :
+        return "Buffer error, output too small or input too big";
+
+    case ALGO_ID_E :
+        return "Setting Cert AlogID error";
+
+    case PUBLIC_KEY_E :
+        return "Setting Cert Public Key error";
+
+    case DATE_E :
+        return "Setting Cert Date validity error";
+
+    case SUBJECT_E :
+        return "Setting Cert Subject name error";
+
+    case ISSUER_E :
+        return "Setting Cert Issuer name error";
+
+    case CA_TRUE_E :
+        return "Setting basic constraint CA true error";
+
+    case EXTENSIONS_E :
+        return "Setting extensions error";
+
+    case ASN_PARSE_E :
+        return "ASN parsing error, invalid input";
+
+    case ASN_VERSION_E :
+        return "ASN version error, invalid number";
+
+    case ASN_GETINT_E :
+        return "ASN get big int error, invalid data";
+
+    case ASN_RSA_KEY_E :
+        return "ASN key init error, invalid input";
+
+    case ASN_OBJECT_ID_E :
+        return "ASN object id error, invalid id";
+
+    case ASN_TAG_NULL_E :
+        return "ASN tag error, not null";
+
+    case ASN_EXPECT_0_E :
+        return "ASN expect error, not zero";
+
+    case ASN_BITSTR_E :
+        return "ASN bit string error, wrong id";
+
+    case ASN_UNKNOWN_OID_E :
+        return "ASN oid error, unknown sum id";
+
+    case ASN_DATE_SZ_E :
+        return "ASN date error, bad size";
+
+    case ASN_BEFORE_DATE_E :
+        return "ASN date error, current date before";
+
+    case ASN_AFTER_DATE_E :
+        return "ASN date error, current date after";
+
+    case ASN_SIG_OID_E :
+        return "ASN signature error, mismatched oid";
+
+    case ASN_TIME_E :
+        return "ASN time error, unkown time type";
+
+    case ASN_INPUT_E :
+        return "ASN input error, not enough data";
+
+    case ASN_SIG_CONFIRM_E :
+        return "ASN sig error, confirm failure";
+
+    case ASN_SIG_HASH_E :
+        return "ASN sig error, unsupported hash type";
+
+    case ASN_SIG_KEY_E :
+        return "ASN sig error, unsupported key type";
+
+    case ASN_DH_KEY_E :
+        return "ASN key init error, invalid input";
+
+    case ASN_NTRU_KEY_E :
+        return "ASN NTRU key decode error, invalid input";
+
+    case ASN_CRIT_EXT_E:
+        return "X.509 Critical extension ignored";
+
+    case ECC_BAD_ARG_E :
+        return "ECC input argument wrong type, invalid input";
+
+    case ASN_ECC_KEY_E :
+        return "ECC ASN1 bad key data, invalid input";
+
+    case ECC_CURVE_OID_E :
+        return "ECC curve sum OID unsupported, invalid input";
+
+    case BAD_FUNC_ARG :
+        return "Bad function argument";
+
+    case NOT_COMPILED_IN :
+        return "Feature not compiled in";
+
+    case UNICODE_SIZE_E :
+        return "Unicode password too big";
+
+    case NO_PASSWORD :
+        return "No password provided by user";
+
+    case ALT_NAME_E :
+        return "Alt Name problem, too big";
+
+    case AES_GCM_AUTH_E:
+        return "AES-GCM Authentication check fail";
+
+    case AES_CCM_AUTH_E:
+        return "AES-CCM Authentication check fail";
+
+    case CAVIUM_INIT_E:
+        return "Cavium Init type error";
+
+    case COMPRESS_INIT_E:
+        return "Compress Init error";
+
+    case COMPRESS_E:
+        return "Compress error";
+
+    case DECOMPRESS_INIT_E:
+        return "DeCompress Init error";
+
+    case DECOMPRESS_E:
+        return "DeCompress error";
+
+    case BAD_ALIGN_E:
+        return "Bad alignment error, no alloc help";
+
+    case ASN_NO_SIGNER_E :
+        return "ASN no signer error to confirm failure";
+
+    case ASN_CRL_CONFIRM_E :
+        return "ASN CRL sig error, confirm failure";
+
+    case ASN_CRL_NO_SIGNER_E :
+        return "ASN CRL no signer error to confirm failure";
+
+    case ASN_OCSP_CONFIRM_E :
+        return "ASN OCSP sig error, confirm failure";
+
+    case BAD_ENC_STATE_E:
+        return "Bad ecc encrypt state operation";
+
+    case BAD_PADDING_E:
+        return "Bad padding, message wrong length";
+
+    case REQ_ATTRIBUTE_E:
+        return "Setting cert request attributes error";
+
+    case PKCS7_OID_E:
+        return "PKCS#7 error: mismatched OID value";
+
+    case PKCS7_RECIP_E:
+        return "PKCS#7 error: no matching recipient found";
+
+    case FIPS_NOT_ALLOWED_E:
+        return "FIPS mode not allowed error";
+
+    case ASN_NAME_INVALID_E:
+        return "Name Constraint error";
+
+    case RNG_FAILURE_E:
+        return "Random Number Generator failed";
+
+    case HMAC_MIN_KEYLEN_E:
+        return "FIPS Mode HMAC Minimum Key Length error";
+
+    case RSA_PAD_E:
+        return "Rsa Padding error";
+
+    case LENGTH_ONLY_E:
+        return "Output length only set, not for other use error";
+
+    case IN_CORE_FIPS_E:
+        return "In Core Integrity check FIPS error";
+
+    case AES_KAT_FIPS_E:
+        return "AES Known Answer Test check FIPS error";
+
+    case DES3_KAT_FIPS_E:
+        return "DES3 Known Answer Test check FIPS error";
+
+    case HMAC_KAT_FIPS_E:
+        return "HMAC Known Answer Test check FIPS error";
+
+    case RSA_KAT_FIPS_E:
+        return "RSA Known Answer Test check FIPS error";
+
+    case DRBG_KAT_FIPS_E:
+        return "DRBG Known Answer Test check FIPS error";
+
+    case DRBG_CONT_FIPS_E:
+        return "DRBG Continuous Test FIPS error";
+
+    case AESGCM_KAT_FIPS_E:
+        return "AESGCM Known Answer Test check FIPS error";
+
+    case THREAD_STORE_KEY_E:
+        return "Thread Storage Key Create error";
+
+    case THREAD_STORE_SET_E:
+        return "Thread Storage Set error";
+
+    default:
+        return "unknown error number";
+
+    }
+
+#endif /* NO_ERROR_STRINGS */
+
+}
+
+void wc_ErrorString(int error, char* buffer)
+{
+    XSTRNCPY(buffer, wc_GetErrorString(error), WOLFSSL_MAX_ERROR_SZ);
+}
diff --git a/3P/wolfssl/wolfcrypt/src/fp_mont_small.i b/3P/wolfssl/wolfcrypt/src/fp_mont_small.i
new file mode 100644
index 00000000..c4a339b9
--- /dev/null
+++ b/3P/wolfssl/wolfcrypt/src/fp_mont_small.i
@@ -0,0 +1,3860 @@
+/* fp_mont_small.i
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#ifdef TFM_SMALL_MONT_SET
+/* computes x/R == x (mod N) via Montgomery Reduction */
+void fp_montgomery_reduce_small(fp_int *a, fp_int *m, fp_digit mp)
+{
+   fp_digit c[FP_SIZE], *_c, *tmpm, mu, cy;
+   int      oldused, x, y, pa;
+
+#if defined(USE_MEMSET)
+   /* now zero the buff */
+   memset(c, 0, sizeof c);
+#endif
+   pa = m->used;
+
+   /* copy the input */
+   oldused = a->used;
+   for (x = 0; x < oldused; x++) {
+       c[x] = a->dp[x];
+   }
+#if !defined(USE_MEMSET)
+   for (; x < 2*pa+3; x++) {
+       c[x] = 0;
+   }
+#endif
+   MONT_START;
+
+   switch (pa) {
+      case 1:
+            x = 0; cy   = 0;
+            LOOP_START;
+            _c   = c + 0;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+         break;
+      case 2:
+            x = 0; cy   = 0;
+            LOOP_START;
+            _c   = c + 0;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 1; cy   = 0;
+            LOOP_START;
+            _c   = c + 1;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+         break;
+      case 3:
+            x = 0; cy   = 0;
+            LOOP_START;
+            _c   = c + 0;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 1; cy   = 0;
+            LOOP_START;
+            _c   = c + 1;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 2; cy   = 0;
+            LOOP_START;
+            _c   = c + 2;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+         break;
+      case 4:
+            x = 0; cy   = 0;
+            LOOP_START;
+            _c   = c + 0;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 1; cy   = 0;
+            LOOP_START;
+            _c   = c + 1;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 2; cy   = 0;
+            LOOP_START;
+            _c   = c + 2;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 3; cy   = 0;
+            LOOP_START;
+            _c   = c + 3;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+         break;
+      case 5:
+            x = 0; cy   = 0;
+            LOOP_START;
+            _c   = c + 0;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 1; cy   = 0;
+            LOOP_START;
+            _c   = c + 1;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 2; cy   = 0;
+            LOOP_START;
+            _c   = c + 2;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 3; cy   = 0;
+            LOOP_START;
+            _c   = c + 3;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 4; cy   = 0;
+            LOOP_START;
+            _c   = c + 4;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+         break;
+      case 6:
+            x = 0; cy   = 0;
+            LOOP_START;
+            _c   = c + 0;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 1; cy   = 0;
+            LOOP_START;
+            _c   = c + 1;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 2; cy   = 0;
+            LOOP_START;
+            _c   = c + 2;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 3; cy   = 0;
+            LOOP_START;
+            _c   = c + 3;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 4; cy   = 0;
+            LOOP_START;
+            _c   = c + 4;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 5; cy   = 0;
+            LOOP_START;
+            _c   = c + 5;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+         break;
+      case 7:
+            x = 0; cy   = 0;
+            LOOP_START;
+            _c   = c + 0;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 1; cy   = 0;
+            LOOP_START;
+            _c   = c + 1;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 2; cy   = 0;
+            LOOP_START;
+            _c   = c + 2;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 3; cy   = 0;
+            LOOP_START;
+            _c   = c + 3;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 4; cy   = 0;
+            LOOP_START;
+            _c   = c + 4;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 5; cy   = 0;
+            LOOP_START;
+            _c   = c + 5;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 6; cy   = 0;
+            LOOP_START;
+            _c   = c + 6;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+         break;
+      case 8:
+            x = 0; cy   = 0;
+            LOOP_START;
+            _c   = c + 0;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 1; cy   = 0;
+            LOOP_START;
+            _c   = c + 1;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 2; cy   = 0;
+            LOOP_START;
+            _c   = c + 2;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 3; cy   = 0;
+            LOOP_START;
+            _c   = c + 3;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 4; cy   = 0;
+            LOOP_START;
+            _c   = c + 4;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 5; cy   = 0;
+            LOOP_START;
+            _c   = c + 5;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 6; cy   = 0;
+            LOOP_START;
+            _c   = c + 6;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 7; cy   = 0;
+            LOOP_START;
+            _c   = c + 7;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+         break;
+      case 9:
+            x = 0; cy   = 0;
+            LOOP_START;
+            _c   = c + 0;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 1; cy   = 0;
+            LOOP_START;
+            _c   = c + 1;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 2; cy   = 0;
+            LOOP_START;
+            _c   = c + 2;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 3; cy   = 0;
+            LOOP_START;
+            _c   = c + 3;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 4; cy   = 0;
+            LOOP_START;
+            _c   = c + 4;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 5; cy   = 0;
+            LOOP_START;
+            _c   = c + 5;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 6; cy   = 0;
+            LOOP_START;
+            _c   = c + 6;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 7; cy   = 0;
+            LOOP_START;
+            _c   = c + 7;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 8; cy   = 0;
+            LOOP_START;
+            _c   = c + 8;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+         break;
+      case 10:
+            x = 0; cy   = 0;
+            LOOP_START;
+            _c   = c + 0;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 1; cy   = 0;
+            LOOP_START;
+            _c   = c + 1;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 2; cy   = 0;
+            LOOP_START;
+            _c   = c + 2;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 3; cy   = 0;
+            LOOP_START;
+            _c   = c + 3;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 4; cy   = 0;
+            LOOP_START;
+            _c   = c + 4;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 5; cy   = 0;
+            LOOP_START;
+            _c   = c + 5;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 6; cy   = 0;
+            LOOP_START;
+            _c   = c + 6;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 7; cy   = 0;
+            LOOP_START;
+            _c   = c + 7;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 8; cy   = 0;
+            LOOP_START;
+            _c   = c + 8;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 9; cy   = 0;
+            LOOP_START;
+            _c   = c + 9;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+         break;
+      case 11:
+            x = 0; cy   = 0;
+            LOOP_START;
+            _c   = c + 0;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 1; cy   = 0;
+            LOOP_START;
+            _c   = c + 1;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 2; cy   = 0;
+            LOOP_START;
+            _c   = c + 2;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 3; cy   = 0;
+            LOOP_START;
+            _c   = c + 3;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 4; cy   = 0;
+            LOOP_START;
+            _c   = c + 4;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 5; cy   = 0;
+            LOOP_START;
+            _c   = c + 5;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 6; cy   = 0;
+            LOOP_START;
+            _c   = c + 6;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 7; cy   = 0;
+            LOOP_START;
+            _c   = c + 7;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 8; cy   = 0;
+            LOOP_START;
+            _c   = c + 8;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 9; cy   = 0;
+            LOOP_START;
+            _c   = c + 9;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 10; cy   = 0;
+            LOOP_START;
+            _c   = c + 10;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+         break;
+      case 12:
+            x = 0; cy   = 0;
+            LOOP_START;
+            _c   = c + 0;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 1; cy   = 0;
+            LOOP_START;
+            _c   = c + 1;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 2; cy   = 0;
+            LOOP_START;
+            _c   = c + 2;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 3; cy   = 0;
+            LOOP_START;
+            _c   = c + 3;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 4; cy   = 0;
+            LOOP_START;
+            _c   = c + 4;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 5; cy   = 0;
+            LOOP_START;
+            _c   = c + 5;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 6; cy   = 0;
+            LOOP_START;
+            _c   = c + 6;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 7; cy   = 0;
+            LOOP_START;
+            _c   = c + 7;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 8; cy   = 0;
+            LOOP_START;
+            _c   = c + 8;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 9; cy   = 0;
+            LOOP_START;
+            _c   = c + 9;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 10; cy   = 0;
+            LOOP_START;
+            _c   = c + 10;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 11; cy   = 0;
+            LOOP_START;
+            _c   = c + 11;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+         break;
+      case 13:
+            x = 0; cy   = 0;
+            LOOP_START;
+            _c   = c + 0;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 1; cy   = 0;
+            LOOP_START;
+            _c   = c + 1;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 2; cy   = 0;
+            LOOP_START;
+            _c   = c + 2;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 3; cy   = 0;
+            LOOP_START;
+            _c   = c + 3;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 4; cy   = 0;
+            LOOP_START;
+            _c   = c + 4;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 5; cy   = 0;
+            LOOP_START;
+            _c   = c + 5;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 6; cy   = 0;
+            LOOP_START;
+            _c   = c + 6;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 7; cy   = 0;
+            LOOP_START;
+            _c   = c + 7;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 8; cy   = 0;
+            LOOP_START;
+            _c   = c + 8;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 9; cy   = 0;
+            LOOP_START;
+            _c   = c + 9;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 10; cy   = 0;
+            LOOP_START;
+            _c   = c + 10;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 11; cy   = 0;
+            LOOP_START;
+            _c   = c + 11;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 12; cy   = 0;
+            LOOP_START;
+            _c   = c + 12;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+         break;
+      case 14:
+            x = 0; cy   = 0;
+            LOOP_START;
+            _c   = c + 0;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 1; cy   = 0;
+            LOOP_START;
+            _c   = c + 1;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 2; cy   = 0;
+            LOOP_START;
+            _c   = c + 2;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 3; cy   = 0;
+            LOOP_START;
+            _c   = c + 3;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 4; cy   = 0;
+            LOOP_START;
+            _c   = c + 4;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 5; cy   = 0;
+            LOOP_START;
+            _c   = c + 5;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 6; cy   = 0;
+            LOOP_START;
+            _c   = c + 6;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 7; cy   = 0;
+            LOOP_START;
+            _c   = c + 7;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 8; cy   = 0;
+            LOOP_START;
+            _c   = c + 8;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 9; cy   = 0;
+            LOOP_START;
+            _c   = c + 9;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 10; cy   = 0;
+            LOOP_START;
+            _c   = c + 10;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 11; cy   = 0;
+            LOOP_START;
+            _c   = c + 11;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 12; cy   = 0;
+            LOOP_START;
+            _c   = c + 12;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 13; cy   = 0;
+            LOOP_START;
+            _c   = c + 13;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+         break;
+      case 15:
+            x = 0; cy   = 0;
+            LOOP_START;
+            _c   = c + 0;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 1; cy   = 0;
+            LOOP_START;
+            _c   = c + 1;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 2; cy   = 0;
+            LOOP_START;
+            _c   = c + 2;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 3; cy   = 0;
+            LOOP_START;
+            _c   = c + 3;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 4; cy   = 0;
+            LOOP_START;
+            _c   = c + 4;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 5; cy   = 0;
+            LOOP_START;
+            _c   = c + 5;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 6; cy   = 0;
+            LOOP_START;
+            _c   = c + 6;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 7; cy   = 0;
+            LOOP_START;
+            _c   = c + 7;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 8; cy   = 0;
+            LOOP_START;
+            _c   = c + 8;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 9; cy   = 0;
+            LOOP_START;
+            _c   = c + 9;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 10; cy   = 0;
+            LOOP_START;
+            _c   = c + 10;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 11; cy   = 0;
+            LOOP_START;
+            _c   = c + 11;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 12; cy   = 0;
+            LOOP_START;
+            _c   = c + 12;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 13; cy   = 0;
+            LOOP_START;
+            _c   = c + 13;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 14; cy   = 0;
+            LOOP_START;
+            _c   = c + 14;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+         break;
+      case 16:
+            x = 0; cy   = 0;
+            LOOP_START;
+            _c   = c + 0;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL8; _c += 8; tmpm += 8;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 1; cy   = 0;
+            LOOP_START;
+            _c   = c + 1;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL8; _c += 8; tmpm += 8;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 2; cy   = 0;
+            LOOP_START;
+            _c   = c + 2;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL8; _c += 8; tmpm += 8;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 3; cy   = 0;
+            LOOP_START;
+            _c   = c + 3;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL8; _c += 8; tmpm += 8;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 4; cy   = 0;
+            LOOP_START;
+            _c   = c + 4;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL8; _c += 8; tmpm += 8;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 5; cy   = 0;
+            LOOP_START;
+            _c   = c + 5;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL8; _c += 8; tmpm += 8;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 6; cy   = 0;
+            LOOP_START;
+            _c   = c + 6;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL8; _c += 8; tmpm += 8;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 7; cy   = 0;
+            LOOP_START;
+            _c   = c + 7;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL8; _c += 8; tmpm += 8;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 8; cy   = 0;
+            LOOP_START;
+            _c   = c + 8;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL8; _c += 8; tmpm += 8;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 9; cy   = 0;
+            LOOP_START;
+            _c   = c + 9;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL8; _c += 8; tmpm += 8;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 10; cy   = 0;
+            LOOP_START;
+            _c   = c + 10;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL8; _c += 8; tmpm += 8;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 11; cy   = 0;
+            LOOP_START;
+            _c   = c + 11;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL8; _c += 8; tmpm += 8;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 12; cy   = 0;
+            LOOP_START;
+            _c   = c + 12;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL8; _c += 8; tmpm += 8;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 13; cy   = 0;
+            LOOP_START;
+            _c   = c + 13;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL8; _c += 8; tmpm += 8;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 14; cy   = 0;
+            LOOP_START;
+            _c   = c + 14;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL8; _c += 8; tmpm += 8;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+            x = 15; cy   = 0;
+            LOOP_START;
+            _c   = c + 15;
+            tmpm = m->dp;
+#ifdef INNERMUL8
+            INNERMUL8; _c += 8; tmpm += 8;
+            INNERMUL8; _c += 8; tmpm += 8;
+#else
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+            INNERMUL; ++_c;
+#endif
+            LOOP_END;
+            while (cy) {
+               PROPCARRY;
+               ++_c;
+            }
+         break;
+  }
+  /* now copy out */
+  _c   = c + pa;
+  tmpm = a->dp;
+  for (x = 0; x < pa+1; x++) {
+     *tmpm++ = *_c++;
+  }
+
+  for (; x < oldused; x++)   {
+     *tmpm++ = 0;
+  }
+
+  MONT_FINI;
+
+  a->used = pa+1;
+  fp_clamp(a);
+
+  /* if A >= m then A = A - m */
+  if (fp_cmp_mag (a, m) != FP_LT) {
+    s_fp_sub (a, m, a);
+  }
+}
+
+#endif
diff --git a/3P/wolfssl/wolfcrypt/src/fp_mul_comba_12.i b/3P/wolfssl/wolfcrypt/src/fp_mul_comba_12.i
new file mode 100644
index 00000000..b25ce5c4
--- /dev/null
+++ b/3P/wolfssl/wolfcrypt/src/fp_mul_comba_12.i
@@ -0,0 +1,130 @@
+/* fp_mul_comba_12.i
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#ifdef TFM_MUL12
+void fp_mul_comba12(fp_int *A, fp_int *B, fp_int *C)
+{
+   fp_digit c0, c1, c2, at[24];
+
+   memcpy(at, A->dp, 12 * sizeof(fp_digit));
+   memcpy(at+12, B->dp, 12 * sizeof(fp_digit));
+   COMBA_START;
+
+   COMBA_CLEAR;
+   /* 0 */
+   MULADD(at[0], at[12]); 
+   COMBA_STORE(C->dp[0]);
+   /* 1 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[13]);    MULADD(at[1], at[12]); 
+   COMBA_STORE(C->dp[1]);
+   /* 2 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[14]);    MULADD(at[1], at[13]);    MULADD(at[2], at[12]); 
+   COMBA_STORE(C->dp[2]);
+   /* 3 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[15]);    MULADD(at[1], at[14]);    MULADD(at[2], at[13]);    MULADD(at[3], at[12]); 
+   COMBA_STORE(C->dp[3]);
+   /* 4 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[16]);    MULADD(at[1], at[15]);    MULADD(at[2], at[14]);    MULADD(at[3], at[13]);    MULADD(at[4], at[12]); 
+   COMBA_STORE(C->dp[4]);
+   /* 5 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[17]);    MULADD(at[1], at[16]);    MULADD(at[2], at[15]);    MULADD(at[3], at[14]);    MULADD(at[4], at[13]);    MULADD(at[5], at[12]); 
+   COMBA_STORE(C->dp[5]);
+   /* 6 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[18]);    MULADD(at[1], at[17]);    MULADD(at[2], at[16]);    MULADD(at[3], at[15]);    MULADD(at[4], at[14]);    MULADD(at[5], at[13]);    MULADD(at[6], at[12]); 
+   COMBA_STORE(C->dp[6]);
+   /* 7 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[19]);    MULADD(at[1], at[18]);    MULADD(at[2], at[17]);    MULADD(at[3], at[16]);    MULADD(at[4], at[15]);    MULADD(at[5], at[14]);    MULADD(at[6], at[13]);    MULADD(at[7], at[12]); 
+   COMBA_STORE(C->dp[7]);
+   /* 8 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[20]);    MULADD(at[1], at[19]);    MULADD(at[2], at[18]);    MULADD(at[3], at[17]);    MULADD(at[4], at[16]);    MULADD(at[5], at[15]);    MULADD(at[6], at[14]);    MULADD(at[7], at[13]);    MULADD(at[8], at[12]); 
+   COMBA_STORE(C->dp[8]);
+   /* 9 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[21]);    MULADD(at[1], at[20]);    MULADD(at[2], at[19]);    MULADD(at[3], at[18]);    MULADD(at[4], at[17]);    MULADD(at[5], at[16]);    MULADD(at[6], at[15]);    MULADD(at[7], at[14]);    MULADD(at[8], at[13]);    MULADD(at[9], at[12]); 
+   COMBA_STORE(C->dp[9]);
+   /* 10 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[22]);    MULADD(at[1], at[21]);    MULADD(at[2], at[20]);    MULADD(at[3], at[19]);    MULADD(at[4], at[18]);    MULADD(at[5], at[17]);    MULADD(at[6], at[16]);    MULADD(at[7], at[15]);    MULADD(at[8], at[14]);    MULADD(at[9], at[13]);    MULADD(at[10], at[12]); 
+   COMBA_STORE(C->dp[10]);
+   /* 11 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[23]);    MULADD(at[1], at[22]);    MULADD(at[2], at[21]);    MULADD(at[3], at[20]);    MULADD(at[4], at[19]);    MULADD(at[5], at[18]);    MULADD(at[6], at[17]);    MULADD(at[7], at[16]);    MULADD(at[8], at[15]);    MULADD(at[9], at[14]);    MULADD(at[10], at[13]);    MULADD(at[11], at[12]); 
+   COMBA_STORE(C->dp[11]);
+   /* 12 */
+   COMBA_FORWARD;
+   MULADD(at[1], at[23]);    MULADD(at[2], at[22]);    MULADD(at[3], at[21]);    MULADD(at[4], at[20]);    MULADD(at[5], at[19]);    MULADD(at[6], at[18]);    MULADD(at[7], at[17]);    MULADD(at[8], at[16]);    MULADD(at[9], at[15]);    MULADD(at[10], at[14]);    MULADD(at[11], at[13]); 
+   COMBA_STORE(C->dp[12]);
+   /* 13 */
+   COMBA_FORWARD;
+   MULADD(at[2], at[23]);    MULADD(at[3], at[22]);    MULADD(at[4], at[21]);    MULADD(at[5], at[20]);    MULADD(at[6], at[19]);    MULADD(at[7], at[18]);    MULADD(at[8], at[17]);    MULADD(at[9], at[16]);    MULADD(at[10], at[15]);    MULADD(at[11], at[14]); 
+   COMBA_STORE(C->dp[13]);
+   /* 14 */
+   COMBA_FORWARD;
+   MULADD(at[3], at[23]);    MULADD(at[4], at[22]);    MULADD(at[5], at[21]);    MULADD(at[6], at[20]);    MULADD(at[7], at[19]);    MULADD(at[8], at[18]);    MULADD(at[9], at[17]);    MULADD(at[10], at[16]);    MULADD(at[11], at[15]); 
+   COMBA_STORE(C->dp[14]);
+   /* 15 */
+   COMBA_FORWARD;
+   MULADD(at[4], at[23]);    MULADD(at[5], at[22]);    MULADD(at[6], at[21]);    MULADD(at[7], at[20]);    MULADD(at[8], at[19]);    MULADD(at[9], at[18]);    MULADD(at[10], at[17]);    MULADD(at[11], at[16]); 
+   COMBA_STORE(C->dp[15]);
+   /* 16 */
+   COMBA_FORWARD;
+   MULADD(at[5], at[23]);    MULADD(at[6], at[22]);    MULADD(at[7], at[21]);    MULADD(at[8], at[20]);    MULADD(at[9], at[19]);    MULADD(at[10], at[18]);    MULADD(at[11], at[17]); 
+   COMBA_STORE(C->dp[16]);
+   /* 17 */
+   COMBA_FORWARD;
+   MULADD(at[6], at[23]);    MULADD(at[7], at[22]);    MULADD(at[8], at[21]);    MULADD(at[9], at[20]);    MULADD(at[10], at[19]);    MULADD(at[11], at[18]); 
+   COMBA_STORE(C->dp[17]);
+   /* 18 */
+   COMBA_FORWARD;
+   MULADD(at[7], at[23]);    MULADD(at[8], at[22]);    MULADD(at[9], at[21]);    MULADD(at[10], at[20]);    MULADD(at[11], at[19]); 
+   COMBA_STORE(C->dp[18]);
+   /* 19 */
+   COMBA_FORWARD;
+   MULADD(at[8], at[23]);    MULADD(at[9], at[22]);    MULADD(at[10], at[21]);    MULADD(at[11], at[20]); 
+   COMBA_STORE(C->dp[19]);
+   /* 20 */
+   COMBA_FORWARD;
+   MULADD(at[9], at[23]);    MULADD(at[10], at[22]);    MULADD(at[11], at[21]); 
+   COMBA_STORE(C->dp[20]);
+   /* 21 */
+   COMBA_FORWARD;
+   MULADD(at[10], at[23]);    MULADD(at[11], at[22]); 
+   COMBA_STORE(C->dp[21]);
+   /* 22 */
+   COMBA_FORWARD;
+   MULADD(at[11], at[23]); 
+   COMBA_STORE(C->dp[22]);
+   COMBA_STORE2(C->dp[23]);
+   C->used = 24;
+   C->sign = A->sign ^ B->sign;
+   fp_clamp(C);
+   COMBA_FINI;
+}
+#endif
diff --git a/3P/wolfssl/wolfcrypt/src/fp_mul_comba_17.i b/3P/wolfssl/wolfcrypt/src/fp_mul_comba_17.i
new file mode 100644
index 00000000..fe12f060
--- /dev/null
+++ b/3P/wolfssl/wolfcrypt/src/fp_mul_comba_17.i
@@ -0,0 +1,170 @@
+/* fp_mul_comba_17.i
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#ifdef TFM_MUL17
+void fp_mul_comba17(fp_int *A, fp_int *B, fp_int *C)
+{
+   fp_digit c0, c1, c2, at[34];
+
+   memcpy(at, A->dp, 17 * sizeof(fp_digit));
+   memcpy(at+17, B->dp, 17 * sizeof(fp_digit));
+   COMBA_START;
+
+   COMBA_CLEAR;
+   /* 0 */
+   MULADD(at[0], at[17]); 
+   COMBA_STORE(C->dp[0]);
+   /* 1 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[18]);    MULADD(at[1], at[17]); 
+   COMBA_STORE(C->dp[1]);
+   /* 2 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[19]);    MULADD(at[1], at[18]);    MULADD(at[2], at[17]); 
+   COMBA_STORE(C->dp[2]);
+   /* 3 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[20]);    MULADD(at[1], at[19]);    MULADD(at[2], at[18]);    MULADD(at[3], at[17]); 
+   COMBA_STORE(C->dp[3]);
+   /* 4 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[21]);    MULADD(at[1], at[20]);    MULADD(at[2], at[19]);    MULADD(at[3], at[18]);    MULADD(at[4], at[17]); 
+   COMBA_STORE(C->dp[4]);
+   /* 5 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[22]);    MULADD(at[1], at[21]);    MULADD(at[2], at[20]);    MULADD(at[3], at[19]);    MULADD(at[4], at[18]);    MULADD(at[5], at[17]); 
+   COMBA_STORE(C->dp[5]);
+   /* 6 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[23]);    MULADD(at[1], at[22]);    MULADD(at[2], at[21]);    MULADD(at[3], at[20]);    MULADD(at[4], at[19]);    MULADD(at[5], at[18]);    MULADD(at[6], at[17]); 
+   COMBA_STORE(C->dp[6]);
+   /* 7 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[24]);    MULADD(at[1], at[23]);    MULADD(at[2], at[22]);    MULADD(at[3], at[21]);    MULADD(at[4], at[20]);    MULADD(at[5], at[19]);    MULADD(at[6], at[18]);    MULADD(at[7], at[17]); 
+   COMBA_STORE(C->dp[7]);
+   /* 8 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[25]);    MULADD(at[1], at[24]);    MULADD(at[2], at[23]);    MULADD(at[3], at[22]);    MULADD(at[4], at[21]);    MULADD(at[5], at[20]);    MULADD(at[6], at[19]);    MULADD(at[7], at[18]);    MULADD(at[8], at[17]); 
+   COMBA_STORE(C->dp[8]);
+   /* 9 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[26]);    MULADD(at[1], at[25]);    MULADD(at[2], at[24]);    MULADD(at[3], at[23]);    MULADD(at[4], at[22]);    MULADD(at[5], at[21]);    MULADD(at[6], at[20]);    MULADD(at[7], at[19]);    MULADD(at[8], at[18]);    MULADD(at[9], at[17]); 
+   COMBA_STORE(C->dp[9]);
+   /* 10 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[27]);    MULADD(at[1], at[26]);    MULADD(at[2], at[25]);    MULADD(at[3], at[24]);    MULADD(at[4], at[23]);    MULADD(at[5], at[22]);    MULADD(at[6], at[21]);    MULADD(at[7], at[20]);    MULADD(at[8], at[19]);    MULADD(at[9], at[18]);    MULADD(at[10], at[17]); 
+   COMBA_STORE(C->dp[10]);
+   /* 11 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[28]);    MULADD(at[1], at[27]);    MULADD(at[2], at[26]);    MULADD(at[3], at[25]);    MULADD(at[4], at[24]);    MULADD(at[5], at[23]);    MULADD(at[6], at[22]);    MULADD(at[7], at[21]);    MULADD(at[8], at[20]);    MULADD(at[9], at[19]);    MULADD(at[10], at[18]);    MULADD(at[11], at[17]); 
+   COMBA_STORE(C->dp[11]);
+   /* 12 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[29]);    MULADD(at[1], at[28]);    MULADD(at[2], at[27]);    MULADD(at[3], at[26]);    MULADD(at[4], at[25]);    MULADD(at[5], at[24]);    MULADD(at[6], at[23]);    MULADD(at[7], at[22]);    MULADD(at[8], at[21]);    MULADD(at[9], at[20]);    MULADD(at[10], at[19]);    MULADD(at[11], at[18]);    MULADD(at[12], at[17]); 
+   COMBA_STORE(C->dp[12]);
+   /* 13 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[30]);    MULADD(at[1], at[29]);    MULADD(at[2], at[28]);    MULADD(at[3], at[27]);    MULADD(at[4], at[26]);    MULADD(at[5], at[25]);    MULADD(at[6], at[24]);    MULADD(at[7], at[23]);    MULADD(at[8], at[22]);    MULADD(at[9], at[21]);    MULADD(at[10], at[20]);    MULADD(at[11], at[19]);    MULADD(at[12], at[18]);    MULADD(at[13], at[17]); 
+   COMBA_STORE(C->dp[13]);
+   /* 14 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[31]);    MULADD(at[1], at[30]);    MULADD(at[2], at[29]);    MULADD(at[3], at[28]);    MULADD(at[4], at[27]);    MULADD(at[5], at[26]);    MULADD(at[6], at[25]);    MULADD(at[7], at[24]);    MULADD(at[8], at[23]);    MULADD(at[9], at[22]);    MULADD(at[10], at[21]);    MULADD(at[11], at[20]);    MULADD(at[12], at[19]);    MULADD(at[13], at[18]);    MULADD(at[14], at[17]); 
+   COMBA_STORE(C->dp[14]);
+   /* 15 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[32]);    MULADD(at[1], at[31]);    MULADD(at[2], at[30]);    MULADD(at[3], at[29]);    MULADD(at[4], at[28]);    MULADD(at[5], at[27]);    MULADD(at[6], at[26]);    MULADD(at[7], at[25]);    MULADD(at[8], at[24]);    MULADD(at[9], at[23]);    MULADD(at[10], at[22]);    MULADD(at[11], at[21]);    MULADD(at[12], at[20]);    MULADD(at[13], at[19]);    MULADD(at[14], at[18]);    MULADD(at[15], at[17]); 
+   COMBA_STORE(C->dp[15]);
+   /* 16 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[33]);    MULADD(at[1], at[32]);    MULADD(at[2], at[31]);    MULADD(at[3], at[30]);    MULADD(at[4], at[29]);    MULADD(at[5], at[28]);    MULADD(at[6], at[27]);    MULADD(at[7], at[26]);    MULADD(at[8], at[25]);    MULADD(at[9], at[24]);    MULADD(at[10], at[23]);    MULADD(at[11], at[22]);    MULADD(at[12], at[21]);    MULADD(at[13], at[20]);    MULADD(at[14], at[19]);    MULADD(at[15], at[18]);    MULADD(at[16], at[17]); 
+   COMBA_STORE(C->dp[16]);
+   /* 17 */
+   COMBA_FORWARD;
+   MULADD(at[1], at[33]);    MULADD(at[2], at[32]);    MULADD(at[3], at[31]);    MULADD(at[4], at[30]);    MULADD(at[5], at[29]);    MULADD(at[6], at[28]);    MULADD(at[7], at[27]);    MULADD(at[8], at[26]);    MULADD(at[9], at[25]);    MULADD(at[10], at[24]);    MULADD(at[11], at[23]);    MULADD(at[12], at[22]);    MULADD(at[13], at[21]);    MULADD(at[14], at[20]);    MULADD(at[15], at[19]);    MULADD(at[16], at[18]); 
+   COMBA_STORE(C->dp[17]);
+   /* 18 */
+   COMBA_FORWARD;
+   MULADD(at[2], at[33]);    MULADD(at[3], at[32]);    MULADD(at[4], at[31]);    MULADD(at[5], at[30]);    MULADD(at[6], at[29]);    MULADD(at[7], at[28]);    MULADD(at[8], at[27]);    MULADD(at[9], at[26]);    MULADD(at[10], at[25]);    MULADD(at[11], at[24]);    MULADD(at[12], at[23]);    MULADD(at[13], at[22]);    MULADD(at[14], at[21]);    MULADD(at[15], at[20]);    MULADD(at[16], at[19]); 
+   COMBA_STORE(C->dp[18]);
+   /* 19 */
+   COMBA_FORWARD;
+   MULADD(at[3], at[33]);    MULADD(at[4], at[32]);    MULADD(at[5], at[31]);    MULADD(at[6], at[30]);    MULADD(at[7], at[29]);    MULADD(at[8], at[28]);    MULADD(at[9], at[27]);    MULADD(at[10], at[26]);    MULADD(at[11], at[25]);    MULADD(at[12], at[24]);    MULADD(at[13], at[23]);    MULADD(at[14], at[22]);    MULADD(at[15], at[21]);    MULADD(at[16], at[20]); 
+   COMBA_STORE(C->dp[19]);
+   /* 20 */
+   COMBA_FORWARD;
+   MULADD(at[4], at[33]);    MULADD(at[5], at[32]);    MULADD(at[6], at[31]);    MULADD(at[7], at[30]);    MULADD(at[8], at[29]);    MULADD(at[9], at[28]);    MULADD(at[10], at[27]);    MULADD(at[11], at[26]);    MULADD(at[12], at[25]);    MULADD(at[13], at[24]);    MULADD(at[14], at[23]);    MULADD(at[15], at[22]);    MULADD(at[16], at[21]); 
+   COMBA_STORE(C->dp[20]);
+   /* 21 */
+   COMBA_FORWARD;
+   MULADD(at[5], at[33]);    MULADD(at[6], at[32]);    MULADD(at[7], at[31]);    MULADD(at[8], at[30]);    MULADD(at[9], at[29]);    MULADD(at[10], at[28]);    MULADD(at[11], at[27]);    MULADD(at[12], at[26]);    MULADD(at[13], at[25]);    MULADD(at[14], at[24]);    MULADD(at[15], at[23]);    MULADD(at[16], at[22]); 
+   COMBA_STORE(C->dp[21]);
+   /* 22 */
+   COMBA_FORWARD;
+   MULADD(at[6], at[33]);    MULADD(at[7], at[32]);    MULADD(at[8], at[31]);    MULADD(at[9], at[30]);    MULADD(at[10], at[29]);    MULADD(at[11], at[28]);    MULADD(at[12], at[27]);    MULADD(at[13], at[26]);    MULADD(at[14], at[25]);    MULADD(at[15], at[24]);    MULADD(at[16], at[23]); 
+   COMBA_STORE(C->dp[22]);
+   /* 23 */
+   COMBA_FORWARD;
+   MULADD(at[7], at[33]);    MULADD(at[8], at[32]);    MULADD(at[9], at[31]);    MULADD(at[10], at[30]);    MULADD(at[11], at[29]);    MULADD(at[12], at[28]);    MULADD(at[13], at[27]);    MULADD(at[14], at[26]);    MULADD(at[15], at[25]);    MULADD(at[16], at[24]); 
+   COMBA_STORE(C->dp[23]);
+   /* 24 */
+   COMBA_FORWARD;
+   MULADD(at[8], at[33]);    MULADD(at[9], at[32]);    MULADD(at[10], at[31]);    MULADD(at[11], at[30]);    MULADD(at[12], at[29]);    MULADD(at[13], at[28]);    MULADD(at[14], at[27]);    MULADD(at[15], at[26]);    MULADD(at[16], at[25]); 
+   COMBA_STORE(C->dp[24]);
+   /* 25 */
+   COMBA_FORWARD;
+   MULADD(at[9], at[33]);    MULADD(at[10], at[32]);    MULADD(at[11], at[31]);    MULADD(at[12], at[30]);    MULADD(at[13], at[29]);    MULADD(at[14], at[28]);    MULADD(at[15], at[27]);    MULADD(at[16], at[26]); 
+   COMBA_STORE(C->dp[25]);
+   /* 26 */
+   COMBA_FORWARD;
+   MULADD(at[10], at[33]);    MULADD(at[11], at[32]);    MULADD(at[12], at[31]);    MULADD(at[13], at[30]);    MULADD(at[14], at[29]);    MULADD(at[15], at[28]);    MULADD(at[16], at[27]); 
+   COMBA_STORE(C->dp[26]);
+   /* 27 */
+   COMBA_FORWARD;
+   MULADD(at[11], at[33]);    MULADD(at[12], at[32]);    MULADD(at[13], at[31]);    MULADD(at[14], at[30]);    MULADD(at[15], at[29]);    MULADD(at[16], at[28]); 
+   COMBA_STORE(C->dp[27]);
+   /* 28 */
+   COMBA_FORWARD;
+   MULADD(at[12], at[33]);    MULADD(at[13], at[32]);    MULADD(at[14], at[31]);    MULADD(at[15], at[30]);    MULADD(at[16], at[29]); 
+   COMBA_STORE(C->dp[28]);
+   /* 29 */
+   COMBA_FORWARD;
+   MULADD(at[13], at[33]);    MULADD(at[14], at[32]);    MULADD(at[15], at[31]);    MULADD(at[16], at[30]); 
+   COMBA_STORE(C->dp[29]);
+   /* 30 */
+   COMBA_FORWARD;
+   MULADD(at[14], at[33]);    MULADD(at[15], at[32]);    MULADD(at[16], at[31]); 
+   COMBA_STORE(C->dp[30]);
+   /* 31 */
+   COMBA_FORWARD;
+   MULADD(at[15], at[33]);    MULADD(at[16], at[32]); 
+   COMBA_STORE(C->dp[31]);
+   /* 32 */
+   COMBA_FORWARD;
+   MULADD(at[16], at[33]); 
+   COMBA_STORE(C->dp[32]);
+   COMBA_STORE2(C->dp[33]);
+   C->used = 34;
+   C->sign = A->sign ^ B->sign;
+   fp_clamp(C);
+   COMBA_FINI;
+}
+#endif
diff --git a/3P/wolfssl/wolfcrypt/src/fp_mul_comba_20.i b/3P/wolfssl/wolfcrypt/src/fp_mul_comba_20.i
new file mode 100644
index 00000000..cd07e5df
--- /dev/null
+++ b/3P/wolfssl/wolfcrypt/src/fp_mul_comba_20.i
@@ -0,0 +1,193 @@
+/* fp_mul_comba_20.i
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+#ifdef TFM_MUL20
+void fp_mul_comba20(fp_int *A, fp_int *B, fp_int *C)
+{
+   fp_digit c0, c1, c2, at[40];
+   
+   memcpy(at, A->dp, 20 * sizeof(fp_digit));
+   memcpy(at+20, B->dp, 20 * sizeof(fp_digit));
+   COMBA_START;
+
+   COMBA_CLEAR;
+   /* 0 */
+   MULADD(at[0], at[20]); 
+   COMBA_STORE(C->dp[0]);
+   /* 1 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[21]);    MULADD(at[1], at[20]); 
+   COMBA_STORE(C->dp[1]);
+   /* 2 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[22]);    MULADD(at[1], at[21]);    MULADD(at[2], at[20]); 
+   COMBA_STORE(C->dp[2]);
+   /* 3 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[23]);    MULADD(at[1], at[22]);    MULADD(at[2], at[21]);    MULADD(at[3], at[20]); 
+   COMBA_STORE(C->dp[3]);
+   /* 4 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[24]);    MULADD(at[1], at[23]);    MULADD(at[2], at[22]);    MULADD(at[3], at[21]);    MULADD(at[4], at[20]); 
+   COMBA_STORE(C->dp[4]);
+   /* 5 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[25]);    MULADD(at[1], at[24]);    MULADD(at[2], at[23]);    MULADD(at[3], at[22]);    MULADD(at[4], at[21]);    MULADD(at[5], at[20]); 
+   COMBA_STORE(C->dp[5]);
+   /* 6 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[26]);    MULADD(at[1], at[25]);    MULADD(at[2], at[24]);    MULADD(at[3], at[23]);    MULADD(at[4], at[22]);    MULADD(at[5], at[21]);    MULADD(at[6], at[20]); 
+   COMBA_STORE(C->dp[6]);
+   /* 7 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[27]);    MULADD(at[1], at[26]);    MULADD(at[2], at[25]);    MULADD(at[3], at[24]);    MULADD(at[4], at[23]);    MULADD(at[5], at[22]);    MULADD(at[6], at[21]);    MULADD(at[7], at[20]); 
+   COMBA_STORE(C->dp[7]);
+   /* 8 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[28]);    MULADD(at[1], at[27]);    MULADD(at[2], at[26]);    MULADD(at[3], at[25]);    MULADD(at[4], at[24]);    MULADD(at[5], at[23]);    MULADD(at[6], at[22]);    MULADD(at[7], at[21]);    MULADD(at[8], at[20]); 
+   COMBA_STORE(C->dp[8]);
+   /* 9 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[29]);    MULADD(at[1], at[28]);    MULADD(at[2], at[27]);    MULADD(at[3], at[26]);    MULADD(at[4], at[25]);    MULADD(at[5], at[24]);    MULADD(at[6], at[23]);    MULADD(at[7], at[22]);    MULADD(at[8], at[21]);    MULADD(at[9], at[20]); 
+   COMBA_STORE(C->dp[9]);
+   /* 10 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[30]);    MULADD(at[1], at[29]);    MULADD(at[2], at[28]);    MULADD(at[3], at[27]);    MULADD(at[4], at[26]);    MULADD(at[5], at[25]);    MULADD(at[6], at[24]);    MULADD(at[7], at[23]);    MULADD(at[8], at[22]);    MULADD(at[9], at[21]);    MULADD(at[10], at[20]); 
+   COMBA_STORE(C->dp[10]);
+   /* 11 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[31]);    MULADD(at[1], at[30]);    MULADD(at[2], at[29]);    MULADD(at[3], at[28]);    MULADD(at[4], at[27]);    MULADD(at[5], at[26]);    MULADD(at[6], at[25]);    MULADD(at[7], at[24]);    MULADD(at[8], at[23]);    MULADD(at[9], at[22]);    MULADD(at[10], at[21]);    MULADD(at[11], at[20]); 
+   COMBA_STORE(C->dp[11]);
+   /* 12 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[32]);    MULADD(at[1], at[31]);    MULADD(at[2], at[30]);    MULADD(at[3], at[29]);    MULADD(at[4], at[28]);    MULADD(at[5], at[27]);    MULADD(at[6], at[26]);    MULADD(at[7], at[25]);    MULADD(at[8], at[24]);    MULADD(at[9], at[23]);    MULADD(at[10], at[22]);    MULADD(at[11], at[21]);    MULADD(at[12], at[20]); 
+   COMBA_STORE(C->dp[12]);
+   /* 13 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[33]);    MULADD(at[1], at[32]);    MULADD(at[2], at[31]);    MULADD(at[3], at[30]);    MULADD(at[4], at[29]);    MULADD(at[5], at[28]);    MULADD(at[6], at[27]);    MULADD(at[7], at[26]);    MULADD(at[8], at[25]);    MULADD(at[9], at[24]);    MULADD(at[10], at[23]);    MULADD(at[11], at[22]);    MULADD(at[12], at[21]);    MULADD(at[13], at[20]); 
+   COMBA_STORE(C->dp[13]);
+   /* 14 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[34]);    MULADD(at[1], at[33]);    MULADD(at[2], at[32]);    MULADD(at[3], at[31]);    MULADD(at[4], at[30]);    MULADD(at[5], at[29]);    MULADD(at[6], at[28]);    MULADD(at[7], at[27]);    MULADD(at[8], at[26]);    MULADD(at[9], at[25]);    MULADD(at[10], at[24]);    MULADD(at[11], at[23]);    MULADD(at[12], at[22]);    MULADD(at[13], at[21]);    MULADD(at[14], at[20]); 
+   COMBA_STORE(C->dp[14]);
+   /* 15 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[35]);    MULADD(at[1], at[34]);    MULADD(at[2], at[33]);    MULADD(at[3], at[32]);    MULADD(at[4], at[31]);    MULADD(at[5], at[30]);    MULADD(at[6], at[29]);    MULADD(at[7], at[28]);    MULADD(at[8], at[27]);    MULADD(at[9], at[26]);    MULADD(at[10], at[25]);    MULADD(at[11], at[24]);    MULADD(at[12], at[23]);    MULADD(at[13], at[22]);    MULADD(at[14], at[21]);    MULADD(at[15], at[20]); 
+   COMBA_STORE(C->dp[15]);
+   /* 16 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[36]);    MULADD(at[1], at[35]);    MULADD(at[2], at[34]);    MULADD(at[3], at[33]);    MULADD(at[4], at[32]);    MULADD(at[5], at[31]);    MULADD(at[6], at[30]);    MULADD(at[7], at[29]);    MULADD(at[8], at[28]);    MULADD(at[9], at[27]);    MULADD(at[10], at[26]);    MULADD(at[11], at[25]);    MULADD(at[12], at[24]);    MULADD(at[13], at[23]);    MULADD(at[14], at[22]);    MULADD(at[15], at[21]);    MULADD(at[16], at[20]); 
+   COMBA_STORE(C->dp[16]);
+   /* 17 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[37]);    MULADD(at[1], at[36]);    MULADD(at[2], at[35]);    MULADD(at[3], at[34]);    MULADD(at[4], at[33]);    MULADD(at[5], at[32]);    MULADD(at[6], at[31]);    MULADD(at[7], at[30]);    MULADD(at[8], at[29]);    MULADD(at[9], at[28]);    MULADD(at[10], at[27]);    MULADD(at[11], at[26]);    MULADD(at[12], at[25]);    MULADD(at[13], at[24]);    MULADD(at[14], at[23]);    MULADD(at[15], at[22]);    MULADD(at[16], at[21]);    MULADD(at[17], at[20]); 
+   COMBA_STORE(C->dp[17]);
+   /* 18 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[38]);    MULADD(at[1], at[37]);    MULADD(at[2], at[36]);    MULADD(at[3], at[35]);    MULADD(at[4], at[34]);    MULADD(at[5], at[33]);    MULADD(at[6], at[32]);    MULADD(at[7], at[31]);    MULADD(at[8], at[30]);    MULADD(at[9], at[29]);    MULADD(at[10], at[28]);    MULADD(at[11], at[27]);    MULADD(at[12], at[26]);    MULADD(at[13], at[25]);    MULADD(at[14], at[24]);    MULADD(at[15], at[23]);    MULADD(at[16], at[22]);    MULADD(at[17], at[21]);    MULADD(at[18], at[20]); 
+   COMBA_STORE(C->dp[18]);
+   /* 19 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[39]);    MULADD(at[1], at[38]);    MULADD(at[2], at[37]);    MULADD(at[3], at[36]);    MULADD(at[4], at[35]);    MULADD(at[5], at[34]);    MULADD(at[6], at[33]);    MULADD(at[7], at[32]);    MULADD(at[8], at[31]);    MULADD(at[9], at[30]);    MULADD(at[10], at[29]);    MULADD(at[11], at[28]);    MULADD(at[12], at[27]);    MULADD(at[13], at[26]);    MULADD(at[14], at[25]);    MULADD(at[15], at[24]);    MULADD(at[16], at[23]);    MULADD(at[17], at[22]);    MULADD(at[18], at[21]);    MULADD(at[19], at[20]); 
+   COMBA_STORE(C->dp[19]);
+   /* 20 */
+   COMBA_FORWARD;
+   MULADD(at[1], at[39]);    MULADD(at[2], at[38]);    MULADD(at[3], at[37]);    MULADD(at[4], at[36]);    MULADD(at[5], at[35]);    MULADD(at[6], at[34]);    MULADD(at[7], at[33]);    MULADD(at[8], at[32]);    MULADD(at[9], at[31]);    MULADD(at[10], at[30]);    MULADD(at[11], at[29]);    MULADD(at[12], at[28]);    MULADD(at[13], at[27]);    MULADD(at[14], at[26]);    MULADD(at[15], at[25]);    MULADD(at[16], at[24]);    MULADD(at[17], at[23]);    MULADD(at[18], at[22]);    MULADD(at[19], at[21]); 
+   COMBA_STORE(C->dp[20]);
+   /* 21 */
+   COMBA_FORWARD;
+   MULADD(at[2], at[39]);    MULADD(at[3], at[38]);    MULADD(at[4], at[37]);    MULADD(at[5], at[36]);    MULADD(at[6], at[35]);    MULADD(at[7], at[34]);    MULADD(at[8], at[33]);    MULADD(at[9], at[32]);    MULADD(at[10], at[31]);    MULADD(at[11], at[30]);    MULADD(at[12], at[29]);    MULADD(at[13], at[28]);    MULADD(at[14], at[27]);    MULADD(at[15], at[26]);    MULADD(at[16], at[25]);    MULADD(at[17], at[24]);    MULADD(at[18], at[23]);    MULADD(at[19], at[22]); 
+   COMBA_STORE(C->dp[21]);
+   /* 22 */
+   COMBA_FORWARD;
+   MULADD(at[3], at[39]);    MULADD(at[4], at[38]);    MULADD(at[5], at[37]);    MULADD(at[6], at[36]);    MULADD(at[7], at[35]);    MULADD(at[8], at[34]);    MULADD(at[9], at[33]);    MULADD(at[10], at[32]);    MULADD(at[11], at[31]);    MULADD(at[12], at[30]);    MULADD(at[13], at[29]);    MULADD(at[14], at[28]);    MULADD(at[15], at[27]);    MULADD(at[16], at[26]);    MULADD(at[17], at[25]);    MULADD(at[18], at[24]);    MULADD(at[19], at[23]); 
+   COMBA_STORE(C->dp[22]);
+   /* 23 */
+   COMBA_FORWARD;
+   MULADD(at[4], at[39]);    MULADD(at[5], at[38]);    MULADD(at[6], at[37]);    MULADD(at[7], at[36]);    MULADD(at[8], at[35]);    MULADD(at[9], at[34]);    MULADD(at[10], at[33]);    MULADD(at[11], at[32]);    MULADD(at[12], at[31]);    MULADD(at[13], at[30]);    MULADD(at[14], at[29]);    MULADD(at[15], at[28]);    MULADD(at[16], at[27]);    MULADD(at[17], at[26]);    MULADD(at[18], at[25]);    MULADD(at[19], at[24]); 
+   COMBA_STORE(C->dp[23]);
+   /* 24 */
+   COMBA_FORWARD;
+   MULADD(at[5], at[39]);    MULADD(at[6], at[38]);    MULADD(at[7], at[37]);    MULADD(at[8], at[36]);    MULADD(at[9], at[35]);    MULADD(at[10], at[34]);    MULADD(at[11], at[33]);    MULADD(at[12], at[32]);    MULADD(at[13], at[31]);    MULADD(at[14], at[30]);    MULADD(at[15], at[29]);    MULADD(at[16], at[28]);    MULADD(at[17], at[27]);    MULADD(at[18], at[26]);    MULADD(at[19], at[25]); 
+   COMBA_STORE(C->dp[24]);
+   /* 25 */
+   COMBA_FORWARD;
+   MULADD(at[6], at[39]);    MULADD(at[7], at[38]);    MULADD(at[8], at[37]);    MULADD(at[9], at[36]);    MULADD(at[10], at[35]);    MULADD(at[11], at[34]);    MULADD(at[12], at[33]);    MULADD(at[13], at[32]);    MULADD(at[14], at[31]);    MULADD(at[15], at[30]);    MULADD(at[16], at[29]);    MULADD(at[17], at[28]);    MULADD(at[18], at[27]);    MULADD(at[19], at[26]); 
+   COMBA_STORE(C->dp[25]);
+   /* 26 */
+   COMBA_FORWARD;
+   MULADD(at[7], at[39]);    MULADD(at[8], at[38]);    MULADD(at[9], at[37]);    MULADD(at[10], at[36]);    MULADD(at[11], at[35]);    MULADD(at[12], at[34]);    MULADD(at[13], at[33]);    MULADD(at[14], at[32]);    MULADD(at[15], at[31]);    MULADD(at[16], at[30]);    MULADD(at[17], at[29]);    MULADD(at[18], at[28]);    MULADD(at[19], at[27]); 
+   COMBA_STORE(C->dp[26]);
+   /* 27 */
+   COMBA_FORWARD;
+   MULADD(at[8], at[39]);    MULADD(at[9], at[38]);    MULADD(at[10], at[37]);    MULADD(at[11], at[36]);    MULADD(at[12], at[35]);    MULADD(at[13], at[34]);    MULADD(at[14], at[33]);    MULADD(at[15], at[32]);    MULADD(at[16], at[31]);    MULADD(at[17], at[30]);    MULADD(at[18], at[29]);    MULADD(at[19], at[28]); 
+   COMBA_STORE(C->dp[27]);
+   /* 28 */
+   COMBA_FORWARD;
+   MULADD(at[9], at[39]);    MULADD(at[10], at[38]);    MULADD(at[11], at[37]);    MULADD(at[12], at[36]);    MULADD(at[13], at[35]);    MULADD(at[14], at[34]);    MULADD(at[15], at[33]);    MULADD(at[16], at[32]);    MULADD(at[17], at[31]);    MULADD(at[18], at[30]);    MULADD(at[19], at[29]); 
+   COMBA_STORE(C->dp[28]);
+   /* 29 */
+   COMBA_FORWARD;
+   MULADD(at[10], at[39]);    MULADD(at[11], at[38]);    MULADD(at[12], at[37]);    MULADD(at[13], at[36]);    MULADD(at[14], at[35]);    MULADD(at[15], at[34]);    MULADD(at[16], at[33]);    MULADD(at[17], at[32]);    MULADD(at[18], at[31]);    MULADD(at[19], at[30]); 
+   COMBA_STORE(C->dp[29]);
+   /* 30 */
+   COMBA_FORWARD;
+   MULADD(at[11], at[39]);    MULADD(at[12], at[38]);    MULADD(at[13], at[37]);    MULADD(at[14], at[36]);    MULADD(at[15], at[35]);    MULADD(at[16], at[34]);    MULADD(at[17], at[33]);    MULADD(at[18], at[32]);    MULADD(at[19], at[31]); 
+   COMBA_STORE(C->dp[30]);
+   /* 31 */
+   COMBA_FORWARD;
+   MULADD(at[12], at[39]);    MULADD(at[13], at[38]);    MULADD(at[14], at[37]);    MULADD(at[15], at[36]);    MULADD(at[16], at[35]);    MULADD(at[17], at[34]);    MULADD(at[18], at[33]);    MULADD(at[19], at[32]); 
+   COMBA_STORE(C->dp[31]);
+   /* 32 */
+   COMBA_FORWARD;
+   MULADD(at[13], at[39]);    MULADD(at[14], at[38]);    MULADD(at[15], at[37]);    MULADD(at[16], at[36]);    MULADD(at[17], at[35]);    MULADD(at[18], at[34]);    MULADD(at[19], at[33]); 
+   COMBA_STORE(C->dp[32]);
+   /* 33 */
+   COMBA_FORWARD;
+   MULADD(at[14], at[39]);    MULADD(at[15], at[38]);    MULADD(at[16], at[37]);    MULADD(at[17], at[36]);    MULADD(at[18], at[35]);    MULADD(at[19], at[34]); 
+   COMBA_STORE(C->dp[33]);
+   /* 34 */
+   COMBA_FORWARD;
+   MULADD(at[15], at[39]);    MULADD(at[16], at[38]);    MULADD(at[17], at[37]);    MULADD(at[18], at[36]);    MULADD(at[19], at[35]); 
+   COMBA_STORE(C->dp[34]);
+   /* 35 */
+   COMBA_FORWARD;
+   MULADD(at[16], at[39]);    MULADD(at[17], at[38]);    MULADD(at[18], at[37]);    MULADD(at[19], at[36]); 
+   COMBA_STORE(C->dp[35]);
+   /* 36 */
+   COMBA_FORWARD;
+   MULADD(at[17], at[39]);    MULADD(at[18], at[38]);    MULADD(at[19], at[37]); 
+   COMBA_STORE(C->dp[36]);
+   /* 37 */
+   COMBA_FORWARD;
+   MULADD(at[18], at[39]);    MULADD(at[19], at[38]); 
+   COMBA_STORE(C->dp[37]);
+   /* 38 */
+   COMBA_FORWARD;
+   MULADD(at[19], at[39]); 
+   COMBA_STORE(C->dp[38]);
+   COMBA_STORE2(C->dp[39]);
+   C->used = 40;
+   C->sign = A->sign ^ B->sign;
+   fp_clamp(C);
+   COMBA_FINI;
+}
+#endif
diff --git a/3P/wolfssl/wolfcrypt/src/fp_mul_comba_24.i b/3P/wolfssl/wolfcrypt/src/fp_mul_comba_24.i
new file mode 100644
index 00000000..2576d27a
--- /dev/null
+++ b/3P/wolfssl/wolfcrypt/src/fp_mul_comba_24.i
@@ -0,0 +1,226 @@
+/* fp_mul_comba_24.i
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#ifdef TFM_MUL24
+void fp_mul_comba24(fp_int *A, fp_int *B, fp_int *C)
+{
+   fp_digit c0, c1, c2, at[48];
+
+   memcpy(at, A->dp, 24 * sizeof(fp_digit));
+   memcpy(at+24, B->dp, 24 * sizeof(fp_digit));
+   COMBA_START;
+
+   COMBA_CLEAR;
+   /* 0 */
+   MULADD(at[0], at[24]); 
+   COMBA_STORE(C->dp[0]);
+   /* 1 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[25]);    MULADD(at[1], at[24]); 
+   COMBA_STORE(C->dp[1]);
+   /* 2 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[26]);    MULADD(at[1], at[25]);    MULADD(at[2], at[24]); 
+   COMBA_STORE(C->dp[2]);
+   /* 3 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[27]);    MULADD(at[1], at[26]);    MULADD(at[2], at[25]);    MULADD(at[3], at[24]); 
+   COMBA_STORE(C->dp[3]);
+   /* 4 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[28]);    MULADD(at[1], at[27]);    MULADD(at[2], at[26]);    MULADD(at[3], at[25]);    MULADD(at[4], at[24]); 
+   COMBA_STORE(C->dp[4]);
+   /* 5 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[29]);    MULADD(at[1], at[28]);    MULADD(at[2], at[27]);    MULADD(at[3], at[26]);    MULADD(at[4], at[25]);    MULADD(at[5], at[24]); 
+   COMBA_STORE(C->dp[5]);
+   /* 6 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[30]);    MULADD(at[1], at[29]);    MULADD(at[2], at[28]);    MULADD(at[3], at[27]);    MULADD(at[4], at[26]);    MULADD(at[5], at[25]);    MULADD(at[6], at[24]); 
+   COMBA_STORE(C->dp[6]);
+   /* 7 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[31]);    MULADD(at[1], at[30]);    MULADD(at[2], at[29]);    MULADD(at[3], at[28]);    MULADD(at[4], at[27]);    MULADD(at[5], at[26]);    MULADD(at[6], at[25]);    MULADD(at[7], at[24]); 
+   COMBA_STORE(C->dp[7]);
+   /* 8 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[32]);    MULADD(at[1], at[31]);    MULADD(at[2], at[30]);    MULADD(at[3], at[29]);    MULADD(at[4], at[28]);    MULADD(at[5], at[27]);    MULADD(at[6], at[26]);    MULADD(at[7], at[25]);    MULADD(at[8], at[24]); 
+   COMBA_STORE(C->dp[8]);
+   /* 9 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[33]);    MULADD(at[1], at[32]);    MULADD(at[2], at[31]);    MULADD(at[3], at[30]);    MULADD(at[4], at[29]);    MULADD(at[5], at[28]);    MULADD(at[6], at[27]);    MULADD(at[7], at[26]);    MULADD(at[8], at[25]);    MULADD(at[9], at[24]); 
+   COMBA_STORE(C->dp[9]);
+   /* 10 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[34]);    MULADD(at[1], at[33]);    MULADD(at[2], at[32]);    MULADD(at[3], at[31]);    MULADD(at[4], at[30]);    MULADD(at[5], at[29]);    MULADD(at[6], at[28]);    MULADD(at[7], at[27]);    MULADD(at[8], at[26]);    MULADD(at[9], at[25]);    MULADD(at[10], at[24]); 
+   COMBA_STORE(C->dp[10]);
+   /* 11 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[35]);    MULADD(at[1], at[34]);    MULADD(at[2], at[33]);    MULADD(at[3], at[32]);    MULADD(at[4], at[31]);    MULADD(at[5], at[30]);    MULADD(at[6], at[29]);    MULADD(at[7], at[28]);    MULADD(at[8], at[27]);    MULADD(at[9], at[26]);    MULADD(at[10], at[25]);    MULADD(at[11], at[24]); 
+   COMBA_STORE(C->dp[11]);
+   /* 12 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[36]);    MULADD(at[1], at[35]);    MULADD(at[2], at[34]);    MULADD(at[3], at[33]);    MULADD(at[4], at[32]);    MULADD(at[5], at[31]);    MULADD(at[6], at[30]);    MULADD(at[7], at[29]);    MULADD(at[8], at[28]);    MULADD(at[9], at[27]);    MULADD(at[10], at[26]);    MULADD(at[11], at[25]);    MULADD(at[12], at[24]); 
+   COMBA_STORE(C->dp[12]);
+   /* 13 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[37]);    MULADD(at[1], at[36]);    MULADD(at[2], at[35]);    MULADD(at[3], at[34]);    MULADD(at[4], at[33]);    MULADD(at[5], at[32]);    MULADD(at[6], at[31]);    MULADD(at[7], at[30]);    MULADD(at[8], at[29]);    MULADD(at[9], at[28]);    MULADD(at[10], at[27]);    MULADD(at[11], at[26]);    MULADD(at[12], at[25]);    MULADD(at[13], at[24]); 
+   COMBA_STORE(C->dp[13]);
+   /* 14 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[38]);    MULADD(at[1], at[37]);    MULADD(at[2], at[36]);    MULADD(at[3], at[35]);    MULADD(at[4], at[34]);    MULADD(at[5], at[33]);    MULADD(at[6], at[32]);    MULADD(at[7], at[31]);    MULADD(at[8], at[30]);    MULADD(at[9], at[29]);    MULADD(at[10], at[28]);    MULADD(at[11], at[27]);    MULADD(at[12], at[26]);    MULADD(at[13], at[25]);    MULADD(at[14], at[24]); 
+   COMBA_STORE(C->dp[14]);
+   /* 15 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[39]);    MULADD(at[1], at[38]);    MULADD(at[2], at[37]);    MULADD(at[3], at[36]);    MULADD(at[4], at[35]);    MULADD(at[5], at[34]);    MULADD(at[6], at[33]);    MULADD(at[7], at[32]);    MULADD(at[8], at[31]);    MULADD(at[9], at[30]);    MULADD(at[10], at[29]);    MULADD(at[11], at[28]);    MULADD(at[12], at[27]);    MULADD(at[13], at[26]);    MULADD(at[14], at[25]);    MULADD(at[15], at[24]); 
+   COMBA_STORE(C->dp[15]);
+   /* 16 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[40]);    MULADD(at[1], at[39]);    MULADD(at[2], at[38]);    MULADD(at[3], at[37]);    MULADD(at[4], at[36]);    MULADD(at[5], at[35]);    MULADD(at[6], at[34]);    MULADD(at[7], at[33]);    MULADD(at[8], at[32]);    MULADD(at[9], at[31]);    MULADD(at[10], at[30]);    MULADD(at[11], at[29]);    MULADD(at[12], at[28]);    MULADD(at[13], at[27]);    MULADD(at[14], at[26]);    MULADD(at[15], at[25]);    MULADD(at[16], at[24]); 
+   COMBA_STORE(C->dp[16]);
+   /* 17 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[41]);    MULADD(at[1], at[40]);    MULADD(at[2], at[39]);    MULADD(at[3], at[38]);    MULADD(at[4], at[37]);    MULADD(at[5], at[36]);    MULADD(at[6], at[35]);    MULADD(at[7], at[34]);    MULADD(at[8], at[33]);    MULADD(at[9], at[32]);    MULADD(at[10], at[31]);    MULADD(at[11], at[30]);    MULADD(at[12], at[29]);    MULADD(at[13], at[28]);    MULADD(at[14], at[27]);    MULADD(at[15], at[26]);    MULADD(at[16], at[25]);    MULADD(at[17], at[24]); 
+   COMBA_STORE(C->dp[17]);
+   /* 18 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[42]);    MULADD(at[1], at[41]);    MULADD(at[2], at[40]);    MULADD(at[3], at[39]);    MULADD(at[4], at[38]);    MULADD(at[5], at[37]);    MULADD(at[6], at[36]);    MULADD(at[7], at[35]);    MULADD(at[8], at[34]);    MULADD(at[9], at[33]);    MULADD(at[10], at[32]);    MULADD(at[11], at[31]);    MULADD(at[12], at[30]);    MULADD(at[13], at[29]);    MULADD(at[14], at[28]);    MULADD(at[15], at[27]);    MULADD(at[16], at[26]);    MULADD(at[17], at[25]);    MULADD(at[18], at[24]); 
+   COMBA_STORE(C->dp[18]);
+   /* 19 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[43]);    MULADD(at[1], at[42]);    MULADD(at[2], at[41]);    MULADD(at[3], at[40]);    MULADD(at[4], at[39]);    MULADD(at[5], at[38]);    MULADD(at[6], at[37]);    MULADD(at[7], at[36]);    MULADD(at[8], at[35]);    MULADD(at[9], at[34]);    MULADD(at[10], at[33]);    MULADD(at[11], at[32]);    MULADD(at[12], at[31]);    MULADD(at[13], at[30]);    MULADD(at[14], at[29]);    MULADD(at[15], at[28]);    MULADD(at[16], at[27]);    MULADD(at[17], at[26]);    MULADD(at[18], at[25]);    MULADD(at[19], at[24]); 
+   COMBA_STORE(C->dp[19]);
+   /* 20 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[44]);    MULADD(at[1], at[43]);    MULADD(at[2], at[42]);    MULADD(at[3], at[41]);    MULADD(at[4], at[40]);    MULADD(at[5], at[39]);    MULADD(at[6], at[38]);    MULADD(at[7], at[37]);    MULADD(at[8], at[36]);    MULADD(at[9], at[35]);    MULADD(at[10], at[34]);    MULADD(at[11], at[33]);    MULADD(at[12], at[32]);    MULADD(at[13], at[31]);    MULADD(at[14], at[30]);    MULADD(at[15], at[29]);    MULADD(at[16], at[28]);    MULADD(at[17], at[27]);    MULADD(at[18], at[26]);    MULADD(at[19], at[25]);    MULADD(at[20], at[24]); 
+   COMBA_STORE(C->dp[20]);
+   /* 21 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[45]);    MULADD(at[1], at[44]);    MULADD(at[2], at[43]);    MULADD(at[3], at[42]);    MULADD(at[4], at[41]);    MULADD(at[5], at[40]);    MULADD(at[6], at[39]);    MULADD(at[7], at[38]);    MULADD(at[8], at[37]);    MULADD(at[9], at[36]);    MULADD(at[10], at[35]);    MULADD(at[11], at[34]);    MULADD(at[12], at[33]);    MULADD(at[13], at[32]);    MULADD(at[14], at[31]);    MULADD(at[15], at[30]);    MULADD(at[16], at[29]);    MULADD(at[17], at[28]);    MULADD(at[18], at[27]);    MULADD(at[19], at[26]);    MULADD(at[20], at[25]);    MULADD(at[21], at[24]); 
+   COMBA_STORE(C->dp[21]);
+   /* 22 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[46]);    MULADD(at[1], at[45]);    MULADD(at[2], at[44]);    MULADD(at[3], at[43]);    MULADD(at[4], at[42]);    MULADD(at[5], at[41]);    MULADD(at[6], at[40]);    MULADD(at[7], at[39]);    MULADD(at[8], at[38]);    MULADD(at[9], at[37]);    MULADD(at[10], at[36]);    MULADD(at[11], at[35]);    MULADD(at[12], at[34]);    MULADD(at[13], at[33]);    MULADD(at[14], at[32]);    MULADD(at[15], at[31]);    MULADD(at[16], at[30]);    MULADD(at[17], at[29]);    MULADD(at[18], at[28]);    MULADD(at[19], at[27]);    MULADD(at[20], at[26]);    MULADD(at[21], at[25]);    MULADD(at[22], at[24]); 
+   COMBA_STORE(C->dp[22]);
+   /* 23 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[47]);    MULADD(at[1], at[46]);    MULADD(at[2], at[45]);    MULADD(at[3], at[44]);    MULADD(at[4], at[43]);    MULADD(at[5], at[42]);    MULADD(at[6], at[41]);    MULADD(at[7], at[40]);    MULADD(at[8], at[39]);    MULADD(at[9], at[38]);    MULADD(at[10], at[37]);    MULADD(at[11], at[36]);    MULADD(at[12], at[35]);    MULADD(at[13], at[34]);    MULADD(at[14], at[33]);    MULADD(at[15], at[32]);    MULADD(at[16], at[31]);    MULADD(at[17], at[30]);    MULADD(at[18], at[29]);    MULADD(at[19], at[28]);    MULADD(at[20], at[27]);    MULADD(at[21], at[26]);    MULADD(at[22], at[25]);    MULADD(at[23], at[24]); 
+   COMBA_STORE(C->dp[23]);
+   /* 24 */
+   COMBA_FORWARD;
+   MULADD(at[1], at[47]);    MULADD(at[2], at[46]);    MULADD(at[3], at[45]);    MULADD(at[4], at[44]);    MULADD(at[5], at[43]);    MULADD(at[6], at[42]);    MULADD(at[7], at[41]);    MULADD(at[8], at[40]);    MULADD(at[9], at[39]);    MULADD(at[10], at[38]);    MULADD(at[11], at[37]);    MULADD(at[12], at[36]);    MULADD(at[13], at[35]);    MULADD(at[14], at[34]);    MULADD(at[15], at[33]);    MULADD(at[16], at[32]);    MULADD(at[17], at[31]);    MULADD(at[18], at[30]);    MULADD(at[19], at[29]);    MULADD(at[20], at[28]);    MULADD(at[21], at[27]);    MULADD(at[22], at[26]);    MULADD(at[23], at[25]); 
+   COMBA_STORE(C->dp[24]);
+   /* 25 */
+   COMBA_FORWARD;
+   MULADD(at[2], at[47]);    MULADD(at[3], at[46]);    MULADD(at[4], at[45]);    MULADD(at[5], at[44]);    MULADD(at[6], at[43]);    MULADD(at[7], at[42]);    MULADD(at[8], at[41]);    MULADD(at[9], at[40]);    MULADD(at[10], at[39]);    MULADD(at[11], at[38]);    MULADD(at[12], at[37]);    MULADD(at[13], at[36]);    MULADD(at[14], at[35]);    MULADD(at[15], at[34]);    MULADD(at[16], at[33]);    MULADD(at[17], at[32]);    MULADD(at[18], at[31]);    MULADD(at[19], at[30]);    MULADD(at[20], at[29]);    MULADD(at[21], at[28]);    MULADD(at[22], at[27]);    MULADD(at[23], at[26]); 
+   COMBA_STORE(C->dp[25]);
+   /* 26 */
+   COMBA_FORWARD;
+   MULADD(at[3], at[47]);    MULADD(at[4], at[46]);    MULADD(at[5], at[45]);    MULADD(at[6], at[44]);    MULADD(at[7], at[43]);    MULADD(at[8], at[42]);    MULADD(at[9], at[41]);    MULADD(at[10], at[40]);    MULADD(at[11], at[39]);    MULADD(at[12], at[38]);    MULADD(at[13], at[37]);    MULADD(at[14], at[36]);    MULADD(at[15], at[35]);    MULADD(at[16], at[34]);    MULADD(at[17], at[33]);    MULADD(at[18], at[32]);    MULADD(at[19], at[31]);    MULADD(at[20], at[30]);    MULADD(at[21], at[29]);    MULADD(at[22], at[28]);    MULADD(at[23], at[27]); 
+   COMBA_STORE(C->dp[26]);
+   /* 27 */
+   COMBA_FORWARD;
+   MULADD(at[4], at[47]);    MULADD(at[5], at[46]);    MULADD(at[6], at[45]);    MULADD(at[7], at[44]);    MULADD(at[8], at[43]);    MULADD(at[9], at[42]);    MULADD(at[10], at[41]);    MULADD(at[11], at[40]);    MULADD(at[12], at[39]);    MULADD(at[13], at[38]);    MULADD(at[14], at[37]);    MULADD(at[15], at[36]);    MULADD(at[16], at[35]);    MULADD(at[17], at[34]);    MULADD(at[18], at[33]);    MULADD(at[19], at[32]);    MULADD(at[20], at[31]);    MULADD(at[21], at[30]);    MULADD(at[22], at[29]);    MULADD(at[23], at[28]); 
+   COMBA_STORE(C->dp[27]);
+   /* 28 */
+   COMBA_FORWARD;
+   MULADD(at[5], at[47]);    MULADD(at[6], at[46]);    MULADD(at[7], at[45]);    MULADD(at[8], at[44]);    MULADD(at[9], at[43]);    MULADD(at[10], at[42]);    MULADD(at[11], at[41]);    MULADD(at[12], at[40]);    MULADD(at[13], at[39]);    MULADD(at[14], at[38]);    MULADD(at[15], at[37]);    MULADD(at[16], at[36]);    MULADD(at[17], at[35]);    MULADD(at[18], at[34]);    MULADD(at[19], at[33]);    MULADD(at[20], at[32]);    MULADD(at[21], at[31]);    MULADD(at[22], at[30]);    MULADD(at[23], at[29]); 
+   COMBA_STORE(C->dp[28]);
+   /* 29 */
+   COMBA_FORWARD;
+   MULADD(at[6], at[47]);    MULADD(at[7], at[46]);    MULADD(at[8], at[45]);    MULADD(at[9], at[44]);    MULADD(at[10], at[43]);    MULADD(at[11], at[42]);    MULADD(at[12], at[41]);    MULADD(at[13], at[40]);    MULADD(at[14], at[39]);    MULADD(at[15], at[38]);    MULADD(at[16], at[37]);    MULADD(at[17], at[36]);    MULADD(at[18], at[35]);    MULADD(at[19], at[34]);    MULADD(at[20], at[33]);    MULADD(at[21], at[32]);    MULADD(at[22], at[31]);    MULADD(at[23], at[30]); 
+   COMBA_STORE(C->dp[29]);
+   /* 30 */
+   COMBA_FORWARD;
+   MULADD(at[7], at[47]);    MULADD(at[8], at[46]);    MULADD(at[9], at[45]);    MULADD(at[10], at[44]);    MULADD(at[11], at[43]);    MULADD(at[12], at[42]);    MULADD(at[13], at[41]);    MULADD(at[14], at[40]);    MULADD(at[15], at[39]);    MULADD(at[16], at[38]);    MULADD(at[17], at[37]);    MULADD(at[18], at[36]);    MULADD(at[19], at[35]);    MULADD(at[20], at[34]);    MULADD(at[21], at[33]);    MULADD(at[22], at[32]);    MULADD(at[23], at[31]); 
+   COMBA_STORE(C->dp[30]);
+   /* 31 */
+   COMBA_FORWARD;
+   MULADD(at[8], at[47]);    MULADD(at[9], at[46]);    MULADD(at[10], at[45]);    MULADD(at[11], at[44]);    MULADD(at[12], at[43]);    MULADD(at[13], at[42]);    MULADD(at[14], at[41]);    MULADD(at[15], at[40]);    MULADD(at[16], at[39]);    MULADD(at[17], at[38]);    MULADD(at[18], at[37]);    MULADD(at[19], at[36]);    MULADD(at[20], at[35]);    MULADD(at[21], at[34]);    MULADD(at[22], at[33]);    MULADD(at[23], at[32]); 
+   COMBA_STORE(C->dp[31]);
+   /* 32 */
+   COMBA_FORWARD;
+   MULADD(at[9], at[47]);    MULADD(at[10], at[46]);    MULADD(at[11], at[45]);    MULADD(at[12], at[44]);    MULADD(at[13], at[43]);    MULADD(at[14], at[42]);    MULADD(at[15], at[41]);    MULADD(at[16], at[40]);    MULADD(at[17], at[39]);    MULADD(at[18], at[38]);    MULADD(at[19], at[37]);    MULADD(at[20], at[36]);    MULADD(at[21], at[35]);    MULADD(at[22], at[34]);    MULADD(at[23], at[33]); 
+   COMBA_STORE(C->dp[32]);
+   /* 33 */
+   COMBA_FORWARD;
+   MULADD(at[10], at[47]);    MULADD(at[11], at[46]);    MULADD(at[12], at[45]);    MULADD(at[13], at[44]);    MULADD(at[14], at[43]);    MULADD(at[15], at[42]);    MULADD(at[16], at[41]);    MULADD(at[17], at[40]);    MULADD(at[18], at[39]);    MULADD(at[19], at[38]);    MULADD(at[20], at[37]);    MULADD(at[21], at[36]);    MULADD(at[22], at[35]);    MULADD(at[23], at[34]); 
+   COMBA_STORE(C->dp[33]);
+   /* 34 */
+   COMBA_FORWARD;
+   MULADD(at[11], at[47]);    MULADD(at[12], at[46]);    MULADD(at[13], at[45]);    MULADD(at[14], at[44]);    MULADD(at[15], at[43]);    MULADD(at[16], at[42]);    MULADD(at[17], at[41]);    MULADD(at[18], at[40]);    MULADD(at[19], at[39]);    MULADD(at[20], at[38]);    MULADD(at[21], at[37]);    MULADD(at[22], at[36]);    MULADD(at[23], at[35]); 
+   COMBA_STORE(C->dp[34]);
+   /* 35 */
+   COMBA_FORWARD;
+   MULADD(at[12], at[47]);    MULADD(at[13], at[46]);    MULADD(at[14], at[45]);    MULADD(at[15], at[44]);    MULADD(at[16], at[43]);    MULADD(at[17], at[42]);    MULADD(at[18], at[41]);    MULADD(at[19], at[40]);    MULADD(at[20], at[39]);    MULADD(at[21], at[38]);    MULADD(at[22], at[37]);    MULADD(at[23], at[36]); 
+   COMBA_STORE(C->dp[35]);
+   /* 36 */
+   COMBA_FORWARD;
+   MULADD(at[13], at[47]);    MULADD(at[14], at[46]);    MULADD(at[15], at[45]);    MULADD(at[16], at[44]);    MULADD(at[17], at[43]);    MULADD(at[18], at[42]);    MULADD(at[19], at[41]);    MULADD(at[20], at[40]);    MULADD(at[21], at[39]);    MULADD(at[22], at[38]);    MULADD(at[23], at[37]); 
+   COMBA_STORE(C->dp[36]);
+   /* 37 */
+   COMBA_FORWARD;
+   MULADD(at[14], at[47]);    MULADD(at[15], at[46]);    MULADD(at[16], at[45]);    MULADD(at[17], at[44]);    MULADD(at[18], at[43]);    MULADD(at[19], at[42]);    MULADD(at[20], at[41]);    MULADD(at[21], at[40]);    MULADD(at[22], at[39]);    MULADD(at[23], at[38]); 
+   COMBA_STORE(C->dp[37]);
+   /* 38 */
+   COMBA_FORWARD;
+   MULADD(at[15], at[47]);    MULADD(at[16], at[46]);    MULADD(at[17], at[45]);    MULADD(at[18], at[44]);    MULADD(at[19], at[43]);    MULADD(at[20], at[42]);    MULADD(at[21], at[41]);    MULADD(at[22], at[40]);    MULADD(at[23], at[39]); 
+   COMBA_STORE(C->dp[38]);
+   /* 39 */
+   COMBA_FORWARD;
+   MULADD(at[16], at[47]);    MULADD(at[17], at[46]);    MULADD(at[18], at[45]);    MULADD(at[19], at[44]);    MULADD(at[20], at[43]);    MULADD(at[21], at[42]);    MULADD(at[22], at[41]);    MULADD(at[23], at[40]); 
+   COMBA_STORE(C->dp[39]);
+   /* 40 */
+   COMBA_FORWARD;
+   MULADD(at[17], at[47]);    MULADD(at[18], at[46]);    MULADD(at[19], at[45]);    MULADD(at[20], at[44]);    MULADD(at[21], at[43]);    MULADD(at[22], at[42]);    MULADD(at[23], at[41]); 
+   COMBA_STORE(C->dp[40]);
+   /* 41 */
+   COMBA_FORWARD;
+   MULADD(at[18], at[47]);    MULADD(at[19], at[46]);    MULADD(at[20], at[45]);    MULADD(at[21], at[44]);    MULADD(at[22], at[43]);    MULADD(at[23], at[42]); 
+   COMBA_STORE(C->dp[41]);
+   /* 42 */
+   COMBA_FORWARD;
+   MULADD(at[19], at[47]);    MULADD(at[20], at[46]);    MULADD(at[21], at[45]);    MULADD(at[22], at[44]);    MULADD(at[23], at[43]); 
+   COMBA_STORE(C->dp[42]);
+   /* 43 */
+   COMBA_FORWARD;
+   MULADD(at[20], at[47]);    MULADD(at[21], at[46]);    MULADD(at[22], at[45]);    MULADD(at[23], at[44]); 
+   COMBA_STORE(C->dp[43]);
+   /* 44 */
+   COMBA_FORWARD;
+   MULADD(at[21], at[47]);    MULADD(at[22], at[46]);    MULADD(at[23], at[45]); 
+   COMBA_STORE(C->dp[44]);
+   /* 45 */
+   COMBA_FORWARD;
+   MULADD(at[22], at[47]);    MULADD(at[23], at[46]); 
+   COMBA_STORE(C->dp[45]);
+   /* 46 */
+   COMBA_FORWARD;
+   MULADD(at[23], at[47]); 
+   COMBA_STORE(C->dp[46]);
+   COMBA_STORE2(C->dp[47]);
+   C->used = 48;
+   C->sign = A->sign ^ B->sign;
+   fp_clamp(C);
+   COMBA_FINI;
+}
+#endif
diff --git a/3P/wolfssl/wolfcrypt/src/fp_mul_comba_28.i b/3P/wolfssl/wolfcrypt/src/fp_mul_comba_28.i
new file mode 100644
index 00000000..822dd14c
--- /dev/null
+++ b/3P/wolfssl/wolfcrypt/src/fp_mul_comba_28.i
@@ -0,0 +1,258 @@
+/* fp_mul_comba_28.i
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#ifdef TFM_MUL28
+void fp_mul_comba28(fp_int *A, fp_int *B, fp_int *C)
+{
+   fp_digit c0, c1, c2, at[56];
+
+   memcpy(at, A->dp, 28 * sizeof(fp_digit));
+   memcpy(at+28, B->dp, 28 * sizeof(fp_digit));
+   COMBA_START;
+
+   COMBA_CLEAR;
+   /* 0 */
+   MULADD(at[0], at[28]); 
+   COMBA_STORE(C->dp[0]);
+   /* 1 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[29]);    MULADD(at[1], at[28]); 
+   COMBA_STORE(C->dp[1]);
+   /* 2 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[30]);    MULADD(at[1], at[29]);    MULADD(at[2], at[28]); 
+   COMBA_STORE(C->dp[2]);
+   /* 3 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[31]);    MULADD(at[1], at[30]);    MULADD(at[2], at[29]);    MULADD(at[3], at[28]); 
+   COMBA_STORE(C->dp[3]);
+   /* 4 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[32]);    MULADD(at[1], at[31]);    MULADD(at[2], at[30]);    MULADD(at[3], at[29]);    MULADD(at[4], at[28]); 
+   COMBA_STORE(C->dp[4]);
+   /* 5 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[33]);    MULADD(at[1], at[32]);    MULADD(at[2], at[31]);    MULADD(at[3], at[30]);    MULADD(at[4], at[29]);    MULADD(at[5], at[28]); 
+   COMBA_STORE(C->dp[5]);
+   /* 6 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[34]);    MULADD(at[1], at[33]);    MULADD(at[2], at[32]);    MULADD(at[3], at[31]);    MULADD(at[4], at[30]);    MULADD(at[5], at[29]);    MULADD(at[6], at[28]); 
+   COMBA_STORE(C->dp[6]);
+   /* 7 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[35]);    MULADD(at[1], at[34]);    MULADD(at[2], at[33]);    MULADD(at[3], at[32]);    MULADD(at[4], at[31]);    MULADD(at[5], at[30]);    MULADD(at[6], at[29]);    MULADD(at[7], at[28]); 
+   COMBA_STORE(C->dp[7]);
+   /* 8 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[36]);    MULADD(at[1], at[35]);    MULADD(at[2], at[34]);    MULADD(at[3], at[33]);    MULADD(at[4], at[32]);    MULADD(at[5], at[31]);    MULADD(at[6], at[30]);    MULADD(at[7], at[29]);    MULADD(at[8], at[28]); 
+   COMBA_STORE(C->dp[8]);
+   /* 9 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[37]);    MULADD(at[1], at[36]);    MULADD(at[2], at[35]);    MULADD(at[3], at[34]);    MULADD(at[4], at[33]);    MULADD(at[5], at[32]);    MULADD(at[6], at[31]);    MULADD(at[7], at[30]);    MULADD(at[8], at[29]);    MULADD(at[9], at[28]); 
+   COMBA_STORE(C->dp[9]);
+   /* 10 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[38]);    MULADD(at[1], at[37]);    MULADD(at[2], at[36]);    MULADD(at[3], at[35]);    MULADD(at[4], at[34]);    MULADD(at[5], at[33]);    MULADD(at[6], at[32]);    MULADD(at[7], at[31]);    MULADD(at[8], at[30]);    MULADD(at[9], at[29]);    MULADD(at[10], at[28]); 
+   COMBA_STORE(C->dp[10]);
+   /* 11 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[39]);    MULADD(at[1], at[38]);    MULADD(at[2], at[37]);    MULADD(at[3], at[36]);    MULADD(at[4], at[35]);    MULADD(at[5], at[34]);    MULADD(at[6], at[33]);    MULADD(at[7], at[32]);    MULADD(at[8], at[31]);    MULADD(at[9], at[30]);    MULADD(at[10], at[29]);    MULADD(at[11], at[28]); 
+   COMBA_STORE(C->dp[11]);
+   /* 12 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[40]);    MULADD(at[1], at[39]);    MULADD(at[2], at[38]);    MULADD(at[3], at[37]);    MULADD(at[4], at[36]);    MULADD(at[5], at[35]);    MULADD(at[6], at[34]);    MULADD(at[7], at[33]);    MULADD(at[8], at[32]);    MULADD(at[9], at[31]);    MULADD(at[10], at[30]);    MULADD(at[11], at[29]);    MULADD(at[12], at[28]); 
+   COMBA_STORE(C->dp[12]);
+   /* 13 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[41]);    MULADD(at[1], at[40]);    MULADD(at[2], at[39]);    MULADD(at[3], at[38]);    MULADD(at[4], at[37]);    MULADD(at[5], at[36]);    MULADD(at[6], at[35]);    MULADD(at[7], at[34]);    MULADD(at[8], at[33]);    MULADD(at[9], at[32]);    MULADD(at[10], at[31]);    MULADD(at[11], at[30]);    MULADD(at[12], at[29]);    MULADD(at[13], at[28]); 
+   COMBA_STORE(C->dp[13]);
+   /* 14 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[42]);    MULADD(at[1], at[41]);    MULADD(at[2], at[40]);    MULADD(at[3], at[39]);    MULADD(at[4], at[38]);    MULADD(at[5], at[37]);    MULADD(at[6], at[36]);    MULADD(at[7], at[35]);    MULADD(at[8], at[34]);    MULADD(at[9], at[33]);    MULADD(at[10], at[32]);    MULADD(at[11], at[31]);    MULADD(at[12], at[30]);    MULADD(at[13], at[29]);    MULADD(at[14], at[28]); 
+   COMBA_STORE(C->dp[14]);
+   /* 15 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[43]);    MULADD(at[1], at[42]);    MULADD(at[2], at[41]);    MULADD(at[3], at[40]);    MULADD(at[4], at[39]);    MULADD(at[5], at[38]);    MULADD(at[6], at[37]);    MULADD(at[7], at[36]);    MULADD(at[8], at[35]);    MULADD(at[9], at[34]);    MULADD(at[10], at[33]);    MULADD(at[11], at[32]);    MULADD(at[12], at[31]);    MULADD(at[13], at[30]);    MULADD(at[14], at[29]);    MULADD(at[15], at[28]); 
+   COMBA_STORE(C->dp[15]);
+   /* 16 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[44]);    MULADD(at[1], at[43]);    MULADD(at[2], at[42]);    MULADD(at[3], at[41]);    MULADD(at[4], at[40]);    MULADD(at[5], at[39]);    MULADD(at[6], at[38]);    MULADD(at[7], at[37]);    MULADD(at[8], at[36]);    MULADD(at[9], at[35]);    MULADD(at[10], at[34]);    MULADD(at[11], at[33]);    MULADD(at[12], at[32]);    MULADD(at[13], at[31]);    MULADD(at[14], at[30]);    MULADD(at[15], at[29]);    MULADD(at[16], at[28]); 
+   COMBA_STORE(C->dp[16]);
+   /* 17 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[45]);    MULADD(at[1], at[44]);    MULADD(at[2], at[43]);    MULADD(at[3], at[42]);    MULADD(at[4], at[41]);    MULADD(at[5], at[40]);    MULADD(at[6], at[39]);    MULADD(at[7], at[38]);    MULADD(at[8], at[37]);    MULADD(at[9], at[36]);    MULADD(at[10], at[35]);    MULADD(at[11], at[34]);    MULADD(at[12], at[33]);    MULADD(at[13], at[32]);    MULADD(at[14], at[31]);    MULADD(at[15], at[30]);    MULADD(at[16], at[29]);    MULADD(at[17], at[28]); 
+   COMBA_STORE(C->dp[17]);
+   /* 18 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[46]);    MULADD(at[1], at[45]);    MULADD(at[2], at[44]);    MULADD(at[3], at[43]);    MULADD(at[4], at[42]);    MULADD(at[5], at[41]);    MULADD(at[6], at[40]);    MULADD(at[7], at[39]);    MULADD(at[8], at[38]);    MULADD(at[9], at[37]);    MULADD(at[10], at[36]);    MULADD(at[11], at[35]);    MULADD(at[12], at[34]);    MULADD(at[13], at[33]);    MULADD(at[14], at[32]);    MULADD(at[15], at[31]);    MULADD(at[16], at[30]);    MULADD(at[17], at[29]);    MULADD(at[18], at[28]); 
+   COMBA_STORE(C->dp[18]);
+   /* 19 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[47]);    MULADD(at[1], at[46]);    MULADD(at[2], at[45]);    MULADD(at[3], at[44]);    MULADD(at[4], at[43]);    MULADD(at[5], at[42]);    MULADD(at[6], at[41]);    MULADD(at[7], at[40]);    MULADD(at[8], at[39]);    MULADD(at[9], at[38]);    MULADD(at[10], at[37]);    MULADD(at[11], at[36]);    MULADD(at[12], at[35]);    MULADD(at[13], at[34]);    MULADD(at[14], at[33]);    MULADD(at[15], at[32]);    MULADD(at[16], at[31]);    MULADD(at[17], at[30]);    MULADD(at[18], at[29]);    MULADD(at[19], at[28]); 
+   COMBA_STORE(C->dp[19]);
+   /* 20 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[48]);    MULADD(at[1], at[47]);    MULADD(at[2], at[46]);    MULADD(at[3], at[45]);    MULADD(at[4], at[44]);    MULADD(at[5], at[43]);    MULADD(at[6], at[42]);    MULADD(at[7], at[41]);    MULADD(at[8], at[40]);    MULADD(at[9], at[39]);    MULADD(at[10], at[38]);    MULADD(at[11], at[37]);    MULADD(at[12], at[36]);    MULADD(at[13], at[35]);    MULADD(at[14], at[34]);    MULADD(at[15], at[33]);    MULADD(at[16], at[32]);    MULADD(at[17], at[31]);    MULADD(at[18], at[30]);    MULADD(at[19], at[29]);    MULADD(at[20], at[28]); 
+   COMBA_STORE(C->dp[20]);
+   /* 21 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[49]);    MULADD(at[1], at[48]);    MULADD(at[2], at[47]);    MULADD(at[3], at[46]);    MULADD(at[4], at[45]);    MULADD(at[5], at[44]);    MULADD(at[6], at[43]);    MULADD(at[7], at[42]);    MULADD(at[8], at[41]);    MULADD(at[9], at[40]);    MULADD(at[10], at[39]);    MULADD(at[11], at[38]);    MULADD(at[12], at[37]);    MULADD(at[13], at[36]);    MULADD(at[14], at[35]);    MULADD(at[15], at[34]);    MULADD(at[16], at[33]);    MULADD(at[17], at[32]);    MULADD(at[18], at[31]);    MULADD(at[19], at[30]);    MULADD(at[20], at[29]);    MULADD(at[21], at[28]); 
+   COMBA_STORE(C->dp[21]);
+   /* 22 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[50]);    MULADD(at[1], at[49]);    MULADD(at[2], at[48]);    MULADD(at[3], at[47]);    MULADD(at[4], at[46]);    MULADD(at[5], at[45]);    MULADD(at[6], at[44]);    MULADD(at[7], at[43]);    MULADD(at[8], at[42]);    MULADD(at[9], at[41]);    MULADD(at[10], at[40]);    MULADD(at[11], at[39]);    MULADD(at[12], at[38]);    MULADD(at[13], at[37]);    MULADD(at[14], at[36]);    MULADD(at[15], at[35]);    MULADD(at[16], at[34]);    MULADD(at[17], at[33]);    MULADD(at[18], at[32]);    MULADD(at[19], at[31]);    MULADD(at[20], at[30]);    MULADD(at[21], at[29]);    MULADD(at[22], at[28]); 
+   COMBA_STORE(C->dp[22]);
+   /* 23 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[51]);    MULADD(at[1], at[50]);    MULADD(at[2], at[49]);    MULADD(at[3], at[48]);    MULADD(at[4], at[47]);    MULADD(at[5], at[46]);    MULADD(at[6], at[45]);    MULADD(at[7], at[44]);    MULADD(at[8], at[43]);    MULADD(at[9], at[42]);    MULADD(at[10], at[41]);    MULADD(at[11], at[40]);    MULADD(at[12], at[39]);    MULADD(at[13], at[38]);    MULADD(at[14], at[37]);    MULADD(at[15], at[36]);    MULADD(at[16], at[35]);    MULADD(at[17], at[34]);    MULADD(at[18], at[33]);    MULADD(at[19], at[32]);    MULADD(at[20], at[31]);    MULADD(at[21], at[30]);    MULADD(at[22], at[29]);    MULADD(at[23], at[28]); 
+   COMBA_STORE(C->dp[23]);
+   /* 24 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[52]);    MULADD(at[1], at[51]);    MULADD(at[2], at[50]);    MULADD(at[3], at[49]);    MULADD(at[4], at[48]);    MULADD(at[5], at[47]);    MULADD(at[6], at[46]);    MULADD(at[7], at[45]);    MULADD(at[8], at[44]);    MULADD(at[9], at[43]);    MULADD(at[10], at[42]);    MULADD(at[11], at[41]);    MULADD(at[12], at[40]);    MULADD(at[13], at[39]);    MULADD(at[14], at[38]);    MULADD(at[15], at[37]);    MULADD(at[16], at[36]);    MULADD(at[17], at[35]);    MULADD(at[18], at[34]);    MULADD(at[19], at[33]);    MULADD(at[20], at[32]);    MULADD(at[21], at[31]);    MULADD(at[22], at[30]);    MULADD(at[23], at[29]);    MULADD(at[24], at[28]); 
+   COMBA_STORE(C->dp[24]);
+   /* 25 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[53]);    MULADD(at[1], at[52]);    MULADD(at[2], at[51]);    MULADD(at[3], at[50]);    MULADD(at[4], at[49]);    MULADD(at[5], at[48]);    MULADD(at[6], at[47]);    MULADD(at[7], at[46]);    MULADD(at[8], at[45]);    MULADD(at[9], at[44]);    MULADD(at[10], at[43]);    MULADD(at[11], at[42]);    MULADD(at[12], at[41]);    MULADD(at[13], at[40]);    MULADD(at[14], at[39]);    MULADD(at[15], at[38]);    MULADD(at[16], at[37]);    MULADD(at[17], at[36]);    MULADD(at[18], at[35]);    MULADD(at[19], at[34]);    MULADD(at[20], at[33]);    MULADD(at[21], at[32]);    MULADD(at[22], at[31]);    MULADD(at[23], at[30]);    MULADD(at[24], at[29]);    MULADD(at[25], at[28]); 
+   COMBA_STORE(C->dp[25]);
+   /* 26 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[54]);    MULADD(at[1], at[53]);    MULADD(at[2], at[52]);    MULADD(at[3], at[51]);    MULADD(at[4], at[50]);    MULADD(at[5], at[49]);    MULADD(at[6], at[48]);    MULADD(at[7], at[47]);    MULADD(at[8], at[46]);    MULADD(at[9], at[45]);    MULADD(at[10], at[44]);    MULADD(at[11], at[43]);    MULADD(at[12], at[42]);    MULADD(at[13], at[41]);    MULADD(at[14], at[40]);    MULADD(at[15], at[39]);    MULADD(at[16], at[38]);    MULADD(at[17], at[37]);    MULADD(at[18], at[36]);    MULADD(at[19], at[35]);    MULADD(at[20], at[34]);    MULADD(at[21], at[33]);    MULADD(at[22], at[32]);    MULADD(at[23], at[31]);    MULADD(at[24], at[30]);    MULADD(at[25], at[29]);    MULADD(at[26], at[28]); 
+   COMBA_STORE(C->dp[26]);
+   /* 27 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[55]);    MULADD(at[1], at[54]);    MULADD(at[2], at[53]);    MULADD(at[3], at[52]);    MULADD(at[4], at[51]);    MULADD(at[5], at[50]);    MULADD(at[6], at[49]);    MULADD(at[7], at[48]);    MULADD(at[8], at[47]);    MULADD(at[9], at[46]);    MULADD(at[10], at[45]);    MULADD(at[11], at[44]);    MULADD(at[12], at[43]);    MULADD(at[13], at[42]);    MULADD(at[14], at[41]);    MULADD(at[15], at[40]);    MULADD(at[16], at[39]);    MULADD(at[17], at[38]);    MULADD(at[18], at[37]);    MULADD(at[19], at[36]);    MULADD(at[20], at[35]);    MULADD(at[21], at[34]);    MULADD(at[22], at[33]);    MULADD(at[23], at[32]);    MULADD(at[24], at[31]);    MULADD(at[25], at[30]);    MULADD(at[26], at[29]);    MULADD(at[27], at[28]); 
+   COMBA_STORE(C->dp[27]);
+   /* 28 */
+   COMBA_FORWARD;
+   MULADD(at[1], at[55]);    MULADD(at[2], at[54]);    MULADD(at[3], at[53]);    MULADD(at[4], at[52]);    MULADD(at[5], at[51]);    MULADD(at[6], at[50]);    MULADD(at[7], at[49]);    MULADD(at[8], at[48]);    MULADD(at[9], at[47]);    MULADD(at[10], at[46]);    MULADD(at[11], at[45]);    MULADD(at[12], at[44]);    MULADD(at[13], at[43]);    MULADD(at[14], at[42]);    MULADD(at[15], at[41]);    MULADD(at[16], at[40]);    MULADD(at[17], at[39]);    MULADD(at[18], at[38]);    MULADD(at[19], at[37]);    MULADD(at[20], at[36]);    MULADD(at[21], at[35]);    MULADD(at[22], at[34]);    MULADD(at[23], at[33]);    MULADD(at[24], at[32]);    MULADD(at[25], at[31]);    MULADD(at[26], at[30]);    MULADD(at[27], at[29]); 
+   COMBA_STORE(C->dp[28]);
+   /* 29 */
+   COMBA_FORWARD;
+   MULADD(at[2], at[55]);    MULADD(at[3], at[54]);    MULADD(at[4], at[53]);    MULADD(at[5], at[52]);    MULADD(at[6], at[51]);    MULADD(at[7], at[50]);    MULADD(at[8], at[49]);    MULADD(at[9], at[48]);    MULADD(at[10], at[47]);    MULADD(at[11], at[46]);    MULADD(at[12], at[45]);    MULADD(at[13], at[44]);    MULADD(at[14], at[43]);    MULADD(at[15], at[42]);    MULADD(at[16], at[41]);    MULADD(at[17], at[40]);    MULADD(at[18], at[39]);    MULADD(at[19], at[38]);    MULADD(at[20], at[37]);    MULADD(at[21], at[36]);    MULADD(at[22], at[35]);    MULADD(at[23], at[34]);    MULADD(at[24], at[33]);    MULADD(at[25], at[32]);    MULADD(at[26], at[31]);    MULADD(at[27], at[30]); 
+   COMBA_STORE(C->dp[29]);
+   /* 30 */
+   COMBA_FORWARD;
+   MULADD(at[3], at[55]);    MULADD(at[4], at[54]);    MULADD(at[5], at[53]);    MULADD(at[6], at[52]);    MULADD(at[7], at[51]);    MULADD(at[8], at[50]);    MULADD(at[9], at[49]);    MULADD(at[10], at[48]);    MULADD(at[11], at[47]);    MULADD(at[12], at[46]);    MULADD(at[13], at[45]);    MULADD(at[14], at[44]);    MULADD(at[15], at[43]);    MULADD(at[16], at[42]);    MULADD(at[17], at[41]);    MULADD(at[18], at[40]);    MULADD(at[19], at[39]);    MULADD(at[20], at[38]);    MULADD(at[21], at[37]);    MULADD(at[22], at[36]);    MULADD(at[23], at[35]);    MULADD(at[24], at[34]);    MULADD(at[25], at[33]);    MULADD(at[26], at[32]);    MULADD(at[27], at[31]); 
+   COMBA_STORE(C->dp[30]);
+   /* 31 */
+   COMBA_FORWARD;
+   MULADD(at[4], at[55]);    MULADD(at[5], at[54]);    MULADD(at[6], at[53]);    MULADD(at[7], at[52]);    MULADD(at[8], at[51]);    MULADD(at[9], at[50]);    MULADD(at[10], at[49]);    MULADD(at[11], at[48]);    MULADD(at[12], at[47]);    MULADD(at[13], at[46]);    MULADD(at[14], at[45]);    MULADD(at[15], at[44]);    MULADD(at[16], at[43]);    MULADD(at[17], at[42]);    MULADD(at[18], at[41]);    MULADD(at[19], at[40]);    MULADD(at[20], at[39]);    MULADD(at[21], at[38]);    MULADD(at[22], at[37]);    MULADD(at[23], at[36]);    MULADD(at[24], at[35]);    MULADD(at[25], at[34]);    MULADD(at[26], at[33]);    MULADD(at[27], at[32]); 
+   COMBA_STORE(C->dp[31]);
+   /* 32 */
+   COMBA_FORWARD;
+   MULADD(at[5], at[55]);    MULADD(at[6], at[54]);    MULADD(at[7], at[53]);    MULADD(at[8], at[52]);    MULADD(at[9], at[51]);    MULADD(at[10], at[50]);    MULADD(at[11], at[49]);    MULADD(at[12], at[48]);    MULADD(at[13], at[47]);    MULADD(at[14], at[46]);    MULADD(at[15], at[45]);    MULADD(at[16], at[44]);    MULADD(at[17], at[43]);    MULADD(at[18], at[42]);    MULADD(at[19], at[41]);    MULADD(at[20], at[40]);    MULADD(at[21], at[39]);    MULADD(at[22], at[38]);    MULADD(at[23], at[37]);    MULADD(at[24], at[36]);    MULADD(at[25], at[35]);    MULADD(at[26], at[34]);    MULADD(at[27], at[33]); 
+   COMBA_STORE(C->dp[32]);
+   /* 33 */
+   COMBA_FORWARD;
+   MULADD(at[6], at[55]);    MULADD(at[7], at[54]);    MULADD(at[8], at[53]);    MULADD(at[9], at[52]);    MULADD(at[10], at[51]);    MULADD(at[11], at[50]);    MULADD(at[12], at[49]);    MULADD(at[13], at[48]);    MULADD(at[14], at[47]);    MULADD(at[15], at[46]);    MULADD(at[16], at[45]);    MULADD(at[17], at[44]);    MULADD(at[18], at[43]);    MULADD(at[19], at[42]);    MULADD(at[20], at[41]);    MULADD(at[21], at[40]);    MULADD(at[22], at[39]);    MULADD(at[23], at[38]);    MULADD(at[24], at[37]);    MULADD(at[25], at[36]);    MULADD(at[26], at[35]);    MULADD(at[27], at[34]); 
+   COMBA_STORE(C->dp[33]);
+   /* 34 */
+   COMBA_FORWARD;
+   MULADD(at[7], at[55]);    MULADD(at[8], at[54]);    MULADD(at[9], at[53]);    MULADD(at[10], at[52]);    MULADD(at[11], at[51]);    MULADD(at[12], at[50]);    MULADD(at[13], at[49]);    MULADD(at[14], at[48]);    MULADD(at[15], at[47]);    MULADD(at[16], at[46]);    MULADD(at[17], at[45]);    MULADD(at[18], at[44]);    MULADD(at[19], at[43]);    MULADD(at[20], at[42]);    MULADD(at[21], at[41]);    MULADD(at[22], at[40]);    MULADD(at[23], at[39]);    MULADD(at[24], at[38]);    MULADD(at[25], at[37]);    MULADD(at[26], at[36]);    MULADD(at[27], at[35]); 
+   COMBA_STORE(C->dp[34]);
+   /* 35 */
+   COMBA_FORWARD;
+   MULADD(at[8], at[55]);    MULADD(at[9], at[54]);    MULADD(at[10], at[53]);    MULADD(at[11], at[52]);    MULADD(at[12], at[51]);    MULADD(at[13], at[50]);    MULADD(at[14], at[49]);    MULADD(at[15], at[48]);    MULADD(at[16], at[47]);    MULADD(at[17], at[46]);    MULADD(at[18], at[45]);    MULADD(at[19], at[44]);    MULADD(at[20], at[43]);    MULADD(at[21], at[42]);    MULADD(at[22], at[41]);    MULADD(at[23], at[40]);    MULADD(at[24], at[39]);    MULADD(at[25], at[38]);    MULADD(at[26], at[37]);    MULADD(at[27], at[36]); 
+   COMBA_STORE(C->dp[35]);
+   /* 36 */
+   COMBA_FORWARD;
+   MULADD(at[9], at[55]);    MULADD(at[10], at[54]);    MULADD(at[11], at[53]);    MULADD(at[12], at[52]);    MULADD(at[13], at[51]);    MULADD(at[14], at[50]);    MULADD(at[15], at[49]);    MULADD(at[16], at[48]);    MULADD(at[17], at[47]);    MULADD(at[18], at[46]);    MULADD(at[19], at[45]);    MULADD(at[20], at[44]);    MULADD(at[21], at[43]);    MULADD(at[22], at[42]);    MULADD(at[23], at[41]);    MULADD(at[24], at[40]);    MULADD(at[25], at[39]);    MULADD(at[26], at[38]);    MULADD(at[27], at[37]); 
+   COMBA_STORE(C->dp[36]);
+   /* 37 */
+   COMBA_FORWARD;
+   MULADD(at[10], at[55]);    MULADD(at[11], at[54]);    MULADD(at[12], at[53]);    MULADD(at[13], at[52]);    MULADD(at[14], at[51]);    MULADD(at[15], at[50]);    MULADD(at[16], at[49]);    MULADD(at[17], at[48]);    MULADD(at[18], at[47]);    MULADD(at[19], at[46]);    MULADD(at[20], at[45]);    MULADD(at[21], at[44]);    MULADD(at[22], at[43]);    MULADD(at[23], at[42]);    MULADD(at[24], at[41]);    MULADD(at[25], at[40]);    MULADD(at[26], at[39]);    MULADD(at[27], at[38]); 
+   COMBA_STORE(C->dp[37]);
+   /* 38 */
+   COMBA_FORWARD;
+   MULADD(at[11], at[55]);    MULADD(at[12], at[54]);    MULADD(at[13], at[53]);    MULADD(at[14], at[52]);    MULADD(at[15], at[51]);    MULADD(at[16], at[50]);    MULADD(at[17], at[49]);    MULADD(at[18], at[48]);    MULADD(at[19], at[47]);    MULADD(at[20], at[46]);    MULADD(at[21], at[45]);    MULADD(at[22], at[44]);    MULADD(at[23], at[43]);    MULADD(at[24], at[42]);    MULADD(at[25], at[41]);    MULADD(at[26], at[40]);    MULADD(at[27], at[39]); 
+   COMBA_STORE(C->dp[38]);
+   /* 39 */
+   COMBA_FORWARD;
+   MULADD(at[12], at[55]);    MULADD(at[13], at[54]);    MULADD(at[14], at[53]);    MULADD(at[15], at[52]);    MULADD(at[16], at[51]);    MULADD(at[17], at[50]);    MULADD(at[18], at[49]);    MULADD(at[19], at[48]);    MULADD(at[20], at[47]);    MULADD(at[21], at[46]);    MULADD(at[22], at[45]);    MULADD(at[23], at[44]);    MULADD(at[24], at[43]);    MULADD(at[25], at[42]);    MULADD(at[26], at[41]);    MULADD(at[27], at[40]); 
+   COMBA_STORE(C->dp[39]);
+   /* 40 */
+   COMBA_FORWARD;
+   MULADD(at[13], at[55]);    MULADD(at[14], at[54]);    MULADD(at[15], at[53]);    MULADD(at[16], at[52]);    MULADD(at[17], at[51]);    MULADD(at[18], at[50]);    MULADD(at[19], at[49]);    MULADD(at[20], at[48]);    MULADD(at[21], at[47]);    MULADD(at[22], at[46]);    MULADD(at[23], at[45]);    MULADD(at[24], at[44]);    MULADD(at[25], at[43]);    MULADD(at[26], at[42]);    MULADD(at[27], at[41]); 
+   COMBA_STORE(C->dp[40]);
+   /* 41 */
+   COMBA_FORWARD;
+   MULADD(at[14], at[55]);    MULADD(at[15], at[54]);    MULADD(at[16], at[53]);    MULADD(at[17], at[52]);    MULADD(at[18], at[51]);    MULADD(at[19], at[50]);    MULADD(at[20], at[49]);    MULADD(at[21], at[48]);    MULADD(at[22], at[47]);    MULADD(at[23], at[46]);    MULADD(at[24], at[45]);    MULADD(at[25], at[44]);    MULADD(at[26], at[43]);    MULADD(at[27], at[42]); 
+   COMBA_STORE(C->dp[41]);
+   /* 42 */
+   COMBA_FORWARD;
+   MULADD(at[15], at[55]);    MULADD(at[16], at[54]);    MULADD(at[17], at[53]);    MULADD(at[18], at[52]);    MULADD(at[19], at[51]);    MULADD(at[20], at[50]);    MULADD(at[21], at[49]);    MULADD(at[22], at[48]);    MULADD(at[23], at[47]);    MULADD(at[24], at[46]);    MULADD(at[25], at[45]);    MULADD(at[26], at[44]);    MULADD(at[27], at[43]); 
+   COMBA_STORE(C->dp[42]);
+   /* 43 */
+   COMBA_FORWARD;
+   MULADD(at[16], at[55]);    MULADD(at[17], at[54]);    MULADD(at[18], at[53]);    MULADD(at[19], at[52]);    MULADD(at[20], at[51]);    MULADD(at[21], at[50]);    MULADD(at[22], at[49]);    MULADD(at[23], at[48]);    MULADD(at[24], at[47]);    MULADD(at[25], at[46]);    MULADD(at[26], at[45]);    MULADD(at[27], at[44]); 
+   COMBA_STORE(C->dp[43]);
+   /* 44 */
+   COMBA_FORWARD;
+   MULADD(at[17], at[55]);    MULADD(at[18], at[54]);    MULADD(at[19], at[53]);    MULADD(at[20], at[52]);    MULADD(at[21], at[51]);    MULADD(at[22], at[50]);    MULADD(at[23], at[49]);    MULADD(at[24], at[48]);    MULADD(at[25], at[47]);    MULADD(at[26], at[46]);    MULADD(at[27], at[45]); 
+   COMBA_STORE(C->dp[44]);
+   /* 45 */
+   COMBA_FORWARD;
+   MULADD(at[18], at[55]);    MULADD(at[19], at[54]);    MULADD(at[20], at[53]);    MULADD(at[21], at[52]);    MULADD(at[22], at[51]);    MULADD(at[23], at[50]);    MULADD(at[24], at[49]);    MULADD(at[25], at[48]);    MULADD(at[26], at[47]);    MULADD(at[27], at[46]); 
+   COMBA_STORE(C->dp[45]);
+   /* 46 */
+   COMBA_FORWARD;
+   MULADD(at[19], at[55]);    MULADD(at[20], at[54]);    MULADD(at[21], at[53]);    MULADD(at[22], at[52]);    MULADD(at[23], at[51]);    MULADD(at[24], at[50]);    MULADD(at[25], at[49]);    MULADD(at[26], at[48]);    MULADD(at[27], at[47]); 
+   COMBA_STORE(C->dp[46]);
+   /* 47 */
+   COMBA_FORWARD;
+   MULADD(at[20], at[55]);    MULADD(at[21], at[54]);    MULADD(at[22], at[53]);    MULADD(at[23], at[52]);    MULADD(at[24], at[51]);    MULADD(at[25], at[50]);    MULADD(at[26], at[49]);    MULADD(at[27], at[48]); 
+   COMBA_STORE(C->dp[47]);
+   /* 48 */
+   COMBA_FORWARD;
+   MULADD(at[21], at[55]);    MULADD(at[22], at[54]);    MULADD(at[23], at[53]);    MULADD(at[24], at[52]);    MULADD(at[25], at[51]);    MULADD(at[26], at[50]);    MULADD(at[27], at[49]); 
+   COMBA_STORE(C->dp[48]);
+   /* 49 */
+   COMBA_FORWARD;
+   MULADD(at[22], at[55]);    MULADD(at[23], at[54]);    MULADD(at[24], at[53]);    MULADD(at[25], at[52]);    MULADD(at[26], at[51]);    MULADD(at[27], at[50]); 
+   COMBA_STORE(C->dp[49]);
+   /* 50 */
+   COMBA_FORWARD;
+   MULADD(at[23], at[55]);    MULADD(at[24], at[54]);    MULADD(at[25], at[53]);    MULADD(at[26], at[52]);    MULADD(at[27], at[51]); 
+   COMBA_STORE(C->dp[50]);
+   /* 51 */
+   COMBA_FORWARD;
+   MULADD(at[24], at[55]);    MULADD(at[25], at[54]);    MULADD(at[26], at[53]);    MULADD(at[27], at[52]); 
+   COMBA_STORE(C->dp[51]);
+   /* 52 */
+   COMBA_FORWARD;
+   MULADD(at[25], at[55]);    MULADD(at[26], at[54]);    MULADD(at[27], at[53]); 
+   COMBA_STORE(C->dp[52]);
+   /* 53 */
+   COMBA_FORWARD;
+   MULADD(at[26], at[55]);    MULADD(at[27], at[54]); 
+   COMBA_STORE(C->dp[53]);
+   /* 54 */
+   COMBA_FORWARD;
+   MULADD(at[27], at[55]); 
+   COMBA_STORE(C->dp[54]);
+   COMBA_STORE2(C->dp[55]);
+   C->used = 56;
+   C->sign = A->sign ^ B->sign;
+   fp_clamp(C);
+   COMBA_FINI;
+}
+#endif
diff --git a/3P/wolfssl/wolfcrypt/src/fp_mul_comba_3.i b/3P/wolfssl/wolfcrypt/src/fp_mul_comba_3.i
new file mode 100644
index 00000000..440291e3
--- /dev/null
+++ b/3P/wolfssl/wolfcrypt/src/fp_mul_comba_3.i
@@ -0,0 +1,58 @@
+/* fp_mul_comba_3.i
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#ifdef TFM_MUL3
+void fp_mul_comba3(fp_int *A, fp_int *B, fp_int *C)
+{
+   fp_digit c0, c1, c2, at[6];
+
+   memcpy(at, A->dp, 3 * sizeof(fp_digit));
+   memcpy(at+3, B->dp, 3 * sizeof(fp_digit));
+   COMBA_START;
+
+   COMBA_CLEAR;
+   /* 0 */
+   MULADD(at[0], at[3]); 
+   COMBA_STORE(C->dp[0]);
+   /* 1 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[4]);    MULADD(at[1], at[3]); 
+   COMBA_STORE(C->dp[1]);
+   /* 2 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[5]);    MULADD(at[1], at[4]);    MULADD(at[2], at[3]); 
+   COMBA_STORE(C->dp[2]);
+   /* 3 */
+   COMBA_FORWARD;
+   MULADD(at[1], at[5]);    MULADD(at[2], at[4]); 
+   COMBA_STORE(C->dp[3]);
+   /* 4 */
+   COMBA_FORWARD;
+   MULADD(at[2], at[5]); 
+   COMBA_STORE(C->dp[4]);
+   COMBA_STORE2(C->dp[5]);
+   C->used = 6;
+   C->sign = A->sign ^ B->sign;
+   fp_clamp(C);
+   COMBA_FINI;
+}
+#endif
diff --git a/3P/wolfssl/wolfcrypt/src/fp_mul_comba_32.i b/3P/wolfssl/wolfcrypt/src/fp_mul_comba_32.i
new file mode 100644
index 00000000..905028d1
--- /dev/null
+++ b/3P/wolfssl/wolfcrypt/src/fp_mul_comba_32.i
@@ -0,0 +1,304 @@
+/* fp_mul_comba_32.i
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#ifdef TFM_MUL32
+void fp_mul_comba32(fp_int *A, fp_int *B, fp_int *C)
+{
+   fp_digit c0, c1, c2, at[64];
+   int out_size;
+
+   out_size = A->used + B->used;
+   memcpy(at, A->dp, 32 * sizeof(fp_digit));
+   memcpy(at+32, B->dp, 32 * sizeof(fp_digit));
+   COMBA_START;
+
+   COMBA_CLEAR;
+   /* 0 */
+   MULADD(at[0], at[32]); 
+   COMBA_STORE(C->dp[0]);
+   /* 1 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[33]);    MULADD(at[1], at[32]); 
+   COMBA_STORE(C->dp[1]);
+   /* 2 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[34]);    MULADD(at[1], at[33]);    MULADD(at[2], at[32]); 
+   COMBA_STORE(C->dp[2]);
+   /* 3 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[35]);    MULADD(at[1], at[34]);    MULADD(at[2], at[33]);    MULADD(at[3], at[32]); 
+   COMBA_STORE(C->dp[3]);
+   /* 4 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[36]);    MULADD(at[1], at[35]);    MULADD(at[2], at[34]);    MULADD(at[3], at[33]);    MULADD(at[4], at[32]); 
+   COMBA_STORE(C->dp[4]);
+   /* 5 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[37]);    MULADD(at[1], at[36]);    MULADD(at[2], at[35]);    MULADD(at[3], at[34]);    MULADD(at[4], at[33]);    MULADD(at[5], at[32]); 
+   COMBA_STORE(C->dp[5]);
+   /* 6 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[38]);    MULADD(at[1], at[37]);    MULADD(at[2], at[36]);    MULADD(at[3], at[35]);    MULADD(at[4], at[34]);    MULADD(at[5], at[33]);    MULADD(at[6], at[32]); 
+   COMBA_STORE(C->dp[6]);
+   /* 7 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[39]);    MULADD(at[1], at[38]);    MULADD(at[2], at[37]);    MULADD(at[3], at[36]);    MULADD(at[4], at[35]);    MULADD(at[5], at[34]);    MULADD(at[6], at[33]);    MULADD(at[7], at[32]); 
+   COMBA_STORE(C->dp[7]);
+   /* 8 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[40]);    MULADD(at[1], at[39]);    MULADD(at[2], at[38]);    MULADD(at[3], at[37]);    MULADD(at[4], at[36]);    MULADD(at[5], at[35]);    MULADD(at[6], at[34]);    MULADD(at[7], at[33]);    MULADD(at[8], at[32]); 
+   COMBA_STORE(C->dp[8]);
+   /* 9 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[41]);    MULADD(at[1], at[40]);    MULADD(at[2], at[39]);    MULADD(at[3], at[38]);    MULADD(at[4], at[37]);    MULADD(at[5], at[36]);    MULADD(at[6], at[35]);    MULADD(at[7], at[34]);    MULADD(at[8], at[33]);    MULADD(at[9], at[32]); 
+   COMBA_STORE(C->dp[9]);
+   /* 10 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[42]);    MULADD(at[1], at[41]);    MULADD(at[2], at[40]);    MULADD(at[3], at[39]);    MULADD(at[4], at[38]);    MULADD(at[5], at[37]);    MULADD(at[6], at[36]);    MULADD(at[7], at[35]);    MULADD(at[8], at[34]);    MULADD(at[9], at[33]);    MULADD(at[10], at[32]); 
+   COMBA_STORE(C->dp[10]);
+   /* 11 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[43]);    MULADD(at[1], at[42]);    MULADD(at[2], at[41]);    MULADD(at[3], at[40]);    MULADD(at[4], at[39]);    MULADD(at[5], at[38]);    MULADD(at[6], at[37]);    MULADD(at[7], at[36]);    MULADD(at[8], at[35]);    MULADD(at[9], at[34]);    MULADD(at[10], at[33]);    MULADD(at[11], at[32]); 
+   COMBA_STORE(C->dp[11]);
+   /* 12 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[44]);    MULADD(at[1], at[43]);    MULADD(at[2], at[42]);    MULADD(at[3], at[41]);    MULADD(at[4], at[40]);    MULADD(at[5], at[39]);    MULADD(at[6], at[38]);    MULADD(at[7], at[37]);    MULADD(at[8], at[36]);    MULADD(at[9], at[35]);    MULADD(at[10], at[34]);    MULADD(at[11], at[33]);    MULADD(at[12], at[32]); 
+   COMBA_STORE(C->dp[12]);
+   /* 13 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[45]);    MULADD(at[1], at[44]);    MULADD(at[2], at[43]);    MULADD(at[3], at[42]);    MULADD(at[4], at[41]);    MULADD(at[5], at[40]);    MULADD(at[6], at[39]);    MULADD(at[7], at[38]);    MULADD(at[8], at[37]);    MULADD(at[9], at[36]);    MULADD(at[10], at[35]);    MULADD(at[11], at[34]);    MULADD(at[12], at[33]);    MULADD(at[13], at[32]); 
+   COMBA_STORE(C->dp[13]);
+   /* 14 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[46]);    MULADD(at[1], at[45]);    MULADD(at[2], at[44]);    MULADD(at[3], at[43]);    MULADD(at[4], at[42]);    MULADD(at[5], at[41]);    MULADD(at[6], at[40]);    MULADD(at[7], at[39]);    MULADD(at[8], at[38]);    MULADD(at[9], at[37]);    MULADD(at[10], at[36]);    MULADD(at[11], at[35]);    MULADD(at[12], at[34]);    MULADD(at[13], at[33]);    MULADD(at[14], at[32]); 
+   COMBA_STORE(C->dp[14]);
+   /* 15 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[47]);    MULADD(at[1], at[46]);    MULADD(at[2], at[45]);    MULADD(at[3], at[44]);    MULADD(at[4], at[43]);    MULADD(at[5], at[42]);    MULADD(at[6], at[41]);    MULADD(at[7], at[40]);    MULADD(at[8], at[39]);    MULADD(at[9], at[38]);    MULADD(at[10], at[37]);    MULADD(at[11], at[36]);    MULADD(at[12], at[35]);    MULADD(at[13], at[34]);    MULADD(at[14], at[33]);    MULADD(at[15], at[32]); 
+   COMBA_STORE(C->dp[15]);
+   /* 16 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[48]);    MULADD(at[1], at[47]);    MULADD(at[2], at[46]);    MULADD(at[3], at[45]);    MULADD(at[4], at[44]);    MULADD(at[5], at[43]);    MULADD(at[6], at[42]);    MULADD(at[7], at[41]);    MULADD(at[8], at[40]);    MULADD(at[9], at[39]);    MULADD(at[10], at[38]);    MULADD(at[11], at[37]);    MULADD(at[12], at[36]);    MULADD(at[13], at[35]);    MULADD(at[14], at[34]);    MULADD(at[15], at[33]);    MULADD(at[16], at[32]); 
+   COMBA_STORE(C->dp[16]);
+   /* 17 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[49]);    MULADD(at[1], at[48]);    MULADD(at[2], at[47]);    MULADD(at[3], at[46]);    MULADD(at[4], at[45]);    MULADD(at[5], at[44]);    MULADD(at[6], at[43]);    MULADD(at[7], at[42]);    MULADD(at[8], at[41]);    MULADD(at[9], at[40]);    MULADD(at[10], at[39]);    MULADD(at[11], at[38]);    MULADD(at[12], at[37]);    MULADD(at[13], at[36]);    MULADD(at[14], at[35]);    MULADD(at[15], at[34]);    MULADD(at[16], at[33]);    MULADD(at[17], at[32]); 
+   COMBA_STORE(C->dp[17]);
+   /* 18 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[50]);    MULADD(at[1], at[49]);    MULADD(at[2], at[48]);    MULADD(at[3], at[47]);    MULADD(at[4], at[46]);    MULADD(at[5], at[45]);    MULADD(at[6], at[44]);    MULADD(at[7], at[43]);    MULADD(at[8], at[42]);    MULADD(at[9], at[41]);    MULADD(at[10], at[40]);    MULADD(at[11], at[39]);    MULADD(at[12], at[38]);    MULADD(at[13], at[37]);    MULADD(at[14], at[36]);    MULADD(at[15], at[35]);    MULADD(at[16], at[34]);    MULADD(at[17], at[33]);    MULADD(at[18], at[32]); 
+   COMBA_STORE(C->dp[18]);
+   /* 19 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[51]);    MULADD(at[1], at[50]);    MULADD(at[2], at[49]);    MULADD(at[3], at[48]);    MULADD(at[4], at[47]);    MULADD(at[5], at[46]);    MULADD(at[6], at[45]);    MULADD(at[7], at[44]);    MULADD(at[8], at[43]);    MULADD(at[9], at[42]);    MULADD(at[10], at[41]);    MULADD(at[11], at[40]);    MULADD(at[12], at[39]);    MULADD(at[13], at[38]);    MULADD(at[14], at[37]);    MULADD(at[15], at[36]);    MULADD(at[16], at[35]);    MULADD(at[17], at[34]);    MULADD(at[18], at[33]);    MULADD(at[19], at[32]); 
+   COMBA_STORE(C->dp[19]);
+   /* 20 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[52]);    MULADD(at[1], at[51]);    MULADD(at[2], at[50]);    MULADD(at[3], at[49]);    MULADD(at[4], at[48]);    MULADD(at[5], at[47]);    MULADD(at[6], at[46]);    MULADD(at[7], at[45]);    MULADD(at[8], at[44]);    MULADD(at[9], at[43]);    MULADD(at[10], at[42]);    MULADD(at[11], at[41]);    MULADD(at[12], at[40]);    MULADD(at[13], at[39]);    MULADD(at[14], at[38]);    MULADD(at[15], at[37]);    MULADD(at[16], at[36]);    MULADD(at[17], at[35]);    MULADD(at[18], at[34]);    MULADD(at[19], at[33]);    MULADD(at[20], at[32]); 
+   COMBA_STORE(C->dp[20]);
+   /* 21 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[53]);    MULADD(at[1], at[52]);    MULADD(at[2], at[51]);    MULADD(at[3], at[50]);    MULADD(at[4], at[49]);    MULADD(at[5], at[48]);    MULADD(at[6], at[47]);    MULADD(at[7], at[46]);    MULADD(at[8], at[45]);    MULADD(at[9], at[44]);    MULADD(at[10], at[43]);    MULADD(at[11], at[42]);    MULADD(at[12], at[41]);    MULADD(at[13], at[40]);    MULADD(at[14], at[39]);    MULADD(at[15], at[38]);    MULADD(at[16], at[37]);    MULADD(at[17], at[36]);    MULADD(at[18], at[35]);    MULADD(at[19], at[34]);    MULADD(at[20], at[33]);    MULADD(at[21], at[32]); 
+   COMBA_STORE(C->dp[21]);
+   /* 22 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[54]);    MULADD(at[1], at[53]);    MULADD(at[2], at[52]);    MULADD(at[3], at[51]);    MULADD(at[4], at[50]);    MULADD(at[5], at[49]);    MULADD(at[6], at[48]);    MULADD(at[7], at[47]);    MULADD(at[8], at[46]);    MULADD(at[9], at[45]);    MULADD(at[10], at[44]);    MULADD(at[11], at[43]);    MULADD(at[12], at[42]);    MULADD(at[13], at[41]);    MULADD(at[14], at[40]);    MULADD(at[15], at[39]);    MULADD(at[16], at[38]);    MULADD(at[17], at[37]);    MULADD(at[18], at[36]);    MULADD(at[19], at[35]);    MULADD(at[20], at[34]);    MULADD(at[21], at[33]);    MULADD(at[22], at[32]); 
+   COMBA_STORE(C->dp[22]);
+   /* 23 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[55]);    MULADD(at[1], at[54]);    MULADD(at[2], at[53]);    MULADD(at[3], at[52]);    MULADD(at[4], at[51]);    MULADD(at[5], at[50]);    MULADD(at[6], at[49]);    MULADD(at[7], at[48]);    MULADD(at[8], at[47]);    MULADD(at[9], at[46]);    MULADD(at[10], at[45]);    MULADD(at[11], at[44]);    MULADD(at[12], at[43]);    MULADD(at[13], at[42]);    MULADD(at[14], at[41]);    MULADD(at[15], at[40]);    MULADD(at[16], at[39]);    MULADD(at[17], at[38]);    MULADD(at[18], at[37]);    MULADD(at[19], at[36]);    MULADD(at[20], at[35]);    MULADD(at[21], at[34]);    MULADD(at[22], at[33]);    MULADD(at[23], at[32]); 
+   COMBA_STORE(C->dp[23]);
+   /* 24 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[56]);    MULADD(at[1], at[55]);    MULADD(at[2], at[54]);    MULADD(at[3], at[53]);    MULADD(at[4], at[52]);    MULADD(at[5], at[51]);    MULADD(at[6], at[50]);    MULADD(at[7], at[49]);    MULADD(at[8], at[48]);    MULADD(at[9], at[47]);    MULADD(at[10], at[46]);    MULADD(at[11], at[45]);    MULADD(at[12], at[44]);    MULADD(at[13], at[43]);    MULADD(at[14], at[42]);    MULADD(at[15], at[41]);    MULADD(at[16], at[40]);    MULADD(at[17], at[39]);    MULADD(at[18], at[38]);    MULADD(at[19], at[37]);    MULADD(at[20], at[36]);    MULADD(at[21], at[35]);    MULADD(at[22], at[34]);    MULADD(at[23], at[33]);    MULADD(at[24], at[32]); 
+   COMBA_STORE(C->dp[24]);
+   /* 25 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[57]);    MULADD(at[1], at[56]);    MULADD(at[2], at[55]);    MULADD(at[3], at[54]);    MULADD(at[4], at[53]);    MULADD(at[5], at[52]);    MULADD(at[6], at[51]);    MULADD(at[7], at[50]);    MULADD(at[8], at[49]);    MULADD(at[9], at[48]);    MULADD(at[10], at[47]);    MULADD(at[11], at[46]);    MULADD(at[12], at[45]);    MULADD(at[13], at[44]);    MULADD(at[14], at[43]);    MULADD(at[15], at[42]);    MULADD(at[16], at[41]);    MULADD(at[17], at[40]);    MULADD(at[18], at[39]);    MULADD(at[19], at[38]);    MULADD(at[20], at[37]);    MULADD(at[21], at[36]);    MULADD(at[22], at[35]);    MULADD(at[23], at[34]);    MULADD(at[24], at[33]);    MULADD(at[25], at[32]); 
+   COMBA_STORE(C->dp[25]);
+   /* 26 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[58]);    MULADD(at[1], at[57]);    MULADD(at[2], at[56]);    MULADD(at[3], at[55]);    MULADD(at[4], at[54]);    MULADD(at[5], at[53]);    MULADD(at[6], at[52]);    MULADD(at[7], at[51]);    MULADD(at[8], at[50]);    MULADD(at[9], at[49]);    MULADD(at[10], at[48]);    MULADD(at[11], at[47]);    MULADD(at[12], at[46]);    MULADD(at[13], at[45]);    MULADD(at[14], at[44]);    MULADD(at[15], at[43]);    MULADD(at[16], at[42]);    MULADD(at[17], at[41]);    MULADD(at[18], at[40]);    MULADD(at[19], at[39]);    MULADD(at[20], at[38]);    MULADD(at[21], at[37]);    MULADD(at[22], at[36]);    MULADD(at[23], at[35]);    MULADD(at[24], at[34]);    MULADD(at[25], at[33]);    MULADD(at[26], at[32]); 
+   COMBA_STORE(C->dp[26]);
+   /* 27 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[59]);    MULADD(at[1], at[58]);    MULADD(at[2], at[57]);    MULADD(at[3], at[56]);    MULADD(at[4], at[55]);    MULADD(at[5], at[54]);    MULADD(at[6], at[53]);    MULADD(at[7], at[52]);    MULADD(at[8], at[51]);    MULADD(at[9], at[50]);    MULADD(at[10], at[49]);    MULADD(at[11], at[48]);    MULADD(at[12], at[47]);    MULADD(at[13], at[46]);    MULADD(at[14], at[45]);    MULADD(at[15], at[44]);    MULADD(at[16], at[43]);    MULADD(at[17], at[42]);    MULADD(at[18], at[41]);    MULADD(at[19], at[40]);    MULADD(at[20], at[39]);    MULADD(at[21], at[38]);    MULADD(at[22], at[37]);    MULADD(at[23], at[36]);    MULADD(at[24], at[35]);    MULADD(at[25], at[34]);    MULADD(at[26], at[33]);    MULADD(at[27], at[32]); 
+   COMBA_STORE(C->dp[27]);
+   /* 28 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[60]);    MULADD(at[1], at[59]);    MULADD(at[2], at[58]);    MULADD(at[3], at[57]);    MULADD(at[4], at[56]);    MULADD(at[5], at[55]);    MULADD(at[6], at[54]);    MULADD(at[7], at[53]);    MULADD(at[8], at[52]);    MULADD(at[9], at[51]);    MULADD(at[10], at[50]);    MULADD(at[11], at[49]);    MULADD(at[12], at[48]);    MULADD(at[13], at[47]);    MULADD(at[14], at[46]);    MULADD(at[15], at[45]);    MULADD(at[16], at[44]);    MULADD(at[17], at[43]);    MULADD(at[18], at[42]);    MULADD(at[19], at[41]);    MULADD(at[20], at[40]);    MULADD(at[21], at[39]);    MULADD(at[22], at[38]);    MULADD(at[23], at[37]);    MULADD(at[24], at[36]);    MULADD(at[25], at[35]);    MULADD(at[26], at[34]);    MULADD(at[27], at[33]);    MULADD(at[28], at[32]); 
+   COMBA_STORE(C->dp[28]);
+   /* 29 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[61]);    MULADD(at[1], at[60]);    MULADD(at[2], at[59]);    MULADD(at[3], at[58]);    MULADD(at[4], at[57]);    MULADD(at[5], at[56]);    MULADD(at[6], at[55]);    MULADD(at[7], at[54]);    MULADD(at[8], at[53]);    MULADD(at[9], at[52]);    MULADD(at[10], at[51]);    MULADD(at[11], at[50]);    MULADD(at[12], at[49]);    MULADD(at[13], at[48]);    MULADD(at[14], at[47]);    MULADD(at[15], at[46]);    MULADD(at[16], at[45]);    MULADD(at[17], at[44]);    MULADD(at[18], at[43]);    MULADD(at[19], at[42]);    MULADD(at[20], at[41]);    MULADD(at[21], at[40]);    MULADD(at[22], at[39]);    MULADD(at[23], at[38]);    MULADD(at[24], at[37]);    MULADD(at[25], at[36]);    MULADD(at[26], at[35]);    MULADD(at[27], at[34]);    MULADD(at[28], at[33]);    MULADD(at[29], at[32]); 
+   COMBA_STORE(C->dp[29]);
+   /* 30 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[62]);    MULADD(at[1], at[61]);    MULADD(at[2], at[60]);    MULADD(at[3], at[59]);    MULADD(at[4], at[58]);    MULADD(at[5], at[57]);    MULADD(at[6], at[56]);    MULADD(at[7], at[55]);    MULADD(at[8], at[54]);    MULADD(at[9], at[53]);    MULADD(at[10], at[52]);    MULADD(at[11], at[51]);    MULADD(at[12], at[50]);    MULADD(at[13], at[49]);    MULADD(at[14], at[48]);    MULADD(at[15], at[47]);    MULADD(at[16], at[46]);    MULADD(at[17], at[45]);    MULADD(at[18], at[44]);    MULADD(at[19], at[43]);    MULADD(at[20], at[42]);    MULADD(at[21], at[41]);    MULADD(at[22], at[40]);    MULADD(at[23], at[39]);    MULADD(at[24], at[38]);    MULADD(at[25], at[37]);    MULADD(at[26], at[36]);    MULADD(at[27], at[35]);    MULADD(at[28], at[34]);    MULADD(at[29], at[33]);    MULADD(at[30], at[32]); 
+   COMBA_STORE(C->dp[30]);
+   /* 31 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[63]);    MULADD(at[1], at[62]);    MULADD(at[2], at[61]);    MULADD(at[3], at[60]);    MULADD(at[4], at[59]);    MULADD(at[5], at[58]);    MULADD(at[6], at[57]);    MULADD(at[7], at[56]);    MULADD(at[8], at[55]);    MULADD(at[9], at[54]);    MULADD(at[10], at[53]);    MULADD(at[11], at[52]);    MULADD(at[12], at[51]);    MULADD(at[13], at[50]);    MULADD(at[14], at[49]);    MULADD(at[15], at[48]);    MULADD(at[16], at[47]);    MULADD(at[17], at[46]);    MULADD(at[18], at[45]);    MULADD(at[19], at[44]);    MULADD(at[20], at[43]);    MULADD(at[21], at[42]);    MULADD(at[22], at[41]);    MULADD(at[23], at[40]);    MULADD(at[24], at[39]);    MULADD(at[25], at[38]);    MULADD(at[26], at[37]);    MULADD(at[27], at[36]);    MULADD(at[28], at[35]);    MULADD(at[29], at[34]);    MULADD(at[30], at[33]);    MULADD(at[31], at[32]); 
+   COMBA_STORE(C->dp[31]);
+   /* 32 */
+   COMBA_FORWARD;
+   MULADD(at[1], at[63]);    MULADD(at[2], at[62]);    MULADD(at[3], at[61]);    MULADD(at[4], at[60]);    MULADD(at[5], at[59]);    MULADD(at[6], at[58]);    MULADD(at[7], at[57]);    MULADD(at[8], at[56]);    MULADD(at[9], at[55]);    MULADD(at[10], at[54]);    MULADD(at[11], at[53]);    MULADD(at[12], at[52]);    MULADD(at[13], at[51]);    MULADD(at[14], at[50]);    MULADD(at[15], at[49]);    MULADD(at[16], at[48]);    MULADD(at[17], at[47]);    MULADD(at[18], at[46]);    MULADD(at[19], at[45]);    MULADD(at[20], at[44]);    MULADD(at[21], at[43]);    MULADD(at[22], at[42]);    MULADD(at[23], at[41]);    MULADD(at[24], at[40]);    MULADD(at[25], at[39]);    MULADD(at[26], at[38]);    MULADD(at[27], at[37]);    MULADD(at[28], at[36]);    MULADD(at[29], at[35]);    MULADD(at[30], at[34]);    MULADD(at[31], at[33]); 
+   COMBA_STORE(C->dp[32]);
+   /* 33 */
+   COMBA_FORWARD;
+   MULADD(at[2], at[63]);    MULADD(at[3], at[62]);    MULADD(at[4], at[61]);    MULADD(at[5], at[60]);    MULADD(at[6], at[59]);    MULADD(at[7], at[58]);    MULADD(at[8], at[57]);    MULADD(at[9], at[56]);    MULADD(at[10], at[55]);    MULADD(at[11], at[54]);    MULADD(at[12], at[53]);    MULADD(at[13], at[52]);    MULADD(at[14], at[51]);    MULADD(at[15], at[50]);    MULADD(at[16], at[49]);    MULADD(at[17], at[48]);    MULADD(at[18], at[47]);    MULADD(at[19], at[46]);    MULADD(at[20], at[45]);    MULADD(at[21], at[44]);    MULADD(at[22], at[43]);    MULADD(at[23], at[42]);    MULADD(at[24], at[41]);    MULADD(at[25], at[40]);    MULADD(at[26], at[39]);    MULADD(at[27], at[38]);    MULADD(at[28], at[37]);    MULADD(at[29], at[36]);    MULADD(at[30], at[35]);    MULADD(at[31], at[34]); 
+   COMBA_STORE(C->dp[33]);
+   /* 34 */
+   COMBA_FORWARD;
+   MULADD(at[3], at[63]);    MULADD(at[4], at[62]);    MULADD(at[5], at[61]);    MULADD(at[6], at[60]);    MULADD(at[7], at[59]);    MULADD(at[8], at[58]);    MULADD(at[9], at[57]);    MULADD(at[10], at[56]);    MULADD(at[11], at[55]);    MULADD(at[12], at[54]);    MULADD(at[13], at[53]);    MULADD(at[14], at[52]);    MULADD(at[15], at[51]);    MULADD(at[16], at[50]);    MULADD(at[17], at[49]);    MULADD(at[18], at[48]);    MULADD(at[19], at[47]);    MULADD(at[20], at[46]);    MULADD(at[21], at[45]);    MULADD(at[22], at[44]);    MULADD(at[23], at[43]);    MULADD(at[24], at[42]);    MULADD(at[25], at[41]);    MULADD(at[26], at[40]);    MULADD(at[27], at[39]);    MULADD(at[28], at[38]);    MULADD(at[29], at[37]);    MULADD(at[30], at[36]);    MULADD(at[31], at[35]); 
+   COMBA_STORE(C->dp[34]);
+   /* 35 */
+   COMBA_FORWARD;
+   MULADD(at[4], at[63]);    MULADD(at[5], at[62]);    MULADD(at[6], at[61]);    MULADD(at[7], at[60]);    MULADD(at[8], at[59]);    MULADD(at[9], at[58]);    MULADD(at[10], at[57]);    MULADD(at[11], at[56]);    MULADD(at[12], at[55]);    MULADD(at[13], at[54]);    MULADD(at[14], at[53]);    MULADD(at[15], at[52]);    MULADD(at[16], at[51]);    MULADD(at[17], at[50]);    MULADD(at[18], at[49]);    MULADD(at[19], at[48]);    MULADD(at[20], at[47]);    MULADD(at[21], at[46]);    MULADD(at[22], at[45]);    MULADD(at[23], at[44]);    MULADD(at[24], at[43]);    MULADD(at[25], at[42]);    MULADD(at[26], at[41]);    MULADD(at[27], at[40]);    MULADD(at[28], at[39]);    MULADD(at[29], at[38]);    MULADD(at[30], at[37]);    MULADD(at[31], at[36]); 
+   COMBA_STORE(C->dp[35]);
+   /* 36 */
+   COMBA_FORWARD;
+   MULADD(at[5], at[63]);    MULADD(at[6], at[62]);    MULADD(at[7], at[61]);    MULADD(at[8], at[60]);    MULADD(at[9], at[59]);    MULADD(at[10], at[58]);    MULADD(at[11], at[57]);    MULADD(at[12], at[56]);    MULADD(at[13], at[55]);    MULADD(at[14], at[54]);    MULADD(at[15], at[53]);    MULADD(at[16], at[52]);    MULADD(at[17], at[51]);    MULADD(at[18], at[50]);    MULADD(at[19], at[49]);    MULADD(at[20], at[48]);    MULADD(at[21], at[47]);    MULADD(at[22], at[46]);    MULADD(at[23], at[45]);    MULADD(at[24], at[44]);    MULADD(at[25], at[43]);    MULADD(at[26], at[42]);    MULADD(at[27], at[41]);    MULADD(at[28], at[40]);    MULADD(at[29], at[39]);    MULADD(at[30], at[38]);    MULADD(at[31], at[37]); 
+   COMBA_STORE(C->dp[36]);
+   /* 37 */
+   COMBA_FORWARD;
+   MULADD(at[6], at[63]);    MULADD(at[7], at[62]);    MULADD(at[8], at[61]);    MULADD(at[9], at[60]);    MULADD(at[10], at[59]);    MULADD(at[11], at[58]);    MULADD(at[12], at[57]);    MULADD(at[13], at[56]);    MULADD(at[14], at[55]);    MULADD(at[15], at[54]);    MULADD(at[16], at[53]);    MULADD(at[17], at[52]);    MULADD(at[18], at[51]);    MULADD(at[19], at[50]);    MULADD(at[20], at[49]);    MULADD(at[21], at[48]);    MULADD(at[22], at[47]);    MULADD(at[23], at[46]);    MULADD(at[24], at[45]);    MULADD(at[25], at[44]);    MULADD(at[26], at[43]);    MULADD(at[27], at[42]);    MULADD(at[28], at[41]);    MULADD(at[29], at[40]);    MULADD(at[30], at[39]);    MULADD(at[31], at[38]); 
+   COMBA_STORE(C->dp[37]);
+   /* 38 */
+   COMBA_FORWARD;
+   MULADD(at[7], at[63]);    MULADD(at[8], at[62]);    MULADD(at[9], at[61]);    MULADD(at[10], at[60]);    MULADD(at[11], at[59]);    MULADD(at[12], at[58]);    MULADD(at[13], at[57]);    MULADD(at[14], at[56]);    MULADD(at[15], at[55]);    MULADD(at[16], at[54]);    MULADD(at[17], at[53]);    MULADD(at[18], at[52]);    MULADD(at[19], at[51]);    MULADD(at[20], at[50]);    MULADD(at[21], at[49]);    MULADD(at[22], at[48]);    MULADD(at[23], at[47]);    MULADD(at[24], at[46]);    MULADD(at[25], at[45]);    MULADD(at[26], at[44]);    MULADD(at[27], at[43]);    MULADD(at[28], at[42]);    MULADD(at[29], at[41]);    MULADD(at[30], at[40]);    MULADD(at[31], at[39]); 
+   COMBA_STORE(C->dp[38]);
+
+   /* early out at 40 digits, 40*32==1280, or two 640 bit operands */
+   if (out_size <= 40) { COMBA_STORE2(C->dp[39]); C->used = 40; C->sign = A->sign ^ B->sign; fp_clamp(C); COMBA_FINI; return; }
+
+   /* 39 */
+   COMBA_FORWARD;
+   MULADD(at[8], at[63]);    MULADD(at[9], at[62]);    MULADD(at[10], at[61]);    MULADD(at[11], at[60]);    MULADD(at[12], at[59]);    MULADD(at[13], at[58]);    MULADD(at[14], at[57]);    MULADD(at[15], at[56]);    MULADD(at[16], at[55]);    MULADD(at[17], at[54]);    MULADD(at[18], at[53]);    MULADD(at[19], at[52]);    MULADD(at[20], at[51]);    MULADD(at[21], at[50]);    MULADD(at[22], at[49]);    MULADD(at[23], at[48]);    MULADD(at[24], at[47]);    MULADD(at[25], at[46]);    MULADD(at[26], at[45]);    MULADD(at[27], at[44]);    MULADD(at[28], at[43]);    MULADD(at[29], at[42]);    MULADD(at[30], at[41]);    MULADD(at[31], at[40]); 
+   COMBA_STORE(C->dp[39]);
+   /* 40 */
+   COMBA_FORWARD;
+   MULADD(at[9], at[63]);    MULADD(at[10], at[62]);    MULADD(at[11], at[61]);    MULADD(at[12], at[60]);    MULADD(at[13], at[59]);    MULADD(at[14], at[58]);    MULADD(at[15], at[57]);    MULADD(at[16], at[56]);    MULADD(at[17], at[55]);    MULADD(at[18], at[54]);    MULADD(at[19], at[53]);    MULADD(at[20], at[52]);    MULADD(at[21], at[51]);    MULADD(at[22], at[50]);    MULADD(at[23], at[49]);    MULADD(at[24], at[48]);    MULADD(at[25], at[47]);    MULADD(at[26], at[46]);    MULADD(at[27], at[45]);    MULADD(at[28], at[44]);    MULADD(at[29], at[43]);    MULADD(at[30], at[42]);    MULADD(at[31], at[41]); 
+   COMBA_STORE(C->dp[40]);
+   /* 41 */
+   COMBA_FORWARD;
+   MULADD(at[10], at[63]);    MULADD(at[11], at[62]);    MULADD(at[12], at[61]);    MULADD(at[13], at[60]);    MULADD(at[14], at[59]);    MULADD(at[15], at[58]);    MULADD(at[16], at[57]);    MULADD(at[17], at[56]);    MULADD(at[18], at[55]);    MULADD(at[19], at[54]);    MULADD(at[20], at[53]);    MULADD(at[21], at[52]);    MULADD(at[22], at[51]);    MULADD(at[23], at[50]);    MULADD(at[24], at[49]);    MULADD(at[25], at[48]);    MULADD(at[26], at[47]);    MULADD(at[27], at[46]);    MULADD(at[28], at[45]);    MULADD(at[29], at[44]);    MULADD(at[30], at[43]);    MULADD(at[31], at[42]); 
+   COMBA_STORE(C->dp[41]);
+   /* 42 */
+   COMBA_FORWARD;
+   MULADD(at[11], at[63]);    MULADD(at[12], at[62]);    MULADD(at[13], at[61]);    MULADD(at[14], at[60]);    MULADD(at[15], at[59]);    MULADD(at[16], at[58]);    MULADD(at[17], at[57]);    MULADD(at[18], at[56]);    MULADD(at[19], at[55]);    MULADD(at[20], at[54]);    MULADD(at[21], at[53]);    MULADD(at[22], at[52]);    MULADD(at[23], at[51]);    MULADD(at[24], at[50]);    MULADD(at[25], at[49]);    MULADD(at[26], at[48]);    MULADD(at[27], at[47]);    MULADD(at[28], at[46]);    MULADD(at[29], at[45]);    MULADD(at[30], at[44]);    MULADD(at[31], at[43]); 
+   COMBA_STORE(C->dp[42]);
+   /* 43 */
+   COMBA_FORWARD;
+   MULADD(at[12], at[63]);    MULADD(at[13], at[62]);    MULADD(at[14], at[61]);    MULADD(at[15], at[60]);    MULADD(at[16], at[59]);    MULADD(at[17], at[58]);    MULADD(at[18], at[57]);    MULADD(at[19], at[56]);    MULADD(at[20], at[55]);    MULADD(at[21], at[54]);    MULADD(at[22], at[53]);    MULADD(at[23], at[52]);    MULADD(at[24], at[51]);    MULADD(at[25], at[50]);    MULADD(at[26], at[49]);    MULADD(at[27], at[48]);    MULADD(at[28], at[47]);    MULADD(at[29], at[46]);    MULADD(at[30], at[45]);    MULADD(at[31], at[44]); 
+   COMBA_STORE(C->dp[43]);
+   /* 44 */
+   COMBA_FORWARD;
+   MULADD(at[13], at[63]);    MULADD(at[14], at[62]);    MULADD(at[15], at[61]);    MULADD(at[16], at[60]);    MULADD(at[17], at[59]);    MULADD(at[18], at[58]);    MULADD(at[19], at[57]);    MULADD(at[20], at[56]);    MULADD(at[21], at[55]);    MULADD(at[22], at[54]);    MULADD(at[23], at[53]);    MULADD(at[24], at[52]);    MULADD(at[25], at[51]);    MULADD(at[26], at[50]);    MULADD(at[27], at[49]);    MULADD(at[28], at[48]);    MULADD(at[29], at[47]);    MULADD(at[30], at[46]);    MULADD(at[31], at[45]); 
+   COMBA_STORE(C->dp[44]);
+   /* 45 */
+   COMBA_FORWARD;
+   MULADD(at[14], at[63]);    MULADD(at[15], at[62]);    MULADD(at[16], at[61]);    MULADD(at[17], at[60]);    MULADD(at[18], at[59]);    MULADD(at[19], at[58]);    MULADD(at[20], at[57]);    MULADD(at[21], at[56]);    MULADD(at[22], at[55]);    MULADD(at[23], at[54]);    MULADD(at[24], at[53]);    MULADD(at[25], at[52]);    MULADD(at[26], at[51]);    MULADD(at[27], at[50]);    MULADD(at[28], at[49]);    MULADD(at[29], at[48]);    MULADD(at[30], at[47]);    MULADD(at[31], at[46]); 
+   COMBA_STORE(C->dp[45]);
+   /* 46 */
+   COMBA_FORWARD;
+   MULADD(at[15], at[63]);    MULADD(at[16], at[62]);    MULADD(at[17], at[61]);    MULADD(at[18], at[60]);    MULADD(at[19], at[59]);    MULADD(at[20], at[58]);    MULADD(at[21], at[57]);    MULADD(at[22], at[56]);    MULADD(at[23], at[55]);    MULADD(at[24], at[54]);    MULADD(at[25], at[53]);    MULADD(at[26], at[52]);    MULADD(at[27], at[51]);    MULADD(at[28], at[50]);    MULADD(at[29], at[49]);    MULADD(at[30], at[48]);    MULADD(at[31], at[47]); 
+   COMBA_STORE(C->dp[46]);
+
+   /* early out at 48 digits, 48*32==1536, or two 768 bit operands */
+   if (out_size <= 48) { COMBA_STORE2(C->dp[47]); C->used = 48; C->sign = A->sign ^ B->sign; fp_clamp(C); COMBA_FINI; return; }
+
+   /* 47 */
+   COMBA_FORWARD;
+   MULADD(at[16], at[63]);    MULADD(at[17], at[62]);    MULADD(at[18], at[61]);    MULADD(at[19], at[60]);    MULADD(at[20], at[59]);    MULADD(at[21], at[58]);    MULADD(at[22], at[57]);    MULADD(at[23], at[56]);    MULADD(at[24], at[55]);    MULADD(at[25], at[54]);    MULADD(at[26], at[53]);    MULADD(at[27], at[52]);    MULADD(at[28], at[51]);    MULADD(at[29], at[50]);    MULADD(at[30], at[49]);    MULADD(at[31], at[48]); 
+   COMBA_STORE(C->dp[47]);
+   /* 48 */
+   COMBA_FORWARD;
+   MULADD(at[17], at[63]);    MULADD(at[18], at[62]);    MULADD(at[19], at[61]);    MULADD(at[20], at[60]);    MULADD(at[21], at[59]);    MULADD(at[22], at[58]);    MULADD(at[23], at[57]);    MULADD(at[24], at[56]);    MULADD(at[25], at[55]);    MULADD(at[26], at[54]);    MULADD(at[27], at[53]);    MULADD(at[28], at[52]);    MULADD(at[29], at[51]);    MULADD(at[30], at[50]);    MULADD(at[31], at[49]); 
+   COMBA_STORE(C->dp[48]);
+   /* 49 */
+   COMBA_FORWARD;
+   MULADD(at[18], at[63]);    MULADD(at[19], at[62]);    MULADD(at[20], at[61]);    MULADD(at[21], at[60]);    MULADD(at[22], at[59]);    MULADD(at[23], at[58]);    MULADD(at[24], at[57]);    MULADD(at[25], at[56]);    MULADD(at[26], at[55]);    MULADD(at[27], at[54]);    MULADD(at[28], at[53]);    MULADD(at[29], at[52]);    MULADD(at[30], at[51]);    MULADD(at[31], at[50]); 
+   COMBA_STORE(C->dp[49]);
+   /* 50 */
+   COMBA_FORWARD;
+   MULADD(at[19], at[63]);    MULADD(at[20], at[62]);    MULADD(at[21], at[61]);    MULADD(at[22], at[60]);    MULADD(at[23], at[59]);    MULADD(at[24], at[58]);    MULADD(at[25], at[57]);    MULADD(at[26], at[56]);    MULADD(at[27], at[55]);    MULADD(at[28], at[54]);    MULADD(at[29], at[53]);    MULADD(at[30], at[52]);    MULADD(at[31], at[51]); 
+   COMBA_STORE(C->dp[50]);
+   /* 51 */
+   COMBA_FORWARD;
+   MULADD(at[20], at[63]);    MULADD(at[21], at[62]);    MULADD(at[22], at[61]);    MULADD(at[23], at[60]);    MULADD(at[24], at[59]);    MULADD(at[25], at[58]);    MULADD(at[26], at[57]);    MULADD(at[27], at[56]);    MULADD(at[28], at[55]);    MULADD(at[29], at[54]);    MULADD(at[30], at[53]);    MULADD(at[31], at[52]); 
+   COMBA_STORE(C->dp[51]);
+   /* 52 */
+   COMBA_FORWARD;
+   MULADD(at[21], at[63]);    MULADD(at[22], at[62]);    MULADD(at[23], at[61]);    MULADD(at[24], at[60]);    MULADD(at[25], at[59]);    MULADD(at[26], at[58]);    MULADD(at[27], at[57]);    MULADD(at[28], at[56]);    MULADD(at[29], at[55]);    MULADD(at[30], at[54]);    MULADD(at[31], at[53]); 
+   COMBA_STORE(C->dp[52]);
+   /* 53 */
+   COMBA_FORWARD;
+   MULADD(at[22], at[63]);    MULADD(at[23], at[62]);    MULADD(at[24], at[61]);    MULADD(at[25], at[60]);    MULADD(at[26], at[59]);    MULADD(at[27], at[58]);    MULADD(at[28], at[57]);    MULADD(at[29], at[56]);    MULADD(at[30], at[55]);    MULADD(at[31], at[54]); 
+   COMBA_STORE(C->dp[53]);
+   /* 54 */
+   COMBA_FORWARD;
+   MULADD(at[23], at[63]);    MULADD(at[24], at[62]);    MULADD(at[25], at[61]);    MULADD(at[26], at[60]);    MULADD(at[27], at[59]);    MULADD(at[28], at[58]);    MULADD(at[29], at[57]);    MULADD(at[30], at[56]);    MULADD(at[31], at[55]); 
+   COMBA_STORE(C->dp[54]);
+
+   /* early out at 56 digits, 56*32==1792, or two 896 bit operands */
+   if (out_size <= 56) { COMBA_STORE2(C->dp[55]); C->used = 56; C->sign = A->sign ^ B->sign; fp_clamp(C); COMBA_FINI; return; }
+
+   /* 55 */
+   COMBA_FORWARD;
+   MULADD(at[24], at[63]);    MULADD(at[25], at[62]);    MULADD(at[26], at[61]);    MULADD(at[27], at[60]);    MULADD(at[28], at[59]);    MULADD(at[29], at[58]);    MULADD(at[30], at[57]);    MULADD(at[31], at[56]); 
+   COMBA_STORE(C->dp[55]);
+   /* 56 */
+   COMBA_FORWARD;
+   MULADD(at[25], at[63]);    MULADD(at[26], at[62]);    MULADD(at[27], at[61]);    MULADD(at[28], at[60]);    MULADD(at[29], at[59]);    MULADD(at[30], at[58]);    MULADD(at[31], at[57]); 
+   COMBA_STORE(C->dp[56]);
+   /* 57 */
+   COMBA_FORWARD;
+   MULADD(at[26], at[63]);    MULADD(at[27], at[62]);    MULADD(at[28], at[61]);    MULADD(at[29], at[60]);    MULADD(at[30], at[59]);    MULADD(at[31], at[58]); 
+   COMBA_STORE(C->dp[57]);
+   /* 58 */
+   COMBA_FORWARD;
+   MULADD(at[27], at[63]);    MULADD(at[28], at[62]);    MULADD(at[29], at[61]);    MULADD(at[30], at[60]);    MULADD(at[31], at[59]); 
+   COMBA_STORE(C->dp[58]);
+   /* 59 */
+   COMBA_FORWARD;
+   MULADD(at[28], at[63]);    MULADD(at[29], at[62]);    MULADD(at[30], at[61]);    MULADD(at[31], at[60]); 
+   COMBA_STORE(C->dp[59]);
+   /* 60 */
+   COMBA_FORWARD;
+   MULADD(at[29], at[63]);    MULADD(at[30], at[62]);    MULADD(at[31], at[61]); 
+   COMBA_STORE(C->dp[60]);
+   /* 61 */
+   COMBA_FORWARD;
+   MULADD(at[30], at[63]);    MULADD(at[31], at[62]); 
+   COMBA_STORE(C->dp[61]);
+   /* 62 */
+   COMBA_FORWARD;
+   MULADD(at[31], at[63]); 
+   COMBA_STORE(C->dp[62]);
+   COMBA_STORE2(C->dp[63]);
+   C->used = 64;
+   C->sign = A->sign ^ B->sign;
+   fp_clamp(C);
+   COMBA_FINI;
+}
+#endif
diff --git a/3P/wolfssl/wolfcrypt/src/fp_mul_comba_4.i b/3P/wolfssl/wolfcrypt/src/fp_mul_comba_4.i
new file mode 100644
index 00000000..e981eb1f
--- /dev/null
+++ b/3P/wolfssl/wolfcrypt/src/fp_mul_comba_4.i
@@ -0,0 +1,66 @@
+/* fp_mul_comba_4.i
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#ifdef TFM_MUL4
+void fp_mul_comba4(fp_int *A, fp_int *B, fp_int *C)
+{
+   fp_digit c0, c1, c2, at[8];
+
+   memcpy(at, A->dp, 4 * sizeof(fp_digit));
+   memcpy(at+4, B->dp, 4 * sizeof(fp_digit));
+   COMBA_START;
+
+   COMBA_CLEAR;
+   /* 0 */
+   MULADD(at[0], at[4]); 
+   COMBA_STORE(C->dp[0]);
+   /* 1 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[5]);    MULADD(at[1], at[4]); 
+   COMBA_STORE(C->dp[1]);
+   /* 2 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[6]);    MULADD(at[1], at[5]);    MULADD(at[2], at[4]); 
+   COMBA_STORE(C->dp[2]);
+   /* 3 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[7]);    MULADD(at[1], at[6]);    MULADD(at[2], at[5]);    MULADD(at[3], at[4]); 
+   COMBA_STORE(C->dp[3]);
+   /* 4 */
+   COMBA_FORWARD;
+   MULADD(at[1], at[7]);    MULADD(at[2], at[6]);    MULADD(at[3], at[5]); 
+   COMBA_STORE(C->dp[4]);
+   /* 5 */
+   COMBA_FORWARD;
+   MULADD(at[2], at[7]);    MULADD(at[3], at[6]); 
+   COMBA_STORE(C->dp[5]);
+   /* 6 */
+   COMBA_FORWARD;
+   MULADD(at[3], at[7]); 
+   COMBA_STORE(C->dp[6]);
+   COMBA_STORE2(C->dp[7]);
+   C->used = 8;
+   C->sign = A->sign ^ B->sign;
+   fp_clamp(C);
+   COMBA_FINI;
+}
+#endif
diff --git a/3P/wolfssl/wolfcrypt/src/fp_mul_comba_48.i b/3P/wolfssl/wolfcrypt/src/fp_mul_comba_48.i
new file mode 100644
index 00000000..79e43b8d
--- /dev/null
+++ b/3P/wolfssl/wolfcrypt/src/fp_mul_comba_48.i
@@ -0,0 +1,418 @@
+/* fp_mul_comba_48.i
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#ifdef TFM_MUL48
+void fp_mul_comba48(fp_int *A, fp_int *B, fp_int *C)
+{
+   fp_digit c0, c1, c2, at[96];
+
+   memcpy(at, A->dp, 48 * sizeof(fp_digit));
+   memcpy(at+48, B->dp, 48 * sizeof(fp_digit));
+   COMBA_START;
+
+   COMBA_CLEAR;
+   /* 0 */
+   MULADD(at[0], at[48]); 
+   COMBA_STORE(C->dp[0]);
+   /* 1 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[49]);    MULADD(at[1], at[48]); 
+   COMBA_STORE(C->dp[1]);
+   /* 2 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[50]);    MULADD(at[1], at[49]);    MULADD(at[2], at[48]); 
+   COMBA_STORE(C->dp[2]);
+   /* 3 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[51]);    MULADD(at[1], at[50]);    MULADD(at[2], at[49]);    MULADD(at[3], at[48]); 
+   COMBA_STORE(C->dp[3]);
+   /* 4 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[52]);    MULADD(at[1], at[51]);    MULADD(at[2], at[50]);    MULADD(at[3], at[49]);    MULADD(at[4], at[48]); 
+   COMBA_STORE(C->dp[4]);
+   /* 5 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[53]);    MULADD(at[1], at[52]);    MULADD(at[2], at[51]);    MULADD(at[3], at[50]);    MULADD(at[4], at[49]);    MULADD(at[5], at[48]); 
+   COMBA_STORE(C->dp[5]);
+   /* 6 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[54]);    MULADD(at[1], at[53]);    MULADD(at[2], at[52]);    MULADD(at[3], at[51]);    MULADD(at[4], at[50]);    MULADD(at[5], at[49]);    MULADD(at[6], at[48]); 
+   COMBA_STORE(C->dp[6]);
+   /* 7 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[55]);    MULADD(at[1], at[54]);    MULADD(at[2], at[53]);    MULADD(at[3], at[52]);    MULADD(at[4], at[51]);    MULADD(at[5], at[50]);    MULADD(at[6], at[49]);    MULADD(at[7], at[48]); 
+   COMBA_STORE(C->dp[7]);
+   /* 8 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[56]);    MULADD(at[1], at[55]);    MULADD(at[2], at[54]);    MULADD(at[3], at[53]);    MULADD(at[4], at[52]);    MULADD(at[5], at[51]);    MULADD(at[6], at[50]);    MULADD(at[7], at[49]);    MULADD(at[8], at[48]); 
+   COMBA_STORE(C->dp[8]);
+   /* 9 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[57]);    MULADD(at[1], at[56]);    MULADD(at[2], at[55]);    MULADD(at[3], at[54]);    MULADD(at[4], at[53]);    MULADD(at[5], at[52]);    MULADD(at[6], at[51]);    MULADD(at[7], at[50]);    MULADD(at[8], at[49]);    MULADD(at[9], at[48]); 
+   COMBA_STORE(C->dp[9]);
+   /* 10 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[58]);    MULADD(at[1], at[57]);    MULADD(at[2], at[56]);    MULADD(at[3], at[55]);    MULADD(at[4], at[54]);    MULADD(at[5], at[53]);    MULADD(at[6], at[52]);    MULADD(at[7], at[51]);    MULADD(at[8], at[50]);    MULADD(at[9], at[49]);    MULADD(at[10], at[48]); 
+   COMBA_STORE(C->dp[10]);
+   /* 11 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[59]);    MULADD(at[1], at[58]);    MULADD(at[2], at[57]);    MULADD(at[3], at[56]);    MULADD(at[4], at[55]);    MULADD(at[5], at[54]);    MULADD(at[6], at[53]);    MULADD(at[7], at[52]);    MULADD(at[8], at[51]);    MULADD(at[9], at[50]);    MULADD(at[10], at[49]);    MULADD(at[11], at[48]); 
+   COMBA_STORE(C->dp[11]);
+   /* 12 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[60]);    MULADD(at[1], at[59]);    MULADD(at[2], at[58]);    MULADD(at[3], at[57]);    MULADD(at[4], at[56]);    MULADD(at[5], at[55]);    MULADD(at[6], at[54]);    MULADD(at[7], at[53]);    MULADD(at[8], at[52]);    MULADD(at[9], at[51]);    MULADD(at[10], at[50]);    MULADD(at[11], at[49]);    MULADD(at[12], at[48]); 
+   COMBA_STORE(C->dp[12]);
+   /* 13 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[61]);    MULADD(at[1], at[60]);    MULADD(at[2], at[59]);    MULADD(at[3], at[58]);    MULADD(at[4], at[57]);    MULADD(at[5], at[56]);    MULADD(at[6], at[55]);    MULADD(at[7], at[54]);    MULADD(at[8], at[53]);    MULADD(at[9], at[52]);    MULADD(at[10], at[51]);    MULADD(at[11], at[50]);    MULADD(at[12], at[49]);    MULADD(at[13], at[48]); 
+   COMBA_STORE(C->dp[13]);
+   /* 14 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[62]);    MULADD(at[1], at[61]);    MULADD(at[2], at[60]);    MULADD(at[3], at[59]);    MULADD(at[4], at[58]);    MULADD(at[5], at[57]);    MULADD(at[6], at[56]);    MULADD(at[7], at[55]);    MULADD(at[8], at[54]);    MULADD(at[9], at[53]);    MULADD(at[10], at[52]);    MULADD(at[11], at[51]);    MULADD(at[12], at[50]);    MULADD(at[13], at[49]);    MULADD(at[14], at[48]); 
+   COMBA_STORE(C->dp[14]);
+   /* 15 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[63]);    MULADD(at[1], at[62]);    MULADD(at[2], at[61]);    MULADD(at[3], at[60]);    MULADD(at[4], at[59]);    MULADD(at[5], at[58]);    MULADD(at[6], at[57]);    MULADD(at[7], at[56]);    MULADD(at[8], at[55]);    MULADD(at[9], at[54]);    MULADD(at[10], at[53]);    MULADD(at[11], at[52]);    MULADD(at[12], at[51]);    MULADD(at[13], at[50]);    MULADD(at[14], at[49]);    MULADD(at[15], at[48]); 
+   COMBA_STORE(C->dp[15]);
+   /* 16 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[64]);    MULADD(at[1], at[63]);    MULADD(at[2], at[62]);    MULADD(at[3], at[61]);    MULADD(at[4], at[60]);    MULADD(at[5], at[59]);    MULADD(at[6], at[58]);    MULADD(at[7], at[57]);    MULADD(at[8], at[56]);    MULADD(at[9], at[55]);    MULADD(at[10], at[54]);    MULADD(at[11], at[53]);    MULADD(at[12], at[52]);    MULADD(at[13], at[51]);    MULADD(at[14], at[50]);    MULADD(at[15], at[49]);    MULADD(at[16], at[48]); 
+   COMBA_STORE(C->dp[16]);
+   /* 17 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[65]);    MULADD(at[1], at[64]);    MULADD(at[2], at[63]);    MULADD(at[3], at[62]);    MULADD(at[4], at[61]);    MULADD(at[5], at[60]);    MULADD(at[6], at[59]);    MULADD(at[7], at[58]);    MULADD(at[8], at[57]);    MULADD(at[9], at[56]);    MULADD(at[10], at[55]);    MULADD(at[11], at[54]);    MULADD(at[12], at[53]);    MULADD(at[13], at[52]);    MULADD(at[14], at[51]);    MULADD(at[15], at[50]);    MULADD(at[16], at[49]);    MULADD(at[17], at[48]); 
+   COMBA_STORE(C->dp[17]);
+   /* 18 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[66]);    MULADD(at[1], at[65]);    MULADD(at[2], at[64]);    MULADD(at[3], at[63]);    MULADD(at[4], at[62]);    MULADD(at[5], at[61]);    MULADD(at[6], at[60]);    MULADD(at[7], at[59]);    MULADD(at[8], at[58]);    MULADD(at[9], at[57]);    MULADD(at[10], at[56]);    MULADD(at[11], at[55]);    MULADD(at[12], at[54]);    MULADD(at[13], at[53]);    MULADD(at[14], at[52]);    MULADD(at[15], at[51]);    MULADD(at[16], at[50]);    MULADD(at[17], at[49]);    MULADD(at[18], at[48]); 
+   COMBA_STORE(C->dp[18]);
+   /* 19 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[67]);    MULADD(at[1], at[66]);    MULADD(at[2], at[65]);    MULADD(at[3], at[64]);    MULADD(at[4], at[63]);    MULADD(at[5], at[62]);    MULADD(at[6], at[61]);    MULADD(at[7], at[60]);    MULADD(at[8], at[59]);    MULADD(at[9], at[58]);    MULADD(at[10], at[57]);    MULADD(at[11], at[56]);    MULADD(at[12], at[55]);    MULADD(at[13], at[54]);    MULADD(at[14], at[53]);    MULADD(at[15], at[52]);    MULADD(at[16], at[51]);    MULADD(at[17], at[50]);    MULADD(at[18], at[49]);    MULADD(at[19], at[48]); 
+   COMBA_STORE(C->dp[19]);
+   /* 20 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[68]);    MULADD(at[1], at[67]);    MULADD(at[2], at[66]);    MULADD(at[3], at[65]);    MULADD(at[4], at[64]);    MULADD(at[5], at[63]);    MULADD(at[6], at[62]);    MULADD(at[7], at[61]);    MULADD(at[8], at[60]);    MULADD(at[9], at[59]);    MULADD(at[10], at[58]);    MULADD(at[11], at[57]);    MULADD(at[12], at[56]);    MULADD(at[13], at[55]);    MULADD(at[14], at[54]);    MULADD(at[15], at[53]);    MULADD(at[16], at[52]);    MULADD(at[17], at[51]);    MULADD(at[18], at[50]);    MULADD(at[19], at[49]);    MULADD(at[20], at[48]); 
+   COMBA_STORE(C->dp[20]);
+   /* 21 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[69]);    MULADD(at[1], at[68]);    MULADD(at[2], at[67]);    MULADD(at[3], at[66]);    MULADD(at[4], at[65]);    MULADD(at[5], at[64]);    MULADD(at[6], at[63]);    MULADD(at[7], at[62]);    MULADD(at[8], at[61]);    MULADD(at[9], at[60]);    MULADD(at[10], at[59]);    MULADD(at[11], at[58]);    MULADD(at[12], at[57]);    MULADD(at[13], at[56]);    MULADD(at[14], at[55]);    MULADD(at[15], at[54]);    MULADD(at[16], at[53]);    MULADD(at[17], at[52]);    MULADD(at[18], at[51]);    MULADD(at[19], at[50]);    MULADD(at[20], at[49]);    MULADD(at[21], at[48]); 
+   COMBA_STORE(C->dp[21]);
+   /* 22 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[70]);    MULADD(at[1], at[69]);    MULADD(at[2], at[68]);    MULADD(at[3], at[67]);    MULADD(at[4], at[66]);    MULADD(at[5], at[65]);    MULADD(at[6], at[64]);    MULADD(at[7], at[63]);    MULADD(at[8], at[62]);    MULADD(at[9], at[61]);    MULADD(at[10], at[60]);    MULADD(at[11], at[59]);    MULADD(at[12], at[58]);    MULADD(at[13], at[57]);    MULADD(at[14], at[56]);    MULADD(at[15], at[55]);    MULADD(at[16], at[54]);    MULADD(at[17], at[53]);    MULADD(at[18], at[52]);    MULADD(at[19], at[51]);    MULADD(at[20], at[50]);    MULADD(at[21], at[49]);    MULADD(at[22], at[48]); 
+   COMBA_STORE(C->dp[22]);
+   /* 23 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[71]);    MULADD(at[1], at[70]);    MULADD(at[2], at[69]);    MULADD(at[3], at[68]);    MULADD(at[4], at[67]);    MULADD(at[5], at[66]);    MULADD(at[6], at[65]);    MULADD(at[7], at[64]);    MULADD(at[8], at[63]);    MULADD(at[9], at[62]);    MULADD(at[10], at[61]);    MULADD(at[11], at[60]);    MULADD(at[12], at[59]);    MULADD(at[13], at[58]);    MULADD(at[14], at[57]);    MULADD(at[15], at[56]);    MULADD(at[16], at[55]);    MULADD(at[17], at[54]);    MULADD(at[18], at[53]);    MULADD(at[19], at[52]);    MULADD(at[20], at[51]);    MULADD(at[21], at[50]);    MULADD(at[22], at[49]);    MULADD(at[23], at[48]); 
+   COMBA_STORE(C->dp[23]);
+   /* 24 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[72]);    MULADD(at[1], at[71]);    MULADD(at[2], at[70]);    MULADD(at[3], at[69]);    MULADD(at[4], at[68]);    MULADD(at[5], at[67]);    MULADD(at[6], at[66]);    MULADD(at[7], at[65]);    MULADD(at[8], at[64]);    MULADD(at[9], at[63]);    MULADD(at[10], at[62]);    MULADD(at[11], at[61]);    MULADD(at[12], at[60]);    MULADD(at[13], at[59]);    MULADD(at[14], at[58]);    MULADD(at[15], at[57]);    MULADD(at[16], at[56]);    MULADD(at[17], at[55]);    MULADD(at[18], at[54]);    MULADD(at[19], at[53]);    MULADD(at[20], at[52]);    MULADD(at[21], at[51]);    MULADD(at[22], at[50]);    MULADD(at[23], at[49]);    MULADD(at[24], at[48]); 
+   COMBA_STORE(C->dp[24]);
+   /* 25 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[73]);    MULADD(at[1], at[72]);    MULADD(at[2], at[71]);    MULADD(at[3], at[70]);    MULADD(at[4], at[69]);    MULADD(at[5], at[68]);    MULADD(at[6], at[67]);    MULADD(at[7], at[66]);    MULADD(at[8], at[65]);    MULADD(at[9], at[64]);    MULADD(at[10], at[63]);    MULADD(at[11], at[62]);    MULADD(at[12], at[61]);    MULADD(at[13], at[60]);    MULADD(at[14], at[59]);    MULADD(at[15], at[58]);    MULADD(at[16], at[57]);    MULADD(at[17], at[56]);    MULADD(at[18], at[55]);    MULADD(at[19], at[54]);    MULADD(at[20], at[53]);    MULADD(at[21], at[52]);    MULADD(at[22], at[51]);    MULADD(at[23], at[50]);    MULADD(at[24], at[49]);    MULADD(at[25], at[48]); 
+   COMBA_STORE(C->dp[25]);
+   /* 26 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[74]);    MULADD(at[1], at[73]);    MULADD(at[2], at[72]);    MULADD(at[3], at[71]);    MULADD(at[4], at[70]);    MULADD(at[5], at[69]);    MULADD(at[6], at[68]);    MULADD(at[7], at[67]);    MULADD(at[8], at[66]);    MULADD(at[9], at[65]);    MULADD(at[10], at[64]);    MULADD(at[11], at[63]);    MULADD(at[12], at[62]);    MULADD(at[13], at[61]);    MULADD(at[14], at[60]);    MULADD(at[15], at[59]);    MULADD(at[16], at[58]);    MULADD(at[17], at[57]);    MULADD(at[18], at[56]);    MULADD(at[19], at[55]);    MULADD(at[20], at[54]);    MULADD(at[21], at[53]);    MULADD(at[22], at[52]);    MULADD(at[23], at[51]);    MULADD(at[24], at[50]);    MULADD(at[25], at[49]);    MULADD(at[26], at[48]); 
+   COMBA_STORE(C->dp[26]);
+   /* 27 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[75]);    MULADD(at[1], at[74]);    MULADD(at[2], at[73]);    MULADD(at[3], at[72]);    MULADD(at[4], at[71]);    MULADD(at[5], at[70]);    MULADD(at[6], at[69]);    MULADD(at[7], at[68]);    MULADD(at[8], at[67]);    MULADD(at[9], at[66]);    MULADD(at[10], at[65]);    MULADD(at[11], at[64]);    MULADD(at[12], at[63]);    MULADD(at[13], at[62]);    MULADD(at[14], at[61]);    MULADD(at[15], at[60]);    MULADD(at[16], at[59]);    MULADD(at[17], at[58]);    MULADD(at[18], at[57]);    MULADD(at[19], at[56]);    MULADD(at[20], at[55]);    MULADD(at[21], at[54]);    MULADD(at[22], at[53]);    MULADD(at[23], at[52]);    MULADD(at[24], at[51]);    MULADD(at[25], at[50]);    MULADD(at[26], at[49]);    MULADD(at[27], at[48]); 
+   COMBA_STORE(C->dp[27]);
+   /* 28 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[76]);    MULADD(at[1], at[75]);    MULADD(at[2], at[74]);    MULADD(at[3], at[73]);    MULADD(at[4], at[72]);    MULADD(at[5], at[71]);    MULADD(at[6], at[70]);    MULADD(at[7], at[69]);    MULADD(at[8], at[68]);    MULADD(at[9], at[67]);    MULADD(at[10], at[66]);    MULADD(at[11], at[65]);    MULADD(at[12], at[64]);    MULADD(at[13], at[63]);    MULADD(at[14], at[62]);    MULADD(at[15], at[61]);    MULADD(at[16], at[60]);    MULADD(at[17], at[59]);    MULADD(at[18], at[58]);    MULADD(at[19], at[57]);    MULADD(at[20], at[56]);    MULADD(at[21], at[55]);    MULADD(at[22], at[54]);    MULADD(at[23], at[53]);    MULADD(at[24], at[52]);    MULADD(at[25], at[51]);    MULADD(at[26], at[50]);    MULADD(at[27], at[49]);    MULADD(at[28], at[48]); 
+   COMBA_STORE(C->dp[28]);
+   /* 29 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[77]);    MULADD(at[1], at[76]);    MULADD(at[2], at[75]);    MULADD(at[3], at[74]);    MULADD(at[4], at[73]);    MULADD(at[5], at[72]);    MULADD(at[6], at[71]);    MULADD(at[7], at[70]);    MULADD(at[8], at[69]);    MULADD(at[9], at[68]);    MULADD(at[10], at[67]);    MULADD(at[11], at[66]);    MULADD(at[12], at[65]);    MULADD(at[13], at[64]);    MULADD(at[14], at[63]);    MULADD(at[15], at[62]);    MULADD(at[16], at[61]);    MULADD(at[17], at[60]);    MULADD(at[18], at[59]);    MULADD(at[19], at[58]);    MULADD(at[20], at[57]);    MULADD(at[21], at[56]);    MULADD(at[22], at[55]);    MULADD(at[23], at[54]);    MULADD(at[24], at[53]);    MULADD(at[25], at[52]);    MULADD(at[26], at[51]);    MULADD(at[27], at[50]);    MULADD(at[28], at[49]);    MULADD(at[29], at[48]); 
+   COMBA_STORE(C->dp[29]);
+   /* 30 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[78]);    MULADD(at[1], at[77]);    MULADD(at[2], at[76]);    MULADD(at[3], at[75]);    MULADD(at[4], at[74]);    MULADD(at[5], at[73]);    MULADD(at[6], at[72]);    MULADD(at[7], at[71]);    MULADD(at[8], at[70]);    MULADD(at[9], at[69]);    MULADD(at[10], at[68]);    MULADD(at[11], at[67]);    MULADD(at[12], at[66]);    MULADD(at[13], at[65]);    MULADD(at[14], at[64]);    MULADD(at[15], at[63]);    MULADD(at[16], at[62]);    MULADD(at[17], at[61]);    MULADD(at[18], at[60]);    MULADD(at[19], at[59]);    MULADD(at[20], at[58]);    MULADD(at[21], at[57]);    MULADD(at[22], at[56]);    MULADD(at[23], at[55]);    MULADD(at[24], at[54]);    MULADD(at[25], at[53]);    MULADD(at[26], at[52]);    MULADD(at[27], at[51]);    MULADD(at[28], at[50]);    MULADD(at[29], at[49]);    MULADD(at[30], at[48]); 
+   COMBA_STORE(C->dp[30]);
+   /* 31 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[79]);    MULADD(at[1], at[78]);    MULADD(at[2], at[77]);    MULADD(at[3], at[76]);    MULADD(at[4], at[75]);    MULADD(at[5], at[74]);    MULADD(at[6], at[73]);    MULADD(at[7], at[72]);    MULADD(at[8], at[71]);    MULADD(at[9], at[70]);    MULADD(at[10], at[69]);    MULADD(at[11], at[68]);    MULADD(at[12], at[67]);    MULADD(at[13], at[66]);    MULADD(at[14], at[65]);    MULADD(at[15], at[64]);    MULADD(at[16], at[63]);    MULADD(at[17], at[62]);    MULADD(at[18], at[61]);    MULADD(at[19], at[60]);    MULADD(at[20], at[59]);    MULADD(at[21], at[58]);    MULADD(at[22], at[57]);    MULADD(at[23], at[56]);    MULADD(at[24], at[55]);    MULADD(at[25], at[54]);    MULADD(at[26], at[53]);    MULADD(at[27], at[52]);    MULADD(at[28], at[51]);    MULADD(at[29], at[50]);    MULADD(at[30], at[49]);    MULADD(at[31], at[48]); 
+   COMBA_STORE(C->dp[31]);
+   /* 32 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[80]);    MULADD(at[1], at[79]);    MULADD(at[2], at[78]);    MULADD(at[3], at[77]);    MULADD(at[4], at[76]);    MULADD(at[5], at[75]);    MULADD(at[6], at[74]);    MULADD(at[7], at[73]);    MULADD(at[8], at[72]);    MULADD(at[9], at[71]);    MULADD(at[10], at[70]);    MULADD(at[11], at[69]);    MULADD(at[12], at[68]);    MULADD(at[13], at[67]);    MULADD(at[14], at[66]);    MULADD(at[15], at[65]);    MULADD(at[16], at[64]);    MULADD(at[17], at[63]);    MULADD(at[18], at[62]);    MULADD(at[19], at[61]);    MULADD(at[20], at[60]);    MULADD(at[21], at[59]);    MULADD(at[22], at[58]);    MULADD(at[23], at[57]);    MULADD(at[24], at[56]);    MULADD(at[25], at[55]);    MULADD(at[26], at[54]);    MULADD(at[27], at[53]);    MULADD(at[28], at[52]);    MULADD(at[29], at[51]);    MULADD(at[30], at[50]);    MULADD(at[31], at[49]);    MULADD(at[32], at[48]); 
+   COMBA_STORE(C->dp[32]);
+   /* 33 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[81]);    MULADD(at[1], at[80]);    MULADD(at[2], at[79]);    MULADD(at[3], at[78]);    MULADD(at[4], at[77]);    MULADD(at[5], at[76]);    MULADD(at[6], at[75]);    MULADD(at[7], at[74]);    MULADD(at[8], at[73]);    MULADD(at[9], at[72]);    MULADD(at[10], at[71]);    MULADD(at[11], at[70]);    MULADD(at[12], at[69]);    MULADD(at[13], at[68]);    MULADD(at[14], at[67]);    MULADD(at[15], at[66]);    MULADD(at[16], at[65]);    MULADD(at[17], at[64]);    MULADD(at[18], at[63]);    MULADD(at[19], at[62]);    MULADD(at[20], at[61]);    MULADD(at[21], at[60]);    MULADD(at[22], at[59]);    MULADD(at[23], at[58]);    MULADD(at[24], at[57]);    MULADD(at[25], at[56]);    MULADD(at[26], at[55]);    MULADD(at[27], at[54]);    MULADD(at[28], at[53]);    MULADD(at[29], at[52]);    MULADD(at[30], at[51]);    MULADD(at[31], at[50]);    MULADD(at[32], at[49]);    MULADD(at[33], at[48]); 
+   COMBA_STORE(C->dp[33]);
+   /* 34 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[82]);    MULADD(at[1], at[81]);    MULADD(at[2], at[80]);    MULADD(at[3], at[79]);    MULADD(at[4], at[78]);    MULADD(at[5], at[77]);    MULADD(at[6], at[76]);    MULADD(at[7], at[75]);    MULADD(at[8], at[74]);    MULADD(at[9], at[73]);    MULADD(at[10], at[72]);    MULADD(at[11], at[71]);    MULADD(at[12], at[70]);    MULADD(at[13], at[69]);    MULADD(at[14], at[68]);    MULADD(at[15], at[67]);    MULADD(at[16], at[66]);    MULADD(at[17], at[65]);    MULADD(at[18], at[64]);    MULADD(at[19], at[63]);    MULADD(at[20], at[62]);    MULADD(at[21], at[61]);    MULADD(at[22], at[60]);    MULADD(at[23], at[59]);    MULADD(at[24], at[58]);    MULADD(at[25], at[57]);    MULADD(at[26], at[56]);    MULADD(at[27], at[55]);    MULADD(at[28], at[54]);    MULADD(at[29], at[53]);    MULADD(at[30], at[52]);    MULADD(at[31], at[51]);    MULADD(at[32], at[50]);    MULADD(at[33], at[49]);    MULADD(at[34], at[48]); 
+   COMBA_STORE(C->dp[34]);
+   /* 35 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[83]);    MULADD(at[1], at[82]);    MULADD(at[2], at[81]);    MULADD(at[3], at[80]);    MULADD(at[4], at[79]);    MULADD(at[5], at[78]);    MULADD(at[6], at[77]);    MULADD(at[7], at[76]);    MULADD(at[8], at[75]);    MULADD(at[9], at[74]);    MULADD(at[10], at[73]);    MULADD(at[11], at[72]);    MULADD(at[12], at[71]);    MULADD(at[13], at[70]);    MULADD(at[14], at[69]);    MULADD(at[15], at[68]);    MULADD(at[16], at[67]);    MULADD(at[17], at[66]);    MULADD(at[18], at[65]);    MULADD(at[19], at[64]);    MULADD(at[20], at[63]);    MULADD(at[21], at[62]);    MULADD(at[22], at[61]);    MULADD(at[23], at[60]);    MULADD(at[24], at[59]);    MULADD(at[25], at[58]);    MULADD(at[26], at[57]);    MULADD(at[27], at[56]);    MULADD(at[28], at[55]);    MULADD(at[29], at[54]);    MULADD(at[30], at[53]);    MULADD(at[31], at[52]);    MULADD(at[32], at[51]);    MULADD(at[33], at[50]);    MULADD(at[34], at[49]);    MULADD(at[35], at[48]); 
+   COMBA_STORE(C->dp[35]);
+   /* 36 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[84]);    MULADD(at[1], at[83]);    MULADD(at[2], at[82]);    MULADD(at[3], at[81]);    MULADD(at[4], at[80]);    MULADD(at[5], at[79]);    MULADD(at[6], at[78]);    MULADD(at[7], at[77]);    MULADD(at[8], at[76]);    MULADD(at[9], at[75]);    MULADD(at[10], at[74]);    MULADD(at[11], at[73]);    MULADD(at[12], at[72]);    MULADD(at[13], at[71]);    MULADD(at[14], at[70]);    MULADD(at[15], at[69]);    MULADD(at[16], at[68]);    MULADD(at[17], at[67]);    MULADD(at[18], at[66]);    MULADD(at[19], at[65]);    MULADD(at[20], at[64]);    MULADD(at[21], at[63]);    MULADD(at[22], at[62]);    MULADD(at[23], at[61]);    MULADD(at[24], at[60]);    MULADD(at[25], at[59]);    MULADD(at[26], at[58]);    MULADD(at[27], at[57]);    MULADD(at[28], at[56]);    MULADD(at[29], at[55]);    MULADD(at[30], at[54]);    MULADD(at[31], at[53]);    MULADD(at[32], at[52]);    MULADD(at[33], at[51]);    MULADD(at[34], at[50]);    MULADD(at[35], at[49]);    MULADD(at[36], at[48]); 
+   COMBA_STORE(C->dp[36]);
+   /* 37 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[85]);    MULADD(at[1], at[84]);    MULADD(at[2], at[83]);    MULADD(at[3], at[82]);    MULADD(at[4], at[81]);    MULADD(at[5], at[80]);    MULADD(at[6], at[79]);    MULADD(at[7], at[78]);    MULADD(at[8], at[77]);    MULADD(at[9], at[76]);    MULADD(at[10], at[75]);    MULADD(at[11], at[74]);    MULADD(at[12], at[73]);    MULADD(at[13], at[72]);    MULADD(at[14], at[71]);    MULADD(at[15], at[70]);    MULADD(at[16], at[69]);    MULADD(at[17], at[68]);    MULADD(at[18], at[67]);    MULADD(at[19], at[66]);    MULADD(at[20], at[65]);    MULADD(at[21], at[64]);    MULADD(at[22], at[63]);    MULADD(at[23], at[62]);    MULADD(at[24], at[61]);    MULADD(at[25], at[60]);    MULADD(at[26], at[59]);    MULADD(at[27], at[58]);    MULADD(at[28], at[57]);    MULADD(at[29], at[56]);    MULADD(at[30], at[55]);    MULADD(at[31], at[54]);    MULADD(at[32], at[53]);    MULADD(at[33], at[52]);    MULADD(at[34], at[51]);    MULADD(at[35], at[50]);    MULADD(at[36], at[49]);    MULADD(at[37], at[48]); 
+   COMBA_STORE(C->dp[37]);
+   /* 38 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[86]);    MULADD(at[1], at[85]);    MULADD(at[2], at[84]);    MULADD(at[3], at[83]);    MULADD(at[4], at[82]);    MULADD(at[5], at[81]);    MULADD(at[6], at[80]);    MULADD(at[7], at[79]);    MULADD(at[8], at[78]);    MULADD(at[9], at[77]);    MULADD(at[10], at[76]);    MULADD(at[11], at[75]);    MULADD(at[12], at[74]);    MULADD(at[13], at[73]);    MULADD(at[14], at[72]);    MULADD(at[15], at[71]);    MULADD(at[16], at[70]);    MULADD(at[17], at[69]);    MULADD(at[18], at[68]);    MULADD(at[19], at[67]);    MULADD(at[20], at[66]);    MULADD(at[21], at[65]);    MULADD(at[22], at[64]);    MULADD(at[23], at[63]);    MULADD(at[24], at[62]);    MULADD(at[25], at[61]);    MULADD(at[26], at[60]);    MULADD(at[27], at[59]);    MULADD(at[28], at[58]);    MULADD(at[29], at[57]);    MULADD(at[30], at[56]);    MULADD(at[31], at[55]);    MULADD(at[32], at[54]);    MULADD(at[33], at[53]);    MULADD(at[34], at[52]);    MULADD(at[35], at[51]);    MULADD(at[36], at[50]);    MULADD(at[37], at[49]);    MULADD(at[38], at[48]); 
+   COMBA_STORE(C->dp[38]);
+   /* 39 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[87]);    MULADD(at[1], at[86]);    MULADD(at[2], at[85]);    MULADD(at[3], at[84]);    MULADD(at[4], at[83]);    MULADD(at[5], at[82]);    MULADD(at[6], at[81]);    MULADD(at[7], at[80]);    MULADD(at[8], at[79]);    MULADD(at[9], at[78]);    MULADD(at[10], at[77]);    MULADD(at[11], at[76]);    MULADD(at[12], at[75]);    MULADD(at[13], at[74]);    MULADD(at[14], at[73]);    MULADD(at[15], at[72]);    MULADD(at[16], at[71]);    MULADD(at[17], at[70]);    MULADD(at[18], at[69]);    MULADD(at[19], at[68]);    MULADD(at[20], at[67]);    MULADD(at[21], at[66]);    MULADD(at[22], at[65]);    MULADD(at[23], at[64]);    MULADD(at[24], at[63]);    MULADD(at[25], at[62]);    MULADD(at[26], at[61]);    MULADD(at[27], at[60]);    MULADD(at[28], at[59]);    MULADD(at[29], at[58]);    MULADD(at[30], at[57]);    MULADD(at[31], at[56]);    MULADD(at[32], at[55]);    MULADD(at[33], at[54]);    MULADD(at[34], at[53]);    MULADD(at[35], at[52]);    MULADD(at[36], at[51]);    MULADD(at[37], at[50]);    MULADD(at[38], at[49]);    MULADD(at[39], at[48]); 
+   COMBA_STORE(C->dp[39]);
+   /* 40 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[88]);    MULADD(at[1], at[87]);    MULADD(at[2], at[86]);    MULADD(at[3], at[85]);    MULADD(at[4], at[84]);    MULADD(at[5], at[83]);    MULADD(at[6], at[82]);    MULADD(at[7], at[81]);    MULADD(at[8], at[80]);    MULADD(at[9], at[79]);    MULADD(at[10], at[78]);    MULADD(at[11], at[77]);    MULADD(at[12], at[76]);    MULADD(at[13], at[75]);    MULADD(at[14], at[74]);    MULADD(at[15], at[73]);    MULADD(at[16], at[72]);    MULADD(at[17], at[71]);    MULADD(at[18], at[70]);    MULADD(at[19], at[69]);    MULADD(at[20], at[68]);    MULADD(at[21], at[67]);    MULADD(at[22], at[66]);    MULADD(at[23], at[65]);    MULADD(at[24], at[64]);    MULADD(at[25], at[63]);    MULADD(at[26], at[62]);    MULADD(at[27], at[61]);    MULADD(at[28], at[60]);    MULADD(at[29], at[59]);    MULADD(at[30], at[58]);    MULADD(at[31], at[57]);    MULADD(at[32], at[56]);    MULADD(at[33], at[55]);    MULADD(at[34], at[54]);    MULADD(at[35], at[53]);    MULADD(at[36], at[52]);    MULADD(at[37], at[51]);    MULADD(at[38], at[50]);    MULADD(at[39], at[49]);    MULADD(at[40], at[48]); 
+   COMBA_STORE(C->dp[40]);
+   /* 41 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[89]);    MULADD(at[1], at[88]);    MULADD(at[2], at[87]);    MULADD(at[3], at[86]);    MULADD(at[4], at[85]);    MULADD(at[5], at[84]);    MULADD(at[6], at[83]);    MULADD(at[7], at[82]);    MULADD(at[8], at[81]);    MULADD(at[9], at[80]);    MULADD(at[10], at[79]);    MULADD(at[11], at[78]);    MULADD(at[12], at[77]);    MULADD(at[13], at[76]);    MULADD(at[14], at[75]);    MULADD(at[15], at[74]);    MULADD(at[16], at[73]);    MULADD(at[17], at[72]);    MULADD(at[18], at[71]);    MULADD(at[19], at[70]);    MULADD(at[20], at[69]);    MULADD(at[21], at[68]);    MULADD(at[22], at[67]);    MULADD(at[23], at[66]);    MULADD(at[24], at[65]);    MULADD(at[25], at[64]);    MULADD(at[26], at[63]);    MULADD(at[27], at[62]);    MULADD(at[28], at[61]);    MULADD(at[29], at[60]);    MULADD(at[30], at[59]);    MULADD(at[31], at[58]);    MULADD(at[32], at[57]);    MULADD(at[33], at[56]);    MULADD(at[34], at[55]);    MULADD(at[35], at[54]);    MULADD(at[36], at[53]);    MULADD(at[37], at[52]);    MULADD(at[38], at[51]);    MULADD(at[39], at[50]);    MULADD(at[40], at[49]);    MULADD(at[41], at[48]); 
+   COMBA_STORE(C->dp[41]);
+   /* 42 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[90]);    MULADD(at[1], at[89]);    MULADD(at[2], at[88]);    MULADD(at[3], at[87]);    MULADD(at[4], at[86]);    MULADD(at[5], at[85]);    MULADD(at[6], at[84]);    MULADD(at[7], at[83]);    MULADD(at[8], at[82]);    MULADD(at[9], at[81]);    MULADD(at[10], at[80]);    MULADD(at[11], at[79]);    MULADD(at[12], at[78]);    MULADD(at[13], at[77]);    MULADD(at[14], at[76]);    MULADD(at[15], at[75]);    MULADD(at[16], at[74]);    MULADD(at[17], at[73]);    MULADD(at[18], at[72]);    MULADD(at[19], at[71]);    MULADD(at[20], at[70]);    MULADD(at[21], at[69]);    MULADD(at[22], at[68]);    MULADD(at[23], at[67]);    MULADD(at[24], at[66]);    MULADD(at[25], at[65]);    MULADD(at[26], at[64]);    MULADD(at[27], at[63]);    MULADD(at[28], at[62]);    MULADD(at[29], at[61]);    MULADD(at[30], at[60]);    MULADD(at[31], at[59]);    MULADD(at[32], at[58]);    MULADD(at[33], at[57]);    MULADD(at[34], at[56]);    MULADD(at[35], at[55]);    MULADD(at[36], at[54]);    MULADD(at[37], at[53]);    MULADD(at[38], at[52]);    MULADD(at[39], at[51]);    MULADD(at[40], at[50]);    MULADD(at[41], at[49]);    MULADD(at[42], at[48]); 
+   COMBA_STORE(C->dp[42]);
+   /* 43 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[91]);    MULADD(at[1], at[90]);    MULADD(at[2], at[89]);    MULADD(at[3], at[88]);    MULADD(at[4], at[87]);    MULADD(at[5], at[86]);    MULADD(at[6], at[85]);    MULADD(at[7], at[84]);    MULADD(at[8], at[83]);    MULADD(at[9], at[82]);    MULADD(at[10], at[81]);    MULADD(at[11], at[80]);    MULADD(at[12], at[79]);    MULADD(at[13], at[78]);    MULADD(at[14], at[77]);    MULADD(at[15], at[76]);    MULADD(at[16], at[75]);    MULADD(at[17], at[74]);    MULADD(at[18], at[73]);    MULADD(at[19], at[72]);    MULADD(at[20], at[71]);    MULADD(at[21], at[70]);    MULADD(at[22], at[69]);    MULADD(at[23], at[68]);    MULADD(at[24], at[67]);    MULADD(at[25], at[66]);    MULADD(at[26], at[65]);    MULADD(at[27], at[64]);    MULADD(at[28], at[63]);    MULADD(at[29], at[62]);    MULADD(at[30], at[61]);    MULADD(at[31], at[60]);    MULADD(at[32], at[59]);    MULADD(at[33], at[58]);    MULADD(at[34], at[57]);    MULADD(at[35], at[56]);    MULADD(at[36], at[55]);    MULADD(at[37], at[54]);    MULADD(at[38], at[53]);    MULADD(at[39], at[52]);    MULADD(at[40], at[51]);    MULADD(at[41], at[50]);    MULADD(at[42], at[49]);    MULADD(at[43], at[48]); 
+   COMBA_STORE(C->dp[43]);
+   /* 44 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[92]);    MULADD(at[1], at[91]);    MULADD(at[2], at[90]);    MULADD(at[3], at[89]);    MULADD(at[4], at[88]);    MULADD(at[5], at[87]);    MULADD(at[6], at[86]);    MULADD(at[7], at[85]);    MULADD(at[8], at[84]);    MULADD(at[9], at[83]);    MULADD(at[10], at[82]);    MULADD(at[11], at[81]);    MULADD(at[12], at[80]);    MULADD(at[13], at[79]);    MULADD(at[14], at[78]);    MULADD(at[15], at[77]);    MULADD(at[16], at[76]);    MULADD(at[17], at[75]);    MULADD(at[18], at[74]);    MULADD(at[19], at[73]);    MULADD(at[20], at[72]);    MULADD(at[21], at[71]);    MULADD(at[22], at[70]);    MULADD(at[23], at[69]);    MULADD(at[24], at[68]);    MULADD(at[25], at[67]);    MULADD(at[26], at[66]);    MULADD(at[27], at[65]);    MULADD(at[28], at[64]);    MULADD(at[29], at[63]);    MULADD(at[30], at[62]);    MULADD(at[31], at[61]);    MULADD(at[32], at[60]);    MULADD(at[33], at[59]);    MULADD(at[34], at[58]);    MULADD(at[35], at[57]);    MULADD(at[36], at[56]);    MULADD(at[37], at[55]);    MULADD(at[38], at[54]);    MULADD(at[39], at[53]);    MULADD(at[40], at[52]);    MULADD(at[41], at[51]);    MULADD(at[42], at[50]);    MULADD(at[43], at[49]);    MULADD(at[44], at[48]); 
+   COMBA_STORE(C->dp[44]);
+   /* 45 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[93]);    MULADD(at[1], at[92]);    MULADD(at[2], at[91]);    MULADD(at[3], at[90]);    MULADD(at[4], at[89]);    MULADD(at[5], at[88]);    MULADD(at[6], at[87]);    MULADD(at[7], at[86]);    MULADD(at[8], at[85]);    MULADD(at[9], at[84]);    MULADD(at[10], at[83]);    MULADD(at[11], at[82]);    MULADD(at[12], at[81]);    MULADD(at[13], at[80]);    MULADD(at[14], at[79]);    MULADD(at[15], at[78]);    MULADD(at[16], at[77]);    MULADD(at[17], at[76]);    MULADD(at[18], at[75]);    MULADD(at[19], at[74]);    MULADD(at[20], at[73]);    MULADD(at[21], at[72]);    MULADD(at[22], at[71]);    MULADD(at[23], at[70]);    MULADD(at[24], at[69]);    MULADD(at[25], at[68]);    MULADD(at[26], at[67]);    MULADD(at[27], at[66]);    MULADD(at[28], at[65]);    MULADD(at[29], at[64]);    MULADD(at[30], at[63]);    MULADD(at[31], at[62]);    MULADD(at[32], at[61]);    MULADD(at[33], at[60]);    MULADD(at[34], at[59]);    MULADD(at[35], at[58]);    MULADD(at[36], at[57]);    MULADD(at[37], at[56]);    MULADD(at[38], at[55]);    MULADD(at[39], at[54]);    MULADD(at[40], at[53]);    MULADD(at[41], at[52]);    MULADD(at[42], at[51]);    MULADD(at[43], at[50]);    MULADD(at[44], at[49]);    MULADD(at[45], at[48]); 
+   COMBA_STORE(C->dp[45]);
+   /* 46 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[94]);    MULADD(at[1], at[93]);    MULADD(at[2], at[92]);    MULADD(at[3], at[91]);    MULADD(at[4], at[90]);    MULADD(at[5], at[89]);    MULADD(at[6], at[88]);    MULADD(at[7], at[87]);    MULADD(at[8], at[86]);    MULADD(at[9], at[85]);    MULADD(at[10], at[84]);    MULADD(at[11], at[83]);    MULADD(at[12], at[82]);    MULADD(at[13], at[81]);    MULADD(at[14], at[80]);    MULADD(at[15], at[79]);    MULADD(at[16], at[78]);    MULADD(at[17], at[77]);    MULADD(at[18], at[76]);    MULADD(at[19], at[75]);    MULADD(at[20], at[74]);    MULADD(at[21], at[73]);    MULADD(at[22], at[72]);    MULADD(at[23], at[71]);    MULADD(at[24], at[70]);    MULADD(at[25], at[69]);    MULADD(at[26], at[68]);    MULADD(at[27], at[67]);    MULADD(at[28], at[66]);    MULADD(at[29], at[65]);    MULADD(at[30], at[64]);    MULADD(at[31], at[63]);    MULADD(at[32], at[62]);    MULADD(at[33], at[61]);    MULADD(at[34], at[60]);    MULADD(at[35], at[59]);    MULADD(at[36], at[58]);    MULADD(at[37], at[57]);    MULADD(at[38], at[56]);    MULADD(at[39], at[55]);    MULADD(at[40], at[54]);    MULADD(at[41], at[53]);    MULADD(at[42], at[52]);    MULADD(at[43], at[51]);    MULADD(at[44], at[50]);    MULADD(at[45], at[49]);    MULADD(at[46], at[48]); 
+   COMBA_STORE(C->dp[46]);
+   /* 47 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[95]);    MULADD(at[1], at[94]);    MULADD(at[2], at[93]);    MULADD(at[3], at[92]);    MULADD(at[4], at[91]);    MULADD(at[5], at[90]);    MULADD(at[6], at[89]);    MULADD(at[7], at[88]);    MULADD(at[8], at[87]);    MULADD(at[9], at[86]);    MULADD(at[10], at[85]);    MULADD(at[11], at[84]);    MULADD(at[12], at[83]);    MULADD(at[13], at[82]);    MULADD(at[14], at[81]);    MULADD(at[15], at[80]);    MULADD(at[16], at[79]);    MULADD(at[17], at[78]);    MULADD(at[18], at[77]);    MULADD(at[19], at[76]);    MULADD(at[20], at[75]);    MULADD(at[21], at[74]);    MULADD(at[22], at[73]);    MULADD(at[23], at[72]);    MULADD(at[24], at[71]);    MULADD(at[25], at[70]);    MULADD(at[26], at[69]);    MULADD(at[27], at[68]);    MULADD(at[28], at[67]);    MULADD(at[29], at[66]);    MULADD(at[30], at[65]);    MULADD(at[31], at[64]);    MULADD(at[32], at[63]);    MULADD(at[33], at[62]);    MULADD(at[34], at[61]);    MULADD(at[35], at[60]);    MULADD(at[36], at[59]);    MULADD(at[37], at[58]);    MULADD(at[38], at[57]);    MULADD(at[39], at[56]);    MULADD(at[40], at[55]);    MULADD(at[41], at[54]);    MULADD(at[42], at[53]);    MULADD(at[43], at[52]);    MULADD(at[44], at[51]);    MULADD(at[45], at[50]);    MULADD(at[46], at[49]);    MULADD(at[47], at[48]); 
+   COMBA_STORE(C->dp[47]);
+   /* 48 */
+   COMBA_FORWARD;
+   MULADD(at[1], at[95]);    MULADD(at[2], at[94]);    MULADD(at[3], at[93]);    MULADD(at[4], at[92]);    MULADD(at[5], at[91]);    MULADD(at[6], at[90]);    MULADD(at[7], at[89]);    MULADD(at[8], at[88]);    MULADD(at[9], at[87]);    MULADD(at[10], at[86]);    MULADD(at[11], at[85]);    MULADD(at[12], at[84]);    MULADD(at[13], at[83]);    MULADD(at[14], at[82]);    MULADD(at[15], at[81]);    MULADD(at[16], at[80]);    MULADD(at[17], at[79]);    MULADD(at[18], at[78]);    MULADD(at[19], at[77]);    MULADD(at[20], at[76]);    MULADD(at[21], at[75]);    MULADD(at[22], at[74]);    MULADD(at[23], at[73]);    MULADD(at[24], at[72]);    MULADD(at[25], at[71]);    MULADD(at[26], at[70]);    MULADD(at[27], at[69]);    MULADD(at[28], at[68]);    MULADD(at[29], at[67]);    MULADD(at[30], at[66]);    MULADD(at[31], at[65]);    MULADD(at[32], at[64]);    MULADD(at[33], at[63]);    MULADD(at[34], at[62]);    MULADD(at[35], at[61]);    MULADD(at[36], at[60]);    MULADD(at[37], at[59]);    MULADD(at[38], at[58]);    MULADD(at[39], at[57]);    MULADD(at[40], at[56]);    MULADD(at[41], at[55]);    MULADD(at[42], at[54]);    MULADD(at[43], at[53]);    MULADD(at[44], at[52]);    MULADD(at[45], at[51]);    MULADD(at[46], at[50]);    MULADD(at[47], at[49]); 
+   COMBA_STORE(C->dp[48]);
+   /* 49 */
+   COMBA_FORWARD;
+   MULADD(at[2], at[95]);    MULADD(at[3], at[94]);    MULADD(at[4], at[93]);    MULADD(at[5], at[92]);    MULADD(at[6], at[91]);    MULADD(at[7], at[90]);    MULADD(at[8], at[89]);    MULADD(at[9], at[88]);    MULADD(at[10], at[87]);    MULADD(at[11], at[86]);    MULADD(at[12], at[85]);    MULADD(at[13], at[84]);    MULADD(at[14], at[83]);    MULADD(at[15], at[82]);    MULADD(at[16], at[81]);    MULADD(at[17], at[80]);    MULADD(at[18], at[79]);    MULADD(at[19], at[78]);    MULADD(at[20], at[77]);    MULADD(at[21], at[76]);    MULADD(at[22], at[75]);    MULADD(at[23], at[74]);    MULADD(at[24], at[73]);    MULADD(at[25], at[72]);    MULADD(at[26], at[71]);    MULADD(at[27], at[70]);    MULADD(at[28], at[69]);    MULADD(at[29], at[68]);    MULADD(at[30], at[67]);    MULADD(at[31], at[66]);    MULADD(at[32], at[65]);    MULADD(at[33], at[64]);    MULADD(at[34], at[63]);    MULADD(at[35], at[62]);    MULADD(at[36], at[61]);    MULADD(at[37], at[60]);    MULADD(at[38], at[59]);    MULADD(at[39], at[58]);    MULADD(at[40], at[57]);    MULADD(at[41], at[56]);    MULADD(at[42], at[55]);    MULADD(at[43], at[54]);    MULADD(at[44], at[53]);    MULADD(at[45], at[52]);    MULADD(at[46], at[51]);    MULADD(at[47], at[50]); 
+   COMBA_STORE(C->dp[49]);
+   /* 50 */
+   COMBA_FORWARD;
+   MULADD(at[3], at[95]);    MULADD(at[4], at[94]);    MULADD(at[5], at[93]);    MULADD(at[6], at[92]);    MULADD(at[7], at[91]);    MULADD(at[8], at[90]);    MULADD(at[9], at[89]);    MULADD(at[10], at[88]);    MULADD(at[11], at[87]);    MULADD(at[12], at[86]);    MULADD(at[13], at[85]);    MULADD(at[14], at[84]);    MULADD(at[15], at[83]);    MULADD(at[16], at[82]);    MULADD(at[17], at[81]);    MULADD(at[18], at[80]);    MULADD(at[19], at[79]);    MULADD(at[20], at[78]);    MULADD(at[21], at[77]);    MULADD(at[22], at[76]);    MULADD(at[23], at[75]);    MULADD(at[24], at[74]);    MULADD(at[25], at[73]);    MULADD(at[26], at[72]);    MULADD(at[27], at[71]);    MULADD(at[28], at[70]);    MULADD(at[29], at[69]);    MULADD(at[30], at[68]);    MULADD(at[31], at[67]);    MULADD(at[32], at[66]);    MULADD(at[33], at[65]);    MULADD(at[34], at[64]);    MULADD(at[35], at[63]);    MULADD(at[36], at[62]);    MULADD(at[37], at[61]);    MULADD(at[38], at[60]);    MULADD(at[39], at[59]);    MULADD(at[40], at[58]);    MULADD(at[41], at[57]);    MULADD(at[42], at[56]);    MULADD(at[43], at[55]);    MULADD(at[44], at[54]);    MULADD(at[45], at[53]);    MULADD(at[46], at[52]);    MULADD(at[47], at[51]); 
+   COMBA_STORE(C->dp[50]);
+   /* 51 */
+   COMBA_FORWARD;
+   MULADD(at[4], at[95]);    MULADD(at[5], at[94]);    MULADD(at[6], at[93]);    MULADD(at[7], at[92]);    MULADD(at[8], at[91]);    MULADD(at[9], at[90]);    MULADD(at[10], at[89]);    MULADD(at[11], at[88]);    MULADD(at[12], at[87]);    MULADD(at[13], at[86]);    MULADD(at[14], at[85]);    MULADD(at[15], at[84]);    MULADD(at[16], at[83]);    MULADD(at[17], at[82]);    MULADD(at[18], at[81]);    MULADD(at[19], at[80]);    MULADD(at[20], at[79]);    MULADD(at[21], at[78]);    MULADD(at[22], at[77]);    MULADD(at[23], at[76]);    MULADD(at[24], at[75]);    MULADD(at[25], at[74]);    MULADD(at[26], at[73]);    MULADD(at[27], at[72]);    MULADD(at[28], at[71]);    MULADD(at[29], at[70]);    MULADD(at[30], at[69]);    MULADD(at[31], at[68]);    MULADD(at[32], at[67]);    MULADD(at[33], at[66]);    MULADD(at[34], at[65]);    MULADD(at[35], at[64]);    MULADD(at[36], at[63]);    MULADD(at[37], at[62]);    MULADD(at[38], at[61]);    MULADD(at[39], at[60]);    MULADD(at[40], at[59]);    MULADD(at[41], at[58]);    MULADD(at[42], at[57]);    MULADD(at[43], at[56]);    MULADD(at[44], at[55]);    MULADD(at[45], at[54]);    MULADD(at[46], at[53]);    MULADD(at[47], at[52]); 
+   COMBA_STORE(C->dp[51]);
+   /* 52 */
+   COMBA_FORWARD;
+   MULADD(at[5], at[95]);    MULADD(at[6], at[94]);    MULADD(at[7], at[93]);    MULADD(at[8], at[92]);    MULADD(at[9], at[91]);    MULADD(at[10], at[90]);    MULADD(at[11], at[89]);    MULADD(at[12], at[88]);    MULADD(at[13], at[87]);    MULADD(at[14], at[86]);    MULADD(at[15], at[85]);    MULADD(at[16], at[84]);    MULADD(at[17], at[83]);    MULADD(at[18], at[82]);    MULADD(at[19], at[81]);    MULADD(at[20], at[80]);    MULADD(at[21], at[79]);    MULADD(at[22], at[78]);    MULADD(at[23], at[77]);    MULADD(at[24], at[76]);    MULADD(at[25], at[75]);    MULADD(at[26], at[74]);    MULADD(at[27], at[73]);    MULADD(at[28], at[72]);    MULADD(at[29], at[71]);    MULADD(at[30], at[70]);    MULADD(at[31], at[69]);    MULADD(at[32], at[68]);    MULADD(at[33], at[67]);    MULADD(at[34], at[66]);    MULADD(at[35], at[65]);    MULADD(at[36], at[64]);    MULADD(at[37], at[63]);    MULADD(at[38], at[62]);    MULADD(at[39], at[61]);    MULADD(at[40], at[60]);    MULADD(at[41], at[59]);    MULADD(at[42], at[58]);    MULADD(at[43], at[57]);    MULADD(at[44], at[56]);    MULADD(at[45], at[55]);    MULADD(at[46], at[54]);    MULADD(at[47], at[53]); 
+   COMBA_STORE(C->dp[52]);
+   /* 53 */
+   COMBA_FORWARD;
+   MULADD(at[6], at[95]);    MULADD(at[7], at[94]);    MULADD(at[8], at[93]);    MULADD(at[9], at[92]);    MULADD(at[10], at[91]);    MULADD(at[11], at[90]);    MULADD(at[12], at[89]);    MULADD(at[13], at[88]);    MULADD(at[14], at[87]);    MULADD(at[15], at[86]);    MULADD(at[16], at[85]);    MULADD(at[17], at[84]);    MULADD(at[18], at[83]);    MULADD(at[19], at[82]);    MULADD(at[20], at[81]);    MULADD(at[21], at[80]);    MULADD(at[22], at[79]);    MULADD(at[23], at[78]);    MULADD(at[24], at[77]);    MULADD(at[25], at[76]);    MULADD(at[26], at[75]);    MULADD(at[27], at[74]);    MULADD(at[28], at[73]);    MULADD(at[29], at[72]);    MULADD(at[30], at[71]);    MULADD(at[31], at[70]);    MULADD(at[32], at[69]);    MULADD(at[33], at[68]);    MULADD(at[34], at[67]);    MULADD(at[35], at[66]);    MULADD(at[36], at[65]);    MULADD(at[37], at[64]);    MULADD(at[38], at[63]);    MULADD(at[39], at[62]);    MULADD(at[40], at[61]);    MULADD(at[41], at[60]);    MULADD(at[42], at[59]);    MULADD(at[43], at[58]);    MULADD(at[44], at[57]);    MULADD(at[45], at[56]);    MULADD(at[46], at[55]);    MULADD(at[47], at[54]); 
+   COMBA_STORE(C->dp[53]);
+   /* 54 */
+   COMBA_FORWARD;
+   MULADD(at[7], at[95]);    MULADD(at[8], at[94]);    MULADD(at[9], at[93]);    MULADD(at[10], at[92]);    MULADD(at[11], at[91]);    MULADD(at[12], at[90]);    MULADD(at[13], at[89]);    MULADD(at[14], at[88]);    MULADD(at[15], at[87]);    MULADD(at[16], at[86]);    MULADD(at[17], at[85]);    MULADD(at[18], at[84]);    MULADD(at[19], at[83]);    MULADD(at[20], at[82]);    MULADD(at[21], at[81]);    MULADD(at[22], at[80]);    MULADD(at[23], at[79]);    MULADD(at[24], at[78]);    MULADD(at[25], at[77]);    MULADD(at[26], at[76]);    MULADD(at[27], at[75]);    MULADD(at[28], at[74]);    MULADD(at[29], at[73]);    MULADD(at[30], at[72]);    MULADD(at[31], at[71]);    MULADD(at[32], at[70]);    MULADD(at[33], at[69]);    MULADD(at[34], at[68]);    MULADD(at[35], at[67]);    MULADD(at[36], at[66]);    MULADD(at[37], at[65]);    MULADD(at[38], at[64]);    MULADD(at[39], at[63]);    MULADD(at[40], at[62]);    MULADD(at[41], at[61]);    MULADD(at[42], at[60]);    MULADD(at[43], at[59]);    MULADD(at[44], at[58]);    MULADD(at[45], at[57]);    MULADD(at[46], at[56]);    MULADD(at[47], at[55]); 
+   COMBA_STORE(C->dp[54]);
+   /* 55 */
+   COMBA_FORWARD;
+   MULADD(at[8], at[95]);    MULADD(at[9], at[94]);    MULADD(at[10], at[93]);    MULADD(at[11], at[92]);    MULADD(at[12], at[91]);    MULADD(at[13], at[90]);    MULADD(at[14], at[89]);    MULADD(at[15], at[88]);    MULADD(at[16], at[87]);    MULADD(at[17], at[86]);    MULADD(at[18], at[85]);    MULADD(at[19], at[84]);    MULADD(at[20], at[83]);    MULADD(at[21], at[82]);    MULADD(at[22], at[81]);    MULADD(at[23], at[80]);    MULADD(at[24], at[79]);    MULADD(at[25], at[78]);    MULADD(at[26], at[77]);    MULADD(at[27], at[76]);    MULADD(at[28], at[75]);    MULADD(at[29], at[74]);    MULADD(at[30], at[73]);    MULADD(at[31], at[72]);    MULADD(at[32], at[71]);    MULADD(at[33], at[70]);    MULADD(at[34], at[69]);    MULADD(at[35], at[68]);    MULADD(at[36], at[67]);    MULADD(at[37], at[66]);    MULADD(at[38], at[65]);    MULADD(at[39], at[64]);    MULADD(at[40], at[63]);    MULADD(at[41], at[62]);    MULADD(at[42], at[61]);    MULADD(at[43], at[60]);    MULADD(at[44], at[59]);    MULADD(at[45], at[58]);    MULADD(at[46], at[57]);    MULADD(at[47], at[56]); 
+   COMBA_STORE(C->dp[55]);
+   /* 56 */
+   COMBA_FORWARD;
+   MULADD(at[9], at[95]);    MULADD(at[10], at[94]);    MULADD(at[11], at[93]);    MULADD(at[12], at[92]);    MULADD(at[13], at[91]);    MULADD(at[14], at[90]);    MULADD(at[15], at[89]);    MULADD(at[16], at[88]);    MULADD(at[17], at[87]);    MULADD(at[18], at[86]);    MULADD(at[19], at[85]);    MULADD(at[20], at[84]);    MULADD(at[21], at[83]);    MULADD(at[22], at[82]);    MULADD(at[23], at[81]);    MULADD(at[24], at[80]);    MULADD(at[25], at[79]);    MULADD(at[26], at[78]);    MULADD(at[27], at[77]);    MULADD(at[28], at[76]);    MULADD(at[29], at[75]);    MULADD(at[30], at[74]);    MULADD(at[31], at[73]);    MULADD(at[32], at[72]);    MULADD(at[33], at[71]);    MULADD(at[34], at[70]);    MULADD(at[35], at[69]);    MULADD(at[36], at[68]);    MULADD(at[37], at[67]);    MULADD(at[38], at[66]);    MULADD(at[39], at[65]);    MULADD(at[40], at[64]);    MULADD(at[41], at[63]);    MULADD(at[42], at[62]);    MULADD(at[43], at[61]);    MULADD(at[44], at[60]);    MULADD(at[45], at[59]);    MULADD(at[46], at[58]);    MULADD(at[47], at[57]); 
+   COMBA_STORE(C->dp[56]);
+   /* 57 */
+   COMBA_FORWARD;
+   MULADD(at[10], at[95]);    MULADD(at[11], at[94]);    MULADD(at[12], at[93]);    MULADD(at[13], at[92]);    MULADD(at[14], at[91]);    MULADD(at[15], at[90]);    MULADD(at[16], at[89]);    MULADD(at[17], at[88]);    MULADD(at[18], at[87]);    MULADD(at[19], at[86]);    MULADD(at[20], at[85]);    MULADD(at[21], at[84]);    MULADD(at[22], at[83]);    MULADD(at[23], at[82]);    MULADD(at[24], at[81]);    MULADD(at[25], at[80]);    MULADD(at[26], at[79]);    MULADD(at[27], at[78]);    MULADD(at[28], at[77]);    MULADD(at[29], at[76]);    MULADD(at[30], at[75]);    MULADD(at[31], at[74]);    MULADD(at[32], at[73]);    MULADD(at[33], at[72]);    MULADD(at[34], at[71]);    MULADD(at[35], at[70]);    MULADD(at[36], at[69]);    MULADD(at[37], at[68]);    MULADD(at[38], at[67]);    MULADD(at[39], at[66]);    MULADD(at[40], at[65]);    MULADD(at[41], at[64]);    MULADD(at[42], at[63]);    MULADD(at[43], at[62]);    MULADD(at[44], at[61]);    MULADD(at[45], at[60]);    MULADD(at[46], at[59]);    MULADD(at[47], at[58]); 
+   COMBA_STORE(C->dp[57]);
+   /* 58 */
+   COMBA_FORWARD;
+   MULADD(at[11], at[95]);    MULADD(at[12], at[94]);    MULADD(at[13], at[93]);    MULADD(at[14], at[92]);    MULADD(at[15], at[91]);    MULADD(at[16], at[90]);    MULADD(at[17], at[89]);    MULADD(at[18], at[88]);    MULADD(at[19], at[87]);    MULADD(at[20], at[86]);    MULADD(at[21], at[85]);    MULADD(at[22], at[84]);    MULADD(at[23], at[83]);    MULADD(at[24], at[82]);    MULADD(at[25], at[81]);    MULADD(at[26], at[80]);    MULADD(at[27], at[79]);    MULADD(at[28], at[78]);    MULADD(at[29], at[77]);    MULADD(at[30], at[76]);    MULADD(at[31], at[75]);    MULADD(at[32], at[74]);    MULADD(at[33], at[73]);    MULADD(at[34], at[72]);    MULADD(at[35], at[71]);    MULADD(at[36], at[70]);    MULADD(at[37], at[69]);    MULADD(at[38], at[68]);    MULADD(at[39], at[67]);    MULADD(at[40], at[66]);    MULADD(at[41], at[65]);    MULADD(at[42], at[64]);    MULADD(at[43], at[63]);    MULADD(at[44], at[62]);    MULADD(at[45], at[61]);    MULADD(at[46], at[60]);    MULADD(at[47], at[59]); 
+   COMBA_STORE(C->dp[58]);
+   /* 59 */
+   COMBA_FORWARD;
+   MULADD(at[12], at[95]);    MULADD(at[13], at[94]);    MULADD(at[14], at[93]);    MULADD(at[15], at[92]);    MULADD(at[16], at[91]);    MULADD(at[17], at[90]);    MULADD(at[18], at[89]);    MULADD(at[19], at[88]);    MULADD(at[20], at[87]);    MULADD(at[21], at[86]);    MULADD(at[22], at[85]);    MULADD(at[23], at[84]);    MULADD(at[24], at[83]);    MULADD(at[25], at[82]);    MULADD(at[26], at[81]);    MULADD(at[27], at[80]);    MULADD(at[28], at[79]);    MULADD(at[29], at[78]);    MULADD(at[30], at[77]);    MULADD(at[31], at[76]);    MULADD(at[32], at[75]);    MULADD(at[33], at[74]);    MULADD(at[34], at[73]);    MULADD(at[35], at[72]);    MULADD(at[36], at[71]);    MULADD(at[37], at[70]);    MULADD(at[38], at[69]);    MULADD(at[39], at[68]);    MULADD(at[40], at[67]);    MULADD(at[41], at[66]);    MULADD(at[42], at[65]);    MULADD(at[43], at[64]);    MULADD(at[44], at[63]);    MULADD(at[45], at[62]);    MULADD(at[46], at[61]);    MULADD(at[47], at[60]); 
+   COMBA_STORE(C->dp[59]);
+   /* 60 */
+   COMBA_FORWARD;
+   MULADD(at[13], at[95]);    MULADD(at[14], at[94]);    MULADD(at[15], at[93]);    MULADD(at[16], at[92]);    MULADD(at[17], at[91]);    MULADD(at[18], at[90]);    MULADD(at[19], at[89]);    MULADD(at[20], at[88]);    MULADD(at[21], at[87]);    MULADD(at[22], at[86]);    MULADD(at[23], at[85]);    MULADD(at[24], at[84]);    MULADD(at[25], at[83]);    MULADD(at[26], at[82]);    MULADD(at[27], at[81]);    MULADD(at[28], at[80]);    MULADD(at[29], at[79]);    MULADD(at[30], at[78]);    MULADD(at[31], at[77]);    MULADD(at[32], at[76]);    MULADD(at[33], at[75]);    MULADD(at[34], at[74]);    MULADD(at[35], at[73]);    MULADD(at[36], at[72]);    MULADD(at[37], at[71]);    MULADD(at[38], at[70]);    MULADD(at[39], at[69]);    MULADD(at[40], at[68]);    MULADD(at[41], at[67]);    MULADD(at[42], at[66]);    MULADD(at[43], at[65]);    MULADD(at[44], at[64]);    MULADD(at[45], at[63]);    MULADD(at[46], at[62]);    MULADD(at[47], at[61]); 
+   COMBA_STORE(C->dp[60]);
+   /* 61 */
+   COMBA_FORWARD;
+   MULADD(at[14], at[95]);    MULADD(at[15], at[94]);    MULADD(at[16], at[93]);    MULADD(at[17], at[92]);    MULADD(at[18], at[91]);    MULADD(at[19], at[90]);    MULADD(at[20], at[89]);    MULADD(at[21], at[88]);    MULADD(at[22], at[87]);    MULADD(at[23], at[86]);    MULADD(at[24], at[85]);    MULADD(at[25], at[84]);    MULADD(at[26], at[83]);    MULADD(at[27], at[82]);    MULADD(at[28], at[81]);    MULADD(at[29], at[80]);    MULADD(at[30], at[79]);    MULADD(at[31], at[78]);    MULADD(at[32], at[77]);    MULADD(at[33], at[76]);    MULADD(at[34], at[75]);    MULADD(at[35], at[74]);    MULADD(at[36], at[73]);    MULADD(at[37], at[72]);    MULADD(at[38], at[71]);    MULADD(at[39], at[70]);    MULADD(at[40], at[69]);    MULADD(at[41], at[68]);    MULADD(at[42], at[67]);    MULADD(at[43], at[66]);    MULADD(at[44], at[65]);    MULADD(at[45], at[64]);    MULADD(at[46], at[63]);    MULADD(at[47], at[62]); 
+   COMBA_STORE(C->dp[61]);
+   /* 62 */
+   COMBA_FORWARD;
+   MULADD(at[15], at[95]);    MULADD(at[16], at[94]);    MULADD(at[17], at[93]);    MULADD(at[18], at[92]);    MULADD(at[19], at[91]);    MULADD(at[20], at[90]);    MULADD(at[21], at[89]);    MULADD(at[22], at[88]);    MULADD(at[23], at[87]);    MULADD(at[24], at[86]);    MULADD(at[25], at[85]);    MULADD(at[26], at[84]);    MULADD(at[27], at[83]);    MULADD(at[28], at[82]);    MULADD(at[29], at[81]);    MULADD(at[30], at[80]);    MULADD(at[31], at[79]);    MULADD(at[32], at[78]);    MULADD(at[33], at[77]);    MULADD(at[34], at[76]);    MULADD(at[35], at[75]);    MULADD(at[36], at[74]);    MULADD(at[37], at[73]);    MULADD(at[38], at[72]);    MULADD(at[39], at[71]);    MULADD(at[40], at[70]);    MULADD(at[41], at[69]);    MULADD(at[42], at[68]);    MULADD(at[43], at[67]);    MULADD(at[44], at[66]);    MULADD(at[45], at[65]);    MULADD(at[46], at[64]);    MULADD(at[47], at[63]); 
+   COMBA_STORE(C->dp[62]);
+   /* 63 */
+   COMBA_FORWARD;
+   MULADD(at[16], at[95]);    MULADD(at[17], at[94]);    MULADD(at[18], at[93]);    MULADD(at[19], at[92]);    MULADD(at[20], at[91]);    MULADD(at[21], at[90]);    MULADD(at[22], at[89]);    MULADD(at[23], at[88]);    MULADD(at[24], at[87]);    MULADD(at[25], at[86]);    MULADD(at[26], at[85]);    MULADD(at[27], at[84]);    MULADD(at[28], at[83]);    MULADD(at[29], at[82]);    MULADD(at[30], at[81]);    MULADD(at[31], at[80]);    MULADD(at[32], at[79]);    MULADD(at[33], at[78]);    MULADD(at[34], at[77]);    MULADD(at[35], at[76]);    MULADD(at[36], at[75]);    MULADD(at[37], at[74]);    MULADD(at[38], at[73]);    MULADD(at[39], at[72]);    MULADD(at[40], at[71]);    MULADD(at[41], at[70]);    MULADD(at[42], at[69]);    MULADD(at[43], at[68]);    MULADD(at[44], at[67]);    MULADD(at[45], at[66]);    MULADD(at[46], at[65]);    MULADD(at[47], at[64]); 
+   COMBA_STORE(C->dp[63]);
+   /* 64 */
+   COMBA_FORWARD;
+   MULADD(at[17], at[95]);    MULADD(at[18], at[94]);    MULADD(at[19], at[93]);    MULADD(at[20], at[92]);    MULADD(at[21], at[91]);    MULADD(at[22], at[90]);    MULADD(at[23], at[89]);    MULADD(at[24], at[88]);    MULADD(at[25], at[87]);    MULADD(at[26], at[86]);    MULADD(at[27], at[85]);    MULADD(at[28], at[84]);    MULADD(at[29], at[83]);    MULADD(at[30], at[82]);    MULADD(at[31], at[81]);    MULADD(at[32], at[80]);    MULADD(at[33], at[79]);    MULADD(at[34], at[78]);    MULADD(at[35], at[77]);    MULADD(at[36], at[76]);    MULADD(at[37], at[75]);    MULADD(at[38], at[74]);    MULADD(at[39], at[73]);    MULADD(at[40], at[72]);    MULADD(at[41], at[71]);    MULADD(at[42], at[70]);    MULADD(at[43], at[69]);    MULADD(at[44], at[68]);    MULADD(at[45], at[67]);    MULADD(at[46], at[66]);    MULADD(at[47], at[65]); 
+   COMBA_STORE(C->dp[64]);
+   /* 65 */
+   COMBA_FORWARD;
+   MULADD(at[18], at[95]);    MULADD(at[19], at[94]);    MULADD(at[20], at[93]);    MULADD(at[21], at[92]);    MULADD(at[22], at[91]);    MULADD(at[23], at[90]);    MULADD(at[24], at[89]);    MULADD(at[25], at[88]);    MULADD(at[26], at[87]);    MULADD(at[27], at[86]);    MULADD(at[28], at[85]);    MULADD(at[29], at[84]);    MULADD(at[30], at[83]);    MULADD(at[31], at[82]);    MULADD(at[32], at[81]);    MULADD(at[33], at[80]);    MULADD(at[34], at[79]);    MULADD(at[35], at[78]);    MULADD(at[36], at[77]);    MULADD(at[37], at[76]);    MULADD(at[38], at[75]);    MULADD(at[39], at[74]);    MULADD(at[40], at[73]);    MULADD(at[41], at[72]);    MULADD(at[42], at[71]);    MULADD(at[43], at[70]);    MULADD(at[44], at[69]);    MULADD(at[45], at[68]);    MULADD(at[46], at[67]);    MULADD(at[47], at[66]); 
+   COMBA_STORE(C->dp[65]);
+   /* 66 */
+   COMBA_FORWARD;
+   MULADD(at[19], at[95]);    MULADD(at[20], at[94]);    MULADD(at[21], at[93]);    MULADD(at[22], at[92]);    MULADD(at[23], at[91]);    MULADD(at[24], at[90]);    MULADD(at[25], at[89]);    MULADD(at[26], at[88]);    MULADD(at[27], at[87]);    MULADD(at[28], at[86]);    MULADD(at[29], at[85]);    MULADD(at[30], at[84]);    MULADD(at[31], at[83]);    MULADD(at[32], at[82]);    MULADD(at[33], at[81]);    MULADD(at[34], at[80]);    MULADD(at[35], at[79]);    MULADD(at[36], at[78]);    MULADD(at[37], at[77]);    MULADD(at[38], at[76]);    MULADD(at[39], at[75]);    MULADD(at[40], at[74]);    MULADD(at[41], at[73]);    MULADD(at[42], at[72]);    MULADD(at[43], at[71]);    MULADD(at[44], at[70]);    MULADD(at[45], at[69]);    MULADD(at[46], at[68]);    MULADD(at[47], at[67]); 
+   COMBA_STORE(C->dp[66]);
+   /* 67 */
+   COMBA_FORWARD;
+   MULADD(at[20], at[95]);    MULADD(at[21], at[94]);    MULADD(at[22], at[93]);    MULADD(at[23], at[92]);    MULADD(at[24], at[91]);    MULADD(at[25], at[90]);    MULADD(at[26], at[89]);    MULADD(at[27], at[88]);    MULADD(at[28], at[87]);    MULADD(at[29], at[86]);    MULADD(at[30], at[85]);    MULADD(at[31], at[84]);    MULADD(at[32], at[83]);    MULADD(at[33], at[82]);    MULADD(at[34], at[81]);    MULADD(at[35], at[80]);    MULADD(at[36], at[79]);    MULADD(at[37], at[78]);    MULADD(at[38], at[77]);    MULADD(at[39], at[76]);    MULADD(at[40], at[75]);    MULADD(at[41], at[74]);    MULADD(at[42], at[73]);    MULADD(at[43], at[72]);    MULADD(at[44], at[71]);    MULADD(at[45], at[70]);    MULADD(at[46], at[69]);    MULADD(at[47], at[68]); 
+   COMBA_STORE(C->dp[67]);
+   /* 68 */
+   COMBA_FORWARD;
+   MULADD(at[21], at[95]);    MULADD(at[22], at[94]);    MULADD(at[23], at[93]);    MULADD(at[24], at[92]);    MULADD(at[25], at[91]);    MULADD(at[26], at[90]);    MULADD(at[27], at[89]);    MULADD(at[28], at[88]);    MULADD(at[29], at[87]);    MULADD(at[30], at[86]);    MULADD(at[31], at[85]);    MULADD(at[32], at[84]);    MULADD(at[33], at[83]);    MULADD(at[34], at[82]);    MULADD(at[35], at[81]);    MULADD(at[36], at[80]);    MULADD(at[37], at[79]);    MULADD(at[38], at[78]);    MULADD(at[39], at[77]);    MULADD(at[40], at[76]);    MULADD(at[41], at[75]);    MULADD(at[42], at[74]);    MULADD(at[43], at[73]);    MULADD(at[44], at[72]);    MULADD(at[45], at[71]);    MULADD(at[46], at[70]);    MULADD(at[47], at[69]); 
+   COMBA_STORE(C->dp[68]);
+   /* 69 */
+   COMBA_FORWARD;
+   MULADD(at[22], at[95]);    MULADD(at[23], at[94]);    MULADD(at[24], at[93]);    MULADD(at[25], at[92]);    MULADD(at[26], at[91]);    MULADD(at[27], at[90]);    MULADD(at[28], at[89]);    MULADD(at[29], at[88]);    MULADD(at[30], at[87]);    MULADD(at[31], at[86]);    MULADD(at[32], at[85]);    MULADD(at[33], at[84]);    MULADD(at[34], at[83]);    MULADD(at[35], at[82]);    MULADD(at[36], at[81]);    MULADD(at[37], at[80]);    MULADD(at[38], at[79]);    MULADD(at[39], at[78]);    MULADD(at[40], at[77]);    MULADD(at[41], at[76]);    MULADD(at[42], at[75]);    MULADD(at[43], at[74]);    MULADD(at[44], at[73]);    MULADD(at[45], at[72]);    MULADD(at[46], at[71]);    MULADD(at[47], at[70]); 
+   COMBA_STORE(C->dp[69]);
+   /* 70 */
+   COMBA_FORWARD;
+   MULADD(at[23], at[95]);    MULADD(at[24], at[94]);    MULADD(at[25], at[93]);    MULADD(at[26], at[92]);    MULADD(at[27], at[91]);    MULADD(at[28], at[90]);    MULADD(at[29], at[89]);    MULADD(at[30], at[88]);    MULADD(at[31], at[87]);    MULADD(at[32], at[86]);    MULADD(at[33], at[85]);    MULADD(at[34], at[84]);    MULADD(at[35], at[83]);    MULADD(at[36], at[82]);    MULADD(at[37], at[81]);    MULADD(at[38], at[80]);    MULADD(at[39], at[79]);    MULADD(at[40], at[78]);    MULADD(at[41], at[77]);    MULADD(at[42], at[76]);    MULADD(at[43], at[75]);    MULADD(at[44], at[74]);    MULADD(at[45], at[73]);    MULADD(at[46], at[72]);    MULADD(at[47], at[71]); 
+   COMBA_STORE(C->dp[70]);
+   /* 71 */
+   COMBA_FORWARD;
+   MULADD(at[24], at[95]);    MULADD(at[25], at[94]);    MULADD(at[26], at[93]);    MULADD(at[27], at[92]);    MULADD(at[28], at[91]);    MULADD(at[29], at[90]);    MULADD(at[30], at[89]);    MULADD(at[31], at[88]);    MULADD(at[32], at[87]);    MULADD(at[33], at[86]);    MULADD(at[34], at[85]);    MULADD(at[35], at[84]);    MULADD(at[36], at[83]);    MULADD(at[37], at[82]);    MULADD(at[38], at[81]);    MULADD(at[39], at[80]);    MULADD(at[40], at[79]);    MULADD(at[41], at[78]);    MULADD(at[42], at[77]);    MULADD(at[43], at[76]);    MULADD(at[44], at[75]);    MULADD(at[45], at[74]);    MULADD(at[46], at[73]);    MULADD(at[47], at[72]); 
+   COMBA_STORE(C->dp[71]);
+   /* 72 */
+   COMBA_FORWARD;
+   MULADD(at[25], at[95]);    MULADD(at[26], at[94]);    MULADD(at[27], at[93]);    MULADD(at[28], at[92]);    MULADD(at[29], at[91]);    MULADD(at[30], at[90]);    MULADD(at[31], at[89]);    MULADD(at[32], at[88]);    MULADD(at[33], at[87]);    MULADD(at[34], at[86]);    MULADD(at[35], at[85]);    MULADD(at[36], at[84]);    MULADD(at[37], at[83]);    MULADD(at[38], at[82]);    MULADD(at[39], at[81]);    MULADD(at[40], at[80]);    MULADD(at[41], at[79]);    MULADD(at[42], at[78]);    MULADD(at[43], at[77]);    MULADD(at[44], at[76]);    MULADD(at[45], at[75]);    MULADD(at[46], at[74]);    MULADD(at[47], at[73]); 
+   COMBA_STORE(C->dp[72]);
+   /* 73 */
+   COMBA_FORWARD;
+   MULADD(at[26], at[95]);    MULADD(at[27], at[94]);    MULADD(at[28], at[93]);    MULADD(at[29], at[92]);    MULADD(at[30], at[91]);    MULADD(at[31], at[90]);    MULADD(at[32], at[89]);    MULADD(at[33], at[88]);    MULADD(at[34], at[87]);    MULADD(at[35], at[86]);    MULADD(at[36], at[85]);    MULADD(at[37], at[84]);    MULADD(at[38], at[83]);    MULADD(at[39], at[82]);    MULADD(at[40], at[81]);    MULADD(at[41], at[80]);    MULADD(at[42], at[79]);    MULADD(at[43], at[78]);    MULADD(at[44], at[77]);    MULADD(at[45], at[76]);    MULADD(at[46], at[75]);    MULADD(at[47], at[74]); 
+   COMBA_STORE(C->dp[73]);
+   /* 74 */
+   COMBA_FORWARD;
+   MULADD(at[27], at[95]);    MULADD(at[28], at[94]);    MULADD(at[29], at[93]);    MULADD(at[30], at[92]);    MULADD(at[31], at[91]);    MULADD(at[32], at[90]);    MULADD(at[33], at[89]);    MULADD(at[34], at[88]);    MULADD(at[35], at[87]);    MULADD(at[36], at[86]);    MULADD(at[37], at[85]);    MULADD(at[38], at[84]);    MULADD(at[39], at[83]);    MULADD(at[40], at[82]);    MULADD(at[41], at[81]);    MULADD(at[42], at[80]);    MULADD(at[43], at[79]);    MULADD(at[44], at[78]);    MULADD(at[45], at[77]);    MULADD(at[46], at[76]);    MULADD(at[47], at[75]); 
+   COMBA_STORE(C->dp[74]);
+   /* 75 */
+   COMBA_FORWARD;
+   MULADD(at[28], at[95]);    MULADD(at[29], at[94]);    MULADD(at[30], at[93]);    MULADD(at[31], at[92]);    MULADD(at[32], at[91]);    MULADD(at[33], at[90]);    MULADD(at[34], at[89]);    MULADD(at[35], at[88]);    MULADD(at[36], at[87]);    MULADD(at[37], at[86]);    MULADD(at[38], at[85]);    MULADD(at[39], at[84]);    MULADD(at[40], at[83]);    MULADD(at[41], at[82]);    MULADD(at[42], at[81]);    MULADD(at[43], at[80]);    MULADD(at[44], at[79]);    MULADD(at[45], at[78]);    MULADD(at[46], at[77]);    MULADD(at[47], at[76]); 
+   COMBA_STORE(C->dp[75]);
+   /* 76 */
+   COMBA_FORWARD;
+   MULADD(at[29], at[95]);    MULADD(at[30], at[94]);    MULADD(at[31], at[93]);    MULADD(at[32], at[92]);    MULADD(at[33], at[91]);    MULADD(at[34], at[90]);    MULADD(at[35], at[89]);    MULADD(at[36], at[88]);    MULADD(at[37], at[87]);    MULADD(at[38], at[86]);    MULADD(at[39], at[85]);    MULADD(at[40], at[84]);    MULADD(at[41], at[83]);    MULADD(at[42], at[82]);    MULADD(at[43], at[81]);    MULADD(at[44], at[80]);    MULADD(at[45], at[79]);    MULADD(at[46], at[78]);    MULADD(at[47], at[77]); 
+   COMBA_STORE(C->dp[76]);
+   /* 77 */
+   COMBA_FORWARD;
+   MULADD(at[30], at[95]);    MULADD(at[31], at[94]);    MULADD(at[32], at[93]);    MULADD(at[33], at[92]);    MULADD(at[34], at[91]);    MULADD(at[35], at[90]);    MULADD(at[36], at[89]);    MULADD(at[37], at[88]);    MULADD(at[38], at[87]);    MULADD(at[39], at[86]);    MULADD(at[40], at[85]);    MULADD(at[41], at[84]);    MULADD(at[42], at[83]);    MULADD(at[43], at[82]);    MULADD(at[44], at[81]);    MULADD(at[45], at[80]);    MULADD(at[46], at[79]);    MULADD(at[47], at[78]); 
+   COMBA_STORE(C->dp[77]);
+   /* 78 */
+   COMBA_FORWARD;
+   MULADD(at[31], at[95]);    MULADD(at[32], at[94]);    MULADD(at[33], at[93]);    MULADD(at[34], at[92]);    MULADD(at[35], at[91]);    MULADD(at[36], at[90]);    MULADD(at[37], at[89]);    MULADD(at[38], at[88]);    MULADD(at[39], at[87]);    MULADD(at[40], at[86]);    MULADD(at[41], at[85]);    MULADD(at[42], at[84]);    MULADD(at[43], at[83]);    MULADD(at[44], at[82]);    MULADD(at[45], at[81]);    MULADD(at[46], at[80]);    MULADD(at[47], at[79]); 
+   COMBA_STORE(C->dp[78]);
+   /* 79 */
+   COMBA_FORWARD;
+   MULADD(at[32], at[95]);    MULADD(at[33], at[94]);    MULADD(at[34], at[93]);    MULADD(at[35], at[92]);    MULADD(at[36], at[91]);    MULADD(at[37], at[90]);    MULADD(at[38], at[89]);    MULADD(at[39], at[88]);    MULADD(at[40], at[87]);    MULADD(at[41], at[86]);    MULADD(at[42], at[85]);    MULADD(at[43], at[84]);    MULADD(at[44], at[83]);    MULADD(at[45], at[82]);    MULADD(at[46], at[81]);    MULADD(at[47], at[80]); 
+   COMBA_STORE(C->dp[79]);
+   /* 80 */
+   COMBA_FORWARD;
+   MULADD(at[33], at[95]);    MULADD(at[34], at[94]);    MULADD(at[35], at[93]);    MULADD(at[36], at[92]);    MULADD(at[37], at[91]);    MULADD(at[38], at[90]);    MULADD(at[39], at[89]);    MULADD(at[40], at[88]);    MULADD(at[41], at[87]);    MULADD(at[42], at[86]);    MULADD(at[43], at[85]);    MULADD(at[44], at[84]);    MULADD(at[45], at[83]);    MULADD(at[46], at[82]);    MULADD(at[47], at[81]); 
+   COMBA_STORE(C->dp[80]);
+   /* 81 */
+   COMBA_FORWARD;
+   MULADD(at[34], at[95]);    MULADD(at[35], at[94]);    MULADD(at[36], at[93]);    MULADD(at[37], at[92]);    MULADD(at[38], at[91]);    MULADD(at[39], at[90]);    MULADD(at[40], at[89]);    MULADD(at[41], at[88]);    MULADD(at[42], at[87]);    MULADD(at[43], at[86]);    MULADD(at[44], at[85]);    MULADD(at[45], at[84]);    MULADD(at[46], at[83]);    MULADD(at[47], at[82]); 
+   COMBA_STORE(C->dp[81]);
+   /* 82 */
+   COMBA_FORWARD;
+   MULADD(at[35], at[95]);    MULADD(at[36], at[94]);    MULADD(at[37], at[93]);    MULADD(at[38], at[92]);    MULADD(at[39], at[91]);    MULADD(at[40], at[90]);    MULADD(at[41], at[89]);    MULADD(at[42], at[88]);    MULADD(at[43], at[87]);    MULADD(at[44], at[86]);    MULADD(at[45], at[85]);    MULADD(at[46], at[84]);    MULADD(at[47], at[83]); 
+   COMBA_STORE(C->dp[82]);
+   /* 83 */
+   COMBA_FORWARD;
+   MULADD(at[36], at[95]);    MULADD(at[37], at[94]);    MULADD(at[38], at[93]);    MULADD(at[39], at[92]);    MULADD(at[40], at[91]);    MULADD(at[41], at[90]);    MULADD(at[42], at[89]);    MULADD(at[43], at[88]);    MULADD(at[44], at[87]);    MULADD(at[45], at[86]);    MULADD(at[46], at[85]);    MULADD(at[47], at[84]); 
+   COMBA_STORE(C->dp[83]);
+   /* 84 */
+   COMBA_FORWARD;
+   MULADD(at[37], at[95]);    MULADD(at[38], at[94]);    MULADD(at[39], at[93]);    MULADD(at[40], at[92]);    MULADD(at[41], at[91]);    MULADD(at[42], at[90]);    MULADD(at[43], at[89]);    MULADD(at[44], at[88]);    MULADD(at[45], at[87]);    MULADD(at[46], at[86]);    MULADD(at[47], at[85]); 
+   COMBA_STORE(C->dp[84]);
+   /* 85 */
+   COMBA_FORWARD;
+   MULADD(at[38], at[95]);    MULADD(at[39], at[94]);    MULADD(at[40], at[93]);    MULADD(at[41], at[92]);    MULADD(at[42], at[91]);    MULADD(at[43], at[90]);    MULADD(at[44], at[89]);    MULADD(at[45], at[88]);    MULADD(at[46], at[87]);    MULADD(at[47], at[86]); 
+   COMBA_STORE(C->dp[85]);
+   /* 86 */
+   COMBA_FORWARD;
+   MULADD(at[39], at[95]);    MULADD(at[40], at[94]);    MULADD(at[41], at[93]);    MULADD(at[42], at[92]);    MULADD(at[43], at[91]);    MULADD(at[44], at[90]);    MULADD(at[45], at[89]);    MULADD(at[46], at[88]);    MULADD(at[47], at[87]); 
+   COMBA_STORE(C->dp[86]);
+   /* 87 */
+   COMBA_FORWARD;
+   MULADD(at[40], at[95]);    MULADD(at[41], at[94]);    MULADD(at[42], at[93]);    MULADD(at[43], at[92]);    MULADD(at[44], at[91]);    MULADD(at[45], at[90]);    MULADD(at[46], at[89]);    MULADD(at[47], at[88]); 
+   COMBA_STORE(C->dp[87]);
+   /* 88 */
+   COMBA_FORWARD;
+   MULADD(at[41], at[95]);    MULADD(at[42], at[94]);    MULADD(at[43], at[93]);    MULADD(at[44], at[92]);    MULADD(at[45], at[91]);    MULADD(at[46], at[90]);    MULADD(at[47], at[89]); 
+   COMBA_STORE(C->dp[88]);
+   /* 89 */
+   COMBA_FORWARD;
+   MULADD(at[42], at[95]);    MULADD(at[43], at[94]);    MULADD(at[44], at[93]);    MULADD(at[45], at[92]);    MULADD(at[46], at[91]);    MULADD(at[47], at[90]); 
+   COMBA_STORE(C->dp[89]);
+   /* 90 */
+   COMBA_FORWARD;
+   MULADD(at[43], at[95]);    MULADD(at[44], at[94]);    MULADD(at[45], at[93]);    MULADD(at[46], at[92]);    MULADD(at[47], at[91]); 
+   COMBA_STORE(C->dp[90]);
+   /* 91 */
+   COMBA_FORWARD;
+   MULADD(at[44], at[95]);    MULADD(at[45], at[94]);    MULADD(at[46], at[93]);    MULADD(at[47], at[92]); 
+   COMBA_STORE(C->dp[91]);
+   /* 92 */
+   COMBA_FORWARD;
+   MULADD(at[45], at[95]);    MULADD(at[46], at[94]);    MULADD(at[47], at[93]); 
+   COMBA_STORE(C->dp[92]);
+   /* 93 */
+   COMBA_FORWARD;
+   MULADD(at[46], at[95]);    MULADD(at[47], at[94]); 
+   COMBA_STORE(C->dp[93]);
+   /* 94 */
+   COMBA_FORWARD;
+   MULADD(at[47], at[95]); 
+   COMBA_STORE(C->dp[94]);
+   COMBA_STORE2(C->dp[95]);
+   C->used = 96;
+   C->sign = A->sign ^ B->sign;
+   fp_clamp(C);
+   COMBA_FINI;
+}
+#endif
diff --git a/3P/wolfssl/wolfcrypt/src/fp_mul_comba_6.i b/3P/wolfssl/wolfcrypt/src/fp_mul_comba_6.i
new file mode 100644
index 00000000..165c270b
--- /dev/null
+++ b/3P/wolfssl/wolfcrypt/src/fp_mul_comba_6.i
@@ -0,0 +1,82 @@
+/* fp_mul_comba_6.i
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#ifdef TFM_MUL6
+void fp_mul_comba6(fp_int *A, fp_int *B, fp_int *C)
+{
+   fp_digit c0, c1, c2, at[12];
+
+   memcpy(at, A->dp, 6 * sizeof(fp_digit));
+   memcpy(at+6, B->dp, 6 * sizeof(fp_digit));
+   COMBA_START;
+
+   COMBA_CLEAR;
+   /* 0 */
+   MULADD(at[0], at[6]); 
+   COMBA_STORE(C->dp[0]);
+   /* 1 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[7]);    MULADD(at[1], at[6]); 
+   COMBA_STORE(C->dp[1]);
+   /* 2 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[8]);    MULADD(at[1], at[7]);    MULADD(at[2], at[6]); 
+   COMBA_STORE(C->dp[2]);
+   /* 3 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[9]);    MULADD(at[1], at[8]);    MULADD(at[2], at[7]);    MULADD(at[3], at[6]); 
+   COMBA_STORE(C->dp[3]);
+   /* 4 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[10]);    MULADD(at[1], at[9]);    MULADD(at[2], at[8]);    MULADD(at[3], at[7]);    MULADD(at[4], at[6]); 
+   COMBA_STORE(C->dp[4]);
+   /* 5 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[11]);    MULADD(at[1], at[10]);    MULADD(at[2], at[9]);    MULADD(at[3], at[8]);    MULADD(at[4], at[7]);    MULADD(at[5], at[6]); 
+   COMBA_STORE(C->dp[5]);
+   /* 6 */
+   COMBA_FORWARD;
+   MULADD(at[1], at[11]);    MULADD(at[2], at[10]);    MULADD(at[3], at[9]);    MULADD(at[4], at[8]);    MULADD(at[5], at[7]); 
+   COMBA_STORE(C->dp[6]);
+   /* 7 */
+   COMBA_FORWARD;
+   MULADD(at[2], at[11]);    MULADD(at[3], at[10]);    MULADD(at[4], at[9]);    MULADD(at[5], at[8]); 
+   COMBA_STORE(C->dp[7]);
+   /* 8 */
+   COMBA_FORWARD;
+   MULADD(at[3], at[11]);    MULADD(at[4], at[10]);    MULADD(at[5], at[9]); 
+   COMBA_STORE(C->dp[8]);
+   /* 9 */
+   COMBA_FORWARD;
+   MULADD(at[4], at[11]);    MULADD(at[5], at[10]); 
+   COMBA_STORE(C->dp[9]);
+   /* 10 */
+   COMBA_FORWARD;
+   MULADD(at[5], at[11]); 
+   COMBA_STORE(C->dp[10]);
+   COMBA_STORE2(C->dp[11]);
+   C->used = 12;
+   C->sign = A->sign ^ B->sign;
+   fp_clamp(C);
+   COMBA_FINI;
+}
+#endif
diff --git a/3P/wolfssl/wolfcrypt/src/fp_mul_comba_64.i b/3P/wolfssl/wolfcrypt/src/fp_mul_comba_64.i
new file mode 100644
index 00000000..76d7c211
--- /dev/null
+++ b/3P/wolfssl/wolfcrypt/src/fp_mul_comba_64.i
@@ -0,0 +1,546 @@
+/* fp_mul_comba_64.i
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#ifdef TFM_MUL64
+void fp_mul_comba64(fp_int *A, fp_int *B, fp_int *C)
+{
+   fp_digit c0, c1, c2, at[128];
+
+   memcpy(at, A->dp, 64 * sizeof(fp_digit));
+   memcpy(at+64, B->dp, 64 * sizeof(fp_digit));
+   COMBA_START;
+
+   COMBA_CLEAR;
+   /* 0 */
+   MULADD(at[0], at[64]); 
+   COMBA_STORE(C->dp[0]);
+   /* 1 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[65]);    MULADD(at[1], at[64]); 
+   COMBA_STORE(C->dp[1]);
+   /* 2 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[66]);    MULADD(at[1], at[65]);    MULADD(at[2], at[64]); 
+   COMBA_STORE(C->dp[2]);
+   /* 3 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[67]);    MULADD(at[1], at[66]);    MULADD(at[2], at[65]);    MULADD(at[3], at[64]); 
+   COMBA_STORE(C->dp[3]);
+   /* 4 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[68]);    MULADD(at[1], at[67]);    MULADD(at[2], at[66]);    MULADD(at[3], at[65]);    MULADD(at[4], at[64]); 
+   COMBA_STORE(C->dp[4]);
+   /* 5 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[69]);    MULADD(at[1], at[68]);    MULADD(at[2], at[67]);    MULADD(at[3], at[66]);    MULADD(at[4], at[65]);    MULADD(at[5], at[64]); 
+   COMBA_STORE(C->dp[5]);
+   /* 6 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[70]);    MULADD(at[1], at[69]);    MULADD(at[2], at[68]);    MULADD(at[3], at[67]);    MULADD(at[4], at[66]);    MULADD(at[5], at[65]);    MULADD(at[6], at[64]); 
+   COMBA_STORE(C->dp[6]);
+   /* 7 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[71]);    MULADD(at[1], at[70]);    MULADD(at[2], at[69]);    MULADD(at[3], at[68]);    MULADD(at[4], at[67]);    MULADD(at[5], at[66]);    MULADD(at[6], at[65]);    MULADD(at[7], at[64]); 
+   COMBA_STORE(C->dp[7]);
+   /* 8 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[72]);    MULADD(at[1], at[71]);    MULADD(at[2], at[70]);    MULADD(at[3], at[69]);    MULADD(at[4], at[68]);    MULADD(at[5], at[67]);    MULADD(at[6], at[66]);    MULADD(at[7], at[65]);    MULADD(at[8], at[64]); 
+   COMBA_STORE(C->dp[8]);
+   /* 9 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[73]);    MULADD(at[1], at[72]);    MULADD(at[2], at[71]);    MULADD(at[3], at[70]);    MULADD(at[4], at[69]);    MULADD(at[5], at[68]);    MULADD(at[6], at[67]);    MULADD(at[7], at[66]);    MULADD(at[8], at[65]);    MULADD(at[9], at[64]); 
+   COMBA_STORE(C->dp[9]);
+   /* 10 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[74]);    MULADD(at[1], at[73]);    MULADD(at[2], at[72]);    MULADD(at[3], at[71]);    MULADD(at[4], at[70]);    MULADD(at[5], at[69]);    MULADD(at[6], at[68]);    MULADD(at[7], at[67]);    MULADD(at[8], at[66]);    MULADD(at[9], at[65]);    MULADD(at[10], at[64]); 
+   COMBA_STORE(C->dp[10]);
+   /* 11 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[75]);    MULADD(at[1], at[74]);    MULADD(at[2], at[73]);    MULADD(at[3], at[72]);    MULADD(at[4], at[71]);    MULADD(at[5], at[70]);    MULADD(at[6], at[69]);    MULADD(at[7], at[68]);    MULADD(at[8], at[67]);    MULADD(at[9], at[66]);    MULADD(at[10], at[65]);    MULADD(at[11], at[64]); 
+   COMBA_STORE(C->dp[11]);
+   /* 12 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[76]);    MULADD(at[1], at[75]);    MULADD(at[2], at[74]);    MULADD(at[3], at[73]);    MULADD(at[4], at[72]);    MULADD(at[5], at[71]);    MULADD(at[6], at[70]);    MULADD(at[7], at[69]);    MULADD(at[8], at[68]);    MULADD(at[9], at[67]);    MULADD(at[10], at[66]);    MULADD(at[11], at[65]);    MULADD(at[12], at[64]); 
+   COMBA_STORE(C->dp[12]);
+   /* 13 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[77]);    MULADD(at[1], at[76]);    MULADD(at[2], at[75]);    MULADD(at[3], at[74]);    MULADD(at[4], at[73]);    MULADD(at[5], at[72]);    MULADD(at[6], at[71]);    MULADD(at[7], at[70]);    MULADD(at[8], at[69]);    MULADD(at[9], at[68]);    MULADD(at[10], at[67]);    MULADD(at[11], at[66]);    MULADD(at[12], at[65]);    MULADD(at[13], at[64]); 
+   COMBA_STORE(C->dp[13]);
+   /* 14 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[78]);    MULADD(at[1], at[77]);    MULADD(at[2], at[76]);    MULADD(at[3], at[75]);    MULADD(at[4], at[74]);    MULADD(at[5], at[73]);    MULADD(at[6], at[72]);    MULADD(at[7], at[71]);    MULADD(at[8], at[70]);    MULADD(at[9], at[69]);    MULADD(at[10], at[68]);    MULADD(at[11], at[67]);    MULADD(at[12], at[66]);    MULADD(at[13], at[65]);    MULADD(at[14], at[64]); 
+   COMBA_STORE(C->dp[14]);
+   /* 15 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[79]);    MULADD(at[1], at[78]);    MULADD(at[2], at[77]);    MULADD(at[3], at[76]);    MULADD(at[4], at[75]);    MULADD(at[5], at[74]);    MULADD(at[6], at[73]);    MULADD(at[7], at[72]);    MULADD(at[8], at[71]);    MULADD(at[9], at[70]);    MULADD(at[10], at[69]);    MULADD(at[11], at[68]);    MULADD(at[12], at[67]);    MULADD(at[13], at[66]);    MULADD(at[14], at[65]);    MULADD(at[15], at[64]); 
+   COMBA_STORE(C->dp[15]);
+   /* 16 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[80]);    MULADD(at[1], at[79]);    MULADD(at[2], at[78]);    MULADD(at[3], at[77]);    MULADD(at[4], at[76]);    MULADD(at[5], at[75]);    MULADD(at[6], at[74]);    MULADD(at[7], at[73]);    MULADD(at[8], at[72]);    MULADD(at[9], at[71]);    MULADD(at[10], at[70]);    MULADD(at[11], at[69]);    MULADD(at[12], at[68]);    MULADD(at[13], at[67]);    MULADD(at[14], at[66]);    MULADD(at[15], at[65]);    MULADD(at[16], at[64]); 
+   COMBA_STORE(C->dp[16]);
+   /* 17 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[81]);    MULADD(at[1], at[80]);    MULADD(at[2], at[79]);    MULADD(at[3], at[78]);    MULADD(at[4], at[77]);    MULADD(at[5], at[76]);    MULADD(at[6], at[75]);    MULADD(at[7], at[74]);    MULADD(at[8], at[73]);    MULADD(at[9], at[72]);    MULADD(at[10], at[71]);    MULADD(at[11], at[70]);    MULADD(at[12], at[69]);    MULADD(at[13], at[68]);    MULADD(at[14], at[67]);    MULADD(at[15], at[66]);    MULADD(at[16], at[65]);    MULADD(at[17], at[64]); 
+   COMBA_STORE(C->dp[17]);
+   /* 18 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[82]);    MULADD(at[1], at[81]);    MULADD(at[2], at[80]);    MULADD(at[3], at[79]);    MULADD(at[4], at[78]);    MULADD(at[5], at[77]);    MULADD(at[6], at[76]);    MULADD(at[7], at[75]);    MULADD(at[8], at[74]);    MULADD(at[9], at[73]);    MULADD(at[10], at[72]);    MULADD(at[11], at[71]);    MULADD(at[12], at[70]);    MULADD(at[13], at[69]);    MULADD(at[14], at[68]);    MULADD(at[15], at[67]);    MULADD(at[16], at[66]);    MULADD(at[17], at[65]);    MULADD(at[18], at[64]); 
+   COMBA_STORE(C->dp[18]);
+   /* 19 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[83]);    MULADD(at[1], at[82]);    MULADD(at[2], at[81]);    MULADD(at[3], at[80]);    MULADD(at[4], at[79]);    MULADD(at[5], at[78]);    MULADD(at[6], at[77]);    MULADD(at[7], at[76]);    MULADD(at[8], at[75]);    MULADD(at[9], at[74]);    MULADD(at[10], at[73]);    MULADD(at[11], at[72]);    MULADD(at[12], at[71]);    MULADD(at[13], at[70]);    MULADD(at[14], at[69]);    MULADD(at[15], at[68]);    MULADD(at[16], at[67]);    MULADD(at[17], at[66]);    MULADD(at[18], at[65]);    MULADD(at[19], at[64]); 
+   COMBA_STORE(C->dp[19]);
+   /* 20 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[84]);    MULADD(at[1], at[83]);    MULADD(at[2], at[82]);    MULADD(at[3], at[81]);    MULADD(at[4], at[80]);    MULADD(at[5], at[79]);    MULADD(at[6], at[78]);    MULADD(at[7], at[77]);    MULADD(at[8], at[76]);    MULADD(at[9], at[75]);    MULADD(at[10], at[74]);    MULADD(at[11], at[73]);    MULADD(at[12], at[72]);    MULADD(at[13], at[71]);    MULADD(at[14], at[70]);    MULADD(at[15], at[69]);    MULADD(at[16], at[68]);    MULADD(at[17], at[67]);    MULADD(at[18], at[66]);    MULADD(at[19], at[65]);    MULADD(at[20], at[64]); 
+   COMBA_STORE(C->dp[20]);
+   /* 21 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[85]);    MULADD(at[1], at[84]);    MULADD(at[2], at[83]);    MULADD(at[3], at[82]);    MULADD(at[4], at[81]);    MULADD(at[5], at[80]);    MULADD(at[6], at[79]);    MULADD(at[7], at[78]);    MULADD(at[8], at[77]);    MULADD(at[9], at[76]);    MULADD(at[10], at[75]);    MULADD(at[11], at[74]);    MULADD(at[12], at[73]);    MULADD(at[13], at[72]);    MULADD(at[14], at[71]);    MULADD(at[15], at[70]);    MULADD(at[16], at[69]);    MULADD(at[17], at[68]);    MULADD(at[18], at[67]);    MULADD(at[19], at[66]);    MULADD(at[20], at[65]);    MULADD(at[21], at[64]); 
+   COMBA_STORE(C->dp[21]);
+   /* 22 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[86]);    MULADD(at[1], at[85]);    MULADD(at[2], at[84]);    MULADD(at[3], at[83]);    MULADD(at[4], at[82]);    MULADD(at[5], at[81]);    MULADD(at[6], at[80]);    MULADD(at[7], at[79]);    MULADD(at[8], at[78]);    MULADD(at[9], at[77]);    MULADD(at[10], at[76]);    MULADD(at[11], at[75]);    MULADD(at[12], at[74]);    MULADD(at[13], at[73]);    MULADD(at[14], at[72]);    MULADD(at[15], at[71]);    MULADD(at[16], at[70]);    MULADD(at[17], at[69]);    MULADD(at[18], at[68]);    MULADD(at[19], at[67]);    MULADD(at[20], at[66]);    MULADD(at[21], at[65]);    MULADD(at[22], at[64]); 
+   COMBA_STORE(C->dp[22]);
+   /* 23 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[87]);    MULADD(at[1], at[86]);    MULADD(at[2], at[85]);    MULADD(at[3], at[84]);    MULADD(at[4], at[83]);    MULADD(at[5], at[82]);    MULADD(at[6], at[81]);    MULADD(at[7], at[80]);    MULADD(at[8], at[79]);    MULADD(at[9], at[78]);    MULADD(at[10], at[77]);    MULADD(at[11], at[76]);    MULADD(at[12], at[75]);    MULADD(at[13], at[74]);    MULADD(at[14], at[73]);    MULADD(at[15], at[72]);    MULADD(at[16], at[71]);    MULADD(at[17], at[70]);    MULADD(at[18], at[69]);    MULADD(at[19], at[68]);    MULADD(at[20], at[67]);    MULADD(at[21], at[66]);    MULADD(at[22], at[65]);    MULADD(at[23], at[64]); 
+   COMBA_STORE(C->dp[23]);
+   /* 24 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[88]);    MULADD(at[1], at[87]);    MULADD(at[2], at[86]);    MULADD(at[3], at[85]);    MULADD(at[4], at[84]);    MULADD(at[5], at[83]);    MULADD(at[6], at[82]);    MULADD(at[7], at[81]);    MULADD(at[8], at[80]);    MULADD(at[9], at[79]);    MULADD(at[10], at[78]);    MULADD(at[11], at[77]);    MULADD(at[12], at[76]);    MULADD(at[13], at[75]);    MULADD(at[14], at[74]);    MULADD(at[15], at[73]);    MULADD(at[16], at[72]);    MULADD(at[17], at[71]);    MULADD(at[18], at[70]);    MULADD(at[19], at[69]);    MULADD(at[20], at[68]);    MULADD(at[21], at[67]);    MULADD(at[22], at[66]);    MULADD(at[23], at[65]);    MULADD(at[24], at[64]); 
+   COMBA_STORE(C->dp[24]);
+   /* 25 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[89]);    MULADD(at[1], at[88]);    MULADD(at[2], at[87]);    MULADD(at[3], at[86]);    MULADD(at[4], at[85]);    MULADD(at[5], at[84]);    MULADD(at[6], at[83]);    MULADD(at[7], at[82]);    MULADD(at[8], at[81]);    MULADD(at[9], at[80]);    MULADD(at[10], at[79]);    MULADD(at[11], at[78]);    MULADD(at[12], at[77]);    MULADD(at[13], at[76]);    MULADD(at[14], at[75]);    MULADD(at[15], at[74]);    MULADD(at[16], at[73]);    MULADD(at[17], at[72]);    MULADD(at[18], at[71]);    MULADD(at[19], at[70]);    MULADD(at[20], at[69]);    MULADD(at[21], at[68]);    MULADD(at[22], at[67]);    MULADD(at[23], at[66]);    MULADD(at[24], at[65]);    MULADD(at[25], at[64]); 
+   COMBA_STORE(C->dp[25]);
+   /* 26 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[90]);    MULADD(at[1], at[89]);    MULADD(at[2], at[88]);    MULADD(at[3], at[87]);    MULADD(at[4], at[86]);    MULADD(at[5], at[85]);    MULADD(at[6], at[84]);    MULADD(at[7], at[83]);    MULADD(at[8], at[82]);    MULADD(at[9], at[81]);    MULADD(at[10], at[80]);    MULADD(at[11], at[79]);    MULADD(at[12], at[78]);    MULADD(at[13], at[77]);    MULADD(at[14], at[76]);    MULADD(at[15], at[75]);    MULADD(at[16], at[74]);    MULADD(at[17], at[73]);    MULADD(at[18], at[72]);    MULADD(at[19], at[71]);    MULADD(at[20], at[70]);    MULADD(at[21], at[69]);    MULADD(at[22], at[68]);    MULADD(at[23], at[67]);    MULADD(at[24], at[66]);    MULADD(at[25], at[65]);    MULADD(at[26], at[64]); 
+   COMBA_STORE(C->dp[26]);
+   /* 27 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[91]);    MULADD(at[1], at[90]);    MULADD(at[2], at[89]);    MULADD(at[3], at[88]);    MULADD(at[4], at[87]);    MULADD(at[5], at[86]);    MULADD(at[6], at[85]);    MULADD(at[7], at[84]);    MULADD(at[8], at[83]);    MULADD(at[9], at[82]);    MULADD(at[10], at[81]);    MULADD(at[11], at[80]);    MULADD(at[12], at[79]);    MULADD(at[13], at[78]);    MULADD(at[14], at[77]);    MULADD(at[15], at[76]);    MULADD(at[16], at[75]);    MULADD(at[17], at[74]);    MULADD(at[18], at[73]);    MULADD(at[19], at[72]);    MULADD(at[20], at[71]);    MULADD(at[21], at[70]);    MULADD(at[22], at[69]);    MULADD(at[23], at[68]);    MULADD(at[24], at[67]);    MULADD(at[25], at[66]);    MULADD(at[26], at[65]);    MULADD(at[27], at[64]); 
+   COMBA_STORE(C->dp[27]);
+   /* 28 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[92]);    MULADD(at[1], at[91]);    MULADD(at[2], at[90]);    MULADD(at[3], at[89]);    MULADD(at[4], at[88]);    MULADD(at[5], at[87]);    MULADD(at[6], at[86]);    MULADD(at[7], at[85]);    MULADD(at[8], at[84]);    MULADD(at[9], at[83]);    MULADD(at[10], at[82]);    MULADD(at[11], at[81]);    MULADD(at[12], at[80]);    MULADD(at[13], at[79]);    MULADD(at[14], at[78]);    MULADD(at[15], at[77]);    MULADD(at[16], at[76]);    MULADD(at[17], at[75]);    MULADD(at[18], at[74]);    MULADD(at[19], at[73]);    MULADD(at[20], at[72]);    MULADD(at[21], at[71]);    MULADD(at[22], at[70]);    MULADD(at[23], at[69]);    MULADD(at[24], at[68]);    MULADD(at[25], at[67]);    MULADD(at[26], at[66]);    MULADD(at[27], at[65]);    MULADD(at[28], at[64]); 
+   COMBA_STORE(C->dp[28]);
+   /* 29 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[93]);    MULADD(at[1], at[92]);    MULADD(at[2], at[91]);    MULADD(at[3], at[90]);    MULADD(at[4], at[89]);    MULADD(at[5], at[88]);    MULADD(at[6], at[87]);    MULADD(at[7], at[86]);    MULADD(at[8], at[85]);    MULADD(at[9], at[84]);    MULADD(at[10], at[83]);    MULADD(at[11], at[82]);    MULADD(at[12], at[81]);    MULADD(at[13], at[80]);    MULADD(at[14], at[79]);    MULADD(at[15], at[78]);    MULADD(at[16], at[77]);    MULADD(at[17], at[76]);    MULADD(at[18], at[75]);    MULADD(at[19], at[74]);    MULADD(at[20], at[73]);    MULADD(at[21], at[72]);    MULADD(at[22], at[71]);    MULADD(at[23], at[70]);    MULADD(at[24], at[69]);    MULADD(at[25], at[68]);    MULADD(at[26], at[67]);    MULADD(at[27], at[66]);    MULADD(at[28], at[65]);    MULADD(at[29], at[64]); 
+   COMBA_STORE(C->dp[29]);
+   /* 30 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[94]);    MULADD(at[1], at[93]);    MULADD(at[2], at[92]);    MULADD(at[3], at[91]);    MULADD(at[4], at[90]);    MULADD(at[5], at[89]);    MULADD(at[6], at[88]);    MULADD(at[7], at[87]);    MULADD(at[8], at[86]);    MULADD(at[9], at[85]);    MULADD(at[10], at[84]);    MULADD(at[11], at[83]);    MULADD(at[12], at[82]);    MULADD(at[13], at[81]);    MULADD(at[14], at[80]);    MULADD(at[15], at[79]);    MULADD(at[16], at[78]);    MULADD(at[17], at[77]);    MULADD(at[18], at[76]);    MULADD(at[19], at[75]);    MULADD(at[20], at[74]);    MULADD(at[21], at[73]);    MULADD(at[22], at[72]);    MULADD(at[23], at[71]);    MULADD(at[24], at[70]);    MULADD(at[25], at[69]);    MULADD(at[26], at[68]);    MULADD(at[27], at[67]);    MULADD(at[28], at[66]);    MULADD(at[29], at[65]);    MULADD(at[30], at[64]); 
+   COMBA_STORE(C->dp[30]);
+   /* 31 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[95]);    MULADD(at[1], at[94]);    MULADD(at[2], at[93]);    MULADD(at[3], at[92]);    MULADD(at[4], at[91]);    MULADD(at[5], at[90]);    MULADD(at[6], at[89]);    MULADD(at[7], at[88]);    MULADD(at[8], at[87]);    MULADD(at[9], at[86]);    MULADD(at[10], at[85]);    MULADD(at[11], at[84]);    MULADD(at[12], at[83]);    MULADD(at[13], at[82]);    MULADD(at[14], at[81]);    MULADD(at[15], at[80]);    MULADD(at[16], at[79]);    MULADD(at[17], at[78]);    MULADD(at[18], at[77]);    MULADD(at[19], at[76]);    MULADD(at[20], at[75]);    MULADD(at[21], at[74]);    MULADD(at[22], at[73]);    MULADD(at[23], at[72]);    MULADD(at[24], at[71]);    MULADD(at[25], at[70]);    MULADD(at[26], at[69]);    MULADD(at[27], at[68]);    MULADD(at[28], at[67]);    MULADD(at[29], at[66]);    MULADD(at[30], at[65]);    MULADD(at[31], at[64]); 
+   COMBA_STORE(C->dp[31]);
+   /* 32 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[96]);    MULADD(at[1], at[95]);    MULADD(at[2], at[94]);    MULADD(at[3], at[93]);    MULADD(at[4], at[92]);    MULADD(at[5], at[91]);    MULADD(at[6], at[90]);    MULADD(at[7], at[89]);    MULADD(at[8], at[88]);    MULADD(at[9], at[87]);    MULADD(at[10], at[86]);    MULADD(at[11], at[85]);    MULADD(at[12], at[84]);    MULADD(at[13], at[83]);    MULADD(at[14], at[82]);    MULADD(at[15], at[81]);    MULADD(at[16], at[80]);    MULADD(at[17], at[79]);    MULADD(at[18], at[78]);    MULADD(at[19], at[77]);    MULADD(at[20], at[76]);    MULADD(at[21], at[75]);    MULADD(at[22], at[74]);    MULADD(at[23], at[73]);    MULADD(at[24], at[72]);    MULADD(at[25], at[71]);    MULADD(at[26], at[70]);    MULADD(at[27], at[69]);    MULADD(at[28], at[68]);    MULADD(at[29], at[67]);    MULADD(at[30], at[66]);    MULADD(at[31], at[65]);    MULADD(at[32], at[64]); 
+   COMBA_STORE(C->dp[32]);
+   /* 33 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[97]);    MULADD(at[1], at[96]);    MULADD(at[2], at[95]);    MULADD(at[3], at[94]);    MULADD(at[4], at[93]);    MULADD(at[5], at[92]);    MULADD(at[6], at[91]);    MULADD(at[7], at[90]);    MULADD(at[8], at[89]);    MULADD(at[9], at[88]);    MULADD(at[10], at[87]);    MULADD(at[11], at[86]);    MULADD(at[12], at[85]);    MULADD(at[13], at[84]);    MULADD(at[14], at[83]);    MULADD(at[15], at[82]);    MULADD(at[16], at[81]);    MULADD(at[17], at[80]);    MULADD(at[18], at[79]);    MULADD(at[19], at[78]);    MULADD(at[20], at[77]);    MULADD(at[21], at[76]);    MULADD(at[22], at[75]);    MULADD(at[23], at[74]);    MULADD(at[24], at[73]);    MULADD(at[25], at[72]);    MULADD(at[26], at[71]);    MULADD(at[27], at[70]);    MULADD(at[28], at[69]);    MULADD(at[29], at[68]);    MULADD(at[30], at[67]);    MULADD(at[31], at[66]);    MULADD(at[32], at[65]);    MULADD(at[33], at[64]); 
+   COMBA_STORE(C->dp[33]);
+   /* 34 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[98]);    MULADD(at[1], at[97]);    MULADD(at[2], at[96]);    MULADD(at[3], at[95]);    MULADD(at[4], at[94]);    MULADD(at[5], at[93]);    MULADD(at[6], at[92]);    MULADD(at[7], at[91]);    MULADD(at[8], at[90]);    MULADD(at[9], at[89]);    MULADD(at[10], at[88]);    MULADD(at[11], at[87]);    MULADD(at[12], at[86]);    MULADD(at[13], at[85]);    MULADD(at[14], at[84]);    MULADD(at[15], at[83]);    MULADD(at[16], at[82]);    MULADD(at[17], at[81]);    MULADD(at[18], at[80]);    MULADD(at[19], at[79]);    MULADD(at[20], at[78]);    MULADD(at[21], at[77]);    MULADD(at[22], at[76]);    MULADD(at[23], at[75]);    MULADD(at[24], at[74]);    MULADD(at[25], at[73]);    MULADD(at[26], at[72]);    MULADD(at[27], at[71]);    MULADD(at[28], at[70]);    MULADD(at[29], at[69]);    MULADD(at[30], at[68]);    MULADD(at[31], at[67]);    MULADD(at[32], at[66]);    MULADD(at[33], at[65]);    MULADD(at[34], at[64]); 
+   COMBA_STORE(C->dp[34]);
+   /* 35 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[99]);    MULADD(at[1], at[98]);    MULADD(at[2], at[97]);    MULADD(at[3], at[96]);    MULADD(at[4], at[95]);    MULADD(at[5], at[94]);    MULADD(at[6], at[93]);    MULADD(at[7], at[92]);    MULADD(at[8], at[91]);    MULADD(at[9], at[90]);    MULADD(at[10], at[89]);    MULADD(at[11], at[88]);    MULADD(at[12], at[87]);    MULADD(at[13], at[86]);    MULADD(at[14], at[85]);    MULADD(at[15], at[84]);    MULADD(at[16], at[83]);    MULADD(at[17], at[82]);    MULADD(at[18], at[81]);    MULADD(at[19], at[80]);    MULADD(at[20], at[79]);    MULADD(at[21], at[78]);    MULADD(at[22], at[77]);    MULADD(at[23], at[76]);    MULADD(at[24], at[75]);    MULADD(at[25], at[74]);    MULADD(at[26], at[73]);    MULADD(at[27], at[72]);    MULADD(at[28], at[71]);    MULADD(at[29], at[70]);    MULADD(at[30], at[69]);    MULADD(at[31], at[68]);    MULADD(at[32], at[67]);    MULADD(at[33], at[66]);    MULADD(at[34], at[65]);    MULADD(at[35], at[64]); 
+   COMBA_STORE(C->dp[35]);
+   /* 36 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[100]);    MULADD(at[1], at[99]);    MULADD(at[2], at[98]);    MULADD(at[3], at[97]);    MULADD(at[4], at[96]);    MULADD(at[5], at[95]);    MULADD(at[6], at[94]);    MULADD(at[7], at[93]);    MULADD(at[8], at[92]);    MULADD(at[9], at[91]);    MULADD(at[10], at[90]);    MULADD(at[11], at[89]);    MULADD(at[12], at[88]);    MULADD(at[13], at[87]);    MULADD(at[14], at[86]);    MULADD(at[15], at[85]);    MULADD(at[16], at[84]);    MULADD(at[17], at[83]);    MULADD(at[18], at[82]);    MULADD(at[19], at[81]);    MULADD(at[20], at[80]);    MULADD(at[21], at[79]);    MULADD(at[22], at[78]);    MULADD(at[23], at[77]);    MULADD(at[24], at[76]);    MULADD(at[25], at[75]);    MULADD(at[26], at[74]);    MULADD(at[27], at[73]);    MULADD(at[28], at[72]);    MULADD(at[29], at[71]);    MULADD(at[30], at[70]);    MULADD(at[31], at[69]);    MULADD(at[32], at[68]);    MULADD(at[33], at[67]);    MULADD(at[34], at[66]);    MULADD(at[35], at[65]);    MULADD(at[36], at[64]); 
+   COMBA_STORE(C->dp[36]);
+   /* 37 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[101]);    MULADD(at[1], at[100]);    MULADD(at[2], at[99]);    MULADD(at[3], at[98]);    MULADD(at[4], at[97]);    MULADD(at[5], at[96]);    MULADD(at[6], at[95]);    MULADD(at[7], at[94]);    MULADD(at[8], at[93]);    MULADD(at[9], at[92]);    MULADD(at[10], at[91]);    MULADD(at[11], at[90]);    MULADD(at[12], at[89]);    MULADD(at[13], at[88]);    MULADD(at[14], at[87]);    MULADD(at[15], at[86]);    MULADD(at[16], at[85]);    MULADD(at[17], at[84]);    MULADD(at[18], at[83]);    MULADD(at[19], at[82]);    MULADD(at[20], at[81]);    MULADD(at[21], at[80]);    MULADD(at[22], at[79]);    MULADD(at[23], at[78]);    MULADD(at[24], at[77]);    MULADD(at[25], at[76]);    MULADD(at[26], at[75]);    MULADD(at[27], at[74]);    MULADD(at[28], at[73]);    MULADD(at[29], at[72]);    MULADD(at[30], at[71]);    MULADD(at[31], at[70]);    MULADD(at[32], at[69]);    MULADD(at[33], at[68]);    MULADD(at[34], at[67]);    MULADD(at[35], at[66]);    MULADD(at[36], at[65]);    MULADD(at[37], at[64]); 
+   COMBA_STORE(C->dp[37]);
+   /* 38 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[102]);    MULADD(at[1], at[101]);    MULADD(at[2], at[100]);    MULADD(at[3], at[99]);    MULADD(at[4], at[98]);    MULADD(at[5], at[97]);    MULADD(at[6], at[96]);    MULADD(at[7], at[95]);    MULADD(at[8], at[94]);    MULADD(at[9], at[93]);    MULADD(at[10], at[92]);    MULADD(at[11], at[91]);    MULADD(at[12], at[90]);    MULADD(at[13], at[89]);    MULADD(at[14], at[88]);    MULADD(at[15], at[87]);    MULADD(at[16], at[86]);    MULADD(at[17], at[85]);    MULADD(at[18], at[84]);    MULADD(at[19], at[83]);    MULADD(at[20], at[82]);    MULADD(at[21], at[81]);    MULADD(at[22], at[80]);    MULADD(at[23], at[79]);    MULADD(at[24], at[78]);    MULADD(at[25], at[77]);    MULADD(at[26], at[76]);    MULADD(at[27], at[75]);    MULADD(at[28], at[74]);    MULADD(at[29], at[73]);    MULADD(at[30], at[72]);    MULADD(at[31], at[71]);    MULADD(at[32], at[70]);    MULADD(at[33], at[69]);    MULADD(at[34], at[68]);    MULADD(at[35], at[67]);    MULADD(at[36], at[66]);    MULADD(at[37], at[65]);    MULADD(at[38], at[64]); 
+   COMBA_STORE(C->dp[38]);
+   /* 39 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[103]);    MULADD(at[1], at[102]);    MULADD(at[2], at[101]);    MULADD(at[3], at[100]);    MULADD(at[4], at[99]);    MULADD(at[5], at[98]);    MULADD(at[6], at[97]);    MULADD(at[7], at[96]);    MULADD(at[8], at[95]);    MULADD(at[9], at[94]);    MULADD(at[10], at[93]);    MULADD(at[11], at[92]);    MULADD(at[12], at[91]);    MULADD(at[13], at[90]);    MULADD(at[14], at[89]);    MULADD(at[15], at[88]);    MULADD(at[16], at[87]);    MULADD(at[17], at[86]);    MULADD(at[18], at[85]);    MULADD(at[19], at[84]);    MULADD(at[20], at[83]);    MULADD(at[21], at[82]);    MULADD(at[22], at[81]);    MULADD(at[23], at[80]);    MULADD(at[24], at[79]);    MULADD(at[25], at[78]);    MULADD(at[26], at[77]);    MULADD(at[27], at[76]);    MULADD(at[28], at[75]);    MULADD(at[29], at[74]);    MULADD(at[30], at[73]);    MULADD(at[31], at[72]);    MULADD(at[32], at[71]);    MULADD(at[33], at[70]);    MULADD(at[34], at[69]);    MULADD(at[35], at[68]);    MULADD(at[36], at[67]);    MULADD(at[37], at[66]);    MULADD(at[38], at[65]);    MULADD(at[39], at[64]); 
+   COMBA_STORE(C->dp[39]);
+   /* 40 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[104]);    MULADD(at[1], at[103]);    MULADD(at[2], at[102]);    MULADD(at[3], at[101]);    MULADD(at[4], at[100]);    MULADD(at[5], at[99]);    MULADD(at[6], at[98]);    MULADD(at[7], at[97]);    MULADD(at[8], at[96]);    MULADD(at[9], at[95]);    MULADD(at[10], at[94]);    MULADD(at[11], at[93]);    MULADD(at[12], at[92]);    MULADD(at[13], at[91]);    MULADD(at[14], at[90]);    MULADD(at[15], at[89]);    MULADD(at[16], at[88]);    MULADD(at[17], at[87]);    MULADD(at[18], at[86]);    MULADD(at[19], at[85]);    MULADD(at[20], at[84]);    MULADD(at[21], at[83]);    MULADD(at[22], at[82]);    MULADD(at[23], at[81]);    MULADD(at[24], at[80]);    MULADD(at[25], at[79]);    MULADD(at[26], at[78]);    MULADD(at[27], at[77]);    MULADD(at[28], at[76]);    MULADD(at[29], at[75]);    MULADD(at[30], at[74]);    MULADD(at[31], at[73]);    MULADD(at[32], at[72]);    MULADD(at[33], at[71]);    MULADD(at[34], at[70]);    MULADD(at[35], at[69]);    MULADD(at[36], at[68]);    MULADD(at[37], at[67]);    MULADD(at[38], at[66]);    MULADD(at[39], at[65]);    MULADD(at[40], at[64]); 
+   COMBA_STORE(C->dp[40]);
+   /* 41 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[105]);    MULADD(at[1], at[104]);    MULADD(at[2], at[103]);    MULADD(at[3], at[102]);    MULADD(at[4], at[101]);    MULADD(at[5], at[100]);    MULADD(at[6], at[99]);    MULADD(at[7], at[98]);    MULADD(at[8], at[97]);    MULADD(at[9], at[96]);    MULADD(at[10], at[95]);    MULADD(at[11], at[94]);    MULADD(at[12], at[93]);    MULADD(at[13], at[92]);    MULADD(at[14], at[91]);    MULADD(at[15], at[90]);    MULADD(at[16], at[89]);    MULADD(at[17], at[88]);    MULADD(at[18], at[87]);    MULADD(at[19], at[86]);    MULADD(at[20], at[85]);    MULADD(at[21], at[84]);    MULADD(at[22], at[83]);    MULADD(at[23], at[82]);    MULADD(at[24], at[81]);    MULADD(at[25], at[80]);    MULADD(at[26], at[79]);    MULADD(at[27], at[78]);    MULADD(at[28], at[77]);    MULADD(at[29], at[76]);    MULADD(at[30], at[75]);    MULADD(at[31], at[74]);    MULADD(at[32], at[73]);    MULADD(at[33], at[72]);    MULADD(at[34], at[71]);    MULADD(at[35], at[70]);    MULADD(at[36], at[69]);    MULADD(at[37], at[68]);    MULADD(at[38], at[67]);    MULADD(at[39], at[66]);    MULADD(at[40], at[65]);    MULADD(at[41], at[64]); 
+   COMBA_STORE(C->dp[41]);
+   /* 42 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[106]);    MULADD(at[1], at[105]);    MULADD(at[2], at[104]);    MULADD(at[3], at[103]);    MULADD(at[4], at[102]);    MULADD(at[5], at[101]);    MULADD(at[6], at[100]);    MULADD(at[7], at[99]);    MULADD(at[8], at[98]);    MULADD(at[9], at[97]);    MULADD(at[10], at[96]);    MULADD(at[11], at[95]);    MULADD(at[12], at[94]);    MULADD(at[13], at[93]);    MULADD(at[14], at[92]);    MULADD(at[15], at[91]);    MULADD(at[16], at[90]);    MULADD(at[17], at[89]);    MULADD(at[18], at[88]);    MULADD(at[19], at[87]);    MULADD(at[20], at[86]);    MULADD(at[21], at[85]);    MULADD(at[22], at[84]);    MULADD(at[23], at[83]);    MULADD(at[24], at[82]);    MULADD(at[25], at[81]);    MULADD(at[26], at[80]);    MULADD(at[27], at[79]);    MULADD(at[28], at[78]);    MULADD(at[29], at[77]);    MULADD(at[30], at[76]);    MULADD(at[31], at[75]);    MULADD(at[32], at[74]);    MULADD(at[33], at[73]);    MULADD(at[34], at[72]);    MULADD(at[35], at[71]);    MULADD(at[36], at[70]);    MULADD(at[37], at[69]);    MULADD(at[38], at[68]);    MULADD(at[39], at[67]);    MULADD(at[40], at[66]);    MULADD(at[41], at[65]);    MULADD(at[42], at[64]); 
+   COMBA_STORE(C->dp[42]);
+   /* 43 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[107]);    MULADD(at[1], at[106]);    MULADD(at[2], at[105]);    MULADD(at[3], at[104]);    MULADD(at[4], at[103]);    MULADD(at[5], at[102]);    MULADD(at[6], at[101]);    MULADD(at[7], at[100]);    MULADD(at[8], at[99]);    MULADD(at[9], at[98]);    MULADD(at[10], at[97]);    MULADD(at[11], at[96]);    MULADD(at[12], at[95]);    MULADD(at[13], at[94]);    MULADD(at[14], at[93]);    MULADD(at[15], at[92]);    MULADD(at[16], at[91]);    MULADD(at[17], at[90]);    MULADD(at[18], at[89]);    MULADD(at[19], at[88]);    MULADD(at[20], at[87]);    MULADD(at[21], at[86]);    MULADD(at[22], at[85]);    MULADD(at[23], at[84]);    MULADD(at[24], at[83]);    MULADD(at[25], at[82]);    MULADD(at[26], at[81]);    MULADD(at[27], at[80]);    MULADD(at[28], at[79]);    MULADD(at[29], at[78]);    MULADD(at[30], at[77]);    MULADD(at[31], at[76]);    MULADD(at[32], at[75]);    MULADD(at[33], at[74]);    MULADD(at[34], at[73]);    MULADD(at[35], at[72]);    MULADD(at[36], at[71]);    MULADD(at[37], at[70]);    MULADD(at[38], at[69]);    MULADD(at[39], at[68]);    MULADD(at[40], at[67]);    MULADD(at[41], at[66]);    MULADD(at[42], at[65]);    MULADD(at[43], at[64]); 
+   COMBA_STORE(C->dp[43]);
+   /* 44 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[108]);    MULADD(at[1], at[107]);    MULADD(at[2], at[106]);    MULADD(at[3], at[105]);    MULADD(at[4], at[104]);    MULADD(at[5], at[103]);    MULADD(at[6], at[102]);    MULADD(at[7], at[101]);    MULADD(at[8], at[100]);    MULADD(at[9], at[99]);    MULADD(at[10], at[98]);    MULADD(at[11], at[97]);    MULADD(at[12], at[96]);    MULADD(at[13], at[95]);    MULADD(at[14], at[94]);    MULADD(at[15], at[93]);    MULADD(at[16], at[92]);    MULADD(at[17], at[91]);    MULADD(at[18], at[90]);    MULADD(at[19], at[89]);    MULADD(at[20], at[88]);    MULADD(at[21], at[87]);    MULADD(at[22], at[86]);    MULADD(at[23], at[85]);    MULADD(at[24], at[84]);    MULADD(at[25], at[83]);    MULADD(at[26], at[82]);    MULADD(at[27], at[81]);    MULADD(at[28], at[80]);    MULADD(at[29], at[79]);    MULADD(at[30], at[78]);    MULADD(at[31], at[77]);    MULADD(at[32], at[76]);    MULADD(at[33], at[75]);    MULADD(at[34], at[74]);    MULADD(at[35], at[73]);    MULADD(at[36], at[72]);    MULADD(at[37], at[71]);    MULADD(at[38], at[70]);    MULADD(at[39], at[69]);    MULADD(at[40], at[68]);    MULADD(at[41], at[67]);    MULADD(at[42], at[66]);    MULADD(at[43], at[65]);    MULADD(at[44], at[64]); 
+   COMBA_STORE(C->dp[44]);
+   /* 45 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[109]);    MULADD(at[1], at[108]);    MULADD(at[2], at[107]);    MULADD(at[3], at[106]);    MULADD(at[4], at[105]);    MULADD(at[5], at[104]);    MULADD(at[6], at[103]);    MULADD(at[7], at[102]);    MULADD(at[8], at[101]);    MULADD(at[9], at[100]);    MULADD(at[10], at[99]);    MULADD(at[11], at[98]);    MULADD(at[12], at[97]);    MULADD(at[13], at[96]);    MULADD(at[14], at[95]);    MULADD(at[15], at[94]);    MULADD(at[16], at[93]);    MULADD(at[17], at[92]);    MULADD(at[18], at[91]);    MULADD(at[19], at[90]);    MULADD(at[20], at[89]);    MULADD(at[21], at[88]);    MULADD(at[22], at[87]);    MULADD(at[23], at[86]);    MULADD(at[24], at[85]);    MULADD(at[25], at[84]);    MULADD(at[26], at[83]);    MULADD(at[27], at[82]);    MULADD(at[28], at[81]);    MULADD(at[29], at[80]);    MULADD(at[30], at[79]);    MULADD(at[31], at[78]);    MULADD(at[32], at[77]);    MULADD(at[33], at[76]);    MULADD(at[34], at[75]);    MULADD(at[35], at[74]);    MULADD(at[36], at[73]);    MULADD(at[37], at[72]);    MULADD(at[38], at[71]);    MULADD(at[39], at[70]);    MULADD(at[40], at[69]);    MULADD(at[41], at[68]);    MULADD(at[42], at[67]);    MULADD(at[43], at[66]);    MULADD(at[44], at[65]);    MULADD(at[45], at[64]); 
+   COMBA_STORE(C->dp[45]);
+   /* 46 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[110]);    MULADD(at[1], at[109]);    MULADD(at[2], at[108]);    MULADD(at[3], at[107]);    MULADD(at[4], at[106]);    MULADD(at[5], at[105]);    MULADD(at[6], at[104]);    MULADD(at[7], at[103]);    MULADD(at[8], at[102]);    MULADD(at[9], at[101]);    MULADD(at[10], at[100]);    MULADD(at[11], at[99]);    MULADD(at[12], at[98]);    MULADD(at[13], at[97]);    MULADD(at[14], at[96]);    MULADD(at[15], at[95]);    MULADD(at[16], at[94]);    MULADD(at[17], at[93]);    MULADD(at[18], at[92]);    MULADD(at[19], at[91]);    MULADD(at[20], at[90]);    MULADD(at[21], at[89]);    MULADD(at[22], at[88]);    MULADD(at[23], at[87]);    MULADD(at[24], at[86]);    MULADD(at[25], at[85]);    MULADD(at[26], at[84]);    MULADD(at[27], at[83]);    MULADD(at[28], at[82]);    MULADD(at[29], at[81]);    MULADD(at[30], at[80]);    MULADD(at[31], at[79]);    MULADD(at[32], at[78]);    MULADD(at[33], at[77]);    MULADD(at[34], at[76]);    MULADD(at[35], at[75]);    MULADD(at[36], at[74]);    MULADD(at[37], at[73]);    MULADD(at[38], at[72]);    MULADD(at[39], at[71]);    MULADD(at[40], at[70]);    MULADD(at[41], at[69]);    MULADD(at[42], at[68]);    MULADD(at[43], at[67]);    MULADD(at[44], at[66]);    MULADD(at[45], at[65]);    MULADD(at[46], at[64]); 
+   COMBA_STORE(C->dp[46]);
+   /* 47 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[111]);    MULADD(at[1], at[110]);    MULADD(at[2], at[109]);    MULADD(at[3], at[108]);    MULADD(at[4], at[107]);    MULADD(at[5], at[106]);    MULADD(at[6], at[105]);    MULADD(at[7], at[104]);    MULADD(at[8], at[103]);    MULADD(at[9], at[102]);    MULADD(at[10], at[101]);    MULADD(at[11], at[100]);    MULADD(at[12], at[99]);    MULADD(at[13], at[98]);    MULADD(at[14], at[97]);    MULADD(at[15], at[96]);    MULADD(at[16], at[95]);    MULADD(at[17], at[94]);    MULADD(at[18], at[93]);    MULADD(at[19], at[92]);    MULADD(at[20], at[91]);    MULADD(at[21], at[90]);    MULADD(at[22], at[89]);    MULADD(at[23], at[88]);    MULADD(at[24], at[87]);    MULADD(at[25], at[86]);    MULADD(at[26], at[85]);    MULADD(at[27], at[84]);    MULADD(at[28], at[83]);    MULADD(at[29], at[82]);    MULADD(at[30], at[81]);    MULADD(at[31], at[80]);    MULADD(at[32], at[79]);    MULADD(at[33], at[78]);    MULADD(at[34], at[77]);    MULADD(at[35], at[76]);    MULADD(at[36], at[75]);    MULADD(at[37], at[74]);    MULADD(at[38], at[73]);    MULADD(at[39], at[72]);    MULADD(at[40], at[71]);    MULADD(at[41], at[70]);    MULADD(at[42], at[69]);    MULADD(at[43], at[68]);    MULADD(at[44], at[67]);    MULADD(at[45], at[66]);    MULADD(at[46], at[65]);    MULADD(at[47], at[64]); 
+   COMBA_STORE(C->dp[47]);
+   /* 48 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[112]);    MULADD(at[1], at[111]);    MULADD(at[2], at[110]);    MULADD(at[3], at[109]);    MULADD(at[4], at[108]);    MULADD(at[5], at[107]);    MULADD(at[6], at[106]);    MULADD(at[7], at[105]);    MULADD(at[8], at[104]);    MULADD(at[9], at[103]);    MULADD(at[10], at[102]);    MULADD(at[11], at[101]);    MULADD(at[12], at[100]);    MULADD(at[13], at[99]);    MULADD(at[14], at[98]);    MULADD(at[15], at[97]);    MULADD(at[16], at[96]);    MULADD(at[17], at[95]);    MULADD(at[18], at[94]);    MULADD(at[19], at[93]);    MULADD(at[20], at[92]);    MULADD(at[21], at[91]);    MULADD(at[22], at[90]);    MULADD(at[23], at[89]);    MULADD(at[24], at[88]);    MULADD(at[25], at[87]);    MULADD(at[26], at[86]);    MULADD(at[27], at[85]);    MULADD(at[28], at[84]);    MULADD(at[29], at[83]);    MULADD(at[30], at[82]);    MULADD(at[31], at[81]);    MULADD(at[32], at[80]);    MULADD(at[33], at[79]);    MULADD(at[34], at[78]);    MULADD(at[35], at[77]);    MULADD(at[36], at[76]);    MULADD(at[37], at[75]);    MULADD(at[38], at[74]);    MULADD(at[39], at[73]);    MULADD(at[40], at[72]);    MULADD(at[41], at[71]);    MULADD(at[42], at[70]);    MULADD(at[43], at[69]);    MULADD(at[44], at[68]);    MULADD(at[45], at[67]);    MULADD(at[46], at[66]);    MULADD(at[47], at[65]);    MULADD(at[48], at[64]); 
+   COMBA_STORE(C->dp[48]);
+   /* 49 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[113]);    MULADD(at[1], at[112]);    MULADD(at[2], at[111]);    MULADD(at[3], at[110]);    MULADD(at[4], at[109]);    MULADD(at[5], at[108]);    MULADD(at[6], at[107]);    MULADD(at[7], at[106]);    MULADD(at[8], at[105]);    MULADD(at[9], at[104]);    MULADD(at[10], at[103]);    MULADD(at[11], at[102]);    MULADD(at[12], at[101]);    MULADD(at[13], at[100]);    MULADD(at[14], at[99]);    MULADD(at[15], at[98]);    MULADD(at[16], at[97]);    MULADD(at[17], at[96]);    MULADD(at[18], at[95]);    MULADD(at[19], at[94]);    MULADD(at[20], at[93]);    MULADD(at[21], at[92]);    MULADD(at[22], at[91]);    MULADD(at[23], at[90]);    MULADD(at[24], at[89]);    MULADD(at[25], at[88]);    MULADD(at[26], at[87]);    MULADD(at[27], at[86]);    MULADD(at[28], at[85]);    MULADD(at[29], at[84]);    MULADD(at[30], at[83]);    MULADD(at[31], at[82]);    MULADD(at[32], at[81]);    MULADD(at[33], at[80]);    MULADD(at[34], at[79]);    MULADD(at[35], at[78]);    MULADD(at[36], at[77]);    MULADD(at[37], at[76]);    MULADD(at[38], at[75]);    MULADD(at[39], at[74]);    MULADD(at[40], at[73]);    MULADD(at[41], at[72]);    MULADD(at[42], at[71]);    MULADD(at[43], at[70]);    MULADD(at[44], at[69]);    MULADD(at[45], at[68]);    MULADD(at[46], at[67]);    MULADD(at[47], at[66]);    MULADD(at[48], at[65]);    MULADD(at[49], at[64]); 
+   COMBA_STORE(C->dp[49]);
+   /* 50 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[114]);    MULADD(at[1], at[113]);    MULADD(at[2], at[112]);    MULADD(at[3], at[111]);    MULADD(at[4], at[110]);    MULADD(at[5], at[109]);    MULADD(at[6], at[108]);    MULADD(at[7], at[107]);    MULADD(at[8], at[106]);    MULADD(at[9], at[105]);    MULADD(at[10], at[104]);    MULADD(at[11], at[103]);    MULADD(at[12], at[102]);    MULADD(at[13], at[101]);    MULADD(at[14], at[100]);    MULADD(at[15], at[99]);    MULADD(at[16], at[98]);    MULADD(at[17], at[97]);    MULADD(at[18], at[96]);    MULADD(at[19], at[95]);    MULADD(at[20], at[94]);    MULADD(at[21], at[93]);    MULADD(at[22], at[92]);    MULADD(at[23], at[91]);    MULADD(at[24], at[90]);    MULADD(at[25], at[89]);    MULADD(at[26], at[88]);    MULADD(at[27], at[87]);    MULADD(at[28], at[86]);    MULADD(at[29], at[85]);    MULADD(at[30], at[84]);    MULADD(at[31], at[83]);    MULADD(at[32], at[82]);    MULADD(at[33], at[81]);    MULADD(at[34], at[80]);    MULADD(at[35], at[79]);    MULADD(at[36], at[78]);    MULADD(at[37], at[77]);    MULADD(at[38], at[76]);    MULADD(at[39], at[75]);    MULADD(at[40], at[74]);    MULADD(at[41], at[73]);    MULADD(at[42], at[72]);    MULADD(at[43], at[71]);    MULADD(at[44], at[70]);    MULADD(at[45], at[69]);    MULADD(at[46], at[68]);    MULADD(at[47], at[67]);    MULADD(at[48], at[66]);    MULADD(at[49], at[65]);    MULADD(at[50], at[64]); 
+   COMBA_STORE(C->dp[50]);
+   /* 51 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[115]);    MULADD(at[1], at[114]);    MULADD(at[2], at[113]);    MULADD(at[3], at[112]);    MULADD(at[4], at[111]);    MULADD(at[5], at[110]);    MULADD(at[6], at[109]);    MULADD(at[7], at[108]);    MULADD(at[8], at[107]);    MULADD(at[9], at[106]);    MULADD(at[10], at[105]);    MULADD(at[11], at[104]);    MULADD(at[12], at[103]);    MULADD(at[13], at[102]);    MULADD(at[14], at[101]);    MULADD(at[15], at[100]);    MULADD(at[16], at[99]);    MULADD(at[17], at[98]);    MULADD(at[18], at[97]);    MULADD(at[19], at[96]);    MULADD(at[20], at[95]);    MULADD(at[21], at[94]);    MULADD(at[22], at[93]);    MULADD(at[23], at[92]);    MULADD(at[24], at[91]);    MULADD(at[25], at[90]);    MULADD(at[26], at[89]);    MULADD(at[27], at[88]);    MULADD(at[28], at[87]);    MULADD(at[29], at[86]);    MULADD(at[30], at[85]);    MULADD(at[31], at[84]);    MULADD(at[32], at[83]);    MULADD(at[33], at[82]);    MULADD(at[34], at[81]);    MULADD(at[35], at[80]);    MULADD(at[36], at[79]);    MULADD(at[37], at[78]);    MULADD(at[38], at[77]);    MULADD(at[39], at[76]);    MULADD(at[40], at[75]);    MULADD(at[41], at[74]);    MULADD(at[42], at[73]);    MULADD(at[43], at[72]);    MULADD(at[44], at[71]);    MULADD(at[45], at[70]);    MULADD(at[46], at[69]);    MULADD(at[47], at[68]);    MULADD(at[48], at[67]);    MULADD(at[49], at[66]);    MULADD(at[50], at[65]);    MULADD(at[51], at[64]); 
+   COMBA_STORE(C->dp[51]);
+   /* 52 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[116]);    MULADD(at[1], at[115]);    MULADD(at[2], at[114]);    MULADD(at[3], at[113]);    MULADD(at[4], at[112]);    MULADD(at[5], at[111]);    MULADD(at[6], at[110]);    MULADD(at[7], at[109]);    MULADD(at[8], at[108]);    MULADD(at[9], at[107]);    MULADD(at[10], at[106]);    MULADD(at[11], at[105]);    MULADD(at[12], at[104]);    MULADD(at[13], at[103]);    MULADD(at[14], at[102]);    MULADD(at[15], at[101]);    MULADD(at[16], at[100]);    MULADD(at[17], at[99]);    MULADD(at[18], at[98]);    MULADD(at[19], at[97]);    MULADD(at[20], at[96]);    MULADD(at[21], at[95]);    MULADD(at[22], at[94]);    MULADD(at[23], at[93]);    MULADD(at[24], at[92]);    MULADD(at[25], at[91]);    MULADD(at[26], at[90]);    MULADD(at[27], at[89]);    MULADD(at[28], at[88]);    MULADD(at[29], at[87]);    MULADD(at[30], at[86]);    MULADD(at[31], at[85]);    MULADD(at[32], at[84]);    MULADD(at[33], at[83]);    MULADD(at[34], at[82]);    MULADD(at[35], at[81]);    MULADD(at[36], at[80]);    MULADD(at[37], at[79]);    MULADD(at[38], at[78]);    MULADD(at[39], at[77]);    MULADD(at[40], at[76]);    MULADD(at[41], at[75]);    MULADD(at[42], at[74]);    MULADD(at[43], at[73]);    MULADD(at[44], at[72]);    MULADD(at[45], at[71]);    MULADD(at[46], at[70]);    MULADD(at[47], at[69]);    MULADD(at[48], at[68]);    MULADD(at[49], at[67]);    MULADD(at[50], at[66]);    MULADD(at[51], at[65]);    MULADD(at[52], at[64]); 
+   COMBA_STORE(C->dp[52]);
+   /* 53 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[117]);    MULADD(at[1], at[116]);    MULADD(at[2], at[115]);    MULADD(at[3], at[114]);    MULADD(at[4], at[113]);    MULADD(at[5], at[112]);    MULADD(at[6], at[111]);    MULADD(at[7], at[110]);    MULADD(at[8], at[109]);    MULADD(at[9], at[108]);    MULADD(at[10], at[107]);    MULADD(at[11], at[106]);    MULADD(at[12], at[105]);    MULADD(at[13], at[104]);    MULADD(at[14], at[103]);    MULADD(at[15], at[102]);    MULADD(at[16], at[101]);    MULADD(at[17], at[100]);    MULADD(at[18], at[99]);    MULADD(at[19], at[98]);    MULADD(at[20], at[97]);    MULADD(at[21], at[96]);    MULADD(at[22], at[95]);    MULADD(at[23], at[94]);    MULADD(at[24], at[93]);    MULADD(at[25], at[92]);    MULADD(at[26], at[91]);    MULADD(at[27], at[90]);    MULADD(at[28], at[89]);    MULADD(at[29], at[88]);    MULADD(at[30], at[87]);    MULADD(at[31], at[86]);    MULADD(at[32], at[85]);    MULADD(at[33], at[84]);    MULADD(at[34], at[83]);    MULADD(at[35], at[82]);    MULADD(at[36], at[81]);    MULADD(at[37], at[80]);    MULADD(at[38], at[79]);    MULADD(at[39], at[78]);    MULADD(at[40], at[77]);    MULADD(at[41], at[76]);    MULADD(at[42], at[75]);    MULADD(at[43], at[74]);    MULADD(at[44], at[73]);    MULADD(at[45], at[72]);    MULADD(at[46], at[71]);    MULADD(at[47], at[70]);    MULADD(at[48], at[69]);    MULADD(at[49], at[68]);    MULADD(at[50], at[67]);    MULADD(at[51], at[66]);    MULADD(at[52], at[65]);    MULADD(at[53], at[64]); 
+   COMBA_STORE(C->dp[53]);
+   /* 54 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[118]);    MULADD(at[1], at[117]);    MULADD(at[2], at[116]);    MULADD(at[3], at[115]);    MULADD(at[4], at[114]);    MULADD(at[5], at[113]);    MULADD(at[6], at[112]);    MULADD(at[7], at[111]);    MULADD(at[8], at[110]);    MULADD(at[9], at[109]);    MULADD(at[10], at[108]);    MULADD(at[11], at[107]);    MULADD(at[12], at[106]);    MULADD(at[13], at[105]);    MULADD(at[14], at[104]);    MULADD(at[15], at[103]);    MULADD(at[16], at[102]);    MULADD(at[17], at[101]);    MULADD(at[18], at[100]);    MULADD(at[19], at[99]);    MULADD(at[20], at[98]);    MULADD(at[21], at[97]);    MULADD(at[22], at[96]);    MULADD(at[23], at[95]);    MULADD(at[24], at[94]);    MULADD(at[25], at[93]);    MULADD(at[26], at[92]);    MULADD(at[27], at[91]);    MULADD(at[28], at[90]);    MULADD(at[29], at[89]);    MULADD(at[30], at[88]);    MULADD(at[31], at[87]);    MULADD(at[32], at[86]);    MULADD(at[33], at[85]);    MULADD(at[34], at[84]);    MULADD(at[35], at[83]);    MULADD(at[36], at[82]);    MULADD(at[37], at[81]);    MULADD(at[38], at[80]);    MULADD(at[39], at[79]);    MULADD(at[40], at[78]);    MULADD(at[41], at[77]);    MULADD(at[42], at[76]);    MULADD(at[43], at[75]);    MULADD(at[44], at[74]);    MULADD(at[45], at[73]);    MULADD(at[46], at[72]);    MULADD(at[47], at[71]);    MULADD(at[48], at[70]);    MULADD(at[49], at[69]);    MULADD(at[50], at[68]);    MULADD(at[51], at[67]);    MULADD(at[52], at[66]);    MULADD(at[53], at[65]);    MULADD(at[54], at[64]); 
+   COMBA_STORE(C->dp[54]);
+   /* 55 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[119]);    MULADD(at[1], at[118]);    MULADD(at[2], at[117]);    MULADD(at[3], at[116]);    MULADD(at[4], at[115]);    MULADD(at[5], at[114]);    MULADD(at[6], at[113]);    MULADD(at[7], at[112]);    MULADD(at[8], at[111]);    MULADD(at[9], at[110]);    MULADD(at[10], at[109]);    MULADD(at[11], at[108]);    MULADD(at[12], at[107]);    MULADD(at[13], at[106]);    MULADD(at[14], at[105]);    MULADD(at[15], at[104]);    MULADD(at[16], at[103]);    MULADD(at[17], at[102]);    MULADD(at[18], at[101]);    MULADD(at[19], at[100]);    MULADD(at[20], at[99]);    MULADD(at[21], at[98]);    MULADD(at[22], at[97]);    MULADD(at[23], at[96]);    MULADD(at[24], at[95]);    MULADD(at[25], at[94]);    MULADD(at[26], at[93]);    MULADD(at[27], at[92]);    MULADD(at[28], at[91]);    MULADD(at[29], at[90]);    MULADD(at[30], at[89]);    MULADD(at[31], at[88]);    MULADD(at[32], at[87]);    MULADD(at[33], at[86]);    MULADD(at[34], at[85]);    MULADD(at[35], at[84]);    MULADD(at[36], at[83]);    MULADD(at[37], at[82]);    MULADD(at[38], at[81]);    MULADD(at[39], at[80]);    MULADD(at[40], at[79]);    MULADD(at[41], at[78]);    MULADD(at[42], at[77]);    MULADD(at[43], at[76]);    MULADD(at[44], at[75]);    MULADD(at[45], at[74]);    MULADD(at[46], at[73]);    MULADD(at[47], at[72]);    MULADD(at[48], at[71]);    MULADD(at[49], at[70]);    MULADD(at[50], at[69]);    MULADD(at[51], at[68]);    MULADD(at[52], at[67]);    MULADD(at[53], at[66]);    MULADD(at[54], at[65]);    MULADD(at[55], at[64]); 
+   COMBA_STORE(C->dp[55]);
+   /* 56 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[120]);    MULADD(at[1], at[119]);    MULADD(at[2], at[118]);    MULADD(at[3], at[117]);    MULADD(at[4], at[116]);    MULADD(at[5], at[115]);    MULADD(at[6], at[114]);    MULADD(at[7], at[113]);    MULADD(at[8], at[112]);    MULADD(at[9], at[111]);    MULADD(at[10], at[110]);    MULADD(at[11], at[109]);    MULADD(at[12], at[108]);    MULADD(at[13], at[107]);    MULADD(at[14], at[106]);    MULADD(at[15], at[105]);    MULADD(at[16], at[104]);    MULADD(at[17], at[103]);    MULADD(at[18], at[102]);    MULADD(at[19], at[101]);    MULADD(at[20], at[100]);    MULADD(at[21], at[99]);    MULADD(at[22], at[98]);    MULADD(at[23], at[97]);    MULADD(at[24], at[96]);    MULADD(at[25], at[95]);    MULADD(at[26], at[94]);    MULADD(at[27], at[93]);    MULADD(at[28], at[92]);    MULADD(at[29], at[91]);    MULADD(at[30], at[90]);    MULADD(at[31], at[89]);    MULADD(at[32], at[88]);    MULADD(at[33], at[87]);    MULADD(at[34], at[86]);    MULADD(at[35], at[85]);    MULADD(at[36], at[84]);    MULADD(at[37], at[83]);    MULADD(at[38], at[82]);    MULADD(at[39], at[81]);    MULADD(at[40], at[80]);    MULADD(at[41], at[79]);    MULADD(at[42], at[78]);    MULADD(at[43], at[77]);    MULADD(at[44], at[76]);    MULADD(at[45], at[75]);    MULADD(at[46], at[74]);    MULADD(at[47], at[73]);    MULADD(at[48], at[72]);    MULADD(at[49], at[71]);    MULADD(at[50], at[70]);    MULADD(at[51], at[69]);    MULADD(at[52], at[68]);    MULADD(at[53], at[67]);    MULADD(at[54], at[66]);    MULADD(at[55], at[65]);    MULADD(at[56], at[64]); 
+   COMBA_STORE(C->dp[56]);
+   /* 57 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[121]);    MULADD(at[1], at[120]);    MULADD(at[2], at[119]);    MULADD(at[3], at[118]);    MULADD(at[4], at[117]);    MULADD(at[5], at[116]);    MULADD(at[6], at[115]);    MULADD(at[7], at[114]);    MULADD(at[8], at[113]);    MULADD(at[9], at[112]);    MULADD(at[10], at[111]);    MULADD(at[11], at[110]);    MULADD(at[12], at[109]);    MULADD(at[13], at[108]);    MULADD(at[14], at[107]);    MULADD(at[15], at[106]);    MULADD(at[16], at[105]);    MULADD(at[17], at[104]);    MULADD(at[18], at[103]);    MULADD(at[19], at[102]);    MULADD(at[20], at[101]);    MULADD(at[21], at[100]);    MULADD(at[22], at[99]);    MULADD(at[23], at[98]);    MULADD(at[24], at[97]);    MULADD(at[25], at[96]);    MULADD(at[26], at[95]);    MULADD(at[27], at[94]);    MULADD(at[28], at[93]);    MULADD(at[29], at[92]);    MULADD(at[30], at[91]);    MULADD(at[31], at[90]);    MULADD(at[32], at[89]);    MULADD(at[33], at[88]);    MULADD(at[34], at[87]);    MULADD(at[35], at[86]);    MULADD(at[36], at[85]);    MULADD(at[37], at[84]);    MULADD(at[38], at[83]);    MULADD(at[39], at[82]);    MULADD(at[40], at[81]);    MULADD(at[41], at[80]);    MULADD(at[42], at[79]);    MULADD(at[43], at[78]);    MULADD(at[44], at[77]);    MULADD(at[45], at[76]);    MULADD(at[46], at[75]);    MULADD(at[47], at[74]);    MULADD(at[48], at[73]);    MULADD(at[49], at[72]);    MULADD(at[50], at[71]);    MULADD(at[51], at[70]);    MULADD(at[52], at[69]);    MULADD(at[53], at[68]);    MULADD(at[54], at[67]);    MULADD(at[55], at[66]);    MULADD(at[56], at[65]);    MULADD(at[57], at[64]); 
+   COMBA_STORE(C->dp[57]);
+   /* 58 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[122]);    MULADD(at[1], at[121]);    MULADD(at[2], at[120]);    MULADD(at[3], at[119]);    MULADD(at[4], at[118]);    MULADD(at[5], at[117]);    MULADD(at[6], at[116]);    MULADD(at[7], at[115]);    MULADD(at[8], at[114]);    MULADD(at[9], at[113]);    MULADD(at[10], at[112]);    MULADD(at[11], at[111]);    MULADD(at[12], at[110]);    MULADD(at[13], at[109]);    MULADD(at[14], at[108]);    MULADD(at[15], at[107]);    MULADD(at[16], at[106]);    MULADD(at[17], at[105]);    MULADD(at[18], at[104]);    MULADD(at[19], at[103]);    MULADD(at[20], at[102]);    MULADD(at[21], at[101]);    MULADD(at[22], at[100]);    MULADD(at[23], at[99]);    MULADD(at[24], at[98]);    MULADD(at[25], at[97]);    MULADD(at[26], at[96]);    MULADD(at[27], at[95]);    MULADD(at[28], at[94]);    MULADD(at[29], at[93]);    MULADD(at[30], at[92]);    MULADD(at[31], at[91]);    MULADD(at[32], at[90]);    MULADD(at[33], at[89]);    MULADD(at[34], at[88]);    MULADD(at[35], at[87]);    MULADD(at[36], at[86]);    MULADD(at[37], at[85]);    MULADD(at[38], at[84]);    MULADD(at[39], at[83]);    MULADD(at[40], at[82]);    MULADD(at[41], at[81]);    MULADD(at[42], at[80]);    MULADD(at[43], at[79]);    MULADD(at[44], at[78]);    MULADD(at[45], at[77]);    MULADD(at[46], at[76]);    MULADD(at[47], at[75]);    MULADD(at[48], at[74]);    MULADD(at[49], at[73]);    MULADD(at[50], at[72]);    MULADD(at[51], at[71]);    MULADD(at[52], at[70]);    MULADD(at[53], at[69]);    MULADD(at[54], at[68]);    MULADD(at[55], at[67]);    MULADD(at[56], at[66]);    MULADD(at[57], at[65]);    MULADD(at[58], at[64]); 
+   COMBA_STORE(C->dp[58]);
+   /* 59 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[123]);    MULADD(at[1], at[122]);    MULADD(at[2], at[121]);    MULADD(at[3], at[120]);    MULADD(at[4], at[119]);    MULADD(at[5], at[118]);    MULADD(at[6], at[117]);    MULADD(at[7], at[116]);    MULADD(at[8], at[115]);    MULADD(at[9], at[114]);    MULADD(at[10], at[113]);    MULADD(at[11], at[112]);    MULADD(at[12], at[111]);    MULADD(at[13], at[110]);    MULADD(at[14], at[109]);    MULADD(at[15], at[108]);    MULADD(at[16], at[107]);    MULADD(at[17], at[106]);    MULADD(at[18], at[105]);    MULADD(at[19], at[104]);    MULADD(at[20], at[103]);    MULADD(at[21], at[102]);    MULADD(at[22], at[101]);    MULADD(at[23], at[100]);    MULADD(at[24], at[99]);    MULADD(at[25], at[98]);    MULADD(at[26], at[97]);    MULADD(at[27], at[96]);    MULADD(at[28], at[95]);    MULADD(at[29], at[94]);    MULADD(at[30], at[93]);    MULADD(at[31], at[92]);    MULADD(at[32], at[91]);    MULADD(at[33], at[90]);    MULADD(at[34], at[89]);    MULADD(at[35], at[88]);    MULADD(at[36], at[87]);    MULADD(at[37], at[86]);    MULADD(at[38], at[85]);    MULADD(at[39], at[84]);    MULADD(at[40], at[83]);    MULADD(at[41], at[82]);    MULADD(at[42], at[81]);    MULADD(at[43], at[80]);    MULADD(at[44], at[79]);    MULADD(at[45], at[78]);    MULADD(at[46], at[77]);    MULADD(at[47], at[76]);    MULADD(at[48], at[75]);    MULADD(at[49], at[74]);    MULADD(at[50], at[73]);    MULADD(at[51], at[72]);    MULADD(at[52], at[71]);    MULADD(at[53], at[70]);    MULADD(at[54], at[69]);    MULADD(at[55], at[68]);    MULADD(at[56], at[67]);    MULADD(at[57], at[66]);    MULADD(at[58], at[65]);    MULADD(at[59], at[64]); 
+   COMBA_STORE(C->dp[59]);
+   /* 60 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[124]);    MULADD(at[1], at[123]);    MULADD(at[2], at[122]);    MULADD(at[3], at[121]);    MULADD(at[4], at[120]);    MULADD(at[5], at[119]);    MULADD(at[6], at[118]);    MULADD(at[7], at[117]);    MULADD(at[8], at[116]);    MULADD(at[9], at[115]);    MULADD(at[10], at[114]);    MULADD(at[11], at[113]);    MULADD(at[12], at[112]);    MULADD(at[13], at[111]);    MULADD(at[14], at[110]);    MULADD(at[15], at[109]);    MULADD(at[16], at[108]);    MULADD(at[17], at[107]);    MULADD(at[18], at[106]);    MULADD(at[19], at[105]);    MULADD(at[20], at[104]);    MULADD(at[21], at[103]);    MULADD(at[22], at[102]);    MULADD(at[23], at[101]);    MULADD(at[24], at[100]);    MULADD(at[25], at[99]);    MULADD(at[26], at[98]);    MULADD(at[27], at[97]);    MULADD(at[28], at[96]);    MULADD(at[29], at[95]);    MULADD(at[30], at[94]);    MULADD(at[31], at[93]);    MULADD(at[32], at[92]);    MULADD(at[33], at[91]);    MULADD(at[34], at[90]);    MULADD(at[35], at[89]);    MULADD(at[36], at[88]);    MULADD(at[37], at[87]);    MULADD(at[38], at[86]);    MULADD(at[39], at[85]);    MULADD(at[40], at[84]);    MULADD(at[41], at[83]);    MULADD(at[42], at[82]);    MULADD(at[43], at[81]);    MULADD(at[44], at[80]);    MULADD(at[45], at[79]);    MULADD(at[46], at[78]);    MULADD(at[47], at[77]);    MULADD(at[48], at[76]);    MULADD(at[49], at[75]);    MULADD(at[50], at[74]);    MULADD(at[51], at[73]);    MULADD(at[52], at[72]);    MULADD(at[53], at[71]);    MULADD(at[54], at[70]);    MULADD(at[55], at[69]);    MULADD(at[56], at[68]);    MULADD(at[57], at[67]);    MULADD(at[58], at[66]);    MULADD(at[59], at[65]);    MULADD(at[60], at[64]); 
+   COMBA_STORE(C->dp[60]);
+   /* 61 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[125]);    MULADD(at[1], at[124]);    MULADD(at[2], at[123]);    MULADD(at[3], at[122]);    MULADD(at[4], at[121]);    MULADD(at[5], at[120]);    MULADD(at[6], at[119]);    MULADD(at[7], at[118]);    MULADD(at[8], at[117]);    MULADD(at[9], at[116]);    MULADD(at[10], at[115]);    MULADD(at[11], at[114]);    MULADD(at[12], at[113]);    MULADD(at[13], at[112]);    MULADD(at[14], at[111]);    MULADD(at[15], at[110]);    MULADD(at[16], at[109]);    MULADD(at[17], at[108]);    MULADD(at[18], at[107]);    MULADD(at[19], at[106]);    MULADD(at[20], at[105]);    MULADD(at[21], at[104]);    MULADD(at[22], at[103]);    MULADD(at[23], at[102]);    MULADD(at[24], at[101]);    MULADD(at[25], at[100]);    MULADD(at[26], at[99]);    MULADD(at[27], at[98]);    MULADD(at[28], at[97]);    MULADD(at[29], at[96]);    MULADD(at[30], at[95]);    MULADD(at[31], at[94]);    MULADD(at[32], at[93]);    MULADD(at[33], at[92]);    MULADD(at[34], at[91]);    MULADD(at[35], at[90]);    MULADD(at[36], at[89]);    MULADD(at[37], at[88]);    MULADD(at[38], at[87]);    MULADD(at[39], at[86]);    MULADD(at[40], at[85]);    MULADD(at[41], at[84]);    MULADD(at[42], at[83]);    MULADD(at[43], at[82]);    MULADD(at[44], at[81]);    MULADD(at[45], at[80]);    MULADD(at[46], at[79]);    MULADD(at[47], at[78]);    MULADD(at[48], at[77]);    MULADD(at[49], at[76]);    MULADD(at[50], at[75]);    MULADD(at[51], at[74]);    MULADD(at[52], at[73]);    MULADD(at[53], at[72]);    MULADD(at[54], at[71]);    MULADD(at[55], at[70]);    MULADD(at[56], at[69]);    MULADD(at[57], at[68]);    MULADD(at[58], at[67]);    MULADD(at[59], at[66]);    MULADD(at[60], at[65]);    MULADD(at[61], at[64]); 
+   COMBA_STORE(C->dp[61]);
+   /* 62 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[126]);    MULADD(at[1], at[125]);    MULADD(at[2], at[124]);    MULADD(at[3], at[123]);    MULADD(at[4], at[122]);    MULADD(at[5], at[121]);    MULADD(at[6], at[120]);    MULADD(at[7], at[119]);    MULADD(at[8], at[118]);    MULADD(at[9], at[117]);    MULADD(at[10], at[116]);    MULADD(at[11], at[115]);    MULADD(at[12], at[114]);    MULADD(at[13], at[113]);    MULADD(at[14], at[112]);    MULADD(at[15], at[111]);    MULADD(at[16], at[110]);    MULADD(at[17], at[109]);    MULADD(at[18], at[108]);    MULADD(at[19], at[107]);    MULADD(at[20], at[106]);    MULADD(at[21], at[105]);    MULADD(at[22], at[104]);    MULADD(at[23], at[103]);    MULADD(at[24], at[102]);    MULADD(at[25], at[101]);    MULADD(at[26], at[100]);    MULADD(at[27], at[99]);    MULADD(at[28], at[98]);    MULADD(at[29], at[97]);    MULADD(at[30], at[96]);    MULADD(at[31], at[95]);    MULADD(at[32], at[94]);    MULADD(at[33], at[93]);    MULADD(at[34], at[92]);    MULADD(at[35], at[91]);    MULADD(at[36], at[90]);    MULADD(at[37], at[89]);    MULADD(at[38], at[88]);    MULADD(at[39], at[87]);    MULADD(at[40], at[86]);    MULADD(at[41], at[85]);    MULADD(at[42], at[84]);    MULADD(at[43], at[83]);    MULADD(at[44], at[82]);    MULADD(at[45], at[81]);    MULADD(at[46], at[80]);    MULADD(at[47], at[79]);    MULADD(at[48], at[78]);    MULADD(at[49], at[77]);    MULADD(at[50], at[76]);    MULADD(at[51], at[75]);    MULADD(at[52], at[74]);    MULADD(at[53], at[73]);    MULADD(at[54], at[72]);    MULADD(at[55], at[71]);    MULADD(at[56], at[70]);    MULADD(at[57], at[69]);    MULADD(at[58], at[68]);    MULADD(at[59], at[67]);    MULADD(at[60], at[66]);    MULADD(at[61], at[65]);    MULADD(at[62], at[64]); 
+   COMBA_STORE(C->dp[62]);
+   /* 63 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[127]);    MULADD(at[1], at[126]);    MULADD(at[2], at[125]);    MULADD(at[3], at[124]);    MULADD(at[4], at[123]);    MULADD(at[5], at[122]);    MULADD(at[6], at[121]);    MULADD(at[7], at[120]);    MULADD(at[8], at[119]);    MULADD(at[9], at[118]);    MULADD(at[10], at[117]);    MULADD(at[11], at[116]);    MULADD(at[12], at[115]);    MULADD(at[13], at[114]);    MULADD(at[14], at[113]);    MULADD(at[15], at[112]);    MULADD(at[16], at[111]);    MULADD(at[17], at[110]);    MULADD(at[18], at[109]);    MULADD(at[19], at[108]);    MULADD(at[20], at[107]);    MULADD(at[21], at[106]);    MULADD(at[22], at[105]);    MULADD(at[23], at[104]);    MULADD(at[24], at[103]);    MULADD(at[25], at[102]);    MULADD(at[26], at[101]);    MULADD(at[27], at[100]);    MULADD(at[28], at[99]);    MULADD(at[29], at[98]);    MULADD(at[30], at[97]);    MULADD(at[31], at[96]);    MULADD(at[32], at[95]);    MULADD(at[33], at[94]);    MULADD(at[34], at[93]);    MULADD(at[35], at[92]);    MULADD(at[36], at[91]);    MULADD(at[37], at[90]);    MULADD(at[38], at[89]);    MULADD(at[39], at[88]);    MULADD(at[40], at[87]);    MULADD(at[41], at[86]);    MULADD(at[42], at[85]);    MULADD(at[43], at[84]);    MULADD(at[44], at[83]);    MULADD(at[45], at[82]);    MULADD(at[46], at[81]);    MULADD(at[47], at[80]);    MULADD(at[48], at[79]);    MULADD(at[49], at[78]);    MULADD(at[50], at[77]);    MULADD(at[51], at[76]);    MULADD(at[52], at[75]);    MULADD(at[53], at[74]);    MULADD(at[54], at[73]);    MULADD(at[55], at[72]);    MULADD(at[56], at[71]);    MULADD(at[57], at[70]);    MULADD(at[58], at[69]);    MULADD(at[59], at[68]);    MULADD(at[60], at[67]);    MULADD(at[61], at[66]);    MULADD(at[62], at[65]);    MULADD(at[63], at[64]); 
+   COMBA_STORE(C->dp[63]);
+   /* 64 */
+   COMBA_FORWARD;
+   MULADD(at[1], at[127]);    MULADD(at[2], at[126]);    MULADD(at[3], at[125]);    MULADD(at[4], at[124]);    MULADD(at[5], at[123]);    MULADD(at[6], at[122]);    MULADD(at[7], at[121]);    MULADD(at[8], at[120]);    MULADD(at[9], at[119]);    MULADD(at[10], at[118]);    MULADD(at[11], at[117]);    MULADD(at[12], at[116]);    MULADD(at[13], at[115]);    MULADD(at[14], at[114]);    MULADD(at[15], at[113]);    MULADD(at[16], at[112]);    MULADD(at[17], at[111]);    MULADD(at[18], at[110]);    MULADD(at[19], at[109]);    MULADD(at[20], at[108]);    MULADD(at[21], at[107]);    MULADD(at[22], at[106]);    MULADD(at[23], at[105]);    MULADD(at[24], at[104]);    MULADD(at[25], at[103]);    MULADD(at[26], at[102]);    MULADD(at[27], at[101]);    MULADD(at[28], at[100]);    MULADD(at[29], at[99]);    MULADD(at[30], at[98]);    MULADD(at[31], at[97]);    MULADD(at[32], at[96]);    MULADD(at[33], at[95]);    MULADD(at[34], at[94]);    MULADD(at[35], at[93]);    MULADD(at[36], at[92]);    MULADD(at[37], at[91]);    MULADD(at[38], at[90]);    MULADD(at[39], at[89]);    MULADD(at[40], at[88]);    MULADD(at[41], at[87]);    MULADD(at[42], at[86]);    MULADD(at[43], at[85]);    MULADD(at[44], at[84]);    MULADD(at[45], at[83]);    MULADD(at[46], at[82]);    MULADD(at[47], at[81]);    MULADD(at[48], at[80]);    MULADD(at[49], at[79]);    MULADD(at[50], at[78]);    MULADD(at[51], at[77]);    MULADD(at[52], at[76]);    MULADD(at[53], at[75]);    MULADD(at[54], at[74]);    MULADD(at[55], at[73]);    MULADD(at[56], at[72]);    MULADD(at[57], at[71]);    MULADD(at[58], at[70]);    MULADD(at[59], at[69]);    MULADD(at[60], at[68]);    MULADD(at[61], at[67]);    MULADD(at[62], at[66]);    MULADD(at[63], at[65]); 
+   COMBA_STORE(C->dp[64]);
+   /* 65 */
+   COMBA_FORWARD;
+   MULADD(at[2], at[127]);    MULADD(at[3], at[126]);    MULADD(at[4], at[125]);    MULADD(at[5], at[124]);    MULADD(at[6], at[123]);    MULADD(at[7], at[122]);    MULADD(at[8], at[121]);    MULADD(at[9], at[120]);    MULADD(at[10], at[119]);    MULADD(at[11], at[118]);    MULADD(at[12], at[117]);    MULADD(at[13], at[116]);    MULADD(at[14], at[115]);    MULADD(at[15], at[114]);    MULADD(at[16], at[113]);    MULADD(at[17], at[112]);    MULADD(at[18], at[111]);    MULADD(at[19], at[110]);    MULADD(at[20], at[109]);    MULADD(at[21], at[108]);    MULADD(at[22], at[107]);    MULADD(at[23], at[106]);    MULADD(at[24], at[105]);    MULADD(at[25], at[104]);    MULADD(at[26], at[103]);    MULADD(at[27], at[102]);    MULADD(at[28], at[101]);    MULADD(at[29], at[100]);    MULADD(at[30], at[99]);    MULADD(at[31], at[98]);    MULADD(at[32], at[97]);    MULADD(at[33], at[96]);    MULADD(at[34], at[95]);    MULADD(at[35], at[94]);    MULADD(at[36], at[93]);    MULADD(at[37], at[92]);    MULADD(at[38], at[91]);    MULADD(at[39], at[90]);    MULADD(at[40], at[89]);    MULADD(at[41], at[88]);    MULADD(at[42], at[87]);    MULADD(at[43], at[86]);    MULADD(at[44], at[85]);    MULADD(at[45], at[84]);    MULADD(at[46], at[83]);    MULADD(at[47], at[82]);    MULADD(at[48], at[81]);    MULADD(at[49], at[80]);    MULADD(at[50], at[79]);    MULADD(at[51], at[78]);    MULADD(at[52], at[77]);    MULADD(at[53], at[76]);    MULADD(at[54], at[75]);    MULADD(at[55], at[74]);    MULADD(at[56], at[73]);    MULADD(at[57], at[72]);    MULADD(at[58], at[71]);    MULADD(at[59], at[70]);    MULADD(at[60], at[69]);    MULADD(at[61], at[68]);    MULADD(at[62], at[67]);    MULADD(at[63], at[66]); 
+   COMBA_STORE(C->dp[65]);
+   /* 66 */
+   COMBA_FORWARD;
+   MULADD(at[3], at[127]);    MULADD(at[4], at[126]);    MULADD(at[5], at[125]);    MULADD(at[6], at[124]);    MULADD(at[7], at[123]);    MULADD(at[8], at[122]);    MULADD(at[9], at[121]);    MULADD(at[10], at[120]);    MULADD(at[11], at[119]);    MULADD(at[12], at[118]);    MULADD(at[13], at[117]);    MULADD(at[14], at[116]);    MULADD(at[15], at[115]);    MULADD(at[16], at[114]);    MULADD(at[17], at[113]);    MULADD(at[18], at[112]);    MULADD(at[19], at[111]);    MULADD(at[20], at[110]);    MULADD(at[21], at[109]);    MULADD(at[22], at[108]);    MULADD(at[23], at[107]);    MULADD(at[24], at[106]);    MULADD(at[25], at[105]);    MULADD(at[26], at[104]);    MULADD(at[27], at[103]);    MULADD(at[28], at[102]);    MULADD(at[29], at[101]);    MULADD(at[30], at[100]);    MULADD(at[31], at[99]);    MULADD(at[32], at[98]);    MULADD(at[33], at[97]);    MULADD(at[34], at[96]);    MULADD(at[35], at[95]);    MULADD(at[36], at[94]);    MULADD(at[37], at[93]);    MULADD(at[38], at[92]);    MULADD(at[39], at[91]);    MULADD(at[40], at[90]);    MULADD(at[41], at[89]);    MULADD(at[42], at[88]);    MULADD(at[43], at[87]);    MULADD(at[44], at[86]);    MULADD(at[45], at[85]);    MULADD(at[46], at[84]);    MULADD(at[47], at[83]);    MULADD(at[48], at[82]);    MULADD(at[49], at[81]);    MULADD(at[50], at[80]);    MULADD(at[51], at[79]);    MULADD(at[52], at[78]);    MULADD(at[53], at[77]);    MULADD(at[54], at[76]);    MULADD(at[55], at[75]);    MULADD(at[56], at[74]);    MULADD(at[57], at[73]);    MULADD(at[58], at[72]);    MULADD(at[59], at[71]);    MULADD(at[60], at[70]);    MULADD(at[61], at[69]);    MULADD(at[62], at[68]);    MULADD(at[63], at[67]); 
+   COMBA_STORE(C->dp[66]);
+   /* 67 */
+   COMBA_FORWARD;
+   MULADD(at[4], at[127]);    MULADD(at[5], at[126]);    MULADD(at[6], at[125]);    MULADD(at[7], at[124]);    MULADD(at[8], at[123]);    MULADD(at[9], at[122]);    MULADD(at[10], at[121]);    MULADD(at[11], at[120]);    MULADD(at[12], at[119]);    MULADD(at[13], at[118]);    MULADD(at[14], at[117]);    MULADD(at[15], at[116]);    MULADD(at[16], at[115]);    MULADD(at[17], at[114]);    MULADD(at[18], at[113]);    MULADD(at[19], at[112]);    MULADD(at[20], at[111]);    MULADD(at[21], at[110]);    MULADD(at[22], at[109]);    MULADD(at[23], at[108]);    MULADD(at[24], at[107]);    MULADD(at[25], at[106]);    MULADD(at[26], at[105]);    MULADD(at[27], at[104]);    MULADD(at[28], at[103]);    MULADD(at[29], at[102]);    MULADD(at[30], at[101]);    MULADD(at[31], at[100]);    MULADD(at[32], at[99]);    MULADD(at[33], at[98]);    MULADD(at[34], at[97]);    MULADD(at[35], at[96]);    MULADD(at[36], at[95]);    MULADD(at[37], at[94]);    MULADD(at[38], at[93]);    MULADD(at[39], at[92]);    MULADD(at[40], at[91]);    MULADD(at[41], at[90]);    MULADD(at[42], at[89]);    MULADD(at[43], at[88]);    MULADD(at[44], at[87]);    MULADD(at[45], at[86]);    MULADD(at[46], at[85]);    MULADD(at[47], at[84]);    MULADD(at[48], at[83]);    MULADD(at[49], at[82]);    MULADD(at[50], at[81]);    MULADD(at[51], at[80]);    MULADD(at[52], at[79]);    MULADD(at[53], at[78]);    MULADD(at[54], at[77]);    MULADD(at[55], at[76]);    MULADD(at[56], at[75]);    MULADD(at[57], at[74]);    MULADD(at[58], at[73]);    MULADD(at[59], at[72]);    MULADD(at[60], at[71]);    MULADD(at[61], at[70]);    MULADD(at[62], at[69]);    MULADD(at[63], at[68]); 
+   COMBA_STORE(C->dp[67]);
+   /* 68 */
+   COMBA_FORWARD;
+   MULADD(at[5], at[127]);    MULADD(at[6], at[126]);    MULADD(at[7], at[125]);    MULADD(at[8], at[124]);    MULADD(at[9], at[123]);    MULADD(at[10], at[122]);    MULADD(at[11], at[121]);    MULADD(at[12], at[120]);    MULADD(at[13], at[119]);    MULADD(at[14], at[118]);    MULADD(at[15], at[117]);    MULADD(at[16], at[116]);    MULADD(at[17], at[115]);    MULADD(at[18], at[114]);    MULADD(at[19], at[113]);    MULADD(at[20], at[112]);    MULADD(at[21], at[111]);    MULADD(at[22], at[110]);    MULADD(at[23], at[109]);    MULADD(at[24], at[108]);    MULADD(at[25], at[107]);    MULADD(at[26], at[106]);    MULADD(at[27], at[105]);    MULADD(at[28], at[104]);    MULADD(at[29], at[103]);    MULADD(at[30], at[102]);    MULADD(at[31], at[101]);    MULADD(at[32], at[100]);    MULADD(at[33], at[99]);    MULADD(at[34], at[98]);    MULADD(at[35], at[97]);    MULADD(at[36], at[96]);    MULADD(at[37], at[95]);    MULADD(at[38], at[94]);    MULADD(at[39], at[93]);    MULADD(at[40], at[92]);    MULADD(at[41], at[91]);    MULADD(at[42], at[90]);    MULADD(at[43], at[89]);    MULADD(at[44], at[88]);    MULADD(at[45], at[87]);    MULADD(at[46], at[86]);    MULADD(at[47], at[85]);    MULADD(at[48], at[84]);    MULADD(at[49], at[83]);    MULADD(at[50], at[82]);    MULADD(at[51], at[81]);    MULADD(at[52], at[80]);    MULADD(at[53], at[79]);    MULADD(at[54], at[78]);    MULADD(at[55], at[77]);    MULADD(at[56], at[76]);    MULADD(at[57], at[75]);    MULADD(at[58], at[74]);    MULADD(at[59], at[73]);    MULADD(at[60], at[72]);    MULADD(at[61], at[71]);    MULADD(at[62], at[70]);    MULADD(at[63], at[69]); 
+   COMBA_STORE(C->dp[68]);
+   /* 69 */
+   COMBA_FORWARD;
+   MULADD(at[6], at[127]);    MULADD(at[7], at[126]);    MULADD(at[8], at[125]);    MULADD(at[9], at[124]);    MULADD(at[10], at[123]);    MULADD(at[11], at[122]);    MULADD(at[12], at[121]);    MULADD(at[13], at[120]);    MULADD(at[14], at[119]);    MULADD(at[15], at[118]);    MULADD(at[16], at[117]);    MULADD(at[17], at[116]);    MULADD(at[18], at[115]);    MULADD(at[19], at[114]);    MULADD(at[20], at[113]);    MULADD(at[21], at[112]);    MULADD(at[22], at[111]);    MULADD(at[23], at[110]);    MULADD(at[24], at[109]);    MULADD(at[25], at[108]);    MULADD(at[26], at[107]);    MULADD(at[27], at[106]);    MULADD(at[28], at[105]);    MULADD(at[29], at[104]);    MULADD(at[30], at[103]);    MULADD(at[31], at[102]);    MULADD(at[32], at[101]);    MULADD(at[33], at[100]);    MULADD(at[34], at[99]);    MULADD(at[35], at[98]);    MULADD(at[36], at[97]);    MULADD(at[37], at[96]);    MULADD(at[38], at[95]);    MULADD(at[39], at[94]);    MULADD(at[40], at[93]);    MULADD(at[41], at[92]);    MULADD(at[42], at[91]);    MULADD(at[43], at[90]);    MULADD(at[44], at[89]);    MULADD(at[45], at[88]);    MULADD(at[46], at[87]);    MULADD(at[47], at[86]);    MULADD(at[48], at[85]);    MULADD(at[49], at[84]);    MULADD(at[50], at[83]);    MULADD(at[51], at[82]);    MULADD(at[52], at[81]);    MULADD(at[53], at[80]);    MULADD(at[54], at[79]);    MULADD(at[55], at[78]);    MULADD(at[56], at[77]);    MULADD(at[57], at[76]);    MULADD(at[58], at[75]);    MULADD(at[59], at[74]);    MULADD(at[60], at[73]);    MULADD(at[61], at[72]);    MULADD(at[62], at[71]);    MULADD(at[63], at[70]); 
+   COMBA_STORE(C->dp[69]);
+   /* 70 */
+   COMBA_FORWARD;
+   MULADD(at[7], at[127]);    MULADD(at[8], at[126]);    MULADD(at[9], at[125]);    MULADD(at[10], at[124]);    MULADD(at[11], at[123]);    MULADD(at[12], at[122]);    MULADD(at[13], at[121]);    MULADD(at[14], at[120]);    MULADD(at[15], at[119]);    MULADD(at[16], at[118]);    MULADD(at[17], at[117]);    MULADD(at[18], at[116]);    MULADD(at[19], at[115]);    MULADD(at[20], at[114]);    MULADD(at[21], at[113]);    MULADD(at[22], at[112]);    MULADD(at[23], at[111]);    MULADD(at[24], at[110]);    MULADD(at[25], at[109]);    MULADD(at[26], at[108]);    MULADD(at[27], at[107]);    MULADD(at[28], at[106]);    MULADD(at[29], at[105]);    MULADD(at[30], at[104]);    MULADD(at[31], at[103]);    MULADD(at[32], at[102]);    MULADD(at[33], at[101]);    MULADD(at[34], at[100]);    MULADD(at[35], at[99]);    MULADD(at[36], at[98]);    MULADD(at[37], at[97]);    MULADD(at[38], at[96]);    MULADD(at[39], at[95]);    MULADD(at[40], at[94]);    MULADD(at[41], at[93]);    MULADD(at[42], at[92]);    MULADD(at[43], at[91]);    MULADD(at[44], at[90]);    MULADD(at[45], at[89]);    MULADD(at[46], at[88]);    MULADD(at[47], at[87]);    MULADD(at[48], at[86]);    MULADD(at[49], at[85]);    MULADD(at[50], at[84]);    MULADD(at[51], at[83]);    MULADD(at[52], at[82]);    MULADD(at[53], at[81]);    MULADD(at[54], at[80]);    MULADD(at[55], at[79]);    MULADD(at[56], at[78]);    MULADD(at[57], at[77]);    MULADD(at[58], at[76]);    MULADD(at[59], at[75]);    MULADD(at[60], at[74]);    MULADD(at[61], at[73]);    MULADD(at[62], at[72]);    MULADD(at[63], at[71]); 
+   COMBA_STORE(C->dp[70]);
+   /* 71 */
+   COMBA_FORWARD;
+   MULADD(at[8], at[127]);    MULADD(at[9], at[126]);    MULADD(at[10], at[125]);    MULADD(at[11], at[124]);    MULADD(at[12], at[123]);    MULADD(at[13], at[122]);    MULADD(at[14], at[121]);    MULADD(at[15], at[120]);    MULADD(at[16], at[119]);    MULADD(at[17], at[118]);    MULADD(at[18], at[117]);    MULADD(at[19], at[116]);    MULADD(at[20], at[115]);    MULADD(at[21], at[114]);    MULADD(at[22], at[113]);    MULADD(at[23], at[112]);    MULADD(at[24], at[111]);    MULADD(at[25], at[110]);    MULADD(at[26], at[109]);    MULADD(at[27], at[108]);    MULADD(at[28], at[107]);    MULADD(at[29], at[106]);    MULADD(at[30], at[105]);    MULADD(at[31], at[104]);    MULADD(at[32], at[103]);    MULADD(at[33], at[102]);    MULADD(at[34], at[101]);    MULADD(at[35], at[100]);    MULADD(at[36], at[99]);    MULADD(at[37], at[98]);    MULADD(at[38], at[97]);    MULADD(at[39], at[96]);    MULADD(at[40], at[95]);    MULADD(at[41], at[94]);    MULADD(at[42], at[93]);    MULADD(at[43], at[92]);    MULADD(at[44], at[91]);    MULADD(at[45], at[90]);    MULADD(at[46], at[89]);    MULADD(at[47], at[88]);    MULADD(at[48], at[87]);    MULADD(at[49], at[86]);    MULADD(at[50], at[85]);    MULADD(at[51], at[84]);    MULADD(at[52], at[83]);    MULADD(at[53], at[82]);    MULADD(at[54], at[81]);    MULADD(at[55], at[80]);    MULADD(at[56], at[79]);    MULADD(at[57], at[78]);    MULADD(at[58], at[77]);    MULADD(at[59], at[76]);    MULADD(at[60], at[75]);    MULADD(at[61], at[74]);    MULADD(at[62], at[73]);    MULADD(at[63], at[72]); 
+   COMBA_STORE(C->dp[71]);
+   /* 72 */
+   COMBA_FORWARD;
+   MULADD(at[9], at[127]);    MULADD(at[10], at[126]);    MULADD(at[11], at[125]);    MULADD(at[12], at[124]);    MULADD(at[13], at[123]);    MULADD(at[14], at[122]);    MULADD(at[15], at[121]);    MULADD(at[16], at[120]);    MULADD(at[17], at[119]);    MULADD(at[18], at[118]);    MULADD(at[19], at[117]);    MULADD(at[20], at[116]);    MULADD(at[21], at[115]);    MULADD(at[22], at[114]);    MULADD(at[23], at[113]);    MULADD(at[24], at[112]);    MULADD(at[25], at[111]);    MULADD(at[26], at[110]);    MULADD(at[27], at[109]);    MULADD(at[28], at[108]);    MULADD(at[29], at[107]);    MULADD(at[30], at[106]);    MULADD(at[31], at[105]);    MULADD(at[32], at[104]);    MULADD(at[33], at[103]);    MULADD(at[34], at[102]);    MULADD(at[35], at[101]);    MULADD(at[36], at[100]);    MULADD(at[37], at[99]);    MULADD(at[38], at[98]);    MULADD(at[39], at[97]);    MULADD(at[40], at[96]);    MULADD(at[41], at[95]);    MULADD(at[42], at[94]);    MULADD(at[43], at[93]);    MULADD(at[44], at[92]);    MULADD(at[45], at[91]);    MULADD(at[46], at[90]);    MULADD(at[47], at[89]);    MULADD(at[48], at[88]);    MULADD(at[49], at[87]);    MULADD(at[50], at[86]);    MULADD(at[51], at[85]);    MULADD(at[52], at[84]);    MULADD(at[53], at[83]);    MULADD(at[54], at[82]);    MULADD(at[55], at[81]);    MULADD(at[56], at[80]);    MULADD(at[57], at[79]);    MULADD(at[58], at[78]);    MULADD(at[59], at[77]);    MULADD(at[60], at[76]);    MULADD(at[61], at[75]);    MULADD(at[62], at[74]);    MULADD(at[63], at[73]); 
+   COMBA_STORE(C->dp[72]);
+   /* 73 */
+   COMBA_FORWARD;
+   MULADD(at[10], at[127]);    MULADD(at[11], at[126]);    MULADD(at[12], at[125]);    MULADD(at[13], at[124]);    MULADD(at[14], at[123]);    MULADD(at[15], at[122]);    MULADD(at[16], at[121]);    MULADD(at[17], at[120]);    MULADD(at[18], at[119]);    MULADD(at[19], at[118]);    MULADD(at[20], at[117]);    MULADD(at[21], at[116]);    MULADD(at[22], at[115]);    MULADD(at[23], at[114]);    MULADD(at[24], at[113]);    MULADD(at[25], at[112]);    MULADD(at[26], at[111]);    MULADD(at[27], at[110]);    MULADD(at[28], at[109]);    MULADD(at[29], at[108]);    MULADD(at[30], at[107]);    MULADD(at[31], at[106]);    MULADD(at[32], at[105]);    MULADD(at[33], at[104]);    MULADD(at[34], at[103]);    MULADD(at[35], at[102]);    MULADD(at[36], at[101]);    MULADD(at[37], at[100]);    MULADD(at[38], at[99]);    MULADD(at[39], at[98]);    MULADD(at[40], at[97]);    MULADD(at[41], at[96]);    MULADD(at[42], at[95]);    MULADD(at[43], at[94]);    MULADD(at[44], at[93]);    MULADD(at[45], at[92]);    MULADD(at[46], at[91]);    MULADD(at[47], at[90]);    MULADD(at[48], at[89]);    MULADD(at[49], at[88]);    MULADD(at[50], at[87]);    MULADD(at[51], at[86]);    MULADD(at[52], at[85]);    MULADD(at[53], at[84]);    MULADD(at[54], at[83]);    MULADD(at[55], at[82]);    MULADD(at[56], at[81]);    MULADD(at[57], at[80]);    MULADD(at[58], at[79]);    MULADD(at[59], at[78]);    MULADD(at[60], at[77]);    MULADD(at[61], at[76]);    MULADD(at[62], at[75]);    MULADD(at[63], at[74]); 
+   COMBA_STORE(C->dp[73]);
+   /* 74 */
+   COMBA_FORWARD;
+   MULADD(at[11], at[127]);    MULADD(at[12], at[126]);    MULADD(at[13], at[125]);    MULADD(at[14], at[124]);    MULADD(at[15], at[123]);    MULADD(at[16], at[122]);    MULADD(at[17], at[121]);    MULADD(at[18], at[120]);    MULADD(at[19], at[119]);    MULADD(at[20], at[118]);    MULADD(at[21], at[117]);    MULADD(at[22], at[116]);    MULADD(at[23], at[115]);    MULADD(at[24], at[114]);    MULADD(at[25], at[113]);    MULADD(at[26], at[112]);    MULADD(at[27], at[111]);    MULADD(at[28], at[110]);    MULADD(at[29], at[109]);    MULADD(at[30], at[108]);    MULADD(at[31], at[107]);    MULADD(at[32], at[106]);    MULADD(at[33], at[105]);    MULADD(at[34], at[104]);    MULADD(at[35], at[103]);    MULADD(at[36], at[102]);    MULADD(at[37], at[101]);    MULADD(at[38], at[100]);    MULADD(at[39], at[99]);    MULADD(at[40], at[98]);    MULADD(at[41], at[97]);    MULADD(at[42], at[96]);    MULADD(at[43], at[95]);    MULADD(at[44], at[94]);    MULADD(at[45], at[93]);    MULADD(at[46], at[92]);    MULADD(at[47], at[91]);    MULADD(at[48], at[90]);    MULADD(at[49], at[89]);    MULADD(at[50], at[88]);    MULADD(at[51], at[87]);    MULADD(at[52], at[86]);    MULADD(at[53], at[85]);    MULADD(at[54], at[84]);    MULADD(at[55], at[83]);    MULADD(at[56], at[82]);    MULADD(at[57], at[81]);    MULADD(at[58], at[80]);    MULADD(at[59], at[79]);    MULADD(at[60], at[78]);    MULADD(at[61], at[77]);    MULADD(at[62], at[76]);    MULADD(at[63], at[75]); 
+   COMBA_STORE(C->dp[74]);
+   /* 75 */
+   COMBA_FORWARD;
+   MULADD(at[12], at[127]);    MULADD(at[13], at[126]);    MULADD(at[14], at[125]);    MULADD(at[15], at[124]);    MULADD(at[16], at[123]);    MULADD(at[17], at[122]);    MULADD(at[18], at[121]);    MULADD(at[19], at[120]);    MULADD(at[20], at[119]);    MULADD(at[21], at[118]);    MULADD(at[22], at[117]);    MULADD(at[23], at[116]);    MULADD(at[24], at[115]);    MULADD(at[25], at[114]);    MULADD(at[26], at[113]);    MULADD(at[27], at[112]);    MULADD(at[28], at[111]);    MULADD(at[29], at[110]);    MULADD(at[30], at[109]);    MULADD(at[31], at[108]);    MULADD(at[32], at[107]);    MULADD(at[33], at[106]);    MULADD(at[34], at[105]);    MULADD(at[35], at[104]);    MULADD(at[36], at[103]);    MULADD(at[37], at[102]);    MULADD(at[38], at[101]);    MULADD(at[39], at[100]);    MULADD(at[40], at[99]);    MULADD(at[41], at[98]);    MULADD(at[42], at[97]);    MULADD(at[43], at[96]);    MULADD(at[44], at[95]);    MULADD(at[45], at[94]);    MULADD(at[46], at[93]);    MULADD(at[47], at[92]);    MULADD(at[48], at[91]);    MULADD(at[49], at[90]);    MULADD(at[50], at[89]);    MULADD(at[51], at[88]);    MULADD(at[52], at[87]);    MULADD(at[53], at[86]);    MULADD(at[54], at[85]);    MULADD(at[55], at[84]);    MULADD(at[56], at[83]);    MULADD(at[57], at[82]);    MULADD(at[58], at[81]);    MULADD(at[59], at[80]);    MULADD(at[60], at[79]);    MULADD(at[61], at[78]);    MULADD(at[62], at[77]);    MULADD(at[63], at[76]); 
+   COMBA_STORE(C->dp[75]);
+   /* 76 */
+   COMBA_FORWARD;
+   MULADD(at[13], at[127]);    MULADD(at[14], at[126]);    MULADD(at[15], at[125]);    MULADD(at[16], at[124]);    MULADD(at[17], at[123]);    MULADD(at[18], at[122]);    MULADD(at[19], at[121]);    MULADD(at[20], at[120]);    MULADD(at[21], at[119]);    MULADD(at[22], at[118]);    MULADD(at[23], at[117]);    MULADD(at[24], at[116]);    MULADD(at[25], at[115]);    MULADD(at[26], at[114]);    MULADD(at[27], at[113]);    MULADD(at[28], at[112]);    MULADD(at[29], at[111]);    MULADD(at[30], at[110]);    MULADD(at[31], at[109]);    MULADD(at[32], at[108]);    MULADD(at[33], at[107]);    MULADD(at[34], at[106]);    MULADD(at[35], at[105]);    MULADD(at[36], at[104]);    MULADD(at[37], at[103]);    MULADD(at[38], at[102]);    MULADD(at[39], at[101]);    MULADD(at[40], at[100]);    MULADD(at[41], at[99]);    MULADD(at[42], at[98]);    MULADD(at[43], at[97]);    MULADD(at[44], at[96]);    MULADD(at[45], at[95]);    MULADD(at[46], at[94]);    MULADD(at[47], at[93]);    MULADD(at[48], at[92]);    MULADD(at[49], at[91]);    MULADD(at[50], at[90]);    MULADD(at[51], at[89]);    MULADD(at[52], at[88]);    MULADD(at[53], at[87]);    MULADD(at[54], at[86]);    MULADD(at[55], at[85]);    MULADD(at[56], at[84]);    MULADD(at[57], at[83]);    MULADD(at[58], at[82]);    MULADD(at[59], at[81]);    MULADD(at[60], at[80]);    MULADD(at[61], at[79]);    MULADD(at[62], at[78]);    MULADD(at[63], at[77]); 
+   COMBA_STORE(C->dp[76]);
+   /* 77 */
+   COMBA_FORWARD;
+   MULADD(at[14], at[127]);    MULADD(at[15], at[126]);    MULADD(at[16], at[125]);    MULADD(at[17], at[124]);    MULADD(at[18], at[123]);    MULADD(at[19], at[122]);    MULADD(at[20], at[121]);    MULADD(at[21], at[120]);    MULADD(at[22], at[119]);    MULADD(at[23], at[118]);    MULADD(at[24], at[117]);    MULADD(at[25], at[116]);    MULADD(at[26], at[115]);    MULADD(at[27], at[114]);    MULADD(at[28], at[113]);    MULADD(at[29], at[112]);    MULADD(at[30], at[111]);    MULADD(at[31], at[110]);    MULADD(at[32], at[109]);    MULADD(at[33], at[108]);    MULADD(at[34], at[107]);    MULADD(at[35], at[106]);    MULADD(at[36], at[105]);    MULADD(at[37], at[104]);    MULADD(at[38], at[103]);    MULADD(at[39], at[102]);    MULADD(at[40], at[101]);    MULADD(at[41], at[100]);    MULADD(at[42], at[99]);    MULADD(at[43], at[98]);    MULADD(at[44], at[97]);    MULADD(at[45], at[96]);    MULADD(at[46], at[95]);    MULADD(at[47], at[94]);    MULADD(at[48], at[93]);    MULADD(at[49], at[92]);    MULADD(at[50], at[91]);    MULADD(at[51], at[90]);    MULADD(at[52], at[89]);    MULADD(at[53], at[88]);    MULADD(at[54], at[87]);    MULADD(at[55], at[86]);    MULADD(at[56], at[85]);    MULADD(at[57], at[84]);    MULADD(at[58], at[83]);    MULADD(at[59], at[82]);    MULADD(at[60], at[81]);    MULADD(at[61], at[80]);    MULADD(at[62], at[79]);    MULADD(at[63], at[78]); 
+   COMBA_STORE(C->dp[77]);
+   /* 78 */
+   COMBA_FORWARD;
+   MULADD(at[15], at[127]);    MULADD(at[16], at[126]);    MULADD(at[17], at[125]);    MULADD(at[18], at[124]);    MULADD(at[19], at[123]);    MULADD(at[20], at[122]);    MULADD(at[21], at[121]);    MULADD(at[22], at[120]);    MULADD(at[23], at[119]);    MULADD(at[24], at[118]);    MULADD(at[25], at[117]);    MULADD(at[26], at[116]);    MULADD(at[27], at[115]);    MULADD(at[28], at[114]);    MULADD(at[29], at[113]);    MULADD(at[30], at[112]);    MULADD(at[31], at[111]);    MULADD(at[32], at[110]);    MULADD(at[33], at[109]);    MULADD(at[34], at[108]);    MULADD(at[35], at[107]);    MULADD(at[36], at[106]);    MULADD(at[37], at[105]);    MULADD(at[38], at[104]);    MULADD(at[39], at[103]);    MULADD(at[40], at[102]);    MULADD(at[41], at[101]);    MULADD(at[42], at[100]);    MULADD(at[43], at[99]);    MULADD(at[44], at[98]);    MULADD(at[45], at[97]);    MULADD(at[46], at[96]);    MULADD(at[47], at[95]);    MULADD(at[48], at[94]);    MULADD(at[49], at[93]);    MULADD(at[50], at[92]);    MULADD(at[51], at[91]);    MULADD(at[52], at[90]);    MULADD(at[53], at[89]);    MULADD(at[54], at[88]);    MULADD(at[55], at[87]);    MULADD(at[56], at[86]);    MULADD(at[57], at[85]);    MULADD(at[58], at[84]);    MULADD(at[59], at[83]);    MULADD(at[60], at[82]);    MULADD(at[61], at[81]);    MULADD(at[62], at[80]);    MULADD(at[63], at[79]); 
+   COMBA_STORE(C->dp[78]);
+   /* 79 */
+   COMBA_FORWARD;
+   MULADD(at[16], at[127]);    MULADD(at[17], at[126]);    MULADD(at[18], at[125]);    MULADD(at[19], at[124]);    MULADD(at[20], at[123]);    MULADD(at[21], at[122]);    MULADD(at[22], at[121]);    MULADD(at[23], at[120]);    MULADD(at[24], at[119]);    MULADD(at[25], at[118]);    MULADD(at[26], at[117]);    MULADD(at[27], at[116]);    MULADD(at[28], at[115]);    MULADD(at[29], at[114]);    MULADD(at[30], at[113]);    MULADD(at[31], at[112]);    MULADD(at[32], at[111]);    MULADD(at[33], at[110]);    MULADD(at[34], at[109]);    MULADD(at[35], at[108]);    MULADD(at[36], at[107]);    MULADD(at[37], at[106]);    MULADD(at[38], at[105]);    MULADD(at[39], at[104]);    MULADD(at[40], at[103]);    MULADD(at[41], at[102]);    MULADD(at[42], at[101]);    MULADD(at[43], at[100]);    MULADD(at[44], at[99]);    MULADD(at[45], at[98]);    MULADD(at[46], at[97]);    MULADD(at[47], at[96]);    MULADD(at[48], at[95]);    MULADD(at[49], at[94]);    MULADD(at[50], at[93]);    MULADD(at[51], at[92]);    MULADD(at[52], at[91]);    MULADD(at[53], at[90]);    MULADD(at[54], at[89]);    MULADD(at[55], at[88]);    MULADD(at[56], at[87]);    MULADD(at[57], at[86]);    MULADD(at[58], at[85]);    MULADD(at[59], at[84]);    MULADD(at[60], at[83]);    MULADD(at[61], at[82]);    MULADD(at[62], at[81]);    MULADD(at[63], at[80]); 
+   COMBA_STORE(C->dp[79]);
+   /* 80 */
+   COMBA_FORWARD;
+   MULADD(at[17], at[127]);    MULADD(at[18], at[126]);    MULADD(at[19], at[125]);    MULADD(at[20], at[124]);    MULADD(at[21], at[123]);    MULADD(at[22], at[122]);    MULADD(at[23], at[121]);    MULADD(at[24], at[120]);    MULADD(at[25], at[119]);    MULADD(at[26], at[118]);    MULADD(at[27], at[117]);    MULADD(at[28], at[116]);    MULADD(at[29], at[115]);    MULADD(at[30], at[114]);    MULADD(at[31], at[113]);    MULADD(at[32], at[112]);    MULADD(at[33], at[111]);    MULADD(at[34], at[110]);    MULADD(at[35], at[109]);    MULADD(at[36], at[108]);    MULADD(at[37], at[107]);    MULADD(at[38], at[106]);    MULADD(at[39], at[105]);    MULADD(at[40], at[104]);    MULADD(at[41], at[103]);    MULADD(at[42], at[102]);    MULADD(at[43], at[101]);    MULADD(at[44], at[100]);    MULADD(at[45], at[99]);    MULADD(at[46], at[98]);    MULADD(at[47], at[97]);    MULADD(at[48], at[96]);    MULADD(at[49], at[95]);    MULADD(at[50], at[94]);    MULADD(at[51], at[93]);    MULADD(at[52], at[92]);    MULADD(at[53], at[91]);    MULADD(at[54], at[90]);    MULADD(at[55], at[89]);    MULADD(at[56], at[88]);    MULADD(at[57], at[87]);    MULADD(at[58], at[86]);    MULADD(at[59], at[85]);    MULADD(at[60], at[84]);    MULADD(at[61], at[83]);    MULADD(at[62], at[82]);    MULADD(at[63], at[81]); 
+   COMBA_STORE(C->dp[80]);
+   /* 81 */
+   COMBA_FORWARD;
+   MULADD(at[18], at[127]);    MULADD(at[19], at[126]);    MULADD(at[20], at[125]);    MULADD(at[21], at[124]);    MULADD(at[22], at[123]);    MULADD(at[23], at[122]);    MULADD(at[24], at[121]);    MULADD(at[25], at[120]);    MULADD(at[26], at[119]);    MULADD(at[27], at[118]);    MULADD(at[28], at[117]);    MULADD(at[29], at[116]);    MULADD(at[30], at[115]);    MULADD(at[31], at[114]);    MULADD(at[32], at[113]);    MULADD(at[33], at[112]);    MULADD(at[34], at[111]);    MULADD(at[35], at[110]);    MULADD(at[36], at[109]);    MULADD(at[37], at[108]);    MULADD(at[38], at[107]);    MULADD(at[39], at[106]);    MULADD(at[40], at[105]);    MULADD(at[41], at[104]);    MULADD(at[42], at[103]);    MULADD(at[43], at[102]);    MULADD(at[44], at[101]);    MULADD(at[45], at[100]);    MULADD(at[46], at[99]);    MULADD(at[47], at[98]);    MULADD(at[48], at[97]);    MULADD(at[49], at[96]);    MULADD(at[50], at[95]);    MULADD(at[51], at[94]);    MULADD(at[52], at[93]);    MULADD(at[53], at[92]);    MULADD(at[54], at[91]);    MULADD(at[55], at[90]);    MULADD(at[56], at[89]);    MULADD(at[57], at[88]);    MULADD(at[58], at[87]);    MULADD(at[59], at[86]);    MULADD(at[60], at[85]);    MULADD(at[61], at[84]);    MULADD(at[62], at[83]);    MULADD(at[63], at[82]); 
+   COMBA_STORE(C->dp[81]);
+   /* 82 */
+   COMBA_FORWARD;
+   MULADD(at[19], at[127]);    MULADD(at[20], at[126]);    MULADD(at[21], at[125]);    MULADD(at[22], at[124]);    MULADD(at[23], at[123]);    MULADD(at[24], at[122]);    MULADD(at[25], at[121]);    MULADD(at[26], at[120]);    MULADD(at[27], at[119]);    MULADD(at[28], at[118]);    MULADD(at[29], at[117]);    MULADD(at[30], at[116]);    MULADD(at[31], at[115]);    MULADD(at[32], at[114]);    MULADD(at[33], at[113]);    MULADD(at[34], at[112]);    MULADD(at[35], at[111]);    MULADD(at[36], at[110]);    MULADD(at[37], at[109]);    MULADD(at[38], at[108]);    MULADD(at[39], at[107]);    MULADD(at[40], at[106]);    MULADD(at[41], at[105]);    MULADD(at[42], at[104]);    MULADD(at[43], at[103]);    MULADD(at[44], at[102]);    MULADD(at[45], at[101]);    MULADD(at[46], at[100]);    MULADD(at[47], at[99]);    MULADD(at[48], at[98]);    MULADD(at[49], at[97]);    MULADD(at[50], at[96]);    MULADD(at[51], at[95]);    MULADD(at[52], at[94]);    MULADD(at[53], at[93]);    MULADD(at[54], at[92]);    MULADD(at[55], at[91]);    MULADD(at[56], at[90]);    MULADD(at[57], at[89]);    MULADD(at[58], at[88]);    MULADD(at[59], at[87]);    MULADD(at[60], at[86]);    MULADD(at[61], at[85]);    MULADD(at[62], at[84]);    MULADD(at[63], at[83]); 
+   COMBA_STORE(C->dp[82]);
+   /* 83 */
+   COMBA_FORWARD;
+   MULADD(at[20], at[127]);    MULADD(at[21], at[126]);    MULADD(at[22], at[125]);    MULADD(at[23], at[124]);    MULADD(at[24], at[123]);    MULADD(at[25], at[122]);    MULADD(at[26], at[121]);    MULADD(at[27], at[120]);    MULADD(at[28], at[119]);    MULADD(at[29], at[118]);    MULADD(at[30], at[117]);    MULADD(at[31], at[116]);    MULADD(at[32], at[115]);    MULADD(at[33], at[114]);    MULADD(at[34], at[113]);    MULADD(at[35], at[112]);    MULADD(at[36], at[111]);    MULADD(at[37], at[110]);    MULADD(at[38], at[109]);    MULADD(at[39], at[108]);    MULADD(at[40], at[107]);    MULADD(at[41], at[106]);    MULADD(at[42], at[105]);    MULADD(at[43], at[104]);    MULADD(at[44], at[103]);    MULADD(at[45], at[102]);    MULADD(at[46], at[101]);    MULADD(at[47], at[100]);    MULADD(at[48], at[99]);    MULADD(at[49], at[98]);    MULADD(at[50], at[97]);    MULADD(at[51], at[96]);    MULADD(at[52], at[95]);    MULADD(at[53], at[94]);    MULADD(at[54], at[93]);    MULADD(at[55], at[92]);    MULADD(at[56], at[91]);    MULADD(at[57], at[90]);    MULADD(at[58], at[89]);    MULADD(at[59], at[88]);    MULADD(at[60], at[87]);    MULADD(at[61], at[86]);    MULADD(at[62], at[85]);    MULADD(at[63], at[84]); 
+   COMBA_STORE(C->dp[83]);
+   /* 84 */
+   COMBA_FORWARD;
+   MULADD(at[21], at[127]);    MULADD(at[22], at[126]);    MULADD(at[23], at[125]);    MULADD(at[24], at[124]);    MULADD(at[25], at[123]);    MULADD(at[26], at[122]);    MULADD(at[27], at[121]);    MULADD(at[28], at[120]);    MULADD(at[29], at[119]);    MULADD(at[30], at[118]);    MULADD(at[31], at[117]);    MULADD(at[32], at[116]);    MULADD(at[33], at[115]);    MULADD(at[34], at[114]);    MULADD(at[35], at[113]);    MULADD(at[36], at[112]);    MULADD(at[37], at[111]);    MULADD(at[38], at[110]);    MULADD(at[39], at[109]);    MULADD(at[40], at[108]);    MULADD(at[41], at[107]);    MULADD(at[42], at[106]);    MULADD(at[43], at[105]);    MULADD(at[44], at[104]);    MULADD(at[45], at[103]);    MULADD(at[46], at[102]);    MULADD(at[47], at[101]);    MULADD(at[48], at[100]);    MULADD(at[49], at[99]);    MULADD(at[50], at[98]);    MULADD(at[51], at[97]);    MULADD(at[52], at[96]);    MULADD(at[53], at[95]);    MULADD(at[54], at[94]);    MULADD(at[55], at[93]);    MULADD(at[56], at[92]);    MULADD(at[57], at[91]);    MULADD(at[58], at[90]);    MULADD(at[59], at[89]);    MULADD(at[60], at[88]);    MULADD(at[61], at[87]);    MULADD(at[62], at[86]);    MULADD(at[63], at[85]); 
+   COMBA_STORE(C->dp[84]);
+   /* 85 */
+   COMBA_FORWARD;
+   MULADD(at[22], at[127]);    MULADD(at[23], at[126]);    MULADD(at[24], at[125]);    MULADD(at[25], at[124]);    MULADD(at[26], at[123]);    MULADD(at[27], at[122]);    MULADD(at[28], at[121]);    MULADD(at[29], at[120]);    MULADD(at[30], at[119]);    MULADD(at[31], at[118]);    MULADD(at[32], at[117]);    MULADD(at[33], at[116]);    MULADD(at[34], at[115]);    MULADD(at[35], at[114]);    MULADD(at[36], at[113]);    MULADD(at[37], at[112]);    MULADD(at[38], at[111]);    MULADD(at[39], at[110]);    MULADD(at[40], at[109]);    MULADD(at[41], at[108]);    MULADD(at[42], at[107]);    MULADD(at[43], at[106]);    MULADD(at[44], at[105]);    MULADD(at[45], at[104]);    MULADD(at[46], at[103]);    MULADD(at[47], at[102]);    MULADD(at[48], at[101]);    MULADD(at[49], at[100]);    MULADD(at[50], at[99]);    MULADD(at[51], at[98]);    MULADD(at[52], at[97]);    MULADD(at[53], at[96]);    MULADD(at[54], at[95]);    MULADD(at[55], at[94]);    MULADD(at[56], at[93]);    MULADD(at[57], at[92]);    MULADD(at[58], at[91]);    MULADD(at[59], at[90]);    MULADD(at[60], at[89]);    MULADD(at[61], at[88]);    MULADD(at[62], at[87]);    MULADD(at[63], at[86]); 
+   COMBA_STORE(C->dp[85]);
+   /* 86 */
+   COMBA_FORWARD;
+   MULADD(at[23], at[127]);    MULADD(at[24], at[126]);    MULADD(at[25], at[125]);    MULADD(at[26], at[124]);    MULADD(at[27], at[123]);    MULADD(at[28], at[122]);    MULADD(at[29], at[121]);    MULADD(at[30], at[120]);    MULADD(at[31], at[119]);    MULADD(at[32], at[118]);    MULADD(at[33], at[117]);    MULADD(at[34], at[116]);    MULADD(at[35], at[115]);    MULADD(at[36], at[114]);    MULADD(at[37], at[113]);    MULADD(at[38], at[112]);    MULADD(at[39], at[111]);    MULADD(at[40], at[110]);    MULADD(at[41], at[109]);    MULADD(at[42], at[108]);    MULADD(at[43], at[107]);    MULADD(at[44], at[106]);    MULADD(at[45], at[105]);    MULADD(at[46], at[104]);    MULADD(at[47], at[103]);    MULADD(at[48], at[102]);    MULADD(at[49], at[101]);    MULADD(at[50], at[100]);    MULADD(at[51], at[99]);    MULADD(at[52], at[98]);    MULADD(at[53], at[97]);    MULADD(at[54], at[96]);    MULADD(at[55], at[95]);    MULADD(at[56], at[94]);    MULADD(at[57], at[93]);    MULADD(at[58], at[92]);    MULADD(at[59], at[91]);    MULADD(at[60], at[90]);    MULADD(at[61], at[89]);    MULADD(at[62], at[88]);    MULADD(at[63], at[87]); 
+   COMBA_STORE(C->dp[86]);
+   /* 87 */
+   COMBA_FORWARD;
+   MULADD(at[24], at[127]);    MULADD(at[25], at[126]);    MULADD(at[26], at[125]);    MULADD(at[27], at[124]);    MULADD(at[28], at[123]);    MULADD(at[29], at[122]);    MULADD(at[30], at[121]);    MULADD(at[31], at[120]);    MULADD(at[32], at[119]);    MULADD(at[33], at[118]);    MULADD(at[34], at[117]);    MULADD(at[35], at[116]);    MULADD(at[36], at[115]);    MULADD(at[37], at[114]);    MULADD(at[38], at[113]);    MULADD(at[39], at[112]);    MULADD(at[40], at[111]);    MULADD(at[41], at[110]);    MULADD(at[42], at[109]);    MULADD(at[43], at[108]);    MULADD(at[44], at[107]);    MULADD(at[45], at[106]);    MULADD(at[46], at[105]);    MULADD(at[47], at[104]);    MULADD(at[48], at[103]);    MULADD(at[49], at[102]);    MULADD(at[50], at[101]);    MULADD(at[51], at[100]);    MULADD(at[52], at[99]);    MULADD(at[53], at[98]);    MULADD(at[54], at[97]);    MULADD(at[55], at[96]);    MULADD(at[56], at[95]);    MULADD(at[57], at[94]);    MULADD(at[58], at[93]);    MULADD(at[59], at[92]);    MULADD(at[60], at[91]);    MULADD(at[61], at[90]);    MULADD(at[62], at[89]);    MULADD(at[63], at[88]); 
+   COMBA_STORE(C->dp[87]);
+   /* 88 */
+   COMBA_FORWARD;
+   MULADD(at[25], at[127]);    MULADD(at[26], at[126]);    MULADD(at[27], at[125]);    MULADD(at[28], at[124]);    MULADD(at[29], at[123]);    MULADD(at[30], at[122]);    MULADD(at[31], at[121]);    MULADD(at[32], at[120]);    MULADD(at[33], at[119]);    MULADD(at[34], at[118]);    MULADD(at[35], at[117]);    MULADD(at[36], at[116]);    MULADD(at[37], at[115]);    MULADD(at[38], at[114]);    MULADD(at[39], at[113]);    MULADD(at[40], at[112]);    MULADD(at[41], at[111]);    MULADD(at[42], at[110]);    MULADD(at[43], at[109]);    MULADD(at[44], at[108]);    MULADD(at[45], at[107]);    MULADD(at[46], at[106]);    MULADD(at[47], at[105]);    MULADD(at[48], at[104]);    MULADD(at[49], at[103]);    MULADD(at[50], at[102]);    MULADD(at[51], at[101]);    MULADD(at[52], at[100]);    MULADD(at[53], at[99]);    MULADD(at[54], at[98]);    MULADD(at[55], at[97]);    MULADD(at[56], at[96]);    MULADD(at[57], at[95]);    MULADD(at[58], at[94]);    MULADD(at[59], at[93]);    MULADD(at[60], at[92]);    MULADD(at[61], at[91]);    MULADD(at[62], at[90]);    MULADD(at[63], at[89]); 
+   COMBA_STORE(C->dp[88]);
+   /* 89 */
+   COMBA_FORWARD;
+   MULADD(at[26], at[127]);    MULADD(at[27], at[126]);    MULADD(at[28], at[125]);    MULADD(at[29], at[124]);    MULADD(at[30], at[123]);    MULADD(at[31], at[122]);    MULADD(at[32], at[121]);    MULADD(at[33], at[120]);    MULADD(at[34], at[119]);    MULADD(at[35], at[118]);    MULADD(at[36], at[117]);    MULADD(at[37], at[116]);    MULADD(at[38], at[115]);    MULADD(at[39], at[114]);    MULADD(at[40], at[113]);    MULADD(at[41], at[112]);    MULADD(at[42], at[111]);    MULADD(at[43], at[110]);    MULADD(at[44], at[109]);    MULADD(at[45], at[108]);    MULADD(at[46], at[107]);    MULADD(at[47], at[106]);    MULADD(at[48], at[105]);    MULADD(at[49], at[104]);    MULADD(at[50], at[103]);    MULADD(at[51], at[102]);    MULADD(at[52], at[101]);    MULADD(at[53], at[100]);    MULADD(at[54], at[99]);    MULADD(at[55], at[98]);    MULADD(at[56], at[97]);    MULADD(at[57], at[96]);    MULADD(at[58], at[95]);    MULADD(at[59], at[94]);    MULADD(at[60], at[93]);    MULADD(at[61], at[92]);    MULADD(at[62], at[91]);    MULADD(at[63], at[90]); 
+   COMBA_STORE(C->dp[89]);
+   /* 90 */
+   COMBA_FORWARD;
+   MULADD(at[27], at[127]);    MULADD(at[28], at[126]);    MULADD(at[29], at[125]);    MULADD(at[30], at[124]);    MULADD(at[31], at[123]);    MULADD(at[32], at[122]);    MULADD(at[33], at[121]);    MULADD(at[34], at[120]);    MULADD(at[35], at[119]);    MULADD(at[36], at[118]);    MULADD(at[37], at[117]);    MULADD(at[38], at[116]);    MULADD(at[39], at[115]);    MULADD(at[40], at[114]);    MULADD(at[41], at[113]);    MULADD(at[42], at[112]);    MULADD(at[43], at[111]);    MULADD(at[44], at[110]);    MULADD(at[45], at[109]);    MULADD(at[46], at[108]);    MULADD(at[47], at[107]);    MULADD(at[48], at[106]);    MULADD(at[49], at[105]);    MULADD(at[50], at[104]);    MULADD(at[51], at[103]);    MULADD(at[52], at[102]);    MULADD(at[53], at[101]);    MULADD(at[54], at[100]);    MULADD(at[55], at[99]);    MULADD(at[56], at[98]);    MULADD(at[57], at[97]);    MULADD(at[58], at[96]);    MULADD(at[59], at[95]);    MULADD(at[60], at[94]);    MULADD(at[61], at[93]);    MULADD(at[62], at[92]);    MULADD(at[63], at[91]); 
+   COMBA_STORE(C->dp[90]);
+   /* 91 */
+   COMBA_FORWARD;
+   MULADD(at[28], at[127]);    MULADD(at[29], at[126]);    MULADD(at[30], at[125]);    MULADD(at[31], at[124]);    MULADD(at[32], at[123]);    MULADD(at[33], at[122]);    MULADD(at[34], at[121]);    MULADD(at[35], at[120]);    MULADD(at[36], at[119]);    MULADD(at[37], at[118]);    MULADD(at[38], at[117]);    MULADD(at[39], at[116]);    MULADD(at[40], at[115]);    MULADD(at[41], at[114]);    MULADD(at[42], at[113]);    MULADD(at[43], at[112]);    MULADD(at[44], at[111]);    MULADD(at[45], at[110]);    MULADD(at[46], at[109]);    MULADD(at[47], at[108]);    MULADD(at[48], at[107]);    MULADD(at[49], at[106]);    MULADD(at[50], at[105]);    MULADD(at[51], at[104]);    MULADD(at[52], at[103]);    MULADD(at[53], at[102]);    MULADD(at[54], at[101]);    MULADD(at[55], at[100]);    MULADD(at[56], at[99]);    MULADD(at[57], at[98]);    MULADD(at[58], at[97]);    MULADD(at[59], at[96]);    MULADD(at[60], at[95]);    MULADD(at[61], at[94]);    MULADD(at[62], at[93]);    MULADD(at[63], at[92]); 
+   COMBA_STORE(C->dp[91]);
+   /* 92 */
+   COMBA_FORWARD;
+   MULADD(at[29], at[127]);    MULADD(at[30], at[126]);    MULADD(at[31], at[125]);    MULADD(at[32], at[124]);    MULADD(at[33], at[123]);    MULADD(at[34], at[122]);    MULADD(at[35], at[121]);    MULADD(at[36], at[120]);    MULADD(at[37], at[119]);    MULADD(at[38], at[118]);    MULADD(at[39], at[117]);    MULADD(at[40], at[116]);    MULADD(at[41], at[115]);    MULADD(at[42], at[114]);    MULADD(at[43], at[113]);    MULADD(at[44], at[112]);    MULADD(at[45], at[111]);    MULADD(at[46], at[110]);    MULADD(at[47], at[109]);    MULADD(at[48], at[108]);    MULADD(at[49], at[107]);    MULADD(at[50], at[106]);    MULADD(at[51], at[105]);    MULADD(at[52], at[104]);    MULADD(at[53], at[103]);    MULADD(at[54], at[102]);    MULADD(at[55], at[101]);    MULADD(at[56], at[100]);    MULADD(at[57], at[99]);    MULADD(at[58], at[98]);    MULADD(at[59], at[97]);    MULADD(at[60], at[96]);    MULADD(at[61], at[95]);    MULADD(at[62], at[94]);    MULADD(at[63], at[93]); 
+   COMBA_STORE(C->dp[92]);
+   /* 93 */
+   COMBA_FORWARD;
+   MULADD(at[30], at[127]);    MULADD(at[31], at[126]);    MULADD(at[32], at[125]);    MULADD(at[33], at[124]);    MULADD(at[34], at[123]);    MULADD(at[35], at[122]);    MULADD(at[36], at[121]);    MULADD(at[37], at[120]);    MULADD(at[38], at[119]);    MULADD(at[39], at[118]);    MULADD(at[40], at[117]);    MULADD(at[41], at[116]);    MULADD(at[42], at[115]);    MULADD(at[43], at[114]);    MULADD(at[44], at[113]);    MULADD(at[45], at[112]);    MULADD(at[46], at[111]);    MULADD(at[47], at[110]);    MULADD(at[48], at[109]);    MULADD(at[49], at[108]);    MULADD(at[50], at[107]);    MULADD(at[51], at[106]);    MULADD(at[52], at[105]);    MULADD(at[53], at[104]);    MULADD(at[54], at[103]);    MULADD(at[55], at[102]);    MULADD(at[56], at[101]);    MULADD(at[57], at[100]);    MULADD(at[58], at[99]);    MULADD(at[59], at[98]);    MULADD(at[60], at[97]);    MULADD(at[61], at[96]);    MULADD(at[62], at[95]);    MULADD(at[63], at[94]); 
+   COMBA_STORE(C->dp[93]);
+   /* 94 */
+   COMBA_FORWARD;
+   MULADD(at[31], at[127]);    MULADD(at[32], at[126]);    MULADD(at[33], at[125]);    MULADD(at[34], at[124]);    MULADD(at[35], at[123]);    MULADD(at[36], at[122]);    MULADD(at[37], at[121]);    MULADD(at[38], at[120]);    MULADD(at[39], at[119]);    MULADD(at[40], at[118]);    MULADD(at[41], at[117]);    MULADD(at[42], at[116]);    MULADD(at[43], at[115]);    MULADD(at[44], at[114]);    MULADD(at[45], at[113]);    MULADD(at[46], at[112]);    MULADD(at[47], at[111]);    MULADD(at[48], at[110]);    MULADD(at[49], at[109]);    MULADD(at[50], at[108]);    MULADD(at[51], at[107]);    MULADD(at[52], at[106]);    MULADD(at[53], at[105]);    MULADD(at[54], at[104]);    MULADD(at[55], at[103]);    MULADD(at[56], at[102]);    MULADD(at[57], at[101]);    MULADD(at[58], at[100]);    MULADD(at[59], at[99]);    MULADD(at[60], at[98]);    MULADD(at[61], at[97]);    MULADD(at[62], at[96]);    MULADD(at[63], at[95]); 
+   COMBA_STORE(C->dp[94]);
+   /* 95 */
+   COMBA_FORWARD;
+   MULADD(at[32], at[127]);    MULADD(at[33], at[126]);    MULADD(at[34], at[125]);    MULADD(at[35], at[124]);    MULADD(at[36], at[123]);    MULADD(at[37], at[122]);    MULADD(at[38], at[121]);    MULADD(at[39], at[120]);    MULADD(at[40], at[119]);    MULADD(at[41], at[118]);    MULADD(at[42], at[117]);    MULADD(at[43], at[116]);    MULADD(at[44], at[115]);    MULADD(at[45], at[114]);    MULADD(at[46], at[113]);    MULADD(at[47], at[112]);    MULADD(at[48], at[111]);    MULADD(at[49], at[110]);    MULADD(at[50], at[109]);    MULADD(at[51], at[108]);    MULADD(at[52], at[107]);    MULADD(at[53], at[106]);    MULADD(at[54], at[105]);    MULADD(at[55], at[104]);    MULADD(at[56], at[103]);    MULADD(at[57], at[102]);    MULADD(at[58], at[101]);    MULADD(at[59], at[100]);    MULADD(at[60], at[99]);    MULADD(at[61], at[98]);    MULADD(at[62], at[97]);    MULADD(at[63], at[96]); 
+   COMBA_STORE(C->dp[95]);
+   /* 96 */
+   COMBA_FORWARD;
+   MULADD(at[33], at[127]);    MULADD(at[34], at[126]);    MULADD(at[35], at[125]);    MULADD(at[36], at[124]);    MULADD(at[37], at[123]);    MULADD(at[38], at[122]);    MULADD(at[39], at[121]);    MULADD(at[40], at[120]);    MULADD(at[41], at[119]);    MULADD(at[42], at[118]);    MULADD(at[43], at[117]);    MULADD(at[44], at[116]);    MULADD(at[45], at[115]);    MULADD(at[46], at[114]);    MULADD(at[47], at[113]);    MULADD(at[48], at[112]);    MULADD(at[49], at[111]);    MULADD(at[50], at[110]);    MULADD(at[51], at[109]);    MULADD(at[52], at[108]);    MULADD(at[53], at[107]);    MULADD(at[54], at[106]);    MULADD(at[55], at[105]);    MULADD(at[56], at[104]);    MULADD(at[57], at[103]);    MULADD(at[58], at[102]);    MULADD(at[59], at[101]);    MULADD(at[60], at[100]);    MULADD(at[61], at[99]);    MULADD(at[62], at[98]);    MULADD(at[63], at[97]); 
+   COMBA_STORE(C->dp[96]);
+   /* 97 */
+   COMBA_FORWARD;
+   MULADD(at[34], at[127]);    MULADD(at[35], at[126]);    MULADD(at[36], at[125]);    MULADD(at[37], at[124]);    MULADD(at[38], at[123]);    MULADD(at[39], at[122]);    MULADD(at[40], at[121]);    MULADD(at[41], at[120]);    MULADD(at[42], at[119]);    MULADD(at[43], at[118]);    MULADD(at[44], at[117]);    MULADD(at[45], at[116]);    MULADD(at[46], at[115]);    MULADD(at[47], at[114]);    MULADD(at[48], at[113]);    MULADD(at[49], at[112]);    MULADD(at[50], at[111]);    MULADD(at[51], at[110]);    MULADD(at[52], at[109]);    MULADD(at[53], at[108]);    MULADD(at[54], at[107]);    MULADD(at[55], at[106]);    MULADD(at[56], at[105]);    MULADD(at[57], at[104]);    MULADD(at[58], at[103]);    MULADD(at[59], at[102]);    MULADD(at[60], at[101]);    MULADD(at[61], at[100]);    MULADD(at[62], at[99]);    MULADD(at[63], at[98]); 
+   COMBA_STORE(C->dp[97]);
+   /* 98 */
+   COMBA_FORWARD;
+   MULADD(at[35], at[127]);    MULADD(at[36], at[126]);    MULADD(at[37], at[125]);    MULADD(at[38], at[124]);    MULADD(at[39], at[123]);    MULADD(at[40], at[122]);    MULADD(at[41], at[121]);    MULADD(at[42], at[120]);    MULADD(at[43], at[119]);    MULADD(at[44], at[118]);    MULADD(at[45], at[117]);    MULADD(at[46], at[116]);    MULADD(at[47], at[115]);    MULADD(at[48], at[114]);    MULADD(at[49], at[113]);    MULADD(at[50], at[112]);    MULADD(at[51], at[111]);    MULADD(at[52], at[110]);    MULADD(at[53], at[109]);    MULADD(at[54], at[108]);    MULADD(at[55], at[107]);    MULADD(at[56], at[106]);    MULADD(at[57], at[105]);    MULADD(at[58], at[104]);    MULADD(at[59], at[103]);    MULADD(at[60], at[102]);    MULADD(at[61], at[101]);    MULADD(at[62], at[100]);    MULADD(at[63], at[99]); 
+   COMBA_STORE(C->dp[98]);
+   /* 99 */
+   COMBA_FORWARD;
+   MULADD(at[36], at[127]);    MULADD(at[37], at[126]);    MULADD(at[38], at[125]);    MULADD(at[39], at[124]);    MULADD(at[40], at[123]);    MULADD(at[41], at[122]);    MULADD(at[42], at[121]);    MULADD(at[43], at[120]);    MULADD(at[44], at[119]);    MULADD(at[45], at[118]);    MULADD(at[46], at[117]);    MULADD(at[47], at[116]);    MULADD(at[48], at[115]);    MULADD(at[49], at[114]);    MULADD(at[50], at[113]);    MULADD(at[51], at[112]);    MULADD(at[52], at[111]);    MULADD(at[53], at[110]);    MULADD(at[54], at[109]);    MULADD(at[55], at[108]);    MULADD(at[56], at[107]);    MULADD(at[57], at[106]);    MULADD(at[58], at[105]);    MULADD(at[59], at[104]);    MULADD(at[60], at[103]);    MULADD(at[61], at[102]);    MULADD(at[62], at[101]);    MULADD(at[63], at[100]); 
+   COMBA_STORE(C->dp[99]);
+   /* 100 */
+   COMBA_FORWARD;
+   MULADD(at[37], at[127]);    MULADD(at[38], at[126]);    MULADD(at[39], at[125]);    MULADD(at[40], at[124]);    MULADD(at[41], at[123]);    MULADD(at[42], at[122]);    MULADD(at[43], at[121]);    MULADD(at[44], at[120]);    MULADD(at[45], at[119]);    MULADD(at[46], at[118]);    MULADD(at[47], at[117]);    MULADD(at[48], at[116]);    MULADD(at[49], at[115]);    MULADD(at[50], at[114]);    MULADD(at[51], at[113]);    MULADD(at[52], at[112]);    MULADD(at[53], at[111]);    MULADD(at[54], at[110]);    MULADD(at[55], at[109]);    MULADD(at[56], at[108]);    MULADD(at[57], at[107]);    MULADD(at[58], at[106]);    MULADD(at[59], at[105]);    MULADD(at[60], at[104]);    MULADD(at[61], at[103]);    MULADD(at[62], at[102]);    MULADD(at[63], at[101]); 
+   COMBA_STORE(C->dp[100]);
+   /* 101 */
+   COMBA_FORWARD;
+   MULADD(at[38], at[127]);    MULADD(at[39], at[126]);    MULADD(at[40], at[125]);    MULADD(at[41], at[124]);    MULADD(at[42], at[123]);    MULADD(at[43], at[122]);    MULADD(at[44], at[121]);    MULADD(at[45], at[120]);    MULADD(at[46], at[119]);    MULADD(at[47], at[118]);    MULADD(at[48], at[117]);    MULADD(at[49], at[116]);    MULADD(at[50], at[115]);    MULADD(at[51], at[114]);    MULADD(at[52], at[113]);    MULADD(at[53], at[112]);    MULADD(at[54], at[111]);    MULADD(at[55], at[110]);    MULADD(at[56], at[109]);    MULADD(at[57], at[108]);    MULADD(at[58], at[107]);    MULADD(at[59], at[106]);    MULADD(at[60], at[105]);    MULADD(at[61], at[104]);    MULADD(at[62], at[103]);    MULADD(at[63], at[102]); 
+   COMBA_STORE(C->dp[101]);
+   /* 102 */
+   COMBA_FORWARD;
+   MULADD(at[39], at[127]);    MULADD(at[40], at[126]);    MULADD(at[41], at[125]);    MULADD(at[42], at[124]);    MULADD(at[43], at[123]);    MULADD(at[44], at[122]);    MULADD(at[45], at[121]);    MULADD(at[46], at[120]);    MULADD(at[47], at[119]);    MULADD(at[48], at[118]);    MULADD(at[49], at[117]);    MULADD(at[50], at[116]);    MULADD(at[51], at[115]);    MULADD(at[52], at[114]);    MULADD(at[53], at[113]);    MULADD(at[54], at[112]);    MULADD(at[55], at[111]);    MULADD(at[56], at[110]);    MULADD(at[57], at[109]);    MULADD(at[58], at[108]);    MULADD(at[59], at[107]);    MULADD(at[60], at[106]);    MULADD(at[61], at[105]);    MULADD(at[62], at[104]);    MULADD(at[63], at[103]); 
+   COMBA_STORE(C->dp[102]);
+   /* 103 */
+   COMBA_FORWARD;
+   MULADD(at[40], at[127]);    MULADD(at[41], at[126]);    MULADD(at[42], at[125]);    MULADD(at[43], at[124]);    MULADD(at[44], at[123]);    MULADD(at[45], at[122]);    MULADD(at[46], at[121]);    MULADD(at[47], at[120]);    MULADD(at[48], at[119]);    MULADD(at[49], at[118]);    MULADD(at[50], at[117]);    MULADD(at[51], at[116]);    MULADD(at[52], at[115]);    MULADD(at[53], at[114]);    MULADD(at[54], at[113]);    MULADD(at[55], at[112]);    MULADD(at[56], at[111]);    MULADD(at[57], at[110]);    MULADD(at[58], at[109]);    MULADD(at[59], at[108]);    MULADD(at[60], at[107]);    MULADD(at[61], at[106]);    MULADD(at[62], at[105]);    MULADD(at[63], at[104]); 
+   COMBA_STORE(C->dp[103]);
+   /* 104 */
+   COMBA_FORWARD;
+   MULADD(at[41], at[127]);    MULADD(at[42], at[126]);    MULADD(at[43], at[125]);    MULADD(at[44], at[124]);    MULADD(at[45], at[123]);    MULADD(at[46], at[122]);    MULADD(at[47], at[121]);    MULADD(at[48], at[120]);    MULADD(at[49], at[119]);    MULADD(at[50], at[118]);    MULADD(at[51], at[117]);    MULADD(at[52], at[116]);    MULADD(at[53], at[115]);    MULADD(at[54], at[114]);    MULADD(at[55], at[113]);    MULADD(at[56], at[112]);    MULADD(at[57], at[111]);    MULADD(at[58], at[110]);    MULADD(at[59], at[109]);    MULADD(at[60], at[108]);    MULADD(at[61], at[107]);    MULADD(at[62], at[106]);    MULADD(at[63], at[105]); 
+   COMBA_STORE(C->dp[104]);
+   /* 105 */
+   COMBA_FORWARD;
+   MULADD(at[42], at[127]);    MULADD(at[43], at[126]);    MULADD(at[44], at[125]);    MULADD(at[45], at[124]);    MULADD(at[46], at[123]);    MULADD(at[47], at[122]);    MULADD(at[48], at[121]);    MULADD(at[49], at[120]);    MULADD(at[50], at[119]);    MULADD(at[51], at[118]);    MULADD(at[52], at[117]);    MULADD(at[53], at[116]);    MULADD(at[54], at[115]);    MULADD(at[55], at[114]);    MULADD(at[56], at[113]);    MULADD(at[57], at[112]);    MULADD(at[58], at[111]);    MULADD(at[59], at[110]);    MULADD(at[60], at[109]);    MULADD(at[61], at[108]);    MULADD(at[62], at[107]);    MULADD(at[63], at[106]); 
+   COMBA_STORE(C->dp[105]);
+   /* 106 */
+   COMBA_FORWARD;
+   MULADD(at[43], at[127]);    MULADD(at[44], at[126]);    MULADD(at[45], at[125]);    MULADD(at[46], at[124]);    MULADD(at[47], at[123]);    MULADD(at[48], at[122]);    MULADD(at[49], at[121]);    MULADD(at[50], at[120]);    MULADD(at[51], at[119]);    MULADD(at[52], at[118]);    MULADD(at[53], at[117]);    MULADD(at[54], at[116]);    MULADD(at[55], at[115]);    MULADD(at[56], at[114]);    MULADD(at[57], at[113]);    MULADD(at[58], at[112]);    MULADD(at[59], at[111]);    MULADD(at[60], at[110]);    MULADD(at[61], at[109]);    MULADD(at[62], at[108]);    MULADD(at[63], at[107]); 
+   COMBA_STORE(C->dp[106]);
+   /* 107 */
+   COMBA_FORWARD;
+   MULADD(at[44], at[127]);    MULADD(at[45], at[126]);    MULADD(at[46], at[125]);    MULADD(at[47], at[124]);    MULADD(at[48], at[123]);    MULADD(at[49], at[122]);    MULADD(at[50], at[121]);    MULADD(at[51], at[120]);    MULADD(at[52], at[119]);    MULADD(at[53], at[118]);    MULADD(at[54], at[117]);    MULADD(at[55], at[116]);    MULADD(at[56], at[115]);    MULADD(at[57], at[114]);    MULADD(at[58], at[113]);    MULADD(at[59], at[112]);    MULADD(at[60], at[111]);    MULADD(at[61], at[110]);    MULADD(at[62], at[109]);    MULADD(at[63], at[108]); 
+   COMBA_STORE(C->dp[107]);
+   /* 108 */
+   COMBA_FORWARD;
+   MULADD(at[45], at[127]);    MULADD(at[46], at[126]);    MULADD(at[47], at[125]);    MULADD(at[48], at[124]);    MULADD(at[49], at[123]);    MULADD(at[50], at[122]);    MULADD(at[51], at[121]);    MULADD(at[52], at[120]);    MULADD(at[53], at[119]);    MULADD(at[54], at[118]);    MULADD(at[55], at[117]);    MULADD(at[56], at[116]);    MULADD(at[57], at[115]);    MULADD(at[58], at[114]);    MULADD(at[59], at[113]);    MULADD(at[60], at[112]);    MULADD(at[61], at[111]);    MULADD(at[62], at[110]);    MULADD(at[63], at[109]); 
+   COMBA_STORE(C->dp[108]);
+   /* 109 */
+   COMBA_FORWARD;
+   MULADD(at[46], at[127]);    MULADD(at[47], at[126]);    MULADD(at[48], at[125]);    MULADD(at[49], at[124]);    MULADD(at[50], at[123]);    MULADD(at[51], at[122]);    MULADD(at[52], at[121]);    MULADD(at[53], at[120]);    MULADD(at[54], at[119]);    MULADD(at[55], at[118]);    MULADD(at[56], at[117]);    MULADD(at[57], at[116]);    MULADD(at[58], at[115]);    MULADD(at[59], at[114]);    MULADD(at[60], at[113]);    MULADD(at[61], at[112]);    MULADD(at[62], at[111]);    MULADD(at[63], at[110]); 
+   COMBA_STORE(C->dp[109]);
+   /* 110 */
+   COMBA_FORWARD;
+   MULADD(at[47], at[127]);    MULADD(at[48], at[126]);    MULADD(at[49], at[125]);    MULADD(at[50], at[124]);    MULADD(at[51], at[123]);    MULADD(at[52], at[122]);    MULADD(at[53], at[121]);    MULADD(at[54], at[120]);    MULADD(at[55], at[119]);    MULADD(at[56], at[118]);    MULADD(at[57], at[117]);    MULADD(at[58], at[116]);    MULADD(at[59], at[115]);    MULADD(at[60], at[114]);    MULADD(at[61], at[113]);    MULADD(at[62], at[112]);    MULADD(at[63], at[111]); 
+   COMBA_STORE(C->dp[110]);
+   /* 111 */
+   COMBA_FORWARD;
+   MULADD(at[48], at[127]);    MULADD(at[49], at[126]);    MULADD(at[50], at[125]);    MULADD(at[51], at[124]);    MULADD(at[52], at[123]);    MULADD(at[53], at[122]);    MULADD(at[54], at[121]);    MULADD(at[55], at[120]);    MULADD(at[56], at[119]);    MULADD(at[57], at[118]);    MULADD(at[58], at[117]);    MULADD(at[59], at[116]);    MULADD(at[60], at[115]);    MULADD(at[61], at[114]);    MULADD(at[62], at[113]);    MULADD(at[63], at[112]); 
+   COMBA_STORE(C->dp[111]);
+   /* 112 */
+   COMBA_FORWARD;
+   MULADD(at[49], at[127]);    MULADD(at[50], at[126]);    MULADD(at[51], at[125]);    MULADD(at[52], at[124]);    MULADD(at[53], at[123]);    MULADD(at[54], at[122]);    MULADD(at[55], at[121]);    MULADD(at[56], at[120]);    MULADD(at[57], at[119]);    MULADD(at[58], at[118]);    MULADD(at[59], at[117]);    MULADD(at[60], at[116]);    MULADD(at[61], at[115]);    MULADD(at[62], at[114]);    MULADD(at[63], at[113]); 
+   COMBA_STORE(C->dp[112]);
+   /* 113 */
+   COMBA_FORWARD;
+   MULADD(at[50], at[127]);    MULADD(at[51], at[126]);    MULADD(at[52], at[125]);    MULADD(at[53], at[124]);    MULADD(at[54], at[123]);    MULADD(at[55], at[122]);    MULADD(at[56], at[121]);    MULADD(at[57], at[120]);    MULADD(at[58], at[119]);    MULADD(at[59], at[118]);    MULADD(at[60], at[117]);    MULADD(at[61], at[116]);    MULADD(at[62], at[115]);    MULADD(at[63], at[114]); 
+   COMBA_STORE(C->dp[113]);
+   /* 114 */
+   COMBA_FORWARD;
+   MULADD(at[51], at[127]);    MULADD(at[52], at[126]);    MULADD(at[53], at[125]);    MULADD(at[54], at[124]);    MULADD(at[55], at[123]);    MULADD(at[56], at[122]);    MULADD(at[57], at[121]);    MULADD(at[58], at[120]);    MULADD(at[59], at[119]);    MULADD(at[60], at[118]);    MULADD(at[61], at[117]);    MULADD(at[62], at[116]);    MULADD(at[63], at[115]); 
+   COMBA_STORE(C->dp[114]);
+   /* 115 */
+   COMBA_FORWARD;
+   MULADD(at[52], at[127]);    MULADD(at[53], at[126]);    MULADD(at[54], at[125]);    MULADD(at[55], at[124]);    MULADD(at[56], at[123]);    MULADD(at[57], at[122]);    MULADD(at[58], at[121]);    MULADD(at[59], at[120]);    MULADD(at[60], at[119]);    MULADD(at[61], at[118]);    MULADD(at[62], at[117]);    MULADD(at[63], at[116]); 
+   COMBA_STORE(C->dp[115]);
+   /* 116 */
+   COMBA_FORWARD;
+   MULADD(at[53], at[127]);    MULADD(at[54], at[126]);    MULADD(at[55], at[125]);    MULADD(at[56], at[124]);    MULADD(at[57], at[123]);    MULADD(at[58], at[122]);    MULADD(at[59], at[121]);    MULADD(at[60], at[120]);    MULADD(at[61], at[119]);    MULADD(at[62], at[118]);    MULADD(at[63], at[117]); 
+   COMBA_STORE(C->dp[116]);
+   /* 117 */
+   COMBA_FORWARD;
+   MULADD(at[54], at[127]);    MULADD(at[55], at[126]);    MULADD(at[56], at[125]);    MULADD(at[57], at[124]);    MULADD(at[58], at[123]);    MULADD(at[59], at[122]);    MULADD(at[60], at[121]);    MULADD(at[61], at[120]);    MULADD(at[62], at[119]);    MULADD(at[63], at[118]); 
+   COMBA_STORE(C->dp[117]);
+   /* 118 */
+   COMBA_FORWARD;
+   MULADD(at[55], at[127]);    MULADD(at[56], at[126]);    MULADD(at[57], at[125]);    MULADD(at[58], at[124]);    MULADD(at[59], at[123]);    MULADD(at[60], at[122]);    MULADD(at[61], at[121]);    MULADD(at[62], at[120]);    MULADD(at[63], at[119]); 
+   COMBA_STORE(C->dp[118]);
+   /* 119 */
+   COMBA_FORWARD;
+   MULADD(at[56], at[127]);    MULADD(at[57], at[126]);    MULADD(at[58], at[125]);    MULADD(at[59], at[124]);    MULADD(at[60], at[123]);    MULADD(at[61], at[122]);    MULADD(at[62], at[121]);    MULADD(at[63], at[120]); 
+   COMBA_STORE(C->dp[119]);
+   /* 120 */
+   COMBA_FORWARD;
+   MULADD(at[57], at[127]);    MULADD(at[58], at[126]);    MULADD(at[59], at[125]);    MULADD(at[60], at[124]);    MULADD(at[61], at[123]);    MULADD(at[62], at[122]);    MULADD(at[63], at[121]); 
+   COMBA_STORE(C->dp[120]);
+   /* 121 */
+   COMBA_FORWARD;
+   MULADD(at[58], at[127]);    MULADD(at[59], at[126]);    MULADD(at[60], at[125]);    MULADD(at[61], at[124]);    MULADD(at[62], at[123]);    MULADD(at[63], at[122]); 
+   COMBA_STORE(C->dp[121]);
+   /* 122 */
+   COMBA_FORWARD;
+   MULADD(at[59], at[127]);    MULADD(at[60], at[126]);    MULADD(at[61], at[125]);    MULADD(at[62], at[124]);    MULADD(at[63], at[123]); 
+   COMBA_STORE(C->dp[122]);
+   /* 123 */
+   COMBA_FORWARD;
+   MULADD(at[60], at[127]);    MULADD(at[61], at[126]);    MULADD(at[62], at[125]);    MULADD(at[63], at[124]); 
+   COMBA_STORE(C->dp[123]);
+   /* 124 */
+   COMBA_FORWARD;
+   MULADD(at[61], at[127]);    MULADD(at[62], at[126]);    MULADD(at[63], at[125]); 
+   COMBA_STORE(C->dp[124]);
+   /* 125 */
+   COMBA_FORWARD;
+   MULADD(at[62], at[127]);    MULADD(at[63], at[126]); 
+   COMBA_STORE(C->dp[125]);
+   /* 126 */
+   COMBA_FORWARD;
+   MULADD(at[63], at[127]); 
+   COMBA_STORE(C->dp[126]);
+   COMBA_STORE2(C->dp[127]);
+   C->used = 128;
+   C->sign = A->sign ^ B->sign;
+   fp_clamp(C);
+   COMBA_FINI;
+}
+#endif
diff --git a/3P/wolfssl/wolfcrypt/src/fp_mul_comba_7.i b/3P/wolfssl/wolfcrypt/src/fp_mul_comba_7.i
new file mode 100644
index 00000000..eed88631
--- /dev/null
+++ b/3P/wolfssl/wolfcrypt/src/fp_mul_comba_7.i
@@ -0,0 +1,90 @@
+/* fp_mul_comba_7.i
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#ifdef TFM_MUL7
+void fp_mul_comba7(fp_int *A, fp_int *B, fp_int *C)
+{
+   fp_digit c0, c1, c2, at[14];
+
+   memcpy(at, A->dp, 7 * sizeof(fp_digit));
+   memcpy(at+7, B->dp, 7 * sizeof(fp_digit));
+   COMBA_START;
+
+   COMBA_CLEAR;
+   /* 0 */
+   MULADD(at[0], at[7]); 
+   COMBA_STORE(C->dp[0]);
+   /* 1 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[8]);    MULADD(at[1], at[7]); 
+   COMBA_STORE(C->dp[1]);
+   /* 2 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[9]);    MULADD(at[1], at[8]);    MULADD(at[2], at[7]); 
+   COMBA_STORE(C->dp[2]);
+   /* 3 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[10]);    MULADD(at[1], at[9]);    MULADD(at[2], at[8]);    MULADD(at[3], at[7]); 
+   COMBA_STORE(C->dp[3]);
+   /* 4 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[11]);    MULADD(at[1], at[10]);    MULADD(at[2], at[9]);    MULADD(at[3], at[8]);    MULADD(at[4], at[7]); 
+   COMBA_STORE(C->dp[4]);
+   /* 5 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[12]);    MULADD(at[1], at[11]);    MULADD(at[2], at[10]);    MULADD(at[3], at[9]);    MULADD(at[4], at[8]);    MULADD(at[5], at[7]); 
+   COMBA_STORE(C->dp[5]);
+   /* 6 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[13]);    MULADD(at[1], at[12]);    MULADD(at[2], at[11]);    MULADD(at[3], at[10]);    MULADD(at[4], at[9]);    MULADD(at[5], at[8]);    MULADD(at[6], at[7]); 
+   COMBA_STORE(C->dp[6]);
+   /* 7 */
+   COMBA_FORWARD;
+   MULADD(at[1], at[13]);    MULADD(at[2], at[12]);    MULADD(at[3], at[11]);    MULADD(at[4], at[10]);    MULADD(at[5], at[9]);    MULADD(at[6], at[8]); 
+   COMBA_STORE(C->dp[7]);
+   /* 8 */
+   COMBA_FORWARD;
+   MULADD(at[2], at[13]);    MULADD(at[3], at[12]);    MULADD(at[4], at[11]);    MULADD(at[5], at[10]);    MULADD(at[6], at[9]); 
+   COMBA_STORE(C->dp[8]);
+   /* 9 */
+   COMBA_FORWARD;
+   MULADD(at[3], at[13]);    MULADD(at[4], at[12]);    MULADD(at[5], at[11]);    MULADD(at[6], at[10]); 
+   COMBA_STORE(C->dp[9]);
+   /* 10 */
+   COMBA_FORWARD;
+   MULADD(at[4], at[13]);    MULADD(at[5], at[12]);    MULADD(at[6], at[11]); 
+   COMBA_STORE(C->dp[10]);
+   /* 11 */
+   COMBA_FORWARD;
+   MULADD(at[5], at[13]);    MULADD(at[6], at[12]); 
+   COMBA_STORE(C->dp[11]);
+   /* 12 */
+   COMBA_FORWARD;
+   MULADD(at[6], at[13]); 
+   COMBA_STORE(C->dp[12]);
+   COMBA_STORE2(C->dp[13]);
+   C->used = 14;
+   C->sign = A->sign ^ B->sign;
+   fp_clamp(C);
+   COMBA_FINI;
+}
+#endif
diff --git a/3P/wolfssl/wolfcrypt/src/fp_mul_comba_8.i b/3P/wolfssl/wolfcrypt/src/fp_mul_comba_8.i
new file mode 100644
index 00000000..fa578a83
--- /dev/null
+++ b/3P/wolfssl/wolfcrypt/src/fp_mul_comba_8.i
@@ -0,0 +1,98 @@
+/* fp_mul_comba_8.i
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#ifdef TFM_MUL8
+void fp_mul_comba8(fp_int *A, fp_int *B, fp_int *C)
+{
+   fp_digit c0, c1, c2, at[16];
+
+   memcpy(at, A->dp, 8 * sizeof(fp_digit));
+   memcpy(at+8, B->dp, 8 * sizeof(fp_digit));
+   COMBA_START;
+
+   COMBA_CLEAR;
+   /* 0 */
+   MULADD(at[0], at[8]); 
+   COMBA_STORE(C->dp[0]);
+   /* 1 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[9]);    MULADD(at[1], at[8]); 
+   COMBA_STORE(C->dp[1]);
+   /* 2 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[10]);    MULADD(at[1], at[9]);    MULADD(at[2], at[8]); 
+   COMBA_STORE(C->dp[2]);
+   /* 3 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[11]);    MULADD(at[1], at[10]);    MULADD(at[2], at[9]);    MULADD(at[3], at[8]); 
+   COMBA_STORE(C->dp[3]);
+   /* 4 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[12]);    MULADD(at[1], at[11]);    MULADD(at[2], at[10]);    MULADD(at[3], at[9]);    MULADD(at[4], at[8]); 
+   COMBA_STORE(C->dp[4]);
+   /* 5 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[13]);    MULADD(at[1], at[12]);    MULADD(at[2], at[11]);    MULADD(at[3], at[10]);    MULADD(at[4], at[9]);    MULADD(at[5], at[8]); 
+   COMBA_STORE(C->dp[5]);
+   /* 6 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[14]);    MULADD(at[1], at[13]);    MULADD(at[2], at[12]);    MULADD(at[3], at[11]);    MULADD(at[4], at[10]);    MULADD(at[5], at[9]);    MULADD(at[6], at[8]); 
+   COMBA_STORE(C->dp[6]);
+   /* 7 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[15]);    MULADD(at[1], at[14]);    MULADD(at[2], at[13]);    MULADD(at[3], at[12]);    MULADD(at[4], at[11]);    MULADD(at[5], at[10]);    MULADD(at[6], at[9]);    MULADD(at[7], at[8]); 
+   COMBA_STORE(C->dp[7]);
+   /* 8 */
+   COMBA_FORWARD;
+   MULADD(at[1], at[15]);    MULADD(at[2], at[14]);    MULADD(at[3], at[13]);    MULADD(at[4], at[12]);    MULADD(at[5], at[11]);    MULADD(at[6], at[10]);    MULADD(at[7], at[9]); 
+   COMBA_STORE(C->dp[8]);
+   /* 9 */
+   COMBA_FORWARD;
+   MULADD(at[2], at[15]);    MULADD(at[3], at[14]);    MULADD(at[4], at[13]);    MULADD(at[5], at[12]);    MULADD(at[6], at[11]);    MULADD(at[7], at[10]); 
+   COMBA_STORE(C->dp[9]);
+   /* 10 */
+   COMBA_FORWARD;
+   MULADD(at[3], at[15]);    MULADD(at[4], at[14]);    MULADD(at[5], at[13]);    MULADD(at[6], at[12]);    MULADD(at[7], at[11]); 
+   COMBA_STORE(C->dp[10]);
+   /* 11 */
+   COMBA_FORWARD;
+   MULADD(at[4], at[15]);    MULADD(at[5], at[14]);    MULADD(at[6], at[13]);    MULADD(at[7], at[12]); 
+   COMBA_STORE(C->dp[11]);
+   /* 12 */
+   COMBA_FORWARD;
+   MULADD(at[5], at[15]);    MULADD(at[6], at[14]);    MULADD(at[7], at[13]); 
+   COMBA_STORE(C->dp[12]);
+   /* 13 */
+   COMBA_FORWARD;
+   MULADD(at[6], at[15]);    MULADD(at[7], at[14]); 
+   COMBA_STORE(C->dp[13]);
+   /* 14 */
+   COMBA_FORWARD;
+   MULADD(at[7], at[15]); 
+   COMBA_STORE(C->dp[14]);
+   COMBA_STORE2(C->dp[15]);
+   C->used = 16;
+   C->sign = A->sign ^ B->sign;
+   fp_clamp(C);
+   COMBA_FINI;
+}
+#endif
diff --git a/3P/wolfssl/wolfcrypt/src/fp_mul_comba_9.i b/3P/wolfssl/wolfcrypt/src/fp_mul_comba_9.i
new file mode 100644
index 00000000..755067f8
--- /dev/null
+++ b/3P/wolfssl/wolfcrypt/src/fp_mul_comba_9.i
@@ -0,0 +1,106 @@
+/* fp_mul_comba_9.i
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#ifdef TFM_MUL9
+void fp_mul_comba9(fp_int *A, fp_int *B, fp_int *C)
+{
+   fp_digit c0, c1, c2, at[18];
+
+   memcpy(at, A->dp, 9 * sizeof(fp_digit));
+   memcpy(at+9, B->dp, 9 * sizeof(fp_digit));
+   COMBA_START;
+
+   COMBA_CLEAR;
+   /* 0 */
+   MULADD(at[0], at[9]); 
+   COMBA_STORE(C->dp[0]);
+   /* 1 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[10]);    MULADD(at[1], at[9]); 
+   COMBA_STORE(C->dp[1]);
+   /* 2 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[11]);    MULADD(at[1], at[10]);    MULADD(at[2], at[9]); 
+   COMBA_STORE(C->dp[2]);
+   /* 3 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[12]);    MULADD(at[1], at[11]);    MULADD(at[2], at[10]);    MULADD(at[3], at[9]); 
+   COMBA_STORE(C->dp[3]);
+   /* 4 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[13]);    MULADD(at[1], at[12]);    MULADD(at[2], at[11]);    MULADD(at[3], at[10]);    MULADD(at[4], at[9]); 
+   COMBA_STORE(C->dp[4]);
+   /* 5 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[14]);    MULADD(at[1], at[13]);    MULADD(at[2], at[12]);    MULADD(at[3], at[11]);    MULADD(at[4], at[10]);    MULADD(at[5], at[9]); 
+   COMBA_STORE(C->dp[5]);
+   /* 6 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[15]);    MULADD(at[1], at[14]);    MULADD(at[2], at[13]);    MULADD(at[3], at[12]);    MULADD(at[4], at[11]);    MULADD(at[5], at[10]);    MULADD(at[6], at[9]); 
+   COMBA_STORE(C->dp[6]);
+   /* 7 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[16]);    MULADD(at[1], at[15]);    MULADD(at[2], at[14]);    MULADD(at[3], at[13]);    MULADD(at[4], at[12]);    MULADD(at[5], at[11]);    MULADD(at[6], at[10]);    MULADD(at[7], at[9]); 
+   COMBA_STORE(C->dp[7]);
+   /* 8 */
+   COMBA_FORWARD;
+   MULADD(at[0], at[17]);    MULADD(at[1], at[16]);    MULADD(at[2], at[15]);    MULADD(at[3], at[14]);    MULADD(at[4], at[13]);    MULADD(at[5], at[12]);    MULADD(at[6], at[11]);    MULADD(at[7], at[10]);    MULADD(at[8], at[9]); 
+   COMBA_STORE(C->dp[8]);
+   /* 9 */
+   COMBA_FORWARD;
+   MULADD(at[1], at[17]);    MULADD(at[2], at[16]);    MULADD(at[3], at[15]);    MULADD(at[4], at[14]);    MULADD(at[5], at[13]);    MULADD(at[6], at[12]);    MULADD(at[7], at[11]);    MULADD(at[8], at[10]); 
+   COMBA_STORE(C->dp[9]);
+   /* 10 */
+   COMBA_FORWARD;
+   MULADD(at[2], at[17]);    MULADD(at[3], at[16]);    MULADD(at[4], at[15]);    MULADD(at[5], at[14]);    MULADD(at[6], at[13]);    MULADD(at[7], at[12]);    MULADD(at[8], at[11]); 
+   COMBA_STORE(C->dp[10]);
+   /* 11 */
+   COMBA_FORWARD;
+   MULADD(at[3], at[17]);    MULADD(at[4], at[16]);    MULADD(at[5], at[15]);    MULADD(at[6], at[14]);    MULADD(at[7], at[13]);    MULADD(at[8], at[12]); 
+   COMBA_STORE(C->dp[11]);
+   /* 12 */
+   COMBA_FORWARD;
+   MULADD(at[4], at[17]);    MULADD(at[5], at[16]);    MULADD(at[6], at[15]);    MULADD(at[7], at[14]);    MULADD(at[8], at[13]); 
+   COMBA_STORE(C->dp[12]);
+   /* 13 */
+   COMBA_FORWARD;
+   MULADD(at[5], at[17]);    MULADD(at[6], at[16]);    MULADD(at[7], at[15]);    MULADD(at[8], at[14]); 
+   COMBA_STORE(C->dp[13]);
+   /* 14 */
+   COMBA_FORWARD;
+   MULADD(at[6], at[17]);    MULADD(at[7], at[16]);    MULADD(at[8], at[15]); 
+   COMBA_STORE(C->dp[14]);
+   /* 15 */
+   COMBA_FORWARD;
+   MULADD(at[7], at[17]);    MULADD(at[8], at[16]); 
+   COMBA_STORE(C->dp[15]);
+   /* 16 */
+   COMBA_FORWARD;
+   MULADD(at[8], at[17]); 
+   COMBA_STORE(C->dp[16]);
+   COMBA_STORE2(C->dp[17]);
+   C->used = 18;
+   C->sign = A->sign ^ B->sign;
+   fp_clamp(C);
+   COMBA_FINI;
+}
+#endif
diff --git a/3P/wolfssl/wolfcrypt/src/fp_mul_comba_small_set.i b/3P/wolfssl/wolfcrypt/src/fp_mul_comba_small_set.i
new file mode 100644
index 00000000..deea5932
--- /dev/null
+++ b/3P/wolfssl/wolfcrypt/src/fp_mul_comba_small_set.i
@@ -0,0 +1,1250 @@
+/* fp_mul_comba_small_set.i
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#if defined(TFM_SMALL_SET)
+void fp_mul_comba_small(fp_int *A, fp_int *B, fp_int *C)
+{
+   fp_digit c0, c1, c2, at[32];
+   switch (MAX(A->used, B->used)) { 
+
+   case 1:
+      memcpy(at, A->dp, 1 * sizeof(fp_digit));
+      memcpy(at+1, B->dp, 1 * sizeof(fp_digit));
+      COMBA_START;
+
+      COMBA_CLEAR;
+      /* 0 */
+      MULADD(at[0], at[1]); 
+      COMBA_STORE(C->dp[0]);
+      COMBA_STORE2(C->dp[1]);
+      C->used = 2;
+      C->sign = A->sign ^ B->sign;
+      fp_clamp(C);
+      COMBA_FINI;
+      break;
+
+   case 2:
+      memcpy(at, A->dp, 2 * sizeof(fp_digit));
+      memcpy(at+2, B->dp, 2 * sizeof(fp_digit));
+      COMBA_START;
+
+      COMBA_CLEAR;
+      /* 0 */
+      MULADD(at[0], at[2]); 
+      COMBA_STORE(C->dp[0]);
+      /* 1 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[3]);       MULADD(at[1], at[2]); 
+      COMBA_STORE(C->dp[1]);
+      /* 2 */
+      COMBA_FORWARD;
+      MULADD(at[1], at[3]); 
+      COMBA_STORE(C->dp[2]);
+      COMBA_STORE2(C->dp[3]);
+      C->used = 4;
+      C->sign = A->sign ^ B->sign;
+      fp_clamp(C);
+      COMBA_FINI;
+      break;
+
+   case 3:
+      memcpy(at, A->dp, 3 * sizeof(fp_digit));
+      memcpy(at+3, B->dp, 3 * sizeof(fp_digit));
+      COMBA_START;
+
+      COMBA_CLEAR;
+      /* 0 */
+      MULADD(at[0], at[3]); 
+      COMBA_STORE(C->dp[0]);
+      /* 1 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[4]);       MULADD(at[1], at[3]); 
+      COMBA_STORE(C->dp[1]);
+      /* 2 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[5]);       MULADD(at[1], at[4]);       MULADD(at[2], at[3]); 
+      COMBA_STORE(C->dp[2]);
+      /* 3 */
+      COMBA_FORWARD;
+      MULADD(at[1], at[5]);       MULADD(at[2], at[4]); 
+      COMBA_STORE(C->dp[3]);
+      /* 4 */
+      COMBA_FORWARD;
+      MULADD(at[2], at[5]); 
+      COMBA_STORE(C->dp[4]);
+      COMBA_STORE2(C->dp[5]);
+      C->used = 6;
+      C->sign = A->sign ^ B->sign;
+      fp_clamp(C);
+      COMBA_FINI;
+      break;
+
+   case 4:
+      memcpy(at, A->dp, 4 * sizeof(fp_digit));
+      memcpy(at+4, B->dp, 4 * sizeof(fp_digit));
+      COMBA_START;
+
+      COMBA_CLEAR;
+      /* 0 */
+      MULADD(at[0], at[4]); 
+      COMBA_STORE(C->dp[0]);
+      /* 1 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[5]);       MULADD(at[1], at[4]); 
+      COMBA_STORE(C->dp[1]);
+      /* 2 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[6]);       MULADD(at[1], at[5]);       MULADD(at[2], at[4]); 
+      COMBA_STORE(C->dp[2]);
+      /* 3 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[7]);       MULADD(at[1], at[6]);       MULADD(at[2], at[5]);       MULADD(at[3], at[4]); 
+      COMBA_STORE(C->dp[3]);
+      /* 4 */
+      COMBA_FORWARD;
+      MULADD(at[1], at[7]);       MULADD(at[2], at[6]);       MULADD(at[3], at[5]); 
+      COMBA_STORE(C->dp[4]);
+      /* 5 */
+      COMBA_FORWARD;
+      MULADD(at[2], at[7]);       MULADD(at[3], at[6]); 
+      COMBA_STORE(C->dp[5]);
+      /* 6 */
+      COMBA_FORWARD;
+      MULADD(at[3], at[7]); 
+      COMBA_STORE(C->dp[6]);
+      COMBA_STORE2(C->dp[7]);
+      C->used = 8;
+      C->sign = A->sign ^ B->sign;
+      fp_clamp(C);
+      COMBA_FINI;
+      break;
+
+   case 5:
+      memcpy(at, A->dp, 5 * sizeof(fp_digit));
+      memcpy(at+5, B->dp, 5 * sizeof(fp_digit));
+      COMBA_START;
+
+      COMBA_CLEAR;
+      /* 0 */
+      MULADD(at[0], at[5]); 
+      COMBA_STORE(C->dp[0]);
+      /* 1 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[6]);       MULADD(at[1], at[5]); 
+      COMBA_STORE(C->dp[1]);
+      /* 2 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[7]);       MULADD(at[1], at[6]);       MULADD(at[2], at[5]); 
+      COMBA_STORE(C->dp[2]);
+      /* 3 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[8]);       MULADD(at[1], at[7]);       MULADD(at[2], at[6]);       MULADD(at[3], at[5]); 
+      COMBA_STORE(C->dp[3]);
+      /* 4 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[9]);       MULADD(at[1], at[8]);       MULADD(at[2], at[7]);       MULADD(at[3], at[6]);       MULADD(at[4], at[5]); 
+      COMBA_STORE(C->dp[4]);
+      /* 5 */
+      COMBA_FORWARD;
+      MULADD(at[1], at[9]);       MULADD(at[2], at[8]);       MULADD(at[3], at[7]);       MULADD(at[4], at[6]); 
+      COMBA_STORE(C->dp[5]);
+      /* 6 */
+      COMBA_FORWARD;
+      MULADD(at[2], at[9]);       MULADD(at[3], at[8]);       MULADD(at[4], at[7]); 
+      COMBA_STORE(C->dp[6]);
+      /* 7 */
+      COMBA_FORWARD;
+      MULADD(at[3], at[9]);       MULADD(at[4], at[8]); 
+      COMBA_STORE(C->dp[7]);
+      /* 8 */
+      COMBA_FORWARD;
+      MULADD(at[4], at[9]); 
+      COMBA_STORE(C->dp[8]);
+      COMBA_STORE2(C->dp[9]);
+      C->used = 10;
+      C->sign = A->sign ^ B->sign;
+      fp_clamp(C);
+      COMBA_FINI;
+      break;
+
+   case 6:
+      memcpy(at, A->dp, 6 * sizeof(fp_digit));
+      memcpy(at+6, B->dp, 6 * sizeof(fp_digit));
+      COMBA_START;
+
+      COMBA_CLEAR;
+      /* 0 */
+      MULADD(at[0], at[6]); 
+      COMBA_STORE(C->dp[0]);
+      /* 1 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[7]);       MULADD(at[1], at[6]); 
+      COMBA_STORE(C->dp[1]);
+      /* 2 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[8]);       MULADD(at[1], at[7]);       MULADD(at[2], at[6]); 
+      COMBA_STORE(C->dp[2]);
+      /* 3 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[9]);       MULADD(at[1], at[8]);       MULADD(at[2], at[7]);       MULADD(at[3], at[6]); 
+      COMBA_STORE(C->dp[3]);
+      /* 4 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[10]);       MULADD(at[1], at[9]);       MULADD(at[2], at[8]);       MULADD(at[3], at[7]);       MULADD(at[4], at[6]); 
+      COMBA_STORE(C->dp[4]);
+      /* 5 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[11]);       MULADD(at[1], at[10]);       MULADD(at[2], at[9]);       MULADD(at[3], at[8]);       MULADD(at[4], at[7]);       MULADD(at[5], at[6]); 
+      COMBA_STORE(C->dp[5]);
+      /* 6 */
+      COMBA_FORWARD;
+      MULADD(at[1], at[11]);       MULADD(at[2], at[10]);       MULADD(at[3], at[9]);       MULADD(at[4], at[8]);       MULADD(at[5], at[7]); 
+      COMBA_STORE(C->dp[6]);
+      /* 7 */
+      COMBA_FORWARD;
+      MULADD(at[2], at[11]);       MULADD(at[3], at[10]);       MULADD(at[4], at[9]);       MULADD(at[5], at[8]); 
+      COMBA_STORE(C->dp[7]);
+      /* 8 */
+      COMBA_FORWARD;
+      MULADD(at[3], at[11]);       MULADD(at[4], at[10]);       MULADD(at[5], at[9]); 
+      COMBA_STORE(C->dp[8]);
+      /* 9 */
+      COMBA_FORWARD;
+      MULADD(at[4], at[11]);       MULADD(at[5], at[10]); 
+      COMBA_STORE(C->dp[9]);
+      /* 10 */
+      COMBA_FORWARD;
+      MULADD(at[5], at[11]); 
+      COMBA_STORE(C->dp[10]);
+      COMBA_STORE2(C->dp[11]);
+      C->used = 12;
+      C->sign = A->sign ^ B->sign;
+      fp_clamp(C);
+      COMBA_FINI;
+      break;
+
+   case 7:
+      memcpy(at, A->dp, 7 * sizeof(fp_digit));
+      memcpy(at+7, B->dp, 7 * sizeof(fp_digit));
+      COMBA_START;
+
+      COMBA_CLEAR;
+      /* 0 */
+      MULADD(at[0], at[7]); 
+      COMBA_STORE(C->dp[0]);
+      /* 1 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[8]);       MULADD(at[1], at[7]); 
+      COMBA_STORE(C->dp[1]);
+      /* 2 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[9]);       MULADD(at[1], at[8]);       MULADD(at[2], at[7]); 
+      COMBA_STORE(C->dp[2]);
+      /* 3 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[10]);       MULADD(at[1], at[9]);       MULADD(at[2], at[8]);       MULADD(at[3], at[7]); 
+      COMBA_STORE(C->dp[3]);
+      /* 4 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[11]);       MULADD(at[1], at[10]);       MULADD(at[2], at[9]);       MULADD(at[3], at[8]);       MULADD(at[4], at[7]); 
+      COMBA_STORE(C->dp[4]);
+      /* 5 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[12]);       MULADD(at[1], at[11]);       MULADD(at[2], at[10]);       MULADD(at[3], at[9]);       MULADD(at[4], at[8]);       MULADD(at[5], at[7]); 
+      COMBA_STORE(C->dp[5]);
+      /* 6 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[13]);       MULADD(at[1], at[12]);       MULADD(at[2], at[11]);       MULADD(at[3], at[10]);       MULADD(at[4], at[9]);       MULADD(at[5], at[8]);       MULADD(at[6], at[7]); 
+      COMBA_STORE(C->dp[6]);
+      /* 7 */
+      COMBA_FORWARD;
+      MULADD(at[1], at[13]);       MULADD(at[2], at[12]);       MULADD(at[3], at[11]);       MULADD(at[4], at[10]);       MULADD(at[5], at[9]);       MULADD(at[6], at[8]); 
+      COMBA_STORE(C->dp[7]);
+      /* 8 */
+      COMBA_FORWARD;
+      MULADD(at[2], at[13]);       MULADD(at[3], at[12]);       MULADD(at[4], at[11]);       MULADD(at[5], at[10]);       MULADD(at[6], at[9]); 
+      COMBA_STORE(C->dp[8]);
+      /* 9 */
+      COMBA_FORWARD;
+      MULADD(at[3], at[13]);       MULADD(at[4], at[12]);       MULADD(at[5], at[11]);       MULADD(at[6], at[10]); 
+      COMBA_STORE(C->dp[9]);
+      /* 10 */
+      COMBA_FORWARD;
+      MULADD(at[4], at[13]);       MULADD(at[5], at[12]);       MULADD(at[6], at[11]); 
+      COMBA_STORE(C->dp[10]);
+      /* 11 */
+      COMBA_FORWARD;
+      MULADD(at[5], at[13]);       MULADD(at[6], at[12]); 
+      COMBA_STORE(C->dp[11]);
+      /* 12 */
+      COMBA_FORWARD;
+      MULADD(at[6], at[13]); 
+      COMBA_STORE(C->dp[12]);
+      COMBA_STORE2(C->dp[13]);
+      C->used = 14;
+      C->sign = A->sign ^ B->sign;
+      fp_clamp(C);
+      COMBA_FINI;
+      break;
+
+   case 8:
+      memcpy(at, A->dp, 8 * sizeof(fp_digit));
+      memcpy(at+8, B->dp, 8 * sizeof(fp_digit));
+      COMBA_START;
+
+      COMBA_CLEAR;
+      /* 0 */
+      MULADD(at[0], at[8]); 
+      COMBA_STORE(C->dp[0]);
+      /* 1 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[9]);       MULADD(at[1], at[8]); 
+      COMBA_STORE(C->dp[1]);
+      /* 2 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[10]);       MULADD(at[1], at[9]);       MULADD(at[2], at[8]); 
+      COMBA_STORE(C->dp[2]);
+      /* 3 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[11]);       MULADD(at[1], at[10]);       MULADD(at[2], at[9]);       MULADD(at[3], at[8]); 
+      COMBA_STORE(C->dp[3]);
+      /* 4 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[12]);       MULADD(at[1], at[11]);       MULADD(at[2], at[10]);       MULADD(at[3], at[9]);       MULADD(at[4], at[8]); 
+      COMBA_STORE(C->dp[4]);
+      /* 5 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[13]);       MULADD(at[1], at[12]);       MULADD(at[2], at[11]);       MULADD(at[3], at[10]);       MULADD(at[4], at[9]);       MULADD(at[5], at[8]); 
+      COMBA_STORE(C->dp[5]);
+      /* 6 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[14]);       MULADD(at[1], at[13]);       MULADD(at[2], at[12]);       MULADD(at[3], at[11]);       MULADD(at[4], at[10]);       MULADD(at[5], at[9]);       MULADD(at[6], at[8]); 
+      COMBA_STORE(C->dp[6]);
+      /* 7 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[15]);       MULADD(at[1], at[14]);       MULADD(at[2], at[13]);       MULADD(at[3], at[12]);       MULADD(at[4], at[11]);       MULADD(at[5], at[10]);       MULADD(at[6], at[9]);       MULADD(at[7], at[8]); 
+      COMBA_STORE(C->dp[7]);
+      /* 8 */
+      COMBA_FORWARD;
+      MULADD(at[1], at[15]);       MULADD(at[2], at[14]);       MULADD(at[3], at[13]);       MULADD(at[4], at[12]);       MULADD(at[5], at[11]);       MULADD(at[6], at[10]);       MULADD(at[7], at[9]); 
+      COMBA_STORE(C->dp[8]);
+      /* 9 */
+      COMBA_FORWARD;
+      MULADD(at[2], at[15]);       MULADD(at[3], at[14]);       MULADD(at[4], at[13]);       MULADD(at[5], at[12]);       MULADD(at[6], at[11]);       MULADD(at[7], at[10]); 
+      COMBA_STORE(C->dp[9]);
+      /* 10 */
+      COMBA_FORWARD;
+      MULADD(at[3], at[15]);       MULADD(at[4], at[14]);       MULADD(at[5], at[13]);       MULADD(at[6], at[12]);       MULADD(at[7], at[11]); 
+      COMBA_STORE(C->dp[10]);
+      /* 11 */
+      COMBA_FORWARD;
+      MULADD(at[4], at[15]);       MULADD(at[5], at[14]);       MULADD(at[6], at[13]);       MULADD(at[7], at[12]); 
+      COMBA_STORE(C->dp[11]);
+      /* 12 */
+      COMBA_FORWARD;
+      MULADD(at[5], at[15]);       MULADD(at[6], at[14]);       MULADD(at[7], at[13]); 
+      COMBA_STORE(C->dp[12]);
+      /* 13 */
+      COMBA_FORWARD;
+      MULADD(at[6], at[15]);       MULADD(at[7], at[14]); 
+      COMBA_STORE(C->dp[13]);
+      /* 14 */
+      COMBA_FORWARD;
+      MULADD(at[7], at[15]); 
+      COMBA_STORE(C->dp[14]);
+      COMBA_STORE2(C->dp[15]);
+      C->used = 16;
+      C->sign = A->sign ^ B->sign;
+      fp_clamp(C);
+      COMBA_FINI;
+      break;
+
+   case 9:
+      memcpy(at, A->dp, 9 * sizeof(fp_digit));
+      memcpy(at+9, B->dp, 9 * sizeof(fp_digit));
+      COMBA_START;
+
+      COMBA_CLEAR;
+      /* 0 */
+      MULADD(at[0], at[9]); 
+      COMBA_STORE(C->dp[0]);
+      /* 1 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[10]);       MULADD(at[1], at[9]); 
+      COMBA_STORE(C->dp[1]);
+      /* 2 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[11]);       MULADD(at[1], at[10]);       MULADD(at[2], at[9]); 
+      COMBA_STORE(C->dp[2]);
+      /* 3 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[12]);       MULADD(at[1], at[11]);       MULADD(at[2], at[10]);       MULADD(at[3], at[9]); 
+      COMBA_STORE(C->dp[3]);
+      /* 4 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[13]);       MULADD(at[1], at[12]);       MULADD(at[2], at[11]);       MULADD(at[3], at[10]);       MULADD(at[4], at[9]); 
+      COMBA_STORE(C->dp[4]);
+      /* 5 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[14]);       MULADD(at[1], at[13]);       MULADD(at[2], at[12]);       MULADD(at[3], at[11]);       MULADD(at[4], at[10]);       MULADD(at[5], at[9]); 
+      COMBA_STORE(C->dp[5]);
+      /* 6 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[15]);       MULADD(at[1], at[14]);       MULADD(at[2], at[13]);       MULADD(at[3], at[12]);       MULADD(at[4], at[11]);       MULADD(at[5], at[10]);       MULADD(at[6], at[9]); 
+      COMBA_STORE(C->dp[6]);
+      /* 7 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[16]);       MULADD(at[1], at[15]);       MULADD(at[2], at[14]);       MULADD(at[3], at[13]);       MULADD(at[4], at[12]);       MULADD(at[5], at[11]);       MULADD(at[6], at[10]);       MULADD(at[7], at[9]); 
+      COMBA_STORE(C->dp[7]);
+      /* 8 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[17]);       MULADD(at[1], at[16]);       MULADD(at[2], at[15]);       MULADD(at[3], at[14]);       MULADD(at[4], at[13]);       MULADD(at[5], at[12]);       MULADD(at[6], at[11]);       MULADD(at[7], at[10]);       MULADD(at[8], at[9]); 
+      COMBA_STORE(C->dp[8]);
+      /* 9 */
+      COMBA_FORWARD;
+      MULADD(at[1], at[17]);       MULADD(at[2], at[16]);       MULADD(at[3], at[15]);       MULADD(at[4], at[14]);       MULADD(at[5], at[13]);       MULADD(at[6], at[12]);       MULADD(at[7], at[11]);       MULADD(at[8], at[10]); 
+      COMBA_STORE(C->dp[9]);
+      /* 10 */
+      COMBA_FORWARD;
+      MULADD(at[2], at[17]);       MULADD(at[3], at[16]);       MULADD(at[4], at[15]);       MULADD(at[5], at[14]);       MULADD(at[6], at[13]);       MULADD(at[7], at[12]);       MULADD(at[8], at[11]); 
+      COMBA_STORE(C->dp[10]);
+      /* 11 */
+      COMBA_FORWARD;
+      MULADD(at[3], at[17]);       MULADD(at[4], at[16]);       MULADD(at[5], at[15]);       MULADD(at[6], at[14]);       MULADD(at[7], at[13]);       MULADD(at[8], at[12]); 
+      COMBA_STORE(C->dp[11]);
+      /* 12 */
+      COMBA_FORWARD;
+      MULADD(at[4], at[17]);       MULADD(at[5], at[16]);       MULADD(at[6], at[15]);       MULADD(at[7], at[14]);       MULADD(at[8], at[13]); 
+      COMBA_STORE(C->dp[12]);
+      /* 13 */
+      COMBA_FORWARD;
+      MULADD(at[5], at[17]);       MULADD(at[6], at[16]);       MULADD(at[7], at[15]);       MULADD(at[8], at[14]); 
+      COMBA_STORE(C->dp[13]);
+      /* 14 */
+      COMBA_FORWARD;
+      MULADD(at[6], at[17]);       MULADD(at[7], at[16]);       MULADD(at[8], at[15]); 
+      COMBA_STORE(C->dp[14]);
+      /* 15 */
+      COMBA_FORWARD;
+      MULADD(at[7], at[17]);       MULADD(at[8], at[16]); 
+      COMBA_STORE(C->dp[15]);
+      /* 16 */
+      COMBA_FORWARD;
+      MULADD(at[8], at[17]); 
+      COMBA_STORE(C->dp[16]);
+      COMBA_STORE2(C->dp[17]);
+      C->used = 18;
+      C->sign = A->sign ^ B->sign;
+      fp_clamp(C);
+      COMBA_FINI;
+      break;
+
+   case 10:
+      memcpy(at, A->dp, 10 * sizeof(fp_digit));
+      memcpy(at+10, B->dp, 10 * sizeof(fp_digit));
+      COMBA_START;
+
+      COMBA_CLEAR;
+      /* 0 */
+      MULADD(at[0], at[10]); 
+      COMBA_STORE(C->dp[0]);
+      /* 1 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[11]);       MULADD(at[1], at[10]); 
+      COMBA_STORE(C->dp[1]);
+      /* 2 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[12]);       MULADD(at[1], at[11]);       MULADD(at[2], at[10]); 
+      COMBA_STORE(C->dp[2]);
+      /* 3 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[13]);       MULADD(at[1], at[12]);       MULADD(at[2], at[11]);       MULADD(at[3], at[10]); 
+      COMBA_STORE(C->dp[3]);
+      /* 4 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[14]);       MULADD(at[1], at[13]);       MULADD(at[2], at[12]);       MULADD(at[3], at[11]);       MULADD(at[4], at[10]); 
+      COMBA_STORE(C->dp[4]);
+      /* 5 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[15]);       MULADD(at[1], at[14]);       MULADD(at[2], at[13]);       MULADD(at[3], at[12]);       MULADD(at[4], at[11]);       MULADD(at[5], at[10]); 
+      COMBA_STORE(C->dp[5]);
+      /* 6 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[16]);       MULADD(at[1], at[15]);       MULADD(at[2], at[14]);       MULADD(at[3], at[13]);       MULADD(at[4], at[12]);       MULADD(at[5], at[11]);       MULADD(at[6], at[10]); 
+      COMBA_STORE(C->dp[6]);
+      /* 7 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[17]);       MULADD(at[1], at[16]);       MULADD(at[2], at[15]);       MULADD(at[3], at[14]);       MULADD(at[4], at[13]);       MULADD(at[5], at[12]);       MULADD(at[6], at[11]);       MULADD(at[7], at[10]); 
+      COMBA_STORE(C->dp[7]);
+      /* 8 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[18]);       MULADD(at[1], at[17]);       MULADD(at[2], at[16]);       MULADD(at[3], at[15]);       MULADD(at[4], at[14]);       MULADD(at[5], at[13]);       MULADD(at[6], at[12]);       MULADD(at[7], at[11]);       MULADD(at[8], at[10]); 
+      COMBA_STORE(C->dp[8]);
+      /* 9 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[19]);       MULADD(at[1], at[18]);       MULADD(at[2], at[17]);       MULADD(at[3], at[16]);       MULADD(at[4], at[15]);       MULADD(at[5], at[14]);       MULADD(at[6], at[13]);       MULADD(at[7], at[12]);       MULADD(at[8], at[11]);       MULADD(at[9], at[10]); 
+      COMBA_STORE(C->dp[9]);
+      /* 10 */
+      COMBA_FORWARD;
+      MULADD(at[1], at[19]);       MULADD(at[2], at[18]);       MULADD(at[3], at[17]);       MULADD(at[4], at[16]);       MULADD(at[5], at[15]);       MULADD(at[6], at[14]);       MULADD(at[7], at[13]);       MULADD(at[8], at[12]);       MULADD(at[9], at[11]); 
+      COMBA_STORE(C->dp[10]);
+      /* 11 */
+      COMBA_FORWARD;
+      MULADD(at[2], at[19]);       MULADD(at[3], at[18]);       MULADD(at[4], at[17]);       MULADD(at[5], at[16]);       MULADD(at[6], at[15]);       MULADD(at[7], at[14]);       MULADD(at[8], at[13]);       MULADD(at[9], at[12]); 
+      COMBA_STORE(C->dp[11]);
+      /* 12 */
+      COMBA_FORWARD;
+      MULADD(at[3], at[19]);       MULADD(at[4], at[18]);       MULADD(at[5], at[17]);       MULADD(at[6], at[16]);       MULADD(at[7], at[15]);       MULADD(at[8], at[14]);       MULADD(at[9], at[13]); 
+      COMBA_STORE(C->dp[12]);
+      /* 13 */
+      COMBA_FORWARD;
+      MULADD(at[4], at[19]);       MULADD(at[5], at[18]);       MULADD(at[6], at[17]);       MULADD(at[7], at[16]);       MULADD(at[8], at[15]);       MULADD(at[9], at[14]); 
+      COMBA_STORE(C->dp[13]);
+      /* 14 */
+      COMBA_FORWARD;
+      MULADD(at[5], at[19]);       MULADD(at[6], at[18]);       MULADD(at[7], at[17]);       MULADD(at[8], at[16]);       MULADD(at[9], at[15]); 
+      COMBA_STORE(C->dp[14]);
+      /* 15 */
+      COMBA_FORWARD;
+      MULADD(at[6], at[19]);       MULADD(at[7], at[18]);       MULADD(at[8], at[17]);       MULADD(at[9], at[16]); 
+      COMBA_STORE(C->dp[15]);
+      /* 16 */
+      COMBA_FORWARD;
+      MULADD(at[7], at[19]);       MULADD(at[8], at[18]);       MULADD(at[9], at[17]); 
+      COMBA_STORE(C->dp[16]);
+      /* 17 */
+      COMBA_FORWARD;
+      MULADD(at[8], at[19]);       MULADD(at[9], at[18]); 
+      COMBA_STORE(C->dp[17]);
+      /* 18 */
+      COMBA_FORWARD;
+      MULADD(at[9], at[19]); 
+      COMBA_STORE(C->dp[18]);
+      COMBA_STORE2(C->dp[19]);
+      C->used = 20;
+      C->sign = A->sign ^ B->sign;
+      fp_clamp(C);
+      COMBA_FINI;
+      break;
+
+   case 11:
+      memcpy(at, A->dp, 11 * sizeof(fp_digit));
+      memcpy(at+11, B->dp, 11 * sizeof(fp_digit));
+      COMBA_START;
+
+      COMBA_CLEAR;
+      /* 0 */
+      MULADD(at[0], at[11]); 
+      COMBA_STORE(C->dp[0]);
+      /* 1 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[12]);       MULADD(at[1], at[11]); 
+      COMBA_STORE(C->dp[1]);
+      /* 2 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[13]);       MULADD(at[1], at[12]);       MULADD(at[2], at[11]); 
+      COMBA_STORE(C->dp[2]);
+      /* 3 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[14]);       MULADD(at[1], at[13]);       MULADD(at[2], at[12]);       MULADD(at[3], at[11]); 
+      COMBA_STORE(C->dp[3]);
+      /* 4 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[15]);       MULADD(at[1], at[14]);       MULADD(at[2], at[13]);       MULADD(at[3], at[12]);       MULADD(at[4], at[11]); 
+      COMBA_STORE(C->dp[4]);
+      /* 5 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[16]);       MULADD(at[1], at[15]);       MULADD(at[2], at[14]);       MULADD(at[3], at[13]);       MULADD(at[4], at[12]);       MULADD(at[5], at[11]); 
+      COMBA_STORE(C->dp[5]);
+      /* 6 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[17]);       MULADD(at[1], at[16]);       MULADD(at[2], at[15]);       MULADD(at[3], at[14]);       MULADD(at[4], at[13]);       MULADD(at[5], at[12]);       MULADD(at[6], at[11]); 
+      COMBA_STORE(C->dp[6]);
+      /* 7 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[18]);       MULADD(at[1], at[17]);       MULADD(at[2], at[16]);       MULADD(at[3], at[15]);       MULADD(at[4], at[14]);       MULADD(at[5], at[13]);       MULADD(at[6], at[12]);       MULADD(at[7], at[11]); 
+      COMBA_STORE(C->dp[7]);
+      /* 8 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[19]);       MULADD(at[1], at[18]);       MULADD(at[2], at[17]);       MULADD(at[3], at[16]);       MULADD(at[4], at[15]);       MULADD(at[5], at[14]);       MULADD(at[6], at[13]);       MULADD(at[7], at[12]);       MULADD(at[8], at[11]); 
+      COMBA_STORE(C->dp[8]);
+      /* 9 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[20]);       MULADD(at[1], at[19]);       MULADD(at[2], at[18]);       MULADD(at[3], at[17]);       MULADD(at[4], at[16]);       MULADD(at[5], at[15]);       MULADD(at[6], at[14]);       MULADD(at[7], at[13]);       MULADD(at[8], at[12]);       MULADD(at[9], at[11]); 
+      COMBA_STORE(C->dp[9]);
+      /* 10 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[21]);       MULADD(at[1], at[20]);       MULADD(at[2], at[19]);       MULADD(at[3], at[18]);       MULADD(at[4], at[17]);       MULADD(at[5], at[16]);       MULADD(at[6], at[15]);       MULADD(at[7], at[14]);       MULADD(at[8], at[13]);       MULADD(at[9], at[12]);       MULADD(at[10], at[11]); 
+      COMBA_STORE(C->dp[10]);
+      /* 11 */
+      COMBA_FORWARD;
+      MULADD(at[1], at[21]);       MULADD(at[2], at[20]);       MULADD(at[3], at[19]);       MULADD(at[4], at[18]);       MULADD(at[5], at[17]);       MULADD(at[6], at[16]);       MULADD(at[7], at[15]);       MULADD(at[8], at[14]);       MULADD(at[9], at[13]);       MULADD(at[10], at[12]); 
+      COMBA_STORE(C->dp[11]);
+      /* 12 */
+      COMBA_FORWARD;
+      MULADD(at[2], at[21]);       MULADD(at[3], at[20]);       MULADD(at[4], at[19]);       MULADD(at[5], at[18]);       MULADD(at[6], at[17]);       MULADD(at[7], at[16]);       MULADD(at[8], at[15]);       MULADD(at[9], at[14]);       MULADD(at[10], at[13]); 
+      COMBA_STORE(C->dp[12]);
+      /* 13 */
+      COMBA_FORWARD;
+      MULADD(at[3], at[21]);       MULADD(at[4], at[20]);       MULADD(at[5], at[19]);       MULADD(at[6], at[18]);       MULADD(at[7], at[17]);       MULADD(at[8], at[16]);       MULADD(at[9], at[15]);       MULADD(at[10], at[14]); 
+      COMBA_STORE(C->dp[13]);
+      /* 14 */
+      COMBA_FORWARD;
+      MULADD(at[4], at[21]);       MULADD(at[5], at[20]);       MULADD(at[6], at[19]);       MULADD(at[7], at[18]);       MULADD(at[8], at[17]);       MULADD(at[9], at[16]);       MULADD(at[10], at[15]); 
+      COMBA_STORE(C->dp[14]);
+      /* 15 */
+      COMBA_FORWARD;
+      MULADD(at[5], at[21]);       MULADD(at[6], at[20]);       MULADD(at[7], at[19]);       MULADD(at[8], at[18]);       MULADD(at[9], at[17]);       MULADD(at[10], at[16]); 
+      COMBA_STORE(C->dp[15]);
+      /* 16 */
+      COMBA_FORWARD;
+      MULADD(at[6], at[21]);       MULADD(at[7], at[20]);       MULADD(at[8], at[19]);       MULADD(at[9], at[18]);       MULADD(at[10], at[17]); 
+      COMBA_STORE(C->dp[16]);
+      /* 17 */
+      COMBA_FORWARD;
+      MULADD(at[7], at[21]);       MULADD(at[8], at[20]);       MULADD(at[9], at[19]);       MULADD(at[10], at[18]); 
+      COMBA_STORE(C->dp[17]);
+      /* 18 */
+      COMBA_FORWARD;
+      MULADD(at[8], at[21]);       MULADD(at[9], at[20]);       MULADD(at[10], at[19]); 
+      COMBA_STORE(C->dp[18]);
+      /* 19 */
+      COMBA_FORWARD;
+      MULADD(at[9], at[21]);       MULADD(at[10], at[20]); 
+      COMBA_STORE(C->dp[19]);
+      /* 20 */
+      COMBA_FORWARD;
+      MULADD(at[10], at[21]); 
+      COMBA_STORE(C->dp[20]);
+      COMBA_STORE2(C->dp[21]);
+      C->used = 22;
+      C->sign = A->sign ^ B->sign;
+      fp_clamp(C);
+      COMBA_FINI;
+      break;
+
+   case 12:
+      memcpy(at, A->dp, 12 * sizeof(fp_digit));
+      memcpy(at+12, B->dp, 12 * sizeof(fp_digit));
+      COMBA_START;
+
+      COMBA_CLEAR;
+      /* 0 */
+      MULADD(at[0], at[12]); 
+      COMBA_STORE(C->dp[0]);
+      /* 1 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[13]);       MULADD(at[1], at[12]); 
+      COMBA_STORE(C->dp[1]);
+      /* 2 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[14]);       MULADD(at[1], at[13]);       MULADD(at[2], at[12]); 
+      COMBA_STORE(C->dp[2]);
+      /* 3 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[15]);       MULADD(at[1], at[14]);       MULADD(at[2], at[13]);       MULADD(at[3], at[12]); 
+      COMBA_STORE(C->dp[3]);
+      /* 4 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[16]);       MULADD(at[1], at[15]);       MULADD(at[2], at[14]);       MULADD(at[3], at[13]);       MULADD(at[4], at[12]); 
+      COMBA_STORE(C->dp[4]);
+      /* 5 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[17]);       MULADD(at[1], at[16]);       MULADD(at[2], at[15]);       MULADD(at[3], at[14]);       MULADD(at[4], at[13]);       MULADD(at[5], at[12]); 
+      COMBA_STORE(C->dp[5]);
+      /* 6 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[18]);       MULADD(at[1], at[17]);       MULADD(at[2], at[16]);       MULADD(at[3], at[15]);       MULADD(at[4], at[14]);       MULADD(at[5], at[13]);       MULADD(at[6], at[12]); 
+      COMBA_STORE(C->dp[6]);
+      /* 7 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[19]);       MULADD(at[1], at[18]);       MULADD(at[2], at[17]);       MULADD(at[3], at[16]);       MULADD(at[4], at[15]);       MULADD(at[5], at[14]);       MULADD(at[6], at[13]);       MULADD(at[7], at[12]); 
+      COMBA_STORE(C->dp[7]);
+      /* 8 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[20]);       MULADD(at[1], at[19]);       MULADD(at[2], at[18]);       MULADD(at[3], at[17]);       MULADD(at[4], at[16]);       MULADD(at[5], at[15]);       MULADD(at[6], at[14]);       MULADD(at[7], at[13]);       MULADD(at[8], at[12]); 
+      COMBA_STORE(C->dp[8]);
+      /* 9 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[21]);       MULADD(at[1], at[20]);       MULADD(at[2], at[19]);       MULADD(at[3], at[18]);       MULADD(at[4], at[17]);       MULADD(at[5], at[16]);       MULADD(at[6], at[15]);       MULADD(at[7], at[14]);       MULADD(at[8], at[13]);       MULADD(at[9], at[12]); 
+      COMBA_STORE(C->dp[9]);
+      /* 10 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[22]);       MULADD(at[1], at[21]);       MULADD(at[2], at[20]);       MULADD(at[3], at[19]);       MULADD(at[4], at[18]);       MULADD(at[5], at[17]);       MULADD(at[6], at[16]);       MULADD(at[7], at[15]);       MULADD(at[8], at[14]);       MULADD(at[9], at[13]);       MULADD(at[10], at[12]); 
+      COMBA_STORE(C->dp[10]);
+      /* 11 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[23]);       MULADD(at[1], at[22]);       MULADD(at[2], at[21]);       MULADD(at[3], at[20]);       MULADD(at[4], at[19]);       MULADD(at[5], at[18]);       MULADD(at[6], at[17]);       MULADD(at[7], at[16]);       MULADD(at[8], at[15]);       MULADD(at[9], at[14]);       MULADD(at[10], at[13]);       MULADD(at[11], at[12]); 
+      COMBA_STORE(C->dp[11]);
+      /* 12 */
+      COMBA_FORWARD;
+      MULADD(at[1], at[23]);       MULADD(at[2], at[22]);       MULADD(at[3], at[21]);       MULADD(at[4], at[20]);       MULADD(at[5], at[19]);       MULADD(at[6], at[18]);       MULADD(at[7], at[17]);       MULADD(at[8], at[16]);       MULADD(at[9], at[15]);       MULADD(at[10], at[14]);       MULADD(at[11], at[13]); 
+      COMBA_STORE(C->dp[12]);
+      /* 13 */
+      COMBA_FORWARD;
+      MULADD(at[2], at[23]);       MULADD(at[3], at[22]);       MULADD(at[4], at[21]);       MULADD(at[5], at[20]);       MULADD(at[6], at[19]);       MULADD(at[7], at[18]);       MULADD(at[8], at[17]);       MULADD(at[9], at[16]);       MULADD(at[10], at[15]);       MULADD(at[11], at[14]); 
+      COMBA_STORE(C->dp[13]);
+      /* 14 */
+      COMBA_FORWARD;
+      MULADD(at[3], at[23]);       MULADD(at[4], at[22]);       MULADD(at[5], at[21]);       MULADD(at[6], at[20]);       MULADD(at[7], at[19]);       MULADD(at[8], at[18]);       MULADD(at[9], at[17]);       MULADD(at[10], at[16]);       MULADD(at[11], at[15]); 
+      COMBA_STORE(C->dp[14]);
+      /* 15 */
+      COMBA_FORWARD;
+      MULADD(at[4], at[23]);       MULADD(at[5], at[22]);       MULADD(at[6], at[21]);       MULADD(at[7], at[20]);       MULADD(at[8], at[19]);       MULADD(at[9], at[18]);       MULADD(at[10], at[17]);       MULADD(at[11], at[16]); 
+      COMBA_STORE(C->dp[15]);
+      /* 16 */
+      COMBA_FORWARD;
+      MULADD(at[5], at[23]);       MULADD(at[6], at[22]);       MULADD(at[7], at[21]);       MULADD(at[8], at[20]);       MULADD(at[9], at[19]);       MULADD(at[10], at[18]);       MULADD(at[11], at[17]); 
+      COMBA_STORE(C->dp[16]);
+      /* 17 */
+      COMBA_FORWARD;
+      MULADD(at[6], at[23]);       MULADD(at[7], at[22]);       MULADD(at[8], at[21]);       MULADD(at[9], at[20]);       MULADD(at[10], at[19]);       MULADD(at[11], at[18]); 
+      COMBA_STORE(C->dp[17]);
+      /* 18 */
+      COMBA_FORWARD;
+      MULADD(at[7], at[23]);       MULADD(at[8], at[22]);       MULADD(at[9], at[21]);       MULADD(at[10], at[20]);       MULADD(at[11], at[19]); 
+      COMBA_STORE(C->dp[18]);
+      /* 19 */
+      COMBA_FORWARD;
+      MULADD(at[8], at[23]);       MULADD(at[9], at[22]);       MULADD(at[10], at[21]);       MULADD(at[11], at[20]); 
+      COMBA_STORE(C->dp[19]);
+      /* 20 */
+      COMBA_FORWARD;
+      MULADD(at[9], at[23]);       MULADD(at[10], at[22]);       MULADD(at[11], at[21]); 
+      COMBA_STORE(C->dp[20]);
+      /* 21 */
+      COMBA_FORWARD;
+      MULADD(at[10], at[23]);       MULADD(at[11], at[22]); 
+      COMBA_STORE(C->dp[21]);
+      /* 22 */
+      COMBA_FORWARD;
+      MULADD(at[11], at[23]); 
+      COMBA_STORE(C->dp[22]);
+      COMBA_STORE2(C->dp[23]);
+      C->used = 24;
+      C->sign = A->sign ^ B->sign;
+      fp_clamp(C);
+      COMBA_FINI;
+      break;
+
+   case 13:
+      memcpy(at, A->dp, 13 * sizeof(fp_digit));
+      memcpy(at+13, B->dp, 13 * sizeof(fp_digit));
+      COMBA_START;
+
+      COMBA_CLEAR;
+      /* 0 */
+      MULADD(at[0], at[13]); 
+      COMBA_STORE(C->dp[0]);
+      /* 1 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[14]);       MULADD(at[1], at[13]); 
+      COMBA_STORE(C->dp[1]);
+      /* 2 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[15]);       MULADD(at[1], at[14]);       MULADD(at[2], at[13]); 
+      COMBA_STORE(C->dp[2]);
+      /* 3 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[16]);       MULADD(at[1], at[15]);       MULADD(at[2], at[14]);       MULADD(at[3], at[13]); 
+      COMBA_STORE(C->dp[3]);
+      /* 4 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[17]);       MULADD(at[1], at[16]);       MULADD(at[2], at[15]);       MULADD(at[3], at[14]);       MULADD(at[4], at[13]); 
+      COMBA_STORE(C->dp[4]);
+      /* 5 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[18]);       MULADD(at[1], at[17]);       MULADD(at[2], at[16]);       MULADD(at[3], at[15]);       MULADD(at[4], at[14]);       MULADD(at[5], at[13]); 
+      COMBA_STORE(C->dp[5]);
+      /* 6 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[19]);       MULADD(at[1], at[18]);       MULADD(at[2], at[17]);       MULADD(at[3], at[16]);       MULADD(at[4], at[15]);       MULADD(at[5], at[14]);       MULADD(at[6], at[13]); 
+      COMBA_STORE(C->dp[6]);
+      /* 7 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[20]);       MULADD(at[1], at[19]);       MULADD(at[2], at[18]);       MULADD(at[3], at[17]);       MULADD(at[4], at[16]);       MULADD(at[5], at[15]);       MULADD(at[6], at[14]);       MULADD(at[7], at[13]); 
+      COMBA_STORE(C->dp[7]);
+      /* 8 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[21]);       MULADD(at[1], at[20]);       MULADD(at[2], at[19]);       MULADD(at[3], at[18]);       MULADD(at[4], at[17]);       MULADD(at[5], at[16]);       MULADD(at[6], at[15]);       MULADD(at[7], at[14]);       MULADD(at[8], at[13]); 
+      COMBA_STORE(C->dp[8]);
+      /* 9 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[22]);       MULADD(at[1], at[21]);       MULADD(at[2], at[20]);       MULADD(at[3], at[19]);       MULADD(at[4], at[18]);       MULADD(at[5], at[17]);       MULADD(at[6], at[16]);       MULADD(at[7], at[15]);       MULADD(at[8], at[14]);       MULADD(at[9], at[13]); 
+      COMBA_STORE(C->dp[9]);
+      /* 10 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[23]);       MULADD(at[1], at[22]);       MULADD(at[2], at[21]);       MULADD(at[3], at[20]);       MULADD(at[4], at[19]);       MULADD(at[5], at[18]);       MULADD(at[6], at[17]);       MULADD(at[7], at[16]);       MULADD(at[8], at[15]);       MULADD(at[9], at[14]);       MULADD(at[10], at[13]); 
+      COMBA_STORE(C->dp[10]);
+      /* 11 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[24]);       MULADD(at[1], at[23]);       MULADD(at[2], at[22]);       MULADD(at[3], at[21]);       MULADD(at[4], at[20]);       MULADD(at[5], at[19]);       MULADD(at[6], at[18]);       MULADD(at[7], at[17]);       MULADD(at[8], at[16]);       MULADD(at[9], at[15]);       MULADD(at[10], at[14]);       MULADD(at[11], at[13]); 
+      COMBA_STORE(C->dp[11]);
+      /* 12 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[25]);       MULADD(at[1], at[24]);       MULADD(at[2], at[23]);       MULADD(at[3], at[22]);       MULADD(at[4], at[21]);       MULADD(at[5], at[20]);       MULADD(at[6], at[19]);       MULADD(at[7], at[18]);       MULADD(at[8], at[17]);       MULADD(at[9], at[16]);       MULADD(at[10], at[15]);       MULADD(at[11], at[14]);       MULADD(at[12], at[13]); 
+      COMBA_STORE(C->dp[12]);
+      /* 13 */
+      COMBA_FORWARD;
+      MULADD(at[1], at[25]);       MULADD(at[2], at[24]);       MULADD(at[3], at[23]);       MULADD(at[4], at[22]);       MULADD(at[5], at[21]);       MULADD(at[6], at[20]);       MULADD(at[7], at[19]);       MULADD(at[8], at[18]);       MULADD(at[9], at[17]);       MULADD(at[10], at[16]);       MULADD(at[11], at[15]);       MULADD(at[12], at[14]); 
+      COMBA_STORE(C->dp[13]);
+      /* 14 */
+      COMBA_FORWARD;
+      MULADD(at[2], at[25]);       MULADD(at[3], at[24]);       MULADD(at[4], at[23]);       MULADD(at[5], at[22]);       MULADD(at[6], at[21]);       MULADD(at[7], at[20]);       MULADD(at[8], at[19]);       MULADD(at[9], at[18]);       MULADD(at[10], at[17]);       MULADD(at[11], at[16]);       MULADD(at[12], at[15]); 
+      COMBA_STORE(C->dp[14]);
+      /* 15 */
+      COMBA_FORWARD;
+      MULADD(at[3], at[25]);       MULADD(at[4], at[24]);       MULADD(at[5], at[23]);       MULADD(at[6], at[22]);       MULADD(at[7], at[21]);       MULADD(at[8], at[20]);       MULADD(at[9], at[19]);       MULADD(at[10], at[18]);       MULADD(at[11], at[17]);       MULADD(at[12], at[16]); 
+      COMBA_STORE(C->dp[15]);
+      /* 16 */
+      COMBA_FORWARD;
+      MULADD(at[4], at[25]);       MULADD(at[5], at[24]);       MULADD(at[6], at[23]);       MULADD(at[7], at[22]);       MULADD(at[8], at[21]);       MULADD(at[9], at[20]);       MULADD(at[10], at[19]);       MULADD(at[11], at[18]);       MULADD(at[12], at[17]); 
+      COMBA_STORE(C->dp[16]);
+      /* 17 */
+      COMBA_FORWARD;
+      MULADD(at[5], at[25]);       MULADD(at[6], at[24]);       MULADD(at[7], at[23]);       MULADD(at[8], at[22]);       MULADD(at[9], at[21]);       MULADD(at[10], at[20]);       MULADD(at[11], at[19]);       MULADD(at[12], at[18]); 
+      COMBA_STORE(C->dp[17]);
+      /* 18 */
+      COMBA_FORWARD;
+      MULADD(at[6], at[25]);       MULADD(at[7], at[24]);       MULADD(at[8], at[23]);       MULADD(at[9], at[22]);       MULADD(at[10], at[21]);       MULADD(at[11], at[20]);       MULADD(at[12], at[19]); 
+      COMBA_STORE(C->dp[18]);
+      /* 19 */
+      COMBA_FORWARD;
+      MULADD(at[7], at[25]);       MULADD(at[8], at[24]);       MULADD(at[9], at[23]);       MULADD(at[10], at[22]);       MULADD(at[11], at[21]);       MULADD(at[12], at[20]); 
+      COMBA_STORE(C->dp[19]);
+      /* 20 */
+      COMBA_FORWARD;
+      MULADD(at[8], at[25]);       MULADD(at[9], at[24]);       MULADD(at[10], at[23]);       MULADD(at[11], at[22]);       MULADD(at[12], at[21]); 
+      COMBA_STORE(C->dp[20]);
+      /* 21 */
+      COMBA_FORWARD;
+      MULADD(at[9], at[25]);       MULADD(at[10], at[24]);       MULADD(at[11], at[23]);       MULADD(at[12], at[22]); 
+      COMBA_STORE(C->dp[21]);
+      /* 22 */
+      COMBA_FORWARD;
+      MULADD(at[10], at[25]);       MULADD(at[11], at[24]);       MULADD(at[12], at[23]); 
+      COMBA_STORE(C->dp[22]);
+      /* 23 */
+      COMBA_FORWARD;
+      MULADD(at[11], at[25]);       MULADD(at[12], at[24]); 
+      COMBA_STORE(C->dp[23]);
+      /* 24 */
+      COMBA_FORWARD;
+      MULADD(at[12], at[25]); 
+      COMBA_STORE(C->dp[24]);
+      COMBA_STORE2(C->dp[25]);
+      C->used = 26;
+      C->sign = A->sign ^ B->sign;
+      fp_clamp(C);
+      COMBA_FINI;
+      break;
+
+   case 14:
+      memcpy(at, A->dp, 14 * sizeof(fp_digit));
+      memcpy(at+14, B->dp, 14 * sizeof(fp_digit));
+      COMBA_START;
+
+      COMBA_CLEAR;
+      /* 0 */
+      MULADD(at[0], at[14]); 
+      COMBA_STORE(C->dp[0]);
+      /* 1 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[15]);       MULADD(at[1], at[14]); 
+      COMBA_STORE(C->dp[1]);
+      /* 2 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[16]);       MULADD(at[1], at[15]);       MULADD(at[2], at[14]); 
+      COMBA_STORE(C->dp[2]);
+      /* 3 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[17]);       MULADD(at[1], at[16]);       MULADD(at[2], at[15]);       MULADD(at[3], at[14]); 
+      COMBA_STORE(C->dp[3]);
+      /* 4 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[18]);       MULADD(at[1], at[17]);       MULADD(at[2], at[16]);       MULADD(at[3], at[15]);       MULADD(at[4], at[14]); 
+      COMBA_STORE(C->dp[4]);
+      /* 5 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[19]);       MULADD(at[1], at[18]);       MULADD(at[2], at[17]);       MULADD(at[3], at[16]);       MULADD(at[4], at[15]);       MULADD(at[5], at[14]); 
+      COMBA_STORE(C->dp[5]);
+      /* 6 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[20]);       MULADD(at[1], at[19]);       MULADD(at[2], at[18]);       MULADD(at[3], at[17]);       MULADD(at[4], at[16]);       MULADD(at[5], at[15]);       MULADD(at[6], at[14]); 
+      COMBA_STORE(C->dp[6]);
+      /* 7 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[21]);       MULADD(at[1], at[20]);       MULADD(at[2], at[19]);       MULADD(at[3], at[18]);       MULADD(at[4], at[17]);       MULADD(at[5], at[16]);       MULADD(at[6], at[15]);       MULADD(at[7], at[14]); 
+      COMBA_STORE(C->dp[7]);
+      /* 8 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[22]);       MULADD(at[1], at[21]);       MULADD(at[2], at[20]);       MULADD(at[3], at[19]);       MULADD(at[4], at[18]);       MULADD(at[5], at[17]);       MULADD(at[6], at[16]);       MULADD(at[7], at[15]);       MULADD(at[8], at[14]); 
+      COMBA_STORE(C->dp[8]);
+      /* 9 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[23]);       MULADD(at[1], at[22]);       MULADD(at[2], at[21]);       MULADD(at[3], at[20]);       MULADD(at[4], at[19]);       MULADD(at[5], at[18]);       MULADD(at[6], at[17]);       MULADD(at[7], at[16]);       MULADD(at[8], at[15]);       MULADD(at[9], at[14]); 
+      COMBA_STORE(C->dp[9]);
+      /* 10 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[24]);       MULADD(at[1], at[23]);       MULADD(at[2], at[22]);       MULADD(at[3], at[21]);       MULADD(at[4], at[20]);       MULADD(at[5], at[19]);       MULADD(at[6], at[18]);       MULADD(at[7], at[17]);       MULADD(at[8], at[16]);       MULADD(at[9], at[15]);       MULADD(at[10], at[14]); 
+      COMBA_STORE(C->dp[10]);
+      /* 11 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[25]);       MULADD(at[1], at[24]);       MULADD(at[2], at[23]);       MULADD(at[3], at[22]);       MULADD(at[4], at[21]);       MULADD(at[5], at[20]);       MULADD(at[6], at[19]);       MULADD(at[7], at[18]);       MULADD(at[8], at[17]);       MULADD(at[9], at[16]);       MULADD(at[10], at[15]);       MULADD(at[11], at[14]); 
+      COMBA_STORE(C->dp[11]);
+      /* 12 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[26]);       MULADD(at[1], at[25]);       MULADD(at[2], at[24]);       MULADD(at[3], at[23]);       MULADD(at[4], at[22]);       MULADD(at[5], at[21]);       MULADD(at[6], at[20]);       MULADD(at[7], at[19]);       MULADD(at[8], at[18]);       MULADD(at[9], at[17]);       MULADD(at[10], at[16]);       MULADD(at[11], at[15]);       MULADD(at[12], at[14]); 
+      COMBA_STORE(C->dp[12]);
+      /* 13 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[27]);       MULADD(at[1], at[26]);       MULADD(at[2], at[25]);       MULADD(at[3], at[24]);       MULADD(at[4], at[23]);       MULADD(at[5], at[22]);       MULADD(at[6], at[21]);       MULADD(at[7], at[20]);       MULADD(at[8], at[19]);       MULADD(at[9], at[18]);       MULADD(at[10], at[17]);       MULADD(at[11], at[16]);       MULADD(at[12], at[15]);       MULADD(at[13], at[14]); 
+      COMBA_STORE(C->dp[13]);
+      /* 14 */
+      COMBA_FORWARD;
+      MULADD(at[1], at[27]);       MULADD(at[2], at[26]);       MULADD(at[3], at[25]);       MULADD(at[4], at[24]);       MULADD(at[5], at[23]);       MULADD(at[6], at[22]);       MULADD(at[7], at[21]);       MULADD(at[8], at[20]);       MULADD(at[9], at[19]);       MULADD(at[10], at[18]);       MULADD(at[11], at[17]);       MULADD(at[12], at[16]);       MULADD(at[13], at[15]); 
+      COMBA_STORE(C->dp[14]);
+      /* 15 */
+      COMBA_FORWARD;
+      MULADD(at[2], at[27]);       MULADD(at[3], at[26]);       MULADD(at[4], at[25]);       MULADD(at[5], at[24]);       MULADD(at[6], at[23]);       MULADD(at[7], at[22]);       MULADD(at[8], at[21]);       MULADD(at[9], at[20]);       MULADD(at[10], at[19]);       MULADD(at[11], at[18]);       MULADD(at[12], at[17]);       MULADD(at[13], at[16]); 
+      COMBA_STORE(C->dp[15]);
+      /* 16 */
+      COMBA_FORWARD;
+      MULADD(at[3], at[27]);       MULADD(at[4], at[26]);       MULADD(at[5], at[25]);       MULADD(at[6], at[24]);       MULADD(at[7], at[23]);       MULADD(at[8], at[22]);       MULADD(at[9], at[21]);       MULADD(at[10], at[20]);       MULADD(at[11], at[19]);       MULADD(at[12], at[18]);       MULADD(at[13], at[17]); 
+      COMBA_STORE(C->dp[16]);
+      /* 17 */
+      COMBA_FORWARD;
+      MULADD(at[4], at[27]);       MULADD(at[5], at[26]);       MULADD(at[6], at[25]);       MULADD(at[7], at[24]);       MULADD(at[8], at[23]);       MULADD(at[9], at[22]);       MULADD(at[10], at[21]);       MULADD(at[11], at[20]);       MULADD(at[12], at[19]);       MULADD(at[13], at[18]); 
+      COMBA_STORE(C->dp[17]);
+      /* 18 */
+      COMBA_FORWARD;
+      MULADD(at[5], at[27]);       MULADD(at[6], at[26]);       MULADD(at[7], at[25]);       MULADD(at[8], at[24]);       MULADD(at[9], at[23]);       MULADD(at[10], at[22]);       MULADD(at[11], at[21]);       MULADD(at[12], at[20]);       MULADD(at[13], at[19]); 
+      COMBA_STORE(C->dp[18]);
+      /* 19 */
+      COMBA_FORWARD;
+      MULADD(at[6], at[27]);       MULADD(at[7], at[26]);       MULADD(at[8], at[25]);       MULADD(at[9], at[24]);       MULADD(at[10], at[23]);       MULADD(at[11], at[22]);       MULADD(at[12], at[21]);       MULADD(at[13], at[20]); 
+      COMBA_STORE(C->dp[19]);
+      /* 20 */
+      COMBA_FORWARD;
+      MULADD(at[7], at[27]);       MULADD(at[8], at[26]);       MULADD(at[9], at[25]);       MULADD(at[10], at[24]);       MULADD(at[11], at[23]);       MULADD(at[12], at[22]);       MULADD(at[13], at[21]); 
+      COMBA_STORE(C->dp[20]);
+      /* 21 */
+      COMBA_FORWARD;
+      MULADD(at[8], at[27]);       MULADD(at[9], at[26]);       MULADD(at[10], at[25]);       MULADD(at[11], at[24]);       MULADD(at[12], at[23]);       MULADD(at[13], at[22]); 
+      COMBA_STORE(C->dp[21]);
+      /* 22 */
+      COMBA_FORWARD;
+      MULADD(at[9], at[27]);       MULADD(at[10], at[26]);       MULADD(at[11], at[25]);       MULADD(at[12], at[24]);       MULADD(at[13], at[23]); 
+      COMBA_STORE(C->dp[22]);
+      /* 23 */
+      COMBA_FORWARD;
+      MULADD(at[10], at[27]);       MULADD(at[11], at[26]);       MULADD(at[12], at[25]);       MULADD(at[13], at[24]); 
+      COMBA_STORE(C->dp[23]);
+      /* 24 */
+      COMBA_FORWARD;
+      MULADD(at[11], at[27]);       MULADD(at[12], at[26]);       MULADD(at[13], at[25]); 
+      COMBA_STORE(C->dp[24]);
+      /* 25 */
+      COMBA_FORWARD;
+      MULADD(at[12], at[27]);       MULADD(at[13], at[26]); 
+      COMBA_STORE(C->dp[25]);
+      /* 26 */
+      COMBA_FORWARD;
+      MULADD(at[13], at[27]); 
+      COMBA_STORE(C->dp[26]);
+      COMBA_STORE2(C->dp[27]);
+      C->used = 28;
+      C->sign = A->sign ^ B->sign;
+      fp_clamp(C);
+      COMBA_FINI;
+      break;
+
+   case 15:
+      memcpy(at, A->dp, 15 * sizeof(fp_digit));
+      memcpy(at+15, B->dp, 15 * sizeof(fp_digit));
+      COMBA_START;
+
+      COMBA_CLEAR;
+      /* 0 */
+      MULADD(at[0], at[15]); 
+      COMBA_STORE(C->dp[0]);
+      /* 1 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[16]);       MULADD(at[1], at[15]); 
+      COMBA_STORE(C->dp[1]);
+      /* 2 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[17]);       MULADD(at[1], at[16]);       MULADD(at[2], at[15]); 
+      COMBA_STORE(C->dp[2]);
+      /* 3 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[18]);       MULADD(at[1], at[17]);       MULADD(at[2], at[16]);       MULADD(at[3], at[15]); 
+      COMBA_STORE(C->dp[3]);
+      /* 4 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[19]);       MULADD(at[1], at[18]);       MULADD(at[2], at[17]);       MULADD(at[3], at[16]);       MULADD(at[4], at[15]); 
+      COMBA_STORE(C->dp[4]);
+      /* 5 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[20]);       MULADD(at[1], at[19]);       MULADD(at[2], at[18]);       MULADD(at[3], at[17]);       MULADD(at[4], at[16]);       MULADD(at[5], at[15]); 
+      COMBA_STORE(C->dp[5]);
+      /* 6 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[21]);       MULADD(at[1], at[20]);       MULADD(at[2], at[19]);       MULADD(at[3], at[18]);       MULADD(at[4], at[17]);       MULADD(at[5], at[16]);       MULADD(at[6], at[15]); 
+      COMBA_STORE(C->dp[6]);
+      /* 7 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[22]);       MULADD(at[1], at[21]);       MULADD(at[2], at[20]);       MULADD(at[3], at[19]);       MULADD(at[4], at[18]);       MULADD(at[5], at[17]);       MULADD(at[6], at[16]);       MULADD(at[7], at[15]); 
+      COMBA_STORE(C->dp[7]);
+      /* 8 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[23]);       MULADD(at[1], at[22]);       MULADD(at[2], at[21]);       MULADD(at[3], at[20]);       MULADD(at[4], at[19]);       MULADD(at[5], at[18]);       MULADD(at[6], at[17]);       MULADD(at[7], at[16]);       MULADD(at[8], at[15]); 
+      COMBA_STORE(C->dp[8]);
+      /* 9 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[24]);       MULADD(at[1], at[23]);       MULADD(at[2], at[22]);       MULADD(at[3], at[21]);       MULADD(at[4], at[20]);       MULADD(at[5], at[19]);       MULADD(at[6], at[18]);       MULADD(at[7], at[17]);       MULADD(at[8], at[16]);       MULADD(at[9], at[15]); 
+      COMBA_STORE(C->dp[9]);
+      /* 10 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[25]);       MULADD(at[1], at[24]);       MULADD(at[2], at[23]);       MULADD(at[3], at[22]);       MULADD(at[4], at[21]);       MULADD(at[5], at[20]);       MULADD(at[6], at[19]);       MULADD(at[7], at[18]);       MULADD(at[8], at[17]);       MULADD(at[9], at[16]);       MULADD(at[10], at[15]); 
+      COMBA_STORE(C->dp[10]);
+      /* 11 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[26]);       MULADD(at[1], at[25]);       MULADD(at[2], at[24]);       MULADD(at[3], at[23]);       MULADD(at[4], at[22]);       MULADD(at[5], at[21]);       MULADD(at[6], at[20]);       MULADD(at[7], at[19]);       MULADD(at[8], at[18]);       MULADD(at[9], at[17]);       MULADD(at[10], at[16]);       MULADD(at[11], at[15]); 
+      COMBA_STORE(C->dp[11]);
+      /* 12 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[27]);       MULADD(at[1], at[26]);       MULADD(at[2], at[25]);       MULADD(at[3], at[24]);       MULADD(at[4], at[23]);       MULADD(at[5], at[22]);       MULADD(at[6], at[21]);       MULADD(at[7], at[20]);       MULADD(at[8], at[19]);       MULADD(at[9], at[18]);       MULADD(at[10], at[17]);       MULADD(at[11], at[16]);       MULADD(at[12], at[15]); 
+      COMBA_STORE(C->dp[12]);
+      /* 13 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[28]);       MULADD(at[1], at[27]);       MULADD(at[2], at[26]);       MULADD(at[3], at[25]);       MULADD(at[4], at[24]);       MULADD(at[5], at[23]);       MULADD(at[6], at[22]);       MULADD(at[7], at[21]);       MULADD(at[8], at[20]);       MULADD(at[9], at[19]);       MULADD(at[10], at[18]);       MULADD(at[11], at[17]);       MULADD(at[12], at[16]);       MULADD(at[13], at[15]); 
+      COMBA_STORE(C->dp[13]);
+      /* 14 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[29]);       MULADD(at[1], at[28]);       MULADD(at[2], at[27]);       MULADD(at[3], at[26]);       MULADD(at[4], at[25]);       MULADD(at[5], at[24]);       MULADD(at[6], at[23]);       MULADD(at[7], at[22]);       MULADD(at[8], at[21]);       MULADD(at[9], at[20]);       MULADD(at[10], at[19]);       MULADD(at[11], at[18]);       MULADD(at[12], at[17]);       MULADD(at[13], at[16]);       MULADD(at[14], at[15]); 
+      COMBA_STORE(C->dp[14]);
+      /* 15 */
+      COMBA_FORWARD;
+      MULADD(at[1], at[29]);       MULADD(at[2], at[28]);       MULADD(at[3], at[27]);       MULADD(at[4], at[26]);       MULADD(at[5], at[25]);       MULADD(at[6], at[24]);       MULADD(at[7], at[23]);       MULADD(at[8], at[22]);       MULADD(at[9], at[21]);       MULADD(at[10], at[20]);       MULADD(at[11], at[19]);       MULADD(at[12], at[18]);       MULADD(at[13], at[17]);       MULADD(at[14], at[16]); 
+      COMBA_STORE(C->dp[15]);
+      /* 16 */
+      COMBA_FORWARD;
+      MULADD(at[2], at[29]);       MULADD(at[3], at[28]);       MULADD(at[4], at[27]);       MULADD(at[5], at[26]);       MULADD(at[6], at[25]);       MULADD(at[7], at[24]);       MULADD(at[8], at[23]);       MULADD(at[9], at[22]);       MULADD(at[10], at[21]);       MULADD(at[11], at[20]);       MULADD(at[12], at[19]);       MULADD(at[13], at[18]);       MULADD(at[14], at[17]); 
+      COMBA_STORE(C->dp[16]);
+      /* 17 */
+      COMBA_FORWARD;
+      MULADD(at[3], at[29]);       MULADD(at[4], at[28]);       MULADD(at[5], at[27]);       MULADD(at[6], at[26]);       MULADD(at[7], at[25]);       MULADD(at[8], at[24]);       MULADD(at[9], at[23]);       MULADD(at[10], at[22]);       MULADD(at[11], at[21]);       MULADD(at[12], at[20]);       MULADD(at[13], at[19]);       MULADD(at[14], at[18]); 
+      COMBA_STORE(C->dp[17]);
+      /* 18 */
+      COMBA_FORWARD;
+      MULADD(at[4], at[29]);       MULADD(at[5], at[28]);       MULADD(at[6], at[27]);       MULADD(at[7], at[26]);       MULADD(at[8], at[25]);       MULADD(at[9], at[24]);       MULADD(at[10], at[23]);       MULADD(at[11], at[22]);       MULADD(at[12], at[21]);       MULADD(at[13], at[20]);       MULADD(at[14], at[19]); 
+      COMBA_STORE(C->dp[18]);
+      /* 19 */
+      COMBA_FORWARD;
+      MULADD(at[5], at[29]);       MULADD(at[6], at[28]);       MULADD(at[7], at[27]);       MULADD(at[8], at[26]);       MULADD(at[9], at[25]);       MULADD(at[10], at[24]);       MULADD(at[11], at[23]);       MULADD(at[12], at[22]);       MULADD(at[13], at[21]);       MULADD(at[14], at[20]); 
+      COMBA_STORE(C->dp[19]);
+      /* 20 */
+      COMBA_FORWARD;
+      MULADD(at[6], at[29]);       MULADD(at[7], at[28]);       MULADD(at[8], at[27]);       MULADD(at[9], at[26]);       MULADD(at[10], at[25]);       MULADD(at[11], at[24]);       MULADD(at[12], at[23]);       MULADD(at[13], at[22]);       MULADD(at[14], at[21]); 
+      COMBA_STORE(C->dp[20]);
+      /* 21 */
+      COMBA_FORWARD;
+      MULADD(at[7], at[29]);       MULADD(at[8], at[28]);       MULADD(at[9], at[27]);       MULADD(at[10], at[26]);       MULADD(at[11], at[25]);       MULADD(at[12], at[24]);       MULADD(at[13], at[23]);       MULADD(at[14], at[22]); 
+      COMBA_STORE(C->dp[21]);
+      /* 22 */
+      COMBA_FORWARD;
+      MULADD(at[8], at[29]);       MULADD(at[9], at[28]);       MULADD(at[10], at[27]);       MULADD(at[11], at[26]);       MULADD(at[12], at[25]);       MULADD(at[13], at[24]);       MULADD(at[14], at[23]); 
+      COMBA_STORE(C->dp[22]);
+      /* 23 */
+      COMBA_FORWARD;
+      MULADD(at[9], at[29]);       MULADD(at[10], at[28]);       MULADD(at[11], at[27]);       MULADD(at[12], at[26]);       MULADD(at[13], at[25]);       MULADD(at[14], at[24]); 
+      COMBA_STORE(C->dp[23]);
+      /* 24 */
+      COMBA_FORWARD;
+      MULADD(at[10], at[29]);       MULADD(at[11], at[28]);       MULADD(at[12], at[27]);       MULADD(at[13], at[26]);       MULADD(at[14], at[25]); 
+      COMBA_STORE(C->dp[24]);
+      /* 25 */
+      COMBA_FORWARD;
+      MULADD(at[11], at[29]);       MULADD(at[12], at[28]);       MULADD(at[13], at[27]);       MULADD(at[14], at[26]); 
+      COMBA_STORE(C->dp[25]);
+      /* 26 */
+      COMBA_FORWARD;
+      MULADD(at[12], at[29]);       MULADD(at[13], at[28]);       MULADD(at[14], at[27]); 
+      COMBA_STORE(C->dp[26]);
+      /* 27 */
+      COMBA_FORWARD;
+      MULADD(at[13], at[29]);       MULADD(at[14], at[28]); 
+      COMBA_STORE(C->dp[27]);
+      /* 28 */
+      COMBA_FORWARD;
+      MULADD(at[14], at[29]); 
+      COMBA_STORE(C->dp[28]);
+      COMBA_STORE2(C->dp[29]);
+      C->used = 30;
+      C->sign = A->sign ^ B->sign;
+      fp_clamp(C);
+      COMBA_FINI;
+      break;
+
+   case 16:
+      memcpy(at, A->dp, 16 * sizeof(fp_digit));
+      memcpy(at+16, B->dp, 16 * sizeof(fp_digit));
+      COMBA_START;
+
+      COMBA_CLEAR;
+      /* 0 */
+      MULADD(at[0], at[16]); 
+      COMBA_STORE(C->dp[0]);
+      /* 1 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[17]);       MULADD(at[1], at[16]); 
+      COMBA_STORE(C->dp[1]);
+      /* 2 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[18]);       MULADD(at[1], at[17]);       MULADD(at[2], at[16]); 
+      COMBA_STORE(C->dp[2]);
+      /* 3 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[19]);       MULADD(at[1], at[18]);       MULADD(at[2], at[17]);       MULADD(at[3], at[16]); 
+      COMBA_STORE(C->dp[3]);
+      /* 4 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[20]);       MULADD(at[1], at[19]);       MULADD(at[2], at[18]);       MULADD(at[3], at[17]);       MULADD(at[4], at[16]); 
+      COMBA_STORE(C->dp[4]);
+      /* 5 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[21]);       MULADD(at[1], at[20]);       MULADD(at[2], at[19]);       MULADD(at[3], at[18]);       MULADD(at[4], at[17]);       MULADD(at[5], at[16]); 
+      COMBA_STORE(C->dp[5]);
+      /* 6 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[22]);       MULADD(at[1], at[21]);       MULADD(at[2], at[20]);       MULADD(at[3], at[19]);       MULADD(at[4], at[18]);       MULADD(at[5], at[17]);       MULADD(at[6], at[16]); 
+      COMBA_STORE(C->dp[6]);
+      /* 7 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[23]);       MULADD(at[1], at[22]);       MULADD(at[2], at[21]);       MULADD(at[3], at[20]);       MULADD(at[4], at[19]);       MULADD(at[5], at[18]);       MULADD(at[6], at[17]);       MULADD(at[7], at[16]); 
+      COMBA_STORE(C->dp[7]);
+      /* 8 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[24]);       MULADD(at[1], at[23]);       MULADD(at[2], at[22]);       MULADD(at[3], at[21]);       MULADD(at[4], at[20]);       MULADD(at[5], at[19]);       MULADD(at[6], at[18]);       MULADD(at[7], at[17]);       MULADD(at[8], at[16]); 
+      COMBA_STORE(C->dp[8]);
+      /* 9 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[25]);       MULADD(at[1], at[24]);       MULADD(at[2], at[23]);       MULADD(at[3], at[22]);       MULADD(at[4], at[21]);       MULADD(at[5], at[20]);       MULADD(at[6], at[19]);       MULADD(at[7], at[18]);       MULADD(at[8], at[17]);       MULADD(at[9], at[16]); 
+      COMBA_STORE(C->dp[9]);
+      /* 10 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[26]);       MULADD(at[1], at[25]);       MULADD(at[2], at[24]);       MULADD(at[3], at[23]);       MULADD(at[4], at[22]);       MULADD(at[5], at[21]);       MULADD(at[6], at[20]);       MULADD(at[7], at[19]);       MULADD(at[8], at[18]);       MULADD(at[9], at[17]);       MULADD(at[10], at[16]); 
+      COMBA_STORE(C->dp[10]);
+      /* 11 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[27]);       MULADD(at[1], at[26]);       MULADD(at[2], at[25]);       MULADD(at[3], at[24]);       MULADD(at[4], at[23]);       MULADD(at[5], at[22]);       MULADD(at[6], at[21]);       MULADD(at[7], at[20]);       MULADD(at[8], at[19]);       MULADD(at[9], at[18]);       MULADD(at[10], at[17]);       MULADD(at[11], at[16]); 
+      COMBA_STORE(C->dp[11]);
+      /* 12 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[28]);       MULADD(at[1], at[27]);       MULADD(at[2], at[26]);       MULADD(at[3], at[25]);       MULADD(at[4], at[24]);       MULADD(at[5], at[23]);       MULADD(at[6], at[22]);       MULADD(at[7], at[21]);       MULADD(at[8], at[20]);       MULADD(at[9], at[19]);       MULADD(at[10], at[18]);       MULADD(at[11], at[17]);       MULADD(at[12], at[16]); 
+      COMBA_STORE(C->dp[12]);
+      /* 13 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[29]);       MULADD(at[1], at[28]);       MULADD(at[2], at[27]);       MULADD(at[3], at[26]);       MULADD(at[4], at[25]);       MULADD(at[5], at[24]);       MULADD(at[6], at[23]);       MULADD(at[7], at[22]);       MULADD(at[8], at[21]);       MULADD(at[9], at[20]);       MULADD(at[10], at[19]);       MULADD(at[11], at[18]);       MULADD(at[12], at[17]);       MULADD(at[13], at[16]); 
+      COMBA_STORE(C->dp[13]);
+      /* 14 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[30]);       MULADD(at[1], at[29]);       MULADD(at[2], at[28]);       MULADD(at[3], at[27]);       MULADD(at[4], at[26]);       MULADD(at[5], at[25]);       MULADD(at[6], at[24]);       MULADD(at[7], at[23]);       MULADD(at[8], at[22]);       MULADD(at[9], at[21]);       MULADD(at[10], at[20]);       MULADD(at[11], at[19]);       MULADD(at[12], at[18]);       MULADD(at[13], at[17]);       MULADD(at[14], at[16]); 
+      COMBA_STORE(C->dp[14]);
+      /* 15 */
+      COMBA_FORWARD;
+      MULADD(at[0], at[31]);       MULADD(at[1], at[30]);       MULADD(at[2], at[29]);       MULADD(at[3], at[28]);       MULADD(at[4], at[27]);       MULADD(at[5], at[26]);       MULADD(at[6], at[25]);       MULADD(at[7], at[24]);       MULADD(at[8], at[23]);       MULADD(at[9], at[22]);       MULADD(at[10], at[21]);       MULADD(at[11], at[20]);       MULADD(at[12], at[19]);       MULADD(at[13], at[18]);       MULADD(at[14], at[17]);       MULADD(at[15], at[16]); 
+      COMBA_STORE(C->dp[15]);
+      /* 16 */
+      COMBA_FORWARD;
+      MULADD(at[1], at[31]);       MULADD(at[2], at[30]);       MULADD(at[3], at[29]);       MULADD(at[4], at[28]);       MULADD(at[5], at[27]);       MULADD(at[6], at[26]);       MULADD(at[7], at[25]);       MULADD(at[8], at[24]);       MULADD(at[9], at[23]);       MULADD(at[10], at[22]);       MULADD(at[11], at[21]);       MULADD(at[12], at[20]);       MULADD(at[13], at[19]);       MULADD(at[14], at[18]);       MULADD(at[15], at[17]); 
+      COMBA_STORE(C->dp[16]);
+      /* 17 */
+      COMBA_FORWARD;
+      MULADD(at[2], at[31]);       MULADD(at[3], at[30]);       MULADD(at[4], at[29]);       MULADD(at[5], at[28]);       MULADD(at[6], at[27]);       MULADD(at[7], at[26]);       MULADD(at[8], at[25]);       MULADD(at[9], at[24]);       MULADD(at[10], at[23]);       MULADD(at[11], at[22]);       MULADD(at[12], at[21]);       MULADD(at[13], at[20]);       MULADD(at[14], at[19]);       MULADD(at[15], at[18]); 
+      COMBA_STORE(C->dp[17]);
+      /* 18 */
+      COMBA_FORWARD;
+      MULADD(at[3], at[31]);       MULADD(at[4], at[30]);       MULADD(at[5], at[29]);       MULADD(at[6], at[28]);       MULADD(at[7], at[27]);       MULADD(at[8], at[26]);       MULADD(at[9], at[25]);       MULADD(at[10], at[24]);       MULADD(at[11], at[23]);       MULADD(at[12], at[22]);       MULADD(at[13], at[21]);       MULADD(at[14], at[20]);       MULADD(at[15], at[19]); 
+      COMBA_STORE(C->dp[18]);
+      /* 19 */
+      COMBA_FORWARD;
+      MULADD(at[4], at[31]);       MULADD(at[5], at[30]);       MULADD(at[6], at[29]);       MULADD(at[7], at[28]);       MULADD(at[8], at[27]);       MULADD(at[9], at[26]);       MULADD(at[10], at[25]);       MULADD(at[11], at[24]);       MULADD(at[12], at[23]);       MULADD(at[13], at[22]);       MULADD(at[14], at[21]);       MULADD(at[15], at[20]); 
+      COMBA_STORE(C->dp[19]);
+      /* 20 */
+      COMBA_FORWARD;
+      MULADD(at[5], at[31]);       MULADD(at[6], at[30]);       MULADD(at[7], at[29]);       MULADD(at[8], at[28]);       MULADD(at[9], at[27]);       MULADD(at[10], at[26]);       MULADD(at[11], at[25]);       MULADD(at[12], at[24]);       MULADD(at[13], at[23]);       MULADD(at[14], at[22]);       MULADD(at[15], at[21]); 
+      COMBA_STORE(C->dp[20]);
+      /* 21 */
+      COMBA_FORWARD;
+      MULADD(at[6], at[31]);       MULADD(at[7], at[30]);       MULADD(at[8], at[29]);       MULADD(at[9], at[28]);       MULADD(at[10], at[27]);       MULADD(at[11], at[26]);       MULADD(at[12], at[25]);       MULADD(at[13], at[24]);       MULADD(at[14], at[23]);       MULADD(at[15], at[22]); 
+      COMBA_STORE(C->dp[21]);
+      /* 22 */
+      COMBA_FORWARD;
+      MULADD(at[7], at[31]);       MULADD(at[8], at[30]);       MULADD(at[9], at[29]);       MULADD(at[10], at[28]);       MULADD(at[11], at[27]);       MULADD(at[12], at[26]);       MULADD(at[13], at[25]);       MULADD(at[14], at[24]);       MULADD(at[15], at[23]); 
+      COMBA_STORE(C->dp[22]);
+      /* 23 */
+      COMBA_FORWARD;
+      MULADD(at[8], at[31]);       MULADD(at[9], at[30]);       MULADD(at[10], at[29]);       MULADD(at[11], at[28]);       MULADD(at[12], at[27]);       MULADD(at[13], at[26]);       MULADD(at[14], at[25]);       MULADD(at[15], at[24]); 
+      COMBA_STORE(C->dp[23]);
+      /* 24 */
+      COMBA_FORWARD;
+      MULADD(at[9], at[31]);       MULADD(at[10], at[30]);       MULADD(at[11], at[29]);       MULADD(at[12], at[28]);       MULADD(at[13], at[27]);       MULADD(at[14], at[26]);       MULADD(at[15], at[25]); 
+      COMBA_STORE(C->dp[24]);
+      /* 25 */
+      COMBA_FORWARD;
+      MULADD(at[10], at[31]);       MULADD(at[11], at[30]);       MULADD(at[12], at[29]);       MULADD(at[13], at[28]);       MULADD(at[14], at[27]);       MULADD(at[15], at[26]); 
+      COMBA_STORE(C->dp[25]);
+      /* 26 */
+      COMBA_FORWARD;
+      MULADD(at[11], at[31]);       MULADD(at[12], at[30]);       MULADD(at[13], at[29]);       MULADD(at[14], at[28]);       MULADD(at[15], at[27]); 
+      COMBA_STORE(C->dp[26]);
+      /* 27 */
+      COMBA_FORWARD;
+      MULADD(at[12], at[31]);       MULADD(at[13], at[30]);       MULADD(at[14], at[29]);       MULADD(at[15], at[28]); 
+      COMBA_STORE(C->dp[27]);
+      /* 28 */
+      COMBA_FORWARD;
+      MULADD(at[13], at[31]);       MULADD(at[14], at[30]);       MULADD(at[15], at[29]); 
+      COMBA_STORE(C->dp[28]);
+      /* 29 */
+      COMBA_FORWARD;
+      MULADD(at[14], at[31]);       MULADD(at[15], at[30]); 
+      COMBA_STORE(C->dp[29]);
+      /* 30 */
+      COMBA_FORWARD;
+      MULADD(at[15], at[31]); 
+      COMBA_STORE(C->dp[30]);
+      COMBA_STORE2(C->dp[31]);
+      C->used = 32;
+      C->sign = A->sign ^ B->sign;
+      fp_clamp(C);
+      COMBA_FINI;
+      break;
+
+   default:
+      break;
+   }
+}
+
+#endif
diff --git a/3P/wolfssl/wolfcrypt/src/fp_sqr_comba_12.i b/3P/wolfssl/wolfcrypt/src/fp_sqr_comba_12.i
new file mode 100644
index 00000000..078b8986
--- /dev/null
+++ b/3P/wolfssl/wolfcrypt/src/fp_sqr_comba_12.i
@@ -0,0 +1,159 @@
+/* fp_sqr_comba_12.i
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#ifdef TFM_SQR12
+void fp_sqr_comba12(fp_int *A, fp_int *B)
+{
+   fp_digit *a, b[24], c0, c1, c2, sc0, sc1, sc2;
+#ifdef TFM_ISO
+   fp_word tt;
+#endif
+   a = A->dp;
+   COMBA_START; 
+
+   /* clear carries */
+   CLEAR_CARRY;
+
+   /* output 0 */
+   SQRADD(a[0],a[0]);
+   COMBA_STORE(b[0]);
+
+   /* output 1 */
+   CARRY_FORWARD;
+   SQRADD2(a[0], a[1]); 
+   COMBA_STORE(b[1]);
+
+   /* output 2 */
+   CARRY_FORWARD;
+   SQRADD2(a[0], a[2]); SQRADD(a[1], a[1]); 
+   COMBA_STORE(b[2]);
+
+   /* output 3 */
+   CARRY_FORWARD;
+   SQRADD2(a[0], a[3]); SQRADD2(a[1], a[2]); 
+   COMBA_STORE(b[3]);
+
+   /* output 4 */
+   CARRY_FORWARD;
+   SQRADD2(a[0], a[4]); SQRADD2(a[1], a[3]); SQRADD(a[2], a[2]); 
+   COMBA_STORE(b[4]);
+
+   /* output 5 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[5]); SQRADDAC(a[1], a[4]); SQRADDAC(a[2], a[3]); SQRADDDB; 
+   COMBA_STORE(b[5]);
+
+   /* output 6 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[6]); SQRADDAC(a[1], a[5]); SQRADDAC(a[2], a[4]); SQRADDDB; SQRADD(a[3], a[3]); 
+   COMBA_STORE(b[6]);
+
+   /* output 7 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[7]); SQRADDAC(a[1], a[6]); SQRADDAC(a[2], a[5]); SQRADDAC(a[3], a[4]); SQRADDDB; 
+   COMBA_STORE(b[7]);
+
+   /* output 8 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[8]); SQRADDAC(a[1], a[7]); SQRADDAC(a[2], a[6]); SQRADDAC(a[3], a[5]); SQRADDDB; SQRADD(a[4], a[4]); 
+   COMBA_STORE(b[8]);
+
+   /* output 9 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[9]); SQRADDAC(a[1], a[8]); SQRADDAC(a[2], a[7]); SQRADDAC(a[3], a[6]); SQRADDAC(a[4], a[5]); SQRADDDB; 
+   COMBA_STORE(b[9]);
+
+   /* output 10 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[10]); SQRADDAC(a[1], a[9]); SQRADDAC(a[2], a[8]); SQRADDAC(a[3], a[7]); SQRADDAC(a[4], a[6]); SQRADDDB; SQRADD(a[5], a[5]); 
+   COMBA_STORE(b[10]);
+
+   /* output 11 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[11]); SQRADDAC(a[1], a[10]); SQRADDAC(a[2], a[9]); SQRADDAC(a[3], a[8]); SQRADDAC(a[4], a[7]); SQRADDAC(a[5], a[6]); SQRADDDB; 
+   COMBA_STORE(b[11]);
+
+   /* output 12 */
+   CARRY_FORWARD;
+   SQRADDSC(a[1], a[11]); SQRADDAC(a[2], a[10]); SQRADDAC(a[3], a[9]); SQRADDAC(a[4], a[8]); SQRADDAC(a[5], a[7]); SQRADDDB; SQRADD(a[6], a[6]); 
+   COMBA_STORE(b[12]);
+
+   /* output 13 */
+   CARRY_FORWARD;
+   SQRADDSC(a[2], a[11]); SQRADDAC(a[3], a[10]); SQRADDAC(a[4], a[9]); SQRADDAC(a[5], a[8]); SQRADDAC(a[6], a[7]); SQRADDDB; 
+   COMBA_STORE(b[13]);
+
+   /* output 14 */
+   CARRY_FORWARD;
+   SQRADDSC(a[3], a[11]); SQRADDAC(a[4], a[10]); SQRADDAC(a[5], a[9]); SQRADDAC(a[6], a[8]); SQRADDDB; SQRADD(a[7], a[7]); 
+   COMBA_STORE(b[14]);
+
+   /* output 15 */
+   CARRY_FORWARD;
+   SQRADDSC(a[4], a[11]); SQRADDAC(a[5], a[10]); SQRADDAC(a[6], a[9]); SQRADDAC(a[7], a[8]); SQRADDDB; 
+   COMBA_STORE(b[15]);
+
+   /* output 16 */
+   CARRY_FORWARD;
+   SQRADDSC(a[5], a[11]); SQRADDAC(a[6], a[10]); SQRADDAC(a[7], a[9]); SQRADDDB; SQRADD(a[8], a[8]); 
+   COMBA_STORE(b[16]);
+
+   /* output 17 */
+   CARRY_FORWARD;
+   SQRADDSC(a[6], a[11]); SQRADDAC(a[7], a[10]); SQRADDAC(a[8], a[9]); SQRADDDB; 
+   COMBA_STORE(b[17]);
+
+   /* output 18 */
+   CARRY_FORWARD;
+   SQRADD2(a[7], a[11]); SQRADD2(a[8], a[10]); SQRADD(a[9], a[9]); 
+   COMBA_STORE(b[18]);
+
+   /* output 19 */
+   CARRY_FORWARD;
+   SQRADD2(a[8], a[11]); SQRADD2(a[9], a[10]); 
+   COMBA_STORE(b[19]);
+
+   /* output 20 */
+   CARRY_FORWARD;
+   SQRADD2(a[9], a[11]); SQRADD(a[10], a[10]); 
+   COMBA_STORE(b[20]);
+
+   /* output 21 */
+   CARRY_FORWARD;
+   SQRADD2(a[10], a[11]); 
+   COMBA_STORE(b[21]);
+
+   /* output 22 */
+   CARRY_FORWARD;
+   SQRADD(a[11], a[11]); 
+   COMBA_STORE(b[22]);
+   COMBA_STORE2(b[23]);
+   COMBA_FINI;
+
+   B->used = 24;
+   B->sign = FP_ZPOS;
+   memcpy(B->dp, b, 24 * sizeof(fp_digit));
+   fp_clamp(B);
+}
+#endif
+
+
diff --git a/3P/wolfssl/wolfcrypt/src/fp_sqr_comba_17.i b/3P/wolfssl/wolfcrypt/src/fp_sqr_comba_17.i
new file mode 100644
index 00000000..d5f4674f
--- /dev/null
+++ b/3P/wolfssl/wolfcrypt/src/fp_sqr_comba_17.i
@@ -0,0 +1,210 @@
+/* fp_sqr_comba_17.i
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#ifdef TFM_SQR17
+void fp_sqr_comba17(fp_int *A, fp_int *B)
+{
+   fp_digit *a, b[34], c0, c1, c2, sc0, sc1, sc2;
+#ifdef TFM_ISO
+   fp_word tt;
+#endif
+
+   a = A->dp;
+   COMBA_START; 
+
+   /* clear carries */
+   CLEAR_CARRY;
+
+   /* output 0 */
+   SQRADD(a[0],a[0]);
+   COMBA_STORE(b[0]);
+
+   /* output 1 */
+   CARRY_FORWARD;
+   SQRADD2(a[0], a[1]); 
+   COMBA_STORE(b[1]);
+
+   /* output 2 */
+   CARRY_FORWARD;
+   SQRADD2(a[0], a[2]); SQRADD(a[1], a[1]); 
+   COMBA_STORE(b[2]);
+
+   /* output 3 */
+   CARRY_FORWARD;
+   SQRADD2(a[0], a[3]); SQRADD2(a[1], a[2]); 
+   COMBA_STORE(b[3]);
+
+   /* output 4 */
+   CARRY_FORWARD;
+   SQRADD2(a[0], a[4]); SQRADD2(a[1], a[3]); SQRADD(a[2], a[2]); 
+   COMBA_STORE(b[4]);
+
+   /* output 5 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[5]); SQRADDAC(a[1], a[4]); SQRADDAC(a[2], a[3]); SQRADDDB; 
+   COMBA_STORE(b[5]);
+
+   /* output 6 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[6]); SQRADDAC(a[1], a[5]); SQRADDAC(a[2], a[4]); SQRADDDB; SQRADD(a[3], a[3]); 
+   COMBA_STORE(b[6]);
+
+   /* output 7 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[7]); SQRADDAC(a[1], a[6]); SQRADDAC(a[2], a[5]); SQRADDAC(a[3], a[4]); SQRADDDB; 
+   COMBA_STORE(b[7]);
+
+   /* output 8 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[8]); SQRADDAC(a[1], a[7]); SQRADDAC(a[2], a[6]); SQRADDAC(a[3], a[5]); SQRADDDB; SQRADD(a[4], a[4]); 
+   COMBA_STORE(b[8]);
+
+   /* output 9 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[9]); SQRADDAC(a[1], a[8]); SQRADDAC(a[2], a[7]); SQRADDAC(a[3], a[6]); SQRADDAC(a[4], a[5]); SQRADDDB; 
+   COMBA_STORE(b[9]);
+
+   /* output 10 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[10]); SQRADDAC(a[1], a[9]); SQRADDAC(a[2], a[8]); SQRADDAC(a[3], a[7]); SQRADDAC(a[4], a[6]); SQRADDDB; SQRADD(a[5], a[5]); 
+   COMBA_STORE(b[10]);
+
+   /* output 11 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[11]); SQRADDAC(a[1], a[10]); SQRADDAC(a[2], a[9]); SQRADDAC(a[3], a[8]); SQRADDAC(a[4], a[7]); SQRADDAC(a[5], a[6]); SQRADDDB; 
+   COMBA_STORE(b[11]);
+
+   /* output 12 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[12]); SQRADDAC(a[1], a[11]); SQRADDAC(a[2], a[10]); SQRADDAC(a[3], a[9]); SQRADDAC(a[4], a[8]); SQRADDAC(a[5], a[7]); SQRADDDB; SQRADD(a[6], a[6]); 
+   COMBA_STORE(b[12]);
+
+   /* output 13 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[13]); SQRADDAC(a[1], a[12]); SQRADDAC(a[2], a[11]); SQRADDAC(a[3], a[10]); SQRADDAC(a[4], a[9]); SQRADDAC(a[5], a[8]); SQRADDAC(a[6], a[7]); SQRADDDB; 
+   COMBA_STORE(b[13]);
+
+   /* output 14 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[14]); SQRADDAC(a[1], a[13]); SQRADDAC(a[2], a[12]); SQRADDAC(a[3], a[11]); SQRADDAC(a[4], a[10]); SQRADDAC(a[5], a[9]); SQRADDAC(a[6], a[8]); SQRADDDB; SQRADD(a[7], a[7]); 
+   COMBA_STORE(b[14]);
+
+   /* output 15 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[15]); SQRADDAC(a[1], a[14]); SQRADDAC(a[2], a[13]); SQRADDAC(a[3], a[12]); SQRADDAC(a[4], a[11]); SQRADDAC(a[5], a[10]); SQRADDAC(a[6], a[9]); SQRADDAC(a[7], a[8]); SQRADDDB; 
+   COMBA_STORE(b[15]);
+
+   /* output 16 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[16]); SQRADDAC(a[1], a[15]); SQRADDAC(a[2], a[14]); SQRADDAC(a[3], a[13]); SQRADDAC(a[4], a[12]); SQRADDAC(a[5], a[11]); SQRADDAC(a[6], a[10]); SQRADDAC(a[7], a[9]); SQRADDDB; SQRADD(a[8], a[8]); 
+   COMBA_STORE(b[16]);
+
+   /* output 17 */
+   CARRY_FORWARD;
+   SQRADDSC(a[1], a[16]); SQRADDAC(a[2], a[15]); SQRADDAC(a[3], a[14]); SQRADDAC(a[4], a[13]); SQRADDAC(a[5], a[12]); SQRADDAC(a[6], a[11]); SQRADDAC(a[7], a[10]); SQRADDAC(a[8], a[9]); SQRADDDB; 
+   COMBA_STORE(b[17]);
+
+   /* output 18 */
+   CARRY_FORWARD;
+   SQRADDSC(a[2], a[16]); SQRADDAC(a[3], a[15]); SQRADDAC(a[4], a[14]); SQRADDAC(a[5], a[13]); SQRADDAC(a[6], a[12]); SQRADDAC(a[7], a[11]); SQRADDAC(a[8], a[10]); SQRADDDB; SQRADD(a[9], a[9]); 
+   COMBA_STORE(b[18]);
+
+   /* output 19 */
+   CARRY_FORWARD;
+   SQRADDSC(a[3], a[16]); SQRADDAC(a[4], a[15]); SQRADDAC(a[5], a[14]); SQRADDAC(a[6], a[13]); SQRADDAC(a[7], a[12]); SQRADDAC(a[8], a[11]); SQRADDAC(a[9], a[10]); SQRADDDB; 
+   COMBA_STORE(b[19]);
+
+   /* output 20 */
+   CARRY_FORWARD;
+   SQRADDSC(a[4], a[16]); SQRADDAC(a[5], a[15]); SQRADDAC(a[6], a[14]); SQRADDAC(a[7], a[13]); SQRADDAC(a[8], a[12]); SQRADDAC(a[9], a[11]); SQRADDDB; SQRADD(a[10], a[10]); 
+   COMBA_STORE(b[20]);
+
+   /* output 21 */
+   CARRY_FORWARD;
+   SQRADDSC(a[5], a[16]); SQRADDAC(a[6], a[15]); SQRADDAC(a[7], a[14]); SQRADDAC(a[8], a[13]); SQRADDAC(a[9], a[12]); SQRADDAC(a[10], a[11]); SQRADDDB; 
+   COMBA_STORE(b[21]);
+
+   /* output 22 */
+   CARRY_FORWARD;
+   SQRADDSC(a[6], a[16]); SQRADDAC(a[7], a[15]); SQRADDAC(a[8], a[14]); SQRADDAC(a[9], a[13]); SQRADDAC(a[10], a[12]); SQRADDDB; SQRADD(a[11], a[11]); 
+   COMBA_STORE(b[22]);
+
+   /* output 23 */
+   CARRY_FORWARD;
+   SQRADDSC(a[7], a[16]); SQRADDAC(a[8], a[15]); SQRADDAC(a[9], a[14]); SQRADDAC(a[10], a[13]); SQRADDAC(a[11], a[12]); SQRADDDB; 
+   COMBA_STORE(b[23]);
+
+   /* output 24 */
+   CARRY_FORWARD;
+   SQRADDSC(a[8], a[16]); SQRADDAC(a[9], a[15]); SQRADDAC(a[10], a[14]); SQRADDAC(a[11], a[13]); SQRADDDB; SQRADD(a[12], a[12]); 
+   COMBA_STORE(b[24]);
+
+   /* output 25 */
+   CARRY_FORWARD;
+   SQRADDSC(a[9], a[16]); SQRADDAC(a[10], a[15]); SQRADDAC(a[11], a[14]); SQRADDAC(a[12], a[13]); SQRADDDB; 
+   COMBA_STORE(b[25]);
+
+   /* output 26 */
+   CARRY_FORWARD;
+   SQRADDSC(a[10], a[16]); SQRADDAC(a[11], a[15]); SQRADDAC(a[12], a[14]); SQRADDDB; SQRADD(a[13], a[13]); 
+   COMBA_STORE(b[26]);
+
+   /* output 27 */
+   CARRY_FORWARD;
+   SQRADDSC(a[11], a[16]); SQRADDAC(a[12], a[15]); SQRADDAC(a[13], a[14]); SQRADDDB; 
+   COMBA_STORE(b[27]);
+
+   /* output 28 */
+   CARRY_FORWARD;
+   SQRADD2(a[12], a[16]); SQRADD2(a[13], a[15]); SQRADD(a[14], a[14]); 
+   COMBA_STORE(b[28]);
+
+   /* output 29 */
+   CARRY_FORWARD;
+   SQRADD2(a[13], a[16]); SQRADD2(a[14], a[15]); 
+   COMBA_STORE(b[29]);
+
+   /* output 30 */
+   CARRY_FORWARD;
+   SQRADD2(a[14], a[16]); SQRADD(a[15], a[15]); 
+   COMBA_STORE(b[30]);
+
+   /* output 31 */
+   CARRY_FORWARD;
+   SQRADD2(a[15], a[16]); 
+   COMBA_STORE(b[31]);
+
+   /* output 32 */
+   CARRY_FORWARD;
+   SQRADD(a[16], a[16]); 
+   COMBA_STORE(b[32]);
+   COMBA_STORE2(b[33]);
+   COMBA_FINI;
+
+   B->used = 34;
+   B->sign = FP_ZPOS;
+   memcpy(B->dp, b, 34 * sizeof(fp_digit));
+   fp_clamp(B);
+}
+#endif
+
+
diff --git a/3P/wolfssl/wolfcrypt/src/fp_sqr_comba_20.i b/3P/wolfssl/wolfcrypt/src/fp_sqr_comba_20.i
new file mode 100644
index 00000000..dcd9f318
--- /dev/null
+++ b/3P/wolfssl/wolfcrypt/src/fp_sqr_comba_20.i
@@ -0,0 +1,240 @@
+/* fp_sqr_comba_20.i
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#ifdef TFM_SQR20
+void fp_sqr_comba20(fp_int *A, fp_int *B)
+{
+   fp_digit *a, b[40], c0, c1, c2, sc0, sc1, sc2;
+#ifdef TFM_ISO
+   fp_word   tt;   
+#endif   
+
+   a = A->dp;
+   COMBA_START; 
+
+   /* clear carries */
+   CLEAR_CARRY;
+
+   /* output 0 */
+   SQRADD(a[0],a[0]);
+   COMBA_STORE(b[0]);
+
+   /* output 1 */
+   CARRY_FORWARD;
+   SQRADD2(a[0], a[1]); 
+   COMBA_STORE(b[1]);
+
+   /* output 2 */
+   CARRY_FORWARD;
+   SQRADD2(a[0], a[2]); SQRADD(a[1], a[1]); 
+   COMBA_STORE(b[2]);
+
+   /* output 3 */
+   CARRY_FORWARD;
+   SQRADD2(a[0], a[3]); SQRADD2(a[1], a[2]); 
+   COMBA_STORE(b[3]);
+
+   /* output 4 */
+   CARRY_FORWARD;
+   SQRADD2(a[0], a[4]); SQRADD2(a[1], a[3]); SQRADD(a[2], a[2]); 
+   COMBA_STORE(b[4]);
+
+   /* output 5 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[5]); SQRADDAC(a[1], a[4]); SQRADDAC(a[2], a[3]); SQRADDDB; 
+   COMBA_STORE(b[5]);
+
+   /* output 6 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[6]); SQRADDAC(a[1], a[5]); SQRADDAC(a[2], a[4]); SQRADDDB; SQRADD(a[3], a[3]); 
+   COMBA_STORE(b[6]);
+
+   /* output 7 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[7]); SQRADDAC(a[1], a[6]); SQRADDAC(a[2], a[5]); SQRADDAC(a[3], a[4]); SQRADDDB; 
+   COMBA_STORE(b[7]);
+
+   /* output 8 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[8]); SQRADDAC(a[1], a[7]); SQRADDAC(a[2], a[6]); SQRADDAC(a[3], a[5]); SQRADDDB; SQRADD(a[4], a[4]); 
+   COMBA_STORE(b[8]);
+
+   /* output 9 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[9]); SQRADDAC(a[1], a[8]); SQRADDAC(a[2], a[7]); SQRADDAC(a[3], a[6]); SQRADDAC(a[4], a[5]); SQRADDDB; 
+   COMBA_STORE(b[9]);
+
+   /* output 10 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[10]); SQRADDAC(a[1], a[9]); SQRADDAC(a[2], a[8]); SQRADDAC(a[3], a[7]); SQRADDAC(a[4], a[6]); SQRADDDB; SQRADD(a[5], a[5]); 
+   COMBA_STORE(b[10]);
+
+   /* output 11 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[11]); SQRADDAC(a[1], a[10]); SQRADDAC(a[2], a[9]); SQRADDAC(a[3], a[8]); SQRADDAC(a[4], a[7]); SQRADDAC(a[5], a[6]); SQRADDDB; 
+   COMBA_STORE(b[11]);
+
+   /* output 12 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[12]); SQRADDAC(a[1], a[11]); SQRADDAC(a[2], a[10]); SQRADDAC(a[3], a[9]); SQRADDAC(a[4], a[8]); SQRADDAC(a[5], a[7]); SQRADDDB; SQRADD(a[6], a[6]); 
+   COMBA_STORE(b[12]);
+
+   /* output 13 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[13]); SQRADDAC(a[1], a[12]); SQRADDAC(a[2], a[11]); SQRADDAC(a[3], a[10]); SQRADDAC(a[4], a[9]); SQRADDAC(a[5], a[8]); SQRADDAC(a[6], a[7]); SQRADDDB; 
+   COMBA_STORE(b[13]);
+
+   /* output 14 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[14]); SQRADDAC(a[1], a[13]); SQRADDAC(a[2], a[12]); SQRADDAC(a[3], a[11]); SQRADDAC(a[4], a[10]); SQRADDAC(a[5], a[9]); SQRADDAC(a[6], a[8]); SQRADDDB; SQRADD(a[7], a[7]); 
+   COMBA_STORE(b[14]);
+
+   /* output 15 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[15]); SQRADDAC(a[1], a[14]); SQRADDAC(a[2], a[13]); SQRADDAC(a[3], a[12]); SQRADDAC(a[4], a[11]); SQRADDAC(a[5], a[10]); SQRADDAC(a[6], a[9]); SQRADDAC(a[7], a[8]); SQRADDDB; 
+   COMBA_STORE(b[15]);
+
+   /* output 16 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[16]); SQRADDAC(a[1], a[15]); SQRADDAC(a[2], a[14]); SQRADDAC(a[3], a[13]); SQRADDAC(a[4], a[12]); SQRADDAC(a[5], a[11]); SQRADDAC(a[6], a[10]); SQRADDAC(a[7], a[9]); SQRADDDB; SQRADD(a[8], a[8]); 
+   COMBA_STORE(b[16]);
+
+   /* output 17 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[17]); SQRADDAC(a[1], a[16]); SQRADDAC(a[2], a[15]); SQRADDAC(a[3], a[14]); SQRADDAC(a[4], a[13]); SQRADDAC(a[5], a[12]); SQRADDAC(a[6], a[11]); SQRADDAC(a[7], a[10]); SQRADDAC(a[8], a[9]); SQRADDDB; 
+   COMBA_STORE(b[17]);
+
+   /* output 18 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[18]); SQRADDAC(a[1], a[17]); SQRADDAC(a[2], a[16]); SQRADDAC(a[3], a[15]); SQRADDAC(a[4], a[14]); SQRADDAC(a[5], a[13]); SQRADDAC(a[6], a[12]); SQRADDAC(a[7], a[11]); SQRADDAC(a[8], a[10]); SQRADDDB; SQRADD(a[9], a[9]); 
+   COMBA_STORE(b[18]);
+
+   /* output 19 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[19]); SQRADDAC(a[1], a[18]); SQRADDAC(a[2], a[17]); SQRADDAC(a[3], a[16]); SQRADDAC(a[4], a[15]); SQRADDAC(a[5], a[14]); SQRADDAC(a[6], a[13]); SQRADDAC(a[7], a[12]); SQRADDAC(a[8], a[11]); SQRADDAC(a[9], a[10]); SQRADDDB; 
+   COMBA_STORE(b[19]);
+
+   /* output 20 */
+   CARRY_FORWARD;
+   SQRADDSC(a[1], a[19]); SQRADDAC(a[2], a[18]); SQRADDAC(a[3], a[17]); SQRADDAC(a[4], a[16]); SQRADDAC(a[5], a[15]); SQRADDAC(a[6], a[14]); SQRADDAC(a[7], a[13]); SQRADDAC(a[8], a[12]); SQRADDAC(a[9], a[11]); SQRADDDB; SQRADD(a[10], a[10]); 
+   COMBA_STORE(b[20]);
+
+   /* output 21 */
+   CARRY_FORWARD;
+   SQRADDSC(a[2], a[19]); SQRADDAC(a[3], a[18]); SQRADDAC(a[4], a[17]); SQRADDAC(a[5], a[16]); SQRADDAC(a[6], a[15]); SQRADDAC(a[7], a[14]); SQRADDAC(a[8], a[13]); SQRADDAC(a[9], a[12]); SQRADDAC(a[10], a[11]); SQRADDDB; 
+   COMBA_STORE(b[21]);
+
+   /* output 22 */
+   CARRY_FORWARD;
+   SQRADDSC(a[3], a[19]); SQRADDAC(a[4], a[18]); SQRADDAC(a[5], a[17]); SQRADDAC(a[6], a[16]); SQRADDAC(a[7], a[15]); SQRADDAC(a[8], a[14]); SQRADDAC(a[9], a[13]); SQRADDAC(a[10], a[12]); SQRADDDB; SQRADD(a[11], a[11]); 
+   COMBA_STORE(b[22]);
+
+   /* output 23 */
+   CARRY_FORWARD;
+   SQRADDSC(a[4], a[19]); SQRADDAC(a[5], a[18]); SQRADDAC(a[6], a[17]); SQRADDAC(a[7], a[16]); SQRADDAC(a[8], a[15]); SQRADDAC(a[9], a[14]); SQRADDAC(a[10], a[13]); SQRADDAC(a[11], a[12]); SQRADDDB; 
+   COMBA_STORE(b[23]);
+
+   /* output 24 */
+   CARRY_FORWARD;
+   SQRADDSC(a[5], a[19]); SQRADDAC(a[6], a[18]); SQRADDAC(a[7], a[17]); SQRADDAC(a[8], a[16]); SQRADDAC(a[9], a[15]); SQRADDAC(a[10], a[14]); SQRADDAC(a[11], a[13]); SQRADDDB; SQRADD(a[12], a[12]); 
+   COMBA_STORE(b[24]);
+
+   /* output 25 */
+   CARRY_FORWARD;
+   SQRADDSC(a[6], a[19]); SQRADDAC(a[7], a[18]); SQRADDAC(a[8], a[17]); SQRADDAC(a[9], a[16]); SQRADDAC(a[10], a[15]); SQRADDAC(a[11], a[14]); SQRADDAC(a[12], a[13]); SQRADDDB; 
+   COMBA_STORE(b[25]);
+
+   /* output 26 */
+   CARRY_FORWARD;
+   SQRADDSC(a[7], a[19]); SQRADDAC(a[8], a[18]); SQRADDAC(a[9], a[17]); SQRADDAC(a[10], a[16]); SQRADDAC(a[11], a[15]); SQRADDAC(a[12], a[14]); SQRADDDB; SQRADD(a[13], a[13]); 
+   COMBA_STORE(b[26]);
+
+   /* output 27 */
+   CARRY_FORWARD;
+   SQRADDSC(a[8], a[19]); SQRADDAC(a[9], a[18]); SQRADDAC(a[10], a[17]); SQRADDAC(a[11], a[16]); SQRADDAC(a[12], a[15]); SQRADDAC(a[13], a[14]); SQRADDDB; 
+   COMBA_STORE(b[27]);
+
+   /* output 28 */
+   CARRY_FORWARD;
+   SQRADDSC(a[9], a[19]); SQRADDAC(a[10], a[18]); SQRADDAC(a[11], a[17]); SQRADDAC(a[12], a[16]); SQRADDAC(a[13], a[15]); SQRADDDB; SQRADD(a[14], a[14]); 
+   COMBA_STORE(b[28]);
+
+   /* output 29 */
+   CARRY_FORWARD;
+   SQRADDSC(a[10], a[19]); SQRADDAC(a[11], a[18]); SQRADDAC(a[12], a[17]); SQRADDAC(a[13], a[16]); SQRADDAC(a[14], a[15]); SQRADDDB; 
+   COMBA_STORE(b[29]);
+
+   /* output 30 */
+   CARRY_FORWARD;
+   SQRADDSC(a[11], a[19]); SQRADDAC(a[12], a[18]); SQRADDAC(a[13], a[17]); SQRADDAC(a[14], a[16]); SQRADDDB; SQRADD(a[15], a[15]); 
+   COMBA_STORE(b[30]);
+
+   /* output 31 */
+   CARRY_FORWARD;
+   SQRADDSC(a[12], a[19]); SQRADDAC(a[13], a[18]); SQRADDAC(a[14], a[17]); SQRADDAC(a[15], a[16]); SQRADDDB; 
+   COMBA_STORE(b[31]);
+
+   /* output 32 */
+   CARRY_FORWARD;
+   SQRADDSC(a[13], a[19]); SQRADDAC(a[14], a[18]); SQRADDAC(a[15], a[17]); SQRADDDB; SQRADD(a[16], a[16]); 
+   COMBA_STORE(b[32]);
+
+   /* output 33 */
+   CARRY_FORWARD;
+   SQRADDSC(a[14], a[19]); SQRADDAC(a[15], a[18]); SQRADDAC(a[16], a[17]); SQRADDDB; 
+   COMBA_STORE(b[33]);
+
+   /* output 34 */
+   CARRY_FORWARD;
+   SQRADD2(a[15], a[19]); SQRADD2(a[16], a[18]); SQRADD(a[17], a[17]); 
+   COMBA_STORE(b[34]);
+
+   /* output 35 */
+   CARRY_FORWARD;
+   SQRADD2(a[16], a[19]); SQRADD2(a[17], a[18]); 
+   COMBA_STORE(b[35]);
+
+   /* output 36 */
+   CARRY_FORWARD;
+   SQRADD2(a[17], a[19]); SQRADD(a[18], a[18]); 
+   COMBA_STORE(b[36]);
+
+   /* output 37 */
+   CARRY_FORWARD;
+   SQRADD2(a[18], a[19]); 
+   COMBA_STORE(b[37]);
+
+   /* output 38 */
+   CARRY_FORWARD;
+   SQRADD(a[19], a[19]); 
+   COMBA_STORE(b[38]);
+   COMBA_STORE2(b[39]);
+   COMBA_FINI;
+
+   B->used = 40;
+   B->sign = FP_ZPOS;
+   memcpy(B->dp, b, 40 * sizeof(fp_digit));
+   fp_clamp(B);
+}
+#endif
+
+
diff --git a/3P/wolfssl/wolfcrypt/src/fp_sqr_comba_24.i b/3P/wolfssl/wolfcrypt/src/fp_sqr_comba_24.i
new file mode 100644
index 00000000..cf512e3c
--- /dev/null
+++ b/3P/wolfssl/wolfcrypt/src/fp_sqr_comba_24.i
@@ -0,0 +1,280 @@
+/* fp_sqr_comba_24.i
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#ifdef TFM_SQR24
+void fp_sqr_comba24(fp_int *A, fp_int *B)
+{
+   fp_digit *a, b[48], c0, c1, c2, sc0, sc1, sc2;
+#ifdef TFM_ISO
+   fp_word   tt;   
+#endif   
+
+   a = A->dp;
+   COMBA_START; 
+
+   /* clear carries */
+   CLEAR_CARRY;
+
+   /* output 0 */
+   SQRADD(a[0],a[0]);
+   COMBA_STORE(b[0]);
+
+   /* output 1 */
+   CARRY_FORWARD;
+   SQRADD2(a[0], a[1]); 
+   COMBA_STORE(b[1]);
+
+   /* output 2 */
+   CARRY_FORWARD;
+   SQRADD2(a[0], a[2]); SQRADD(a[1], a[1]); 
+   COMBA_STORE(b[2]);
+
+   /* output 3 */
+   CARRY_FORWARD;
+   SQRADD2(a[0], a[3]); SQRADD2(a[1], a[2]); 
+   COMBA_STORE(b[3]);
+
+   /* output 4 */
+   CARRY_FORWARD;
+   SQRADD2(a[0], a[4]); SQRADD2(a[1], a[3]); SQRADD(a[2], a[2]); 
+   COMBA_STORE(b[4]);
+
+   /* output 5 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[5]); SQRADDAC(a[1], a[4]); SQRADDAC(a[2], a[3]); SQRADDDB; 
+   COMBA_STORE(b[5]);
+
+   /* output 6 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[6]); SQRADDAC(a[1], a[5]); SQRADDAC(a[2], a[4]); SQRADDDB; SQRADD(a[3], a[3]); 
+   COMBA_STORE(b[6]);
+
+   /* output 7 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[7]); SQRADDAC(a[1], a[6]); SQRADDAC(a[2], a[5]); SQRADDAC(a[3], a[4]); SQRADDDB; 
+   COMBA_STORE(b[7]);
+
+   /* output 8 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[8]); SQRADDAC(a[1], a[7]); SQRADDAC(a[2], a[6]); SQRADDAC(a[3], a[5]); SQRADDDB; SQRADD(a[4], a[4]); 
+   COMBA_STORE(b[8]);
+
+   /* output 9 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[9]); SQRADDAC(a[1], a[8]); SQRADDAC(a[2], a[7]); SQRADDAC(a[3], a[6]); SQRADDAC(a[4], a[5]); SQRADDDB; 
+   COMBA_STORE(b[9]);
+
+   /* output 10 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[10]); SQRADDAC(a[1], a[9]); SQRADDAC(a[2], a[8]); SQRADDAC(a[3], a[7]); SQRADDAC(a[4], a[6]); SQRADDDB; SQRADD(a[5], a[5]); 
+   COMBA_STORE(b[10]);
+
+   /* output 11 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[11]); SQRADDAC(a[1], a[10]); SQRADDAC(a[2], a[9]); SQRADDAC(a[3], a[8]); SQRADDAC(a[4], a[7]); SQRADDAC(a[5], a[6]); SQRADDDB; 
+   COMBA_STORE(b[11]);
+
+   /* output 12 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[12]); SQRADDAC(a[1], a[11]); SQRADDAC(a[2], a[10]); SQRADDAC(a[3], a[9]); SQRADDAC(a[4], a[8]); SQRADDAC(a[5], a[7]); SQRADDDB; SQRADD(a[6], a[6]); 
+   COMBA_STORE(b[12]);
+
+   /* output 13 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[13]); SQRADDAC(a[1], a[12]); SQRADDAC(a[2], a[11]); SQRADDAC(a[3], a[10]); SQRADDAC(a[4], a[9]); SQRADDAC(a[5], a[8]); SQRADDAC(a[6], a[7]); SQRADDDB; 
+   COMBA_STORE(b[13]);
+
+   /* output 14 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[14]); SQRADDAC(a[1], a[13]); SQRADDAC(a[2], a[12]); SQRADDAC(a[3], a[11]); SQRADDAC(a[4], a[10]); SQRADDAC(a[5], a[9]); SQRADDAC(a[6], a[8]); SQRADDDB; SQRADD(a[7], a[7]); 
+   COMBA_STORE(b[14]);
+
+   /* output 15 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[15]); SQRADDAC(a[1], a[14]); SQRADDAC(a[2], a[13]); SQRADDAC(a[3], a[12]); SQRADDAC(a[4], a[11]); SQRADDAC(a[5], a[10]); SQRADDAC(a[6], a[9]); SQRADDAC(a[7], a[8]); SQRADDDB; 
+   COMBA_STORE(b[15]);
+
+   /* output 16 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[16]); SQRADDAC(a[1], a[15]); SQRADDAC(a[2], a[14]); SQRADDAC(a[3], a[13]); SQRADDAC(a[4], a[12]); SQRADDAC(a[5], a[11]); SQRADDAC(a[6], a[10]); SQRADDAC(a[7], a[9]); SQRADDDB; SQRADD(a[8], a[8]); 
+   COMBA_STORE(b[16]);
+
+   /* output 17 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[17]); SQRADDAC(a[1], a[16]); SQRADDAC(a[2], a[15]); SQRADDAC(a[3], a[14]); SQRADDAC(a[4], a[13]); SQRADDAC(a[5], a[12]); SQRADDAC(a[6], a[11]); SQRADDAC(a[7], a[10]); SQRADDAC(a[8], a[9]); SQRADDDB; 
+   COMBA_STORE(b[17]);
+
+   /* output 18 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[18]); SQRADDAC(a[1], a[17]); SQRADDAC(a[2], a[16]); SQRADDAC(a[3], a[15]); SQRADDAC(a[4], a[14]); SQRADDAC(a[5], a[13]); SQRADDAC(a[6], a[12]); SQRADDAC(a[7], a[11]); SQRADDAC(a[8], a[10]); SQRADDDB; SQRADD(a[9], a[9]); 
+   COMBA_STORE(b[18]);
+
+   /* output 19 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[19]); SQRADDAC(a[1], a[18]); SQRADDAC(a[2], a[17]); SQRADDAC(a[3], a[16]); SQRADDAC(a[4], a[15]); SQRADDAC(a[5], a[14]); SQRADDAC(a[6], a[13]); SQRADDAC(a[7], a[12]); SQRADDAC(a[8], a[11]); SQRADDAC(a[9], a[10]); SQRADDDB; 
+   COMBA_STORE(b[19]);
+
+   /* output 20 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[20]); SQRADDAC(a[1], a[19]); SQRADDAC(a[2], a[18]); SQRADDAC(a[3], a[17]); SQRADDAC(a[4], a[16]); SQRADDAC(a[5], a[15]); SQRADDAC(a[6], a[14]); SQRADDAC(a[7], a[13]); SQRADDAC(a[8], a[12]); SQRADDAC(a[9], a[11]); SQRADDDB; SQRADD(a[10], a[10]); 
+   COMBA_STORE(b[20]);
+
+   /* output 21 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[21]); SQRADDAC(a[1], a[20]); SQRADDAC(a[2], a[19]); SQRADDAC(a[3], a[18]); SQRADDAC(a[4], a[17]); SQRADDAC(a[5], a[16]); SQRADDAC(a[6], a[15]); SQRADDAC(a[7], a[14]); SQRADDAC(a[8], a[13]); SQRADDAC(a[9], a[12]); SQRADDAC(a[10], a[11]); SQRADDDB; 
+   COMBA_STORE(b[21]);
+
+   /* output 22 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[22]); SQRADDAC(a[1], a[21]); SQRADDAC(a[2], a[20]); SQRADDAC(a[3], a[19]); SQRADDAC(a[4], a[18]); SQRADDAC(a[5], a[17]); SQRADDAC(a[6], a[16]); SQRADDAC(a[7], a[15]); SQRADDAC(a[8], a[14]); SQRADDAC(a[9], a[13]); SQRADDAC(a[10], a[12]); SQRADDDB; SQRADD(a[11], a[11]); 
+   COMBA_STORE(b[22]);
+
+   /* output 23 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[23]); SQRADDAC(a[1], a[22]); SQRADDAC(a[2], a[21]); SQRADDAC(a[3], a[20]); SQRADDAC(a[4], a[19]); SQRADDAC(a[5], a[18]); SQRADDAC(a[6], a[17]); SQRADDAC(a[7], a[16]); SQRADDAC(a[8], a[15]); SQRADDAC(a[9], a[14]); SQRADDAC(a[10], a[13]); SQRADDAC(a[11], a[12]); SQRADDDB; 
+   COMBA_STORE(b[23]);
+
+   /* output 24 */
+   CARRY_FORWARD;
+   SQRADDSC(a[1], a[23]); SQRADDAC(a[2], a[22]); SQRADDAC(a[3], a[21]); SQRADDAC(a[4], a[20]); SQRADDAC(a[5], a[19]); SQRADDAC(a[6], a[18]); SQRADDAC(a[7], a[17]); SQRADDAC(a[8], a[16]); SQRADDAC(a[9], a[15]); SQRADDAC(a[10], a[14]); SQRADDAC(a[11], a[13]); SQRADDDB; SQRADD(a[12], a[12]); 
+   COMBA_STORE(b[24]);
+
+   /* output 25 */
+   CARRY_FORWARD;
+   SQRADDSC(a[2], a[23]); SQRADDAC(a[3], a[22]); SQRADDAC(a[4], a[21]); SQRADDAC(a[5], a[20]); SQRADDAC(a[6], a[19]); SQRADDAC(a[7], a[18]); SQRADDAC(a[8], a[17]); SQRADDAC(a[9], a[16]); SQRADDAC(a[10], a[15]); SQRADDAC(a[11], a[14]); SQRADDAC(a[12], a[13]); SQRADDDB; 
+   COMBA_STORE(b[25]);
+
+   /* output 26 */
+   CARRY_FORWARD;
+   SQRADDSC(a[3], a[23]); SQRADDAC(a[4], a[22]); SQRADDAC(a[5], a[21]); SQRADDAC(a[6], a[20]); SQRADDAC(a[7], a[19]); SQRADDAC(a[8], a[18]); SQRADDAC(a[9], a[17]); SQRADDAC(a[10], a[16]); SQRADDAC(a[11], a[15]); SQRADDAC(a[12], a[14]); SQRADDDB; SQRADD(a[13], a[13]); 
+   COMBA_STORE(b[26]);
+
+   /* output 27 */
+   CARRY_FORWARD;
+   SQRADDSC(a[4], a[23]); SQRADDAC(a[5], a[22]); SQRADDAC(a[6], a[21]); SQRADDAC(a[7], a[20]); SQRADDAC(a[8], a[19]); SQRADDAC(a[9], a[18]); SQRADDAC(a[10], a[17]); SQRADDAC(a[11], a[16]); SQRADDAC(a[12], a[15]); SQRADDAC(a[13], a[14]); SQRADDDB; 
+   COMBA_STORE(b[27]);
+
+   /* output 28 */
+   CARRY_FORWARD;
+   SQRADDSC(a[5], a[23]); SQRADDAC(a[6], a[22]); SQRADDAC(a[7], a[21]); SQRADDAC(a[8], a[20]); SQRADDAC(a[9], a[19]); SQRADDAC(a[10], a[18]); SQRADDAC(a[11], a[17]); SQRADDAC(a[12], a[16]); SQRADDAC(a[13], a[15]); SQRADDDB; SQRADD(a[14], a[14]); 
+   COMBA_STORE(b[28]);
+
+   /* output 29 */
+   CARRY_FORWARD;
+   SQRADDSC(a[6], a[23]); SQRADDAC(a[7], a[22]); SQRADDAC(a[8], a[21]); SQRADDAC(a[9], a[20]); SQRADDAC(a[10], a[19]); SQRADDAC(a[11], a[18]); SQRADDAC(a[12], a[17]); SQRADDAC(a[13], a[16]); SQRADDAC(a[14], a[15]); SQRADDDB; 
+   COMBA_STORE(b[29]);
+
+   /* output 30 */
+   CARRY_FORWARD;
+   SQRADDSC(a[7], a[23]); SQRADDAC(a[8], a[22]); SQRADDAC(a[9], a[21]); SQRADDAC(a[10], a[20]); SQRADDAC(a[11], a[19]); SQRADDAC(a[12], a[18]); SQRADDAC(a[13], a[17]); SQRADDAC(a[14], a[16]); SQRADDDB; SQRADD(a[15], a[15]); 
+   COMBA_STORE(b[30]);
+
+   /* output 31 */
+   CARRY_FORWARD;
+   SQRADDSC(a[8], a[23]); SQRADDAC(a[9], a[22]); SQRADDAC(a[10], a[21]); SQRADDAC(a[11], a[20]); SQRADDAC(a[12], a[19]); SQRADDAC(a[13], a[18]); SQRADDAC(a[14], a[17]); SQRADDAC(a[15], a[16]); SQRADDDB; 
+   COMBA_STORE(b[31]);
+
+   /* output 32 */
+   CARRY_FORWARD;
+   SQRADDSC(a[9], a[23]); SQRADDAC(a[10], a[22]); SQRADDAC(a[11], a[21]); SQRADDAC(a[12], a[20]); SQRADDAC(a[13], a[19]); SQRADDAC(a[14], a[18]); SQRADDAC(a[15], a[17]); SQRADDDB; SQRADD(a[16], a[16]); 
+   COMBA_STORE(b[32]);
+
+   /* output 33 */
+   CARRY_FORWARD;
+   SQRADDSC(a[10], a[23]); SQRADDAC(a[11], a[22]); SQRADDAC(a[12], a[21]); SQRADDAC(a[13], a[20]); SQRADDAC(a[14], a[19]); SQRADDAC(a[15], a[18]); SQRADDAC(a[16], a[17]); SQRADDDB; 
+   COMBA_STORE(b[33]);
+
+   /* output 34 */
+   CARRY_FORWARD;
+   SQRADDSC(a[11], a[23]); SQRADDAC(a[12], a[22]); SQRADDAC(a[13], a[21]); SQRADDAC(a[14], a[20]); SQRADDAC(a[15], a[19]); SQRADDAC(a[16], a[18]); SQRADDDB; SQRADD(a[17], a[17]); 
+   COMBA_STORE(b[34]);
+
+   /* output 35 */
+   CARRY_FORWARD;
+   SQRADDSC(a[12], a[23]); SQRADDAC(a[13], a[22]); SQRADDAC(a[14], a[21]); SQRADDAC(a[15], a[20]); SQRADDAC(a[16], a[19]); SQRADDAC(a[17], a[18]); SQRADDDB; 
+   COMBA_STORE(b[35]);
+
+   /* output 36 */
+   CARRY_FORWARD;
+   SQRADDSC(a[13], a[23]); SQRADDAC(a[14], a[22]); SQRADDAC(a[15], a[21]); SQRADDAC(a[16], a[20]); SQRADDAC(a[17], a[19]); SQRADDDB; SQRADD(a[18], a[18]); 
+   COMBA_STORE(b[36]);
+
+   /* output 37 */
+   CARRY_FORWARD;
+   SQRADDSC(a[14], a[23]); SQRADDAC(a[15], a[22]); SQRADDAC(a[16], a[21]); SQRADDAC(a[17], a[20]); SQRADDAC(a[18], a[19]); SQRADDDB; 
+   COMBA_STORE(b[37]);
+
+   /* output 38 */
+   CARRY_FORWARD;
+   SQRADDSC(a[15], a[23]); SQRADDAC(a[16], a[22]); SQRADDAC(a[17], a[21]); SQRADDAC(a[18], a[20]); SQRADDDB; SQRADD(a[19], a[19]); 
+   COMBA_STORE(b[38]);
+
+   /* output 39 */
+   CARRY_FORWARD;
+   SQRADDSC(a[16], a[23]); SQRADDAC(a[17], a[22]); SQRADDAC(a[18], a[21]); SQRADDAC(a[19], a[20]); SQRADDDB; 
+   COMBA_STORE(b[39]);
+
+   /* output 40 */
+   CARRY_FORWARD;
+   SQRADDSC(a[17], a[23]); SQRADDAC(a[18], a[22]); SQRADDAC(a[19], a[21]); SQRADDDB; SQRADD(a[20], a[20]); 
+   COMBA_STORE(b[40]);
+
+   /* output 41 */
+   CARRY_FORWARD;
+   SQRADDSC(a[18], a[23]); SQRADDAC(a[19], a[22]); SQRADDAC(a[20], a[21]); SQRADDDB; 
+   COMBA_STORE(b[41]);
+
+   /* output 42 */
+   CARRY_FORWARD;
+   SQRADD2(a[19], a[23]); SQRADD2(a[20], a[22]); SQRADD(a[21], a[21]); 
+   COMBA_STORE(b[42]);
+
+   /* output 43 */
+   CARRY_FORWARD;
+   SQRADD2(a[20], a[23]); SQRADD2(a[21], a[22]); 
+   COMBA_STORE(b[43]);
+
+   /* output 44 */
+   CARRY_FORWARD;
+   SQRADD2(a[21], a[23]); SQRADD(a[22], a[22]); 
+   COMBA_STORE(b[44]);
+
+   /* output 45 */
+   CARRY_FORWARD;
+   SQRADD2(a[22], a[23]); 
+   COMBA_STORE(b[45]);
+
+   /* output 46 */
+   CARRY_FORWARD;
+   SQRADD(a[23], a[23]); 
+   COMBA_STORE(b[46]);
+   COMBA_STORE2(b[47]);
+   COMBA_FINI;
+
+   B->used = 48;
+   B->sign = FP_ZPOS;
+   memcpy(B->dp, b, 48 * sizeof(fp_digit));
+   fp_clamp(B);
+}
+#endif
+
+
diff --git a/3P/wolfssl/wolfcrypt/src/fp_sqr_comba_28.i b/3P/wolfssl/wolfcrypt/src/fp_sqr_comba_28.i
new file mode 100644
index 00000000..08e9bc4d
--- /dev/null
+++ b/3P/wolfssl/wolfcrypt/src/fp_sqr_comba_28.i
@@ -0,0 +1,320 @@
+/* fp_sqr_comba_28.i
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#ifdef TFM_SQR28
+void fp_sqr_comba28(fp_int *A, fp_int *B)
+{
+   fp_digit *a, b[56], c0, c1, c2, sc0, sc1, sc2;
+#ifdef TFM_ISO
+   fp_word   tt;   
+#endif   
+
+   a = A->dp;
+   COMBA_START; 
+
+   /* clear carries */
+   CLEAR_CARRY;
+
+   /* output 0 */
+   SQRADD(a[0],a[0]);
+   COMBA_STORE(b[0]);
+
+   /* output 1 */
+   CARRY_FORWARD;
+   SQRADD2(a[0], a[1]); 
+   COMBA_STORE(b[1]);
+
+   /* output 2 */
+   CARRY_FORWARD;
+   SQRADD2(a[0], a[2]); SQRADD(a[1], a[1]); 
+   COMBA_STORE(b[2]);
+
+   /* output 3 */
+   CARRY_FORWARD;
+   SQRADD2(a[0], a[3]); SQRADD2(a[1], a[2]); 
+   COMBA_STORE(b[3]);
+
+   /* output 4 */
+   CARRY_FORWARD;
+   SQRADD2(a[0], a[4]); SQRADD2(a[1], a[3]); SQRADD(a[2], a[2]); 
+   COMBA_STORE(b[4]);
+
+   /* output 5 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[5]); SQRADDAC(a[1], a[4]); SQRADDAC(a[2], a[3]); SQRADDDB; 
+   COMBA_STORE(b[5]);
+
+   /* output 6 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[6]); SQRADDAC(a[1], a[5]); SQRADDAC(a[2], a[4]); SQRADDDB; SQRADD(a[3], a[3]); 
+   COMBA_STORE(b[6]);
+
+   /* output 7 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[7]); SQRADDAC(a[1], a[6]); SQRADDAC(a[2], a[5]); SQRADDAC(a[3], a[4]); SQRADDDB; 
+   COMBA_STORE(b[7]);
+
+   /* output 8 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[8]); SQRADDAC(a[1], a[7]); SQRADDAC(a[2], a[6]); SQRADDAC(a[3], a[5]); SQRADDDB; SQRADD(a[4], a[4]); 
+   COMBA_STORE(b[8]);
+
+   /* output 9 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[9]); SQRADDAC(a[1], a[8]); SQRADDAC(a[2], a[7]); SQRADDAC(a[3], a[6]); SQRADDAC(a[4], a[5]); SQRADDDB; 
+   COMBA_STORE(b[9]);
+
+   /* output 10 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[10]); SQRADDAC(a[1], a[9]); SQRADDAC(a[2], a[8]); SQRADDAC(a[3], a[7]); SQRADDAC(a[4], a[6]); SQRADDDB; SQRADD(a[5], a[5]); 
+   COMBA_STORE(b[10]);
+
+   /* output 11 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[11]); SQRADDAC(a[1], a[10]); SQRADDAC(a[2], a[9]); SQRADDAC(a[3], a[8]); SQRADDAC(a[4], a[7]); SQRADDAC(a[5], a[6]); SQRADDDB; 
+   COMBA_STORE(b[11]);
+
+   /* output 12 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[12]); SQRADDAC(a[1], a[11]); SQRADDAC(a[2], a[10]); SQRADDAC(a[3], a[9]); SQRADDAC(a[4], a[8]); SQRADDAC(a[5], a[7]); SQRADDDB; SQRADD(a[6], a[6]); 
+   COMBA_STORE(b[12]);
+
+   /* output 13 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[13]); SQRADDAC(a[1], a[12]); SQRADDAC(a[2], a[11]); SQRADDAC(a[3], a[10]); SQRADDAC(a[4], a[9]); SQRADDAC(a[5], a[8]); SQRADDAC(a[6], a[7]); SQRADDDB; 
+   COMBA_STORE(b[13]);
+
+   /* output 14 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[14]); SQRADDAC(a[1], a[13]); SQRADDAC(a[2], a[12]); SQRADDAC(a[3], a[11]); SQRADDAC(a[4], a[10]); SQRADDAC(a[5], a[9]); SQRADDAC(a[6], a[8]); SQRADDDB; SQRADD(a[7], a[7]); 
+   COMBA_STORE(b[14]);
+
+   /* output 15 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[15]); SQRADDAC(a[1], a[14]); SQRADDAC(a[2], a[13]); SQRADDAC(a[3], a[12]); SQRADDAC(a[4], a[11]); SQRADDAC(a[5], a[10]); SQRADDAC(a[6], a[9]); SQRADDAC(a[7], a[8]); SQRADDDB; 
+   COMBA_STORE(b[15]);
+
+   /* output 16 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[16]); SQRADDAC(a[1], a[15]); SQRADDAC(a[2], a[14]); SQRADDAC(a[3], a[13]); SQRADDAC(a[4], a[12]); SQRADDAC(a[5], a[11]); SQRADDAC(a[6], a[10]); SQRADDAC(a[7], a[9]); SQRADDDB; SQRADD(a[8], a[8]); 
+   COMBA_STORE(b[16]);
+
+   /* output 17 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[17]); SQRADDAC(a[1], a[16]); SQRADDAC(a[2], a[15]); SQRADDAC(a[3], a[14]); SQRADDAC(a[4], a[13]); SQRADDAC(a[5], a[12]); SQRADDAC(a[6], a[11]); SQRADDAC(a[7], a[10]); SQRADDAC(a[8], a[9]); SQRADDDB; 
+   COMBA_STORE(b[17]);
+
+   /* output 18 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[18]); SQRADDAC(a[1], a[17]); SQRADDAC(a[2], a[16]); SQRADDAC(a[3], a[15]); SQRADDAC(a[4], a[14]); SQRADDAC(a[5], a[13]); SQRADDAC(a[6], a[12]); SQRADDAC(a[7], a[11]); SQRADDAC(a[8], a[10]); SQRADDDB; SQRADD(a[9], a[9]); 
+   COMBA_STORE(b[18]);
+
+   /* output 19 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[19]); SQRADDAC(a[1], a[18]); SQRADDAC(a[2], a[17]); SQRADDAC(a[3], a[16]); SQRADDAC(a[4], a[15]); SQRADDAC(a[5], a[14]); SQRADDAC(a[6], a[13]); SQRADDAC(a[7], a[12]); SQRADDAC(a[8], a[11]); SQRADDAC(a[9], a[10]); SQRADDDB; 
+   COMBA_STORE(b[19]);
+
+   /* output 20 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[20]); SQRADDAC(a[1], a[19]); SQRADDAC(a[2], a[18]); SQRADDAC(a[3], a[17]); SQRADDAC(a[4], a[16]); SQRADDAC(a[5], a[15]); SQRADDAC(a[6], a[14]); SQRADDAC(a[7], a[13]); SQRADDAC(a[8], a[12]); SQRADDAC(a[9], a[11]); SQRADDDB; SQRADD(a[10], a[10]); 
+   COMBA_STORE(b[20]);
+
+   /* output 21 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[21]); SQRADDAC(a[1], a[20]); SQRADDAC(a[2], a[19]); SQRADDAC(a[3], a[18]); SQRADDAC(a[4], a[17]); SQRADDAC(a[5], a[16]); SQRADDAC(a[6], a[15]); SQRADDAC(a[7], a[14]); SQRADDAC(a[8], a[13]); SQRADDAC(a[9], a[12]); SQRADDAC(a[10], a[11]); SQRADDDB; 
+   COMBA_STORE(b[21]);
+
+   /* output 22 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[22]); SQRADDAC(a[1], a[21]); SQRADDAC(a[2], a[20]); SQRADDAC(a[3], a[19]); SQRADDAC(a[4], a[18]); SQRADDAC(a[5], a[17]); SQRADDAC(a[6], a[16]); SQRADDAC(a[7], a[15]); SQRADDAC(a[8], a[14]); SQRADDAC(a[9], a[13]); SQRADDAC(a[10], a[12]); SQRADDDB; SQRADD(a[11], a[11]); 
+   COMBA_STORE(b[22]);
+
+   /* output 23 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[23]); SQRADDAC(a[1], a[22]); SQRADDAC(a[2], a[21]); SQRADDAC(a[3], a[20]); SQRADDAC(a[4], a[19]); SQRADDAC(a[5], a[18]); SQRADDAC(a[6], a[17]); SQRADDAC(a[7], a[16]); SQRADDAC(a[8], a[15]); SQRADDAC(a[9], a[14]); SQRADDAC(a[10], a[13]); SQRADDAC(a[11], a[12]); SQRADDDB; 
+   COMBA_STORE(b[23]);
+
+   /* output 24 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[24]); SQRADDAC(a[1], a[23]); SQRADDAC(a[2], a[22]); SQRADDAC(a[3], a[21]); SQRADDAC(a[4], a[20]); SQRADDAC(a[5], a[19]); SQRADDAC(a[6], a[18]); SQRADDAC(a[7], a[17]); SQRADDAC(a[8], a[16]); SQRADDAC(a[9], a[15]); SQRADDAC(a[10], a[14]); SQRADDAC(a[11], a[13]); SQRADDDB; SQRADD(a[12], a[12]); 
+   COMBA_STORE(b[24]);
+
+   /* output 25 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[25]); SQRADDAC(a[1], a[24]); SQRADDAC(a[2], a[23]); SQRADDAC(a[3], a[22]); SQRADDAC(a[4], a[21]); SQRADDAC(a[5], a[20]); SQRADDAC(a[6], a[19]); SQRADDAC(a[7], a[18]); SQRADDAC(a[8], a[17]); SQRADDAC(a[9], a[16]); SQRADDAC(a[10], a[15]); SQRADDAC(a[11], a[14]); SQRADDAC(a[12], a[13]); SQRADDDB; 
+   COMBA_STORE(b[25]);
+
+   /* output 26 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[26]); SQRADDAC(a[1], a[25]); SQRADDAC(a[2], a[24]); SQRADDAC(a[3], a[23]); SQRADDAC(a[4], a[22]); SQRADDAC(a[5], a[21]); SQRADDAC(a[6], a[20]); SQRADDAC(a[7], a[19]); SQRADDAC(a[8], a[18]); SQRADDAC(a[9], a[17]); SQRADDAC(a[10], a[16]); SQRADDAC(a[11], a[15]); SQRADDAC(a[12], a[14]); SQRADDDB; SQRADD(a[13], a[13]); 
+   COMBA_STORE(b[26]);
+
+   /* output 27 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[27]); SQRADDAC(a[1], a[26]); SQRADDAC(a[2], a[25]); SQRADDAC(a[3], a[24]); SQRADDAC(a[4], a[23]); SQRADDAC(a[5], a[22]); SQRADDAC(a[6], a[21]); SQRADDAC(a[7], a[20]); SQRADDAC(a[8], a[19]); SQRADDAC(a[9], a[18]); SQRADDAC(a[10], a[17]); SQRADDAC(a[11], a[16]); SQRADDAC(a[12], a[15]); SQRADDAC(a[13], a[14]); SQRADDDB; 
+   COMBA_STORE(b[27]);
+
+   /* output 28 */
+   CARRY_FORWARD;
+   SQRADDSC(a[1], a[27]); SQRADDAC(a[2], a[26]); SQRADDAC(a[3], a[25]); SQRADDAC(a[4], a[24]); SQRADDAC(a[5], a[23]); SQRADDAC(a[6], a[22]); SQRADDAC(a[7], a[21]); SQRADDAC(a[8], a[20]); SQRADDAC(a[9], a[19]); SQRADDAC(a[10], a[18]); SQRADDAC(a[11], a[17]); SQRADDAC(a[12], a[16]); SQRADDAC(a[13], a[15]); SQRADDDB; SQRADD(a[14], a[14]); 
+   COMBA_STORE(b[28]);
+
+   /* output 29 */
+   CARRY_FORWARD;
+   SQRADDSC(a[2], a[27]); SQRADDAC(a[3], a[26]); SQRADDAC(a[4], a[25]); SQRADDAC(a[5], a[24]); SQRADDAC(a[6], a[23]); SQRADDAC(a[7], a[22]); SQRADDAC(a[8], a[21]); SQRADDAC(a[9], a[20]); SQRADDAC(a[10], a[19]); SQRADDAC(a[11], a[18]); SQRADDAC(a[12], a[17]); SQRADDAC(a[13], a[16]); SQRADDAC(a[14], a[15]); SQRADDDB; 
+   COMBA_STORE(b[29]);
+
+   /* output 30 */
+   CARRY_FORWARD;
+   SQRADDSC(a[3], a[27]); SQRADDAC(a[4], a[26]); SQRADDAC(a[5], a[25]); SQRADDAC(a[6], a[24]); SQRADDAC(a[7], a[23]); SQRADDAC(a[8], a[22]); SQRADDAC(a[9], a[21]); SQRADDAC(a[10], a[20]); SQRADDAC(a[11], a[19]); SQRADDAC(a[12], a[18]); SQRADDAC(a[13], a[17]); SQRADDAC(a[14], a[16]); SQRADDDB; SQRADD(a[15], a[15]); 
+   COMBA_STORE(b[30]);
+
+   /* output 31 */
+   CARRY_FORWARD;
+   SQRADDSC(a[4], a[27]); SQRADDAC(a[5], a[26]); SQRADDAC(a[6], a[25]); SQRADDAC(a[7], a[24]); SQRADDAC(a[8], a[23]); SQRADDAC(a[9], a[22]); SQRADDAC(a[10], a[21]); SQRADDAC(a[11], a[20]); SQRADDAC(a[12], a[19]); SQRADDAC(a[13], a[18]); SQRADDAC(a[14], a[17]); SQRADDAC(a[15], a[16]); SQRADDDB; 
+   COMBA_STORE(b[31]);
+
+   /* output 32 */
+   CARRY_FORWARD;
+   SQRADDSC(a[5], a[27]); SQRADDAC(a[6], a[26]); SQRADDAC(a[7], a[25]); SQRADDAC(a[8], a[24]); SQRADDAC(a[9], a[23]); SQRADDAC(a[10], a[22]); SQRADDAC(a[11], a[21]); SQRADDAC(a[12], a[20]); SQRADDAC(a[13], a[19]); SQRADDAC(a[14], a[18]); SQRADDAC(a[15], a[17]); SQRADDDB; SQRADD(a[16], a[16]); 
+   COMBA_STORE(b[32]);
+
+   /* output 33 */
+   CARRY_FORWARD;
+   SQRADDSC(a[6], a[27]); SQRADDAC(a[7], a[26]); SQRADDAC(a[8], a[25]); SQRADDAC(a[9], a[24]); SQRADDAC(a[10], a[23]); SQRADDAC(a[11], a[22]); SQRADDAC(a[12], a[21]); SQRADDAC(a[13], a[20]); SQRADDAC(a[14], a[19]); SQRADDAC(a[15], a[18]); SQRADDAC(a[16], a[17]); SQRADDDB; 
+   COMBA_STORE(b[33]);
+
+   /* output 34 */
+   CARRY_FORWARD;
+   SQRADDSC(a[7], a[27]); SQRADDAC(a[8], a[26]); SQRADDAC(a[9], a[25]); SQRADDAC(a[10], a[24]); SQRADDAC(a[11], a[23]); SQRADDAC(a[12], a[22]); SQRADDAC(a[13], a[21]); SQRADDAC(a[14], a[20]); SQRADDAC(a[15], a[19]); SQRADDAC(a[16], a[18]); SQRADDDB; SQRADD(a[17], a[17]); 
+   COMBA_STORE(b[34]);
+
+   /* output 35 */
+   CARRY_FORWARD;
+   SQRADDSC(a[8], a[27]); SQRADDAC(a[9], a[26]); SQRADDAC(a[10], a[25]); SQRADDAC(a[11], a[24]); SQRADDAC(a[12], a[23]); SQRADDAC(a[13], a[22]); SQRADDAC(a[14], a[21]); SQRADDAC(a[15], a[20]); SQRADDAC(a[16], a[19]); SQRADDAC(a[17], a[18]); SQRADDDB; 
+   COMBA_STORE(b[35]);
+
+   /* output 36 */
+   CARRY_FORWARD;
+   SQRADDSC(a[9], a[27]); SQRADDAC(a[10], a[26]); SQRADDAC(a[11], a[25]); SQRADDAC(a[12], a[24]); SQRADDAC(a[13], a[23]); SQRADDAC(a[14], a[22]); SQRADDAC(a[15], a[21]); SQRADDAC(a[16], a[20]); SQRADDAC(a[17], a[19]); SQRADDDB; SQRADD(a[18], a[18]); 
+   COMBA_STORE(b[36]);
+
+   /* output 37 */
+   CARRY_FORWARD;
+   SQRADDSC(a[10], a[27]); SQRADDAC(a[11], a[26]); SQRADDAC(a[12], a[25]); SQRADDAC(a[13], a[24]); SQRADDAC(a[14], a[23]); SQRADDAC(a[15], a[22]); SQRADDAC(a[16], a[21]); SQRADDAC(a[17], a[20]); SQRADDAC(a[18], a[19]); SQRADDDB; 
+   COMBA_STORE(b[37]);
+
+   /* output 38 */
+   CARRY_FORWARD;
+   SQRADDSC(a[11], a[27]); SQRADDAC(a[12], a[26]); SQRADDAC(a[13], a[25]); SQRADDAC(a[14], a[24]); SQRADDAC(a[15], a[23]); SQRADDAC(a[16], a[22]); SQRADDAC(a[17], a[21]); SQRADDAC(a[18], a[20]); SQRADDDB; SQRADD(a[19], a[19]); 
+   COMBA_STORE(b[38]);
+
+   /* output 39 */
+   CARRY_FORWARD;
+   SQRADDSC(a[12], a[27]); SQRADDAC(a[13], a[26]); SQRADDAC(a[14], a[25]); SQRADDAC(a[15], a[24]); SQRADDAC(a[16], a[23]); SQRADDAC(a[17], a[22]); SQRADDAC(a[18], a[21]); SQRADDAC(a[19], a[20]); SQRADDDB; 
+   COMBA_STORE(b[39]);
+
+   /* output 40 */
+   CARRY_FORWARD;
+   SQRADDSC(a[13], a[27]); SQRADDAC(a[14], a[26]); SQRADDAC(a[15], a[25]); SQRADDAC(a[16], a[24]); SQRADDAC(a[17], a[23]); SQRADDAC(a[18], a[22]); SQRADDAC(a[19], a[21]); SQRADDDB; SQRADD(a[20], a[20]); 
+   COMBA_STORE(b[40]);
+
+   /* output 41 */
+   CARRY_FORWARD;
+   SQRADDSC(a[14], a[27]); SQRADDAC(a[15], a[26]); SQRADDAC(a[16], a[25]); SQRADDAC(a[17], a[24]); SQRADDAC(a[18], a[23]); SQRADDAC(a[19], a[22]); SQRADDAC(a[20], a[21]); SQRADDDB; 
+   COMBA_STORE(b[41]);
+
+   /* output 42 */
+   CARRY_FORWARD;
+   SQRADDSC(a[15], a[27]); SQRADDAC(a[16], a[26]); SQRADDAC(a[17], a[25]); SQRADDAC(a[18], a[24]); SQRADDAC(a[19], a[23]); SQRADDAC(a[20], a[22]); SQRADDDB; SQRADD(a[21], a[21]); 
+   COMBA_STORE(b[42]);
+
+   /* output 43 */
+   CARRY_FORWARD;
+   SQRADDSC(a[16], a[27]); SQRADDAC(a[17], a[26]); SQRADDAC(a[18], a[25]); SQRADDAC(a[19], a[24]); SQRADDAC(a[20], a[23]); SQRADDAC(a[21], a[22]); SQRADDDB; 
+   COMBA_STORE(b[43]);
+
+   /* output 44 */
+   CARRY_FORWARD;
+   SQRADDSC(a[17], a[27]); SQRADDAC(a[18], a[26]); SQRADDAC(a[19], a[25]); SQRADDAC(a[20], a[24]); SQRADDAC(a[21], a[23]); SQRADDDB; SQRADD(a[22], a[22]); 
+   COMBA_STORE(b[44]);
+
+   /* output 45 */
+   CARRY_FORWARD;
+   SQRADDSC(a[18], a[27]); SQRADDAC(a[19], a[26]); SQRADDAC(a[20], a[25]); SQRADDAC(a[21], a[24]); SQRADDAC(a[22], a[23]); SQRADDDB; 
+   COMBA_STORE(b[45]);
+
+   /* output 46 */
+   CARRY_FORWARD;
+   SQRADDSC(a[19], a[27]); SQRADDAC(a[20], a[26]); SQRADDAC(a[21], a[25]); SQRADDAC(a[22], a[24]); SQRADDDB; SQRADD(a[23], a[23]); 
+   COMBA_STORE(b[46]);
+
+   /* output 47 */
+   CARRY_FORWARD;
+   SQRADDSC(a[20], a[27]); SQRADDAC(a[21], a[26]); SQRADDAC(a[22], a[25]); SQRADDAC(a[23], a[24]); SQRADDDB; 
+   COMBA_STORE(b[47]);
+
+   /* output 48 */
+   CARRY_FORWARD;
+   SQRADDSC(a[21], a[27]); SQRADDAC(a[22], a[26]); SQRADDAC(a[23], a[25]); SQRADDDB; SQRADD(a[24], a[24]); 
+   COMBA_STORE(b[48]);
+
+   /* output 49 */
+   CARRY_FORWARD;
+   SQRADDSC(a[22], a[27]); SQRADDAC(a[23], a[26]); SQRADDAC(a[24], a[25]); SQRADDDB; 
+   COMBA_STORE(b[49]);
+
+   /* output 50 */
+   CARRY_FORWARD;
+   SQRADD2(a[23], a[27]); SQRADD2(a[24], a[26]); SQRADD(a[25], a[25]); 
+   COMBA_STORE(b[50]);
+
+   /* output 51 */
+   CARRY_FORWARD;
+   SQRADD2(a[24], a[27]); SQRADD2(a[25], a[26]); 
+   COMBA_STORE(b[51]);
+
+   /* output 52 */
+   CARRY_FORWARD;
+   SQRADD2(a[25], a[27]); SQRADD(a[26], a[26]); 
+   COMBA_STORE(b[52]);
+
+   /* output 53 */
+   CARRY_FORWARD;
+   SQRADD2(a[26], a[27]); 
+   COMBA_STORE(b[53]);
+
+   /* output 54 */
+   CARRY_FORWARD;
+   SQRADD(a[27], a[27]); 
+   COMBA_STORE(b[54]);
+   COMBA_STORE2(b[55]);
+   COMBA_FINI;
+
+   B->used = 56;
+   B->sign = FP_ZPOS;
+   memcpy(B->dp, b, 56 * sizeof(fp_digit));
+   fp_clamp(B);
+}
+#endif
+
+
diff --git a/3P/wolfssl/wolfcrypt/src/fp_sqr_comba_3.i b/3P/wolfssl/wolfcrypt/src/fp_sqr_comba_3.i
new file mode 100644
index 00000000..b4754093
--- /dev/null
+++ b/3P/wolfssl/wolfcrypt/src/fp_sqr_comba_3.i
@@ -0,0 +1,70 @@
+/* fp_sqr_comba_3.i
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#ifdef TFM_SQR3
+void fp_sqr_comba3(fp_int *A, fp_int *B)
+{
+   fp_digit *a, b[6], c0, c1, c2;
+#ifdef TFM_ISO
+   fp_word tt;
+#endif
+
+   a = A->dp;
+   COMBA_START; 
+
+   /* clear carries */
+   CLEAR_CARRY;
+
+   /* output 0 */
+   SQRADD(a[0],a[0]);
+   COMBA_STORE(b[0]);
+
+   /* output 1 */
+   CARRY_FORWARD;
+   SQRADD2(a[0], a[1]); 
+   COMBA_STORE(b[1]);
+
+   /* output 2 */
+   CARRY_FORWARD;
+   SQRADD2(a[0], a[2]); SQRADD(a[1], a[1]); 
+   COMBA_STORE(b[2]);
+
+   /* output 3 */
+   CARRY_FORWARD;
+   SQRADD2(a[1], a[2]); 
+   COMBA_STORE(b[3]);
+
+   /* output 4 */
+   CARRY_FORWARD;
+   SQRADD(a[2], a[2]); 
+   COMBA_STORE(b[4]);
+   COMBA_STORE2(b[5]);
+   COMBA_FINI;
+
+   B->used = 6;
+   B->sign = FP_ZPOS;
+   memcpy(B->dp, b, 6 * sizeof(fp_digit));
+   fp_clamp(B);
+}
+#endif
+
+
diff --git a/3P/wolfssl/wolfcrypt/src/fp_sqr_comba_32.i b/3P/wolfssl/wolfcrypt/src/fp_sqr_comba_32.i
new file mode 100644
index 00000000..4a35d747
--- /dev/null
+++ b/3P/wolfssl/wolfcrypt/src/fp_sqr_comba_32.i
@@ -0,0 +1,360 @@
+/* fp_sqr_comba_32.i
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#ifdef TFM_SQR32
+void fp_sqr_comba32(fp_int *A, fp_int *B)
+{
+   fp_digit *a, b[64], c0, c1, c2, sc0, sc1, sc2;
+#ifdef TFM_ISO
+   fp_word   tt;   
+#endif   
+
+   a = A->dp;
+   COMBA_START; 
+
+   /* clear carries */
+   CLEAR_CARRY;
+
+   /* output 0 */
+   SQRADD(a[0],a[0]);
+   COMBA_STORE(b[0]);
+
+   /* output 1 */
+   CARRY_FORWARD;
+   SQRADD2(a[0], a[1]); 
+   COMBA_STORE(b[1]);
+
+   /* output 2 */
+   CARRY_FORWARD;
+   SQRADD2(a[0], a[2]); SQRADD(a[1], a[1]); 
+   COMBA_STORE(b[2]);
+
+   /* output 3 */
+   CARRY_FORWARD;
+   SQRADD2(a[0], a[3]); SQRADD2(a[1], a[2]); 
+   COMBA_STORE(b[3]);
+
+   /* output 4 */
+   CARRY_FORWARD;
+   SQRADD2(a[0], a[4]); SQRADD2(a[1], a[3]); SQRADD(a[2], a[2]); 
+   COMBA_STORE(b[4]);
+
+   /* output 5 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[5]); SQRADDAC(a[1], a[4]); SQRADDAC(a[2], a[3]); SQRADDDB; 
+   COMBA_STORE(b[5]);
+
+   /* output 6 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[6]); SQRADDAC(a[1], a[5]); SQRADDAC(a[2], a[4]); SQRADDDB; SQRADD(a[3], a[3]); 
+   COMBA_STORE(b[6]);
+
+   /* output 7 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[7]); SQRADDAC(a[1], a[6]); SQRADDAC(a[2], a[5]); SQRADDAC(a[3], a[4]); SQRADDDB; 
+   COMBA_STORE(b[7]);
+
+   /* output 8 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[8]); SQRADDAC(a[1], a[7]); SQRADDAC(a[2], a[6]); SQRADDAC(a[3], a[5]); SQRADDDB; SQRADD(a[4], a[4]); 
+   COMBA_STORE(b[8]);
+
+   /* output 9 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[9]); SQRADDAC(a[1], a[8]); SQRADDAC(a[2], a[7]); SQRADDAC(a[3], a[6]); SQRADDAC(a[4], a[5]); SQRADDDB; 
+   COMBA_STORE(b[9]);
+
+   /* output 10 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[10]); SQRADDAC(a[1], a[9]); SQRADDAC(a[2], a[8]); SQRADDAC(a[3], a[7]); SQRADDAC(a[4], a[6]); SQRADDDB; SQRADD(a[5], a[5]); 
+   COMBA_STORE(b[10]);
+
+   /* output 11 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[11]); SQRADDAC(a[1], a[10]); SQRADDAC(a[2], a[9]); SQRADDAC(a[3], a[8]); SQRADDAC(a[4], a[7]); SQRADDAC(a[5], a[6]); SQRADDDB; 
+   COMBA_STORE(b[11]);
+
+   /* output 12 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[12]); SQRADDAC(a[1], a[11]); SQRADDAC(a[2], a[10]); SQRADDAC(a[3], a[9]); SQRADDAC(a[4], a[8]); SQRADDAC(a[5], a[7]); SQRADDDB; SQRADD(a[6], a[6]); 
+   COMBA_STORE(b[12]);
+
+   /* output 13 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[13]); SQRADDAC(a[1], a[12]); SQRADDAC(a[2], a[11]); SQRADDAC(a[3], a[10]); SQRADDAC(a[4], a[9]); SQRADDAC(a[5], a[8]); SQRADDAC(a[6], a[7]); SQRADDDB; 
+   COMBA_STORE(b[13]);
+
+   /* output 14 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[14]); SQRADDAC(a[1], a[13]); SQRADDAC(a[2], a[12]); SQRADDAC(a[3], a[11]); SQRADDAC(a[4], a[10]); SQRADDAC(a[5], a[9]); SQRADDAC(a[6], a[8]); SQRADDDB; SQRADD(a[7], a[7]); 
+   COMBA_STORE(b[14]);
+
+   /* output 15 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[15]); SQRADDAC(a[1], a[14]); SQRADDAC(a[2], a[13]); SQRADDAC(a[3], a[12]); SQRADDAC(a[4], a[11]); SQRADDAC(a[5], a[10]); SQRADDAC(a[6], a[9]); SQRADDAC(a[7], a[8]); SQRADDDB; 
+   COMBA_STORE(b[15]);
+
+   /* output 16 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[16]); SQRADDAC(a[1], a[15]); SQRADDAC(a[2], a[14]); SQRADDAC(a[3], a[13]); SQRADDAC(a[4], a[12]); SQRADDAC(a[5], a[11]); SQRADDAC(a[6], a[10]); SQRADDAC(a[7], a[9]); SQRADDDB; SQRADD(a[8], a[8]); 
+   COMBA_STORE(b[16]);
+
+   /* output 17 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[17]); SQRADDAC(a[1], a[16]); SQRADDAC(a[2], a[15]); SQRADDAC(a[3], a[14]); SQRADDAC(a[4], a[13]); SQRADDAC(a[5], a[12]); SQRADDAC(a[6], a[11]); SQRADDAC(a[7], a[10]); SQRADDAC(a[8], a[9]); SQRADDDB; 
+   COMBA_STORE(b[17]);
+
+   /* output 18 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[18]); SQRADDAC(a[1], a[17]); SQRADDAC(a[2], a[16]); SQRADDAC(a[3], a[15]); SQRADDAC(a[4], a[14]); SQRADDAC(a[5], a[13]); SQRADDAC(a[6], a[12]); SQRADDAC(a[7], a[11]); SQRADDAC(a[8], a[10]); SQRADDDB; SQRADD(a[9], a[9]); 
+   COMBA_STORE(b[18]);
+
+   /* output 19 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[19]); SQRADDAC(a[1], a[18]); SQRADDAC(a[2], a[17]); SQRADDAC(a[3], a[16]); SQRADDAC(a[4], a[15]); SQRADDAC(a[5], a[14]); SQRADDAC(a[6], a[13]); SQRADDAC(a[7], a[12]); SQRADDAC(a[8], a[11]); SQRADDAC(a[9], a[10]); SQRADDDB; 
+   COMBA_STORE(b[19]);
+
+   /* output 20 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[20]); SQRADDAC(a[1], a[19]); SQRADDAC(a[2], a[18]); SQRADDAC(a[3], a[17]); SQRADDAC(a[4], a[16]); SQRADDAC(a[5], a[15]); SQRADDAC(a[6], a[14]); SQRADDAC(a[7], a[13]); SQRADDAC(a[8], a[12]); SQRADDAC(a[9], a[11]); SQRADDDB; SQRADD(a[10], a[10]); 
+   COMBA_STORE(b[20]);
+
+   /* output 21 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[21]); SQRADDAC(a[1], a[20]); SQRADDAC(a[2], a[19]); SQRADDAC(a[3], a[18]); SQRADDAC(a[4], a[17]); SQRADDAC(a[5], a[16]); SQRADDAC(a[6], a[15]); SQRADDAC(a[7], a[14]); SQRADDAC(a[8], a[13]); SQRADDAC(a[9], a[12]); SQRADDAC(a[10], a[11]); SQRADDDB; 
+   COMBA_STORE(b[21]);
+
+   /* output 22 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[22]); SQRADDAC(a[1], a[21]); SQRADDAC(a[2], a[20]); SQRADDAC(a[3], a[19]); SQRADDAC(a[4], a[18]); SQRADDAC(a[5], a[17]); SQRADDAC(a[6], a[16]); SQRADDAC(a[7], a[15]); SQRADDAC(a[8], a[14]); SQRADDAC(a[9], a[13]); SQRADDAC(a[10], a[12]); SQRADDDB; SQRADD(a[11], a[11]); 
+   COMBA_STORE(b[22]);
+
+   /* output 23 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[23]); SQRADDAC(a[1], a[22]); SQRADDAC(a[2], a[21]); SQRADDAC(a[3], a[20]); SQRADDAC(a[4], a[19]); SQRADDAC(a[5], a[18]); SQRADDAC(a[6], a[17]); SQRADDAC(a[7], a[16]); SQRADDAC(a[8], a[15]); SQRADDAC(a[9], a[14]); SQRADDAC(a[10], a[13]); SQRADDAC(a[11], a[12]); SQRADDDB; 
+   COMBA_STORE(b[23]);
+
+   /* output 24 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[24]); SQRADDAC(a[1], a[23]); SQRADDAC(a[2], a[22]); SQRADDAC(a[3], a[21]); SQRADDAC(a[4], a[20]); SQRADDAC(a[5], a[19]); SQRADDAC(a[6], a[18]); SQRADDAC(a[7], a[17]); SQRADDAC(a[8], a[16]); SQRADDAC(a[9], a[15]); SQRADDAC(a[10], a[14]); SQRADDAC(a[11], a[13]); SQRADDDB; SQRADD(a[12], a[12]); 
+   COMBA_STORE(b[24]);
+
+   /* output 25 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[25]); SQRADDAC(a[1], a[24]); SQRADDAC(a[2], a[23]); SQRADDAC(a[3], a[22]); SQRADDAC(a[4], a[21]); SQRADDAC(a[5], a[20]); SQRADDAC(a[6], a[19]); SQRADDAC(a[7], a[18]); SQRADDAC(a[8], a[17]); SQRADDAC(a[9], a[16]); SQRADDAC(a[10], a[15]); SQRADDAC(a[11], a[14]); SQRADDAC(a[12], a[13]); SQRADDDB; 
+   COMBA_STORE(b[25]);
+
+   /* output 26 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[26]); SQRADDAC(a[1], a[25]); SQRADDAC(a[2], a[24]); SQRADDAC(a[3], a[23]); SQRADDAC(a[4], a[22]); SQRADDAC(a[5], a[21]); SQRADDAC(a[6], a[20]); SQRADDAC(a[7], a[19]); SQRADDAC(a[8], a[18]); SQRADDAC(a[9], a[17]); SQRADDAC(a[10], a[16]); SQRADDAC(a[11], a[15]); SQRADDAC(a[12], a[14]); SQRADDDB; SQRADD(a[13], a[13]); 
+   COMBA_STORE(b[26]);
+
+   /* output 27 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[27]); SQRADDAC(a[1], a[26]); SQRADDAC(a[2], a[25]); SQRADDAC(a[3], a[24]); SQRADDAC(a[4], a[23]); SQRADDAC(a[5], a[22]); SQRADDAC(a[6], a[21]); SQRADDAC(a[7], a[20]); SQRADDAC(a[8], a[19]); SQRADDAC(a[9], a[18]); SQRADDAC(a[10], a[17]); SQRADDAC(a[11], a[16]); SQRADDAC(a[12], a[15]); SQRADDAC(a[13], a[14]); SQRADDDB; 
+   COMBA_STORE(b[27]);
+
+   /* output 28 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[28]); SQRADDAC(a[1], a[27]); SQRADDAC(a[2], a[26]); SQRADDAC(a[3], a[25]); SQRADDAC(a[4], a[24]); SQRADDAC(a[5], a[23]); SQRADDAC(a[6], a[22]); SQRADDAC(a[7], a[21]); SQRADDAC(a[8], a[20]); SQRADDAC(a[9], a[19]); SQRADDAC(a[10], a[18]); SQRADDAC(a[11], a[17]); SQRADDAC(a[12], a[16]); SQRADDAC(a[13], a[15]); SQRADDDB; SQRADD(a[14], a[14]); 
+   COMBA_STORE(b[28]);
+
+   /* output 29 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[29]); SQRADDAC(a[1], a[28]); SQRADDAC(a[2], a[27]); SQRADDAC(a[3], a[26]); SQRADDAC(a[4], a[25]); SQRADDAC(a[5], a[24]); SQRADDAC(a[6], a[23]); SQRADDAC(a[7], a[22]); SQRADDAC(a[8], a[21]); SQRADDAC(a[9], a[20]); SQRADDAC(a[10], a[19]); SQRADDAC(a[11], a[18]); SQRADDAC(a[12], a[17]); SQRADDAC(a[13], a[16]); SQRADDAC(a[14], a[15]); SQRADDDB; 
+   COMBA_STORE(b[29]);
+
+   /* output 30 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[30]); SQRADDAC(a[1], a[29]); SQRADDAC(a[2], a[28]); SQRADDAC(a[3], a[27]); SQRADDAC(a[4], a[26]); SQRADDAC(a[5], a[25]); SQRADDAC(a[6], a[24]); SQRADDAC(a[7], a[23]); SQRADDAC(a[8], a[22]); SQRADDAC(a[9], a[21]); SQRADDAC(a[10], a[20]); SQRADDAC(a[11], a[19]); SQRADDAC(a[12], a[18]); SQRADDAC(a[13], a[17]); SQRADDAC(a[14], a[16]); SQRADDDB; SQRADD(a[15], a[15]); 
+   COMBA_STORE(b[30]);
+
+   /* output 31 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[31]); SQRADDAC(a[1], a[30]); SQRADDAC(a[2], a[29]); SQRADDAC(a[3], a[28]); SQRADDAC(a[4], a[27]); SQRADDAC(a[5], a[26]); SQRADDAC(a[6], a[25]); SQRADDAC(a[7], a[24]); SQRADDAC(a[8], a[23]); SQRADDAC(a[9], a[22]); SQRADDAC(a[10], a[21]); SQRADDAC(a[11], a[20]); SQRADDAC(a[12], a[19]); SQRADDAC(a[13], a[18]); SQRADDAC(a[14], a[17]); SQRADDAC(a[15], a[16]); SQRADDDB; 
+   COMBA_STORE(b[31]);
+
+   /* output 32 */
+   CARRY_FORWARD;
+   SQRADDSC(a[1], a[31]); SQRADDAC(a[2], a[30]); SQRADDAC(a[3], a[29]); SQRADDAC(a[4], a[28]); SQRADDAC(a[5], a[27]); SQRADDAC(a[6], a[26]); SQRADDAC(a[7], a[25]); SQRADDAC(a[8], a[24]); SQRADDAC(a[9], a[23]); SQRADDAC(a[10], a[22]); SQRADDAC(a[11], a[21]); SQRADDAC(a[12], a[20]); SQRADDAC(a[13], a[19]); SQRADDAC(a[14], a[18]); SQRADDAC(a[15], a[17]); SQRADDDB; SQRADD(a[16], a[16]); 
+   COMBA_STORE(b[32]);
+
+   /* output 33 */
+   CARRY_FORWARD;
+   SQRADDSC(a[2], a[31]); SQRADDAC(a[3], a[30]); SQRADDAC(a[4], a[29]); SQRADDAC(a[5], a[28]); SQRADDAC(a[6], a[27]); SQRADDAC(a[7], a[26]); SQRADDAC(a[8], a[25]); SQRADDAC(a[9], a[24]); SQRADDAC(a[10], a[23]); SQRADDAC(a[11], a[22]); SQRADDAC(a[12], a[21]); SQRADDAC(a[13], a[20]); SQRADDAC(a[14], a[19]); SQRADDAC(a[15], a[18]); SQRADDAC(a[16], a[17]); SQRADDDB; 
+   COMBA_STORE(b[33]);
+
+   /* output 34 */
+   CARRY_FORWARD;
+   SQRADDSC(a[3], a[31]); SQRADDAC(a[4], a[30]); SQRADDAC(a[5], a[29]); SQRADDAC(a[6], a[28]); SQRADDAC(a[7], a[27]); SQRADDAC(a[8], a[26]); SQRADDAC(a[9], a[25]); SQRADDAC(a[10], a[24]); SQRADDAC(a[11], a[23]); SQRADDAC(a[12], a[22]); SQRADDAC(a[13], a[21]); SQRADDAC(a[14], a[20]); SQRADDAC(a[15], a[19]); SQRADDAC(a[16], a[18]); SQRADDDB; SQRADD(a[17], a[17]); 
+   COMBA_STORE(b[34]);
+
+   /* output 35 */
+   CARRY_FORWARD;
+   SQRADDSC(a[4], a[31]); SQRADDAC(a[5], a[30]); SQRADDAC(a[6], a[29]); SQRADDAC(a[7], a[28]); SQRADDAC(a[8], a[27]); SQRADDAC(a[9], a[26]); SQRADDAC(a[10], a[25]); SQRADDAC(a[11], a[24]); SQRADDAC(a[12], a[23]); SQRADDAC(a[13], a[22]); SQRADDAC(a[14], a[21]); SQRADDAC(a[15], a[20]); SQRADDAC(a[16], a[19]); SQRADDAC(a[17], a[18]); SQRADDDB; 
+   COMBA_STORE(b[35]);
+
+   /* output 36 */
+   CARRY_FORWARD;
+   SQRADDSC(a[5], a[31]); SQRADDAC(a[6], a[30]); SQRADDAC(a[7], a[29]); SQRADDAC(a[8], a[28]); SQRADDAC(a[9], a[27]); SQRADDAC(a[10], a[26]); SQRADDAC(a[11], a[25]); SQRADDAC(a[12], a[24]); SQRADDAC(a[13], a[23]); SQRADDAC(a[14], a[22]); SQRADDAC(a[15], a[21]); SQRADDAC(a[16], a[20]); SQRADDAC(a[17], a[19]); SQRADDDB; SQRADD(a[18], a[18]); 
+   COMBA_STORE(b[36]);
+
+   /* output 37 */
+   CARRY_FORWARD;
+   SQRADDSC(a[6], a[31]); SQRADDAC(a[7], a[30]); SQRADDAC(a[8], a[29]); SQRADDAC(a[9], a[28]); SQRADDAC(a[10], a[27]); SQRADDAC(a[11], a[26]); SQRADDAC(a[12], a[25]); SQRADDAC(a[13], a[24]); SQRADDAC(a[14], a[23]); SQRADDAC(a[15], a[22]); SQRADDAC(a[16], a[21]); SQRADDAC(a[17], a[20]); SQRADDAC(a[18], a[19]); SQRADDDB; 
+   COMBA_STORE(b[37]);
+
+   /* output 38 */
+   CARRY_FORWARD;
+   SQRADDSC(a[7], a[31]); SQRADDAC(a[8], a[30]); SQRADDAC(a[9], a[29]); SQRADDAC(a[10], a[28]); SQRADDAC(a[11], a[27]); SQRADDAC(a[12], a[26]); SQRADDAC(a[13], a[25]); SQRADDAC(a[14], a[24]); SQRADDAC(a[15], a[23]); SQRADDAC(a[16], a[22]); SQRADDAC(a[17], a[21]); SQRADDAC(a[18], a[20]); SQRADDDB; SQRADD(a[19], a[19]); 
+   COMBA_STORE(b[38]);
+
+   /* output 39 */
+   CARRY_FORWARD;
+   SQRADDSC(a[8], a[31]); SQRADDAC(a[9], a[30]); SQRADDAC(a[10], a[29]); SQRADDAC(a[11], a[28]); SQRADDAC(a[12], a[27]); SQRADDAC(a[13], a[26]); SQRADDAC(a[14], a[25]); SQRADDAC(a[15], a[24]); SQRADDAC(a[16], a[23]); SQRADDAC(a[17], a[22]); SQRADDAC(a[18], a[21]); SQRADDAC(a[19], a[20]); SQRADDDB; 
+   COMBA_STORE(b[39]);
+
+   /* output 40 */
+   CARRY_FORWARD;
+   SQRADDSC(a[9], a[31]); SQRADDAC(a[10], a[30]); SQRADDAC(a[11], a[29]); SQRADDAC(a[12], a[28]); SQRADDAC(a[13], a[27]); SQRADDAC(a[14], a[26]); SQRADDAC(a[15], a[25]); SQRADDAC(a[16], a[24]); SQRADDAC(a[17], a[23]); SQRADDAC(a[18], a[22]); SQRADDAC(a[19], a[21]); SQRADDDB; SQRADD(a[20], a[20]); 
+   COMBA_STORE(b[40]);
+
+   /* output 41 */
+   CARRY_FORWARD;
+   SQRADDSC(a[10], a[31]); SQRADDAC(a[11], a[30]); SQRADDAC(a[12], a[29]); SQRADDAC(a[13], a[28]); SQRADDAC(a[14], a[27]); SQRADDAC(a[15], a[26]); SQRADDAC(a[16], a[25]); SQRADDAC(a[17], a[24]); SQRADDAC(a[18], a[23]); SQRADDAC(a[19], a[22]); SQRADDAC(a[20], a[21]); SQRADDDB; 
+   COMBA_STORE(b[41]);
+
+   /* output 42 */
+   CARRY_FORWARD;
+   SQRADDSC(a[11], a[31]); SQRADDAC(a[12], a[30]); SQRADDAC(a[13], a[29]); SQRADDAC(a[14], a[28]); SQRADDAC(a[15], a[27]); SQRADDAC(a[16], a[26]); SQRADDAC(a[17], a[25]); SQRADDAC(a[18], a[24]); SQRADDAC(a[19], a[23]); SQRADDAC(a[20], a[22]); SQRADDDB; SQRADD(a[21], a[21]); 
+   COMBA_STORE(b[42]);
+
+   /* output 43 */
+   CARRY_FORWARD;
+   SQRADDSC(a[12], a[31]); SQRADDAC(a[13], a[30]); SQRADDAC(a[14], a[29]); SQRADDAC(a[15], a[28]); SQRADDAC(a[16], a[27]); SQRADDAC(a[17], a[26]); SQRADDAC(a[18], a[25]); SQRADDAC(a[19], a[24]); SQRADDAC(a[20], a[23]); SQRADDAC(a[21], a[22]); SQRADDDB; 
+   COMBA_STORE(b[43]);
+
+   /* output 44 */
+   CARRY_FORWARD;
+   SQRADDSC(a[13], a[31]); SQRADDAC(a[14], a[30]); SQRADDAC(a[15], a[29]); SQRADDAC(a[16], a[28]); SQRADDAC(a[17], a[27]); SQRADDAC(a[18], a[26]); SQRADDAC(a[19], a[25]); SQRADDAC(a[20], a[24]); SQRADDAC(a[21], a[23]); SQRADDDB; SQRADD(a[22], a[22]); 
+   COMBA_STORE(b[44]);
+
+   /* output 45 */
+   CARRY_FORWARD;
+   SQRADDSC(a[14], a[31]); SQRADDAC(a[15], a[30]); SQRADDAC(a[16], a[29]); SQRADDAC(a[17], a[28]); SQRADDAC(a[18], a[27]); SQRADDAC(a[19], a[26]); SQRADDAC(a[20], a[25]); SQRADDAC(a[21], a[24]); SQRADDAC(a[22], a[23]); SQRADDDB; 
+   COMBA_STORE(b[45]);
+
+   /* output 46 */
+   CARRY_FORWARD;
+   SQRADDSC(a[15], a[31]); SQRADDAC(a[16], a[30]); SQRADDAC(a[17], a[29]); SQRADDAC(a[18], a[28]); SQRADDAC(a[19], a[27]); SQRADDAC(a[20], a[26]); SQRADDAC(a[21], a[25]); SQRADDAC(a[22], a[24]); SQRADDDB; SQRADD(a[23], a[23]); 
+   COMBA_STORE(b[46]);
+
+   /* output 47 */
+   CARRY_FORWARD;
+   SQRADDSC(a[16], a[31]); SQRADDAC(a[17], a[30]); SQRADDAC(a[18], a[29]); SQRADDAC(a[19], a[28]); SQRADDAC(a[20], a[27]); SQRADDAC(a[21], a[26]); SQRADDAC(a[22], a[25]); SQRADDAC(a[23], a[24]); SQRADDDB; 
+   COMBA_STORE(b[47]);
+
+   /* output 48 */
+   CARRY_FORWARD;
+   SQRADDSC(a[17], a[31]); SQRADDAC(a[18], a[30]); SQRADDAC(a[19], a[29]); SQRADDAC(a[20], a[28]); SQRADDAC(a[21], a[27]); SQRADDAC(a[22], a[26]); SQRADDAC(a[23], a[25]); SQRADDDB; SQRADD(a[24], a[24]); 
+   COMBA_STORE(b[48]);
+
+   /* output 49 */
+   CARRY_FORWARD;
+   SQRADDSC(a[18], a[31]); SQRADDAC(a[19], a[30]); SQRADDAC(a[20], a[29]); SQRADDAC(a[21], a[28]); SQRADDAC(a[22], a[27]); SQRADDAC(a[23], a[26]); SQRADDAC(a[24], a[25]); SQRADDDB; 
+   COMBA_STORE(b[49]);
+
+   /* output 50 */
+   CARRY_FORWARD;
+   SQRADDSC(a[19], a[31]); SQRADDAC(a[20], a[30]); SQRADDAC(a[21], a[29]); SQRADDAC(a[22], a[28]); SQRADDAC(a[23], a[27]); SQRADDAC(a[24], a[26]); SQRADDDB; SQRADD(a[25], a[25]); 
+   COMBA_STORE(b[50]);
+
+   /* output 51 */
+   CARRY_FORWARD;
+   SQRADDSC(a[20], a[31]); SQRADDAC(a[21], a[30]); SQRADDAC(a[22], a[29]); SQRADDAC(a[23], a[28]); SQRADDAC(a[24], a[27]); SQRADDAC(a[25], a[26]); SQRADDDB; 
+   COMBA_STORE(b[51]);
+
+   /* output 52 */
+   CARRY_FORWARD;
+   SQRADDSC(a[21], a[31]); SQRADDAC(a[22], a[30]); SQRADDAC(a[23], a[29]); SQRADDAC(a[24], a[28]); SQRADDAC(a[25], a[27]); SQRADDDB; SQRADD(a[26], a[26]); 
+   COMBA_STORE(b[52]);
+
+   /* output 53 */
+   CARRY_FORWARD;
+   SQRADDSC(a[22], a[31]); SQRADDAC(a[23], a[30]); SQRADDAC(a[24], a[29]); SQRADDAC(a[25], a[28]); SQRADDAC(a[26], a[27]); SQRADDDB; 
+   COMBA_STORE(b[53]);
+
+   /* output 54 */
+   CARRY_FORWARD;
+   SQRADDSC(a[23], a[31]); SQRADDAC(a[24], a[30]); SQRADDAC(a[25], a[29]); SQRADDAC(a[26], a[28]); SQRADDDB; SQRADD(a[27], a[27]); 
+   COMBA_STORE(b[54]);
+
+   /* output 55 */
+   CARRY_FORWARD;
+   SQRADDSC(a[24], a[31]); SQRADDAC(a[25], a[30]); SQRADDAC(a[26], a[29]); SQRADDAC(a[27], a[28]); SQRADDDB; 
+   COMBA_STORE(b[55]);
+
+   /* output 56 */
+   CARRY_FORWARD;
+   SQRADDSC(a[25], a[31]); SQRADDAC(a[26], a[30]); SQRADDAC(a[27], a[29]); SQRADDDB; SQRADD(a[28], a[28]); 
+   COMBA_STORE(b[56]);
+
+   /* output 57 */
+   CARRY_FORWARD;
+   SQRADDSC(a[26], a[31]); SQRADDAC(a[27], a[30]); SQRADDAC(a[28], a[29]); SQRADDDB; 
+   COMBA_STORE(b[57]);
+
+   /* output 58 */
+   CARRY_FORWARD;
+   SQRADD2(a[27], a[31]); SQRADD2(a[28], a[30]); SQRADD(a[29], a[29]); 
+   COMBA_STORE(b[58]);
+
+   /* output 59 */
+   CARRY_FORWARD;
+   SQRADD2(a[28], a[31]); SQRADD2(a[29], a[30]); 
+   COMBA_STORE(b[59]);
+
+   /* output 60 */
+   CARRY_FORWARD;
+   SQRADD2(a[29], a[31]); SQRADD(a[30], a[30]); 
+   COMBA_STORE(b[60]);
+
+   /* output 61 */
+   CARRY_FORWARD;
+   SQRADD2(a[30], a[31]); 
+   COMBA_STORE(b[61]);
+
+   /* output 62 */
+   CARRY_FORWARD;
+   SQRADD(a[31], a[31]); 
+   COMBA_STORE(b[62]);
+   COMBA_STORE2(b[63]);
+   COMBA_FINI;
+
+   B->used = 64;
+   B->sign = FP_ZPOS;
+   memcpy(B->dp, b, 64 * sizeof(fp_digit));
+   fp_clamp(B);
+}
+#endif
+
+
diff --git a/3P/wolfssl/wolfcrypt/src/fp_sqr_comba_4.i b/3P/wolfssl/wolfcrypt/src/fp_sqr_comba_4.i
new file mode 100644
index 00000000..bb09dc89
--- /dev/null
+++ b/3P/wolfssl/wolfcrypt/src/fp_sqr_comba_4.i
@@ -0,0 +1,80 @@
+/* fp_sqr_comba_4.i
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#ifdef TFM_SQR4
+void fp_sqr_comba4(fp_int *A, fp_int *B)
+{
+   fp_digit *a, b[8], c0, c1, c2;
+#ifdef TFM_ISO
+   fp_word tt;
+#endif
+
+   a = A->dp;
+   COMBA_START; 
+
+   /* clear carries */
+   CLEAR_CARRY;
+
+   /* output 0 */
+   SQRADD(a[0],a[0]);
+   COMBA_STORE(b[0]);
+
+   /* output 1 */
+   CARRY_FORWARD;
+   SQRADD2(a[0], a[1]); 
+   COMBA_STORE(b[1]);
+
+   /* output 2 */
+   CARRY_FORWARD;
+   SQRADD2(a[0], a[2]); SQRADD(a[1], a[1]); 
+   COMBA_STORE(b[2]);
+
+   /* output 3 */
+   CARRY_FORWARD;
+   SQRADD2(a[0], a[3]); SQRADD2(a[1], a[2]); 
+   COMBA_STORE(b[3]);
+
+   /* output 4 */
+   CARRY_FORWARD;
+   SQRADD2(a[1], a[3]); SQRADD(a[2], a[2]); 
+   COMBA_STORE(b[4]);
+
+   /* output 5 */
+   CARRY_FORWARD;
+   SQRADD2(a[2], a[3]); 
+   COMBA_STORE(b[5]);
+
+   /* output 6 */
+   CARRY_FORWARD;
+   SQRADD(a[3], a[3]); 
+   COMBA_STORE(b[6]);
+   COMBA_STORE2(b[7]);
+   COMBA_FINI;
+
+   B->used = 8;
+   B->sign = FP_ZPOS;
+   memcpy(B->dp, b, 8 * sizeof(fp_digit));
+   fp_clamp(B);
+}
+#endif
+
+
diff --git a/3P/wolfssl/wolfcrypt/src/fp_sqr_comba_48.i b/3P/wolfssl/wolfcrypt/src/fp_sqr_comba_48.i
new file mode 100644
index 00000000..cbaac02c
--- /dev/null
+++ b/3P/wolfssl/wolfcrypt/src/fp_sqr_comba_48.i
@@ -0,0 +1,520 @@
+/* fp_sqr_comba_48.i
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#ifdef TFM_SQR48
+void fp_sqr_comba48(fp_int *A, fp_int *B)
+{
+   fp_digit *a, b[96], c0, c1, c2, sc0, sc1, sc2;
+#ifdef TFM_ISO
+   fp_word   tt;   
+#endif   
+
+   a = A->dp;
+   COMBA_START; 
+
+   /* clear carries */
+   CLEAR_CARRY;
+
+   /* output 0 */
+   SQRADD(a[0],a[0]);
+   COMBA_STORE(b[0]);
+
+   /* output 1 */
+   CARRY_FORWARD;
+   SQRADD2(a[0], a[1]); 
+   COMBA_STORE(b[1]);
+
+   /* output 2 */
+   CARRY_FORWARD;
+   SQRADD2(a[0], a[2]); SQRADD(a[1], a[1]); 
+   COMBA_STORE(b[2]);
+
+   /* output 3 */
+   CARRY_FORWARD;
+   SQRADD2(a[0], a[3]); SQRADD2(a[1], a[2]); 
+   COMBA_STORE(b[3]);
+
+   /* output 4 */
+   CARRY_FORWARD;
+   SQRADD2(a[0], a[4]); SQRADD2(a[1], a[3]); SQRADD(a[2], a[2]); 
+   COMBA_STORE(b[4]);
+
+   /* output 5 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[5]); SQRADDAC(a[1], a[4]); SQRADDAC(a[2], a[3]); SQRADDDB; 
+   COMBA_STORE(b[5]);
+
+   /* output 6 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[6]); SQRADDAC(a[1], a[5]); SQRADDAC(a[2], a[4]); SQRADDDB; SQRADD(a[3], a[3]); 
+   COMBA_STORE(b[6]);
+
+   /* output 7 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[7]); SQRADDAC(a[1], a[6]); SQRADDAC(a[2], a[5]); SQRADDAC(a[3], a[4]); SQRADDDB; 
+   COMBA_STORE(b[7]);
+
+   /* output 8 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[8]); SQRADDAC(a[1], a[7]); SQRADDAC(a[2], a[6]); SQRADDAC(a[3], a[5]); SQRADDDB; SQRADD(a[4], a[4]); 
+   COMBA_STORE(b[8]);
+
+   /* output 9 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[9]); SQRADDAC(a[1], a[8]); SQRADDAC(a[2], a[7]); SQRADDAC(a[3], a[6]); SQRADDAC(a[4], a[5]); SQRADDDB; 
+   COMBA_STORE(b[9]);
+
+   /* output 10 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[10]); SQRADDAC(a[1], a[9]); SQRADDAC(a[2], a[8]); SQRADDAC(a[3], a[7]); SQRADDAC(a[4], a[6]); SQRADDDB; SQRADD(a[5], a[5]); 
+   COMBA_STORE(b[10]);
+
+   /* output 11 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[11]); SQRADDAC(a[1], a[10]); SQRADDAC(a[2], a[9]); SQRADDAC(a[3], a[8]); SQRADDAC(a[4], a[7]); SQRADDAC(a[5], a[6]); SQRADDDB; 
+   COMBA_STORE(b[11]);
+
+   /* output 12 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[12]); SQRADDAC(a[1], a[11]); SQRADDAC(a[2], a[10]); SQRADDAC(a[3], a[9]); SQRADDAC(a[4], a[8]); SQRADDAC(a[5], a[7]); SQRADDDB; SQRADD(a[6], a[6]); 
+   COMBA_STORE(b[12]);
+
+   /* output 13 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[13]); SQRADDAC(a[1], a[12]); SQRADDAC(a[2], a[11]); SQRADDAC(a[3], a[10]); SQRADDAC(a[4], a[9]); SQRADDAC(a[5], a[8]); SQRADDAC(a[6], a[7]); SQRADDDB; 
+   COMBA_STORE(b[13]);
+
+   /* output 14 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[14]); SQRADDAC(a[1], a[13]); SQRADDAC(a[2], a[12]); SQRADDAC(a[3], a[11]); SQRADDAC(a[4], a[10]); SQRADDAC(a[5], a[9]); SQRADDAC(a[6], a[8]); SQRADDDB; SQRADD(a[7], a[7]); 
+   COMBA_STORE(b[14]);
+
+   /* output 15 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[15]); SQRADDAC(a[1], a[14]); SQRADDAC(a[2], a[13]); SQRADDAC(a[3], a[12]); SQRADDAC(a[4], a[11]); SQRADDAC(a[5], a[10]); SQRADDAC(a[6], a[9]); SQRADDAC(a[7], a[8]); SQRADDDB; 
+   COMBA_STORE(b[15]);
+
+   /* output 16 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[16]); SQRADDAC(a[1], a[15]); SQRADDAC(a[2], a[14]); SQRADDAC(a[3], a[13]); SQRADDAC(a[4], a[12]); SQRADDAC(a[5], a[11]); SQRADDAC(a[6], a[10]); SQRADDAC(a[7], a[9]); SQRADDDB; SQRADD(a[8], a[8]); 
+   COMBA_STORE(b[16]);
+
+   /* output 17 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[17]); SQRADDAC(a[1], a[16]); SQRADDAC(a[2], a[15]); SQRADDAC(a[3], a[14]); SQRADDAC(a[4], a[13]); SQRADDAC(a[5], a[12]); SQRADDAC(a[6], a[11]); SQRADDAC(a[7], a[10]); SQRADDAC(a[8], a[9]); SQRADDDB; 
+   COMBA_STORE(b[17]);
+
+   /* output 18 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[18]); SQRADDAC(a[1], a[17]); SQRADDAC(a[2], a[16]); SQRADDAC(a[3], a[15]); SQRADDAC(a[4], a[14]); SQRADDAC(a[5], a[13]); SQRADDAC(a[6], a[12]); SQRADDAC(a[7], a[11]); SQRADDAC(a[8], a[10]); SQRADDDB; SQRADD(a[9], a[9]); 
+   COMBA_STORE(b[18]);
+
+   /* output 19 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[19]); SQRADDAC(a[1], a[18]); SQRADDAC(a[2], a[17]); SQRADDAC(a[3], a[16]); SQRADDAC(a[4], a[15]); SQRADDAC(a[5], a[14]); SQRADDAC(a[6], a[13]); SQRADDAC(a[7], a[12]); SQRADDAC(a[8], a[11]); SQRADDAC(a[9], a[10]); SQRADDDB; 
+   COMBA_STORE(b[19]);
+
+   /* output 20 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[20]); SQRADDAC(a[1], a[19]); SQRADDAC(a[2], a[18]); SQRADDAC(a[3], a[17]); SQRADDAC(a[4], a[16]); SQRADDAC(a[5], a[15]); SQRADDAC(a[6], a[14]); SQRADDAC(a[7], a[13]); SQRADDAC(a[8], a[12]); SQRADDAC(a[9], a[11]); SQRADDDB; SQRADD(a[10], a[10]); 
+   COMBA_STORE(b[20]);
+
+   /* output 21 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[21]); SQRADDAC(a[1], a[20]); SQRADDAC(a[2], a[19]); SQRADDAC(a[3], a[18]); SQRADDAC(a[4], a[17]); SQRADDAC(a[5], a[16]); SQRADDAC(a[6], a[15]); SQRADDAC(a[7], a[14]); SQRADDAC(a[8], a[13]); SQRADDAC(a[9], a[12]); SQRADDAC(a[10], a[11]); SQRADDDB; 
+   COMBA_STORE(b[21]);
+
+   /* output 22 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[22]); SQRADDAC(a[1], a[21]); SQRADDAC(a[2], a[20]); SQRADDAC(a[3], a[19]); SQRADDAC(a[4], a[18]); SQRADDAC(a[5], a[17]); SQRADDAC(a[6], a[16]); SQRADDAC(a[7], a[15]); SQRADDAC(a[8], a[14]); SQRADDAC(a[9], a[13]); SQRADDAC(a[10], a[12]); SQRADDDB; SQRADD(a[11], a[11]); 
+   COMBA_STORE(b[22]);
+
+   /* output 23 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[23]); SQRADDAC(a[1], a[22]); SQRADDAC(a[2], a[21]); SQRADDAC(a[3], a[20]); SQRADDAC(a[4], a[19]); SQRADDAC(a[5], a[18]); SQRADDAC(a[6], a[17]); SQRADDAC(a[7], a[16]); SQRADDAC(a[8], a[15]); SQRADDAC(a[9], a[14]); SQRADDAC(a[10], a[13]); SQRADDAC(a[11], a[12]); SQRADDDB; 
+   COMBA_STORE(b[23]);
+
+   /* output 24 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[24]); SQRADDAC(a[1], a[23]); SQRADDAC(a[2], a[22]); SQRADDAC(a[3], a[21]); SQRADDAC(a[4], a[20]); SQRADDAC(a[5], a[19]); SQRADDAC(a[6], a[18]); SQRADDAC(a[7], a[17]); SQRADDAC(a[8], a[16]); SQRADDAC(a[9], a[15]); SQRADDAC(a[10], a[14]); SQRADDAC(a[11], a[13]); SQRADDDB; SQRADD(a[12], a[12]); 
+   COMBA_STORE(b[24]);
+
+   /* output 25 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[25]); SQRADDAC(a[1], a[24]); SQRADDAC(a[2], a[23]); SQRADDAC(a[3], a[22]); SQRADDAC(a[4], a[21]); SQRADDAC(a[5], a[20]); SQRADDAC(a[6], a[19]); SQRADDAC(a[7], a[18]); SQRADDAC(a[8], a[17]); SQRADDAC(a[9], a[16]); SQRADDAC(a[10], a[15]); SQRADDAC(a[11], a[14]); SQRADDAC(a[12], a[13]); SQRADDDB; 
+   COMBA_STORE(b[25]);
+
+   /* output 26 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[26]); SQRADDAC(a[1], a[25]); SQRADDAC(a[2], a[24]); SQRADDAC(a[3], a[23]); SQRADDAC(a[4], a[22]); SQRADDAC(a[5], a[21]); SQRADDAC(a[6], a[20]); SQRADDAC(a[7], a[19]); SQRADDAC(a[8], a[18]); SQRADDAC(a[9], a[17]); SQRADDAC(a[10], a[16]); SQRADDAC(a[11], a[15]); SQRADDAC(a[12], a[14]); SQRADDDB; SQRADD(a[13], a[13]); 
+   COMBA_STORE(b[26]);
+
+   /* output 27 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[27]); SQRADDAC(a[1], a[26]); SQRADDAC(a[2], a[25]); SQRADDAC(a[3], a[24]); SQRADDAC(a[4], a[23]); SQRADDAC(a[5], a[22]); SQRADDAC(a[6], a[21]); SQRADDAC(a[7], a[20]); SQRADDAC(a[8], a[19]); SQRADDAC(a[9], a[18]); SQRADDAC(a[10], a[17]); SQRADDAC(a[11], a[16]); SQRADDAC(a[12], a[15]); SQRADDAC(a[13], a[14]); SQRADDDB; 
+   COMBA_STORE(b[27]);
+
+   /* output 28 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[28]); SQRADDAC(a[1], a[27]); SQRADDAC(a[2], a[26]); SQRADDAC(a[3], a[25]); SQRADDAC(a[4], a[24]); SQRADDAC(a[5], a[23]); SQRADDAC(a[6], a[22]); SQRADDAC(a[7], a[21]); SQRADDAC(a[8], a[20]); SQRADDAC(a[9], a[19]); SQRADDAC(a[10], a[18]); SQRADDAC(a[11], a[17]); SQRADDAC(a[12], a[16]); SQRADDAC(a[13], a[15]); SQRADDDB; SQRADD(a[14], a[14]); 
+   COMBA_STORE(b[28]);
+
+   /* output 29 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[29]); SQRADDAC(a[1], a[28]); SQRADDAC(a[2], a[27]); SQRADDAC(a[3], a[26]); SQRADDAC(a[4], a[25]); SQRADDAC(a[5], a[24]); SQRADDAC(a[6], a[23]); SQRADDAC(a[7], a[22]); SQRADDAC(a[8], a[21]); SQRADDAC(a[9], a[20]); SQRADDAC(a[10], a[19]); SQRADDAC(a[11], a[18]); SQRADDAC(a[12], a[17]); SQRADDAC(a[13], a[16]); SQRADDAC(a[14], a[15]); SQRADDDB; 
+   COMBA_STORE(b[29]);
+
+   /* output 30 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[30]); SQRADDAC(a[1], a[29]); SQRADDAC(a[2], a[28]); SQRADDAC(a[3], a[27]); SQRADDAC(a[4], a[26]); SQRADDAC(a[5], a[25]); SQRADDAC(a[6], a[24]); SQRADDAC(a[7], a[23]); SQRADDAC(a[8], a[22]); SQRADDAC(a[9], a[21]); SQRADDAC(a[10], a[20]); SQRADDAC(a[11], a[19]); SQRADDAC(a[12], a[18]); SQRADDAC(a[13], a[17]); SQRADDAC(a[14], a[16]); SQRADDDB; SQRADD(a[15], a[15]); 
+   COMBA_STORE(b[30]);
+
+   /* output 31 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[31]); SQRADDAC(a[1], a[30]); SQRADDAC(a[2], a[29]); SQRADDAC(a[3], a[28]); SQRADDAC(a[4], a[27]); SQRADDAC(a[5], a[26]); SQRADDAC(a[6], a[25]); SQRADDAC(a[7], a[24]); SQRADDAC(a[8], a[23]); SQRADDAC(a[9], a[22]); SQRADDAC(a[10], a[21]); SQRADDAC(a[11], a[20]); SQRADDAC(a[12], a[19]); SQRADDAC(a[13], a[18]); SQRADDAC(a[14], a[17]); SQRADDAC(a[15], a[16]); SQRADDDB; 
+   COMBA_STORE(b[31]);
+
+   /* output 32 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[32]); SQRADDAC(a[1], a[31]); SQRADDAC(a[2], a[30]); SQRADDAC(a[3], a[29]); SQRADDAC(a[4], a[28]); SQRADDAC(a[5], a[27]); SQRADDAC(a[6], a[26]); SQRADDAC(a[7], a[25]); SQRADDAC(a[8], a[24]); SQRADDAC(a[9], a[23]); SQRADDAC(a[10], a[22]); SQRADDAC(a[11], a[21]); SQRADDAC(a[12], a[20]); SQRADDAC(a[13], a[19]); SQRADDAC(a[14], a[18]); SQRADDAC(a[15], a[17]); SQRADDDB; SQRADD(a[16], a[16]); 
+   COMBA_STORE(b[32]);
+
+   /* output 33 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[33]); SQRADDAC(a[1], a[32]); SQRADDAC(a[2], a[31]); SQRADDAC(a[3], a[30]); SQRADDAC(a[4], a[29]); SQRADDAC(a[5], a[28]); SQRADDAC(a[6], a[27]); SQRADDAC(a[7], a[26]); SQRADDAC(a[8], a[25]); SQRADDAC(a[9], a[24]); SQRADDAC(a[10], a[23]); SQRADDAC(a[11], a[22]); SQRADDAC(a[12], a[21]); SQRADDAC(a[13], a[20]); SQRADDAC(a[14], a[19]); SQRADDAC(a[15], a[18]); SQRADDAC(a[16], a[17]); SQRADDDB; 
+   COMBA_STORE(b[33]);
+
+   /* output 34 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[34]); SQRADDAC(a[1], a[33]); SQRADDAC(a[2], a[32]); SQRADDAC(a[3], a[31]); SQRADDAC(a[4], a[30]); SQRADDAC(a[5], a[29]); SQRADDAC(a[6], a[28]); SQRADDAC(a[7], a[27]); SQRADDAC(a[8], a[26]); SQRADDAC(a[9], a[25]); SQRADDAC(a[10], a[24]); SQRADDAC(a[11], a[23]); SQRADDAC(a[12], a[22]); SQRADDAC(a[13], a[21]); SQRADDAC(a[14], a[20]); SQRADDAC(a[15], a[19]); SQRADDAC(a[16], a[18]); SQRADDDB; SQRADD(a[17], a[17]); 
+   COMBA_STORE(b[34]);
+
+   /* output 35 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[35]); SQRADDAC(a[1], a[34]); SQRADDAC(a[2], a[33]); SQRADDAC(a[3], a[32]); SQRADDAC(a[4], a[31]); SQRADDAC(a[5], a[30]); SQRADDAC(a[6], a[29]); SQRADDAC(a[7], a[28]); SQRADDAC(a[8], a[27]); SQRADDAC(a[9], a[26]); SQRADDAC(a[10], a[25]); SQRADDAC(a[11], a[24]); SQRADDAC(a[12], a[23]); SQRADDAC(a[13], a[22]); SQRADDAC(a[14], a[21]); SQRADDAC(a[15], a[20]); SQRADDAC(a[16], a[19]); SQRADDAC(a[17], a[18]); SQRADDDB; 
+   COMBA_STORE(b[35]);
+
+   /* output 36 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[36]); SQRADDAC(a[1], a[35]); SQRADDAC(a[2], a[34]); SQRADDAC(a[3], a[33]); SQRADDAC(a[4], a[32]); SQRADDAC(a[5], a[31]); SQRADDAC(a[6], a[30]); SQRADDAC(a[7], a[29]); SQRADDAC(a[8], a[28]); SQRADDAC(a[9], a[27]); SQRADDAC(a[10], a[26]); SQRADDAC(a[11], a[25]); SQRADDAC(a[12], a[24]); SQRADDAC(a[13], a[23]); SQRADDAC(a[14], a[22]); SQRADDAC(a[15], a[21]); SQRADDAC(a[16], a[20]); SQRADDAC(a[17], a[19]); SQRADDDB; SQRADD(a[18], a[18]); 
+   COMBA_STORE(b[36]);
+
+   /* output 37 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[37]); SQRADDAC(a[1], a[36]); SQRADDAC(a[2], a[35]); SQRADDAC(a[3], a[34]); SQRADDAC(a[4], a[33]); SQRADDAC(a[5], a[32]); SQRADDAC(a[6], a[31]); SQRADDAC(a[7], a[30]); SQRADDAC(a[8], a[29]); SQRADDAC(a[9], a[28]); SQRADDAC(a[10], a[27]); SQRADDAC(a[11], a[26]); SQRADDAC(a[12], a[25]); SQRADDAC(a[13], a[24]); SQRADDAC(a[14], a[23]); SQRADDAC(a[15], a[22]); SQRADDAC(a[16], a[21]); SQRADDAC(a[17], a[20]); SQRADDAC(a[18], a[19]); SQRADDDB; 
+   COMBA_STORE(b[37]);
+
+   /* output 38 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[38]); SQRADDAC(a[1], a[37]); SQRADDAC(a[2], a[36]); SQRADDAC(a[3], a[35]); SQRADDAC(a[4], a[34]); SQRADDAC(a[5], a[33]); SQRADDAC(a[6], a[32]); SQRADDAC(a[7], a[31]); SQRADDAC(a[8], a[30]); SQRADDAC(a[9], a[29]); SQRADDAC(a[10], a[28]); SQRADDAC(a[11], a[27]); SQRADDAC(a[12], a[26]); SQRADDAC(a[13], a[25]); SQRADDAC(a[14], a[24]); SQRADDAC(a[15], a[23]); SQRADDAC(a[16], a[22]); SQRADDAC(a[17], a[21]); SQRADDAC(a[18], a[20]); SQRADDDB; SQRADD(a[19], a[19]); 
+   COMBA_STORE(b[38]);
+
+   /* output 39 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[39]); SQRADDAC(a[1], a[38]); SQRADDAC(a[2], a[37]); SQRADDAC(a[3], a[36]); SQRADDAC(a[4], a[35]); SQRADDAC(a[5], a[34]); SQRADDAC(a[6], a[33]); SQRADDAC(a[7], a[32]); SQRADDAC(a[8], a[31]); SQRADDAC(a[9], a[30]); SQRADDAC(a[10], a[29]); SQRADDAC(a[11], a[28]); SQRADDAC(a[12], a[27]); SQRADDAC(a[13], a[26]); SQRADDAC(a[14], a[25]); SQRADDAC(a[15], a[24]); SQRADDAC(a[16], a[23]); SQRADDAC(a[17], a[22]); SQRADDAC(a[18], a[21]); SQRADDAC(a[19], a[20]); SQRADDDB; 
+   COMBA_STORE(b[39]);
+
+   /* output 40 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[40]); SQRADDAC(a[1], a[39]); SQRADDAC(a[2], a[38]); SQRADDAC(a[3], a[37]); SQRADDAC(a[4], a[36]); SQRADDAC(a[5], a[35]); SQRADDAC(a[6], a[34]); SQRADDAC(a[7], a[33]); SQRADDAC(a[8], a[32]); SQRADDAC(a[9], a[31]); SQRADDAC(a[10], a[30]); SQRADDAC(a[11], a[29]); SQRADDAC(a[12], a[28]); SQRADDAC(a[13], a[27]); SQRADDAC(a[14], a[26]); SQRADDAC(a[15], a[25]); SQRADDAC(a[16], a[24]); SQRADDAC(a[17], a[23]); SQRADDAC(a[18], a[22]); SQRADDAC(a[19], a[21]); SQRADDDB; SQRADD(a[20], a[20]); 
+   COMBA_STORE(b[40]);
+
+   /* output 41 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[41]); SQRADDAC(a[1], a[40]); SQRADDAC(a[2], a[39]); SQRADDAC(a[3], a[38]); SQRADDAC(a[4], a[37]); SQRADDAC(a[5], a[36]); SQRADDAC(a[6], a[35]); SQRADDAC(a[7], a[34]); SQRADDAC(a[8], a[33]); SQRADDAC(a[9], a[32]); SQRADDAC(a[10], a[31]); SQRADDAC(a[11], a[30]); SQRADDAC(a[12], a[29]); SQRADDAC(a[13], a[28]); SQRADDAC(a[14], a[27]); SQRADDAC(a[15], a[26]); SQRADDAC(a[16], a[25]); SQRADDAC(a[17], a[24]); SQRADDAC(a[18], a[23]); SQRADDAC(a[19], a[22]); SQRADDAC(a[20], a[21]); SQRADDDB; 
+   COMBA_STORE(b[41]);
+
+   /* output 42 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[42]); SQRADDAC(a[1], a[41]); SQRADDAC(a[2], a[40]); SQRADDAC(a[3], a[39]); SQRADDAC(a[4], a[38]); SQRADDAC(a[5], a[37]); SQRADDAC(a[6], a[36]); SQRADDAC(a[7], a[35]); SQRADDAC(a[8], a[34]); SQRADDAC(a[9], a[33]); SQRADDAC(a[10], a[32]); SQRADDAC(a[11], a[31]); SQRADDAC(a[12], a[30]); SQRADDAC(a[13], a[29]); SQRADDAC(a[14], a[28]); SQRADDAC(a[15], a[27]); SQRADDAC(a[16], a[26]); SQRADDAC(a[17], a[25]); SQRADDAC(a[18], a[24]); SQRADDAC(a[19], a[23]); SQRADDAC(a[20], a[22]); SQRADDDB; SQRADD(a[21], a[21]); 
+   COMBA_STORE(b[42]);
+
+   /* output 43 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[43]); SQRADDAC(a[1], a[42]); SQRADDAC(a[2], a[41]); SQRADDAC(a[3], a[40]); SQRADDAC(a[4], a[39]); SQRADDAC(a[5], a[38]); SQRADDAC(a[6], a[37]); SQRADDAC(a[7], a[36]); SQRADDAC(a[8], a[35]); SQRADDAC(a[9], a[34]); SQRADDAC(a[10], a[33]); SQRADDAC(a[11], a[32]); SQRADDAC(a[12], a[31]); SQRADDAC(a[13], a[30]); SQRADDAC(a[14], a[29]); SQRADDAC(a[15], a[28]); SQRADDAC(a[16], a[27]); SQRADDAC(a[17], a[26]); SQRADDAC(a[18], a[25]); SQRADDAC(a[19], a[24]); SQRADDAC(a[20], a[23]); SQRADDAC(a[21], a[22]); SQRADDDB; 
+   COMBA_STORE(b[43]);
+
+   /* output 44 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[44]); SQRADDAC(a[1], a[43]); SQRADDAC(a[2], a[42]); SQRADDAC(a[3], a[41]); SQRADDAC(a[4], a[40]); SQRADDAC(a[5], a[39]); SQRADDAC(a[6], a[38]); SQRADDAC(a[7], a[37]); SQRADDAC(a[8], a[36]); SQRADDAC(a[9], a[35]); SQRADDAC(a[10], a[34]); SQRADDAC(a[11], a[33]); SQRADDAC(a[12], a[32]); SQRADDAC(a[13], a[31]); SQRADDAC(a[14], a[30]); SQRADDAC(a[15], a[29]); SQRADDAC(a[16], a[28]); SQRADDAC(a[17], a[27]); SQRADDAC(a[18], a[26]); SQRADDAC(a[19], a[25]); SQRADDAC(a[20], a[24]); SQRADDAC(a[21], a[23]); SQRADDDB; SQRADD(a[22], a[22]); 
+   COMBA_STORE(b[44]);
+
+   /* output 45 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[45]); SQRADDAC(a[1], a[44]); SQRADDAC(a[2], a[43]); SQRADDAC(a[3], a[42]); SQRADDAC(a[4], a[41]); SQRADDAC(a[5], a[40]); SQRADDAC(a[6], a[39]); SQRADDAC(a[7], a[38]); SQRADDAC(a[8], a[37]); SQRADDAC(a[9], a[36]); SQRADDAC(a[10], a[35]); SQRADDAC(a[11], a[34]); SQRADDAC(a[12], a[33]); SQRADDAC(a[13], a[32]); SQRADDAC(a[14], a[31]); SQRADDAC(a[15], a[30]); SQRADDAC(a[16], a[29]); SQRADDAC(a[17], a[28]); SQRADDAC(a[18], a[27]); SQRADDAC(a[19], a[26]); SQRADDAC(a[20], a[25]); SQRADDAC(a[21], a[24]); SQRADDAC(a[22], a[23]); SQRADDDB; 
+   COMBA_STORE(b[45]);
+
+   /* output 46 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[46]); SQRADDAC(a[1], a[45]); SQRADDAC(a[2], a[44]); SQRADDAC(a[3], a[43]); SQRADDAC(a[4], a[42]); SQRADDAC(a[5], a[41]); SQRADDAC(a[6], a[40]); SQRADDAC(a[7], a[39]); SQRADDAC(a[8], a[38]); SQRADDAC(a[9], a[37]); SQRADDAC(a[10], a[36]); SQRADDAC(a[11], a[35]); SQRADDAC(a[12], a[34]); SQRADDAC(a[13], a[33]); SQRADDAC(a[14], a[32]); SQRADDAC(a[15], a[31]); SQRADDAC(a[16], a[30]); SQRADDAC(a[17], a[29]); SQRADDAC(a[18], a[28]); SQRADDAC(a[19], a[27]); SQRADDAC(a[20], a[26]); SQRADDAC(a[21], a[25]); SQRADDAC(a[22], a[24]); SQRADDDB; SQRADD(a[23], a[23]); 
+   COMBA_STORE(b[46]);
+
+   /* output 47 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[47]); SQRADDAC(a[1], a[46]); SQRADDAC(a[2], a[45]); SQRADDAC(a[3], a[44]); SQRADDAC(a[4], a[43]); SQRADDAC(a[5], a[42]); SQRADDAC(a[6], a[41]); SQRADDAC(a[7], a[40]); SQRADDAC(a[8], a[39]); SQRADDAC(a[9], a[38]); SQRADDAC(a[10], a[37]); SQRADDAC(a[11], a[36]); SQRADDAC(a[12], a[35]); SQRADDAC(a[13], a[34]); SQRADDAC(a[14], a[33]); SQRADDAC(a[15], a[32]); SQRADDAC(a[16], a[31]); SQRADDAC(a[17], a[30]); SQRADDAC(a[18], a[29]); SQRADDAC(a[19], a[28]); SQRADDAC(a[20], a[27]); SQRADDAC(a[21], a[26]); SQRADDAC(a[22], a[25]); SQRADDAC(a[23], a[24]); SQRADDDB; 
+   COMBA_STORE(b[47]);
+
+   /* output 48 */
+   CARRY_FORWARD;
+   SQRADDSC(a[1], a[47]); SQRADDAC(a[2], a[46]); SQRADDAC(a[3], a[45]); SQRADDAC(a[4], a[44]); SQRADDAC(a[5], a[43]); SQRADDAC(a[6], a[42]); SQRADDAC(a[7], a[41]); SQRADDAC(a[8], a[40]); SQRADDAC(a[9], a[39]); SQRADDAC(a[10], a[38]); SQRADDAC(a[11], a[37]); SQRADDAC(a[12], a[36]); SQRADDAC(a[13], a[35]); SQRADDAC(a[14], a[34]); SQRADDAC(a[15], a[33]); SQRADDAC(a[16], a[32]); SQRADDAC(a[17], a[31]); SQRADDAC(a[18], a[30]); SQRADDAC(a[19], a[29]); SQRADDAC(a[20], a[28]); SQRADDAC(a[21], a[27]); SQRADDAC(a[22], a[26]); SQRADDAC(a[23], a[25]); SQRADDDB; SQRADD(a[24], a[24]); 
+   COMBA_STORE(b[48]);
+
+   /* output 49 */
+   CARRY_FORWARD;
+   SQRADDSC(a[2], a[47]); SQRADDAC(a[3], a[46]); SQRADDAC(a[4], a[45]); SQRADDAC(a[5], a[44]); SQRADDAC(a[6], a[43]); SQRADDAC(a[7], a[42]); SQRADDAC(a[8], a[41]); SQRADDAC(a[9], a[40]); SQRADDAC(a[10], a[39]); SQRADDAC(a[11], a[38]); SQRADDAC(a[12], a[37]); SQRADDAC(a[13], a[36]); SQRADDAC(a[14], a[35]); SQRADDAC(a[15], a[34]); SQRADDAC(a[16], a[33]); SQRADDAC(a[17], a[32]); SQRADDAC(a[18], a[31]); SQRADDAC(a[19], a[30]); SQRADDAC(a[20], a[29]); SQRADDAC(a[21], a[28]); SQRADDAC(a[22], a[27]); SQRADDAC(a[23], a[26]); SQRADDAC(a[24], a[25]); SQRADDDB; 
+   COMBA_STORE(b[49]);
+
+   /* output 50 */
+   CARRY_FORWARD;
+   SQRADDSC(a[3], a[47]); SQRADDAC(a[4], a[46]); SQRADDAC(a[5], a[45]); SQRADDAC(a[6], a[44]); SQRADDAC(a[7], a[43]); SQRADDAC(a[8], a[42]); SQRADDAC(a[9], a[41]); SQRADDAC(a[10], a[40]); SQRADDAC(a[11], a[39]); SQRADDAC(a[12], a[38]); SQRADDAC(a[13], a[37]); SQRADDAC(a[14], a[36]); SQRADDAC(a[15], a[35]); SQRADDAC(a[16], a[34]); SQRADDAC(a[17], a[33]); SQRADDAC(a[18], a[32]); SQRADDAC(a[19], a[31]); SQRADDAC(a[20], a[30]); SQRADDAC(a[21], a[29]); SQRADDAC(a[22], a[28]); SQRADDAC(a[23], a[27]); SQRADDAC(a[24], a[26]); SQRADDDB; SQRADD(a[25], a[25]); 
+   COMBA_STORE(b[50]);
+
+   /* output 51 */
+   CARRY_FORWARD;
+   SQRADDSC(a[4], a[47]); SQRADDAC(a[5], a[46]); SQRADDAC(a[6], a[45]); SQRADDAC(a[7], a[44]); SQRADDAC(a[8], a[43]); SQRADDAC(a[9], a[42]); SQRADDAC(a[10], a[41]); SQRADDAC(a[11], a[40]); SQRADDAC(a[12], a[39]); SQRADDAC(a[13], a[38]); SQRADDAC(a[14], a[37]); SQRADDAC(a[15], a[36]); SQRADDAC(a[16], a[35]); SQRADDAC(a[17], a[34]); SQRADDAC(a[18], a[33]); SQRADDAC(a[19], a[32]); SQRADDAC(a[20], a[31]); SQRADDAC(a[21], a[30]); SQRADDAC(a[22], a[29]); SQRADDAC(a[23], a[28]); SQRADDAC(a[24], a[27]); SQRADDAC(a[25], a[26]); SQRADDDB; 
+   COMBA_STORE(b[51]);
+
+   /* output 52 */
+   CARRY_FORWARD;
+   SQRADDSC(a[5], a[47]); SQRADDAC(a[6], a[46]); SQRADDAC(a[7], a[45]); SQRADDAC(a[8], a[44]); SQRADDAC(a[9], a[43]); SQRADDAC(a[10], a[42]); SQRADDAC(a[11], a[41]); SQRADDAC(a[12], a[40]); SQRADDAC(a[13], a[39]); SQRADDAC(a[14], a[38]); SQRADDAC(a[15], a[37]); SQRADDAC(a[16], a[36]); SQRADDAC(a[17], a[35]); SQRADDAC(a[18], a[34]); SQRADDAC(a[19], a[33]); SQRADDAC(a[20], a[32]); SQRADDAC(a[21], a[31]); SQRADDAC(a[22], a[30]); SQRADDAC(a[23], a[29]); SQRADDAC(a[24], a[28]); SQRADDAC(a[25], a[27]); SQRADDDB; SQRADD(a[26], a[26]); 
+   COMBA_STORE(b[52]);
+
+   /* output 53 */
+   CARRY_FORWARD;
+   SQRADDSC(a[6], a[47]); SQRADDAC(a[7], a[46]); SQRADDAC(a[8], a[45]); SQRADDAC(a[9], a[44]); SQRADDAC(a[10], a[43]); SQRADDAC(a[11], a[42]); SQRADDAC(a[12], a[41]); SQRADDAC(a[13], a[40]); SQRADDAC(a[14], a[39]); SQRADDAC(a[15], a[38]); SQRADDAC(a[16], a[37]); SQRADDAC(a[17], a[36]); SQRADDAC(a[18], a[35]); SQRADDAC(a[19], a[34]); SQRADDAC(a[20], a[33]); SQRADDAC(a[21], a[32]); SQRADDAC(a[22], a[31]); SQRADDAC(a[23], a[30]); SQRADDAC(a[24], a[29]); SQRADDAC(a[25], a[28]); SQRADDAC(a[26], a[27]); SQRADDDB; 
+   COMBA_STORE(b[53]);
+
+   /* output 54 */
+   CARRY_FORWARD;
+   SQRADDSC(a[7], a[47]); SQRADDAC(a[8], a[46]); SQRADDAC(a[9], a[45]); SQRADDAC(a[10], a[44]); SQRADDAC(a[11], a[43]); SQRADDAC(a[12], a[42]); SQRADDAC(a[13], a[41]); SQRADDAC(a[14], a[40]); SQRADDAC(a[15], a[39]); SQRADDAC(a[16], a[38]); SQRADDAC(a[17], a[37]); SQRADDAC(a[18], a[36]); SQRADDAC(a[19], a[35]); SQRADDAC(a[20], a[34]); SQRADDAC(a[21], a[33]); SQRADDAC(a[22], a[32]); SQRADDAC(a[23], a[31]); SQRADDAC(a[24], a[30]); SQRADDAC(a[25], a[29]); SQRADDAC(a[26], a[28]); SQRADDDB; SQRADD(a[27], a[27]); 
+   COMBA_STORE(b[54]);
+
+   /* output 55 */
+   CARRY_FORWARD;
+   SQRADDSC(a[8], a[47]); SQRADDAC(a[9], a[46]); SQRADDAC(a[10], a[45]); SQRADDAC(a[11], a[44]); SQRADDAC(a[12], a[43]); SQRADDAC(a[13], a[42]); SQRADDAC(a[14], a[41]); SQRADDAC(a[15], a[40]); SQRADDAC(a[16], a[39]); SQRADDAC(a[17], a[38]); SQRADDAC(a[18], a[37]); SQRADDAC(a[19], a[36]); SQRADDAC(a[20], a[35]); SQRADDAC(a[21], a[34]); SQRADDAC(a[22], a[33]); SQRADDAC(a[23], a[32]); SQRADDAC(a[24], a[31]); SQRADDAC(a[25], a[30]); SQRADDAC(a[26], a[29]); SQRADDAC(a[27], a[28]); SQRADDDB; 
+   COMBA_STORE(b[55]);
+
+   /* output 56 */
+   CARRY_FORWARD;
+   SQRADDSC(a[9], a[47]); SQRADDAC(a[10], a[46]); SQRADDAC(a[11], a[45]); SQRADDAC(a[12], a[44]); SQRADDAC(a[13], a[43]); SQRADDAC(a[14], a[42]); SQRADDAC(a[15], a[41]); SQRADDAC(a[16], a[40]); SQRADDAC(a[17], a[39]); SQRADDAC(a[18], a[38]); SQRADDAC(a[19], a[37]); SQRADDAC(a[20], a[36]); SQRADDAC(a[21], a[35]); SQRADDAC(a[22], a[34]); SQRADDAC(a[23], a[33]); SQRADDAC(a[24], a[32]); SQRADDAC(a[25], a[31]); SQRADDAC(a[26], a[30]); SQRADDAC(a[27], a[29]); SQRADDDB; SQRADD(a[28], a[28]); 
+   COMBA_STORE(b[56]);
+
+   /* output 57 */
+   CARRY_FORWARD;
+   SQRADDSC(a[10], a[47]); SQRADDAC(a[11], a[46]); SQRADDAC(a[12], a[45]); SQRADDAC(a[13], a[44]); SQRADDAC(a[14], a[43]); SQRADDAC(a[15], a[42]); SQRADDAC(a[16], a[41]); SQRADDAC(a[17], a[40]); SQRADDAC(a[18], a[39]); SQRADDAC(a[19], a[38]); SQRADDAC(a[20], a[37]); SQRADDAC(a[21], a[36]); SQRADDAC(a[22], a[35]); SQRADDAC(a[23], a[34]); SQRADDAC(a[24], a[33]); SQRADDAC(a[25], a[32]); SQRADDAC(a[26], a[31]); SQRADDAC(a[27], a[30]); SQRADDAC(a[28], a[29]); SQRADDDB; 
+   COMBA_STORE(b[57]);
+
+   /* output 58 */
+   CARRY_FORWARD;
+   SQRADDSC(a[11], a[47]); SQRADDAC(a[12], a[46]); SQRADDAC(a[13], a[45]); SQRADDAC(a[14], a[44]); SQRADDAC(a[15], a[43]); SQRADDAC(a[16], a[42]); SQRADDAC(a[17], a[41]); SQRADDAC(a[18], a[40]); SQRADDAC(a[19], a[39]); SQRADDAC(a[20], a[38]); SQRADDAC(a[21], a[37]); SQRADDAC(a[22], a[36]); SQRADDAC(a[23], a[35]); SQRADDAC(a[24], a[34]); SQRADDAC(a[25], a[33]); SQRADDAC(a[26], a[32]); SQRADDAC(a[27], a[31]); SQRADDAC(a[28], a[30]); SQRADDDB; SQRADD(a[29], a[29]); 
+   COMBA_STORE(b[58]);
+
+   /* output 59 */
+   CARRY_FORWARD;
+   SQRADDSC(a[12], a[47]); SQRADDAC(a[13], a[46]); SQRADDAC(a[14], a[45]); SQRADDAC(a[15], a[44]); SQRADDAC(a[16], a[43]); SQRADDAC(a[17], a[42]); SQRADDAC(a[18], a[41]); SQRADDAC(a[19], a[40]); SQRADDAC(a[20], a[39]); SQRADDAC(a[21], a[38]); SQRADDAC(a[22], a[37]); SQRADDAC(a[23], a[36]); SQRADDAC(a[24], a[35]); SQRADDAC(a[25], a[34]); SQRADDAC(a[26], a[33]); SQRADDAC(a[27], a[32]); SQRADDAC(a[28], a[31]); SQRADDAC(a[29], a[30]); SQRADDDB; 
+   COMBA_STORE(b[59]);
+
+   /* output 60 */
+   CARRY_FORWARD;
+   SQRADDSC(a[13], a[47]); SQRADDAC(a[14], a[46]); SQRADDAC(a[15], a[45]); SQRADDAC(a[16], a[44]); SQRADDAC(a[17], a[43]); SQRADDAC(a[18], a[42]); SQRADDAC(a[19], a[41]); SQRADDAC(a[20], a[40]); SQRADDAC(a[21], a[39]); SQRADDAC(a[22], a[38]); SQRADDAC(a[23], a[37]); SQRADDAC(a[24], a[36]); SQRADDAC(a[25], a[35]); SQRADDAC(a[26], a[34]); SQRADDAC(a[27], a[33]); SQRADDAC(a[28], a[32]); SQRADDAC(a[29], a[31]); SQRADDDB; SQRADD(a[30], a[30]); 
+   COMBA_STORE(b[60]);
+
+   /* output 61 */
+   CARRY_FORWARD;
+   SQRADDSC(a[14], a[47]); SQRADDAC(a[15], a[46]); SQRADDAC(a[16], a[45]); SQRADDAC(a[17], a[44]); SQRADDAC(a[18], a[43]); SQRADDAC(a[19], a[42]); SQRADDAC(a[20], a[41]); SQRADDAC(a[21], a[40]); SQRADDAC(a[22], a[39]); SQRADDAC(a[23], a[38]); SQRADDAC(a[24], a[37]); SQRADDAC(a[25], a[36]); SQRADDAC(a[26], a[35]); SQRADDAC(a[27], a[34]); SQRADDAC(a[28], a[33]); SQRADDAC(a[29], a[32]); SQRADDAC(a[30], a[31]); SQRADDDB; 
+   COMBA_STORE(b[61]);
+
+   /* output 62 */
+   CARRY_FORWARD;
+   SQRADDSC(a[15], a[47]); SQRADDAC(a[16], a[46]); SQRADDAC(a[17], a[45]); SQRADDAC(a[18], a[44]); SQRADDAC(a[19], a[43]); SQRADDAC(a[20], a[42]); SQRADDAC(a[21], a[41]); SQRADDAC(a[22], a[40]); SQRADDAC(a[23], a[39]); SQRADDAC(a[24], a[38]); SQRADDAC(a[25], a[37]); SQRADDAC(a[26], a[36]); SQRADDAC(a[27], a[35]); SQRADDAC(a[28], a[34]); SQRADDAC(a[29], a[33]); SQRADDAC(a[30], a[32]); SQRADDDB; SQRADD(a[31], a[31]); 
+   COMBA_STORE(b[62]);
+
+   /* output 63 */
+   CARRY_FORWARD;
+   SQRADDSC(a[16], a[47]); SQRADDAC(a[17], a[46]); SQRADDAC(a[18], a[45]); SQRADDAC(a[19], a[44]); SQRADDAC(a[20], a[43]); SQRADDAC(a[21], a[42]); SQRADDAC(a[22], a[41]); SQRADDAC(a[23], a[40]); SQRADDAC(a[24], a[39]); SQRADDAC(a[25], a[38]); SQRADDAC(a[26], a[37]); SQRADDAC(a[27], a[36]); SQRADDAC(a[28], a[35]); SQRADDAC(a[29], a[34]); SQRADDAC(a[30], a[33]); SQRADDAC(a[31], a[32]); SQRADDDB; 
+   COMBA_STORE(b[63]);
+
+   /* output 64 */
+   CARRY_FORWARD;
+   SQRADDSC(a[17], a[47]); SQRADDAC(a[18], a[46]); SQRADDAC(a[19], a[45]); SQRADDAC(a[20], a[44]); SQRADDAC(a[21], a[43]); SQRADDAC(a[22], a[42]); SQRADDAC(a[23], a[41]); SQRADDAC(a[24], a[40]); SQRADDAC(a[25], a[39]); SQRADDAC(a[26], a[38]); SQRADDAC(a[27], a[37]); SQRADDAC(a[28], a[36]); SQRADDAC(a[29], a[35]); SQRADDAC(a[30], a[34]); SQRADDAC(a[31], a[33]); SQRADDDB; SQRADD(a[32], a[32]); 
+   COMBA_STORE(b[64]);
+
+   /* output 65 */
+   CARRY_FORWARD;
+   SQRADDSC(a[18], a[47]); SQRADDAC(a[19], a[46]); SQRADDAC(a[20], a[45]); SQRADDAC(a[21], a[44]); SQRADDAC(a[22], a[43]); SQRADDAC(a[23], a[42]); SQRADDAC(a[24], a[41]); SQRADDAC(a[25], a[40]); SQRADDAC(a[26], a[39]); SQRADDAC(a[27], a[38]); SQRADDAC(a[28], a[37]); SQRADDAC(a[29], a[36]); SQRADDAC(a[30], a[35]); SQRADDAC(a[31], a[34]); SQRADDAC(a[32], a[33]); SQRADDDB; 
+   COMBA_STORE(b[65]);
+
+   /* output 66 */
+   CARRY_FORWARD;
+   SQRADDSC(a[19], a[47]); SQRADDAC(a[20], a[46]); SQRADDAC(a[21], a[45]); SQRADDAC(a[22], a[44]); SQRADDAC(a[23], a[43]); SQRADDAC(a[24], a[42]); SQRADDAC(a[25], a[41]); SQRADDAC(a[26], a[40]); SQRADDAC(a[27], a[39]); SQRADDAC(a[28], a[38]); SQRADDAC(a[29], a[37]); SQRADDAC(a[30], a[36]); SQRADDAC(a[31], a[35]); SQRADDAC(a[32], a[34]); SQRADDDB; SQRADD(a[33], a[33]); 
+   COMBA_STORE(b[66]);
+
+   /* output 67 */
+   CARRY_FORWARD;
+   SQRADDSC(a[20], a[47]); SQRADDAC(a[21], a[46]); SQRADDAC(a[22], a[45]); SQRADDAC(a[23], a[44]); SQRADDAC(a[24], a[43]); SQRADDAC(a[25], a[42]); SQRADDAC(a[26], a[41]); SQRADDAC(a[27], a[40]); SQRADDAC(a[28], a[39]); SQRADDAC(a[29], a[38]); SQRADDAC(a[30], a[37]); SQRADDAC(a[31], a[36]); SQRADDAC(a[32], a[35]); SQRADDAC(a[33], a[34]); SQRADDDB; 
+   COMBA_STORE(b[67]);
+
+   /* output 68 */
+   CARRY_FORWARD;
+   SQRADDSC(a[21], a[47]); SQRADDAC(a[22], a[46]); SQRADDAC(a[23], a[45]); SQRADDAC(a[24], a[44]); SQRADDAC(a[25], a[43]); SQRADDAC(a[26], a[42]); SQRADDAC(a[27], a[41]); SQRADDAC(a[28], a[40]); SQRADDAC(a[29], a[39]); SQRADDAC(a[30], a[38]); SQRADDAC(a[31], a[37]); SQRADDAC(a[32], a[36]); SQRADDAC(a[33], a[35]); SQRADDDB; SQRADD(a[34], a[34]); 
+   COMBA_STORE(b[68]);
+
+   /* output 69 */
+   CARRY_FORWARD;
+   SQRADDSC(a[22], a[47]); SQRADDAC(a[23], a[46]); SQRADDAC(a[24], a[45]); SQRADDAC(a[25], a[44]); SQRADDAC(a[26], a[43]); SQRADDAC(a[27], a[42]); SQRADDAC(a[28], a[41]); SQRADDAC(a[29], a[40]); SQRADDAC(a[30], a[39]); SQRADDAC(a[31], a[38]); SQRADDAC(a[32], a[37]); SQRADDAC(a[33], a[36]); SQRADDAC(a[34], a[35]); SQRADDDB; 
+   COMBA_STORE(b[69]);
+
+   /* output 70 */
+   CARRY_FORWARD;
+   SQRADDSC(a[23], a[47]); SQRADDAC(a[24], a[46]); SQRADDAC(a[25], a[45]); SQRADDAC(a[26], a[44]); SQRADDAC(a[27], a[43]); SQRADDAC(a[28], a[42]); SQRADDAC(a[29], a[41]); SQRADDAC(a[30], a[40]); SQRADDAC(a[31], a[39]); SQRADDAC(a[32], a[38]); SQRADDAC(a[33], a[37]); SQRADDAC(a[34], a[36]); SQRADDDB; SQRADD(a[35], a[35]); 
+   COMBA_STORE(b[70]);
+
+   /* output 71 */
+   CARRY_FORWARD;
+   SQRADDSC(a[24], a[47]); SQRADDAC(a[25], a[46]); SQRADDAC(a[26], a[45]); SQRADDAC(a[27], a[44]); SQRADDAC(a[28], a[43]); SQRADDAC(a[29], a[42]); SQRADDAC(a[30], a[41]); SQRADDAC(a[31], a[40]); SQRADDAC(a[32], a[39]); SQRADDAC(a[33], a[38]); SQRADDAC(a[34], a[37]); SQRADDAC(a[35], a[36]); SQRADDDB; 
+   COMBA_STORE(b[71]);
+
+   /* output 72 */
+   CARRY_FORWARD;
+   SQRADDSC(a[25], a[47]); SQRADDAC(a[26], a[46]); SQRADDAC(a[27], a[45]); SQRADDAC(a[28], a[44]); SQRADDAC(a[29], a[43]); SQRADDAC(a[30], a[42]); SQRADDAC(a[31], a[41]); SQRADDAC(a[32], a[40]); SQRADDAC(a[33], a[39]); SQRADDAC(a[34], a[38]); SQRADDAC(a[35], a[37]); SQRADDDB; SQRADD(a[36], a[36]); 
+   COMBA_STORE(b[72]);
+
+   /* output 73 */
+   CARRY_FORWARD;
+   SQRADDSC(a[26], a[47]); SQRADDAC(a[27], a[46]); SQRADDAC(a[28], a[45]); SQRADDAC(a[29], a[44]); SQRADDAC(a[30], a[43]); SQRADDAC(a[31], a[42]); SQRADDAC(a[32], a[41]); SQRADDAC(a[33], a[40]); SQRADDAC(a[34], a[39]); SQRADDAC(a[35], a[38]); SQRADDAC(a[36], a[37]); SQRADDDB; 
+   COMBA_STORE(b[73]);
+
+   /* output 74 */
+   CARRY_FORWARD;
+   SQRADDSC(a[27], a[47]); SQRADDAC(a[28], a[46]); SQRADDAC(a[29], a[45]); SQRADDAC(a[30], a[44]); SQRADDAC(a[31], a[43]); SQRADDAC(a[32], a[42]); SQRADDAC(a[33], a[41]); SQRADDAC(a[34], a[40]); SQRADDAC(a[35], a[39]); SQRADDAC(a[36], a[38]); SQRADDDB; SQRADD(a[37], a[37]); 
+   COMBA_STORE(b[74]);
+
+   /* output 75 */
+   CARRY_FORWARD;
+   SQRADDSC(a[28], a[47]); SQRADDAC(a[29], a[46]); SQRADDAC(a[30], a[45]); SQRADDAC(a[31], a[44]); SQRADDAC(a[32], a[43]); SQRADDAC(a[33], a[42]); SQRADDAC(a[34], a[41]); SQRADDAC(a[35], a[40]); SQRADDAC(a[36], a[39]); SQRADDAC(a[37], a[38]); SQRADDDB; 
+   COMBA_STORE(b[75]);
+
+   /* output 76 */
+   CARRY_FORWARD;
+   SQRADDSC(a[29], a[47]); SQRADDAC(a[30], a[46]); SQRADDAC(a[31], a[45]); SQRADDAC(a[32], a[44]); SQRADDAC(a[33], a[43]); SQRADDAC(a[34], a[42]); SQRADDAC(a[35], a[41]); SQRADDAC(a[36], a[40]); SQRADDAC(a[37], a[39]); SQRADDDB; SQRADD(a[38], a[38]); 
+   COMBA_STORE(b[76]);
+
+   /* output 77 */
+   CARRY_FORWARD;
+   SQRADDSC(a[30], a[47]); SQRADDAC(a[31], a[46]); SQRADDAC(a[32], a[45]); SQRADDAC(a[33], a[44]); SQRADDAC(a[34], a[43]); SQRADDAC(a[35], a[42]); SQRADDAC(a[36], a[41]); SQRADDAC(a[37], a[40]); SQRADDAC(a[38], a[39]); SQRADDDB; 
+   COMBA_STORE(b[77]);
+
+   /* output 78 */
+   CARRY_FORWARD;
+   SQRADDSC(a[31], a[47]); SQRADDAC(a[32], a[46]); SQRADDAC(a[33], a[45]); SQRADDAC(a[34], a[44]); SQRADDAC(a[35], a[43]); SQRADDAC(a[36], a[42]); SQRADDAC(a[37], a[41]); SQRADDAC(a[38], a[40]); SQRADDDB; SQRADD(a[39], a[39]); 
+   COMBA_STORE(b[78]);
+
+   /* output 79 */
+   CARRY_FORWARD;
+   SQRADDSC(a[32], a[47]); SQRADDAC(a[33], a[46]); SQRADDAC(a[34], a[45]); SQRADDAC(a[35], a[44]); SQRADDAC(a[36], a[43]); SQRADDAC(a[37], a[42]); SQRADDAC(a[38], a[41]); SQRADDAC(a[39], a[40]); SQRADDDB; 
+   COMBA_STORE(b[79]);
+
+   /* output 80 */
+   CARRY_FORWARD;
+   SQRADDSC(a[33], a[47]); SQRADDAC(a[34], a[46]); SQRADDAC(a[35], a[45]); SQRADDAC(a[36], a[44]); SQRADDAC(a[37], a[43]); SQRADDAC(a[38], a[42]); SQRADDAC(a[39], a[41]); SQRADDDB; SQRADD(a[40], a[40]); 
+   COMBA_STORE(b[80]);
+
+   /* output 81 */
+   CARRY_FORWARD;
+   SQRADDSC(a[34], a[47]); SQRADDAC(a[35], a[46]); SQRADDAC(a[36], a[45]); SQRADDAC(a[37], a[44]); SQRADDAC(a[38], a[43]); SQRADDAC(a[39], a[42]); SQRADDAC(a[40], a[41]); SQRADDDB; 
+   COMBA_STORE(b[81]);
+
+   /* output 82 */
+   CARRY_FORWARD;
+   SQRADDSC(a[35], a[47]); SQRADDAC(a[36], a[46]); SQRADDAC(a[37], a[45]); SQRADDAC(a[38], a[44]); SQRADDAC(a[39], a[43]); SQRADDAC(a[40], a[42]); SQRADDDB; SQRADD(a[41], a[41]); 
+   COMBA_STORE(b[82]);
+
+   /* output 83 */
+   CARRY_FORWARD;
+   SQRADDSC(a[36], a[47]); SQRADDAC(a[37], a[46]); SQRADDAC(a[38], a[45]); SQRADDAC(a[39], a[44]); SQRADDAC(a[40], a[43]); SQRADDAC(a[41], a[42]); SQRADDDB; 
+   COMBA_STORE(b[83]);
+
+   /* output 84 */
+   CARRY_FORWARD;
+   SQRADDSC(a[37], a[47]); SQRADDAC(a[38], a[46]); SQRADDAC(a[39], a[45]); SQRADDAC(a[40], a[44]); SQRADDAC(a[41], a[43]); SQRADDDB; SQRADD(a[42], a[42]); 
+   COMBA_STORE(b[84]);
+
+   /* output 85 */
+   CARRY_FORWARD;
+   SQRADDSC(a[38], a[47]); SQRADDAC(a[39], a[46]); SQRADDAC(a[40], a[45]); SQRADDAC(a[41], a[44]); SQRADDAC(a[42], a[43]); SQRADDDB; 
+   COMBA_STORE(b[85]);
+
+   /* output 86 */
+   CARRY_FORWARD;
+   SQRADDSC(a[39], a[47]); SQRADDAC(a[40], a[46]); SQRADDAC(a[41], a[45]); SQRADDAC(a[42], a[44]); SQRADDDB; SQRADD(a[43], a[43]); 
+   COMBA_STORE(b[86]);
+
+   /* output 87 */
+   CARRY_FORWARD;
+   SQRADDSC(a[40], a[47]); SQRADDAC(a[41], a[46]); SQRADDAC(a[42], a[45]); SQRADDAC(a[43], a[44]); SQRADDDB; 
+   COMBA_STORE(b[87]);
+
+   /* output 88 */
+   CARRY_FORWARD;
+   SQRADDSC(a[41], a[47]); SQRADDAC(a[42], a[46]); SQRADDAC(a[43], a[45]); SQRADDDB; SQRADD(a[44], a[44]); 
+   COMBA_STORE(b[88]);
+
+   /* output 89 */
+   CARRY_FORWARD;
+   SQRADDSC(a[42], a[47]); SQRADDAC(a[43], a[46]); SQRADDAC(a[44], a[45]); SQRADDDB; 
+   COMBA_STORE(b[89]);
+
+   /* output 90 */
+   CARRY_FORWARD;
+   SQRADD2(a[43], a[47]); SQRADD2(a[44], a[46]); SQRADD(a[45], a[45]); 
+   COMBA_STORE(b[90]);
+
+   /* output 91 */
+   CARRY_FORWARD;
+   SQRADD2(a[44], a[47]); SQRADD2(a[45], a[46]); 
+   COMBA_STORE(b[91]);
+
+   /* output 92 */
+   CARRY_FORWARD;
+   SQRADD2(a[45], a[47]); SQRADD(a[46], a[46]); 
+   COMBA_STORE(b[92]);
+
+   /* output 93 */
+   CARRY_FORWARD;
+   SQRADD2(a[46], a[47]); 
+   COMBA_STORE(b[93]);
+
+   /* output 94 */
+   CARRY_FORWARD;
+   SQRADD(a[47], a[47]); 
+   COMBA_STORE(b[94]);
+   COMBA_STORE2(b[95]);
+   COMBA_FINI;
+
+   B->used = 96;
+   B->sign = FP_ZPOS;
+   memcpy(B->dp, b, 96 * sizeof(fp_digit));
+   fp_clamp(B);
+}
+#endif
+
+
diff --git a/3P/wolfssl/wolfcrypt/src/fp_sqr_comba_6.i b/3P/wolfssl/wolfcrypt/src/fp_sqr_comba_6.i
new file mode 100644
index 00000000..bb2fd743
--- /dev/null
+++ b/3P/wolfssl/wolfcrypt/src/fp_sqr_comba_6.i
@@ -0,0 +1,100 @@
+/* fp_sqr_comba_6.i
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#ifdef TFM_SQR6
+void fp_sqr_comba6(fp_int *A, fp_int *B)
+{
+   fp_digit *a, b[12], c0, c1, c2, sc0, sc1, sc2;
+#ifdef TFM_ISO
+   fp_word tt;
+#endif
+
+   a = A->dp;
+   COMBA_START; 
+
+   /* clear carries */
+   CLEAR_CARRY;
+
+   /* output 0 */
+   SQRADD(a[0],a[0]);
+   COMBA_STORE(b[0]);
+
+   /* output 1 */
+   CARRY_FORWARD;
+   SQRADD2(a[0], a[1]); 
+   COMBA_STORE(b[1]);
+
+   /* output 2 */
+   CARRY_FORWARD;
+   SQRADD2(a[0], a[2]); SQRADD(a[1], a[1]); 
+   COMBA_STORE(b[2]);
+
+   /* output 3 */
+   CARRY_FORWARD;
+   SQRADD2(a[0], a[3]); SQRADD2(a[1], a[2]); 
+   COMBA_STORE(b[3]);
+
+   /* output 4 */
+   CARRY_FORWARD;
+   SQRADD2(a[0], a[4]); SQRADD2(a[1], a[3]); SQRADD(a[2], a[2]); 
+   COMBA_STORE(b[4]);
+
+   /* output 5 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[5]); SQRADDAC(a[1], a[4]); SQRADDAC(a[2], a[3]); SQRADDDB; 
+   COMBA_STORE(b[5]);
+
+   /* output 6 */
+   CARRY_FORWARD;
+   SQRADD2(a[1], a[5]); SQRADD2(a[2], a[4]); SQRADD(a[3], a[3]); 
+   COMBA_STORE(b[6]);
+
+   /* output 7 */
+   CARRY_FORWARD;
+   SQRADD2(a[2], a[5]); SQRADD2(a[3], a[4]); 
+   COMBA_STORE(b[7]);
+
+   /* output 8 */
+   CARRY_FORWARD;
+   SQRADD2(a[3], a[5]); SQRADD(a[4], a[4]); 
+   COMBA_STORE(b[8]);
+
+   /* output 9 */
+   CARRY_FORWARD;
+   SQRADD2(a[4], a[5]); 
+   COMBA_STORE(b[9]);
+
+   /* output 10 */
+   CARRY_FORWARD;
+   SQRADD(a[5], a[5]); 
+   COMBA_STORE(b[10]);
+   COMBA_STORE2(b[11]);
+   COMBA_FINI;
+
+   B->used = 12;
+   B->sign = FP_ZPOS;
+   memcpy(B->dp, b, 12 * sizeof(fp_digit));
+   fp_clamp(B);
+}
+#endif
+
+
diff --git a/3P/wolfssl/wolfcrypt/src/fp_sqr_comba_64.i b/3P/wolfssl/wolfcrypt/src/fp_sqr_comba_64.i
new file mode 100644
index 00000000..b74367a7
--- /dev/null
+++ b/3P/wolfssl/wolfcrypt/src/fp_sqr_comba_64.i
@@ -0,0 +1,680 @@
+/* fp_sqr_comba_64.i
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#ifdef TFM_SQR64
+void fp_sqr_comba64(fp_int *A, fp_int *B)
+{
+   fp_digit *a, b[128], c0, c1, c2, sc0, sc1, sc2;
+#ifdef TFM_ISO
+   fp_word   tt;   
+#endif   
+
+   a = A->dp;
+   COMBA_START; 
+
+   /* clear carries */
+   CLEAR_CARRY;
+
+   /* output 0 */
+   SQRADD(a[0],a[0]);
+   COMBA_STORE(b[0]);
+
+   /* output 1 */
+   CARRY_FORWARD;
+   SQRADD2(a[0], a[1]); 
+   COMBA_STORE(b[1]);
+
+   /* output 2 */
+   CARRY_FORWARD;
+   SQRADD2(a[0], a[2]); SQRADD(a[1], a[1]); 
+   COMBA_STORE(b[2]);
+
+   /* output 3 */
+   CARRY_FORWARD;
+   SQRADD2(a[0], a[3]); SQRADD2(a[1], a[2]); 
+   COMBA_STORE(b[3]);
+
+   /* output 4 */
+   CARRY_FORWARD;
+   SQRADD2(a[0], a[4]); SQRADD2(a[1], a[3]); SQRADD(a[2], a[2]); 
+   COMBA_STORE(b[4]);
+
+   /* output 5 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[5]); SQRADDAC(a[1], a[4]); SQRADDAC(a[2], a[3]); SQRADDDB; 
+   COMBA_STORE(b[5]);
+
+   /* output 6 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[6]); SQRADDAC(a[1], a[5]); SQRADDAC(a[2], a[4]); SQRADDDB; SQRADD(a[3], a[3]); 
+   COMBA_STORE(b[6]);
+
+   /* output 7 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[7]); SQRADDAC(a[1], a[6]); SQRADDAC(a[2], a[5]); SQRADDAC(a[3], a[4]); SQRADDDB; 
+   COMBA_STORE(b[7]);
+
+   /* output 8 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[8]); SQRADDAC(a[1], a[7]); SQRADDAC(a[2], a[6]); SQRADDAC(a[3], a[5]); SQRADDDB; SQRADD(a[4], a[4]); 
+   COMBA_STORE(b[8]);
+
+   /* output 9 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[9]); SQRADDAC(a[1], a[8]); SQRADDAC(a[2], a[7]); SQRADDAC(a[3], a[6]); SQRADDAC(a[4], a[5]); SQRADDDB; 
+   COMBA_STORE(b[9]);
+
+   /* output 10 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[10]); SQRADDAC(a[1], a[9]); SQRADDAC(a[2], a[8]); SQRADDAC(a[3], a[7]); SQRADDAC(a[4], a[6]); SQRADDDB; SQRADD(a[5], a[5]); 
+   COMBA_STORE(b[10]);
+
+   /* output 11 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[11]); SQRADDAC(a[1], a[10]); SQRADDAC(a[2], a[9]); SQRADDAC(a[3], a[8]); SQRADDAC(a[4], a[7]); SQRADDAC(a[5], a[6]); SQRADDDB; 
+   COMBA_STORE(b[11]);
+
+   /* output 12 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[12]); SQRADDAC(a[1], a[11]); SQRADDAC(a[2], a[10]); SQRADDAC(a[3], a[9]); SQRADDAC(a[4], a[8]); SQRADDAC(a[5], a[7]); SQRADDDB; SQRADD(a[6], a[6]); 
+   COMBA_STORE(b[12]);
+
+   /* output 13 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[13]); SQRADDAC(a[1], a[12]); SQRADDAC(a[2], a[11]); SQRADDAC(a[3], a[10]); SQRADDAC(a[4], a[9]); SQRADDAC(a[5], a[8]); SQRADDAC(a[6], a[7]); SQRADDDB; 
+   COMBA_STORE(b[13]);
+
+   /* output 14 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[14]); SQRADDAC(a[1], a[13]); SQRADDAC(a[2], a[12]); SQRADDAC(a[3], a[11]); SQRADDAC(a[4], a[10]); SQRADDAC(a[5], a[9]); SQRADDAC(a[6], a[8]); SQRADDDB; SQRADD(a[7], a[7]); 
+   COMBA_STORE(b[14]);
+
+   /* output 15 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[15]); SQRADDAC(a[1], a[14]); SQRADDAC(a[2], a[13]); SQRADDAC(a[3], a[12]); SQRADDAC(a[4], a[11]); SQRADDAC(a[5], a[10]); SQRADDAC(a[6], a[9]); SQRADDAC(a[7], a[8]); SQRADDDB; 
+   COMBA_STORE(b[15]);
+
+   /* output 16 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[16]); SQRADDAC(a[1], a[15]); SQRADDAC(a[2], a[14]); SQRADDAC(a[3], a[13]); SQRADDAC(a[4], a[12]); SQRADDAC(a[5], a[11]); SQRADDAC(a[6], a[10]); SQRADDAC(a[7], a[9]); SQRADDDB; SQRADD(a[8], a[8]); 
+   COMBA_STORE(b[16]);
+
+   /* output 17 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[17]); SQRADDAC(a[1], a[16]); SQRADDAC(a[2], a[15]); SQRADDAC(a[3], a[14]); SQRADDAC(a[4], a[13]); SQRADDAC(a[5], a[12]); SQRADDAC(a[6], a[11]); SQRADDAC(a[7], a[10]); SQRADDAC(a[8], a[9]); SQRADDDB; 
+   COMBA_STORE(b[17]);
+
+   /* output 18 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[18]); SQRADDAC(a[1], a[17]); SQRADDAC(a[2], a[16]); SQRADDAC(a[3], a[15]); SQRADDAC(a[4], a[14]); SQRADDAC(a[5], a[13]); SQRADDAC(a[6], a[12]); SQRADDAC(a[7], a[11]); SQRADDAC(a[8], a[10]); SQRADDDB; SQRADD(a[9], a[9]); 
+   COMBA_STORE(b[18]);
+
+   /* output 19 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[19]); SQRADDAC(a[1], a[18]); SQRADDAC(a[2], a[17]); SQRADDAC(a[3], a[16]); SQRADDAC(a[4], a[15]); SQRADDAC(a[5], a[14]); SQRADDAC(a[6], a[13]); SQRADDAC(a[7], a[12]); SQRADDAC(a[8], a[11]); SQRADDAC(a[9], a[10]); SQRADDDB; 
+   COMBA_STORE(b[19]);
+
+   /* output 20 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[20]); SQRADDAC(a[1], a[19]); SQRADDAC(a[2], a[18]); SQRADDAC(a[3], a[17]); SQRADDAC(a[4], a[16]); SQRADDAC(a[5], a[15]); SQRADDAC(a[6], a[14]); SQRADDAC(a[7], a[13]); SQRADDAC(a[8], a[12]); SQRADDAC(a[9], a[11]); SQRADDDB; SQRADD(a[10], a[10]); 
+   COMBA_STORE(b[20]);
+
+   /* output 21 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[21]); SQRADDAC(a[1], a[20]); SQRADDAC(a[2], a[19]); SQRADDAC(a[3], a[18]); SQRADDAC(a[4], a[17]); SQRADDAC(a[5], a[16]); SQRADDAC(a[6], a[15]); SQRADDAC(a[7], a[14]); SQRADDAC(a[8], a[13]); SQRADDAC(a[9], a[12]); SQRADDAC(a[10], a[11]); SQRADDDB; 
+   COMBA_STORE(b[21]);
+
+   /* output 22 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[22]); SQRADDAC(a[1], a[21]); SQRADDAC(a[2], a[20]); SQRADDAC(a[3], a[19]); SQRADDAC(a[4], a[18]); SQRADDAC(a[5], a[17]); SQRADDAC(a[6], a[16]); SQRADDAC(a[7], a[15]); SQRADDAC(a[8], a[14]); SQRADDAC(a[9], a[13]); SQRADDAC(a[10], a[12]); SQRADDDB; SQRADD(a[11], a[11]); 
+   COMBA_STORE(b[22]);
+
+   /* output 23 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[23]); SQRADDAC(a[1], a[22]); SQRADDAC(a[2], a[21]); SQRADDAC(a[3], a[20]); SQRADDAC(a[4], a[19]); SQRADDAC(a[5], a[18]); SQRADDAC(a[6], a[17]); SQRADDAC(a[7], a[16]); SQRADDAC(a[8], a[15]); SQRADDAC(a[9], a[14]); SQRADDAC(a[10], a[13]); SQRADDAC(a[11], a[12]); SQRADDDB; 
+   COMBA_STORE(b[23]);
+
+   /* output 24 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[24]); SQRADDAC(a[1], a[23]); SQRADDAC(a[2], a[22]); SQRADDAC(a[3], a[21]); SQRADDAC(a[4], a[20]); SQRADDAC(a[5], a[19]); SQRADDAC(a[6], a[18]); SQRADDAC(a[7], a[17]); SQRADDAC(a[8], a[16]); SQRADDAC(a[9], a[15]); SQRADDAC(a[10], a[14]); SQRADDAC(a[11], a[13]); SQRADDDB; SQRADD(a[12], a[12]); 
+   COMBA_STORE(b[24]);
+
+   /* output 25 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[25]); SQRADDAC(a[1], a[24]); SQRADDAC(a[2], a[23]); SQRADDAC(a[3], a[22]); SQRADDAC(a[4], a[21]); SQRADDAC(a[5], a[20]); SQRADDAC(a[6], a[19]); SQRADDAC(a[7], a[18]); SQRADDAC(a[8], a[17]); SQRADDAC(a[9], a[16]); SQRADDAC(a[10], a[15]); SQRADDAC(a[11], a[14]); SQRADDAC(a[12], a[13]); SQRADDDB; 
+   COMBA_STORE(b[25]);
+
+   /* output 26 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[26]); SQRADDAC(a[1], a[25]); SQRADDAC(a[2], a[24]); SQRADDAC(a[3], a[23]); SQRADDAC(a[4], a[22]); SQRADDAC(a[5], a[21]); SQRADDAC(a[6], a[20]); SQRADDAC(a[7], a[19]); SQRADDAC(a[8], a[18]); SQRADDAC(a[9], a[17]); SQRADDAC(a[10], a[16]); SQRADDAC(a[11], a[15]); SQRADDAC(a[12], a[14]); SQRADDDB; SQRADD(a[13], a[13]); 
+   COMBA_STORE(b[26]);
+
+   /* output 27 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[27]); SQRADDAC(a[1], a[26]); SQRADDAC(a[2], a[25]); SQRADDAC(a[3], a[24]); SQRADDAC(a[4], a[23]); SQRADDAC(a[5], a[22]); SQRADDAC(a[6], a[21]); SQRADDAC(a[7], a[20]); SQRADDAC(a[8], a[19]); SQRADDAC(a[9], a[18]); SQRADDAC(a[10], a[17]); SQRADDAC(a[11], a[16]); SQRADDAC(a[12], a[15]); SQRADDAC(a[13], a[14]); SQRADDDB; 
+   COMBA_STORE(b[27]);
+
+   /* output 28 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[28]); SQRADDAC(a[1], a[27]); SQRADDAC(a[2], a[26]); SQRADDAC(a[3], a[25]); SQRADDAC(a[4], a[24]); SQRADDAC(a[5], a[23]); SQRADDAC(a[6], a[22]); SQRADDAC(a[7], a[21]); SQRADDAC(a[8], a[20]); SQRADDAC(a[9], a[19]); SQRADDAC(a[10], a[18]); SQRADDAC(a[11], a[17]); SQRADDAC(a[12], a[16]); SQRADDAC(a[13], a[15]); SQRADDDB; SQRADD(a[14], a[14]); 
+   COMBA_STORE(b[28]);
+
+   /* output 29 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[29]); SQRADDAC(a[1], a[28]); SQRADDAC(a[2], a[27]); SQRADDAC(a[3], a[26]); SQRADDAC(a[4], a[25]); SQRADDAC(a[5], a[24]); SQRADDAC(a[6], a[23]); SQRADDAC(a[7], a[22]); SQRADDAC(a[8], a[21]); SQRADDAC(a[9], a[20]); SQRADDAC(a[10], a[19]); SQRADDAC(a[11], a[18]); SQRADDAC(a[12], a[17]); SQRADDAC(a[13], a[16]); SQRADDAC(a[14], a[15]); SQRADDDB; 
+   COMBA_STORE(b[29]);
+
+   /* output 30 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[30]); SQRADDAC(a[1], a[29]); SQRADDAC(a[2], a[28]); SQRADDAC(a[3], a[27]); SQRADDAC(a[4], a[26]); SQRADDAC(a[5], a[25]); SQRADDAC(a[6], a[24]); SQRADDAC(a[7], a[23]); SQRADDAC(a[8], a[22]); SQRADDAC(a[9], a[21]); SQRADDAC(a[10], a[20]); SQRADDAC(a[11], a[19]); SQRADDAC(a[12], a[18]); SQRADDAC(a[13], a[17]); SQRADDAC(a[14], a[16]); SQRADDDB; SQRADD(a[15], a[15]); 
+   COMBA_STORE(b[30]);
+
+   /* output 31 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[31]); SQRADDAC(a[1], a[30]); SQRADDAC(a[2], a[29]); SQRADDAC(a[3], a[28]); SQRADDAC(a[4], a[27]); SQRADDAC(a[5], a[26]); SQRADDAC(a[6], a[25]); SQRADDAC(a[7], a[24]); SQRADDAC(a[8], a[23]); SQRADDAC(a[9], a[22]); SQRADDAC(a[10], a[21]); SQRADDAC(a[11], a[20]); SQRADDAC(a[12], a[19]); SQRADDAC(a[13], a[18]); SQRADDAC(a[14], a[17]); SQRADDAC(a[15], a[16]); SQRADDDB; 
+   COMBA_STORE(b[31]);
+
+   /* output 32 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[32]); SQRADDAC(a[1], a[31]); SQRADDAC(a[2], a[30]); SQRADDAC(a[3], a[29]); SQRADDAC(a[4], a[28]); SQRADDAC(a[5], a[27]); SQRADDAC(a[6], a[26]); SQRADDAC(a[7], a[25]); SQRADDAC(a[8], a[24]); SQRADDAC(a[9], a[23]); SQRADDAC(a[10], a[22]); SQRADDAC(a[11], a[21]); SQRADDAC(a[12], a[20]); SQRADDAC(a[13], a[19]); SQRADDAC(a[14], a[18]); SQRADDAC(a[15], a[17]); SQRADDDB; SQRADD(a[16], a[16]); 
+   COMBA_STORE(b[32]);
+
+   /* output 33 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[33]); SQRADDAC(a[1], a[32]); SQRADDAC(a[2], a[31]); SQRADDAC(a[3], a[30]); SQRADDAC(a[4], a[29]); SQRADDAC(a[5], a[28]); SQRADDAC(a[6], a[27]); SQRADDAC(a[7], a[26]); SQRADDAC(a[8], a[25]); SQRADDAC(a[9], a[24]); SQRADDAC(a[10], a[23]); SQRADDAC(a[11], a[22]); SQRADDAC(a[12], a[21]); SQRADDAC(a[13], a[20]); SQRADDAC(a[14], a[19]); SQRADDAC(a[15], a[18]); SQRADDAC(a[16], a[17]); SQRADDDB; 
+   COMBA_STORE(b[33]);
+
+   /* output 34 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[34]); SQRADDAC(a[1], a[33]); SQRADDAC(a[2], a[32]); SQRADDAC(a[3], a[31]); SQRADDAC(a[4], a[30]); SQRADDAC(a[5], a[29]); SQRADDAC(a[6], a[28]); SQRADDAC(a[7], a[27]); SQRADDAC(a[8], a[26]); SQRADDAC(a[9], a[25]); SQRADDAC(a[10], a[24]); SQRADDAC(a[11], a[23]); SQRADDAC(a[12], a[22]); SQRADDAC(a[13], a[21]); SQRADDAC(a[14], a[20]); SQRADDAC(a[15], a[19]); SQRADDAC(a[16], a[18]); SQRADDDB; SQRADD(a[17], a[17]); 
+   COMBA_STORE(b[34]);
+
+   /* output 35 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[35]); SQRADDAC(a[1], a[34]); SQRADDAC(a[2], a[33]); SQRADDAC(a[3], a[32]); SQRADDAC(a[4], a[31]); SQRADDAC(a[5], a[30]); SQRADDAC(a[6], a[29]); SQRADDAC(a[7], a[28]); SQRADDAC(a[8], a[27]); SQRADDAC(a[9], a[26]); SQRADDAC(a[10], a[25]); SQRADDAC(a[11], a[24]); SQRADDAC(a[12], a[23]); SQRADDAC(a[13], a[22]); SQRADDAC(a[14], a[21]); SQRADDAC(a[15], a[20]); SQRADDAC(a[16], a[19]); SQRADDAC(a[17], a[18]); SQRADDDB; 
+   COMBA_STORE(b[35]);
+
+   /* output 36 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[36]); SQRADDAC(a[1], a[35]); SQRADDAC(a[2], a[34]); SQRADDAC(a[3], a[33]); SQRADDAC(a[4], a[32]); SQRADDAC(a[5], a[31]); SQRADDAC(a[6], a[30]); SQRADDAC(a[7], a[29]); SQRADDAC(a[8], a[28]); SQRADDAC(a[9], a[27]); SQRADDAC(a[10], a[26]); SQRADDAC(a[11], a[25]); SQRADDAC(a[12], a[24]); SQRADDAC(a[13], a[23]); SQRADDAC(a[14], a[22]); SQRADDAC(a[15], a[21]); SQRADDAC(a[16], a[20]); SQRADDAC(a[17], a[19]); SQRADDDB; SQRADD(a[18], a[18]); 
+   COMBA_STORE(b[36]);
+
+   /* output 37 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[37]); SQRADDAC(a[1], a[36]); SQRADDAC(a[2], a[35]); SQRADDAC(a[3], a[34]); SQRADDAC(a[4], a[33]); SQRADDAC(a[5], a[32]); SQRADDAC(a[6], a[31]); SQRADDAC(a[7], a[30]); SQRADDAC(a[8], a[29]); SQRADDAC(a[9], a[28]); SQRADDAC(a[10], a[27]); SQRADDAC(a[11], a[26]); SQRADDAC(a[12], a[25]); SQRADDAC(a[13], a[24]); SQRADDAC(a[14], a[23]); SQRADDAC(a[15], a[22]); SQRADDAC(a[16], a[21]); SQRADDAC(a[17], a[20]); SQRADDAC(a[18], a[19]); SQRADDDB; 
+   COMBA_STORE(b[37]);
+
+   /* output 38 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[38]); SQRADDAC(a[1], a[37]); SQRADDAC(a[2], a[36]); SQRADDAC(a[3], a[35]); SQRADDAC(a[4], a[34]); SQRADDAC(a[5], a[33]); SQRADDAC(a[6], a[32]); SQRADDAC(a[7], a[31]); SQRADDAC(a[8], a[30]); SQRADDAC(a[9], a[29]); SQRADDAC(a[10], a[28]); SQRADDAC(a[11], a[27]); SQRADDAC(a[12], a[26]); SQRADDAC(a[13], a[25]); SQRADDAC(a[14], a[24]); SQRADDAC(a[15], a[23]); SQRADDAC(a[16], a[22]); SQRADDAC(a[17], a[21]); SQRADDAC(a[18], a[20]); SQRADDDB; SQRADD(a[19], a[19]); 
+   COMBA_STORE(b[38]);
+
+   /* output 39 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[39]); SQRADDAC(a[1], a[38]); SQRADDAC(a[2], a[37]); SQRADDAC(a[3], a[36]); SQRADDAC(a[4], a[35]); SQRADDAC(a[5], a[34]); SQRADDAC(a[6], a[33]); SQRADDAC(a[7], a[32]); SQRADDAC(a[8], a[31]); SQRADDAC(a[9], a[30]); SQRADDAC(a[10], a[29]); SQRADDAC(a[11], a[28]); SQRADDAC(a[12], a[27]); SQRADDAC(a[13], a[26]); SQRADDAC(a[14], a[25]); SQRADDAC(a[15], a[24]); SQRADDAC(a[16], a[23]); SQRADDAC(a[17], a[22]); SQRADDAC(a[18], a[21]); SQRADDAC(a[19], a[20]); SQRADDDB; 
+   COMBA_STORE(b[39]);
+
+   /* output 40 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[40]); SQRADDAC(a[1], a[39]); SQRADDAC(a[2], a[38]); SQRADDAC(a[3], a[37]); SQRADDAC(a[4], a[36]); SQRADDAC(a[5], a[35]); SQRADDAC(a[6], a[34]); SQRADDAC(a[7], a[33]); SQRADDAC(a[8], a[32]); SQRADDAC(a[9], a[31]); SQRADDAC(a[10], a[30]); SQRADDAC(a[11], a[29]); SQRADDAC(a[12], a[28]); SQRADDAC(a[13], a[27]); SQRADDAC(a[14], a[26]); SQRADDAC(a[15], a[25]); SQRADDAC(a[16], a[24]); SQRADDAC(a[17], a[23]); SQRADDAC(a[18], a[22]); SQRADDAC(a[19], a[21]); SQRADDDB; SQRADD(a[20], a[20]); 
+   COMBA_STORE(b[40]);
+
+   /* output 41 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[41]); SQRADDAC(a[1], a[40]); SQRADDAC(a[2], a[39]); SQRADDAC(a[3], a[38]); SQRADDAC(a[4], a[37]); SQRADDAC(a[5], a[36]); SQRADDAC(a[6], a[35]); SQRADDAC(a[7], a[34]); SQRADDAC(a[8], a[33]); SQRADDAC(a[9], a[32]); SQRADDAC(a[10], a[31]); SQRADDAC(a[11], a[30]); SQRADDAC(a[12], a[29]); SQRADDAC(a[13], a[28]); SQRADDAC(a[14], a[27]); SQRADDAC(a[15], a[26]); SQRADDAC(a[16], a[25]); SQRADDAC(a[17], a[24]); SQRADDAC(a[18], a[23]); SQRADDAC(a[19], a[22]); SQRADDAC(a[20], a[21]); SQRADDDB; 
+   COMBA_STORE(b[41]);
+
+   /* output 42 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[42]); SQRADDAC(a[1], a[41]); SQRADDAC(a[2], a[40]); SQRADDAC(a[3], a[39]); SQRADDAC(a[4], a[38]); SQRADDAC(a[5], a[37]); SQRADDAC(a[6], a[36]); SQRADDAC(a[7], a[35]); SQRADDAC(a[8], a[34]); SQRADDAC(a[9], a[33]); SQRADDAC(a[10], a[32]); SQRADDAC(a[11], a[31]); SQRADDAC(a[12], a[30]); SQRADDAC(a[13], a[29]); SQRADDAC(a[14], a[28]); SQRADDAC(a[15], a[27]); SQRADDAC(a[16], a[26]); SQRADDAC(a[17], a[25]); SQRADDAC(a[18], a[24]); SQRADDAC(a[19], a[23]); SQRADDAC(a[20], a[22]); SQRADDDB; SQRADD(a[21], a[21]); 
+   COMBA_STORE(b[42]);
+
+   /* output 43 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[43]); SQRADDAC(a[1], a[42]); SQRADDAC(a[2], a[41]); SQRADDAC(a[3], a[40]); SQRADDAC(a[4], a[39]); SQRADDAC(a[5], a[38]); SQRADDAC(a[6], a[37]); SQRADDAC(a[7], a[36]); SQRADDAC(a[8], a[35]); SQRADDAC(a[9], a[34]); SQRADDAC(a[10], a[33]); SQRADDAC(a[11], a[32]); SQRADDAC(a[12], a[31]); SQRADDAC(a[13], a[30]); SQRADDAC(a[14], a[29]); SQRADDAC(a[15], a[28]); SQRADDAC(a[16], a[27]); SQRADDAC(a[17], a[26]); SQRADDAC(a[18], a[25]); SQRADDAC(a[19], a[24]); SQRADDAC(a[20], a[23]); SQRADDAC(a[21], a[22]); SQRADDDB; 
+   COMBA_STORE(b[43]);
+
+   /* output 44 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[44]); SQRADDAC(a[1], a[43]); SQRADDAC(a[2], a[42]); SQRADDAC(a[3], a[41]); SQRADDAC(a[4], a[40]); SQRADDAC(a[5], a[39]); SQRADDAC(a[6], a[38]); SQRADDAC(a[7], a[37]); SQRADDAC(a[8], a[36]); SQRADDAC(a[9], a[35]); SQRADDAC(a[10], a[34]); SQRADDAC(a[11], a[33]); SQRADDAC(a[12], a[32]); SQRADDAC(a[13], a[31]); SQRADDAC(a[14], a[30]); SQRADDAC(a[15], a[29]); SQRADDAC(a[16], a[28]); SQRADDAC(a[17], a[27]); SQRADDAC(a[18], a[26]); SQRADDAC(a[19], a[25]); SQRADDAC(a[20], a[24]); SQRADDAC(a[21], a[23]); SQRADDDB; SQRADD(a[22], a[22]); 
+   COMBA_STORE(b[44]);
+
+   /* output 45 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[45]); SQRADDAC(a[1], a[44]); SQRADDAC(a[2], a[43]); SQRADDAC(a[3], a[42]); SQRADDAC(a[4], a[41]); SQRADDAC(a[5], a[40]); SQRADDAC(a[6], a[39]); SQRADDAC(a[7], a[38]); SQRADDAC(a[8], a[37]); SQRADDAC(a[9], a[36]); SQRADDAC(a[10], a[35]); SQRADDAC(a[11], a[34]); SQRADDAC(a[12], a[33]); SQRADDAC(a[13], a[32]); SQRADDAC(a[14], a[31]); SQRADDAC(a[15], a[30]); SQRADDAC(a[16], a[29]); SQRADDAC(a[17], a[28]); SQRADDAC(a[18], a[27]); SQRADDAC(a[19], a[26]); SQRADDAC(a[20], a[25]); SQRADDAC(a[21], a[24]); SQRADDAC(a[22], a[23]); SQRADDDB; 
+   COMBA_STORE(b[45]);
+
+   /* output 46 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[46]); SQRADDAC(a[1], a[45]); SQRADDAC(a[2], a[44]); SQRADDAC(a[3], a[43]); SQRADDAC(a[4], a[42]); SQRADDAC(a[5], a[41]); SQRADDAC(a[6], a[40]); SQRADDAC(a[7], a[39]); SQRADDAC(a[8], a[38]); SQRADDAC(a[9], a[37]); SQRADDAC(a[10], a[36]); SQRADDAC(a[11], a[35]); SQRADDAC(a[12], a[34]); SQRADDAC(a[13], a[33]); SQRADDAC(a[14], a[32]); SQRADDAC(a[15], a[31]); SQRADDAC(a[16], a[30]); SQRADDAC(a[17], a[29]); SQRADDAC(a[18], a[28]); SQRADDAC(a[19], a[27]); SQRADDAC(a[20], a[26]); SQRADDAC(a[21], a[25]); SQRADDAC(a[22], a[24]); SQRADDDB; SQRADD(a[23], a[23]); 
+   COMBA_STORE(b[46]);
+
+   /* output 47 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[47]); SQRADDAC(a[1], a[46]); SQRADDAC(a[2], a[45]); SQRADDAC(a[3], a[44]); SQRADDAC(a[4], a[43]); SQRADDAC(a[5], a[42]); SQRADDAC(a[6], a[41]); SQRADDAC(a[7], a[40]); SQRADDAC(a[8], a[39]); SQRADDAC(a[9], a[38]); SQRADDAC(a[10], a[37]); SQRADDAC(a[11], a[36]); SQRADDAC(a[12], a[35]); SQRADDAC(a[13], a[34]); SQRADDAC(a[14], a[33]); SQRADDAC(a[15], a[32]); SQRADDAC(a[16], a[31]); SQRADDAC(a[17], a[30]); SQRADDAC(a[18], a[29]); SQRADDAC(a[19], a[28]); SQRADDAC(a[20], a[27]); SQRADDAC(a[21], a[26]); SQRADDAC(a[22], a[25]); SQRADDAC(a[23], a[24]); SQRADDDB; 
+   COMBA_STORE(b[47]);
+
+   /* output 48 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[48]); SQRADDAC(a[1], a[47]); SQRADDAC(a[2], a[46]); SQRADDAC(a[3], a[45]); SQRADDAC(a[4], a[44]); SQRADDAC(a[5], a[43]); SQRADDAC(a[6], a[42]); SQRADDAC(a[7], a[41]); SQRADDAC(a[8], a[40]); SQRADDAC(a[9], a[39]); SQRADDAC(a[10], a[38]); SQRADDAC(a[11], a[37]); SQRADDAC(a[12], a[36]); SQRADDAC(a[13], a[35]); SQRADDAC(a[14], a[34]); SQRADDAC(a[15], a[33]); SQRADDAC(a[16], a[32]); SQRADDAC(a[17], a[31]); SQRADDAC(a[18], a[30]); SQRADDAC(a[19], a[29]); SQRADDAC(a[20], a[28]); SQRADDAC(a[21], a[27]); SQRADDAC(a[22], a[26]); SQRADDAC(a[23], a[25]); SQRADDDB; SQRADD(a[24], a[24]); 
+   COMBA_STORE(b[48]);
+
+   /* output 49 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[49]); SQRADDAC(a[1], a[48]); SQRADDAC(a[2], a[47]); SQRADDAC(a[3], a[46]); SQRADDAC(a[4], a[45]); SQRADDAC(a[5], a[44]); SQRADDAC(a[6], a[43]); SQRADDAC(a[7], a[42]); SQRADDAC(a[8], a[41]); SQRADDAC(a[9], a[40]); SQRADDAC(a[10], a[39]); SQRADDAC(a[11], a[38]); SQRADDAC(a[12], a[37]); SQRADDAC(a[13], a[36]); SQRADDAC(a[14], a[35]); SQRADDAC(a[15], a[34]); SQRADDAC(a[16], a[33]); SQRADDAC(a[17], a[32]); SQRADDAC(a[18], a[31]); SQRADDAC(a[19], a[30]); SQRADDAC(a[20], a[29]); SQRADDAC(a[21], a[28]); SQRADDAC(a[22], a[27]); SQRADDAC(a[23], a[26]); SQRADDAC(a[24], a[25]); SQRADDDB; 
+   COMBA_STORE(b[49]);
+
+   /* output 50 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[50]); SQRADDAC(a[1], a[49]); SQRADDAC(a[2], a[48]); SQRADDAC(a[3], a[47]); SQRADDAC(a[4], a[46]); SQRADDAC(a[5], a[45]); SQRADDAC(a[6], a[44]); SQRADDAC(a[7], a[43]); SQRADDAC(a[8], a[42]); SQRADDAC(a[9], a[41]); SQRADDAC(a[10], a[40]); SQRADDAC(a[11], a[39]); SQRADDAC(a[12], a[38]); SQRADDAC(a[13], a[37]); SQRADDAC(a[14], a[36]); SQRADDAC(a[15], a[35]); SQRADDAC(a[16], a[34]); SQRADDAC(a[17], a[33]); SQRADDAC(a[18], a[32]); SQRADDAC(a[19], a[31]); SQRADDAC(a[20], a[30]); SQRADDAC(a[21], a[29]); SQRADDAC(a[22], a[28]); SQRADDAC(a[23], a[27]); SQRADDAC(a[24], a[26]); SQRADDDB; SQRADD(a[25], a[25]); 
+   COMBA_STORE(b[50]);
+
+   /* output 51 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[51]); SQRADDAC(a[1], a[50]); SQRADDAC(a[2], a[49]); SQRADDAC(a[3], a[48]); SQRADDAC(a[4], a[47]); SQRADDAC(a[5], a[46]); SQRADDAC(a[6], a[45]); SQRADDAC(a[7], a[44]); SQRADDAC(a[8], a[43]); SQRADDAC(a[9], a[42]); SQRADDAC(a[10], a[41]); SQRADDAC(a[11], a[40]); SQRADDAC(a[12], a[39]); SQRADDAC(a[13], a[38]); SQRADDAC(a[14], a[37]); SQRADDAC(a[15], a[36]); SQRADDAC(a[16], a[35]); SQRADDAC(a[17], a[34]); SQRADDAC(a[18], a[33]); SQRADDAC(a[19], a[32]); SQRADDAC(a[20], a[31]); SQRADDAC(a[21], a[30]); SQRADDAC(a[22], a[29]); SQRADDAC(a[23], a[28]); SQRADDAC(a[24], a[27]); SQRADDAC(a[25], a[26]); SQRADDDB; 
+   COMBA_STORE(b[51]);
+
+   /* output 52 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[52]); SQRADDAC(a[1], a[51]); SQRADDAC(a[2], a[50]); SQRADDAC(a[3], a[49]); SQRADDAC(a[4], a[48]); SQRADDAC(a[5], a[47]); SQRADDAC(a[6], a[46]); SQRADDAC(a[7], a[45]); SQRADDAC(a[8], a[44]); SQRADDAC(a[9], a[43]); SQRADDAC(a[10], a[42]); SQRADDAC(a[11], a[41]); SQRADDAC(a[12], a[40]); SQRADDAC(a[13], a[39]); SQRADDAC(a[14], a[38]); SQRADDAC(a[15], a[37]); SQRADDAC(a[16], a[36]); SQRADDAC(a[17], a[35]); SQRADDAC(a[18], a[34]); SQRADDAC(a[19], a[33]); SQRADDAC(a[20], a[32]); SQRADDAC(a[21], a[31]); SQRADDAC(a[22], a[30]); SQRADDAC(a[23], a[29]); SQRADDAC(a[24], a[28]); SQRADDAC(a[25], a[27]); SQRADDDB; SQRADD(a[26], a[26]); 
+   COMBA_STORE(b[52]);
+
+   /* output 53 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[53]); SQRADDAC(a[1], a[52]); SQRADDAC(a[2], a[51]); SQRADDAC(a[3], a[50]); SQRADDAC(a[4], a[49]); SQRADDAC(a[5], a[48]); SQRADDAC(a[6], a[47]); SQRADDAC(a[7], a[46]); SQRADDAC(a[8], a[45]); SQRADDAC(a[9], a[44]); SQRADDAC(a[10], a[43]); SQRADDAC(a[11], a[42]); SQRADDAC(a[12], a[41]); SQRADDAC(a[13], a[40]); SQRADDAC(a[14], a[39]); SQRADDAC(a[15], a[38]); SQRADDAC(a[16], a[37]); SQRADDAC(a[17], a[36]); SQRADDAC(a[18], a[35]); SQRADDAC(a[19], a[34]); SQRADDAC(a[20], a[33]); SQRADDAC(a[21], a[32]); SQRADDAC(a[22], a[31]); SQRADDAC(a[23], a[30]); SQRADDAC(a[24], a[29]); SQRADDAC(a[25], a[28]); SQRADDAC(a[26], a[27]); SQRADDDB; 
+   COMBA_STORE(b[53]);
+
+   /* output 54 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[54]); SQRADDAC(a[1], a[53]); SQRADDAC(a[2], a[52]); SQRADDAC(a[3], a[51]); SQRADDAC(a[4], a[50]); SQRADDAC(a[5], a[49]); SQRADDAC(a[6], a[48]); SQRADDAC(a[7], a[47]); SQRADDAC(a[8], a[46]); SQRADDAC(a[9], a[45]); SQRADDAC(a[10], a[44]); SQRADDAC(a[11], a[43]); SQRADDAC(a[12], a[42]); SQRADDAC(a[13], a[41]); SQRADDAC(a[14], a[40]); SQRADDAC(a[15], a[39]); SQRADDAC(a[16], a[38]); SQRADDAC(a[17], a[37]); SQRADDAC(a[18], a[36]); SQRADDAC(a[19], a[35]); SQRADDAC(a[20], a[34]); SQRADDAC(a[21], a[33]); SQRADDAC(a[22], a[32]); SQRADDAC(a[23], a[31]); SQRADDAC(a[24], a[30]); SQRADDAC(a[25], a[29]); SQRADDAC(a[26], a[28]); SQRADDDB; SQRADD(a[27], a[27]); 
+   COMBA_STORE(b[54]);
+
+   /* output 55 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[55]); SQRADDAC(a[1], a[54]); SQRADDAC(a[2], a[53]); SQRADDAC(a[3], a[52]); SQRADDAC(a[4], a[51]); SQRADDAC(a[5], a[50]); SQRADDAC(a[6], a[49]); SQRADDAC(a[7], a[48]); SQRADDAC(a[8], a[47]); SQRADDAC(a[9], a[46]); SQRADDAC(a[10], a[45]); SQRADDAC(a[11], a[44]); SQRADDAC(a[12], a[43]); SQRADDAC(a[13], a[42]); SQRADDAC(a[14], a[41]); SQRADDAC(a[15], a[40]); SQRADDAC(a[16], a[39]); SQRADDAC(a[17], a[38]); SQRADDAC(a[18], a[37]); SQRADDAC(a[19], a[36]); SQRADDAC(a[20], a[35]); SQRADDAC(a[21], a[34]); SQRADDAC(a[22], a[33]); SQRADDAC(a[23], a[32]); SQRADDAC(a[24], a[31]); SQRADDAC(a[25], a[30]); SQRADDAC(a[26], a[29]); SQRADDAC(a[27], a[28]); SQRADDDB; 
+   COMBA_STORE(b[55]);
+
+   /* output 56 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[56]); SQRADDAC(a[1], a[55]); SQRADDAC(a[2], a[54]); SQRADDAC(a[3], a[53]); SQRADDAC(a[4], a[52]); SQRADDAC(a[5], a[51]); SQRADDAC(a[6], a[50]); SQRADDAC(a[7], a[49]); SQRADDAC(a[8], a[48]); SQRADDAC(a[9], a[47]); SQRADDAC(a[10], a[46]); SQRADDAC(a[11], a[45]); SQRADDAC(a[12], a[44]); SQRADDAC(a[13], a[43]); SQRADDAC(a[14], a[42]); SQRADDAC(a[15], a[41]); SQRADDAC(a[16], a[40]); SQRADDAC(a[17], a[39]); SQRADDAC(a[18], a[38]); SQRADDAC(a[19], a[37]); SQRADDAC(a[20], a[36]); SQRADDAC(a[21], a[35]); SQRADDAC(a[22], a[34]); SQRADDAC(a[23], a[33]); SQRADDAC(a[24], a[32]); SQRADDAC(a[25], a[31]); SQRADDAC(a[26], a[30]); SQRADDAC(a[27], a[29]); SQRADDDB; SQRADD(a[28], a[28]); 
+   COMBA_STORE(b[56]);
+
+   /* output 57 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[57]); SQRADDAC(a[1], a[56]); SQRADDAC(a[2], a[55]); SQRADDAC(a[3], a[54]); SQRADDAC(a[4], a[53]); SQRADDAC(a[5], a[52]); SQRADDAC(a[6], a[51]); SQRADDAC(a[7], a[50]); SQRADDAC(a[8], a[49]); SQRADDAC(a[9], a[48]); SQRADDAC(a[10], a[47]); SQRADDAC(a[11], a[46]); SQRADDAC(a[12], a[45]); SQRADDAC(a[13], a[44]); SQRADDAC(a[14], a[43]); SQRADDAC(a[15], a[42]); SQRADDAC(a[16], a[41]); SQRADDAC(a[17], a[40]); SQRADDAC(a[18], a[39]); SQRADDAC(a[19], a[38]); SQRADDAC(a[20], a[37]); SQRADDAC(a[21], a[36]); SQRADDAC(a[22], a[35]); SQRADDAC(a[23], a[34]); SQRADDAC(a[24], a[33]); SQRADDAC(a[25], a[32]); SQRADDAC(a[26], a[31]); SQRADDAC(a[27], a[30]); SQRADDAC(a[28], a[29]); SQRADDDB; 
+   COMBA_STORE(b[57]);
+
+   /* output 58 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[58]); SQRADDAC(a[1], a[57]); SQRADDAC(a[2], a[56]); SQRADDAC(a[3], a[55]); SQRADDAC(a[4], a[54]); SQRADDAC(a[5], a[53]); SQRADDAC(a[6], a[52]); SQRADDAC(a[7], a[51]); SQRADDAC(a[8], a[50]); SQRADDAC(a[9], a[49]); SQRADDAC(a[10], a[48]); SQRADDAC(a[11], a[47]); SQRADDAC(a[12], a[46]); SQRADDAC(a[13], a[45]); SQRADDAC(a[14], a[44]); SQRADDAC(a[15], a[43]); SQRADDAC(a[16], a[42]); SQRADDAC(a[17], a[41]); SQRADDAC(a[18], a[40]); SQRADDAC(a[19], a[39]); SQRADDAC(a[20], a[38]); SQRADDAC(a[21], a[37]); SQRADDAC(a[22], a[36]); SQRADDAC(a[23], a[35]); SQRADDAC(a[24], a[34]); SQRADDAC(a[25], a[33]); SQRADDAC(a[26], a[32]); SQRADDAC(a[27], a[31]); SQRADDAC(a[28], a[30]); SQRADDDB; SQRADD(a[29], a[29]); 
+   COMBA_STORE(b[58]);
+
+   /* output 59 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[59]); SQRADDAC(a[1], a[58]); SQRADDAC(a[2], a[57]); SQRADDAC(a[3], a[56]); SQRADDAC(a[4], a[55]); SQRADDAC(a[5], a[54]); SQRADDAC(a[6], a[53]); SQRADDAC(a[7], a[52]); SQRADDAC(a[8], a[51]); SQRADDAC(a[9], a[50]); SQRADDAC(a[10], a[49]); SQRADDAC(a[11], a[48]); SQRADDAC(a[12], a[47]); SQRADDAC(a[13], a[46]); SQRADDAC(a[14], a[45]); SQRADDAC(a[15], a[44]); SQRADDAC(a[16], a[43]); SQRADDAC(a[17], a[42]); SQRADDAC(a[18], a[41]); SQRADDAC(a[19], a[40]); SQRADDAC(a[20], a[39]); SQRADDAC(a[21], a[38]); SQRADDAC(a[22], a[37]); SQRADDAC(a[23], a[36]); SQRADDAC(a[24], a[35]); SQRADDAC(a[25], a[34]); SQRADDAC(a[26], a[33]); SQRADDAC(a[27], a[32]); SQRADDAC(a[28], a[31]); SQRADDAC(a[29], a[30]); SQRADDDB; 
+   COMBA_STORE(b[59]);
+
+   /* output 60 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[60]); SQRADDAC(a[1], a[59]); SQRADDAC(a[2], a[58]); SQRADDAC(a[3], a[57]); SQRADDAC(a[4], a[56]); SQRADDAC(a[5], a[55]); SQRADDAC(a[6], a[54]); SQRADDAC(a[7], a[53]); SQRADDAC(a[8], a[52]); SQRADDAC(a[9], a[51]); SQRADDAC(a[10], a[50]); SQRADDAC(a[11], a[49]); SQRADDAC(a[12], a[48]); SQRADDAC(a[13], a[47]); SQRADDAC(a[14], a[46]); SQRADDAC(a[15], a[45]); SQRADDAC(a[16], a[44]); SQRADDAC(a[17], a[43]); SQRADDAC(a[18], a[42]); SQRADDAC(a[19], a[41]); SQRADDAC(a[20], a[40]); SQRADDAC(a[21], a[39]); SQRADDAC(a[22], a[38]); SQRADDAC(a[23], a[37]); SQRADDAC(a[24], a[36]); SQRADDAC(a[25], a[35]); SQRADDAC(a[26], a[34]); SQRADDAC(a[27], a[33]); SQRADDAC(a[28], a[32]); SQRADDAC(a[29], a[31]); SQRADDDB; SQRADD(a[30], a[30]); 
+   COMBA_STORE(b[60]);
+
+   /* output 61 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[61]); SQRADDAC(a[1], a[60]); SQRADDAC(a[2], a[59]); SQRADDAC(a[3], a[58]); SQRADDAC(a[4], a[57]); SQRADDAC(a[5], a[56]); SQRADDAC(a[6], a[55]); SQRADDAC(a[7], a[54]); SQRADDAC(a[8], a[53]); SQRADDAC(a[9], a[52]); SQRADDAC(a[10], a[51]); SQRADDAC(a[11], a[50]); SQRADDAC(a[12], a[49]); SQRADDAC(a[13], a[48]); SQRADDAC(a[14], a[47]); SQRADDAC(a[15], a[46]); SQRADDAC(a[16], a[45]); SQRADDAC(a[17], a[44]); SQRADDAC(a[18], a[43]); SQRADDAC(a[19], a[42]); SQRADDAC(a[20], a[41]); SQRADDAC(a[21], a[40]); SQRADDAC(a[22], a[39]); SQRADDAC(a[23], a[38]); SQRADDAC(a[24], a[37]); SQRADDAC(a[25], a[36]); SQRADDAC(a[26], a[35]); SQRADDAC(a[27], a[34]); SQRADDAC(a[28], a[33]); SQRADDAC(a[29], a[32]); SQRADDAC(a[30], a[31]); SQRADDDB; 
+   COMBA_STORE(b[61]);
+
+   /* output 62 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[62]); SQRADDAC(a[1], a[61]); SQRADDAC(a[2], a[60]); SQRADDAC(a[3], a[59]); SQRADDAC(a[4], a[58]); SQRADDAC(a[5], a[57]); SQRADDAC(a[6], a[56]); SQRADDAC(a[7], a[55]); SQRADDAC(a[8], a[54]); SQRADDAC(a[9], a[53]); SQRADDAC(a[10], a[52]); SQRADDAC(a[11], a[51]); SQRADDAC(a[12], a[50]); SQRADDAC(a[13], a[49]); SQRADDAC(a[14], a[48]); SQRADDAC(a[15], a[47]); SQRADDAC(a[16], a[46]); SQRADDAC(a[17], a[45]); SQRADDAC(a[18], a[44]); SQRADDAC(a[19], a[43]); SQRADDAC(a[20], a[42]); SQRADDAC(a[21], a[41]); SQRADDAC(a[22], a[40]); SQRADDAC(a[23], a[39]); SQRADDAC(a[24], a[38]); SQRADDAC(a[25], a[37]); SQRADDAC(a[26], a[36]); SQRADDAC(a[27], a[35]); SQRADDAC(a[28], a[34]); SQRADDAC(a[29], a[33]); SQRADDAC(a[30], a[32]); SQRADDDB; SQRADD(a[31], a[31]); 
+   COMBA_STORE(b[62]);
+
+   /* output 63 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[63]); SQRADDAC(a[1], a[62]); SQRADDAC(a[2], a[61]); SQRADDAC(a[3], a[60]); SQRADDAC(a[4], a[59]); SQRADDAC(a[5], a[58]); SQRADDAC(a[6], a[57]); SQRADDAC(a[7], a[56]); SQRADDAC(a[8], a[55]); SQRADDAC(a[9], a[54]); SQRADDAC(a[10], a[53]); SQRADDAC(a[11], a[52]); SQRADDAC(a[12], a[51]); SQRADDAC(a[13], a[50]); SQRADDAC(a[14], a[49]); SQRADDAC(a[15], a[48]); SQRADDAC(a[16], a[47]); SQRADDAC(a[17], a[46]); SQRADDAC(a[18], a[45]); SQRADDAC(a[19], a[44]); SQRADDAC(a[20], a[43]); SQRADDAC(a[21], a[42]); SQRADDAC(a[22], a[41]); SQRADDAC(a[23], a[40]); SQRADDAC(a[24], a[39]); SQRADDAC(a[25], a[38]); SQRADDAC(a[26], a[37]); SQRADDAC(a[27], a[36]); SQRADDAC(a[28], a[35]); SQRADDAC(a[29], a[34]); SQRADDAC(a[30], a[33]); SQRADDAC(a[31], a[32]); SQRADDDB; 
+   COMBA_STORE(b[63]);
+
+   /* output 64 */
+   CARRY_FORWARD;
+   SQRADDSC(a[1], a[63]); SQRADDAC(a[2], a[62]); SQRADDAC(a[3], a[61]); SQRADDAC(a[4], a[60]); SQRADDAC(a[5], a[59]); SQRADDAC(a[6], a[58]); SQRADDAC(a[7], a[57]); SQRADDAC(a[8], a[56]); SQRADDAC(a[9], a[55]); SQRADDAC(a[10], a[54]); SQRADDAC(a[11], a[53]); SQRADDAC(a[12], a[52]); SQRADDAC(a[13], a[51]); SQRADDAC(a[14], a[50]); SQRADDAC(a[15], a[49]); SQRADDAC(a[16], a[48]); SQRADDAC(a[17], a[47]); SQRADDAC(a[18], a[46]); SQRADDAC(a[19], a[45]); SQRADDAC(a[20], a[44]); SQRADDAC(a[21], a[43]); SQRADDAC(a[22], a[42]); SQRADDAC(a[23], a[41]); SQRADDAC(a[24], a[40]); SQRADDAC(a[25], a[39]); SQRADDAC(a[26], a[38]); SQRADDAC(a[27], a[37]); SQRADDAC(a[28], a[36]); SQRADDAC(a[29], a[35]); SQRADDAC(a[30], a[34]); SQRADDAC(a[31], a[33]); SQRADDDB; SQRADD(a[32], a[32]); 
+   COMBA_STORE(b[64]);
+
+   /* output 65 */
+   CARRY_FORWARD;
+   SQRADDSC(a[2], a[63]); SQRADDAC(a[3], a[62]); SQRADDAC(a[4], a[61]); SQRADDAC(a[5], a[60]); SQRADDAC(a[6], a[59]); SQRADDAC(a[7], a[58]); SQRADDAC(a[8], a[57]); SQRADDAC(a[9], a[56]); SQRADDAC(a[10], a[55]); SQRADDAC(a[11], a[54]); SQRADDAC(a[12], a[53]); SQRADDAC(a[13], a[52]); SQRADDAC(a[14], a[51]); SQRADDAC(a[15], a[50]); SQRADDAC(a[16], a[49]); SQRADDAC(a[17], a[48]); SQRADDAC(a[18], a[47]); SQRADDAC(a[19], a[46]); SQRADDAC(a[20], a[45]); SQRADDAC(a[21], a[44]); SQRADDAC(a[22], a[43]); SQRADDAC(a[23], a[42]); SQRADDAC(a[24], a[41]); SQRADDAC(a[25], a[40]); SQRADDAC(a[26], a[39]); SQRADDAC(a[27], a[38]); SQRADDAC(a[28], a[37]); SQRADDAC(a[29], a[36]); SQRADDAC(a[30], a[35]); SQRADDAC(a[31], a[34]); SQRADDAC(a[32], a[33]); SQRADDDB; 
+   COMBA_STORE(b[65]);
+
+   /* output 66 */
+   CARRY_FORWARD;
+   SQRADDSC(a[3], a[63]); SQRADDAC(a[4], a[62]); SQRADDAC(a[5], a[61]); SQRADDAC(a[6], a[60]); SQRADDAC(a[7], a[59]); SQRADDAC(a[8], a[58]); SQRADDAC(a[9], a[57]); SQRADDAC(a[10], a[56]); SQRADDAC(a[11], a[55]); SQRADDAC(a[12], a[54]); SQRADDAC(a[13], a[53]); SQRADDAC(a[14], a[52]); SQRADDAC(a[15], a[51]); SQRADDAC(a[16], a[50]); SQRADDAC(a[17], a[49]); SQRADDAC(a[18], a[48]); SQRADDAC(a[19], a[47]); SQRADDAC(a[20], a[46]); SQRADDAC(a[21], a[45]); SQRADDAC(a[22], a[44]); SQRADDAC(a[23], a[43]); SQRADDAC(a[24], a[42]); SQRADDAC(a[25], a[41]); SQRADDAC(a[26], a[40]); SQRADDAC(a[27], a[39]); SQRADDAC(a[28], a[38]); SQRADDAC(a[29], a[37]); SQRADDAC(a[30], a[36]); SQRADDAC(a[31], a[35]); SQRADDAC(a[32], a[34]); SQRADDDB; SQRADD(a[33], a[33]); 
+   COMBA_STORE(b[66]);
+
+   /* output 67 */
+   CARRY_FORWARD;
+   SQRADDSC(a[4], a[63]); SQRADDAC(a[5], a[62]); SQRADDAC(a[6], a[61]); SQRADDAC(a[7], a[60]); SQRADDAC(a[8], a[59]); SQRADDAC(a[9], a[58]); SQRADDAC(a[10], a[57]); SQRADDAC(a[11], a[56]); SQRADDAC(a[12], a[55]); SQRADDAC(a[13], a[54]); SQRADDAC(a[14], a[53]); SQRADDAC(a[15], a[52]); SQRADDAC(a[16], a[51]); SQRADDAC(a[17], a[50]); SQRADDAC(a[18], a[49]); SQRADDAC(a[19], a[48]); SQRADDAC(a[20], a[47]); SQRADDAC(a[21], a[46]); SQRADDAC(a[22], a[45]); SQRADDAC(a[23], a[44]); SQRADDAC(a[24], a[43]); SQRADDAC(a[25], a[42]); SQRADDAC(a[26], a[41]); SQRADDAC(a[27], a[40]); SQRADDAC(a[28], a[39]); SQRADDAC(a[29], a[38]); SQRADDAC(a[30], a[37]); SQRADDAC(a[31], a[36]); SQRADDAC(a[32], a[35]); SQRADDAC(a[33], a[34]); SQRADDDB; 
+   COMBA_STORE(b[67]);
+
+   /* output 68 */
+   CARRY_FORWARD;
+   SQRADDSC(a[5], a[63]); SQRADDAC(a[6], a[62]); SQRADDAC(a[7], a[61]); SQRADDAC(a[8], a[60]); SQRADDAC(a[9], a[59]); SQRADDAC(a[10], a[58]); SQRADDAC(a[11], a[57]); SQRADDAC(a[12], a[56]); SQRADDAC(a[13], a[55]); SQRADDAC(a[14], a[54]); SQRADDAC(a[15], a[53]); SQRADDAC(a[16], a[52]); SQRADDAC(a[17], a[51]); SQRADDAC(a[18], a[50]); SQRADDAC(a[19], a[49]); SQRADDAC(a[20], a[48]); SQRADDAC(a[21], a[47]); SQRADDAC(a[22], a[46]); SQRADDAC(a[23], a[45]); SQRADDAC(a[24], a[44]); SQRADDAC(a[25], a[43]); SQRADDAC(a[26], a[42]); SQRADDAC(a[27], a[41]); SQRADDAC(a[28], a[40]); SQRADDAC(a[29], a[39]); SQRADDAC(a[30], a[38]); SQRADDAC(a[31], a[37]); SQRADDAC(a[32], a[36]); SQRADDAC(a[33], a[35]); SQRADDDB; SQRADD(a[34], a[34]); 
+   COMBA_STORE(b[68]);
+
+   /* output 69 */
+   CARRY_FORWARD;
+   SQRADDSC(a[6], a[63]); SQRADDAC(a[7], a[62]); SQRADDAC(a[8], a[61]); SQRADDAC(a[9], a[60]); SQRADDAC(a[10], a[59]); SQRADDAC(a[11], a[58]); SQRADDAC(a[12], a[57]); SQRADDAC(a[13], a[56]); SQRADDAC(a[14], a[55]); SQRADDAC(a[15], a[54]); SQRADDAC(a[16], a[53]); SQRADDAC(a[17], a[52]); SQRADDAC(a[18], a[51]); SQRADDAC(a[19], a[50]); SQRADDAC(a[20], a[49]); SQRADDAC(a[21], a[48]); SQRADDAC(a[22], a[47]); SQRADDAC(a[23], a[46]); SQRADDAC(a[24], a[45]); SQRADDAC(a[25], a[44]); SQRADDAC(a[26], a[43]); SQRADDAC(a[27], a[42]); SQRADDAC(a[28], a[41]); SQRADDAC(a[29], a[40]); SQRADDAC(a[30], a[39]); SQRADDAC(a[31], a[38]); SQRADDAC(a[32], a[37]); SQRADDAC(a[33], a[36]); SQRADDAC(a[34], a[35]); SQRADDDB; 
+   COMBA_STORE(b[69]);
+
+   /* output 70 */
+   CARRY_FORWARD;
+   SQRADDSC(a[7], a[63]); SQRADDAC(a[8], a[62]); SQRADDAC(a[9], a[61]); SQRADDAC(a[10], a[60]); SQRADDAC(a[11], a[59]); SQRADDAC(a[12], a[58]); SQRADDAC(a[13], a[57]); SQRADDAC(a[14], a[56]); SQRADDAC(a[15], a[55]); SQRADDAC(a[16], a[54]); SQRADDAC(a[17], a[53]); SQRADDAC(a[18], a[52]); SQRADDAC(a[19], a[51]); SQRADDAC(a[20], a[50]); SQRADDAC(a[21], a[49]); SQRADDAC(a[22], a[48]); SQRADDAC(a[23], a[47]); SQRADDAC(a[24], a[46]); SQRADDAC(a[25], a[45]); SQRADDAC(a[26], a[44]); SQRADDAC(a[27], a[43]); SQRADDAC(a[28], a[42]); SQRADDAC(a[29], a[41]); SQRADDAC(a[30], a[40]); SQRADDAC(a[31], a[39]); SQRADDAC(a[32], a[38]); SQRADDAC(a[33], a[37]); SQRADDAC(a[34], a[36]); SQRADDDB; SQRADD(a[35], a[35]); 
+   COMBA_STORE(b[70]);
+
+   /* output 71 */
+   CARRY_FORWARD;
+   SQRADDSC(a[8], a[63]); SQRADDAC(a[9], a[62]); SQRADDAC(a[10], a[61]); SQRADDAC(a[11], a[60]); SQRADDAC(a[12], a[59]); SQRADDAC(a[13], a[58]); SQRADDAC(a[14], a[57]); SQRADDAC(a[15], a[56]); SQRADDAC(a[16], a[55]); SQRADDAC(a[17], a[54]); SQRADDAC(a[18], a[53]); SQRADDAC(a[19], a[52]); SQRADDAC(a[20], a[51]); SQRADDAC(a[21], a[50]); SQRADDAC(a[22], a[49]); SQRADDAC(a[23], a[48]); SQRADDAC(a[24], a[47]); SQRADDAC(a[25], a[46]); SQRADDAC(a[26], a[45]); SQRADDAC(a[27], a[44]); SQRADDAC(a[28], a[43]); SQRADDAC(a[29], a[42]); SQRADDAC(a[30], a[41]); SQRADDAC(a[31], a[40]); SQRADDAC(a[32], a[39]); SQRADDAC(a[33], a[38]); SQRADDAC(a[34], a[37]); SQRADDAC(a[35], a[36]); SQRADDDB; 
+   COMBA_STORE(b[71]);
+
+   /* output 72 */
+   CARRY_FORWARD;
+   SQRADDSC(a[9], a[63]); SQRADDAC(a[10], a[62]); SQRADDAC(a[11], a[61]); SQRADDAC(a[12], a[60]); SQRADDAC(a[13], a[59]); SQRADDAC(a[14], a[58]); SQRADDAC(a[15], a[57]); SQRADDAC(a[16], a[56]); SQRADDAC(a[17], a[55]); SQRADDAC(a[18], a[54]); SQRADDAC(a[19], a[53]); SQRADDAC(a[20], a[52]); SQRADDAC(a[21], a[51]); SQRADDAC(a[22], a[50]); SQRADDAC(a[23], a[49]); SQRADDAC(a[24], a[48]); SQRADDAC(a[25], a[47]); SQRADDAC(a[26], a[46]); SQRADDAC(a[27], a[45]); SQRADDAC(a[28], a[44]); SQRADDAC(a[29], a[43]); SQRADDAC(a[30], a[42]); SQRADDAC(a[31], a[41]); SQRADDAC(a[32], a[40]); SQRADDAC(a[33], a[39]); SQRADDAC(a[34], a[38]); SQRADDAC(a[35], a[37]); SQRADDDB; SQRADD(a[36], a[36]); 
+   COMBA_STORE(b[72]);
+
+   /* output 73 */
+   CARRY_FORWARD;
+   SQRADDSC(a[10], a[63]); SQRADDAC(a[11], a[62]); SQRADDAC(a[12], a[61]); SQRADDAC(a[13], a[60]); SQRADDAC(a[14], a[59]); SQRADDAC(a[15], a[58]); SQRADDAC(a[16], a[57]); SQRADDAC(a[17], a[56]); SQRADDAC(a[18], a[55]); SQRADDAC(a[19], a[54]); SQRADDAC(a[20], a[53]); SQRADDAC(a[21], a[52]); SQRADDAC(a[22], a[51]); SQRADDAC(a[23], a[50]); SQRADDAC(a[24], a[49]); SQRADDAC(a[25], a[48]); SQRADDAC(a[26], a[47]); SQRADDAC(a[27], a[46]); SQRADDAC(a[28], a[45]); SQRADDAC(a[29], a[44]); SQRADDAC(a[30], a[43]); SQRADDAC(a[31], a[42]); SQRADDAC(a[32], a[41]); SQRADDAC(a[33], a[40]); SQRADDAC(a[34], a[39]); SQRADDAC(a[35], a[38]); SQRADDAC(a[36], a[37]); SQRADDDB; 
+   COMBA_STORE(b[73]);
+
+   /* output 74 */
+   CARRY_FORWARD;
+   SQRADDSC(a[11], a[63]); SQRADDAC(a[12], a[62]); SQRADDAC(a[13], a[61]); SQRADDAC(a[14], a[60]); SQRADDAC(a[15], a[59]); SQRADDAC(a[16], a[58]); SQRADDAC(a[17], a[57]); SQRADDAC(a[18], a[56]); SQRADDAC(a[19], a[55]); SQRADDAC(a[20], a[54]); SQRADDAC(a[21], a[53]); SQRADDAC(a[22], a[52]); SQRADDAC(a[23], a[51]); SQRADDAC(a[24], a[50]); SQRADDAC(a[25], a[49]); SQRADDAC(a[26], a[48]); SQRADDAC(a[27], a[47]); SQRADDAC(a[28], a[46]); SQRADDAC(a[29], a[45]); SQRADDAC(a[30], a[44]); SQRADDAC(a[31], a[43]); SQRADDAC(a[32], a[42]); SQRADDAC(a[33], a[41]); SQRADDAC(a[34], a[40]); SQRADDAC(a[35], a[39]); SQRADDAC(a[36], a[38]); SQRADDDB; SQRADD(a[37], a[37]); 
+   COMBA_STORE(b[74]);
+
+   /* output 75 */
+   CARRY_FORWARD;
+   SQRADDSC(a[12], a[63]); SQRADDAC(a[13], a[62]); SQRADDAC(a[14], a[61]); SQRADDAC(a[15], a[60]); SQRADDAC(a[16], a[59]); SQRADDAC(a[17], a[58]); SQRADDAC(a[18], a[57]); SQRADDAC(a[19], a[56]); SQRADDAC(a[20], a[55]); SQRADDAC(a[21], a[54]); SQRADDAC(a[22], a[53]); SQRADDAC(a[23], a[52]); SQRADDAC(a[24], a[51]); SQRADDAC(a[25], a[50]); SQRADDAC(a[26], a[49]); SQRADDAC(a[27], a[48]); SQRADDAC(a[28], a[47]); SQRADDAC(a[29], a[46]); SQRADDAC(a[30], a[45]); SQRADDAC(a[31], a[44]); SQRADDAC(a[32], a[43]); SQRADDAC(a[33], a[42]); SQRADDAC(a[34], a[41]); SQRADDAC(a[35], a[40]); SQRADDAC(a[36], a[39]); SQRADDAC(a[37], a[38]); SQRADDDB; 
+   COMBA_STORE(b[75]);
+
+   /* output 76 */
+   CARRY_FORWARD;
+   SQRADDSC(a[13], a[63]); SQRADDAC(a[14], a[62]); SQRADDAC(a[15], a[61]); SQRADDAC(a[16], a[60]); SQRADDAC(a[17], a[59]); SQRADDAC(a[18], a[58]); SQRADDAC(a[19], a[57]); SQRADDAC(a[20], a[56]); SQRADDAC(a[21], a[55]); SQRADDAC(a[22], a[54]); SQRADDAC(a[23], a[53]); SQRADDAC(a[24], a[52]); SQRADDAC(a[25], a[51]); SQRADDAC(a[26], a[50]); SQRADDAC(a[27], a[49]); SQRADDAC(a[28], a[48]); SQRADDAC(a[29], a[47]); SQRADDAC(a[30], a[46]); SQRADDAC(a[31], a[45]); SQRADDAC(a[32], a[44]); SQRADDAC(a[33], a[43]); SQRADDAC(a[34], a[42]); SQRADDAC(a[35], a[41]); SQRADDAC(a[36], a[40]); SQRADDAC(a[37], a[39]); SQRADDDB; SQRADD(a[38], a[38]); 
+   COMBA_STORE(b[76]);
+
+   /* output 77 */
+   CARRY_FORWARD;
+   SQRADDSC(a[14], a[63]); SQRADDAC(a[15], a[62]); SQRADDAC(a[16], a[61]); SQRADDAC(a[17], a[60]); SQRADDAC(a[18], a[59]); SQRADDAC(a[19], a[58]); SQRADDAC(a[20], a[57]); SQRADDAC(a[21], a[56]); SQRADDAC(a[22], a[55]); SQRADDAC(a[23], a[54]); SQRADDAC(a[24], a[53]); SQRADDAC(a[25], a[52]); SQRADDAC(a[26], a[51]); SQRADDAC(a[27], a[50]); SQRADDAC(a[28], a[49]); SQRADDAC(a[29], a[48]); SQRADDAC(a[30], a[47]); SQRADDAC(a[31], a[46]); SQRADDAC(a[32], a[45]); SQRADDAC(a[33], a[44]); SQRADDAC(a[34], a[43]); SQRADDAC(a[35], a[42]); SQRADDAC(a[36], a[41]); SQRADDAC(a[37], a[40]); SQRADDAC(a[38], a[39]); SQRADDDB; 
+   COMBA_STORE(b[77]);
+
+   /* output 78 */
+   CARRY_FORWARD;
+   SQRADDSC(a[15], a[63]); SQRADDAC(a[16], a[62]); SQRADDAC(a[17], a[61]); SQRADDAC(a[18], a[60]); SQRADDAC(a[19], a[59]); SQRADDAC(a[20], a[58]); SQRADDAC(a[21], a[57]); SQRADDAC(a[22], a[56]); SQRADDAC(a[23], a[55]); SQRADDAC(a[24], a[54]); SQRADDAC(a[25], a[53]); SQRADDAC(a[26], a[52]); SQRADDAC(a[27], a[51]); SQRADDAC(a[28], a[50]); SQRADDAC(a[29], a[49]); SQRADDAC(a[30], a[48]); SQRADDAC(a[31], a[47]); SQRADDAC(a[32], a[46]); SQRADDAC(a[33], a[45]); SQRADDAC(a[34], a[44]); SQRADDAC(a[35], a[43]); SQRADDAC(a[36], a[42]); SQRADDAC(a[37], a[41]); SQRADDAC(a[38], a[40]); SQRADDDB; SQRADD(a[39], a[39]); 
+   COMBA_STORE(b[78]);
+
+   /* output 79 */
+   CARRY_FORWARD;
+   SQRADDSC(a[16], a[63]); SQRADDAC(a[17], a[62]); SQRADDAC(a[18], a[61]); SQRADDAC(a[19], a[60]); SQRADDAC(a[20], a[59]); SQRADDAC(a[21], a[58]); SQRADDAC(a[22], a[57]); SQRADDAC(a[23], a[56]); SQRADDAC(a[24], a[55]); SQRADDAC(a[25], a[54]); SQRADDAC(a[26], a[53]); SQRADDAC(a[27], a[52]); SQRADDAC(a[28], a[51]); SQRADDAC(a[29], a[50]); SQRADDAC(a[30], a[49]); SQRADDAC(a[31], a[48]); SQRADDAC(a[32], a[47]); SQRADDAC(a[33], a[46]); SQRADDAC(a[34], a[45]); SQRADDAC(a[35], a[44]); SQRADDAC(a[36], a[43]); SQRADDAC(a[37], a[42]); SQRADDAC(a[38], a[41]); SQRADDAC(a[39], a[40]); SQRADDDB; 
+   COMBA_STORE(b[79]);
+
+   /* output 80 */
+   CARRY_FORWARD;
+   SQRADDSC(a[17], a[63]); SQRADDAC(a[18], a[62]); SQRADDAC(a[19], a[61]); SQRADDAC(a[20], a[60]); SQRADDAC(a[21], a[59]); SQRADDAC(a[22], a[58]); SQRADDAC(a[23], a[57]); SQRADDAC(a[24], a[56]); SQRADDAC(a[25], a[55]); SQRADDAC(a[26], a[54]); SQRADDAC(a[27], a[53]); SQRADDAC(a[28], a[52]); SQRADDAC(a[29], a[51]); SQRADDAC(a[30], a[50]); SQRADDAC(a[31], a[49]); SQRADDAC(a[32], a[48]); SQRADDAC(a[33], a[47]); SQRADDAC(a[34], a[46]); SQRADDAC(a[35], a[45]); SQRADDAC(a[36], a[44]); SQRADDAC(a[37], a[43]); SQRADDAC(a[38], a[42]); SQRADDAC(a[39], a[41]); SQRADDDB; SQRADD(a[40], a[40]); 
+   COMBA_STORE(b[80]);
+
+   /* output 81 */
+   CARRY_FORWARD;
+   SQRADDSC(a[18], a[63]); SQRADDAC(a[19], a[62]); SQRADDAC(a[20], a[61]); SQRADDAC(a[21], a[60]); SQRADDAC(a[22], a[59]); SQRADDAC(a[23], a[58]); SQRADDAC(a[24], a[57]); SQRADDAC(a[25], a[56]); SQRADDAC(a[26], a[55]); SQRADDAC(a[27], a[54]); SQRADDAC(a[28], a[53]); SQRADDAC(a[29], a[52]); SQRADDAC(a[30], a[51]); SQRADDAC(a[31], a[50]); SQRADDAC(a[32], a[49]); SQRADDAC(a[33], a[48]); SQRADDAC(a[34], a[47]); SQRADDAC(a[35], a[46]); SQRADDAC(a[36], a[45]); SQRADDAC(a[37], a[44]); SQRADDAC(a[38], a[43]); SQRADDAC(a[39], a[42]); SQRADDAC(a[40], a[41]); SQRADDDB; 
+   COMBA_STORE(b[81]);
+
+   /* output 82 */
+   CARRY_FORWARD;
+   SQRADDSC(a[19], a[63]); SQRADDAC(a[20], a[62]); SQRADDAC(a[21], a[61]); SQRADDAC(a[22], a[60]); SQRADDAC(a[23], a[59]); SQRADDAC(a[24], a[58]); SQRADDAC(a[25], a[57]); SQRADDAC(a[26], a[56]); SQRADDAC(a[27], a[55]); SQRADDAC(a[28], a[54]); SQRADDAC(a[29], a[53]); SQRADDAC(a[30], a[52]); SQRADDAC(a[31], a[51]); SQRADDAC(a[32], a[50]); SQRADDAC(a[33], a[49]); SQRADDAC(a[34], a[48]); SQRADDAC(a[35], a[47]); SQRADDAC(a[36], a[46]); SQRADDAC(a[37], a[45]); SQRADDAC(a[38], a[44]); SQRADDAC(a[39], a[43]); SQRADDAC(a[40], a[42]); SQRADDDB; SQRADD(a[41], a[41]); 
+   COMBA_STORE(b[82]);
+
+   /* output 83 */
+   CARRY_FORWARD;
+   SQRADDSC(a[20], a[63]); SQRADDAC(a[21], a[62]); SQRADDAC(a[22], a[61]); SQRADDAC(a[23], a[60]); SQRADDAC(a[24], a[59]); SQRADDAC(a[25], a[58]); SQRADDAC(a[26], a[57]); SQRADDAC(a[27], a[56]); SQRADDAC(a[28], a[55]); SQRADDAC(a[29], a[54]); SQRADDAC(a[30], a[53]); SQRADDAC(a[31], a[52]); SQRADDAC(a[32], a[51]); SQRADDAC(a[33], a[50]); SQRADDAC(a[34], a[49]); SQRADDAC(a[35], a[48]); SQRADDAC(a[36], a[47]); SQRADDAC(a[37], a[46]); SQRADDAC(a[38], a[45]); SQRADDAC(a[39], a[44]); SQRADDAC(a[40], a[43]); SQRADDAC(a[41], a[42]); SQRADDDB; 
+   COMBA_STORE(b[83]);
+
+   /* output 84 */
+   CARRY_FORWARD;
+   SQRADDSC(a[21], a[63]); SQRADDAC(a[22], a[62]); SQRADDAC(a[23], a[61]); SQRADDAC(a[24], a[60]); SQRADDAC(a[25], a[59]); SQRADDAC(a[26], a[58]); SQRADDAC(a[27], a[57]); SQRADDAC(a[28], a[56]); SQRADDAC(a[29], a[55]); SQRADDAC(a[30], a[54]); SQRADDAC(a[31], a[53]); SQRADDAC(a[32], a[52]); SQRADDAC(a[33], a[51]); SQRADDAC(a[34], a[50]); SQRADDAC(a[35], a[49]); SQRADDAC(a[36], a[48]); SQRADDAC(a[37], a[47]); SQRADDAC(a[38], a[46]); SQRADDAC(a[39], a[45]); SQRADDAC(a[40], a[44]); SQRADDAC(a[41], a[43]); SQRADDDB; SQRADD(a[42], a[42]); 
+   COMBA_STORE(b[84]);
+
+   /* output 85 */
+   CARRY_FORWARD;
+   SQRADDSC(a[22], a[63]); SQRADDAC(a[23], a[62]); SQRADDAC(a[24], a[61]); SQRADDAC(a[25], a[60]); SQRADDAC(a[26], a[59]); SQRADDAC(a[27], a[58]); SQRADDAC(a[28], a[57]); SQRADDAC(a[29], a[56]); SQRADDAC(a[30], a[55]); SQRADDAC(a[31], a[54]); SQRADDAC(a[32], a[53]); SQRADDAC(a[33], a[52]); SQRADDAC(a[34], a[51]); SQRADDAC(a[35], a[50]); SQRADDAC(a[36], a[49]); SQRADDAC(a[37], a[48]); SQRADDAC(a[38], a[47]); SQRADDAC(a[39], a[46]); SQRADDAC(a[40], a[45]); SQRADDAC(a[41], a[44]); SQRADDAC(a[42], a[43]); SQRADDDB; 
+   COMBA_STORE(b[85]);
+
+   /* output 86 */
+   CARRY_FORWARD;
+   SQRADDSC(a[23], a[63]); SQRADDAC(a[24], a[62]); SQRADDAC(a[25], a[61]); SQRADDAC(a[26], a[60]); SQRADDAC(a[27], a[59]); SQRADDAC(a[28], a[58]); SQRADDAC(a[29], a[57]); SQRADDAC(a[30], a[56]); SQRADDAC(a[31], a[55]); SQRADDAC(a[32], a[54]); SQRADDAC(a[33], a[53]); SQRADDAC(a[34], a[52]); SQRADDAC(a[35], a[51]); SQRADDAC(a[36], a[50]); SQRADDAC(a[37], a[49]); SQRADDAC(a[38], a[48]); SQRADDAC(a[39], a[47]); SQRADDAC(a[40], a[46]); SQRADDAC(a[41], a[45]); SQRADDAC(a[42], a[44]); SQRADDDB; SQRADD(a[43], a[43]); 
+   COMBA_STORE(b[86]);
+
+   /* output 87 */
+   CARRY_FORWARD;
+   SQRADDSC(a[24], a[63]); SQRADDAC(a[25], a[62]); SQRADDAC(a[26], a[61]); SQRADDAC(a[27], a[60]); SQRADDAC(a[28], a[59]); SQRADDAC(a[29], a[58]); SQRADDAC(a[30], a[57]); SQRADDAC(a[31], a[56]); SQRADDAC(a[32], a[55]); SQRADDAC(a[33], a[54]); SQRADDAC(a[34], a[53]); SQRADDAC(a[35], a[52]); SQRADDAC(a[36], a[51]); SQRADDAC(a[37], a[50]); SQRADDAC(a[38], a[49]); SQRADDAC(a[39], a[48]); SQRADDAC(a[40], a[47]); SQRADDAC(a[41], a[46]); SQRADDAC(a[42], a[45]); SQRADDAC(a[43], a[44]); SQRADDDB; 
+   COMBA_STORE(b[87]);
+
+   /* output 88 */
+   CARRY_FORWARD;
+   SQRADDSC(a[25], a[63]); SQRADDAC(a[26], a[62]); SQRADDAC(a[27], a[61]); SQRADDAC(a[28], a[60]); SQRADDAC(a[29], a[59]); SQRADDAC(a[30], a[58]); SQRADDAC(a[31], a[57]); SQRADDAC(a[32], a[56]); SQRADDAC(a[33], a[55]); SQRADDAC(a[34], a[54]); SQRADDAC(a[35], a[53]); SQRADDAC(a[36], a[52]); SQRADDAC(a[37], a[51]); SQRADDAC(a[38], a[50]); SQRADDAC(a[39], a[49]); SQRADDAC(a[40], a[48]); SQRADDAC(a[41], a[47]); SQRADDAC(a[42], a[46]); SQRADDAC(a[43], a[45]); SQRADDDB; SQRADD(a[44], a[44]); 
+   COMBA_STORE(b[88]);
+
+   /* output 89 */
+   CARRY_FORWARD;
+   SQRADDSC(a[26], a[63]); SQRADDAC(a[27], a[62]); SQRADDAC(a[28], a[61]); SQRADDAC(a[29], a[60]); SQRADDAC(a[30], a[59]); SQRADDAC(a[31], a[58]); SQRADDAC(a[32], a[57]); SQRADDAC(a[33], a[56]); SQRADDAC(a[34], a[55]); SQRADDAC(a[35], a[54]); SQRADDAC(a[36], a[53]); SQRADDAC(a[37], a[52]); SQRADDAC(a[38], a[51]); SQRADDAC(a[39], a[50]); SQRADDAC(a[40], a[49]); SQRADDAC(a[41], a[48]); SQRADDAC(a[42], a[47]); SQRADDAC(a[43], a[46]); SQRADDAC(a[44], a[45]); SQRADDDB; 
+   COMBA_STORE(b[89]);
+
+   /* output 90 */
+   CARRY_FORWARD;
+   SQRADDSC(a[27], a[63]); SQRADDAC(a[28], a[62]); SQRADDAC(a[29], a[61]); SQRADDAC(a[30], a[60]); SQRADDAC(a[31], a[59]); SQRADDAC(a[32], a[58]); SQRADDAC(a[33], a[57]); SQRADDAC(a[34], a[56]); SQRADDAC(a[35], a[55]); SQRADDAC(a[36], a[54]); SQRADDAC(a[37], a[53]); SQRADDAC(a[38], a[52]); SQRADDAC(a[39], a[51]); SQRADDAC(a[40], a[50]); SQRADDAC(a[41], a[49]); SQRADDAC(a[42], a[48]); SQRADDAC(a[43], a[47]); SQRADDAC(a[44], a[46]); SQRADDDB; SQRADD(a[45], a[45]); 
+   COMBA_STORE(b[90]);
+
+   /* output 91 */
+   CARRY_FORWARD;
+   SQRADDSC(a[28], a[63]); SQRADDAC(a[29], a[62]); SQRADDAC(a[30], a[61]); SQRADDAC(a[31], a[60]); SQRADDAC(a[32], a[59]); SQRADDAC(a[33], a[58]); SQRADDAC(a[34], a[57]); SQRADDAC(a[35], a[56]); SQRADDAC(a[36], a[55]); SQRADDAC(a[37], a[54]); SQRADDAC(a[38], a[53]); SQRADDAC(a[39], a[52]); SQRADDAC(a[40], a[51]); SQRADDAC(a[41], a[50]); SQRADDAC(a[42], a[49]); SQRADDAC(a[43], a[48]); SQRADDAC(a[44], a[47]); SQRADDAC(a[45], a[46]); SQRADDDB; 
+   COMBA_STORE(b[91]);
+
+   /* output 92 */
+   CARRY_FORWARD;
+   SQRADDSC(a[29], a[63]); SQRADDAC(a[30], a[62]); SQRADDAC(a[31], a[61]); SQRADDAC(a[32], a[60]); SQRADDAC(a[33], a[59]); SQRADDAC(a[34], a[58]); SQRADDAC(a[35], a[57]); SQRADDAC(a[36], a[56]); SQRADDAC(a[37], a[55]); SQRADDAC(a[38], a[54]); SQRADDAC(a[39], a[53]); SQRADDAC(a[40], a[52]); SQRADDAC(a[41], a[51]); SQRADDAC(a[42], a[50]); SQRADDAC(a[43], a[49]); SQRADDAC(a[44], a[48]); SQRADDAC(a[45], a[47]); SQRADDDB; SQRADD(a[46], a[46]); 
+   COMBA_STORE(b[92]);
+
+   /* output 93 */
+   CARRY_FORWARD;
+   SQRADDSC(a[30], a[63]); SQRADDAC(a[31], a[62]); SQRADDAC(a[32], a[61]); SQRADDAC(a[33], a[60]); SQRADDAC(a[34], a[59]); SQRADDAC(a[35], a[58]); SQRADDAC(a[36], a[57]); SQRADDAC(a[37], a[56]); SQRADDAC(a[38], a[55]); SQRADDAC(a[39], a[54]); SQRADDAC(a[40], a[53]); SQRADDAC(a[41], a[52]); SQRADDAC(a[42], a[51]); SQRADDAC(a[43], a[50]); SQRADDAC(a[44], a[49]); SQRADDAC(a[45], a[48]); SQRADDAC(a[46], a[47]); SQRADDDB; 
+   COMBA_STORE(b[93]);
+
+   /* output 94 */
+   CARRY_FORWARD;
+   SQRADDSC(a[31], a[63]); SQRADDAC(a[32], a[62]); SQRADDAC(a[33], a[61]); SQRADDAC(a[34], a[60]); SQRADDAC(a[35], a[59]); SQRADDAC(a[36], a[58]); SQRADDAC(a[37], a[57]); SQRADDAC(a[38], a[56]); SQRADDAC(a[39], a[55]); SQRADDAC(a[40], a[54]); SQRADDAC(a[41], a[53]); SQRADDAC(a[42], a[52]); SQRADDAC(a[43], a[51]); SQRADDAC(a[44], a[50]); SQRADDAC(a[45], a[49]); SQRADDAC(a[46], a[48]); SQRADDDB; SQRADD(a[47], a[47]); 
+   COMBA_STORE(b[94]);
+
+   /* output 95 */
+   CARRY_FORWARD;
+   SQRADDSC(a[32], a[63]); SQRADDAC(a[33], a[62]); SQRADDAC(a[34], a[61]); SQRADDAC(a[35], a[60]); SQRADDAC(a[36], a[59]); SQRADDAC(a[37], a[58]); SQRADDAC(a[38], a[57]); SQRADDAC(a[39], a[56]); SQRADDAC(a[40], a[55]); SQRADDAC(a[41], a[54]); SQRADDAC(a[42], a[53]); SQRADDAC(a[43], a[52]); SQRADDAC(a[44], a[51]); SQRADDAC(a[45], a[50]); SQRADDAC(a[46], a[49]); SQRADDAC(a[47], a[48]); SQRADDDB; 
+   COMBA_STORE(b[95]);
+
+   /* output 96 */
+   CARRY_FORWARD;
+   SQRADDSC(a[33], a[63]); SQRADDAC(a[34], a[62]); SQRADDAC(a[35], a[61]); SQRADDAC(a[36], a[60]); SQRADDAC(a[37], a[59]); SQRADDAC(a[38], a[58]); SQRADDAC(a[39], a[57]); SQRADDAC(a[40], a[56]); SQRADDAC(a[41], a[55]); SQRADDAC(a[42], a[54]); SQRADDAC(a[43], a[53]); SQRADDAC(a[44], a[52]); SQRADDAC(a[45], a[51]); SQRADDAC(a[46], a[50]); SQRADDAC(a[47], a[49]); SQRADDDB; SQRADD(a[48], a[48]); 
+   COMBA_STORE(b[96]);
+
+   /* output 97 */
+   CARRY_FORWARD;
+   SQRADDSC(a[34], a[63]); SQRADDAC(a[35], a[62]); SQRADDAC(a[36], a[61]); SQRADDAC(a[37], a[60]); SQRADDAC(a[38], a[59]); SQRADDAC(a[39], a[58]); SQRADDAC(a[40], a[57]); SQRADDAC(a[41], a[56]); SQRADDAC(a[42], a[55]); SQRADDAC(a[43], a[54]); SQRADDAC(a[44], a[53]); SQRADDAC(a[45], a[52]); SQRADDAC(a[46], a[51]); SQRADDAC(a[47], a[50]); SQRADDAC(a[48], a[49]); SQRADDDB; 
+   COMBA_STORE(b[97]);
+
+   /* output 98 */
+   CARRY_FORWARD;
+   SQRADDSC(a[35], a[63]); SQRADDAC(a[36], a[62]); SQRADDAC(a[37], a[61]); SQRADDAC(a[38], a[60]); SQRADDAC(a[39], a[59]); SQRADDAC(a[40], a[58]); SQRADDAC(a[41], a[57]); SQRADDAC(a[42], a[56]); SQRADDAC(a[43], a[55]); SQRADDAC(a[44], a[54]); SQRADDAC(a[45], a[53]); SQRADDAC(a[46], a[52]); SQRADDAC(a[47], a[51]); SQRADDAC(a[48], a[50]); SQRADDDB; SQRADD(a[49], a[49]); 
+   COMBA_STORE(b[98]);
+
+   /* output 99 */
+   CARRY_FORWARD;
+   SQRADDSC(a[36], a[63]); SQRADDAC(a[37], a[62]); SQRADDAC(a[38], a[61]); SQRADDAC(a[39], a[60]); SQRADDAC(a[40], a[59]); SQRADDAC(a[41], a[58]); SQRADDAC(a[42], a[57]); SQRADDAC(a[43], a[56]); SQRADDAC(a[44], a[55]); SQRADDAC(a[45], a[54]); SQRADDAC(a[46], a[53]); SQRADDAC(a[47], a[52]); SQRADDAC(a[48], a[51]); SQRADDAC(a[49], a[50]); SQRADDDB; 
+   COMBA_STORE(b[99]);
+
+   /* output 100 */
+   CARRY_FORWARD;
+   SQRADDSC(a[37], a[63]); SQRADDAC(a[38], a[62]); SQRADDAC(a[39], a[61]); SQRADDAC(a[40], a[60]); SQRADDAC(a[41], a[59]); SQRADDAC(a[42], a[58]); SQRADDAC(a[43], a[57]); SQRADDAC(a[44], a[56]); SQRADDAC(a[45], a[55]); SQRADDAC(a[46], a[54]); SQRADDAC(a[47], a[53]); SQRADDAC(a[48], a[52]); SQRADDAC(a[49], a[51]); SQRADDDB; SQRADD(a[50], a[50]); 
+   COMBA_STORE(b[100]);
+
+   /* output 101 */
+   CARRY_FORWARD;
+   SQRADDSC(a[38], a[63]); SQRADDAC(a[39], a[62]); SQRADDAC(a[40], a[61]); SQRADDAC(a[41], a[60]); SQRADDAC(a[42], a[59]); SQRADDAC(a[43], a[58]); SQRADDAC(a[44], a[57]); SQRADDAC(a[45], a[56]); SQRADDAC(a[46], a[55]); SQRADDAC(a[47], a[54]); SQRADDAC(a[48], a[53]); SQRADDAC(a[49], a[52]); SQRADDAC(a[50], a[51]); SQRADDDB; 
+   COMBA_STORE(b[101]);
+
+   /* output 102 */
+   CARRY_FORWARD;
+   SQRADDSC(a[39], a[63]); SQRADDAC(a[40], a[62]); SQRADDAC(a[41], a[61]); SQRADDAC(a[42], a[60]); SQRADDAC(a[43], a[59]); SQRADDAC(a[44], a[58]); SQRADDAC(a[45], a[57]); SQRADDAC(a[46], a[56]); SQRADDAC(a[47], a[55]); SQRADDAC(a[48], a[54]); SQRADDAC(a[49], a[53]); SQRADDAC(a[50], a[52]); SQRADDDB; SQRADD(a[51], a[51]); 
+   COMBA_STORE(b[102]);
+
+   /* output 103 */
+   CARRY_FORWARD;
+   SQRADDSC(a[40], a[63]); SQRADDAC(a[41], a[62]); SQRADDAC(a[42], a[61]); SQRADDAC(a[43], a[60]); SQRADDAC(a[44], a[59]); SQRADDAC(a[45], a[58]); SQRADDAC(a[46], a[57]); SQRADDAC(a[47], a[56]); SQRADDAC(a[48], a[55]); SQRADDAC(a[49], a[54]); SQRADDAC(a[50], a[53]); SQRADDAC(a[51], a[52]); SQRADDDB; 
+   COMBA_STORE(b[103]);
+
+   /* output 104 */
+   CARRY_FORWARD;
+   SQRADDSC(a[41], a[63]); SQRADDAC(a[42], a[62]); SQRADDAC(a[43], a[61]); SQRADDAC(a[44], a[60]); SQRADDAC(a[45], a[59]); SQRADDAC(a[46], a[58]); SQRADDAC(a[47], a[57]); SQRADDAC(a[48], a[56]); SQRADDAC(a[49], a[55]); SQRADDAC(a[50], a[54]); SQRADDAC(a[51], a[53]); SQRADDDB; SQRADD(a[52], a[52]); 
+   COMBA_STORE(b[104]);
+
+   /* output 105 */
+   CARRY_FORWARD;
+   SQRADDSC(a[42], a[63]); SQRADDAC(a[43], a[62]); SQRADDAC(a[44], a[61]); SQRADDAC(a[45], a[60]); SQRADDAC(a[46], a[59]); SQRADDAC(a[47], a[58]); SQRADDAC(a[48], a[57]); SQRADDAC(a[49], a[56]); SQRADDAC(a[50], a[55]); SQRADDAC(a[51], a[54]); SQRADDAC(a[52], a[53]); SQRADDDB; 
+   COMBA_STORE(b[105]);
+
+   /* output 106 */
+   CARRY_FORWARD;
+   SQRADDSC(a[43], a[63]); SQRADDAC(a[44], a[62]); SQRADDAC(a[45], a[61]); SQRADDAC(a[46], a[60]); SQRADDAC(a[47], a[59]); SQRADDAC(a[48], a[58]); SQRADDAC(a[49], a[57]); SQRADDAC(a[50], a[56]); SQRADDAC(a[51], a[55]); SQRADDAC(a[52], a[54]); SQRADDDB; SQRADD(a[53], a[53]); 
+   COMBA_STORE(b[106]);
+
+   /* output 107 */
+   CARRY_FORWARD;
+   SQRADDSC(a[44], a[63]); SQRADDAC(a[45], a[62]); SQRADDAC(a[46], a[61]); SQRADDAC(a[47], a[60]); SQRADDAC(a[48], a[59]); SQRADDAC(a[49], a[58]); SQRADDAC(a[50], a[57]); SQRADDAC(a[51], a[56]); SQRADDAC(a[52], a[55]); SQRADDAC(a[53], a[54]); SQRADDDB; 
+   COMBA_STORE(b[107]);
+
+   /* output 108 */
+   CARRY_FORWARD;
+   SQRADDSC(a[45], a[63]); SQRADDAC(a[46], a[62]); SQRADDAC(a[47], a[61]); SQRADDAC(a[48], a[60]); SQRADDAC(a[49], a[59]); SQRADDAC(a[50], a[58]); SQRADDAC(a[51], a[57]); SQRADDAC(a[52], a[56]); SQRADDAC(a[53], a[55]); SQRADDDB; SQRADD(a[54], a[54]); 
+   COMBA_STORE(b[108]);
+
+   /* output 109 */
+   CARRY_FORWARD;
+   SQRADDSC(a[46], a[63]); SQRADDAC(a[47], a[62]); SQRADDAC(a[48], a[61]); SQRADDAC(a[49], a[60]); SQRADDAC(a[50], a[59]); SQRADDAC(a[51], a[58]); SQRADDAC(a[52], a[57]); SQRADDAC(a[53], a[56]); SQRADDAC(a[54], a[55]); SQRADDDB; 
+   COMBA_STORE(b[109]);
+
+   /* output 110 */
+   CARRY_FORWARD;
+   SQRADDSC(a[47], a[63]); SQRADDAC(a[48], a[62]); SQRADDAC(a[49], a[61]); SQRADDAC(a[50], a[60]); SQRADDAC(a[51], a[59]); SQRADDAC(a[52], a[58]); SQRADDAC(a[53], a[57]); SQRADDAC(a[54], a[56]); SQRADDDB; SQRADD(a[55], a[55]); 
+   COMBA_STORE(b[110]);
+
+   /* output 111 */
+   CARRY_FORWARD;
+   SQRADDSC(a[48], a[63]); SQRADDAC(a[49], a[62]); SQRADDAC(a[50], a[61]); SQRADDAC(a[51], a[60]); SQRADDAC(a[52], a[59]); SQRADDAC(a[53], a[58]); SQRADDAC(a[54], a[57]); SQRADDAC(a[55], a[56]); SQRADDDB; 
+   COMBA_STORE(b[111]);
+
+   /* output 112 */
+   CARRY_FORWARD;
+   SQRADDSC(a[49], a[63]); SQRADDAC(a[50], a[62]); SQRADDAC(a[51], a[61]); SQRADDAC(a[52], a[60]); SQRADDAC(a[53], a[59]); SQRADDAC(a[54], a[58]); SQRADDAC(a[55], a[57]); SQRADDDB; SQRADD(a[56], a[56]); 
+   COMBA_STORE(b[112]);
+
+   /* output 113 */
+   CARRY_FORWARD;
+   SQRADDSC(a[50], a[63]); SQRADDAC(a[51], a[62]); SQRADDAC(a[52], a[61]); SQRADDAC(a[53], a[60]); SQRADDAC(a[54], a[59]); SQRADDAC(a[55], a[58]); SQRADDAC(a[56], a[57]); SQRADDDB; 
+   COMBA_STORE(b[113]);
+
+   /* output 114 */
+   CARRY_FORWARD;
+   SQRADDSC(a[51], a[63]); SQRADDAC(a[52], a[62]); SQRADDAC(a[53], a[61]); SQRADDAC(a[54], a[60]); SQRADDAC(a[55], a[59]); SQRADDAC(a[56], a[58]); SQRADDDB; SQRADD(a[57], a[57]); 
+   COMBA_STORE(b[114]);
+
+   /* output 115 */
+   CARRY_FORWARD;
+   SQRADDSC(a[52], a[63]); SQRADDAC(a[53], a[62]); SQRADDAC(a[54], a[61]); SQRADDAC(a[55], a[60]); SQRADDAC(a[56], a[59]); SQRADDAC(a[57], a[58]); SQRADDDB; 
+   COMBA_STORE(b[115]);
+
+   /* output 116 */
+   CARRY_FORWARD;
+   SQRADDSC(a[53], a[63]); SQRADDAC(a[54], a[62]); SQRADDAC(a[55], a[61]); SQRADDAC(a[56], a[60]); SQRADDAC(a[57], a[59]); SQRADDDB; SQRADD(a[58], a[58]); 
+   COMBA_STORE(b[116]);
+
+   /* output 117 */
+   CARRY_FORWARD;
+   SQRADDSC(a[54], a[63]); SQRADDAC(a[55], a[62]); SQRADDAC(a[56], a[61]); SQRADDAC(a[57], a[60]); SQRADDAC(a[58], a[59]); SQRADDDB; 
+   COMBA_STORE(b[117]);
+
+   /* output 118 */
+   CARRY_FORWARD;
+   SQRADDSC(a[55], a[63]); SQRADDAC(a[56], a[62]); SQRADDAC(a[57], a[61]); SQRADDAC(a[58], a[60]); SQRADDDB; SQRADD(a[59], a[59]); 
+   COMBA_STORE(b[118]);
+
+   /* output 119 */
+   CARRY_FORWARD;
+   SQRADDSC(a[56], a[63]); SQRADDAC(a[57], a[62]); SQRADDAC(a[58], a[61]); SQRADDAC(a[59], a[60]); SQRADDDB; 
+   COMBA_STORE(b[119]);
+
+   /* output 120 */
+   CARRY_FORWARD;
+   SQRADDSC(a[57], a[63]); SQRADDAC(a[58], a[62]); SQRADDAC(a[59], a[61]); SQRADDDB; SQRADD(a[60], a[60]); 
+   COMBA_STORE(b[120]);
+
+   /* output 121 */
+   CARRY_FORWARD;
+   SQRADDSC(a[58], a[63]); SQRADDAC(a[59], a[62]); SQRADDAC(a[60], a[61]); SQRADDDB; 
+   COMBA_STORE(b[121]);
+
+   /* output 122 */
+   CARRY_FORWARD;
+   SQRADD2(a[59], a[63]); SQRADD2(a[60], a[62]); SQRADD(a[61], a[61]); 
+   COMBA_STORE(b[122]);
+
+   /* output 123 */
+   CARRY_FORWARD;
+   SQRADD2(a[60], a[63]); SQRADD2(a[61], a[62]); 
+   COMBA_STORE(b[123]);
+
+   /* output 124 */
+   CARRY_FORWARD;
+   SQRADD2(a[61], a[63]); SQRADD(a[62], a[62]); 
+   COMBA_STORE(b[124]);
+
+   /* output 125 */
+   CARRY_FORWARD;
+   SQRADD2(a[62], a[63]); 
+   COMBA_STORE(b[125]);
+
+   /* output 126 */
+   CARRY_FORWARD;
+   SQRADD(a[63], a[63]); 
+   COMBA_STORE(b[126]);
+   COMBA_STORE2(b[127]);
+   COMBA_FINI;
+
+   B->used = 128;
+   B->sign = FP_ZPOS;
+   memcpy(B->dp, b, 128 * sizeof(fp_digit));
+   fp_clamp(B);
+}
+#endif
+
+
diff --git a/3P/wolfssl/wolfcrypt/src/fp_sqr_comba_7.i b/3P/wolfssl/wolfcrypt/src/fp_sqr_comba_7.i
new file mode 100644
index 00000000..8ddef1a9
--- /dev/null
+++ b/3P/wolfssl/wolfcrypt/src/fp_sqr_comba_7.i
@@ -0,0 +1,110 @@
+/* fp_sqr_comba_7.i
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#ifdef TFM_SQR7
+void fp_sqr_comba7(fp_int *A, fp_int *B)
+{
+   fp_digit *a, b[14], c0, c1, c2, sc0, sc1, sc2;
+#ifdef TFM_ISO
+   fp_word tt;
+#endif
+
+   a = A->dp;
+   COMBA_START; 
+
+   /* clear carries */
+   CLEAR_CARRY;
+
+   /* output 0 */
+   SQRADD(a[0],a[0]);
+   COMBA_STORE(b[0]);
+
+   /* output 1 */
+   CARRY_FORWARD;
+   SQRADD2(a[0], a[1]); 
+   COMBA_STORE(b[1]);
+
+   /* output 2 */
+   CARRY_FORWARD;
+   SQRADD2(a[0], a[2]); SQRADD(a[1], a[1]); 
+   COMBA_STORE(b[2]);
+
+   /* output 3 */
+   CARRY_FORWARD;
+   SQRADD2(a[0], a[3]); SQRADD2(a[1], a[2]); 
+   COMBA_STORE(b[3]);
+
+   /* output 4 */
+   CARRY_FORWARD;
+   SQRADD2(a[0], a[4]); SQRADD2(a[1], a[3]); SQRADD(a[2], a[2]); 
+   COMBA_STORE(b[4]);
+
+   /* output 5 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[5]); SQRADDAC(a[1], a[4]); SQRADDAC(a[2], a[3]); SQRADDDB; 
+   COMBA_STORE(b[5]);
+
+   /* output 6 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[6]); SQRADDAC(a[1], a[5]); SQRADDAC(a[2], a[4]); SQRADDDB; SQRADD(a[3], a[3]); 
+   COMBA_STORE(b[6]);
+
+   /* output 7 */
+   CARRY_FORWARD;
+   SQRADDSC(a[1], a[6]); SQRADDAC(a[2], a[5]); SQRADDAC(a[3], a[4]); SQRADDDB; 
+   COMBA_STORE(b[7]);
+
+   /* output 8 */
+   CARRY_FORWARD;
+   SQRADD2(a[2], a[6]); SQRADD2(a[3], a[5]); SQRADD(a[4], a[4]); 
+   COMBA_STORE(b[8]);
+
+   /* output 9 */
+   CARRY_FORWARD;
+   SQRADD2(a[3], a[6]); SQRADD2(a[4], a[5]); 
+   COMBA_STORE(b[9]);
+
+   /* output 10 */
+   CARRY_FORWARD;
+   SQRADD2(a[4], a[6]); SQRADD(a[5], a[5]); 
+   COMBA_STORE(b[10]);
+
+   /* output 11 */
+   CARRY_FORWARD;
+   SQRADD2(a[5], a[6]); 
+   COMBA_STORE(b[11]);
+
+   /* output 12 */
+   CARRY_FORWARD;
+   SQRADD(a[6], a[6]); 
+   COMBA_STORE(b[12]);
+   COMBA_STORE2(b[13]);
+   COMBA_FINI;
+
+   B->used = 14;
+   B->sign = FP_ZPOS;
+   memcpy(B->dp, b, 14 * sizeof(fp_digit));
+   fp_clamp(B);
+}
+#endif
+
+
diff --git a/3P/wolfssl/wolfcrypt/src/fp_sqr_comba_8.i b/3P/wolfssl/wolfcrypt/src/fp_sqr_comba_8.i
new file mode 100644
index 00000000..f9a72bcf
--- /dev/null
+++ b/3P/wolfssl/wolfcrypt/src/fp_sqr_comba_8.i
@@ -0,0 +1,120 @@
+/* fp_sqr_comba_8.i
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#ifdef TFM_SQR8
+void fp_sqr_comba8(fp_int *A, fp_int *B)
+{
+   fp_digit *a, b[16], c0, c1, c2, sc0, sc1, sc2;
+#ifdef TFM_ISO
+   fp_word   tt;   
+#endif   
+
+   a = A->dp;
+   COMBA_START; 
+
+   /* clear carries */
+   CLEAR_CARRY;
+
+   /* output 0 */
+   SQRADD(a[0],a[0]);
+   COMBA_STORE(b[0]);
+
+   /* output 1 */
+   CARRY_FORWARD;
+   SQRADD2(a[0], a[1]); 
+   COMBA_STORE(b[1]);
+
+   /* output 2 */
+   CARRY_FORWARD;
+   SQRADD2(a[0], a[2]); SQRADD(a[1], a[1]); 
+   COMBA_STORE(b[2]);
+
+   /* output 3 */
+   CARRY_FORWARD;
+   SQRADD2(a[0], a[3]); SQRADD2(a[1], a[2]); 
+   COMBA_STORE(b[3]);
+
+   /* output 4 */
+   CARRY_FORWARD;
+   SQRADD2(a[0], a[4]); SQRADD2(a[1], a[3]); SQRADD(a[2], a[2]); 
+   COMBA_STORE(b[4]);
+
+   /* output 5 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[5]); SQRADDAC(a[1], a[4]); SQRADDAC(a[2], a[3]); SQRADDDB; 
+   COMBA_STORE(b[5]);
+
+   /* output 6 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[6]); SQRADDAC(a[1], a[5]); SQRADDAC(a[2], a[4]); SQRADDDB; SQRADD(a[3], a[3]); 
+   COMBA_STORE(b[6]);
+
+   /* output 7 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[7]); SQRADDAC(a[1], a[6]); SQRADDAC(a[2], a[5]); SQRADDAC(a[3], a[4]); SQRADDDB; 
+   COMBA_STORE(b[7]);
+
+   /* output 8 */
+   CARRY_FORWARD;
+   SQRADDSC(a[1], a[7]); SQRADDAC(a[2], a[6]); SQRADDAC(a[3], a[5]); SQRADDDB; SQRADD(a[4], a[4]); 
+   COMBA_STORE(b[8]);
+
+   /* output 9 */
+   CARRY_FORWARD;
+   SQRADDSC(a[2], a[7]); SQRADDAC(a[3], a[6]); SQRADDAC(a[4], a[5]); SQRADDDB; 
+   COMBA_STORE(b[9]);
+
+   /* output 10 */
+   CARRY_FORWARD;
+   SQRADD2(a[3], a[7]); SQRADD2(a[4], a[6]); SQRADD(a[5], a[5]); 
+   COMBA_STORE(b[10]);
+
+   /* output 11 */
+   CARRY_FORWARD;
+   SQRADD2(a[4], a[7]); SQRADD2(a[5], a[6]); 
+   COMBA_STORE(b[11]);
+
+   /* output 12 */
+   CARRY_FORWARD;
+   SQRADD2(a[5], a[7]); SQRADD(a[6], a[6]); 
+   COMBA_STORE(b[12]);
+
+   /* output 13 */
+   CARRY_FORWARD;
+   SQRADD2(a[6], a[7]); 
+   COMBA_STORE(b[13]);
+
+   /* output 14 */
+   CARRY_FORWARD;
+   SQRADD(a[7], a[7]); 
+   COMBA_STORE(b[14]);
+   COMBA_STORE2(b[15]);
+   COMBA_FINI;
+
+   B->used = 16;
+   B->sign = FP_ZPOS;
+   memcpy(B->dp, b, 16 * sizeof(fp_digit));
+   fp_clamp(B);
+}
+#endif
+
+
diff --git a/3P/wolfssl/wolfcrypt/src/fp_sqr_comba_9.i b/3P/wolfssl/wolfcrypt/src/fp_sqr_comba_9.i
new file mode 100644
index 00000000..94a5d2e9
--- /dev/null
+++ b/3P/wolfssl/wolfcrypt/src/fp_sqr_comba_9.i
@@ -0,0 +1,130 @@
+/* fp_sqr_comba_9.i
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#ifdef TFM_SQR9
+void fp_sqr_comba9(fp_int *A, fp_int *B)
+{
+   fp_digit *a, b[18], c0, c1, c2, sc0, sc1, sc2;
+#ifdef TFM_ISO
+   fp_word tt;
+#endif
+
+   a = A->dp;
+   COMBA_START; 
+
+   /* clear carries */
+   CLEAR_CARRY;
+
+   /* output 0 */
+   SQRADD(a[0],a[0]);
+   COMBA_STORE(b[0]);
+
+   /* output 1 */
+   CARRY_FORWARD;
+   SQRADD2(a[0], a[1]); 
+   COMBA_STORE(b[1]);
+
+   /* output 2 */
+   CARRY_FORWARD;
+   SQRADD2(a[0], a[2]); SQRADD(a[1], a[1]); 
+   COMBA_STORE(b[2]);
+
+   /* output 3 */
+   CARRY_FORWARD;
+   SQRADD2(a[0], a[3]); SQRADD2(a[1], a[2]); 
+   COMBA_STORE(b[3]);
+
+   /* output 4 */
+   CARRY_FORWARD;
+   SQRADD2(a[0], a[4]); SQRADD2(a[1], a[3]); SQRADD(a[2], a[2]); 
+   COMBA_STORE(b[4]);
+
+   /* output 5 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[5]); SQRADDAC(a[1], a[4]); SQRADDAC(a[2], a[3]); SQRADDDB; 
+   COMBA_STORE(b[5]);
+
+   /* output 6 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[6]); SQRADDAC(a[1], a[5]); SQRADDAC(a[2], a[4]); SQRADDDB; SQRADD(a[3], a[3]); 
+   COMBA_STORE(b[6]);
+
+   /* output 7 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[7]); SQRADDAC(a[1], a[6]); SQRADDAC(a[2], a[5]); SQRADDAC(a[3], a[4]); SQRADDDB; 
+   COMBA_STORE(b[7]);
+
+   /* output 8 */
+   CARRY_FORWARD;
+   SQRADDSC(a[0], a[8]); SQRADDAC(a[1], a[7]); SQRADDAC(a[2], a[6]); SQRADDAC(a[3], a[5]); SQRADDDB; SQRADD(a[4], a[4]); 
+   COMBA_STORE(b[8]);
+
+   /* output 9 */
+   CARRY_FORWARD;
+   SQRADDSC(a[1], a[8]); SQRADDAC(a[2], a[7]); SQRADDAC(a[3], a[6]); SQRADDAC(a[4], a[5]); SQRADDDB; 
+   COMBA_STORE(b[9]);
+
+   /* output 10 */
+   CARRY_FORWARD;
+   SQRADDSC(a[2], a[8]); SQRADDAC(a[3], a[7]); SQRADDAC(a[4], a[6]); SQRADDDB; SQRADD(a[5], a[5]); 
+   COMBA_STORE(b[10]);
+
+   /* output 11 */
+   CARRY_FORWARD;
+   SQRADDSC(a[3], a[8]); SQRADDAC(a[4], a[7]); SQRADDAC(a[5], a[6]); SQRADDDB; 
+   COMBA_STORE(b[11]);
+
+   /* output 12 */
+   CARRY_FORWARD;
+   SQRADD2(a[4], a[8]); SQRADD2(a[5], a[7]); SQRADD(a[6], a[6]); 
+   COMBA_STORE(b[12]);
+
+   /* output 13 */
+   CARRY_FORWARD;
+   SQRADD2(a[5], a[8]); SQRADD2(a[6], a[7]); 
+   COMBA_STORE(b[13]);
+
+   /* output 14 */
+   CARRY_FORWARD;
+   SQRADD2(a[6], a[8]); SQRADD(a[7], a[7]); 
+   COMBA_STORE(b[14]);
+
+   /* output 15 */
+   CARRY_FORWARD;
+   SQRADD2(a[7], a[8]); 
+   COMBA_STORE(b[15]);
+
+   /* output 16 */
+   CARRY_FORWARD;
+   SQRADD(a[8], a[8]); 
+   COMBA_STORE(b[16]);
+   COMBA_STORE2(b[17]);
+   COMBA_FINI;
+
+   B->used = 18;
+   B->sign = FP_ZPOS;
+   memcpy(B->dp, b, 18 * sizeof(fp_digit));
+   fp_clamp(B);
+}
+#endif
+
+
diff --git a/3P/wolfssl/wolfcrypt/src/fp_sqr_comba_small_set.i b/3P/wolfssl/wolfcrypt/src/fp_sqr_comba_small_set.i
new file mode 100644
index 00000000..9918b2ee
--- /dev/null
+++ b/3P/wolfssl/wolfcrypt/src/fp_sqr_comba_small_set.i
@@ -0,0 +1,1540 @@
+/* fp_sqr_comba_small_set.i
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#if defined(TFM_SMALL_SET)
+void fp_sqr_comba_small(fp_int *A, fp_int *B)
+{
+   fp_digit *a, b[32], c0, c1, c2, sc0, sc1, sc2;
+#ifdef TFM_ISO
+   fp_word   tt;   
+#endif   
+   switch (A->used) { 
+   case 1:
+      a = A->dp;
+      COMBA_START; 
+
+      /* clear carries */
+      CLEAR_CARRY;
+
+      /* output 0 */
+      SQRADD(a[0],a[0]);
+      COMBA_STORE(b[0]);
+      COMBA_STORE2(b[1]);
+      COMBA_FINI;
+
+      B->used = 2;
+      B->sign = FP_ZPOS;
+      memcpy(B->dp, b, 2 * sizeof(fp_digit));
+      fp_clamp(B);
+      break;
+
+   case 2:
+      a = A->dp;
+      COMBA_START; 
+
+      /* clear carries */
+      CLEAR_CARRY;
+
+      /* output 0 */
+      SQRADD(a[0],a[0]);
+      COMBA_STORE(b[0]);
+
+      /* output 1 */
+      CARRY_FORWARD;
+      SQRADD2(a[0], a[1]); 
+      COMBA_STORE(b[1]);
+
+      /* output 2 */
+      CARRY_FORWARD;
+      SQRADD(a[1], a[1]); 
+      COMBA_STORE(b[2]);
+      COMBA_STORE2(b[3]);
+      COMBA_FINI;
+
+      B->used = 4;
+      B->sign = FP_ZPOS;
+      memcpy(B->dp, b, 4 * sizeof(fp_digit));
+      fp_clamp(B);
+      break;
+
+   case 3:
+      a = A->dp;
+      COMBA_START; 
+
+      /* clear carries */
+      CLEAR_CARRY;
+
+      /* output 0 */
+      SQRADD(a[0],a[0]);
+      COMBA_STORE(b[0]);
+
+      /* output 1 */
+      CARRY_FORWARD;
+      SQRADD2(a[0], a[1]); 
+      COMBA_STORE(b[1]);
+
+      /* output 2 */
+      CARRY_FORWARD;
+      SQRADD2(a[0], a[2]);    SQRADD(a[1], a[1]); 
+      COMBA_STORE(b[2]);
+
+      /* output 3 */
+      CARRY_FORWARD;
+      SQRADD2(a[1], a[2]); 
+      COMBA_STORE(b[3]);
+
+      /* output 4 */
+      CARRY_FORWARD;
+      SQRADD(a[2], a[2]); 
+      COMBA_STORE(b[4]);
+      COMBA_STORE2(b[5]);
+      COMBA_FINI;
+
+      B->used = 6;
+      B->sign = FP_ZPOS;
+      memcpy(B->dp, b, 6 * sizeof(fp_digit));
+      fp_clamp(B);
+      break;
+
+   case 4:
+      a = A->dp;
+      COMBA_START; 
+
+      /* clear carries */
+      CLEAR_CARRY;
+
+      /* output 0 */
+      SQRADD(a[0],a[0]);
+      COMBA_STORE(b[0]);
+
+      /* output 1 */
+      CARRY_FORWARD;
+      SQRADD2(a[0], a[1]); 
+      COMBA_STORE(b[1]);
+
+      /* output 2 */
+      CARRY_FORWARD;
+      SQRADD2(a[0], a[2]);    SQRADD(a[1], a[1]); 
+      COMBA_STORE(b[2]);
+
+      /* output 3 */
+      CARRY_FORWARD;
+      SQRADD2(a[0], a[3]);    SQRADD2(a[1], a[2]); 
+      COMBA_STORE(b[3]);
+
+      /* output 4 */
+      CARRY_FORWARD;
+      SQRADD2(a[1], a[3]);    SQRADD(a[2], a[2]); 
+      COMBA_STORE(b[4]);
+
+      /* output 5 */
+      CARRY_FORWARD;
+      SQRADD2(a[2], a[3]); 
+      COMBA_STORE(b[5]);
+
+      /* output 6 */
+      CARRY_FORWARD;
+      SQRADD(a[3], a[3]); 
+      COMBA_STORE(b[6]);
+      COMBA_STORE2(b[7]);
+      COMBA_FINI;
+
+      B->used = 8;
+      B->sign = FP_ZPOS;
+      memcpy(B->dp, b, 8 * sizeof(fp_digit));
+      fp_clamp(B);
+      break;
+
+   case 5:
+      a = A->dp;
+      COMBA_START; 
+
+      /* clear carries */
+      CLEAR_CARRY;
+
+      /* output 0 */
+      SQRADD(a[0],a[0]);
+      COMBA_STORE(b[0]);
+
+      /* output 1 */
+      CARRY_FORWARD;
+      SQRADD2(a[0], a[1]); 
+      COMBA_STORE(b[1]);
+
+      /* output 2 */
+      CARRY_FORWARD;
+      SQRADD2(a[0], a[2]);    SQRADD(a[1], a[1]); 
+      COMBA_STORE(b[2]);
+
+      /* output 3 */
+      CARRY_FORWARD;
+      SQRADD2(a[0], a[3]);    SQRADD2(a[1], a[2]); 
+      COMBA_STORE(b[3]);
+
+      /* output 4 */
+      CARRY_FORWARD;
+      SQRADD2(a[0], a[4]);    SQRADD2(a[1], a[3]);    SQRADD(a[2], a[2]); 
+      COMBA_STORE(b[4]);
+
+      /* output 5 */
+      CARRY_FORWARD;
+      SQRADD2(a[1], a[4]);    SQRADD2(a[2], a[3]); 
+      COMBA_STORE(b[5]);
+
+      /* output 6 */
+      CARRY_FORWARD;
+      SQRADD2(a[2], a[4]);    SQRADD(a[3], a[3]); 
+      COMBA_STORE(b[6]);
+
+      /* output 7 */
+      CARRY_FORWARD;
+      SQRADD2(a[3], a[4]); 
+      COMBA_STORE(b[7]);
+
+      /* output 8 */
+      CARRY_FORWARD;
+      SQRADD(a[4], a[4]); 
+      COMBA_STORE(b[8]);
+      COMBA_STORE2(b[9]);
+      COMBA_FINI;
+
+      B->used = 10;
+      B->sign = FP_ZPOS;
+      memcpy(B->dp, b, 10 * sizeof(fp_digit));
+      fp_clamp(B);
+      break;
+
+   case 6:
+      a = A->dp;
+      COMBA_START; 
+
+      /* clear carries */
+      CLEAR_CARRY;
+
+      /* output 0 */
+      SQRADD(a[0],a[0]);
+      COMBA_STORE(b[0]);
+
+      /* output 1 */
+      CARRY_FORWARD;
+      SQRADD2(a[0], a[1]); 
+      COMBA_STORE(b[1]);
+
+      /* output 2 */
+      CARRY_FORWARD;
+      SQRADD2(a[0], a[2]);    SQRADD(a[1], a[1]); 
+      COMBA_STORE(b[2]);
+
+      /* output 3 */
+      CARRY_FORWARD;
+      SQRADD2(a[0], a[3]);    SQRADD2(a[1], a[2]); 
+      COMBA_STORE(b[3]);
+
+      /* output 4 */
+      CARRY_FORWARD;
+      SQRADD2(a[0], a[4]);    SQRADD2(a[1], a[3]);    SQRADD(a[2], a[2]); 
+      COMBA_STORE(b[4]);
+
+      /* output 5 */
+      CARRY_FORWARD;
+   SQRADDSC(a[0], a[5]); SQRADDAC(a[1], a[4]); SQRADDAC(a[2], a[3]); SQRADDDB; 
+      COMBA_STORE(b[5]);
+
+      /* output 6 */
+      CARRY_FORWARD;
+      SQRADD2(a[1], a[5]);    SQRADD2(a[2], a[4]);    SQRADD(a[3], a[3]); 
+      COMBA_STORE(b[6]);
+
+      /* output 7 */
+      CARRY_FORWARD;
+      SQRADD2(a[2], a[5]);    SQRADD2(a[3], a[4]); 
+      COMBA_STORE(b[7]);
+
+      /* output 8 */
+      CARRY_FORWARD;
+      SQRADD2(a[3], a[5]);    SQRADD(a[4], a[4]); 
+      COMBA_STORE(b[8]);
+
+      /* output 9 */
+      CARRY_FORWARD;
+      SQRADD2(a[4], a[5]); 
+      COMBA_STORE(b[9]);
+
+      /* output 10 */
+      CARRY_FORWARD;
+      SQRADD(a[5], a[5]); 
+      COMBA_STORE(b[10]);
+      COMBA_STORE2(b[11]);
+      COMBA_FINI;
+
+      B->used = 12;
+      B->sign = FP_ZPOS;
+      memcpy(B->dp, b, 12 * sizeof(fp_digit));
+      fp_clamp(B);
+      break;
+
+   case 7:
+      a = A->dp;
+      COMBA_START; 
+
+      /* clear carries */
+      CLEAR_CARRY;
+
+      /* output 0 */
+      SQRADD(a[0],a[0]);
+      COMBA_STORE(b[0]);
+
+      /* output 1 */
+      CARRY_FORWARD;
+      SQRADD2(a[0], a[1]); 
+      COMBA_STORE(b[1]);
+
+      /* output 2 */
+      CARRY_FORWARD;
+      SQRADD2(a[0], a[2]);    SQRADD(a[1], a[1]); 
+      COMBA_STORE(b[2]);
+
+      /* output 3 */
+      CARRY_FORWARD;
+      SQRADD2(a[0], a[3]);    SQRADD2(a[1], a[2]); 
+      COMBA_STORE(b[3]);
+
+      /* output 4 */
+      CARRY_FORWARD;
+      SQRADD2(a[0], a[4]);    SQRADD2(a[1], a[3]);    SQRADD(a[2], a[2]); 
+      COMBA_STORE(b[4]);
+
+      /* output 5 */
+      CARRY_FORWARD;
+   SQRADDSC(a[0], a[5]); SQRADDAC(a[1], a[4]); SQRADDAC(a[2], a[3]); SQRADDDB; 
+      COMBA_STORE(b[5]);
+
+      /* output 6 */
+      CARRY_FORWARD;
+   SQRADDSC(a[0], a[6]); SQRADDAC(a[1], a[5]); SQRADDAC(a[2], a[4]); SQRADDDB; SQRADD(a[3], a[3]); 
+      COMBA_STORE(b[6]);
+
+      /* output 7 */
+      CARRY_FORWARD;
+   SQRADDSC(a[1], a[6]); SQRADDAC(a[2], a[5]); SQRADDAC(a[3], a[4]); SQRADDDB; 
+      COMBA_STORE(b[7]);
+
+      /* output 8 */
+      CARRY_FORWARD;
+      SQRADD2(a[2], a[6]);    SQRADD2(a[3], a[5]);    SQRADD(a[4], a[4]); 
+      COMBA_STORE(b[8]);
+
+      /* output 9 */
+      CARRY_FORWARD;
+      SQRADD2(a[3], a[6]);    SQRADD2(a[4], a[5]); 
+      COMBA_STORE(b[9]);
+
+      /* output 10 */
+      CARRY_FORWARD;
+      SQRADD2(a[4], a[6]);    SQRADD(a[5], a[5]); 
+      COMBA_STORE(b[10]);
+
+      /* output 11 */
+      CARRY_FORWARD;
+      SQRADD2(a[5], a[6]); 
+      COMBA_STORE(b[11]);
+
+      /* output 12 */
+      CARRY_FORWARD;
+      SQRADD(a[6], a[6]); 
+      COMBA_STORE(b[12]);
+      COMBA_STORE2(b[13]);
+      COMBA_FINI;
+
+      B->used = 14;
+      B->sign = FP_ZPOS;
+      memcpy(B->dp, b, 14 * sizeof(fp_digit));
+      fp_clamp(B);
+      break;
+
+   case 8:
+      a = A->dp;
+      COMBA_START; 
+
+      /* clear carries */
+      CLEAR_CARRY;
+
+      /* output 0 */
+      SQRADD(a[0],a[0]);
+      COMBA_STORE(b[0]);
+
+      /* output 1 */
+      CARRY_FORWARD;
+      SQRADD2(a[0], a[1]); 
+      COMBA_STORE(b[1]);
+
+      /* output 2 */
+      CARRY_FORWARD;
+      SQRADD2(a[0], a[2]);    SQRADD(a[1], a[1]); 
+      COMBA_STORE(b[2]);
+
+      /* output 3 */
+      CARRY_FORWARD;
+      SQRADD2(a[0], a[3]);    SQRADD2(a[1], a[2]); 
+      COMBA_STORE(b[3]);
+
+      /* output 4 */
+      CARRY_FORWARD;
+      SQRADD2(a[0], a[4]);    SQRADD2(a[1], a[3]);    SQRADD(a[2], a[2]); 
+      COMBA_STORE(b[4]);
+
+      /* output 5 */
+      CARRY_FORWARD;
+   SQRADDSC(a[0], a[5]); SQRADDAC(a[1], a[4]); SQRADDAC(a[2], a[3]); SQRADDDB; 
+      COMBA_STORE(b[5]);
+
+      /* output 6 */
+      CARRY_FORWARD;
+   SQRADDSC(a[0], a[6]); SQRADDAC(a[1], a[5]); SQRADDAC(a[2], a[4]); SQRADDDB; SQRADD(a[3], a[3]); 
+      COMBA_STORE(b[6]);
+
+      /* output 7 */
+      CARRY_FORWARD;
+   SQRADDSC(a[0], a[7]); SQRADDAC(a[1], a[6]); SQRADDAC(a[2], a[5]); SQRADDAC(a[3], a[4]); SQRADDDB; 
+      COMBA_STORE(b[7]);
+
+      /* output 8 */
+      CARRY_FORWARD;
+   SQRADDSC(a[1], a[7]); SQRADDAC(a[2], a[6]); SQRADDAC(a[3], a[5]); SQRADDDB; SQRADD(a[4], a[4]); 
+      COMBA_STORE(b[8]);
+
+      /* output 9 */
+      CARRY_FORWARD;
+   SQRADDSC(a[2], a[7]); SQRADDAC(a[3], a[6]); SQRADDAC(a[4], a[5]); SQRADDDB; 
+      COMBA_STORE(b[9]);
+
+      /* output 10 */
+      CARRY_FORWARD;
+      SQRADD2(a[3], a[7]);    SQRADD2(a[4], a[6]);    SQRADD(a[5], a[5]); 
+      COMBA_STORE(b[10]);
+
+      /* output 11 */
+      CARRY_FORWARD;
+      SQRADD2(a[4], a[7]);    SQRADD2(a[5], a[6]); 
+      COMBA_STORE(b[11]);
+
+      /* output 12 */
+      CARRY_FORWARD;
+      SQRADD2(a[5], a[7]);    SQRADD(a[6], a[6]); 
+      COMBA_STORE(b[12]);
+
+      /* output 13 */
+      CARRY_FORWARD;
+      SQRADD2(a[6], a[7]); 
+      COMBA_STORE(b[13]);
+
+      /* output 14 */
+      CARRY_FORWARD;
+      SQRADD(a[7], a[7]); 
+      COMBA_STORE(b[14]);
+      COMBA_STORE2(b[15]);
+      COMBA_FINI;
+
+      B->used = 16;
+      B->sign = FP_ZPOS;
+      memcpy(B->dp, b, 16 * sizeof(fp_digit));
+      fp_clamp(B);
+      break;
+
+   case 9:
+      a = A->dp;
+      COMBA_START; 
+
+      /* clear carries */
+      CLEAR_CARRY;
+
+      /* output 0 */
+      SQRADD(a[0],a[0]);
+      COMBA_STORE(b[0]);
+
+      /* output 1 */
+      CARRY_FORWARD;
+      SQRADD2(a[0], a[1]); 
+      COMBA_STORE(b[1]);
+
+      /* output 2 */
+      CARRY_FORWARD;
+      SQRADD2(a[0], a[2]);    SQRADD(a[1], a[1]); 
+      COMBA_STORE(b[2]);
+
+      /* output 3 */
+      CARRY_FORWARD;
+      SQRADD2(a[0], a[3]);    SQRADD2(a[1], a[2]); 
+      COMBA_STORE(b[3]);
+
+      /* output 4 */
+      CARRY_FORWARD;
+      SQRADD2(a[0], a[4]);    SQRADD2(a[1], a[3]);    SQRADD(a[2], a[2]); 
+      COMBA_STORE(b[4]);
+
+      /* output 5 */
+      CARRY_FORWARD;
+   SQRADDSC(a[0], a[5]); SQRADDAC(a[1], a[4]); SQRADDAC(a[2], a[3]); SQRADDDB; 
+      COMBA_STORE(b[5]);
+
+      /* output 6 */
+      CARRY_FORWARD;
+   SQRADDSC(a[0], a[6]); SQRADDAC(a[1], a[5]); SQRADDAC(a[2], a[4]); SQRADDDB; SQRADD(a[3], a[3]); 
+      COMBA_STORE(b[6]);
+
+      /* output 7 */
+      CARRY_FORWARD;
+   SQRADDSC(a[0], a[7]); SQRADDAC(a[1], a[6]); SQRADDAC(a[2], a[5]); SQRADDAC(a[3], a[4]); SQRADDDB; 
+      COMBA_STORE(b[7]);
+
+      /* output 8 */
+      CARRY_FORWARD;
+   SQRADDSC(a[0], a[8]); SQRADDAC(a[1], a[7]); SQRADDAC(a[2], a[6]); SQRADDAC(a[3], a[5]); SQRADDDB; SQRADD(a[4], a[4]); 
+      COMBA_STORE(b[8]);
+
+      /* output 9 */
+      CARRY_FORWARD;
+   SQRADDSC(a[1], a[8]); SQRADDAC(a[2], a[7]); SQRADDAC(a[3], a[6]); SQRADDAC(a[4], a[5]); SQRADDDB; 
+      COMBA_STORE(b[9]);
+
+      /* output 10 */
+      CARRY_FORWARD;
+   SQRADDSC(a[2], a[8]); SQRADDAC(a[3], a[7]); SQRADDAC(a[4], a[6]); SQRADDDB; SQRADD(a[5], a[5]); 
+      COMBA_STORE(b[10]);
+
+      /* output 11 */
+      CARRY_FORWARD;
+   SQRADDSC(a[3], a[8]); SQRADDAC(a[4], a[7]); SQRADDAC(a[5], a[6]); SQRADDDB; 
+      COMBA_STORE(b[11]);
+
+      /* output 12 */
+      CARRY_FORWARD;
+      SQRADD2(a[4], a[8]);    SQRADD2(a[5], a[7]);    SQRADD(a[6], a[6]); 
+      COMBA_STORE(b[12]);
+
+      /* output 13 */
+      CARRY_FORWARD;
+      SQRADD2(a[5], a[8]);    SQRADD2(a[6], a[7]); 
+      COMBA_STORE(b[13]);
+
+      /* output 14 */
+      CARRY_FORWARD;
+      SQRADD2(a[6], a[8]);    SQRADD(a[7], a[7]); 
+      COMBA_STORE(b[14]);
+
+      /* output 15 */
+      CARRY_FORWARD;
+      SQRADD2(a[7], a[8]); 
+      COMBA_STORE(b[15]);
+
+      /* output 16 */
+      CARRY_FORWARD;
+      SQRADD(a[8], a[8]); 
+      COMBA_STORE(b[16]);
+      COMBA_STORE2(b[17]);
+      COMBA_FINI;
+
+      B->used = 18;
+      B->sign = FP_ZPOS;
+      memcpy(B->dp, b, 18 * sizeof(fp_digit));
+      fp_clamp(B);
+      break;
+
+   case 10:
+      a = A->dp;
+      COMBA_START; 
+
+      /* clear carries */
+      CLEAR_CARRY;
+
+      /* output 0 */
+      SQRADD(a[0],a[0]);
+      COMBA_STORE(b[0]);
+
+      /* output 1 */
+      CARRY_FORWARD;
+      SQRADD2(a[0], a[1]); 
+      COMBA_STORE(b[1]);
+
+      /* output 2 */
+      CARRY_FORWARD;
+      SQRADD2(a[0], a[2]);    SQRADD(a[1], a[1]); 
+      COMBA_STORE(b[2]);
+
+      /* output 3 */
+      CARRY_FORWARD;
+      SQRADD2(a[0], a[3]);    SQRADD2(a[1], a[2]); 
+      COMBA_STORE(b[3]);
+
+      /* output 4 */
+      CARRY_FORWARD;
+      SQRADD2(a[0], a[4]);    SQRADD2(a[1], a[3]);    SQRADD(a[2], a[2]); 
+      COMBA_STORE(b[4]);
+
+      /* output 5 */
+      CARRY_FORWARD;
+   SQRADDSC(a[0], a[5]); SQRADDAC(a[1], a[4]); SQRADDAC(a[2], a[3]); SQRADDDB; 
+      COMBA_STORE(b[5]);
+
+      /* output 6 */
+      CARRY_FORWARD;
+   SQRADDSC(a[0], a[6]); SQRADDAC(a[1], a[5]); SQRADDAC(a[2], a[4]); SQRADDDB; SQRADD(a[3], a[3]); 
+      COMBA_STORE(b[6]);
+
+      /* output 7 */
+      CARRY_FORWARD;
+   SQRADDSC(a[0], a[7]); SQRADDAC(a[1], a[6]); SQRADDAC(a[2], a[5]); SQRADDAC(a[3], a[4]); SQRADDDB; 
+      COMBA_STORE(b[7]);
+
+      /* output 8 */
+      CARRY_FORWARD;
+   SQRADDSC(a[0], a[8]); SQRADDAC(a[1], a[7]); SQRADDAC(a[2], a[6]); SQRADDAC(a[3], a[5]); SQRADDDB; SQRADD(a[4], a[4]); 
+      COMBA_STORE(b[8]);
+
+      /* output 9 */
+      CARRY_FORWARD;
+   SQRADDSC(a[0], a[9]); SQRADDAC(a[1], a[8]); SQRADDAC(a[2], a[7]); SQRADDAC(a[3], a[6]); SQRADDAC(a[4], a[5]); SQRADDDB; 
+      COMBA_STORE(b[9]);
+
+      /* output 10 */
+      CARRY_FORWARD;
+   SQRADDSC(a[1], a[9]); SQRADDAC(a[2], a[8]); SQRADDAC(a[3], a[7]); SQRADDAC(a[4], a[6]); SQRADDDB; SQRADD(a[5], a[5]); 
+      COMBA_STORE(b[10]);
+
+      /* output 11 */
+      CARRY_FORWARD;
+   SQRADDSC(a[2], a[9]); SQRADDAC(a[3], a[8]); SQRADDAC(a[4], a[7]); SQRADDAC(a[5], a[6]); SQRADDDB; 
+      COMBA_STORE(b[11]);
+
+      /* output 12 */
+      CARRY_FORWARD;
+   SQRADDSC(a[3], a[9]); SQRADDAC(a[4], a[8]); SQRADDAC(a[5], a[7]); SQRADDDB; SQRADD(a[6], a[6]); 
+      COMBA_STORE(b[12]);
+
+      /* output 13 */
+      CARRY_FORWARD;
+   SQRADDSC(a[4], a[9]); SQRADDAC(a[5], a[8]); SQRADDAC(a[6], a[7]); SQRADDDB; 
+      COMBA_STORE(b[13]);
+
+      /* output 14 */
+      CARRY_FORWARD;
+      SQRADD2(a[5], a[9]);    SQRADD2(a[6], a[8]);    SQRADD(a[7], a[7]); 
+      COMBA_STORE(b[14]);
+
+      /* output 15 */
+      CARRY_FORWARD;
+      SQRADD2(a[6], a[9]);    SQRADD2(a[7], a[8]); 
+      COMBA_STORE(b[15]);
+
+      /* output 16 */
+      CARRY_FORWARD;
+      SQRADD2(a[7], a[9]);    SQRADD(a[8], a[8]); 
+      COMBA_STORE(b[16]);
+
+      /* output 17 */
+      CARRY_FORWARD;
+      SQRADD2(a[8], a[9]); 
+      COMBA_STORE(b[17]);
+
+      /* output 18 */
+      CARRY_FORWARD;
+      SQRADD(a[9], a[9]); 
+      COMBA_STORE(b[18]);
+      COMBA_STORE2(b[19]);
+      COMBA_FINI;
+
+      B->used = 20;
+      B->sign = FP_ZPOS;
+      memcpy(B->dp, b, 20 * sizeof(fp_digit));
+      fp_clamp(B);
+      break;
+
+   case 11:
+      a = A->dp;
+      COMBA_START; 
+
+      /* clear carries */
+      CLEAR_CARRY;
+
+      /* output 0 */
+      SQRADD(a[0],a[0]);
+      COMBA_STORE(b[0]);
+
+      /* output 1 */
+      CARRY_FORWARD;
+      SQRADD2(a[0], a[1]); 
+      COMBA_STORE(b[1]);
+
+      /* output 2 */
+      CARRY_FORWARD;
+      SQRADD2(a[0], a[2]);    SQRADD(a[1], a[1]); 
+      COMBA_STORE(b[2]);
+
+      /* output 3 */
+      CARRY_FORWARD;
+      SQRADD2(a[0], a[3]);    SQRADD2(a[1], a[2]); 
+      COMBA_STORE(b[3]);
+
+      /* output 4 */
+      CARRY_FORWARD;
+      SQRADD2(a[0], a[4]);    SQRADD2(a[1], a[3]);    SQRADD(a[2], a[2]); 
+      COMBA_STORE(b[4]);
+
+      /* output 5 */
+      CARRY_FORWARD;
+   SQRADDSC(a[0], a[5]); SQRADDAC(a[1], a[4]); SQRADDAC(a[2], a[3]); SQRADDDB; 
+      COMBA_STORE(b[5]);
+
+      /* output 6 */
+      CARRY_FORWARD;
+   SQRADDSC(a[0], a[6]); SQRADDAC(a[1], a[5]); SQRADDAC(a[2], a[4]); SQRADDDB; SQRADD(a[3], a[3]); 
+      COMBA_STORE(b[6]);
+
+      /* output 7 */
+      CARRY_FORWARD;
+   SQRADDSC(a[0], a[7]); SQRADDAC(a[1], a[6]); SQRADDAC(a[2], a[5]); SQRADDAC(a[3], a[4]); SQRADDDB; 
+      COMBA_STORE(b[7]);
+
+      /* output 8 */
+      CARRY_FORWARD;
+   SQRADDSC(a[0], a[8]); SQRADDAC(a[1], a[7]); SQRADDAC(a[2], a[6]); SQRADDAC(a[3], a[5]); SQRADDDB; SQRADD(a[4], a[4]); 
+      COMBA_STORE(b[8]);
+
+      /* output 9 */
+      CARRY_FORWARD;
+   SQRADDSC(a[0], a[9]); SQRADDAC(a[1], a[8]); SQRADDAC(a[2], a[7]); SQRADDAC(a[3], a[6]); SQRADDAC(a[4], a[5]); SQRADDDB; 
+      COMBA_STORE(b[9]);
+
+      /* output 10 */
+      CARRY_FORWARD;
+   SQRADDSC(a[0], a[10]); SQRADDAC(a[1], a[9]); SQRADDAC(a[2], a[8]); SQRADDAC(a[3], a[7]); SQRADDAC(a[4], a[6]); SQRADDDB; SQRADD(a[5], a[5]); 
+      COMBA_STORE(b[10]);
+
+      /* output 11 */
+      CARRY_FORWARD;
+   SQRADDSC(a[1], a[10]); SQRADDAC(a[2], a[9]); SQRADDAC(a[3], a[8]); SQRADDAC(a[4], a[7]); SQRADDAC(a[5], a[6]); SQRADDDB; 
+      COMBA_STORE(b[11]);
+
+      /* output 12 */
+      CARRY_FORWARD;
+   SQRADDSC(a[2], a[10]); SQRADDAC(a[3], a[9]); SQRADDAC(a[4], a[8]); SQRADDAC(a[5], a[7]); SQRADDDB; SQRADD(a[6], a[6]); 
+      COMBA_STORE(b[12]);
+
+      /* output 13 */
+      CARRY_FORWARD;
+   SQRADDSC(a[3], a[10]); SQRADDAC(a[4], a[9]); SQRADDAC(a[5], a[8]); SQRADDAC(a[6], a[7]); SQRADDDB; 
+      COMBA_STORE(b[13]);
+
+      /* output 14 */
+      CARRY_FORWARD;
+   SQRADDSC(a[4], a[10]); SQRADDAC(a[5], a[9]); SQRADDAC(a[6], a[8]); SQRADDDB; SQRADD(a[7], a[7]); 
+      COMBA_STORE(b[14]);
+
+      /* output 15 */
+      CARRY_FORWARD;
+   SQRADDSC(a[5], a[10]); SQRADDAC(a[6], a[9]); SQRADDAC(a[7], a[8]); SQRADDDB; 
+      COMBA_STORE(b[15]);
+
+      /* output 16 */
+      CARRY_FORWARD;
+      SQRADD2(a[6], a[10]);    SQRADD2(a[7], a[9]);    SQRADD(a[8], a[8]); 
+      COMBA_STORE(b[16]);
+
+      /* output 17 */
+      CARRY_FORWARD;
+      SQRADD2(a[7], a[10]);    SQRADD2(a[8], a[9]); 
+      COMBA_STORE(b[17]);
+
+      /* output 18 */
+      CARRY_FORWARD;
+      SQRADD2(a[8], a[10]);    SQRADD(a[9], a[9]); 
+      COMBA_STORE(b[18]);
+
+      /* output 19 */
+      CARRY_FORWARD;
+      SQRADD2(a[9], a[10]); 
+      COMBA_STORE(b[19]);
+
+      /* output 20 */
+      CARRY_FORWARD;
+      SQRADD(a[10], a[10]); 
+      COMBA_STORE(b[20]);
+      COMBA_STORE2(b[21]);
+      COMBA_FINI;
+
+      B->used = 22;
+      B->sign = FP_ZPOS;
+      memcpy(B->dp, b, 22 * sizeof(fp_digit));
+      fp_clamp(B);
+      break;
+
+   case 12:
+      a = A->dp;
+      COMBA_START; 
+
+      /* clear carries */
+      CLEAR_CARRY;
+
+      /* output 0 */
+      SQRADD(a[0],a[0]);
+      COMBA_STORE(b[0]);
+
+      /* output 1 */
+      CARRY_FORWARD;
+      SQRADD2(a[0], a[1]); 
+      COMBA_STORE(b[1]);
+
+      /* output 2 */
+      CARRY_FORWARD;
+      SQRADD2(a[0], a[2]);    SQRADD(a[1], a[1]); 
+      COMBA_STORE(b[2]);
+
+      /* output 3 */
+      CARRY_FORWARD;
+      SQRADD2(a[0], a[3]);    SQRADD2(a[1], a[2]); 
+      COMBA_STORE(b[3]);
+
+      /* output 4 */
+      CARRY_FORWARD;
+      SQRADD2(a[0], a[4]);    SQRADD2(a[1], a[3]);    SQRADD(a[2], a[2]); 
+      COMBA_STORE(b[4]);
+
+      /* output 5 */
+      CARRY_FORWARD;
+   SQRADDSC(a[0], a[5]); SQRADDAC(a[1], a[4]); SQRADDAC(a[2], a[3]); SQRADDDB; 
+      COMBA_STORE(b[5]);
+
+      /* output 6 */
+      CARRY_FORWARD;
+   SQRADDSC(a[0], a[6]); SQRADDAC(a[1], a[5]); SQRADDAC(a[2], a[4]); SQRADDDB; SQRADD(a[3], a[3]); 
+      COMBA_STORE(b[6]);
+
+      /* output 7 */
+      CARRY_FORWARD;
+   SQRADDSC(a[0], a[7]); SQRADDAC(a[1], a[6]); SQRADDAC(a[2], a[5]); SQRADDAC(a[3], a[4]); SQRADDDB; 
+      COMBA_STORE(b[7]);
+
+      /* output 8 */
+      CARRY_FORWARD;
+   SQRADDSC(a[0], a[8]); SQRADDAC(a[1], a[7]); SQRADDAC(a[2], a[6]); SQRADDAC(a[3], a[5]); SQRADDDB; SQRADD(a[4], a[4]); 
+      COMBA_STORE(b[8]);
+
+      /* output 9 */
+      CARRY_FORWARD;
+   SQRADDSC(a[0], a[9]); SQRADDAC(a[1], a[8]); SQRADDAC(a[2], a[7]); SQRADDAC(a[3], a[6]); SQRADDAC(a[4], a[5]); SQRADDDB; 
+      COMBA_STORE(b[9]);
+
+      /* output 10 */
+      CARRY_FORWARD;
+   SQRADDSC(a[0], a[10]); SQRADDAC(a[1], a[9]); SQRADDAC(a[2], a[8]); SQRADDAC(a[3], a[7]); SQRADDAC(a[4], a[6]); SQRADDDB; SQRADD(a[5], a[5]); 
+      COMBA_STORE(b[10]);
+
+      /* output 11 */
+      CARRY_FORWARD;
+   SQRADDSC(a[0], a[11]); SQRADDAC(a[1], a[10]); SQRADDAC(a[2], a[9]); SQRADDAC(a[3], a[8]); SQRADDAC(a[4], a[7]); SQRADDAC(a[5], a[6]); SQRADDDB; 
+      COMBA_STORE(b[11]);
+
+      /* output 12 */
+      CARRY_FORWARD;
+   SQRADDSC(a[1], a[11]); SQRADDAC(a[2], a[10]); SQRADDAC(a[3], a[9]); SQRADDAC(a[4], a[8]); SQRADDAC(a[5], a[7]); SQRADDDB; SQRADD(a[6], a[6]); 
+      COMBA_STORE(b[12]);
+
+      /* output 13 */
+      CARRY_FORWARD;
+   SQRADDSC(a[2], a[11]); SQRADDAC(a[3], a[10]); SQRADDAC(a[4], a[9]); SQRADDAC(a[5], a[8]); SQRADDAC(a[6], a[7]); SQRADDDB; 
+      COMBA_STORE(b[13]);
+
+      /* output 14 */
+      CARRY_FORWARD;
+   SQRADDSC(a[3], a[11]); SQRADDAC(a[4], a[10]); SQRADDAC(a[5], a[9]); SQRADDAC(a[6], a[8]); SQRADDDB; SQRADD(a[7], a[7]); 
+      COMBA_STORE(b[14]);
+
+      /* output 15 */
+      CARRY_FORWARD;
+   SQRADDSC(a[4], a[11]); SQRADDAC(a[5], a[10]); SQRADDAC(a[6], a[9]); SQRADDAC(a[7], a[8]); SQRADDDB; 
+      COMBA_STORE(b[15]);
+
+      /* output 16 */
+      CARRY_FORWARD;
+   SQRADDSC(a[5], a[11]); SQRADDAC(a[6], a[10]); SQRADDAC(a[7], a[9]); SQRADDDB; SQRADD(a[8], a[8]); 
+      COMBA_STORE(b[16]);
+
+      /* output 17 */
+      CARRY_FORWARD;
+   SQRADDSC(a[6], a[11]); SQRADDAC(a[7], a[10]); SQRADDAC(a[8], a[9]); SQRADDDB; 
+      COMBA_STORE(b[17]);
+
+      /* output 18 */
+      CARRY_FORWARD;
+      SQRADD2(a[7], a[11]);    SQRADD2(a[8], a[10]);    SQRADD(a[9], a[9]); 
+      COMBA_STORE(b[18]);
+
+      /* output 19 */
+      CARRY_FORWARD;
+      SQRADD2(a[8], a[11]);    SQRADD2(a[9], a[10]); 
+      COMBA_STORE(b[19]);
+
+      /* output 20 */
+      CARRY_FORWARD;
+      SQRADD2(a[9], a[11]);    SQRADD(a[10], a[10]); 
+      COMBA_STORE(b[20]);
+
+      /* output 21 */
+      CARRY_FORWARD;
+      SQRADD2(a[10], a[11]); 
+      COMBA_STORE(b[21]);
+
+      /* output 22 */
+      CARRY_FORWARD;
+      SQRADD(a[11], a[11]); 
+      COMBA_STORE(b[22]);
+      COMBA_STORE2(b[23]);
+      COMBA_FINI;
+
+      B->used = 24;
+      B->sign = FP_ZPOS;
+      memcpy(B->dp, b, 24 * sizeof(fp_digit));
+      fp_clamp(B);
+      break;
+
+   case 13:
+      a = A->dp;
+      COMBA_START; 
+
+      /* clear carries */
+      CLEAR_CARRY;
+
+      /* output 0 */
+      SQRADD(a[0],a[0]);
+      COMBA_STORE(b[0]);
+
+      /* output 1 */
+      CARRY_FORWARD;
+      SQRADD2(a[0], a[1]); 
+      COMBA_STORE(b[1]);
+
+      /* output 2 */
+      CARRY_FORWARD;
+      SQRADD2(a[0], a[2]);    SQRADD(a[1], a[1]); 
+      COMBA_STORE(b[2]);
+
+      /* output 3 */
+      CARRY_FORWARD;
+      SQRADD2(a[0], a[3]);    SQRADD2(a[1], a[2]); 
+      COMBA_STORE(b[3]);
+
+      /* output 4 */
+      CARRY_FORWARD;
+      SQRADD2(a[0], a[4]);    SQRADD2(a[1], a[3]);    SQRADD(a[2], a[2]); 
+      COMBA_STORE(b[4]);
+
+      /* output 5 */
+      CARRY_FORWARD;
+   SQRADDSC(a[0], a[5]); SQRADDAC(a[1], a[4]); SQRADDAC(a[2], a[3]); SQRADDDB; 
+      COMBA_STORE(b[5]);
+
+      /* output 6 */
+      CARRY_FORWARD;
+   SQRADDSC(a[0], a[6]); SQRADDAC(a[1], a[5]); SQRADDAC(a[2], a[4]); SQRADDDB; SQRADD(a[3], a[3]); 
+      COMBA_STORE(b[6]);
+
+      /* output 7 */
+      CARRY_FORWARD;
+   SQRADDSC(a[0], a[7]); SQRADDAC(a[1], a[6]); SQRADDAC(a[2], a[5]); SQRADDAC(a[3], a[4]); SQRADDDB; 
+      COMBA_STORE(b[7]);
+
+      /* output 8 */
+      CARRY_FORWARD;
+   SQRADDSC(a[0], a[8]); SQRADDAC(a[1], a[7]); SQRADDAC(a[2], a[6]); SQRADDAC(a[3], a[5]); SQRADDDB; SQRADD(a[4], a[4]); 
+      COMBA_STORE(b[8]);
+
+      /* output 9 */
+      CARRY_FORWARD;
+   SQRADDSC(a[0], a[9]); SQRADDAC(a[1], a[8]); SQRADDAC(a[2], a[7]); SQRADDAC(a[3], a[6]); SQRADDAC(a[4], a[5]); SQRADDDB; 
+      COMBA_STORE(b[9]);
+
+      /* output 10 */
+      CARRY_FORWARD;
+   SQRADDSC(a[0], a[10]); SQRADDAC(a[1], a[9]); SQRADDAC(a[2], a[8]); SQRADDAC(a[3], a[7]); SQRADDAC(a[4], a[6]); SQRADDDB; SQRADD(a[5], a[5]); 
+      COMBA_STORE(b[10]);
+
+      /* output 11 */
+      CARRY_FORWARD;
+   SQRADDSC(a[0], a[11]); SQRADDAC(a[1], a[10]); SQRADDAC(a[2], a[9]); SQRADDAC(a[3], a[8]); SQRADDAC(a[4], a[7]); SQRADDAC(a[5], a[6]); SQRADDDB; 
+      COMBA_STORE(b[11]);
+
+      /* output 12 */
+      CARRY_FORWARD;
+   SQRADDSC(a[0], a[12]); SQRADDAC(a[1], a[11]); SQRADDAC(a[2], a[10]); SQRADDAC(a[3], a[9]); SQRADDAC(a[4], a[8]); SQRADDAC(a[5], a[7]); SQRADDDB; SQRADD(a[6], a[6]); 
+      COMBA_STORE(b[12]);
+
+      /* output 13 */
+      CARRY_FORWARD;
+   SQRADDSC(a[1], a[12]); SQRADDAC(a[2], a[11]); SQRADDAC(a[3], a[10]); SQRADDAC(a[4], a[9]); SQRADDAC(a[5], a[8]); SQRADDAC(a[6], a[7]); SQRADDDB; 
+      COMBA_STORE(b[13]);
+
+      /* output 14 */
+      CARRY_FORWARD;
+   SQRADDSC(a[2], a[12]); SQRADDAC(a[3], a[11]); SQRADDAC(a[4], a[10]); SQRADDAC(a[5], a[9]); SQRADDAC(a[6], a[8]); SQRADDDB; SQRADD(a[7], a[7]); 
+      COMBA_STORE(b[14]);
+
+      /* output 15 */
+      CARRY_FORWARD;
+   SQRADDSC(a[3], a[12]); SQRADDAC(a[4], a[11]); SQRADDAC(a[5], a[10]); SQRADDAC(a[6], a[9]); SQRADDAC(a[7], a[8]); SQRADDDB; 
+      COMBA_STORE(b[15]);
+
+      /* output 16 */
+      CARRY_FORWARD;
+   SQRADDSC(a[4], a[12]); SQRADDAC(a[5], a[11]); SQRADDAC(a[6], a[10]); SQRADDAC(a[7], a[9]); SQRADDDB; SQRADD(a[8], a[8]); 
+      COMBA_STORE(b[16]);
+
+      /* output 17 */
+      CARRY_FORWARD;
+   SQRADDSC(a[5], a[12]); SQRADDAC(a[6], a[11]); SQRADDAC(a[7], a[10]); SQRADDAC(a[8], a[9]); SQRADDDB; 
+      COMBA_STORE(b[17]);
+
+      /* output 18 */
+      CARRY_FORWARD;
+   SQRADDSC(a[6], a[12]); SQRADDAC(a[7], a[11]); SQRADDAC(a[8], a[10]); SQRADDDB; SQRADD(a[9], a[9]); 
+      COMBA_STORE(b[18]);
+
+      /* output 19 */
+      CARRY_FORWARD;
+   SQRADDSC(a[7], a[12]); SQRADDAC(a[8], a[11]); SQRADDAC(a[9], a[10]); SQRADDDB; 
+      COMBA_STORE(b[19]);
+
+      /* output 20 */
+      CARRY_FORWARD;
+      SQRADD2(a[8], a[12]);    SQRADD2(a[9], a[11]);    SQRADD(a[10], a[10]); 
+      COMBA_STORE(b[20]);
+
+      /* output 21 */
+      CARRY_FORWARD;
+      SQRADD2(a[9], a[12]);    SQRADD2(a[10], a[11]); 
+      COMBA_STORE(b[21]);
+
+      /* output 22 */
+      CARRY_FORWARD;
+      SQRADD2(a[10], a[12]);    SQRADD(a[11], a[11]); 
+      COMBA_STORE(b[22]);
+
+      /* output 23 */
+      CARRY_FORWARD;
+      SQRADD2(a[11], a[12]); 
+      COMBA_STORE(b[23]);
+
+      /* output 24 */
+      CARRY_FORWARD;
+      SQRADD(a[12], a[12]); 
+      COMBA_STORE(b[24]);
+      COMBA_STORE2(b[25]);
+      COMBA_FINI;
+
+      B->used = 26;
+      B->sign = FP_ZPOS;
+      memcpy(B->dp, b, 26 * sizeof(fp_digit));
+      fp_clamp(B);
+      break;
+
+   case 14:
+      a = A->dp;
+      COMBA_START; 
+
+      /* clear carries */
+      CLEAR_CARRY;
+
+      /* output 0 */
+      SQRADD(a[0],a[0]);
+      COMBA_STORE(b[0]);
+
+      /* output 1 */
+      CARRY_FORWARD;
+      SQRADD2(a[0], a[1]); 
+      COMBA_STORE(b[1]);
+
+      /* output 2 */
+      CARRY_FORWARD;
+      SQRADD2(a[0], a[2]);    SQRADD(a[1], a[1]); 
+      COMBA_STORE(b[2]);
+
+      /* output 3 */
+      CARRY_FORWARD;
+      SQRADD2(a[0], a[3]);    SQRADD2(a[1], a[2]); 
+      COMBA_STORE(b[3]);
+
+      /* output 4 */
+      CARRY_FORWARD;
+      SQRADD2(a[0], a[4]);    SQRADD2(a[1], a[3]);    SQRADD(a[2], a[2]); 
+      COMBA_STORE(b[4]);
+
+      /* output 5 */
+      CARRY_FORWARD;
+   SQRADDSC(a[0], a[5]); SQRADDAC(a[1], a[4]); SQRADDAC(a[2], a[3]); SQRADDDB; 
+      COMBA_STORE(b[5]);
+
+      /* output 6 */
+      CARRY_FORWARD;
+   SQRADDSC(a[0], a[6]); SQRADDAC(a[1], a[5]); SQRADDAC(a[2], a[4]); SQRADDDB; SQRADD(a[3], a[3]); 
+      COMBA_STORE(b[6]);
+
+      /* output 7 */
+      CARRY_FORWARD;
+   SQRADDSC(a[0], a[7]); SQRADDAC(a[1], a[6]); SQRADDAC(a[2], a[5]); SQRADDAC(a[3], a[4]); SQRADDDB; 
+      COMBA_STORE(b[7]);
+
+      /* output 8 */
+      CARRY_FORWARD;
+   SQRADDSC(a[0], a[8]); SQRADDAC(a[1], a[7]); SQRADDAC(a[2], a[6]); SQRADDAC(a[3], a[5]); SQRADDDB; SQRADD(a[4], a[4]); 
+      COMBA_STORE(b[8]);
+
+      /* output 9 */
+      CARRY_FORWARD;
+   SQRADDSC(a[0], a[9]); SQRADDAC(a[1], a[8]); SQRADDAC(a[2], a[7]); SQRADDAC(a[3], a[6]); SQRADDAC(a[4], a[5]); SQRADDDB; 
+      COMBA_STORE(b[9]);
+
+      /* output 10 */
+      CARRY_FORWARD;
+   SQRADDSC(a[0], a[10]); SQRADDAC(a[1], a[9]); SQRADDAC(a[2], a[8]); SQRADDAC(a[3], a[7]); SQRADDAC(a[4], a[6]); SQRADDDB; SQRADD(a[5], a[5]); 
+      COMBA_STORE(b[10]);
+
+      /* output 11 */
+      CARRY_FORWARD;
+   SQRADDSC(a[0], a[11]); SQRADDAC(a[1], a[10]); SQRADDAC(a[2], a[9]); SQRADDAC(a[3], a[8]); SQRADDAC(a[4], a[7]); SQRADDAC(a[5], a[6]); SQRADDDB; 
+      COMBA_STORE(b[11]);
+
+      /* output 12 */
+      CARRY_FORWARD;
+   SQRADDSC(a[0], a[12]); SQRADDAC(a[1], a[11]); SQRADDAC(a[2], a[10]); SQRADDAC(a[3], a[9]); SQRADDAC(a[4], a[8]); SQRADDAC(a[5], a[7]); SQRADDDB; SQRADD(a[6], a[6]); 
+      COMBA_STORE(b[12]);
+
+      /* output 13 */
+      CARRY_FORWARD;
+   SQRADDSC(a[0], a[13]); SQRADDAC(a[1], a[12]); SQRADDAC(a[2], a[11]); SQRADDAC(a[3], a[10]); SQRADDAC(a[4], a[9]); SQRADDAC(a[5], a[8]); SQRADDAC(a[6], a[7]); SQRADDDB; 
+      COMBA_STORE(b[13]);
+
+      /* output 14 */
+      CARRY_FORWARD;
+   SQRADDSC(a[1], a[13]); SQRADDAC(a[2], a[12]); SQRADDAC(a[3], a[11]); SQRADDAC(a[4], a[10]); SQRADDAC(a[5], a[9]); SQRADDAC(a[6], a[8]); SQRADDDB; SQRADD(a[7], a[7]); 
+      COMBA_STORE(b[14]);
+
+      /* output 15 */
+      CARRY_FORWARD;
+   SQRADDSC(a[2], a[13]); SQRADDAC(a[3], a[12]); SQRADDAC(a[4], a[11]); SQRADDAC(a[5], a[10]); SQRADDAC(a[6], a[9]); SQRADDAC(a[7], a[8]); SQRADDDB; 
+      COMBA_STORE(b[15]);
+
+      /* output 16 */
+      CARRY_FORWARD;
+   SQRADDSC(a[3], a[13]); SQRADDAC(a[4], a[12]); SQRADDAC(a[5], a[11]); SQRADDAC(a[6], a[10]); SQRADDAC(a[7], a[9]); SQRADDDB; SQRADD(a[8], a[8]); 
+      COMBA_STORE(b[16]);
+
+      /* output 17 */
+      CARRY_FORWARD;
+   SQRADDSC(a[4], a[13]); SQRADDAC(a[5], a[12]); SQRADDAC(a[6], a[11]); SQRADDAC(a[7], a[10]); SQRADDAC(a[8], a[9]); SQRADDDB; 
+      COMBA_STORE(b[17]);
+
+      /* output 18 */
+      CARRY_FORWARD;
+   SQRADDSC(a[5], a[13]); SQRADDAC(a[6], a[12]); SQRADDAC(a[7], a[11]); SQRADDAC(a[8], a[10]); SQRADDDB; SQRADD(a[9], a[9]); 
+      COMBA_STORE(b[18]);
+
+      /* output 19 */
+      CARRY_FORWARD;
+   SQRADDSC(a[6], a[13]); SQRADDAC(a[7], a[12]); SQRADDAC(a[8], a[11]); SQRADDAC(a[9], a[10]); SQRADDDB; 
+      COMBA_STORE(b[19]);
+
+      /* output 20 */
+      CARRY_FORWARD;
+   SQRADDSC(a[7], a[13]); SQRADDAC(a[8], a[12]); SQRADDAC(a[9], a[11]); SQRADDDB; SQRADD(a[10], a[10]); 
+      COMBA_STORE(b[20]);
+
+      /* output 21 */
+      CARRY_FORWARD;
+   SQRADDSC(a[8], a[13]); SQRADDAC(a[9], a[12]); SQRADDAC(a[10], a[11]); SQRADDDB; 
+      COMBA_STORE(b[21]);
+
+      /* output 22 */
+      CARRY_FORWARD;
+      SQRADD2(a[9], a[13]);    SQRADD2(a[10], a[12]);    SQRADD(a[11], a[11]); 
+      COMBA_STORE(b[22]);
+
+      /* output 23 */
+      CARRY_FORWARD;
+      SQRADD2(a[10], a[13]);    SQRADD2(a[11], a[12]); 
+      COMBA_STORE(b[23]);
+
+      /* output 24 */
+      CARRY_FORWARD;
+      SQRADD2(a[11], a[13]);    SQRADD(a[12], a[12]); 
+      COMBA_STORE(b[24]);
+
+      /* output 25 */
+      CARRY_FORWARD;
+      SQRADD2(a[12], a[13]); 
+      COMBA_STORE(b[25]);
+
+      /* output 26 */
+      CARRY_FORWARD;
+      SQRADD(a[13], a[13]); 
+      COMBA_STORE(b[26]);
+      COMBA_STORE2(b[27]);
+      COMBA_FINI;
+
+      B->used = 28;
+      B->sign = FP_ZPOS;
+      memcpy(B->dp, b, 28 * sizeof(fp_digit));
+      fp_clamp(B);
+      break;
+
+   case 15:
+      a = A->dp;
+      COMBA_START; 
+
+      /* clear carries */
+      CLEAR_CARRY;
+
+      /* output 0 */
+      SQRADD(a[0],a[0]);
+      COMBA_STORE(b[0]);
+
+      /* output 1 */
+      CARRY_FORWARD;
+      SQRADD2(a[0], a[1]); 
+      COMBA_STORE(b[1]);
+
+      /* output 2 */
+      CARRY_FORWARD;
+      SQRADD2(a[0], a[2]);    SQRADD(a[1], a[1]); 
+      COMBA_STORE(b[2]);
+
+      /* output 3 */
+      CARRY_FORWARD;
+      SQRADD2(a[0], a[3]);    SQRADD2(a[1], a[2]); 
+      COMBA_STORE(b[3]);
+
+      /* output 4 */
+      CARRY_FORWARD;
+      SQRADD2(a[0], a[4]);    SQRADD2(a[1], a[3]);    SQRADD(a[2], a[2]); 
+      COMBA_STORE(b[4]);
+
+      /* output 5 */
+      CARRY_FORWARD;
+   SQRADDSC(a[0], a[5]); SQRADDAC(a[1], a[4]); SQRADDAC(a[2], a[3]); SQRADDDB; 
+      COMBA_STORE(b[5]);
+
+      /* output 6 */
+      CARRY_FORWARD;
+   SQRADDSC(a[0], a[6]); SQRADDAC(a[1], a[5]); SQRADDAC(a[2], a[4]); SQRADDDB; SQRADD(a[3], a[3]); 
+      COMBA_STORE(b[6]);
+
+      /* output 7 */
+      CARRY_FORWARD;
+   SQRADDSC(a[0], a[7]); SQRADDAC(a[1], a[6]); SQRADDAC(a[2], a[5]); SQRADDAC(a[3], a[4]); SQRADDDB; 
+      COMBA_STORE(b[7]);
+
+      /* output 8 */
+      CARRY_FORWARD;
+   SQRADDSC(a[0], a[8]); SQRADDAC(a[1], a[7]); SQRADDAC(a[2], a[6]); SQRADDAC(a[3], a[5]); SQRADDDB; SQRADD(a[4], a[4]); 
+      COMBA_STORE(b[8]);
+
+      /* output 9 */
+      CARRY_FORWARD;
+   SQRADDSC(a[0], a[9]); SQRADDAC(a[1], a[8]); SQRADDAC(a[2], a[7]); SQRADDAC(a[3], a[6]); SQRADDAC(a[4], a[5]); SQRADDDB; 
+      COMBA_STORE(b[9]);
+
+      /* output 10 */
+      CARRY_FORWARD;
+   SQRADDSC(a[0], a[10]); SQRADDAC(a[1], a[9]); SQRADDAC(a[2], a[8]); SQRADDAC(a[3], a[7]); SQRADDAC(a[4], a[6]); SQRADDDB; SQRADD(a[5], a[5]); 
+      COMBA_STORE(b[10]);
+
+      /* output 11 */
+      CARRY_FORWARD;
+   SQRADDSC(a[0], a[11]); SQRADDAC(a[1], a[10]); SQRADDAC(a[2], a[9]); SQRADDAC(a[3], a[8]); SQRADDAC(a[4], a[7]); SQRADDAC(a[5], a[6]); SQRADDDB; 
+      COMBA_STORE(b[11]);
+
+      /* output 12 */
+      CARRY_FORWARD;
+   SQRADDSC(a[0], a[12]); SQRADDAC(a[1], a[11]); SQRADDAC(a[2], a[10]); SQRADDAC(a[3], a[9]); SQRADDAC(a[4], a[8]); SQRADDAC(a[5], a[7]); SQRADDDB; SQRADD(a[6], a[6]); 
+      COMBA_STORE(b[12]);
+
+      /* output 13 */
+      CARRY_FORWARD;
+   SQRADDSC(a[0], a[13]); SQRADDAC(a[1], a[12]); SQRADDAC(a[2], a[11]); SQRADDAC(a[3], a[10]); SQRADDAC(a[4], a[9]); SQRADDAC(a[5], a[8]); SQRADDAC(a[6], a[7]); SQRADDDB; 
+      COMBA_STORE(b[13]);
+
+      /* output 14 */
+      CARRY_FORWARD;
+   SQRADDSC(a[0], a[14]); SQRADDAC(a[1], a[13]); SQRADDAC(a[2], a[12]); SQRADDAC(a[3], a[11]); SQRADDAC(a[4], a[10]); SQRADDAC(a[5], a[9]); SQRADDAC(a[6], a[8]); SQRADDDB; SQRADD(a[7], a[7]); 
+      COMBA_STORE(b[14]);
+
+      /* output 15 */
+      CARRY_FORWARD;
+   SQRADDSC(a[1], a[14]); SQRADDAC(a[2], a[13]); SQRADDAC(a[3], a[12]); SQRADDAC(a[4], a[11]); SQRADDAC(a[5], a[10]); SQRADDAC(a[6], a[9]); SQRADDAC(a[7], a[8]); SQRADDDB; 
+      COMBA_STORE(b[15]);
+
+      /* output 16 */
+      CARRY_FORWARD;
+   SQRADDSC(a[2], a[14]); SQRADDAC(a[3], a[13]); SQRADDAC(a[4], a[12]); SQRADDAC(a[5], a[11]); SQRADDAC(a[6], a[10]); SQRADDAC(a[7], a[9]); SQRADDDB; SQRADD(a[8], a[8]); 
+      COMBA_STORE(b[16]);
+
+      /* output 17 */
+      CARRY_FORWARD;
+   SQRADDSC(a[3], a[14]); SQRADDAC(a[4], a[13]); SQRADDAC(a[5], a[12]); SQRADDAC(a[6], a[11]); SQRADDAC(a[7], a[10]); SQRADDAC(a[8], a[9]); SQRADDDB; 
+      COMBA_STORE(b[17]);
+
+      /* output 18 */
+      CARRY_FORWARD;
+   SQRADDSC(a[4], a[14]); SQRADDAC(a[5], a[13]); SQRADDAC(a[6], a[12]); SQRADDAC(a[7], a[11]); SQRADDAC(a[8], a[10]); SQRADDDB; SQRADD(a[9], a[9]); 
+      COMBA_STORE(b[18]);
+
+      /* output 19 */
+      CARRY_FORWARD;
+   SQRADDSC(a[5], a[14]); SQRADDAC(a[6], a[13]); SQRADDAC(a[7], a[12]); SQRADDAC(a[8], a[11]); SQRADDAC(a[9], a[10]); SQRADDDB; 
+      COMBA_STORE(b[19]);
+
+      /* output 20 */
+      CARRY_FORWARD;
+   SQRADDSC(a[6], a[14]); SQRADDAC(a[7], a[13]); SQRADDAC(a[8], a[12]); SQRADDAC(a[9], a[11]); SQRADDDB; SQRADD(a[10], a[10]); 
+      COMBA_STORE(b[20]);
+
+      /* output 21 */
+      CARRY_FORWARD;
+   SQRADDSC(a[7], a[14]); SQRADDAC(a[8], a[13]); SQRADDAC(a[9], a[12]); SQRADDAC(a[10], a[11]); SQRADDDB; 
+      COMBA_STORE(b[21]);
+
+      /* output 22 */
+      CARRY_FORWARD;
+   SQRADDSC(a[8], a[14]); SQRADDAC(a[9], a[13]); SQRADDAC(a[10], a[12]); SQRADDDB; SQRADD(a[11], a[11]); 
+      COMBA_STORE(b[22]);
+
+      /* output 23 */
+      CARRY_FORWARD;
+   SQRADDSC(a[9], a[14]); SQRADDAC(a[10], a[13]); SQRADDAC(a[11], a[12]); SQRADDDB; 
+      COMBA_STORE(b[23]);
+
+      /* output 24 */
+      CARRY_FORWARD;
+      SQRADD2(a[10], a[14]);    SQRADD2(a[11], a[13]);    SQRADD(a[12], a[12]); 
+      COMBA_STORE(b[24]);
+
+      /* output 25 */
+      CARRY_FORWARD;
+      SQRADD2(a[11], a[14]);    SQRADD2(a[12], a[13]); 
+      COMBA_STORE(b[25]);
+
+      /* output 26 */
+      CARRY_FORWARD;
+      SQRADD2(a[12], a[14]);    SQRADD(a[13], a[13]); 
+      COMBA_STORE(b[26]);
+
+      /* output 27 */
+      CARRY_FORWARD;
+      SQRADD2(a[13], a[14]); 
+      COMBA_STORE(b[27]);
+
+      /* output 28 */
+      CARRY_FORWARD;
+      SQRADD(a[14], a[14]); 
+      COMBA_STORE(b[28]);
+      COMBA_STORE2(b[29]);
+      COMBA_FINI;
+
+      B->used = 30;
+      B->sign = FP_ZPOS;
+      memcpy(B->dp, b, 30 * sizeof(fp_digit));
+      fp_clamp(B);
+      break;
+
+   case 16:
+      a = A->dp;
+      COMBA_START; 
+
+      /* clear carries */
+      CLEAR_CARRY;
+
+      /* output 0 */
+      SQRADD(a[0],a[0]);
+      COMBA_STORE(b[0]);
+
+      /* output 1 */
+      CARRY_FORWARD;
+      SQRADD2(a[0], a[1]); 
+      COMBA_STORE(b[1]);
+
+      /* output 2 */
+      CARRY_FORWARD;
+      SQRADD2(a[0], a[2]);    SQRADD(a[1], a[1]); 
+      COMBA_STORE(b[2]);
+
+      /* output 3 */
+      CARRY_FORWARD;
+      SQRADD2(a[0], a[3]);    SQRADD2(a[1], a[2]); 
+      COMBA_STORE(b[3]);
+
+      /* output 4 */
+      CARRY_FORWARD;
+      SQRADD2(a[0], a[4]);    SQRADD2(a[1], a[3]);    SQRADD(a[2], a[2]); 
+      COMBA_STORE(b[4]);
+
+      /* output 5 */
+      CARRY_FORWARD;
+   SQRADDSC(a[0], a[5]); SQRADDAC(a[1], a[4]); SQRADDAC(a[2], a[3]); SQRADDDB; 
+      COMBA_STORE(b[5]);
+
+      /* output 6 */
+      CARRY_FORWARD;
+   SQRADDSC(a[0], a[6]); SQRADDAC(a[1], a[5]); SQRADDAC(a[2], a[4]); SQRADDDB; SQRADD(a[3], a[3]); 
+      COMBA_STORE(b[6]);
+
+      /* output 7 */
+      CARRY_FORWARD;
+   SQRADDSC(a[0], a[7]); SQRADDAC(a[1], a[6]); SQRADDAC(a[2], a[5]); SQRADDAC(a[3], a[4]); SQRADDDB; 
+      COMBA_STORE(b[7]);
+
+      /* output 8 */
+      CARRY_FORWARD;
+   SQRADDSC(a[0], a[8]); SQRADDAC(a[1], a[7]); SQRADDAC(a[2], a[6]); SQRADDAC(a[3], a[5]); SQRADDDB; SQRADD(a[4], a[4]); 
+      COMBA_STORE(b[8]);
+
+      /* output 9 */
+      CARRY_FORWARD;
+   SQRADDSC(a[0], a[9]); SQRADDAC(a[1], a[8]); SQRADDAC(a[2], a[7]); SQRADDAC(a[3], a[6]); SQRADDAC(a[4], a[5]); SQRADDDB; 
+      COMBA_STORE(b[9]);
+
+      /* output 10 */
+      CARRY_FORWARD;
+   SQRADDSC(a[0], a[10]); SQRADDAC(a[1], a[9]); SQRADDAC(a[2], a[8]); SQRADDAC(a[3], a[7]); SQRADDAC(a[4], a[6]); SQRADDDB; SQRADD(a[5], a[5]); 
+      COMBA_STORE(b[10]);
+
+      /* output 11 */
+      CARRY_FORWARD;
+   SQRADDSC(a[0], a[11]); SQRADDAC(a[1], a[10]); SQRADDAC(a[2], a[9]); SQRADDAC(a[3], a[8]); SQRADDAC(a[4], a[7]); SQRADDAC(a[5], a[6]); SQRADDDB; 
+      COMBA_STORE(b[11]);
+
+      /* output 12 */
+      CARRY_FORWARD;
+   SQRADDSC(a[0], a[12]); SQRADDAC(a[1], a[11]); SQRADDAC(a[2], a[10]); SQRADDAC(a[3], a[9]); SQRADDAC(a[4], a[8]); SQRADDAC(a[5], a[7]); SQRADDDB; SQRADD(a[6], a[6]); 
+      COMBA_STORE(b[12]);
+
+      /* output 13 */
+      CARRY_FORWARD;
+   SQRADDSC(a[0], a[13]); SQRADDAC(a[1], a[12]); SQRADDAC(a[2], a[11]); SQRADDAC(a[3], a[10]); SQRADDAC(a[4], a[9]); SQRADDAC(a[5], a[8]); SQRADDAC(a[6], a[7]); SQRADDDB; 
+      COMBA_STORE(b[13]);
+
+      /* output 14 */
+      CARRY_FORWARD;
+   SQRADDSC(a[0], a[14]); SQRADDAC(a[1], a[13]); SQRADDAC(a[2], a[12]); SQRADDAC(a[3], a[11]); SQRADDAC(a[4], a[10]); SQRADDAC(a[5], a[9]); SQRADDAC(a[6], a[8]); SQRADDDB; SQRADD(a[7], a[7]); 
+      COMBA_STORE(b[14]);
+
+      /* output 15 */
+      CARRY_FORWARD;
+   SQRADDSC(a[0], a[15]); SQRADDAC(a[1], a[14]); SQRADDAC(a[2], a[13]); SQRADDAC(a[3], a[12]); SQRADDAC(a[4], a[11]); SQRADDAC(a[5], a[10]); SQRADDAC(a[6], a[9]); SQRADDAC(a[7], a[8]); SQRADDDB; 
+      COMBA_STORE(b[15]);
+
+      /* output 16 */
+      CARRY_FORWARD;
+   SQRADDSC(a[1], a[15]); SQRADDAC(a[2], a[14]); SQRADDAC(a[3], a[13]); SQRADDAC(a[4], a[12]); SQRADDAC(a[5], a[11]); SQRADDAC(a[6], a[10]); SQRADDAC(a[7], a[9]); SQRADDDB; SQRADD(a[8], a[8]); 
+      COMBA_STORE(b[16]);
+
+      /* output 17 */
+      CARRY_FORWARD;
+   SQRADDSC(a[2], a[15]); SQRADDAC(a[3], a[14]); SQRADDAC(a[4], a[13]); SQRADDAC(a[5], a[12]); SQRADDAC(a[6], a[11]); SQRADDAC(a[7], a[10]); SQRADDAC(a[8], a[9]); SQRADDDB; 
+      COMBA_STORE(b[17]);
+
+      /* output 18 */
+      CARRY_FORWARD;
+   SQRADDSC(a[3], a[15]); SQRADDAC(a[4], a[14]); SQRADDAC(a[5], a[13]); SQRADDAC(a[6], a[12]); SQRADDAC(a[7], a[11]); SQRADDAC(a[8], a[10]); SQRADDDB; SQRADD(a[9], a[9]); 
+      COMBA_STORE(b[18]);
+
+      /* output 19 */
+      CARRY_FORWARD;
+   SQRADDSC(a[4], a[15]); SQRADDAC(a[5], a[14]); SQRADDAC(a[6], a[13]); SQRADDAC(a[7], a[12]); SQRADDAC(a[8], a[11]); SQRADDAC(a[9], a[10]); SQRADDDB; 
+      COMBA_STORE(b[19]);
+
+      /* output 20 */
+      CARRY_FORWARD;
+   SQRADDSC(a[5], a[15]); SQRADDAC(a[6], a[14]); SQRADDAC(a[7], a[13]); SQRADDAC(a[8], a[12]); SQRADDAC(a[9], a[11]); SQRADDDB; SQRADD(a[10], a[10]); 
+      COMBA_STORE(b[20]);
+
+      /* output 21 */
+      CARRY_FORWARD;
+   SQRADDSC(a[6], a[15]); SQRADDAC(a[7], a[14]); SQRADDAC(a[8], a[13]); SQRADDAC(a[9], a[12]); SQRADDAC(a[10], a[11]); SQRADDDB; 
+      COMBA_STORE(b[21]);
+
+      /* output 22 */
+      CARRY_FORWARD;
+   SQRADDSC(a[7], a[15]); SQRADDAC(a[8], a[14]); SQRADDAC(a[9], a[13]); SQRADDAC(a[10], a[12]); SQRADDDB; SQRADD(a[11], a[11]); 
+      COMBA_STORE(b[22]);
+
+      /* output 23 */
+      CARRY_FORWARD;
+   SQRADDSC(a[8], a[15]); SQRADDAC(a[9], a[14]); SQRADDAC(a[10], a[13]); SQRADDAC(a[11], a[12]); SQRADDDB; 
+      COMBA_STORE(b[23]);
+
+      /* output 24 */
+      CARRY_FORWARD;
+   SQRADDSC(a[9], a[15]); SQRADDAC(a[10], a[14]); SQRADDAC(a[11], a[13]); SQRADDDB; SQRADD(a[12], a[12]); 
+      COMBA_STORE(b[24]);
+
+      /* output 25 */
+      CARRY_FORWARD;
+   SQRADDSC(a[10], a[15]); SQRADDAC(a[11], a[14]); SQRADDAC(a[12], a[13]); SQRADDDB; 
+      COMBA_STORE(b[25]);
+
+      /* output 26 */
+      CARRY_FORWARD;
+      SQRADD2(a[11], a[15]);    SQRADD2(a[12], a[14]);    SQRADD(a[13], a[13]); 
+      COMBA_STORE(b[26]);
+
+      /* output 27 */
+      CARRY_FORWARD;
+      SQRADD2(a[12], a[15]);    SQRADD2(a[13], a[14]); 
+      COMBA_STORE(b[27]);
+
+      /* output 28 */
+      CARRY_FORWARD;
+      SQRADD2(a[13], a[15]);    SQRADD(a[14], a[14]); 
+      COMBA_STORE(b[28]);
+
+      /* output 29 */
+      CARRY_FORWARD;
+      SQRADD2(a[14], a[15]); 
+      COMBA_STORE(b[29]);
+
+      /* output 30 */
+      CARRY_FORWARD;
+      SQRADD(a[15], a[15]); 
+      COMBA_STORE(b[30]);
+      COMBA_STORE2(b[31]);
+      COMBA_FINI;
+
+      B->used = 32;
+      B->sign = FP_ZPOS;
+      memcpy(B->dp, b, 32 * sizeof(fp_digit));
+      fp_clamp(B);
+      break;
+
+   default:
+      break;
+}
+}
+
+#endif /* TFM_SMALL_SET */
diff --git a/3P/wolfssl/wolfcrypt/src/hc128.c b/3P/wolfssl/wolfcrypt/src/hc128.c
new file mode 100644
index 00000000..bcfa148e
--- /dev/null
+++ b/3P/wolfssl/wolfcrypt/src/hc128.c
@@ -0,0 +1,399 @@
+/* hc128.c
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+#ifdef HAVE_CONFIG_H
+    #include 
+#endif
+
+#include 
+
+#ifdef HAVE_HC128
+
+#include 
+#include 
+#include 
+#ifdef NO_INLINE
+    #include 
+		#include 
+#else
+    #include 
+#endif
+
+
+#ifdef BIG_ENDIAN_ORDER
+    #define LITTLE32(x) ByteReverseWord32(x)
+#else
+    #define LITTLE32(x) (x)
+#endif
+
+
+/*h1 function*/
+#define h1(ctx, x, y) {                         \
+     byte a,c;                                  \
+     a = (byte) (x);                            \
+     c = (byte) ((x) >> 16);                    \
+     y = (ctx->T[512+a])+(ctx->T[512+256+c]);   \
+}
+
+/*h2 function*/
+#define h2(ctx, x, y) {                         \
+     byte a,c;                                  \
+     a = (byte) (x);                            \
+     c = (byte) ((x) >> 16);                    \
+     y = (ctx->T[a])+(ctx->T[256+c]);           \
+}
+
+/*one step of HC-128, update P and generate 32 bits keystream*/
+#define step_P(ctx,u,v,a,b,c,d,n){              \
+     word32 tem0,tem1,tem2,tem3;                \
+     h1((ctx),(ctx->X[(d)]),tem3);              \
+     tem0 = rotrFixed((ctx->T[(v)]),23);        \
+     tem1 = rotrFixed((ctx->X[(c)]),10);        \
+     tem2 = rotrFixed((ctx->X[(b)]),8);         \
+     (ctx->T[(u)]) += tem2+(tem0 ^ tem1);       \
+     (ctx->X[(a)]) = (ctx->T[(u)]);             \
+     (n) = tem3 ^ (ctx->T[(u)]) ;               \
+}       
+
+/*one step of HC-128, update Q and generate 32 bits keystream*/
+#define step_Q(ctx,u,v,a,b,c,d,n){              \
+     word32 tem0,tem1,tem2,tem3;                \
+     h2((ctx),(ctx->Y[(d)]),tem3);              \
+     tem0 = rotrFixed((ctx->T[(v)]),(32-23));   \
+     tem1 = rotrFixed((ctx->Y[(c)]),(32-10));   \
+     tem2 = rotrFixed((ctx->Y[(b)]),(32-8));    \
+     (ctx->T[(u)]) += tem2 + (tem0 ^ tem1);     \
+     (ctx->Y[(a)]) = (ctx->T[(u)]);             \
+     (n) = tem3 ^ (ctx->T[(u)]) ;               \
+}   
+
+/*16 steps of HC-128, generate 512 bits keystream*/
+static void generate_keystream(HC128* ctx, word32* keystream)  
+{
+   word32 cc,dd;
+   cc = ctx->counter1024 & 0x1ff;
+   dd = (cc+16)&0x1ff;
+
+   if (ctx->counter1024 < 512)	
+   {   		
+      ctx->counter1024 = (ctx->counter1024 + 16) & 0x3ff;
+      step_P(ctx, cc+0, cc+1, 0, 6, 13,4, keystream[0]);
+      step_P(ctx, cc+1, cc+2, 1, 7, 14,5, keystream[1]);
+      step_P(ctx, cc+2, cc+3, 2, 8, 15,6, keystream[2]);
+      step_P(ctx, cc+3, cc+4, 3, 9, 0, 7, keystream[3]);
+      step_P(ctx, cc+4, cc+5, 4, 10,1, 8, keystream[4]);
+      step_P(ctx, cc+5, cc+6, 5, 11,2, 9, keystream[5]);
+      step_P(ctx, cc+6, cc+7, 6, 12,3, 10,keystream[6]);
+      step_P(ctx, cc+7, cc+8, 7, 13,4, 11,keystream[7]);
+      step_P(ctx, cc+8, cc+9, 8, 14,5, 12,keystream[8]);
+      step_P(ctx, cc+9, cc+10,9, 15,6, 13,keystream[9]);
+      step_P(ctx, cc+10,cc+11,10,0, 7, 14,keystream[10]);
+      step_P(ctx, cc+11,cc+12,11,1, 8, 15,keystream[11]);
+      step_P(ctx, cc+12,cc+13,12,2, 9, 0, keystream[12]);
+      step_P(ctx, cc+13,cc+14,13,3, 10,1, keystream[13]);
+      step_P(ctx, cc+14,cc+15,14,4, 11,2, keystream[14]);
+      step_P(ctx, cc+15,dd+0, 15,5, 12,3, keystream[15]);
+   }
+   else				    
+   {
+	  ctx->counter1024 = (ctx->counter1024 + 16) & 0x3ff;
+      step_Q(ctx, 512+cc+0, 512+cc+1, 0, 6, 13,4, keystream[0]);
+      step_Q(ctx, 512+cc+1, 512+cc+2, 1, 7, 14,5, keystream[1]);
+      step_Q(ctx, 512+cc+2, 512+cc+3, 2, 8, 15,6, keystream[2]);
+      step_Q(ctx, 512+cc+3, 512+cc+4, 3, 9, 0, 7, keystream[3]);
+      step_Q(ctx, 512+cc+4, 512+cc+5, 4, 10,1, 8, keystream[4]);
+      step_Q(ctx, 512+cc+5, 512+cc+6, 5, 11,2, 9, keystream[5]);
+      step_Q(ctx, 512+cc+6, 512+cc+7, 6, 12,3, 10,keystream[6]);
+      step_Q(ctx, 512+cc+7, 512+cc+8, 7, 13,4, 11,keystream[7]);
+      step_Q(ctx, 512+cc+8, 512+cc+9, 8, 14,5, 12,keystream[8]);
+      step_Q(ctx, 512+cc+9, 512+cc+10,9, 15,6, 13,keystream[9]);
+      step_Q(ctx, 512+cc+10,512+cc+11,10,0, 7, 14,keystream[10]);
+      step_Q(ctx, 512+cc+11,512+cc+12,11,1, 8, 15,keystream[11]);
+      step_Q(ctx, 512+cc+12,512+cc+13,12,2, 9, 0, keystream[12]);
+      step_Q(ctx, 512+cc+13,512+cc+14,13,3, 10,1, keystream[13]);
+      step_Q(ctx, 512+cc+14,512+cc+15,14,4, 11,2, keystream[14]);
+      step_Q(ctx, 512+cc+15,512+dd+0, 15,5, 12,3, keystream[15]);
+   }
+}
+
+
+/* The following defines the initialization functions */
+#define f1(x)  (rotrFixed((x),7)  ^ rotrFixed((x),18) ^ ((x) >> 3))
+#define f2(x)  (rotrFixed((x),17) ^ rotrFixed((x),19) ^ ((x) >> 10))
+
+/*update table P*/
+#define update_P(ctx,u,v,a,b,c,d){                  \
+     word32 tem0,tem1,tem2,tem3;                    \
+     tem0 = rotrFixed((ctx->T[(v)]),23);            \
+     tem1 = rotrFixed((ctx->X[(c)]),10);            \
+     tem2 = rotrFixed((ctx->X[(b)]),8);             \
+     h1((ctx),(ctx->X[(d)]),tem3);                  \
+     (ctx->T[(u)]) = ((ctx->T[(u)]) + tem2+(tem0^tem1)) ^ tem3;     \
+     (ctx->X[(a)]) = (ctx->T[(u)]);                 \
+}  
+
+/*update table Q*/
+#define update_Q(ctx,u,v,a,b,c,d){                  \
+     word32 tem0,tem1,tem2,tem3;                    \
+     tem0 = rotrFixed((ctx->T[(v)]),(32-23));       \
+     tem1 = rotrFixed((ctx->Y[(c)]),(32-10));       \
+     tem2 = rotrFixed((ctx->Y[(b)]),(32-8));        \
+     h2((ctx),(ctx->Y[(d)]),tem3);                  \
+     (ctx->T[(u)]) = ((ctx->T[(u)]) + tem2+(tem0^tem1)) ^ tem3;     \
+     (ctx->Y[(a)]) = (ctx->T[(u)]);                 \
+}     
+
+/*16 steps of HC-128, without generating keystream, */
+/*but use the outputs to update P and Q*/
+static void setup_update(HC128* ctx)  /*each time 16 steps*/
+{
+   word32 cc,dd;
+   cc = ctx->counter1024 & 0x1ff;
+   dd = (cc+16)&0x1ff;
+
+   if (ctx->counter1024 < 512)	
+   {   		
+      ctx->counter1024 = (ctx->counter1024 + 16) & 0x3ff;
+      update_P(ctx, cc+0, cc+1, 0, 6, 13, 4);
+      update_P(ctx, cc+1, cc+2, 1, 7, 14, 5);
+      update_P(ctx, cc+2, cc+3, 2, 8, 15, 6);
+      update_P(ctx, cc+3, cc+4, 3, 9, 0,  7);
+      update_P(ctx, cc+4, cc+5, 4, 10,1,  8);
+      update_P(ctx, cc+5, cc+6, 5, 11,2,  9);
+      update_P(ctx, cc+6, cc+7, 6, 12,3,  10);
+      update_P(ctx, cc+7, cc+8, 7, 13,4,  11);
+      update_P(ctx, cc+8, cc+9, 8, 14,5,  12);
+      update_P(ctx, cc+9, cc+10,9, 15,6,  13);
+      update_P(ctx, cc+10,cc+11,10,0, 7,  14);
+      update_P(ctx, cc+11,cc+12,11,1, 8,  15);
+      update_P(ctx, cc+12,cc+13,12,2, 9,  0);
+      update_P(ctx, cc+13,cc+14,13,3, 10, 1);
+      update_P(ctx, cc+14,cc+15,14,4, 11, 2);
+      update_P(ctx, cc+15,dd+0, 15,5, 12, 3);   
+   }
+   else				    
+   {
+      ctx->counter1024 = (ctx->counter1024 + 16) & 0x3ff;
+      update_Q(ctx, 512+cc+0, 512+cc+1, 0, 6, 13, 4);
+      update_Q(ctx, 512+cc+1, 512+cc+2, 1, 7, 14, 5);
+      update_Q(ctx, 512+cc+2, 512+cc+3, 2, 8, 15, 6);
+      update_Q(ctx, 512+cc+3, 512+cc+4, 3, 9, 0,  7);
+      update_Q(ctx, 512+cc+4, 512+cc+5, 4, 10,1,  8);
+      update_Q(ctx, 512+cc+5, 512+cc+6, 5, 11,2,  9);
+      update_Q(ctx, 512+cc+6, 512+cc+7, 6, 12,3,  10);
+      update_Q(ctx, 512+cc+7, 512+cc+8, 7, 13,4,  11);
+      update_Q(ctx, 512+cc+8, 512+cc+9, 8, 14,5,  12);
+      update_Q(ctx, 512+cc+9, 512+cc+10,9, 15,6,  13);
+      update_Q(ctx, 512+cc+10,512+cc+11,10,0, 7,  14);
+      update_Q(ctx, 512+cc+11,512+cc+12,11,1, 8,  15);
+      update_Q(ctx, 512+cc+12,512+cc+13,12,2, 9,  0);
+      update_Q(ctx, 512+cc+13,512+cc+14,13,3, 10, 1);
+      update_Q(ctx, 512+cc+14,512+cc+15,14,4, 11, 2);
+      update_Q(ctx, 512+cc+15,512+dd+0, 15,5, 12, 3); 
+   }       
+}
+
+
+/* for the 128-bit key:  key[0]...key[15]
+*  key[0] is the least significant byte of ctx->key[0] (K_0);
+*  key[3] is the most significant byte of ctx->key[0]  (K_0);
+*  ...
+*  key[12] is the least significant byte of ctx->key[3] (K_3)
+*  key[15] is the most significant byte of ctx->key[3]  (K_3)
+*
+*  for the 128-bit iv:  iv[0]...iv[15]
+*  iv[0] is the least significant byte of ctx->iv[0] (IV_0);
+*  iv[3] is the most significant byte of ctx->iv[0]  (IV_0);
+*  ...
+*  iv[12] is the least significant byte of ctx->iv[3] (IV_3)
+*  iv[15] is the most significant byte of ctx->iv[3]  (IV_3)
+*/
+
+
+
+static void Hc128_SetIV(HC128* ctx, const byte* inIv)
+{ 
+    word32 i;
+    word32 iv[4];
+
+    if (inIv)
+        XMEMCPY(iv, inIv, sizeof(iv));
+    else
+        XMEMSET(iv,    0, sizeof(iv));
+    
+	for (i = 0; i < (128 >> 5); i++)
+        ctx->iv[i] = LITTLE32(iv[i]);
+	
+    for (; i < 8; i++) ctx->iv[i] = ctx->iv[i-4];
+  
+    /* expand the key and IV into the table T */ 
+    /* (expand the key and IV into the table P and Q) */ 
+	
+	for (i = 0; i < 8;  i++)   ctx->T[i] = ctx->key[i];
+	for (i = 8; i < 16; i++)   ctx->T[i] = ctx->iv[i-8];
+
+    for (i = 16; i < (256+16); i++) 
+		ctx->T[i] = f2(ctx->T[i-2]) + ctx->T[i-7] + f1(ctx->T[i-15]) +
+                                                       ctx->T[i-16]+i;
+    
+	for (i = 0; i < 16;  i++)  ctx->T[i] = ctx->T[256+i];
+
+	for (i = 16; i < 1024; i++) 
+		ctx->T[i] = f2(ctx->T[i-2]) + ctx->T[i-7] + f1(ctx->T[i-15]) +
+                                                       ctx->T[i-16]+256+i;
+    
+    /* initialize counter1024, X and Y */
+	ctx->counter1024 = 0;
+	for (i = 0; i < 16; i++) ctx->X[i] = ctx->T[512-16+i];
+    for (i = 0; i < 16; i++) ctx->Y[i] = ctx->T[512+512-16+i];
+    
+    /* run the cipher 1024 steps before generating the output */
+	for (i = 0; i < 64; i++)  setup_update(ctx);  
+}
+
+
+static INLINE int DoKey(HC128* ctx, const byte* key, const byte* iv)
+{ 
+  word32 i;  
+
+  /* Key size in bits 128 */ 
+  for (i = 0; i < (128 >> 5); i++)
+      ctx->key[i] = LITTLE32(((word32*)key)[i]);
+ 
+  for ( ; i < 8 ; i++) ctx->key[i] = ctx->key[i-4];
+
+  Hc128_SetIV(ctx, iv);
+
+  return 0;
+}
+
+
+/* Key setup */
+int wc_Hc128_SetKey(HC128* ctx, const byte* key, const byte* iv)
+{
+#ifdef XSTREAM_ALIGN
+    if ((wolfssl_word)key % 4) {
+        int alignKey[4];
+
+        /* iv gets aligned in SetIV */
+        WOLFSSL_MSG("Hc128SetKey unaligned key");
+
+        XMEMCPY(alignKey, key, sizeof(alignKey));
+
+        return DoKey(ctx, (const byte*)alignKey, iv);
+    }
+#endif /* XSTREAM_ALIGN */
+
+    return DoKey(ctx, key, iv);
+}
+
+
+
+/* The following defines the encryption of data stream */
+static INLINE int DoProcess(HC128* ctx, byte* output, const byte* input,
+                            word32 msglen)
+{
+  word32 i, keystream[16];
+
+  for ( ; msglen >= 64; msglen -= 64, input += 64, output += 64)
+  {
+	  generate_keystream(ctx, keystream);
+
+      /* unroll loop */
+	  ((word32*)output)[0]  = ((word32*)input)[0]  ^ LITTLE32(keystream[0]);
+	  ((word32*)output)[1]  = ((word32*)input)[1]  ^ LITTLE32(keystream[1]);
+	  ((word32*)output)[2]  = ((word32*)input)[2]  ^ LITTLE32(keystream[2]);
+	  ((word32*)output)[3]  = ((word32*)input)[3]  ^ LITTLE32(keystream[3]);
+	  ((word32*)output)[4]  = ((word32*)input)[4]  ^ LITTLE32(keystream[4]);
+	  ((word32*)output)[5]  = ((word32*)input)[5]  ^ LITTLE32(keystream[5]);
+	  ((word32*)output)[6]  = ((word32*)input)[6]  ^ LITTLE32(keystream[6]);
+	  ((word32*)output)[7]  = ((word32*)input)[7]  ^ LITTLE32(keystream[7]);
+	  ((word32*)output)[8]  = ((word32*)input)[8]  ^ LITTLE32(keystream[8]);
+	  ((word32*)output)[9]  = ((word32*)input)[9]  ^ LITTLE32(keystream[9]);
+	  ((word32*)output)[10] = ((word32*)input)[10] ^ LITTLE32(keystream[10]);
+	  ((word32*)output)[11] = ((word32*)input)[11] ^ LITTLE32(keystream[11]);
+	  ((word32*)output)[12] = ((word32*)input)[12] ^ LITTLE32(keystream[12]);
+	  ((word32*)output)[13] = ((word32*)input)[13] ^ LITTLE32(keystream[13]);
+	  ((word32*)output)[14] = ((word32*)input)[14] ^ LITTLE32(keystream[14]);
+	  ((word32*)output)[15] = ((word32*)input)[15] ^ LITTLE32(keystream[15]);
+  }
+
+  if (msglen > 0)
+  {
+      XMEMSET(keystream, 0, sizeof(keystream)); /* hush the static analysis */
+      generate_keystream(ctx, keystream);
+
+#ifdef BIG_ENDIAN_ORDER
+      {
+          word32 wordsLeft = msglen / sizeof(word32);
+          if (msglen % sizeof(word32)) wordsLeft++;
+          
+          ByteReverseWords(keystream, keystream, wordsLeft * sizeof(word32));
+      }
+#endif
+
+      for (i = 0; i < msglen; i++)
+	      output[i] = input[i] ^ ((byte*)keystream)[i];
+  }
+
+  return 0;
+}
+
+
+/* Encrypt/decrypt a message of any size */
+int wc_Hc128_Process(HC128* ctx, byte* output, const byte* input, word32 msglen)
+{
+#ifdef XSTREAM_ALIGN
+    if ((wolfssl_word)input % 4 || (wolfssl_word)output % 4) {
+        #ifndef NO_WOLFSSL_ALLOC_ALIGN
+            byte* tmp;
+            WOLFSSL_MSG("Hc128Process unaligned");
+
+            tmp = (byte*)XMALLOC(msglen, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+            if (tmp == NULL) return MEMORY_E;
+
+            XMEMCPY(tmp, input, msglen);
+            DoProcess(ctx, tmp, tmp, msglen);
+            XMEMCPY(output, tmp, msglen);
+
+            XFREE(tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+
+            return 0;
+        #else
+            return BAD_ALIGN_E;
+        #endif
+    }
+#endif /* XSTREAM_ALIGN */
+
+    return DoProcess(ctx, output, input, msglen);
+}
+
+
+#else  /* HAVE_HC128 */
+
+
+#ifdef _MSC_VER
+    /* 4206 warning for blank file */
+    #pragma warning(disable: 4206)
+#endif
+
+
+#endif /* HAVE_HC128 */
diff --git a/3P/wolfssl/wolfcrypt/src/hmac.c b/3P/wolfssl/wolfcrypt/src/hmac.c
new file mode 100644
index 00000000..8c7e8de2
--- /dev/null
+++ b/3P/wolfssl/wolfcrypt/src/hmac.c
@@ -0,0 +1,878 @@
+/* hmac.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+#ifdef HAVE_CONFIG_H
+    #include 
+#endif
+
+#include 
+
+#ifndef NO_HMAC
+
+#include 
+
+#ifdef HAVE_FIPS
+/* does init */
+int wc_HmacSetKey(Hmac* hmac, int type, const byte* key, word32 keySz)
+{
+    return HmacSetKey_fips(hmac, type, key, keySz);
+}
+
+
+int wc_HmacUpdate(Hmac* hmac, const byte* in, word32 sz)
+{
+    return HmacUpdate_fips(hmac, in, sz);
+}
+
+
+int wc_HmacFinal(Hmac* hmac, byte* out)
+{
+    return HmacFinal_fips(hmac, out);
+}
+
+
+#ifdef HAVE_CAVIUM
+    int  wc_HmacInitCavium(Hmac* hmac, int i)
+    {
+        return HmacInitCavium(hmac, i);
+    }
+
+
+    void wc_HmacFreeCavium(Hmac* hmac)
+    {
+        HmacFreeCavium(hmac);
+    }
+#endif
+
+int wolfSSL_GetHmacMaxSize(void)
+{
+    return CyaSSL_GetHmacMaxSize();
+}
+
+#ifdef HAVE_HKDF
+
+int wc_HKDF(int type, const byte* inKey, word32 inKeySz,
+                    const byte* salt, word32 saltSz,
+                    const byte* info, word32 infoSz,
+                    byte* out, word32 outSz)
+{
+    return HKDF(type, inKey, inKeySz, salt, saltSz, info, infoSz, out, outSz);
+}
+
+
+#endif /* HAVE_HKDF */
+#else /* else build without fips */
+#ifdef WOLFSSL_PIC32MZ_HASH
+
+#define wc_InitMd5   wc_InitMd5_sw
+#define wc_Md5Update wc_Md5Update_sw
+#define wc_Md5Final  wc_Md5Final_sw
+
+#define wc_InitSha   wc_InitSha_sw
+#define wc_ShaUpdate wc_ShaUpdate_sw
+#define wc_ShaFinal  wc_ShaFinal_sw
+
+#define wc_InitSha256   wc_InitSha256_sw
+#define wc_Sha256Update wc_Sha256Update_sw
+#define wc_Sha256Final  wc_Sha256Final_sw
+
+#endif
+
+#ifdef HAVE_FIPS
+    /* set NO_WRAPPERS before headers, use direct internal f()s not wrappers */
+    #define FIPS_NO_WRAPPERS
+#endif
+
+#include 
+
+
+#ifdef HAVE_CAVIUM
+    static void HmacCaviumFinal(Hmac* hmac, byte* hash);
+    static void HmacCaviumUpdate(Hmac* hmac, const byte* msg, word32 length);
+    static void HmacCaviumSetKey(Hmac* hmac, int type, const byte* key,
+                                 word32 length);
+#endif
+
+static int InitHmac(Hmac* hmac, int type)
+{
+    int ret = 0;
+
+    hmac->innerHashKeyed = 0;
+    hmac->macType = (byte)type;
+
+    if (!(type == MD5 || type == SHA    || type == SHA256 || type == SHA384
+                      || type == SHA512 || type == BLAKE2B_ID))
+        return BAD_FUNC_ARG;
+
+    switch (type) {
+        #ifndef NO_MD5
+        case MD5:
+            wc_InitMd5(&hmac->hash.md5);
+        break;
+        #endif
+
+        #ifndef NO_SHA
+        case SHA:
+            ret = wc_InitSha(&hmac->hash.sha);
+        break;
+        #endif
+        
+        #ifndef NO_SHA256
+        case SHA256:
+            ret = wc_InitSha256(&hmac->hash.sha256);
+        break;
+        #endif
+        
+        #ifdef WOLFSSL_SHA384
+        case SHA384:
+            ret = wc_InitSha384(&hmac->hash.sha384);
+        break;
+        #endif
+        
+        #ifdef WOLFSSL_SHA512
+        case SHA512:
+            ret = wc_InitSha512(&hmac->hash.sha512);
+        break;
+        #endif
+        
+        #ifdef HAVE_BLAKE2 
+        case BLAKE2B_ID:
+            ret = wc_InitBlake2b(&hmac->hash.blake2b, BLAKE2B_256);
+        break;
+        #endif
+        
+        default:
+            return BAD_FUNC_ARG;
+    }
+
+    return ret;
+}
+
+
+int wc_HmacSetKey(Hmac* hmac, int type, const byte* key, word32 length)
+{
+    byte*  ip = (byte*) hmac->ipad;
+    byte*  op = (byte*) hmac->opad;
+    word32 i, hmac_block_size = 0;
+    int    ret;
+
+#ifdef HAVE_CAVIUM
+    if (hmac->magic == WOLFSSL_HMAC_CAVIUM_MAGIC)
+        return HmacCaviumSetKey(hmac, type, key, length);
+#endif
+
+    ret = InitHmac(hmac, type);
+    if (ret != 0)
+        return ret;
+
+#ifdef HAVE_FIPS
+    if (length < HMAC_FIPS_MIN_KEY)
+        return HMAC_MIN_KEYLEN_E;
+#endif
+
+    switch (hmac->macType) {
+        #ifndef NO_MD5
+        case MD5:
+        {
+            hmac_block_size = MD5_BLOCK_SIZE;
+            if (length <= MD5_BLOCK_SIZE) {
+                XMEMCPY(ip, key, length);
+            }
+            else {
+                wc_Md5Update(&hmac->hash.md5, key, length);
+                wc_Md5Final(&hmac->hash.md5, ip);
+                length = MD5_DIGEST_SIZE;
+            }
+        }
+        break;
+        #endif
+
+        #ifndef NO_SHA
+        case SHA:
+        {
+            hmac_block_size = SHA_BLOCK_SIZE;
+            if (length <= SHA_BLOCK_SIZE) {
+                XMEMCPY(ip, key, length);
+            }
+            else {
+                wc_ShaUpdate(&hmac->hash.sha, key, length);
+                wc_ShaFinal(&hmac->hash.sha, ip);
+                length = SHA_DIGEST_SIZE;
+            }
+        }
+        break;
+        #endif
+
+        #ifndef NO_SHA256
+        case SHA256:
+        {
+    		hmac_block_size = SHA256_BLOCK_SIZE;
+            if (length <= SHA256_BLOCK_SIZE) {
+                XMEMCPY(ip, key, length);
+            }
+            else {
+                ret = wc_Sha256Update(&hmac->hash.sha256, key, length);
+                if (ret != 0)
+                    return ret;
+
+                ret = wc_Sha256Final(&hmac->hash.sha256, ip);
+                if (ret != 0)
+                    return ret;
+
+                length = SHA256_DIGEST_SIZE;
+            }
+        }
+        break;
+        #endif
+
+        #ifdef WOLFSSL_SHA384
+        case SHA384:
+        {
+            hmac_block_size = SHA384_BLOCK_SIZE;
+            if (length <= SHA384_BLOCK_SIZE) {
+                XMEMCPY(ip, key, length);
+            }
+            else {
+                ret = wc_Sha384Update(&hmac->hash.sha384, key, length);
+                if (ret != 0)
+                    return ret;
+
+                ret = wc_Sha384Final(&hmac->hash.sha384, ip);
+                if (ret != 0)
+                    return ret;
+
+                length = SHA384_DIGEST_SIZE;
+            }
+        }
+        break;
+        #endif
+
+        #ifdef WOLFSSL_SHA512
+        case SHA512:
+        {
+            hmac_block_size = SHA512_BLOCK_SIZE;
+            if (length <= SHA512_BLOCK_SIZE) {
+                XMEMCPY(ip, key, length);
+            }
+            else {
+                ret = wc_Sha512Update(&hmac->hash.sha512, key, length);
+                if (ret != 0)
+                    return ret;
+
+                ret = wc_Sha512Final(&hmac->hash.sha512, ip);
+                if (ret != 0)
+                    return ret;
+
+                length = SHA512_DIGEST_SIZE;
+            }
+        }
+        break;
+        #endif
+
+        #ifdef HAVE_BLAKE2 
+        case BLAKE2B_ID:
+        {
+            hmac_block_size = BLAKE2B_BLOCKBYTES;
+            if (length <= BLAKE2B_BLOCKBYTES) {
+                XMEMCPY(ip, key, length);
+            }
+            else {
+                ret = wc_Blake2bUpdate(&hmac->hash.blake2b, key, length);
+                if (ret != 0)
+                    return ret;
+
+                ret = wc_Blake2bFinal(&hmac->hash.blake2b, ip, BLAKE2B_256);
+                if (ret != 0)
+                    return ret;
+
+                length = BLAKE2B_256;
+            }
+        }
+        break;
+        #endif
+
+        default:
+            return BAD_FUNC_ARG;
+    }
+    if (length < hmac_block_size)
+        XMEMSET(ip + length, 0, hmac_block_size - length);
+
+    for(i = 0; i < hmac_block_size; i++) {
+        op[i] = ip[i] ^ OPAD;
+        ip[i] ^= IPAD;
+    }
+    return 0;
+}
+
+
+static int HmacKeyInnerHash(Hmac* hmac)
+{
+    int ret = 0;
+
+    switch (hmac->macType) {
+        #ifndef NO_MD5
+        case MD5:
+            wc_Md5Update(&hmac->hash.md5, (byte*) hmac->ipad, MD5_BLOCK_SIZE);
+        break;
+        #endif
+
+        #ifndef NO_SHA
+        case SHA:
+            wc_ShaUpdate(&hmac->hash.sha, (byte*) hmac->ipad, SHA_BLOCK_SIZE);
+        break;
+        #endif
+
+        #ifndef NO_SHA256
+        case SHA256:
+            ret = wc_Sha256Update(&hmac->hash.sha256,
+                                         (byte*) hmac->ipad, SHA256_BLOCK_SIZE);
+            if (ret != 0)
+                return ret;
+        break;
+        #endif
+
+        #ifdef WOLFSSL_SHA384
+        case SHA384:
+            ret = wc_Sha384Update(&hmac->hash.sha384,
+                                         (byte*) hmac->ipad, SHA384_BLOCK_SIZE);
+            if (ret != 0)
+                return ret;
+        break;
+        #endif
+
+        #ifdef WOLFSSL_SHA512
+        case SHA512:
+            ret = wc_Sha512Update(&hmac->hash.sha512,
+                                         (byte*) hmac->ipad, SHA512_BLOCK_SIZE);
+            if (ret != 0)
+                return ret;
+        break;
+        #endif
+
+        #ifdef HAVE_BLAKE2 
+        case BLAKE2B_ID:
+            ret = wc_Blake2bUpdate(&hmac->hash.blake2b,
+                                         (byte*) hmac->ipad,BLAKE2B_BLOCKBYTES);
+            if (ret != 0)
+                return ret;
+        break;
+        #endif
+
+        default:
+        break;
+    }
+
+    hmac->innerHashKeyed = 1;
+
+    return ret;
+}
+
+
+int wc_HmacUpdate(Hmac* hmac, const byte* msg, word32 length)
+{
+    int ret;
+
+#ifdef HAVE_CAVIUM
+    if (hmac->magic == WOLFSSL_HMAC_CAVIUM_MAGIC)
+        return HmacCaviumUpdate(hmac, msg, length);
+#endif
+
+    if (!hmac->innerHashKeyed) {
+        ret = HmacKeyInnerHash(hmac);
+        if (ret != 0)
+            return ret;
+    }
+
+    switch (hmac->macType) {
+        #ifndef NO_MD5
+        case MD5:
+            wc_Md5Update(&hmac->hash.md5, msg, length);
+        break;
+        #endif
+
+        #ifndef NO_SHA
+        case SHA:
+            wc_ShaUpdate(&hmac->hash.sha, msg, length);
+        break;
+        #endif
+
+        #ifndef NO_SHA256
+        case SHA256:
+            ret = wc_Sha256Update(&hmac->hash.sha256, msg, length);
+            if (ret != 0)
+                return ret;
+        break;
+        #endif
+
+        #ifdef WOLFSSL_SHA384
+        case SHA384:
+            ret = wc_Sha384Update(&hmac->hash.sha384, msg, length);
+            if (ret != 0)
+                return ret;
+        break;
+        #endif
+
+        #ifdef WOLFSSL_SHA512
+        case SHA512:
+            ret = wc_Sha512Update(&hmac->hash.sha512, msg, length);
+            if (ret != 0)
+                return ret;
+        break;
+        #endif
+
+        #ifdef HAVE_BLAKE2 
+        case BLAKE2B_ID:
+            ret = wc_Blake2bUpdate(&hmac->hash.blake2b, msg, length);
+            if (ret != 0)
+                return ret;
+        break;
+        #endif
+
+        default:
+        break;
+    }
+
+    return 0;
+}
+
+
+int wc_HmacFinal(Hmac* hmac, byte* hash)
+{
+    int ret;
+
+#ifdef HAVE_CAVIUM
+    if (hmac->magic == WOLFSSL_HMAC_CAVIUM_MAGIC)
+        return HmacCaviumFinal(hmac, hash);
+#endif
+
+    if (!hmac->innerHashKeyed) {
+        ret = HmacKeyInnerHash(hmac);
+        if (ret != 0)
+            return ret;
+    }
+
+    switch (hmac->macType) {
+        #ifndef NO_MD5
+        case MD5:
+        {
+            wc_Md5Final(&hmac->hash.md5, (byte*) hmac->innerHash);
+
+            wc_Md5Update(&hmac->hash.md5, (byte*) hmac->opad, MD5_BLOCK_SIZE);
+            wc_Md5Update(&hmac->hash.md5,
+                                     (byte*) hmac->innerHash, MD5_DIGEST_SIZE);
+
+            wc_Md5Final(&hmac->hash.md5, hash);
+        }
+        break;
+        #endif
+
+        #ifndef NO_SHA
+        case SHA:
+        {
+            wc_ShaFinal(&hmac->hash.sha, (byte*) hmac->innerHash);
+
+            wc_ShaUpdate(&hmac->hash.sha, (byte*) hmac->opad, SHA_BLOCK_SIZE);
+            wc_ShaUpdate(&hmac->hash.sha,
+                                     (byte*) hmac->innerHash, SHA_DIGEST_SIZE);
+
+            wc_ShaFinal(&hmac->hash.sha, hash);
+        }
+        break;
+        #endif
+
+        #ifndef NO_SHA256
+        case SHA256:
+        {
+            ret = wc_Sha256Final(&hmac->hash.sha256, (byte*) hmac->innerHash);
+            if (ret != 0)
+                return ret;
+
+            ret = wc_Sha256Update(&hmac->hash.sha256,
+                                (byte*) hmac->opad, SHA256_BLOCK_SIZE);
+            if (ret != 0)
+                return ret;
+
+            ret = wc_Sha256Update(&hmac->hash.sha256,
+                                (byte*) hmac->innerHash, SHA256_DIGEST_SIZE);
+            if (ret != 0)
+                return ret;
+
+            ret = wc_Sha256Final(&hmac->hash.sha256, hash);
+            if (ret != 0)
+                return ret;
+        }
+        break;
+        #endif
+
+        #ifdef WOLFSSL_SHA384
+        case SHA384:
+        {
+            ret = wc_Sha384Final(&hmac->hash.sha384, (byte*) hmac->innerHash);
+            if (ret != 0)
+                return ret;
+
+            ret = wc_Sha384Update(&hmac->hash.sha384,
+                                 (byte*) hmac->opad, SHA384_BLOCK_SIZE);
+            if (ret != 0)
+                return ret;
+
+            ret = wc_Sha384Update(&hmac->hash.sha384,
+                                 (byte*) hmac->innerHash, SHA384_DIGEST_SIZE);
+            if (ret != 0)
+                return ret;
+
+            ret = wc_Sha384Final(&hmac->hash.sha384, hash);
+            if (ret != 0)
+                return ret;
+        }
+        break;
+        #endif
+
+        #ifdef WOLFSSL_SHA512
+        case SHA512:
+        {
+            ret = wc_Sha512Final(&hmac->hash.sha512, (byte*) hmac->innerHash);
+            if (ret != 0)
+                return ret;
+
+            ret = wc_Sha512Update(&hmac->hash.sha512,
+                                 (byte*) hmac->opad, SHA512_BLOCK_SIZE);
+            if (ret != 0)
+                return ret;
+
+            ret = wc_Sha512Update(&hmac->hash.sha512,
+                                 (byte*) hmac->innerHash, SHA512_DIGEST_SIZE);
+            if (ret != 0)
+                return ret;
+
+            ret = wc_Sha512Final(&hmac->hash.sha512, hash);
+            if (ret != 0)
+                return ret;
+        }
+        break;
+        #endif
+
+        #ifdef HAVE_BLAKE2 
+        case BLAKE2B_ID:
+        {
+            ret = wc_Blake2bFinal(&hmac->hash.blake2b, (byte*) hmac->innerHash,
+                         BLAKE2B_256);
+            if (ret != 0)
+                return ret;
+
+            ret = wc_Blake2bUpdate(&hmac->hash.blake2b,
+                                 (byte*) hmac->opad, BLAKE2B_BLOCKBYTES);
+            if (ret != 0)
+                return ret;
+
+            ret = wc_Blake2bUpdate(&hmac->hash.blake2b,
+                                 (byte*) hmac->innerHash, BLAKE2B_256);
+            if (ret != 0)
+                return ret;
+
+            ret = wc_Blake2bFinal(&hmac->hash.blake2b, hash, BLAKE2B_256);
+            if (ret != 0)
+                return ret;
+        }
+        break;
+        #endif
+
+        default:
+        break;
+    }
+
+    hmac->innerHashKeyed = 0;
+
+    return 0;
+}
+
+
+#ifdef HAVE_CAVIUM
+
+/* Initiliaze Hmac for use with Nitrox device */
+int wc_HmacInitCavium(Hmac* hmac, int devId)
+{
+    if (hmac == NULL)
+        return -1;
+
+    if (CspAllocContext(CONTEXT_SSL, &hmac->contextHandle, devId) != 0)
+        return -1;
+
+    hmac->keyLen  = 0;
+    hmac->dataLen = 0;
+    hmac->type    = 0;
+    hmac->devId   = devId;
+    hmac->magic   = WOLFSSL_HMAC_CAVIUM_MAGIC;
+    hmac->data    = NULL;        /* buffered input data */
+   
+    hmac->innerHashKeyed = 0;
+
+    return 0;
+}
+
+
+/* Free Hmac from use with Nitrox device */
+void wc_HmacFreeCavium(Hmac* hmac)
+{
+    if (hmac == NULL)
+        return;
+
+    CspFreeContext(CONTEXT_SSL, hmac->contextHandle, hmac->devId);
+    hmac->magic = 0;
+    XFREE(hmac->data, NULL, DYNAMIC_TYPE_CAVIUM_TMP);
+    hmac->data = NULL;
+}
+
+
+static void HmacCaviumFinal(Hmac* hmac, byte* hash)
+{
+    word32 requestId;
+
+    if (CspHmac(CAVIUM_BLOCKING, hmac->type, NULL, hmac->keyLen,
+                (byte*)hmac->ipad, hmac->dataLen, hmac->data, hash, &requestId,
+                hmac->devId) != 0) {
+        WOLFSSL_MSG("Cavium Hmac failed");
+    } 
+    hmac->innerHashKeyed = 0;  /* tell update to start over if used again */
+}
+
+
+static void HmacCaviumUpdate(Hmac* hmac, const byte* msg, word32 length)
+{
+    word16 add = (word16)length;
+    word32 total;
+    byte*  tmp;
+
+    if (length > WOLFSSL_MAX_16BIT) {
+        WOLFSSL_MSG("Too big msg for cavium hmac");
+        return;
+    }
+
+    if (hmac->innerHashKeyed == 0) {  /* starting new */
+        hmac->dataLen        = 0;
+        hmac->innerHashKeyed = 1;
+    }
+
+    total = add + hmac->dataLen;
+    if (total > WOLFSSL_MAX_16BIT) {
+        WOLFSSL_MSG("Too big msg for cavium hmac");
+        return;
+    }
+
+    tmp = XMALLOC(hmac->dataLen + add, NULL,DYNAMIC_TYPE_CAVIUM_TMP);
+    if (tmp == NULL) {
+        WOLFSSL_MSG("Out of memory for cavium update");
+        return;
+    }
+    if (hmac->dataLen)
+        XMEMCPY(tmp, hmac->data,  hmac->dataLen);
+    XMEMCPY(tmp + hmac->dataLen, msg, add);
+        
+    hmac->dataLen += add;
+    XFREE(hmac->data, NULL, DYNAMIC_TYPE_CAVIUM_TMP);
+    hmac->data = tmp;
+}
+
+
+static void HmacCaviumSetKey(Hmac* hmac, int type, const byte* key,
+                             word32 length)
+{
+    hmac->macType = (byte)type;
+    if (type == MD5)
+        hmac->type = MD5_TYPE;
+    else if (type == SHA)
+        hmac->type = SHA1_TYPE;
+    else if (type == SHA256)
+        hmac->type = SHA256_TYPE;
+    else  {
+        WOLFSSL_MSG("unsupported cavium hmac type");
+    }
+
+    hmac->innerHashKeyed = 0;  /* should we key Startup flag */
+
+    hmac->keyLen = (word16)length;
+    /* store key in ipad */
+    XMEMCPY(hmac->ipad, key, length);
+}
+
+#endif /* HAVE_CAVIUM */
+
+int wolfSSL_GetHmacMaxSize(void)
+{
+    return MAX_DIGEST_SIZE;
+}
+
+#ifdef HAVE_HKDF
+
+#ifndef min
+
+    static INLINE word32 min(word32 a, word32 b)
+    {
+        return a > b ? b : a;
+    }
+
+#endif /* min */
+
+
+static INLINE int GetHashSizeByType(int type)
+{
+    if (!(type == MD5 || type == SHA    || type == SHA256 || type == SHA384
+                      || type == SHA512 || type == BLAKE2B_ID))
+        return BAD_FUNC_ARG;
+
+    switch (type) {
+        #ifndef NO_MD5
+        case MD5:
+            return MD5_DIGEST_SIZE;
+        break;
+        #endif
+
+        #ifndef NO_SHA
+        case SHA:
+            return SHA_DIGEST_SIZE;
+        break;
+        #endif
+        
+        #ifndef NO_SHA256
+        case SHA256:
+            return SHA256_DIGEST_SIZE;
+        break;
+        #endif
+        
+        #ifdef WOLFSSL_SHA384
+        case SHA384:
+            return SHA384_DIGEST_SIZE;
+        break;
+        #endif
+        
+        #ifdef WOLFSSL_SHA512
+        case SHA512:
+            return SHA512_DIGEST_SIZE;
+        break;
+        #endif
+        
+        #ifdef HAVE_BLAKE2 
+        case BLAKE2B_ID:
+            return BLAKE2B_OUTBYTES;
+        break;
+        #endif
+        
+        default:
+            return BAD_FUNC_ARG;
+        break;
+    }
+}
+
+
+/* HMAC-KDF with hash type, optional salt and info, return 0 on success */
+int wc_HKDF(int type, const byte* inKey, word32 inKeySz,
+                   const byte* salt,  word32 saltSz,
+                   const byte* info,  word32 infoSz,
+                   byte* out,         word32 outSz)
+{
+    Hmac   myHmac;
+#ifdef WOLFSSL_SMALL_STACK
+    byte* tmp;
+    byte* prk;
+#else
+    byte   tmp[MAX_DIGEST_SIZE]; /* localSalt helper and T */
+    byte   prk[MAX_DIGEST_SIZE];
+#endif
+    const  byte* localSalt;  /* either points to user input or tmp */
+    int    hashSz = GetHashSizeByType(type);
+    word32 outIdx = 0;
+    byte   n = 0x1;
+    int    ret;
+
+    if (hashSz < 0)
+        return BAD_FUNC_ARG;
+
+#ifdef WOLFSSL_SMALL_STACK
+    tmp = (byte*)XMALLOC(MAX_DIGEST_SIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    if (tmp == NULL)
+        return MEMORY_E;
+
+    prk = (byte*)XMALLOC(MAX_DIGEST_SIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    if (prk == NULL) {
+        XFREE(tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        return MEMORY_E;
+    }
+#endif
+
+    localSalt = salt;
+    if (localSalt == NULL) {
+        XMEMSET(tmp, 0, hashSz);
+        localSalt = tmp;
+        saltSz    = hashSz;
+    }
+    
+    do {
+    ret = wc_HmacSetKey(&myHmac, type, localSalt, saltSz);
+    if (ret != 0)
+        break;
+    ret = wc_HmacUpdate(&myHmac, inKey, inKeySz);
+    if (ret != 0)
+        break;
+    ret = wc_HmacFinal(&myHmac,  prk);
+    } while (0);
+
+    if (ret == 0) {
+        while (outIdx < outSz) {
+            int    tmpSz = (n == 1) ? 0 : hashSz;
+            word32 left = outSz - outIdx;
+
+            ret = wc_HmacSetKey(&myHmac, type, prk, hashSz);
+            if (ret != 0)
+                break;
+            ret = wc_HmacUpdate(&myHmac, tmp, tmpSz);
+            if (ret != 0)
+                break;
+            ret = wc_HmacUpdate(&myHmac, info, infoSz);
+            if (ret != 0)
+                break;
+            ret = wc_HmacUpdate(&myHmac, &n, 1);
+            if (ret != 0)
+                break;
+            ret = wc_HmacFinal(&myHmac, tmp);
+            if (ret != 0)
+                break;
+
+            left = min(left, (word32)hashSz);
+            XMEMCPY(out+outIdx, tmp, left);
+
+            outIdx += hashSz;
+            n++;
+        }
+    }
+
+#ifdef WOLFSSL_SMALL_STACK
+    XFREE(tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    XFREE(prk, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+
+    return ret;
+}
+
+#endif /* HAVE_HKDF */
+
+#endif /* HAVE_FIPS */
+#endif /* NO_HMAC */
+
diff --git a/3P/wolfssl/wolfcrypt/src/include.am b/3P/wolfssl/wolfcrypt/src/include.am
new file mode 100644
index 00000000..a6e81542
--- /dev/null
+++ b/3P/wolfssl/wolfcrypt/src/include.am
@@ -0,0 +1,40 @@
+# vim:ft=automake
+# All paths should be given relative to the root
+
+EXTRA_DIST += wolfcrypt/src/misc.c
+EXTRA_DIST += wolfcrypt/src/asm.c
+EXTRA_DIST += wolfcrypt/src/aes_asm.asm
+
+EXTRA_DIST += \
+              wolfcrypt/src/ecc_fp.c \
+              wolfcrypt/src/fp_mont_small.i \
+              wolfcrypt/src/fp_mul_comba_12.i \
+              wolfcrypt/src/fp_mul_comba_17.i \
+              wolfcrypt/src/fp_mul_comba_20.i \
+              wolfcrypt/src/fp_mul_comba_24.i \
+              wolfcrypt/src/fp_mul_comba_28.i \
+              wolfcrypt/src/fp_mul_comba_32.i \
+              wolfcrypt/src/fp_mul_comba_3.i \
+              wolfcrypt/src/fp_mul_comba_48.i \
+              wolfcrypt/src/fp_mul_comba_4.i \
+              wolfcrypt/src/fp_mul_comba_64.i \
+              wolfcrypt/src/fp_mul_comba_6.i \
+              wolfcrypt/src/fp_mul_comba_7.i \
+              wolfcrypt/src/fp_mul_comba_8.i \
+              wolfcrypt/src/fp_mul_comba_9.i \
+              wolfcrypt/src/fp_mul_comba_small_set.i \
+              wolfcrypt/src/fp_sqr_comba_12.i \
+              wolfcrypt/src/fp_sqr_comba_17.i \
+              wolfcrypt/src/fp_sqr_comba_20.i \
+              wolfcrypt/src/fp_sqr_comba_24.i \
+              wolfcrypt/src/fp_sqr_comba_28.i \
+              wolfcrypt/src/fp_sqr_comba_32.i \
+              wolfcrypt/src/fp_sqr_comba_3.i \
+              wolfcrypt/src/fp_sqr_comba_48.i \
+              wolfcrypt/src/fp_sqr_comba_4.i \
+              wolfcrypt/src/fp_sqr_comba_64.i \
+              wolfcrypt/src/fp_sqr_comba_6.i \
+              wolfcrypt/src/fp_sqr_comba_7.i \
+              wolfcrypt/src/fp_sqr_comba_8.i \
+              wolfcrypt/src/fp_sqr_comba_9.i \
+              wolfcrypt/src/fp_sqr_comba_small_set.i
diff --git a/3P/wolfssl/wolfcrypt/src/integer.c b/3P/wolfssl/wolfcrypt/src/integer.c
new file mode 100644
index 00000000..e3c00444
--- /dev/null
+++ b/3P/wolfssl/wolfcrypt/src/integer.c
@@ -0,0 +1,4493 @@
+/* integer.c
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+/*
+ * Based on public domain LibTomMath 0.38 by Tom St Denis, tomstdenis@iahu.ca,
+ * http://math.libtomcrypt.com
+ */
+
+
+#ifdef HAVE_CONFIG_H
+    #include 
+#endif
+
+/* in case user set USE_FAST_MATH there */
+#include 
+
+#ifndef NO_BIG_INT 
+
+#ifndef USE_FAST_MATH
+
+#include 
+
+#ifndef NO_WOLFSSL_SMALL_STACK
+    #ifndef WOLFSSL_SMALL_STACK
+        #define WOLFSSL_SMALL_STACK
+    #endif
+#endif
+
+static void bn_reverse (unsigned char *s, int len);
+
+/* math settings check */
+word32 CheckRunTimeSettings(void)
+{
+    return CTC_SETTINGS;
+}
+
+
+/* handle up to 6 inits */
+int mp_init_multi(mp_int* a, mp_int* b, mp_int* c, mp_int* d, mp_int* e,
+                  mp_int* f)
+{
+    int res = MP_OKAY;
+
+    if (a && ((res = mp_init(a)) != MP_OKAY))
+        return res;
+
+    if (b && ((res = mp_init(b)) != MP_OKAY)) {
+        mp_clear(a);
+        return res;
+    }
+
+    if (c && ((res = mp_init(c)) != MP_OKAY)) {
+        mp_clear(a); mp_clear(b);
+        return res;
+    }
+
+    if (d && ((res = mp_init(d)) != MP_OKAY)) {
+        mp_clear(a); mp_clear(b); mp_clear(c);
+        return res;
+    }
+
+    if (e && ((res = mp_init(e)) != MP_OKAY)) {
+        mp_clear(a); mp_clear(b); mp_clear(c); mp_clear(d);
+        return res;
+    }
+
+    if (f && ((res = mp_init(f)) != MP_OKAY)) {
+        mp_clear(a); mp_clear(b); mp_clear(c); mp_clear(d); mp_clear(e);
+        return res;
+    }
+
+    return res;
+}
+
+
+/* init a new mp_int */
+int mp_init (mp_int * a)
+{
+  int i;
+
+  /* allocate memory required and clear it */
+  a->dp = OPT_CAST(mp_digit) XMALLOC (sizeof (mp_digit) * MP_PREC, 0,
+                                      DYNAMIC_TYPE_BIGINT);
+  if (a->dp == NULL) {
+    return MP_MEM;
+  }
+
+  /* set the digits to zero */
+  for (i = 0; i < MP_PREC; i++) {
+      a->dp[i] = 0;
+  }
+
+  /* set the used to zero, allocated digits to the default precision
+   * and sign to positive */
+  a->used  = 0;
+  a->alloc = MP_PREC;
+  a->sign  = MP_ZPOS;
+
+  return MP_OKAY;
+}
+
+
+/* clear one (frees)  */
+void
+mp_clear (mp_int * a)
+{
+  int i;
+
+  if (a == NULL)
+      return;
+
+  /* only do anything if a hasn't been freed previously */
+  if (a->dp != NULL) {
+    /* first zero the digits */
+    for (i = 0; i < a->used; i++) {
+        a->dp[i] = 0;
+    }
+
+    /* free ram */
+    XFREE(a->dp, 0, DYNAMIC_TYPE_BIGINT);
+
+    /* reset members to make debugging easier */
+    a->dp    = NULL;
+    a->alloc = a->used = 0;
+    a->sign  = MP_ZPOS;
+  }
+}
+
+
+/* get the size for an unsigned equivalent */
+int mp_unsigned_bin_size (mp_int * a)
+{
+  int     size = mp_count_bits (a);
+  return (size / 8 + ((size & 7) != 0 ? 1 : 0));
+}
+
+
+/* returns the number of bits in an int */
+int
+mp_count_bits (mp_int * a)
+{
+  int     r;
+  mp_digit q;
+
+  /* shortcut */
+  if (a->used == 0) {
+    return 0;
+  }
+
+  /* get number of digits and add that */
+  r = (a->used - 1) * DIGIT_BIT;
+  
+  /* take the last digit and count the bits in it */
+  q = a->dp[a->used - 1];
+  while (q > ((mp_digit) 0)) {
+    ++r;
+    q >>= ((mp_digit) 1);
+  }
+  return r;
+}
+
+
+int mp_leading_bit (mp_int * a)
+{
+    int bit = 0;
+    mp_int t;
+
+    if (mp_init_copy(&t, a) != MP_OKAY)
+        return 0;
+
+    while (mp_iszero(&t) == 0) {
+#ifndef MP_8BIT
+        bit = (t.dp[0] & 0x80) != 0;
+#else
+        bit = (t.dp[0] | ((t.dp[1] & 0x01) << 7)) & 0x80 != 0;
+#endif
+        if (mp_div_2d (&t, 8, &t, NULL) != MP_OKAY)
+            break;
+    }
+    mp_clear(&t);
+    return bit;
+}
+
+
+/* store in unsigned [big endian] format */
+int mp_to_unsigned_bin (mp_int * a, unsigned char *b)
+{
+  int     x, res;
+  mp_int  t;
+
+  if ((res = mp_init_copy (&t, a)) != MP_OKAY) {
+    return res;
+  }
+
+  x = 0;
+  while (mp_iszero (&t) == 0) {
+#ifndef MP_8BIT
+      b[x++] = (unsigned char) (t.dp[0] & 255);
+#else
+      b[x++] = (unsigned char) (t.dp[0] | ((t.dp[1] & 0x01) << 7));
+#endif
+    if ((res = mp_div_2d (&t, 8, &t, NULL)) != MP_OKAY) {
+      mp_clear (&t);
+      return res;
+    }
+  }
+  bn_reverse (b, x);
+  mp_clear (&t);
+  return MP_OKAY;
+}
+
+
+/* creates "a" then copies b into it */
+int mp_init_copy (mp_int * a, mp_int * b)
+{
+  int     res;
+
+  if ((res = mp_init (a)) != MP_OKAY) {
+    return res;
+  }
+  return mp_copy (b, a);
+}
+
+
+/* copy, b = a */
+int
+mp_copy (mp_int * a, mp_int * b)
+{
+  int     res, n;
+
+  /* if dst == src do nothing */
+  if (a == b) {
+    return MP_OKAY;
+  }
+
+  /* grow dest */
+  if (b->alloc < a->used) {
+     if ((res = mp_grow (b, a->used)) != MP_OKAY) {
+        return res;
+     }
+  }
+
+  /* zero b and copy the parameters over */
+  {
+    register mp_digit *tmpa, *tmpb;
+
+    /* pointer aliases */
+
+    /* source */
+    tmpa = a->dp;
+
+    /* destination */
+    tmpb = b->dp;
+
+    /* copy all the digits */
+    for (n = 0; n < a->used; n++) {
+      *tmpb++ = *tmpa++;
+    }
+
+    /* clear high digits */
+    for (; n < b->used; n++) {
+      *tmpb++ = 0;
+    }
+  }
+
+  /* copy used count and sign */
+  b->used = a->used;
+  b->sign = a->sign;
+  return MP_OKAY;
+}
+
+
+/* grow as required */
+int mp_grow (mp_int * a, int size)
+{
+  int     i;
+  mp_digit *tmp;
+
+  /* if the alloc size is smaller alloc more ram */
+  if (a->alloc < size) {
+    /* ensure there are always at least MP_PREC digits extra on top */
+    size += (MP_PREC * 2) - (size % MP_PREC);
+
+    /* reallocate the array a->dp
+     *
+     * We store the return in a temporary variable
+     * in case the operation failed we don't want
+     * to overwrite the dp member of a.
+     */
+    tmp = OPT_CAST(mp_digit) XREALLOC (a->dp, sizeof (mp_digit) * size, 0,
+                                       DYNAMIC_TYPE_BIGINT);
+    if (tmp == NULL) {
+      /* reallocation failed but "a" is still valid [can be freed] */
+      return MP_MEM;
+    }
+
+    /* reallocation succeeded so set a->dp */
+    a->dp = tmp;
+
+    /* zero excess digits */
+    i        = a->alloc;
+    a->alloc = size;
+    for (; i < a->alloc; i++) {
+      a->dp[i] = 0;
+    }
+  }
+  return MP_OKAY;
+}
+
+
+/* reverse an array, used for radix code */
+void
+bn_reverse (unsigned char *s, int len)
+{
+  int     ix, iy;
+  unsigned char t;
+
+  ix = 0;
+  iy = len - 1;
+  while (ix < iy) {
+    t     = s[ix];
+    s[ix] = s[iy];
+    s[iy] = t;
+    ++ix;
+    --iy;
+  }
+}
+
+
+/* shift right by a certain bit count (store quotient in c, optional
+   remainder in d) */
+int mp_div_2d (mp_int * a, int b, mp_int * c, mp_int * d)
+{
+  int     D, res;
+  mp_int  t;
+
+
+  /* if the shift count is <= 0 then we do no work */
+  if (b <= 0) {
+    res = mp_copy (a, c);
+    if (d != NULL) {
+      mp_zero (d);
+    }
+    return res;
+  }
+
+  if ((res = mp_init (&t)) != MP_OKAY) {
+    return res;
+  }
+
+  /* get the remainder */
+  if (d != NULL) {
+    if ((res = mp_mod_2d (a, b, &t)) != MP_OKAY) {
+      mp_clear (&t);
+      return res;
+    }
+  }
+
+  /* copy */
+  if ((res = mp_copy (a, c)) != MP_OKAY) {
+    mp_clear (&t);
+    return res;
+  }
+
+  /* shift by as many digits in the bit count */
+  if (b >= (int)DIGIT_BIT) {
+    mp_rshd (c, b / DIGIT_BIT);
+  }
+
+  /* shift any bit count < DIGIT_BIT */
+  D = (b % DIGIT_BIT);
+  if (D != 0) {
+    mp_rshb(c, D);
+  }
+  mp_clamp (c);
+  if (d != NULL) {
+    mp_exch (&t, d);
+  }
+  mp_clear (&t);
+  return MP_OKAY;
+}
+
+
+/* set to zero */
+void mp_zero (mp_int * a)
+{
+  int       n;
+  mp_digit *tmp;
+
+  a->sign = MP_ZPOS;
+  a->used = 0;
+
+  tmp = a->dp;
+  for (n = 0; n < a->alloc; n++) {
+     *tmp++ = 0;
+  }
+}
+
+
+/* trim unused digits 
+ *
+ * This is used to ensure that leading zero digits are
+ * trimed and the leading "used" digit will be non-zero
+ * Typically very fast.  Also fixes the sign if there
+ * are no more leading digits
+ */
+void
+mp_clamp (mp_int * a)
+{
+  /* decrease used while the most significant digit is
+   * zero.
+   */
+  while (a->used > 0 && a->dp[a->used - 1] == 0) {
+    --(a->used);
+  }
+
+  /* reset the sign flag if used == 0 */
+  if (a->used == 0) {
+    a->sign = MP_ZPOS;
+  }
+}
+
+
+/* swap the elements of two integers, for cases where you can't simply swap the 
+ * mp_int pointers around
+ */
+void
+mp_exch (mp_int * a, mp_int * b)
+{
+  mp_int  t;
+
+  t  = *a;
+  *a = *b;
+  *b = t;
+}
+
+
+/* shift right a certain number of bits */
+void mp_rshb (mp_int *c, int x)
+{
+    register mp_digit *tmpc, mask, shift;
+    mp_digit r, rr;
+    mp_digit D = x;
+
+    /* mask */
+    mask = (((mp_digit)1) << D) - 1;
+
+    /* shift for lsb */
+    shift = DIGIT_BIT - D;
+
+    /* alias */
+    tmpc = c->dp + (c->used - 1);
+
+    /* carry */
+    r = 0;
+    for (x = c->used - 1; x >= 0; x--) {
+      /* get the lower  bits of this word in a temp */
+      rr = *tmpc & mask;
+
+      /* shift the current word and mix in the carry bits from previous word */
+      *tmpc = (*tmpc >> D) | (r << shift);
+      --tmpc;
+
+      /* set the carry to the carry bits of the current word found above */
+      r = rr;
+    }
+}
+
+
+/* shift right a certain amount of digits */
+void mp_rshd (mp_int * a, int b)
+{
+  int     x;
+
+  /* if b <= 0 then ignore it */
+  if (b <= 0) {
+    return;
+  }
+
+  /* if b > used then simply zero it and return */
+  if (a->used <= b) {
+    mp_zero (a);
+    return;
+  }
+
+  {
+    register mp_digit *bottom, *top;
+
+    /* shift the digits down */
+
+    /* bottom */
+    bottom = a->dp;
+
+    /* top [offset into digits] */
+    top = a->dp + b;
+
+    /* this is implemented as a sliding window where 
+     * the window is b-digits long and digits from 
+     * the top of the window are copied to the bottom
+     *
+     * e.g.
+
+     b-2 | b-1 | b0 | b1 | b2 | ... | bb |   ---->
+                 /\                   |      ---->
+                  \-------------------/      ---->
+     */
+    for (x = 0; x < (a->used - b); x++) {
+      *bottom++ = *top++;
+    }
+
+    /* zero the top digits */
+    for (; x < a->used; x++) {
+      *bottom++ = 0;
+    }
+  }
+  
+  /* remove excess digits */
+  a->used -= b;
+}
+
+
+/* calc a value mod 2**b */
+int
+mp_mod_2d (mp_int * a, int b, mp_int * c)
+{
+  int     x, res;
+
+  /* if b is <= 0 then zero the int */
+  if (b <= 0) {
+    mp_zero (c);
+    return MP_OKAY;
+  }
+
+  /* if the modulus is larger than the value than return */
+  if (b >= (int) (a->used * DIGIT_BIT)) {
+    res = mp_copy (a, c);
+    return res;
+  }
+
+  /* copy */
+  if ((res = mp_copy (a, c)) != MP_OKAY) {
+    return res;
+  }
+
+  /* zero digits above the last digit of the modulus */
+  for (x = (b / DIGIT_BIT) + ((b % DIGIT_BIT) == 0 ? 0 : 1); x < c->used; x++) {
+    c->dp[x] = 0;
+  }
+  /* clear the digit that is not completely outside/inside the modulus */
+  c->dp[b / DIGIT_BIT] &= (mp_digit) ((((mp_digit) 1) <<
+              (((mp_digit) b) % DIGIT_BIT)) - ((mp_digit) 1));
+  mp_clamp (c);
+  return MP_OKAY;
+}
+
+
+/* reads a unsigned char array, assumes the msb is stored first [big endian] */
+int mp_read_unsigned_bin (mp_int * a, const unsigned char *b, int c)
+{
+  int     res;
+
+  /* make sure there are at least two digits */
+  if (a->alloc < 2) {
+     if ((res = mp_grow(a, 2)) != MP_OKAY) {
+        return res;
+     }
+  }
+
+  /* zero the int */
+  mp_zero (a);
+
+  /* read the bytes in */
+  while (c-- > 0) {
+    if ((res = mp_mul_2d (a, 8, a)) != MP_OKAY) {
+      return res;
+    }
+
+#ifndef MP_8BIT
+      a->dp[0] |= *b++;
+      a->used += 1;
+#else
+      a->dp[0] = (*b & MP_MASK);
+      a->dp[1] |= ((*b++ >> 7U) & 1);
+      a->used += 2;
+#endif
+  }
+  mp_clamp (a);
+  return MP_OKAY;
+}
+
+
+/* shift left by a certain bit count */
+int mp_mul_2d (mp_int * a, int b, mp_int * c)
+{
+  mp_digit d;
+  int      res;
+
+  /* copy */
+  if (a != c) {
+     if ((res = mp_copy (a, c)) != MP_OKAY) {
+       return res;
+     }
+  }
+
+  if (c->alloc < (int)(c->used + b/DIGIT_BIT + 1)) {
+     if ((res = mp_grow (c, c->used + b / DIGIT_BIT + 1)) != MP_OKAY) {
+       return res;
+     }
+  }
+
+  /* shift by as many digits in the bit count */
+  if (b >= (int)DIGIT_BIT) {
+    if ((res = mp_lshd (c, b / DIGIT_BIT)) != MP_OKAY) {
+      return res;
+    }
+  }
+
+  /* shift any bit count < DIGIT_BIT */
+  d = (mp_digit) (b % DIGIT_BIT);
+  if (d != 0) {
+    register mp_digit *tmpc, shift, mask, r, rr;
+    register int x;
+
+    /* bitmask for carries */
+    mask = (((mp_digit)1) << d) - 1;
+
+    /* shift for msbs */
+    shift = DIGIT_BIT - d;
+
+    /* alias */
+    tmpc = c->dp;
+
+    /* carry */
+    r    = 0;
+    for (x = 0; x < c->used; x++) {
+      /* get the higher bits of the current word */
+      rr = (*tmpc >> shift) & mask;
+
+      /* shift the current word and OR in the carry */
+      *tmpc = ((*tmpc << d) | r) & MP_MASK;
+      ++tmpc;
+
+      /* set the carry to the carry bits of the current word */
+      r = rr;
+    }
+    
+    /* set final carry */
+    if (r != 0) {
+       c->dp[(c->used)++] = r;
+    }
+  }
+  mp_clamp (c);
+  return MP_OKAY;
+}
+
+
+/* shift left a certain amount of digits */
+int mp_lshd (mp_int * a, int b)
+{
+  int     x, res;
+
+  /* if its less than zero return */
+  if (b <= 0) {
+    return MP_OKAY;
+  }
+
+  /* grow to fit the new digits */
+  if (a->alloc < a->used + b) {
+     if ((res = mp_grow (a, a->used + b)) != MP_OKAY) {
+       return res;
+     }
+  }
+
+  {
+    register mp_digit *top, *bottom;
+
+    /* increment the used by the shift amount then copy upwards */
+    a->used += b;
+
+    /* top */
+    top = a->dp + a->used - 1;
+
+    /* base */
+    bottom = a->dp + a->used - 1 - b;
+
+    /* much like mp_rshd this is implemented using a sliding window
+     * except the window goes the otherway around.  Copying from
+     * the bottom to the top.  see bn_mp_rshd.c for more info.
+     */
+    for (x = a->used - 1; x >= b; x--) {
+      *top-- = *bottom--;
+    }
+
+    /* zero the lower digits */
+    top = a->dp;
+    for (x = 0; x < b; x++) {
+      *top++ = 0;
+    }
+  }
+  return MP_OKAY;
+}
+
+
+/* this is a shell function that calls either the normal or Montgomery
+ * exptmod functions.  Originally the call to the montgomery code was
+ * embedded in the normal function but that wasted alot of stack space
+ * for nothing (since 99% of the time the Montgomery code would be called)
+ */
+int mp_exptmod (mp_int * G, mp_int * X, mp_int * P, mp_int * Y)
+{
+  int dr;
+
+  /* modulus P must be positive */
+  if (P->sign == MP_NEG) {
+     return MP_VAL;
+  }
+
+  /* if exponent X is negative we have to recurse */
+  if (X->sign == MP_NEG) {
+#ifdef BN_MP_INVMOD_C
+     mp_int tmpG, tmpX;
+     int err;
+
+     /* first compute 1/G mod P */
+     if ((err = mp_init(&tmpG)) != MP_OKAY) {
+        return err;
+     }
+     if ((err = mp_invmod(G, P, &tmpG)) != MP_OKAY) {
+        mp_clear(&tmpG);
+        return err;
+     }
+
+     /* now get |X| */
+     if ((err = mp_init(&tmpX)) != MP_OKAY) {
+        mp_clear(&tmpG);
+        return err;
+     }
+     if ((err = mp_abs(X, &tmpX)) != MP_OKAY) {
+        mp_clear(&tmpG);
+        mp_clear(&tmpX);
+        return err;
+     }
+
+     /* and now compute (1/G)**|X| instead of G**X [X < 0] */
+     err = mp_exptmod(&tmpG, &tmpX, P, Y);
+     mp_clear(&tmpG);
+     mp_clear(&tmpX);
+     return err;
+#else 
+     /* no invmod */
+     return MP_VAL;
+#endif
+  }
+
+/* modified diminished radix reduction */
+#if defined(BN_MP_REDUCE_IS_2K_L_C) && defined(BN_MP_REDUCE_2K_L_C) && \
+  defined(BN_S_MP_EXPTMOD_C)
+  if (mp_reduce_is_2k_l(P) == MP_YES) {
+     return s_mp_exptmod(G, X, P, Y, 1);
+  }
+#endif
+
+#ifdef BN_MP_DR_IS_MODULUS_C
+  /* is it a DR modulus? */
+  dr = mp_dr_is_modulus(P);
+#else
+  /* default to no */
+  dr = 0;
+#endif
+
+#ifdef BN_MP_REDUCE_IS_2K_C
+  /* if not, is it a unrestricted DR modulus? */
+  if (dr == 0) {
+     dr = mp_reduce_is_2k(P) << 1;
+  }
+#endif
+    
+  /* if the modulus is odd or dr != 0 use the montgomery method */
+#ifdef BN_MP_EXPTMOD_FAST_C
+  if (mp_isodd (P) == 1 || dr !=  0) {
+    return mp_exptmod_fast (G, X, P, Y, dr);
+  } else {
+#endif
+#ifdef BN_S_MP_EXPTMOD_C
+    /* otherwise use the generic Barrett reduction technique */
+    return s_mp_exptmod (G, X, P, Y, 0);
+#else
+    /* no exptmod for evens */
+    return MP_VAL;
+#endif
+#ifdef BN_MP_EXPTMOD_FAST_C
+  }
+#endif
+}
+
+
+/* b = |a| 
+ *
+ * Simple function copies the input and fixes the sign to positive
+ */
+int
+mp_abs (mp_int * a, mp_int * b)
+{
+  int     res;
+
+  /* copy a to b */
+  if (a != b) {
+     if ((res = mp_copy (a, b)) != MP_OKAY) {
+       return res;
+     }
+  }
+
+  /* force the sign of b to positive */
+  b->sign = MP_ZPOS;
+
+  return MP_OKAY;
+}
+
+
+/* hac 14.61, pp608 */
+int mp_invmod (mp_int * a, mp_int * b, mp_int * c)
+{
+  /* b cannot be negative */
+  if (b->sign == MP_NEG || mp_iszero(b) == 1) {
+    return MP_VAL;
+  }
+
+#ifdef BN_FAST_MP_INVMOD_C
+  /* if the modulus is odd we can use a faster routine instead */
+  if (mp_isodd (b) == 1) {
+    return fast_mp_invmod (a, b, c);
+  }
+#endif
+
+#ifdef BN_MP_INVMOD_SLOW_C
+  return mp_invmod_slow(a, b, c);
+#endif
+}
+
+
+/* computes the modular inverse via binary extended euclidean algorithm, 
+ * that is c = 1/a mod b 
+ *
+ * Based on slow invmod except this is optimized for the case where b is 
+ * odd as per HAC Note 14.64 on pp. 610
+ */
+int fast_mp_invmod (mp_int * a, mp_int * b, mp_int * c)
+{
+  mp_int  x, y, u, v, B, D;
+  int     res, neg;
+
+  /* 2. [modified] b must be odd   */
+  if (mp_iseven (b) == 1) {
+    return MP_VAL;
+  }
+
+  /* init all our temps */
+  if ((res = mp_init_multi(&x, &y, &u, &v, &B, &D)) != MP_OKAY) {
+     return res;
+  }
+
+  /* x == modulus, y == value to invert */
+  if ((res = mp_copy (b, &x)) != MP_OKAY) {
+    goto LBL_ERR;
+  }
+
+  /* we need y = |a| */
+  if ((res = mp_mod (a, b, &y)) != MP_OKAY) {
+    goto LBL_ERR;
+  }
+
+  /* 3. u=x, v=y, A=1, B=0, C=0,D=1 */
+  if ((res = mp_copy (&x, &u)) != MP_OKAY) {
+    goto LBL_ERR;
+  }
+  if ((res = mp_copy (&y, &v)) != MP_OKAY) {
+    goto LBL_ERR;
+  }
+  mp_set (&D, 1);
+
+top:
+  /* 4.  while u is even do */
+  while (mp_iseven (&u) == 1) {
+    /* 4.1 u = u/2 */
+    if ((res = mp_div_2 (&u, &u)) != MP_OKAY) {
+      goto LBL_ERR;
+    }
+    /* 4.2 if B is odd then */
+    if (mp_isodd (&B) == 1) {
+      if ((res = mp_sub (&B, &x, &B)) != MP_OKAY) {
+        goto LBL_ERR;
+      }
+    }
+    /* B = B/2 */
+    if ((res = mp_div_2 (&B, &B)) != MP_OKAY) {
+      goto LBL_ERR;
+    }
+  }
+
+  /* 5.  while v is even do */
+  while (mp_iseven (&v) == 1) {
+    /* 5.1 v = v/2 */
+    if ((res = mp_div_2 (&v, &v)) != MP_OKAY) {
+      goto LBL_ERR;
+    }
+    /* 5.2 if D is odd then */
+    if (mp_isodd (&D) == 1) {
+      /* D = (D-x)/2 */
+      if ((res = mp_sub (&D, &x, &D)) != MP_OKAY) {
+        goto LBL_ERR;
+      }
+    }
+    /* D = D/2 */
+    if ((res = mp_div_2 (&D, &D)) != MP_OKAY) {
+      goto LBL_ERR;
+    }
+  }
+
+  /* 6.  if u >= v then */
+  if (mp_cmp (&u, &v) != MP_LT) {
+    /* u = u - v, B = B - D */
+    if ((res = mp_sub (&u, &v, &u)) != MP_OKAY) {
+      goto LBL_ERR;
+    }
+
+    if ((res = mp_sub (&B, &D, &B)) != MP_OKAY) {
+      goto LBL_ERR;
+    }
+  } else {
+    /* v - v - u, D = D - B */
+    if ((res = mp_sub (&v, &u, &v)) != MP_OKAY) {
+      goto LBL_ERR;
+    }
+
+    if ((res = mp_sub (&D, &B, &D)) != MP_OKAY) {
+      goto LBL_ERR;
+    }
+  }
+
+  /* if not zero goto step 4 */
+  if (mp_iszero (&u) == 0) {
+    goto top;
+  }
+
+  /* now a = C, b = D, gcd == g*v */
+
+  /* if v != 1 then there is no inverse */
+  if (mp_cmp_d (&v, 1) != MP_EQ) {
+    res = MP_VAL;
+    goto LBL_ERR;
+  }
+
+  /* b is now the inverse */
+  neg = a->sign;
+  while (D.sign == MP_NEG) {
+    if ((res = mp_add (&D, b, &D)) != MP_OKAY) {
+      goto LBL_ERR;
+    }
+  }
+  mp_exch (&D, c);
+  c->sign = neg;
+  res = MP_OKAY;
+
+LBL_ERR:mp_clear(&x);
+        mp_clear(&y);
+        mp_clear(&u);
+        mp_clear(&v);
+        mp_clear(&B);
+        mp_clear(&D);
+  return res;
+}
+
+
+/* hac 14.61, pp608 */
+int mp_invmod_slow (mp_int * a, mp_int * b, mp_int * c)
+{
+  mp_int  x, y, u, v, A, B, C, D;
+  int     res;
+
+  /* b cannot be negative */
+  if (b->sign == MP_NEG || mp_iszero(b) == 1) {
+    return MP_VAL;
+  }
+
+  /* init temps */
+  if ((res = mp_init_multi(&x, &y, &u, &v, 
+                           &A, &B)) != MP_OKAY) {
+     return res;
+  }
+
+  /* init rest of tmps temps */
+  if ((res = mp_init_multi(&C, &D, 0, 0, 0, 0)) != MP_OKAY) {
+     return res;
+  }
+
+  /* x = a, y = b */
+  if ((res = mp_mod(a, b, &x)) != MP_OKAY) {
+      goto LBL_ERR;
+  }
+  if ((res = mp_copy (b, &y)) != MP_OKAY) {
+    goto LBL_ERR;
+  }
+
+  /* 2. [modified] if x,y are both even then return an error! */
+  if (mp_iseven (&x) == 1 && mp_iseven (&y) == 1) {
+    res = MP_VAL;
+    goto LBL_ERR;
+  }
+
+  /* 3. u=x, v=y, A=1, B=0, C=0,D=1 */
+  if ((res = mp_copy (&x, &u)) != MP_OKAY) {
+    goto LBL_ERR;
+  }
+  if ((res = mp_copy (&y, &v)) != MP_OKAY) {
+    goto LBL_ERR;
+  }
+  mp_set (&A, 1);
+  mp_set (&D, 1);
+
+top:
+  /* 4.  while u is even do */
+  while (mp_iseven (&u) == 1) {
+    /* 4.1 u = u/2 */
+    if ((res = mp_div_2 (&u, &u)) != MP_OKAY) {
+      goto LBL_ERR;
+    }
+    /* 4.2 if A or B is odd then */
+    if (mp_isodd (&A) == 1 || mp_isodd (&B) == 1) {
+      /* A = (A+y)/2, B = (B-x)/2 */
+      if ((res = mp_add (&A, &y, &A)) != MP_OKAY) {
+         goto LBL_ERR;
+      }
+      if ((res = mp_sub (&B, &x, &B)) != MP_OKAY) {
+         goto LBL_ERR;
+      }
+    }
+    /* A = A/2, B = B/2 */
+    if ((res = mp_div_2 (&A, &A)) != MP_OKAY) {
+      goto LBL_ERR;
+    }
+    if ((res = mp_div_2 (&B, &B)) != MP_OKAY) {
+      goto LBL_ERR;
+    }
+  }
+
+  /* 5.  while v is even do */
+  while (mp_iseven (&v) == 1) {
+    /* 5.1 v = v/2 */
+    if ((res = mp_div_2 (&v, &v)) != MP_OKAY) {
+      goto LBL_ERR;
+    }
+    /* 5.2 if C or D is odd then */
+    if (mp_isodd (&C) == 1 || mp_isodd (&D) == 1) {
+      /* C = (C+y)/2, D = (D-x)/2 */
+      if ((res = mp_add (&C, &y, &C)) != MP_OKAY) {
+         goto LBL_ERR;
+      }
+      if ((res = mp_sub (&D, &x, &D)) != MP_OKAY) {
+         goto LBL_ERR;
+      }
+    }
+    /* C = C/2, D = D/2 */
+    if ((res = mp_div_2 (&C, &C)) != MP_OKAY) {
+      goto LBL_ERR;
+    }
+    if ((res = mp_div_2 (&D, &D)) != MP_OKAY) {
+      goto LBL_ERR;
+    }
+  }
+
+  /* 6.  if u >= v then */
+  if (mp_cmp (&u, &v) != MP_LT) {
+    /* u = u - v, A = A - C, B = B - D */
+    if ((res = mp_sub (&u, &v, &u)) != MP_OKAY) {
+      goto LBL_ERR;
+    }
+
+    if ((res = mp_sub (&A, &C, &A)) != MP_OKAY) {
+      goto LBL_ERR;
+    }
+
+    if ((res = mp_sub (&B, &D, &B)) != MP_OKAY) {
+      goto LBL_ERR;
+    }
+  } else {
+    /* v - v - u, C = C - A, D = D - B */
+    if ((res = mp_sub (&v, &u, &v)) != MP_OKAY) {
+      goto LBL_ERR;
+    }
+
+    if ((res = mp_sub (&C, &A, &C)) != MP_OKAY) {
+      goto LBL_ERR;
+    }
+
+    if ((res = mp_sub (&D, &B, &D)) != MP_OKAY) {
+      goto LBL_ERR;
+    }
+  }
+
+  /* if not zero goto step 4 */
+  if (mp_iszero (&u) == 0)
+    goto top;
+
+  /* now a = C, b = D, gcd == g*v */
+
+  /* if v != 1 then there is no inverse */
+  if (mp_cmp_d (&v, 1) != MP_EQ) {
+    res = MP_VAL;
+    goto LBL_ERR;
+  }
+
+  /* if its too low */
+  while (mp_cmp_d(&C, 0) == MP_LT) {
+      if ((res = mp_add(&C, b, &C)) != MP_OKAY) {
+         goto LBL_ERR;
+      }
+  }
+  
+  /* too big */
+  while (mp_cmp_mag(&C, b) != MP_LT) {
+      if ((res = mp_sub(&C, b, &C)) != MP_OKAY) {
+         goto LBL_ERR;
+      }
+  }
+  
+  /* C is now the inverse */
+  mp_exch (&C, c);
+  res = MP_OKAY;
+LBL_ERR:mp_clear(&x);
+        mp_clear(&y);
+        mp_clear(&u);
+        mp_clear(&v);
+        mp_clear(&A);
+        mp_clear(&B);
+        mp_clear(&C);
+        mp_clear(&D);
+  return res;
+}
+
+
+/* compare maginitude of two ints (unsigned) */
+int mp_cmp_mag (mp_int * a, mp_int * b)
+{
+  int     n;
+  mp_digit *tmpa, *tmpb;
+
+  /* compare based on # of non-zero digits */
+  if (a->used > b->used) {
+    return MP_GT;
+  }
+  
+  if (a->used < b->used) {
+    return MP_LT;
+  }
+
+  /* alias for a */
+  tmpa = a->dp + (a->used - 1);
+
+  /* alias for b */
+  tmpb = b->dp + (a->used - 1);
+
+  /* compare based on digits  */
+  for (n = 0; n < a->used; ++n, --tmpa, --tmpb) {
+    if (*tmpa > *tmpb) {
+      return MP_GT;
+    }
+
+    if (*tmpa < *tmpb) {
+      return MP_LT;
+    }
+  }
+  return MP_EQ;
+}
+
+
+/* compare two ints (signed)*/
+int
+mp_cmp (mp_int * a, mp_int * b)
+{
+  /* compare based on sign */
+  if (a->sign != b->sign) {
+     if (a->sign == MP_NEG) {
+        return MP_LT;
+     } else {
+        return MP_GT;
+     }
+  }
+  
+  /* compare digits */
+  if (a->sign == MP_NEG) {
+     /* if negative compare opposite direction */
+     return mp_cmp_mag(b, a);
+  } else {
+     return mp_cmp_mag(a, b);
+  }
+}
+
+
+/* compare a digit */
+int mp_cmp_d(mp_int * a, mp_digit b)
+{
+  /* compare based on sign */
+  if (a->sign == MP_NEG) {
+    return MP_LT;
+  }
+
+  /* compare based on magnitude */
+  if (a->used > 1) {
+    return MP_GT;
+  }
+
+  /* compare the only digit of a to b */
+  if (a->dp[0] > b) {
+    return MP_GT;
+  } else if (a->dp[0] < b) {
+    return MP_LT;
+  } else {
+    return MP_EQ;
+  }
+}
+
+
+/* set to a digit */
+void mp_set (mp_int * a, mp_digit b)
+{
+  mp_zero (a);
+  a->dp[0] = b & MP_MASK;
+  a->used  = (a->dp[0] != 0) ? 1 : 0;
+}
+
+
+/* c = a mod b, 0 <= c < b */
+int
+mp_mod (mp_int * a, mp_int * b, mp_int * c)
+{
+  mp_int  t;
+  int     res;
+
+  if ((res = mp_init (&t)) != MP_OKAY) {
+    return res;
+  }
+
+  if ((res = mp_div (a, b, NULL, &t)) != MP_OKAY) {
+    mp_clear (&t);
+    return res;
+  }
+
+  if (t.sign != b->sign) {
+    res = mp_add (b, &t, c);
+  } else {
+    res = MP_OKAY;
+    mp_exch (&t, c);
+  }
+
+  mp_clear (&t);
+  return res;
+}
+
+
+/* slower bit-bang division... also smaller */
+int mp_div(mp_int * a, mp_int * b, mp_int * c, mp_int * d)
+{
+   mp_int ta, tb, tq, q;
+   int    res, n, n2;
+
+  /* is divisor zero ? */
+  if (mp_iszero (b) == 1) {
+    return MP_VAL;
+  }
+
+  /* if a < b then q=0, r = a */
+  if (mp_cmp_mag (a, b) == MP_LT) {
+    if (d != NULL) {
+      res = mp_copy (a, d);
+    } else {
+      res = MP_OKAY;
+    }
+    if (c != NULL) {
+      mp_zero (c);
+    }
+    return res;
+  }
+	
+  /* init our temps */
+  if ((res = mp_init_multi(&ta, &tb, &tq, &q, 0, 0)) != MP_OKAY) {
+     return res;
+  }
+
+
+  mp_set(&tq, 1);
+  n = mp_count_bits(a) - mp_count_bits(b);
+  if (((res = mp_abs(a, &ta)) != MP_OKAY) ||
+      ((res = mp_abs(b, &tb)) != MP_OKAY) || 
+      ((res = mp_mul_2d(&tb, n, &tb)) != MP_OKAY) ||
+      ((res = mp_mul_2d(&tq, n, &tq)) != MP_OKAY)) {
+      goto LBL_ERR;
+  }
+
+  while (n-- >= 0) {
+     if (mp_cmp(&tb, &ta) != MP_GT) {
+        if (((res = mp_sub(&ta, &tb, &ta)) != MP_OKAY) ||
+            ((res = mp_add(&q, &tq, &q)) != MP_OKAY)) {
+           goto LBL_ERR;
+        }
+     }
+     if (((res = mp_div_2d(&tb, 1, &tb, NULL)) != MP_OKAY) ||
+         ((res = mp_div_2d(&tq, 1, &tq, NULL)) != MP_OKAY)) {
+           goto LBL_ERR;
+     }
+  }
+
+  /* now q == quotient and ta == remainder */
+  n  = a->sign;
+  n2 = (a->sign == b->sign ? MP_ZPOS : MP_NEG);
+  if (c != NULL) {
+     mp_exch(c, &q);
+     c->sign  = (mp_iszero(c) == MP_YES) ? MP_ZPOS : n2;
+  }
+  if (d != NULL) {
+     mp_exch(d, &ta);
+     d->sign = (mp_iszero(d) == MP_YES) ? MP_ZPOS : n;
+  }
+LBL_ERR:
+   mp_clear(&ta);
+   mp_clear(&tb);
+   mp_clear(&tq);
+   mp_clear(&q);
+   return res;
+}
+
+
+/* b = a/2 */
+int mp_div_2(mp_int * a, mp_int * b)
+{
+  int     x, res, oldused;
+
+  /* copy */
+  if (b->alloc < a->used) {
+    if ((res = mp_grow (b, a->used)) != MP_OKAY) {
+      return res;
+    }
+  }
+
+  oldused = b->used;
+  b->used = a->used;
+  {
+    register mp_digit r, rr, *tmpa, *tmpb;
+
+    /* source alias */
+    tmpa = a->dp + b->used - 1;
+
+    /* dest alias */
+    tmpb = b->dp + b->used - 1;
+
+    /* carry */
+    r = 0;
+    for (x = b->used - 1; x >= 0; x--) {
+      /* get the carry for the next iteration */
+      rr = *tmpa & 1;
+
+      /* shift the current digit, add in carry and store */
+      *tmpb-- = (*tmpa-- >> 1) | (r << (DIGIT_BIT - 1));
+
+      /* forward carry to next iteration */
+      r = rr;
+    }
+
+    /* zero excess digits */
+    tmpb = b->dp + b->used;
+    for (x = b->used; x < oldused; x++) {
+      *tmpb++ = 0;
+    }
+  }
+  b->sign = a->sign;
+  mp_clamp (b);
+  return MP_OKAY;
+}
+
+
+/* high level addition (handles signs) */
+int mp_add (mp_int * a, mp_int * b, mp_int * c)
+{
+  int     sa, sb, res;
+
+  /* get sign of both inputs */
+  sa = a->sign;
+  sb = b->sign;
+
+  /* handle two cases, not four */
+  if (sa == sb) {
+    /* both positive or both negative */
+    /* add their magnitudes, copy the sign */
+    c->sign = sa;
+    res = s_mp_add (a, b, c);
+  } else {
+    /* one positive, the other negative */
+    /* subtract the one with the greater magnitude from */
+    /* the one of the lesser magnitude.  The result gets */
+    /* the sign of the one with the greater magnitude. */
+    if (mp_cmp_mag (a, b) == MP_LT) {
+      c->sign = sb;
+      res = s_mp_sub (b, a, c);
+    } else {
+      c->sign = sa;
+      res = s_mp_sub (a, b, c);
+    }
+  }
+  return res;
+}
+
+
+/* low level addition, based on HAC pp.594, Algorithm 14.7 */
+int
+s_mp_add (mp_int * a, mp_int * b, mp_int * c)
+{
+  mp_int *x;
+  int     olduse, res, min, max;
+
+  /* find sizes, we let |a| <= |b| which means we have to sort
+   * them.  "x" will point to the input with the most digits
+   */
+  if (a->used > b->used) {
+    min = b->used;
+    max = a->used;
+    x = a;
+  } else {
+    min = a->used;
+    max = b->used;
+    x = b;
+  }
+
+  /* init result */
+  if (c->alloc < max + 1) {
+    if ((res = mp_grow (c, max + 1)) != MP_OKAY) {
+      return res;
+    }
+  }
+
+  /* get old used digit count and set new one */
+  olduse = c->used;
+  c->used = max + 1;
+
+  {
+    register mp_digit u, *tmpa, *tmpb, *tmpc;
+    register int i;
+
+    /* alias for digit pointers */
+
+    /* first input */
+    tmpa = a->dp;
+
+    /* second input */
+    tmpb = b->dp;
+
+    /* destination */
+    tmpc = c->dp;
+
+    /* zero the carry */
+    u = 0;
+    for (i = 0; i < min; i++) {
+      /* Compute the sum at one digit, T[i] = A[i] + B[i] + U */
+      *tmpc = *tmpa++ + *tmpb++ + u;
+
+      /* U = carry bit of T[i] */
+      u = *tmpc >> ((mp_digit)DIGIT_BIT);
+
+      /* take away carry bit from T[i] */
+      *tmpc++ &= MP_MASK;
+    }
+
+    /* now copy higher words if any, that is in A+B 
+     * if A or B has more digits add those in 
+     */
+    if (min != max) {
+      for (; i < max; i++) {
+        /* T[i] = X[i] + U */
+        *tmpc = x->dp[i] + u;
+
+        /* U = carry bit of T[i] */
+        u = *tmpc >> ((mp_digit)DIGIT_BIT);
+
+        /* take away carry bit from T[i] */
+        *tmpc++ &= MP_MASK;
+      }
+    }
+
+    /* add carry */
+    *tmpc++ = u;
+
+    /* clear digits above oldused */
+    for (i = c->used; i < olduse; i++) {
+      *tmpc++ = 0;
+    }
+  }
+
+  mp_clamp (c);
+  return MP_OKAY;
+}
+
+
+/* low level subtraction (assumes |a| > |b|), HAC pp.595 Algorithm 14.9 */
+int
+s_mp_sub (mp_int * a, mp_int * b, mp_int * c)
+{
+  int     olduse, res, min, max;
+
+  /* find sizes */
+  min = b->used;
+  max = a->used;
+
+  /* init result */
+  if (c->alloc < max) {
+    if ((res = mp_grow (c, max)) != MP_OKAY) {
+      return res;
+    }
+  }
+  olduse = c->used;
+  c->used = max;
+
+  {
+    register mp_digit u, *tmpa, *tmpb, *tmpc;
+    register int i;
+
+    /* alias for digit pointers */
+    tmpa = a->dp;
+    tmpb = b->dp;
+    tmpc = c->dp;
+
+    /* set carry to zero */
+    u = 0;
+    for (i = 0; i < min; i++) {
+      /* T[i] = A[i] - B[i] - U */
+      *tmpc = *tmpa++ - *tmpb++ - u;
+
+      /* U = carry bit of T[i]
+       * Note this saves performing an AND operation since
+       * if a carry does occur it will propagate all the way to the
+       * MSB.  As a result a single shift is enough to get the carry
+       */
+      u = *tmpc >> ((mp_digit)(CHAR_BIT * sizeof (mp_digit) - 1));
+
+      /* Clear carry from T[i] */
+      *tmpc++ &= MP_MASK;
+    }
+
+    /* now copy higher words if any, e.g. if A has more digits than B  */
+    for (; i < max; i++) {
+      /* T[i] = A[i] - U */
+      *tmpc = *tmpa++ - u;
+
+      /* U = carry bit of T[i] */
+      u = *tmpc >> ((mp_digit)(CHAR_BIT * sizeof (mp_digit) - 1));
+
+      /* Clear carry from T[i] */
+      *tmpc++ &= MP_MASK;
+    }
+
+    /* clear digits above used (since we may not have grown result above) */
+    for (i = c->used; i < olduse; i++) {
+      *tmpc++ = 0;
+    }
+  }
+
+  mp_clamp (c);
+  return MP_OKAY;
+}
+
+
+/* high level subtraction (handles signs) */
+int
+mp_sub (mp_int * a, mp_int * b, mp_int * c)
+{
+  int     sa, sb, res;
+
+  sa = a->sign;
+  sb = b->sign;
+
+  if (sa != sb) {
+    /* subtract a negative from a positive, OR */
+    /* subtract a positive from a negative. */
+    /* In either case, ADD their magnitudes, */
+    /* and use the sign of the first number. */
+    c->sign = sa;
+    res = s_mp_add (a, b, c);
+  } else {
+    /* subtract a positive from a positive, OR */
+    /* subtract a negative from a negative. */
+    /* First, take the difference between their */
+    /* magnitudes, then... */
+    if (mp_cmp_mag (a, b) != MP_LT) {
+      /* Copy the sign from the first */
+      c->sign = sa;
+      /* The first has a larger or equal magnitude */
+      res = s_mp_sub (a, b, c);
+    } else {
+      /* The result has the *opposite* sign from */
+      /* the first number. */
+      c->sign = (sa == MP_ZPOS) ? MP_NEG : MP_ZPOS;
+      /* The second has a larger magnitude */
+      res = s_mp_sub (b, a, c);
+    }
+  }
+  return res;
+}
+
+
+/* determines if reduce_2k_l can be used */
+int mp_reduce_is_2k_l(mp_int *a)
+{
+   int ix, iy;
+   
+   if (a->used == 0) {
+      return MP_NO;
+   } else if (a->used == 1) {
+      return MP_YES;
+   } else if (a->used > 1) {
+      /* if more than half of the digits are -1 we're sold */
+      for (iy = ix = 0; ix < a->used; ix++) {
+          if (a->dp[ix] == MP_MASK) {
+              ++iy;
+          }
+      }
+      return (iy >= (a->used/2)) ? MP_YES : MP_NO;
+      
+   }
+   return MP_NO;
+}
+
+
+/* determines if mp_reduce_2k can be used */
+int mp_reduce_is_2k(mp_int *a)
+{
+   int ix, iy, iw;
+   mp_digit iz;
+   
+   if (a->used == 0) {
+      return MP_NO;
+   } else if (a->used == 1) {
+      return MP_YES;
+   } else if (a->used > 1) {
+      iy = mp_count_bits(a);
+      iz = 1;
+      iw = 1;
+    
+      /* Test every bit from the second digit up, must be 1 */
+      for (ix = DIGIT_BIT; ix < iy; ix++) {
+          if ((a->dp[iw] & iz) == 0) {
+             return MP_NO;
+          }
+          iz <<= 1;
+          if (iz > (mp_digit)MP_MASK) {
+             ++iw;
+             iz = 1;
+          }
+      }
+   }
+   return MP_YES;
+}
+
+
+/* determines if a number is a valid DR modulus */
+int mp_dr_is_modulus(mp_int *a)
+{
+   int ix;
+
+   /* must be at least two digits */
+   if (a->used < 2) {
+      return 0;
+   }
+
+   /* must be of the form b**k - a [a <= b] so all
+    * but the first digit must be equal to -1 (mod b).
+    */
+   for (ix = 1; ix < a->used; ix++) {
+       if (a->dp[ix] != MP_MASK) {
+          return 0;
+       }
+   }
+   return 1;
+}
+
+
+/* computes Y == G**X mod P, HAC pp.616, Algorithm 14.85
+ *
+ * Uses a left-to-right k-ary sliding window to compute the modular
+ * exponentiation.
+ * The value of k changes based on the size of the exponent.
+ *
+ * Uses Montgomery or Diminished Radix reduction [whichever appropriate]
+ */
+
+#ifdef MP_LOW_MEM
+   #define TAB_SIZE 32
+#else
+   #define TAB_SIZE 256
+#endif
+
+int mp_exptmod_fast (mp_int * G, mp_int * X, mp_int * P, mp_int * Y,
+                     int redmode)
+{
+  mp_int  M[TAB_SIZE], res;
+  mp_digit buf, mp;
+  int     err, bitbuf, bitcpy, bitcnt, mode, digidx, x, y, winsize;
+
+  /* use a pointer to the reduction algorithm.  This allows us to use
+   * one of many reduction algorithms without modding the guts of
+   * the code with if statements everywhere.
+   */
+  int     (*redux)(mp_int*,mp_int*,mp_digit);
+
+  /* find window size */
+  x = mp_count_bits (X);
+  if (x <= 7) {
+    winsize = 2;
+  } else if (x <= 36) {
+    winsize = 3;
+  } else if (x <= 140) {
+    winsize = 4;
+  } else if (x <= 450) {
+    winsize = 5;
+  } else if (x <= 1303) {
+    winsize = 6;
+  } else if (x <= 3529) {
+    winsize = 7;
+  } else {
+    winsize = 8;
+  }
+
+#ifdef MP_LOW_MEM
+  if (winsize > 5) {
+     winsize = 5;
+  }
+#endif
+
+  /* init M array */
+  /* init first cell */
+  if ((err = mp_init(&M[1])) != MP_OKAY) {
+     return err;
+  }
+
+  /* now init the second half of the array */
+  for (x = 1<<(winsize-1); x < (1 << winsize); x++) {
+    if ((err = mp_init(&M[x])) != MP_OKAY) {
+      for (y = 1<<(winsize-1); y < x; y++) {
+        mp_clear (&M[y]);
+      }
+      mp_clear(&M[1]);
+      return err;
+    }
+  }
+
+  /* determine and setup reduction code */
+  if (redmode == 0) {
+#ifdef BN_MP_MONTGOMERY_SETUP_C     
+     /* now setup montgomery  */
+     if ((err = mp_montgomery_setup (P, &mp)) != MP_OKAY) {
+        goto LBL_M;
+     }
+#else
+     err = MP_VAL;
+     goto LBL_M;
+#endif
+
+     /* automatically pick the comba one if available (saves quite a few
+        calls/ifs) */
+#ifdef BN_FAST_MP_MONTGOMERY_REDUCE_C
+     if (((P->used * 2 + 1) < MP_WARRAY) &&
+          P->used < (1 << ((CHAR_BIT * sizeof (mp_word)) - (2 * DIGIT_BIT)))) {
+        redux = fast_mp_montgomery_reduce;
+     } else 
+#endif
+     {
+#ifdef BN_MP_MONTGOMERY_REDUCE_C
+        /* use slower baseline Montgomery method */
+        redux = mp_montgomery_reduce;
+#else
+        err = MP_VAL;
+        goto LBL_M;
+#endif
+     }
+  } else if (redmode == 1) {
+#if defined(BN_MP_DR_SETUP_C) && defined(BN_MP_DR_REDUCE_C)
+     /* setup DR reduction for moduli of the form B**k - b */
+     mp_dr_setup(P, &mp);
+     redux = mp_dr_reduce;
+#else
+     err = MP_VAL;
+     goto LBL_M;
+#endif
+  } else {
+#if defined(BN_MP_REDUCE_2K_SETUP_C) && defined(BN_MP_REDUCE_2K_C)
+     /* setup DR reduction for moduli of the form 2**k - b */
+     if ((err = mp_reduce_2k_setup(P, &mp)) != MP_OKAY) {
+        goto LBL_M;
+     }
+     redux = mp_reduce_2k;
+#else
+     err = MP_VAL;
+     goto LBL_M;
+#endif
+  }
+
+  /* setup result */
+  if ((err = mp_init (&res)) != MP_OKAY) {
+    goto LBL_M;
+  }
+
+  /* create M table
+   *
+
+   *
+   * The first half of the table is not computed though accept for M[0] and M[1]
+   */
+
+  if (redmode == 0) {
+#ifdef BN_MP_MONTGOMERY_CALC_NORMALIZATION_C
+     /* now we need R mod m */
+     if ((err = mp_montgomery_calc_normalization (&res, P)) != MP_OKAY) {
+       goto LBL_RES;
+     }
+#else 
+     err = MP_VAL;
+     goto LBL_RES;
+#endif
+
+     /* now set M[1] to G * R mod m */
+     if ((err = mp_mulmod (G, &res, P, &M[1])) != MP_OKAY) {
+       goto LBL_RES;
+     }
+  } else {
+     mp_set(&res, 1);
+     if ((err = mp_mod(G, P, &M[1])) != MP_OKAY) {
+        goto LBL_RES;
+     }
+  }
+
+  /* compute the value at M[1<<(winsize-1)] by squaring M[1] (winsize-1) times*/
+  if ((err = mp_copy (&M[1], &M[(mp_digit)(1 << (winsize - 1))])) != MP_OKAY) {
+    goto LBL_RES;
+  }
+
+  for (x = 0; x < (winsize - 1); x++) {
+    if ((err = mp_sqr (&M[(mp_digit)(1 << (winsize - 1))], &M[(mp_digit)(1 << (winsize - 1))])) != MP_OKAY) {
+      goto LBL_RES;
+    }
+    if ((err = redux (&M[(mp_digit)(1 << (winsize - 1))], P, mp)) != MP_OKAY) {
+      goto LBL_RES;
+    }
+  }
+
+  /* create upper table */
+  for (x = (1 << (winsize - 1)) + 1; x < (1 << winsize); x++) {
+    if ((err = mp_mul (&M[x - 1], &M[1], &M[x])) != MP_OKAY) {
+      goto LBL_RES;
+    }
+    if ((err = redux (&M[x], P, mp)) != MP_OKAY) {
+      goto LBL_RES;
+    }
+  }
+
+  /* set initial mode and bit cnt */
+  mode   = 0;
+  bitcnt = 1;
+  buf    = 0;
+  digidx = X->used - 1;
+  bitcpy = 0;
+  bitbuf = 0;
+
+  for (;;) {
+    /* grab next digit as required */
+    if (--bitcnt == 0) {
+      /* if digidx == -1 we are out of digits so break */
+      if (digidx == -1) {
+        break;
+      }
+      /* read next digit and reset bitcnt */
+      buf    = X->dp[digidx--];
+      bitcnt = (int)DIGIT_BIT;
+    }
+
+    /* grab the next msb from the exponent */
+    y     = (int)(buf >> (DIGIT_BIT - 1)) & 1;
+    buf <<= (mp_digit)1;
+
+    /* if the bit is zero and mode == 0 then we ignore it
+     * These represent the leading zero bits before the first 1 bit
+     * in the exponent.  Technically this opt is not required but it
+     * does lower the # of trivial squaring/reductions used
+     */
+    if (mode == 0 && y == 0) {
+      continue;
+    }
+
+    /* if the bit is zero and mode == 1 then we square */
+    if (mode == 1 && y == 0) {
+      if ((err = mp_sqr (&res, &res)) != MP_OKAY) {
+        goto LBL_RES;
+      }
+      if ((err = redux (&res, P, mp)) != MP_OKAY) {
+        goto LBL_RES;
+      }
+      continue;
+    }
+
+    /* else we add it to the window */
+    bitbuf |= (y << (winsize - ++bitcpy));
+    mode    = 2;
+
+    if (bitcpy == winsize) {
+      /* ok window is filled so square as required and multiply  */
+      /* square first */
+      for (x = 0; x < winsize; x++) {
+        if ((err = mp_sqr (&res, &res)) != MP_OKAY) {
+          goto LBL_RES;
+        }
+        if ((err = redux (&res, P, mp)) != MP_OKAY) {
+          goto LBL_RES;
+        }
+      }
+
+      /* then multiply */
+      if ((err = mp_mul (&res, &M[bitbuf], &res)) != MP_OKAY) {
+        goto LBL_RES;
+      }
+      if ((err = redux (&res, P, mp)) != MP_OKAY) {
+        goto LBL_RES;
+      }
+
+      /* empty window and reset */
+      bitcpy = 0;
+      bitbuf = 0;
+      mode   = 1;
+    }
+  }
+
+  /* if bits remain then square/multiply */
+  if (mode == 2 && bitcpy > 0) {
+    /* square then multiply if the bit is set */
+    for (x = 0; x < bitcpy; x++) {
+      if ((err = mp_sqr (&res, &res)) != MP_OKAY) {
+        goto LBL_RES;
+      }
+      if ((err = redux (&res, P, mp)) != MP_OKAY) {
+        goto LBL_RES;
+      }
+
+      /* get next bit of the window */
+      bitbuf <<= 1;
+      if ((bitbuf & (1 << winsize)) != 0) {
+        /* then multiply */
+        if ((err = mp_mul (&res, &M[1], &res)) != MP_OKAY) {
+          goto LBL_RES;
+        }
+        if ((err = redux (&res, P, mp)) != MP_OKAY) {
+          goto LBL_RES;
+        }
+      }
+    }
+  }
+
+  if (redmode == 0) {
+     /* fixup result if Montgomery reduction is used
+      * recall that any value in a Montgomery system is
+      * actually multiplied by R mod n.  So we have
+      * to reduce one more time to cancel out the factor
+      * of R.
+      */
+     if ((err = redux(&res, P, mp)) != MP_OKAY) {
+       goto LBL_RES;
+     }
+  }
+
+  /* swap res with Y */
+  mp_exch (&res, Y);
+  err = MP_OKAY;
+LBL_RES:mp_clear (&res);
+LBL_M:
+  mp_clear(&M[1]);
+  for (x = 1<<(winsize-1); x < (1 << winsize); x++) {
+    mp_clear (&M[x]);
+  }
+  return err;
+}
+
+
+/* setups the montgomery reduction stuff */
+int
+mp_montgomery_setup (mp_int * n, mp_digit * rho)
+{
+  mp_digit x, b;
+
+/* fast inversion mod 2**k
+ *
+ * Based on the fact that
+ *
+ * XA = 1 (mod 2**n)  =>  (X(2-XA)) A = 1 (mod 2**2n)
+ *                    =>  2*X*A - X*X*A*A = 1
+ *                    =>  2*(1) - (1)     = 1
+ */
+  b = n->dp[0];
+
+  if ((b & 1) == 0) {
+    return MP_VAL;
+  }
+
+  x = (((b + 2) & 4) << 1) + b; /* here x*a==1 mod 2**4 */
+  x *= 2 - b * x;               /* here x*a==1 mod 2**8 */
+#if !defined(MP_8BIT)
+  x *= 2 - b * x;               /* here x*a==1 mod 2**16 */
+#endif
+#if defined(MP_64BIT) || !(defined(MP_8BIT) || defined(MP_16BIT))
+  x *= 2 - b * x;               /* here x*a==1 mod 2**32 */
+#endif
+#ifdef MP_64BIT
+  x *= 2 - b * x;               /* here x*a==1 mod 2**64 */
+#endif
+
+  /* rho = -1/m mod b */
+  /* TAO, switched mp_word casts to mp_digit to shut up compiler */
+  *rho = (((mp_digit)1 << ((mp_digit) DIGIT_BIT)) - x) & MP_MASK;
+
+  return MP_OKAY;
+}
+
+
+/* computes xR**-1 == x (mod N) via Montgomery Reduction
+ *
+ * This is an optimized implementation of montgomery_reduce
+ * which uses the comba method to quickly calculate the columns of the
+ * reduction.
+ *
+ * Based on Algorithm 14.32 on pp.601 of HAC.
+*/
+int fast_mp_montgomery_reduce (mp_int * x, mp_int * n, mp_digit rho)
+{
+  int     ix, res, olduse;
+#ifdef WOLFSSL_SMALL_STACK
+  mp_word* W;    /* uses dynamic memory and slower */
+#else
+  mp_word W[MP_WARRAY];
+#endif
+
+  /* get old used count */
+  olduse = x->used;
+
+  /* grow a as required */
+  if (x->alloc < n->used + 1) {
+    if ((res = mp_grow (x, n->used + 1)) != MP_OKAY) {
+      return res;
+    }
+  }
+
+#ifdef WOLFSSL_SMALL_STACK
+  W = (mp_word*)XMALLOC(sizeof(mp_word) * MP_WARRAY, 0, DYNAMIC_TYPE_BIGINT);
+  if (W == NULL)    
+    return MP_MEM;
+#endif
+
+  /* first we have to get the digits of the input into
+   * an array of double precision words W[...]
+   */
+  {
+    register mp_word *_W;
+    register mp_digit *tmpx;
+
+    /* alias for the W[] array */
+    _W   = W;
+
+    /* alias for the digits of  x*/
+    tmpx = x->dp;
+
+    /* copy the digits of a into W[0..a->used-1] */
+    for (ix = 0; ix < x->used; ix++) {
+      *_W++ = *tmpx++;
+    }
+
+    /* zero the high words of W[a->used..m->used*2] */
+    for (; ix < n->used * 2 + 1; ix++) {
+      *_W++ = 0;
+    }
+  }
+
+  /* now we proceed to zero successive digits
+   * from the least significant upwards
+   */
+  for (ix = 0; ix < n->used; ix++) {
+    /* mu = ai * m' mod b
+     *
+     * We avoid a double precision multiplication (which isn't required)
+     * by casting the value down to a mp_digit.  Note this requires
+     * that W[ix-1] have  the carry cleared (see after the inner loop)
+     */
+    register mp_digit mu;
+    mu = (mp_digit) (((W[ix] & MP_MASK) * rho) & MP_MASK);
+
+    /* a = a + mu * m * b**i
+     *
+     * This is computed in place and on the fly.  The multiplication
+     * by b**i is handled by offseting which columns the results
+     * are added to.
+     *
+     * Note the comba method normally doesn't handle carries in the
+     * inner loop In this case we fix the carry from the previous
+     * column since the Montgomery reduction requires digits of the
+     * result (so far) [see above] to work.  This is
+     * handled by fixing up one carry after the inner loop.  The
+     * carry fixups are done in order so after these loops the
+     * first m->used words of W[] have the carries fixed
+     */
+    {
+      register int iy;
+      register mp_digit *tmpn;
+      register mp_word *_W;
+
+      /* alias for the digits of the modulus */
+      tmpn = n->dp;
+
+      /* Alias for the columns set by an offset of ix */
+      _W = W + ix;
+
+      /* inner loop */
+      for (iy = 0; iy < n->used; iy++) {
+          *_W++ += ((mp_word)mu) * ((mp_word)*tmpn++);
+      }
+    }
+
+    /* now fix carry for next digit, W[ix+1] */
+    W[ix + 1] += W[ix] >> ((mp_word) DIGIT_BIT);
+  }
+
+  /* now we have to propagate the carries and
+   * shift the words downward [all those least
+   * significant digits we zeroed].
+   */
+  {
+    register mp_digit *tmpx;
+    register mp_word *_W, *_W1;
+
+    /* nox fix rest of carries */
+
+    /* alias for current word */
+    _W1 = W + ix;
+
+    /* alias for next word, where the carry goes */
+    _W = W + ++ix;
+
+    for (; ix <= n->used * 2 + 1; ix++) {
+      *_W++ += *_W1++ >> ((mp_word) DIGIT_BIT);
+    }
+
+    /* copy out, A = A/b**n
+     *
+     * The result is A/b**n but instead of converting from an
+     * array of mp_word to mp_digit than calling mp_rshd
+     * we just copy them in the right order
+     */
+
+    /* alias for destination word */
+    tmpx = x->dp;
+
+    /* alias for shifted double precision result */
+    _W = W + n->used;
+
+    for (ix = 0; ix < n->used + 1; ix++) {
+      *tmpx++ = (mp_digit)(*_W++ & ((mp_word) MP_MASK));
+    }
+
+    /* zero oldused digits, if the input a was larger than
+     * m->used+1 we'll have to clear the digits
+     */
+    for (; ix < olduse; ix++) {
+      *tmpx++ = 0;
+    }
+  }
+
+  /* set the max used and clamp */
+  x->used = n->used + 1;
+  mp_clamp (x);
+
+#ifdef WOLFSSL_SMALL_STACK
+  XFREE(W, 0, DYNAMIC_TYPE_BIGINT);
+#endif
+
+  /* if A >= m then A = A - m */
+  if (mp_cmp_mag (x, n) != MP_LT) {
+    return s_mp_sub (x, n, x);
+  }
+  return MP_OKAY;
+}
+
+
+/* computes xR**-1 == x (mod N) via Montgomery Reduction */
+int
+mp_montgomery_reduce (mp_int * x, mp_int * n, mp_digit rho)
+{
+  int     ix, res, digs;
+  mp_digit mu;
+
+  /* can the fast reduction [comba] method be used?
+   *
+   * Note that unlike in mul you're safely allowed *less*
+   * than the available columns [255 per default] since carries
+   * are fixed up in the inner loop.
+   */
+  digs = n->used * 2 + 1;
+  if ((digs < MP_WARRAY) &&
+      n->used <
+      (1 << ((CHAR_BIT * sizeof (mp_word)) - (2 * DIGIT_BIT)))) {
+    return fast_mp_montgomery_reduce (x, n, rho);
+  }
+
+  /* grow the input as required */
+  if (x->alloc < digs) {
+    if ((res = mp_grow (x, digs)) != MP_OKAY) {
+      return res;
+    }
+  }
+  x->used = digs;
+
+  for (ix = 0; ix < n->used; ix++) {
+    /* mu = ai * rho mod b
+     *
+     * The value of rho must be precalculated via
+     * montgomery_setup() such that
+     * it equals -1/n0 mod b this allows the
+     * following inner loop to reduce the
+     * input one digit at a time
+     */
+    mu = (mp_digit) (((mp_word)x->dp[ix]) * ((mp_word)rho) & MP_MASK);
+
+    /* a = a + mu * m * b**i */
+    {
+      register int iy;
+      register mp_digit *tmpn, *tmpx, u;
+      register mp_word r;
+
+      /* alias for digits of the modulus */
+      tmpn = n->dp;
+
+      /* alias for the digits of x [the input] */
+      tmpx = x->dp + ix;
+
+      /* set the carry to zero */
+      u = 0;
+
+      /* Multiply and add in place */
+      for (iy = 0; iy < n->used; iy++) {
+        /* compute product and sum */
+        r       = ((mp_word)mu) * ((mp_word)*tmpn++) +
+                  ((mp_word) u) + ((mp_word) * tmpx);
+
+        /* get carry */
+        u       = (mp_digit)(r >> ((mp_word) DIGIT_BIT));
+
+        /* fix digit */
+        *tmpx++ = (mp_digit)(r & ((mp_word) MP_MASK));
+      }
+      /* At this point the ix'th digit of x should be zero */
+
+
+      /* propagate carries upwards as required*/
+      while (u) {
+        *tmpx   += u;
+        u        = *tmpx >> DIGIT_BIT;
+        *tmpx++ &= MP_MASK;
+      }
+    }
+  }
+
+  /* at this point the n.used'th least
+   * significant digits of x are all zero
+   * which means we can shift x to the
+   * right by n.used digits and the
+   * residue is unchanged.
+   */
+
+  /* x = x/b**n.used */
+  mp_clamp(x);
+  mp_rshd (x, n->used);
+
+  /* if x >= n then x = x - n */
+  if (mp_cmp_mag (x, n) != MP_LT) {
+    return s_mp_sub (x, n, x);
+  }
+
+  return MP_OKAY;
+}
+
+
+/* determines the setup value */
+void mp_dr_setup(mp_int *a, mp_digit *d)
+{
+   /* the casts are required if DIGIT_BIT is one less than
+    * the number of bits in a mp_digit [e.g. DIGIT_BIT==31]
+    */
+   *d = (mp_digit)((((mp_word)1) << ((mp_word)DIGIT_BIT)) - 
+        ((mp_word)a->dp[0]));
+}
+
+
+/* reduce "x" in place modulo "n" using the Diminished Radix algorithm.
+ *
+ * Based on algorithm from the paper
+ *
+ * "Generating Efficient Primes for Discrete Log Cryptosystems"
+ *                 Chae Hoon Lim, Pil Joong Lee,
+ *          POSTECH Information Research Laboratories
+ *
+ * The modulus must be of a special format [see manual]
+ *
+ * Has been modified to use algorithm 7.10 from the LTM book instead
+ *
+ * Input x must be in the range 0 <= x <= (n-1)**2
+ */
+int
+mp_dr_reduce (mp_int * x, mp_int * n, mp_digit k)
+{
+  int      err, i, m;
+  mp_word  r;
+  mp_digit mu, *tmpx1, *tmpx2;
+
+  /* m = digits in modulus */
+  m = n->used;
+
+  /* ensure that "x" has at least 2m digits */
+  if (x->alloc < m + m) {
+    if ((err = mp_grow (x, m + m)) != MP_OKAY) {
+      return err;
+    }
+  }
+
+/* top of loop, this is where the code resumes if
+ * another reduction pass is required.
+ */
+top:
+  /* aliases for digits */
+  /* alias for lower half of x */
+  tmpx1 = x->dp;
+
+  /* alias for upper half of x, or x/B**m */
+  tmpx2 = x->dp + m;
+
+  /* set carry to zero */
+  mu = 0;
+
+  /* compute (x mod B**m) + k * [x/B**m] inline and inplace */
+  for (i = 0; i < m; i++) {
+      r         = ((mp_word)*tmpx2++) * ((mp_word)k) + *tmpx1 + mu;
+      *tmpx1++  = (mp_digit)(r & MP_MASK);
+      mu        = (mp_digit)(r >> ((mp_word)DIGIT_BIT));
+  }
+
+  /* set final carry */
+  *tmpx1++ = mu;
+
+  /* zero words above m */
+  for (i = m + 1; i < x->used; i++) {
+      *tmpx1++ = 0;
+  }
+
+  /* clamp, sub and return */
+  mp_clamp (x);
+
+  /* if x >= n then subtract and reduce again
+   * Each successive "recursion" makes the input smaller and smaller.
+   */
+  if (mp_cmp_mag (x, n) != MP_LT) {
+    s_mp_sub(x, n, x);
+    goto top;
+  }
+  return MP_OKAY;
+}
+
+
+/* reduces a modulo n where n is of the form 2**p - d */
+int mp_reduce_2k(mp_int *a, mp_int *n, mp_digit d)
+{
+   mp_int q;
+   int    p, res;
+   
+   if ((res = mp_init(&q)) != MP_OKAY) {
+      return res;
+   }
+   
+   p = mp_count_bits(n);    
+top:
+   /* q = a/2**p, a = a mod 2**p */
+   if ((res = mp_div_2d(a, p, &q, a)) != MP_OKAY) {
+      goto ERR;
+   }
+   
+   if (d != 1) {
+      /* q = q * d */
+      if ((res = mp_mul_d(&q, d, &q)) != MP_OKAY) { 
+         goto ERR;
+      }
+   }
+   
+   /* a = a + q */
+   if ((res = s_mp_add(a, &q, a)) != MP_OKAY) {
+      goto ERR;
+   }
+   
+   if (mp_cmp_mag(a, n) != MP_LT) {
+      s_mp_sub(a, n, a);
+      goto top;
+   }
+   
+ERR:
+   mp_clear(&q);
+   return res;
+}
+
+
+/* determines the setup value */
+int mp_reduce_2k_setup(mp_int *a, mp_digit *d)
+{
+   int res, p;
+   mp_int tmp;
+   
+   if ((res = mp_init(&tmp)) != MP_OKAY) {
+      return res;
+   }
+   
+   p = mp_count_bits(a);
+   if ((res = mp_2expt(&tmp, p)) != MP_OKAY) {
+      mp_clear(&tmp);
+      return res;
+   }
+   
+   if ((res = s_mp_sub(&tmp, a, &tmp)) != MP_OKAY) {
+      mp_clear(&tmp);
+      return res;
+   }
+   
+   *d = tmp.dp[0];
+   mp_clear(&tmp);
+   return MP_OKAY;
+}
+
+
+/* computes a = 2**b 
+ *
+ * Simple algorithm which zeroes the int, grows it then just sets one bit
+ * as required.
+ */
+int
+mp_2expt (mp_int * a, int b)
+{
+  int     res;
+
+  /* zero a as per default */
+  mp_zero (a);
+
+  /* grow a to accomodate the single bit */
+  if ((res = mp_grow (a, b / DIGIT_BIT + 1)) != MP_OKAY) {
+    return res;
+  }
+
+  /* set the used count of where the bit will go */
+  a->used = b / DIGIT_BIT + 1;
+
+  /* put the single bit in its place */
+  a->dp[b / DIGIT_BIT] = ((mp_digit)1) << (b % DIGIT_BIT);
+
+  return MP_OKAY;
+}
+
+
+/* multiply by a digit */
+int
+mp_mul_d (mp_int * a, mp_digit b, mp_int * c)
+{
+  mp_digit u, *tmpa, *tmpc;
+  mp_word  r;
+  int      ix, res, olduse;
+
+  /* make sure c is big enough to hold a*b */
+  if (c->alloc < a->used + 1) {
+    if ((res = mp_grow (c, a->used + 1)) != MP_OKAY) {
+      return res;
+    }
+  }
+
+  /* get the original destinations used count */
+  olduse = c->used;
+
+  /* set the sign */
+  c->sign = a->sign;
+
+  /* alias for a->dp [source] */
+  tmpa = a->dp;
+
+  /* alias for c->dp [dest] */
+  tmpc = c->dp;
+
+  /* zero carry */
+  u = 0;
+
+  /* compute columns */
+  for (ix = 0; ix < a->used; ix++) {
+    /* compute product and carry sum for this term */
+    r       = ((mp_word) u) + ((mp_word)*tmpa++) * ((mp_word)b);
+
+    /* mask off higher bits to get a single digit */
+    *tmpc++ = (mp_digit) (r & ((mp_word) MP_MASK));
+
+    /* send carry into next iteration */
+    u       = (mp_digit) (r >> ((mp_word) DIGIT_BIT));
+  }
+
+  /* store final carry [if any] and increment ix offset  */
+  *tmpc++ = u;
+  ++ix;
+
+  /* now zero digits above the top */
+  while (ix++ < olduse) {
+     *tmpc++ = 0;
+  }
+
+  /* set used count */
+  c->used = a->used + 1;
+  mp_clamp(c);
+
+  return MP_OKAY;
+}
+
+
+/* d = a * b (mod c) */
+int mp_mulmod (mp_int * a, mp_int * b, mp_int * c, mp_int * d)
+{
+  int     res;
+  mp_int  t;
+
+  if ((res = mp_init (&t)) != MP_OKAY) {
+    return res;
+  }
+
+  if ((res = mp_mul (a, b, &t)) != MP_OKAY) {
+    mp_clear (&t);
+    return res;
+  }
+  res = mp_mod (&t, c, d);
+  mp_clear (&t);
+  return res;
+}
+
+
+/* computes b = a*a */
+int
+mp_sqr (mp_int * a, mp_int * b)
+{
+  int     res;
+
+  {
+#ifdef BN_FAST_S_MP_SQR_C
+    /* can we use the fast comba multiplier? */
+    if ((a->used * 2 + 1) < MP_WARRAY && 
+         a->used < 
+         (1 << (sizeof(mp_word) * CHAR_BIT - 2*DIGIT_BIT - 1))) {
+      res = fast_s_mp_sqr (a, b);
+    } else
+#endif
+#ifdef BN_S_MP_SQR_C
+      res = s_mp_sqr (a, b);
+#else
+      res = MP_VAL;
+#endif
+  }
+  b->sign = MP_ZPOS;
+  return res;
+}
+
+
+/* high level multiplication (handles sign) */
+int mp_mul (mp_int * a, mp_int * b, mp_int * c)
+{
+  int     res, neg;
+  neg = (a->sign == b->sign) ? MP_ZPOS : MP_NEG;
+
+  {
+    /* can we use the fast multiplier?
+     *
+     * The fast multiplier can be used if the output will 
+     * have less than MP_WARRAY digits and the number of 
+     * digits won't affect carry propagation
+     */
+    int     digs = a->used + b->used + 1;
+
+#ifdef BN_FAST_S_MP_MUL_DIGS_C
+    if ((digs < MP_WARRAY) &&
+        MIN(a->used, b->used) <= 
+        (1 << ((CHAR_BIT * sizeof (mp_word)) - (2 * DIGIT_BIT)))) {
+      res = fast_s_mp_mul_digs (a, b, c, digs);
+    } else 
+#endif
+#ifdef BN_S_MP_MUL_DIGS_C
+      res = s_mp_mul (a, b, c); /* uses s_mp_mul_digs */
+#else
+      res = MP_VAL;
+#endif
+
+  }
+  c->sign = (c->used > 0) ? neg : MP_ZPOS;
+  return res;
+}
+
+
+/* b = a*2 */
+int mp_mul_2(mp_int * a, mp_int * b)
+{
+  int     x, res, oldused;
+
+  /* grow to accomodate result */
+  if (b->alloc < a->used + 1) {
+    if ((res = mp_grow (b, a->used + 1)) != MP_OKAY) {
+      return res;
+    }
+  }
+
+  oldused = b->used;
+  b->used = a->used;
+
+  {
+    register mp_digit r, rr, *tmpa, *tmpb;
+
+    /* alias for source */
+    tmpa = a->dp;
+    
+    /* alias for dest */
+    tmpb = b->dp;
+
+    /* carry */
+    r = 0;
+    for (x = 0; x < a->used; x++) {
+    
+      /* get what will be the *next* carry bit from the 
+       * MSB of the current digit 
+       */
+      rr = *tmpa >> ((mp_digit)(DIGIT_BIT - 1));
+      
+      /* now shift up this digit, add in the carry [from the previous] */
+      *tmpb++ = ((*tmpa++ << ((mp_digit)1)) | r) & MP_MASK;
+      
+      /* copy the carry that would be from the source 
+       * digit into the next iteration 
+       */
+      r = rr;
+    }
+
+    /* new leading digit? */
+    if (r != 0) {
+      /* add a MSB which is always 1 at this point */
+      *tmpb = 1;
+      ++(b->used);
+    }
+
+    /* now zero any excess digits on the destination 
+     * that we didn't write to 
+     */
+    tmpb = b->dp + b->used;
+    for (x = b->used; x < oldused; x++) {
+      *tmpb++ = 0;
+    }
+  }
+  b->sign = a->sign;
+  return MP_OKAY;
+}
+
+
+/* divide by three (based on routine from MPI and the GMP manual) */
+int
+mp_div_3 (mp_int * a, mp_int *c, mp_digit * d)
+{
+  mp_int   q;
+  mp_word  w, t;
+  mp_digit b;
+  int      res, ix;
+  
+  /* b = 2**DIGIT_BIT / 3 */
+  b = (mp_digit) ( (((mp_word)1) << ((mp_word)DIGIT_BIT)) / ((mp_word)3) );
+
+  if ((res = mp_init_size(&q, a->used)) != MP_OKAY) {
+     return res;
+  }
+  
+  q.used = a->used;
+  q.sign = a->sign;
+  w = 0;
+  for (ix = a->used - 1; ix >= 0; ix--) {
+     w = (w << ((mp_word)DIGIT_BIT)) | ((mp_word)a->dp[ix]);
+
+     if (w >= 3) {
+        /* multiply w by [1/3] */
+        t = (w * ((mp_word)b)) >> ((mp_word)DIGIT_BIT);
+
+        /* now subtract 3 * [w/3] from w, to get the remainder */
+        w -= t+t+t;
+
+        /* fixup the remainder as required since
+         * the optimization is not exact.
+         */
+        while (w >= 3) {
+           t += 1;
+           w -= 3;
+        }
+      } else {
+        t = 0;
+      }
+      q.dp[ix] = (mp_digit)t;
+  }
+
+  /* [optional] store the remainder */
+  if (d != NULL) {
+     *d = (mp_digit)w;
+  }
+
+  /* [optional] store the quotient */
+  if (c != NULL) {
+     mp_clamp(&q);
+     mp_exch(&q, c);
+  }
+  mp_clear(&q);
+  
+  return res;
+}
+
+
+/* init an mp_init for a given size */
+int mp_init_size (mp_int * a, int size)
+{
+  int x;
+
+  /* pad size so there are always extra digits */
+  size += (MP_PREC * 2) - (size % MP_PREC);	
+  
+  /* alloc mem */
+  a->dp = OPT_CAST(mp_digit) XMALLOC (sizeof (mp_digit) * size, 0,
+                                      DYNAMIC_TYPE_BIGINT);
+  if (a->dp == NULL) {
+    return MP_MEM;
+  }
+
+  /* set the members */
+  a->used  = 0;
+  a->alloc = size;
+  a->sign  = MP_ZPOS;
+
+  /* zero the digits */
+  for (x = 0; x < size; x++) {
+      a->dp[x] = 0;
+  }
+
+  return MP_OKAY;
+}
+
+
+/* the jist of squaring...
+ * you do like mult except the offset of the tmpx [one that 
+ * starts closer to zero] can't equal the offset of tmpy.  
+ * So basically you set up iy like before then you min it with
+ * (ty-tx) so that it never happens.  You double all those 
+ * you add in the inner loop
+
+After that loop you do the squares and add them in.
+*/
+
+int fast_s_mp_sqr (mp_int * a, mp_int * b)
+{
+  int       olduse, res, pa, ix, iz;
+#ifdef WOLFSSL_SMALL_STACK
+  mp_digit* W;    /* uses dynamic memory and slower */
+#else
+  mp_digit W[MP_WARRAY];
+#endif
+  mp_digit  *tmpx;
+  mp_word   W1;
+
+  /* grow the destination as required */
+  pa = a->used + a->used;
+  if (b->alloc < pa) {
+    if ((res = mp_grow (b, pa)) != MP_OKAY) {
+      return res;
+    }
+  }
+
+  if (pa > MP_WARRAY)
+    return MP_RANGE;  /* TAO range check */
+
+#ifdef WOLFSSL_SMALL_STACK
+  W = (mp_digit*)XMALLOC(sizeof(mp_digit) * MP_WARRAY, 0, DYNAMIC_TYPE_BIGINT);
+  if (W == NULL)    
+    return MP_MEM;
+#endif
+
+  /* number of output digits to produce */
+  W1 = 0;
+  for (ix = 0; ix < pa; ix++) { 
+      int      tx, ty, iy;
+      mp_word  _W;
+      mp_digit *tmpy;
+
+      /* clear counter */
+      _W = 0;
+
+      /* get offsets into the two bignums */
+      ty = MIN(a->used-1, ix);
+      tx = ix - ty;
+
+      /* setup temp aliases */
+      tmpx = a->dp + tx;
+      tmpy = a->dp + ty;
+
+      /* this is the number of times the loop will iterrate, essentially
+         while (tx++ < a->used && ty-- >= 0) { ... }
+       */
+      iy = MIN(a->used-tx, ty+1);
+
+      /* now for squaring tx can never equal ty 
+       * we halve the distance since they approach at a rate of 2x
+       * and we have to round because odd cases need to be executed
+       */
+      iy = MIN(iy, (ty-tx+1)>>1);
+
+      /* execute loop */
+      for (iz = 0; iz < iy; iz++) {
+         _W += ((mp_word)*tmpx++)*((mp_word)*tmpy--);
+      }
+
+      /* double the inner product and add carry */
+      _W = _W + _W + W1;
+
+      /* even columns have the square term in them */
+      if ((ix&1) == 0) {
+         _W += ((mp_word)a->dp[ix>>1])*((mp_word)a->dp[ix>>1]);
+      }
+
+      /* store it */
+      W[ix] = (mp_digit)(_W & MP_MASK);
+
+      /* make next carry */
+      W1 = _W >> ((mp_word)DIGIT_BIT);
+  }
+
+  /* setup dest */
+  olduse  = b->used;
+  b->used = a->used+a->used;
+
+  {
+    mp_digit *tmpb;
+    tmpb = b->dp;
+    for (ix = 0; ix < pa; ix++) {
+      *tmpb++ = W[ix] & MP_MASK;
+    }
+
+    /* clear unused digits [that existed in the old copy of c] */
+    for (; ix < olduse; ix++) {
+      *tmpb++ = 0;
+    }
+  }
+  mp_clamp (b);
+
+#ifdef WOLFSSL_SMALL_STACK
+  XFREE(W, 0, DYNAMIC_TYPE_BIGINT);
+#endif
+
+  return MP_OKAY;
+}
+
+
+/* Fast (comba) multiplier
+ *
+ * This is the fast column-array [comba] multiplier.  It is 
+ * designed to compute the columns of the product first 
+ * then handle the carries afterwards.  This has the effect 
+ * of making the nested loops that compute the columns very
+ * simple and schedulable on super-scalar processors.
+ *
+ * This has been modified to produce a variable number of 
+ * digits of output so if say only a half-product is required 
+ * you don't have to compute the upper half (a feature 
+ * required for fast Barrett reduction).
+ *
+ * Based on Algorithm 14.12 on pp.595 of HAC.
+ *
+ */
+int fast_s_mp_mul_digs (mp_int * a, mp_int * b, mp_int * c, int digs)
+{
+  int     olduse, res, pa, ix, iz;
+#ifdef WOLFSSL_SMALL_STACK
+  mp_digit* W;    /* uses dynamic memory and slower */
+#else
+  mp_digit W[MP_WARRAY];
+#endif
+  register mp_word  _W;
+
+  /* grow the destination as required */
+  if (c->alloc < digs) {
+    if ((res = mp_grow (c, digs)) != MP_OKAY) {
+      return res;
+    }
+  }
+
+  /* number of output digits to produce */
+  pa = MIN(digs, a->used + b->used);
+  if (pa > MP_WARRAY)
+    return MP_RANGE;  /* TAO range check */
+
+#ifdef WOLFSSL_SMALL_STACK
+  W = (mp_digit*)XMALLOC(sizeof(mp_digit) * MP_WARRAY, 0, DYNAMIC_TYPE_BIGINT);
+  if (W == NULL)    
+    return MP_MEM;
+#endif
+
+  /* clear the carry */
+  _W = 0;
+  for (ix = 0; ix < pa; ix++) { 
+      int      tx, ty;
+      int      iy;
+      mp_digit *tmpx, *tmpy;
+
+      /* get offsets into the two bignums */
+      ty = MIN(b->used-1, ix);
+      tx = ix - ty;
+
+      /* setup temp aliases */
+      tmpx = a->dp + tx;
+      tmpy = b->dp + ty;
+
+      /* this is the number of times the loop will iterrate, essentially 
+         while (tx++ < a->used && ty-- >= 0) { ... }
+       */
+      iy = MIN(a->used-tx, ty+1);
+
+      /* execute loop */
+      for (iz = 0; iz < iy; ++iz) {
+         _W += ((mp_word)*tmpx++)*((mp_word)*tmpy--);
+
+      }
+
+      /* store term */
+      W[ix] = ((mp_digit)_W) & MP_MASK;
+
+      /* make next carry */
+      _W = _W >> ((mp_word)DIGIT_BIT);
+ }
+
+  /* setup dest */
+  olduse  = c->used;
+  c->used = pa;
+
+  {
+    register mp_digit *tmpc;
+    tmpc = c->dp;
+    for (ix = 0; ix < pa+1; ix++) {
+      /* now extract the previous digit [below the carry] */
+      *tmpc++ = W[ix];
+    }
+
+    /* clear unused digits [that existed in the old copy of c] */
+    for (; ix < olduse; ix++) {
+      *tmpc++ = 0;
+    }
+  }
+  mp_clamp (c);
+
+#ifdef WOLFSSL_SMALL_STACK
+  XFREE(W, 0, DYNAMIC_TYPE_BIGINT);
+#endif
+
+  return MP_OKAY;
+}
+
+
+/* low level squaring, b = a*a, HAC pp.596-597, Algorithm 14.16 */
+int s_mp_sqr (mp_int * a, mp_int * b)
+{
+  mp_int  t;
+  int     res, ix, iy, pa;
+  mp_word r;
+  mp_digit u, tmpx, *tmpt;
+
+  pa = a->used;
+  if ((res = mp_init_size (&t, 2*pa + 1)) != MP_OKAY) {
+    return res;
+  }
+
+  /* default used is maximum possible size */
+  t.used = 2*pa + 1;
+
+  for (ix = 0; ix < pa; ix++) {
+    /* first calculate the digit at 2*ix */
+    /* calculate double precision result */
+    r = ((mp_word) t.dp[2*ix]) +
+        ((mp_word)a->dp[ix])*((mp_word)a->dp[ix]);
+
+    /* store lower part in result */
+    t.dp[ix+ix] = (mp_digit) (r & ((mp_word) MP_MASK));
+
+    /* get the carry */
+    u           = (mp_digit)(r >> ((mp_word) DIGIT_BIT));
+
+    /* left hand side of A[ix] * A[iy] */
+    tmpx        = a->dp[ix];
+
+    /* alias for where to store the results */
+    tmpt        = t.dp + (2*ix + 1);
+    
+    for (iy = ix + 1; iy < pa; iy++) {
+      /* first calculate the product */
+      r       = ((mp_word)tmpx) * ((mp_word)a->dp[iy]);
+
+      /* now calculate the double precision result, note we use
+       * addition instead of *2 since it's easier to optimize
+       */
+      r       = ((mp_word) *tmpt) + r + r + ((mp_word) u);
+
+      /* store lower part */
+      *tmpt++ = (mp_digit) (r & ((mp_word) MP_MASK));
+
+      /* get carry */
+      u       = (mp_digit)(r >> ((mp_word) DIGIT_BIT));
+    }
+    /* propagate upwards */
+    while (u != ((mp_digit) 0)) {
+      r       = ((mp_word) *tmpt) + ((mp_word) u);
+      *tmpt++ = (mp_digit) (r & ((mp_word) MP_MASK));
+      u       = (mp_digit)(r >> ((mp_word) DIGIT_BIT));
+    }
+  }
+
+  mp_clamp (&t);
+  mp_exch (&t, b);
+  mp_clear (&t);
+  return MP_OKAY;
+}
+
+
+/* multiplies |a| * |b| and only computes upto digs digits of result
+ * HAC pp. 595, Algorithm 14.12  Modified so you can control how 
+ * many digits of output are created.
+ */
+int s_mp_mul_digs (mp_int * a, mp_int * b, mp_int * c, int digs)
+{
+  mp_int  t;
+  int     res, pa, pb, ix, iy;
+  mp_digit u;
+  mp_word r;
+  mp_digit tmpx, *tmpt, *tmpy;
+
+  /* can we use the fast multiplier? */
+  if (((digs) < MP_WARRAY) &&
+      MIN (a->used, b->used) < 
+          (1 << ((CHAR_BIT * sizeof (mp_word)) - (2 * DIGIT_BIT)))) {
+    return fast_s_mp_mul_digs (a, b, c, digs);
+  }
+
+  if ((res = mp_init_size (&t, digs)) != MP_OKAY) {
+    return res;
+  }
+  t.used = digs;
+
+  /* compute the digits of the product directly */
+  pa = a->used;
+  for (ix = 0; ix < pa; ix++) {
+    /* set the carry to zero */
+    u = 0;
+
+    /* limit ourselves to making digs digits of output */
+    pb = MIN (b->used, digs - ix);
+
+    /* setup some aliases */
+    /* copy of the digit from a used within the nested loop */
+    tmpx = a->dp[ix];
+    
+    /* an alias for the destination shifted ix places */
+    tmpt = t.dp + ix;
+    
+    /* an alias for the digits of b */
+    tmpy = b->dp;
+
+    /* compute the columns of the output and propagate the carry */
+    for (iy = 0; iy < pb; iy++) {
+      /* compute the column as a mp_word */
+      r       = ((mp_word)*tmpt) +
+                ((mp_word)tmpx) * ((mp_word)*tmpy++) +
+                ((mp_word) u);
+
+      /* the new column is the lower part of the result */
+      *tmpt++ = (mp_digit) (r & ((mp_word) MP_MASK));
+
+      /* get the carry word from the result */
+      u       = (mp_digit) (r >> ((mp_word) DIGIT_BIT));
+    }
+    /* set carry if it is placed below digs */
+    if (ix + iy < digs) {
+      *tmpt = u;
+    }
+  }
+
+  mp_clamp (&t);
+  mp_exch (&t, c);
+
+  mp_clear (&t);
+  return MP_OKAY;
+}
+
+
+/*
+ * shifts with subtractions when the result is greater than b.
+ *
+ * The method is slightly modified to shift B unconditionally upto just under
+ * the leading bit of b.  This saves alot of multiple precision shifting.
+ */
+int mp_montgomery_calc_normalization (mp_int * a, mp_int * b)
+{
+  int     x, bits, res;
+
+  /* how many bits of last digit does b use */
+  bits = mp_count_bits (b) % DIGIT_BIT;
+
+  if (b->used > 1) {
+     if ((res = mp_2expt (a, (b->used - 1) * DIGIT_BIT + bits - 1)) != MP_OKAY) {
+        return res;
+     }
+  } else {
+     mp_set(a, 1);
+     bits = 1;
+  }
+
+
+  /* now compute C = A * B mod b */
+  for (x = bits - 1; x < (int)DIGIT_BIT; x++) {
+    if ((res = mp_mul_2 (a, a)) != MP_OKAY) {
+      return res;
+    }
+    if (mp_cmp_mag (a, b) != MP_LT) {
+      if ((res = s_mp_sub (a, b, a)) != MP_OKAY) {
+        return res;
+      }
+    }
+  }
+
+  return MP_OKAY;
+}
+
+
+#ifdef MP_LOW_MEM
+   #define TAB_SIZE 32
+#else
+   #define TAB_SIZE 256
+#endif
+
+int s_mp_exptmod (mp_int * G, mp_int * X, mp_int * P, mp_int * Y, int redmode)
+{
+  mp_int  M[TAB_SIZE], res, mu;
+  mp_digit buf;
+  int     err, bitbuf, bitcpy, bitcnt, mode, digidx, x, y, winsize;
+  int (*redux)(mp_int*,mp_int*,mp_int*);
+
+  /* find window size */
+  x = mp_count_bits (X);
+  if (x <= 7) {
+    winsize = 2;
+  } else if (x <= 36) {
+    winsize = 3;
+  } else if (x <= 140) {
+    winsize = 4;
+  } else if (x <= 450) {
+    winsize = 5;
+  } else if (x <= 1303) {
+    winsize = 6;
+  } else if (x <= 3529) {
+    winsize = 7;
+  } else {
+    winsize = 8;
+  }
+
+#ifdef MP_LOW_MEM
+    if (winsize > 5) {
+       winsize = 5;
+    }
+#endif
+
+  /* init M array */
+  /* init first cell */
+  if ((err = mp_init(&M[1])) != MP_OKAY) {
+     return err; 
+  }
+
+  /* now init the second half of the array */
+  for (x = 1<<(winsize-1); x < (1 << winsize); x++) {
+    if ((err = mp_init(&M[x])) != MP_OKAY) {
+      for (y = 1<<(winsize-1); y < x; y++) {
+        mp_clear (&M[y]);
+      }
+      mp_clear(&M[1]);
+      return err;
+    }
+  }
+
+  /* create mu, used for Barrett reduction */
+  if ((err = mp_init (&mu)) != MP_OKAY) {
+    goto LBL_M;
+  }
+  
+  if (redmode == 0) {
+     if ((err = mp_reduce_setup (&mu, P)) != MP_OKAY) {
+        goto LBL_MU;
+     }
+     redux = mp_reduce;
+  } else {
+     if ((err = mp_reduce_2k_setup_l (P, &mu)) != MP_OKAY) {
+        goto LBL_MU;
+     }
+     redux = mp_reduce_2k_l;
+  }    
+
+  /* create M table
+   *
+   * The M table contains powers of the base, 
+   * e.g. M[x] = G**x mod P
+   *
+   * The first half of the table is not 
+   * computed though accept for M[0] and M[1]
+   */
+  if ((err = mp_mod (G, P, &M[1])) != MP_OKAY) {
+    goto LBL_MU;
+  }
+
+  /* compute the value at M[1<<(winsize-1)] by squaring 
+   * M[1] (winsize-1) times 
+   */
+  if ((err = mp_copy (&M[1], &M[(mp_digit)(1 << (winsize - 1))])) != MP_OKAY) {
+    goto LBL_MU;
+  }
+
+  for (x = 0; x < (winsize - 1); x++) {
+    /* square it */
+    if ((err = mp_sqr (&M[(mp_digit)(1 << (winsize - 1))], 
+                       &M[(mp_digit)(1 << (winsize - 1))])) != MP_OKAY) {
+      goto LBL_MU;
+    }
+
+    /* reduce modulo P */
+    if ((err = redux (&M[(mp_digit)(1 << (winsize - 1))], P, &mu)) != MP_OKAY) {
+      goto LBL_MU;
+    }
+  }
+
+  /* create upper table, that is M[x] = M[x-1] * M[1] (mod P)
+   * for x = (2**(winsize - 1) + 1) to (2**winsize - 1)
+   */
+  for (x = (1 << (winsize - 1)) + 1; x < (1 << winsize); x++) {
+    if ((err = mp_mul (&M[x - 1], &M[1], &M[x])) != MP_OKAY) {
+      goto LBL_MU;
+    }
+    if ((err = redux (&M[x], P, &mu)) != MP_OKAY) {
+      goto LBL_MU;
+    }
+  }
+
+  /* setup result */
+  if ((err = mp_init (&res)) != MP_OKAY) {
+    goto LBL_MU;
+  }
+  mp_set (&res, 1);
+
+  /* set initial mode and bit cnt */
+  mode   = 0;
+  bitcnt = 1;
+  buf    = 0;
+  digidx = X->used - 1;
+  bitcpy = 0;
+  bitbuf = 0;
+
+  for (;;) {
+    /* grab next digit as required */
+    if (--bitcnt == 0) {
+      /* if digidx == -1 we are out of digits */
+      if (digidx == -1) {
+        break;
+      }
+      /* read next digit and reset the bitcnt */
+      buf    = X->dp[digidx--];
+      bitcnt = (int) DIGIT_BIT;
+    }
+
+    /* grab the next msb from the exponent */
+    y     = (int)(buf >> (mp_digit)(DIGIT_BIT - 1)) & 1;
+    buf <<= (mp_digit)1;
+
+    /* if the bit is zero and mode == 0 then we ignore it
+     * These represent the leading zero bits before the first 1 bit
+     * in the exponent.  Technically this opt is not required but it
+     * does lower the # of trivial squaring/reductions used
+     */
+    if (mode == 0 && y == 0) {
+      continue;
+    }
+
+    /* if the bit is zero and mode == 1 then we square */
+    if (mode == 1 && y == 0) {
+      if ((err = mp_sqr (&res, &res)) != MP_OKAY) {
+        goto LBL_RES;
+      }
+      if ((err = redux (&res, P, &mu)) != MP_OKAY) {
+        goto LBL_RES;
+      }
+      continue;
+    }
+
+    /* else we add it to the window */
+    bitbuf |= (y << (winsize - ++bitcpy));
+    mode    = 2;
+
+    if (bitcpy == winsize) {
+      /* ok window is filled so square as required and multiply  */
+      /* square first */
+      for (x = 0; x < winsize; x++) {
+        if ((err = mp_sqr (&res, &res)) != MP_OKAY) {
+          goto LBL_RES;
+        }
+        if ((err = redux (&res, P, &mu)) != MP_OKAY) {
+          goto LBL_RES;
+        }
+      }
+
+      /* then multiply */
+      if ((err = mp_mul (&res, &M[bitbuf], &res)) != MP_OKAY) {
+        goto LBL_RES;
+      }
+      if ((err = redux (&res, P, &mu)) != MP_OKAY) {
+        goto LBL_RES;
+      }
+
+      /* empty window and reset */
+      bitcpy = 0;
+      bitbuf = 0;
+      mode   = 1;
+    }
+  }
+
+  /* if bits remain then square/multiply */
+  if (mode == 2 && bitcpy > 0) {
+    /* square then multiply if the bit is set */
+    for (x = 0; x < bitcpy; x++) {
+      if ((err = mp_sqr (&res, &res)) != MP_OKAY) {
+        goto LBL_RES;
+      }
+      if ((err = redux (&res, P, &mu)) != MP_OKAY) {
+        goto LBL_RES;
+      }
+
+      bitbuf <<= 1;
+      if ((bitbuf & (1 << winsize)) != 0) {
+        /* then multiply */
+        if ((err = mp_mul (&res, &M[1], &res)) != MP_OKAY) {
+          goto LBL_RES;
+        }
+        if ((err = redux (&res, P, &mu)) != MP_OKAY) {
+          goto LBL_RES;
+        }
+      }
+    }
+  }
+
+  mp_exch (&res, Y);
+  err = MP_OKAY;
+LBL_RES:mp_clear (&res);
+LBL_MU:mp_clear (&mu);
+LBL_M:
+  mp_clear(&M[1]);
+  for (x = 1<<(winsize-1); x < (1 << winsize); x++) {
+    mp_clear (&M[x]);
+  }
+  return err;
+}
+
+
+/* pre-calculate the value required for Barrett reduction
+ * For a given modulus "b" it calulates the value required in "a"
+ */
+int mp_reduce_setup (mp_int * a, mp_int * b)
+{
+  int     res;
+  
+  if ((res = mp_2expt (a, b->used * 2 * DIGIT_BIT)) != MP_OKAY) {
+    return res;
+  }
+  return mp_div (a, b, a, NULL);
+}
+
+
+/* reduces x mod m, assumes 0 < x < m**2, mu is 
+ * precomputed via mp_reduce_setup.
+ * From HAC pp.604 Algorithm 14.42
+ */
+int mp_reduce (mp_int * x, mp_int * m, mp_int * mu)
+{
+  mp_int  q;
+  int     res, um = m->used;
+
+  /* q = x */
+  if ((res = mp_init_copy (&q, x)) != MP_OKAY) {
+    return res;
+  }
+
+  /* q1 = x / b**(k-1)  */
+  mp_rshd (&q, um - 1);         
+
+  /* according to HAC this optimization is ok */
+  if (((mp_word) um) > (((mp_digit)1) << (DIGIT_BIT - 1))) {
+    if ((res = mp_mul (&q, mu, &q)) != MP_OKAY) {
+      goto CLEANUP;
+    }
+  } else {
+#ifdef BN_S_MP_MUL_HIGH_DIGS_C
+    if ((res = s_mp_mul_high_digs (&q, mu, &q, um)) != MP_OKAY) {
+      goto CLEANUP;
+    }
+#elif defined(BN_FAST_S_MP_MUL_HIGH_DIGS_C)
+    if ((res = fast_s_mp_mul_high_digs (&q, mu, &q, um)) != MP_OKAY) {
+      goto CLEANUP;
+    }
+#else 
+    { 
+      res = MP_VAL;
+      goto CLEANUP;
+    }
+#endif
+  }
+
+  /* q3 = q2 / b**(k+1) */
+  mp_rshd (&q, um + 1);         
+
+  /* x = x mod b**(k+1), quick (no division) */
+  if ((res = mp_mod_2d (x, DIGIT_BIT * (um + 1), x)) != MP_OKAY) {
+    goto CLEANUP;
+  }
+
+  /* q = q * m mod b**(k+1), quick (no division) */
+  if ((res = s_mp_mul_digs (&q, m, &q, um + 1)) != MP_OKAY) {
+    goto CLEANUP;
+  }
+
+  /* x = x - q */
+  if ((res = mp_sub (x, &q, x)) != MP_OKAY) {
+    goto CLEANUP;
+  }
+
+  /* If x < 0, add b**(k+1) to it */
+  if (mp_cmp_d (x, 0) == MP_LT) {
+    mp_set (&q, 1);
+    if ((res = mp_lshd (&q, um + 1)) != MP_OKAY)
+      goto CLEANUP;
+    if ((res = mp_add (x, &q, x)) != MP_OKAY)
+      goto CLEANUP;
+  }
+
+  /* Back off if it's too big */
+  while (mp_cmp (x, m) != MP_LT) {
+    if ((res = s_mp_sub (x, m, x)) != MP_OKAY) {
+      goto CLEANUP;
+    }
+  }
+  
+CLEANUP:
+  mp_clear (&q);
+
+  return res;
+}
+
+
+/* reduces a modulo n where n is of the form 2**p - d 
+   This differs from reduce_2k since "d" can be larger
+   than a single digit.
+*/
+int mp_reduce_2k_l(mp_int *a, mp_int *n, mp_int *d)
+{
+   mp_int q;
+   int    p, res;
+   
+   if ((res = mp_init(&q)) != MP_OKAY) {
+      return res;
+   }
+   
+   p = mp_count_bits(n);    
+top:
+   /* q = a/2**p, a = a mod 2**p */
+   if ((res = mp_div_2d(a, p, &q, a)) != MP_OKAY) {
+      goto ERR;
+   }
+   
+   /* q = q * d */
+   if ((res = mp_mul(&q, d, &q)) != MP_OKAY) { 
+      goto ERR;
+   }
+   
+   /* a = a + q */
+   if ((res = s_mp_add(a, &q, a)) != MP_OKAY) {
+      goto ERR;
+   }
+   
+   if (mp_cmp_mag(a, n) != MP_LT) {
+      s_mp_sub(a, n, a);
+      goto top;
+   }
+   
+ERR:
+   mp_clear(&q);
+   return res;
+}
+
+
+/* determines the setup value */
+int mp_reduce_2k_setup_l(mp_int *a, mp_int *d)
+{
+   int    res;
+   mp_int tmp;
+   
+   if ((res = mp_init(&tmp)) != MP_OKAY) {
+      return res;
+   }
+   
+   if ((res = mp_2expt(&tmp, mp_count_bits(a))) != MP_OKAY) {
+      goto ERR;
+   }
+   
+   if ((res = s_mp_sub(&tmp, a, d)) != MP_OKAY) {
+      goto ERR;
+   }
+   
+ERR:
+   mp_clear(&tmp);
+   return res;
+}
+
+
+/* multiplies |a| * |b| and does not compute the lower digs digits
+ * [meant to get the higher part of the product]
+ */
+int
+s_mp_mul_high_digs (mp_int * a, mp_int * b, mp_int * c, int digs)
+{
+  mp_int  t;
+  int     res, pa, pb, ix, iy;
+  mp_digit u;
+  mp_word r;
+  mp_digit tmpx, *tmpt, *tmpy;
+
+  /* can we use the fast multiplier? */
+#ifdef BN_FAST_S_MP_MUL_HIGH_DIGS_C
+  if (((a->used + b->used + 1) < MP_WARRAY)
+      && MIN (a->used, b->used) < (1 << ((CHAR_BIT * sizeof (mp_word)) - (2 * DIGIT_BIT)))) {
+    return fast_s_mp_mul_high_digs (a, b, c, digs);
+  }
+#endif
+
+  if ((res = mp_init_size (&t, a->used + b->used + 1)) != MP_OKAY) {
+    return res;
+  }
+  t.used = a->used + b->used + 1;
+
+  pa = a->used;
+  pb = b->used;
+  for (ix = 0; ix < pa; ix++) {
+    /* clear the carry */
+    u = 0;
+
+    /* left hand side of A[ix] * B[iy] */
+    tmpx = a->dp[ix];
+
+    /* alias to the address of where the digits will be stored */
+    tmpt = &(t.dp[digs]);
+
+    /* alias for where to read the right hand side from */
+    tmpy = b->dp + (digs - ix);
+
+    for (iy = digs - ix; iy < pb; iy++) {
+      /* calculate the double precision result */
+      r       = ((mp_word)*tmpt) +
+                ((mp_word)tmpx) * ((mp_word)*tmpy++) +
+                ((mp_word) u);
+
+      /* get the lower part */
+      *tmpt++ = (mp_digit) (r & ((mp_word) MP_MASK));
+
+      /* carry the carry */
+      u       = (mp_digit) (r >> ((mp_word) DIGIT_BIT));
+    }
+    *tmpt = u;
+  }
+  mp_clamp (&t);
+  mp_exch (&t, c);
+  mp_clear (&t);
+  return MP_OKAY;
+}
+
+
+/* this is a modified version of fast_s_mul_digs that only produces
+ * output digits *above* digs.  See the comments for fast_s_mul_digs
+ * to see how it works.
+ *
+ * This is used in the Barrett reduction since for one of the multiplications
+ * only the higher digits were needed.  This essentially halves the work.
+ *
+ * Based on Algorithm 14.12 on pp.595 of HAC.
+ */
+int fast_s_mp_mul_high_digs (mp_int * a, mp_int * b, mp_int * c, int digs)
+{
+  int     olduse, res, pa, ix, iz;
+#ifdef WOLFSSL_SMALL_STACK
+  mp_digit* W;    /* uses dynamic memory and slower */
+#else
+  mp_digit W[MP_WARRAY];
+#endif
+  mp_word  _W;
+
+  /* grow the destination as required */
+  pa = a->used + b->used;
+  if (c->alloc < pa) {
+    if ((res = mp_grow (c, pa)) != MP_OKAY) {
+      return res;
+    }
+  }
+
+  if (pa > MP_WARRAY)
+    return MP_RANGE;  /* TAO range check */
+  
+#ifdef WOLFSSL_SMALL_STACK
+  W = (mp_digit*)XMALLOC(sizeof(mp_digit) * MP_WARRAY, 0, DYNAMIC_TYPE_BIGINT);
+  if (W == NULL)    
+    return MP_MEM;
+#endif
+
+  /* number of output digits to produce */
+  pa = a->used + b->used;
+  _W = 0;
+  for (ix = digs; ix < pa; ix++) { 
+      int      tx, ty, iy;
+      mp_digit *tmpx, *tmpy;
+
+      /* get offsets into the two bignums */
+      ty = MIN(b->used-1, ix);
+      tx = ix - ty;
+
+      /* setup temp aliases */
+      tmpx = a->dp + tx;
+      tmpy = b->dp + ty;
+
+      /* this is the number of times the loop will iterrate, essentially its 
+         while (tx++ < a->used && ty-- >= 0) { ... }
+       */
+      iy = MIN(a->used-tx, ty+1);
+
+      /* execute loop */
+      for (iz = 0; iz < iy; iz++) {
+         _W += ((mp_word)*tmpx++)*((mp_word)*tmpy--);
+      }
+
+      /* store term */
+      W[ix] = ((mp_digit)_W) & MP_MASK;
+
+      /* make next carry */
+      _W = _W >> ((mp_word)DIGIT_BIT);
+  }
+  
+  /* setup dest */
+  olduse  = c->used;
+  c->used = pa;
+
+  {
+    register mp_digit *tmpc;
+
+    tmpc = c->dp + digs;
+    for (ix = digs; ix <= pa; ix++) {
+      /* now extract the previous digit [below the carry] */
+      *tmpc++ = W[ix];
+    }
+
+    /* clear unused digits [that existed in the old copy of c] */
+    for (; ix < olduse; ix++) {
+      *tmpc++ = 0;
+    }
+  }
+  mp_clamp (c);
+
+#ifdef WOLFSSL_SMALL_STACK
+  XFREE(W, 0, DYNAMIC_TYPE_BIGINT);
+#endif
+
+  return MP_OKAY;
+}
+
+
+/* set a 32-bit const */
+int mp_set_int (mp_int * a, unsigned long b)
+{
+  int     x, res;
+
+  mp_zero (a);
+  
+  /* set four bits at a time */
+  for (x = 0; x < 8; x++) {
+    /* shift the number up four bits */
+    if ((res = mp_mul_2d (a, 4, a)) != MP_OKAY) {
+      return res;
+    }
+
+    /* OR in the top four bits of the source */
+    a->dp[0] |= (b >> 28) & 15;
+
+    /* shift the source up to the next four bits */
+    b <<= 4;
+
+    /* ensure that digits are not clamped off */
+    a->used += 1;
+  }
+  mp_clamp (a);
+  return MP_OKAY;
+}
+
+
+#if defined(WOLFSSL_KEY_GEN) || defined(HAVE_ECC)
+
+/* c = a * a (mod b) */
+int mp_sqrmod (mp_int * a, mp_int * b, mp_int * c)
+{
+  int     res;
+  mp_int  t;
+
+  if ((res = mp_init (&t)) != MP_OKAY) {
+    return res;
+  }
+
+  if ((res = mp_sqr (a, &t)) != MP_OKAY) {
+    mp_clear (&t);
+    return res;
+  }
+  res = mp_mod (&t, b, c);
+  mp_clear (&t);
+  return res;
+}
+
+#endif
+
+
+#if defined(HAVE_ECC) || !defined(NO_PWDBASED) || defined(WOLFSSL_SNIFFER) || defined(WOLFSSL_HAVE_WOLFSCEP) || defined(WOLFSSL_KEY_GEN)
+
+/* single digit addition */
+int mp_add_d (mp_int* a, mp_digit b, mp_int* c)
+{
+  int     res, ix, oldused;
+  mp_digit *tmpa, *tmpc, mu;
+
+  /* grow c as required */
+  if (c->alloc < a->used + 1) {
+     if ((res = mp_grow(c, a->used + 1)) != MP_OKAY) {
+        return res;
+     }
+  }
+
+  /* if a is negative and |a| >= b, call c = |a| - b */
+  if (a->sign == MP_NEG && (a->used > 1 || a->dp[0] >= b)) {
+     /* temporarily fix sign of a */
+     a->sign = MP_ZPOS;
+
+     /* c = |a| - b */
+     res = mp_sub_d(a, b, c);
+
+     /* fix sign  */
+     a->sign = c->sign = MP_NEG;
+
+     /* clamp */
+     mp_clamp(c);
+
+     return res;
+  }
+
+  /* old number of used digits in c */
+  oldused = c->used;
+
+  /* sign always positive */
+  c->sign = MP_ZPOS;
+
+  /* source alias */
+  tmpa    = a->dp;
+
+  /* destination alias */
+  tmpc    = c->dp;
+
+  /* if a is positive */
+  if (a->sign == MP_ZPOS) {
+     /* add digit, after this we're propagating
+      * the carry.
+      */
+     *tmpc   = *tmpa++ + b;
+     mu      = *tmpc >> DIGIT_BIT;
+     *tmpc++ &= MP_MASK;
+
+     /* now handle rest of the digits */
+     for (ix = 1; ix < a->used; ix++) {
+        *tmpc   = *tmpa++ + mu;
+        mu      = *tmpc >> DIGIT_BIT;
+        *tmpc++ &= MP_MASK;
+     }
+     /* set final carry */
+     if (mu != 0 && ix < c->alloc) {
+        ix++;
+        *tmpc++  = mu;
+     }
+
+     /* setup size */
+     c->used = a->used + 1;
+  } else {
+     /* a was negative and |a| < b */
+     c->used  = 1;
+
+     /* the result is a single digit */
+     if (a->used == 1) {
+        *tmpc++  =  b - a->dp[0];
+     } else {
+        *tmpc++  =  b;
+     }
+
+     /* setup count so the clearing of oldused
+      * can fall through correctly
+      */
+     ix       = 1;
+  }
+
+  /* now zero to oldused */
+  while (ix++ < oldused) {
+     *tmpc++ = 0;
+  }
+  mp_clamp(c);
+
+  return MP_OKAY;
+}
+
+
+/* single digit subtraction */
+int mp_sub_d (mp_int * a, mp_digit b, mp_int * c)
+{
+  mp_digit *tmpa, *tmpc, mu;
+  int       res, ix, oldused;
+
+  /* grow c as required */
+  if (c->alloc < a->used + 1) {
+     if ((res = mp_grow(c, a->used + 1)) != MP_OKAY) {
+        return res;
+     }
+  }
+
+  /* if a is negative just do an unsigned
+   * addition [with fudged signs]
+   */
+  if (a->sign == MP_NEG) {
+     a->sign = MP_ZPOS;
+     res     = mp_add_d(a, b, c);
+     a->sign = c->sign = MP_NEG;
+
+     /* clamp */
+     mp_clamp(c);
+
+     return res;
+  }
+
+  /* setup regs */
+  oldused = c->used;
+  tmpa    = a->dp;
+  tmpc    = c->dp;
+
+  /* if a <= b simply fix the single digit */
+  if ((a->used == 1 && a->dp[0] <= b) || a->used == 0) {
+     if (a->used == 1) {
+        *tmpc++ = b - *tmpa;
+     } else {
+        *tmpc++ = b;
+     }
+     ix      = 1;
+
+     /* negative/1digit */
+     c->sign = MP_NEG;
+     c->used = 1;
+  } else {
+     /* positive/size */
+     c->sign = MP_ZPOS;
+     c->used = a->used;
+
+     /* subtract first digit */
+     *tmpc    = *tmpa++ - b;
+     mu       = *tmpc >> (sizeof(mp_digit) * CHAR_BIT - 1);
+     *tmpc++ &= MP_MASK;
+
+     /* handle rest of the digits */
+     for (ix = 1; ix < a->used; ix++) {
+        *tmpc    = *tmpa++ - mu;
+        mu       = *tmpc >> (sizeof(mp_digit) * CHAR_BIT - 1);
+        *tmpc++ &= MP_MASK;
+     }
+  }
+
+  /* zero excess digits */
+  while (ix++ < oldused) {
+     *tmpc++ = 0;
+  }
+  mp_clamp(c);
+  return MP_OKAY;
+}
+
+#endif /* defined(HAVE_ECC) || !defined(NO_PWDBASED) */
+
+
+#if defined(WOLFSSL_KEY_GEN) || defined(HAVE_COMP_KEY)
+
+static const int lnz[16] = {
+   4, 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0
+};
+
+/* Counts the number of lsbs which are zero before the first zero bit */
+int mp_cnt_lsb(mp_int *a)
+{
+    int x;
+    mp_digit q, qq;
+
+    /* easy out */
+    if (mp_iszero(a) == 1) {
+        return 0;
+    }
+
+    /* scan lower digits until non-zero */
+    for (x = 0; x < a->used && a->dp[x] == 0; x++);
+    q = a->dp[x];
+    x *= DIGIT_BIT;
+
+    /* now scan this digit until a 1 is found */
+    if ((q & 1) == 0) {
+        do {
+            qq  = q & 15;
+            x  += lnz[qq];
+            q >>= 4;
+        } while (qq == 0);
+    }
+    return x;
+}
+
+
+
+
+static int s_is_power_of_two(mp_digit b, int *p)
+{
+   int x;
+
+   /* fast return if no power of two */
+   if ((b==0) || (b & (b-1))) {
+      return 0;
+   }
+
+   for (x = 0; x < DIGIT_BIT; x++) {
+      if (b == (((mp_digit)1)<dp[0] & ((((mp_digit)1)<used)) != MP_OKAY) {
+     return res;
+  }
+  
+  q.used = a->used;
+  q.sign = a->sign;
+  w = 0;
+  for (ix = a->used - 1; ix >= 0; ix--) {
+     w = (w << ((mp_word)DIGIT_BIT)) | ((mp_word)a->dp[ix]);
+     
+     if (w >= b) {
+        t = (mp_digit)(w / b);
+        w -= ((mp_word)t) * ((mp_word)b);
+      } else {
+        t = 0;
+      }
+      q.dp[ix] = (mp_digit)t;
+  }
+  
+  if (d != NULL) {
+     *d = (mp_digit)w;
+  }
+  
+  if (c != NULL) {
+     mp_clamp(&q);
+     mp_exch(&q, c);
+  }
+  mp_clear(&q);
+  
+  return res;
+}
+
+
+int mp_mod_d (mp_int * a, mp_digit b, mp_digit * c)
+{
+  return mp_div_d(a, b, NULL, c);
+}
+
+#endif /* defined(WOLFSSL_KEY_GEN) || defined(HAVE_COMP_KEY) */
+
+#ifdef WOLFSSL_KEY_GEN
+
+const mp_digit ltm_prime_tab[] = {
+  0x0002, 0x0003, 0x0005, 0x0007, 0x000B, 0x000D, 0x0011, 0x0013,
+  0x0017, 0x001D, 0x001F, 0x0025, 0x0029, 0x002B, 0x002F, 0x0035,
+  0x003B, 0x003D, 0x0043, 0x0047, 0x0049, 0x004F, 0x0053, 0x0059,
+  0x0061, 0x0065, 0x0067, 0x006B, 0x006D, 0x0071, 0x007F,
+#ifndef MP_8BIT
+  0x0083,
+  0x0089, 0x008B, 0x0095, 0x0097, 0x009D, 0x00A3, 0x00A7, 0x00AD,
+  0x00B3, 0x00B5, 0x00BF, 0x00C1, 0x00C5, 0x00C7, 0x00D3, 0x00DF,
+  0x00E3, 0x00E5, 0x00E9, 0x00EF, 0x00F1, 0x00FB, 0x0101, 0x0107,
+  0x010D, 0x010F, 0x0115, 0x0119, 0x011B, 0x0125, 0x0133, 0x0137,
+
+  0x0139, 0x013D, 0x014B, 0x0151, 0x015B, 0x015D, 0x0161, 0x0167,
+  0x016F, 0x0175, 0x017B, 0x017F, 0x0185, 0x018D, 0x0191, 0x0199,
+  0x01A3, 0x01A5, 0x01AF, 0x01B1, 0x01B7, 0x01BB, 0x01C1, 0x01C9,
+  0x01CD, 0x01CF, 0x01D3, 0x01DF, 0x01E7, 0x01EB, 0x01F3, 0x01F7,
+  0x01FD, 0x0209, 0x020B, 0x021D, 0x0223, 0x022D, 0x0233, 0x0239,
+  0x023B, 0x0241, 0x024B, 0x0251, 0x0257, 0x0259, 0x025F, 0x0265,
+  0x0269, 0x026B, 0x0277, 0x0281, 0x0283, 0x0287, 0x028D, 0x0293,
+  0x0295, 0x02A1, 0x02A5, 0x02AB, 0x02B3, 0x02BD, 0x02C5, 0x02CF,
+
+  0x02D7, 0x02DD, 0x02E3, 0x02E7, 0x02EF, 0x02F5, 0x02F9, 0x0301,
+  0x0305, 0x0313, 0x031D, 0x0329, 0x032B, 0x0335, 0x0337, 0x033B,
+  0x033D, 0x0347, 0x0355, 0x0359, 0x035B, 0x035F, 0x036D, 0x0371,
+  0x0373, 0x0377, 0x038B, 0x038F, 0x0397, 0x03A1, 0x03A9, 0x03AD,
+  0x03B3, 0x03B9, 0x03C7, 0x03CB, 0x03D1, 0x03D7, 0x03DF, 0x03E5,
+  0x03F1, 0x03F5, 0x03FB, 0x03FD, 0x0407, 0x0409, 0x040F, 0x0419,
+  0x041B, 0x0425, 0x0427, 0x042D, 0x043F, 0x0443, 0x0445, 0x0449,
+  0x044F, 0x0455, 0x045D, 0x0463, 0x0469, 0x047F, 0x0481, 0x048B,
+
+  0x0493, 0x049D, 0x04A3, 0x04A9, 0x04B1, 0x04BD, 0x04C1, 0x04C7,
+  0x04CD, 0x04CF, 0x04D5, 0x04E1, 0x04EB, 0x04FD, 0x04FF, 0x0503,
+  0x0509, 0x050B, 0x0511, 0x0515, 0x0517, 0x051B, 0x0527, 0x0529,
+  0x052F, 0x0551, 0x0557, 0x055D, 0x0565, 0x0577, 0x0581, 0x058F,
+  0x0593, 0x0595, 0x0599, 0x059F, 0x05A7, 0x05AB, 0x05AD, 0x05B3,
+  0x05BF, 0x05C9, 0x05CB, 0x05CF, 0x05D1, 0x05D5, 0x05DB, 0x05E7,
+  0x05F3, 0x05FB, 0x0607, 0x060D, 0x0611, 0x0617, 0x061F, 0x0623,
+  0x062B, 0x062F, 0x063D, 0x0641, 0x0647, 0x0649, 0x064D, 0x0653
+#endif
+};
+
+
+/* Miller-Rabin test of "a" to the base of "b" as described in 
+ * HAC pp. 139 Algorithm 4.24
+ *
+ * Sets result to 0 if definitely composite or 1 if probably prime.
+ * Randomly the chance of error is no more than 1/4 and often 
+ * very much lower.
+ */
+static int mp_prime_miller_rabin (mp_int * a, mp_int * b, int *result)
+{
+  mp_int  n1, y, r;
+  int     s, j, err;
+
+  /* default */
+  *result = MP_NO;
+
+  /* ensure b > 1 */
+  if (mp_cmp_d(b, 1) != MP_GT) {
+     return MP_VAL;
+  }     
+
+  /* get n1 = a - 1 */
+  if ((err = mp_init_copy (&n1, a)) != MP_OKAY) {
+    return err;
+  }
+  if ((err = mp_sub_d (&n1, 1, &n1)) != MP_OKAY) {
+    goto LBL_N1;
+  }
+
+  /* set 2**s * r = n1 */
+  if ((err = mp_init_copy (&r, &n1)) != MP_OKAY) {
+    goto LBL_N1;
+  }
+
+  /* count the number of least significant bits
+   * which are zero
+   */
+  s = mp_cnt_lsb(&r);
+
+  /* now divide n - 1 by 2**s */
+  if ((err = mp_div_2d (&r, s, &r, NULL)) != MP_OKAY) {
+    goto LBL_R;
+  }
+
+  /* compute y = b**r mod a */
+  if ((err = mp_init (&y)) != MP_OKAY) {
+    goto LBL_R;
+  }
+  if ((err = mp_exptmod (b, &r, a, &y)) != MP_OKAY) {
+    goto LBL_Y;
+  }
+
+  /* if y != 1 and y != n1 do */
+  if (mp_cmp_d (&y, 1) != MP_EQ && mp_cmp (&y, &n1) != MP_EQ) {
+    j = 1;
+    /* while j <= s-1 and y != n1 */
+    while ((j <= (s - 1)) && mp_cmp (&y, &n1) != MP_EQ) {
+      if ((err = mp_sqrmod (&y, a, &y)) != MP_OKAY) {
+         goto LBL_Y;
+      }
+
+      /* if y == 1 then composite */
+      if (mp_cmp_d (&y, 1) == MP_EQ) {
+         goto LBL_Y;
+      }
+
+      ++j;
+    }
+
+    /* if y != n1 then composite */
+    if (mp_cmp (&y, &n1) != MP_EQ) {
+      goto LBL_Y;
+    }
+  }
+
+  /* probably prime now */
+  *result = MP_YES;
+LBL_Y:mp_clear (&y);
+LBL_R:mp_clear (&r);
+LBL_N1:mp_clear (&n1);
+  return err;
+}
+
+
+/* determines if an integers is divisible by one 
+ * of the first PRIME_SIZE primes or not
+ *
+ * sets result to 0 if not, 1 if yes
+ */
+static int mp_prime_is_divisible (mp_int * a, int *result)
+{
+  int     err, ix;
+  mp_digit res;
+
+  /* default to not */
+  *result = MP_NO;
+
+  for (ix = 0; ix < PRIME_SIZE; ix++) {
+    /* what is a mod LBL_prime_tab[ix] */
+    if ((err = mp_mod_d (a, ltm_prime_tab[ix], &res)) != MP_OKAY) {
+      return err;
+    }
+
+    /* is the residue zero? */
+    if (res == 0) {
+      *result = MP_YES;
+      return MP_OKAY;
+    }
+  }
+
+  return MP_OKAY;
+}
+
+
+/*
+ * Sets result to 1 if probably prime, 0 otherwise
+ */
+int mp_prime_is_prime (mp_int * a, int t, int *result)
+{
+  mp_int  b;
+  int     ix, err, res;
+
+  /* default to no */
+  *result = MP_NO;
+
+  /* valid value of t? */
+  if (t <= 0 || t > PRIME_SIZE) {
+    return MP_VAL;
+  }
+
+  /* is the input equal to one of the primes in the table? */
+  for (ix = 0; ix < PRIME_SIZE; ix++) {
+      if (mp_cmp_d(a, ltm_prime_tab[ix]) == MP_EQ) {
+         *result = 1;
+         return MP_OKAY;
+      }
+  }
+
+  /* first perform trial division */
+  if ((err = mp_prime_is_divisible (a, &res)) != MP_OKAY) {
+    return err;
+  }
+
+  /* return if it was trivially divisible */
+  if (res == MP_YES) {
+    return MP_OKAY;
+  }
+
+  /* now perform the miller-rabin rounds */
+  if ((err = mp_init (&b)) != MP_OKAY) {
+    return err;
+  }
+
+  for (ix = 0; ix < t; ix++) {
+    /* set the prime */
+    mp_set (&b, ltm_prime_tab[ix]);
+
+    if ((err = mp_prime_miller_rabin (a, &b, &res)) != MP_OKAY) {
+      goto LBL_B;
+    }
+
+    if (res == MP_NO) {
+      goto LBL_B;
+    }
+  }
+
+  /* passed the test */
+  *result = MP_YES;
+LBL_B:mp_clear (&b);
+  return err;
+}
+
+
+/* computes least common multiple as |a*b|/(a, b) */
+int mp_lcm (mp_int * a, mp_int * b, mp_int * c)
+{
+  int     res;
+  mp_int  t1, t2;
+
+
+  if ((res = mp_init_multi (&t1, &t2, NULL, NULL, NULL, NULL)) != MP_OKAY) {
+    return res;
+  }
+
+  /* t1 = get the GCD of the two inputs */
+  if ((res = mp_gcd (a, b, &t1)) != MP_OKAY) {
+    goto LBL_T;
+  }
+
+  /* divide the smallest by the GCD */
+  if (mp_cmp_mag(a, b) == MP_LT) {
+     /* store quotient in t2 such that t2 * b is the LCM */
+     if ((res = mp_div(a, &t1, &t2, NULL)) != MP_OKAY) {
+        goto LBL_T;
+     }
+     res = mp_mul(b, &t2, c);
+  } else {
+     /* store quotient in t2 such that t2 * a is the LCM */
+     if ((res = mp_div(b, &t1, &t2, NULL)) != MP_OKAY) {
+        goto LBL_T;
+     }
+     res = mp_mul(a, &t2, c);
+  }
+
+  /* fix the sign to positive */
+  c->sign = MP_ZPOS;
+
+LBL_T:
+  mp_clear(&t1);
+  mp_clear(&t2);
+  return res;
+}
+
+
+
+/* Greatest Common Divisor using the binary method */
+int mp_gcd (mp_int * a, mp_int * b, mp_int * c)
+{
+    mp_int  u, v;
+    int     k, u_lsb, v_lsb, res;
+
+    /* either zero than gcd is the largest */
+    if (mp_iszero (a) == MP_YES) {
+        return mp_abs (b, c);
+    }
+    if (mp_iszero (b) == MP_YES) {
+        return mp_abs (a, c);
+    }
+
+    /* get copies of a and b we can modify */
+    if ((res = mp_init_copy (&u, a)) != MP_OKAY) {
+        return res;
+    }
+
+    if ((res = mp_init_copy (&v, b)) != MP_OKAY) {
+        goto LBL_U;
+    }
+
+    /* must be positive for the remainder of the algorithm */
+    u.sign = v.sign = MP_ZPOS;
+
+    /* B1.  Find the common power of two for u and v */
+    u_lsb = mp_cnt_lsb(&u);
+    v_lsb = mp_cnt_lsb(&v);
+    k     = MIN(u_lsb, v_lsb);
+
+    if (k > 0) {
+        /* divide the power of two out */
+        if ((res = mp_div_2d(&u, k, &u, NULL)) != MP_OKAY) {
+            goto LBL_V;
+        }
+
+        if ((res = mp_div_2d(&v, k, &v, NULL)) != MP_OKAY) {
+            goto LBL_V;
+        }
+    }
+
+    /* divide any remaining factors of two out */
+    if (u_lsb != k) {
+        if ((res = mp_div_2d(&u, u_lsb - k, &u, NULL)) != MP_OKAY) {
+            goto LBL_V;
+        }
+    }
+
+    if (v_lsb != k) {
+        if ((res = mp_div_2d(&v, v_lsb - k, &v, NULL)) != MP_OKAY) {
+            goto LBL_V;
+        }
+    }
+
+    while (mp_iszero(&v) == 0) {
+        /* make sure v is the largest */
+        if (mp_cmp_mag(&u, &v) == MP_GT) {
+            /* swap u and v to make sure v is >= u */
+            mp_exch(&u, &v);
+        }
+     
+        /* subtract smallest from largest */
+        if ((res = s_mp_sub(&v, &u, &v)) != MP_OKAY) {
+            goto LBL_V;
+        }
+     
+        /* Divide out all factors of two */
+        if ((res = mp_div_2d(&v, mp_cnt_lsb(&v), &v, NULL)) != MP_OKAY) {
+            goto LBL_V;
+        } 
+    } 
+
+    /* multiply by 2**k which we divided out at the beginning */
+    if ((res = mp_mul_2d (&u, k, c)) != MP_OKAY) {
+        goto LBL_V;
+    }
+    c->sign = MP_ZPOS;
+    res = MP_OKAY;
+LBL_V:mp_clear (&u);
+LBL_U:mp_clear (&v);
+    return res;
+}
+
+
+
+#endif /* WOLFSSL_KEY_GEN */
+
+
+#ifdef HAVE_ECC
+
+/* chars used in radix conversions */
+const char *mp_s_rmap = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz+/";
+
+/* read a string [ASCII] in a given radix */
+int mp_read_radix (mp_int * a, const char *str, int radix)
+{
+  int     y, res, neg;
+  char    ch;
+
+  /* zero the digit bignum */
+  mp_zero(a);
+
+  /* make sure the radix is ok */
+  if (radix < 2 || radix > 64) {
+    return MP_VAL;
+  }
+
+  /* if the leading digit is a 
+   * minus set the sign to negative. 
+   */
+  if (*str == '-') {
+    ++str;
+    neg = MP_NEG;
+  } else {
+    neg = MP_ZPOS;
+  }
+
+  /* set the integer to the default of zero */
+  mp_zero (a);
+  
+  /* process each digit of the string */
+  while (*str) {
+    /* if the radix < 36 the conversion is case insensitive
+     * this allows numbers like 1AB and 1ab to represent the same  value
+     * [e.g. in hex]
+     */
+    ch = (char) ((radix < 36) ? XTOUPPER(*str) : *str);
+    for (y = 0; y < 64; y++) {
+      if (ch == mp_s_rmap[y]) {
+         break;
+      }
+    }
+
+    /* if the char was found in the map 
+     * and is less than the given radix add it
+     * to the number, otherwise exit the loop. 
+     */
+    if (y < radix) {
+      if ((res = mp_mul_d (a, (mp_digit) radix, a)) != MP_OKAY) {
+         return res;
+      }
+      if ((res = mp_add_d (a, (mp_digit) y, a)) != MP_OKAY) {
+         return res;
+      }
+    } else {
+      break;
+    }
+    ++str;
+  }
+  
+  /* set the sign only if a != 0 */
+  if (mp_iszero(a) != 1) {
+     a->sign = neg;
+  }
+  return MP_OKAY;
+}
+
+#endif /* HAVE_ECC */
+
+#endif /* USE_FAST_MATH */
+
+#endif /* NO_BIG_INT */
+
diff --git a/3P/wolfssl/wolfcrypt/src/logging.c b/3P/wolfssl/wolfcrypt/src/logging.c
new file mode 100644
index 00000000..32153061
--- /dev/null
+++ b/3P/wolfssl/wolfcrypt/src/logging.c
@@ -0,0 +1,162 @@
+/* logging.c
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+#ifdef HAVE_CONFIG_H
+    #include 
+#endif
+
+#include 
+
+/* submitted by eof */
+
+#include 
+#include 
+
+
+#ifdef __cplusplus
+    extern "C" {
+#endif
+    WOLFSSL_API int  wolfSSL_Debugging_ON(void);
+    WOLFSSL_API void wolfSSL_Debugging_OFF(void);
+#ifdef __cplusplus
+    } 
+#endif
+
+
+#ifdef DEBUG_WOLFSSL
+
+/* Set these to default values initially. */
+static wolfSSL_Logging_cb log_function = 0;
+static int loggingEnabled = 0;
+
+#endif /* DEBUG_WOLFSSL */
+
+
+int wolfSSL_SetLoggingCb(wolfSSL_Logging_cb f)
+{
+#ifdef DEBUG_WOLFSSL
+    int res = 0;
+
+    if (f)
+        log_function = f;
+    else
+        res = BAD_FUNC_ARG;
+
+    return res;
+#else
+    (void)f;
+    return NOT_COMPILED_IN;
+#endif
+}
+
+
+int wolfSSL_Debugging_ON(void)
+{
+#ifdef DEBUG_WOLFSSL
+    loggingEnabled = 1;
+    return 0;
+#else
+    return NOT_COMPILED_IN;
+#endif
+}
+
+
+void wolfSSL_Debugging_OFF(void)
+{
+#ifdef DEBUG_WOLFSSL
+    loggingEnabled = 0;
+#endif
+}
+
+
+#ifdef DEBUG_WOLFSSL
+
+#ifdef FREESCALE_MQX
+    #include 
+#else
+    #include    /* for default printf stuff */
+#endif
+
+#ifdef THREADX
+    int dc_log_printf(char*, ...);
+#endif
+
+static void wolfssl_log(const int logLevel, const char *const logMessage)
+{
+    if (log_function)
+        log_function(logLevel, logMessage);
+    else {
+        if (loggingEnabled) {
+#ifdef THREADX
+            dc_log_printf("%s\n", logMessage);
+#elif defined(MICRIUM)
+        #if (NET_SECURE_MGR_CFG_EN == DEF_ENABLED)
+            NetSecure_TraceOut((CPU_CHAR *)logMessage);
+        #endif
+#elif defined(WOLFSSL_MDK_ARM)
+            fflush(stdout) ;
+            printf("%s\n", logMessage);
+            fflush(stdout) ;
+#else
+            fprintf(stderr, "%s\n", logMessage);
+#endif
+        }
+    }
+}
+
+
+void WOLFSSL_MSG(const char* msg)
+{
+    if (loggingEnabled)
+        wolfssl_log(INFO_LOG , msg);
+}
+
+
+void WOLFSSL_ENTER(const char* msg)
+{
+    if (loggingEnabled) {
+        char buffer[80];
+        sprintf(buffer, "wolfSSL Entering %s", msg);
+        wolfssl_log(ENTER_LOG , buffer);
+    }
+}
+
+
+void WOLFSSL_LEAVE(const char* msg, int ret)
+{
+    if (loggingEnabled) {
+        char buffer[80];
+        sprintf(buffer, "wolfSSL Leaving %s, return %d", msg, ret);
+        wolfssl_log(LEAVE_LOG , buffer);
+    }
+}
+
+
+void WOLFSSL_ERROR(int error)
+{
+    if (loggingEnabled) {
+        char buffer[80];
+        sprintf(buffer, "wolfSSL error occured, error = %d", error);
+        wolfssl_log(ERROR_LOG , buffer);
+    }
+}
+
+#endif  /* DEBUG_WOLFSSL */
diff --git a/3P/wolfssl/wolfcrypt/src/md2.c b/3P/wolfssl/wolfcrypt/src/md2.c
new file mode 100644
index 00000000..ce4e424b
--- /dev/null
+++ b/3P/wolfssl/wolfcrypt/src/md2.c
@@ -0,0 +1,160 @@
+/* md2.c
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#ifdef HAVE_CONFIG_H
+    #include 
+#endif
+
+#include 
+
+#ifdef WOLFSSL_MD2
+
+#include 
+#include 
+
+#ifdef NO_INLINE
+    #include 
+#else
+    #include 
+#endif
+
+
+void wc_InitMd2(Md2* md2)
+{
+    XMEMSET(md2->X, 0, MD2_X_SIZE);
+    XMEMSET(md2->C, 0, MD2_BLOCK_SIZE);
+    XMEMSET(md2->buffer, 0, MD2_BLOCK_SIZE);
+    md2->count = 0;
+}
+
+
+void wc_Md2Update(Md2* md2, const byte* data, word32 len)
+{
+    static const byte S[256] = 
+    {
+        41, 46, 67, 201, 162, 216, 124, 1, 61, 54, 84, 161, 236, 240, 6,
+        19, 98, 167, 5, 243, 192, 199, 115, 140, 152, 147, 43, 217, 188,
+        76, 130, 202, 30, 155, 87, 60, 253, 212, 224, 22, 103, 66, 111, 24,
+        138, 23, 229, 18, 190, 78, 196, 214, 218, 158, 222, 73, 160, 251,
+        245, 142, 187, 47, 238, 122, 169, 104, 121, 145, 21, 178, 7, 63,
+        148, 194, 16, 137, 11, 34, 95, 33, 128, 127, 93, 154, 90, 144, 50,
+        39, 53, 62, 204, 231, 191, 247, 151, 3, 255, 25, 48, 179, 72, 165,
+        181, 209, 215, 94, 146, 42, 172, 86, 170, 198, 79, 184, 56, 210,
+        150, 164, 125, 182, 118, 252, 107, 226, 156, 116, 4, 241, 69, 157,
+        112, 89, 100, 113, 135, 32, 134, 91, 207, 101, 230, 45, 168, 2, 27,
+        96, 37, 173, 174, 176, 185, 246, 28, 70, 97, 105, 52, 64, 126, 15,
+        85, 71, 163, 35, 221, 81, 175, 58, 195, 92, 249, 206, 186, 197,
+        234, 38, 44, 83, 13, 110, 133, 40, 132, 9, 211, 223, 205, 244, 65,
+        129, 77, 82, 106, 220, 55, 200, 108, 193, 171, 250, 36, 225, 123,
+        8, 12, 189, 177, 74, 120, 136, 149, 139, 227, 99, 232, 109, 233,
+        203, 213, 254, 59, 0, 29, 57, 242, 239, 183, 14, 102, 88, 208, 228,
+        166, 119, 114, 248, 235, 117, 75, 10, 49, 68, 80, 180, 143, 237,
+        31, 26, 219, 153, 141, 51, 159, 17, 131, 20
+    };
+
+    while (len) {
+        word32 L = (MD2_PAD_SIZE - md2->count) < len ?
+                   (MD2_PAD_SIZE - md2->count) : len;
+        XMEMCPY(md2->buffer + md2->count, data, L);
+        md2->count += L;
+        data += L;
+        len  -= L;
+
+        if (md2->count == MD2_PAD_SIZE) {
+            int  i;
+            byte t;
+
+            md2->count = 0;
+            XMEMCPY(md2->X + MD2_PAD_SIZE, md2->buffer, MD2_PAD_SIZE);
+            t = md2->C[15];
+
+            for(i = 0; i < MD2_PAD_SIZE; i++) {
+                md2->X[32 + i] = md2->X[MD2_PAD_SIZE + i] ^ md2->X[i];
+                t = md2->C[i] ^= S[md2->buffer[i] ^ t];
+            }
+
+            t=0;
+            for(i = 0; i < 18; i++) {
+                int j;
+                for(j = 0; j < MD2_X_SIZE; j += 8) {
+                    t = md2->X[j+0] ^= S[t];
+                    t = md2->X[j+1] ^= S[t];
+                    t = md2->X[j+2] ^= S[t];
+                    t = md2->X[j+3] ^= S[t];
+                    t = md2->X[j+4] ^= S[t];
+                    t = md2->X[j+5] ^= S[t];
+                    t = md2->X[j+6] ^= S[t];
+                    t = md2->X[j+7] ^= S[t];
+                }
+                t = (t + i) & 0xFF;
+            }
+        }
+    }
+}
+
+
+void wc_Md2Final(Md2* md2, byte* hash)
+{
+    byte   padding[MD2_BLOCK_SIZE];
+    word32 padLen = MD2_PAD_SIZE - md2->count;
+    word32 i;
+
+    for (i = 0; i < padLen; i++)
+        padding[i] = (byte)padLen;
+
+    wc_Md2Update(md2, padding, padLen);
+    wc_Md2Update(md2, md2->C, MD2_BLOCK_SIZE);
+
+    XMEMCPY(hash, md2->X, MD2_DIGEST_SIZE);
+
+    wc_InitMd2(md2);
+}
+
+
+int wc_Md2Hash(const byte* data, word32 len, byte* hash)
+{
+#ifdef WOLFSSL_SMALL_STACK
+    Md2* md2;
+#else
+    Md2 md2[1];
+#endif
+
+#ifdef WOLFSSL_SMALL_STACK
+    md2 = (Md2*)XMALLOC(sizeof(Md2), NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    if (md2 == NULL)
+        return MEMORY_E;
+#endif
+
+    wc_InitMd2(md2);
+    wc_Md2Update(md2, data, len);
+    wc_Md2Final(md2, hash);
+
+#ifdef WOLFSSL_SMALL_STACK
+    XFREE(md2, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+
+    return 0;
+}
+
+
+#endif /* WOLFSSL_MD2 */
+
diff --git a/3P/wolfssl/wolfcrypt/src/md4.c b/3P/wolfssl/wolfcrypt/src/md4.c
new file mode 100644
index 00000000..720627fb
--- /dev/null
+++ b/3P/wolfssl/wolfcrypt/src/md4.c
@@ -0,0 +1,219 @@
+/* md4.c
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+#ifdef HAVE_CONFIG_H
+    #include 
+#endif
+
+#include 
+
+#ifndef NO_MD4
+
+#include 
+#ifdef NO_INLINE
+    #include 
+#else
+    #include 
+#endif
+
+
+#ifndef min
+
+    static INLINE word32 min(word32 a, word32 b)
+    {
+        return a > b ? b : a;
+    }
+
+#endif /* min */
+
+
+void wc_InitMd4(Md4* md4)
+{
+    md4->digest[0] = 0x67452301L;
+    md4->digest[1] = 0xefcdab89L;
+    md4->digest[2] = 0x98badcfeL;
+    md4->digest[3] = 0x10325476L;
+
+    md4->buffLen = 0;
+    md4->loLen   = 0;
+    md4->hiLen   = 0;
+}
+
+
+static void Transform(Md4* md4)
+{
+#define F(x, y, z) ((z) ^ ((x) & ((y) ^ (z))))
+#define G(x, y, z) (((x) & (y)) | ((x) & (z)) | ((y) & (z)))
+#define H(x, y, z) ((x) ^ (y) ^ (z))
+
+    /* Copy context->state[] to working vars  */
+    word32 A = md4->digest[0];
+    word32 B = md4->digest[1];
+    word32 C = md4->digest[2];
+    word32 D = md4->digest[3];
+
+#define function(a,b,c,d,k,s) a=rotlFixed(a+F(b,c,d)+md4->buffer[k],s);
+    function(A,B,C,D, 0, 3);
+    function(D,A,B,C, 1, 7);
+    function(C,D,A,B, 2,11);
+    function(B,C,D,A, 3,19);
+    function(A,B,C,D, 4, 3);
+    function(D,A,B,C, 5, 7);
+    function(C,D,A,B, 6,11);
+    function(B,C,D,A, 7,19);
+    function(A,B,C,D, 8, 3);
+    function(D,A,B,C, 9, 7);
+    function(C,D,A,B,10,11);
+    function(B,C,D,A,11,19);
+    function(A,B,C,D,12, 3);
+    function(D,A,B,C,13, 7);
+    function(C,D,A,B,14,11);
+    function(B,C,D,A,15,19);
+
+#undef function	  
+#define function(a,b,c,d,k,s) \
+    a=rotlFixed(a+G(b,c,d)+md4->buffer[k]+0x5a827999,s);
+
+    function(A,B,C,D, 0, 3);
+    function(D,A,B,C, 4, 5);
+    function(C,D,A,B, 8, 9);
+    function(B,C,D,A,12,13);
+    function(A,B,C,D, 1, 3);
+    function(D,A,B,C, 5, 5);
+    function(C,D,A,B, 9, 9);
+    function(B,C,D,A,13,13);
+    function(A,B,C,D, 2, 3);
+    function(D,A,B,C, 6, 5);
+    function(C,D,A,B,10, 9);
+    function(B,C,D,A,14,13);
+    function(A,B,C,D, 3, 3);
+    function(D,A,B,C, 7, 5);
+    function(C,D,A,B,11, 9);
+    function(B,C,D,A,15,13);
+
+#undef function	 
+#define function(a,b,c,d,k,s) \
+    a=rotlFixed(a+H(b,c,d)+md4->buffer[k]+0x6ed9eba1,s);
+
+    function(A,B,C,D, 0, 3);
+    function(D,A,B,C, 8, 9);
+    function(C,D,A,B, 4,11);
+    function(B,C,D,A,12,15);
+    function(A,B,C,D, 2, 3);
+    function(D,A,B,C,10, 9);
+    function(C,D,A,B, 6,11);
+    function(B,C,D,A,14,15);
+    function(A,B,C,D, 1, 3);
+    function(D,A,B,C, 9, 9);
+    function(C,D,A,B, 5,11);
+    function(B,C,D,A,13,15);
+    function(A,B,C,D, 3, 3);
+    function(D,A,B,C,11, 9);
+    function(C,D,A,B, 7,11);
+    function(B,C,D,A,15,15);
+    
+    /* Add the working vars back into digest state[]  */
+    md4->digest[0] += A;
+    md4->digest[1] += B;
+    md4->digest[2] += C;
+    md4->digest[3] += D;
+}
+
+
+static INLINE void AddLength(Md4* md4, word32 len)
+{
+    word32 tmp = md4->loLen;
+    if ( (md4->loLen += len) < tmp)
+        md4->hiLen++;                       /* carry low to high */
+}
+
+
+void wc_Md4Update(Md4* md4, const byte* data, word32 len)
+{
+    /* do block size increments */
+    byte* local = (byte*)md4->buffer;
+
+    while (len) {
+        word32 add = min(len, MD4_BLOCK_SIZE - md4->buffLen);
+        XMEMCPY(&local[md4->buffLen], data, add);
+
+        md4->buffLen += add;
+        data         += add;
+        len          -= add;
+
+        if (md4->buffLen == MD4_BLOCK_SIZE) {
+            #ifdef BIG_ENDIAN_ORDER
+                ByteReverseWords(md4->buffer, md4->buffer, MD4_BLOCK_SIZE);
+            #endif
+            Transform(md4);
+            AddLength(md4, MD4_BLOCK_SIZE);
+            md4->buffLen = 0;
+        }
+    }
+}
+
+
+void wc_Md4Final(Md4* md4, byte* hash)
+{
+    byte* local = (byte*)md4->buffer;
+
+    AddLength(md4, md4->buffLen);               /* before adding pads */
+
+    local[md4->buffLen++] = 0x80;  /* add 1 */
+
+    /* pad with zeros */
+    if (md4->buffLen > MD4_PAD_SIZE) {
+        XMEMSET(&local[md4->buffLen], 0, MD4_BLOCK_SIZE - md4->buffLen);
+        md4->buffLen += MD4_BLOCK_SIZE - md4->buffLen;
+
+        #ifdef BIG_ENDIAN_ORDER
+            ByteReverseWords(md4->buffer, md4->buffer, MD4_BLOCK_SIZE);
+        #endif
+        Transform(md4);
+        md4->buffLen = 0;
+    }
+    XMEMSET(&local[md4->buffLen], 0, MD4_PAD_SIZE - md4->buffLen);
+   
+    /* put lengths in bits */
+    md4->hiLen = (md4->loLen >> (8*sizeof(md4->loLen) - 3)) + 
+                 (md4->hiLen << 3);
+    md4->loLen = md4->loLen << 3;
+
+    /* store lengths */
+    #ifdef BIG_ENDIAN_ORDER
+        ByteReverseWords(md4->buffer, md4->buffer, MD4_BLOCK_SIZE);
+    #endif
+    /* ! length ordering dependent on digest endian type ! */
+    XMEMCPY(&local[MD4_PAD_SIZE], &md4->loLen, sizeof(word32));
+    XMEMCPY(&local[MD4_PAD_SIZE + sizeof(word32)], &md4->hiLen, sizeof(word32));
+
+    Transform(md4);
+    #ifdef BIG_ENDIAN_ORDER
+        ByteReverseWords(md4->digest, md4->digest, MD4_DIGEST_SIZE);
+    #endif
+    XMEMCPY(hash, md4->digest, MD4_DIGEST_SIZE);
+
+    wc_InitMd4(md4);  /* reset state */
+}
+
+
+#endif /* NO_MD4 */
+
diff --git a/3P/wolfssl/wolfcrypt/src/md5.c b/3P/wolfssl/wolfcrypt/src/md5.c
new file mode 100644
index 00000000..b7affcf0
--- /dev/null
+++ b/3P/wolfssl/wolfcrypt/src/md5.c
@@ -0,0 +1,391 @@
+/* md5.c
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#ifdef HAVE_CONFIG_H
+    #include 
+#endif
+
+#include 
+
+#if !defined(NO_MD5)
+
+#ifdef WOLFSSL_PIC32MZ_HASH
+#define wc_InitMd5   wc_InitMd5_sw
+#define wc_Md5Update wc_Md5Update_sw
+#define wc_Md5Final  wc_Md5Final_sw
+#endif
+
+#include 
+#include 
+
+#ifdef NO_INLINE
+    #include 
+#else
+    #include 
+#endif
+
+#ifdef FREESCALE_MMCAU
+    #include "cau_api.h"
+    #define XTRANSFORM(S,B)  cau_md5_hash_n((B), 1, (unsigned char*)(S)->digest)
+#else
+    #define XTRANSFORM(S,B)  Transform((S))
+#endif
+
+
+#ifdef STM32F2_HASH
+    /*
+     * STM32F2 hardware MD5 support through the STM32F2 standard peripheral
+     * library. Documentation located in STM32F2xx Standard Peripheral Library
+     * document (See note in README).
+     */
+    #include "stm32f2xx.h"
+
+    void wc_InitMd5(Md5* md5)
+    {
+        /* STM32F2 struct notes:
+         * md5->buffer  = first 4 bytes used to hold partial block if needed 
+         * md5->buffLen = num bytes currently stored in md5->buffer
+         * md5->loLen   = num bytes that have been written to STM32 FIFO
+         */
+        XMEMSET(md5->buffer, 0, MD5_REG_SIZE);
+			
+        md5->buffLen = 0;
+        md5->loLen = 0;
+
+        /* initialize HASH peripheral */
+        HASH_DeInit();
+
+        /* configure algo used, algo mode, datatype */
+        HASH->CR &= ~ (HASH_CR_ALGO | HASH_CR_DATATYPE | HASH_CR_MODE);
+        HASH->CR |= (HASH_AlgoSelection_MD5 | HASH_AlgoMode_HASH 
+                 | HASH_DataType_8b);
+
+        /* reset HASH processor */
+        HASH->CR |= HASH_CR_INIT;
+    }
+
+    void wc_Md5Update(Md5* md5, const byte* data, word32 len)
+    {
+        word32 i = 0;
+        word32 fill = 0;
+        word32 diff = 0;
+
+        /* if saved partial block is available */
+        if (md5->buffLen > 0) {
+            fill = 4 - md5->buffLen;
+
+            /* if enough data to fill, fill and push to FIFO */
+            if (fill <= len) {
+                XMEMCPY((byte*)md5->buffer + md5->buffLen, data, fill);
+                HASH_DataIn(*(uint32_t*)md5->buffer);
+
+                data += fill;
+                len -= fill;
+                md5->loLen += 4;
+                md5->buffLen = 0;
+            } else {
+                /* append partial to existing stored block */
+                XMEMCPY((byte*)md5->buffer + md5->buffLen, data, len);
+                md5->buffLen += len;
+                return;
+            }
+        }
+
+        /* write input block in the IN FIFO */
+        for (i = 0; i < len; i += 4)
+        {
+            diff = len - i;
+            if (diff < 4) {
+                /* store incomplete last block, not yet in FIFO */
+                XMEMSET(md5->buffer, 0, MD5_REG_SIZE);
+                XMEMCPY((byte*)md5->buffer, data, diff);
+                md5->buffLen = diff;
+            } else {
+                HASH_DataIn(*(uint32_t*)data);
+                data+=4;
+            }
+        }
+
+        /* keep track of total data length thus far */
+        md5->loLen += (len - md5->buffLen);
+    }
+
+    void wc_Md5Final(Md5* md5, byte* hash)
+    {
+        __IO uint16_t nbvalidbitsdata = 0;
+
+        /* finish reading any trailing bytes into FIFO */
+        if (md5->buffLen > 0) {
+            HASH_DataIn(*(uint32_t*)md5->buffer);
+            md5->loLen += md5->buffLen;
+        }
+
+        /* calculate number of valid bits in last word of input data */
+        nbvalidbitsdata = 8 * (md5->loLen % MD5_REG_SIZE);
+
+        /* configure number of valid bits in last word of the data */
+        HASH_SetLastWordValidBitsNbr(nbvalidbitsdata);
+
+        /* start HASH processor */
+        HASH_StartDigest();
+
+        /* wait until Busy flag == RESET */
+        while (HASH_GetFlagStatus(HASH_FLAG_BUSY) != RESET) {}
+        
+        /* read message digest */
+        md5->digest[0] = HASH->HR[0];
+        md5->digest[1] = HASH->HR[1];
+        md5->digest[2] = HASH->HR[2];
+        md5->digest[3] = HASH->HR[3];
+
+        ByteReverseWords(md5->digest, md5->digest, MD5_DIGEST_SIZE);
+
+        XMEMCPY(hash, md5->digest, MD5_DIGEST_SIZE);
+
+        wc_InitMd5(md5);  /* reset state */
+    }
+
+#else /* CTaoCrypt software implementation */
+
+#ifndef min
+
+    static INLINE word32 min(word32 a, word32 b)
+    {
+        return a > b ? b : a;
+    }
+
+#endif /* min */
+
+
+void wc_InitMd5(Md5* md5)
+{
+    md5->digest[0] = 0x67452301L;
+    md5->digest[1] = 0xefcdab89L;
+    md5->digest[2] = 0x98badcfeL;
+    md5->digest[3] = 0x10325476L;
+
+    md5->buffLen = 0;
+    md5->loLen   = 0;
+    md5->hiLen   = 0;
+}
+
+#ifndef FREESCALE_MMCAU
+
+static void Transform(Md5* md5)
+{
+#define F1(x, y, z) (z ^ (x & (y ^ z)))
+#define F2(x, y, z) F1(z, x, y)
+#define F3(x, y, z) (x ^ y ^ z)
+#define F4(x, y, z) (y ^ (x | ~z))
+
+#define MD5STEP(f, w, x, y, z, data, s) \
+    w = rotlFixed(w + f(x, y, z) + data, s) + x
+
+    /* Copy context->state[] to working vars  */
+    word32 a = md5->digest[0];
+    word32 b = md5->digest[1];
+    word32 c = md5->digest[2];
+    word32 d = md5->digest[3];
+
+    MD5STEP(F1, a, b, c, d, md5->buffer[0]  + 0xd76aa478,  7);
+    MD5STEP(F1, d, a, b, c, md5->buffer[1]  + 0xe8c7b756, 12);
+    MD5STEP(F1, c, d, a, b, md5->buffer[2]  + 0x242070db, 17);
+    MD5STEP(F1, b, c, d, a, md5->buffer[3]  + 0xc1bdceee, 22);
+    MD5STEP(F1, a, b, c, d, md5->buffer[4]  + 0xf57c0faf,  7);
+    MD5STEP(F1, d, a, b, c, md5->buffer[5]  + 0x4787c62a, 12);
+    MD5STEP(F1, c, d, a, b, md5->buffer[6]  + 0xa8304613, 17);
+    MD5STEP(F1, b, c, d, a, md5->buffer[7]  + 0xfd469501, 22);
+    MD5STEP(F1, a, b, c, d, md5->buffer[8]  + 0x698098d8,  7);
+    MD5STEP(F1, d, a, b, c, md5->buffer[9]  + 0x8b44f7af, 12);
+    MD5STEP(F1, c, d, a, b, md5->buffer[10] + 0xffff5bb1, 17);
+    MD5STEP(F1, b, c, d, a, md5->buffer[11] + 0x895cd7be, 22);
+    MD5STEP(F1, a, b, c, d, md5->buffer[12] + 0x6b901122,  7);
+    MD5STEP(F1, d, a, b, c, md5->buffer[13] + 0xfd987193, 12);
+    MD5STEP(F1, c, d, a, b, md5->buffer[14] + 0xa679438e, 17);
+    MD5STEP(F1, b, c, d, a, md5->buffer[15] + 0x49b40821, 22);
+
+    MD5STEP(F2, a, b, c, d, md5->buffer[1]  + 0xf61e2562,  5);
+    MD5STEP(F2, d, a, b, c, md5->buffer[6]  + 0xc040b340,  9);
+    MD5STEP(F2, c, d, a, b, md5->buffer[11] + 0x265e5a51, 14);
+    MD5STEP(F2, b, c, d, a, md5->buffer[0]  + 0xe9b6c7aa, 20);
+    MD5STEP(F2, a, b, c, d, md5->buffer[5]  + 0xd62f105d,  5);
+    MD5STEP(F2, d, a, b, c, md5->buffer[10] + 0x02441453,  9);
+    MD5STEP(F2, c, d, a, b, md5->buffer[15] + 0xd8a1e681, 14);
+    MD5STEP(F2, b, c, d, a, md5->buffer[4]  + 0xe7d3fbc8, 20);
+    MD5STEP(F2, a, b, c, d, md5->buffer[9]  + 0x21e1cde6,  5);
+    MD5STEP(F2, d, a, b, c, md5->buffer[14] + 0xc33707d6,  9);
+    MD5STEP(F2, c, d, a, b, md5->buffer[3]  + 0xf4d50d87, 14);
+    MD5STEP(F2, b, c, d, a, md5->buffer[8]  + 0x455a14ed, 20);
+    MD5STEP(F2, a, b, c, d, md5->buffer[13] + 0xa9e3e905,  5);
+    MD5STEP(F2, d, a, b, c, md5->buffer[2]  + 0xfcefa3f8,  9);
+    MD5STEP(F2, c, d, a, b, md5->buffer[7]  + 0x676f02d9, 14);
+    MD5STEP(F2, b, c, d, a, md5->buffer[12] + 0x8d2a4c8a, 20);
+
+    MD5STEP(F3, a, b, c, d, md5->buffer[5]  + 0xfffa3942,  4);
+    MD5STEP(F3, d, a, b, c, md5->buffer[8]  + 0x8771f681, 11);
+    MD5STEP(F3, c, d, a, b, md5->buffer[11] + 0x6d9d6122, 16);
+    MD5STEP(F3, b, c, d, a, md5->buffer[14] + 0xfde5380c, 23);
+    MD5STEP(F3, a, b, c, d, md5->buffer[1]  + 0xa4beea44,  4);
+    MD5STEP(F3, d, a, b, c, md5->buffer[4]  + 0x4bdecfa9, 11);
+    MD5STEP(F3, c, d, a, b, md5->buffer[7]  + 0xf6bb4b60, 16);
+    MD5STEP(F3, b, c, d, a, md5->buffer[10] + 0xbebfbc70, 23);
+    MD5STEP(F3, a, b, c, d, md5->buffer[13] + 0x289b7ec6,  4);
+    MD5STEP(F3, d, a, b, c, md5->buffer[0]  + 0xeaa127fa, 11);
+    MD5STEP(F3, c, d, a, b, md5->buffer[3]  + 0xd4ef3085, 16);
+    MD5STEP(F3, b, c, d, a, md5->buffer[6]  + 0x04881d05, 23);
+    MD5STEP(F3, a, b, c, d, md5->buffer[9]  + 0xd9d4d039,  4);
+    MD5STEP(F3, d, a, b, c, md5->buffer[12] + 0xe6db99e5, 11);
+    MD5STEP(F3, c, d, a, b, md5->buffer[15] + 0x1fa27cf8, 16);
+    MD5STEP(F3, b, c, d, a, md5->buffer[2]  + 0xc4ac5665, 23);
+
+    MD5STEP(F4, a, b, c, d, md5->buffer[0]  + 0xf4292244,  6);
+    MD5STEP(F4, d, a, b, c, md5->buffer[7]  + 0x432aff97, 10);
+    MD5STEP(F4, c, d, a, b, md5->buffer[14] + 0xab9423a7, 15);
+    MD5STEP(F4, b, c, d, a, md5->buffer[5]  + 0xfc93a039, 21);
+    MD5STEP(F4, a, b, c, d, md5->buffer[12] + 0x655b59c3,  6);
+    MD5STEP(F4, d, a, b, c, md5->buffer[3]  + 0x8f0ccc92, 10);
+    MD5STEP(F4, c, d, a, b, md5->buffer[10] + 0xffeff47d, 15);
+    MD5STEP(F4, b, c, d, a, md5->buffer[1]  + 0x85845dd1, 21);
+    MD5STEP(F4, a, b, c, d, md5->buffer[8]  + 0x6fa87e4f,  6);
+    MD5STEP(F4, d, a, b, c, md5->buffer[15] + 0xfe2ce6e0, 10);
+    MD5STEP(F4, c, d, a, b, md5->buffer[6]  + 0xa3014314, 15);
+    MD5STEP(F4, b, c, d, a, md5->buffer[13] + 0x4e0811a1, 21);
+    MD5STEP(F4, a, b, c, d, md5->buffer[4]  + 0xf7537e82,  6);
+    MD5STEP(F4, d, a, b, c, md5->buffer[11] + 0xbd3af235, 10);
+    MD5STEP(F4, c, d, a, b, md5->buffer[2]  + 0x2ad7d2bb, 15);
+    MD5STEP(F4, b, c, d, a, md5->buffer[9]  + 0xeb86d391, 21);
+    
+    /* Add the working vars back into digest state[]  */
+    md5->digest[0] += a;
+    md5->digest[1] += b;
+    md5->digest[2] += c;
+    md5->digest[3] += d;
+}
+
+#endif /* FREESCALE_MMCAU */
+
+
+static INLINE void AddLength(Md5* md5, word32 len)
+{
+    word32 tmp = md5->loLen;
+    if ( (md5->loLen += len) < tmp)
+        md5->hiLen++;                       /* carry low to high */
+}
+
+
+void wc_Md5Update(Md5* md5, const byte* data, word32 len)
+{
+    /* do block size increments */
+    byte* local = (byte*)md5->buffer;
+
+    while (len) {
+        word32 add = min(len, MD5_BLOCK_SIZE - md5->buffLen);
+        XMEMCPY(&local[md5->buffLen], data, add);
+
+        md5->buffLen += add;
+        data         += add;
+        len          -= add;
+
+        if (md5->buffLen == MD5_BLOCK_SIZE) {
+            #if defined(BIG_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU)
+                ByteReverseWords(md5->buffer, md5->buffer, MD5_BLOCK_SIZE);
+            #endif
+            XTRANSFORM(md5, local);
+            AddLength(md5, MD5_BLOCK_SIZE);
+            md5->buffLen = 0;
+        }
+    }
+}
+
+
+void wc_Md5Final(Md5* md5, byte* hash)
+{
+    byte* local = (byte*)md5->buffer;
+
+    AddLength(md5, md5->buffLen);  /* before adding pads */
+
+    local[md5->buffLen++] = 0x80;  /* add 1 */
+
+    /* pad with zeros */
+    if (md5->buffLen > MD5_PAD_SIZE) {
+        XMEMSET(&local[md5->buffLen], 0, MD5_BLOCK_SIZE - md5->buffLen);
+        md5->buffLen += MD5_BLOCK_SIZE - md5->buffLen;
+
+        #if defined(BIG_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU)
+            ByteReverseWords(md5->buffer, md5->buffer, MD5_BLOCK_SIZE);
+        #endif
+        XTRANSFORM(md5, local);
+        md5->buffLen = 0;
+    }
+    XMEMSET(&local[md5->buffLen], 0, MD5_PAD_SIZE - md5->buffLen);
+   
+    /* put lengths in bits */
+    md5->hiLen = (md5->loLen >> (8*sizeof(md5->loLen) - 3)) + 
+                 (md5->hiLen << 3);
+    md5->loLen = md5->loLen << 3;
+
+    /* store lengths */
+    #if defined(BIG_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU)
+        ByteReverseWords(md5->buffer, md5->buffer, MD5_BLOCK_SIZE);
+    #endif
+    /* ! length ordering dependent on digest endian type ! */
+    XMEMCPY(&local[MD5_PAD_SIZE], &md5->loLen, sizeof(word32));
+    XMEMCPY(&local[MD5_PAD_SIZE + sizeof(word32)], &md5->hiLen, sizeof(word32));
+
+    XTRANSFORM(md5, local);
+    #ifdef BIG_ENDIAN_ORDER
+        ByteReverseWords(md5->digest, md5->digest, MD5_DIGEST_SIZE);
+    #endif
+    XMEMCPY(hash, md5->digest, MD5_DIGEST_SIZE);
+
+    wc_InitMd5(md5);  /* reset state */
+}
+
+#endif /* STM32F2_HASH */
+
+
+int wc_Md5Hash(const byte* data, word32 len, byte* hash)
+{
+#ifdef WOLFSSL_SMALL_STACK
+    Md5* md5;
+#else
+    Md5 md5[1];
+#endif
+
+#ifdef WOLFSSL_SMALL_STACK
+    md5 = (Md5*)XMALLOC(sizeof(Md5), NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    if (md5 == NULL)
+        return MEMORY_E;
+#endif
+
+    wc_InitMd5(md5);
+    wc_Md5Update(md5, data, len);
+    wc_Md5Final(md5, hash);
+
+#ifdef WOLFSSL_SMALL_STACK
+    XFREE(md5, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+
+    return 0;
+}
+
+#endif /* NO_MD5 */
diff --git a/3P/wolfssl/wolfcrypt/src/memory.c b/3P/wolfssl/wolfcrypt/src/memory.c
new file mode 100644
index 00000000..dd928194
--- /dev/null
+++ b/3P/wolfssl/wolfcrypt/src/memory.c
@@ -0,0 +1,191 @@
+/* memory.c
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+#ifdef HAVE_CONFIG_H
+    #include 
+#endif
+
+#include 
+
+/* check old macros @wc_fips */
+#if defined(USE_CYASSL_MEMORY) && !defined(USE_WOLFSSL_MEMORY)
+    #define USE_WOLFSSL_MEMORY
+#endif
+#if defined(CYASSL_MALLOC_CHECK) && !defined(WOLFSSL_MALLOC_CHECK)
+    #define WOLFSSL_MALLOC_CHECK
+#endif
+
+#ifdef USE_WOLFSSL_MEMORY
+
+#include 
+#include 
+
+#ifdef WOLFSSL_MALLOC_CHECK
+    #include 
+#endif
+
+/* Set these to default values initially. */
+static wolfSSL_Malloc_cb  malloc_function = 0;
+static wolfSSL_Free_cb    free_function = 0;
+static wolfSSL_Realloc_cb realloc_function = 0;
+
+int wolfSSL_SetAllocators(wolfSSL_Malloc_cb  mf,
+                          wolfSSL_Free_cb    ff,
+                          wolfSSL_Realloc_cb rf)
+{
+    int res = 0;
+
+    if (mf)
+        malloc_function = mf;
+    else
+        res = BAD_FUNC_ARG;
+
+    if (ff)
+        free_function = ff;
+    else
+        res = BAD_FUNC_ARG;
+
+    if (rf)
+        realloc_function = rf;
+    else
+        res = BAD_FUNC_ARG;
+
+    return res;
+}
+
+
+void* wolfSSL_Malloc(size_t size)
+{
+    void* res = 0;
+
+    if (malloc_function)
+        res = malloc_function(size);
+    else
+        res = malloc(size);
+
+    #ifdef WOLFSSL_MALLOC_CHECK
+        if (res == NULL)
+            puts("wolfSSL_malloc failed");
+    #endif
+                
+    return res;
+}
+
+void wolfSSL_Free(void *ptr)
+{
+    if (free_function)
+        free_function(ptr);
+    else
+        free(ptr);
+}
+
+void* wolfSSL_Realloc(void *ptr, size_t size)
+{
+    void* res = 0;
+
+    if (realloc_function)
+        res = realloc_function(ptr, size);
+    else
+        res = realloc(ptr, size);
+
+    return res;
+}
+
+#endif /* USE_WOLFSSL_MEMORY */
+
+
+#ifdef HAVE_IO_POOL
+
+/* Example for user io pool, shared build may need definitions in lib proper */
+
+#include 
+#include 
+
+#ifndef HAVE_THREAD_LS
+    #error "Oops, simple I/O pool example needs thread local storage"
+#endif
+
+
+/* allow simple per thread in and out pools */
+/* use 17k size sense max record size is 16k plus overhead */
+static THREAD_LS_T byte pool_in[17*1024];
+static THREAD_LS_T byte pool_out[17*1024];
+
+
+void* XMALLOC(size_t n, void* heap, int type)
+{
+    (void)heap;
+
+    if (type == DYNAMIC_TYPE_IN_BUFFER) {
+        if (n < sizeof(pool_in))
+            return pool_in;
+        else
+            return NULL;
+    }
+
+    if (type == DYNAMIC_TYPE_OUT_BUFFER) {
+        if (n < sizeof(pool_out))
+            return pool_out;
+        else
+            return NULL;
+    }
+
+    return malloc(n);
+}
+
+void* XREALLOC(void *p, size_t n, void* heap, int type)
+{
+    (void)heap;
+
+    if (type == DYNAMIC_TYPE_IN_BUFFER) {
+        if (n < sizeof(pool_in))
+            return pool_in;
+        else
+            return NULL;
+    }
+
+    if (type == DYNAMIC_TYPE_OUT_BUFFER) {
+        if (n < sizeof(pool_out))
+            return pool_out;
+        else
+            return NULL;
+    }
+
+    return realloc(p, n);
+}
+
+
+/* unit api calls, let's make sure visible with WOLFSSL_API */
+WOLFSSL_API void XFREE(void *p, void* heap, int type)
+{
+    (void)heap;
+
+    if (type == DYNAMIC_TYPE_IN_BUFFER)
+        return;  /* do nothing, static pool */
+
+    if (type == DYNAMIC_TYPE_OUT_BUFFER)
+        return;  /* do nothing, static pool */
+
+    free(p);
+}
+
+#endif /* HAVE_IO_POOL */
+
diff --git a/3P/wolfssl/wolfcrypt/src/misc.c b/3P/wolfssl/wolfcrypt/src/misc.c
new file mode 100644
index 00000000..c7fabe33
--- /dev/null
+++ b/3P/wolfssl/wolfcrypt/src/misc.c
@@ -0,0 +1,182 @@
+/* misc.c
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+#ifdef HAVE_CONFIG_H
+    #include 
+#endif
+
+#include 
+
+#include 
+
+/* inlining these functions is a huge speed increase and a small size decrease, 
+   because the functions are smaller than function call setup/cleanup, e.g.,
+   md5 benchmark is twice as fast with inline.  If you don't want it, then
+   define NO_INLINE and compile this file into wolfssl, otherwise it's used as
+   a source header
+ */
+
+#ifdef NO_INLINE
+    #define STATIC
+#else
+    #define STATIC static
+#endif
+
+
+#ifdef INTEL_INTRINSICS
+
+    #include       /* get intrinsic definitions */
+
+    /* for non visual studio probably need no long version, 32 bit only
+     * i.e., _rotl and _rotr */
+    #pragma intrinsic(_lrotl, _lrotr)
+
+    STATIC INLINE word32 rotlFixed(word32 x, word32 y)
+    {
+        return y ? _lrotl(x, y) : x;
+    }
+
+    STATIC INLINE word32 rotrFixed(word32 x, word32 y)
+    {
+        return y ? _lrotr(x, y) : x;
+    }
+
+#else /* generic */
+
+    STATIC INLINE word32 rotlFixed(word32 x, word32 y)
+    {
+        return (x << y) | (x >> (sizeof(y) * 8 - y));
+    }   
+
+
+    STATIC INLINE word32 rotrFixed(word32 x, word32 y)
+    {
+        return (x >> y) | (x << (sizeof(y) * 8 - y));
+    }
+
+#endif
+
+
+STATIC INLINE word32 ByteReverseWord32(word32 value)
+{
+#ifdef PPC_INTRINSICS
+    /* PPC: load reverse indexed instruction */
+    return (word32)__lwbrx(&value,0);
+#elif defined(KEIL_INTRINSICS)
+    return (word32)__rev(value);
+#elif defined(FAST_ROTATE)
+    /* 5 instructions with rotate instruction, 9 without */
+    return (rotrFixed(value, 8U) & 0xff00ff00) |
+           (rotlFixed(value, 8U) & 0x00ff00ff);
+#else
+    /* 6 instructions with rotate instruction, 8 without */
+    value = ((value & 0xFF00FF00) >> 8) | ((value & 0x00FF00FF) << 8);
+    return rotlFixed(value, 16U);
+#endif
+}
+
+
+STATIC INLINE void ByteReverseWords(word32* out, const word32* in,
+                                    word32 byteCount)
+{
+    word32 count = byteCount/(word32)sizeof(word32), i;
+
+    for (i = 0; i < count; i++)
+        out[i] = ByteReverseWord32(in[i]);
+
+}
+
+
+#ifdef WORD64_AVAILABLE
+
+
+STATIC INLINE word64 rotlFixed64(word64 x, word64 y)
+{
+    return (x << y) | (x >> (sizeof(y) * 8 - y));
+}  
+
+
+STATIC INLINE word64 rotrFixed64(word64 x, word64 y)
+{
+    return (x >> y) | (x << (sizeof(y) * 8 - y));
+}
+
+
+STATIC INLINE word64 ByteReverseWord64(word64 value)
+{
+#ifdef WOLFCRYPT_SLOW_WORD64
+	return (word64)(ByteReverseWord32((word32)value)) << 32 | 
+                    ByteReverseWord32((word32)(value>>32));
+#else
+	value = ((value & W64LIT(0xFF00FF00FF00FF00)) >> 8) |
+            ((value & W64LIT(0x00FF00FF00FF00FF)) << 8);
+	value = ((value & W64LIT(0xFFFF0000FFFF0000)) >> 16) |
+            ((value & W64LIT(0x0000FFFF0000FFFF)) << 16);
+	return rotlFixed64(value, 32U);
+#endif
+}
+
+
+STATIC INLINE void ByteReverseWords64(word64* out, const word64* in,
+                                      word32 byteCount)
+{
+    word32 count = byteCount/(word32)sizeof(word64), i;
+
+    for (i = 0; i < count; i++)
+        out[i] = ByteReverseWord64(in[i]);
+
+}
+
+#endif /* WORD64_AVAILABLE */
+
+
+STATIC INLINE void XorWords(wolfssl_word* r, const wolfssl_word* a, word32 n)
+{
+    word32 i;
+
+    for (i = 0; i < n; i++) r[i] ^= a[i];
+}
+
+
+STATIC INLINE void xorbuf(void* buf, const void* mask, word32 count)
+{
+    if (((wolfssl_word)buf | (wolfssl_word)mask | count) % WOLFSSL_WORD_SIZE == 0)
+        XorWords( (wolfssl_word*)buf,
+                  (const wolfssl_word*)mask, count / WOLFSSL_WORD_SIZE);
+    else {
+        word32 i;
+        byte*       b = (byte*)buf;
+        const byte* m = (const byte*)mask;
+
+        for (i = 0; i < count; i++) b[i] ^= m[i];
+    }
+}
+
+
+/* Make sure compiler doesn't skip */
+STATIC INLINE void ForceZero(const void* mem, word32 len)
+{
+    volatile byte* z = (volatile byte*)mem;
+
+    while (len--) *z++ = 0;
+}
+
+#undef STATIC
diff --git a/3P/wolfssl/wolfcrypt/src/pkcs7.c b/3P/wolfssl/wolfcrypt/src/pkcs7.c
new file mode 100644
index 00000000..6ef70f6f
--- /dev/null
+++ b/3P/wolfssl/wolfcrypt/src/pkcs7.c
@@ -0,0 +1,1854 @@
+/* pkcs7.c
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+#ifdef HAVE_CONFIG_H
+    #include 
+#endif
+
+#include 
+
+#ifdef HAVE_PKCS7
+
+#include 
+#include 
+#include 
+#ifdef NO_INLINE
+    #include 
+#else
+    #include 
+#endif
+
+#ifndef min
+    static INLINE word32 min(word32 a, word32 b)
+    {
+        return a > b ? b : a;
+    }
+#endif
+
+
+/* placed ASN.1 contentType OID into *output, return idx on success,
+ * 0 upon failure */
+WOLFSSL_LOCAL int wc_SetContentType(int pkcs7TypeOID, byte* output)
+{
+    /* PKCS#7 content types, RFC 2315, section 14 */
+    static const byte pkcs7[]              = { 0x2A, 0x86, 0x48, 0x86, 0xF7,
+                                               0x0D, 0x01, 0x07 };
+    static const byte data[]               = { 0x2A, 0x86, 0x48, 0x86, 0xF7,
+                                               0x0D, 0x01, 0x07, 0x01 };
+    static const byte signedData[]         = { 0x2A, 0x86, 0x48, 0x86, 0xF7,
+                                               0x0D, 0x01, 0x07, 0x02};
+    static const byte envelopedData[]      = { 0x2A, 0x86, 0x48, 0x86, 0xF7,
+                                               0x0D, 0x01, 0x07, 0x03 };
+    static const byte signedAndEnveloped[] = { 0x2A, 0x86, 0x48, 0x86, 0xF7,
+                                               0x0D, 0x01, 0x07, 0x04 };
+    static const byte digestedData[]       = { 0x2A, 0x86, 0x48, 0x86, 0xF7,
+                                               0x0D, 0x01, 0x07, 0x05 };
+    static const byte encryptedData[]      = { 0x2A, 0x86, 0x48, 0x86, 0xF7,
+                                               0x0D, 0x01, 0x07, 0x06 };
+
+    int idSz;
+    int typeSz = 0, idx = 0;
+    const byte* typeName = 0;
+    byte ID_Length[MAX_LENGTH_SZ];
+
+    switch (pkcs7TypeOID) {
+        case PKCS7_MSG:
+            typeSz = sizeof(pkcs7);
+            typeName = pkcs7;
+            break;
+
+        case DATA:
+            typeSz = sizeof(data);
+            typeName = data;
+            break;
+
+        case SIGNED_DATA:
+            typeSz = sizeof(signedData);
+            typeName = signedData;
+            break;
+        
+        case ENVELOPED_DATA:
+            typeSz = sizeof(envelopedData);
+            typeName = envelopedData;
+            break;
+
+        case SIGNED_AND_ENVELOPED_DATA:
+            typeSz = sizeof(signedAndEnveloped);
+            typeName = signedAndEnveloped;
+            break;
+
+        case DIGESTED_DATA:
+            typeSz = sizeof(digestedData);
+            typeName = digestedData;
+            break;
+
+        case ENCRYPTED_DATA:
+            typeSz = sizeof(encryptedData);
+            typeName = encryptedData;
+            break;
+
+        default:
+            WOLFSSL_MSG("Unknown PKCS#7 Type");
+            return 0;
+    };
+
+    idSz  = SetLength(typeSz, ID_Length);
+    output[idx++] = ASN_OBJECT_ID;
+    XMEMCPY(output + idx, ID_Length, idSz);
+    idx += idSz;
+    XMEMCPY(output + idx, typeName, typeSz);
+    idx += typeSz;
+
+    return idx;
+
+}
+
+
+/* get ASN.1 contentType OID sum, return 0 on success, <0 on failure */
+int wc_GetContentType(const byte* input, word32* inOutIdx, word32* oid,
+                   word32 maxIdx)
+{
+    int length;
+    word32 i = *inOutIdx;
+    byte b;
+    *oid = 0;
+
+    WOLFSSL_ENTER("wc_GetContentType");
+
+    b = input[i++];
+    if (b != ASN_OBJECT_ID)
+        return ASN_OBJECT_ID_E;
+
+    if (GetLength(input, &i, &length, maxIdx) < 0)
+        return ASN_PARSE_E;
+
+    while(length--) {
+        *oid += input[i];
+        i++;
+    }
+
+    *inOutIdx = i;
+
+    return 0;
+}
+
+
+/* init PKCS7 struct with recipient cert, decode into DecodedCert */
+int wc_PKCS7_InitWithCert(PKCS7* pkcs7, byte* cert, word32 certSz)
+{
+    int ret = 0;
+
+    XMEMSET(pkcs7, 0, sizeof(PKCS7));
+    if (cert != NULL && certSz > 0) {
+#ifdef WOLFSSL_SMALL_STACK
+        DecodedCert* dCert;
+
+        dCert = (DecodedCert*)XMALLOC(sizeof(DecodedCert), NULL,
+                                                       DYNAMIC_TYPE_TMP_BUFFER);
+        if (dCert == NULL)
+            return MEMORY_E;
+#else
+        DecodedCert stack_dCert;
+        DecodedCert* dCert = &stack_dCert;
+#endif
+
+        pkcs7->singleCert = cert;
+        pkcs7->singleCertSz = certSz;
+        InitDecodedCert(dCert, cert, certSz, 0);
+
+        ret = ParseCert(dCert, CA_TYPE, NO_VERIFY, 0);
+        if (ret < 0) {
+            FreeDecodedCert(dCert);
+#ifdef WOLFSSL_SMALL_STACK
+            XFREE(dCert, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+            return ret;
+        }
+
+        XMEMCPY(pkcs7->publicKey, dCert->publicKey, dCert->pubKeySize);
+        pkcs7->publicKeySz = dCert->pubKeySize;
+        XMEMCPY(pkcs7->issuerHash, dCert->issuerHash, SHA_SIZE);
+        pkcs7->issuer = dCert->issuerRaw;
+        pkcs7->issuerSz = dCert->issuerRawLen;
+        XMEMCPY(pkcs7->issuerSn, dCert->serial, dCert->serialSz);
+        pkcs7->issuerSnSz = dCert->serialSz;
+        FreeDecodedCert(dCert);
+
+#ifdef WOLFSSL_SMALL_STACK
+        XFREE(dCert, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+    }
+
+    return ret;
+}
+
+
+/* releases any memory allocated by a PKCS7 initializer */
+void wc_PKCS7_Free(PKCS7* pkcs7)
+{
+    (void)pkcs7;
+}
+
+
+/* build PKCS#7 data content type */
+int wc_PKCS7_EncodeData(PKCS7* pkcs7, byte* output, word32 outputSz)
+{
+    static const byte oid[] =
+        { ASN_OBJECT_ID, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01,
+                         0x07, 0x01 };
+    byte seq[MAX_SEQ_SZ];
+    byte octetStr[MAX_OCTET_STR_SZ];
+    word32 seqSz;
+    word32 octetStrSz;
+    word32 oidSz = (word32)sizeof(oid);
+    int idx = 0;
+
+    octetStrSz = SetOctetString(pkcs7->contentSz, octetStr);
+    seqSz = SetSequence(pkcs7->contentSz + octetStrSz + oidSz, seq);
+
+    if (outputSz < pkcs7->contentSz + octetStrSz + oidSz + seqSz)
+        return BUFFER_E;
+
+    XMEMCPY(output, seq, seqSz);
+    idx += seqSz;
+    XMEMCPY(output + idx, oid, oidSz);
+    idx += oidSz;
+    XMEMCPY(output + idx, octetStr, octetStrSz);
+    idx += octetStrSz;
+    XMEMCPY(output + idx, pkcs7->content, pkcs7->contentSz);
+    idx += pkcs7->contentSz;
+
+    return idx;
+}
+
+
+typedef struct EncodedAttrib {
+    byte valueSeq[MAX_SEQ_SZ];
+        const byte* oid;
+        byte valueSet[MAX_SET_SZ];
+        const byte* value;
+    word32 valueSeqSz, oidSz, idSz, valueSetSz, valueSz, totalSz;
+} EncodedAttrib;
+
+
+typedef struct ESD {
+    Sha sha;
+    byte contentDigest[SHA_DIGEST_SIZE + 2]; /* content only + ASN.1 heading */
+    byte contentAttribsDigest[SHA_DIGEST_SIZE];
+    byte encContentDigest[512];
+
+    byte outerSeq[MAX_SEQ_SZ];
+        byte outerContent[MAX_EXP_SZ];
+            byte innerSeq[MAX_SEQ_SZ];
+                byte version[MAX_VERSION_SZ];
+                byte digAlgoIdSet[MAX_SET_SZ];
+                    byte singleDigAlgoId[MAX_ALGO_SZ];
+
+                byte contentInfoSeq[MAX_SEQ_SZ];
+                    byte innerContSeq[MAX_EXP_SZ];
+                        byte innerOctets[MAX_OCTET_STR_SZ];
+
+                byte certsSet[MAX_SET_SZ];
+
+                byte signerInfoSet[MAX_SET_SZ];
+                    byte signerInfoSeq[MAX_SEQ_SZ];
+                        byte signerVersion[MAX_VERSION_SZ];
+                        byte issuerSnSeq[MAX_SEQ_SZ];
+                            byte issuerName[MAX_SEQ_SZ];
+                            byte issuerSn[MAX_SN_SZ];
+                        byte signerDigAlgoId[MAX_ALGO_SZ];
+                        byte digEncAlgoId[MAX_ALGO_SZ];
+                        byte signedAttribSet[MAX_SET_SZ];
+                            EncodedAttrib signedAttribs[6];
+                        byte signerDigest[MAX_OCTET_STR_SZ];
+    word32 innerOctetsSz, innerContSeqSz, contentInfoSeqSz;
+    word32 outerSeqSz, outerContentSz, innerSeqSz, versionSz, digAlgoIdSetSz,
+           singleDigAlgoIdSz, certsSetSz;
+    word32 signerInfoSetSz, signerInfoSeqSz, signerVersionSz,
+           issuerSnSeqSz, issuerNameSz, issuerSnSz,
+           signerDigAlgoIdSz, digEncAlgoIdSz, signerDigestSz;
+    word32 encContentDigestSz, signedAttribsSz, signedAttribsCount,
+           signedAttribSetSz;
+} ESD;
+
+
+static int EncodeAttributes(EncodedAttrib* ea, int eaSz,
+                                            PKCS7Attrib* attribs, int attribsSz)
+{
+    int i;
+    int maxSz = min(eaSz, attribsSz);
+    int allAttribsSz = 0;
+
+    for (i = 0; i < maxSz; i++)
+    {
+        int attribSz = 0;
+
+        ea[i].value = attribs[i].value;
+        ea[i].valueSz = attribs[i].valueSz;
+        attribSz += ea[i].valueSz;
+        ea[i].valueSetSz = SetSet(attribSz, ea[i].valueSet);
+        attribSz += ea[i].valueSetSz;
+        ea[i].oid = attribs[i].oid;
+        ea[i].oidSz = attribs[i].oidSz;
+        attribSz += ea[i].oidSz;
+        ea[i].valueSeqSz = SetSequence(attribSz, ea[i].valueSeq);
+        attribSz += ea[i].valueSeqSz;
+        ea[i].totalSz = attribSz;
+
+        allAttribsSz += attribSz;
+    }
+    return allAttribsSz;
+}
+
+
+static int FlattenAttributes(byte* output, EncodedAttrib* ea, int eaSz)
+{
+    int i, idx;
+
+    idx = 0;
+    for (i = 0; i < eaSz; i++) {
+        XMEMCPY(output + idx, ea[i].valueSeq, ea[i].valueSeqSz);
+        idx += ea[i].valueSeqSz;
+        XMEMCPY(output + idx, ea[i].oid, ea[i].oidSz);
+        idx += ea[i].oidSz;
+        XMEMCPY(output + idx, ea[i].valueSet, ea[i].valueSetSz);
+        idx += ea[i].valueSetSz;
+        XMEMCPY(output + idx, ea[i].value, ea[i].valueSz);
+        idx += ea[i].valueSz;
+    }
+    return 0;
+}
+
+
+/* build PKCS#7 signedData content type */
+int wc_PKCS7_EncodeSignedData(PKCS7* pkcs7, byte* output, word32 outputSz)
+{
+    static const byte outerOid[] =
+        { ASN_OBJECT_ID, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01,
+                         0x07, 0x02 };
+    static const byte innerOid[] =
+        { ASN_OBJECT_ID, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01,
+                         0x07, 0x01 };
+
+#ifdef WOLFSSL_SMALL_STACK
+    ESD* esd = NULL;
+#else
+    ESD stack_esd;
+    ESD* esd = &stack_esd;
+#endif
+
+    word32 signerInfoSz = 0;
+    word32 totalSz = 0;
+    int idx = 0, ret = 0;
+    byte* flatSignedAttribs = NULL;
+    word32 flatSignedAttribsSz = 0;
+    word32 innerOidSz = sizeof(innerOid);
+    word32 outerOidSz = sizeof(outerOid);
+
+    if (pkcs7 == NULL || pkcs7->content == NULL || pkcs7->contentSz == 0 ||
+        pkcs7->encryptOID == 0 || pkcs7->hashOID == 0 || pkcs7->rng == 0 ||
+        pkcs7->singleCert == NULL || pkcs7->singleCertSz == 0 ||
+        pkcs7->privateKey == NULL || pkcs7->privateKeySz == 0 ||
+        output == NULL || outputSz == 0)
+        return BAD_FUNC_ARG;
+
+#ifdef WOLFSSL_SMALL_STACK
+    esd = (ESD*)XMALLOC(sizeof(ESD), NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    if (esd == NULL)
+        return MEMORY_E;
+#endif
+
+    XMEMSET(esd, 0, sizeof(ESD));
+    ret = wc_InitSha(&esd->sha);
+    if (ret != 0) {
+#ifdef WOLFSSL_SMALL_STACK
+        XFREE(esd, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+        return ret;
+    }
+
+    if (pkcs7->contentSz != 0)
+    {
+        wc_ShaUpdate(&esd->sha, pkcs7->content, pkcs7->contentSz);
+        esd->contentDigest[0] = ASN_OCTET_STRING;
+        esd->contentDigest[1] = SHA_DIGEST_SIZE;
+        wc_ShaFinal(&esd->sha, &esd->contentDigest[2]);
+    }
+
+    esd->innerOctetsSz = SetOctetString(pkcs7->contentSz, esd->innerOctets);
+    esd->innerContSeqSz = SetExplicit(0, esd->innerOctetsSz + pkcs7->contentSz,
+                                esd->innerContSeq);
+    esd->contentInfoSeqSz = SetSequence(pkcs7->contentSz + esd->innerOctetsSz +
+                                    innerOidSz + esd->innerContSeqSz,
+                                    esd->contentInfoSeq);
+
+    esd->issuerSnSz = SetSerialNumber(pkcs7->issuerSn, pkcs7->issuerSnSz,
+                                     esd->issuerSn);
+    signerInfoSz += esd->issuerSnSz;
+    esd->issuerNameSz = SetSequence(pkcs7->issuerSz, esd->issuerName);
+    signerInfoSz += esd->issuerNameSz + pkcs7->issuerSz;
+    esd->issuerSnSeqSz = SetSequence(signerInfoSz, esd->issuerSnSeq);
+    signerInfoSz += esd->issuerSnSeqSz;
+    esd->signerVersionSz = SetMyVersion(1, esd->signerVersion, 0);
+    signerInfoSz += esd->signerVersionSz;
+    esd->signerDigAlgoIdSz = SetAlgoID(pkcs7->hashOID, esd->signerDigAlgoId,
+                                      hashType, 0);
+    signerInfoSz += esd->signerDigAlgoIdSz;
+    esd->digEncAlgoIdSz = SetAlgoID(pkcs7->encryptOID, esd->digEncAlgoId,
+                                   keyType, 0);
+    signerInfoSz += esd->digEncAlgoIdSz;
+
+    if (pkcs7->signedAttribsSz != 0) {
+        byte contentTypeOid[] =
+                { ASN_OBJECT_ID, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xF7, 0x0d, 0x01,
+                                 0x09, 0x03 };
+        byte contentType[] =
+                { ASN_OBJECT_ID, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01,
+                                 0x07, 0x01 };
+        byte messageDigestOid[] =
+                { ASN_OBJECT_ID, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01,
+                                 0x09, 0x04 };
+
+        PKCS7Attrib cannedAttribs[2] =
+        {
+            { contentTypeOid, sizeof(contentTypeOid),
+                             contentType, sizeof(contentType) },
+            { messageDigestOid, sizeof(messageDigestOid),
+                             esd->contentDigest, sizeof(esd->contentDigest) }
+        };
+        word32 cannedAttribsCount = sizeof(cannedAttribs)/sizeof(PKCS7Attrib);
+
+        esd->signedAttribsCount += cannedAttribsCount;
+        esd->signedAttribsSz += EncodeAttributes(&esd->signedAttribs[0], 2,
+                                             cannedAttribs, cannedAttribsCount);
+
+        esd->signedAttribsCount += pkcs7->signedAttribsSz;
+        esd->signedAttribsSz += EncodeAttributes(&esd->signedAttribs[2], 4,
+                                  pkcs7->signedAttribs, pkcs7->signedAttribsSz);
+
+        flatSignedAttribs = (byte*)XMALLOC(esd->signedAttribsSz, 0, NULL);
+        flatSignedAttribsSz = esd->signedAttribsSz;
+        if (flatSignedAttribs == NULL) {
+#ifdef WOLFSSL_SMALL_STACK
+            XFREE(esd, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif   
+            return MEMORY_E;
+        }
+        FlattenAttributes(flatSignedAttribs,
+                                   esd->signedAttribs, esd->signedAttribsCount);
+        esd->signedAttribSetSz = SetImplicit(ASN_SET, 0, esd->signedAttribsSz,
+                                                          esd->signedAttribSet);
+    }
+    /* Calculate the final hash and encrypt it. */
+    {
+        int result;
+        word32 scratch = 0;
+
+#ifdef WOLFSSL_SMALL_STACK
+        byte* digestInfo;
+        RsaKey* privKey;
+#else
+        RsaKey stack_privKey;
+        RsaKey* privKey = &stack_privKey;
+        byte digestInfo[MAX_SEQ_SZ + MAX_ALGO_SZ +
+                        MAX_OCTET_STR_SZ + SHA_DIGEST_SIZE];
+#endif
+        byte digestInfoSeq[MAX_SEQ_SZ];
+        byte digestStr[MAX_OCTET_STR_SZ];
+        word32 digestInfoSeqSz, digestStrSz;
+        int digIdx = 0;
+
+        if (pkcs7->signedAttribsSz != 0) {
+            byte attribSet[MAX_SET_SZ];
+            word32 attribSetSz;
+
+            attribSetSz = SetSet(flatSignedAttribsSz, attribSet);
+
+            ret = wc_InitSha(&esd->sha);
+            if (ret < 0) {
+                XFREE(flatSignedAttribs, 0, NULL);
+#ifdef WOLFSSL_SMALL_STACK
+                XFREE(esd, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+                return ret;
+            }
+            wc_ShaUpdate(&esd->sha, attribSet, attribSetSz);
+            wc_ShaUpdate(&esd->sha, flatSignedAttribs, flatSignedAttribsSz);
+        }
+        wc_ShaFinal(&esd->sha, esd->contentAttribsDigest);
+
+        digestStrSz = SetOctetString(SHA_DIGEST_SIZE, digestStr);
+        digestInfoSeqSz = SetSequence(esd->signerDigAlgoIdSz +
+                                      digestStrSz + SHA_DIGEST_SIZE,
+                                      digestInfoSeq);
+
+#ifdef WOLFSSL_SMALL_STACK
+        digestInfo = (byte*)XMALLOC(MAX_SEQ_SZ + MAX_ALGO_SZ +
+                                    MAX_OCTET_STR_SZ + SHA_DIGEST_SIZE,
+                                    NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        if (digestInfo == NULL) {
+            if (pkcs7->signedAttribsSz != 0)
+                XFREE(flatSignedAttribs, 0, NULL);
+            XFREE(esd, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+            return MEMORY_E;
+        }
+#endif
+
+        XMEMCPY(digestInfo + digIdx, digestInfoSeq, digestInfoSeqSz);
+        digIdx += digestInfoSeqSz;
+        XMEMCPY(digestInfo + digIdx,
+                                  esd->signerDigAlgoId, esd->signerDigAlgoIdSz);
+        digIdx += esd->signerDigAlgoIdSz;
+        XMEMCPY(digestInfo + digIdx, digestStr, digestStrSz);
+        digIdx += digestStrSz;
+        XMEMCPY(digestInfo + digIdx, esd->contentAttribsDigest,
+                                                               SHA_DIGEST_SIZE);
+        digIdx += SHA_DIGEST_SIZE;
+
+#ifdef WOLFSSL_SMALL_STACK
+        privKey = (RsaKey*)XMALLOC(sizeof(RsaKey), NULL,
+                                                       DYNAMIC_TYPE_TMP_BUFFER);
+        if (privKey == NULL) {
+            if (pkcs7->signedAttribsSz != 0)
+                XFREE(flatSignedAttribs, 0, NULL);
+            XFREE(digestInfo, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+            XFREE(esd,        NULL, DYNAMIC_TYPE_TMP_BUFFER);
+            return MEMORY_E;
+        }
+#endif
+
+        result = wc_InitRsaKey(privKey, NULL);
+        if (result == 0)
+            result = wc_RsaPrivateKeyDecode(pkcs7->privateKey, &scratch, privKey,
+                                         pkcs7->privateKeySz);
+        if (result < 0) {
+            if (pkcs7->signedAttribsSz != 0)
+                XFREE(flatSignedAttribs, 0, NULL);
+#ifdef WOLFSSL_SMALL_STACK
+            XFREE(privKey,    NULL, DYNAMIC_TYPE_TMP_BUFFER);
+            XFREE(digestInfo, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+            XFREE(esd,        NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+            return PUBLIC_KEY_E;
+        }
+
+        result = wc_RsaSSL_Sign(digestInfo, digIdx,
+                             esd->encContentDigest,
+                             sizeof(esd->encContentDigest),
+                             privKey, pkcs7->rng);
+
+        wc_FreeRsaKey(privKey);
+
+#ifdef WOLFSSL_SMALL_STACK
+        XFREE(privKey,    NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        XFREE(digestInfo, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+
+        if (result < 0) {
+            if (pkcs7->signedAttribsSz != 0)
+                XFREE(flatSignedAttribs, 0, NULL);
+#ifdef WOLFSSL_SMALL_STACK
+            XFREE(esd, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+            return result;
+        }
+        esd->encContentDigestSz = (word32)result;
+    }
+    signerInfoSz += flatSignedAttribsSz + esd->signedAttribSetSz;
+
+    esd->signerDigestSz = SetOctetString(esd->encContentDigestSz,
+                                                             esd->signerDigest);
+    signerInfoSz += esd->signerDigestSz + esd->encContentDigestSz;
+
+    esd->signerInfoSeqSz = SetSequence(signerInfoSz, esd->signerInfoSeq);
+    signerInfoSz += esd->signerInfoSeqSz;
+    esd->signerInfoSetSz = SetSet(signerInfoSz, esd->signerInfoSet);
+    signerInfoSz += esd->signerInfoSetSz;
+
+    esd->certsSetSz = SetImplicit(ASN_SET, 0, pkcs7->singleCertSz,
+                                                                 esd->certsSet);
+
+    esd->singleDigAlgoIdSz = SetAlgoID(pkcs7->hashOID, esd->singleDigAlgoId,
+                                      hashType, 0);
+    esd->digAlgoIdSetSz = SetSet(esd->singleDigAlgoIdSz, esd->digAlgoIdSet);
+
+
+    esd->versionSz = SetMyVersion(1, esd->version, 0);
+
+    totalSz = esd->versionSz + esd->singleDigAlgoIdSz + esd->digAlgoIdSetSz +
+              esd->contentInfoSeqSz + esd->certsSetSz + pkcs7->singleCertSz +
+              esd->innerOctetsSz + esd->innerContSeqSz +
+              innerOidSz + pkcs7->contentSz +
+              signerInfoSz;
+    esd->innerSeqSz = SetSequence(totalSz, esd->innerSeq);
+    totalSz += esd->innerSeqSz;
+    esd->outerContentSz = SetExplicit(0, totalSz, esd->outerContent);
+    totalSz += esd->outerContentSz + outerOidSz;
+    esd->outerSeqSz = SetSequence(totalSz, esd->outerSeq);
+    totalSz += esd->outerSeqSz;
+
+    if (outputSz < totalSz) {
+        if (pkcs7->signedAttribsSz != 0)
+            XFREE(flatSignedAttribs, 0, NULL);
+#ifdef WOLFSSL_SMALL_STACK
+        XFREE(esd, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+        return BUFFER_E;
+    }
+
+    idx = 0;
+    XMEMCPY(output + idx, esd->outerSeq, esd->outerSeqSz);
+    idx += esd->outerSeqSz;
+    XMEMCPY(output + idx, outerOid, outerOidSz);
+    idx += outerOidSz;
+    XMEMCPY(output + idx, esd->outerContent, esd->outerContentSz);
+    idx += esd->outerContentSz;
+    XMEMCPY(output + idx, esd->innerSeq, esd->innerSeqSz);
+    idx += esd->innerSeqSz;
+    XMEMCPY(output + idx, esd->version, esd->versionSz);
+    idx += esd->versionSz;
+    XMEMCPY(output + idx, esd->digAlgoIdSet, esd->digAlgoIdSetSz);
+    idx += esd->digAlgoIdSetSz;
+    XMEMCPY(output + idx, esd->singleDigAlgoId, esd->singleDigAlgoIdSz);
+    idx += esd->singleDigAlgoIdSz;
+    XMEMCPY(output + idx, esd->contentInfoSeq, esd->contentInfoSeqSz);
+    idx += esd->contentInfoSeqSz;
+    XMEMCPY(output + idx, innerOid, innerOidSz);
+    idx += innerOidSz;
+    XMEMCPY(output + idx, esd->innerContSeq, esd->innerContSeqSz);
+    idx += esd->innerContSeqSz;
+    XMEMCPY(output + idx, esd->innerOctets, esd->innerOctetsSz);
+    idx += esd->innerOctetsSz;
+    XMEMCPY(output + idx, pkcs7->content, pkcs7->contentSz);
+    idx += pkcs7->contentSz;
+    XMEMCPY(output + idx, esd->certsSet, esd->certsSetSz);
+    idx += esd->certsSetSz;
+    XMEMCPY(output + idx, pkcs7->singleCert, pkcs7->singleCertSz);
+    idx += pkcs7->singleCertSz;
+    XMEMCPY(output + idx, esd->signerInfoSet, esd->signerInfoSetSz);
+    idx += esd->signerInfoSetSz;
+    XMEMCPY(output + idx, esd->signerInfoSeq, esd->signerInfoSeqSz);
+    idx += esd->signerInfoSeqSz;
+    XMEMCPY(output + idx, esd->signerVersion, esd->signerVersionSz);
+    idx += esd->signerVersionSz;
+    XMEMCPY(output + idx, esd->issuerSnSeq, esd->issuerSnSeqSz);
+    idx += esd->issuerSnSeqSz;
+    XMEMCPY(output + idx, esd->issuerName, esd->issuerNameSz);
+    idx += esd->issuerNameSz;
+    XMEMCPY(output + idx, pkcs7->issuer, pkcs7->issuerSz);
+    idx += pkcs7->issuerSz;
+    XMEMCPY(output + idx, esd->issuerSn, esd->issuerSnSz);
+    idx += esd->issuerSnSz;
+    XMEMCPY(output + idx, esd->signerDigAlgoId, esd->signerDigAlgoIdSz);
+    idx += esd->signerDigAlgoIdSz;
+
+    /* SignerInfo:Attributes */
+    if (pkcs7->signedAttribsSz != 0) {
+        XMEMCPY(output + idx, esd->signedAttribSet, esd->signedAttribSetSz);
+        idx += esd->signedAttribSetSz;
+        XMEMCPY(output + idx, flatSignedAttribs, flatSignedAttribsSz);
+        idx += flatSignedAttribsSz;
+        XFREE(flatSignedAttribs, 0, NULL);
+    }
+
+    XMEMCPY(output + idx, esd->digEncAlgoId, esd->digEncAlgoIdSz);
+    idx += esd->digEncAlgoIdSz;
+    XMEMCPY(output + idx, esd->signerDigest, esd->signerDigestSz);
+    idx += esd->signerDigestSz;
+    XMEMCPY(output + idx, esd->encContentDigest, esd->encContentDigestSz);
+    idx += esd->encContentDigestSz;
+
+#ifdef WOLFSSL_SMALL_STACK
+    XFREE(esd, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+
+    return idx;
+}
+
+
+/* Finds the certificates in the message and saves it. */
+int wc_PKCS7_VerifySignedData(PKCS7* pkcs7, byte* pkiMsg, word32 pkiMsgSz)
+{
+    word32 idx, contentType;
+    int length, version, ret;
+    byte* content = NULL;
+    byte* sig = NULL;
+    byte* cert = NULL;
+    int contentSz = 0, sigSz = 0, certSz = 0;
+
+    if (pkcs7 == NULL || pkiMsg == NULL || pkiMsgSz == 0)
+        return BAD_FUNC_ARG;
+
+    idx = 0;
+
+    /* Get the contentInfo sequence */
+    if (GetSequence(pkiMsg, &idx, &length, pkiMsgSz) < 0)
+        return ASN_PARSE_E;
+
+    /* Get the contentInfo contentType */
+    if (wc_GetContentType(pkiMsg, &idx, &contentType, pkiMsgSz) < 0)
+        return ASN_PARSE_E;
+
+    if (contentType != SIGNED_DATA) {
+        WOLFSSL_MSG("PKCS#7 input not of type SignedData");
+        return PKCS7_OID_E;
+    }
+
+    /* get the ContentInfo content */
+    if (pkiMsg[idx++] != (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 0))
+        return ASN_PARSE_E;
+
+    if (GetLength(pkiMsg, &idx, &length, pkiMsgSz) < 0)
+        return ASN_PARSE_E;
+
+    /* Get the signedData sequence */
+    if (GetSequence(pkiMsg, &idx, &length, pkiMsgSz) < 0)
+        return ASN_PARSE_E;
+
+    /* Get the version */
+    if (GetMyVersion(pkiMsg, &idx, &version) < 0)
+        return ASN_PARSE_E;
+
+    if (version != 1) {
+        WOLFSSL_MSG("PKCS#7 signedData needs to be of version 1");
+        return ASN_VERSION_E;
+    }
+
+    /* Get the set of DigestAlgorithmIdentifiers */
+    if (GetSet(pkiMsg, &idx, &length, pkiMsgSz) < 0)
+        return ASN_PARSE_E;
+
+    /* Skip the set. */
+    idx += length;
+
+    /* Get the inner ContentInfo sequence */
+    if (GetSequence(pkiMsg, &idx, &length, pkiMsgSz) < 0)
+        return ASN_PARSE_E;
+
+    /* Get the inner ContentInfo contentType */
+    if (wc_GetContentType(pkiMsg, &idx, &contentType, pkiMsgSz) < 0)
+        return ASN_PARSE_E;
+
+    if (contentType != DATA) {
+        WOLFSSL_MSG("PKCS#7 inner input not of type Data");
+        return PKCS7_OID_E;
+    }
+
+    if (pkiMsg[idx++] != (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 0))
+        return ASN_PARSE_E;
+
+    if (GetLength(pkiMsg, &idx, &length, pkiMsgSz) < 0)
+        return ASN_PARSE_E;
+
+    if (pkiMsg[idx++] != ASN_OCTET_STRING)
+        return ASN_PARSE_E;
+
+    if (GetLength(pkiMsg, &idx, &length, pkiMsgSz) < 0)
+        return ASN_PARSE_E;
+
+    /* Save the inner data as the content. */
+    if (length > 0) {
+        /* Local pointer for calculating hashes later */
+        pkcs7->content = content = &pkiMsg[idx];
+        pkcs7->contentSz = contentSz = length;
+        idx += length;
+    }
+
+    /* Get the implicit[0] set of certificates */
+    if (pkiMsg[idx] == (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 0)) {
+        idx++;
+        if (GetLength(pkiMsg, &idx, &length, pkiMsgSz) < 0)
+            return ASN_PARSE_E;
+
+        if (length > 0) {
+            /* At this point, idx is at the first certificate in
+             * a set of certificates. There may be more than one,
+             * or none, or they may be a PKCS 6 extended
+             * certificate. We want to save the first cert if it
+             * is X.509. */
+
+            word32 certIdx = idx;
+
+            if (pkiMsg[certIdx++] == (ASN_CONSTRUCTED | ASN_SEQUENCE)) {
+                if (GetLength(pkiMsg, &certIdx, &certSz, pkiMsgSz) < 0)
+                    return ASN_PARSE_E;
+
+                cert = &pkiMsg[idx];
+                certSz += (certIdx - idx);
+            }
+            wc_PKCS7_InitWithCert(pkcs7, cert, certSz);
+        }
+        idx += length;
+    }
+
+    /* Get the implicit[1] set of crls */
+    if (pkiMsg[idx] == (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 1)) {
+        idx++;
+        if (GetLength(pkiMsg, &idx, &length, pkiMsgSz) < 0)
+            return ASN_PARSE_E;
+
+        /* Skip the set */
+        idx += length;
+    }
+
+    /* Get the set of signerInfos */
+    if (GetSet(pkiMsg, &idx, &length, pkiMsgSz) < 0)
+        return ASN_PARSE_E;
+
+    if (length > 0) {
+        /* Get the sequence of the first signerInfo */
+        if (GetSequence(pkiMsg, &idx, &length, pkiMsgSz) < 0)
+            return ASN_PARSE_E;
+
+        /* Get the version */
+        if (GetMyVersion(pkiMsg, &idx, &version) < 0)
+            return ASN_PARSE_E;
+
+        if (version != 1) {
+            WOLFSSL_MSG("PKCS#7 signerInfo needs to be of version 1");
+            return ASN_VERSION_E;
+        }
+
+        /* Get the sequence of IssuerAndSerialNumber */
+        if (GetSequence(pkiMsg, &idx, &length, pkiMsgSz) < 0)
+            return ASN_PARSE_E;
+
+        /* Skip it */
+        idx += length;
+
+        /* Get the sequence of digestAlgorithm */
+        if (GetSequence(pkiMsg, &idx, &length, pkiMsgSz) < 0)
+            return ASN_PARSE_E;
+
+        /* Skip it */
+        idx += length;
+
+        /* Get the IMPLICIT[0] SET OF signedAttributes */
+        if (pkiMsg[idx] == (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 0)) {
+            idx++;
+
+            if (GetLength(pkiMsg, &idx, &length, pkiMsgSz) < 0)
+                return ASN_PARSE_E;
+
+            idx += length;
+        }
+
+        /* Get the sequence of digestEncryptionAlgorithm */
+        if (GetSequence(pkiMsg, &idx, &length, pkiMsgSz) < 0)
+            return ASN_PARSE_E;
+
+        /* Skip it */
+        idx += length;
+
+        /* Get the signature */
+        if (pkiMsg[idx] == ASN_OCTET_STRING) {
+            idx++;
+
+            if (GetLength(pkiMsg, &idx, &length, pkiMsgSz) < 0)
+                return ASN_PARSE_E;
+
+            /* save pointer and length */
+            sig = &pkiMsg[idx];
+            sigSz = length;
+
+            idx += length;
+        }
+
+        pkcs7->content = content;
+        pkcs7->contentSz = contentSz;
+
+        {
+            word32 scratch = 0;
+            int plainSz = 0;
+            int digestSz = MAX_SEQ_SZ + MAX_ALGO_SZ +
+                           MAX_OCTET_STR_SZ + SHA_DIGEST_SIZE;
+
+#ifdef WOLFSSL_SMALL_STACK
+            byte* digest;
+            RsaKey* key;
+
+            digest = (byte*)XMALLOC(digestSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+
+            if (digest == NULL)
+                return MEMORY_E;
+
+            key = (RsaKey*)XMALLOC(sizeof(RsaKey), NULL,
+                                                       DYNAMIC_TYPE_TMP_BUFFER);
+            if (key == NULL) {
+                XFREE(digest, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+                return MEMORY_E;
+            }
+#else
+            byte digest[digestSz];
+            RsaKey stack_key;
+            RsaKey* key = &stack_key;
+#endif
+
+            XMEMSET(digest, 0, digestSz);
+
+            ret = wc_InitRsaKey(key, NULL);
+            if (ret != 0) {
+#ifdef WOLFSSL_SMALL_STACK
+                XFREE(digest, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+                XFREE(key,    NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+                return ret;
+            }
+            if (wc_RsaPublicKeyDecode(pkcs7->publicKey, &scratch, key,
+                                   pkcs7->publicKeySz) < 0) {
+                WOLFSSL_MSG("ASN RSA key decode error");
+#ifdef WOLFSSL_SMALL_STACK
+                XFREE(digest, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+                XFREE(key,    NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+                return PUBLIC_KEY_E;
+            }
+
+            plainSz = wc_RsaSSL_Verify(sig, sigSz, digest, digestSz, key);
+            wc_FreeRsaKey(key);
+
+#ifdef WOLFSSL_SMALL_STACK
+            XFREE(digest, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+            XFREE(key,    NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+
+            if (plainSz < 0)
+                return plainSz;
+        }
+    }
+
+    return 0;
+}
+
+
+/* create ASN.1 fomatted RecipientInfo structure, returns sequence size */
+WOLFSSL_LOCAL int wc_CreateRecipientInfo(const byte* cert, word32 certSz,
+                                     int keyEncAlgo, int blockKeySz,
+                                     RNG* rng, byte* contentKeyPlain,
+                                     byte* contentKeyEnc,
+                                     int* keyEncSz, byte* out, word32 outSz)
+{
+    word32 idx = 0;
+    int ret = 0, totalSz = 0;
+    int verSz, issuerSz, snSz, keyEncAlgSz;
+    int issuerSeqSz, recipSeqSz, issuerSerialSeqSz;
+    int encKeyOctetStrSz;
+
+    byte ver[MAX_VERSION_SZ];
+    byte issuerSerialSeq[MAX_SEQ_SZ];
+    byte recipSeq[MAX_SEQ_SZ];
+    byte issuerSeq[MAX_SEQ_SZ];
+    byte encKeyOctetStr[MAX_OCTET_STR_SZ];
+
+#ifdef WOLFSSL_SMALL_STACK
+    byte *serial;
+    byte *keyAlgArray;
+    
+    RsaKey* pubKey;
+    DecodedCert* decoded;
+
+    serial = (byte*)XMALLOC(MAX_SN_SZ, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    keyAlgArray = (byte*)XMALLOC(MAX_SN_SZ, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    decoded = (DecodedCert*)XMALLOC(sizeof(DecodedCert), NULL,
+                                                       DYNAMIC_TYPE_TMP_BUFFER);
+
+    if (decoded == NULL || serial == NULL || keyAlgArray == NULL) {
+        if (serial)      XFREE(serial,      NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        if (keyAlgArray) XFREE(keyAlgArray, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        if (decoded)     XFREE(decoded,     NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        return MEMORY_E;
+    }
+    
+#else
+    byte serial[MAX_SN_SZ];
+    byte keyAlgArray[MAX_ALGO_SZ];
+    
+    RsaKey stack_pubKey;
+    RsaKey* pubKey = &stack_pubKey;
+    DecodedCert stack_decoded;
+    DecodedCert* decoded = &stack_decoded;
+#endif
+
+    InitDecodedCert(decoded, (byte*)cert, certSz, 0);
+    ret = ParseCert(decoded, CA_TYPE, NO_VERIFY, 0);
+    if (ret < 0) {
+        FreeDecodedCert(decoded);
+#ifdef WOLFSSL_SMALL_STACK
+        XFREE(serial,      NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        XFREE(keyAlgArray, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        XFREE(decoded,     NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+        return ret;
+    }
+
+    /* version */
+    verSz = SetMyVersion(0, ver, 0);
+
+    /* IssuerAndSerialNumber */
+    if (decoded->issuerRaw == NULL || decoded->issuerRawLen == 0) {
+        WOLFSSL_MSG("DecodedCert lacks raw issuer pointer and length");
+        FreeDecodedCert(decoded);
+#ifdef WOLFSSL_SMALL_STACK
+        XFREE(serial,      NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        XFREE(keyAlgArray, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        XFREE(decoded,     NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+        return -1;
+    }
+    issuerSz    = decoded->issuerRawLen;
+    issuerSeqSz = SetSequence(issuerSz, issuerSeq);
+
+    if (decoded->serial == NULL || decoded->serialSz == 0) {
+        WOLFSSL_MSG("DecodedCert missing serial number");
+        FreeDecodedCert(decoded);
+#ifdef WOLFSSL_SMALL_STACK
+        XFREE(serial,      NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        XFREE(keyAlgArray, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        XFREE(decoded,     NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+        return -1;
+    }
+    snSz = SetSerialNumber(decoded->serial, decoded->serialSz, serial);
+
+    issuerSerialSeqSz = SetSequence(issuerSeqSz + issuerSz + snSz,
+                                    issuerSerialSeq);
+
+    /* KeyEncryptionAlgorithmIdentifier, only support RSA now */
+    if (keyEncAlgo != RSAk) {
+        FreeDecodedCert(decoded);
+#ifdef WOLFSSL_SMALL_STACK
+        XFREE(serial,      NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        XFREE(keyAlgArray, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        XFREE(decoded,     NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+        return ALGO_ID_E;
+    }
+
+    keyEncAlgSz = SetAlgoID(keyEncAlgo, keyAlgArray, keyType, 0);
+    if (keyEncAlgSz == 0) {
+        FreeDecodedCert(decoded);
+#ifdef WOLFSSL_SMALL_STACK
+        XFREE(serial,      NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        XFREE(keyAlgArray, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        XFREE(decoded,     NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+        return BAD_FUNC_ARG;
+    }
+
+#ifdef WOLFSSL_SMALL_STACK
+    pubKey = (RsaKey*)XMALLOC(sizeof(RsaKey), NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    if (pubKey == NULL) {
+        FreeDecodedCert(decoded);
+        XFREE(serial,      NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        XFREE(keyAlgArray, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        XFREE(decoded,     NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        return MEMORY_E;
+    }
+#endif
+
+    /* EncryptedKey */
+    ret = wc_InitRsaKey(pubKey, 0);
+    if (ret != 0) {
+        FreeDecodedCert(decoded);
+#ifdef WOLFSSL_SMALL_STACK
+        XFREE(pubKey,      NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        XFREE(serial,      NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        XFREE(keyAlgArray, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        XFREE(decoded,     NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+        return ret;
+    }
+
+    if (wc_RsaPublicKeyDecode(decoded->publicKey, &idx, pubKey,
+                           decoded->pubKeySize) < 0) {
+        WOLFSSL_MSG("ASN RSA key decode error");
+        wc_FreeRsaKey(pubKey);
+        FreeDecodedCert(decoded);
+#ifdef WOLFSSL_SMALL_STACK
+        XFREE(pubKey,      NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        XFREE(serial,      NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        XFREE(keyAlgArray, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        XFREE(decoded,     NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+        return PUBLIC_KEY_E;
+    }
+
+    *keyEncSz = wc_RsaPublicEncrypt(contentKeyPlain, blockKeySz, contentKeyEnc,
+                                 MAX_ENCRYPTED_KEY_SZ, pubKey, rng);
+    wc_FreeRsaKey(pubKey);
+
+#ifdef WOLFSSL_SMALL_STACK
+    XFREE(pubKey, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+
+    if (*keyEncSz < 0) {
+        WOLFSSL_MSG("RSA Public Encrypt failed");
+        FreeDecodedCert(decoded);
+#ifdef WOLFSSL_SMALL_STACK
+        XFREE(serial,      NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        XFREE(keyAlgArray, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        XFREE(decoded,     NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+        return *keyEncSz;
+    }
+
+    encKeyOctetStrSz = SetOctetString(*keyEncSz, encKeyOctetStr);
+
+    /* RecipientInfo */
+    recipSeqSz = SetSequence(verSz + issuerSerialSeqSz + issuerSeqSz +
+                             issuerSz + snSz + keyEncAlgSz + encKeyOctetStrSz +
+                             *keyEncSz, recipSeq);
+
+    if (recipSeqSz + verSz + issuerSerialSeqSz + issuerSeqSz + snSz +
+        keyEncAlgSz + encKeyOctetStrSz + *keyEncSz > (int)outSz) {
+        WOLFSSL_MSG("RecipientInfo output buffer too small");
+        FreeDecodedCert(decoded);
+#ifdef WOLFSSL_SMALL_STACK
+        XFREE(serial,      NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        XFREE(keyAlgArray, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        XFREE(decoded,     NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+        return BUFFER_E;
+    }
+
+    XMEMCPY(out + totalSz, recipSeq, recipSeqSz);
+    totalSz += recipSeqSz;
+    XMEMCPY(out + totalSz, ver, verSz);
+    totalSz += verSz;
+    XMEMCPY(out + totalSz, issuerSerialSeq, issuerSerialSeqSz);
+    totalSz += issuerSerialSeqSz;
+    XMEMCPY(out + totalSz, issuerSeq, issuerSeqSz);
+    totalSz += issuerSeqSz;
+    XMEMCPY(out + totalSz, decoded->issuerRaw, issuerSz);
+    totalSz += issuerSz;
+    XMEMCPY(out + totalSz, serial, snSz);
+    totalSz += snSz;
+    XMEMCPY(out + totalSz, keyAlgArray, keyEncAlgSz);
+    totalSz += keyEncAlgSz;
+    XMEMCPY(out + totalSz, encKeyOctetStr, encKeyOctetStrSz);
+    totalSz += encKeyOctetStrSz;
+    XMEMCPY(out + totalSz, contentKeyEnc, *keyEncSz);
+    totalSz += *keyEncSz;
+
+    FreeDecodedCert(decoded);
+
+#ifdef WOLFSSL_SMALL_STACK
+    XFREE(serial,      NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    XFREE(keyAlgArray, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    XFREE(decoded,     NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+
+    return totalSz;
+}
+
+
+/* build PKCS#7 envelopedData content type, return enveloped size */
+int wc_PKCS7_EncodeEnvelopedData(PKCS7* pkcs7, byte* output, word32 outputSz)
+{
+    int i, ret = 0, idx = 0;
+    int totalSz = 0, padSz = 0, desOutSz = 0;
+
+    int contentInfoSeqSz, outerContentTypeSz, outerContentSz;
+    byte contentInfoSeq[MAX_SEQ_SZ];
+    byte outerContentType[MAX_ALGO_SZ];
+    byte outerContent[MAX_SEQ_SZ];
+
+    int envDataSeqSz, verSz;
+    byte envDataSeq[MAX_SEQ_SZ];
+    byte ver[MAX_VERSION_SZ];
+
+    RNG rng;
+    int contentKeyEncSz, blockKeySz;
+    int dynamicFlag = 0;
+    byte contentKeyPlain[MAX_CONTENT_KEY_LEN];
+#ifdef WOLFSSL_SMALL_STACK
+    byte* contentKeyEnc;
+#else
+    byte contentKeyEnc[MAX_ENCRYPTED_KEY_SZ];
+#endif
+    byte* plain;
+    byte* encryptedContent;
+
+    int recipSz, recipSetSz;
+#ifdef WOLFSSL_SMALL_STACK
+    byte* recip;
+#else
+    byte recip[MAX_RECIP_SZ];
+#endif
+    byte recipSet[MAX_SET_SZ];
+
+    int encContentOctetSz, encContentSeqSz, contentTypeSz;
+    int contentEncAlgoSz, ivOctetStringSz;
+    byte encContentSeq[MAX_SEQ_SZ];
+    byte contentType[MAX_ALGO_SZ];
+    byte contentEncAlgo[MAX_ALGO_SZ];
+    byte tmpIv[DES_BLOCK_SIZE];
+    byte ivOctetString[MAX_OCTET_STR_SZ];
+    byte encContentOctet[MAX_OCTET_STR_SZ];
+
+    if (pkcs7 == NULL || pkcs7->content == NULL || pkcs7->contentSz == 0 ||
+        pkcs7->encryptOID == 0 || pkcs7->singleCert == NULL)
+        return BAD_FUNC_ARG;
+
+    if (output == NULL || outputSz == 0)
+        return BAD_FUNC_ARG;
+
+    /* PKCS#7 only supports DES, 3DES for now */
+    switch (pkcs7->encryptOID) {
+        case DESb:
+            blockKeySz = DES_KEYLEN;
+            break;
+
+        case DES3b:
+            blockKeySz = DES3_KEYLEN;
+            break;
+
+        default:
+            WOLFSSL_MSG("Unsupported content cipher type");
+            return ALGO_ID_E;
+    };
+
+    /* outer content type */
+    outerContentTypeSz = wc_SetContentType(ENVELOPED_DATA, outerContentType);
+
+    /* version, defined as 0 in RFC 2315 */
+    verSz = SetMyVersion(0, ver, 0);
+
+    /* generate random content encryption key */
+    ret = wc_InitRng(&rng);
+    if (ret != 0)
+        return ret;
+
+    ret = wc_RNG_GenerateBlock(&rng, contentKeyPlain, blockKeySz);
+    if (ret != 0)
+        return ret;
+    
+#ifdef WOLFSSL_SMALL_STACK
+    recip         = (byte*)XMALLOC(MAX_RECIP_SZ, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    contentKeyEnc = (byte*)XMALLOC(MAX_ENCRYPTED_KEY_SZ, NULL, 
+                                                       DYNAMIC_TYPE_TMP_BUFFER);
+    if (contentKeyEnc == NULL || recip == NULL) {
+        if (recip)         XFREE(recip,         NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        if (contentKeyEnc) XFREE(contentKeyEnc, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        return MEMORY_E;
+    }
+    
+#endif
+
+    /* build RecipientInfo, only handle 1 for now */
+    recipSz = wc_CreateRecipientInfo(pkcs7->singleCert, pkcs7->singleCertSz, RSAk,
+                                  blockKeySz, &rng, contentKeyPlain,
+                                  contentKeyEnc, &contentKeyEncSz, recip,
+                                  MAX_RECIP_SZ);
+                                                                      
+    ForceZero(contentKeyEnc, MAX_ENCRYPTED_KEY_SZ);
+    
+#ifdef WOLFSSL_SMALL_STACK
+    XFREE(contentKeyEnc, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+
+    if (recipSz < 0) {
+        WOLFSSL_MSG("Failed to create RecipientInfo");
+#ifdef WOLFSSL_SMALL_STACK
+        XFREE(recip, NULL, DYNAMMIC_TYPE_TMP_BUFFER);
+#endif
+        return recipSz;
+    }
+    recipSetSz = SetSet(recipSz, recipSet);
+
+    /* generate IV for block cipher */
+    ret = wc_RNG_GenerateBlock(&rng, tmpIv, DES_BLOCK_SIZE);
+    if (ret != 0) {
+#ifdef WOLFSSL_SMALL_STACK
+        XFREE(recip, NULL, DYNAMMIC_TYPE_TMP_BUFFER);
+#endif
+        return ret;
+    }
+
+    /* EncryptedContentInfo */
+    contentTypeSz = wc_SetContentType(pkcs7->contentOID, contentType);
+    if (contentTypeSz == 0) {
+#ifdef WOLFSSL_SMALL_STACK
+        XFREE(recip, NULL, DYNAMMIC_TYPE_TMP_BUFFER);
+#endif
+        return BAD_FUNC_ARG;
+    }
+
+    /* allocate encrypted content buffer, pad if necessary, PKCS#7 padding */
+    padSz = DES_BLOCK_SIZE - (pkcs7->contentSz % DES_BLOCK_SIZE);
+    desOutSz = pkcs7->contentSz + padSz;
+
+    if (padSz != 0) {
+        plain = (byte*)XMALLOC(desOutSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        if (plain == NULL) {
+#ifdef WOLFSSL_SMALL_STACK
+            XFREE(recip, NULL, DYNAMMIC_TYPE_TMP_BUFFER);
+#endif
+            return MEMORY_E;
+        }
+        XMEMCPY(plain, pkcs7->content, pkcs7->contentSz);
+        dynamicFlag = 1;
+
+        for (i = 0; i < padSz; i++) {
+            plain[pkcs7->contentSz + i] = padSz;
+        }
+
+    } else {
+        plain = pkcs7->content;
+        desOutSz = pkcs7->contentSz;
+    }
+
+    encryptedContent = (byte*)XMALLOC(desOutSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    if (encryptedContent == NULL) {
+        if (dynamicFlag)
+            XFREE(plain, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#ifdef WOLFSSL_SMALL_STACK
+        XFREE(recip, NULL, DYNAMMIC_TYPE_TMP_BUFFER);
+#endif
+        return MEMORY_E;
+    }
+
+    /* put together IV OCTET STRING */
+    ivOctetStringSz = SetOctetString(DES_BLOCK_SIZE, ivOctetString);
+
+    /* build up our ContentEncryptionAlgorithmIdentifier sequence,
+     * adding (ivOctetStringSz + DES_BLOCK_SIZE) for IV OCTET STRING */
+    contentEncAlgoSz = SetAlgoID(pkcs7->encryptOID, contentEncAlgo,
+                                 blkType, ivOctetStringSz + DES_BLOCK_SIZE);
+
+    if (contentEncAlgoSz == 0) {
+        XFREE(encryptedContent, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        if (dynamicFlag)
+            XFREE(plain, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#ifdef WOLFSSL_SMALL_STACK
+        XFREE(recip, NULL, DYNAMMIC_TYPE_TMP_BUFFER);
+#endif
+        return BAD_FUNC_ARG;
+    }
+
+    /* encrypt content */
+    if (pkcs7->encryptOID == DESb) {
+        Des des;
+
+        ret = wc_Des_SetKey(&des, contentKeyPlain, tmpIv, DES_ENCRYPTION);
+
+        if (ret == 0)
+            wc_Des_CbcEncrypt(&des, encryptedContent, plain, desOutSz);
+
+        if (ret != 0) {
+            XFREE(encryptedContent, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+            if (dynamicFlag)
+                XFREE(plain, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#ifdef WOLFSSL_SMALL_STACK
+            XFREE(recip, NULL, DYNAMMIC_TYPE_TMP_BUFFER);
+#endif
+            return ret;
+        }
+    }
+    else if (pkcs7->encryptOID == DES3b) {
+        Des3 des3;
+
+        ret = wc_Des3_SetKey(&des3, contentKeyPlain, tmpIv, DES_ENCRYPTION);
+
+        if (ret == 0)
+            ret = wc_Des3_CbcEncrypt(&des3, encryptedContent, plain, desOutSz);
+
+        if (ret != 0) {
+            XFREE(encryptedContent, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+            if (dynamicFlag)
+                XFREE(plain, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#ifdef WOLFSSL_SMALL_STACK
+            XFREE(recip, NULL, DYNAMMIC_TYPE_TMP_BUFFER);
+#endif
+            return ret;
+        }
+    }
+
+    encContentOctetSz = SetImplicit(ASN_OCTET_STRING, 0,
+                                    desOutSz, encContentOctet);
+
+    encContentSeqSz = SetSequence(contentTypeSz + contentEncAlgoSz +
+                                  ivOctetStringSz + DES_BLOCK_SIZE +
+                                  encContentOctetSz + desOutSz, encContentSeq);
+
+    /* keep track of sizes for outer wrapper layering */
+    totalSz = verSz + recipSetSz + recipSz + encContentSeqSz + contentTypeSz +
+              contentEncAlgoSz + ivOctetStringSz + DES_BLOCK_SIZE +
+              encContentOctetSz + desOutSz;
+
+    /* EnvelopedData */
+    envDataSeqSz = SetSequence(totalSz, envDataSeq);
+    totalSz += envDataSeqSz;
+
+    /* outer content */
+    outerContentSz = SetExplicit(0, totalSz, outerContent);
+    totalSz += outerContentTypeSz;
+    totalSz += outerContentSz;
+
+    /* ContentInfo */
+    contentInfoSeqSz = SetSequence(totalSz, contentInfoSeq);
+    totalSz += contentInfoSeqSz;
+
+    if (totalSz > (int)outputSz) {
+        WOLFSSL_MSG("Pkcs7_encrypt output buffer too small");
+        XFREE(encryptedContent, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        if (dynamicFlag)
+            XFREE(plain, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#ifdef WOLFSSL_SMALL_STACK
+        XFREE(recip, NULL, DYNAMMIC_TYPE_TMP_BUFFER);
+#endif
+        return BUFFER_E;
+    }
+
+    XMEMCPY(output + idx, contentInfoSeq, contentInfoSeqSz);
+    idx += contentInfoSeqSz;
+    XMEMCPY(output + idx, outerContentType, outerContentTypeSz);
+    idx += outerContentTypeSz;
+    XMEMCPY(output + idx, outerContent, outerContentSz);
+    idx += outerContentSz;
+    XMEMCPY(output + idx, envDataSeq, envDataSeqSz);
+    idx += envDataSeqSz;
+    XMEMCPY(output + idx, ver, verSz);
+    idx += verSz;
+    XMEMCPY(output + idx, recipSet, recipSetSz);
+    idx += recipSetSz;
+    XMEMCPY(output + idx, recip, recipSz);
+    idx += recipSz;
+    XMEMCPY(output + idx, encContentSeq, encContentSeqSz);
+    idx += encContentSeqSz;
+    XMEMCPY(output + idx, contentType, contentTypeSz);
+    idx += contentTypeSz;
+    XMEMCPY(output + idx, contentEncAlgo, contentEncAlgoSz);
+    idx += contentEncAlgoSz;
+    XMEMCPY(output + idx, ivOctetString, ivOctetStringSz);
+    idx += ivOctetStringSz;
+    XMEMCPY(output + idx, tmpIv, DES_BLOCK_SIZE);
+    idx += DES_BLOCK_SIZE;
+    XMEMCPY(output + idx, encContentOctet, encContentOctetSz);
+    idx += encContentOctetSz;
+    XMEMCPY(output + idx, encryptedContent, desOutSz);
+    idx += desOutSz;
+
+#if defined(HAVE_HASHDRBG) || defined(NO_RC4)
+    wc_FreeRng(&rng);
+#endif
+
+    ForceZero(contentKeyPlain, MAX_CONTENT_KEY_LEN);
+
+    if (dynamicFlag)
+        XFREE(plain, NULL, DYNAMMIC_TYPE_TMP_BUFFER);
+    XFREE(encryptedContent, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    
+#ifdef WOLFSSL_SMALL_STACK
+    XFREE(recip, NULL, DYNAMMIC_TYPE_TMP_BUFFER);
+#endif
+
+    return idx;
+}
+
+/* unwrap and decrypt PKCS#7 envelopedData object, return decoded size */
+WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(PKCS7* pkcs7, byte* pkiMsg,
+                                         word32 pkiMsgSz, byte* output,
+                                         word32 outputSz)
+{
+    int recipFound = 0;
+    int ret, version, length;
+    word32 savedIdx = 0, idx = 0;
+    word32 contentType, encOID;
+    byte   issuerHash[SHA_DIGEST_SIZE];
+
+    int encryptedKeySz, keySz;
+    byte tmpIv[DES_BLOCK_SIZE];
+    byte* decryptedKey = NULL;
+
+#ifdef WOLFSSL_SMALL_STACK
+    mp_int* serialNum;
+    byte* encryptedKey;
+    RsaKey* privKey;
+#else
+    mp_int stack_serialNum;
+    mp_int* serialNum = &stack_serialNum;
+    byte encryptedKey[MAX_ENCRYPTED_KEY_SZ];
+    
+    RsaKey stack_privKey;
+    RsaKey* privKey = &stack_privKey;
+#endif
+    int encryptedContentSz;
+    byte padLen;
+    byte* encryptedContent = NULL;
+
+    if (pkcs7 == NULL || pkcs7->singleCert == NULL ||
+        pkcs7->singleCertSz == 0 || pkcs7->privateKey == NULL ||
+        pkcs7->privateKeySz == 0)
+        return BAD_FUNC_ARG;
+
+    if (pkiMsg == NULL || pkiMsgSz == 0 ||
+        output == NULL || outputSz == 0)
+        return BAD_FUNC_ARG;
+
+    /* read past ContentInfo, verify type is envelopedData */
+    if (GetSequence(pkiMsg, &idx, &length, pkiMsgSz) < 0)
+        return ASN_PARSE_E;
+
+    if (wc_GetContentType(pkiMsg, &idx, &contentType, pkiMsgSz) < 0)
+        return ASN_PARSE_E;
+
+    if (contentType != ENVELOPED_DATA) {
+        WOLFSSL_MSG("PKCS#7 input not of type EnvelopedData");
+        return PKCS7_OID_E;
+    }
+
+    if (pkiMsg[idx++] != (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 0))
+        return ASN_PARSE_E;
+
+    if (GetLength(pkiMsg, &idx, &length, pkiMsgSz) < 0)
+        return ASN_PARSE_E;
+
+    /* remove EnvelopedData and version */
+    if (GetSequence(pkiMsg, &idx, &length, pkiMsgSz) < 0)
+        return ASN_PARSE_E;
+
+    if (GetMyVersion(pkiMsg, &idx, &version) < 0)
+        return ASN_PARSE_E;
+
+    if (version != 0) {
+        WOLFSSL_MSG("PKCS#7 envelopedData needs to be of version 0");
+        return ASN_VERSION_E;
+    }
+
+    /* walk through RecipientInfo set, find correct recipient */
+    if (GetSet(pkiMsg, &idx, &length, pkiMsgSz) < 0)
+        return ASN_PARSE_E;
+    
+#ifdef WOLFSSL_SMALL_STACK
+    encryptedKey = (byte*)XMALLOC(MAX_ENCRYPTED_KEY_SZ, NULL,
+                                                       DYNAMIC_TYPE_TMP_BUFFER);
+    if (encryptedKey == NULL)
+        return MEMORY_E;
+#endif
+    
+    savedIdx = idx;
+    recipFound = 0;
+
+    /* when looking for next recipient, use first sequence and version to
+     * indicate there is another, if not, move on */
+    while(recipFound == 0) {
+
+        /* remove RecipientInfo, if we don't have a SEQUENCE, back up idx to
+         * last good saved one */
+        if (GetSequence(pkiMsg, &idx, &length, pkiMsgSz) < 0) {
+            idx = savedIdx;
+            break;
+        }
+
+        if (GetMyVersion(pkiMsg, &idx, &version) < 0) {
+            idx = savedIdx;
+            break;
+        }
+
+        if (version != 0) {
+#ifdef WOLFSSL_SMALL_STACK
+            XFREE(encryptedKey, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+            return ASN_VERSION_E;
+        }
+        
+        /* remove IssuerAndSerialNumber */
+        if (GetSequence(pkiMsg, &idx, &length, pkiMsgSz) < 0) {
+#ifdef WOLFSSL_SMALL_STACK
+            XFREE(encryptedKey, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+            return ASN_PARSE_E;
+        }
+        
+        if (GetNameHash(pkiMsg, &idx, issuerHash, pkiMsgSz) < 0) {
+#ifdef WOLFSSL_SMALL_STACK
+            XFREE(encryptedKey, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+            return ASN_PARSE_E;
+        }
+        
+        /* if we found correct recipient, issuer hashes will match */
+        if (XMEMCMP(issuerHash, pkcs7->issuerHash, SHA_DIGEST_SIZE) == 0) {
+            recipFound = 1;
+        }
+        
+#ifdef WOLFSSL_SMALL_STACK
+        serialNum = (mp_int*)XMALLOC(sizeof(mp_int), NULL,
+                                                       DYNAMIC_TYPE_TMP_BUFFER);
+        if (serialNum == NULL) {
+            XFREE(encryptedKey, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+            return MEMORY_E;
+        }
+#endif
+        
+        if (GetInt(serialNum, pkiMsg, &idx, pkiMsgSz) < 0) {
+#ifdef WOLFSSL_SMALL_STACK
+            XFREE(encryptedKey, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+            XFREE(serialNum,    NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+            return ASN_PARSE_E;
+        }
+        
+        mp_clear(serialNum);
+        
+#ifdef WOLFSSL_SMALL_STACK
+        XFREE(serialNum, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+        
+        if (GetAlgoId(pkiMsg, &idx, &encOID, pkiMsgSz) < 0) {
+#ifdef WOLFSSL_SMALL_STACK
+            XFREE(encryptedKey, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+            return ASN_PARSE_E;
+        }
+        
+        /* key encryption algorithm must be RSA for now */
+        if (encOID != RSAk) {
+#ifdef WOLFSSL_SMALL_STACK
+            XFREE(encryptedKey, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+            return ALGO_ID_E;
+        }
+        
+        /* read encryptedKey */
+        if (pkiMsg[idx++] != ASN_OCTET_STRING) {
+#ifdef WOLFSSL_SMALL_STACK
+            XFREE(encryptedKey, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+            return ASN_PARSE_E;
+        }
+        
+        if (GetLength(pkiMsg, &idx, &encryptedKeySz, pkiMsgSz) < 0) {
+#ifdef WOLFSSL_SMALL_STACK
+            XFREE(encryptedKey, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+            return ASN_PARSE_E;
+        }
+          
+        if (recipFound == 1)
+            XMEMCPY(encryptedKey, &pkiMsg[idx], encryptedKeySz);
+        idx += encryptedKeySz;
+
+        /* update good idx */
+        savedIdx = idx;
+    }
+
+    if (recipFound == 0) {
+        WOLFSSL_MSG("No recipient found in envelopedData that matches input");
+#ifdef WOLFSSL_SMALL_STACK
+        XFREE(encryptedKey, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+        return PKCS7_RECIP_E;
+    }
+
+    /* remove EncryptedContentInfo */
+    if (GetSequence(pkiMsg, &idx, &length, pkiMsgSz) < 0) {
+#ifdef WOLFSSL_SMALL_STACK
+        XFREE(encryptedKey, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+        return ASN_PARSE_E;
+    }
+    
+    if (wc_GetContentType(pkiMsg, &idx, &contentType, pkiMsgSz) < 0) {
+#ifdef WOLFSSL_SMALL_STACK
+        XFREE(encryptedKey, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+        return ASN_PARSE_E;
+    }
+
+    if (GetAlgoId(pkiMsg, &idx, &encOID, pkiMsgSz) < 0) {
+#ifdef WOLFSSL_SMALL_STACK
+        XFREE(encryptedKey, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+        return ASN_PARSE_E;
+    }
+    
+    /* get block cipher IV, stored in OPTIONAL parameter of AlgoID */
+    if (pkiMsg[idx++] != ASN_OCTET_STRING) {
+#ifdef WOLFSSL_SMALL_STACK
+        XFREE(encryptedKey, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+        return ASN_PARSE_E;
+    }
+    
+    if (GetLength(pkiMsg, &idx, &length, pkiMsgSz) < 0) {
+#ifdef WOLFSSL_SMALL_STACK
+        XFREE(encryptedKey, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+        return ASN_PARSE_E;
+    }
+    
+    if (length != DES_BLOCK_SIZE) {
+        WOLFSSL_MSG("Incorrect IV length, must be of DES_BLOCK_SIZE");
+#ifdef WOLFSSL_SMALL_STACK
+        XFREE(encryptedKey, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+        return ASN_PARSE_E;
+    }
+
+    XMEMCPY(tmpIv, &pkiMsg[idx], length);
+    idx += length;
+
+    /* read encryptedContent, cont[0] */
+    if (pkiMsg[idx++] != (ASN_CONTEXT_SPECIFIC | 0)) {
+#ifdef WOLFSSL_SMALL_STACK
+        XFREE(encryptedKey, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+        return ASN_PARSE_E;
+    }
+
+    if (GetLength(pkiMsg, &idx, &encryptedContentSz, pkiMsgSz) < 0) {
+#ifdef WOLFSSL_SMALL_STACK
+        XFREE(encryptedKey, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+        return ASN_PARSE_E;
+    }
+    
+    encryptedContent = (byte*)XMALLOC(encryptedContentSz, NULL,
+                                                       DYNAMIC_TYPE_TMP_BUFFER);
+    if (encryptedContent == NULL) {
+#ifdef WOLFSSL_SMALL_STACK
+        XFREE(encryptedKey, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+        return MEMORY_E;
+    }
+
+    XMEMCPY(encryptedContent, &pkiMsg[idx], encryptedContentSz);
+
+    /* load private key */
+#ifdef WOLFSSL_SMALL_STACK
+    privKey = (RsaKey*)XMALLOC(sizeof(RsaKey), NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    if (privKey == NULL) {
+        XFREE(encryptedContent, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        XFREE(encryptedKey,     NULL, DYNAMIC_TYPE_TMP_BUFFER);        return MEMORY_E;
+    }
+#endif
+
+    ret = wc_InitRsaKey(privKey, 0);
+    if (ret != 0) {
+        XFREE(encryptedContent, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#ifdef WOLFSSL_SMALL_STACK
+        XFREE(privKey,      NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        XFREE(encryptedKey, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+        return ret;
+    }
+
+    idx = 0;
+
+    ret = wc_RsaPrivateKeyDecode(pkcs7->privateKey, &idx, privKey,
+                              pkcs7->privateKeySz);
+    if (ret != 0) {
+        WOLFSSL_MSG("Failed to decode RSA private key");
+        XFREE(encryptedContent, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#ifdef WOLFSSL_SMALL_STACK
+        XFREE(privKey,      NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        XFREE(encryptedKey, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+        return ret;
+    }
+
+    /* decrypt encryptedKey */
+    keySz = wc_RsaPrivateDecryptInline(encryptedKey, encryptedKeySz,
+                                    &decryptedKey, privKey);
+    wc_FreeRsaKey(privKey);
+
+#ifdef WOLFSSL_SMALL_STACK
+    XFREE(privKey, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+
+    if (keySz <= 0) {
+        XFREE(encryptedContent, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#ifdef WOLFSSL_SMALL_STACK
+        XFREE(encryptedKey, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+        return keySz;
+    }
+
+    /* decrypt encryptedContent */
+    if (encOID == DESb) {
+        Des des;
+        ret = wc_Des_SetKey(&des, decryptedKey, tmpIv, DES_DECRYPTION);
+
+        if (ret == 0)
+            wc_Des_CbcDecrypt(&des, encryptedContent, encryptedContent,
+                                 encryptedContentSz);
+
+        if (ret != 0) {
+            XFREE(encryptedContent, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#ifdef WOLFSSL_SMALL_STACK
+            XFREE(encryptedKey, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+            return ret;
+        }
+    }
+    else if (encOID == DES3b) {
+        Des3 des;
+        ret = wc_Des3_SetKey(&des, decryptedKey, tmpIv, DES_DECRYPTION);
+        if (ret == 0)
+            ret = wc_Des3_CbcDecrypt(&des, encryptedContent, encryptedContent,
+                                  encryptedContentSz);
+
+        if (ret != 0) {
+            XFREE(encryptedContent, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#ifdef WOLFSSL_SMALL_STACK
+            XFREE(encryptedKey, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+            return ret;
+        }
+    } else {
+        WOLFSSL_MSG("Unsupported content encryption OID type");
+        XFREE(encryptedContent, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#ifdef WOLFSSL_SMALL_STACK
+        XFREE(encryptedKey, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+        return ALGO_ID_E;
+    }
+
+    padLen = encryptedContent[encryptedContentSz-1];
+
+    /* copy plaintext to output */
+    XMEMCPY(output, encryptedContent, encryptedContentSz - padLen);
+
+    /* free memory, zero out keys */
+    ForceZero(encryptedKey, MAX_ENCRYPTED_KEY_SZ);
+    ForceZero(encryptedContent, encryptedContentSz);
+    XFREE(encryptedContent, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#ifdef WOLFSSL_SMALL_STACK
+    XFREE(encryptedKey, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+    
+    return encryptedContentSz - padLen;
+}
+
+
+#else  /* HAVE_PKCS7 */
+
+
+#ifdef _MSC_VER
+    /* 4206 warning for blank file */
+    #pragma warning(disable: 4206)
+#endif
+
+
+#endif /* HAVE_PKCS7 */
+
diff --git a/3P/wolfssl/wolfcrypt/src/poly1305.c b/3P/wolfssl/wolfcrypt/src/poly1305.c
new file mode 100644
index 00000000..3cc86e1b
--- /dev/null
+++ b/3P/wolfssl/wolfcrypt/src/poly1305.c
@@ -0,0 +1,554 @@
+/* poly1305.c
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ *
+ * Based off the public domain implementations by Andrew Moon 
+ * and Daniel J. Bernstein
+ */
+
+#ifdef HAVE_CONFIG_H
+    #include 
+#endif
+
+#include 
+
+#ifdef HAVE_POLY1305
+#include 
+#include 
+#include 
+#ifdef NO_INLINE
+    #include 
+#else
+    #include 
+#endif
+#ifdef CHACHA_AEAD_TEST
+    #include 
+#endif
+
+#ifdef _MSC_VER
+    /* 4127 warning constant while(1)  */
+    #pragma warning(disable: 4127)
+#endif
+
+#if defined(POLY130564)
+	
+	#if defined(_MSC_VER)
+		#define POLY1305_NOINLINE __declspec(noinline)
+	#elif defined(__GNUC__)
+		#define POLY1305_NOINLINE __attribute__((noinline))
+	#else
+		#define POLY1305_NOINLINE
+	#endif
+	
+	#if defined(_MSC_VER)
+	    #include 
+		
+	    typedef struct word128 {
+			word64 lo;
+			word64 hi;
+		} word128;
+	
+		#define MUL(out, x, y) out.lo = _umul128((x), (y), &out.hi)
+		#define ADD(out, in) { word64 t = out.lo; out.lo += in.lo;
+	                           out.hi += (out.lo < t) + in.hi; }
+		#define ADDLO(out, in) { word64 t = out.lo; out.lo += in;
+	                             out.hi += (out.lo < t); }
+		#define SHR(in, shift) (__shiftright128(in.lo, in.hi, (shift)))
+		#define LO(in) (in.lo)
+	
+	#elif defined(__GNUC__)
+		#if defined(__SIZEOF_INT128__)
+			typedef unsigned __int128 word128;
+		#else
+			typedef unsigned word128 __attribute__((mode(TI)));
+		#endif
+	
+		#define MUL(out, x, y) out = ((word128)x * y)
+		#define ADD(out, in) out += in
+		#define ADDLO(out, in) out += in
+		#define SHR(in, shift) (word64)(in >> (shift))
+		#define LO(in) (word64)(in)
+	#endif
+	
+	static word64 U8TO64(const byte* p) {
+		return
+			(((word64)(p[0] & 0xff)      ) |
+		     ((word64)(p[1] & 0xff) <<  8) |
+	         ((word64)(p[2] & 0xff) << 16) |
+	         ((word64)(p[3] & 0xff) << 24) |
+			 ((word64)(p[4] & 0xff) << 32) |
+			 ((word64)(p[5] & 0xff) << 40) |
+			 ((word64)(p[6] & 0xff) << 48) |
+			 ((word64)(p[7] & 0xff) << 56));
+	}
+	
+	static void U64TO8(byte* p, word64 v) {
+		p[0] = (v      ) & 0xff;
+		p[1] = (v >>  8) & 0xff;
+		p[2] = (v >> 16) & 0xff;
+		p[3] = (v >> 24) & 0xff;
+		p[4] = (v >> 32) & 0xff;
+		p[5] = (v >> 40) & 0xff;
+		p[6] = (v >> 48) & 0xff;
+		p[7] = (v >> 56) & 0xff;
+	}
+
+#else /* if not 64 bit then use 32 bit */
+	
+	static word32 U8TO32(const byte *p) {
+		return
+			(((word32)(p[0] & 0xff)      ) |
+		     ((word32)(p[1] & 0xff) <<  8) |
+	         ((word32)(p[2] & 0xff) << 16) |
+	         ((word32)(p[3] & 0xff) << 24));
+	}
+	
+	static void U32TO8(byte *p, word32 v) {
+		p[0] = (v      ) & 0xff;
+		p[1] = (v >>  8) & 0xff;
+		p[2] = (v >> 16) & 0xff;
+		p[3] = (v >> 24) & 0xff;
+	}
+#endif
+
+static void poly1305_blocks(Poly1305* ctx, const unsigned char *m,
+                            size_t bytes) {
+
+#ifdef POLY130564
+
+	const word64 hibit = (ctx->final) ? 0 : ((word64)1 << 40); /* 1 << 128 */
+	word64 r0,r1,r2;
+	word64 s1,s2;
+	word64 h0,h1,h2;
+	word64 c;
+	word128 d0,d1,d2,d;
+
+#else
+
+    const word32 hibit = (ctx->final) ? 0 : (1 << 24); /* 1 << 128 */
+	word32 r0,r1,r2,r3,r4;
+	word32 s1,s2,s3,s4;
+	word32 h0,h1,h2,h3,h4;
+	word64 d0,d1,d2,d3,d4;
+	word32 c;
+
+#endif
+
+#ifdef POLY130564
+
+    r0 = ctx->r[0];
+	r1 = ctx->r[1];
+	r2 = ctx->r[2];
+
+	h0 = ctx->h[0];
+	h1 = ctx->h[1];
+	h2 = ctx->h[2];
+
+	s1 = r1 * (5 << 2);
+	s2 = r2 * (5 << 2);
+
+	while (bytes >= POLY1305_BLOCK_SIZE) {
+		word64 t0,t1;
+
+		/* h += m[i] */
+		t0 = U8TO64(&m[0]);
+		t1 = U8TO64(&m[8]);
+
+		h0 += (( t0                    ) & 0xfffffffffff);
+		h1 += (((t0 >> 44) | (t1 << 20)) & 0xfffffffffff);
+		h2 += (((t1 >> 24)             ) & 0x3ffffffffff) | hibit;
+
+		/* h *= r */
+		MUL(d0, h0, r0); MUL(d, h1, s2); ADD(d0, d); MUL(d, h2, s1); ADD(d0, d);
+		MUL(d1, h0, r1); MUL(d, h1, r0); ADD(d1, d); MUL(d, h2, s2); ADD(d1, d);
+		MUL(d2, h0, r2); MUL(d, h1, r1); ADD(d2, d); MUL(d, h2, r0); ADD(d2, d);
+
+		/* (partial) h %= p */
+		              c = SHR(d0, 44); h0 = LO(d0) & 0xfffffffffff;
+		ADDLO(d1, c); c = SHR(d1, 44); h1 = LO(d1) & 0xfffffffffff;
+		ADDLO(d2, c); c = SHR(d2, 42); h2 = LO(d2) & 0x3ffffffffff;
+		h0  += c * 5; c = (h0 >> 44);  h0 =    h0  & 0xfffffffffff;
+		h1  += c;
+
+		m += POLY1305_BLOCK_SIZE;
+		bytes -= POLY1305_BLOCK_SIZE;
+	}
+
+	ctx->h[0] = h0;
+	ctx->h[1] = h1;
+	ctx->h[2] = h2;
+
+#else /* if not 64 bit then use 32 bit */
+   
+	r0 = ctx->r[0];
+	r1 = ctx->r[1];
+	r2 = ctx->r[2];
+	r3 = ctx->r[3];
+	r4 = ctx->r[4];
+
+	s1 = r1 * 5;
+	s2 = r2 * 5;
+	s3 = r3 * 5;
+	s4 = r4 * 5;
+
+	h0 = ctx->h[0];
+	h1 = ctx->h[1];
+	h2 = ctx->h[2];
+	h3 = ctx->h[3];
+	h4 = ctx->h[4];
+
+	while (bytes >= POLY1305_BLOCK_SIZE) {
+		/* h += m[i] */
+		h0 += (U8TO32(m+ 0)     ) & 0x3ffffff;
+		h1 += (U8TO32(m+ 3) >> 2) & 0x3ffffff;
+		h2 += (U8TO32(m+ 6) >> 4) & 0x3ffffff;
+		h3 += (U8TO32(m+ 9) >> 6) & 0x3ffffff;
+		h4 += (U8TO32(m+12) >> 8) | hibit;
+
+		/* h *= r */
+		d0 = ((word64)h0 * r0) + ((word64)h1 * s4) + ((word64)h2 * s3) +
+             ((word64)h3 * s2) + ((word64)h4 * s1);
+		d1 = ((word64)h0 * r1) + ((word64)h1 * r0) + ((word64)h2 * s4) +
+             ((word64)h3 * s3) + ((word64)h4 * s2);
+		d2 = ((word64)h0 * r2) + ((word64)h1 * r1) + ((word64)h2 * r0) +
+             ((word64)h3 * s4) + ((word64)h4 * s3);
+		d3 = ((word64)h0 * r3) + ((word64)h1 * r2) + ((word64)h2 * r1) +
+             ((word64)h3 * r0) + ((word64)h4 * s4);
+		d4 = ((word64)h0 * r4) + ((word64)h1 * r3) + ((word64)h2 * r2) +
+             ((word64)h3 * r1) + ((word64)h4 * r0);
+
+		/* (partial) h %= p */
+		              c = (word32)(d0 >> 26); h0 = (word32)d0 & 0x3ffffff;
+		d1 += c;      c = (word32)(d1 >> 26); h1 = (word32)d1 & 0x3ffffff;
+		d2 += c;      c = (word32)(d2 >> 26); h2 = (word32)d2 & 0x3ffffff;
+		d3 += c;      c = (word32)(d3 >> 26); h3 = (word32)d3 & 0x3ffffff;
+		d4 += c;      c = (word32)(d4 >> 26); h4 = (word32)d4 & 0x3ffffff;
+		h0 += c * 5;  c =  (h0 >> 26); h0 =                h0 & 0x3ffffff;
+		h1 += c;
+
+		m += POLY1305_BLOCK_SIZE;
+		bytes -= POLY1305_BLOCK_SIZE;
+	}
+
+	ctx->h[0] = h0;
+	ctx->h[1] = h1;
+	ctx->h[2] = h2;
+	ctx->h[3] = h3;
+	ctx->h[4] = h4;
+
+#endif /* end of 64 bit cpu blocks or 32 bit cpu */
+}
+
+
+int wc_Poly1305SetKey(Poly1305* ctx, const byte* key, word32 keySz) {
+
+#if defined(POLY130564)
+    word64 t0,t1;
+#endif
+
+#ifdef CHACHA_AEAD_TEST
+    word32 k;
+    printf("Poly key used:\n");
+    for (k = 0; k < keySz; k++) {
+        printf("%02x", key[k]);
+        if ((k+1) % 8 == 0)
+            printf("\n");
+    }
+	printf("\n");
+#endif
+
+    if (keySz != 32 || ctx == NULL)
+        return BAD_FUNC_ARG;
+
+#if defined(POLY130564)
+
+	/* r &= 0xffffffc0ffffffc0ffffffc0fffffff */
+	t0 = U8TO64(key + 0);
+	t1 = U8TO64(key + 8);
+
+	ctx->r[0] = ( t0                    ) & 0xffc0fffffff;
+	ctx->r[1] = ((t0 >> 44) | (t1 << 20)) & 0xfffffc0ffff;
+	ctx->r[2] = ((t1 >> 24)             ) & 0x00ffffffc0f;
+
+	/* h (accumulator) = 0 */
+	ctx->h[0] = 0;
+	ctx->h[1] = 0;
+	ctx->h[2] = 0;
+
+	/* save pad for later */
+	ctx->pad[0] = U8TO64(key + 16);
+	ctx->pad[1] = U8TO64(key + 24);
+
+#else /* if not 64 bit then use 32 bit */
+	
+    /* r &= 0xffffffc0ffffffc0ffffffc0fffffff */
+	ctx->r[0] = (U8TO32(key +  0)     ) & 0x3ffffff;
+	ctx->r[1] = (U8TO32(key +  3) >> 2) & 0x3ffff03;
+	ctx->r[2] = (U8TO32(key +  6) >> 4) & 0x3ffc0ff;
+	ctx->r[3] = (U8TO32(key +  9) >> 6) & 0x3f03fff;
+	ctx->r[4] = (U8TO32(key + 12) >> 8) & 0x00fffff;
+
+	/* h = 0 */
+	ctx->h[0] = 0;
+	ctx->h[1] = 0;
+	ctx->h[2] = 0;
+	ctx->h[3] = 0;
+	ctx->h[4] = 0;
+
+	/* save pad for later */
+	ctx->pad[0] = U8TO32(key + 16);
+	ctx->pad[1] = U8TO32(key + 20);
+	ctx->pad[2] = U8TO32(key + 24);
+	ctx->pad[3] = U8TO32(key + 28);
+
+#endif
+
+	ctx->leftover = 0;
+	ctx->final = 0;
+
+    return 0;
+}
+
+
+int wc_Poly1305Final(Poly1305* ctx, byte* mac) {
+
+#if defined(POLY130564)
+
+    word64 h0,h1,h2,c;
+	word64 g0,g1,g2;
+	word64 t0,t1;
+
+#else
+
+    word32 h0,h1,h2,h3,h4,c;
+	word32 g0,g1,g2,g3,g4;
+	word64 f;
+	word32 mask;
+
+#endif
+
+    if (ctx == NULL)
+        return BAD_FUNC_ARG;
+
+#if defined(POLY130564)
+
+	/* process the remaining block */
+	if (ctx->leftover) {
+		size_t i = ctx->leftover;
+		ctx->buffer[i] = 1;
+		for (i = i + 1; i < POLY1305_BLOCK_SIZE; i++)
+			ctx->buffer[i] = 0;
+		ctx->final = 1;
+		poly1305_blocks(ctx, ctx->buffer, POLY1305_BLOCK_SIZE);
+	}
+
+	/* fully carry h */
+	h0 = ctx->h[0];
+	h1 = ctx->h[1];
+	h2 = ctx->h[2];
+
+	             c = (h1 >> 44); h1 &= 0xfffffffffff;
+	h2 += c;     c = (h2 >> 42); h2 &= 0x3ffffffffff;
+	h0 += c * 5; c = (h0 >> 44); h0 &= 0xfffffffffff;
+	h1 += c;	 c = (h1 >> 44); h1 &= 0xfffffffffff;
+	h2 += c;     c = (h2 >> 42); h2 &= 0x3ffffffffff;
+	h0 += c * 5; c = (h0 >> 44); h0 &= 0xfffffffffff;
+	h1 += c;
+
+	/* compute h + -p */
+	g0 = h0 + 5; c = (g0 >> 44); g0 &= 0xfffffffffff;
+	g1 = h1 + c; c = (g1 >> 44); g1 &= 0xfffffffffff;
+	g2 = h2 + c - ((word64)1 << 42);
+
+	/* select h if h < p, or h + -p if h >= p */
+	c = (g2 >> ((sizeof(word64) * 8) - 1)) - 1;
+	g0 &= c;
+	g1 &= c;
+	g2 &= c;
+	c = ~c;
+	h0 = (h0 & c) | g0;
+	h1 = (h1 & c) | g1;
+	h2 = (h2 & c) | g2;
+
+	/* h = (h + pad) */
+	t0 = ctx->pad[0];
+	t1 = ctx->pad[1];
+
+	h0 += (( t0                    ) & 0xfffffffffff)    ;
+    c = (h0 >> 44); h0 &= 0xfffffffffff;
+	h1 += (((t0 >> 44) | (t1 << 20)) & 0xfffffffffff) + c;
+    c = (h1 >> 44); h1 &= 0xfffffffffff;
+	h2 += (((t1 >> 24)             ) & 0x3ffffffffff) + c;
+    h2 &= 0x3ffffffffff;
+
+	/* mac = h % (2^128) */
+	h0 = ((h0      ) | (h1 << 44));
+	h1 = ((h1 >> 20) | (h2 << 24));
+
+	U64TO8(mac + 0, h0);
+	U64TO8(mac + 8, h1);
+
+	/* zero out the state */
+	ctx->h[0] = 0;
+	ctx->h[1] = 0;
+	ctx->h[2] = 0;
+	ctx->r[0] = 0;
+	ctx->r[1] = 0;
+	ctx->r[2] = 0;
+	ctx->pad[0] = 0;
+	ctx->pad[1] = 0;
+
+#else /* if not 64 bit then use 32 bit */
+    
+	/* process the remaining block */
+	if (ctx->leftover) {
+		size_t i = ctx->leftover;
+		ctx->buffer[i++] = 1;
+		for (; i < POLY1305_BLOCK_SIZE; i++)
+			ctx->buffer[i] = 0;
+		ctx->final = 1;
+		poly1305_blocks(ctx, ctx->buffer, POLY1305_BLOCK_SIZE);
+	}
+
+	/* fully carry h */
+	h0 = ctx->h[0];
+	h1 = ctx->h[1];
+	h2 = ctx->h[2];
+	h3 = ctx->h[3];
+	h4 = ctx->h[4];
+
+	             c = h1 >> 26; h1 = h1 & 0x3ffffff;
+	h2 +=     c; c = h2 >> 26; h2 = h2 & 0x3ffffff;
+	h3 +=     c; c = h3 >> 26; h3 = h3 & 0x3ffffff;
+	h4 +=     c; c = h4 >> 26; h4 = h4 & 0x3ffffff;
+	h0 += c * 5; c = h0 >> 26; h0 = h0 & 0x3ffffff;
+	h1 +=     c;
+
+	/* compute h + -p */
+	g0 = h0 + 5; c = g0 >> 26; g0 &= 0x3ffffff;
+	g1 = h1 + c; c = g1 >> 26; g1 &= 0x3ffffff;
+	g2 = h2 + c; c = g2 >> 26; g2 &= 0x3ffffff;
+	g3 = h3 + c; c = g3 >> 26; g3 &= 0x3ffffff;
+	g4 = h4 + c - (1 << 26);
+
+	/* select h if h < p, or h + -p if h >= p */
+	mask = (g4 >> ((sizeof(word32) * 8) - 1)) - 1;
+	g0 &= mask;
+	g1 &= mask;
+	g2 &= mask;
+	g3 &= mask;
+	g4 &= mask;
+	mask = ~mask;
+	h0 = (h0 & mask) | g0;
+	h1 = (h1 & mask) | g1;
+	h2 = (h2 & mask) | g2;
+	h3 = (h3 & mask) | g3;
+	h4 = (h4 & mask) | g4;
+
+	/* h = h % (2^128) */
+	h0 = ((h0      ) | (h1 << 26)) & 0xffffffff;
+	h1 = ((h1 >>  6) | (h2 << 20)) & 0xffffffff;
+	h2 = ((h2 >> 12) | (h3 << 14)) & 0xffffffff;
+	h3 = ((h3 >> 18) | (h4 <<  8)) & 0xffffffff;
+
+	/* mac = (h + pad) % (2^128) */
+	f = (word64)h0 + ctx->pad[0]            ; h0 = (word32)f;
+	f = (word64)h1 + ctx->pad[1] + (f >> 32); h1 = (word32)f;
+	f = (word64)h2 + ctx->pad[2] + (f >> 32); h2 = (word32)f;
+	f = (word64)h3 + ctx->pad[3] + (f >> 32); h3 = (word32)f;
+
+	U32TO8(mac + 0, h0);
+	U32TO8(mac + 4, h1);
+	U32TO8(mac + 8, h2);
+	U32TO8(mac + 12, h3);
+
+	/* zero out the state */
+	ctx->h[0] = 0;
+	ctx->h[1] = 0;
+	ctx->h[2] = 0;
+	ctx->h[3] = 0;
+	ctx->h[4] = 0;
+	ctx->r[0] = 0;
+	ctx->r[1] = 0;
+	ctx->r[2] = 0;
+	ctx->r[3] = 0;
+	ctx->r[4] = 0;
+	ctx->pad[0] = 0;
+	ctx->pad[1] = 0;
+	ctx->pad[2] = 0;
+	ctx->pad[3] = 0;
+
+#endif
+
+    return 0;
+}
+
+
+int wc_Poly1305Update(Poly1305* ctx, const byte* m, word32 bytes) {
+
+	size_t i;
+
+#ifdef CHACHA_AEAD_TEST
+    word32 k;
+    printf("Raw input to poly:\n");
+    for (k = 0; k < bytes; k++) {
+        printf("%02x", m[k]);
+        if ((k+1) % 16 == 0)
+            printf("\n");
+    }
+	printf("\n");
+#endif
+    
+    if (ctx == NULL)
+        return BAD_FUNC_ARG;
+
+	/* handle leftover */
+	if (ctx->leftover) {
+		size_t want = (POLY1305_BLOCK_SIZE - ctx->leftover);
+		if (want > bytes)
+			want = bytes;
+		for (i = 0; i < want; i++)
+			ctx->buffer[ctx->leftover + i] = m[i];
+		bytes -= want;
+		m += want;
+		ctx->leftover += want;
+		if (ctx->leftover < POLY1305_BLOCK_SIZE)
+			return 0;
+		poly1305_blocks(ctx, ctx->buffer, POLY1305_BLOCK_SIZE);
+		ctx->leftover = 0;
+	}
+
+	/* process full blocks */
+	if (bytes >= POLY1305_BLOCK_SIZE) {
+		size_t want = (bytes & ~(POLY1305_BLOCK_SIZE - 1));
+		poly1305_blocks(ctx, m, want);
+		m += want;
+		bytes -= want;
+	}
+
+	/* store leftover */
+	if (bytes) {
+		for (i = 0; i < bytes; i++)
+			ctx->buffer[ctx->leftover + i] = m[i];
+		ctx->leftover += bytes;
+	}
+    return 0;
+}
+#endif /* HAVE_POLY1305 */
+
diff --git a/3P/wolfssl/wolfcrypt/src/pwdbased.c b/3P/wolfssl/wolfcrypt/src/pwdbased.c
new file mode 100644
index 00000000..b7dbc998
--- /dev/null
+++ b/3P/wolfssl/wolfcrypt/src/pwdbased.c
@@ -0,0 +1,474 @@
+/* pwdbased.c
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+#ifdef HAVE_CONFIG_H
+    #include 
+#endif
+
+#include 
+
+#ifndef NO_PWDBASED
+
+#ifdef WOLFSSL_PIC32MZ_HASH
+
+#define wc_InitMd5   wc_InitMd5_sw
+#define wc_Md5Update wc_Md5Update_sw
+#define wc_Md5Final  wc_Md5Final_sw
+
+#define wc_InitSha   wc_InitSha_sw
+#define wc_ShaUpdate wc_ShaUpdate_sw
+#define wc_ShaFinal  wc_ShaFinal_sw
+
+#define wc_InitSha256   wc_InitSha256_sw
+#define wc_Sha256Update wc_Sha256Update_sw
+#define wc_Sha256Final  wc_Sha256Final_sw
+
+#endif
+
+#include 
+#include 
+#include 
+#include 
+#if defined(WOLFSSL_SHA512) || defined(WOLFSSL_SHA384)
+    #include 
+#endif
+
+#ifdef NO_INLINE
+    #include 
+#else
+    #include 
+#endif
+
+
+#ifndef min
+
+    static INLINE word32 min(word32 a, word32 b)
+    {
+        return a > b ? b : a;
+    }
+
+#endif /* min */
+
+
+int wc_PBKDF1(byte* output, const byte* passwd, int pLen, const byte* salt,
+           int sLen, int iterations, int kLen, int hashType)
+{
+    Md5  md5;
+    Sha  sha;
+    int  hLen = (hashType == MD5) ? (int)MD5_DIGEST_SIZE : (int)SHA_DIGEST_SIZE;
+    int  i, ret = 0;
+    byte buffer[SHA_DIGEST_SIZE];  /* max size */
+
+    if (hashType != MD5 && hashType != SHA)
+        return BAD_FUNC_ARG;
+
+    if (kLen > hLen)
+        return BAD_FUNC_ARG;
+
+    if (iterations < 1)
+        return BAD_FUNC_ARG;
+
+    if (hashType == MD5) {
+        wc_InitMd5(&md5);
+        wc_Md5Update(&md5, passwd, pLen);
+        wc_Md5Update(&md5, salt,   sLen);
+        wc_Md5Final(&md5,  buffer);
+    }
+    else {
+        ret = wc_InitSha(&sha);
+        if (ret != 0)
+            return ret;
+        wc_ShaUpdate(&sha, passwd, pLen);
+        wc_ShaUpdate(&sha, salt,   sLen);
+        wc_ShaFinal(&sha,  buffer);
+    }
+
+    for (i = 1; i < iterations; i++) {
+        if (hashType == MD5) {
+            wc_Md5Update(&md5, buffer, hLen);
+            wc_Md5Final(&md5,  buffer);
+        }
+        else {
+            wc_ShaUpdate(&sha, buffer, hLen);
+            wc_ShaFinal(&sha,  buffer);
+        }
+    }
+    XMEMCPY(output, buffer, kLen);
+
+    return 0;
+}
+
+
+int wc_PBKDF2(byte* output, const byte* passwd, int pLen, const byte* salt,
+           int sLen, int iterations, int kLen, int hashType)
+{
+    word32 i = 1;
+    int    hLen;
+    int    j, ret;
+    Hmac   hmac;
+#ifdef WOLFSSL_SMALL_STACK
+    byte*  buffer;
+#else
+    byte   buffer[MAX_DIGEST_SIZE];
+#endif
+
+    if (hashType == MD5) {
+        hLen = MD5_DIGEST_SIZE;
+    }
+    else if (hashType == SHA) {
+        hLen = SHA_DIGEST_SIZE;
+    }
+#ifndef NO_SHA256
+    else if (hashType == SHA256) {
+        hLen = SHA256_DIGEST_SIZE;
+    }
+#endif
+#ifdef WOLFSSL_SHA512
+    else if (hashType == SHA512) {
+        hLen = SHA512_DIGEST_SIZE;
+    }
+#endif
+    else
+        return BAD_FUNC_ARG;
+
+#ifdef WOLFSSL_SMALL_STACK
+    buffer = (byte*)XMALLOC(MAX_DIGEST_SIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    if (buffer == NULL)
+        return MEMORY_E;
+#endif
+
+    ret = wc_HmacSetKey(&hmac, hashType, passwd, pLen);
+
+    if (ret == 0) {
+        while (kLen) {
+            int currentLen;
+
+            ret = wc_HmacUpdate(&hmac, salt, sLen);
+            if (ret != 0)
+                break;
+
+            /* encode i */
+            for (j = 0; j < 4; j++) {
+                byte b = (byte)(i >> ((3-j) * 8));
+
+                ret = wc_HmacUpdate(&hmac, &b, 1);
+                if (ret != 0)
+                    break;
+            }
+
+            /* check ret from inside for loop */
+            if (ret != 0)
+                break;
+
+            ret = wc_HmacFinal(&hmac, buffer);
+            if (ret != 0)
+                break;
+
+            currentLen = min(kLen, hLen);
+            XMEMCPY(output, buffer, currentLen);
+
+            for (j = 1; j < iterations; j++) {
+                ret = wc_HmacUpdate(&hmac, buffer, hLen);
+                if (ret != 0)
+                    break;
+                ret = wc_HmacFinal(&hmac, buffer);
+                if (ret != 0)
+                    break;
+                xorbuf(output, buffer, currentLen);
+            }
+
+            /* check ret from inside for loop */
+            if (ret != 0)
+                break;
+
+            output += currentLen;
+            kLen   -= currentLen;
+            i++;
+        }
+    }
+
+#ifdef WOLFSSL_SMALL_STACK
+    XFREE(buffer, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+
+    return ret;
+}
+
+#ifdef WOLFSSL_SHA512
+#define PBKDF_DIGEST_SIZE SHA512_BLOCK_SIZE
+#elif !defined(NO_SHA256)
+#define PBKDF_DIGEST_SIZE SHA256_BLOCK_SIZE
+#else
+#define PBKDF_DIGEST_SIZE SHA_DIGEST_SIZE
+#endif
+
+int wc_PKCS12_PBKDF(byte* output, const byte* passwd, int passLen,const byte* salt,
+                 int saltLen, int iterations, int kLen, int hashType, int id)
+{
+    /* all in bytes instead of bits */
+    word32 u, v, dLen, pLen, iLen, sLen, totalLen;
+    int    dynamic = 0;
+    int    ret = 0;
+    int    i;
+    byte   *D, *S, *P, *I;
+#ifdef WOLFSSL_SMALL_STACK
+    byte   staticBuffer[1]; /* force dynamic usage */
+#else
+    byte   staticBuffer[1024];
+#endif
+    byte*  buffer = staticBuffer;
+
+#ifdef WOLFSSL_SMALL_STACK
+    byte*  Ai;
+    byte*  B;
+#else
+    byte   Ai[PBKDF_DIGEST_SIZE];
+    byte   B[PBKDF_DIGEST_SIZE];
+#endif
+
+    if (!iterations)
+        iterations = 1;
+
+    if (hashType == MD5) {
+        v = MD5_BLOCK_SIZE;
+        u = MD5_DIGEST_SIZE;
+    }
+    else if (hashType == SHA) {
+        v = SHA_BLOCK_SIZE;
+        u = SHA_DIGEST_SIZE;
+    }
+#ifndef NO_SHA256
+    else if (hashType == SHA256) {
+        v = SHA256_BLOCK_SIZE;
+        u = SHA256_DIGEST_SIZE;
+    }
+#endif
+#ifdef WOLFSSL_SHA512
+    else if (hashType == SHA512) {
+        v = SHA512_BLOCK_SIZE;
+        u = SHA512_DIGEST_SIZE;
+    }
+#endif
+    else
+        return BAD_FUNC_ARG;
+
+#ifdef WOLFSSL_SMALL_STACK
+    Ai = (byte*)XMALLOC(PBKDF_DIGEST_SIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    if (Ai == NULL)
+        return MEMORY_E;
+
+    B = (byte*)XMALLOC(PBKDF_DIGEST_SIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    if (B == NULL) {
+        XFREE(Ai, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        return MEMORY_E;
+    }
+#endif
+
+    dLen = v;
+    sLen =  v * ((saltLen + v - 1) / v);
+    if (passLen)
+        pLen = v * ((passLen + v - 1) / v);
+    else
+        pLen = 0;
+    iLen = sLen + pLen;
+
+    totalLen = dLen + sLen + pLen;
+
+    if (totalLen > sizeof(staticBuffer)) {
+        buffer = (byte*)XMALLOC(totalLen, 0, DYNAMIC_TYPE_KEY);
+        if (buffer == NULL) {
+#ifdef WOLFSSL_SMALL_STACK
+            XFREE(Ai, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+            XFREE(B,  NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+            return MEMORY_E;
+        }
+        dynamic = 1;
+    } 
+
+    D = buffer;
+    S = D + dLen;
+    P = S + sLen;
+    I = S;
+
+    XMEMSET(D, id, dLen);
+
+    for (i = 0; i < (int)sLen; i++)
+        S[i] = salt[i % saltLen];
+    for (i = 0; i < (int)pLen; i++)
+        P[i] = passwd[i % passLen];
+
+    while (kLen > 0) {
+        word32 currentLen;
+        mp_int B1;
+
+        if (hashType == MD5) {
+            Md5 md5;
+
+            wc_InitMd5(&md5);
+            wc_Md5Update(&md5, buffer, totalLen);
+            wc_Md5Final(&md5, Ai);
+
+            for (i = 1; i < iterations; i++) {
+                wc_Md5Update(&md5, Ai, u);
+                wc_Md5Final(&md5, Ai);
+            }
+        }
+        else if (hashType == SHA) {
+            Sha sha;
+
+            ret = wc_InitSha(&sha);
+            if (ret != 0)
+                break;
+            wc_ShaUpdate(&sha, buffer, totalLen);
+            wc_ShaFinal(&sha, Ai);
+
+            for (i = 1; i < iterations; i++) {
+                wc_ShaUpdate(&sha, Ai, u);
+                wc_ShaFinal(&sha, Ai);
+            }
+        }
+#ifndef NO_SHA256
+        else if (hashType == SHA256) {
+            Sha256 sha256;
+
+            ret = wc_InitSha256(&sha256);
+            if (ret != 0)
+                break;
+
+            ret = wc_Sha256Update(&sha256, buffer, totalLen);
+            if (ret != 0)
+                break;
+
+            ret = wc_Sha256Final(&sha256, Ai);
+            if (ret != 0)
+                break;
+
+            for (i = 1; i < iterations; i++) {
+                ret = wc_Sha256Update(&sha256, Ai, u);
+                if (ret != 0)
+                    break;
+
+                ret = wc_Sha256Final(&sha256, Ai);
+                if (ret != 0)
+                    break;
+            }
+        }
+#endif
+#ifdef WOLFSSL_SHA512
+        else if (hashType == SHA512) {
+            Sha512 sha512;
+
+            ret = wc_InitSha512(&sha512);
+            if (ret != 0)
+                break;
+
+            ret = wc_Sha512Update(&sha512, buffer, totalLen);
+            if (ret != 0)
+                break;
+
+            ret = wc_Sha512Final(&sha512, Ai);
+            if (ret != 0)
+                break;
+
+            for (i = 1; i < iterations; i++) {
+                ret = wc_Sha512Update(&sha512, Ai, u);
+                if (ret != 0)
+                    break;
+
+                ret = wc_Sha512Final(&sha512, Ai);
+                if (ret != 0)
+                    break;
+            }
+        }
+#endif
+
+        for (i = 0; i < (int)v; i++)
+            B[i] = Ai[i % u];
+
+        if (mp_init(&B1) != MP_OKAY)
+            ret = MP_INIT_E;
+        else if (mp_read_unsigned_bin(&B1, B, v) != MP_OKAY)
+            ret = MP_READ_E;
+        else if (mp_add_d(&B1, (mp_digit)1, &B1) != MP_OKAY)
+            ret = MP_ADD_E;
+
+        if (ret != 0) {
+            mp_clear(&B1);
+            break;
+        }
+
+        for (i = 0; i < (int)iLen; i += v) {
+            int    outSz;
+            mp_int i1;
+            mp_int res;
+
+            if (mp_init_multi(&i1, &res, NULL, NULL, NULL, NULL) != MP_OKAY) {
+                ret = MP_INIT_E;
+                break;
+            }
+            if (mp_read_unsigned_bin(&i1, I + i, v) != MP_OKAY)
+                ret = MP_READ_E;
+            else if (mp_add(&i1, &B1, &res) != MP_OKAY)
+                ret = MP_ADD_E;
+            else if ( (outSz = mp_unsigned_bin_size(&res)) < 0)
+                ret = MP_TO_E;
+            else {
+                if (outSz > (int)v) {
+                    /* take off MSB */
+                    byte  tmp[129];
+                    ret = mp_to_unsigned_bin(&res, tmp);
+                    XMEMCPY(I + i, tmp + 1, v);
+                }
+                else if (outSz < (int)v) {
+                    XMEMSET(I + i, 0, v - outSz);
+                    ret = mp_to_unsigned_bin(&res, I + i + v - outSz);
+                }
+                else
+                    ret = mp_to_unsigned_bin(&res, I + i);
+            }
+
+            mp_clear(&i1);
+            mp_clear(&res);
+            if (ret < 0) break;
+        }
+
+        currentLen = min(kLen, (int)u);
+        XMEMCPY(output, Ai, currentLen);
+        output += currentLen;
+        kLen   -= currentLen;
+        mp_clear(&B1);
+    }
+
+    if (dynamic) XFREE(buffer, 0, DYNAMIC_TYPE_KEY);
+
+#ifdef WOLFSSL_SMALL_STACK
+    XFREE(Ai, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    XFREE(B,  NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+
+    return ret;
+}
+
+#undef PBKDF_DIGEST_SIZE
+
+#endif /* NO_PWDBASED */
+
diff --git a/3P/wolfssl/wolfcrypt/src/rabbit.c b/3P/wolfssl/wolfcrypt/src/rabbit.c
new file mode 100644
index 00000000..fc786111
--- /dev/null
+++ b/3P/wolfssl/wolfcrypt/src/rabbit.c
@@ -0,0 +1,310 @@
+/* rabbit.c
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+#ifdef HAVE_CONFIG_H
+    #include 
+#endif
+
+#include 
+
+#ifndef NO_RABBIT
+
+#include 
+#include 
+#include 
+#ifdef NO_INLINE
+    #include 
+#else
+    #include 
+#endif
+
+
+#ifdef BIG_ENDIAN_ORDER
+    #define LITTLE32(x) ByteReverseWord32(x)
+#else
+    #define LITTLE32(x) (x)
+#endif
+
+#define U32V(x) ((word32)(x) & 0xFFFFFFFFU)
+
+
+/* Square a 32-bit unsigned integer to obtain the 64-bit result and return */
+/* the upper 32 bits XOR the lower 32 bits */
+static word32 RABBIT_g_func(word32 x)
+{
+    /* Temporary variables */
+    word32 a, b, h, l;
+
+    /* Construct high and low argument for squaring */
+    a = x&0xFFFF;
+    b = x>>16;
+
+    /* Calculate high and low result of squaring */
+    h = (((U32V(a*a)>>17) + U32V(a*b))>>15) + b*b;
+    l = x*x;
+
+    /* Return high XOR low */
+    return U32V(h^l);
+}
+
+
+/* Calculate the next internal state */
+static void RABBIT_next_state(RabbitCtx* ctx)
+{
+    /* Temporary variables */
+    word32 g[8], c_old[8], i;
+
+    /* Save old counter values */
+    for (i=0; i<8; i++)
+        c_old[i] = ctx->c[i];
+
+    /* Calculate new counter values */
+    ctx->c[0] = U32V(ctx->c[0] + 0x4D34D34D + ctx->carry);
+    ctx->c[1] = U32V(ctx->c[1] + 0xD34D34D3 + (ctx->c[0] < c_old[0]));
+    ctx->c[2] = U32V(ctx->c[2] + 0x34D34D34 + (ctx->c[1] < c_old[1]));
+    ctx->c[3] = U32V(ctx->c[3] + 0x4D34D34D + (ctx->c[2] < c_old[2]));
+    ctx->c[4] = U32V(ctx->c[4] + 0xD34D34D3 + (ctx->c[3] < c_old[3]));
+    ctx->c[5] = U32V(ctx->c[5] + 0x34D34D34 + (ctx->c[4] < c_old[4]));
+    ctx->c[6] = U32V(ctx->c[6] + 0x4D34D34D + (ctx->c[5] < c_old[5]));
+    ctx->c[7] = U32V(ctx->c[7] + 0xD34D34D3 + (ctx->c[6] < c_old[6]));
+    ctx->carry = (ctx->c[7] < c_old[7]);
+   
+    /* Calculate the g-values */
+    for (i=0;i<8;i++)
+        g[i] = RABBIT_g_func(U32V(ctx->x[i] + ctx->c[i]));
+
+    /* Calculate new state values */
+    ctx->x[0] = U32V(g[0] + rotlFixed(g[7],16) + rotlFixed(g[6], 16));
+    ctx->x[1] = U32V(g[1] + rotlFixed(g[0], 8) + g[7]);
+    ctx->x[2] = U32V(g[2] + rotlFixed(g[1],16) + rotlFixed(g[0], 16));
+    ctx->x[3] = U32V(g[3] + rotlFixed(g[2], 8) + g[1]);
+    ctx->x[4] = U32V(g[4] + rotlFixed(g[3],16) + rotlFixed(g[2], 16));
+    ctx->x[5] = U32V(g[5] + rotlFixed(g[4], 8) + g[3]);
+    ctx->x[6] = U32V(g[6] + rotlFixed(g[5],16) + rotlFixed(g[4], 16));
+    ctx->x[7] = U32V(g[7] + rotlFixed(g[6], 8) + g[5]);
+}
+
+
+/* IV setup */
+static void wc_RabbitSetIV(Rabbit* ctx, const byte* inIv)
+{
+    /* Temporary variables */
+    word32 i0, i1, i2, i3, i;
+    word32 iv[2];
+
+    if (inIv)
+        XMEMCPY(iv, inIv, sizeof(iv));
+    else
+        XMEMSET(iv,    0, sizeof(iv));
+      
+    /* Generate four subvectors */
+    i0 = LITTLE32(iv[0]);
+    i2 = LITTLE32(iv[1]);
+    i1 = (i0>>16) | (i2&0xFFFF0000);
+    i3 = (i2<<16) | (i0&0x0000FFFF);
+
+    /* Modify counter values */
+    ctx->workCtx.c[0] = ctx->masterCtx.c[0] ^ i0;
+    ctx->workCtx.c[1] = ctx->masterCtx.c[1] ^ i1;
+    ctx->workCtx.c[2] = ctx->masterCtx.c[2] ^ i2;
+    ctx->workCtx.c[3] = ctx->masterCtx.c[3] ^ i3;
+    ctx->workCtx.c[4] = ctx->masterCtx.c[4] ^ i0;
+    ctx->workCtx.c[5] = ctx->masterCtx.c[5] ^ i1;
+    ctx->workCtx.c[6] = ctx->masterCtx.c[6] ^ i2;
+    ctx->workCtx.c[7] = ctx->masterCtx.c[7] ^ i3;
+
+    /* Copy state variables */
+    for (i=0; i<8; i++)
+        ctx->workCtx.x[i] = ctx->masterCtx.x[i];
+    ctx->workCtx.carry = ctx->masterCtx.carry;
+
+    /* Iterate the system four times */
+    for (i=0; i<4; i++)
+        RABBIT_next_state(&(ctx->workCtx));
+}
+
+
+/* Key setup */
+static INLINE int DoKey(Rabbit* ctx, const byte* key, const byte* iv)
+{
+    /* Temporary variables */
+    word32 k0, k1, k2, k3, i;
+
+    /* Generate four subkeys */
+    k0 = LITTLE32(*(word32*)(key+ 0));
+    k1 = LITTLE32(*(word32*)(key+ 4));
+    k2 = LITTLE32(*(word32*)(key+ 8));
+    k3 = LITTLE32(*(word32*)(key+12));
+
+    /* Generate initial state variables */
+    ctx->masterCtx.x[0] = k0;
+    ctx->masterCtx.x[2] = k1;
+    ctx->masterCtx.x[4] = k2;
+    ctx->masterCtx.x[6] = k3;
+    ctx->masterCtx.x[1] = U32V(k3<<16) | (k2>>16);
+    ctx->masterCtx.x[3] = U32V(k0<<16) | (k3>>16);
+    ctx->masterCtx.x[5] = U32V(k1<<16) | (k0>>16);
+    ctx->masterCtx.x[7] = U32V(k2<<16) | (k1>>16);
+
+    /* Generate initial counter values */
+    ctx->masterCtx.c[0] = rotlFixed(k2, 16);
+    ctx->masterCtx.c[2] = rotlFixed(k3, 16);
+    ctx->masterCtx.c[4] = rotlFixed(k0, 16);
+    ctx->masterCtx.c[6] = rotlFixed(k1, 16);
+    ctx->masterCtx.c[1] = (k0&0xFFFF0000) | (k1&0xFFFF);
+    ctx->masterCtx.c[3] = (k1&0xFFFF0000) | (k2&0xFFFF);
+    ctx->masterCtx.c[5] = (k2&0xFFFF0000) | (k3&0xFFFF);
+    ctx->masterCtx.c[7] = (k3&0xFFFF0000) | (k0&0xFFFF);
+
+    /* Clear carry bit */
+    ctx->masterCtx.carry = 0;
+
+    /* Iterate the system four times */
+    for (i=0; i<4; i++)
+        RABBIT_next_state(&(ctx->masterCtx));
+
+    /* Modify the counters */
+    for (i=0; i<8; i++)
+        ctx->masterCtx.c[i] ^= ctx->masterCtx.x[(i+4)&0x7];
+
+    /* Copy master instance to work instance */
+    for (i=0; i<8; i++) {
+        ctx->workCtx.x[i] = ctx->masterCtx.x[i];
+        ctx->workCtx.c[i] = ctx->masterCtx.c[i];
+    }
+    ctx->workCtx.carry = ctx->masterCtx.carry;
+
+    wc_RabbitSetIV(ctx, iv);
+
+    return 0;
+}
+
+
+/* Key setup */
+int wc_RabbitSetKey(Rabbit* ctx, const byte* key, const byte* iv)
+{
+#ifdef XSTREAM_ALIGN
+    if ((wolfssl_word)key % 4) {
+        int alignKey[4];
+
+        /* iv aligned in SetIV */
+        WOLFSSL_MSG("wc_RabbitSetKey unaligned key");
+
+        XMEMCPY(alignKey, key, sizeof(alignKey));
+
+        return DoKey(ctx, (const byte*)alignKey, iv);
+    }
+#endif /* XSTREAM_ALIGN */
+
+    return DoKey(ctx, key, iv);
+}
+
+
+/* Encrypt/decrypt a message of any size */
+static INLINE int DoProcess(Rabbit* ctx, byte* output, const byte* input,
+                            word32 msglen)
+{
+    /* Encrypt/decrypt all full blocks */
+    while (msglen >= 16) {
+        /* Iterate the system */
+        RABBIT_next_state(&(ctx->workCtx));
+
+        /* Encrypt/decrypt 16 bytes of data */
+        *(word32*)(output+ 0) = *(word32*)(input+ 0) ^
+                   LITTLE32(ctx->workCtx.x[0] ^ (ctx->workCtx.x[5]>>16) ^
+                   U32V(ctx->workCtx.x[3]<<16));
+        *(word32*)(output+ 4) = *(word32*)(input+ 4) ^
+                   LITTLE32(ctx->workCtx.x[2] ^ (ctx->workCtx.x[7]>>16) ^
+                   U32V(ctx->workCtx.x[5]<<16));
+        *(word32*)(output+ 8) = *(word32*)(input+ 8) ^
+                   LITTLE32(ctx->workCtx.x[4] ^ (ctx->workCtx.x[1]>>16) ^
+                   U32V(ctx->workCtx.x[7]<<16));
+        *(word32*)(output+12) = *(word32*)(input+12) ^
+                   LITTLE32(ctx->workCtx.x[6] ^ (ctx->workCtx.x[3]>>16) ^
+                   U32V(ctx->workCtx.x[1]<<16));
+
+        /* Increment pointers and decrement length */
+        input  += 16;
+        output += 16;
+        msglen -= 16;
+    }
+
+    /* Encrypt/decrypt remaining data */
+    if (msglen) {
+
+        word32 i;
+        word32 tmp[4];
+        byte*  buffer = (byte*)tmp;
+
+        XMEMSET(tmp, 0, sizeof(tmp));   /* help static analysis */
+
+        /* Iterate the system */
+        RABBIT_next_state(&(ctx->workCtx));
+
+        /* Generate 16 bytes of pseudo-random data */
+        tmp[0] = LITTLE32(ctx->workCtx.x[0] ^
+                  (ctx->workCtx.x[5]>>16) ^ U32V(ctx->workCtx.x[3]<<16));
+        tmp[1] = LITTLE32(ctx->workCtx.x[2] ^ 
+                  (ctx->workCtx.x[7]>>16) ^ U32V(ctx->workCtx.x[5]<<16));
+        tmp[2] = LITTLE32(ctx->workCtx.x[4] ^ 
+                  (ctx->workCtx.x[1]>>16) ^ U32V(ctx->workCtx.x[7]<<16));
+        tmp[3] = LITTLE32(ctx->workCtx.x[6] ^ 
+                  (ctx->workCtx.x[3]>>16) ^ U32V(ctx->workCtx.x[1]<<16));
+
+        /* Encrypt/decrypt the data */
+        for (i=0; i
+#endif
+
+#include 
+
+/* on HPUX 11 you may need to install /dev/random see
+   http://h20293.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=KRNG11I
+
+*/
+
+#include 
+
+#ifdef HAVE_FIPS
+int wc_GenerateSeed(OS_Seed* os, byte* seed, word32 sz)
+{
+    return GenerateSeed(os, seed, sz);
+}
+
+#ifdef HAVE_CAVIUM
+    int  wc_InitRngCavium(RNG* rng, int i)
+    {
+        return InitRngCavium(rng, i);
+    }
+#endif
+
+
+int  wc_InitRng(RNG* rng)
+{
+    return InitRng_fips(rng);
+}
+
+
+int  wc_RNG_GenerateBlock(RNG* rng, byte* b, word32 sz)
+{
+    return RNG_GenerateBlock_fips(rng, b, sz);
+}
+
+
+int  wc_RNG_GenerateByte(RNG* rng, byte* b)
+{
+    return RNG_GenerateByte(rng, b);
+}
+
+#if defined(HAVE_HASHDRBG) || defined(NO_RC4)
+    int wc_FreeRng(RNG* rng)
+    {
+        return FreeRng_fips(rng);
+    }
+
+
+    int wc_RNG_HealthTest(int reseed,
+                                        const byte* entropyA, word32 entropyASz,
+                                        const byte* entropyB, word32 entropyBSz,
+                                        byte* output, word32 outputSz)
+    {
+        return RNG_HealthTest_fips(reseed, entropyA, entropyASz,
+                              entropyB, entropyBSz, output, outputSz);
+    }
+#endif /* HAVE_HASHDRBG || NO_RC4 */
+#else /* else build without fips */
+#include 
+
+#if defined(HAVE_HASHDRBG) || defined(NO_RC4)
+
+    #include 
+
+    #ifdef NO_INLINE
+        #include 
+    #else
+        #include 
+    #endif
+#endif /* HAVE_HASHDRBG || NO_RC4 */
+
+#if defined(USE_WINDOWS_API)
+    #ifndef _WIN32_WINNT
+        #define _WIN32_WINNT 0x0400
+    #endif
+    #include 
+    #include 
+#else
+    #if !defined(NO_DEV_RANDOM) && !defined(WOLFSSL_MDK_ARM) \
+                                && !defined(WOLFSSL_IAR_ARM)
+            #include 
+        #ifndef EBSNET
+            #include 
+        #endif
+    #else
+        /* include headers that may be needed to get good seed */
+    #endif
+#endif /* USE_WINDOWS_API */
+
+
+#if defined(HAVE_HASHDRBG) || defined(NO_RC4)
+
+/* Start NIST DRBG code */
+
+#define OUTPUT_BLOCK_LEN  (SHA256_DIGEST_SIZE)
+#define MAX_REQUEST_LEN   (0x10000)
+#define RESEED_INTERVAL   (1000000)
+#define SECURITY_STRENGTH (256)
+#define ENTROPY_SZ        (SECURITY_STRENGTH/8)
+#define NONCE_SZ          (ENTROPY_SZ/2)
+#define ENTROPY_NONCE_SZ  (ENTROPY_SZ+NONCE_SZ)
+
+/* Internal return codes */
+#define DRBG_SUCCESS      0
+#define DRBG_ERROR        1
+#define DRBG_FAILURE      2
+#define DRBG_NEED_RESEED  3
+#define DRBG_CONT_FAILURE 4
+
+/* RNG health states */
+#define DRBG_NOT_INIT     0
+#define DRBG_OK           1
+#define DRBG_FAILED       2
+#define DRBG_CONT_FAILED  3
+
+
+enum {
+    drbgInitC     = 0,
+    drbgReseed    = 1,
+    drbgGenerateW = 2,
+    drbgGenerateH = 3,
+    drbgInitV
+};
+
+
+typedef struct DRBG {
+    Sha256 sha;
+    byte digest[SHA256_DIGEST_SIZE];
+    byte V[DRBG_SEED_LEN];
+    byte C[DRBG_SEED_LEN];
+    word32 reseedCtr;
+    word32 lastBlock;
+    byte   matchCount;
+} DRBG;
+
+
+/* Hash Derivation Function */
+/* Returns: DRBG_SUCCESS or DRBG_FAILURE */
+static int Hash_df(DRBG* drbg, byte* out, word32 outSz, byte type,
+                                                  const byte* inA, word32 inASz,
+                                                  const byte* inB, word32 inBSz)
+{
+    byte ctr;
+    int i;
+    int len;
+    word32 bits = (outSz * 8); /* reverse byte order */
+
+    #ifdef LITTLE_ENDIAN_ORDER
+        bits = ByteReverseWord32(bits);
+    #endif
+    len = (outSz / OUTPUT_BLOCK_LEN)
+        + ((outSz % OUTPUT_BLOCK_LEN) ? 1 : 0);
+
+    for (i = 0, ctr = 1; i < len; i++, ctr++)
+    {
+        if (wc_InitSha256(&drbg->sha) != 0)
+            return DRBG_FAILURE;
+
+        if (wc_Sha256Update(&drbg->sha, &ctr, sizeof(ctr)) != 0)
+            return DRBG_FAILURE;
+
+        if (wc_Sha256Update(&drbg->sha, (byte*)&bits, sizeof(bits)) != 0)
+            return DRBG_FAILURE;
+
+        /* churning V is the only string that doesn't have 
+         * the type added */
+        if (type != drbgInitV)
+            if (wc_Sha256Update(&drbg->sha, &type, sizeof(type)) != 0)
+                return DRBG_FAILURE;
+
+        if (wc_Sha256Update(&drbg->sha, inA, inASz) != 0)
+            return DRBG_FAILURE;
+
+        if (inB != NULL && inBSz > 0)
+            if (wc_Sha256Update(&drbg->sha, inB, inBSz) != 0)
+                return DRBG_FAILURE;
+
+        if (wc_Sha256Final(&drbg->sha, drbg->digest) != 0)
+            return DRBG_FAILURE;
+
+        if (outSz > OUTPUT_BLOCK_LEN) {
+            XMEMCPY(out, drbg->digest, OUTPUT_BLOCK_LEN);
+            outSz -= OUTPUT_BLOCK_LEN;
+            out += OUTPUT_BLOCK_LEN;
+        }
+        else {
+            XMEMCPY(out, drbg->digest, outSz);
+        }
+    }
+
+    return DRBG_SUCCESS;
+}
+
+
+/* Returns: DRBG_SUCCESS or DRBG_FAILURE */
+static int Hash_DRBG_Reseed(DRBG* drbg, const byte* entropy, word32 entropySz)
+{
+    byte seed[DRBG_SEED_LEN];
+
+    if (Hash_df(drbg, seed, sizeof(seed), drbgReseed, drbg->V, sizeof(drbg->V),
+                                          entropy, entropySz) != DRBG_SUCCESS) {
+        return DRBG_FAILURE;
+    }
+
+    XMEMCPY(drbg->V, seed, sizeof(drbg->V));
+    ForceZero(seed, sizeof(seed));
+
+    if (Hash_df(drbg, drbg->C, sizeof(drbg->C), drbgInitC, drbg->V,
+                                    sizeof(drbg->V), NULL, 0) != DRBG_SUCCESS) {
+        return DRBG_FAILURE;
+    }
+
+    drbg->reseedCtr = 1;
+    drbg->lastBlock = 0;
+    drbg->matchCount = 0;
+    return DRBG_SUCCESS;
+}
+
+static INLINE void array_add_one(byte* data, word32 dataSz)
+{
+    int i;
+
+    for (i = dataSz - 1; i >= 0; i--)
+    {
+        data[i]++;
+        if (data[i] != 0) break;
+    }
+}
+
+
+/* Returns: DRBG_SUCCESS or DRBG_FAILURE */
+static int Hash_gen(DRBG* drbg, byte* out, word32 outSz, const byte* V)
+{
+    byte data[DRBG_SEED_LEN];
+    int i;
+    int len;
+    word32 checkBlock;
+
+    /* Special case: outSz is 0 and out is NULL. wc_Generate a block to save for
+     * the continuous test. */
+
+    if (outSz == 0) outSz = 1;
+
+    len = (outSz / OUTPUT_BLOCK_LEN) + ((outSz % OUTPUT_BLOCK_LEN) ? 1 : 0);
+
+    XMEMCPY(data, V, sizeof(data));
+    for (i = 0; i < len; i++) {
+        if (wc_InitSha256(&drbg->sha) != 0 ||
+            wc_Sha256Update(&drbg->sha, data, sizeof(data)) != 0 ||
+            wc_Sha256Final(&drbg->sha, drbg->digest) != 0) {
+
+            return DRBG_FAILURE;
+        }
+
+        checkBlock = *(word32*)drbg->digest;
+        if (drbg->reseedCtr > 1 && checkBlock == drbg->lastBlock) {
+            if (drbg->matchCount == 1) {
+                return DRBG_CONT_FAILURE;
+            }
+            else {
+                if (i == len) {
+                    len++;
+                }
+                drbg->matchCount = 1;
+            }
+        }
+        else {
+            drbg->matchCount = 0;
+            drbg->lastBlock = checkBlock;
+        }
+
+        if (outSz >= OUTPUT_BLOCK_LEN) {
+            XMEMCPY(out, drbg->digest, OUTPUT_BLOCK_LEN);
+            outSz -= OUTPUT_BLOCK_LEN;
+            out += OUTPUT_BLOCK_LEN;
+            array_add_one(data, DRBG_SEED_LEN);
+        }
+        else if (out != NULL && outSz != 0) {
+            XMEMCPY(out, drbg->digest, outSz);
+            outSz = 0;
+        }
+    }
+    ForceZero(data, sizeof(data));
+
+    return DRBG_SUCCESS;
+}
+
+
+static INLINE void array_add(byte* d, word32 dLen, const byte* s, word32 sLen)
+{
+    word16 carry = 0;
+
+    if (dLen > 0 && sLen > 0 && dLen >= sLen) {
+        int sIdx, dIdx;
+
+        for (sIdx = sLen - 1, dIdx = dLen - 1; sIdx >= 0; dIdx--, sIdx--)
+        {
+            carry += d[dIdx] + s[sIdx];
+            d[dIdx] = carry;
+            carry >>= 8;
+        }
+
+        for (; carry != 0 && dIdx >= 0; dIdx--) {
+            carry += d[dIdx];
+            d[dIdx] = carry;
+            carry >>= 8;
+        }
+    }
+}
+
+
+/* Returns: DRBG_SUCCESS, DRBG_NEED_RESEED, or DRBG_FAILURE */
+static int Hash_DRBG_Generate(DRBG* drbg, byte* out, word32 outSz)
+{
+    int ret = DRBG_NEED_RESEED;
+
+    if (drbg->reseedCtr != RESEED_INTERVAL) {
+        byte type = drbgGenerateH;
+        word32 reseedCtr = drbg->reseedCtr;
+
+        ret = Hash_gen(drbg, out, outSz, drbg->V);
+        if (ret == DRBG_SUCCESS) {
+            if (wc_InitSha256(&drbg->sha) != 0 ||
+                wc_Sha256Update(&drbg->sha, &type, sizeof(type)) != 0 ||
+                wc_Sha256Update(&drbg->sha, drbg->V, sizeof(drbg->V)) != 0 ||
+                wc_Sha256Final(&drbg->sha, drbg->digest) != 0) {
+
+                ret = DRBG_FAILURE;
+            }
+            else {
+                array_add(drbg->V, sizeof(drbg->V),
+                                            drbg->digest, sizeof(drbg->digest));
+                array_add(drbg->V, sizeof(drbg->V), drbg->C, sizeof(drbg->C));
+                #ifdef LITTLE_ENDIAN_ORDER
+                    reseedCtr = ByteReverseWord32(reseedCtr);
+                #endif
+                array_add(drbg->V, sizeof(drbg->V),
+                                          (byte*)&reseedCtr, sizeof(reseedCtr));
+                ret = DRBG_SUCCESS;
+            }
+            drbg->reseedCtr++;
+        }
+    }
+
+    return ret;
+}
+
+
+/* Returns: DRBG_SUCCESS or DRBG_FAILURE */
+static int Hash_DRBG_Instantiate(DRBG* drbg, const byte* seed, word32 seedSz,
+                                             const byte* nonce, word32 nonceSz)
+{
+    int ret = DRBG_FAILURE;
+
+    XMEMSET(drbg, 0, sizeof(DRBG));
+
+    if (Hash_df(drbg, drbg->V, sizeof(drbg->V), drbgInitV, seed, seedSz,
+                                              nonce, nonceSz) == DRBG_SUCCESS &&
+        Hash_df(drbg, drbg->C, sizeof(drbg->C), drbgInitC, drbg->V,
+                                    sizeof(drbg->V), NULL, 0) == DRBG_SUCCESS) {
+
+        drbg->reseedCtr = 1;
+        drbg->lastBlock = 0;
+        drbg->matchCount = 0;
+        ret = DRBG_SUCCESS;
+    }
+
+    return ret;
+}
+
+
+/* Returns: DRBG_SUCCESS */
+static int Hash_DRBG_Uninstantiate(DRBG* drbg)
+{
+    ForceZero(drbg, sizeof(DRBG));
+
+    return DRBG_SUCCESS;
+}
+
+/* End NIST DRBG Code */
+
+
+/* Get seed and key cipher */
+int wc_InitRng(RNG* rng)
+{
+    int ret = BAD_FUNC_ARG;
+
+    if (rng != NULL) {
+        byte entropy[ENTROPY_NONCE_SZ];
+
+        rng->drbg = (struct DRBG*)XMALLOC(sizeof(DRBG), NULL, DYNAMIC_TYPE_RNG);
+        if (rng->drbg == NULL) {
+            ret = MEMORY_E;
+        }
+        /* This doesn't use a separate nonce. The entropy input will be
+         * the default size plus the size of the nonce making the seed
+         * size. */
+        else if (wc_GenerateSeed(&rng->seed, entropy, ENTROPY_NONCE_SZ) == 0 &&
+                 Hash_DRBG_Instantiate(rng->drbg, entropy, ENTROPY_NONCE_SZ,
+                                                     NULL, 0) == DRBG_SUCCESS) {
+
+            ret = Hash_DRBG_Generate(rng->drbg, NULL, 0);
+        }
+        else
+            ret = DRBG_FAILURE;
+
+        ForceZero(entropy, ENTROPY_NONCE_SZ);
+
+        if (ret == DRBG_SUCCESS) {
+            rng->status = DRBG_OK;
+            ret = 0;
+        }
+        else if (ret == DRBG_CONT_FAILURE) {
+            rng->status = DRBG_CONT_FAILED;
+            ret = DRBG_CONT_FIPS_E;
+        }
+        else if (ret == DRBG_FAILURE) {
+            rng->status = DRBG_FAILED;
+            ret = RNG_FAILURE_E;
+        }
+        else {
+            rng->status = DRBG_FAILED;
+        }
+    }
+
+    return ret;
+}
+
+
+/* place a generated block in output */
+int wc_RNG_GenerateBlock(RNG* rng, byte* output, word32 sz)
+{
+    int ret;
+
+    if (rng == NULL || output == NULL || sz > MAX_REQUEST_LEN)
+        return BAD_FUNC_ARG;
+
+    if (rng->status != DRBG_OK)
+        return RNG_FAILURE_E;
+
+    ret = Hash_DRBG_Generate(rng->drbg, output, sz);
+
+    if (ret == DRBG_NEED_RESEED) {
+        byte entropy[ENTROPY_SZ];
+
+        if (wc_GenerateSeed(&rng->seed, entropy, ENTROPY_SZ) == 0 &&
+            Hash_DRBG_Reseed(rng->drbg, entropy, ENTROPY_SZ) == DRBG_SUCCESS) {
+
+            ret = Hash_DRBG_Generate(rng->drbg, NULL, 0);
+            if (ret == DRBG_SUCCESS)
+                ret = Hash_DRBG_Generate(rng->drbg, output, sz);
+        }
+        else
+            ret = DRBG_FAILURE;
+
+        ForceZero(entropy, ENTROPY_SZ);
+    }
+
+    if (ret == DRBG_SUCCESS) {
+        ret = 0;
+    }
+    else if (ret == DRBG_CONT_FAILURE) {
+        ret = DRBG_CONT_FIPS_E;
+        rng->status = DRBG_CONT_FAILED;
+    }
+    else {
+        ret = RNG_FAILURE_E;
+        rng->status = DRBG_FAILED;
+    }
+
+    return ret;
+}
+
+
+int wc_RNG_GenerateByte(RNG* rng, byte* b)
+{
+    return wc_RNG_GenerateBlock(rng, b, 1);
+}
+
+
+int wc_FreeRng(RNG* rng)
+{
+    int ret = BAD_FUNC_ARG;
+
+    if (rng != NULL) {
+        if (Hash_DRBG_Uninstantiate(rng->drbg) == DRBG_SUCCESS)
+            ret = 0;
+        else
+            ret = RNG_FAILURE_E;
+
+        XFREE(rng->drbg, NULL, DYNAMIC_TYPE_RNG);
+        rng->drbg = NULL;
+        rng->status = DRBG_NOT_INIT;
+    }
+
+    return ret;
+}
+
+
+int wc_RNG_HealthTest(int reseed, const byte* entropyA, word32 entropyASz,
+                               const byte* entropyB, word32 entropyBSz,
+                               byte* output, word32 outputSz)
+{
+    DRBG drbg;
+
+    if (entropyA == NULL || output == NULL)
+        return BAD_FUNC_ARG;
+
+    if (reseed != 0 && entropyB == NULL)
+        return BAD_FUNC_ARG;
+
+    if (outputSz != (SHA256_DIGEST_SIZE * 4))
+        return -1;
+
+    if (Hash_DRBG_Instantiate(&drbg, entropyA, entropyASz, NULL, 0) != 0)
+        return -1;
+
+    if (reseed) {
+        if (Hash_DRBG_Reseed(&drbg, entropyB, entropyBSz) != 0) {
+            Hash_DRBG_Uninstantiate(&drbg);
+            return -1;
+        }
+    }
+
+    if (Hash_DRBG_Generate(&drbg, output, outputSz) != 0) {
+        Hash_DRBG_Uninstantiate(&drbg);
+        return -1;
+    }
+
+    if (Hash_DRBG_Generate(&drbg, output, outputSz) != 0) {
+        Hash_DRBG_Uninstantiate(&drbg);
+        return -1;
+    }
+
+    Hash_DRBG_Uninstantiate(&drbg);
+
+    return 0;
+}
+
+
+#else /* HAVE_HASHDRBG || NO_RC4 */
+
+/* Get seed and key cipher */
+int wc_InitRng(RNG* rng)
+{
+    int  ret;
+#ifdef WOLFSSL_SMALL_STACK
+    byte* key;
+    byte* junk;
+#else
+    byte key[32];
+    byte junk[256];
+#endif
+
+#ifdef HAVE_CAVIUM
+    if (rng->magic == WOLFSSL_RNG_CAVIUM_MAGIC)
+        return 0;
+#endif
+
+#ifdef WOLFSSL_SMALL_STACK
+    key = (byte*)XMALLOC(32, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    if (key == NULL)
+        return MEMORY_E;
+
+    junk = (byte*)XMALLOC(256, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    if (junk == NULL) {
+        XFREE(key, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        return MEMORY_E;
+    }
+#endif
+
+    ret = wc_GenerateSeed(&rng->seed, key, 32);
+
+    if (ret == 0) {
+        wc_Arc4SetKey(&rng->cipher, key, sizeof(key));
+
+        ret = wc_RNG_GenerateBlock(rng, junk, 256); /*rid initial state*/
+    }
+
+#ifdef WOLFSSL_SMALL_STACK
+    XFREE(key, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    XFREE(junk, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+
+    return ret;
+}
+
+#ifdef HAVE_CAVIUM
+    static void CaviumRNG_GenerateBlock(RNG* rng, byte* output, word32 sz);
+#endif
+
+/* place a generated block in output */
+int wc_RNG_GenerateBlock(RNG* rng, byte* output, word32 sz)
+{
+#ifdef HAVE_CAVIUM
+    if (rng->magic == WOLFSSL_RNG_CAVIUM_MAGIC)
+        return CaviumRNG_GenerateBlock(rng, output, sz);
+#endif
+    XMEMSET(output, 0, sz);
+    wc_Arc4Process(&rng->cipher, output, output, sz);
+
+    return 0;
+}
+
+
+int wc_RNG_GenerateByte(RNG* rng, byte* b)
+{
+    return wc_RNG_GenerateBlock(rng, b, 1);
+}
+
+
+#ifdef HAVE_CAVIUM
+
+#include 
+#include "cavium_common.h"
+
+/* Initiliaze RNG for use with Nitrox device */
+int wc_InitRngCavium(RNG* rng, int devId)
+{
+    if (rng == NULL)
+        return -1;
+
+    rng->devId = devId;
+    rng->magic = WOLFSSL_RNG_CAVIUM_MAGIC;
+
+    return 0;
+}
+
+
+static void CaviumRNG_GenerateBlock(RNG* rng, byte* output, word32 sz)
+{
+    wolfssl_word offset = 0;
+    word32      requestId;
+
+    while (sz > WOLFSSL_MAX_16BIT) {
+        word16 slen = (word16)WOLFSSL_MAX_16BIT;
+        if (CspRandom(CAVIUM_BLOCKING, slen, output + offset, &requestId,
+                      rng->devId) != 0) {
+            WOLFSSL_MSG("Cavium RNG failed");
+        }
+        sz     -= WOLFSSL_MAX_16BIT;
+        offset += WOLFSSL_MAX_16BIT;
+    }
+    if (sz) {
+        word16 slen = (word16)sz;
+        if (CspRandom(CAVIUM_BLOCKING, slen, output + offset, &requestId,
+                      rng->devId) != 0) {
+            WOLFSSL_MSG("Cavium RNG failed");
+        }
+    }
+}
+
+#endif /* HAVE_CAVIUM */
+
+#endif /* HAVE_HASHDRBG || NO_RC4 */
+
+
+#if defined(USE_WINDOWS_API)
+
+
+int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
+{
+    if(!CryptAcquireContext(&os->handle, 0, 0, PROV_RSA_FULL,
+                            CRYPT_VERIFYCONTEXT))
+        return WINCRYPT_E;
+
+    if (!CryptGenRandom(os->handle, sz, output))
+        return CRYPTGEN_E;
+
+    CryptReleaseContext(os->handle, 0);
+
+    return 0;
+}
+
+
+#elif defined(HAVE_RTP_SYS) || defined(EBSNET)
+
+#include "rtprand.h"   /* rtp_rand () */
+#include "rtptime.h"   /* rtp_get_system_msec() */
+
+
+int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
+{
+    int i;
+    rtp_srand(rtp_get_system_msec());
+
+    for (i = 0; i < sz; i++ ) {
+        output[i] = rtp_rand() % 256;
+        if ( (i % 8) == 7)
+            rtp_srand(rtp_get_system_msec());
+    }
+
+    return 0;
+}
+
+
+#elif defined(MICRIUM)
+
+int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
+{
+    #if (NET_SECURE_MGR_CFG_EN == DEF_ENABLED)
+        NetSecure_InitSeed(output, sz);
+    #endif
+    return 0;
+}
+
+#elif defined(MBED)
+
+/* write a real one !!!, just for testing board */
+int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
+{
+    int i;
+    for (i = 0; i < sz; i++ )
+        output[i] = i;
+
+    return 0;
+}
+
+#elif defined(MICROCHIP_PIC32)
+
+#ifdef MICROCHIP_MPLAB_HARMONY
+    #define PIC32_SEED_COUNT _CP0_GET_COUNT
+#else
+    #if !defined(WOLFSSL_MICROCHIP_PIC32MZ)
+        #include 
+    #endif
+    #define PIC32_SEED_COUNT ReadCoreTimer
+#endif
+    #ifdef WOLFSSL_MIC32MZ_RNG
+        #include "xc.h"
+        int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
+        {
+            int i ;
+            byte rnd[8] ;
+            word32 *rnd32 = (word32 *)rnd ;
+            word32 size = sz ;
+            byte* op = output ;
+
+            /* This part has to be replaced with better random seed */
+            RNGNUMGEN1 = ReadCoreTimer();
+            RNGPOLY1 = ReadCoreTimer();
+            RNGPOLY2 = ReadCoreTimer();
+            RNGNUMGEN2 = ReadCoreTimer();
+#ifdef DEBUG_WOLFSSL
+            printf("GenerateSeed::Seed=%08x, %08x\n", RNGNUMGEN1, RNGNUMGEN2) ;
+#endif
+            RNGCONbits.PLEN = 0x40;
+            RNGCONbits.PRNGEN = 1;
+            for(i=0; i<5; i++) { /* wait for RNGNUMGEN ready */
+                volatile int x ;
+                x = RNGNUMGEN1 ;
+                x = RNGNUMGEN2 ;
+            }
+            do {
+                rnd32[0] = RNGNUMGEN1;
+                rnd32[1] = RNGNUMGEN2;
+
+                for(i=0; i<8; i++, op++) {
+                    *op = rnd[i] ;
+                    size -- ;
+                    if(size==0)break ;
+                }
+            } while(size) ;
+            return 0;
+        }
+    #else  /* WOLFSSL_MIC32MZ_RNG */
+        /* uses the core timer, in nanoseconds to seed srand */
+        int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
+        {
+            int i;
+            srand(PIC32_SEED_COUNT() * 25);
+
+            for (i = 0; i < sz; i++ ) {
+                output[i] = rand() % 256;
+                if ( (i % 8) == 7)
+                    srand(PIC32_SEED_COUNT() * 25);
+            }
+            return 0;
+        }
+    #endif /* WOLFSSL_MIC32MZ_RNG */
+
+#elif defined(FREESCALE_MQX)
+
+    #ifdef FREESCALE_K70_RNGA
+        /*
+         * wc_Generates a RNG seed using the Random Number Generator Accelerator
+         * on the Kinetis K70. Documentation located in Chapter 37 of
+         * K70 Sub-Family Reference Manual (see Note 3 in the README for link).
+         */
+        int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
+        {
+            int i;
+
+            /* turn on RNGA module */
+            SIM_SCGC3 |= SIM_SCGC3_RNGA_MASK;
+
+            /* set SLP bit to 0 - "RNGA is not in sleep mode" */
+            RNG_CR &= ~RNG_CR_SLP_MASK;
+
+            /* set HA bit to 1 - "security violations masked" */
+            RNG_CR |= RNG_CR_HA_MASK;
+
+            /* set GO bit to 1 - "output register loaded with data" */
+            RNG_CR |= RNG_CR_GO_MASK;
+
+            for (i = 0; i < sz; i++) {
+
+                /* wait for RNG FIFO to be full */
+                while((RNG_SR & RNG_SR_OREG_LVL(0xF)) == 0) {}
+
+                /* get value */
+                output[i] = RNG_OR;
+            }
+
+            return 0;
+        }
+
+    #elif defined(FREESCALE_K53_RNGB)
+        /*
+         * wc_Generates a RNG seed using the Random Number Generator (RNGB)
+         * on the Kinetis K53. Documentation located in Chapter 33 of
+         * K53 Sub-Family Reference Manual (see note in the README for link).
+         */
+        int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
+        {
+            int i;
+
+            /* turn on RNGB module */
+            SIM_SCGC3 |= SIM_SCGC3_RNGB_MASK;
+
+            /* reset RNGB */
+            RNG_CMD |= RNG_CMD_SR_MASK;
+
+            /* FIFO generate interrupt, return all zeros on underflow,
+             * set auto reseed */
+            RNG_CR |= (RNG_CR_FUFMOD_MASK | RNG_CR_AR_MASK);
+
+            /* gen seed, clear interrupts, clear errors */
+            RNG_CMD |= (RNG_CMD_GS_MASK | RNG_CMD_CI_MASK | RNG_CMD_CE_MASK);
+
+            /* wait for seeding to complete */
+            while ((RNG_SR & RNG_SR_SDN_MASK) == 0) {}
+
+            for (i = 0; i < sz; i++) {
+
+                /* wait for a word to be available from FIFO */
+                while((RNG_SR & RNG_SR_FIFO_LVL_MASK) == 0) {}
+
+                /* get value */
+                output[i] = RNG_OUT;
+            }
+
+            return 0;
+        }
+
+	#else
+        #warning "write a real random seed!!!!, just for testing now"
+
+        int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
+        {
+            int i;
+            for (i = 0; i < sz; i++ )
+                output[i] = i;
+
+            return 0;
+        }
+	#endif /* FREESCALE_K70_RNGA */
+
+#elif defined(WOLFSSL_SAFERTOS) || defined(WOLFSSL_LEANPSK) \
+   || defined(WOLFSSL_IAR_ARM)  || defined(WOLFSSL_MDK_ARM)
+
+#warning "write a real random seed!!!!, just for testing now"
+
+int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
+{
+    word32 i;
+    for (i = 0; i < sz; i++ )
+        output[i] = i;
+
+    (void)os;
+
+    return 0;
+}
+
+#elif defined(STM32F2_RNG)
+    #undef RNG
+    #include "stm32f2xx_rng.h"
+    #include "stm32f2xx_rcc.h"
+    /*
+     * wc_Generate a RNG seed using the hardware random number generator
+     * on the STM32F2. Documentation located in STM32F2xx Standard Peripheral
+     * Library document (See note in README).
+     */
+    int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
+    {
+        int i;
+
+        /* enable RNG clock source */
+        RCC_AHB2PeriphClockCmd(RCC_AHB2Periph_RNG, ENABLE);
+
+        /* enable RNG peripheral */
+        RNG_Cmd(ENABLE);
+
+        for (i = 0; i < sz; i++) {
+            /* wait until RNG number is ready */
+            while(RNG_GetFlagStatus(RNG_FLAG_DRDY)== RESET) { }
+
+            /* get value */
+            output[i] = RNG_GetRandomNumber();
+        }
+
+        return 0;
+    }
+#elif defined(WOLFSSL_LPC43xx) || defined(WOLFSSL_STM32F2xx)
+
+    #warning "write a real random seed!!!!, just for testing now"
+
+    int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
+    {
+        int i;
+
+        for (i = 0; i < sz; i++ )
+            output[i] = i;
+
+        return 0;
+    }
+
+#elif defined(WOLFSSL_TIRTOS)
+
+    #include 
+    #include 
+    int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
+    {
+        int i;
+        srand(xdc_runtime_Timestamp_get32());
+
+        for (i = 0; i < sz; i++ ) {
+            output[i] = rand() % 256;
+            if ((i % 8) == 7) {
+                srand(xdc_runtime_Timestamp_get32());
+            }
+        }
+
+        return 0;
+    }
+
+#elif defined(CUSTOM_RAND_GENERATE)
+
+   /* Implement your own random generation function
+    * word32 rand_gen(void);
+    * #define CUSTOM_RAND_GENERATE  rand_gen  */
+
+   int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
+   {
+     int i;
+
+     for (i = 0; i < sz; i++ )
+         output[i] = CUSTOM_RAND_GENERATE();
+
+     return 0;
+   }
+
+#elif defined(NO_DEV_RANDOM)
+
+#error "you need to write an os specific wc_GenerateSeed() here"
+
+/*
+int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
+{
+    return 0;
+}
+*/
+
+
+#else /* !USE_WINDOWS_API && !HAVE_RPT_SYS && !MICRIUM && !NO_DEV_RANDOM */
+
+
+/* may block */
+int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
+{
+    int ret = 0;
+
+    os->fd = open("/dev/urandom",O_RDONLY);
+    if (os->fd == -1) {
+        /* may still have /dev/random */
+        os->fd = open("/dev/random",O_RDONLY);
+        if (os->fd == -1)
+            return OPEN_RAN_E;
+    }
+
+    while (sz) {
+        int len = (int)read(os->fd, output, sz);
+        if (len == -1) {
+            ret = READ_RAN_E;
+            break;
+        }
+
+        sz     -= len;
+        output += len;
+
+        if (sz) {
+#ifdef BLOCKING
+            sleep(0);             /* context switch */
+#else
+            ret = RAN_BLOCK_E;
+            break;
+#endif
+        }
+    }
+    close(os->fd);
+
+    return ret;
+}
+
+#endif /* USE_WINDOWS_API */
+#endif /* HAVE_FIPS */
+
diff --git a/3P/wolfssl/wolfcrypt/src/ripemd.c b/3P/wolfssl/wolfcrypt/src/ripemd.c
new file mode 100644
index 00000000..ff536a0a
--- /dev/null
+++ b/3P/wolfssl/wolfcrypt/src/ripemd.c
@@ -0,0 +1,354 @@
+/* ripemd.c
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#ifdef HAVE_CONFIG_H
+    #include 
+#endif
+
+#include 
+
+#ifdef WOLFSSL_RIPEMD
+
+#include 
+#ifdef NO_INLINE
+    #include 
+#else
+    #include 
+#endif
+
+
+#ifndef min
+
+    static INLINE word32 min(word32 a, word32 b)
+    {
+        return a > b ? b : a;
+    }
+
+#endif /* min */
+
+
+void wc_InitRipeMd(RipeMd* ripemd)
+{
+    ripemd->digest[0] = 0x67452301L;
+    ripemd->digest[1] = 0xEFCDAB89L;
+    ripemd->digest[2] = 0x98BADCFEL;
+    ripemd->digest[3] = 0x10325476L;
+    ripemd->digest[4] = 0xC3D2E1F0L;
+
+    ripemd->buffLen = 0;
+    ripemd->loLen   = 0;
+    ripemd->hiLen   = 0;
+}
+
+
+/* for all */
+#define F(x, y, z)    (x ^ y ^ z) 
+#define G(x, y, z)    (z ^ (x & (y^z)))
+#define H(x, y, z)    (z ^ (x | ~y))
+#define I(x, y, z)    (y ^ (z & (x^y)))
+#define J(x, y, z)    (x ^ (y | ~z))
+
+#define k0 0
+#define k1 0x5a827999
+#define k2 0x6ed9eba1
+#define k3 0x8f1bbcdc
+#define k4 0xa953fd4e
+#define k5 0x50a28be6
+#define k6 0x5c4dd124
+#define k7 0x6d703ef3
+#define k8 0x7a6d76e9
+#define k9 0
+
+/* for 160 and 320 */
+#define Subround(f, a, b, c, d, e, x, s, k) \
+    a += f(b, c, d) + x + k;\
+    a = rotlFixed((word32)a, s) + e;\
+    c = rotlFixed((word32)c, 10U)
+
+static void Transform(RipeMd* ripemd)
+{
+    word32 a1, b1, c1, d1, e1, a2, b2, c2, d2, e2;
+    a1 = a2 = ripemd->digest[0];
+    b1 = b2 = ripemd->digest[1];
+    c1 = c2 = ripemd->digest[2];
+    d1 = d2 = ripemd->digest[3];
+    e1 = e2 = ripemd->digest[4];
+
+    Subround(F, a1, b1, c1, d1, e1, ripemd->buffer[ 0], 11, k0);
+    Subround(F, e1, a1, b1, c1, d1, ripemd->buffer[ 1], 14, k0);
+    Subround(F, d1, e1, a1, b1, c1, ripemd->buffer[ 2], 15, k0);
+    Subround(F, c1, d1, e1, a1, b1, ripemd->buffer[ 3], 12, k0);
+    Subround(F, b1, c1, d1, e1, a1, ripemd->buffer[ 4],  5, k0);
+    Subround(F, a1, b1, c1, d1, e1, ripemd->buffer[ 5],  8, k0);
+    Subround(F, e1, a1, b1, c1, d1, ripemd->buffer[ 6],  7, k0);
+    Subround(F, d1, e1, a1, b1, c1, ripemd->buffer[ 7],  9, k0);
+    Subround(F, c1, d1, e1, a1, b1, ripemd->buffer[ 8], 11, k0);
+    Subround(F, b1, c1, d1, e1, a1, ripemd->buffer[ 9], 13, k0);
+    Subround(F, a1, b1, c1, d1, e1, ripemd->buffer[10], 14, k0);
+    Subround(F, e1, a1, b1, c1, d1, ripemd->buffer[11], 15, k0);
+    Subround(F, d1, e1, a1, b1, c1, ripemd->buffer[12],  6, k0);
+    Subround(F, c1, d1, e1, a1, b1, ripemd->buffer[13],  7, k0);
+    Subround(F, b1, c1, d1, e1, a1, ripemd->buffer[14],  9, k0);
+    Subround(F, a1, b1, c1, d1, e1, ripemd->buffer[15],  8, k0);
+
+    Subround(G, e1, a1, b1, c1, d1, ripemd->buffer[ 7],  7, k1);
+    Subround(G, d1, e1, a1, b1, c1, ripemd->buffer[ 4],  6, k1);
+    Subround(G, c1, d1, e1, a1, b1, ripemd->buffer[13],  8, k1);
+    Subround(G, b1, c1, d1, e1, a1, ripemd->buffer[ 1], 13, k1);
+    Subround(G, a1, b1, c1, d1, e1, ripemd->buffer[10], 11, k1);
+    Subround(G, e1, a1, b1, c1, d1, ripemd->buffer[ 6],  9, k1);
+    Subround(G, d1, e1, a1, b1, c1, ripemd->buffer[15],  7, k1);
+    Subround(G, c1, d1, e1, a1, b1, ripemd->buffer[ 3], 15, k1);
+    Subround(G, b1, c1, d1, e1, a1, ripemd->buffer[12],  7, k1);
+    Subround(G, a1, b1, c1, d1, e1, ripemd->buffer[ 0], 12, k1);
+    Subround(G, e1, a1, b1, c1, d1, ripemd->buffer[ 9], 15, k1);
+    Subround(G, d1, e1, a1, b1, c1, ripemd->buffer[ 5],  9, k1);
+    Subround(G, c1, d1, e1, a1, b1, ripemd->buffer[ 2], 11, k1);
+    Subround(G, b1, c1, d1, e1, a1, ripemd->buffer[14],  7, k1);
+    Subround(G, a1, b1, c1, d1, e1, ripemd->buffer[11], 13, k1);
+    Subround(G, e1, a1, b1, c1, d1, ripemd->buffer[ 8], 12, k1);
+
+    Subround(H, d1, e1, a1, b1, c1, ripemd->buffer[ 3], 11, k2);
+    Subround(H, c1, d1, e1, a1, b1, ripemd->buffer[10], 13, k2);
+    Subround(H, b1, c1, d1, e1, a1, ripemd->buffer[14],  6, k2);
+    Subround(H, a1, b1, c1, d1, e1, ripemd->buffer[ 4],  7, k2);
+    Subround(H, e1, a1, b1, c1, d1, ripemd->buffer[ 9], 14, k2);
+    Subround(H, d1, e1, a1, b1, c1, ripemd->buffer[15],  9, k2);
+    Subround(H, c1, d1, e1, a1, b1, ripemd->buffer[ 8], 13, k2);
+    Subround(H, b1, c1, d1, e1, a1, ripemd->buffer[ 1], 15, k2);
+    Subround(H, a1, b1, c1, d1, e1, ripemd->buffer[ 2], 14, k2);
+    Subround(H, e1, a1, b1, c1, d1, ripemd->buffer[ 7],  8, k2);
+    Subround(H, d1, e1, a1, b1, c1, ripemd->buffer[ 0], 13, k2);
+    Subround(H, c1, d1, e1, a1, b1, ripemd->buffer[ 6],  6, k2);
+    Subround(H, b1, c1, d1, e1, a1, ripemd->buffer[13],  5, k2);
+    Subround(H, a1, b1, c1, d1, e1, ripemd->buffer[11], 12, k2);
+    Subround(H, e1, a1, b1, c1, d1, ripemd->buffer[ 5],  7, k2);
+    Subround(H, d1, e1, a1, b1, c1, ripemd->buffer[12],  5, k2);
+
+    Subround(I, c1, d1, e1, a1, b1, ripemd->buffer[ 1], 11, k3);
+    Subround(I, b1, c1, d1, e1, a1, ripemd->buffer[ 9], 12, k3);
+    Subround(I, a1, b1, c1, d1, e1, ripemd->buffer[11], 14, k3);
+    Subround(I, e1, a1, b1, c1, d1, ripemd->buffer[10], 15, k3);
+    Subround(I, d1, e1, a1, b1, c1, ripemd->buffer[ 0], 14, k3);
+    Subround(I, c1, d1, e1, a1, b1, ripemd->buffer[ 8], 15, k3);
+    Subround(I, b1, c1, d1, e1, a1, ripemd->buffer[12],  9, k3);
+    Subround(I, a1, b1, c1, d1, e1, ripemd->buffer[ 4],  8, k3);
+    Subround(I, e1, a1, b1, c1, d1, ripemd->buffer[13],  9, k3);
+    Subround(I, d1, e1, a1, b1, c1, ripemd->buffer[ 3], 14, k3);
+    Subround(I, c1, d1, e1, a1, b1, ripemd->buffer[ 7],  5, k3);
+    Subround(I, b1, c1, d1, e1, a1, ripemd->buffer[15],  6, k3);
+    Subround(I, a1, b1, c1, d1, e1, ripemd->buffer[14],  8, k3);
+    Subround(I, e1, a1, b1, c1, d1, ripemd->buffer[ 5],  6, k3);
+    Subround(I, d1, e1, a1, b1, c1, ripemd->buffer[ 6],  5, k3);
+    Subround(I, c1, d1, e1, a1, b1, ripemd->buffer[ 2], 12, k3);
+
+    Subround(J, b1, c1, d1, e1, a1, ripemd->buffer[ 4],  9, k4);
+    Subround(J, a1, b1, c1, d1, e1, ripemd->buffer[ 0], 15, k4);
+    Subround(J, e1, a1, b1, c1, d1, ripemd->buffer[ 5],  5, k4);
+    Subround(J, d1, e1, a1, b1, c1, ripemd->buffer[ 9], 11, k4);
+    Subround(J, c1, d1, e1, a1, b1, ripemd->buffer[ 7],  6, k4);
+    Subround(J, b1, c1, d1, e1, a1, ripemd->buffer[12],  8, k4);
+    Subround(J, a1, b1, c1, d1, e1, ripemd->buffer[ 2], 13, k4);
+    Subround(J, e1, a1, b1, c1, d1, ripemd->buffer[10], 12, k4);
+    Subround(J, d1, e1, a1, b1, c1, ripemd->buffer[14],  5, k4);
+    Subround(J, c1, d1, e1, a1, b1, ripemd->buffer[ 1], 12, k4);
+    Subround(J, b1, c1, d1, e1, a1, ripemd->buffer[ 3], 13, k4);
+    Subround(J, a1, b1, c1, d1, e1, ripemd->buffer[ 8], 14, k4);
+    Subround(J, e1, a1, b1, c1, d1, ripemd->buffer[11], 11, k4);
+    Subround(J, d1, e1, a1, b1, c1, ripemd->buffer[ 6],  8, k4);
+    Subround(J, c1, d1, e1, a1, b1, ripemd->buffer[15],  5, k4);
+    Subround(J, b1, c1, d1, e1, a1, ripemd->buffer[13],  6, k4);
+
+    Subround(J, a2, b2, c2, d2, e2, ripemd->buffer[ 5],  8, k5);
+    Subround(J, e2, a2, b2, c2, d2, ripemd->buffer[14],  9, k5);
+    Subround(J, d2, e2, a2, b2, c2, ripemd->buffer[ 7],  9, k5);
+    Subround(J, c2, d2, e2, a2, b2, ripemd->buffer[ 0], 11, k5);
+    Subround(J, b2, c2, d2, e2, a2, ripemd->buffer[ 9], 13, k5);
+    Subround(J, a2, b2, c2, d2, e2, ripemd->buffer[ 2], 15, k5);
+    Subround(J, e2, a2, b2, c2, d2, ripemd->buffer[11], 15, k5);
+    Subround(J, d2, e2, a2, b2, c2, ripemd->buffer[ 4],  5, k5);
+    Subround(J, c2, d2, e2, a2, b2, ripemd->buffer[13],  7, k5);
+    Subround(J, b2, c2, d2, e2, a2, ripemd->buffer[ 6],  7, k5);
+    Subround(J, a2, b2, c2, d2, e2, ripemd->buffer[15],  8, k5);
+    Subround(J, e2, a2, b2, c2, d2, ripemd->buffer[ 8], 11, k5);
+    Subround(J, d2, e2, a2, b2, c2, ripemd->buffer[ 1], 14, k5);
+    Subround(J, c2, d2, e2, a2, b2, ripemd->buffer[10], 14, k5);
+    Subround(J, b2, c2, d2, e2, a2, ripemd->buffer[ 3], 12, k5);
+    Subround(J, a2, b2, c2, d2, e2, ripemd->buffer[12],  6, k5);
+
+    Subround(I, e2, a2, b2, c2, d2, ripemd->buffer[ 6],  9, k6); 
+    Subround(I, d2, e2, a2, b2, c2, ripemd->buffer[11], 13, k6);
+    Subround(I, c2, d2, e2, a2, b2, ripemd->buffer[ 3], 15, k6);
+    Subround(I, b2, c2, d2, e2, a2, ripemd->buffer[ 7],  7, k6);
+    Subround(I, a2, b2, c2, d2, e2, ripemd->buffer[ 0], 12, k6);
+    Subround(I, e2, a2, b2, c2, d2, ripemd->buffer[13],  8, k6);
+    Subround(I, d2, e2, a2, b2, c2, ripemd->buffer[ 5],  9, k6);
+    Subround(I, c2, d2, e2, a2, b2, ripemd->buffer[10], 11, k6);
+    Subround(I, b2, c2, d2, e2, a2, ripemd->buffer[14],  7, k6);
+    Subround(I, a2, b2, c2, d2, e2, ripemd->buffer[15],  7, k6);
+    Subround(I, e2, a2, b2, c2, d2, ripemd->buffer[ 8], 12, k6);
+    Subround(I, d2, e2, a2, b2, c2, ripemd->buffer[12],  7, k6);
+    Subround(I, c2, d2, e2, a2, b2, ripemd->buffer[ 4],  6, k6);
+    Subround(I, b2, c2, d2, e2, a2, ripemd->buffer[ 9], 15, k6);
+    Subround(I, a2, b2, c2, d2, e2, ripemd->buffer[ 1], 13, k6);
+    Subround(I, e2, a2, b2, c2, d2, ripemd->buffer[ 2], 11, k6);
+
+    Subround(H, d2, e2, a2, b2, c2, ripemd->buffer[15],  9, k7);
+    Subround(H, c2, d2, e2, a2, b2, ripemd->buffer[ 5],  7, k7);
+    Subround(H, b2, c2, d2, e2, a2, ripemd->buffer[ 1], 15, k7);
+    Subround(H, a2, b2, c2, d2, e2, ripemd->buffer[ 3], 11, k7);
+    Subround(H, e2, a2, b2, c2, d2, ripemd->buffer[ 7],  8, k7);
+    Subround(H, d2, e2, a2, b2, c2, ripemd->buffer[14],  6, k7);
+    Subround(H, c2, d2, e2, a2, b2, ripemd->buffer[ 6],  6, k7);
+    Subround(H, b2, c2, d2, e2, a2, ripemd->buffer[ 9], 14, k7);
+    Subround(H, a2, b2, c2, d2, e2, ripemd->buffer[11], 12, k7);
+    Subround(H, e2, a2, b2, c2, d2, ripemd->buffer[ 8], 13, k7);
+    Subround(H, d2, e2, a2, b2, c2, ripemd->buffer[12],  5, k7);
+    Subround(H, c2, d2, e2, a2, b2, ripemd->buffer[ 2], 14, k7);
+    Subround(H, b2, c2, d2, e2, a2, ripemd->buffer[10], 13, k7);
+    Subround(H, a2, b2, c2, d2, e2, ripemd->buffer[ 0], 13, k7);
+    Subround(H, e2, a2, b2, c2, d2, ripemd->buffer[ 4],  7, k7);
+    Subround(H, d2, e2, a2, b2, c2, ripemd->buffer[13],  5, k7);
+
+    Subround(G, c2, d2, e2, a2, b2, ripemd->buffer[ 8], 15, k8);
+    Subround(G, b2, c2, d2, e2, a2, ripemd->buffer[ 6],  5, k8);
+    Subround(G, a2, b2, c2, d2, e2, ripemd->buffer[ 4],  8, k8);
+    Subround(G, e2, a2, b2, c2, d2, ripemd->buffer[ 1], 11, k8);
+    Subround(G, d2, e2, a2, b2, c2, ripemd->buffer[ 3], 14, k8);
+    Subround(G, c2, d2, e2, a2, b2, ripemd->buffer[11], 14, k8);
+    Subround(G, b2, c2, d2, e2, a2, ripemd->buffer[15],  6, k8);
+    Subround(G, a2, b2, c2, d2, e2, ripemd->buffer[ 0], 14, k8);
+    Subround(G, e2, a2, b2, c2, d2, ripemd->buffer[ 5],  6, k8);
+    Subround(G, d2, e2, a2, b2, c2, ripemd->buffer[12],  9, k8);
+    Subround(G, c2, d2, e2, a2, b2, ripemd->buffer[ 2], 12, k8);
+    Subround(G, b2, c2, d2, e2, a2, ripemd->buffer[13],  9, k8);
+    Subround(G, a2, b2, c2, d2, e2, ripemd->buffer[ 9], 12, k8);
+    Subround(G, e2, a2, b2, c2, d2, ripemd->buffer[ 7],  5, k8);
+    Subround(G, d2, e2, a2, b2, c2, ripemd->buffer[10], 15, k8);
+    Subround(G, c2, d2, e2, a2, b2, ripemd->buffer[14],  8, k8);
+
+    Subround(F, b2, c2, d2, e2, a2, ripemd->buffer[12],  8, k9);
+    Subround(F, a2, b2, c2, d2, e2, ripemd->buffer[15],  5, k9);
+    Subround(F, e2, a2, b2, c2, d2, ripemd->buffer[10], 12, k9);
+    Subround(F, d2, e2, a2, b2, c2, ripemd->buffer[ 4],  9, k9);
+    Subround(F, c2, d2, e2, a2, b2, ripemd->buffer[ 1], 12, k9);
+    Subround(F, b2, c2, d2, e2, a2, ripemd->buffer[ 5],  5, k9);
+    Subround(F, a2, b2, c2, d2, e2, ripemd->buffer[ 8], 14, k9);
+    Subround(F, e2, a2, b2, c2, d2, ripemd->buffer[ 7],  6, k9);
+    Subround(F, d2, e2, a2, b2, c2, ripemd->buffer[ 6],  8, k9);
+    Subround(F, c2, d2, e2, a2, b2, ripemd->buffer[ 2], 13, k9);
+    Subround(F, b2, c2, d2, e2, a2, ripemd->buffer[13],  6, k9);
+    Subround(F, a2, b2, c2, d2, e2, ripemd->buffer[14],  5, k9);
+    Subround(F, e2, a2, b2, c2, d2, ripemd->buffer[ 0], 15, k9);
+    Subround(F, d2, e2, a2, b2, c2, ripemd->buffer[ 3], 13, k9);
+    Subround(F, c2, d2, e2, a2, b2, ripemd->buffer[ 9], 11, k9);
+    Subround(F, b2, c2, d2, e2, a2, ripemd->buffer[11], 11, k9);
+
+    c1                = ripemd->digest[1] + c1 + d2;
+    ripemd->digest[1] = ripemd->digest[2] + d1 + e2;
+    ripemd->digest[2] = ripemd->digest[3] + e1 + a2;
+    ripemd->digest[3] = ripemd->digest[4] + a1 + b2;
+    ripemd->digest[4] = ripemd->digest[0] + b1 + c2;
+    ripemd->digest[0] = c1;
+}
+
+
+static INLINE void AddLength(RipeMd* ripemd, word32 len)
+{
+    word32 tmp = ripemd->loLen;
+    if ( (ripemd->loLen += len) < tmp)
+        ripemd->hiLen++;                       /* carry low to high */
+}
+
+
+void wc_RipeMdUpdate(RipeMd* ripemd, const byte* data, word32 len)
+{
+    /* do block size increments */
+    byte* local = (byte*)ripemd->buffer;
+
+    while (len) {
+        word32 add = min(len, RIPEMD_BLOCK_SIZE - ripemd->buffLen);
+        XMEMCPY(&local[ripemd->buffLen], data, add);
+
+        ripemd->buffLen += add;
+        data         += add;
+        len          -= add;
+
+        if (ripemd->buffLen == RIPEMD_BLOCK_SIZE) {
+            #ifdef BIG_ENDIAN_ORDER
+                ByteReverseWords(ripemd->buffer, ripemd->buffer,
+                                 RIPEMD_BLOCK_SIZE);
+            #endif
+            Transform(ripemd);
+            AddLength(ripemd, RIPEMD_BLOCK_SIZE);
+            ripemd->buffLen = 0;
+        }
+    }
+}
+
+
+void wc_RipeMdFinal(RipeMd* ripemd, byte* hash)
+{
+    byte* local = (byte*)ripemd->buffer;
+
+    AddLength(ripemd, ripemd->buffLen);               /* before adding pads */
+
+    local[ripemd->buffLen++] = 0x80;  /* add 1 */
+
+    /* pad with zeros */
+    if (ripemd->buffLen > RIPEMD_PAD_SIZE) {
+        XMEMSET(&local[ripemd->buffLen], 0, RIPEMD_BLOCK_SIZE - ripemd->buffLen);
+        ripemd->buffLen += RIPEMD_BLOCK_SIZE - ripemd->buffLen;
+
+        #ifdef BIG_ENDIAN_ORDER
+            ByteReverseWords(ripemd->buffer, ripemd->buffer, RIPEMD_BLOCK_SIZE);
+        #endif
+        Transform(ripemd);
+        ripemd->buffLen = 0;
+    }
+    XMEMSET(&local[ripemd->buffLen], 0, RIPEMD_PAD_SIZE - ripemd->buffLen);
+   
+    /* put lengths in bits */
+    ripemd->loLen = ripemd->loLen << 3;
+    ripemd->hiLen = (ripemd->loLen >> (8*sizeof(ripemd->loLen) - 3)) + 
+                 (ripemd->hiLen << 3);
+
+    /* store lengths */
+    #ifdef BIG_ENDIAN_ORDER
+        ByteReverseWords(ripemd->buffer, ripemd->buffer, RIPEMD_BLOCK_SIZE);
+    #endif
+    /* ! length ordering dependent on digest endian type ! */
+    XMEMCPY(&local[RIPEMD_PAD_SIZE], &ripemd->loLen, sizeof(word32));
+    XMEMCPY(&local[RIPEMD_PAD_SIZE + sizeof(word32)], &ripemd->hiLen, 
+           sizeof(word32));
+
+    Transform(ripemd);
+    #ifdef BIG_ENDIAN_ORDER
+        ByteReverseWords(ripemd->digest, ripemd->digest, RIPEMD_DIGEST_SIZE);
+    #endif
+    XMEMCPY(hash, ripemd->digest, RIPEMD_DIGEST_SIZE);
+
+    wc_InitRipeMd(ripemd);  /* reset state */
+}
+
+
+#endif /* WOLFSSL_RIPEMD */
diff --git a/3P/wolfssl/wolfcrypt/src/rsa.c b/3P/wolfssl/wolfcrypt/src/rsa.c
new file mode 100644
index 00000000..ee7555d3
--- /dev/null
+++ b/3P/wolfssl/wolfcrypt/src/rsa.c
@@ -0,0 +1,966 @@
+/* rsa.c
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+#ifdef HAVE_CONFIG_H
+    #include 
+#endif
+
+#include 
+
+#ifndef NO_RSA
+
+#include 
+
+#ifdef HAVE_FIPS
+int  wc_InitRsaKey(RsaKey* key, void* ptr)
+{
+    return InitRsaKey_fips(key, ptr);
+}
+
+
+int  wc_FreeRsaKey(RsaKey* key)
+{
+    return FreeRsaKey_fips(key);
+}
+
+
+int  wc_RsaPublicEncrypt(const byte* in, word32 inLen, byte* out,
+                                 word32 outLen, RsaKey* key, RNG* rng)
+{
+    return RsaPublicEncrypt_fips(in, inLen, out, outLen, key, rng);
+}
+
+
+int  wc_RsaPrivateDecryptInline(byte* in, word32 inLen, byte** out,
+                                        RsaKey* key)
+{
+    return RsaPrivateDecryptInline_fips(in, inLen, out, key);
+}
+
+
+int  wc_RsaPrivateDecrypt(const byte* in, word32 inLen, byte* out,
+                                  word32 outLen, RsaKey* key)
+{
+    return RsaPrivateDecrypt_fips(in, inLen, out, outLen, key);
+}
+
+
+int  wc_RsaSSL_Sign(const byte* in, word32 inLen, byte* out,
+                            word32 outLen, RsaKey* key, RNG* rng)
+{
+    return RsaSSL_Sign_fips(in, inLen, out, outLen, key, rng);
+}
+
+
+int  wc_RsaSSL_VerifyInline(byte* in, word32 inLen, byte** out, RsaKey* key)
+{
+    return RsaSSL_VerifyInline_fips(in, inLen, out, key);
+}
+
+
+int  wc_RsaSSL_Verify(const byte* in, word32 inLen, byte* out,
+                              word32 outLen, RsaKey* key)
+{
+    return RsaSSL_Verify_fips(in, inLen, out, outLen, key);
+}
+
+
+int  wc_RsaEncryptSize(RsaKey* key)
+{
+    return RsaEncryptSize_fips(key);
+}
+
+
+int wc_RsaFlattenPublicKey(RsaKey* key, byte* a, word32* aSz, byte* b,
+                           word32* bSz)
+{
+    /* not specified as fips so not needing _fips */
+    return RsaFlattenPublicKey(key, a, aSz, b, bSz);
+}
+#ifdef WOLFSSL_KEY_GEN
+    int wc_MakeRsaKey(RsaKey* key, int size, long e, RNG* rng)
+    {
+        return MakeRsaKey(key, size, e, rng);
+    }
+#endif
+
+
+#ifdef HAVE_CAVIUM
+    int  wc_RsaInitCavium(RsaKey* key, int i)
+    {
+        return RsaInitCavium(key, i);
+    }
+
+
+    void wc_RsaFreeCavium(RsaKey* key)
+    {
+        RsaFreeCavium(key);
+    }
+#endif
+
+/* these are functions in asn and are routed to wolfssl/wolfcrypt/asn.c
+* wc_RsaPrivateKeyDecode
+* wc_RsaPublicKeyDecode
+*/
+
+#else /* else build without fips */
+#include 
+#include 
+#include 
+#ifdef NO_INLINE
+    #include 
+#else
+    #include 
+#endif
+
+#ifdef SHOW_GEN
+    #ifdef FREESCALE_MQX
+        #include 
+    #else
+        #include 
+    #endif
+#endif
+
+#ifdef HAVE_CAVIUM
+    static int  InitCaviumRsaKey(RsaKey* key, void* heap);
+    static int  FreeCaviumRsaKey(RsaKey* key);
+    static int  CaviumRsaPublicEncrypt(const byte* in, word32 inLen, byte* out,
+                                       word32 outLen, RsaKey* key);
+    static int  CaviumRsaPrivateDecrypt(const byte* in, word32 inLen, byte* out,
+                                        word32 outLen, RsaKey* key);
+    static int  CaviumRsaSSL_Sign(const byte* in, word32 inLen, byte* out,
+                                  word32 outLen, RsaKey* key);
+    static int  CaviumRsaSSL_Verify(const byte* in, word32 inLen, byte* out,
+                                    word32 outLen, RsaKey* key);
+#endif
+
+enum {
+    RSA_PUBLIC_ENCRYPT  = 0,
+    RSA_PUBLIC_DECRYPT  = 1,
+    RSA_PRIVATE_ENCRYPT = 2,
+    RSA_PRIVATE_DECRYPT = 3,
+
+    RSA_BLOCK_TYPE_1 = 1,
+    RSA_BLOCK_TYPE_2 = 2,
+
+    RSA_MIN_SIZE = 512,
+    RSA_MAX_SIZE = 4096,
+
+    RSA_MIN_PAD_SZ   = 11      /* seperator + 0 + pad value + 8 pads */
+};
+
+
+int wc_InitRsaKey(RsaKey* key, void* heap)
+{
+#ifdef HAVE_CAVIUM
+    if (key->magic == WOLFSSL_RSA_CAVIUM_MAGIC)
+        return InitCaviumRsaKey(key, heap);
+#endif
+
+    key->type = -1;  /* haven't decided yet */
+    key->heap = heap;
+
+/* TomsFastMath doesn't use memory allocation */
+#ifndef USE_FAST_MATH
+    key->n.dp = key->e.dp = 0;  /* public  alloc parts */
+
+    key->d.dp = key->p.dp  = 0;  /* private alloc parts */
+    key->q.dp = key->dP.dp = 0;  
+    key->u.dp = key->dQ.dp = 0;
+#else
+    mp_init(&key->n);
+    mp_init(&key->e);
+    mp_init(&key->d);
+    mp_init(&key->p);
+    mp_init(&key->q);
+    mp_init(&key->dP);
+    mp_init(&key->dQ);
+    mp_init(&key->u);
+#endif
+
+    return 0;
+}
+
+
+int wc_FreeRsaKey(RsaKey* key)
+{
+    (void)key;
+
+#ifdef HAVE_CAVIUM
+    if (key->magic == WOLFSSL_RSA_CAVIUM_MAGIC)
+        return FreeCaviumRsaKey(key);
+#endif
+
+/* TomsFastMath doesn't use memory allocation */
+#ifndef USE_FAST_MATH
+    if (key->type == RSA_PRIVATE) {
+        mp_clear(&key->u);
+        mp_clear(&key->dQ);
+        mp_clear(&key->dP);
+        mp_clear(&key->q);
+        mp_clear(&key->p);
+        mp_clear(&key->d);
+    }
+    mp_clear(&key->e);
+    mp_clear(&key->n);
+#endif
+
+    return 0;
+}
+
+static int wc_RsaPad(const byte* input, word32 inputLen, byte* pkcsBlock,
+                   word32 pkcsBlockLen, byte padValue, RNG* rng)
+{
+    if (inputLen == 0)
+        return 0;
+
+    pkcsBlock[0] = 0x0;       /* set first byte to zero and advance */
+    pkcsBlock++; pkcsBlockLen--;
+    pkcsBlock[0] = padValue;  /* insert padValue */
+
+    if (padValue == RSA_BLOCK_TYPE_1)
+        /* pad with 0xff bytes */
+        XMEMSET(&pkcsBlock[1], 0xFF, pkcsBlockLen - inputLen - 2);
+    else {
+        /* pad with non-zero random bytes */
+        word32 padLen = pkcsBlockLen - inputLen - 1, i;
+        int    ret    = wc_RNG_GenerateBlock(rng, &pkcsBlock[1], padLen);
+
+        if (ret != 0)
+            return ret;
+
+        /* remove zeros */
+        for (i = 1; i < padLen; i++)
+            if (pkcsBlock[i] == 0) pkcsBlock[i] = 0x01;
+    }
+
+    pkcsBlock[pkcsBlockLen-inputLen-1] = 0;     /* separator */
+    XMEMCPY(pkcsBlock+pkcsBlockLen-inputLen, input, inputLen);
+
+    return 0;
+}
+
+
+/* UnPad plaintext, set start to *output, return length of plaintext,
+ * < 0 on error */
+static int RsaUnPad(const byte *pkcsBlock, unsigned int pkcsBlockLen,
+                       byte **output, byte padValue)
+{
+    word32 maxOutputLen = (pkcsBlockLen > 10) ? (pkcsBlockLen - 10) : 0,
+           invalid = 0,
+           i = 1,
+           outputLen;
+
+    if (pkcsBlock[0] != 0x0) /* skip past zero */
+        invalid = 1;
+    pkcsBlock++; pkcsBlockLen--;
+
+    /* Require block type padValue */
+    invalid = (pkcsBlock[0] != padValue) || invalid;
+
+    /* verify the padding until we find the separator */
+    if (padValue == RSA_BLOCK_TYPE_1) {
+        while (i maxOutputLen) || invalid;
+
+    if (invalid) {
+        WOLFSSL_MSG("RsaUnPad error, bad formatting");
+        return RSA_PAD_E;
+    }
+
+    *output = (byte *)(pkcsBlock + i);
+    return outputLen;
+}
+
+
+static int wc_RsaFunction(const byte* in, word32 inLen, byte* out, word32* outLen,
+                       int type, RsaKey* key)
+{
+    #define ERROR_OUT(x) { ret = (x); goto done;}
+
+    mp_int tmp;
+    int    ret = 0;
+    word32 keyLen, len;
+
+    if (mp_init(&tmp) != MP_OKAY)
+        return MP_INIT_E;
+
+    if (mp_read_unsigned_bin(&tmp, (byte*)in, inLen) != MP_OKAY)
+        ERROR_OUT(MP_READ_E);
+
+    if (type == RSA_PRIVATE_DECRYPT || type == RSA_PRIVATE_ENCRYPT) {
+        #ifdef RSA_LOW_MEM      /* half as much memory but twice as slow */
+            if (mp_exptmod(&tmp, &key->d, &key->n, &tmp) != MP_OKAY)
+                ERROR_OUT(MP_EXPTMOD_E);
+        #else
+            #define INNER_ERROR_OUT(x) { ret = (x); goto inner_done; }
+
+            mp_int tmpa, tmpb;
+
+            if (mp_init(&tmpa) != MP_OKAY)
+                ERROR_OUT(MP_INIT_E);
+
+            if (mp_init(&tmpb) != MP_OKAY) {
+                mp_clear(&tmpa);
+                ERROR_OUT(MP_INIT_E);
+            }
+
+            /* tmpa = tmp^dP mod p */
+            if (mp_exptmod(&tmp, &key->dP, &key->p, &tmpa) != MP_OKAY)
+                INNER_ERROR_OUT(MP_EXPTMOD_E);
+
+            /* tmpb = tmp^dQ mod q */
+            if (mp_exptmod(&tmp, &key->dQ, &key->q, &tmpb) != MP_OKAY)
+                INNER_ERROR_OUT(MP_EXPTMOD_E);
+
+            /* tmp = (tmpa - tmpb) * qInv (mod p) */
+            if (mp_sub(&tmpa, &tmpb, &tmp) != MP_OKAY)
+                INNER_ERROR_OUT(MP_SUB_E);
+
+            if (mp_mulmod(&tmp, &key->u, &key->p, &tmp) != MP_OKAY)
+                INNER_ERROR_OUT(MP_MULMOD_E);
+
+            /* tmp = tmpb + q * tmp */
+            if (mp_mul(&tmp, &key->q, &tmp) != MP_OKAY)
+                INNER_ERROR_OUT(MP_MUL_E);
+
+            if (mp_add(&tmp, &tmpb, &tmp) != MP_OKAY)
+                INNER_ERROR_OUT(MP_ADD_E);
+
+        inner_done:
+            mp_clear(&tmpa);
+            mp_clear(&tmpb);
+
+            if (ret != 0) return ret;
+
+        #endif   /* RSA_LOW_MEM */
+    }
+    else if (type == RSA_PUBLIC_ENCRYPT || type == RSA_PUBLIC_DECRYPT) {
+        if (mp_exptmod(&tmp, &key->e, &key->n, &tmp) != MP_OKAY)
+            ERROR_OUT(MP_EXPTMOD_E);
+    }
+    else
+        ERROR_OUT(RSA_WRONG_TYPE_E);
+
+    keyLen = mp_unsigned_bin_size(&key->n);
+    if (keyLen > *outLen)
+        ERROR_OUT(RSA_BUFFER_E);
+
+    len = mp_unsigned_bin_size(&tmp);
+
+    /* pad front w/ zeros to match key length */
+    while (len < keyLen) {
+        *out++ = 0x00;
+        len++;
+    }
+
+    *outLen = keyLen;
+
+    /* convert */
+    if (mp_to_unsigned_bin(&tmp, out) != MP_OKAY)
+        ERROR_OUT(MP_TO_E);
+   
+done: 
+    mp_clear(&tmp);
+    return ret;
+}
+
+
+int wc_RsaPublicEncrypt(const byte* in, word32 inLen, byte* out, word32 outLen,
+                     RsaKey* key, RNG* rng)
+{
+    int sz, ret;
+
+#ifdef HAVE_CAVIUM
+    if (key->magic == WOLFSSL_RSA_CAVIUM_MAGIC)
+        return CaviumRsaPublicEncrypt(in, inLen, out, outLen, key);
+#endif
+
+    sz = mp_unsigned_bin_size(&key->n);
+    if (sz > (int)outLen)
+        return RSA_BUFFER_E;
+
+    if (inLen > (word32)(sz - RSA_MIN_PAD_SZ))
+        return RSA_BUFFER_E;
+
+    ret = wc_RsaPad(in, inLen, out, sz, RSA_BLOCK_TYPE_2, rng);
+    if (ret != 0)
+        return ret;
+
+    if ((ret = wc_RsaFunction(out, sz, out, &outLen, RSA_PUBLIC_ENCRYPT, key)) < 0)
+        sz = ret;
+
+    return sz;
+}
+
+
+int wc_RsaPrivateDecryptInline(byte* in, word32 inLen, byte** out, RsaKey* key)
+{
+    int ret;
+
+#ifdef HAVE_CAVIUM
+    if (key->magic == WOLFSSL_RSA_CAVIUM_MAGIC) {
+        ret = CaviumRsaPrivateDecrypt(in, inLen, in, inLen, key);
+        if (ret > 0)
+            *out = in;
+        return ret;
+    }
+#endif
+
+    if ((ret = wc_RsaFunction(in, inLen, in, &inLen, RSA_PRIVATE_DECRYPT, key))
+            < 0) {
+        return ret;
+    }
+ 
+    return RsaUnPad(in, inLen, out, RSA_BLOCK_TYPE_2);
+}
+
+
+int wc_RsaPrivateDecrypt(const byte* in, word32 inLen, byte* out, word32 outLen,
+                     RsaKey* key)
+{
+    int plainLen;
+    byte*  tmp;
+    byte*  pad = 0;
+
+#ifdef HAVE_CAVIUM
+    if (key->magic == WOLFSSL_RSA_CAVIUM_MAGIC)
+        return CaviumRsaPrivateDecrypt(in, inLen, out, outLen, key);
+#endif
+
+    tmp = (byte*)XMALLOC(inLen, key->heap, DYNAMIC_TYPE_RSA);
+    if (tmp == NULL) {
+        return MEMORY_E;
+    }
+
+    XMEMCPY(tmp, in, inLen);
+
+    if ( (plainLen = wc_RsaPrivateDecryptInline(tmp, inLen, &pad, key) ) < 0) {
+        XFREE(tmp, key->heap, DYNAMIC_TYPE_RSA);
+        return plainLen;
+    }
+    if (plainLen > (int)outLen)
+        plainLen = BAD_FUNC_ARG;
+    else
+        XMEMCPY(out, pad, plainLen);
+
+    ForceZero(tmp, inLen);
+    XFREE(tmp, key->heap, DYNAMIC_TYPE_RSA);
+
+    return plainLen;
+}
+
+
+/* for Rsa Verify */
+int wc_RsaSSL_VerifyInline(byte* in, word32 inLen, byte** out, RsaKey* key)
+{
+    int ret;
+
+#ifdef HAVE_CAVIUM
+    if (key->magic == WOLFSSL_RSA_CAVIUM_MAGIC) {
+        ret = CaviumRsaSSL_Verify(in, inLen, in, inLen, key);
+        if (ret > 0)
+            *out = in;
+        return ret;
+    }
+#endif
+
+    if ((ret = wc_RsaFunction(in, inLen, in, &inLen, RSA_PUBLIC_DECRYPT, key))
+            < 0) {
+        return ret;
+    }
+  
+    return RsaUnPad(in, inLen, out, RSA_BLOCK_TYPE_1);
+}
+
+
+int wc_RsaSSL_Verify(const byte* in, word32 inLen, byte* out, word32 outLen,
+                     RsaKey* key)
+{
+    int plainLen;
+    byte*  tmp;
+    byte*  pad = 0;
+
+#ifdef HAVE_CAVIUM
+    if (key->magic == WOLFSSL_RSA_CAVIUM_MAGIC)
+        return CaviumRsaSSL_Verify(in, inLen, out, outLen, key);
+#endif
+
+    tmp = (byte*)XMALLOC(inLen, key->heap, DYNAMIC_TYPE_RSA);
+    if (tmp == NULL) {
+        return MEMORY_E;
+    }
+
+    XMEMCPY(tmp, in, inLen);
+
+    if ( (plainLen = wc_RsaSSL_VerifyInline(tmp, inLen, &pad, key) ) < 0) {
+        XFREE(tmp, key->heap, DYNAMIC_TYPE_RSA);
+        return plainLen;
+    }
+
+    if (plainLen > (int)outLen)
+        plainLen = BAD_FUNC_ARG;
+    else
+        XMEMCPY(out, pad, plainLen);
+
+    ForceZero(tmp, inLen);
+    XFREE(tmp, key->heap, DYNAMIC_TYPE_RSA);
+
+    return plainLen;
+}
+
+
+/* for Rsa Sign */
+int wc_RsaSSL_Sign(const byte* in, word32 inLen, byte* out, word32 outLen,
+                      RsaKey* key, RNG* rng)
+{
+    int sz, ret;
+
+#ifdef HAVE_CAVIUM
+    if (key->magic == WOLFSSL_RSA_CAVIUM_MAGIC)
+        return CaviumRsaSSL_Sign(in, inLen, out, outLen, key);
+#endif
+
+    sz = mp_unsigned_bin_size(&key->n);
+    if (sz > (int)outLen)
+        return RSA_BUFFER_E;
+
+    if (inLen > (word32)(sz - RSA_MIN_PAD_SZ))
+        return RSA_BUFFER_E;
+
+    ret = wc_RsaPad(in, inLen, out, sz, RSA_BLOCK_TYPE_1, rng);
+    if (ret != 0)
+        return ret;
+
+    if ((ret = wc_RsaFunction(out, sz, out, &outLen, RSA_PRIVATE_ENCRYPT,key)) < 0)
+        sz = ret;
+    
+    return sz;
+}
+
+
+int wc_RsaEncryptSize(RsaKey* key)
+{
+#ifdef HAVE_CAVIUM
+    if (key->magic == WOLFSSL_RSA_CAVIUM_MAGIC)
+        return key->c_nSz;
+#endif
+    return mp_unsigned_bin_size(&key->n);
+}
+
+
+int wc_RsaFlattenPublicKey(RsaKey* key, byte* e, word32* eSz, byte* n, word32* nSz)
+{
+    int sz, ret;
+
+    if (key == NULL || e == NULL || eSz == NULL || n == NULL || nSz == NULL)
+       return BAD_FUNC_ARG;
+
+    sz = mp_unsigned_bin_size(&key->e);
+    if ((word32)sz > *nSz)
+        return RSA_BUFFER_E;
+    ret = mp_to_unsigned_bin(&key->e, e);
+    if (ret != MP_OKAY)
+        return ret;
+    *eSz = (word32)sz;
+
+    sz = mp_unsigned_bin_size(&key->n);
+    if ((word32)sz > *nSz)
+        return RSA_BUFFER_E;
+    ret = mp_to_unsigned_bin(&key->n, n);
+    if (ret != MP_OKAY)
+        return ret;
+    *nSz = (word32)sz;
+
+    return 0;
+}
+
+
+#ifdef WOLFSSL_KEY_GEN
+
+static const int USE_BBS = 1;
+
+static int rand_prime(mp_int* N, int len, RNG* rng, void* heap)
+{
+    int   err, res, type;
+    byte* buf;
+
+    (void)heap;
+    if (N == NULL || rng == NULL)
+       return BAD_FUNC_ARG; 
+
+    /* get type */
+    if (len < 0) {
+        type = USE_BBS;
+        len = -len;
+    } else {
+        type = 0;
+    }
+
+    /* allow sizes between 2 and 512 bytes for a prime size */
+    if (len < 2 || len > 512) { 
+        return BAD_FUNC_ARG;
+    }
+   
+    /* allocate buffer to work with */
+    buf = (byte*)XMALLOC(len, heap, DYNAMIC_TYPE_RSA);
+    if (buf == NULL) {
+        return MEMORY_E;
+    }
+    XMEMSET(buf, 0, len);
+
+    do {
+#ifdef SHOW_GEN
+        printf(".");
+        fflush(stdout);
+#endif
+        /* generate value */
+        err = wc_RNG_GenerateBlock(rng, buf, len);
+        if (err != 0) {
+            XFREE(buf, heap, DYNAMIC_TYPE_RSA);
+            return err;
+        }
+
+        /* munge bits */
+        buf[0]     |= 0x80 | 0x40;
+        buf[len-1] |= 0x01 | ((type & USE_BBS) ? 0x02 : 0x00);
+ 
+        /* load value */
+        if ((err = mp_read_unsigned_bin(N, buf, len)) != MP_OKAY) {
+            XFREE(buf, heap, DYNAMIC_TYPE_RSA);
+            return err;
+        }
+
+        /* test */
+        if ((err = mp_prime_is_prime(N, 8, &res)) != MP_OKAY) {
+            XFREE(buf, heap, DYNAMIC_TYPE_RSA);
+            return err;
+        }
+    } while (res == MP_NO);
+
+    ForceZero(buf, len);
+    XFREE(buf, heap, DYNAMIC_TYPE_RSA);
+
+    return 0;
+}
+
+
+/* Make an RSA key for size bits, with e specified, 65537 is a good e */
+int wc_MakeRsaKey(RsaKey* key, int size, long e, RNG* rng)
+{
+    mp_int p, q, tmp1, tmp2, tmp3;
+    int    err;
+
+    if (key == NULL || rng == NULL)
+        return BAD_FUNC_ARG;
+
+    if (size < RSA_MIN_SIZE || size > RSA_MAX_SIZE)
+        return BAD_FUNC_ARG;
+
+    if (e < 3 || (e & 1) == 0)
+        return BAD_FUNC_ARG;
+
+    if ((err = mp_init_multi(&p, &q, &tmp1, &tmp2, &tmp3, NULL)) != MP_OKAY)
+        return err;
+
+    err = mp_set_int(&tmp3, e);
+
+    /* make p */
+    if (err == MP_OKAY) {
+        do {
+            err = rand_prime(&p, size/16, rng, key->heap); /* size in bytes/2 */
+
+            if (err == MP_OKAY)
+                err = mp_sub_d(&p, 1, &tmp1);  /* tmp1 = p-1 */
+
+            if (err == MP_OKAY)
+                err = mp_gcd(&tmp1, &tmp3, &tmp2);  /* tmp2 = gcd(p-1, e) */
+        } while (err == MP_OKAY && mp_cmp_d(&tmp2, 1) != 0);  /* e divdes p-1 */
+    }
+
+    /* make q */
+    if (err == MP_OKAY) {
+        do {
+            err = rand_prime(&q, size/16, rng, key->heap); /* size in bytes/2 */
+
+            if (err == MP_OKAY)
+                err = mp_sub_d(&q, 1, &tmp1);  /* tmp1 = q-1 */
+
+            if (err == MP_OKAY)
+                err = mp_gcd(&tmp1, &tmp3, &tmp2);  /* tmp2 = gcd(q-1, e) */
+        } while (err == MP_OKAY && mp_cmp_d(&tmp2, 1) != 0);  /* e divdes q-1 */
+    }
+
+    if (err == MP_OKAY)
+        err = mp_init_multi(&key->n, &key->e, &key->d, &key->p, &key->q, NULL);
+
+    if (err == MP_OKAY)
+        err = mp_init_multi(&key->dP, &key->dQ, &key->u, NULL, NULL, NULL);
+
+    if (err == MP_OKAY)
+        err = mp_sub_d(&p, 1, &tmp2);  /* tmp2 = p-1 */
+
+    if (err == MP_OKAY)
+        err = mp_lcm(&tmp1, &tmp2, &tmp1);  /* tmp1 = lcm(p-1, q-1),last loop */
+
+    /* make key */
+    if (err == MP_OKAY)
+        err = mp_set_int(&key->e, e);  /* key->e = e */
+
+    if (err == MP_OKAY)                /* key->d = 1/e mod lcm(p-1, q-1) */
+        err = mp_invmod(&key->e, &tmp1, &key->d);
+
+    if (err == MP_OKAY)
+        err = mp_mul(&p, &q, &key->n);  /* key->n = pq */
+
+    if (err == MP_OKAY)
+        err = mp_sub_d(&p, 1, &tmp1);
+
+    if (err == MP_OKAY)
+        err = mp_sub_d(&q, 1, &tmp2);
+
+    if (err == MP_OKAY)
+        err = mp_mod(&key->d, &tmp1, &key->dP);
+
+    if (err == MP_OKAY)
+        err = mp_mod(&key->d, &tmp2, &key->dQ);
+
+    if (err == MP_OKAY)
+        err = mp_invmod(&q, &p, &key->u);
+
+    if (err == MP_OKAY)
+        err = mp_copy(&p, &key->p);
+
+    if (err == MP_OKAY)
+        err = mp_copy(&q, &key->q);
+
+    if (err == MP_OKAY)
+        key->type = RSA_PRIVATE; 
+
+    mp_clear(&tmp3); 
+    mp_clear(&tmp2); 
+    mp_clear(&tmp1); 
+    mp_clear(&q); 
+    mp_clear(&p);
+
+    if (err != MP_OKAY) {
+        wc_FreeRsaKey(key);        
+        return err;
+    }
+
+    return 0;
+}
+
+
+#endif /* WOLFSSL_KEY_GEN */
+
+
+#ifdef HAVE_CAVIUM
+
+#include 
+#include "cavium_common.h"
+
+/* Initiliaze RSA for use with Nitrox device */
+int RsaInitCavium(RsaKey* rsa, int devId)
+{
+    if (rsa == NULL)
+        return -1;
+
+    if (CspAllocContext(CONTEXT_SSL, &rsa->contextHandle, devId) != 0)
+        return -1;
+
+    rsa->devId = devId;
+    rsa->magic = WOLFSSL_RSA_CAVIUM_MAGIC;
+   
+    return 0;
+}
+
+
+/* Free RSA from use with Nitrox device */
+void wc_RsaFreeCavium(RsaKey* rsa)
+{
+    if (rsa == NULL)
+        return;
+
+    CspFreeContext(CONTEXT_SSL, rsa->contextHandle, rsa->devId);
+    rsa->magic = 0;
+}
+
+
+/* Initialize cavium RSA key */
+static int InitCaviumRsaKey(RsaKey* key, void* heap)
+{
+    if (key == NULL)
+        return BAD_FUNC_ARG;
+
+    key->heap = heap;
+    key->type = -1;   /* don't know yet */
+
+    key->c_n  = NULL;
+    key->c_e  = NULL;
+    key->c_d  = NULL;
+    key->c_p  = NULL;
+    key->c_q  = NULL;
+    key->c_dP = NULL;
+    key->c_dQ = NULL;
+    key->c_u  = NULL;
+
+    key->c_nSz   = 0;
+    key->c_eSz   = 0;
+    key->c_dSz   = 0;
+    key->c_pSz   = 0;
+    key->c_qSz   = 0;
+    key->c_dP_Sz = 0;
+    key->c_dQ_Sz = 0;
+    key->c_uSz   = 0;
+    
+    return 0;
+}
+
+
+/* Free cavium RSA key */
+static int FreeCaviumRsaKey(RsaKey* key)
+{
+    if (key == NULL)
+        return BAD_FUNC_ARG;
+
+    XFREE(key->c_n,  key->heap, DYNAMIC_TYPE_CAVIUM_TMP);
+    XFREE(key->c_e,  key->heap, DYNAMIC_TYPE_CAVIUM_TMP);
+    XFREE(key->c_d,  key->heap, DYNAMIC_TYPE_CAVIUM_TMP);
+    XFREE(key->c_p,  key->heap, DYNAMIC_TYPE_CAVIUM_TMP);
+    XFREE(key->c_q,  key->heap, DYNAMIC_TYPE_CAVIUM_TMP);
+    XFREE(key->c_dP, key->heap, DYNAMIC_TYPE_CAVIUM_TMP);
+    XFREE(key->c_dQ, key->heap, DYNAMIC_TYPE_CAVIUM_TMP);
+    XFREE(key->c_u,  key->heap, DYNAMIC_TYPE_CAVIUM_TMP);
+
+    return InitCaviumRsaKey(key, key->heap);  /* reset pointers */
+}
+
+
+static int CaviumRsaPublicEncrypt(const byte* in, word32 inLen, byte* out,
+                                   word32 outLen, RsaKey* key)
+{
+    word32 requestId;
+    word32 ret;
+
+    if (key == NULL || in == NULL || out == NULL || outLen < (word32)key->c_nSz)
+        return -1;
+
+    ret = CspPkcs1v15Enc(CAVIUM_BLOCKING, BT2, key->c_nSz, key->c_eSz,
+                         (word16)inLen, key->c_n, key->c_e, (byte*)in, out,
+                         &requestId, key->devId);
+    if (ret != 0) {
+        WOLFSSL_MSG("Cavium Enc BT2 failed");
+        return -1;
+    }
+    return key->c_nSz;
+}
+
+
+static INLINE void ato16(const byte* c, word16* u16)
+{
+    *u16 = (c[0] << 8) | (c[1]);
+}
+
+
+static int CaviumRsaPrivateDecrypt(const byte* in, word32 inLen, byte* out,
+                                    word32 outLen, RsaKey* key)
+{
+    word32 requestId;
+    word32 ret;
+    word16 outSz = (word16)outLen;
+
+    if (key == NULL || in == NULL || out == NULL || inLen != (word32)key->c_nSz)
+        return -1;
+
+    ret = CspPkcs1v15CrtDec(CAVIUM_BLOCKING, BT2, key->c_nSz, key->c_q,
+                            key->c_dQ, key->c_p, key->c_dP, key->c_u,
+                            (byte*)in, &outSz, out, &requestId, key->devId);
+    if (ret != 0) {
+        WOLFSSL_MSG("Cavium CRT Dec BT2 failed");
+        return -1;
+    }
+    ato16((const byte*)&outSz, &outSz); 
+
+    return outSz;
+}
+
+
+static int CaviumRsaSSL_Sign(const byte* in, word32 inLen, byte* out,
+                             word32 outLen, RsaKey* key)
+{
+    word32 requestId;
+    word32 ret;
+
+    if (key == NULL || in == NULL || out == NULL || inLen == 0 || outLen <
+                                                             (word32)key->c_nSz)
+        return -1;
+
+    ret = CspPkcs1v15CrtEnc(CAVIUM_BLOCKING, BT1, key->c_nSz, (word16)inLen,
+                            key->c_q, key->c_dQ, key->c_p, key->c_dP, key->c_u,
+                            (byte*)in, out, &requestId, key->devId);
+    if (ret != 0) {
+        WOLFSSL_MSG("Cavium CRT Enc BT1 failed");
+        return -1;
+    }
+    return key->c_nSz;
+}
+
+
+static int CaviumRsaSSL_Verify(const byte* in, word32 inLen, byte* out,
+                               word32 outLen, RsaKey* key)
+{
+    word32 requestId;
+    word32 ret;
+    word16 outSz = (word16)outLen;
+
+    if (key == NULL || in == NULL || out == NULL || inLen != (word32)key->c_nSz)
+        return -1;
+
+    ret = CspPkcs1v15Dec(CAVIUM_BLOCKING, BT1, key->c_nSz, key->c_eSz,
+                         key->c_n, key->c_e, (byte*)in, &outSz, out,
+                         &requestId, key->devId);
+    if (ret != 0) {
+        WOLFSSL_MSG("Cavium Dec BT1 failed");
+        return -1;
+    }
+    outSz = ntohs(outSz);
+
+    return outSz;
+}
+
+
+#endif /* HAVE_CAVIUM */
+
+#endif /* HAVE_FIPS */
+#endif /* NO_RSA */
+
diff --git a/3P/wolfssl/wolfcrypt/src/sha.c b/3P/wolfssl/wolfcrypt/src/sha.c
new file mode 100644
index 00000000..792494b8
--- /dev/null
+++ b/3P/wolfssl/wolfcrypt/src/sha.c
@@ -0,0 +1,451 @@
+/* sha.c
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#ifdef HAVE_CONFIG_H
+    #include 
+#endif
+
+#include 
+
+#if !defined(NO_SHA)
+
+#include 
+#include 
+#include 
+
+#ifdef NO_INLINE
+    #include 
+#else
+    #include 
+#endif
+
+/* fips wrapper calls, user can call direct */
+#ifdef HAVE_FIPS
+	int wc_InitSha(Sha* sha)
+	{
+	    return InitSha_fips(sha);
+	}
+
+
+	int wc_ShaUpdate(Sha* sha, const byte* data, word32 len)
+	{
+	    return ShaUpdate_fips(sha, data, len);
+	}
+
+
+	int wc_ShaFinal(Sha* sha, byte* out)
+	{
+	    return ShaFinal_fips(sha,out);
+    }
+
+    int wc_ShaHash(const byte* data, word32 sz, byte* out)
+    {
+        return ShaHash(data, sz, out);
+    }
+
+#else /* else build without fips */
+
+#ifdef WOLFSSL_PIC32MZ_HASH
+#define wc_InitSha   wc_InitSha_sw
+#define wc_ShaUpdate wc_ShaUpdate_sw
+#define wc_ShaFinal  wc_ShaFinal_sw
+#endif
+
+
+#ifdef FREESCALE_MMCAU
+    #include "cau_api.h"
+    #define XTRANSFORM(S,B)  cau_sha1_hash_n((B), 1, ((S))->digest)
+#else
+    #define XTRANSFORM(S,B)  Transform((S))
+#endif
+
+#ifdef STM32F2_HASH
+/*
+ * STM32F2 hardware SHA1 support through the STM32F2 standard peripheral
+ * library. Documentation located in STM32F2xx Standard Peripheral Library
+ * document (See note in README).
+ */
+#include "stm32f2xx.h"
+#include "stm32f2xx_hash.h"
+
+int wc_InitSha(Sha* sha)
+{
+    /* STM32F2 struct notes:
+     * sha->buffer  = first 4 bytes used to hold partial block if needed
+     * sha->buffLen = num bytes currently stored in sha->buffer
+     * sha->loLen   = num bytes that have been written to STM32 FIFO
+     */
+    XMEMSET(sha->buffer, 0, SHA_REG_SIZE);
+    sha->buffLen = 0;
+    sha->loLen = 0;
+
+    /* initialize HASH peripheral */
+    HASH_DeInit();
+
+    /* configure algo used, algo mode, datatype */
+    HASH->CR &= ~ (HASH_CR_ALGO | HASH_CR_DATATYPE | HASH_CR_MODE);
+    HASH->CR |= (HASH_AlgoSelection_SHA1 | HASH_AlgoMode_HASH
+                 | HASH_DataType_8b);
+
+    /* reset HASH processor */
+    HASH->CR |= HASH_CR_INIT;
+
+    return 0;
+}
+
+int wc_ShaUpdate(Sha* sha, const byte* data, word32 len)
+{
+    word32 i = 0;
+    word32 fill = 0;
+    word32 diff = 0;
+
+    /* if saved partial block is available */
+    if (sha->buffLen) {
+        fill = 4 - sha->buffLen;
+
+        /* if enough data to fill, fill and push to FIFO */
+        if (fill <= len) {
+            XMEMCPY((byte*)sha->buffer + sha->buffLen, data, fill);
+            HASH_DataIn(*(uint32_t*)sha->buffer);
+
+            data += fill;
+            len -= fill;
+            sha->loLen += 4;
+            sha->buffLen = 0;
+        } else {
+            /* append partial to existing stored block */
+            XMEMCPY((byte*)sha->buffer + sha->buffLen, data, len);
+            sha->buffLen += len;
+            return;
+        }
+    }
+
+    /* write input block in the IN FIFO */
+    for(i = 0; i < len; i += 4)
+    {
+        diff = len - i;
+        if ( diff < 4) {
+            /* store incomplete last block, not yet in FIFO */
+            XMEMSET(sha->buffer, 0, SHA_REG_SIZE);
+            XMEMCPY((byte*)sha->buffer, data, diff);
+            sha->buffLen = diff;
+        } else {
+            HASH_DataIn(*(uint32_t*)data);
+            data+=4;
+        }
+    }
+
+    /* keep track of total data length thus far */
+    sha->loLen += (len - sha->buffLen);
+
+    return 0;
+}
+
+int wc_ShaFinal(Sha* sha, byte* hash)
+{
+    __IO uint16_t nbvalidbitsdata = 0;
+
+    /* finish reading any trailing bytes into FIFO */
+    if (sha->buffLen) {
+        HASH_DataIn(*(uint32_t*)sha->buffer);
+        sha->loLen += sha->buffLen;
+    }
+
+    /* calculate number of valid bits in last word of input data */
+    nbvalidbitsdata = 8 * (sha->loLen % SHA_REG_SIZE);
+
+    /* configure number of valid bits in last word of the data */
+    HASH_SetLastWordValidBitsNbr(nbvalidbitsdata);
+
+    /* start HASH processor */
+    HASH_StartDigest();
+
+    /* wait until Busy flag == RESET */
+    while (HASH_GetFlagStatus(HASH_FLAG_BUSY) != RESET) {}
+
+    /* read message digest */
+    sha->digest[0] = HASH->HR[0];
+    sha->digest[1] = HASH->HR[1];
+    sha->digest[2] = HASH->HR[2];
+    sha->digest[3] = HASH->HR[3];
+    sha->digest[4] = HASH->HR[4];
+
+    ByteReverseWords(sha->digest, sha->digest, SHA_DIGEST_SIZE);
+
+    XMEMCPY(hash, sha->digest, SHA_DIGEST_SIZE);
+
+    return wc_InitSha(sha);  /* reset state */
+}
+
+#else /* wc_ software implementation */
+
+#ifndef min
+
+static INLINE word32 min(word32 a, word32 b)
+{
+    return a > b ? b : a;
+}
+
+#endif /* min */
+
+
+int wc_InitSha(Sha* sha)
+{
+#ifdef FREESCALE_MMCAU
+    cau_sha1_initialize_output(sha->digest);
+#else
+    sha->digest[0] = 0x67452301L;
+    sha->digest[1] = 0xEFCDAB89L;
+    sha->digest[2] = 0x98BADCFEL;
+    sha->digest[3] = 0x10325476L;
+    sha->digest[4] = 0xC3D2E1F0L;
+#endif
+
+    sha->buffLen = 0;
+    sha->loLen   = 0;
+    sha->hiLen   = 0;
+
+    return 0;
+}
+
+#ifndef FREESCALE_MMCAU
+
+#define blk0(i) (W[i] = sha->buffer[i])
+#define blk1(i) (W[(i)&15] = \
+rotlFixed(W[((i)+13)&15]^W[((i)+8)&15]^W[((i)+2)&15]^W[(i)&15],1))
+
+#define f1(x,y,z) ((z)^((x) &((y)^(z))))
+#define f2(x,y,z) ((x)^(y)^(z))
+#define f3(x,y,z) (((x)&(y))|((z)&((x)|(y))))
+#define f4(x,y,z) ((x)^(y)^(z))
+
+/* (R0+R1), R2, R3, R4 are the different operations used in SHA1 */
+#define R0(v,w,x,y,z,i) (z)+= f1((w),(x),(y)) + blk0((i)) + 0x5A827999+ \
+rotlFixed((v),5); (w) = rotlFixed((w),30);
+#define R1(v,w,x,y,z,i) (z)+= f1((w),(x),(y)) + blk1((i)) + 0x5A827999+ \
+rotlFixed((v),5); (w) = rotlFixed((w),30);
+#define R2(v,w,x,y,z,i) (z)+= f2((w),(x),(y)) + blk1((i)) + 0x6ED9EBA1+ \
+rotlFixed((v),5); (w) = rotlFixed((w),30);
+#define R3(v,w,x,y,z,i) (z)+= f3((w),(x),(y)) + blk1((i)) + 0x8F1BBCDC+ \
+rotlFixed((v),5); (w) = rotlFixed((w),30);
+#define R4(v,w,x,y,z,i) (z)+= f4((w),(x),(y)) + blk1((i)) + 0xCA62C1D6+ \
+rotlFixed((v),5); (w) = rotlFixed((w),30);
+
+static void Transform(Sha* sha)
+{
+    word32 W[SHA_BLOCK_SIZE / sizeof(word32)];
+
+    /* Copy context->state[] to working vars */
+    word32 a = sha->digest[0];
+    word32 b = sha->digest[1];
+    word32 c = sha->digest[2];
+    word32 d = sha->digest[3];
+    word32 e = sha->digest[4];
+
+#ifdef USE_SLOW_SHA
+    word32 t, i;
+
+    for (i = 0; i < 16; i++) {
+        R0(a, b, c, d, e, i);
+        t = e; e = d; d = c; c = b; b = a; a = t;
+    }
+
+    for (; i < 20; i++) {
+        R1(a, b, c, d, e, i);
+        t = e; e = d; d = c; c = b; b = a; a = t;
+    }
+
+    for (; i < 40; i++) {
+        R2(a, b, c, d, e, i);
+        t = e; e = d; d = c; c = b; b = a; a = t;
+    }
+
+    for (; i < 60; i++) {
+        R3(a, b, c, d, e, i);
+        t = e; e = d; d = c; c = b; b = a; a = t;
+    }
+
+    for (; i < 80; i++) {
+        R4(a, b, c, d, e, i);
+        t = e; e = d; d = c; c = b; b = a; a = t;
+    }
+#else
+    /* nearly 1 K bigger in code size but 25% faster  */
+    /* 4 rounds of 20 operations each. Loop unrolled. */
+    R0(a,b,c,d,e, 0); R0(e,a,b,c,d, 1); R0(d,e,a,b,c, 2); R0(c,d,e,a,b, 3);
+    R0(b,c,d,e,a, 4); R0(a,b,c,d,e, 5); R0(e,a,b,c,d, 6); R0(d,e,a,b,c, 7);
+    R0(c,d,e,a,b, 8); R0(b,c,d,e,a, 9); R0(a,b,c,d,e,10); R0(e,a,b,c,d,11);
+    R0(d,e,a,b,c,12); R0(c,d,e,a,b,13); R0(b,c,d,e,a,14); R0(a,b,c,d,e,15);
+
+    R1(e,a,b,c,d,16); R1(d,e,a,b,c,17); R1(c,d,e,a,b,18); R1(b,c,d,e,a,19);
+
+    R2(a,b,c,d,e,20); R2(e,a,b,c,d,21); R2(d,e,a,b,c,22); R2(c,d,e,a,b,23);
+    R2(b,c,d,e,a,24); R2(a,b,c,d,e,25); R2(e,a,b,c,d,26); R2(d,e,a,b,c,27);
+    R2(c,d,e,a,b,28); R2(b,c,d,e,a,29); R2(a,b,c,d,e,30); R2(e,a,b,c,d,31);
+    R2(d,e,a,b,c,32); R2(c,d,e,a,b,33); R2(b,c,d,e,a,34); R2(a,b,c,d,e,35);
+    R2(e,a,b,c,d,36); R2(d,e,a,b,c,37); R2(c,d,e,a,b,38); R2(b,c,d,e,a,39);
+
+    R3(a,b,c,d,e,40); R3(e,a,b,c,d,41); R3(d,e,a,b,c,42); R3(c,d,e,a,b,43);
+    R3(b,c,d,e,a,44); R3(a,b,c,d,e,45); R3(e,a,b,c,d,46); R3(d,e,a,b,c,47);
+    R3(c,d,e,a,b,48); R3(b,c,d,e,a,49); R3(a,b,c,d,e,50); R3(e,a,b,c,d,51);
+    R3(d,e,a,b,c,52); R3(c,d,e,a,b,53); R3(b,c,d,e,a,54); R3(a,b,c,d,e,55);
+    R3(e,a,b,c,d,56); R3(d,e,a,b,c,57); R3(c,d,e,a,b,58); R3(b,c,d,e,a,59);
+
+    R4(a,b,c,d,e,60); R4(e,a,b,c,d,61); R4(d,e,a,b,c,62); R4(c,d,e,a,b,63);
+    R4(b,c,d,e,a,64); R4(a,b,c,d,e,65); R4(e,a,b,c,d,66); R4(d,e,a,b,c,67);
+    R4(c,d,e,a,b,68); R4(b,c,d,e,a,69); R4(a,b,c,d,e,70); R4(e,a,b,c,d,71);
+    R4(d,e,a,b,c,72); R4(c,d,e,a,b,73); R4(b,c,d,e,a,74); R4(a,b,c,d,e,75);
+    R4(e,a,b,c,d,76); R4(d,e,a,b,c,77); R4(c,d,e,a,b,78); R4(b,c,d,e,a,79);
+#endif
+
+    /* Add the working vars back into digest state[] */
+    sha->digest[0] += a;
+    sha->digest[1] += b;
+    sha->digest[2] += c;
+    sha->digest[3] += d;
+    sha->digest[4] += e;
+}
+
+#endif /* FREESCALE_MMCAU */
+
+
+static INLINE void AddLength(Sha* sha, word32 len)
+{
+    word32 tmp = sha->loLen;
+    if ( (sha->loLen += len) < tmp)
+        sha->hiLen++;                       /* carry low to high */
+}
+
+
+int wc_ShaUpdate(Sha* sha, const byte* data, word32 len)
+{
+    /* do block size increments */
+    byte* local = (byte*)sha->buffer;
+
+    while (len) {
+        word32 add = min(len, SHA_BLOCK_SIZE - sha->buffLen);
+        XMEMCPY(&local[sha->buffLen], data, add);
+
+        sha->buffLen += add;
+        data         += add;
+        len          -= add;
+
+        if (sha->buffLen == SHA_BLOCK_SIZE) {
+#if defined(LITTLE_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU)
+            ByteReverseWords(sha->buffer, sha->buffer, SHA_BLOCK_SIZE);
+#endif
+            XTRANSFORM(sha, local);
+            AddLength(sha, SHA_BLOCK_SIZE);
+            sha->buffLen = 0;
+        }
+    }
+
+    return 0;
+}
+
+
+int wc_ShaFinal(Sha* sha, byte* hash)
+{
+    byte* local = (byte*)sha->buffer;
+
+    AddLength(sha, sha->buffLen);  /* before adding pads */
+
+    local[sha->buffLen++] = 0x80;  /* add 1 */
+
+    /* pad with zeros */
+    if (sha->buffLen > SHA_PAD_SIZE) {
+        XMEMSET(&local[sha->buffLen], 0, SHA_BLOCK_SIZE - sha->buffLen);
+        sha->buffLen += SHA_BLOCK_SIZE - sha->buffLen;
+
+#if defined(LITTLE_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU)
+        ByteReverseWords(sha->buffer, sha->buffer, SHA_BLOCK_SIZE);
+#endif
+        XTRANSFORM(sha, local);
+        sha->buffLen = 0;
+    }
+    XMEMSET(&local[sha->buffLen], 0, SHA_PAD_SIZE - sha->buffLen);
+
+    /* put lengths in bits */
+    sha->hiLen = (sha->loLen >> (8*sizeof(sha->loLen) - 3)) +
+    (sha->hiLen << 3);
+    sha->loLen = sha->loLen << 3;
+
+    /* store lengths */
+#if defined(LITTLE_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU)
+    ByteReverseWords(sha->buffer, sha->buffer, SHA_BLOCK_SIZE);
+#endif
+    /* ! length ordering dependent on digest endian type ! */
+    XMEMCPY(&local[SHA_PAD_SIZE], &sha->hiLen, sizeof(word32));
+    XMEMCPY(&local[SHA_PAD_SIZE + sizeof(word32)], &sha->loLen, sizeof(word32));
+
+#ifdef FREESCALE_MMCAU
+    /* Kinetis requires only these bytes reversed */
+    ByteReverseWords(&sha->buffer[SHA_PAD_SIZE/sizeof(word32)],
+                     &sha->buffer[SHA_PAD_SIZE/sizeof(word32)],
+                     2 * sizeof(word32));
+#endif
+
+    XTRANSFORM(sha, local);
+#ifdef LITTLE_ENDIAN_ORDER
+    ByteReverseWords(sha->digest, sha->digest, SHA_DIGEST_SIZE);
+#endif
+    XMEMCPY(hash, sha->digest, SHA_DIGEST_SIZE);
+
+    return wc_InitSha(sha);  /* reset state */
+}
+
+#endif /* STM32F2_HASH */
+
+
+int wc_ShaHash(const byte* data, word32 len, byte* hash)
+{
+    int ret = 0;
+#ifdef WOLFSSL_SMALL_STACK
+    Sha* sha;
+#else
+    Sha sha[1];
+#endif
+
+#ifdef WOLFSSL_SMALL_STACK
+    sha = (Sha*)XMALLOC(sizeof(Sha), NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    if (sha == NULL)
+        return MEMORY_E;
+#endif
+
+    if ((ret = wc_InitSha(sha)) != 0) {
+        WOLFSSL_MSG("wc_InitSha failed");
+    }
+    else {
+        wc_ShaUpdate(sha, data, len);
+        wc_ShaFinal(sha, hash);
+    }
+
+#ifdef WOLFSSL_SMALL_STACK
+    XFREE(sha, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+
+    return ret;
+
+}
+#endif /* HAVE_FIPS */
+#endif /* NO_SHA */
+
diff --git a/3P/wolfssl/wolfcrypt/src/sha256.c b/3P/wolfssl/wolfcrypt/src/sha256.c
new file mode 100644
index 00000000..13a196e7
--- /dev/null
+++ b/3P/wolfssl/wolfcrypt/src/sha256.c
@@ -0,0 +1,347 @@
+/* sha256.c
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+/* code submitted by raphael.huck@efixo.com */
+
+#ifdef HAVE_CONFIG_H
+    #include 
+#endif
+
+#include 
+#include 
+
+#if !defined(NO_SHA256)
+#ifdef HAVE_FIPS
+
+int wc_InitSha256(Sha256* sha)
+{
+    return InitSha256_fips(sha);
+}
+
+
+int wc_Sha256Update(Sha256* sha, const byte* data, word32 len)
+{
+    return Sha256Update_fips(sha, data, len);
+}
+
+
+int wc_Sha256Final(Sha256* sha, byte* out)
+{
+    return Sha256Final_fips(sha, out);
+}
+
+
+int wc_Sha256Hash(const byte* data, word32 len, byte* out)
+{
+    return Sha256Hash(data, len, out);
+}
+#else /* else build without fips */
+#ifdef WOLFSSL_PIC32MZ_HASH
+#define wc_InitSha256   wc_InitSha256_sw
+#define wc_Sha256Update wc_Sha256Update_sw
+#define wc_Sha256Final  wc_Sha256Final_sw
+#endif
+
+#ifdef HAVE_FIPS
+    /* set NO_WRAPPERS before headers, use direct internal f()s not wrappers */
+    #define FIPS_NO_WRAPPERS
+#endif
+
+#include 
+#include 
+
+#ifdef NO_INLINE
+    #include 
+#else
+    #include 
+#endif
+
+#ifdef FREESCALE_MMCAU
+    #include "cau_api.h"
+#endif
+
+#ifndef min
+
+    static INLINE word32 min(word32 a, word32 b)
+    {
+        return a > b ? b : a;
+    }
+
+#endif /* min */
+
+
+int wc_InitSha256(Sha256* sha256)
+{
+    #ifdef FREESCALE_MMCAU
+        cau_sha256_initialize_output(sha256->digest);
+    #else
+        sha256->digest[0] = 0x6A09E667L;
+        sha256->digest[1] = 0xBB67AE85L;
+        sha256->digest[2] = 0x3C6EF372L;
+        sha256->digest[3] = 0xA54FF53AL;
+        sha256->digest[4] = 0x510E527FL;
+        sha256->digest[5] = 0x9B05688CL;
+        sha256->digest[6] = 0x1F83D9ABL;
+        sha256->digest[7] = 0x5BE0CD19L;
+    #endif
+
+    sha256->buffLen = 0;
+    sha256->loLen   = 0;
+    sha256->hiLen   = 0;
+
+    return 0;
+}
+
+#ifdef FREESCALE_MMCAU
+    #define XTRANSFORM(S,B)  Transform((S), (B))
+
+static int Transform(Sha256* sha256, byte* buf)
+{
+    cau_sha256_hash_n(buf, 1, sha256->digest);
+
+    return 0;
+}
+
+#else
+    #define XTRANSFORM(S,B)  Transform((S))
+
+static const word32 K[64] = {
+    0x428A2F98L, 0x71374491L, 0xB5C0FBCFL, 0xE9B5DBA5L, 0x3956C25BL,
+    0x59F111F1L, 0x923F82A4L, 0xAB1C5ED5L, 0xD807AA98L, 0x12835B01L,
+    0x243185BEL, 0x550C7DC3L, 0x72BE5D74L, 0x80DEB1FEL, 0x9BDC06A7L,
+    0xC19BF174L, 0xE49B69C1L, 0xEFBE4786L, 0x0FC19DC6L, 0x240CA1CCL,
+    0x2DE92C6FL, 0x4A7484AAL, 0x5CB0A9DCL, 0x76F988DAL, 0x983E5152L,
+    0xA831C66DL, 0xB00327C8L, 0xBF597FC7L, 0xC6E00BF3L, 0xD5A79147L,
+    0x06CA6351L, 0x14292967L, 0x27B70A85L, 0x2E1B2138L, 0x4D2C6DFCL,
+    0x53380D13L, 0x650A7354L, 0x766A0ABBL, 0x81C2C92EL, 0x92722C85L,
+    0xA2BFE8A1L, 0xA81A664BL, 0xC24B8B70L, 0xC76C51A3L, 0xD192E819L,
+    0xD6990624L, 0xF40E3585L, 0x106AA070L, 0x19A4C116L, 0x1E376C08L,
+    0x2748774CL, 0x34B0BCB5L, 0x391C0CB3L, 0x4ED8AA4AL, 0x5B9CCA4FL,
+    0x682E6FF3L, 0x748F82EEL, 0x78A5636FL, 0x84C87814L, 0x8CC70208L,
+    0x90BEFFFAL, 0xA4506CEBL, 0xBEF9A3F7L, 0xC67178F2L
+};
+
+#define Ch(x,y,z)       ((z) ^ ((x) & ((y) ^ (z))))
+#define Maj(x,y,z)      ((((x) | (y)) & (z)) | ((x) & (y)))
+#define S(x, n)         rotrFixed(x, n)
+#define R(x, n)         (((x)&0xFFFFFFFFU)>>(n))
+#define Sigma0(x)       (S(x, 2) ^ S(x, 13) ^ S(x, 22))
+#define Sigma1(x)       (S(x, 6) ^ S(x, 11) ^ S(x, 25))
+#define Gamma0(x)       (S(x, 7) ^ S(x, 18) ^ R(x, 3))
+#define Gamma1(x)       (S(x, 17) ^ S(x, 19) ^ R(x, 10))
+
+#define RND(a,b,c,d,e,f,g,h,i) \
+     t0 = (h) + Sigma1((e)) + Ch((e), (f), (g)) + K[(i)] + W[(i)]; \
+     t1 = Sigma0((a)) + Maj((a), (b), (c)); \
+     (d) += t0; \
+     (h)  = t0 + t1;
+
+
+static int Transform(Sha256* sha256)
+{
+    word32 S[8], t0, t1;
+    int i;
+
+#ifdef WOLFSSL_SMALL_STACK
+    word32* W;
+
+    W = (word32*) XMALLOC(sizeof(word32) * 64, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    if (W == NULL)
+        return MEMORY_E;
+#else
+    word32 W[64];
+#endif
+
+    /* Copy context->state[] to working vars */
+    for (i = 0; i < 8; i++)
+        S[i] = sha256->digest[i];
+
+    for (i = 0; i < 16; i++)
+        W[i] = sha256->buffer[i];
+
+    for (i = 16; i < 64; i++)
+        W[i] = Gamma1(W[i-2]) + W[i-7] + Gamma0(W[i-15]) + W[i-16];
+
+    for (i = 0; i < 64; i += 8) {
+        RND(S[0],S[1],S[2],S[3],S[4],S[5],S[6],S[7],i+0);
+        RND(S[7],S[0],S[1],S[2],S[3],S[4],S[5],S[6],i+1);
+        RND(S[6],S[7],S[0],S[1],S[2],S[3],S[4],S[5],i+2);
+        RND(S[5],S[6],S[7],S[0],S[1],S[2],S[3],S[4],i+3);
+        RND(S[4],S[5],S[6],S[7],S[0],S[1],S[2],S[3],i+4);
+        RND(S[3],S[4],S[5],S[6],S[7],S[0],S[1],S[2],i+5);
+        RND(S[2],S[3],S[4],S[5],S[6],S[7],S[0],S[1],i+6);
+        RND(S[1],S[2],S[3],S[4],S[5],S[6],S[7],S[0],i+7);
+    }
+
+    /* Add the working vars back into digest state[] */
+    for (i = 0; i < 8; i++) {
+        sha256->digest[i] += S[i];
+    }
+
+#ifdef WOLFSSL_SMALL_STACK
+    XFREE(W, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+
+    return 0;
+}
+
+#endif /* FREESCALE_MMCAU */
+
+
+static INLINE void AddLength(Sha256* sha256, word32 len)
+{
+    word32 tmp = sha256->loLen;
+    if ( (sha256->loLen += len) < tmp)
+        sha256->hiLen++;                       /* carry low to high */
+}
+
+
+int wc_Sha256Update(Sha256* sha256, const byte* data, word32 len)
+{
+    /* do block size increments */
+    byte* local = (byte*)sha256->buffer;
+
+    while (len) {
+        word32 add = min(len, SHA256_BLOCK_SIZE - sha256->buffLen);
+        XMEMCPY(&local[sha256->buffLen], data, add);
+
+        sha256->buffLen += add;
+        data            += add;
+        len             -= add;
+
+        if (sha256->buffLen == SHA256_BLOCK_SIZE) {
+            int ret;
+
+            #if defined(LITTLE_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU)
+                ByteReverseWords(sha256->buffer, sha256->buffer,
+                                 SHA256_BLOCK_SIZE);
+            #endif
+
+            ret = XTRANSFORM(sha256, local);
+            if (ret != 0)
+                return ret;
+
+            AddLength(sha256, SHA256_BLOCK_SIZE);
+            sha256->buffLen = 0;
+        }
+    }
+
+    return 0;
+}
+
+
+int wc_Sha256Final(Sha256* sha256, byte* hash)
+{
+    byte* local = (byte*)sha256->buffer;
+    int ret;
+
+    AddLength(sha256, sha256->buffLen);  /* before adding pads */
+
+    local[sha256->buffLen++] = 0x80;     /* add 1 */
+
+    /* pad with zeros */
+    if (sha256->buffLen > SHA256_PAD_SIZE) {
+        XMEMSET(&local[sha256->buffLen], 0, SHA256_BLOCK_SIZE - sha256->buffLen);
+        sha256->buffLen += SHA256_BLOCK_SIZE - sha256->buffLen;
+
+        #if defined(LITTLE_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU)
+            ByteReverseWords(sha256->buffer, sha256->buffer, SHA256_BLOCK_SIZE);
+        #endif
+
+        ret = XTRANSFORM(sha256, local);
+        if (ret != 0)
+            return ret;
+
+        sha256->buffLen = 0;
+    }
+    XMEMSET(&local[sha256->buffLen], 0, SHA256_PAD_SIZE - sha256->buffLen);
+
+    /* put lengths in bits */
+    sha256->hiLen = (sha256->loLen >> (8*sizeof(sha256->loLen) - 3)) +
+                 (sha256->hiLen << 3);
+    sha256->loLen = sha256->loLen << 3;
+
+    /* store lengths */
+    #if defined(LITTLE_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU)
+        ByteReverseWords(sha256->buffer, sha256->buffer, SHA256_BLOCK_SIZE);
+    #endif
+    /* ! length ordering dependent on digest endian type ! */
+    XMEMCPY(&local[SHA256_PAD_SIZE], &sha256->hiLen, sizeof(word32));
+    XMEMCPY(&local[SHA256_PAD_SIZE + sizeof(word32)], &sha256->loLen,
+            sizeof(word32));
+
+    #ifdef FREESCALE_MMCAU
+        /* Kinetis requires only these bytes reversed */
+        ByteReverseWords(&sha256->buffer[SHA256_PAD_SIZE/sizeof(word32)],
+                         &sha256->buffer[SHA256_PAD_SIZE/sizeof(word32)],
+                         2 * sizeof(word32));
+    #endif
+
+    ret = XTRANSFORM(sha256, local);
+    if (ret != 0)
+        return ret;
+
+    #ifdef LITTLE_ENDIAN_ORDER
+        ByteReverseWords(sha256->digest, sha256->digest, SHA256_DIGEST_SIZE);
+    #endif
+    XMEMCPY(hash, sha256->digest, SHA256_DIGEST_SIZE);
+
+    return wc_InitSha256(sha256);  /* reset state */
+}
+
+
+int wc_Sha256Hash(const byte* data, word32 len, byte* hash)
+{
+    int ret = 0;
+#ifdef WOLFSSL_SMALL_STACK
+    Sha256* sha256;
+#else
+    Sha256 sha256[1];
+#endif
+
+#ifdef WOLFSSL_SMALL_STACK
+    sha256 = (Sha256*)XMALLOC(sizeof(Sha256), NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    if (sha256 == NULL)
+        return MEMORY_E;
+#endif
+
+    if ((ret = wc_InitSha256(sha256)) != 0) {
+        WOLFSSL_MSG("InitSha256 failed");
+    }
+    else if ((ret = wc_Sha256Update(sha256, data, len)) != 0) {
+        WOLFSSL_MSG("Sha256Update failed");
+    }
+    else if ((ret = wc_Sha256Final(sha256, hash)) != 0) {
+        WOLFSSL_MSG("Sha256Final failed");
+    }
+
+#ifdef WOLFSSL_SMALL_STACK
+    XFREE(sha256, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+
+    return ret;
+}
+
+
+#endif /* HAVE_FIPS */
+#endif /* NO_SHA256 */
+
diff --git a/3P/wolfssl/wolfcrypt/src/sha512.c b/3P/wolfssl/wolfcrypt/src/sha512.c
new file mode 100755
index 00000000..f4ba41cf
--- /dev/null
+++ b/3P/wolfssl/wolfcrypt/src/sha512.c
@@ -0,0 +1,590 @@
+/* sha512.c
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+#ifdef HAVE_CONFIG_H
+    #include 
+#endif
+
+#include 
+#include 
+
+#ifdef WOLFSSL_SHA512
+
+#ifdef HAVE_FIPS
+int wc_InitSha512(Sha512* sha)
+{
+    return InitSha512_fips(sha);
+}
+
+
+int wc_Sha512Update(Sha512* sha, const byte* data, word32 len)
+{
+    return Sha512Update_fips(sha, data, len);
+}
+
+
+int wc_Sha512Final(Sha512* sha, byte* out)
+{
+    return Sha512Final_fips(sha, out);
+}
+
+
+int wc_Sha512Hash(const byte* data, word32 len, byte* out)
+{
+    return Sha512Hash(data, len, out);
+}
+
+#if defined(WOLFSSL_SHA384) || defined(HAVE_AESGCM)
+
+int wc_InitSha384(Sha384* sha)
+{
+    return InitSha384_fips(sha);
+}
+
+
+int wc_Sha384Update(Sha384* sha, const byte* data, word32 len)
+{
+    return Sha384Update_fips(sha, data, len);
+}
+
+
+int wc_Sha384Final(Sha384* sha, byte* out)
+{
+    return Sha384Final_fips(sha, out);
+}
+
+
+int wc_Sha384Hash(const byte* data, word32 len, byte* out)
+{
+    return Sha384Hash(data, len, out);
+}
+#endif /* WOLFSSL_SHA384 */
+#else /* else build without using fips */
+#include 
+#include 
+
+#ifdef NO_INLINE
+    #include 
+#else
+    #include 
+#endif
+
+
+#ifndef min
+
+    static INLINE word32 min(word32 a, word32 b)
+    {
+        return a > b ? b : a;
+    }
+
+#endif /* min */
+
+
+int wc_InitSha512(Sha512* sha512)
+{
+    sha512->digest[0] = W64LIT(0x6a09e667f3bcc908);
+    sha512->digest[1] = W64LIT(0xbb67ae8584caa73b);
+    sha512->digest[2] = W64LIT(0x3c6ef372fe94f82b);
+    sha512->digest[3] = W64LIT(0xa54ff53a5f1d36f1);
+    sha512->digest[4] = W64LIT(0x510e527fade682d1);
+    sha512->digest[5] = W64LIT(0x9b05688c2b3e6c1f);
+    sha512->digest[6] = W64LIT(0x1f83d9abfb41bd6b);
+    sha512->digest[7] = W64LIT(0x5be0cd19137e2179);
+
+    sha512->buffLen = 0;
+    sha512->loLen   = 0;
+    sha512->hiLen   = 0;
+
+    return 0;
+}
+
+
+static const word64 K512[80] = {
+	W64LIT(0x428a2f98d728ae22), W64LIT(0x7137449123ef65cd),
+	W64LIT(0xb5c0fbcfec4d3b2f), W64LIT(0xe9b5dba58189dbbc),
+	W64LIT(0x3956c25bf348b538), W64LIT(0x59f111f1b605d019),
+	W64LIT(0x923f82a4af194f9b), W64LIT(0xab1c5ed5da6d8118),
+	W64LIT(0xd807aa98a3030242), W64LIT(0x12835b0145706fbe),
+	W64LIT(0x243185be4ee4b28c), W64LIT(0x550c7dc3d5ffb4e2),
+	W64LIT(0x72be5d74f27b896f), W64LIT(0x80deb1fe3b1696b1),
+	W64LIT(0x9bdc06a725c71235), W64LIT(0xc19bf174cf692694),
+	W64LIT(0xe49b69c19ef14ad2), W64LIT(0xefbe4786384f25e3),
+	W64LIT(0x0fc19dc68b8cd5b5), W64LIT(0x240ca1cc77ac9c65),
+	W64LIT(0x2de92c6f592b0275), W64LIT(0x4a7484aa6ea6e483),
+	W64LIT(0x5cb0a9dcbd41fbd4), W64LIT(0x76f988da831153b5),
+	W64LIT(0x983e5152ee66dfab), W64LIT(0xa831c66d2db43210),
+	W64LIT(0xb00327c898fb213f), W64LIT(0xbf597fc7beef0ee4),
+	W64LIT(0xc6e00bf33da88fc2), W64LIT(0xd5a79147930aa725),
+	W64LIT(0x06ca6351e003826f), W64LIT(0x142929670a0e6e70),
+	W64LIT(0x27b70a8546d22ffc), W64LIT(0x2e1b21385c26c926),
+	W64LIT(0x4d2c6dfc5ac42aed), W64LIT(0x53380d139d95b3df),
+	W64LIT(0x650a73548baf63de), W64LIT(0x766a0abb3c77b2a8),
+	W64LIT(0x81c2c92e47edaee6), W64LIT(0x92722c851482353b),
+	W64LIT(0xa2bfe8a14cf10364), W64LIT(0xa81a664bbc423001),
+	W64LIT(0xc24b8b70d0f89791), W64LIT(0xc76c51a30654be30),
+	W64LIT(0xd192e819d6ef5218), W64LIT(0xd69906245565a910),
+	W64LIT(0xf40e35855771202a), W64LIT(0x106aa07032bbd1b8),
+	W64LIT(0x19a4c116b8d2d0c8), W64LIT(0x1e376c085141ab53),
+	W64LIT(0x2748774cdf8eeb99), W64LIT(0x34b0bcb5e19b48a8),
+	W64LIT(0x391c0cb3c5c95a63), W64LIT(0x4ed8aa4ae3418acb),
+	W64LIT(0x5b9cca4f7763e373), W64LIT(0x682e6ff3d6b2b8a3),
+	W64LIT(0x748f82ee5defb2fc), W64LIT(0x78a5636f43172f60),
+	W64LIT(0x84c87814a1f0ab72), W64LIT(0x8cc702081a6439ec),
+	W64LIT(0x90befffa23631e28), W64LIT(0xa4506cebde82bde9),
+	W64LIT(0xbef9a3f7b2c67915), W64LIT(0xc67178f2e372532b),
+	W64LIT(0xca273eceea26619c), W64LIT(0xd186b8c721c0c207),
+	W64LIT(0xeada7dd6cde0eb1e), W64LIT(0xf57d4f7fee6ed178),
+	W64LIT(0x06f067aa72176fba), W64LIT(0x0a637dc5a2c898a6),
+	W64LIT(0x113f9804bef90dae), W64LIT(0x1b710b35131c471b),
+	W64LIT(0x28db77f523047d84), W64LIT(0x32caab7b40c72493),
+	W64LIT(0x3c9ebe0a15c9bebc), W64LIT(0x431d67c49c100d4c),
+	W64LIT(0x4cc5d4becb3e42b6), W64LIT(0x597f299cfc657e2a),
+	W64LIT(0x5fcb6fab3ad6faec), W64LIT(0x6c44198c4a475817)
+};
+
+
+#define blk0(i) (W[i] = sha512->buffer[i])
+#define blk2(i) (W[i&15]+=s1(W[(i-2)&15])+W[(i-7)&15]+s0(W[(i-15)&15]))
+
+#define Ch(x,y,z) (z^(x&(y^z)))
+#define Maj(x,y,z) ((x&y)|(z&(x|y)))
+
+#define a(i) T[(0-i)&7]
+#define b(i) T[(1-i)&7]
+#define c(i) T[(2-i)&7]
+#define d(i) T[(3-i)&7]
+#define e(i) T[(4-i)&7]
+#define f(i) T[(5-i)&7]
+#define g(i) T[(6-i)&7]
+#define h(i) T[(7-i)&7]
+
+#define S0(x) (rotrFixed64(x,28)^rotrFixed64(x,34)^rotrFixed64(x,39))
+#define S1(x) (rotrFixed64(x,14)^rotrFixed64(x,18)^rotrFixed64(x,41))
+#define s0(x) (rotrFixed64(x,1)^rotrFixed64(x,8)^(x>>7))
+#define s1(x) (rotrFixed64(x,19)^rotrFixed64(x,61)^(x>>6))
+
+#define R(i) h(i)+=S1(e(i))+Ch(e(i),f(i),g(i))+K[i+j]+(j?blk2(i):blk0(i));\
+	d(i)+=h(i);h(i)+=S0(a(i))+Maj(a(i),b(i),c(i))
+
+#define blk384(i) (W[i] = sha384->buffer[i])
+
+#define R2(i) h(i)+=S1(e(i))+Ch(e(i),f(i),g(i))+K[i+j]+(j?blk2(i):blk384(i));\
+	d(i)+=h(i);h(i)+=S0(a(i))+Maj(a(i),b(i),c(i))
+
+
+static int Transform(Sha512* sha512)
+{
+    const word64* K = K512;
+
+    word32 j;
+    word64 T[8];
+
+#ifdef WOLFSSL_SMALL_STACK
+    word64* W;
+
+    W = (word64*) XMALLOC(sizeof(word64) * 16, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    if (W == NULL)
+        return MEMORY_E;
+#else
+    word64 W[16];
+#endif
+
+    /* Copy digest to working vars */
+    XMEMCPY(T, sha512->digest, sizeof(T));
+
+#ifdef USE_SLOW_SHA2
+    /* over twice as small, but 50% slower */
+    /* 80 operations, not unrolled */
+    for (j = 0; j < 80; j += 16) {
+        int m; 
+        for (m = 0; m < 16; m++) { /* braces needed here for macros {} */
+            R(m);
+        }
+    }
+#else
+    /* 80 operations, partially loop unrolled */
+    for (j = 0; j < 80; j += 16) {
+        R( 0); R( 1); R( 2); R( 3);
+        R( 4); R( 5); R( 6); R( 7);
+        R( 8); R( 9); R(10); R(11);
+        R(12); R(13); R(14); R(15);
+    }
+#endif /* USE_SLOW_SHA2 */
+
+    /* Add the working vars back into digest */
+
+    sha512->digest[0] += a(0);
+    sha512->digest[1] += b(0);
+    sha512->digest[2] += c(0);
+    sha512->digest[3] += d(0);
+    sha512->digest[4] += e(0);
+    sha512->digest[5] += f(0);
+    sha512->digest[6] += g(0);
+    sha512->digest[7] += h(0);
+
+    /* Wipe variables */
+    ForceZero(W, sizeof(word64) * 16);
+    ForceZero(T, sizeof(T));
+
+#ifdef WOLFSSL_SMALL_STACK
+    XFREE(W, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+
+    return 0;
+}
+
+
+static INLINE void AddLength(Sha512* sha512, word32 len)
+{
+    word32 tmp = sha512->loLen;
+    if ( (sha512->loLen += len) < tmp)
+        sha512->hiLen++;                       /* carry low to high */
+}
+
+
+int wc_Sha512Update(Sha512* sha512, const byte* data, word32 len)
+{
+    /* do block size increments */
+    byte* local = (byte*)sha512->buffer;
+
+    while (len) {
+        word32 add = min(len, SHA512_BLOCK_SIZE - sha512->buffLen);
+        XMEMCPY(&local[sha512->buffLen], data, add);
+
+        sha512->buffLen += add;
+        data         += add;
+        len          -= add;
+
+        if (sha512->buffLen == SHA512_BLOCK_SIZE) {
+            int ret;
+
+            #ifdef LITTLE_ENDIAN_ORDER
+                ByteReverseWords64(sha512->buffer, sha512->buffer,
+                                   SHA512_BLOCK_SIZE);
+            #endif
+            ret = Transform(sha512);
+            if (ret != 0)
+                return ret;
+
+            AddLength(sha512, SHA512_BLOCK_SIZE);
+            sha512->buffLen = 0;
+        }
+    }
+    return 0;
+}
+
+
+int wc_Sha512Final(Sha512* sha512, byte* hash)
+{
+    byte* local = (byte*)sha512->buffer;
+    int ret;
+
+    AddLength(sha512, sha512->buffLen);               /* before adding pads */
+
+    local[sha512->buffLen++] = 0x80;  /* add 1 */
+
+    /* pad with zeros */
+    if (sha512->buffLen > SHA512_PAD_SIZE) {
+        XMEMSET(&local[sha512->buffLen], 0, SHA512_BLOCK_SIZE -sha512->buffLen);
+        sha512->buffLen += SHA512_BLOCK_SIZE - sha512->buffLen;
+
+        #ifdef LITTLE_ENDIAN_ORDER
+            ByteReverseWords64(sha512->buffer,sha512->buffer,SHA512_BLOCK_SIZE);
+        #endif
+        ret = Transform(sha512);
+        if (ret != 0)
+            return ret;
+
+        sha512->buffLen = 0;
+    }
+    XMEMSET(&local[sha512->buffLen], 0, SHA512_PAD_SIZE - sha512->buffLen);
+   
+    /* put lengths in bits */
+    sha512->hiLen = (sha512->loLen >> (8*sizeof(sha512->loLen) - 3)) + 
+                 (sha512->hiLen << 3);
+    sha512->loLen = sha512->loLen << 3;
+
+    /* store lengths */
+    #ifdef LITTLE_ENDIAN_ORDER
+        ByteReverseWords64(sha512->buffer, sha512->buffer, SHA512_PAD_SIZE);
+    #endif
+    /* ! length ordering dependent on digest endian type ! */
+    sha512->buffer[SHA512_BLOCK_SIZE / sizeof(word64) - 2] = sha512->hiLen;
+    sha512->buffer[SHA512_BLOCK_SIZE / sizeof(word64) - 1] = sha512->loLen;
+
+    ret = Transform(sha512);
+    if (ret != 0)
+        return ret;
+
+    #ifdef LITTLE_ENDIAN_ORDER
+        ByteReverseWords64(sha512->digest, sha512->digest, SHA512_DIGEST_SIZE);
+    #endif
+    XMEMCPY(hash, sha512->digest, SHA512_DIGEST_SIZE);
+
+    return wc_InitSha512(sha512);  /* reset state */
+}
+
+
+int wc_Sha512Hash(const byte* data, word32 len, byte* hash)
+{
+    int ret = 0;
+#ifdef WOLFSSL_SMALL_STACK
+    Sha512* sha512;
+#else
+    Sha512 sha512[1];
+#endif
+
+#ifdef WOLFSSL_SMALL_STACK
+    sha512 = (Sha512*)XMALLOC(sizeof(Sha512), NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    if (sha512 == NULL)
+        return MEMORY_E;
+#endif
+    
+    if ((ret = wc_InitSha512(sha512)) != 0) {
+        WOLFSSL_MSG("InitSha512 failed");
+    }
+    else if ((ret = wc_Sha512Update(sha512, data, len)) != 0) {
+        WOLFSSL_MSG("Sha512Update failed");
+    }
+    else if ((ret = wc_Sha512Final(sha512, hash)) != 0) {
+        WOLFSSL_MSG("Sha512Final failed");
+    }
+    
+#ifdef WOLFSSL_SMALL_STACK
+    XFREE(sha512, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+    
+    return ret;
+}
+
+
+#ifdef WOLFSSL_SHA384
+
+int wc_InitSha384(Sha384* sha384)
+{
+    sha384->digest[0] = W64LIT(0xcbbb9d5dc1059ed8);
+    sha384->digest[1] = W64LIT(0x629a292a367cd507);
+    sha384->digest[2] = W64LIT(0x9159015a3070dd17);
+    sha384->digest[3] = W64LIT(0x152fecd8f70e5939);
+    sha384->digest[4] = W64LIT(0x67332667ffc00b31);
+    sha384->digest[5] = W64LIT(0x8eb44a8768581511);
+    sha384->digest[6] = W64LIT(0xdb0c2e0d64f98fa7);
+    sha384->digest[7] = W64LIT(0x47b5481dbefa4fa4);
+
+    sha384->buffLen = 0;
+    sha384->loLen   = 0;
+    sha384->hiLen   = 0;
+
+    return 0;
+}
+
+
+static int Transform384(Sha384* sha384)
+{
+    const word64* K = K512;
+
+    word32 j;
+    word64 T[8];
+
+#ifdef WOLFSSL_SMALL_STACK
+    word64* W;
+
+    W = (word64*) XMALLOC(sizeof(word64) * 16, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    if (W == NULL)
+        return MEMORY_E;
+#else
+    word64 W[16];
+#endif
+
+    /* Copy digest to working vars */
+    XMEMCPY(T, sha384->digest, sizeof(T));
+
+#ifdef USE_SLOW_SHA2
+    /* over twice as small, but 50% slower */
+    /* 80 operations, not unrolled */
+    for (j = 0; j < 80; j += 16) {
+        int m;
+        for (m = 0; m < 16; m++) {  /* braces needed for macros {} */
+            R2(m);
+        }
+    }
+#else
+    /* 80 operations, partially loop unrolled */
+    for (j = 0; j < 80; j += 16) {
+        R2( 0); R2( 1); R2( 2); R2( 3);
+        R2( 4); R2( 5); R2( 6); R2( 7);
+        R2( 8); R2( 9); R2(10); R2(11);
+        R2(12); R2(13); R2(14); R2(15);
+    }
+#endif /* USE_SLOW_SHA2 */
+
+    /* Add the working vars back into digest */
+
+    sha384->digest[0] += a(0);
+    sha384->digest[1] += b(0);
+    sha384->digest[2] += c(0);
+    sha384->digest[3] += d(0);
+    sha384->digest[4] += e(0);
+    sha384->digest[5] += f(0);
+    sha384->digest[6] += g(0);
+    sha384->digest[7] += h(0);
+
+    /* Wipe variables */
+    ForceZero(W, sizeof(word64) * 16);
+    ForceZero(T, sizeof(T));
+
+#ifdef WOLFSSL_SMALL_STACK
+    XFREE(W, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+
+    return 0;
+}
+
+
+static INLINE void AddLength384(Sha384* sha384, word32 len)
+{
+    word32 tmp = sha384->loLen;
+    if ( (sha384->loLen += len) < tmp)
+        sha384->hiLen++;                       /* carry low to high */
+}
+
+
+int wc_Sha384Update(Sha384* sha384, const byte* data, word32 len)
+{
+    /* do block size increments */
+    byte* local = (byte*)sha384->buffer;
+
+    while (len) {
+        word32 add = min(len, SHA384_BLOCK_SIZE - sha384->buffLen);
+        XMEMCPY(&local[sha384->buffLen], data, add);
+
+        sha384->buffLen += add;
+        data         += add;
+        len          -= add;
+
+        if (sha384->buffLen == SHA384_BLOCK_SIZE) {
+            int ret;
+
+            #ifdef LITTLE_ENDIAN_ORDER
+                ByteReverseWords64(sha384->buffer, sha384->buffer,
+                                   SHA384_BLOCK_SIZE);
+            #endif
+            ret = Transform384(sha384);
+            if (ret != 0)
+                return ret;
+
+            AddLength384(sha384, SHA384_BLOCK_SIZE);
+            sha384->buffLen = 0;
+        }
+    }
+    return 0;
+}
+
+
+int wc_Sha384Final(Sha384* sha384, byte* hash)
+{
+    byte* local = (byte*)sha384->buffer;
+    int ret;
+
+    AddLength384(sha384, sha384->buffLen);              /* before adding pads */
+
+    local[sha384->buffLen++] = 0x80;  /* add 1 */
+
+    /* pad with zeros */
+    if (sha384->buffLen > SHA384_PAD_SIZE) {
+        XMEMSET(&local[sha384->buffLen], 0, SHA384_BLOCK_SIZE -sha384->buffLen);
+        sha384->buffLen += SHA384_BLOCK_SIZE - sha384->buffLen;
+
+        #ifdef LITTLE_ENDIAN_ORDER
+            ByteReverseWords64(sha384->buffer,sha384->buffer,SHA384_BLOCK_SIZE);
+        #endif
+        ret = Transform384(sha384);
+        if (ret !=  0)
+            return ret;
+
+        sha384->buffLen = 0;
+    }
+    XMEMSET(&local[sha384->buffLen], 0, SHA384_PAD_SIZE - sha384->buffLen);
+   
+    /* put lengths in bits */
+    sha384->hiLen = (sha384->loLen >> (8*sizeof(sha384->loLen) - 3)) + 
+                 (sha384->hiLen << 3);
+    sha384->loLen = sha384->loLen << 3;
+
+    /* store lengths */
+    #ifdef LITTLE_ENDIAN_ORDER
+        ByteReverseWords64(sha384->buffer, sha384->buffer, SHA384_PAD_SIZE);
+    #endif
+    /* ! length ordering dependent on digest endian type ! */
+    sha384->buffer[SHA384_BLOCK_SIZE / sizeof(word64) - 2] = sha384->hiLen;
+    sha384->buffer[SHA384_BLOCK_SIZE / sizeof(word64) - 1] = sha384->loLen;
+
+    ret = Transform384(sha384);
+    if (ret != 0)
+        return ret;
+
+    #ifdef LITTLE_ENDIAN_ORDER
+        ByteReverseWords64(sha384->digest, sha384->digest, SHA384_DIGEST_SIZE);
+    #endif
+    XMEMCPY(hash, sha384->digest, SHA384_DIGEST_SIZE);
+
+    return wc_InitSha384(sha384);  /* reset state */
+}
+
+
+int wc_Sha384Hash(const byte* data, word32 len, byte* hash)
+{
+    int ret = 0;
+#ifdef WOLFSSL_SMALL_STACK
+    Sha384* sha384;
+#else
+    Sha384 sha384[1];
+#endif
+
+#ifdef WOLFSSL_SMALL_STACK
+    sha384 = (Sha384*)XMALLOC(sizeof(Sha384), NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    if (sha384 == NULL)
+        return MEMORY_E;
+#endif
+
+    if ((ret = wc_InitSha384(sha384)) != 0) {
+        WOLFSSL_MSG("InitSha384 failed");
+    }
+    else if ((ret = wc_Sha384Update(sha384, data, len)) != 0) {
+        WOLFSSL_MSG("Sha384Update failed");
+    }
+    else if ((ret = wc_Sha384Final(sha384, hash)) != 0) {
+        WOLFSSL_MSG("Sha384Final failed");
+    }
+
+#ifdef WOLFSSL_SMALL_STACK
+    XFREE(sha384, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+
+    return ret;
+}
+
+#endif /* WOLFSSL_SHA384 */
+
+#endif /* HAVE_FIPS */
+
+#endif /* WOLFSSL_SHA512 */
+
diff --git a/3P/wolfssl/wolfcrypt/src/tfm.c b/3P/wolfssl/wolfcrypt/src/tfm.c
new file mode 100644
index 00000000..8ac48323
--- /dev/null
+++ b/3P/wolfssl/wolfcrypt/src/tfm.c
@@ -0,0 +1,2576 @@
+/* tfm.c
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+/*
+ * Based on public domain TomsFastMath 0.10 by Tom St Denis, tomstdenis@iahu.ca,
+ * http://math.libtomcrypt.com
+ */
+
+/**
+ *  Edited by Moisés Guimarães (moisesguimaraesm@gmail.com)
+ *  to fit CyaSSL's needs.
+ */
+
+#ifdef HAVE_CONFIG_H
+    #include 
+#endif
+
+/* in case user set USE_FAST_MATH there */
+#include 
+
+#ifdef USE_FAST_MATH
+
+#include 
+#include   /* will define asm MACROS or C ones */
+
+
+/* math settings check */
+word32 CheckRunTimeSettings(void)
+{
+    return CTC_SETTINGS;
+}
+
+
+/* math settings size check */
+word32 CheckRunTimeFastMath(void)
+{
+    return FP_SIZE;
+}
+
+
+/* Functions */
+
+void fp_add(fp_int *a, fp_int *b, fp_int *c)
+{
+  int     sa, sb;
+
+  /* get sign of both inputs */
+  sa = a->sign;
+  sb = b->sign;
+
+  /* handle two cases, not four */
+  if (sa == sb) {
+    /* both positive or both negative */
+    /* add their magnitudes, copy the sign */
+    c->sign = sa;
+    s_fp_add (a, b, c);
+  } else {
+    /* one positive, the other negative */
+    /* subtract the one with the greater magnitude from */
+    /* the one of the lesser magnitude.  The result gets */
+    /* the sign of the one with the greater magnitude. */
+    if (fp_cmp_mag (a, b) == FP_LT) {
+      c->sign = sb;
+      s_fp_sub (b, a, c);
+    } else {
+      c->sign = sa;
+      s_fp_sub (a, b, c);
+    }
+  }
+}
+
+/* unsigned addition */
+void s_fp_add(fp_int *a, fp_int *b, fp_int *c)
+{
+  int      x, y, oldused;
+  register fp_word  t;
+
+  y       = MAX(a->used, b->used);
+  oldused = MIN(c->used, FP_SIZE);   /* help static analysis w/ largest size */
+  c->used = y;
+ 
+  t = 0;
+  for (x = 0; x < y; x++) {
+      t         += ((fp_word)a->dp[x]) + ((fp_word)b->dp[x]);
+      c->dp[x]   = (fp_digit)t;
+      t        >>= DIGIT_BIT;
+  }
+  if (t != 0 && x < FP_SIZE) {
+     c->dp[c->used++] = (fp_digit)t;
+     ++x;
+  }
+
+  c->used = x;
+  for (; x < oldused; x++) {
+     c->dp[x] = 0;
+  }
+  fp_clamp(c);
+}
+
+/* c = a - b */
+void fp_sub(fp_int *a, fp_int *b, fp_int *c)
+{
+  int     sa, sb;
+
+  sa = a->sign;
+  sb = b->sign;
+
+  if (sa != sb) {
+    /* subtract a negative from a positive, OR */
+    /* subtract a positive from a negative. */
+    /* In either case, ADD their magnitudes, */
+    /* and use the sign of the first number. */
+    c->sign = sa;
+    s_fp_add (a, b, c);
+  } else {
+    /* subtract a positive from a positive, OR */
+    /* subtract a negative from a negative. */
+    /* First, take the difference between their */
+    /* magnitudes, then... */
+    if (fp_cmp_mag (a, b) != FP_LT) {
+      /* Copy the sign from the first */
+      c->sign = sa;
+      /* The first has a larger or equal magnitude */
+      s_fp_sub (a, b, c);
+    } else {
+      /* The result has the *opposite* sign from */
+      /* the first number. */
+      c->sign = (sa == FP_ZPOS) ? FP_NEG : FP_ZPOS;
+      /* The second has a larger magnitude */
+      s_fp_sub (b, a, c);
+    }
+  }
+}
+
+/* unsigned subtraction ||a|| >= ||b|| ALWAYS! */
+void s_fp_sub(fp_int *a, fp_int *b, fp_int *c)
+{
+  int      x, oldbused, oldused;
+  fp_word  t;
+
+  oldused  = c->used;
+  oldbused = b->used;
+  c->used  = a->used;
+  t       = 0;
+  for (x = 0; x < oldbused; x++) {
+     t         = ((fp_word)a->dp[x]) - (((fp_word)b->dp[x]) + t);
+     c->dp[x]  = (fp_digit)t;
+     t         = (t >> DIGIT_BIT)&1;
+  }
+  for (; x < a->used; x++) {
+     t         = ((fp_word)a->dp[x]) - t;
+     c->dp[x]  = (fp_digit)t;
+     t         = (t >> DIGIT_BIT)&1;
+   }
+  for (; x < oldused; x++) {
+     c->dp[x] = 0;
+  }
+  fp_clamp(c);
+}
+
+/* c = a * b */
+void fp_mul(fp_int *A, fp_int *B, fp_int *C)
+{
+    int   y, yy;
+
+    y  = MAX(A->used, B->used);
+    yy = MIN(A->used, B->used);
+
+    /* call generic if we're out of range */
+    if (y + yy > FP_SIZE) {
+       fp_mul_comba(A, B, C);
+       return ;
+    }
+
+    /* pick a comba (unrolled 4/8/16/32 x or rolled) based on the size
+       of the largest input.  We also want to avoid doing excess mults if the 
+       inputs are not close to the next power of two.  That is, for example,
+       if say y=17 then we would do (32-17)^2 = 225 unneeded multiplications 
+    */
+
+#ifdef TFM_MUL3
+        if (y <= 3) {
+           fp_mul_comba3(A,B,C);
+           return;
+        }
+#endif
+#ifdef TFM_MUL4
+        if (y == 4) {
+           fp_mul_comba4(A,B,C);
+           return;
+        }
+#endif
+#ifdef TFM_MUL6
+        if (y <= 6) {
+           fp_mul_comba6(A,B,C);
+           return;
+        }
+#endif
+#ifdef TFM_MUL7
+        if (y == 7) {
+           fp_mul_comba7(A,B,C);
+           return;
+        }
+#endif
+#ifdef TFM_MUL8
+        if (y == 8) {
+           fp_mul_comba8(A,B,C);
+           return;
+        }
+#endif
+#ifdef TFM_MUL9
+        if (y == 9) {
+           fp_mul_comba9(A,B,C);
+           return;
+        }
+#endif
+#ifdef TFM_MUL12
+        if (y <= 12) {
+           fp_mul_comba12(A,B,C);
+           return;
+        }
+#endif
+#ifdef TFM_MUL17
+        if (y <= 17) {
+           fp_mul_comba17(A,B,C);
+           return;
+        }
+#endif
+
+#ifdef TFM_SMALL_SET
+        if (y <= 16) {
+           fp_mul_comba_small(A,B,C);
+           return;
+        }
+#endif        
+#if defined(TFM_MUL20)
+        if (y <= 20) {
+           fp_mul_comba20(A,B,C);
+           return;
+        }
+#endif
+#if defined(TFM_MUL24)
+        if (yy >= 16 && y <= 24) {
+           fp_mul_comba24(A,B,C);
+           return;
+        }
+#endif
+#if defined(TFM_MUL28)
+        if (yy >= 20 && y <= 28) {
+           fp_mul_comba28(A,B,C);
+           return;
+        }
+#endif
+#if defined(TFM_MUL32)
+        if (yy >= 24 && y <= 32) {
+           fp_mul_comba32(A,B,C);
+           return;
+        }
+#endif
+#if defined(TFM_MUL48)
+        if (yy >= 40 && y <= 48) {
+           fp_mul_comba48(A,B,C);
+           return;
+        }
+#endif        
+#if defined(TFM_MUL64)
+        if (yy >= 56 && y <= 64) {
+           fp_mul_comba64(A,B,C);
+           return;
+        }
+#endif
+        fp_mul_comba(A,B,C);
+}
+
+void fp_mul_2(fp_int * a, fp_int * b)
+{
+  int     x, oldused;
+   
+  oldused = b->used;
+  b->used = a->used;
+
+  {
+    register fp_digit r, rr, *tmpa, *tmpb;
+
+    /* alias for source */
+    tmpa = a->dp;
+    
+    /* alias for dest */
+    tmpb = b->dp;
+
+    /* carry */
+    r = 0;
+    for (x = 0; x < a->used; x++) {
+    
+      /* get what will be the *next* carry bit from the 
+       * MSB of the current digit 
+       */
+      rr = *tmpa >> ((fp_digit)(DIGIT_BIT - 1));
+      
+      /* now shift up this digit, add in the carry [from the previous] */
+      *tmpb++ = ((*tmpa++ << ((fp_digit)1)) | r);
+      
+      /* copy the carry that would be from the source 
+       * digit into the next iteration 
+       */
+      r = rr;
+    }
+
+    /* new leading digit? */
+    if (r != 0 && b->used != (FP_SIZE-1)) {
+      /* add a MSB which is always 1 at this point */
+      *tmpb = 1;
+      ++(b->used);
+    }
+
+    /* now zero any excess digits on the destination 
+     * that we didn't write to 
+     */
+    tmpb = b->dp + b->used;
+    for (x = b->used; x < oldused; x++) {
+      *tmpb++ = 0;
+    }
+  }
+  b->sign = a->sign;
+}
+
+/* c = a * b */
+void fp_mul_d(fp_int *a, fp_digit b, fp_int *c)
+{
+   fp_word  w;
+   int      x, oldused;
+
+   oldused = c->used;
+   c->used = a->used;
+   c->sign = a->sign;
+   w       = 0;
+   for (x = 0; x < a->used; x++) {
+       w         = ((fp_word)a->dp[x]) * ((fp_word)b) + w;
+       c->dp[x]  = (fp_digit)w;
+       w         = w >> DIGIT_BIT;
+   }
+   if (w != 0 && (a->used != FP_SIZE)) {
+      c->dp[c->used++] = (fp_digit) w;
+      ++x;
+   }
+   for (; x < oldused; x++) {
+      c->dp[x] = 0;
+   }
+   fp_clamp(c);
+}
+
+/* c = a * 2**d */
+void fp_mul_2d(fp_int *a, int b, fp_int *c)
+{
+   fp_digit carry, carrytmp, shift;
+   int x;
+
+   /* copy it */
+   fp_copy(a, c);
+
+   /* handle whole digits */
+   if (b >= DIGIT_BIT) {
+      fp_lshd(c, b/DIGIT_BIT);
+   }
+   b %= DIGIT_BIT;
+
+   /* shift the digits */
+   if (b != 0) {
+      carry = 0;   
+      shift = DIGIT_BIT - b;
+      for (x = 0; x < c->used; x++) {
+          carrytmp = c->dp[x] >> shift;
+          c->dp[x] = (c->dp[x] << b) + carry;
+          carry = carrytmp;
+      }
+      /* store last carry if room */
+      if (carry && x < FP_SIZE) {
+         c->dp[c->used++] = carry;
+      }
+   }
+   fp_clamp(c);
+}
+
+/* generic PxQ multiplier */
+void fp_mul_comba(fp_int *A, fp_int *B, fp_int *C)
+{
+   int       ix, iy, iz, tx, ty, pa;
+   fp_digit  c0, c1, c2, *tmpx, *tmpy;
+   fp_int    tmp, *dst;
+
+   COMBA_START;
+   COMBA_CLEAR;
+   
+   /* get size of output and trim */
+   pa = A->used + B->used;
+   if (pa >= FP_SIZE) {
+      pa = FP_SIZE-1;
+   }
+
+   if (A == C || B == C) {
+      fp_init(&tmp);
+      dst = &tmp;
+   } else {
+      fp_zero(C);
+      dst = C;
+   }
+
+   for (ix = 0; ix < pa; ix++) {
+      /* get offsets into the two bignums */
+      ty = MIN(ix, B->used-1);
+      tx = ix - ty;
+
+      /* setup temp aliases */
+      tmpx = A->dp + tx;
+      tmpy = B->dp + ty;
+
+      /* this is the number of times the loop will iterrate, essentially its 
+         while (tx++ < a->used && ty-- >= 0) { ... }
+       */
+      iy = MIN(A->used-tx, ty+1);
+
+      /* execute loop */
+      COMBA_FORWARD;
+      for (iz = 0; iz < iy; ++iz) {
+          /* TAO change COMBA_ADD back to MULADD */
+          MULADD(*tmpx++, *tmpy--);
+      }
+
+      /* store term */
+      COMBA_STORE(dst->dp[ix]);
+  }
+  COMBA_FINI;
+
+  dst->used = pa;
+  dst->sign = A->sign ^ B->sign;
+  fp_clamp(dst);
+  fp_copy(dst, C);
+}
+
+/* a/b => cb + d == a */
+int fp_div(fp_int *a, fp_int *b, fp_int *c, fp_int *d)
+{
+  fp_int  q, x, y, t1, t2;
+  int     n, t, i, norm, neg;
+
+  /* is divisor zero ? */
+  if (fp_iszero (b) == 1) {
+    return FP_VAL;
+  }
+
+  /* if a < b then q=0, r = a */
+  if (fp_cmp_mag (a, b) == FP_LT) {
+    if (d != NULL) {
+      fp_copy (a, d);
+    } 
+    if (c != NULL) {
+      fp_zero (c);
+    }
+    return FP_OKAY;
+  }
+
+  fp_init(&q);
+  q.used = a->used + 2;
+
+  fp_init(&t1);
+  fp_init(&t2);
+  fp_init_copy(&x, a);
+  fp_init_copy(&y, b);
+
+  /* fix the sign */
+  neg = (a->sign == b->sign) ? FP_ZPOS : FP_NEG;
+  x.sign = y.sign = FP_ZPOS;
+
+  /* normalize both x and y, ensure that y >= b/2, [b == 2**DIGIT_BIT] */
+  norm = fp_count_bits(&y) % DIGIT_BIT;
+  if (norm < (int)(DIGIT_BIT-1)) {
+     norm = (DIGIT_BIT-1) - norm;
+     fp_mul_2d (&x, norm, &x);
+     fp_mul_2d (&y, norm, &y);
+  } else {
+     norm = 0;
+  }
+
+  /* note hac does 0 based, so if used==5 then its 0,1,2,3,4, e.g. use 4 */
+  n = x.used - 1;
+  t = y.used - 1;
+
+  /* while (x >= y*b**n-t) do { q[n-t] += 1; x -= y*b**{n-t} } */
+  fp_lshd (&y, n - t);                                             /* y = y*b**{n-t} */
+
+  while (fp_cmp (&x, &y) != FP_LT) {
+    ++(q.dp[n - t]);
+    fp_sub (&x, &y, &x);
+  }
+
+  /* reset y by shifting it back down */
+  fp_rshd (&y, n - t);
+
+  /* step 3. for i from n down to (t + 1) */
+  for (i = n; i >= (t + 1); i--) {
+    if (i > x.used) {
+      continue;
+    }
+
+    /* step 3.1 if xi == yt then set q{i-t-1} to b-1, 
+     * otherwise set q{i-t-1} to (xi*b + x{i-1})/yt */
+    if (x.dp[i] == y.dp[t]) {
+      q.dp[i - t - 1] = (fp_digit) ((((fp_word)1) << DIGIT_BIT) - 1);
+    } else {
+      fp_word tmp;
+      tmp = ((fp_word) x.dp[i]) << ((fp_word) DIGIT_BIT);
+      tmp |= ((fp_word) x.dp[i - 1]);
+      tmp /= ((fp_word)y.dp[t]);
+      q.dp[i - t - 1] = (fp_digit) (tmp);
+    }
+
+    /* while (q{i-t-1} * (yt * b + y{t-1})) > 
+             xi * b**2 + xi-1 * b + xi-2 
+     
+       do q{i-t-1} -= 1; 
+    */
+    q.dp[i - t - 1] = (q.dp[i - t - 1] + 1);
+    do {
+      q.dp[i - t - 1] = (q.dp[i - t - 1] - 1);
+
+      /* find left hand */
+      fp_zero (&t1);
+      t1.dp[0] = (t - 1 < 0) ? 0 : y.dp[t - 1];
+      t1.dp[1] = y.dp[t];
+      t1.used = 2;
+      fp_mul_d (&t1, q.dp[i - t - 1], &t1);
+
+      /* find right hand */
+      t2.dp[0] = (i - 2 < 0) ? 0 : x.dp[i - 2];
+      t2.dp[1] = (i - 1 < 0) ? 0 : x.dp[i - 1];
+      t2.dp[2] = x.dp[i];
+      t2.used = 3;
+    } while (fp_cmp_mag(&t1, &t2) == FP_GT);
+
+    /* step 3.3 x = x - q{i-t-1} * y * b**{i-t-1} */
+    fp_mul_d (&y, q.dp[i - t - 1], &t1);
+    fp_lshd  (&t1, i - t - 1);
+    fp_sub   (&x, &t1, &x);
+
+    /* if x < 0 then { x = x + y*b**{i-t-1}; q{i-t-1} -= 1; } */
+    if (x.sign == FP_NEG) {
+      fp_copy (&y, &t1);
+      fp_lshd (&t1, i - t - 1);
+      fp_add (&x, &t1, &x);
+      q.dp[i - t - 1] = q.dp[i - t - 1] - 1;
+    }
+  }
+
+  /* now q is the quotient and x is the remainder 
+   * [which we have to normalize] 
+   */
+  
+  /* get sign before writing to c */
+  x.sign = x.used == 0 ? FP_ZPOS : a->sign;
+
+  if (c != NULL) {
+    fp_clamp (&q);
+    fp_copy (&q, c);
+    c->sign = neg;
+  }
+
+  if (d != NULL) {
+    fp_div_2d (&x, norm, &x, NULL);
+
+/* the following is a kludge, essentially we were seeing the right remainder but 
+   with excess digits that should have been zero
+ */
+    for (i = b->used; i < x.used; i++) {
+        x.dp[i] = 0;
+    }
+    fp_clamp(&x);
+    fp_copy (&x, d);
+  }
+
+  return FP_OKAY;
+}
+
+/* b = a/2 */
+void fp_div_2(fp_int * a, fp_int * b)
+{
+  int     x, oldused;
+
+  oldused = b->used;
+  b->used = a->used;
+  {
+    register fp_digit r, rr, *tmpa, *tmpb;
+
+    /* source alias */
+    tmpa = a->dp + b->used - 1;
+
+    /* dest alias */
+    tmpb = b->dp + b->used - 1;
+
+    /* carry */
+    r = 0;
+    for (x = b->used - 1; x >= 0; x--) {
+      /* get the carry for the next iteration */
+      rr = *tmpa & 1;
+
+      /* shift the current digit, add in carry and store */
+      *tmpb-- = (*tmpa-- >> 1) | (r << (DIGIT_BIT - 1));
+
+      /* forward carry to next iteration */
+      r = rr;
+    }
+
+    /* zero excess digits */
+    tmpb = b->dp + b->used;
+    for (x = b->used; x < oldused; x++) {
+      *tmpb++ = 0;
+    }
+  }
+  b->sign = a->sign;
+  fp_clamp (b);
+}
+
+/* c = a / 2**b */
+void fp_div_2d(fp_int *a, int b, fp_int *c, fp_int *d)
+{
+  int      D;
+  fp_int   t;
+
+  /* if the shift count is <= 0 then we do no work */
+  if (b <= 0) {
+    fp_copy (a, c);
+    if (d != NULL) {
+      fp_zero (d);
+    }
+    return;
+  }
+
+  fp_init(&t);
+
+  /* get the remainder */
+  if (d != NULL) {
+    fp_mod_2d (a, b, &t);
+  }
+
+  /* copy */
+  fp_copy(a, c);
+
+  /* shift by as many digits in the bit count */
+  if (b >= (int)DIGIT_BIT) {
+    fp_rshd (c, b / DIGIT_BIT);
+  }
+
+  /* shift any bit count < DIGIT_BIT */
+  D = (b % DIGIT_BIT);
+  if (D != 0) {
+    fp_rshb(c, D);
+  }
+  fp_clamp (c);
+  if (d != NULL) {
+    fp_copy (&t, d);
+  }
+}
+
+/* c = a mod b, 0 <= c < b  */
+int fp_mod(fp_int *a, fp_int *b, fp_int *c)
+{
+   fp_int t;
+   int    err;
+
+   fp_init(&t);
+   if ((err = fp_div(a, b, NULL, &t)) != FP_OKAY) {
+      return err;
+   }
+   if (t.sign != b->sign) {
+      fp_add(&t, b, c);
+   } else {
+      fp_copy(&t, c);
+  }
+  return FP_OKAY;
+}
+
+/* c = a mod 2**d */
+void fp_mod_2d(fp_int *a, int b, fp_int *c)
+{
+   int x;
+
+   /* zero if count less than or equal to zero */
+   if (b <= 0) {
+      fp_zero(c);
+      return;
+   }
+
+   /* get copy of input */
+   fp_copy(a, c);
+ 
+   /* if 2**d is larger than we just return */
+   if (b >= (DIGIT_BIT * a->used)) {
+      return;
+   }
+
+  /* zero digits above the last digit of the modulus */
+  for (x = (b / DIGIT_BIT) + ((b % DIGIT_BIT) == 0 ? 0 : 1); x < c->used; x++) {
+    c->dp[x] = 0;
+  }
+  /* clear the digit that is not completely outside/inside the modulus */
+  c->dp[b / DIGIT_BIT] &= ~((fp_digit)0) >> (DIGIT_BIT - b);
+  fp_clamp (c);
+}
+
+static int fp_invmod_slow (fp_int * a, fp_int * b, fp_int * c)
+{
+  fp_int  x, y, u, v, A, B, C, D;
+  int     res;
+
+  /* b cannot be negative */
+  if (b->sign == FP_NEG || fp_iszero(b) == 1) {
+    return FP_VAL;
+  }
+
+  /* init temps */
+  fp_init(&x);    fp_init(&y);
+  fp_init(&u);    fp_init(&v);
+  fp_init(&A);    fp_init(&B);
+  fp_init(&C);    fp_init(&D);
+
+  /* x = a, y = b */
+  if ((res = fp_mod(a, b, &x)) != FP_OKAY) {
+      return res;
+  }
+  fp_copy(b, &y);
+
+  /* 2. [modified] if x,y are both even then return an error! */
+  if (fp_iseven (&x) == 1 && fp_iseven (&y) == 1) {
+    return FP_VAL;
+  }
+
+  /* 3. u=x, v=y, A=1, B=0, C=0,D=1 */
+  fp_copy (&x, &u);
+  fp_copy (&y, &v);
+  fp_set (&A, 1);
+  fp_set (&D, 1);
+
+top:
+  /* 4.  while u is even do */
+  while (fp_iseven (&u) == 1) {
+    /* 4.1 u = u/2 */
+    fp_div_2 (&u, &u);
+
+    /* 4.2 if A or B is odd then */
+    if (fp_isodd (&A) == 1 || fp_isodd (&B) == 1) {
+      /* A = (A+y)/2, B = (B-x)/2 */
+      fp_add (&A, &y, &A);
+      fp_sub (&B, &x, &B);
+    }
+    /* A = A/2, B = B/2 */
+    fp_div_2 (&A, &A);
+    fp_div_2 (&B, &B);
+  }
+
+  /* 5.  while v is even do */
+  while (fp_iseven (&v) == 1) {
+    /* 5.1 v = v/2 */
+    fp_div_2 (&v, &v);
+
+    /* 5.2 if C or D is odd then */
+    if (fp_isodd (&C) == 1 || fp_isodd (&D) == 1) {
+      /* C = (C+y)/2, D = (D-x)/2 */
+      fp_add (&C, &y, &C);
+      fp_sub (&D, &x, &D);
+    }
+    /* C = C/2, D = D/2 */
+    fp_div_2 (&C, &C);
+    fp_div_2 (&D, &D);
+  }
+
+  /* 6.  if u >= v then */
+  if (fp_cmp (&u, &v) != FP_LT) {
+    /* u = u - v, A = A - C, B = B - D */
+    fp_sub (&u, &v, &u);
+    fp_sub (&A, &C, &A);
+    fp_sub (&B, &D, &B);
+  } else {
+    /* v - v - u, C = C - A, D = D - B */
+    fp_sub (&v, &u, &v);
+    fp_sub (&C, &A, &C);
+    fp_sub (&D, &B, &D);
+  }
+
+  /* if not zero goto step 4 */
+  if (fp_iszero (&u) == 0)
+    goto top;
+
+  /* now a = C, b = D, gcd == g*v */
+
+  /* if v != 1 then there is no inverse */
+  if (fp_cmp_d (&v, 1) != FP_EQ) {
+    return FP_VAL;
+  }
+
+  /* if its too low */
+  while (fp_cmp_d(&C, 0) == FP_LT) {
+      fp_add(&C, b, &C);
+  }
+  
+  /* too big */
+  while (fp_cmp_mag(&C, b) != FP_LT) {
+      fp_sub(&C, b, &C);
+  }
+  
+  /* C is now the inverse */
+  fp_copy(&C, c);
+  return FP_OKAY;
+}
+
+/* c = 1/a (mod b) for odd b only */
+int fp_invmod(fp_int *a, fp_int *b, fp_int *c)
+{
+  fp_int  x, y, u, v, B, D;
+  int     neg;
+
+  /* 2. [modified] b must be odd   */
+  if (fp_iseven (b) == FP_YES) {
+    return fp_invmod_slow(a,b,c);
+  }
+
+  /* init all our temps */
+  fp_init(&x);  fp_init(&y);
+  fp_init(&u);  fp_init(&v);
+  fp_init(&B);  fp_init(&D);
+
+  /* x == modulus, y == value to invert */
+  fp_copy(b, &x);
+
+  /* we need y = |a| */
+  fp_abs(a, &y);
+
+  /* 3. u=x, v=y, A=1, B=0, C=0,D=1 */
+  fp_copy(&x, &u);
+  fp_copy(&y, &v);
+  fp_set (&D, 1);
+
+top:
+  /* 4.  while u is even do */
+  while (fp_iseven (&u) == FP_YES) {
+    /* 4.1 u = u/2 */
+    fp_div_2 (&u, &u);
+
+    /* 4.2 if B is odd then */
+    if (fp_isodd (&B) == FP_YES) {
+      fp_sub (&B, &x, &B);
+    }
+    /* B = B/2 */
+    fp_div_2 (&B, &B);
+  }
+
+  /* 5.  while v is even do */
+  while (fp_iseven (&v) == FP_YES) {
+    /* 5.1 v = v/2 */
+    fp_div_2 (&v, &v);
+
+    /* 5.2 if D is odd then */
+    if (fp_isodd (&D) == FP_YES) {
+      /* D = (D-x)/2 */
+      fp_sub (&D, &x, &D);
+    }
+    /* D = D/2 */
+    fp_div_2 (&D, &D);
+  }
+
+  /* 6.  if u >= v then */
+  if (fp_cmp (&u, &v) != FP_LT) {
+    /* u = u - v, B = B - D */
+    fp_sub (&u, &v, &u);
+    fp_sub (&B, &D, &B);
+  } else {
+    /* v - v - u, D = D - B */
+    fp_sub (&v, &u, &v);
+    fp_sub (&D, &B, &D);
+  }
+
+  /* if not zero goto step 4 */
+  if (fp_iszero (&u) == FP_NO) {
+    goto top;
+  }
+
+  /* now a = C, b = D, gcd == g*v */
+
+  /* if v != 1 then there is no inverse */
+  if (fp_cmp_d (&v, 1) != FP_EQ) {
+    return FP_VAL;
+  }
+
+  /* b is now the inverse */
+  neg = a->sign;
+  while (D.sign == FP_NEG) {
+    fp_add (&D, b, &D);
+  }
+  fp_copy (&D, c);
+  c->sign = neg;
+  return FP_OKAY;
+}
+
+/* d = a * b (mod c) */
+int fp_mulmod(fp_int *a, fp_int *b, fp_int *c, fp_int *d)
+{
+  fp_int tmp;
+  fp_init(&tmp);
+  fp_mul(a, b, &tmp);
+  return fp_mod(&tmp, c, d);
+}
+
+#ifdef TFM_TIMING_RESISTANT
+
+/* timing resistant montgomery ladder based exptmod 
+
+   Based on work by Marc Joye, Sung-Ming Yen, "The Montgomery Powering Ladder", Cryptographic Hardware and Embedded Systems, CHES 2002
+*/
+static int _fp_exptmod(fp_int * G, fp_int * X, fp_int * P, fp_int * Y)
+{
+  fp_int   R[2];
+  fp_digit buf, mp;
+  int      err, bitcnt, digidx, y;
+
+  /* now setup montgomery  */
+  if ((err = fp_montgomery_setup (P, &mp)) != FP_OKAY) {
+     return err;
+  }
+
+  fp_init(&R[0]);   
+  fp_init(&R[1]);   
+   
+  /* now we need R mod m */
+  fp_montgomery_calc_normalization (&R[0], P);
+
+  /* now set R[0][1] to G * R mod m */
+  if (fp_cmp_mag(P, G) != FP_GT) {
+     /* G > P so we reduce it first */
+     fp_mod(G, P, &R[1]);
+  } else {
+     fp_copy(G, &R[1]);
+  }
+  fp_mulmod (&R[1], &R[0], P, &R[1]);
+
+  /* for j = t-1 downto 0 do
+        r_!k = R0*R1; r_k = r_k^2
+  */
+  
+  /* set initial mode and bit cnt */
+  bitcnt = 1;
+  buf    = 0;
+  digidx = X->used - 1;
+
+  for (;;) {
+    /* grab next digit as required */
+    if (--bitcnt == 0) {
+      /* if digidx == -1 we are out of digits so break */
+      if (digidx == -1) {
+        break;
+      }
+      /* read next digit and reset bitcnt */
+      buf    = X->dp[digidx--];
+      bitcnt = (int)DIGIT_BIT;
+    }
+
+    /* grab the next msb from the exponent */
+    y     = (int)(buf >> (DIGIT_BIT - 1)) & 1;
+    buf <<= (fp_digit)1;
+
+    /* do ops */
+    fp_mul(&R[0], &R[1], &R[y^1]); fp_montgomery_reduce(&R[y^1], P, mp);
+    fp_sqr(&R[y], &R[y]);          fp_montgomery_reduce(&R[y], P, mp);
+  }
+
+   fp_montgomery_reduce(&R[0], P, mp);
+   fp_copy(&R[0], Y);
+   return FP_OKAY;
+}   
+
+#else
+
+/* y = g**x (mod b) 
+ * Some restrictions... x must be positive and < b
+ */
+static int _fp_exptmod(fp_int * G, fp_int * X, fp_int * P, fp_int * Y)
+{
+  fp_int   M[64], res;
+  fp_digit buf, mp;
+  int      err, bitbuf, bitcpy, bitcnt, mode, digidx, x, y, winsize;
+
+  /* find window size */
+  x = fp_count_bits (X);
+  if (x <= 21) {
+    winsize = 1;
+  } else if (x <= 36) {
+    winsize = 3;
+  } else if (x <= 140) {
+    winsize = 4;
+  } else if (x <= 450) {
+    winsize = 5;
+  } else {
+    winsize = 6;
+  } 
+
+  /* init M array */
+  XMEMSET(M, 0, sizeof(M)); 
+
+  /* now setup montgomery  */
+  if ((err = fp_montgomery_setup (P, &mp)) != FP_OKAY) {
+     return err;
+  }
+
+  /* setup result */
+  fp_init(&res);
+
+  /* create M table
+   *
+   * The M table contains powers of the input base, e.g. M[x] = G^x mod P
+   *
+   * The first half of the table is not computed though accept for M[0] and M[1]
+   */
+
+   /* now we need R mod m */
+   fp_montgomery_calc_normalization (&res, P);
+
+   /* now set M[1] to G * R mod m */
+   if (fp_cmp_mag(P, G) != FP_GT) {
+      /* G > P so we reduce it first */
+      fp_mod(G, P, &M[1]);
+   } else {
+      fp_copy(G, &M[1]);
+   }
+   fp_mulmod (&M[1], &res, P, &M[1]);
+
+  /* compute the value at M[1<<(winsize-1)] by squaring M[1] (winsize-1) times */
+  fp_copy (&M[1], &M[1 << (winsize - 1)]);
+  for (x = 0; x < (winsize - 1); x++) {
+    fp_sqr (&M[1 << (winsize - 1)], &M[1 << (winsize - 1)]);
+    fp_montgomery_reduce (&M[1 << (winsize - 1)], P, mp);
+  }
+
+  /* create upper table */
+  for (x = (1 << (winsize - 1)) + 1; x < (1 << winsize); x++) {
+    fp_mul(&M[x - 1], &M[1], &M[x]);
+    fp_montgomery_reduce(&M[x], P, mp);
+  }
+
+  /* set initial mode and bit cnt */
+  mode   = 0;
+  bitcnt = 1;
+  buf    = 0;
+  digidx = X->used - 1;
+  bitcpy = 0;
+  bitbuf = 0;
+
+  for (;;) {
+    /* grab next digit as required */
+    if (--bitcnt == 0) {
+      /* if digidx == -1 we are out of digits so break */
+      if (digidx == -1) {
+        break;
+      }
+      /* read next digit and reset bitcnt */
+      buf    = X->dp[digidx--];
+      bitcnt = (int)DIGIT_BIT;
+    }
+
+    /* grab the next msb from the exponent */
+    y     = (int)(buf >> (DIGIT_BIT - 1)) & 1;
+    buf <<= (fp_digit)1;
+
+    /* if the bit is zero and mode == 0 then we ignore it
+     * These represent the leading zero bits before the first 1 bit
+     * in the exponent.  Technically this opt is not required but it
+     * does lower the # of trivial squaring/reductions used
+     */
+    if (mode == 0 && y == 0) {
+      continue;
+    }
+
+    /* if the bit is zero and mode == 1 then we square */
+    if (mode == 1 && y == 0) {
+      fp_sqr(&res, &res);
+      fp_montgomery_reduce(&res, P, mp);
+      continue;
+    }
+
+    /* else we add it to the window */
+    bitbuf |= (y << (winsize - ++bitcpy));
+    mode    = 2;
+
+    if (bitcpy == winsize) {
+      /* ok window is filled so square as required and multiply  */
+      /* square first */
+      for (x = 0; x < winsize; x++) {
+        fp_sqr(&res, &res);
+        fp_montgomery_reduce(&res, P, mp);
+      }
+
+      /* then multiply */
+      fp_mul(&res, &M[bitbuf], &res);
+      fp_montgomery_reduce(&res, P, mp);
+
+      /* empty window and reset */
+      bitcpy = 0;
+      bitbuf = 0;
+      mode   = 1;
+    }
+  }
+
+  /* if bits remain then square/multiply */
+  if (mode == 2 && bitcpy > 0) {
+    /* square then multiply if the bit is set */
+    for (x = 0; x < bitcpy; x++) {
+      fp_sqr(&res, &res);
+      fp_montgomery_reduce(&res, P, mp);
+
+      /* get next bit of the window */
+      bitbuf <<= 1;
+      if ((bitbuf & (1 << winsize)) != 0) {
+        /* then multiply */
+        fp_mul(&res, &M[1], &res);
+        fp_montgomery_reduce(&res, P, mp);
+      }
+    }
+  }
+
+  /* fixup result if Montgomery reduction is used
+   * recall that any value in a Montgomery system is
+   * actually multiplied by R mod n.  So we have
+   * to reduce one more time to cancel out the factor
+   * of R.
+   */
+  fp_montgomery_reduce(&res, P, mp);
+
+  /* swap res with Y */
+  fp_copy (&res, Y);
+  return FP_OKAY;
+}
+
+#endif
+
+int fp_exptmod(fp_int * G, fp_int * X, fp_int * P, fp_int * Y)
+{
+   /* prevent overflows */
+   if (P->used > (FP_SIZE/2)) {
+      return FP_VAL;
+   }
+
+   if (X->sign == FP_NEG) {
+#ifndef POSITIVE_EXP_ONLY  /* reduce stack if assume no negatives */
+      int    err;
+      fp_int tmp;
+
+      /* yes, copy G and invmod it */
+      fp_copy(G, &tmp);
+      if ((err = fp_invmod(&tmp, P, &tmp)) != FP_OKAY) {
+         return err;
+      }
+      X->sign = FP_ZPOS;
+      err =  _fp_exptmod(&tmp, X, P, Y);
+      if (X != Y) {
+         X->sign = FP_NEG;
+      }
+      return err;
+#else
+      return FP_VAL;
+#endif 
+   }
+   else {
+      /* Positive exponent so just exptmod */
+      return _fp_exptmod(G, X, P, Y);
+   }
+}
+
+/* computes a = 2**b */
+void fp_2expt(fp_int *a, int b)
+{
+   int     z;
+
+   /* zero a as per default */
+   fp_zero (a);
+
+   if (b < 0) { 
+      return;
+   }
+
+   z = b / DIGIT_BIT;
+   if (z >= FP_SIZE) {
+      return; 
+   }
+
+  /* set the used count of where the bit will go */
+  a->used = z + 1;
+
+  /* put the single bit in its place */
+  a->dp[z] = ((fp_digit)1) << (b % DIGIT_BIT);
+}
+
+/* b = a*a  */
+void fp_sqr(fp_int *A, fp_int *B)
+{
+    int y = A->used;
+
+    /* call generic if we're out of range */
+    if (y + y > FP_SIZE) {
+       fp_sqr_comba(A, B);
+       return ;
+    }
+
+#if defined(TFM_SQR3)
+        if (y <= 3) {
+           fp_sqr_comba3(A,B);
+           return;
+        }
+#endif
+#if defined(TFM_SQR4)
+        if (y == 4) {
+           fp_sqr_comba4(A,B);
+           return;
+        }
+#endif
+#if defined(TFM_SQR6)
+        if (y <= 6) {
+           fp_sqr_comba6(A,B);
+           return;
+        }
+#endif
+#if defined(TFM_SQR7)
+        if (y == 7) {
+           fp_sqr_comba7(A,B);
+           return;
+        }
+#endif
+#if defined(TFM_SQR8)
+        if (y == 8) {
+           fp_sqr_comba8(A,B);
+           return;
+        }
+#endif
+#if defined(TFM_SQR9)
+        if (y == 9) {
+           fp_sqr_comba9(A,B);
+           return;
+        }
+#endif
+#if defined(TFM_SQR12)
+        if (y <= 12) {
+           fp_sqr_comba12(A,B);
+           return;
+        }
+#endif
+#if defined(TFM_SQR17)
+        if (y <= 17) {
+           fp_sqr_comba17(A,B);
+           return;
+        }
+#endif
+#if defined(TFM_SMALL_SET)
+        if (y <= 16) {
+           fp_sqr_comba_small(A,B);
+           return;
+        }
+#endif
+#if defined(TFM_SQR20)
+        if (y <= 20) {
+           fp_sqr_comba20(A,B);
+           return;
+        }
+#endif
+#if defined(TFM_SQR24)
+        if (y <= 24) {
+           fp_sqr_comba24(A,B);
+           return;
+        }
+#endif
+#if defined(TFM_SQR28)
+        if (y <= 28) {
+           fp_sqr_comba28(A,B);
+           return;
+        }
+#endif
+#if defined(TFM_SQR32)
+        if (y <= 32) {
+           fp_sqr_comba32(A,B);
+           return;
+        }
+#endif
+#if defined(TFM_SQR48)
+        if (y <= 48) {
+           fp_sqr_comba48(A,B);
+           return;
+        }
+#endif
+#if defined(TFM_SQR64)
+        if (y <= 64) {
+           fp_sqr_comba64(A,B);
+           return;
+        }
+#endif
+       fp_sqr_comba(A, B);
+}
+
+/* generic comba squarer */
+void fp_sqr_comba(fp_int *A, fp_int *B)
+{
+  int       pa, ix, iz;
+  fp_digit  c0, c1, c2;
+  fp_int    tmp, *dst;
+#ifdef TFM_ISO
+  fp_word   tt;
+#endif    
+
+  /* get size of output and trim */
+  pa = A->used + A->used;
+  if (pa >= FP_SIZE) {
+     pa = FP_SIZE-1;
+  }
+
+  /* number of output digits to produce */
+  COMBA_START;
+  COMBA_CLEAR;
+
+  if (A == B) {
+     fp_init(&tmp);
+     dst = &tmp;
+  } else {
+     fp_zero(B);
+     dst = B;
+  }
+
+  for (ix = 0; ix < pa; ix++) { 
+      int      tx, ty, iy;
+      fp_digit *tmpy, *tmpx;
+
+      /* get offsets into the two bignums */
+      ty = MIN(A->used-1, ix);
+      tx = ix - ty;
+
+      /* setup temp aliases */
+      tmpx = A->dp + tx;
+      tmpy = A->dp + ty;
+
+      /* this is the number of times the loop will iterrate,
+         while (tx++ < a->used && ty-- >= 0) { ... }
+       */
+      iy = MIN(A->used-tx, ty+1);
+
+      /* now for squaring tx can never equal ty 
+       * we halve the distance since they approach 
+       * at a rate of 2x and we have to round because 
+       * odd cases need to be executed
+       */
+      iy = MIN(iy, (ty-tx+1)>>1);
+
+      /* forward carries */
+      COMBA_FORWARD;
+
+      /* execute loop */
+      for (iz = 0; iz < iy; iz++) {
+          SQRADD2(*tmpx++, *tmpy--);
+      }
+
+      /* even columns have the square term in them */
+      if ((ix&1) == 0) {
+          /* TAO change COMBA_ADD back to SQRADD */
+          SQRADD(A->dp[ix>>1], A->dp[ix>>1]);
+      }
+
+      /* store it */
+      COMBA_STORE(dst->dp[ix]);
+  }
+
+  COMBA_FINI;
+
+  /* setup dest */
+  dst->used = pa;
+  fp_clamp (dst);
+  if (dst != B) {
+     fp_copy(dst, B);
+  }
+}
+
+int fp_cmp(fp_int *a, fp_int *b)
+{
+   if (a->sign == FP_NEG && b->sign == FP_ZPOS) {
+      return FP_LT;
+   } else if (a->sign == FP_ZPOS && b->sign == FP_NEG) {
+      return FP_GT;
+   } else {
+      /* compare digits */
+      if (a->sign == FP_NEG) {
+         /* if negative compare opposite direction */
+         return fp_cmp_mag(b, a);
+      } else {
+         return fp_cmp_mag(a, b);
+      }
+   }
+}
+
+/* compare against a single digit */
+int fp_cmp_d(fp_int *a, fp_digit b)
+{
+  /* compare based on sign */
+  if ((b && a->used == 0) || a->sign == FP_NEG) {
+    return FP_LT;
+  }
+
+  /* compare based on magnitude */
+  if (a->used > 1) {
+    return FP_GT;
+  }
+
+  /* compare the only digit of a to b */
+  if (a->dp[0] > b) {
+    return FP_GT;
+  } else if (a->dp[0] < b) {
+    return FP_LT;
+  } else {
+    return FP_EQ;
+  }
+
+}
+
+int fp_cmp_mag(fp_int *a, fp_int *b)
+{
+   int x;
+
+   if (a->used > b->used) {
+      return FP_GT;
+   } else if (a->used < b->used) {
+      return FP_LT;
+   } else {
+      for (x = a->used - 1; x >= 0; x--) {
+          if (a->dp[x] > b->dp[x]) {
+             return FP_GT;
+          } else if (a->dp[x] < b->dp[x]) {
+             return FP_LT;
+          }
+      }
+   }
+   return FP_EQ;
+}
+
+/* setups the montgomery reduction */
+int fp_montgomery_setup(fp_int *a, fp_digit *rho)
+{
+  fp_digit x, b;
+
+/* fast inversion mod 2**k
+ *
+ * Based on the fact that
+ *
+ * XA = 1 (mod 2**n)  =>  (X(2-XA)) A = 1 (mod 2**2n)
+ *                    =>  2*X*A - X*X*A*A = 1
+ *                    =>  2*(1) - (1)     = 1
+ */
+  b = a->dp[0];
+
+  if ((b & 1) == 0) {
+    return FP_VAL;
+  }
+
+  x = (((b + 2) & 4) << 1) + b; /* here x*a==1 mod 2**4 */
+  x *= 2 - b * x;               /* here x*a==1 mod 2**8 */
+  x *= 2 - b * x;               /* here x*a==1 mod 2**16 */
+  x *= 2 - b * x;               /* here x*a==1 mod 2**32 */
+#ifdef FP_64BIT
+  x *= 2 - b * x;               /* here x*a==1 mod 2**64 */
+#endif
+
+  /* rho = -1/m mod b */
+  *rho = (fp_digit) (((fp_word) 1 << ((fp_word) DIGIT_BIT)) - ((fp_word)x));
+
+  return FP_OKAY;
+}
+
+/* computes a = B**n mod b without division or multiplication useful for
+ * normalizing numbers in a Montgomery system.
+ */
+void fp_montgomery_calc_normalization(fp_int *a, fp_int *b)
+{
+  int     x, bits;
+
+  /* how many bits of last digit does b use */
+  bits = fp_count_bits (b) % DIGIT_BIT;
+  if (!bits) bits = DIGIT_BIT;
+
+  /* compute A = B^(n-1) * 2^(bits-1) */
+  if (b->used > 1) {
+     fp_2expt (a, (b->used - 1) * DIGIT_BIT + bits - 1);
+  } else {
+     fp_set(a, 1);
+     bits = 1;
+  }
+
+  /* now compute C = A * B mod b */
+  for (x = bits - 1; x < (int)DIGIT_BIT; x++) {
+    fp_mul_2 (a, a);
+    if (fp_cmp_mag (a, b) != FP_LT) {
+      s_fp_sub (a, b, a);
+    }
+  }
+}
+
+
+#ifdef TFM_SMALL_MONT_SET
+    #include "fp_mont_small.i"
+#endif
+
+/* computes x/R == x (mod N) via Montgomery Reduction */
+void fp_montgomery_reduce(fp_int *a, fp_int *m, fp_digit mp)
+{
+   fp_digit c[FP_SIZE], *_c, *tmpm, mu = 0;
+   int      oldused, x, y, pa;
+
+   /* bail if too large */
+   if (m->used > (FP_SIZE/2)) {
+      (void)mu;                     /* shut up compiler */
+      return;
+   }
+
+#ifdef TFM_SMALL_MONT_SET
+   if (m->used <= 16) {
+      fp_montgomery_reduce_small(a, m, mp);
+      return;
+   }
+#endif
+
+
+   /* now zero the buff */
+   XMEMSET(c, 0, sizeof c);
+   pa = m->used;
+
+   /* copy the input */
+   oldused = a->used;
+   for (x = 0; x < oldused; x++) {
+       c[x] = a->dp[x];
+   }
+   MONT_START;
+
+   for (x = 0; x < pa; x++) {
+       fp_digit cy = 0;
+       /* get Mu for this round */
+       LOOP_START;
+       _c   = c + x;
+       tmpm = m->dp;
+       y = 0;
+       #if (defined(TFM_SSE2) || defined(TFM_X86_64))
+        for (; y < (pa & ~7); y += 8) {
+              INNERMUL8;
+              _c   += 8;
+              tmpm += 8;
+           }
+       #endif
+
+       for (; y < pa; y++) {
+          INNERMUL;
+          ++_c;
+       }
+       LOOP_END;
+       while (cy) {
+           PROPCARRY;
+           ++_c;
+       }
+  }         
+
+  /* now copy out */
+  _c   = c + pa;
+  tmpm = a->dp;
+  for (x = 0; x < pa+1; x++) {
+     *tmpm++ = *_c++;
+  }
+
+  for (; x < oldused; x++)   {
+     *tmpm++ = 0;
+  }
+
+  MONT_FINI;
+
+  a->used = pa+1;
+  fp_clamp(a);
+  
+  /* if A >= m then A = A - m */
+  if (fp_cmp_mag (a, m) != FP_LT) {
+    s_fp_sub (a, m, a);
+  }
+}
+
+void fp_read_unsigned_bin(fp_int *a, unsigned char *b, int c)
+{
+  /* zero the int */
+  fp_zero (a);
+
+  /* If we know the endianness of this architecture, and we're using
+     32-bit fp_digits, we can optimize this */
+#if (defined(LITTLE_ENDIAN_ORDER) || defined(BIG_ENDIAN_ORDER)) && defined(FP_32BIT)
+  /* But not for both simultaneously */
+#if defined(LITTLE_ENDIAN_ORDER) && defined(BIG_ENDIAN_ORDER)
+#error Both LITTLE_ENDIAN_ORDER and BIG_ENDIAN_ORDER defined.
+#endif
+  {
+     unsigned char *pd = (unsigned char *)a->dp;
+
+     if ((unsigned)c > (FP_SIZE * sizeof(fp_digit))) {
+        int excess = c - (FP_SIZE * sizeof(fp_digit));
+        c -= excess;
+        b += excess;
+     }
+     a->used = (c + sizeof(fp_digit) - 1)/sizeof(fp_digit);
+     /* read the bytes in */
+#ifdef BIG_ENDIAN_ORDER
+     {
+       /* Use Duff's device to unroll the loop. */
+       int idx = (c - 1) & ~3;
+       switch (c % 4) {
+       case 0:	do { pd[idx+0] = *b++;
+       case 3:	     pd[idx+1] = *b++;
+       case 2:	     pd[idx+2] = *b++;
+       case 1:	     pd[idx+3] = *b++;
+                     idx -= 4;
+	 	        } while ((c -= 4) > 0);
+       }
+     }
+#else
+     for (c -= 1; c >= 0; c -= 1) {
+       pd[c] = *b++;
+     }
+#endif
+  }
+#else
+  /* read the bytes in */
+  for (; c > 0; c--) {
+     fp_mul_2d (a, 8, a);
+     a->dp[0] |= *b++;
+     a->used += 1;
+  }
+#endif
+  fp_clamp (a);
+}
+
+void fp_to_unsigned_bin(fp_int *a, unsigned char *b)
+{
+  int     x;
+  fp_int  t;
+
+  fp_init_copy(&t, a);
+
+  x = 0;
+  while (fp_iszero (&t) == FP_NO) {
+      b[x++] = (unsigned char) (t.dp[0] & 255);
+      fp_div_2d (&t, 8, &t, NULL);
+  }
+  fp_reverse (b, x);
+}
+
+int fp_unsigned_bin_size(fp_int *a)
+{
+  int     size = fp_count_bits (a);
+  return (size / 8 + ((size & 7) != 0 ? 1 : 0));
+}
+
+void fp_set(fp_int *a, fp_digit b)
+{
+   fp_zero(a);
+   a->dp[0] = b;
+   a->used  = a->dp[0] ? 1 : 0;
+}
+
+int fp_count_bits (fp_int * a)
+{
+  int     r;
+  fp_digit q;
+
+  /* shortcut */
+  if (a->used == 0) {
+    return 0;
+  }
+
+  /* get number of digits and add that */
+  r = (a->used - 1) * DIGIT_BIT;
+
+  /* take the last digit and count the bits in it */
+  q = a->dp[a->used - 1];
+  while (q > ((fp_digit) 0)) {
+    ++r;
+    q >>= ((fp_digit) 1);
+  }
+  return r;
+}
+
+int fp_leading_bit(fp_int *a)
+{
+    int bit = 0;
+
+    if (a->used != 0) {
+        fp_digit q = a->dp[a->used - 1];
+        int qSz = sizeof(fp_digit);
+
+        while (qSz > 0) {
+            if ((unsigned char)q != 0)
+                bit = (q & 0x80) != 0;
+            q >>= 8;
+            qSz--;
+        }
+    }
+
+    return bit;
+}
+
+void fp_lshd(fp_int *a, int x)
+{
+   int y;
+
+   /* move up and truncate as required */
+   y = MIN(a->used + x - 1, (int)(FP_SIZE-1));
+
+   /* store new size */
+   a->used = y + 1;
+
+   /* move digits */
+   for (; y >= x; y--) {
+       a->dp[y] = a->dp[y-x];
+   }
+ 
+   /* zero lower digits */
+   for (; y >= 0; y--) {
+       a->dp[y] = 0;
+   }
+
+   /* clamp digits */
+   fp_clamp(a);
+}
+
+
+/* right shift by bit count */
+void fp_rshb(fp_int *c, int x)
+{
+    register fp_digit *tmpc, mask, shift;
+    fp_digit r, rr;
+    fp_digit D = x;
+
+    /* mask */
+    mask = (((fp_digit)1) << D) - 1;
+
+    /* shift for lsb */
+    shift = DIGIT_BIT - D;
+
+    /* alias */
+    tmpc = c->dp + (c->used - 1);
+
+    /* carry */
+    r = 0;
+    for (x = c->used - 1; x >= 0; x--) {
+      /* get the lower  bits of this word in a temp */
+      rr = *tmpc & mask;
+
+      /* shift the current word and mix in the carry bits from previous word */
+      *tmpc = (*tmpc >> D) | (r << shift);
+      --tmpc;
+
+      /* set the carry to the carry bits of the current word found above */
+      r = rr;
+    }
+}
+
+
+void fp_rshd(fp_int *a, int x)
+{
+  int y;
+
+  /* too many digits just zero and return */
+  if (x >= a->used) {
+     fp_zero(a);
+     return;
+  }
+
+   /* shift */
+   for (y = 0; y < a->used - x; y++) {
+      a->dp[y] = a->dp[y+x];
+   }
+
+   /* zero rest */
+   for (; y < a->used; y++) {
+      a->dp[y] = 0;
+   }
+   
+   /* decrement count */
+   a->used -= x;
+   fp_clamp(a);
+}
+
+/* reverse an array, used for radix code */
+void fp_reverse (unsigned char *s, int len)
+{
+  int     ix, iy;
+  unsigned char t;
+
+  ix = 0;
+  iy = len - 1;
+  while (ix < iy) {
+    t     = s[ix];
+    s[ix] = s[iy];
+    s[iy] = t;
+    ++ix;
+    --iy;
+  }
+}
+
+
+/* c = a - b */
+void fp_sub_d(fp_int *a, fp_digit b, fp_int *c)
+{
+   fp_int tmp;
+   fp_init(&tmp);
+   fp_set(&tmp, b);
+   fp_sub(a, &tmp, c);
+}
+
+
+/* CyaSSL callers from normal lib */
+
+/* init a new mp_int */
+int mp_init (mp_int * a)
+{
+  if (a)
+    fp_init(a);
+  return MP_OKAY;
+}
+
+#ifdef ALT_ECC_SIZE
+void fp_init(fp_int *a)
+{
+    a->size = FP_SIZE;
+    fp_zero(a);
+}
+
+void fp_zero(fp_int *a)
+{
+    a->used = 0;
+    a->sign = FP_ZPOS;
+    XMEMSET(a->dp, 0, a->size * sizeof(fp_digit));
+}
+#endif
+
+
+/* clear one (frees)  */
+void mp_clear (mp_int * a)
+{
+  fp_zero(a);
+}
+
+/* handle up to 6 inits */
+int mp_init_multi(mp_int* a, mp_int* b, mp_int* c, mp_int* d, mp_int* e, mp_int* f)
+{
+    if (a)
+        fp_init(a);
+    if (b)
+        fp_init(b);
+    if (c)
+        fp_init(c);
+    if (d)
+        fp_init(d);
+    if (e)
+        fp_init(e);
+    if (f)
+        fp_init(f);
+
+    return MP_OKAY;
+}
+
+/* high level addition (handles signs) */
+int mp_add (mp_int * a, mp_int * b, mp_int * c)
+{
+  fp_add(a, b, c);
+  return MP_OKAY;
+}
+
+/* high level subtraction (handles signs) */
+int mp_sub (mp_int * a, mp_int * b, mp_int * c)
+{
+  fp_sub(a, b, c);
+  return MP_OKAY;
+}
+
+/* high level multiplication (handles sign) */
+int mp_mul (mp_int * a, mp_int * b, mp_int * c)
+{
+  fp_mul(a, b, c);
+  return MP_OKAY;
+}
+
+/* d = a * b (mod c) */
+int mp_mulmod (mp_int * a, mp_int * b, mp_int * c, mp_int * d)
+{
+  return fp_mulmod(a, b, c, d);
+}
+
+/* c = a mod b, 0 <= c < b */
+int mp_mod (mp_int * a, mp_int * b, mp_int * c)
+{
+  return fp_mod (a, b, c);
+}
+
+/* hac 14.61, pp608 */
+int mp_invmod (mp_int * a, mp_int * b, mp_int * c)
+{
+  return fp_invmod(a, b, c);
+}
+
+/* this is a shell function that calls either the normal or Montgomery
+ * exptmod functions.  Originally the call to the montgomery code was
+ * embedded in the normal function but that wasted alot of stack space
+ * for nothing (since 99% of the time the Montgomery code would be called)
+ */
+int mp_exptmod (mp_int * G, mp_int * X, mp_int * P, mp_int * Y)
+{
+  return fp_exptmod(G, X, P, Y);
+}
+
+/* compare two ints (signed)*/
+int mp_cmp (mp_int * a, mp_int * b)
+{
+  return fp_cmp(a, b);
+}
+
+/* compare a digit */
+int mp_cmp_d(mp_int * a, mp_digit b)
+{
+  return fp_cmp_d(a, b);
+}
+
+/* get the size for an unsigned equivalent */
+int mp_unsigned_bin_size (mp_int * a)
+{
+  return fp_unsigned_bin_size(a);
+}
+
+/* store in unsigned [big endian] format */
+int mp_to_unsigned_bin (mp_int * a, unsigned char *b)
+{
+  fp_to_unsigned_bin(a,b);
+  return MP_OKAY;
+}
+
+/* reads a unsigned char array, assumes the msb is stored first [big endian] */
+int mp_read_unsigned_bin (mp_int * a, const unsigned char *b, int c)
+{
+  fp_read_unsigned_bin(a, (unsigned char *)b, c);
+  return MP_OKAY;
+}
+
+
+int mp_sub_d(fp_int *a, fp_digit b, fp_int *c)
+{
+    fp_sub_d(a, b, c);
+    return MP_OKAY;
+}
+
+
+#ifdef ALT_ECC_SIZE
+void fp_copy(fp_int *a, fp_int* b)
+{
+    if (a != b) {
+        b->used = a->used;
+        b->sign = a->sign;
+        XMEMCPY(b->dp, a->dp, a->used * sizeof(fp_digit));
+    }
+}
+
+void fp_init_copy(fp_int *a, fp_int* b)
+{
+    if (a != b) {
+        fp_init(a);
+        fp_copy(b, a);
+    }
+}
+#endif
+
+/* fast math conversion */
+int mp_copy(fp_int* a, fp_int* b)
+{
+    fp_copy(a, b);
+    return MP_OKAY;
+}
+
+
+/* fast math conversion */
+int mp_isodd(mp_int* a)
+{
+    return fp_isodd(a);
+}
+
+
+/* fast math conversion */
+int mp_iszero(mp_int* a)
+{
+    return fp_iszero(a);
+}
+
+
+/* fast math conversion */
+int mp_count_bits (mp_int* a)
+{
+    return fp_count_bits(a);
+}
+
+
+int mp_leading_bit (mp_int* a)
+{
+    return fp_leading_bit(a);
+}
+
+
+/* fast math conversion */
+void mp_rshb (mp_int* a, int x)
+{
+    fp_rshb(a, x);
+}
+
+
+/* fast math wrappers */
+int mp_set_int(fp_int *a, fp_digit b)
+{
+    fp_set(a, b);
+    return MP_OKAY;
+}
+
+
+#if defined(WOLFSSL_KEY_GEN) || defined (HAVE_ECC)
+
+/* c = a * a (mod b) */
+int fp_sqrmod(fp_int *a, fp_int *b, fp_int *c)
+{
+  fp_int tmp;
+  fp_init(&tmp);
+  fp_sqr(a, &tmp);
+  return fp_mod(&tmp, b, c);
+}
+
+/* fast math conversion */
+int mp_sqrmod(mp_int *a, mp_int *b, mp_int *c)
+{
+    return fp_sqrmod(a, b, c);
+}
+
+/* fast math conversion */
+int mp_montgomery_calc_normalization(mp_int *a, mp_int *b)
+{
+    fp_montgomery_calc_normalization(a, b);
+    return MP_OKAY;
+}
+
+#endif /* WOLFSSL_KEYGEN || HAVE_ECC */
+
+
+#if defined(WOLFSSL_KEY_GEN) || defined(HAVE_COMP_KEY)
+
+static const int lnz[16] = {
+   4, 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0
+};
+
+/* Counts the number of lsbs which are zero before the first zero bit */
+int fp_cnt_lsb(fp_int *a)
+{
+   int x;
+   fp_digit q, qq;
+
+   /* easy out */
+   if (fp_iszero(a) == 1) {
+      return 0;
+   }
+
+   /* scan lower digits until non-zero */
+   for (x = 0; x < a->used && a->dp[x] == 0; x++);
+   q = a->dp[x];
+   x *= DIGIT_BIT;
+
+   /* now scan this digit until a 1 is found */
+   if ((q & 1) == 0) {
+      do {
+         qq  = q & 15;
+         x  += lnz[qq];
+         q >>= 4;
+      } while (qq == 0);
+   }
+   return x;
+}
+
+
+
+
+static int s_is_power_of_two(fp_digit b, int *p)
+{
+   int x;
+
+   /* fast return if no power of two */
+   if ((b==0) || (b & (b-1))) {
+      return 0;
+   }
+
+   for (x = 0; x < DIGIT_BIT; x++) {
+      if (b == (((fp_digit)1)< cb + d == a */
+static int fp_div_d(fp_int *a, fp_digit b, fp_int *c, fp_digit *d)
+{
+  fp_int   q;
+  fp_word  w;
+  fp_digit t;
+  int      ix;
+
+  /* cannot divide by zero */
+  if (b == 0) {
+     return FP_VAL;
+  }
+
+  /* quick outs */
+  if (b == 1 || fp_iszero(a) == 1) {
+     if (d != NULL) {
+        *d = 0;
+     }
+     if (c != NULL) {
+        fp_copy(a, c);
+     }
+     return FP_OKAY;
+  }
+
+  /* power of two ? */
+  if (s_is_power_of_two(b, &ix) == 1) {
+     if (d != NULL) {
+        *d = a->dp[0] & ((((fp_digit)1)<used;
+  q.sign = a->sign;
+  w = 0;
+  for (ix = a->used - 1; ix >= 0; ix--) {
+     w = (w << ((fp_word)DIGIT_BIT)) | ((fp_word)a->dp[ix]);
+     
+     if (w >= b) {
+        t = (fp_digit)(w / b);
+        w -= ((fp_word)t) * ((fp_word)b);
+      } else {
+        t = 0;
+      }
+      q.dp[ix] = (fp_digit)t;
+  }
+  
+  if (d != NULL) {
+     *d = (fp_digit)w;
+  }
+  
+  if (c != NULL) {
+     fp_clamp(&q);
+     fp_copy(&q, c);
+  }
+ 
+  return FP_OKAY;
+}
+
+
+/* c = a mod b, 0 <= c < b  */
+static int fp_mod_d(fp_int *a, fp_digit b, fp_digit *c)
+{
+   return fp_div_d(a, b, NULL, c);
+}
+
+int mp_mod_d(fp_int *a, fp_digit b, fp_digit *c)
+{
+   return fp_mod_d(a, b, c);
+}
+
+#endif /* defined(WOLFSSL_KEY_GEN) || defined(HAVE_COMP_KEY) */
+
+#ifdef WOLFSSL_KEY_GEN
+
+void fp_gcd(fp_int *a, fp_int *b, fp_int *c);
+void fp_lcm(fp_int *a, fp_int *b, fp_int *c);
+int  fp_isprime(fp_int *a);
+
+int mp_gcd(fp_int *a, fp_int *b, fp_int *c)
+{
+    fp_gcd(a, b, c);
+    return MP_OKAY;
+}
+
+
+int mp_lcm(fp_int *a, fp_int *b, fp_int *c)
+{
+    fp_lcm(a, b, c);
+    return MP_OKAY;
+}
+
+
+int mp_prime_is_prime(mp_int* a, int t, int* result)
+{
+    (void)t;
+    *result = fp_isprime(a);
+    return MP_OKAY;
+}
+
+/* Miller-Rabin test of "a" to the base of "b" as described in 
+ * HAC pp. 139 Algorithm 4.24
+ *
+ * Sets result to 0 if definitely composite or 1 if probably prime.
+ * Randomly the chance of error is no more than 1/4 and often 
+ * very much lower.
+ */
+static void fp_prime_miller_rabin (fp_int * a, fp_int * b, int *result)
+{
+  fp_int  n1, y, r;
+  int     s, j;
+
+  /* default */
+  *result = FP_NO;
+
+  /* ensure b > 1 */
+  if (fp_cmp_d(b, 1) != FP_GT) {
+     return;
+  }     
+
+  /* get n1 = a - 1 */
+  fp_init_copy(&n1, a);
+  fp_sub_d(&n1, 1, &n1);
+
+  /* set 2**s * r = n1 */
+  fp_init_copy(&r, &n1);
+
+  /* count the number of least significant bits
+   * which are zero
+   */
+  s = fp_cnt_lsb(&r);
+
+  /* now divide n - 1 by 2**s */
+  fp_div_2d (&r, s, &r, NULL);
+
+  /* compute y = b**r mod a */
+  fp_init(&y);
+  fp_exptmod(b, &r, a, &y);
+
+  /* if y != 1 and y != n1 do */
+  if (fp_cmp_d (&y, 1) != FP_EQ && fp_cmp (&y, &n1) != FP_EQ) {
+    j = 1;
+    /* while j <= s-1 and y != n1 */
+    while ((j <= (s - 1)) && fp_cmp (&y, &n1) != FP_EQ) {
+      fp_sqrmod (&y, a, &y);
+
+      /* if y == 1 then composite */
+      if (fp_cmp_d (&y, 1) == FP_EQ) {
+         return;
+      }
+      ++j;
+    }
+
+    /* if y != n1 then composite */
+    if (fp_cmp (&y, &n1) != FP_EQ) {
+       return;
+    }
+  }
+
+  /* probably prime now */
+  *result = FP_YES;
+}
+
+
+/* a few primes */
+static const fp_digit primes[256] = {
+  0x0002, 0x0003, 0x0005, 0x0007, 0x000B, 0x000D, 0x0011, 0x0013,
+  0x0017, 0x001D, 0x001F, 0x0025, 0x0029, 0x002B, 0x002F, 0x0035,
+  0x003B, 0x003D, 0x0043, 0x0047, 0x0049, 0x004F, 0x0053, 0x0059,
+  0x0061, 0x0065, 0x0067, 0x006B, 0x006D, 0x0071, 0x007F, 0x0083,
+  0x0089, 0x008B, 0x0095, 0x0097, 0x009D, 0x00A3, 0x00A7, 0x00AD,
+  0x00B3, 0x00B5, 0x00BF, 0x00C1, 0x00C5, 0x00C7, 0x00D3, 0x00DF,
+  0x00E3, 0x00E5, 0x00E9, 0x00EF, 0x00F1, 0x00FB, 0x0101, 0x0107,
+  0x010D, 0x010F, 0x0115, 0x0119, 0x011B, 0x0125, 0x0133, 0x0137,
+
+  0x0139, 0x013D, 0x014B, 0x0151, 0x015B, 0x015D, 0x0161, 0x0167,
+  0x016F, 0x0175, 0x017B, 0x017F, 0x0185, 0x018D, 0x0191, 0x0199,
+  0x01A3, 0x01A5, 0x01AF, 0x01B1, 0x01B7, 0x01BB, 0x01C1, 0x01C9,
+  0x01CD, 0x01CF, 0x01D3, 0x01DF, 0x01E7, 0x01EB, 0x01F3, 0x01F7,
+  0x01FD, 0x0209, 0x020B, 0x021D, 0x0223, 0x022D, 0x0233, 0x0239,
+  0x023B, 0x0241, 0x024B, 0x0251, 0x0257, 0x0259, 0x025F, 0x0265,
+  0x0269, 0x026B, 0x0277, 0x0281, 0x0283, 0x0287, 0x028D, 0x0293,
+  0x0295, 0x02A1, 0x02A5, 0x02AB, 0x02B3, 0x02BD, 0x02C5, 0x02CF,
+
+  0x02D7, 0x02DD, 0x02E3, 0x02E7, 0x02EF, 0x02F5, 0x02F9, 0x0301,
+  0x0305, 0x0313, 0x031D, 0x0329, 0x032B, 0x0335, 0x0337, 0x033B,
+  0x033D, 0x0347, 0x0355, 0x0359, 0x035B, 0x035F, 0x036D, 0x0371,
+  0x0373, 0x0377, 0x038B, 0x038F, 0x0397, 0x03A1, 0x03A9, 0x03AD,
+  0x03B3, 0x03B9, 0x03C7, 0x03CB, 0x03D1, 0x03D7, 0x03DF, 0x03E5,
+  0x03F1, 0x03F5, 0x03FB, 0x03FD, 0x0407, 0x0409, 0x040F, 0x0419,
+  0x041B, 0x0425, 0x0427, 0x042D, 0x043F, 0x0443, 0x0445, 0x0449,
+  0x044F, 0x0455, 0x045D, 0x0463, 0x0469, 0x047F, 0x0481, 0x048B,
+
+  0x0493, 0x049D, 0x04A3, 0x04A9, 0x04B1, 0x04BD, 0x04C1, 0x04C7,
+  0x04CD, 0x04CF, 0x04D5, 0x04E1, 0x04EB, 0x04FD, 0x04FF, 0x0503,
+  0x0509, 0x050B, 0x0511, 0x0515, 0x0517, 0x051B, 0x0527, 0x0529,
+  0x052F, 0x0551, 0x0557, 0x055D, 0x0565, 0x0577, 0x0581, 0x058F,
+  0x0593, 0x0595, 0x0599, 0x059F, 0x05A7, 0x05AB, 0x05AD, 0x05B3,
+  0x05BF, 0x05C9, 0x05CB, 0x05CF, 0x05D1, 0x05D5, 0x05DB, 0x05E7,
+  0x05F3, 0x05FB, 0x0607, 0x060D, 0x0611, 0x0617, 0x061F, 0x0623,
+  0x062B, 0x062F, 0x063D, 0x0641, 0x0647, 0x0649, 0x064D, 0x0653
+};
+
+int fp_isprime(fp_int *a)
+{
+   fp_int   b;
+   fp_digit d = 0;
+   int      r, res;
+
+   /* do trial division */
+   for (r = 0; r < 256; r++) {
+       fp_mod_d(a, primes[r], &d);
+       if (d == 0) {
+          return FP_NO;
+       }
+   }
+
+   /* now do 8 miller rabins */
+   fp_init(&b);
+   for (r = 0; r < 8; r++) {
+       fp_set(&b, primes[r]);
+       fp_prime_miller_rabin(a, &b, &res);
+       if (res == FP_NO) {
+          return FP_NO;
+       }
+   }
+   return FP_YES;
+}
+
+
+/* c = [a, b] */
+void fp_lcm(fp_int *a, fp_int *b, fp_int *c)
+{
+   fp_int  t1, t2;
+
+   fp_init(&t1);
+   fp_init(&t2);
+   fp_gcd(a, b, &t1);
+   if (fp_cmp_mag(a, b) == FP_GT) {
+      fp_div(a, &t1, &t2, NULL);
+      fp_mul(b, &t2, c);
+   } else {
+      fp_div(b, &t1, &t2, NULL);
+      fp_mul(a, &t2, c);
+   }   
+}
+
+
+
+/* c = (a, b) */
+void fp_gcd(fp_int *a, fp_int *b, fp_int *c)
+{
+   fp_int u, v, r;
+
+   /* either zero than gcd is the largest */
+   if (fp_iszero (a) == 1 && fp_iszero (b) == 0) {
+     fp_abs (b, c);
+     return;
+   }
+   if (fp_iszero (a) == 0 && fp_iszero (b) == 1) {
+     fp_abs (a, c);
+     return;
+   }
+
+   /* optimized.  At this point if a == 0 then
+    * b must equal zero too
+    */
+   if (fp_iszero (a) == 1) {
+     fp_zero(c);
+     return;
+   }
+
+   /* sort inputs */
+   if (fp_cmp_mag(a, b) != FP_LT) {
+      fp_init_copy(&u, a);
+      fp_init_copy(&v, b);
+   } else {
+      fp_init_copy(&u, b);
+      fp_init_copy(&v, a);
+   }
+ 
+   fp_init(&r);
+   while (fp_iszero(&v) == FP_NO) {
+      fp_mod(&u, &v, &r);
+      fp_copy(&v, &u);
+      fp_copy(&r, &v);
+   }
+   fp_copy(&u, c);
+}
+
+#endif /* WOLFSSL_KEY_GEN */
+
+
+#if defined(HAVE_ECC) || !defined(NO_PWDBASED)
+/* c = a + b */
+void fp_add_d(fp_int *a, fp_digit b, fp_int *c)
+{
+   fp_int tmp;
+   fp_init(&tmp);
+   fp_set(&tmp, b);
+   fp_add(a,&tmp,c);
+}
+
+/* external compatibility */
+int mp_add_d(fp_int *a, fp_digit b, fp_int *c)
+{
+    fp_add_d(a, b, c);
+    return MP_OKAY;
+}
+
+#endif  /* HAVE_ECC || !NO_PWDBASED */
+
+
+#ifdef HAVE_ECC
+
+/* chars used in radix conversions */
+static const char *fp_s_rmap = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz+/";
+
+static int fp_read_radix(fp_int *a, const char *str, int radix)
+{
+  int     y, neg;
+  char    ch;
+
+  /* make sure the radix is ok */
+  if (radix < 2 || radix > 64) {
+    return FP_VAL;
+  }
+
+  /* if the leading digit is a
+   * minus set the sign to negative.
+   */
+  if (*str == '-') {
+    ++str;
+    neg = FP_NEG;
+  } else {
+    neg = FP_ZPOS;
+  }
+
+  /* set the integer to the default of zero */
+  fp_zero (a);
+
+  /* process each digit of the string */
+  while (*str) {
+    /* if the radix < 36 the conversion is case insensitive
+     * this allows numbers like 1AB and 1ab to represent the same  value
+     * [e.g. in hex]
+     */
+    ch = (char) ((radix < 36) ? XTOUPPER(*str) : *str);
+    for (y = 0; y < 64; y++) {
+      if (ch == fp_s_rmap[y]) {
+         break;
+      }
+    }
+
+    /* if the char was found in the map
+     * and is less than the given radix add it
+     * to the number, otherwise exit the loop.
+     */
+    if (y < radix) {
+      fp_mul_d (a, (fp_digit) radix, a);
+      fp_add_d (a, (fp_digit) y, a);
+    } else {
+      break;
+    }
+    ++str;
+  }
+
+  /* set the sign only if a != 0 */
+  if (fp_iszero(a) != FP_YES) {
+     a->sign = neg;
+  }
+  return FP_OKAY;
+}
+
+/* fast math conversion */
+int mp_read_radix(mp_int *a, const char *str, int radix)
+{
+    return fp_read_radix(a, str, radix);
+}
+
+/* fast math conversion */
+int mp_set(fp_int *a, fp_digit b)
+{
+    fp_set(a,b);
+    return MP_OKAY;
+}
+
+/* fast math conversion */
+int mp_sqr(fp_int *A, fp_int *B)
+{
+    fp_sqr(A, B);
+    return MP_OKAY;
+}
+  
+/* fast math conversion */
+int mp_montgomery_reduce(fp_int *a, fp_int *m, fp_digit mp)
+{
+    fp_montgomery_reduce(a, m, mp);
+    return MP_OKAY;
+}
+
+
+/* fast math conversion */
+int mp_montgomery_setup(fp_int *a, fp_digit *rho)
+{
+    return fp_montgomery_setup(a, rho);
+}
+
+int mp_div_2(fp_int * a, fp_int * b)
+{
+    fp_div_2(a, b);
+    return MP_OKAY;
+}
+
+
+int mp_init_copy(fp_int * a, fp_int * b)
+{
+    fp_init_copy(a, b);
+    return MP_OKAY;
+}
+
+
+#ifdef HAVE_COMP_KEY
+
+int mp_cnt_lsb(fp_int* a)
+{
+    fp_cnt_lsb(a);
+    return MP_OKAY;
+}
+
+int mp_div_2d(fp_int* a, int b, fp_int* c, fp_int* d)
+{
+    fp_div_2d(a, b, c, d);
+    return MP_OKAY;
+}
+
+#endif /* HAVE_COMP_KEY */
+
+
+#endif /* HAVE_ECC */
+
+#endif /* USE_FAST_MATH */
+
diff --git a/3P/wolfssl/wolfcrypt/src/wc_port.c b/3P/wolfssl/wolfcrypt/src/wc_port.c
new file mode 100644
index 00000000..51530347
--- /dev/null
+++ b/3P/wolfssl/wolfcrypt/src/wc_port.c
@@ -0,0 +1,471 @@
+/* port.c
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+#ifdef HAVE_CONFIG_H
+    #include 
+#endif
+
+#include 
+#include 
+#include 
+
+
+#ifdef _MSC_VER
+    /* 4996 warning to use MS extensions e.g., strcpy_s instead of strncpy */
+    #pragma warning(disable: 4996)
+#endif
+
+
+
+#ifdef SINGLE_THREADED
+
+int InitMutex(wolfSSL_Mutex* m)
+{
+    (void)m;
+    return 0;
+}
+
+
+int FreeMutex(wolfSSL_Mutex *m)
+{
+    (void)m;
+    return 0;
+}
+
+
+int LockMutex(wolfSSL_Mutex *m)
+{
+    (void)m;
+    return 0;
+}
+
+
+int UnLockMutex(wolfSSL_Mutex *m)
+{
+    (void)m;
+    return 0;
+}
+
+#else /* MULTI_THREAD */
+
+    #if defined(FREERTOS)
+
+        int InitMutex(wolfSSL_Mutex* m)
+        {
+            int iReturn;
+
+            *m = ( wolfSSL_Mutex ) xSemaphoreCreateMutex();
+            if( *m != NULL )
+                iReturn = 0;
+            else
+                iReturn = BAD_MUTEX_E;
+
+            return iReturn;
+        }
+
+        int FreeMutex(wolfSSL_Mutex* m)
+        {
+            vSemaphoreDelete( *m );
+            return 0;
+        }
+
+        int LockMutex(wolfSSL_Mutex* m)
+        {
+            /* Assume an infinite block, or should there be zero block? */
+            xSemaphoreTake( *m, portMAX_DELAY );
+            return 0;
+        }
+
+        int UnLockMutex(wolfSSL_Mutex* m)
+        {
+            xSemaphoreGive( *m );
+            return 0;
+        }
+
+    #elif defined(WOLFSSL_SAFERTOS)
+
+        int InitMutex(wolfSSL_Mutex* m)
+        {
+            vSemaphoreCreateBinary(m->mutexBuffer, m->mutex);
+            if (m->mutex == NULL)
+                return BAD_MUTEX_E;
+
+            return 0;
+        }
+
+        int FreeMutex(wolfSSL_Mutex* m)
+        {
+            (void)m;
+            return 0;
+        }
+
+        int LockMutex(wolfSSL_Mutex* m)
+        {
+            /* Assume an infinite block */
+            xSemaphoreTake(m->mutex, portMAX_DELAY);
+            return 0;
+        }
+
+        int UnLockMutex(wolfSSL_Mutex* m)
+        {
+            xSemaphoreGive(m->mutex);
+            return 0;
+        }
+
+
+    #elif defined(USE_WINDOWS_API)
+
+        int InitMutex(wolfSSL_Mutex* m)
+        {
+            InitializeCriticalSection(m);
+            return 0;
+        }
+
+
+        int FreeMutex(wolfSSL_Mutex* m)
+        {
+            DeleteCriticalSection(m);
+            return 0;
+        }
+
+
+        int LockMutex(wolfSSL_Mutex* m)
+        {
+            EnterCriticalSection(m);
+            return 0;
+        }
+
+
+        int UnLockMutex(wolfSSL_Mutex* m)
+        {
+            LeaveCriticalSection(m);
+            return 0;
+        }
+
+    #elif defined(WOLFSSL_PTHREADS)
+
+        int InitMutex(wolfSSL_Mutex* m)
+        {
+            if (pthread_mutex_init(m, 0) == 0)
+                return 0;
+            else
+                return BAD_MUTEX_E;
+        }
+
+
+        int FreeMutex(wolfSSL_Mutex* m)
+        {
+            if (pthread_mutex_destroy(m) == 0)
+                return 0;
+            else
+                return BAD_MUTEX_E;
+        }
+
+
+        int LockMutex(wolfSSL_Mutex* m)
+        {
+            if (pthread_mutex_lock(m) == 0)
+                return 0;
+            else
+                return BAD_MUTEX_E;
+        }
+
+
+        int UnLockMutex(wolfSSL_Mutex* m)
+        {
+            if (pthread_mutex_unlock(m) == 0)
+                return 0;
+            else
+                return BAD_MUTEX_E;
+        }
+
+    #elif defined(THREADX)
+
+        int InitMutex(wolfSSL_Mutex* m)
+        {
+            if (tx_mutex_create(m, "wolfSSL Mutex", TX_NO_INHERIT) == 0)
+                return 0;
+            else
+                return BAD_MUTEX_E;
+        }
+
+
+        int FreeMutex(wolfSSL_Mutex* m)
+        {
+            if (tx_mutex_delete(m) == 0)
+                return 0;
+            else
+                return BAD_MUTEX_E;
+        }
+
+
+        int LockMutex(wolfSSL_Mutex* m)
+        {
+            if (tx_mutex_get(m, TX_WAIT_FOREVER) == 0)
+                return 0;
+            else
+                return BAD_MUTEX_E;
+        }
+
+
+        int UnLockMutex(wolfSSL_Mutex* m)
+        {
+            if (tx_mutex_put(m) == 0)
+                return 0;
+            else
+                return BAD_MUTEX_E;
+        }
+
+    #elif defined(MICRIUM)
+
+        int InitMutex(wolfSSL_Mutex* m)
+        {
+            #if (NET_SECURE_MGR_CFG_EN == DEF_ENABLED)
+                if (NetSecure_OS_MutexCreate(m) == 0)
+                    return 0;
+                else
+                    return BAD_MUTEX_E;
+            #else
+                return 0;
+            #endif
+        }
+
+
+        int FreeMutex(wolfSSL_Mutex* m)
+        {
+            #if (NET_SECURE_MGR_CFG_EN == DEF_ENABLED)
+                if (NetSecure_OS_FreeMutex(m) == 0)
+                    return 0;
+                else
+                    return BAD_MUTEX_E;
+            #else
+                return 0;
+            #endif
+        }
+
+
+        int LockMutex(wolfSSL_Mutex* m)
+        {
+            #if (NET_SECURE_MGR_CFG_EN == DEF_ENABLED)
+                if (NetSecure_OS_LockMutex(m) == 0)
+                    return 0;
+                else
+                    return BAD_MUTEX_E;
+            #else
+                return 0;
+            #endif
+        }
+
+
+        int UnLockMutex(wolfSSL_Mutex* m)
+        {
+            #if (NET_SECURE_MGR_CFG_EN == DEF_ENABLED)
+                if (NetSecure_OS_UnLockMutex(m) == 0)
+                    return 0;
+                else
+                    return BAD_MUTEX_E;
+            #else
+                return 0;
+            #endif
+
+        }
+
+    #elif defined(EBSNET)
+
+        int InitMutex(wolfSSL_Mutex* m)
+        {
+            if (rtp_sig_mutex_alloc(m, "wolfSSL Mutex") == -1)
+                return BAD_MUTEX_E;
+            else
+                return 0;
+        }
+
+        int FreeMutex(wolfSSL_Mutex* m)
+        {
+            rtp_sig_mutex_free(*m);
+            return 0;
+        }
+
+        int LockMutex(wolfSSL_Mutex* m)
+        {
+            if (rtp_sig_mutex_claim_timed(*m, RTIP_INF) == 0)
+                return 0;
+            else
+                return BAD_MUTEX_E;
+        }
+
+        int UnLockMutex(wolfSSL_Mutex* m)
+        {
+            rtp_sig_mutex_release(*m);
+            return 0;
+        }
+
+    #elif defined(FREESCALE_MQX)
+
+        int InitMutex(wolfSSL_Mutex* m)
+        {
+            if (_mutex_init(m, NULL) == MQX_EOK)
+                return 0;
+            else
+                return BAD_MUTEX_E;
+        }
+
+        int FreeMutex(wolfSSL_Mutex* m)
+        {
+            if (_mutex_destroy(m) == MQX_EOK)
+                return 0;
+            else
+                return BAD_MUTEX_E;
+        }
+
+        int LockMutex(wolfSSL_Mutex* m)
+        {
+            if (_mutex_lock(m) == MQX_EOK)
+                return 0;
+            else
+                return BAD_MUTEX_E;
+        }
+
+        int UnLockMutex(wolfSSL_Mutex* m)
+        {
+            if (_mutex_unlock(m) == MQX_EOK)
+                return 0;
+            else
+                return BAD_MUTEX_E;
+        }
+
+    #elif defined (WOLFSSL_TIRTOS)
+
+        int InitMutex(wolfSSL_Mutex* m)
+        {
+           Semaphore_Params params;
+
+           Semaphore_Params_init(¶ms);
+           params.mode = Semaphore_Mode_BINARY;
+
+           *m = Semaphore_create(1, ¶ms, NULL);
+
+           return 0;
+        }
+
+        int FreeMutex(wolfSSL_Mutex* m)
+        {
+            Semaphore_delete(m);
+
+            return 0;
+        }
+
+        int LockMutex(wolfSSL_Mutex* m)
+        {
+            Semaphore_pend(*m, BIOS_WAIT_FOREVER);
+
+            return 0;
+        }
+
+        int UnLockMutex(wolfSSL_Mutex* m)
+        {
+            Semaphore_post(*m);
+
+            return 0;
+        }
+
+    #elif defined(WOLFSSL_MDK_ARM)|| defined(WOLFSSL_CMSIS_RTOS)
+    
+        #if defined(WOLFSSL_CMSIS_RTOS)
+            #include "cmsis_os.h"
+            #define CMSIS_NMUTEX 10
+            osMutexDef(wolfSSL_mt0) ;  osMutexDef(wolfSSL_mt1) ;  osMutexDef(wolfSSL_mt2) ;
+            osMutexDef(wolfSSL_mt3) ;  osMutexDef(wolfSSL_mt4) ;  osMutexDef(wolfSSL_mt5) ;  
+            osMutexDef(wolfSSL_mt6) ;  osMutexDef(wolfSSL_mt7) ;  osMutexDef(wolfSSL_mt8) ;  
+            osMutexDef(wolfSSL_mt9) ;  
+            
+            static const osMutexDef_t *CMSIS_mutex[] = { osMutex(wolfSSL_mt0),   
+                osMutex(wolfSSL_mt1),    osMutex(wolfSSL_mt2),   osMutex(wolfSSL_mt3),    
+                osMutex(wolfSSL_mt4),    osMutex(wolfSSL_mt5),   osMutex(wolfSSL_mt6),
+                osMutex(wolfSSL_mt7),    osMutex(wolfSSL_mt8),    osMutex(wolfSSL_mt9) } ;                 
+            
+            static osMutexId CMSIS_mutexID[CMSIS_NMUTEX] = {0} ;
+
+            int InitMutex(wolfSSL_Mutex* m)
+            {
+                int i ;
+                for (i=0; i
+#endif
+
+#include 
+
+#ifdef XMALLOC_USER
+    #include   /* we're using malloc / free direct here */
+#endif
+
+#ifndef NO_CRYPT_TEST
+
+#ifdef WOLFSSL_TEST_CERT
+    #include 
+#else
+    #include 
+#endif
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#ifdef HAVE_ECC
+    #include 
+#endif
+#ifdef HAVE_ECC25519
+    #include 
+#endif
+#ifdef HAVE_BLAKE2
+    #include 
+#endif
+#ifdef HAVE_LIBZ
+    #include 
+#endif
+#ifdef HAVE_PKCS7
+    #include 
+#endif
+#ifdef HAVE_FIPS
+    #include 
+#endif
+
+#ifdef _MSC_VER
+    /* 4996 warning to use MS extensions e.g., strcpy_s instead of strncpy */
+    #pragma warning(disable: 4996)
+#endif
+
+#ifdef OPENSSL_EXTRA
+    #include 
+    #include 
+    #include 
+    #include 
+#endif
+
+
+#if defined(USE_CERT_BUFFERS_1024) || defined(USE_CERT_BUFFERS_2048)
+    /* include test cert and key buffers for use with NO_FILESYSTEM */
+    #if defined(WOLFSSL_MDK_ARM)
+        #include "cert_data.h"
+                        /* use certs_test.c for initial data, so other
+                                               commands can share the data. */
+    #else
+        #include 
+    #endif
+#endif
+
+#if defined(WOLFSSL_MDK_ARM)
+        #include 
+        #include 
+    extern FILE * wolfSSL_fopen(const char *fname, const char *mode) ;
+    #define fopen wolfSSL_fopen
+#endif
+
+#ifdef HAVE_NTRU
+    #include "ntru_crypto.h"
+#endif
+#ifdef HAVE_CAVIUM
+    #include "cavium_sysdep.h"
+    #include "cavium_common.h"
+    #include "cavium_ioctl.h"
+#endif
+
+#ifdef FREESCALE_MQX
+    #include 
+    #include 
+    #include 
+#else
+    #include 
+#endif
+
+
+#ifdef THREADX
+    /* since just testing, use THREADX log printf instead */
+    int dc_log_printf(char*, ...);
+        #undef printf
+        #define printf dc_log_printf
+#endif
+
+#include "wolfcrypt/test/test.h"
+
+
+typedef struct testVector {
+    const char*  input;
+    const char*  output;
+    size_t inLen;
+    size_t outLen;
+} testVector;
+
+int  md2_test(void);
+int  md5_test(void);
+int  md4_test(void);
+int  sha_test(void);
+int  sha256_test(void);
+int  sha512_test(void);
+int  sha384_test(void);
+int  hmac_md5_test(void);
+int  hmac_sha_test(void);
+int  hmac_sha256_test(void);
+int  hmac_sha384_test(void);
+int  hmac_sha512_test(void);
+int  hmac_blake2b_test(void);
+int  hkdf_test(void);
+int  arc4_test(void);
+int  hc128_test(void);
+int  rabbit_test(void);
+int  chacha_test(void);
+int  chacha_poly_test(void);
+int  des_test(void);
+int  des3_test(void);
+int  aes_test(void);
+int  poly1305_test(void);
+int  aesgcm_test(void);
+int  gmac_test(void);
+int  aesccm_test(void);
+int  camellia_test(void);
+int  rsa_test(void);
+int  dh_test(void);
+int  dsa_test(void);
+int  random_test(void);
+int  pwdbased_test(void);
+int  ripemd_test(void);
+int  openssl_test(void);   /* test mini api */
+int pbkdf1_test(void);
+int pkcs12_test(void);
+int pbkdf2_test(void);
+#ifdef HAVE_ECC
+    int  ecc_test(void);
+    #ifdef HAVE_ECC_ENCRYPT
+        int  ecc_encrypt_test(void);
+    #endif
+#endif
+#ifdef HAVE_ECC25519
+    int  ecc25519_test(void);
+#endif
+#ifdef HAVE_BLAKE2
+    int  blake2b_test(void);
+#endif
+#ifdef HAVE_LIBZ
+    int compress_test(void);
+#endif
+#ifdef HAVE_PKCS7
+    int pkcs7enveloped_test(void);
+    int pkcs7signed_test(void);
+#endif
+
+
+
+static int err_sys(const char* msg, int es)
+
+{
+    printf("%s error = %d\n", msg, es);
+    return -1; /* error state */
+}
+
+/* func_args from test.h, so don't have to pull in other junk */
+typedef struct func_args {
+    int    argc;
+    char** argv;
+    int    return_code;
+} func_args;
+
+
+#ifdef HAVE_FIPS
+
+static void myFipsCb(int ok, int err, const char* hash)
+{
+    printf("in my Fips callback, ok = %d, err = %d\n", ok, err);
+    printf("message = %s\n", wc_GetErrorString(err));
+    printf("hash = %s\n", hash);
+
+    if (err == IN_CORE_FIPS_E) {
+        printf("In core integrity hash check failure, copy above hash\n");
+        printf("into verifyCore[] in fips_test.c and rebuild\n");
+    }
+}
+
+#endif /* HAVE_FIPS */
+
+
+int wolfcrypt_test(void* args)
+{
+    int ret = 0;
+
+    ((func_args*)args)->return_code = -1; /* error state */
+
+#ifdef HAVE_FIPS
+    wolfCrypt_SetCb_fips(myFipsCb);
+#endif
+
+#if !defined(NO_BIG_INT)
+    if (CheckCtcSettings() != 1)
+        return err_sys("Build vs runtime math mismatch\n", -1234);
+
+#ifdef USE_FAST_MATH
+    if (CheckFastMathSettings() != 1)
+        return err_sys("Build vs runtime fastmath FP_MAX_BITS mismatch\n",
+                       -1235);
+#endif /* USE_FAST_MATH */
+#endif /* !NO_BIG_INT */
+
+
+#ifndef NO_MD5
+    if ( (ret = md5_test()) != 0)
+        return err_sys("MD5      test failed!\n", ret);
+    else
+        printf( "MD5      test passed!\n");
+#endif
+
+#ifdef WOLFSSL_MD2
+    if ( (ret = md2_test()) != 0)
+        return err_sys("MD2      test failed!\n", ret);
+    else
+        printf( "MD2      test passed!\n");
+#endif
+
+#ifndef NO_MD4
+    if ( (ret = md4_test()) != 0)
+        return err_sys("MD4      test failed!\n", ret);
+    else
+        printf( "MD4      test passed!\n");
+#endif
+
+#ifndef NO_SHA
+    if ( (ret = sha_test()) != 0)
+        return err_sys("SHA      test failed!\n", ret);
+    else
+        printf( "SHA      test passed!\n");
+#endif
+
+#ifndef NO_SHA256
+    if ( (ret = sha256_test()) != 0)
+        return err_sys("SHA-256  test failed!\n", ret);
+    else
+        printf( "SHA-256  test passed!\n");
+#endif
+
+#ifdef WOLFSSL_SHA384
+    if ( (ret = sha384_test()) != 0)
+        return err_sys("SHA-384  test failed!\n", ret);
+    else
+        printf( "SHA-384  test passed!\n");
+#endif
+
+#ifdef WOLFSSL_SHA512
+    if ( (ret = sha512_test()) != 0)
+        return err_sys("SHA-512  test failed!\n", ret);
+    else
+        printf( "SHA-512  test passed!\n");
+#endif
+
+#ifdef WOLFSSL_RIPEMD
+    if ( (ret = ripemd_test()) != 0)
+        return err_sys("RIPEMD   test failed!\n", ret);
+    else
+        printf( "RIPEMD   test passed!\n");
+#endif
+
+#ifdef HAVE_BLAKE2
+    if ( (ret = blake2b_test()) != 0)
+        return err_sys("BLAKE2b  test failed!\n", ret);
+    else
+        printf( "BLAKE2b  test passed!\n");
+#endif
+
+#ifndef NO_HMAC
+    #ifndef NO_MD5
+        if ( (ret = hmac_md5_test()) != 0)
+            return err_sys("HMAC-MD5 test failed!\n", ret);
+        else
+            printf( "HMAC-MD5 test passed!\n");
+    #endif
+
+    #ifndef NO_SHA
+    if ( (ret = hmac_sha_test()) != 0)
+        return err_sys("HMAC-SHA test failed!\n", ret);
+    else
+        printf( "HMAC-SHA test passed!\n");
+    #endif
+
+    #ifndef NO_SHA256
+        if ( (ret = hmac_sha256_test()) != 0)
+            return err_sys("HMAC-SHA256 test failed!\n", ret);
+        else
+            printf( "HMAC-SHA256 test passed!\n");
+    #endif
+
+    #ifdef WOLFSSL_SHA384
+        if ( (ret = hmac_sha384_test()) != 0)
+            return err_sys("HMAC-SHA384 test failed!\n", ret);
+        else
+            printf( "HMAC-SHA384 test passed!\n");
+    #endif
+
+    #ifdef WOLFSSL_SHA512
+        if ( (ret = hmac_sha512_test()) != 0)
+            return err_sys("HMAC-SHA512 test failed!\n", ret);
+        else
+            printf( "HMAC-SHA512 test passed!\n");
+    #endif
+
+    #ifdef HAVE_BLAKE2
+        if ( (ret = hmac_blake2b_test()) != 0)
+            return err_sys("HMAC-BLAKE2 test failed!\n", ret);
+        else
+            printf( "HMAC-BLAKE2 test passed!\n");
+    #endif
+
+    #ifdef HAVE_HKDF
+        if ( (ret = hkdf_test()) != 0)
+            return err_sys("HMAC-KDF    test failed!\n", ret);
+        else
+            printf( "HMAC-KDF    test passed!\n");
+    #endif
+
+#endif
+
+#ifdef HAVE_AESGCM
+    if ( (ret = gmac_test()) != 0)
+        return err_sys("GMAC     test passed!\n", ret);
+    else
+        printf( "GMAC     test passed!\n");
+#endif
+
+#ifndef NO_RC4
+    if ( (ret = arc4_test()) != 0)
+        return err_sys("ARC4     test failed!\n", ret);
+    else
+        printf( "ARC4     test passed!\n");
+#endif
+
+#ifndef NO_HC128
+    if ( (ret = hc128_test()) != 0)
+        return err_sys("HC-128   test failed!\n", ret);
+    else
+        printf( "HC-128   test passed!\n");
+#endif
+
+#ifndef NO_RABBIT
+    if ( (ret = rabbit_test()) != 0)
+        return err_sys("Rabbit   test failed!\n", ret);
+    else
+        printf( "Rabbit   test passed!\n");
+#endif
+
+#ifdef HAVE_CHACHA
+    if ( (ret = chacha_test()) != 0)
+        return err_sys("Chacha   test failed!\n", ret);
+    else
+        printf( "Chacha   test passed!\n");
+#endif
+
+#ifdef HAVE_POLY1305
+    if ( (ret = poly1305_test()) != 0)
+        return err_sys("POLY1305 test failed!\n", ret);
+    else
+        printf( "POLY1305 test passed!\n");
+#endif
+
+#if defined(HAVE_CHACHA) && defined(HAVE_POLY1305)
+    if ( (ret = chacha_poly_test()) != 0)
+        return err_sys("CHACHA-POLY AEAD test failed!\n", ret);
+    else
+        printf( "ChachaAEAD test passed!\n");
+#endif
+
+#ifndef NO_DES3
+    if ( (ret = des_test()) != 0)
+        return err_sys("DES      test failed!\n", ret);
+    else
+        printf( "DES      test passed!\n");
+#endif
+
+#ifndef NO_DES3
+    if ( (ret = des3_test()) != 0)
+        return err_sys("DES3     test failed!\n", ret);
+    else
+        printf( "DES3     test passed!\n");
+#endif
+
+#ifndef NO_AES
+    if ( (ret = aes_test()) != 0)
+        return err_sys("AES      test failed!\n", ret);
+    else
+        printf( "AES      test passed!\n");
+
+#ifdef HAVE_AESGCM
+    if ( (ret = aesgcm_test()) != 0)
+        return err_sys("AES-GCM  test failed!\n", ret);
+    else
+        printf( "AES-GCM  test passed!\n");
+#endif
+
+#ifdef HAVE_AESCCM
+    if ( (ret = aesccm_test()) != 0)
+        return err_sys("AES-CCM  test failed!\n", ret);
+    else
+        printf( "AES-CCM  test passed!\n");
+#endif
+#endif
+
+#ifdef HAVE_CAMELLIA
+    if ( (ret = camellia_test()) != 0)
+        return err_sys("CAMELLIA test failed!\n", ret);
+    else
+        printf( "CAMELLIA test passed!\n");
+#endif
+
+    if ( (ret = random_test()) != 0)
+        return err_sys("RANDOM   test failed!\n", ret);
+    else
+        printf( "RANDOM   test passed!\n");
+
+#ifndef NO_RSA
+    if ( (ret = rsa_test()) != 0)
+        return err_sys("RSA      test failed!\n", ret);
+    else
+        printf( "RSA      test passed!\n");
+#endif
+
+#ifndef NO_DH
+    if ( (ret = dh_test()) != 0)
+        return err_sys("DH       test failed!\n", ret);
+    else
+        printf( "DH       test passed!\n");
+#endif
+
+#ifndef NO_DSA
+    if ( (ret = dsa_test()) != 0)
+        return err_sys("DSA      test failed!\n", ret);
+    else
+        printf( "DSA      test passed!\n");
+#endif
+
+#ifndef NO_PWDBASED
+    if ( (ret = pwdbased_test()) != 0)
+        return err_sys("PWDBASED test failed!\n", ret);
+    else
+        printf( "PWDBASED test passed!\n");
+#endif
+
+#ifdef OPENSSL_EXTRA
+    if ( (ret = openssl_test()) != 0)
+        return err_sys("OPENSSL  test failed!\n", ret);
+    else
+        printf( "OPENSSL  test passed!\n");
+#endif
+
+#ifdef HAVE_ECC
+    if ( (ret = ecc_test()) != 0)
+        return err_sys("ECC      test failed!\n", ret);
+    else
+        printf( "ECC      test passed!\n");
+    #ifdef HAVE_ECC_ENCRYPT
+        if ( (ret = ecc_encrypt_test()) != 0)
+            return err_sys("ECC Enc  test failed!\n", ret);
+        else
+            printf( "ECC Enc  test passed!\n");
+    #endif
+#endif
+
+#ifdef HAVE_ECC25519
+    if ( (ret = ecc25519_test()) != 0)
+        return err_sys("ECC25519 test failed!\n", ret);
+    else
+        printf( "ECC25519 test passed!\n");
+#endif
+
+#ifdef HAVE_LIBZ
+    if ( (ret = compress_test()) != 0)
+        return err_sys("COMPRESS test failed!\n", ret);
+    else
+        printf( "COMPRESS test passed!\n");
+#endif
+
+#ifdef HAVE_PKCS7
+    if ( (ret = pkcs7enveloped_test()) != 0)
+        return err_sys("PKCS7enveloped test failed!\n", ret);
+    else
+        printf( "PKCS7enveloped test passed!\n");
+
+    if ( (ret = pkcs7signed_test()) != 0)
+        return err_sys("PKCS7signed    test failed!\n", ret);
+    else
+        printf( "PKCS7signed    test passed!\n");
+#endif
+
+    ((func_args*)args)->return_code = ret;
+
+    return ret;
+}
+
+
+#ifndef NO_MAIN_DRIVER
+
+#ifdef HAVE_CAVIUM
+
+static int OpenNitroxDevice(int dma_mode,int dev_id)
+{
+   Csp1CoreAssignment core_assign;
+   Uint32             device;
+
+   if (CspInitialize(CAVIUM_DIRECT,CAVIUM_DEV_ID))
+      return -1;
+   if (Csp1GetDevType(&device))
+      return -1;
+   if (device != NPX_DEVICE) {
+      if (ioctl(gpkpdev_hdlr[CAVIUM_DEV_ID], IOCTL_CSP1_GET_CORE_ASSIGNMENT,
+                (Uint32 *)&core_assign)!= 0)
+         return -1;
+   }
+   CspShutdown(CAVIUM_DEV_ID);
+
+   return CspInitialize(dma_mode, dev_id);
+}
+
+#endif /* HAVE_CAVIUM */
+
+    /* so overall tests can pull in test function */
+
+    int main(int argc, char** argv)
+    {
+
+        func_args args;
+
+
+#ifdef HAVE_CAVIUM
+        int ret = OpenNitroxDevice(CAVIUM_DIRECT, CAVIUM_DEV_ID);
+        if (ret != 0) {
+            err_sys("Cavium OpenNitroxDevice failed", -1236);
+            return -1236;
+        }
+#endif /* HAVE_CAVIUM */
+
+        args.argc = argc;
+        args.argv = argv;
+
+        wolfcrypt_test(&args);
+
+#ifdef HAVE_CAVIUM
+        CspShutdown(CAVIUM_DEV_ID);
+#endif
+
+        return args.return_code;
+    }
+
+#endif /* NO_MAIN_DRIVER */
+
+
+#ifdef WOLFSSL_MD2
+int md2_test()
+{
+    Md2  md2;
+    byte hash[MD2_DIGEST_SIZE];
+
+    testVector a, b, c, d, e, f, g;
+    testVector test_md2[7];
+    int times = sizeof(test_md2) / sizeof(testVector), i;
+
+    a.input  = "";
+    a.output = "\x83\x50\xe5\xa3\xe2\x4c\x15\x3d\xf2\x27\x5c\x9f\x80\x69"
+               "\x27\x73";
+    a.inLen  = strlen(a.input);
+    a.outLen = MD2_DIGEST_SIZE;
+
+    b.input  = "a";
+    b.output = "\x32\xec\x01\xec\x4a\x6d\xac\x72\xc0\xab\x96\xfb\x34\xc0"
+               "\xb5\xd1";
+    b.inLen  = strlen(b.input);
+    b.outLen = MD2_DIGEST_SIZE;
+
+    c.input  = "abc";
+    c.output = "\xda\x85\x3b\x0d\x3f\x88\xd9\x9b\x30\x28\x3a\x69\xe6\xde"
+               "\xd6\xbb";
+    c.inLen  = strlen(c.input);
+    c.outLen = MD2_DIGEST_SIZE;
+
+    d.input  = "message digest";
+    d.output = "\xab\x4f\x49\x6b\xfb\x2a\x53\x0b\x21\x9f\xf3\x30\x31\xfe"
+               "\x06\xb0";
+    d.inLen  = strlen(d.input);
+    d.outLen = MD2_DIGEST_SIZE;
+
+    e.input  = "abcdefghijklmnopqrstuvwxyz";
+    e.output = "\x4e\x8d\xdf\xf3\x65\x02\x92\xab\x5a\x41\x08\xc3\xaa\x47"
+               "\x94\x0b";
+    e.inLen  = strlen(e.input);
+    e.outLen = MD2_DIGEST_SIZE;
+
+    f.input  = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz012345"
+               "6789";
+    f.output = "\xda\x33\xde\xf2\xa4\x2d\xf1\x39\x75\x35\x28\x46\xc3\x03"
+               "\x38\xcd";
+    f.inLen  = strlen(f.input);
+    f.outLen = MD2_DIGEST_SIZE;
+
+    g.input  = "1234567890123456789012345678901234567890123456789012345678"
+               "9012345678901234567890";
+    g.output = "\xd5\x97\x6f\x79\xd8\x3d\x3a\x0d\xc9\x80\x6c\x3c\x66\xf3"
+               "\xef\xd8";
+    g.inLen  = strlen(g.input);
+    g.outLen = MD2_DIGEST_SIZE;
+
+    test_md2[0] = a;
+    test_md2[1] = b;
+    test_md2[2] = c;
+    test_md2[3] = d;
+    test_md2[4] = e;
+    test_md2[5] = f;
+    test_md2[6] = g;
+
+    wc_InitMd2(&md2);
+
+    for (i = 0; i < times; ++i) {
+        wc_Md2Update(&md2, (byte*)test_md2[i].input, (word32)test_md2[i].inLen);
+        wc_Md2Final(&md2, hash);
+
+        if (memcmp(hash, test_md2[i].output, MD2_DIGEST_SIZE) != 0)
+            return -155 - i;
+    }
+
+    return 0;
+}
+#endif
+
+#ifndef NO_MD5
+int md5_test(void)
+{
+    Md5  md5;
+    byte hash[MD5_DIGEST_SIZE];
+
+    testVector a, b, c, d, e;
+    testVector test_md5[5];
+    int times = sizeof(test_md5) / sizeof(testVector), i;
+
+    a.input  = "abc";
+    a.output = "\x90\x01\x50\x98\x3c\xd2\x4f\xb0\xd6\x96\x3f\x7d\x28\xe1\x7f"
+               "\x72";
+    a.inLen  = strlen(a.input);
+    a.outLen = MD5_DIGEST_SIZE;
+
+    b.input  = "message digest";
+    b.output = "\xf9\x6b\x69\x7d\x7c\xb7\x93\x8d\x52\x5a\x2f\x31\xaa\xf1\x61"
+               "\xd0";
+    b.inLen  = strlen(b.input);
+    b.outLen = MD5_DIGEST_SIZE;
+
+    c.input  = "abcdefghijklmnopqrstuvwxyz";
+    c.output = "\xc3\xfc\xd3\xd7\x61\x92\xe4\x00\x7d\xfb\x49\x6c\xca\x67\xe1"
+               "\x3b";
+    c.inLen  = strlen(c.input);
+    c.outLen = MD5_DIGEST_SIZE;
+
+    d.input  = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz012345"
+               "6789";
+    d.output = "\xd1\x74\xab\x98\xd2\x77\xd9\xf5\xa5\x61\x1c\x2c\x9f\x41\x9d"
+               "\x9f";
+    d.inLen  = strlen(d.input);
+    d.outLen = MD5_DIGEST_SIZE;
+
+    e.input  = "1234567890123456789012345678901234567890123456789012345678"
+               "9012345678901234567890";
+    e.output = "\x57\xed\xf4\xa2\x2b\xe3\xc9\x55\xac\x49\xda\x2e\x21\x07\xb6"
+               "\x7a";
+    e.inLen  = strlen(e.input);
+    e.outLen = MD5_DIGEST_SIZE;
+
+    test_md5[0] = a;
+    test_md5[1] = b;
+    test_md5[2] = c;
+    test_md5[3] = d;
+    test_md5[4] = e;
+
+    wc_InitMd5(&md5);
+
+    for (i = 0; i < times; ++i) {
+        wc_Md5Update(&md5, (byte*)test_md5[i].input, (word32)test_md5[i].inLen);
+        wc_Md5Final(&md5, hash);
+
+        if (memcmp(hash, test_md5[i].output, MD5_DIGEST_SIZE) != 0)
+            return -5 - i;
+    }
+
+    return 0;
+}
+#endif /* NO_MD5 */
+
+
+#ifndef NO_MD4
+
+int md4_test(void)
+{
+    Md4  md4;
+    byte hash[MD4_DIGEST_SIZE];
+
+    testVector a, b, c, d, e, f, g;
+    testVector test_md4[7];
+    int times = sizeof(test_md4) / sizeof(testVector), i;
+
+    a.input  = "";
+    a.output = "\x31\xd6\xcf\xe0\xd1\x6a\xe9\x31\xb7\x3c\x59\xd7\xe0\xc0\x89"
+               "\xc0";
+    a.inLen  = strlen(a.input);
+    a.outLen = MD4_DIGEST_SIZE;
+
+    b.input  = "a";
+    b.output = "\xbd\xe5\x2c\xb3\x1d\xe3\x3e\x46\x24\x5e\x05\xfb\xdb\xd6\xfb"
+               "\x24";
+    b.inLen  = strlen(b.input);
+    b.outLen = MD4_DIGEST_SIZE;
+
+    c.input  = "abc";
+    c.output = "\xa4\x48\x01\x7a\xaf\x21\xd8\x52\x5f\xc1\x0a\xe8\x7a\xa6\x72"
+               "\x9d";
+    c.inLen  = strlen(c.input);
+    c.outLen = MD4_DIGEST_SIZE;
+
+    d.input  = "message digest";
+    d.output = "\xd9\x13\x0a\x81\x64\x54\x9f\xe8\x18\x87\x48\x06\xe1\xc7\x01"
+               "\x4b";
+    d.inLen  = strlen(d.input);
+    d.outLen = MD4_DIGEST_SIZE;
+
+    e.input  = "abcdefghijklmnopqrstuvwxyz";
+    e.output = "\xd7\x9e\x1c\x30\x8a\xa5\xbb\xcd\xee\xa8\xed\x63\xdf\x41\x2d"
+               "\xa9";
+    e.inLen  = strlen(e.input);
+    e.outLen = MD4_DIGEST_SIZE;
+
+    f.input  = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz012345"
+               "6789";
+    f.output = "\x04\x3f\x85\x82\xf2\x41\xdb\x35\x1c\xe6\x27\xe1\x53\xe7\xf0"
+               "\xe4";
+    f.inLen  = strlen(f.input);
+    f.outLen = MD4_DIGEST_SIZE;
+
+    g.input  = "1234567890123456789012345678901234567890123456789012345678"
+               "9012345678901234567890";
+    g.output = "\xe3\x3b\x4d\xdc\x9c\x38\xf2\x19\x9c\x3e\x7b\x16\x4f\xcc\x05"
+               "\x36";
+    g.inLen  = strlen(g.input);
+    g.outLen = MD4_DIGEST_SIZE;
+
+    test_md4[0] = a;
+    test_md4[1] = b;
+    test_md4[2] = c;
+    test_md4[3] = d;
+    test_md4[4] = e;
+    test_md4[5] = f;
+    test_md4[6] = g;
+
+    wc_InitMd4(&md4);
+
+    for (i = 0; i < times; ++i) {
+        wc_Md4Update(&md4, (byte*)test_md4[i].input, (word32)test_md4[i].inLen);
+        wc_Md4Final(&md4, hash);
+
+        if (memcmp(hash, test_md4[i].output, MD4_DIGEST_SIZE) != 0)
+            return -205 - i;
+    }
+
+    return 0;
+}
+
+#endif /* NO_MD4 */
+
+#ifndef NO_SHA
+
+int sha_test(void)
+{
+    Sha  sha;
+    byte hash[SHA_DIGEST_SIZE];
+
+    testVector a, b, c, d;
+    testVector test_sha[4];
+    int ret;
+    int times = sizeof(test_sha) / sizeof(struct testVector), i;
+
+    a.input  = "abc";
+    a.output = "\xA9\x99\x3E\x36\x47\x06\x81\x6A\xBA\x3E\x25\x71\x78\x50\xC2"
+               "\x6C\x9C\xD0\xD8\x9D";
+    a.inLen  = strlen(a.input);
+    a.outLen = SHA_DIGEST_SIZE;
+
+    b.input  = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq";
+    b.output = "\x84\x98\x3E\x44\x1C\x3B\xD2\x6E\xBA\xAE\x4A\xA1\xF9\x51\x29"
+               "\xE5\xE5\x46\x70\xF1";
+    b.inLen  = strlen(b.input);
+    b.outLen = SHA_DIGEST_SIZE;
+
+    c.input  = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
+               "aaaaaa";
+    c.output = "\x00\x98\xBA\x82\x4B\x5C\x16\x42\x7B\xD7\xA1\x12\x2A\x5A\x44"
+               "\x2A\x25\xEC\x64\x4D";
+    c.inLen  = strlen(c.input);
+    c.outLen = SHA_DIGEST_SIZE;
+
+    d.input  = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
+               "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
+               "aaaaaaaaaa";
+    d.output = "\xAD\x5B\x3F\xDB\xCB\x52\x67\x78\xC2\x83\x9D\x2F\x15\x1E\xA7"
+               "\x53\x99\x5E\x26\xA0";
+    d.inLen  = strlen(d.input);
+    d.outLen = SHA_DIGEST_SIZE;
+
+    test_sha[0] = a;
+    test_sha[1] = b;
+    test_sha[2] = c;
+    test_sha[3] = d;
+
+    ret = wc_InitSha(&sha);
+    if (ret != 0)
+        return -4001;
+
+    for (i = 0; i < times; ++i) {
+        wc_ShaUpdate(&sha, (byte*)test_sha[i].input, (word32)test_sha[i].inLen);
+        wc_ShaFinal(&sha, hash);
+
+        if (memcmp(hash, test_sha[i].output, SHA_DIGEST_SIZE) != 0)
+            return -10 - i;
+    }
+
+    return 0;
+}
+
+#endif /* NO_SHA */
+
+#ifdef WOLFSSL_RIPEMD
+int ripemd_test(void)
+{
+    RipeMd  ripemd;
+    byte hash[RIPEMD_DIGEST_SIZE];
+
+    testVector a, b, c, d;
+    testVector test_ripemd[4];
+    int times = sizeof(test_ripemd) / sizeof(struct testVector), i;
+
+    a.input  = "abc";
+    a.output = "\x8e\xb2\x08\xf7\xe0\x5d\x98\x7a\x9b\x04\x4a\x8e\x98\xc6"
+               "\xb0\x87\xf1\x5a\x0b\xfc";
+    a.inLen  = strlen(a.input);
+    a.outLen = RIPEMD_DIGEST_SIZE;
+
+    b.input  = "message digest";
+    b.output = "\x5d\x06\x89\xef\x49\xd2\xfa\xe5\x72\xb8\x81\xb1\x23\xa8"
+               "\x5f\xfa\x21\x59\x5f\x36";
+    b.inLen  = strlen(b.input);
+    b.outLen = RIPEMD_DIGEST_SIZE;
+
+    c.input  = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq";
+    c.output = "\x12\xa0\x53\x38\x4a\x9c\x0c\x88\xe4\x05\xa0\x6c\x27\xdc"
+               "\xf4\x9a\xda\x62\xeb\x2b";
+    c.inLen  = strlen(c.input);
+    c.outLen = RIPEMD_DIGEST_SIZE;
+
+    d.input  = "12345678901234567890123456789012345678901234567890123456"
+               "789012345678901234567890";
+    d.output = "\x9b\x75\x2e\x45\x57\x3d\x4b\x39\xf4\xdb\xd3\x32\x3c\xab"
+               "\x82\xbf\x63\x32\x6b\xfb";
+    d.inLen  = strlen(d.input);
+    d.outLen = RIPEMD_DIGEST_SIZE;
+
+    test_ripemd[0] = a;
+    test_ripemd[1] = b;
+    test_ripemd[2] = c;
+    test_ripemd[3] = d;
+
+    wc_InitRipeMd(&ripemd);
+
+    for (i = 0; i < times; ++i) {
+        wc_RipeMdUpdate(&ripemd, (byte*)test_ripemd[i].input,
+                     (word32)test_ripemd[i].inLen);
+        wc_RipeMdFinal(&ripemd, hash);
+
+        if (memcmp(hash, test_ripemd[i].output, RIPEMD_DIGEST_SIZE) != 0)
+            return -10 - i;
+    }
+
+    return 0;
+}
+#endif /* WOLFSSL_RIPEMD */
+
+
+#ifdef HAVE_BLAKE2
+
+
+#define BLAKE2_TESTS 3
+
+static const byte blake2b_vec[BLAKE2_TESTS][BLAKE2B_OUTBYTES] =
+{
+  {
+    0x78, 0x6A, 0x02, 0xF7, 0x42, 0x01, 0x59, 0x03,
+    0xC6, 0xC6, 0xFD, 0x85, 0x25, 0x52, 0xD2, 0x72,
+    0x91, 0x2F, 0x47, 0x40, 0xE1, 0x58, 0x47, 0x61,
+    0x8A, 0x86, 0xE2, 0x17, 0xF7, 0x1F, 0x54, 0x19,
+    0xD2, 0x5E, 0x10, 0x31, 0xAF, 0xEE, 0x58, 0x53,
+    0x13, 0x89, 0x64, 0x44, 0x93, 0x4E, 0xB0, 0x4B,
+    0x90, 0x3A, 0x68, 0x5B, 0x14, 0x48, 0xB7, 0x55,
+    0xD5, 0x6F, 0x70, 0x1A, 0xFE, 0x9B, 0xE2, 0xCE
+  },
+  {
+    0x2F, 0xA3, 0xF6, 0x86, 0xDF, 0x87, 0x69, 0x95,
+    0x16, 0x7E, 0x7C, 0x2E, 0x5D, 0x74, 0xC4, 0xC7,
+    0xB6, 0xE4, 0x8F, 0x80, 0x68, 0xFE, 0x0E, 0x44,
+    0x20, 0x83, 0x44, 0xD4, 0x80, 0xF7, 0x90, 0x4C,
+    0x36, 0x96, 0x3E, 0x44, 0x11, 0x5F, 0xE3, 0xEB,
+    0x2A, 0x3A, 0xC8, 0x69, 0x4C, 0x28, 0xBC, 0xB4,
+    0xF5, 0xA0, 0xF3, 0x27, 0x6F, 0x2E, 0x79, 0x48,
+    0x7D, 0x82, 0x19, 0x05, 0x7A, 0x50, 0x6E, 0x4B
+  },
+  {
+    0x1C, 0x08, 0x79, 0x8D, 0xC6, 0x41, 0xAB, 0xA9,
+    0xDE, 0xE4, 0x35, 0xE2, 0x25, 0x19, 0xA4, 0x72,
+    0x9A, 0x09, 0xB2, 0xBF, 0xE0, 0xFF, 0x00, 0xEF,
+    0x2D, 0xCD, 0x8E, 0xD6, 0xF8, 0xA0, 0x7D, 0x15,
+    0xEA, 0xF4, 0xAE, 0xE5, 0x2B, 0xBF, 0x18, 0xAB,
+    0x56, 0x08, 0xA6, 0x19, 0x0F, 0x70, 0xB9, 0x04,
+    0x86, 0xC8, 0xA7, 0xD4, 0x87, 0x37, 0x10, 0xB1,
+    0x11, 0x5D, 0x3D, 0xEB, 0xBB, 0x43, 0x27, 0xB5
+  }
+};
+
+
+
+int blake2b_test(void)
+{
+    Blake2b b2b;
+    byte    digest[64];
+    byte    input[64];
+    int     i, ret;
+
+    for (i = 0; i < (int)sizeof(input); i++)
+        input[i] = (byte)i;
+
+    for (i = 0; i < BLAKE2_TESTS; i++) {
+        ret = wc_InitBlake2b(&b2b, 64);
+        if (ret != 0)
+            return -4002;
+
+        ret = wc_Blake2bUpdate(&b2b, input, i);
+        if (ret != 0)
+            return -4003;
+
+        ret = wc_Blake2bFinal(&b2b, digest, 64);
+        if (ret != 0)
+            return -4004;
+
+        if (memcmp(digest, blake2b_vec[i], 64) != 0) {
+            return -300 - i;
+        }
+    }
+
+    return 0;
+}
+#endif /* HAVE_BLAKE2 */
+
+
+#ifndef NO_SHA256
+int sha256_test(void)
+{
+    Sha256 sha;
+    byte   hash[SHA256_DIGEST_SIZE];
+
+    testVector a, b;
+    testVector test_sha[2];
+    int ret;
+    int times = sizeof(test_sha) / sizeof(struct testVector), i;
+
+    a.input  = "abc";
+    a.output = "\xBA\x78\x16\xBF\x8F\x01\xCF\xEA\x41\x41\x40\xDE\x5D\xAE\x22"
+               "\x23\xB0\x03\x61\xA3\x96\x17\x7A\x9C\xB4\x10\xFF\x61\xF2\x00"
+               "\x15\xAD";
+    a.inLen  = strlen(a.input);
+    a.outLen = SHA256_DIGEST_SIZE;
+
+    b.input  = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq";
+    b.output = "\x24\x8D\x6A\x61\xD2\x06\x38\xB8\xE5\xC0\x26\x93\x0C\x3E\x60"
+               "\x39\xA3\x3C\xE4\x59\x64\xFF\x21\x67\xF6\xEC\xED\xD4\x19\xDB"
+               "\x06\xC1";
+    b.inLen  = strlen(b.input);
+    b.outLen = SHA256_DIGEST_SIZE;
+
+    test_sha[0] = a;
+    test_sha[1] = b;
+
+    ret = wc_InitSha256(&sha);
+    if (ret != 0)
+        return -4005;
+
+    for (i = 0; i < times; ++i) {
+        ret = wc_Sha256Update(&sha, (byte*)test_sha[i].input,(word32)test_sha[i].inLen);
+        if (ret != 0)
+            return -4006;
+        ret = wc_Sha256Final(&sha, hash);
+        if (ret != 0)
+            return -4007;
+
+        if (memcmp(hash, test_sha[i].output, SHA256_DIGEST_SIZE) != 0)
+            return -10 - i;
+    }
+
+    return 0;
+}
+#endif
+
+
+#ifdef WOLFSSL_SHA512
+int sha512_test(void)
+{
+    Sha512 sha;
+    byte   hash[SHA512_DIGEST_SIZE];
+    int    ret;
+
+    testVector a, b;
+    testVector test_sha[2];
+    int times = sizeof(test_sha) / sizeof(struct testVector), i;
+
+    a.input  = "abc";
+    a.output = "\xdd\xaf\x35\xa1\x93\x61\x7a\xba\xcc\x41\x73\x49\xae\x20\x41"
+               "\x31\x12\xe6\xfa\x4e\x89\xa9\x7e\xa2\x0a\x9e\xee\xe6\x4b\x55"
+               "\xd3\x9a\x21\x92\x99\x2a\x27\x4f\xc1\xa8\x36\xba\x3c\x23\xa3"
+               "\xfe\xeb\xbd\x45\x4d\x44\x23\x64\x3c\xe8\x0e\x2a\x9a\xc9\x4f"
+               "\xa5\x4c\xa4\x9f";
+    a.inLen  = strlen(a.input);
+    a.outLen = SHA512_DIGEST_SIZE;
+
+    b.input  = "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhi"
+               "jklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu";
+    b.output = "\x8e\x95\x9b\x75\xda\xe3\x13\xda\x8c\xf4\xf7\x28\x14\xfc\x14"
+               "\x3f\x8f\x77\x79\xc6\xeb\x9f\x7f\xa1\x72\x99\xae\xad\xb6\x88"
+               "\x90\x18\x50\x1d\x28\x9e\x49\x00\xf7\xe4\x33\x1b\x99\xde\xc4"
+               "\xb5\x43\x3a\xc7\xd3\x29\xee\xb6\xdd\x26\x54\x5e\x96\xe5\x5b"
+               "\x87\x4b\xe9\x09";
+    b.inLen  = strlen(b.input);
+    b.outLen = SHA512_DIGEST_SIZE;
+
+    test_sha[0] = a;
+    test_sha[1] = b;
+
+    ret = wc_InitSha512(&sha);
+    if (ret != 0)
+        return -4009;
+
+    for (i = 0; i < times; ++i) {
+        ret = wc_Sha512Update(&sha, (byte*)test_sha[i].input,(word32)test_sha[i].inLen);
+        if (ret != 0)
+            return -4010;
+
+        ret = wc_Sha512Final(&sha, hash);
+        if (ret != 0)
+            return -4011;
+
+        if (memcmp(hash, test_sha[i].output, SHA512_DIGEST_SIZE) != 0)
+            return -10 - i;
+    }
+
+    return 0;
+}
+#endif
+
+
+#ifdef WOLFSSL_SHA384
+int sha384_test(void)
+{
+    Sha384 sha;
+    byte   hash[SHA384_DIGEST_SIZE];
+    int    ret;
+
+    testVector a, b;
+    testVector test_sha[2];
+    int times = sizeof(test_sha) / sizeof(struct testVector), i;
+
+    a.input  = "abc";
+    a.output = "\xcb\x00\x75\x3f\x45\xa3\x5e\x8b\xb5\xa0\x3d\x69\x9a\xc6\x50"
+               "\x07\x27\x2c\x32\xab\x0e\xde\xd1\x63\x1a\x8b\x60\x5a\x43\xff"
+               "\x5b\xed\x80\x86\x07\x2b\xa1\xe7\xcc\x23\x58\xba\xec\xa1\x34"
+               "\xc8\x25\xa7";
+    a.inLen  = strlen(a.input);
+    a.outLen = SHA384_DIGEST_SIZE;
+
+    b.input  = "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhi"
+               "jklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu";
+    b.output = "\x09\x33\x0c\x33\xf7\x11\x47\xe8\x3d\x19\x2f\xc7\x82\xcd\x1b"
+               "\x47\x53\x11\x1b\x17\x3b\x3b\x05\xd2\x2f\xa0\x80\x86\xe3\xb0"
+               "\xf7\x12\xfc\xc7\xc7\x1a\x55\x7e\x2d\xb9\x66\xc3\xe9\xfa\x91"
+               "\x74\x60\x39";
+    b.inLen  = strlen(b.input);
+    b.outLen = SHA384_DIGEST_SIZE;
+
+    test_sha[0] = a;
+    test_sha[1] = b;
+
+    ret = wc_InitSha384(&sha);
+    if (ret != 0)
+        return -4012;
+
+    for (i = 0; i < times; ++i) {
+        ret = wc_Sha384Update(&sha, (byte*)test_sha[i].input,(word32)test_sha[i].inLen);
+        if (ret != 0)
+            return -4013;
+
+        ret = wc_Sha384Final(&sha, hash);
+        if (ret != 0)
+            return -4014;
+
+        if (memcmp(hash, test_sha[i].output, SHA384_DIGEST_SIZE) != 0)
+            return -10 - i;
+    }
+
+    return 0;
+}
+#endif /* WOLFSSL_SHA384 */
+
+
+#if !defined(NO_HMAC) && !defined(NO_MD5)
+int hmac_md5_test(void)
+{
+    Hmac hmac;
+    byte hash[MD5_DIGEST_SIZE];
+
+    const char* keys[]=
+    {
+        "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b",
+        "Jefe",
+        "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
+    };
+
+    testVector a, b, c;
+    testVector test_hmac[3];
+
+    int ret;
+    int times = sizeof(test_hmac) / sizeof(testVector), i;
+
+    a.input  = "Hi There";
+    a.output = "\x92\x94\x72\x7a\x36\x38\xbb\x1c\x13\xf4\x8e\xf8\x15\x8b\xfc"
+               "\x9d";
+    a.inLen  = strlen(a.input);
+    a.outLen = MD5_DIGEST_SIZE;
+
+    b.input  = "what do ya want for nothing?";
+    b.output = "\x75\x0c\x78\x3e\x6a\xb0\xb5\x03\xea\xa8\x6e\x31\x0a\x5d\xb7"
+               "\x38";
+    b.inLen  = strlen(b.input);
+    b.outLen = MD5_DIGEST_SIZE;
+
+    c.input  = "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
+               "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
+               "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
+               "\xDD\xDD\xDD\xDD\xDD\xDD";
+    c.output = "\x56\xbe\x34\x52\x1d\x14\x4c\x88\xdb\xb8\xc7\x33\xf0\xe8\xb3"
+               "\xf6";
+    c.inLen  = strlen(c.input);
+    c.outLen = MD5_DIGEST_SIZE;
+
+    test_hmac[0] = a;
+    test_hmac[1] = b;
+    test_hmac[2] = c;
+
+    for (i = 0; i < times; ++i) {
+#if defined(HAVE_FIPS) || defined(HAVE_CAVIUM)
+        if (i == 1)
+            continue; /* cavium can't handle short keys, fips not allowed */
+#endif
+#ifdef HAVE_CAVIUM
+        if (wc_HmacInitCavium(&hmac, CAVIUM_DEV_ID) != 0)
+            return -20009;
+#endif
+        ret = wc_HmacSetKey(&hmac, MD5, (byte*)keys[i], (word32)strlen(keys[i]));
+        if (ret != 0)
+            return -4015;
+        ret = wc_HmacUpdate(&hmac, (byte*)test_hmac[i].input,
+                   (word32)test_hmac[i].inLen);
+        if (ret != 0)
+            return -4016;
+        ret = wc_HmacFinal(&hmac, hash);
+        if (ret != 0)
+            return -4017;
+
+        if (memcmp(hash, test_hmac[i].output, MD5_DIGEST_SIZE) != 0)
+            return -20 - i;
+#ifdef HAVE_CAVIUM
+        wc_HmacFreeCavium(&hmac);
+#endif
+    }
+
+    return 0;
+}
+#endif /* NO_HMAC && NO_MD5 */
+
+#if !defined(NO_HMAC) && !defined(NO_SHA)
+int hmac_sha_test(void)
+{
+    Hmac hmac;
+    byte hash[SHA_DIGEST_SIZE];
+
+    const char* keys[]=
+    {
+        "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b"
+                                                                "\x0b\x0b\x0b",
+        "Jefe",
+        "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
+                                                                "\xAA\xAA\xAA"
+    };
+
+    testVector a, b, c;
+    testVector test_hmac[3];
+
+    int ret;
+    int times = sizeof(test_hmac) / sizeof(testVector), i;
+
+    a.input  = "Hi There";
+    a.output = "\xb6\x17\x31\x86\x55\x05\x72\x64\xe2\x8b\xc0\xb6\xfb\x37\x8c"
+               "\x8e\xf1\x46\xbe\x00";
+    a.inLen  = strlen(a.input);
+    a.outLen = SHA_DIGEST_SIZE;
+
+    b.input  = "what do ya want for nothing?";
+    b.output = "\xef\xfc\xdf\x6a\xe5\xeb\x2f\xa2\xd2\x74\x16\xd5\xf1\x84\xdf"
+               "\x9c\x25\x9a\x7c\x79";
+    b.inLen  = strlen(b.input);
+    b.outLen = SHA_DIGEST_SIZE;
+
+    c.input  = "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
+               "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
+               "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
+               "\xDD\xDD\xDD\xDD\xDD\xDD";
+    c.output = "\x12\x5d\x73\x42\xb9\xac\x11\xcd\x91\xa3\x9a\xf4\x8a\xa1\x7b"
+               "\x4f\x63\xf1\x75\xd3";
+    c.inLen  = strlen(c.input);
+    c.outLen = SHA_DIGEST_SIZE;
+
+    test_hmac[0] = a;
+    test_hmac[1] = b;
+    test_hmac[2] = c;
+
+    for (i = 0; i < times; ++i) {
+#if defined(HAVE_FIPS) || defined(HAVE_CAVIUM)
+        if (i == 1)
+            continue; /* cavium can't handle short keys, fips not allowed */
+#endif
+#ifdef HAVE_CAVIUM
+        if (wc_HmacInitCavium(&hmac, CAVIUM_DEV_ID) != 0)
+            return -20010;
+#endif
+        ret = wc_HmacSetKey(&hmac, SHA, (byte*)keys[i], (word32)strlen(keys[i]));
+        if (ret != 0)
+            return -4018;
+        ret = wc_HmacUpdate(&hmac, (byte*)test_hmac[i].input,
+                   (word32)test_hmac[i].inLen);
+        if (ret != 0)
+            return -4019;
+        ret = wc_HmacFinal(&hmac, hash);
+        if (ret != 0)
+            return -4020;
+
+        if (memcmp(hash, test_hmac[i].output, SHA_DIGEST_SIZE) != 0)
+            return -20 - i;
+#ifdef HAVE_CAVIUM
+        wc_HmacFreeCavium(&hmac);
+#endif
+    }
+
+    return 0;
+}
+#endif
+
+
+#if !defined(NO_HMAC) && !defined(NO_SHA256)
+int hmac_sha256_test(void)
+{
+    Hmac hmac;
+    byte hash[SHA256_DIGEST_SIZE];
+
+    const char* keys[]=
+    {
+        "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b"
+                                                                "\x0b\x0b\x0b",
+        "Jefe",
+        "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
+                                                                "\xAA\xAA\xAA"
+    };
+
+    testVector a, b, c;
+    testVector test_hmac[3];
+
+    int ret;
+    int times = sizeof(test_hmac) / sizeof(testVector), i;
+
+    a.input  = "Hi There";
+    a.output = "\xb0\x34\x4c\x61\xd8\xdb\x38\x53\x5c\xa8\xaf\xce\xaf\x0b\xf1"
+               "\x2b\x88\x1d\xc2\x00\xc9\x83\x3d\xa7\x26\xe9\x37\x6c\x2e\x32"
+               "\xcf\xf7";
+    a.inLen  = strlen(a.input);
+    a.outLen = SHA256_DIGEST_SIZE;
+
+    b.input  = "what do ya want for nothing?";
+    b.output = "\x5b\xdc\xc1\x46\xbf\x60\x75\x4e\x6a\x04\x24\x26\x08\x95\x75"
+               "\xc7\x5a\x00\x3f\x08\x9d\x27\x39\x83\x9d\xec\x58\xb9\x64\xec"
+               "\x38\x43";
+    b.inLen  = strlen(b.input);
+    b.outLen = SHA256_DIGEST_SIZE;
+
+    c.input  = "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
+               "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
+               "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
+               "\xDD\xDD\xDD\xDD\xDD\xDD";
+    c.output = "\x77\x3e\xa9\x1e\x36\x80\x0e\x46\x85\x4d\xb8\xeb\xd0\x91\x81"
+               "\xa7\x29\x59\x09\x8b\x3e\xf8\xc1\x22\xd9\x63\x55\x14\xce\xd5"
+               "\x65\xfe";
+    c.inLen  = strlen(c.input);
+    c.outLen = SHA256_DIGEST_SIZE;
+
+    test_hmac[0] = a;
+    test_hmac[1] = b;
+    test_hmac[2] = c;
+
+    for (i = 0; i < times; ++i) {
+#if defined(HAVE_FIPS) || defined(HAVE_CAVIUM)
+        if (i == 1)
+            continue; /* cavium can't handle short keys, fips not allowed */
+#endif
+#ifdef HAVE_CAVIUM
+        if (wc_HmacInitCavium(&hmac, CAVIUM_DEV_ID) != 0)
+            return -20011;
+#endif
+        ret = wc_HmacSetKey(&hmac, SHA256, (byte*)keys[i],(word32)strlen(keys[i]));
+        if (ret != 0)
+            return -4021;
+        ret = wc_HmacUpdate(&hmac, (byte*)test_hmac[i].input,
+                   (word32)test_hmac[i].inLen);
+        if (ret != 0)
+            return -4022;
+        ret = wc_HmacFinal(&hmac, hash);
+        if (ret != 0)
+            return -4023;
+
+        if (memcmp(hash, test_hmac[i].output, SHA256_DIGEST_SIZE) != 0)
+            return -20 - i;
+#ifdef HAVE_CAVIUM
+        wc_HmacFreeCavium(&hmac);
+#endif
+    }
+
+    return 0;
+}
+#endif
+
+
+#if !defined(NO_HMAC) && defined(HAVE_BLAKE2)
+int hmac_blake2b_test(void)
+{
+    Hmac hmac;
+    byte hash[BLAKE2B_256];
+
+    const char* keys[]=
+    {
+        "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b"
+                                                                "\x0b\x0b\x0b",
+        "Jefe",
+        "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
+                                                                "\xAA\xAA\xAA"
+    };
+
+    testVector a, b, c;
+    testVector test_hmac[3];
+
+    int ret;
+    int times = sizeof(test_hmac) / sizeof(testVector), i;
+
+    a.input  = "Hi There";
+    a.output = "\x72\x93\x0d\xdd\xf5\xf7\xe1\x78\x38\x07\x44\x18\x0b\x3f\x51"
+               "\x37\x25\xb5\x82\xc2\x08\x83\x2f\x1c\x99\xfd\x03\xa0\x16\x75"
+               "\xac\xfd";
+    a.inLen  = strlen(a.input);
+    a.outLen = BLAKE2B_256;
+
+    b.input  = "what do ya want for nothing?";
+    b.output = "\x3d\x20\x50\x71\x05\xc0\x8c\x0c\x38\x44\x1e\xf7\xf9\xd1\x67"
+               "\x21\xff\x64\xf5\x94\x00\xcf\xf9\x75\x41\xda\x88\x61\x9d\x7c"
+               "\xda\x2b";
+    b.inLen  = strlen(b.input);
+    b.outLen = BLAKE2B_256;
+
+    c.input  = "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
+               "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
+               "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
+               "\xDD\xDD\xDD\xDD\xDD\xDD";
+    c.output = "\xda\xfe\x2a\x24\xfc\xe7\xea\x36\x34\xbe\x41\x92\xc7\x11\xa7"
+               "\x00\xae\x53\x9c\x11\x9c\x80\x74\x55\x22\x25\x4a\xb9\x55\xd3"
+               "\x0f\x87";
+    c.inLen  = strlen(c.input);
+    c.outLen = BLAKE2B_256;
+
+    test_hmac[0] = a;
+    test_hmac[1] = b;
+    test_hmac[2] = c;
+
+    for (i = 0; i < times; ++i) {
+#if defined(HAVE_FIPS) || defined(HAVE_CAVIUM)
+        if (i == 1)
+            continue; /* cavium can't handle short keys, fips not allowed */
+#endif
+#ifdef HAVE_CAVIUM
+        if (wc_HmacInitCavium(&hmac, CAVIUM_DEV_ID) != 0)
+            return -20011;
+#endif
+        ret = wc_HmacSetKey(&hmac, BLAKE2B_ID, (byte*)keys[i],
+                         (word32)strlen(keys[i]));
+        if (ret != 0)
+            return -4024;
+        ret = wc_HmacUpdate(&hmac, (byte*)test_hmac[i].input,
+                   (word32)test_hmac[i].inLen);
+        if (ret != 0)
+            return -4025;
+        ret = wc_HmacFinal(&hmac, hash);
+        if (ret != 0)
+            return -4026;
+
+        if (memcmp(hash, test_hmac[i].output, BLAKE2B_256) != 0)
+            return -20 - i;
+#ifdef HAVE_CAVIUM
+        wc_HmacFreeCavium(&hmac);
+#endif
+    }
+
+    return 0;
+}
+#endif
+
+
+#if !defined(NO_HMAC) && defined(WOLFSSL_SHA384)
+int hmac_sha384_test(void)
+{
+    Hmac hmac;
+    byte hash[SHA384_DIGEST_SIZE];
+
+    const char* keys[]=
+    {
+        "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b"
+                                                                "\x0b\x0b\x0b",
+        "Jefe",
+        "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
+                                                                "\xAA\xAA\xAA"
+    };
+
+    testVector a, b, c;
+    testVector test_hmac[3];
+
+    int ret;
+    int times = sizeof(test_hmac) / sizeof(testVector), i;
+
+    a.input  = "Hi There";
+    a.output = "\xaf\xd0\x39\x44\xd8\x48\x95\x62\x6b\x08\x25\xf4\xab\x46\x90"
+               "\x7f\x15\xf9\xda\xdb\xe4\x10\x1e\xc6\x82\xaa\x03\x4c\x7c\xeb"
+               "\xc5\x9c\xfa\xea\x9e\xa9\x07\x6e\xde\x7f\x4a\xf1\x52\xe8\xb2"
+               "\xfa\x9c\xb6";
+    a.inLen  = strlen(a.input);
+    a.outLen = SHA384_DIGEST_SIZE;
+
+    b.input  = "what do ya want for nothing?";
+    b.output = "\xaf\x45\xd2\xe3\x76\x48\x40\x31\x61\x7f\x78\xd2\xb5\x8a\x6b"
+               "\x1b\x9c\x7e\xf4\x64\xf5\xa0\x1b\x47\xe4\x2e\xc3\x73\x63\x22"
+               "\x44\x5e\x8e\x22\x40\xca\x5e\x69\xe2\xc7\x8b\x32\x39\xec\xfa"
+               "\xb2\x16\x49";
+    b.inLen  = strlen(b.input);
+    b.outLen = SHA384_DIGEST_SIZE;
+
+    c.input  = "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
+               "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
+               "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
+               "\xDD\xDD\xDD\xDD\xDD\xDD";
+    c.output = "\x88\x06\x26\x08\xd3\xe6\xad\x8a\x0a\xa2\xac\xe0\x14\xc8\xa8"
+               "\x6f\x0a\xa6\x35\xd9\x47\xac\x9f\xeb\xe8\x3e\xf4\xe5\x59\x66"
+               "\x14\x4b\x2a\x5a\xb3\x9d\xc1\x38\x14\xb9\x4e\x3a\xb6\xe1\x01"
+               "\xa3\x4f\x27";
+    c.inLen  = strlen(c.input);
+    c.outLen = SHA384_DIGEST_SIZE;
+
+    test_hmac[0] = a;
+    test_hmac[1] = b;
+    test_hmac[2] = c;
+
+    for (i = 0; i < times; ++i) {
+#if defined(HAVE_FIPS)
+        if (i == 1)
+            continue; /* fips not allowed */
+#endif
+        ret = wc_HmacSetKey(&hmac, SHA384, (byte*)keys[i],(word32)strlen(keys[i]));
+        if (ret != 0)
+            return -4027;
+        ret = wc_HmacUpdate(&hmac, (byte*)test_hmac[i].input,
+                   (word32)test_hmac[i].inLen);
+        if (ret != 0)
+            return -4028;
+        ret = wc_HmacFinal(&hmac, hash);
+        if (ret != 0)
+            return -4029;
+
+        if (memcmp(hash, test_hmac[i].output, SHA384_DIGEST_SIZE) != 0)
+            return -20 - i;
+    }
+
+    return 0;
+}
+#endif
+
+
+#if !defined(NO_HMAC) && defined(WOLFSSL_SHA512)
+int hmac_sha512_test(void)
+{
+    Hmac hmac;
+    byte hash[SHA512_DIGEST_SIZE];
+
+    const char* keys[]=
+    {
+        "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b"
+                                                                "\x0b\x0b\x0b",
+        "Jefe",
+        "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
+                                                                "\xAA\xAA\xAA"
+    };
+
+    testVector a, b, c;
+    testVector test_hmac[3];
+
+    int ret;
+    int times = sizeof(test_hmac) / sizeof(testVector), i;
+
+    a.input  = "Hi There";
+    a.output = "\x87\xaa\x7c\xde\xa5\xef\x61\x9d\x4f\xf0\xb4\x24\x1a\x1d\x6c"
+               "\xb0\x23\x79\xf4\xe2\xce\x4e\xc2\x78\x7a\xd0\xb3\x05\x45\xe1"
+               "\x7c\xde\xda\xa8\x33\xb7\xd6\xb8\xa7\x02\x03\x8b\x27\x4e\xae"
+               "\xa3\xf4\xe4\xbe\x9d\x91\x4e\xeb\x61\xf1\x70\x2e\x69\x6c\x20"
+               "\x3a\x12\x68\x54";
+    a.inLen  = strlen(a.input);
+    a.outLen = SHA512_DIGEST_SIZE;
+
+    b.input  = "what do ya want for nothing?";
+    b.output = "\x16\x4b\x7a\x7b\xfc\xf8\x19\xe2\xe3\x95\xfb\xe7\x3b\x56\xe0"
+               "\xa3\x87\xbd\x64\x22\x2e\x83\x1f\xd6\x10\x27\x0c\xd7\xea\x25"
+               "\x05\x54\x97\x58\xbf\x75\xc0\x5a\x99\x4a\x6d\x03\x4f\x65\xf8"
+               "\xf0\xe6\xfd\xca\xea\xb1\xa3\x4d\x4a\x6b\x4b\x63\x6e\x07\x0a"
+               "\x38\xbc\xe7\x37";
+    b.inLen  = strlen(b.input);
+    b.outLen = SHA512_DIGEST_SIZE;
+
+    c.input  = "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
+               "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
+               "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
+               "\xDD\xDD\xDD\xDD\xDD\xDD";
+    c.output = "\xfa\x73\xb0\x08\x9d\x56\xa2\x84\xef\xb0\xf0\x75\x6c\x89\x0b"
+               "\xe9\xb1\xb5\xdb\xdd\x8e\xe8\x1a\x36\x55\xf8\x3e\x33\xb2\x27"
+               "\x9d\x39\xbf\x3e\x84\x82\x79\xa7\x22\xc8\x06\xb4\x85\xa4\x7e"
+               "\x67\xc8\x07\xb9\x46\xa3\x37\xbe\xe8\x94\x26\x74\x27\x88\x59"
+               "\xe1\x32\x92\xfb";
+    c.inLen  = strlen(c.input);
+    c.outLen = SHA512_DIGEST_SIZE;
+
+    test_hmac[0] = a;
+    test_hmac[1] = b;
+    test_hmac[2] = c;
+
+    for (i = 0; i < times; ++i) {
+#if defined(HAVE_FIPS)
+        if (i == 1)
+            continue; /* fips not allowed */
+#endif
+        ret = wc_HmacSetKey(&hmac, SHA512, (byte*)keys[i],(word32)strlen(keys[i]));
+        if (ret != 0)
+            return -4030;
+        ret = wc_HmacUpdate(&hmac, (byte*)test_hmac[i].input,
+                   (word32)test_hmac[i].inLen);
+        if (ret != 0)
+            return -4031;
+        ret = wc_HmacFinal(&hmac, hash);
+        if (ret != 0)
+            return -4032;
+
+        if (memcmp(hash, test_hmac[i].output, SHA512_DIGEST_SIZE) != 0)
+            return -20 - i;
+    }
+
+    return 0;
+}
+#endif
+
+
+#ifndef NO_RC4
+int arc4_test(void)
+{
+    byte cipher[16];
+    byte plain[16];
+
+    const char* keys[] =
+    {
+        "\x01\x23\x45\x67\x89\xab\xcd\xef",
+        "\x01\x23\x45\x67\x89\xab\xcd\xef",
+        "\x00\x00\x00\x00\x00\x00\x00\x00",
+        "\xef\x01\x23\x45"
+    };
+
+    testVector a, b, c, d;
+    testVector test_arc4[4];
+
+    int times = sizeof(test_arc4) / sizeof(testVector), i;
+
+    a.input  = "\x01\x23\x45\x67\x89\xab\xcd\xef";
+    a.output = "\x75\xb7\x87\x80\x99\xe0\xc5\x96";
+    a.inLen  = 8;
+    a.outLen = 8;
+
+    b.input  = "\x00\x00\x00\x00\x00\x00\x00\x00";
+    b.output = "\x74\x94\xc2\xe7\x10\x4b\x08\x79";
+    b.inLen  = 8;
+    b.outLen = 8;
+
+    c.input  = "\x00\x00\x00\x00\x00\x00\x00\x00";
+    c.output = "\xde\x18\x89\x41\xa3\x37\x5d\x3a";
+    c.inLen  = 8;
+    c.outLen = 8;
+
+    d.input  = "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00";
+    d.output = "\xd6\xa1\x41\xa7\xec\x3c\x38\xdf\xbd\x61";
+    d.inLen  = 10;
+    d.outLen = 10;
+
+    test_arc4[0] = a;
+    test_arc4[1] = b;
+    test_arc4[2] = c;
+    test_arc4[3] = d;
+
+    for (i = 0; i < times; ++i) {
+        Arc4 enc;
+        Arc4 dec;
+        int  keylen = 8;  /* strlen with key 0x00 not good */
+        if (i == 3)
+            keylen = 4;
+
+#ifdef HAVE_CAVIUM
+        if (wc_Arc4InitCavium(&enc, CAVIUM_DEV_ID) != 0)
+            return -20001;
+        if (wc_Arc4InitCavium(&dec, CAVIUM_DEV_ID) != 0)
+            return -20002;
+#endif
+
+        wc_Arc4SetKey(&enc, (byte*)keys[i], keylen);
+        wc_Arc4SetKey(&dec, (byte*)keys[i], keylen);
+
+        wc_Arc4Process(&enc, cipher, (byte*)test_arc4[i].input,
+                    (word32)test_arc4[i].outLen);
+        wc_Arc4Process(&dec, plain,  cipher, (word32)test_arc4[i].outLen);
+
+        if (memcmp(plain, test_arc4[i].input, test_arc4[i].outLen))
+            return -20 - i;
+
+        if (memcmp(cipher, test_arc4[i].output, test_arc4[i].outLen))
+            return -20 - 5 - i;
+
+#ifdef HAVE_CAVIUM
+        wc_Arc4FreeCavium(&enc);
+        wc_Arc4FreeCavium(&dec);
+#endif
+    }
+
+    return 0;
+}
+#endif
+
+
+int hc128_test(void)
+{
+#ifdef HAVE_HC128
+    byte cipher[16];
+    byte plain[16];
+
+    const char* keys[] =
+    {
+        "\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
+        "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
+        "\x00\x53\xA6\xF9\x4C\x9F\xF2\x45\x98\xEB\x3E\x91\xE4\x37\x8A\xDD",
+        "\x0F\x62\xB5\x08\x5B\xAE\x01\x54\xA7\xFA\x4D\xA0\xF3\x46\x99\xEC"
+    };
+
+    const char* ivs[] =
+    {
+        "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
+        "\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
+        "\x0D\x74\xDB\x42\xA9\x10\x77\xDE\x45\xAC\x13\x7A\xE1\x48\xAF\x16",
+        "\x28\x8F\xF6\x5D\xC4\x2B\x92\xF9\x60\xC7\x2E\x95\xFC\x63\xCA\x31"
+    };
+
+
+    testVector a, b, c, d;
+    testVector test_hc128[4];
+
+    int times = sizeof(test_hc128) / sizeof(testVector), i;
+
+    a.input  = "\x00\x00\x00\x00\x00\x00\x00\x00";
+    a.output = "\x37\x86\x02\xB9\x8F\x32\xA7\x48";
+    a.inLen  = 8;
+    a.outLen = 8;
+
+    b.input  = "\x00\x00\x00\x00\x00\x00\x00\x00";
+    b.output = "\x33\x7F\x86\x11\xC6\xED\x61\x5F";
+    b.inLen  = 8;
+    b.outLen = 8;
+
+    c.input  = "\x00\x00\x00\x00\x00\x00\x00\x00";
+    c.output = "\x2E\x1E\xD1\x2A\x85\x51\xC0\x5A";
+    c.inLen  = 8;
+    c.outLen = 8;
+
+    d.input  = "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00";
+    d.output = "\x1C\xD8\xAE\xDD\xFE\x52\xE2\x17\xE8\x35\xD0\xB7\xE8\x4E\x29";
+    d.inLen  = 15;
+    d.outLen = 15;
+
+    test_hc128[0] = a;
+    test_hc128[1] = b;
+    test_hc128[2] = c;
+    test_hc128[3] = d;
+
+    for (i = 0; i < times; ++i) {
+        HC128 enc;
+        HC128 dec;
+
+        /* align keys/ivs in plain/cipher buffers */
+        memcpy(plain,  keys[i], 16);
+        memcpy(cipher, ivs[i],  16);
+
+        wc_Hc128_SetKey(&enc, plain, cipher);
+        wc_Hc128_SetKey(&dec, plain, cipher);
+
+        /* align input */
+        memcpy(plain, test_hc128[i].input, test_hc128[i].outLen);
+        wc_Hc128_Process(&enc, cipher, plain,  (word32)test_hc128[i].outLen);
+        wc_Hc128_Process(&dec, plain,  cipher, (word32)test_hc128[i].outLen);
+
+        if (memcmp(plain, test_hc128[i].input, test_hc128[i].outLen))
+            return -120 - i;
+
+        if (memcmp(cipher, test_hc128[i].output, test_hc128[i].outLen))
+            return -120 - 5 - i;
+    }
+
+#endif /* HAVE_HC128 */
+    return 0;
+}
+
+
+#ifndef NO_RABBIT
+int rabbit_test(void)
+{
+    byte cipher[16];
+    byte plain[16];
+
+    const char* keys[] =
+    {
+        "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
+        "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
+        "\xAC\xC3\x51\xDC\xF1\x62\xFC\x3B\xFE\x36\x3D\x2E\x29\x13\x28\x91"
+    };
+
+    const char* ivs[] =
+    {
+        "\x00\x00\x00\x00\x00\x00\x00\x00",
+        "\x59\x7E\x26\xC1\x75\xF5\x73\xC3",
+        0
+    };
+
+    testVector a, b, c;
+    testVector test_rabbit[3];
+
+    int times = sizeof(test_rabbit) / sizeof(testVector), i;
+
+    a.input  = "\x00\x00\x00\x00\x00\x00\x00\x00";
+    a.output = "\xED\xB7\x05\x67\x37\x5D\xCD\x7C";
+    a.inLen  = 8;
+    a.outLen = 8;
+
+    b.input  = "\x00\x00\x00\x00\x00\x00\x00\x00";
+    b.output = "\x6D\x7D\x01\x22\x92\xCC\xDC\xE0";
+    b.inLen  = 8;
+    b.outLen = 8;
+
+    c.input  = "\x00\x00\x00\x00\x00\x00\x00\x00";
+    c.output = "\x04\xCE\xCA\x7A\x1A\x86\x6E\x77";
+    c.inLen  = 8;
+    c.outLen = 8;
+
+    test_rabbit[0] = a;
+    test_rabbit[1] = b;
+    test_rabbit[2] = c;
+
+    for (i = 0; i < times; ++i) {
+        Rabbit enc;
+        Rabbit dec;
+        byte*  iv;
+
+        /* align keys/ivs in plain/cipher buffers */
+        memcpy(plain,  keys[i], 16);
+        if (ivs[i]) {
+            memcpy(cipher, ivs[i],   8);
+            iv = cipher;
+        } else
+            iv = NULL;
+        wc_RabbitSetKey(&enc, plain, iv);
+        wc_RabbitSetKey(&dec, plain, iv);
+
+        /* align input */
+        memcpy(plain, test_rabbit[i].input, test_rabbit[i].outLen);
+        wc_RabbitProcess(&enc, cipher, plain,  (word32)test_rabbit[i].outLen);
+        wc_RabbitProcess(&dec, plain,  cipher, (word32)test_rabbit[i].outLen);
+
+        if (memcmp(plain, test_rabbit[i].input, test_rabbit[i].outLen))
+            return -130 - i;
+
+        if (memcmp(cipher, test_rabbit[i].output, test_rabbit[i].outLen))
+            return -130 - 5 - i;
+    }
+
+    return 0;
+}
+#endif /* NO_RABBIT */
+
+
+#ifdef HAVE_CHACHA
+int chacha_test(void)
+{
+    ChaCha enc;
+    ChaCha dec;
+    byte   cipher[32];
+    byte   plain[32];
+    byte   input[] = {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0};
+    word32 keySz;
+    int    i;
+    int    times = 4;
+
+    static const byte key1[] =
+    {
+         0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+         0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+         0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+         0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00
+    };
+
+    static const byte key2[] =
+    {
+         0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+         0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+         0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+         0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01
+    };
+
+    static const byte key3[] =
+    {
+         0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+         0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+         0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+         0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00
+    };
+
+    /* 128 bit key */
+    static const byte key4[] =
+    {
+         0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+         0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00
+    };
+
+
+    const byte* keys[] = {key1, key2, key3, key4};
+
+    static const byte ivs1[] = {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00};
+    static const byte ivs2[] = {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00};
+    static const byte ivs3[] = {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01};
+    static const byte ivs4[] = {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00};
+
+
+    const byte* ivs[] = {ivs1, ivs2, ivs3, ivs4};
+
+
+    byte a[] = {0x76,0xb8,0xe0,0xad,0xa0,0xf1,0x3d,0x90};
+    byte b[] = {0x45,0x40,0xf0,0x5a,0x9f,0x1f,0xb2,0x96};
+    byte c[] = {0xde,0x9c,0xba,0x7b,0xf3,0xd6,0x9e,0xf5};
+    byte d[] = {0x89,0x67,0x09,0x52,0x60,0x83,0x64,0xfd};
+
+    byte* test_chacha[4];
+
+    test_chacha[0] = a;
+    test_chacha[1] = b;
+    test_chacha[2] = c;
+    test_chacha[3] = d;
+
+    for (i = 0; i < times; ++i) {
+        if (i < 3) {
+            keySz = 32;
+        }
+        else {
+            keySz = 16;
+        }
+
+        XMEMCPY(plain, keys[i], keySz);
+        XMEMSET(cipher, 0, 32);
+        XMEMCPY(cipher + 4, ivs[i], 8);
+
+        wc_Chacha_SetKey(&enc, keys[i], keySz);
+        wc_Chacha_SetKey(&dec, keys[i], keySz);
+
+        wc_Chacha_SetIV(&enc, cipher, 0);
+        wc_Chacha_SetIV(&dec, cipher, 0);
+        XMEMCPY(plain, input, 8);
+
+        wc_Chacha_Process(&enc, cipher, plain,  (word32)8);
+        wc_Chacha_Process(&dec, plain,  cipher, (word32)8);
+
+        if (memcmp(test_chacha[i], cipher, 8))
+            return -130 - 5 - i;
+
+        if (memcmp(plain, input, 8))
+            return -130 - i;
+    }
+
+    return 0;
+}
+#endif /* HAVE_CHACHA */
+
+
+#ifdef HAVE_POLY1305
+int poly1305_test(void)
+{
+    int      ret = 0;
+    int      i;
+    byte     tag[16];
+    Poly1305 enc;
+
+    const byte msg[] =
+    {
+        0x43,0x72,0x79,0x70,0x74,0x6f,0x67,0x72,
+        0x61,0x70,0x68,0x69,0x63,0x20,0x46,0x6f,
+        0x72,0x75,0x6d,0x20,0x52,0x65,0x73,0x65,
+        0x61,0x72,0x63,0x68,0x20,0x47,0x72,0x6f,
+        0x75,0x70
+    };
+
+    const byte msg2[] =
+    {
+        0x48,0x65,0x6c,0x6c,0x6f,0x20,0x77,0x6f,0x72,
+        0x6c,0x64,0x21
+    };
+
+    const byte msg3[] =
+    {
+        0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+        0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+        0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+        0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00
+    };
+
+    const byte correct[] =
+    {
+        0xa8,0x06,0x1d,0xc1,0x30,0x51,0x36,0xc6,
+        0xc2,0x2b,0x8b,0xaf,0x0c,0x01,0x27,0xa9
+
+    };
+
+    const byte correct2[] =
+    {
+        0xa6,0xf7,0x45,0x00,0x8f,0x81,0xc9,0x16,
+        0xa2,0x0d,0xcc,0x74,0xee,0xf2,0xb2,0xf0
+    };
+
+    const byte correct3[] =
+    {
+        0x49,0xec,0x78,0x09,0x0e,0x48,0x1e,0xc6,
+        0xc2,0x6b,0x33,0xb9,0x1c,0xcc,0x03,0x07
+    };
+
+    const byte key[] = {
+        0x85,0xd6,0xbe,0x78,0x57,0x55,0x6d,0x33,
+        0x7f,0x44,0x52,0xfe,0x42,0xd5,0x06,0xa8,
+        0x01,0x03,0x80,0x8a,0xfb,0x0d,0xb2,0xfd,
+        0x4a,0xbf,0xf6,0xaf,0x41,0x49,0xf5,0x1b
+    };
+
+    const byte key2[] = {
+        0x74,0x68,0x69,0x73,0x20,0x69,0x73,0x20,
+        0x33,0x32,0x2d,0x62,0x79,0x74,0x65,0x20,
+        0x6b,0x65,0x79,0x20,0x66,0x6f,0x72,0x20,
+        0x50,0x6f,0x6c,0x79,0x31,0x33,0x30,0x35
+    };
+
+    const byte* msgs[]  = {msg, msg2, msg3};
+    word32      szm[]   = {sizeof(msg),sizeof(msg2),sizeof(msg3)};
+    const byte* keys[]  = {key, key2, key2};
+    const byte* tests[] = {correct, correct2, correct3};
+
+    for (i = 0; i < 3; i++) {
+        ret = wc_Poly1305SetKey(&enc, keys[i], 32);
+        if (ret != 0)
+            return -1001;
+
+        ret = wc_Poly1305Update(&enc, msgs[i], szm[i]);
+        if (ret != 0)
+            return -1005;
+
+        ret = wc_Poly1305Final(&enc, tag);
+        if (ret != 0)
+            return -60;
+
+        if (memcmp(tag, tests[i], sizeof(tag)))
+            return -61;
+    }
+
+    return 0;
+}
+#endif /* HAVE_POLY1305 */
+
+
+#if defined(HAVE_CHACHA) && defined(HAVE_POLY1305)
+int chacha_poly_test(void)
+{
+
+    const byte key[] = {
+        0x42,0x90,0xbc,0xb1,0x54,0x17,0x35,0x31,
+        0xf3,0x14,0xaf,0x57,0xf3,0xbe,0x3b,0x50,
+        0x06,0xda,0x37,0x1e,0xce,0x27,0x2a,0xfa,
+        0x1b,0x5d,0xbd,0xd1,0x10,0x0a,0x10,0x07
+    };
+
+    const byte input[] = {
+        0x86,0xd0,0x99,0x74,0x84,0x0b,0xde,0xd2,
+        0xa5,0xca
+    };
+
+    const byte nonce[] = {
+        0x00,0x00,0x00,0x00,0xcd,0x7c,0xf6,0x7b,
+        0xe3,0x9c,0x79,0x4a
+    };
+
+    const byte ad[] = { /* aditional data */
+        0x87,0xe2,0x29,0xd4,0x50,0x08,0x45,0xa0,
+        0x79,0xc0,0x0a,0x00,0x00,0x00,0x00,0x00,
+        0x00,0x00
+    };
+
+    const byte test[] = { /* expected output from operation */
+        0xe3,0xe4,0x46,0xf7,0xed,0xe9,0xa1,0x9b,
+        0x62,0xa4,0x98,0xa5,0x9a,0x87,0xf9,0x82,
+        0xa1,0xfe,0xcb,0xac,0xd3,0xff,0xe8,0x29,
+        0x31,0x04
+    };
+
+
+    byte polyKey[64];
+    byte cipher[32];
+    byte tag[16]; /* tag made from Poly1305 MAC algorithm */
+    byte out[48]; /* cipher (32) + tag size of (16) */
+    byte msg[10]; /* message after decryption */
+    word32 keySz = 32;
+    int ret = 0;
+
+    ChaCha   chaEnc,  chaDec;
+    Poly1305 polyEnc, polyDec;
+
+    XMEMSET(polyKey, 0, sizeof(polyKey));
+    XMEMSET(cipher, 0, sizeof(cipher));
+    XMEMSET(tag, 0, sizeof(tag));
+    XMEMSET(out, 0, sizeof(out));
+    XMEMSET(msg, 0, sizeof(msg));
+
+    /***** ENCRYPTION ******/
+
+    /* Initialise chacha / poly and get poly key */
+    ret += wc_Chacha_SetKey(&chaEnc, key, keySz);
+    ret += wc_Chacha_SetIV(&chaEnc, nonce, 0); /* start with counter at 0 */
+    /* AEAD poly key is created by first run of ChaCha */
+    ret += wc_Chacha_Process(&chaEnc, polyKey, polyKey, 64);
+    ret += wc_Poly1305SetKey(&polyEnc, polyKey, 32);
+
+    /* encrypt the plain text then append tag */
+    ret += wc_Chacha_SetIV(&chaEnc, nonce, 1);
+    ret += wc_Chacha_Process(&chaEnc, cipher, input, sizeof(input));
+    /* tag is created with using ad and cipher (SSL/TLS uses padding as well) */
+    ret += wc_Poly1305Update(&polyEnc, ad, sizeof(ad));
+    ret += wc_Poly1305Update(&polyEnc, cipher, sizeof(input));
+    ret += wc_Poly1305Final(&polyEnc, tag);
+    XMEMCPY(out, cipher, sizeof(input)); /* copy cipher to first of out */
+    XMEMCPY(out + sizeof(input), tag, sizeof(tag)); /* append tag to out   */
+
+
+    /****** TEST *****/
+
+    /* encrypted AEAD msg is now in out[] it's length is sizeof input + tag size
+       to test correctness we will compare the out[] to the expected output */
+    if (memcmp(out, test, sizeof(test)))
+        return -1062;
+
+
+    /****** DECRYPTION ******/
+
+    XMEMSET(polyKey, 0, sizeof(polyKey));
+    XMEMSET(tag, 0, sizeof(tag));
+
+    /* Initialise chacha / poly and get poly key */
+    ret += wc_Chacha_SetKey(&chaDec, key, keySz);
+    ret += wc_Chacha_SetIV(&chaDec, nonce, 0); /* start with counter at 0 */
+    /* AEAD poly key is created by first run of ChaCha */
+    ret += wc_Chacha_Process(&chaDec, polyKey, polyKey, 64);
+    ret += wc_Poly1305SetKey(&polyDec, polyKey, 32);
+
+    /* compare generated tag to what was sent */
+    ret += wc_Poly1305Update(&polyDec, ad, sizeof(ad));
+    ret += wc_Poly1305Update(&polyDec, out, sizeof(input)); /* cipher sent */
+    ret += wc_Poly1305Final(&polyDec, tag);
+    /* comparison of tags should be in constant time when implemented */
+    if (memcmp(tag, out + sizeof(input), sizeof(tag))) /* compare tags */
+        return -1063;
+
+    /* decrypt the cipher text */
+    ret += wc_Chacha_Process(&chaDec, msg, out, sizeof(input));
+
+
+    /****** TEST *****/
+
+    /* plain text msg has been recieved compare it to expected for test */
+    if (memcmp(msg, input, sizeof(input)))
+        return -1064;
+
+    return ret;
+}
+#endif /* HAVE_CHACHA && HAVE_POLY1305 */
+
+
+#ifndef NO_DES3
+int des_test(void)
+{
+    const byte vector[] = { /* "now is the time for all " w/o trailing 0 */
+        0x6e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74,
+        0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20,
+        0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20
+    };
+
+    byte plain[24];
+    byte cipher[24];
+
+    Des enc;
+    Des dec;
+
+    const byte key[] =
+    {
+        0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef
+    };
+
+    const byte iv[] =
+    {
+        0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef
+    };
+
+    const byte verify[] =
+    {
+        0x8b,0x7c,0x52,0xb0,0x01,0x2b,0x6c,0xb8,
+        0x4f,0x0f,0xeb,0xf3,0xfb,0x5f,0x86,0x73,
+        0x15,0x85,0xb3,0x22,0x4b,0x86,0x2b,0x4b
+    };
+
+    int ret;
+
+    ret = wc_Des_SetKey(&enc, key, iv, DES_ENCRYPTION);
+    if (ret != 0)
+        return -31;
+
+    wc_Des_CbcEncrypt(&enc, cipher, vector, sizeof(vector));
+    ret = wc_Des_SetKey(&dec, key, iv, DES_DECRYPTION);
+    if (ret != 0)
+        return -32;
+    wc_Des_CbcDecrypt(&dec, plain, cipher, sizeof(cipher));
+
+    if (memcmp(plain, vector, sizeof(plain)))
+        return -33;
+
+    if (memcmp(cipher, verify, sizeof(cipher)))
+        return -34;
+
+    return 0;
+}
+#endif /* NO_DES3 */
+
+
+#ifndef NO_DES3
+int des3_test(void)
+{
+    const byte vector[] = { /* "Now is the time for all " w/o trailing 0 */
+        0x4e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74,
+        0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20,
+        0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20
+    };
+
+    byte plain[24];
+    byte cipher[24];
+
+    Des3 enc;
+    Des3 dec;
+
+    const byte key3[] =
+    {
+        0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef,
+        0xfe,0xde,0xba,0x98,0x76,0x54,0x32,0x10,
+        0x89,0xab,0xcd,0xef,0x01,0x23,0x45,0x67
+    };
+    const byte iv3[] =
+    {
+        0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef,
+        0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
+        0x11,0x21,0x31,0x41,0x51,0x61,0x71,0x81
+
+    };
+
+    const byte verify3[] =
+    {
+        0x43,0xa0,0x29,0x7e,0xd1,0x84,0xf8,0x0e,
+        0x89,0x64,0x84,0x32,0x12,0xd5,0x08,0x98,
+        0x18,0x94,0x15,0x74,0x87,0x12,0x7d,0xb0
+    };
+
+    int ret;
+
+
+#ifdef HAVE_CAVIUM
+    if (wc_Des3_InitCavium(&enc, CAVIUM_DEV_ID) != 0)
+        return -20005;
+    if (wc_Des3_InitCavium(&dec, CAVIUM_DEV_ID) != 0)
+        return -20006;
+#endif
+    ret = wc_Des3_SetKey(&enc, key3, iv3, DES_ENCRYPTION);
+    if (ret != 0)
+        return -31;
+    ret = wc_Des3_SetKey(&dec, key3, iv3, DES_DECRYPTION);
+    if (ret != 0)
+        return -32;
+    ret = wc_Des3_CbcEncrypt(&enc, cipher, vector, sizeof(vector));
+    if (ret != 0)
+        return -33;
+    ret = wc_Des3_CbcDecrypt(&dec, plain, cipher, sizeof(cipher));
+    if (ret != 0)
+        return -34;
+
+    if (memcmp(plain, vector, sizeof(plain)))
+        return -35;
+
+    if (memcmp(cipher, verify3, sizeof(cipher)))
+        return -36;
+
+#ifdef HAVE_CAVIUM
+    wc_Des3_FreeCavium(&enc);
+    wc_Des3_FreeCavium(&dec);
+#endif
+    return 0;
+}
+#endif /* NO_DES */
+
+
+#ifndef NO_AES
+int aes_test(void)
+{
+    Aes enc;
+    Aes dec;
+
+    const byte msg[] = { /* "Now is the time for all " w/o trailing 0 */
+        0x6e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74,
+        0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20,
+        0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20
+    };
+
+    const byte verify[] =
+    {
+        0x95,0x94,0x92,0x57,0x5f,0x42,0x81,0x53,
+        0x2c,0xcc,0x9d,0x46,0x77,0xa2,0x33,0xcb
+    };
+
+    byte key[] = "0123456789abcdef   ";  /* align */
+    byte iv[]  = "1234567890abcdef   ";  /* align */
+
+    byte cipher[AES_BLOCK_SIZE * 4];
+    byte plain [AES_BLOCK_SIZE * 4];
+    int  ret;
+
+#ifdef HAVE_CAVIUM
+        if (wc_AesInitCavium(&enc, CAVIUM_DEV_ID) != 0)
+            return -20003;
+        if (wc_AesInitCavium(&dec, CAVIUM_DEV_ID) != 0)
+            return -20004;
+#endif
+    ret = wc_AesSetKey(&enc, key, AES_BLOCK_SIZE, iv, AES_ENCRYPTION);
+    if (ret != 0)
+        return -1001;
+    ret = wc_AesSetKey(&dec, key, AES_BLOCK_SIZE, iv, AES_DECRYPTION);
+    if (ret != 0)
+        return -1002;
+
+    ret = wc_AesCbcEncrypt(&enc, cipher, msg,   AES_BLOCK_SIZE);
+    if (ret != 0)
+        return -1005;
+    ret = wc_AesCbcDecrypt(&dec, plain, cipher, AES_BLOCK_SIZE);
+    if (ret != 0)
+        return -1006;
+
+    if (memcmp(plain, msg, AES_BLOCK_SIZE))
+        return -60;
+
+    if (memcmp(cipher, verify, AES_BLOCK_SIZE))
+        return -61;
+
+#ifdef HAVE_CAVIUM
+        wc_AesFreeCavium(&enc);
+        wc_AesFreeCavium(&dec);
+#endif
+#ifdef WOLFSSL_AES_COUNTER
+    {
+        const byte ctrKey[] =
+        {
+            0x2b,0x7e,0x15,0x16,0x28,0xae,0xd2,0xa6,
+            0xab,0xf7,0x15,0x88,0x09,0xcf,0x4f,0x3c
+        };
+
+        const byte ctrIv[] =
+        {
+            0xf0,0xf1,0xf2,0xf3,0xf4,0xf5,0xf6,0xf7,
+            0xf8,0xf9,0xfa,0xfb,0xfc,0xfd,0xfe,0xff
+        };
+
+
+        const byte ctrPlain[] =
+        {
+            0x6b,0xc1,0xbe,0xe2,0x2e,0x40,0x9f,0x96,
+            0xe9,0x3d,0x7e,0x11,0x73,0x93,0x17,0x2a,
+            0xae,0x2d,0x8a,0x57,0x1e,0x03,0xac,0x9c,
+            0x9e,0xb7,0x6f,0xac,0x45,0xaf,0x8e,0x51,
+            0x30,0xc8,0x1c,0x46,0xa3,0x5c,0xe4,0x11,
+            0xe5,0xfb,0xc1,0x19,0x1a,0x0a,0x52,0xef,
+            0xf6,0x9f,0x24,0x45,0xdf,0x4f,0x9b,0x17,
+            0xad,0x2b,0x41,0x7b,0xe6,0x6c,0x37,0x10
+        };
+
+        const byte ctrCipher[] =
+        {
+            0x87,0x4d,0x61,0x91,0xb6,0x20,0xe3,0x26,
+            0x1b,0xef,0x68,0x64,0x99,0x0d,0xb6,0xce,
+            0x98,0x06,0xf6,0x6b,0x79,0x70,0xfd,0xff,
+            0x86,0x17,0x18,0x7b,0xb9,0xff,0xfd,0xff,
+            0x5a,0xe4,0xdf,0x3e,0xdb,0xd5,0xd3,0x5e,
+            0x5b,0x4f,0x09,0x02,0x0d,0xb0,0x3e,0xab,
+            0x1e,0x03,0x1d,0xda,0x2f,0xbe,0x03,0xd1,
+            0x79,0x21,0x70,0xa0,0xf3,0x00,0x9c,0xee
+        };
+
+        const byte oddCipher[] =
+        {
+            0xb9,0xd7,0xcb,0x08,0xb0,0xe1,0x7b,0xa0,
+            0xc2
+        };
+
+        wc_AesSetKeyDirect(&enc, ctrKey, AES_BLOCK_SIZE, ctrIv, AES_ENCRYPTION);
+        /* Ctr only uses encrypt, even on key setup */
+        wc_AesSetKeyDirect(&dec, ctrKey, AES_BLOCK_SIZE, ctrIv, AES_ENCRYPTION);
+
+        wc_AesCtrEncrypt(&enc, cipher, ctrPlain, AES_BLOCK_SIZE*4);
+        wc_AesCtrEncrypt(&dec, plain, cipher, AES_BLOCK_SIZE*4);
+
+        if (memcmp(plain, ctrPlain, AES_BLOCK_SIZE*4))
+            return -66;
+
+        if (memcmp(cipher, ctrCipher, AES_BLOCK_SIZE*4))
+            return -67;
+
+        /* let's try with just 9 bytes, non block size test */
+        wc_AesSetKeyDirect(&enc, ctrKey, AES_BLOCK_SIZE, ctrIv, AES_ENCRYPTION);
+        /* Ctr only uses encrypt, even on key setup */
+        wc_AesSetKeyDirect(&dec, ctrKey, AES_BLOCK_SIZE, ctrIv, AES_ENCRYPTION);
+
+        wc_AesCtrEncrypt(&enc, cipher, ctrPlain, 9);
+        wc_AesCtrEncrypt(&dec, plain, cipher, 9);
+
+        if (memcmp(plain, ctrPlain, 9))
+            return -68;
+
+        if (memcmp(cipher, ctrCipher, 9))
+            return -69;
+
+        /* and an additional 9 bytes to reuse tmp left buffer */
+        wc_AesCtrEncrypt(&enc, cipher, ctrPlain, 9);
+        wc_AesCtrEncrypt(&dec, plain, cipher, 9);
+
+        if (memcmp(plain, ctrPlain, 9))
+            return -70;
+
+        if (memcmp(cipher, oddCipher, 9))
+            return -71;
+    }
+#endif /* WOLFSSL_AES_COUNTER */
+
+#if defined(WOLFSSL_AESNI) && defined(WOLFSSL_AES_DIRECT)
+    {
+        const byte niPlain[] =
+        {
+            0x6b,0xc1,0xbe,0xe2,0x2e,0x40,0x9f,0x96,
+            0xe9,0x3d,0x7e,0x11,0x73,0x93,0x17,0x2a
+        };
+
+        const byte niCipher[] =
+        {
+            0xf3,0xee,0xd1,0xbd,0xb5,0xd2,0xa0,0x3c,
+            0x06,0x4b,0x5a,0x7e,0x3d,0xb1,0x81,0xf8
+        };
+
+        const byte niKey[] =
+        {
+            0x60,0x3d,0xeb,0x10,0x15,0xca,0x71,0xbe,
+            0x2b,0x73,0xae,0xf0,0x85,0x7d,0x77,0x81,
+            0x1f,0x35,0x2c,0x07,0x3b,0x61,0x08,0xd7,
+            0x2d,0x98,0x10,0xa3,0x09,0x14,0xdf,0xf4
+        };
+
+        XMEMSET(cipher, 0, AES_BLOCK_SIZE);
+        ret = wc_AesSetKey(&enc, niKey, sizeof(niKey), cipher, AES_ENCRYPTION);
+        if (ret != 0)
+            return -1003;
+        wc_AesEncryptDirect(&enc, cipher, niPlain);
+        if (XMEMCMP(cipher, niCipher, AES_BLOCK_SIZE) != 0)
+            return -20006;
+
+        XMEMSET(plain, 0, AES_BLOCK_SIZE);
+        ret = wc_AesSetKey(&dec, niKey, sizeof(niKey), plain, AES_DECRYPTION);
+        if (ret != 0)
+            return -1004;
+        wc_AesDecryptDirect(&dec, plain, niCipher);
+        if (XMEMCMP(plain, niPlain, AES_BLOCK_SIZE) != 0)
+            return -20007;
+    }
+#endif /* WOLFSSL_AESNI && WOLFSSL_AES_DIRECT */
+
+    return 0;
+}
+
+#ifdef HAVE_AESGCM
+int aesgcm_test(void)
+{
+    Aes enc;
+
+    /*
+     * This is Test Case 16 from the document Galois/
+     * Counter Mode of Operation (GCM) by McGrew and
+     * Viega.
+     */
+    const byte k[] =
+    {
+        0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c,
+        0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08,
+        0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c,
+        0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08
+    };
+
+    const byte iv[] =
+    {
+        0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad,
+        0xde, 0xca, 0xf8, 0x88
+    };
+
+    const byte p[] =
+    {
+        0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5,
+        0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a,
+        0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda,
+        0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72,
+        0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53,
+        0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25,
+        0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57,
+        0xba, 0x63, 0x7b, 0x39
+    };
+
+    const byte a[] =
+    {
+        0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
+        0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
+        0xab, 0xad, 0xda, 0xd2
+    };
+
+    const byte c[] =
+    {
+        0x52, 0x2d, 0xc1, 0xf0, 0x99, 0x56, 0x7d, 0x07,
+        0xf4, 0x7f, 0x37, 0xa3, 0x2a, 0x84, 0x42, 0x7d,
+        0x64, 0x3a, 0x8c, 0xdc, 0xbf, 0xe5, 0xc0, 0xc9,
+        0x75, 0x98, 0xa2, 0xbd, 0x25, 0x55, 0xd1, 0xaa,
+        0x8c, 0xb0, 0x8e, 0x48, 0x59, 0x0d, 0xbb, 0x3d,
+        0xa7, 0xb0, 0x8b, 0x10, 0x56, 0x82, 0x88, 0x38,
+        0xc5, 0xf6, 0x1e, 0x63, 0x93, 0xba, 0x7a, 0x0a,
+        0xbc, 0xc9, 0xf6, 0x62
+    };
+
+    const byte t[] =
+    {
+        0x76, 0xfc, 0x6e, 0xce, 0x0f, 0x4e, 0x17, 0x68,
+        0xcd, 0xdf, 0x88, 0x53, 0xbb, 0x2d, 0x55, 0x1b
+    };
+
+    byte t2[sizeof(t)];
+    byte p2[sizeof(c)];
+    byte c2[sizeof(p)];
+
+    int result;
+
+    memset(t2, 0, sizeof(t2));
+    memset(c2, 0, sizeof(c2));
+    memset(p2, 0, sizeof(p2));
+
+    wc_AesGcmSetKey(&enc, k, sizeof(k));
+    /* AES-GCM encrypt and decrypt both use AES encrypt internally */
+    wc_AesGcmEncrypt(&enc, c2, p, sizeof(c2), iv, sizeof(iv),
+                                                 t2, sizeof(t2), a, sizeof(a));
+    if (memcmp(c, c2, sizeof(c2)))
+        return -68;
+    if (memcmp(t, t2, sizeof(t2)))
+        return -69;
+
+    result = wc_AesGcmDecrypt(&enc, p2, c2, sizeof(p2), iv, sizeof(iv),
+                                                 t2, sizeof(t2), a, sizeof(a));
+    if (result != 0)
+        return -70;
+    if (memcmp(p, p2, sizeof(p2)))
+        return -71;
+
+    return 0;
+}
+
+int gmac_test(void)
+{
+    Gmac gmac;
+
+    const byte k1[] =
+    {
+        0x89, 0xc9, 0x49, 0xe9, 0xc8, 0x04, 0xaf, 0x01,
+        0x4d, 0x56, 0x04, 0xb3, 0x94, 0x59, 0xf2, 0xc8
+    };
+    const byte iv1[] =
+    {
+        0xd1, 0xb1, 0x04, 0xc8, 0x15, 0xbf, 0x1e, 0x94,
+        0xe2, 0x8c, 0x8f, 0x16
+    };
+    const byte a1[] =
+    {
+       0x82, 0xad, 0xcd, 0x63, 0x8d, 0x3f, 0xa9, 0xd9,
+       0xf3, 0xe8, 0x41, 0x00, 0xd6, 0x1e, 0x07, 0x77
+    };
+    const byte t1[] =
+    {
+        0x88, 0xdb, 0x9d, 0x62, 0x17, 0x2e, 0xd0, 0x43,
+        0xaa, 0x10, 0xf1, 0x6d, 0x22, 0x7d, 0xc4, 0x1b
+    };
+
+    const byte k2[] =
+    {
+        0x40, 0xf7, 0xec, 0xb2, 0x52, 0x6d, 0xaa, 0xd4,
+        0x74, 0x25, 0x1d, 0xf4, 0x88, 0x9e, 0xf6, 0x5b
+    };
+    const byte iv2[] =
+    {
+        0xee, 0x9c, 0x6e, 0x06, 0x15, 0x45, 0x45, 0x03,
+        0x1a, 0x60, 0x24, 0xa7
+    };
+    const byte a2[] =
+    {
+        0x94, 0x81, 0x2c, 0x87, 0x07, 0x4e, 0x15, 0x18,
+        0x34, 0xb8, 0x35, 0xaf, 0x1c, 0xa5, 0x7e, 0x56
+    };
+    const byte t2[] =
+    {
+        0xc6, 0x81, 0x79, 0x8e, 0x3d, 0xda, 0xb0, 0x9f,
+        0x8d, 0x83, 0xb0, 0xbb, 0x14, 0xb6, 0x91
+    };
+
+    const byte k3[] =
+    {
+        0xb8, 0xe4, 0x9a, 0x5e, 0x37, 0xf9, 0x98, 0x2b,
+        0xb9, 0x6d, 0xd0, 0xc9, 0xb6, 0xab, 0x26, 0xac
+    };
+    const byte iv3[] =
+    {
+        0xe4, 0x4a, 0x42, 0x18, 0x8c, 0xae, 0x94, 0x92,
+        0x6a, 0x9c, 0x26, 0xb0
+    };
+    const byte a3[] =
+    {
+        0x9d, 0xb9, 0x61, 0x68, 0xa6, 0x76, 0x7a, 0x31,
+        0xf8, 0x29, 0xe4, 0x72, 0x61, 0x68, 0x3f, 0x8a
+    };
+    const byte t3[] =
+    {
+        0x23, 0xe2, 0x9f, 0x66, 0xe4, 0xc6, 0x52, 0x48
+    };
+
+    byte tag[16];
+
+    memset(tag, 0, sizeof(tag));
+    wc_GmacSetKey(&gmac, k1, sizeof(k1));
+    wc_GmacUpdate(&gmac, iv1, sizeof(iv1), a1, sizeof(a1), tag, sizeof(t1));
+    if (memcmp(t1, tag, sizeof(t1)) != 0)
+        return -126;
+
+    memset(tag, 0, sizeof(tag));
+    wc_GmacSetKey(&gmac, k2, sizeof(k2));
+    wc_GmacUpdate(&gmac, iv2, sizeof(iv2), a2, sizeof(a2), tag, sizeof(t2));
+    if (memcmp(t2, tag, sizeof(t2)) != 0)
+        return -127;
+
+    memset(tag, 0, sizeof(tag));
+    wc_GmacSetKey(&gmac, k3, sizeof(k3));
+    wc_GmacUpdate(&gmac, iv3, sizeof(iv3), a3, sizeof(a3), tag, sizeof(t3));
+    if (memcmp(t3, tag, sizeof(t3)) != 0)
+        return -128;
+
+    return 0;
+}
+#endif /* HAVE_AESGCM */
+
+#ifdef HAVE_AESCCM
+int aesccm_test(void)
+{
+    Aes enc;
+
+    /* key */
+    const byte k[] =
+    {
+        0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7,
+        0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf
+    };
+
+    /* nonce */
+    const byte iv[] =
+    {
+        0x00, 0x00, 0x00, 0x03, 0x02, 0x01, 0x00, 0xa0,
+        0xa1, 0xa2, 0xa3, 0xa4, 0xa5
+    };
+
+    /* plaintext */
+    const byte p[] =
+    {
+        0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
+        0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
+        0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e
+    };
+
+    const byte a[] =
+    {
+        0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07
+    };
+
+    const byte c[] =
+    {
+        0x58, 0x8c, 0x97, 0x9a, 0x61, 0xc6, 0x63, 0xd2,
+        0xf0, 0x66, 0xd0, 0xc2, 0xc0, 0xf9, 0x89, 0x80,
+        0x6d, 0x5f, 0x6b, 0x61, 0xda, 0xc3, 0x84
+    };
+
+    const byte t[] =
+    {
+        0x17, 0xe8, 0xd1, 0x2c, 0xfd, 0xf9, 0x26, 0xe0
+    };
+
+    byte t2[sizeof(t)];
+    byte p2[sizeof(p)];
+    byte c2[sizeof(c)];
+
+    int result;
+
+    memset(t2, 0, sizeof(t2));
+    memset(c2, 0, sizeof(c2));
+    memset(p2, 0, sizeof(p2));
+
+    wc_AesCcmSetKey(&enc, k, sizeof(k));
+    /* AES-CCM encrypt and decrypt both use AES encrypt internally */
+    wc_AesCcmEncrypt(&enc, c2, p, sizeof(c2), iv, sizeof(iv),
+                                                 t2, sizeof(t2), a, sizeof(a));
+    if (memcmp(c, c2, sizeof(c2)))
+        return -107;
+    if (memcmp(t, t2, sizeof(t2)))
+        return -108;
+
+    result = wc_AesCcmDecrypt(&enc, p2, c2, sizeof(p2), iv, sizeof(iv),
+                                                 t2, sizeof(t2), a, sizeof(a));
+    if (result != 0)
+        return -109;
+    if (memcmp(p, p2, sizeof(p2)))
+        return -110;
+
+    /* Test the authentication failure */
+    t2[0]++; /* Corrupt the authentication tag. */
+    result = wc_AesCcmDecrypt(&enc, p2, c, sizeof(p2), iv, sizeof(iv),
+                                                 t2, sizeof(t2), a, sizeof(a));
+    if (result == 0)
+        return -111;
+
+    /* Clear c2 to compare against p2. p2 should be set to zero in case of
+     * authentication fail. */
+    memset(c2, 0, sizeof(c2));
+    if (memcmp(p2, c2, sizeof(p2)))
+        return -112;
+
+    return 0;
+}
+#endif /* HAVE_AESCCM */
+
+
+#endif /* NO_AES */
+
+
+#ifdef HAVE_CAMELLIA
+
+enum {
+    CAM_ECB_ENC, CAM_ECB_DEC, CAM_CBC_ENC, CAM_CBC_DEC
+};
+
+typedef struct {
+    int type;
+    const byte* plaintext;
+    const byte* iv;
+    const byte* ciphertext;
+    const byte* key;
+    word32 keySz;
+    int errorCode;
+} test_vector_t;
+
+int camellia_test(void)
+{
+    /* Camellia ECB Test Plaintext */
+    static const byte pte[] =
+    {
+        0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
+        0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10
+    };
+
+    /* Camellia ECB Test Initialization Vector */
+    static const byte ive[] = {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0};
+
+    /* Test 1: Camellia ECB 128-bit key */
+    static const byte k1[] =
+    {
+        0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
+        0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10
+    };
+    static const byte c1[] =
+    {
+        0x67, 0x67, 0x31, 0x38, 0x54, 0x96, 0x69, 0x73,
+        0x08, 0x57, 0x06, 0x56, 0x48, 0xea, 0xbe, 0x43
+    };
+
+    /* Test 2: Camellia ECB 192-bit key */
+    static const byte k2[] =
+    {
+        0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
+        0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
+        0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77
+    };
+    static const byte c2[] =
+    {
+        0xb4, 0x99, 0x34, 0x01, 0xb3, 0xe9, 0x96, 0xf8,
+        0x4e, 0xe5, 0xce, 0xe7, 0xd7, 0x9b, 0x09, 0xb9
+    };
+
+    /* Test 3: Camellia ECB 256-bit key */
+    static const byte k3[] =
+    {
+        0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
+        0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
+        0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
+        0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff
+    };
+    static const byte c3[] =
+    {
+        0x9a, 0xcc, 0x23, 0x7d, 0xff, 0x16, 0xd7, 0x6c,
+        0x20, 0xef, 0x7c, 0x91, 0x9e, 0x3a, 0x75, 0x09
+    };
+
+    /* Camellia CBC Test Plaintext */
+    static const byte ptc[] =
+    {
+        0x6B, 0xC1, 0xBE, 0xE2, 0x2E, 0x40, 0x9F, 0x96,
+        0xE9, 0x3D, 0x7E, 0x11, 0x73, 0x93, 0x17, 0x2A
+    };
+
+    /* Camellia CBC Test Initialization Vector */
+    static const byte ivc[] =
+    {
+        0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+        0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F
+    };
+
+    /* Test 4: Camellia-CBC 128-bit key */
+    static const byte k4[] =
+    {
+        0x2B, 0x7E, 0x15, 0x16, 0x28, 0xAE, 0xD2, 0xA6,
+        0xAB, 0xF7, 0x15, 0x88, 0x09, 0xCF, 0x4F, 0x3C
+    };
+    static const byte c4[] =
+    {
+        0x16, 0x07, 0xCF, 0x49, 0x4B, 0x36, 0xBB, 0xF0,
+        0x0D, 0xAE, 0xB0, 0xB5, 0x03, 0xC8, 0x31, 0xAB
+    };
+
+    /* Test 5: Camellia-CBC 192-bit key */
+    static const byte k5[] =
+    {
+        0x8E, 0x73, 0xB0, 0xF7, 0xDA, 0x0E, 0x64, 0x52,
+        0xC8, 0x10, 0xF3, 0x2B, 0x80, 0x90, 0x79, 0xE5,
+        0x62, 0xF8, 0xEA, 0xD2, 0x52, 0x2C, 0x6B, 0x7B
+    };
+    static const byte c5[] =
+    {
+        0x2A, 0x48, 0x30, 0xAB, 0x5A, 0xC4, 0xA1, 0xA2,
+        0x40, 0x59, 0x55, 0xFD, 0x21, 0x95, 0xCF, 0x93
+    };
+
+    /* Test 6: CBC 256-bit key */
+    static const byte k6[] =
+    {
+        0x60, 0x3D, 0xEB, 0x10, 0x15, 0xCA, 0x71, 0xBE,
+        0x2B, 0x73, 0xAE, 0xF0, 0x85, 0x7D, 0x77, 0x81,
+        0x1F, 0x35, 0x2C, 0x07, 0x3B, 0x61, 0x08, 0xD7,
+        0x2D, 0x98, 0x10, 0xA3, 0x09, 0x14, 0xDF, 0xF4
+    };
+    static const byte c6[] =
+    {
+        0xE6, 0xCF, 0xA3, 0x5F, 0xC0, 0x2B, 0x13, 0x4A,
+        0x4D, 0x2C, 0x0B, 0x67, 0x37, 0xAC, 0x3E, 0xDA
+    };
+
+    byte out[CAMELLIA_BLOCK_SIZE];
+    Camellia cam;
+    int i, testsSz;
+    const test_vector_t testVectors[] =
+    {
+        {CAM_ECB_ENC, pte, ive, c1, k1, sizeof(k1), -114},
+        {CAM_ECB_ENC, pte, ive, c2, k2, sizeof(k2), -115},
+        {CAM_ECB_ENC, pte, ive, c3, k3, sizeof(k3), -116},
+        {CAM_ECB_DEC, pte, ive, c1, k1, sizeof(k1), -117},
+        {CAM_ECB_DEC, pte, ive, c2, k2, sizeof(k2), -118},
+        {CAM_ECB_DEC, pte, ive, c3, k3, sizeof(k3), -119},
+        {CAM_CBC_ENC, ptc, ivc, c4, k4, sizeof(k4), -120},
+        {CAM_CBC_ENC, ptc, ivc, c5, k5, sizeof(k5), -121},
+        {CAM_CBC_ENC, ptc, ivc, c6, k6, sizeof(k6), -122},
+        {CAM_CBC_DEC, ptc, ivc, c4, k4, sizeof(k4), -123},
+        {CAM_CBC_DEC, ptc, ivc, c5, k5, sizeof(k5), -124},
+        {CAM_CBC_DEC, ptc, ivc, c6, k6, sizeof(k6), -125}
+    };
+
+    testsSz = sizeof(testVectors)/sizeof(test_vector_t);
+    for (i = 0; i < testsSz; i++) {
+        if (wc_CamelliaSetKey(&cam, testVectors[i].key, testVectors[i].keySz,
+                                                        testVectors[i].iv) != 0)
+            return testVectors[i].errorCode;
+
+        switch (testVectors[i].type) {
+            case CAM_ECB_ENC:
+                wc_CamelliaEncryptDirect(&cam, out, testVectors[i].plaintext);
+                if (memcmp(out, testVectors[i].ciphertext, CAMELLIA_BLOCK_SIZE))
+                    return testVectors[i].errorCode;
+                break;
+            case CAM_ECB_DEC:
+                wc_CamelliaDecryptDirect(&cam, out, testVectors[i].ciphertext);
+                if (memcmp(out, testVectors[i].plaintext, CAMELLIA_BLOCK_SIZE))
+                    return testVectors[i].errorCode;
+                break;
+            case CAM_CBC_ENC:
+                wc_CamelliaCbcEncrypt(&cam, out, testVectors[i].plaintext,
+                                                           CAMELLIA_BLOCK_SIZE);
+                if (memcmp(out, testVectors[i].ciphertext, CAMELLIA_BLOCK_SIZE))
+                    return testVectors[i].errorCode;
+                break;
+            case CAM_CBC_DEC:
+                wc_CamelliaCbcDecrypt(&cam, out, testVectors[i].ciphertext,
+                                                           CAMELLIA_BLOCK_SIZE);
+                if (memcmp(out, testVectors[i].plaintext, CAMELLIA_BLOCK_SIZE))
+                    return testVectors[i].errorCode;
+                break;
+            default:
+                break;
+        }
+    }
+
+    /* Setting the IV and checking it was actually set. */
+    wc_CamelliaSetIV(&cam, ivc);
+    if (XMEMCMP(cam.reg, ivc, CAMELLIA_BLOCK_SIZE))
+        return -1;
+
+    /* Setting the IV to NULL should be same as all zeros IV */
+    if (wc_CamelliaSetIV(&cam, NULL) != 0 ||
+                                    XMEMCMP(cam.reg, ive, CAMELLIA_BLOCK_SIZE))
+        return -1;
+
+    /* First parameter should never be null */
+    if (wc_CamelliaSetIV(NULL, NULL) == 0)
+        return -1;
+
+    /* First parameter should never be null, check it fails */
+    if (wc_CamelliaSetKey(NULL, k1, sizeof(k1), NULL) == 0)
+        return -1;
+
+    /* Key should have a size of 16, 24, or 32 */
+    if (wc_CamelliaSetKey(&cam, k1, 0, NULL) == 0)
+        return -1;
+
+    return 0;
+}
+#endif /* HAVE_CAMELLIA */
+
+
+#if defined(HAVE_HASHDRBG) || defined(NO_RC4)
+
+int random_test(void)
+{
+    const byte test1Entropy[] =
+    {
+        0xa6, 0x5a, 0xd0, 0xf3, 0x45, 0xdb, 0x4e, 0x0e, 0xff, 0xe8, 0x75, 0xc3,
+        0xa2, 0xe7, 0x1f, 0x42, 0xc7, 0x12, 0x9d, 0x62, 0x0f, 0xf5, 0xc1, 0x19,
+        0xa9, 0xef, 0x55, 0xf0, 0x51, 0x85, 0xe0, 0xfb, 0x85, 0x81, 0xf9, 0x31,
+        0x75, 0x17, 0x27, 0x6e, 0x06, 0xe9, 0x60, 0x7d, 0xdb, 0xcb, 0xcc, 0x2e
+    };
+    const byte test1Output[] =
+    {
+        0xd3, 0xe1, 0x60, 0xc3, 0x5b, 0x99, 0xf3, 0x40, 0xb2, 0x62, 0x82, 0x64,
+        0xd1, 0x75, 0x10, 0x60, 0xe0, 0x04, 0x5d, 0xa3, 0x83, 0xff, 0x57, 0xa5,
+        0x7d, 0x73, 0xa6, 0x73, 0xd2, 0xb8, 0xd8, 0x0d, 0xaa, 0xf6, 0xa6, 0xc3,
+        0x5a, 0x91, 0xbb, 0x45, 0x79, 0xd7, 0x3f, 0xd0, 0xc8, 0xfe, 0xd1, 0x11,
+        0xb0, 0x39, 0x13, 0x06, 0x82, 0x8a, 0xdf, 0xed, 0x52, 0x8f, 0x01, 0x81,
+        0x21, 0xb3, 0xfe, 0xbd, 0xc3, 0x43, 0xe7, 0x97, 0xb8, 0x7d, 0xbb, 0x63,
+        0xdb, 0x13, 0x33, 0xde, 0xd9, 0xd1, 0xec, 0xe1, 0x77, 0xcf, 0xa6, 0xb7,
+        0x1f, 0xe8, 0xab, 0x1d, 0xa4, 0x66, 0x24, 0xed, 0x64, 0x15, 0xe5, 0x1c,
+        0xcd, 0xe2, 0xc7, 0xca, 0x86, 0xe2, 0x83, 0x99, 0x0e, 0xea, 0xeb, 0x91,
+        0x12, 0x04, 0x15, 0x52, 0x8b, 0x22, 0x95, 0x91, 0x02, 0x81, 0xb0, 0x2d,
+        0xd4, 0x31, 0xf4, 0xc9, 0xf7, 0x04, 0x27, 0xdf
+    };
+    const byte test2EntropyA[] =
+    {
+        0x63, 0x36, 0x33, 0x77, 0xe4, 0x1e, 0x86, 0x46, 0x8d, 0xeb, 0x0a, 0xb4,
+        0xa8, 0xed, 0x68, 0x3f, 0x6a, 0x13, 0x4e, 0x47, 0xe0, 0x14, 0xc7, 0x00,
+        0x45, 0x4e, 0x81, 0xe9, 0x53, 0x58, 0xa5, 0x69, 0x80, 0x8a, 0xa3, 0x8f,
+        0x2a, 0x72, 0xa6, 0x23, 0x59, 0x91, 0x5a, 0x9f, 0x8a, 0x04, 0xca, 0x68
+    };
+    const byte test2EntropyB[] =
+    {
+        0xe6, 0x2b, 0x8a, 0x8e, 0xe8, 0xf1, 0x41, 0xb6, 0x98, 0x05, 0x66, 0xe3,
+        0xbf, 0xe3, 0xc0, 0x49, 0x03, 0xda, 0xd4, 0xac, 0x2c, 0xdf, 0x9f, 0x22,
+        0x80, 0x01, 0x0a, 0x67, 0x39, 0xbc, 0x83, 0xd3
+    };
+    const byte test2Output[] =
+    {
+        0x04, 0xee, 0xc6, 0x3b, 0xb2, 0x31, 0xdf, 0x2c, 0x63, 0x0a, 0x1a, 0xfb,
+        0xe7, 0x24, 0x94, 0x9d, 0x00, 0x5a, 0x58, 0x78, 0x51, 0xe1, 0xaa, 0x79,
+        0x5e, 0x47, 0x73, 0x47, 0xc8, 0xb0, 0x56, 0x62, 0x1c, 0x18, 0xbd, 0xdc,
+        0xdd, 0x8d, 0x99, 0xfc, 0x5f, 0xc2, 0xb9, 0x20, 0x53, 0xd8, 0xcf, 0xac,
+        0xfb, 0x0b, 0xb8, 0x83, 0x12, 0x05, 0xfa, 0xd1, 0xdd, 0xd6, 0xc0, 0x71,
+        0x31, 0x8a, 0x60, 0x18, 0xf0, 0x3b, 0x73, 0xf5, 0xed, 0xe4, 0xd4, 0xd0,
+        0x71, 0xf9, 0xde, 0x03, 0xfd, 0x7a, 0xea, 0x10, 0x5d, 0x92, 0x99, 0xb8,
+        0xaf, 0x99, 0xaa, 0x07, 0x5b, 0xdb, 0x4d, 0xb9, 0xaa, 0x28, 0xc1, 0x8d,
+        0x17, 0x4b, 0x56, 0xee, 0x2a, 0x01, 0x4d, 0x09, 0x88, 0x96, 0xff, 0x22,
+        0x82, 0xc9, 0x55, 0xa8, 0x19, 0x69, 0xe0, 0x69, 0xfa, 0x8c, 0xe0, 0x07,
+        0xa1, 0x80, 0x18, 0x3a, 0x07, 0xdf, 0xae, 0x17
+    };
+
+    byte output[SHA256_DIGEST_SIZE * 4];
+    int ret;
+
+    ret = wc_RNG_HealthTest(0, test1Entropy, sizeof(test1Entropy), NULL, 0,
+                            output, sizeof(output));
+    if (ret != 0)
+        return -39;
+
+    if (XMEMCMP(test1Output, output, sizeof(output)) != 0)
+        return -40;
+
+    ret = wc_RNG_HealthTest(1, test2EntropyA, sizeof(test2EntropyA),
+                            test2EntropyB, sizeof(test2EntropyB),
+                            output, sizeof(output));
+    if (ret != 0)
+        return -41;
+
+    if (XMEMCMP(test2Output, output, sizeof(output)) != 0)
+        return -42;
+
+    return 0;
+}
+
+#else /* HAVE_HASHDRBG || NO_RC4 */
+
+int random_test(void)
+{
+    RNG  rng;
+    byte block[32];
+    int ret;
+
+#ifdef HAVE_CAVIUM
+    ret = wc_InitRngCavium(&rng, CAVIUM_DEV_ID);
+    if (ret != 0) return -2007;
+#endif
+    ret = wc_InitRng(&rng);
+    if (ret != 0) return -39;
+
+    ret = wc_RNG_GenerateBlock(&rng, block, sizeof(block));
+    if (ret != 0) return -40;
+
+    return 0;
+}
+
+#endif /* HAVE_HASHDRBG || NO_RC4 */
+
+
+#ifdef HAVE_NTRU
+
+byte GetEntropy(ENTROPY_CMD cmd, byte* out);
+
+byte GetEntropy(ENTROPY_CMD cmd, byte* out)
+{
+    static RNG rng;
+
+    if (cmd == INIT)
+        return (wc_InitRng(&rng) == 0) ? 1 : 0;
+
+    if (out == NULL)
+        return 0;
+
+    if (cmd == GET_BYTE_OF_ENTROPY)
+        return (wc_RNG_GenerateBlock(&rng, out, 1) == 0) ? 1 : 0;
+
+    if (cmd == GET_NUM_BYTES_PER_BYTE_OF_ENTROPY) {
+        *out = 1;
+        return 1;
+    }
+
+    return 0;
+}
+
+#endif /* HAVE_NTRU */
+
+#ifndef NO_RSA
+
+#if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048)
+    #ifdef FREESCALE_MQX
+        static const char* clientKey  = "a:\\certs\\client-key.der";
+        static const char* clientCert = "a:\\certs\\client-cert.der";
+        #ifdef WOLFSSL_CERT_GEN
+            static const char* caKeyFile  = "a:\\certs\\ca-key.der";
+            static const char* caCertFile = "a:\\certs\\ca-cert.pem";
+            #ifdef HAVE_ECC
+                static const char* eccCaKeyFile  = "a:\\certs\\ecc-key.der";
+                static const char* eccCaCertFile = "a:\\certs\\server-ecc.pem";
+            #endif
+        #endif
+    #elif defined(WOLFSSL_MKD_SHELL)
+        static char* clientKey = "certs/client-key.der";
+        static char* clientCert = "certs/client-cert.der";
+        void set_clientKey(char *key) {  clientKey = key ; }
+        void set_clientCert(char *cert) {  clientCert = cert ; }
+        #ifdef WOLFSSL_CERT_GEN
+            static char* caKeyFile  = "certs/ca-key.der";
+            static char* caCertFile = "certs/ca-cert.pem";
+            void set_caKeyFile (char * key)  { caKeyFile   = key ; }
+            void set_caCertFile(char * cert) { caCertFile = cert ; }
+            #ifdef HAVE_ECC
+                static const char* eccCaKeyFile  = "certs/ecc-key.der";
+                static const char* eccCaCertFile = "certs/server-ecc.pem";
+                void set_eccCaKeyFile (char * key)  { eccCaKeyFile  = key ; }
+                void set_eccCaCertFile(char * cert) { eccCaCertFile = cert ; }
+            #endif
+        #endif
+    #else
+        static const char* clientKey  = "./certs/client-key.der";
+        static const char* clientCert = "./certs/client-cert.der";
+        #ifdef WOLFSSL_CERT_GEN
+            static const char* caKeyFile  = "./certs/ca-key.der";
+            static const char* caCertFile = "./certs/ca-cert.pem";
+            #ifdef HAVE_ECC
+                static const char* eccCaKeyFile  = "./certs/ecc-key.der";
+                static const char* eccCaCertFile = "./certs/server-ecc.pem";
+            #endif
+        #endif
+    #endif
+#endif
+
+
+
+#define FOURK_BUF 4096
+
+int rsa_test(void)
+{
+    byte*   tmp;
+    size_t bytes;
+    RsaKey key;
+    RNG    rng;
+    word32 idx = 0;
+    int    ret;
+    byte   in[] = "Everyone gets Friday off.";
+    word32 inLen = (word32)strlen((char*)in);
+    byte   out[256];
+    byte   plain[256];
+#if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048)
+    FILE*  file, * file2;
+#endif
+#ifdef WOLFSSL_TEST_CERT
+    DecodedCert cert;
+#endif
+
+    tmp = (byte*)malloc(FOURK_BUF);
+    if (tmp == NULL)
+        return -40;
+
+#ifdef USE_CERT_BUFFERS_1024
+    XMEMCPY(tmp, client_key_der_1024, sizeof_client_key_der_1024);
+    bytes = sizeof_client_key_der_1024;
+#elif defined(USE_CERT_BUFFERS_2048)
+    XMEMCPY(tmp, client_key_der_2048, sizeof_client_key_der_2048);
+    bytes = sizeof_client_key_der_2048;
+#else
+    file = fopen(clientKey, "rb");
+
+    if (!file) {
+        err_sys("can't open ./certs/client-key.der, "
+                "Please run from wolfSSL home dir", -40);
+        free(tmp);
+        return -40;
+    }
+
+    bytes = fread(tmp, 1, FOURK_BUF, file);
+    fclose(file);
+#endif /* USE_CERT_BUFFERS */
+
+#ifdef HAVE_CAVIUM
+    wc_RsaInitCavium(&key, CAVIUM_DEV_ID);
+#endif
+    ret = wc_InitRsaKey(&key, 0);
+    if (ret != 0) {
+        free(tmp);
+        return -39;
+    }
+    ret = wc_RsaPrivateKeyDecode(tmp, &idx, &key, (word32)bytes);
+    if (ret != 0) {
+        free(tmp);
+        return -41;
+    }
+    ret = wc_InitRng(&rng);
+    if (ret != 0) {
+        free(tmp);
+        return -42;
+    }
+    ret = wc_RsaPublicEncrypt(in, inLen, out, sizeof(out), &key, &rng);
+    if (ret < 0) {
+        free(tmp);
+        return -43;
+    }
+    ret = wc_RsaPrivateDecrypt(out, ret, plain, sizeof(plain), &key);
+    if (ret < 0) {
+        free(tmp);
+        return -44;
+    }
+    if (memcmp(plain, in, inLen)) {
+        free(tmp);
+        return -45;
+    }
+    ret = wc_RsaSSL_Sign(in, inLen, out, sizeof(out), &key, &rng);
+    if (ret < 0) {
+        free(tmp);
+        return -46;
+    }
+    memset(plain, 0, sizeof(plain));
+    ret = wc_RsaSSL_Verify(out, ret, plain, sizeof(plain), &key);
+    if (ret < 0) {
+        free(tmp);
+        return -47;
+    }
+    if (memcmp(plain, in, ret)) {
+        free(tmp);
+        return -48;
+    }
+#if defined(WOLFSSL_MDK_ARM)
+    #define sizeof(s) strlen((char *)(s))
+#endif
+
+#ifdef USE_CERT_BUFFERS_1024
+    XMEMCPY(tmp, client_cert_der_1024, sizeof_client_cert_der_1024);
+    bytes = sizeof_client_cert_der_1024;
+#elif defined(USE_CERT_BUFFERS_2048)
+    XMEMCPY(tmp, client_cert_der_2048, sizeof_client_cert_der_2048);
+    bytes = sizeof_client_cert_der_2048;
+#else
+    file2 = fopen(clientCert, "rb");
+    if (!file2) {
+        free(tmp);
+        return -49;
+    }
+
+    bytes = fread(tmp, 1, FOURK_BUF, file2);
+    fclose(file2);
+#endif
+
+#ifdef sizeof
+		#undef sizeof
+#endif
+
+#ifdef WOLFSSL_TEST_CERT
+    InitDecodedCert(&cert, tmp, (word32)bytes, 0);
+
+    ret = ParseCert(&cert, CERT_TYPE, NO_VERIFY, 0);
+    if (ret != 0) return -491;
+
+    FreeDecodedCert(&cert);
+#else
+    (void)bytes;
+#endif
+
+
+#ifdef WOLFSSL_KEY_GEN
+    {
+        byte*  der;
+        byte*  pem;
+        int    derSz = 0;
+        int    pemSz = 0;
+        RsaKey derIn;
+        RsaKey genKey;
+        FILE*  keyFile;
+        FILE*  pemFile;
+
+        ret = wc_InitRsaKey(&genKey, 0);
+        if (ret != 0)
+            return -300;
+        ret = wc_MakeRsaKey(&genKey, 1024, 65537, &rng);
+        if (ret != 0)
+            return -301;
+
+        der = (byte*)malloc(FOURK_BUF);
+        if (der == NULL) {
+            wc_FreeRsaKey(&genKey);
+            return -307;
+        }
+        pem = (byte*)malloc(FOURK_BUF);
+        if (pem == NULL) {
+            free(der);
+            wc_FreeRsaKey(&genKey);
+            return -308;
+        }
+
+        derSz = wc_RsaKeyToDer(&genKey, der, FOURK_BUF);
+        if (derSz < 0) {
+            free(der);
+            free(pem);
+            return -302;
+        }
+
+        keyFile = fopen("./key.der", "wb");
+        if (!keyFile) {
+            free(der);
+            free(pem);
+            wc_FreeRsaKey(&genKey);
+            return -303;
+        }
+        ret = (int)fwrite(der, 1, derSz, keyFile);
+        fclose(keyFile);
+        if (ret != derSz) {
+            free(der);
+            free(pem);
+            wc_FreeRsaKey(&genKey);
+            return -313;
+        }
+
+        pemSz = wc_DerToPem(der, derSz, pem, FOURK_BUF, PRIVATEKEY_TYPE);
+        if (pemSz < 0) {
+            free(der);
+            free(pem);
+            wc_FreeRsaKey(&genKey);
+            return -304;
+        }
+
+        pemFile = fopen("./key.pem", "wb");
+        if (!pemFile) {
+            free(der);
+            free(pem);
+            wc_FreeRsaKey(&genKey);
+            return -305;
+        }
+        ret = (int)fwrite(pem, 1, pemSz, pemFile);
+        fclose(pemFile);
+        if (ret != pemSz) {
+            free(der);
+            free(pem);
+            wc_FreeRsaKey(&genKey);
+            return -314;
+        }
+
+        ret = wc_InitRsaKey(&derIn, 0);
+        if (ret != 0) {
+            free(der);
+            free(pem);
+            wc_FreeRsaKey(&genKey);
+            return -3060;
+        }
+        idx = 0;
+        ret = wc_RsaPrivateKeyDecode(der, &idx, &derIn, derSz);
+        if (ret != 0) {
+            free(der);
+            free(pem);
+            wc_FreeRsaKey(&derIn);
+            wc_FreeRsaKey(&genKey);
+            return -306;
+        }
+
+        wc_FreeRsaKey(&derIn);
+        wc_FreeRsaKey(&genKey);
+        free(pem);
+        free(der);
+    }
+#endif /* WOLFSSL_KEY_GEN */
+
+
+#ifdef WOLFSSL_CERT_GEN
+    /* self signed */
+    {
+        Cert        myCert;
+        byte*       derCert;
+        byte*       pem;
+        FILE*       derFile;
+        FILE*       pemFile;
+        int         certSz;
+        int         pemSz;
+#ifdef WOLFSSL_TEST_CERT
+        DecodedCert decode;
+#endif
+
+        derCert = (byte*)malloc(FOURK_BUF);
+        if (derCert == NULL)
+            return -309;
+        pem = (byte*)malloc(FOURK_BUF);
+        if (pem == NULL) {
+            free(derCert);
+            return -310;
+        }
+
+        wc_InitCert(&myCert);
+
+        strncpy(myCert.subject.country, "US", CTC_NAME_SIZE);
+        strncpy(myCert.subject.state, "OR", CTC_NAME_SIZE);
+        strncpy(myCert.subject.locality, "Portland", CTC_NAME_SIZE);
+        strncpy(myCert.subject.org, "yaSSL", CTC_NAME_SIZE);
+        strncpy(myCert.subject.unit, "Development", CTC_NAME_SIZE);
+        strncpy(myCert.subject.commonName, "www.yassl.com", CTC_NAME_SIZE);
+        strncpy(myCert.subject.email, "info@yassl.com", CTC_NAME_SIZE);
+        myCert.isCA    = 1;
+        myCert.sigType = CTC_SHA256wRSA;
+
+        certSz = wc_MakeSelfCert(&myCert, derCert, FOURK_BUF, &key, &rng);
+        if (certSz < 0) {
+            free(derCert);
+            free(pem);
+            return -401;
+        }
+
+#ifdef WOLFSSL_TEST_CERT
+        InitDecodedCert(&decode, derCert, certSz, 0);
+        ret = ParseCert(&decode, CERT_TYPE, NO_VERIFY, 0);
+        if (ret != 0) {
+            free(derCert);
+            free(pem);
+            return -402;
+        }
+        FreeDecodedCert(&decode);
+#endif
+        derFile = fopen("./cert.der", "wb");
+        if (!derFile) {
+            free(derCert);
+            free(pem);
+            return -403;
+        }
+        ret = (int)fwrite(derCert, 1, certSz, derFile);
+        fclose(derFile);
+        if (ret != certSz) {
+            free(derCert);
+            free(pem);
+            return -414;
+        }
+
+        pemSz = wc_DerToPem(derCert, certSz, pem, FOURK_BUF, CERT_TYPE);
+        if (pemSz < 0) {
+            free(derCert);
+            free(pem);
+            return -404;
+        }
+
+        pemFile = fopen("./cert.pem", "wb");
+        if (!pemFile) {
+            free(derCert);
+            free(pem);
+            return -405;
+        }
+        ret = (int)fwrite(pem, 1, pemSz, pemFile);
+        fclose(pemFile);
+        if (ret != pemSz) {
+            free(derCert);
+            free(pem);
+            return -406;
+        }
+        free(pem);
+        free(derCert);
+    }
+    /* CA style */
+    {
+        RsaKey      caKey;
+        Cert        myCert;
+        byte*       derCert;
+        byte*       pem;
+        FILE*       derFile;
+        FILE*       pemFile;
+        int         certSz;
+        int         pemSz;
+        size_t      bytes3;
+        word32      idx3 = 0;
+        FILE*       file3 ;
+#ifdef WOLFSSL_TEST_CERT
+        DecodedCert decode;
+#endif
+
+        derCert = (byte*)malloc(FOURK_BUF);
+        if (derCert == NULL)
+            return -311;
+        pem = (byte*)malloc(FOURK_BUF);
+        if (pem == NULL) {
+            free(derCert);
+            return -312;
+        }
+
+        file3 = fopen(caKeyFile, "rb");
+
+        if (!file3) {
+            free(derCert);
+            free(pem);
+            return -412;
+        }
+
+        bytes3 = fread(tmp, 1, FOURK_BUF, file3);
+        fclose(file3);
+
+        ret = wc_InitRsaKey(&caKey, 0);
+        if (ret != 0) {
+            free(derCert);
+            free(pem);
+            return -411;
+        }
+        ret = wc_RsaPrivateKeyDecode(tmp, &idx3, &caKey, (word32)bytes3);
+        if (ret != 0) {
+            free(derCert);
+            free(pem);
+            wc_FreeRsaKey(&caKey);
+            return -413;
+        }
+
+        wc_InitCert(&myCert);
+
+        strncpy(myCert.subject.country, "US", CTC_NAME_SIZE);
+        strncpy(myCert.subject.state, "OR", CTC_NAME_SIZE);
+        strncpy(myCert.subject.locality, "Portland", CTC_NAME_SIZE);
+        strncpy(myCert.subject.org, "yaSSL", CTC_NAME_SIZE);
+        strncpy(myCert.subject.unit, "Development", CTC_NAME_SIZE);
+        strncpy(myCert.subject.commonName, "www.yassl.com", CTC_NAME_SIZE);
+        strncpy(myCert.subject.email, "info@yassl.com", CTC_NAME_SIZE);
+
+        ret = wc_SetIssuer(&myCert, caCertFile);
+        if (ret < 0) {
+            free(derCert);
+            free(pem);
+            wc_FreeRsaKey(&caKey);
+            return -405;
+        }
+
+        certSz = wc_MakeCert(&myCert, derCert, FOURK_BUF, &key, NULL, &rng);
+        if (certSz < 0) {
+            free(derCert);
+            free(pem);
+            wc_FreeRsaKey(&caKey);
+            return -407;
+        }
+
+        certSz = wc_SignCert(myCert.bodySz, myCert.sigType, derCert, FOURK_BUF,
+                          &caKey, NULL, &rng);
+        if (certSz < 0) {
+            free(derCert);
+            free(pem);
+            wc_FreeRsaKey(&caKey);
+            return -408;
+        }
+
+
+#ifdef WOLFSSL_TEST_CERT
+        InitDecodedCert(&decode, derCert, certSz, 0);
+        ret = ParseCert(&decode, CERT_TYPE, NO_VERIFY, 0);
+        if (ret != 0) {
+            free(derCert);
+            free(pem);
+            wc_FreeRsaKey(&caKey);
+            return -409;
+        }
+        FreeDecodedCert(&decode);
+#endif
+
+        derFile = fopen("./othercert.der", "wb");
+        if (!derFile) {
+            free(derCert);
+            free(pem);
+            wc_FreeRsaKey(&caKey);
+            return -410;
+        }
+        ret = (int)fwrite(derCert, 1, certSz, derFile);
+        fclose(derFile);
+        if (ret != certSz) {
+            free(derCert);
+            free(pem);
+            wc_FreeRsaKey(&caKey);
+            return -416;
+        }
+
+        pemSz = wc_DerToPem(derCert, certSz, pem, FOURK_BUF, CERT_TYPE);
+        if (pemSz < 0) {
+            free(derCert);
+            free(pem);
+            wc_FreeRsaKey(&caKey);
+            return -411;
+        }
+
+        pemFile = fopen("./othercert.pem", "wb");
+        if (!pemFile) {
+            free(derCert);
+            free(pem);
+            wc_FreeRsaKey(&caKey);
+            return -412;
+        }
+        ret = (int)fwrite(pem, 1, pemSz, pemFile);
+        if (ret != pemSz) {
+            free(derCert);
+            free(pem);
+            wc_FreeRsaKey(&caKey);
+            return -415;
+        }
+        fclose(pemFile);
+        free(pem);
+        free(derCert);
+        wc_FreeRsaKey(&caKey);
+    }
+#ifdef HAVE_ECC
+    /* ECC CA style */
+    {
+        ecc_key     caKey;
+        Cert        myCert;
+        byte*       derCert;
+        byte*       pem;
+        FILE*       derFile;
+        FILE*       pemFile;
+        int         certSz;
+        int         pemSz;
+        size_t      bytes3;
+        word32      idx3 = 0;
+        FILE*       file3;
+#ifdef WOLFSSL_TEST_CERT
+        DecodedCert decode;
+#endif
+
+        derCert = (byte*)malloc(FOURK_BUF);
+        if (derCert == NULL)
+            return -5311;
+        pem = (byte*)malloc(FOURK_BUF);
+        if (pem == NULL) {
+            free(derCert);
+            return -5312;
+        }
+
+        file3 = fopen(eccCaKeyFile, "rb");
+
+        if (!file3) {
+            free(derCert);
+            free(pem);
+            return -5412;
+        }
+
+        bytes3 = fread(tmp, 1, FOURK_BUF, file3);
+        fclose(file3);
+
+        wc_ecc_init(&caKey);
+        ret = wc_EccPrivateKeyDecode(tmp, &idx3, &caKey, (word32)bytes3);
+        if (ret != 0) {
+            free(derCert);
+            free(pem);
+            return -5413;
+        }
+
+        wc_InitCert(&myCert);
+        myCert.sigType = CTC_SHA256wECDSA;
+
+        strncpy(myCert.subject.country, "US", CTC_NAME_SIZE);
+        strncpy(myCert.subject.state, "OR", CTC_NAME_SIZE);
+        strncpy(myCert.subject.locality, "Portland", CTC_NAME_SIZE);
+        strncpy(myCert.subject.org, "wolfSSL", CTC_NAME_SIZE);
+        strncpy(myCert.subject.unit, "Development", CTC_NAME_SIZE);
+        strncpy(myCert.subject.commonName, "www.wolfssl.com", CTC_NAME_SIZE);
+        strncpy(myCert.subject.email, "info@wolfssl.com", CTC_NAME_SIZE);
+
+        ret = wc_SetIssuer(&myCert, eccCaCertFile);
+        if (ret < 0) {
+            free(pem);
+            free(derCert);
+            wc_ecc_free(&caKey);
+            return -5405;
+        }
+
+        certSz = wc_MakeCert(&myCert, derCert, FOURK_BUF, NULL, &caKey, &rng);
+        if (certSz < 0) {
+            free(pem);
+            free(derCert);
+            wc_ecc_free(&caKey);
+            return -5407;
+        }
+
+        certSz = wc_SignCert(myCert.bodySz, myCert.sigType, derCert, FOURK_BUF,
+                          NULL, &caKey, &rng);
+        if (certSz < 0) {
+            free(pem);
+            free(derCert);
+            wc_ecc_free(&caKey);
+            return -5408;
+        }
+
+#ifdef WOLFSSL_TEST_CERT
+        InitDecodedCert(&decode, derCert, certSz, 0);
+        ret = ParseCert(&decode, CERT_TYPE, NO_VERIFY, 0);
+        if (ret != 0) {
+            free(pem);
+            free(derCert);
+            wc_ecc_free(&caKey);
+            return -5409;
+        }
+        FreeDecodedCert(&decode);
+#endif
+
+        derFile = fopen("./certecc.der", "wb");
+        if (!derFile) {
+            free(pem);
+            free(derCert);
+            wc_ecc_free(&caKey);
+            return -5410;
+        }
+        ret = (int)fwrite(derCert, 1, certSz, derFile);
+        fclose(derFile);
+        if (ret != certSz) {
+            free(pem);
+            free(derCert);
+            wc_ecc_free(&caKey);
+            return -5414;
+        }
+
+        pemSz = wc_DerToPem(derCert, certSz, pem, FOURK_BUF, CERT_TYPE);
+        if (pemSz < 0) {
+            free(pem);
+            free(derCert);
+            wc_ecc_free(&caKey);
+            return -5411;
+        }
+
+        pemFile = fopen("./certecc.pem", "wb");
+        if (!pemFile) {
+            free(pem);
+            free(derCert);
+            wc_ecc_free(&caKey);
+            return -5412;
+        }
+        ret = (int)fwrite(pem, 1, pemSz, pemFile);
+        if (ret != pemSz) {
+            free(pem);
+            free(derCert);
+            wc_ecc_free(&caKey);
+            return -5415;
+        }
+        fclose(pemFile);
+        free(pem);
+        free(derCert);
+        wc_ecc_free(&caKey);
+    }
+#endif /* HAVE_ECC */
+#ifdef HAVE_NTRU
+    {
+        RsaKey      caKey;
+        Cert        myCert;
+        byte*       derCert;
+        byte*       pem;
+        FILE*       derFile;
+        FILE*       pemFile;
+        FILE*       caFile;
+        FILE*       ntruPrivFile;
+        int         certSz;
+        int         pemSz;
+        word32      idx3;
+#ifdef WOLFSSL_TEST_CERT
+        DecodedCert decode;
+#endif
+        derCert = (byte*)malloc(FOURK_BUF);
+        if (derCert == NULL)
+            return -311;
+        pem = (byte*)malloc(FOURK_BUF);
+        if (pem == NULL) {
+            free(derCert);
+            return -312;
+        }
+
+        byte   public_key[557];          /* sized for EES401EP2 */
+        word16 public_key_len;           /* no. of octets in public key */
+        byte   private_key[607];         /* sized for EES401EP2 */
+        word16 private_key_len;          /* no. of octets in private key */
+        DRBG_HANDLE drbg;
+        static uint8_t const pers_str[] = {
+                'C', 'y', 'a', 'S', 'S', 'L', ' ', 't', 'e', 's', 't'
+        };
+        word32 rc = ntru_crypto_drbg_instantiate(112, pers_str,
+                          sizeof(pers_str), GetEntropy, &drbg);
+        if (rc != DRBG_OK) {
+            free(derCert);
+            free(pem);
+            return -448;
+        }
+
+        rc = ntru_crypto_ntru_encrypt_keygen(drbg, NTRU_EES401EP2,
+                                             &public_key_len, NULL,
+                                             &private_key_len, NULL);
+        if (rc != NTRU_OK) {
+            free(derCert);
+            free(pem);
+            return -449;
+        }
+
+        rc = ntru_crypto_ntru_encrypt_keygen(drbg, NTRU_EES401EP2,
+                                             &public_key_len, public_key,
+                                             &private_key_len, private_key);
+        if (rc != NTRU_OK) {
+            free(derCert);
+            free(pem);
+            return -450;
+        }
+
+        rc = ntru_crypto_drbg_uninstantiate(drbg);
+
+        if (rc != NTRU_OK) {
+            free(derCert);
+            free(pem);
+            return -451;
+        }
+
+        caFile = fopen(caKeyFile, "rb");
+
+        if (!caFile) {
+            free(derCert);
+            free(pem);
+            return -452;
+        }
+
+        bytes = fread(tmp, 1, FOURK_BUF, caFile);
+        fclose(caFile);
+
+        ret = wc_InitRsaKey(&caKey, 0);
+        if (ret != 0) {
+            free(derCert);
+            free(pem);
+            return -453;
+        }
+        ret = wc_RsaPrivateKeyDecode(tmp, &idx3, &caKey, (word32)bytes);
+        if (ret != 0) {
+            free(derCert);
+            free(pem);
+            return -454;
+        }
+
+        wc_InitCert(&myCert);
+
+        strncpy(myCert.subject.country, "US", CTC_NAME_SIZE);
+        strncpy(myCert.subject.state, "OR", CTC_NAME_SIZE);
+        strncpy(myCert.subject.locality, "Portland", CTC_NAME_SIZE);
+        strncpy(myCert.subject.org, "yaSSL", CTC_NAME_SIZE);
+        strncpy(myCert.subject.unit, "Development", CTC_NAME_SIZE);
+        strncpy(myCert.subject.commonName, "www.yassl.com", CTC_NAME_SIZE);
+        strncpy(myCert.subject.email, "info@yassl.com", CTC_NAME_SIZE);
+
+        ret = wc_SetIssuer(&myCert, caCertFile);
+        if (ret < 0) {
+            free(derCert);
+            free(pem);
+            wc_FreeRsaKey(&caKey);
+            return -455;
+        }
+
+        certSz = wc_MakeNtruCert(&myCert, derCert, FOURK_BUF, public_key,
+                              public_key_len, &rng);
+        if (certSz < 0) {
+            free(derCert);
+            free(pem);
+            wc_FreeRsaKey(&caKey);
+            return -456;
+        }
+
+        certSz = wc_SignCert(myCert.bodySz, myCert.sigType, derCert, FOURK_BUF,
+                          &caKey, NULL, &rng);
+        wc_FreeRsaKey(&caKey);
+        if (certSz < 0) {
+            free(derCert);
+            free(pem);
+            return -457;
+        }
+
+
+#ifdef WOLFSSL_TEST_CERT
+        InitDecodedCert(&decode, derCert, certSz, 0);
+        ret = ParseCert(&decode, CERT_TYPE, NO_VERIFY, 0);
+        if (ret != 0) {
+            free(derCert);
+            free(pem);
+            return -458;
+        }
+        FreeDecodedCert(&decode);
+#endif
+        derFile = fopen("./ntru-cert.der", "wb");
+        if (!derFile) {
+            free(derCert);
+            free(pem);
+            return -459;
+        }
+        ret = (int)fwrite(derCert, 1, certSz, derFile);
+        fclose(derFile);
+        if (ret != certSz) {
+            free(derCert);
+            free(pem);
+            return -473;
+        }
+
+        pemSz = wc_DerToPem(derCert, certSz, pem, FOURK_BUF, CERT_TYPE);
+        if (pemSz < 0) {
+            free(derCert);
+            free(pem);
+            return -460;
+        }
+
+        pemFile = fopen("./ntru-cert.pem", "wb");
+        if (!pemFile) {
+            free(derCert);
+            free(pem);
+            return -461;
+        }
+        ret = (int)fwrite(pem, 1, pemSz, pemFile);
+        fclose(pemFile);
+        if (ret != pemSz) {
+            free(derCert);
+            free(pem);
+            return -474;
+        }
+
+        ntruPrivFile = fopen("./ntru-key.raw", "wb");
+        if (!ntruPrivFile) {
+            free(derCert);
+            free(pem);
+            return -462;
+        }
+        ret = (int)fwrite(private_key, 1, private_key_len, ntruPrivFile);
+        fclose(ntruPrivFile);
+        if (ret != private_key_len) {
+            free(pem);
+            free(derCert);
+            return -475;
+        }
+        free(pem);
+        free(derCert);
+    }
+#endif /* HAVE_NTRU */
+#ifdef WOLFSSL_CERT_REQ
+    {
+        Cert        req;
+        byte*       der;
+        byte*       pem;
+        int         derSz;
+        int         pemSz;
+        FILE*       reqFile;
+
+        der = (byte*)malloc(FOURK_BUF);
+        if (der == NULL)
+            return -463;
+        pem = (byte*)malloc(FOURK_BUF);
+        if (pem == NULL) {
+            free(der);
+            return -464;
+        }
+
+        wc_InitCert(&req);
+
+        req.version = 0;
+        req.isCA    = 1;
+        strncpy(req.challengePw, "yassl123", CTC_NAME_SIZE);
+        strncpy(req.subject.country, "US", CTC_NAME_SIZE);
+        strncpy(req.subject.state, "OR", CTC_NAME_SIZE);
+        strncpy(req.subject.locality, "Portland", CTC_NAME_SIZE);
+        strncpy(req.subject.org, "yaSSL", CTC_NAME_SIZE);
+        strncpy(req.subject.unit, "Development", CTC_NAME_SIZE);
+        strncpy(req.subject.commonName, "www.yassl.com", CTC_NAME_SIZE);
+        strncpy(req.subject.email, "info@yassl.com", CTC_NAME_SIZE);
+        req.sigType = CTC_SHA256wRSA;
+
+        derSz = wc_MakeCertReq(&req, der, FOURK_BUF, &key, NULL);
+        if (derSz < 0) {
+            free(pem);
+            free(der);
+            return -465;
+        }
+
+        derSz = wc_SignCert(req.bodySz, req.sigType, der, FOURK_BUF,
+                          &key, NULL, &rng);
+        if (derSz < 0) {
+            free(pem);
+            free(der);
+            return -466;
+        }
+
+        pemSz = wc_DerToPem(der, derSz, pem, FOURK_BUF, CERTREQ_TYPE);
+        if (pemSz < 0) {
+            free(pem);
+            free(der);
+            return -467;
+        }
+
+        reqFile = fopen("./certreq.der", "wb");
+        if (!reqFile) {
+            free(pem);
+            free(der);
+            return -468;
+        }
+
+        ret = (int)fwrite(der, 1, derSz, reqFile);
+        fclose(reqFile);
+        if (ret != derSz) {
+            free(pem);
+            free(der);
+            return -471;
+        }
+
+        reqFile = fopen("./certreq.pem", "wb");
+        if (!reqFile) {
+            free(pem);
+            free(der);
+            return -469;
+        }
+        ret = (int)fwrite(pem, 1, pemSz, reqFile);
+        fclose(reqFile);
+        if (ret != pemSz) {
+            free(pem);
+            free(der);
+            return -470;
+        }
+
+        free(pem);
+        free(der);
+    }
+#endif /* WOLFSSL_CERT_REQ */
+#endif /* WOLFSSL_CERT_GEN */
+
+    wc_FreeRsaKey(&key);
+#ifdef HAVE_CAVIUM
+    wc_RsaFreeCavium(&key);
+#endif
+    free(tmp);
+
+#if defined(HAVE_HASHDRBG) || defined(NO_RC4)
+    wc_FreeRng(&rng);
+#endif
+
+    return 0;
+}
+
+#endif
+
+
+#ifndef NO_DH
+
+#if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048)
+    #ifdef FREESCALE_MQX
+        static const char* dhKey = "a:\\certs\\dh2048.der";
+    #else
+        static const char* dhKey = "./certs/dh2048.der";
+    #endif
+#endif
+
+int dh_test(void)
+{
+    int    ret;
+    word32 bytes;
+    word32 idx = 0, privSz, pubSz, privSz2, pubSz2, agreeSz, agreeSz2;
+    byte   tmp[1024];
+    byte   priv[256];
+    byte   pub[256];
+    byte   priv2[256];
+    byte   pub2[256];
+    byte   agree[256];
+    byte   agree2[256];
+    DhKey  key;
+    DhKey  key2;
+    RNG    rng;
+
+
+#ifdef USE_CERT_BUFFERS_1024
+    XMEMCPY(tmp, dh_key_der_1024, sizeof_dh_key_der_1024);
+    bytes = sizeof_dh_key_der_1024;
+#elif defined(USE_CERT_BUFFERS_2048)
+    XMEMCPY(tmp, dh_key_der_2048, sizeof_dh_key_der_2048);
+    bytes = sizeof_dh_key_der_2048;
+#else
+    FILE*  file = fopen(dhKey, "rb");
+
+    if (!file)
+        return -50;
+
+    bytes = (word32) fread(tmp, 1, sizeof(tmp), file);
+    fclose(file);
+#endif /* USE_CERT_BUFFERS */
+
+    wc_InitDhKey(&key);
+    wc_InitDhKey(&key2);
+    ret = wc_DhKeyDecode(tmp, &idx, &key, bytes);
+    if (ret != 0)
+        return -51;
+
+    idx = 0;
+    ret = wc_DhKeyDecode(tmp, &idx, &key2, bytes);
+    if (ret != 0)
+        return -52;
+
+    ret = wc_InitRng(&rng);
+    if (ret != 0)
+        return -53;
+
+    ret =  wc_DhGenerateKeyPair(&key, &rng, priv, &privSz, pub, &pubSz);
+    ret += wc_DhGenerateKeyPair(&key2, &rng, priv2, &privSz2, pub2, &pubSz2);
+    if (ret != 0)
+        return -54;
+
+    ret =  wc_DhAgree(&key, agree, &agreeSz, priv, privSz, pub2, pubSz2);
+    ret += wc_DhAgree(&key2, agree2, &agreeSz2, priv2, privSz2, pub, pubSz);
+    if (ret != 0)
+        return -55;
+
+    if (memcmp(agree, agree2, agreeSz))
+        return -56;
+
+    wc_FreeDhKey(&key);
+    wc_FreeDhKey(&key2);
+
+#if defined(HAVE_HASHDRBG) || defined(NO_RC4)
+    wc_FreeRng(&rng);
+#endif
+
+    return 0;
+}
+
+#endif /* NO_DH */
+
+
+#ifndef NO_DSA
+
+#if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048)
+    #ifdef FREESCALE_MQX
+        static const char* dsaKey = "a:\\certs\\dsa2048.der";
+    #else
+        static const char* dsaKey = "./certs/dsa2048.der";
+    #endif
+#endif
+
+int dsa_test(void)
+{
+    int    ret, answer;
+    word32 bytes;
+    word32 idx = 0;
+    byte   tmp[1024];
+    DsaKey key;
+    RNG    rng;
+    Sha    sha;
+    byte   hash[SHA_DIGEST_SIZE];
+    byte   signature[40];
+
+
+#ifdef USE_CERT_BUFFERS_1024
+    XMEMCPY(tmp, dsa_key_der_1024, sizeof_dsa_key_der_1024);
+    bytes = sizeof_dsa_key_der_1024;
+#elif defined(USE_CERT_BUFFERS_2048)
+    XMEMCPY(tmp, dsa_key_der_2048, sizeof_dsa_key_der_2048);
+    bytes = sizeof_dsa_key_der_2048;
+#else
+    FILE*  file = fopen(dsaKey, "rb");
+
+    if (!file)
+        return -60;
+
+    bytes = (word32) fread(tmp, 1, sizeof(tmp), file);
+    fclose(file);
+#endif /* USE_CERT_BUFFERS */
+
+    ret = wc_InitSha(&sha);
+    if (ret != 0)
+        return -4002;
+    wc_ShaUpdate(&sha, tmp, bytes);
+    wc_ShaFinal(&sha, hash);
+
+    wc_InitDsaKey(&key);
+    ret = wc_DsaPrivateKeyDecode(tmp, &idx, &key, bytes);
+    if (ret != 0) return -61;
+
+    ret = wc_InitRng(&rng);
+    if (ret != 0) return -62;
+
+    ret = wc_DsaSign(hash, signature, &key, &rng);
+    if (ret != 0) return -63;
+
+    ret = wc_DsaVerify(hash, signature, &key, &answer);
+    if (ret != 0) return -64;
+    if (answer != 1) return -65;
+
+    wc_FreeDsaKey(&key);
+
+    return 0;
+}
+
+#endif /* NO_DSA */
+
+
+#ifdef OPENSSL_EXTRA
+
+int openssl_test(void)
+{
+    EVP_MD_CTX md_ctx;
+    testVector a, b, c, d, e, f;
+    byte       hash[SHA_DIGEST_SIZE*4];  /* max size */
+
+    (void)e;
+    (void)f;
+
+    a.input  = "1234567890123456789012345678901234567890123456789012345678"
+               "9012345678901234567890";
+    a.output = "\x57\xed\xf4\xa2\x2b\xe3\xc9\x55\xac\x49\xda\x2e\x21\x07\xb6"
+               "\x7a";
+    a.inLen  = strlen(a.input);
+    a.outLen = MD5_DIGEST_SIZE;
+
+    EVP_MD_CTX_init(&md_ctx);
+    EVP_DigestInit(&md_ctx, EVP_md5());
+
+    EVP_DigestUpdate(&md_ctx, a.input, (unsigned long)a.inLen);
+    EVP_DigestFinal(&md_ctx, hash, 0);
+
+    if (memcmp(hash, a.output, MD5_DIGEST_SIZE) != 0)
+        return -71;
+
+    b.input  = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
+               "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
+               "aaaaaaaaaa";
+    b.output = "\xAD\x5B\x3F\xDB\xCB\x52\x67\x78\xC2\x83\x9D\x2F\x15\x1E\xA7"
+               "\x53\x99\x5E\x26\xA0";
+    b.inLen  = strlen(b.input);
+    b.outLen = SHA_DIGEST_SIZE;
+
+    EVP_MD_CTX_init(&md_ctx);
+    EVP_DigestInit(&md_ctx, EVP_sha1());
+
+    EVP_DigestUpdate(&md_ctx, b.input, (unsigned long)b.inLen);
+    EVP_DigestFinal(&md_ctx, hash, 0);
+
+    if (memcmp(hash, b.output, SHA_DIGEST_SIZE) != 0)
+        return -72;
+
+
+    d.input  = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq";
+    d.output = "\x24\x8D\x6A\x61\xD2\x06\x38\xB8\xE5\xC0\x26\x93\x0C\x3E\x60"
+               "\x39\xA3\x3C\xE4\x59\x64\xFF\x21\x67\xF6\xEC\xED\xD4\x19\xDB"
+               "\x06\xC1";
+    d.inLen  = strlen(d.input);
+    d.outLen = SHA256_DIGEST_SIZE;
+
+    EVP_MD_CTX_init(&md_ctx);
+    EVP_DigestInit(&md_ctx, EVP_sha256());
+
+    EVP_DigestUpdate(&md_ctx, d.input, (unsigned long)d.inLen);
+    EVP_DigestFinal(&md_ctx, hash, 0);
+
+    if (memcmp(hash, d.output, SHA256_DIGEST_SIZE) != 0)
+        return -78;
+
+#ifdef WOLFSSL_SHA384
+
+    e.input  = "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhi"
+               "jklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu";
+    e.output = "\x09\x33\x0c\x33\xf7\x11\x47\xe8\x3d\x19\x2f\xc7\x82\xcd\x1b"
+               "\x47\x53\x11\x1b\x17\x3b\x3b\x05\xd2\x2f\xa0\x80\x86\xe3\xb0"
+               "\xf7\x12\xfc\xc7\xc7\x1a\x55\x7e\x2d\xb9\x66\xc3\xe9\xfa\x91"
+               "\x74\x60\x39";
+    e.inLen  = strlen(e.input);
+    e.outLen = SHA384_DIGEST_SIZE;
+
+    EVP_MD_CTX_init(&md_ctx);
+    EVP_DigestInit(&md_ctx, EVP_sha384());
+
+    EVP_DigestUpdate(&md_ctx, e.input, e.inLen);
+    EVP_DigestFinal(&md_ctx, hash, 0);
+
+    if (memcmp(hash, e.output, SHA384_DIGEST_SIZE) != 0)
+        return -79;
+
+#endif /* WOLFSSL_SHA384 */
+
+
+#ifdef WOLFSSL_SHA512
+
+    f.input  = "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhi"
+               "jklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu";
+    f.output = "\x8e\x95\x9b\x75\xda\xe3\x13\xda\x8c\xf4\xf7\x28\x14\xfc\x14"
+               "\x3f\x8f\x77\x79\xc6\xeb\x9f\x7f\xa1\x72\x99\xae\xad\xb6\x88"
+               "\x90\x18\x50\x1d\x28\x9e\x49\x00\xf7\xe4\x33\x1b\x99\xde\xc4"
+               "\xb5\x43\x3a\xc7\xd3\x29\xee\xb6\xdd\x26\x54\x5e\x96\xe5\x5b"
+               "\x87\x4b\xe9\x09";
+    f.inLen  = strlen(f.input);
+    f.outLen = SHA512_DIGEST_SIZE;
+
+    EVP_MD_CTX_init(&md_ctx);
+    EVP_DigestInit(&md_ctx, EVP_sha512());
+
+    EVP_DigestUpdate(&md_ctx, f.input, (unsigned long)f.inLen);
+    EVP_DigestFinal(&md_ctx, hash, 0);
+
+    if (memcmp(hash, f.output, SHA512_DIGEST_SIZE) != 0)
+        return -80;
+
+#endif /* WOLFSSL_SHA512 */
+
+
+    if (RAND_bytes(hash, sizeof(hash)) != 1)
+        return -73;
+
+    c.input  = "what do ya want for nothing?";
+    c.output = "\x75\x0c\x78\x3e\x6a\xb0\xb5\x03\xea\xa8\x6e\x31\x0a\x5d\xb7"
+               "\x38";
+    c.inLen  = strlen(c.input);
+    c.outLen = MD5_DIGEST_SIZE;
+
+    HMAC(EVP_md5(), "Jefe", 4, (byte*)c.input, (int)c.inLen, hash, 0);
+
+    if (memcmp(hash, c.output, MD5_DIGEST_SIZE) != 0)
+        return -74;
+
+    { /* des test */
+    const byte vector[] = { /* "now is the time for all " w/o trailing 0 */
+        0x6e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74,
+        0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20,
+        0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20
+    };
+
+    byte plain[24];
+    byte cipher[24];
+
+    const_DES_cblock key =
+    {
+        0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef
+    };
+
+    DES_cblock iv =
+    {
+        0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef
+    };
+
+    DES_key_schedule sched;
+
+    const byte verify[] =
+    {
+        0x8b,0x7c,0x52,0xb0,0x01,0x2b,0x6c,0xb8,
+        0x4f,0x0f,0xeb,0xf3,0xfb,0x5f,0x86,0x73,
+        0x15,0x85,0xb3,0x22,0x4b,0x86,0x2b,0x4b
+    };
+
+    DES_key_sched(&key, &sched);
+
+    DES_cbc_encrypt(vector, cipher, sizeof(vector), &sched, &iv, DES_ENCRYPT);
+    DES_cbc_encrypt(cipher, plain, sizeof(vector), &sched, &iv, DES_DECRYPT);
+
+    if (memcmp(plain, vector, sizeof(vector)) != 0)
+        return -75;
+
+    if (memcmp(cipher, verify, sizeof(verify)) != 0)
+        return -76;
+
+        /* test changing iv */
+    DES_ncbc_encrypt(vector, cipher, 8, &sched, &iv, DES_ENCRYPT);
+    DES_ncbc_encrypt(vector + 8, cipher + 8, 16, &sched, &iv, DES_ENCRYPT);
+
+    if (memcmp(cipher, verify, sizeof(verify)) != 0)
+        return -77;
+
+    }  /* end des test */
+
+    {  /* evp_cipher test */
+        EVP_CIPHER_CTX ctx;
+
+
+        const byte msg[] = { /* "Now is the time for all " w/o trailing 0 */
+            0x6e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74,
+            0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20,
+            0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20
+        };
+
+        const byte verify[] =
+        {
+            0x95,0x94,0x92,0x57,0x5f,0x42,0x81,0x53,
+            0x2c,0xcc,0x9d,0x46,0x77,0xa2,0x33,0xcb
+        };
+
+        byte key[] = "0123456789abcdef   ";  /* align */
+        byte iv[]  = "1234567890abcdef   ";  /* align */
+
+        byte cipher[AES_BLOCK_SIZE * 4];
+        byte plain [AES_BLOCK_SIZE * 4];
+
+        EVP_CIPHER_CTX_init(&ctx);
+        if (EVP_CipherInit(&ctx, EVP_aes_128_cbc(), key, iv, 1) == 0)
+            return -81;
+
+        if (EVP_Cipher(&ctx, cipher, (byte*)msg, 16) == 0)
+            return -82;
+
+        if (memcmp(cipher, verify, AES_BLOCK_SIZE))
+            return -83;
+
+        EVP_CIPHER_CTX_init(&ctx);
+        if (EVP_CipherInit(&ctx, EVP_aes_128_cbc(), key, iv, 0) == 0)
+            return -84;
+
+        if (EVP_Cipher(&ctx, plain, cipher, 16) == 0)
+            return -85;
+
+        if (memcmp(plain, msg, AES_BLOCK_SIZE))
+            return -86;
+
+
+    }  /* end evp_cipher test */
+
+    return 0;
+}
+
+#endif /* OPENSSL_EXTRA */
+
+
+#ifndef NO_PWDBASED
+
+int pkcs12_test(void)
+{
+    const byte passwd[] = { 0x00, 0x73, 0x00, 0x6d, 0x00, 0x65, 0x00, 0x67,
+                            0x00, 0x00 };
+    const byte salt[] =   { 0x0a, 0x58, 0xCF, 0x64, 0x53, 0x0d, 0x82, 0x3f };
+
+    const byte passwd2[] = { 0x00, 0x71, 0x00, 0x75, 0x00, 0x65, 0x00, 0x65,
+                             0x00, 0x67, 0x00, 0x00 };
+    const byte salt2[] =   { 0x16, 0x82, 0xC0, 0xfC, 0x5b, 0x3f, 0x7e, 0xc5 };
+    byte  derived[64];
+
+    const byte verify[] = {
+        0x8A, 0xAA, 0xE6, 0x29, 0x7B, 0x6C, 0xB0, 0x46,
+        0x42, 0xAB, 0x5B, 0x07, 0x78, 0x51, 0x28, 0x4E,
+        0xB7, 0x12, 0x8F, 0x1A, 0x2A, 0x7F, 0xBC, 0xA3
+    };
+
+    const byte verify2[] = {
+        0x48, 0x3D, 0xD6, 0xE9, 0x19, 0xD7, 0xDE, 0x2E,
+        0x8E, 0x64, 0x8B, 0xA8, 0xF8, 0x62, 0xF3, 0xFB,
+        0xFB, 0xDC, 0x2B, 0xCB, 0x2C, 0x02, 0x95, 0x7F
+    };
+
+    int id         =  1;
+    int kLen       = 24;
+    int iterations =  1;
+    int ret = wc_PKCS12_PBKDF(derived, passwd, sizeof(passwd), salt, 8, iterations,
+                           kLen, SHA, id);
+
+    if (ret < 0)
+        return -103;
+
+    if ( (ret = memcmp(derived, verify, kLen)) != 0)
+        return -104;
+
+    iterations = 1000;
+    ret = wc_PKCS12_PBKDF(derived, passwd2, sizeof(passwd2), salt2, 8, iterations,
+                       kLen, SHA, id);
+    if (ret < 0)
+        return -105;
+
+    if ( (ret = memcmp(derived, verify2, 24)) != 0)
+        return -106;
+
+    return 0;
+}
+
+
+int pbkdf2_test(void)
+{
+    char passwd[] = "passwordpassword";
+    const byte salt[] = { 0x78, 0x57, 0x8E, 0x5a, 0x5d, 0x63, 0xcb, 0x06 };
+    int   iterations = 2048;
+    int   kLen = 24;
+    byte  derived[64];
+
+    const byte verify[] = {
+        0xba, 0x9b, 0x3b, 0x95, 0x04, 0x4d, 0x78, 0x11, 0xec, 0xa1, 0xff, 0x3f,
+        0xea, 0x3a, 0xdb, 0x55, 0x3e, 0x54, 0x0b, 0xa0, 0x9f, 0xad, 0xe6, 0x81
+    };
+
+    int ret = wc_PBKDF2(derived, (byte*)passwd, (int)strlen(passwd), salt, 8,
+                                                         iterations, kLen, SHA);
+    if (ret != 0)
+        return ret;
+
+    if (memcmp(derived, verify, sizeof(verify)) != 0)
+        return -102;
+
+    return 0;
+}
+
+
+int pbkdf1_test(void)
+{
+    char passwd[] = "password";
+    const byte salt[] = { 0x78, 0x57, 0x8E, 0x5a, 0x5d, 0x63, 0xcb, 0x06 };
+    int   iterations = 1000;
+    int   kLen = 16;
+    byte  derived[16];
+
+    const byte verify[] = {
+        0xDC, 0x19, 0x84, 0x7E, 0x05, 0xC6, 0x4D, 0x2F, 0xAF, 0x10, 0xEB, 0xFB,
+        0x4A, 0x3D, 0x2A, 0x20
+    };
+
+    wc_PBKDF1(derived, (byte*)passwd, (int)strlen(passwd), salt, 8, iterations,
+           kLen, SHA);
+
+    if (memcmp(derived, verify, sizeof(verify)) != 0)
+        return -101;
+
+    return 0;
+}
+
+
+int pwdbased_test(void)
+{
+   int ret =  pbkdf1_test();
+   ret += pbkdf2_test();
+
+   return ret + pkcs12_test();
+}
+
+#endif /* NO_PWDBASED */
+
+#if defined(HAVE_HKDF) && (!defined(NO_SHA) || !defined(NO_SHA256))
+
+int hkdf_test(void)
+{
+    int ret;
+    int L = 42;
+    byte okm1[42];
+    byte ikm1[22] = { 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
+                      0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
+                      0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b };
+    byte salt1[13] ={ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+                      0x08, 0x09, 0x0a, 0x0b, 0x0c };
+    byte info1[10] ={ 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7,
+                      0xf8, 0xf9 };
+    byte res1[42] = { 0x0a, 0xc1, 0xaf, 0x70, 0x02, 0xb3, 0xd7, 0x61,
+                      0xd1, 0xe5, 0x52, 0x98, 0xda, 0x9d, 0x05, 0x06,
+                      0xb9, 0xae, 0x52, 0x05, 0x72, 0x20, 0xa3, 0x06,
+                      0xe0, 0x7b, 0x6b, 0x87, 0xe8, 0xdf, 0x21, 0xd0,
+                      0xea, 0x00, 0x03, 0x3d, 0xe0, 0x39, 0x84, 0xd3,
+                      0x49, 0x18 };
+    byte res2[42] = { 0x08, 0x5a, 0x01, 0xea, 0x1b, 0x10, 0xf3, 0x69,
+                      0x33, 0x06, 0x8b, 0x56, 0xef, 0xa5, 0xad, 0x81,
+                      0xa4, 0xf1, 0x4b, 0x82, 0x2f, 0x5b, 0x09, 0x15,
+                      0x68, 0xa9, 0xcd, 0xd4, 0xf1, 0x55, 0xfd, 0xa2,
+                      0xc2, 0x2e, 0x42, 0x24, 0x78, 0xd3, 0x05, 0xf3,
+                      0xf8, 0x96 };
+    byte res3[42] = { 0x8d, 0xa4, 0xe7, 0x75, 0xa5, 0x63, 0xc1, 0x8f,
+                      0x71, 0x5f, 0x80, 0x2a, 0x06, 0x3c, 0x5a, 0x31,
+                      0xb8, 0xa1, 0x1f, 0x5c, 0x5e, 0xe1, 0x87, 0x9e,
+                      0xc3, 0x45, 0x4e, 0x5f, 0x3c, 0x73, 0x8d, 0x2d,
+                      0x9d, 0x20, 0x13, 0x95, 0xfa, 0xa4, 0xb6, 0x1a,
+                      0x96, 0xc8 };
+    byte res4[42] = { 0x3c, 0xb2, 0x5f, 0x25, 0xfa, 0xac, 0xd5, 0x7a,
+                      0x90, 0x43, 0x4f, 0x64, 0xd0, 0x36, 0x2f, 0x2a,
+                      0x2d, 0x2d, 0x0a, 0x90, 0xcf, 0x1a, 0x5a, 0x4c,
+                      0x5d, 0xb0, 0x2d, 0x56, 0xec, 0xc4, 0xc5, 0xbf,
+                      0x34, 0x00, 0x72, 0x08, 0xd5, 0xb8, 0x87, 0x18,
+                      0x58, 0x65 };
+
+    (void)res1;
+    (void)res2;
+    (void)res3;
+    (void)res4;
+    (void)salt1;
+    (void)info1;
+
+#ifndef NO_SHA
+    ret = wc_HKDF(SHA, ikm1, 22, NULL, 0, NULL, 0, okm1, L);
+    if (ret != 0)
+        return -2001;
+
+    if (memcmp(okm1, res1, L) != 0)
+        return -2002;
+
+#ifndef HAVE_FIPS
+    /* fips can't have key size under 14 bytes, salt is key too */
+    ret = wc_HKDF(SHA, ikm1, 11, salt1, 13, info1, 10, okm1, L);
+    if (ret != 0)
+        return -2003;
+
+    if (memcmp(okm1, res2, L) != 0)
+        return -2004;
+#endif /* HAVE_FIPS */
+#endif /* NO_SHA */
+
+#ifndef NO_SHA256
+    ret = wc_HKDF(SHA256, ikm1, 22, NULL, 0, NULL, 0, okm1, L);
+    if (ret != 0)
+        return -2005;
+
+    if (memcmp(okm1, res3, L) != 0)
+        return -2006;
+
+#ifndef HAVE_FIPS
+    /* fips can't have key size under 14 bytes, salt is key too */
+    ret = wc_HKDF(SHA256, ikm1, 22, salt1, 13, info1, 10, okm1, L);
+    if (ret != 0)
+        return -2007;
+
+    if (memcmp(okm1, res4, L) != 0)
+        return -2007;
+#endif /* HAVE_FIPS */
+#endif /* NO_SHA256 */
+
+    return 0;
+}
+
+#endif /* HAVE_HKDF */
+
+
+#ifdef HAVE_ECC
+
+typedef struct rawEccVector {
+    const char* msg;
+    const char* Qx;
+    const char* Qy;
+    const char* d;
+    const char* R;
+    const char* S;
+    const char* curveName;
+    size_t msgLen;
+} rawEccVector;
+
+int ecc_test(void)
+{
+    RNG     rng;
+    byte    sharedA[1024];
+    byte    sharedB[1024];
+    byte    sig[1024];
+    byte    digest[20];
+    byte    exportBuf[1024];
+    word32  x, y;
+    int     i, verify, ret;
+    ecc_key userA, userB, pubKey;
+
+    ret = wc_InitRng(&rng);
+    if (ret != 0)
+        return -1001;
+
+    wc_ecc_init(&userA);
+    wc_ecc_init(&userB);
+    wc_ecc_init(&pubKey);
+
+    ret = wc_ecc_make_key(&rng, 32, &userA);
+
+    if (ret != 0)
+        return -1014;
+
+    ret = wc_ecc_make_key(&rng, 32, &userB);
+
+    if (ret != 0)
+        return -1002;
+
+    x = sizeof(sharedA);
+    ret = wc_ecc_shared_secret(&userA, &userB, sharedA, &x);
+
+    if (ret != 0)
+        return -1015;
+
+    y = sizeof(sharedB);
+    ret = wc_ecc_shared_secret(&userB, &userA, sharedB, &y);
+
+    if (ret != 0)
+        return -1003;
+
+    if (y != x)
+        return -1004;
+
+    if (memcmp(sharedA, sharedB, x))
+        return -1005;
+
+    x = sizeof(exportBuf);
+    ret = wc_ecc_export_x963(&userA, exportBuf, &x);
+    if (ret != 0)
+        return -1006;
+
+    ret = wc_ecc_import_x963(exportBuf, x, &pubKey);
+
+    if (ret != 0)
+        return -1007;
+
+    y = sizeof(sharedB);
+    ret = wc_ecc_shared_secret(&userB, &pubKey, sharedB, &y);
+
+    if (ret != 0)
+        return -1008;
+
+    if (memcmp(sharedA, sharedB, y))
+        return -1009;
+
+#ifdef HAVE_COMP_KEY
+    /* try compressed export / import too */
+    x = sizeof(exportBuf);
+    ret = wc_ecc_export_x963_ex(&userA, exportBuf, &x, 1);
+    if (ret != 0)
+        return -1010;
+
+    wc_ecc_free(&pubKey);
+    wc_ecc_init(&pubKey);
+    ret = wc_ecc_import_x963(exportBuf, x, &pubKey);
+
+    if (ret != 0)
+        return -1011;
+#endif
+
+    y = sizeof(sharedB);
+    ret = wc_ecc_shared_secret(&userB, &pubKey, sharedB, &y);
+
+    if (ret != 0)
+        return -1012;
+
+    if (memcmp(sharedA, sharedB, y))
+        return -1013;
+
+    /* test DSA sign hash */
+    for (i = 0; i < (int)sizeof(digest); i++)
+        digest[i] = (byte)i;
+
+    x = sizeof(sig);
+    ret = wc_ecc_sign_hash(digest, sizeof(digest), sig, &x, &rng, &userA);
+
+    if (ret != 0)
+        return -1014;
+
+    verify = 0;
+    ret = wc_ecc_verify_hash(sig, x, digest, sizeof(digest), &verify, &userA);
+
+    if (ret != 0)
+        return -1015;
+
+    if (verify != 1)
+        return -1016;
+
+    x = sizeof(exportBuf);
+    ret = wc_ecc_export_private_only(&userA, exportBuf, &x);
+    if (ret != 0)
+        return -1017;
+
+    {
+        /* test raw ECC key import */
+        Sha sha;
+        byte hash[SHA_DIGEST_SIZE];
+        rawEccVector a, b;
+        rawEccVector test_ecc[2];
+        int times = sizeof(test_ecc) / sizeof(rawEccVector);
+
+        /* first [P-192,SHA-1] vector from FIPS 186-3 NIST vectors */
+        a.msg = "\xeb\xf7\x48\xd7\x48\xeb\xbc\xa7\xd2\x9f\xb4\x73\x69\x8a"
+                "\x6e\x6b\x4f\xb1\x0c\x86\x5d\x4a\xf0\x24\xcc\x39\xae\x3d"
+                "\xf3\x46\x4b\xa4\xf1\xd6\xd4\x0f\x32\xbf\x96\x18\xa9\x1b"
+                "\xb5\x98\x6f\xa1\xa2\xaf\x04\x8a\x0e\x14\xdc\x51\xe5\x26"
+                "\x7e\xb0\x5e\x12\x7d\x68\x9d\x0a\xc6\xf1\xa7\xf1\x56\xce"
+                "\x06\x63\x16\xb9\x71\xcc\x7a\x11\xd0\xfd\x7a\x20\x93\xe2"
+                "\x7c\xf2\xd0\x87\x27\xa4\xe6\x74\x8c\xc3\x2f\xd5\x9c\x78"
+                "\x10\xc5\xb9\x01\x9d\xf2\x1c\xdc\xc0\xbc\xa4\x32\xc0\xa3"
+                "\xee\xd0\x78\x53\x87\x50\x88\x77\x11\x43\x59\xce\xe4\xa0"
+                "\x71\xcf";
+        a.msgLen = 128;
+        a.Qx = "07008ea40b08dbe76432096e80a2494c94982d2d5bcf98e6";
+        a.Qy = "76fab681d00b414ea636ba215de26d98c41bd7f2e4d65477";
+        a.d  = "e14f37b3d1374ff8b03f41b9b3fdd2f0ebccf275d660d7f3";
+        a.R  = "6994d962bdd0d793ffddf855ec5bf2f91a9698b46258a63e";
+        a.S  = "02ba6465a234903744ab02bc8521405b73cf5fc00e1a9f41";
+        a.curveName = "ECC-192";
+
+        /* first [P-224,SHA-1] vector from FIPS 186-3 NIST vectors */
+        b.msg = "\x36\xc8\xb2\x29\x86\x48\x7f\x67\x7c\x18\xd0\x97\x2a\x9e"
+                "\x20\x47\xb3\xaf\xa5\x9e\xc1\x62\x76\x4e\xc3\x0b\x5b\x69"
+                "\xe0\x63\x0f\x99\x0d\x4e\x05\xc2\x73\xb0\xe5\xa9\xd4\x28"
+                "\x27\xb6\x95\xfc\x2d\x64\xd9\x13\x8b\x1c\xf4\xc1\x21\x55"
+                "\x89\x4c\x42\x13\x21\xa7\xbb\x97\x0b\xdc\xe0\xfb\xf0\xd2"
+                "\xae\x85\x61\xaa\xd8\x71\x7f\x2e\x46\xdf\xe3\xff\x8d\xea"
+                "\xb4\xd7\x93\x23\x56\x03\x2c\x15\x13\x0d\x59\x9e\x26\xc1"
+                "\x0f\x2f\xec\x96\x30\x31\xac\x69\x38\xa1\x8d\x66\x45\x38"
+                "\xb9\x4d\xac\x55\x34\xef\x7b\x59\x94\x24\xd6\x9b\xe1\xf7"
+                "\x1c\x20";
+        b.msgLen = 128;
+        b.Qx = "8a4dca35136c4b70e588e23554637ae251077d1365a6ba5db9585de7";
+        b.Qy = "ad3dee06de0be8279d4af435d7245f14f3b4f82eb578e519ee0057b1";
+        b.d  = "97c4b796e1639dd1035b708fc00dc7ba1682cec44a1002a1a820619f";
+        b.R  = "147b33758321e722a0360a4719738af848449e2c1d08defebc1671a7";
+        b.S  = "24fc7ed7f1352ca3872aa0916191289e2e04d454935d50fe6af3ad5b";
+        b.curveName = "ECC-224";
+
+        test_ecc[0] = a;
+        test_ecc[1] = b;
+
+        for (i = 0; i < times; i++) {
+
+            wc_ecc_free(&userA);
+            wc_ecc_init(&userA);
+
+            memset(sig, 0, sizeof(sig));
+            x = sizeof(sig);
+
+            /* calculate SHA-1 hash of message */
+            ret = wc_InitSha(&sha);
+            if (ret != 0)
+                return -1015 - i;
+
+            wc_ShaUpdate(&sha, (byte*)test_ecc[i].msg, (word32)test_ecc[i].msgLen);
+            wc_ShaFinal(&sha, hash);
+
+            ret = wc_ecc_import_raw(&userA, test_ecc[i].Qx, test_ecc[i].Qy,
+                                 test_ecc[i].d, test_ecc[i].curveName);
+            if (ret != 0)
+                return -1017 - i;
+
+            ret = wc_ecc_rs_to_sig(test_ecc[i].R, test_ecc[i].S, sig, &x);
+            if (ret != 0)
+                return -1019 - i;
+
+            ret = wc_ecc_verify_hash(sig, x, hash, sizeof(hash), &verify, &userA);
+            if (ret != 0)
+                return -1021 - i;
+
+            if (verify != 1)
+                return -1023 - i;
+        }
+    }
+
+
+#ifdef WOLFSSL_KEY_GEN
+    {
+        int   derSz, pemSz;
+        byte  der[FOURK_BUF];
+        byte  pem[FOURK_BUF];
+        FILE* keyFile;
+        FILE* pemFile;
+
+        derSz = wc_EccKeyToDer(&userB, der, FOURK_BUF);
+        if (derSz < 0) {
+            return -1024;
+        }
+
+        keyFile = fopen("./ecc-key.der", "wb");
+        if (!keyFile) {
+            return -1025;
+        }
+        ret = (int)fwrite(der, 1, derSz, keyFile);
+        fclose(keyFile);
+        if (ret != derSz) {
+            return -1026;
+        }
+
+        pemSz = wc_DerToPem(der, derSz, pem, FOURK_BUF, ECC_PRIVATEKEY_TYPE);
+        if (pemSz < 0) {
+            return -1027;
+        }
+
+        pemFile = fopen("./ecc-key.pem", "wb");
+        if (!pemFile) {
+            return -1028;
+        }
+        ret = (int)fwrite(pem, 1, pemSz, pemFile);
+        fclose(pemFile);
+        if (ret != pemSz) {
+            return -1029;
+        }
+    }
+#endif /* WOLFSSL_KEY_GEN */
+
+    wc_ecc_free(&pubKey);
+    wc_ecc_free(&userB);
+    wc_ecc_free(&userA);
+
+#if defined(HAVE_HASHDRBG) || defined(NO_RC4)
+    wc_FreeRng(&rng);
+#endif
+
+    return 0;
+}
+
+#ifdef HAVE_ECC_ENCRYPT
+
+int ecc_encrypt_test(void)
+{
+    RNG     rng;
+    int     ret;
+    ecc_key userA, userB;
+    byte    msg[48];
+    byte    plain[48];
+    byte    out[80];
+    word32  outSz   = sizeof(out);
+    word32  plainSz = sizeof(plain);
+    int     i;
+
+    ret = wc_InitRng(&rng);
+    if (ret != 0)
+        return -3001;
+
+    wc_ecc_init(&userA);
+    wc_ecc_init(&userB);
+
+    ret  = wc_ecc_make_key(&rng, 32, &userA);
+    ret += wc_ecc_make_key(&rng, 32, &userB);
+
+    if (ret != 0)
+        return -3002;
+
+    for (i = 0; i < 48; i++)
+        msg[i] = i;
+
+    /* encrypt msg to B */
+    ret = wc_ecc_encrypt(&userA, &userB, msg, sizeof(msg), out, &outSz, NULL);
+    if (ret != 0)
+        return -3003;
+
+    /* decrypt msg from A */
+    ret = wc_ecc_decrypt(&userB, &userA, out, outSz, plain, &plainSz, NULL);
+    if (ret != 0)
+        return -3004;
+
+    if (memcmp(plain, msg, sizeof(msg)) != 0)
+        return -3005;
+
+
+    {  /* let's verify message exchange works, A is client, B is server */
+        ecEncCtx* cliCtx = wc_ecc_ctx_new(REQ_RESP_CLIENT, &rng);
+        ecEncCtx* srvCtx = wc_ecc_ctx_new(REQ_RESP_SERVER, &rng);
+
+        byte cliSalt[EXCHANGE_SALT_SZ];
+        byte srvSalt[EXCHANGE_SALT_SZ];
+        const byte* tmpSalt;
+
+        if (cliCtx == NULL || srvCtx == NULL)
+            return -3006;
+
+        /* get salt to send to peer */
+        tmpSalt = wc_ecc_ctx_get_own_salt(cliCtx);
+        if (tmpSalt == NULL)
+            return -3007;
+        memcpy(cliSalt, tmpSalt, EXCHANGE_SALT_SZ);
+
+        tmpSalt = wc_ecc_ctx_get_own_salt(srvCtx);
+        if (tmpSalt == NULL)
+            return -3007;
+        memcpy(srvSalt, tmpSalt, EXCHANGE_SALT_SZ);
+
+        /* in actual use, we'd get the peer's salt over the transport */
+        ret  = wc_ecc_ctx_set_peer_salt(cliCtx, srvSalt);
+        ret += wc_ecc_ctx_set_peer_salt(srvCtx, cliSalt);
+
+        ret += wc_ecc_ctx_set_info(cliCtx, (byte*)"wolfSSL MSGE", 11);
+        ret += wc_ecc_ctx_set_info(srvCtx, (byte*)"wolfSSL MSGE", 11);
+
+        if (ret != 0)
+            return -3008;
+
+        /* get encrypted msg (request) to send to B */
+        outSz  = sizeof(out);
+        ret = wc_ecc_encrypt(&userA, &userB, msg, sizeof(msg), out, &outSz,cliCtx);
+        if (ret != 0)
+            return -3009;
+
+        /* B decrypts msg (request) from A */
+        plainSz = sizeof(plain);
+        ret = wc_ecc_decrypt(&userB, &userA, out, outSz, plain, &plainSz, srvCtx);
+        if (ret != 0)
+            return -3010;
+
+        if (memcmp(plain, msg, sizeof(msg)) != 0)
+            return -3011;
+
+        {
+            /* msg2 (response) from B to A */
+            byte    msg2[48];
+            byte    plain2[48];
+            byte    out2[80];
+            word32  outSz2   = sizeof(out2);
+            word32  plainSz2 = sizeof(plain2);
+
+            for (i = 0; i < 48; i++)
+                msg2[i] = i+48;
+
+            /* get encrypted msg (response) to send to B */
+            ret = wc_ecc_encrypt(&userB, &userA, msg2, sizeof(msg2), out2,
+                              &outSz2, srvCtx);
+            if (ret != 0)
+                return -3012;
+
+            /* A decrypts msg (response) from B */
+            ret = wc_ecc_decrypt(&userA, &userB, out2, outSz2, plain2, &plainSz2,
+                             cliCtx);
+            if (ret != 0)
+                return -3013;
+
+            if (memcmp(plain2, msg2, sizeof(msg2)) != 0)
+                return -3014;
+        }
+
+        /* cleanup */
+        wc_ecc_ctx_free(srvCtx);
+        wc_ecc_ctx_free(cliCtx);
+    }
+
+    /* cleanup */
+    wc_ecc_free(&userB);
+    wc_ecc_free(&userA);
+
+    return 0;
+}
+
+#endif /* HAVE_ECC_ENCRYPT */
+#endif /* HAVE_ECC */
+
+
+#ifdef HAVE_ECC25519
+
+int ecc25519_test(void)
+{
+    RNG     rng;
+    byte    sharedA[1024];
+    byte    sharedB[1024];
+    word32  x, y;
+    byte    exportBuf[1024];
+    ecc25519_key userA, userB, pubKey;
+
+    if (wc_InitRng(&rng) != 0)
+        return -1001;
+
+    wc_ecc25519_init(&userA);
+    wc_ecc25519_init(&userB);
+    wc_ecc25519_init(&pubKey);
+
+    /* make curve25519 keys */
+    if (wc_ecc25519_make_key(&rng, 32, &userA) != 0)
+        return -1014;
+
+    if (wc_ecc25519_make_key(&rng, 32, &userB) != 0)
+        return -1002;
+
+    /* find shared secret key */
+    x = sizeof(sharedA);
+    if (wc_ecc25519_shared_secret(&userA, &userB, sharedA, &x) != 0)
+        return -1015;
+
+    y = sizeof(sharedB);
+    if (wc_ecc25519_shared_secret(&userB, &userA, sharedB, &y) != 0)
+        return -1003;
+
+    /* compare shared secret keys to test they are the same */
+    if (y != x)
+        return -1004;
+
+    if (memcmp(sharedA, sharedB, x))
+        return -1005;
+
+    /* export a public key and import it for another user */
+    x = sizeof(exportBuf);
+    if (wc_ecc25519_export_public(&userA, exportBuf, &x) != 0)
+        return -1006;
+
+    if (wc_ecc25519_import_public(exportBuf, x, &pubKey) != 0)
+        return -1007;
+
+    /* test shared key after importing a public key */
+    y = sizeof(sharedB);
+    if (wc_ecc25519_shared_secret(&userB, &pubKey, sharedB, &y) != 0)
+        return -1008;
+
+    if (memcmp(sharedA, sharedB, y))
+        return -1010;
+
+    /* clean up keys when done */
+    wc_ecc25519_free(&pubKey);
+    wc_ecc25519_free(&userB);
+    wc_ecc25519_free(&userA);
+
+#if defined(HAVE_HASHDRBG) || defined(NO_RC4)
+    wc_FreeRng(&rng);
+#endif
+
+    return 0;
+}
+#endif /* HAVE_ECC25519 */
+
+
+#ifdef HAVE_LIBZ
+
+const byte sample_text[] =
+    "Biodiesel cupidatat marfa, cliche aute put a bird on it incididunt elit\n"
+    "polaroid. Sunt tattooed bespoke reprehenderit. Sint twee organic id\n"
+    "marfa. Commodo veniam ad esse gastropub. 3 wolf moon sartorial vero,\n"
+    "plaid delectus biodiesel squid +1 vice. Post-ironic keffiyeh leggings\n"
+    "selfies cray fap hoodie, forage anim. Carles cupidatat shoreditch, VHS\n"
+    "small batch meggings kogi dolore food truck bespoke gastropub.\n"
+    "\n"
+    "Terry richardson adipisicing actually typewriter tumblr, twee whatever\n"
+    "four loko you probably haven't heard of them high life. Messenger bag\n"
+    "whatever tattooed deep v mlkshk. Brooklyn pinterest assumenda chillwave\n"
+    "et, banksy ullamco messenger bag umami pariatur direct trade forage.\n"
+    "Typewriter culpa try-hard, pariatur sint brooklyn meggings. Gentrify\n"
+    "food truck next level, tousled irony non semiotics PBR ethical anim cred\n"
+    "readymade. Mumblecore brunch lomo odd future, portland organic terry\n"
+    "richardson elit leggings adipisicing ennui raw denim banjo hella. Godard\n"
+    "mixtape polaroid, pork belly readymade organic cray typewriter helvetica\n"
+    "four loko whatever street art yr farm-to-table.\n"
+    "\n"
+    "Vinyl keytar vice tofu. Locavore you probably haven't heard of them pug\n"
+    "pickled, hella tonx labore truffaut DIY mlkshk elit cosby sweater sint\n"
+    "et mumblecore. Elit swag semiotics, reprehenderit DIY sartorial nisi ugh\n"
+    "nesciunt pug pork belly wayfarers selfies delectus. Ethical hoodie\n"
+    "seitan fingerstache kale chips. Terry richardson artisan williamsburg,\n"
+    "eiusmod fanny pack irony tonx ennui lo-fi incididunt tofu YOLO\n"
+    "readymade. 8-bit sed ethnic beard officia. Pour-over iphone DIY butcher,\n"
+    "ethnic art party qui letterpress nisi proident jean shorts mlkshk\n"
+    "locavore.\n"
+    "\n"
+    "Narwhal flexitarian letterpress, do gluten-free voluptate next level\n"
+    "banh mi tonx incididunt carles DIY. Odd future nulla 8-bit beard ut\n"
+    "cillum pickled velit, YOLO officia you probably haven't heard of them\n"
+    "trust fund gastropub. Nisi adipisicing tattooed, Austin mlkshk 90's\n"
+    "small batch american apparel. Put a bird on it cosby sweater before they\n"
+    "sold out pork belly kogi hella. Street art mollit sustainable polaroid,\n"
+    "DIY ethnic ea pug beard dreamcatcher cosby sweater magna scenester nisi.\n"
+    "Sed pork belly skateboard mollit, labore proident eiusmod. Sriracha\n"
+    "excepteur cosby sweater, anim deserunt laborum eu aliquip ethical et\n"
+    "neutra PBR selvage.\n"
+    "\n"
+    "Raw denim pork belly truffaut, irony plaid sustainable put a bird on it\n"
+    "next level jean shorts exercitation. Hashtag keytar whatever, nihil\n"
+    "authentic aliquip disrupt laborum. Tattooed selfies deserunt trust fund\n"
+    "wayfarers. 3 wolf moon synth church-key sartorial, gastropub leggings\n"
+    "tattooed. Labore high life commodo, meggings raw denim fingerstache pug\n"
+    "trust fund leggings seitan forage. Nostrud ullamco duis, reprehenderit\n"
+    "incididunt flannel sustainable helvetica pork belly pug banksy you\n"
+    "probably haven't heard of them nesciunt farm-to-table. Disrupt nostrud\n"
+    "mollit magna, sriracha sartorial helvetica.\n"
+    "\n"
+    "Nulla kogi reprehenderit, skateboard sustainable duis adipisicing viral\n"
+    "ad fanny pack salvia. Fanny pack trust fund you probably haven't heard\n"
+    "of them YOLO vice nihil. Keffiyeh cray lo-fi pinterest cardigan aliqua,\n"
+    "reprehenderit aute. Culpa tousled williamsburg, marfa lomo actually anim\n"
+    "skateboard. Iphone aliqua ugh, semiotics pariatur vero readymade\n"
+    "organic. Marfa squid nulla, in laborum disrupt laboris irure gastropub.\n"
+    "Veniam sunt food truck leggings, sint vinyl fap.\n"
+    "\n"
+    "Hella dolore pork belly, truffaut carles you probably haven't heard of\n"
+    "them PBR helvetica in sapiente. Fashion axe ugh bushwick american\n"
+    "apparel. Fingerstache sed iphone, jean shorts blue bottle nisi bushwick\n"
+    "flexitarian officia veniam plaid bespoke fap YOLO lo-fi. Blog\n"
+    "letterpress mumblecore, food truck id cray brooklyn cillum ad sed.\n"
+    "Assumenda chambray wayfarers vinyl mixtape sustainable. VHS vinyl\n"
+    "delectus, culpa williamsburg polaroid cliche swag church-key synth kogi\n"
+    "magna pop-up literally. Swag thundercats ennui shoreditch vegan\n"
+    "pitchfork neutra truffaut etsy, sed single-origin coffee craft beer.\n"
+    "\n"
+    "Odio letterpress brooklyn elit. Nulla single-origin coffee in occaecat\n"
+    "meggings. Irony meggings 8-bit, chillwave lo-fi adipisicing cred\n"
+    "dreamcatcher veniam. Put a bird on it irony umami, trust fund bushwick\n"
+    "locavore kale chips. Sriracha swag thundercats, chillwave disrupt\n"
+    "tousled beard mollit mustache leggings portland next level. Nihil esse\n"
+    "est, skateboard art party etsy thundercats sed dreamcatcher ut iphone\n"
+    "swag consectetur et. Irure skateboard banjo, nulla deserunt messenger\n"
+    "bag dolor terry richardson sapiente.\n";
+
+
+int compress_test(void)
+{
+    int ret = 0;
+    word32 dSz = sizeof(sample_text);
+    word32 cSz = (dSz + (word32)(dSz * 0.001) + 12);
+    byte *c = NULL;
+    byte *d = NULL;
+
+    c = calloc(cSz, sizeof(byte));
+    d = calloc(dSz, sizeof(byte));
+
+    if (c == NULL || d == NULL)
+        ret = -300;
+
+    if (ret == 0 && (ret = wc_Compress(c, cSz, sample_text, dSz, 0)) < 0)
+        ret = -301;
+
+    if (ret > 0) {
+        cSz = (word32)ret;
+        ret = 0;
+    }
+
+    if (ret == 0 && wc_DeCompress(d, dSz, c, cSz) != (int)dSz)
+        ret = -302;
+
+    if (ret == 0 && memcmp(d, sample_text, dSz))
+        ret = -303;
+
+    if (c) free(c);
+    if (d) free(d);
+
+    return ret;
+}
+
+#endif /* HAVE_LIBZ */
+
+#ifdef HAVE_PKCS7
+
+int pkcs7enveloped_test(void)
+{
+    int ret = 0;
+
+    int cipher = DES3b;
+    int envelopedSz, decodedSz;
+    PKCS7 pkcs7;
+    byte* cert;
+    byte* privKey;
+    byte  enveloped[2048];
+    byte  decoded[2048];
+
+    size_t certSz;
+    size_t privKeySz;
+    FILE*  certFile;
+    FILE*  keyFile;
+    FILE*  pkcs7File;
+    const char* pkcs7OutFile = "pkcs7envelopedData.der";
+
+    const byte data[] = { /* Hello World */
+        0x48,0x65,0x6c,0x6c,0x6f,0x20,0x57,0x6f,
+        0x72,0x6c,0x64
+    };
+
+    /* read client cert and key in DER format */
+    cert = (byte*)malloc(FOURK_BUF);
+    if (cert == NULL)
+        return -201;
+
+    privKey = (byte*)malloc(FOURK_BUF);
+    if (privKey == NULL) {
+        free(cert);
+        return -202;
+    }
+
+    certFile = fopen(clientCert, "rb");
+    if (!certFile) {
+        free(cert);
+        free(privKey);
+        err_sys("can't open ./certs/client-cert.der, "
+                "Please run from wolfSSL home dir", -42);
+        return -42;
+    }
+
+    certSz = fread(cert, 1, FOURK_BUF, certFile);
+    fclose(certFile);
+
+    keyFile = fopen(clientKey, "rb");
+    if (!keyFile) {
+        free(cert);
+        free(privKey);
+        err_sys("can't open ./certs/client-key.der, "
+                "Please run from wolfSSL home dir", -43);
+        return -43;
+    }
+
+    privKeySz = fread(privKey, 1, FOURK_BUF, keyFile);
+    fclose(keyFile);
+
+    wc_PKCS7_InitWithCert(&pkcs7, cert, (word32)certSz);
+    pkcs7.content     = (byte*)data;
+    pkcs7.contentSz   = (word32)sizeof(data);
+    pkcs7.contentOID  = DATA;
+    pkcs7.encryptOID  = cipher;
+    pkcs7.privateKey  = privKey;
+    pkcs7.privateKeySz = (word32)privKeySz;
+
+    /* encode envelopedData */
+    envelopedSz = wc_PKCS7_EncodeEnvelopedData(&pkcs7, enveloped,
+                                            sizeof(enveloped));
+    if (envelopedSz <= 0) {
+        free(cert);
+        free(privKey);
+        return -203;
+    }
+
+    /* decode envelopedData */
+    decodedSz = wc_PKCS7_DecodeEnvelopedData(&pkcs7, enveloped, envelopedSz,
+                                          decoded, sizeof(decoded));
+    if (decodedSz <= 0) {
+        free(cert);
+        free(privKey);
+        return -204;
+    }
+
+    /* test decode result */
+    if (memcmp(decoded, data, sizeof(data)) != 0) {
+        free(cert);
+        free(privKey);
+        return -205;
+    }
+
+    /* output pkcs7 envelopedData for external testing */
+    pkcs7File = fopen(pkcs7OutFile, "wb");
+    if (!pkcs7File) {
+        free(cert);
+        free(privKey);
+        return -206;
+    }
+
+    ret = (int)fwrite(enveloped, envelopedSz, 1, pkcs7File);
+    fclose(pkcs7File);
+
+    free(cert);
+    free(privKey);
+    wc_PKCS7_Free(&pkcs7);
+
+    if (ret > 0)
+        return 0;
+
+    return ret;
+}
+
+int pkcs7signed_test(void)
+{
+    int ret = 0;
+
+    FILE* file;
+    byte* certDer;
+    byte* keyDer;
+    byte* out;
+    char data[] = "Hello World";
+    word32 dataSz, outSz, certDerSz, keyDerSz;
+    PKCS7 msg;
+    RNG rng;
+
+    byte transIdOid[] =
+               { 0x06, 0x0a, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x45, 0x01,
+                 0x09, 0x07 };
+    byte messageTypeOid[] =
+               { 0x06, 0x0a, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x45, 0x01,
+                 0x09, 0x02 };
+    byte senderNonceOid[] =
+               { 0x06, 0x0a, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x45, 0x01,
+                 0x09, 0x05 };
+    byte transId[(SHA_DIGEST_SIZE + 1) * 2 + 1];
+    byte messageType[] = { 0x13, 2, '1', '9' };
+    byte senderNonce[PKCS7_NONCE_SZ + 2];
+
+    PKCS7Attrib attribs[] =
+    {
+        { transIdOid, sizeof(transIdOid),
+                     transId, sizeof(transId) - 1 }, /* take off the null */
+        { messageTypeOid, sizeof(messageTypeOid),
+                     messageType, sizeof(messageType) },
+        { senderNonceOid, sizeof(senderNonceOid),
+                     senderNonce, sizeof(senderNonce) }
+    };
+
+    dataSz = (word32) strlen(data);
+    outSz = FOURK_BUF;
+
+    certDer = (byte*)malloc(FOURK_BUF);
+    if (certDer == NULL)
+        return -207;
+    keyDer = (byte*)malloc(FOURK_BUF);
+    if (keyDer == NULL) {
+        free(certDer);
+        return -208;
+    }
+    out = (byte*)malloc(FOURK_BUF);
+    if (out == NULL) {
+        free(certDer);
+        free(keyDer);
+        return -209;
+    }
+
+    /* read in DER cert of recipient, into cert of size certSz */
+    file = fopen(clientCert, "rb");
+    if (!file) {
+        free(certDer);
+        free(keyDer);
+        free(out);
+        err_sys("can't open ./certs/client-cert.der, "
+                "Please run from wolfSSL home dir", -44);
+        return -44;
+    }
+    certDerSz = (word32)fread(certDer, 1, FOURK_BUF, file);
+    fclose(file);
+
+    file = fopen(clientKey, "rb");
+    if (!file) {
+        free(certDer);
+        free(keyDer);
+        free(out);
+        err_sys("can't open ./certs/client-key.der, "
+                "Please run from wolfSSL home dir", -45);
+        return -45;
+    }
+    keyDerSz = (word32)fread(keyDer, 1, FOURK_BUF, file);
+    fclose(file);
+
+    ret = wc_InitRng(&rng);
+    if (ret != 0) {
+        free(certDer);
+        free(keyDer);
+        free(out);
+        return -210;
+    }
+
+    senderNonce[0] = 0x04;
+    senderNonce[1] = PKCS7_NONCE_SZ;
+
+    ret = wc_RNG_GenerateBlock(&rng, &senderNonce[2], PKCS7_NONCE_SZ);
+    if (ret != 0) {
+        free(certDer);
+        free(keyDer);
+        free(out);
+        return -211;
+    }
+
+    wc_PKCS7_InitWithCert(&msg, certDer, certDerSz);
+    msg.privateKey = keyDer;
+    msg.privateKeySz = keyDerSz;
+    msg.content = (byte*)data;
+    msg.contentSz = dataSz;
+    msg.hashOID = SHAh;
+    msg.encryptOID = RSAk;
+    msg.signedAttribs = attribs;
+    msg.signedAttribsSz = sizeof(attribs)/sizeof(PKCS7Attrib);
+    msg.rng = &rng;
+    {
+        Sha sha;
+        byte digest[SHA_DIGEST_SIZE];
+        int i,j;
+
+        transId[0] = 0x13;
+        transId[1] = SHA_DIGEST_SIZE * 2;
+
+        ret = wc_InitSha(&sha);
+        if (ret != 0) {
+            free(certDer);
+            free(keyDer);
+            free(out);
+            return -4003;
+        }
+        wc_ShaUpdate(&sha, msg.publicKey, msg.publicKeySz);
+        wc_ShaFinal(&sha, digest);
+
+        for (i = 0, j = 2; i < SHA_DIGEST_SIZE; i++, j += 2) {
+            snprintf((char*)&transId[j], 3, "%02x", digest[i]);
+        }
+    }
+    ret = wc_PKCS7_EncodeSignedData(&msg, out, outSz);
+    if (ret < 0) {
+        free(certDer);
+        free(keyDer);
+        free(out);
+        wc_PKCS7_Free(&msg);
+        return -212;
+    }
+    else
+        outSz = ret;
+
+    /* write PKCS#7 to output file for more testing */
+    file = fopen("./pkcs7signedData.der", "wb");
+    if (!file) {
+        free(certDer);
+        free(keyDer);
+        free(out);
+        wc_PKCS7_Free(&msg);
+        return -213;
+    }
+    ret = (int)fwrite(out, 1, outSz, file);
+    fclose(file);
+    if (ret != (int)outSz) {
+        free(certDer);
+        free(keyDer);
+        free(out);
+        wc_PKCS7_Free(&msg);
+        return -218;
+    }
+
+    wc_PKCS7_Free(&msg);
+    wc_PKCS7_InitWithCert(&msg, NULL, 0);
+
+    ret = wc_PKCS7_VerifySignedData(&msg, out, outSz);
+    if (ret < 0) {
+        free(certDer);
+        free(keyDer);
+        free(out);
+        wc_PKCS7_Free(&msg);
+        return -214;
+    }
+
+    if (msg.singleCert == NULL || msg.singleCertSz == 0) {
+        free(certDer);
+        free(keyDer);
+        free(out);
+        wc_PKCS7_Free(&msg);
+        return -215;
+    }
+
+    file = fopen("./pkcs7cert.der", "wb");
+    if (!file) {
+        free(certDer);
+        free(keyDer);
+        free(out);
+        wc_PKCS7_Free(&msg);
+        return -216;
+    }
+    ret = (int)fwrite(msg.singleCert, 1, msg.singleCertSz, file);
+    fclose(file);
+
+    free(certDer);
+    free(keyDer);
+    free(out);
+    wc_PKCS7_Free(&msg);
+
+#if defined(HAVE_HASHDRBG) || defined(NO_RC4)
+    wc_FreeRng(&rng);
+#endif
+
+    if (ret > 0)
+        return 0;
+
+    return ret;
+}
+
+#endif /* HAVE_PKCS7 */
+
+#endif /* NO_CRYPT_TEST */
diff --git a/3P/wolfssl/wolfcrypt/test/test.h b/3P/wolfssl/wolfcrypt/test/test.h
new file mode 100644
index 00000000..dbe6e25e
--- /dev/null
+++ b/3P/wolfssl/wolfcrypt/test/test.h
@@ -0,0 +1,33 @@
+/* ctaocrypt/test/test.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+#pragma once
+
+#ifdef __cplusplus
+    extern "C" {
+#endif
+
+int wolfcrypt_test(void* args);
+
+#ifdef __cplusplus
+    }  /* extern "C" */
+#endif
+
diff --git a/3P/wolfssl/wolfcrypt/test/test.sln b/3P/wolfssl/wolfcrypt/test/test.sln
new file mode 100755
index 00000000..97b2e8df
--- /dev/null
+++ b/3P/wolfssl/wolfcrypt/test/test.sln
@@ -0,0 +1,20 @@
+
+Microsoft Visual Studio Solution File, Format Version 9.00
+# Visual C++ Express 2005
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "test", "test.vcproj", "{D04BDF66-664A-4D59-BEAC-8AB2D5809C21}"
+EndProject
+Global
+	GlobalSection(SolutionConfigurationPlatforms) = preSolution
+		Debug|Win32 = Debug|Win32
+		Release|Win32 = Release|Win32
+	EndGlobalSection
+	GlobalSection(ProjectConfigurationPlatforms) = postSolution
+		{D04BDF66-664A-4D59-BEAC-8AB2D5809C21}.Debug|Win32.ActiveCfg = Debug|Win32
+		{D04BDF66-664A-4D59-BEAC-8AB2D5809C21}.Debug|Win32.Build.0 = Debug|Win32
+		{D04BDF66-664A-4D59-BEAC-8AB2D5809C21}.Release|Win32.ActiveCfg = Release|Win32
+		{D04BDF66-664A-4D59-BEAC-8AB2D5809C21}.Release|Win32.Build.0 = Release|Win32
+	EndGlobalSection
+	GlobalSection(SolutionProperties) = preSolution
+		HideSolutionNode = FALSE
+	EndGlobalSection
+EndGlobal
diff --git a/3P/wolfssl/wolfcrypt/test/test.vcproj b/3P/wolfssl/wolfcrypt/test/test.vcproj
new file mode 100755
index 00000000..38c5c6be
--- /dev/null
+++ b/3P/wolfssl/wolfcrypt/test/test.vcproj
@@ -0,0 +1,195 @@
+
+
+	
+		
+	
+	
+	
+	
+		
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+		
+		
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+		
+	
+	
+	
+	
+		
+		
+		
+		
+		
+			
+			
+		
+	
+	
+	
+
diff --git a/3P/wolfssl/wolfssl-ios.xcodeproj/project.pbxproj b/3P/wolfssl/wolfssl-ios.xcodeproj/project.pbxproj
new file mode 100644
index 00000000..50ba7cc4
--- /dev/null
+++ b/3P/wolfssl/wolfssl-ios.xcodeproj/project.pbxproj
@@ -0,0 +1,383 @@
+// !$*UTF8*$!
+{
+	archiveVersion = 1;
+	classes = {
+	};
+	objectVersion = 46;
+	objects = {
+
+/* Begin PBXBuildFile section */
+		52B1348216F3CCC400C07B32 /* tls.c in Sources */ = {isa = PBXBuildFile; fileRef = 52B1347B16F3CCC400C07B32 /* tls.c */; };
+		52B1348316F3CCC400C07B32 /* ssl.c in Sources */ = {isa = PBXBuildFile; fileRef = 52B1347C16F3CCC400C07B32 /* ssl.c */; };
+		52B1348416F3CCC400C07B32 /* ocsp.c in Sources */ = {isa = PBXBuildFile; fileRef = 52B1347D16F3CCC400C07B32 /* ocsp.c */; };
+		52B1348516F3CCC400C07B32 /* keys.c in Sources */ = {isa = PBXBuildFile; fileRef = 52B1347E16F3CCC400C07B32 /* keys.c */; };
+		52B1348616F3CCC400C07B32 /* io.c in Sources */ = {isa = PBXBuildFile; fileRef = 52B1347F16F3CCC400C07B32 /* io.c */; };
+		52B1348716F3CCC400C07B32 /* internal.c in Sources */ = {isa = PBXBuildFile; fileRef = 52B1348016F3CCC400C07B32 /* internal.c */; };
+		52B1348816F3CCC400C07B32 /* crl.c in Sources */ = {isa = PBXBuildFile; fileRef = 52B1348116F3CCC400C07B32 /* crl.c */; };
+		52B134A316F3CDF300C07B32 /* tfm.c in Sources */ = {isa = PBXBuildFile; fileRef = 52B1348916F3CDF300C07B32 /* tfm.c */; };
+		52B134A416F3CDF300C07B32 /* sha256.c in Sources */ = {isa = PBXBuildFile; fileRef = 52B1348A16F3CDF300C07B32 /* sha256.c */; };
+		52B134A516F3CDF300C07B32 /* sha.c in Sources */ = {isa = PBXBuildFile; fileRef = 52B1348B16F3CDF300C07B32 /* sha.c */; };
+		52B134A616F3CDF300C07B32 /* rsa.c in Sources */ = {isa = PBXBuildFile; fileRef = 52B1348C16F3CDF300C07B32 /* rsa.c */; };
+		52B134A716F3CDF300C07B32 /* ripemd.c in Sources */ = {isa = PBXBuildFile; fileRef = 52B1348D16F3CDF300C07B32 /* ripemd.c */; };
+		52B134A816F3CDF300C07B32 /* random.c in Sources */ = {isa = PBXBuildFile; fileRef = 52B1348E16F3CDF300C07B32 /* random.c */; };
+		52B134A916F3CDF300C07B32 /* rabbit.c in Sources */ = {isa = PBXBuildFile; fileRef = 52B1348F16F3CDF300C07B32 /* rabbit.c */; };
+		52B134AA16F3CDF300C07B32 /* pwdbased.c in Sources */ = {isa = PBXBuildFile; fileRef = 52B1349016F3CDF300C07B32 /* pwdbased.c */; };
+		52B134AB16F3CDF300C07B32 /* misc.c in Sources */ = {isa = PBXBuildFile; fileRef = 52B1349116F3CDF300C07B32 /* misc.c */; };
+		52B134AC16F3CDF300C07B32 /* memory.c in Sources */ = {isa = PBXBuildFile; fileRef = 52B1349216F3CDF300C07B32 /* memory.c */; };
+		52B134AD16F3CDF300C07B32 /* md5.c in Sources */ = {isa = PBXBuildFile; fileRef = 52B1349316F3CDF300C07B32 /* md5.c */; };
+		52B134AE16F3CDF300C07B32 /* md4.c in Sources */ = {isa = PBXBuildFile; fileRef = 52B1349416F3CDF300C07B32 /* md4.c */; };
+		52B134AF16F3CDF300C07B32 /* logging.c in Sources */ = {isa = PBXBuildFile; fileRef = 52B1349516F3CDF300C07B32 /* logging.c */; };
+		52B134B016F3CDF300C07B32 /* integer.c in Sources */ = {isa = PBXBuildFile; fileRef = 52B1349616F3CDF300C07B32 /* integer.c */; };
+		52B134B116F3CDF300C07B32 /* hmac.c in Sources */ = {isa = PBXBuildFile; fileRef = 52B1349716F3CDF300C07B32 /* hmac.c */; };
+		52B134B216F3CDF300C07B32 /* hc128.c in Sources */ = {isa = PBXBuildFile; fileRef = 52B1349816F3CDF300C07B32 /* hc128.c */; };
+		52B134B316F3CDF300C07B32 /* error.c in Sources */ = {isa = PBXBuildFile; fileRef = 52B1349916F3CDF300C07B32 /* error.c */; };
+		52B134B416F3CDF300C07B32 /* ecc.c in Sources */ = {isa = PBXBuildFile; fileRef = 52B1349A16F3CDF300C07B32 /* ecc.c */; };
+		52B134B516F3CDF300C07B32 /* dsa.c in Sources */ = {isa = PBXBuildFile; fileRef = 52B1349B16F3CDF300C07B32 /* dsa.c */; };
+		52B134B616F3CDF300C07B32 /* dh.c in Sources */ = {isa = PBXBuildFile; fileRef = 52B1349C16F3CDF300C07B32 /* dh.c */; };
+		52B134B716F3CDF300C07B32 /* des3.c in Sources */ = {isa = PBXBuildFile; fileRef = 52B1349D16F3CDF300C07B32 /* des3.c */; };
+		52B134B816F3CDF300C07B32 /* coding.c in Sources */ = {isa = PBXBuildFile; fileRef = 52B1349E16F3CDF300C07B32 /* coding.c */; };
+		52B134B916F3CDF300C07B32 /* camellia.c in Sources */ = {isa = PBXBuildFile; fileRef = 52B1349F16F3CDF300C07B32 /* camellia.c */; };
+		52B134BA16F3CDF300C07B32 /* asn.c in Sources */ = {isa = PBXBuildFile; fileRef = 52B134A016F3CDF300C07B32 /* asn.c */; };
+		52B134BB16F3CDF300C07B32 /* arc4.c in Sources */ = {isa = PBXBuildFile; fileRef = 52B134A116F3CDF300C07B32 /* arc4.c */; };
+		52B134BC16F3CDF300C07B32 /* aes.c in Sources */ = {isa = PBXBuildFile; fileRef = 52B134A216F3CDF300C07B32 /* aes.c */; };
+		52F8CACA1A813C990085CA8C /* wc_port.c in Sources */ = {isa = PBXBuildFile; fileRef = 52F8CAC91A813C990085CA8C /* wc_port.c */; };
+/* End PBXBuildFile section */
+
+/* Begin PBXCopyFilesBuildPhase section */
+		52B1344B16F3C9E800C07B32 /* CopyFiles */ = {
+			isa = PBXCopyFilesBuildPhase;
+			buildActionMask = 2147483647;
+			dstPath = "include/${PRODUCT_NAME}";
+			dstSubfolderSpec = 16;
+			files = (
+			);
+			runOnlyForDeploymentPostprocessing = 0;
+		};
+/* End PBXCopyFilesBuildPhase section */
+
+/* Begin PBXFileReference section */
+		52B1344D16F3C9E800C07B32 /* libwolfssl-ios.a */ = {isa = PBXFileReference; explicitFileType = archive.ar; includeInIndex = 0; path = "libwolfssl-ios.a"; sourceTree = BUILT_PRODUCTS_DIR; };
+		52B1347B16F3CCC400C07B32 /* tls.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = tls.c; path = src/tls.c; sourceTree = SOURCE_ROOT; };
+		52B1347C16F3CCC400C07B32 /* ssl.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = ssl.c; path = src/ssl.c; sourceTree = SOURCE_ROOT; };
+		52B1347D16F3CCC400C07B32 /* ocsp.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = ocsp.c; path = src/ocsp.c; sourceTree = SOURCE_ROOT; };
+		52B1347E16F3CCC400C07B32 /* keys.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = keys.c; path = src/keys.c; sourceTree = SOURCE_ROOT; };
+		52B1347F16F3CCC400C07B32 /* io.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = io.c; path = src/io.c; sourceTree = SOURCE_ROOT; };
+		52B1348016F3CCC400C07B32 /* internal.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = internal.c; path = src/internal.c; sourceTree = SOURCE_ROOT; };
+		52B1348116F3CCC400C07B32 /* crl.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = crl.c; path = src/crl.c; sourceTree = SOURCE_ROOT; };
+		52B1348916F3CDF300C07B32 /* tfm.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = tfm.c; path = wolfcrypt/src/tfm.c; sourceTree = SOURCE_ROOT; };
+		52B1348A16F3CDF300C07B32 /* sha256.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = sha256.c; path = wolfcrypt/src/sha256.c; sourceTree = SOURCE_ROOT; };
+		52B1348B16F3CDF300C07B32 /* sha.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = sha.c; path = wolfcrypt/src/sha.c; sourceTree = SOURCE_ROOT; };
+		52B1348C16F3CDF300C07B32 /* rsa.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = rsa.c; path = wolfcrypt/src/rsa.c; sourceTree = SOURCE_ROOT; };
+		52B1348D16F3CDF300C07B32 /* ripemd.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = ripemd.c; path = wolfcrypt/src/ripemd.c; sourceTree = SOURCE_ROOT; };
+		52B1348E16F3CDF300C07B32 /* random.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = random.c; path = wolfcrypt/src/random.c; sourceTree = SOURCE_ROOT; };
+		52B1348F16F3CDF300C07B32 /* rabbit.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = rabbit.c; path = wolfcrypt/src/rabbit.c; sourceTree = SOURCE_ROOT; };
+		52B1349016F3CDF300C07B32 /* pwdbased.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = pwdbased.c; path = wolfcrypt/src/pwdbased.c; sourceTree = SOURCE_ROOT; };
+		52B1349116F3CDF300C07B32 /* misc.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = misc.c; path = wolfcrypt/src/misc.c; sourceTree = SOURCE_ROOT; };
+		52B1349216F3CDF300C07B32 /* memory.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = memory.c; path = wolfcrypt/src/memory.c; sourceTree = SOURCE_ROOT; };
+		52B1349316F3CDF300C07B32 /* md5.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = md5.c; path = wolfcrypt/src/md5.c; sourceTree = SOURCE_ROOT; };
+		52B1349416F3CDF300C07B32 /* md4.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = md4.c; path = wolfcrypt/src/md4.c; sourceTree = SOURCE_ROOT; };
+		52B1349516F3CDF300C07B32 /* logging.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = logging.c; path = wolfcrypt/src/logging.c; sourceTree = SOURCE_ROOT; };
+		52B1349616F3CDF300C07B32 /* integer.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = integer.c; path = wolfcrypt/src/integer.c; sourceTree = SOURCE_ROOT; };
+		52B1349716F3CDF300C07B32 /* hmac.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = hmac.c; path = wolfcrypt/src/hmac.c; sourceTree = SOURCE_ROOT; };
+		52B1349816F3CDF300C07B32 /* hc128.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = hc128.c; path = wolfcrypt/src/hc128.c; sourceTree = SOURCE_ROOT; };
+		52B1349916F3CDF300C07B32 /* error.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = error.c; path = wolfcrypt/src/error.c; sourceTree = SOURCE_ROOT; };
+		52B1349A16F3CDF300C07B32 /* ecc.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = ecc.c; path = wolfcrypt/src/ecc.c; sourceTree = SOURCE_ROOT; };
+		52B1349B16F3CDF300C07B32 /* dsa.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = dsa.c; path = wolfcrypt/src/dsa.c; sourceTree = SOURCE_ROOT; };
+		52B1349C16F3CDF300C07B32 /* dh.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = dh.c; path = wolfcrypt/src/dh.c; sourceTree = SOURCE_ROOT; };
+		52B1349D16F3CDF300C07B32 /* des3.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = des3.c; path = wolfcrypt/src/des3.c; sourceTree = SOURCE_ROOT; };
+		52B1349E16F3CDF300C07B32 /* coding.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = coding.c; path = wolfcrypt/src/coding.c; sourceTree = SOURCE_ROOT; };
+		52B1349F16F3CDF300C07B32 /* camellia.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = camellia.c; path = wolfcrypt/src/camellia.c; sourceTree = SOURCE_ROOT; };
+		52B134A016F3CDF300C07B32 /* asn.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = asn.c; path = wolfcrypt/src/asn.c; sourceTree = SOURCE_ROOT; };
+		52B134A116F3CDF300C07B32 /* arc4.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = arc4.c; path = wolfcrypt/src/arc4.c; sourceTree = SOURCE_ROOT; };
+		52B134A216F3CDF300C07B32 /* aes.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = aes.c; path = wolfcrypt/src/aes.c; sourceTree = SOURCE_ROOT; };
+		52F8CAC91A813C990085CA8C /* wc_port.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = wc_port.c; path = wolfcrypt/src/wc_port.c; sourceTree = SOURCE_ROOT; };
+/* End PBXFileReference section */
+
+/* Begin PBXFrameworksBuildPhase section */
+		52B1344A16F3C9E800C07B32 /* Frameworks */ = {
+			isa = PBXFrameworksBuildPhase;
+			buildActionMask = 2147483647;
+			files = (
+			);
+			runOnlyForDeploymentPostprocessing = 0;
+		};
+/* End PBXFrameworksBuildPhase section */
+
+/* Begin PBXGroup section */
+		52B1344416F3C9E800C07B32 = {
+			isa = PBXGroup;
+			children = (
+				52B1347816F3CC0400C07B32 /* Source */,
+				52B1344E16F3C9E800C07B32 /* Products */,
+			);
+			sourceTree = "";
+		};
+		52B1344E16F3C9E800C07B32 /* Products */ = {
+			isa = PBXGroup;
+			children = (
+				52B1344D16F3C9E800C07B32 /* libwolfssl-ios.a */,
+			);
+			name = Products;
+			sourceTree = "";
+		};
+		52B1347816F3CC0400C07B32 /* Source */ = {
+			isa = PBXGroup;
+			children = (
+				52B1347916F3CC9200C07B32 /* wolfSSL */,
+				52B1347A16F3CC9A00C07B32 /* wolfCrypt */,
+			);
+			name = Source;
+			path = "wolfssl-ios";
+			sourceTree = "";
+		};
+		52B1347916F3CC9200C07B32 /* wolfSSL */ = {
+			isa = PBXGroup;
+			children = (
+				52B1347B16F3CCC400C07B32 /* tls.c */,
+				52B1347C16F3CCC400C07B32 /* ssl.c */,
+				52B1347D16F3CCC400C07B32 /* ocsp.c */,
+				52B1347E16F3CCC400C07B32 /* keys.c */,
+				52B1347F16F3CCC400C07B32 /* io.c */,
+				52B1348016F3CCC400C07B32 /* internal.c */,
+				52B1348116F3CCC400C07B32 /* crl.c */,
+			);
+			name = wolfSSL;
+			sourceTree = "";
+		};
+		52B1347A16F3CC9A00C07B32 /* wolfCrypt */ = {
+			isa = PBXGroup;
+			children = (
+				52F8CAC91A813C990085CA8C /* wc_port.c */,
+				52B1348916F3CDF300C07B32 /* tfm.c */,
+				52B1348A16F3CDF300C07B32 /* sha256.c */,
+				52B1348B16F3CDF300C07B32 /* sha.c */,
+				52B1348C16F3CDF300C07B32 /* rsa.c */,
+				52B1348D16F3CDF300C07B32 /* ripemd.c */,
+				52B1348E16F3CDF300C07B32 /* random.c */,
+				52B1348F16F3CDF300C07B32 /* rabbit.c */,
+				52B1349016F3CDF300C07B32 /* pwdbased.c */,
+				52B1349116F3CDF300C07B32 /* misc.c */,
+				52B1349216F3CDF300C07B32 /* memory.c */,
+				52B1349316F3CDF300C07B32 /* md5.c */,
+				52B1349416F3CDF300C07B32 /* md4.c */,
+				52B1349516F3CDF300C07B32 /* logging.c */,
+				52B1349616F3CDF300C07B32 /* integer.c */,
+				52B1349716F3CDF300C07B32 /* hmac.c */,
+				52B1349816F3CDF300C07B32 /* hc128.c */,
+				52B1349916F3CDF300C07B32 /* error.c */,
+				52B1349A16F3CDF300C07B32 /* ecc.c */,
+				52B1349B16F3CDF300C07B32 /* dsa.c */,
+				52B1349C16F3CDF300C07B32 /* dh.c */,
+				52B1349D16F3CDF300C07B32 /* des3.c */,
+				52B1349E16F3CDF300C07B32 /* coding.c */,
+				52B1349F16F3CDF300C07B32 /* camellia.c */,
+				52B134A016F3CDF300C07B32 /* asn.c */,
+				52B134A116F3CDF300C07B32 /* arc4.c */,
+				52B134A216F3CDF300C07B32 /* aes.c */,
+			);
+			name = wolfCrypt;
+			sourceTree = "";
+		};
+/* End PBXGroup section */
+
+/* Begin PBXNativeTarget section */
+		52B1344C16F3C9E800C07B32 /* wolfssl-ios */ = {
+			isa = PBXNativeTarget;
+			buildConfigurationList = 52B1347216F3C9E800C07B32 /* Build configuration list for PBXNativeTarget "wolfssl-ios" */;
+			buildPhases = (
+				52B1344916F3C9E800C07B32 /* Sources */,
+				52B1344A16F3C9E800C07B32 /* Frameworks */,
+				52B1344B16F3C9E800C07B32 /* CopyFiles */,
+			);
+			buildRules = (
+			);
+			dependencies = (
+			);
+			name = "wolfssl-ios";
+			productName = "wolfssl-ios";
+			productReference = 52B1344D16F3C9E800C07B32 /* libwolfssl-ios.a */;
+			productType = "com.apple.product-type.library.static";
+		};
+/* End PBXNativeTarget section */
+
+/* Begin PBXProject section */
+		52B1344516F3C9E800C07B32 /* Project object */ = {
+			isa = PBXProject;
+			attributes = {
+				LastUpgradeCheck = 0460;
+				ORGANIZATIONNAME = "wolfSSL Inc";
+			};
+			buildConfigurationList = 52B1344816F3C9E800C07B32 /* Build configuration list for PBXProject "wolfssl-ios" */;
+			compatibilityVersion = "Xcode 3.2";
+			developmentRegion = English;
+			hasScannedForEncodings = 0;
+			knownRegions = (
+				en,
+			);
+			mainGroup = 52B1344416F3C9E800C07B32;
+			productRefGroup = 52B1344E16F3C9E800C07B32 /* Products */;
+			projectDirPath = "";
+			projectRoot = "";
+			targets = (
+				52B1344C16F3C9E800C07B32 /* wolfssl-ios */,
+			);
+		};
+/* End PBXProject section */
+
+/* Begin PBXSourcesBuildPhase section */
+		52B1344916F3C9E800C07B32 /* Sources */ = {
+			isa = PBXSourcesBuildPhase;
+			buildActionMask = 2147483647;
+			files = (
+				52B1348216F3CCC400C07B32 /* tls.c in Sources */,
+				52B1348316F3CCC400C07B32 /* ssl.c in Sources */,
+				52B1348416F3CCC400C07B32 /* ocsp.c in Sources */,
+				52B1348516F3CCC400C07B32 /* keys.c in Sources */,
+				52B1348616F3CCC400C07B32 /* io.c in Sources */,
+				52B1348716F3CCC400C07B32 /* internal.c in Sources */,
+				52B1348816F3CCC400C07B32 /* crl.c in Sources */,
+				52B134A316F3CDF300C07B32 /* tfm.c in Sources */,
+				52B134A416F3CDF300C07B32 /* sha256.c in Sources */,
+				52B134A516F3CDF300C07B32 /* sha.c in Sources */,
+				52B134A616F3CDF300C07B32 /* rsa.c in Sources */,
+				52B134A716F3CDF300C07B32 /* ripemd.c in Sources */,
+				52B134A816F3CDF300C07B32 /* random.c in Sources */,
+				52B134A916F3CDF300C07B32 /* rabbit.c in Sources */,
+				52B134AA16F3CDF300C07B32 /* pwdbased.c in Sources */,
+				52B134AB16F3CDF300C07B32 /* misc.c in Sources */,
+				52B134AC16F3CDF300C07B32 /* memory.c in Sources */,
+				52B134AD16F3CDF300C07B32 /* md5.c in Sources */,
+				52B134AE16F3CDF300C07B32 /* md4.c in Sources */,
+				52B134AF16F3CDF300C07B32 /* logging.c in Sources */,
+				52B134B016F3CDF300C07B32 /* integer.c in Sources */,
+				52B134B116F3CDF300C07B32 /* hmac.c in Sources */,
+				52B134B216F3CDF300C07B32 /* hc128.c in Sources */,
+				52B134B316F3CDF300C07B32 /* error.c in Sources */,
+				52B134B416F3CDF300C07B32 /* ecc.c in Sources */,
+				52B134B516F3CDF300C07B32 /* dsa.c in Sources */,
+				52B134B616F3CDF300C07B32 /* dh.c in Sources */,
+				52B134B716F3CDF300C07B32 /* des3.c in Sources */,
+				52B134B816F3CDF300C07B32 /* coding.c in Sources */,
+				52B134B916F3CDF300C07B32 /* camellia.c in Sources */,
+				52B134BA16F3CDF300C07B32 /* asn.c in Sources */,
+				52B134BB16F3CDF300C07B32 /* arc4.c in Sources */,
+				52B134BC16F3CDF300C07B32 /* aes.c in Sources */,
+				52F8CACA1A813C990085CA8C /* wc_port.c in Sources */,
+			);
+			runOnlyForDeploymentPostprocessing = 0;
+		};
+/* End PBXSourcesBuildPhase section */
+
+/* Begin XCBuildConfiguration section */
+		52B1347016F3C9E800C07B32 /* Debug */ = {
+			isa = XCBuildConfiguration;
+			buildSettings = {
+				ALWAYS_SEARCH_USER_PATHS = NO;
+				CLANG_CXX_LANGUAGE_STANDARD = "gnu++0x";
+				CLANG_CXX_LIBRARY = "libc++";
+				CLANG_WARN_CONSTANT_CONVERSION = YES;
+				CLANG_WARN_EMPTY_BODY = YES;
+				CLANG_WARN_ENUM_CONVERSION = YES;
+				CLANG_WARN_INT_CONVERSION = YES;
+				CLANG_WARN__DUPLICATE_METHOD_MATCH = YES;
+				COPY_PHASE_STRIP = NO;
+				GCC_C_LANGUAGE_STANDARD = gnu99;
+				GCC_DYNAMIC_NO_PIC = NO;
+				GCC_OPTIMIZATION_LEVEL = 0;
+				GCC_PREPROCESSOR_DEFINITIONS = (
+					"DEBUG=1",
+					"$(inherited)",
+				);
+				GCC_SYMBOLS_PRIVATE_EXTERN = NO;
+				GCC_WARN_ABOUT_RETURN_TYPE = YES;
+				GCC_WARN_UNINITIALIZED_AUTOS = YES;
+				GCC_WARN_UNUSED_VARIABLE = YES;
+				IPHONEOS_DEPLOYMENT_TARGET = 6.1;
+				ONLY_ACTIVE_ARCH = YES;
+				SDKROOT = iphoneos;
+				USER_HEADER_SEARCH_PATHS = "wolfssl/wolfcrypt wolfssl include";
+			};
+			name = Debug;
+		};
+		52B1347116F3C9E800C07B32 /* Release */ = {
+			isa = XCBuildConfiguration;
+			buildSettings = {
+				ALWAYS_SEARCH_USER_PATHS = NO;
+				CLANG_CXX_LANGUAGE_STANDARD = "gnu++0x";
+				CLANG_CXX_LIBRARY = "libc++";
+				CLANG_WARN_CONSTANT_CONVERSION = YES;
+				CLANG_WARN_EMPTY_BODY = YES;
+				CLANG_WARN_ENUM_CONVERSION = YES;
+				CLANG_WARN_INT_CONVERSION = YES;
+				CLANG_WARN__DUPLICATE_METHOD_MATCH = YES;
+				COPY_PHASE_STRIP = YES;
+				GCC_C_LANGUAGE_STANDARD = gnu99;
+				GCC_WARN_ABOUT_RETURN_TYPE = YES;
+				GCC_WARN_UNINITIALIZED_AUTOS = YES;
+				GCC_WARN_UNUSED_VARIABLE = YES;
+				IPHONEOS_DEPLOYMENT_TARGET = 6.1;
+				SDKROOT = iphoneos;
+				USER_HEADER_SEARCH_PATHS = "wolfssl/wolfcrypt wolfssl include";
+				VALIDATE_PRODUCT = NO;
+			};
+			name = Release;
+		};
+		52B1347316F3C9E800C07B32 /* Debug */ = {
+			isa = XCBuildConfiguration;
+			buildSettings = {
+				ALWAYS_SEARCH_USER_PATHS = YES;
+				CLANG_LINK_OBJC_RUNTIME = NO;
+				DSTROOT = /tmp/wolfssl_ios.dst;
+				GCC_PRECOMPILE_PREFIX_HEADER = NO;
+				GCC_PREFIX_HEADER = "";
+				HEADER_SEARCH_PATHS = $SRCROOT;
+				OTHER_LDFLAGS = "";
+				PRODUCT_NAME = "$(TARGET_NAME)";
+				SKIP_INSTALL = YES;
+				TARGETED_DEVICE_FAMILY = "1,2";
+				USER_HEADER_SEARCH_PATHS = "wolfssl/wolfcrypt wolfssl";
+			};
+			name = Debug;
+		};
+		52B1347416F3C9E800C07B32 /* Release */ = {
+			isa = XCBuildConfiguration;
+			buildSettings = {
+				ALWAYS_SEARCH_USER_PATHS = YES;
+				CLANG_LINK_OBJC_RUNTIME = NO;
+				DSTROOT = /tmp/wolfssl_ios.dst;
+				GCC_PRECOMPILE_PREFIX_HEADER = NO;
+				GCC_PREFIX_HEADER = "";
+				HEADER_SEARCH_PATHS = $SRCROOT;
+				OTHER_LDFLAGS = "";
+				PRODUCT_NAME = "$(TARGET_NAME)";
+				SKIP_INSTALL = YES;
+				TARGETED_DEVICE_FAMILY = "1,2";
+				USER_HEADER_SEARCH_PATHS = "wolfssl/wolfcrypt wolfssl";
+			};
+			name = Release;
+		};
+/* End XCBuildConfiguration section */
+
+/* Begin XCConfigurationList section */
+		52B1344816F3C9E800C07B32 /* Build configuration list for PBXProject "wolfssl-ios" */ = {
+			isa = XCConfigurationList;
+			buildConfigurations = (
+				52B1347016F3C9E800C07B32 /* Debug */,
+				52B1347116F3C9E800C07B32 /* Release */,
+			);
+			defaultConfigurationIsVisible = 0;
+			defaultConfigurationName = Release;
+		};
+		52B1347216F3C9E800C07B32 /* Build configuration list for PBXNativeTarget "wolfssl-ios" */ = {
+			isa = XCConfigurationList;
+			buildConfigurations = (
+				52B1347316F3C9E800C07B32 /* Debug */,
+				52B1347416F3C9E800C07B32 /* Release */,
+			);
+			defaultConfigurationIsVisible = 0;
+			defaultConfigurationName = Release;
+		};
+/* End XCConfigurationList section */
+	};
+	rootObject = 52B1344516F3C9E800C07B32 /* Project object */;
+}
diff --git a/3P/wolfssl/wolfssl-iphone.xcodeproj/project.pbxproj b/3P/wolfssl/wolfssl-iphone.xcodeproj/project.pbxproj
new file mode 100644
index 00000000..b7c10f26
--- /dev/null
+++ b/3P/wolfssl/wolfssl-iphone.xcodeproj/project.pbxproj
@@ -0,0 +1,379 @@
+// !$*UTF8*$!
+{
+	archiveVersion = 1;
+	classes = {
+	};
+	objectVersion = 45;
+	objects = {
+
+/* Begin PBXBuildFile section */
+		43809E9B0FB7AD1C0050922E /* md4.c in Sources */ = {isa = PBXBuildFile; fileRef = 43809E9A0FB7AD1C0050922E /* md4.c */; };
+		43962ADF0DE7ED48003C5E5B /* ssl.c in Sources */ = {isa = PBXBuildFile; fileRef = 43C6C2790DDF984100F2D488 /* ssl.c */; };
+		439B3820136B391E004C965E /* logging.c in Sources */ = {isa = PBXBuildFile; fileRef = 439B381F136B391E004C965E /* logging.c */; };
+		43B89CBD142FEB5E00284CC6 /* internal.c in Sources */ = {isa = PBXBuildFile; fileRef = 43B89CBC142FEB5E00284CC6 /* internal.c */; };
+		43B89CBF142FEB6C00284CC6 /* io.c in Sources */ = {isa = PBXBuildFile; fileRef = 43B89CBE142FEB6C00284CC6 /* io.c */; };
+		43B89CC5142FEBBD00284CC6 /* memory.c in Sources */ = {isa = PBXBuildFile; fileRef = 43B89CC0142FEBBD00284CC6 /* memory.c */; };
+		43B89CC6142FEBBD00284CC6 /* tfm.c in Sources */ = {isa = PBXBuildFile; fileRef = 43B89CC1142FEBBD00284CC6 /* tfm.c */; };
+		43B89CC7142FEBBD00284CC6 /* ripemd.c in Sources */ = {isa = PBXBuildFile; fileRef = 43B89CC2142FEBBD00284CC6 /* ripemd.c */; };
+		43B89CC8142FEBBD00284CC6 /* sha512.c in Sources */ = {isa = PBXBuildFile; fileRef = 43B89CC3142FEBBD00284CC6 /* sha512.c */; };
+		43B89CC9142FEBBD00284CC6 /* pwdbased.c in Sources */ = {isa = PBXBuildFile; fileRef = 43B89CC4142FEBBD00284CC6 /* pwdbased.c */; };
+		43C6C27C0DDF984100F2D488 /* keys.c in Sources */ = {isa = PBXBuildFile; fileRef = 43C6C2780DDF984100F2D488 /* keys.c */; };
+		43C6C27E0DDF984100F2D488 /* tls.c in Sources */ = {isa = PBXBuildFile; fileRef = 43C6C27A0DDF984100F2D488 /* tls.c */; };
+		43C6C2920DDF98D400F2D488 /* aes.c in Sources */ = {isa = PBXBuildFile; fileRef = 43C6C2830DDF98D400F2D488 /* aes.c */; };
+		43C6C2930DDF98D400F2D488 /* arc4.c in Sources */ = {isa = PBXBuildFile; fileRef = 43C6C2840DDF98D400F2D488 /* arc4.c */; };
+		43C6C2940DDF98D400F2D488 /* asn.c in Sources */ = {isa = PBXBuildFile; fileRef = 43C6C2850DDF98D400F2D488 /* asn.c */; };
+		43C6C2950DDF98D400F2D488 /* coding.c in Sources */ = {isa = PBXBuildFile; fileRef = 43C6C2860DDF98D400F2D488 /* coding.c */; };
+		43C6C2960DDF98D400F2D488 /* des3.c in Sources */ = {isa = PBXBuildFile; fileRef = 43C6C2870DDF98D400F2D488 /* des3.c */; };
+		43C6C2970DDF98D400F2D488 /* dh.c in Sources */ = {isa = PBXBuildFile; fileRef = 43C6C2880DDF98D400F2D488 /* dh.c */; };
+		43C6C2980DDF98D400F2D488 /* dsa.c in Sources */ = {isa = PBXBuildFile; fileRef = 43C6C2890DDF98D400F2D488 /* dsa.c */; };
+		43C6C2990DDF98D400F2D488 /* hmac.c in Sources */ = {isa = PBXBuildFile; fileRef = 43C6C28A0DDF98D400F2D488 /* hmac.c */; };
+		43C6C29A0DDF98D400F2D488 /* integer.c in Sources */ = {isa = PBXBuildFile; fileRef = 43C6C28B0DDF98D400F2D488 /* integer.c */; };
+		43C6C29B0DDF98D400F2D488 /* md5.c in Sources */ = {isa = PBXBuildFile; fileRef = 43C6C28C0DDF98D400F2D488 /* md5.c */; };
+		43C6C29D0DDF98D400F2D488 /* random.c in Sources */ = {isa = PBXBuildFile; fileRef = 43C6C28E0DDF98D400F2D488 /* random.c */; };
+		43C6C29E0DDF98D400F2D488 /* rsa.c in Sources */ = {isa = PBXBuildFile; fileRef = 43C6C28F0DDF98D400F2D488 /* rsa.c */; };
+		43C6C29F0DDF98D400F2D488 /* sha.c in Sources */ = {isa = PBXBuildFile; fileRef = 43C6C2900DDF98D400F2D488 /* sha.c */; };
+		43C6C2A00DDF98D400F2D488 /* sha256.c in Sources */ = {isa = PBXBuildFile; fileRef = 43C6C2910DDF98D400F2D488 /* sha256.c */; };
+		43D565650F1EC9A600550C88 /* hc128.c in Sources */ = {isa = PBXBuildFile; fileRef = 43D565640F1EC9A600550C88 /* hc128.c */; };
+		43D565670F1EC9CC00550C88 /* rabbit.c in Sources */ = {isa = PBXBuildFile; fileRef = 43D565660F1EC9CC00550C88 /* rabbit.c */; };
+/* End PBXBuildFile section */
+
+/* Begin PBXCopyFilesBuildPhase section */
+		43C6C3160DDFAC6A00F2D488 /* CopyFiles */ = {
+			isa = PBXCopyFilesBuildPhase;
+			buildActionMask = 2147483647;
+			dstPath = "";
+			dstSubfolderSpec = 7;
+			files = (
+			);
+			runOnlyForDeploymentPostprocessing = 0;
+		};
+		43C6C3170DDFAC6A00F2D488 /* CopyFiles */ = {
+			isa = PBXCopyFilesBuildPhase;
+			buildActionMask = 8;
+			dstPath = "";
+			dstSubfolderSpec = 7;
+			files = (
+			);
+			runOnlyForDeploymentPostprocessing = 1;
+		};
+		43C6C3180DDFAC6A00F2D488 /* CopyFiles */ = {
+			isa = PBXCopyFilesBuildPhase;
+			buildActionMask = 2147483647;
+			dstPath = "";
+			dstSubfolderSpec = 7;
+			files = (
+			);
+			runOnlyForDeploymentPostprocessing = 0;
+		};
+/* End PBXCopyFilesBuildPhase section */
+
+/* Begin PBXFileReference section */
+		4368F6E40E9EA1140002A123 /* test.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; lineEnding = 2; name = test.c; path = wolfcrypt/test/test.c; sourceTree = ""; };
+		43809E9A0FB7AD1C0050922E /* md4.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = md4.c; path = wolfcrypt/src/md4.c; sourceTree = ""; };
+		439B381F136B391E004C965E /* logging.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = logging.c; path = wolfcrypt/src/logging.c; sourceTree = ""; };
+		43B89CBC142FEB5E00284CC6 /* internal.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = internal.c; path = src/internal.c; sourceTree = ""; };
+		43B89CBE142FEB6C00284CC6 /* io.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = io.c; path = src/io.c; sourceTree = ""; };
+		43B89CC0142FEBBD00284CC6 /* memory.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = memory.c; path = wolfcrypt/src/memory.c; sourceTree = ""; };
+		43B89CC1142FEBBD00284CC6 /* tfm.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = tfm.c; path = wolfcrypt/src/tfm.c; sourceTree = ""; };
+		43B89CC2142FEBBD00284CC6 /* ripemd.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = ripemd.c; path = wolfcrypt/src/ripemd.c; sourceTree = ""; };
+		43B89CC3142FEBBD00284CC6 /* sha512.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = sha512.c; path = wolfcrypt/src/sha512.c; sourceTree = ""; };
+		43B89CC4142FEBBD00284CC6 /* pwdbased.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = pwdbased.c; path = wolfcrypt/src/pwdbased.c; sourceTree = ""; };
+		43C6C2780DDF984100F2D488 /* keys.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; lineEnding = 2; name = keys.c; path = src/keys.c; sourceTree = ""; };
+		43C6C2790DDF984100F2D488 /* ssl.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; lineEnding = 0; name = ssl.c; path = src/ssl.c; sourceTree = ""; };
+		43C6C27A0DDF984100F2D488 /* tls.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; lineEnding = 2; name = tls.c; path = src/tls.c; sourceTree = ""; };
+		43C6C2830DDF98D400F2D488 /* aes.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; lineEnding = 2; name = aes.c; path = wolfcrypt/src/aes.c; sourceTree = ""; };
+		43C6C2840DDF98D400F2D488 /* arc4.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; lineEnding = 2; name = arc4.c; path = wolfcrypt/src/arc4.c; sourceTree = ""; };
+		43C6C2850DDF98D400F2D488 /* asn.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; lineEnding = 2; name = asn.c; path = wolfcrypt/src/asn.c; sourceTree = ""; };
+		43C6C2860DDF98D400F2D488 /* coding.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; lineEnding = 2; name = coding.c; path = wolfcrypt/src/coding.c; sourceTree = ""; };
+		43C6C2870DDF98D400F2D488 /* des3.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; lineEnding = 2; name = des3.c; path = wolfcrypt/src/des3.c; sourceTree = ""; };
+		43C6C2880DDF98D400F2D488 /* dh.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; lineEnding = 2; name = dh.c; path = wolfcrypt/src/dh.c; sourceTree = ""; };
+		43C6C2890DDF98D400F2D488 /* dsa.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; lineEnding = 2; name = dsa.c; path = wolfcrypt/src/dsa.c; sourceTree = ""; };
+		43C6C28A0DDF98D400F2D488 /* hmac.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; lineEnding = 0; name = hmac.c; path = wolfcrypt/src/hmac.c; sourceTree = ""; };
+		43C6C28B0DDF98D400F2D488 /* integer.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; lineEnding = 2; name = integer.c; path = wolfcrypt/src/integer.c; sourceTree = ""; };
+		43C6C28C0DDF98D400F2D488 /* md5.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; lineEnding = 2; name = md5.c; path = wolfcrypt/src/md5.c; sourceTree = ""; };
+		43C6C28E0DDF98D400F2D488 /* random.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; lineEnding = 2; name = random.c; path = wolfcrypt/src/random.c; sourceTree = ""; };
+		43C6C28F0DDF98D400F2D488 /* rsa.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; lineEnding = 2; name = rsa.c; path = wolfcrypt/src/rsa.c; sourceTree = ""; };
+		43C6C2900DDF98D400F2D488 /* sha.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; lineEnding = 2; name = sha.c; path = wolfcrypt/src/sha.c; sourceTree = ""; };
+		43C6C2910DDF98D400F2D488 /* sha256.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; lineEnding = 0; name = sha256.c; path = wolfcrypt/src/sha256.c; sourceTree = ""; };
+		43CB530D116E9FD5000A264B /* iphone-Info.plist */ = {isa = PBXFileReference; lastKnownFileType = text.plist.xml; path = "iphone-Info.plist"; sourceTree = ""; };
+		43D565640F1EC9A600550C88 /* hc128.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; lineEnding = 2; name = hc128.c; path = wolfcrypt/src/hc128.c; sourceTree = ""; };
+		43D565660F1EC9CC00550C88 /* rabbit.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; lineEnding = 2; name = rabbit.c; path = wolfcrypt/src/rabbit.c; sourceTree = ""; };
+		D2AAC046055464E500DB518D /* libwolfssl.a */ = {isa = PBXFileReference; explicitFileType = archive.ar; includeInIndex = 0; path = libwolfssl.a; sourceTree = BUILT_PRODUCTS_DIR; };
+/* End PBXFileReference section */
+
+/* Begin PBXFrameworksBuildPhase section */
+		D289987405E68DCB004EDB86 /* Frameworks */ = {
+			isa = PBXFrameworksBuildPhase;
+			buildActionMask = 2147483647;
+			files = (
+			);
+			runOnlyForDeploymentPostprocessing = 0;
+		};
+/* End PBXFrameworksBuildPhase section */
+
+/* Begin PBXGroup section */
+		08FB7794FE84155DC02AAC07 /* wolfssl */ = {
+			isa = PBXGroup;
+			children = (
+				08FB7795FE84155DC02AAC07 /* Source */,
+				C6A0FF2B0290797F04C91782 /* Documentation */,
+				1AB674ADFE9D54B511CA2CBB /* Products */,
+				43CB530D116E9FD5000A264B /* iphone-Info.plist */,
+			);
+			name = wolfssl;
+			sourceTree = "";
+		};
+		08FB7795FE84155DC02AAC07 /* Source */ = {
+			isa = PBXGroup;
+			children = (
+				43CA25B90EA400A60011ECA2 /* headers */,
+				43CA25720EA3F9B20011ECA2 /* src */,
+			);
+			name = Source;
+			sourceTree = "";
+		};
+		1AB674ADFE9D54B511CA2CBB /* Products */ = {
+			isa = PBXGroup;
+			children = (
+				D2AAC046055464E500DB518D /* libwolfssl.a */,
+			);
+			name = Products;
+			sourceTree = "";
+		};
+		43CA25720EA3F9B20011ECA2 /* src */ = {
+			isa = PBXGroup;
+			children = (
+				43B89CC0142FEBBD00284CC6 /* memory.c */,
+				43B89CC1142FEBBD00284CC6 /* tfm.c */,
+				43B89CC2142FEBBD00284CC6 /* ripemd.c */,
+				43B89CC3142FEBBD00284CC6 /* sha512.c */,
+				43B89CC4142FEBBD00284CC6 /* pwdbased.c */,
+				43B89CBE142FEB6C00284CC6 /* io.c */,
+				43B89CBC142FEB5E00284CC6 /* internal.c */,
+				439B381F136B391E004C965E /* logging.c */,
+				43809E9A0FB7AD1C0050922E /* md4.c */,
+				43D565660F1EC9CC00550C88 /* rabbit.c */,
+				43D565640F1EC9A600550C88 /* hc128.c */,
+				43C6C2830DDF98D400F2D488 /* aes.c */,
+				43C6C2840DDF98D400F2D488 /* arc4.c */,
+				43C6C2850DDF98D400F2D488 /* asn.c */,
+				43C6C2860DDF98D400F2D488 /* coding.c */,
+				43C6C2870DDF98D400F2D488 /* des3.c */,
+				4368F6E40E9EA1140002A123 /* test.c */,
+				43C6C2880DDF98D400F2D488 /* dh.c */,
+				43C6C2890DDF98D400F2D488 /* dsa.c */,
+				43C6C28A0DDF98D400F2D488 /* hmac.c */,
+				43C6C28B0DDF98D400F2D488 /* integer.c */,
+				43C6C28C0DDF98D400F2D488 /* md5.c */,
+				43C6C28E0DDF98D400F2D488 /* random.c */,
+				43C6C28F0DDF98D400F2D488 /* rsa.c */,
+				43C6C2900DDF98D400F2D488 /* sha.c */,
+				43C6C2910DDF98D400F2D488 /* sha256.c */,
+				43C6C2780DDF984100F2D488 /* keys.c */,
+				43C6C2790DDF984100F2D488 /* ssl.c */,
+				43C6C27A0DDF984100F2D488 /* tls.c */,
+			);
+			name = src;
+			sourceTree = "";
+		};
+		43CA25B90EA400A60011ECA2 /* headers */ = {
+			isa = PBXGroup;
+			children = (
+			);
+			name = headers;
+			sourceTree = "";
+		};
+		C6A0FF2B0290797F04C91782 /* Documentation */ = {
+			isa = PBXGroup;
+			children = (
+			);
+			name = Documentation;
+			sourceTree = "";
+		};
+/* End PBXGroup section */
+
+/* Begin PBXHeadersBuildPhase section */
+		D2AAC043055464E500DB518D /* Headers */ = {
+			isa = PBXHeadersBuildPhase;
+			buildActionMask = 2147483647;
+			files = (
+			);
+			runOnlyForDeploymentPostprocessing = 0;
+		};
+/* End PBXHeadersBuildPhase section */
+
+/* Begin PBXNativeTarget section */
+		D2AAC045055464E500DB518D /* wolfssl */ = {
+			isa = PBXNativeTarget;
+			buildConfigurationList = 1DEB91EB08733DB70010E9CD /* Build configuration list for PBXNativeTarget "wolfssl" */;
+			buildPhases = (
+				D2AAC043055464E500DB518D /* Headers */,
+				D2AAC044055464E500DB518D /* Sources */,
+				D289987405E68DCB004EDB86 /* Frameworks */,
+				43C6C3160DDFAC6A00F2D488 /* CopyFiles */,
+				43C6C3170DDFAC6A00F2D488 /* CopyFiles */,
+				43C6C3180DDFAC6A00F2D488 /* CopyFiles */,
+			);
+			buildRules = (
+			);
+			dependencies = (
+			);
+			name = wolfssl;
+			productName = wolfssl;
+			productReference = D2AAC046055464E500DB518D /* libwolfssl.a */;
+			productType = "com.apple.product-type.library.static";
+		};
+/* End PBXNativeTarget section */
+
+/* Begin PBXProject section */
+		08FB7793FE84155DC02AAC07 /* Project object */ = {
+			isa = PBXProject;
+			attributes = {
+				BuildIndependentTargetsInParallel = YES;
+			};
+			buildConfigurationList = 1DEB91EF08733DB70010E9CD /* Build configuration list for PBXProject "wolfssl-iphone" */;
+			compatibilityVersion = "Xcode 3.1";
+			developmentRegion = English;
+			hasScannedForEncodings = 1;
+			knownRegions = (
+				English,
+				Japanese,
+				French,
+				German,
+			);
+			mainGroup = 08FB7794FE84155DC02AAC07 /* wolfssl */;
+			projectDirPath = "";
+			projectRoot = "";
+			targets = (
+				D2AAC045055464E500DB518D /* wolfssl */,
+			);
+		};
+/* End PBXProject section */
+
+/* Begin PBXSourcesBuildPhase section */
+		D2AAC044055464E500DB518D /* Sources */ = {
+			isa = PBXSourcesBuildPhase;
+			buildActionMask = 2147483647;
+			files = (
+				43C6C27C0DDF984100F2D488 /* keys.c in Sources */,
+				43C6C27E0DDF984100F2D488 /* tls.c in Sources */,
+				43C6C2920DDF98D400F2D488 /* aes.c in Sources */,
+				43C6C2930DDF98D400F2D488 /* arc4.c in Sources */,
+				43C6C2940DDF98D400F2D488 /* asn.c in Sources */,
+				43C6C2950DDF98D400F2D488 /* coding.c in Sources */,
+				43C6C2960DDF98D400F2D488 /* des3.c in Sources */,
+				43C6C2970DDF98D400F2D488 /* dh.c in Sources */,
+				43C6C2980DDF98D400F2D488 /* dsa.c in Sources */,
+				43C6C2990DDF98D400F2D488 /* hmac.c in Sources */,
+				43C6C29A0DDF98D400F2D488 /* integer.c in Sources */,
+				43C6C29B0DDF98D400F2D488 /* md5.c in Sources */,
+				43C6C29D0DDF98D400F2D488 /* random.c in Sources */,
+				43C6C29E0DDF98D400F2D488 /* rsa.c in Sources */,
+				43C6C29F0DDF98D400F2D488 /* sha.c in Sources */,
+				43C6C2A00DDF98D400F2D488 /* sha256.c in Sources */,
+				43962ADF0DE7ED48003C5E5B /* ssl.c in Sources */,
+				43D565650F1EC9A600550C88 /* hc128.c in Sources */,
+				43D565670F1EC9CC00550C88 /* rabbit.c in Sources */,
+				43809E9B0FB7AD1C0050922E /* md4.c in Sources */,
+				439B3820136B391E004C965E /* logging.c in Sources */,
+				43B89CBD142FEB5E00284CC6 /* internal.c in Sources */,
+				43B89CBF142FEB6C00284CC6 /* io.c in Sources */,
+				43B89CC5142FEBBD00284CC6 /* memory.c in Sources */,
+				43B89CC6142FEBBD00284CC6 /* tfm.c in Sources */,
+				43B89CC7142FEBBD00284CC6 /* ripemd.c in Sources */,
+				43B89CC8142FEBBD00284CC6 /* sha512.c in Sources */,
+				43B89CC9142FEBBD00284CC6 /* pwdbased.c in Sources */,
+			);
+			runOnlyForDeploymentPostprocessing = 0;
+		};
+/* End PBXSourcesBuildPhase section */
+
+/* Begin XCBuildConfiguration section */
+		1DEB91EC08733DB70010E9CD /* Debug */ = {
+			isa = XCBuildConfiguration;
+			buildSettings = {
+				ARCHS = "$(ARCHS_STANDARD_32_BIT)";
+				COPY_PHASE_STRIP = NO;
+				GCC_DYNAMIC_NO_PIC = NO;
+				GCC_ENABLE_FIX_AND_CONTINUE = YES;
+				GCC_MODEL_TUNING = G5;
+				GCC_OPTIMIZATION_LEVEL = 0;
+				GCC_PREPROCESSOR_DEFINITIONS = IPHONE;
+				HEADER_SEARCH_PATHS = $SRCROOT;
+				INSTALL_PATH = /usr/local/lib;
+				PRODUCT_NAME = wolfssl;
+				SDKROOT = iphoneos;
+				USER_HEADER_SEARCH_PATHS = "";
+				WARNING_CFLAGS = "-Wall";
+				ZERO_LINK = YES;
+			};
+			name = Debug;
+		};
+		1DEB91ED08733DB70010E9CD /* Release */ = {
+			isa = XCBuildConfiguration;
+			buildSettings = {
+				ARCHS = "$(ARCHS_STANDARD_32_BIT)";
+				DEBUG_INFORMATION_FORMAT = "dwarf-with-dsym";
+				GCC_MODEL_TUNING = G5;
+				GCC_PREPROCESSOR_DEFINITIONS = IPHONE;
+				HEADER_SEARCH_PATHS = $SRCROOT;
+				INSTALL_PATH = /usr/local/lib;
+				PRODUCT_NAME = wolfssl;
+				USER_HEADER_SEARCH_PATHS = "";
+				WARNING_CFLAGS = "-Wall";
+			};
+			name = Release;
+		};
+		1DEB91F008733DB70010E9CD /* Debug */ = {
+			isa = XCBuildConfiguration;
+			buildSettings = {
+				ARCHS = "$(ARCHS_STANDARD_32_BIT)";
+				GCC_PREPROCESSOR_DEFINITIONS = IPHONE;
+				GCC_VERSION = 4.2;
+				GCC_WARN_ABOUT_RETURN_TYPE = YES;
+				GCC_WARN_UNUSED_VARIABLE = YES;
+				PREBINDING = NO;
+				SDKROOT = iphoneos;
+				USER_HEADER_SEARCH_PATHS = "include wolfcrypt/include";
+			};
+			name = Debug;
+		};
+		1DEB91F108733DB70010E9CD /* Release */ = {
+			isa = XCBuildConfiguration;
+			buildSettings = {
+				ARCHS = "$(ARCHS_STANDARD_32_BIT)";
+				GCC_PREPROCESSOR_DEFINITIONS = IPHONE;
+				GCC_VERSION = 4.2;
+				GCC_WARN_ABOUT_RETURN_TYPE = YES;
+				GCC_WARN_UNUSED_VARIABLE = YES;
+				PREBINDING = NO;
+				SDKROOT = iphonesimulator2.2;
+				USER_HEADER_SEARCH_PATHS = "include wolfcrypt/include";
+			};
+			name = Release;
+		};
+/* End XCBuildConfiguration section */
+
+/* Begin XCConfigurationList section */
+		1DEB91EB08733DB70010E9CD /* Build configuration list for PBXNativeTarget "wolfssl" */ = {
+			isa = XCConfigurationList;
+			buildConfigurations = (
+				1DEB91EC08733DB70010E9CD /* Debug */,
+				1DEB91ED08733DB70010E9CD /* Release */,
+			);
+			defaultConfigurationIsVisible = 0;
+			defaultConfigurationName = Release;
+		};
+		1DEB91EF08733DB70010E9CD /* Build configuration list for PBXProject "wolfssl-iphone" */ = {
+			isa = XCConfigurationList;
+			buildConfigurations = (
+				1DEB91F008733DB70010E9CD /* Debug */,
+				1DEB91F108733DB70010E9CD /* Release */,
+			);
+			defaultConfigurationIsVisible = 0;
+			defaultConfigurationName = Release;
+		};
+/* End XCConfigurationList section */
+	};
+	rootObject = 08FB7793FE84155DC02AAC07 /* Project object */;
+}
diff --git a/3P/wolfssl/wolfssl-ntru.sln b/3P/wolfssl/wolfssl-ntru.sln
new file mode 100755
index 00000000..c43e1cf1
--- /dev/null
+++ b/3P/wolfssl/wolfssl-ntru.sln
@@ -0,0 +1,65 @@
+
+Microsoft Visual Studio Solution File, Format Version 10.00
+# Visual C++ Express 2008
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "wolfssl", "wolfssl-ntru.vcproj", "{73973223-5EE8-41CA-8E88-1D60E89A237B}"
+EndProject
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "testsuite", "testsuite\testsuite-ntru.vcproj", "{611E8971-46E0-4D0A-B5A1-632C3B00CB80}"
+	ProjectSection(ProjectDependencies) = postProject
+		{73973223-5EE8-41CA-8E88-1D60E89A237B} = {73973223-5EE8-41CA-8E88-1D60E89A237B}
+	EndProjectSection
+EndProject
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "echoserver", "examples\echoserver\echoserver-ntru.vcproj", "{07D97C48-E08F-4E34-9F67-3064039FF2CB}"
+	ProjectSection(ProjectDependencies) = postProject
+		{73973223-5EE8-41CA-8E88-1D60E89A237B} = {73973223-5EE8-41CA-8E88-1D60E89A237B}
+	EndProjectSection
+EndProject
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "echoclient", "examples\echoclient\echoclient-ntru.vcproj", "{8362A816-C5DC-4E22-B5C5-9E6806387073}"
+	ProjectSection(ProjectDependencies) = postProject
+		{73973223-5EE8-41CA-8E88-1D60E89A237B} = {73973223-5EE8-41CA-8E88-1D60E89A237B}
+	EndProjectSection
+EndProject
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "client", "examples\client\client-ntru.vcproj", "{3ADE9549-582D-4D8E-9826-B172197A7959}"
+	ProjectSection(ProjectDependencies) = postProject
+		{73973223-5EE8-41CA-8E88-1D60E89A237B} = {73973223-5EE8-41CA-8E88-1D60E89A237B}
+	EndProjectSection
+EndProject
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "server", "examples\server\server-ntru.vcproj", "{E9FB0BA5-BA46-4A59-A953-39C18CD1DCB1}"
+	ProjectSection(ProjectDependencies) = postProject
+		{73973223-5EE8-41CA-8E88-1D60E89A237B} = {73973223-5EE8-41CA-8E88-1D60E89A237B}
+	EndProjectSection
+EndProject
+Global
+	GlobalSection(SolutionConfigurationPlatforms) = preSolution
+		Debug|Win32 = Debug|Win32
+		Release|Win32 = Release|Win32
+	EndGlobalSection
+	GlobalSection(ProjectConfigurationPlatforms) = postSolution
+		{73973223-5EE8-41CA-8E88-1D60E89A237B}.Debug|Win32.ActiveCfg = Debug|Win32
+		{73973223-5EE8-41CA-8E88-1D60E89A237B}.Debug|Win32.Build.0 = Debug|Win32
+		{73973223-5EE8-41CA-8E88-1D60E89A237B}.Release|Win32.ActiveCfg = Release|Win32
+		{73973223-5EE8-41CA-8E88-1D60E89A237B}.Release|Win32.Build.0 = Release|Win32
+		{611E8971-46E0-4D0A-B5A1-632C3B00CB80}.Debug|Win32.ActiveCfg = Debug|Win32
+		{611E8971-46E0-4D0A-B5A1-632C3B00CB80}.Debug|Win32.Build.0 = Debug|Win32
+		{611E8971-46E0-4D0A-B5A1-632C3B00CB80}.Release|Win32.ActiveCfg = Release|Win32
+		{611E8971-46E0-4D0A-B5A1-632C3B00CB80}.Release|Win32.Build.0 = Release|Win32
+		{07D97C48-E08F-4E34-9F67-3064039FF2CB}.Debug|Win32.ActiveCfg = Debug|Win32
+		{07D97C48-E08F-4E34-9F67-3064039FF2CB}.Debug|Win32.Build.0 = Debug|Win32
+		{07D97C48-E08F-4E34-9F67-3064039FF2CB}.Release|Win32.ActiveCfg = Release|Win32
+		{07D97C48-E08F-4E34-9F67-3064039FF2CB}.Release|Win32.Build.0 = Release|Win32
+		{8362A816-C5DC-4E22-B5C5-9E6806387073}.Debug|Win32.ActiveCfg = Debug|Win32
+		{8362A816-C5DC-4E22-B5C5-9E6806387073}.Debug|Win32.Build.0 = Debug|Win32
+		{8362A816-C5DC-4E22-B5C5-9E6806387073}.Release|Win32.ActiveCfg = Release|Win32
+		{8362A816-C5DC-4E22-B5C5-9E6806387073}.Release|Win32.Build.0 = Release|Win32
+		{3ADE9549-582D-4D8E-9826-B172197A7959}.Debug|Win32.ActiveCfg = Debug|Win32
+		{3ADE9549-582D-4D8E-9826-B172197A7959}.Debug|Win32.Build.0 = Debug|Win32
+		{3ADE9549-582D-4D8E-9826-B172197A7959}.Release|Win32.ActiveCfg = Release|Win32
+		{3ADE9549-582D-4D8E-9826-B172197A7959}.Release|Win32.Build.0 = Release|Win32
+		{E9FB0BA5-BA46-4A59-A953-39C18CD1DCB1}.Debug|Win32.ActiveCfg = Debug|Win32
+		{E9FB0BA5-BA46-4A59-A953-39C18CD1DCB1}.Debug|Win32.Build.0 = Debug|Win32
+		{E9FB0BA5-BA46-4A59-A953-39C18CD1DCB1}.Release|Win32.ActiveCfg = Release|Win32
+		{E9FB0BA5-BA46-4A59-A953-39C18CD1DCB1}.Release|Win32.Build.0 = Release|Win32
+	EndGlobalSection
+	GlobalSection(SolutionProperties) = preSolution
+		HideSolutionNode = FALSE
+	EndGlobalSection
+EndGlobal
diff --git a/3P/wolfssl/wolfssl-ntru.vcproj b/3P/wolfssl/wolfssl-ntru.vcproj
new file mode 100755
index 00000000..9af066aa
--- /dev/null
+++ b/3P/wolfssl/wolfssl-ntru.vcproj
@@ -0,0 +1,313 @@
+
+
+	
+		
+	
+	
+	
+	
+		
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+		
+		
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+		
+	
+	
+	
+	
+		
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+		
+		
+		
+		
+		
+	
+	
+	
+
diff --git a/3P/wolfssl/wolfssl.sln b/3P/wolfssl/wolfssl.sln
new file mode 100755
index 00000000..15fa6f79
--- /dev/null
+++ b/3P/wolfssl/wolfssl.sln
@@ -0,0 +1,74 @@
+
+Microsoft Visual Studio Solution File, Format Version 10.00
+# Visual C++ Express 2008
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "wolfssl", "wolfssl.vcproj", "{73973223-5EE8-41CA-8E88-1D60E89A237B}"
+EndProject
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "testsuite", "testsuite\testsuite.vcproj", "{611E8971-46E0-4D0A-B5A1-632C3B00CB80}"
+	ProjectSection(ProjectDependencies) = postProject
+		{73973223-5EE8-41CA-8E88-1D60E89A237B} = {73973223-5EE8-41CA-8E88-1D60E89A237B}
+	EndProjectSection
+EndProject
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "sslSniffer", "sslSniffer\sslSniffer.vcproj", "{34FAE5A6-2B0F-4B55-86FE-0C43E4810F4D}"
+	ProjectSection(ProjectDependencies) = postProject
+		{73973223-5EE8-41CA-8E88-1D60E89A237B} = {73973223-5EE8-41CA-8E88-1D60E89A237B}
+	EndProjectSection
+EndProject
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "echoserver", "examples\echoserver\echoserver.vcproj", "{07D97C48-E08F-4E34-9F67-3064039FF2CB}"
+	ProjectSection(ProjectDependencies) = postProject
+		{73973223-5EE8-41CA-8E88-1D60E89A237B} = {73973223-5EE8-41CA-8E88-1D60E89A237B}
+	EndProjectSection
+EndProject
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "echoclient", "examples\echoclient\echoclient.vcproj", "{8362A816-C5DC-4E22-B5C5-9E6806387073}"
+	ProjectSection(ProjectDependencies) = postProject
+		{73973223-5EE8-41CA-8E88-1D60E89A237B} = {73973223-5EE8-41CA-8E88-1D60E89A237B}
+	EndProjectSection
+EndProject
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "client", "examples\client\client.vcproj", "{3ADE9549-582D-4D8E-9826-B172197A7959}"
+	ProjectSection(ProjectDependencies) = postProject
+		{73973223-5EE8-41CA-8E88-1D60E89A237B} = {73973223-5EE8-41CA-8E88-1D60E89A237B}
+	EndProjectSection
+EndProject
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "server", "examples\server\server.vcproj", "{E9FB0BA5-BA46-4A59-A953-39C18CD1DCB1}"
+	ProjectSection(ProjectDependencies) = postProject
+		{73973223-5EE8-41CA-8E88-1D60E89A237B} = {73973223-5EE8-41CA-8E88-1D60E89A237B}
+	EndProjectSection
+EndProject
+Global
+	GlobalSection(SolutionConfigurationPlatforms) = preSolution
+		Debug|Win32 = Debug|Win32
+		Release|Win32 = Release|Win32
+	EndGlobalSection
+	GlobalSection(ProjectConfigurationPlatforms) = postSolution
+		{73973223-5EE8-41CA-8E88-1D60E89A237B}.Debug|Win32.ActiveCfg = Debug|Win32
+		{73973223-5EE8-41CA-8E88-1D60E89A237B}.Debug|Win32.Build.0 = Debug|Win32
+		{73973223-5EE8-41CA-8E88-1D60E89A237B}.Release|Win32.ActiveCfg = Release|Win32
+		{73973223-5EE8-41CA-8E88-1D60E89A237B}.Release|Win32.Build.0 = Release|Win32
+		{611E8971-46E0-4D0A-B5A1-632C3B00CB80}.Debug|Win32.ActiveCfg = Debug|Win32
+		{611E8971-46E0-4D0A-B5A1-632C3B00CB80}.Debug|Win32.Build.0 = Debug|Win32
+		{611E8971-46E0-4D0A-B5A1-632C3B00CB80}.Release|Win32.ActiveCfg = Release|Win32
+		{611E8971-46E0-4D0A-B5A1-632C3B00CB80}.Release|Win32.Build.0 = Release|Win32
+		{34FAE5A6-2B0F-4B55-86FE-0C43E4810F4D}.Debug|Win32.ActiveCfg = Debug|Win32
+		{34FAE5A6-2B0F-4B55-86FE-0C43E4810F4D}.Debug|Win32.Build.0 = Debug|Win32
+		{34FAE5A6-2B0F-4B55-86FE-0C43E4810F4D}.Release|Win32.ActiveCfg = Release|Win32
+		{34FAE5A6-2B0F-4B55-86FE-0C43E4810F4D}.Release|Win32.Build.0 = Release|Win32
+		{07D97C48-E08F-4E34-9F67-3064039FF2CB}.Debug|Win32.ActiveCfg = Debug|Win32
+		{07D97C48-E08F-4E34-9F67-3064039FF2CB}.Debug|Win32.Build.0 = Debug|Win32
+		{07D97C48-E08F-4E34-9F67-3064039FF2CB}.Release|Win32.ActiveCfg = Release|Win32
+		{07D97C48-E08F-4E34-9F67-3064039FF2CB}.Release|Win32.Build.0 = Release|Win32
+		{8362A816-C5DC-4E22-B5C5-9E6806387073}.Debug|Win32.ActiveCfg = Debug|Win32
+		{8362A816-C5DC-4E22-B5C5-9E6806387073}.Debug|Win32.Build.0 = Debug|Win32
+		{8362A816-C5DC-4E22-B5C5-9E6806387073}.Release|Win32.ActiveCfg = Release|Win32
+		{8362A816-C5DC-4E22-B5C5-9E6806387073}.Release|Win32.Build.0 = Release|Win32
+		{3ADE9549-582D-4D8E-9826-B172197A7959}.Debug|Win32.ActiveCfg = Debug|Win32
+		{3ADE9549-582D-4D8E-9826-B172197A7959}.Debug|Win32.Build.0 = Debug|Win32
+		{3ADE9549-582D-4D8E-9826-B172197A7959}.Release|Win32.ActiveCfg = Release|Win32
+		{3ADE9549-582D-4D8E-9826-B172197A7959}.Release|Win32.Build.0 = Release|Win32
+		{E9FB0BA5-BA46-4A59-A953-39C18CD1DCB1}.Debug|Win32.ActiveCfg = Debug|Win32
+		{E9FB0BA5-BA46-4A59-A953-39C18CD1DCB1}.Debug|Win32.Build.0 = Debug|Win32
+		{E9FB0BA5-BA46-4A59-A953-39C18CD1DCB1}.Release|Win32.ActiveCfg = Release|Win32
+		{E9FB0BA5-BA46-4A59-A953-39C18CD1DCB1}.Release|Win32.Build.0 = Release|Win32
+	EndGlobalSection
+	GlobalSection(SolutionProperties) = preSolution
+		HideSolutionNode = FALSE
+	EndGlobalSection
+EndGlobal
diff --git a/3P/wolfssl/wolfssl.vcproj b/3P/wolfssl/wolfssl.vcproj
new file mode 100755
index 00000000..08d3eae8
--- /dev/null
+++ b/3P/wolfssl/wolfssl.vcproj
@@ -0,0 +1,306 @@
+
+
+	
+		
+	
+	
+	
+	
+		
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+		
+		
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+		
+	
+	
+	
+	
+		
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+			
+		
+		
+		
+		
+		
+	
+	
+	
+
diff --git a/3P/wolfssl/wolfssl.vcxproj b/3P/wolfssl/wolfssl.vcxproj
new file mode 100644
index 00000000..f7d98fa1
--- /dev/null
+++ b/3P/wolfssl/wolfssl.vcxproj
@@ -0,0 +1,182 @@
+
+
+  
+    
+      Debug
+      Win32
+    
+    
+      Debug
+      x64
+    
+    
+      Release
+      Win32
+    
+    
+      Release
+      x64
+    
+  
+  
+    {73973223-5EE8-41CA-8E88-1D60E89A237B}
+    wolfssl
+    Win32Proj
+  
+  
+  
+    StaticLibrary
+    v110
+    Unicode
+    true
+  
+  
+    StaticLibrary
+    v110
+    Unicode
+    true
+  
+  
+    StaticLibrary
+    v110
+    Unicode
+  
+  
+    StaticLibrary
+    v110
+    Unicode
+  
+  
+  
+  
+  
+    
+  
+  
+    
+  
+  
+    
+  
+  
+    
+  
+  
+  
+    <_ProjectFileVersion>11.0.61030.0
+  
+  
+    $(SolutionDir)$(Configuration)\
+    $(Configuration)\
+  
+  
+  
+    $(SolutionDir)$(Configuration)\
+    $(Configuration)\
+  
+  
+  
+    
+      Disabled
+      ./;%(AdditionalIncludeDirectories)
+      OPENSSL_EXTRA;WOLFSSL_RIPEMD;WOLFSSL_SHA512;NO_PSK;%(PreprocessorDefinitions)
+      true
+      EnableFastChecks
+      MultiThreadedDebugDLL
+      
+      Level4
+      EditAndContinue
+      4206;%(DisableSpecificWarnings)
+    
+  
+  
+    
+      Disabled
+      ./;%(AdditionalIncludeDirectories)
+      OPENSSL_EXTRA;WOLFSSL_RIPEMD;WOLFSSL_SHA512;NO_PSK;%(PreprocessorDefinitions)
+      EnableFastChecks
+      MultiThreadedDebugDLL
+      
+      
+      Level4
+      ProgramDatabase
+      4206;%(DisableSpecificWarnings)
+    
+  
+  
+    
+      MaxSpeed
+      true
+      ./;%(AdditionalIncludeDirectories)
+      OPENSSL_EXTRA;WOLFSSL_RIPEMD;WOLFSSL_SHA512;NO_PSK;%(PreprocessorDefinitions)
+      MultiThreadedDLL
+      true
+      
+      Level3
+      ProgramDatabase
+    
+  
+  
+    
+      MaxSpeed
+      true
+      ./;%(AdditionalIncludeDirectories)
+      OPENSSL_EXTRA;WOLFSSL_RIPEMD;WOLFSSL_SHA512;NO_PSK;%(PreprocessorDefinitions)
+      MultiThreadedDLL
+      true
+      
+      
+      Level3
+      ProgramDatabase
+    
+  
+  
+    
+    
+    
+    
+    
+    
+    
+    
+    
+    
+    
+    
+    
+    
+    
+    
+    
+    
+    
+    
+    
+    
+    
+    
+    
+    
+    
+    
+    
+    
+    
+    
+    
+    
+  
+  
+    
+      false
+      ml64.exe /c /Zi /Fo"$(OutDir)%(Filename).obj" %(Identity)
+      $(OutDir)%(Filename).obj
+      false
+      ml64.exe /c /Zi /Fo"$(OutDir)%(Filename).obj" %(Identity)
+      $(OutDir)%(Filename).obj
+    
+  
+  
+  
+  
+
diff --git a/3P/wolfssl/wolfssl/callbacks.h b/3P/wolfssl/wolfssl/callbacks.h
new file mode 100644
index 00000000..8794e9e4
--- /dev/null
+++ b/3P/wolfssl/wolfssl/callbacks.h
@@ -0,0 +1,80 @@
+/* callbacks.h
+ *
+ * Copyright (C) 2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#ifndef WOLFSSL_CALLBACKS_H
+#define WOLFSSL_CALLBACKS_H
+
+#include 
+
+#ifdef __cplusplus
+    extern "C" {
+#endif
+
+
+enum { /* CALLBACK CONTSTANTS */
+    MAX_PACKETNAME_SZ     =  24,
+    MAX_CIPHERNAME_SZ     =  24,
+    MAX_TIMEOUT_NAME_SZ   =  24,       
+    MAX_PACKETS_HANDSHAKE =  14,       /* 12 for client auth plus 2 alerts */
+    MAX_VALUE_SZ          = 128,       /* all handshake packets but Cert should
+                                          fit here  */
+};
+
+
+typedef struct handShakeInfo_st {
+    char   cipherName[MAX_CIPHERNAME_SZ + 1];    /* negotiated cipher */
+    char   packetNames[MAX_PACKETS_HANDSHAKE][MAX_PACKETNAME_SZ + 1];
+                                                 /* SSL packet names  */ 
+    int    numberPackets;                        /* actual # of packets */
+    int    negotiationError;                     /* cipher/parameter err */
+} HandShakeInfo;
+
+
+typedef struct timeval Timeval;
+
+
+typedef struct packetInfo_st {
+    char           packetName[MAX_PACKETNAME_SZ + 1]; /* SSL packet name */
+    Timeval        timestamp;                       /* when it occured    */
+    unsigned char  value[MAX_VALUE_SZ];             /* if fits, it's here */ 
+    unsigned char* bufferValue;                     /* otherwise here (non 0) */
+    int            valueSz;                         /* sz of value or buffer */
+} PacketInfo;
+
+
+typedef struct timeoutInfo_st {
+    char       timeoutName[MAX_TIMEOUT_NAME_SZ + 1]; /* timeout Name */
+    int        flags;                              /* for future use */
+    int        numberPackets;                      /* actual # of packets */
+    PacketInfo packets[MAX_PACKETS_HANDSHAKE];     /* list of all packets  */
+    Timeval    timeoutValue;                       /* timer that caused it */
+} TimeoutInfo;
+
+
+
+#ifdef __cplusplus
+    }  /* extern "C" */
+#endif
+
+
+#endif /* WOLFSSL_CALLBACKS_H */
+
diff --git a/3P/wolfssl/wolfssl/certs_test.h b/3P/wolfssl/wolfssl/certs_test.h
new file mode 100644
index 00000000..69007d62
--- /dev/null
+++ b/3P/wolfssl/wolfssl/certs_test.h
@@ -0,0 +1,1196 @@
+/* certs_test.h */
+
+#ifndef WOLFSSL_CERTS_TEST_H
+#define WOLFSSL_CERTS_TEST_H
+
+#ifdef USE_CERT_BUFFERS_1024
+
+/* ./certs/1024/client-key.der, 1024-bit */
+const unsigned char client_key_der_1024[] =
+{
+	0x30, 0x82, 0x02, 0x5C, 0x02, 0x01, 0x00, 0x02, 0x81, 0x81, 
+	0x00, 0xBC, 0x73, 0x0E, 0xA8, 0x49, 0xF3, 0x74, 0xA2, 0xA9, 
+	0xEF, 0x18, 0xA5, 0xDA, 0x55, 0x99, 0x21, 0xF9, 0xC8, 0xEC, 
+	0xB3, 0x6D, 0x48, 0xE5, 0x35, 0x35, 0x75, 0x77, 0x37, 0xEC, 
+	0xD1, 0x61, 0x90, 0x5F, 0x3E, 0xD9, 0xE4, 0xD5, 0xDF, 0x94, 
+	0xCA, 0xC1, 0xA9, 0xD7, 0x19, 0xDA, 0x86, 0xC9, 0xE8, 0x4D, 
+	0xC4, 0x61, 0x36, 0x82, 0xFE, 0xAB, 0xAD, 0x7E, 0x77, 0x25, 
+	0xBB, 0x8D, 0x11, 0xA5, 0xBC, 0x62, 0x3A, 0xA8, 0x38, 0xCC, 
+	0x39, 0xA2, 0x04, 0x66, 0xB4, 0xF7, 0xF7, 0xF3, 0xAA, 0xDA, 
+	0x4D, 0x02, 0x0E, 0xBB, 0x5E, 0x8D, 0x69, 0x48, 0xDC, 0x77, 
+	0xC9, 0x28, 0x0E, 0x22, 0xE9, 0x6B, 0xA4, 0x26, 0xBA, 0x4C, 
+	0xE8, 0xC1, 0xFD, 0x4A, 0x6F, 0x2B, 0x1F, 0xEF, 0x8A, 0xAE, 
+	0xF6, 0x90, 0x62, 0xE5, 0x64, 0x1E, 0xEB, 0x2B, 0x3C, 0x67, 
+	0xC8, 0xDC, 0x27, 0x00, 0xF6, 0x91, 0x68, 0x65, 0xA9, 0x02, 
+	0x03, 0x01, 0x00, 0x01, 0x02, 0x81, 0x80, 0x13, 0x97, 0xEA, 
+	0xE8, 0x38, 0x78, 0x25, 0xA2, 0x5C, 0x04, 0xCE, 0x0D, 0x40, 
+	0x7C, 0x31, 0xE5, 0xC4, 0x70, 0xCD, 0x9B, 0x82, 0x3B, 0x58, 
+	0x09, 0x86, 0x3B, 0x66, 0x5F, 0xDC, 0x31, 0x90, 0xF1, 0x4F, 
+	0xD5, 0xDB, 0x15, 0xDD, 0xDE, 0xD7, 0x3B, 0x95, 0x93, 0x31, 
+	0x18, 0x31, 0x0E, 0x5E, 0xA3, 0xD6, 0xA2, 0x1A, 0x71, 0x6E, 
+	0x81, 0x48, 0x1C, 0x4B, 0xCF, 0xDB, 0x8E, 0x7A, 0x86, 0x61, 
+	0x32, 0xDC, 0xFB, 0x55, 0xC1, 0x16, 0x6D, 0x27, 0x92, 0x24, 
+	0x45, 0x8B, 0xF1, 0xB8, 0x48, 0xB1, 0x4B, 0x1D, 0xAC, 0xDE, 
+	0xDA, 0xDD, 0x8E, 0x2F, 0xC2, 0x91, 0xFB, 0xA5, 0xA9, 0x6E, 
+	0xF8, 0x3A, 0x6A, 0xF1, 0xFD, 0x50, 0x18, 0xEF, 0x9F, 0xE7, 
+	0xC3, 0xCA, 0x78, 0xEA, 0x56, 0xD3, 0xD3, 0x72, 0x5B, 0x96, 
+	0xDD, 0x4E, 0x06, 0x4E, 0x3A, 0xC3, 0xD9, 0xBE, 0x72, 0xB6, 
+	0x65, 0x07, 0x07, 0x4C, 0x01, 0x02, 0x41, 0x00, 0xFA, 0x47, 
+	0xD4, 0x7A, 0x7C, 0x92, 0x3C, 0x55, 0xEF, 0x81, 0xF0, 0x41, 
+	0x30, 0x2D, 0xA3, 0xCF, 0x8F, 0x1C, 0xE6, 0x87, 0x27, 0x05, 
+	0x70, 0x0D, 0xDF, 0x98, 0x35, 0xD6, 0xF1, 0x8B, 0x38, 0x2F, 
+	0x24, 0xB5, 0xD0, 0x84, 0xB6, 0x79, 0x4F, 0x71, 0x29, 0x94, 
+	0x5A, 0xF0, 0x64, 0x6A, 0xAC, 0xE7, 0x72, 0xC6, 0xED, 0x4D, 
+	0x59, 0x98, 0x3E, 0x67, 0x3A, 0xF3, 0x74, 0x2C, 0xF9, 0x61, 
+	0x17, 0x69, 0x02, 0x41, 0x00, 0xC0, 0xC1, 0x82, 0x0D, 0x0C, 
+	0xEB, 0xC6, 0x2F, 0xDC, 0x92, 0xF9, 0x9D, 0x82, 0x1A, 0x31, 
+	0xE9, 0xE9, 0xF7, 0x4B, 0xF2, 0x82, 0x87, 0x1C, 0xEE, 0x16, 
+	0x6A, 0xD1, 0x1D, 0x18, 0x82, 0x70, 0xF3, 0xC0, 0xB6, 0x2F, 
+	0xF6, 0xF3, 0xF7, 0x1D, 0xF1, 0x86, 0x23, 0xC8, 0x4E, 0xEB, 
+	0x8F, 0x56, 0x8E, 0x8F, 0xF5, 0xBF, 0xF1, 0xF7, 0x2B, 0xB5, 
+	0xCC, 0x3D, 0xC6, 0x57, 0x39, 0x0C, 0x1B, 0x54, 0x41, 0x02, 
+	0x41, 0x00, 0x9D, 0x7E, 0x05, 0xDE, 0xED, 0xF4, 0xB7, 0xB2, 
+	0xFB, 0xFC, 0x30, 0x4B, 0x55, 0x1D, 0xE3, 0x2F, 0x01, 0x47, 
+	0x96, 0x69, 0x05, 0xCD, 0x0E, 0x2E, 0x2C, 0xBD, 0x83, 0x63, 
+	0xB6, 0xAB, 0x7C, 0xB7, 0x6D, 0xCA, 0x5B, 0x64, 0xA7, 0xCE, 
+	0xBE, 0x86, 0xDF, 0x3B, 0x53, 0xDE, 0x61, 0xD2, 0x1E, 0xEB, 
+	0xA5, 0xF6, 0x37, 0xED, 0xAC, 0xAB, 0x78, 0xD9, 0x4C, 0xE7, 
+	0x55, 0xFB, 0xD7, 0x11, 0x99, 0xC1, 0x02, 0x40, 0x18, 0x98, 
+	0x18, 0x29, 0xE6, 0x1E, 0x27, 0x39, 0x70, 0x21, 0x68, 0xAC, 
+	0x0A, 0x2F, 0xA1, 0x72, 0xC1, 0x21, 0x86, 0x95, 0x38, 0xC6, 
+	0x58, 0x90, 0xA0, 0x57, 0x9C, 0xBA, 0xE3, 0xA7, 0xB1, 0x15, 
+	0xC8, 0xDE, 0xF6, 0x1B, 0xC2, 0x61, 0x23, 0x76, 0xEF, 0xB0, 
+	0x9D, 0x1C, 0x44, 0xBE, 0x13, 0x43, 0x39, 0x67, 0x17, 0xC8, 
+	0x9D, 0xCA, 0xFB, 0xF5, 0x45, 0x64, 0x8B, 0x38, 0x82, 0x2C, 
+	0xF2, 0x81, 0x02, 0x40, 0x39, 0x89, 0xE5, 0x9C, 0x19, 0x55, 
+	0x30, 0xBA, 0xB7, 0x48, 0x8C, 0x48, 0x14, 0x0E, 0xF4, 0x9F, 
+	0x7E, 0x77, 0x97, 0x43, 0xE1, 0xB4, 0x19, 0x35, 0x31, 0x23, 
+	0x75, 0x9C, 0x3B, 0x44, 0xAD, 0x69, 0x12, 0x56, 0xEE, 0x00, 
+	0x61, 0x64, 0x16, 0x66, 0xD3, 0x7C, 0x74, 0x2B, 0x15, 0xB4, 
+	0xA2, 0xFE, 0xBF, 0x08, 0x6B, 0x1A, 0x5D, 0x3F, 0x90, 0x12, 
+	0xB1, 0x05, 0x86, 0x31, 0x29, 0xDB, 0xD9, 0xE2
+};
+const int sizeof_client_key_der_1024 = sizeof(client_key_der_1024);
+
+/* ./certs/1024/client-cert.der, 1024-bit */
+const unsigned char client_cert_der_1024[] =
+{
+	0x30, 0x82, 0x03, 0xA5, 0x30, 0x82, 0x03, 0x0E, 0xA0, 0x03, 
+	0x02, 0x01, 0x02, 0x02, 0x09, 0x00, 0xE8, 0xFF, 0xC9, 0x07, 
+	0xB8, 0xF7, 0x48, 0x52, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 
+	0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x05, 0x05, 0x00, 0x30, 
+	0x81, 0x94, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 
+	0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 
+	0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 
+	0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 
+	0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 
+	0x6E, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x0A, 
+	0x0C, 0x07, 0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x31, 
+	0x14, 0x30, 0x12, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x0B, 
+	0x50, 0x72, 0x6F, 0x67, 0x72, 0x61, 0x6D, 0x6D, 0x69, 0x6E, 
+	0x67, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 
+	0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 
+	0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 
+	0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 
+	0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 
+	0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 
+	0x30, 0x1E, 0x17, 0x0D, 0x31, 0x35, 0x30, 0x32, 0x30, 0x35, 
+	0x30, 0x36, 0x33, 0x33, 0x33, 0x30, 0x5A, 0x17, 0x0D, 0x31, 
+	0x37, 0x31, 0x31, 0x30, 0x31, 0x30, 0x36, 0x33, 0x33, 0x33, 
+	0x30, 0x5A, 0x30, 0x81, 0x94, 0x31, 0x0B, 0x30, 0x09, 0x06, 
+	0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 
+	0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 
+	0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 
+	0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, 
+	0x65, 0x6D, 0x61, 0x6E, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 
+	0x55, 0x04, 0x0A, 0x0C, 0x07, 0x77, 0x6F, 0x6C, 0x66, 0x53, 
+	0x53, 0x4C, 0x31, 0x14, 0x30, 0x12, 0x06, 0x03, 0x55, 0x04, 
+	0x0B, 0x0C, 0x0B, 0x50, 0x72, 0x6F, 0x67, 0x72, 0x61, 0x6D, 
+	0x6D, 0x69, 0x6E, 0x67, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 
+	0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 
+	0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 
+	0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 
+	0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 
+	0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 
+	0x63, 0x6F, 0x6D, 0x30, 0x81, 0x9F, 0x30, 0x0D, 0x06, 0x09, 
+	0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, 0x05, 
+	0x00, 0x03, 0x81, 0x8D, 0x00, 0x30, 0x81, 0x89, 0x02, 0x81, 
+	0x81, 0x00, 0xBC, 0x73, 0x0E, 0xA8, 0x49, 0xF3, 0x74, 0xA2, 
+	0xA9, 0xEF, 0x18, 0xA5, 0xDA, 0x55, 0x99, 0x21, 0xF9, 0xC8, 
+	0xEC, 0xB3, 0x6D, 0x48, 0xE5, 0x35, 0x35, 0x75, 0x77, 0x37, 
+	0xEC, 0xD1, 0x61, 0x90, 0x5F, 0x3E, 0xD9, 0xE4, 0xD5, 0xDF, 
+	0x94, 0xCA, 0xC1, 0xA9, 0xD7, 0x19, 0xDA, 0x86, 0xC9, 0xE8, 
+	0x4D, 0xC4, 0x61, 0x36, 0x82, 0xFE, 0xAB, 0xAD, 0x7E, 0x77, 
+	0x25, 0xBB, 0x8D, 0x11, 0xA5, 0xBC, 0x62, 0x3A, 0xA8, 0x38, 
+	0xCC, 0x39, 0xA2, 0x04, 0x66, 0xB4, 0xF7, 0xF7, 0xF3, 0xAA, 
+	0xDA, 0x4D, 0x02, 0x0E, 0xBB, 0x5E, 0x8D, 0x69, 0x48, 0xDC, 
+	0x77, 0xC9, 0x28, 0x0E, 0x22, 0xE9, 0x6B, 0xA4, 0x26, 0xBA, 
+	0x4C, 0xE8, 0xC1, 0xFD, 0x4A, 0x6F, 0x2B, 0x1F, 0xEF, 0x8A, 
+	0xAE, 0xF6, 0x90, 0x62, 0xE5, 0x64, 0x1E, 0xEB, 0x2B, 0x3C, 
+	0x67, 0xC8, 0xDC, 0x27, 0x00, 0xF6, 0x91, 0x68, 0x65, 0xA9, 
+	0x02, 0x03, 0x01, 0x00, 0x01, 0xA3, 0x81, 0xFC, 0x30, 0x81, 
+	0xF9, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, 0x04, 0x16, 
+	0x04, 0x14, 0x81, 0x69, 0x0F, 0xF8, 0xDF, 0xDD, 0xCF, 0x34, 
+	0x29, 0xD5, 0x67, 0x75, 0x71, 0x85, 0xC7, 0x75, 0x10, 0x69, 
+	0x59, 0xEC, 0x30, 0x81, 0xC9, 0x06, 0x03, 0x55, 0x1D, 0x23, 
+	0x04, 0x81, 0xC1, 0x30, 0x81, 0xBE, 0x80, 0x14, 0x81, 0x69, 
+	0x0F, 0xF8, 0xDF, 0xDD, 0xCF, 0x34, 0x29, 0xD5, 0x67, 0x75, 
+	0x71, 0x85, 0xC7, 0x75, 0x10, 0x69, 0x59, 0xEC, 0xA1, 0x81, 
+	0x9A, 0xA4, 0x81, 0x97, 0x30, 0x81, 0x94, 0x31, 0x0B, 0x30, 
+	0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 
+	0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 
+	0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 
+	0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 
+	0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x10, 0x30, 0x0E, 
+	0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x07, 0x77, 0x6F, 0x6C, 
+	0x66, 0x53, 0x53, 0x4C, 0x31, 0x14, 0x30, 0x12, 0x06, 0x03, 
+	0x55, 0x04, 0x0B, 0x0C, 0x0B, 0x50, 0x72, 0x6F, 0x67, 0x72, 
+	0x61, 0x6D, 0x6D, 0x69, 0x6E, 0x67, 0x31, 0x18, 0x30, 0x16, 
+	0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 
+	0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 
+	0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 
+	0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 
+	0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 
+	0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x09, 0x00, 0xE8, 0xFF, 
+	0xC9, 0x07, 0xB8, 0xF7, 0x48, 0x52, 0x30, 0x0C, 0x06, 0x03, 
+	0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0xFF, 
+	0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 
+	0x01, 0x01, 0x05, 0x05, 0x00, 0x03, 0x81, 0x81, 0x00, 0x70, 
+	0xBE, 0xFB, 0x3C, 0x29, 0x5D, 0x53, 0xBA, 0x96, 0xBC, 0xCB, 
+	0x7E, 0x82, 0xA9, 0x2C, 0xEF, 0xEE, 0x3B, 0xF0, 0xE8, 0xF4, 
+	0x01, 0x78, 0x50, 0x51, 0x55, 0x1B, 0x47, 0x9B, 0xDC, 0x5A, 
+	0x10, 0xE6, 0x39, 0x84, 0x9A, 0xA1, 0x2D, 0x03, 0xCC, 0xB3, 
+	0x16, 0xE9, 0x32, 0x26, 0x97, 0x3D, 0x0F, 0xEC, 0xC9, 0x4F, 
+	0x11, 0x08, 0x31, 0xA3, 0x1C, 0x1F, 0x37, 0xD3, 0x00, 0x04, 
+	0x42, 0xCC, 0xC9, 0x34, 0x14, 0x3A, 0xE1, 0xF2, 0xF9, 0xBE, 
+	0x2E, 0xBF, 0x64, 0x47, 0x3E, 0x46, 0x95, 0x09, 0xA5, 0x3B, 
+	0x4C, 0x4A, 0x7B, 0x23, 0x0E, 0x3C, 0x54, 0x01, 0xD4, 0x55, 
+	0xFA, 0x53, 0xF0, 0x65, 0x6E, 0x68, 0x4B, 0xCC, 0xE3, 0x83, 
+	0x5F, 0xFE, 0x9E, 0xC8, 0xE7, 0xF6, 0xE1, 0xC8, 0x88, 0xBB, 
+	0xB9, 0x24, 0xF6, 0x0A, 0x18, 0x20, 0x44, 0xCB, 0x78, 0x2E, 
+	0x77, 0x3F, 0xBF, 0x22, 0xEF, 0xBC, 0xB4
+};
+const int sizeof_client_cert_der_1024 = sizeof(client_cert_der_1024);
+
+/* ./certs/1024/dh1024.der, 1024-bit */
+const unsigned char dh_key_der_1024[] =
+{
+	0x30, 0x81, 0x87, 0x02, 0x81, 0x81, 0x00, 0xA4, 0xD2, 0xB8, 
+	0x6E, 0x78, 0xF5, 0xD9, 0xED, 0x2D, 0x7C, 0xDD, 0xB6, 0x16, 
+	0x86, 0x5A, 0x4B, 0x05, 0x76, 0x90, 0xDD, 0x66, 0x61, 0xB9, 
+	0x6D, 0x52, 0xA7, 0x1C, 0xAF, 0x62, 0xC6, 0x69, 0x47, 0x7B, 
+	0x39, 0xF2, 0xFB, 0x94, 0xEC, 0xBC, 0x79, 0xFF, 0x24, 0x5E, 
+	0xEF, 0x79, 0xBB, 0x59, 0xB2, 0xFC, 0xCA, 0x07, 0xD6, 0xF4, 
+	0xE9, 0x34, 0xF7, 0xE8, 0x38, 0xE7, 0xD7, 0x33, 0x44, 0x1D, 
+	0xA3, 0x64, 0x76, 0x1A, 0x84, 0x97, 0x54, 0x74, 0x40, 0x84, 
+	0x1F, 0x15, 0xFE, 0x7C, 0x25, 0x2A, 0x2B, 0x25, 0xFD, 0x9E, 
+	0xC1, 0x89, 0x33, 0x8C, 0x39, 0x25, 0x2B, 0x40, 0xE6, 0xCD, 
+	0xF8, 0xA8, 0xA1, 0x8A, 0x53, 0xC6, 0x47, 0xB2, 0xA0, 0xD7, 
+	0x8F, 0xEB, 0x2E, 0x60, 0x0A, 0x0D, 0x4B, 0xF8, 0xB4, 0x94, 
+	0x8C, 0x63, 0x0A, 0xAD, 0xC7, 0x10, 0xEA, 0xC7, 0xA1, 0xB9, 
+	0x9D, 0xF2, 0xA8, 0x37, 0x73, 0x02, 0x01, 0x02
+};
+const int sizeof_dh_key_der_1024 = sizeof(dh_key_der_1024);
+
+/* ./certs/1024/dsa1024.der, 1024-bit */
+const unsigned char dsa_key_der_1024[] =
+{
+	0x30, 0x82, 0x01, 0xBC, 0x02, 0x01, 0x00, 0x02, 0x81, 0x81, 
+	0x00, 0xF7, 0x4B, 0xF9, 0xBB, 0x15, 0x98, 0xEB, 0xDD, 0xDE, 
+	0x1E, 0x4E, 0x71, 0x88, 0x85, 0xF2, 0xB7, 0xBA, 0xE2, 0x4A, 
+	0xDA, 0x76, 0x40, 0xCD, 0x69, 0x48, 0x9E, 0x83, 0x7C, 0x11, 
+	0xF7, 0x65, 0x31, 0x78, 0xF5, 0x25, 0x2D, 0xF7, 0xB7, 0xF8, 
+	0x52, 0x3F, 0xBE, 0xD8, 0xB6, 0xC5, 0xFE, 0x18, 0x15, 0x5B, 
+	0xB9, 0xD5, 0x92, 0x86, 0xBC, 0xB2, 0x17, 0x7C, 0xD8, 0xB0, 
+	0xBE, 0xA0, 0x7C, 0xF2, 0xD5, 0x73, 0x7A, 0x58, 0x8F, 0x8D, 
+	0xE5, 0x4A, 0x00, 0x99, 0x83, 0x4A, 0xC0, 0x9E, 0x16, 0x09, 
+	0xA1, 0x10, 0x34, 0xD5, 0x19, 0xBB, 0x63, 0xE3, 0xDD, 0x83, 
+	0x74, 0x7F, 0x10, 0xCA, 0x73, 0x75, 0xEE, 0x31, 0x4A, 0xDD, 
+	0x9F, 0xE0, 0x02, 0x6A, 0x9D, 0xEE, 0xB2, 0x4B, 0xA7, 0x6B, 
+	0x2A, 0x6C, 0xC7, 0x86, 0x77, 0xE8, 0x04, 0x15, 0xDC, 0x92, 
+	0xB4, 0x7A, 0x29, 0x1F, 0x4E, 0x83, 0x63, 0x85, 0x55, 0x02, 
+	0x15, 0x00, 0xD2, 0x05, 0xE4, 0x73, 0xFB, 0xC1, 0x99, 0xC5, 
+	0xDC, 0x68, 0xA4, 0x8D, 0x92, 0x27, 0x3D, 0xE2, 0x52, 0x5F, 
+	0x89, 0x8B, 0x02, 0x81, 0x81, 0x00, 0xAA, 0x21, 0x02, 0x09, 
+	0x43, 0x6E, 0xFB, 0xA2, 0x54, 0x14, 0x85, 0x0A, 0xF4, 0x28, 
+	0x7C, 0xCB, 0xCC, 0xDB, 0xF5, 0x1E, 0xA2, 0x18, 0xA9, 0x21, 
+	0xDE, 0x88, 0x88, 0x33, 0x8C, 0x2E, 0xEB, 0x8D, 0xA3, 0xF0, 
+	0x1D, 0xC8, 0x8F, 0xF6, 0x7E, 0xF8, 0xCF, 0x12, 0xF5, 0xB4, 
+	0xA1, 0x11, 0x6F, 0x0C, 0xD4, 0xF0, 0x06, 0xAD, 0xC4, 0xFC, 
+	0x14, 0x45, 0xC7, 0x94, 0x15, 0xBC, 0x19, 0x4B, 0xAE, 0xEF, 
+	0x93, 0x6A, 0x4F, 0xCC, 0x14, 0xD8, 0x47, 0x8B, 0x39, 0x66, 
+	0x87, 0x02, 0xD4, 0x28, 0x0A, 0xB8, 0xEE, 0x09, 0x37, 0xF4, 
+	0x00, 0xA0, 0x04, 0xA7, 0x79, 0xA7, 0xD2, 0x3C, 0xF7, 0x34, 
+	0x43, 0x56, 0x8E, 0xD0, 0x7C, 0xC2, 0xD8, 0x4D, 0x0F, 0x89, 
+	0xED, 0x14, 0xC1, 0x2C, 0x9C, 0x4C, 0x19, 0x9B, 0x9E, 0xDC, 
+	0x53, 0x09, 0x9F, 0xDF, 0x2D, 0xF0, 0x0C, 0x27, 0x54, 0x3A, 
+	0x77, 0x14, 0x2D, 0xDE, 0x02, 0x81, 0x81, 0x00, 0xE8, 0x1F, 
+	0x7C, 0xB7, 0xC0, 0x54, 0x51, 0xA7, 0x28, 0x2D, 0x58, 0x7C, 
+	0xDE, 0xD4, 0x5C, 0xDD, 0xD5, 0x76, 0x84, 0x3C, 0x36, 0x20, 
+	0xC0, 0xC3, 0x25, 0xD7, 0x3A, 0x38, 0xE1, 0x54, 0xC8, 0xFD, 
+	0x40, 0x68, 0x1A, 0x21, 0x54, 0x26, 0x39, 0x14, 0xBF, 0xF6, 
+	0xA3, 0x9C, 0x5E, 0xD9, 0x2B, 0xF7, 0xC9, 0x25, 0xBA, 0x00, 
+	0x09, 0xCB, 0x7F, 0x0C, 0x4A, 0x24, 0xFD, 0x15, 0x16, 0x15, 
+	0x48, 0xCD, 0x0B, 0x52, 0x44, 0x40, 0x7B, 0x90, 0x63, 0x2B, 
+	0x90, 0x22, 0xC5, 0x18, 0x05, 0x80, 0x53, 0xAF, 0x83, 0x1F, 
+	0x54, 0xE2, 0xB0, 0xA2, 0x0B, 0x5A, 0x92, 0x24, 0xE1, 0x62, 
+	0x28, 0x3F, 0xB7, 0xCA, 0xB9, 0x89, 0xD6, 0xA0, 0xB7, 0xAD, 
+	0xAE, 0x05, 0xE1, 0xC1, 0x59, 0x40, 0xED, 0x4A, 0x1B, 0x68, 
+	0xA7, 0x7B, 0xFB, 0xC3, 0x20, 0x81, 0xEF, 0x4B, 0xF3, 0x69, 
+	0x91, 0xB0, 0xCE, 0x3A, 0xB0, 0x38, 0x02, 0x14, 0x25, 0x38, 
+	0x3B, 0xA1, 0x19, 0x75, 0xDF, 0x9B, 0xF5, 0x72, 0x53, 0x4F, 
+	0x39, 0xE1, 0x1C, 0xEC, 0x13, 0x84, 0x82, 0x18
+};
+const int sizeof_dsa_key_der_1024 = sizeof(dsa_key_der_1024);
+
+/* ./certs/1024/rsa1024.der, 1024-bit */
+const unsigned char rsa_key_der_1024[] =
+{
+	0x30, 0x82, 0x02, 0x5D, 0x02, 0x01, 0x00, 0x02, 0x81, 0x81, 
+	0x00, 0xBE, 0x70, 0x70, 0xB8, 0x04, 0x18, 0xE5, 0x28, 0xFE, 
+	0x66, 0xD8, 0x90, 0x88, 0xE0, 0xF1, 0xB7, 0xC3, 0xD0, 0xD2, 
+	0x3E, 0xE6, 0x4B, 0x94, 0x74, 0xB0, 0xFF, 0xB0, 0xF7, 0x63, 
+	0xA5, 0xAB, 0x7E, 0xAF, 0xB6, 0x2B, 0xB7, 0x38, 0x16, 0x1A, 
+	0x50, 0xBF, 0xF1, 0xCA, 0x87, 0x3A, 0xD5, 0xB0, 0xDA, 0xF8, 
+	0x43, 0x7A, 0x15, 0xB9, 0x7E, 0xEA, 0x2A, 0x80, 0xD2, 0x51, 
+	0xB0, 0x35, 0xAF, 0x07, 0xF3, 0xF2, 0x5D, 0x24, 0x3A, 0x4B, 
+	0x87, 0x56, 0x48, 0x1B, 0x3C, 0x24, 0x9A, 0xDA, 0x70, 0x80, 
+	0xBD, 0x3C, 0x8B, 0x03, 0x4A, 0x0C, 0x83, 0x71, 0xDE, 0xE3, 
+	0x03, 0x70, 0xA2, 0xB7, 0x60, 0x09, 0x1B, 0x5E, 0xC7, 0x3D, 
+	0xA0, 0x64, 0x60, 0xE3, 0xA9, 0x06, 0x8D, 0xD3, 0xFF, 0x42, 
+	0xBB, 0x0A, 0x94, 0x27, 0x2D, 0x57, 0x42, 0x0D, 0xB0, 0x2D, 
+	0xE0, 0xBA, 0x18, 0x25, 0x60, 0x92, 0x11, 0x92, 0xF3, 0x02, 
+	0x03, 0x01, 0x00, 0x01, 0x02, 0x81, 0x80, 0x0E, 0xEE, 0x1D, 
+	0xC8, 0x2F, 0x7A, 0x0C, 0x2D, 0x44, 0x94, 0xA7, 0x91, 0xDD, 
+	0x49, 0x55, 0x6A, 0x04, 0xCE, 0x10, 0x4D, 0xA2, 0x1C, 0x76, 
+	0xCD, 0x17, 0x3B, 0x54, 0x92, 0x70, 0x9B, 0x82, 0x70, 0x72, 
+	0x32, 0x24, 0x07, 0x3F, 0x3C, 0x6C, 0x5F, 0xBC, 0x4C, 0xA6, 
+	0x86, 0x27, 0x94, 0xAD, 0x42, 0xDD, 0x87, 0xDC, 0xC0, 0x6B, 
+	0x44, 0x89, 0xF3, 0x3F, 0x1A, 0x3E, 0x11, 0x44, 0x84, 0x2E, 
+	0x69, 0x4C, 0xBB, 0x4A, 0x71, 0x1A, 0xBB, 0x9A, 0x52, 0x3C, 
+	0x6B, 0xDE, 0xBC, 0xB2, 0x7C, 0x51, 0xEF, 0x4F, 0x8F, 0x3A, 
+	0xDC, 0x50, 0x04, 0x4E, 0xB6, 0x31, 0x66, 0xA8, 0x8E, 0x06, 
+	0x3B, 0x51, 0xA9, 0xC1, 0x8A, 0xCB, 0xC4, 0x81, 0xCA, 0x2D, 
+	0x69, 0xEC, 0x88, 0xFC, 0x33, 0x88, 0xD1, 0xD4, 0x29, 0x47, 
+	0x87, 0x37, 0xF9, 0x6A, 0x22, 0x69, 0xB9, 0xC9, 0xFE, 0xEB, 
+	0x8C, 0xC5, 0x21, 0x41, 0x71, 0x02, 0x41, 0x00, 0xFD, 0x17, 
+	0x98, 0x42, 0x54, 0x1C, 0x23, 0xF8, 0xD7, 0x5D, 0xEF, 0x49, 
+	0x4F, 0xAF, 0xD9, 0x35, 0x6F, 0x08, 0xC6, 0xC7, 0x40, 0x5C, 
+	0x7E, 0x58, 0x86, 0xC2, 0xB2, 0x16, 0x39, 0x24, 0xC5, 0x06, 
+	0xB0, 0x3D, 0xAF, 0x02, 0xD2, 0x87, 0x77, 0xD2, 0x76, 0xBA, 
+	0xE3, 0x59, 0x60, 0x42, 0xF1, 0x16, 0xEF, 0x33, 0x0B, 0xF2, 
+	0x0B, 0xBA, 0x99, 0xCC, 0xB6, 0x4C, 0x46, 0x3F, 0x33, 0xE4, 
+	0xD4, 0x67, 0x02, 0x41, 0x00, 0xC0, 0xA0, 0x91, 0x6D, 0xFE, 
+	0x28, 0xE0, 0x81, 0x5A, 0x15, 0xA7, 0xC9, 0xA8, 0x98, 0xC6, 
+	0x0A, 0xAB, 0x00, 0xC5, 0x40, 0xC9, 0x21, 0xBB, 0xB2, 0x33, 
+	0x5A, 0xA7, 0xCB, 0x6E, 0xB8, 0x08, 0x56, 0x4A, 0x76, 0x28, 
+	0xE8, 0x6D, 0xBD, 0xF5, 0x26, 0x7B, 0xBF, 0xC5, 0x46, 0x45, 
+	0x0D, 0xEC, 0x7D, 0xEE, 0x82, 0xD6, 0xCA, 0x5F, 0x3D, 0x6E, 
+	0xCC, 0x94, 0x73, 0xCD, 0xCE, 0x86, 0x6E, 0x95, 0x95, 0x02, 
+	0x40, 0x38, 0xFD, 0x28, 0x1E, 0xBF, 0x5B, 0xBA, 0xC9, 0xDC, 
+	0x8C, 0xDD, 0x45, 0xAF, 0xB8, 0xD3, 0xFB, 0x11, 0x2E, 0x73, 
+	0xBC, 0x08, 0x05, 0x0B, 0xBA, 0x19, 0x56, 0x1B, 0xCD, 0x9F, 
+	0x3E, 0x65, 0x53, 0x15, 0x3A, 0x3E, 0x7F, 0x2F, 0x32, 0xAB, 
+	0xCB, 0x6B, 0x4A, 0xB7, 0xC8, 0xB7, 0x41, 0x3B, 0x92, 0x43, 
+	0x78, 0x46, 0x17, 0x51, 0x86, 0xC9, 0xFC, 0xEB, 0x8B, 0x8F, 
+	0x41, 0xCA, 0x08, 0x9B, 0xBF, 0x02, 0x41, 0x00, 0xAD, 0x9B, 
+	0x89, 0xB6, 0xF2, 0x8C, 0x70, 0xDA, 0xE4, 0x10, 0x04, 0x6B, 
+	0x11, 0x92, 0xAF, 0x5A, 0xCA, 0x08, 0x25, 0xBF, 0x60, 0x07, 
+	0x11, 0x1D, 0x68, 0x7F, 0x5A, 0x1F, 0x55, 0x28, 0x74, 0x0B, 
+	0x21, 0x8D, 0x21, 0x0D, 0x6A, 0x6A, 0xFB, 0xD9, 0xB5, 0x4A, 
+	0x7F, 0x47, 0xF7, 0xD0, 0xB6, 0xC6, 0x41, 0x02, 0x97, 0x07, 
+	0x49, 0x93, 0x1A, 0x9B, 0x33, 0x68, 0xB3, 0xA2, 0x61, 0x32, 
+	0xA5, 0x89, 0x02, 0x41, 0x00, 0x8F, 0xEF, 0xAD, 0xB5, 0xB0, 
+	0xB0, 0x7E, 0x86, 0x03, 0x43, 0x93, 0x6E, 0xDD, 0x3C, 0x2D, 
+	0x9B, 0x6A, 0x55, 0xFF, 0x6F, 0x3E, 0x70, 0x2A, 0xD4, 0xBF, 
+	0x1F, 0x8C, 0x93, 0x60, 0x9E, 0x6D, 0x2F, 0x18, 0x6C, 0x11, 
+	0x36, 0x98, 0x3F, 0x10, 0x78, 0xE8, 0x3E, 0x8F, 0xFE, 0x55, 
+	0xB9, 0x9E, 0xD5, 0x5B, 0x2E, 0x87, 0x1C, 0x58, 0xD0, 0x37, 
+	0x89, 0x96, 0xEC, 0x48, 0x54, 0xF5, 0x9F, 0x0F, 0xB3
+};
+const int sizeof_rsa_key_der_1024 = sizeof(rsa_key_der_1024);
+
+#elif defined(USE_CERT_BUFFERS_2048)
+
+/* ./certs/client-key.der, 2048-bit */
+const unsigned char client_key_der_2048[] =
+{
+	0x30, 0x82, 0x04, 0xA4, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 
+	0x01, 0x00, 0xC3, 0x03, 0xD1, 0x2B, 0xFE, 0x39, 0xA4, 0x32, 
+	0x45, 0x3B, 0x53, 0xC8, 0x84, 0x2B, 0x2A, 0x7C, 0x74, 0x9A, 
+	0xBD, 0xAA, 0x2A, 0x52, 0x07, 0x47, 0xD6, 0xA6, 0x36, 0xB2, 
+	0x07, 0x32, 0x8E, 0xD0, 0xBA, 0x69, 0x7B, 0xC6, 0xC3, 0x44, 
+	0x9E, 0xD4, 0x81, 0x48, 0xFD, 0x2D, 0x68, 0xA2, 0x8B, 0x67, 
+	0xBB, 0xA1, 0x75, 0xC8, 0x36, 0x2C, 0x4A, 0xD2, 0x1B, 0xF7, 
+	0x8B, 0xBA, 0xCF, 0x0D, 0xF9, 0xEF, 0xEC, 0xF1, 0x81, 0x1E, 
+	0x7B, 0x9B, 0x03, 0x47, 0x9A, 0xBF, 0x65, 0xCC, 0x7F, 0x65, 
+	0x24, 0x69, 0xA6, 0xE8, 0x14, 0x89, 0x5B, 0xE4, 0x34, 0xF7, 
+	0xC5, 0xB0, 0x14, 0x93, 0xF5, 0x67, 0x7B, 0x3A, 0x7A, 0x78, 
+	0xE1, 0x01, 0x56, 0x56, 0x91, 0xA6, 0x13, 0x42, 0x8D, 0xD2, 
+	0x3C, 0x40, 0x9C, 0x4C, 0xEF, 0xD1, 0x86, 0xDF, 0x37, 0x51, 
+	0x1B, 0x0C, 0xA1, 0x3B, 0xF5, 0xF1, 0xA3, 0x4A, 0x35, 0xE4, 
+	0xE1, 0xCE, 0x96, 0xDF, 0x1B, 0x7E, 0xBF, 0x4E, 0x97, 0xD0, 
+	0x10, 0xE8, 0xA8, 0x08, 0x30, 0x81, 0xAF, 0x20, 0x0B, 0x43, 
+	0x14, 0xC5, 0x74, 0x67, 0xB4, 0x32, 0x82, 0x6F, 0x8D, 0x86, 
+	0xC2, 0x88, 0x40, 0x99, 0x36, 0x83, 0xBA, 0x1E, 0x40, 0x72, 
+	0x22, 0x17, 0xD7, 0x52, 0x65, 0x24, 0x73, 0xB0, 0xCE, 0xEF, 
+	0x19, 0xCD, 0xAE, 0xFF, 0x78, 0x6C, 0x7B, 0xC0, 0x12, 0x03, 
+	0xD4, 0x4E, 0x72, 0x0D, 0x50, 0x6D, 0x3B, 0xA3, 0x3B, 0xA3, 
+	0x99, 0x5E, 0x9D, 0xC8, 0xD9, 0x0C, 0x85, 0xB3, 0xD9, 0x8A, 
+	0xD9, 0x54, 0x26, 0xDB, 0x6D, 0xFA, 0xAC, 0xBB, 0xFF, 0x25, 
+	0x4C, 0xC4, 0xD1, 0x79, 0xF4, 0x71, 0xD3, 0x86, 0x40, 0x18, 
+	0x13, 0xB0, 0x63, 0xB5, 0x72, 0x4E, 0x30, 0xC4, 0x97, 0x84, 
+	0x86, 0x2D, 0x56, 0x2F, 0xD7, 0x15, 0xF7, 0x7F, 0xC0, 0xAE, 
+	0xF5, 0xFC, 0x5B, 0xE5, 0xFB, 0xA1, 0xBA, 0xD3, 0x02, 0x03, 
+	0x01, 0x00, 0x01, 0x02, 0x82, 0x01, 0x01, 0x00, 0xA2, 0xE6, 
+	0xD8, 0x5F, 0x10, 0x71, 0x64, 0x08, 0x9E, 0x2E, 0x6D, 0xD1, 
+	0x6D, 0x1E, 0x85, 0xD2, 0x0A, 0xB1, 0x8C, 0x47, 0xCE, 0x2C, 
+	0x51, 0x6A, 0xA0, 0x12, 0x9E, 0x53, 0xDE, 0x91, 0x4C, 0x1D, 
+	0x6D, 0xEA, 0x59, 0x7B, 0xF2, 0x77, 0xAA, 0xD9, 0xC6, 0xD9, 
+	0x8A, 0xAB, 0xD8, 0xE1, 0x16, 0xE4, 0x63, 0x26, 0xFF, 0xB5, 
+	0x6C, 0x13, 0x59, 0xB8, 0xE3, 0xA5, 0xC8, 0x72, 0x17, 0x2E, 
+	0x0C, 0x9F, 0x6F, 0xE5, 0x59, 0x3F, 0x76, 0x6F, 0x49, 0xB1, 
+	0x11, 0xC2, 0x5A, 0x2E, 0x16, 0x29, 0x0D, 0xDE, 0xB7, 0x8E, 
+	0xDC, 0x40, 0xD5, 0xA2, 0xEE, 0xE0, 0x1E, 0xA1, 0xF4, 0xBE, 
+	0x97, 0xDB, 0x86, 0x63, 0x96, 0x14, 0xCD, 0x98, 0x09, 0x60, 
+	0x2D, 0x30, 0x76, 0x9C, 0x3C, 0xCD, 0xE6, 0x88, 0xEE, 0x47, 
+	0x92, 0x79, 0x0B, 0x5A, 0x00, 0xE2, 0x5E, 0x5F, 0x11, 0x7C, 
+	0x7D, 0xF9, 0x08, 0xB7, 0x20, 0x06, 0x89, 0x2A, 0x5D, 0xFD, 
+	0x00, 0xAB, 0x22, 0xE1, 0xF0, 0xB3, 0xBC, 0x24, 0xA9, 0x5E, 
+	0x26, 0x0E, 0x1F, 0x00, 0x2D, 0xFE, 0x21, 0x9A, 0x53, 0x5B, 
+	0x6D, 0xD3, 0x2B, 0xAB, 0x94, 0x82, 0x68, 0x43, 0x36, 0xD8, 
+	0xF6, 0x2F, 0xC6, 0x22, 0xFC, 0xB5, 0x41, 0x5D, 0x0D, 0x33, 
+	0x60, 0xEA, 0xA4, 0x7D, 0x7E, 0xE8, 0x4B, 0x55, 0x91, 0x56, 
+	0xD3, 0x5C, 0x57, 0x8F, 0x1F, 0x94, 0x17, 0x2F, 0xAA, 0xDE, 
+	0xE9, 0x9E, 0xA8, 0xF4, 0xCF, 0x8A, 0x4C, 0x8E, 0xA0, 0xE4, 
+	0x56, 0x73, 0xB2, 0xCF, 0x4F, 0x86, 0xC5, 0x69, 0x3C, 0xF3, 
+	0x24, 0x20, 0x8B, 0x5C, 0x96, 0x0C, 0xFA, 0x6B, 0x12, 0x3B, 
+	0x9A, 0x67, 0xC1, 0xDF, 0xC6, 0x96, 0xB2, 0xA5, 0xD5, 0x92, 
+	0x0D, 0x9B, 0x09, 0x42, 0x68, 0x24, 0x10, 0x45, 0xD4, 0x50, 
+	0xE4, 0x17, 0x39, 0x48, 0xD0, 0x35, 0x8B, 0x94, 0x6D, 0x11, 
+	0xDE, 0x8F, 0xCA, 0x59, 0x02, 0x81, 0x81, 0x00, 0xEA, 0x24, 
+	0xA7, 0xF9, 0x69, 0x33, 0xE9, 0x71, 0xDC, 0x52, 0x7D, 0x88, 
+	0x21, 0x28, 0x2F, 0x49, 0xDE, 0xBA, 0x72, 0x16, 0xE9, 0xCC, 
+	0x47, 0x7A, 0x88, 0x0D, 0x94, 0x57, 0x84, 0x58, 0x16, 0x3A, 
+	0x81, 0xB0, 0x3F, 0xA2, 0xCF, 0xA6, 0x6C, 0x1E, 0xB0, 0x06, 
+	0x29, 0x00, 0x8F, 0xE7, 0x77, 0x76, 0xAC, 0xDB, 0xCA, 0xC7, 
+	0xD9, 0x5E, 0x9B, 0x3F, 0x26, 0x90, 0x52, 0xAE, 0xFC, 0x38, 
+	0x90, 0x00, 0x14, 0xBB, 0xB4, 0x0F, 0x58, 0x94, 0xE7, 0x2F, 
+	0x6A, 0x7E, 0x1C, 0x4F, 0x41, 0x21, 0xD4, 0x31, 0x59, 0x1F, 
+	0x4E, 0x8A, 0x1A, 0x8D, 0xA7, 0x57, 0x6C, 0x22, 0xD8, 0xE5, 
+	0xF4, 0x7E, 0x32, 0xA6, 0x10, 0xCB, 0x64, 0xA5, 0x55, 0x03, 
+	0x87, 0xA6, 0x27, 0x05, 0x8C, 0xC3, 0xD7, 0xB6, 0x27, 0xB2, 
+	0x4D, 0xBA, 0x30, 0xDA, 0x47, 0x8F, 0x54, 0xD3, 0x3D, 0x8B, 
+	0x84, 0x8D, 0x94, 0x98, 0x58, 0xA5, 0x02, 0x81, 0x81, 0x00, 
+	0xD5, 0x38, 0x1B, 0xC3, 0x8F, 0xC5, 0x93, 0x0C, 0x47, 0x0B, 
+	0x6F, 0x35, 0x92, 0xC5, 0xB0, 0x8D, 0x46, 0xC8, 0x92, 0x18, 
+	0x8F, 0xF5, 0x80, 0x0A, 0xF7, 0xEF, 0xA1, 0xFE, 0x80, 0xB9, 
+	0xB5, 0x2A, 0xBA, 0xCA, 0x18, 0xB0, 0x5D, 0xA5, 0x07, 0xD0, 
+	0x93, 0x8D, 0xD8, 0x9C, 0x04, 0x1C, 0xD4, 0x62, 0x8E, 0xA6, 
+	0x26, 0x81, 0x01, 0xFF, 0xCE, 0x8A, 0x2A, 0x63, 0x34, 0x35, 
+	0x40, 0xAA, 0x6D, 0x80, 0xDE, 0x89, 0x23, 0x6A, 0x57, 0x4D, 
+	0x9E, 0x6E, 0xAD, 0x93, 0x4E, 0x56, 0x90, 0x0B, 0x6D, 0x9D, 
+	0x73, 0x8B, 0x0C, 0xAE, 0x27, 0x3D, 0xDE, 0x4E, 0xF0, 0xAA, 
+	0xC5, 0x6C, 0x78, 0x67, 0x6C, 0x94, 0x52, 0x9C, 0x37, 0x67, 
+	0x6C, 0x2D, 0xEF, 0xBB, 0xAF, 0xDF, 0xA6, 0x90, 0x3C, 0xC4, 
+	0x47, 0xCF, 0x8D, 0x96, 0x9E, 0x98, 0xA9, 0xB4, 0x9F, 0xC5, 
+	0xA6, 0x50, 0xDC, 0xB3, 0xF0, 0xFB, 0x74, 0x17, 0x02, 0x81, 
+	0x80, 0x5E, 0x83, 0x09, 0x62, 0xBD, 0xBA, 0x7C, 0xA2, 0xBF, 
+	0x42, 0x74, 0xF5, 0x7C, 0x1C, 0xD2, 0x69, 0xC9, 0x04, 0x0D, 
+	0x85, 0x7E, 0x3E, 0x3D, 0x24, 0x12, 0xC3, 0x18, 0x7B, 0xF3, 
+	0x29, 0xF3, 0x5F, 0x0E, 0x76, 0x6C, 0x59, 0x75, 0xE4, 0x41, 
+	0x84, 0x69, 0x9D, 0x32, 0xF3, 0xCD, 0x22, 0xAB, 0xB0, 0x35, 
+	0xBA, 0x4A, 0xB2, 0x3C, 0xE5, 0xD9, 0x58, 0xB6, 0x62, 0x4F, 
+	0x5D, 0xDE, 0xE5, 0x9E, 0x0A, 0xCA, 0x53, 0xB2, 0x2C, 0xF7, 
+	0x9E, 0xB3, 0x6B, 0x0A, 0x5B, 0x79, 0x65, 0xEC, 0x6E, 0x91, 
+	0x4E, 0x92, 0x20, 0xF6, 0xFC, 0xFC, 0x16, 0xED, 0xD3, 0x76, 
+	0x0C, 0xE2, 0xEC, 0x7F, 0xB2, 0x69, 0x13, 0x6B, 0x78, 0x0E, 
+	0x5A, 0x46, 0x64, 0xB4, 0x5E, 0xB7, 0x25, 0xA0, 0x5A, 0x75, 
+	0x3A, 0x4B, 0xEF, 0xC7, 0x3C, 0x3E, 0xF7, 0xFD, 0x26, 0xB8, 
+	0x20, 0xC4, 0x99, 0x0A, 0x9A, 0x73, 0xBE, 0xC3, 0x19, 0x02, 
+	0x81, 0x81, 0x00, 0xBA, 0x44, 0x93, 0x14, 0xAC, 0x34, 0x19, 
+	0x3B, 0x5F, 0x91, 0x60, 0xAC, 0xF7, 0xB4, 0xD6, 0x81, 0x05, 
+	0x36, 0x51, 0x53, 0x3D, 0xE8, 0x65, 0xDC, 0xAF, 0x2E, 0xDC, 
+	0x61, 0x3E, 0xC9, 0x7D, 0xB8, 0x7F, 0x87, 0xF0, 0x3B, 0x9B, 
+	0x03, 0x82, 0x29, 0x37, 0xCE, 0x72, 0x4E, 0x11, 0xD5, 0xB1, 
+	0xC1, 0x0C, 0x07, 0xA0, 0x99, 0x91, 0x4A, 0x8D, 0x7F, 0xEC, 
+	0x79, 0xCF, 0xF1, 0x39, 0xB5, 0xE9, 0x85, 0xEC, 0x62, 0xF7, 
+	0xDA, 0x7D, 0xBC, 0x64, 0x4D, 0x22, 0x3C, 0x0E, 0xF2, 0xD6, 
+	0x51, 0xF5, 0x87, 0xD8, 0x99, 0xC0, 0x11, 0x20, 0x5D, 0x0F, 
+	0x29, 0xFD, 0x5B, 0xE2, 0xAE, 0xD9, 0x1C, 0xD9, 0x21, 0x56, 
+	0x6D, 0xFC, 0x84, 0xD0, 0x5F, 0xED, 0x10, 0x15, 0x1C, 0x18, 
+	0x21, 0xE7, 0xC4, 0x3D, 0x4B, 0xD7, 0xD0, 0x9E, 0x6A, 0x95, 
+	0xCF, 0x22, 0xC9, 0x03, 0x7B, 0x9E, 0xE3, 0x60, 0x01, 0xFC, 
+	0x2F, 0x02, 0x81, 0x80, 0x11, 0xD0, 0x4B, 0xCF, 0x1B, 0x67, 
+	0xB9, 0x9F, 0x10, 0x75, 0x47, 0x86, 0x65, 0xAE, 0x31, 0xC2, 
+	0xC6, 0x30, 0xAC, 0x59, 0x06, 0x50, 0xD9, 0x0F, 0xB5, 0x70, 
+	0x06, 0xF7, 0xF0, 0xD3, 0xC8, 0x62, 0x7C, 0xA8, 0xDA, 0x6E, 
+	0xF6, 0x21, 0x3F, 0xD3, 0x7F, 0x5F, 0xEA, 0x8A, 0xAB, 0x3F, 
+	0xD9, 0x2A, 0x5E, 0xF3, 0x51, 0xD2, 0xC2, 0x30, 0x37, 0xE3, 
+	0x2D, 0xA3, 0x75, 0x0D, 0x1E, 0x4D, 0x21, 0x34, 0xD5, 0x57, 
+	0x70, 0x5C, 0x89, 0xBF, 0x72, 0xEC, 0x4A, 0x6E, 0x68, 0xD5, 
+	0xCD, 0x18, 0x74, 0x33, 0x4E, 0x8C, 0x3A, 0x45, 0x8F, 0xE6, 
+	0x96, 0x40, 0xEB, 0x63, 0xF9, 0x19, 0x86, 0x3A, 0x51, 0xDD, 
+	0x89, 0x4B, 0xB0, 0xF3, 0xF9, 0x9F, 0x5D, 0x28, 0x95, 0x38, 
+	0xBE, 0x35, 0xAB, 0xCA, 0x5C, 0xE7, 0x93, 0x53, 0x34, 0xA1, 
+	0x45, 0x5D, 0x13, 0x39, 0x65, 0x42, 0x46, 0xA1, 0x9F, 0xCD, 
+	0xF5, 0xBF
+};
+const int sizeof_client_key_der_2048 = sizeof(client_key_der_2048);
+
+/* ./certs/client-cert.der, 2048-bit */
+const unsigned char client_cert_der_2048[] =
+{
+	0x30, 0x82, 0x04, 0xAA, 0x30, 0x82, 0x03, 0x92, 0xA0, 0x03, 
+	0x02, 0x01, 0x02, 0x02, 0x09, 0x00, 0xCD, 0x6C, 0xD6, 0x7E, 
+	0xC6, 0xEF, 0xF3, 0xDB, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 
+	0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x05, 0x05, 0x00, 0x30, 
+	0x81, 0x94, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 
+	0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 
+	0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 
+	0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 
+	0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 
+	0x6E, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x0A, 
+	0x0C, 0x07, 0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x31, 
+	0x14, 0x30, 0x12, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x0B, 
+	0x50, 0x72, 0x6F, 0x67, 0x72, 0x61, 0x6D, 0x6D, 0x69, 0x6E, 
+	0x67, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 
+	0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 
+	0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 
+	0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 
+	0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 
+	0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 
+	0x30, 0x1E, 0x17, 0x0D, 0x31, 0x35, 0x30, 0x32, 0x30, 0x35, 
+	0x30, 0x36, 0x33, 0x33, 0x33, 0x30, 0x5A, 0x17, 0x0D, 0x31, 
+	0x37, 0x31, 0x31, 0x30, 0x31, 0x30, 0x36, 0x33, 0x33, 0x33, 
+	0x30, 0x5A, 0x30, 0x81, 0x94, 0x31, 0x0B, 0x30, 0x09, 0x06, 
+	0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 
+	0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 
+	0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 
+	0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, 
+	0x65, 0x6D, 0x61, 0x6E, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 
+	0x55, 0x04, 0x0A, 0x0C, 0x07, 0x77, 0x6F, 0x6C, 0x66, 0x53, 
+	0x53, 0x4C, 0x31, 0x14, 0x30, 0x12, 0x06, 0x03, 0x55, 0x04, 
+	0x0B, 0x0C, 0x0B, 0x50, 0x72, 0x6F, 0x67, 0x72, 0x61, 0x6D, 
+	0x6D, 0x69, 0x6E, 0x67, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 
+	0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 
+	0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 
+	0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 
+	0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 
+	0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 
+	0x63, 0x6F, 0x6D, 0x30, 0x82, 0x01, 0x22, 0x30, 0x0D, 0x06, 
+	0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, 
+	0x05, 0x00, 0x03, 0x82, 0x01, 0x0F, 0x00, 0x30, 0x82, 0x01, 
+	0x0A, 0x02, 0x82, 0x01, 0x01, 0x00, 0xC3, 0x03, 0xD1, 0x2B, 
+	0xFE, 0x39, 0xA4, 0x32, 0x45, 0x3B, 0x53, 0xC8, 0x84, 0x2B, 
+	0x2A, 0x7C, 0x74, 0x9A, 0xBD, 0xAA, 0x2A, 0x52, 0x07, 0x47, 
+	0xD6, 0xA6, 0x36, 0xB2, 0x07, 0x32, 0x8E, 0xD0, 0xBA, 0x69, 
+	0x7B, 0xC6, 0xC3, 0x44, 0x9E, 0xD4, 0x81, 0x48, 0xFD, 0x2D, 
+	0x68, 0xA2, 0x8B, 0x67, 0xBB, 0xA1, 0x75, 0xC8, 0x36, 0x2C, 
+	0x4A, 0xD2, 0x1B, 0xF7, 0x8B, 0xBA, 0xCF, 0x0D, 0xF9, 0xEF, 
+	0xEC, 0xF1, 0x81, 0x1E, 0x7B, 0x9B, 0x03, 0x47, 0x9A, 0xBF, 
+	0x65, 0xCC, 0x7F, 0x65, 0x24, 0x69, 0xA6, 0xE8, 0x14, 0x89, 
+	0x5B, 0xE4, 0x34, 0xF7, 0xC5, 0xB0, 0x14, 0x93, 0xF5, 0x67, 
+	0x7B, 0x3A, 0x7A, 0x78, 0xE1, 0x01, 0x56, 0x56, 0x91, 0xA6, 
+	0x13, 0x42, 0x8D, 0xD2, 0x3C, 0x40, 0x9C, 0x4C, 0xEF, 0xD1, 
+	0x86, 0xDF, 0x37, 0x51, 0x1B, 0x0C, 0xA1, 0x3B, 0xF5, 0xF1, 
+	0xA3, 0x4A, 0x35, 0xE4, 0xE1, 0xCE, 0x96, 0xDF, 0x1B, 0x7E, 
+	0xBF, 0x4E, 0x97, 0xD0, 0x10, 0xE8, 0xA8, 0x08, 0x30, 0x81, 
+	0xAF, 0x20, 0x0B, 0x43, 0x14, 0xC5, 0x74, 0x67, 0xB4, 0x32, 
+	0x82, 0x6F, 0x8D, 0x86, 0xC2, 0x88, 0x40, 0x99, 0x36, 0x83, 
+	0xBA, 0x1E, 0x40, 0x72, 0x22, 0x17, 0xD7, 0x52, 0x65, 0x24, 
+	0x73, 0xB0, 0xCE, 0xEF, 0x19, 0xCD, 0xAE, 0xFF, 0x78, 0x6C, 
+	0x7B, 0xC0, 0x12, 0x03, 0xD4, 0x4E, 0x72, 0x0D, 0x50, 0x6D, 
+	0x3B, 0xA3, 0x3B, 0xA3, 0x99, 0x5E, 0x9D, 0xC8, 0xD9, 0x0C, 
+	0x85, 0xB3, 0xD9, 0x8A, 0xD9, 0x54, 0x26, 0xDB, 0x6D, 0xFA, 
+	0xAC, 0xBB, 0xFF, 0x25, 0x4C, 0xC4, 0xD1, 0x79, 0xF4, 0x71, 
+	0xD3, 0x86, 0x40, 0x18, 0x13, 0xB0, 0x63, 0xB5, 0x72, 0x4E, 
+	0x30, 0xC4, 0x97, 0x84, 0x86, 0x2D, 0x56, 0x2F, 0xD7, 0x15, 
+	0xF7, 0x7F, 0xC0, 0xAE, 0xF5, 0xFC, 0x5B, 0xE5, 0xFB, 0xA1, 
+	0xBA, 0xD3, 0x02, 0x03, 0x01, 0x00, 0x01, 0xA3, 0x81, 0xFC, 
+	0x30, 0x81, 0xF9, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, 
+	0x04, 0x16, 0x04, 0x14, 0x33, 0xD8, 0x45, 0x66, 0xD7, 0x68, 
+	0x87, 0x18, 0x7E, 0x54, 0x0D, 0x70, 0x27, 0x91, 0xC7, 0x26, 
+	0xD7, 0x85, 0x65, 0xC0, 0x30, 0x81, 0xC9, 0x06, 0x03, 0x55, 
+	0x1D, 0x23, 0x04, 0x81, 0xC1, 0x30, 0x81, 0xBE, 0x80, 0x14, 
+	0x33, 0xD8, 0x45, 0x66, 0xD7, 0x68, 0x87, 0x18, 0x7E, 0x54, 
+	0x0D, 0x70, 0x27, 0x91, 0xC7, 0x26, 0xD7, 0x85, 0x65, 0xC0, 
+	0xA1, 0x81, 0x9A, 0xA4, 0x81, 0x97, 0x30, 0x81, 0x94, 0x31, 
+	0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 
+	0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 
+	0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 
+	0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 
+	0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x10, 
+	0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x07, 0x77, 
+	0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x31, 0x14, 0x30, 0x12, 
+	0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x0B, 0x50, 0x72, 0x6F, 
+	0x67, 0x72, 0x61, 0x6D, 0x6D, 0x69, 0x6E, 0x67, 0x31, 0x18, 
+	0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 
+	0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 
+	0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 
+	0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 
+	0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 
+	0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x09, 0x00, 
+	0xCD, 0x6C, 0xD6, 0x7E, 0xC6, 0xEF, 0xF3, 0xDB, 0x30, 0x0C, 
+	0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, 
+	0x01, 0xFF, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 
+	0xF7, 0x0D, 0x01, 0x01, 0x05, 0x05, 0x00, 0x03, 0x82, 0x01, 
+	0x01, 0x00, 0x7E, 0x41, 0x65, 0x73, 0xCD, 0x18, 0x5A, 0x2F, 
+	0x4D, 0xAB, 0xFE, 0x5A, 0x3C, 0x37, 0x63, 0x82, 0x3D, 0x2E, 
+	0x8A, 0xA2, 0x02, 0xC9, 0xBD, 0xEE, 0xCD, 0xA7, 0xF7, 0xC4, 
+	0x3B, 0x47, 0x33, 0x1B, 0x10, 0x41, 0x7F, 0x27, 0x75, 0xFF, 
+	0x76, 0x79, 0xA6, 0x08, 0x15, 0x00, 0xF9, 0x86, 0xDF, 0x91, 
+	0xB2, 0xCC, 0x99, 0xFA, 0xFE, 0xB9, 0xEB, 0x93, 0x55, 0xE9, 
+	0x01, 0xD0, 0x77, 0xE0, 0xD8, 0x6E, 0xB3, 0xD9, 0xA3, 0x26, 
+	0x06, 0x25, 0xE1, 0xE9, 0x8B, 0x7C, 0xFE, 0x5D, 0xD7, 0x39, 
+	0x5A, 0xC2, 0xF7, 0xE2, 0xF6, 0xDE, 0x6A, 0x76, 0x02, 0x18, 
+	0x7E, 0x16, 0xD0, 0xD0, 0xD3, 0x09, 0x8C, 0x92, 0x38, 0xA2, 
+	0xCA, 0x7E, 0xA8, 0xB9, 0xCC, 0x08, 0x4C, 0xF0, 0x59, 0xAA, 
+	0x25, 0x35, 0xB9, 0xD3, 0xAA, 0x1C, 0x10, 0x1C, 0xDC, 0x0B, 
+	0xD5, 0x61, 0xFC, 0x9C, 0xF1, 0x95, 0xF1, 0xCE, 0x47, 0xFD, 
+	0x56, 0xA0, 0x3C, 0xC1, 0x4D, 0xCA, 0x54, 0xCC, 0x00, 0x2F, 
+	0x3E, 0x75, 0x8E, 0x17, 0x40, 0x14, 0x49, 0x01, 0xBB, 0xA5, 
+	0xFB, 0x52, 0x0A, 0xBF, 0xBB, 0x09, 0x21, 0xD4, 0xA6, 0x33, 
+	0x58, 0x28, 0xEE, 0x33, 0xDC, 0xFE, 0xF8, 0x76, 0xC4, 0xF4, 
+	0x8E, 0xBB, 0x67, 0x68, 0x97, 0x5B, 0xC6, 0x7A, 0x23, 0x85, 
+	0xDD, 0x6A, 0x8E, 0x8C, 0x02, 0x05, 0x1D, 0xEE, 0xE2, 0x3D, 
+	0xB4, 0x9C, 0xBB, 0x63, 0x6E, 0x31, 0x5D, 0x5B, 0x8D, 0xBD, 
+	0x3C, 0x17, 0xDA, 0xC9, 0x3A, 0xA0, 0x39, 0x1F, 0xDE, 0x8A, 
+	0xCC, 0x1E, 0x7D, 0x72, 0x25, 0x3B, 0x56, 0xFF, 0x8B, 0xBB, 
+	0xAF, 0x5A, 0xA7, 0x64, 0x2C, 0xF8, 0xA0, 0xC4, 0xF2, 0x70, 
+	0x57, 0xF0, 0xCF, 0x38, 0x48, 0x7C, 0x6C, 0xA2, 0x6A, 0xE2, 
+	0x55, 0xF4, 0xCF, 0xA9, 0x21, 0xB7, 0x3E, 0x42, 0xE1, 0xD8, 
+	0x11, 0x57, 0xE5, 0x40, 0xF1, 0x66, 0x95, 0xDF
+};
+const int sizeof_client_cert_der_2048 = sizeof(client_cert_der_2048);
+
+/* ./certs/dh2048.der, 2048-bit */
+const unsigned char dh_key_der_2048[] =
+{
+	0x30, 0x82, 0x01, 0x08, 0x02, 0x82, 0x01, 0x01, 0x00, 0xB0, 
+	0xA1, 0x08, 0x06, 0x9C, 0x08, 0x13, 0xBA, 0x59, 0x06, 0x3C, 
+	0xBC, 0x30, 0xD5, 0xF5, 0x00, 0xC1, 0x4F, 0x44, 0xA7, 0xD6, 
+	0xEF, 0x4A, 0xC6, 0x25, 0x27, 0x1C, 0xE8, 0xD2, 0x96, 0x53, 
+	0x0A, 0x5C, 0x91, 0xDD, 0xA2, 0xC2, 0x94, 0x84, 0xBF, 0x7D, 
+	0xB2, 0x44, 0x9F, 0x9B, 0xD2, 0xC1, 0x8A, 0xC5, 0xBE, 0x72, 
+	0x5C, 0xA7, 0xE7, 0x91, 0xE6, 0xD4, 0x9F, 0x73, 0x07, 0x85, 
+	0x5B, 0x66, 0x48, 0xC7, 0x70, 0xFA, 0xB4, 0xEE, 0x02, 0xC9, 
+	0x3D, 0x9A, 0x4A, 0xDA, 0x3D, 0xC1, 0x46, 0x3E, 0x19, 0x69, 
+	0xD1, 0x17, 0x46, 0x07, 0xA3, 0x4D, 0x9F, 0x2B, 0x96, 0x17, 
+	0x39, 0x6D, 0x30, 0x8D, 0x2A, 0xF3, 0x94, 0xD3, 0x75, 0xCF, 
+	0xA0, 0x75, 0xE6, 0xF2, 0x92, 0x1F, 0x1A, 0x70, 0x05, 0xAA, 
+	0x04, 0x83, 0x57, 0x30, 0xFB, 0xDA, 0x76, 0x93, 0x38, 0x50, 
+	0xE8, 0x27, 0xFD, 0x63, 0xEE, 0x3C, 0xE5, 0xB7, 0xC8, 0x09, 
+	0xAE, 0x6F, 0x50, 0x35, 0x8E, 0x84, 0xCE, 0x4A, 0x00, 0xE9, 
+	0x12, 0x7E, 0x5A, 0x31, 0xD7, 0x33, 0xFC, 0x21, 0x13, 0x76, 
+	0xCC, 0x16, 0x30, 0xDB, 0x0C, 0xFC, 0xC5, 0x62, 0xA7, 0x35, 
+	0xB8, 0xEF, 0xB7, 0xB0, 0xAC, 0xC0, 0x36, 0xF6, 0xD9, 0xC9, 
+	0x46, 0x48, 0xF9, 0x40, 0x90, 0x00, 0x2B, 0x1B, 0xAA, 0x6C, 
+	0xE3, 0x1A, 0xC3, 0x0B, 0x03, 0x9E, 0x1B, 0xC2, 0x46, 0xE4, 
+	0x48, 0x4E, 0x22, 0x73, 0x6F, 0xC3, 0x5F, 0xD4, 0x9A, 0xD6, 
+	0x30, 0x07, 0x48, 0xD6, 0x8C, 0x90, 0xAB, 0xD4, 0xF6, 0xF1, 
+	0xE3, 0x48, 0xD3, 0x58, 0x4B, 0xA6, 0xB9, 0xCD, 0x29, 0xBF, 
+	0x68, 0x1F, 0x08, 0x4B, 0x63, 0x86, 0x2F, 0x5C, 0x6B, 0xD6, 
+	0xB6, 0x06, 0x65, 0xF7, 0xA6, 0xDC, 0x00, 0x67, 0x6B, 0xBB, 
+	0xC3, 0xA9, 0x41, 0x83, 0xFB, 0xC7, 0xFA, 0xC8, 0xE2, 0x1E, 
+	0x7E, 0xAF, 0x00, 0x3F, 0x93, 0x02, 0x01, 0x02
+};
+const int sizeof_dh_key_der_2048 = sizeof(dh_key_der_2048);
+
+/* ./certs/dsa2048.der, 2048-bit */
+const unsigned char dsa_key_der_2048[] =
+{
+	0x30, 0x82, 0x03, 0x3F, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 
+	0x01, 0x00, 0xCC, 0x8E, 0xC9, 0xA0, 0xD5, 0x9A, 0x27, 0x1C, 
+	0xDA, 0x52, 0xDF, 0xC7, 0xC0, 0xE6, 0x06, 0xA4, 0x3E, 0x8A, 
+	0x66, 0x49, 0xD0, 0x59, 0x33, 0x51, 0x69, 0xC4, 0x9C, 0x5E, 
+	0x64, 0x85, 0xC7, 0xF1, 0xAB, 0xD5, 0xD9, 0x62, 0xAC, 0xFD, 
+	0xA1, 0xE0, 0x1B, 0x57, 0xFF, 0x96, 0xEF, 0x0C, 0x9F, 0xC8, 
+	0x44, 0x87, 0xEB, 0x5C, 0x91, 0xD0, 0x46, 0x42, 0x09, 0x50, 
+	0x6A, 0x23, 0xCB, 0x89, 0x6F, 0x55, 0xE9, 0x6A, 0x11, 0xA9, 
+	0xA8, 0x32, 0xAB, 0x33, 0x0D, 0x51, 0xB5, 0x79, 0x51, 0xB4, 
+	0xAB, 0xA2, 0x25, 0x11, 0x8D, 0xE5, 0x24, 0xBE, 0xD8, 0xF1, 
+	0x9D, 0x4E, 0x12, 0x6F, 0xAC, 0x44, 0x54, 0x80, 0xA9, 0xB4, 
+	0x81, 0x68, 0x4E, 0x44, 0x0E, 0xB8, 0x39, 0xF3, 0xBE, 0x83, 
+	0x08, 0x74, 0xA2, 0xC6, 0x7A, 0xD7, 0x6A, 0x7D, 0x0A, 0x88, 
+	0x57, 0x83, 0x48, 0xDC, 0xCF, 0x5E, 0x6F, 0xEE, 0x68, 0x0C, 
+	0xF7, 0xFF, 0x03, 0x04, 0x90, 0xAA, 0xF7, 0x07, 0x98, 0xF8, 
+	0x67, 0x5A, 0x83, 0x23, 0x66, 0x47, 0x60, 0xC3, 0x43, 0x6E, 
+	0x03, 0x91, 0xAC, 0x28, 0x66, 0xCB, 0xF0, 0xD3, 0x05, 0xC8, 
+	0x09, 0x97, 0xB5, 0xAE, 0x01, 0x5E, 0x80, 0x3B, 0x9D, 0x4F, 
+	0xDE, 0x3E, 0x94, 0xFE, 0xCB, 0x82, 0xB0, 0xB1, 0xFC, 0x91, 
+	0x8B, 0x1D, 0x8A, 0xEE, 0xC6, 0x06, 0x1F, 0x37, 0x91, 0x48, 
+	0xD2, 0xF8, 0x6C, 0x5D, 0x60, 0x13, 0x83, 0xA7, 0x81, 0xAC, 
+	0xCA, 0x8D, 0xD0, 0x6A, 0x04, 0x0A, 0xEA, 0x3E, 0x22, 0x4E, 
+	0x13, 0xF1, 0x0D, 0xBB, 0x60, 0x6B, 0xCD, 0xBC, 0x5C, 0x87, 
+	0xA3, 0x67, 0x2B, 0x42, 0xA1, 0x9F, 0xCD, 0x39, 0x58, 0xBE, 
+	0x55, 0xB1, 0x93, 0x84, 0xCE, 0xB2, 0x10, 0x4E, 0xE4, 0xC3, 
+	0x9F, 0xB2, 0x53, 0x61, 0x01, 0x29, 0xAA, 0x96, 0xCB, 0x20, 
+	0x60, 0x42, 0x1D, 0xBA, 0x75, 0x4B, 0x63, 0xC1, 0x02, 0x15, 
+	0x00, 0xE7, 0xA5, 0x39, 0xD4, 0x6A, 0x37, 0x5E, 0x95, 0x06, 
+	0x39, 0x07, 0x77, 0x0A, 0xEB, 0xA0, 0x03, 0xEB, 0x78, 0x82, 
+	0x9B, 0x02, 0x82, 0x01, 0x01, 0x00, 0x9A, 0xD4, 0x4C, 0x71, 
+	0x2F, 0xEC, 0xFA, 0x32, 0xB2, 0x80, 0x7E, 0x61, 0x4A, 0x6B, 
+	0x5F, 0x18, 0x76, 0x43, 0xC3, 0x69, 0xBA, 0x41, 0xC7, 0xA7, 
+	0x1D, 0x79, 0x01, 0xEC, 0xAF, 0x34, 0x87, 0x67, 0x4F, 0x29, 
+	0x80, 0xA8, 0x3B, 0x87, 0xF6, 0xE8, 0xA1, 0xE8, 0xCD, 0x1B, 
+	0x1C, 0x86, 0x38, 0xF6, 0xD1, 0x0C, 0x46, 0x2E, 0xC8, 0xE0, 
+	0xC9, 0x30, 0x26, 0xD5, 0x2C, 0x7F, 0xC1, 0x08, 0xBF, 0xCC, 
+	0x5A, 0x82, 0x8E, 0xD4, 0xD4, 0x49, 0xAA, 0xA2, 0xFA, 0xE6, 
+	0xC1, 0x9D, 0xF0, 0xD9, 0x96, 0xB0, 0xFF, 0x0C, 0x5B, 0x33, 
+	0x8E, 0x06, 0xDD, 0x9D, 0x28, 0xA9, 0xE9, 0x80, 0x41, 0x3B, 
+	0xD8, 0x7A, 0x94, 0x21, 0x8F, 0x56, 0xF1, 0xA2, 0xB4, 0x2B, 
+	0x89, 0x1C, 0x74, 0xFF, 0x7E, 0x91, 0xDC, 0x1F, 0x91, 0x13, 
+	0x98, 0xAF, 0xC7, 0x06, 0xD2, 0x4C, 0x90, 0xA2, 0xBD, 0xDA, 
+	0x16, 0xBA, 0x65, 0xB0, 0x2D, 0x68, 0x87, 0x3C, 0x6E, 0x25, 
+	0x8D, 0x90, 0xC7, 0xBC, 0x0D, 0xA9, 0x43, 0x03, 0xC9, 0xBE, 
+	0xCF, 0x85, 0x6F, 0xDB, 0x07, 0x7B, 0x8C, 0xF8, 0xB1, 0xC2, 
+	0x49, 0x10, 0x69, 0x63, 0x56, 0x37, 0xC5, 0x30, 0xD2, 0xFB, 
+	0x71, 0x9A, 0xE8, 0x82, 0x07, 0x2E, 0x3E, 0x95, 0x50, 0xF3, 
+	0x73, 0xCF, 0x34, 0x5B, 0xD5, 0xAB, 0x02, 0x15, 0xF2, 0xCC, 
+	0xD7, 0x52, 0xC5, 0x28, 0xD8, 0x41, 0x19, 0x55, 0x6F, 0xB8, 
+	0x5F, 0xF1, 0x99, 0xB3, 0xC7, 0xD9, 0xB3, 0x71, 0xF4, 0x2D, 
+	0xDF, 0x22, 0x59, 0x35, 0x86, 0xDB, 0x39, 0xCA, 0x1B, 0x4D, 
+	0x35, 0x90, 0x19, 0x6B, 0x31, 0xE3, 0xC8, 0xC6, 0x09, 0xBF, 
+	0x7C, 0xED, 0x01, 0xB4, 0xB2, 0xF5, 0x6E, 0xDA, 0x63, 0x41, 
+	0x3C, 0xE6, 0x3A, 0x72, 0x2D, 0x65, 0x48, 0xF6, 0x07, 0xCD, 
+	0x92, 0x84, 0x8B, 0x1D, 0xA7, 0x31, 0x6B, 0xD6, 0xF0, 0xFB, 
+	0xD9, 0xF4, 0x02, 0x82, 0x01, 0x00, 0x66, 0x4B, 0xBB, 0xB7, 
+	0xC9, 0x48, 0x95, 0x0D, 0x5A, 0xA6, 0x2D, 0xA1, 0x7F, 0xDF, 
+	0x1F, 0x67, 0x6D, 0xED, 0x52, 0x4B, 0x16, 0x6C, 0x17, 0xC6, 
+	0xAE, 0xF8, 0x6A, 0xC4, 0x57, 0xED, 0x2F, 0xB3, 0xF0, 0x2A, 
+	0x55, 0xAB, 0xBA, 0xCA, 0xEA, 0x17, 0xE8, 0x35, 0x7C, 0xE5, 
+	0x31, 0x0D, 0x4A, 0x95, 0xFC, 0x43, 0x6F, 0x97, 0x3C, 0x5C, 
+	0x67, 0xAC, 0xBE, 0x67, 0x7F, 0xE9, 0x4E, 0xAA, 0x48, 0xB3, 
+	0x92, 0xA1, 0x76, 0x75, 0xEA, 0x04, 0x34, 0x7F, 0x87, 0x33, 
+	0x2D, 0x24, 0xB6, 0x29, 0x97, 0xE3, 0x04, 0x77, 0x93, 0x89, 
+	0x13, 0xDB, 0x1B, 0x93, 0xB8, 0x2C, 0x90, 0x1A, 0x09, 0x3B, 
+	0x26, 0xD9, 0x59, 0xF3, 0x2A, 0x09, 0x58, 0xDC, 0xAC, 0x25, 
+	0xB4, 0xA9, 0x45, 0x3B, 0xA2, 0x3A, 0x6C, 0x61, 0x84, 0xBF, 
+	0x68, 0xD4, 0xEA, 0x9B, 0xC5, 0x29, 0x48, 0x60, 0x15, 0x10, 
+	0x35, 0x2C, 0x44, 0x1D, 0xB5, 0x9A, 0xEE, 0xAC, 0xC1, 0x68, 
+	0xE8, 0x47, 0xB7, 0x41, 0x34, 0x39, 0x9A, 0xF8, 0xA5, 0x20, 
+	0xE9, 0x24, 0xC4, 0x2C, 0x58, 0x3F, 0x4C, 0x41, 0x30, 0x3A, 
+	0x14, 0x6E, 0x8D, 0xEA, 0xAD, 0xBA, 0x9B, 0x43, 0xD3, 0x98, 
+	0x2F, 0x83, 0xD8, 0x14, 0x67, 0xE8, 0xF8, 0xD5, 0x4F, 0xAC, 
+	0xE0, 0x3B, 0xBF, 0xA7, 0x54, 0x16, 0x5E, 0x49, 0x64, 0x26, 
+	0x54, 0xA4, 0x6B, 0x69, 0x7C, 0xBA, 0x8A, 0x83, 0xD9, 0x2E, 
+	0x65, 0x0A, 0xA2, 0x27, 0xEF, 0x99, 0x99, 0x08, 0xD7, 0xB5, 
+	0x9F, 0xA0, 0x01, 0xEF, 0x7E, 0x17, 0xBF, 0x83, 0x6B, 0x2E, 
+	0xDD, 0xC0, 0x39, 0x38, 0x23, 0x68, 0xB4, 0x76, 0x6B, 0xE5, 
+	0xCA, 0xF7, 0x7C, 0xEE, 0xC0, 0x52, 0xE2, 0xDD, 0xAD, 0x59, 
+	0x3A, 0x42, 0x06, 0x45, 0xB0, 0xC7, 0xC1, 0x77, 0x05, 0xB2, 
+	0x0C, 0x32, 0x40, 0x46, 0xAA, 0xDA, 0x79, 0x77, 0x04, 0x71, 
+	0xDF, 0x7A, 0x02, 0x15, 0x00, 0x98, 0xEE, 0xB9, 0x51, 0x37, 
+	0x3E, 0x75, 0x13, 0x13, 0x06, 0x8F, 0x94, 0xD3, 0xE6, 0xE9, 
+	0x00, 0xCB, 0x62, 0x6D, 0x9A
+};
+const int sizeof_dsa_key_der_2048 = sizeof(dsa_key_der_2048);
+
+/* ./certs/rsa2048.der, 2048-bit */
+const unsigned char rsa_key_der_2048[] =
+{
+	0x30, 0x82, 0x04, 0xA3, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 
+	0x01, 0x00, 0xE9, 0x8A, 0x5D, 0x15, 0xA4, 0xD4, 0x34, 0xB9, 
+	0x59, 0xA2, 0xDA, 0xAF, 0x74, 0xC8, 0xC9, 0x03, 0x26, 0x38, 
+	0xFA, 0x48, 0xFC, 0x4D, 0x30, 0x6E, 0xEA, 0x76, 0x89, 0xCE, 
+	0x4F, 0xF6, 0x87, 0xDE, 0x32, 0x3A, 0x46, 0x6E, 0x38, 0x12, 
+	0x58, 0x37, 0x22, 0x0D, 0x80, 0xAC, 0x2D, 0xAF, 0x2F, 0x12, 
+	0x3E, 0x62, 0x73, 0x60, 0x66, 0x68, 0x90, 0xB2, 0x6F, 0x47, 
+	0x17, 0x04, 0x2B, 0xCA, 0xB7, 0x26, 0xB7, 0x10, 0xC2, 0x13, 
+	0xF9, 0x7A, 0x62, 0x0A, 0x93, 0x32, 0x90, 0x42, 0x0D, 0x16, 
+	0x2E, 0xFA, 0xD7, 0x29, 0xD7, 0x9F, 0x54, 0xE4, 0xFC, 0x65, 
+	0x74, 0xF8, 0xF6, 0x43, 0x6B, 0x4E, 0x9E, 0x34, 0x7F, 0xCB, 
+	0x6B, 0x1C, 0x1A, 0xDE, 0x82, 0x81, 0xBF, 0x08, 0x5D, 0x3F, 
+	0xC0, 0xB6, 0xB1, 0xA8, 0xA5, 0x9C, 0x81, 0x70, 0xA7, 0x4E, 
+	0x32, 0x87, 0x15, 0x1C, 0x78, 0x0E, 0xF0, 0x18, 0xFE, 0xEB, 
+	0x4B, 0x37, 0x2B, 0xE9, 0xE1, 0xF7, 0xFA, 0x51, 0xC6, 0x58, 
+	0xB9, 0xD8, 0x06, 0x03, 0xED, 0xC0, 0x03, 0x18, 0x55, 0x8B, 
+	0x98, 0xFE, 0xB1, 0xF6, 0xD0, 0x3D, 0xFA, 0x63, 0xC0, 0x38, 
+	0x19, 0xC7, 0x00, 0xEF, 0x4D, 0x99, 0x60, 0xB4, 0xBA, 0xCE, 
+	0xE3, 0xCE, 0xD9, 0x6B, 0x2D, 0x76, 0x94, 0xFF, 0xFB, 0x77, 
+	0x18, 0x4A, 0xFE, 0x65, 0xF0, 0x0A, 0x91, 0x5C, 0x3B, 0x22, 
+	0x94, 0x85, 0xD0, 0x20, 0x18, 0x59, 0x2E, 0xA5, 0x33, 0x03, 
+	0xAC, 0x1B, 0x5F, 0x78, 0x32, 0x11, 0x25, 0xEE, 0x7F, 0x96, 
+	0x21, 0xA9, 0xD6, 0x76, 0x97, 0x8D, 0x66, 0x7E, 0xB2, 0x91, 
+	0xD0, 0x36, 0x2E, 0xA3, 0x1D, 0xBF, 0xF1, 0x85, 0xED, 0xC0, 
+	0x3E, 0x60, 0xB8, 0x5A, 0x9F, 0xAB, 0x80, 0xE0, 0xEA, 0x5D, 
+	0x5F, 0x75, 0x56, 0xC7, 0x4D, 0x51, 0x8E, 0xD4, 0x1F, 0x34, 
+	0xA6, 0x36, 0xF1, 0x30, 0x1F, 0x51, 0x99, 0x2F, 0x02, 0x03, 
+	0x01, 0x00, 0x01, 0x02, 0x82, 0x01, 0x00, 0x52, 0x11, 0x33, 
+	0x40, 0xC5, 0xD9, 0x64, 0x65, 0xB5, 0xE0, 0x0A, 0xA5, 0x19, 
+	0x8E, 0xED, 0x44, 0x54, 0x0C, 0x35, 0xB7, 0xAC, 0x21, 0x9B, 
+	0xE1, 0x7E, 0x37, 0x05, 0x9A, 0x20, 0x73, 0x6B, 0xAF, 0x63, 
+	0x4B, 0x23, 0x30, 0xDC, 0x37, 0x66, 0x14, 0x89, 0xBC, 0xE0, 
+	0xF8, 0xA0, 0x5D, 0x2D, 0x57, 0x65, 0xE0, 0xC6, 0xD6, 0x9B, 
+	0x66, 0x27, 0x62, 0xEC, 0xC3, 0xB8, 0x8C, 0xD8, 0xAE, 0xB5, 
+	0xC9, 0xBF, 0x0E, 0xFE, 0x84, 0x72, 0x68, 0xD5, 0x47, 0x0E, 
+	0x0E, 0xF8, 0xAE, 0x9D, 0x56, 0xAC, 0x4F, 0xAD, 0x88, 0xA0, 
+	0xA2, 0xF6, 0xFC, 0x38, 0xCD, 0x96, 0x5B, 0x5E, 0x7E, 0xB6, 
+	0x98, 0xBB, 0xF3, 0x8A, 0xEC, 0xFA, 0xC8, 0xB7, 0x90, 0x75, 
+	0xA0, 0x0E, 0x77, 0x6B, 0xFD, 0x59, 0x45, 0x5A, 0x0C, 0xFF, 
+	0x95, 0x8D, 0xCE, 0xFE, 0x9B, 0xF6, 0x19, 0x8E, 0x0B, 0xA1, 
+	0x0C, 0xEE, 0xC6, 0x79, 0xDD, 0x9D, 0x61, 0x85, 0x5C, 0x19, 
+	0x6C, 0x47, 0xCC, 0x08, 0xFF, 0xA5, 0x62, 0xDB, 0xE4, 0x2D, 
+	0x2D, 0xDD, 0x14, 0x67, 0xD6, 0x4A, 0x64, 0x2A, 0x66, 0x49, 
+	0x54, 0x9C, 0xE3, 0x85, 0x18, 0xE7, 0x31, 0x42, 0xE2, 0xD0, 
+	0x2C, 0x20, 0xA0, 0x74, 0x0F, 0x1F, 0x20, 0x89, 0xBA, 0xAB, 
+	0x80, 0xD8, 0x38, 0xD9, 0x46, 0x69, 0xBB, 0xEF, 0xCC, 0x8B, 
+	0xA1, 0x73, 0xA7, 0xF2, 0xE4, 0x38, 0x5D, 0xD6, 0x75, 0x9F, 
+	0x88, 0x0E, 0x56, 0xCD, 0xD8, 0x84, 0x59, 0x29, 0x73, 0xF5, 
+	0xA1, 0x79, 0xDA, 0x7A, 0x1F, 0xBF, 0x73, 0x83, 0xC0, 0x6D, 
+	0x9F, 0x8B, 0x34, 0x15, 0xC0, 0x6D, 0x69, 0x6A, 0x20, 0xE6, 
+	0x51, 0xCF, 0x45, 0x6E, 0xCC, 0x05, 0xC4, 0x3A, 0xC0, 0x9E, 
+	0xAA, 0xC1, 0x06, 0x2F, 0xAB, 0x99, 0x30, 0xE1, 0x6E, 0x9D, 
+	0x45, 0x7A, 0xFF, 0xA9, 0xCE, 0x70, 0xB8, 0x16, 0x1A, 0x0E, 
+	0x20, 0xFA, 0xC1, 0x02, 0x81, 0x81, 0x00, 0xFF, 0x30, 0x11, 
+	0xC2, 0x3C, 0x6B, 0xB4, 0xD6, 0x9E, 0x6B, 0xC1, 0x93, 0xD1, 
+	0x48, 0xCE, 0x80, 0x2D, 0xBE, 0xAF, 0xF7, 0xBA, 0xB2, 0xD7, 
+	0xC3, 0xC4, 0x53, 0x6E, 0x15, 0x02, 0xAA, 0x61, 0xB9, 0xEA, 
+	0x05, 0x9B, 0x79, 0x67, 0x0B, 0xCE, 0xD9, 0xFB, 0x98, 0x8C, 
+	0x1D, 0x6B, 0xF4, 0x5A, 0xA7, 0xA0, 0x5E, 0x54, 0x18, 0xE9, 
+	0x31, 0x44, 0x7C, 0xC7, 0x52, 0xD8, 0x6D, 0xA0, 0x3E, 0xD6, 
+	0x14, 0x2D, 0x7B, 0x15, 0x9D, 0x1E, 0x39, 0x87, 0x96, 0xDD, 
+	0xA8, 0x33, 0x55, 0x2A, 0x8E, 0x32, 0xC0, 0xC4, 0xE5, 0xB8, 
+	0xCB, 0xCD, 0x32, 0x8D, 0xAD, 0x7B, 0xE5, 0xC6, 0x7E, 0x4D, 
+	0x6F, 0xF3, 0xA4, 0xC5, 0xA6, 0x40, 0xBE, 0x90, 0x3A, 0x33, 
+	0x6A, 0x24, 0xB2, 0x80, 0x81, 0x12, 0xAC, 0xE3, 0x7B, 0x26, 
+	0x63, 0xCF, 0x88, 0xB9, 0xFF, 0x74, 0x23, 0x37, 0x52, 0xF0, 
+	0xC4, 0x27, 0x5D, 0x45, 0x1F, 0x02, 0x81, 0x81, 0x00, 0xEA, 
+	0x48, 0xA7, 0xDD, 0x73, 0x41, 0x56, 0x21, 0x15, 0xF7, 0x42, 
+	0x45, 0x4D, 0xA9, 0xE1, 0x66, 0x5B, 0xBD, 0x25, 0x7D, 0xF7, 
+	0xA8, 0x65, 0x13, 0xAE, 0x2D, 0x38, 0x11, 0xCD, 0x93, 0xFC, 
+	0x30, 0xA3, 0x2C, 0x44, 0xBB, 0xCF, 0xD0, 0x21, 0x8F, 0xFB, 
+	0xC1, 0xF9, 0xAD, 0x1D, 0xEE, 0x96, 0xCF, 0x97, 0x49, 0x60, 
+	0x53, 0x80, 0xA5, 0xA2, 0xF8, 0xEE, 0xB9, 0xD5, 0x77, 0x44, 
+	0xDD, 0xFD, 0x19, 0x2A, 0xF1, 0x81, 0xF4, 0xD9, 0x3C, 0xEC, 
+	0x73, 0xD0, 0x2A, 0xD8, 0x3C, 0x27, 0x87, 0x79, 0x12, 0x86, 
+	0xE7, 0x57, 0x0C, 0x59, 0xD1, 0x44, 0x55, 0xAE, 0xC3, 0x4D, 
+	0x42, 0xAD, 0xA9, 0xB3, 0x28, 0x61, 0xB4, 0x9C, 0xA6, 0x63, 
+	0xD3, 0x96, 0xB1, 0x75, 0x9F, 0x2A, 0x78, 0x99, 0xE3, 0x1E, 
+	0x71, 0x47, 0x39, 0xF4, 0x52, 0xE3, 0x66, 0xF1, 0xEB, 0x7F, 
+	0xEF, 0xC6, 0x81, 0x93, 0x4C, 0x99, 0xF1, 0x02, 0x81, 0x81, 
+	0x00, 0xC5, 0xB6, 0x20, 0x8C, 0x34, 0xF3, 0xDD, 0xF0, 0x4A, 
+	0x5D, 0x82, 0x65, 0x5C, 0x48, 0xE4, 0x75, 0x3A, 0xFB, 0xFA, 
+	0xAA, 0x1C, 0xE4, 0x63, 0x77, 0x31, 0xAC, 0xD2, 0x25, 0x45, 
+	0x23, 0x6D, 0x03, 0xF5, 0xE4, 0xD2, 0x48, 0x85, 0x26, 0x08, 
+	0xE5, 0xAA, 0xA0, 0xCE, 0x2E, 0x1D, 0x6D, 0xFC, 0xAE, 0xD2, 
+	0xF9, 0x42, 0x7E, 0xEA, 0x6D, 0x59, 0x7A, 0xB3, 0x93, 0xE4, 
+	0x4B, 0x4B, 0x54, 0x63, 0xD8, 0xCE, 0x44, 0x06, 0xC2, 0xEC, 
+	0x9F, 0xF6, 0x05, 0x55, 0x46, 0xF4, 0x3E, 0x8F, 0xF2, 0x0C, 
+	0x30, 0x7E, 0x5C, 0xDD, 0x88, 0x49, 0x3B, 0x59, 0xB9, 0x87, 
+	0xBC, 0xC6, 0xC5, 0x24, 0x8A, 0x10, 0x63, 0x21, 0x1F, 0x66, 
+	0x1A, 0x3E, 0xF4, 0x58, 0xD1, 0x6C, 0x0D, 0x40, 0xB2, 0xC0, 
+	0x1D, 0x63, 0x42, 0x0E, 0xC4, 0x56, 0x0E, 0xC0, 0xCC, 0xC2, 
+	0xD6, 0x66, 0x0E, 0xC4, 0xAB, 0xB5, 0x33, 0xF6, 0x51, 0x02, 
+	0x81, 0x80, 0x19, 0x7E, 0xE6, 0xA5, 0xB6, 0xD1, 0x39, 0x6A, 
+	0x48, 0x55, 0xAC, 0x24, 0x96, 0x9B, 0x12, 0x28, 0x6D, 0x7B, 
+	0x5C, 0x05, 0x25, 0x5A, 0x72, 0x05, 0x7E, 0x42, 0xF5, 0x83, 
+	0x1A, 0x78, 0x2C, 0x4D, 0xAE, 0xB4, 0x36, 0x96, 0xA9, 0xBA, 
+	0xE0, 0xAC, 0x26, 0x9D, 0xA9, 0x6A, 0x29, 0x83, 0xB9, 0x6D, 
+	0xC5, 0xEC, 0xFA, 0x4A, 0x9C, 0x09, 0x6A, 0x7E, 0xE4, 0x9B, 
+	0xDC, 0x9B, 0x2A, 0x27, 0x6E, 0x4F, 0xBA, 0xD8, 0xA5, 0x67, 
+	0xDB, 0xEC, 0x41, 0x5F, 0x29, 0x1C, 0x40, 0x83, 0xEB, 0x59, 
+	0x56, 0xD7, 0xA9, 0x4E, 0xAB, 0xAE, 0x70, 0x67, 0xD1, 0xA3, 
+	0xF1, 0x6C, 0xD7, 0x8F, 0x96, 0x0E, 0x8D, 0xAC, 0xAB, 0x55, 
+	0x58, 0x66, 0xD3, 0x1E, 0x47, 0x9B, 0xF0, 0x4C, 0xED, 0xF6, 
+	0x49, 0xE8, 0xE9, 0x7B, 0x32, 0x61, 0x20, 0x31, 0x95, 0x05, 
+	0xB2, 0xF6, 0x09, 0xEA, 0x32, 0x14, 0x0F, 0xCF, 0x9A, 0x41, 
+	0x02, 0x81, 0x80, 0x77, 0x3F, 0xB6, 0x14, 0x8D, 0xC5, 0x13, 
+	0x08, 0x7E, 0xC9, 0xC4, 0xEA, 0xD4, 0xBA, 0x0D, 0xA4, 0x9E, 
+	0xB3, 0x6E, 0xDE, 0x1A, 0x7A, 0xF8, 0x89, 0x88, 0xEF, 0x36, 
+	0x3C, 0x11, 0xBC, 0x83, 0xE8, 0x30, 0x6C, 0x81, 0x7C, 0x47, 
+	0xF3, 0x4D, 0xCA, 0xEA, 0x56, 0x01, 0x62, 0x55, 0x2E, 0x4B, 
+	0x89, 0xA9, 0xBD, 0x6F, 0x01, 0xF6, 0x74, 0x02, 0xAA, 0xE3, 
+	0x84, 0x66, 0x06, 0x95, 0x34, 0xA1, 0xE2, 0xCA, 0x65, 0xFE, 
+	0xA3, 0x2D, 0x43, 0x97, 0x95, 0x6C, 0x6F, 0xD5, 0xB4, 0x38, 
+	0xF6, 0xF9, 0x95, 0x30, 0xFA, 0xF8, 0x9C, 0x25, 0x2B, 0xB6, 
+	0x14, 0x51, 0xCC, 0x2E, 0xB3, 0x5B, 0xD6, 0xDC, 0x1A, 0xEC, 
+	0x2D, 0x09, 0x5B, 0x3F, 0x3A, 0xD0, 0xB8, 0x4E, 0x27, 0x1F, 
+	0xDC, 0x2A, 0xEE, 0xAC, 0xA9, 0x59, 0x5D, 0x07, 0x63, 0x11, 
+	0x83, 0x0B, 0xD4, 0x74, 0x80, 0xB6, 0x7D, 0x62, 0x45, 0xBF, 
+	0x56
+};
+const int sizeof_rsa_key_der_2048 = sizeof(rsa_key_der_2048);
+
+/* ./certs/ca-cert.der, 2048-bit */
+const unsigned char ca_cert_der_2048[] =
+{
+	0x30, 0x82, 0x04, 0xAA, 0x30, 0x82, 0x03, 0x92, 0xA0, 0x03, 
+	0x02, 0x01, 0x02, 0x02, 0x09, 0x00, 0xFA, 0x7D, 0x38, 0x9A, 
+	0x73, 0xFB, 0x12, 0x19, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 
+	0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x05, 0x05, 0x00, 0x30, 
+	0x81, 0x94, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 
+	0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 
+	0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 
+	0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 
+	0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 
+	0x6E, 0x31, 0x11, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x04, 0x0A, 
+	0x0C, 0x08, 0x53, 0x61, 0x77, 0x74, 0x6F, 0x6F, 0x74, 0x68, 
+	0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 
+	0x0A, 0x43, 0x6F, 0x6E, 0x73, 0x75, 0x6C, 0x74, 0x69, 0x6E, 
+	0x67, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 
+	0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 
+	0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 
+	0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 
+	0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 
+	0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 
+	0x30, 0x1E, 0x17, 0x0D, 0x31, 0x35, 0x30, 0x32, 0x30, 0x35, 
+	0x30, 0x36, 0x33, 0x33, 0x33, 0x30, 0x5A, 0x17, 0x0D, 0x31, 
+	0x37, 0x31, 0x31, 0x30, 0x31, 0x30, 0x36, 0x33, 0x33, 0x33, 
+	0x30, 0x5A, 0x30, 0x81, 0x94, 0x31, 0x0B, 0x30, 0x09, 0x06, 
+	0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 
+	0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 
+	0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 
+	0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, 
+	0x65, 0x6D, 0x61, 0x6E, 0x31, 0x11, 0x30, 0x0F, 0x06, 0x03, 
+	0x55, 0x04, 0x0A, 0x0C, 0x08, 0x53, 0x61, 0x77, 0x74, 0x6F, 
+	0x6F, 0x74, 0x68, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 
+	0x04, 0x0B, 0x0C, 0x0A, 0x43, 0x6F, 0x6E, 0x73, 0x75, 0x6C, 
+	0x74, 0x69, 0x6E, 0x67, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 
+	0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 
+	0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 
+	0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 
+	0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 
+	0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 
+	0x63, 0x6F, 0x6D, 0x30, 0x82, 0x01, 0x22, 0x30, 0x0D, 0x06, 
+	0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, 
+	0x05, 0x00, 0x03, 0x82, 0x01, 0x0F, 0x00, 0x30, 0x82, 0x01, 
+	0x0A, 0x02, 0x82, 0x01, 0x01, 0x00, 0xBF, 0x0C, 0xCA, 0x2D, 
+	0x14, 0xB2, 0x1E, 0x84, 0x42, 0x5B, 0xCD, 0x38, 0x1F, 0x4A, 
+	0xF2, 0x4D, 0x75, 0x10, 0xF1, 0xB6, 0x35, 0x9F, 0xDF, 0xCA, 
+	0x7D, 0x03, 0x98, 0xD3, 0xAC, 0xDE, 0x03, 0x66, 0xEE, 0x2A, 
+	0xF1, 0xD8, 0xB0, 0x7D, 0x6E, 0x07, 0x54, 0x0B, 0x10, 0x98, 
+	0x21, 0x4D, 0x80, 0xCB, 0x12, 0x20, 0xE7, 0xCC, 0x4F, 0xDE, 
+	0x45, 0x7D, 0xC9, 0x72, 0x77, 0x32, 0xEA, 0xCA, 0x90, 0xBB, 
+	0x69, 0x52, 0x10, 0x03, 0x2F, 0xA8, 0xF3, 0x95, 0xC5, 0xF1, 
+	0x8B, 0x62, 0x56, 0x1B, 0xEF, 0x67, 0x6F, 0xA4, 0x10, 0x41, 
+	0x95, 0xAD, 0x0A, 0x9B, 0xE3, 0xA5, 0xC0, 0xB0, 0xD2, 0x70, 
+	0x76, 0x50, 0x30, 0x5B, 0xA8, 0xE8, 0x08, 0x2C, 0x7C, 0xED, 
+	0xA7, 0xA2, 0x7A, 0x8D, 0x38, 0x29, 0x1C, 0xAC, 0xC7, 0xED, 
+	0xF2, 0x7C, 0x95, 0xB0, 0x95, 0x82, 0x7D, 0x49, 0x5C, 0x38, 
+	0xCD, 0x77, 0x25, 0xEF, 0xBD, 0x80, 0x75, 0x53, 0x94, 0x3C, 
+	0x3D, 0xCA, 0x63, 0x5B, 0x9F, 0x15, 0xB5, 0xD3, 0x1D, 0x13, 
+	0x2F, 0x19, 0xD1, 0x3C, 0xDB, 0x76, 0x3A, 0xCC, 0xB8, 0x7D, 
+	0xC9, 0xE5, 0xC2, 0xD7, 0xDA, 0x40, 0x6F, 0xD8, 0x21, 0xDC, 
+	0x73, 0x1B, 0x42, 0x2D, 0x53, 0x9C, 0xFE, 0x1A, 0xFC, 0x7D, 
+	0xAB, 0x7A, 0x36, 0x3F, 0x98, 0xDE, 0x84, 0x7C, 0x05, 0x67, 
+	0xCE, 0x6A, 0x14, 0x38, 0x87, 0xA9, 0xF1, 0x8C, 0xB5, 0x68, 
+	0xCB, 0x68, 0x7F, 0x71, 0x20, 0x2B, 0xF5, 0xA0, 0x63, 0xF5, 
+	0x56, 0x2F, 0xA3, 0x26, 0xD2, 0xB7, 0x6F, 0xB1, 0x5A, 0x17, 
+	0xD7, 0x38, 0x99, 0x08, 0xFE, 0x93, 0x58, 0x6F, 0xFE, 0xC3, 
+	0x13, 0x49, 0x08, 0x16, 0x0B, 0xA7, 0x4D, 0x67, 0x00, 0x52, 
+	0x31, 0x67, 0x23, 0x4E, 0x98, 0xED, 0x51, 0x45, 0x1D, 0xB9, 
+	0x04, 0xD9, 0x0B, 0xEC, 0xD8, 0x28, 0xB3, 0x4B, 0xBD, 0xED, 
+	0x36, 0x79, 0x02, 0x03, 0x01, 0x00, 0x01, 0xA3, 0x81, 0xFC, 
+	0x30, 0x81, 0xF9, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, 
+	0x04, 0x16, 0x04, 0x14, 0x27, 0x8E, 0x67, 0x11, 0x74, 0xC3, 
+	0x26, 0x1D, 0x3F, 0xED, 0x33, 0x63, 0xB3, 0xA4, 0xD8, 0x1D, 
+	0x30, 0xE5, 0xE8, 0xD5, 0x30, 0x81, 0xC9, 0x06, 0x03, 0x55, 
+	0x1D, 0x23, 0x04, 0x81, 0xC1, 0x30, 0x81, 0xBE, 0x80, 0x14, 
+	0x27, 0x8E, 0x67, 0x11, 0x74, 0xC3, 0x26, 0x1D, 0x3F, 0xED, 
+	0x33, 0x63, 0xB3, 0xA4, 0xD8, 0x1D, 0x30, 0xE5, 0xE8, 0xD5, 
+	0xA1, 0x81, 0x9A, 0xA4, 0x81, 0x97, 0x30, 0x81, 0x94, 0x31, 
+	0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 
+	0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 
+	0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 
+	0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 
+	0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x11, 
+	0x30, 0x0F, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x08, 0x53, 
+	0x61, 0x77, 0x74, 0x6F, 0x6F, 0x74, 0x68, 0x31, 0x13, 0x30, 
+	0x11, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x0A, 0x43, 0x6F, 
+	0x6E, 0x73, 0x75, 0x6C, 0x74, 0x69, 0x6E, 0x67, 0x31, 0x18, 
+	0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 
+	0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 
+	0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 
+	0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 
+	0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 
+	0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x09, 0x00, 
+	0xFA, 0x7D, 0x38, 0x9A, 0x73, 0xFB, 0x12, 0x19, 0x30, 0x0C, 
+	0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, 
+	0x01, 0xFF, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 
+	0xF7, 0x0D, 0x01, 0x01, 0x05, 0x05, 0x00, 0x03, 0x82, 0x01, 
+	0x01, 0x00, 0x2C, 0x02, 0x0C, 0xDE, 0xB2, 0x46, 0xA1, 0xD8, 
+	0x59, 0x0F, 0x08, 0x69, 0xAD, 0xD2, 0x52, 0x2E, 0xEE, 0x55, 
+	0x78, 0xBD, 0xBB, 0x71, 0xD2, 0xD7, 0xB7, 0xFE, 0x7B, 0x0F, 
+	0x8A, 0xBC, 0x6A, 0x25, 0xFD, 0xD4, 0x6D, 0x1D, 0xAB, 0x00, 
+	0xE2, 0x9D, 0xD6, 0x98, 0x21, 0x11, 0xA4, 0x41, 0xE0, 0x0D, 
+	0x4B, 0xA4, 0x38, 0x7F, 0x2E, 0x0C, 0xD6, 0x80, 0xDC, 0x30, 
+	0xD7, 0xCF, 0x19, 0x1B, 0x43, 0x2F, 0xE7, 0xB3, 0x99, 0x74, 
+	0x9C, 0xB4, 0x01, 0x69, 0xB1, 0xC3, 0x9B, 0x9F, 0x4A, 0x89, 
+	0x2F, 0x60, 0x38, 0xCB, 0x7C, 0xA1, 0x78, 0x93, 0x38, 0x5C, 
+	0xA8, 0xCA, 0x46, 0x0D, 0x23, 0x2D, 0x99, 0xA3, 0xCF, 0x0A, 
+	0x49, 0x38, 0xEB, 0x07, 0x06, 0x57, 0xCD, 0x4A, 0x55, 0x35, 
+	0x04, 0x08, 0x36, 0x30, 0xCA, 0x75, 0x69, 0x4B, 0x9A, 0x84, 
+	0x08, 0xC9, 0x23, 0x78, 0xA9, 0xF0, 0x80, 0xCE, 0x8A, 0x25, 
+	0xBB, 0x31, 0x07, 0x0E, 0x11, 0xE6, 0x4A, 0x95, 0x8C, 0x53, 
+	0xDF, 0x85, 0xD9, 0x48, 0x45, 0xCB, 0x5A, 0xEF, 0xDE, 0x92, 
+	0xC2, 0x88, 0x0E, 0xDA, 0xFF, 0x31, 0x6B, 0x4E, 0x52, 0x53, 
+	0x5F, 0xF3, 0xA8, 0x3A, 0x42, 0xF8, 0xE1, 0x0D, 0x0A, 0xC0, 
+	0x84, 0xAF, 0xEC, 0x21, 0xB3, 0xA7, 0x98, 0xB0, 0xC8, 0x6B, 
+	0x77, 0x04, 0xEF, 0xF5, 0x06, 0xA5, 0x51, 0x3B, 0x20, 0x6F, 
+	0xBF, 0x55, 0x80, 0x8C, 0xCF, 0xD4, 0x78, 0xEE, 0xA2, 0xD9, 
+	0xE3, 0x52, 0x34, 0x9A, 0x17, 0x3D, 0x87, 0x10, 0x4D, 0x23, 
+	0x21, 0x38, 0x9B, 0x35, 0xF7, 0x18, 0xAC, 0x34, 0xBD, 0x18, 
+	0xAE, 0xA4, 0xE2, 0x32, 0x2F, 0x5D, 0xA4, 0x41, 0x4C, 0xBC, 
+	0xAA, 0x88, 0xB7, 0x9E, 0x45, 0x14, 0x92, 0xE9, 0xE8, 0xEE, 
+	0xFC, 0x1D, 0x28, 0xF5, 0x59, 0xFD, 0xDE, 0xBD, 0x3D, 0x73, 
+	0xDD, 0xB4, 0x9F, 0x2E, 0x77, 0xC0, 0x75, 0x41
+};
+const int sizeof_ca_cert_der_2048 = sizeof(ca_cert_der_2048);
+
+/* ./certs/server-key.der, 2048-bit */
+const unsigned char server_key_der_2048[] =
+{
+	0x30, 0x82, 0x04, 0xA5, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 
+	0x01, 0x00, 0xC0, 0x95, 0x08, 0xE1, 0x57, 0x41, 0xF2, 0x71, 
+	0x6D, 0xB7, 0xD2, 0x45, 0x41, 0x27, 0x01, 0x65, 0xC6, 0x45, 
+	0xAE, 0xF2, 0xBC, 0x24, 0x30, 0xB8, 0x95, 0xCE, 0x2F, 0x4E, 
+	0xD6, 0xF6, 0x1C, 0x88, 0xBC, 0x7C, 0x9F, 0xFB, 0xA8, 0x67, 
+	0x7F, 0xFE, 0x5C, 0x9C, 0x51, 0x75, 0xF7, 0x8A, 0xCA, 0x07, 
+	0xE7, 0x35, 0x2F, 0x8F, 0xE1, 0xBD, 0x7B, 0xC0, 0x2F, 0x7C, 
+	0xAB, 0x64, 0xA8, 0x17, 0xFC, 0xCA, 0x5D, 0x7B, 0xBA, 0xE0, 
+	0x21, 0xE5, 0x72, 0x2E, 0x6F, 0x2E, 0x86, 0xD8, 0x95, 0x73, 
+	0xDA, 0xAC, 0x1B, 0x53, 0xB9, 0x5F, 0x3F, 0xD7, 0x19, 0x0D, 
+	0x25, 0x4F, 0xE1, 0x63, 0x63, 0x51, 0x8B, 0x0B, 0x64, 0x3F, 
+	0xAD, 0x43, 0xB8, 0xA5, 0x1C, 0x5C, 0x34, 0xB3, 0xAE, 0x00, 
+	0xA0, 0x63, 0xC5, 0xF6, 0x7F, 0x0B, 0x59, 0x68, 0x78, 0x73, 
+	0xA6, 0x8C, 0x18, 0xA9, 0x02, 0x6D, 0xAF, 0xC3, 0x19, 0x01, 
+	0x2E, 0xB8, 0x10, 0xE3, 0xC6, 0xCC, 0x40, 0xB4, 0x69, 0xA3, 
+	0x46, 0x33, 0x69, 0x87, 0x6E, 0xC4, 0xBB, 0x17, 0xA6, 0xF3, 
+	0xE8, 0xDD, 0xAD, 0x73, 0xBC, 0x7B, 0x2F, 0x21, 0xB5, 0xFD, 
+	0x66, 0x51, 0x0C, 0xBD, 0x54, 0xB3, 0xE1, 0x6D, 0x5F, 0x1C, 
+	0xBC, 0x23, 0x73, 0xD1, 0x09, 0x03, 0x89, 0x14, 0xD2, 0x10, 
+	0xB9, 0x64, 0xC3, 0x2A, 0xD0, 0xA1, 0x96, 0x4A, 0xBC, 0xE1, 
+	0xD4, 0x1A, 0x5B, 0xC7, 0xA0, 0xC0, 0xC1, 0x63, 0x78, 0x0F, 
+	0x44, 0x37, 0x30, 0x32, 0x96, 0x80, 0x32, 0x23, 0x95, 0xA1, 
+	0x77, 0xBA, 0x13, 0xD2, 0x97, 0x73, 0xE2, 0x5D, 0x25, 0xC9, 
+	0x6A, 0x0D, 0xC3, 0x39, 0x60, 0xA4, 0xB4, 0xB0, 0x69, 0x42, 
+	0x42, 0x09, 0xE9, 0xD8, 0x08, 0xBC, 0x33, 0x20, 0xB3, 0x58, 
+	0x22, 0xA7, 0xAA, 0xEB, 0xC4, 0xE1, 0xE6, 0x61, 0x83, 0xC5, 
+	0xD2, 0x96, 0xDF, 0xD9, 0xD0, 0x4F, 0xAD, 0xD7, 0x02, 0x03, 
+	0x01, 0x00, 0x01, 0x02, 0x82, 0x01, 0x01, 0x00, 0x9A, 0xD0, 
+	0x34, 0x0F, 0x52, 0x62, 0x05, 0x50, 0x01, 0xEF, 0x9F, 0xED, 
+	0x64, 0x6E, 0xC2, 0xC4, 0xDA, 0x1A, 0xF2, 0x84, 0xD7, 0x92, 
+	0x10, 0x48, 0x92, 0xC4, 0xE9, 0x6A, 0xEB, 0x8B, 0x75, 0x6C, 
+	0xC6, 0x79, 0x38, 0xF2, 0xC9, 0x72, 0x4A, 0x86, 0x64, 0x54, 
+	0x95, 0x77, 0xCB, 0xC3, 0x9A, 0x9D, 0xB7, 0xD4, 0x1D, 0xA4, 
+	0x00, 0xC8, 0x9E, 0x4E, 0xE4, 0xDD, 0xC7, 0xBA, 0x67, 0x16, 
+	0xC1, 0x74, 0xBC, 0xA9, 0xD6, 0x94, 0x8F, 0x2B, 0x30, 0x1A, 
+	0xFB, 0xED, 0xDF, 0x21, 0x05, 0x23, 0xD9, 0x4A, 0x39, 0xBD, 
+	0x98, 0x6B, 0x65, 0x9A, 0xB8, 0xDC, 0xC4, 0x7D, 0xEE, 0xA6, 
+	0x43, 0x15, 0x2E, 0x3D, 0xBE, 0x1D, 0x22, 0x60, 0x2A, 0x73, 
+	0x30, 0xD5, 0x3E, 0xD8, 0xA2, 0xAC, 0x86, 0x43, 0x2E, 0xC4, 
+	0xF5, 0x64, 0x5E, 0x3F, 0x89, 0x75, 0x0F, 0x11, 0xD8, 0x51, 
+	0x25, 0x4E, 0x9F, 0xD8, 0xAA, 0xA3, 0xCE, 0x60, 0xB3, 0xE2, 
+	0x8A, 0xD9, 0x7E, 0x1B, 0xF0, 0x64, 0xCA, 0x9A, 0x5B, 0x05, 
+	0x0B, 0x5B, 0xAA, 0xCB, 0xE5, 0xE3, 0x3F, 0x6E, 0x32, 0x22, 
+	0x05, 0xF3, 0xD0, 0xFA, 0xEF, 0x74, 0x52, 0x81, 0xE2, 0x5F, 
+	0x74, 0xD3, 0xBD, 0xFF, 0x31, 0x83, 0x45, 0x75, 0xFA, 0x63, 
+	0x7A, 0x97, 0x2E, 0xD6, 0xB6, 0x19, 0xC6, 0x92, 0x26, 0xE4, 
+	0x28, 0x06, 0x50, 0x50, 0x0E, 0x78, 0x2E, 0xA9, 0x78, 0x0D, 
+	0x14, 0x97, 0xB4, 0x12, 0xD8, 0x31, 0x40, 0xAB, 0xA1, 0x01, 
+	0x41, 0xC2, 0x30, 0xF8, 0x07, 0x5F, 0x16, 0xE4, 0x61, 0x77, 
+	0xD2, 0x60, 0xF2, 0x9F, 0x8D, 0xE8, 0xF4, 0xBA, 0xEB, 0x63, 
+	0xDE, 0x2A, 0x97, 0x81, 0xEF, 0x4C, 0x6C, 0xE6, 0x55, 0x34, 
+	0x51, 0x2B, 0x28, 0x34, 0xF4, 0x53, 0x1C, 0xC4, 0x58, 0x0A, 
+	0x3F, 0xBB, 0xAF, 0xB5, 0xF7, 0x4A, 0x85, 0x43, 0x2D, 0x3C, 
+	0xF1, 0x58, 0x58, 0x81, 0x02, 0x81, 0x81, 0x00, 0xF2, 0x2C, 
+	0x54, 0x76, 0x39, 0x23, 0x63, 0xC9, 0x10, 0x32, 0xB7, 0x93, 
+	0xAD, 0xAF, 0xBE, 0x19, 0x75, 0x96, 0x81, 0x64, 0xE6, 0xB5, 
+	0xB8, 0x89, 0x42, 0x41, 0xD1, 0x6D, 0xD0, 0x1C, 0x1B, 0xF8, 
+	0x1B, 0xAC, 0x69, 0xCB, 0x36, 0x3C, 0x64, 0x7D, 0xDC, 0xF4, 
+	0x19, 0xB8, 0xC3, 0x60, 0xB1, 0x57, 0x48, 0x5F, 0x52, 0x4F, 
+	0x59, 0x3A, 0x55, 0x7F, 0x32, 0xC0, 0x19, 0x43, 0x50, 0x3F, 
+	0xAE, 0xCE, 0x6F, 0x17, 0xF3, 0x0E, 0x9F, 0x40, 0xCA, 0x4E, 
+	0xAD, 0x15, 0x3B, 0xC9, 0x79, 0xE9, 0xC0, 0x59, 0x38, 0x73, 
+	0x70, 0x9C, 0x0A, 0x7C, 0xC9, 0x3A, 0x48, 0x32, 0xA7, 0xD8, 
+	0x49, 0x75, 0x0A, 0x85, 0xC2, 0xC2, 0xFD, 0x15, 0x73, 0xDA, 
+	0x99, 0x09, 0x2A, 0x69, 0x9A, 0x9F, 0x0A, 0x71, 0xBF, 0xB0, 
+	0x04, 0xA6, 0x8C, 0x7A, 0x5A, 0x6F, 0x48, 0x5A, 0x54, 0x3B, 
+	0xC6, 0xB1, 0x53, 0x17, 0xDF, 0xE7, 0x02, 0x81, 0x81, 0x00, 
+	0xCB, 0x93, 0xDE, 0x77, 0x15, 0x5D, 0xB7, 0x5C, 0x5C, 0x7C, 
+	0xD8, 0x90, 0xA9, 0x98, 0x2D, 0xD6, 0x69, 0x0E, 0x63, 0xB3, 
+	0xA3, 0xDC, 0xA6, 0xCC, 0x8B, 0x6A, 0xA4, 0xA2, 0x12, 0x8C, 
+	0x8E, 0x7B, 0x48, 0x2C, 0xB2, 0x4B, 0x37, 0xDC, 0x06, 0x18, 
+	0x7D, 0xEA, 0xFE, 0x76, 0xA1, 0xD4, 0xA1, 0xE9, 0x3F, 0x0D, 
+	0xCD, 0x1B, 0x5F, 0xAF, 0x5F, 0x9E, 0x96, 0x5B, 0x5B, 0x0F, 
+	0xA1, 0x7C, 0xAF, 0xB3, 0x9B, 0x90, 0xDB, 0x57, 0x73, 0x3A, 
+	0xED, 0xB0, 0x23, 0x44, 0xAE, 0x41, 0x4F, 0x1F, 0x07, 0x42, 
+	0x13, 0x23, 0x4C, 0xCB, 0xFA, 0xF4, 0x14, 0xA4, 0xD5, 0xF7, 
+	0x9E, 0x36, 0x7C, 0x5B, 0x9F, 0xA8, 0x3C, 0xC1, 0x85, 0x5F, 
+	0x74, 0xD2, 0x39, 0x2D, 0xFF, 0xD0, 0x84, 0xDF, 0xFB, 0xB3, 
+	0x20, 0x7A, 0x2E, 0x9B, 0x17, 0xAE, 0xE6, 0xBA, 0x0B, 0xAE, 
+	0x5F, 0x53, 0xA4, 0x52, 0xED, 0x1B, 0xC4, 0x91, 0x02, 0x81, 
+	0x81, 0x00, 0xEC, 0x98, 0xDA, 0xBB, 0xD5, 0xFE, 0xF9, 0x52, 
+	0x4A, 0x7D, 0x02, 0x55, 0x49, 0x6F, 0x55, 0x6E, 0x52, 0x2F, 
+	0x84, 0xA3, 0x2B, 0xB3, 0x86, 0x62, 0xB3, 0x54, 0xD2, 0x63, 
+	0x52, 0xDA, 0xE3, 0x88, 0x76, 0xA0, 0xEF, 0x8B, 0x15, 0xA5, 
+	0xD3, 0x18, 0x14, 0x72, 0x77, 0x5E, 0xC7, 0xA3, 0x04, 0x1F, 
+	0x9E, 0x19, 0x62, 0xB5, 0x1B, 0x1B, 0x9E, 0xC3, 0xF2, 0xB5, 
+	0x32, 0xF9, 0x4C, 0xC1, 0xAA, 0xEB, 0x0C, 0x26, 0x7D, 0xD4, 
+	0x5F, 0x4A, 0x51, 0x5C, 0xA4, 0x45, 0x06, 0x70, 0x44, 0xA7, 
+	0x56, 0xC0, 0xD4, 0x22, 0x14, 0x76, 0x9E, 0xD8, 0x63, 0x50, 
+	0x89, 0x90, 0xD3, 0xE2, 0xBF, 0x81, 0x95, 0x92, 0x31, 0x41, 
+	0x87, 0x39, 0x1A, 0x43, 0x0B, 0x18, 0xA5, 0x53, 0x1F, 0x39, 
+	0x1A, 0x5F, 0x1F, 0x43, 0xBC, 0x87, 0x6A, 0xDF, 0x6E, 0xD3, 
+	0x22, 0x00, 0xFE, 0x22, 0x98, 0x70, 0x4E, 0x1A, 0x19, 0x29, 
+	0x02, 0x81, 0x81, 0x00, 0x8A, 0x41, 0x56, 0x28, 0x51, 0x9E, 
+	0x5F, 0xD4, 0x9E, 0x0B, 0x3B, 0x98, 0xA3, 0x54, 0xF2, 0x6C, 
+	0x56, 0xD4, 0xAA, 0xE9, 0x69, 0x33, 0x85, 0x24, 0x0C, 0xDA, 
+	0xD4, 0x0C, 0x2D, 0xC4, 0xBF, 0x4F, 0x02, 0x69, 0x38, 0x7C, 
+	0xD4, 0xE6, 0xDC, 0x4C, 0xED, 0xD7, 0x16, 0x11, 0xC3, 0x3E, 
+	0x00, 0xE7, 0xC3, 0x26, 0xC0, 0x51, 0x02, 0xDE, 0xBB, 0x75, 
+	0x9C, 0x6F, 0x56, 0x9C, 0x7A, 0xF3, 0x8E, 0xEF, 0xCF, 0x8A, 
+	0xC5, 0x2B, 0xD2, 0xDA, 0x06, 0x6A, 0x44, 0xC9, 0x73, 0xFE, 
+	0x6E, 0x99, 0x87, 0xF8, 0x5B, 0xBE, 0xF1, 0x7C, 0xE6, 0x65, 
+	0xB5, 0x4F, 0x6C, 0xF0, 0xC9, 0xC5, 0xFF, 0x16, 0xCA, 0x8B, 
+	0x1B, 0x17, 0xE2, 0x58, 0x3D, 0xA2, 0x37, 0xAB, 0x01, 0xBC, 
+	0xBF, 0x40, 0xCE, 0x53, 0x8C, 0x8E, 0xED, 0xEF, 0xEE, 0x59, 
+	0x9D, 0xE0, 0x63, 0xE6, 0x7C, 0x5E, 0xF5, 0x8E, 0x4B, 0xF1, 
+	0x3B, 0xC1, 0x02, 0x81, 0x80, 0x4D, 0x45, 0xF9, 0x40, 0x8C, 
+	0xC5, 0x5B, 0xF4, 0x2A, 0x1A, 0x8A, 0xB4, 0xF2, 0x1C, 0xAC, 
+	0x6B, 0xE9, 0x0C, 0x56, 0x36, 0xB7, 0x4E, 0x72, 0x96, 0xD5, 
+	0xE5, 0x8A, 0xD2, 0xE2, 0xFF, 0xF1, 0xF1, 0x18, 0x13, 0x3D, 
+	0x86, 0x09, 0xB8, 0xD8, 0x76, 0xA7, 0xC9, 0x1C, 0x71, 0x52, 
+	0x94, 0x30, 0x43, 0xE0, 0xF1, 0x78, 0x74, 0xFD, 0x61, 0x1B, 
+	0x4C, 0x09, 0xCC, 0xE6, 0x68, 0x2A, 0x71, 0xAD, 0x1C, 0xDF, 
+	0x43, 0xBC, 0x56, 0xDB, 0xA5, 0xA4, 0xBE, 0x35, 0x70, 0xA4, 
+	0x5E, 0xCF, 0x4F, 0xFC, 0x00, 0x55, 0x99, 0x3A, 0x3D, 0x23, 
+	0xCF, 0x67, 0x5A, 0xF5, 0x22, 0xF8, 0xB5, 0x29, 0xD0, 0x44, 
+	0x11, 0xEB, 0x35, 0x2E, 0x46, 0xBE, 0xFD, 0x8E, 0x18, 0xB2, 
+	0x5F, 0xA8, 0xBF, 0x19, 0x32, 0xA1, 0xF5, 0xDC, 0x03, 0xE6, 
+	0x7C, 0x9A, 0x1F, 0x0C, 0x7C, 0xA9, 0xB0, 0x0E, 0x21, 0x37, 
+	0x3B, 0xF1, 0xB0
+};
+const int sizeof_server_key_der_2048 = sizeof(server_key_der_2048);
+
+/* ./certs/server-cert.der, 2048-bit */
+const unsigned char server_cert_der_2048[] =
+{
+	0x30, 0x82, 0x04, 0x9E, 0x30, 0x82, 0x03, 0x86, 0xA0, 0x03, 
+	0x02, 0x01, 0x02, 0x02, 0x01, 0x01, 0x30, 0x0D, 0x06, 0x09, 
+	0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x05, 0x05, 
+	0x00, 0x30, 0x81, 0x94, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 
+	0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 
+	0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 
+	0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 
+	0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 
+	0x6D, 0x61, 0x6E, 0x31, 0x11, 0x30, 0x0F, 0x06, 0x03, 0x55, 
+	0x04, 0x0A, 0x0C, 0x08, 0x53, 0x61, 0x77, 0x74, 0x6F, 0x6F, 
+	0x74, 0x68, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 
+	0x0B, 0x0C, 0x0A, 0x43, 0x6F, 0x6E, 0x73, 0x75, 0x6C, 0x74, 
+	0x69, 0x6E, 0x67, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 
+	0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 
+	0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 
+	0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 
+	0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 
+	0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 
+	0x6F, 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x31, 0x35, 0x30, 0x32, 
+	0x30, 0x35, 0x30, 0x36, 0x33, 0x33, 0x33, 0x30, 0x5A, 0x17, 
+	0x0D, 0x31, 0x37, 0x31, 0x31, 0x30, 0x31, 0x30, 0x36, 0x33, 
+	0x33, 0x33, 0x30, 0x5A, 0x30, 0x81, 0x90, 0x31, 0x0B, 0x30, 
+	0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 
+	0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 
+	0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 
+	0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 
+	0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x10, 0x30, 0x0E, 
+	0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x07, 0x77, 0x6F, 0x6C, 
+	0x66, 0x53, 0x53, 0x4C, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 
+	0x55, 0x04, 0x0B, 0x0C, 0x07, 0x53, 0x75, 0x70, 0x70, 0x6F, 
+	0x72, 0x74, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 
+	0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 
+	0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 
+	0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 
+	0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 
+	0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 
+	0x6D, 0x30, 0x82, 0x01, 0x22, 0x30, 0x0D, 0x06, 0x09, 0x2A, 
+	0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, 0x05, 0x00, 
+	0x03, 0x82, 0x01, 0x0F, 0x00, 0x30, 0x82, 0x01, 0x0A, 0x02, 
+	0x82, 0x01, 0x01, 0x00, 0xC0, 0x95, 0x08, 0xE1, 0x57, 0x41, 
+	0xF2, 0x71, 0x6D, 0xB7, 0xD2, 0x45, 0x41, 0x27, 0x01, 0x65, 
+	0xC6, 0x45, 0xAE, 0xF2, 0xBC, 0x24, 0x30, 0xB8, 0x95, 0xCE, 
+	0x2F, 0x4E, 0xD6, 0xF6, 0x1C, 0x88, 0xBC, 0x7C, 0x9F, 0xFB, 
+	0xA8, 0x67, 0x7F, 0xFE, 0x5C, 0x9C, 0x51, 0x75, 0xF7, 0x8A, 
+	0xCA, 0x07, 0xE7, 0x35, 0x2F, 0x8F, 0xE1, 0xBD, 0x7B, 0xC0, 
+	0x2F, 0x7C, 0xAB, 0x64, 0xA8, 0x17, 0xFC, 0xCA, 0x5D, 0x7B, 
+	0xBA, 0xE0, 0x21, 0xE5, 0x72, 0x2E, 0x6F, 0x2E, 0x86, 0xD8, 
+	0x95, 0x73, 0xDA, 0xAC, 0x1B, 0x53, 0xB9, 0x5F, 0x3F, 0xD7, 
+	0x19, 0x0D, 0x25, 0x4F, 0xE1, 0x63, 0x63, 0x51, 0x8B, 0x0B, 
+	0x64, 0x3F, 0xAD, 0x43, 0xB8, 0xA5, 0x1C, 0x5C, 0x34, 0xB3, 
+	0xAE, 0x00, 0xA0, 0x63, 0xC5, 0xF6, 0x7F, 0x0B, 0x59, 0x68, 
+	0x78, 0x73, 0xA6, 0x8C, 0x18, 0xA9, 0x02, 0x6D, 0xAF, 0xC3, 
+	0x19, 0x01, 0x2E, 0xB8, 0x10, 0xE3, 0xC6, 0xCC, 0x40, 0xB4, 
+	0x69, 0xA3, 0x46, 0x33, 0x69, 0x87, 0x6E, 0xC4, 0xBB, 0x17, 
+	0xA6, 0xF3, 0xE8, 0xDD, 0xAD, 0x73, 0xBC, 0x7B, 0x2F, 0x21, 
+	0xB5, 0xFD, 0x66, 0x51, 0x0C, 0xBD, 0x54, 0xB3, 0xE1, 0x6D, 
+	0x5F, 0x1C, 0xBC, 0x23, 0x73, 0xD1, 0x09, 0x03, 0x89, 0x14, 
+	0xD2, 0x10, 0xB9, 0x64, 0xC3, 0x2A, 0xD0, 0xA1, 0x96, 0x4A, 
+	0xBC, 0xE1, 0xD4, 0x1A, 0x5B, 0xC7, 0xA0, 0xC0, 0xC1, 0x63, 
+	0x78, 0x0F, 0x44, 0x37, 0x30, 0x32, 0x96, 0x80, 0x32, 0x23, 
+	0x95, 0xA1, 0x77, 0xBA, 0x13, 0xD2, 0x97, 0x73, 0xE2, 0x5D, 
+	0x25, 0xC9, 0x6A, 0x0D, 0xC3, 0x39, 0x60, 0xA4, 0xB4, 0xB0, 
+	0x69, 0x42, 0x42, 0x09, 0xE9, 0xD8, 0x08, 0xBC, 0x33, 0x20, 
+	0xB3, 0x58, 0x22, 0xA7, 0xAA, 0xEB, 0xC4, 0xE1, 0xE6, 0x61, 
+	0x83, 0xC5, 0xD2, 0x96, 0xDF, 0xD9, 0xD0, 0x4F, 0xAD, 0xD7, 
+	0x02, 0x03, 0x01, 0x00, 0x01, 0xA3, 0x81, 0xFC, 0x30, 0x81, 
+	0xF9, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, 0x04, 0x16, 
+	0x04, 0x14, 0xB3, 0x11, 0x32, 0xC9, 0x92, 0x98, 0x84, 0xE2, 
+	0xC9, 0xF8, 0xD0, 0x3B, 0x6E, 0x03, 0x42, 0xCA, 0x1F, 0x0E, 
+	0x8E, 0x3C, 0x30, 0x81, 0xC9, 0x06, 0x03, 0x55, 0x1D, 0x23, 
+	0x04, 0x81, 0xC1, 0x30, 0x81, 0xBE, 0x80, 0x14, 0x27, 0x8E, 
+	0x67, 0x11, 0x74, 0xC3, 0x26, 0x1D, 0x3F, 0xED, 0x33, 0x63, 
+	0xB3, 0xA4, 0xD8, 0x1D, 0x30, 0xE5, 0xE8, 0xD5, 0xA1, 0x81, 
+	0x9A, 0xA4, 0x81, 0x97, 0x30, 0x81, 0x94, 0x31, 0x0B, 0x30, 
+	0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 
+	0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 
+	0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 
+	0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 
+	0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x11, 0x30, 0x0F, 
+	0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x08, 0x53, 0x61, 0x77, 
+	0x74, 0x6F, 0x6F, 0x74, 0x68, 0x31, 0x13, 0x30, 0x11, 0x06, 
+	0x03, 0x55, 0x04, 0x0B, 0x0C, 0x0A, 0x43, 0x6F, 0x6E, 0x73, 
+	0x75, 0x6C, 0x74, 0x69, 0x6E, 0x67, 0x31, 0x18, 0x30, 0x16, 
+	0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 
+	0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 
+	0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 
+	0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 
+	0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 
+	0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x09, 0x00, 0xFA, 0x7D, 
+	0x38, 0x9A, 0x73, 0xFB, 0x12, 0x19, 0x30, 0x0C, 0x06, 0x03, 
+	0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0xFF, 
+	0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 
+	0x01, 0x01, 0x05, 0x05, 0x00, 0x03, 0x82, 0x01, 0x01, 0x00, 
+	0x4E, 0x0E, 0x2C, 0xDE, 0xAB, 0xBB, 0xE9, 0x9E, 0xAB, 0x65, 
+	0x0F, 0xC8, 0x9A, 0xDA, 0xCA, 0xAE, 0xA7, 0x87, 0x3F, 0x15, 
+	0x06, 0xEE, 0x7D, 0x22, 0x88, 0x8E, 0xB0, 0x88, 0xFC, 0xB8, 
+	0xB4, 0x69, 0x39, 0xBF, 0xCA, 0x49, 0x65, 0x75, 0x01, 0x90, 
+	0x85, 0x8B, 0xAF, 0x08, 0xF1, 0xCE, 0xAC, 0x2E, 0xAD, 0x30, 
+	0x34, 0x80, 0x58, 0x77, 0xEE, 0xBC, 0xBB, 0x9B, 0x74, 0xC2, 
+	0x9C, 0x91, 0xB5, 0x93, 0xE2, 0xF1, 0x33, 0x83, 0xB8, 0x0B, 
+	0x7E, 0x0C, 0x58, 0x0F, 0x2E, 0x91, 0xD0, 0xFB, 0x53, 0xF4, 
+	0x68, 0xD7, 0x36, 0x24, 0x85, 0xEC, 0xD6, 0x23, 0x5B, 0x8E, 
+	0x7E, 0x3B, 0x76, 0x6A, 0xA1, 0x60, 0xC0, 0x29, 0xA5, 0x2E, 
+	0xBB, 0xE9, 0x02, 0xBD, 0xBC, 0xA5, 0x6B, 0xCB, 0x3D, 0xFD, 
+	0xA5, 0xD3, 0x66, 0x84, 0x76, 0x58, 0x46, 0x7A, 0x09, 0x31, 
+	0xB5, 0xB9, 0x43, 0xBB, 0x35, 0x13, 0x1F, 0x32, 0x21, 0x94, 
+	0xC4, 0x08, 0xE7, 0x16, 0xAB, 0x29, 0xDA, 0xBF, 0x8D, 0xD1, 
+	0x30, 0xA9, 0xA0, 0xEF, 0xA6, 0xDA, 0xFA, 0xF0, 0x50, 0x21, 
+	0x6F, 0xE9, 0x37, 0xA6, 0x87, 0x63, 0x8A, 0x7C, 0x68, 0x74, 
+	0xAB, 0x33, 0x39, 0x1F, 0xEA, 0xD1, 0xCE, 0x2C, 0x7F, 0xB5, 
+	0xEB, 0x4A, 0x51, 0x9C, 0xBA, 0xB5, 0xC2, 0x20, 0xE5, 0x5F, 
+	0xD4, 0x70, 0x28, 0xA9, 0x80, 0x08, 0xEB, 0x8D, 0x3E, 0xEE, 
+	0xFB, 0x71, 0x47, 0x96, 0x2A, 0x2D, 0xC7, 0x79, 0x0E, 0xA7, 
+	0xF9, 0xBA, 0x24, 0x79, 0xFB, 0xA5, 0x2F, 0xC5, 0xEB, 0x91, 
+	0xB2, 0x18, 0x5F, 0x6D, 0xC1, 0x18, 0xD8, 0x68, 0x95, 0x12, 
+	0xCC, 0x68, 0xF9, 0xD1, 0x06, 0x86, 0xB1, 0x48, 0xB0, 0x5A, 
+	0x00, 0xB5, 0x04, 0x2E, 0x50, 0x37, 0xBC, 0x2F, 0xF5, 0x57, 
+	0xD2, 0x49, 0x17, 0x43, 0x5D, 0x2F, 0x64, 0x01, 0x3B, 0x6A, 
+	0x09, 0x44, 0xA6, 0xE2, 0x1E, 0x04
+};
+const int sizeof_server_cert_der_2048 = sizeof(server_cert_der_2048);
+
+#endif /* USE_CERT_BUFFERS_1024 */
+
+#endif /* CYASSL_CERTS_TEST_H */
+
diff --git a/3P/wolfssl/wolfssl/crl.h b/3P/wolfssl/wolfssl/crl.h
new file mode 100644
index 00000000..05c039aa
--- /dev/null
+++ b/3P/wolfssl/wolfssl/crl.h
@@ -0,0 +1,51 @@
+/* crl.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#ifndef WOLFSSL_CRL_H
+#define WOLFSSL_CRL_H
+
+
+#ifdef HAVE_CRL
+
+#include 
+#include 
+
+#ifdef __cplusplus
+    extern "C" {
+#endif
+
+typedef struct WOLFSSL_CRL WOLFSSL_CRL;
+
+WOLFSSL_LOCAL int  InitCRL(WOLFSSL_CRL*, WOLFSSL_CERT_MANAGER*);
+WOLFSSL_LOCAL void FreeCRL(WOLFSSL_CRL*, int dynamic);
+
+WOLFSSL_LOCAL int  LoadCRL(WOLFSSL_CRL* crl, const char* path, int type, int mon);
+WOLFSSL_LOCAL int  BufferLoadCRL(WOLFSSL_CRL*, const byte*, long, int);
+WOLFSSL_LOCAL int  CheckCertCRL(WOLFSSL_CRL*, DecodedCert*);
+
+
+#ifdef __cplusplus
+    }  /* extern "C" */
+#endif
+
+#endif /* HAVE_CRL */
+#endif /* WOLFSSL_CRL_H */
diff --git a/3P/wolfssl/wolfssl/error-ssl.h b/3P/wolfssl/wolfssl/error-ssl.h
new file mode 100644
index 00000000..a245c2a5
--- /dev/null
+++ b/3P/wolfssl/wolfssl/error-ssl.h
@@ -0,0 +1,162 @@
+/* error-ssl.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#ifndef WOLFSSL_ERROR_H
+#define WOLFSSL_ERROR_H
+
+#include    /* pull in CTaoCrypt errors */
+
+#ifdef __cplusplus
+    extern "C" {
+#endif
+
+enum wolfSSL_ErrorCodes {
+    INPUT_CASE_ERROR        = -301,        /* process input state error */
+    PREFIX_ERROR            = -302,        /* bad index to key rounds  */
+    MEMORY_ERROR            = -303,        /* out of memory            */
+    VERIFY_FINISHED_ERROR   = -304,        /* verify problem on finished */
+    VERIFY_MAC_ERROR        = -305,        /* verify mac problem       */
+    PARSE_ERROR             = -306,        /* parse error on header    */
+    UNKNOWN_HANDSHAKE_TYPE  = -307,        /* weird handshake type     */
+    SOCKET_ERROR_E          = -308,        /* error state on socket    */
+    SOCKET_NODATA           = -309,        /* expected data, not there */
+    INCOMPLETE_DATA         = -310,        /* don't have enough data to
+                                              complete task            */
+    UNKNOWN_RECORD_TYPE     = -311,        /* unknown type in record hdr */
+    DECRYPT_ERROR           = -312,        /* error during decryption  */
+    FATAL_ERROR             = -313,        /* recvd alert fatal error  */
+    ENCRYPT_ERROR           = -314,        /* error during encryption  */
+    FREAD_ERROR             = -315,        /* fread problem            */
+    NO_PEER_KEY             = -316,        /* need peer's key          */
+    NO_PRIVATE_KEY          = -317,        /* need the private key     */
+    RSA_PRIVATE_ERROR       = -318,        /* error during rsa priv op */
+    NO_DH_PARAMS            = -319,        /* server missing DH params */
+    BUILD_MSG_ERROR         = -320,        /* build message failure    */
+
+    BAD_HELLO               = -321,        /* client hello malformed   */
+    DOMAIN_NAME_MISMATCH    = -322,        /* peer subject name mismatch */
+    WANT_READ               = -323,        /* want read, call again    */
+    NOT_READY_ERROR         = -324,        /* handshake layer not ready */
+    PMS_VERSION_ERROR       = -325,        /* pre m secret version error */
+    VERSION_ERROR           = -326,        /* record layer version error */
+    WANT_WRITE              = -327,        /* want write, call again   */
+    BUFFER_ERROR            = -328,        /* malformed buffer input   */
+    VERIFY_CERT_ERROR       = -329,        /* verify cert error        */
+    VERIFY_SIGN_ERROR       = -330,        /* verify sign error        */
+    CLIENT_ID_ERROR         = -331,        /* psk client identity error  */
+    SERVER_HINT_ERROR       = -332,        /* psk server hint error  */
+    PSK_KEY_ERROR           = -333,        /* psk key error  */
+    ZLIB_INIT_ERROR         = -334,        /* zlib init error  */
+    ZLIB_COMPRESS_ERROR     = -335,        /* zlib compression error  */
+    ZLIB_DECOMPRESS_ERROR   = -336,        /* zlib decompression error  */
+
+    GETTIME_ERROR           = -337,        /* gettimeofday failed ??? */
+    GETITIMER_ERROR         = -338,        /* getitimer failed ??? */
+    SIGACT_ERROR            = -339,        /* sigaction failed ??? */
+    SETITIMER_ERROR         = -340,        /* setitimer failed ??? */
+    LENGTH_ERROR            = -341,        /* record layer length error */
+    PEER_KEY_ERROR          = -342,        /* can't decode peer key */
+    ZERO_RETURN             = -343,        /* peer sent close notify */
+    SIDE_ERROR              = -344,        /* wrong client/server type */
+    NO_PEER_CERT            = -345,        /* peer didn't send key */
+    NTRU_KEY_ERROR          = -346,        /* NTRU key error  */
+    NTRU_DRBG_ERROR         = -347,        /* NTRU drbg error  */
+    NTRU_ENCRYPT_ERROR      = -348,        /* NTRU encrypt error  */
+    NTRU_DECRYPT_ERROR      = -349,        /* NTRU decrypt error  */
+    ECC_CURVETYPE_ERROR     = -350,        /* Bad ECC Curve Type */
+    ECC_CURVE_ERROR         = -351,        /* Bad ECC Curve */
+    ECC_PEERKEY_ERROR       = -352,        /* Bad Peer ECC Key */
+    ECC_MAKEKEY_ERROR       = -353,        /* Bad Make ECC Key */
+    ECC_EXPORT_ERROR        = -354,        /* Bad ECC Export Key */
+    ECC_SHARED_ERROR        = -355,        /* Bad ECC Shared Secret */
+    NOT_CA_ERROR            = -357,        /* Not a CA cert error */
+    BAD_PATH_ERROR          = -358,        /* Bad path for opendir */
+    BAD_CERT_MANAGER_ERROR  = -359,        /* Bad Cert Manager */
+    OCSP_CERT_REVOKED       = -360,        /* OCSP Certificate revoked */
+    CRL_CERT_REVOKED        = -361,        /* CRL Certificate revoked */
+    CRL_MISSING             = -362,        /* CRL Not loaded */
+    MONITOR_RUNNING_E       = -363,        /* CRL Monitor already running */
+    THREAD_CREATE_E         = -364,        /* Thread Create Error */
+    OCSP_NEED_URL           = -365,        /* OCSP need an URL for lookup */
+    OCSP_CERT_UNKNOWN       = -366,        /* OCSP responder doesn't know */
+    OCSP_LOOKUP_FAIL        = -367,        /* OCSP lookup not successful */
+    MAX_CHAIN_ERROR         = -368,        /* max chain depth exceeded */
+    COOKIE_ERROR            = -369,        /* dtls cookie error */
+    SEQUENCE_ERROR          = -370,        /* dtls sequence error */
+    SUITES_ERROR            = -371,        /* suites pointer error */
+    SSL_NO_PEM_HEADER       = -372,        /* no PEM header found */
+    OUT_OF_ORDER_E          = -373,        /* out of order message */
+    BAD_KEA_TYPE_E          = -374,        /* bad KEA type found */
+    SANITY_CIPHER_E         = -375,        /* sanity check on cipher error */
+    RECV_OVERFLOW_E         = -376,        /* RXCB returned more than rqed */
+    GEN_COOKIE_E            = -377,        /* Generate Cookie Error */
+    NO_PEER_VERIFY          = -378,        /* Need peer cert verify Error */
+    FWRITE_ERROR            = -379,        /* fwrite problem */
+    CACHE_MATCH_ERROR       = -380,        /* chache hdr match error */
+    UNKNOWN_SNI_HOST_NAME_E = -381,        /* Unrecognized host name Error */
+    UNKNOWN_MAX_FRAG_LEN_E  = -382,        /* Unrecognized max frag len Error */
+    KEYUSE_SIGNATURE_E      = -383,        /* KeyUse digSignature error */
+    KEYUSE_ENCIPHER_E       = -385,        /* KeyUse keyEncipher error */
+    EXTKEYUSE_AUTH_E        = -386,        /* ExtKeyUse server|client_auth */
+    SEND_OOB_READ_E         = -387,        /* Send Cb out of bounds read */
+    SECURE_RENEGOTIATION_E  = -388,        /* Invalid Renegotiation Info */
+    SESSION_TICKET_LEN_E    = -389,        /* Session Ticket too large */
+    SESSION_TICKET_EXPECT_E = -390,        /* Session Ticket missing   */
+    SCR_DIFFERENT_CERT_E    = -391,        /* SCR Different cert error  */
+    SESSION_SECRET_CB_E     = -392,        /* Session secret Cb fcn failure */
+    NO_CHANGE_CIPHER_E      = -393,        /* Finished before change cipher */
+    SANITY_MSG_E            = -394,        /* Sanity check on msg order error */
+    DUPLICATE_MSG_E         = -395,        /* Duplicate message error */
+    SNI_UNSUPPORTED         = -396,        /* SSL 3.0 does not support SNI */
+
+    /* add strings to SetErrorString !!!!! */
+
+    /* begin negotiation parameter errors */
+    UNSUPPORTED_SUITE       = -500,        /* unsupported cipher suite */
+    MATCH_SUITE_ERROR       = -501         /* can't match cipher suite */
+    /* end negotiation parameter errors only 10 for now */
+    /* add strings to SetErrorString !!!!! */
+
+    /* no error stings go down here, add above negotiation errors !!!! */
+};
+
+
+#ifdef WOLFSSL_CALLBACKS
+    enum {
+        MIN_PARAM_ERR = UNSUPPORTED_SUITE,
+        MAX_PARAM_ERR = MIN_PARAM_ERR - 10
+    };
+#endif
+
+
+WOLFSSL_LOCAL
+void SetErrorString(int err, char* buff);
+
+
+#ifdef __cplusplus
+    }  /* extern "C" */
+#endif
+
+
+#endif /* wolfSSL_ERROR_H */
+
+
diff --git a/3P/wolfssl/wolfssl/include.am b/3P/wolfssl/wolfssl/include.am
new file mode 100644
index 00000000..a02488fc
--- /dev/null
+++ b/3P/wolfssl/wolfssl/include.am
@@ -0,0 +1,25 @@
+# vim:ft=automake
+# All paths should be given relative to the root
+#
+
+include wolfssl/wolfcrypt/include.am
+include wolfssl/openssl/include.am
+
+EXTRA_DIST+= wolfssl/sniffer_error.rc
+
+nobase_include_HEADERS+= \
+                         wolfssl/error-ssl.h \
+                         wolfssl/ssl.h \
+                         wolfssl/sniffer_error.h \
+                         wolfssl/sniffer.h \
+                         wolfssl/callbacks.h \
+                         wolfssl/certs_test.h \
+                         wolfssl/test.h \
+                         wolfssl/version.h \
+                         wolfssl/options.h \
+                         wolfssl/ocsp.h \
+                         wolfssl/crl.h
+
+noinst_HEADERS+= \
+                         wolfssl/internal.h
+
diff --git a/3P/wolfssl/wolfssl/internal.h b/3P/wolfssl/wolfssl/internal.h
new file mode 100644
index 00000000..c263fc76
--- /dev/null
+++ b/3P/wolfssl/wolfssl/internal.h
@@ -0,0 +1,2394 @@
+/* internal.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as wolfSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#ifndef WOLFSSL_INT_H
+#define WOLFSSL_INT_H
+
+
+#include 
+#include 
+#ifdef HAVE_CRL
+    #include 
+#endif
+#include 
+#ifndef NO_DES3
+    #include 
+#endif
+#ifndef NO_HC128
+    #include 
+#endif
+#ifndef NO_RABBIT
+    #include 
+#endif
+#ifdef HAVE_CHACHA
+    #include 
+#endif
+#ifndef NO_ASN
+    #include 
+#endif
+#ifndef NO_MD5
+    #include 
+#endif
+#ifndef NO_SHA
+    #include 
+#endif
+#ifndef NO_AES
+    #include 
+#endif
+#ifdef HAVE_POLY1305
+    #include 
+#endif
+#ifdef HAVE_CAMELLIA
+    #include 
+#endif
+#include 
+#ifndef NO_HMAC
+    #include 
+#endif
+#ifndef NO_RC4
+    #include 
+#endif
+#ifdef HAVE_ECC
+    #include 
+#endif
+#ifndef NO_SHA256
+    #include 
+#endif
+#ifdef HAVE_OCSP
+    #include 
+#endif
+#ifdef WOLFSSL_SHA512
+    #include 
+#endif
+
+#ifdef HAVE_AESGCM
+    #include 
+#endif
+
+#ifdef WOLFSSL_RIPEMD
+    #include 
+#endif
+
+#ifdef WOLFSSL_CALLBACKS
+    #include 
+    #include 
+#endif
+
+#ifdef USE_WINDOWS_API
+    #ifdef WOLFSSL_GAME_BUILD
+        #include "system/xtl.h"
+    #else
+        #if defined(_WIN32_WCE) || defined(WIN32_LEAN_AND_MEAN)
+            /* On WinCE winsock2.h must be included before windows.h */
+            #include 
+        #endif
+        #include 
+    #endif
+#elif defined(THREADX)
+    #ifndef SINGLE_THREADED
+        #include "tx_api.h"
+    #endif
+#elif defined(MICRIUM)
+    /* do nothing, just don't pick Unix */
+#elif defined(FREERTOS) || defined(WOLFSSL_SAFERTOS)
+    /* do nothing */
+#elif defined(EBSNET)
+    /* do nothing */
+#elif defined(FREESCALE_MQX)
+    /* do nothing */
+#elif defined(WOLFSSL_MDK_ARM)
+    #if defined(WOLFSSL_MDK5)
+         #include "cmsis_os.h"
+    #else
+        #include 
+    #endif
+#elif defined(MBED)
+#elif defined(WOLFSSL_TIRTOS)
+    /* do nothing */
+#else
+    #ifndef SINGLE_THREADED
+        #define WOLFSSL_PTHREADS
+        #include 
+    #endif
+    #if defined(OPENSSL_EXTRA) || defined(GOAHEAD_WS)
+        #include       /* for close of BIO */
+    #endif
+#endif
+
+
+#ifdef HAVE_LIBZ
+    #include "zlib.h"
+#endif
+
+#ifdef _MSC_VER
+    /* 4996 warning to use MS extensions e.g., strcpy_s instead of strncpy */
+    #pragma warning(disable: 4996)
+#endif
+
+#ifdef NO_AES
+    #if !defined (ALIGN16)
+        #define ALIGN16
+    #endif
+#endif
+
+#ifdef NO_SHA
+    #define SHA_DIGEST_SIZE 20
+#endif
+
+#ifdef NO_SHA256
+    #define SHA256_DIGEST_SIZE 32
+#endif
+
+#ifdef NO_MD5
+    #define MD5_DIGEST_SIZE 16
+#endif
+
+
+#ifdef __cplusplus
+    extern "C" {
+#endif
+
+
+#ifdef USE_WINDOWS_API
+    typedef unsigned int SOCKET_T;
+#else
+    typedef int SOCKET_T;
+#endif
+
+
+typedef byte word24[3];
+
+/* Define or comment out the cipher suites you'd like to be compiled in
+   make sure to use at least one BUILD_SSL_xxx or BUILD_TLS_xxx is defined
+
+   When adding cipher suites, add name to cipher_names, idx to cipher_name_idx
+*/
+#if !defined(NO_RSA) && !defined(NO_RC4)
+  #if !defined(NO_SHA)
+    #define BUILD_SSL_RSA_WITH_RC4_128_SHA
+  #endif
+    #if !defined(NO_MD5)
+        #define BUILD_SSL_RSA_WITH_RC4_128_MD5
+    #endif
+    #if !defined(NO_TLS) && defined(HAVE_NTRU) && !defined(NO_SHA)
+        #define BUILD_TLS_NTRU_RSA_WITH_RC4_128_SHA
+    #endif
+#endif
+
+#if !defined(NO_RSA) && !defined(NO_DES3)
+  #if !defined(NO_SHA)
+    #define BUILD_SSL_RSA_WITH_3DES_EDE_CBC_SHA
+    #if !defined(NO_TLS) && defined(HAVE_NTRU)
+        #define BUILD_TLS_NTRU_RSA_WITH_3DES_EDE_CBC_SHA
+    #endif
+  #endif
+#endif
+
+#if !defined(NO_RSA) && !defined(NO_AES) && !defined(NO_TLS)
+  #if !defined(NO_SHA)
+    #define BUILD_TLS_RSA_WITH_AES_128_CBC_SHA
+    #define BUILD_TLS_RSA_WITH_AES_256_CBC_SHA
+    #if defined(HAVE_NTRU)
+        #define BUILD_TLS_NTRU_RSA_WITH_AES_128_CBC_SHA
+        #define BUILD_TLS_NTRU_RSA_WITH_AES_256_CBC_SHA
+    #endif
+  #endif
+    #if !defined (NO_SHA256)
+        #define BUILD_TLS_RSA_WITH_AES_128_CBC_SHA256
+        #define BUILD_TLS_RSA_WITH_AES_256_CBC_SHA256
+    #endif
+    #if defined (HAVE_AESGCM)
+        #define BUILD_TLS_RSA_WITH_AES_128_GCM_SHA256
+        #if defined (WOLFSSL_SHA384)
+            #define BUILD_TLS_RSA_WITH_AES_256_GCM_SHA384
+        #endif
+    #endif
+    #if defined (HAVE_AESCCM)
+        #define BUILD_TLS_RSA_WITH_AES_128_CCM_8
+        #define BUILD_TLS_RSA_WITH_AES_256_CCM_8
+    #endif
+    #if defined(HAVE_BLAKE2)
+        #define BUILD_TLS_RSA_WITH_AES_128_CBC_B2B256
+        #define BUILD_TLS_RSA_WITH_AES_256_CBC_B2B256
+    #endif
+#endif
+
+#if defined(HAVE_CAMELLIA) && !defined(NO_TLS)
+    #ifndef NO_RSA
+      #if !defined(NO_SHA)
+        #define BUILD_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
+        #define BUILD_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
+      #endif
+        #ifndef NO_SHA256
+            #define BUILD_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256
+            #define BUILD_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256
+        #endif
+        #if !defined(NO_DH)
+          #if !defined(NO_SHA)
+            #define BUILD_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
+            #define BUILD_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
+          #endif
+            #ifndef NO_SHA256
+                #define BUILD_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
+                #define BUILD_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256
+            #endif
+        #endif
+    #endif
+#endif
+
+#if !defined(NO_PSK) && !defined(NO_AES) && !defined(NO_TLS)
+  #if !defined(NO_SHA)
+    #define BUILD_TLS_PSK_WITH_AES_128_CBC_SHA
+    #define BUILD_TLS_PSK_WITH_AES_256_CBC_SHA
+  #endif
+    #ifndef NO_SHA256
+        #define BUILD_TLS_PSK_WITH_AES_128_CBC_SHA256
+        #ifdef HAVE_AESGCM
+            #define BUILD_TLS_PSK_WITH_AES_128_GCM_SHA256
+        #endif
+        #ifdef HAVE_AESCCM
+            #define BUILD_TLS_PSK_WITH_AES_128_CCM_8
+            #define BUILD_TLS_PSK_WITH_AES_256_CCM_8
+            #define BUILD_TLS_PSK_WITH_AES_128_CCM
+            #define BUILD_TLS_PSK_WITH_AES_256_CCM
+        #endif
+    #endif
+    #ifdef WOLFSSL_SHA384
+        #define BUILD_TLS_PSK_WITH_AES_256_CBC_SHA384
+        #ifdef HAVE_AESGCM
+            #define BUILD_TLS_PSK_WITH_AES_256_GCM_SHA384
+        #endif
+    #endif
+#endif
+
+#if !defined(NO_TLS) && defined(HAVE_NULL_CIPHER)
+    #if !defined(NO_RSA)
+      #if !defined(NO_SHA)
+        #define BUILD_TLS_RSA_WITH_NULL_SHA
+      #endif
+      #ifndef NO_SHA256
+        #define BUILD_TLS_RSA_WITH_NULL_SHA256
+      #endif
+    #endif
+    #if !defined(NO_PSK)
+      #if !defined(NO_SHA)
+        #define BUILD_TLS_PSK_WITH_NULL_SHA
+      #endif
+        #ifndef NO_SHA256
+            #define BUILD_TLS_PSK_WITH_NULL_SHA256
+        #endif
+        #ifdef WOLFSSL_SHA384
+            #define BUILD_TLS_PSK_WITH_NULL_SHA384
+        #endif
+    #endif
+#endif
+
+#if !defined(NO_HC128) && !defined(NO_RSA) && !defined(NO_TLS)
+    #define BUILD_TLS_RSA_WITH_HC_128_MD5
+  #if !defined(NO_SHA)
+    #define BUILD_TLS_RSA_WITH_HC_128_SHA
+  #endif
+  #if defined(HAVE_BLAKE2)
+    #define BUILD_TLS_RSA_WITH_HC_128_B2B256
+  #endif
+#endif
+
+#if !defined(NO_RABBIT) && !defined(NO_TLS) && !defined(NO_RSA)
+  #if !defined(NO_SHA)
+    #define BUILD_TLS_RSA_WITH_RABBIT_SHA
+  #endif
+#endif
+
+#if !defined(NO_DH) && !defined(NO_AES) && !defined(NO_TLS) && \
+    !defined(NO_RSA)
+  #if !defined(NO_SHA)
+    #define BUILD_TLS_DHE_RSA_WITH_AES_128_CBC_SHA
+    #define BUILD_TLS_DHE_RSA_WITH_AES_256_CBC_SHA
+  #endif
+    #if !defined (NO_SHA256)
+        #define BUILD_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
+        #define BUILD_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
+        #if defined (HAVE_AESGCM)
+            #define BUILD_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
+            #if defined (WOLFSSL_SHA384)
+                #define BUILD_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
+            #endif
+        #endif
+    #endif
+#endif
+
+#if defined(HAVE_ANON) && !defined(NO_TLS) && !defined(NO_DH) && \
+    !defined(NO_AES) && !defined(NO_SHA)
+    #define BUILD_TLS_DH_anon_WITH_AES_128_CBC_SHA
+#endif
+
+#if !defined(NO_DH) && !defined(NO_PSK) && !defined(NO_TLS)
+    #ifndef NO_SHA256
+        #define BUILD_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256
+        #ifdef HAVE_NULL_CIPHER
+            #define BUILD_TLS_DHE_PSK_WITH_NULL_SHA256
+        #endif
+        #ifdef HAVE_AESGCM
+            #define BUILD_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256
+        #endif
+        #ifdef HAVE_AESCCM
+            #define BUILD_TLS_DHE_PSK_WITH_AES_128_CCM
+            #define BUILD_TLS_DHE_PSK_WITH_AES_256_CCM
+        #endif
+    #endif
+    #ifdef WOLFSSL_SHA384
+        #define BUILD_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384
+        #ifdef HAVE_NULL_CIPHER
+            #define BUILD_TLS_DHE_PSK_WITH_NULL_SHA384
+        #endif
+        #ifdef HAVE_AESGCM
+            #define BUILD_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384
+        #endif
+    #endif
+#endif
+
+#if defined(HAVE_ECC) && !defined(NO_TLS)
+    #if !defined(NO_AES)
+        #if !defined(NO_SHA)
+            #if !defined(NO_RSA)
+                #define BUILD_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
+                #define BUILD_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
+                #define BUILD_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
+                #define BUILD_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
+            #endif
+    
+            #define BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
+            #define BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
+    
+            #define BUILD_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
+            #define BUILD_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
+        #endif /* NO_SHA */
+        #ifndef NO_SHA256
+            #if !defined(NO_RSA)
+                #define BUILD_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
+                #define BUILD_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
+            #endif
+            #define BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
+            #define BUILD_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
+        #endif
+
+        #ifdef WOLFSSL_SHA384
+            #if !defined(NO_RSA)
+                #define BUILD_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
+                #define BUILD_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
+            #endif
+            #define BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
+            #define BUILD_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
+        #endif
+
+        #if defined (HAVE_AESGCM)
+            #if !defined(NO_RSA)
+                #define BUILD_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
+                #define BUILD_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
+                #if defined(WOLFSSL_SHA384)
+                    #define BUILD_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
+                    #define BUILD_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
+                #endif
+            #endif
+
+            #define BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
+            #define BUILD_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256
+            
+            #if defined(WOLFSSL_SHA384)
+                #define BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
+                #define BUILD_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
+            #endif
+        #endif
+        #if defined (HAVE_AESCCM)
+            #define BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8
+            #define BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8
+        #endif
+    #endif /* NO_AES */
+    #if !defined(NO_RC4)
+        #if !defined(NO_SHA)
+            #if !defined(NO_RSA)
+                #define BUILD_TLS_ECDHE_RSA_WITH_RC4_128_SHA
+                #define BUILD_TLS_ECDH_RSA_WITH_RC4_128_SHA
+            #endif
+
+            #define BUILD_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
+            #define BUILD_TLS_ECDH_ECDSA_WITH_RC4_128_SHA
+        #endif
+    #endif
+    #if !defined(NO_DES3)
+        #if !defined(NO_RSA)
+            #define BUILD_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
+            #define BUILD_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
+        #endif
+
+        #define BUILD_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
+        #define BUILD_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
+    #endif
+#endif
+
+
+#if defined(BUILD_SSL_RSA_WITH_RC4_128_SHA) || \
+    defined(BUILD_SSL_RSA_WITH_RC4_128_MD5)
+    #define BUILD_ARC4
+#endif
+
+#if defined(BUILD_SSL_RSA_WITH_3DES_EDE_CBC_SHA)
+    #define BUILD_DES3
+#endif
+
+#if defined(BUILD_TLS_RSA_WITH_AES_128_CBC_SHA) || \
+    defined(BUILD_TLS_RSA_WITH_AES_256_CBC_SHA) || \
+    defined(BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256)
+    #undef  BUILD_AES
+    #define BUILD_AES
+#endif
+
+#if defined(BUILD_TLS_RSA_WITH_AES_128_GCM_SHA256) || \
+    defined(BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256)
+    #define BUILD_AESGCM
+#endif
+
+#if defined(BUILD_TLS_RSA_WITH_HC_128_SHA) || \
+    defined(BUILD_TLS_RSA_WITH_HC_128_MD5) || \
+    defined(BUILD_TLS_RSA_WITH_HC_128_B2B256)
+    #define BUILD_HC128
+#endif
+
+#if defined(BUILD_TLS_RSA_WITH_RABBIT_SHA)
+    #define BUILD_RABBIT
+#endif
+
+#ifdef NO_DES3
+    #define DES_BLOCK_SIZE 8
+#else
+    #undef  BUILD_DES3
+    #define BUILD_DES3
+#endif
+
+#ifdef NO_AES
+    #define AES_BLOCK_SIZE 16
+#else
+    #undef  BUILD_AES
+    #define BUILD_AES
+#endif
+
+#ifndef NO_RC4
+    #undef  BUILD_ARC4
+    #define BUILD_ARC4
+#endif
+
+#ifdef HAVE_CHACHA
+    #define CHACHA20_BLOCK_SIZE 16
+    /* ChaCha - Poly AEAD suites */
+    #if defined(HAVE_POLY1305) && !defined(NO_SHA256)
+        #if defined(HAVE_ECC)
+            #if !defined(NO_RSA)
+                #define BUILD_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
+            #endif
+            #define BUILD_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
+        #endif
+        #if !defined(NO_DH) && !defined(NO_RSA)
+            #define BUILD_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256
+        #endif
+    #endif /* end of ChaCha - Poly AEAD suites */
+#endif
+
+#if defined(BUILD_AESGCM) || defined(HAVE_AESCCM) || \
+                             (defined(HAVE_CHACHA) && defined(HAVE_POLY1305))
+    #define HAVE_AEAD
+#endif
+
+
+/* actual cipher values, 2nd byte */
+enum {
+    TLS_DHE_RSA_WITH_AES_256_CBC_SHA  = 0x39,
+    TLS_DHE_RSA_WITH_AES_128_CBC_SHA  = 0x33,
+    TLS_DH_anon_WITH_AES_128_CBC_SHA  = 0x34,
+    TLS_RSA_WITH_AES_256_CBC_SHA      = 0x35,
+    TLS_RSA_WITH_AES_128_CBC_SHA      = 0x2F,
+    TLS_RSA_WITH_NULL_SHA             = 0x02,
+    TLS_PSK_WITH_AES_256_CBC_SHA      = 0x8d,
+    TLS_PSK_WITH_AES_128_CBC_SHA256   = 0xae,
+    TLS_PSK_WITH_AES_256_CBC_SHA384   = 0xaf,
+    TLS_PSK_WITH_AES_128_CBC_SHA      = 0x8c,
+    TLS_PSK_WITH_NULL_SHA256          = 0xb0,
+    TLS_PSK_WITH_NULL_SHA384          = 0xb1,
+    TLS_PSK_WITH_NULL_SHA             = 0x2c,
+    SSL_RSA_WITH_RC4_128_SHA          = 0x05,
+    SSL_RSA_WITH_RC4_128_MD5          = 0x04,
+    SSL_RSA_WITH_3DES_EDE_CBC_SHA     = 0x0A,
+
+    /* ECC suites, first byte is 0xC0 (ECC_BYTE) */
+    TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA    = 0x14,
+    TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA    = 0x13,
+    TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA  = 0x0A,
+    TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA  = 0x09,
+    TLS_ECDHE_RSA_WITH_RC4_128_SHA        = 0x11,
+    TLS_ECDHE_ECDSA_WITH_RC4_128_SHA      = 0x07,
+    TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA   = 0x12,
+    TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA = 0x08,
+    TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256   = 0x27,
+    TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 = 0x23,
+    TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384   = 0x28,
+    TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 = 0x24,
+
+    /* static ECDH, first byte is 0xC0 (ECC_BYTE) */
+    TLS_ECDH_RSA_WITH_AES_256_CBC_SHA    = 0x0F,
+    TLS_ECDH_RSA_WITH_AES_128_CBC_SHA    = 0x0E,
+    TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA  = 0x05,
+    TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA  = 0x04,
+    TLS_ECDH_RSA_WITH_RC4_128_SHA        = 0x0C,
+    TLS_ECDH_ECDSA_WITH_RC4_128_SHA      = 0x02,
+    TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA   = 0x0D,
+    TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA = 0x03,
+    TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256   = 0x29,
+    TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 = 0x25,
+    TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384   = 0x2A,
+    TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 = 0x26,
+
+    /* wolfSSL extension - eSTREAM */
+    TLS_RSA_WITH_HC_128_MD5       = 0xFB,
+    TLS_RSA_WITH_HC_128_SHA       = 0xFC,
+    TLS_RSA_WITH_RABBIT_SHA       = 0xFD,
+
+    /* wolfSSL extension - Blake2b 256 */
+    TLS_RSA_WITH_AES_128_CBC_B2B256   = 0xF8,
+    TLS_RSA_WITH_AES_256_CBC_B2B256   = 0xF9,
+    TLS_RSA_WITH_HC_128_B2B256        = 0xFA,   /* eSTREAM too */
+
+    /* wolfSSL extension - NTRU */
+    TLS_NTRU_RSA_WITH_RC4_128_SHA      = 0xe5,
+    TLS_NTRU_RSA_WITH_3DES_EDE_CBC_SHA = 0xe6,
+    TLS_NTRU_RSA_WITH_AES_128_CBC_SHA  = 0xe7,  /* clashes w/official SHA-256 */
+    TLS_NTRU_RSA_WITH_AES_256_CBC_SHA  = 0xe8,
+
+    /* SHA256 */
+    TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 = 0x6b,
+    TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 = 0x67,
+    TLS_RSA_WITH_AES_256_CBC_SHA256     = 0x3d,
+    TLS_RSA_WITH_AES_128_CBC_SHA256     = 0x3c,
+    TLS_RSA_WITH_NULL_SHA256            = 0x3b,
+    TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 = 0xb2,
+    TLS_DHE_PSK_WITH_NULL_SHA256        = 0xb4,
+
+    /* SHA384 */
+    TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 = 0xb3,
+    TLS_DHE_PSK_WITH_NULL_SHA384        = 0xb5,
+
+    /* AES-GCM */
+    TLS_RSA_WITH_AES_128_GCM_SHA256          = 0x9c,
+    TLS_RSA_WITH_AES_256_GCM_SHA384          = 0x9d,
+    TLS_DHE_RSA_WITH_AES_128_GCM_SHA256      = 0x9e,
+    TLS_DHE_RSA_WITH_AES_256_GCM_SHA384      = 0x9f,
+    TLS_PSK_WITH_AES_128_GCM_SHA256          = 0xa8,
+    TLS_PSK_WITH_AES_256_GCM_SHA384          = 0xa9,
+    TLS_DHE_PSK_WITH_AES_128_GCM_SHA256      = 0xaa,
+    TLS_DHE_PSK_WITH_AES_256_GCM_SHA384      = 0xab,
+
+    /* ECC AES-GCM, first byte is 0xC0 (ECC_BYTE) */
+    TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256  = 0x2b,
+    TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384  = 0x2c,
+    TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256   = 0x2d,
+    TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384   = 0x2e,
+    TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256    = 0x2f,
+    TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384    = 0x30,
+    TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256     = 0x31,
+    TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384     = 0x32,
+
+    /* AES-CCM, first byte is 0xC0 but isn't ECC,
+     * also, in some of the other AES-CCM suites
+     * there will be second byte number conflicts
+     * with non-ECC AES-GCM */
+    TLS_RSA_WITH_AES_128_CCM_8         = 0xa0,
+    TLS_RSA_WITH_AES_256_CCM_8         = 0xa1,
+    TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 = 0xae,
+    TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 = 0xaf,
+    TLS_PSK_WITH_AES_128_CCM           = 0xa4,
+    TLS_PSK_WITH_AES_256_CCM           = 0xa5,
+    TLS_PSK_WITH_AES_128_CCM_8         = 0xa8,
+    TLS_PSK_WITH_AES_256_CCM_8         = 0xa9,
+    TLS_DHE_PSK_WITH_AES_128_CCM       = 0xa6,
+    TLS_DHE_PSK_WITH_AES_256_CCM       = 0xa7,
+
+    /* Camellia */
+    TLS_RSA_WITH_CAMELLIA_128_CBC_SHA        = 0x41,
+    TLS_RSA_WITH_CAMELLIA_256_CBC_SHA        = 0x84,
+    TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256     = 0xba,
+    TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256     = 0xc0,
+    TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA    = 0x45,
+    TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA    = 0x88,
+    TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 0xbe,
+    TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 = 0xc4,
+
+    TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256   = 0x13,
+    TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 = 0x14,
+    TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256     = 0x15,
+
+    /* Renegotiation Indication Extension Special Suite */
+    TLS_EMPTY_RENEGOTIATION_INFO_SCSV        = 0xff
+};
+
+
+#ifndef WOLFSSL_SESSION_TIMEOUT
+    #define WOLFSSL_SESSION_TIMEOUT 500
+    /* default session resumption cache timeout in seconds */
+#endif
+
+
+enum Misc {
+    ECC_BYTE    =  0xC0,           /* ECC first cipher suite byte */
+    CHACHA_BYTE = 0xCC,            /* ChaCha first cipher suite */
+
+    SEND_CERT       = 1,
+    SEND_BLANK_CERT = 2,
+
+    DTLS_MAJOR      = 0xfe,     /* DTLS major version number */
+    DTLS_MINOR      = 0xff,     /* DTLS minor version number */
+    DTLSv1_2_MINOR  = 0xfd,     /* DTLS minor version number */
+    SSLv3_MAJOR     = 3,        /* SSLv3 and TLSv1+  major version number */
+    SSLv3_MINOR     = 0,        /* TLSv1   minor version number */
+    TLSv1_MINOR     = 1,        /* TLSv1   minor version number */
+    TLSv1_1_MINOR   = 2,        /* TLSv1_1 minor version number */
+    TLSv1_2_MINOR   = 3,        /* TLSv1_2 minor version number */
+    OLD_HELLO_ID    = 0x01,     /* SSLv2 Client Hello Indicator */
+    INVALID_BYTE    = 0xff,     /* Used to initialize cipher specs values */
+    NO_COMPRESSION  =  0,
+    ZLIB_COMPRESSION = 221,     /* wolfSSL zlib compression */
+    HELLO_EXT_SIG_ALGO = 13,    /* ID for the sig_algo hello extension */
+    SECRET_LEN      = 48,       /* pre RSA and all master */
+    ENCRYPT_LEN     = 512,      /* allow 4096 bit static buffer */
+    SIZEOF_SENDER   =  4,       /* clnt or srvr           */
+    FINISHED_SZ     = 36,       /* MD5_DIGEST_SIZE + SHA_DIGEST_SIZE */
+    MAX_RECORD_SIZE = 16384,    /* 2^14, max size by standard */
+    MAX_MSG_EXTRA   = 38 + MAX_DIGEST_SIZE,
+                                /* max added to msg, mac + pad  from */
+                                /* RECORD_HEADER_SZ + BLOCK_SZ (pad) + Max
+                                   digest sz + BLOC_SZ (iv) + pad byte (1) */
+    MAX_COMP_EXTRA  = 1024,     /* max compression extra */
+    MAX_MTU         = 1500,     /* max expected MTU */
+    MAX_UDP_SIZE    = 8192 - 100, /* was MAX_MTU - 100 */
+    MAX_DH_SZ       = 1036,     /* 4096 p, pub, g + 2 byte size for each */
+    MAX_STR_VERSION = 8,        /* string rep of protocol version */
+
+    PAD_MD5        = 48,       /* pad length for finished */
+    PAD_SHA        = 40,       /* pad length for finished */
+    MAX_PAD_SIZE   = 256,      /* maximum length of padding */
+    COMPRESS_DUMMY_SIZE = 64,  /* compression dummy round size */
+    COMPRESS_CONSTANT   = 13,  /* compression calc constant */
+    COMPRESS_UPPER      = 55,  /* compression calc numerator */
+    COMPRESS_LOWER      = 64,  /* compression calc denominator */
+
+    PEM_LINE_LEN   = 80,       /* PEM line max + fudge */
+    LENGTH_SZ      =  2,       /* length field for HMAC, data only */
+    VERSION_SZ     =  2,       /* length of proctocol version */
+    SEQ_SZ         =  8,       /* 64 bit sequence number  */
+    BYTE3_LEN      =  3,       /* up to 24 bit byte lengths */
+    ALERT_SIZE     =  2,       /* level + description     */
+    VERIFY_HEADER  =  2,       /* always use 2 bytes      */
+    EXT_ID_SZ      =  2,       /* always use 2 bytes      */
+    MAX_DH_SIZE    = 513,      /* 4096 bit plus possible leading 0 */
+
+    MAX_SUITE_SZ = 200,        /* 100 suites for now! */
+    RAN_LEN      = 32,         /* random length           */
+    SEED_LEN     = RAN_LEN * 2, /* tls prf seed length    */
+    ID_LEN       = 32,         /* session id length       */
+    MAX_COOKIE_LEN = 32,       /* max dtls cookie size    */
+    COOKIE_SZ    = 20,         /* use a 20 byte cookie    */
+    SUITE_LEN    =  2,         /* cipher suite sz length  */
+    ENUM_LEN     =  1,         /* always a byte           */
+    OPAQUE8_LEN  =  1,         /* 1 byte                  */
+    OPAQUE16_LEN =  2,         /* 2 bytes                 */
+    OPAQUE24_LEN =  3,         /* 3 bytes                 */
+    OPAQUE32_LEN =  4,         /* 4 bytes                 */
+    COMP_LEN     =  1,         /* compression length      */
+    CURVE_LEN    =  2,         /* ecc named curve length  */
+    SERVER_ID_LEN = 20,        /* server session id length  */
+    
+    HANDSHAKE_HEADER_SZ   = 4,  /* type + length(3)        */
+    RECORD_HEADER_SZ      = 5,  /* type + version + len(2) */
+    CERT_HEADER_SZ        = 3,  /* always 3 bytes          */
+    REQ_HEADER_SZ         = 2,  /* cert request header sz  */
+    HINT_LEN_SZ           = 2,  /* length of hint size field */
+    TRUNCATED_HMAC_SZ     = 10, /* length of hmac w/ truncated hmac extension */
+    HELLO_EXT_TYPE_SZ     = 2,  /* length of a hello extension type */
+    HELLO_EXT_SZ          = 8,  /* total length of the lazy hello extensions */
+    HELLO_EXT_LEN         = 6,  /* length of the lazy hello extensions */
+    HELLO_EXT_SIGALGO_SZ  = 2,  /* length of signature algo extension  */
+    HELLO_EXT_SIGALGO_MAX = 32, /* number of items in the signature algo list */
+
+    DTLS_HANDSHAKE_HEADER_SZ = 12, /* normal + seq(2) + offset(3) + length(3) */
+    DTLS_RECORD_HEADER_SZ    = 13, /* normal + epoch(2) + seq_num(6) */
+    DTLS_HANDSHAKE_EXTRA     = 8,  /* diff from normal */
+    DTLS_RECORD_EXTRA        = 8,  /* diff from normal */
+    DTLS_HANDSHAKE_SEQ_SZ    = 2,  /* handshake header sequence number */
+    DTLS_HANDSHAKE_FRAG_SZ   = 3,  /* fragment offset and length are 24 bit */
+    DTLS_POOL_SZ             = 5,  /* buffers to hold in the retry pool */
+
+    FINISHED_LABEL_SZ   = 15,  /* TLS finished label size */
+    TLS_FINISHED_SZ     = 12,  /* TLS has a shorter size  */
+    MASTER_LABEL_SZ     = 13,  /* TLS master secret label sz */
+    KEY_LABEL_SZ        = 13,  /* TLS key block expansion sz */
+    MAX_PRF_HALF        = 256, /* Maximum half secret len */
+    MAX_PRF_LABSEED     = 128, /* Maximum label + seed len */
+    MAX_PRF_DIG         = 224, /* Maximum digest len      */
+    MAX_REQUEST_SZ      = 256, /* Maximum cert req len (no auth yet */
+    SESSION_FLUSH_COUNT = 256, /* Flush session cache unless user turns off */ 
+
+    RC4_KEY_SIZE        = 16,  /* always 128bit           */
+    DES_KEY_SIZE        =  8,  /* des                     */
+    DES3_KEY_SIZE       = 24,  /* 3 des ede               */
+    DES_IV_SIZE         = DES_BLOCK_SIZE,
+    AES_256_KEY_SIZE    = 32,  /* for 256 bit             */
+    AES_192_KEY_SIZE    = 24,  /* for 192 bit             */
+    AES_IV_SIZE         = 16,  /* always block size       */
+    AES_128_KEY_SIZE    = 16,  /* for 128 bit             */
+
+    AEAD_SEQ_OFFSET     = 4,        /* Auth Data: Sequence number */
+    AEAD_TYPE_OFFSET    = 8,        /* Auth Data: Type            */
+    AEAD_VMAJ_OFFSET    = 9,        /* Auth Data: Major Version   */
+    AEAD_VMIN_OFFSET    = 10,       /* Auth Data: Minor Version   */
+    AEAD_LEN_OFFSET     = 11,       /* Auth Data: Length          */
+    AEAD_AUTH_DATA_SZ   = 13,       /* Size of the data to authenticate */
+    AEAD_IMP_IV_SZ      = 4,        /* Size of the implicit IV     */
+    AEAD_EXP_IV_SZ      = 8,        /* Size of the explicit IV     */
+    AEAD_NONCE_SZ       = AEAD_EXP_IV_SZ + AEAD_IMP_IV_SZ,
+
+    AES_GCM_AUTH_SZ     = 16, /* AES-GCM Auth Tag length    */
+    AES_CCM_16_AUTH_SZ  = 16, /* AES-CCM-16 Auth Tag length */
+    AES_CCM_8_AUTH_SZ   = 8,  /* AES-CCM-8 Auth Tag Length  */
+
+    CAMELLIA_128_KEY_SIZE = 16, /* for 128 bit */
+    CAMELLIA_192_KEY_SIZE = 24, /* for 192 bit */
+    CAMELLIA_256_KEY_SIZE = 32, /* for 256 bit */
+    CAMELLIA_IV_SIZE      = 16, /* always block size */
+
+    CHACHA20_256_KEY_SIZE = 32,  /* for 256 bit             */
+    CHACHA20_128_KEY_SIZE = 16,  /* for 128 bit             */
+    CHACHA20_IV_SIZE      =  8,  /* 64 bits for iv          */
+
+    POLY1305_AUTH_SZ    = 16,  /* 128 bits                */
+
+    HC_128_KEY_SIZE     = 16,  /* 128 bits                */
+    HC_128_IV_SIZE      = 16,  /* also 128 bits           */
+
+    RABBIT_KEY_SIZE     = 16,  /* 128 bits                */
+    RABBIT_IV_SIZE      =  8,  /* 64 bits for iv          */
+
+    EVP_SALT_SIZE       =  8,  /* evp salt size 64 bits   */
+
+    ECDHE_SIZE          = 32,  /* ECHDE server size defaults to 256 bit */
+    MAX_EXPORT_ECC_SZ   = 256, /* Export ANS X9.62 max future size */
+
+    MAX_HELLO_SZ       = 128,  /* max client or server hello */
+    MAX_CERT_VERIFY_SZ = 1024, /* max   */
+    CLIENT_HELLO_FIRST =  35,  /* Protocol + RAN_LEN + sizeof(id_len) */
+    MAX_SUITE_NAME     =  48,  /* maximum length of cipher suite string */
+
+    DTLS_TIMEOUT_INIT       =  1, /* default timeout init for DTLS receive  */
+    DTLS_TIMEOUT_MAX        = 64, /* default max timeout for DTLS receive */
+    DTLS_TIMEOUT_MULTIPLIER =  2, /* default timeout multiplier for DTLS recv */
+
+    MAX_PSK_ID_LEN     = 128,  /* max psk identity/hint supported */
+    MAX_PSK_KEY_LEN    =  64,  /* max psk key supported */
+
+    MAX_WOLFSSL_FILE_SIZE = 1024 * 1024 * 4,  /* 4 mb file size alloc limit */
+
+#ifdef FORTRESS
+    MAX_EX_DATA        =   3,  /* allow for three items of ex_data */
+#endif
+
+    MAX_X509_SIZE      = 2048, /* max static x509 buffer size */
+    CERT_MIN_SIZE      =  256, /* min PEM cert size with header/footer */
+    MAX_FILENAME_SZ    =  256, /* max file name length */
+    FILE_BUFFER_SIZE   = 1024, /* default static file buffer size for input,
+                                  will use dynamic buffer if not big enough */
+
+    MAX_NTRU_PUB_KEY_SZ = 1027, /* NTRU max for now */
+    MAX_NTRU_ENCRYPT_SZ = 1027, /* NTRU max for now */
+    MAX_NTRU_BITS       =  256, /* max symmetric bit strength */
+    NO_SNIFF           =   0,  /* not sniffing */
+    SNIFF              =   1,  /* currently sniffing */
+
+    HASH_SIG_SIZE      =   2,  /* default SHA1 RSA */
+
+    NO_CAVIUM_DEVICE   =  -2,  /* invalid cavium device id */
+
+    NO_COPY            =   0,  /* should we copy static buffer for write */
+    COPY               =   1   /* should we copy static buffer for write */
+};
+
+#ifdef SESSION_INDEX
+/* Shift values for making a session index */
+#define SESSIDX_ROW_SHIFT 4
+#define SESSIDX_IDX_MASK  0x0F
+#endif
+
+
+/* max cert chain peer depth */
+#ifndef MAX_CHAIN_DEPTH
+    #define MAX_CHAIN_DEPTH 9
+#endif
+
+#ifndef SESSION_TICKET_LEN
+    #define SESSION_TICKET_LEN 256
+#endif
+
+
+/* don't use extra 3/4k stack space unless need to */
+#ifdef HAVE_NTRU
+    #define MAX_ENCRYPT_SZ MAX_NTRU_ENCRYPT_SZ
+#else
+    #define MAX_ENCRYPT_SZ ENCRYPT_LEN
+#endif
+
+
+/* states */
+enum states {
+    NULL_STATE = 0,
+
+    SERVER_HELLOVERIFYREQUEST_COMPLETE,
+    SERVER_HELLO_COMPLETE,
+    SERVER_CERT_COMPLETE,
+    SERVER_KEYEXCHANGE_COMPLETE,
+    SERVER_HELLODONE_COMPLETE,
+    SERVER_FINISHED_COMPLETE,
+
+    CLIENT_HELLO_COMPLETE,
+    CLIENT_KEYEXCHANGE_COMPLETE,
+    CLIENT_FINISHED_COMPLETE,
+
+    HANDSHAKE_DONE
+};
+
+
+#if defined(__GNUC__)
+    #define WOLFSSL_PACK __attribute__ ((packed))
+#else
+    #define WOLFSSL_PACK
+#endif
+
+/* SSL Version */
+typedef struct ProtocolVersion {
+    byte major;
+    byte minor;
+} WOLFSSL_PACK ProtocolVersion;
+
+
+WOLFSSL_LOCAL ProtocolVersion MakeSSLv3(void);
+WOLFSSL_LOCAL ProtocolVersion MakeTLSv1(void);
+WOLFSSL_LOCAL ProtocolVersion MakeTLSv1_1(void);
+WOLFSSL_LOCAL ProtocolVersion MakeTLSv1_2(void);
+
+#ifdef WOLFSSL_DTLS
+    WOLFSSL_LOCAL ProtocolVersion MakeDTLSv1(void);
+    WOLFSSL_LOCAL ProtocolVersion MakeDTLSv1_2(void);
+#endif
+
+
+enum BIO_TYPE {
+    BIO_BUFFER = 1,
+    BIO_SOCKET = 2,
+    BIO_SSL    = 3,
+    BIO_MEMORY = 4
+};
+
+
+/* wolfSSL BIO_METHOD type */
+struct WOLFSSL_BIO_METHOD {
+    byte type;               /* method type */
+};
+
+
+/* wolfSSL BIO type */
+struct WOLFSSL_BIO {
+    byte        type;          /* method type */
+    byte        close;         /* close flag */
+    byte        eof;           /* eof flag */
+    WOLFSSL*     ssl;           /* possible associated ssl */
+    byte*       mem;           /* memory buffer */
+    int         memLen;        /* memory buffer length */
+    int         fd;            /* possible file descriptor */
+    WOLFSSL_BIO* prev;          /* previous in chain */
+    WOLFSSL_BIO* next;          /* next in chain */
+};
+
+
+/* wolfSSL method type */
+struct WOLFSSL_METHOD {
+    ProtocolVersion version;
+    byte            side;         /* connection side, server or client */
+    byte            downgrade;    /* whether to downgrade version, default no */
+};
+
+
+/* defautls to client */
+WOLFSSL_LOCAL void InitSSL_Method(WOLFSSL_METHOD*, ProtocolVersion);
+
+/* for sniffer */
+WOLFSSL_LOCAL int DoFinished(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
+                            word32 size, word32 totalSz, int sniff);
+WOLFSSL_LOCAL int DoApplicationData(WOLFSSL* ssl, byte* input, word32* inOutIdx);
+
+
+/* wolfSSL buffer type */
+typedef struct buffer {
+    word32 length;
+    byte*  buffer;
+} buffer;
+
+
+enum {
+    FORCED_FREE = 1,
+    NO_FORCED_FREE = 0
+};
+
+
+/* only use compression extra if using compression */
+#ifdef HAVE_LIBZ
+    #define COMP_EXTRA MAX_COMP_EXTRA
+#else
+    #define COMP_EXTRA 0
+#endif
+
+/* only the sniffer needs space in the buffer for extra MTU record(s) */
+#ifdef WOLFSSL_SNIFFER
+    #define MTU_EXTRA MAX_MTU * 3 
+#else
+    #define MTU_EXTRA 0
+#endif
+
+
+/* embedded callbacks require large static buffers, make sure on */
+#ifdef WOLFSSL_CALLBACKS
+    #undef  LARGE_STATIC_BUFFERS
+    #define LARGE_STATIC_BUFFERS
+#endif
+
+
+/* give user option to use 16K static buffers */
+#if defined(LARGE_STATIC_BUFFERS)
+    #define RECORD_SIZE MAX_RECORD_SIZE
+#else
+    #ifdef WOLFSSL_DTLS
+        #define RECORD_SIZE MAX_MTU 
+    #else
+        #define RECORD_SIZE 128 
+    #endif
+#endif
+
+
+/* user option to turn off 16K output option */
+/* if using small static buffers (default) and SSL_write tries to write data
+   larger than the record we have, dynamically get it, unless user says only
+   write in static buffer chuncks  */
+#ifndef STATIC_CHUNKS_ONLY
+    #define OUTPUT_RECORD_SIZE MAX_RECORD_SIZE
+#else
+    #define OUTPUT_RECORD_SIZE RECORD_SIZE
+#endif
+
+/* wolfSSL input buffer
+
+   RFC 2246:
+
+   length
+       The length (in bytes) of the following TLSPlaintext.fragment.
+       The length should not exceed 2^14.
+*/
+#if defined(LARGE_STATIC_BUFFERS)
+    #define STATIC_BUFFER_LEN RECORD_HEADER_SZ + RECORD_SIZE + COMP_EXTRA + \
+             MTU_EXTRA + MAX_MSG_EXTRA
+#else
+    /* don't fragment memory from the record header */
+    #define STATIC_BUFFER_LEN RECORD_HEADER_SZ
+#endif
+
+typedef struct {
+    word32 length;       /* total buffer length used */
+    word32 idx;          /* idx to part of length already consumed */
+    byte*  buffer;       /* place holder for static or dynamic buffer */
+    word32 bufferSize;   /* current buffer size */
+    ALIGN16 byte staticBuffer[STATIC_BUFFER_LEN];
+    byte   dynamicFlag;  /* dynamic memory currently in use */
+    byte   offset;       /* alignment offset attempt */
+} bufferStatic;
+
+/* Cipher Suites holder */
+typedef struct Suites {
+    int    setSuites;               /* user set suites from default */
+    byte   suites[MAX_SUITE_SZ];  
+    word16 suiteSz;                 /* suite length in bytes        */
+    byte   hashSigAlgo[HELLO_EXT_SIGALGO_MAX]; /* sig/algo to offer */
+    word16 hashSigAlgoSz;           /* SigAlgo extension length in bytes */
+    byte   hashAlgo;                /* selected hash algorithm */
+    byte   sigAlgo;                 /* selected sig algorithm */
+} Suites;
+
+
+WOLFSSL_LOCAL
+void InitSuites(Suites*, ProtocolVersion,
+                                     byte, byte, byte, byte, byte, byte, int);
+WOLFSSL_LOCAL
+int  SetCipherList(Suites*, const char* list);
+
+#ifndef PSK_TYPES_DEFINED
+    typedef unsigned int (*psk_client_callback)(WOLFSSL*, const char*, char*,
+                          unsigned int, unsigned char*, unsigned int);
+    typedef unsigned int (*psk_server_callback)(WOLFSSL*, const char*,
+                          unsigned char*, unsigned int);
+#endif /* PSK_TYPES_DEFINED */
+
+
+#ifdef HAVE_NETX
+    WOLFSSL_LOCAL int NetX_Receive(WOLFSSL *ssl, char *buf, int sz, void *ctx);
+    WOLFSSL_LOCAL int NetX_Send(WOLFSSL *ssl, char *buf, int sz, void *ctx);
+#endif /* HAVE_NETX */
+
+
+/* wolfSSL Cipher type just points back to SSL */
+struct WOLFSSL_CIPHER {
+    WOLFSSL* ssl;
+};
+
+
+typedef struct OCSP_Entry OCSP_Entry;
+
+#ifdef SHA_DIGEST_SIZE
+    #define OCSP_DIGEST_SIZE SHA_DIGEST_SIZE
+#else
+    #define OCSP_DIGEST_SIZE 160
+#endif
+
+#ifdef NO_ASN 
+    /* no_asn won't have */
+    typedef struct CertStatus CertStatus;
+#endif
+
+struct OCSP_Entry {
+    OCSP_Entry* next;                        /* next entry             */
+    byte    issuerHash[OCSP_DIGEST_SIZE];    /* issuer hash            */ 
+    byte    issuerKeyHash[OCSP_DIGEST_SIZE]; /* issuer public key hash */
+    CertStatus* status;                      /* OCSP response list     */
+    int         totalStatus;                 /* number on list         */
+};
+
+
+#ifndef HAVE_OCSP
+    typedef struct WOLFSSL_OCSP WOLFSSL_OCSP;
+#endif
+
+/* wolfSSL OCSP controller */
+struct WOLFSSL_OCSP {
+    WOLFSSL_CERT_MANAGER* cm;            /* pointer back to cert manager */
+    OCSP_Entry*          ocspList;      /* OCSP response list */
+    wolfSSL_Mutex         ocspLock;      /* OCSP list lock */
+};
+
+#ifndef MAX_DATE_SIZE
+#define MAX_DATE_SIZE 32
+#endif
+
+typedef struct CRL_Entry CRL_Entry;
+
+#ifdef SHA_DIGEST_SIZE
+    #define CRL_DIGEST_SIZE SHA_DIGEST_SIZE
+#else
+    #define CRL_DIGEST_SIZE 160
+#endif
+
+#ifdef NO_ASN 
+    typedef struct RevokedCert RevokedCert;
+#endif
+
+/* Complete CRL */
+struct CRL_Entry {
+    CRL_Entry* next;                      /* next entry */
+    byte    issuerHash[CRL_DIGEST_SIZE];  /* issuer hash                 */ 
+    /* byte    crlHash[CRL_DIGEST_SIZE];      raw crl data hash           */ 
+    /* restore the hash here if needed for optimized comparisons */
+    byte    lastDate[MAX_DATE_SIZE]; /* last date updated  */
+    byte    nextDate[MAX_DATE_SIZE]; /* next update date   */
+    byte    lastDateFormat;          /* last date format */
+    byte    nextDateFormat;          /* next date format */
+    RevokedCert* certs;              /* revoked cert list  */
+    int          totalCerts;         /* number on list     */
+};
+
+
+typedef struct CRL_Monitor CRL_Monitor;
+
+/* CRL directory monitor */
+struct CRL_Monitor {
+    char* path;      /* full dir path, if valid pointer we're using */
+    int   type;      /* PEM or ASN1 type */
+};
+
+
+#ifndef HAVE_CRL
+    typedef struct WOLFSSL_CRL WOLFSSL_CRL;
+#endif
+
+/* wolfSSL CRL controller */
+struct WOLFSSL_CRL {
+    WOLFSSL_CERT_MANAGER* cm;            /* pointer back to cert manager */
+    CRL_Entry*           crlList;       /* our CRL list */
+    wolfSSL_Mutex         crlLock;       /* CRL list lock */
+    CRL_Monitor          monitors[2];   /* PEM and DER possible */
+#ifdef HAVE_CRL_MONITOR
+    pthread_t            tid;           /* monitoring thread */
+    int                  mfd;           /* monitor fd, -1 if no init yet */
+#endif
+};
+
+
+#ifdef NO_ASN 
+    typedef struct Signer Signer;
+#endif
+
+
+#ifndef CA_TABLE_SIZE
+    #define CA_TABLE_SIZE 11
+#endif
+
+/* wolfSSL Certificate Manager */
+struct WOLFSSL_CERT_MANAGER {
+    Signer*         caTable[CA_TABLE_SIZE]; /* the CA signer table */
+    wolfSSL_Mutex    caLock;             /* CA list lock */
+    CallbackCACache caCacheCallback;    /* CA cache addition callback */
+    void*           heap;               /* heap helper */
+    WOLFSSL_CRL*     crl;                /* CRL checker */
+    byte            crlEnabled;         /* is CRL on ? */
+    byte            crlCheckAll;        /* always leaf, but all ? */
+    CbMissingCRL    cbMissingCRL;       /* notify through cb of missing crl */
+    WOLFSSL_OCSP*    ocsp;               /* OCSP checker */
+    byte            ocspEnabled;        /* is OCSP on ? */
+    byte            ocspSendNonce;      /* send the OCSP nonce ? */
+    byte            ocspUseOverrideURL; /* ignore cert's responder, override */
+    char*           ocspOverrideURL;    /* use this responder */
+    void*           ocspIOCtx;          /* I/O callback CTX */
+    CbOCSPIO        ocspIOCb;           /* I/O callback for OCSP lookup */
+    CbOCSPRespFree  ocspRespFreeCb;     /* Frees OCSP Response from IO Cb */
+};
+
+WOLFSSL_LOCAL int CM_SaveCertCache(WOLFSSL_CERT_MANAGER*, const char*);
+WOLFSSL_LOCAL int CM_RestoreCertCache(WOLFSSL_CERT_MANAGER*, const char*);
+WOLFSSL_LOCAL int CM_MemSaveCertCache(WOLFSSL_CERT_MANAGER*, void*, int, int*);
+WOLFSSL_LOCAL int CM_MemRestoreCertCache(WOLFSSL_CERT_MANAGER*, const void*, int);
+WOLFSSL_LOCAL int CM_GetCertCacheMemSize(WOLFSSL_CERT_MANAGER*);
+
+/* wolfSSL Sock Addr */
+struct WOLFSSL_SOCKADDR {
+    unsigned int sz; /* sockaddr size */
+    void*        sa; /* pointer to the sockaddr_in or sockaddr_in6 */
+};
+
+typedef struct WOLFSSL_DTLS_CTX {
+    WOLFSSL_SOCKADDR peer;
+    int fd;
+} WOLFSSL_DTLS_CTX;
+
+
+#ifdef WOLFSSL_DTLS
+
+    #ifdef WORD64_AVAILABLE
+        typedef word64 DtlsSeq;
+    #else
+        typedef word32 DtlsSeq;
+    #endif
+    #define DTLS_SEQ_BITS (sizeof(DtlsSeq) * CHAR_BIT)
+
+    typedef struct DtlsState {
+        DtlsSeq window;     /* Sliding window for current epoch    */
+        word16 nextEpoch;   /* Expected epoch in next record       */
+        word32 nextSeq;     /* Expected sequence in next record    */
+
+        word16 curEpoch;    /* Received epoch in current record    */
+        word32 curSeq;      /* Received sequence in current record */
+
+        DtlsSeq prevWindow; /* Sliding window for old epoch        */
+        word32 prevSeq;     /* Next sequence in allowed old epoch  */
+    } DtlsState;
+
+#endif /* WOLFSSL_DTLS */
+
+
+/* keys and secrets */
+typedef struct Keys {
+    byte client_write_MAC_secret[MAX_DIGEST_SIZE];   /* max sizes */
+    byte server_write_MAC_secret[MAX_DIGEST_SIZE];
+    byte client_write_key[AES_256_KEY_SIZE];         /* max sizes */
+    byte server_write_key[AES_256_KEY_SIZE];
+    byte client_write_IV[AES_IV_SIZE];               /* max sizes */
+    byte server_write_IV[AES_IV_SIZE];
+#ifdef HAVE_AEAD
+    byte aead_exp_IV[AEAD_EXP_IV_SZ];
+    byte aead_enc_imp_IV[AEAD_IMP_IV_SZ];
+    byte aead_dec_imp_IV[AEAD_IMP_IV_SZ];
+#endif
+
+    word32 peer_sequence_number;
+    word32 sequence_number;
+
+#ifdef WOLFSSL_DTLS
+    DtlsState dtls_state;                       /* Peer's state */
+    word16 dtls_peer_handshake_number;
+    word16 dtls_expected_peer_handshake_number;
+
+    word16 dtls_epoch;                          /* Current tx epoch    */
+    word32 dtls_sequence_number;                /* Current tx sequence */
+    word16 dtls_handshake_number;               /* Current tx handshake seq */
+#endif
+
+    word32 encryptSz;             /* last size of encrypted data   */
+    word32 padSz;                 /* how much to advance after decrypt part */
+    byte   encryptionOn;          /* true after change cipher spec */
+    byte   decryptedCur;          /* only decrypt current record once */
+} Keys;
+
+
+
+/* RFC 6066 TLS Extensions */
+#ifdef HAVE_TLS_EXTENSIONS
+
+typedef enum {
+    SERVER_NAME_INDICATION = 0x0000,
+    MAX_FRAGMENT_LENGTH    = 0x0001,
+    TRUNCATED_HMAC         = 0x0004,
+    ELLIPTIC_CURVES        = 0x000a,
+    SESSION_TICKET         = 0x0023,
+    SECURE_RENEGOTIATION   = 0xff01
+} TLSX_Type;
+
+typedef struct TLSX {
+    TLSX_Type    type; /* Extension Type  */
+    void*        data; /* Extension Data  */
+    byte         resp; /* IsResponse Flag */
+    struct TLSX* next; /* List Behavior   */
+} TLSX;
+
+WOLFSSL_LOCAL TLSX*  TLSX_Find(TLSX* list, TLSX_Type type);
+WOLFSSL_LOCAL void   TLSX_FreeAll(TLSX* list);
+WOLFSSL_LOCAL int    TLSX_SupportExtensions(WOLFSSL* ssl);
+
+#ifndef NO_WOLFSSL_CLIENT
+WOLFSSL_LOCAL word16 TLSX_GetRequestSize(WOLFSSL* ssl);
+WOLFSSL_LOCAL word16 TLSX_WriteRequest(WOLFSSL* ssl, byte* output);
+#endif
+
+#ifndef NO_WOLFSSL_SERVER
+WOLFSSL_LOCAL word16 TLSX_GetResponseSize(WOLFSSL* ssl);
+WOLFSSL_LOCAL word16 TLSX_WriteResponse(WOLFSSL* ssl, byte* output);
+#endif
+
+WOLFSSL_LOCAL int    TLSX_Parse(WOLFSSL* ssl, byte* input, word16 length,
+                                                byte isRequest, Suites *suites);
+                                                
+#elif defined(HAVE_SNI)                  \
+   || defined(HAVE_MAX_FRAGMENT)         \
+   || defined(HAVE_TRUNCATED_HMAC)       \
+   || defined(HAVE_SUPPORTED_CURVES)     \
+   || defined(HAVE_SECURE_RENEGOTIATION) \
+   || defined(HAVE_SESSION_TICKET)
+
+#error Using TLS extensions requires HAVE_TLS_EXTENSIONS to be defined.
+
+#endif /* HAVE_TLS_EXTENSIONS */
+
+/* Server Name Indication */
+#ifdef HAVE_SNI
+
+typedef struct SNI {
+    byte                       type;    /* SNI Type          */
+    union { char* host_name; } data;    /* SNI Data          */
+    struct SNI*                next;    /* List Behavior     */
+#ifndef NO_WOLFSSL_SERVER
+    byte                       options; /* Behaviour options */
+    byte                       status;  /* Matching result   */
+#endif
+} SNI;
+
+WOLFSSL_LOCAL int TLSX_UseSNI(TLSX** extensions, byte type, const void* data,
+                                                                   word16 size);
+
+#ifndef NO_WOLFSSL_SERVER
+WOLFSSL_LOCAL void   TLSX_SNI_SetOptions(TLSX* extensions, byte type,
+                                                                  byte options);
+WOLFSSL_LOCAL byte   TLSX_SNI_Status(TLSX* extensions, byte type);
+WOLFSSL_LOCAL word16 TLSX_SNI_GetRequest(TLSX* extensions, byte type,
+                                                                   void** data);
+WOLFSSL_LOCAL int    TLSX_SNI_GetFromBuffer(const byte* buffer, word32 bufferSz,
+                                         byte type, byte* sni, word32* inOutSz);
+#endif
+
+#endif /* HAVE_SNI */
+
+/* Maximum Fragment Length */
+#ifdef HAVE_MAX_FRAGMENT
+
+WOLFSSL_LOCAL int TLSX_UseMaxFragment(TLSX** extensions, byte mfl);
+
+#endif /* HAVE_MAX_FRAGMENT */
+
+#ifdef HAVE_TRUNCATED_HMAC
+
+WOLFSSL_LOCAL int TLSX_UseTruncatedHMAC(TLSX** extensions);
+
+#endif /* HAVE_TRUNCATED_HMAC */
+
+#ifdef HAVE_SUPPORTED_CURVES
+
+typedef struct EllipticCurve {
+    word16                name; /* CurveNames    */
+    struct EllipticCurve* next; /* List Behavior */
+} EllipticCurve;
+
+WOLFSSL_LOCAL int TLSX_UseSupportedCurve(TLSX** extensions, word16 name);
+
+#ifndef NO_WOLFSSL_SERVER
+WOLFSSL_LOCAL int TLSX_ValidateEllipticCurves(WOLFSSL* ssl, byte first,
+                                                                   byte second);
+#endif
+
+#endif /* HAVE_SUPPORTED_CURVES */
+
+#ifdef HAVE_SECURE_RENEGOTIATION
+
+enum key_cache_state {
+    SCR_CACHE_NULL   = 0,       /* empty / begin state */
+    SCR_CACHE_NEEDED,           /* need to cache keys */
+    SCR_CACHE_COPY,             /* we have a cached copy */
+    SCR_CACHE_PARTIAL,          /* partial restore to real keys */
+    SCR_CACHE_COMPLETE          /* complete restore to real keys */
+};
+
+
+/* Additional Conection State according to rfc5746 section 3.1 */
+typedef struct SecureRenegotiation {
+   byte                 enabled;  /* secure_renegotiation flag in rfc */
+   byte                 startScr; /* server requested client to start scr */
+   enum key_cache_state cache_status;  /* track key cache state */
+   byte                 client_verify_data[TLS_FINISHED_SZ];  /* cached */
+   byte                 server_verify_data[TLS_FINISHED_SZ];  /* cached */
+   byte                 subject_hash[SHA_DIGEST_SIZE];  /* peer cert hash */
+   Keys                 tmp_keys;  /* can't overwrite real keys yet */
+} SecureRenegotiation;
+
+WOLFSSL_LOCAL int TLSX_UseSecureRenegotiation(TLSX** extensions);
+
+#endif /* HAVE_SECURE_RENEGOTIATION */
+
+#ifdef HAVE_SESSION_TICKET
+
+typedef struct SessionTicket {
+    word32 lifetime;
+    byte*  data;
+    word16 size;
+} SessionTicket;
+
+WOLFSSL_LOCAL int  TLSX_UseSessionTicket(TLSX** extensions, 
+                                                         SessionTicket* ticket);
+WOLFSSL_LOCAL SessionTicket* TLSX_SessionTicket_Create(word32 lifetime,
+                                                       byte* data, word16 size);
+WOLFSSL_LOCAL void TLSX_SessionTicket_Free(SessionTicket* ticket);
+#endif /* HAVE_SESSION_TICKET */
+
+/* wolfSSL context type */
+struct WOLFSSL_CTX {
+    WOLFSSL_METHOD* method;
+    wolfSSL_Mutex   countMutex;    /* reference count mutex */
+    int         refCount;         /* reference count */
+#ifndef NO_CERTS
+    buffer      certificate;
+    buffer      certChain;
+                 /* chain after self, in DER, with leading size for each cert */
+    buffer      privateKey;
+    buffer      serverDH_P;
+    buffer      serverDH_G;
+    WOLFSSL_CERT_MANAGER* cm;      /* our cert manager, ctx owns SSL will use */
+#endif
+    Suites      suites;
+    void*       heap;             /* for user memory overrides */
+    byte        verifyPeer;
+    byte        verifyNone;
+    byte        failNoCert;
+    byte        sessionCacheOff;
+    byte        sessionCacheFlushOff;
+    byte        sendVerify;       /* for client side */
+    byte        haveRSA;          /* RSA available */
+    byte        haveDH;           /* server DH parms set by user */
+    byte        haveNTRU;         /* server private NTRU  key loaded */
+    byte        haveECDSAsig;     /* server cert signed w/ ECDSA */
+    byte        haveStaticECC;    /* static server ECC private key */
+    byte        partialWrite;     /* only one msg per write call */
+    byte        quietShutdown;    /* don't send close notify */
+    byte        groupMessages;    /* group handshake messages before sending */
+    CallbackIORecv CBIORecv;
+    CallbackIOSend CBIOSend;
+#ifdef WOLFSSL_DTLS
+    CallbackGenCookie CBIOCookie;       /* gen cookie callback */
+#endif
+    VerifyCallback  verifyCallback;     /* cert verification callback */
+    word32          timeout;            /* session timeout */
+#ifdef HAVE_ECC
+    word16          eccTempKeySz;       /* in octets 20 - 66 */
+    word32          pkCurveOID;         /* curve Ecc_Sum */
+#endif
+#ifndef NO_PSK
+    byte        havePSK;                /* psk key set by user */
+    psk_client_callback client_psk_cb;  /* client callback */
+    psk_server_callback server_psk_cb;  /* server callback */
+    char        server_hint[MAX_PSK_ID_LEN];
+#endif /* NO_PSK */
+#ifdef HAVE_ANON
+    byte        haveAnon;               /* User wants to allow Anon suites */
+#endif /* HAVE_ANON */
+#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER)
+    pem_password_cb passwd_cb;
+    void*            userdata;
+#endif /* OPENSSL_EXTRA */
+#ifdef HAVE_OCSP
+    WOLFSSL_OCSP      ocsp;
+#endif
+#ifdef HAVE_CAVIUM
+    int              devId;            /* cavium device id to use */
+#endif
+#ifdef HAVE_TLS_EXTENSIONS
+    TLSX* extensions;                  /* RFC 6066 TLS Extensions data */
+#endif
+#ifdef ATOMIC_USER
+    CallbackMacEncrypt    MacEncryptCb;    /* Atomic User Mac/Encrypt Cb */
+    CallbackDecryptVerify DecryptVerifyCb; /* Atomic User Decrypt/Verify Cb */
+#endif
+#ifdef HAVE_PK_CALLBACKS
+    #ifdef HAVE_ECC
+        CallbackEccSign   EccSignCb;    /* User EccSign   Callback handler */
+        CallbackEccVerify EccVerifyCb;  /* User EccVerify Callback handler */
+    #endif /* HAVE_ECC */
+    #ifndef NO_RSA 
+        CallbackRsaSign   RsaSignCb;    /* User RsaSign   Callback handler */
+        CallbackRsaVerify RsaVerifyCb;  /* User RsaVerify Callback handler */
+        CallbackRsaEnc    RsaEncCb;     /* User Rsa Public Encrypt  handler */
+        CallbackRsaDec    RsaDecCb;     /* User Rsa Private Decrypt handler */
+    #endif /* NO_RSA */
+#endif /* HAVE_PK_CALLBACKS */
+};
+
+
+WOLFSSL_LOCAL
+int InitSSL_Ctx(WOLFSSL_CTX*, WOLFSSL_METHOD*);
+WOLFSSL_LOCAL
+void FreeSSL_Ctx(WOLFSSL_CTX*);
+WOLFSSL_LOCAL
+void SSL_CtxResourceFree(WOLFSSL_CTX*);
+
+WOLFSSL_LOCAL
+int DeriveTlsKeys(WOLFSSL* ssl);
+WOLFSSL_LOCAL
+int ProcessOldClientHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
+                          word32 inSz, word16 sz);
+#ifndef NO_CERTS
+    WOLFSSL_LOCAL
+    int AddCA(WOLFSSL_CERT_MANAGER* ctx, buffer der, int type, int verify);
+    WOLFSSL_LOCAL
+    int AlreadySigner(WOLFSSL_CERT_MANAGER* cm, byte* hash);
+#endif
+
+/* All cipher suite related info */
+typedef struct CipherSpecs {
+    byte bulk_cipher_algorithm;
+    byte cipher_type;               /* block, stream, or aead */
+    byte mac_algorithm;
+    byte kea;                       /* key exchange algo */
+    byte sig_algo;
+    byte hash_size;
+    byte pad_size;
+    byte static_ecdh;
+    word16 key_size;
+    word16 iv_size;
+    word16 block_size;
+    word16 aead_mac_size;
+} CipherSpecs;
+
+
+void InitCipherSpecs(CipherSpecs* cs);
+
+
+/* Supported Message Authentication Codes from page 43 */
+enum MACAlgorithm { 
+    no_mac,
+    md5_mac,
+    sha_mac,
+    sha224_mac,
+    sha256_mac,     /* needs to match external KDF_MacAlgorithm */
+    sha384_mac,
+    sha512_mac,
+    rmd_mac,
+    blake2b_mac
+};
+
+
+/* Supported Key Exchange Protocols */
+enum KeyExchangeAlgorithm { 
+    no_kea,
+    rsa_kea, 
+    diffie_hellman_kea, 
+    fortezza_kea,
+    psk_kea,
+    dhe_psk_kea,
+    ntru_kea,
+    ecc_diffie_hellman_kea,
+    ecc_static_diffie_hellman_kea       /* for verify suite only */
+};
+
+
+/* Supported Authentication Schemes */
+enum SignatureAlgorithm {
+    anonymous_sa_algo,
+    rsa_sa_algo,
+    dsa_sa_algo,
+    ecc_dsa_sa_algo
+};
+
+
+/* Supprted ECC Curve Types */
+enum EccCurves {
+    named_curve = 3
+};
+
+
+/* Supprted ECC Named Curves */
+enum EccNamedCurves {
+    secp256r1 = 0x17,         /* default, OpenSSL also calls it prime256v1 */
+    secp384r1 = 0x18,
+    secp521r1 = 0x19,
+
+    secp160r1 = 0x10,
+    secp192r1 = 0x13,        /*           Openssl also call it prime192v1 */
+    secp224r1 = 0x15
+};
+
+
+/* Valid client certificate request types from page 27 */
+enum ClientCertificateType {    
+    rsa_sign            = 1, 
+    dss_sign            = 2,
+    rsa_fixed_dh        = 3,
+    dss_fixed_dh        = 4,
+    rsa_ephemeral_dh    = 5,
+    dss_ephemeral_dh    = 6,
+    fortezza_kea_cert   = 20,
+    ecdsa_sign          = 64,
+    rsa_fixed_ecdh      = 65,
+    ecdsa_fixed_ecdh    = 66
+};
+
+
+enum CipherType { stream, block, aead };
+
+
+
+
+
+
+/* cipher for now */
+typedef struct Ciphers {
+#ifdef BUILD_ARC4
+    Arc4*   arc4;
+#endif
+#ifdef BUILD_DES3
+    Des3*   des3;
+#endif
+#if defined(BUILD_AES) || defined(BUILD_AESGCM)
+    Aes*    aes;
+#endif
+#ifdef HAVE_CAMELLIA
+    Camellia* cam;
+#endif
+#ifdef HAVE_CHACHA
+    ChaCha*   chacha;
+#endif
+#ifdef HAVE_HC128
+    HC128*  hc128;
+#endif
+#ifdef BUILD_RABBIT
+    Rabbit* rabbit;
+#endif
+    byte    setup;       /* have we set it up flag for detection */
+} Ciphers;
+
+
+#ifdef HAVE_ONE_TIME_AUTH
+/* Ciphers for one time authentication such as poly1305 */
+typedef struct OneTimeAuth {
+#ifdef HAVE_POLY1305
+    Poly1305* poly1305;
+#endif
+    byte    setup;      /* flag for if a cipher has been set */
+
+} OneTimeAuth;
+#endif
+
+
+WOLFSSL_LOCAL void InitCiphers(WOLFSSL* ssl);
+WOLFSSL_LOCAL void FreeCiphers(WOLFSSL* ssl);
+
+
+/* hashes type */
+typedef struct Hashes {
+    #ifndef NO_OLD_TLS
+        byte md5[MD5_DIGEST_SIZE];
+    #endif
+    byte sha[SHA_DIGEST_SIZE];
+    #ifndef NO_SHA256
+        byte sha256[SHA256_DIGEST_SIZE];
+    #endif
+    #ifdef WOLFSSL_SHA384
+        byte sha384[SHA384_DIGEST_SIZE];
+    #endif
+} Hashes;
+
+
+/* Static x509 buffer */
+typedef struct x509_buffer {
+    int  length;                  /* actual size */
+    byte buffer[MAX_X509_SIZE];   /* max static cert size */
+} x509_buffer;
+
+
+/* wolfSSL X509_CHAIN, for no dynamic memory SESSION_CACHE */
+struct WOLFSSL_X509_CHAIN {
+    int         count;                    /* total number in chain */
+    x509_buffer certs[MAX_CHAIN_DEPTH];   /* only allow max depth 4 for now */
+};
+
+
+/* wolfSSL session type */
+struct WOLFSSL_SESSION {
+    byte         sessionID[ID_LEN];             /* id for protocol */
+    byte         sessionIDSz;
+    byte         masterSecret[SECRET_LEN];      /* stored secret */
+    word32       bornOn;                        /* create time in seconds   */
+    word32       timeout;                       /* timeout in seconds       */
+#ifdef SESSION_CERTS
+    WOLFSSL_X509_CHAIN chain;                    /* peer cert chain, static  */
+    ProtocolVersion version;                    /* which version was used */
+    byte            cipherSuite0;               /* first byte, normally 0 */
+    byte            cipherSuite;                /* 2nd byte, actual suite */
+#endif
+#ifndef NO_CLIENT_CACHE
+    byte         serverID[SERVER_ID_LEN];       /* for easier client lookup */
+    word16       idLen;                         /* serverID length */
+#endif
+#ifdef HAVE_SESSION_TICKET
+    byte         ticket[SESSION_TICKET_LEN];
+    word16       ticketLen;
+#endif
+};
+
+
+WOLFSSL_LOCAL
+WOLFSSL_SESSION* GetSession(WOLFSSL*, byte*);
+WOLFSSL_LOCAL
+int          SetSession(WOLFSSL*, WOLFSSL_SESSION*);
+
+typedef int (*hmacfp) (WOLFSSL*, byte*, const byte*, word32, int, int);
+
+#ifndef NO_CLIENT_CACHE
+    WOLFSSL_SESSION* GetSessionClient(WOLFSSL*, const byte*, int);
+#endif
+
+/* client connect state for nonblocking restart */
+enum ConnectState {
+    CONNECT_BEGIN = 0,
+    CLIENT_HELLO_SENT,
+    HELLO_AGAIN,               /* HELLO_AGAIN s for DTLS case */
+    HELLO_AGAIN_REPLY,
+    FIRST_REPLY_DONE,
+    FIRST_REPLY_FIRST,
+    FIRST_REPLY_SECOND,
+    FIRST_REPLY_THIRD,
+    FIRST_REPLY_FOURTH,
+    FINISHED_DONE,
+    SECOND_REPLY_DONE
+};
+
+
+/* server accept state for nonblocking restart */
+enum AcceptState {
+    ACCEPT_BEGIN = 0,
+    ACCEPT_CLIENT_HELLO_DONE,
+    HELLO_VERIFY_SENT,
+    ACCEPT_FIRST_REPLY_DONE,
+    SERVER_HELLO_SENT,
+    CERT_SENT,
+    KEY_EXCHANGE_SENT,
+    CERT_REQ_SENT,
+    SERVER_HELLO_DONE,
+    ACCEPT_SECOND_REPLY_DONE,
+    CHANGE_CIPHER_SENT,
+    ACCEPT_FINISHED_DONE,
+    ACCEPT_THIRD_REPLY_DONE
+};
+
+
+typedef struct Buffers {
+#ifndef NO_CERTS
+    buffer          certificate;            /* WOLFSSL_CTX owns, unless we own */
+    buffer          key;                    /* WOLFSSL_CTX owns, unless we own */
+    buffer          certChain;              /* WOLFSSL_CTX owns, unless we own */
+                 /* chain after self, in DER, with leading size for each cert */
+    buffer          serverDH_P;             /* WOLFSSL_CTX owns, unless we own */
+    buffer          serverDH_G;             /* WOLFSSL_CTX owns, unless we own */
+    buffer          serverDH_Pub;
+    buffer          serverDH_Priv;
+#endif
+    buffer          domainName;             /* for client check */
+    bufferStatic    inputBuffer;
+    bufferStatic    outputBuffer;
+    buffer          clearOutputBuffer;
+    int             prevSent;              /* previous plain text bytes sent
+                                              when got WANT_WRITE            */
+    int             plainSz;               /* plain text bytes in buffer to send
+                                              when got WANT_WRITE            */
+    byte            weOwnCert;             /* SSL own cert flag */
+    byte            weOwnCertChain;        /* SSL own cert chain flag */
+    byte            weOwnKey;              /* SSL own key  flag */
+    byte            weOwnDH;               /* SSL own dh (p,g)  flag */
+#ifdef WOLFSSL_DTLS
+    WOLFSSL_DTLS_CTX dtlsCtx;               /* DTLS connection context */
+#endif
+#ifdef HAVE_PK_CALLBACKS
+    #ifdef HAVE_ECC
+        buffer peerEccDsaKey;              /* we own for Ecc Verify Callbacks */
+    #endif /* HAVE_ECC */
+    #ifndef NO_RSA
+        buffer peerRsaKey;                 /* we own for Rsa Verify Callbacks */
+    #endif /* NO_RSA */
+#endif /* HAVE_PK_CALLBACKS */
+} Buffers;
+
+typedef struct Options {
+    byte            sessionCacheOff;
+    byte            sessionCacheFlushOff;
+    byte            cipherSuite0;           /* first byte, normally 0 */
+    byte            cipherSuite;            /* second byte, actual suite */
+    byte            serverState;
+    byte            clientState;
+    byte            handShakeState;
+    byte            handShakeDone;      /* at least one handshake complete */
+    byte            side;               /* client or server end */
+    byte            verifyPeer;
+    byte            verifyNone;
+    byte            failNoCert;
+    byte            downgrade;          /* allow downgrade of versions */
+    byte            minDowngrade;       /* minimum downgrade version */
+    byte            sendVerify;         /* false = 0, true = 1, sendBlank = 2 */
+    byte            resuming;
+    byte            haveSessionId;      /* server may not send */
+    byte            tls;                /* using TLS ? */
+    byte            tls1_1;             /* using TLSv1.1+ ? */
+    byte            dtls;               /* using datagrams ? */
+    byte            connReset;          /* has the peer reset */
+    byte            isClosed;           /* if we consider conn closed */
+    byte            closeNotify;        /* we've recieved a close notify */
+    byte            sentNotify;         /* we've sent a close notify */
+    byte            connectState;       /* nonblocking resume */
+    byte            acceptState;        /* nonblocking resume */
+    byte            usingCompression;   /* are we using compression */
+    byte            haveRSA;            /* RSA available */
+    byte            haveDH;             /* server DH parms set by user */
+    byte            haveNTRU;           /* server NTRU  private key loaded */
+    byte            haveECDSAsig;       /* server ECDSA signed cert */
+    byte            haveStaticECC;      /* static server ECC private key */
+    byte            havePeerCert;       /* do we have peer's cert */
+    byte            havePeerVerify;     /* and peer's cert verify */
+    byte            usingPSK_cipher;    /* whether we're using psk as cipher */
+    byte            usingAnon_cipher;   /* whether we're using an anon cipher */
+    byte            sendAlertState;     /* nonblocking resume */ 
+    byte            processReply;       /* nonblocking resume */
+    byte            partialWrite;       /* only one msg per write call */
+    byte            quietShutdown;      /* don't send close notify */
+    byte            certOnly;           /* stop once we get cert */
+    byte            groupMessages;      /* group handshake messages */
+    byte            usingNonblock;      /* set when using nonblocking socket */
+    byte            saveArrays;         /* save array Memory for user get keys
+                                           or psk */
+#ifdef HAVE_POLY1305
+    byte            oldPoly;            /* set when to use old rfc way of poly*/
+#endif
+#ifndef NO_PSK
+    byte            havePSK;            /* psk key set by user */
+    psk_client_callback client_psk_cb;
+    psk_server_callback server_psk_cb;
+#endif /* NO_PSK */
+#ifdef HAVE_ANON
+    byte            haveAnon;           /* User wants to allow Anon suites */
+#endif /* HAVE_ANON */
+} Options;
+
+typedef struct Arrays {
+    byte            clientRandom[RAN_LEN];
+    byte            serverRandom[RAN_LEN];
+    byte            sessionID[ID_LEN];
+    byte            sessionIDSz;
+    byte            preMasterSecret[ENCRYPT_LEN];
+    byte            masterSecret[SECRET_LEN];
+#ifdef WOLFSSL_DTLS
+    byte            cookie[MAX_COOKIE_LEN];
+    byte            cookieSz;
+#endif
+#ifndef NO_PSK
+    char            client_identity[MAX_PSK_ID_LEN];
+    char            server_hint[MAX_PSK_ID_LEN];
+    byte            psk_key[MAX_PSK_KEY_LEN];
+    word32          psk_keySz;          /* acutal size */
+#endif
+    word32          preMasterSz;        /* differs for DH, actual size */
+} Arrays;
+
+#ifndef ASN_NAME_MAX
+#define ASN_NAME_MAX 256
+#endif
+
+#ifndef MAX_DATE_SZ
+#define MAX_DATE_SZ 32
+#endif
+
+struct WOLFSSL_X509_NAME {
+    char  *name;
+    char  staticName[ASN_NAME_MAX];
+    int   dynamicName;
+    int   sz;
+#ifdef OPENSSL_EXTRA
+    DecodedName fullName;
+#endif /* OPENSSL_EXTRA */
+};
+
+#ifndef EXTERNAL_SERIAL_SIZE
+    #define EXTERNAL_SERIAL_SIZE 32
+#endif
+
+#ifdef NO_ASN 
+    typedef struct DNS_entry DNS_entry;
+#endif
+
+struct WOLFSSL_X509 {
+    int              version;
+    WOLFSSL_X509_NAME issuer;
+    WOLFSSL_X509_NAME subject;
+    int              serialSz;
+    byte             serial[EXTERNAL_SERIAL_SIZE];
+    char             subjectCN[ASN_NAME_MAX];        /* common name short cut */
+#ifdef WOLFSSL_SEP
+    int              deviceTypeSz;
+    byte             deviceType[EXTERNAL_SERIAL_SIZE];
+    int              hwTypeSz;
+    byte             hwType[EXTERNAL_SERIAL_SIZE];
+    int              hwSerialNumSz;
+    byte             hwSerialNum[EXTERNAL_SERIAL_SIZE];
+    #ifdef OPENSSL_EXTRA
+        byte             certPolicySet;
+        byte             certPolicyCrit;
+    #endif /* OPENSSL_EXTRA */
+#endif
+    int              notBeforeSz;
+    byte             notBefore[MAX_DATE_SZ];
+    int              notAfterSz;
+    byte             notAfter[MAX_DATE_SZ];
+    int              sigOID;
+    buffer           sig;
+    int              pubKeyOID;
+    buffer           pubKey;
+    #ifdef HAVE_ECC
+        word32       pkCurveOID;
+    #endif /* HAVE_ECC */
+    buffer           derCert;                        /* may need  */
+    DNS_entry*       altNames;                       /* alt names list */
+    DNS_entry*       altNamesNext;                   /* hint for retrieval */
+    byte             dynamicMemory;                  /* dynamic memory flag */
+    byte             isCa;
+#ifdef OPENSSL_EXTRA
+    word32           pathLength;
+    word16           keyUsage;
+    byte             basicConstSet;
+    byte             basicConstCrit;
+    byte             basicConstPlSet;
+    byte             subjAltNameSet;
+    byte             subjAltNameCrit;
+    byte             authKeyIdSet;
+    byte             authKeyIdCrit;
+    byte*            authKeyId;
+    word32           authKeyIdSz;
+    byte             subjKeyIdSet;
+    byte             subjKeyIdCrit;
+    byte*            subjKeyId;
+    word32           subjKeyIdSz;
+    byte             keyUsageSet;
+    byte             keyUsageCrit;
+#endif /* OPENSSL_EXTRA */
+};
+
+
+/* record layer header for PlainText, Compressed, and CipherText */
+typedef struct RecordLayerHeader {
+    byte            type;
+    byte            pvMajor;
+    byte            pvMinor;
+    byte            length[2];
+} RecordLayerHeader;
+
+
+/* record layer header for DTLS PlainText, Compressed, and CipherText */
+typedef struct DtlsRecordLayerHeader {
+    byte            type;
+    byte            pvMajor;
+    byte            pvMinor;
+    byte            epoch[2];             /* increment on cipher state change */
+    byte            sequence_number[6];   /* per record */
+    byte            length[2];
+} DtlsRecordLayerHeader;
+
+
+typedef struct DtlsPool {
+    buffer          buf[DTLS_POOL_SZ];
+    int             used;
+} DtlsPool;
+
+typedef struct DtlsMsg {
+    struct DtlsMsg* next;
+    word32          seq;       /* Handshake sequence number    */
+    word32          sz;        /* Length of whole mesage       */
+    word32          fragSz;    /* Length of fragments received */
+    byte            type;
+    byte*           buf;
+    byte*           msg;
+} DtlsMsg;
+
+
+#ifdef HAVE_NETX
+
+    /* NETX I/O Callback default */
+    typedef struct NetX_Ctx {
+        NX_TCP_SOCKET* nxSocket;    /* send/recv socket handle */
+        NX_PACKET*     nxPacket;    /* incoming packet handle for short reads */
+        ULONG          nxOffset;    /* offset already read from nxPacket */
+        ULONG          nxWait;      /* wait option flag */
+    } NetX_Ctx;
+
+#endif
+
+
+/* Handshake messages recevied from peer (plus change cipher */
+typedef struct MsgsReceived {
+    word16 got_hello_request:1;
+    word16 got_client_hello:1;
+    word16 got_server_hello:1;
+    word16 got_hello_verify_request:1;
+    word16 got_session_ticket:1;
+    word16 got_certificate:1;
+    word16 got_server_key_exchange:1;
+    word16 got_certificate_request:1;
+    word16 got_server_hello_done:1;
+    word16 got_certificate_verify:1;
+    word16 got_client_key_exchange:1;
+    word16 got_finished:1;
+    word16 got_change_cipher:1;
+} MsgsReceived;
+
+
+/* wolfSSL ssl type */
+struct WOLFSSL {
+    WOLFSSL_CTX*     ctx;
+    int             error;
+    ProtocolVersion version;            /* negotiated version */
+    ProtocolVersion chVersion;          /* client hello version */
+    Suites*         suites;             /* only need during handshake */
+    Ciphers         encrypt;
+    Ciphers         decrypt;
+#ifdef HAVE_ONE_TIME_AUTH
+    OneTimeAuth     auth;
+#endif
+    CipherSpecs     specs;
+    Keys            keys;
+    MsgsReceived    msgsReceived;       /* peer messages received */
+    int             rfd;                /* read  file descriptor */
+    int             wfd;                /* write file descriptor */
+    int             rflags;             /* user read  flags */
+    int             wflags;             /* user write flags */
+    WOLFSSL_BIO*     biord;              /* socket bio read  to free/close */
+    WOLFSSL_BIO*     biowr;              /* socket bio write to free/close */
+    void*           IOCB_ReadCtx;
+    void*           IOCB_WriteCtx;
+    RNG*            rng;
+#ifndef NO_OLD_TLS
+#ifndef NO_SHA
+    Sha             hashSha;            /* sha hash of handshake msgs */
+#endif
+#ifndef NO_MD5
+    Md5             hashMd5;            /* md5 hash of handshake msgs */
+#endif
+#endif
+#ifndef NO_SHA256
+    Sha256          hashSha256;         /* sha256 hash of handshake msgs */
+#endif
+#ifdef WOLFSSL_SHA384
+    Sha384          hashSha384;         /* sha384 hash of handshake msgs */
+#endif
+    Hashes          verifyHashes;
+    Hashes          certHashes;         /* for cert verify */
+    Buffers         buffers;
+    Options         options;
+    Arrays*         arrays;
+    WOLFSSL_SESSION  session;
+    VerifyCallback  verifyCallback;      /* cert verification callback */
+    void*           verifyCbCtx;         /* cert verify callback user ctx*/
+#ifndef NO_RSA
+    RsaKey*         peerRsaKey;
+    byte            peerRsaKeyPresent;
+#endif
+#ifdef HAVE_NTRU
+    word16          peerNtruKeyLen;
+    byte            peerNtruKey[MAX_NTRU_PUB_KEY_SZ];
+    byte            peerNtruKeyPresent;
+#endif
+#ifdef HAVE_ECC
+    ecc_key*        peerEccKey;              /* peer's  ECDHE key */
+    ecc_key*        peerEccDsaKey;           /* peer's  ECDSA key */
+    ecc_key*        eccTempKey;              /* private ECDHE key */
+    ecc_key*        eccDsaKey;               /* private ECDSA key */
+    word16          eccTempKeySz;            /* in octets 20 - 66 */
+    word32          pkCurveOID;              /* curve Ecc_Sum     */
+    byte            peerEccKeyPresent;
+    byte            peerEccDsaKeyPresent;
+    byte            eccTempKeyPresent;
+    byte            eccDsaKeyPresent;
+#endif
+    hmacfp          hmac;
+    void*           heap;               /* for user overrides */
+    RecordLayerHeader curRL;
+    word16            curSize;
+    word32          timeout;            /* session timeout */
+    WOLFSSL_CIPHER   cipher;
+#ifdef HAVE_LIBZ
+    z_stream        c_stream;           /* compression   stream */
+    z_stream        d_stream;           /* decompression stream */
+    byte            didStreamInit;      /* for stream init and end */
+#endif
+#ifdef WOLFSSL_DTLS
+    int             dtls_timeout_init;  /* starting timeout vaule */
+    int             dtls_timeout_max;   /* maximum timeout value */
+    int             dtls_timeout;       /* current timeout value, changes */
+    DtlsPool*       dtls_pool;
+    DtlsMsg*        dtls_msg_list;
+    void*           IOCB_CookieCtx;     /* gen cookie ctx */
+    word32          dtls_expected_rx;
+#endif
+#ifdef WOLFSSL_CALLBACKS
+    HandShakeInfo   handShakeInfo;      /* info saved during handshake */
+    TimeoutInfo     timeoutInfo;        /* info saved during handshake */
+    byte            hsInfoOn;           /* track handshake info        */
+    byte            toInfoOn;           /* track timeout   info        */
+#endif
+#ifdef HAVE_FUZZER
+    CallbackFuzzer  fuzzerCb;           /* for testing with using fuzzer */
+    void*           fuzzerCtx;          /* user defined pointer */
+#endif
+#ifdef KEEP_PEER_CERT
+    WOLFSSL_X509     peerCert;           /* X509 peer cert */
+#endif
+#ifdef FORTRESS
+    void*           ex_data[MAX_EX_DATA]; /* external data, for Fortress */
+#endif
+#ifdef HAVE_CAVIUM
+    int              devId;            /* cavium device id to use */
+#endif
+#ifdef HAVE_TLS_EXTENSIONS
+    TLSX* extensions;                  /* RFC 6066 TLS Extensions data */
+    #ifdef HAVE_MAX_FRAGMENT
+        word16 max_fragment;
+    #endif
+    #ifdef HAVE_TRUNCATED_HMAC
+        byte truncated_hmac;
+    #endif
+    #ifdef HAVE_SECURE_RENEGOTIATION
+        SecureRenegotiation* secure_renegotiation; /* valid pointer indicates */
+    #endif                                         /* user turned on */
+    #if !defined(NO_WOLFSSL_CLIENT) && defined(HAVE_SESSION_TICKET)
+        CallbackSessionTicket session_ticket_cb;
+        void*                 session_ticket_ctx;
+        byte                  expect_session_ticket;
+    #endif
+#endif /* HAVE_TLS_EXTENSIONS */
+#ifdef HAVE_NETX
+    NetX_Ctx        nxCtx;             /* NetX IO Context */
+#endif
+#ifdef SESSION_INDEX
+    int sessionIndex;                  /* Session's location in the cache. */
+#endif
+    WOLFSSL_ALERT_HISTORY alert_history;
+#ifdef ATOMIC_USER
+    void*    MacEncryptCtx;    /* Atomic User Mac/Encrypt Callback Context */
+    void*    DecryptVerifyCtx; /* Atomic User Decrypt/Verify Callback Context */
+#endif
+#ifdef HAVE_PK_CALLBACKS
+    #ifdef HAVE_ECC
+        void* EccSignCtx;     /* Ecc Sign   Callback Context */
+        void* EccVerifyCtx;   /* Ecc Verify Callback Context */
+    #endif /* HAVE_ECC */
+    #ifndef NO_RSA 
+        void* RsaSignCtx;     /* Rsa Sign   Callback Context */
+        void* RsaVerifyCtx;   /* Rsa Verify Callback Context */
+        void* RsaEncCtx;      /* Rsa Public  Encrypt   Callback Context */
+        void* RsaDecCtx;      /* Rsa Private Decrypt   Callback Context */
+    #endif /* NO_RSA */
+#endif /* HAVE_PK_CALLBACKS */
+#ifdef HAVE_SECRET_CALLBACK
+        SessionSecretCb sessionSecretCb;
+        void*           sessionSecretCtx;
+#endif /* HAVE_SECRET_CALLBACK */
+};
+
+
+WOLFSSL_LOCAL
+int  InitSSL(WOLFSSL*, WOLFSSL_CTX*);
+WOLFSSL_LOCAL
+void FreeSSL(WOLFSSL*);
+WOLFSSL_API void SSL_ResourceFree(WOLFSSL*);   /* Micrium uses */
+
+
+enum {
+    IV_SZ   = 32,          /* max iv sz */
+    NAME_SZ = 80          /* max one line */
+};
+
+
+typedef struct EncryptedInfo {
+    char     name[NAME_SZ];    /* encryption name */
+    byte     iv[IV_SZ];        /* encrypted IV */
+    word32   ivSz;             /* encrypted IV size */
+    long     consumed;         /* tracks PEM bytes consumed */
+    byte     set;              /* if encryption set */
+    WOLFSSL_CTX* ctx;              /* CTX owner */
+} EncryptedInfo;
+
+
+#ifndef NO_CERTS
+    WOLFSSL_LOCAL int PemToDer(const unsigned char* buff, long sz, int type,
+                              buffer* der, void* heap, EncryptedInfo* info,
+                              int* eccKey);
+
+    WOLFSSL_LOCAL int ProcessFile(WOLFSSL_CTX* ctx, const char* fname, int format,
+                                 int type, WOLFSSL* ssl, int userChain,
+                                WOLFSSL_CRL* crl);
+#endif
+
+
+#ifdef WOLFSSL_CALLBACKS
+    WOLFSSL_LOCAL
+    void InitHandShakeInfo(HandShakeInfo*);
+    WOLFSSL_LOCAL 
+    void FinishHandShakeInfo(HandShakeInfo*, const WOLFSSL*);
+    WOLFSSL_LOCAL 
+    void AddPacketName(const char*, HandShakeInfo*);
+
+    WOLFSSL_LOCAL
+    void InitTimeoutInfo(TimeoutInfo*);
+    WOLFSSL_LOCAL 
+    void FreeTimeoutInfo(TimeoutInfo*, void*);
+    WOLFSSL_LOCAL 
+    void AddPacketInfo(const char*, TimeoutInfo*, const byte*, int, void*);
+    WOLFSSL_LOCAL 
+    void AddLateName(const char*, TimeoutInfo*);
+    WOLFSSL_LOCAL 
+    void AddLateRecordHeader(const RecordLayerHeader* rl, TimeoutInfo* info);
+#endif
+
+
+/* Record Layer Header identifier from page 12 */
+enum ContentType {
+    no_type            = 0,
+    change_cipher_spec = 20, 
+    alert              = 21, 
+    handshake          = 22, 
+    application_data   = 23 
+};
+
+
+/* handshake header, same for each message type, pgs 20/21 */
+typedef struct HandShakeHeader {
+    byte            type;
+    word24          length;
+} HandShakeHeader;
+
+
+/* DTLS handshake header, same for each message type */
+typedef struct DtlsHandShakeHeader {
+    byte            type;
+    word24          length;
+    byte            message_seq[2];    /* start at 0, restransmit gets same # */
+    word24          fragment_offset;   /* bytes in previous fragments */
+    word24          fragment_length;   /* length of this fragment */
+} DtlsHandShakeHeader;
+
+
+enum HandShakeType {
+    no_shake            = -1,
+    hello_request       = 0, 
+    client_hello        = 1, 
+    server_hello        = 2,
+    hello_verify_request = 3,       /* DTLS addition */
+    session_ticket      =  4,
+    certificate         = 11, 
+    server_key_exchange = 12,
+    certificate_request = 13, 
+    server_hello_done   = 14,
+    certificate_verify  = 15, 
+    client_key_exchange = 16,
+    finished            = 20,
+    change_cipher_hs    = 55      /* simulate unique handshake type for sanity
+                                     checks.  record layer change_cipher
+                                     conflicts with handshake finished */
+};
+
+
+static const byte client[SIZEOF_SENDER] = { 0x43, 0x4C, 0x4E, 0x54 };
+static const byte server[SIZEOF_SENDER] = { 0x53, 0x52, 0x56, 0x52 };
+
+static const byte tls_client[FINISHED_LABEL_SZ + 1] = "client finished";
+static const byte tls_server[FINISHED_LABEL_SZ + 1] = "server finished";
+
+
+/* internal functions */
+WOLFSSL_LOCAL int SendChangeCipher(WOLFSSL*);
+WOLFSSL_LOCAL int SendData(WOLFSSL*, const void*, int);
+WOLFSSL_LOCAL int SendCertificate(WOLFSSL*);
+WOLFSSL_LOCAL int SendCertificateRequest(WOLFSSL*);
+WOLFSSL_LOCAL int SendServerKeyExchange(WOLFSSL*);
+WOLFSSL_LOCAL int SendBuffered(WOLFSSL*);
+WOLFSSL_LOCAL int ReceiveData(WOLFSSL*, byte*, int, int);
+WOLFSSL_LOCAL int SendFinished(WOLFSSL*);
+WOLFSSL_LOCAL int SendAlert(WOLFSSL*, int, int);
+WOLFSSL_LOCAL int ProcessReply(WOLFSSL*);
+
+WOLFSSL_LOCAL int SetCipherSpecs(WOLFSSL*);
+WOLFSSL_LOCAL int MakeMasterSecret(WOLFSSL*);
+
+WOLFSSL_LOCAL int  AddSession(WOLFSSL*);
+WOLFSSL_LOCAL int  DeriveKeys(WOLFSSL* ssl);
+WOLFSSL_LOCAL int  StoreKeys(WOLFSSL* ssl, const byte* keyData);
+
+WOLFSSL_LOCAL int IsTLS(const WOLFSSL* ssl);
+WOLFSSL_LOCAL int IsAtLeastTLSv1_2(const WOLFSSL* ssl);
+
+WOLFSSL_LOCAL void FreeHandshakeResources(WOLFSSL* ssl);
+WOLFSSL_LOCAL void ShrinkInputBuffer(WOLFSSL* ssl, int forcedFree);
+WOLFSSL_LOCAL void ShrinkOutputBuffer(WOLFSSL* ssl);
+
+WOLFSSL_LOCAL int VerifyClientSuite(WOLFSSL* ssl);
+#ifndef NO_CERTS
+    WOLFSSL_LOCAL Signer* GetCA(void* cm, byte* hash);
+    #ifndef NO_SKID
+        WOLFSSL_LOCAL Signer* GetCAByName(void* cm, byte* hash);
+    #endif
+#endif
+WOLFSSL_LOCAL int  BuildTlsFinished(WOLFSSL* ssl, Hashes* hashes,
+                                   const byte* sender);
+WOLFSSL_LOCAL void FreeArrays(WOLFSSL* ssl, int keep);
+WOLFSSL_LOCAL  int CheckAvailableSize(WOLFSSL *ssl, int size);
+WOLFSSL_LOCAL  int GrowInputBuffer(WOLFSSL* ssl, int size, int usedLength);
+
+#ifndef NO_TLS
+    WOLFSSL_LOCAL int  MakeTlsMasterSecret(WOLFSSL*);
+    WOLFSSL_LOCAL int  TLS_hmac(WOLFSSL* ssl, byte* digest, const byte* in,
+                               word32 sz, int content, int verify);
+#endif
+
+#ifndef NO_WOLFSSL_CLIENT
+    WOLFSSL_LOCAL int SendClientHello(WOLFSSL*);
+    WOLFSSL_LOCAL int SendClientKeyExchange(WOLFSSL*);
+    WOLFSSL_LOCAL int SendCertificateVerify(WOLFSSL*);
+#endif /* NO_WOLFSSL_CLIENT */
+
+#ifndef NO_WOLFSSL_SERVER
+    WOLFSSL_LOCAL int SendServerHello(WOLFSSL*);
+    WOLFSSL_LOCAL int SendServerHelloDone(WOLFSSL*);
+    #ifdef WOLFSSL_DTLS
+        WOLFSSL_LOCAL int SendHelloVerifyRequest(WOLFSSL*);
+    #endif
+#endif /* NO_WOLFSSL_SERVER */
+
+#ifdef WOLFSSL_DTLS
+    WOLFSSL_LOCAL int  DtlsPoolInit(WOLFSSL*);
+    WOLFSSL_LOCAL int  DtlsPoolSave(WOLFSSL*, const byte*, int);
+    WOLFSSL_LOCAL int  DtlsPoolTimeout(WOLFSSL*);
+    WOLFSSL_LOCAL int  DtlsPoolSend(WOLFSSL*);
+    WOLFSSL_LOCAL void DtlsPoolReset(WOLFSSL*);
+
+    WOLFSSL_LOCAL DtlsMsg* DtlsMsgNew(word32, void*);
+    WOLFSSL_LOCAL void DtlsMsgDelete(DtlsMsg*, void*);
+    WOLFSSL_LOCAL void DtlsMsgListDelete(DtlsMsg*, void*);
+    WOLFSSL_LOCAL void DtlsMsgSet(DtlsMsg*, word32, const byte*, byte,
+                                                             word32, word32);
+    WOLFSSL_LOCAL DtlsMsg* DtlsMsgFind(DtlsMsg*, word32);
+    WOLFSSL_LOCAL DtlsMsg* DtlsMsgStore(DtlsMsg*, word32, const byte*, word32,
+                                                byte, word32, word32, void*);
+    WOLFSSL_LOCAL DtlsMsg* DtlsMsgInsert(DtlsMsg*, DtlsMsg*);
+#endif /* WOLFSSL_DTLS */
+
+#ifndef NO_TLS
+    
+
+#endif /* NO_TLS */
+
+
+WOLFSSL_LOCAL word32  LowResTimer(void);
+
+WOLFSSL_LOCAL void InitX509Name(WOLFSSL_X509_NAME*, int);
+WOLFSSL_LOCAL void FreeX509Name(WOLFSSL_X509_NAME* name);
+WOLFSSL_LOCAL void InitX509(WOLFSSL_X509*, int);
+WOLFSSL_LOCAL void FreeX509(WOLFSSL_X509*);
+#ifndef NO_CERTS
+    WOLFSSL_LOCAL int  CopyDecodedToX509(WOLFSSL_X509*, DecodedCert*);
+#endif
+
+/* used by ssl.c and wolfssl_int.c */
+WOLFSSL_LOCAL void c32to24(word32 in, word24 out);
+
+WOLFSSL_LOCAL const char* const* GetCipherNames(void);
+WOLFSSL_LOCAL int GetCipherNamesSize(void);
+
+
+enum encrypt_side {
+    ENCRYPT_SIDE_ONLY = 1,
+    DECRYPT_SIDE_ONLY,
+    ENCRYPT_AND_DECRYPT_SIDE
+};
+
+WOLFSSL_LOCAL int SetKeysSide(WOLFSSL*, enum encrypt_side);
+
+
+#ifdef __cplusplus
+    }  /* extern "C" */
+#endif
+
+#endif /* wolfSSL_INT_H */
+
diff --git a/3P/wolfssl/wolfssl/ocsp.h b/3P/wolfssl/wolfssl/ocsp.h
new file mode 100644
index 00000000..77a4157e
--- /dev/null
+++ b/3P/wolfssl/wolfssl/ocsp.h
@@ -0,0 +1,52 @@
+/* ocsp.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+/* wolfSSL OCSP API */
+
+#ifndef WOLFSSL_OCSP_H
+#define WOLFSSL_OCSP_H
+
+#ifdef HAVE_OCSP
+
+#include 
+#include 
+
+#ifdef __cplusplus
+    extern "C" {
+#endif
+
+typedef struct WOLFSSL_OCSP WOLFSSL_OCSP;
+
+WOLFSSL_LOCAL int  InitOCSP(WOLFSSL_OCSP*, WOLFSSL_CERT_MANAGER*);
+WOLFSSL_LOCAL void FreeOCSP(WOLFSSL_OCSP*, int dynamic);
+
+WOLFSSL_LOCAL int  CheckCertOCSP(WOLFSSL_OCSP*, DecodedCert*);
+
+#ifdef __cplusplus
+    }  /* extern "C" */
+#endif
+
+
+#endif /* HAVE_OCSP */
+#endif /* WOLFSSL_OCSP_H */
+
+
diff --git a/3P/wolfssl/wolfssl/openssl/asn1.h b/3P/wolfssl/wolfssl/openssl/asn1.h
new file mode 100644
index 00000000..3f34d7d2
--- /dev/null
+++ b/3P/wolfssl/wolfssl/openssl/asn1.h
@@ -0,0 +1,2 @@
+/* asn1.h for openssl */
+
diff --git a/3P/wolfssl/wolfssl/openssl/bio.h b/3P/wolfssl/wolfssl/openssl/bio.h
new file mode 100644
index 00000000..413569e0
--- /dev/null
+++ b/3P/wolfssl/wolfssl/openssl/bio.h
@@ -0,0 +1,23 @@
+/* bio.h for openssl */
+
+
+#ifndef WOLFSSL_BIO_H_
+#define WOLFSSL_BIO_H_
+
+#include 
+
+
+#ifdef __cplusplus
+    extern "C" {
+#endif
+
+
+
+
+#ifdef __cplusplus
+    }  /* extern "C" */ 
+#endif
+
+
+#endif /* WOLFSSL_BIO_H_ */
+
diff --git a/3P/wolfssl/wolfssl/openssl/bn.h b/3P/wolfssl/wolfssl/openssl/bn.h
new file mode 100644
index 00000000..88e7fc95
--- /dev/null
+++ b/3P/wolfssl/wolfssl/openssl/bn.h
@@ -0,0 +1,115 @@
+/* bn.h for openssl */
+
+
+#ifndef WOLFSSL_BN_H_
+#define WOLFSSL_BN_H_
+
+#include 
+
+#ifdef __cplusplus
+    extern "C" {
+#endif
+
+typedef struct WOLFSSL_BIGNUM {
+    int   neg;              /* openssh deference */
+    void* internal;         /* our big num */
+} WOLFSSL_BIGNUM;        
+
+
+typedef struct WOLFSSL_BN_CTX WOLFSSL_BN_CTX;
+
+
+WOLFSSL_API WOLFSSL_BN_CTX* wolfSSL_BN_CTX_new(void);
+WOLFSSL_API void           wolfSSL_BN_CTX_init(WOLFSSL_BN_CTX*);
+WOLFSSL_API void           wolfSSL_BN_CTX_free(WOLFSSL_BN_CTX*);
+
+WOLFSSL_API WOLFSSL_BIGNUM* wolfSSL_BN_new(void);
+WOLFSSL_API void           wolfSSL_BN_free(WOLFSSL_BIGNUM*);
+WOLFSSL_API void           wolfSSL_BN_clear_free(WOLFSSL_BIGNUM*);
+
+
+WOLFSSL_API int wolfSSL_BN_sub(WOLFSSL_BIGNUM*, const WOLFSSL_BIGNUM*,
+	                         const WOLFSSL_BIGNUM*);
+WOLFSSL_API int wolfSSL_BN_mod(WOLFSSL_BIGNUM*, const WOLFSSL_BIGNUM*,
+	                         const WOLFSSL_BIGNUM*, const WOLFSSL_BN_CTX*);
+
+WOLFSSL_API const WOLFSSL_BIGNUM* wolfSSL_BN_value_one(void);
+
+
+WOLFSSL_API int wolfSSL_BN_num_bytes(const WOLFSSL_BIGNUM*);
+WOLFSSL_API int wolfSSL_BN_num_bits(const WOLFSSL_BIGNUM*);
+
+WOLFSSL_API int wolfSSL_BN_is_zero(const WOLFSSL_BIGNUM*);
+WOLFSSL_API int wolfSSL_BN_is_one(const WOLFSSL_BIGNUM*);
+WOLFSSL_API int wolfSSL_BN_is_odd(const WOLFSSL_BIGNUM*);
+
+WOLFSSL_API int wolfSSL_BN_cmp(const WOLFSSL_BIGNUM*, const WOLFSSL_BIGNUM*);
+
+WOLFSSL_API int wolfSSL_BN_bn2bin(const WOLFSSL_BIGNUM*, unsigned char*);
+WOLFSSL_API WOLFSSL_BIGNUM* wolfSSL_BN_bin2bn(const unsigned char*, int len,
+	                            WOLFSSL_BIGNUM* ret);
+
+WOLFSSL_API int wolfSSL_mask_bits(WOLFSSL_BIGNUM*, int n);
+
+WOLFSSL_API int wolfSSL_BN_rand(WOLFSSL_BIGNUM*, int bits, int top, int bottom);
+WOLFSSL_API int wolfSSL_BN_is_bit_set(const WOLFSSL_BIGNUM*, int n);
+WOLFSSL_API int wolfSSL_BN_hex2bn(WOLFSSL_BIGNUM**, const char* str);
+
+WOLFSSL_API WOLFSSL_BIGNUM* wolfSSL_BN_dup(const WOLFSSL_BIGNUM*);
+WOLFSSL_API WOLFSSL_BIGNUM* wolfSSL_BN_copy(WOLFSSL_BIGNUM*, const WOLFSSL_BIGNUM*);
+
+WOLFSSL_API int wolfSSL_BN_set_word(WOLFSSL_BIGNUM*, unsigned long w);
+
+WOLFSSL_API int   wolfSSL_BN_dec2bn(WOLFSSL_BIGNUM**, const char* str);
+WOLFSSL_API char* wolfSSL_BN_bn2dec(const WOLFSSL_BIGNUM*);
+
+
+typedef WOLFSSL_BIGNUM BIGNUM;
+typedef WOLFSSL_BN_CTX BN_CTX;
+
+#define BN_CTX_new        wolfSSL_BN_CTX_new
+#define BN_CTX_init       wolfSSL_BN_CTX_init
+#define BN_CTX_free       wolfSSL_BN_CTX_free
+
+#define BN_new        wolfSSL_BN_new
+#define BN_free       wolfSSL_BN_free
+#define BN_clear_free wolfSSL_BN_clear_free
+
+#define BN_num_bytes wolfSSL_BN_num_bytes
+#define BN_num_bits  wolfSSL_BN_num_bits
+
+#define BN_is_zero  wolfSSL_BN_is_zero
+#define BN_is_one   wolfSSL_BN_is_one
+#define BN_is_odd   wolfSSL_BN_is_odd
+
+#define BN_cmp    wolfSSL_BN_cmp
+
+#define BN_bn2bin  wolfSSL_BN_bn2bin
+#define BN_bin2bn  wolfSSL_BN_bin2bn
+
+#define BN_mod       wolfSSL_BN_mod
+#define BN_sub       wolfSSL_BN_sub
+#define BN_value_one wolfSSL_BN_value_one
+
+#define BN_mask_bits wolfSSL_mask_bits
+
+#define BN_rand       wolfSSL_BN_rand
+#define BN_is_bit_set wolfSSL_BN_is_bit_set
+#define BN_hex2bn     wolfSSL_BN_hex2bn
+
+#define BN_dup  wolfSSL_BN_dup
+#define BN_copy wolfSSL_BN_copy
+
+#define BN_set_word wolfSSL_BN_set_word
+
+#define BN_dec2bn wolfSSL_BN_dec2bn
+#define BN_bn2dec wolfSSL_BN_bn2dec
+
+
+#ifdef __cplusplus
+    }  /* extern "C" */ 
+#endif
+
+
+#endif /* WOLFSSL__H_ */
+
diff --git a/3P/wolfssl/wolfssl/openssl/conf.h b/3P/wolfssl/wolfssl/openssl/conf.h
new file mode 100644
index 00000000..1e328cf4
--- /dev/null
+++ b/3P/wolfssl/wolfssl/openssl/conf.h
@@ -0,0 +1,2 @@
+/* conf.h for openssl */
+
diff --git a/3P/wolfssl/wolfssl/openssl/crypto.h b/3P/wolfssl/wolfssl/openssl/crypto.h
new file mode 100644
index 00000000..8f7c6f40
--- /dev/null
+++ b/3P/wolfssl/wolfssl/openssl/crypto.h
@@ -0,0 +1,26 @@
+/* crypto.h for openSSL */
+
+#ifndef WOLFSSL_CRYPTO_H_
+#define WOLFSSL_CRYPTO_H_
+
+
+#include 
+
+#ifdef WOLFSSL_PREFIX
+#include "prefix_crypto.h"
+#endif
+
+
+WOLFSSL_API const char*   wolfSSLeay_version(int type);
+WOLFSSL_API unsigned long wolfSSLeay(void);
+
+#define SSLeay_version wolfSSLeay_version
+#define SSLeay wolfSSLeay
+
+
+#define SSLEAY_VERSION 0x0090600fL
+#define SSLEAY_VERSION_NUMBER SSLEAY_VERSION
+
+
+#endif /* header */
+
diff --git a/3P/wolfssl/wolfssl/openssl/des.h b/3P/wolfssl/wolfssl/openssl/des.h
new file mode 100644
index 00000000..a35e430e
--- /dev/null
+++ b/3P/wolfssl/wolfssl/openssl/des.h
@@ -0,0 +1,87 @@
+/* des.h
+ *
+ * Copyright (C) 2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as wolfSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+/*  des.h defines mini des openssl compatibility layer 
+ *
+ */
+
+
+#ifndef WOLFSSL_DES_H_
+#define WOLFSSL_DES_H_
+
+#include 
+
+#ifdef WOLFSSL_PREFIX
+#include "prefix_des.h"
+#endif
+
+
+#ifdef __cplusplus
+    extern "C" {
+#endif
+
+typedef unsigned char WOLFSSL_DES_cblock[8];
+typedef /* const */ WOLFSSL_DES_cblock WOLFSSL_const_DES_cblock;
+typedef WOLFSSL_DES_cblock WOLFSSL_DES_key_schedule;
+
+
+enum {
+    DES_ENCRYPT = 1,
+    DES_DECRYPT = 0
+};
+
+
+WOLFSSL_API void wolfSSL_DES_set_key_unchecked(WOLFSSL_const_DES_cblock*,
+                                             WOLFSSL_DES_key_schedule*);
+WOLFSSL_API int  wolfSSL_DES_key_sched(WOLFSSL_const_DES_cblock* key,
+                                     WOLFSSL_DES_key_schedule* schedule);
+WOLFSSL_API void wolfSSL_DES_cbc_encrypt(const unsigned char* input,
+                     unsigned char* output, long length,
+                     WOLFSSL_DES_key_schedule* schedule, WOLFSSL_DES_cblock* ivec,
+                     int enc);
+WOLFSSL_API void wolfSSL_DES_ncbc_encrypt(const unsigned char* input,
+                      unsigned char* output, long length,
+                      WOLFSSL_DES_key_schedule* schedule,
+                      WOLFSSL_DES_cblock* ivec, int enc);
+
+WOLFSSL_API void wolfSSL_DES_set_odd_parity(WOLFSSL_DES_cblock*);
+WOLFSSL_API void wolfSSL_DES_ecb_encrypt(WOLFSSL_DES_cblock*, WOLFSSL_DES_cblock*,
+                                       WOLFSSL_DES_key_schedule*, int);
+
+
+typedef WOLFSSL_DES_cblock DES_cblock;
+typedef WOLFSSL_const_DES_cblock const_DES_cblock;
+typedef WOLFSSL_DES_key_schedule DES_key_schedule;
+
+#define DES_set_key_unchecked wolfSSL_DES_set_key_unchecked
+#define DES_key_sched wolfSSL_DES_key_sched
+#define DES_cbc_encrypt wolfSSL_DES_cbc_encrypt
+#define DES_ncbc_encrypt wolfSSL_DES_ncbc_encrypt
+#define DES_set_odd_parity wolfSSL_DES_set_odd_parity
+#define DES_ecb_encrypt wolfSSL_DES_ecb_encrypt
+
+#ifdef __cplusplus
+    } /* extern "C" */
+#endif
+
+
+#endif /* WOLFSSL_DES_H_ */
diff --git a/3P/wolfssl/wolfssl/openssl/dh.h b/3P/wolfssl/wolfssl/openssl/dh.h
new file mode 100644
index 00000000..071abf70
--- /dev/null
+++ b/3P/wolfssl/wolfssl/openssl/dh.h
@@ -0,0 +1,52 @@
+/* dh.h for openSSL */
+
+
+#ifndef WOLFSSL_DH_H_
+#define WOLFSSL_DH_H_
+
+
+#include 
+#include 
+
+
+#ifdef __cplusplus
+    extern "C" {
+#endif
+
+
+
+
+typedef struct WOLFSSL_DH {
+	WOLFSSL_BIGNUM* p;
+	WOLFSSL_BIGNUM* g;
+    WOLFSSL_BIGNUM* pub_key;      /* openssh deference g^x */
+    WOLFSSL_BIGNUM* priv_key;     /* openssh deference x   */
+    void*          internal;     /* our DH */
+    char           inSet;        /* internal set from external ? */
+    char           exSet;        /* external set from internal ? */
+} WOLFSSL_DH;
+
+
+WOLFSSL_API WOLFSSL_DH* wolfSSL_DH_new(void);
+WOLFSSL_API void       wolfSSL_DH_free(WOLFSSL_DH*);
+
+WOLFSSL_API int wolfSSL_DH_size(WOLFSSL_DH*);
+WOLFSSL_API int wolfSSL_DH_generate_key(WOLFSSL_DH*);
+WOLFSSL_API int wolfSSL_DH_compute_key(unsigned char* key, WOLFSSL_BIGNUM* pub,
+                                     WOLFSSL_DH*);
+
+typedef WOLFSSL_DH DH;
+
+#define DH_new  wolfSSL_DH_new 
+#define DH_free wolfSSL_DH_free
+
+#define DH_size         wolfSSL_DH_size
+#define DH_generate_key wolfSSL_DH_generate_key
+#define DH_compute_key  wolfSSL_DH_compute_key
+
+
+#ifdef __cplusplus
+    }  /* extern "C" */ 
+#endif
+
+#endif /* header */
diff --git a/3P/wolfssl/wolfssl/openssl/dsa.h b/3P/wolfssl/wolfssl/openssl/dsa.h
new file mode 100644
index 00000000..72556701
--- /dev/null
+++ b/3P/wolfssl/wolfssl/openssl/dsa.h
@@ -0,0 +1,53 @@
+/* dsa.h for openSSL */
+
+
+#ifndef WOLFSSL_DSA_H_
+#define WOLFSSL_DSA_H_
+
+
+#include 
+#include 
+
+
+#ifdef __cplusplus
+    extern "C" {
+#endif
+
+
+
+struct WOLFSSL_DSA {
+	WOLFSSL_BIGNUM* p;
+	WOLFSSL_BIGNUM* q;
+	WOLFSSL_BIGNUM* g;
+	WOLFSSL_BIGNUM* pub_key;      /* our y */
+	WOLFSSL_BIGNUM* priv_key;     /* our x */
+    void*          internal;     /* our Dsa Key */
+    char           inSet;        /* internal set from external ? */
+    char           exSet;        /* external set from internal ? */
+};
+
+
+WOLFSSL_API WOLFSSL_DSA* wolfSSL_DSA_new(void);
+WOLFSSL_API void        wolfSSL_DSA_free(WOLFSSL_DSA*);
+
+WOLFSSL_API int wolfSSL_DSA_generate_key(WOLFSSL_DSA*);
+WOLFSSL_API int wolfSSL_DSA_generate_parameters_ex(WOLFSSL_DSA*, int bits,
+                   unsigned char* seed, int seedLen, int* counterRet,
+                   unsigned long* hRet, void* cb);
+
+WOLFSSL_API int wolfSSL_DSA_LoadDer(WOLFSSL_DSA*, const unsigned char*, int sz);
+WOLFSSL_API int wolfSSL_DSA_do_sign(const unsigned char* d, unsigned char* sigRet,
+                                  WOLFSSL_DSA* dsa);
+
+#define DSA_new wolfSSL_DSA_new
+#define DSA_free wolfSSL_DSA_free
+
+#define DSA_generate_key           wolfSSL_DSA_generate_key
+#define DSA_generate_parameters_ex wolfSSL_DSA_generate_parameters_ex
+
+
+#ifdef __cplusplus
+    }  /* extern "C" */ 
+#endif
+
+#endif /* header */
diff --git a/3P/wolfssl/wolfssl/openssl/ec.h b/3P/wolfssl/wolfssl/openssl/ec.h
new file mode 100644
index 00000000..5ffdaf6e
--- /dev/null
+++ b/3P/wolfssl/wolfssl/openssl/ec.h
@@ -0,0 +1,2 @@
+/* ec.h for openssl */
+
diff --git a/3P/wolfssl/wolfssl/openssl/ecdsa.h b/3P/wolfssl/wolfssl/openssl/ecdsa.h
new file mode 100644
index 00000000..f3cf0de3
--- /dev/null
+++ b/3P/wolfssl/wolfssl/openssl/ecdsa.h
@@ -0,0 +1,2 @@
+/* ecdsa.h for openssl */
+
diff --git a/3P/wolfssl/wolfssl/openssl/engine.h b/3P/wolfssl/wolfssl/openssl/engine.h
new file mode 100644
index 00000000..39952fca
--- /dev/null
+++ b/3P/wolfssl/wolfssl/openssl/engine.h
@@ -0,0 +1,5 @@
+/* engine.h for libcurl */
+
+#undef HAVE_OPENSSL_ENGINE_H
+
+
diff --git a/3P/wolfssl/wolfssl/openssl/err.h b/3P/wolfssl/wolfssl/openssl/err.h
new file mode 100644
index 00000000..7e7f1eb7
--- /dev/null
+++ b/3P/wolfssl/wolfssl/openssl/err.h
@@ -0,0 +1,2 @@
+/* err.h for openssl */
+
diff --git a/3P/wolfssl/wolfssl/openssl/evp.h b/3P/wolfssl/wolfssl/openssl/evp.h
new file mode 100644
index 00000000..3a05a5df
--- /dev/null
+++ b/3P/wolfssl/wolfssl/openssl/evp.h
@@ -0,0 +1,241 @@
+/* evp.h
+ *
+ * Copyright (C) 2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+/*  evp.h defines mini evp openssl compatibility layer 
+ *
+ */
+
+
+#ifndef WOLFSSL_EVP_H_
+#define WOLFSSL_EVP_H_
+
+#include 
+
+#ifdef WOLFSSL_PREFIX
+#include "prefix_evp.h"
+#endif
+
+#include 
+#include 
+#include 
+#include 
+#include 
+
+#include 
+#include 
+#include 
+
+
+#ifdef __cplusplus
+    extern "C" {
+#endif
+
+typedef char WOLFSSL_EVP_MD;
+typedef char WOLFSSL_EVP_CIPHER;
+
+WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_md5(void);
+WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_sha1(void);
+WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_sha256(void);
+WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_sha384(void);
+WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_sha512(void);
+WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_ripemd160(void);
+
+WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_128_cbc(void);
+WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_192_cbc(void);
+WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_256_cbc(void);
+WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_128_ctr(void);
+WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_192_ctr(void);
+WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_256_ctr(void);
+WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_des_cbc(void);
+WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_des_ede3_cbc(void);
+WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_rc4(void);
+WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_enc_null(void);
+
+
+typedef union {
+    WOLFSSL_MD5_CTX    md5;
+    WOLFSSL_SHA_CTX    sha;
+    WOLFSSL_SHA256_CTX sha256;
+    #ifdef WOLFSSL_SHA384
+        WOLFSSL_SHA384_CTX sha384;
+    #endif
+    #ifdef WOLFSSL_SHA512
+        WOLFSSL_SHA512_CTX sha512;
+    #endif
+    #ifdef WOLFSSL_RIPEMD
+        WOLFSSL_RIPEMD_CTX ripemd;
+    #endif
+} WOLFSSL_Hasher;
+
+
+typedef struct WOLFSSL_EVP_MD_CTX {
+    unsigned char macType;
+    WOLFSSL_Hasher hash;
+} WOLFSSL_EVP_MD_CTX;
+
+
+typedef union {
+    Aes  aes;
+#ifndef NO_DES3
+    Des  des;
+    Des3 des3;
+#endif
+    Arc4 arc4;
+} WOLFSSL_Cipher;
+
+
+enum {
+    AES_128_CBC_TYPE  = 1,
+    AES_192_CBC_TYPE  = 2,
+    AES_256_CBC_TYPE  = 3,
+    AES_128_CTR_TYPE  = 4,
+    AES_192_CTR_TYPE  = 5,
+    AES_256_CTR_TYPE  = 6,
+    DES_CBC_TYPE      = 7,
+    DES_EDE3_CBC_TYPE = 8,
+    ARC4_TYPE         = 9,
+    NULL_CIPHER_TYPE  = 10,
+    EVP_PKEY_RSA      = 11,
+    EVP_PKEY_DSA      = 12,
+    NID_sha1          = 64,
+    NID_md5           =  4
+};
+
+
+typedef struct WOLFSSL_EVP_CIPHER_CTX {
+    int            keyLen;         /* user may set for variable */
+    unsigned char  enc;            /* if encrypt side, then true */
+    unsigned char  cipherType;
+    unsigned char  iv[AES_BLOCK_SIZE];    /* working iv pointer into cipher */
+    WOLFSSL_Cipher  cipher;
+} WOLFSSL_EVP_CIPHER_CTX;
+
+
+WOLFSSL_API int  wolfSSL_EVP_MD_size(const WOLFSSL_EVP_MD* md);
+WOLFSSL_API void wolfSSL_EVP_MD_CTX_init(WOLFSSL_EVP_MD_CTX* ctx);
+WOLFSSL_API int  wolfSSL_EVP_MD_CTX_cleanup(WOLFSSL_EVP_MD_CTX* ctx);
+
+WOLFSSL_API int wolfSSL_EVP_DigestInit(WOLFSSL_EVP_MD_CTX* ctx,
+                                     const WOLFSSL_EVP_MD* type);
+WOLFSSL_API int wolfSSL_EVP_DigestUpdate(WOLFSSL_EVP_MD_CTX* ctx, const void* data,
+                                       unsigned long sz);
+WOLFSSL_API int wolfSSL_EVP_DigestFinal(WOLFSSL_EVP_MD_CTX* ctx, unsigned char* md,
+                                      unsigned int* s);
+WOLFSSL_API int wolfSSL_EVP_DigestFinal_ex(WOLFSSL_EVP_MD_CTX* ctx,
+                                            unsigned char* md, unsigned int* s);
+WOLFSSL_API int wolfSSL_EVP_BytesToKey(const WOLFSSL_EVP_CIPHER*,
+                              const WOLFSSL_EVP_MD*, const unsigned char*,
+                              const unsigned char*, int, int, unsigned char*,
+                              unsigned char*);
+
+WOLFSSL_API void wolfSSL_EVP_CIPHER_CTX_init(WOLFSSL_EVP_CIPHER_CTX* ctx);
+WOLFSSL_API int  wolfSSL_EVP_CIPHER_CTX_cleanup(WOLFSSL_EVP_CIPHER_CTX* ctx);
+
+WOLFSSL_API int  wolfSSL_EVP_CIPHER_CTX_iv_length(const WOLFSSL_EVP_CIPHER_CTX*);
+
+
+WOLFSSL_API int  wolfSSL_EVP_CipherInit(WOLFSSL_EVP_CIPHER_CTX* ctx,
+                                    const WOLFSSL_EVP_CIPHER* type,
+                                    unsigned char* key, unsigned char* iv,
+                                    int enc);
+WOLFSSL_API int  wolfSSL_EVP_CIPHER_CTX_key_length(WOLFSSL_EVP_CIPHER_CTX* ctx);
+WOLFSSL_API int  wolfSSL_EVP_CIPHER_CTX_set_key_length(WOLFSSL_EVP_CIPHER_CTX* ctx,
+                                                     int keylen);
+WOLFSSL_API int  wolfSSL_EVP_Cipher(WOLFSSL_EVP_CIPHER_CTX* ctx,
+                          unsigned char* dst, unsigned char* src,
+                          unsigned int len);
+
+WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_get_digestbynid(int);
+
+WOLFSSL_API WOLFSSL_RSA* wolfSSL_EVP_PKEY_get1_RSA(WOLFSSL_EVP_PKEY*);
+WOLFSSL_API WOLFSSL_DSA* wolfSSL_EVP_PKEY_get1_DSA(WOLFSSL_EVP_PKEY*);
+
+/* these next ones don't need real OpenSSL type, for OpenSSH compat only */
+WOLFSSL_API void* wolfSSL_EVP_X_STATE(const WOLFSSL_EVP_CIPHER_CTX* ctx);
+WOLFSSL_API int   wolfSSL_EVP_X_STATE_LEN(const WOLFSSL_EVP_CIPHER_CTX* ctx);
+
+WOLFSSL_API void  wolfSSL_3des_iv(WOLFSSL_EVP_CIPHER_CTX* ctx, int doset,
+                                unsigned char* iv, int len);
+WOLFSSL_API void  wolfSSL_aes_ctr_iv(WOLFSSL_EVP_CIPHER_CTX* ctx, int doset,
+                                unsigned char* iv, int len);
+
+WOLFSSL_API int  wolfSSL_StoreExternalIV(WOLFSSL_EVP_CIPHER_CTX* ctx);
+WOLFSSL_API int  wolfSSL_SetInternalIV(WOLFSSL_EVP_CIPHER_CTX* ctx);
+
+
+/* end OpenSSH compat */
+
+typedef WOLFSSL_EVP_MD         EVP_MD;
+typedef WOLFSSL_EVP_CIPHER     EVP_CIPHER;
+typedef WOLFSSL_EVP_MD_CTX     EVP_MD_CTX;
+typedef WOLFSSL_EVP_CIPHER_CTX EVP_CIPHER_CTX;
+
+#define EVP_md5       wolfSSL_EVP_md5
+#define EVP_sha1      wolfSSL_EVP_sha1
+#define EVP_sha256    wolfSSL_EVP_sha256
+#define EVP_sha384    wolfSSL_EVP_sha384
+#define EVP_sha512    wolfSSL_EVP_sha512
+#define EVP_ripemd160 wolfSSL_EVP_ripemd160
+
+#define EVP_aes_128_cbc  wolfSSL_EVP_aes_128_cbc
+#define EVP_aes_192_cbc  wolfSSL_EVP_aes_192_cbc
+#define EVP_aes_256_cbc  wolfSSL_EVP_aes_256_cbc
+#define EVP_aes_128_ctr  wolfSSL_EVP_aes_128_ctr
+#define EVP_aes_192_ctr  wolfSSL_EVP_aes_192_ctr
+#define EVP_aes_256_ctr  wolfSSL_EVP_aes_256_ctr
+#define EVP_des_cbc      wolfSSL_EVP_des_cbc
+#define EVP_des_ede3_cbc wolfSSL_EVP_des_ede3_cbc
+#define EVP_rc4          wolfSSL_EVP_rc4
+#define EVP_enc_null     wolfSSL_EVP_enc_null
+
+#define EVP_MD_size        wolfSSL_EVP_MD_size
+#define EVP_MD_CTX_init    wolfSSL_EVP_MD_CTX_init
+#define EVP_MD_CTX_cleanup wolfSSL_EVP_MD_CTX_cleanup
+#define EVP_DigestInit     wolfSSL_EVP_DigestInit
+#define EVP_DigestUpdate   wolfSSL_EVP_DigestUpdate
+#define EVP_DigestFinal    wolfSSL_EVP_DigestFinal
+#define EVP_DigestFinal_ex wolfSSL_EVP_DigestFinal_ex
+#define EVP_BytesToKey     wolfSSL_EVP_BytesToKey
+
+#define EVP_CIPHER_CTX_init           wolfSSL_EVP_CIPHER_CTX_init
+#define EVP_CIPHER_CTX_cleanup        wolfSSL_EVP_CIPHER_CTX_cleanup
+#define EVP_CIPHER_CTX_iv_length      wolfSSL_EVP_CIPHER_CTX_iv_length
+#define EVP_CIPHER_CTX_key_length     wolfSSL_EVP_CIPHER_CTX_key_length
+#define EVP_CIPHER_CTX_set_key_length wolfSSL_EVP_CIPHER_CTX_set_key_length
+#define EVP_CipherInit                wolfSSL_EVP_CipherInit
+#define EVP_Cipher                    wolfSSL_EVP_Cipher
+
+#define EVP_get_digestbynid           wolfSSL_EVP_get_digestbynid
+
+#define EVP_PKEY_get1_RSA   wolfSSL_EVP_PKEY_get1_RSA
+#define EVP_PKEY_get1_DSA   wolfSSL_EVP_PKEY_get1_DSA
+
+#ifndef EVP_MAX_MD_SIZE
+    #define EVP_MAX_MD_SIZE   64     /* sha512 */
+#endif
+
+#ifdef __cplusplus
+    } /* extern "C" */
+#endif
+
+
+#endif /* WOLFSSL_EVP_H_ */
diff --git a/3P/wolfssl/wolfssl/openssl/hmac.h b/3P/wolfssl/wolfssl/openssl/hmac.h
new file mode 100644
index 00000000..0dca8cb2
--- /dev/null
+++ b/3P/wolfssl/wolfssl/openssl/hmac.h
@@ -0,0 +1,81 @@
+/* hmac.h
+ *
+ * Copyright (C) 2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+/*  hmac.h defines mini hamc openssl compatibility layer 
+ *
+ */
+
+
+#ifndef WOLFSSL_HMAC_H_
+#define WOLFSSL_HMAC_H_
+
+#include 
+
+#ifdef WOLFSSL_PREFIX
+#include "prefix_hmac.h"
+#endif
+
+#include 
+#include 
+
+#ifdef __cplusplus
+    extern "C" {
+#endif
+
+
+WOLFSSL_API unsigned char* wolfSSL_HMAC(const WOLFSSL_EVP_MD* evp_md,
+                               const void* key, int key_len,
+                               const unsigned char* d, int n, unsigned char* md,
+                               unsigned int* md_len);
+
+
+typedef struct WOLFSSL_HMAC_CTX {
+    Hmac hmac;
+    int  type;
+} WOLFSSL_HMAC_CTX;
+
+
+WOLFSSL_API void wolfSSL_HMAC_Init(WOLFSSL_HMAC_CTX* ctx, const void* key,
+                                 int keylen, const EVP_MD* type);
+WOLFSSL_API void wolfSSL_HMAC_Update(WOLFSSL_HMAC_CTX* ctx,
+                                   const unsigned char* data, int len);
+WOLFSSL_API void wolfSSL_HMAC_Final(WOLFSSL_HMAC_CTX* ctx, unsigned char* hash,
+                                  unsigned int* len);
+WOLFSSL_API void wolfSSL_HMAC_cleanup(WOLFSSL_HMAC_CTX* ctx);
+
+
+typedef struct WOLFSSL_HMAC_CTX HMAC_CTX;
+
+#define HMAC(a,b,c,d,e,f,g) wolfSSL_HMAC((a),(b),(c),(d),(e),(f),(g))
+
+#define HMAC_Init    wolfSSL_HMAC_Init
+#define HMAC_Update  wolfSSL_HMAC_Update
+#define HMAC_Final   wolfSSL_HMAC_Final
+#define HMAC_cleanup wolfSSL_HMAC_cleanup
+
+
+#ifdef __cplusplus
+    } /* extern "C" */
+#endif
+
+
+#endif /* WOLFSSL_HMAC_H_ */
diff --git a/3P/wolfssl/wolfssl/openssl/include.am b/3P/wolfssl/wolfssl/openssl/include.am
new file mode 100644
index 00000000..05b509bc
--- /dev/null
+++ b/3P/wolfssl/wolfssl/openssl/include.am
@@ -0,0 +1,36 @@
+# vim:ft=automake
+# All paths should be given relative to the root
+
+nobase_include_HEADERS+= \
+                         wolfssl/openssl/asn1.h \
+                         wolfssl/openssl/bio.h \
+                         wolfssl/openssl/bn.h \
+                         wolfssl/openssl/conf.h \
+                         wolfssl/openssl/crypto.h \
+                         wolfssl/openssl/des.h \
+                         wolfssl/openssl/dh.h \
+                         wolfssl/openssl/dsa.h \
+                         wolfssl/openssl/ecdsa.h \
+                         wolfssl/openssl/ec.h \
+                         wolfssl/openssl/engine.h \
+                         wolfssl/openssl/err.h \
+                         wolfssl/openssl/evp.h \
+                         wolfssl/openssl/hmac.h \
+                         wolfssl/openssl/lhash.h \
+                         wolfssl/openssl/md4.h \
+                         wolfssl/openssl/md5.h \
+                         wolfssl/openssl/ripemd.h \
+                         wolfssl/openssl/ocsp.h \
+                         wolfssl/openssl/opensslconf.h \
+                         wolfssl/openssl/opensslv.h \
+                         wolfssl/openssl/ossl_typ.h \
+                         wolfssl/openssl/pem.h \
+                         wolfssl/openssl/pkcs12.h \
+                         wolfssl/openssl/rand.h \
+                         wolfssl/openssl/rsa.h \
+                         wolfssl/openssl/sha.h \
+                         wolfssl/openssl/ssl.h \
+                         wolfssl/openssl/stack.h \
+                         wolfssl/openssl/ui.h \
+                         wolfssl/openssl/x509.h \
+                         wolfssl/openssl/x509v3.h
diff --git a/3P/wolfssl/wolfssl/openssl/lhash.h b/3P/wolfssl/wolfssl/openssl/lhash.h
new file mode 100644
index 00000000..01f8535f
--- /dev/null
+++ b/3P/wolfssl/wolfssl/openssl/lhash.h
@@ -0,0 +1,2 @@
+/* lhash.h for openSSL */
+
diff --git a/3P/wolfssl/wolfssl/openssl/md4.h b/3P/wolfssl/wolfssl/openssl/md4.h
new file mode 100644
index 00000000..2e99f977
--- /dev/null
+++ b/3P/wolfssl/wolfssl/openssl/md4.h
@@ -0,0 +1 @@
+/* md4.h for libcurl */
diff --git a/3P/wolfssl/wolfssl/openssl/md5.h b/3P/wolfssl/wolfssl/openssl/md5.h
new file mode 100644
index 00000000..73509523
--- /dev/null
+++ b/3P/wolfssl/wolfssl/openssl/md5.h
@@ -0,0 +1,39 @@
+/* md5.h for openssl */
+
+
+#ifndef WOLFSSL_MD5_H_
+#define WOLFSSL_MD5_H_
+
+#include 
+
+#ifdef WOLFSSL_PREFIX
+#include "prefix_md5.h"
+#endif
+
+#ifdef __cplusplus
+    extern "C" {
+#endif
+
+
+typedef struct WOLFSSL_MD5_CTX {
+    int holder[24];   /* big enough to hold wolfcrypt md5, but check on init */
+} WOLFSSL_MD5_CTX;
+
+WOLFSSL_API void wolfSSL_MD5_Init(WOLFSSL_MD5_CTX*);
+WOLFSSL_API void wolfSSL_MD5_Update(WOLFSSL_MD5_CTX*, const void*, unsigned long);
+WOLFSSL_API void wolfSSL_MD5_Final(unsigned char*, WOLFSSL_MD5_CTX*);
+
+
+typedef WOLFSSL_MD5_CTX MD5_CTX;
+
+#define MD5_Init wolfSSL_MD5_Init
+#define MD5_Update wolfSSL_MD5_Update
+#define MD5_Final wolfSSL_MD5_Final
+
+#ifdef __cplusplus
+    }  /* extern "C" */ 
+#endif
+
+
+#endif /* WOLFSSL_MD5_H_ */
+
diff --git a/3P/wolfssl/wolfssl/openssl/ocsp.h b/3P/wolfssl/wolfssl/openssl/ocsp.h
new file mode 100644
index 00000000..7463eec9
--- /dev/null
+++ b/3P/wolfssl/wolfssl/openssl/ocsp.h
@@ -0,0 +1 @@
+/* ocsp.h for libcurl */
diff --git a/3P/wolfssl/wolfssl/openssl/opensslconf.h b/3P/wolfssl/wolfssl/openssl/opensslconf.h
new file mode 100644
index 00000000..ac6b55bc
--- /dev/null
+++ b/3P/wolfssl/wolfssl/openssl/opensslconf.h
@@ -0,0 +1,8 @@
+/* opensslconf.h for openSSL */
+
+
+#ifndef OPENSSL_THREADS
+    #define OPENSSL_THREADS
+#endif
+
+
diff --git a/3P/wolfssl/wolfssl/openssl/opensslv.h b/3P/wolfssl/wolfssl/openssl/opensslv.h
new file mode 100644
index 00000000..e13e992b
--- /dev/null
+++ b/3P/wolfssl/wolfssl/openssl/opensslv.h
@@ -0,0 +1,12 @@
+/* opensslv.h compatibility */
+
+#ifndef WOLFSSL_OPENSSLV_H_
+#define WOLFSSL_OPENSSLV_H_
+
+
+/* api version compatibility */
+#define OPENSSL_VERSION_NUMBER 0x0090410fL
+
+
+#endif /* header */
+
diff --git a/3P/wolfssl/wolfssl/openssl/ossl_typ.h b/3P/wolfssl/wolfssl/openssl/ossl_typ.h
new file mode 100644
index 00000000..65b00c72
--- /dev/null
+++ b/3P/wolfssl/wolfssl/openssl/ossl_typ.h
@@ -0,0 +1,2 @@
+/* ossl_typ.h for openssl */
+
diff --git a/3P/wolfssl/wolfssl/openssl/pem.h b/3P/wolfssl/wolfssl/openssl/pem.h
new file mode 100644
index 00000000..926e43f4
--- /dev/null
+++ b/3P/wolfssl/wolfssl/openssl/pem.h
@@ -0,0 +1,41 @@
+/* pem.h for openssl */
+
+
+#ifndef WOLFSSL_PEM_H_
+#define WOLFSSL_PEM_H_
+
+#include 
+#include 
+#include 
+#include 
+
+#ifdef __cplusplus
+    extern "C" {
+#endif
+
+
+WOLFSSL_API int wolfSSL_PEM_write_bio_RSAPrivateKey(WOLFSSL_BIO* bio, RSA* rsa,
+	                                  const EVP_CIPHER* cipher,
+	                                  unsigned char* passwd, int len,
+	                                  pem_password_cb cb, void* arg);
+
+WOLFSSL_API int wolfSSL_PEM_write_bio_DSAPrivateKey(WOLFSSL_BIO* bio, DSA* rsa,
+	                                  const EVP_CIPHER* cipher,
+	                                  unsigned char* passwd, int len,
+	                                  pem_password_cb cb, void* arg);
+
+WOLFSSL_API WOLFSSL_EVP_PKEY* wolfSSL_PEM_read_bio_PrivateKey(WOLFSSL_BIO* bio,
+                        WOLFSSL_EVP_PKEY**, pem_password_cb cb, void* arg); 
+
+#define PEM_write_bio_RSAPrivateKey wolfSSL_PEM_write_bio_RSAPrivateKey
+#define PEM_write_bio_DSAPrivateKey wolfSSL_PEM_write_bio_DSAPrivateKey
+#define PEM_read_bio_PrivateKey     wolfSSL_PEM_read_bio_PrivateKey
+
+
+#ifdef __cplusplus
+    }  /* extern "C" */ 
+#endif
+
+
+#endif /* WOLFSSL_PEM_H_ */
+
diff --git a/3P/wolfssl/wolfssl/openssl/pkcs12.h b/3P/wolfssl/wolfssl/openssl/pkcs12.h
new file mode 100644
index 00000000..544b6f09
--- /dev/null
+++ b/3P/wolfssl/wolfssl/openssl/pkcs12.h
@@ -0,0 +1,2 @@
+/* pkcs12.h for openssl */
+
diff --git a/3P/wolfssl/wolfssl/openssl/rand.h b/3P/wolfssl/wolfssl/openssl/rand.h
new file mode 100644
index 00000000..a5534e1a
--- /dev/null
+++ b/3P/wolfssl/wolfssl/openssl/rand.h
@@ -0,0 +1,4 @@
+/* rand.h for openSSL */
+
+#include 
+
diff --git a/3P/wolfssl/wolfssl/openssl/ripemd.h b/3P/wolfssl/wolfssl/openssl/ripemd.h
new file mode 100644
index 00000000..ef1578e9
--- /dev/null
+++ b/3P/wolfssl/wolfssl/openssl/ripemd.h
@@ -0,0 +1,37 @@
+/* ripemd.h for openssl */
+
+
+#ifndef WOLFSSL_RIPEMD_H_
+#define WOLFSSL_RIPEMD_H_
+
+#include 
+
+#ifdef __cplusplus
+    extern "C" {
+#endif
+
+
+typedef struct WOLFSSL_RIPEMD_CTX {
+    int holder[32];   /* big enough to hold wolfcrypt, but check on init */
+} WOLFSSL_RIPEMD_CTX;
+
+WOLFSSL_API void wolfSSL_RIPEMD_Init(WOLFSSL_RIPEMD_CTX*);
+WOLFSSL_API void wolfSSL_RIPEMD_Update(WOLFSSL_RIPEMD_CTX*, const void*,
+                                     unsigned long);
+WOLFSSL_API void wolfSSL_RIPEMD_Final(unsigned char*, WOLFSSL_RIPEMD_CTX*);
+
+
+typedef WOLFSSL_RIPEMD_CTX RIPEMD_CTX;
+
+#define RIPEMD_Init   wolfSSL_RIPEMD_Init
+#define RIPEMD_Update wolfSSL_RIPEMD_Update
+#define RIPEMD_Final  wolfSSL_RIPEMD_Final
+
+
+#ifdef __cplusplus
+    }  /* extern "C" */ 
+#endif
+
+
+#endif /* WOLFSSL_MD5_H_ */
+
diff --git a/3P/wolfssl/wolfssl/openssl/rsa.h b/3P/wolfssl/wolfssl/openssl/rsa.h
new file mode 100644
index 00000000..2db993b6
--- /dev/null
+++ b/3P/wolfssl/wolfssl/openssl/rsa.h
@@ -0,0 +1,75 @@
+/* rsa.h for openSSL */
+
+
+#ifndef WOLFSSL_RSA_H_
+#define WOLFSSL_RSA_H_
+
+#include 
+#include 
+
+
+#ifdef __cplusplus
+    extern "C" {
+#endif
+
+
+enum  { 
+	RSA_PKCS1_PADDING = 1
+ };
+
+struct WOLFSSL_RSA {
+	WOLFSSL_BIGNUM* n;
+	WOLFSSL_BIGNUM* e;
+	WOLFSSL_BIGNUM* d;
+	WOLFSSL_BIGNUM* p;
+	WOLFSSL_BIGNUM* q;
+	WOLFSSL_BIGNUM* dmp1;      /* dP */
+	WOLFSSL_BIGNUM* dmq1;      /* dQ */
+	WOLFSSL_BIGNUM* iqmp;      /* u */
+    void*          internal;  /* our RSA */
+    char           inSet;     /* internal set from external ? */
+    char           exSet;     /* external set from internal ? */
+};
+
+
+WOLFSSL_API WOLFSSL_RSA* wolfSSL_RSA_new(void);
+WOLFSSL_API void        wolfSSL_RSA_free(WOLFSSL_RSA*);
+
+WOLFSSL_API int wolfSSL_RSA_generate_key_ex(WOLFSSL_RSA*, int bits, WOLFSSL_BIGNUM*,
+                                          void* cb);
+
+WOLFSSL_API int wolfSSL_RSA_blinding_on(WOLFSSL_RSA*, WOLFSSL_BN_CTX*);
+WOLFSSL_API int wolfSSL_RSA_public_encrypt(int len, unsigned char* fr,
+	                               unsigned char* to, WOLFSSL_RSA*, int padding);
+WOLFSSL_API int wolfSSL_RSA_private_decrypt(int len, unsigned char* fr,
+	                               unsigned char* to, WOLFSSL_RSA*, int padding);
+
+WOLFSSL_API int wolfSSL_RSA_size(const WOLFSSL_RSA*);
+WOLFSSL_API int wolfSSL_RSA_sign(int type, const unsigned char* m,
+                               unsigned int mLen, unsigned char* sigRet,
+                               unsigned int* sigLen, WOLFSSL_RSA*);
+WOLFSSL_API int wolfSSL_RSA_public_decrypt(int flen, unsigned char* from,
+                                  unsigned char* to, WOLFSSL_RSA*, int padding);
+WOLFSSL_API int wolfSSL_RSA_GenAdd(WOLFSSL_RSA*);
+WOLFSSL_API int wolfSSL_RSA_LoadDer(WOLFSSL_RSA*, const unsigned char*, int sz);
+
+
+#define RSA_new  wolfSSL_RSA_new
+#define RSA_free wolfSSL_RSA_free
+
+#define RSA_generate_key_ex wolfSSL_RSA_generate_key_ex
+
+#define RSA_blinding_on     wolfSSL_RSA_blinding_on
+#define RSA_public_encrypt  wolfSSL_RSA_public_encrypt
+#define RSA_private_decrypt wolfSSL_RSA_private_decrypt
+
+#define RSA_size           wolfSSL_RSA_size
+#define RSA_sign           wolfSSL_RSA_sign
+#define RSA_public_decrypt wolfSSL_RSA_public_decrypt
+
+
+#ifdef __cplusplus
+    }  /* extern "C" */ 
+#endif
+
+#endif /* header */
diff --git a/3P/wolfssl/wolfssl/openssl/sha.h b/3P/wolfssl/wolfssl/openssl/sha.h
new file mode 100644
index 00000000..7f8b0ebd
--- /dev/null
+++ b/3P/wolfssl/wolfssl/openssl/sha.h
@@ -0,0 +1,125 @@
+/* sha.h for openssl */
+
+
+#ifndef WOLFSSL_SHA_H_
+#define WOLFSSL_SHA_H_
+
+#include 
+
+#ifdef WOLFSSL_PREFIX
+#include "prefix_sha.h"
+#endif
+
+#ifdef __cplusplus
+    extern "C" {
+#endif
+
+
+typedef struct WOLFSSL_SHA_CTX {
+    int holder[24];   /* big enough to hold wolfcrypt sha, but check on init */
+} WOLFSSL_SHA_CTX;
+
+WOLFSSL_API void wolfSSL_SHA_Init(WOLFSSL_SHA_CTX*);
+WOLFSSL_API void wolfSSL_SHA_Update(WOLFSSL_SHA_CTX*, const void*, unsigned long);
+WOLFSSL_API void wolfSSL_SHA_Final(unsigned char*, WOLFSSL_SHA_CTX*);
+
+/* SHA1 points to above, shouldn't use SHA0 ever */
+WOLFSSL_API void wolfSSL_SHA1_Init(WOLFSSL_SHA_CTX*);
+WOLFSSL_API void wolfSSL_SHA1_Update(WOLFSSL_SHA_CTX*, const void*, unsigned long);
+WOLFSSL_API void wolfSSL_SHA1_Final(unsigned char*, WOLFSSL_SHA_CTX*);
+
+enum {
+    SHA_DIGEST_LENGTH = 20
+};
+
+
+typedef WOLFSSL_SHA_CTX SHA_CTX;
+
+#define SHA_Init wolfSSL_SHA_Init
+#define SHA_Update wolfSSL_SHA_Update
+#define SHA_Final wolfSSL_SHA_Final
+
+#define SHA1_Init wolfSSL_SHA1_Init
+#define SHA1_Update wolfSSL_SHA1_Update
+#define SHA1_Final wolfSSL_SHA1_Final
+
+
+typedef struct WOLFSSL_SHA256_CTX {
+    int holder[28];   /* big enough to hold wolfcrypt sha, but check on init */
+} WOLFSSL_SHA256_CTX;
+
+WOLFSSL_API void wolfSSL_SHA256_Init(WOLFSSL_SHA256_CTX*);
+WOLFSSL_API void wolfSSL_SHA256_Update(WOLFSSL_SHA256_CTX*, const void*,
+	                                 unsigned long);
+WOLFSSL_API void wolfSSL_SHA256_Final(unsigned char*, WOLFSSL_SHA256_CTX*);
+
+enum {
+    SHA256_DIGEST_LENGTH = 32 
+};
+
+
+typedef WOLFSSL_SHA256_CTX SHA256_CTX;
+
+#define SHA256_Init   wolfSSL_SHA256_Init
+#define SHA256_Update wolfSSL_SHA256_Update
+#define SHA256_Final  wolfSSL_SHA256_Final
+
+
+#ifdef WOLFSSL_SHA384
+
+typedef struct WOLFSSL_SHA384_CTX {
+    long long holder[32];   /* big enough, but check on init */
+} WOLFSSL_SHA384_CTX;
+
+WOLFSSL_API void wolfSSL_SHA384_Init(WOLFSSL_SHA384_CTX*);
+WOLFSSL_API void wolfSSL_SHA384_Update(WOLFSSL_SHA384_CTX*, const void*,
+	                                 unsigned long);
+WOLFSSL_API void wolfSSL_SHA384_Final(unsigned char*, WOLFSSL_SHA384_CTX*);
+
+enum {
+    SHA384_DIGEST_LENGTH = 48 
+};
+
+
+typedef WOLFSSL_SHA384_CTX SHA384_CTX;
+
+#define SHA384_Init   wolfSSL_SHA384_Init
+#define SHA384_Update wolfSSL_SHA384_Update
+#define SHA384_Final  wolfSSL_SHA384_Final
+
+#endif /* WOLFSSL_SHA384 */
+
+#ifdef WOLFSSL_SHA512
+
+typedef struct WOLFSSL_SHA512_CTX {
+    long long holder[36];   /* big enough, but check on init */
+} WOLFSSL_SHA512_CTX;
+
+WOLFSSL_API void wolfSSL_SHA512_Init(WOLFSSL_SHA512_CTX*);
+WOLFSSL_API void wolfSSL_SHA512_Update(WOLFSSL_SHA512_CTX*, const void*,
+	                                 unsigned long);
+WOLFSSL_API void wolfSSL_SHA512_Final(unsigned char*, WOLFSSL_SHA512_CTX*);
+
+enum {
+    SHA512_DIGEST_LENGTH = 64 
+};
+
+
+typedef WOLFSSL_SHA512_CTX SHA512_CTX;
+
+#define SHA512_Init   wolfSSL_SHA512_Init
+#define SHA512_Update wolfSSL_SHA512_Update
+#define SHA512_Final  wolfSSL_SHA512_Final
+
+#endif /* WOLFSSL_SHA512 */
+
+
+
+
+#ifdef __cplusplus
+    }  /* extern "C" */ 
+#endif
+
+
+#endif /* WOLFSSL_SHA_H_ */
+
diff --git a/3P/wolfssl/wolfssl/openssl/ssl.h b/3P/wolfssl/wolfssl/openssl/ssl.h
new file mode 100644
index 00000000..01571d20
--- /dev/null
+++ b/3P/wolfssl/wolfssl/openssl/ssl.h
@@ -0,0 +1,382 @@
+/* ssl.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * a with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+/*  ssl.h defines wolfssl_openssl compatibility layer 
+ *
+ */
+
+
+#ifndef WOLFSSL_OPENSSL_H_
+#define WOLFSSL_OPENSSL_H_
+
+/* wolfssl_cyassl compatibility layer */
+#include 
+
+#ifdef __cplusplus
+    extern "C" {
+#endif
+
+#ifdef _WIN32
+    /* wincrypt.h clashes */
+    #undef X509_NAME
+#endif
+
+
+typedef WOLFSSL          SSL;          
+typedef WOLFSSL_SESSION  SSL_SESSION;
+typedef WOLFSSL_METHOD   SSL_METHOD;
+typedef WOLFSSL_CTX      SSL_CTX;
+
+typedef WOLFSSL_X509       X509;
+typedef WOLFSSL_X509_NAME  X509_NAME;
+typedef WOLFSSL_X509_CHAIN X509_CHAIN;
+
+
+/* redeclare guard */
+#define WOLFSSL_TYPES_DEFINED
+
+
+typedef WOLFSSL_EVP_PKEY       EVP_PKEY;
+typedef WOLFSSL_RSA            RSA;
+typedef WOLFSSL_DSA            DSA;
+typedef WOLFSSL_BIO            BIO;
+typedef WOLFSSL_BIO_METHOD     BIO_METHOD;
+typedef WOLFSSL_CIPHER         SSL_CIPHER;
+typedef WOLFSSL_X509_LOOKUP    X509_LOOKUP;
+typedef WOLFSSL_X509_LOOKUP_METHOD X509_LOOKUP_METHOD;
+typedef WOLFSSL_X509_CRL       X509_CRL;
+typedef WOLFSSL_X509_EXTENSION X509_EXTENSION;
+typedef WOLFSSL_ASN1_TIME      ASN1_TIME;
+typedef WOLFSSL_ASN1_INTEGER   ASN1_INTEGER;
+typedef WOLFSSL_ASN1_OBJECT    ASN1_OBJECT;
+typedef WOLFSSL_ASN1_STRING    ASN1_STRING;
+typedef WOLFSSL_dynlock_value  CRYPTO_dynlock_value;
+
+#define ASN1_UTCTIME WOLFSSL_ASN1_TIME
+
+typedef WOLFSSL_MD4_CTX        MD4_CTX;
+typedef WOLFSSL_COMP_METHOD    COMP_METHOD;
+typedef WOLFSSL_X509_STORE     X509_STORE;
+typedef WOLFSSL_X509_REVOKED   X509_REVOKED;
+typedef WOLFSSL_X509_OBJECT    X509_OBJECT;
+typedef WOLFSSL_X509_STORE_CTX X509_STORE_CTX;
+
+
+#define SSLv3_server_method wolfSSLv3_server_method
+#define SSLv3_client_method wolfSSLv3_client_method
+#define TLSv1_server_method wolfTLSv1_server_method
+#define TLSv1_client_method wolfTLSv1_client_method
+#define TLSv1_1_server_method wolfTLSv1_1_server_method
+#define TLSv1_1_client_method wolfTLSv1_1_client_method
+#define TLSv1_2_server_method wolfTLSv1_2_server_method
+#define TLSv1_2_client_method wolfTLSv1_2_client_method
+
+#ifdef WOLFSSL_DTLS
+    #define DTLSv1_client_method wolfDTLSv1_client_method
+    #define DTLSv1_server_method wolfDTLSv1_server_method
+    #define DTLSv1_2_client_method wolfDTLSv1_2_client_method
+    #define DTLSv1_2_server_method wolfDTLSv1_2_server_method
+#endif
+
+
+#ifndef NO_FILESYSTEM
+    #define SSL_CTX_use_certificate_file wolfSSL_CTX_use_certificate_file
+    #define SSL_CTX_use_PrivateKey_file wolfSSL_CTX_use_PrivateKey_file
+    #define SSL_CTX_load_verify_locations wolfSSL_CTX_load_verify_locations
+    #define SSL_CTX_use_certificate_chain_file wolfSSL_CTX_use_certificate_chain_file
+    #define SSL_CTX_use_RSAPrivateKey_file wolfSSL_CTX_use_RSAPrivateKey_file
+    
+    #define SSL_use_certificate_file wolfSSL_use_certificate_file
+    #define SSL_use_PrivateKey_file wolfSSL_use_PrivateKey_file
+    #define SSL_use_certificate_chain_file wolfSSL_use_certificate_chain_file
+    #define SSL_use_RSAPrivateKey_file wolfSSL_use_RSAPrivateKey_file
+#endif
+
+#define SSL_CTX_new wolfSSL_CTX_new
+#define SSL_new     wolfSSL_new
+#define SSL_set_fd  wolfSSL_set_fd
+#define SSL_get_fd  wolfSSL_get_fd
+#define SSL_connect wolfSSL_connect
+
+#define SSL_write    wolfSSL_write
+#define SSL_read     wolfSSL_read
+#define SSL_peek     wolfSSL_peek
+#define SSL_accept   wolfSSL_accept
+#define SSL_CTX_free wolfSSL_CTX_free
+#define SSL_free     wolfSSL_free
+#define SSL_shutdown wolfSSL_shutdown
+
+#define SSL_CTX_set_quiet_shutdown wolfSSL_CTX_set_quiet_shutdown
+#define SSL_set_quiet_shutdown wolfSSL_set_quiet_shutdown
+#define SSL_get_error wolfSSL_get_error
+#define SSL_set_session wolfSSL_set_session
+#define SSL_get_session wolfSSL_get_session
+#define SSL_flush_sessions wolfSSL_flush_sessions
+
+#define SSL_CTX_set_verify wolfSSL_CTX_set_verify
+#define SSL_set_verify wolfSSL_set_verify
+#define SSL_pending wolfSSL_pending
+#define SSL_load_error_strings wolfSSL_load_error_strings
+#define SSL_library_init wolfSSL_library_init
+#define SSL_CTX_set_session_cache_mode wolfSSL_CTX_set_session_cache_mode 
+#define SSL_CTX_set_cipher_list wolfSSL_CTX_set_cipher_list
+#define SSL_set_cipher_list     wolfSSL_set_cipher_list
+
+#define ERR_error_string wolfSSL_ERR_error_string
+#define ERR_error_string_n wolfSSL_ERR_error_string_n
+#define ERR_reason_error_string wolfSSL_ERR_reason_error_string
+
+#define SSL_set_ex_data wolfSSL_set_ex_data
+#define SSL_get_shutdown wolfSSL_get_shutdown
+#define SSL_set_rfd wolfSSL_set_rfd 
+#define SSL_set_wfd wolfSSL_set_wfd 
+#define SSL_set_shutdown wolfSSL_set_shutdown 
+#define SSL_set_session_id_context wolfSSL_set_session_id_context
+#define SSL_set_connect_state wolfSSL_set_connect_state
+#define SSL_set_accept_state wolfSSL_set_accept_state
+#define SSL_session_reused wolfSSL_session_reused
+#define SSL_SESSION_free wolfSSL_SESSION_free
+#define SSL_is_init_finished wolfSSL_is_init_finished
+
+#define SSL_get_version wolfSSL_get_version
+#define SSL_get_current_cipher wolfSSL_get_current_cipher
+#define SSL_get_cipher wolfSSL_get_cipher
+#define SSL_CIPHER_description wolfSSL_CIPHER_description
+#define SSL_CIPHER_get_name wolfSSL_CIPHER_get_name
+#define SSL_get1_session wolfSSL_get1_session
+
+#define SSL_get_keyblock_size wolfSSL_get_keyblock_size
+#define SSL_get_keys          wolfSSL_get_keys
+
+#define X509_free wolfSSL_X509_free
+#define OPENSSL_free wolfSSL_OPENSSL_free
+
+#define OCSP_parse_url wolfSSL_OCSP_parse_url
+#define SSLv23_client_method wolfSSLv23_client_method
+#define SSLv2_client_method wolfSSLv2_client_method
+#define SSLv2_server_method wolfSSLv2_server_method
+
+#define MD4_Init wolfSSL_MD4_Init
+#define MD4_Update  wolfSSL_MD4_Update  
+#define MD4_Final wolfSSL_MD4_Final
+
+#define BIO_new wolfSSL_BIO_new
+#define BIO_free wolfSSL_BIO_free
+#define BIO_free_all wolfSSL_BIO_free_all
+#define BIO_read wolfSSL_BIO_read
+#define BIO_write wolfSSL_BIO_write
+#define BIO_push wolfSSL_BIO_push
+#define BIO_pop wolfSSL_BIO_pop
+#define BIO_flush wolfSSL_BIO_flush
+#define BIO_pending wolfSSL_BIO_pending
+
+#define BIO_get_mem_data wolfSSL_BIO_get_mem_data
+#define BIO_new_mem_buf  wolfSSL_BIO_new_mem_buf
+
+#define BIO_f_buffer wolfSSL_BIO_f_buffer
+#define BIO_set_write_buffer_size wolfSSL_BIO_set_write_buffer_size
+#define BIO_f_ssl wolfSSL_BIO_f_ssl
+#define BIO_new_socket wolfSSL_BIO_new_socket
+#define SSL_set_bio wolfSSL_set_bio
+#define BIO_eof wolfSSL_BIO_eof
+#define BIO_set_ss wolfSSL_BIO_set_ss
+
+#define BIO_s_mem wolfSSL_BIO_s_mem
+#define BIO_f_base64 wolfSSL_BIO_f_base64
+#define BIO_set_flags wolfSSL_BIO_set_flags
+
+#define OpenSSL_add_all_algorithms wolfSSL_add_all_algorithms
+#define SSLeay_add_ssl_algorithms wolfSSL_add_all_algorithms
+#define SSLeay_add_all_algorithms wolfSSL_add_all_algorithms
+
+#define RAND_screen wolfSSL_RAND_screen
+#define RAND_file_name wolfSSL_RAND_file_name
+#define RAND_write_file wolfSSL_RAND_write_file
+#define RAND_load_file wolfSSL_RAND_load_file
+#define RAND_egd wolfSSL_RAND_egd
+#define RAND_seed wolfSSL_RAND_seed
+#define RAND_add  wolfSSL_RAND_add
+
+#define COMP_zlib wolfSSL_COMP_zlib
+#define COMP_rle wolfSSL_COMP_rle
+#define SSL_COMP_add_compression_method wolfSSL_COMP_add_compression_method
+
+#define SSL_get_ex_new_index wolfSSL_get_ex_new_index
+
+#define CRYPTO_set_id_callback wolfSSL_set_id_callback
+#define CRYPTO_set_locking_callback wolfSSL_set_locking_callback
+#define CRYPTO_set_dynlock_create_callback wolfSSL_set_dynlock_create_callback
+#define CRYPTO_set_dynlock_lock_callback wolfSSL_set_dynlock_lock_callback
+#define CRYPTO_set_dynlock_destroy_callback wolfSSL_set_dynlock_destroy_callback
+#define CRYPTO_num_locks wolfSSL_num_locks
+
+#define X509_STORE_CTX_get_current_cert wolfSSL_X509_STORE_CTX_get_current_cert
+#define X509_STORE_CTX_get_error wolfSSL_X509_STORE_CTX_get_error
+#define X509_STORE_CTX_get_error_depth wolfSSL_X509_STORE_CTX_get_error_depth
+
+#define X509_NAME_oneline wolfSSL_X509_NAME_oneline
+#define X509_get_issuer_name wolfSSL_X509_get_issuer_name
+#define X509_get_subject_name wolfSSL_X509_get_subject_name
+#define X509_verify_cert_error_string wolfSSL_X509_verify_cert_error_string
+
+#define X509_LOOKUP_add_dir wolfSSL_X509_LOOKUP_add_dir
+#define X509_LOOKUP_load_file wolfSSL_X509_LOOKUP_load_file
+#define X509_LOOKUP_hash_dir wolfSSL_X509_LOOKUP_hash_dir
+#define X509_LOOKUP_file wolfSSL_X509_LOOKUP_file
+
+#define X509_STORE_add_lookup wolfSSL_X509_STORE_add_lookup
+#define X509_STORE_new wolfSSL_X509_STORE_new
+#define X509_STORE_get_by_subject wolfSSL_X509_STORE_get_by_subject
+#define X509_STORE_CTX_init wolfSSL_X509_STORE_CTX_init
+#define X509_STORE_CTX_cleanup wolfSSL_X509_STORE_CTX_cleanup
+
+#define X509_CRL_get_lastUpdate wolfSSL_X509_CRL_get_lastUpdate
+#define X509_CRL_get_nextUpdate wolfSSL_X509_CRL_get_nextUpdate
+
+#define X509_get_pubkey wolfSSL_X509_get_pubkey
+#define X509_CRL_verify wolfSSL_X509_CRL_verify
+#define X509_STORE_CTX_set_error wolfSSL_X509_STORE_CTX_set_error
+#define X509_OBJECT_free_contents wolfSSL_X509_OBJECT_free_contents
+#define EVP_PKEY_free wolfSSL_EVP_PKEY_free
+#define X509_cmp_current_time wolfSSL_X509_cmp_current_time
+#define sk_X509_REVOKED_num wolfSSL_sk_X509_REVOKED_num
+#define X509_CRL_get_REVOKED wolfSSL_X509_CRL_get_REVOKED
+#define sk_X509_REVOKED_value wolfSSL_sk_X509_REVOKED_value 
+
+#define X509_get_serialNumber wolfSSL_X509_get_serialNumber
+
+#define ASN1_TIME_pr wolfSSL_ASN1_TIME_pr
+
+#define ASN1_INTEGER_cmp wolfSSL_ASN1_INTEGER_cmp
+#define ASN1_INTEGER_get wolfSSL_ASN1_INTEGER_get
+
+#define SSL_load_client_CA_file wolfSSL_load_client_CA_file
+
+#define SSL_CTX_set_client_CA_list wolfSSL_CTX_set_client_CA_list
+#define X509_STORE_CTX_get_ex_data wolfSSL_X509_STORE_CTX_get_ex_data 
+#define SSL_get_ex_data_X509_STORE_CTX_idx wolfSSL_get_ex_data_X509_STORE_CTX_idx
+#define SSL_get_ex_data wolfSSL_get_ex_data
+
+#define SSL_CTX_set_default_passwd_cb_userdata wolfSSL_CTX_set_default_passwd_cb_userdata
+#define SSL_CTX_set_default_passwd_cb wolfSSL_CTX_set_default_passwd_cb
+
+#define SSL_CTX_set_timeout wolfSSL_CTX_set_timeout
+#define SSL_CTX_set_info_callback wolfSSL_CTX_set_info_callback
+
+#define ERR_peek_error wolfSSL_ERR_peek_error
+#define ERR_GET_REASON wolfSSL_ERR_GET_REASON
+
+#define SSL_alert_type_string wolfSSL_alert_type_string
+#define SSL_alert_desc_string wolfSSL_alert_desc_string
+#define SSL_state_string wolfSSL_state_string
+
+#define RSA_free wolfSSL_RSA_free
+#define RSA_generate_key wolfSSL_RSA_generate_key
+#define SSL_CTX_set_tmp_rsa_callback wolfSSL_CTX_set_tmp_rsa_callback
+
+#define PEM_def_callback wolfSSL_PEM_def_callback
+
+#define SSL_CTX_sess_accept wolfSSL_CTX_sess_accept
+#define SSL_CTX_sess_connect wolfSSL_CTX_sess_connect
+#define SSL_CTX_sess_accept_good wolfSSL_CTX_sess_accept_good
+#define SSL_CTX_sess_connect_good wolfSSL_CTX_sess_connect_good
+#define SSL_CTX_sess_accept_renegotiate wolfSSL_CTX_sess_accept_renegotiate
+#define SSL_CTX_sess_connect_renegotiate wolfSSL_CTX_sess_connect_renegotiate
+#define SSL_CTX_sess_hits wolfSSL_CTX_sess_hits
+#define SSL_CTX_sess_cb_hits wolfSSL_CTX_sess_cb_hits
+#define SSL_CTX_sess_cache_full wolfSSL_CTX_sess_cache_full
+#define SSL_CTX_sess_misses wolfSSL_CTX_sess_misses
+#define SSL_CTX_sess_timeouts wolfSSL_CTX_sess_timeouts
+#define SSL_CTX_sess_number wolfSSL_CTX_sess_number
+#define SSL_CTX_sess_get_cache_size wolfSSL_CTX_sess_get_cache_size
+
+
+#define SSL_DEFAULT_CIPHER_LIST WOLFSSL_DEFAULT_CIPHER_LIST
+#define RSA_F4 WOLFSSL_RSA_F4
+
+#define SSL_CTX_set_psk_client_callback wolfSSL_CTX_set_psk_client_callback
+#define SSL_set_psk_client_callback wolfSSL_set_psk_client_callback
+
+#define SSL_get_psk_identity_hint wolfSSL_get_psk_identity_hint
+#define SSL_get_psk_identity wolfSSL_get_psk_identity
+
+#define SSL_CTX_use_psk_identity_hint wolfSSL_CTX_use_psk_identity_hint
+#define SSL_use_psk_identity_hint wolfSSL_use_psk_identity_hint
+
+#define SSL_CTX_set_psk_server_callback wolfSSL_CTX_set_psk_server_callback
+#define SSL_set_psk_server_callback wolfSSL_set_psk_server_callback
+
+#define ERR_get_error_line_data wolfSSL_ERR_get_error_line_data
+
+#define ERR_get_error wolfSSL_ERR_get_error
+#define ERR_clear_error wolfSSL_ERR_clear_error
+
+#define RAND_status wolfSSL_RAND_status
+#define RAND_bytes wolfSSL_RAND_bytes
+#define SSLv23_server_method wolfSSLv23_server_method
+#define SSL_CTX_set_options wolfSSL_CTX_set_options 
+#define SSL_CTX_check_private_key wolfSSL_CTX_check_private_key
+
+#define ERR_free_strings wolfSSL_ERR_free_strings
+#define ERR_remove_state wolfSSL_ERR_remove_state
+#define EVP_cleanup wolfSSL_EVP_cleanup
+
+#define CRYPTO_cleanup_all_ex_data wolfSSL_cleanup_all_ex_data
+#define SSL_CTX_set_mode wolfSSL_CTX_set_mode
+#define SSL_CTX_get_mode wolfSSL_CTX_get_mode
+#define SSL_CTX_set_default_read_ahead wolfSSL_CTX_set_default_read_ahead
+
+#define SSL_CTX_sess_set_cache_size wolfSSL_CTX_sess_set_cache_size
+#define SSL_CTX_set_default_verify_paths wolfSSL_CTX_set_default_verify_paths
+
+#define SSL_CTX_set_session_id_context wolfSSL_CTX_set_session_id_context
+#define SSL_get_peer_certificate wolfSSL_get_peer_certificate
+
+#define SSL_want_read wolfSSL_want_read
+#define SSL_want_write wolfSSL_want_write
+
+#define BIO_prf wolfSSL_BIO_prf
+#define ASN1_UTCTIME_pr wolfSSL_ASN1_UTCTIME_pr
+
+#define sk_num wolfSSL_sk_num
+#define sk_value wolfSSL_sk_value
+
+#define SSL_CTX_get_ex_data wolfSSL_CTX_get_ex_data
+#define SSL_CTX_set_ex_data wolfSSL_CTX_set_ex_data
+#define SSL_CTX_sess_set_get_cb wolfSSL_CTX_sess_set_get_cb
+#define SSL_CTX_sess_set_new_cb wolfSSL_CTX_sess_set_new_cb
+#define SSL_CTX_sess_set_remove_cb wolfSSL_CTX_sess_set_remove_cb
+
+#define i2d_SSL_SESSION wolfSSL_i2d_SSL_SESSION
+#define d2i_SSL_SESSION wolfSSL_d2i_SSL_SESSION
+#define SSL_SESSION_get_timeout wolfSSL_SESSION_get_timeout
+#define SSL_SESSION_get_time wolfSSL_SESSION_get_time
+#define SSL_CTX_get_ex_new_index wolfSSL_CTX_get_ex_new_index
+
+
+
+#ifdef __cplusplus
+    } /* extern "C" */
+#endif
+
+
+#endif /* wolfSSL_openssl_h__ */
diff --git a/3P/wolfssl/wolfssl/openssl/stack.h b/3P/wolfssl/wolfssl/openssl/stack.h
new file mode 100644
index 00000000..374c1fcd
--- /dev/null
+++ b/3P/wolfssl/wolfssl/openssl/stack.h
@@ -0,0 +1,2 @@
+/* stack.h for openssl */
+
diff --git a/3P/wolfssl/wolfssl/openssl/ui.h b/3P/wolfssl/wolfssl/openssl/ui.h
new file mode 100644
index 00000000..a2539303
--- /dev/null
+++ b/3P/wolfssl/wolfssl/openssl/ui.h
@@ -0,0 +1,2 @@
+/* ui.h for openssl */
+
diff --git a/3P/wolfssl/wolfssl/openssl/x509.h b/3P/wolfssl/wolfssl/openssl/x509.h
new file mode 100644
index 00000000..645b3b5f
--- /dev/null
+++ b/3P/wolfssl/wolfssl/openssl/x509.h
@@ -0,0 +1,3 @@
+/* x509.h for openssl */
+
+#include 
diff --git a/3P/wolfssl/wolfssl/openssl/x509v3.h b/3P/wolfssl/wolfssl/openssl/x509v3.h
new file mode 100644
index 00000000..77828a33
--- /dev/null
+++ b/3P/wolfssl/wolfssl/openssl/x509v3.h
@@ -0,0 +1,2 @@
+/* x509v3.h for openssl */
+
diff --git a/3P/wolfssl/wolfssl/options.h b/3P/wolfssl/wolfssl/options.h
new file mode 100644
index 00000000..8a51fefb
--- /dev/null
+++ b/3P/wolfssl/wolfssl/options.h
@@ -0,0 +1,59 @@
+/* wolfssl options.h
+ * generated from configure options
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ */
+
+#pragma once
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#undef  _POSIX_THREADS
+#define _POSIX_THREADS
+
+#undef  HAVE_THREAD_LS
+#define HAVE_THREAD_LS
+
+#undef  NDEBUG
+#define NDEBUG
+
+#undef  _THREAD_SAFE
+#define _THREAD_SAFE
+
+#undef  NO_DSA
+#define NO_DSA
+
+#undef  NO_PSK
+#define NO_PSK
+
+#undef  NO_DH
+#define NO_DH
+
+#undef  NO_MD4
+#define NO_MD4
+
+#undef  NO_HC128
+#define NO_HC128
+
+#undef  NO_RABBIT
+#define NO_RABBIT
+
+#undef  HAVE_HASHDRBG
+#define HAVE_HASHDRBG
+
+#undef  NO_PWDBASED
+#define NO_PWDBASED
+
+#undef  USE_FAST_MATH
+#define USE_FAST_MATH
+
+
+#ifdef __cplusplus
+}
+#endif
+
diff --git a/3P/wolfssl/wolfssl/options.h.in b/3P/wolfssl/wolfssl/options.h.in
new file mode 100644
index 00000000..d1e362c2
--- /dev/null
+++ b/3P/wolfssl/wolfssl/options.h.in
@@ -0,0 +1,34 @@
+/* options.h.in
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+/* default blank options for autoconf */
+
+#pragma once
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+
+#ifdef __cplusplus
+}
+#endif
+
diff --git a/3P/wolfssl/wolfssl/sniffer.h b/3P/wolfssl/wolfssl/sniffer.h
new file mode 100644
index 00000000..a14f883f
--- /dev/null
+++ b/3P/wolfssl/wolfssl/sniffer.h
@@ -0,0 +1,82 @@
+/* sniffer.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#ifndef WOLFSSL_SNIFFER_H
+#define WOLFSSL_SNIFFER_H
+
+#include 
+
+#ifdef _WIN32
+    #ifdef SSL_SNIFFER_EXPORTS
+        #define SSL_SNIFFER_API __declspec(dllexport)
+    #else
+        #define SSL_SNIFFER_API __declspec(dllimport)
+    #endif
+#else
+    #define SSL_SNIFFER_API
+#endif /* _WIN32 */
+
+
+#ifdef __cplusplus
+    extern "C" {
+#endif
+
+/* @param typeK: (formerly keyType) was shadowing a global declaration in 
+ *                wolfssl/wolfcrypt/asn.h line 175
+ */
+WOLFSSL_API 
+SSL_SNIFFER_API int ssl_SetPrivateKey(const char* address, int port,
+                                      const char* keyFile, int typeK,
+                                      const char* password, char* error);
+
+WOLFSSL_API
+SSL_SNIFFER_API int ssl_SetNamedPrivateKey(const char* name,
+                                           const char* address, int port,
+                                           const char* keyFile, int typeK,
+                                           const char* password, char* error);
+
+WOLFSSL_API 
+SSL_SNIFFER_API int ssl_DecodePacket(const unsigned char* packet, int length,
+                                     unsigned char* data, char* error);
+
+WOLFSSL_API 
+SSL_SNIFFER_API int ssl_Trace(const char* traceFile, char* error);
+        
+        
+WOLFSSL_API void ssl_InitSniffer(void);
+        
+WOLFSSL_API void ssl_FreeSniffer(void);
+
+        
+/* ssl_SetPrivateKey typeKs */
+enum {
+    FILETYPE_PEM = 1,
+    FILETYPE_DER = 2,
+};
+
+
+#ifdef __cplusplus
+    }  /* extern "C" */
+#endif
+
+#endif /* wolfSSL_SNIFFER_H */
+
diff --git a/3P/wolfssl/wolfssl/sniffer_error.h b/3P/wolfssl/wolfssl/sniffer_error.h
new file mode 100644
index 00000000..5f75aea8
--- /dev/null
+++ b/3P/wolfssl/wolfssl/sniffer_error.h
@@ -0,0 +1,112 @@
+/* sniffer_error.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#ifndef WOLFSSL_SNIFFER_ERROR_H
+#define WOLFSSL_SNIFFER_ERROR_H
+
+/* need to have errors as #defines since .rc files can't handle enums */
+/* need to start at 1 and go in order for same reason */
+
+#define MEMORY_STR 1
+#define NEW_SERVER_STR 2
+#define IP_CHECK_STR 3
+#define SERVER_NOT_REG_STR 4
+#define TCP_CHECK_STR 5
+#define SERVER_PORT_NOT_REG_STR 6
+#define RSA_DECRYPT_STR 7
+#define RSA_DECODE_STR 8
+#define BAD_CIPHER_SPEC_STR 9
+#define SERVER_HELLO_INPUT_STR 10
+
+#define BAD_SESSION_RESUME_STR 11
+#define SERVER_DID_RESUMPTION_STR 12
+#define CLIENT_HELLO_INPUT_STR 13
+#define CLIENT_RESUME_TRY_STR 14
+#define HANDSHAKE_INPUT_STR 15
+#define GOT_HELLO_VERIFY_STR 16
+#define GOT_SERVER_HELLO_STR 17
+#define GOT_CERT_REQ_STR 18
+#define GOT_SERVER_KEY_EX_STR 19
+#define GOT_CERT_STR 20
+
+#define GOT_SERVER_HELLO_DONE_STR 21
+#define GOT_FINISHED_STR 22
+#define GOT_CLIENT_HELLO_STR 23
+#define GOT_CLIENT_KEY_EX_STR 24
+#define GOT_CERT_VER_STR 25
+#define GOT_UNKNOWN_HANDSHAKE_STR 26
+#define NEW_SESSION_STR 27
+#define BAD_NEW_SSL_STR 28
+#define GOT_PACKET_STR 29
+#define NO_DATA_STR 30
+
+#define BAD_SESSION_STR 31
+#define GOT_OLD_CLIENT_HELLO_STR 32
+#define OLD_CLIENT_INPUT_STR 33
+#define OLD_CLIENT_OK_STR 34
+#define BAD_OLD_CLIENT_STR 35
+#define BAD_RECORD_HDR_STR 36
+#define RECORD_INPUT_STR 37
+#define GOT_HANDSHAKE_STR 38
+#define BAD_HANDSHAKE_STR 39
+#define GOT_CHANGE_CIPHER_STR 40
+
+#define GOT_APP_DATA_STR 41
+#define BAD_APP_DATA_STR 42
+#define GOT_ALERT_STR 43
+#define ANOTHER_MSG_STR 44
+#define REMOVE_SESSION_STR 45
+#define KEY_FILE_STR 46
+#define BAD_IPVER_STR 47
+#define BAD_PROTO_STR 48
+#define PACKET_HDR_SHORT_STR 49
+#define GOT_UNKNOWN_RECORD_STR 50
+
+#define BAD_TRACE_FILE_STR 51
+#define FATAL_ERROR_STR 52
+#define PARTIAL_INPUT_STR 53
+#define BUFFER_ERROR_STR 54
+#define PARTIAL_ADD_STR 55
+#define DUPLICATE_STR 56
+#define OUT_OF_ORDER_STR 57
+#define OVERLAP_DUPLICATE_STR 58
+#define OVERLAP_REASSEMBLY_BEGIN_STR 59
+#define OVERLAP_REASSEMBLY_END_STR 60
+
+#define MISSED_CLIENT_HELLO_STR 61
+#define GOT_HELLO_REQUEST_STR 62
+#define GOT_SESSION_TICKET_STR 63
+#define BAD_INPUT_STR 64
+#define BAD_DECRYPT_TYPE 65
+#define BAD_FINISHED_MSG 66
+#define BAD_COMPRESSION_STR 67
+#define BAD_DERIVE_STR 68
+#define ACK_MISSED_STR 69
+#define BAD_DECRYPT    70 
+
+#define DECRYPT_KEYS_NOT_SETUP 71
+#define CLIENT_HELLO_LATE_KEY_STR 72
+/* !!!! also add to msgTable in sniffer.c and .rc file !!!! */
+
+
+#endif /* wolfSSL_SNIFFER_ERROR_H */
+
diff --git a/3P/wolfssl/wolfssl/sniffer_error.rc b/3P/wolfssl/wolfssl/sniffer_error.rc
new file mode 100644
index 00000000..f787f064
--- /dev/null
+++ b/3P/wolfssl/wolfssl/sniffer_error.rc
@@ -0,0 +1,91 @@
+
+STRINGTABLE 
+{
+    1, "Out of Memory"
+    2, "New SSL Sniffer Server Registered"
+    3, "Checking IP Header"
+    4, "SSL Sniffer Server Not Registered"
+    5, "Checking TCP Header"
+
+    6, "SSL Sniffer Server Port Not Registered"
+    7, "RSA Private Decrypt Error"
+    8, "RSA Private Decode Error"
+    9, "Set Cipher Spec Error"
+    10, "Server Hello Input Malformed"
+
+    11, "Couldn't Resume Session Error"
+    12, "Server Did Resumption"
+    13, "Client Hello Input Malformed"
+    14, "Client Trying to Resume"
+    15, "Handshake Input Malformed"
+
+    16, "Got Hello Verify msg"
+    17, "Got Server Hello msg"
+    18, "Got Cert Request msg"
+    19, "Got Server Key Exchange msg"
+    20, "Got Cert msg"
+
+    21, "Got Server Hello Done msg"
+    22, "Got Finished msg"
+    23, "Got Client Hello msg"
+    24, "Got Client Key Exchange msg"
+    25, "Got Cert Verify msg"
+
+    26, "Got Unknown Handshake msg"
+    27, "New SSL Sniffer Session created"
+    28, "Couldn't create new SSL"
+    29, "Got a Packet to decode"
+    30, "No data present"
+
+    31, "Session Not Found"
+    32, "Got an Old Client Hello msg"
+    33, "Old Client Hello Input Malformed"
+    34, "Old Client Hello OK"
+    35, "Bad Old Client Hello"
+
+    36, "Bad Record Header"
+    37, "Record Header Input Malformed"
+    38, "Got a HandShake msg"
+    39, "Bad HandShake msg"
+    40, "Got a Change Cipher Spec msg"
+
+    41, "Got Application Data msg"
+    42, "Bad Application Data"
+    43, "Got an Alert msg"
+    44, "Another msg to Process"
+    45, "Removing Session From Table"
+
+    46, "Bad Key File"
+    47, "Wrong IP Version"
+    48, "Wrong Protocol type"
+    49, "Packet Short for header processing"
+    50, "Got Unknown Record Type"
+    
+    51, "Can't Open Trace File"
+    52, "Session in Fatal Error State"
+    53, "Partial SSL record received"
+    54, "Buffer Error, malformed input"
+    55, "Added to Partial Input"
+
+    56, "Received a Duplicate Packet"
+    57, "Received an Out of Order Packet"
+    58, "Received an Overlap Duplicate Packet"
+    59, "Received an Overlap Reassembly Begin Duplicate Packet"
+    60, "Received an Overlap Reassembly End Duplicate Packet"
+    
+    61, "Missed the Client Hello Entirely"
+    62, "Got Hello Request msg"
+    63, "Got Session Ticket msg"
+    64, "Bad Input"
+    65, "Bad Decrypt Type"
+
+    66, "Bad Finished Message Processing"
+    67, "Bad Compression Type"
+    68, "Bad DeriveKeys Error"
+    69, "Saw ACK for Missing Packet Error"
+    70, "Bad Decrypt Operation"
+
+    71, "Decrypt Keys Not Set Up"
+    72, "Late Key Load Error"
+}
+
diff --git a/3P/wolfssl/wolfssl/ssl.h b/3P/wolfssl/wolfssl/ssl.h
new file mode 100644
index 00000000..721d3327
--- /dev/null
+++ b/3P/wolfssl/wolfssl/ssl.h
@@ -0,0 +1,1408 @@
+/* ssl.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+/* wolfSSL API */
+
+#ifndef WOLFSSL_SSL_H
+#define WOLFSSL_SSL_H
+
+
+/* for users not using preprocessor flags*/
+#include 
+#include 
+
+#ifndef NO_FILESYSTEM
+    #ifdef FREESCALE_MQX
+        #include 
+    #else
+        #include    /* ERR_printf */
+    #endif
+#endif
+
+#ifdef YASSL_PREFIX
+    #include "prefix_ssl.h"
+#endif
+
+#ifdef LIBWOLFSSL_VERSION_STRING
+    #define WOLFSSL_VERSION LIBWOLFSSL_VERSION_STRING
+#endif
+
+#ifdef _WIN32
+    /* wincrypt.h clashes */
+    #undef OCSP_REQUEST
+    #undef OCSP_RESPONSE
+#endif
+
+
+
+#ifdef __cplusplus
+    extern "C" {
+#endif
+
+typedef struct WOLFSSL          WOLFSSL;
+typedef struct WOLFSSL_SESSION  WOLFSSL_SESSION;
+typedef struct WOLFSSL_METHOD   WOLFSSL_METHOD;
+typedef struct WOLFSSL_CTX      WOLFSSL_CTX;
+
+typedef struct WOLFSSL_X509       WOLFSSL_X509;
+typedef struct WOLFSSL_X509_NAME  WOLFSSL_X509_NAME;
+typedef struct WOLFSSL_X509_CHAIN WOLFSSL_X509_CHAIN;
+
+typedef struct WOLFSSL_CERT_MANAGER WOLFSSL_CERT_MANAGER;
+typedef struct WOLFSSL_SOCKADDR     WOLFSSL_SOCKADDR;
+
+/* redeclare guard */
+#define WOLFSSL_TYPES_DEFINED
+
+
+typedef struct WOLFSSL_RSA            WOLFSSL_RSA;
+typedef struct WOLFSSL_DSA            WOLFSSL_DSA;
+typedef struct WOLFSSL_CIPHER         WOLFSSL_CIPHER;
+typedef struct WOLFSSL_X509_LOOKUP    WOLFSSL_X509_LOOKUP;
+typedef struct WOLFSSL_X509_LOOKUP_METHOD WOLFSSL_X509_LOOKUP_METHOD;
+typedef struct WOLFSSL_X509_CRL       WOLFSSL_X509_CRL;
+typedef struct WOLFSSL_BIO            WOLFSSL_BIO;
+typedef struct WOLFSSL_BIO_METHOD     WOLFSSL_BIO_METHOD;
+typedef struct WOLFSSL_X509_EXTENSION WOLFSSL_X509_EXTENSION;
+typedef struct WOLFSSL_ASN1_TIME      WOLFSSL_ASN1_TIME;
+typedef struct WOLFSSL_ASN1_INTEGER   WOLFSSL_ASN1_INTEGER;
+typedef struct WOLFSSL_ASN1_OBJECT    WOLFSSL_ASN1_OBJECT;
+typedef struct WOLFSSL_ASN1_STRING    WOLFSSL_ASN1_STRING;
+typedef struct WOLFSSL_dynlock_value  WOLFSSL_dynlock_value;
+
+#define WOLFSSL_ASN1_UTCTIME WOLFSSL_ASN1_TIME
+
+typedef struct WOLFSSL_EVP_PKEY {
+    int type;         /* openssh dereference */
+    int save_type;    /* openssh dereference */
+    int pkey_sz;
+    union {
+        char* ptr;
+    } pkey;
+    #ifdef HAVE_ECC
+        int pkey_curve;
+    #endif
+} WOLFSSL_EVP_PKEY;
+
+typedef struct WOLFSSL_MD4_CTX {
+    int buffer[32];      /* big enough to hold, check size in Init */
+} WOLFSSL_MD4_CTX;
+
+
+typedef struct WOLFSSL_COMP_METHOD {
+    int type;            /* stunnel dereference */
+} WOLFSSL_COMP_METHOD;
+
+
+typedef struct WOLFSSL_X509_STORE {
+    int                  cache;          /* stunnel dereference */
+    WOLFSSL_CERT_MANAGER* cm;
+} WOLFSSL_X509_STORE;
+
+typedef struct WOLFSSL_ALERT {
+    int code;
+    int level;
+} WOLFSSL_ALERT;
+
+typedef struct WOLFSSL_ALERT_HISTORY {
+    WOLFSSL_ALERT last_rx;
+    WOLFSSL_ALERT last_tx;
+} WOLFSSL_ALERT_HISTORY;
+
+typedef struct WOLFSSL_X509_REVOKED {
+    WOLFSSL_ASN1_INTEGER* serialNumber;          /* stunnel dereference */
+} WOLFSSL_X509_REVOKED;
+
+
+typedef struct WOLFSSL_X509_OBJECT {
+    union {
+        char* ptr;
+        WOLFSSL_X509_CRL* crl;           /* stunnel dereference */
+    } data;
+} WOLFSSL_X509_OBJECT;
+
+
+typedef struct WOLFSSL_X509_STORE_CTX {
+    WOLFSSL_X509_STORE* store;    /* Store full of a CA cert chain */
+    WOLFSSL_X509* current_cert;   /* stunnel dereference */
+    char* domain;                /* subject CN domain name */
+    void* ex_data;               /* external data, for fortress build */
+    void* userCtx;               /* user ctx */
+    int   error;                 /* current error */
+    int   error_depth;           /* cert depth for this error */
+    int   discardSessionCerts;   /* so verify callback can flag for discard */
+} WOLFSSL_X509_STORE_CTX;
+
+
+/* Valid Alert types from page 16/17 */
+enum AlertDescription {
+    close_notify            = 0,
+    unexpected_message      = 10,
+    bad_record_mac          = 20,
+    record_overflow         = 22,
+    decompression_failure   = 30,
+    handshake_failure       = 40,
+    no_certificate          = 41,
+    bad_certificate         = 42,
+    unsupported_certificate = 43,
+    certificate_revoked     = 44,
+    certificate_expired     = 45,
+    certificate_unknown     = 46,
+    illegal_parameter       = 47,
+    decrypt_error           = 51,
+    protocol_version        = 70,
+    no_renegotiation        = 100,
+    unrecognized_name       = 112
+};
+
+
+enum AlertLevel {
+    alert_warning = 1,
+    alert_fatal = 2
+};
+
+
+WOLFSSL_API WOLFSSL_METHOD *wolfSSLv3_server_method(void);
+WOLFSSL_API WOLFSSL_METHOD *wolfSSLv3_client_method(void);
+WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_server_method(void);
+WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_client_method(void);
+WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_1_server_method(void);
+WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_1_client_method(void);
+WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_2_server_method(void);
+WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_2_client_method(void);
+
+#ifdef WOLFSSL_DTLS
+    WOLFSSL_API WOLFSSL_METHOD *wolfDTLSv1_client_method(void);
+    WOLFSSL_API WOLFSSL_METHOD *wolfDTLSv1_server_method(void);
+    WOLFSSL_API WOLFSSL_METHOD *wolfDTLSv1_2_client_method(void);
+    WOLFSSL_API WOLFSSL_METHOD *wolfDTLSv1_2_server_method(void);
+#endif
+
+#ifdef HAVE_POLY1305
+    WOLFSSL_API int wolfSSL_use_old_poly(WOLFSSL*, int);
+#endif
+
+#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS)
+
+WOLFSSL_API int wolfSSL_CTX_use_certificate_file(WOLFSSL_CTX*, const char*, int);
+WOLFSSL_API int wolfSSL_CTX_use_PrivateKey_file(WOLFSSL_CTX*, const char*, int);
+WOLFSSL_API int wolfSSL_CTX_load_verify_locations(WOLFSSL_CTX*, const char*,
+                                                const char*);
+WOLFSSL_API int wolfSSL_CTX_use_certificate_chain_file(WOLFSSL_CTX *,
+                                                     const char *file);
+WOLFSSL_API int wolfSSL_CTX_use_RSAPrivateKey_file(WOLFSSL_CTX*, const char*, int);
+
+WOLFSSL_API int wolfSSL_use_certificate_file(WOLFSSL*, const char*, int);
+WOLFSSL_API int wolfSSL_use_PrivateKey_file(WOLFSSL*, const char*, int);
+WOLFSSL_API int wolfSSL_use_certificate_chain_file(WOLFSSL*, const char *file);
+WOLFSSL_API int wolfSSL_use_RSAPrivateKey_file(WOLFSSL*, const char*, int);
+
+#ifdef WOLFSSL_DER_LOAD
+    WOLFSSL_API int wolfSSL_CTX_der_load_verify_locations(WOLFSSL_CTX*,
+                                                    const char*, int);
+#endif
+
+#ifdef HAVE_NTRU
+    WOLFSSL_API int wolfSSL_CTX_use_NTRUPrivateKey_file(WOLFSSL_CTX*, const char*);
+    /* load NTRU private key blob */
+#endif
+
+#ifndef WOLFSSL_PEMCERT_TODER_DEFINED
+    WOLFSSL_API int wolfSSL_PemCertToDer(const char*, unsigned char*, int);
+    #define WOLFSSL_PEMCERT_TODER_DEFINED
+#endif
+
+#endif /* !NO_FILESYSTEM && !NO_CERTS */
+
+WOLFSSL_API WOLFSSL_CTX* wolfSSL_CTX_new(WOLFSSL_METHOD*);
+WOLFSSL_API WOLFSSL* wolfSSL_new(WOLFSSL_CTX*);
+WOLFSSL_API int  wolfSSL_set_fd (WOLFSSL*, int);
+WOLFSSL_API int  wolfSSL_get_ciphers(char*, int);
+WOLFSSL_API int  wolfSSL_get_fd(const WOLFSSL*);
+WOLFSSL_API void wolfSSL_set_using_nonblock(WOLFSSL*, int);
+WOLFSSL_API int  wolfSSL_get_using_nonblock(WOLFSSL*);
+WOLFSSL_API int  wolfSSL_connect(WOLFSSL*);     /* please see note at top of README
+                                             if you get an error from connect */
+WOLFSSL_API int  wolfSSL_write(WOLFSSL*, const void*, int);
+WOLFSSL_API int  wolfSSL_read(WOLFSSL*, void*, int);
+WOLFSSL_API int  wolfSSL_peek(WOLFSSL*, void*, int);
+WOLFSSL_API int  wolfSSL_accept(WOLFSSL*);
+WOLFSSL_API void wolfSSL_CTX_free(WOLFSSL_CTX*);
+WOLFSSL_API void wolfSSL_free(WOLFSSL*);
+WOLFSSL_API int  wolfSSL_shutdown(WOLFSSL*);
+WOLFSSL_API int  wolfSSL_send(WOLFSSL*, const void*, int sz, int flags);
+WOLFSSL_API int  wolfSSL_recv(WOLFSSL*, void*, int sz, int flags);
+
+WOLFSSL_API void wolfSSL_CTX_set_quiet_shutdown(WOLFSSL_CTX*, int);
+WOLFSSL_API void wolfSSL_set_quiet_shutdown(WOLFSSL*, int);
+
+WOLFSSL_API int  wolfSSL_get_error(WOLFSSL*, int);
+WOLFSSL_API int  wolfSSL_get_alert_history(WOLFSSL*, WOLFSSL_ALERT_HISTORY *);
+
+WOLFSSL_API int        wolfSSL_set_session(WOLFSSL* ssl,WOLFSSL_SESSION* session);
+WOLFSSL_API WOLFSSL_SESSION* wolfSSL_get_session(WOLFSSL* ssl);
+WOLFSSL_API void       wolfSSL_flush_sessions(WOLFSSL_CTX *ctx, long tm);
+WOLFSSL_API int        wolfSSL_SetServerID(WOLFSSL* ssl, const unsigned char*,
+                                         int, int);
+
+#ifdef SESSION_INDEX
+WOLFSSL_API int wolfSSL_GetSessionIndex(WOLFSSL* ssl);
+WOLFSSL_API int wolfSSL_GetSessionAtIndex(int index, WOLFSSL_SESSION* session);
+#endif /* SESSION_INDEX */
+
+#if defined(SESSION_INDEX) && defined(SESSION_CERTS)
+WOLFSSL_API
+    WOLFSSL_X509_CHAIN* wolfSSL_SESSION_get_peer_chain(WOLFSSL_SESSION* session);
+#endif /* SESSION_INDEX && SESSION_CERTS */
+
+typedef int (*VerifyCallback)(int, WOLFSSL_X509_STORE_CTX*);
+typedef int (*pem_password_cb)(char*, int, int, void*);
+
+WOLFSSL_API void wolfSSL_CTX_set_verify(WOLFSSL_CTX*, int,
+                                      VerifyCallback verify_callback);
+WOLFSSL_API void wolfSSL_set_verify(WOLFSSL*, int, VerifyCallback verify_callback);
+WOLFSSL_API void wolfSSL_SetCertCbCtx(WOLFSSL*, void*);
+
+WOLFSSL_API int  wolfSSL_pending(WOLFSSL*);
+
+WOLFSSL_API void wolfSSL_load_error_strings(void);
+WOLFSSL_API int  wolfSSL_library_init(void);
+WOLFSSL_API long wolfSSL_CTX_set_session_cache_mode(WOLFSSL_CTX*, long);
+
+#ifdef HAVE_SECRET_CALLBACK
+typedef int (*SessionSecretCb)(WOLFSSL* ssl,
+                                        void* secret, int* secretSz, void* ctx);
+WOLFSSL_API int  wolfSSL_set_session_secret_cb(WOLFSSL*, SessionSecretCb, void*);
+#endif /* HAVE_SECRET_CALLBACK */
+
+/* session cache persistence */
+WOLFSSL_API int  wolfSSL_save_session_cache(const char*);
+WOLFSSL_API int  wolfSSL_restore_session_cache(const char*);
+WOLFSSL_API int  wolfSSL_memsave_session_cache(void*, int);
+WOLFSSL_API int  wolfSSL_memrestore_session_cache(const void*, int);
+WOLFSSL_API int  wolfSSL_get_session_cache_memsize(void);
+
+/* certificate cache persistence, uses ctx since certs are per ctx */
+WOLFSSL_API int  wolfSSL_CTX_save_cert_cache(WOLFSSL_CTX*, const char*);
+WOLFSSL_API int  wolfSSL_CTX_restore_cert_cache(WOLFSSL_CTX*, const char*);
+WOLFSSL_API int  wolfSSL_CTX_memsave_cert_cache(WOLFSSL_CTX*, void*, int, int*);
+WOLFSSL_API int  wolfSSL_CTX_memrestore_cert_cache(WOLFSSL_CTX*, const void*, int);
+WOLFSSL_API int  wolfSSL_CTX_get_cert_cache_memsize(WOLFSSL_CTX*);
+
+/* only supports full name from cipher_name[] delimited by : */
+WOLFSSL_API int  wolfSSL_CTX_set_cipher_list(WOLFSSL_CTX*, const char*);
+WOLFSSL_API int  wolfSSL_set_cipher_list(WOLFSSL*, const char*);
+
+/* Nonblocking DTLS helper functions */
+WOLFSSL_API int  wolfSSL_dtls_get_current_timeout(WOLFSSL* ssl);
+WOLFSSL_API int  wolfSSL_dtls_set_timeout_init(WOLFSSL* ssl, int);
+WOLFSSL_API int  wolfSSL_dtls_set_timeout_max(WOLFSSL* ssl, int);
+WOLFSSL_API int  wolfSSL_dtls_got_timeout(WOLFSSL* ssl);
+WOLFSSL_API int  wolfSSL_dtls(WOLFSSL* ssl);
+
+WOLFSSL_API int  wolfSSL_dtls_set_peer(WOLFSSL*, void*, unsigned int);
+WOLFSSL_API int  wolfSSL_dtls_get_peer(WOLFSSL*, void*, unsigned int*);
+
+WOLFSSL_API int   wolfSSL_ERR_GET_REASON(int err);
+WOLFSSL_API char* wolfSSL_ERR_error_string(unsigned long,char*);
+WOLFSSL_API void  wolfSSL_ERR_error_string_n(unsigned long e, char* buf,
+                                           unsigned long sz);
+WOLFSSL_API const char* wolfSSL_ERR_reason_error_string(unsigned long);
+
+/* extras */
+
+#define STACK_OF(x) x
+
+WOLFSSL_API int  wolfSSL_set_ex_data(WOLFSSL*, int, void*);
+WOLFSSL_API int  wolfSSL_get_shutdown(const WOLFSSL*);
+WOLFSSL_API int  wolfSSL_set_rfd(WOLFSSL*, int);
+WOLFSSL_API int  wolfSSL_set_wfd(WOLFSSL*, int);
+WOLFSSL_API void wolfSSL_set_shutdown(WOLFSSL*, int);
+WOLFSSL_API int  wolfSSL_set_session_id_context(WOLFSSL*, const unsigned char*,
+                                           unsigned int);
+WOLFSSL_API void wolfSSL_set_connect_state(WOLFSSL*);
+WOLFSSL_API void wolfSSL_set_accept_state(WOLFSSL*);
+WOLFSSL_API int  wolfSSL_session_reused(WOLFSSL*);
+WOLFSSL_API void wolfSSL_SESSION_free(WOLFSSL_SESSION* session);
+WOLFSSL_API int  wolfSSL_is_init_finished(WOLFSSL*);
+
+WOLFSSL_API const char*  wolfSSL_get_version(WOLFSSL*);
+WOLFSSL_API int  wolfSSL_get_current_cipher_suite(WOLFSSL* ssl);
+WOLFSSL_API WOLFSSL_CIPHER*  wolfSSL_get_current_cipher(WOLFSSL*);
+WOLFSSL_API char*        wolfSSL_CIPHER_description(WOLFSSL_CIPHER*, char*, int);
+WOLFSSL_API const char*  wolfSSL_CIPHER_get_name(const WOLFSSL_CIPHER* cipher);
+WOLFSSL_API const char*  wolfSSL_get_cipher(WOLFSSL*);
+WOLFSSL_API WOLFSSL_SESSION* wolfSSL_get1_session(WOLFSSL* ssl);
+                           /* what's ref count */
+
+WOLFSSL_API void wolfSSL_X509_free(WOLFSSL_X509*);
+WOLFSSL_API void wolfSSL_OPENSSL_free(void*);
+
+WOLFSSL_API int wolfSSL_OCSP_parse_url(char* url, char** host, char** port,
+                                     char** path, int* ssl);
+
+WOLFSSL_API WOLFSSL_METHOD* wolfSSLv23_client_method(void);
+WOLFSSL_API WOLFSSL_METHOD* wolfSSLv2_client_method(void);
+WOLFSSL_API WOLFSSL_METHOD* wolfSSLv2_server_method(void);
+
+WOLFSSL_API void wolfSSL_MD4_Init(WOLFSSL_MD4_CTX*);
+WOLFSSL_API void wolfSSL_MD4_Update(WOLFSSL_MD4_CTX*, const void*, unsigned long);
+WOLFSSL_API void wolfSSL_MD4_Final(unsigned char*, WOLFSSL_MD4_CTX*);
+
+
+WOLFSSL_API WOLFSSL_BIO* wolfSSL_BIO_new(WOLFSSL_BIO_METHOD*);
+WOLFSSL_API int  wolfSSL_BIO_free(WOLFSSL_BIO*);
+WOLFSSL_API int  wolfSSL_BIO_free_all(WOLFSSL_BIO*);
+WOLFSSL_API int  wolfSSL_BIO_read(WOLFSSL_BIO*, void*, int);
+WOLFSSL_API int  wolfSSL_BIO_write(WOLFSSL_BIO*, const void*, int);
+WOLFSSL_API WOLFSSL_BIO* wolfSSL_BIO_push(WOLFSSL_BIO*, WOLFSSL_BIO* append);
+WOLFSSL_API WOLFSSL_BIO* wolfSSL_BIO_pop(WOLFSSL_BIO*);
+WOLFSSL_API int  wolfSSL_BIO_flush(WOLFSSL_BIO*);
+WOLFSSL_API int  wolfSSL_BIO_pending(WOLFSSL_BIO*);
+
+WOLFSSL_API WOLFSSL_BIO_METHOD* wolfSSL_BIO_f_buffer(void);
+WOLFSSL_API long wolfSSL_BIO_set_write_buffer_size(WOLFSSL_BIO*, long size);
+WOLFSSL_API WOLFSSL_BIO_METHOD* wolfSSL_BIO_f_ssl(void);
+WOLFSSL_API WOLFSSL_BIO*        wolfSSL_BIO_new_socket(int sfd, int flag);
+WOLFSSL_API int         wolfSSL_BIO_eof(WOLFSSL_BIO*);
+
+WOLFSSL_API WOLFSSL_BIO_METHOD* wolfSSL_BIO_s_mem(void);
+WOLFSSL_API WOLFSSL_BIO_METHOD* wolfSSL_BIO_f_base64(void);
+WOLFSSL_API void wolfSSL_BIO_set_flags(WOLFSSL_BIO*, int);
+
+WOLFSSL_API int wolfSSL_BIO_get_mem_data(WOLFSSL_BIO* bio,const unsigned char** p);
+WOLFSSL_API WOLFSSL_BIO* wolfSSL_BIO_new_mem_buf(void* buf, int len);
+
+
+WOLFSSL_API long        wolfSSL_BIO_set_ssl(WOLFSSL_BIO*, WOLFSSL*, int flag);
+WOLFSSL_API void        wolfSSL_set_bio(WOLFSSL*, WOLFSSL_BIO* rd, WOLFSSL_BIO* wr);
+
+WOLFSSL_API int  wolfSSL_add_all_algorithms(void);
+
+WOLFSSL_API void        wolfSSL_RAND_screen(void);
+WOLFSSL_API const char* wolfSSL_RAND_file_name(char*, unsigned long);
+WOLFSSL_API int         wolfSSL_RAND_write_file(const char*);
+WOLFSSL_API int         wolfSSL_RAND_load_file(const char*, long);
+WOLFSSL_API int         wolfSSL_RAND_egd(const char*);
+WOLFSSL_API int         wolfSSL_RAND_seed(const void*, int);
+WOLFSSL_API void        wolfSSL_RAND_add(const void*, int, double);
+
+WOLFSSL_API WOLFSSL_COMP_METHOD* wolfSSL_COMP_zlib(void);
+WOLFSSL_API WOLFSSL_COMP_METHOD* wolfSSL_COMP_rle(void);
+WOLFSSL_API int wolfSSL_COMP_add_compression_method(int, void*);
+
+WOLFSSL_API int wolfSSL_get_ex_new_index(long, void*, void*, void*, void*);
+
+WOLFSSL_API void wolfSSL_set_id_callback(unsigned long (*f)(void));
+WOLFSSL_API void wolfSSL_set_locking_callback(void (*f)(int, int, const char*,
+                                                      int));
+WOLFSSL_API void wolfSSL_set_dynlock_create_callback(WOLFSSL_dynlock_value* (*f)
+                                                   (const char*, int));
+WOLFSSL_API void wolfSSL_set_dynlock_lock_callback(void (*f)(int,
+                                      WOLFSSL_dynlock_value*, const char*, int));
+WOLFSSL_API void wolfSSL_set_dynlock_destroy_callback(void (*f)
+                                     (WOLFSSL_dynlock_value*, const char*, int));
+WOLFSSL_API int  wolfSSL_num_locks(void);
+
+WOLFSSL_API WOLFSSL_X509* wolfSSL_X509_STORE_CTX_get_current_cert(
+                                                        WOLFSSL_X509_STORE_CTX*);
+WOLFSSL_API int   wolfSSL_X509_STORE_CTX_get_error(WOLFSSL_X509_STORE_CTX*);
+WOLFSSL_API int   wolfSSL_X509_STORE_CTX_get_error_depth(WOLFSSL_X509_STORE_CTX*);
+
+WOLFSSL_API char*       wolfSSL_X509_NAME_oneline(WOLFSSL_X509_NAME*, char*, int);
+WOLFSSL_API WOLFSSL_X509_NAME*  wolfSSL_X509_get_issuer_name(WOLFSSL_X509*);
+WOLFSSL_API WOLFSSL_X509_NAME*  wolfSSL_X509_get_subject_name(WOLFSSL_X509*);
+WOLFSSL_API int  wolfSSL_X509_ext_isSet_by_NID(WOLFSSL_X509*, int);
+WOLFSSL_API int  wolfSSL_X509_ext_get_critical_by_NID(WOLFSSL_X509*, int);
+WOLFSSL_API int  wolfSSL_X509_get_isCA(WOLFSSL_X509*);
+WOLFSSL_API int  wolfSSL_X509_get_isSet_pathLength(WOLFSSL_X509*);
+WOLFSSL_API unsigned int wolfSSL_X509_get_pathLength(WOLFSSL_X509*);
+WOLFSSL_API unsigned int wolfSSL_X509_get_keyUsage(WOLFSSL_X509*);
+WOLFSSL_API unsigned char* wolfSSL_X509_get_authorityKeyID(
+                                            WOLFSSL_X509*, unsigned char*, int*);
+WOLFSSL_API unsigned char* wolfSSL_X509_get_subjectKeyID(
+                                            WOLFSSL_X509*, unsigned char*, int*);
+WOLFSSL_API int wolfSSL_X509_NAME_entry_count(WOLFSSL_X509_NAME*);
+WOLFSSL_API int wolfSSL_X509_NAME_get_text_by_NID(
+                                            WOLFSSL_X509_NAME*, int, char*, int);
+WOLFSSL_API int         wolfSSL_X509_verify_cert(WOLFSSL_X509_STORE_CTX*);
+WOLFSSL_API const char* wolfSSL_X509_verify_cert_error_string(long);
+WOLFSSL_API int wolfSSL_X509_get_signature_type(WOLFSSL_X509*);
+WOLFSSL_API int wolfSSL_X509_get_signature(WOLFSSL_X509*, unsigned char*, int*);
+
+WOLFSSL_API int wolfSSL_X509_LOOKUP_add_dir(WOLFSSL_X509_LOOKUP*,const char*,long);
+WOLFSSL_API int wolfSSL_X509_LOOKUP_load_file(WOLFSSL_X509_LOOKUP*, const char*,
+                                            long);
+WOLFSSL_API WOLFSSL_X509_LOOKUP_METHOD* wolfSSL_X509_LOOKUP_hash_dir(void);
+WOLFSSL_API WOLFSSL_X509_LOOKUP_METHOD* wolfSSL_X509_LOOKUP_file(void);
+
+WOLFSSL_API WOLFSSL_X509_LOOKUP* wolfSSL_X509_STORE_add_lookup(WOLFSSL_X509_STORE*,
+                                                    WOLFSSL_X509_LOOKUP_METHOD*);
+WOLFSSL_API WOLFSSL_X509_STORE*  wolfSSL_X509_STORE_new(void);
+WOLFSSL_API void         wolfSSL_X509_STORE_free(WOLFSSL_X509_STORE*);
+WOLFSSL_API int          wolfSSL_X509_STORE_add_cert(
+                                              WOLFSSL_X509_STORE*, WOLFSSL_X509*);
+WOLFSSL_API int          wolfSSL_X509_STORE_set_default_paths(WOLFSSL_X509_STORE*);
+WOLFSSL_API int          wolfSSL_X509_STORE_get_by_subject(WOLFSSL_X509_STORE_CTX*,
+                                   int, WOLFSSL_X509_NAME*, WOLFSSL_X509_OBJECT*);
+WOLFSSL_API WOLFSSL_X509_STORE_CTX* wolfSSL_X509_STORE_CTX_new(void);
+WOLFSSL_API int  wolfSSL_X509_STORE_CTX_init(WOLFSSL_X509_STORE_CTX*,
+                      WOLFSSL_X509_STORE*, WOLFSSL_X509*, STACK_OF(WOLFSSL_X509)*);
+WOLFSSL_API void wolfSSL_X509_STORE_CTX_free(WOLFSSL_X509_STORE_CTX*);
+WOLFSSL_API void wolfSSL_X509_STORE_CTX_cleanup(WOLFSSL_X509_STORE_CTX*);
+
+WOLFSSL_API WOLFSSL_ASN1_TIME* wolfSSL_X509_CRL_get_lastUpdate(WOLFSSL_X509_CRL*);
+WOLFSSL_API WOLFSSL_ASN1_TIME* wolfSSL_X509_CRL_get_nextUpdate(WOLFSSL_X509_CRL*);
+
+WOLFSSL_API WOLFSSL_EVP_PKEY* wolfSSL_X509_get_pubkey(WOLFSSL_X509*);
+WOLFSSL_API int       wolfSSL_X509_CRL_verify(WOLFSSL_X509_CRL*, WOLFSSL_EVP_PKEY*);
+WOLFSSL_API void      wolfSSL_X509_STORE_CTX_set_error(WOLFSSL_X509_STORE_CTX*,
+                                                     int);
+WOLFSSL_API void      wolfSSL_X509_OBJECT_free_contents(WOLFSSL_X509_OBJECT*);
+WOLFSSL_API void      wolfSSL_EVP_PKEY_free(WOLFSSL_EVP_PKEY*);
+WOLFSSL_API int       wolfSSL_X509_cmp_current_time(const WOLFSSL_ASN1_TIME*);
+WOLFSSL_API int       wolfSSL_sk_X509_REVOKED_num(WOLFSSL_X509_REVOKED*);
+
+WOLFSSL_API WOLFSSL_X509_REVOKED* wolfSSL_X509_CRL_get_REVOKED(WOLFSSL_X509_CRL*);
+WOLFSSL_API WOLFSSL_X509_REVOKED* wolfSSL_sk_X509_REVOKED_value(
+                                                      WOLFSSL_X509_REVOKED*,int);
+WOLFSSL_API WOLFSSL_ASN1_INTEGER* wolfSSL_X509_get_serialNumber(WOLFSSL_X509*);
+
+WOLFSSL_API int wolfSSL_ASN1_TIME_print(WOLFSSL_BIO*, const WOLFSSL_ASN1_TIME*);
+
+WOLFSSL_API int  wolfSSL_ASN1_INTEGER_cmp(const WOLFSSL_ASN1_INTEGER*,
+                                       const WOLFSSL_ASN1_INTEGER*);
+WOLFSSL_API long wolfSSL_ASN1_INTEGER_get(const WOLFSSL_ASN1_INTEGER*);
+
+WOLFSSL_API STACK_OF(WOLFSSL_X509_NAME)* wolfSSL_load_client_CA_file(const char*);
+
+WOLFSSL_API void  wolfSSL_CTX_set_client_CA_list(WOLFSSL_CTX*,
+                                               STACK_OF(WOLFSSL_X509_NAME)*);
+WOLFSSL_API void* wolfSSL_X509_STORE_CTX_get_ex_data(WOLFSSL_X509_STORE_CTX*, int);
+WOLFSSL_API int   wolfSSL_get_ex_data_X509_STORE_CTX_idx(void);
+WOLFSSL_API void* wolfSSL_get_ex_data(const WOLFSSL*, int);
+
+WOLFSSL_API void wolfSSL_CTX_set_default_passwd_cb_userdata(WOLFSSL_CTX*,
+                                                          void* userdata);
+WOLFSSL_API void wolfSSL_CTX_set_default_passwd_cb(WOLFSSL_CTX*, pem_password_cb);
+
+
+WOLFSSL_API void wolfSSL_CTX_set_info_callback(WOLFSSL_CTX*, void (*)(void));
+
+WOLFSSL_API unsigned long wolfSSL_ERR_peek_error(void);
+WOLFSSL_API int           wolfSSL_GET_REASON(int);
+
+WOLFSSL_API char* wolfSSL_alert_type_string_long(int);
+WOLFSSL_API char* wolfSSL_alert_desc_string_long(int);
+WOLFSSL_API char* wolfSSL_state_string_long(WOLFSSL*);
+
+WOLFSSL_API WOLFSSL_RSA* wolfSSL_RSA_generate_key(int, unsigned long,
+                                               void(*)(int, int, void*), void*);
+WOLFSSL_API void wolfSSL_CTX_set_tmp_rsa_callback(WOLFSSL_CTX*,
+                                             WOLFSSL_RSA*(*)(WOLFSSL*, int, int));
+
+WOLFSSL_API int wolfSSL_PEM_def_callback(char*, int num, int w, void* key);
+
+WOLFSSL_API long wolfSSL_CTX_sess_accept(WOLFSSL_CTX*);
+WOLFSSL_API long wolfSSL_CTX_sess_connect(WOLFSSL_CTX*);
+WOLFSSL_API long wolfSSL_CTX_sess_accept_good(WOLFSSL_CTX*);
+WOLFSSL_API long wolfSSL_CTX_sess_connect_good(WOLFSSL_CTX*);
+WOLFSSL_API long wolfSSL_CTX_sess_accept_renegotiate(WOLFSSL_CTX*);
+WOLFSSL_API long wolfSSL_CTX_sess_connect_renegotiate(WOLFSSL_CTX*);
+WOLFSSL_API long wolfSSL_CTX_sess_hits(WOLFSSL_CTX*);
+WOLFSSL_API long wolfSSL_CTX_sess_cb_hits(WOLFSSL_CTX*);
+WOLFSSL_API long wolfSSL_CTX_sess_cache_full(WOLFSSL_CTX*);
+WOLFSSL_API long wolfSSL_CTX_sess_misses(WOLFSSL_CTX*);
+WOLFSSL_API long wolfSSL_CTX_sess_timeouts(WOLFSSL_CTX*);
+WOLFSSL_API long wolfSSL_CTX_sess_number(WOLFSSL_CTX*);
+WOLFSSL_API long wolfSSL_CTX_sess_get_cache_size(WOLFSSL_CTX*);
+
+#define WOLFSSL_DEFAULT_CIPHER_LIST ""   /* default all */
+#define WOLFSSL_RSA_F4 0x10001L
+
+enum {
+    OCSP_NOCERTS     = 1,
+    OCSP_NOINTERN    = 2,
+    OCSP_NOSIGS      = 4,
+    OCSP_NOCHAIN     = 8,
+    OCSP_NOVERIFY    = 16,
+    OCSP_NOEXPLICIT  = 32,
+    OCSP_NOCASIGN    = 64,
+    OCSP_NODELEGATED = 128,
+    OCSP_NOCHECKS    = 256,
+    OCSP_TRUSTOTHER  = 512,
+    OCSP_RESPID_KEY  = 1024,
+    OCSP_NOTIME      = 2048,
+
+    OCSP_CERTID   = 2,
+    OCSP_REQUEST  = 4,
+    OCSP_RESPONSE = 8,
+    OCSP_BASICRESP = 16,
+
+    WOLFSSL_OCSP_URL_OVERRIDE = 1,
+    WOLFSSL_OCSP_NO_NONCE     = 2,
+
+    WOLFSSL_CRL_CHECKALL = 1,
+
+    ASN1_GENERALIZEDTIME = 4,
+
+    SSL_OP_MICROSOFT_SESS_ID_BUG = 1,
+    SSL_OP_NETSCAPE_CHALLENGE_BUG = 2,
+    SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG = 3,
+    SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG = 4,
+    SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER = 5,
+    SSL_OP_MSIE_SSLV2_RSA_PADDING = 6,
+    SSL_OP_SSLEAY_080_CLIENT_DH_BUG = 7,
+    SSL_OP_TLS_D5_BUG = 8,
+    SSL_OP_TLS_BLOCK_PADDING_BUG = 9,
+    SSL_OP_TLS_ROLLBACK_BUG = 10,
+    SSL_OP_ALL = 11,
+    SSL_OP_EPHEMERAL_RSA = 12,
+    SSL_OP_NO_SSLv3 = 13,
+    SSL_OP_NO_TLSv1 = 14,
+    SSL_OP_PKCS1_CHECK_1 = 15,
+    SSL_OP_PKCS1_CHECK_2 = 16,
+    SSL_OP_NETSCAPE_CA_DN_BUG = 17,
+    SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG = 18,
+    SSL_OP_SINGLE_DH_USE = 19,
+    SSL_OP_NO_TICKET = 20,
+    SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS = 21,
+    SSL_OP_NO_QUERY_MTU = 22,
+    SSL_OP_COOKIE_EXCHANGE = 23,
+    SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION = 24,
+    SSL_OP_SINGLE_ECDH_USE = 25,
+    SSL_OP_CIPHER_SERVER_PREFERENCE = 26,
+
+    SSL_MAX_SSL_SESSION_ID_LENGTH = 32,
+
+    EVP_R_BAD_DECRYPT = 2,
+
+    SSL_CB_LOOP = 4,
+    SSL_ST_CONNECT = 5,
+    SSL_ST_ACCEPT  = 6,
+    SSL_CB_ALERT   = 7,
+    SSL_CB_READ    = 8,
+    SSL_CB_HANDSHAKE_DONE = 9,
+
+    SSL_MODE_ENABLE_PARTIAL_WRITE = 2,
+
+    BIO_FLAGS_BASE64_NO_NL = 1,
+    BIO_CLOSE   = 1,
+    BIO_NOCLOSE = 0,
+
+    NID_undef = 0,
+
+    X509_FILETYPE_PEM = 8,
+    X509_LU_X509      = 9,
+    X509_LU_CRL       = 12,
+
+    X509_V_ERR_CRL_SIGNATURE_FAILURE = 13,
+    X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD = 14,
+    X509_V_ERR_CRL_HAS_EXPIRED                = 15,
+    X509_V_ERR_CERT_REVOKED                   = 16,
+    X509_V_ERR_CERT_CHAIN_TOO_LONG            = 17,
+    X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT      = 18,
+    X509_V_ERR_CERT_NOT_YET_VALID             = 19,
+    X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD = 20,
+    X509_V_ERR_CERT_HAS_EXPIRED               = 21,
+    X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD  = 22,
+
+    X509_V_OK = 0,
+
+    CRYPTO_LOCK = 1,
+    CRYPTO_NUM_LOCKS = 10
+};
+
+/* extras end */
+
+#if !defined(NO_FILESYSTEM) && !defined(NO_STDIO_FILESYSTEM)
+/* wolfSSL extension, provide last error from SSL_get_error
+   since not using thread storage error queue */
+WOLFSSL_API void  wolfSSL_ERR_print_errors_fp(FILE*, int err);
+#endif
+
+enum { /* ssl Constants */
+    SSL_ERROR_NONE      =  0,   /* for most functions */
+    SSL_FAILURE         =  0,   /* for some functions */
+    SSL_SUCCESS         =  1,
+    SSL_SHUTDOWN_NOT_DONE =  2,  /* call wolfSSL_shutdown again to complete */
+
+    SSL_BAD_CERTTYPE    = -8,
+    SSL_BAD_STAT        = -7,
+    SSL_BAD_PATH        = -6,
+    SSL_BAD_FILETYPE    = -5,
+    SSL_BAD_FILE        = -4,
+    SSL_NOT_IMPLEMENTED = -3,
+    SSL_UNKNOWN         = -2,
+    SSL_FATAL_ERROR     = -1,
+
+    SSL_FILETYPE_ASN1    = 2,
+    SSL_FILETYPE_PEM     = 1,
+    SSL_FILETYPE_DEFAULT = 2, /* ASN1 */
+    SSL_FILETYPE_RAW     = 3, /* NTRU raw key blob */
+
+    SSL_VERIFY_NONE                 = 0,
+    SSL_VERIFY_PEER                 = 1,
+    SSL_VERIFY_FAIL_IF_NO_PEER_CERT = 2,
+    SSL_VERIFY_CLIENT_ONCE          = 4,
+
+    SSL_SESS_CACHE_OFF                = 30,
+    SSL_SESS_CACHE_CLIENT             = 31,
+    SSL_SESS_CACHE_SERVER             = 32,
+    SSL_SESS_CACHE_BOTH               = 33,
+    SSL_SESS_CACHE_NO_AUTO_CLEAR      = 34,
+    SSL_SESS_CACHE_NO_INTERNAL_LOOKUP = 35,
+
+    SSL_ERROR_WANT_READ        =  2,
+    SSL_ERROR_WANT_WRITE       =  3,
+    SSL_ERROR_WANT_CONNECT     =  7,
+    SSL_ERROR_WANT_ACCEPT      =  8,
+    SSL_ERROR_SYSCALL          =  5,
+    SSL_ERROR_WANT_X509_LOOKUP = 83,
+    SSL_ERROR_ZERO_RETURN      =  6,
+    SSL_ERROR_SSL              = 85,
+
+    SSL_SENT_SHUTDOWN     = 1,
+    SSL_RECEIVED_SHUTDOWN = 2,
+    SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER = 4,
+    SSL_OP_NO_SSLv2       = 8,
+
+    SSL_R_SSL_HANDSHAKE_FAILURE           = 101,
+    SSL_R_TLSV1_ALERT_UNKNOWN_CA          = 102,
+    SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN = 103,
+    SSL_R_SSLV3_ALERT_BAD_CERTIFICATE     = 104,
+
+    PEM_BUFSIZE = 1024
+};
+
+
+#ifndef NO_PSK
+    typedef unsigned int (*psk_client_callback)(WOLFSSL*, const char*, char*,
+                                    unsigned int, unsigned char*, unsigned int);
+    WOLFSSL_API void wolfSSL_CTX_set_psk_client_callback(WOLFSSL_CTX*,
+                                                    psk_client_callback);
+    WOLFSSL_API void wolfSSL_set_psk_client_callback(WOLFSSL*,psk_client_callback);
+
+    WOLFSSL_API const char* wolfSSL_get_psk_identity_hint(const WOLFSSL*);
+    WOLFSSL_API const char* wolfSSL_get_psk_identity(const WOLFSSL*);
+
+    WOLFSSL_API int wolfSSL_CTX_use_psk_identity_hint(WOLFSSL_CTX*, const char*);
+    WOLFSSL_API int wolfSSL_use_psk_identity_hint(WOLFSSL*, const char*);
+
+    typedef unsigned int (*psk_server_callback)(WOLFSSL*, const char*,
+                          unsigned char*, unsigned int);
+    WOLFSSL_API void wolfSSL_CTX_set_psk_server_callback(WOLFSSL_CTX*,
+                                                    psk_server_callback);
+    WOLFSSL_API void wolfSSL_set_psk_server_callback(WOLFSSL*,psk_server_callback);
+
+    #define PSK_TYPES_DEFINED
+#endif /* NO_PSK */
+
+
+#ifdef HAVE_ANON
+    WOLFSSL_API int wolfSSL_CTX_allow_anon_cipher(WOLFSSL_CTX*);
+#endif /* HAVE_ANON */
+
+
+/* extra begins */
+
+enum {  /* ERR Constants */
+    ERR_TXT_STRING = 1
+};
+
+WOLFSSL_API unsigned long wolfSSL_ERR_get_error_line_data(const char**, int*,
+                                                 const char**, int *);
+
+WOLFSSL_API unsigned long wolfSSL_ERR_get_error(void);
+WOLFSSL_API void          wolfSSL_ERR_clear_error(void);
+
+
+WOLFSSL_API int  wolfSSL_RAND_status(void);
+WOLFSSL_API int  wolfSSL_RAND_bytes(unsigned char* buf, int num);
+WOLFSSL_API WOLFSSL_METHOD *wolfSSLv23_server_method(void);
+WOLFSSL_API long wolfSSL_CTX_set_options(WOLFSSL_CTX*, long);
+#ifndef NO_CERTS
+  WOLFSSL_API int  wolfSSL_CTX_check_private_key(WOLFSSL_CTX*);
+#endif /* !NO_CERTS */
+
+WOLFSSL_API void wolfSSL_ERR_free_strings(void);
+WOLFSSL_API void wolfSSL_ERR_remove_state(unsigned long);
+WOLFSSL_API void wolfSSL_EVP_cleanup(void);
+
+WOLFSSL_API void wolfSSL_cleanup_all_ex_data(void);
+WOLFSSL_API long wolfSSL_CTX_set_mode(WOLFSSL_CTX* ctx, long mode);
+WOLFSSL_API long wolfSSL_CTX_get_mode(WOLFSSL_CTX* ctx);
+WOLFSSL_API void wolfSSL_CTX_set_default_read_ahead(WOLFSSL_CTX* ctx, int m);
+
+WOLFSSL_API long wolfSSL_CTX_sess_set_cache_size(WOLFSSL_CTX*, long);
+
+WOLFSSL_API int  wolfSSL_CTX_set_default_verify_paths(WOLFSSL_CTX*);
+WOLFSSL_API int  wolfSSL_CTX_set_session_id_context(WOLFSSL_CTX*,
+                                            const unsigned char*, unsigned int);
+WOLFSSL_API WOLFSSL_X509* wolfSSL_get_peer_certificate(WOLFSSL* ssl);
+
+WOLFSSL_API int wolfSSL_want_read(WOLFSSL*);
+WOLFSSL_API int wolfSSL_want_write(WOLFSSL*);
+
+WOLFSSL_API int wolfSSL_BIO_printf(WOLFSSL_BIO*, const char*, ...);
+WOLFSSL_API int wolfSSL_ASN1_UTCTIME_print(WOLFSSL_BIO*,
+                                         const WOLFSSL_ASN1_UTCTIME*);
+WOLFSSL_API int   wolfSSL_sk_num(WOLFSSL_X509_REVOKED*);
+WOLFSSL_API void* wolfSSL_sk_value(WOLFSSL_X509_REVOKED*, int);
+
+/* stunnel 4.28 needs */
+WOLFSSL_API void* wolfSSL_CTX_get_ex_data(const WOLFSSL_CTX*, int);
+WOLFSSL_API int   wolfSSL_CTX_set_ex_data(WOLFSSL_CTX*, int, void*);
+WOLFSSL_API void  wolfSSL_CTX_sess_set_get_cb(WOLFSSL_CTX*,
+                       WOLFSSL_SESSION*(*f)(WOLFSSL*, unsigned char*, int, int*));
+WOLFSSL_API void  wolfSSL_CTX_sess_set_new_cb(WOLFSSL_CTX*,
+                                            int (*f)(WOLFSSL*, WOLFSSL_SESSION*));
+WOLFSSL_API void  wolfSSL_CTX_sess_set_remove_cb(WOLFSSL_CTX*,
+                                       void (*f)(WOLFSSL_CTX*, WOLFSSL_SESSION*));
+
+WOLFSSL_API int          wolfSSL_i2d_SSL_SESSION(WOLFSSL_SESSION*,unsigned char**);
+WOLFSSL_API WOLFSSL_SESSION* wolfSSL_d2i_SSL_SESSION(WOLFSSL_SESSION**,
+                                                   const unsigned char**, long);
+
+WOLFSSL_API long wolfSSL_SESSION_get_timeout(const WOLFSSL_SESSION*);
+WOLFSSL_API long wolfSSL_SESSION_get_time(const WOLFSSL_SESSION*);
+WOLFSSL_API int  wolfSSL_CTX_get_ex_new_index(long, void*, void*, void*, void*);
+
+/* extra ends */
+
+
+/* wolfSSL extensions */
+
+/* call before SSL_connect, if verifying will add name check to
+   date check and signature check */
+WOLFSSL_API int wolfSSL_check_domain_name(WOLFSSL* ssl, const char* dn);
+
+/* need to call once to load library (session cache) */
+WOLFSSL_API int wolfSSL_Init(void);
+/* call when done to cleanup/free session cache mutex / resources  */
+WOLFSSL_API int wolfSSL_Cleanup(void);
+
+/* turn logging on, only if compiled in */
+WOLFSSL_API int  wolfSSL_Debugging_ON(void);
+/* turn logging off */
+WOLFSSL_API void wolfSSL_Debugging_OFF(void);
+
+/* do accept or connect depedning on side */
+WOLFSSL_API int wolfSSL_negotiate(WOLFSSL* ssl);
+/* turn on wolfSSL data compression */
+WOLFSSL_API int wolfSSL_set_compression(WOLFSSL* ssl);
+
+WOLFSSL_API int wolfSSL_set_timeout(WOLFSSL*, unsigned int);
+WOLFSSL_API int wolfSSL_CTX_set_timeout(WOLFSSL_CTX*, unsigned int);
+
+/* get wolfSSL peer X509_CHAIN */
+WOLFSSL_API WOLFSSL_X509_CHAIN* wolfSSL_get_peer_chain(WOLFSSL* ssl);
+/* peer chain count */
+WOLFSSL_API int  wolfSSL_get_chain_count(WOLFSSL_X509_CHAIN* chain);
+/* index cert length */
+WOLFSSL_API int  wolfSSL_get_chain_length(WOLFSSL_X509_CHAIN*, int idx);
+/* index cert */
+WOLFSSL_API unsigned char* wolfSSL_get_chain_cert(WOLFSSL_X509_CHAIN*, int idx);
+/* index cert in X509 */
+WOLFSSL_API WOLFSSL_X509* wolfSSL_get_chain_X509(WOLFSSL_X509_CHAIN*, int idx);
+/* free X509 */
+WOLFSSL_API void wolfSSL_FreeX509(WOLFSSL_X509*);
+/* get index cert in PEM */
+WOLFSSL_API int  wolfSSL_get_chain_cert_pem(WOLFSSL_X509_CHAIN*, int idx,
+                                unsigned char* buffer, int inLen, int* outLen);
+WOLFSSL_API const unsigned char* wolfSSL_get_sessionID(const WOLFSSL_SESSION* s);
+WOLFSSL_API int  wolfSSL_X509_get_serial_number(WOLFSSL_X509*,unsigned char*,int*);
+WOLFSSL_API char*  wolfSSL_X509_get_subjectCN(WOLFSSL_X509*);
+WOLFSSL_API const unsigned char* wolfSSL_X509_get_der(WOLFSSL_X509*, int*);
+WOLFSSL_API const unsigned char* wolfSSL_X509_notBefore(WOLFSSL_X509*);
+WOLFSSL_API const unsigned char* wolfSSL_X509_notAfter(WOLFSSL_X509*);
+WOLFSSL_API int wolfSSL_X509_version(WOLFSSL_X509*);
+
+WOLFSSL_API int wolfSSL_cmp_peer_cert_to_file(WOLFSSL*, const char*);
+
+WOLFSSL_API char* wolfSSL_X509_get_next_altname(WOLFSSL_X509*);
+
+WOLFSSL_API WOLFSSL_X509*
+    wolfSSL_X509_d2i(WOLFSSL_X509** x509, const unsigned char* in, int len);
+#ifndef NO_FILESYSTEM
+    #ifndef NO_STDIO_FILESYSTEM
+    WOLFSSL_API WOLFSSL_X509*
+        wolfSSL_X509_d2i_fp(WOLFSSL_X509** x509, FILE* file);
+    #endif
+WOLFSSL_API WOLFSSL_X509*
+    wolfSSL_X509_load_certificate_file(const char* fname, int format);
+#endif
+
+#ifdef WOLFSSL_SEP
+    WOLFSSL_API unsigned char*
+           wolfSSL_X509_get_device_type(WOLFSSL_X509*, unsigned char*, int*);
+    WOLFSSL_API unsigned char*
+           wolfSSL_X509_get_hw_type(WOLFSSL_X509*, unsigned char*, int*);
+    WOLFSSL_API unsigned char*
+           wolfSSL_X509_get_hw_serial_number(WOLFSSL_X509*, unsigned char*, int*);
+#endif
+
+/* connect enough to get peer cert */
+WOLFSSL_API int  wolfSSL_connect_cert(WOLFSSL* ssl);
+
+/* XXX This should be #ifndef NO_DH */
+#ifndef NO_CERTS
+/* server Diffie-Hellman parameters */
+WOLFSSL_API int  wolfSSL_SetTmpDH(WOLFSSL*, const unsigned char* p, int pSz,
+                                const unsigned char* g, int gSz);
+WOLFSSL_API int  wolfSSL_SetTmpDH_buffer(WOLFSSL*, const unsigned char* b, long sz,
+                                       int format);
+WOLFSSL_API int  wolfSSL_SetTmpEC_DHE_Sz(WOLFSSL*, unsigned short);
+#ifndef NO_FILESYSTEM
+    WOLFSSL_API int  wolfSSL_SetTmpDH_file(WOLFSSL*, const char* f, int format);
+#endif
+
+/* server ctx Diffie-Hellman parameters */
+WOLFSSL_API int  wolfSSL_CTX_SetTmpDH(WOLFSSL_CTX*, const unsigned char* p,
+                                    int pSz, const unsigned char* g, int gSz);
+WOLFSSL_API int  wolfSSL_CTX_SetTmpDH_buffer(WOLFSSL_CTX*, const unsigned char* b,
+                                           long sz, int format);
+WOLFSSL_API int  wolfSSL_CTX_SetTmpEC_DHE_Sz(WOLFSSL_CTX*, unsigned short);
+
+#ifndef NO_FILESYSTEM
+    WOLFSSL_API int  wolfSSL_CTX_SetTmpDH_file(WOLFSSL_CTX*, const char* f,
+                                             int format);
+#endif
+#endif
+
+/* keyblock size in bytes or -1 */
+/* need to call wolfSSL_KeepArrays before handshake to save keys */
+WOLFSSL_API int wolfSSL_get_keyblock_size(WOLFSSL*);
+WOLFSSL_API int wolfSSL_get_keys(WOLFSSL*,unsigned char** ms, unsigned int* msLen,
+                                       unsigned char** sr, unsigned int* srLen,
+                                       unsigned char** cr, unsigned int* crLen);
+
+/* Computes EAP-TLS and EAP-TTLS keying material from the master_secret. */
+WOLFSSL_API int wolfSSL_make_eap_keys(WOLFSSL*, void* key, unsigned int len,
+                                                             const char* label);
+
+
+#ifndef _WIN32
+    #ifndef NO_WRITEV
+        #ifdef __PPU
+            #include 
+            #include 
+        #elif !defined(WOLFSSL_MDK_ARM) && !defined(WOLFSSL_IAR_ARM)
+            #include 
+        #endif
+        /* allow writev style writing */
+        WOLFSSL_API int wolfSSL_writev(WOLFSSL* ssl, const struct iovec* iov,
+                                     int iovcnt);
+    #endif
+#endif
+
+
+#ifndef NO_CERTS
+    /* SSL_CTX versions */
+    WOLFSSL_API int wolfSSL_CTX_UnloadCAs(WOLFSSL_CTX*);
+    WOLFSSL_API int wolfSSL_CTX_load_verify_buffer(WOLFSSL_CTX*,
+                                               const unsigned char*, long, int);
+    WOLFSSL_API int wolfSSL_CTX_use_certificate_buffer(WOLFSSL_CTX*,
+                                               const unsigned char*, long, int);
+    WOLFSSL_API int wolfSSL_CTX_use_PrivateKey_buffer(WOLFSSL_CTX*,
+                                               const unsigned char*, long, int);
+    WOLFSSL_API int wolfSSL_CTX_use_certificate_chain_buffer(WOLFSSL_CTX*,
+                                                    const unsigned char*, long);
+
+    /* SSL versions */
+    WOLFSSL_API int wolfSSL_use_certificate_buffer(WOLFSSL*, const unsigned char*,
+                                               long, int);
+    WOLFSSL_API int wolfSSL_use_PrivateKey_buffer(WOLFSSL*, const unsigned char*,
+                                               long, int);
+    WOLFSSL_API int wolfSSL_use_certificate_chain_buffer(WOLFSSL*,
+                                               const unsigned char*, long);
+    WOLFSSL_API int wolfSSL_UnloadCertsKeys(WOLFSSL*);
+#endif
+
+WOLFSSL_API int wolfSSL_CTX_set_group_messages(WOLFSSL_CTX*);
+WOLFSSL_API int wolfSSL_set_group_messages(WOLFSSL*);
+
+/* I/O callbacks */
+typedef int (*CallbackIORecv)(WOLFSSL *ssl, char *buf, int sz, void *ctx);
+typedef int (*CallbackIOSend)(WOLFSSL *ssl, char *buf, int sz, void *ctx);
+
+#ifdef HAVE_FUZZER
+enum fuzzer_type {
+    FUZZ_HMAC      = 0,
+    FUZZ_ENCRYPT   = 1,
+    FUZZ_SIGNATURE = 2,
+    FUZZ_HASH      = 3,
+    FUZZ_HEAD      = 4
+};
+
+typedef int (*CallbackFuzzer)(WOLFSSL* ssl, const unsigned char* buf, int sz,
+        int type, void* fuzzCtx);
+
+WOLFSSL_API void wolfSSL_SetFuzzerCb(WOLFSSL* ssl, CallbackFuzzer cbf, void* fCtx);
+#endif
+
+WOLFSSL_API void wolfSSL_SetIORecv(WOLFSSL_CTX*, CallbackIORecv);
+WOLFSSL_API void wolfSSL_SetIOSend(WOLFSSL_CTX*, CallbackIOSend);
+
+WOLFSSL_API void wolfSSL_SetIOReadCtx( WOLFSSL* ssl, void *ctx);
+WOLFSSL_API void wolfSSL_SetIOWriteCtx(WOLFSSL* ssl, void *ctx);
+
+WOLFSSL_API void* wolfSSL_GetIOReadCtx( WOLFSSL* ssl);
+WOLFSSL_API void* wolfSSL_GetIOWriteCtx(WOLFSSL* ssl);
+
+WOLFSSL_API void wolfSSL_SetIOReadFlags( WOLFSSL* ssl, int flags);
+WOLFSSL_API void wolfSSL_SetIOWriteFlags(WOLFSSL* ssl, int flags);
+
+
+#ifndef WOLFSSL_USER_IO
+    /* default IO callbacks */
+    WOLFSSL_API int EmbedReceive(WOLFSSL* ssl, char* buf, int sz, void* ctx);
+    WOLFSSL_API int EmbedSend(WOLFSSL* ssl, char* buf, int sz, void* ctx);
+
+    #ifdef HAVE_OCSP
+        WOLFSSL_API int EmbedOcspLookup(void*, const char*, int, unsigned char*,
+                                       int, unsigned char**);
+        WOLFSSL_API void EmbedOcspRespFree(void*, unsigned char*);
+    #endif
+
+    #ifdef WOLFSSL_DTLS
+        WOLFSSL_API int EmbedReceiveFrom(WOLFSSL* ssl, char* buf, int sz, void*);
+        WOLFSSL_API int EmbedSendTo(WOLFSSL* ssl, char* buf, int sz, void* ctx);
+        WOLFSSL_API int EmbedGenerateCookie(WOLFSSL* ssl, unsigned char* buf,
+                                           int sz, void*);
+    #endif /* WOLFSSL_DTLS */
+#endif /* WOLFSSL_USER_IO */
+
+
+#ifdef HAVE_NETX
+    WOLFSSL_API void wolfSSL_SetIO_NetX(WOLFSSL* ssl, NX_TCP_SOCKET* nxsocket,
+                                      ULONG waitoption);
+#endif
+
+typedef int (*CallbackGenCookie)(WOLFSSL* ssl, unsigned char* buf, int sz,
+                                 void* ctx);
+WOLFSSL_API void  wolfSSL_CTX_SetGenCookie(WOLFSSL_CTX*, CallbackGenCookie);
+WOLFSSL_API void  wolfSSL_SetCookieCtx(WOLFSSL* ssl, void *ctx);
+WOLFSSL_API void* wolfSSL_GetCookieCtx(WOLFSSL* ssl);
+
+
+/* I/O Callback default errors */
+enum IOerrors {
+    WOLFSSL_CBIO_ERR_GENERAL    = -1,     /* general unexpected err */
+    WOLFSSL_CBIO_ERR_WANT_READ  = -2,     /* need to call read  again */
+    WOLFSSL_CBIO_ERR_WANT_WRITE = -2,     /* need to call write again */
+    WOLFSSL_CBIO_ERR_CONN_RST   = -3,     /* connection reset */
+    WOLFSSL_CBIO_ERR_ISR        = -4,     /* interrupt */
+    WOLFSSL_CBIO_ERR_CONN_CLOSE = -5,     /* connection closed or epipe */
+    WOLFSSL_CBIO_ERR_TIMEOUT    = -6      /* socket timeout */
+};
+
+
+/* CA cache callbacks */
+enum {
+    WOLFSSL_SSLV3    = 0,
+    WOLFSSL_TLSV1    = 1,
+    WOLFSSL_TLSV1_1  = 2,
+    WOLFSSL_TLSV1_2  = 3,
+    WOLFSSL_USER_CA  = 1,          /* user added as trusted */
+    WOLFSSL_CHAIN_CA = 2           /* added to cache from trusted chain */
+};
+
+WOLFSSL_API int wolfSSL_SetMinVersion(WOLFSSL* ssl, int version);
+WOLFSSL_API int wolfSSL_GetObjectSize(void);  /* object size based on build */
+WOLFSSL_API int wolfSSL_SetVersion(WOLFSSL* ssl, int version);
+WOLFSSL_API int wolfSSL_KeyPemToDer(const unsigned char*, int sz, unsigned char*,
+                                  int, const char*);
+WOLFSSL_API int wolfSSL_CertPemToDer(const unsigned char*, int sz, unsigned char*,
+                                   int, int);
+
+typedef void (*CallbackCACache)(unsigned char* der, int sz, int type);
+typedef void (*CbMissingCRL)(const char* url);
+typedef int  (*CbOCSPIO)(void*, const char*, int,
+                                         unsigned char*, int, unsigned char**);
+typedef void (*CbOCSPRespFree)(void*,unsigned char*);
+
+/* User Atomic Record Layer CallBacks */
+typedef int (*CallbackMacEncrypt)(WOLFSSL* ssl, unsigned char* macOut,
+       const unsigned char* macIn, unsigned int macInSz, int macContent,
+       int macVerify, unsigned char* encOut, const unsigned char* encIn,
+       unsigned int encSz, void* ctx);
+WOLFSSL_API void  wolfSSL_CTX_SetMacEncryptCb(WOLFSSL_CTX*, CallbackMacEncrypt);
+WOLFSSL_API void  wolfSSL_SetMacEncryptCtx(WOLFSSL* ssl, void *ctx);
+WOLFSSL_API void* wolfSSL_GetMacEncryptCtx(WOLFSSL* ssl);
+
+typedef int (*CallbackDecryptVerify)(WOLFSSL* ssl,
+       unsigned char* decOut, const unsigned char* decIn,
+       unsigned int decSz, int content, int verify, unsigned int* padSz,
+       void* ctx);
+WOLFSSL_API void  wolfSSL_CTX_SetDecryptVerifyCb(WOLFSSL_CTX*,
+                                               CallbackDecryptVerify);
+WOLFSSL_API void  wolfSSL_SetDecryptVerifyCtx(WOLFSSL* ssl, void *ctx);
+WOLFSSL_API void* wolfSSL_GetDecryptVerifyCtx(WOLFSSL* ssl);
+
+WOLFSSL_API const unsigned char* wolfSSL_GetMacSecret(WOLFSSL*, int);
+WOLFSSL_API const unsigned char* wolfSSL_GetClientWriteKey(WOLFSSL*);
+WOLFSSL_API const unsigned char* wolfSSL_GetClientWriteIV(WOLFSSL*);
+WOLFSSL_API const unsigned char* wolfSSL_GetServerWriteKey(WOLFSSL*);
+WOLFSSL_API const unsigned char* wolfSSL_GetServerWriteIV(WOLFSSL*);
+WOLFSSL_API int                  wolfSSL_GetKeySize(WOLFSSL*);
+WOLFSSL_API int                  wolfSSL_GetIVSize(WOLFSSL*);
+WOLFSSL_API int                  wolfSSL_GetSide(WOLFSSL*);
+WOLFSSL_API int                  wolfSSL_IsTLSv1_1(WOLFSSL*);
+WOLFSSL_API int                  wolfSSL_GetBulkCipher(WOLFSSL*);
+WOLFSSL_API int                  wolfSSL_GetCipherBlockSize(WOLFSSL*);
+WOLFSSL_API int                  wolfSSL_GetAeadMacSize(WOLFSSL*);
+WOLFSSL_API int                  wolfSSL_GetHmacSize(WOLFSSL*);
+WOLFSSL_API int                  wolfSSL_GetHmacType(WOLFSSL*);
+WOLFSSL_API int                  wolfSSL_GetCipherType(WOLFSSL*);
+WOLFSSL_API int                  wolfSSL_SetTlsHmacInner(WOLFSSL*, unsigned char*,
+                                                       unsigned int, int, int);
+
+/* Atomic User Needs */
+enum {
+    WOLFSSL_SERVER_END = 0,
+    WOLFSSL_CLIENT_END = 1,
+    WOLFSSL_BLOCK_TYPE = 2,
+    WOLFSSL_STREAM_TYPE = 3,
+    WOLFSSL_AEAD_TYPE = 4,
+    WOLFSSL_TLS_HMAC_INNER_SZ = 13      /* SEQ_SZ + ENUM + VERSION_SZ + LEN_SZ */
+};
+
+/* for GetBulkCipher and internal use */
+enum BulkCipherAlgorithm {
+    wolfssl_cipher_null,
+    wolfssl_rc4,
+    wolfssl_rc2,
+    wolfssl_des,
+    wolfssl_triple_des,             /* leading 3 (3des) not valid identifier */
+    wolfssl_des40,
+    wolfssl_idea,
+    wolfssl_aes,
+    wolfssl_aes_gcm,
+    wolfssl_aes_ccm,
+    wolfssl_chacha,
+    wolfssl_camellia,
+    wolfssl_hc128,                  /* wolfSSL extensions */
+    wolfssl_rabbit
+};
+
+
+/* for KDF TLS 1.2 mac types */
+enum KDF_MacAlgorithm {
+    wolfssl_sha256 = 4,     /* needs to match internal MACAlgorithm */
+    wolfssl_sha384,
+    wolfssl_sha512
+};
+
+
+/* Public Key Callback support */
+typedef int (*CallbackEccSign)(WOLFSSL* ssl,
+       const unsigned char* in, unsigned int inSz,
+       unsigned char* out, unsigned int* outSz,
+       const unsigned char* keyDer, unsigned int keySz,
+       void* ctx);
+WOLFSSL_API void  wolfSSL_CTX_SetEccSignCb(WOLFSSL_CTX*, CallbackEccSign);
+WOLFSSL_API void  wolfSSL_SetEccSignCtx(WOLFSSL* ssl, void *ctx);
+WOLFSSL_API void* wolfSSL_GetEccSignCtx(WOLFSSL* ssl);
+
+typedef int (*CallbackEccVerify)(WOLFSSL* ssl,
+       const unsigned char* sig, unsigned int sigSz,
+       const unsigned char* hash, unsigned int hashSz,
+       const unsigned char* keyDer, unsigned int keySz,
+       int* result, void* ctx);
+WOLFSSL_API void  wolfSSL_CTX_SetEccVerifyCb(WOLFSSL_CTX*, CallbackEccVerify);
+WOLFSSL_API void  wolfSSL_SetEccVerifyCtx(WOLFSSL* ssl, void *ctx);
+WOLFSSL_API void* wolfSSL_GetEccVerifyCtx(WOLFSSL* ssl);
+
+typedef int (*CallbackRsaSign)(WOLFSSL* ssl,
+       const unsigned char* in, unsigned int inSz,
+       unsigned char* out, unsigned int* outSz,
+       const unsigned char* keyDer, unsigned int keySz,
+       void* ctx);
+WOLFSSL_API void  wolfSSL_CTX_SetRsaSignCb(WOLFSSL_CTX*, CallbackRsaSign);
+WOLFSSL_API void  wolfSSL_SetRsaSignCtx(WOLFSSL* ssl, void *ctx);
+WOLFSSL_API void* wolfSSL_GetRsaSignCtx(WOLFSSL* ssl);
+
+typedef int (*CallbackRsaVerify)(WOLFSSL* ssl,
+       unsigned char* sig, unsigned int sigSz,
+       unsigned char** out,
+       const unsigned char* keyDer, unsigned int keySz,
+       void* ctx);
+WOLFSSL_API void  wolfSSL_CTX_SetRsaVerifyCb(WOLFSSL_CTX*, CallbackRsaVerify);
+WOLFSSL_API void  wolfSSL_SetRsaVerifyCtx(WOLFSSL* ssl, void *ctx);
+WOLFSSL_API void* wolfSSL_GetRsaVerifyCtx(WOLFSSL* ssl);
+
+/* RSA Public Encrypt cb */
+typedef int (*CallbackRsaEnc)(WOLFSSL* ssl,
+       const unsigned char* in, unsigned int inSz,
+       unsigned char* out, unsigned int* outSz,
+       const unsigned char* keyDer, unsigned int keySz,
+       void* ctx);
+WOLFSSL_API void  wolfSSL_CTX_SetRsaEncCb(WOLFSSL_CTX*, CallbackRsaEnc);
+WOLFSSL_API void  wolfSSL_SetRsaEncCtx(WOLFSSL* ssl, void *ctx);
+WOLFSSL_API void* wolfSSL_GetRsaEncCtx(WOLFSSL* ssl);
+
+/* RSA Private Decrypt cb */
+typedef int (*CallbackRsaDec)(WOLFSSL* ssl,
+       unsigned char* in, unsigned int inSz,
+       unsigned char** out,
+       const unsigned char* keyDer, unsigned int keySz,
+       void* ctx);
+WOLFSSL_API void  wolfSSL_CTX_SetRsaDecCb(WOLFSSL_CTX*, CallbackRsaDec);
+WOLFSSL_API void  wolfSSL_SetRsaDecCtx(WOLFSSL* ssl, void *ctx);
+WOLFSSL_API void* wolfSSL_GetRsaDecCtx(WOLFSSL* ssl);
+
+
+#ifndef NO_CERTS
+	WOLFSSL_API void wolfSSL_CTX_SetCACb(WOLFSSL_CTX*, CallbackCACache);
+
+    WOLFSSL_API WOLFSSL_CERT_MANAGER* wolfSSL_CertManagerNew(void);
+    WOLFSSL_API void wolfSSL_CertManagerFree(WOLFSSL_CERT_MANAGER*);
+
+    WOLFSSL_API int wolfSSL_CertManagerLoadCA(WOLFSSL_CERT_MANAGER*, const char* f,
+                                                                 const char* d);
+    WOLFSSL_API int wolfSSL_CertManagerUnloadCAs(WOLFSSL_CERT_MANAGER* cm);
+    WOLFSSL_API int wolfSSL_CertManagerVerify(WOLFSSL_CERT_MANAGER*, const char* f,
+                                                                    int format);
+    WOLFSSL_API int wolfSSL_CertManagerVerifyBuffer(WOLFSSL_CERT_MANAGER* cm,
+                                const unsigned char* buff, long sz, int format);
+    WOLFSSL_API int wolfSSL_CertManagerCheckCRL(WOLFSSL_CERT_MANAGER*,
+                                                        unsigned char*, int sz);
+    WOLFSSL_API int wolfSSL_CertManagerEnableCRL(WOLFSSL_CERT_MANAGER*,
+                                                                   int options);
+    WOLFSSL_API int wolfSSL_CertManagerDisableCRL(WOLFSSL_CERT_MANAGER*);
+    WOLFSSL_API int wolfSSL_CertManagerLoadCRL(WOLFSSL_CERT_MANAGER*, const char*,
+                                                                      int, int);
+    WOLFSSL_API int wolfSSL_CertManagerSetCRL_Cb(WOLFSSL_CERT_MANAGER*,
+                                                                  CbMissingCRL);
+    WOLFSSL_API int wolfSSL_CertManagerCheckOCSP(WOLFSSL_CERT_MANAGER*,
+                                                        unsigned char*, int sz);
+    WOLFSSL_API int wolfSSL_CertManagerEnableOCSP(WOLFSSL_CERT_MANAGER*,
+                                                                   int options);
+    WOLFSSL_API int wolfSSL_CertManagerDisableOCSP(WOLFSSL_CERT_MANAGER*);
+    WOLFSSL_API int wolfSSL_CertManagerSetOCSPOverrideURL(WOLFSSL_CERT_MANAGER*,
+                                                                   const char*);
+    WOLFSSL_API int wolfSSL_CertManagerSetOCSP_Cb(WOLFSSL_CERT_MANAGER*,
+                                               CbOCSPIO, CbOCSPRespFree, void*);
+
+    WOLFSSL_API int wolfSSL_EnableCRL(WOLFSSL* ssl, int options);
+    WOLFSSL_API int wolfSSL_DisableCRL(WOLFSSL* ssl);
+    WOLFSSL_API int wolfSSL_LoadCRL(WOLFSSL*, const char*, int, int);
+    WOLFSSL_API int wolfSSL_SetCRL_Cb(WOLFSSL*, CbMissingCRL);
+    WOLFSSL_API int wolfSSL_EnableOCSP(WOLFSSL*, int options);
+    WOLFSSL_API int wolfSSL_DisableOCSP(WOLFSSL*);
+    WOLFSSL_API int wolfSSL_SetOCSP_OverrideURL(WOLFSSL*, const char*);
+    WOLFSSL_API int wolfSSL_SetOCSP_Cb(WOLFSSL*, CbOCSPIO, CbOCSPRespFree, void*);
+
+    WOLFSSL_API int wolfSSL_CTX_EnableCRL(WOLFSSL_CTX* ctx, int options);
+    WOLFSSL_API int wolfSSL_CTX_DisableCRL(WOLFSSL_CTX* ctx);
+    WOLFSSL_API int wolfSSL_CTX_LoadCRL(WOLFSSL_CTX*, const char*, int, int);
+    WOLFSSL_API int wolfSSL_CTX_SetCRL_Cb(WOLFSSL_CTX*, CbMissingCRL);
+    WOLFSSL_API int wolfSSL_CTX_EnableOCSP(WOLFSSL_CTX*, int options);
+    WOLFSSL_API int wolfSSL_CTX_DisableOCSP(WOLFSSL_CTX*);
+    WOLFSSL_API int wolfSSL_CTX_SetOCSP_OverrideURL(WOLFSSL_CTX*, const char*);
+    WOLFSSL_API int wolfSSL_CTX_SetOCSP_Cb(WOLFSSL_CTX*,
+                                               CbOCSPIO, CbOCSPRespFree, void*);
+#endif /* !NO_CERTS */
+
+/* end of handshake frees temporary arrays, if user needs for get_keys or
+   psk hints, call KeepArrays before handshake and then FreeArrays when done
+   if don't want to wait for object free */
+WOLFSSL_API void wolfSSL_KeepArrays(WOLFSSL*);
+WOLFSSL_API void wolfSSL_FreeArrays(WOLFSSL*);
+
+
+/* cavium additions */
+WOLFSSL_API int wolfSSL_UseCavium(WOLFSSL*, int devId);
+WOLFSSL_API int wolfSSL_CTX_UseCavium(WOLFSSL_CTX*, int devId);
+
+/* TLS Extensions */
+
+/* Server Name Indication */
+#ifdef HAVE_SNI
+
+/* SNI types */
+enum {
+    WOLFSSL_SNI_HOST_NAME = 0
+};
+
+WOLFSSL_API int wolfSSL_UseSNI(WOLFSSL* ssl, unsigned char type, const void* data,
+                                                           unsigned short size);
+WOLFSSL_API int wolfSSL_CTX_UseSNI(WOLFSSL_CTX* ctx, unsigned char type,
+                                         const void* data, unsigned short size);
+
+#ifndef NO_WOLFSSL_SERVER
+
+/* SNI options */
+enum {
+    WOLFSSL_SNI_CONTINUE_ON_MISMATCH = 0x01, /* do not abort on mismatch flag */
+    WOLFSSL_SNI_ANSWER_ON_MISMATCH   = 0x02  /* fake match on mismatch flag */
+};
+
+WOLFSSL_API void wolfSSL_SNI_SetOptions(WOLFSSL* ssl, unsigned char type,
+                                                         unsigned char options);
+WOLFSSL_API void wolfSSL_CTX_SNI_SetOptions(WOLFSSL_CTX* ctx, unsigned char type,
+                                                         unsigned char options);
+
+/* SNI status */
+enum {
+    WOLFSSL_SNI_NO_MATCH   = 0,
+    WOLFSSL_SNI_FAKE_MATCH = 1, /* if WOLFSSL_SNI_ANSWER_ON_MISMATCH is enabled */
+    WOLFSSL_SNI_REAL_MATCH = 2
+};
+
+WOLFSSL_API unsigned char wolfSSL_SNI_Status(WOLFSSL* ssl, unsigned char type);
+
+WOLFSSL_API unsigned short wolfSSL_SNI_GetRequest(WOLFSSL *ssl, unsigned char type,
+                                                                   void** data);
+WOLFSSL_API int wolfSSL_SNI_GetFromBuffer(
+                 const unsigned char* clientHello, unsigned int helloSz,
+                 unsigned char type, unsigned char* sni, unsigned int* inOutSz);
+
+#endif
+#endif
+
+/* Maximum Fragment Length */
+#ifdef HAVE_MAX_FRAGMENT
+
+/* Fragment lengths */
+enum {
+    WOLFSSL_MFL_2_9  = 1, /*  512 bytes */
+    WOLFSSL_MFL_2_10 = 2, /* 1024 bytes */
+    WOLFSSL_MFL_2_11 = 3, /* 2048 bytes */
+    WOLFSSL_MFL_2_12 = 4, /* 4096 bytes */
+    WOLFSSL_MFL_2_13 = 5  /* 8192 bytes *//* wolfSSL ONLY!!! */
+};
+
+#ifndef NO_WOLFSSL_CLIENT
+
+WOLFSSL_API int wolfSSL_UseMaxFragment(WOLFSSL* ssl, unsigned char mfl);
+WOLFSSL_API int wolfSSL_CTX_UseMaxFragment(WOLFSSL_CTX* ctx, unsigned char mfl);
+
+#endif
+#endif
+
+/* Truncated HMAC */
+#ifdef HAVE_TRUNCATED_HMAC
+#ifndef NO_WOLFSSL_CLIENT
+
+WOLFSSL_API int wolfSSL_UseTruncatedHMAC(WOLFSSL* ssl);
+WOLFSSL_API int wolfSSL_CTX_UseTruncatedHMAC(WOLFSSL_CTX* ctx);
+
+#endif
+#endif
+
+/* Elliptic Curves */
+#ifdef HAVE_SUPPORTED_CURVES
+
+enum {
+    WOLFSSL_ECC_SECP160R1 = 0x10,
+    WOLFSSL_ECC_SECP192R1 = 0x13,
+    WOLFSSL_ECC_SECP224R1 = 0x15,
+    WOLFSSL_ECC_SECP256R1 = 0x17,
+    WOLFSSL_ECC_SECP384R1 = 0x18,
+    WOLFSSL_ECC_SECP521R1 = 0x19
+};
+
+#ifndef NO_WOLFSSL_CLIENT
+
+WOLFSSL_API int wolfSSL_UseSupportedCurve(WOLFSSL* ssl, unsigned short name);
+WOLFSSL_API int wolfSSL_CTX_UseSupportedCurve(WOLFSSL_CTX* ctx,
+                                                           unsigned short name);
+
+#endif
+#endif
+
+/* Secure Renegotiation */
+#ifdef HAVE_SECURE_RENEGOTIATION
+
+WOLFSSL_API int wolfSSL_UseSecureRenegotiation(WOLFSSL* ssl);
+WOLFSSL_API int wolfSSL_Rehandshake(WOLFSSL* ssl);
+
+#endif
+
+/* Session Ticket */
+#ifdef HAVE_SESSION_TICKET
+#ifndef NO_WOLFSSL_CLIENT
+
+WOLFSSL_API int wolfSSL_UseSessionTicket(WOLFSSL* ssl);
+WOLFSSL_API int wolfSSL_CTX_UseSessionTicket(WOLFSSL_CTX* ctx);
+WOLFSSL_API int wolfSSL_get_SessionTicket(WOLFSSL*, unsigned char*, unsigned int*);
+WOLFSSL_API int wolfSSL_set_SessionTicket(WOLFSSL*, unsigned char*, unsigned int);
+typedef int (*CallbackSessionTicket)(WOLFSSL*, const unsigned char*, int, void*);
+WOLFSSL_API int wolfSSL_set_SessionTicket_cb(WOLFSSL*,
+                                                  CallbackSessionTicket, void*);
+
+#endif
+#endif
+
+#define WOLFSSL_CRL_MONITOR   0x01   /* monitor this dir flag */
+#define WOLFSSL_CRL_START_MON 0x02   /* start monitoring flag */
+
+
+/* External facing KDF */
+WOLFSSL_API
+int wolfSSL_MakeTlsMasterSecret(unsigned char* ms, unsigned int msLen,
+                               const unsigned char* pms, unsigned int pmsLen,
+                               const unsigned char* cr, const unsigned char* sr,
+                               int tls1_2, int hash_type);
+
+WOLFSSL_API
+int wolfSSL_DeriveTlsKeys(unsigned char* key_data, unsigned int keyLen,
+                               const unsigned char* ms, unsigned int msLen,
+                               const unsigned char* sr, const unsigned char* cr,
+                               int tls1_2, int hash_type);
+
+#ifdef WOLFSSL_CALLBACKS
+
+/* used internally by wolfSSL while OpenSSL types aren't */
+#include 
+
+typedef int (*HandShakeCallBack)(HandShakeInfo*);
+typedef int (*TimeoutCallBack)(TimeoutInfo*);
+
+/* wolfSSL connect extension allowing HandShakeCallBack and/or TimeoutCallBack
+   for diagnostics */
+WOLFSSL_API int wolfSSL_connect_ex(WOLFSSL*, HandShakeCallBack, TimeoutCallBack,
+                                 Timeval);
+WOLFSSL_API int wolfSSL_accept_ex(WOLFSSL*, HandShakeCallBack, TimeoutCallBack,
+                                Timeval);
+
+#endif /* WOLFSSL_CALLBACKS */
+
+
+#ifdef WOLFSSL_HAVE_WOLFSCEP
+    WOLFSSL_API void wolfSSL_wolfSCEP(void);
+#endif /* WOLFSSL_HAVE_WOLFSCEP */
+
+#ifdef WOLFSSL_HAVE_CERT_SERVICE
+    WOLFSSL_API void wolfSSL_cert_service(void);
+#endif
+
+
+#ifdef __cplusplus
+    }  /* extern "C" */
+#endif
+
+
+#endif /* WOLFSSL_SSL_H */
+
diff --git a/3P/wolfssl/wolfssl/test.h b/3P/wolfssl/wolfssl/test.h
new file mode 100644
index 00000000..b822c238
--- /dev/null
+++ b/3P/wolfssl/wolfssl/test.h
@@ -0,0 +1,1834 @@
+/* test.h */
+
+#ifndef wolfSSL_TEST_H
+#define wolfSSL_TEST_H
+
+#include 
+#include 
+#include 
+#include 
+#include  /* portability layer */
+#include 
+#include 
+#include 
+
+#ifdef ATOMIC_USER
+    #include 
+    #include 
+    #include 
+#endif
+#ifdef HAVE_PK_CALLBACKS
+    #include 
+    #ifdef HAVE_ECC
+        #include 
+    #endif /* HAVE_ECC */
+#endif /*HAVE_PK_CALLBACKS */
+
+#ifdef USE_WINDOWS_API 
+    #include 
+    #include 
+    #ifdef TEST_IPV6            /* don't require newer SDK for IPV4 */
+        #include 
+        #include 
+    #endif
+    #define SOCKET_T SOCKET
+    #define SNPRINTF _snprintf
+#elif defined(WOLFSSL_MDK_ARM)
+    #include 
+#elif defined(WOLFSSL_TIRTOS)
+    #include 
+    #include 
+    #include 
+    #include 
+    #include 
+    #include 
+    #define SOCKET_T int
+#else
+    #include 
+    #include 
+#ifndef WOLFSSL_LEANPSK
+    #include 
+    #include 
+    #include 
+    #include 
+    #include 
+    #include 
+    #include 
+    #include 
+    #include 
+    #include 
+    #ifdef TEST_IPV6
+        #include 
+    #endif
+#endif
+    #define SOCKET_T int
+    #ifndef SO_NOSIGPIPE
+        #include   /* ignore SIGPIPE */
+    #endif
+    #define SNPRINTF snprintf
+#endif /* USE_WINDOWS_API */
+
+#ifdef HAVE_CAVIUM
+    #include "cavium_sysdep.h"
+    #include "cavium_common.h"
+    #include "cavium_ioctl.h"
+#endif
+
+#ifdef _MSC_VER
+    /* disable conversion warning */
+    /* 4996 warning to use MS extensions e.g., strcpy_s instead of strncpy */
+    #pragma warning(disable:4244 4996)
+#endif
+
+
+#if defined(__MACH__) || defined(USE_WINDOWS_API)
+    #ifndef _SOCKLEN_T
+        typedef int socklen_t;
+    #endif
+#endif
+
+
+/* HPUX doesn't use socklent_t for third parameter to accept, unless
+   _XOPEN_SOURCE_EXTENDED is defined */
+#if !defined(__hpux__) && !defined(WOLFSSL_MDK_ARM) && !defined(WOLFSSL_IAR_ARM)
+    typedef socklen_t* ACCEPT_THIRD_T;
+#else
+    #if defined _XOPEN_SOURCE_EXTENDED
+        typedef socklen_t* ACCEPT_THIRD_T;
+    #else
+        typedef int*       ACCEPT_THIRD_T;
+    #endif
+#endif
+
+
+#ifdef USE_WINDOWS_API 
+    #define CloseSocket(s) closesocket(s)
+    #define StartTCP() { WSADATA wsd; WSAStartup(0x0002, &wsd); }
+#elif defined(WOLFSSL_MDK_ARM)
+    #define CloseSocket(s) closesocket(s)
+    #define StartTCP() 
+#else
+    #define CloseSocket(s) close(s)
+    #define StartTCP() 
+#endif
+
+
+#ifdef SINGLE_THREADED
+    typedef unsigned int  THREAD_RETURN;
+    typedef void*         THREAD_TYPE;
+    #define WOLFSSL_THREAD
+#else
+    #if defined(_POSIX_THREADS) && !defined(__MINGW32__)
+        typedef void*         THREAD_RETURN;
+        typedef pthread_t     THREAD_TYPE;
+        #define WOLFSSL_THREAD
+        #define INFINITE -1
+        #define WAIT_OBJECT_0 0L
+    #elif defined(WOLFSSL_MDK_ARM)
+        typedef unsigned int  THREAD_RETURN;
+        typedef int           THREAD_TYPE;
+        #define WOLFSSL_THREAD
+    #elif defined(WOLFSSL_TIRTOS)
+        typedef void          THREAD_RETURN;
+        typedef Task_Handle   THREAD_TYPE;
+        #define WOLFSSL_THREAD
+    #else
+        typedef unsigned int  THREAD_RETURN;
+        typedef intptr_t      THREAD_TYPE;
+        #define WOLFSSL_THREAD __stdcall
+    #endif
+#endif
+
+
+#ifdef TEST_IPV6
+    typedef struct sockaddr_in6 SOCKADDR_IN_T;
+    #define AF_INET_V    AF_INET6
+#else
+    typedef struct sockaddr_in  SOCKADDR_IN_T;
+    #define AF_INET_V    AF_INET
+#endif
+   
+
+#define SERVER_DEFAULT_VERSION 3
+#define SERVER_DTLS_DEFAULT_VERSION (-2)
+#define SERVER_INVALID_VERSION (-99)
+#define CLIENT_DEFAULT_VERSION 3
+#define CLIENT_DTLS_DEFAULT_VERSION (-2)
+#define CLIENT_INVALID_VERSION (-99)
+
+/* all certs relative to wolfSSL home directory now */
+#define caCert     "./certs/ca-cert.pem"
+#define eccCert    "./certs/server-ecc.pem"
+#define eccKey     "./certs/ecc-key.pem"
+#define svrCert    "./certs/server-cert.pem"
+#define svrKey     "./certs/server-key.pem"
+#define cliCert    "./certs/client-cert.pem"
+#define cliKey     "./certs/client-key.pem"
+#define ntruCert   "./certs/ntru-cert.pem"
+#define ntruKey    "./certs/ntru-key.raw"
+#define dhParam    "./certs/dh2048.pem"
+#define cliEccKey  "./certs/ecc-client-key.pem"
+#define cliEccCert "./certs/client-ecc-cert.pem"
+#define crlPemDir  "./certs/crl"
+
+typedef struct tcp_ready {
+    word16 ready;              /* predicate */
+    word16 port;
+#if defined(_POSIX_THREADS) && !defined(__MINGW32__)
+    pthread_mutex_t mutex;
+    pthread_cond_t  cond;
+#endif
+} tcp_ready;    
+
+
+void InitTcpReady(tcp_ready*);
+void FreeTcpReady(tcp_ready*);
+
+typedef WOLFSSL_METHOD* (*method_provider)(void);
+typedef void (*ctx_callback)(WOLFSSL_CTX* ctx);
+typedef void (*ssl_callback)(WOLFSSL* ssl);
+
+typedef struct callback_functions {
+    method_provider method;
+    ctx_callback ctx_ready;
+    ssl_callback ssl_ready;
+    ssl_callback on_result;
+} callback_functions;
+
+typedef struct func_args {
+    int    argc;
+    char** argv;
+    int    return_code;
+    tcp_ready* signal;
+    callback_functions *callbacks;
+} func_args;
+
+void wait_tcp_ready(func_args*);
+
+typedef THREAD_RETURN WOLFSSL_THREAD THREAD_FUNC(void*);
+
+void start_thread(THREAD_FUNC, func_args*, THREAD_TYPE*);
+void join_thread(THREAD_TYPE);
+
+/* wolfSSL */
+#ifndef TEST_IPV6
+    static const char* const wolfSSLIP   = "127.0.0.1";
+#else
+    static const char* const wolfSSLIP   = "::1";
+#endif
+static const word16      wolfSSLPort = 11111;
+
+static INLINE void err_sys(const char* msg)
+{
+    printf("wolfSSL error: %s\n", msg);
+    if (msg)
+        exit(EXIT_FAILURE);
+}
+
+
+#define MY_EX_USAGE 2
+
+extern int   myoptind;
+extern char* myoptarg;
+
+static INLINE int mygetopt(int argc, char** argv, const char* optstring)
+{
+    static char* next = NULL;
+
+    char  c;
+    char* cp;
+
+    if (myoptind == 0)
+        next = NULL;   /* we're starting new/over */
+
+    if (next == NULL || *next == '\0') {
+        if (myoptind == 0)
+            myoptind++;
+
+        if (myoptind >= argc || argv[myoptind][0] != '-' ||
+                                argv[myoptind][1] == '\0') {
+            myoptarg = NULL;
+            if (myoptind < argc)
+                myoptarg = argv[myoptind];
+
+            return -1;
+        }
+
+        if (strcmp(argv[myoptind], "--") == 0) {
+            myoptind++;
+            myoptarg = NULL;
+
+            if (myoptind < argc)
+                myoptarg = argv[myoptind];
+
+            return -1;
+        }
+
+        next = argv[myoptind];
+        next++;                  /* skip - */
+        myoptind++;
+    }
+
+    c  = *next++;
+    /* The C++ strchr can return a different value */
+    cp = (char*)strchr(optstring, c);
+
+    if (cp == NULL || c == ':') 
+        return '?';
+
+    cp++;
+
+    if (*cp == ':') {
+        if (*next != '\0') {
+            myoptarg = next;
+            next     = NULL;
+        }
+        else if (myoptind < argc) {
+            myoptarg = argv[myoptind];
+            myoptind++;
+        }
+        else 
+            return '?';
+    }
+
+    return c;
+}
+
+
+#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER)
+
+static INLINE int PasswordCallBack(char* passwd, int sz, int rw, void* userdata)
+{
+    (void)rw;
+    (void)userdata;
+    strncpy(passwd, "yassl123", sz);
+    return 8;
+}
+
+#endif
+
+
+#if defined(KEEP_PEER_CERT) || defined(SESSION_CERTS)
+
+static INLINE void ShowX509(WOLFSSL_X509* x509, const char* hdr)
+{
+    char* altName;
+    char* issuer  = wolfSSL_X509_NAME_oneline(
+                                       wolfSSL_X509_get_issuer_name(x509), 0, 0);
+    char* subject = wolfSSL_X509_NAME_oneline(
+                                      wolfSSL_X509_get_subject_name(x509), 0, 0);
+    byte  serial[32];
+    int   ret;
+    int   sz = sizeof(serial);
+        
+    printf("%s\n issuer : %s\n subject: %s\n", hdr, issuer, subject);
+
+    while ( (altName = wolfSSL_X509_get_next_altname(x509)) != NULL)
+        printf(" altname = %s\n", altName);
+
+    ret = wolfSSL_X509_get_serial_number(x509, serial, &sz);
+    if (ret == SSL_SUCCESS) {
+        int  i;
+        int  strLen;
+        char serialMsg[80];
+
+        /* testsuite has multiple threads writing to stdout, get output
+           message ready to write once */
+        strLen = sprintf(serialMsg, " serial number");
+        for (i = 0; i < sz; i++)
+            sprintf(serialMsg + strLen + (i*3), ":%02x ", serial[i]);
+        printf("%s\n", serialMsg);
+    }
+
+    XFREE(subject, 0, DYNAMIC_TYPE_OPENSSL);
+    XFREE(issuer,  0, DYNAMIC_TYPE_OPENSSL);
+}
+
+#endif /* KEEP_PEER_CERT || SESSION_CERTS */
+
+
+static INLINE void showPeer(WOLFSSL* ssl)
+{
+
+    WOLFSSL_CIPHER* cipher;
+#ifdef KEEP_PEER_CERT
+    WOLFSSL_X509* peer = wolfSSL_get_peer_certificate(ssl);
+    if (peer)
+        ShowX509(peer, "peer's cert info:");
+    else
+        printf("peer has no cert!\n");
+#endif
+    printf("SSL version is %s\n", wolfSSL_get_version(ssl));
+
+    cipher = wolfSSL_get_current_cipher(ssl);
+    printf("SSL cipher suite is %s\n", wolfSSL_CIPHER_get_name(cipher));
+
+#if defined(SESSION_CERTS) && defined(SHOW_CERTS)
+    {
+        WOLFSSL_X509_CHAIN* chain = wolfSSL_get_peer_chain(ssl);
+        int                count = wolfSSL_get_chain_count(chain);
+        int i;
+
+        for (i = 0; i < count; i++) {
+            int length;
+            unsigned char buffer[3072];
+            WOLFSSL_X509* chainX509;
+
+            wolfSSL_get_chain_cert_pem(chain,i,buffer, sizeof(buffer), &length);
+            buffer[length] = 0;
+            printf("cert %d has length %d data = \n%s\n", i, length, buffer);
+
+            chainX509 = wolfSSL_get_chain_X509(chain, i);
+            if (chainX509)
+                ShowX509(chainX509, "session cert info:");
+            else
+                printf("get_chain_X509 failed\n");
+            wolfSSL_FreeX509(chainX509);
+        }
+    }
+#endif
+  (void)ssl;
+}
+
+
+static INLINE void build_addr(SOCKADDR_IN_T* addr, const char* peer,
+                              word16 port, int udp)
+{
+    int useLookup = 0;
+    (void)useLookup;
+    (void)udp;
+
+    memset(addr, 0, sizeof(SOCKADDR_IN_T));
+
+#ifndef TEST_IPV6
+    /* peer could be in human readable form */
+    if ( (peer != INADDR_ANY) && isalpha((int)peer[0])) {
+        #ifdef WOLFSSL_MDK_ARM
+            int err;
+            struct hostent* entry = gethostbyname(peer, &err);
+        #else
+            struct hostent* entry = gethostbyname(peer);
+        #endif
+
+        if (entry) {
+            memcpy(&addr->sin_addr.s_addr, entry->h_addr_list[0],
+                   entry->h_length);
+            useLookup = 1;
+        }
+        else
+            err_sys("no entry for host");
+    }
+#endif
+
+
+#ifndef TEST_IPV6
+    #if defined(WOLFSSL_MDK_ARM)
+        addr->sin_family = PF_INET;
+    #else
+        addr->sin_family = AF_INET_V;
+    #endif
+    addr->sin_port = htons(port);
+    if (peer == INADDR_ANY)
+        addr->sin_addr.s_addr = INADDR_ANY;
+    else {
+        if (!useLookup)
+            addr->sin_addr.s_addr = inet_addr(peer);
+    }
+#else
+    addr->sin6_family = AF_INET_V;
+    addr->sin6_port = htons(port);
+    if (peer == INADDR_ANY)
+        addr->sin6_addr = in6addr_any;
+    else {
+        #ifdef HAVE_GETADDRINFO
+            struct addrinfo  hints;
+            struct addrinfo* answer = NULL;
+            int    ret;
+            char   strPort[80];
+
+            memset(&hints, 0, sizeof(hints));
+
+            hints.ai_family   = AF_INET_V;
+            hints.ai_socktype = udp ? SOCK_DGRAM : SOCK_STREAM;
+            hints.ai_protocol = udp ? IPPROTO_UDP : IPPROTO_TCP;
+
+            SNPRINTF(strPort, sizeof(strPort), "%d", port);
+            strPort[79] = '\0';
+
+            ret = getaddrinfo(peer, strPort, &hints, &answer);
+            if (ret < 0 || answer == NULL)
+                err_sys("getaddrinfo failed");
+
+            memcpy(addr, answer->ai_addr, answer->ai_addrlen);
+            freeaddrinfo(answer);
+        #else
+            printf("no ipv6 getaddrinfo, loopback only tests/examples\n");
+            addr->sin6_addr = in6addr_loopback;
+        #endif
+    }
+#endif
+}
+
+
+static INLINE void tcp_socket(SOCKET_T* sockfd, int udp)
+{
+    if (udp)
+        *sockfd = socket(AF_INET_V, SOCK_DGRAM, 0);
+    else
+        *sockfd = socket(AF_INET_V, SOCK_STREAM, 0);
+
+#ifdef USE_WINDOWS_API
+    if (*sockfd == INVALID_SOCKET)
+        err_sys("socket failed\n");
+#elif defined(WOLFSSL_TIRTOS)
+    if (*sockfd == -1)
+        err_sys("socket failed\n");
+#else
+    if (*sockfd < 0)
+        err_sys("socket failed\n");
+#endif
+
+#ifndef USE_WINDOWS_API 
+#ifdef SO_NOSIGPIPE
+    {
+        int       on = 1;
+        socklen_t len = sizeof(on);
+        int       res = setsockopt(*sockfd, SOL_SOCKET, SO_NOSIGPIPE, &on, len);
+        if (res < 0)
+            err_sys("setsockopt SO_NOSIGPIPE failed\n");
+    }
+#elif defined(WOLFSSL_MDK_ARM) || defined (WOLFSSL_TIRTOS)
+    /* nothing to define */
+#else  /* no S_NOSIGPIPE */
+    signal(SIGPIPE, SIG_IGN);
+#endif /* S_NOSIGPIPE */
+
+#if defined(TCP_NODELAY)
+    if (!udp)
+    {
+        int       on = 1;
+        socklen_t len = sizeof(on);
+        int       res = setsockopt(*sockfd, IPPROTO_TCP, TCP_NODELAY, &on, len);
+        if (res < 0)
+            err_sys("setsockopt TCP_NODELAY failed\n");
+    }
+#endif
+#endif  /* USE_WINDOWS_API */
+}
+
+static INLINE void tcp_connect(SOCKET_T* sockfd, const char* ip, word16 port,
+                               int udp)
+{
+    SOCKADDR_IN_T addr;
+    build_addr(&addr, ip, port, udp);
+    tcp_socket(sockfd, udp);
+
+    if (!udp) {
+        if (connect(*sockfd, (const struct sockaddr*)&addr, sizeof(addr)) != 0)
+            err_sys("tcp connect failed");
+    }
+}
+
+
+static INLINE void udp_connect(SOCKET_T* sockfd, void* addr, int addrSz)
+{
+    if (connect(*sockfd, (const struct sockaddr*)addr, addrSz) != 0)
+        err_sys("tcp connect failed");
+}
+
+
+enum {
+    TEST_SELECT_FAIL,
+    TEST_TIMEOUT,
+    TEST_RECV_READY,
+    TEST_ERROR_READY
+};
+
+
+#if !defined(WOLFSSL_MDK_ARM) && !defined(WOLFSSL_TIRTOS)
+static INLINE int tcp_select(SOCKET_T socketfd, int to_sec)
+{
+    fd_set recvfds, errfds;
+    SOCKET_T nfds = socketfd + 1;
+    struct timeval timeout = { (to_sec > 0) ? to_sec : 0, 0};
+    int result;
+
+    FD_ZERO(&recvfds);
+    FD_SET(socketfd, &recvfds);
+    FD_ZERO(&errfds);
+    FD_SET(socketfd, &errfds);
+
+    result = select(nfds, &recvfds, NULL, &errfds, &timeout);
+
+    if (result == 0)
+        return TEST_TIMEOUT;
+    else if (result > 0) {
+        if (FD_ISSET(socketfd, &recvfds))
+            return TEST_RECV_READY;
+        else if(FD_ISSET(socketfd, &errfds))
+            return TEST_ERROR_READY;
+    }
+
+    return TEST_SELECT_FAIL;
+}
+#elif defined(WOLFSSL_TIRTOS)
+static INLINE int tcp_select(SOCKET_T socketfd, int to_sec)
+{
+    return TEST_RECV_READY;
+}
+#endif /* !WOLFSSL_MDK_ARM */
+
+
+static INLINE void tcp_listen(SOCKET_T* sockfd, word16* port, int useAnyAddr,
+                              int udp)
+{
+    SOCKADDR_IN_T addr;
+
+    /* don't use INADDR_ANY by default, firewall may block, make user switch
+       on */
+    build_addr(&addr, (useAnyAddr ? INADDR_ANY : wolfSSLIP), *port, udp);
+    tcp_socket(sockfd, udp);
+
+#if !defined(USE_WINDOWS_API) && !defined(WOLFSSL_MDK_ARM)
+    {
+        int       res, on  = 1;
+        socklen_t len = sizeof(on);
+        res = setsockopt(*sockfd, SOL_SOCKET, SO_REUSEADDR, &on, len);
+        if (res < 0)
+            err_sys("setsockopt SO_REUSEADDR failed\n");
+    }
+#endif
+
+    if (bind(*sockfd, (const struct sockaddr*)&addr, sizeof(addr)) != 0)
+        err_sys("tcp bind failed");
+    if (!udp) {
+        if (listen(*sockfd, 5) != 0)
+            err_sys("tcp listen failed");
+    }
+    #if defined(NO_MAIN_DRIVER) && !defined(USE_WINDOWS_API)
+        if (*port == 0) {
+            socklen_t len = sizeof(addr);
+            if (getsockname(*sockfd, (struct sockaddr*)&addr, &len) == 0) {
+                #ifndef TEST_IPV6
+                    *port = ntohs(addr.sin_port);
+                #else
+                    *port = ntohs(addr.sin6_port);
+                #endif
+            }
+        }
+    #endif
+}
+
+
+static INLINE int udp_read_connect(SOCKET_T sockfd)
+{
+    SOCKADDR_IN_T cliaddr;
+    byte          b[1500];
+    int           n;
+    socklen_t     len = sizeof(cliaddr);
+
+    n = (int)recvfrom(sockfd, (char*)b, sizeof(b), MSG_PEEK,
+                      (struct sockaddr*)&cliaddr, &len);
+    if (n > 0) {
+        if (connect(sockfd, (const struct sockaddr*)&cliaddr,
+                    sizeof(cliaddr)) != 0)
+            err_sys("udp connect failed");
+    }
+    else
+        err_sys("recvfrom failed");
+
+    return sockfd;
+}
+
+static INLINE void udp_accept(SOCKET_T* sockfd, SOCKET_T* clientfd,
+                              int useAnyAddr, word16 port, func_args* args)
+{
+    SOCKADDR_IN_T addr;
+
+    (void)args;
+    build_addr(&addr, (useAnyAddr ? INADDR_ANY : wolfSSLIP), port, 1);
+    tcp_socket(sockfd, 1);
+
+
+#if !defined(USE_WINDOWS_API) && !defined(WOLFSSL_MDK_ARM)
+    {
+        int       res, on  = 1;
+        socklen_t len = sizeof(on);
+        res = setsockopt(*sockfd, SOL_SOCKET, SO_REUSEADDR, &on, len);
+        if (res < 0)
+            err_sys("setsockopt SO_REUSEADDR failed\n");
+    }
+#endif
+
+    if (bind(*sockfd, (const struct sockaddr*)&addr, sizeof(addr)) != 0)
+        err_sys("tcp bind failed");
+
+    #if defined(NO_MAIN_DRIVER) && !defined(USE_WINDOWS_API)
+        if (port == 0) {
+            socklen_t len = sizeof(addr);
+            if (getsockname(*sockfd, (struct sockaddr*)&addr, &len) == 0) {
+                #ifndef TEST_IPV6
+                    port = ntohs(addr.sin_port);
+                #else
+                    port = ntohs(addr.sin6_port);
+                #endif
+            }
+        }
+    #endif
+
+#if defined(_POSIX_THREADS) && defined(NO_MAIN_DRIVER) && !defined(__MINGW32__)
+    /* signal ready to accept data */
+    {
+    tcp_ready* ready = args->signal;
+    pthread_mutex_lock(&ready->mutex);
+    ready->ready = 1;
+    ready->port = port;
+    pthread_cond_signal(&ready->cond);
+    pthread_mutex_unlock(&ready->mutex);
+    }
+#elif defined (WOLFSSL_TIRTOS)
+    /* Need mutex? */
+    tcp_ready* ready = args->signal;
+    ready->ready = 1;
+    ready->port = port;
+#endif
+
+    *clientfd = udp_read_connect(*sockfd);
+}
+
+static INLINE void tcp_accept(SOCKET_T* sockfd, SOCKET_T* clientfd,
+                              func_args* args, word16 port, int useAnyAddr,
+                              int udp, int ready_file)
+{
+    SOCKADDR_IN_T client;
+    socklen_t client_len = sizeof(client);
+
+    if (udp) {
+        udp_accept(sockfd, clientfd, useAnyAddr, port, args);
+        return;
+    }
+
+    tcp_listen(sockfd, &port, useAnyAddr, udp);
+
+#if defined(_POSIX_THREADS) && defined(NO_MAIN_DRIVER) && !defined(__MINGW32__)
+    /* signal ready to tcp_accept */
+    {
+    tcp_ready* ready = args->signal;
+    pthread_mutex_lock(&ready->mutex);
+    ready->ready = 1;
+    ready->port = port;
+    pthread_cond_signal(&ready->cond);
+    pthread_mutex_unlock(&ready->mutex);
+    }
+#elif defined (WOLFSSL_TIRTOS)
+    /* Need mutex? */
+    tcp_ready* ready = args->signal;
+    ready->ready = 1;
+    ready->port = port;
+#endif
+
+    if (ready_file) {
+#ifndef NO_FILESYSTEM
+        FILE* srf = fopen("./server_ready", "w+");
+
+        if (srf) {
+            fputs("ready", srf);
+            fclose(srf);
+        }
+#endif
+    }
+
+    *clientfd = accept(*sockfd, (struct sockaddr*)&client,
+                      (ACCEPT_THIRD_T)&client_len);
+#ifdef USE_WINDOWS_API
+    if (*clientfd == INVALID_SOCKET)
+        err_sys("tcp accept failed");
+#else
+    if (*clientfd == -1)
+        err_sys("tcp accept failed");
+#endif
+}
+
+
+static INLINE void tcp_set_nonblocking(SOCKET_T* sockfd)
+{
+    #ifdef USE_WINDOWS_API 
+        unsigned long blocking = 1;
+        int ret = ioctlsocket(*sockfd, FIONBIO, &blocking);
+        if (ret == SOCKET_ERROR)
+            err_sys("ioctlsocket failed");
+    #elif defined(WOLFSSL_MDK_ARM) || defined (WOLFSSL_TIRTOS)
+         /* non blocking not suppported, for now */ 
+    #else
+        int flags = fcntl(*sockfd, F_GETFL, 0);
+        if (flags < 0)
+            err_sys("fcntl get failed");
+        flags = fcntl(*sockfd, F_SETFL, flags | O_NONBLOCK);
+        if (flags < 0)
+            err_sys("fcntl set failed");
+    #endif
+}
+
+
+#ifndef NO_PSK
+
+static INLINE unsigned int my_psk_client_cb(WOLFSSL* ssl, const char* hint,
+        char* identity, unsigned int id_max_len, unsigned char* key,
+        unsigned int key_max_len)
+{
+    (void)ssl;
+    (void)hint;
+    (void)key_max_len;
+
+    /* identity is OpenSSL testing default for openssl s_client, keep same */
+    strncpy(identity, "Client_identity", id_max_len);
+
+
+    /* test key in hex is 0x1a2b3c4d , in decimal 439,041,101 , we're using
+       unsigned binary */
+    key[0] = 26;
+    key[1] = 43;
+    key[2] = 60;
+    key[3] = 77;
+
+    return 4;   /* length of key in octets or 0 for error */
+}
+
+
+static INLINE unsigned int my_psk_server_cb(WOLFSSL* ssl, const char* identity,
+        unsigned char* key, unsigned int key_max_len)
+{
+    (void)ssl;
+    (void)key_max_len;
+
+    /* identity is OpenSSL testing default for openssl s_client, keep same */
+    if (strncmp(identity, "Client_identity", 15) != 0)
+        return 0;
+
+    /* test key in hex is 0x1a2b3c4d , in decimal 439,041,101 , we're using
+       unsigned binary */
+    key[0] = 26;
+    key[1] = 43;
+    key[2] = 60;
+    key[3] = 77;
+
+    return 4;   /* length of key in octets or 0 for error */
+}
+
+#endif /* NO_PSK */
+
+
+#ifdef USE_WINDOWS_API 
+
+    #define WIN32_LEAN_AND_MEAN
+    #include 
+
+    static INLINE double current_time()
+    {
+        static int init = 0;
+        static LARGE_INTEGER freq;
+    
+        LARGE_INTEGER count;
+
+        if (!init) {
+            QueryPerformanceFrequency(&freq);
+            init = 1;
+        }
+
+        QueryPerformanceCounter(&count);
+
+        return (double)count.QuadPart / freq.QuadPart;
+    }
+
+#elif defined(WOLFSSL_TIRTOS)
+    extern double current_time();
+#else
+
+#if !defined(WOLFSSL_MDK_ARM)
+    #include 
+
+    static INLINE double current_time(void)
+    {
+        struct timeval tv;
+        gettimeofday(&tv, 0);
+
+        return (double)tv.tv_sec + (double)tv.tv_usec / 1000000;
+    }
+        
+#endif
+#endif /* USE_WINDOWS_API */
+
+
+#if defined(NO_FILESYSTEM) && !defined(NO_CERTS)
+
+    enum {
+        WOLFSSL_CA   = 1,
+        WOLFSSL_CERT = 2,
+        WOLFSSL_KEY  = 3
+    };
+
+    static INLINE void load_buffer(WOLFSSL_CTX* ctx, const char* fname, int type)
+    {
+        /* test buffer load */
+        long  sz = 0;
+        byte  buff[10000];
+        FILE* file = fopen(fname, "rb");
+
+        if (!file)
+            err_sys("can't open file for buffer load "
+                    "Please run from wolfSSL home directory if not");
+        fseek(file, 0, SEEK_END);
+        sz = ftell(file);
+        rewind(file);
+        fread(buff, sizeof(buff), 1, file);
+  
+        if (type == WOLFSSL_CA) {
+            if (wolfSSL_CTX_load_verify_buffer(ctx, buff, sz, SSL_FILETYPE_PEM)
+                                              != SSL_SUCCESS)
+                err_sys("can't load buffer ca file");
+        }
+        else if (type == WOLFSSL_CERT) {
+            if (wolfSSL_CTX_use_certificate_buffer(ctx, buff, sz,
+                        SSL_FILETYPE_PEM) != SSL_SUCCESS)
+                err_sys("can't load buffer cert file");
+        }
+        else if (type == WOLFSSL_KEY) {
+            if (wolfSSL_CTX_use_PrivateKey_buffer(ctx, buff, sz,
+                        SSL_FILETYPE_PEM) != SSL_SUCCESS)
+                err_sys("can't load buffer key file");
+        }
+    }
+
+#endif /* NO_FILESYSTEM */
+
+#ifdef VERIFY_CALLBACK
+
+static INLINE int myVerify(int preverify, WOLFSSL_X509_STORE_CTX* store)
+{
+    (void)preverify;
+    char buffer[WOLFSSL_MAX_ERROR_SZ];
+
+#ifdef OPENSSL_EXTRA
+    WOLFSSL_X509* peer;
+#endif
+
+    printf("In verification callback, error = %d, %s\n", store->error,
+                                 wolfSSL_ERR_error_string(store->error, buffer));
+#ifdef OPENSSL_EXTRA
+    peer = store->current_cert;
+    if (peer) {
+        char* issuer  = wolfSSL_X509_NAME_oneline(
+                                       wolfSSL_X509_get_issuer_name(peer), 0, 0);
+        char* subject = wolfSSL_X509_NAME_oneline(
+                                      wolfSSL_X509_get_subject_name(peer), 0, 0);
+        printf("peer's cert info:\n issuer : %s\n subject: %s\n", issuer,
+                                                                  subject);
+        XFREE(subject, 0, DYNAMIC_TYPE_OPENSSL);
+        XFREE(issuer,  0, DYNAMIC_TYPE_OPENSSL);
+    }
+    else
+        printf("peer has no cert!\n");
+#endif
+    printf("Subject's domain name is %s\n", store->domain);
+
+    printf("Allowing to continue anyway (shouldn't do this, EVER!!!)\n");
+    return 1;
+}
+
+#endif /* VERIFY_CALLBACK */
+
+
+static INLINE int myDateCb(int preverify, WOLFSSL_X509_STORE_CTX* store)
+{
+    char buffer[WOLFSSL_MAX_ERROR_SZ];
+    (void)preverify;
+
+    printf("In verification callback, error = %d, %s\n", store->error,
+                                 wolfSSL_ERR_error_string(store->error, buffer));
+    printf("Subject's domain name is %s\n", store->domain);
+
+    if (store->error == ASN_BEFORE_DATE_E || store->error == ASN_AFTER_DATE_E) {
+        printf("Overriding cert date error as example for bad clock testing\n");
+        return 1;
+    }
+    printf("Cert error is not date error, not overriding\n");
+
+    return 0;
+}
+
+
+#ifdef HAVE_CRL
+
+static INLINE void CRL_CallBack(const char* url)
+{
+    printf("CRL callback url = %s\n", url);
+}
+
+#endif
+
+#ifndef NO_CERTS
+
+static INLINE void CaCb(unsigned char* der, int sz, int type)
+{
+    (void)der;
+    printf("Got CA cache add callback, derSz = %d, type = %d\n", sz, type);
+}
+
+
+#ifndef NO_DH
+static INLINE void SetDH(WOLFSSL* ssl)
+{
+    /* dh1024 p */
+    static unsigned char p[] =
+    {
+        0xE6, 0x96, 0x9D, 0x3D, 0x49, 0x5B, 0xE3, 0x2C, 0x7C, 0xF1, 0x80, 0xC3,
+        0xBD, 0xD4, 0x79, 0x8E, 0x91, 0xB7, 0x81, 0x82, 0x51, 0xBB, 0x05, 0x5E,
+        0x2A, 0x20, 0x64, 0x90, 0x4A, 0x79, 0xA7, 0x70, 0xFA, 0x15, 0xA2, 0x59,
+        0xCB, 0xD5, 0x23, 0xA6, 0xA6, 0xEF, 0x09, 0xC4, 0x30, 0x48, 0xD5, 0xA2,
+        0x2F, 0x97, 0x1F, 0x3C, 0x20, 0x12, 0x9B, 0x48, 0x00, 0x0E, 0x6E, 0xDD,
+        0x06, 0x1C, 0xBC, 0x05, 0x3E, 0x37, 0x1D, 0x79, 0x4E, 0x53, 0x27, 0xDF,
+        0x61, 0x1E, 0xBB, 0xBE, 0x1B, 0xAC, 0x9B, 0x5C, 0x60, 0x44, 0xCF, 0x02,
+        0x3D, 0x76, 0xE0, 0x5E, 0xEA, 0x9B, 0xAD, 0x99, 0x1B, 0x13, 0xA6, 0x3C,
+        0x97, 0x4E, 0x9E, 0xF1, 0x83, 0x9E, 0xB5, 0xDB, 0x12, 0x51, 0x36, 0xF7,
+        0x26, 0x2E, 0x56, 0xA8, 0x87, 0x15, 0x38, 0xDF, 0xD8, 0x23, 0xC6, 0x50,
+        0x50, 0x85, 0xE2, 0x1F, 0x0D, 0xD5, 0xC8, 0x6B,
+    };
+
+    /* dh1024 g */
+    static unsigned char g[] =
+    {
+      0x02,
+    };
+
+    wolfSSL_SetTmpDH(ssl, p, sizeof(p), g, sizeof(g));
+}
+
+static INLINE void SetDHCtx(WOLFSSL_CTX* ctx)
+{
+    /* dh1024 p */
+    static unsigned char p[] =
+    {
+        0xE6, 0x96, 0x9D, 0x3D, 0x49, 0x5B, 0xE3, 0x2C, 0x7C, 0xF1, 0x80, 0xC3,
+        0xBD, 0xD4, 0x79, 0x8E, 0x91, 0xB7, 0x81, 0x82, 0x51, 0xBB, 0x05, 0x5E,
+        0x2A, 0x20, 0x64, 0x90, 0x4A, 0x79, 0xA7, 0x70, 0xFA, 0x15, 0xA2, 0x59,
+        0xCB, 0xD5, 0x23, 0xA6, 0xA6, 0xEF, 0x09, 0xC4, 0x30, 0x48, 0xD5, 0xA2,
+        0x2F, 0x97, 0x1F, 0x3C, 0x20, 0x12, 0x9B, 0x48, 0x00, 0x0E, 0x6E, 0xDD,
+        0x06, 0x1C, 0xBC, 0x05, 0x3E, 0x37, 0x1D, 0x79, 0x4E, 0x53, 0x27, 0xDF,
+        0x61, 0x1E, 0xBB, 0xBE, 0x1B, 0xAC, 0x9B, 0x5C, 0x60, 0x44, 0xCF, 0x02,
+        0x3D, 0x76, 0xE0, 0x5E, 0xEA, 0x9B, 0xAD, 0x99, 0x1B, 0x13, 0xA6, 0x3C,
+        0x97, 0x4E, 0x9E, 0xF1, 0x83, 0x9E, 0xB5, 0xDB, 0x12, 0x51, 0x36, 0xF7,
+        0x26, 0x2E, 0x56, 0xA8, 0x87, 0x15, 0x38, 0xDF, 0xD8, 0x23, 0xC6, 0x50,
+        0x50, 0x85, 0xE2, 0x1F, 0x0D, 0xD5, 0xC8, 0x6B,
+    };
+
+    /* dh1024 g */
+    static unsigned char g[] =
+    {
+      0x02,
+    };
+
+    wolfSSL_CTX_SetTmpDH(ctx, p, sizeof(p), g, sizeof(g));
+}
+#endif /* NO_DH */
+#endif /* !NO_CERTS */
+
+#ifdef HAVE_CAVIUM
+
+static INLINE int OpenNitroxDevice(int dma_mode,int dev_id)
+{
+   Csp1CoreAssignment core_assign;
+   Uint32             device;
+
+   if (CspInitialize(CAVIUM_DIRECT,CAVIUM_DEV_ID))
+      return -1;
+   if (Csp1GetDevType(&device))
+      return -1;
+   if (device != NPX_DEVICE) {
+      if (ioctl(gpkpdev_hdlr[CAVIUM_DEV_ID], IOCTL_CSP1_GET_CORE_ASSIGNMENT,
+                (Uint32 *)&core_assign)!= 0)
+         return -1;
+   }
+   CspShutdown(CAVIUM_DEV_ID);
+
+   return CspInitialize(dma_mode, dev_id);
+}
+
+#endif /* HAVE_CAVIUM */
+
+
+#ifdef USE_WINDOWS_API 
+
+/* do back x number of directories */
+static INLINE void ChangeDirBack(int x)
+{
+    char path[MAX_PATH];
+
+    if (x == 1)
+        strncpy(path, "..\\", MAX_PATH);
+    else if (x == 2)
+        strncpy(path, "..\\..\\", MAX_PATH);
+    else if (x == 3)
+        strncpy(path, "..\\..\\..\\", MAX_PATH);
+    else if (x == 4)
+        strncpy(path, "..\\..\\..\\..\\", MAX_PATH);
+    else
+        strncpy(path, ".\\", MAX_PATH);
+    
+    SetCurrentDirectoryA(path);
+}
+
+/* does current dir contain str */
+static INLINE int CurrentDir(const char* str)
+{
+    char  path[MAX_PATH];
+    char* baseName;
+
+    GetCurrentDirectoryA(sizeof(path), path);
+
+    baseName = strrchr(path, '\\');
+    if (baseName)
+        baseName++;
+    else
+        baseName = path;
+
+    if (strstr(baseName, str))
+        return 1;
+
+    return 0;
+}
+
+#elif defined(WOLFSSL_MDK_ARM)
+    /* KEIL-RL File System does not support relative directry */
+#elif defined(WOLFSSL_TIRTOS)
+#else
+
+#ifndef MAX_PATH
+    #define MAX_PATH 256
+#endif
+
+/* do back x number of directories */
+static INLINE void ChangeDirBack(int x)
+{
+    char path[MAX_PATH];
+
+    if (x == 1)
+        strncpy(path, "../", MAX_PATH);
+    else if (x == 2)
+        strncpy(path, "../../", MAX_PATH);
+    else if (x == 3)
+        strncpy(path, "../../../", MAX_PATH);
+    else if (x == 4)
+        strncpy(path, "../../../../", MAX_PATH);
+    else
+        strncpy(path, "./", MAX_PATH);
+    
+    if (chdir(path) < 0)
+        printf("chdir to %s failed\n", path);
+}
+
+/* does current dir contain str */
+static INLINE int CurrentDir(const char* str)
+{
+    char  path[MAX_PATH];
+    char* baseName;
+
+    if (getcwd(path, sizeof(path)) == NULL) {
+        printf("no current dir?\n");
+        return 0;
+    }
+
+    baseName = strrchr(path, '/');
+    if (baseName)
+        baseName++;
+    else
+        baseName = path;
+
+    if (strstr(baseName, str))
+        return 1;
+
+    return 0;
+}
+
+#endif /* USE_WINDOWS_API */
+
+
+#ifdef USE_WOLFSSL_MEMORY
+
+    typedef struct memoryStats {
+        size_t totalAllocs;     /* number of allocations */
+        size_t totalBytes;      /* total number of bytes allocated */
+        size_t peakBytes;       /* concurrent max bytes */
+        size_t currentBytes;    /* total current bytes in use */
+    } memoryStats;
+
+    typedef struct memHint {
+        size_t thisSize;      /* size of this memory */
+        void*  thisMemory;    /* actual memory for user */
+    } memHint;
+
+    typedef struct memoryTrack {
+        union {
+            memHint hint;
+            byte    alignit[16];   /* make sure we have strong alignment */
+        } u;
+    } memoryTrack;
+
+    #if defined(WOLFSSL_TRACK_MEMORY)
+        #define DO_MEM_STATS
+        static memoryStats ourMemStats;
+    #endif
+
+    static INLINE void* TrackMalloc(size_t sz)
+    {
+        memoryTrack* mt;
+
+        if (sz == 0)
+            return NULL;
+
+        mt = (memoryTrack*)malloc(sizeof(memoryTrack) + sz);
+        if (mt == NULL)
+            return NULL;
+
+        mt->u.hint.thisSize   = sz;
+        mt->u.hint.thisMemory = (byte*)mt + sizeof(memoryTrack);
+
+#ifdef DO_MEM_STATS
+        ourMemStats.totalAllocs++;
+        ourMemStats.totalBytes   += sz;
+        ourMemStats.currentBytes += sz;
+        if (ourMemStats.currentBytes > ourMemStats.peakBytes)
+            ourMemStats.peakBytes = ourMemStats.currentBytes;
+#endif
+
+        return mt->u.hint.thisMemory;
+    }
+
+
+    static INLINE void TrackFree(void* ptr)
+    {
+        memoryTrack* mt;
+
+        if (ptr == NULL)
+            return;
+
+        mt = (memoryTrack*)ptr;
+        --mt;   /* same as minus sizeof(memoryTrack), removes header */
+
+#ifdef DO_MEM_STATS 
+        ourMemStats.currentBytes -= mt->u.hint.thisSize; 
+#endif
+
+        free(mt);
+    }
+
+
+    static INLINE void* TrackRealloc(void* ptr, size_t sz)
+    {
+        void* ret = TrackMalloc(sz);
+
+        if (ptr) {
+            /* if realloc is bigger, don't overread old ptr */
+            memoryTrack* mt = (memoryTrack*)ptr;
+            --mt;  /* same as minus sizeof(memoryTrack), removes header */
+
+            if (mt->u.hint.thisSize < sz)
+                sz = mt->u.hint.thisSize;
+        }
+
+        if (ret && ptr)
+            memcpy(ret, ptr, sz);
+
+        if (ret)
+            TrackFree(ptr);
+
+        return ret;
+    }
+
+    static INLINE void InitMemoryTracker(void) 
+    {
+        if (wolfSSL_SetAllocators(TrackMalloc, TrackFree, TrackRealloc) != 0)
+            err_sys("wolfSSL SetAllocators failed for track memory");
+
+    #ifdef DO_MEM_STATS
+        ourMemStats.totalAllocs  = 0;
+        ourMemStats.totalBytes   = 0;
+        ourMemStats.peakBytes    = 0;
+        ourMemStats.currentBytes = 0;
+    #endif
+    }
+
+    static INLINE void ShowMemoryTracker(void) 
+    {
+    #ifdef DO_MEM_STATS 
+        printf("total   Allocs = %9lu\n",
+                                       (unsigned long)ourMemStats.totalAllocs);
+        printf("total   Bytes  = %9lu\n",
+                                       (unsigned long)ourMemStats.totalBytes);
+        printf("peak    Bytes  = %9lu\n",
+                                       (unsigned long)ourMemStats.peakBytes);
+        printf("current Bytes  = %9lu\n",
+                                       (unsigned long)ourMemStats.currentBytes);
+    #endif
+    }
+
+#endif /* USE_WOLFSSL_MEMORY */
+
+
+#ifdef HAVE_STACK_SIZE
+
+typedef THREAD_RETURN WOLFSSL_THREAD (*thread_func)(void* args);
+
+
+static INLINE void StackSizeCheck(func_args* args, thread_func tf)
+{
+    int            ret, i, used;
+    unsigned char* myStack;
+    int            stackSize = 1024*128;
+    pthread_attr_t myAttr;
+    pthread_t      threadId;
+
+#ifdef PTHREAD_STACK_MIN
+    if (stackSize < PTHREAD_STACK_MIN)
+        stackSize = PTHREAD_STACK_MIN;
+#endif
+
+    ret = posix_memalign((void**)&myStack, sysconf(_SC_PAGESIZE), stackSize);
+    if (ret != 0) 
+        err_sys("posix_memalign failed\n");        
+
+    memset(myStack, 0x01, stackSize);
+
+    ret = pthread_attr_init(&myAttr);
+    if (ret != 0)
+        err_sys("attr_init failed");
+
+    ret = pthread_attr_setstack(&myAttr, myStack, stackSize);
+    if (ret != 0)
+        err_sys("attr_setstackaddr failed");
+
+    ret = pthread_create(&threadId, &myAttr, tf, args);
+    if (ret != 0) {
+        perror("pthread_create failed");
+        exit(EXIT_FAILURE);
+    }
+
+    ret = pthread_join(threadId, NULL);
+    if (ret != 0)
+        err_sys("pthread_join failed");
+
+    for (i = 0; i < stackSize; i++) {
+        if (myStack[i] != 0x01) {
+            break;
+        }
+    }
+
+    used = stackSize - i;
+    printf("stack used = %d\n", used);
+}
+
+
+#endif /* HAVE_STACK_SIZE */
+
+
+#ifdef STACK_TRAP
+
+/* good settings
+   --enable-debug --disable-shared C_EXTRA_FLAGS="-DUSER_TIME -DTFM_TIMING_RESISTANT -DPOSITIVE_EXP_ONLY -DSTACK_TRAP"
+
+*/
+
+#ifdef HAVE_STACK_SIZE
+    /* client only for now, setrlimit will fail if pthread_create() called */
+    /* STACK_SIZE does pthread_create() on client */
+    #error "can't use STACK_TRAP with STACK_SIZE, setrlimit will fail"
+#endif /* HAVE_STACK_SIZE */
+
+static INLINE void StackTrap(void)
+{
+    struct rlimit  rl;
+    if (getrlimit(RLIMIT_STACK, &rl) != 0)
+        err_sys("getrlimit failed");
+    printf("rlim_cur = %llu\n", rl.rlim_cur);
+    rl.rlim_cur = 1024*21;  /* adjust trap size here */
+    if (setrlimit(RLIMIT_STACK, &rl) != 0) {
+        perror("setrlimit");
+        err_sys("setrlimit failed");
+    }
+}
+
+#else /* STACK_TRAP */
+
+static INLINE void StackTrap(void)
+{
+}
+
+#endif /* STACK_TRAP */
+
+
+#ifdef ATOMIC_USER
+
+/* Atomic Encrypt Context example */
+typedef struct AtomicEncCtx {
+    int  keySetup;           /* have we done key setup yet */
+    Aes  aes;                /* for aes example */
+} AtomicEncCtx;
+
+
+/* Atomic Decrypt Context example */
+typedef struct AtomicDecCtx {
+    int  keySetup;           /* have we done key setup yet */
+    Aes  aes;                /* for aes example */
+} AtomicDecCtx;
+
+
+static INLINE int myMacEncryptCb(WOLFSSL* ssl, unsigned char* macOut, 
+       const unsigned char* macIn, unsigned int macInSz, int macContent, 
+       int macVerify, unsigned char* encOut, const unsigned char* encIn,
+       unsigned int encSz, void* ctx)
+{
+    int  ret;
+    Hmac hmac;
+    byte myInner[WOLFSSL_TLS_HMAC_INNER_SZ];
+    AtomicEncCtx* encCtx = (AtomicEncCtx*)ctx;
+    const char* tlsStr = "TLS";
+
+    /* example supports (d)tls aes */
+    if (wolfSSL_GetBulkCipher(ssl) != wolfssl_aes) {
+        printf("myMacEncryptCb not using AES\n");
+        return -1;
+    }
+
+    if (strstr(wolfSSL_get_version(ssl), tlsStr) == NULL) {
+        printf("myMacEncryptCb not using (D)TLS\n");
+        return -1;
+    }
+
+    /* hmac, not needed if aead mode */
+    wolfSSL_SetTlsHmacInner(ssl, myInner, macInSz, macContent, macVerify);
+
+    ret = wc_HmacSetKey(&hmac, wolfSSL_GetHmacType(ssl),
+               wolfSSL_GetMacSecret(ssl, macVerify), wolfSSL_GetHmacSize(ssl));
+    if (ret != 0)
+        return ret;
+    ret = wc_HmacUpdate(&hmac, myInner, sizeof(myInner));
+    if (ret != 0)
+        return ret;
+    ret = wc_HmacUpdate(&hmac, macIn, macInSz);
+    if (ret != 0)
+        return ret;
+    ret = wc_HmacFinal(&hmac, macOut);
+    if (ret != 0)
+        return ret;
+
+
+    /* encrypt setup on first time */
+    if (encCtx->keySetup == 0) {
+        int   keyLen = wolfSSL_GetKeySize(ssl);
+        const byte* key;
+        const byte* iv;
+
+        if (wolfSSL_GetSide(ssl) == WOLFSSL_CLIENT_END) {
+            key = wolfSSL_GetClientWriteKey(ssl);
+            iv  = wolfSSL_GetClientWriteIV(ssl);
+        }
+        else {
+            key = wolfSSL_GetServerWriteKey(ssl);
+            iv  = wolfSSL_GetServerWriteIV(ssl);
+        }
+
+        ret = wc_AesSetKey(&encCtx->aes, key, keyLen, iv, AES_ENCRYPTION);
+        if (ret != 0) {
+            printf("AesSetKey failed in myMacEncryptCb\n");
+            return ret;
+        }
+        encCtx->keySetup = 1;
+    }
+
+    /* encrypt */
+    return wc_AesCbcEncrypt(&encCtx->aes, encOut, encIn, encSz);
+}
+
+
+static INLINE int myDecryptVerifyCb(WOLFSSL* ssl, 
+       unsigned char* decOut, const unsigned char* decIn,
+       unsigned int decSz, int macContent, int macVerify,
+       unsigned int* padSz, void* ctx)
+{
+    AtomicDecCtx* decCtx = (AtomicDecCtx*)ctx;
+    int ret      = 0;
+    int macInSz  = 0;
+    int ivExtra  = 0;
+    int digestSz = wolfSSL_GetHmacSize(ssl);
+    unsigned int pad     = 0;
+    unsigned int padByte = 0;
+    Hmac hmac;
+    byte myInner[WOLFSSL_TLS_HMAC_INNER_SZ];
+    byte verify[MAX_DIGEST_SIZE];
+    const char* tlsStr = "TLS";
+
+    /* example supports (d)tls aes */
+    if (wolfSSL_GetBulkCipher(ssl) != wolfssl_aes) {
+        printf("myMacEncryptCb not using AES\n");
+        return -1;
+    }
+
+    if (strstr(wolfSSL_get_version(ssl), tlsStr) == NULL) {
+        printf("myMacEncryptCb not using (D)TLS\n");
+        return -1;
+    }
+
+    /*decrypt */
+    if (decCtx->keySetup == 0) {
+        int   keyLen = wolfSSL_GetKeySize(ssl);
+        const byte* key;
+        const byte* iv;
+
+        /* decrypt is from other side (peer) */
+        if (wolfSSL_GetSide(ssl) == WOLFSSL_SERVER_END) {
+            key = wolfSSL_GetClientWriteKey(ssl);
+            iv  = wolfSSL_GetClientWriteIV(ssl);
+        }
+        else {
+            key = wolfSSL_GetServerWriteKey(ssl);
+            iv  = wolfSSL_GetServerWriteIV(ssl);
+        }
+
+        ret = wc_AesSetKey(&decCtx->aes, key, keyLen, iv, AES_DECRYPTION);
+        if (ret != 0) {
+            printf("AesSetKey failed in myDecryptVerifyCb\n");
+            return ret;
+        }
+        decCtx->keySetup = 1;
+    }
+
+    /* decrypt */
+    ret = wc_AesCbcDecrypt(&decCtx->aes, decOut, decIn, decSz);
+
+    if (wolfSSL_GetCipherType(ssl) == WOLFSSL_AEAD_TYPE) {
+        *padSz = wolfSSL_GetAeadMacSize(ssl);
+        return 0; /* hmac, not needed if aead mode */
+    }
+
+    if (wolfSSL_GetCipherType(ssl) == WOLFSSL_BLOCK_TYPE) {
+        pad     = *(decOut + decSz - 1);
+        padByte = 1;
+        if (wolfSSL_IsTLSv1_1(ssl))
+            ivExtra = wolfSSL_GetCipherBlockSize(ssl);
+    }
+
+    *padSz  = wolfSSL_GetHmacSize(ssl) + pad + padByte;
+    macInSz = decSz - ivExtra - digestSz - pad - padByte;
+
+    wolfSSL_SetTlsHmacInner(ssl, myInner, macInSz, macContent, macVerify);
+
+    ret = wc_HmacSetKey(&hmac, wolfSSL_GetHmacType(ssl),
+               wolfSSL_GetMacSecret(ssl, macVerify), digestSz);
+    if (ret != 0)
+        return ret;
+    ret = wc_HmacUpdate(&hmac, myInner, sizeof(myInner));
+    if (ret != 0)
+        return ret;
+    ret = wc_HmacUpdate(&hmac, decOut + ivExtra, macInSz);
+    if (ret != 0)
+        return ret;
+    ret = wc_HmacFinal(&hmac, verify);
+    if (ret != 0)
+        return ret;
+
+    if (memcmp(verify, decOut + decSz - digestSz - pad - padByte,
+               digestSz) != 0) {
+        printf("myDecryptVerify verify failed\n");
+        return -1;
+    }
+
+    return ret;
+}
+
+
+static INLINE void SetupAtomicUser(WOLFSSL_CTX* ctx, WOLFSSL* ssl)
+{
+    AtomicEncCtx* encCtx;
+    AtomicDecCtx* decCtx;
+
+    encCtx = (AtomicEncCtx*)malloc(sizeof(AtomicEncCtx));
+    if (encCtx == NULL)
+        err_sys("AtomicEncCtx malloc failed");
+    memset(encCtx, 0, sizeof(AtomicEncCtx));
+
+    decCtx = (AtomicDecCtx*)malloc(sizeof(AtomicDecCtx));
+    if (decCtx == NULL) {
+        free(encCtx);
+        err_sys("AtomicDecCtx malloc failed");
+    }
+    memset(decCtx, 0, sizeof(AtomicDecCtx));
+
+    wolfSSL_CTX_SetMacEncryptCb(ctx, myMacEncryptCb);
+    wolfSSL_SetMacEncryptCtx(ssl, encCtx);
+
+    wolfSSL_CTX_SetDecryptVerifyCb(ctx, myDecryptVerifyCb);
+    wolfSSL_SetDecryptVerifyCtx(ssl, decCtx);
+}
+
+
+static INLINE void FreeAtomicUser(WOLFSSL* ssl)
+{
+    AtomicEncCtx* encCtx = (AtomicEncCtx*)wolfSSL_GetMacEncryptCtx(ssl);
+    AtomicDecCtx* decCtx = (AtomicDecCtx*)wolfSSL_GetDecryptVerifyCtx(ssl);
+
+    free(decCtx);
+    free(encCtx);
+}
+
+#endif /* ATOMIC_USER */
+
+
+#ifdef HAVE_PK_CALLBACKS
+
+#ifdef HAVE_ECC
+
+static INLINE int myEccSign(WOLFSSL* ssl, const byte* in, word32 inSz,
+        byte* out, word32* outSz, const byte* key, word32 keySz, void* ctx)
+{
+    RNG     rng;
+    int     ret;
+    word32  idx = 0;
+    ecc_key myKey;
+
+    (void)ssl;
+    (void)ctx;
+
+    ret = wc_InitRng(&rng);
+    if (ret != 0)
+        return ret;
+
+    wc_ecc_init(&myKey);
+    
+    ret = wc_EccPrivateKeyDecode(key, &idx, &myKey, keySz);    
+    if (ret == 0)
+        ret = wc_ecc_sign_hash(in, inSz, out, outSz, &rng, &myKey);
+    wc_ecc_free(&myKey);
+
+    return ret;
+}
+
+
+static INLINE int myEccVerify(WOLFSSL* ssl, const byte* sig, word32 sigSz,
+        const byte* hash, word32 hashSz, const byte* key, word32 keySz,
+        int* result, void* ctx)
+{
+    int     ret;
+    ecc_key myKey;
+
+    (void)ssl;
+    (void)ctx;
+
+    wc_ecc_init(&myKey);
+    
+    ret = wc_ecc_import_x963(key, keySz, &myKey);
+    if (ret == 0)
+        ret = wc_ecc_verify_hash(sig, sigSz, hash, hashSz, result, &myKey);
+    wc_ecc_free(&myKey);
+
+    return ret;
+}
+
+#endif /* HAVE_ECC */
+
+#ifndef NO_RSA
+
+static INLINE int myRsaSign(WOLFSSL* ssl, const byte* in, word32 inSz,
+        byte* out, word32* outSz, const byte* key, word32 keySz, void* ctx)
+{
+    RNG     rng;
+    int     ret;
+    word32  idx = 0;
+    RsaKey  myKey;
+
+    (void)ssl;
+    (void)ctx;
+
+    ret = wc_InitRng(&rng);
+    if (ret != 0)
+        return ret;
+
+    wc_InitRsaKey(&myKey, NULL);
+    
+    ret = wc_RsaPrivateKeyDecode(key, &idx, &myKey, keySz);    
+    if (ret == 0)
+        ret = wc_RsaSSL_Sign(in, inSz, out, *outSz, &myKey, &rng);
+    if (ret > 0) {  /* save and convert to 0 success */
+        *outSz = ret;
+        ret = 0;
+    }
+    wc_FreeRsaKey(&myKey);
+
+    return ret;
+}
+
+
+static INLINE int myRsaVerify(WOLFSSL* ssl, byte* sig, word32 sigSz,
+        byte** out,
+        const byte* key, word32 keySz,
+        void* ctx)
+{
+    int     ret;
+    word32  idx = 0;
+    RsaKey  myKey;
+
+    (void)ssl;
+    (void)ctx;
+
+    wc_InitRsaKey(&myKey, NULL);
+
+    ret = wc_RsaPublicKeyDecode(key, &idx, &myKey, keySz);
+    if (ret == 0)
+        ret = wc_RsaSSL_VerifyInline(sig, sigSz, out, &myKey);
+    wc_FreeRsaKey(&myKey);
+
+    return ret;
+}
+
+
+static INLINE int myRsaEnc(WOLFSSL* ssl, const byte* in, word32 inSz,
+                           byte* out, word32* outSz, const byte* key,
+                           word32 keySz, void* ctx)
+{
+    int     ret;
+    word32  idx = 0;
+    RsaKey  myKey;
+    RNG     rng;
+
+    (void)ssl;
+    (void)ctx;
+
+    ret = wc_InitRng(&rng);
+    if (ret != 0)
+        return ret;
+
+    wc_InitRsaKey(&myKey, NULL);
+    
+    ret = wc_RsaPublicKeyDecode(key, &idx, &myKey, keySz);
+    if (ret == 0) {
+        ret = wc_RsaPublicEncrypt(in, inSz, out, *outSz, &myKey, &rng);
+        if (ret > 0) {
+            *outSz = ret;
+            ret = 0;  /* reset to success */
+        }
+    }
+    wc_FreeRsaKey(&myKey);
+
+    return ret;
+}
+
+static INLINE int myRsaDec(WOLFSSL* ssl, byte* in, word32 inSz,
+                           byte** out,
+                           const byte* key, word32 keySz, void* ctx)
+{
+    int     ret;
+    word32  idx = 0;
+    RsaKey  myKey;
+
+    (void)ssl;
+    (void)ctx;
+
+    wc_InitRsaKey(&myKey, NULL);
+
+    ret = wc_RsaPrivateKeyDecode(key, &idx, &myKey, keySz);
+    if (ret == 0) {
+        ret = wc_RsaPrivateDecryptInline(in, inSz, out, &myKey);
+    }
+    wc_FreeRsaKey(&myKey);
+
+    return ret;
+}
+
+#endif /* NO_RSA */
+
+static INLINE void SetupPkCallbacks(WOLFSSL_CTX* ctx, WOLFSSL* ssl)
+{
+    (void)ctx;
+    (void)ssl;
+
+    #ifdef HAVE_ECC
+        wolfSSL_CTX_SetEccSignCb(ctx, myEccSign);
+        wolfSSL_CTX_SetEccVerifyCb(ctx, myEccVerify);
+    #endif /* HAVE_ECC */
+    #ifndef NO_RSA 
+        wolfSSL_CTX_SetRsaSignCb(ctx, myRsaSign);
+        wolfSSL_CTX_SetRsaVerifyCb(ctx, myRsaVerify);
+        wolfSSL_CTX_SetRsaEncCb(ctx, myRsaEnc);
+        wolfSSL_CTX_SetRsaDecCb(ctx, myRsaDec);
+    #endif /* NO_RSA */
+}
+
+#endif /* HAVE_PK_CALLBACKS */
+
+
+
+
+
+#if defined(__hpux__) || defined(__MINGW32__) || defined (WOLFSSL_TIRTOS)
+
+/* HP/UX doesn't have strsep, needed by test/suites.c */
+static INLINE char* strsep(char **stringp, const char *delim)
+{
+    char* start;
+    char* end;
+
+    start = *stringp;
+    if (start == NULL)
+        return NULL;
+
+    if ((end = strpbrk(start, delim))) {
+        *end++ = '\0';
+        *stringp = end;
+    } else {
+        *stringp = NULL;
+    }
+
+    return start;
+}
+
+#endif /* __hpux__ */
+
+/* Create unique filename, len is length of tempfn name, assuming
+   len does not include null terminating character,
+   num is number of characters in tempfn name to randomize */
+static INLINE const char* mymktemp(char *tempfn, int len, int num)
+{
+    int x, size;
+    static const char alphanum[] = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ"
+                                   "abcdefghijklmnopqrstuvwxyz";
+    RNG rng;
+    byte out;
+
+    if (tempfn == NULL || len < 1 || num < 1 || len <= num) {
+        printf("Bad input\n");
+        return NULL;
+    }
+
+    size = len - 1;
+
+    if (wc_InitRng(&rng) != 0) {
+        printf("InitRng failed\n");
+        return NULL;
+    }
+
+    for (x = size; x > size - num; x--) {
+        if (wc_RNG_GenerateBlock(&rng,(byte*)&out, sizeof(out)) != 0) {
+            printf("RNG_GenerateBlock failed\n");
+            return NULL;
+        }
+        tempfn[x] = alphanum[out % (sizeof(alphanum) - 1)];
+    }
+    tempfn[len] = '\0';
+
+#if defined(HAVE_HASHDRBG)
+    wc_FreeRng(&rng);
+#endif
+
+    return tempfn;
+}
+
+#endif /* wolfSSL_TEST_H */
+
diff --git a/3P/wolfssl/wolfssl/version.h b/3P/wolfssl/wolfssl/version.h
new file mode 100644
index 00000000..414af9bd
--- /dev/null
+++ b/3P/wolfssl/wolfssl/version.h
@@ -0,0 +1,35 @@
+/* wolfssl_version.h.in
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#pragma once
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#define LIBWOLFSSL_VERSION_STRING "3.4.0"
+#define LIBWOLFSSL_VERSION_HEX 0x03004000
+
+#ifdef __cplusplus
+}
+#endif
+
diff --git a/3P/wolfssl/wolfssl/version.h.in b/3P/wolfssl/wolfssl/version.h.in
new file mode 100644
index 00000000..966ff5a6
--- /dev/null
+++ b/3P/wolfssl/wolfssl/version.h.in
@@ -0,0 +1,35 @@
+/* wolfssl_version.h.in
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#pragma once
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#define LIBWOLFSSL_VERSION_STRING "@VERSION@"
+#define LIBWOLFSSL_VERSION_HEX @HEX_VERSION@
+
+#ifdef __cplusplus
+}
+#endif
+
diff --git a/3P/wolfssl/wolfssl/wolfcrypt/aes.h b/3P/wolfssl/wolfssl/wolfcrypt/aes.h
new file mode 100644
index 00000000..a4c620de
--- /dev/null
+++ b/3P/wolfssl/wolfssl/wolfcrypt/aes.h
@@ -0,0 +1,187 @@
+/* aes.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#ifndef NO_AES
+
+#ifndef WOLF_CRYPT_AES_H
+#define WOLF_CRYPT_AES_H
+
+
+#include 
+
+/* included for fips @wc_fips */
+#ifdef HAVE_FIPS
+#include 
+#if defined(CYASSL_AES_COUNTER) && !defined(WOLFSSL_AES_COUNTER)
+    #define WOLFSSL_AES_COUNTER
+#endif
+#if !defined(WOLFSSL_AES_DIRECT) && defined(CYASSL_AES_DIRECT)
+    #define WOLFSSL_AES_DIRECT
+#endif
+#endif
+
+#ifndef HAVE_FIPS /* to avoid redefinition of macros */
+#ifdef HAVE_CAVIUM
+    #include 
+    #include "cavium_common.h"
+#endif
+
+#ifdef WOLFSSL_AESNI
+
+#include 
+
+#if !defined (ALIGN16)
+    #if defined (__GNUC__)
+        #define ALIGN16 __attribute__ ( (aligned (16)))
+    #elif defined(_MSC_VER)
+        /* disable align warning, we want alignment ! */
+        #pragma warning(disable: 4324)
+        #define ALIGN16 __declspec (align (16))
+    #else
+        #define ALIGN16
+    #endif
+#endif
+
+#endif /* WOLFSSL_AESNI */
+
+#if !defined (ALIGN16)
+    #define ALIGN16
+#endif
+#endif /* HAVE_FIPS */
+
+#ifdef __cplusplus
+    extern "C" {
+#endif
+
+#ifndef HAVE_FIPS /* to avoid redefinition of structures */
+#define WOLFSSL_AES_CAVIUM_MAGIC 0xBEEF0002
+
+enum {
+    AES_ENC_TYPE   = 1,   /* cipher unique type */
+    AES_ENCRYPTION = 0,
+    AES_DECRYPTION = 1,
+    AES_BLOCK_SIZE = 16
+};
+
+
+typedef struct Aes {
+    /* AESNI needs key first, rounds 2nd, not sure why yet */
+    ALIGN16 word32 key[60];
+    word32  rounds;
+
+    ALIGN16 word32 reg[AES_BLOCK_SIZE / sizeof(word32)];      /* for CBC mode */
+    ALIGN16 word32 tmp[AES_BLOCK_SIZE / sizeof(word32)];      /* same         */
+
+#ifdef HAVE_AESGCM
+    ALIGN16 byte H[AES_BLOCK_SIZE];
+#ifdef GCM_TABLE
+    /* key-based fast multiplication table. */
+    ALIGN16 byte M0[256][AES_BLOCK_SIZE];
+#endif /* GCM_TABLE */
+#endif /* HAVE_AESGCM */
+#ifdef WOLFSSL_AESNI
+    byte use_aesni;
+#endif /* WOLFSSL_AESNI */
+#ifdef HAVE_CAVIUM
+    AesType type;            /* aes key type */
+    int     devId;           /* nitrox device id */
+    word32  magic;           /* using cavium magic */
+    word64  contextHandle;   /* nitrox context memory handle */
+#endif
+#ifdef WOLFSSL_AES_COUNTER
+    word32  left;            /* unsued bytes left from last call */
+#endif
+#ifdef WOLFSSL_PIC32MZ_CRYPT
+    word32 key_ce[AES_BLOCK_SIZE*2/sizeof(word32)] ;
+    word32 iv_ce [AES_BLOCK_SIZE  /sizeof(word32)] ;
+    int    keylen ;
+#endif
+} Aes;
+
+
+#ifdef HAVE_AESGCM
+typedef struct Gmac {
+    Aes aes;
+} Gmac;
+#endif /* HAVE_AESGCM */
+#endif /* HAVE_FIPS */
+
+ WOLFSSL_API int  wc_AesSetKey(Aes* aes, const byte* key, word32 len, const byte* iv,
+                          int dir);
+ WOLFSSL_API int  wc_AesSetIV(Aes* aes, const byte* iv);
+ WOLFSSL_API int  wc_AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz);
+ WOLFSSL_API int  wc_AesCbcDecrypt(Aes* aes, byte* out, const byte* in, word32 sz);
+ WOLFSSL_API int  wc_AesCbcDecryptWithKey(byte* out, const byte* in, word32 inSz,
+                                 const byte* key, word32 keySz, const byte* iv);
+
+/* AES-CTR */
+#ifdef WOLFSSL_AES_COUNTER
+ WOLFSSL_API void wc_AesCtrEncrypt(Aes* aes, byte* out, const byte* in, word32 sz);
+#endif
+/* AES-DIRECT */
+#if defined(WOLFSSL_AES_DIRECT)
+ WOLFSSL_API void wc_AesEncryptDirect(Aes* aes, byte* out, const byte* in);
+ WOLFSSL_API void wc_AesDecryptDirect(Aes* aes, byte* out, const byte* in);
+ WOLFSSL_API int  wc_AesSetKeyDirect(Aes* aes, const byte* key, word32 len,
+                                const byte* iv, int dir);
+#endif
+#ifdef HAVE_AESGCM
+ WOLFSSL_API int  wc_AesGcmSetKey(Aes* aes, const byte* key, word32 len);
+ WOLFSSL_API int  wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
+                              const byte* iv, word32 ivSz,
+                              byte* authTag, word32 authTagSz,
+                              const byte* authIn, word32 authInSz);
+ WOLFSSL_API int  wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
+                              const byte* iv, word32 ivSz,
+                              const byte* authTag, word32 authTagSz,
+                              const byte* authIn, word32 authInSz);
+
+ WOLFSSL_API int wc_GmacSetKey(Gmac* gmac, const byte* key, word32 len);
+ WOLFSSL_API int wc_GmacUpdate(Gmac* gmac, const byte* iv, word32 ivSz,
+                              const byte* authIn, word32 authInSz,
+                              byte* authTag, word32 authTagSz);
+#endif /* HAVE_AESGCM */
+#ifdef HAVE_AESCCM
+ WOLFSSL_API void wc_AesCcmSetKey(Aes* aes, const byte* key, word32 keySz);
+ WOLFSSL_API void wc_AesCcmEncrypt(Aes* aes, byte* out, const byte* in, word32 inSz,
+                              const byte* nonce, word32 nonceSz,
+                              byte* authTag, word32 authTagSz,
+                              const byte* authIn, word32 authInSz);
+ WOLFSSL_API int  wc_AesCcmDecrypt(Aes* aes, byte* out, const byte* in, word32 inSz,
+                              const byte* nonce, word32 nonceSz,
+                              const byte* authTag, word32 authTagSz,
+                              const byte* authIn, word32 authInSz);
+#endif /* HAVE_AESCCM */
+
+#ifdef HAVE_CAVIUM
+     WOLFSSL_API int  wc_AesInitCavium(Aes*, int);
+     WOLFSSL_API void wc_AesFreeCavium(Aes*);
+#endif
+
+#ifdef __cplusplus
+    } /* extern "C" */
+#endif
+
+
+#endif /* WOLF_CRYPT_AES_H */
+#endif /* NO_AES */
+
diff --git a/3P/wolfssl/wolfssl/wolfcrypt/arc4.h b/3P/wolfssl/wolfssl/wolfcrypt/arc4.h
new file mode 100644
index 00000000..32fb8976
--- /dev/null
+++ b/3P/wolfssl/wolfssl/wolfcrypt/arc4.h
@@ -0,0 +1,68 @@
+/* arc4.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#ifndef WOLF_CRYPT_ARC4_H
+#define WOLF_CRYPT_ARC4_H
+
+
+#include 
+
+
+#ifdef __cplusplus
+    extern "C" {
+#endif
+
+
+#define WOLFSSL_ARC4_CAVIUM_MAGIC 0xBEEF0001
+
+enum {
+	ARC4_ENC_TYPE   = 4,    /* cipher unique type */
+    ARC4_STATE_SIZE = 256
+};
+
+/* ARC4 encryption and decryption */
+typedef struct Arc4 {
+    byte x;
+    byte y;
+    byte state[ARC4_STATE_SIZE];
+#ifdef HAVE_CAVIUM
+    int    devId;           /* nitrox device id */
+    word32 magic;           /* using cavium magic */
+    word64 contextHandle;   /* nitrox context memory handle */
+#endif
+} Arc4;
+
+WOLFSSL_API void wc_Arc4Process(Arc4*, byte*, const byte*, word32);
+WOLFSSL_API void wc_Arc4SetKey(Arc4*, const byte*, word32);
+
+#ifdef HAVE_CAVIUM
+    WOLFSSL_API int  wc_Arc4InitCavium(Arc4*, int);
+    WOLFSSL_API void wc_Arc4FreeCavium(Arc4*);
+#endif
+
+#ifdef __cplusplus
+    } /* extern "C" */
+#endif
+
+
+#endif /* WOLF_CRYPT_ARC4_H */
+
diff --git a/3P/wolfssl/wolfssl/wolfcrypt/asn.h b/3P/wolfssl/wolfssl/wolfcrypt/asn.h
new file mode 100644
index 00000000..cf89bf32
--- /dev/null
+++ b/3P/wolfssl/wolfssl/wolfcrypt/asn.h
@@ -0,0 +1,734 @@
+/* asn.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+#ifndef NO_ASN
+
+#ifndef WOLF_CRYPT_ASN_H
+#define WOLF_CRYPT_ASN_H
+
+#include 
+#ifndef NO_RSA
+    #include 
+#endif
+
+/* fips declare of RsaPrivateKeyDecode @wc_fips */
+#if defined(HAVE_FIPS) && !defined(NO_RSA)
+    #include 
+#endif
+
+#ifndef NO_DH
+    #include 
+#endif
+#ifndef NO_DSA
+    #include 
+#endif
+#ifndef NO_SHA
+    #include 
+#endif
+#ifndef NO_MD5
+    #include 
+#endif
+#include    /* public interface */
+#ifdef HAVE_ECC
+    #include 
+#endif
+
+#ifdef __cplusplus
+    extern "C" {
+#endif
+
+
+enum {
+    ISSUER  = 0,
+    SUBJECT = 1,
+
+    EXTERNAL_SERIAL_SIZE = 32,
+
+    BEFORE  = 0,
+    AFTER   = 1
+};
+
+/* ASN Tags   */
+enum ASN_Tags {
+    ASN_BOOLEAN           = 0x01,
+    ASN_INTEGER           = 0x02,
+    ASN_BIT_STRING        = 0x03,
+    ASN_OCTET_STRING      = 0x04,
+    ASN_TAG_NULL          = 0x05,
+    ASN_OBJECT_ID         = 0x06,
+    ASN_ENUMERATED        = 0x0a,
+    ASN_UTF8STRING        = 0x0c,
+    ASN_SEQUENCE          = 0x10,
+    ASN_SET               = 0x11,
+    ASN_UTC_TIME          = 0x17,
+    ASN_OTHER_TYPE        = 0x00,
+    ASN_RFC822_TYPE       = 0x01,
+    ASN_DNS_TYPE          = 0x02,
+    ASN_DIR_TYPE          = 0x04,
+    ASN_GENERALIZED_TIME  = 0x18,
+    CRL_EXTENSIONS        = 0xa0,
+    ASN_EXTENSIONS        = 0xa3,
+    ASN_LONG_LENGTH       = 0x80
+};
+
+enum  ASN_Flags{
+    ASN_CONSTRUCTED       = 0x20,
+    ASN_CONTEXT_SPECIFIC  = 0x80
+};
+
+enum DN_Tags {
+    ASN_COMMON_NAME   = 0x03,   /* CN */
+    ASN_SUR_NAME      = 0x04,   /* SN */
+    ASN_SERIAL_NUMBER = 0x05,   /* serialNumber */
+    ASN_COUNTRY_NAME  = 0x06,   /* C  */
+    ASN_LOCALITY_NAME = 0x07,   /* L  */
+    ASN_STATE_NAME    = 0x08,   /* ST */
+    ASN_ORG_NAME      = 0x0a,   /* O  */
+    ASN_ORGUNIT_NAME  = 0x0b    /* OU */
+};
+
+enum PBES {
+    PBE_MD5_DES      = 0,
+    PBE_SHA1_DES     = 1,
+    PBE_SHA1_DES3    = 2,
+    PBE_SHA1_RC4_128 = 3,
+    PBES2            = 13       /* algo ID */
+};
+
+enum ENCRYPTION_TYPES {
+    DES_TYPE  = 0,
+    DES3_TYPE = 1,
+    RC4_TYPE  = 2
+};
+
+enum ECC_TYPES {
+    ECC_PREFIX_0 = 160,
+    ECC_PREFIX_1 = 161
+};
+
+enum Misc_ASN {
+    ASN_NAME_MAX        = 256,
+    MAX_SALT_SIZE       =  64,     /* MAX PKCS Salt length */
+    MAX_IV_SIZE         =  64,     /* MAX PKCS Iv length */
+    MAX_KEY_SIZE        =  64,     /* MAX PKCS Key  length */
+    PKCS5               =   5,     /* PKCS oid tag */
+    PKCS5v2             =   6,     /* PKCS #5 v2.0 */
+    PKCS12              =  12,     /* PKCS #12 */
+    MAX_UNICODE_SZ      = 256,
+    ASN_BOOL_SIZE       =   2,     /* including type */
+    ASN_ECC_HEADER_SZ   =   2,     /* String type + 1 byte len */
+    ASN_ECC_CONTEXT_SZ  =   2,     /* Content specific type + 1 byte len */
+    SHA_SIZE            =  20,
+    RSA_INTS            =   8,     /* RSA ints in private key */
+    MIN_DATE_SIZE       =  13,
+    MAX_DATE_SIZE       =  32,
+    ASN_GEN_TIME_SZ     =  15,     /* 7 numbers * 2 + Zulu tag */
+    MAX_ENCODED_SIG_SZ  = 512,
+    MAX_SIG_SZ          = 256,
+    MAX_ALGO_SZ         =  20,
+    MAX_SEQ_SZ          =   5,     /* enum(seq | con) + length(4) */
+    MAX_SET_SZ          =   5,     /* enum(set | con) + length(4) */
+    MAX_OCTET_STR_SZ    =   5,     /* enum(set | con) + length(4) */
+    MAX_EXP_SZ          =   5,     /* enum(contextspec|con|exp) + length(4) */
+    MAX_PRSTR_SZ        =   5,     /* enum(prstr) + length(4) */
+    MAX_VERSION_SZ      =   5,     /* enum + id + version(byte) + (header(2))*/
+    MAX_ENCODED_DIG_SZ  =  73,     /* sha512 + enum(bit or octet) + legnth(4) */
+    MAX_RSA_INT_SZ      = 517,     /* RSA raw sz 4096 for bits + tag + len(4) */
+    MAX_NTRU_KEY_SZ     = 610,     /* NTRU 112 bit public key */
+    MAX_NTRU_ENC_SZ     = 628,     /* NTRU 112 bit DER public encoding */
+    MAX_LENGTH_SZ       =   4,     /* Max length size for DER encoding */
+    MAX_RSA_E_SZ        =  16,     /* Max RSA public e size */
+    MAX_CA_SZ           =  32,     /* Max encoded CA basic constraint length */
+    MAX_SN_SZ           =  35,     /* Max encoded serial number (INT) length */
+#ifdef WOLFSSL_CERT_GEN
+    #ifdef WOLFSSL_CERT_REQ
+                          /* Max encoded cert req attributes length */
+        MAX_ATTRIB_SZ   = MAX_SEQ_SZ * 3 + (11 + MAX_SEQ_SZ) * 2 +
+                          MAX_PRSTR_SZ + CTC_NAME_SIZE, /* 11 is the OID size */
+    #endif
+    #ifdef WOLFSSL_ALT_NAMES
+        MAX_EXTENSIONS_SZ   = 1 + MAX_LENGTH_SZ + CTC_MAX_ALT_SIZE,
+    #else
+        MAX_EXTENSIONS_SZ   = 1 + MAX_LENGTH_SZ + MAX_CA_SZ,
+    #endif
+                                   /* Max total extensions, id + len + others */
+#endif
+    MAX_OCSP_EXT_SZ     = 58,      /* Max OCSP Extension length */
+    MAX_OCSP_NONCE_SZ   = 18,      /* OCSP Nonce size           */
+    EIGHTK_BUF          = 8192,    /* Tmp buffer size           */
+    MAX_PUBLIC_KEY_SZ   = MAX_NTRU_ENC_SZ + MAX_ALGO_SZ + MAX_SEQ_SZ * 2
+                                   /* use bigger NTRU size */
+};
+
+
+enum Oid_Types {
+    hashType  = 0,
+    sigType   = 1,
+    keyType   = 2,
+    curveType = 3,
+    blkType   = 4
+};
+
+
+enum Hash_Sum  {
+    MD2h    = 646,
+    MD5h    = 649,
+    SHAh    =  88,
+    SHA256h = 414,
+    SHA384h = 415,
+    SHA512h = 416
+};
+
+
+enum Block_Sum {
+    DESb  = 69,
+    DES3b = 652
+};
+
+
+enum Key_Sum {
+    DSAk   = 515,
+    RSAk   = 645,
+    NTRUk  = 274,
+    ECDSAk = 518
+};
+
+
+enum Ecc_Sum {
+    ECC_256R1 = 526,
+    ECC_384R1 = 210,
+    ECC_521R1 = 211,
+    ECC_160R1 = 184,
+    ECC_192R1 = 520,
+    ECC_224R1 = 209
+};
+
+
+enum KDF_Sum {
+    PBKDF2_OID = 660
+};
+
+
+enum Extensions_Sum {
+    BASIC_CA_OID    = 133,
+    ALT_NAMES_OID   = 131,
+    CRL_DIST_OID    = 145,
+    AUTH_INFO_OID   = 69,
+    CA_ISSUER_OID   = 117,
+    AUTH_KEY_OID    = 149,
+    SUBJ_KEY_OID    = 128,
+    CERT_POLICY_OID = 146,
+    KEY_USAGE_OID   = 129,  /* 2.5.29.15 */
+    INHIBIT_ANY_OID = 168,  /* 2.5.29.54 */
+    EXT_KEY_USAGE_OID = 151, /* 2.5.29.37 */
+    NAME_CONS_OID   = 144   /* 2.5.29.30 */
+};
+
+enum CertificatePolicy_Sum {
+    CP_ANY_OID      = 146  /* id-ce 32 0 */
+};
+
+enum SepHardwareName_Sum {
+    HW_NAME_OID     = 79   /* 1.3.6.1.5.5.7.8.4 from RFC 4108*/
+};
+
+enum AuthInfo_Sum {
+    AIA_OCSP_OID      = 116, /* 1.3.6.1.5.5.7.48.1 */
+    AIA_CA_ISSUER_OID = 117  /* 1.3.6.1.5.5.7.48.2 */
+};
+
+enum ExtKeyUsage_Sum { /* From RFC 5280 */
+    EKU_ANY_OID         = 151, /* 2.5.29.37.0, anyExtendedKeyUsage         */
+    EKU_SERVER_AUTH_OID = 71,  /* 1.3.6.1.5.5.7.3.1, id-kp-serverAuth      */
+    EKU_CLIENT_AUTH_OID = 72,  /* 1.3.6.1.5.5.7.3.2, id-kp-clientAuth      */
+    EKU_OCSP_SIGN_OID   = 79   /* 1.3.6.1.5.5.7.3.9, OCSPSigning           */
+};
+
+
+enum VerifyType {
+    NO_VERIFY = 0,
+    VERIFY    = 1
+};
+
+
+/* Key usage extension bits */
+#define KEYUSE_DIGITAL_SIG    0x0100
+#define KEYUSE_CONTENT_COMMIT 0x0080
+#define KEYUSE_KEY_ENCIPHER   0x0040
+#define KEYUSE_DATA_ENCIPHER  0x0020
+#define KEYUSE_KEY_AGREE      0x0010
+#define KEYUSE_KEY_CERT_SIGN  0x0008
+#define KEYUSE_CRL_SIGN       0x0004
+#define KEYUSE_ENCIPHER_ONLY  0x0002
+#define KEYUSE_DECIPHER_ONLY  0x0001
+
+#define EXTKEYUSE_ANY         0x08
+#define EXTKEYUSE_OCSP_SIGN   0x04
+#define EXTKEYUSE_CLIENT_AUTH 0x02
+#define EXTKEYUSE_SERVER_AUTH 0x01
+
+typedef struct DNS_entry   DNS_entry;
+
+struct DNS_entry {
+    DNS_entry* next;   /* next on DNS list */
+    char*      name;   /* actual DNS name */
+};
+
+
+typedef struct Base_entry  Base_entry;
+
+struct Base_entry {
+    Base_entry* next;   /* next on name base list */
+    char*       name;   /* actual name base */
+    int         nameSz; /* name length */
+    byte        type;   /* Name base type (DNS or RFC822) */
+};
+
+
+struct DecodedName {
+    char*   fullName;
+    int     fullNameLen;
+    int     entryCount;
+    int     cnIdx;
+    int     cnLen;
+    int     snIdx;
+    int     snLen;
+    int     cIdx;
+    int     cLen;
+    int     lIdx;
+    int     lLen;
+    int     stIdx;
+    int     stLen;
+    int     oIdx;
+    int     oLen;
+    int     ouIdx;
+    int     ouLen;
+    int     emailIdx;
+    int     emailLen;
+    int     uidIdx;
+    int     uidLen;
+    int     serialIdx;
+    int     serialLen;
+};
+
+
+typedef struct DecodedCert DecodedCert;
+typedef struct DecodedName DecodedName;
+typedef struct Signer      Signer;
+
+
+struct DecodedCert {
+    byte*   publicKey;
+    word32  pubKeySize;
+    int     pubKeyStored;
+    word32  certBegin;               /* offset to start of cert          */
+    word32  sigIndex;                /* offset to start of signature     */
+    word32  sigLength;               /* length of signature              */
+    word32  signatureOID;            /* sum of algorithm object id       */
+    word32  keyOID;                  /* sum of key algo  object id       */
+    int     version;                 /* cert version, 1 or 3             */
+    DNS_entry* altNames;             /* alt names list of dns entries    */
+#ifndef IGNORE_NAME_CONSTRAINTS
+    DNS_entry* altEmailNames;        /* alt names list of RFC822 entries */
+    Base_entry* permittedNames;      /* Permitted name bases             */
+    Base_entry* excludedNames;       /* Excluded name bases              */
+#endif /* IGNORE_NAME_CONSTRAINTS */
+    byte    subjectHash[SHA_SIZE];   /* hash of all Names                */
+    byte    issuerHash[SHA_SIZE];    /* hash of all Names                */
+#ifdef HAVE_OCSP
+    byte    issuerKeyHash[SHA_SIZE]; /* hash of the public Key           */
+#endif /* HAVE_OCSP */
+    byte*   signature;               /* not owned, points into raw cert  */
+    char*   subjectCN;               /* CommonName                       */
+    int     subjectCNLen;            /* CommonName Length                */
+    char    subjectCNEnc;            /* CommonName Encoding              */
+    int     subjectCNStored;         /* have we saved a copy we own      */
+    char    issuer[ASN_NAME_MAX];    /* full name including common name  */
+    char    subject[ASN_NAME_MAX];   /* full name including common name  */
+    int     verify;                  /* Default to yes, but could be off */
+    byte*   source;                  /* byte buffer holder cert, NOT owner */
+    word32  srcIdx;                  /* current offset into buffer       */
+    word32  maxIdx;                  /* max offset based on init size    */
+    void*   heap;                    /* for user memory overrides        */
+    byte    serial[EXTERNAL_SERIAL_SIZE];  /* raw serial number          */
+    int     serialSz;                /* raw serial bytes stored */
+    byte*   extensions;              /* not owned, points into raw cert  */
+    int     extensionsSz;            /* length of cert extensions */
+    word32  extensionsIdx;           /* if want to go back and parse later */
+    byte*   extAuthInfo;             /* Authority Information Access URI */
+    int     extAuthInfoSz;           /* length of the URI                */
+    byte*   extCrlInfo;              /* CRL Distribution Points          */
+    int     extCrlInfoSz;            /* length of the URI                */
+    byte    extSubjKeyId[SHA_SIZE];  /* Subject Key ID                   */
+    byte    extSubjKeyIdSet;         /* Set when the SKID was read from cert */
+    byte    extAuthKeyId[SHA_SIZE];  /* Authority Key ID                 */
+    byte    extAuthKeyIdSet;         /* Set when the AKID was read from cert */
+#ifndef IGNORE_NAME_CONSTRAINTS
+    byte    extNameConstraintSet;
+#endif /* IGNORE_NAME_CONSTRAINTS */
+    byte    isCA;                    /* CA basic constraint true         */
+    byte    extKeyUsageSet;
+    word16  extKeyUsage;             /* Key usage bitfield               */
+    byte    extExtKeyUsageSet;       /* Extended Key Usage               */
+    byte    extExtKeyUsage;          /* Extended Key usage bitfield      */
+#ifdef OPENSSL_EXTRA
+    byte    extBasicConstSet;
+    byte    extBasicConstCrit;
+    byte    extBasicConstPlSet;
+    word32  pathLength;              /* CA basic constraint path length, opt */
+    byte    extSubjAltNameSet;
+    byte    extSubjAltNameCrit;
+    byte    extAuthKeyIdCrit;
+#ifndef IGNORE_NAME_CONSTRAINTS
+    byte    extNameConstraintCrit;
+#endif /* IGNORE_NAME_CONSTRAINTS */
+    byte    extSubjKeyIdCrit;
+    byte    extKeyUsageCrit;
+    byte    extExtKeyUsageCrit;
+    byte*   extExtKeyUsageSrc;
+    word32  extExtKeyUsageSz;
+    word32  extExtKeyUsageCount;
+    byte*   extAuthKeyIdSrc;
+    word32  extAuthKeyIdSz;
+    byte*   extSubjKeyIdSrc;
+    word32  extSubjKeyIdSz;
+#endif
+#ifdef HAVE_ECC
+    word32  pkCurveOID;           /* Public Key's curve OID */
+#endif /* HAVE_ECC */
+    byte*   beforeDate;
+    int     beforeDateLen;
+    byte*   afterDate;
+    int     afterDateLen;
+#ifdef HAVE_PKCS7
+    byte*   issuerRaw;               /* pointer to issuer inside source */
+    int     issuerRawLen;
+#endif
+#ifndef IGNORE_NAME_CONSTRAINT
+    byte*   subjectRaw;               /* pointer to subject inside source */
+    int     subjectRawLen;
+#endif
+#if defined(WOLFSSL_CERT_GEN)
+    /* easy access to subject info for other sign */
+    char*   subjectSN;
+    int     subjectSNLen;
+    char    subjectSNEnc;
+    char*   subjectC;
+    int     subjectCLen;
+    char    subjectCEnc;
+    char*   subjectL;
+    int     subjectLLen;
+    char    subjectLEnc;
+    char*   subjectST;
+    int     subjectSTLen;
+    char    subjectSTEnc;
+    char*   subjectO;
+    int     subjectOLen;
+    char    subjectOEnc;
+    char*   subjectOU;
+    int     subjectOULen;
+    char    subjectOUEnc;
+    char*   subjectEmail;
+    int     subjectEmailLen;
+#endif /* WOLFSSL_CERT_GEN */
+#ifdef OPENSSL_EXTRA
+    DecodedName issuerName;
+    DecodedName subjectName;
+#endif /* OPENSSL_EXTRA */
+#ifdef WOLFSSL_SEP
+    int     deviceTypeSz;
+    byte*   deviceType;
+    int     hwTypeSz;
+    byte*   hwType;
+    int     hwSerialNumSz;
+    byte*   hwSerialNum;
+    #ifdef OPENSSL_EXTRA
+        byte    extCertPolicySet;
+        byte    extCertPolicyCrit;
+    #endif /* OPENSSL_EXTRA */
+#endif /* WOLFSSL_SEP */
+};
+
+
+#ifdef SHA_DIGEST_SIZE
+    #define SIGNER_DIGEST_SIZE SHA_DIGEST_SIZE
+#else
+    #define SIGNER_DIGEST_SIZE 20
+#endif
+
+/* CA Signers */
+/* if change layout change PERSIST_CERT_CACHE functions too */
+struct Signer {
+    word32  pubKeySize;
+    word32  keyOID;                  /* key type */
+    word16  keyUsage;
+    byte*   publicKey;
+    int     nameLen;
+    char*   name;                    /* common name */
+#ifndef IGNORE_NAME_CONSTRAINTS
+        Base_entry* permittedNames;
+        Base_entry* excludedNames;
+#endif /* IGNORE_NAME_CONSTRAINTS */
+    byte    subjectNameHash[SIGNER_DIGEST_SIZE];
+                                     /* sha hash of names in certificate */
+    #ifndef NO_SKID
+        byte    subjectKeyIdHash[SIGNER_DIGEST_SIZE];
+                                     /* sha hash of names in certificate */
+    #endif
+    Signer* next;
+};
+
+
+/* not for public consumption but may use for testing sometimes */
+#ifdef WOLFSSL_TEST_CERT
+    #define WOLFSSL_TEST_API WOLFSSL_API
+#else
+    #define WOLFSSL_TEST_API WOLFSSL_LOCAL
+#endif
+
+WOLFSSL_TEST_API void FreeAltNames(DNS_entry*, void*);
+#ifndef IGNORE_NAME_CONSTRAINTS
+    WOLFSSL_TEST_API void FreeNameSubtrees(Base_entry*, void*);
+#endif /* IGNORE_NAME_CONSTRAINTS */
+WOLFSSL_TEST_API void InitDecodedCert(DecodedCert*, byte*, word32, void*);
+WOLFSSL_TEST_API void FreeDecodedCert(DecodedCert*);
+WOLFSSL_TEST_API int  ParseCert(DecodedCert*, int type, int verify, void* cm);
+
+WOLFSSL_LOCAL int ParseCertRelative(DecodedCert*, int type, int verify,void* cm);
+WOLFSSL_LOCAL int DecodeToKey(DecodedCert*, int verify);
+
+WOLFSSL_LOCAL Signer* MakeSigner(void*);
+WOLFSSL_LOCAL void    FreeSigner(Signer*, void*);
+WOLFSSL_LOCAL void    FreeSignerTable(Signer**, int, void*);
+
+
+WOLFSSL_LOCAL int ToTraditional(byte* buffer, word32 length);
+WOLFSSL_LOCAL int ToTraditionalEnc(byte* buffer, word32 length,const char*, int);
+
+WOLFSSL_LOCAL int ValidateDate(const byte* date, byte format, int dateType);
+
+/* ASN.1 helper functions */
+WOLFSSL_LOCAL int GetLength(const byte* input, word32* inOutIdx, int* len,
+                           word32 maxIdx);
+WOLFSSL_LOCAL int GetSequence(const byte* input, word32* inOutIdx, int* len,
+                             word32 maxIdx);
+WOLFSSL_LOCAL int GetSet(const byte* input, word32* inOutIdx, int* len,
+                        word32 maxIdx);
+WOLFSSL_LOCAL int GetMyVersion(const byte* input, word32* inOutIdx,
+                              int* version);
+WOLFSSL_LOCAL int GetInt(mp_int* mpi, const byte* input, word32* inOutIdx,
+                        word32 maxIdx);
+WOLFSSL_LOCAL int GetAlgoId(const byte* input, word32* inOutIdx, word32* oid,
+                           word32 maxIdx);
+WOLFSSL_LOCAL word32 SetLength(word32 length, byte* output);
+WOLFSSL_LOCAL word32 SetSequence(word32 len, byte* output);
+WOLFSSL_LOCAL word32 SetOctetString(word32 len, byte* output);
+WOLFSSL_LOCAL word32 SetImplicit(byte tag, byte number, word32 len,byte* output);
+WOLFSSL_LOCAL word32 SetExplicit(byte number, word32 len, byte* output);
+WOLFSSL_LOCAL word32 SetSet(word32 len, byte* output);
+WOLFSSL_LOCAL word32 SetAlgoID(int algoOID, byte* output, int type, int curveSz);
+WOLFSSL_LOCAL int SetMyVersion(word32 version, byte* output, int header);
+WOLFSSL_LOCAL int SetSerialNumber(const byte* sn, word32 snSz, byte* output);
+WOLFSSL_LOCAL int GetNameHash(const byte* source, word32* idx, byte* hash,
+                             int maxIdx);
+
+#ifdef HAVE_ECC
+    /* ASN sig helpers */
+    WOLFSSL_LOCAL int StoreECC_DSA_Sig(byte* out, word32* outLen, mp_int* r,
+                                      mp_int* s);
+    WOLFSSL_LOCAL int DecodeECC_DSA_Sig(const byte* sig, word32 sigLen,
+                                       mp_int* r, mp_int* s);
+#endif
+
+#ifdef WOLFSSL_CERT_GEN
+
+enum cert_enums {
+    NAME_ENTRIES    =  8,
+    JOINT_LEN       =  2,
+    EMAIL_JOINT_LEN =  9,
+    RSA_KEY         = 10,
+    NTRU_KEY        = 11,
+    ECC_KEY         = 12
+};
+
+#ifndef WOLFSSL_PEMCERT_TODER_DEFINED
+#ifndef NO_FILESYSTEM
+/* forward from wolfSSL */
+WOLFSSL_API
+int wolfSSL_PemCertToDer(const char* fileName, unsigned char* derBuf, int derSz);
+#define WOLFSSL_PEMCERT_TODER_DEFINED
+#endif
+#endif
+
+#endif /* WOLFSSL_CERT_GEN */
+
+
+
+/* for pointer use */
+typedef struct CertStatus CertStatus;
+
+#ifdef HAVE_OCSP
+
+enum Ocsp_Response_Status {
+    OCSP_SUCCESSFUL        = 0, /* Response has valid confirmations */
+    OCSP_MALFORMED_REQUEST = 1, /* Illegal confirmation request */
+    OCSP_INTERNAL_ERROR    = 2, /* Internal error in issuer */
+    OCSP_TRY_LATER         = 3, /* Try again later */
+    OCSP_SIG_REQUIRED      = 5, /* Must sign the request (4 is skipped) */
+    OCSP_UNAUTHROIZED      = 6  /* Request unauthorized */
+};
+
+
+enum Ocsp_Cert_Status {
+    CERT_GOOD    = 0,
+    CERT_REVOKED = 1,
+    CERT_UNKNOWN = 2
+};
+
+
+enum Ocsp_Sums {
+    OCSP_BASIC_OID = 117,
+    OCSP_NONCE_OID = 118
+};
+
+
+typedef struct OcspRequest  OcspRequest;
+typedef struct OcspResponse OcspResponse;
+
+
+struct CertStatus {
+    CertStatus* next;
+
+    byte serial[EXTERNAL_SERIAL_SIZE];
+    int serialSz;
+
+    int status;
+
+    byte thisDate[MAX_DATE_SIZE];
+    byte nextDate[MAX_DATE_SIZE];
+    byte thisDateFormat;
+    byte nextDateFormat;
+};
+
+
+struct OcspResponse {
+    int     responseStatus;  /* return code from Responder */
+
+    byte*   response;        /* Pointer to beginning of OCSP Response */
+    word32  responseSz;      /* length of the OCSP Response */
+
+    byte    producedDate[MAX_DATE_SIZE];
+							 /* Date at which this response was signed */
+    byte    producedDateFormat; /* format of the producedDate */
+    byte*   issuerHash;
+    byte*   issuerKeyHash;
+
+    byte*   cert;
+    word32  certSz;
+
+    byte*   sig;             /* Pointer to sig in source */
+    word32  sigSz;           /* Length in octets for the sig */
+    word32  sigOID;          /* OID for hash used for sig */
+
+    CertStatus* status;      /* certificate status to fill out */
+
+    byte*   nonce;           /* pointer to nonce inside ASN.1 response */
+    int     nonceSz;         /* length of the nonce string */
+
+    byte*   source;          /* pointer to source buffer, not owned */
+    word32  maxIdx;          /* max offset based on init size */
+};
+
+
+struct OcspRequest {
+    DecodedCert* cert;
+
+    byte    useNonce;
+    byte    nonce[MAX_OCSP_NONCE_SZ];
+    int     nonceSz;
+
+    byte*   issuerHash;      /* pointer to issuerHash in source cert */
+    byte*   issuerKeyHash;   /* pointer to issuerKeyHash in source cert */
+    byte*   serial;          /* pointer to serial number in source cert */
+    int     serialSz;        /* length of the serial number */
+
+    byte*   dest;            /* pointer to the destination ASN.1 buffer */
+    word32  destSz;          /* length of the destination buffer */
+};
+
+
+WOLFSSL_LOCAL void InitOcspResponse(OcspResponse*, CertStatus*, byte*, word32);
+WOLFSSL_LOCAL int  OcspResponseDecode(OcspResponse*);
+
+WOLFSSL_LOCAL void InitOcspRequest(OcspRequest*, DecodedCert*,
+                                                          byte, byte*, word32);
+WOLFSSL_LOCAL int  EncodeOcspRequest(OcspRequest*);
+
+WOLFSSL_LOCAL int  CompareOcspReqResp(OcspRequest*, OcspResponse*);
+
+
+#endif /* HAVE_OCSP */
+
+
+/* for pointer use */
+typedef struct RevokedCert RevokedCert;
+
+#ifdef HAVE_CRL
+
+struct RevokedCert {
+    byte         serialNumber[EXTERNAL_SERIAL_SIZE];
+    int          serialSz;
+    RevokedCert* next;
+};
+
+typedef struct DecodedCRL DecodedCRL;
+
+struct DecodedCRL {
+    word32  certBegin;               /* offset to start of cert          */
+    word32  sigIndex;                /* offset to start of signature     */
+    word32  sigLength;               /* length of signature              */
+    word32  signatureOID;            /* sum of algorithm object id       */
+    byte*   signature;               /* pointer into raw source, not owned */
+    byte    issuerHash[SHA_DIGEST_SIZE];  /* issuer hash                 */
+    byte    crlHash[SHA_DIGEST_SIZE];     /* raw crl data hash           */
+    byte    lastDate[MAX_DATE_SIZE]; /* last date updated  */
+    byte    nextDate[MAX_DATE_SIZE]; /* next update date   */
+    byte    lastDateFormat;          /* format of last date */
+    byte    nextDateFormat;          /* format of next date */
+    RevokedCert* certs;              /* revoked cert list  */
+    int          totalCerts;         /* number on list     */
+};
+
+WOLFSSL_LOCAL void InitDecodedCRL(DecodedCRL*);
+WOLFSSL_LOCAL int  ParseCRL(DecodedCRL*, const byte* buff, word32 sz, void* cm);
+WOLFSSL_LOCAL void FreeDecodedCRL(DecodedCRL*);
+
+
+#endif /* HAVE_CRL */
+
+
+#ifdef __cplusplus
+    } /* extern "C" */
+#endif
+
+#endif /* CTAO_CRYPT_ASN_H */
+
+#endif /* !NO_ASN */
diff --git a/3P/wolfssl/wolfssl/wolfcrypt/asn_public.h b/3P/wolfssl/wolfssl/wolfcrypt/asn_public.h
new file mode 100644
index 00000000..8708708c
--- /dev/null
+++ b/3P/wolfssl/wolfssl/wolfcrypt/asn_public.h
@@ -0,0 +1,197 @@
+/* asn_public.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#ifndef WOLF_CRYPT_ASN_PUBLIC_H
+#define WOLF_CRYPT_ASN_PUBLIC_H
+
+#include 
+#ifdef HAVE_ECC
+    #include 
+#endif
+#if defined(WOLFSSL_CERT_GEN) && !defined(NO_RSA)
+    #include 
+#endif
+
+#ifdef __cplusplus
+    extern "C" {
+#endif
+
+/* Certificate file Type */
+enum CertType {
+    CERT_TYPE       = 0,
+    PRIVATEKEY_TYPE,
+    DH_PARAM_TYPE,
+    CRL_TYPE,
+    CA_TYPE,
+    ECC_PRIVATEKEY_TYPE,
+    CERTREQ_TYPE
+};
+
+
+/* Signature type, by OID sum */
+enum Ctc_SigType {
+    CTC_SHAwDSA      = 517,
+    CTC_MD2wRSA      = 646,
+    CTC_MD5wRSA      = 648,
+    CTC_SHAwRSA      = 649,
+    CTC_SHAwECDSA    = 520,
+    CTC_SHA256wRSA   = 655,
+    CTC_SHA256wECDSA = 524,
+    CTC_SHA384wRSA   = 656,
+    CTC_SHA384wECDSA = 525,
+    CTC_SHA512wRSA   = 657,
+    CTC_SHA512wECDSA = 526
+};
+
+enum Ctc_Encoding {
+    CTC_UTF8       = 0x0c, /* utf8      */
+    CTC_PRINTABLE  = 0x13  /* printable */
+};
+
+
+#ifdef WOLFSSL_CERT_GEN
+
+#ifndef HAVE_ECC
+    typedef struct ecc_key ecc_key;
+#endif
+
+enum Ctc_Misc {
+    CTC_NAME_SIZE    =    64,
+    CTC_DATE_SIZE    =    32,
+    CTC_MAX_ALT_SIZE = 16384,   /* may be huge */
+    CTC_SERIAL_SIZE  =     8
+};
+
+typedef struct CertName {
+    char country[CTC_NAME_SIZE];
+    char countryEnc;
+    char state[CTC_NAME_SIZE];
+    char stateEnc;
+    char locality[CTC_NAME_SIZE];
+    char localityEnc;
+    char sur[CTC_NAME_SIZE];
+    char surEnc;
+    char org[CTC_NAME_SIZE];
+    char orgEnc;
+    char unit[CTC_NAME_SIZE];
+    char unitEnc;
+    char commonName[CTC_NAME_SIZE];
+    char commonNameEnc;
+    char email[CTC_NAME_SIZE];  /* !!!! email has to be last !!!! */
+} CertName;
+
+
+/* for user to fill for certificate generation */
+typedef struct Cert {
+    int      version;                   /* x509 version  */
+    byte     serial[CTC_SERIAL_SIZE];   /* serial number */
+    int      sigType;                   /* signature algo type */
+    CertName issuer;                    /* issuer info */
+    int      daysValid;                 /* validity days */
+    int      selfSigned;                /* self signed flag */
+    CertName subject;                   /* subject info */
+    int      isCA;                      /* is this going to be a CA */
+    /* internal use only */
+    int      bodySz;                    /* pre sign total size */
+    int      keyType;                   /* public key type of subject */
+#ifdef WOLFSSL_ALT_NAMES
+    byte     altNames[CTC_MAX_ALT_SIZE]; /* altNames copy */
+    int      altNamesSz;                 /* altNames size in bytes */
+    byte     beforeDate[CTC_DATE_SIZE];  /* before date copy */
+    int      beforeDateSz;               /* size of copy */
+    byte     afterDate[CTC_DATE_SIZE];   /* after date copy */
+    int      afterDateSz;                /* size of copy */
+#endif
+#ifdef WOLFSSL_CERT_REQ
+    char     challengePw[CTC_NAME_SIZE];
+#endif
+} Cert;
+#endif /* WOLFSSL_CERT_GEN */
+
+
+#ifdef WOLFSSL_CERT_GEN
+
+
+
+/* Initialize and Set Certficate defaults:
+   version    = 3 (0x2)
+   serial     = 0 (Will be randomly generated)
+   sigType    = SHA_WITH_RSA
+   issuer     = blank
+   daysValid  = 500
+   selfSigned = 1 (true) use subject as issuer
+   subject    = blank
+   isCA       = 0 (false)
+   keyType    = RSA_KEY (default)
+*/
+WOLFSSL_API void wc_InitCert(Cert*);
+WOLFSSL_API int  wc_MakeCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*,
+                         ecc_key*, RNG*);
+#ifdef WOLFSSL_CERT_REQ
+    WOLFSSL_API int  wc_MakeCertReq(Cert*, byte* derBuffer, word32 derSz, RsaKey*,
+                                ecc_key*);
+#endif
+WOLFSSL_API int  wc_SignCert(int requestSz, int sigType, byte* derBuffer,
+                         word32 derSz, RsaKey*, ecc_key*, RNG*);
+WOLFSSL_API int  wc_MakeSelfCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*,
+                             RNG*);
+WOLFSSL_API int  wc_SetIssuer(Cert*, const char*);
+WOLFSSL_API int  wc_SetSubject(Cert*, const char*);
+#ifdef WOLFSSL_ALT_NAMES
+    WOLFSSL_API int  wc_SetAltNames(Cert*, const char*);
+#endif
+WOLFSSL_API int  wc_SetIssuerBuffer(Cert*, const byte*, int);
+WOLFSSL_API int  wc_SetSubjectBuffer(Cert*, const byte*, int);
+WOLFSSL_API int  wc_SetAltNamesBuffer(Cert*, const byte*, int);
+WOLFSSL_API int  wc_SetDatesBuffer(Cert*, const byte*, int);
+
+    #ifdef HAVE_NTRU
+        WOLFSSL_API int  wc_MakeNtruCert(Cert*, byte* derBuffer, word32 derSz,
+                                     const byte* ntruKey, word16 keySz, RNG*);
+    #endif
+
+#endif /* WOLFSSL_CERT_GEN */
+
+
+#if defined(WOLFSSL_KEY_GEN) || defined(WOLFSSL_CERT_GEN)
+    WOLFSSL_API int wc_DerToPem(const byte* der, word32 derSz, byte* output,
+                            word32 outputSz, int type);
+#endif
+
+#ifdef HAVE_ECC
+    /* private key helpers */
+    WOLFSSL_API int wc_EccPrivateKeyDecode(const byte* input,word32* inOutIdx,
+                                         ecc_key*,word32);
+    WOLFSSL_API int wc_EccKeyToDer(ecc_key*, byte* output, word32 inLen);
+#endif
+
+/* DER encode signature */
+WOLFSSL_API word32 wc_EncodeSignature(byte* out, const byte* digest, word32 digSz,
+                                  int hashOID);
+WOLFSSL_API int wc_GetCTC_HashOID(int type);
+
+#ifdef __cplusplus
+    } /* extern "C" */
+#endif
+
+#endif /* WOLF_CRYPT_ASN_PUBLIC_H */
+
diff --git a/3P/wolfssl/wolfssl/wolfcrypt/blake2-impl.h b/3P/wolfssl/wolfssl/wolfcrypt/blake2-impl.h
new file mode 100644
index 00000000..e1882f2a
--- /dev/null
+++ b/3P/wolfssl/wolfssl/wolfcrypt/blake2-impl.h
@@ -0,0 +1,154 @@
+/*
+   BLAKE2 reference source code package - reference C implementations
+
+   Written in 2012 by Samuel Neves 
+
+   To the extent possible under law, the author(s) have dedicated all copyright
+   and related and neighboring rights to this software to the public domain
+   worldwide. This software is distributed without any warranty.
+
+   You should have received a copy of the CC0 Public Domain Dedication along with
+   this software. If not, see .
+*/
+/* blake2-impl.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#ifndef WOLFCRYPT_BLAKE2_IMPL_H
+#define WOLFCRYPT_BLAKE2_IMPL_H
+
+#include 
+
+static inline word32 load32( const void *src )
+{
+#if defined(LITTLE_ENDIAN_ORDER)
+  return *( word32 * )( src );
+#else
+  const byte *p = ( byte * )src;
+  word32 w = *p++;
+  w |= ( word32 )( *p++ ) <<  8;
+  w |= ( word32 )( *p++ ) << 16;
+  w |= ( word32 )( *p++ ) << 24;
+  return w;
+#endif
+}
+
+static inline word64 load64( const void *src )
+{
+#if defined(LITTLE_ENDIAN_ORDER)
+  return *( word64 * )( src );
+#else
+  const byte *p = ( byte * )src;
+  word64 w = *p++;
+  w |= ( word64 )( *p++ ) <<  8;
+  w |= ( word64 )( *p++ ) << 16;
+  w |= ( word64 )( *p++ ) << 24;
+  w |= ( word64 )( *p++ ) << 32;
+  w |= ( word64 )( *p++ ) << 40;
+  w |= ( word64 )( *p++ ) << 48;
+  w |= ( word64 )( *p++ ) << 56;
+  return w;
+#endif
+}
+
+static inline void store32( void *dst, word32 w )
+{
+#if defined(LITTLE_ENDIAN_ORDER)
+  *( word32 * )( dst ) = w;
+#else
+  byte *p = ( byte * )dst;
+  *p++ = ( byte )w; w >>= 8;
+  *p++ = ( byte )w; w >>= 8;
+  *p++ = ( byte )w; w >>= 8;
+  *p++ = ( byte )w;
+#endif
+}
+
+static inline void store64( void *dst, word64 w )
+{
+#if defined(LITTLE_ENDIAN_ORDER)
+  *( word64 * )( dst ) = w;
+#else
+  byte *p = ( byte * )dst;
+  *p++ = ( byte )w; w >>= 8;
+  *p++ = ( byte )w; w >>= 8;
+  *p++ = ( byte )w; w >>= 8;
+  *p++ = ( byte )w; w >>= 8;
+  *p++ = ( byte )w; w >>= 8;
+  *p++ = ( byte )w; w >>= 8;
+  *p++ = ( byte )w; w >>= 8;
+  *p++ = ( byte )w;
+#endif
+}
+
+static inline word64 load48( const void *src )
+{
+  const byte *p = ( const byte * )src;
+  word64 w = *p++;
+  w |= ( word64 )( *p++ ) <<  8;
+  w |= ( word64 )( *p++ ) << 16;
+  w |= ( word64 )( *p++ ) << 24;
+  w |= ( word64 )( *p++ ) << 32;
+  w |= ( word64 )( *p++ ) << 40;
+  return w;
+}
+
+static inline void store48( void *dst, word64 w )
+{
+  byte *p = ( byte * )dst;
+  *p++ = ( byte )w; w >>= 8;
+  *p++ = ( byte )w; w >>= 8;
+  *p++ = ( byte )w; w >>= 8;
+  *p++ = ( byte )w; w >>= 8;
+  *p++ = ( byte )w; w >>= 8;
+  *p++ = ( byte )w;
+}
+
+static inline word32 rotl32( const word32 w, const unsigned c )
+{
+  return ( w << c ) | ( w >> ( 32 - c ) );
+}
+
+static inline word64 rotl64( const word64 w, const unsigned c )
+{
+  return ( w << c ) | ( w >> ( 64 - c ) );
+}
+
+static inline word32 rotr32( const word32 w, const unsigned c )
+{
+  return ( w >> c ) | ( w << ( 32 - c ) );
+}
+
+static inline word64 rotr64( const word64 w, const unsigned c )
+{
+  return ( w >> c ) | ( w << ( 64 - c ) );
+}
+
+/* prevents compiler optimizing out memset() */
+static inline void secure_zero_memory( void *v, word64 n )
+{
+  volatile byte *p = ( volatile byte * )v;
+
+  while( n-- ) *p++ = 0;
+}
+
+#endif  /* WOLFCRYPT_BLAKE2_IMPL_H */
+
diff --git a/3P/wolfssl/wolfssl/wolfcrypt/blake2-int.h b/3P/wolfssl/wolfssl/wolfcrypt/blake2-int.h
new file mode 100644
index 00000000..05fd0274
--- /dev/null
+++ b/3P/wolfssl/wolfssl/wolfcrypt/blake2-int.h
@@ -0,0 +1,183 @@
+/*
+   BLAKE2 reference source code package - reference C implementations
+
+   Written in 2012 by Samuel Neves 
+
+   To the extent possible under law, the author(s) have dedicated all copyright
+   and related and neighboring rights to this software to the public domain
+   worldwide. This software is distributed without any warranty.
+
+   You should have received a copy of the CC0 Public Domain Dedication along with
+   this software. If not, see .
+*/
+/* blake2-int.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+
+#ifndef WOLFCRYPT_BLAKE2_INT_H
+#define WOLFCRYPT_BLAKE2_INT_H
+
+#include 
+
+
+#if defined(_MSC_VER)
+    #define ALIGN(x) __declspec(align(x))
+#elif defined(__GNUC__)
+    #define ALIGN(x) __attribute__((aligned(x)))
+#else
+    #define ALIGN(x)
+#endif
+
+
+#if defined(__cplusplus)
+    extern "C" {
+#endif
+
+  enum blake2s_constant
+  {
+    BLAKE2S_BLOCKBYTES = 64,
+    BLAKE2S_OUTBYTES   = 32,
+    BLAKE2S_KEYBYTES   = 32,
+    BLAKE2S_SALTBYTES  = 8,
+    BLAKE2S_PERSONALBYTES = 8
+  };
+
+  enum blake2b_constant
+  {
+    BLAKE2B_BLOCKBYTES = 128,
+    BLAKE2B_OUTBYTES   = 64,
+    BLAKE2B_KEYBYTES   = 64,
+    BLAKE2B_SALTBYTES  = 16,
+    BLAKE2B_PERSONALBYTES = 16
+  };
+
+#pragma pack(push, 1)
+  typedef struct __blake2s_param
+  {
+    byte  digest_length; /* 1 */
+    byte  key_length;    /* 2 */
+    byte  fanout;        /* 3 */
+    byte  depth;         /* 4 */
+    word32 leaf_length;   /* 8 */
+    byte  node_offset[6];/* 14 */
+    byte  node_depth;    /* 15 */
+    byte  inner_length;  /* 16 */
+    /* byte  reserved[0]; */
+    byte  salt[BLAKE2B_SALTBYTES]; /* 24 */
+    byte  personal[BLAKE2S_PERSONALBYTES];  /* 32 */
+  } blake2s_param;
+
+  ALIGN( 64 ) typedef struct __blake2s_state
+  {
+    word32 h[8];
+    word32 t[2];
+    word32 f[2];
+    byte  buf[2 * BLAKE2S_BLOCKBYTES];
+    word64 buflen;
+    byte  last_node;
+  } blake2s_state ;
+
+  typedef struct __blake2b_param
+  {
+    byte  digest_length; /* 1 */
+    byte  key_length;    /* 2 */
+    byte  fanout;        /* 3 */
+    byte  depth;         /* 4 */
+    word32 leaf_length;   /* 8 */
+    word64 node_offset;   /* 16 */
+    byte  node_depth;    /* 17 */
+    byte  inner_length;  /* 18 */
+    byte  reserved[14];  /* 32 */
+    byte  salt[BLAKE2B_SALTBYTES]; /* 48 */
+    byte  personal[BLAKE2B_PERSONALBYTES];  /* 64 */
+  } blake2b_param;
+
+  ALIGN( 64 ) typedef struct __blake2b_state
+  {
+    word64 h[8];
+    word64 t[2];
+    word64 f[2];
+    byte  buf[2 * BLAKE2B_BLOCKBYTES];
+    word64 buflen;
+    byte  last_node;
+  } blake2b_state;
+
+  typedef struct __blake2sp_state
+  {
+    blake2s_state S[8][1];
+    blake2s_state R[1];
+    byte buf[8 * BLAKE2S_BLOCKBYTES];
+    word64 buflen;
+  } blake2sp_state;
+
+  typedef struct __blake2bp_state
+  {
+    blake2b_state S[4][1];
+    blake2b_state R[1];
+    byte buf[4 * BLAKE2B_BLOCKBYTES];
+    word64 buflen;
+  } blake2bp_state;
+#pragma pack(pop)
+
+  /* Streaming API */
+  int blake2s_init( blake2s_state *S, const byte outlen );
+  int blake2s_init_key( blake2s_state *S, const byte outlen, const void *key, const byte keylen );
+  int blake2s_init_param( blake2s_state *S, const blake2s_param *P );
+  int blake2s_update( blake2s_state *S, const byte *in, word64 inlen );
+  int blake2s_final( blake2s_state *S, byte *out, byte outlen );
+
+  int blake2b_init( blake2b_state *S, const byte outlen );
+  int blake2b_init_key( blake2b_state *S, const byte outlen, const void *key, const byte keylen );
+  int blake2b_init_param( blake2b_state *S, const blake2b_param *P );
+  int blake2b_update( blake2b_state *S, const byte *in, word64 inlen );
+  int blake2b_final( blake2b_state *S, byte *out, byte outlen );
+
+  int blake2sp_init( blake2sp_state *S, const byte outlen );
+  int blake2sp_init_key( blake2sp_state *S, const byte outlen, const void *key, const byte keylen );
+  int blake2sp_update( blake2sp_state *S, const byte *in, word64 inlen );
+  int blake2sp_final( blake2sp_state *S, byte *out, byte outlen );
+
+  int blake2bp_init( blake2bp_state *S, const byte outlen );
+  int blake2bp_init_key( blake2bp_state *S, const byte outlen, const void *key, const byte keylen );
+  int blake2bp_update( blake2bp_state *S, const byte *in, word64 inlen );
+  int blake2bp_final( blake2bp_state *S, byte *out, byte outlen );
+
+  /* Simple API */
+  int blake2s( byte *out, const void *in, const void *key, const byte outlen, const word64 inlen, byte keylen );
+  int blake2b( byte *out, const void *in, const void *key, const byte outlen, const word64 inlen, byte keylen );
+
+  int blake2sp( byte *out, const void *in, const void *key, const byte outlen, const word64 inlen, byte keylen );
+  int blake2bp( byte *out, const void *in, const void *key, const byte outlen, const word64 inlen, byte keylen );
+
+  static inline int blake2( byte *out, const void *in, const void *key, const byte outlen, const word64 inlen, byte keylen )
+  {
+    return blake2b( out, in, key, outlen, inlen, keylen );
+  }
+
+
+
+#if defined(__cplusplus)
+    }
+#endif
+
+#endif  /* WOLFCRYPT_BLAKE2_INT_H */
+
diff --git a/3P/wolfssl/wolfssl/wolfcrypt/blake2.h b/3P/wolfssl/wolfssl/wolfcrypt/blake2.h
new file mode 100644
index 00000000..9056cc07
--- /dev/null
+++ b/3P/wolfssl/wolfssl/wolfcrypt/blake2.h
@@ -0,0 +1,68 @@
+/* blake2.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * a with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#ifdef HAVE_BLAKE2
+
+#ifndef WOLF_CRYPT_BLAKE2_H
+#define WOLF_CRYPT_BLAKE2_H
+
+#include 
+
+/* call old functions if using fips for the sake of hmac @wc_fips */
+#ifdef HAVE_FIPS
+    /* Since hmac can call blake functions provide original calls */
+    #define wc_InitBlake2b   InitBlake2b
+    #define wc_Blake2bUpdate Blake2bUpdate
+    #define wc_Blake2bFinal  Blake2bFinal
+#endif
+
+#ifdef __cplusplus
+    extern "C" {
+#endif
+
+/* in bytes, variable digest size up to 512 bits (64 bytes) */
+enum {
+    BLAKE2B_ID  = 7,   /* hash type unique */
+    BLAKE2B_256 = 32   /* 256 bit type, SSL default */
+};
+
+
+/* BLAKE2b digest */
+typedef struct Blake2b {
+    blake2b_state S[1];         /* our state */
+    word32        digestSz;     /* digest size used on init */
+} Blake2b;
+
+
+WOLFSSL_API int wc_InitBlake2b(Blake2b*, word32);
+WOLFSSL_API int wc_Blake2bUpdate(Blake2b*, const byte*, word32);
+WOLFSSL_API int wc_Blake2bFinal(Blake2b*, byte*, word32);
+
+
+
+#ifdef __cplusplus
+    }
+#endif
+
+#endif  /* WOLF_CRYPT_BLAKE2_H */
+#endif  /* HAVE_BLAKE2 */
+
diff --git a/3P/wolfssl/wolfssl/wolfcrypt/camellia.h b/3P/wolfssl/wolfssl/wolfcrypt/camellia.h
new file mode 100644
index 00000000..2619773c
--- /dev/null
+++ b/3P/wolfssl/wolfssl/wolfcrypt/camellia.h
@@ -0,0 +1,98 @@
+/* camellia.h ver 1.2.0
+ *
+ * Copyright (c) 2006,2007
+ * NTT (Nippon Telegraph and Telephone Corporation) . All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *   notice, this list of conditions and the following disclaimer as
+ *   the first lines of this file unmodified.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *   notice, this list of conditions and the following disclaimer in the
+ *   documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY NTT ``AS IS'' AND ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+ * IN NO EVENT SHALL NTT BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/* camellia.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+#ifdef HAVE_CAMELLIA
+
+#ifndef WOLF_CRYPT_CAMELLIA_H
+#define WOLF_CRYPT_CAMELLIA_H
+
+
+#include 
+
+#ifdef __cplusplus
+    extern "C" {
+#endif
+
+
+enum {
+    CAMELLIA_BLOCK_SIZE = 16
+};
+
+#define CAMELLIA_TABLE_BYTE_LEN 272
+#define CAMELLIA_TABLE_WORD_LEN (CAMELLIA_TABLE_BYTE_LEN / sizeof(word32))
+
+typedef word32 KEY_TABLE_TYPE[CAMELLIA_TABLE_WORD_LEN];
+
+typedef struct Camellia {
+    word32 keySz;
+    KEY_TABLE_TYPE key;
+    word32 reg[CAMELLIA_BLOCK_SIZE / sizeof(word32)]; /* for CBC mode */
+    word32 tmp[CAMELLIA_BLOCK_SIZE / sizeof(word32)]; /* for CBC mode */
+} Camellia;
+
+
+WOLFSSL_API int  wc_CamelliaSetKey(Camellia* cam,
+                                   const byte* key, word32 len, const byte* iv);
+WOLFSSL_API int  wc_CamelliaSetIV(Camellia* cam, const byte* iv);
+WOLFSSL_API void wc_CamelliaEncryptDirect(Camellia* cam, byte* out,
+                                                                const byte* in);
+WOLFSSL_API void wc_CamelliaDecryptDirect(Camellia* cam, byte* out,
+                                                                const byte* in);
+WOLFSSL_API void wc_CamelliaCbcEncrypt(Camellia* cam,
+                                          byte* out, const byte* in, word32 sz);
+WOLFSSL_API void wc_CamelliaCbcDecrypt(Camellia* cam,
+                                          byte* out, const byte* in, word32 sz);
+
+
+#ifdef __cplusplus
+    } /* extern "C" */
+#endif
+
+#endif /* WOLF_CRYPT_CAMELLIA_H */
+#endif /* HAVE_CAMELLIA */
+
diff --git a/3P/wolfssl/wolfssl/wolfcrypt/chacha.h b/3P/wolfssl/wolfssl/wolfcrypt/chacha.h
new file mode 100644
index 00000000..5e2a51e0
--- /dev/null
+++ b/3P/wolfssl/wolfssl/wolfcrypt/chacha.h
@@ -0,0 +1,58 @@
+/* chacha.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+#ifdef HAVE_CHACHA
+
+#ifndef WOLF_CRYPT_CHACHA_H
+#define WOLF_CRYPT_CHACHA_H
+
+#include 
+
+#ifdef __cplusplus
+    extern "C" {
+#endif
+
+
+enum {
+	CHACHA_ENC_TYPE = 7     /* cipher unique type */
+};
+
+typedef struct ChaCha {
+    word32 X[16];           /* state of cipher */
+} ChaCha;
+
+/**
+  * IV(nonce) changes with each record
+  * counter is for what value the block counter should start ... usually 0
+  */
+WOLFSSL_API int wc_Chacha_SetIV(ChaCha* ctx, const byte* inIv, word32 counter);
+
+WOLFSSL_API int wc_Chacha_Process(ChaCha* ctx, byte* cipher, const byte* plain,
+                              word32 msglen);
+WOLFSSL_API int wc_Chacha_SetKey(ChaCha* ctx, const byte* key, word32 keySz);
+
+#ifdef __cplusplus
+    } /* extern "C" */
+#endif
+
+#endif /* WOLF_CRYPT_CHACHA_H */
+#endif /* HAVE_CHACHA */
+
diff --git a/3P/wolfssl/wolfssl/wolfcrypt/coding.h b/3P/wolfssl/wolfssl/wolfcrypt/coding.h
new file mode 100644
index 00000000..b5a0ce34
--- /dev/null
+++ b/3P/wolfssl/wolfssl/wolfcrypt/coding.h
@@ -0,0 +1,58 @@
+/* coding.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#ifndef WOLF_CRYPT_CODING_H
+#define WOLF_CRYPT_CODING_H
+
+#include 
+
+#ifdef __cplusplus
+    extern "C" {
+#endif
+
+
+/* decode needed by wolfSSL */
+WOLFSSL_LOCAL int Base64_Decode(const byte* in, word32 inLen, byte* out,
+                               word32* outLen);
+
+#if defined(OPENSSL_EXTRA) || defined(SESSION_CERTS) || defined(WOLFSSL_KEY_GEN)  || defined(WOLFSSL_CERT_GEN) || defined(HAVE_WEBSERVER)
+    /* encode isn't */
+    WOLFSSL_API
+    int Base64_Encode(const byte* in, word32 inLen, byte* out,
+                                  word32* outLen);
+    WOLFSSL_API
+    int Base64_EncodeEsc(const byte* in, word32 inLen, byte* out,
+                                  word32* outLen);
+#endif
+
+#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) || defined(HAVE_FIPS)
+    WOLFSSL_API
+    int Base16_Decode(const byte* in, word32 inLen, byte* out, word32* outLen);
+#endif
+
+
+#ifdef __cplusplus
+    } /* extern "C" */
+#endif
+
+#endif /* WOLF_CRYPT_CODING_H */
+
diff --git a/3P/wolfssl/wolfssl/wolfcrypt/compress.h b/3P/wolfssl/wolfssl/wolfcrypt/compress.h
new file mode 100644
index 00000000..70a5a1d6
--- /dev/null
+++ b/3P/wolfssl/wolfssl/wolfcrypt/compress.h
@@ -0,0 +1,52 @@
+/* compress.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#ifdef HAVE_LIBZ
+
+#ifndef WOLF_CRYPT_COMPRESS_H
+#define WOLF_CRYPT_COMPRESS_H
+
+
+#include 
+
+
+#ifdef __cplusplus
+    extern "C" {
+#endif
+
+
+#define COMPRESS_FIXED 1
+
+
+WOLFSSL_API int wc_Compress(byte*, word32, const byte*, word32, word32);
+WOLFSSL_API int wc_DeCompress(byte*, word32, const byte*, word32);
+
+
+#ifdef __cplusplus
+    } /* extern "C" */
+#endif
+
+
+#endif /* WOLF_CRYPT_COMPRESS_H */
+
+#endif /* HAVE_LIBZ */
+
diff --git a/3P/wolfssl/wolfssl/wolfcrypt/des3.h b/3P/wolfssl/wolfssl/wolfcrypt/des3.h
new file mode 100644
index 00000000..e7732dcc
--- /dev/null
+++ b/3P/wolfssl/wolfssl/wolfcrypt/des3.h
@@ -0,0 +1,115 @@
+/* des3.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#ifndef NO_DES3
+
+#ifndef WOLF_CRYPT_DES3_H
+#define WOLF_CRYPT_DES3_H
+
+
+#include 
+
+#ifdef HAVE_FIPS
+/* included for fips @wc_fips */
+#include 
+#endif
+
+#ifdef __cplusplus
+    extern "C" {
+#endif
+
+#ifndef HAVE_FIPS /* to avoid redifinition of macros */
+#define WOLFSSL_3DES_CAVIUM_MAGIC 0xBEEF0003
+
+enum {
+    DES_ENC_TYPE    = 2,     /* cipher unique type */
+    DES3_ENC_TYPE   = 3,     /* cipher unique type */
+    DES_BLOCK_SIZE  = 8,
+    DES_KS_SIZE     = 32,
+
+    DES_ENCRYPTION  = 0,
+    DES_DECRYPTION  = 1
+};
+
+#define DES_IVLEN 8
+#define DES_KEYLEN 8
+#define DES3_IVLEN 8
+#define DES3_KEYLEN 24
+
+
+#ifdef STM32F2_CRYPTO
+enum {
+    DES_CBC = 0,
+    DES_ECB = 1
+};
+#endif
+
+
+/* DES encryption and decryption */
+typedef struct Des {
+    word32 reg[DES_BLOCK_SIZE / sizeof(word32)];      /* for CBC mode */
+    word32 tmp[DES_BLOCK_SIZE / sizeof(word32)];      /* same         */
+    word32 key[DES_KS_SIZE];
+} Des;
+
+
+/* DES3 encryption and decryption */
+typedef struct Des3 {
+    word32 key[3][DES_KS_SIZE];
+    word32 reg[DES_BLOCK_SIZE / sizeof(word32)];      /* for CBC mode */
+    word32 tmp[DES_BLOCK_SIZE / sizeof(word32)];      /* same         */
+#ifdef HAVE_CAVIUM
+    int     devId;           /* nitrox device id */
+    word32  magic;           /* using cavium magic */
+    word64  contextHandle;   /* nitrox context memory handle */
+#endif
+} Des3;
+#endif /* HAVE_FIPS */
+
+WOLFSSL_API int  wc_Des_SetKey(Des* des, const byte* key, const byte* iv, int dir);
+WOLFSSL_API void wc_Des_SetIV(Des* des, const byte* iv);
+WOLFSSL_API int  wc_Des_CbcEncrypt(Des* des, byte* out, const byte* in, word32 sz);
+WOLFSSL_API int  wc_Des_CbcDecrypt(Des* des, byte* out, const byte* in, word32 sz);
+WOLFSSL_API int  wc_Des_EcbEncrypt(Des* des, byte* out, const byte* in, word32 sz);
+WOLFSSL_API int  wc_Des_CbcDecryptWithKey(byte* out, const byte* in, word32 sz,
+                                               const byte* key, const byte* iv);
+
+WOLFSSL_API int  wc_Des3_SetKey(Des3* des, const byte* key, const byte* iv,int dir);
+WOLFSSL_API int  wc_Des3_SetIV(Des3* des, const byte* iv);
+WOLFSSL_API int  wc_Des3_CbcEncrypt(Des3* des, byte* out, const byte* in,word32 sz);
+WOLFSSL_API int  wc_Des3_CbcDecrypt(Des3* des, byte* out, const byte* in,word32 sz);
+WOLFSSL_API int  wc_Des3_CbcDecryptWithKey(byte* out, const byte* in, word32 sz,
+                                               const byte* key, const byte* iv);
+
+
+#ifdef HAVE_CAVIUM
+    WOLFSSL_API int  wc_Des3_InitCavium(Des3*, int);
+    WOLFSSL_API void wc_Des3_FreeCavium(Des3*);
+#endif
+
+#ifdef __cplusplus
+    } /* extern "C" */
+#endif
+
+#endif /* NO_DES3 */
+#endif /* CTAO_CRYPT_DES3_H */
+
diff --git a/3P/wolfssl/wolfssl/wolfcrypt/dh.h b/3P/wolfssl/wolfssl/wolfcrypt/dh.h
new file mode 100644
index 00000000..07016114
--- /dev/null
+++ b/3P/wolfssl/wolfssl/wolfcrypt/dh.h
@@ -0,0 +1,67 @@
+/* dh.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#ifndef NO_DH
+
+#ifndef WOLF_CRYPT_DH_H
+#define WOLF_CRYPT_DH_H
+
+#include 
+#include 
+#include 
+
+#ifdef __cplusplus
+    extern "C" {
+#endif
+
+
+/* Diffie-Hellman Key */
+typedef struct DhKey {
+    mp_int p, g;                            /* group parameters  */
+} DhKey;
+
+
+WOLFSSL_API void wc_InitDhKey(DhKey* key);
+WOLFSSL_API void wc_FreeDhKey(DhKey* key);
+
+WOLFSSL_API int wc_DhGenerateKeyPair(DhKey* key, RNG* rng, byte* priv,
+                                 word32* privSz, byte* pub, word32* pubSz);
+WOLFSSL_API int wc_DhAgree(DhKey* key, byte* agree, word32* agreeSz,
+                       const byte* priv, word32 privSz, const byte* otherPub,
+                       word32 pubSz);
+
+WOLFSSL_API int wc_DhKeyDecode(const byte* input, word32* inOutIdx, DhKey* key,
+                           word32);
+WOLFSSL_API int wc_DhSetKey(DhKey* key, const byte* p, word32 pSz, const byte* g,
+                        word32 gSz);
+WOLFSSL_API int wc_DhParamsLoad(const byte* input, word32 inSz, byte* p,
+                            word32* pInOutSz, byte* g, word32* gInOutSz);
+
+
+#ifdef __cplusplus
+    } /* extern "C" */
+#endif
+
+#endif /* WOLF_CRYPT_DH_H */
+
+#endif /* NO_DH */
+
diff --git a/3P/wolfssl/wolfssl/wolfcrypt/dsa.h b/3P/wolfssl/wolfssl/wolfcrypt/dsa.h
new file mode 100644
index 00000000..7e9500ca
--- /dev/null
+++ b/3P/wolfssl/wolfssl/wolfcrypt/dsa.h
@@ -0,0 +1,75 @@
+/* dsa.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#ifndef NO_DSA
+
+#ifndef WOLF_CRYPT_DSA_H
+#define WOLF_CRYPT_DSA_H
+
+#include 
+#include 
+#include 
+
+/* for DSA reverse compatibility */
+#define InitDsaKey wc_InitDsaKey
+#define FreeDsaKey wc_FreeDsaKey
+#define DsaSign wc_DsaSign
+#define DsaVerify wc_DsaVerify
+#define DsaPublicKeyDecode wc_DsaPublicKeyDecode
+#define DsaPrivateKeyDecode wc_DsaPrivateKeyDecode
+
+#ifdef __cplusplus
+    extern "C" {
+#endif
+
+
+enum {
+    DSA_PUBLIC   = 0,
+    DSA_PRIVATE  = 1
+};
+
+/* DSA */
+typedef struct DsaKey {
+    mp_int p, q, g, y, x;
+    int type;                               /* public or private */
+} DsaKey;
+
+
+WOLFSSL_API void wc_InitDsaKey(DsaKey* key);
+WOLFSSL_API void wc_FreeDsaKey(DsaKey* key);
+
+WOLFSSL_API int wc_DsaSign(const byte* digest, byte* out, DsaKey* key, RNG* rng);
+WOLFSSL_API int wc_DsaVerify(const byte* digest, const byte* sig, DsaKey* key,
+                         int* answer);
+
+WOLFSSL_API int wc_DsaPublicKeyDecode(const byte* input, word32* inOutIdx, DsaKey*,
+                                  word32);
+WOLFSSL_API int wc_DsaPrivateKeyDecode(const byte* input, word32* inOutIdx, DsaKey*,
+                                   word32);
+
+#ifdef __cplusplus
+    } /* extern "C" */
+#endif
+
+#endif /* WOLF_CRYPT_DSA_H */
+#endif /* NO_DSA */
+
diff --git a/3P/wolfssl/wolfssl/wolfcrypt/ecc.h b/3P/wolfssl/wolfssl/wolfcrypt/ecc.h
new file mode 100644
index 00000000..518c8b14
--- /dev/null
+++ b/3P/wolfssl/wolfssl/wolfcrypt/ecc.h
@@ -0,0 +1,243 @@
+/* ecc.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+#ifdef HAVE_ECC
+
+#ifndef WOLF_CRYPT_ECC_H
+#define WOLF_CRYPT_ECC_H
+
+#include 
+#include 
+#include 
+
+#ifdef __cplusplus
+    extern "C" {
+#endif
+
+
+enum {
+    ECC_PUBLICKEY  = 1,
+    ECC_PRIVATEKEY = 2,
+    ECC_MAXNAME    = 16,     /* MAX CURVE NAME LENGTH */
+    SIG_HEADER_SZ  =  6,     /* ECC signature header size */
+    ECC_BUFSIZE    = 256,    /* for exported keys temp buffer */
+    ECC_MINSIZE    = 20,     /* MIN Private Key size */
+    ECC_MAXSIZE    = 66      /* MAX Private Key size */
+};
+
+
+/* ECC set type defined a NIST GF(p) curve */
+typedef struct {
+    int size;       /* The size of the curve in octets */
+    const char* name;     /* name of this curve */
+    const char* prime;    /* prime that defines the field, curve is in (hex) */
+    const char* Af;       /* fields A param (hex) */
+    const char* Bf;       /* fields B param (hex) */
+    const char* order;    /* order of the curve (hex) */
+    const char* Gx;       /* x coordinate of the base point on curve (hex) */
+    const char* Gy;       /* y coordinate of the base point on curve (hex) */
+} ecc_set_type;
+
+
+#ifdef ALT_ECC_SIZE
+
+/* Note on ALT_ECC_SIZE:
+ * The fast math code uses an array of a fixed size to store the big integers.
+ * By default, the array is big enough for RSA keys. There is a size,
+ * FP_MAX_BITS which can be used to make the array smaller when one wants ECC
+ * but not RSA. Some people want fast math sized for both RSA and ECC, where
+ * ECC won't use as much as RSA. The flag ALT_ECC_SIZE switches in an alternate
+ * ecc_point structure that uses an alternate fp_int that has a shorter array
+ * of fp_digits.
+ *
+ * Now, without ALT_ECC_SIZE, the ecc_point has three single item arrays of
+ * mp_ints for the components of the point. With ALT_ECC_SIZE, the components
+ * of the point are pointers that are set to each of a three item array of
+ * alt_fp_ints. While an mp_int will have 4096 bits of digit inside the
+ * structure, the alt_fp_int will only have 512 bits. A size value was added
+ * in the ALT case, as well, and is set by mp_init() and alt_fp_init(). The
+ * functions fp_zero() and fp_copy() use the size parameter. An int needs to
+ * be initialized before using it instead of just fp_zeroing it, the init will
+ * call zero. FP_MAX_BITS_ECC defaults to 512, but can be set to change the
+ * number of bits used in the alternate FP_INT.
+ *
+ * Do not enable ALT_ECC_SIZE and disable fast math in the configuration.
+ */
+
+#ifndef FP_MAX_BITS_ECC
+    #define FP_MAX_BITS_ECC           512
+#endif
+#define FP_MAX_SIZE_ECC           (FP_MAX_BITS_ECC+(8*DIGIT_BIT))
+#if FP_MAX_BITS_ECC % CHAR_BIT
+   #error FP_MAX_BITS_ECC must be a multiple of CHAR_BIT
+#endif
+#define FP_SIZE_ECC    (FP_MAX_SIZE_ECC/DIGIT_BIT)
+
+/* This needs to match the size of the fp_int struct, except the
+ * fp_digit array will be shorter. */
+typedef struct alt_fp_int {
+    int used, sign, size;
+    fp_digit dp[FP_SIZE_ECC];
+} alt_fp_int;
+#endif
+
+/* A point on an ECC curve, stored in Jacbobian format such that (x,y,z) =>
+   (x/z^2, y/z^3, 1) when interpreted as affine */
+typedef struct {
+#ifndef ALT_ECC_SIZE
+    mp_int x[1];        /* The x coordinate */
+    mp_int y[1];        /* The y coordinate */
+    mp_int z[1];        /* The z coordinate */
+#else
+    mp_int* x;        /* The x coordinate */
+    mp_int* y;        /* The y coordinate */
+    mp_int* z;        /* The z coordinate */
+    alt_fp_int xyz[3];
+#endif
+} ecc_point;
+
+
+/* An ECC Key */
+typedef struct {
+    int type;           /* Public or Private */
+    int idx;            /* Index into the ecc_sets[] for the parameters of
+                           this curve if -1, this key is using user supplied
+                           curve in dp */
+    const ecc_set_type* dp;     /* domain parameters, either points to NIST
+                                   curves (idx >= 0) or user supplied */
+    ecc_point pubkey;   /* public key */
+    mp_int    k;        /* private key */
+} ecc_key;
+
+
+/* ECC predefined curve sets  */
+extern const ecc_set_type ecc_sets[];
+
+
+WOLFSSL_API
+int wc_ecc_make_key(RNG* rng, int keysize, ecc_key* key);
+WOLFSSL_API
+int wc_ecc_shared_secret(ecc_key* private_key, ecc_key* public_key, byte* out,
+                      word32* outlen);
+WOLFSSL_API
+int wc_ecc_sign_hash(const byte* in, word32 inlen, byte* out, word32 *outlen, 
+                  RNG* rng, ecc_key* key);
+WOLFSSL_API
+int wc_ecc_verify_hash(const byte* sig, word32 siglen, const byte* hash,
+                    word32 hashlen, int* stat, ecc_key* key);
+WOLFSSL_API
+int wc_ecc_init(ecc_key* key);
+WOLFSSL_API
+void wc_ecc_free(ecc_key* key);
+WOLFSSL_API
+void wc_ecc_fp_free(void);
+
+
+/* ASN key helpers */
+WOLFSSL_API
+int wc_ecc_export_x963(ecc_key*, byte* out, word32* outLen);
+WOLFSSL_API
+int wc_ecc_export_x963_ex(ecc_key*, byte* out, word32* outLen, int compressed);
+    /* extended functionality with compressed option */
+WOLFSSL_API
+int wc_ecc_import_x963(const byte* in, word32 inLen, ecc_key* key);
+WOLFSSL_API
+int wc_ecc_import_private_key(const byte* priv, word32 privSz, const byte* pub,
+                           word32 pubSz, ecc_key* key);
+WOLFSSL_API
+int wc_ecc_rs_to_sig(const char* r, const char* s, byte* out, word32* outlen);
+WOLFSSL_API
+int wc_ecc_import_raw(ecc_key* key, const char* qx, const char* qy,
+                   const char* d, const char* curveName);
+
+WOLFSSL_API
+int wc_ecc_export_private_only(ecc_key* key, byte* out, word32* outLen);
+
+/* size helper */
+WOLFSSL_API
+int wc_ecc_size(ecc_key* key);
+WOLFSSL_API
+int wc_ecc_sig_size(ecc_key* key);
+
+
+#ifdef HAVE_ECC_ENCRYPT
+/* ecc encrypt */
+
+enum ecEncAlgo {
+    ecAES_128_CBC = 1,  /* default */
+    ecAES_256_CBC = 2
+};
+
+enum ecKdfAlgo {
+    ecHKDF_SHA256 = 1,  /* default */
+    ecHKDF_SHA1   = 2
+};
+
+enum ecMacAlgo {
+    ecHMAC_SHA256 = 1,  /* default */
+    ecHMAC_SHA1   = 2
+};
+
+enum {
+    KEY_SIZE_128     = 16,
+    KEY_SIZE_256     = 32,
+    IV_SIZE_64       =  8,
+    EXCHANGE_SALT_SZ = 16,
+    EXCHANGE_INFO_SZ = 23
+};
+
+enum ecFlags {
+    REQ_RESP_CLIENT = 1,
+    REQ_RESP_SERVER = 2
+};
+
+
+typedef struct ecEncCtx ecEncCtx;
+
+WOLFSSL_API
+ecEncCtx* wc_ecc_ctx_new(int flags, RNG* rng);
+WOLFSSL_API
+void wc_ecc_ctx_free(ecEncCtx*);
+WOLFSSL_API
+int wc_ecc_ctx_reset(ecEncCtx*, RNG*);   /* reset for use again w/o alloc/free */
+
+WOLFSSL_API
+const byte* wc_ecc_ctx_get_own_salt(ecEncCtx*);
+WOLFSSL_API
+int wc_ecc_ctx_set_peer_salt(ecEncCtx*, const byte* salt);
+WOLFSSL_API
+int wc_ecc_ctx_set_info(ecEncCtx*, const byte* info, int sz);
+
+WOLFSSL_API
+int wc_ecc_encrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
+                word32 msgSz, byte* out, word32* outSz, ecEncCtx* ctx);
+WOLFSSL_API
+int wc_ecc_decrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
+                word32 msgSz, byte* out, word32* outSz, ecEncCtx* ctx);
+
+#endif /* HAVE_ECC_ENCRYPT */
+
+#ifdef __cplusplus
+    }    /* extern "C" */
+#endif
+
+#endif /* WOLF_CRYPT_ECC_H */
+#endif /* HAVE_ECC */
diff --git a/3P/wolfssl/wolfssl/wolfcrypt/ecc25519.h b/3P/wolfssl/wolfssl/wolfcrypt/ecc25519.h
new file mode 100644
index 00000000..8fd23e08
--- /dev/null
+++ b/3P/wolfssl/wolfssl/wolfcrypt/ecc25519.h
@@ -0,0 +1,101 @@
+/* ecc25519.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+#ifdef HAVE_ECC25519
+
+#ifndef WOLF_CRYPT_ECC25519_H
+#define WOLF_CRYPT_ECC25519_H
+
+#include 
+#include 
+#include 
+#include 
+
+#ifdef __cplusplus
+    extern "C" {
+#endif
+
+#define ECC25519_KEYSIZE 32
+
+/* ECC set type */
+typedef struct {
+    int size;       /* The size of the curve in octets */
+    const char* name;     /* name of this curve */
+} ecc25519_set_type;
+
+
+/* ECC point */
+typedef struct {
+    byte point[ECC25519_KEYSIZE];
+}ECPoint;
+
+/* An ECC25519 Key */
+typedef struct {
+    int type;           /* Public or Private */
+    int idx;            /* Index into the ecc_sets[] for the parameters of
+                           this curve if -1, this key is using user supplied
+                           curve in dp */
+    const ecc25519_set_type* dp;   /* domain parameters, either points to
+                                   curves (idx >= 0) or user supplied */
+    byte      f;        /* format of key */
+    ECPoint   p;        /* public key  */
+    ECPoint   k;        /* private key */
+} ecc25519_key;
+
+WOLFSSL_API
+int wc_ecc25519_make_key(RNG* rng, int keysize, ecc25519_key* key);
+
+WOLFSSL_API
+int wc_ecc25519_shared_secret(ecc25519_key* private_key, ecc25519_key* public_key,
+        byte* out, word32* outlen);
+
+WOLFSSL_API
+int wc_ecc25519_init(ecc25519_key* key);
+
+WOLFSSL_API
+void wc_ecc25519_free(ecc25519_key* key);
+
+
+/* raw key helpers */
+WOLFSSL_API
+int wc_ecc25519_import_private_raw(const byte* priv, word32 privSz,
+                              const byte* pub, word32 pubSz, ecc25519_key* key);
+WOLFSSL_API
+int wc_ecc25519_export_private_raw(ecc25519_key* key, byte* out, word32* outLen);
+
+WOLFSSL_API
+int wc_ecc25519_import_public(const byte* in, word32 inLen, ecc25519_key* key);
+
+WOLFSSL_API
+int wc_ecc25519_export_public(ecc25519_key* key, byte* out, word32* outLen);
+
+
+/* size helper */
+WOLFSSL_API
+int wc_ecc25519_size(ecc25519_key* key);
+
+#ifdef __cplusplus
+    }    /* extern "C" */
+#endif
+
+#endif /* WOLF_CRYPT_ECC25519_H */
+#endif /* HAVE_ECC25519 */
+
diff --git a/3P/wolfssl/wolfssl/wolfcrypt/ecc25519_fe.h b/3P/wolfssl/wolfssl/wolfcrypt/ecc25519_fe.h
new file mode 100644
index 00000000..8e7f65cc
--- /dev/null
+++ b/3P/wolfssl/wolfssl/wolfcrypt/ecc25519_fe.h
@@ -0,0 +1,59 @@
+/* ecc25519_fe.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+ /* Based On Daniel J Bernstein's curve25519 Public Domain ref10 work. */
+
+#ifdef HAVE_ECC25519
+#ifndef WOLF_CRYPT_ECC25519_FE_H
+#define WOLF_CRYPT_ECC25519_FE_H
+
+#include 
+#include 
+
+typedef int32_t fe[10];
+
+/*
+fe means field element.
+Here the field is \Z/(2^255-19).
+An element t, entries t[0]...t[9], represents the integer
+t[0]+2^26 t[1]+2^51 t[2]+2^77 t[3]+2^102 t[4]+...+2^230 t[9].
+Bounds on each t[i] vary depending on context.
+*/
+
+void fe_frombytes(fe,const unsigned char *);
+void fe_tobytes(unsigned char *,fe);
+
+void fe_copy(fe,fe);
+void fe_0(fe);
+void fe_1(fe);
+void fe_cswap(fe,fe,unsigned int);
+
+void fe_add(fe,fe,fe);
+void fe_sub(fe,fe,fe);
+void fe_mul(fe,fe,fe);
+void fe_sq(fe,fe);
+void fe_mul121666(fe,fe);
+void fe_invert(fe,fe);
+
+#endif
+
+#endif /*HAVE_ECC25519*/
+
diff --git a/3P/wolfssl/wolfssl/wolfcrypt/ecc25519_montgomery.h b/3P/wolfssl/wolfssl/wolfcrypt/ecc25519_montgomery.h
new file mode 100644
index 00000000..4d1e37ca
--- /dev/null
+++ b/3P/wolfssl/wolfssl/wolfcrypt/ecc25519_montgomery.h
@@ -0,0 +1,42 @@
+/* ecc25519_montgomery.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+ /* Based On Daniel J Bernstein's curve25519 Public Domain ref10 work. */
+
+fe_sub(tmp0,x3,z3);
+fe_sub(tmp1,x2,z2);
+fe_add(x2,x2,z2);
+fe_add(z2,x3,z3);
+fe_mul(z3,tmp0,x2);
+fe_mul(z2,z2,tmp1);
+fe_sq(tmp0,tmp1);
+fe_sq(tmp1,x2);
+fe_add(x3,z3,z2);
+fe_sub(z2,z3,z2);
+fe_mul(x2,tmp1,tmp0);
+fe_sub(tmp1,tmp1,tmp0);
+fe_sq(z2,z2);
+fe_mul121666(z3,tmp1);
+fe_sq(x3,x3);
+fe_add(tmp0,tmp0,z3);
+fe_mul(z3,x1,z2);
+fe_mul(z2,tmp1,tmp0);
+
diff --git a/3P/wolfssl/wolfssl/wolfcrypt/ecc25519_pow225521.h b/3P/wolfssl/wolfssl/wolfcrypt/ecc25519_pow225521.h
new file mode 100644
index 00000000..2c2ca5b6
--- /dev/null
+++ b/3P/wolfssl/wolfssl/wolfcrypt/ecc25519_pow225521.h
@@ -0,0 +1,46 @@
+/* ecc25519_pow225521.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+ /* Based On Daniel J Bernstein's curve25519 Public Domain ref10 work. */
+
+fe_sq(t0,z); for (i = 1;i < 1;++i) fe_sq(t0,t0);
+fe_sq(t1,t0); for (i = 1;i < 2;++i) fe_sq(t1,t1);
+fe_mul(t1,z,t1);
+fe_mul(t0,t0,t1);
+fe_sq(t2,t0); for (i = 1;i < 1;++i) fe_sq(t2,t2);
+fe_mul(t1,t1,t2);
+fe_sq(t2,t1); for (i = 1;i < 5;++i) fe_sq(t2,t2);
+fe_mul(t1,t2,t1);
+fe_sq(t2,t1); for (i = 1;i < 10;++i) fe_sq(t2,t2);
+fe_mul(t2,t2,t1);
+fe_sq(t3,t2); for (i = 1;i < 20;++i) fe_sq(t3,t3);
+fe_mul(t2,t3,t2);
+fe_sq(t2,t2); for (i = 1;i < 10;++i) fe_sq(t2,t2);
+fe_mul(t1,t2,t1);
+fe_sq(t2,t1); for (i = 1;i < 50;++i) fe_sq(t2,t2);
+fe_mul(t2,t2,t1);
+fe_sq(t3,t2); for (i = 1;i < 100;++i) fe_sq(t3,t3);
+fe_mul(t2,t3,t2);
+fe_sq(t2,t2); for (i = 1;i < 50;++i) fe_sq(t2,t2);
+fe_mul(t1,t2,t1);
+fe_sq(t1,t1); for (i = 1;i < 5;++i) fe_sq(t1,t1);
+fe_mul(out,t1,t0);
+
diff --git a/3P/wolfssl/wolfssl/wolfcrypt/error-crypt.h b/3P/wolfssl/wolfssl/wolfcrypt/error-crypt.h
new file mode 100644
index 00000000..ee18f853
--- /dev/null
+++ b/3P/wolfssl/wolfssl/wolfcrypt/error-crypt.h
@@ -0,0 +1,162 @@
+/* error-crypt.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#ifndef WOLF_CRYPT_ERROR_H
+#define WOLF_CRYPT_ERROR_H
+
+#include 
+
+#ifdef HAVE_FIPS
+	#include 
+	#define wc_ErrorString    CTaoCryptErrorString
+	#define wc_GetErrorString CTaoCryptGetErrorString
+#endif /* HAVE_FIPS */
+
+#ifdef __cplusplus
+    extern "C" {
+#endif
+
+
+/* error codes */
+enum {
+    MAX_CODE_E         = -100,  /* errors -101 - -299 */
+    OPEN_RAN_E         = -101,  /* opening random device error */
+    READ_RAN_E         = -102,  /* reading random device error */
+    WINCRYPT_E         = -103,  /* windows crypt init error */
+    CRYPTGEN_E         = -104,  /* windows crypt generation error */
+    RAN_BLOCK_E        = -105,  /* reading random device would block */
+    BAD_MUTEX_E        = -106,  /* Bad mutex operation */
+
+    MP_INIT_E          = -110,  /* mp_init error state */
+    MP_READ_E          = -111,  /* mp_read error state */
+    MP_EXPTMOD_E       = -112,  /* mp_exptmod error state */
+    MP_TO_E            = -113,  /* mp_to_xxx error state, can't convert */
+    MP_SUB_E           = -114,  /* mp_sub error state, can't subtract */
+    MP_ADD_E           = -115,  /* mp_add error state, can't add */
+    MP_MUL_E           = -116,  /* mp_mul error state, can't multiply */
+    MP_MULMOD_E        = -117,  /* mp_mulmod error state, can't multiply mod */
+    MP_MOD_E           = -118,  /* mp_mod error state, can't mod */
+    MP_INVMOD_E        = -119,  /* mp_invmod error state, can't inv mod */
+    MP_CMP_E           = -120,  /* mp_cmp error state */
+    MP_ZERO_E          = -121,  /* got a mp zero result, not expected */
+
+    MEMORY_E           = -125,  /* out of memory error */
+
+    RSA_WRONG_TYPE_E   = -130,  /* RSA wrong block type for RSA function */
+    RSA_BUFFER_E       = -131,  /* RSA buffer error, output too small or
+                                   input too large */
+    BUFFER_E           = -132,  /* output buffer too small or input too large */
+    ALGO_ID_E          = -133,  /* setting algo id error */
+    PUBLIC_KEY_E       = -134,  /* setting public key error */
+    DATE_E             = -135,  /* setting date validity error */
+    SUBJECT_E          = -136,  /* setting subject name error */
+    ISSUER_E           = -137,  /* setting issuer  name error */
+    CA_TRUE_E          = -138,  /* setting CA basic constraint true error */
+    EXTENSIONS_E       = -139,  /* setting extensions error */
+
+    ASN_PARSE_E        = -140,  /* ASN parsing error, invalid input */
+    ASN_VERSION_E      = -141,  /* ASN version error, invalid number */
+    ASN_GETINT_E       = -142,  /* ASN get big int error, invalid data */
+    ASN_RSA_KEY_E      = -143,  /* ASN key init error, invalid input */
+    ASN_OBJECT_ID_E    = -144,  /* ASN object id error, invalid id */
+    ASN_TAG_NULL_E     = -145,  /* ASN tag error, not null */
+    ASN_EXPECT_0_E     = -146,  /* ASN expect error, not zero */
+    ASN_BITSTR_E       = -147,  /* ASN bit string error, wrong id */
+    ASN_UNKNOWN_OID_E  = -148,  /* ASN oid error, unknown sum id */
+    ASN_DATE_SZ_E      = -149,  /* ASN date error, bad size */
+    ASN_BEFORE_DATE_E  = -150,  /* ASN date error, current date before */
+    ASN_AFTER_DATE_E   = -151,  /* ASN date error, current date after */
+    ASN_SIG_OID_E      = -152,  /* ASN signature error, mismatched oid */
+    ASN_TIME_E         = -153,  /* ASN time error, unknown time type */
+    ASN_INPUT_E        = -154,  /* ASN input error, not enough data */
+    ASN_SIG_CONFIRM_E  = -155,  /* ASN sig error, confirm failure */
+    ASN_SIG_HASH_E     = -156,  /* ASN sig error, unsupported hash type */
+    ASN_SIG_KEY_E      = -157,  /* ASN sig error, unsupported key type */
+    ASN_DH_KEY_E       = -158,  /* ASN key init error, invalid input */
+    ASN_NTRU_KEY_E     = -159,  /* ASN ntru key decode error, invalid input */
+    ASN_CRIT_EXT_E     = -160,  /* ASN unsupported critical extension */
+
+    ECC_BAD_ARG_E      = -170,  /* ECC input argument of wrong type */
+    ASN_ECC_KEY_E      = -171,  /* ASN ECC bad input */
+    ECC_CURVE_OID_E    = -172,  /* Unsupported ECC OID curve type */
+    BAD_FUNC_ARG       = -173,  /* Bad function argument provided */
+    NOT_COMPILED_IN    = -174,  /* Feature not compiled in */
+    UNICODE_SIZE_E     = -175,  /* Unicode password too big */
+    NO_PASSWORD        = -176,  /* no password provided by user */
+    ALT_NAME_E         = -177,  /* alt name size problem, too big */
+
+    AES_GCM_AUTH_E     = -180,  /* AES-GCM Authentication check failure */
+    AES_CCM_AUTH_E     = -181,  /* AES-CCM Authentication check failure */
+
+    CAVIUM_INIT_E      = -182,  /* Cavium Init type error */
+
+    COMPRESS_INIT_E    = -183,  /* Compress init error */
+    COMPRESS_E         = -184,  /* Compress error */
+    DECOMPRESS_INIT_E  = -185,  /* DeCompress init error */
+    DECOMPRESS_E       = -186,  /* DeCompress error */
+
+    BAD_ALIGN_E         = -187,  /* Bad alignment for operation, no alloc */
+    ASN_NO_SIGNER_E     = -188,  /* ASN no signer to confirm failure */
+    ASN_CRL_CONFIRM_E   = -189,  /* ASN CRL signature confirm failure */
+    ASN_CRL_NO_SIGNER_E = -190,  /* ASN CRL no signer to confirm failure */
+    ASN_OCSP_CONFIRM_E  = -191,  /* ASN OCSP signature confirm failure */
+
+    BAD_ENC_STATE_E     = -192,  /* Bad ecc enc state operation */
+    BAD_PADDING_E       = -193,  /* Bad padding, msg not correct length  */
+
+    REQ_ATTRIBUTE_E     = -194,  /* setting cert request attributes error */
+
+    PKCS7_OID_E         = -195,  /* PKCS#7, mismatched OID error */
+    PKCS7_RECIP_E       = -196,  /* PKCS#7, recipient error */
+    FIPS_NOT_ALLOWED_E  = -197,  /* FIPS not allowed error */
+    ASN_NAME_INVALID_E  = -198,  /* ASN name constraint error */
+
+    RNG_FAILURE_E       = -199,  /* RNG Failed, Reinitialize */
+    HMAC_MIN_KEYLEN_E   = -200,  /* FIPS Mode HMAC Minimum Key Length error */
+    RSA_PAD_E           = -201,  /* RSA Padding Error */
+    LENGTH_ONLY_E       = -202,  /* Returning output length only */
+
+    IN_CORE_FIPS_E      = -203,  /* In Core Integrity check failure */
+    AES_KAT_FIPS_E      = -204,  /* AES KAT failure */
+    DES3_KAT_FIPS_E     = -205,  /* DES3 KAT failure */
+    HMAC_KAT_FIPS_E     = -206,  /* HMAC KAT failure */
+    RSA_KAT_FIPS_E      = -207,  /* RSA KAT failure */
+    DRBG_KAT_FIPS_E     = -208,  /* HASH DRBG KAT failure */
+    DRBG_CONT_FIPS_E    = -209,  /* HASH DRBG Continious test failure */
+    AESGCM_KAT_FIPS_E   = -210,  /* AESGCM KAT failure */
+    THREAD_STORE_KEY_E  = -211,  /* Thread local storage key create failure */
+    THREAD_STORE_SET_E  = -212,  /* Thread local storage key set failure */
+
+    MIN_CODE_E          = -300   /* errors -101 - -299 */
+};
+
+
+WOLFSSL_API void wc_ErrorString(int err, char* buff);
+WOLFSSL_API const char* wc_GetErrorString(int error);
+
+
+#ifdef __cplusplus
+    } /* extern "C" */
+#endif
+#endif /* WOLF_CRYPT_ERROR_H */
+
+
diff --git a/3P/wolfssl/wolfssl/wolfcrypt/fips_test.h b/3P/wolfssl/wolfssl/wolfcrypt/fips_test.h
new file mode 100644
index 00000000..12e1ce0a
--- /dev/null
+++ b/3P/wolfssl/wolfssl/wolfcrypt/fips_test.h
@@ -0,0 +1,58 @@
+/* fips_test.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#ifndef CTAO_CRYPT_FIPS_TEST_H
+#define CTAO_CRYPT_FIPS_TEST_H
+
+#include 
+
+
+#ifdef __cplusplus
+    extern "C" {
+#endif
+
+/* Known Answer Test string inputs are hex, internal */
+CYASSL_LOCAL int DoKnownAnswerTests(char*, int);
+
+
+/* FIPS failure callback */
+typedef void(*wolfCrypt_fips_cb)(int ok, int err, const char* hash);
+
+/* Public set function */
+CYASSL_API int wolfCrypt_SetCb_fips(wolfCrypt_fips_cb cbf);
+
+/* Public get status functions */
+CYASSL_API int wolfCrypt_GetStatus_fips(void);
+CYASSL_API const char* wolfCrypt_GetCoreHash_fips(void);
+
+#ifdef HAVE_FORCE_FIPS_FAILURE
+    /* Public function to force failure mode for operational testing */
+    CYASSL_API int wolfCrypt_SetStatus_fips(int);
+#endif
+
+
+#ifdef __cplusplus
+    } /* extern "C" */
+#endif
+
+#endif /* CTAO_CRYPT_FIPS_TEST_H */
+
diff --git a/3P/wolfssl/wolfssl/wolfcrypt/hc128.h b/3P/wolfssl/wolfssl/wolfcrypt/hc128.h
new file mode 100644
index 00000000..14ff1c04
--- /dev/null
+++ b/3P/wolfssl/wolfssl/wolfcrypt/hc128.h
@@ -0,0 +1,60 @@
+/* hc128.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#ifndef NO_HC128
+
+#ifndef WOLF_CRYPT_HC128_H
+#define WOLF_CRYPT_HC128_H
+
+#include 
+
+#ifdef __cplusplus
+    extern "C" {
+#endif
+
+
+enum {
+	HC128_ENC_TYPE    =  6    /* cipher unique type */
+};
+
+/* HC-128 stream cipher */
+typedef struct HC128 {
+    word32 T[1024];             /* P[i] = T[i];  Q[i] = T[1024 + i ]; */
+    word32 X[16];
+    word32 Y[16];
+    word32 counter1024;         /* counter1024 = i mod 1024 at the ith step */
+    word32 key[8];
+    word32 iv[8];
+} HC128;
+
+
+WOLFSSL_API int wc_Hc128_Process(HC128*, byte*, const byte*, word32);
+WOLFSSL_API int wc_Hc128_SetKey(HC128*, const byte* key, const byte* iv);
+
+
+#ifdef __cplusplus
+    } /* extern "C" */
+#endif
+
+#endif /* WOLF_CRYPT_HC128_H */
+
+#endif /* HAVE_HC128 */
diff --git a/3P/wolfssl/wolfssl/wolfcrypt/hmac.h b/3P/wolfssl/wolfssl/wolfcrypt/hmac.h
new file mode 100644
index 00000000..2be5afce
--- /dev/null
+++ b/3P/wolfssl/wolfssl/wolfcrypt/hmac.h
@@ -0,0 +1,190 @@
+/* hmac.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#ifndef NO_HMAC
+
+#ifndef WOLF_CRYPT_HMAC_H
+#define WOLF_CRYPT_HMAC_H
+
+#include 
+
+#ifndef NO_MD5
+    #include 
+#endif
+
+#ifndef NO_SHA
+    #include 
+#endif
+
+#ifndef NO_SHA256
+    #include 
+#endif
+
+#ifdef WOLFSSL_SHA512
+    #include 
+#endif
+
+#ifdef HAVE_BLAKE2
+    #include 
+#endif
+
+#ifdef HAVE_FIPS
+/* for fips */
+    #include 
+#endif
+
+#ifdef HAVE_CAVIUM
+    #include 
+    #include "cavium_common.h"
+#endif
+
+
+#ifdef __cplusplus
+    extern "C" {
+#endif
+#ifndef HAVE_FIPS
+#define WOLFSSL_HMAC_CAVIUM_MAGIC 0xBEEF0005
+
+enum {
+    HMAC_FIPS_MIN_KEY = 14,   /* 112 bit key length minimum */
+
+    IPAD    = 0x36,
+    OPAD    = 0x5C,
+
+/* If any hash is not enabled, add the ID here. */
+#ifdef NO_MD5
+    MD5     = 0,
+#endif
+#ifdef NO_SHA
+    SHA     = 1,
+#endif
+#ifdef NO_SHA256
+    SHA256  = 2,
+#endif
+#ifndef WOLFSSL_SHA512
+    SHA512  = 4,
+#endif
+#ifndef WOLFSSL_SHA384
+    SHA384  = 5,
+#endif
+#ifndef HAVE_BLAKE2
+    BLAKE2B_ID = 7,
+#endif
+
+/* Select the largest available hash for the buffer size. */
+#if defined(WOLFSSL_SHA512)
+    MAX_DIGEST_SIZE = SHA512_DIGEST_SIZE,
+    HMAC_BLOCK_SIZE = SHA512_BLOCK_SIZE
+#elif defined(HAVE_BLAKE2)
+    MAX_DIGEST_SIZE = BLAKE2B_OUTBYTES,
+    HMAC_BLOCK_SIZE = BLAKE2B_BLOCKBYTES,
+#elif defined(WOLFSSL_SHA384)
+    MAX_DIGEST_SIZE = SHA384_DIGEST_SIZE,
+    HMAC_BLOCK_SIZE = SHA384_BLOCK_SIZE
+#elif !defined(NO_SHA256)
+    MAX_DIGEST_SIZE = SHA256_DIGEST_SIZE,
+    HMAC_BLOCK_SIZE = SHA256_BLOCK_SIZE
+#elif !defined(NO_SHA)
+    MAX_DIGEST_SIZE = SHA_DIGEST_SIZE,
+    HMAC_BLOCK_SIZE = SHA_BLOCK_SIZE
+#elif !defined(NO_MD5)
+    MAX_DIGEST_SIZE = MD5_DIGEST_SIZE,
+    HMAC_BLOCK_SIZE = MD5_BLOCK_SIZE
+#else
+    #error "You have to have some kind of hash if you want to use HMAC."
+#endif
+};
+
+
+/* hash union */
+typedef union {
+    #ifndef NO_MD5
+        Md5 md5;
+    #endif
+    #ifndef NO_SHA
+        Sha sha;
+    #endif
+    #ifndef NO_SHA256
+        Sha256 sha256;
+    #endif
+    #ifdef WOLFSSL_SHA384
+        Sha384 sha384;
+    #endif
+    #ifdef WOLFSSL_SHA512
+        Sha512 sha512;
+    #endif
+    #ifdef HAVE_BLAKE2
+        Blake2b blake2b;
+    #endif
+} Hash;
+
+/* Hmac digest */
+typedef struct Hmac {
+    Hash    hash;
+    word32  ipad[HMAC_BLOCK_SIZE  / sizeof(word32)];  /* same block size all*/
+    word32  opad[HMAC_BLOCK_SIZE  / sizeof(word32)];
+    word32  innerHash[MAX_DIGEST_SIZE / sizeof(word32)];
+    byte    macType;                                     /* md5 sha or sha256 */
+    byte    innerHashKeyed;                              /* keyed flag */
+#ifdef HAVE_CAVIUM
+    word16   keyLen;          /* hmac key length */
+    word16   dataLen;
+    HashType type;            /* hmac key type */
+    int      devId;           /* nitrox device id */
+    word32   magic;           /* using cavium magic */
+    word64   contextHandle;   /* nitrox context memory handle */
+    byte*    data;            /* buffered input data for one call */
+#endif
+} Hmac;
+
+#endif /* HAVE_FIPS */
+
+/* does init */
+WOLFSSL_API int wc_HmacSetKey(Hmac*, int type, const byte* key, word32 keySz);
+WOLFSSL_API int wc_HmacUpdate(Hmac*, const byte*, word32);
+WOLFSSL_API int wc_HmacFinal(Hmac*, byte*);
+
+#ifdef HAVE_CAVIUM
+    WOLFSSL_API int  wc_HmacInitCavium(Hmac*, int);
+    WOLFSSL_API void wc_HmacFreeCavium(Hmac*);
+#endif
+
+WOLFSSL_API int wolfSSL_GetHmacMaxSize(void);
+
+
+#ifdef HAVE_HKDF
+
+WOLFSSL_API int wc_HKDF(int type, const byte* inKey, word32 inKeySz,
+                    const byte* salt, word32 saltSz,
+                    const byte* info, word32 infoSz,
+                    byte* out, word32 outSz);
+
+#endif /* HAVE_HKDF */
+
+#ifdef __cplusplus
+    } /* extern "C" */
+#endif
+
+#endif /* WOLF_CRYPT_HMAC_H */
+
+#endif /* NO_HMAC */
+
diff --git a/3P/wolfssl/wolfssl/wolfcrypt/include.am b/3P/wolfssl/wolfssl/wolfcrypt/include.am
new file mode 100644
index 00000000..c05f0a46
--- /dev/null
+++ b/3P/wolfssl/wolfssl/wolfcrypt/include.am
@@ -0,0 +1,55 @@
+# vim:ft=automake
+# All paths should be given relative to the root
+
+nobase_include_HEADERS+= \
+                         wolfssl/wolfcrypt/aes.h \
+                         wolfssl/wolfcrypt/arc4.h \
+                         wolfssl/wolfcrypt/asn.h \
+                         wolfssl/wolfcrypt/asn_public.h \
+                         wolfssl/wolfcrypt/poly1305.h \
+                         wolfssl/wolfcrypt/camellia.h \
+                         wolfssl/wolfcrypt/coding.h \
+                         wolfssl/wolfcrypt/compress.h \
+                         wolfssl/wolfcrypt/des3.h \
+                         wolfssl/wolfcrypt/dh.h \
+                         wolfssl/wolfcrypt/dsa.h \
+                         wolfssl/wolfcrypt/ecc.h \
+                         wolfssl/wolfcrypt/ecc25519.h \
+                         wolfssl/wolfcrypt/ecc25519_fe.h \
+                         wolfssl/wolfcrypt/ecc25519_pow225521.h \
+                         wolfssl/wolfcrypt/ecc25519_montgomery.h \
+                         wolfssl/wolfcrypt/error-crypt.h \
+                         wolfssl/wolfcrypt/fips_test.h \
+                         wolfssl/wolfcrypt/hc128.h \
+                         wolfssl/wolfcrypt/hmac.h \
+                         wolfssl/wolfcrypt/integer.h \
+                         wolfssl/wolfcrypt/md2.h \
+                         wolfssl/wolfcrypt/md4.h \
+                         wolfssl/wolfcrypt/md5.h \
+                         wolfssl/wolfcrypt/misc.h \
+                         wolfssl/wolfcrypt/pkcs7.h \
+                         wolfssl/wolfcrypt/wc_port.h \
+                         wolfssl/wolfcrypt/pwdbased.h \
+                         wolfssl/wolfcrypt/rabbit.h \
+                         wolfssl/wolfcrypt/chacha.h \
+                         wolfssl/wolfcrypt/random.h \
+                         wolfssl/wolfcrypt/ripemd.h \
+                         wolfssl/wolfcrypt/rsa.h \
+                         wolfssl/wolfcrypt/settings.h \
+                         wolfssl/wolfcrypt/sha256.h \
+                         wolfssl/wolfcrypt/sha512.h \
+                         wolfssl/wolfcrypt/sha.h \
+                         wolfssl/wolfcrypt/blake2.h \
+                         wolfssl/wolfcrypt/blake2-int.h \
+                         wolfssl/wolfcrypt/blake2-impl.h \
+                         wolfssl/wolfcrypt/tfm.h \
+                         wolfssl/wolfcrypt/types.h \
+                         wolfssl/wolfcrypt/visibility.h \
+                         wolfssl/wolfcrypt/logging.h \
+                         wolfssl/wolfcrypt/memory.h \
+                         wolfssl/wolfcrypt/mpi_class.h \
+                         wolfssl/wolfcrypt/mpi_superclass.h
+
+noinst_HEADERS+= \
+                         wolfssl/wolfcrypt/port/pic32/pic32mz-crypt.h
+
diff --git a/3P/wolfssl/wolfssl/wolfcrypt/integer.h b/3P/wolfssl/wolfssl/wolfcrypt/integer.h
new file mode 100644
index 00000000..b623298e
--- /dev/null
+++ b/3P/wolfssl/wolfssl/wolfcrypt/integer.h
@@ -0,0 +1,324 @@
+/* integer.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+/*
+ * Based on public domain LibTomMath 0.38 by Tom St Denis, tomstdenis@iahu.ca,
+ * http://math.libtomcrypt.com
+ */
+
+
+#ifndef WOLF_CRYPT_INTEGER_H
+#define WOLF_CRYPT_INTEGER_H
+
+/* may optionally use fast math instead, not yet supported on all platforms and
+   may not be faster on all
+*/
+#include        /* will set MP_xxBIT if not default */
+#ifdef USE_FAST_MATH
+    #include 
+#else
+
+#ifndef CHAR_BIT
+    #include 
+#endif
+
+#include 
+
+#ifndef MIN
+   #define MIN(x,y) ((x)<(y)?(x):(y))
+#endif
+
+#ifndef MAX
+   #define MAX(x,y) ((x)>(y)?(x):(y))
+#endif
+
+#ifdef __cplusplus
+extern "C" {
+
+/* C++ compilers don't like assigning void * to mp_digit * */
+#define  OPT_CAST(x)  (x *)
+
+#else
+
+/* C on the other hand doesn't care */
+#define  OPT_CAST(x)
+
+#endif
+
+
+/* detect 64-bit mode if possible */
+#if defined(__x86_64__)
+   #if !(defined(MP_64BIT) && defined(MP_16BIT) && defined(MP_8BIT))
+      #define MP_64BIT
+   #endif
+#endif
+/* if intel compiler doesn't provide 128 bit type don't turn on 64bit */
+#if defined(MP_64BIT) && defined(__INTEL_COMPILER) && !defined(HAVE___UINT128_T)
+    #undef MP_64BIT
+#endif
+
+/* some default configurations.
+ *
+ * A "mp_digit" must be able to hold DIGIT_BIT + 1 bits
+ * A "mp_word" must be able to hold 2*DIGIT_BIT + 1 bits
+ *
+ * At the very least a mp_digit must be able to hold 7 bits
+ * [any size beyond that is ok provided it doesn't overflow the data type]
+ */
+#ifdef MP_8BIT
+   typedef unsigned char      mp_digit;
+   typedef unsigned short     mp_word;
+#elif defined(MP_16BIT) || defined(NO_64BIT)
+   typedef unsigned short     mp_digit;
+   typedef unsigned int       mp_word;
+#elif defined(MP_64BIT)
+   /* for GCC only on supported platforms */
+   typedef unsigned long long mp_digit;  /* 64 bit type, 128 uses mode(TI) */
+   typedef unsigned long      mp_word __attribute__ ((mode(TI)));
+
+   #define DIGIT_BIT          60
+#else
+   /* this is the default case, 28-bit digits */
+
+   #if defined(_MSC_VER) || defined(__BORLANDC__)
+      typedef unsigned __int64   ulong64;
+   #else
+      typedef unsigned long long ulong64;
+   #endif
+
+   typedef unsigned int       mp_digit;  /* long could be 64 now, changed TAO */
+   typedef ulong64            mp_word;
+
+#ifdef MP_31BIT
+   /* this is an extension that uses 31-bit digits */
+   #define DIGIT_BIT          31
+#else
+   /* default case is 28-bit digits, defines MP_28BIT as a handy test macro */
+   #define DIGIT_BIT          28
+   #define MP_28BIT
+#endif
+#endif
+
+
+/* otherwise the bits per digit is calculated automatically from the size of
+   a mp_digit */
+#ifndef DIGIT_BIT
+   #define DIGIT_BIT ((int)((CHAR_BIT * sizeof(mp_digit) - 1)))
+      /* bits per digit */
+#endif
+
+#define MP_DIGIT_BIT     DIGIT_BIT
+#define MP_MASK          ((((mp_digit)1)<<((mp_digit)DIGIT_BIT))-((mp_digit)1))
+#define MP_DIGIT_MAX     MP_MASK
+
+/* equalities */
+#define MP_LT        -1   /* less than */
+#define MP_EQ         0   /* equal to */
+#define MP_GT         1   /* greater than */
+
+#define MP_ZPOS       0   /* positive integer */
+#define MP_NEG        1   /* negative */
+
+#define MP_OKAY       0   /* ok result */
+#define MP_MEM        -2  /* out of mem */
+#define MP_VAL        -3  /* invalid input */
+#define MP_RANGE      MP_VAL
+
+#define MP_YES        1   /* yes response */
+#define MP_NO         0   /* no response */
+
+/* Primality generation flags */
+#define LTM_PRIME_BBS      0x0001 /* BBS style prime */
+#define LTM_PRIME_SAFE     0x0002 /* Safe prime (p-1)/2 == prime */
+#define LTM_PRIME_2MSB_ON  0x0008 /* force 2nd MSB to 1 */
+
+typedef int           mp_err;
+
+/* define this to use lower memory usage routines (exptmods mostly) */
+#define MP_LOW_MEM
+
+/* default precision */
+#ifndef MP_PREC
+   #ifndef MP_LOW_MEM
+      #define MP_PREC                 32     /* default digits of precision */
+   #else
+      #define MP_PREC                 1      /* default digits of precision */
+   #endif
+#endif
+
+/* size of comba arrays, should be at least 2 * 2**(BITS_PER_WORD -
+   BITS_PER_DIGIT*2) */
+#define MP_WARRAY  (1 << (sizeof(mp_word) * CHAR_BIT - 2 * DIGIT_BIT + 1))
+
+/* the infamous mp_int structure */
+typedef struct  {
+    int used, alloc, sign;
+    mp_digit *dp;
+} mp_int;
+
+/* callback for mp_prime_random, should fill dst with random bytes and return
+   how many read [upto len] */
+typedef int ltm_prime_callback(unsigned char *dst, int len, void *dat);
+
+
+#define USED(m)    ((m)->used)
+#define DIGIT(m,k) ((m)->dp[(k)])
+#define SIGN(m)    ((m)->sign)
+
+
+/* ---> Basic Manipulations <--- */
+#define mp_iszero(a) (((a)->used == 0) ? MP_YES : MP_NO)
+#define mp_iseven(a) \
+    (((a)->used > 0 && (((a)->dp[0] & 1) == 0)) ? MP_YES : MP_NO)
+#define mp_isodd(a) \
+    (((a)->used > 0 && (((a)->dp[0] & 1) == 1)) ? MP_YES : MP_NO)
+
+
+/* number of primes */
+#ifdef MP_8BIT
+   #define PRIME_SIZE      31
+#else
+   #define PRIME_SIZE      256
+#endif
+
+#define mp_prime_random(a, t, size, bbs, cb, dat) \
+   mp_prime_random_ex(a, t, ((size) * 8) + 1, (bbs==1)?LTM_PRIME_BBS:0, cb, dat)
+
+#define mp_read_raw(mp, str, len) mp_read_signed_bin((mp), (str), (len))
+#define mp_raw_size(mp)           mp_signed_bin_size(mp)
+#define mp_toraw(mp, str)         mp_to_signed_bin((mp), (str))
+#define mp_read_mag(mp, str, len) mp_read_unsigned_bin((mp), (str), (len))
+#define mp_mag_size(mp)           mp_unsigned_bin_size(mp)
+#define mp_tomag(mp, str)         mp_to_unsigned_bin((mp), (str))
+
+#define mp_tobinary(M, S)  mp_toradix((M), (S), 2)
+#define mp_tooctal(M, S)   mp_toradix((M), (S), 8)
+#define mp_todecimal(M, S) mp_toradix((M), (S), 10)
+#define mp_tohex(M, S)     mp_toradix((M), (S), 16)
+
+#define s_mp_mul(a, b, c) s_mp_mul_digs(a, b, c, (a)->used + (b)->used + 1)
+
+extern const char *mp_s_rmap;
+
+/* 6 functions needed by Rsa */
+int  mp_init (mp_int * a);
+void mp_clear (mp_int * a);
+int  mp_unsigned_bin_size(mp_int * a);
+int  mp_read_unsigned_bin (mp_int * a, const unsigned char *b, int c);
+int  mp_to_unsigned_bin (mp_int * a, unsigned char *b);
+int  mp_exptmod (mp_int * G, mp_int * X, mp_int * P, mp_int * Y);
+/* end functions needed by Rsa */
+
+/* functions added to support above needed, removed TOOM and KARATSUBA */
+int  mp_count_bits (mp_int * a);
+int  mp_leading_bit (mp_int * a);
+int  mp_init_copy (mp_int * a, mp_int * b);
+int  mp_copy (mp_int * a, mp_int * b);
+int  mp_grow (mp_int * a, int size);
+int  mp_div_2d (mp_int * a, int b, mp_int * c, mp_int * d);
+void mp_zero (mp_int * a);
+void mp_clamp (mp_int * a);
+void mp_exch (mp_int * a, mp_int * b);
+void mp_rshd (mp_int * a, int b);
+void mp_rshb (mp_int * a, int b);
+int  mp_mod_2d (mp_int * a, int b, mp_int * c);
+int  mp_mul_2d (mp_int * a, int b, mp_int * c);
+int  mp_lshd (mp_int * a, int b);
+int  mp_abs (mp_int * a, mp_int * b);
+int  mp_invmod (mp_int * a, mp_int * b, mp_int * c);
+int  fast_mp_invmod (mp_int * a, mp_int * b, mp_int * c);
+int  mp_invmod_slow (mp_int * a, mp_int * b, mp_int * c);
+int  mp_cmp_mag (mp_int * a, mp_int * b);
+int  mp_cmp (mp_int * a, mp_int * b);
+int  mp_cmp_d(mp_int * a, mp_digit b);
+void mp_set (mp_int * a, mp_digit b);
+int  mp_mod (mp_int * a, mp_int * b, mp_int * c);
+int  mp_div(mp_int * a, mp_int * b, mp_int * c, mp_int * d);
+int  mp_div_2(mp_int * a, mp_int * b);
+int  mp_add (mp_int * a, mp_int * b, mp_int * c);
+int  s_mp_add (mp_int * a, mp_int * b, mp_int * c);
+int  s_mp_sub (mp_int * a, mp_int * b, mp_int * c);
+int  mp_sub (mp_int * a, mp_int * b, mp_int * c);
+int  mp_reduce_is_2k_l(mp_int *a);
+int  mp_reduce_is_2k(mp_int *a);
+int  mp_dr_is_modulus(mp_int *a);
+int  mp_exptmod_fast (mp_int * G, mp_int * X, mp_int * P, mp_int * Y, int);
+int  mp_montgomery_setup (mp_int * n, mp_digit * rho);
+int  fast_mp_montgomery_reduce (mp_int * x, mp_int * n, mp_digit rho);
+int  mp_montgomery_reduce (mp_int * x, mp_int * n, mp_digit rho);
+void mp_dr_setup(mp_int *a, mp_digit *d);
+int  mp_dr_reduce (mp_int * x, mp_int * n, mp_digit k);
+int  mp_reduce_2k(mp_int *a, mp_int *n, mp_digit d);
+int  fast_s_mp_mul_high_digs (mp_int * a, mp_int * b, mp_int * c, int digs);
+int  s_mp_mul_high_digs (mp_int * a, mp_int * b, mp_int * c, int digs);
+int  mp_reduce_2k_setup_l(mp_int *a, mp_int *d);
+int  mp_reduce_2k_l(mp_int *a, mp_int *n, mp_int *d);
+int  mp_reduce (mp_int * x, mp_int * m, mp_int * mu);
+int  mp_reduce_setup (mp_int * a, mp_int * b);
+int  s_mp_exptmod (mp_int * G, mp_int * X, mp_int * P, mp_int * Y, int redmode);
+int  mp_montgomery_calc_normalization (mp_int * a, mp_int * b);
+int  s_mp_mul_digs (mp_int * a, mp_int * b, mp_int * c, int digs);
+int  s_mp_sqr (mp_int * a, mp_int * b);
+int  fast_s_mp_mul_digs (mp_int * a, mp_int * b, mp_int * c, int digs);
+int  fast_s_mp_sqr (mp_int * a, mp_int * b);
+int  mp_init_size (mp_int * a, int size);
+int  mp_div_3 (mp_int * a, mp_int *c, mp_digit * d);
+int  mp_mul_2(mp_int * a, mp_int * b);
+int  mp_mul (mp_int * a, mp_int * b, mp_int * c);
+int  mp_sqr (mp_int * a, mp_int * b);
+int  mp_mulmod (mp_int * a, mp_int * b, mp_int * c, mp_int * d);
+int  mp_mul_d (mp_int * a, mp_digit b, mp_int * c);
+int  mp_2expt (mp_int * a, int b);
+int  mp_reduce_2k_setup(mp_int *a, mp_digit *d);
+int  mp_add_d (mp_int* a, mp_digit b, mp_int* c);
+int mp_set_int (mp_int * a, unsigned long b);
+int mp_sub_d (mp_int * a, mp_digit b, mp_int * c);
+/* end support added functions */
+
+/* added */
+int mp_init_multi(mp_int* a, mp_int* b, mp_int* c, mp_int* d, mp_int* e,
+                  mp_int* f);
+
+#if defined(HAVE_ECC) || defined(WOLFSSL_KEY_GEN)
+    int mp_sqrmod(mp_int* a, mp_int* b, mp_int* c);
+#endif
+#ifdef HAVE_ECC
+    int mp_read_radix(mp_int* a, const char* str, int radix);
+#endif
+
+#ifdef WOLFSSL_KEY_GEN
+    int mp_prime_is_prime (mp_int * a, int t, int *result);
+    int mp_gcd (mp_int * a, mp_int * b, mp_int * c);
+    int mp_lcm (mp_int * a, mp_int * b, mp_int * c);
+#endif
+
+int mp_cnt_lsb(mp_int *a);
+int mp_mod_d(mp_int* a, mp_digit b, mp_digit* c);
+
+#ifdef __cplusplus
+   }
+#endif
+
+
+#endif /* USE_FAST_MATH */
+
+#endif  /* WOLF_CRYPT_INTEGER_H */
+
diff --git a/3P/wolfssl/wolfssl/wolfcrypt/logging.h b/3P/wolfssl/wolfssl/wolfcrypt/logging.h
new file mode 100644
index 00000000..0b124835
--- /dev/null
+++ b/3P/wolfssl/wolfssl/wolfcrypt/logging.h
@@ -0,0 +1,70 @@
+/* logging.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+/* submitted by eof */
+
+
+#ifndef WOLFSSL_LOGGING_H
+#define WOLFSSL_LOGGING_H
+
+#include 
+
+#ifdef __cplusplus
+    extern "C" {
+#endif
+
+
+enum  CYA_Log_Levels {
+    ERROR_LOG = 0,
+    INFO_LOG,
+    ENTER_LOG,
+    LEAVE_LOG,
+    OTHER_LOG
+};
+
+typedef void (*wolfSSL_Logging_cb)(const int logLevel,
+                                  const char *const logMessage);
+
+WOLFSSL_API int wolfSSL_SetLoggingCb(wolfSSL_Logging_cb log_function);
+
+#ifdef DEBUG_WOLFSSL
+
+    void WOLFSSL_ENTER(const char* msg);
+    void WOLFSSL_LEAVE(const char* msg, int ret);
+
+    void WOLFSSL_ERROR(int);
+    void WOLFSSL_MSG(const char* msg);
+
+#else /* DEBUG_WOLFSSL   */
+
+    #define WOLFSSL_ENTER(m)
+    #define WOLFSSL_LEAVE(m, r)
+
+    #define WOLFSSL_ERROR(e)
+    #define WOLFSSL_MSG(m)
+
+#endif /* DEBUG_WOLFSSL  */
+
+#ifdef __cplusplus
+}
+#endif
+#endif /* WOLFSSL_LOGGING_H */
+
diff --git a/3P/wolfssl/wolfssl/wolfcrypt/md2.h b/3P/wolfssl/wolfssl/wolfcrypt/md2.h
new file mode 100644
index 00000000..9b4a80b5
--- /dev/null
+++ b/3P/wolfssl/wolfssl/wolfcrypt/md2.h
@@ -0,0 +1,65 @@
+/* md2.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+#ifdef WOLFSSL_MD2
+
+#ifndef WOLF_CRYPT_MD2_H
+#define WOLF_CRYPT_MD2_H
+
+#include 
+
+#ifdef __cplusplus
+    extern "C" {
+#endif
+
+
+/* in bytes */
+enum {
+    MD2             =  6,    /* hash type unique */
+    MD2_BLOCK_SIZE  = 16,
+    MD2_DIGEST_SIZE = 16,
+    MD2_PAD_SIZE    = 16,
+    MD2_X_SIZE      = 48
+};
+
+
+/* Md2 digest */
+typedef struct Md2 {
+    word32  count;   /* bytes % PAD_SIZE  */
+    byte    X[MD2_X_SIZE];
+    byte    C[MD2_BLOCK_SIZE];
+    byte    buffer[MD2_BLOCK_SIZE];
+} Md2;
+
+
+WOLFSSL_API void wc_InitMd2(Md2*);
+WOLFSSL_API void wc_Md2Update(Md2*, const byte*, word32);
+WOLFSSL_API void wc_Md2Final(Md2*, byte*);
+WOLFSSL_API int  wc_Md2Hash(const byte*, word32, byte*);
+
+
+#ifdef __cplusplus
+    } /* extern "C" */
+#endif
+
+#endif /* WOLF_CRYPT_MD2_H */
+#endif /* WOLFSSL_MD2 */
+
diff --git a/3P/wolfssl/wolfssl/wolfcrypt/md4.h b/3P/wolfssl/wolfssl/wolfcrypt/md4.h
new file mode 100644
index 00000000..ba632ab3
--- /dev/null
+++ b/3P/wolfssl/wolfssl/wolfcrypt/md4.h
@@ -0,0 +1,65 @@
+/* md4.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#ifndef NO_MD4
+
+#ifndef WOLF_CRYPT_MD4_H
+#define WOLF_CRYPT_MD4_H
+
+#include 
+
+#ifdef __cplusplus
+    extern "C" {
+#endif
+
+
+/* in bytes */
+enum {
+    MD4_BLOCK_SIZE  = 64,
+    MD4_DIGEST_SIZE = 16,
+    MD4_PAD_SIZE    = 56
+};
+
+
+/* MD4 digest */
+typedef struct Md4 {
+    word32  buffLen;   /* in bytes          */
+    word32  loLen;     /* length in bytes   */
+    word32  hiLen;     /* length in bytes   */
+    word32  digest[MD4_DIGEST_SIZE / sizeof(word32)];
+    word32  buffer[MD4_BLOCK_SIZE  / sizeof(word32)];
+} Md4;
+
+
+WOLFSSL_API void wc_InitMd4(Md4*);
+WOLFSSL_API void wc_Md4Update(Md4*, const byte*, word32);
+WOLFSSL_API void wc_Md4Final(Md4*, byte*);
+
+
+#ifdef __cplusplus
+    } /* extern "C" */
+#endif
+
+#endif /* WOLF_CRYPT_MD4_H */
+
+#endif /* NO_MD4 */
+
diff --git a/3P/wolfssl/wolfssl/wolfcrypt/md5.h b/3P/wolfssl/wolfssl/wolfcrypt/md5.h
new file mode 100644
index 00000000..e3dd9eab
--- /dev/null
+++ b/3P/wolfssl/wolfssl/wolfcrypt/md5.h
@@ -0,0 +1,81 @@
+/* md5.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+#ifndef NO_MD5
+
+#ifndef WOLF_CRYPT_MD5_H
+#define WOLF_CRYPT_MD5_H
+
+#include 
+
+#ifdef HAVE_FIPS
+    #define wc_InitMd5   InitMd5
+    #define wc_Md5Update Md5Update
+    #define wc_Md5Final  Md5Final
+    #define wc_Md5Hash   Md5Hash
+#endif
+
+#ifdef __cplusplus
+    extern "C" {
+#endif
+
+
+/* in bytes */
+enum {
+#ifdef STM32F2_HASH
+    MD5_REG_SIZE    =  4,      /* STM32 register size, bytes */
+#endif
+    MD5             =  0,      /* hash type unique */
+    MD5_BLOCK_SIZE  = 64,
+    MD5_DIGEST_SIZE = 16,
+    MD5_PAD_SIZE    = 56
+};
+
+#if defined(WOLFSSL_PIC32MZ_HASH)
+#include "port/pic32/pic32mz-crypt.h"
+#endif
+
+/* MD5 digest */
+typedef struct Md5 {
+    word32  buffLen;   /* in bytes          */
+    word32  loLen;     /* length in bytes   */
+    word32  hiLen;     /* length in bytes   */
+    word32  buffer[MD5_BLOCK_SIZE  / sizeof(word32)];
+    #if !defined(WOLFSSL_PIC32MZ_HASH)
+    word32  digest[MD5_DIGEST_SIZE / sizeof(word32)];
+    #else
+    word32  digest[PIC32_HASH_SIZE / sizeof(word32)];
+    pic32mz_desc desc ; /* Crypt Engine descripter */
+    #endif
+} Md5;
+
+WOLFSSL_API void wc_InitMd5(Md5*);
+WOLFSSL_API void wc_Md5Update(Md5*, const byte*, word32);
+WOLFSSL_API void wc_Md5Final(Md5*, byte*);
+WOLFSSL_API int  wc_Md5Hash(const byte*, word32, byte*);
+
+
+#ifdef __cplusplus
+    } /* extern "C" */
+#endif
+
+#endif /* WOLF_CRYPT_MD5_H */
+#endif /* NO_MD5 */
diff --git a/3P/wolfssl/wolfssl/wolfcrypt/memory.h b/3P/wolfssl/wolfssl/wolfcrypt/memory.h
new file mode 100644
index 00000000..3968b352
--- /dev/null
+++ b/3P/wolfssl/wolfssl/wolfcrypt/memory.h
@@ -0,0 +1,56 @@
+/* memory.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+/* submitted by eof */
+
+
+#ifndef WOLFSSL_MEMORY_H
+#define WOLFSSL_MEMORY_H
+
+#include 
+#include 
+
+#ifdef __cplusplus
+    extern "C" {
+#endif
+
+typedef void *(*wolfSSL_Malloc_cb)(size_t size);
+typedef void (*wolfSSL_Free_cb)(void *ptr);
+typedef void *(*wolfSSL_Realloc_cb)(void *ptr, size_t size);
+
+
+/* Public set function */
+WOLFSSL_API int wolfSSL_SetAllocators(wolfSSL_Malloc_cb  malloc_function,
+                                    wolfSSL_Free_cb    free_function,
+                                    wolfSSL_Realloc_cb realloc_function);
+
+/* Public in case user app wants to use XMALLOC/XFREE */
+WOLFSSL_API void* wolfSSL_Malloc(size_t size);
+WOLFSSL_API void  wolfSSL_Free(void *ptr);
+WOLFSSL_API void* wolfSSL_Realloc(void *ptr, size_t size);
+
+
+#ifdef __cplusplus
+    }  /* extern "C" */
+#endif
+
+#endif /* WOLFSSL_MEMORY_H */
+
diff --git a/3P/wolfssl/wolfssl/wolfcrypt/misc.h b/3P/wolfssl/wolfssl/wolfcrypt/misc.h
new file mode 100644
index 00000000..bee7882a
--- /dev/null
+++ b/3P/wolfssl/wolfssl/wolfcrypt/misc.h
@@ -0,0 +1,75 @@
+/* misc.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#ifndef WOLF_CRYPT_MISC_H
+#define WOLF_CRYPT_MISC_H
+
+
+#include 
+
+
+#ifdef __cplusplus
+    extern "C" {
+#endif
+
+
+#ifdef NO_INLINE
+WOLFSSL_LOCAL
+word32 rotlFixed(word32, word32);
+WOLFSSL_LOCAL
+word32 rotrFixed(word32, word32);
+
+WOLFSSL_LOCAL
+word32 ByteReverseWord32(word32);
+WOLFSSL_LOCAL
+void   ByteReverseWords(word32*, const word32*, word32);
+
+WOLFSSL_LOCAL
+void XorWords(wolfssl_word*, const wolfssl_word*, word32);
+WOLFSSL_LOCAL
+void xorbuf(void*, const void*, word32);
+
+WOLFSSL_LOCAL
+void ForceZero(const void*, word32);
+
+#ifdef WORD64_AVAILABLE
+WOLFSSL_LOCAL
+word64 rotlFixed64(word64, word64);
+WOLFSSL_LOCAL
+word64 rotrFixed64(word64, word64);
+
+WOLFSSL_LOCAL
+word64 ByteReverseWord64(word64);
+WOLFSSL_LOCAL
+void   ByteReverseWords64(word64*, const word64*, word32);
+#endif /* WORD64_AVAILABLE */
+
+#endif /* NO_INLINE */
+
+
+#ifdef __cplusplus
+    }   /* extern "C" */
+#endif
+
+
+#endif /* WOLF_CRYPT_MISC_H */
+
diff --git a/3P/wolfssl/wolfssl/wolfcrypt/mpi_class.h b/3P/wolfssl/wolfssl/wolfcrypt/mpi_class.h
new file mode 100644
index 00000000..334a7a4d
--- /dev/null
+++ b/3P/wolfssl/wolfssl/wolfcrypt/mpi_class.h
@@ -0,0 +1,1018 @@
+/* mpi_class.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#if !(defined(LTM1) && defined(LTM2) && defined(LTM3))
+#if defined(LTM2)
+#define LTM3
+#endif
+#if defined(LTM1)
+#define LTM2
+#endif
+#define LTM1
+
+#if defined(LTM_ALL)
+#define BN_ERROR_C
+#define BN_FAST_MP_INVMOD_C
+#define BN_FAST_MP_MONTGOMERY_REDUCE_C
+#define BN_FAST_S_MP_MUL_DIGS_C
+#define BN_FAST_S_MP_MUL_HIGH_DIGS_C
+#define BN_FAST_S_MP_SQR_C
+#define BN_MP_2EXPT_C
+#define BN_MP_ABS_C
+#define BN_MP_ADD_C
+#define BN_MP_ADD_D_C
+#define BN_MP_ADDMOD_C
+#define BN_MP_AND_C
+#define BN_MP_CLAMP_C
+#define BN_MP_CLEAR_C
+#define BN_MP_CLEAR_MULTI_C
+#define BN_MP_CMP_C
+#define BN_MP_CMP_D_C
+#define BN_MP_CMP_MAG_C
+#define BN_MP_CNT_LSB_C
+#define BN_MP_COPY_C
+#define BN_MP_COUNT_BITS_C
+#define BN_MP_DIV_C
+#define BN_MP_DIV_2_C
+#define BN_MP_DIV_2D_C
+#define BN_MP_DIV_3_C
+#define BN_MP_DIV_D_C
+#define BN_MP_DR_IS_MODULUS_C
+#define BN_MP_DR_REDUCE_C
+#define BN_MP_DR_SETUP_C
+#define BN_MP_EXCH_C
+#define BN_MP_EXPT_D_C
+#define BN_MP_EXPTMOD_C
+#define BN_MP_EXPTMOD_FAST_C
+#define BN_MP_EXTEUCLID_C
+#define BN_MP_FREAD_C
+#define BN_MP_FWRITE_C
+#define BN_MP_GCD_C
+#define BN_MP_GET_INT_C
+#define BN_MP_GROW_C
+#define BN_MP_INIT_C
+#define BN_MP_INIT_COPY_C
+#define BN_MP_INIT_MULTI_C
+#define BN_MP_INIT_SET_C
+#define BN_MP_INIT_SET_INT_C
+#define BN_MP_INIT_SIZE_C
+#define BN_MP_INVMOD_C
+#define BN_MP_INVMOD_SLOW_C
+#define BN_MP_IS_SQUARE_C
+#define BN_MP_JACOBI_C
+#define BN_MP_KARATSUBA_MUL_C
+#define BN_MP_KARATSUBA_SQR_C
+#define BN_MP_LCM_C
+#define BN_MP_LSHD_C
+#define BN_MP_MOD_C
+#define BN_MP_MOD_2D_C
+#define BN_MP_MOD_D_C
+#define BN_MP_MONTGOMERY_CALC_NORMALIZATION_C
+#define BN_MP_MONTGOMERY_REDUCE_C
+#define BN_MP_MONTGOMERY_SETUP_C
+#define BN_MP_MUL_C
+#define BN_MP_MUL_2_C
+#define BN_MP_MUL_2D_C
+#define BN_MP_MUL_D_C
+#define BN_MP_MULMOD_C
+#define BN_MP_N_ROOT_C
+#define BN_MP_NEG_C
+#define BN_MP_OR_C
+#define BN_MP_PRIME_FERMAT_C
+#define BN_MP_PRIME_IS_DIVISIBLE_C
+#define BN_MP_PRIME_IS_PRIME_C
+#define BN_MP_PRIME_MILLER_RABIN_C
+#define BN_MP_PRIME_NEXT_PRIME_C
+#define BN_MP_PRIME_RABIN_MILLER_TRIALS_C
+#define BN_MP_PRIME_RANDOM_EX_C
+#define BN_MP_RADIX_SIZE_C
+#define BN_MP_RADIX_SMAP_C
+#define BN_MP_RAND_C
+#define BN_MP_READ_RADIX_C
+#define BN_MP_READ_SIGNED_BIN_C
+#define BN_MP_READ_UNSIGNED_BIN_C
+#define BN_MP_REDUCE_C
+#define BN_MP_REDUCE_2K_C
+#define BN_MP_REDUCE_2K_L_C
+#define BN_MP_REDUCE_2K_SETUP_C
+#define BN_MP_REDUCE_2K_SETUP_L_C
+#define BN_MP_REDUCE_IS_2K_C
+#define BN_MP_REDUCE_IS_2K_L_C
+#define BN_MP_REDUCE_SETUP_C
+#define BN_MP_RSHD_C
+#define BN_MP_SET_C
+#define BN_MP_SET_INT_C
+#define BN_MP_SHRINK_C
+#define BN_MP_SIGNED_BIN_SIZE_C
+#define BN_MP_SQR_C
+#define BN_MP_SQRMOD_C
+#define BN_MP_SQRT_C
+#define BN_MP_SUB_C
+#define BN_MP_SUB_D_C
+#define BN_MP_SUBMOD_C
+#define BN_MP_TO_SIGNED_BIN_C
+#define BN_MP_TO_SIGNED_BIN_N_C
+#define BN_MP_TO_UNSIGNED_BIN_C
+#define BN_MP_TO_UNSIGNED_BIN_N_C
+#define BN_MP_TOOM_MUL_C
+#define BN_MP_TOOM_SQR_C
+#define BN_MP_TORADIX_C
+#define BN_MP_TORADIX_N_C
+#define BN_MP_UNSIGNED_BIN_SIZE_C
+#define BN_MP_XOR_C
+#define BN_MP_ZERO_C
+#define BN_PRIME_TAB_C
+#define BN_REVERSE_C
+#define BN_S_MP_ADD_C
+#define BN_S_MP_EXPTMOD_C
+#define BN_S_MP_MUL_DIGS_C
+#define BN_S_MP_MUL_HIGH_DIGS_C
+#define BN_S_MP_SQR_C
+#define BN_S_MP_SUB_C
+#define BNCORE_C
+#endif
+
+#if defined(BN_ERROR_C)
+   #define BN_MP_ERROR_TO_STRING_C
+#endif
+
+#if defined(BN_FAST_MP_INVMOD_C)
+   #define BN_MP_ISEVEN_C
+   #define BN_MP_INIT_MULTI_C
+   #define BN_MP_COPY_C
+   #define BN_MP_MOD_C
+   #define BN_MP_SET_C
+   #define BN_MP_DIV_2_C
+   #define BN_MP_ISODD_C
+   #define BN_MP_SUB_C
+   #define BN_MP_CMP_C
+   #define BN_MP_ISZERO_C
+   #define BN_MP_CMP_D_C
+   #define BN_MP_ADD_C
+   #define BN_MP_EXCH_C
+   #define BN_MP_CLEAR_MULTI_C
+#endif
+
+#if defined(BN_FAST_MP_MONTGOMERY_REDUCE_C)
+   #define BN_MP_GROW_C
+   #define BN_MP_RSHD_C
+   #define BN_MP_CLAMP_C
+   #define BN_MP_CMP_MAG_C
+   #define BN_S_MP_SUB_C
+#endif
+
+#if defined(BN_FAST_S_MP_MUL_DIGS_C)
+   #define BN_MP_GROW_C
+   #define BN_MP_CLAMP_C
+#endif
+
+#if defined(BN_FAST_S_MP_MUL_HIGH_DIGS_C)
+   #define BN_MP_GROW_C
+   #define BN_MP_CLAMP_C
+#endif
+
+#if defined(BN_FAST_S_MP_SQR_C)
+   #define BN_MP_GROW_C
+   #define BN_MP_CLAMP_C
+#endif
+
+#if defined(BN_MP_2EXPT_C)
+   #define BN_MP_ZERO_C
+   #define BN_MP_GROW_C
+#endif
+
+#if defined(BN_MP_ABS_C)
+   #define BN_MP_COPY_C
+#endif
+
+#if defined(BN_MP_ADD_C)
+   #define BN_S_MP_ADD_C
+   #define BN_MP_CMP_MAG_C
+   #define BN_S_MP_SUB_C
+#endif
+
+#if defined(BN_MP_ADD_D_C)
+   #define BN_MP_GROW_C
+   #define BN_MP_SUB_D_C
+   #define BN_MP_CLAMP_C
+#endif
+
+#if defined(BN_MP_ADDMOD_C)
+   #define BN_MP_INIT_C
+   #define BN_MP_ADD_C
+   #define BN_MP_CLEAR_C
+   #define BN_MP_MOD_C
+#endif
+
+#if defined(BN_MP_AND_C)
+   #define BN_MP_INIT_COPY_C
+   #define BN_MP_CLAMP_C
+   #define BN_MP_EXCH_C
+   #define BN_MP_CLEAR_C
+#endif
+
+#if defined(BN_MP_CLAMP_C)
+#endif
+
+#if defined(BN_MP_CLEAR_C)
+#endif
+
+#if defined(BN_MP_CLEAR_MULTI_C)
+   #define BN_MP_CLEAR_C
+#endif
+
+#if defined(BN_MP_CMP_C)
+   #define BN_MP_CMP_MAG_C
+#endif
+
+#if defined(BN_MP_CMP_D_C)
+#endif
+
+#if defined(BN_MP_CMP_MAG_C)
+#endif
+
+#if defined(BN_MP_CNT_LSB_C)
+   #define BN_MP_ISZERO_C
+#endif
+
+#if defined(BN_MP_COPY_C)
+   #define BN_MP_GROW_C
+#endif
+
+#if defined(BN_MP_COUNT_BITS_C)
+#endif
+
+#if defined(BN_MP_DIV_C)
+   #define BN_MP_ISZERO_C
+   #define BN_MP_CMP_MAG_C
+   #define BN_MP_COPY_C
+   #define BN_MP_ZERO_C
+   #define BN_MP_INIT_MULTI_C
+   #define BN_MP_SET_C
+   #define BN_MP_COUNT_BITS_C
+   #define BN_MP_ABS_C
+   #define BN_MP_MUL_2D_C
+   #define BN_MP_CMP_C
+   #define BN_MP_SUB_C
+   #define BN_MP_ADD_C
+   #define BN_MP_DIV_2D_C
+   #define BN_MP_EXCH_C
+   #define BN_MP_CLEAR_MULTI_C
+   #define BN_MP_INIT_SIZE_C
+   #define BN_MP_INIT_C
+   #define BN_MP_INIT_COPY_C
+   #define BN_MP_LSHD_C
+   #define BN_MP_RSHD_C
+   #define BN_MP_MUL_D_C
+   #define BN_MP_CLAMP_C
+   #define BN_MP_CLEAR_C
+#endif
+
+#if defined(BN_MP_DIV_2_C)
+   #define BN_MP_GROW_C
+   #define BN_MP_CLAMP_C
+#endif
+
+#if defined(BN_MP_DIV_2D_C)
+   #define BN_MP_COPY_C
+   #define BN_MP_ZERO_C
+   #define BN_MP_INIT_C
+   #define BN_MP_MOD_2D_C
+   #define BN_MP_CLEAR_C
+   #define BN_MP_RSHD_C
+   #define BN_MP_CLAMP_C
+   #define BN_MP_EXCH_C
+#endif
+
+#if defined(BN_MP_DIV_3_C)
+   #define BN_MP_INIT_SIZE_C
+   #define BN_MP_CLAMP_C
+   #define BN_MP_EXCH_C
+   #define BN_MP_CLEAR_C
+#endif
+
+#if defined(BN_MP_DIV_D_C)
+   #define BN_MP_ISZERO_C
+   #define BN_MP_COPY_C
+   #define BN_MP_DIV_2D_C
+   #define BN_MP_DIV_3_C
+   #define BN_MP_INIT_SIZE_C
+   #define BN_MP_CLAMP_C
+   #define BN_MP_EXCH_C
+   #define BN_MP_CLEAR_C
+#endif
+
+#if defined(BN_MP_DR_IS_MODULUS_C)
+#endif
+
+#if defined(BN_MP_DR_REDUCE_C)
+   #define BN_MP_GROW_C
+   #define BN_MP_CLAMP_C
+   #define BN_MP_CMP_MAG_C
+   #define BN_S_MP_SUB_C
+#endif
+
+#if defined(BN_MP_DR_SETUP_C)
+#endif
+
+#if defined(BN_MP_EXCH_C)
+#endif
+
+#if defined(BN_MP_EXPT_D_C)
+   #define BN_MP_INIT_COPY_C
+   #define BN_MP_SET_C
+   #define BN_MP_SQR_C
+   #define BN_MP_CLEAR_C
+   #define BN_MP_MUL_C
+#endif
+
+#if defined(BN_MP_EXPTMOD_C)
+   #define BN_MP_INIT_C
+   #define BN_MP_INVMOD_C
+   #define BN_MP_CLEAR_C
+   #define BN_MP_ABS_C
+   #define BN_MP_CLEAR_MULTI_C
+   #define BN_MP_REDUCE_IS_2K_L_C
+   #define BN_S_MP_EXPTMOD_C
+   #define BN_MP_DR_IS_MODULUS_C
+   #define BN_MP_REDUCE_IS_2K_C
+   #define BN_MP_ISODD_C
+   #define BN_MP_EXPTMOD_FAST_C
+#endif
+
+#if defined(BN_MP_EXPTMOD_FAST_C)
+   #define BN_MP_COUNT_BITS_C
+   #define BN_MP_INIT_C
+   #define BN_MP_CLEAR_C
+   #define BN_MP_MONTGOMERY_SETUP_C
+   #define BN_FAST_MP_MONTGOMERY_REDUCE_C
+   #define BN_MP_MONTGOMERY_REDUCE_C
+   #define BN_MP_DR_SETUP_C
+   #define BN_MP_DR_REDUCE_C
+   #define BN_MP_REDUCE_2K_SETUP_C
+   #define BN_MP_REDUCE_2K_C
+   #define BN_MP_MONTGOMERY_CALC_NORMALIZATION_C
+   #define BN_MP_MULMOD_C
+   #define BN_MP_SET_C
+   #define BN_MP_MOD_C
+   #define BN_MP_COPY_C
+   #define BN_MP_SQR_C
+   #define BN_MP_MUL_C
+   #define BN_MP_EXCH_C
+#endif
+
+#if defined(BN_MP_EXTEUCLID_C)
+   #define BN_MP_INIT_MULTI_C
+   #define BN_MP_SET_C
+   #define BN_MP_COPY_C
+   #define BN_MP_ISZERO_C
+   #define BN_MP_DIV_C
+   #define BN_MP_MUL_C
+   #define BN_MP_SUB_C
+   #define BN_MP_NEG_C
+   #define BN_MP_EXCH_C
+   #define BN_MP_CLEAR_MULTI_C
+#endif
+
+#if defined(BN_MP_FREAD_C)
+   #define BN_MP_ZERO_C
+   #define BN_MP_S_RMAP_C
+   #define BN_MP_MUL_D_C
+   #define BN_MP_ADD_D_C
+   #define BN_MP_CMP_D_C
+#endif
+
+#if defined(BN_MP_FWRITE_C)
+   #define BN_MP_RADIX_SIZE_C
+   #define BN_MP_TORADIX_C
+#endif
+
+#if defined(BN_MP_GCD_C)
+   #define BN_MP_ISZERO_C
+   #define BN_MP_ABS_C
+   #define BN_MP_ZERO_C
+   #define BN_MP_INIT_COPY_C
+   #define BN_MP_CNT_LSB_C
+   #define BN_MP_DIV_2D_C
+   #define BN_MP_CMP_MAG_C
+   #define BN_MP_EXCH_C
+   #define BN_S_MP_SUB_C
+   #define BN_MP_MUL_2D_C
+   #define BN_MP_CLEAR_C
+#endif
+
+#if defined(BN_MP_GET_INT_C)
+#endif
+
+#if defined(BN_MP_GROW_C)
+#endif
+
+#if defined(BN_MP_INIT_C)
+#endif
+
+#if defined(BN_MP_INIT_COPY_C)
+   #define BN_MP_COPY_C
+#endif
+
+#if defined(BN_MP_INIT_MULTI_C)
+   #define BN_MP_ERR_C
+   #define BN_MP_INIT_C
+   #define BN_MP_CLEAR_C
+#endif
+
+#if defined(BN_MP_INIT_SET_C)
+   #define BN_MP_INIT_C
+   #define BN_MP_SET_C
+#endif
+
+#if defined(BN_MP_INIT_SET_INT_C)
+   #define BN_MP_INIT_C
+   #define BN_MP_SET_INT_C
+#endif
+
+#if defined(BN_MP_INIT_SIZE_C)
+   #define BN_MP_INIT_C
+#endif
+
+#if defined(BN_MP_INVMOD_C)
+   #define BN_MP_ISZERO_C
+   #define BN_MP_ISODD_C
+   #define BN_FAST_MP_INVMOD_C
+   #define BN_MP_INVMOD_SLOW_C
+#endif
+
+#if defined(BN_MP_INVMOD_SLOW_C)
+   #define BN_MP_ISZERO_C
+   #define BN_MP_INIT_MULTI_C
+   #define BN_MP_MOD_C
+   #define BN_MP_COPY_C
+   #define BN_MP_ISEVEN_C
+   #define BN_MP_SET_C
+   #define BN_MP_DIV_2_C
+   #define BN_MP_ISODD_C
+   #define BN_MP_ADD_C
+   #define BN_MP_SUB_C
+   #define BN_MP_CMP_C
+   #define BN_MP_CMP_D_C
+   #define BN_MP_CMP_MAG_C
+   #define BN_MP_EXCH_C
+   #define BN_MP_CLEAR_MULTI_C
+#endif
+
+#if defined(BN_MP_IS_SQUARE_C)
+   #define BN_MP_MOD_D_C
+   #define BN_MP_INIT_SET_INT_C
+   #define BN_MP_MOD_C
+   #define BN_MP_GET_INT_C
+   #define BN_MP_SQRT_C
+   #define BN_MP_SQR_C
+   #define BN_MP_CMP_MAG_C
+   #define BN_MP_CLEAR_C
+#endif
+
+#if defined(BN_MP_JACOBI_C)
+   #define BN_MP_CMP_D_C
+   #define BN_MP_ISZERO_C
+   #define BN_MP_INIT_COPY_C
+   #define BN_MP_CNT_LSB_C
+   #define BN_MP_DIV_2D_C
+   #define BN_MP_MOD_C
+   #define BN_MP_CLEAR_C
+#endif
+
+#if defined(BN_MP_KARATSUBA_MUL_C)
+   #define BN_MP_MUL_C
+   #define BN_MP_INIT_SIZE_C
+   #define BN_MP_CLAMP_C
+   #define BN_MP_SUB_C
+   #define BN_MP_ADD_C
+   #define BN_MP_LSHD_C
+   #define BN_MP_CLEAR_C
+#endif
+
+#if defined(BN_MP_KARATSUBA_SQR_C)
+   #define BN_MP_INIT_SIZE_C
+   #define BN_MP_CLAMP_C
+   #define BN_MP_SQR_C
+   #define BN_MP_SUB_C
+   #define BN_S_MP_ADD_C
+   #define BN_MP_LSHD_C
+   #define BN_MP_ADD_C
+   #define BN_MP_CLEAR_C
+#endif
+
+#if defined(BN_MP_LCM_C)
+   #define BN_MP_INIT_MULTI_C
+   #define BN_MP_GCD_C
+   #define BN_MP_CMP_MAG_C
+   #define BN_MP_DIV_C
+   #define BN_MP_MUL_C
+   #define BN_MP_CLEAR_MULTI_C
+#endif
+
+#if defined(BN_MP_LSHD_C)
+   #define BN_MP_GROW_C
+   #define BN_MP_RSHD_C
+#endif
+
+#if defined(BN_MP_MOD_C)
+   #define BN_MP_INIT_C
+   #define BN_MP_DIV_C
+   #define BN_MP_CLEAR_C
+   #define BN_MP_ADD_C
+   #define BN_MP_EXCH_C
+#endif
+
+#if defined(BN_MP_MOD_2D_C)
+   #define BN_MP_ZERO_C
+   #define BN_MP_COPY_C
+   #define BN_MP_CLAMP_C
+#endif
+
+#if defined(BN_MP_MOD_D_C)
+   #define BN_MP_DIV_D_C
+#endif
+
+#if defined(BN_MP_MONTGOMERY_CALC_NORMALIZATION_C)
+   #define BN_MP_COUNT_BITS_C
+   #define BN_MP_2EXPT_C
+   #define BN_MP_SET_C
+   #define BN_MP_MUL_2_C
+   #define BN_MP_CMP_MAG_C
+   #define BN_S_MP_SUB_C
+#endif
+
+#if defined(BN_MP_MONTGOMERY_REDUCE_C)
+   #define BN_FAST_MP_MONTGOMERY_REDUCE_C
+   #define BN_MP_GROW_C
+   #define BN_MP_CLAMP_C
+   #define BN_MP_RSHD_C
+   #define BN_MP_CMP_MAG_C
+   #define BN_S_MP_SUB_C
+#endif
+
+#if defined(BN_MP_MONTGOMERY_SETUP_C)
+#endif
+
+#if defined(BN_MP_MUL_C)
+   #define BN_MP_TOOM_MUL_C
+   #define BN_MP_KARATSUBA_MUL_C
+   #define BN_FAST_S_MP_MUL_DIGS_C
+   #define BN_S_MP_MUL_C
+   #define BN_S_MP_MUL_DIGS_C
+#endif
+
+#if defined(BN_MP_MUL_2_C)
+   #define BN_MP_GROW_C
+#endif
+
+#if defined(BN_MP_MUL_2D_C)
+   #define BN_MP_COPY_C
+   #define BN_MP_GROW_C
+   #define BN_MP_LSHD_C
+   #define BN_MP_CLAMP_C
+#endif
+
+#if defined(BN_MP_MUL_D_C)
+   #define BN_MP_GROW_C
+   #define BN_MP_CLAMP_C
+#endif
+
+#if defined(BN_MP_MULMOD_C)
+   #define BN_MP_INIT_C
+   #define BN_MP_MUL_C
+   #define BN_MP_CLEAR_C
+   #define BN_MP_MOD_C
+#endif
+
+#if defined(BN_MP_N_ROOT_C)
+   #define BN_MP_INIT_C
+   #define BN_MP_SET_C
+   #define BN_MP_COPY_C
+   #define BN_MP_EXPT_D_C
+   #define BN_MP_MUL_C
+   #define BN_MP_SUB_C
+   #define BN_MP_MUL_D_C
+   #define BN_MP_DIV_C
+   #define BN_MP_CMP_C
+   #define BN_MP_SUB_D_C
+   #define BN_MP_EXCH_C
+   #define BN_MP_CLEAR_C
+#endif
+
+#if defined(BN_MP_NEG_C)
+   #define BN_MP_COPY_C
+   #define BN_MP_ISZERO_C
+#endif
+
+#if defined(BN_MP_OR_C)
+   #define BN_MP_INIT_COPY_C
+   #define BN_MP_CLAMP_C
+   #define BN_MP_EXCH_C
+   #define BN_MP_CLEAR_C
+#endif
+
+#if defined(BN_MP_PRIME_FERMAT_C)
+   #define BN_MP_CMP_D_C
+   #define BN_MP_INIT_C
+   #define BN_MP_EXPTMOD_C
+   #define BN_MP_CMP_C
+   #define BN_MP_CLEAR_C
+#endif
+
+#if defined(BN_MP_PRIME_IS_DIVISIBLE_C)
+   #define BN_MP_MOD_D_C
+#endif
+
+#if defined(BN_MP_PRIME_IS_PRIME_C)
+   #define BN_MP_CMP_D_C
+   #define BN_MP_PRIME_IS_DIVISIBLE_C
+   #define BN_MP_INIT_C
+   #define BN_MP_SET_C
+   #define BN_MP_PRIME_MILLER_RABIN_C
+   #define BN_MP_CLEAR_C
+#endif
+
+#if defined(BN_MP_PRIME_MILLER_RABIN_C)
+   #define BN_MP_CMP_D_C
+   #define BN_MP_INIT_COPY_C
+   #define BN_MP_SUB_D_C
+   #define BN_MP_CNT_LSB_C
+   #define BN_MP_DIV_2D_C
+   #define BN_MP_EXPTMOD_C
+   #define BN_MP_CMP_C
+   #define BN_MP_SQRMOD_C
+   #define BN_MP_CLEAR_C
+#endif
+
+#if defined(BN_MP_PRIME_NEXT_PRIME_C)
+   #define BN_MP_CMP_D_C
+   #define BN_MP_SET_C
+   #define BN_MP_SUB_D_C
+   #define BN_MP_ISEVEN_C
+   #define BN_MP_MOD_D_C
+   #define BN_MP_INIT_C
+   #define BN_MP_ADD_D_C
+   #define BN_MP_PRIME_MILLER_RABIN_C
+   #define BN_MP_CLEAR_C
+#endif
+
+#if defined(BN_MP_PRIME_RABIN_MILLER_TRIALS_C)
+#endif
+
+#if defined(BN_MP_PRIME_RANDOM_EX_C)
+   #define BN_MP_READ_UNSIGNED_BIN_C
+   #define BN_MP_PRIME_IS_PRIME_C
+   #define BN_MP_SUB_D_C
+   #define BN_MP_DIV_2_C
+   #define BN_MP_MUL_2_C
+   #define BN_MP_ADD_D_C
+#endif
+
+#if defined(BN_MP_RADIX_SIZE_C)
+   #define BN_MP_COUNT_BITS_C
+   #define BN_MP_INIT_COPY_C
+   #define BN_MP_ISZERO_C
+   #define BN_MP_DIV_D_C
+   #define BN_MP_CLEAR_C
+#endif
+
+#if defined(BN_MP_RADIX_SMAP_C)
+   #define BN_MP_S_RMAP_C
+#endif
+
+#if defined(BN_MP_RAND_C)
+   #define BN_MP_ZERO_C
+   #define BN_MP_ADD_D_C
+   #define BN_MP_LSHD_C
+#endif
+
+#if defined(BN_MP_READ_RADIX_C)
+   #define BN_MP_ZERO_C
+   #define BN_MP_S_RMAP_C
+   #define BN_MP_RADIX_SMAP_C
+   #define BN_MP_MUL_D_C
+   #define BN_MP_ADD_D_C
+   #define BN_MP_ISZERO_C
+#endif
+
+#if defined(BN_MP_READ_SIGNED_BIN_C)
+   #define BN_MP_READ_UNSIGNED_BIN_C
+#endif
+
+#if defined(BN_MP_READ_UNSIGNED_BIN_C)
+   #define BN_MP_GROW_C
+   #define BN_MP_ZERO_C
+   #define BN_MP_MUL_2D_C
+   #define BN_MP_CLAMP_C
+#endif
+
+#if defined(BN_MP_REDUCE_C)
+   #define BN_MP_REDUCE_SETUP_C
+   #define BN_MP_INIT_COPY_C
+   #define BN_MP_RSHD_C
+   #define BN_MP_MUL_C
+   #define BN_S_MP_MUL_HIGH_DIGS_C
+   #define BN_FAST_S_MP_MUL_HIGH_DIGS_C
+   #define BN_MP_MOD_2D_C
+   #define BN_S_MP_MUL_DIGS_C
+   #define BN_MP_SUB_C
+   #define BN_MP_CMP_D_C
+   #define BN_MP_SET_C
+   #define BN_MP_LSHD_C
+   #define BN_MP_ADD_C
+   #define BN_MP_CMP_C
+   #define BN_S_MP_SUB_C
+   #define BN_MP_CLEAR_C
+#endif
+
+#if defined(BN_MP_REDUCE_2K_C)
+   #define BN_MP_INIT_C
+   #define BN_MP_COUNT_BITS_C
+   #define BN_MP_DIV_2D_C
+   #define BN_MP_MUL_D_C
+   #define BN_S_MP_ADD_C
+   #define BN_MP_CMP_MAG_C
+   #define BN_S_MP_SUB_C
+   #define BN_MP_CLEAR_C
+#endif
+
+#if defined(BN_MP_REDUCE_2K_L_C)
+   #define BN_MP_INIT_C
+   #define BN_MP_COUNT_BITS_C
+   #define BN_MP_DIV_2D_C
+   #define BN_MP_MUL_C
+   #define BN_S_MP_ADD_C
+   #define BN_MP_CMP_MAG_C
+   #define BN_S_MP_SUB_C
+   #define BN_MP_CLEAR_C
+#endif
+
+#if defined(BN_MP_REDUCE_2K_SETUP_C)
+   #define BN_MP_INIT_C
+   #define BN_MP_COUNT_BITS_C
+   #define BN_MP_2EXPT_C
+   #define BN_MP_CLEAR_C
+   #define BN_S_MP_SUB_C
+#endif
+
+#if defined(BN_MP_REDUCE_2K_SETUP_L_C)
+   #define BN_MP_INIT_C
+   #define BN_MP_2EXPT_C
+   #define BN_MP_COUNT_BITS_C
+   #define BN_S_MP_SUB_C
+   #define BN_MP_CLEAR_C
+#endif
+
+#if defined(BN_MP_REDUCE_IS_2K_C)
+   #define BN_MP_REDUCE_2K_C
+   #define BN_MP_COUNT_BITS_C
+#endif
+
+#if defined(BN_MP_REDUCE_IS_2K_L_C)
+#endif
+
+#if defined(BN_MP_REDUCE_SETUP_C)
+   #define BN_MP_2EXPT_C
+   #define BN_MP_DIV_C
+#endif
+
+#if defined(BN_MP_RSHD_C)
+   #define BN_MP_ZERO_C
+#endif
+
+#if defined(BN_MP_SET_C)
+   #define BN_MP_ZERO_C
+#endif
+
+#if defined(BN_MP_SET_INT_C)
+   #define BN_MP_ZERO_C
+   #define BN_MP_MUL_2D_C
+   #define BN_MP_CLAMP_C
+#endif
+
+#if defined(BN_MP_SHRINK_C)
+#endif
+
+#if defined(BN_MP_SIGNED_BIN_SIZE_C)
+   #define BN_MP_UNSIGNED_BIN_SIZE_C
+#endif
+
+#if defined(BN_MP_SQR_C)
+   #define BN_MP_TOOM_SQR_C
+   #define BN_MP_KARATSUBA_SQR_C
+   #define BN_FAST_S_MP_SQR_C
+   #define BN_S_MP_SQR_C
+#endif
+
+#if defined(BN_MP_SQRMOD_C)
+   #define BN_MP_INIT_C
+   #define BN_MP_SQR_C
+   #define BN_MP_CLEAR_C
+   #define BN_MP_MOD_C
+#endif
+
+#if defined(BN_MP_SQRT_C)
+   #define BN_MP_N_ROOT_C
+   #define BN_MP_ISZERO_C
+   #define BN_MP_ZERO_C
+   #define BN_MP_INIT_COPY_C
+   #define BN_MP_RSHD_C
+   #define BN_MP_DIV_C
+   #define BN_MP_ADD_C
+   #define BN_MP_DIV_2_C
+   #define BN_MP_CMP_MAG_C
+   #define BN_MP_EXCH_C
+   #define BN_MP_CLEAR_C
+#endif
+
+#if defined(BN_MP_SUB_C)
+   #define BN_S_MP_ADD_C
+   #define BN_MP_CMP_MAG_C
+   #define BN_S_MP_SUB_C
+#endif
+
+#if defined(BN_MP_SUB_D_C)
+   #define BN_MP_GROW_C
+   #define BN_MP_ADD_D_C
+   #define BN_MP_CLAMP_C
+#endif
+
+#if defined(BN_MP_SUBMOD_C)
+   #define BN_MP_INIT_C
+   #define BN_MP_SUB_C
+   #define BN_MP_CLEAR_C
+   #define BN_MP_MOD_C
+#endif
+
+#if defined(BN_MP_TO_SIGNED_BIN_C)
+   #define BN_MP_TO_UNSIGNED_BIN_C
+#endif
+
+#if defined(BN_MP_TO_SIGNED_BIN_N_C)
+   #define BN_MP_SIGNED_BIN_SIZE_C
+   #define BN_MP_TO_SIGNED_BIN_C
+#endif
+
+#if defined(BN_MP_TO_UNSIGNED_BIN_C)
+   #define BN_MP_INIT_COPY_C
+   #define BN_MP_ISZERO_C
+   #define BN_MP_DIV_2D_C
+   #define BN_MP_CLEAR_C
+#endif
+
+#if defined(BN_MP_TO_UNSIGNED_BIN_N_C)
+   #define BN_MP_UNSIGNED_BIN_SIZE_C
+   #define BN_MP_TO_UNSIGNED_BIN_C
+#endif
+
+#if defined(BN_MP_TOOM_MUL_C)
+   #define BN_MP_INIT_MULTI_C
+   #define BN_MP_MOD_2D_C
+   #define BN_MP_COPY_C
+   #define BN_MP_RSHD_C
+   #define BN_MP_MUL_C
+   #define BN_MP_MUL_2_C
+   #define BN_MP_ADD_C
+   #define BN_MP_SUB_C
+   #define BN_MP_DIV_2_C
+   #define BN_MP_MUL_2D_C
+   #define BN_MP_MUL_D_C
+   #define BN_MP_DIV_3_C
+   #define BN_MP_LSHD_C
+   #define BN_MP_CLEAR_MULTI_C
+#endif
+
+#if defined(BN_MP_TOOM_SQR_C)
+   #define BN_MP_INIT_MULTI_C
+   #define BN_MP_MOD_2D_C
+   #define BN_MP_COPY_C
+   #define BN_MP_RSHD_C
+   #define BN_MP_SQR_C
+   #define BN_MP_MUL_2_C
+   #define BN_MP_ADD_C
+   #define BN_MP_SUB_C
+   #define BN_MP_DIV_2_C
+   #define BN_MP_MUL_2D_C
+   #define BN_MP_MUL_D_C
+   #define BN_MP_DIV_3_C
+   #define BN_MP_LSHD_C
+   #define BN_MP_CLEAR_MULTI_C
+#endif
+
+#if defined(BN_MP_TORADIX_C)
+   #define BN_MP_ISZERO_C
+   #define BN_MP_INIT_COPY_C
+   #define BN_MP_DIV_D_C
+   #define BN_MP_CLEAR_C
+   #define BN_MP_S_RMAP_C
+#endif
+
+#if defined(BN_MP_TORADIX_N_C)
+   #define BN_MP_ISZERO_C
+   #define BN_MP_INIT_COPY_C
+   #define BN_MP_DIV_D_C
+   #define BN_MP_CLEAR_C
+   #define BN_MP_S_RMAP_C
+#endif
+
+#if defined(BN_MP_UNSIGNED_BIN_SIZE_C)
+   #define BN_MP_COUNT_BITS_C
+#endif
+
+#if defined(BN_MP_XOR_C)
+   #define BN_MP_INIT_COPY_C
+   #define BN_MP_CLAMP_C
+   #define BN_MP_EXCH_C
+   #define BN_MP_CLEAR_C
+#endif
+
+#if defined(BN_MP_ZERO_C)
+#endif
+
+#if defined(BN_PRIME_TAB_C)
+#endif
+
+#if defined(BN_REVERSE_C)
+#endif
+
+#if defined(BN_S_MP_ADD_C)
+   #define BN_MP_GROW_C
+   #define BN_MP_CLAMP_C
+#endif
+
+#if defined(BN_S_MP_EXPTMOD_C)
+   #define BN_MP_COUNT_BITS_C
+   #define BN_MP_INIT_C
+   #define BN_MP_CLEAR_C
+   #define BN_MP_REDUCE_SETUP_C
+   #define BN_MP_REDUCE_C
+   #define BN_MP_REDUCE_2K_SETUP_L_C
+   #define BN_MP_REDUCE_2K_L_C
+   #define BN_MP_MOD_C
+   #define BN_MP_COPY_C
+   #define BN_MP_SQR_C
+   #define BN_MP_MUL_C
+   #define BN_MP_SET_C
+   #define BN_MP_EXCH_C
+#endif
+
+#if defined(BN_S_MP_MUL_DIGS_C)
+   #define BN_FAST_S_MP_MUL_DIGS_C
+   #define BN_MP_INIT_SIZE_C
+   #define BN_MP_CLAMP_C
+   #define BN_MP_EXCH_C
+   #define BN_MP_CLEAR_C
+#endif
+
+#if defined(BN_S_MP_MUL_HIGH_DIGS_C)
+   #define BN_FAST_S_MP_MUL_HIGH_DIGS_C
+   #define BN_MP_INIT_SIZE_C
+   #define BN_MP_CLAMP_C
+   #define BN_MP_EXCH_C
+   #define BN_MP_CLEAR_C
+#endif
+
+#if defined(BN_S_MP_SQR_C)
+   #define BN_MP_INIT_SIZE_C
+   #define BN_MP_CLAMP_C
+   #define BN_MP_EXCH_C
+   #define BN_MP_CLEAR_C
+#endif
+
+#if defined(BN_S_MP_SUB_C)
+   #define BN_MP_GROW_C
+   #define BN_MP_CLAMP_C
+#endif
+
+#if defined(BNCORE_C)
+#endif
+
+#ifdef LTM3
+#define LTM_LAST
+#endif
+#include "mpi_superclass.h"
+#include "mpi_class.h"
+#else
+#define LTM_LAST
+#endif
+
diff --git a/3P/wolfssl/wolfssl/wolfcrypt/mpi_superclass.h b/3P/wolfssl/wolfssl/wolfcrypt/mpi_superclass.h
new file mode 100644
index 00000000..f4c95ab0
--- /dev/null
+++ b/3P/wolfssl/wolfssl/wolfcrypt/mpi_superclass.h
@@ -0,0 +1,95 @@
+/* mpi_superclass.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+/* super class file for PK algos */
+
+/* default ... include all MPI */
+#define LTM_ALL
+
+/* RSA only (does not support DH/DSA/ECC) */
+/* #define SC_RSA_1 */
+
+/* For reference.... On an Athlon64 optimizing for speed...
+
+   LTM's mpi.o with all functions [striped] is 142KiB in size.
+
+*/
+
+/* Works for RSA only, mpi.o is 68KiB */
+#ifdef SC_RSA_1
+   #define BN_MP_SHRINK_C
+   #define BN_MP_LCM_C
+   #define BN_MP_PRIME_RANDOM_EX_C
+   #define BN_MP_INVMOD_C
+   #define BN_MP_GCD_C
+   #define BN_MP_MOD_C
+   #define BN_MP_MULMOD_C
+   #define BN_MP_ADDMOD_C
+   #define BN_MP_EXPTMOD_C
+   #define BN_MP_SET_INT_C
+   #define BN_MP_INIT_MULTI_C
+   #define BN_MP_CLEAR_MULTI_C
+   #define BN_MP_UNSIGNED_BIN_SIZE_C
+   #define BN_MP_TO_UNSIGNED_BIN_C
+   #define BN_MP_MOD_D_C
+   #define BN_MP_PRIME_RABIN_MILLER_TRIALS_C
+   #define BN_REVERSE_C
+   #define BN_PRIME_TAB_C
+
+   /* other modifiers */
+   #define BN_MP_DIV_SMALL                    /* Slower division, not critical */
+
+   /* here we are on the last pass so we turn things off.  The functions classes are still there
+    * but we remove them specifically from the build.  This also invokes tweaks in functions
+    * like removing support for even moduli, etc...
+    */
+#ifdef LTM_LAST
+   #undef  BN_MP_TOOM_MUL_C
+   #undef  BN_MP_TOOM_SQR_C
+   #undef  BN_MP_KARATSUBA_MUL_C
+   #undef  BN_MP_KARATSUBA_SQR_C
+   #undef  BN_MP_REDUCE_C
+   #undef  BN_MP_REDUCE_SETUP_C
+   #undef  BN_MP_DR_IS_MODULUS_C
+   #undef  BN_MP_DR_SETUP_C
+   #undef  BN_MP_DR_REDUCE_C
+   #undef  BN_MP_REDUCE_IS_2K_C
+   #undef  BN_MP_REDUCE_2K_SETUP_C
+   #undef  BN_MP_REDUCE_2K_C
+   #undef  BN_S_MP_EXPTMOD_C
+   #undef  BN_MP_DIV_3_C
+   #undef  BN_S_MP_MUL_HIGH_DIGS_C
+   #undef  BN_FAST_S_MP_MUL_HIGH_DIGS_C
+   #undef  BN_FAST_MP_INVMOD_C
+
+   /* To safely undefine these you have to make sure your RSA key won't exceed the Comba threshold
+    * which is roughly 255 digits [7140 bits for 32-bit machines, 15300 bits for 64-bit machines] 
+    * which means roughly speaking you can handle upto 2536-bit RSA keys with these defined without
+    * trouble.  
+    */
+   #undef  BN_S_MP_MUL_DIGS_C
+   #undef  BN_S_MP_SQR_C
+   #undef  BN_MP_MONTGOMERY_REDUCE_C
+#endif
+
+#endif
+
diff --git a/3P/wolfssl/wolfssl/wolfcrypt/pkcs7.h b/3P/wolfssl/wolfssl/wolfcrypt/pkcs7.h
new file mode 100644
index 00000000..6cd34672
--- /dev/null
+++ b/3P/wolfssl/wolfssl/wolfcrypt/pkcs7.h
@@ -0,0 +1,127 @@
+/* pkcs7.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#ifdef HAVE_PKCS7
+
+#ifndef WOLF_CRYPT_PKCS7_H
+#define WOLF_CRYPT_PKCS7_H
+
+#include 
+#ifndef NO_ASN
+    #include 
+#endif
+#include 
+#include 
+#ifndef NO_DES3
+    #include 
+#endif
+
+#ifdef __cplusplus
+    extern "C" {
+#endif
+
+/* PKCS#7 content types, ref RFC 2315 (Section 14) */
+enum PKCS7_TYPES {
+    PKCS7_MSG                 = 650,   /* 1.2.840.113549.1.7   */
+    DATA                      = 651,   /* 1.2.840.113549.1.7.1 */
+    SIGNED_DATA               = 652,   /* 1.2.840.113549.1.7.2 */
+    ENVELOPED_DATA            = 653,   /* 1.2.840.113549.1.7.3 */
+    SIGNED_AND_ENVELOPED_DATA = 654,   /* 1.2.840.113549.1.7.4 */
+    DIGESTED_DATA             = 655,   /* 1.2.840.113549.1.7.5 */
+    ENCRYPTED_DATA            = 656    /* 1.2.840.113549.1.7.6 */
+};
+
+enum Pkcs7_Misc {
+    PKCS7_NONCE_SZ       = 16,
+    MAX_ENCRYPTED_KEY_SZ = 512,           /* max enc. key size, RSA <= 4096 */
+    MAX_CONTENT_KEY_LEN  = DES3_KEYLEN,   /* highest current cipher is 3DES */
+    MAX_RECIP_SZ         = MAX_VERSION_SZ +
+                           MAX_SEQ_SZ + ASN_NAME_MAX + MAX_SN_SZ +
+                           MAX_SEQ_SZ + MAX_ALGO_SZ + 1 + MAX_ENCRYPTED_KEY_SZ
+};
+
+
+typedef struct PKCS7Attrib {
+    byte* oid;
+    word32 oidSz;
+    byte* value;
+    word32 valueSz;
+} PKCS7Attrib;
+
+
+typedef struct PKCS7 {
+    byte* content;                /* inner content, not owner             */
+    word32 contentSz;             /* content size                         */
+    int contentOID;               /* PKCS#7 content type OID sum          */
+
+    RNG* rng;
+
+    int hashOID;
+    int encryptOID;               /* key encryption algorithm OID         */
+
+    byte*  singleCert;            /* recipient cert, DER, not owner       */
+    word32 singleCertSz;          /* size of recipient cert buffer, bytes */
+    byte issuerHash[SHA_SIZE];    /* hash of all alt Names                */
+    byte*  issuer;                /* issuer name of singleCert            */
+    word32 issuerSz;              /* length of issuer name                */
+    byte issuerSn[MAX_SN_SZ];     /* singleCert's serial number           */
+    word32 issuerSnSz;            /* length of serial number              */
+    byte publicKey[512];
+    word32 publicKeySz;
+    byte*  privateKey;            /* private key, DER, not owner          */
+    word32 privateKeySz;          /* size of private key buffer, bytes    */
+
+    PKCS7Attrib* signedAttribs;
+    word32 signedAttribsSz;
+} PKCS7;
+
+
+WOLFSSL_LOCAL int wc_SetContentType(int pkcs7TypeOID, byte* output);
+WOLFSSL_LOCAL int wc_GetContentType(const byte* input, word32* inOutIdx,
+                                word32* oid, word32 maxIdx);
+WOLFSSL_LOCAL int wc_CreateRecipientInfo(const byte* cert, word32 certSz,
+                                     int keyEncAlgo, int blockKeySz,
+                                     RNG* rng, byte* contentKeyPlain,
+                                     byte* contentKeyEnc,
+                                     int* keyEncSz, byte* out, word32 outSz);
+
+WOLFSSL_API int  wc_PKCS7_InitWithCert(PKCS7* pkcs7, byte* cert, word32 certSz);
+WOLFSSL_API void wc_PKCS7_Free(PKCS7* pkcs7);
+WOLFSSL_API int  wc_PKCS7_EncodeData(PKCS7* pkcs7, byte* output, word32 outputSz);
+WOLFSSL_API int  wc_PKCS7_EncodeSignedData(PKCS7* pkcs7,
+                                       byte* output, word32 outputSz);
+WOLFSSL_API int  wc_PKCS7_VerifySignedData(PKCS7* pkcs7,
+                                       byte* pkiMsg, word32 pkiMsgSz);
+WOLFSSL_API int  wc_PKCS7_EncodeEnvelopedData(PKCS7* pkcs7,
+                                          byte* output, word32 outputSz);
+WOLFSSL_API int  wc_PKCS7_DecodeEnvelopedData(PKCS7* pkcs7, byte* pkiMsg,
+                                          word32 pkiMsgSz, byte* output,
+                                          word32 outputSz);
+
+#ifdef __cplusplus
+    } /* extern "C" */
+#endif
+
+#endif /* WOLF_CRYPT_PKCS7_H */
+
+#endif /* HAVE_PKCS7 */
+
diff --git a/3P/wolfssl/wolfssl/wolfcrypt/poly1305.h b/3P/wolfssl/wolfssl/wolfcrypt/poly1305.h
new file mode 100644
index 00000000..d5c090ac
--- /dev/null
+++ b/3P/wolfssl/wolfssl/wolfcrypt/poly1305.h
@@ -0,0 +1,83 @@
+/* poly1305.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#ifdef HAVE_POLY1305
+
+#ifndef WOLF_CRYPT_POLY1305_H
+#define WOLF_CRYPT_POLY1305_H
+
+#include 
+
+#ifdef __cplusplus
+    extern "C" {
+#endif
+
+/* auto detect between 32bit / 64bit */
+#define HAS_SIZEOF_INT128_64BIT (defined(__SIZEOF_INT128__) && defined(__LP64__))
+#define HAS_MSVC_64BIT (defined(_MSC_VER) && defined(_M_X64))
+#define HAS_GCC_4_4_64BIT (defined(__GNUC__) && defined(__LP64__) && \
+        ((__GNUC__ > 4) || ((__GNUC__ == 4) && (__GNUC_MINOR__ >= 4))))
+
+#if (HAS_SIZEOF_INT128_64BIT || HAS_MSVC_64BIT || HAS_GCC_4_4_64BIT)
+#define POLY130564
+#else
+#define POLY130532
+#endif
+
+enum {
+    POLY1305 = 7,
+    POLY1305_BLOCK_SIZE = 16,
+    POLY1305_DIGEST_SIZE = 16,
+    POLY1305_PAD_SIZE = 56
+};
+
+/* Poly1305 state */
+typedef struct Poly1305 {
+#if defined(POLY130564)
+	word64 r[3];
+	word64 h[3];
+	word64 pad[2];
+#else
+	word32 r[5];
+	word32 h[5];
+	word32 pad[4];
+#endif
+	size_t leftover;
+	unsigned char buffer[POLY1305_BLOCK_SIZE];
+	unsigned char final;
+} Poly1305;
+
+
+/* does init */
+
+WOLFSSL_API int wc_Poly1305SetKey(Poly1305* poly1305, const byte* key, word32 kySz);
+WOLFSSL_API int wc_Poly1305Update(Poly1305* poly1305, const byte*, word32);
+WOLFSSL_API int wc_Poly1305Final(Poly1305* poly1305, byte* tag);
+
+#ifdef __cplusplus
+    } /* extern "C" */
+#endif
+
+#endif /* WOLF_CRYPT_POLY1305_H */
+
+#endif /* HAVE_POLY1305 */
+
diff --git a/3P/wolfssl/wolfssl/wolfcrypt/port/pic32/pic32mz-crypt.h b/3P/wolfssl/wolfssl/wolfcrypt/port/pic32/pic32mz-crypt.h
new file mode 100644
index 00000000..44c54d74
--- /dev/null
+++ b/3P/wolfssl/wolfssl/wolfcrypt/port/pic32/pic32mz-crypt.h
@@ -0,0 +1,138 @@
+/* pic32mz-crypt.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+#ifndef PIC32MZ_CRYPT_H
+#define PIC32MZ_CRYPT_H
+
+#ifdef  WOLFSSL_MICROCHIP_PIC32MZ
+
+#define MICROCHIP_PIC32
+#include 
+#include 
+#include 
+
+typedef struct saCtrl {
+    unsigned int CRYPTOALGO : 4;
+    unsigned int MULTITASK : 3;
+    unsigned int KEYSIZE : 2;
+    unsigned int ENCTYPE : 1;
+    unsigned int ALGO : 7;
+    unsigned int : 3;
+    unsigned int FLAGS : 1;
+    unsigned int FB : 1;
+    unsigned int LOADIV : 1;
+    unsigned int LNC : 1;
+    unsigned int IRFLAG : 1;
+    unsigned int ICVONLY : 1;
+    unsigned int OR_EN : 1;
+    unsigned int NO_RX : 1;
+    unsigned int : 1;
+    unsigned int VERIFY : 1;
+    unsigned int : 2;
+} saCtrl;
+
+typedef struct securityAssociation {
+    saCtrl SA_CTRL;
+    unsigned int SA_AUTHKEY[8];
+    unsigned int SA_ENCKEY[8];
+    unsigned int SA_AUTHIV[8];
+    unsigned int SA_ENCIV[4];
+} securityAssociation;
+
+typedef struct bdCtrl {
+    unsigned int BUFLEN : 16;
+    unsigned int CBD_INT_EN : 1;
+    unsigned int PKT_INT_EN : 1;
+    unsigned int LIFM : 1;
+    unsigned int LAST_BD: 1;
+    unsigned int : 2;
+    unsigned int SA_FETCH_EN : 1;
+    unsigned int : 8;
+    unsigned int DESC_EN : 1;
+} bdCtrl;
+
+typedef struct bufferDescriptor {
+    bdCtrl BD_CTRL;
+    unsigned int SA_ADDR;
+    unsigned int SRCADDR;
+    unsigned int DSTADDR;
+    unsigned int NXTPTR;
+    unsigned int UPDPTR;
+    unsigned int MSGLEN;
+    unsigned int ENCOFF;
+} bufferDescriptor;
+
+
+#define PIC32_ENCRYPTION      0b1
+#define PIC32_DECRYPTION      0b0
+
+#define PIC32_ALGO_HMAC1     0b01000000
+#define PIC32_ALGO_SHA256    0b00100000
+#define PIC32_ALGO_SHA1      0b00010000
+#define PIC32_ALGO_MD5       0b00001000
+#define PIC32_ALGO_AES       0b00000100
+#define PIC32_ALGO_TDES      0b00000010
+#define PIC32_ALGO_DES       0b00000001
+
+#define PIC32_CRYPTOALGO_AES_GCM 0b1110
+#define PIC32_CRYPTOALGO_RCTR    0b1101
+#define PIC32_CRYPTOALGO_RCBC    0b1001
+#define PIC32_CRYPTOALGO_REBC    0b1000
+#define PIC32_CRYPTOALGO_TCBC    0b0101
+#define PIC32_CRYPTOALGO_CBC     0b0001
+
+#define PIC32_AES_KEYSIZE_256     0b10
+#define PIC32_AES_KEYSIZE_192     0b01
+#define PIC32_AES_KEYSIZE_128     0b00
+
+#define PIC32_AES_BLOCK_SIZE 16
+#define MD5_HASH_SIZE 16
+#define SHA1_HASH_SIZE 20
+#define SHA256_HASH_SIZE 32
+#define PIC32_HASH_SIZE 32
+
+#define PIC32MZ_MAX_BD   2
+typedef struct {      /* Crypt Engine descripter */
+    int bdCount ;
+    int err   ;
+    volatile bufferDescriptor 
+        bd[PIC32MZ_MAX_BD] __attribute__((aligned (8), coherent));
+    securityAssociation 
+        sa                 __attribute__((aligned (8), coherent));
+} pic32mz_desc ;
+
+#define PIC32MZ_IF_RAM(addr) (KVA_TO_PA(addr) < 0x80000)
+
+#define WAIT_ENGINE \
+    { volatile int v ; while (CESTATbits.ACTIVE) ; for(v=0; v<100; v++) ; }
+
+#ifdef DEBUG_CYASSL
+static void print_mem(const unsigned char *p, int size) {
+    for(; size>0; size--, p++) {
+        if(size%4 == 0)printf(" ") ;
+            printf("%02x", (int)*p) ;
+    }
+    puts("") ;
+}
+#endif
+
+#endif
+#endif /* PIC32MZ_CRYPT_H */
diff --git a/3P/wolfssl/wolfssl/wolfcrypt/pwdbased.h b/3P/wolfssl/wolfssl/wolfcrypt/pwdbased.h
new file mode 100644
index 00000000..0e644dda
--- /dev/null
+++ b/3P/wolfssl/wolfssl/wolfcrypt/pwdbased.h
@@ -0,0 +1,56 @@
+/* pwdbased.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#ifndef NO_PWDBASED
+
+#ifndef WOLF_CRYPT_PWDBASED_H
+#define WOLF_CRYPT_PWDBASED_H
+
+#include 
+#include        /* for hash type */
+#include 
+
+#ifdef __cplusplus
+    extern "C" {
+#endif
+
+/*
+ * hashType renamed to typeH to avoid shadowing global declation here:
+ * wolfssl/wolfcrypt/asn.h line 173 in enum Oid_Types
+ */
+WOLFSSL_API int wc_PBKDF1(byte* output, const byte* passwd, int pLen,
+                      const byte* salt, int sLen, int iterations, int kLen,
+                      int typeH);
+WOLFSSL_API int wc_PBKDF2(byte* output, const byte* passwd, int pLen,
+                      const byte* salt, int sLen, int iterations, int kLen,
+                      int typeH);
+WOLFSSL_API int wc_PKCS12_PBKDF(byte* output, const byte* passwd, int pLen,
+                            const byte* salt, int sLen, int iterations,
+                            int kLen, int typeH, int purpose);
+
+
+#ifdef __cplusplus
+    } /* extern "C" */
+#endif
+
+#endif /* WOLF_CRYPT_PWDBASED_H */
+#endif /* NO_PWDBASED */
diff --git a/3P/wolfssl/wolfssl/wolfcrypt/rabbit.h b/3P/wolfssl/wolfssl/wolfcrypt/rabbit.h
new file mode 100644
index 00000000..f6959a96
--- /dev/null
+++ b/3P/wolfssl/wolfssl/wolfcrypt/rabbit.h
@@ -0,0 +1,65 @@
+/* rabbit.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#ifndef NO_RABBIT
+
+#ifndef WOLF_CRYPT_RABBIT_H
+#define WOLF_CRYPT_RABBIT_H
+
+#include 
+
+#ifdef __cplusplus
+    extern "C" {
+#endif
+
+
+enum {
+	RABBIT_ENC_TYPE  = 5     /* cipher unique type */
+};
+
+
+/* Rabbit Context */
+typedef struct RabbitCtx {
+    word32 x[8];
+    word32 c[8];
+    word32 carry;
+} RabbitCtx;
+
+
+/* Rabbit stream cipher */
+typedef struct Rabbit {
+    RabbitCtx masterCtx;
+    RabbitCtx workCtx;
+} Rabbit;
+
+
+WOLFSSL_API int wc_RabbitProcess(Rabbit*, byte*, const byte*, word32);
+WOLFSSL_API int wc_RabbitSetKey(Rabbit*, const byte* key, const byte* iv);
+
+
+#ifdef __cplusplus
+    } /* extern "C" */
+#endif
+
+#endif /* WOLF_CRYPT_RABBIT_H */
+
+#endif /* NO_RABBIT */
diff --git a/3P/wolfssl/wolfssl/wolfcrypt/random.h b/3P/wolfssl/wolfssl/wolfcrypt/random.h
new file mode 100644
index 00000000..46103192
--- /dev/null
+++ b/3P/wolfssl/wolfssl/wolfcrypt/random.h
@@ -0,0 +1,143 @@
+/* random.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#ifndef WOLF_CRYPT_RANDOM_H
+#define WOLF_CRYPT_RANDOM_H
+
+#include 
+
+#ifdef HAVE_FIPS
+/* for fips @wc_fips */
+#include 
+#endif
+
+#ifdef __cplusplus
+    extern "C" {
+#endif
+
+#ifndef HAVE_FIPS /* avoid redefining structs and macros */
+#if defined(HAVE_HASHDRBG) || defined(NO_RC4)
+    #ifdef NO_SHA256
+        #error "Hash DRBG requires SHA-256."
+    #endif /* NO_SHA256 */
+
+    #include 
+#else /* HAVE_HASHDRBG || NO_RC4 */
+    #include 
+#endif /* HAVE_HASHDRBG || NO_RC4 */
+
+#if defined(USE_WINDOWS_API)
+    #if defined(_WIN64)
+        typedef unsigned __int64 ProviderHandle;
+        /* type HCRYPTPROV, avoid #include  */
+    #else
+        typedef unsigned long ProviderHandle;
+    #endif
+#endif
+
+
+/* OS specific seeder */
+typedef struct OS_Seed {
+    #if defined(USE_WINDOWS_API)
+        ProviderHandle handle;
+    #else
+        int fd;
+    #endif
+} OS_Seed;
+
+
+#if defined(WOLFSSL_MDK_ARM)
+#undef RNG
+#define RNG wolfSSL_RNG   /* for avoiding name conflict in "stm32f2xx.h" */
+#endif
+
+
+#if defined(HAVE_HASHDRBG) || defined(NO_RC4)
+
+
+#define DRBG_SEED_LEN (440/8)
+
+
+struct DRBG; /* Private DRBG state */
+
+
+/* Hash-based Deterministic Random Bit Generator */
+typedef struct RNG {
+    OS_Seed seed;
+    struct DRBG* drbg;
+    byte status;
+} RNG;
+
+
+#else /* HAVE_HASHDRBG || NO_RC4 */
+
+
+#define WOLFSSL_RNG_CAVIUM_MAGIC 0xBEEF0004
+
+/* secure Random Number Generator */
+
+
+typedef struct RNG {
+    OS_Seed seed;
+    Arc4    cipher;
+#ifdef HAVE_CAVIUM
+    int    devId;           /* nitrox device id */
+    word32 magic;           /* using cavium magic */
+#endif
+} RNG;
+
+
+#endif /* HAVE_HASH_DRBG || NO_RC4 */
+
+#endif /* HAVE_FIPS */
+
+WOLFSSL_LOCAL
+int wc_GenerateSeed(OS_Seed* os, byte* seed, word32 sz);
+
+#if defined(HAVE_HASHDRBG) || defined(NO_RC4)
+
+#ifdef HAVE_CAVIUM
+    WOLFSSL_API int  wc_InitRngCavium(RNG*, int);
+#endif
+
+#endif /* HAVE_HASH_DRBG || NO_RC4 */
+
+
+WOLFSSL_API int  wc_InitRng(RNG*);
+WOLFSSL_API int  wc_RNG_GenerateBlock(RNG*, byte*, word32 sz);
+WOLFSSL_API int  wc_RNG_GenerateByte(RNG*, byte*);
+
+
+#if defined(HAVE_HASHDRBG) || defined(NO_RC4)
+    WOLFSSL_API int wc_FreeRng(RNG*);
+    WOLFSSL_API int wc_RNG_HealthTest(int reseed,
+                                        const byte* entropyA, word32 entropyASz,
+                                        const byte* entropyB, word32 entropyBSz,
+                                        byte* output, word32 outputSz);
+#endif /* HAVE_HASHDRBG || NO_RC4 */
+
+#ifdef __cplusplus
+    } /* extern "C" */
+#endif
+
+#endif /* WOLF_CRYPT_RANDOM_H */
+
diff --git a/3P/wolfssl/wolfssl/wolfcrypt/ripemd.h b/3P/wolfssl/wolfssl/wolfcrypt/ripemd.h
new file mode 100644
index 00000000..2927534d
--- /dev/null
+++ b/3P/wolfssl/wolfssl/wolfcrypt/ripemd.h
@@ -0,0 +1,64 @@
+/* ripemd.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#ifdef WOLFSSL_RIPEMD
+
+#ifndef WOLF_CRYPT_RIPEMD_H
+#define WOLF_CRYPT_RIPEME_H
+
+#include 
+
+#ifdef __cplusplus
+    extern "C" {
+#endif
+
+
+/* in bytes */
+enum {
+    RIPEMD             =  3,    /* hash type unique */
+    RIPEMD_BLOCK_SIZE  = 64,
+    RIPEMD_DIGEST_SIZE = 20,
+    RIPEMD_PAD_SIZE    = 56
+};
+
+
+/* RipeMd 160 digest */
+typedef struct RipeMd {
+    word32  buffLen;   /* in bytes          */
+    word32  loLen;     /* length in bytes   */
+    word32  hiLen;     /* length in bytes   */
+    word32  digest[RIPEMD_DIGEST_SIZE / sizeof(word32)];
+    word32  buffer[RIPEMD_BLOCK_SIZE  / sizeof(word32)];
+} RipeMd;
+
+
+WOLFSSL_API void wc_InitRipeMd(RipeMd*);
+WOLFSSL_API void wc_RipeMdUpdate(RipeMd*, const byte*, word32);
+WOLFSSL_API void wc_RipeMdFinal(RipeMd*, byte*);
+
+
+#ifdef __cplusplus
+    } /* extern "C" */
+#endif
+
+#endif /* WOLF_CRYPT_RIPEMD_H */
+#endif /* WOLFSSL_RIPEMD */
diff --git a/3P/wolfssl/wolfssl/wolfcrypt/rsa.h b/3P/wolfssl/wolfssl/wolfcrypt/rsa.h
new file mode 100644
index 00000000..2f101d9e
--- /dev/null
+++ b/3P/wolfssl/wolfssl/wolfcrypt/rsa.h
@@ -0,0 +1,120 @@
+/* rsa.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+#ifndef NO_RSA
+
+#ifndef WOLF_CRYPT_RSA_H
+#define WOLF_CRYPT_RSA_H
+
+#include 
+
+#ifdef HAVE_FIPS
+/* for fips @wc_fips */
+#include 
+#if defined(CYASSL_KEY_GEN) && !defined(WOLFSSL_KEY_GEN)
+    #define WOLFSSL_KEY_GEN
+#endif
+#else
+    #include 
+    #include 
+#endif /* HAVE_FIPS */
+
+#ifdef __cplusplus
+    extern "C" {
+#endif
+
+#ifndef HAVE_FIPS /* avoid redefinition of structs */
+#define WOLFSSL_RSA_CAVIUM_MAGIC 0xBEEF0006
+
+enum {
+    RSA_PUBLIC   = 0,
+    RSA_PRIVATE  = 1
+};
+
+/* RSA */
+typedef struct RsaKey {
+    mp_int n, e, d, p, q, dP, dQ, u;
+    int   type;                               /* public or private */
+    void* heap;                               /* for user memory overrides */
+#ifdef HAVE_CAVIUM
+    int    devId;           /* nitrox device id */
+    word32 magic;           /* using cavium magic */
+    word64 contextHandle;   /* nitrox context memory handle */
+    byte*  c_n;             /* cavium byte buffers for key parts */
+    byte*  c_e;
+    byte*  c_d;
+    byte*  c_p;
+    byte*  c_q;
+    byte*  c_dP;
+    byte*  c_dQ;
+    byte*  c_u;             /* sizes in bytes */
+    word16 c_nSz, c_eSz, c_dSz, c_pSz, c_qSz, c_dP_Sz, c_dQ_Sz, c_uSz;
+#endif
+} RsaKey;
+#endif /*HAVE_FIPS */
+
+
+WOLFSSL_API int  wc_InitRsaKey(RsaKey* key, void*);
+WOLFSSL_API int  wc_FreeRsaKey(RsaKey* key);
+
+WOLFSSL_API int  wc_RsaPublicEncrypt(const byte* in, word32 inLen, byte* out,
+                                 word32 outLen, RsaKey* key, RNG* rng);
+WOLFSSL_API int  wc_RsaPrivateDecryptInline(byte* in, word32 inLen, byte** out,
+                                        RsaKey* key);
+WOLFSSL_API int  wc_RsaPrivateDecrypt(const byte* in, word32 inLen, byte* out,
+                                  word32 outLen, RsaKey* key);
+WOLFSSL_API int  wc_RsaSSL_Sign(const byte* in, word32 inLen, byte* out,
+                            word32 outLen, RsaKey* key, RNG* rng);
+WOLFSSL_API int  wc_RsaSSL_VerifyInline(byte* in, word32 inLen, byte** out,
+                                    RsaKey* key);
+WOLFSSL_API int  wc_RsaSSL_Verify(const byte* in, word32 inLen, byte* out,
+                              word32 outLen, RsaKey* key);
+WOLFSSL_API int  wc_RsaEncryptSize(RsaKey* key);
+
+#ifndef HAVE_FIPS /* to avoid asn duplicate symbols @wc_fips */
+WOLFSSL_API int  wc_RsaPrivateKeyDecode(const byte* input, word32* inOutIdx,
+                                                               RsaKey*, word32);
+WOLFSSL_API int  wc_RsaPublicKeyDecode(const byte* input, word32* inOutIdx,
+                                                               RsaKey*, word32);
+WOLFSSL_API int  wc_RsaPublicKeyDecodeRaw(const byte* n, word32 nSz,
+                                        const byte* e, word32 eSz, RsaKey* key);
+#endif /* HAVE_FIPS*/
+WOLFSSL_API int  wc_RsaFlattenPublicKey(RsaKey*, byte*, word32*, byte*,
+                                                                       word32*);
+
+#ifdef WOLFSSL_KEY_GEN
+    WOLFSSL_API int wc_MakeRsaKey(RsaKey* key, int size, long e, RNG* rng);
+    WOLFSSL_API int wc_RsaKeyToDer(RsaKey*, byte* output, word32 inLen);
+#endif
+
+#ifdef HAVE_CAVIUM
+    WOLFSSL_API int  wc_RsaInitCavium(RsaKey*, int);
+    WOLFSSL_API void wc_RsaFreeCavium(RsaKey*);
+#endif
+
+#ifdef __cplusplus
+    } /* extern "C" */
+#endif
+
+#endif /* WOLF_CRYPT_RSA_H */
+
+#endif /* NO_RSA */
+
diff --git a/3P/wolfssl/wolfssl/wolfcrypt/settings.h b/3P/wolfssl/wolfssl/wolfcrypt/settings.h
new file mode 100644
index 00000000..972a2150
--- /dev/null
+++ b/3P/wolfssl/wolfssl/wolfcrypt/settings.h
@@ -0,0 +1,741 @@
+/* settings.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+/* Place OS specific preprocessor flags, defines, includes here, will be
+   included into every file because types.h includes it */
+
+
+#ifndef WOLF_CRYPT_SETTINGS_H
+#define WOLF_CRYPT_SETTINGS_H
+
+#ifdef __cplusplus
+    extern "C" {
+#endif
+
+/* Uncomment next line if using IPHONE */
+/* #define IPHONE */
+
+/* Uncomment next line if using ThreadX */
+/* #define THREADX */
+
+/* Uncomment next line if using Micrium ucOS */
+/* #define MICRIUM */
+
+/* Uncomment next line if using Mbed */
+/* #define MBED */
+
+/* Uncomment next line if using Microchip PIC32 ethernet starter kit */
+/* #define MICROCHIP_PIC32 */
+
+/* Uncomment next line if using Microchip TCP/IP stack, version 5 */
+/* #define MICROCHIP_TCPIP_V5 */
+
+/* Uncomment next line if using Microchip TCP/IP stack, version 6 or later */
+/* #define MICROCHIP_TCPIP */
+
+/* Uncomment next line if using PIC32MZ Crypto Engine */
+/* #define WOLFSSL_MICROCHIP_PIC32MZ */
+
+/* Uncomment next line if using FreeRTOS */
+/* #define FREERTOS */
+
+/* Uncomment next line if using FreeRTOS Windows Simulator */
+/* #define FREERTOS_WINSIM */
+
+/* Uncomment next line if using RTIP */
+/* #define EBSNET */
+
+/* Uncomment next line if using lwip */
+/* #define WOLFSSL_LWIP */
+
+/* Uncomment next line if building wolfSSL for a game console */
+/* #define WOLFSSL_GAME_BUILD */
+
+/* Uncomment next line if building wolfSSL for LSR */
+/* #define WOLFSSL_LSR */
+
+/* Uncomment next line if building wolfSSL for Freescale MQX/RTCS/MFS */
+/* #define FREESCALE_MQX */
+
+/* Uncomment next line if using STM32F2 */
+/* #define WOLFSSL_STM32F2 */
+
+/* Uncomment next line if using Comverge settings */
+/* #define COMVERGE */
+
+/* Uncomment next line if using QL SEP settings */
+/* #define WOLFSSL_QL */
+
+/* Uncomment next line if building for EROAD */
+/* #define WOLFSSL_EROAD */
+
+/* Uncomment next line if building for IAR EWARM */
+/* #define WOLFSSL_IAR_ARM */
+
+/* Uncomment next line if using TI-RTOS settings */
+/* #define WOLFSSL_TIRTOS */
+
+/* Uncomment next line if building with PicoTCP */
+/* #define WOLFSSL_PICOTCP */
+
+/* Uncomment next line if building for PicoTCP demo bundle */
+/* #define WOLFSSL_PICOTCP_DEMO */
+
+#include 
+
+#ifdef IPHONE
+    #define SIZEOF_LONG_LONG 8
+#endif
+
+
+#ifdef WOLFSSL_USER_SETTINGS
+    #include 
+#endif
+
+
+#ifdef COMVERGE
+    #define THREADX
+    #define HAVE_NETX
+    #define WOLFSSL_USER_IO
+    #define NO_WRITEV
+    #define NO_DEV_RANDOM
+    #define NO_FILESYSTEM
+    #define NO_SHA512
+    #define NO_DH
+    #define NO_DSA
+    #define NO_HC128
+    #define NO_RSA
+    #define NO_SESSION_CACHE
+    #define HAVE_ECC
+#endif
+
+
+#ifdef THREADX
+    #define SIZEOF_LONG_LONG 8
+#endif
+
+#ifdef HAVE_NETX
+    #include "nx_api.h"
+#endif
+
+#if defined(HAVE_LWIP_NATIVE) /* using LwIP native TCP socket */
+    #define WOLFSSL_LWIP
+    #define NO_WRITEV
+    #define SINGLE_THREADED
+    #define WOLFSSL_USER_IO
+    #define NO_FILESYSTEM
+#endif
+
+#if defined(WOLFSSL_IAR_ARM)
+    #define NO_MAIN_DRIVER
+    #define SINGLE_THREADED
+    #define USE_CERT_BUFFERS_1024
+    #define BENCH_EMBEDDED
+    #define NO_FILESYSTEM
+    #define NO_WRITEV
+    #define WOLFSSL_USER_IO
+    #define  BENCH_EMBEDDED
+#endif
+
+#ifdef MICROCHIP_PIC32
+    /* #define WOLFSSL_MICROCHIP_PIC32MZ */
+    #define SIZEOF_LONG_LONG 8
+    #define SINGLE_THREADED
+    #define WOLFSSL_USER_IO
+    #define NO_WRITEV
+    #define NO_DEV_RANDOM
+    #define NO_FILESYSTEM
+    #define USE_FAST_MATH
+    #define TFM_TIMING_RESISTANT
+    #define NEED_AES_TABLES
+#endif
+
+#ifdef WOLFSSL_MICROCHIP_PIC32MZ
+    #define WOLFSSL_PIC32MZ_CE
+    #define WOLFSSL_PIC32MZ_CRYPT
+    #define HAVE_AES_ENGINE
+    #define WOLFSSL_PIC32MZ_RNG
+    /* #define WOLFSSL_PIC32MZ_HASH */
+    #define WOLFSSL_AES_COUNTER
+    #define HAVE_AESGCM
+    #define NO_BIG_INT
+#endif
+
+#ifdef MICROCHIP_TCPIP_V5
+    /* include timer functions */
+    #include "TCPIP Stack/TCPIP.h"
+#endif
+
+#ifdef MICROCHIP_TCPIP
+    /* include timer, NTP functions */
+    #ifdef MICROCHIP_MPLAB_HARMONY
+        #include "tcpip/tcpip.h"
+    #else
+        #include "system/system_services.h"
+        #include "tcpip/sntp.h"
+    #endif
+#endif
+
+#ifdef MBED
+    #define WOLFSSL_USER_IO
+    #define NO_FILESYSTEM
+    #define NO_CERT
+    #define USE_CERT_BUFFERS_1024
+    #define NO_WRITEV
+    #define NO_DEV_RANDOM
+    #define NO_SHA512
+    #define NO_DH
+    #define NO_DSA
+    #define NO_HC128
+    #define HAVE_ECC
+    #define NO_SESSION_CACHE
+    #define WOLFSSL_CMSIS_RTOS
+#endif
+
+
+#ifdef WOLFSSL_EROAD
+    #define FREESCALE_MQX
+    #define FREESCALE_MMCAU
+    #define SINGLE_THREADED
+    #define NO_STDIO_FILESYSTEM
+    #define WOLFSSL_LEANPSK
+    #define HAVE_NULL_CIPHER
+    #define NO_OLD_TLS
+    #define NO_ASN
+    #define NO_BIG_INT
+    #define NO_RSA
+    #define NO_DSA
+    #define NO_DH
+    #define NO_CERTS
+    #define NO_PWDBASED
+    #define NO_DES3
+    #define NO_MD4
+    #define NO_RC4
+    #define NO_MD5
+    #define NO_SESSION_CACHE
+    #define NO_MAIN_DRIVER
+#endif
+
+#ifdef WOLFSSL_PICOTCP
+    #define errno pico_err
+    #include "pico_defines.h"
+    #include "pico_stack.h"
+    #include "pico_constants.h"
+    #define CUSTOM_RAND_GENERATE pico_rand
+#endif
+
+#ifdef WOLFSSL_PICOTCP_DEMO
+    #define WOLFSSL_STM32
+    #define USE_FAST_MATH
+    #define TFM_TIMING_RESISTANT
+    #define XMALLOC(s, h, type)  PICO_ZALLOC((s))
+    #define XFREE(p, h, type)    PICO_FREE((p))
+    #define SINGLE_THREADED
+    #define NO_WRITEV
+    #define WOLFSSL_USER_IO
+    #define NO_DEV_RANDOM
+    #define NO_FILESYSTEM
+#endif
+
+#ifdef FREERTOS_WINSIM
+    #define FREERTOS
+    #define USE_WINDOWS_API
+#endif
+
+
+/* Micrium will use Visual Studio for compilation but not the Win32 API */
+#if defined(_WIN32) && !defined(MICRIUM) && !defined(FREERTOS) \
+        && !defined(EBSNET) && !defined(WOLFSSL_EROAD)
+    #define USE_WINDOWS_API
+#endif
+
+
+#if defined(WOLFSSL_LEANPSK) && !defined(XMALLOC_USER)
+    #include 
+    #define XMALLOC(s, h, type)  malloc((s))
+    #define XFREE(p, h, type)    free((p))
+    #define XREALLOC(p, n, h, t) realloc((p), (n))
+#endif
+
+#if defined(XMALLOC_USER) && defined(SSN_BUILDING_LIBYASSL)
+    #undef  XMALLOC
+    #define XMALLOC     yaXMALLOC
+    #undef  XFREE
+    #define XFREE       yaXFREE
+    #undef  XREALLOC
+    #define XREALLOC    yaXREALLOC
+#endif
+
+
+#ifdef FREERTOS
+    #ifndef NO_WRITEV
+        #define NO_WRITEV
+    #endif
+    #ifndef NO_SHA512
+        #define NO_SHA512
+    #endif
+    #ifndef NO_DH
+        #define NO_DH
+    #endif
+    #ifndef NO_DSA
+        #define NO_DSA
+    #endif
+    #ifndef NO_HC128
+        #define NO_HC128
+    #endif
+
+    #ifndef SINGLE_THREADED
+        #include "FreeRTOS.h"
+        #include "semphr.h"
+    #endif
+#endif
+
+#ifdef WOLFSSL_TIRTOS
+    #define SIZEOF_LONG_LONG 8
+    #define NO_WRITEV
+    #define NO_WOLFSSL_DIR
+    #define USE_FAST_MATH
+    #define TFM_TIMING_RESISTANT
+    #define NO_DEV_RANDOM
+    #define NO_FILESYSTEM
+    #define USE_CERT_BUFFERS_2048
+    #define NO_ERROR_STRINGS
+    #define USER_TIME
+
+    #ifdef __IAR_SYSTEMS_ICC__
+        #pragma diag_suppress=Pa089
+    #elif !defined(__GNUC__)
+        /* Suppress the sslpro warning */
+        #pragma diag_suppress=11
+    #endif
+
+    #include 
+#endif
+
+#ifdef EBSNET
+    #include "rtip.h"
+
+    /* #define DEBUG_WOLFSSL */
+    #define NO_WOLFSSL_DIR  /* tbd */
+
+    #if (POLLOS)
+        #define SINGLE_THREADED
+    #endif
+
+    #if (RTPLATFORM)
+        #if (!RTP_LITTLE_ENDIAN)
+            #define BIG_ENDIAN_ORDER
+        #endif
+    #else
+        #if (!KS_LITTLE_ENDIAN)
+            #define BIG_ENDIAN_ORDER
+        #endif
+    #endif
+
+    #if (WINMSP3)
+        #undef SIZEOF_LONG
+        #define SIZEOF_LONG_LONG 8
+    #else
+        #sslpro: settings.h - please implement SIZEOF_LONG and SIZEOF_LONG_LONG
+    #endif
+
+    #define XMALLOC(s, h, type) ((void *)rtp_malloc((s), SSL_PRO_MALLOC))
+    #define XFREE(p, h, type) (rtp_free(p))
+    #define XREALLOC(p, n, h, t) realloc((p), (n))
+
+#endif /* EBSNET */
+
+#ifdef WOLFSSL_GAME_BUILD
+    #define SIZEOF_LONG_LONG 8
+    #if defined(__PPU) || defined(__XENON)
+        #define BIG_ENDIAN_ORDER
+    #endif
+#endif
+
+#ifdef WOLFSSL_LSR
+    #define HAVE_WEBSERVER
+    #define SIZEOF_LONG_LONG 8
+    #define WOLFSSL_LOW_MEMORY
+    #define NO_WRITEV
+    #define NO_SHA512
+    #define NO_DH
+    #define NO_DSA
+    #define NO_HC128
+    #define NO_DEV_RANDOM
+    #define NO_WOLFSSL_DIR
+    #define NO_RABBIT
+    #ifndef NO_FILESYSTEM
+        #define LSR_FS
+        #include "inc/hw_types.h"
+        #include "fs.h"
+    #endif
+    #define WOLFSSL_LWIP
+    #include   /* for tcp errno */
+    #define WOLFSSL_SAFERTOS
+    #if defined(__IAR_SYSTEMS_ICC__)
+        /* enum uses enum */
+        #pragma diag_suppress=Pa089
+    #endif
+#endif
+
+#ifdef WOLFSSL_SAFERTOS
+    #ifndef SINGLE_THREADED
+        #include "SafeRTOS/semphr.h"
+    #endif
+
+    #include "SafeRTOS/heap.h"
+    #define XMALLOC(s, h, type)  pvPortMalloc((s))
+    #define XFREE(p, h, type)    vPortFree((p))
+    #define XREALLOC(p, n, h, t) pvPortRealloc((p), (n))
+#endif
+
+#ifdef WOLFSSL_LOW_MEMORY
+    #undef  RSA_LOW_MEM
+    #define RSA_LOW_MEM
+    #undef  WOLFSSL_SMALL_STACK
+    #define WOLFSSL_SMALL_STACK
+    #undef  TFM_TIMING_RESISTANT
+    #define TFM_TIMING_RESISTANT
+#endif
+
+#ifdef FREESCALE_MQX
+    #define SIZEOF_LONG_LONG 8
+    #define NO_WRITEV
+    #define NO_DEV_RANDOM
+    #define NO_RABBIT
+    #define NO_WOLFSSL_DIR
+    #define USE_FAST_MATH
+    #define TFM_TIMING_RESISTANT
+    #define FREESCALE_K70_RNGA
+    /* #define FREESCALE_K53_RNGB */
+    #include "mqx.h"
+    #ifndef NO_FILESYSTEM
+        #include "mfs.h"
+        #include "fio.h"
+    #endif
+    #ifndef SINGLE_THREADED
+        #include "mutex.h"
+    #endif
+
+    #define XMALLOC(s, h, t)    (void *)_mem_alloc_system((s))
+    #define XFREE(p, h, t)      {void* xp = (p); if ((xp)) _mem_free((xp));}
+    /* Note: MQX has no realloc, using fastmath above */
+#endif
+
+#ifdef WOLFSSL_STM32F2
+    #define SIZEOF_LONG_LONG 8
+    #define NO_DEV_RANDOM
+    #define NO_WOLFSSL_DIR
+    #define NO_RABBIT
+    #define STM32F2_RNG
+    #define STM32F2_CRYPTO
+    #define KEIL_INTRINSICS
+#endif
+
+#ifdef MICRIUM
+
+    #include "stdlib.h"
+    #include "net_cfg.h"
+    #include "ssl_cfg.h"
+    #include "net_secure_os.h"
+
+    #define WOLFSSL_TYPES
+
+    typedef CPU_INT08U byte;
+    typedef CPU_INT16U word16;
+    typedef CPU_INT32U word32;
+
+    #if (NET_SECURE_MGR_CFG_WORD_SIZE == CPU_WORD_SIZE_32)
+        #define SIZEOF_LONG        4
+        #undef  SIZEOF_LONG_LONG
+    #else
+        #undef  SIZEOF_LONG
+        #define SIZEOF_LONG_LONG   8
+    #endif
+
+    #define STRING_USER
+
+    #define XSTRLEN(pstr) ((CPU_SIZE_T)Str_Len((CPU_CHAR *)(pstr)))
+    #define XSTRNCPY(pstr_dest, pstr_src, len_max) \
+                    ((CPU_CHAR *)Str_Copy_N((CPU_CHAR *)(pstr_dest), \
+                     (CPU_CHAR *)(pstr_src), (CPU_SIZE_T)(len_max)))
+    #define XSTRNCMP(pstr_1, pstr_2, len_max) \
+                    ((CPU_INT16S)Str_Cmp_N((CPU_CHAR *)(pstr_1), \
+                     (CPU_CHAR *)(pstr_2), (CPU_SIZE_T)(len_max)))
+    #define XSTRSTR(pstr, pstr_srch) \
+                    ((CPU_CHAR *)Str_Str((CPU_CHAR *)(pstr), \
+                     (CPU_CHAR *)(pstr_srch)))
+    #define XMEMSET(pmem, data_val, size) \
+                    ((void)Mem_Set((void *)(pmem), (CPU_INT08U) (data_val), \
+                    (CPU_SIZE_T)(size)))
+    #define XMEMCPY(pdest, psrc, size) ((void)Mem_Copy((void *)(pdest), \
+                     (void *)(psrc), (CPU_SIZE_T)(size)))
+    #define XMEMCMP(pmem_1, pmem_2, size) \
+                   (((CPU_BOOLEAN)Mem_Cmp((void *)(pmem_1), (void *)(pmem_2), \
+                     (CPU_SIZE_T)(size))) ? DEF_NO : DEF_YES)
+    #define XMEMMOVE XMEMCPY
+
+#if (NET_SECURE_MGR_CFG_EN == DEF_ENABLED)
+    #define MICRIUM_MALLOC
+    #define XMALLOC(s, h, type) ((void *)NetSecure_BlkGet((CPU_INT08U)(type), \
+                                 (CPU_SIZE_T)(s), (void *)0))
+    #define XFREE(p, h, type)   (NetSecure_BlkFree((CPU_INT08U)(type), \
+                                 (p), (void *)0))
+    #define XREALLOC(p, n, h, t) realloc((p), (n))
+#endif
+
+    #if (NET_SECURE_MGR_CFG_FS_EN == DEF_ENABLED)
+        #undef  NO_FILESYSTEM
+    #else
+        #define NO_FILESYSTEM
+    #endif
+
+    #if (SSL_CFG_TRACE_LEVEL == WOLFSSL_TRACE_LEVEL_DBG)
+        #define DEBUG_WOLFSSL
+    #else
+        #undef  DEBUG_WOLFSSL
+    #endif
+
+    #if (SSL_CFG_OPENSSL_EN == DEF_ENABLED)
+        #define OPENSSL_EXTRA
+    #else
+        #undef  OPENSSL_EXTRA
+    #endif
+
+    #if (SSL_CFG_MULTI_THREAD_EN == DEF_ENABLED)
+        #undef  SINGLE_THREADED
+    #else
+        #define SINGLE_THREADED
+    #endif
+
+    #if (SSL_CFG_DH_EN == DEF_ENABLED)
+        #undef  NO_DH
+    #else
+        #define NO_DH
+    #endif
+
+    #if (SSL_CFG_DSA_EN == DEF_ENABLED)
+        #undef  NO_DSA
+    #else
+        #define NO_DSA
+    #endif
+
+    #if (SSL_CFG_PSK_EN == DEF_ENABLED)
+        #undef  NO_PSK
+    #else
+        #define NO_PSK
+    #endif
+
+    #if (SSL_CFG_3DES_EN == DEF_ENABLED)
+        #undef  NO_DES
+    #else
+        #define NO_DES
+    #endif
+
+    #if (SSL_CFG_AES_EN == DEF_ENABLED)
+        #undef  NO_AES
+    #else
+        #define NO_AES
+    #endif
+
+    #if (SSL_CFG_RC4_EN == DEF_ENABLED)
+        #undef  NO_RC4
+    #else
+        #define NO_RC4
+    #endif
+
+    #if (SSL_CFG_RABBIT_EN == DEF_ENABLED)
+        #undef  NO_RABBIT
+    #else
+        #define NO_RABBIT
+    #endif
+
+    #if (SSL_CFG_HC128_EN == DEF_ENABLED)
+        #undef  NO_HC128
+    #else
+        #define NO_HC128
+    #endif
+
+    #if (CPU_CFG_ENDIAN_TYPE == CPU_ENDIAN_TYPE_BIG)
+        #define BIG_ENDIAN_ORDER
+    #else
+        #undef  BIG_ENDIAN_ORDER
+        #define LITTLE_ENDIAN_ORDER
+    #endif
+
+    #if (SSL_CFG_MD4_EN == DEF_ENABLED)
+        #undef  NO_MD4
+    #else
+        #define NO_MD4
+    #endif
+
+    #if (SSL_CFG_WRITEV_EN == DEF_ENABLED)
+        #undef  NO_WRITEV
+    #else
+        #define NO_WRITEV
+    #endif
+
+    #if (SSL_CFG_USER_RNG_SEED_EN == DEF_ENABLED)
+        #define NO_DEV_RANDOM
+    #else
+        #undef  NO_DEV_RANDOM
+    #endif
+
+    #if (SSL_CFG_USER_IO_EN == DEF_ENABLED)
+        #define WOLFSSL_USER_IO
+    #else
+        #undef  WOLFSSL_USER_IO
+    #endif
+
+    #if (SSL_CFG_DYNAMIC_BUFFERS_EN == DEF_ENABLED)
+        #undef  LARGE_STATIC_BUFFERS
+        #undef  STATIC_CHUNKS_ONLY
+    #else
+        #define LARGE_STATIC_BUFFERS
+        #define STATIC_CHUNKS_ONLY
+    #endif
+
+    #if (SSL_CFG_DER_LOAD_EN == DEF_ENABLED)
+        #define  WOLFSSL_DER_LOAD
+    #else
+        #undef   WOLFSSL_DER_LOAD
+    #endif
+
+    #if (SSL_CFG_DTLS_EN == DEF_ENABLED)
+        #define  WOLFSSL_DTLS
+    #else
+        #undef   WOLFSSL_DTLS
+    #endif
+
+    #if (SSL_CFG_CALLBACKS_EN == DEF_ENABLED)
+         #define WOLFSSL_CALLBACKS
+    #else
+         #undef  WOLFSSL_CALLBACKS
+    #endif
+
+    #if (SSL_CFG_FAST_MATH_EN == DEF_ENABLED)
+         #define USE_FAST_MATH
+    #else
+         #undef  USE_FAST_MATH
+    #endif
+
+    #if (SSL_CFG_TFM_TIMING_RESISTANT_EN == DEF_ENABLED)
+         #define TFM_TIMING_RESISTANT
+    #else
+         #undef  TFM_TIMING_RESISTANT
+    #endif
+
+#endif /* MICRIUM */
+
+
+#ifdef WOLFSSL_QL
+    #ifndef WOLFSSL_SEP
+        #define WOLFSSL_SEP
+    #endif
+    #ifndef OPENSSL_EXTRA
+        #define OPENSSL_EXTRA
+    #endif
+    #ifndef SESSION_CERTS
+        #define SESSION_CERTS
+    #endif
+    #ifndef HAVE_AESCCM
+        #define HAVE_AESCCM
+    #endif
+    #ifndef ATOMIC_USER
+        #define ATOMIC_USER
+    #endif
+    #ifndef WOLFSSL_DER_LOAD
+        #define WOLFSSL_DER_LOAD
+    #endif
+    #ifndef KEEP_PEER_CERT
+        #define KEEP_PEER_CERT
+    #endif
+    #ifndef HAVE_ECC
+        #define HAVE_ECC
+    #endif
+    #ifndef SESSION_INDEX
+        #define SESSION_INDEX
+    #endif
+#endif /* WOLFSSL_QL */
+
+
+#if !defined(XMALLOC_USER) && !defined(MICRIUM_MALLOC) && \
+    !defined(WOLFSSL_LEANPSK) && !defined(NO_WOLFSSL_MEMORY)
+    #define USE_WOLFSSL_MEMORY
+#endif
+
+
+#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS)
+    #undef  KEEP_PEER_CERT
+    #define KEEP_PEER_CERT
+#endif
+
+
+/* stream ciphers except arc4 need 32bit alignment, intel ok without */
+#ifndef XSTREAM_ALIGNMENT
+    #if defined(__x86_64__) || defined(__ia64__) || defined(__i386__)
+        #define NO_XSTREAM_ALIGNMENT
+    #else
+        #define XSTREAM_ALIGNMENT
+    #endif
+#endif
+
+
+/* FreeScale MMCAU hardware crypto has 4 byte alignment */
+#ifdef FREESCALE_MMCAU
+    #define WOLFSSL_MMCAU_ALIGNMENT 4
+#endif
+
+/* if using hardware crypto and have alignment requirements, specify the
+   requirement here.  The record header of SSL/TLS will prvent easy alignment.
+   This hint tries to help as much as possible.  */
+#ifndef WOLFSSL_GENERAL_ALIGNMENT
+    #ifdef WOLFSSL_AESNI
+        #define WOLFSSL_GENERAL_ALIGNMENT 16
+    #elif defined(XSTREAM_ALIGNMENT)
+        #define WOLFSSL_GENERAL_ALIGNMENT  4
+    #elif defined(FREESCALE_MMCAU)
+        #define WOLFSSL_GENERAL_ALIGNMENT  WOLFSSL_MMCAU_ALIGNMENT
+    #else
+        #define WOLFSSL_GENERAL_ALIGNMENT  0
+    #endif
+#endif
+
+#ifdef HAVE_CRL
+    /* not widely supported yet */
+    #undef NO_SKID
+    #define NO_SKID
+#endif
+
+
+#ifdef __INTEL_COMPILER
+    #pragma warning(disable:2259) /* explicit casts to smaller sizes, disable */
+#endif
+
+
+/* Place any other flags or defines here */
+
+
+#ifdef __cplusplus
+    }   /* extern "C" */
+#endif
+
+#endif
diff --git a/3P/wolfssl/wolfssl/wolfcrypt/sha.h b/3P/wolfssl/wolfssl/wolfcrypt/sha.h
new file mode 100644
index 00000000..002029e2
--- /dev/null
+++ b/3P/wolfssl/wolfssl/wolfcrypt/sha.h
@@ -0,0 +1,82 @@
+/* sha.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#ifndef NO_SHA
+
+#ifndef WOLF_CRYPT_SHA_H
+#define WOLF_CRYPT_SHA_H
+
+
+#include 
+
+#ifdef HAVE_FIPS
+/* for fips @wc_fips */
+#include 
+#endif
+
+#ifdef __cplusplus
+    extern "C" {
+#endif
+
+#ifndef HAVE_FIPS /* avoid redefining structs */
+/* in bytes */
+enum {
+#ifdef STM32F2_HASH
+    SHA_REG_SIZE     =  4,    /* STM32 register size, bytes */
+#endif
+    SHA              =  1,    /* hash type unique */
+    SHA_BLOCK_SIZE   = 64,
+    SHA_DIGEST_SIZE  = 20,
+    SHA_PAD_SIZE     = 56
+};
+
+#ifdef WOLFSSL_PIC32MZ_HASH
+#include "port/pic32/pic32mz-crypt.h"
+#endif
+
+/* Sha digest */
+typedef struct Sha {
+    word32  buffLen;   /* in bytes          */
+    word32  loLen;     /* length in bytes   */
+    word32  hiLen;     /* length in bytes   */
+    word32  buffer[SHA_BLOCK_SIZE  / sizeof(word32)];
+    #ifndef WOLFSSL_PIC32MZ_HASH
+        word32  digest[SHA_DIGEST_SIZE / sizeof(word32)];
+    #else
+        word32  digest[PIC32_HASH_SIZE / sizeof(word32)];
+        pic32mz_desc desc; /* Crypt Engine descripter */
+    #endif
+} Sha;
+#endif /* HAVE_FIPS */
+
+WOLFSSL_API int wc_InitSha(Sha*);
+WOLFSSL_API int wc_ShaUpdate(Sha*, const byte*, word32);
+WOLFSSL_API int wc_ShaFinal(Sha*, byte*);
+WOLFSSL_API int wc_ShaHash(const byte*, word32, byte*);
+
+#ifdef __cplusplus
+    } /* extern "C" */
+#endif
+
+#endif /* CTAO_CRYPT_SHA_H */
+#endif /* NO_SHA */
+
diff --git a/3P/wolfssl/wolfssl/wolfcrypt/sha256.h b/3P/wolfssl/wolfssl/wolfcrypt/sha256.h
new file mode 100644
index 00000000..a9280a88
--- /dev/null
+++ b/3P/wolfssl/wolfssl/wolfcrypt/sha256.h
@@ -0,0 +1,79 @@
+/* sha256.h
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+/* code submitted by raphael.huck@efixo.com */
+
+
+#ifndef NO_SHA256
+
+#ifndef WOLF_CRYPT_SHA256_H
+#define WOLF_CRYPT_SHA256_H
+
+#ifdef HAVE_FIPS
+/* for fips @wc_fips */
+#include 
+#endif
+
+#include 
+
+#ifdef __cplusplus
+    extern "C" {
+#endif
+
+#ifndef HAVE_FIPS /* avoid redefinition of structs */
+#ifdef WOLFSSL_PIC32MZ_HASH
+#include "port/pic32/pic32mz-crypt.h"
+#endif
+
+/* in bytes */
+enum {
+    SHA256              =  2,   /* hash type unique */
+    SHA256_BLOCK_SIZE   = 64,
+    SHA256_DIGEST_SIZE  = 32,
+    SHA256_PAD_SIZE     = 56
+};
+
+
+/* Sha256 digest */
+typedef struct Sha256 {
+    word32  buffLen;   /* in bytes          */
+    word32  loLen;     /* length in bytes   */
+    word32  hiLen;     /* length in bytes   */
+    word32  digest[SHA256_DIGEST_SIZE / sizeof(word32)];
+    word32  buffer[SHA256_BLOCK_SIZE  / sizeof(word32)];
+    #ifdef WOLFSSL_PIC32MZ_HASH
+        pic32mz_desc desc ; /* Crypt Engine descripter */
+    #endif
+} Sha256;
+
+#endif /* HAVE_FIPS */
+
+WOLFSSL_API int wc_InitSha256(Sha256*);
+WOLFSSL_API int wc_Sha256Update(Sha256*, const byte*, word32);
+WOLFSSL_API int wc_Sha256Final(Sha256*, byte*);
+WOLFSSL_API int wc_Sha256Hash(const byte*, word32, byte*);
+
+#ifdef __cplusplus
+    } /* extern "C" */
+#endif
+
+#endif /* WOLF_CRYPT_SHA256_H */
+#endif /* NO_SHA256 */
+
diff --git a/3P/wolfssl/wolfssl/wolfcrypt/sha512.h b/3P/wolfssl/wolfssl/wolfcrypt/sha512.h
new file mode 100644
index 00000000..2650ca7e
--- /dev/null
+++ b/3P/wolfssl/wolfssl/wolfcrypt/sha512.h
@@ -0,0 +1,104 @@
+/* sha512.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+#ifdef WOLFSSL_SHA512
+
+#ifndef WOLF_CRYPT_SHA512_H
+#define WOLF_CRYPT_SHA512_H
+
+#include 
+
+/* for fips @wc_fips */
+#ifdef HAVE_FIPS
+    #define CYASSL_SHA512
+    #if defined(WOLFSSL_SHA384)
+        #define CYASSL_SHA384
+    #endif
+    #include 
+#endif
+
+#ifdef __cplusplus
+    extern "C" {
+#endif
+
+#ifndef HAVE_FIPS /* avoid redefinition of structs */
+
+/* in bytes */
+enum {
+    SHA512              =   4,   /* hash type unique */
+    SHA512_BLOCK_SIZE   = 128,
+    SHA512_DIGEST_SIZE  =  64,
+    SHA512_PAD_SIZE     = 112
+};
+
+
+/* Sha512 digest */
+typedef struct Sha512 {
+    word32  buffLen;   /* in bytes          */
+    word32  loLen;     /* length in bytes   */
+    word32  hiLen;     /* length in bytes   */
+    word64  digest[SHA512_DIGEST_SIZE / sizeof(word64)];
+    word64  buffer[SHA512_BLOCK_SIZE  / sizeof(word64)];
+} Sha512;
+
+#endif /* HAVE_FIPS */
+
+WOLFSSL_API int wc_InitSha512(Sha512*);
+WOLFSSL_API int wc_Sha512Update(Sha512*, const byte*, word32);
+WOLFSSL_API int wc_Sha512Final(Sha512*, byte*);
+WOLFSSL_API int wc_Sha512Hash(const byte*, word32, byte*);
+
+#if defined(WOLFSSL_SHA384) || defined(HAVE_AESGCM)
+
+#ifndef HAVE_FIPS /* avoid redefinition of structs */
+/* in bytes */
+enum {
+    SHA384              =   5,   /* hash type unique */
+    SHA384_BLOCK_SIZE   = 128,
+    SHA384_DIGEST_SIZE  =  48,
+    SHA384_PAD_SIZE     = 112
+};
+
+
+/* Sha384 digest */
+typedef struct Sha384 {
+    word32  buffLen;   /* in bytes          */
+    word32  loLen;     /* length in bytes   */
+    word32  hiLen;     /* length in bytes   */
+    word64  digest[SHA512_DIGEST_SIZE / sizeof(word64)]; /* for transform 512 */
+    word64  buffer[SHA384_BLOCK_SIZE  / sizeof(word64)];
+} Sha384;
+#endif /* HAVE_FIPS */
+
+WOLFSSL_API int wc_InitSha384(Sha384*);
+WOLFSSL_API int wc_Sha384Update(Sha384*, const byte*, word32);
+WOLFSSL_API int wc_Sha384Final(Sha384*, byte*);
+WOLFSSL_API int wc_Sha384Hash(const byte*, word32, byte*);
+
+#endif /* WOLFSSL_SHA384 */
+
+#ifdef __cplusplus
+    } /* extern "C" */
+#endif
+
+#endif /* WOLF_CRYPT_SHA512_H */
+#endif /* WOLFSSL_SHA512 */
+
diff --git a/3P/wolfssl/wolfssl/wolfcrypt/tfm.h b/3P/wolfssl/wolfssl/wolfcrypt/tfm.h
new file mode 100644
index 00000000..a928a2ac
--- /dev/null
+++ b/3P/wolfssl/wolfssl/wolfcrypt/tfm.h
@@ -0,0 +1,720 @@
+/* tfm.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+/*
+ * Based on public domain TomsFastMath 0.10 by Tom St Denis, tomstdenis@iahu.ca,
+ * http://math.libtomcrypt.com
+ */
+
+
+/**
+ *  Edited by Moisés Guimarães (moises.guimaraes@phoebus.com.br)
+ *  to fit CyaSSL's needs.
+ */
+
+
+#ifndef WOLF_CRYPT_TFM_H
+#define WOLF_CRYPT_TFM_H
+
+#include 
+#ifndef CHAR_BIT
+    #include 
+#endif
+
+
+#ifdef __cplusplus
+    extern "C" {
+#endif
+
+#ifndef MIN
+   #define MIN(x,y) ((x)<(y)?(x):(y))
+#endif
+
+#ifndef MAX
+   #define MAX(x,y) ((x)>(y)?(x):(y))
+#endif
+
+
+#ifndef NO_64BIT
+/* autodetect x86-64 and make sure we are using 64-bit digits with x86-64 asm */
+#if defined(__x86_64__)
+   #if defined(TFM_X86) || defined(TFM_SSE2) || defined(TFM_ARM)
+       #error x86-64 detected, x86-32/SSE2/ARM optimizations are not valid!
+   #endif
+   #if !defined(TFM_X86_64) && !defined(TFM_NO_ASM)
+      #define TFM_X86_64
+   #endif
+#endif
+#if defined(TFM_X86_64)
+    #if !defined(FP_64BIT)
+       #define FP_64BIT
+    #endif
+#endif
+/* use 64-bit digit even if not using asm on x86_64 */
+#if defined(__x86_64__) && !defined(FP_64BIT)
+    #define FP_64BIT
+#endif
+/* if intel compiler doesn't provide 128 bit type don't turn on 64bit */
+#if defined(FP_64BIT) && defined(__INTEL_COMPILER) && !defined(HAVE___UINT128_T)
+    #undef FP_64BIT
+    #undef TFM_X86_64
+#endif
+#endif /* NO_64BIT */
+
+/* try to detect x86-32 */
+#if defined(__i386__) && !defined(TFM_SSE2)
+   #if defined(TFM_X86_64) || defined(TFM_ARM)
+       #error x86-32 detected, x86-64/ARM optimizations are not valid!
+   #endif
+   #if !defined(TFM_X86) && !defined(TFM_NO_ASM)
+      #define TFM_X86
+   #endif
+#endif
+
+/* make sure we're 32-bit for x86-32/sse/arm/ppc32 */
+#if (defined(TFM_X86) || defined(TFM_SSE2) || defined(TFM_ARM) || defined(TFM_PPC32)) && defined(FP_64BIT)
+   #warning x86-32, SSE2 and ARM, PPC32 optimizations require 32-bit digits (undefining)
+   #undef FP_64BIT
+#endif
+
+/* multi asms? */
+#ifdef TFM_X86
+   #define TFM_ASM
+#endif
+#ifdef TFM_X86_64
+   #ifdef TFM_ASM
+      #error TFM_ASM already defined!
+   #endif
+   #define TFM_ASM
+#endif
+#ifdef TFM_SSE2
+   #ifdef TFM_ASM
+      #error TFM_ASM already defined!
+   #endif
+   #define TFM_ASM
+#endif
+#ifdef TFM_ARM
+   #ifdef TFM_ASM
+      #error TFM_ASM already defined!
+   #endif
+   #define TFM_ASM
+#endif
+#ifdef TFM_PPC32
+   #ifdef TFM_ASM
+      #error TFM_ASM already defined!
+   #endif
+   #define TFM_ASM
+#endif
+#ifdef TFM_PPC64
+   #ifdef TFM_ASM
+      #error TFM_ASM already defined!
+   #endif
+   #define TFM_ASM
+#endif
+#ifdef TFM_AVR32
+   #ifdef TFM_ASM
+      #error TFM_ASM already defined!
+   #endif
+   #define TFM_ASM
+#endif
+
+/* we want no asm? */
+#ifdef TFM_NO_ASM
+   #undef TFM_X86
+   #undef TFM_X86_64
+   #undef TFM_SSE2
+   #undef TFM_ARM
+   #undef TFM_PPC32
+   #undef TFM_PPC64
+   #undef TFM_AVR32
+   #undef TFM_ASM
+#endif
+
+/* ECC helpers */
+#ifdef TFM_ECC192
+   #ifdef FP_64BIT
+       #define TFM_MUL3
+       #define TFM_SQR3
+   #else
+       #define TFM_MUL6
+       #define TFM_SQR6
+   #endif
+#endif
+
+#ifdef TFM_ECC224
+   #ifdef FP_64BIT
+       #define TFM_MUL4
+       #define TFM_SQR4
+   #else
+       #define TFM_MUL7
+       #define TFM_SQR7
+   #endif
+#endif
+
+#ifdef TFM_ECC256
+   #ifdef FP_64BIT
+       #define TFM_MUL4
+       #define TFM_SQR4
+   #else
+       #define TFM_MUL8
+       #define TFM_SQR8
+   #endif
+#endif
+
+#ifdef TFM_ECC384
+   #ifdef FP_64BIT
+       #define TFM_MUL6
+       #define TFM_SQR6
+   #else
+       #define TFM_MUL12
+       #define TFM_SQR12
+   #endif
+#endif
+
+#ifdef TFM_ECC521
+   #ifdef FP_64BIT
+       #define TFM_MUL9
+       #define TFM_SQR9
+   #else
+       #define TFM_MUL17
+       #define TFM_SQR17
+   #endif
+#endif
+
+
+/* some default configurations.
+ */
+#if defined(FP_64BIT)
+   /* for GCC only on supported platforms */
+   typedef unsigned long long fp_digit;   /* 64bit, 128 uses mode(TI) below */
+   typedef unsigned long      fp_word __attribute__ ((mode(TI)));
+#else
+   #if defined(_MSC_VER) || defined(__BORLANDC__)
+      typedef unsigned __int64   ulong64;
+   #else
+      typedef unsigned long long ulong64;
+   #endif
+
+   #ifndef NO_64BIT
+      typedef unsigned int       fp_digit;
+      typedef ulong64            fp_word;
+      #define FP_32BIT
+   #else
+      /* some procs like coldfire prefer not to place multiply into 64bit type
+         even though it exists */
+      typedef unsigned short     fp_digit;
+      typedef unsigned int       fp_word;
+   #endif
+#endif
+
+/* # of digits this is */
+#define DIGIT_BIT  (int)((CHAR_BIT) * sizeof(fp_digit))
+
+/* Max size of any number in bits.  Basically the largest size you will be
+ * multiplying should be half [or smaller] of FP_MAX_SIZE-four_digit
+ *
+ * It defaults to 4096-bits [allowing multiplications upto 2048x2048 bits ]
+ */
+#ifndef FP_MAX_BITS
+    #define FP_MAX_BITS           4096
+#endif
+#define FP_MAX_SIZE           (FP_MAX_BITS+(8*DIGIT_BIT))
+
+/* will this lib work? */
+#if (CHAR_BIT & 7)
+   #error CHAR_BIT must be a multiple of eight.
+#endif
+#if FP_MAX_BITS % CHAR_BIT
+   #error FP_MAX_BITS must be a multiple of CHAR_BIT
+#endif
+
+#define FP_MASK    (fp_digit)(-1)
+#define FP_SIZE    (FP_MAX_SIZE/DIGIT_BIT)
+
+/* signs */
+#define FP_ZPOS     0
+#define FP_NEG      1
+
+/* return codes */
+#define FP_OKAY     0
+#define FP_VAL      1
+#define FP_MEM      2
+
+/* equalities */
+#define FP_LT        -1   /* less than */
+#define FP_EQ         0   /* equal to */
+#define FP_GT         1   /* greater than */
+
+/* replies */
+#define FP_YES        1   /* yes response */
+#define FP_NO         0   /* no response */
+
+/* a FP type */
+typedef struct {
+    int      used,
+             sign;
+#ifdef ALT_ECC_SIZE
+    int      size;
+#endif
+    fp_digit dp[FP_SIZE];
+} fp_int;
+
+/* externally define this symbol to ignore the default settings, useful for changing the build from the make process */
+#ifndef TFM_ALREADY_SET
+
+/* do we want the large set of small multiplications ?
+   Enable these if you are going to be doing a lot of small (<= 16 digit) multiplications say in ECC
+   Or if you're on a 64-bit machine doing RSA as a 1024-bit integer == 16 digits ;-)
+ */
+/* need to refactor the function */
+/*#define TFM_SMALL_SET */
+
+/* do we want huge code
+   Enable these if you are doing 20, 24, 28, 32, 48, 64 digit multiplications (useful for RSA)
+   Less important on 64-bit machines as 32 digits == 2048 bits
+ */
+#if 0
+#define TFM_MUL3
+#define TFM_MUL4
+#define TFM_MUL6
+#define TFM_MUL7
+#define TFM_MUL8
+#define TFM_MUL9
+#define TFM_MUL12
+#define TFM_MUL17
+#endif
+#ifdef TFM_HUGE_SET
+#define TFM_MUL20
+#define TFM_MUL24
+#define TFM_MUL28
+#define TFM_MUL32
+#if (FP_MAX_BITS >= 6144) && defined(FP_64BIT)
+    #define TFM_MUL48
+#endif
+#if (FP_MAX_BITS >= 8192) && defined(FP_64BIT)
+    #define TFM_MUL64
+#endif
+#endif
+
+#if 0
+#define TFM_SQR3
+#define TFM_SQR4
+#define TFM_SQR6
+#define TFM_SQR7
+#define TFM_SQR8
+#define TFM_SQR9
+#define TFM_SQR12
+#define TFM_SQR17
+#endif
+#ifdef TFM_HUGE_SET
+#define TFM_SQR20
+#define TFM_SQR24
+#define TFM_SQR28
+#define TFM_SQR32
+#define TFM_SQR48
+#define TFM_SQR64
+#endif
+
+/* do we want some overflow checks
+   Not required if you make sure your numbers are within range (e.g. by default a modulus for fp_exptmod() can only be upto 2048 bits long)
+ */
+/* #define TFM_CHECK */
+
+/* Is the target a P4 Prescott
+ */
+/* #define TFM_PRESCOTT */
+
+/* Do we want timing resistant fp_exptmod() ?
+ * This makes it slower but also timing invariant with respect to the exponent 
+ */
+/* #define TFM_TIMING_RESISTANT */
+
+#endif /* TFM_ALREADY_SET */
+
+/* functions */
+
+/* returns a TFM ident string useful for debugging... */
+/*const char *fp_ident(void);*/
+
+/* initialize [or zero] an fp int */
+#ifdef ALT_ECC_SIZE
+    void fp_init(fp_int *a);
+    void fp_zero(fp_int *a);
+#else
+    #define fp_init(a)  (void)XMEMSET((a), 0, sizeof(fp_int))
+    #define fp_zero(a)  fp_init(a)
+#endif
+
+/* zero/even/odd ? */
+#define fp_iszero(a) (((a)->used == 0) ? FP_YES : FP_NO)
+#define fp_iseven(a) (((a)->used >= 0 && (((a)->dp[0] & 1) == 0)) ? FP_YES : FP_NO)
+#define fp_isodd(a)  (((a)->used > 0  && (((a)->dp[0] & 1) == 1)) ? FP_YES : FP_NO)
+
+/* set to a small digit */
+void fp_set(fp_int *a, fp_digit b);
+
+/* copy from a to b */
+#ifndef ALT_ECC_SIZE
+    #define fp_copy(a, b)  (void)(((a) != (b)) ? ((void)XMEMCPY((b), (a), sizeof(fp_int))) : (void)0)
+    #define fp_init_copy(a, b) fp_copy(b, a)
+#else
+    void fp_copy(fp_int *a, fp_int *b);
+    void fp_init_copy(fp_int *a, fp_int *b);
+#endif
+
+/* clamp digits */
+#define fp_clamp(a)   { while ((a)->used && (a)->dp[(a)->used-1] == 0) --((a)->used); (a)->sign = (a)->used ? (a)->sign : FP_ZPOS; }
+
+/* negate and absolute */
+#define fp_neg(a, b)  { fp_copy(a, b); (b)->sign ^= 1; fp_clamp(b); }
+#define fp_abs(a, b)  { fp_copy(a, b); (b)->sign  = 0; }
+
+/* right shift x digits */
+void fp_rshd(fp_int *a, int x);
+
+/* right shift x bits */
+void fp_rshb(fp_int *a, int x);
+
+/* left shift x digits */
+void fp_lshd(fp_int *a, int x);
+
+/* signed comparison */
+int fp_cmp(fp_int *a, fp_int *b);
+
+/* unsigned comparison */
+int fp_cmp_mag(fp_int *a, fp_int *b);
+
+/* power of 2 operations */
+void fp_div_2d(fp_int *a, int b, fp_int *c, fp_int *d);
+void fp_mod_2d(fp_int *a, int b, fp_int *c);
+void fp_mul_2d(fp_int *a, int b, fp_int *c);
+void fp_2expt (fp_int *a, int b);
+void fp_mul_2(fp_int *a, fp_int *c);
+void fp_div_2(fp_int *a, fp_int *c);
+
+/* Counts the number of lsbs which are zero before the first zero bit */
+int fp_cnt_lsb(fp_int *a);
+
+/* c = a + b */
+void fp_add(fp_int *a, fp_int *b, fp_int *c);
+
+/* c = a - b */
+void fp_sub(fp_int *a, fp_int *b, fp_int *c);
+
+/* c = a * b */
+void fp_mul(fp_int *a, fp_int *b, fp_int *c);
+
+/* b = a*a  */
+void fp_sqr(fp_int *a, fp_int *b);
+
+/* a/b => cb + d == a */
+int fp_div(fp_int *a, fp_int *b, fp_int *c, fp_int *d);
+
+/* c = a mod b, 0 <= c < b  */
+int fp_mod(fp_int *a, fp_int *b, fp_int *c);
+
+/* compare against a single digit */
+int fp_cmp_d(fp_int *a, fp_digit b);
+
+/* c = a + b */
+void fp_add_d(fp_int *a, fp_digit b, fp_int *c);
+
+/* c = a - b */
+void fp_sub_d(fp_int *a, fp_digit b, fp_int *c);
+
+/* c = a * b */
+void fp_mul_d(fp_int *a, fp_digit b, fp_int *c);
+
+/* a/b => cb + d == a */
+/*int fp_div_d(fp_int *a, fp_digit b, fp_int *c, fp_digit *d);*/
+
+/* c = a mod b, 0 <= c < b  */
+/*int fp_mod_d(fp_int *a, fp_digit b, fp_digit *c);*/
+
+/* ---> number theory <--- */
+/* d = a + b (mod c) */
+/*int fp_addmod(fp_int *a, fp_int *b, fp_int *c, fp_int *d);*/
+
+/* d = a - b (mod c) */
+/*int fp_submod(fp_int *a, fp_int *b, fp_int *c, fp_int *d);*/
+
+/* d = a * b (mod c) */
+int fp_mulmod(fp_int *a, fp_int *b, fp_int *c, fp_int *d);
+
+/* c = a * a (mod b) */
+int fp_sqrmod(fp_int *a, fp_int *b, fp_int *c);
+
+/* c = 1/a (mod b) */
+int fp_invmod(fp_int *a, fp_int *b, fp_int *c);
+
+/* c = (a, b) */
+/*void fp_gcd(fp_int *a, fp_int *b, fp_int *c);*/
+
+/* c = [a, b] */
+/*void fp_lcm(fp_int *a, fp_int *b, fp_int *c);*/
+
+/* setups the montgomery reduction */
+int fp_montgomery_setup(fp_int *a, fp_digit *mp);
+
+/* computes a = B**n mod b without division or multiplication useful for
+ * normalizing numbers in a Montgomery system.
+ */
+void fp_montgomery_calc_normalization(fp_int *a, fp_int *b);
+
+/* computes x/R == x (mod N) via Montgomery Reduction */
+void fp_montgomery_reduce(fp_int *a, fp_int *m, fp_digit mp);
+
+/* d = a**b (mod c) */
+int fp_exptmod(fp_int *a, fp_int *b, fp_int *c, fp_int *d);
+
+/* primality stuff */
+
+/* perform a Miller-Rabin test of a to the base b and store result in "result" */
+/*void fp_prime_miller_rabin (fp_int * a, fp_int * b, int *result);*/
+
+/* 256 trial divisions + 8 Miller-Rabins, returns FP_YES if probable prime  */
+/*int fp_isprime(fp_int *a);*/
+
+/* Primality generation flags */
+/*#define TFM_PRIME_BBS      0x0001 */ /* BBS style prime */
+/*#define TFM_PRIME_SAFE     0x0002 */ /* Safe prime (p-1)/2 == prime */
+/*#define TFM_PRIME_2MSB_OFF 0x0004 */ /* force 2nd MSB to 0 */
+/*#define TFM_PRIME_2MSB_ON  0x0008 */ /* force 2nd MSB to 1 */
+
+/* callback for fp_prime_random, should fill dst with random bytes and return how many read [upto len] */
+/*typedef int tfm_prime_callback(unsigned char *dst, int len, void *dat);*/
+
+/*#define fp_prime_random(a, t, size, bbs, cb, dat) fp_prime_random_ex(a, t, ((size) * 8) + 1, (bbs==1)?TFM_PRIME_BBS:0, cb, dat)*/
+
+/*int fp_prime_random_ex(fp_int *a, int t, int size, int flags, tfm_prime_callback cb, void *dat);*/
+
+/* radix conersions */
+int fp_count_bits(fp_int *a);
+int fp_leading_bit(fp_int *a);
+
+int fp_unsigned_bin_size(fp_int *a);
+void fp_read_unsigned_bin(fp_int *a, unsigned char *b, int c);
+void fp_to_unsigned_bin(fp_int *a, unsigned char *b);
+
+/*int fp_signed_bin_size(fp_int *a);*/
+/*void fp_read_signed_bin(fp_int *a, unsigned char *b, int c);*/
+/*void fp_to_signed_bin(fp_int *a, unsigned char *b);*/
+
+/*int fp_read_radix(fp_int *a, char *str, int radix);*/
+/*int fp_toradix(fp_int *a, char *str, int radix);*/
+/*int fp_toradix_n(fp_int * a, char *str, int radix, int maxlen);*/
+
+
+/* VARIOUS LOW LEVEL STUFFS */
+void s_fp_add(fp_int *a, fp_int *b, fp_int *c);
+void s_fp_sub(fp_int *a, fp_int *b, fp_int *c);
+void fp_reverse(unsigned char *s, int len);
+
+void fp_mul_comba(fp_int *a, fp_int *b, fp_int *c);
+
+#ifdef TFM_SMALL_SET
+void fp_mul_comba_small(fp_int *a, fp_int *b, fp_int *c);
+#endif
+
+#ifdef TFM_MUL3
+void fp_mul_comba3(fp_int *a, fp_int *b, fp_int *c);
+#endif
+#ifdef TFM_MUL4
+void fp_mul_comba4(fp_int *a, fp_int *b, fp_int *c);
+#endif
+#ifdef TFM_MUL6
+void fp_mul_comba6(fp_int *a, fp_int *b, fp_int *c);
+#endif
+#ifdef TFM_MUL7
+void fp_mul_comba7(fp_int *a, fp_int *b, fp_int *c);
+#endif
+#ifdef TFM_MUL8
+void fp_mul_comba8(fp_int *a, fp_int *b, fp_int *c);
+#endif
+#ifdef TFM_MUL9
+void fp_mul_comba9(fp_int *a, fp_int *b, fp_int *c);
+#endif
+#ifdef TFM_MUL12
+void fp_mul_comba12(fp_int *a, fp_int *b, fp_int *c);
+#endif
+#ifdef TFM_MUL17
+void fp_mul_comba17(fp_int *a, fp_int *b, fp_int *c);
+#endif
+
+#ifdef TFM_MUL20
+void fp_mul_comba20(fp_int *a, fp_int *b, fp_int *c);
+#endif
+#ifdef TFM_MUL24
+void fp_mul_comba24(fp_int *a, fp_int *b, fp_int *c);
+#endif
+#ifdef TFM_MUL28
+void fp_mul_comba28(fp_int *a, fp_int *b, fp_int *c);
+#endif
+#ifdef TFM_MUL32
+void fp_mul_comba32(fp_int *a, fp_int *b, fp_int *c);
+#endif
+#ifdef TFM_MUL48
+void fp_mul_comba48(fp_int *a, fp_int *b, fp_int *c);
+#endif
+#ifdef TFM_MUL64
+void fp_mul_comba64(fp_int *a, fp_int *b, fp_int *c);
+#endif
+
+void fp_sqr_comba(fp_int *a, fp_int *b);
+
+#ifdef TFM_SMALL_SET
+void fp_sqr_comba_small(fp_int *a, fp_int *b);
+#endif
+
+#ifdef TFM_SQR3
+void fp_sqr_comba3(fp_int *a, fp_int *b);
+#endif
+#ifdef TFM_SQR4
+void fp_sqr_comba4(fp_int *a, fp_int *b);
+#endif
+#ifdef TFM_SQR6
+void fp_sqr_comba6(fp_int *a, fp_int *b);
+#endif
+#ifdef TFM_SQR7
+void fp_sqr_comba7(fp_int *a, fp_int *b);
+#endif
+#ifdef TFM_SQR8
+void fp_sqr_comba8(fp_int *a, fp_int *b);
+#endif
+#ifdef TFM_SQR9
+void fp_sqr_comba9(fp_int *a, fp_int *b);
+#endif
+#ifdef TFM_SQR12
+void fp_sqr_comba12(fp_int *a, fp_int *b);
+#endif
+#ifdef TFM_SQR17
+void fp_sqr_comba17(fp_int *a, fp_int *b);
+#endif
+
+#ifdef TFM_SQR20
+void fp_sqr_comba20(fp_int *a, fp_int *b);
+#endif
+#ifdef TFM_SQR24
+void fp_sqr_comba24(fp_int *a, fp_int *b);
+#endif
+#ifdef TFM_SQR28
+void fp_sqr_comba28(fp_int *a, fp_int *b);
+#endif
+#ifdef TFM_SQR32
+void fp_sqr_comba32(fp_int *a, fp_int *b);
+#endif
+#ifdef TFM_SQR48
+void fp_sqr_comba48(fp_int *a, fp_int *b);
+#endif
+#ifdef TFM_SQR64
+void fp_sqr_comba64(fp_int *a, fp_int *b);
+#endif
+/*extern const char *fp_s_rmap;*/
+
+
+/**
+ * Used by wolfSSL
+ */
+
+/* Types */
+    typedef fp_digit mp_digit;
+    typedef fp_word  mp_word;
+    typedef fp_int mp_int;
+
+/* Constants */
+    #define MP_LT   FP_LT   /* less than    */
+    #define MP_EQ   FP_EQ   /* equal to     */
+    #define MP_GT   FP_GT   /* greater than */
+    #define MP_VAL  FP_VAL  /* invalid */
+    #define MP_OKAY FP_OKAY /* ok result    */
+    #define MP_NO   FP_NO   /* yes/no result */
+    #define MP_YES  FP_YES  /* yes/no result */
+
+/* Prototypes */
+#define mp_zero(a)  fp_zero(a)
+#define mp_iseven(a)  fp_iseven(a)
+int  mp_init (mp_int * a);
+void mp_clear (mp_int * a);
+int mp_init_multi(mp_int* a, mp_int* b, mp_int* c, mp_int* d, mp_int* e, mp_int* f);
+
+int  mp_add (mp_int * a, mp_int * b, mp_int * c);
+int  mp_sub (mp_int * a, mp_int * b, mp_int * c);
+int  mp_add_d (mp_int * a, mp_digit b, mp_int * c);
+
+int  mp_mul (mp_int * a, mp_int * b, mp_int * c);
+int  mp_mulmod (mp_int * a, mp_int * b, mp_int * c, mp_int * d);
+int  mp_mod(mp_int *a, mp_int *b, mp_int *c);
+int  mp_invmod(mp_int *a, mp_int *b, mp_int *c);
+int  mp_exptmod (mp_int * g, mp_int * x, mp_int * p, mp_int * y);
+
+int  mp_cmp(mp_int *a, mp_int *b);
+int  mp_cmp_d(mp_int *a, mp_digit b);
+
+int  mp_unsigned_bin_size(mp_int * a);
+int  mp_read_unsigned_bin (mp_int * a, const unsigned char *b, int c);
+int  mp_to_unsigned_bin (mp_int * a, unsigned char *b);
+
+int  mp_sub_d(fp_int *a, fp_digit b, fp_int *c);
+int  mp_copy(fp_int* a, fp_int* b);
+int  mp_isodd(mp_int* a);
+int  mp_iszero(mp_int* a);
+int  mp_count_bits(mp_int *a);
+int  mp_leading_bit(mp_int *a);
+int  mp_set_int(fp_int *a, fp_digit b);
+void mp_rshb(mp_int *a, int x);
+
+#ifdef HAVE_ECC
+    int mp_read_radix(mp_int* a, const char* str, int radix);
+    int mp_set(fp_int *a, fp_digit b);
+    int mp_sqr(fp_int *a, fp_int *b);
+    int mp_montgomery_reduce(fp_int *a, fp_int *m, fp_digit mp);
+    int mp_montgomery_setup(fp_int *a, fp_digit *rho);
+    int mp_div_2(fp_int * a, fp_int * b);
+    int mp_init_copy(fp_int * a, fp_int * b);
+#endif
+
+#if defined(HAVE_ECC) || defined(WOLFSSL_KEY_GEN)
+    int mp_sqrmod(mp_int* a, mp_int* b, mp_int* c);
+    int mp_montgomery_calc_normalization(mp_int *a, mp_int *b);
+#endif
+
+#ifdef WOLFSSL_KEY_GEN
+int  mp_gcd(fp_int *a, fp_int *b, fp_int *c);
+int  mp_lcm(fp_int *a, fp_int *b, fp_int *c);
+int  mp_prime_is_prime(mp_int* a, int t, int* result);
+#endif /* WOLFSSL_KEY_GEN */
+
+int  mp_cnt_lsb(fp_int *a);
+int  mp_div_2d(fp_int *a, int b, fp_int *c, fp_int *d);
+int  mp_mod_d(fp_int* a, fp_digit b, fp_digit* c);
+
+WOLFSSL_API word32 CheckRunTimeFastMath(void);
+
+/* If user uses RSA, DH, DSA, or ECC math lib directly then fast math FP_SIZE
+   must match, return 1 if a match otherwise 0 */
+#define CheckFastMathSettings() (FP_SIZE == CheckRunTimeFastMath())
+#ifdef __cplusplus
+   }
+#endif
+
+#endif  /* WOLF_CRYPT_TFM_H */
+
diff --git a/3P/wolfssl/wolfssl/wolfcrypt/types.h b/3P/wolfssl/wolfssl/wolfcrypt/types.h
new file mode 100644
index 00000000..d729ce31
--- /dev/null
+++ b/3P/wolfssl/wolfssl/wolfcrypt/types.h
@@ -0,0 +1,321 @@
+/* types.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#ifndef WOLF_CRYPT_TYPES_H
+#define WOLF_CRYPT_TYPES_H
+
+	#include 
+	#include 
+
+	#ifdef __cplusplus
+	    extern "C" {
+	#endif
+
+
+	#if defined(WORDS_BIGENDIAN)
+	    #define BIG_ENDIAN_ORDER
+	#endif
+
+	#ifndef BIG_ENDIAN_ORDER
+	    #define LITTLE_ENDIAN_ORDER
+	#endif
+
+	#ifndef WOLFSSL_TYPES
+	    #ifndef byte
+	        typedef unsigned char  byte;
+	    #endif
+	    typedef unsigned short word16;
+	    typedef unsigned int   word32;
+	#endif
+
+
+	/* try to set SIZEOF_LONG or LONG_LONG if user didn't */
+	#if !defined(_MSC_VER) && !defined(__BCPLUSPLUS__)
+	    #if !defined(SIZEOF_LONG_LONG) && !defined(SIZEOF_LONG)
+	        #if (defined(__alpha__) || defined(__ia64__) || defined(_ARCH_PPC64) \
+	                || defined(__mips64)  || defined(__x86_64__))
+	            /* long should be 64bit */
+	            #define SIZEOF_LONG 8
+	        #elif defined(__i386__) || defined(__CORTEX_M3__)
+	            /* long long should be 64bit */
+	            #define SIZEOF_LONG_LONG 8
+	        #endif
+	    #endif
+	#endif
+
+
+	#if defined(_MSC_VER) || defined(__BCPLUSPLUS__)
+	    #define WORD64_AVAILABLE
+	    #define W64LIT(x) x##ui64
+	    typedef unsigned __int64 word64;
+	#elif defined(SIZEOF_LONG) && SIZEOF_LONG == 8
+	    #define WORD64_AVAILABLE
+	    #define W64LIT(x) x##LL
+	    typedef unsigned long word64;
+	#elif defined(SIZEOF_LONG_LONG) && SIZEOF_LONG_LONG == 8
+	    #define WORD64_AVAILABLE
+	    #define W64LIT(x) x##LL
+	    typedef unsigned long long word64;
+	#elif defined(__SIZEOF_LONG_LONG__) && __SIZEOF_LONG_LONG__ == 8
+	    #define WORD64_AVAILABLE
+	    #define W64LIT(x) x##LL
+	    typedef unsigned long long word64;
+	#else
+	    #define MP_16BIT  /* for mp_int, mp_word needs to be twice as big as
+	                         mp_digit, no 64 bit type so make mp_digit 16 bit */
+	#endif
+
+
+	/* These platforms have 64-bit CPU registers.  */
+	#if (defined(__alpha__) || defined(__ia64__) || defined(_ARCH_PPC64) || \
+	     defined(__mips64)  || defined(__x86_64__) || defined(_M_X64))
+	    typedef word64 wolfssl_word;
+	#else
+	    typedef word32 wolfssl_word;
+	    #ifdef WORD64_AVAILABLE
+	        #define WOLFCRYPT_SLOW_WORD64
+	    #endif
+	#endif
+
+
+	enum {
+	    WOLFSSL_WORD_SIZE  = sizeof(wolfssl_word),
+	    WOLFSSL_BIT_SIZE   = 8,
+	    WOLFSSL_WORD_BITS  = WOLFSSL_WORD_SIZE * WOLFSSL_BIT_SIZE
+	};
+
+	#define WOLFSSL_MAX_16BIT 0xffffU
+
+	/* use inlining if compiler allows */
+	#ifndef INLINE
+	#ifndef NO_INLINE
+	    #ifdef _MSC_VER
+	        #define INLINE __inline
+	    #elif defined(__GNUC__)
+	        #define INLINE inline
+	    #elif defined(__IAR_SYSTEMS_ICC__)
+	        #define INLINE inline
+	    #elif defined(THREADX)
+	        #define INLINE _Inline
+	    #else
+	        #define INLINE
+	    #endif
+	#else
+	    #define INLINE
+	#endif
+	#endif
+
+
+	/* set up rotate style */
+	#if defined(_MSC_VER) || defined(__BCPLUSPLUS__)
+	    #define INTEL_INTRINSICS
+	    #define FAST_ROTATE
+	#elif defined(__MWERKS__) && TARGET_CPU_PPC
+	    #define PPC_INTRINSICS
+	    #define FAST_ROTATE
+	#elif defined(__GNUC__) && defined(__i386__)
+	        /* GCC does peephole optimizations which should result in using rotate
+	           instructions  */
+	    #define FAST_ROTATE
+	#endif
+
+
+	/* set up thread local storage if available */
+	#ifdef HAVE_THREAD_LS
+	    #if defined(_MSC_VER)
+	        #define THREAD_LS_T __declspec(thread)
+	    #else
+	        #define THREAD_LS_T __thread
+	    #endif
+	#else
+	    #define THREAD_LS_T
+	#endif
+
+
+	/* Micrium will use Visual Studio for compilation but not the Win32 API */
+	#if defined(_WIN32) && !defined(MICRIUM) && !defined(FREERTOS) \
+	        && !defined(EBSNET)
+	    #define USE_WINDOWS_API
+	#endif
+
+
+	/* idea to add global alloc override by Moisés Guimarães  */
+	/* default to libc stuff */
+	/* XREALLOC is used once in normal math lib, not in fast math lib */
+	/* XFREE on some embeded systems doesn't like free(0) so test  */
+	#if defined(XMALLOC_USER)
+	    /* prototypes for user heap override functions */
+	    #include   /* for size_t */
+	    extern void *XMALLOC(size_t n, void* heap, int type);
+	    extern void *XREALLOC(void *p, size_t n, void* heap, int type);
+	    extern void XFREE(void *p, void* heap, int type);
+	#elif defined(NO_WOLFSSL_MEMORY)
+	    /* just use plain C stdlib stuff if desired */
+	    #include 
+	    #define XMALLOC(s, h, t)     ((void)h, (void)t, malloc((s)))
+	    #define XFREE(p, h, t)       {void* xp = (p); if((xp)) free((xp));}
+	    #define XREALLOC(p, n, h, t) realloc((p), (n))
+	#elif !defined(MICRIUM_MALLOC) && !defined(EBSNET) \
+	        && !defined(WOLFSSL_SAFERTOS) && !defined(FREESCALE_MQX) \
+	        && !defined(WOLFSSL_LEANPSK)
+	    /* default C runtime, can install different routines at runtime via cbs */
+	    #include 
+	    #define XMALLOC(s, h, t)     ((void)h, (void)t, wolfSSL_Malloc((s)))
+	    #define XFREE(p, h, t)       {void* xp = (p); if((xp)) wolfSSL_Free((xp));}
+	    #define XREALLOC(p, n, h, t) wolfSSL_Realloc((p), (n))
+	#endif
+
+	#ifndef STRING_USER
+	    #include 
+	    char* mystrnstr(const char* s1, const char* s2, unsigned int n);
+
+	    #define XMEMCPY(d,s,l)    memcpy((d),(s),(l))
+	    #define XMEMSET(b,c,l)    memset((b),(c),(l))
+	    #define XMEMCMP(s1,s2,n)  memcmp((s1),(s2),(n))
+	    #define XMEMMOVE(d,s,l)   memmove((d),(s),(l))
+
+	    #define XSTRLEN(s1)       strlen((s1))
+	    #define XSTRNCPY(s1,s2,n) strncpy((s1),(s2),(n))
+	    /* strstr, strncmp, and strncat only used by wolfSSL proper, not required for
+	       CTaoCrypt only */
+	    #define XSTRSTR(s1,s2)    strstr((s1),(s2))
+	    #define XSTRNSTR(s1,s2,n) mystrnstr((s1),(s2),(n))
+	    #define XSTRNCMP(s1,s2,n) strncmp((s1),(s2),(n))
+	    #define XSTRNCAT(s1,s2,n) strncat((s1),(s2),(n))
+	    #ifndef USE_WINDOWS_API
+	        #define XSTRNCASECMP(s1,s2,n) strncasecmp((s1),(s2),(n))
+	        #define XSNPRINTF snprintf
+	    #else
+	        #define XSTRNCASECMP(s1,s2,n) _strnicmp((s1),(s2),(n))
+	        #define XSNPRINTF _snprintf
+	    #endif
+	#endif
+
+	#ifndef CTYPE_USER
+	    #include 
+	    #if defined(HAVE_ECC) || defined(HAVE_OCSP)
+	        #define XTOUPPER(c)     toupper((c))
+	        #define XISALPHA(c)     isalpha((c))
+	    #endif
+	    /* needed by wolfSSL_check_domain_name() */
+	    #define XTOLOWER(c)      tolower((c))
+	#endif
+
+
+	/* memory allocation types for user hints */
+	enum {
+	    DYNAMIC_TYPE_CA           = 1,
+	    DYNAMIC_TYPE_CERT         = 2,
+	    DYNAMIC_TYPE_KEY          = 3,
+	    DYNAMIC_TYPE_FILE         = 4,
+	    DYNAMIC_TYPE_SUBJECT_CN   = 5,
+	    DYNAMIC_TYPE_PUBLIC_KEY   = 6,
+	    DYNAMIC_TYPE_SIGNER       = 7,
+	    DYNAMIC_TYPE_NONE         = 8,
+	    DYNAMIC_TYPE_BIGINT       = 9,
+	    DYNAMIC_TYPE_RSA          = 10,
+	    DYNAMIC_TYPE_METHOD       = 11,
+	    DYNAMIC_TYPE_OUT_BUFFER   = 12,
+	    DYNAMIC_TYPE_IN_BUFFER    = 13,
+	    DYNAMIC_TYPE_INFO         = 14,
+	    DYNAMIC_TYPE_DH           = 15,
+	    DYNAMIC_TYPE_DOMAIN       = 16,
+	    DYNAMIC_TYPE_SSL          = 17,
+	    DYNAMIC_TYPE_CTX          = 18,
+	    DYNAMIC_TYPE_WRITEV       = 19,
+	    DYNAMIC_TYPE_OPENSSL      = 20,
+	    DYNAMIC_TYPE_DSA          = 21,
+	    DYNAMIC_TYPE_CRL          = 22,
+	    DYNAMIC_TYPE_REVOKED      = 23,
+	    DYNAMIC_TYPE_CRL_ENTRY    = 24,
+	    DYNAMIC_TYPE_CERT_MANAGER = 25,
+	    DYNAMIC_TYPE_CRL_MONITOR  = 26,
+	    DYNAMIC_TYPE_OCSP_STATUS  = 27,
+	    DYNAMIC_TYPE_OCSP_ENTRY   = 28,
+	    DYNAMIC_TYPE_ALTNAME      = 29,
+	    DYNAMIC_TYPE_SUITES       = 30,
+	    DYNAMIC_TYPE_CIPHER       = 31,
+	    DYNAMIC_TYPE_RNG          = 32,
+	    DYNAMIC_TYPE_ARRAYS       = 33,
+	    DYNAMIC_TYPE_DTLS_POOL    = 34,
+	    DYNAMIC_TYPE_SOCKADDR     = 35,
+	    DYNAMIC_TYPE_LIBZ         = 36,
+	    DYNAMIC_TYPE_ECC          = 37,
+	    DYNAMIC_TYPE_TMP_BUFFER   = 38,
+	    DYNAMIC_TYPE_DTLS_MSG     = 39,
+	    DYNAMIC_TYPE_CAVIUM_TMP   = 40,
+	    DYNAMIC_TYPE_CAVIUM_RSA   = 41,
+	    DYNAMIC_TYPE_X509         = 42,
+	    DYNAMIC_TYPE_TLSX         = 43,
+	    DYNAMIC_TYPE_OCSP         = 44,
+	    DYNAMIC_TYPE_SIGNATURE    = 45
+	};
+
+	/* max error buffer string size */
+	enum {
+	    WOLFSSL_MAX_ERROR_SZ = 80
+	};
+
+	/* stack protection */
+	enum {
+	    MIN_STACK_BUFFER = 8
+	};
+
+
+
+	/* settings detection for compile vs runtime math incombatibilities */
+	enum {
+	#if !defined(USE_FAST_MATH) && !defined(SIZEOF_LONG) && !defined(SIZEOF_LONG_LONG)
+	    CTC_SETTINGS = 0x0
+	#elif !defined(USE_FAST_MATH) && defined(SIZEOF_LONG) && (SIZEOF_LONG == 8)
+	    CTC_SETTINGS = 0x1
+	#elif !defined(USE_FAST_MATH) && defined(SIZEOF_LONG_LONG) && (SIZEOF_LONG_LONG == 8)
+	    CTC_SETTINGS = 0x2
+	#elif !defined(USE_FAST_MATH) && defined(SIZEOF_LONG_LONG) && (SIZEOF_LONG_LONG == 4)
+	    CTC_SETTINGS = 0x4
+	#elif defined(USE_FAST_MATH) && !defined(SIZEOF_LONG) && !defined(SIZEOF_LONG_LONG)
+	    CTC_SETTINGS = 0x8
+	#elif defined(USE_FAST_MATH) && defined(SIZEOF_LONG) && (SIZEOF_LONG == 8)
+	    CTC_SETTINGS = 0x10
+	#elif defined(USE_FAST_MATH) && defined(SIZEOF_LONG_LONG) && (SIZEOF_LONG_LONG == 8)
+	    CTC_SETTINGS = 0x20
+	#elif defined(USE_FAST_MATH) && defined(SIZEOF_LONG_LONG) && (SIZEOF_LONG_LONG == 4)
+	    CTC_SETTINGS = 0x40
+	#else
+	    #error "bad math long / long long settings"
+	#endif
+	};
+
+
+	WOLFSSL_API word32 CheckRunTimeSettings(void);
+
+	/* If user uses RSA, DH, DSA, or ECC math lib directly then fast math and long
+	   types need to match at compile time and run time, CheckCtcSettings will
+	   return 1 if a match otherwise 0 */
+	#define CheckCtcSettings() (CTC_SETTINGS == CheckRunTimeSettings())
+
+
+	#ifdef __cplusplus
+	    }   /* extern "C" */
+	#endif
+
+#endif /* WOLF_CRYPT_TYPES_H */
diff --git a/3P/wolfssl/wolfssl/wolfcrypt/visibility.h b/3P/wolfssl/wolfssl/wolfcrypt/visibility.h
new file mode 100644
index 00000000..05fd4754
--- /dev/null
+++ b/3P/wolfssl/wolfssl/wolfcrypt/visibility.h
@@ -0,0 +1,75 @@
+/* visibility.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+/* Visibility control macros */
+
+#ifndef WOLF_CRYPT_VISIBILITY_H
+#define WOLF_CRYPT_VISIBILITY_H
+
+
+/* for compatibility and so that fips is using same name of macro @wc_fips */
+#ifdef HAVE_FIPS
+    #include 
+    #define WOLFSSL_API   CYASSL_API
+	#define WOLFSSL_LOCAL CYASSL_LOCAL
+#else
+
+/* WOLFSSL_API is used for the public API symbols.
+        It either imports or exports (or does nothing for static builds)
+
+   WOLFSSL_LOCAL is used for non-API symbols (private).
+*/
+
+#if defined(BUILDING_WOLFSSL)
+    #if defined(HAVE_VISIBILITY) && HAVE_VISIBILITY
+        #define WOLFSSL_API   __attribute__ ((visibility("default")))
+        #define WOLFSSL_LOCAL __attribute__ ((visibility("hidden")))
+    #elif defined(__SUNPRO_C) && (__SUNPRO_C >= 0x550)
+        #define WOLFSSL_API   __global
+        #define WOLFSSL_LOCAL __hidden
+    #elif defined(_MSC_VER)
+        #ifdef WOLFSSL_DLL
+            #define WOLFSSL_API extern __declspec(dllexport)
+        #else
+            #define WOLFSSL_API
+        #endif
+        #define WOLFSSL_LOCAL
+    #else
+        #define WOLFSSL_API
+        #define WOLFSSL_LOCAL
+    #endif /* HAVE_VISIBILITY */
+#else /* BUILDING_WOLFSSL */
+    #if defined(_MSC_VER)
+        #ifdef WOLFSSL_DLL
+            #define WOLFSSL_API extern __declspec(dllimport)
+        #else
+            #define WOLFSSL_API
+        #endif
+        #define WOLFSSL_LOCAL
+    #else
+        #define WOLFSSL_API
+        #define WOLFSSL_LOCAL
+    #endif
+#endif /* BUILDING_WOLFSSL */
+
+#endif /* HAVE_FIPS */
+#endif /* WOLF_CRYPT_VISIBILITY_H */
+
diff --git a/3P/wolfssl/wolfssl/wolfcrypt/wc_port.h b/3P/wolfssl/wolfssl/wolfcrypt/wc_port.h
new file mode 100644
index 00000000..f5ad0254
--- /dev/null
+++ b/3P/wolfssl/wolfssl/wolfcrypt/wc_port.h
@@ -0,0 +1,201 @@
+/* wc_port.h
+ *
+ * Copyright (C) 2006-2015 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#ifndef WOLF_CRYPT_PORT_H
+#define WOLF_CRYPT_PORT_H
+
+#include 
+
+#ifdef __cplusplus
+    extern "C" {
+#endif
+
+
+#ifdef USE_WINDOWS_API
+    #ifdef WOLFSSL_GAME_BUILD
+        #include "system/xtl.h"
+    #else
+        #ifndef WIN32_LEAN_AND_MEAN
+            #define WIN32_LEAN_AND_MEAN
+        #endif
+        #if defined(_WIN32_WCE) || defined(WIN32_LEAN_AND_MEAN)
+            /* On WinCE winsock2.h must be included before windows.h */
+            #include 
+        #endif
+        #include 
+    #endif
+#elif defined(THREADX)
+    #ifndef SINGLE_THREADED
+        #include "tx_api.h"
+    #endif
+#elif defined(MICRIUM)
+    /* do nothing, just don't pick Unix */
+#elif defined(FREERTOS) || defined(WOLFSSL_SAFERTOS)
+    /* do nothing */
+#elif defined(EBSNET)
+    /* do nothing */
+#elif defined(FREESCALE_MQX)
+    /* do nothing */
+#elif defined(WOLFSSL_MDK_ARM)
+    #if defined(WOLFSSL_MDK5)
+         #include "cmsis_os.h"
+    #else
+        #include 
+    #endif
+#elif defined(WOLFSSL_CMSIS_RTOS)
+    #include "cmsis_os.h"
+#elif defined(WOLFSSL_TIRTOS)
+    #include 
+    #include 
+#else
+    #ifndef SINGLE_THREADED
+        #define WOLFSSL_PTHREADS
+        #include 
+    #endif
+    #if defined(OPENSSL_EXTRA) || defined(GOAHEAD_WS)
+        #include       /* for close of BIO */
+    #endif
+#endif
+
+
+#ifdef SINGLE_THREADED
+    typedef int wolfSSL_Mutex;
+#else /* MULTI_THREADED */
+    /* FREERTOS comes first to enable use of FreeRTOS Windows simulator only */
+    #ifdef FREERTOS
+        typedef xSemaphoreHandle wolfSSL_Mutex;
+    #elif defined(WOLFSSL_SAFERTOS)
+        typedef struct wolfSSL_Mutex {
+            signed char mutexBuffer[portQUEUE_OVERHEAD_BYTES];
+            xSemaphoreHandle mutex;
+        } wolfSSL_Mutex;
+    #elif defined(USE_WINDOWS_API)
+        typedef CRITICAL_SECTION wolfSSL_Mutex;
+    #elif defined(WOLFSSL_PTHREADS)
+        typedef pthread_mutex_t wolfSSL_Mutex;
+    #elif defined(THREADX)
+        typedef TX_MUTEX wolfSSL_Mutex;
+    #elif defined(MICRIUM)
+        typedef OS_MUTEX wolfSSL_Mutex;
+    #elif defined(EBSNET)
+        typedef RTP_MUTEX wolfSSL_Mutex;
+    #elif defined(FREESCALE_MQX)
+        typedef MUTEX_STRUCT wolfSSL_Mutex;
+    #elif defined(WOLFSSL_MDK_ARM)
+        #if defined(WOLFSSL_CMSIS_RTOS)
+            typedef osMutexId wolfSSL_Mutex;
+        #else
+            typedef OS_MUT wolfSSL_Mutex;
+        #endif
+    #elif defined(WOLFSSL_CMSIS_RTOS)
+        typedef osMutexId wolfSSL_Mutex;
+    #elif defined(WOLFSSL_TIRTOS)
+        typedef ti_sysbios_knl_Semaphore_Handle wolfSSL_Mutex;
+    #else
+        #error Need a mutex type in multithreaded mode
+    #endif /* USE_WINDOWS_API */
+#endif /* SINGLE_THREADED */
+
+WOLFSSL_LOCAL int InitMutex(wolfSSL_Mutex*);
+WOLFSSL_LOCAL int FreeMutex(wolfSSL_Mutex*);
+WOLFSSL_LOCAL int LockMutex(wolfSSL_Mutex*);
+WOLFSSL_LOCAL int UnLockMutex(wolfSSL_Mutex*);
+
+
+/* filesystem abstraction layer, used by ssl.c */
+#ifndef NO_FILESYSTEM
+
+#if defined(EBSNET)
+    #define XFILE                    int
+    #define XFOPEN(NAME, MODE)       vf_open((const char *)NAME, VO_RDONLY, 0);
+    #define XFSEEK                   vf_lseek
+    #define XFTELL                   vf_tell
+    #define XREWIND                  vf_rewind
+    #define XFREAD(BUF, SZ, AMT, FD) vf_read(FD, BUF, SZ*AMT)
+    #define XFWRITE(BUF, SZ, AMT, FD) vf_write(FD, BUF, SZ*AMT)
+    #define XFCLOSE                  vf_close
+    #define XSEEK_END                VSEEK_END
+    #define XBADFILE                 -1
+#elif defined(LSR_FS)
+    #include 
+    #define XFILE                   struct fs_file*
+    #define XFOPEN(NAME, MODE)      fs_open((char*)NAME);
+    #define XFSEEK(F, O, W)         (void)F
+    #define XFTELL(F)               (F)->len
+    #define XREWIND(F)              (void)F
+    #define XFREAD(BUF, SZ, AMT, F) fs_read(F, (char*)BUF, SZ*AMT)
+    #define XFWRITE(BUF, SZ, AMT, F) fs_write(F, (char*)BUF, SZ*AMT)
+    #define XFCLOSE                 fs_close
+    #define XSEEK_END               0
+    #define XBADFILE                NULL
+#elif defined(FREESCALE_MQX)
+    #define XFILE                   MQX_FILE_PTR
+    #define XFOPEN                  fopen
+    #define XFSEEK                  fseek
+    #define XFTELL                  ftell
+    #define XREWIND(F)              fseek(F, 0, IO_SEEK_SET)
+    #define XFREAD                  fread
+    #define XFWRITE                 fwrite
+    #define XFCLOSE                 fclose
+    #define XSEEK_END               IO_SEEK_END
+    #define XBADFILE                NULL
+#elif defined(MICRIUM)
+    #include 
+    #define XFILE      FS_FILE*
+    #define XFOPEN     fs_fopen
+    #define XFSEEK     fs_fseek
+    #define XFTELL     fs_ftell
+    #define XREWIND    fs_rewind
+    #define XFREAD     fs_fread
+    #define XFWRITE    fs_fwrite
+    #define XFCLOSE    fs_fclose
+    #define XSEEK_END  FS_SEEK_END
+    #define XBADFILE   NULL
+#else
+    /* stdio, default case */
+    #define XFILE      FILE*
+    #if defined(WOLFSSL_MDK_ARM)
+        #include 
+        extern FILE * wolfSSL_fopen(const char *name, const char *mode) ;
+        #define XFOPEN     wolfSSL_fopen
+    #else
+        #define XFOPEN     fopen
+    #endif
+    #define XFSEEK     fseek
+    #define XFTELL     ftell
+    #define XREWIND    rewind
+    #define XFREAD     fread
+    #define XFWRITE    fwrite
+    #define XFCLOSE    fclose
+    #define XSEEK_END  SEEK_END
+    #define XBADFILE   NULL
+#endif
+
+#endif /* NO_FILESYSTEM */
+
+
+#ifdef __cplusplus
+    }  /* extern "C" */
+#endif
+
+#endif /* WOLF_CRYPT_PORT_H */
+
diff --git a/3P/wolfssl/wolfssl64.sln b/3P/wolfssl/wolfssl64.sln
new file mode 100644
index 00000000..223ad75d
--- /dev/null
+++ b/3P/wolfssl/wolfssl64.sln
@@ -0,0 +1,86 @@
+
+Microsoft Visual Studio Solution File, Format Version 12.00
+# Visual Studio Express 2012 for Windows Desktop
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "wolfssl", "wolfssl.vcxproj", "{73973223-5EE8-41CA-8E88-1D60E89A237B}"
+EndProject
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "testsuite", "testsuite\testsuite.vcxproj", "{611E8971-46E0-4D0A-B5A1-632C3B00CB80}"
+EndProject
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "sslSniffer", "sslSniffer\sslSniffer.vcxproj", "{34FAE5A6-2B0F-4B55-86FE-0C43E4810F4D}"
+EndProject
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "echoserver", "examples\echoserver\echoserver.vcxproj", "{07D97C48-E08F-4E34-9F67-3064039FF2CB}"
+EndProject
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "echoclient", "examples\echoclient\echoclient.vcxproj", "{8362A816-C5DC-4E22-B5C5-9E6806387073}"
+EndProject
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "client", "examples\client\client.vcxproj", "{3ADE9549-582D-4D8E-9826-B172197A7959}"
+EndProject
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "server", "examples\server\server.vcxproj", "{E9FB0BA5-BA46-4A59-A953-39C18CD1DCB1}"
+EndProject
+Global
+	GlobalSection(SolutionConfigurationPlatforms) = preSolution
+		Debug|Win32 = Debug|Win32
+		Debug|x64 = Debug|x64
+		Release|Win32 = Release|Win32
+		Release|x64 = Release|x64
+	EndGlobalSection
+	GlobalSection(ProjectConfigurationPlatforms) = postSolution
+		{73973223-5EE8-41CA-8E88-1D60E89A237B}.Debug|Win32.ActiveCfg = Debug|Win32
+		{73973223-5EE8-41CA-8E88-1D60E89A237B}.Debug|Win32.Build.0 = Debug|Win32
+		{73973223-5EE8-41CA-8E88-1D60E89A237B}.Debug|x64.ActiveCfg = Debug|x64
+		{73973223-5EE8-41CA-8E88-1D60E89A237B}.Debug|x64.Build.0 = Debug|x64
+		{73973223-5EE8-41CA-8E88-1D60E89A237B}.Release|Win32.ActiveCfg = Release|Win32
+		{73973223-5EE8-41CA-8E88-1D60E89A237B}.Release|Win32.Build.0 = Release|Win32
+		{73973223-5EE8-41CA-8E88-1D60E89A237B}.Release|x64.ActiveCfg = Release|x64
+		{73973223-5EE8-41CA-8E88-1D60E89A237B}.Release|x64.Build.0 = Release|x64
+		{611E8971-46E0-4D0A-B5A1-632C3B00CB80}.Debug|Win32.ActiveCfg = Debug|Win32
+		{611E8971-46E0-4D0A-B5A1-632C3B00CB80}.Debug|Win32.Build.0 = Debug|Win32
+		{611E8971-46E0-4D0A-B5A1-632C3B00CB80}.Debug|x64.ActiveCfg = Debug|x64
+		{611E8971-46E0-4D0A-B5A1-632C3B00CB80}.Debug|x64.Build.0 = Debug|x64
+		{611E8971-46E0-4D0A-B5A1-632C3B00CB80}.Release|Win32.ActiveCfg = Release|Win32
+		{611E8971-46E0-4D0A-B5A1-632C3B00CB80}.Release|Win32.Build.0 = Release|Win32
+		{611E8971-46E0-4D0A-B5A1-632C3B00CB80}.Release|x64.ActiveCfg = Release|x64
+		{611E8971-46E0-4D0A-B5A1-632C3B00CB80}.Release|x64.Build.0 = Release|x64
+		{34FAE5A6-2B0F-4B55-86FE-0C43E4810F4D}.Debug|Win32.ActiveCfg = Debug|Win32
+		{34FAE5A6-2B0F-4B55-86FE-0C43E4810F4D}.Debug|Win32.Build.0 = Debug|Win32
+		{34FAE5A6-2B0F-4B55-86FE-0C43E4810F4D}.Debug|x64.ActiveCfg = Debug|x64
+		{34FAE5A6-2B0F-4B55-86FE-0C43E4810F4D}.Debug|x64.Build.0 = Debug|x64
+		{34FAE5A6-2B0F-4B55-86FE-0C43E4810F4D}.Release|Win32.ActiveCfg = Release|Win32
+		{34FAE5A6-2B0F-4B55-86FE-0C43E4810F4D}.Release|Win32.Build.0 = Release|Win32
+		{34FAE5A6-2B0F-4B55-86FE-0C43E4810F4D}.Release|x64.ActiveCfg = Release|x64
+		{34FAE5A6-2B0F-4B55-86FE-0C43E4810F4D}.Release|x64.Build.0 = Release|x64
+		{07D97C48-E08F-4E34-9F67-3064039FF2CB}.Debug|Win32.ActiveCfg = Debug|Win32
+		{07D97C48-E08F-4E34-9F67-3064039FF2CB}.Debug|Win32.Build.0 = Debug|Win32
+		{07D97C48-E08F-4E34-9F67-3064039FF2CB}.Debug|x64.ActiveCfg = Debug|x64
+		{07D97C48-E08F-4E34-9F67-3064039FF2CB}.Debug|x64.Build.0 = Debug|x64
+		{07D97C48-E08F-4E34-9F67-3064039FF2CB}.Release|Win32.ActiveCfg = Release|Win32
+		{07D97C48-E08F-4E34-9F67-3064039FF2CB}.Release|Win32.Build.0 = Release|Win32
+		{07D97C48-E08F-4E34-9F67-3064039FF2CB}.Release|x64.ActiveCfg = Release|x64
+		{07D97C48-E08F-4E34-9F67-3064039FF2CB}.Release|x64.Build.0 = Release|x64
+		{8362A816-C5DC-4E22-B5C5-9E6806387073}.Debug|Win32.ActiveCfg = Debug|Win32
+		{8362A816-C5DC-4E22-B5C5-9E6806387073}.Debug|Win32.Build.0 = Debug|Win32
+		{8362A816-C5DC-4E22-B5C5-9E6806387073}.Debug|x64.ActiveCfg = Debug|x64
+		{8362A816-C5DC-4E22-B5C5-9E6806387073}.Debug|x64.Build.0 = Debug|x64
+		{8362A816-C5DC-4E22-B5C5-9E6806387073}.Release|Win32.ActiveCfg = Release|Win32
+		{8362A816-C5DC-4E22-B5C5-9E6806387073}.Release|Win32.Build.0 = Release|Win32
+		{8362A816-C5DC-4E22-B5C5-9E6806387073}.Release|x64.ActiveCfg = Release|x64
+		{8362A816-C5DC-4E22-B5C5-9E6806387073}.Release|x64.Build.0 = Release|x64
+		{3ADE9549-582D-4D8E-9826-B172197A7959}.Debug|Win32.ActiveCfg = Debug|Win32
+		{3ADE9549-582D-4D8E-9826-B172197A7959}.Debug|Win32.Build.0 = Debug|Win32
+		{3ADE9549-582D-4D8E-9826-B172197A7959}.Debug|x64.ActiveCfg = Debug|x64
+		{3ADE9549-582D-4D8E-9826-B172197A7959}.Debug|x64.Build.0 = Debug|x64
+		{3ADE9549-582D-4D8E-9826-B172197A7959}.Release|Win32.ActiveCfg = Release|Win32
+		{3ADE9549-582D-4D8E-9826-B172197A7959}.Release|Win32.Build.0 = Release|Win32
+		{3ADE9549-582D-4D8E-9826-B172197A7959}.Release|x64.ActiveCfg = Release|x64
+		{3ADE9549-582D-4D8E-9826-B172197A7959}.Release|x64.Build.0 = Release|x64
+		{E9FB0BA5-BA46-4A59-A953-39C18CD1DCB1}.Debug|Win32.ActiveCfg = Debug|Win32
+		{E9FB0BA5-BA46-4A59-A953-39C18CD1DCB1}.Debug|Win32.Build.0 = Debug|Win32
+		{E9FB0BA5-BA46-4A59-A953-39C18CD1DCB1}.Debug|x64.ActiveCfg = Debug|x64
+		{E9FB0BA5-BA46-4A59-A953-39C18CD1DCB1}.Debug|x64.Build.0 = Debug|x64
+		{E9FB0BA5-BA46-4A59-A953-39C18CD1DCB1}.Release|Win32.ActiveCfg = Release|Win32
+		{E9FB0BA5-BA46-4A59-A953-39C18CD1DCB1}.Release|Win32.Build.0 = Release|Win32
+		{E9FB0BA5-BA46-4A59-A953-39C18CD1DCB1}.Release|x64.ActiveCfg = Release|x64
+		{E9FB0BA5-BA46-4A59-A953-39C18CD1DCB1}.Release|x64.Build.0 = Release|x64
+	EndGlobalSection
+	GlobalSection(SolutionProperties) = preSolution
+		HideSolutionNode = FALSE
+	EndGlobalSection
+EndGlobal